diff options
211 files changed, 19356 insertions, 3146 deletions
@@ -1,4 +1,208 @@ -Changes in version 0.2.9.5-rc - 2016-1?-?? +Changes in version 0.3.0.1-alpha - 2016-??-?? + + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + +Changes in version 0.2.8.10 - 2016-12-02 + Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients + unusable after they left standby mode. It also backports fixes for + a few portability issues and a small but problematic memory leak. + + o Major bugfixes (client reliability, backport from 0.2.9.5-alpha): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client performance, backport from 0.2.9.5-alpha): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.6-rc): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay, backport from 0.2.9.5-alpha): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + +Changes in version 0.2.9.6-rc - 2016-12-02 + Tor 0.2.9.6-rc fixes a few remaining bugs found in the previous alpha + version. We hope that it will be ready to become stable soon, and we + encourage everyone to test this release. If no showstopper bugs are + found here, the next 0.2.9 release will be stable. + + o Major bugfixes (relay, resolver, logging): + - For relays that don't know their own address, avoid attempting a + local hostname resolve for each descriptor we download. This + will cut down on the number of "Success: chose address 'x.x.x.x'" + log lines, and also avoid confusing clock jumps if the resolver + is slow. Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (client, fascistfirewall): + - Avoid spurious warnings when ReachableAddresses or FascistFirewall + is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. + + o Minor bugfixes (hidden services): + - Stop ignoring the anonymity status of saved keys for hidden + services and single onion services when first starting tor. + Instead, refuse to start tor if any hidden service key has been + used in a different hidden service anonymity mode. Fixes bug + 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. + + o Minor bugfixes (portability): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + - Run correctly when built on Windows build environments that + require _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. + + o Minor bugfixes (single onion services, Tor2web): + - Stop complaining about long-term one-hop circuits deliberately + created by single onion services and Tor2web. These log messages + are intended to diagnose issue 8387, which relates to circuits + hanging around forever for no reason. Fixes bug 20613; bugfix on + 0.2.9.1-alpha. Reported by "pastly". + + o Minor bugfixes (unit tests): + - Stop spurious failures in the local interface address discovery + unit tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by + Neel Chauhan. + + o Documentation: + - Correct the minimum bandwidth value in torrc.sample, and queue a + corresponding change for torrc.minimal. Closes ticket 20085. + + +Changes in version 0.2.9.5-alpha - 2016-11-08 + Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha + version. We believe one or two probably remain, and we encourage + everyone to test this release. + + o Major bugfixes (client performance): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client reliability): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (download scheduling): + - When using an exponential backoff schedule, do not give up on + downloading just because we have failed a bunch of times. Since + each delay is longer than the last, retrying indefinitely won't + hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. + - If a consensus expires while we are waiting for certificates to + download, stop waiting for certificates. + - If we stop waiting for certificates less than a minute after we + started downloading them, do not consider the certificate download + failure a separate failure. Fixes bug 20533; bugfix + on 0.2.0.9-alpha. + - Remove the maximum delay on exponential-backoff scheduling. Since + we now allow an infinite number of failures (see ticket 20536), we + must now allow the time to grow longer on each failure. Fixes part + of bug 20534; bugfix on 0.2.9.1-alpha. + - Make our initial download delays closer to those from 0.2.8. Fixes + another part of bug 20534; bugfix on 0.2.9.1-alpha. + - When determining when to download a directory object, handle times + after 2038 if the operating system supports them. (Someday this + will be important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. + - When using exponential backoff in test networks, use a lower + exponent, so the delays do not vary as much. This helps test + networks bootstrap consistently. Fixes bug 20597; bugfix on 20499. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (client directory scheduling): + - Treat "relay too busy to answer request" as a failed request and a + reason to back off on our retry frequency. This is safe now that + exponential backoffs retry indefinitely, and avoids a bug where we + would reset our download schedule erroneously. Fixes bug 20593; + bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (client, logging): + - Remove a BUG warning in circuit_pick_extend_handshake(). Instead, + assume all nodes support EXTEND2. Use ntor whenever a key is + available. Fixes bug 20472; bugfix on 0.2.9.3-alpha. + - On DNSPort, stop logging a BUG warning on a failed hostname + lookup. Fixes bug 19869; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (hidden services): + - When configuring hidden services, check every hidden service + directory's permissions. Previously, we only checked the last + hidden service. Fixes bug 20529; bugfix the work to fix 13942 + in 0.2.6.2-alpha. + + o Minor bugfixes (portability): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has + removed the ECDH ciphers which caused the tests to fail on + platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay bootstrap): + - Ensure relays don't make multiple connections during bootstrap. + Fixes bug 20591; bugfix on 0.2.8.1-alpha. + + o Minor bugfixes (relay): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + - Avoid a small memory leak when informing worker threads about + rotated onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. + - Do not try to parallelize workers more than 16x without the user + explicitly configuring us to do so, even if we do detect more than + 16 CPU cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (single onion services): + - Start correctly when creating a single onion service in a + directory that did not previously exist. Fixes bug 20484; bugfix + on 0.2.9.3-alpha. + + o Minor bugfixes (testing): + - Avoid a unit test failure on systems with over 16 detectable CPU + cores. Fixes bug 19968; bugfix on 0.2.3.1-alpha. + + o Documentation: + - Clarify that setting HiddenServiceNonAnonymousMode requires you to + also set "SOCKSPort 0". Fixes bug 20487; bugfix on 0.2.9.3-alpha. + - Module-level documentation for several more modules. Closes + tickets 19287 and 19290. Changes in version 0.2.8.9 - 2016-10-17 @@ -216,8 +420,9 @@ Changes in version 0.2.9.3-alpha - 2016-09-23 OpenSSL 0.9.7 or later since 2009. Closes ticket 19998. o Minor feature (fallback directories): - - Remove broken entries from the hard-coded fallback directory list. - Closes ticket 20190; patch by teor. + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. o Minor features (geoip, also in 0.2.8.8): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 @@ -395,8 +600,9 @@ Changes in version 0.2.8.8 - 2016-09-23 this one. o Minor feature (fallback directories): - - Remove broken fallbacks from the hard-coded fallback directory - list. Closes ticket 20190; patch by teor. + - Remove 8 fallbacks that are no longer suitable, leaving 81 of the + 100 fallbacks originally introduced in Tor 0.2.8.2-alpha in March + 2016. Closes ticket 20190; patch by teor. o Minor features (geoip): - Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 @@ -850,8 +1056,9 @@ Changes in version 0.2.8.6 - 2016-08-02 is signed. Fixes bug 19682; bugfix on 0.2.8.1-alpha. o Minor bugfixes (fallback directories): - - Remove a fallback that was on the hardcoded list, then opted-out. - Fixes bug 19782; update to fallback list from 0.2.8.2-alpha. + - Remove 1 fallback that was on the hardcoded list, then opted-out, + leaving 89 of the 100 fallbacks originally introduced in Tor + 0.2.8.2-alpha in March 2016. Closes ticket 19782; patch by teor. o Minor bugfixes (Linux seccomp2 sandbox): - Allow more syscalls when running with "Sandbox 1" enabled: @@ -923,8 +1130,9 @@ Changes in version 0.2.8.5-rc - 2016-07-07 - Update fallback whitelist and blacklist based on relay operator emails. Blacklist unsuitable (non-working, over-volatile) fallbacks. Resolves ticket 19071. Patch by teor. - - Update hard-coded fallback list to remove unsuitable fallbacks. - Resolves ticket 19071. Patch by teor. + - Remove 10 unsuitable fallbacks, leaving 90 of the 100 fallbacks + originally introduced in Tor 0.2.8.2-alpha in March 2016. Closes + ticket 19071; patch by teor. Changes in version 0.2.8.4-rc - 2016-06-15 @@ -1034,10 +1242,12 @@ Changes in version 0.2.8.3-alpha - 2016-05-26 - Give each fallback the same weight for client selection; restrict fallbacks to one per operator; report fallback directory detail changes when rebuilding list; add new fallback directory mirrors - to the whitelist; update fallback directories based on the latest - OnionOO data; and any other minor simplifications and fixes. - Closes tasks 17158, 17905, 18749, bug 18689, and fixes part of bug - 18812 on 0.2.8.1-alpha; patch by "teor". + to the whitelist; and many other minor simplifications and fixes. + Closes tasks 17905, 18749, bug 18689, and fixes part of bug 18812 on + 0.2.8.1-alpha; patch by "teor". + - Replace the 21 fallbacks generated in January 2016 and included in + Tor 0.2.8.1-alpha, with a list of 100 fallbacks generated in March + 2016. Closes task 17158; patch by "teor". o Minor features (geoip): - Update geoip and geoip6 to the May 4 2016 Maxmind GeoLite2 @@ -1481,10 +1691,11 @@ Changes in version 0.2.8.1-alpha - 2016-02-04 should reduces failures due to fallback churn. Implements ticket 4483. Patch by "teor". Implements IPv4 portions of proposal 210 by "mikeperry" and "teor". - - Include a trial list of default fallback directories, based on an - opt-in survey of suitable relays. Doing this should make clients - bootstrap more quickly and reliably, and reduce the load on the - directory authorities. Closes ticket 15775. Patch by "teor". + - Include a trial list of 21 default fallback directories, generated + in January 2016, based on an opt-in survey of suitable relays. + Doing this should make clients bootstrap more quickly and reliably, + and reduce the load on the directory authorities. Closes ticket + 15775. Patch by "teor". Candidates identified using an OnionOO script by "weasel", "teor", "gsathya", and "karsten". - Previously only relays that explicitly opened a directory port diff --git a/Doxyfile.in b/Doxyfile.in index a39348f2cb..4cf9c30ded 100644 --- a/Doxyfile.in +++ b/Doxyfile.in @@ -446,12 +446,6 @@ MAX_INITIALIZER_LINES = 30 SHOW_USED_FILES = YES -# If the sources in your project are distributed over multiple directories -# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy -# in the documentation. The default is NO. - -SHOW_DIRECTORIES = NO - # Set the SHOW_FILES tag to NO to disable the generation of the Files page. # This will remove the Files entry from the Quick Index and from the # Folder Tree View (if specified). The default is YES. @@ -760,12 +754,6 @@ HTML_FOOTER = HTML_STYLESHEET = -# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, -# files or namespaces will be aligned in HTML using tables. If set to -# NO a bullet list will be used. - -HTML_ALIGN_MEMBERS = YES - # If the GENERATE_HTMLHELP tag is set to YES, additional index files # will be generated that can be used as input for tools like the # Microsoft HTML help workshop to generate a compiled HTML help file (.chm) @@ -1047,18 +1035,6 @@ GENERATE_XML = NO XML_OUTPUT = xml -# The XML_SCHEMA tag can be used to specify an XML schema, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_SCHEMA = - -# The XML_DTD tag can be used to specify an XML DTD, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -XML_DTD = - # If the XML_PROGRAMLISTING tag is set to YES Doxygen will # dump the program listings (including syntax highlighting # and cross-referencing information) to the XML output. Note that @@ -1264,7 +1240,7 @@ HAVE_DOT = NO # DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory # containing the font. -DOT_FONTNAME = FreeSans +DOT_FONTNAME = # By default doxygen will tell dot to use the output directory to look for the # FreeSans.ttf font (which doxygen will put there itself). If you specify a diff --git a/ReleaseNotes b/ReleaseNotes index af61a4d739..97db5af763 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,61 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. + +Changes in version 0.2.8.11 - 2016-12-08 + Tor 0.2.8.11 backports fixes for additional portability issues that + could prevent Tor from building correctly on OSX Sierra, or with + OpenSSL 1.1. Affected users should upgrade; others can safely stay + with 0.2.8.10. + + o Minor bugfixes (portability): + - Avoid compilation errors when building on OSX Sierra. Sierra began + to support the getentropy() and clock_gettime() APIs, but created + a few problems in doing so. Tor 0.2.9 has a more thorough set of + workarounds; in 0.2.8, we are just using the /dev/urandom and mach + monotonic time interfaces. Fixes bug 20865. Bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix compilation with OpenSSL 1.1 and less commonly-used CPU + architectures. Closes ticket 20588. + + +Changes in version 0.2.8.10 - 2016-12-02 + Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients + unusable after they left standby mode. It also backports fixes for + a few portability issues and a small but problematic memory leak. + + o Major bugfixes (client reliability, backport from 0.2.9.5-alpha): + - When Tor leaves standby because of a new application request, open + circuits as needed to serve that request. Previously, we would + potentially wait a very long time. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Major bugfixes (client performance, backport from 0.2.9.5-alpha): + - Clients now respond to new application stream requests immediately + when they arrive, rather than waiting up to one second before + starting to handle them. Fixes part of bug 19969; bugfix + on 0.2.8.1-alpha. + + o Minor bugfixes (portability, backport from 0.2.9.6-rc): + - Work around a bug in the OSX 10.12 SDK that would prevent us from + successfully targeting earlier versions of OSX. Resolves + ticket 20235. + + o Minor bugfixes (portability, backport from 0.2.9.5-alpha): + - Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug + 20551; bugfix on 0.2.1.1-alpha. + + o Minor bugfixes (relay, backport from 0.2.9.5-alpha): + - Work around a memory leak in OpenSSL 1.1 when encoding public + keys. Fixes bug 20553; bugfix on 0.0.2pre8. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 + Country database. + + Changes in version 0.2.8.9 - 2016-10-17 Tor 0.2.8.9 backports a fix for a security hole in previous versions of Tor that would allow a remote attacker to crash a Tor client, diff --git a/changes/14881 b/changes/14881 new file mode 100644 index 0000000000..e95929623b --- /dev/null +++ b/changes/14881 @@ -0,0 +1,8 @@ + o Minor bugfixes (consensus weight): + - Add new consensus method that initializes bw weights to 1 instead of 0. This + prevents a zero weight from making it all the way to the end (happens in + small testing networks) and causing an error. Fixes bug 14881; bugfix + on 0.2.2.17-alpha. + + o Minor features (unit tests): + - Add tests for networkstatus_compute_bw_weights_v10. diff --git a/changes/17070 b/changes/17070 new file mode 100644 index 0000000000..ffe616f38d --- /dev/null +++ b/changes/17070 @@ -0,0 +1,4 @@ + o Documentation (SOCKS connections): + - Clarify that when `ClientRejectInternalAddresses` is enabled (which is the + default), multicast DNS hostnames for machines on the local network (of + the form *.local) are also rejected. Closes ticket 17070. diff --git a/changes/20273 b/changes/20273 new file mode 100644 index 0000000000..714beda29c --- /dev/null +++ b/changes/20273 @@ -0,0 +1,4 @@ + o Documentation (comments): + - Change '1' to 'weight_scale' in consensus bw weights calculation + comments, as that is reality. Closes ticket 20273. Patch from pastly. + diff --git a/changes/20460 b/changes/20460 deleted file mode 100644 index 9fbb4a7986..0000000000 --- a/changes/20460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has - removed the ECDH ciphers which caused the tests to fail on - platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. diff --git a/changes/20526 b/changes/20526 new file mode 100644 index 0000000000..bd07d09bfc --- /dev/null +++ b/changes/20526 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Introduce rend_service_is_ephemeral() that tells if given onion + service is ephemeral. Replace unclear NULL-checkings for service + directory with this function. + Closes ticket 20526. diff --git a/changes/20853 b/changes/20853 new file mode 100644 index 0000000000..84d95c41e0 --- /dev/null +++ b/changes/20853 @@ -0,0 +1,4 @@ + o Minor bugfix (hidden services): + - Change ephemeral service checks in `rendservice.c` to use the new + `rend_service_is_ephemeral` helper function. Fixes bug 20853; bugfix on + bug 20526; not in any released version of Tor. diff --git a/changes/bug13827 b/changes/bug13827 new file mode 100644 index 0000000000..2235a3fbd7 --- /dev/null +++ b/changes/bug13827 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Remove duplicate code in the channel_write_*cell() functions. + Closes ticket 13827; patch from Pingl. diff --git a/changes/bug17779 b/changes/bug17779 new file mode 100644 index 0000000000..a81c334690 --- /dev/null +++ b/changes/bug17779 @@ -0,0 +1,6 @@ + o Minor bugfixes (leak at exit): + - Fix a small harmless memory leak at exit of the previously unused + RSA->Ed identity cross-certificate. Fixes bug 17779; bugfix on + 0.2.7.2-alpha. + + diff --git a/changes/bug19563 b/changes/bug19563 new file mode 100644 index 0000000000..dbf3859135 --- /dev/null +++ b/changes/bug19563 @@ -0,0 +1,3 @@ + o Testing: + - New unit tests for tor_htonll(). Closes ticket 19563. Patch from + "overcaffeinated". diff --git a/changes/bug19869 b/changes/bug19869 deleted file mode 100644 index 430048f161..0000000000 --- a/changes/bug19869 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (DNSPort): - - On DNSPort, stop logging a BUG warning on a failed hostname lookup. - Fixes bug 19869; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug19926_029_info b/changes/bug19926_029_info deleted file mode 100644 index 93fd81b6cb..0000000000 --- a/changes/bug19926_029_info +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Downgrade a harmless log message about the pending_entry_connections - list from "warn" to "info". Mitigates bug 19926. diff --git a/changes/bug19968 b/changes/bug19968 deleted file mode 100644 index b285706e70..0000000000 --- a/changes/bug19968 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (relay): - - Do not try to parallelize workers more than 16x without the - user explicitly configuring us to do so, even if we do detect more than - 16 CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. - - - o Minor bugfixes (testing): - - Avoid a unit test failure on systems with over 16 detectable - CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. diff --git a/changes/bug19969 b/changes/bug19969 deleted file mode 100644 index c760c6de03..0000000000 --- a/changes/bug19969 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (client performance): - - Clients now respond to new application stream requests when - they arrive, rather than waiting up to one second before starting - to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. - - o Major bugfixes (clients on flaky network connections): - - When Tor leaves standby because of a new application request, open - circuits as needed to serve that request. Previously, we would - potentially wait a very long time. Fixes part of bug 19969; bugfix - on 0.2.8.1-alpha. diff --git a/changes/bug20027 b/changes/bug20027 new file mode 100644 index 0000000000..79d154064a --- /dev/null +++ b/changes/bug20027 @@ -0,0 +1,3 @@ + o Minor bugfixes (ed25519 certificates): + - Correctly interpret ed25519 certificates that would expire some + time after 19 Jan 2038. Fixes bug 20027; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug20048 b/changes/bug20048 new file mode 100644 index 0000000000..5cc9f45545 --- /dev/null +++ b/changes/bug20048 @@ -0,0 +1,4 @@ + o Minor features (infrastructure): + - Implement smartlist_add_strdup() function. Replaces the use of + smartlist_add(sl, tor_strdup(str)). Closes ticket 20048. + diff --git a/changes/bug20085 b/changes/bug20085 deleted file mode 100644 index fd10e7eeeb..0000000000 --- a/changes/bug20085 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Correct the minimum bandwidth value in torrc.sample, and queue a - corresponding change for torrc.minimal. Closes ticket 20085. - diff --git a/changes/bug20235 b/changes/bug20235 deleted file mode 100644 index 54026a8943..0000000000 --- a/changes/bug20235 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compatibility): - - Work around a bug in the OSX 10.12 SDK that would prevent us - from successfully targetting earlier versions of OSX. - Resolves ticket 20235. diff --git a/changes/bug20269 b/changes/bug20269 new file mode 100644 index 0000000000..814eb8ff0b --- /dev/null +++ b/changes/bug20269 @@ -0,0 +1,4 @@ + o Minor bugfixes (client): + - When clients that use bridges start up with a cached consensus + on disk, they were ignoring it and downloading a new one. Now they + use the cached one. Fixes bug 20269; bugfix on 0.2.3.12-alpha. diff --git a/changes/bug20306_029 b/changes/bug20306_029 deleted file mode 100644 index ada2676b2b..0000000000 --- a/changes/bug20306_029 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fascistfirewall): - - Avoid spurious warnings when ReachableAddresses or FascistFirewall - is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. - diff --git a/changes/bug20389 b/changes/bug20389 new file mode 100644 index 0000000000..8f1b9f5e03 --- /dev/null +++ b/changes/bug20389 @@ -0,0 +1,4 @@ + o Minor features (controller): + - When HSFETCH arguments cannot be parsed, say "Invalid argument" + rather than "unrecognized." Closes ticket 20389; patch from + Ivan Markin. diff --git a/changes/bug20401 b/changes/bug20401 deleted file mode 100644 index 85ab3c7322..0000000000 --- a/changes/bug20401 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a small memory leak when informing worker threads about rotated - onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug20423 b/changes/bug20423 deleted file mode 100644 index 32bdc3f081..0000000000 --- a/changes/bug20423 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - For relays that don't know their own address, avoid attempting - a local hostname resolve for each descriptor we download. Also cut - down on the number of "Success: chose address 'x.x.x.x'" log lines. - Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20435 b/changes/bug20435 new file mode 100644 index 0000000000..00d5ac744e --- /dev/null +++ b/changes/bug20435 @@ -0,0 +1,4 @@ + o Documentation (man page): + - Set the default value from 250 KBytes to 2 MBytes for + AuthDirGuardBWGuarantee in the man page which is what the code is using; + Fixes bug 20435; bugfix on tor-0.2.5.6-alpha. diff --git a/changes/bug20459 b/changes/bug20459 new file mode 100644 index 0000000000..2571fc0f4a --- /dev/null +++ b/changes/bug20459 @@ -0,0 +1,6 @@ + o Major bugfixes (scheduler): + - Fix an issue where the ewma_cmp_cmux() function would never consider + circuit policies to be different. This bug caused the channel scheduler + to behave more or less randomly, rather than preferring channels with + higher-priority circuits. + Fixes bug 20459; bugfix on 0.2.6.2-alpha. diff --git a/changes/bug20472 b/changes/bug20472 deleted file mode 100644 index 4d90c39f5b..0000000000 --- a/changes/bug20472 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (circuits): - - Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume - all nodes support EXTEND2. Use ntor whenever a key is available. - Fixes bug 20472; bugfix on 0.2.9.3-alpha. - diff --git a/changes/bug20484 b/changes/bug20484 deleted file mode 100644 index 9a0b95cb39..0000000000 --- a/changes/bug20484 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (single onion services): - - Start correctly when creating a single onion service in a - directory that did not previously exist. Fixes bug 20484; bugfix on - 0.2.9.3-alpha. - diff --git a/changes/bug20487 b/changes/bug20487 deleted file mode 100644 index 4435f14a95..0000000000 --- a/changes/bug20487 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Clarify that setting HiddenServiceNonAnonymousMode requires - you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on - 0.2.9.3-alpha. diff --git a/changes/bug20529 b/changes/bug20529 deleted file mode 100644 index 276be5b2b6..0000000000 --- a/changes/bug20529 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - When configuring hidden services, check every hidden service directory's - permissions. Previously, we only checked the last hidden service. - Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha. diff --git a/changes/bug20530 b/changes/bug20530 new file mode 100644 index 0000000000..c21d5fbd34 --- /dev/null +++ b/changes/bug20530 @@ -0,0 +1,4 @@ + o Minor Fixes (Windows): + - Check for getpagesize before using it to mmap files. This fixes + compilation in some MinGW environments. Fixes bug 20530; bugfix on + commit bf72878 in tor-0.1.2.1-alpha, reported by "ice". diff --git a/changes/bug20533 b/changes/bug20533 deleted file mode 100644 index 7d1a456328..0000000000 --- a/changes/bug20533 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (consensus downloads): - - If a consensus expires while we are waiting for certificates to download, - stop waiting for certificates. - - If we stop waiting for certificates less than a minute after we started - downloading them, do not consider the certificate download failure a - separate failure. - Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha. diff --git a/changes/bug20534 b/changes/bug20534 deleted file mode 100644 index 49db433a01..0000000000 --- a/changes/bug20534 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (directory download scheduling): - - Remove the maximum delay on exponential-backoff scheduling. - Since we now allow an infinite number of failures (see ticket - 20536), we must now allow the time to grow longer on each failure. - Fixes part of bug 20534; bugfix on 0.2.9.1-alpha. - - Use initial delays and decrements in download scheduling closer to - those from 0.2.8. Fixes another part of bug 20534; bugfix on - 0.2.9.1-alpha. diff --git a/changes/bug20536 b/changes/bug20536 deleted file mode 100644 index 9e0dd164bb..0000000000 --- a/changes/bug20536 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (download scheduling): - - When using an exponential backoff schedule, do not give up on - dowloading just because we have failed a bunch of times. Since - each delay is longer than the last, retrying indefinitely won't - hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug20551 b/changes/bug20551 deleted file mode 100644 index b7ec4ca7cc..0000000000 --- a/changes/bug20551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix implicit conversion warnings under OpenSSL 1.1. - Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 deleted file mode 100644 index 12a2780303..0000000000 --- a/changes/bug20553 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Work around a memory leak in OpenSSL 1.1 when encoding public keys. - Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20559 b/changes/bug20559 new file mode 100644 index 0000000000..f117162dde --- /dev/null +++ b/changes/bug20559 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden services): + - Stop ignoring misconfigured hidden services. Instead, refuse to start + tor until the misconfigurations have been corrected. + Fixes bug 20559; bugfix on multiple commits in 0.2.7.1-alpha and earlier. diff --git a/changes/bug20560 b/changes/bug20560 deleted file mode 100644 index 43d605b296..0000000000 --- a/changes/bug20560 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Run correctly when built on Windows build environments that require - _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. - diff --git a/changes/bug20587 b/changes/bug20587 deleted file mode 100644 index 341b001363..0000000000 --- a/changes/bug20587 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (download timing): - - When determining when to download a directory object, handle times - after 2038 if the operating system supports that. (Someday this will be - important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20588 b/changes/bug20588 deleted file mode 100644 index 832ef81336..0000000000 --- a/changes/bug20588 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Fix compilation with OpenSSL 1.1 and less commonly-used - CPU architectures. Closes ticket 20588. diff --git a/changes/bug20591 b/changes/bug20591 deleted file mode 100644 index deaa738f5e..0000000000 --- a/changes/bug20591 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay bootstrap): - - Ensure relays don't make multiple connections during bootstrap. - Fixes bug 20591; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20593 b/changes/bug20593 deleted file mode 100644 index e9f54d317a..0000000000 --- a/changes/bug20593 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (client directory scheduling): - - Treat "relay too busy to answer request" as a failed request and a - reason to back off on our retry frequency. This is safe now that - exponential backups retry indefinitely, and avoids a bug where we would - reset our download schedule erroneously. - Fixes bug 20593; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20593.2 b/changes/bug20593.2 new file mode 100644 index 0000000000..bdaaf00eea --- /dev/null +++ b/changes/bug20593.2 @@ -0,0 +1,4 @@ + o Minor features (diagnostic, directory client): + - Warn if we find an unexpected inconsistency in directory download + status objects. Prevents some negative consequences of bug 20593. + diff --git a/changes/bug20597 b/changes/bug20597 deleted file mode 100644 index f199b63933..0000000000 --- a/changes/bug20597 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (test networks, exponential backoff): - - When using exponential backoff in test networks, use a lower exponent, - so the delays do not vary as much. This helps test networks bootstrap - consistently. Fixes bug 20597; bugfix on 20499; not in any released - version of tor. diff --git a/changes/bug20613 b/changes/bug20613 deleted file mode 100644 index 19bb61f4e0..0000000000 --- a/changes/bug20613 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (single onion services, Tor2web): - - Stop logging long-term one-hop circuits deliberately created by single - onion services and Tor2web. These log messages are intended to diagnose - issue 8387, which relates to circuits hanging around forever for no - reason. - Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". diff --git a/changes/bug20622 b/changes/bug20622 new file mode 100644 index 0000000000..eb7a8fb9b8 --- /dev/null +++ b/changes/bug20622 @@ -0,0 +1,8 @@ + o Minor bugfixes (configuration): + - Support "TByte" and "TBytes" units in options given in bytes. + "TB", "terabyte(s)", "TBit(s)" and "terabit(s)" were already + supported. Fixes bug 20622; bugfix on 0.2.0.14-alpha. + + o Minor bugfixes (documentation): + - Include the "TBits" unit in Tor's man page. Fixes part of bug + 20622; bugfix on tor-0.2.5.1-alpha. diff --git a/changes/bug20634 b/changes/bug20634 deleted file mode 100644 index 62fc9f4787..0000000000 --- a/changes/bug20634 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Stop spurious failures in the local interface address discovery unit - tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan. diff --git a/changes/bug20638 b/changes/bug20638 deleted file mode 100644 index 260d7d0a75..0000000000 --- a/changes/bug20638 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden services): - - Stop ignoring hidden service key anonymity when first starting tor. - Instead, refuse to start tor if any hidden service key has been used in - a different hidden service anonymity mode. - Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. diff --git a/changes/bug20646 b/changes/bug20646 new file mode 100644 index 0000000000..42e319ffcb --- /dev/null +++ b/changes/bug20646 @@ -0,0 +1,5 @@ + o Minor bugfix (util) + - When finishing writing a file to disk, if we were about to replace the + file with the temporary file created before and we fail to replace it, + remove the temporary file so it doesn't stay on disk. Closes #20646; + bugfix on tor-0.2.0.7-alpha; Patch by fk. diff --git a/changes/bug20667 b/changes/bug20667 new file mode 100644 index 0000000000..93b293a4e6 --- /dev/null +++ b/changes/bug20667 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory downloads): + - Download all consensus flavors, descriptors, and authority certificates + when FetchUselessDescriptors is set, regardless of whether tor is a + directory cache or not. + Fixes bug 20667; bugfix on all recent tor versions. diff --git a/changes/bug20839 b/changes/bug20839 new file mode 100644 index 0000000000..c290097d80 --- /dev/null +++ b/changes/bug20839 @@ -0,0 +1,5 @@ + o Minor bugfixes (descriptors): + - Correctly recognise downloaded full descriptors as valid, even when + using microdescriptors as circuits. This affects clients with + FetchUselessDescriptors set, and may affect directory authorities. + Fixes bug 20839; bugfix on commit 6083276 in 0.2.3.2-alpha. diff --git a/changes/bug20860 b/changes/bug20860 new file mode 100644 index 0000000000..81b0dd8fc0 --- /dev/null +++ b/changes/bug20860 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden services): + - Stop ignoring duplicate hidden services when validating: this could + lead to a crash when those services were created. + Fixes bug 20860; bugfix on 20559; not in any released version of tor. diff --git a/changes/bug6769 b/changes/bug6769 new file mode 100644 index 0000000000..773850fb1f --- /dev/null +++ b/changes/bug6769 @@ -0,0 +1,5 @@ + o Minor bugfixes (directory system): + - Bridges and relays now use microdescriptors (like clients do) + rather than old-style router descriptors. Now bridges will blend in + with clients in terms of the circuits they build. Fixes bug 6769; + bugfix on 0.2.3.2-alpha. diff --git a/changes/feature13752 b/changes/feature13752 new file mode 100644 index 0000000000..f318cc29f5 --- /dev/null +++ b/changes/feature13752 @@ -0,0 +1,4 @@ + o Minor features (fingerprinting resistence, authentication): + - Extend the length of RSA keys used for TLS link authentication to + 2048 bits. (These weren't used for forward secrecy; for forward + secrecy, we used P256.) Closes ticket 13752. diff --git a/changes/feature15055 b/changes/feature15055 new file mode 100644 index 0000000000..06cc06a281 --- /dev/null +++ b/changes/feature15055 @@ -0,0 +1,6 @@ + o Major features (protocol, Ed25519): + - Tor relays now use Ed25519 to prove their Ed25519 identities and + Ed25519 to one another, and to clients. This algorithm is faster + and more secure than the RSA-based handshake we've been doing until + now. Implements the second big part of proposal 220; Closes ticket + 15055. diff --git a/changes/feature15056 b/changes/feature15056 new file mode 100644 index 0000000000..46226f881f --- /dev/null +++ b/changes/feature15056 @@ -0,0 +1,28 @@ + o Major features (ed25519 identity keys): + - Relays now understand requests to extend to other relays + by their Ed25519 identity keys. When an Ed25519 identity key + is included in an EXTEND2 cell, the relay will only extend + the circuit if the other relay can prove ownership of that identity. + Implements part of ticket 15056; part of proposal 220. + - Clients now support including Ed25519 identity keys in the EXTEND2 + cells they generate. By default, this is controlled by a consensus + parameter, currently disabled. You can turn this feature on for + testing by setting ExtendByEd25519ID in your configuration. This might + make your traffic appear different than the traffic generated by other + users, however. + Implements part of ticket 15056; part of proposal 220. + + o Code simplification and refactoring: + - The code to generate and parse EXTEND and EXTEND2 cells has + been replaced with code automatically generated by the "trunnel" + utility. + - Remove data structures that were used to index or_connection objects by + their RSA identity digests. These structures are fully redundant with + the similar structures used in the channel abstraction. + + o Minor features (directory authority): + - Add a new authority-only AuthDirTestEd25519LinkKeys option (on by + default) to control whether authorities should try to probe relays by + their Ed25519 link keys. This option will go away in a few + releases--unless we encounter major trouble in our ed25519 link + protocol rollout, in which case it will serve as a safety option. diff --git a/changes/feature17238 b/changes/feature17238 new file mode 100644 index 0000000000..eba9fb794e --- /dev/null +++ b/changes/feature17238 @@ -0,0 +1,6 @@ + o Major features (onion service) + - Tor relays now support the HSDir version 3 protocol meaning they can + store and serve v3 descriptors. This is part of the next generation + onion service work detailled in proposal 224. The tor daemon also + contains all the necessary code to encode and decode a v3 descriptor but + it's currently only used by the directory subsystem. Closes #17238. diff --git a/changes/feature20552 b/changes/feature20552 new file mode 100644 index 0000000000..11954807a7 --- /dev/null +++ b/changes/feature20552 @@ -0,0 +1,4 @@ + o Minor features (ed25519 link handshake): + - Advertise support for the ed25519 link handshake using the + subprotocol-versions mechanism, so that clients can tell which + relays can identity themselves by Ed25519 ID. diff --git a/changes/geoip-november2016 b/changes/geoip-november2016 deleted file mode 100644 index b3f9913bb1..0000000000 --- a/changes/geoip-november2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (ge0oip): - - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/more_module_docs b/changes/more_module_docs deleted file mode 100644 index 0066ddfcf0..0000000000 --- a/changes/more_module_docs +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Module-level documentation for several more modules. Closes tickets - 19287 and - 19290. diff --git a/changes/ticket18873 b/changes/ticket18873 new file mode 100644 index 0000000000..f1d9bef6d2 --- /dev/null +++ b/changes/ticket18873 @@ -0,0 +1,7 @@ + o Code simplification and refactoring: + - Extracted dummy_origin_circuit_new so it can be used by other test + functions. + - Refactor circuit_predict_and_launch_new for readability and testability. + - Added unit tests for extracted functions. + - Extracted magic numbers in circuituse.c into defined variables. + - Refactor circuit_is_available_for_use to remove unnecessary check diff --git a/changes/ticket19858 b/changes/ticket19858 new file mode 100644 index 0000000000..777b7906a8 --- /dev/null +++ b/changes/ticket19858 @@ -0,0 +1,4 @@ + o Code simplification and refactoring (guards): + - Abolish all global guard context in entrynodes.c; replace with new + guard_selection_t structure as preparation for proposal 271. Closes + ticket 19858. diff --git a/changes/ticket20077 b/changes/ticket20077 new file mode 100644 index 0000000000..cd8149ad15 --- /dev/null +++ b/changes/ticket20077 @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + - Remove redundant behavior of is_sensitive_dir_purpose, refactor to use + only purpose_needs_anonymity. Closes part of ticket 20077. + - Refactor large if statement in purpose_needs_anonymity to use switch + statement instead. Closes part of ticket 20077. diff --git a/changes/ticket20486 b/changes/ticket20486 new file mode 100644 index 0000000000..9c1bb1e67f --- /dev/null +++ b/changes/ticket20486 @@ -0,0 +1,3 @@ + o Documentation (Onion Services): + - tor's man page incorrectly states that HiddenServiceDir must already + exist. This is not true. Fixes 20486. diff --git a/changes/ticket20717 b/changes/ticket20717 new file mode 100644 index 0000000000..c896f8ad98 --- /dev/null +++ b/changes/ticket20717 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Refactors the hashing API to return negative values for errors as is done + as a standard throughout the codebase. + - Refactors calling functions to expect negative values for errors. diff --git a/configure.ac b/configure.ac index 292ef6690a..2f556271f9 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.9.6-rc-dev]) +AC_INIT([tor],[0.3.0.0-alpha-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) @@ -1436,6 +1436,14 @@ AC_CHECK_DECLS([mlockall], , , [ #include <sys/mman.h> #endif]) +# Some MinGW environments don't have getpagesize in unistd.h. We don't use +# AC_CHECK_FUNCS(getpagesize), because other environments rename getpagesize +# using macros +AC_CHECK_DECLS([getpagesize], , , [ +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif]) + # Allow user to specify an alternate syslog facility AC_ARG_WITH(syslog-facility, AS_HELP_STRING(--with-syslog-facility=LOG, [syslog facility to use (default=LOG_DAEMON)]), diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 49aa8401df..a76bc2207b 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.9.6-rc-dev" +!define VERSION "0.3.0.0-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/doc/HACKING/ReleasingTor.md b/doc/HACKING/ReleasingTor.md index 7595398241..04d9ecc3e8 100644 --- a/doc/HACKING/ReleasingTor.md +++ b/doc/HACKING/ReleasingTor.md @@ -28,7 +28,7 @@ new Tor release: Is make check-spaces happy? - Does 'make distcheck' compain? + Does 'make distcheck' complain? How about 'make test-stem' and 'make test-network'? diff --git a/doc/HACKING/WritingTests.md b/doc/HACKING/WritingTests.md index de80bbdef2..4dae41e922 100644 --- a/doc/HACKING/WritingTests.md +++ b/doc/HACKING/WritingTests.md @@ -48,7 +48,7 @@ isolation, you just run `./src/test/test-memwipe`. To run tests within the unit test programs, you can specify the name of the test. The string ".." can be used as a wildcard at the end of the test name. For example, to run all the cell format tests, enter -`./src/test/test cellfmt/..`. To run +`./src/test/test cellfmt/..`. Many tests that need to mess with global state run in forked subprocesses in order to keep from contaminating one another. But when debugging a failing test, diff --git a/doc/tor.1.txt b/doc/tor.1.txt index f1068cedc6..9b8a0f00bf 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -176,7 +176,7 @@ forward slash (/) in the configuration file and on the command line. GENERAL OPTIONS --------------- -[[BandwidthRate]] **BandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[BandwidthRate]] **BandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: A token bucket limits the average incoming bandwidth usage on this node to the specified number of bytes per second, and the average outgoing bandwidth usage to that same value. If you want to run a relay in the @@ -195,35 +195,35 @@ GENERAL OPTIONS To avoid confusion, we recommend writing "bytes" or "bits" explicitly, since it's easy to forget that "B" means bytes, not bits. -[[BandwidthBurst]] **BandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[BandwidthBurst]] **BandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Limit the maximum token bucket size (also known as the burst) to the given number of bytes in each direction. (Default: 1 GByte) -[[MaxAdvertisedBandwidth]] **MaxAdvertisedBandwidth** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[MaxAdvertisedBandwidth]] **MaxAdvertisedBandwidth** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: If set, we will not advertise more than this amount of bandwidth for our BandwidthRate. Server operators who want to reduce the number of clients who ask to build circuits through them (since this is proportional to advertised bandwidth rate) can thus reduce the CPU demands on their server without impacting network performance. -[[RelayBandwidthRate]] **RelayBandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[RelayBandwidthRate]] **RelayBandwidthRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: If not 0, a separate token bucket limits the average incoming bandwidth usage for \_relayed traffic_ on this node to the specified number of bytes per second, and the average outgoing bandwidth usage to that same value. Relayed traffic currently is calculated to include answers to directory requests, but that may change in future versions. (Default: 0) -[[RelayBandwidthBurst]] **RelayBandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[RelayBandwidthBurst]] **RelayBandwidthBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: If not 0, limit the maximum token bucket size (also known as the burst) for \_relayed traffic_ to the given number of bytes in each direction. (Default: 0) -[[PerConnBWRate]] **PerConnBWRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[PerConnBWRate]] **PerConnBWRate** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: If set, do separate rate limiting for each connection from a non-relay. You should never need to change this value, since a network-wide value is published in the consensus and your relay will use that value. (Default: 0) -[[PerConnBWBurst]] **PerConnBWBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[PerConnBWBurst]] **PerConnBWBurst** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: If set, do separate rate limiting for each connection from a non-relay. You should never need to change this value, since a network-wide value is published in the consensus and your relay will use that value. (Default: 0) @@ -504,11 +504,13 @@ GENERAL OPTIONS (Default: 1) [[FetchUselessDescriptors]] **FetchUselessDescriptors** **0**|**1**:: - If set to 1, Tor will fetch every non-obsolete descriptor from the - authorities that it hears about. Otherwise, it will avoid fetching useless - descriptors, for example for routers that are not running. This option is - useful if you're using the contributed "exitlist" script to enumerate Tor - nodes that exit to certain addresses. (Default: 0) + If set to 1, Tor will fetch every consensus flavor, descriptor, and + certificate that it hears about. Otherwise, it will avoid fetching useless + descriptors: flavors that it is not using to build circuits, and authority + certificates it does not trust. This option is useful if you're using a + tor client with an external parser that uses a full consensus. + This option fetches all documents, **DirCache** fetches and serves + all documents. (Default: 0) [[HTTPProxy]] **HTTPProxy** __host__[:__port__]:: Tor will make all its directory requests through this host:port (or host:80 @@ -608,7 +610,7 @@ GENERAL OPTIONS message currently has at least one domain; most currently have exactly one. This doesn't affect controller log messages. (Default: 0) -[[MaxUnparseableDescSizeToLog]] **MaxUnparseableDescSizeToLog** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**:: +[[MaxUnparseableDescSizeToLog]] **MaxUnparseableDescSizeToLog** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**:: Unparseable descriptors (e.g. for votes, consensuses, routers) are logged in separate files by hash, up to the specified size in total. Note that only files logged during the lifetime of this Tor process count toward the @@ -717,6 +719,13 @@ GENERAL OPTIONS 127.0.0.1 or 10.0.0.1. This is mostly useful for debugging rate-limiting. (Default: 0) +[[ExtendByEd25519ID]] **ExtendByEd25519ID** **0**|**1**|**auto**:: + If this option is set to 1, we always try to include a relay's Ed25519 ID + when telling the proceeding relay in a circuit to extend to it. + If this option is set to 0, we never include Ed25519 IDs when extending + circuits. If the option is set to "default", we obey a + parameter in the consensus document. (Default: auto) + CLIENT OPTIONS -------------- @@ -1412,7 +1421,8 @@ The following options are useful only for clients (that is, if If true, Tor does not try to fulfill requests to connect to an internal address (like 127.0.0.1 or 192.168.0.1) __unless a exit node is specifically requested__ (for example, via a .exit hostname, or a - controller request). (Default: 1) + controller request). If true, multicast DNS hostnames for machines on the + local network (of the form *.local) are also rejected. (Default: 1) [[DownloadExtraInfo]] **DownloadExtraInfo** **0**|**1**:: If true, Tor downloads and caches "extra-info" documents. These documents @@ -1867,7 +1877,7 @@ is non-zero): to 0 will disable the heartbeat. Otherwise, it must be at least 30 minutes. (Default: 6 hours) -[[AccountingMax]] **AccountingMax** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**|**TBytes**:: +[[AccountingMax]] **AccountingMax** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Limits the max number of bytes sent and received within a set time period using a given calculation rule (see: AccountingStart, AccountingRule). Useful if you need to stay under a specific bandwidth. By default, the @@ -2240,15 +2250,15 @@ on the public Tor network. Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies to addresses shared with directory authorities. (Default: 5) -[[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Authoritative directories only. If non-zero, always vote the Fast flag for any relay advertising this amount of capacity or more. (Default: 100 KBytes) -[[AuthDirGuardBWGuarantee]] **AuthDirGuardBWGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[AuthDirGuardBWGuarantee]] **AuthDirGuardBWGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Authoritative directories only. If non-zero, this advertised capacity or more is always sufficient to satisfy the bandwidth requirement - for the Guard flag. (Default: 250 KBytes) + for the Guard flag. (Default: 2 MBytes) [[AuthDirPinKeys]] **AuthDirPinKeys** **0**|**1**:: Authoritative directories only. If non-zero, do not allow any relay to @@ -2263,6 +2273,13 @@ on the public Tor network. (default), the flag "shared-rand-participate" is added to the authority vote indicating participation in the protocol. (Default: 1) +[[AuthDirTestEd25519LinkKeys]] **AuthDirTestEd25519LinkKeys** **0**|**1**:: + Authoritative directories only. If this option is set to 0, then we treat + relays as "Running" if their RSA key is correct when we probe them, + regardless of their Ed25519 key. We should only ever set this option to 0 + if there is some major bug in Ed25519 link authentication that causes us + to label all the relays as not Running. (Default: 1) + [[BridgePassword]] **BridgePassword** __Password__:: If set, contains an HTTP authenticator that tells a bridge authority to serve all requested bridge information. Used by the (only partially @@ -2334,9 +2351,9 @@ The following options are used to configure a hidden service. [[HiddenServiceDir]] **HiddenServiceDir** __DIRECTORY__:: Store data files for a hidden service in DIRECTORY. Every hidden service must have a separate directory. You may use this option multiple times to - specify multiple services. DIRECTORY must be an existing directory. + specify multiple services. If DIRECTORY does not exist, Tor will create it. (Note: in current versions of Tor, if DIRECTORY is a relative path, - it will be relative to current + it will be relative to the current working directory of Tor instance, not to its DataDirectory. Do not rely on this behavior; it is not guaranteed to remain the same in future versions.) @@ -2524,7 +2541,7 @@ The following options are used for running a testing Tor network. time. Changing this requires that **TestingTorNetwork** is set. (Default: 10 minutes) -[[TestingMinFastFlagThreshold]] **TestingMinFastFlagThreshold** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[TestingMinFastFlagThreshold]] **TestingMinFastFlagThreshold** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Minimum value for the Fast flag. Overrides the ordinary minimum taken from the consensus when TestingTorNetwork is set. (Default: 0.) @@ -2644,7 +2661,7 @@ The following options are used for running a testing Tor network. events. Changing this requires that **TestingTorNetwork** is set. (Default: 0) -[[TestingMinExitFlagThreshold]] **TestingMinExitFlagThreshold** __N__ **KBytes**|**MBytes**|**GBytes**|**KBits**|**MBits**|**GBits**:: +[[TestingMinExitFlagThreshold]] **TestingMinExitFlagThreshold** __N__ **KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**:: Sets a lower-bound for assigning an exit flag when running as an authority on a testing network. Overrides the usual default lower bound of 4 KB. (Default: 0) diff --git a/scripts/codegen/run_trunnel.sh b/scripts/codegen/run_trunnel.sh index d2669931e9..428804342a 100755 --- a/scripts/codegen/run_trunnel.sh +++ b/scripts/codegen/run_trunnel.sh @@ -5,7 +5,13 @@ if test "x$TRUNNEL_PATH" != "x"; then export PYTHONPATH fi -python -m trunnel --require-version=1.4 ./src/trunnel/*.trunnel +OPTIONS="--require-version=1.5.1" -python -m trunnel --require-version=1.4 --write-c-files --target-dir=./src/ext/trunnel/ +# Get all .trunnel files recursively from that directory so we can support +# multiple sub-directories. +for file in `find ./src/trunnel/ -name '*.trunnel'`; do + python -m trunnel ${OPTIONS} $file +done + +python -m trunnel ${OPTIONS} --write-c-files --target-dir=./src/ext/trunnel/ diff --git a/src/common/address.c b/src/common/address.c index 773e688554..fa6630ef92 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -2100,7 +2100,8 @@ get_interface_address,(int severity, uint32_t *addr)) } /** Return true if we can tell that <b>name</b> is a canonical name for the - * loopback address. */ + * loopback address. Return true also for *.local hostnames, which are + * multicast DNS names for hosts on the local network. */ int tor_addr_hostname_is_local(const char *name) { diff --git a/src/common/compat.c b/src/common/compat.c index 8d6a491c42..ebf05f59e1 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -204,7 +204,15 @@ tor_rename(const char *path_old, const char *path_new) sandbox_intern_string(path_new)); } -#if defined(HAVE_SYS_MMAN_H) || defined(RUNNING_DOXYGEN) +/* Some MinGW builds have sys/mman.h, but not the corresponding symbols. + * Other configs rename the symbols using macros (including getpagesize). + * So check for sys/mman.h and unistd.h, and a getpagesize declaration. */ +#if (defined(HAVE_SYS_MMAN_H) && defined(HAVE_UNISTD_H) && \ + defined(HAVE_DECL_GETPAGESIZE)) +#define COMPAT_HAS_MMAN_AND_PAGESIZE +#endif + +#if defined(COMPAT_HAS_MMAN_AND_PAGESIZE) || defined(RUNNING_DOXYGEN) /** Try to create a memory mapping for <b>filename</b> and return it. On * failure, return NULL. Sets errno properly, using ERANGE to mean * "empty file". */ diff --git a/src/common/crypto.c b/src/common/crypto.c index fff516cc8e..be42d36af6 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1506,7 +1506,7 @@ crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out) if (crypto_pk_get_digest(pk, digest)) { return -1; } - if (crypto_digest(hashed_digest, digest, DIGEST_LEN)) { + if (crypto_digest(hashed_digest, digest, DIGEST_LEN) < 0) { return -1; } base16_encode(fp_out, FINGERPRINT_LEN + 1, hashed_digest, DIGEST_LEN); @@ -1700,19 +1700,21 @@ crypto_cipher_decrypt_with_iv(const char *key, /** Compute the SHA1 digest of the <b>len</b> bytes on data stored in * <b>m</b>. Write the DIGEST_LEN byte result into <b>digest</b>. - * Return 0 on success, 1 on failure. + * Return 0 on success, -1 on failure. */ int crypto_digest(char *digest, const char *m, size_t len) { tor_assert(m); tor_assert(digest); - return (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL); + if (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL) + return -1; + return 0; } /** Compute a 256-bit digest of <b>len</b> bytes in data stored in <b>m</b>, * using the algorithm <b>algorithm</b>. Write the DIGEST_LEN256-byte result - * into <b>digest</b>. Return 0 on success, 1 on failure. */ + * into <b>digest</b>. Return 0 on success, -1 on failure. */ int crypto_digest256(char *digest, const char *m, size_t len, digest_algorithm_t algorithm) @@ -1720,16 +1722,22 @@ crypto_digest256(char *digest, const char *m, size_t len, tor_assert(m); tor_assert(digest); tor_assert(algorithm == DIGEST_SHA256 || algorithm == DIGEST_SHA3_256); + + int ret = 0; if (algorithm == DIGEST_SHA256) - return (SHA256((const uint8_t*)m,len,(uint8_t*)digest) == NULL); + ret = (SHA256((const uint8_t*)m,len,(uint8_t*)digest) != NULL); else - return (sha3_256((uint8_t *)digest, DIGEST256_LEN,(const uint8_t *)m, len) - == -1); + ret = (sha3_256((uint8_t *)digest, DIGEST256_LEN,(const uint8_t *)m, len) + > -1); + + if (!ret) + return -1; + return 0; } /** Compute a 512-bit digest of <b>len</b> bytes in data stored in <b>m</b>, * using the algorithm <b>algorithm</b>. Write the DIGEST_LEN512-byte result - * into <b>digest</b>. Return 0 on success, 1 on failure. */ + * into <b>digest</b>. Return 0 on success, -1 on failure. */ int crypto_digest512(char *digest, const char *m, size_t len, digest_algorithm_t algorithm) @@ -1737,12 +1745,18 @@ crypto_digest512(char *digest, const char *m, size_t len, tor_assert(m); tor_assert(digest); tor_assert(algorithm == DIGEST_SHA512 || algorithm == DIGEST_SHA3_512); + + int ret = 0; if (algorithm == DIGEST_SHA512) - return (SHA512((const unsigned char*)m,len,(unsigned char*)digest) - == NULL); + ret = (SHA512((const unsigned char*)m,len,(unsigned char*)digest) + != NULL); else - return (sha3_512((uint8_t*)digest, DIGEST512_LEN, (const uint8_t*)m, len) - == -1); + ret = (sha3_512((uint8_t*)digest, DIGEST512_LEN, (const uint8_t*)m, len) + > -1); + + if (!ret) + return -1; + return 0; } /** Set the common_digests_t in <b>ds_out</b> to contain every digest on the @@ -2628,7 +2642,7 @@ crypto_expand_key_material_TAP(const uint8_t *key_in, size_t key_in_len, for (cp = key_out, i=0; cp < key_out+key_out_len; ++i, cp += DIGEST_LEN) { tmp[key_in_len] = i; - if (crypto_digest((char*)digest, (const char *)tmp, key_in_len+1)) + if (crypto_digest((char*)digest, (const char *)tmp, key_in_len+1) < 0) goto exit; memcpy(cp, digest, MIN(DIGEST_LEN, key_out_len-(cp-key_out))); } diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 30ed772274..b7c8311475 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -211,6 +211,14 @@ ed25519_keypair_generate(ed25519_keypair_t *keypair_out, int extra_strong) return 0; } +/** Return true iff 'pubkey' is set to zero (eg to indicate that it is not + * set). */ +int +ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey) +{ + return tor_mem_is_zero((char*)pubkey->pubkey, ED25519_PUBKEY_LEN); +} + /* Return a heap-allocated array that contains <b>msg</b> prefixed by the * string <b>prefix_str</b>. Set <b>final_msg_len_out</b> to the size of the * final array. If an error occured, return NULL. It's the resonsibility of the @@ -620,6 +628,18 @@ ed25519_pubkey_eq(const ed25519_public_key_t *key1, return tor_memeq(key1->pubkey, key2->pubkey, ED25519_PUBKEY_LEN); } +/** + * Set <b>dest</b> to contain the same key as <b>src</b>. + */ +void +ed25519_pubkey_copy(ed25519_public_key_t *dest, + const ed25519_public_key_t *src) +{ + tor_assert(dest); + tor_assert(src); + memcpy(dest, src, sizeof(ed25519_public_key_t)); +} + /** Check whether the given Ed25519 implementation seems to be working. * If so, return 0; otherwise return -1. */ static int diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h index 31afc49ccc..a58b416943 100644 --- a/src/common/crypto_ed25519.h +++ b/src/common/crypto_ed25519.h @@ -66,6 +66,8 @@ ed25519_checksig_prefixed(const ed25519_signature_t *signature, const char *prefix_str, const ed25519_public_key_t *pubkey); +int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey); + /** * A collection of information necessary to check an Ed25519 signature. Used * for batch verification. @@ -118,6 +120,8 @@ void ed25519_keypair_free(ed25519_keypair_t *kp); int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2); +void ed25519_pubkey_copy(ed25519_public_key_t *dest, + const ed25519_public_key_t *src); void ed25519_set_impl_params(int use_donna); void ed25519_init(void); diff --git a/src/common/crypto_format.c b/src/common/crypto_format.c index 2f6d847c83..483013ee68 100644 --- a/src/common/crypto_format.c +++ b/src/common/crypto_format.c @@ -161,6 +161,22 @@ curve25519_public_from_base64(curve25519_public_key_t *pkey, } } +/** For convenience: Convert <b>pkey</b> to a statically allocated base64 + * string and return it. Not threadsafe. Subsequent calls invalidate + * previous returns. */ +const char * +ed25519_fmt(const ed25519_public_key_t *pkey) +{ + static char formatted[ED25519_BASE64_LEN+1]; + if (pkey) { + int r = ed25519_public_to_base64(formatted, pkey); + tor_assert(!r); + } else { + strlcpy(formatted, "<null>", sizeof(formatted)); + } + return formatted; +} + /** Try to decode the string <b>input</b> into an ed25519 public key. On * success, store the value in <b>pkey</b> and return 0. Otherwise return * -1. */ diff --git a/src/common/crypto_format.h b/src/common/crypto_format.h index 012e228cc4..86c29d319c 100644 --- a/src/common/crypto_format.h +++ b/src/common/crypto_format.h @@ -28,6 +28,7 @@ int ed25519_public_from_base64(ed25519_public_key_t *pkey, const char *input); int ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey); +const char *ed25519_fmt(const ed25519_public_key_t *pkey); /* XXXX move these to crypto_format.h */ #define ED25519_SIG_BASE64_LEN 86 diff --git a/src/common/log.c b/src/common/log.c index 56adc77f84..3b0eb882c3 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -682,7 +682,7 @@ tor_log_get_logfile_names(smartlist_t *out) continue; if (lf->filename == NULL) continue; - smartlist_add(out, tor_strdup(lf->filename)); + smartlist_add_strdup(out, lf->filename); } UNLOCK_LOGS(); diff --git a/src/common/timers.c b/src/common/timers.c index 41b2008ac4..e1ad47b15b 100644 --- a/src/common/timers.c +++ b/src/common/timers.c @@ -255,6 +255,20 @@ timer_set_cb(tor_timer_t *t, timer_cb_fn_t cb, void *arg) } /** + * Set *<b>cb_out</b> (if provided) to this timer's callback function, + * and *<b>arg_out</b> (if provided) to this timer's callback argument. + */ +void +timer_get_cb(const tor_timer_t *t, + timer_cb_fn_t *cb_out, void **arg_out) +{ + if (cb_out) + *cb_out = t->callback.cb; + if (arg_out) + *arg_out = t->callback.arg; +} + +/** * Schedule the timer t to fire at the current time plus a delay of * <b>delay</b> microseconds. All times are relative to monotime_get(). */ diff --git a/src/common/timers.h b/src/common/timers.h index 5f918f8e15..c5246a3335 100644 --- a/src/common/timers.h +++ b/src/common/timers.h @@ -13,6 +13,8 @@ typedef void (*timer_cb_fn_t)(tor_timer_t *, void *, const struct monotime_t *); tor_timer_t *timer_new(timer_cb_fn_t cb, void *arg); void timer_set_cb(tor_timer_t *t, timer_cb_fn_t cb, void *arg); +void timer_get_cb(const tor_timer_t *t, + timer_cb_fn_t *cb_out, void **arg_out); void timer_schedule(tor_timer_t *t, const struct timeval *delay); void timer_disable(tor_timer_t *t); void timer_free(tor_timer_t *t); diff --git a/src/common/tortls.c b/src/common/tortls.c index 62ed5be344..2efb3baa73 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -136,6 +136,7 @@ static void tor_tls_context_decref(tor_tls_context_t *ctx); static void tor_tls_context_incref(tor_tls_context_t *ctx); static int check_cert_lifetime_internal(int severity, const X509 *cert, + time_t now, int past_tolerance, int future_tolerance); /** Global TLS contexts. We keep them here because nobody else needs @@ -522,7 +523,8 @@ MOCK_IMPL(STATIC X509 *, goto error; if (!X509_set_pubkey(x509, pkey)) goto error; - if (!X509_sign(x509, sign_pkey, EVP_sha1())) + + if (!X509_sign(x509, sign_pkey, EVP_sha256())) goto error; goto done; @@ -677,6 +679,13 @@ MOCK_IMPL(STATIC tor_x509_cert_t *, return cert; } +/** Return a copy of <b>cert</b> */ +tor_x509_cert_t * +tor_x509_cert_dup(const tor_x509_cert_t *cert) +{ + return tor_x509_cert_new(X509_dup(cert->cert)); +} + /** Read a DER-encoded X509 cert, of length exactly <b>certificate_len</b>, * from a <b>certificate</b>. Return a newly allocated tor_x509_cert_t on * success and NULL on failure. */ @@ -769,8 +778,8 @@ tor_tls_context_decref(tor_tls_context_t *ctx) /** Set *<b>link_cert_out</b> and *<b>id_cert_out</b> to the link certificate * and ID certificate that we're currently using for our V3 in-protocol * handshake's certificate chain. If <b>server</b> is true, provide the certs - * that we use in server mode; otherwise, provide the certs that we use in - * client mode. */ + * that we use in server mode (auth, ID); otherwise, provide the certs that we + * use in client mode. (link, ID) */ int tor_tls_get_my_certs(int server, const tor_x509_cert_t **link_cert_out, @@ -800,7 +809,7 @@ tor_tls_get_my_client_auth_key(void) /** * Return a newly allocated copy of the public key that a certificate - * certifies. Return NULL if the cert's key is not RSA. + * certifies. Watch out! This returns NULL if the cert's key is not RSA. */ crypto_pk_t * tor_tls_cert_get_key(tor_x509_cert_t *cert) @@ -855,6 +864,7 @@ int tor_tls_cert_is_valid(int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, + time_t now, int check_rsa_1024) { check_no_tls_errors(); @@ -874,7 +884,7 @@ tor_tls_cert_is_valid(int severity, /* okay, the signature checked out right. Now let's check the check the * lifetime. */ - if (check_cert_lifetime_internal(severity, cert->cert, + if (check_cert_lifetime_internal(severity, cert->cert, now, 48*60*60, 30*24*60*60) < 0) goto bad; @@ -1019,6 +1029,8 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext, /** The group we should use for ecdhe when none was selected. */ #define NID_tor_default_ecdhe_group NID_X9_62_prime256v1 +#define RSA_LINK_KEY_BITS 2048 + /** Create a new TLS context for use with Tor TLS handshakes. * <b>identity</b> should be set to the identity key used to sign the * certificate. @@ -1044,7 +1056,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, /* Generate short-term RSA key for use with TLS. */ if (!(rsa = crypto_pk_new())) goto error; - if (crypto_pk_generate_key(rsa)<0) + if (crypto_pk_generate_key_with_bits(rsa, RSA_LINK_KEY_BITS)<0) goto error; if (!is_client) { /* Generate short-term RSA key for use in the in-protocol ("v3") @@ -2023,13 +2035,13 @@ tor_tls_get_peer_cert,(tor_tls_t *tls)) /** Warn that a certificate lifetime extends through a certain range. */ static void -log_cert_lifetime(int severity, const X509 *cert, const char *problem) +log_cert_lifetime(int severity, const X509 *cert, const char *problem, + time_t now) { BIO *bio = NULL; BUF_MEM *buf; char *s1=NULL, *s2=NULL; char mytime[33]; - time_t now = time(NULL); struct tm tm; size_t n; @@ -2177,6 +2189,7 @@ tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity_key) */ int tor_tls_check_lifetime(int severity, tor_tls_t *tls, + time_t now, int past_tolerance, int future_tolerance) { X509 *cert; @@ -2185,7 +2198,7 @@ tor_tls_check_lifetime(int severity, tor_tls_t *tls, if (!(cert = SSL_get_peer_certificate(tls->ssl))) goto done; - if (check_cert_lifetime_internal(severity, cert, + if (check_cert_lifetime_internal(severity, cert, now, past_tolerance, future_tolerance) < 0) goto done; @@ -2201,24 +2214,24 @@ tor_tls_check_lifetime(int severity, tor_tls_t *tls, /** Helper: check whether <b>cert</b> is expired give or take * <b>past_tolerance</b> seconds, or not-yet-valid give or take - * <b>future_tolerance</b> seconds. If it is live, return 0. If it is not - * live, log a message and return -1. */ + * <b>future_tolerance</b> seconds. (Relative to the current time + * <b>now</b>.) If it is live, return 0. If it is not live, log a message + * and return -1. */ static int check_cert_lifetime_internal(int severity, const X509 *cert, + time_t now, int past_tolerance, int future_tolerance) { - time_t now, t; - - now = time(NULL); + time_t t; t = now + future_tolerance; if (X509_cmp_time(X509_get_notBefore_const(cert), &t) > 0) { - log_cert_lifetime(severity, cert, "not yet valid"); + log_cert_lifetime(severity, cert, "not yet valid", now); return -1; } t = now - past_tolerance; if (X509_cmp_time(X509_get_notAfter_const(cert), &t) < 0) { - log_cert_lifetime(severity, cert, "already expired"); + log_cert_lifetime(severity, cert, "already expired", now); return -1; } @@ -2443,6 +2456,28 @@ tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out)) return 0; } +/** Using the RFC5705 key material exporting construction, and the + * provided <b>context</b> (<b>context_len</b> bytes long) and + * <b>label</b> (a NUL-terminated string), compute a 32-byte secret in + * <b>secrets_out</b> that only the parties to this TLS session can + * compute. Return 0 on success and -1 on failure. + */ +MOCK_IMPL(int, +tor_tls_export_key_material,(tor_tls_t *tls, uint8_t *secrets_out, + const uint8_t *context, + size_t context_len, + const char *label)) +{ + tor_assert(tls); + tor_assert(tls->ssl); + + int r = SSL_export_keying_material(tls->ssl, + secrets_out, DIGEST256_LEN, + label, strlen(label), + context, context_len, 1); + return (r == 1) ? 0 : -1; +} + /** Examine the amount of memory used and available for buffers in <b>tls</b>. * Set *<b>rbuf_capacity</b> to the amount of storage allocated for the read * buffer and *<b>rbuf_bytes</b> to the amount actually used. diff --git a/src/common/tortls.h b/src/common/tortls.h index 7c035a2cd5..6510fdbe64 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -176,6 +176,7 @@ extern uint64_t total_bytes_written_by_tls; #endif /* endif TORTLS_PRIVATE */ +tor_x509_cert_t *tor_x509_cert_dup(const tor_x509_cert_t *cert); const char *tor_tls_err_to_string(int err); void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz); @@ -200,7 +201,8 @@ int tor_tls_peer_has_cert(tor_tls_t *tls); MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls)); int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity); int tor_tls_check_lifetime(int severity, - tor_tls_t *tls, int past_tolerance, + tor_tls_t *tls, time_t now, + int past_tolerance, int future_tolerance); MOCK_DECL(int, tor_tls_read, (tor_tls_t *tls, char *cp, size_t len)); int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n); @@ -226,6 +228,11 @@ int tor_tls_used_v1_handshake(tor_tls_t *tls); int tor_tls_get_num_server_handshakes(tor_tls_t *tls); int tor_tls_server_got_renegotiate(tor_tls_t *tls); MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out)); +MOCK_DECL(int,tor_tls_export_key_material,( + tor_tls_t *tls, uint8_t *secrets_out, + const uint8_t *context, + size_t context_len, + const char *label)); /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack. */ @@ -254,6 +261,7 @@ MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls, int tor_tls_cert_is_valid(int severity, const tor_x509_cert_t *cert, const tor_x509_cert_t *signing_cert, + time_t now, int check_rsa_1024); const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls); diff --git a/src/common/util.c b/src/common/util.c index a7bce2ea6c..417aa89433 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -2270,10 +2270,14 @@ check_private_dir,(const char *dirname, cpd_check_t check, * permissions on the directory will be checked again below.*/ fd = open(sandbox_intern_string(dirname), O_NOFOLLOW); - if (fd == -1) + if (fd == -1) { + log_warn(LD_FS, "Could not reopen recently created directory %s: %s", + dirname, + strerror(errno)); return -1; - else + } else { close(fd); + } } else if (!(check & CPD_CHECK)) { log_warn(LD_FS, "Directory %s does not exist.", dirname); @@ -2601,6 +2605,14 @@ finish_writing_to_file_impl(open_file_t *file_data, int abort_write) if (file_data->rename_on_close) { tor_assert(file_data->tempname && file_data->filename); + if (!abort_write) { + tor_assert(strcmp(file_data->filename, file_data->tempname)); + if (replace_file(file_data->tempname, file_data->filename)) { + log_warn(LD_FS, "Error replacing \"%s\": %s", file_data->filename, + strerror(errno)); + abort_write = r = -1; + } + } if (abort_write) { int res = unlink(file_data->tempname); if (res != 0) { @@ -2609,13 +2621,6 @@ finish_writing_to_file_impl(open_file_t *file_data, int abort_write) file_data->tempname, strerror(errno)); r = -1; } - } else { - tor_assert(strcmp(file_data->filename, file_data->tempname)); - if (replace_file(file_data->tempname, file_data->filename)) { - log_warn(LD_FS, "Error replacing \"%s\": %s", file_data->filename, - strerror(errno)); - r = -1; - } } } @@ -3534,6 +3539,17 @@ smartlist_add_vasprintf(struct smartlist_t *sl, const char *pattern, smartlist_add(sl, str); } +/** Append a copy of string to sl */ +void +smartlist_add_strdup(struct smartlist_t *sl, const char *string) +{ + char *copy; + + copy = tor_strdup(string); + + smartlist_add(sl, copy); +} + /** Return a new list containing the filenames in the directory <b>dirname</b>. * Return NULL on error or if <b>dirname</b> is not a directory. */ @@ -3567,7 +3583,7 @@ tor_listdir, (const char *dirname)) #endif if (strcmp(name, ".") && strcmp(name, "..")) { - smartlist_add(result, tor_strdup(name)); + smartlist_add_strdup(result, name); } if (!FindNextFile(handle, &findData)) { DWORD err; @@ -3593,7 +3609,7 @@ tor_listdir, (const char *dirname)) if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) continue; - smartlist_add(result, tor_strdup(de->d_name)); + smartlist_add_strdup(result, de->d_name); } closedir(d); #endif @@ -4864,7 +4880,7 @@ get_current_process_environment_variables(void) char **environ_tmp; /* Not const char ** ? Really? */ for (environ_tmp = get_environment(); *environ_tmp; ++environ_tmp) { - smartlist_add(sl, tor_strdup(*environ_tmp)); + smartlist_add_strdup(sl, *environ_tmp); } return sl; @@ -5247,7 +5263,7 @@ tor_get_lines_from_handle, (FILE *handle, goto done; if (!lines) lines = smartlist_new(); - smartlist_add(lines, tor_strdup(stdout_buf)); + smartlist_add_strdup(lines, stdout_buf); } done: diff --git a/src/common/util.h b/src/common/util.h index 479fc8d610..37f4bed1cb 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -239,6 +239,7 @@ void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern, ...) void smartlist_add_vasprintf(struct smartlist_t *sl, const char *pattern, va_list args) CHECK_PRINTF(2, 0); +void smartlist_add_strdup(struct smartlist_t *sl, const char *string); /* Time helpers */ long tv_udiff(const struct timeval *start, const struct timeval *end); diff --git a/src/common/util_bug.c b/src/common/util_bug.c index 08aba47974..c7bfdefe80 100644 --- a/src/common/util_bug.c +++ b/src/common/util_bug.c @@ -44,7 +44,7 @@ static void add_captured_bug(const char *s) { --n_bugs_to_capture; - smartlist_add(bug_messages, tor_strdup(s)); + smartlist_add_strdup(bug_messages, s); } /** Set a callback to be invoked when we get any tor_bug_occurred_ * invocation. We use this in the unit tests so that a nonfatal diff --git a/src/ext/trunnel/trunnel-impl.h b/src/ext/trunnel/trunnel-impl.h index 3ffde6e09b..bc805851b1 100644 --- a/src/ext/trunnel/trunnel-impl.h +++ b/src/ext/trunnel/trunnel-impl.h @@ -1,4 +1,4 @@ -/* trunnel-impl.h -- copied from Trunnel v1.4.6 +/* trunnel-impl.h -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -17,6 +17,7 @@ #include "trunnel.h" #include <assert.h> #include <string.h> +#include <stdlib.h> #if defined(_MSC_VER) && (_MSC_VER < 1600) #define uint8_t unsigned char diff --git a/src/ext/trunnel/trunnel.c b/src/ext/trunnel/trunnel.c index 3994422643..a008fb9f31 100644 --- a/src/ext/trunnel/trunnel.c +++ b/src/ext/trunnel/trunnel.c @@ -1,4 +1,4 @@ -/* trunnel.c -- copied from Trunnel v1.4.6 +/* trunnel.c -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ diff --git a/src/ext/trunnel/trunnel.h b/src/ext/trunnel/trunnel.h index 41068b8fb3..85bbcc5451 100644 --- a/src/ext/trunnel/trunnel.h +++ b/src/ext/trunnel/trunnel.h @@ -1,4 +1,4 @@ -/* trunnel.h -- copied from Trunnel v1.4.6 +/* trunnel.h -- copied from Trunnel v1.5.1 * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ diff --git a/src/or/addressmap.c b/src/or/addressmap.c index 33fd7e0f4a..85a6434f4a 100644 --- a/src/or/addressmap.c +++ b/src/or/addressmap.c @@ -376,29 +376,38 @@ addressmap_rewrite(char *address, size_t maxlen, char *addr_orig = tor_strdup(address); char *log_addr_orig = NULL; + /* We use a loop here to limit the total number of rewrites we do, + * so that we can't hit an infinite loop. */ for (rewrites = 0; rewrites < 16; rewrites++) { int exact_match = 0; log_addr_orig = tor_strdup(escaped_safe_str_client(address)); + /* First check to see if there's an exact match for this address */ ent = strmap_get(addressmap, address); if (!ent || !ent->new_address) { + /* And if we don't have an exact match, try to check whether + * we have a pattern-based match. + */ ent = addressmap_match_superdomains(address); } else { if (ent->src_wildcard && !ent->dst_wildcard && !strcasecmp(address, ent->new_address)) { - /* This is a rule like *.example.com example.com, and we just got - * "example.com" */ + /* This is a rule like "rewrite *.example.com to example.com", and we + * just got "example.com". Instead of calling it an infinite loop, + * call it complete. */ goto done; } - exact_match = 1; } if (!ent || !ent->new_address) { + /* We still have no match at all. We're done! */ goto done; } + /* Check wither the flags we were passed tell us not to use this + * mapping. */ switch (ent->source) { case ADDRMAPSRC_DNS: { @@ -431,6 +440,8 @@ addressmap_rewrite(char *address, size_t maxlen, goto done; } + /* Now fill in the address with the new address. That might be via + * appending some new stuff to the end, or via just replacing it. */ if (ent->dst_wildcard && !exact_match) { strlcat(address, ".", maxlen); strlcat(address, ent->new_address, maxlen); @@ -438,6 +449,7 @@ addressmap_rewrite(char *address, size_t maxlen, strlcpy(address, ent->new_address, maxlen); } + /* Is this now a .exit address? If so, remember where we got it.*/ if (!strcmpend(address, ".exit") && strcmpend(addr_orig, ".exit") && exit_source == ADDRMAPSRC_NONE) { diff --git a/src/or/channel.c b/src/or/channel.c index f547aea1b3..7984558b40 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -733,27 +733,62 @@ channel_find_by_global_id(uint64_t global_identifier) return rv; } +/** Return true iff <b>chan</b> matches <b>rsa_id_digest</b> and <b>ed_id</b>. + * as its identity keys. If either is NULL, do not check for a match. */ +static int +channel_remote_identity_matches(const channel_t *chan, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id) +{ + if (BUG(!chan)) + return 0; + if (rsa_id_digest) { + if (tor_memneq(rsa_id_digest, chan->identity_digest, DIGEST_LEN)) + return 0; + } + if (ed_id) { + if (tor_memneq(ed_id->pubkey, chan->ed25519_identity.pubkey, + ED25519_PUBKEY_LEN)) + return 0; + } + return 1; +} + /** - * Find channel by digest of the remote endpoint + * Find channel by RSA/Ed25519 identity of of the remote endpoint + * + * This function looks up a channel by the digest of its remote endpoint's RSA + * identity key. If <b>ed_id</b> is provided and nonzero, only a channel + * matching the <b>ed_id</b> will be returned. * - * This function looks up a channel by the digest of its remote endpoint in - * the channel digest map. It's possible that more than one channel to a - * given endpoint exists. Use channel_next_with_digest() to walk the list. + * It's possible that more than one channel to a given endpoint exists. Use + * channel_next_with_rsa_identity() to walk the list of channels; make sure + * to test for Ed25519 identity match too (as appropriate) */ - channel_t * -channel_find_by_remote_digest(const char *identity_digest) +channel_find_by_remote_identity(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id) { channel_t *rv = NULL; channel_idmap_entry_t *ent, search; - tor_assert(identity_digest); + tor_assert(rsa_id_digest); /* For now, we require that every channel have + * an RSA identity, and that every lookup + * contain an RSA identity */ + if (ed_id && ed25519_public_key_is_zero(ed_id)) { + /* Treat zero as meaning "We don't care about the presence or absence of + * an Ed key", not "There must be no Ed key". */ + ed_id = NULL; + } - memcpy(search.digest, identity_digest, DIGEST_LEN); + memcpy(search.digest, rsa_id_digest, DIGEST_LEN); ent = HT_FIND(channel_idmap, &channel_identity_map, &search); if (ent) { rv = TOR_LIST_FIRST(&ent->channel_list); } + while (rv && ! channel_remote_identity_matches(rv, rsa_id_digest, ed_id)) { + rv = channel_next_with_rsa_identity(rv); + } return rv; } @@ -766,7 +801,7 @@ channel_find_by_remote_digest(const char *identity_digest) */ channel_t * -channel_next_with_digest(channel_t *chan) +channel_next_with_rsa_identity(channel_t *chan) { tor_assert(chan); @@ -1433,10 +1468,10 @@ channel_clear_identity_digest(channel_t *chan) * This function sets the identity digest of the remote endpoint for a * channel; this is intended for use by the lower layer. */ - void channel_set_identity_digest(channel_t *chan, - const char *identity_digest) + const char *identity_digest, + const ed25519_public_key_t *ed_identity) { int was_in_digest_map, should_be_in_digest_map, state_not_in_map; @@ -1475,6 +1510,11 @@ channel_set_identity_digest(channel_t *chan, memset(chan->identity_digest, 0, sizeof(chan->identity_digest)); } + if (ed_identity) { + memcpy(&chan->ed25519_identity, ed_identity, sizeof(*ed_identity)); + } else { + memset(&chan->ed25519_identity, 0, sizeof(*ed_identity)); + } /* Put it in the digest map if we should */ if (should_be_in_digest_map) @@ -1738,7 +1778,7 @@ channel_get_cell_queue_entry_size(channel_t *chan, cell_queue_entry_t *q) rv = get_cell_network_size(chan->wide_circ_ids); break; default: - tor_assert(1); + tor_assert_nonfatal_unreached_once(); } return rv; @@ -1838,45 +1878,58 @@ channel_write_cell_queue_entry(channel_t *chan, cell_queue_entry_t *q) } } -/** - * Write a cell to a channel +/** Write a generic cell type to a channel * - * Write a fixed-length cell to a channel using the write_cell() method. - * This is equivalent to the pre-channels connection_or_write_cell_to_buf(); - * it is called by the transport-independent code to deliver a cell to a - * channel for transmission. + * Write a generic cell to a channel. It is called by channel_write_cell(), + * channel_write_var_cell() and channel_write_packed_cell() in order to reduce + * code duplication. Notice that it takes cell as pointer of type void, + * this can be dangerous because no type check is performed. */ void -channel_write_cell(channel_t *chan, cell_t *cell) +channel_write_cell_generic_(channel_t *chan, const char *cell_type, + void *cell, cell_queue_entry_t *q) { - cell_queue_entry_t q; tor_assert(chan); tor_assert(cell); if (CHANNEL_IS_CLOSING(chan)) { - log_debug(LD_CHANNEL, "Discarding cell_t %p on closing channel %p with " - "global ID "U64_FORMAT, cell, chan, + log_debug(LD_CHANNEL, "Discarding %c %p on closing channel %p with " + "global ID "U64_FORMAT, *cell_type, cell, chan, U64_PRINTF_ARG(chan->global_identifier)); tor_free(cell); return; } - log_debug(LD_CHANNEL, - "Writing cell_t %p to channel %p with global ID " - U64_FORMAT, + "Writing %c %p to channel %p with global ID " + U64_FORMAT, *cell_type, cell, chan, U64_PRINTF_ARG(chan->global_identifier)); - q.type = CELL_QUEUE_FIXED; - q.u.fixed.cell = cell; - channel_write_cell_queue_entry(chan, &q); - + channel_write_cell_queue_entry(chan, q); /* Update the queue size estimate */ channel_update_xmit_queue_size(chan); } /** + * Write a cell to a channel + * + * Write a fixed-length cell to a channel using the write_cell() method. + * This is equivalent to the pre-channels connection_or_write_cell_to_buf(); + * it is called by the transport-independent code to deliver a cell to a + * channel for transmission. + */ + +void +channel_write_cell(channel_t *chan, cell_t *cell) +{ + cell_queue_entry_t q; + q.type = CELL_QUEUE_FIXED; + q.u.fixed.cell = cell; + channel_write_cell_generic_(chan, "cell_t", cell, &q); +} + +/** * Write a packed cell to a channel * * Write a packed cell to a channel using the write_cell() method. This is @@ -1888,30 +1941,9 @@ void channel_write_packed_cell(channel_t *chan, packed_cell_t *packed_cell) { cell_queue_entry_t q; - - tor_assert(chan); - tor_assert(packed_cell); - - if (CHANNEL_IS_CLOSING(chan)) { - log_debug(LD_CHANNEL, "Discarding packed_cell_t %p on closing channel %p " - "with global ID "U64_FORMAT, packed_cell, chan, - U64_PRINTF_ARG(chan->global_identifier)); - packed_cell_free(packed_cell); - return; - } - - log_debug(LD_CHANNEL, - "Writing packed_cell_t %p to channel %p with global ID " - U64_FORMAT, - packed_cell, chan, - U64_PRINTF_ARG(chan->global_identifier)); - q.type = CELL_QUEUE_PACKED; q.u.packed.packed_cell = packed_cell; - channel_write_cell_queue_entry(chan, &q); - - /* Update the queue size estimate */ - channel_update_xmit_queue_size(chan); + channel_write_cell_generic_(chan, "packed_cell_t", packed_cell, &q); } /** @@ -1927,30 +1959,9 @@ void channel_write_var_cell(channel_t *chan, var_cell_t *var_cell) { cell_queue_entry_t q; - - tor_assert(chan); - tor_assert(var_cell); - - if (CHANNEL_IS_CLOSING(chan)) { - log_debug(LD_CHANNEL, "Discarding var_cell_t %p on closing channel %p " - "with global ID "U64_FORMAT, var_cell, chan, - U64_PRINTF_ARG(chan->global_identifier)); - var_cell_free(var_cell); - return; - } - - log_debug(LD_CHANNEL, - "Writing var_cell_t %p to channel %p with global ID " - U64_FORMAT, - var_cell, chan, - U64_PRINTF_ARG(chan->global_identifier)); - q.type = CELL_QUEUE_VAR; q.u.var.var_cell = var_cell; - channel_write_cell_queue_entry(chan, &q); - - /* Update the queue size estimate */ - channel_update_xmit_queue_size(chan); + channel_write_cell_generic_(chan, "var_cell_t", var_cell, &q); } /** @@ -3249,9 +3260,10 @@ channel_free_all(void) channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, - const char *id_digest) + const char *id_digest, + const ed25519_public_key_t *ed_id) { - return channel_tls_connect(addr, port, id_digest); + return channel_tls_connect(addr, port, id_digest, ed_id); } /** @@ -3324,7 +3336,8 @@ channel_is_better(time_t now, channel_t *a, channel_t *b, */ channel_t * -channel_get_for_extend(const char *digest, +channel_get_for_extend(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, const tor_addr_t *target_addr, const char **msg_out, int *launch_out) @@ -3337,14 +3350,14 @@ channel_get_for_extend(const char *digest, tor_assert(msg_out); tor_assert(launch_out); - chan = channel_find_by_remote_digest(digest); + chan = channel_find_by_remote_identity(rsa_id_digest, ed_id); /* Walk the list, unrefing the old one and refing the new at each * iteration. */ - for (; chan; chan = channel_next_with_digest(chan)) { + for (; chan; chan = channel_next_with_rsa_identity(chan)) { tor_assert(tor_memeq(chan->identity_digest, - digest, DIGEST_LEN)); + rsa_id_digest, DIGEST_LEN)); if (CHANNEL_CONDEMNED(chan)) continue; @@ -3355,6 +3368,11 @@ channel_get_for_extend(const char *digest, continue; } + /* The Ed25519 key has to match too */ + if (!channel_remote_identity_matches(chan, rsa_id_digest, ed_id)) { + continue; + } + /* Never return a non-open connection. */ if (!CHANNEL_IS_OPEN(chan)) { /* If the address matches, don't launch a new connection for this @@ -4526,6 +4544,81 @@ channel_set_circid_type,(channel_t *chan, } } +/** Helper for channel_update_bad_for_new_circs(): Perform the + * channel_update_bad_for_new_circs operation on all channels in <b>lst</b>, + * all of which MUST have the same RSA ID. (They MAY have different + * Ed25519 IDs.) */ +static void +channel_rsa_id_group_set_badness(struct channel_list_s *lst, int force) +{ + /*XXXX This function should really be about channels. 15056 */ + channel_t *chan; + + /* First, get a minimal list of the ed25519 identites */ + smartlist_t *ed_identities = smartlist_new(); + TOR_LIST_FOREACH(chan, lst, next_with_same_id) { + uint8_t *id_copy = + tor_memdup(&chan->ed25519_identity.pubkey, DIGEST256_LEN); + smartlist_add(ed_identities, id_copy); + } + smartlist_sort_digests256(ed_identities); + smartlist_uniq_digests256(ed_identities); + + /* Now, for each Ed identity, build a smartlist and find the best entry on + * it. */ + smartlist_t *or_conns = smartlist_new(); + SMARTLIST_FOREACH_BEGIN(ed_identities, const uint8_t *, ed_id) { + TOR_LIST_FOREACH(chan, lst, next_with_same_id) { + channel_tls_t *chantls = BASE_CHAN_TO_TLS(chan); + if (tor_memneq(ed_id, &chan->ed25519_identity.pubkey, DIGEST256_LEN)) + continue; + or_connection_t *orconn = chantls->conn; + if (orconn) { + tor_assert(orconn->chan == chantls); + smartlist_add(or_conns, orconn); + } + } + + connection_or_group_set_badness_(or_conns, force); + smartlist_clear(or_conns); + } SMARTLIST_FOREACH_END(ed_id); + + /* XXXX 15056 we may want to do something special with connections that have + * no set Ed25519 identity! */ + + smartlist_free(or_conns); + + SMARTLIST_FOREACH(ed_identities, uint8_t *, ed_id, tor_free(ed_id)); + smartlist_free(ed_identities); +} + +/** Go through all the channels (or if <b>digest</b> is non-NULL, just + * the OR connections with that digest), and set the is_bad_for_new_circs + * flag based on the rules in connection_or_group_set_badness() (or just + * always set it if <b>force</b> is true). + */ +void +channel_update_bad_for_new_circs(const char *digest, int force) +{ + if (digest) { + channel_idmap_entry_t *ent; + channel_idmap_entry_t search; + memset(&search, 0, sizeof(search)); + memcpy(search.digest, digest, DIGEST_LEN); + ent = HT_FIND(channel_idmap, &channel_identity_map, &search); + if (ent) { + channel_rsa_id_group_set_badness(&ent->channel_list, force); + } + return; + } + + /* no digest; just look at everything. */ + channel_idmap_entry_t **iter; + HT_FOREACH(iter, channel_idmap, &channel_identity_map) { + channel_rsa_id_group_set_badness(&(*iter)->channel_list, force); + } +} + /** * Update the estimated number of bytes queued to transmit for this channel, * and notify the scheduler. The estimate includes both the channel queue and diff --git a/src/or/channel.h b/src/or/channel.h index a711b56d44..26aa93b5e2 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -153,16 +153,32 @@ struct channel_s { int (*write_var_cell)(channel_t *, var_cell_t *); /** - * Hash of the public RSA key for the other side's identity key, or - * zeroes if the other side hasn't shown us a valid identity key. + * Hash of the public RSA key for the other side's RSA identity key -- or + * zeroes if we don't have an RSA identity in mind for the other side, and + * it hasn't shown us one. + * + * Note that this is the RSA identity that we hope the other side has -- not + * necessarily its true identity. Don't believe this identity unless + * authentication has happened. */ char identity_digest[DIGEST_LEN]; + /** + * Ed25519 key for the other side of this channel -- or zeroes if we don't + * have an Ed25519 identity in mind for the other side, and it hasn't shown + * us one. + * + * Note that this is the identity that we hope the other side has -- not + * necessarily its true identity. Don't believe this identity unless + * authentication has happened. + */ + ed25519_public_key_t ed25519_identity; + /** Nickname of the OR on the other side, or NULL if none. */ char *nickname; /** - * Linked list of channels with the same identity digest, for the - * digest->channel map + * Linked list of channels with the same RSA identity digest, for use with + * the digest->channel map */ TOR_LIST_ENTRY(channel_s) next_with_same_id; @@ -382,6 +398,9 @@ struct cell_queue_entry_s { STATIC int chan_cell_queue_len(const chan_cell_queue_t *queue); STATIC void cell_queue_entry_free(cell_queue_entry_t *q, int handed_off); + +void channel_write_cell_generic_(channel_t *chan, const char *cell_type, + void *cell, cell_queue_entry_t *q); #endif /* Channel operations for subclasses and internal use only */ @@ -424,7 +443,8 @@ void channel_mark_incoming(channel_t *chan); void channel_mark_outgoing(channel_t *chan); void channel_mark_remote(channel_t *chan); void channel_set_identity_digest(channel_t *chan, - const char *identity_digest); + const char *identity_digest, + const ed25519_public_key_t *ed_identity); void channel_set_remote_end(channel_t *chan, const char *identity_digest, const char *nickname); @@ -486,9 +506,11 @@ int channel_send_destroy(circid_t circ_id, channel_t *chan, */ channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, - const char *id_digest); + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id); -channel_t * channel_get_for_extend(const char *digest, +channel_t * channel_get_for_extend(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, const tor_addr_t *target_addr, const char **msg_out, int *launch_out); @@ -502,11 +524,13 @@ int channel_is_better(time_t now, */ channel_t * channel_find_by_global_id(uint64_t global_identifier); -channel_t * channel_find_by_remote_digest(const char *identity_digest); +channel_t * channel_find_by_remote_identity(const char *rsa_id_digest, + const ed25519_public_key_t *ed_id); /** For things returned by channel_find_by_remote_digest(), walk the list. + * The RSA key will match for all returned elements; the Ed25519 key might not. */ -channel_t * channel_next_with_digest(channel_t *chan); +channel_t * channel_next_with_rsa_identity(channel_t *chan); /* * Helper macros to lookup state of given channel. @@ -578,6 +602,8 @@ void channel_listener_dump_statistics(channel_listener_t *chan_l, void channel_listener_dump_transport_statistics(channel_listener_t *chan_l, int severity); +void channel_update_bad_for_new_circs(const char *digest, int force); + /* Flow control queries */ uint64_t channel_get_global_queue_estimate(void); int channel_num_cells_writeable(channel_t *chan); diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 09cca95b64..aef0143c9d 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -55,6 +55,7 @@ #include "router.h" #include "routerlist.h" #include "scheduler.h" +#include "torcert.h" /** How many CELL_PADDING cells have we received, ever? */ uint64_t stats_n_padding_cells_processed = 0; @@ -170,7 +171,8 @@ channel_tls_common_init(channel_tls_t *tlschan) channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, - const char *id_digest) + const char *id_digest, + const ed25519_public_key_t *ed_id) { channel_tls_t *tlschan = tor_malloc_zero(sizeof(*tlschan)); channel_t *chan = &(tlschan->base_); @@ -198,7 +200,7 @@ channel_tls_connect(const tor_addr_t *addr, uint16_t port, channel_mark_outgoing(chan); /* Set up or_connection stuff */ - tlschan->conn = connection_or_connect(addr, port, id_digest, tlschan); + tlschan->conn = connection_or_connect(addr, port, id_digest, ed_id, tlschan); /* connection_or_connect() will fill in tlschan->conn */ if (!(tlschan->conn)) { chan->reason_for_closing = CHANNEL_CLOSE_FOR_ERROR; @@ -598,7 +600,7 @@ channel_tls_get_remote_descr_method(channel_t *chan, int flags) break; default: /* Something's broken in channel.c */ - tor_assert(1); + tor_assert_nonfatal_unreached_once(); } } else { strlcpy(buf, "(No connection)", sizeof(buf)); @@ -667,7 +669,7 @@ channel_tls_is_canonical_method(channel_t *chan, int req) break; default: /* This shouldn't happen; channel.c is broken if it does */ - tor_assert(1); + tor_assert_nonfatal_unreached_once(); } } /* else return 0 for tlschan->conn == NULL */ @@ -1639,15 +1641,20 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) if (!(chan->conn->handshake_state->authenticated)) { tor_assert(tor_digest_is_zero( (const char*)(chan->conn->handshake_state-> - authenticated_peer_id))); + authenticated_rsa_peer_id))); + tor_assert(tor_mem_is_zero( + (const char*)(chan->conn->handshake_state-> + authenticated_ed25519_peer_id.pubkey), 32)); channel_set_circid_type(TLS_CHAN_TO_BASE(chan), NULL, chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); connection_or_init_conn_from_address(chan->conn, &(chan->conn->base_.addr), chan->conn->base_.port, + /* zero, checked above */ (const char*)(chan->conn->handshake_state-> - authenticated_peer_id), + authenticated_rsa_peer_id), + NULL, /* Ed25519 ID: Also checked as zero */ 0); } } @@ -1744,6 +1751,41 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) assert_connection_ok(TO_CONN(chan->conn),time(NULL)); } +/** Types of certificates that we know how to parse from CERTS cells. Each + * type corresponds to a different encoding format. */ +typedef enum cert_encoding_t { + CERT_ENCODING_UNKNOWN, /**< We don't recognize this. */ + CERT_ENCODING_X509, /**< It's an RSA key, signed with RSA, encoded in x509. + * (Actually, it might not be RSA. We test that later.) */ + CERT_ENCODING_ED25519, /**< It's something signed with an Ed25519 key, + * encoded asa a tor_cert_t.*/ + CERT_ENCODING_RSA_CROSSCERT, /**< It's an Ed key signed with an RSA key. */ +} cert_encoding_t; + +/** + * Given one of the certificate type codes used in a CERTS cell, + * return the corresponding cert_encoding_t that we should use to parse + * the certificate. + */ +static cert_encoding_t +certs_cell_typenum_to_cert_type(int typenum) +{ + switch (typenum) { + case CERTTYPE_RSA1024_ID_LINK: + case CERTTYPE_RSA1024_ID_ID: + case CERTTYPE_RSA1024_ID_AUTH: + return CERT_ENCODING_X509; + case CERTTYPE_ED_ID_SIGN: + case CERTTYPE_ED_SIGN_LINK: + case CERTTYPE_ED_SIGN_AUTH: + return CERT_ENCODING_ED25519; + case CERTTYPE_RSA1024_ID_EDID: + return CERT_ENCODING_RSA_CROSSCERT; + default: + return CERT_ENCODING_UNKNOWN; + } +} + /** * Process a CERTS cell from a channel. * @@ -1763,14 +1805,21 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) STATIC void channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) { -#define MAX_CERT_TYPE_WANTED OR_CERT_TYPE_AUTH_1024 - tor_x509_cert_t *certs[MAX_CERT_TYPE_WANTED + 1]; +#define MAX_CERT_TYPE_WANTED CERTTYPE_RSA1024_ID_EDID + /* These arrays will be sparse, since a cert type can be at most one + * of ed/x509 */ + tor_x509_cert_t *x509_certs[MAX_CERT_TYPE_WANTED + 1]; + tor_cert_t *ed_certs[MAX_CERT_TYPE_WANTED + 1]; + uint8_t *rsa_ed_cc_cert = NULL; + size_t rsa_ed_cc_cert_len = 0; + int n_certs, i; certs_cell_t *cc = NULL; int send_netinfo = 0; - memset(certs, 0, sizeof(certs)); + memset(x509_certs, 0, sizeof(x509_certs)); + memset(ed_certs, 0, sizeof(ed_certs)); tor_assert(cell); tor_assert(chan); tor_assert(chan->conn); @@ -1814,77 +1863,149 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) if (cert_type > MAX_CERT_TYPE_WANTED) continue; + const cert_encoding_t ct = certs_cell_typenum_to_cert_type(cert_type); + switch (ct) { + default: + case CERT_ENCODING_UNKNOWN: + break; + case CERT_ENCODING_X509: { + tor_x509_cert_t *x509_cert = tor_x509_cert_decode(cert_body, cert_len); + if (!x509_cert) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Received undecodable certificate in CERTS cell from %s:%d", + safe_str(chan->conn->base_.address), + chan->conn->base_.port); + } else { + if (x509_certs[cert_type]) { + tor_x509_cert_free(x509_cert); + ERR("Duplicate x509 certificate"); + } else { + x509_certs[cert_type] = x509_cert; + } + } + break; + } + case CERT_ENCODING_ED25519: { + tor_cert_t *ed_cert = tor_cert_parse(cert_body, cert_len); + if (!ed_cert) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Received undecodable Ed certificate " + "in CERTS cell from %s:%d", + safe_str(chan->conn->base_.address), + chan->conn->base_.port); + } else { + if (ed_certs[cert_type]) { + tor_cert_free(ed_cert); + ERR("Duplicate Ed25519 certificate"); + } else { + ed_certs[cert_type] = ed_cert; + } + } + break; + } - tor_x509_cert_t *cert = tor_x509_cert_decode(cert_body, cert_len); - if (!cert) { - log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, - "Received undecodable certificate in CERTS cell from %s:%d", - safe_str(chan->conn->base_.address), - chan->conn->base_.port); - } else { - if (certs[cert_type]) { - tor_x509_cert_free(cert); - ERR("Duplicate x509 certificate"); - } else { - certs[cert_type] = cert; + case CERT_ENCODING_RSA_CROSSCERT: { + if (rsa_ed_cc_cert) { + ERR("Duplicate RSA->Ed25519 crosscert"); + } else { + rsa_ed_cc_cert = tor_memdup(cert_body, cert_len); + rsa_ed_cc_cert_len = cert_len; + } + break; } } } - tor_x509_cert_t *id_cert = certs[OR_CERT_TYPE_ID_1024]; - tor_x509_cert_t *auth_cert = certs[OR_CERT_TYPE_AUTH_1024]; - tor_x509_cert_t *link_cert = certs[OR_CERT_TYPE_TLS_LINK]; + /* Move the certificates we (might) want into the handshake_state->certs + * structure. */ + tor_x509_cert_t *id_cert = x509_certs[CERTTYPE_RSA1024_ID_ID]; + tor_x509_cert_t *auth_cert = x509_certs[CERTTYPE_RSA1024_ID_AUTH]; + tor_x509_cert_t *link_cert = x509_certs[CERTTYPE_RSA1024_ID_LINK]; + chan->conn->handshake_state->certs->auth_cert = auth_cert; + chan->conn->handshake_state->certs->link_cert = link_cert; + chan->conn->handshake_state->certs->id_cert = id_cert; + x509_certs[CERTTYPE_RSA1024_ID_ID] = + x509_certs[CERTTYPE_RSA1024_ID_AUTH] = + x509_certs[CERTTYPE_RSA1024_ID_LINK] = NULL; + + tor_cert_t *ed_id_sign = ed_certs[CERTTYPE_ED_ID_SIGN]; + tor_cert_t *ed_sign_link = ed_certs[CERTTYPE_ED_SIGN_LINK]; + tor_cert_t *ed_sign_auth = ed_certs[CERTTYPE_ED_SIGN_AUTH]; + chan->conn->handshake_state->certs->ed_id_sign = ed_id_sign; + chan->conn->handshake_state->certs->ed_sign_link = ed_sign_link; + chan->conn->handshake_state->certs->ed_sign_auth = ed_sign_auth; + ed_certs[CERTTYPE_ED_ID_SIGN] = + ed_certs[CERTTYPE_ED_SIGN_LINK] = + ed_certs[CERTTYPE_ED_SIGN_AUTH] = NULL; + + chan->conn->handshake_state->certs->ed_rsa_crosscert = rsa_ed_cc_cert; + chan->conn->handshake_state->certs->ed_rsa_crosscert_len = + rsa_ed_cc_cert_len; + rsa_ed_cc_cert = NULL; + + int severity; + /* Note that this warns more loudly about time and validity if we were + * _trying_ to connect to an authority, not necessarily if we _did_ connect + * to one. */ + if (chan->conn->handshake_state->started_here && + router_digest_is_trusted_dir(TLS_CHAN_TO_BASE(chan)->identity_digest)) + severity = LOG_WARN; + else + severity = LOG_PROTOCOL_WARN; + + const ed25519_public_key_t *checked_ed_id = NULL; + const common_digests_t *checked_rsa_id = NULL; + or_handshake_certs_check_both(severity, + chan->conn->handshake_state->certs, + chan->conn->tls, + time(NULL), + &checked_ed_id, + &checked_rsa_id); + + if (!checked_rsa_id) + ERR("Invalid certificate chain!"); if (chan->conn->handshake_state->started_here) { - int severity; - if (! (id_cert && link_cert)) - ERR("The certs we wanted were missing"); - /* Okay. We should be able to check the certificates now. */ - if (! tor_tls_cert_matches_key(chan->conn->tls, link_cert)) { - ERR("The link certificate didn't match the TLS public key"); - } - /* Note that this warns more loudly about time and validity if we were - * _trying_ to connect to an authority, not necessarily if we _did_ connect - * to one. */ - if (router_digest_is_trusted_dir( - TLS_CHAN_TO_BASE(chan)->identity_digest)) - severity = LOG_WARN; - else - severity = LOG_PROTOCOL_WARN; - - if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0)) - ERR("The link certificate was not valid"); - if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1)) - ERR("The ID certificate was not valid"); + /* No more information is needed. */ chan->conn->handshake_state->authenticated = 1; + chan->conn->handshake_state->authenticated_rsa = 1; { - const common_digests_t *id_digests = - tor_x509_cert_get_id_digests(id_cert); + const common_digests_t *id_digests = checked_rsa_id; crypto_pk_t *identity_rcvd; if (!id_digests) ERR("Couldn't compute digests for key in ID cert"); identity_rcvd = tor_tls_cert_get_key(id_cert); - if (!identity_rcvd) - ERR("Internal error: Couldn't get RSA key from ID cert."); - memcpy(chan->conn->handshake_state->authenticated_peer_id, + if (!identity_rcvd) { + ERR("Couldn't get RSA key from ID cert."); + } + memcpy(chan->conn->handshake_state->authenticated_rsa_peer_id, id_digests->d[DIGEST_SHA1], DIGEST_LEN); channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd, chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); crypto_pk_free(identity_rcvd); } + if (checked_ed_id) { + chan->conn->handshake_state->authenticated_ed25519 = 1; + memcpy(&chan->conn->handshake_state->authenticated_ed25519_peer_id, + checked_ed_id, sizeof(ed25519_public_key_t)); + } + + log_debug(LD_HANDSHAKE, "calling client_learned_peer_id from " + "process_certs_cell"); + if (connection_or_client_learned_peer_id(chan->conn, - chan->conn->handshake_state->authenticated_peer_id) < 0) + chan->conn->handshake_state->authenticated_rsa_peer_id, + checked_ed_id) < 0) ERR("Problem setting or checking peer id"); - log_info(LD_OR, - "Got some good certificates from %s:%d: Authenticated it.", - safe_str(chan->conn->base_.address), chan->conn->base_.port); - - chan->conn->handshake_state->id_cert = id_cert; - certs[OR_CERT_TYPE_ID_1024] = NULL; + log_info(LD_HANDSHAKE, + "Got some good certificates from %s:%d: Authenticated it with " + "RSA%s", + safe_str(chan->conn->base_.address), chan->conn->base_.port, + checked_ed_id ? " and Ed25519" : ""); if (!public_server_mode(get_options())) { /* If we initiated the connection and we are not a public server, we @@ -1893,25 +2014,14 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) send_netinfo = 1; } } else { - if (! (id_cert && auth_cert)) - ERR("The certs we wanted were missing"); - - /* Remember these certificates so we can check an AUTHENTICATE cell */ - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, auth_cert, id_cert, 1)) - ERR("The authentication certificate was not valid"); - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1)) - ERR("The ID certificate was not valid"); - + /* We can't call it authenticated till we see an AUTHENTICATE cell. */ log_info(LD_OR, - "Got some good certificates from %s:%d: " + "Got some good RSA%s certificates from %s:%d. " "Waiting for AUTHENTICATE.", + checked_ed_id ? " and Ed25519" : "", safe_str(chan->conn->base_.address), chan->conn->base_.port); /* XXXX check more stuff? */ - - chan->conn->handshake_state->id_cert = id_cert; - chan->conn->handshake_state->auth_cert = auth_cert; - certs[OR_CERT_TYPE_ID_1024] = certs[OR_CERT_TYPE_AUTH_1024] = NULL; } chan->conn->handshake_state->received_certs_cell = 1; @@ -1925,9 +2035,13 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) } err: - for (unsigned u = 0; u < ARRAY_LENGTH(certs); ++u) { - tor_x509_cert_free(certs[u]); + for (unsigned u = 0; u < ARRAY_LENGTH(x509_certs); ++u) { + tor_x509_cert_free(x509_certs[u]); } + for (unsigned u = 0; u < ARRAY_LENGTH(ed_certs); ++u) { + tor_cert_free(ed_certs[u]); + } + tor_free(rsa_ed_cc_cert); certs_cell_free(cc); #undef ERR } @@ -1984,8 +2098,12 @@ channel_tls_process_auth_challenge_cell(var_cell_t *cell, channel_tls_t *chan) /* Now see if there is an authentication type we can use */ for (i = 0; i < n_types; ++i) { uint16_t authtype = auth_challenge_cell_get_methods(ac, i); - if (authtype == AUTHTYPE_RSA_SHA256_TLSSECRET) - use_type = authtype; + if (authchallenge_type_is_supported(authtype)) { + if (use_type == -1 || + authchallenge_type_is_better(authtype, use_type)) { + use_type = authtype; + } + } } chan->conn->handshake_state->received_auth_challenge = 1; @@ -2000,9 +2118,10 @@ channel_tls_process_auth_challenge_cell(var_cell_t *cell, channel_tls_t *chan) if (use_type >= 0) { log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Sending " - "authentication", + "authentication type %d", safe_str(chan->conn->base_.address), - chan->conn->base_.port); + chan->conn->base_.port, + use_type); if (connection_or_send_authenticate_cell(chan->conn, use_type) < 0) { log_warn(LD_OR, @@ -2043,9 +2162,11 @@ channel_tls_process_auth_challenge_cell(var_cell_t *cell, channel_tls_t *chan) STATIC void channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) { - uint8_t expected[V3_AUTH_FIXED_PART_LEN+256]; + var_cell_t *expected_cell = NULL; const uint8_t *auth; int authlen; + int authtype; + int bodylen; tor_assert(cell); tor_assert(chan); @@ -2058,6 +2179,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) safe_str(chan->conn->base_.address), \ chan->conn->base_.port, (s)); \ connection_or_close_for_error(chan->conn, 0); \ + var_cell_free(expected_cell); \ return; \ } while (0) @@ -2075,9 +2197,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) } if (!(chan->conn->handshake_state->received_certs_cell)) ERR("We never got a certs cell"); - if (chan->conn->handshake_state->auth_cert == NULL) - ERR("We never got an authentication certificate"); - if (chan->conn->handshake_state->id_cert == NULL) + if (chan->conn->handshake_state->certs->id_cert == NULL) ERR("We never got an identity certificate"); if (cell->payload_len < 4) ERR("Cell was way too short"); @@ -2089,8 +2209,9 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) if (4 + len > cell->payload_len) ERR("Authenticator was truncated"); - if (type != AUTHTYPE_RSA_SHA256_TLSSECRET) + if (! authchallenge_type_is_supported(type)) ERR("Authenticator type was not recognized"); + authtype = type; auth += 4; authlen = len; @@ -2099,25 +2220,55 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) if (authlen < V3_AUTH_BODY_LEN + 1) ERR("Authenticator was too short"); - ssize_t bodylen = - connection_or_compute_authenticate_cell_body( - chan->conn, expected, sizeof(expected), NULL, 1); - if (bodylen < 0 || bodylen != V3_AUTH_FIXED_PART_LEN) + expected_cell = connection_or_compute_authenticate_cell_body( + chan->conn, authtype, NULL, NULL, 1); + if (! expected_cell) ERR("Couldn't compute expected AUTHENTICATE cell body"); - if (tor_memneq(expected, auth, bodylen)) + int sig_is_rsa; + if (authtype == AUTHTYPE_RSA_SHA256_TLSSECRET || + authtype == AUTHTYPE_RSA_SHA256_RFC5705) { + bodylen = V3_AUTH_BODY_LEN; + sig_is_rsa = 1; + } else { + tor_assert(authtype == AUTHTYPE_ED25519_SHA256_RFC5705); + /* Our earlier check had better have made sure we had room + * for an ed25519 sig (inadvertently) */ + tor_assert(V3_AUTH_BODY_LEN > ED25519_SIG_LEN); + bodylen = authlen - ED25519_SIG_LEN; + sig_is_rsa = 0; + } + if (expected_cell->payload_len != bodylen+4) { + ERR("Expected AUTHENTICATE cell body len not as expected."); + } + + /* Length of random part. */ + if (BUG(bodylen < 24)) { + // LCOV_EXCL_START + ERR("Bodylen is somehow less than 24, which should really be impossible"); + // LCOV_EXCL_STOP + } + + if (tor_memneq(expected_cell->payload+4, auth, bodylen-24)) ERR("Some field in the AUTHENTICATE cell body was not as expected"); - { + if (sig_is_rsa) { + if (chan->conn->handshake_state->certs->ed_id_sign != NULL) + ERR("RSA-signed AUTHENTICATE response provided with an ED25519 cert"); + + if (chan->conn->handshake_state->certs->auth_cert == NULL) + ERR("We never got an RSA authentication certificate"); + crypto_pk_t *pk = tor_tls_cert_get_key( - chan->conn->handshake_state->auth_cert); + chan->conn->handshake_state->certs->auth_cert); char d[DIGEST256_LEN]; char *signed_data; size_t keysize; int signed_len; - if (!pk) - ERR("Internal error: couldn't get RSA key from AUTH cert."); + if (! pk) { + ERR("Couldn't get RSA key from AUTH cert."); + } crypto_digest256(d, (char*)auth, V3_AUTH_BODY_LEN, DIGEST_SHA256); keysize = crypto_pk_keysize(pk); @@ -2128,7 +2279,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) crypto_pk_free(pk); if (signed_len < 0) { tor_free(signed_data); - ERR("Signature wasn't valid"); + ERR("RSA signature wasn't valid"); } if (signed_len < DIGEST256_LEN) { tor_free(signed_data); @@ -2141,41 +2292,75 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) ERR("Signature did not match data to be signed."); } tor_free(signed_data); + } else { + if (chan->conn->handshake_state->certs->ed_id_sign == NULL) + ERR("We never got an Ed25519 identity certificate."); + if (chan->conn->handshake_state->certs->ed_sign_auth == NULL) + ERR("We never got an Ed25519 authentication certificate."); + + const ed25519_public_key_t *authkey = + &chan->conn->handshake_state->certs->ed_sign_auth->signed_key; + ed25519_signature_t sig; + tor_assert(authlen > ED25519_SIG_LEN); + memcpy(&sig.sig, auth + authlen - ED25519_SIG_LEN, ED25519_SIG_LEN); + if (ed25519_checksig(&sig, auth, authlen - ED25519_SIG_LEN, authkey)<0) { + ERR("Ed25519 signature wasn't valid."); + } } /* Okay, we are authenticated. */ chan->conn->handshake_state->received_authenticate = 1; chan->conn->handshake_state->authenticated = 1; + chan->conn->handshake_state->authenticated_rsa = 1; chan->conn->handshake_state->digest_received_data = 0; { - crypto_pk_t *identity_rcvd = - tor_tls_cert_get_key(chan->conn->handshake_state->id_cert); - const common_digests_t *id_digests = - tor_x509_cert_get_id_digests(chan->conn->handshake_state->id_cert); + tor_x509_cert_t *id_cert = chan->conn->handshake_state->certs->id_cert; + crypto_pk_t *identity_rcvd = tor_tls_cert_get_key(id_cert); + const common_digests_t *id_digests = tor_x509_cert_get_id_digests(id_cert); + const ed25519_public_key_t *ed_identity_received = NULL; + + if (! sig_is_rsa) { + chan->conn->handshake_state->authenticated_ed25519 = 1; + ed_identity_received = + &chan->conn->handshake_state->certs->ed_id_sign->signing_key; + memcpy(&chan->conn->handshake_state->authenticated_ed25519_peer_id, + ed_identity_received, sizeof(ed25519_public_key_t)); + } /* This must exist; we checked key type when reading the cert. */ tor_assert(id_digests); - memcpy(chan->conn->handshake_state->authenticated_peer_id, + memcpy(chan->conn->handshake_state->authenticated_rsa_peer_id, id_digests->d[DIGEST_SHA1], DIGEST_LEN); channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd, chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); crypto_pk_free(identity_rcvd); + log_debug(LD_HANDSHAKE, + "Calling connection_or_init_conn_from_address for %s " + " from %s, with%s ed25519 id.", + safe_str(chan->conn->base_.address), + __func__, + ed_identity_received ? "" : "out"); + connection_or_init_conn_from_address(chan->conn, &(chan->conn->base_.addr), chan->conn->base_.port, (const char*)(chan->conn->handshake_state-> - authenticated_peer_id), + authenticated_rsa_peer_id), + ed_identity_received, 0); - log_info(LD_OR, - "Got an AUTHENTICATE cell from %s:%d: Looks good.", + log_debug(LD_HANDSHAKE, + "Got an AUTHENTICATE cell from %s:%d, type %d: Looks good.", safe_str(chan->conn->base_.address), - chan->conn->base_.port); + chan->conn->base_.port, + authtype); } + var_cell_free(expected_cell); + #undef ERR } diff --git a/src/or/channeltls.h b/src/or/channeltls.h index 8b5863a461..729e595615 100644 --- a/src/or/channeltls.h +++ b/src/or/channeltls.h @@ -29,7 +29,8 @@ struct channel_tls_s { #endif /* TOR_CHANNEL_INTERNAL_ */ channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, - const char *id_digest); + const char *id_digest, + const ed25519_public_key_t *ed_id); channel_listener_t * channel_tls_get_listener(void); channel_listener_t * channel_tls_start_listener(void); channel_t * channel_tls_handle_incoming(or_connection_t *orconn); diff --git a/src/or/circpathbias.c b/src/or/circpathbias.c index 9f93e737f7..6ee69aac1e 100644 --- a/src/or/circpathbias.c +++ b/src/or/circpathbias.c @@ -11,6 +11,14 @@ * different tor nodes, in an attempt to detect attacks where * an attacker deliberately causes circuits to fail until the client * choses a path they like. + * + * This code is currently configured in a warning-only mode, though false + * positives appear to be rare in practice. There is also support for + * disabling really bad guards, but it's quite experimental and may have bad + * anonymity effects. + * + * The information here is associated with the entry_guard_t object for + * each guard, and stored persistently in the state file. */ #include "or.h" diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index cb9c146fb7..f60a8bfa89 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -9,6 +9,20 @@ * * \brief Implements the details of building circuits (by chosing paths, * constructing/sending create/extend cells, and so on). + * + * On the client side, this module handles launching circuits. Circuit + * launches are srtarted from circuit_establish_circuit(), called from + * circuit_launch_by_extend_info()). To choose the path the circuit will + * take, onion_extend_cpath() calls into a maze of node selection functions. + * + * Once the circuit is ready to be launched, the first hop is treated as a + * special case with circuit_handle_first_hop(), since it might need to open a + * channel. As the channel opens, and later as CREATED and RELAY_EXTENDED + * cells arrive, the client will invoke circuit_send_next_onion_skin() to send + * CREATE or RELAY_EXTEND cells. + * + * On the server side, this module also handles the logic of responding to + * RELAY_EXTEND requests, using circuit_extend(). **/ #define CIRCUITBUILD_PRIVATE @@ -49,8 +63,9 @@ #include "transports.h" static channel_t * channel_connect_for_circuit(const tor_addr_t *addr, - uint16_t port, - const char *id_digest); + uint16_t port, + const char *id_digest, + const ed25519_public_key_t *ed_id); static int circuit_deliver_create_cell(circuit_t *circ, const create_cell_t *create_cell, int relayed); @@ -66,11 +81,12 @@ static int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); */ static channel_t * channel_connect_for_circuit(const tor_addr_t *addr, uint16_t port, - const char *id_digest) + const char *id_digest, + const ed25519_public_key_t *ed_id) { channel_t *chan; - chan = channel_connect(addr, port, id_digest); + chan = channel_connect(addr, port, id_digest, ed_id); if (chan) command_setup_channel(chan); return chan; @@ -540,6 +556,7 @@ circuit_handle_first_hop(origin_circuit_t *circ) firsthop->extend_info->port)); n_chan = channel_get_for_extend(firsthop->extend_info->identity_digest, + &firsthop->extend_info->ed_identity, &firsthop->extend_info->addr, &msg, &should_launch); @@ -557,7 +574,8 @@ circuit_handle_first_hop(origin_circuit_t *circ) n_chan = channel_connect_for_circuit( &firsthop->extend_info->addr, firsthop->extend_info->port, - firsthop->extend_info->identity_digest); + firsthop->extend_info->identity_digest, + &firsthop->extend_info->ed_identity); if (!n_chan) { /* connect failed, forget the whole thing */ log_info(LD_CIRC,"connect to firsthop failed. Closing."); return -END_CIRC_REASON_CONNECTFAILED; @@ -1025,6 +1043,9 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) ec.orport_ipv4.port = hop->extend_info->port; tor_addr_make_unspec(&ec.orport_ipv6.addr); memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN); + /* Set the ED25519 identity too -- it will only get included + * in the extend2 cell if we're configured to use it, though. */ + ed25519_pubkey_copy(&ec.ed_pubkey, &hop->extend_info->ed_identity); len = onion_skin_create(ec.create_cell.handshake_type, hop->extend_info, @@ -1153,6 +1174,18 @@ circuit_extend(cell_t *cell, circuit_t *circ) return -1; } + /* Fill in ed_pubkey if it was not provided and we can infer it from + * our networkstatus */ + if (ed25519_public_key_is_zero(&ec.ed_pubkey)) { + const node_t *node = node_get_by_id((const char*)ec.node_id); + const ed25519_public_key_t *node_ed_id = NULL; + if (node && + node_supports_ed25519_link_authentication(node) && + (node_ed_id = node_get_ed25519_id(node))) { + ed25519_pubkey_copy(&ec.ed_pubkey, node_ed_id); + } + } + /* Next, check if we're being asked to connect to the hop that the * extend cell came from. There isn't any reason for that, and it can * assist circular-path attacks. */ @@ -1164,7 +1197,17 @@ circuit_extend(cell_t *cell, circuit_t *circ) return -1; } + /* Check the previous hop Ed25519 ID too */ + if (! ed25519_public_key_is_zero(&ec.ed_pubkey) && + ed25519_pubkey_eq(&ec.ed_pubkey, + &TO_OR_CIRCUIT(circ)->p_chan->ed25519_identity)) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Client asked me to extend back to the previous hop " + "(by Ed25519 ID)."); + } + n_chan = channel_get_for_extend((const char*)ec.node_id, + &ec.ed_pubkey, &ec.orport_ipv4.addr, &msg, &should_launch); @@ -1176,8 +1219,9 @@ circuit_extend(cell_t *cell, circuit_t *circ) circ->n_hop = extend_info_new(NULL /*nickname*/, (const char*)ec.node_id, - NULL /*onion_key*/, - NULL /*curve25519_key*/, + &ec.ed_pubkey, + NULL, /*onion_key*/ + NULL, /*curve25519_key*/ &ec.orport_ipv4.addr, ec.orport_ipv4.port); @@ -1190,7 +1234,8 @@ circuit_extend(cell_t *cell, circuit_t *circ) /* we should try to open a connection */ n_chan = channel_connect_for_circuit(&ec.orport_ipv4.addr, ec.orport_ipv4.port, - (const char*)ec.node_id); + (const char*)ec.node_id, + &ec.ed_pubkey); if (!n_chan) { log_info(LD_CIRC,"Launching n_chan failed. Closing circuit."); circuit_mark_for_close(circ, END_CIRC_REASON_CONNECTFAILED); @@ -1492,9 +1537,9 @@ circuit_get_unhandled_ports(time_t now) * If we're returning 0, set need_uptime and need_capacity to * indicate any requirements that the unhandled ports have. */ -int -circuit_all_predicted_ports_handled(time_t now, int *need_uptime, - int *need_capacity) +MOCK_IMPL(int, +circuit_all_predicted_ports_handled, (time_t now, int *need_uptime, + int *need_capacity)) { int i, enough; uint16_t *port; @@ -2216,7 +2261,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state) * This is an incomplete fix, but is no worse than the previous behaviour, * and only applies to minimal, testing tor networks * (so it's no less secure) */ - /*XXXX++ use the using_as_guard flag to accomplish this.*/ if (options->UseEntryGuards && (!options->TestingTorNetwork || smartlist_len(nodelist_get_list()) > smartlist_len(get_entry_guards()) @@ -2341,19 +2385,23 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) /** Allocate a new extend_info object based on the various arguments. */ extend_info_t * -extend_info_new(const char *nickname, const char *digest, +extend_info_new(const char *nickname, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *curve25519_key, + const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port) { extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t)); - memcpy(info->identity_digest, digest, DIGEST_LEN); + memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN); + if (ed_id && !ed25519_public_key_is_zero(ed_id)) + memcpy(&info->ed_identity, ed_id, sizeof(ed25519_public_key_t)); if (nickname) strlcpy(info->nickname, nickname, sizeof(info->nickname)); if (onion_key) info->onion_key = crypto_pk_dup_key(onion_key); - if (curve25519_key) - memcpy(&info->curve25519_onion_key, curve25519_key, + if (ntor_key) + memcpy(&info->curve25519_onion_key, ntor_key, sizeof(curve25519_public_key_t)); tor_addr_copy(&info->addr, addr); info->port = port; @@ -2403,20 +2451,35 @@ extend_info_from_node(const node_t *node, int for_direct_connect) return NULL; } + const ed25519_public_key_t *ed_pubkey = NULL; + + /* Don't send the ed25519 pubkey unless the target node actually supports + * authenticating with it. */ + if (node_supports_ed25519_link_authentication(node)) { + log_info(LD_CIRC, "Including Ed25519 ID for %s", node_describe(node)); + ed_pubkey = node_get_ed25519_id(node); + } else if (node_get_ed25519_id(node)) { + log_info(LD_CIRC, "Not including the ed25519 ID for %s, since it won't " + " be able to authenticate it.", + node_describe(node)); + } + if (valid_addr && node->ri) return extend_info_new(node->ri->nickname, - node->identity, - node->ri->onion_pkey, - node->ri->onion_curve25519_pkey, - &ap.addr, - ap.port); + node->identity, + ed_pubkey, + node->ri->onion_pkey, + node->ri->onion_curve25519_pkey, + &ap.addr, + ap.port); else if (valid_addr && node->rs && node->md) return extend_info_new(node->rs->nickname, - node->identity, - node->md->onion_pkey, - node->md->onion_curve25519_pkey, - &ap.addr, - ap.port); + node->identity, + ed_pubkey, + node->md->onion_pkey, + node->md->onion_curve25519_pkey, + &ap.addr, + ap.port); else return NULL; } diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index 1244601f71..54d14bbc7f 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -40,15 +40,18 @@ int onionskin_answer(or_circuit_t *circ, const struct created_cell_t *created_cell, const char *keys, const uint8_t *rend_circ_nonce); -int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, - int *need_capacity); +MOCK_DECL(int, circuit_all_predicted_ports_handled, (time_t now, + int *need_uptime, + int *need_capacity)); int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info); int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); -extend_info_t *extend_info_new(const char *nickname, const char *digest, +extend_info_t *extend_info_new(const char *nickname, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *curve25519_key, + const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_dup(extend_info_t *info); diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 2b3c4169cb..dee103e36a 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -7,7 +7,48 @@ /** * \file circuitlist.c * - * \brief Manage the global circuit list, and looking up circuits within it. + * \brief Manage global structures that list and index circuits, and + * look up circuits within them. + * + * One of the most frequent operations in Tor occurs every time that + * a relay cell arrives on a channel. When that happens, we need to + * find which circuit it is associated with, based on the channel and the + * circuit ID in the relay cell. + * + * To handle that, we maintain a global list of circuits, and a hashtable + * mapping [channel,circID] pairs to circuits. Circuits are added to and + * removed from this mapping using circuit_set_p_circid_chan() and + * circuit_set_n_circid_chan(). To look up a circuit from this map, most + * callers should use circuit_get_by_circid_channel(), though + * circuit_get_by_circid_channel_even_if_marked() is appropriate under some + * circumstances. + * + * We also need to allow for the possibility that we have blocked use of a + * circuit ID (because we are waiting to send a DESTROY cell), but the + * circuit is not there any more. For that case, we allow placeholder + * entries in the table, using channel_mark_circid_unusable(). + * + * To efficiently handle a channel that has just opened, we also maintain a + * list of the circuits waiting for channels, so we can attach them as + * needed without iterating through the whole list of circuits, using + * circuit_get_all_pending_on_channel(). + * + * In this module, we also handle the list of circuits that have been + * marked for close elsewhere, and close them as needed. (We use this + * "mark now, close later" pattern here and elsewhere to avoid + * unpredictable recursion if we closed every circuit immediately upon + * realizing it needed to close.) See circuit_mark_for_close() for the + * mark function, and circuit_close_all_marked() for the close function. + * + * For hidden services, we need to be able to look up introduction point + * circuits and rendezvous circuits by cookie, key, etc. These are + * currently handled with linear searches in + * circuit_get_ready_rend_circuit_by_rend_data(), + * circuit_get_next_by_pk_and_purpose(), and with hash lookups in + * circuit_get_rendezvous() and circuit_get_intro_point(). + * + * This module is also the entry point for our out-of-memory handler + * logic, which was originally circuit-focused. **/ #define CIRCUITLIST_PRIVATE #include "or.h" @@ -23,6 +64,7 @@ #include "connection_or.h" #include "control.h" #include "main.h" +#include "hs_common.h" #include "networkstatus.h" #include "nodelist.h" #include "onion.h" @@ -1311,9 +1353,11 @@ circuit_get_ready_rend_circ_by_rend_data(const rend_data_t *rend_data) if (!circ->marked_for_close && circ->purpose == CIRCUIT_PURPOSE_C_REND_READY) { origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ); - if (ocirc->rend_data && - !rend_cmp_service_ids(rend_data->onion_address, - ocirc->rend_data->onion_address) && + if (ocirc->rend_data == NULL) { + continue; + } + if (!rend_cmp_service_ids(rend_data_get_address(rend_data), + rend_data_get_address(ocirc->rend_data)) && tor_memeq(ocirc->rend_data->rend_cookie, rend_data->rend_cookie, REND_COOKIE_LEN)) @@ -1325,13 +1369,14 @@ circuit_get_ready_rend_circ_by_rend_data(const rend_data_t *rend_data) } /** Return the first circuit originating here in global_circuitlist after - * <b>start</b> whose purpose is <b>purpose</b>, and where - * <b>digest</b> (if set) matches the rend_pk_digest field. Return NULL if no - * circuit is found. If <b>start</b> is NULL, begin at the start of the list. + * <b>start</b> whose purpose is <b>purpose</b>, and where <b>digest</b> (if + * set) matches the private key digest of the rend data associated with the + * circuit. Return NULL if no circuit is found. If <b>start</b> is NULL, + * begin at the start of the list. */ origin_circuit_t * circuit_get_next_by_pk_and_purpose(origin_circuit_t *start, - const char *digest, uint8_t purpose) + const uint8_t *digest, uint8_t purpose) { int idx; smartlist_t *lst = circuit_get_global_list(); @@ -1343,17 +1388,23 @@ circuit_get_next_by_pk_and_purpose(origin_circuit_t *start, for ( ; idx < smartlist_len(lst); ++idx) { circuit_t *circ = smartlist_get(lst, idx); + origin_circuit_t *ocirc; if (circ->marked_for_close) continue; if (circ->purpose != purpose) continue; + /* At this point we should be able to get a valid origin circuit because + * the origin purpose we are looking for matches this circuit. */ + if (BUG(!CIRCUIT_PURPOSE_IS_ORIGIN(circ->purpose))) { + break; + } + ocirc = TO_ORIGIN_CIRCUIT(circ); if (!digest) - return TO_ORIGIN_CIRCUIT(circ); - else if (TO_ORIGIN_CIRCUIT(circ)->rend_data && - tor_memeq(TO_ORIGIN_CIRCUIT(circ)->rend_data->rend_pk_digest, - digest, DIGEST_LEN)) - return TO_ORIGIN_CIRCUIT(circ); + return ocirc; + if (rend_circuit_pk_digest_eq(ocirc, digest)) { + return ocirc; + } } return NULL; } @@ -1539,6 +1590,14 @@ circuit_set_intro_point_digest(or_circuit_t *circ, const uint8_t *digest) * cannibalize. * * If !CIRCLAUNCH_NEED_UPTIME, prefer returning non-uptime circuits. + * + * To "cannibalize" a circuit means to extend it an extra hop, and use it + * for some other purpose than we had originally intended. We do this when + * we want to perform some low-bandwidth task at a specific relay, and we + * would like the circuit to complete as soon as possible. (If we were going + * to use a lot of bandwidth, we wouldn't want a circuit with an extra hop. + * If we didn't care about circuit completion latency, we would just build + * a new circuit.) */ origin_circuit_t * circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info, @@ -1833,7 +1892,7 @@ circuit_about_to_free(circuit_t *circ) if (orig_reason != END_CIRC_REASON_IP_NOW_REDUNDANT) { /* treat this like getting a nack from it */ log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). %s", - safe_str_client(ocirc->rend_data->onion_address), + safe_str_client(rend_data_get_address(ocirc->rend_data)), safe_str_client(build_state_get_exit_nickname(ocirc->build_state)), timed_out ? "Recording timeout." : "Removing from descriptor."); rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit, @@ -1850,7 +1909,7 @@ circuit_about_to_free(circuit_t *circ) log_info(LD_REND, "Failed intro circ %s to %s " "(building circuit to intro point). " "Marking intro point as possibly unreachable.", - safe_str_client(ocirc->rend_data->onion_address), + safe_str_client(rend_data_get_address(ocirc->rend_data)), safe_str_client(build_state_get_exit_nickname( ocirc->build_state))); rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit, diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h index 2707b426ab..989c02afd5 100644 --- a/src/or/circuitlist.h +++ b/src/or/circuitlist.h @@ -45,7 +45,7 @@ origin_circuit_t *circuit_get_by_global_id(uint32_t id); origin_circuit_t *circuit_get_ready_rend_circ_by_rend_data( const rend_data_t *rend_data); origin_circuit_t *circuit_get_next_by_pk_and_purpose(origin_circuit_t *start, - const char *digest, uint8_t purpose); + const uint8_t *digest, uint8_t purpose); or_circuit_t *circuit_get_rendezvous(const uint8_t *cookie); or_circuit_t *circuit_get_intro_point(const uint8_t *digest); void circuit_set_rendezvous_cookie(or_circuit_t *circ, const uint8_t *cookie); diff --git a/src/or/circuitmux_ewma.c b/src/or/circuitmux_ewma.c index 5c2ebde73b..0219459cdb 100644 --- a/src/or/circuitmux_ewma.c +++ b/src/or/circuitmux_ewma.c @@ -500,7 +500,7 @@ ewma_cmp_cmux(circuitmux_t *cmux_1, circuitmux_policy_data_t *pol_data_1, tor_assert(pol_data_2); p1 = TO_EWMA_POL_DATA(pol_data_1); - p2 = TO_EWMA_POL_DATA(pol_data_1); + p2 = TO_EWMA_POL_DATA(pol_data_2); if (p1 != p2) { /* Get the head cell_ewma_t from each queue */ diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 84574cd5b9..04c5af92e8 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -6,7 +6,25 @@ /** * \file circuituse.c - * \brief Launch the right sort of circuits and attach streams to them. + * \brief Launch the right sort of circuits and attach the right streams to + * them. + * + * As distinct from circuitlist.c, which manages lookups to find circuits, and + * circuitbuild.c, which handles the logistics of circuit construction, this + * module keeps track of which streams can be attached to which circuits (in + * circuit_get_best()), and attaches streams to circuits (with + * circuit_try_attaching_streams(), connection_ap_handshake_attach_circuit(), + * and connection_ap_handshake_attach_chosen_circuit() ). + * + * This module also makes sure that we are building circuits for all of the + * predicted ports, using circuit_remove_handled_ports(), + * circuit_stream_is_being_handled(), and circuit_build_needed_cirs(). It + * handles launching circuits for specific targets using + * circuit_launch_by_extend_info(). + * + * This is also where we handle expiring circuits that have been around for + * too long without actually completing, along with the circuit_build_timeout + * logic in circuitstats.c. **/ #include "or.h" @@ -22,6 +40,7 @@ #include "connection_edge.h" #include "control.h" #include "entrynodes.h" +#include "hs_common.h" #include "nodelist.h" #include "networkstatus.h" #include "policies.h" @@ -154,8 +173,8 @@ circuit_is_acceptable(const origin_circuit_t *origin_circ, if ((edge_conn->rend_data && !origin_circ->rend_data) || (!edge_conn->rend_data && origin_circ->rend_data) || (edge_conn->rend_data && origin_circ->rend_data && - rend_cmp_service_ids(edge_conn->rend_data->onion_address, - origin_circ->rend_data->onion_address))) { + rend_cmp_service_ids(rend_data_get_address(edge_conn->rend_data), + rend_data_get_address(origin_circ->rend_data)))) { /* this circ is not for this conn */ return 0; } @@ -1003,8 +1022,117 @@ circuit_stream_is_being_handled(entry_connection_t *conn, /** Don't keep more than this many unused open circuits around. */ #define MAX_UNUSED_OPEN_CIRCUITS 14 -/** Figure out how many circuits we have open that are clean. Make - * sure it's enough for all the upcoming behaviors we predict we'll have. +/* Return true if a circuit is available for use, meaning that it is open, + * clean, usable for new multi-hop connections, and a general purpose origin + * circuit. + * Accept any kind of circuit, return false if the above conditions are not + * met. */ +STATIC int +circuit_is_available_for_use(const circuit_t *circ) +{ + const origin_circuit_t *origin_circ; + cpath_build_state_t *build_state; + + if (!CIRCUIT_IS_ORIGIN(circ)) + return 0; /* We first filter out only origin circuits before doing the + following checks. */ + if (circ->marked_for_close) + return 0; /* Don't mess with marked circs */ + if (circ->timestamp_dirty) + return 0; /* Only count clean circs */ + if (circ->purpose != CIRCUIT_PURPOSE_C_GENERAL) + return 0; /* We only pay attention to general purpose circuits. + General purpose circuits are always origin circuits. */ + + origin_circ = CONST_TO_ORIGIN_CIRCUIT(circ); + if (origin_circ->unusable_for_new_conns) + return 0; + + build_state = origin_circ->build_state; + if (build_state->onehop_tunnel) + return 0; + + return 1; +} + +/* Return true if we need any more exit circuits. + * needs_uptime and needs_capacity are set only if we need more exit circuits. + * Check if we know of a port that's been requested recently and no circuit + * is currently available that can handle it. */ +STATIC int +needs_exit_circuits(time_t now, int *needs_uptime, int *needs_capacity) +{ + return (!circuit_all_predicted_ports_handled(now, needs_uptime, + needs_capacity) && + router_have_consensus_path() == CONSENSUS_PATH_EXIT); +} + +/* Hidden services need at least this many internal circuits */ +#define SUFFICIENT_UPTIME_INTERNAL_HS_SERVERS 3 + +/* Return true if we need any more hidden service server circuits. + * HS servers only need an internal circuit. */ +STATIC int +needs_hs_server_circuits(int num_uptime_internal) +{ + return (num_rend_services() && + num_uptime_internal < SUFFICIENT_UPTIME_INTERNAL_HS_SERVERS && + router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN); +} + +/* We need at least this many internal circuits for hidden service clients */ +#define SUFFICIENT_INTERNAL_HS_CLIENTS 3 + +/* We need at least this much uptime for internal circuits for hidden service + * clients */ +#define SUFFICIENT_UPTIME_INTERNAL_HS_CLIENTS 2 + +/* Return true if we need any more hidden service client circuits. + * HS clients only need an internal circuit. */ +STATIC int +needs_hs_client_circuits(time_t now, int *needs_uptime, int *needs_capacity, + int num_internal, int num_uptime_internal) +{ + int used_internal_recently = rep_hist_get_predicted_internal(now, + needs_uptime, + needs_capacity); + int requires_uptime = num_uptime_internal < + SUFFICIENT_UPTIME_INTERNAL_HS_CLIENTS && + needs_uptime; + + return (used_internal_recently && + (requires_uptime || num_internal < SUFFICIENT_INTERNAL_HS_CLIENTS) && + router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN); +} + +/* The minimum number of open slots we should keep in order to preemptively + * build circuits. */ +#define CBT_MIN_REMAINING_PREEMPTIVE_CIRCUITS 2 + +/* Check to see if we need more circuits to have a good build timeout. However, + * leave a couple slots open so that we can still build circuits preemptively + * as needed. */ +#define CBT_MAX_UNUSED_OPEN_CIRCUITS (MAX_UNUSED_OPEN_CIRCUITS - \ + CBT_MIN_REMAINING_PREEMPTIVE_CIRCUITS) + +/* Return true if we need more circuits for a good build timeout. + * XXXX make the assumption that build timeout streams should be + * created whenever we can build internal circuits. */ +STATIC int +needs_circuits_for_build(int num) +{ + if (router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) { + if (num < CBT_MAX_UNUSED_OPEN_CIRCUITS && + !circuit_build_times_disabled() && + circuit_build_times_needs_circuits_now(get_circuit_build_times())) { + return 1; + } + } + return 0; +} + +/** Determine how many circuits we have open that are clean, + * Make sure it's enough for all the upcoming behaviors we predict we'll have. * But put an upper bound on the total number of circuits. */ static void @@ -1016,25 +1144,14 @@ circuit_predict_and_launch_new(void) time_t now = time(NULL); int flags = 0; - /* First, count how many of each type of circuit we have already. */ + /* Count how many of each type of circuit we currently have. */ SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) { - cpath_build_state_t *build_state; - origin_circuit_t *origin_circ; - if (!CIRCUIT_IS_ORIGIN(circ)) - continue; - if (circ->marked_for_close) - continue; /* don't mess with marked circs */ - if (circ->timestamp_dirty) - continue; /* only count clean circs */ - if (circ->purpose != CIRCUIT_PURPOSE_C_GENERAL) - continue; /* only pay attention to general-purpose circs */ - origin_circ = TO_ORIGIN_CIRCUIT(circ); - if (origin_circ->unusable_for_new_conns) - continue; - build_state = origin_circ->build_state; - if (build_state->onehop_tunnel) + if (!circuit_is_available_for_use(circ)) continue; + num++; + + cpath_build_state_t *build_state = TO_ORIGIN_CIRCUIT(circ)->build_state; if (build_state->is_internal) num_internal++; if (build_state->need_uptime && build_state->is_internal) @@ -1044,19 +1161,14 @@ circuit_predict_and_launch_new(void) /* If that's enough, then stop now. */ if (num >= MAX_UNUSED_OPEN_CIRCUITS) - return; /* we already have many, making more probably will hurt */ - - /* Second, see if we need any more exit circuits. */ - /* check if we know of a port that's been requested recently - * and no circuit is currently available that can handle it. - * Exits (obviously) require an exit circuit. */ - if (!circuit_all_predicted_ports_handled(now, &port_needs_uptime, - &port_needs_capacity) - && router_have_consensus_path() == CONSENSUS_PATH_EXIT) { + return; + + if (needs_exit_circuits(now, &port_needs_uptime, &port_needs_capacity)) { if (port_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME; if (port_needs_capacity) flags |= CIRCLAUNCH_NEED_CAPACITY; + log_info(LD_CIRC, "Have %d clean circs (%d internal), need another exit circ.", num, num_internal); @@ -1064,12 +1176,10 @@ circuit_predict_and_launch_new(void) return; } - /* Third, see if we need any more hidden service (server) circuits. - * HS servers only need an internal circuit. */ - if (num_rend_services() && num_uptime_internal < 3 - && router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) { + if (needs_hs_server_circuits(num_uptime_internal)) { flags = (CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_NEED_UPTIME | CIRCLAUNCH_IS_INTERNAL); + log_info(LD_CIRC, "Have %d clean circs (%d internal), need another internal " "circ for my hidden service.", @@ -1078,18 +1188,16 @@ circuit_predict_and_launch_new(void) return; } - /* Fourth, see if we need any more hidden service (client) circuits. - * HS clients only need an internal circuit. */ - if (rep_hist_get_predicted_internal(now, &hidserv_needs_uptime, - &hidserv_needs_capacity) && - ((num_uptime_internal<2 && hidserv_needs_uptime) || - num_internal<3) - && router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) { + if (needs_hs_client_circuits(now, &hidserv_needs_uptime, + &hidserv_needs_capacity, + num_internal, num_uptime_internal)) + { if (hidserv_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME; if (hidserv_needs_capacity) flags |= CIRCLAUNCH_NEED_CAPACITY; flags |= CIRCLAUNCH_IS_INTERNAL; + log_info(LD_CIRC, "Have %d clean circs (%d uptime-internal, %d internal), need" " another hidden service circ.", @@ -1098,26 +1206,17 @@ circuit_predict_and_launch_new(void) return; } - /* Finally, check to see if we still need more circuits to learn - * a good build timeout. But if we're close to our max number we - * want, don't do another -- we want to leave a few slots open so - * we can still build circuits preemptively as needed. - * XXXX make the assumption that build timeout streams should be - * created whenever we can build internal circuits. */ - if (router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) { - if (num < MAX_UNUSED_OPEN_CIRCUITS-2 && - ! circuit_build_times_disabled() && - circuit_build_times_needs_circuits_now(get_circuit_build_times())) { - flags = CIRCLAUNCH_NEED_CAPACITY; - /* if there are no exits in the consensus, make timeout - * circuits internal */ - if (router_have_consensus_path() == CONSENSUS_PATH_INTERNAL) - flags |= CIRCLAUNCH_IS_INTERNAL; + if (needs_circuits_for_build(num)) { + flags = CIRCLAUNCH_NEED_CAPACITY; + /* if there are no exits in the consensus, make timeout + * circuits internal */ + if (router_have_consensus_path() == CONSENSUS_PATH_INTERNAL) + flags |= CIRCLAUNCH_IS_INTERNAL; + log_info(LD_CIRC, "Have %d clean circs need another buildtime test circ.", num); circuit_launch(CIRCUIT_PURPOSE_C_GENERAL, flags); return; - } } } @@ -1874,16 +1973,22 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, c->state, conn_state_to_string(c->type, c->state)); } tor_assert(ENTRY_TO_CONN(conn)->state == AP_CONN_STATE_CIRCUIT_WAIT); + + /* Will the exit policy of the exit node apply to this stream? */ check_exit_policy = conn->socks_request->command == SOCKS_COMMAND_CONNECT && !conn->use_begindir && !connection_edge_is_rendezvous_stream(ENTRY_TO_EDGE_CONN(conn)); + + /* Does this connection want a one-hop circuit? */ want_onehop = conn->want_onehop; + /* Do we need a high-uptime circuit? */ need_uptime = !conn->want_onehop && !conn->use_begindir && smartlist_contains_int_as_string(options->LongLivedPorts, conn->socks_request->port); + /* Do we need an "internal" circuit? */ if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL) need_internal = 1; else if (conn->use_begindir || conn->want_onehop) @@ -1891,21 +1996,31 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, else need_internal = 0; - circ = circuit_get_best(conn, 1, desired_circuit_purpose, + /* We now know what kind of circuit we need. See if there is an + * open circuit that we can use for this stream */ + circ = circuit_get_best(conn, 1 /* Insist on open circuits */, + desired_circuit_purpose, need_uptime, need_internal); if (circ) { + /* We got a circuit that will work for this stream! We can return it. */ *circp = circ; return 1; /* we're happy */ } + /* Okay, there's no circuit open that will work for this stream. Let's + * see if there's an in-progress circuit or if we have to launch one */ + + /* Do we know enough directory info to build circuits at all? */ int have_path = have_enough_path_info(!need_internal); if (!want_onehop && (!router_have_minimum_dir_info() || !have_path)) { + /* If we don't have enough directory information, we can't build + * multihop circuits. + */ if (!connection_get_by_type(CONN_TYPE_DIR)) { int severity = LOG_NOTICE; - /* FFFF if this is a tunneled directory fetch, don't yell - * as loudly. the user doesn't even know it's happening. */ + /* Retry some stuff that might help the connection work. */ if (entry_list_is_constrained(options) && entries_known_but_down(options)) { log_fn(severity, LD_APP|LD_DIR, @@ -1926,14 +2041,16 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, routerlist_retry_directory_downloads(time(NULL)); } } - /* the stream will be dealt with when router_have_minimum_dir_info becomes - * 1, or when all directory attempts fail and directory_all_unreachable() + /* Since we didn't have enough directory info, we can't attach now. The + * stream will be dealt with when router_have_minimum_dir_info becomes 1, + * or when all directory attempts fail and directory_all_unreachable() * kills it. */ return 0; } - /* Do we need to check exit policy? */ + /* Check whether the exit policy of the chosen exit, or the exit policies + * of _all_ nodes, would forbid this node. */ if (check_exit_policy) { if (!conn->chosen_exit_name) { struct in_addr in; @@ -1974,16 +2091,25 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, } } - /* is one already on the way? */ - circ = circuit_get_best(conn, 0, desired_circuit_purpose, + /* Now, check whether there already a circuit on the way that could handle + * this stream. This check matches the one above, but this time we + * do not require that the circuit will work. */ + circ = circuit_get_best(conn, 0 /* don't insist on open circuits */, + desired_circuit_purpose, need_uptime, need_internal); if (circ) log_debug(LD_CIRC, "one on the way!"); + if (!circ) { + /* No open or in-progress circuit could handle this stream! We + * will have to launch one! + */ + + /* THe chosen exit node, if there is one. */ extend_info_t *extend_info=NULL; - uint8_t new_circ_purpose; const int n_pending = count_pending_general_client_circuits(); + /* Do we have too many pending circuits? */ if (n_pending >= options->MaxClientCircuitsPending) { static ratelim_t delay_limit = RATELIM_INIT(10*60); char *m; @@ -1997,6 +2123,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, return 0; } + /* If this is a hidden service trying to start an introduction point, + * handle that case. */ if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) { /* need to pick an intro point */ rend_data_t *rend_data = ENTRY_TO_EDGE_CONN(conn)->rend_data; @@ -2005,7 +2133,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, if (!extend_info) { log_info(LD_REND, "No intro points for '%s': re-fetching service descriptor.", - safe_str_client(rend_data->onion_address)); + safe_str_client(rend_data_get_address(rend_data))); rend_client_refetch_v2_renddesc(rend_data); connection_ap_mark_as_non_pending_circuit(conn); ENTRY_TO_CONN(conn)->state = AP_CONN_STATE_RENDDESC_WAIT; @@ -2013,7 +2141,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, } log_info(LD_REND,"Chose %s as intro point for '%s'.", extend_info_describe(extend_info), - safe_str_client(rend_data->onion_address)); + safe_str_client(rend_data_get_address(rend_data))); } /* If we have specified a particular exit node for our @@ -2034,12 +2162,16 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, "Discarding this circuit.", conn->chosen_exit_name); return -1; } - } else { + } else { /* ! (r && node_has_descriptor(r)) */ log_debug(LD_DIR, "considering %d, %s", want_onehop, conn->chosen_exit_name); if (want_onehop && conn->chosen_exit_name[0] == '$') { /* We're asking for a one-hop circuit to a router that * we don't have a routerinfo about. Make up an extend_info. */ + /* XXX prop220: we need to make chosen_exit_name able to + * encode both key formats. This is not absolutely critical + * since this is just for one-hop circuits, but we should + * still get it done */ char digest[DIGEST_LEN]; char *hexdigest = conn->chosen_exit_name+1; tor_addr_t addr; @@ -2054,10 +2186,13 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, escaped_safe_str_client(conn->socks_request->address)); return -1; } + /* XXXX prop220 add a workaround for ed25519 ID below*/ extend_info = extend_info_new(conn->chosen_exit_name+1, - digest, NULL, NULL, &addr, - conn->socks_request->port); - } else { + digest, + NULL, /* Ed25519 ID */ + NULL, NULL, /* onion keys */ + &addr, conn->socks_request->port); + } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */ /* We will need an onion key for the router, and we * don't have one. Refuse or relax requirements. */ log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP, @@ -2075,8 +2210,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, } } } - } + } /* Done checking for general circutis with chosen exits. */ + /* What purpose do we need to launch this circuit with? */ + uint8_t new_circ_purpose; if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_REND_JOINED) new_circ_purpose = CIRCUIT_PURPOSE_C_ESTABLISH_REND; else if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) @@ -2085,6 +2222,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, new_circ_purpose = desired_circuit_purpose; #ifdef ENABLE_TOR2WEB_MODE + /* If tor2Web is on, then hidden service requests should be one-hop. + */ if (options->Tor2webMode && (new_circ_purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND || new_circ_purpose == CIRCUIT_PURPOSE_C_INTRODUCING)) { @@ -2092,6 +2231,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, } #endif + /* Determine what kind of a circuit to launch, and actually launch it. */ { int flags = CIRCLAUNCH_NEED_CAPACITY; if (want_onehop) flags |= CIRCLAUNCH_ONEHOP_TUNNEL; @@ -2103,6 +2243,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, extend_info_free(extend_info); + /* Now trigger things that need to happen when we launch circuits */ + if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_GENERAL) { /* We just caused a circuit to get built because of this stream. * If this stream has caused a _lot_ of circuits to be built, that's @@ -2126,6 +2268,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, } } } /* endif (!circ) */ + + /* We either found a good circuit, or launched a new circuit, or failed to + * do so. Report success, and delay. */ + if (circ) { /* Mark the circuit with the isolation fields for this connection. * When the circuit arrives, we'll clear these flags: this is @@ -2325,7 +2471,9 @@ connection_ap_handshake_attach_chosen_circuit(entry_connection_t *conn, pathbias_count_use_attempt(circ); + /* Now, actually link the connection. */ link_apconn_to_circ(conn, circ, cpath); + tor_assert(conn->socks_request); if (conn->socks_request->command == SOCKS_COMMAND_CONNECT) { if (!conn->use_begindir) @@ -2340,12 +2488,11 @@ connection_ap_handshake_attach_chosen_circuit(entry_connection_t *conn, return 1; } -/** Try to find a safe live circuit for CONN_TYPE_AP connection conn. If - * we don't find one: if conn cannot be handled by any known nodes, - * warn and return -1 (conn needs to die, and is maybe already marked); - * else launch new circuit (if necessary) and return 0. - * Otherwise, associate conn with a safe live circuit, do the - * right next step, and return 1. +/** Try to find a safe live circuit for stream <b>conn</b>. If we find one, + * attach the stream, send appropriate cells, and return 1. Otherwise, + * try to launch new circuit(s) for the stream. If we can launch + * circuits, return 0. Otherwise, if we simply can't proceed with + * this stream, return -1. (conn needs to die, and is maybe already marked). */ /* XXXX this function should mark for close whenever it returns -1; * its callers shouldn't have to worry about that. */ @@ -2364,6 +2511,7 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) conn_age = (int)(time(NULL) - base_conn->timestamp_created); + /* Is this connection so old that we should give up on it? */ if (conn_age >= get_options()->SocksTimeout) { int severity = (tor_addr_is_null(&base_conn->addr) && !base_conn->port) ? LOG_INFO : LOG_NOTICE; @@ -2374,12 +2522,14 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) return -1; } + /* We handle "general" (non-onion) connections much more straightforwardly. + */ if (!connection_edge_is_rendezvous_stream(ENTRY_TO_EDGE_CONN(conn))) { /* we're a general conn */ origin_circuit_t *circ=NULL; /* Are we linked to a dir conn that aims to fetch a consensus? - * We check here because this conn might no longer be needed. */ + * We check here because the conn might no longer be needed. */ if (base_conn->linked_conn && base_conn->linked_conn->type == CONN_TYPE_DIR && base_conn->linked_conn->purpose == DIR_PURPOSE_FETCH_CONSENSUS) { @@ -2397,6 +2547,9 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) } } + /* If we have a chosen exit, we need to use a circuit that's + * open to that exit. See what exit we meant, and whether we can use it. + */ if (conn->chosen_exit_name) { const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 1); int opt = conn->chosen_exit_optional; @@ -2410,6 +2563,7 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) "Requested exit point '%s' is not known. %s.", conn->chosen_exit_name, opt ? "Trying others" : "Closing"); if (opt) { + /* If we are allowed to ignore the .exit request, do so */ conn->chosen_exit_optional = 0; tor_free(conn->chosen_exit_name); return 0; @@ -2422,6 +2576,7 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) "would refuse request. %s.", conn->chosen_exit_name, opt ? "Trying others" : "Closing"); if (opt) { + /* If we are allowed to ignore the .exit request, do so */ conn->chosen_exit_optional = 0; tor_free(conn->chosen_exit_name); return 0; @@ -2430,11 +2585,15 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) } } - /* find the circuit that we should use, if there is one. */ + /* Find the circuit that we should use, if there is one. Otherwise + * launch it. */ retval = circuit_get_open_circ_or_launch( conn, CIRCUIT_PURPOSE_C_GENERAL, &circ); - if (retval < 1) // XXXX++ if we totally fail, this still returns 0 -RD + if (retval < 1) { + /* We were either told "-1" (complete failure) or 0 (circuit in + * progress); we can't attach this stream yet. */ return retval; + } log_debug(LD_APP|LD_CIRC, "Attaching apconn to circ %u (stream %d sec old).", @@ -2443,7 +2602,8 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn) * sucking. */ circuit_log_path(LOG_INFO,LD_APP|LD_CIRC,circ); - /* We have found a suitable circuit for our conn. Hurray. */ + /* We have found a suitable circuit for our conn. Hurray. Do + * the attachment. */ return connection_ap_handshake_attach_chosen_circuit(conn, circ, NULL); } else { /* we're a rendezvous conn */ diff --git a/src/or/circuituse.h b/src/or/circuituse.h index 5973978c45..d484be1986 100644 --- a/src/or/circuituse.h +++ b/src/or/circuituse.h @@ -59,5 +59,25 @@ int hostname_in_track_host_exits(const or_options_t *options, const char *address); void mark_circuit_unusable_for_new_conns(origin_circuit_t *circ); +#ifdef TOR_UNIT_TESTS +/* Used only by circuituse.c and test_circuituse.c */ + +STATIC int circuit_is_available_for_use(const circuit_t *circ); + +STATIC int needs_exit_circuits(time_t now, + int *port_needs_uptime, + int *port_needs_capacity); +STATIC int needs_hs_server_circuits(int num_uptime_internal); + +STATIC int needs_hs_client_circuits(time_t now, + int *needs_uptime, + int *needs_capacity, + int num_internal, + int num_uptime_internal); + +STATIC int needs_circuits_for_build(int num); + +#endif + #endif diff --git a/src/or/config.c b/src/or/config.c index 3693cdf83c..6948bdbdb4 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6,7 +6,56 @@ /** * \file config.c - * \brief Code to parse and interpret configuration files. + * \brief Code to interpret the user's configuration of Tor. + * + * This module handles torrc configuration file, including parsing it, + * combining it with torrc.defaults and the command line, allowing + * user changes to it (via editing and SIGHUP or via the control port), + * writing it back to disk (because of SAVECONF from the control port), + * and -- most importantly, acting on it. + * + * The module additionally has some tools for manipulating and + * inspecting values that are calculated as a result of the + * configured options. + * + * <h3>How to add new options</h3> + * + * To add new items to the torrc, there are a minimum of three places to edit: + * <ul> + * <li>The or_options_t structure in or.h, where the options are stored. + * <li>The option_vars_ array below in this module, which configures + * the names of the torrc options, their types, their multiplicities, + * and their mappings to fields in or_options_t. + * <li>The manual in doc/tor.1.txt, to document what the new option + * is, and how it works. + * </ul> + * + * Additionally, you might need to edit these places too: + * <ul> + * <li>options_validate() below, in case you want to reject some possible + * values of the new configuration option. + * <li>options_transition_allowed() below, in case you need to + * forbid some or all changes in the option while Tor is + * running. + * <li>options_transition_affects_workers(), in case changes in the option + * might require Tor to relaunch or reconfigure its worker threads. + * <li>options_transition_affects_descriptor(), in case changes in the + * option might require a Tor relay to build and publish a new server + * descriptor. + * <li>options_act() and/or options_act_reversible(), in case there's some + * action that needs to be taken immediately based on the option's + * value. + * </ul> + * + * <h3>Changing the value of an option</h3> + * + * Because of the SAVECONF command from the control port, it's a bad + * idea to change the value of any user-configured option in the + * or_options_t. If you want to sometimes do this anyway, we recommend + * that you create a secondary field in or_options_t; that you have the + * user option linked only to the secondary field; that you use the + * secondary field to initialize the one that Tor actually looks at; and that + * you use the one Tor looks as the one that you modify. **/ #define CONFIG_PRIVATE @@ -256,6 +305,7 @@ static config_var_t option_vars_[] = { V(ExtORPortCookieAuthFile, STRING, NULL), V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), + V(ExtendByEd25519ID, AUTOBOOL, "auto"), V(FallbackDir, LINELIST, NULL), V(UseDefaultFallbackDirs, BOOL, "1"), @@ -448,6 +498,7 @@ static config_var_t option_vars_[] = { V(User, STRING, NULL), OBSOLETE("UserspaceIOCPBuffers"), V(AuthDirSharedRandomness, BOOL, "1"), + V(AuthDirTestEd25519LinkKeys, BOOL, "1"), OBSOLETE("V1AuthoritativeDirectory"), OBSOLETE("V2AuthoritativeDirectory"), VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir, "0"), @@ -781,7 +832,7 @@ set_options(or_options_t *new_val, char **msg) tor_free(line); } } else { - smartlist_add(elements, tor_strdup(options_format.vars[i].name)); + smartlist_add_strdup(elements, options_format.vars[i].name); smartlist_add(elements, NULL); } } @@ -5301,7 +5352,7 @@ options_init_logs(const or_options_t *old_options, or_options_t *options, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2); if (smartlist_len(elts) == 0) - smartlist_add(elts, tor_strdup("stdout")); + smartlist_add_strdup(elts, "stdout"); if (smartlist_len(elts) == 1 && (!strcasecmp(smartlist_get(elts,0), "stdout") || @@ -5836,7 +5887,7 @@ get_options_from_transport_options_line(const char *line,const char *transport) } /* add it to the options smartlist */ - smartlist_add(options, tor_strdup(option)); + smartlist_add_strdup(options, option); log_debug(LD_CONFIG, "Added %s to the list of options", escaped(option)); } SMARTLIST_FOREACH_END(option); diff --git a/src/or/confparse.c b/src/or/confparse.c index efcf4f981e..1706fa85e2 100644 --- a/src/or/confparse.c +++ b/src/or/confparse.c @@ -1,3 +1,4 @@ + /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. @@ -9,6 +10,16 @@ * * \brief Back-end for parsing and generating key-value files, used to * implement the torrc file format and the state file. + * + * This module is used by config.c to parse and encode torrc + * configuration files, and by statefile.c to parse and encode the + * $DATADIR/state file. + * + * To use this module, its callers provide an instance of + * config_format_t to describe the mappings from a set of configuration + * options to a number of fields in a C structure. With this mapping, + * the functions here can convert back and forth between the C structure + * specified, and a linked list of key-value pairs. */ #include "or.h" @@ -1213,6 +1224,8 @@ static struct unit_table_t memory_units[] = { { "gbits", 1<<27 }, { "gbit", 1<<27 }, { "tb", U64_LITERAL(1)<<40 }, + { "tbyte", U64_LITERAL(1)<<40 }, + { "tbytes", U64_LITERAL(1)<<40 }, { "terabyte", U64_LITERAL(1)<<40 }, { "terabytes", U64_LITERAL(1)<<40 }, { "terabits", U64_LITERAL(1)<<37 }, diff --git a/src/or/connection.c b/src/or/connection.c index d30ec46357..ac3408a72e 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -82,6 +82,7 @@ #include "ext_orport.h" #include "geoip.h" #include "main.h" +#include "hs_common.h" #include "nodelist.h" #include "policies.h" #include "reasons.h" @@ -643,7 +644,7 @@ connection_free_(connection_t *conn) if (conn->type == CONN_TYPE_OR && !tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) { log_warn(LD_BUG, "called on OR conn with non-zeroed identity_digest"); - connection_or_remove_from_identity_map(TO_OR_CONN(conn)); + connection_or_clear_identity(TO_OR_CONN(conn)); } if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) { connection_or_remove_from_ext_or_id_map(TO_OR_CONN(conn)); @@ -674,7 +675,7 @@ connection_free,(connection_t *conn)) } if (connection_speaks_cells(conn)) { if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) { - connection_or_remove_from_identity_map(TO_OR_CONN(conn)); + connection_or_clear_identity(TO_OR_CONN(conn)); } } if (conn->type == CONN_TYPE_CONTROL) { @@ -4129,12 +4130,12 @@ connection_get_by_type_state_rendquery(int type, int state, (type == CONN_TYPE_DIR && TO_DIR_CONN(conn)->rend_data && !rend_cmp_service_ids(rendquery, - TO_DIR_CONN(conn)->rend_data->onion_address)) + rend_data_get_address(TO_DIR_CONN(conn)->rend_data))) || (CONN_IS_EDGE(conn) && TO_EDGE_CONN(conn)->rend_data && !rend_cmp_service_ids(rendquery, - TO_EDGE_CONN(conn)->rend_data->onion_address)) + rend_data_get_address(TO_EDGE_CONN(conn)->rend_data))) )); } diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 3550d0e212..3874d52c23 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -75,6 +75,7 @@ #include "directory.h" #include "dirserv.h" #include "hibernate.h" +#include "hs_common.h" #include "main.h" #include "nodelist.h" #include "policies.h" @@ -830,7 +831,8 @@ connection_ap_rescan_and_attach_pending(void) #endif /** Tell any AP streams that are listed as waiting for a new circuit to try - * again, either attaching to an available circ or launching a new one. + * again. If there is an available circuit for a stream, attach it. Otherwise, + * launch a new circuit. * * If <b>retry</b> is false, only check the list if it contains at least one * streams that we have not yet tried to attach to a circuit. @@ -845,8 +847,9 @@ connection_ap_attach_pending(int retry) if (untried_pending_connections == 0 && !retry) return; - /* Don't allow modifications to pending_entry_connections while we are - * iterating over it. */ + /* Don't allow any modifications to list while we are iterating over + * it. We'll put streams back on this list if we can't attach them + * immediately. */ smartlist_t *pending = pending_entry_connections; pending_entry_connections = smartlist_new(); @@ -865,9 +868,7 @@ connection_ap_attach_pending(int retry) continue; } if (conn->state != AP_CONN_STATE_CIRCUIT_WAIT) { - // XXXX 030 -- this is downgraded in 0.2.9, since we apparently - // XXXX are running into it in practice. It's harmless. - log_info(LD_BUG, "%p is no longer in circuit_wait. Its current state " + log_warn(LD_BUG, "%p is no longer in circuit_wait. Its current state " "is %s. Why is it on pending_entry_connections?", entry_conn, conn_state_to_string(conn->type, conn->state)); @@ -875,6 +876,7 @@ connection_ap_attach_pending(int retry) continue; } + /* Okay, we're through the sanity checks. Try to handle this stream. */ if (connection_ap_handshake_attach_circuit(entry_conn) < 0) { if (!conn->marked_for_close) connection_mark_unattached_ap(entry_conn, @@ -884,12 +886,17 @@ connection_ap_attach_pending(int retry) if (! conn->marked_for_close && conn->type == CONN_TYPE_AP && conn->state == AP_CONN_STATE_CIRCUIT_WAIT) { + /* Is it still waiting for a circuit? If so, we didn't attach it, + * so it's still pending. Put it back on the list. + */ if (!smartlist_contains(pending_entry_connections, entry_conn)) { smartlist_add(pending_entry_connections, entry_conn); continue; } } + /* If we got here, then we either closed the connection, or + * we attached it. */ UNMARK(); } SMARTLIST_FOREACH_END(entry_conn); @@ -1197,6 +1204,8 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, /* Remember the original address so we can tell the user about what * they actually said, not just what it turned into. */ + /* XXX yes, this is the same as out->orig_address above. One is + * in the output, and one is in the connection. */ if (! conn->original_dest_address) { /* Is the 'if' necessary here? XXXX */ conn->original_dest_address = tor_strdup(conn->socks_request->address); @@ -1204,7 +1213,7 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, /* First, apply MapAddress and MAPADDRESS mappings. We need to do * these only for non-reverse lookups, since they don't exist for those. - * We need to do this before we consider automapping, since we might + * We also need to do this before we consider automapping, since we might * e.g. resolve irc.oftc.net into irconionaddress.onion, at which point * we'd need to automap it. */ if (socks->command != SOCKS_COMMAND_RESOLVE_PTR) { @@ -1216,9 +1225,12 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, } } - /* Now, handle automapping. Automapping happens when we're asked to - * resolve a hostname, and AutomapHostsOnResolve is set, and - * the hostname has a suffix listed in AutomapHostsSuffixes. + /* Now see if we need to create or return an existing Hostname->IP + * automapping. Automapping happens when we're asked to resolve a + * hostname, and AutomapHostsOnResolve is set, and the hostname has a + * suffix listed in AutomapHostsSuffixes. It's a handy feature + * that lets you have Tor assign e.g. IPv6 addresses for .onion + * names, and return them safely from DNSPort. */ if (socks->command == SOCKS_COMMAND_RESOLVE && tor_addr_parse(&addr_tmp, socks->address)<0 && @@ -1258,7 +1270,8 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, } /* Now handle reverse lookups, if they're in the cache. This doesn't - * happen too often, since client-side DNS caching is off by default. */ + * happen too often, since client-side DNS caching is off by default, + * and very deprecated. */ if (socks->command == SOCKS_COMMAND_RESOLVE_PTR) { unsigned rewrite_flags = 0; if (conn->entry_cfg.use_cached_ipv4_answers) @@ -1303,11 +1316,12 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, } } - /* If we didn't automap it before, then this is still the address - * that came straight from the user, mapped according to any - * MapAddress/MAPADDRESS commands. Now other mappings, including - * previously registered Automap entries, TrackHostExits entries, - * and client-side DNS cache entries (not recommended). + /* If we didn't automap it before, then this is still the address that + * came straight from the user, mapped according to any + * MapAddress/MAPADDRESS commands. Now apply other mappings, + * including previously registered Automap entries (IP back to + * hostname), TrackHostExits entries, and client-side DNS cache + * entries (if they're turned on). */ if (socks->command != SOCKS_COMMAND_RESOLVE_PTR && !out->automap) { @@ -1372,11 +1386,14 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, time_t now = time(NULL); rewrite_result_t rr; + /* First we'll do the rewrite part. Let's see if we get a reasonable + * answer. + */ memset(&rr, 0, sizeof(rr)); connection_ap_handshake_rewrite(conn,&rr); if (rr.should_close) { - /* connection_ap_handshake_rewrite told us to close the connection, + /* connection_ap_handshake_rewrite told us to close the connection: * either because it sent back an answer, or because it sent back an * error */ connection_mark_unattached_ap(conn, rr.end_reason); @@ -1390,8 +1407,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, const int automap = rr.automap; const addressmap_entry_source_t exit_source = rr.exit_source; - /* Parse the address provided by SOCKS. Modify it in-place if it - * specifies a hidden-service (.onion) or particular exit node (.exit). + /* Now, we parse the address to see if it's an .onion or .exit or + * other special address. */ const hostname_type_t addresstype = parse_extended_hostname(socks->address); @@ -1405,8 +1422,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } /* If this is a .exit hostname, strip off the .name.exit part, and - * see whether we're going to connect there, and otherwise handle it. - * (The ".exit" part got stripped off by "parse_extended_hostname"). + * see whether we're willing to connect there, and and otherwise handle the + * .exit address. * * We'll set chosen_exit_name and/or close the connection as appropriate. */ @@ -1418,7 +1435,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, const node_t *node = NULL; /* If this .exit was added by an AUTOMAP, then it came straight from - * a user. Make sure that options->AllowDotExit permits that. */ + * a user. Make sure that options->AllowDotExit permits that! */ if (exit_source == ADDRMAPSRC_AUTOMAP && !options->AllowDotExit) { /* Whoops; this one is stale. It must have gotten added earlier, * when AllowDotExit was on. */ @@ -1447,7 +1464,12 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } tor_assert(!automap); - /* Now, find the character before the .(name) part. */ + + /* Now, find the character before the .(name) part. + * (The ".exit" part got stripped off by "parse_extended_hostname"). + * + * We're going to put the exit name into conn->chosen_exit_name, and + * look up a node correspondingly. */ char *s = strrchr(socks->address,'.'); if (s) { /* The address was of the form "(stuff).(name).exit */ @@ -1503,10 +1525,12 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, implies no. */ } - /* Now, handle everything that isn't a .onion address. */ + /* Now, we handle everything that isn't a .onion address. */ if (addresstype != ONION_HOSTNAME) { /* Not a hidden-service request. It's either a hostname or an IP, - * possibly with a .exit that we stripped off. */ + * possibly with a .exit that we stripped off. We're going to check + * if we're allowed to connect/resolve there, and then launch the + * appropriate request. */ /* Check for funny characters in the address. */ if (address_is_invalid_destination(socks->address, 1)) { @@ -1553,30 +1577,37 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } /* Then check if we have a hostname or IP address, and whether DNS or - * the IP address family are permitted */ + * the IP address family are permitted. Reject if not. */ tor_addr_t dummy_addr; int socks_family = tor_addr_parse(&dummy_addr, socks->address); /* family will be -1 for a non-onion hostname that's not an IP */ - if (socks_family == -1 && !conn->entry_cfg.dns_request) { - log_warn(LD_APP, "Refusing to connect to hostname %s " - "because Port has NoDNSRequest set.", - safe_str_client(socks->address)); - connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); - return -1; - } else if (socks_family == AF_INET && !conn->entry_cfg.ipv4_traffic) { - log_warn(LD_APP, "Refusing to connect to IPv4 address %s because " - "Port has NoIPv4Traffic set.", - safe_str_client(socks->address)); - connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); - return -1; - } else if (socks_family == AF_INET6 && !conn->entry_cfg.ipv6_traffic) { - log_warn(LD_APP, "Refusing to connect to IPv6 address %s because " - "Port has NoIPv6Traffic set.", - safe_str_client(socks->address)); - connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); - return -1; + if (socks_family == -1) { + if (!conn->entry_cfg.dns_request) { + log_warn(LD_APP, "Refusing to connect to hostname %s " + "because Port has NoDNSRequest set.", + safe_str_client(socks->address)); + connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); + return -1; + } + } else if (socks_family == AF_INET) { + if (!conn->entry_cfg.ipv4_traffic) { + log_warn(LD_APP, "Refusing to connect to IPv4 address %s because " + "Port has NoIPv4Traffic set.", + safe_str_client(socks->address)); + connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); + return -1; + } + } else if (socks_family == AF_INET6) { + if (!conn->entry_cfg.ipv6_traffic) { + log_warn(LD_APP, "Refusing to connect to IPv6 address %s because " + "Port has NoIPv6Traffic set.", + safe_str_client(socks->address)); + connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); + return -1; + } + } else { + tor_assert_nonfatal_unreached_once(); } - /* No else, we've covered all possible returned value. */ /* See if this is a hostname lookup that we can answer immediately. * (For example, an attempt to look up the IP address for an IP address.) @@ -1597,7 +1628,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, tor_assert(!automap); rep_hist_note_used_resolve(now); /* help predict this next time */ } else if (socks->command == SOCKS_COMMAND_CONNECT) { - /* Special handling for attempts to connect */ + /* Now see if this is a connect request that we can reject immediately */ + tor_assert(!automap); /* Don't allow connections to port 0. */ if (socks->port == 0) { @@ -1650,7 +1682,9 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } /* end "if we should check for internal addresses" */ /* Okay. We're still doing a CONNECT, and it wasn't a private - * address. Do special handling for literal IP addresses */ + * address. Here we do special handling for literal IP addresses, + * to see if we should reject this preemptively, and to set up + * fields in conn->entry_cfg to tell the exit what AF we want. */ { tor_addr_t addr; /* XXX Duplicate call to tor_addr_parse. */ @@ -1693,11 +1727,15 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } } + /* we never allow IPv6 answers on socks4. (TODO: Is this smart?) */ if (socks->socks_version == 4) conn->entry_cfg.ipv6_traffic = 0; /* Still handling CONNECT. Now, check for exit enclaves. (Which we - * don't do on BEGINDIR, or there is a chosen exit.) + * don't do on BEGINDIR, or when there is a chosen exit.) + * + * TODO: Should we remove this? Exit enclaves are nutty and don't + * work very well */ if (!conn->use_begindir && !conn->chosen_exit_name && !circ) { /* see if we can find a suitable enclave exit */ @@ -1721,7 +1759,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, if (consider_plaintext_ports(conn, socks->port) < 0) return -1; - /* Remember the port so that we do predicted requests there. */ + /* Remember the port so that we will predict that more requests + there will happen in the future. */ if (!conn->use_begindir) { /* help predict this next time */ rep_hist_note_used_port(now, socks->port); @@ -1730,7 +1769,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, rep_hist_note_used_resolve(now); /* help predict this next time */ /* no extra processing needed */ } else { - /* We should only be doing CONNECT or RESOLVE! */ + /* We should only be doing CONNECT, RESOLVE, or RESOLVE_PTR! */ tor_fragile_assert(); } @@ -1746,6 +1785,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, if (circ) { rv = connection_ap_handshake_attach_chosen_circuit(conn, circ, cpath); } else { + /* We'll try to attach it at the next event loop, or whenever + * we call connection_ap_attach_pending() */ connection_ap_mark_as_pending_circuit(conn); rv = 0; } @@ -1819,24 +1860,26 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, if (rend_data == NULL) { return -1; } + const char *onion_address = rend_data_get_address(rend_data); log_info(LD_REND,"Got a hidden service request for ID '%s'", - safe_str_client(rend_data->onion_address)); + safe_str_client(onion_address)); - /* Lookup the given onion address. If invalid, stop right now else we - * might have it in the cache or not, it will be tested later on. */ + /* Lookup the given onion address. If invalid, stop right now. + * Otherwise, we might have it in the cache or not. */ unsigned int refetch_desc = 0; rend_cache_entry_t *entry = NULL; const int rend_cache_lookup_result = - rend_cache_lookup_entry(rend_data->onion_address, -1, &entry); + rend_cache_lookup_entry(onion_address, -1, &entry); if (rend_cache_lookup_result < 0) { switch (-rend_cache_lookup_result) { case EINVAL: /* We should already have rejected this address! */ log_warn(LD_BUG,"Invalid service name '%s'", - safe_str_client(rend_data->onion_address)); + safe_str_client(onion_address)); connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL); return -1; case ENOENT: + /* We didn't have this; we should look it up. */ refetch_desc = 1; break; default: @@ -1846,8 +1889,9 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } } - /* Help predict this next time. We're not sure if it will need - * a stable circuit yet, but we know we'll need *something*. */ + /* Help predict that we'll want to do hidden service circuits in the + * future. We're not sure if it will need a stable circuit yet, but + * we know we'll need *something*. */ rep_hist_note_used_internal(now, 0, 1); /* Now we have a descriptor but is it usable or not? If not, refetch. @@ -1857,14 +1901,17 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, connection_ap_mark_as_non_pending_circuit(conn); base_conn->state = AP_CONN_STATE_RENDDESC_WAIT; log_info(LD_REND, "Unknown descriptor %s. Fetching.", - safe_str_client(rend_data->onion_address)); + safe_str_client(onion_address)); rend_client_refetch_v2_renddesc(rend_data); return 0; } - /* We have the descriptor so launch a connection to the HS. */ + /* We have the descriptor! So launch a connection to the HS. */ base_conn->state = AP_CONN_STATE_CIRCUIT_WAIT; log_info(LD_REND, "Descriptor is here. Great."); + + /* We'll try to attach it at the next event loop, or whenever + * we call connection_ap_attach_pending() */ connection_ap_mark_as_pending_circuit(conn); return 0; } @@ -2445,7 +2492,9 @@ connection_ap_handshake_send_begin(entry_connection_t *ap_conn) * Otherwise, directory connections are typically one-hop. * This matches the earlier check for directory connection path anonymity * in directory_initiate_command_rend(). */ - if (is_sensitive_dir_purpose(linked_dir_conn_base->purpose)) { + if (purpose_needs_anonymity(linked_dir_conn_base->purpose, + TO_DIR_CONN(linked_dir_conn_base)->router_purpose, + TO_DIR_CONN(linked_dir_conn_base)->requested_resource)) { assert_circ_anonymity_ok(circ, options); } } else { diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 267c32dda4..635d3e416a 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -49,9 +49,11 @@ #include "relay.h" #include "rephist.h" #include "router.h" +#include "routerkeys.h" #include "routerlist.h" #include "ext_orport.h" #include "scheduler.h" +#include "torcert.h" static int connection_tls_finish_handshake(or_connection_t *conn); static int connection_or_launch_v3_or_handshake(or_connection_t *conn); @@ -73,56 +75,25 @@ static void connection_or_mark_bad_for_new_circs(or_connection_t *or_conn); static void connection_or_change_state(or_connection_t *conn, uint8_t state); -/**************************************************************/ +static void connection_or_check_canonicity(or_connection_t *conn, + int started_here); -/** Map from identity digest of connected OR or desired OR to a connection_t - * with that identity digest. If there is more than one such connection_t, - * they form a linked list, with next_with_same_id as the next pointer. */ -static digestmap_t *orconn_identity_map = NULL; +/**************************************************************/ /** Global map between Extended ORPort identifiers and OR * connections. */ static digestmap_t *orconn_ext_or_id_map = NULL; -/** If conn is listed in orconn_identity_map, remove it, and clear - * conn->identity_digest. Otherwise do nothing. */ +/** Clear clear conn->identity_digest and update other data + * structures as appropriate.*/ void -connection_or_remove_from_identity_map(or_connection_t *conn) +connection_or_clear_identity(or_connection_t *conn) { - or_connection_t *tmp; tor_assert(conn); - if (!orconn_identity_map) - return; - tmp = digestmap_get(orconn_identity_map, conn->identity_digest); - if (!tmp) { - if (!tor_digest_is_zero(conn->identity_digest)) { - log_warn(LD_BUG, "Didn't find connection '%s' on identity map when " - "trying to remove it.", - conn->nickname ? conn->nickname : "NULL"); - } - return; - } - if (conn == tmp) { - if (conn->next_with_same_id) - digestmap_set(orconn_identity_map, conn->identity_digest, - conn->next_with_same_id); - else - digestmap_remove(orconn_identity_map, conn->identity_digest); - } else { - while (tmp->next_with_same_id) { - if (tmp->next_with_same_id == conn) { - tmp->next_with_same_id = conn->next_with_same_id; - break; - } - tmp = tmp->next_with_same_id; - } - } memset(conn->identity_digest, 0, DIGEST_LEN); - conn->next_with_same_id = NULL; } -/** Remove all entries from the identity-to-orconn map, and clear - * all identities in OR conns.*/ +/** Clear all identities in OR conns.*/ void connection_or_clear_identity_map(void) { @@ -130,57 +101,72 @@ connection_or_clear_identity_map(void) SMARTLIST_FOREACH(conns, connection_t *, conn, { if (conn->type == CONN_TYPE_OR) { - or_connection_t *or_conn = TO_OR_CONN(conn); - memset(or_conn->identity_digest, 0, DIGEST_LEN); - or_conn->next_with_same_id = NULL; + connection_or_clear_identity(TO_OR_CONN(conn)); } }); - - digestmap_free(orconn_identity_map, NULL); - orconn_identity_map = NULL; } /** Change conn->identity_digest to digest, and add conn into - * orconn_digest_map. */ + * the appropriate digest maps. + * + * NOTE that this function only allows two kinds of transitions: from + * unset identity to set identity, and from idempotent re-settings + * of the same identity. It's not allowed to clear an identity or to + * change an identity. Return 0 on success, and -1 if the transition + * is not allowed. + **/ static void -connection_or_set_identity_digest(or_connection_t *conn, const char *digest) +connection_or_set_identity_digest(or_connection_t *conn, + const char *rsa_digest, + const ed25519_public_key_t *ed_id) { - or_connection_t *tmp; + channel_t *chan = NULL; tor_assert(conn); - tor_assert(digest); + tor_assert(rsa_digest); + + if (conn->chan) + chan = TLS_CHAN_TO_BASE(conn->chan); - if (!orconn_identity_map) - orconn_identity_map = digestmap_new(); - if (tor_memeq(conn->identity_digest, digest, DIGEST_LEN)) + log_info(LD_HANDSHAKE, "Set identity digest for %p (%s): %s %s.", + conn, + escaped_safe_str(conn->base_.address), + hex_str(rsa_digest, DIGEST_LEN), + ed25519_fmt(ed_id)); + log_info(LD_HANDSHAKE, " (Previously: %s %s)", + hex_str(conn->identity_digest, DIGEST_LEN), + chan ? ed25519_fmt(&chan->ed25519_identity) : "<null>"); + + const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest); + const int ed_id_was_set = + chan && !ed25519_public_key_is_zero(&chan->ed25519_identity); + const int rsa_changed = + tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN); + const int ed_changed = ed_id_was_set && + (!ed_id || !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity)); + + tor_assert(!rsa_changed || !rsa_id_was_set); + tor_assert(!ed_changed || !ed_id_was_set); + + if (!rsa_changed && !ed_changed) return; /* If the identity was set previously, remove the old mapping. */ - if (! tor_digest_is_zero(conn->identity_digest)) { - connection_or_remove_from_identity_map(conn); - if (conn->chan) - channel_clear_identity_digest(TLS_CHAN_TO_BASE(conn->chan)); + if (rsa_id_was_set) { + connection_or_clear_identity(conn); + if (chan) + channel_clear_identity_digest(chan); } - memcpy(conn->identity_digest, digest, DIGEST_LEN); + memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN); - /* If we're setting the ID to zero, don't add a mapping. */ - if (tor_digest_is_zero(digest)) + /* If we're initializing the IDs to zero, don't add a mapping yet. */ + if (tor_digest_is_zero(rsa_digest) && + (!ed_id || ed25519_public_key_is_zero(ed_id))) return; - tmp = digestmap_set(orconn_identity_map, digest, conn); - conn->next_with_same_id = tmp; - /* Deal with channels */ - if (conn->chan) - channel_set_identity_digest(TLS_CHAN_TO_BASE(conn->chan), digest); - -#if 1 - /* Testing code to check for bugs in representation. */ - for (; tmp; tmp = tmp->next_with_same_id) { - tor_assert(tor_memeq(tmp->identity_digest, digest, DIGEST_LEN)); - tor_assert(tmp != conn); - } -#endif + if (chan) + channel_set_identity_digest(chan, rsa_digest, ed_id); } /** Remove the Extended ORPort identifier of <b>conn</b> from the @@ -875,15 +861,47 @@ void connection_or_init_conn_from_address(or_connection_t *conn, const tor_addr_t *addr, uint16_t port, const char *id_digest, + const ed25519_public_key_t *ed_id, int started_here) { - const node_t *r = node_get_by_id(id_digest); - connection_or_set_identity_digest(conn, id_digest); + log_debug(LD_HANDSHAKE, "init conn from address %s: %s, %s (%d)", + fmt_addr(addr), + hex_str((const char*)id_digest, DIGEST_LEN), + ed25519_fmt(ed_id), + started_here); + + connection_or_set_identity_digest(conn, id_digest, ed_id); connection_or_update_token_buckets_helper(conn, 1, get_options()); conn->base_.port = port; tor_addr_copy(&conn->base_.addr, addr); tor_addr_copy(&conn->real_addr, addr); + + connection_or_check_canonicity(conn, started_here); +} + +/** Check whether the identity of <b>conn</b> matches a known node. If it + * does, check whether the address of conn matches the expected address, and + * update the connection's is_canonical flag, nickname, and address fields as + * appropriate. */ +static void +connection_or_check_canonicity(or_connection_t *conn, int started_here) +{ + const char *id_digest = conn->identity_digest; + const ed25519_public_key_t *ed_id = NULL; + const tor_addr_t *addr = &conn->real_addr; + if (conn->chan) + ed_id = & TLS_CHAN_TO_BASE(conn->chan)->ed25519_identity; + + const node_t *r = node_get_by_id(id_digest); + if (r && + node_supports_ed25519_link_authentication(r) && + ! node_ed25519_id_matches(r, ed_id)) { + /* If this node is capable of proving an ed25519 ID, + * we can't call this a canonical connection unless both IDs match. */ + r = NULL; + } + if (r) { tor_addr_port_t node_ap; node_get_pref_orport(r, &node_ap); @@ -905,10 +923,12 @@ connection_or_init_conn_from_address(or_connection_t *conn, tor_addr_copy(&conn->base_.addr, &node_ap.addr); conn->base_.port = node_ap.port; } + tor_free(conn->nickname); conn->nickname = tor_strdup(node_get_nickname(r)); tor_free(conn->base_.address); conn->base_.address = tor_addr_to_str_dup(&node_ap.addr); } else { + tor_free(conn->nickname); conn->nickname = tor_malloc(HEX_DIGEST_LEN+2); conn->nickname[0] = '$'; base16_encode(conn->nickname+1, HEX_DIGEST_LEN+1, @@ -954,7 +974,7 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) * too old for new circuits? */ #define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7) -/** Given the head of the linked list for all the or_connections with a given +/** Given a list of all the or_connections with a given * identity, set elements of that list as is_bad_for_new_circs as * appropriate. Helper for connection_or_set_bad_connections(). * @@ -971,16 +991,19 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn) * See channel_is_better() in channel.c for our idea of what makes one OR * connection better than another. */ -static void -connection_or_group_set_badness(or_connection_t *head, int force) +void +connection_or_group_set_badness_(smartlist_t *group, int force) { - or_connection_t *or_conn = NULL, *best = NULL; + /* XXXX this function should be entirely about channels, not OR + * XXXX connections. */ + + or_connection_t *best = NULL; int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0; time_t now = time(NULL); /* Pass 1: expire everything that's old, and see what the status of * everything else is. */ - for (or_conn = head; or_conn; or_conn = or_conn->next_with_same_id) { + SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) { if (or_conn->base_.marked_for_close || connection_or_is_bad_for_new_circs(or_conn)) continue; @@ -1004,11 +1027,11 @@ connection_or_group_set_badness(or_connection_t *head, int force) } else { ++n_other; } - } + } SMARTLIST_FOREACH_END(or_conn); /* Pass 2: We know how about how good the best connection is. * expire everything that's worse, and find the very best if we can. */ - for (or_conn = head; or_conn; or_conn = or_conn->next_with_same_id) { + SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) { if (or_conn->base_.marked_for_close || connection_or_is_bad_for_new_circs(or_conn)) continue; /* This one doesn't need to be marked bad. */ @@ -1035,7 +1058,7 @@ connection_or_group_set_badness(or_connection_t *head, int force) 0)) { best = or_conn; } - } + } SMARTLIST_FOREACH_END(or_conn); if (!best) return; @@ -1054,7 +1077,7 @@ connection_or_group_set_badness(or_connection_t *head, int force) * 0.1.2.x dies out, the first case will go away, and the second one is * "mostly harmless", so a fix can wait until somebody is bored. */ - for (or_conn = head; or_conn; or_conn = or_conn->next_with_same_id) { + SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) { if (or_conn->base_.marked_for_close || connection_or_is_bad_for_new_circs(or_conn) || or_conn->base_.state != OR_CONN_STATE_OPEN) @@ -1088,24 +1111,7 @@ connection_or_group_set_badness(or_connection_t *head, int force) connection_or_mark_bad_for_new_circs(or_conn); } } - } -} - -/** Go through all the OR connections (or if <b>digest</b> is non-NULL, just - * the OR connections with that digest), and set the is_bad_for_new_circs - * flag based on the rules in connection_or_group_set_badness() (or just - * always set it if <b>force</b> is true). - */ -void -connection_or_set_bad_connections(const char *digest, int force) -{ - if (!orconn_identity_map) - return; - - DIGESTMAP_FOREACH(orconn_identity_map, identity, or_connection_t *, conn) { - if (!digest || tor_memeq(digest, conn->identity_digest, DIGEST_LEN)) - connection_or_group_set_badness(conn, force); - } DIGESTMAP_FOREACH_END; + } SMARTLIST_FOREACH_END(or_conn); } /** <b>conn</b> is in the 'connecting' state, and it failed to complete @@ -1171,7 +1177,9 @@ connection_or_notify_error(or_connection_t *conn, MOCK_IMPL(or_connection_t *, connection_or_connect, (const tor_addr_t *_addr, uint16_t port, - const char *id_digest, channel_tls_t *chan)) + const char *id_digest, + const ed25519_public_key_t *ed_id, + channel_tls_t *chan)) { or_connection_t *conn; const or_options_t *options = get_options(); @@ -1191,6 +1199,11 @@ connection_or_connect, (const tor_addr_t *_addr, uint16_t port, log_info(LD_PROTOCOL,"Client asked me to connect to myself. Refusing."); return NULL; } + if (server_mode(options) && router_ed25519_id_is_me(ed_id)) { + log_info(LD_PROTOCOL,"Client asked me to connect to myself by Ed25519 " + "identity. Refusing."); + return NULL; + } conn = or_connection_new(CONN_TYPE_OR, tor_addr_family(&addr)); @@ -1203,7 +1216,7 @@ connection_or_connect, (const tor_addr_t *_addr, uint16_t port, */ conn->chan = chan; chan->conn = conn; - connection_or_init_conn_from_address(conn, &addr, port, id_digest, 1); + connection_or_init_conn_from_address(conn, &addr, port, id_digest, ed_id, 1); connection_or_change_state(conn, OR_CONN_STATE_CONNECTING); control_event_or_conn_status(conn, OR_CONN_EVENT_LAUNCHED, 0); @@ -1560,18 +1573,25 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, crypto_pk_free(identity_rcvd); - if (started_here) + if (started_here) { + /* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL + * here. */ + log_debug(LD_HANDSHAKE, "Calling client_learned_peer_id from " + "check_valid_tls_handshake"); return connection_or_client_learned_peer_id(conn, - (const uint8_t*)digest_rcvd_out); + (const uint8_t*)digest_rcvd_out, + NULL); + } return 0; } /** Called when we (as a connection initiator) have definitively, * authenticatedly, learned that ID of the Tor instance on the other - * side of <b>conn</b> is <b>peer_id</b>. For v1 and v2 handshakes, + * side of <b>conn</b> is <b>rsa_peer_id</b> and optionally <b>ed_peer_id</b>. + * For v1 and v2 handshakes, * this is right after we get a certificate chain in a TLS handshake - * or renegotiation. For v3 handshakes, this is right after we get a + * or renegotiation. For v3+ handshakes, this is right after we get a * certificate chain in a CERTS cell. * * If we did not know the ID before, record the one we got. @@ -1592,12 +1612,31 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, */ int connection_or_client_learned_peer_id(or_connection_t *conn, - const uint8_t *peer_id) + const uint8_t *rsa_peer_id, + const ed25519_public_key_t *ed_peer_id) { const or_options_t *options = get_options(); - - if (tor_digest_is_zero(conn->identity_digest)) { - connection_or_set_identity_digest(conn, (const char*)peer_id); + channel_tls_t *chan_tls = conn->chan; + channel_t *chan = channel_tls_to_base(chan_tls); + int changed_identity = 0; + tor_assert(chan); + + const int expected_rsa_key = + ! tor_digest_is_zero(conn->identity_digest); + const int expected_ed_key = + ! ed25519_public_key_is_zero(&chan->ed25519_identity); + + log_info(LD_HANDSHAKE, "learned peer id for %p (%s): %s, %s", + conn, + safe_str_client(conn->base_.address), + hex_str((const char*)rsa_peer_id, DIGEST_LEN), + ed25519_fmt(ed_peer_id)); + + if (! expected_rsa_key && ! expected_ed_key) { + log_info(LD_HANDSHAKE, "(we had no ID in mind when we made this " + "connection."); + connection_or_set_identity_digest(conn, + (const char*)rsa_peer_id, ed_peer_id); tor_free(conn->nickname); conn->nickname = tor_malloc(HEX_DIGEST_LEN+2); conn->nickname[0] = '$'; @@ -1609,16 +1648,39 @@ connection_or_client_learned_peer_id(or_connection_t *conn, /* if it's a bridge and we didn't know its identity fingerprint, now * we do -- remember it for future attempts. */ learned_router_identity(&conn->base_.addr, conn->base_.port, - (const char*)peer_id); + (const char*)rsa_peer_id, ed_peer_id); + changed_identity = 1; } - if (tor_memneq(peer_id, conn->identity_digest, DIGEST_LEN)) { + const int rsa_mismatch = expected_rsa_key && + tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN); + /* It only counts as an ed25519 mismatch if we wanted an ed25519 identity + * and didn't get it. It's okay if we get one that we didn't ask for. */ + const int ed25519_mismatch = + expected_ed_key && + (ed_peer_id == NULL || + ! ed25519_pubkey_eq(&chan->ed25519_identity, ed_peer_id)); + + if (rsa_mismatch || ed25519_mismatch) { /* I was aiming for a particular digest. I didn't get it! */ - char seen[HEX_DIGEST_LEN+1]; - char expected[HEX_DIGEST_LEN+1]; - base16_encode(seen, sizeof(seen), (const char*)peer_id, DIGEST_LEN); - base16_encode(expected, sizeof(expected), conn->identity_digest, + char seen_rsa[HEX_DIGEST_LEN+1]; + char expected_rsa[HEX_DIGEST_LEN+1]; + char seen_ed[ED25519_BASE64_LEN+1]; + char expected_ed[ED25519_BASE64_LEN+1]; + base16_encode(seen_rsa, sizeof(seen_rsa), + (const char*)rsa_peer_id, DIGEST_LEN); + base16_encode(expected_rsa, sizeof(expected_rsa), conn->identity_digest, DIGEST_LEN); + if (ed_peer_id) { + ed25519_public_to_base64(seen_ed, ed_peer_id); + } else { + strlcpy(seen_ed, "no ed25519 key", sizeof(seen_ed)); + } + if (! ed25519_public_key_is_zero(&chan->ed25519_identity)) { + ed25519_public_to_base64(expected_ed, &chan->ed25519_identity); + } else { + strlcpy(expected_ed, "no ed25519 key", sizeof(expected_ed)); + } const int using_hardcoded_fingerprints = !networkstatus_get_reasonably_live_consensus(time(NULL), usable_consensus_flavor()); @@ -1653,9 +1715,11 @@ connection_or_client_learned_peer_id(or_connection_t *conn, } log_fn(severity, LD_HANDSHAKE, - "Tried connecting to router at %s:%d, but identity key was not " - "as expected: wanted %s but got %s.%s", - conn->base_.address, conn->base_.port, expected, seen, extra_log); + "Tried connecting to router at %s:%d, but RSA identity key was not " + "as expected: wanted %s + %s but got %s + %s.%s", + conn->base_.address, conn->base_.port, + expected_rsa, expected_ed, seen_rsa, seen_ed, extra_log); + entry_guard_register_connect_status(conn->identity_digest, 0, 1, time(NULL)); control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED, @@ -1667,9 +1731,24 @@ connection_or_client_learned_peer_id(or_connection_t *conn, conn); return -1; } + + if (!expected_ed_key && ed_peer_id) { + log_info(LD_HANDSHAKE, "(we had no Ed25519 ID in mind when we made this " + "connection."); + connection_or_set_identity_digest(conn, + (const char*)rsa_peer_id, ed_peer_id); + changed_identity = 1; + } + + if (changed_identity) { + /* If we learned an identity for this connection, then we might have + * just discovered it to be canonical. */ + connection_or_check_canonicity(conn, conn->handshake_state->started_here); + } + if (authdir_mode_tests_reachability(options)) { dirserv_orconn_tls_done(&conn->base_.addr, conn->base_.port, - (const char*)peer_id); + (const char*)rsa_peer_id, ed_peer_id); } return 0; @@ -1725,7 +1804,8 @@ connection_tls_finish_handshake(or_connection_t *conn) if (tor_tls_used_v1_handshake(conn->tls)) { conn->link_proto = 1; connection_or_init_conn_from_address(conn, &conn->base_.addr, - conn->base_.port, digest_rcvd, 0); + conn->base_.port, digest_rcvd, + NULL, 0); tor_tls_block_renegotiation(conn->tls); rep_hist_note_negotiated_link_proto(1, started_here); return connection_or_set_state_open(conn); @@ -1734,7 +1814,8 @@ connection_tls_finish_handshake(or_connection_t *conn) if (connection_init_or_handshake_state(conn, started_here) < 0) return -1; connection_or_init_conn_from_address(conn, &conn->base_.addr, - conn->base_.port, digest_rcvd, 0); + conn->base_.port, digest_rcvd, + NULL, 0); return connection_or_send_versions(conn, 0); } } @@ -1773,6 +1854,8 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here) s->started_here = started_here ? 1 : 0; s->digest_sent_data = 1; s->digest_received_data = 1; + s->certs = or_handshake_certs_new(); + s->certs->started_here = s->started_here; return 0; } @@ -1784,8 +1867,7 @@ or_handshake_state_free(or_handshake_state_t *state) return; crypto_digest_free(state->digest_sent); crypto_digest_free(state->digest_received); - tor_x509_cert_free(state->auth_cert); - tor_x509_cert_free(state->id_cert); + or_handshake_certs_free(state->certs); memwipe(state, 0xBE, sizeof(or_handshake_state_t)); tor_free(state); } @@ -2132,57 +2214,171 @@ connection_or_send_netinfo,(or_connection_t *conn)) return 0; } +/** Helper used to add an encoded certs to a cert cell */ +static void +add_certs_cell_cert_helper(certs_cell_t *certs_cell, + uint8_t cert_type, + const uint8_t *cert_encoded, + size_t cert_len) +{ + tor_assert(cert_len <= UINT16_MAX); + certs_cell_cert_t *ccc = certs_cell_cert_new(); + ccc->cert_type = cert_type; + ccc->cert_len = cert_len; + certs_cell_cert_setlen_body(ccc, cert_len); + memcpy(certs_cell_cert_getarray_body(ccc), cert_encoded, cert_len); + + certs_cell_add_certs(certs_cell, ccc); +} + +/** Add an encoded X509 cert (stored as <b>cert_len</b> bytes at + * <b>cert_encoded</b>) to the trunnel certs_cell_t object that we are + * building in <b>certs_cell</b>. Set its type field to <b>cert_type</b>. */ +static void +add_x509_cert(certs_cell_t *certs_cell, + uint8_t cert_type, + const tor_x509_cert_t *cert) +{ + if (NULL == cert) + return; + + const uint8_t *cert_encoded = NULL; + size_t cert_len; + tor_x509_cert_get_der(cert, &cert_encoded, &cert_len); + + add_certs_cell_cert_helper(certs_cell, cert_type, cert_encoded, cert_len); +} + +/** Add an Ed25519 cert from <b>cert</b> to the trunnel certs_cell_t object + * that we are building in <b>certs_cell</b>. Set its type field to + * <b>cert_type</b>. */ +static void +add_ed25519_cert(certs_cell_t *certs_cell, + uint8_t cert_type, + const tor_cert_t *cert) +{ + if (NULL == cert) + return; + + add_certs_cell_cert_helper(certs_cell, cert_type, + cert->encoded, cert->encoded_len); +} + /** Send a CERTS cell on the connection <b>conn</b>. Return 0 on success, -1 * on failure. */ int connection_or_send_certs_cell(or_connection_t *conn) { const tor_x509_cert_t *link_cert = NULL, *id_cert = NULL; - const uint8_t *link_encoded = NULL, *id_encoded = NULL; - size_t link_len, id_len; var_cell_t *cell; - size_t cell_len; - ssize_t pos; + + certs_cell_t *certs_cell = NULL; tor_assert(conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3); if (! conn->handshake_state) return -1; + const int conn_in_server_mode = ! conn->handshake_state->started_here; + + /* Get the encoded values of the X509 certificates */ if (tor_tls_get_my_certs(conn_in_server_mode, &link_cert, &id_cert) < 0) return -1; - tor_x509_cert_get_der(link_cert, &link_encoded, &link_len); - tor_x509_cert_get_der(id_cert, &id_encoded, &id_len); - cell_len = 1 /* 1 byte: num certs in cell */ + - 2 * ( 1 + 2 ) /* For each cert: 1 byte for type, 2 for length */ + - link_len + id_len; - cell = var_cell_new(cell_len); - cell->command = CELL_CERTS; - cell->payload[0] = 2; - pos = 1; + tor_assert(link_cert); + tor_assert(id_cert); - if (conn_in_server_mode) - cell->payload[pos] = OR_CERT_TYPE_TLS_LINK; /* Link cert */ - else - cell->payload[pos] = OR_CERT_TYPE_AUTH_1024; /* client authentication */ - set_uint16(&cell->payload[pos+1], htons(link_len)); - memcpy(&cell->payload[pos+3], link_encoded, link_len); - pos += 3 + link_len; + certs_cell = certs_cell_new(); - cell->payload[pos] = OR_CERT_TYPE_ID_1024; /* ID cert */ - set_uint16(&cell->payload[pos+1], htons(id_len)); - memcpy(&cell->payload[pos+3], id_encoded, id_len); - pos += 3 + id_len; + /* Start adding certs. First the link cert or auth1024 cert. */ + if (conn_in_server_mode) { + add_x509_cert(certs_cell, + OR_CERT_TYPE_TLS_LINK, link_cert); + } else { + add_x509_cert(certs_cell, + OR_CERT_TYPE_AUTH_1024, link_cert); + } + + /* Next the RSA->RSA ID cert */ + add_x509_cert(certs_cell, + OR_CERT_TYPE_ID_1024, id_cert); + + /* Next the Ed25519 certs */ + add_ed25519_cert(certs_cell, + CERTTYPE_ED_ID_SIGN, + get_master_signing_key_cert()); + if (conn_in_server_mode) { + add_ed25519_cert(certs_cell, + CERTTYPE_ED_SIGN_LINK, + get_current_link_cert_cert()); + } else { + add_ed25519_cert(certs_cell, + CERTTYPE_ED_SIGN_AUTH, + get_current_auth_key_cert()); + } + + /* And finally the crosscert. */ + { + const uint8_t *crosscert=NULL; + size_t crosscert_len; + get_master_rsa_crosscert(&crosscert, &crosscert_len); + if (crosscert) { + add_certs_cell_cert_helper(certs_cell, + CERTTYPE_RSA1024_ID_EDID, + crosscert, crosscert_len); + } + } - tor_assert(pos == (int)cell_len); /* Otherwise we just smashed the heap */ + /* We've added all the certs; make the cell. */ + certs_cell->n_certs = certs_cell_getlen_certs(certs_cell); + + ssize_t alloc_len = certs_cell_encoded_len(certs_cell); + tor_assert(alloc_len >= 0 && alloc_len <= UINT16_MAX); + cell = var_cell_new(alloc_len); + cell->command = CELL_CERTS; + ssize_t enc_len = certs_cell_encode(cell->payload, alloc_len, certs_cell); + tor_assert(enc_len > 0 && enc_len <= alloc_len); + cell->payload_len = enc_len; connection_or_write_var_cell_to_buf(cell, conn); var_cell_free(cell); + certs_cell_free(certs_cell); return 0; } +/** Return true iff <b>challenge_type</b> is an AUTHCHALLENGE type that + * we can send and receive. */ +int +authchallenge_type_is_supported(uint16_t challenge_type) +{ + switch (challenge_type) { + case AUTHTYPE_RSA_SHA256_TLSSECRET: + case AUTHTYPE_ED25519_SHA256_RFC5705: + return 1; + case AUTHTYPE_RSA_SHA256_RFC5705: + default: + return 0; + } +} + +/** Return true iff <b>challenge_type_a</b> is one that we would rather + * use than <b>challenge_type_b</b>. */ +int +authchallenge_type_is_better(uint16_t challenge_type_a, + uint16_t challenge_type_b) +{ + /* Any supported type is better than an unsupported one; + * all unsupported types are equally bad. */ + if (!authchallenge_type_is_supported(challenge_type_a)) + return 0; + if (!authchallenge_type_is_supported(challenge_type_b)) + return 1; + /* It happens that types are superior in numerically ascending order. + * If that ever changes, this must change too. */ + return (challenge_type_a > challenge_type_b); +} + /** Send an AUTH_CHALLENGE cell on the connection <b>conn</b>. Return 0 * on success, -1 on failure. */ int @@ -2197,17 +2393,26 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) auth_challenge_cell_t *ac = auth_challenge_cell_new(); + tor_assert(sizeof(ac->challenge) == 32); crypto_rand((char*)ac->challenge, sizeof(ac->challenge)); auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET); + /* Disabled, because everything that supports this method also supports + * the much-superior ED25519_SHA256_RFC5705 */ + /* auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_RFC5705); */ + auth_challenge_cell_add_methods(ac, AUTHTYPE_ED25519_SHA256_RFC5705); auth_challenge_cell_set_n_methods(ac, auth_challenge_cell_getlen_methods(ac)); cell = var_cell_new(auth_challenge_cell_encoded_len(ac)); ssize_t len = auth_challenge_cell_encode(cell->payload, cell->payload_len, ac); - if (len != cell->payload_len) + if (len != cell->payload_len) { + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Encoded auth challenge cell length not as expected"); goto done; + /* LCOV_EXCL_STOP */ + } cell->command = CELL_AUTH_CHALLENGE; connection_or_write_var_cell_to_buf(cell, conn); @@ -2221,8 +2426,8 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) } /** Compute the main body of an AUTHENTICATE cell that a client can use - * to authenticate itself on a v3 handshake for <b>conn</b>. Write it to the - * <b>outlen</b>-byte buffer at <b>out</b>. + * to authenticate itself on a v3 handshake for <b>conn</b>. Return it + * in a var_cell_t. * * If <b>server</b> is true, only calculate the first * V3_AUTH_FIXED_PART_LEN bytes -- the part of the authenticator that's @@ -2238,24 +2443,44 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) * * Return the length of the cell body on success, and -1 on failure. */ -int +var_cell_t * connection_or_compute_authenticate_cell_body(or_connection_t *conn, - uint8_t *out, size_t outlen, + const int authtype, crypto_pk_t *signing_key, - int server) + const ed25519_keypair_t *ed_signing_key, + int server) { auth1_t *auth = NULL; auth_ctx_t *ctx = auth_ctx_new(); - int result; + var_cell_t *result = NULL; + int old_tlssecrets_algorithm = 0; + const char *authtype_str = NULL; - /* assert state is reasonable XXXX */ + int is_ed = 0; - ctx->is_ed = 0; + /* assert state is reasonable XXXX */ + switch (authtype) { + case AUTHTYPE_RSA_SHA256_TLSSECRET: + authtype_str = "AUTH0001"; + old_tlssecrets_algorithm = 1; + break; + case AUTHTYPE_RSA_SHA256_RFC5705: + authtype_str = "AUTH0002"; + break; + case AUTHTYPE_ED25519_SHA256_RFC5705: + authtype_str = "AUTH0003"; + is_ed = 1; + break; + default: + tor_assert(0); + break; + } auth = auth1_new(); + ctx->is_ed = is_ed; /* Type: 8 bytes. */ - memcpy(auth1_getarray_type(auth), "AUTH0001", 8); + memcpy(auth1_getarray_type(auth), authtype_str, 8); { const tor_x509_cert_t *id_cert=NULL, *link_cert=NULL; @@ -2265,7 +2490,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, goto err; my_digests = tor_x509_cert_get_id_digests(id_cert); their_digests = - tor_x509_cert_get_id_digests(conn->handshake_state->id_cert); + tor_x509_cert_get_id_digests(conn->handshake_state->certs->id_cert); tor_assert(my_digests); tor_assert(their_digests); my_id = (uint8_t*)my_digests->d[DIGEST_SHA256]; @@ -2281,6 +2506,22 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, memcpy(auth->sid, server_id, 32); } + if (is_ed) { + const ed25519_public_key_t *my_ed_id, *their_ed_id; + if (!conn->handshake_state->certs->ed_id_sign) { + log_warn(LD_OR, "Ed authenticate without Ed ID cert from peer."); + goto err; + } + my_ed_id = get_master_identity_key(); + their_ed_id = &conn->handshake_state->certs->ed_id_sign->signing_key; + + const uint8_t *cid_ed = (server ? their_ed_id : my_ed_id)->pubkey; + const uint8_t *sid_ed = (server ? my_ed_id : their_ed_id)->pubkey; + + memcpy(auth->u1_cid_ed, cid_ed, ED25519_PUBKEY_LEN); + memcpy(auth->u1_sid_ed, sid_ed, ED25519_PUBKEY_LEN); + } + { crypto_digest_t *server_d, *client_d; if (server) { @@ -2309,7 +2550,8 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, cert = freecert; } if (!cert) { - log_warn(LD_OR, "Unable to find cert when making AUTH1 data."); + log_warn(LD_OR, "Unable to find cert when making %s data.", + authtype_str); goto err; } @@ -2321,36 +2563,79 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, } /* HMAC of clientrandom and serverrandom using master key : 32 octets */ - tor_tls_get_tlssecrets(conn->tls, auth->tlssecrets); + if (old_tlssecrets_algorithm) { + tor_tls_get_tlssecrets(conn->tls, auth->tlssecrets); + } else { + char label[128]; + tor_snprintf(label, sizeof(label), + "EXPORTER FOR TOR TLS CLIENT BINDING %s", authtype_str); + tor_tls_export_key_material(conn->tls, auth->tlssecrets, + auth->cid, sizeof(auth->cid), + label); + } /* 8 octets were reserved for the current time, but we're trying to get out * of the habit of sending time around willynilly. Fortunately, nothing * checks it. That's followed by 16 bytes of nonce. */ crypto_rand((char*)auth->rand, 24); + ssize_t maxlen = auth1_encoded_len(auth, ctx); + if (ed_signing_key && is_ed) { + maxlen += ED25519_SIG_LEN; + } else if (signing_key && !is_ed) { + maxlen += crypto_pk_keysize(signing_key); + } + + const int AUTH_CELL_HEADER_LEN = 4; /* 2 bytes of type, 2 bytes of length */ + result = var_cell_new(AUTH_CELL_HEADER_LEN + maxlen); + uint8_t *const out = result->payload + AUTH_CELL_HEADER_LEN; + const size_t outlen = maxlen; ssize_t len; + + result->command = CELL_AUTHENTICATE; + set_uint16(result->payload, htons(authtype)); + if ((len = auth1_encode(out, outlen, auth, ctx)) < 0) { - log_warn(LD_OR, "Unable to encode signed part of AUTH1 data."); + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Unable to encode signed part of AUTH1 data."); goto err; + /* LCOV_EXCL_STOP */ } if (server) { auth1_t *tmp = NULL; ssize_t len2 = auth1_parse(&tmp, out, len, ctx); if (!tmp) { - log_warn(LD_OR, "Unable to parse signed part of AUTH1 data."); + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Unable to parse signed part of AUTH1 data that " + "we just encoded"); goto err; + /* LCOV_EXCL_STOP */ } - result = (int) (tmp->end_of_fixed_part - out); + result->payload_len = (tmp->end_of_signed - result->payload); + auth1_free(tmp); if (len2 != len) { - log_warn(LD_OR, "Mismatched length when re-parsing AUTH1 data."); + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Mismatched length when re-parsing AUTH1 data."); goto err; + /* LCOV_EXCL_STOP */ } goto done; } - if (signing_key) { + if (ed_signing_key && is_ed) { + ed25519_signature_t sig; + if (ed25519_sign(&sig, out, len, ed_signing_key) < 0) { + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Unable to sign ed25519 authentication data"); + goto err; + /* LCOV_EXCL_STOP */ + } + auth1_setlen_sig(auth, ED25519_SIG_LEN); + memcpy(auth1_getarray_sig(auth), sig.sig, ED25519_SIG_LEN); + + } else if (signing_key && !is_ed) { auth1_setlen_sig(auth, crypto_pk_keysize(signing_key)); char d[32]; @@ -2365,18 +2650,24 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, } auth1_setlen_sig(auth, siglen); + } - len = auth1_encode(out, outlen, auth, ctx); - if (len < 0) { - log_warn(LD_OR, "Unable to encode signed AUTH1 data."); - goto err; - } + len = auth1_encode(out, outlen, auth, ctx); + if (len < 0) { + /* LCOV_EXCL_START */ + log_warn(LD_BUG, "Unable to encode signed AUTH1 data."); + goto err; + /* LCOV_EXCL_STOP */ } - result = (int) len; + tor_assert(len + AUTH_CELL_HEADER_LEN <= result->payload_len); + result->payload_len = len + AUTH_CELL_HEADER_LEN; + set_uint16(result->payload+2, htons(len)); + goto done; err: - result = -1; + var_cell_free(result); + result = NULL; done: auth1_free(auth); auth_ctx_free(ctx); @@ -2390,44 +2681,29 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype)) { var_cell_t *cell; crypto_pk_t *pk = tor_tls_get_my_client_auth_key(); - int authlen; - size_t cell_maxlen; /* XXXX make sure we're actually supposed to send this! */ if (!pk) { log_warn(LD_BUG, "Can't compute authenticate cell: no client auth key"); return -1; } - if (authtype != AUTHTYPE_RSA_SHA256_TLSSECRET) { + if (! authchallenge_type_is_supported(authtype)) { log_warn(LD_BUG, "Tried to send authenticate cell with unknown " "authentication type %d", authtype); return -1; } - cell_maxlen = 4 + /* overhead */ - V3_AUTH_BODY_LEN + /* Authentication body */ - crypto_pk_keysize(pk) + /* Max signature length */ - 16 /* add a few extra bytes just in case. */; - - cell = var_cell_new(cell_maxlen); - cell->command = CELL_AUTHENTICATE; - set_uint16(cell->payload, htons(AUTHTYPE_RSA_SHA256_TLSSECRET)); - /* skip over length ; we don't know that yet. */ - - authlen = connection_or_compute_authenticate_cell_body(conn, - cell->payload+4, - cell_maxlen-4, - pk, - 0 /* not server */); - if (authlen < 0) { + cell = connection_or_compute_authenticate_cell_body(conn, + authtype, + pk, + get_current_auth_keypair(), + 0 /* not server */); + if (! cell) { + /* LCOV_EXCL_START */ log_warn(LD_BUG, "Unable to compute authenticate cell!"); - var_cell_free(cell); return -1; + /* LCOV_EXCL_STOP */ } - tor_assert(authlen + 4 <= cell->payload_len); - set_uint16(cell->payload+2, htons(authlen)); - cell->payload_len = authlen + 4; - connection_or_write_var_cell_to_buf(cell, conn); var_cell_free(cell); diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 2e8c6066cc..80a5bddb14 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -12,14 +12,13 @@ #ifndef TOR_CONNECTION_OR_H #define TOR_CONNECTION_OR_H -void connection_or_remove_from_identity_map(or_connection_t *conn); +void connection_or_clear_identity(or_connection_t *conn); void connection_or_clear_identity_map(void); void clear_broken_connection_map(int disable); or_connection_t *connection_or_get_for_extend(const char *digest, const tor_addr_t *target_addr, const char **msg_out, int *launch_out); -void connection_or_set_bad_connections(const char *digest, int force); void connection_or_block_renegotiation(or_connection_t *conn); int connection_or_reached_eof(or_connection_t *conn); @@ -40,7 +39,9 @@ void connection_or_notify_error(or_connection_t *conn, MOCK_DECL(or_connection_t *, connection_or_connect, (const tor_addr_t *addr, uint16_t port, - const char *id_digest, channel_tls_t *chan)); + const char *id_digest, + const ed25519_public_key_t *ed_id, + channel_tls_t *chan)); void connection_or_close_normally(or_connection_t *orconn, int flush); MOCK_DECL(void,connection_or_close_for_error, @@ -59,10 +60,12 @@ int connection_init_or_handshake_state(or_connection_t *conn, void connection_or_init_conn_from_address(or_connection_t *conn, const tor_addr_t *addr, uint16_t port, - const char *id_digest, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, int started_here); int connection_or_client_learned_peer_id(or_connection_t *conn, - const uint8_t *peer_id); + const uint8_t *rsa_peer_id, + const ed25519_public_key_t *ed_peer_id); time_t connection_or_client_used(or_connection_t *conn); MOCK_DECL(int, connection_or_get_num_circuits, (or_connection_t *conn)); void or_handshake_state_free(or_handshake_state_t *state); @@ -84,10 +87,14 @@ int connection_or_send_versions(or_connection_t *conn, int v3_plus); MOCK_DECL(int,connection_or_send_netinfo,(or_connection_t *conn)); int connection_or_send_certs_cell(or_connection_t *conn); int connection_or_send_auth_challenge_cell(or_connection_t *conn); -int connection_or_compute_authenticate_cell_body(or_connection_t *conn, - uint8_t *out, size_t outlen, - crypto_pk_t *signing_key, - int server); +int authchallenge_type_is_supported(uint16_t challenge_type); +int authchallenge_type_is_better(uint16_t challenge_type_a, + uint16_t challenge_type_b); +var_cell_t *connection_or_compute_authenticate_cell_body(or_connection_t *conn, + const int authtype, + crypto_pk_t *signing_key, + const ed25519_keypair_t *ed_signing_key, + int server); MOCK_DECL(int,connection_or_send_authenticate_cell, (or_connection_t *conn, int type)); @@ -103,5 +110,7 @@ void var_cell_free(var_cell_t *cell); /* DOCDOC */ #define MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS 4 +void connection_or_group_set_badness_(smartlist_t *group, int force); + #endif diff --git a/src/or/control.c b/src/or/control.c index c8c5062e86..a22113174a 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -57,6 +57,7 @@ #include "entrynodes.h" #include "geoip.h" #include "hibernate.h" +#include "hs_common.h" #include "main.h" #include "networkstatus.h" #include "nodelist.h" @@ -942,7 +943,7 @@ control_setconf_helper(control_connection_t *conn, uint32_t len, char *body, ++body; } - smartlist_add(entries, tor_strdup("")); + smartlist_add_strdup(entries, ""); config = smartlist_join_strings(entries, "\n", 0, NULL); SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp)); smartlist_free(entries); @@ -2028,7 +2029,7 @@ getinfo_helper_dir(control_connection_t *control_conn, } else if (!strcmpstart(question, "dir/status/")) { *answer = tor_strdup(""); } else if (!strcmp(question, "dir/status-vote/current/consensus")) { /* v3 */ - if (directory_caches_dir_info(get_options())) { + if (we_want_to_fetch_flavor(get_options(), FLAV_NS)) { const cached_dir_t *consensus = dirserv_get_consensus("ns"); if (consensus) *answer = tor_strdup(consensus->dir); @@ -2539,7 +2540,7 @@ circuit_describe_status_for_controller(origin_circuit_t *circ) if (circ->rend_data != NULL) { smartlist_add_asprintf(descparts, "REND_QUERY=%s", - circ->rend_data->onion_address); + rend_data_get_address(circ->rend_data)); } { @@ -3139,7 +3140,7 @@ handle_control_getinfo(control_connection_t *conn, uint32_t len, if (!ans) { smartlist_add(unrecognized, (char*)q); } else { - smartlist_add(answers, tor_strdup(q)); + smartlist_add_strdup(answers, q); smartlist_add(answers, ans); } } SMARTLIST_FOREACH_END(q); @@ -4081,7 +4082,7 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len, * of the id. */ desc_id = digest; } else { - connection_printf_to_buf(conn, "513 Unrecognized \"%s\"\r\n", + connection_printf_to_buf(conn, "513 Invalid argument \"%s\"\r\n", arg1); goto done; } @@ -6045,9 +6046,9 @@ control_event_networkstatus_changed_helper(smartlist_t *statuses, return 0; strs = smartlist_new(); - smartlist_add(strs, tor_strdup("650+")); - smartlist_add(strs, tor_strdup(event_string)); - smartlist_add(strs, tor_strdup("\r\n")); + smartlist_add_strdup(strs, "650+"); + smartlist_add_strdup(strs, event_string); + smartlist_add_strdup(strs, "\r\n"); SMARTLIST_FOREACH(statuses, const routerstatus_t *, rs, { s = networkstatus_getinfo_helper_single(rs); @@ -6856,8 +6857,10 @@ control_event_hs_descriptor_requested(const rend_data_t *rend_query, send_control_event(EVENT_HS_DESC, "650 HS_DESC REQUESTED %s %s %s %s\r\n", - rend_hsaddress_str_or_unknown(rend_query->onion_address), - rend_auth_type_to_string(rend_query->auth_type), + rend_hsaddress_str_or_unknown( + rend_data_get_address(rend_query)), + rend_auth_type_to_string( + TO_REND_DATA_V2(rend_query)->auth_type), node_describe_longname_by_id(id_digest), desc_id_base32); } @@ -6873,11 +6876,12 @@ get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp) { int replica; const char *desc_id = NULL; + const rend_data_v2_t *rend_data_v2 = TO_REND_DATA_V2(rend_data); /* Possible if the fetch was done using a descriptor ID. This means that * the HSFETCH command was used. */ - if (!tor_digest_is_zero(rend_data->desc_id_fetch)) { - desc_id = rend_data->desc_id_fetch; + if (!tor_digest_is_zero(rend_data_v2->desc_id_fetch)) { + desc_id = rend_data_v2->desc_id_fetch; goto end; } @@ -6885,7 +6889,7 @@ get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp) * is the one associated with the HSDir fingerprint. */ for (replica = 0; replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; replica++) { - const char *digest = rend_data->descriptor_id[replica]; + const char *digest = rend_data_get_desc_id(rend_data, replica, NULL); SMARTLIST_FOREACH_BEGIN(rend_data->hsdirs_fp, char *, fingerprint) { if (tor_memcmp(fingerprint, hsdir_fp, DIGEST_LEN) == 0) { @@ -6994,7 +6998,8 @@ control_event_hs_descriptor_receive_end(const char *action, "650 HS_DESC %s %s %s %s%s%s\r\n", action, rend_hsaddress_str_or_unknown(onion_address), - rend_auth_type_to_string(rend_data->auth_type), + rend_auth_type_to_string( + TO_REND_DATA_V2(rend_data)->auth_type), node_describe_longname_by_id(id_digest), desc_id_field ? desc_id_field : "", reason_field ? reason_field : ""); @@ -7091,7 +7096,7 @@ control_event_hs_descriptor_failed(const rend_data_t *rend_data, return; } control_event_hs_descriptor_receive_end("FAILED", - rend_data->onion_address, + rend_data_get_address(rend_data), rend_data, id_digest, reason); } diff --git a/src/or/directory.c b/src/or/directory.c index fce48c6e95..f0affbd395 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3,6 +3,8 @@ * Copyright (c) 2007-2016, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#define DIRECTORY_PRIVATE + #include "or.h" #include "backtrace.h" #include "buffers.h" @@ -16,6 +18,8 @@ #include "dirvote.h" #include "entrynodes.h" #include "geoip.h" +#include "hs_cache.h" +#include "hs_common.h" #include "main.h" #include "microdesc.h" #include "networkstatus.h" @@ -40,9 +44,38 @@ /** * \file directory.c - * \brief Code to send and fetch directories and router - * descriptors via HTTP. Directories use dirserv.c to generate the - * results; clients use routers.c to parse them. + * \brief Code to send and fetch information from directory authorities and + * caches via HTTP. + * + * Directory caches and authorities use dirserv.c to generate the results of a + * query and stream them to the connection; clients use routerparse.c to parse + * them. + * + * Every directory request has a dir_connection_t on the client side and on + * the server side. In most cases, the dir_connection_t object is a linked + * connection, tunneled through an edge_connection_t so that it can be a + * stream on the Tor network. The only non-tunneled connections are those + * that are used to upload material (descriptors and votes) to authorities. + * Among tunneled connections, some use one-hop circuits, and others use + * multi-hop circuits for anonymity. + * + * Directory requests are launched by calling + * directory_initiate_command_rend() or one of its numerous variants. This + * launch the connection, will construct an HTTP request with + * directory_send_command(), send the and wait for a response. The client + * later handles the response with connection_dir_client_reached_eof(), + * which passes the information received to another part of Tor. + * + * On the server side, requests are read in directory_handle_command(), + * which dispatches first on the request type (GET or POST), and then on + * the URL requested. GET requests are processed with a table-based + * dispatcher in url_table[]. The process of handling larger GET requests + * is complicated because we need to avoid allocating a copy of all the + * data to be sent to the client in one huge buffer. Instead, we spool the + * data into the buffer using logic in connection_dirserv_flushed_some() in + * dirserv.c. (TODO: If we extended buf.c to have a zero-copy + * reference-based buffer type, we could remove most of that code, at the + * cost of a bit more reference counting.) **/ /* In-points to directory.c: @@ -120,29 +153,55 @@ static void connection_dir_close_consensus_fetches( /********* END VARIABLES ************/ -/** Return true iff the directory purpose <b>dir_purpose</b> (and if it's - * fetching descriptors, it's fetching them for <b>router_purpose</b>) - * must use an anonymous connection to a directory. */ +/** Return false if the directory purpose <b>dir_purpose</b> + * does not require an anonymous (three-hop) connection. + * + * Return true 1) by default, 2) if all directory actions have + * specifically been configured to be over an anonymous connection, + * or 3) if the router is a bridge */ int -purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose) +purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose, + const char *resource) { if (get_options()->AllDirActionsPrivate) return 1; - if (router_purpose == ROUTER_PURPOSE_BRIDGE) + + if (router_purpose == ROUTER_PURPOSE_BRIDGE) { + if (dir_purpose == DIR_PURPOSE_FETCH_SERVERDESC + && resource && !strcmp(resource, "authority.z")) { + /* We are asking a bridge for its own descriptor. That doesn't need + anonymity. */ + return 0; + } + /* Assume all other bridge stuff needs anonymity. */ return 1; /* if no circuits yet, this might break bootstrapping, but it's * needed to be safe. */ - if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR || - dir_purpose == DIR_PURPOSE_UPLOAD_VOTE || - dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES || - dir_purpose == DIR_PURPOSE_FETCH_STATUS_VOTE || - dir_purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES || - dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS || - dir_purpose == DIR_PURPOSE_FETCH_CERTIFICATE || - dir_purpose == DIR_PURPOSE_FETCH_SERVERDESC || - dir_purpose == DIR_PURPOSE_FETCH_EXTRAINFO || - dir_purpose == DIR_PURPOSE_FETCH_MICRODESC) - return 0; - return 1; + } + + switch (dir_purpose) + { + case DIR_PURPOSE_UPLOAD_DIR: + case DIR_PURPOSE_UPLOAD_VOTE: + case DIR_PURPOSE_UPLOAD_SIGNATURES: + case DIR_PURPOSE_FETCH_STATUS_VOTE: + case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES: + case DIR_PURPOSE_FETCH_CONSENSUS: + case DIR_PURPOSE_FETCH_CERTIFICATE: + case DIR_PURPOSE_FETCH_SERVERDESC: + case DIR_PURPOSE_FETCH_EXTRAINFO: + case DIR_PURPOSE_FETCH_MICRODESC: + return 0; + case DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2: + case DIR_PURPOSE_UPLOAD_RENDDESC_V2: + case DIR_PURPOSE_FETCH_RENDDESC_V2: + return 1; + case DIR_PURPOSE_SERVER: + default: + log_warn(LD_BUG, "Called with dir_purpose=%d, router_purpose=%d", + dir_purpose, router_purpose); + tor_assert_nonfatal_unreached(); + return 1; /* Assume it needs anonymity; better safe than sorry. */ + } } /** Return a newly allocated string describing <b>auth</b>. Only describes @@ -347,7 +406,7 @@ directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose, log_info(LD_DIR, "Uploading an extrainfo too (length %d)", (int) extrainfo_len); } - if (purpose_needs_anonymity(dir_purpose, router_purpose)) { + if (purpose_needs_anonymity(dir_purpose, router_purpose, NULL)) { indirection = DIRIND_ANONYMOUS; } else if (!fascist_firewall_allows_dir_server(ds, FIREWALL_DIR_CONNECTION, @@ -441,7 +500,8 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( int prefer_authority = (directory_fetches_from_authorities(options) || want_authority == DL_WANT_AUTHORITY); int require_authority = 0; - int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose); + int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose, + resource); dirinfo_type_t type = dir_fetch_type(dir_purpose, router_purpose, resource); time_t if_modified_since = 0; @@ -575,7 +635,7 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( "While fetching directory info, " "no running dirservers known. Will try again later. " "(purpose %d)", dir_purpose); - if (!purpose_needs_anonymity(dir_purpose, router_purpose)) { + if (!purpose_needs_anonymity(dir_purpose, router_purpose, resource)) { /* remember we tried them all and failed. */ directory_all_unreachable(time(NULL)); } @@ -1078,18 +1138,6 @@ directory_initiate_command(const tor_addr_t *or_addr, uint16_t or_port, if_modified_since, NULL); } -/** Return non-zero iff a directory connection with purpose - * <b>dir_purpose</b> reveals sensitive information about a Tor - * instance's client activities. (Such connections must be performed - * through normal three-hop Tor circuits.) */ -int -is_sensitive_dir_purpose(uint8_t dir_purpose) -{ - return ((dir_purpose == DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2) || - (dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) || - (dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)); -} - /** Same as directory_initiate_command(), but accepts rendezvous data to * fetch a hidden service descriptor, and takes its address & port arguments * as tor_addr_port_t. */ @@ -1137,7 +1185,7 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose)); - if (is_sensitive_dir_purpose(dir_purpose)) { + if (purpose_needs_anonymity(dir_purpose, router_purpose, resource)) { tor_assert(anonymized_connection || rend_non_anonymous_mode_enabled(options)); } @@ -2341,10 +2389,10 @@ connection_dir_client_reached_eof(dir_connection_t *conn) conn->identity_digest, \ reason) ) #define SEND_HS_DESC_FAILED_CONTENT() ( \ - control_event_hs_descriptor_content(conn->rend_data->onion_address, \ - conn->requested_resource, \ - conn->identity_digest, \ - NULL) ) + control_event_hs_descriptor_content(rend_data_get_address(conn->rend_data), \ + conn->requested_resource, \ + conn->identity_digest, \ + NULL) ) tor_assert(conn->rend_data); log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d " "(%s))", @@ -2417,7 +2465,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) #define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) ( \ control_event_hs_descriptor_upload_failed( \ conn->identity_digest, \ - conn->rend_data->onion_address, \ + rend_data_get_address(conn->rend_data), \ reason) ) log_info(LD_REND,"Uploaded rendezvous descriptor (status %d " "(%s))", @@ -2431,7 +2479,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) "Uploading rendezvous descriptor: finished with status " "200 (%s)", escaped(reason)); control_event_hs_descriptor_uploaded(conn->identity_digest, - conn->rend_data->onion_address); + rend_data_get_address(conn->rend_data)); rend_service_desc_has_uploaded(conn->rend_data); break; case 400: @@ -2542,7 +2590,8 @@ connection_dir_about_to_close(dir_connection_t *dir_conn) * refetching is unnecessary.) */ if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 && dir_conn->rend_data && - strlen(dir_conn->rend_data->onion_address) == REND_SERVICE_ID_LEN_BASE32) + strlen(rend_data_get_address(dir_conn->rend_data)) == + REND_SERVICE_ID_LEN_BASE32) rend_client_refetch_v2_renddesc(dir_conn->rend_data); } @@ -2762,8 +2811,8 @@ static int handle_get_descriptor(dir_connection_t *conn, const get_handler_args_t *args); static int handle_get_keys(dir_connection_t *conn, const get_handler_args_t *args); -static int handle_get_rendezvous2(dir_connection_t *conn, - const get_handler_args_t *args); +static int handle_get_hs_descriptor_v2(dir_connection_t *conn, + const get_handler_args_t *args); static int handle_get_robots(dir_connection_t *conn, const get_handler_args_t *args); static int handle_get_networkstatus_bridges(dir_connection_t *conn, @@ -2779,7 +2828,8 @@ static const url_table_ent_t url_table[] = { { "/tor/server/", 1, handle_get_descriptor }, { "/tor/extra/", 1, handle_get_descriptor }, { "/tor/keys/", 1, handle_get_keys }, - { "/tor/rendezvous2/", 1, handle_get_rendezvous2 }, + { "/tor/rendezvous2/", 1, handle_get_hs_descriptor_v2 }, + { "/tor/hs/3/", 1, handle_get_hs_descriptor_v3 }, { "/tor/robots.txt", 0, handle_get_robots }, { "/tor/networkstatus-bridges", 0, handle_get_networkstatus_bridges }, { NULL, 0, NULL }, @@ -3347,7 +3397,8 @@ handle_get_keys(dir_connection_t *conn, const get_handler_args_t *args) /** Helper function for GET /tor/rendezvous2/ */ static int -handle_get_rendezvous2(dir_connection_t *conn, const get_handler_args_t *args) +handle_get_hs_descriptor_v2(dir_connection_t *conn, + const get_handler_args_t *args) { const char *url = args->url; if (connection_dir_is_encrypted(conn)) { @@ -3381,6 +3432,50 @@ handle_get_rendezvous2(dir_connection_t *conn, const get_handler_args_t *args) return 0; } +/** Helper function for GET /tor/hs/3/<z>. Only for version 3. + */ +STATIC int +handle_get_hs_descriptor_v3(dir_connection_t *conn, + const get_handler_args_t *args) +{ + int retval; + const char *desc_str = NULL; + const char *pubkey_str = NULL; + const char *url = args->url; + + /* Don't serve v3 descriptors if next gen onion service is disabled. */ + if (!hs_v3_protocol_is_enabled()) { + /* 404 is used for an unrecognized URL so send back the same. */ + write_http_status_line(conn, 404, "Not found"); + goto done; + } + + /* Reject unencrypted dir connections */ + if (!connection_dir_is_encrypted(conn)) { + write_http_status_line(conn, 404, "Not found"); + goto done; + } + + /* After the path prefix follows the base64 encoded blinded pubkey which we + * use to get the descriptor from the cache. Skip the prefix and get the + * pubkey. */ + tor_assert(!strcmpstart(url, "/tor/hs/3/")); + pubkey_str = url + strlen("/tor/hs/3/"); + retval = hs_cache_lookup_as_dir(HS_VERSION_THREE, + pubkey_str, &desc_str); + if (retval < 0) { + write_http_status_line(conn, 404, "Not found"); + goto done; + } + + /* Found requested descriptor! Pass it to this nice client. */ + write_http_response_header(conn, strlen(desc_str), 0, 0); + connection_write_to_buf(desc_str, strlen(desc_str), TO_CONN(conn)); + + done: + return 0; +} + /** Helper function for GET /tor/networkstatus-bridges */ static int @@ -3436,6 +3531,90 @@ handle_get_robots(dir_connection_t *conn, const get_handler_args_t *args) return 0; } +/* Given the <b>url</b> from a POST request, try to extract the version number + * using the provided <b>prefix</b>. The version should be after the prefix and + * ending with the seperator "/". For instance: + * /tor/hs/3/publish + * + * On success, <b>end_pos</b> points to the position right after the version + * was found. On error, it is set to NULL. + * + * Return version on success else negative value. */ +STATIC int +parse_hs_version_from_post(const char *url, const char *prefix, + const char **end_pos) +{ + int ok; + unsigned long version; + const char *start; + char *end = NULL; + + tor_assert(url); + tor_assert(prefix); + tor_assert(end_pos); + + /* Check if the prefix does start the url. */ + if (strcmpstart(url, prefix)) { + goto err; + } + /* Move pointer to the end of the prefix string. */ + start = url + strlen(prefix); + /* Try this to be the HS version and if we are still at the separator, next + * will be move to the right value. */ + version = tor_parse_long(start, 10, 0, INT_MAX, &ok, &end); + if (!ok) { + goto err; + } + + *end_pos = end; + return (int) version; + err: + *end_pos = NULL; + return -1; +} + +/* Handle the POST request for a hidden service descripror. The request is in + * <b>url</b>, the body of the request is in <b>body</b>. Return 200 on success + * else return 400 indicating a bad request. */ +STATIC int +handle_post_hs_descriptor(const char *url, const char *body) +{ + int version; + const char *end_pos; + + tor_assert(url); + tor_assert(body); + + version = parse_hs_version_from_post(url, "/tor/hs/", &end_pos); + if (version < 0) { + goto err; + } + + /* We have a valid version number, now make sure it's a publish request. Use + * the end position just after the version and check for the command. */ + if (strcmpstart(end_pos, "/publish")) { + goto err; + } + + switch (version) { + case HS_VERSION_THREE: + if (hs_cache_store_as_dir(body) < 0) { + goto err; + } + log_info(LD_REND, "Publish request for HS descriptor handled " + "successfully."); + break; + default: + /* Unsupported version, return a bad request. */ + goto err; + } + + return 200; + err: + /* Bad request. */ + return 400; +} + /** Helper function: called when a dirserver gets a complete HTTP POST * request. Look for an uploaded server descriptor or rendezvous * service descriptor. On finding one, process it and write a @@ -3480,6 +3659,28 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers, goto done; } + /* Handle HS descriptor publish request. */ + /* XXX: This should be disabled with a consensus param until we want to + * the prop224 be deployed and thus use. */ + if (connection_dir_is_encrypted(conn) && !strcmpstart(url, "/tor/hs/")) { + const char *msg = "HS descriptor stored successfully."; + /* Don't accept v3 and onward publish request if next gen onion service is + * disabled. */ + if (!hs_v3_protocol_is_enabled()) { + /* 404 is used for an unrecognized URL so send back the same. */ + write_http_status_line(conn, 404, "Not found"); + goto done; + } + + /* We most probably have a publish request for an HS descriptor. */ + int code = handle_post_hs_descriptor(url, body); + if (code != 200) { + msg = "Invalid HS descriptor. Rejected."; + } + write_http_status_line(conn, code, msg); + goto done; + } + if (!authdir_mode(options)) { /* we just provide cached directories; we don't want to * receive anything. */ @@ -3861,7 +4062,7 @@ download_status_schedule_get_delay(download_status_t *dls, delay = *(int *)smartlist_get(schedule, smartlist_len(schedule) - 1); } else if (dls->backoff == DL_SCHED_RANDOM_EXPONENTIAL) { /* Check if we missed a reset somehow */ - if (dls->last_backoff_position > dls_schedule_position) { + IF_BUG_ONCE(dls->last_backoff_position > dls_schedule_position) { dls->last_backoff_position = 0; dls->last_delay_used = 0; } diff --git a/src/or/directory.h b/src/or/directory.h index 629b3ead90..589df7b70d 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -138,13 +138,19 @@ int download_status_get_n_failures(const download_status_t *dls); int download_status_get_n_attempts(const download_status_t *dls); time_t download_status_get_next_attempt_at(const download_status_t *dls); -/* Yes, these two functions are confusingly similar. - * Let's sort that out in #20077. */ -int purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose); -int is_sensitive_dir_purpose(uint8_t dir_purpose); +int purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose, + const char *resource); + +#ifdef DIRECTORY_PRIVATE + +struct get_handler_args_t; +STATIC int handle_get_hs_descriptor_v3(dir_connection_t *conn, + const struct get_handler_args_t *args); + +#endif #ifdef TOR_UNIT_TESTS -/* Used only by directory.c and test_dir.c */ +/* Used only by test_dir.c */ STATIC int parse_http_url(const char *headers, char **url); STATIC dirinfo_type_t dir_fetch_type(int dir_purpose, int router_purpose, @@ -158,6 +164,8 @@ STATIC int download_status_schedule_get_delay(download_status_t *dls, int min_delay, int max_delay, time_t now); +STATIC int handle_post_hs_descriptor(const char *url, const char *body); + STATIC char* authdir_type_to_string(dirinfo_type_t auth); STATIC const char * dir_conn_purpose_to_string(int purpose); STATIC int should_use_directory_guards(const or_options_t *options); @@ -169,6 +177,9 @@ STATIC void find_dl_min_and_max_delay(download_status_t *dls, int *min, int *max); STATIC int next_random_exponential_delay(int delay, int max_delay); +STATIC int parse_hs_version_from_post(const char *url, const char *prefix, + const char **end_pos); + #endif #endif diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 34db06355b..399d5ea955 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -948,7 +948,7 @@ list_server_status_v1(smartlist_t *routers, char **router_status_out, if (!node->is_running) *cp++ = '!'; router_get_verbose_nickname(cp, ri); - smartlist_add(rs_entries, tor_strdup(name_buf)); + smartlist_add_strdup(rs_entries, name_buf); } else if (ri->cache_info.published_on >= cutoff) { smartlist_add(rs_entries, list_single_server_status(ri, node->is_running)); @@ -1069,8 +1069,10 @@ directory_fetches_dir_info_later(const or_options_t *options) return options->UseBridges != 0; } -/** Return true iff we want to fetch and keep certificates for authorities +/** Return true iff we want to serve certificates for authorities * that we don't acknowledge as authorities ourself. + * Use we_want_to_fetch_unknown_auth_certs to check if we want to fetch + * and keep these certificates. */ int directory_caches_unknown_auth_certs(const or_options_t *options) @@ -1078,11 +1080,14 @@ directory_caches_unknown_auth_certs(const or_options_t *options) return dir_server_mode(options) || options->BridgeRelay; } -/** Return 1 if we want to keep descriptors, networkstatuses, etc around. +/** Return 1 if we want to fetch and serve descriptors, networkstatuses, etc * Else return 0. * Check options->DirPort_set and directory_permits_begindir_requests() * to see if we are willing to serve these directory documents to others via * the DirPort and begindir-over-ORPort, respectively. + * + * To check if we should fetch documents, use we_want_to_fetch_flavor and + * we_want_to_fetch_unknown_auth_certs instead of this function. */ int directory_caches_dir_info(const or_options_t *options) @@ -1949,7 +1954,7 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version, vrs->status.guardfraction_percentage); } - smartlist_add(chunks, tor_strdup("\n")); + smartlist_add_strdup(chunks, "\n"); if (desc) { summary = policy_summarize(desc->exit_policy, AF_INET); @@ -1959,7 +1964,7 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version, if (format == NS_V3_VOTE && vrs) { if (tor_mem_is_zero((char*)vrs->ed25519_id, ED25519_PUBKEY_LEN)) { - smartlist_add(chunks, tor_strdup("id ed25519 none\n")); + smartlist_add_strdup(chunks, "id ed25519 none\n"); } else { char ed_b64[BASE64_DIGEST256_LEN+1]; digest256_to_base64(ed_b64, (const char*)vrs->ed25519_id); @@ -2968,7 +2973,7 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, config_line_t *cl; for (cl = get_options()->RecommendedPackages; cl; cl = cl->next) { if (validate_recommended_package_line(cl->value)) - smartlist_add(v3_out->package_lines, tor_strdup(cl->value)); + smartlist_add_strdup(v3_out->package_lines, cl->value); } } @@ -2977,9 +2982,9 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, "Authority Exit Fast Guard Stable V2Dir Valid HSDir", 0, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0); if (vote_on_reachability) - smartlist_add(v3_out->known_flags, tor_strdup("Running")); + smartlist_add_strdup(v3_out->known_flags, "Running"); if (listbadexits) - smartlist_add(v3_out->known_flags, tor_strdup("BadExit")); + smartlist_add_strdup(v3_out->known_flags, "BadExit"); smartlist_sort_strings(v3_out->known_flags); if (options->ConsensusParams) { @@ -3171,7 +3176,8 @@ dirserv_get_routerdescs(smartlist_t *descs_out, const char *key, void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, - const char *digest_rcvd) + const char *digest_rcvd, + const ed25519_public_key_t *ed_id_rcvd) { node_t *node = NULL; tor_addr_port_t orport; @@ -3183,8 +3189,25 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, node = node_get_mutable_by_id(digest_rcvd); if (node == NULL || node->ri == NULL) return; + ri = node->ri; + if (get_options()->AuthDirTestEd25519LinkKeys && + ri->cache_info.signing_key_cert) { + /* We allow the node to have an ed25519 key if we haven't been told one in + * the routerinfo, but if we *HAVE* been told one in the routerinfo, it + * needs to match. */ + const ed25519_public_key_t *expected_id = + &ri->cache_info.signing_key_cert->signing_key; + tor_assert(!ed25519_public_key_is_zero(expected_id)); + if (! ed_id_rcvd || ! ed25519_pubkey_eq(ed_id_rcvd, expected_id)) { + log_info(LD_DIRSERV, "Router at %s:%d with RSA ID %s " + "did not present expected Ed25519 ID.", + fmt_addr(addr), or_port, hex_str(digest_rcvd, DIGEST_LEN)); + return; /* Don't mark it as reachable. */ + } + } + tor_addr_copy(&orport.addr, addr); orport.port = or_port; if (router_has_orport(ri, &orport)) { @@ -3240,21 +3263,31 @@ dirserv_should_launch_reachability_test(const routerinfo_t *ri, void dirserv_single_reachability_test(time_t now, routerinfo_t *router) { + const or_options_t *options = get_options(); channel_t *chan = NULL; node_t *node = NULL; tor_addr_t router_addr; + const ed25519_public_key_t *ed_id_key; (void) now; tor_assert(router); node = node_get_mutable_by_id(router->cache_info.identity_digest); tor_assert(node); + if (options->AuthDirTestEd25519LinkKeys && + node_supports_ed25519_link_authentication(node)) { + ed_id_key = &router->cache_info.signing_key_cert->signing_key; + } else { + ed_id_key = NULL; + } + /* IPv4. */ log_debug(LD_OR,"Testing reachability of %s at %s:%u.", router->nickname, fmt_addr32(router->addr), router->or_port); tor_addr_from_ipv4h(&router_addr, router->addr); chan = channel_tls_connect(&router_addr, router->or_port, - router->cache_info.identity_digest); + router->cache_info.identity_digest, + ed_id_key); if (chan) command_setup_channel(chan); /* Possible IPv6. */ @@ -3266,7 +3299,8 @@ dirserv_single_reachability_test(time_t now, routerinfo_t *router) tor_addr_to_str(addrstr, &router->ipv6_addr, sizeof(addrstr), 1), router->ipv6_orport); chan = channel_tls_connect(&router->ipv6_addr, router->ipv6_orport, - router->cache_info.identity_digest); + router->cache_info.identity_digest, + ed_id_key); if (chan) command_setup_channel(chan); } } diff --git a/src/or/dirserv.h b/src/or/dirserv.h index 1e4f27e3d7..e83da5e5ac 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -73,7 +73,8 @@ int dirserv_get_routerdescs(smartlist_t *descs_out, const char *key, const char **msg); void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, - const char *digest_rcvd); + const char *digest_rcvd, + const ed25519_public_key_t *ed_id_rcvd); int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old); void dirserv_single_reachability_test(time_t now, routerinfo_t *router); diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 2c10e784b4..d14af41667 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -26,6 +26,39 @@ /** * \file dirvote.c * \brief Functions to compute directory consensus, and schedule voting. + * + * This module is the center of the consensus-voting based directory + * authority system. With this system, a set of authorities first + * publish vote based on their opinions of the network, and then compute + * a consensus from those votes. Each authority signs the consensus, + * and clients trust the consensus if enough known authorities have + * signed it. + * + * The code in this module is only invoked on directory authorities. It's + * responsible for: + * + * <ul> + * <li>Generating this authority's vote networkstatus, based on the + * authority's view of the network as represented in dirserv.c + * <li>Formatting the vote networkstatus objects. + * <li>Generating the microdescriptors that correspond to our own + * vote. + * <li>Sending votes to all the other authorities. + * <li>Trying to fetch missing votes from other authorities. + * <li>Computing the consensus from a set of votes, as well as + * a "detached signature" object for other authorities to fetch. + * <li>Collecting other authorities' signatures on the same consensus, + * until there are enough. + * <li>Publishing the consensus to the reset of the directory system. + * <li>Scheduling all of the above operations. + * </ul> + * + * The main entry points are in dirvote_act(), which handles scheduled + * actions; and dirvote_add_vote() and dirvote_add_signatures(), which + * handle uploaded and downloaded votes and signatures. + * + * (See dir-spec.txt from torspec.git for a complete specification of + * the directory protocol and voting algorithms.) **/ /** A consensus that we have built and are appending signatures to. Once it's @@ -250,11 +283,11 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, smartlist_add(chunks, rsf); for (h = vrs->microdesc; h; h = h->next) { - smartlist_add(chunks, tor_strdup(h->microdesc_hash_line)); + smartlist_add_strdup(chunks, h->microdesc_hash_line); } } SMARTLIST_FOREACH_END(vrs); - smartlist_add(chunks, tor_strdup("directory-footer\n")); + smartlist_add_strdup(chunks, "directory-footer\n"); /* The digest includes everything up through the space after * directory-signature. (Yuck.) */ @@ -880,7 +913,7 @@ networkstatus_check_weights(int64_t Wgg, int64_t Wgd, int64_t Wmg, * * It returns true if weights could be computed, false otherwise. */ -static int +int networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, int64_t M, int64_t E, int64_t D, int64_t T, int64_t weight_scale) @@ -962,7 +995,7 @@ networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, Wgd = weight_scale; } } else { // Subcase b: R+D >= S - casename = "Case 2b1 (Wgg=1, Wmd=Wgd)"; + casename = "Case 2b1 (Wgg=weight_scale, Wmd=Wgd)"; Wee = (weight_scale*(E - G + M))/E; Wed = (weight_scale*(D - 2*E + 4*G - 2*M))/(3*D); Wme = (weight_scale*(G-M))/E; @@ -975,7 +1008,7 @@ networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, weight_scale, G, M, E, D, T, 10, 1); if (berr) { - casename = "Case 2b2 (Wgg=1, Wee=1)"; + casename = "Case 2b2 (Wgg=weight_scale, Wee=weight_scale)"; Wgg = weight_scale; Wee = weight_scale; Wed = (weight_scale*(D - 2*E + G + M))/(3*D); @@ -1044,7 +1077,7 @@ networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, } else { // Subcase b: S+D >= T/3 // D != 0 because S+D >= T/3 if (G < E) { - casename = "Case 3bg (G scarce, Wgg=1, Wmd == Wed)"; + casename = "Case 3bg (G scarce, Wgg=weight_scale, Wmd == Wed)"; Wgg = weight_scale; Wgd = (weight_scale*(D - 2*G + E + M))/(3*D); Wmg = 0; @@ -1056,7 +1089,7 @@ networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee, Wed, weight_scale, G, M, E, D, T, 10, 1); } else { // G >= E - casename = "Case 3be (E scarce, Wee=1, Wmd == Wgd)"; + casename = "Case 3be (E scarce, Wee=weight_scale, Wmd == Wgd)"; Wee = weight_scale; Wed = (weight_scale*(D - 2*E + G + M))/(3*D); Wme = 0; @@ -1090,7 +1123,7 @@ networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, tor_assert(0 < weight_scale && weight_scale <= INT32_MAX); /* - * Provide Wgm=Wgg, Wmm=1, Wem=Wee, Weg=Wed. May later determine + * Provide Wgm=Wgg, Wmm=weight_scale, Wem=Wee, Weg=Wed. May later determine * that middle nodes need different bandwidth weights for dirport traffic, * or that weird exit policies need special weight, or that bridges * need special weight. @@ -1273,7 +1306,17 @@ compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes) * value in a newly allocated string. * * Note: this function DOES NOT check whether the votes are from - * recognized authorities. (dirvote_add_vote does that.) */ + * recognized authorities. (dirvote_add_vote does that.) + * + * <strong>WATCH OUT</strong>: You need to think before you change the + * behavior of this function, or of the functions it calls! If some + * authorities compute the consensus with a different algorithm than + * others, they will not reach the same result, and they will not all + * sign the same thing! If you really need to change the algorithm + * here, you should allocate a new "consensus_method" for the new + * behavior, and make the new behavior conditional on a new-enough + * consensus_method. + **/ char * networkstatus_compute_consensus(smartlist_t *votes, int total_authorities, @@ -1292,7 +1335,7 @@ networkstatus_compute_consensus(smartlist_t *votes, smartlist_t *flags; const char *flavor_name; uint32_t max_unmeasured_bw_kb = DEFAULT_MAX_UNMEASURED_BW_KB; - int64_t G=0, M=0, E=0, D=0, T=0; /* For bandwidth weights */ + int64_t G, M, E, D, T; /* For bandwidth weights */ const routerstatus_format_type_t rs_format = flavor == FLAV_NS ? NS_V3_CONSENSUS : NS_V3_CONSENSUS_MICRODESC; char *params = NULL; @@ -1324,6 +1367,16 @@ networkstatus_compute_consensus(smartlist_t *votes, consensus_method = MAX_SUPPORTED_CONSENSUS_METHOD; } + if (consensus_method >= MIN_METHOD_FOR_INIT_BW_WEIGHTS_ONE) { + /* It's smarter to initialize these weights to 1, so that later on, + * we can't accidentally divide by zero. */ + G = M = E = D = 1; + T = 4; + } else { + /* ...but originally, they were set to zero. */ + G = M = E = D = T = 0; + } + /* Compute medians of time-related things, and figure out how many * routers we might need to talk about. */ { @@ -1363,7 +1416,7 @@ networkstatus_compute_consensus(smartlist_t *votes, smartlist_free(sv); /* elements get freed later. */ } SMARTLIST_FOREACH(v->known_flags, const char *, cp, - smartlist_add(flags, tor_strdup(cp))); + smartlist_add_strdup(flags, cp)); } SMARTLIST_FOREACH_END(v); valid_after = median_time(va_times, n_votes); fresh_until = median_time(fu_times, n_votes); @@ -1396,7 +1449,7 @@ networkstatus_compute_consensus(smartlist_t *votes, smartlist_free(combined_client_versions); if (consensus_method >= MIN_METHOD_FOR_ED25519_ID_VOTING) - smartlist_add(flags, tor_strdup("NoEdConsensus")); + smartlist_add_strdup(flags, "NoEdConsensus"); smartlist_sort_strings(flags); smartlist_uniq_strings(flags); @@ -1460,9 +1513,9 @@ networkstatus_compute_consensus(smartlist_t *votes, total_authorities); if (smartlist_len(param_list)) { params = smartlist_join_strings(param_list, " ", 0, NULL); - smartlist_add(chunks, tor_strdup("params ")); + smartlist_add_strdup(chunks, "params "); smartlist_add(chunks, params); - smartlist_add(chunks, tor_strdup("\n")); + smartlist_add_strdup(chunks, "\n"); } if (consensus_method >= MIN_METHOD_FOR_SHARED_RANDOM) { @@ -2049,10 +2102,10 @@ networkstatus_compute_consensus(smartlist_t *votes, smartlist_join_strings(chosen_flags, " ", 0, NULL)); /* Now the version line. */ if (chosen_version) { - smartlist_add(chunks, tor_strdup("\nv ")); - smartlist_add(chunks, tor_strdup(chosen_version)); + smartlist_add_strdup(chunks, "\nv "); + smartlist_add_strdup(chunks, chosen_version); } - smartlist_add(chunks, tor_strdup("\n")); + smartlist_add_strdup(chunks, "\n"); if (chosen_protocol_list && consensus_method >= MIN_METHOD_FOR_RS_PROTOCOLS) { smartlist_add_asprintf(chunks, "pr %s\n", chosen_protocol_list); @@ -2105,7 +2158,7 @@ networkstatus_compute_consensus(smartlist_t *votes, } /* Mark the directory footer region */ - smartlist_add(chunks, tor_strdup("directory-footer\n")); + smartlist_add_strdup(chunks, "directory-footer\n"); { int64_t weight_scale = BW_WEIGHT_SCALE; @@ -2156,7 +2209,7 @@ networkstatus_compute_consensus(smartlist_t *votes, const char *algname = crypto_digest_algorithm_get_name(digest_alg); char *signature; - smartlist_add(chunks, tor_strdup("directory-signature ")); + smartlist_add_strdup(chunks, "directory-signature "); /* Compute the hash of the chunks. */ crypto_digest_smartlist(digest, digest_len, chunks, "", digest_alg); @@ -2183,7 +2236,7 @@ networkstatus_compute_consensus(smartlist_t *votes, smartlist_add(chunks, signature); if (legacy_id_key_digest && legacy_signing_key) { - smartlist_add(chunks, tor_strdup("directory-signature ")); + smartlist_add_strdup(chunks, "directory-signature "); base16_encode(fingerprint, sizeof(fingerprint), legacy_id_key_digest, DIGEST_LEN); crypto_pk_get_fingerprint(legacy_signing_key, @@ -2496,7 +2549,7 @@ networkstatus_format_signatures(networkstatus_t *consensus, base64_encode(buf, sizeof(buf), sig->signature, sig->signature_len, BASE64_ENCODE_MULTILINE); strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf)); - smartlist_add(elements, tor_strdup(buf)); + smartlist_add_strdup(elements, buf); } SMARTLIST_FOREACH_END(sig); } SMARTLIST_FOREACH_END(v); @@ -3606,8 +3659,8 @@ dirvote_add_signatures(const char *detached_signatures_body, "Queuing it for the next consensus.", source); if (!pending_consensus_signature_list) pending_consensus_signature_list = smartlist_new(); - smartlist_add(pending_consensus_signature_list, - tor_strdup(detached_signatures_body)); + smartlist_add_strdup(pending_consensus_signature_list, + detached_signatures_body); *msg = "Signature queued"; return 0; } diff --git a/src/or/dirvote.h b/src/or/dirvote.h index efd233ef5f..ac7db69db2 100644 --- a/src/or/dirvote.h +++ b/src/or/dirvote.h @@ -55,7 +55,7 @@ #define MIN_SUPPORTED_CONSENSUS_METHOD 13 /** The highest consensus method that we currently support. */ -#define MAX_SUPPORTED_CONSENSUS_METHOD 25 +#define MAX_SUPPORTED_CONSENSUS_METHOD 26 /** Lowest consensus method where microdesc consensuses omit any entry * with no microdesc. */ @@ -111,6 +111,10 @@ * entries. */ #define MIN_METHOD_FOR_RS_PROTOCOLS 25 +/** Lowest consensus method where authorities initialize bandwidth weights to 1 + * instead of 0. See #14881 */ +#define MIN_METHOD_FOR_INIT_BW_WEIGHTS_ONE 26 + /** Default bandwidth to clip unmeasured bandwidths to using method >= * MIN_METHOD_TO_CLIP_UNMEASURED_BW. (This is not a consensus method; do not * get confused with the above macros.) */ @@ -234,6 +238,10 @@ STATIC smartlist_t *dirvote_compute_params(smartlist_t *votes, int method, int total_authorities); STATIC char *compute_consensus_package_lines(smartlist_t *votes); STATIC char *make_consensus_method_list(int low, int high, const char *sep); +STATIC int +networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, + int64_t M, int64_t E, int64_t D, + int64_t T, int64_t weight_scale); #endif #endif diff --git a/src/or/dns.c b/src/or/dns.c index 5f9813b912..388104f8da 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -1750,7 +1750,7 @@ wildcard_increment_answer(const char *id) "invalid addresses. Apparently they are hijacking DNS failures. " "I'll try to correct for this by treating future occurrences of " "\"%s\" as 'not found'.", id, *ip, id); - smartlist_add(dns_wildcard_list, tor_strdup(id)); + smartlist_add_strdup(dns_wildcard_list, id); } if (!dns_wildcard_notice_given) control_event_server_status(LOG_NOTICE, "DNS_HIJACKED"); @@ -1774,7 +1774,7 @@ add_wildcarded_test_address(const char *address) n_test_addrs = get_options()->ServerDNSTestAddresses ? smartlist_len(get_options()->ServerDNSTestAddresses) : 0; - smartlist_add(dns_wildcarded_test_address_list, tor_strdup(address)); + smartlist_add_strdup(dns_wildcarded_test_address_list, address); n = smartlist_len(dns_wildcarded_test_address_list); if (n > n_test_addrs/2) { tor_log(dns_wildcarded_test_address_notice_given ? LOG_INFO : LOG_NOTICE, diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index f5a4f2ac0f..c5c0a88b09 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -3,10 +3,22 @@ /** * \file dnsserv.c - * \brief Implements client-side DNS proxy server code. Note: - * this is the DNS Server code, not the Server DNS code. Confused? This code - * runs on client-side, and acts as a DNS server. The code in dns.c, on the - * other hand, runs on Tor servers, and acts as a DNS client. + * \brief Implements client-side DNS proxy server code. + * + * When a user enables the DNSPort configuration option to have their local + * Tor client handle DNS requests, this module handles it. It functions as a + * "DNS Server" on the client side, which client applications use. + * + * Inbound DNS requests are represented as entry_connection_t here (since + * that's how Tor represents client-side streams), which are kept associated + * with an evdns_server_request structure as exposed by Libevent's + * evdns code. + * + * Upon receiving a DNS request, libevent calls our evdns_server_callback() + * function here, which causes this module to create an entry_connection_t + * request as appropriate. Later, when that request is answered, + * connection_edge.c calls dnsserv_resolved() so we can finish up and tell the + * DNS client. **/ #include "or.h" diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 265b6dcda1..af1b1a39ab 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -15,13 +15,13 @@ #define ENTRYNODES_PRIVATE #include "or.h" +#include "channel.h" #include "circpathbias.h" #include "circuitbuild.h" #include "circuitstats.h" #include "config.h" #include "confparse.h" #include "connection.h" -#include "connection_or.h" #include "control.h" #include "directory.h" #include "entrynodes.h" @@ -63,17 +63,42 @@ typedef struct { smartlist_t *socks_args; } bridge_info_t; -/** A list of our chosen entry guards. */ -static smartlist_t *entry_guards = NULL; -/** A value of 1 means that the entry_guards list has changed - * and those changes need to be flushed to disk. */ -static int entry_guards_dirty = 0; +/** All the context for guard selection on a particular client */ + +struct guard_selection_s { + /** + * A value of 1 means that guard_selection_t structures have changed + * and those changes need to be flushed to disk. + * + * XXX we don't know how to flush multiple guard contexts to disk yet; + * fix that as soon as any way to change the default exists, or at least + * make sure this gets set on change. + */ + int dirty; + + /** + * A list of our chosen entry guards, as entry_guard_t structures; this + * preserves the pre-Prop271 behavior. + */ + smartlist_t *chosen_entry_guards; + + /** + * When we try to choose an entry guard, should we parse and add + * config's EntryNodes first? This was formerly a global. + */ + int should_add_entry_nodes; +}; + +static smartlist_t *guard_contexts = NULL; +static guard_selection_t *curr_guard_context = NULL; static void bridge_free(bridge_info_t *bridge); -static const node_t *choose_random_entry_impl(cpath_build_state_t *state, +static const node_t *choose_random_entry_impl(guard_selection_t *gs, + cpath_build_state_t *state, int for_directory, dirinfo_type_t dirtype, int *n_options_out); +static guard_selection_t * guard_selection_new(void); static int num_bridges_usable(void); /* Default number of entry guards in the case where the NumEntryGuards @@ -84,13 +109,52 @@ static int num_bridges_usable(void); #define MIN_N_GUARDS 1 #define MAX_N_GUARDS 10 -/** Return the list of entry guards, creating it if necessary. */ +/** Allocate a new guard_selection_t */ + +static guard_selection_t * +guard_selection_new(void) +{ + guard_selection_t *gs; + + gs = tor_malloc_zero(sizeof(*gs)); + gs->chosen_entry_guards = smartlist_new(); + + return gs; +} + +/** Get current default guard_selection_t, creating it if necessary */ +guard_selection_t * +get_guard_selection_info(void) +{ + if (!guard_contexts) { + guard_contexts = smartlist_new(); + } + + if (!curr_guard_context) { + curr_guard_context = guard_selection_new(); + smartlist_add(guard_contexts, curr_guard_context); + } + + return curr_guard_context; +} + +/** Return the list of entry guards for a guard_selection_t, creating it + * if necessary. */ +const smartlist_t * +get_entry_guards_for_guard_selection(guard_selection_t *gs) +{ + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + + return gs->chosen_entry_guards; +} + +/** Return the list of entry guards for the default guard_selection_t, + * creating it if necessary. */ const smartlist_t * get_entry_guards(void) { - if (! entry_guards) - entry_guards = smartlist_new(); - return entry_guards; + return get_entry_guards_for_guard_selection(get_guard_selection_info()); } /** Check whether the entry guard <b>e</b> is usable, given the directory @@ -286,21 +350,28 @@ entry_is_live(const entry_guard_t *e, entry_is_live_flags_t flags, return node; } -/** Return the number of entry guards that we think are usable. */ +/** Return the number of entry guards that we think are usable, in the + * context of the given guard_selection_t */ int -num_live_entry_guards(int for_directory) +num_live_entry_guards_for_guard_selection(guard_selection_t *gs, + int for_directory) { int n = 0; const char *msg; + + tor_assert(gs != NULL); + /* Set the entry node attributes we are interested in. */ entry_is_live_flags_t entry_flags = ENTRY_NEED_CAPACITY; if (!for_directory) { entry_flags |= ENTRY_NEED_DESCRIPTOR; } - if (! entry_guards) + if (!(gs->chosen_entry_guards)) { return 0; - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) { + } + + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, entry) { if (for_directory && !entry->is_dir_cache) continue; if (entry_is_live(entry, entry_flags, &msg)) @@ -309,27 +380,57 @@ num_live_entry_guards(int for_directory) return n; } +/** Return the number of entry guards that we think are usable, for the + * default guard selection */ +int +num_live_entry_guards(int for_directory) +{ + return num_live_entry_guards_for_guard_selection( + get_guard_selection_info(), for_directory); +} + /** If <b>digest</b> matches the identity of any node in the - * entry_guards list, return that node. Else return NULL. */ + * entry_guards list for the provided guard selection state, + return that node. Else return NULL. */ entry_guard_t * -entry_guard_get_by_id_digest(const char *digest) +entry_guard_get_by_id_digest_for_guard_selection(guard_selection_t *gs, + const char *digest) { - SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry, + tor_assert(gs != NULL); + + SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, entry, if (tor_memeq(digest, entry->identity, DIGEST_LEN)) return entry; ); return NULL; } -/** Dump a description of our list of entry guards to the log at level - * <b>severity</b>. */ +/** If <b>digest</b> matches the identity of any node in the + * entry_guards list for the default guard selection state, + return that node. Else return NULL. */ +entry_guard_t * +entry_guard_get_by_id_digest(const char *digest) +{ + return entry_guard_get_by_id_digest_for_guard_selection( + get_guard_selection_info(), digest); +} + +/** Dump a description of our list of entry guards in the given guard + * selection context to the log at level <b>severity</b>. */ static void -log_entry_guards(int severity) +log_entry_guards_for_guard_selection(guard_selection_t *gs, int severity) { smartlist_t *elements = smartlist_new(); char *s; - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) + /* + * TODO this should probably log more info about prop-271 state too + * when it's implemented. + */ + + tor_assert(gs != NULL); + + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { const char *msg = NULL; if (entry_is_live(e, ENTRY_NEED_CAPACITY, &msg)) @@ -386,23 +487,28 @@ control_event_guard_deferred(void) /** Largest amount that we'll backdate chosen_on_date */ #define CHOSEN_ON_DATE_SLOP (30*86400) -/** Add a new (preferably stable and fast) router to our - * entry_guards list. Return a pointer to the router if we succeed, - * or NULL if we can't find any more suitable entries. +/** Add a new (preferably stable and fast) router to our chosen_entry_guards + * list for the supplied guard selection. Return a pointer to the router if + * we succeed, or NULL if we can't find any more suitable entries. * * If <b>chosen</b> is defined, use that one, and if it's not * already in our entry_guards list, put it at the *beginning*. * Else, put the one we pick at the end of the list. */ STATIC const node_t * -add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, +add_an_entry_guard(guard_selection_t *gs, + const node_t *chosen, int reset_status, int prepend, int for_discovery, int for_directory) { const node_t *node; entry_guard_t *entry; + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + if (chosen) { node = chosen; - entry = entry_guard_get_by_id_digest(node->identity); + entry = entry_guard_get_by_id_digest_for_guard_selection(gs, + node->identity); if (entry) { if (reset_status) { entry->bad_since = 0; @@ -428,13 +534,11 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, if (!node) return NULL; } - if (node->using_as_guard) - return NULL; - if (entry_guard_get_by_id_digest(node->identity) != NULL) { + if (entry_guard_get_by_id_digest_for_guard_selection(gs, node->identity) + != NULL) { log_info(LD_CIRC, "I was about to add a duplicate entry guard."); /* This can happen if we choose a guard, then the node goes away, then * comes back. */ - ((node_t*) node)->using_as_guard = 1; return NULL; } entry = tor_malloc_zero(sizeof(entry_guard_t)); @@ -466,14 +570,15 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, if (!for_discovery) entry->made_contact = 1; - ((node_t*)node)->using_as_guard = 1; if (prepend) - smartlist_insert(entry_guards, 0, entry); + smartlist_insert(gs->chosen_entry_guards, 0, entry); else - smartlist_add(entry_guards, entry); + smartlist_add(gs->chosen_entry_guards, entry); + control_event_guard(entry->nickname, entry->identity, "NEW"); control_event_guard_deferred(); - log_entry_guards(LOG_INFO); + log_entry_guards_for_guard_selection(gs, LOG_INFO); + return node; } @@ -503,20 +608,25 @@ decide_num_guards(const or_options_t *options, int for_directory) /** If the use of entry guards is configured, choose more entry guards * until we have enough in the list. */ static void -pick_entry_guards(const or_options_t *options, int for_directory) +pick_entry_guards(guard_selection_t *gs, + const or_options_t *options, + int for_directory) { int changed = 0; const int num_needed = decide_num_guards(options, for_directory); - tor_assert(entry_guards); + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); - while (num_live_entry_guards(for_directory) < num_needed) { - if (!add_an_entry_guard(NULL, 0, 0, 0, for_directory)) + while (num_live_entry_guards_for_guard_selection(gs, for_directory) + < num_needed) { + if (!add_an_entry_guard(gs, NULL, 0, 0, 0, for_directory)) break; changed = 1; } + if (changed) - entry_guards_changed(); + entry_guards_changed_for_guard_selection(gs); } /** How long (in seconds) do we allow an entry guard to be nonfunctional, @@ -559,19 +669,23 @@ guards_get_lifetime(void) MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP; } -/** Remove any entry guard which was selected by an unknown version of Tor, - * or which was selected by a version of Tor that's known to select - * entry guards badly, or which was selected more 2 months ago. */ +/** Remove from a guard selection context any entry guard which was selected + * by an unknown version of Tor, or which was selected by a version of Tor + * that's known to select entry guards badly, or which was selected more 2 + * months ago. */ /* XXXX The "obsolete guards" and "chosen long ago guards" things should * probably be different functions. */ static int -remove_obsolete_entry_guards(time_t now) +remove_obsolete_entry_guards(guard_selection_t *gs, time_t now) { int changed = 0, i; int32_t guard_lifetime = guards_get_lifetime(); - for (i = 0; i < smartlist_len(entry_guards); ++i) { - entry_guard_t *entry = smartlist_get(entry_guards, i); + tor_assert(gs != NULL); + if (!(gs->chosen_entry_guards)) goto done; + + for (i = 0; i < smartlist_len(gs->chosen_entry_guards); ++i) { + entry_guard_t *entry = smartlist_get(gs->chosen_entry_guards, i); const char *ver = entry->chosen_by_version; const char *msg = NULL; tor_version_t v; @@ -598,28 +712,32 @@ remove_obsolete_entry_guards(time_t now) entry->nickname, dbuf, msg, ver?escaped(ver):"none"); control_event_guard(entry->nickname, entry->identity, "DROPPED"); entry_guard_free(entry); - smartlist_del_keeporder(entry_guards, i--); - log_entry_guards(LOG_INFO); + smartlist_del_keeporder(gs->chosen_entry_guards, i--); + log_entry_guards_for_guard_selection(gs, LOG_INFO); changed = 1; } } + done: return changed ? 1 : 0; } -/** Remove all entry guards that have been down or unlisted for so - * long that we don't think they'll come up again. Return 1 if we - * removed any, or 0 if we did nothing. */ +/** Remove all entry guards from this guard selection context that have + * been down or unlisted for so long that we don't think they'll come up + * again. Return 1 if we removed any, or 0 if we did nothing. */ static int -remove_dead_entry_guards(time_t now) +remove_dead_entry_guards(guard_selection_t *gs, time_t now) { char dbuf[HEX_DIGEST_LEN+1]; char tbuf[ISO_TIME_LEN+1]; int i; int changed = 0; - for (i = 0; i < smartlist_len(entry_guards); ) { - entry_guard_t *entry = smartlist_get(entry_guards, i); + tor_assert(gs != NULL); + if (!(gs->chosen_entry_guards)) goto done; + + for (i = 0; i < smartlist_len(gs->chosen_entry_guards); ) { + entry_guard_t *entry = smartlist_get(gs->chosen_entry_guards, i); if (entry->bad_since && ! entry->path_bias_disabled && entry->bad_since + ENTRY_GUARD_REMOVE_AFTER < now) { @@ -631,32 +749,47 @@ remove_dead_entry_guards(time_t now) entry->nickname, dbuf, tbuf); control_event_guard(entry->nickname, entry->identity, "DROPPED"); entry_guard_free(entry); - smartlist_del_keeporder(entry_guards, i); - log_entry_guards(LOG_INFO); + smartlist_del_keeporder(gs->chosen_entry_guards, i); + log_entry_guards_for_guard_selection(gs, LOG_INFO); changed = 1; } else ++i; } + + done: return changed ? 1 : 0; } -/** Remove all currently listed entry guards. So new ones will be chosen. */ +/** Remove all currently listed entry guards for a given guard selection + * context */ void -remove_all_entry_guards(void) +remove_all_entry_guards_for_guard_selection(guard_selection_t *gs) { char dbuf[HEX_DIGEST_LEN+1]; - while (smartlist_len(entry_guards)) { - entry_guard_t *entry = smartlist_get(entry_guards, 0); - base16_encode(dbuf, sizeof(dbuf), entry->identity, DIGEST_LEN); - log_info(LD_CIRC, "Entry guard '%s' (%s) has been dropped.", - entry->nickname, dbuf); - control_event_guard(entry->nickname, entry->identity, "DROPPED"); - entry_guard_free(entry); - smartlist_del(entry_guards, 0); + tor_assert(gs != NULL); + + if (gs->chosen_entry_guards) { + while (smartlist_len(gs->chosen_entry_guards)) { + entry_guard_t *entry = smartlist_get(gs->chosen_entry_guards, 0); + base16_encode(dbuf, sizeof(dbuf), entry->identity, DIGEST_LEN); + log_info(LD_CIRC, "Entry guard '%s' (%s) has been dropped.", + entry->nickname, dbuf); + control_event_guard(entry->nickname, entry->identity, "DROPPED"); + entry_guard_free(entry); + smartlist_del(gs->chosen_entry_guards, 0); + } } - log_entry_guards(LOG_INFO); - entry_guards_changed(); + + log_entry_guards_for_guard_selection(gs, LOG_INFO); + entry_guards_changed_for_guard_selection(gs); +} + +/** Remove all currently listed entry guards. So new ones will be chosen. */ +void +remove_all_entry_guards(void) +{ + remove_all_entry_guards_for_guard_selection(get_guard_selection_info()); } /** A new directory or router-status has arrived; update the down/listed @@ -669,19 +802,21 @@ remove_all_entry_guards(void) * think that things are unlisted. */ void -entry_guards_compute_status(const or_options_t *options, time_t now) +entry_guards_compute_status_for_guard_selection(guard_selection_t *gs, + const or_options_t *options, + time_t now) { int changed = 0; digestmap_t *reasons; - if (! entry_guards) + if ((!gs) || !(gs->chosen_entry_guards)) return; if (options->EntryNodes) /* reshuffle the entry guard list if needed */ entry_nodes_should_be_added(); reasons = digestmap_new(); - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, entry) { const node_t *r = node_get_by_id(entry->identity); const char *reason = NULL; @@ -695,13 +830,14 @@ entry_guards_compute_status(const or_options_t *options, time_t now) } SMARTLIST_FOREACH_END(entry); - if (remove_dead_entry_guards(now)) + if (remove_dead_entry_guards(gs, now)) changed = 1; - if (remove_obsolete_entry_guards(now)) + if (remove_obsolete_entry_guards(gs, now)) changed = 1; if (changed) { - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) { + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, + entry) { const char *reason = digestmap_get(reasons, entry->identity); const char *live_msg = ""; const node_t *r = entry_is_live(entry, ENTRY_NEED_CAPACITY, &live_msg); @@ -716,14 +852,31 @@ entry_guards_compute_status(const or_options_t *options, time_t now) r ? "" : live_msg); } SMARTLIST_FOREACH_END(entry); log_info(LD_CIRC, " (%d/%d entry guards are usable/new)", - num_live_entry_guards(0), smartlist_len(entry_guards)); - log_entry_guards(LOG_INFO); - entry_guards_changed(); + num_live_entry_guards_for_guard_selection(gs, 0), + smartlist_len(gs->chosen_entry_guards)); + log_entry_guards_for_guard_selection(gs, LOG_INFO); + entry_guards_changed_for_guard_selection(gs); } digestmap_free(reasons, NULL); } +/** A new directory or router-status has arrived; update the down/listed + * status of the entry guards. + * + * An entry is 'down' if the directory lists it as nonrunning. + * An entry is 'unlisted' if the directory doesn't include it. + * + * Don't call this on startup; only on a fresh download. Otherwise we'll + * think that things are unlisted. + */ +void +entry_guards_compute_status(const or_options_t *options, time_t now) +{ + entry_guards_compute_status_for_guard_selection(get_guard_selection_info(), + options, now); +} + /** Called when a connection to an OR with the identity digest <b>digest</b> * is established (<b>succeeded</b>==1) or has failed (<b>succeeded</b>==0). * If the OR is an entry, change that entry's up/down status. @@ -736,8 +889,9 @@ entry_guards_compute_status(const or_options_t *options, time_t now) * Too many boolean arguments is a recipe for confusion. */ int -entry_guard_register_connect_status(const char *digest, int succeeded, - int mark_relay_status, time_t now) +entry_guard_register_connect_status_for_guard_selection( + guard_selection_t *gs, const char *digest, int succeeded, + int mark_relay_status, time_t now) { int changed = 0; int refuse_conn = 0; @@ -746,10 +900,11 @@ entry_guard_register_connect_status(const char *digest, int succeeded, int idx = -1; char buf[HEX_DIGEST_LEN+1]; - if (! entry_guards) + if (!(gs) || !(gs->chosen_entry_guards)) { return 0; + } - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { tor_assert(e); if (tor_memeq(e->identity, digest, DIGEST_LEN)) { entry = e; @@ -784,11 +939,12 @@ entry_guard_register_connect_status(const char *digest, int succeeded, "Connection to never-contacted entry guard '%s' (%s) failed. " "Removing from the list. %d/%d entry guards usable/new.", entry->nickname, buf, - num_live_entry_guards(0)-1, smartlist_len(entry_guards)-1); + num_live_entry_guards_for_guard_selection(gs, 0) - 1, + smartlist_len(gs->chosen_entry_guards)-1); control_event_guard(entry->nickname, entry->identity, "DROPPED"); entry_guard_free(entry); - smartlist_del_keeporder(entry_guards, idx); - log_entry_guards(LOG_INFO); + smartlist_del_keeporder(gs->chosen_entry_guards, idx); + log_entry_guards_for_guard_selection(gs, LOG_INFO); changed = 1; } else if (!entry->unreachable_since) { log_info(LD_CIRC, "Unable to connect to entry guard '%s' (%s). " @@ -818,7 +974,7 @@ entry_guard_register_connect_status(const char *digest, int succeeded, * came back? We should give our earlier entries another try too, * and close this connection so we don't use it before we've given * the others a shot. */ - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { if (e == entry) break; if (e->made_contact) { @@ -837,56 +993,68 @@ entry_guard_register_connect_status(const char *digest, int succeeded, "Connected to new entry guard '%s' (%s). Marking earlier " "entry guards up. %d/%d entry guards usable/new.", entry->nickname, buf, - num_live_entry_guards(0), smartlist_len(entry_guards)); - log_entry_guards(LOG_INFO); + num_live_entry_guards_for_guard_selection(gs, 0), + smartlist_len(gs->chosen_entry_guards)); + log_entry_guards_for_guard_selection(gs, LOG_INFO); changed = 1; } } if (changed) - entry_guards_changed(); + entry_guards_changed_for_guard_selection(gs); return refuse_conn ? -1 : 0; } -/** When we try to choose an entry guard, should we parse and add - * config's EntryNodes first? */ -static int should_add_entry_nodes = 0; +/** Called when a connection to an OR with the identity digest <b>digest</b> + * is established (<b>succeeded</b>==1) or has failed (<b>succeeded</b>==0). + * If the OR is an entry, change that entry's up/down status in the default + * guard selection context. + * Return 0 normally, or -1 if we want to tear down the new connection. + * + * If <b>mark_relay_status</b>, also call router_set_status() on this + * relay. + */ +int +entry_guard_register_connect_status(const char *digest, int succeeded, + int mark_relay_status, time_t now) +{ + return entry_guard_register_connect_status_for_guard_selection( + get_guard_selection_info(), digest, succeeded, mark_relay_status, now); +} /** Called when the value of EntryNodes changes in our configuration. */ void -entry_nodes_should_be_added(void) +entry_nodes_should_be_added_for_guard_selection(guard_selection_t *gs) { + tor_assert(gs != NULL); + log_info(LD_CIRC, "EntryNodes config option set. Putting configured " "relays at the front of the entry guard list."); - should_add_entry_nodes = 1; + gs->should_add_entry_nodes = 1; } -/** Update the using_as_guard fields of all the nodes. We do this after we - * remove entry guards from the list: This is the only function that clears - * the using_as_guard field. */ -static void -update_node_guard_status(void) -{ - smartlist_t *nodes = nodelist_get_list(); - SMARTLIST_FOREACH(nodes, node_t *, node, node->using_as_guard = 0); - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) { - node_t *node = node_get_mutable_by_id(entry->identity); - if (node) - node->using_as_guard = 1; - } SMARTLIST_FOREACH_END(entry); +/** Called when the value of EntryNodes changes in our configuration. */ +void +entry_nodes_should_be_added(void) +{ + entry_nodes_should_be_added_for_guard_selection( + get_guard_selection_info()); } /** Adjust the entry guards list so that it only contains entries from * EntryNodes, adding new entries from EntryNodes to the list as needed. */ STATIC void -entry_guards_set_from_config(const or_options_t *options) +entry_guards_set_from_config(guard_selection_t *gs, + const or_options_t *options) { smartlist_t *entry_nodes, *worse_entry_nodes, *entry_fps; smartlist_t *old_entry_guards_on_list, *old_entry_guards_not_on_list; const int numentryguards = decide_num_guards(options, 0); - tor_assert(entry_guards); - should_add_entry_nodes = 0; + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + + gs->should_add_entry_nodes = 0; if (!options->EntryNodes) { /* It's possible that a controller set EntryNodes, thus making @@ -915,7 +1083,7 @@ entry_guards_set_from_config(const or_options_t *options) SMARTLIST_FOREACH(entry_nodes, const node_t *,node, smartlist_add(entry_fps, (void*)node->identity)); - SMARTLIST_FOREACH(entry_guards, entry_guard_t *, e, { + SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, e, { if (smartlist_contains_digest(entry_fps, e->identity)) smartlist_add(old_entry_guards_on_list, e); else @@ -925,7 +1093,8 @@ entry_guards_set_from_config(const or_options_t *options) /* Remove all currently configured guard nodes, excluded nodes, unreachable * nodes, or non-Guard nodes from entry_nodes. */ SMARTLIST_FOREACH_BEGIN(entry_nodes, const node_t *, node) { - if (entry_guard_get_by_id_digest(node->identity)) { + if (entry_guard_get_by_id_digest_for_guard_selection(gs, + node->identity)) { SMARTLIST_DEL_CURRENT(entry_nodes, node); continue; } else if (routerset_contains_node(options->ExcludeNodes, node)) { @@ -942,9 +1111,9 @@ entry_guards_set_from_config(const or_options_t *options) } SMARTLIST_FOREACH_END(node); /* Now build the new entry_guards list. */ - smartlist_clear(entry_guards); + smartlist_clear(gs->chosen_entry_guards); /* First, the previously configured guards that are in EntryNodes. */ - smartlist_add_all(entry_guards, old_entry_guards_on_list); + smartlist_add_all(gs->chosen_entry_guards, old_entry_guards_on_list); /* Next, scramble the rest of EntryNodes, putting the guards first. */ smartlist_shuffle(entry_nodes); smartlist_shuffle(worse_entry_nodes); @@ -952,24 +1121,23 @@ entry_guards_set_from_config(const or_options_t *options) /* Next, the rest of EntryNodes */ SMARTLIST_FOREACH_BEGIN(entry_nodes, const node_t *, node) { - add_an_entry_guard(node, 0, 0, 1, 0); - if (smartlist_len(entry_guards) > numentryguards * 10) + add_an_entry_guard(gs, node, 0, 0, 1, 0); + if (smartlist_len(gs->chosen_entry_guards) > numentryguards * 10) break; } SMARTLIST_FOREACH_END(node); - log_notice(LD_GENERAL, "%d entries in guards", smartlist_len(entry_guards)); + log_notice(LD_GENERAL, "%d entries in guards", + smartlist_len(gs->chosen_entry_guards)); /* Finally, free the remaining previously configured guards that are not in * EntryNodes. */ SMARTLIST_FOREACH(old_entry_guards_not_on_list, entry_guard_t *, e, entry_guard_free(e)); - update_node_guard_status(); - smartlist_free(entry_nodes); smartlist_free(worse_entry_nodes); smartlist_free(entry_fps); smartlist_free(old_entry_guards_on_list); smartlist_free(old_entry_guards_not_on_list); - entry_guards_changed(); + entry_guards_changed_for_guard_selection(gs); } /** Return 0 if we're fine adding arbitrary routers out of the @@ -996,7 +1164,8 @@ entry_list_is_constrained(const or_options_t *options) const node_t * choose_random_entry(cpath_build_state_t *state) { - return choose_random_entry_impl(state, 0, NO_DIRINFO, NULL); + return choose_random_entry_impl(get_guard_selection_info(), + state, 0, NO_DIRINFO, NULL); } /** Pick a live (up and listed) directory guard from entry_guards for @@ -1004,7 +1173,8 @@ choose_random_entry(cpath_build_state_t *state) const node_t * choose_random_dirguard(dirinfo_type_t type) { - return choose_random_entry_impl(NULL, 1, type, NULL); + return choose_random_entry_impl(get_guard_selection_info(), + NULL, 1, type, NULL); } /** Filter <b>all_entry_guards</b> for usable entry guards and put them @@ -1095,7 +1265,8 @@ populate_live_entry_guards(smartlist_t *live_entry_guards, return retval; } -/** Pick a node to be used as the entry guard of a circuit. +/** Pick a node to be used as the entry guard of a circuit, relative to + * a supplied guard selection context. * * If <b>state</b> is set, it contains the information we know about * the upcoming circuit. @@ -1116,7 +1287,8 @@ populate_live_entry_guards(smartlist_t *live_entry_guards, * Helper for choose_random{entry,dirguard}. */ static const node_t * -choose_random_entry_impl(cpath_build_state_t *state, int for_directory, +choose_random_entry_impl(guard_selection_t *gs, + cpath_build_state_t *state, int for_directory, dirinfo_type_t dirinfo_type, int *n_options_out) { const or_options_t *options = get_options(); @@ -1130,18 +1302,18 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory, const int num_needed = decide_num_guards(options, for_directory); int retval = 0; + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + if (n_options_out) *n_options_out = 0; - if (!entry_guards) - entry_guards = smartlist_new(); - - if (should_add_entry_nodes) - entry_guards_set_from_config(options); + if (gs->should_add_entry_nodes) + entry_guards_set_from_config(gs, options); if (!entry_list_is_constrained(options) && - smartlist_len(entry_guards) < num_needed) - pick_entry_guards(options, for_directory); + smartlist_len(gs->chosen_entry_guards) < num_needed) + pick_entry_guards(gs, options, for_directory); retry: smartlist_clear(live_entry_guards); @@ -1149,7 +1321,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory, /* Populate the list of live entry guards so that we pick one of them. */ retval = populate_live_entry_guards(live_entry_guards, - entry_guards, + gs->chosen_entry_guards, chosen_exit, dirinfo_type, for_directory, @@ -1177,9 +1349,9 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory, /* XXX if guard doesn't imply fast and stable, then we need * to tell add_an_entry_guard below what we want, or it might * be a long time til we get it. -RD */ - node = add_an_entry_guard(NULL, 0, 0, 1, for_directory); + node = add_an_entry_guard(gs, NULL, 0, 0, 1, for_directory); if (node) { - entry_guards_changed(); + entry_guards_changed_for_guard_selection(gs); /* XXX we start over here in case the new node we added shares * a family with our exit node. There's a chance that we'll just * load up on entry guards here, if the network we're using is @@ -1219,13 +1391,15 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory, } /** Parse <b>state</b> and learn about the entry guards it describes. - * If <b>set</b> is true, and there are no errors, replace the global - * entry_list with what we find. + * If <b>set</b> is true, and there are no errors, replace the guard + * list in the provided guard selection context with what we find. * On success, return 0. On failure, alloc into *<b>msg</b> a string * describing the error, and return -1. */ int -entry_guards_parse_state(or_state_t *state, int set, char **msg) +entry_guards_parse_state_for_guard_selection( + guard_selection_t *gs, + or_state_t *state, int set, char **msg) { entry_guard_t *node = NULL; smartlist_t *new_entry_guards = smartlist_new(); @@ -1234,6 +1408,8 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg) const char *state_version = state->TorVersion; digestmap_t *added_by = digestmap_new(); + tor_assert(gs != NULL); + *msg = NULL; for (line = state->EntryGuards; line; line = line->next) { if (!strcasecmp(line->key, "EntryGuard")) { @@ -1469,24 +1645,36 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg) entry_guard_free(e)); smartlist_free(new_entry_guards); } else { /* !err && set */ - if (entry_guards) { - SMARTLIST_FOREACH(entry_guards, entry_guard_t *, e, + if (gs->chosen_entry_guards) { + SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, e, entry_guard_free(e)); - smartlist_free(entry_guards); + smartlist_free(gs->chosen_entry_guards); } - entry_guards = new_entry_guards; - entry_guards_dirty = 0; + gs->chosen_entry_guards = new_entry_guards; + gs->dirty = 0; /* XXX hand new_entry_guards to this func, and move it up a * few lines, so we don't have to re-dirty it */ - if (remove_obsolete_entry_guards(now)) - entry_guards_dirty = 1; - - update_node_guard_status(); + if (remove_obsolete_entry_guards(gs, now)) + gs->dirty = 1; } digestmap_free(added_by, tor_free_); return *msg ? -1 : 0; } +/** Parse <b>state</b> and learn about the entry guards it describes. + * If <b>set</b> is true, and there are no errors, replace the guard + * list in the default guard selection context with what we find. + * On success, return 0. On failure, alloc into *<b>msg</b> a string + * describing the error, and return -1. + */ +int +entry_guards_parse_state(or_state_t *state, int set, char **msg) +{ + return entry_guards_parse_state_for_guard_selection( + get_guard_selection_info(), + state, set, msg); +} + /** How long will we let a change in our guard nodes stay un-saved * when we are trying to avoid disk writes? */ #define SLOW_GUARD_STATE_FLUSH_TIME 600 @@ -1494,15 +1682,18 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg) * when we are not trying to avoid disk writes? */ #define FAST_GUARD_STATE_FLUSH_TIME 30 -/** Our list of entry guards has changed, or some element of one - * of our entry guards has changed. Write the changes to disk within - * the next few minutes. +/** Our list of entry guards has changed for a particular guard selection + * context, or some element of one of our entry guards has changed for one. + * Write the changes to disk within the next few minutes. */ void -entry_guards_changed(void) +entry_guards_changed_for_guard_selection(guard_selection_t *gs) { time_t when; - entry_guards_dirty = 1; + + tor_assert(gs != NULL); + + gs->dirty = 1; if (get_options()->AvoidDiskWrites) when = time(NULL) + SLOW_GUARD_STATE_FLUSH_TIME; @@ -1513,24 +1704,42 @@ entry_guards_changed(void) or_state_mark_dirty(get_or_state(), when); } +/** Our list of entry guards has changed for the default guard selection + * context, or some element of one of our entry guards has changed. Write + * the changes to disk within the next few minutes. + */ +void +entry_guards_changed(void) +{ + entry_guards_changed_for_guard_selection(get_guard_selection_info()); +} + /** If the entry guard info has not changed, do nothing and return. * Otherwise, free the EntryGuards piece of <b>state</b> and create * a new one out of the global entry_guards list, and then mark * <b>state</b> dirty so it will get saved to disk. + * + * XXX this should get totally redesigned around storing multiple + * entry guard contexts. For the initial refactor we'll just + * always use the current default. Fix it as soon as we actually + * have any way that default can change. */ void entry_guards_update_state(or_state_t *state) { config_line_t **next, *line; - if (! entry_guards_dirty) + guard_selection_t *gs = get_guard_selection_info(); + + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + + if (!gs->dirty) return; config_free_lines(state->EntryGuards); next = &state->EntryGuards; *next = NULL; - if (!entry_guards) - entry_guards = smartlist_new(); - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { char dbuf[HEX_DIGEST_LEN+1]; if (!e->made_contact) continue; /* don't write this one to disk */ @@ -1596,7 +1805,7 @@ entry_guards_update_state(or_state_t *state) } SMARTLIST_FOREACH_END(e); if (!get_options()->AvoidDiskWrites) or_state_mark_dirty(get_or_state(), 0); - entry_guards_dirty = 0; + gs->dirty = 0; } /** If <b>question</b> is the string "entry-guards", then dump @@ -1604,12 +1813,20 @@ entry_guards_update_state(or_state_t *state) * the nodes in the global entry_guards list. See control-spec.txt * for details. * For backward compatibility, we also handle the string "helper-nodes". + * + * XXX this should be totally redesigned after prop 271 too, and that's + * going to take some control spec work. * */ int getinfo_helper_entry_guards(control_connection_t *conn, const char *question, char **answer, const char **errmsg) { + guard_selection_t *gs = get_guard_selection_info(); + + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + (void) conn; (void) errmsg; @@ -1618,9 +1835,8 @@ getinfo_helper_entry_guards(control_connection_t *conn, smartlist_t *sl = smartlist_new(); char tbuf[ISO_TIME_LEN+1]; char nbuf[MAX_VERBOSE_NICKNAME_LEN+1]; - if (!entry_guards) - entry_guards = smartlist_new(); - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { + + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { const char *status = NULL; time_t when = 0; const node_t *node; @@ -1892,18 +2108,34 @@ node_is_a_configured_bridge(const node_t *node) */ void learned_router_identity(const tor_addr_t *addr, uint16_t port, - const char *digest) + const char *digest, + const ed25519_public_key_t *ed_id) { + // XXXX prop220 use ed_id here, once there is some way to specify + (void)ed_id; + int learned = 0; bridge_info_t *bridge = get_configured_bridge_by_addr_port_digest(addr, port, digest); if (bridge && tor_digest_is_zero(bridge->identity)) { + memcpy(bridge->identity, digest, DIGEST_LEN); + learned = 1; + } + /* XXXX prop220 remember bridge ed25519 identities -- add a field */ +#if 0 + if (bridge && ed_id && + ed25519_public_key_is_zero(&bridge->ed25519_identity) && + !ed25519_public_key_is_zero(ed_id)) { + memcpy(&bridge->ed25519_identity, ed_id, sizeof(*ed_id)); + learned = 1; + } +#endif + if (learned) { char *transport_info = NULL; const char *transport_name = find_transport_name_by_bridge_addrport(addr, port); if (transport_name) tor_asprintf(&transport_info, " (with transport '%s')", transport_name); - - memcpy(bridge->identity, digest, DIGEST_LEN); + // XXXX prop220 log both fingerprints. log_notice(LD_DIR, "Learned fingerprint %s for bridge %s%s.", hex_str(digest, DIGEST_LEN), fmt_addrport(addr, port), transport_info ? transport_info : ""); @@ -2000,6 +2232,8 @@ bridge_add_from_config(bridge_line_t *bridge_line) { bridge_info_t *b; + // XXXX prop220 add a way to specify ed25519 ID to bridge_line_t. + { /* Log the bridge we are about to register: */ log_debug(LD_GENERAL, "Registering bridge at %s (transport: %s) (%s)", fmt_addrport(&bridge_line->addr, bridge_line->port), @@ -2042,6 +2276,42 @@ bridge_add_from_config(bridge_line_t *bridge_line) smartlist_add(bridge_list, b); } +/** Returns true iff the node is used as a guard in the specified guard + * context */ +int +is_node_used_as_guard_for_guard_selection(guard_selection_t *gs, + const node_t *node) +{ + int res = 0; + + /* + * We used to have a using_as_guard flag in node_t, but it had to go away + * to allow for multiple guard selection contexts. Instead, search the + * guard list for a matching digest. + */ + + tor_assert(gs != NULL); + tor_assert(node != NULL); + + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { + if (tor_memeq(e->identity, node->identity, DIGEST_LEN)) { + res = 1; + break; + } + } SMARTLIST_FOREACH_END(e); + + return res; +} + +/** Returns true iff the node is used as a guard in the default guard + * context */ +MOCK_IMPL(int, +is_node_used_as_guard, (const node_t *node)) +{ + return is_node_used_as_guard_for_guard_selection( + get_guard_selection_info(), node); +} + /** Return true iff <b>routerset</b> contains the bridge <b>bridge</b>. */ static int routerset_contains_bridge(const routerset_t *routerset, @@ -2054,7 +2324,10 @@ routerset_contains_bridge(const routerset_t *routerset, return 0; extinfo = extend_info_new( - NULL, bridge->identity, NULL, NULL, &bridge->addr, bridge->port); + NULL, bridge->identity, + NULL, /* Ed25519 ID */ + NULL, NULL, /* onion keys */ + &bridge->addr, bridge->port); result = routerset_contains_extendinfo(routerset, extinfo); extend_info_free(extinfo); return result; @@ -2383,7 +2656,7 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache) fmt_and_decorate_addr(&bridge->addr), (int) bridge->port); } - add_an_entry_guard(node, 1, 1, 0, 0); + add_an_entry_guard(get_guard_selection_info(), node, 1, 1, 0, 0); log_notice(LD_DIR, "new bridge descriptor '%s' (%s): %s", ri->nickname, from_cache ? "cached" : "fresh", router_describe(ri)); @@ -2419,7 +2692,8 @@ num_bridges_usable(void) { int n_options = 0; tor_assert(get_options()->UseBridges); - (void) choose_random_entry_impl(NULL, 0, 0, &n_options); + (void) choose_random_entry_impl(get_guard_selection_info(), + NULL, 0, 0, &n_options); return n_options; } @@ -2472,9 +2746,12 @@ entries_retry_helper(const or_options_t *options, int act) int any_known = 0; int any_running = 0; int need_bridges = options->UseBridges != 0; - if (!entry_guards) - entry_guards = smartlist_new(); - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { + guard_selection_t *gs = get_guard_selection_info(); + + tor_assert(gs != NULL); + tor_assert(gs->chosen_entry_guards != NULL); + + SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) { node = node_get_by_id(e->identity); if (node && node_has_descriptor(node) && node_is_bridge(node) == need_bridges && @@ -2490,7 +2767,7 @@ entries_retry_helper(const or_options_t *options, int act) * the node down and undermine the retry attempt. We mark even * the established conns, since if the network just came back * we'll want to attach circuits to fresh conns. */ - connection_or_set_bad_connections(node->identity, 1); + channel_update_bad_for_new_circs(node->identity, 1); /* mark this entry node for retry */ router_set_status(node->identity, 1); @@ -2521,25 +2798,20 @@ entries_retry_all(const or_options_t *options) entries_retry_helper(options, 1); } -/** Return true if at least one of our bridges runs a Tor version that can - * provide microdescriptors to us. If not, we'll fall back to asking for - * full descriptors. */ -int -any_bridge_supports_microdescriptors(void) +/** Free one guard selection context */ +static void +guard_selection_free(guard_selection_t *gs) { - const node_t *node; - if (!get_options()->UseBridges || !entry_guards) - return 0; - SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, e) { - node = node_get_by_id(e->identity); - if (node && node->is_running && - node_is_bridge(node) && node_is_a_configured_bridge(node)) { - /* This is one of our current bridges, and we know enough about - * it to know that it will be able to answer our questions. */ - return 1; - } - } SMARTLIST_FOREACH_END(e); - return 0; + if (!gs) return; + + if (gs->chosen_entry_guards) { + SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, e, + entry_guard_free(e)); + smartlist_free(gs->chosen_entry_guards); + gs->chosen_entry_guards = NULL; + } + + tor_free(gs); } /** Release all storage held by the list of entry guards and related @@ -2547,11 +2819,15 @@ any_bridge_supports_microdescriptors(void) void entry_guards_free_all(void) { - if (entry_guards) { - SMARTLIST_FOREACH(entry_guards, entry_guard_t *, e, - entry_guard_free(e)); - smartlist_free(entry_guards); - entry_guards = NULL; + /* Null out the default */ + curr_guard_context = NULL; + /* Free all the guard contexts */ + if (guard_contexts != NULL) { + SMARTLIST_FOREACH_BEGIN(guard_contexts, guard_selection_t *, gs) { + guard_selection_free(gs); + } SMARTLIST_FOREACH_END(gs); + smartlist_free(guard_contexts); + guard_contexts = NULL; } clear_bridge_list(); smartlist_free(bridge_list); diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 1021e67d43..f8aaedf171 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -16,6 +16,9 @@ /* XXXX NM I would prefer that all of this stuff be private to * entrynodes.c. */ +/* Forward declare for guard_selection_t; entrynodes.c has the real struct */ +typedef struct guard_selection_s guard_selection_t; + /** An entry_guard_t represents our information about a chosen long-term * first hop, known as a "helper" node in the literature. We can't just * use a node_t, since we want to remember these even when we @@ -53,6 +56,14 @@ typedef struct entry_guard_t { time_t last_attempted; /**< 0 if we can connect to this guard, or the time * at which we last failed to connect to it. */ + /** + * @name circpathbias fields + * + * These fields are used in circpathbias.c to try to detect entry + * nodes that are failing circuits at a suspicious frequency. + */ + /**@{*/ + double circ_attempts; /**< Number of circuits this guard has "attempted" */ double circ_successes; /**< Number of successfully built circuits using * this guard as first hop. */ @@ -68,20 +79,30 @@ typedef struct entry_guard_t { double use_attempts; /**< Number of circuits we tried to use with streams */ double use_successes; /**< Number of successfully used circuits using * this guard as first hop. */ + /**@}*/ } entry_guard_t; +entry_guard_t *entry_guard_get_by_id_digest_for_guard_selection( + guard_selection_t *gs, const char *digest); entry_guard_t *entry_guard_get_by_id_digest(const char *digest); +void entry_guards_changed_for_guard_selection(guard_selection_t *gs); void entry_guards_changed(void); +guard_selection_t * get_guard_selection_info(void); +const smartlist_t *get_entry_guards_for_guard_selection( + guard_selection_t *gs); const smartlist_t *get_entry_guards(void); +int num_live_entry_guards_for_guard_selection( + guard_selection_t *gs, + int for_directory); int num_live_entry_guards(int for_directory); #endif #ifdef ENTRYNODES_PRIVATE -STATIC const node_t *add_an_entry_guard(const node_t *chosen, +STATIC const node_t *add_an_entry_guard(guard_selection_t *gs, + const node_t *chosen, int reset_status, int prepend, int for_discovery, int for_directory); - STATIC int populate_live_entry_guards(smartlist_t *live_entry_guards, const smartlist_t *all_entry_guards, const node_t *chosen_exit, @@ -90,7 +111,8 @@ STATIC int populate_live_entry_guards(smartlist_t *live_entry_guards, int need_uptime, int need_capacity); STATIC int decide_num_guards(const or_options_t *options, int for_directory); -STATIC void entry_guards_set_from_config(const or_options_t *options); +STATIC void entry_guards_set_from_config(guard_selection_t *gs, + const or_options_t *options); /** Flags to be passed to entry_is_live() to indicate what kind of * entry nodes we are looking for. */ @@ -109,20 +131,32 @@ STATIC int entry_is_time_to_retry(const entry_guard_t *e, time_t now); #endif +void remove_all_entry_guards_for_guard_selection(guard_selection_t *gs); void remove_all_entry_guards(void); +void entry_guards_compute_status_for_guard_selection( + guard_selection_t *gs, const or_options_t *options, time_t now); void entry_guards_compute_status(const or_options_t *options, time_t now); +int entry_guard_register_connect_status_for_guard_selection( + guard_selection_t *gs, const char *digest, int succeeded, + int mark_relay_status, time_t now); int entry_guard_register_connect_status(const char *digest, int succeeded, int mark_relay_status, time_t now); +void entry_nodes_should_be_added_for_guard_selection(guard_selection_t *gs); void entry_nodes_should_be_added(void); int entry_list_is_constrained(const or_options_t *options); const node_t *choose_random_entry(cpath_build_state_t *state); const node_t *choose_random_dirguard(dirinfo_type_t t); +int entry_guards_parse_state_for_guard_selection( + guard_selection_t *gs, or_state_t *state, int set, char **msg); int entry_guards_parse_state(or_state_t *state, int set, char **msg); void entry_guards_update_state(or_state_t *state); int getinfo_helper_entry_guards(control_connection_t *conn, const char *question, char **answer, const char **errmsg); +int is_node_used_as_guard_for_guard_selection(guard_selection_t *gs, + const node_t *node); +MOCK_DECL(int, is_node_used_as_guard, (const node_t *node)); void mark_bridge_list(void); void sweep_bridge_list(void); @@ -133,7 +167,8 @@ int extend_info_is_a_configured_bridge(const extend_info_t *ei); int routerinfo_is_a_configured_bridge(const routerinfo_t *ri); int node_is_a_configured_bridge(const node_t *node); void learned_router_identity(const tor_addr_t *addr, uint16_t port, - const char *digest); + const char *digest, + const ed25519_public_key_t *ed_id); struct bridge_line_t; void bridge_add_from_config(struct bridge_line_t *bridge_line); void retry_bridge_descriptor_fetch_directly(const char *digest); @@ -143,7 +178,6 @@ int any_bridge_descriptors_known(void); int entries_known_but_down(const or_options_t *options); void entries_retry_all(const or_options_t *options); -int any_bridge_supports_microdescriptors(void); const smartlist_t *get_socks_args_by_bridge_addrport(const tor_addr_t *addr, uint16_t port); diff --git a/src/or/geoip.c b/src/or/geoip.c index ba65dfe56c..74811ea643 100644 --- a/src/or/geoip.c +++ b/src/or/geoip.c @@ -880,7 +880,7 @@ geoip_get_transport_history(void) /* If it's the first time we see this transport, note it. */ if (val == 1) - smartlist_add(transports_used, tor_strdup(transport_name)); + smartlist_add_strdup(transports_used, transport_name); log_debug(LD_GENERAL, "Client from '%s' with transport '%s'. " "I've now seen %d clients.", diff --git a/src/or/hs_cache.c b/src/or/hs_cache.c new file mode 100644 index 0000000000..b7ff979e5b --- /dev/null +++ b/src/or/hs_cache.c @@ -0,0 +1,385 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_cache.c + * \brief Handle hidden service descriptor caches. + **/ + +/* For unit tests.*/ +#define HS_CACHE_PRIVATE + +#include "hs_cache.h" + +#include "or.h" +#include "config.h" +#include "hs_common.h" +#include "hs_descriptor.h" +#include "rendcache.h" + +/* Directory descriptor cache. Map indexed by blinded key. */ +static digest256map_t *hs_cache_v3_dir; + +/* Remove a given descriptor from our cache. */ +static void +remove_v3_desc_as_dir(const hs_cache_dir_descriptor_t *desc) +{ + tor_assert(desc); + digest256map_remove(hs_cache_v3_dir, desc->key); +} + +/* Store a given descriptor in our cache. */ +static void +store_v3_desc_as_dir(hs_cache_dir_descriptor_t *desc) +{ + tor_assert(desc); + digest256map_set(hs_cache_v3_dir, desc->key, desc); +} + +/* Query our cache and return the entry or NULL if not found. */ +static hs_cache_dir_descriptor_t * +lookup_v3_desc_as_dir(const uint8_t *key) +{ + tor_assert(key); + return digest256map_get(hs_cache_v3_dir, key); +} + +/* Free a directory descriptor object. */ +static void +cache_dir_desc_free(hs_cache_dir_descriptor_t *desc) +{ + if (desc == NULL) { + return; + } + hs_desc_plaintext_data_free(desc->plaintext_data); + tor_free(desc->encoded_desc); + tor_free(desc); +} + +/* Helper function: Use by the free all function using the digest256map + * interface to cache entries. */ +static void +cache_dir_desc_free_(void *ptr) +{ + hs_cache_dir_descriptor_t *desc = ptr; + cache_dir_desc_free(desc); +} + +/* Create a new directory cache descriptor object from a encoded descriptor. + * On success, return the heap-allocated cache object, otherwise return NULL if + * we can't decode the descriptor. */ +static hs_cache_dir_descriptor_t * +cache_dir_desc_new(const char *desc) +{ + hs_cache_dir_descriptor_t *dir_desc; + + tor_assert(desc); + + dir_desc = tor_malloc_zero(sizeof(hs_cache_dir_descriptor_t)); + dir_desc->plaintext_data = + tor_malloc_zero(sizeof(hs_desc_plaintext_data_t)); + dir_desc->encoded_desc = tor_strdup(desc); + + if (hs_desc_decode_plaintext(desc, dir_desc->plaintext_data) < 0) { + log_debug(LD_DIR, "Unable to decode descriptor. Rejecting."); + goto err; + } + + /* The blinded pubkey is the indexed key. */ + dir_desc->key = dir_desc->plaintext_data->blinded_kp.pubkey.pubkey; + dir_desc->created_ts = time(NULL); + return dir_desc; + + err: + cache_dir_desc_free(dir_desc); + return NULL; +} + +/* Return the size of a cache entry in bytes. */ +static size_t +cache_get_entry_size(const hs_cache_dir_descriptor_t *entry) +{ + return (sizeof(*entry) + hs_desc_plaintext_obj_size(entry->plaintext_data) + + strlen(entry->encoded_desc)); +} + +/* Try to store a valid version 3 descriptor in the directory cache. Return 0 + * on success else a negative value is returned indicating that we have a + * newer version in our cache. On error, caller is responsible to free the + * given descriptor desc. */ +static int +cache_store_v3_as_dir(hs_cache_dir_descriptor_t *desc) +{ + hs_cache_dir_descriptor_t *cache_entry; + + tor_assert(desc); + + /* Verify if we have an entry in the cache for that key and if yes, check + * if we should replace it? */ + cache_entry = lookup_v3_desc_as_dir(desc->key); + if (cache_entry != NULL) { + /* Only replace descriptor if revision-counter is greater than the one + * in our cache */ + if (cache_entry->plaintext_data->revision_counter >= + desc->plaintext_data->revision_counter) { + log_info(LD_REND, "Descriptor revision counter in our cache is " + "greater or equal than the one we received. " + "Rejecting!"); + goto err; + } + /* We now know that the descriptor we just received is a new one so + * remove the entry we currently have from our cache so we can then + * store the new one. */ + remove_v3_desc_as_dir(cache_entry); + rend_cache_decrement_allocation(cache_get_entry_size(cache_entry)); + cache_dir_desc_free(cache_entry); + } + /* Store the descriptor we just got. We are sure here that either we + * don't have the entry or we have a newer descriptor and the old one + * has been removed from the cache. */ + store_v3_desc_as_dir(desc); + + /* Update our total cache size with this entry for the OOM. This uses the + * old HS protocol cache subsystem for which we are tied with. */ + rend_cache_increment_allocation(cache_get_entry_size(desc)); + + /* XXX: Update HS statistics. We should have specific stats for v3. */ + + return 0; + + err: + return -1; +} + +/* Using the query which is the base64 encoded blinded key of a version 3 + * descriptor, lookup in our directory cache the entry. If found, 1 is + * returned and desc_out is populated with a newly allocated string being the + * encoded descriptor. If not found, 0 is returned and desc_out is untouched. + * On error, a negative value is returned and desc_out is untouched. */ +static int +cache_lookup_v3_as_dir(const char *query, const char **desc_out) +{ + int found = 0; + ed25519_public_key_t blinded_key; + const hs_cache_dir_descriptor_t *entry; + + tor_assert(query); + + /* Decode blinded key using the given query value. */ + if (ed25519_public_from_base64(&blinded_key, query) < 0) { + log_info(LD_REND, "Unable to decode the v3 HSDir query %s.", + safe_str_client(query)); + goto err; + } + + entry = lookup_v3_desc_as_dir(blinded_key.pubkey); + if (entry != NULL) { + found = 1; + if (desc_out) { + *desc_out = entry->encoded_desc; + } + } + + return found; + + err: + return -1; +} + +/* Clean the v3 cache by removing any entry that has expired using the + * <b>global_cutoff</b> value. If <b>global_cutoff</b> is 0, the cleaning + * process will use the lifetime found in the plaintext data section. Return + * the number of bytes cleaned. */ +STATIC size_t +cache_clean_v3_as_dir(time_t now, time_t global_cutoff) +{ + size_t bytes_removed = 0; + + /* Code flow error if this ever happens. */ + tor_assert(global_cutoff >= 0); + + if (!hs_cache_v3_dir) { /* No cache to clean. Just return. */ + return 0; + } + + DIGEST256MAP_FOREACH_MODIFY(hs_cache_v3_dir, key, + hs_cache_dir_descriptor_t *, entry) { + size_t entry_size; + time_t cutoff = global_cutoff; + if (!cutoff) { + /* Cutoff is the lifetime of the entry found in the descriptor. */ + cutoff = now - entry->plaintext_data->lifetime_sec; + } + + /* If the entry has been created _after_ the cutoff, not expired so + * continue to the next entry in our v3 cache. */ + if (entry->created_ts > cutoff) { + continue; + } + /* Here, our entry has expired, remove and free. */ + MAP_DEL_CURRENT(key); + entry_size = cache_get_entry_size(entry); + bytes_removed += entry_size; + /* Entry is not in the cache anymore, destroy it. */ + cache_dir_desc_free(entry); + /* Update our cache entry allocation size for the OOM. */ + rend_cache_decrement_allocation(entry_size); + /* Logging. */ + { + char key_b64[BASE64_DIGEST256_LEN + 1]; + base64_encode(key_b64, sizeof(key_b64), (const char *) key, + DIGEST256_LEN, 0); + log_info(LD_REND, "Removing v3 descriptor '%s' from HSDir cache", + safe_str_client(key_b64)); + } + } DIGEST256MAP_FOREACH_END; + + return bytes_removed; +} + +/* Given an encoded descriptor, store it in the directory cache depending on + * which version it is. Return a negative value on error. On success, 0 is + * returned. */ +int +hs_cache_store_as_dir(const char *desc) +{ + hs_cache_dir_descriptor_t *dir_desc = NULL; + + tor_assert(desc); + + /* Create a new cache object. This can fail if the descriptor plaintext data + * is unparseable which in this case a log message will be triggered. */ + dir_desc = cache_dir_desc_new(desc); + if (dir_desc == NULL) { + goto err; + } + + /* Call the right function against the descriptor version. At this point, + * we are sure that the descriptor's version is supported else the + * decoding would have failed. */ + switch (dir_desc->plaintext_data->version) { + case HS_VERSION_THREE: + default: + if (cache_store_v3_as_dir(dir_desc) < 0) { + goto err; + } + break; + } + return 0; + + err: + cache_dir_desc_free(dir_desc); + return -1; +} + +/* Using the query, lookup in our directory cache the entry. If found, 1 is + * returned and desc_out is populated with a newly allocated string being + * the encoded descriptor. If not found, 0 is returned and desc_out is + * untouched. On error, a negative value is returned and desc_out is + * untouched. */ +int +hs_cache_lookup_as_dir(uint32_t version, const char *query, + const char **desc_out) +{ + int found; + + tor_assert(query); + /* This should never be called with an unsupported version. */ + tor_assert(hs_desc_is_supported_version(version)); + + switch (version) { + case HS_VERSION_THREE: + default: + found = cache_lookup_v3_as_dir(query, desc_out); + break; + } + + return found; +} + +/* Clean all directory caches using the current time now. */ +void +hs_cache_clean_as_dir(time_t now) +{ + time_t cutoff; + + /* Start with v2 cache cleaning. */ + cutoff = now - rend_cache_max_entry_lifetime(); + rend_cache_clean_v2_descs_as_dir(cutoff); + + /* Now, clean the v3 cache. Set the cutoff to 0 telling the cleanup function + * to compute the cutoff by itself using the lifetime value. */ + cache_clean_v3_as_dir(now, 0); +} + +/* Do a round of OOM cleanup on all directory caches. Return the amount of + * removed bytes. It is possible that the returned value is lower than + * min_remove_bytes if the caches get emptied out so the caller should be + * aware of this. */ +size_t +hs_cache_handle_oom(time_t now, size_t min_remove_bytes) +{ + time_t k; + size_t bytes_removed = 0; + + /* Our OOM handler called with 0 bytes to remove is a code flow error. */ + tor_assert(min_remove_bytes != 0); + + /* The algorithm is as follow. K is the oldest expected descriptor age. + * + * 1) Deallocate all entries from v2 cache that are older than K hours. + * 1.1) If the amount of remove bytes has been reached, stop. + * 2) Deallocate all entries from v3 cache that are older than K hours + * 2.1) If the amount of remove bytes has been reached, stop. + * 3) Set K = K - RendPostPeriod and repeat process until K is < 0. + * + * This ends up being O(Kn). + */ + + /* Set K to the oldest expected age in seconds which is the maximum + * lifetime of a cache entry. We'll use the v2 lifetime because it's much + * bigger than the v3 thus leading to cleaning older descriptors. */ + k = rend_cache_max_entry_lifetime(); + + do { + time_t cutoff; + + /* If K becomes negative, it means we've empty the caches so stop and + * return what we were able to cleanup. */ + if (k < 0) { + break; + } + /* Compute a cutoff value with K and the current time. */ + cutoff = now - k; + + /* Start by cleaning the v2 cache with that cutoff. */ + bytes_removed += rend_cache_clean_v2_descs_as_dir(cutoff); + + if (bytes_removed < min_remove_bytes) { + /* We haven't remove enough bytes so clean v3 cache. */ + bytes_removed += cache_clean_v3_as_dir(now, cutoff); + /* Decrement K by a post period to shorten the cutoff. */ + k -= get_options()->RendPostPeriod; + } + } while (bytes_removed < min_remove_bytes); + + return bytes_removed; +} + +/* Initialize the hidden service cache subsystem. */ +void +hs_cache_init(void) +{ + /* Calling this twice is very wrong code flow. */ + tor_assert(!hs_cache_v3_dir); + hs_cache_v3_dir = digest256map_new(); +} + +/* Cleanup the hidden service cache subsystem. */ +void +hs_cache_free_all(void) +{ + digest256map_free(hs_cache_v3_dir, cache_dir_desc_free_); + hs_cache_v3_dir = NULL; +} + diff --git a/src/or/hs_cache.h b/src/or/hs_cache.h new file mode 100644 index 0000000000..01abb8002f --- /dev/null +++ b/src/or/hs_cache.h @@ -0,0 +1,61 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_cache.h + * \brief Header file for hs_cache.c + **/ + +#ifndef TOR_HS_CACHE_H +#define TOR_HS_CACHE_H + +#include <stdint.h> + +#include "crypto.h" +#include "crypto_ed25519.h" +#include "hs_common.h" +#include "hs_descriptor.h" +#include "torcert.h" + +/* Descriptor representation on the directory side which is a subset of + * information that the HSDir can decode and serve it. */ +typedef struct hs_cache_dir_descriptor_t { + /* This object is indexed using the blinded pubkey located in the plaintext + * data which is populated only once the descriptor has been successfully + * decoded and validated. This simply points to that pubkey. */ + const uint8_t *key; + + /* When does this entry has been created. Used to expire entries. */ + time_t created_ts; + + /* Descriptor plaintext information. Obviously, we can't decrypt the + * encrypted part of the descriptor. */ + hs_desc_plaintext_data_t *plaintext_data; + + /* Encoded descriptor which is basically in text form. It's a NUL terminated + * string thus safe to strlen(). */ + char *encoded_desc; +} hs_cache_dir_descriptor_t; + +/* Public API */ + +void hs_cache_init(void); +void hs_cache_free_all(void); +void hs_cache_clean_as_dir(time_t now); +size_t hs_cache_handle_oom(time_t now, size_t min_remove_bytes); + +/* Store and Lookup function. They are version agnostic that is depending on + * the requested version of the descriptor, it will be re-routed to the + * right function. */ +int hs_cache_store_as_dir(const char *desc); +int hs_cache_lookup_as_dir(uint32_t version, const char *query, + const char **desc_out); + +#ifdef HS_CACHE_PRIVATE + +STATIC size_t cache_clean_v3_as_dir(time_t now, time_t global_cutoff); + +#endif /* HS_CACHE_PRIVATE */ + +#endif /* TOR_HS_CACHE_H */ + diff --git a/src/or/hs_common.c b/src/or/hs_common.c new file mode 100644 index 0000000000..7dd97e7c7c --- /dev/null +++ b/src/or/hs_common.c @@ -0,0 +1,284 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_common.c + * \brief Contains code shared between different HS protocol version as well + * as useful data structures and accessors used by other subsystems. + * The rendcommon.c should only contains code relating to the v2 + * protocol. + **/ + +#include "or.h" + +#include "config.h" +#include "networkstatus.h" +#include "hs_common.h" +#include "rendcommon.h" + +/* Create a new rend_data_t for a specific given <b>version</b>. + * Return a pointer to the newly allocated data structure. */ +static rend_data_t * +rend_data_alloc(uint32_t version) +{ + rend_data_t *rend_data = NULL; + + switch (version) { + case HS_VERSION_TWO: + { + rend_data_v2_t *v2 = tor_malloc_zero(sizeof(*v2)); + v2->base_.version = HS_VERSION_TWO; + v2->base_.hsdirs_fp = smartlist_new(); + rend_data = &v2->base_; + break; + } + default: + tor_assert(0); + break; + } + + return rend_data; +} + +/** Free all storage associated with <b>data</b> */ +void +rend_data_free(rend_data_t *data) +{ + if (!data) { + return; + } + /* By using our allocation function, this should always be set. */ + tor_assert(data->hsdirs_fp); + /* Cleanup the HSDir identity digest. */ + SMARTLIST_FOREACH(data->hsdirs_fp, char *, d, tor_free(d)); + smartlist_free(data->hsdirs_fp); + /* Depending on the version, cleanup. */ + switch (data->version) { + case HS_VERSION_TWO: + { + rend_data_v2_t *v2_data = TO_REND_DATA_V2(data); + tor_free(v2_data); + break; + } + default: + tor_assert(0); + } +} + +/* Allocate and return a deep copy of <b>data</b>. */ +rend_data_t * +rend_data_dup(const rend_data_t *data) +{ + rend_data_t *data_dup = NULL; + smartlist_t *hsdirs_fp = smartlist_new(); + + tor_assert(data); + tor_assert(data->hsdirs_fp); + + SMARTLIST_FOREACH(data->hsdirs_fp, char *, fp, + smartlist_add(hsdirs_fp, tor_memdup(fp, DIGEST_LEN))); + + switch (data->version) { + case HS_VERSION_TWO: + { + rend_data_v2_t *v2_data = tor_memdup(TO_REND_DATA_V2(data), + sizeof(*v2_data)); + data_dup = &v2_data->base_; + data_dup->hsdirs_fp = hsdirs_fp; + break; + } + default: + tor_assert(0); + break; + } + + return data_dup; +} + +/* Compute the descriptor ID for each HS descriptor replica and save them. A + * valid onion address must be present in the <b>rend_data</b>. + * + * Return 0 on success else -1. */ +static int +compute_desc_id(rend_data_t *rend_data) +{ + int ret = 0; + unsigned replica; + time_t now = time(NULL); + + tor_assert(rend_data); + + switch (rend_data->version) { + case HS_VERSION_TWO: + { + rend_data_v2_t *v2_data = TO_REND_DATA_V2(rend_data); + /* Compute descriptor ID for each replicas. */ + for (replica = 0; replica < ARRAY_LENGTH(v2_data->descriptor_id); + replica++) { + ret = rend_compute_v2_desc_id(v2_data->descriptor_id[replica], + v2_data->onion_address, + v2_data->descriptor_cookie, + now, replica); + if (ret < 0) { + goto end; + } + } + break; + } + default: + tor_assert(0); + } + + end: + return ret; +} + +/* Allocate and initialize a rend_data_t object for a service using the + * provided arguments. All arguments are optional (can be NULL), except from + * <b>onion_address</b> which MUST be set. The <b>pk_digest</b> is the hash of + * the service private key. The <b>cookie</b> is the rendezvous cookie and + * <b>auth_type</b> is which authentiation this service is configured with. + * + * Return a valid rend_data_t pointer. This only returns a version 2 object of + * rend_data_t. */ +rend_data_t * +rend_data_service_create(const char *onion_address, const char *pk_digest, + const uint8_t *cookie, rend_auth_type_t auth_type) +{ + /* Create a rend_data_t object for version 2. */ + rend_data_t *rend_data = rend_data_alloc(HS_VERSION_TWO); + rend_data_v2_t *v2= TO_REND_DATA_V2(rend_data); + + /* We need at least one else the call is wrong. */ + tor_assert(onion_address != NULL); + + if (pk_digest) { + memcpy(v2->rend_pk_digest, pk_digest, sizeof(v2->rend_pk_digest)); + } + if (cookie) { + memcpy(rend_data->rend_cookie, cookie, sizeof(rend_data->rend_cookie)); + } + + strlcpy(v2->onion_address, onion_address, sizeof(v2->onion_address)); + v2->auth_type = auth_type; + + return rend_data; +} + +/* Allocate and initialize a rend_data_t object for a client request using the + * given arguments. Either an onion address or a descriptor ID is needed. Both + * can be given but in this case only the onion address will be used to make + * the descriptor fetch. The <b>cookie</b> is the rendezvous cookie and + * <b>auth_type</b> is which authentiation the service is configured with. + * + * Return a valid rend_data_t pointer or NULL on error meaning the + * descriptor IDs couldn't be computed from the given data. */ +rend_data_t * +rend_data_client_create(const char *onion_address, const char *desc_id, + const char *cookie, rend_auth_type_t auth_type) +{ + /* Create a rend_data_t object for version 2. */ + rend_data_t *rend_data = rend_data_alloc(HS_VERSION_TWO); + rend_data_v2_t *v2= TO_REND_DATA_V2(rend_data); + + /* We need at least one else the call is wrong. */ + tor_assert(onion_address != NULL || desc_id != NULL); + + if (cookie) { + memcpy(v2->descriptor_cookie, cookie, sizeof(v2->descriptor_cookie)); + } + if (desc_id) { + memcpy(v2->desc_id_fetch, desc_id, sizeof(v2->desc_id_fetch)); + } + if (onion_address) { + strlcpy(v2->onion_address, onion_address, sizeof(v2->onion_address)); + if (compute_desc_id(rend_data) < 0) { + goto error; + } + } + + v2->auth_type = auth_type; + + return rend_data; + + error: + rend_data_free(rend_data); + return NULL; +} + +/* Return the onion address from the rend data. Depending on the version, + * the size of the address can vary but it's always NUL terminated. */ +const char * +rend_data_get_address(const rend_data_t *rend_data) +{ + tor_assert(rend_data); + + switch (rend_data->version) { + case HS_VERSION_TWO: + return TO_REND_DATA_V2(rend_data)->onion_address; + default: + /* We should always have a supported version. */ + tor_assert(0); + } +} + +/* Return the descriptor ID for a specific replica number from the rend + * data. The returned data is a binary digest and depending on the version its + * size can vary. The size of the descriptor ID is put in <b>len_out</b> if + * non NULL. */ +const char * +rend_data_get_desc_id(const rend_data_t *rend_data, uint8_t replica, + size_t *len_out) +{ + tor_assert(rend_data); + + switch (rend_data->version) { + case HS_VERSION_TWO: + tor_assert(replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS); + if (len_out) { + *len_out = DIGEST_LEN; + } + return TO_REND_DATA_V2(rend_data)->descriptor_id[replica]; + default: + /* We should always have a supported version. */ + tor_assert(0); + } +} + +/* Return the public key digest using the given <b>rend_data</b>. The size of + * the digest is put in <b>len_out</b> (if set) which can differ depending on + * the version. */ +const uint8_t * +rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out) +{ + tor_assert(rend_data); + + switch (rend_data->version) { + case HS_VERSION_TWO: + { + const rend_data_v2_t *v2_data = TO_REND_DATA_V2(rend_data); + if (len_out) { + *len_out = sizeof(v2_data->rend_pk_digest); + } + return (const uint8_t *) v2_data->rend_pk_digest; + } + default: + /* We should always have a supported version. */ + tor_assert(0); + } +} + +/* Return true iff the Onion Services protocol version 3 is enabled. This only + * considers the consensus parameter. If the parameter is not found, the + * default is that it's enabled. */ +int +hs_v3_protocol_is_enabled(void) +{ + /* This consensus param controls if the the onion services version 3 is + * enabled or not which is the first version of the next generation + * (proposal 224). If this option is set to 0, the tor daemon won't support + * the protocol as either a relay, directory, service or client. By default, + * it's enabled if the parameter is not found. */ + return networkstatus_get_param(NULL, "EnableOnionServicesV3", 1, 0, 1); +} + diff --git a/src/or/hs_common.h b/src/or/hs_common.h new file mode 100644 index 0000000000..2502f35ad4 --- /dev/null +++ b/src/or/hs_common.h @@ -0,0 +1,39 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_common.h + * \brief Header file containing common data for the whole HS subsytem. + **/ + +#ifndef TOR_HS_COMMON_H +#define TOR_HS_COMMON_H + +#include "or.h" + +/* Protocol version 2. Use this instead of hardcoding "2" in the code base, + * this adds a clearer semantic to the value when used. */ +#define HS_VERSION_TWO 2 +/* Version 3 of the protocol (prop224). */ +#define HS_VERSION_THREE 3 + +void rend_data_free(rend_data_t *data); +rend_data_t *rend_data_dup(const rend_data_t *data); +rend_data_t *rend_data_client_create(const char *onion_address, + const char *desc_id, + const char *cookie, + rend_auth_type_t auth_type); +rend_data_t *rend_data_service_create(const char *onion_address, + const char *pk_digest, + const uint8_t *cookie, + rend_auth_type_t auth_type); +const char *rend_data_get_address(const rend_data_t *rend_data); +const char *rend_data_get_desc_id(const rend_data_t *rend_data, + uint8_t replica, size_t *len_out); +const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data, + size_t *len_out); + +int hs_v3_protocol_is_enabled(void); + +#endif /* TOR_HS_COMMON_H */ + diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c new file mode 100644 index 0000000000..37aa1d745e --- /dev/null +++ b/src/or/hs_descriptor.c @@ -0,0 +1,1901 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_descriptor.c + * \brief Handle hidden service descriptor encoding/decoding. + **/ + +/* For unit tests.*/ +#define HS_DESCRIPTOR_PRIVATE + +#include "hs_descriptor.h" + +#include "or.h" +#include "ed25519_cert.h" /* Trunnel interface. */ +#include "parsecommon.h" +#include "rendcache.h" +#include "torcert.h" /* tor_cert_encode_ed22519() */ + +/* Constant string value used for the descriptor format. */ +#define str_hs_desc "hs-descriptor" +#define str_desc_cert "descriptor-signing-key-cert" +#define str_rev_counter "revision-counter" +#define str_encrypted "encrypted" +#define str_signature "signature" +#define str_lifetime "descriptor-lifetime" +/* Constant string value for the encrypted part of the descriptor. */ +#define str_create2_formats "create2-formats" +#define str_auth_required "authentication-required" +#define str_single_onion "single-onion-service" +#define str_intro_point "introduction-point" +#define str_ip_auth_key "auth-key" +#define str_ip_enc_key "enc-key" +#define str_ip_enc_key_cert "enc-key-certification" +#define str_intro_point_start "\n" str_intro_point " " +/* Constant string value for the construction to encrypt the encrypted data + * section. */ +#define str_enc_hsdir_data "hsdir-encrypted-data" +/* Prefix required to compute/verify HS desc signatures */ +#define str_desc_sig_prefix "Tor onion service descriptor sig v3" + +/* Authentication supported types. */ +static const struct { + hs_desc_auth_type_t type; + const char *identifier; +} auth_types[] = { + { HS_DESC_AUTH_PASSWORD, "password" }, + { HS_DESC_AUTH_ED25519, "ed25519" }, + /* Indicate end of array. */ + { 0, NULL } +}; + +/* Descriptor ruleset. */ +static token_rule_t hs_desc_v3_token_table[] = { + T1_START(str_hs_desc, R_HS_DESCRIPTOR, EQ(1), NO_OBJ), + T1(str_lifetime, R3_DESC_LIFETIME, EQ(1), NO_OBJ), + T1(str_desc_cert, R3_DESC_SIGNING_CERT, NO_ARGS, NEED_OBJ), + T1(str_rev_counter, R3_REVISION_COUNTER, EQ(1), NO_OBJ), + T1(str_encrypted, R3_ENCRYPTED, NO_ARGS, NEED_OBJ), + T1_END(str_signature, R3_SIGNATURE, EQ(1), NO_OBJ), + END_OF_TABLE +}; + +/* Descriptor ruleset for the encrypted section. */ +static token_rule_t hs_desc_encrypted_v3_token_table[] = { + T1_START(str_create2_formats, R3_CREATE2_FORMATS, CONCAT_ARGS, NO_OBJ), + T01(str_auth_required, R3_AUTHENTICATION_REQUIRED, ARGS, NO_OBJ), + T01(str_single_onion, R3_SINGLE_ONION_SERVICE, ARGS, NO_OBJ), + END_OF_TABLE +}; + +/* Descriptor ruleset for the introduction points section. */ +static token_rule_t hs_desc_intro_point_v3_token_table[] = { + T1_START(str_intro_point, R3_INTRODUCTION_POINT, EQ(1), NO_OBJ), + T1(str_ip_auth_key, R3_INTRO_AUTH_KEY, NO_ARGS, NEED_OBJ), + T1(str_ip_enc_key, R3_INTRO_ENC_KEY, ARGS, OBJ_OK), + T1_END(str_ip_enc_key_cert, R3_INTRO_ENC_KEY_CERTIFICATION, + NO_ARGS, NEED_OBJ), + END_OF_TABLE +}; + +/* Free a descriptor intro point object. */ +STATIC void +desc_intro_point_free(hs_desc_intro_point_t *ip) +{ + if (!ip) { + return; + } + if (ip->link_specifiers) { + SMARTLIST_FOREACH(ip->link_specifiers, hs_desc_link_specifier_t *, + ls, tor_free(ls)); + smartlist_free(ip->link_specifiers); + } + tor_cert_free(ip->auth_key_cert); + if (ip->enc_key_type == HS_DESC_KEY_TYPE_LEGACY) { + crypto_pk_free(ip->enc_key.legacy); + } + tor_free(ip); +} + +/* Free the content of the plaintext section of a descriptor. */ +static void +desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) +{ + if (!desc) { + return; + } + + if (desc->encrypted_blob) { + tor_free(desc->encrypted_blob); + } + tor_cert_free(desc->signing_key_cert); + + memwipe(desc, 0, sizeof(*desc)); +} + +/* Free the content of the encrypted section of a descriptor. */ +static void +desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) +{ + if (!desc) { + return; + } + + if (desc->auth_types) { + SMARTLIST_FOREACH(desc->auth_types, char *, a, tor_free(a)); + smartlist_free(desc->auth_types); + } + if (desc->intro_points) { + SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip, + desc_intro_point_free(ip)); + smartlist_free(desc->intro_points); + } + memwipe(desc, 0, sizeof(*desc)); +} + +/* === ENCODING === */ + +/* Encode the given link specifier objects into a newly allocated string. + * This can't fail so caller can always assume a valid string being + * returned. */ +STATIC char * +encode_link_specifiers(const smartlist_t *specs) +{ + char *encoded_b64 = NULL; + link_specifier_list_t *lslist = link_specifier_list_new(); + + tor_assert(specs); + /* No link specifiers is a code flow error, can't happen. */ + tor_assert(smartlist_len(specs) > 0); + tor_assert(smartlist_len(specs) <= UINT8_MAX); + + link_specifier_list_set_n_spec(lslist, smartlist_len(specs)); + + SMARTLIST_FOREACH_BEGIN(specs, const hs_desc_link_specifier_t *, + spec) { + link_specifier_t *ls = link_specifier_new(); + link_specifier_set_ls_type(ls, spec->type); + + switch (spec->type) { + case LS_IPV4: + link_specifier_set_un_ipv4_addr(ls, + tor_addr_to_ipv4h(&spec->u.ap.addr)); + link_specifier_set_un_ipv4_port(ls, spec->u.ap.port); + /* Four bytes IPv4 and two bytes port. */ + link_specifier_set_ls_len(ls, sizeof(spec->u.ap.addr.addr.in_addr) + + sizeof(spec->u.ap.port)); + break; + case LS_IPV6: + { + size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls); + const uint8_t *in6_addr = tor_addr_to_in6_addr8(&spec->u.ap.addr); + uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls); + memcpy(ipv6_array, in6_addr, addr_len); + link_specifier_set_un_ipv6_port(ls, spec->u.ap.port); + /* Sixteen bytes IPv6 and two bytes port. */ + link_specifier_set_ls_len(ls, addr_len + sizeof(spec->u.ap.port)); + break; + } + case LS_LEGACY_ID: + { + size_t legacy_id_len = link_specifier_getlen_un_legacy_id(ls); + uint8_t *legacy_id_array = link_specifier_getarray_un_legacy_id(ls); + memcpy(legacy_id_array, spec->u.legacy_id, legacy_id_len); + link_specifier_set_ls_len(ls, legacy_id_len); + break; + } + default: + tor_assert(0); + } + + link_specifier_list_add_spec(lslist, ls); + } SMARTLIST_FOREACH_END(spec); + + { + uint8_t *encoded; + ssize_t encoded_len, encoded_b64_len, ret; + + encoded_len = link_specifier_list_encoded_len(lslist); + tor_assert(encoded_len > 0); + encoded = tor_malloc_zero(encoded_len); + ret = link_specifier_list_encode(encoded, encoded_len, lslist); + tor_assert(ret == encoded_len); + + /* Base64 encode our binary format. Add extra NUL byte for the base64 + * encoded value. */ + encoded_b64_len = base64_encode_size(encoded_len, 0) + 1; + encoded_b64 = tor_malloc_zero(encoded_b64_len); + ret = base64_encode(encoded_b64, encoded_b64_len, (const char *) encoded, + encoded_len, 0); + tor_assert(ret == (encoded_b64_len - 1)); + tor_free(encoded); + } + + link_specifier_list_free(lslist); + return encoded_b64; +} + +/* Encode an introduction point encryption key and return a newly allocated + * string with it. On failure, return NULL. */ +static char * +encode_enc_key(const ed25519_keypair_t *sig_key, + const hs_desc_intro_point_t *ip) +{ + char *encoded = NULL; + time_t now = time(NULL); + + tor_assert(sig_key); + tor_assert(ip); + + switch (ip->enc_key_type) { + case HS_DESC_KEY_TYPE_LEGACY: + { + char *key_str, b64_cert[256]; + ssize_t cert_len; + size_t key_str_len; + uint8_t *cert_data = NULL; + + /* Create cross certification cert. */ + cert_len = tor_make_rsa_ed25519_crosscert(&sig_key->pubkey, + ip->enc_key.legacy, + now + HS_DESC_CERT_LIFETIME, + &cert_data); + if (cert_len < 0) { + log_warn(LD_REND, "Unable to create legacy crosscert."); + goto err; + } + /* Encode cross cert. */ + if (base64_encode(b64_cert, sizeof(b64_cert), (const char *) cert_data, + cert_len, BASE64_ENCODE_MULTILINE) < 0) { + tor_free(cert_data); + log_warn(LD_REND, "Unable to encode legacy crosscert."); + goto err; + } + tor_free(cert_data); + /* Convert the encryption key to a string. */ + if (crypto_pk_write_public_key_to_string(ip->enc_key.legacy, &key_str, + &key_str_len) < 0) { + log_warn(LD_REND, "Unable to encode legacy encryption key."); + goto err; + } + tor_asprintf(&encoded, + "%s legacy\n%s" /* Newline is added by the call above. */ + "%s\n" + "-----BEGIN CROSSCERT-----\n" + "%s" + "-----END CROSSCERT-----", + str_ip_enc_key, key_str, + str_ip_enc_key_cert, b64_cert); + tor_free(key_str); + break; + } + case HS_DESC_KEY_TYPE_CURVE25519: + { + int signbit, ret; + char *encoded_cert, key_fp_b64[CURVE25519_BASE64_PADDED_LEN + 1]; + ed25519_keypair_t curve_kp; + + if (ed25519_keypair_from_curve25519_keypair(&curve_kp, &signbit, + &ip->enc_key.curve25519)) { + goto err; + } + tor_cert_t *cross_cert = tor_cert_create(&curve_kp, + CERT_TYPE_CROSS_HS_IP_KEYS, + &sig_key->pubkey, now, + HS_DESC_CERT_LIFETIME, + CERT_FLAG_INCLUDE_SIGNING_KEY); + memwipe(&curve_kp, 0, sizeof(curve_kp)); + if (!cross_cert) { + goto err; + } + ret = tor_cert_encode_ed22519(cross_cert, &encoded_cert); + tor_cert_free(cross_cert); + if (ret) { + goto err; + } + if (curve25519_public_to_base64(key_fp_b64, + &ip->enc_key.curve25519.pubkey) < 0) { + tor_free(encoded_cert); + goto err; + } + tor_asprintf(&encoded, + "%s ntor %s\n" + "%s\n%s", + str_ip_enc_key, key_fp_b64, + str_ip_enc_key_cert, encoded_cert); + tor_free(encoded_cert); + break; + } + default: + tor_assert(0); + } + + err: + return encoded; +} + +/* Encode an introduction point object and return a newly allocated string + * with it. On failure, return NULL. */ +static char * +encode_intro_point(const ed25519_keypair_t *sig_key, + const hs_desc_intro_point_t *ip) +{ + char *encoded_ip = NULL; + smartlist_t *lines = smartlist_new(); + + tor_assert(ip); + tor_assert(sig_key); + + /* Encode link specifier. */ + { + char *ls_str = encode_link_specifiers(ip->link_specifiers); + smartlist_add_asprintf(lines, "%s %s", str_intro_point, ls_str); + tor_free(ls_str); + } + + /* Authentication key encoding. */ + { + char *encoded_cert; + if (tor_cert_encode_ed22519(ip->auth_key_cert, &encoded_cert) < 0) { + goto err; + } + smartlist_add_asprintf(lines, "%s\n%s", str_ip_auth_key, encoded_cert); + tor_free(encoded_cert); + } + + /* Encryption key encoding. */ + { + char *encoded_enc_key = encode_enc_key(sig_key, ip); + if (encoded_enc_key == NULL) { + goto err; + } + smartlist_add_asprintf(lines, "%s", encoded_enc_key); + tor_free(encoded_enc_key); + } + + /* Join them all in one blob of text. */ + encoded_ip = smartlist_join_strings(lines, "\n", 1, NULL); + + err: + SMARTLIST_FOREACH(lines, char *, l, tor_free(l)); + smartlist_free(lines); + return encoded_ip; +} + +/* Using a given decriptor object, build the secret input needed for the + * KDF and put it in the dst pointer which is an already allocated buffer + * of size dstlen. */ +static void +build_secret_input(const hs_descriptor_t *desc, uint8_t *dst, size_t dstlen) +{ + size_t offset = 0; + + tor_assert(desc); + tor_assert(dst); + tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN <= dstlen); + + /* XXX use the destination length as the memcpy length */ + /* Copy blinded public key. */ + memcpy(dst, desc->plaintext_data.blinded_kp.pubkey.pubkey, + sizeof(desc->plaintext_data.blinded_kp.pubkey.pubkey)); + offset += sizeof(desc->plaintext_data.blinded_kp.pubkey.pubkey); + /* Copy subcredential. */ + memcpy(dst + offset, desc->subcredential, sizeof(desc->subcredential)); + offset += sizeof(desc->subcredential); + /* Copy revision counter value. */ + set_uint64(dst + offset, tor_ntohll(desc->plaintext_data.revision_counter)); + offset += sizeof(uint64_t); + tor_assert(HS_DESC_ENCRYPTED_SECRET_INPUT_LEN == offset); +} + +/* Do the KDF construction and put the resulting data in key_out which is of + * key_out_len length. It uses SHAKE-256 as specified in the spec. */ +static void +build_kdf_key(const hs_descriptor_t *desc, + const uint8_t *salt, size_t salt_len, + uint8_t *key_out, size_t key_out_len) +{ + uint8_t secret_input[HS_DESC_ENCRYPTED_SECRET_INPUT_LEN]; + crypto_xof_t *xof; + + tor_assert(desc); + tor_assert(salt); + tor_assert(key_out); + + /* Build the secret input for the KDF computation. */ + build_secret_input(desc, secret_input, sizeof(secret_input)); + + xof = crypto_xof_new(); + /* Feed our KDF. [SHAKE it like a polaroid picture --Yawning]. */ + crypto_xof_add_bytes(xof, secret_input, sizeof(secret_input)); + crypto_xof_add_bytes(xof, salt, salt_len); + crypto_xof_add_bytes(xof, (const uint8_t *) str_enc_hsdir_data, + strlen(str_enc_hsdir_data)); + /* Eat from our KDF. */ + crypto_xof_squeeze_bytes(xof, key_out, key_out_len); + crypto_xof_free(xof); + memwipe(secret_input, 0, sizeof(secret_input)); +} + +/* Using the given descriptor and salt, run it through our KDF function and + * then extract a secret key in key_out, the IV in iv_out and MAC in mac_out. + * This function can't fail. */ +static void +build_secret_key_iv_mac(const hs_descriptor_t *desc, + const uint8_t *salt, size_t salt_len, + uint8_t *key_out, size_t key_len, + uint8_t *iv_out, size_t iv_len, + uint8_t *mac_out, size_t mac_len) +{ + size_t offset = 0; + uint8_t kdf_key[HS_DESC_ENCRYPTED_KDF_OUTPUT_LEN]; + + tor_assert(desc); + tor_assert(salt); + tor_assert(key_out); + tor_assert(iv_out); + tor_assert(mac_out); + + build_kdf_key(desc, salt, salt_len, kdf_key, sizeof(kdf_key)); + /* Copy the bytes we need for both the secret key and IV. */ + memcpy(key_out, kdf_key, key_len); + offset += key_len; + memcpy(iv_out, kdf_key + offset, iv_len); + offset += iv_len; + memcpy(mac_out, kdf_key + offset, mac_len); + /* Extra precaution to make sure we are not out of bound. */ + tor_assert((offset + mac_len) == sizeof(kdf_key)); + memwipe(kdf_key, 0, sizeof(kdf_key)); +} + +/* Using a key, salt and encrypted payload, build a MAC and put it in mac_out. + * We use SHA3-256 for the MAC computation. + * This function can't fail. */ +static void +build_mac(const uint8_t *mac_key, size_t mac_key_len, + const uint8_t *salt, size_t salt_len, + const uint8_t *encrypted, size_t encrypted_len, + uint8_t *mac_out, size_t mac_len) +{ + crypto_digest_t *digest; + + const uint64_t mac_len_netorder = tor_htonll(mac_key_len); + const uint64_t salt_len_netorder = tor_htonll(salt_len); + + tor_assert(mac_key); + tor_assert(salt); + tor_assert(encrypted); + tor_assert(mac_out); + + digest = crypto_digest256_new(DIGEST_SHA3_256); + /* As specified in section 2.5 of proposal 224, first add the mac key + * then add the salt first and then the encrypted section. */ + + crypto_digest_add_bytes(digest, (const char *) &mac_len_netorder, 8); + crypto_digest_add_bytes(digest, (const char *) mac_key, mac_key_len); + crypto_digest_add_bytes(digest, (const char *) &salt_len_netorder, 8); + crypto_digest_add_bytes(digest, (const char *) salt, salt_len); + crypto_digest_add_bytes(digest, (const char *) encrypted, encrypted_len); + crypto_digest_get_digest(digest, (char *) mac_out, mac_len); + crypto_digest_free(digest); +} + +/* Given a source length, return the new size including padding for the + * plaintext encryption. */ +static size_t +compute_padded_plaintext_length(size_t plaintext_len) +{ + size_t plaintext_padded_len; + + /* Make sure we won't overflow. */ + tor_assert(plaintext_len <= + (SIZE_T_CEILING - HS_DESC_PLAINTEXT_PADDING_MULTIPLE)); + + /* Get the extra length we need to add. For example, if srclen is 234 bytes, + * this will expand to (2 * 128) == 256 thus an extra 22 bytes. */ + plaintext_padded_len = CEIL_DIV(plaintext_len, + HS_DESC_PLAINTEXT_PADDING_MULTIPLE) * + HS_DESC_PLAINTEXT_PADDING_MULTIPLE; + /* Can never be extra careful. Make sure we are _really_ padded. */ + tor_assert(!(plaintext_padded_len % HS_DESC_PLAINTEXT_PADDING_MULTIPLE)); + return plaintext_padded_len; +} + +/* Given a buffer, pad it up to the encrypted section padding requirement. Set + * the newly allocated string in padded_out and return the length of the + * padded buffer. */ +STATIC size_t +build_plaintext_padding(const char *plaintext, size_t plaintext_len, + uint8_t **padded_out) +{ + size_t padded_len; + uint8_t *padded; + + tor_assert(plaintext); + tor_assert(padded_out); + + /* Allocate the final length including padding. */ + padded_len = compute_padded_plaintext_length(plaintext_len); + tor_assert(padded_len >= plaintext_len); + padded = tor_malloc_zero(padded_len); + + memcpy(padded, plaintext, plaintext_len); + *padded_out = padded; + return padded_len; +} + +/* Using a key, IV and plaintext data of length plaintext_len, create the + * encrypted section by encrypting it and setting encrypted_out with the + * data. Return size of the encrypted data buffer. */ +static size_t +build_encrypted(const uint8_t *key, const uint8_t *iv, const char *plaintext, + size_t plaintext_len, uint8_t **encrypted_out) +{ + size_t encrypted_len; + uint8_t *padded_plaintext, *encrypted; + crypto_cipher_t *cipher; + + tor_assert(key); + tor_assert(iv); + tor_assert(plaintext); + tor_assert(encrypted_out); + + /* This creates a cipher for AES128. It can't fail. */ + cipher = crypto_cipher_new_with_iv((const char *) key, (const char *) iv); + /* This can't fail. */ + encrypted_len = build_plaintext_padding(plaintext, plaintext_len, + &padded_plaintext); + /* Extra precautions that we have a valie padding length. */ + tor_assert(encrypted_len <= HS_DESC_PADDED_PLAINTEXT_MAX_LEN); + tor_assert(!(encrypted_len % HS_DESC_PLAINTEXT_PADDING_MULTIPLE)); + /* We use a stream cipher so the encrypted length will be the same as the + * plaintext padded length. */ + encrypted = tor_malloc_zero(encrypted_len); + /* This can't fail. */ + crypto_cipher_encrypt(cipher, (char *) encrypted, + (const char *) padded_plaintext, encrypted_len); + *encrypted_out = encrypted; + /* Cleanup. */ + crypto_cipher_free(cipher); + tor_free(padded_plaintext); + return encrypted_len; +} + +/* Encrypt the given plaintext buffer and using the descriptor to get the + * keys. Set encrypted_out with the encrypted data and return the length of + * it. */ +static size_t +encrypt_descriptor_data(const hs_descriptor_t *desc, const char *plaintext, + char **encrypted_out) +{ + char *final_blob; + size_t encrypted_len, final_blob_len, offset = 0; + uint8_t *encrypted; + uint8_t salt[HS_DESC_ENCRYPTED_SALT_LEN]; + uint8_t secret_key[CIPHER_KEY_LEN], secret_iv[CIPHER_IV_LEN]; + uint8_t mac_key[DIGEST256_LEN], mac[DIGEST256_LEN]; + + tor_assert(desc); + tor_assert(plaintext); + tor_assert(encrypted_out); + + /* Get our salt. The returned bytes are already hashed. */ + crypto_strongest_rand(salt, sizeof(salt)); + + /* KDF construction resulting in a key from which the secret key, IV and MAC + * key are extracted which is what we need for the encryption. */ + build_secret_key_iv_mac(desc, salt, sizeof(salt), + secret_key, sizeof(secret_key), + secret_iv, sizeof(secret_iv), + mac_key, sizeof(mac_key)); + + /* Build the encrypted part that is do the actual encryption. */ + encrypted_len = build_encrypted(secret_key, secret_iv, plaintext, + strlen(plaintext), &encrypted); + memwipe(secret_key, 0, sizeof(secret_key)); + memwipe(secret_iv, 0, sizeof(secret_iv)); + /* This construction is specified in section 2.5 of proposal 224. */ + final_blob_len = sizeof(salt) + encrypted_len + DIGEST256_LEN; + final_blob = tor_malloc_zero(final_blob_len); + + /* Build the MAC. */ + build_mac(mac_key, sizeof(mac_key), salt, sizeof(salt), + encrypted, encrypted_len, mac, sizeof(mac)); + memwipe(mac_key, 0, sizeof(mac_key)); + + /* The salt is the first value. */ + memcpy(final_blob, salt, sizeof(salt)); + offset = sizeof(salt); + /* Second value is the encrypted data. */ + memcpy(final_blob + offset, encrypted, encrypted_len); + offset += encrypted_len; + /* Third value is the MAC. */ + memcpy(final_blob + offset, mac, sizeof(mac)); + offset += sizeof(mac); + /* Cleanup the buffers. */ + memwipe(salt, 0, sizeof(salt)); + memwipe(encrypted, 0, encrypted_len); + tor_free(encrypted); + /* Extra precaution. */ + tor_assert(offset == final_blob_len); + + *encrypted_out = final_blob; + return final_blob_len; +} + +/* Take care of encoding the encrypted data section and then encrypting it + * with the descriptor's key. A newly allocated NUL terminated string pointer + * containing the encrypted encoded blob is put in encrypted_blob_out. Return + * 0 on success else a negative value. */ +static int +encode_encrypted_data(const hs_descriptor_t *desc, + char **encrypted_blob_out) +{ + int ret = -1; + char *encoded_str, *encrypted_blob; + smartlist_t *lines = smartlist_new(); + + tor_assert(desc); + tor_assert(encrypted_blob_out); + + /* Build the start of the section prior to the introduction points. */ + { + if (!desc->encrypted_data.create2_ntor) { + log_err(LD_BUG, "HS desc doesn't have recognized handshake type."); + goto err; + } + smartlist_add_asprintf(lines, "%s %d\n", str_create2_formats, + ONION_HANDSHAKE_TYPE_NTOR); + + if (desc->encrypted_data.auth_types && + smartlist_len(desc->encrypted_data.auth_types)) { + /* Put the authentication-required line. */ + char *buf = smartlist_join_strings(desc->encrypted_data.auth_types, " ", + 0, NULL); + smartlist_add_asprintf(lines, "%s %s\n", str_auth_required, buf); + tor_free(buf); + } + + if (desc->encrypted_data.single_onion_service) { + smartlist_add_asprintf(lines, "%s\n", str_single_onion); + } + } + + /* Build the introduction point(s) section. */ + SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, + const hs_desc_intro_point_t *, ip) { + char *encoded_ip = encode_intro_point(&desc->plaintext_data.signing_kp, + ip); + if (encoded_ip == NULL) { + log_err(LD_BUG, "HS desc intro point is malformed."); + goto err; + } + smartlist_add(lines, encoded_ip); + } SMARTLIST_FOREACH_END(ip); + + /* Build the entire encrypted data section into one encoded plaintext and + * then encrypt it. */ + encoded_str = smartlist_join_strings(lines, "", 0, NULL); + + /* Encrypt the section into an encrypted blob that we'll base64 encode + * before returning it. */ + { + char *enc_b64; + ssize_t enc_b64_len, ret_len, enc_len; + + enc_len = encrypt_descriptor_data(desc, encoded_str, &encrypted_blob); + tor_free(encoded_str); + /* Get the encoded size plus a NUL terminating byte. */ + enc_b64_len = base64_encode_size(enc_len, BASE64_ENCODE_MULTILINE) + 1; + enc_b64 = tor_malloc_zero(enc_b64_len); + /* Base64 the encrypted blob before returning it. */ + ret_len = base64_encode(enc_b64, enc_b64_len, encrypted_blob, enc_len, + BASE64_ENCODE_MULTILINE); + /* Return length doesn't count the NUL byte. */ + tor_assert(ret_len == (enc_b64_len - 1)); + tor_free(encrypted_blob); + *encrypted_blob_out = enc_b64; + } + /* Success! */ + ret = 0; + + err: + SMARTLIST_FOREACH(lines, char *, l, tor_free(l)); + smartlist_free(lines); + return ret; +} + +/* Encode a v3 HS descriptor. Return 0 on success and set encoded_out to the + * newly allocated string of the encoded descriptor. On error, -1 is returned + * and encoded_out is untouched. */ +static int +desc_encode_v3(const hs_descriptor_t *desc, char **encoded_out) +{ + int ret = -1; + char *encoded_str = NULL; + size_t encoded_len; + smartlist_t *lines = smartlist_new(); + + tor_assert(desc); + tor_assert(encoded_out); + tor_assert(desc->plaintext_data.version == 3); + + /* Build the non-encrypted values. */ + { + char *encoded_cert; + /* Encode certificate then create the first line of the descriptor. */ + if (desc->plaintext_data.signing_key_cert->cert_type + != CERT_TYPE_SIGNING_HS_DESC) { + log_err(LD_BUG, "HS descriptor signing key has an unexpected cert type " + "(%d)", (int) desc->plaintext_data.signing_key_cert->cert_type); + goto err; + } + if (tor_cert_encode_ed22519(desc->plaintext_data.signing_key_cert, + &encoded_cert) < 0) { + /* The function will print error logs. */ + goto err; + } + /* Create the hs descriptor line. */ + smartlist_add_asprintf(lines, "%s %" PRIu32, str_hs_desc, + desc->plaintext_data.version); + /* Add the descriptor lifetime line (in minutes). */ + smartlist_add_asprintf(lines, "%s %" PRIu32, str_lifetime, + desc->plaintext_data.lifetime_sec / 60); + /* Create the descriptor certificate line. */ + smartlist_add_asprintf(lines, "%s\n%s", str_desc_cert, encoded_cert); + tor_free(encoded_cert); + /* Create the revision counter line. */ + smartlist_add_asprintf(lines, "%s %" PRIu64, str_rev_counter, + desc->plaintext_data.revision_counter); + } + + /* Build the encrypted data section. */ + { + char *enc_b64_blob=NULL; + if (encode_encrypted_data(desc, &enc_b64_blob) < 0) { + goto err; + } + smartlist_add_asprintf(lines, + "%s\n" + "-----BEGIN MESSAGE-----\n" + "%s" + "-----END MESSAGE-----", + str_encrypted, enc_b64_blob); + tor_free(enc_b64_blob); + } + + /* Join all lines in one string so we can generate a signature and append + * it to the descriptor. */ + encoded_str = smartlist_join_strings(lines, "\n", 1, &encoded_len); + + /* Sign all fields of the descriptor with our short term signing key. */ + { + ed25519_signature_t sig; + char ed_sig_b64[ED25519_SIG_BASE64_LEN + 1]; + if (ed25519_sign_prefixed(&sig, + (const uint8_t *) encoded_str, encoded_len, + str_desc_sig_prefix, + &desc->plaintext_data.signing_kp) < 0) { + log_warn(LD_BUG, "Can't sign encoded HS descriptor!"); + tor_free(encoded_str); + goto err; + } + if (ed25519_signature_to_base64(ed_sig_b64, &sig) < 0) { + log_warn(LD_BUG, "Can't base64 encode descriptor signature!"); + tor_free(encoded_str); + goto err; + } + /* Create the signature line. */ + smartlist_add_asprintf(lines, "%s %s", str_signature, ed_sig_b64); + } + /* Free previous string that we used so compute the signature. */ + tor_free(encoded_str); + encoded_str = smartlist_join_strings(lines, "\n", 1, NULL); + *encoded_out = encoded_str; + + /* XXX: Trigger a control port event. */ + + /* Success! */ + ret = 0; + + err: + SMARTLIST_FOREACH(lines, char *, l, tor_free(l)); + smartlist_free(lines); + return ret; +} + +/* === DECODING === */ + +/* Given an encoded string of the link specifiers, return a newly allocated + * list of decoded link specifiers. Return NULL on error. */ +STATIC smartlist_t * +decode_link_specifiers(const char *encoded) +{ + int decoded_len; + size_t encoded_len, i; + uint8_t *decoded; + smartlist_t *results = NULL; + link_specifier_list_t *specs = NULL; + + tor_assert(encoded); + + encoded_len = strlen(encoded); + decoded = tor_malloc(encoded_len); + decoded_len = base64_decode((char *) decoded, encoded_len, encoded, + encoded_len); + if (decoded_len < 0) { + goto err; + } + + if (link_specifier_list_parse(&specs, decoded, + (size_t) decoded_len) < decoded_len) { + goto err; + } + tor_assert(specs); + results = smartlist_new(); + + for (i = 0; i < link_specifier_list_getlen_spec(specs); i++) { + hs_desc_link_specifier_t *hs_spec; + link_specifier_t *ls = link_specifier_list_get_spec(specs, i); + tor_assert(ls); + + hs_spec = tor_malloc_zero(sizeof(*hs_spec)); + hs_spec->type = link_specifier_get_ls_type(ls); + switch (hs_spec->type) { + case LS_IPV4: + tor_addr_from_ipv4h(&hs_spec->u.ap.addr, + link_specifier_get_un_ipv4_addr(ls)); + hs_spec->u.ap.port = link_specifier_get_un_ipv4_port(ls); + break; + case LS_IPV6: + tor_addr_from_ipv6_bytes(&hs_spec->u.ap.addr, (const char *) + link_specifier_getarray_un_ipv6_addr(ls)); + hs_spec->u.ap.port = link_specifier_get_un_ipv6_port(ls); + break; + case LS_LEGACY_ID: + /* Both are known at compile time so let's make sure they are the same + * else we can copy memory out of bound. */ + tor_assert(link_specifier_getlen_un_legacy_id(ls) == + sizeof(hs_spec->u.legacy_id)); + memcpy(hs_spec->u.legacy_id, link_specifier_getarray_un_legacy_id(ls), + sizeof(hs_spec->u.legacy_id)); + break; + default: + goto err; + } + + smartlist_add(results, hs_spec); + } + + goto done; + err: + if (results) { + SMARTLIST_FOREACH(results, hs_desc_link_specifier_t *, s, tor_free(s)); + smartlist_free(results); + results = NULL; + } + done: + link_specifier_list_free(specs); + tor_free(decoded); + return results; +} + +/* Given a list of authentication types, decode it and put it in the encrypted + * data section. Return 1 if we at least know one of the type or 0 if we know + * none of them. */ +static int +decode_auth_type(hs_desc_encrypted_data_t *desc, const char *list) +{ + int match = 0; + + tor_assert(desc); + tor_assert(list); + + desc->auth_types = smartlist_new(); + smartlist_split_string(desc->auth_types, list, " ", 0, 0); + + /* Validate the types that we at least know about one. */ + SMARTLIST_FOREACH_BEGIN(desc->auth_types, const char *, auth) { + for (int idx = 0; auth_types[idx].identifier; idx++) { + if (!strncmp(auth, auth_types[idx].identifier, + strlen(auth_types[idx].identifier))) { + match = 1; + break; + } + } + } SMARTLIST_FOREACH_END(auth); + + return match; +} + +/* Parse a space-delimited list of integers representing CREATE2 formats into + * the bitfield in hs_desc_encrypted_data_t. Ignore unrecognized values. */ +static void +decode_create2_list(hs_desc_encrypted_data_t *desc, const char *list) +{ + smartlist_t *tokens; + + tor_assert(desc); + tor_assert(list); + + tokens = smartlist_new(); + smartlist_split_string(tokens, list, " ", 0, 0); + + SMARTLIST_FOREACH_BEGIN(tokens, char *, s) { + int ok; + unsigned long type = tor_parse_ulong(s, 10, 1, UINT16_MAX, &ok, NULL); + if (!ok) { + log_warn(LD_REND, "Unparseable value %s in create2 list", escaped(s)); + continue; + } + switch (type) { + case ONION_HANDSHAKE_TYPE_NTOR: + desc->create2_ntor = 1; + break; + default: + /* We deliberately ignore unsupported handshake types */ + continue; + } + } SMARTLIST_FOREACH_END(s); + + SMARTLIST_FOREACH(tokens, char *, s, tor_free(s)); + smartlist_free(tokens); +} + +/* Given a certificate, validate the certificate for certain conditions which + * are if the given type matches the cert's one, if the signing key is + * included and if the that key was actually used to sign the certificate. + * + * Return 1 iff if all conditions pass or 0 if one of them fails. */ +STATIC int +cert_is_valid(tor_cert_t *cert, uint8_t type, const char *log_obj_type) +{ + tor_assert(log_obj_type); + + if (cert == NULL) { + log_warn(LD_REND, "Certificate for %s couldn't be parsed.", log_obj_type); + goto err; + } + if (cert->cert_type != type) { + log_warn(LD_REND, "Invalid cert type %02x for %s.", cert->cert_type, + log_obj_type); + goto err; + } + /* All certificate must have its signing key included. */ + if (!cert->signing_key_included) { + log_warn(LD_REND, "Signing key is NOT included for %s.", log_obj_type); + goto err; + } + /* The following will not only check if the signature matches but also the + * expiration date and overall validity. */ + if (tor_cert_checksig(cert, &cert->signing_key, time(NULL)) < 0) { + log_warn(LD_REND, "Invalid signature for %s.", log_obj_type); + goto err; + } + + return 1; + err: + return 0; +} + +/* Given some binary data, try to parse it to get a certificate object. If we + * have a valid cert, validate it using the given wanted type. On error, print + * a log using the err_msg has the certificate identifier adding semantic to + * the log and cert_out is set to NULL. On success, 0 is returned and cert_out + * points to a newly allocated certificate object. */ +static int +cert_parse_and_validate(tor_cert_t **cert_out, const char *data, + size_t data_len, unsigned int cert_type_wanted, + const char *err_msg) +{ + tor_cert_t *cert; + + tor_assert(cert_out); + tor_assert(data); + tor_assert(err_msg); + + /* Parse certificate. */ + cert = tor_cert_parse((const uint8_t *) data, data_len); + if (!cert) { + log_warn(LD_REND, "Certificate for %s couldn't be parsed.", err_msg); + goto err; + } + + /* Validate certificate. */ + if (!cert_is_valid(cert, cert_type_wanted, err_msg)) { + goto err; + } + + *cert_out = cert; + return 0; + + err: + tor_cert_free(cert); + *cert_out = NULL; + return -1; +} + +/* Return true iff the given length of the encrypted data of a descriptor + * passes validation. */ +STATIC int +encrypted_data_length_is_valid(size_t len) +{ + /* Check for the minimum length possible. */ + if (len < HS_DESC_ENCRYPTED_MIN_LEN) { + log_warn(LD_REND, "Length of descriptor's encrypted data is too small. " + "Got %lu but minimum value is %d", + (unsigned long)len, HS_DESC_ENCRYPTED_MIN_LEN); + goto err; + } + + /* Encrypted data has the salt and MAC concatenated to it so remove those + * from the validation calculation. */ + len -= HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN; + + /* Check that it's aligned on the block size of the crypto algorithm. */ + if (len % HS_DESC_PLAINTEXT_PADDING_MULTIPLE) { + log_warn(LD_REND, "Length of descriptor's encrypted data is invalid. " + "Got %lu which is not a multiple of %d.", + (unsigned long) len, HS_DESC_PLAINTEXT_PADDING_MULTIPLE); + goto err; + } + + /* XXX: Check maximum size. Will strongly depends on the maximum intro point + * allowed we decide on and probably if they will all have to use the legacy + * key which is bigger than the ed25519 key. */ + + return 1; + err: + return 0; +} + +/* Decrypt the encrypted section of the descriptor using the given descriptor + * object desc. A newly allocated NUL terminated string is put in + * decrypted_out. Return the length of decrypted_out on success else 0 is + * returned and decrypted_out is set to NULL. */ +static size_t +desc_decrypt_data_v3(const hs_descriptor_t *desc, char **decrypted_out) +{ + uint8_t *decrypted = NULL; + uint8_t secret_key[CIPHER_KEY_LEN], secret_iv[CIPHER_IV_LEN]; + uint8_t mac_key[DIGEST256_LEN], our_mac[DIGEST256_LEN]; + const uint8_t *salt, *encrypted, *desc_mac; + size_t encrypted_len, result_len = 0; + + tor_assert(decrypted_out); + tor_assert(desc); + tor_assert(desc->plaintext_data.encrypted_blob); + + /* Construction is as follow: SALT | ENCRYPTED_DATA | MAC */ + if (!encrypted_data_length_is_valid( + desc->plaintext_data.encrypted_blob_size)) { + goto err; + } + + /* Start of the blob thus the salt. */ + salt = desc->plaintext_data.encrypted_blob; + /* Next is the encrypted data. */ + encrypted = desc->plaintext_data.encrypted_blob + + HS_DESC_ENCRYPTED_SALT_LEN; + encrypted_len = desc->plaintext_data.encrypted_blob_size - + (HS_DESC_ENCRYPTED_SALT_LEN + DIGEST256_LEN); + + /* At the very end is the MAC. Make sure it's of the right size. */ + { + desc_mac = encrypted + encrypted_len; + size_t desc_mac_size = desc->plaintext_data.encrypted_blob_size - + (desc_mac - desc->plaintext_data.encrypted_blob); + if (desc_mac_size != DIGEST256_LEN) { + log_warn(LD_REND, "Service descriptor MAC length of encrypted data " + "is invalid (%lu, expected %u)", + (unsigned long) desc_mac_size, DIGEST256_LEN); + goto err; + } + } + + /* KDF construction resulting in a key from which the secret key, IV and MAC + * key are extracted which is what we need for the decryption. */ + build_secret_key_iv_mac(desc, salt, HS_DESC_ENCRYPTED_SALT_LEN, + secret_key, sizeof(secret_key), + secret_iv, sizeof(secret_iv), + mac_key, sizeof(mac_key)); + + /* Build MAC. */ + build_mac(mac_key, sizeof(mac_key), salt, HS_DESC_ENCRYPTED_SALT_LEN, + encrypted, encrypted_len, our_mac, sizeof(our_mac)); + memwipe(mac_key, 0, sizeof(mac_key)); + /* Verify MAC; MAC is H(mac_key || salt || encrypted) + * + * This is a critical check that is making sure the computed MAC matches the + * one in the descriptor. */ + if (!tor_memeq(our_mac, desc_mac, sizeof(our_mac))) { + log_warn(LD_REND, "Encrypted service descriptor MAC check failed"); + goto err; + } + + { + /* Decrypt. Here we are assured that the encrypted length is valid for + * decryption. */ + crypto_cipher_t *cipher; + cipher = crypto_cipher_new_with_iv((const char *) secret_key, + (const char *) secret_iv); + /* Extra byte for the NUL terminated byte. */ + decrypted = tor_malloc_zero(encrypted_len + 1); + crypto_cipher_decrypt(cipher, (char *) decrypted, + (const char *) encrypted, encrypted_len); + crypto_cipher_free(cipher); + } + + { + /* Adjust length to remove NULL padding bytes */ + uint8_t *end = memchr(decrypted, 0, encrypted_len); + result_len = encrypted_len; + if (end) { + result_len = end - decrypted; + } + } + + /* Make sure to NUL terminate the string. */ + decrypted[encrypted_len] = '\0'; + *decrypted_out = (char *) decrypted; + goto done; + + err: + if (decrypted) { + tor_free(decrypted); + } + *decrypted_out = NULL; + result_len = 0; + + done: + memwipe(secret_key, 0, sizeof(secret_key)); + memwipe(secret_iv, 0, sizeof(secret_iv)); + return result_len; +} + +/* Given the start of a section and the end of it, decode a single + * introduction point from that section. Return a newly allocated introduction + * point object containing the decoded data. Return NULL if the section can't + * be decoded. */ +STATIC hs_desc_intro_point_t * +decode_introduction_point(const hs_descriptor_t *desc, const char *start) +{ + hs_desc_intro_point_t *ip = NULL; + memarea_t *area = NULL; + smartlist_t *tokens = NULL; + tor_cert_t *cross_cert = NULL; + const directory_token_t *tok; + + tor_assert(desc); + tor_assert(start); + + area = memarea_new(); + tokens = smartlist_new(); + if (tokenize_string(area, start, start + strlen(start), + tokens, hs_desc_intro_point_v3_token_table, 0) < 0) { + log_warn(LD_REND, "Introduction point is not parseable"); + goto err; + } + + /* Ok we seem to have a well formed section containing enough tokens to + * parse. Allocate our IP object and try to populate it. */ + ip = tor_malloc_zero(sizeof(hs_desc_intro_point_t)); + + /* "introduction-point" SP link-specifiers NL */ + tok = find_by_keyword(tokens, R3_INTRODUCTION_POINT); + tor_assert(tok->n_args == 1); + ip->link_specifiers = decode_link_specifiers(tok->args[0]); + if (!ip->link_specifiers) { + log_warn(LD_REND, "Introduction point has invalid link specifiers"); + goto err; + } + + /* "auth-key" NL certificate NL */ + tok = find_by_keyword(tokens, R3_INTRO_AUTH_KEY); + tor_assert(tok->object_body); + if (strcmp(tok->object_type, "ED25519 CERT")) { + log_warn(LD_REND, "Unexpected object type for introduction auth key"); + goto err; + } + + /* Parse cert and do some validation. */ + if (cert_parse_and_validate(&ip->auth_key_cert, tok->object_body, + tok->object_size, CERT_TYPE_AUTH_HS_IP_KEY, + "introduction point auth-key") < 0) { + goto err; + } + + /* Exactly one "enc-key" ... */ + tok = find_by_keyword(tokens, R3_INTRO_ENC_KEY); + if (!strcmp(tok->args[0], "ntor")) { + /* "enc-key" SP "ntor" SP key NL */ + if (tok->n_args != 2 || tok->object_body) { + log_warn(LD_REND, "Introduction point ntor encryption key is invalid"); + goto err; + } + + if (curve25519_public_from_base64(&ip->enc_key.curve25519.pubkey, + tok->args[1]) < 0) { + log_warn(LD_REND, "Introduction point ntor encryption key is invalid"); + goto err; + } + ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; + } else if (!strcmp(tok->args[0], "legacy")) { + /* "enc-key" SP "legacy" NL key NL */ + if (!tok->key) { + log_warn(LD_REND, "Introduction point legacy encryption key is " + "invalid"); + goto err; + } + ip->enc_key.legacy = crypto_pk_dup_key(tok->key); + ip->enc_key_type = HS_DESC_KEY_TYPE_LEGACY; + } else { + /* Unknown key type so we can't use that introduction point. */ + log_warn(LD_REND, "Introduction point encryption key is unrecognized."); + goto err; + } + + /* "enc-key-certification" NL certificate NL */ + tok = find_by_keyword(tokens, R3_INTRO_ENC_KEY_CERTIFICATION); + tor_assert(tok->object_body); + /* Do the cross certification. */ + switch (ip->enc_key_type) { + case HS_DESC_KEY_TYPE_CURVE25519: + { + if (strcmp(tok->object_type, "ED25519 CERT")) { + log_warn(LD_REND, "Introduction point ntor encryption key " + "cross-certification has an unknown format."); + goto err; + } + if (cert_parse_and_validate(&cross_cert, tok->object_body, + tok->object_size, CERT_TYPE_CROSS_HS_IP_KEYS, + "introduction point enc-key-certification") < 0) { + goto err; + } + break; + } + case HS_DESC_KEY_TYPE_LEGACY: + if (strcmp(tok->object_type, "CROSSCERT")) { + log_warn(LD_REND, "Introduction point legacy encryption key " + "cross-certification has an unknown format."); + goto err; + } + if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body, + tok->object_size, ip->enc_key.legacy, + &desc->plaintext_data.signing_key_cert->signed_key, + approx_time()-86400)) { + log_warn(LD_REND, "Unable to check cross-certification on the " + "introduction point legacy encryption key."); + goto err; + } + break; + default: + tor_assert(0); + break; + } + /* It is successfully cross certified. Flag the object. */ + ip->cross_certified = 1; + goto done; + + err: + desc_intro_point_free(ip); + ip = NULL; + + done: + tor_cert_free(cross_cert); + SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); + smartlist_free(tokens); + memarea_drop_all(area); + + return ip; +} + +/* Given a descriptor string at <b>data</b>, decode all possible introduction + * points that we can find. Add the introduction point object to desc_enc as we + * find them. Return 0 on success. + * + * On error, a negative value is returned. It is possible that some intro + * point object have been added to the desc_enc, they should be considered + * invalid. One single bad encoded introduction point will make this function + * return an error. */ +STATIC int +decode_intro_points(const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_enc, + const char *data) +{ + int retval = -1; + smartlist_t *chunked_desc = smartlist_new(); + smartlist_t *intro_points = smartlist_new(); + + tor_assert(desc); + tor_assert(desc_enc); + tor_assert(data); + tor_assert(desc_enc->intro_points); + + /* Take the desc string, and extract the intro point substrings out of it */ + { + /* Split the descriptor string using the intro point header as delimiter */ + smartlist_split_string(chunked_desc, data, str_intro_point_start, 0, 0); + + /* Check if there are actually any intro points included. The first chunk + * should be other descriptor fields (e.g. create2-formats), so it's not an + * intro point. */ + if (smartlist_len(chunked_desc) < 2) { + goto done; + } + } + + /* Take the intro point substrings, and prepare them for parsing */ + { + int i = 0; + /* Prepend the introduction-point header to all the chunks, since + smartlist_split_string() devoured it. */ + SMARTLIST_FOREACH_BEGIN(chunked_desc, char *, chunk) { + /* Ignore first chunk. It's other descriptor fields. */ + if (i++ == 0) { + continue; + } + + smartlist_add_asprintf(intro_points, "%s %s", str_intro_point, chunk); + } SMARTLIST_FOREACH_END(chunk); + } + + /* Parse the intro points! */ + SMARTLIST_FOREACH_BEGIN(intro_points, const char *, intro_point) { + hs_desc_intro_point_t *ip = decode_introduction_point(desc, intro_point); + if (!ip) { + /* Malformed introduction point section. Stop right away, this + * descriptor shouldn't be used. */ + goto err; + } + smartlist_add(desc_enc->intro_points, ip); + } SMARTLIST_FOREACH_END(intro_point); + + done: + retval = 0; + + err: + SMARTLIST_FOREACH(chunked_desc, char *, a, tor_free(a)); + smartlist_free(chunked_desc); + SMARTLIST_FOREACH(intro_points, char *, a, tor_free(a)); + smartlist_free(intro_points); + return retval; +} +/* Return 1 iff the given base64 encoded signature in b64_sig from the encoded + * descriptor in encoded_desc validates the descriptor content. */ +STATIC int +desc_sig_is_valid(const char *b64_sig, const ed25519_keypair_t *signing_kp, + const char *encoded_desc, size_t encoded_len) +{ + int ret = 0; + ed25519_signature_t sig; + const char *sig_start; + + tor_assert(b64_sig); + tor_assert(signing_kp); + tor_assert(encoded_desc); + /* Verifying nothing won't end well :). */ + tor_assert(encoded_len > 0); + + /* Signature length check. */ + if (strlen(b64_sig) != ED25519_SIG_BASE64_LEN) { + log_warn(LD_REND, "Service descriptor has an invalid signature length." + "Exptected %d but got %lu", + ED25519_SIG_BASE64_LEN, (unsigned long) strlen(b64_sig)); + goto err; + } + + /* First, convert base64 blob to an ed25519 signature. */ + if (ed25519_signature_from_base64(&sig, b64_sig) != 0) { + log_warn(LD_REND, "Service descriptor does not contain a valid " + "signature"); + goto err; + } + + /* Find the start of signature. */ + sig_start = tor_memstr(encoded_desc, encoded_len, "\n" str_signature); + /* Getting here means the token parsing worked for the signature so if we + * can't find the start of the signature, we have a code flow issue. */ + if (BUG(!sig_start)) { + goto err; + } + /* Skip newline, it has to go in the signature check. */ + sig_start++; + + /* Validate signature with the full body of the descriptor. */ + if (ed25519_checksig_prefixed(&sig, + (const uint8_t *) encoded_desc, + sig_start - encoded_desc, + str_desc_sig_prefix, + &signing_kp->pubkey) != 0) { + log_warn(LD_REND, "Invalid signature on service descriptor"); + goto err; + } + /* Valid signature! All is good. */ + ret = 1; + + err: + return ret; +} + +/* Decode descriptor plaintext data for version 3. Given a list of tokens, an + * allocated plaintext object that will be populated and the encoded + * descriptor with its length. The last one is needed for signature + * verification. Unknown tokens are simply ignored so this won't error on + * unknowns but requires that all v3 token be present and valid. + * + * Return 0 on success else a negative value. */ +static int +desc_decode_plaintext_v3(smartlist_t *tokens, + hs_desc_plaintext_data_t *desc, + const char *encoded_desc, size_t encoded_len) +{ + int ok; + directory_token_t *tok; + + tor_assert(tokens); + tor_assert(desc); + /* Version higher could still use this function to decode most of the + * descriptor and then they decode the extra part. */ + tor_assert(desc->version >= 3); + + /* Descriptor lifetime parsing. */ + tok = find_by_keyword(tokens, R3_DESC_LIFETIME); + tor_assert(tok->n_args == 1); + desc->lifetime_sec = (uint32_t) tor_parse_ulong(tok->args[0], 10, 0, + UINT32_MAX, &ok, NULL); + if (!ok) { + log_warn(LD_REND, "Service descriptor lifetime value is invalid"); + goto err; + } + /* Put it from minute to second. */ + desc->lifetime_sec *= 60; + if (desc->lifetime_sec > HS_DESC_MAX_LIFETIME) { + log_warn(LD_REND, "Service descriptor lifetime is too big. " + "Got %" PRIu32 " but max is %d", + desc->lifetime_sec, HS_DESC_MAX_LIFETIME); + goto err; + } + + /* Descriptor signing certificate. */ + tok = find_by_keyword(tokens, R3_DESC_SIGNING_CERT); + tor_assert(tok->object_body); + /* Expecting a prop220 cert with the signing key extension, which contains + * the blinded public key. */ + if (strcmp(tok->object_type, "ED25519 CERT") != 0) { + log_warn(LD_REND, "Service descriptor signing cert wrong type (%s)", + escaped(tok->object_type)); + goto err; + } + if (cert_parse_and_validate(&desc->signing_key_cert, tok->object_body, + tok->object_size, CERT_TYPE_SIGNING_HS_DESC, + "service descriptor signing key") < 0) { + goto err; + } + + /* Copy the public keys into signing_kp and blinded_kp */ + memcpy(&desc->signing_kp.pubkey, &desc->signing_key_cert->signed_key, + sizeof(ed25519_public_key_t)); + memcpy(&desc->blinded_kp.pubkey, &desc->signing_key_cert->signing_key, + sizeof(ed25519_public_key_t)); + + /* Extract revision counter value. */ + tok = find_by_keyword(tokens, R3_REVISION_COUNTER); + tor_assert(tok->n_args == 1); + desc->revision_counter = tor_parse_uint64(tok->args[0], 10, 0, + UINT64_MAX, &ok, NULL); + if (!ok) { + log_warn(LD_REND, "Service descriptor revision-counter is invalid"); + goto err; + } + + /* Extract the encrypted data section. */ + tok = find_by_keyword(tokens, R3_ENCRYPTED); + tor_assert(tok->object_body); + if (strcmp(tok->object_type, "MESSAGE") != 0) { + log_warn(LD_REND, "Service descriptor encrypted data section is invalid"); + goto err; + } + /* Make sure the length of the encrypted blob is valid. */ + if (!encrypted_data_length_is_valid(tok->object_size)) { + goto err; + } + + /* Copy the encrypted blob to the descriptor object so we can handle it + * latter if needed. */ + desc->encrypted_blob = tor_memdup(tok->object_body, tok->object_size); + desc->encrypted_blob_size = tok->object_size; + + /* Extract signature and verify it. */ + tok = find_by_keyword(tokens, R3_SIGNATURE); + tor_assert(tok->n_args == 1); + /* First arg here is the actual encoded signature. */ + if (!desc_sig_is_valid(tok->args[0], &desc->signing_kp, + encoded_desc, encoded_len)) { + goto err; + } + + return 0; + + err: + return -1; +} + +/* Decode the version 3 encrypted section of the given descriptor desc. The + * desc_encrypted_out will be populated with the decoded data. Return 0 on + * success else -1. */ +static int +desc_decode_encrypted_v3(const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_encrypted_out) +{ + int result = -1; + char *message = NULL; + size_t message_len; + memarea_t *area = NULL; + directory_token_t *tok; + smartlist_t *tokens = NULL; + + tor_assert(desc); + tor_assert(desc_encrypted_out); + + /* Decrypt the encrypted data that is located in the plaintext section in + * the descriptor as a blob of bytes. The following functions will use the + * keys found in the same section. */ + message_len = desc_decrypt_data_v3(desc, &message); + if (!message_len) { + log_warn(LD_REND, "Service descriptor decryption failed."); + goto err; + } + tor_assert(message); + + area = memarea_new(); + tokens = smartlist_new(); + if (tokenize_string(area, message, message + message_len, + tokens, hs_desc_encrypted_v3_token_table, 0) < 0) { + log_warn(LD_REND, "Encrypted service descriptor is not parseable."); + goto err; + } + + /* CREATE2 supported cell format. It's mandatory. */ + tok = find_by_keyword(tokens, R3_CREATE2_FORMATS); + tor_assert(tok); + decode_create2_list(desc_encrypted_out, tok->args[0]); + /* Must support ntor according to the specification */ + if (!desc_encrypted_out->create2_ntor) { + log_warn(LD_REND, "Service create2-formats does not include ntor."); + goto err; + } + + /* Authentication type. It's optional but only once. */ + tok = find_opt_by_keyword(tokens, R3_AUTHENTICATION_REQUIRED); + if (tok) { + if (!decode_auth_type(desc_encrypted_out, tok->args[0])) { + log_warn(LD_REND, "Service descriptor authentication type has " + "invalid entry(ies)."); + goto err; + } + } + + /* Is this service a single onion service? */ + tok = find_opt_by_keyword(tokens, R3_SINGLE_ONION_SERVICE); + if (tok) { + desc_encrypted_out->single_onion_service = 1; + } + + /* Initialize the descriptor's introduction point list before we start + * decoding. Having 0 intro point is valid. Then decode them all. */ + desc_encrypted_out->intro_points = smartlist_new(); + if (decode_intro_points(desc, desc_encrypted_out, message) < 0) { + goto err; + } + /* Validation of maximum introduction points allowed. */ + if (smartlist_len(desc_encrypted_out->intro_points) > MAX_INTRO_POINTS) { + log_warn(LD_REND, "Service descriptor contains too many introduction " + "points. Maximum allowed is %d but we have %d", + MAX_INTRO_POINTS, + smartlist_len(desc_encrypted_out->intro_points)); + goto err; + } + + /* NOTE: Unknown fields are allowed because this function could be used to + * decode other descriptor version. */ + + result = 0; + goto done; + + err: + tor_assert(result < 0); + desc_encrypted_data_free_contents(desc_encrypted_out); + + done: + if (tokens) { + SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); + smartlist_free(tokens); + } + if (area) { + memarea_drop_all(area); + } + if (message) { + tor_free(message); + } + return result; +} + +/* Table of encrypted decode function version specific. The function are + * indexed by the version number so v3 callback is at index 3 in the array. */ +static int + (*decode_encrypted_handlers[])( + const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_encrypted) = +{ + /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, + desc_decode_encrypted_v3, +}; + +/* Decode the encrypted data section of the given descriptor and store the + * data in the given encrypted data object. Return 0 on success else a + * negative value on error. */ +int +hs_desc_decode_encrypted(const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_encrypted) +{ + int ret; + uint32_t version; + + tor_assert(desc); + /* Ease our life a bit. */ + version = desc->plaintext_data.version; + tor_assert(desc_encrypted); + /* Calling this function without an encrypted blob to parse is a code flow + * error. The plaintext parsing should never succeed in the first place + * without an encrypted section. */ + tor_assert(desc->plaintext_data.encrypted_blob); + /* Let's make sure we have a supported version as well. By correctly parsing + * the plaintext, this should not fail. */ + if (BUG(!hs_desc_is_supported_version(version))) { + ret = -1; + goto err; + } + /* Extra precaution. Having no handler for the supported version should + * never happened else we forgot to add it but we bumped the version. */ + tor_assert(ARRAY_LENGTH(decode_encrypted_handlers) >= version); + tor_assert(decode_encrypted_handlers[version]); + + /* Run the version specific plaintext decoder. */ + ret = decode_encrypted_handlers[version](desc, desc_encrypted); + if (ret < 0) { + goto err; + } + + err: + return ret; +} + +/* Table of plaintext decode function version specific. The function are + * indexed by the version number so v3 callback is at index 3 in the array. */ +static int + (*decode_plaintext_handlers[])( + smartlist_t *tokens, + hs_desc_plaintext_data_t *desc, + const char *encoded_desc, + size_t encoded_len) = +{ + /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, + desc_decode_plaintext_v3, +}; + +/* Fully decode the given descriptor plaintext and store the data in the + * plaintext data object. Returns 0 on success else a negative value. */ +int +hs_desc_decode_plaintext(const char *encoded, + hs_desc_plaintext_data_t *plaintext) +{ + int ok = 0, ret = -1; + memarea_t *area = NULL; + smartlist_t *tokens = NULL; + size_t encoded_len; + directory_token_t *tok; + + tor_assert(encoded); + tor_assert(plaintext); + + encoded_len = strlen(encoded); + if (encoded_len >= HS_DESC_MAX_LEN) { + log_warn(LD_REND, "Service descriptor is too big (%lu bytes)", + (unsigned long) encoded_len); + goto err; + } + + area = memarea_new(); + tokens = smartlist_new(); + /* Tokenize the descriptor so we can start to parse it. */ + if (tokenize_string(area, encoded, encoded + encoded_len, tokens, + hs_desc_v3_token_table, 0) < 0) { + log_warn(LD_REND, "Service descriptor is not parseable"); + goto err; + } + + /* Get the version of the descriptor which is the first mandatory field of + * the descriptor. From there, we'll decode the right descriptor version. */ + tok = find_by_keyword(tokens, R_HS_DESCRIPTOR); + tor_assert(tok->n_args == 1); + plaintext->version = (uint32_t) tor_parse_ulong(tok->args[0], 10, 0, + UINT32_MAX, &ok, NULL); + if (!ok) { + log_warn(LD_REND, "Service descriptor has unparseable version %s", + escaped(tok->args[0])); + goto err; + } + if (!hs_desc_is_supported_version(plaintext->version)) { + log_warn(LD_REND, "Service descriptor has unsupported version %" PRIu32, + plaintext->version); + goto err; + } + /* Extra precaution. Having no handler for the supported version should + * never happened else we forgot to add it but we bumped the version. */ + tor_assert(ARRAY_LENGTH(decode_plaintext_handlers) >= plaintext->version); + tor_assert(decode_plaintext_handlers[plaintext->version]); + + /* Run the version specific plaintext decoder. */ + ret = decode_plaintext_handlers[plaintext->version](tokens, plaintext, + encoded, encoded_len); + if (ret < 0) { + goto err; + } + /* Success. Descriptor has been populated with the data. */ + ret = 0; + + err: + if (tokens) { + SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); + smartlist_free(tokens); + } + if (area) { + memarea_drop_all(area); + } + return ret; +} + +/* Fully decode an encoded descriptor and set a newly allocated descriptor + * object in desc_out. Subcredentials are used if not NULL else it's ignored. + * + * Return 0 on success. A negative value is returned on error and desc_out is + * set to NULL. */ +int +hs_desc_decode_descriptor(const char *encoded, + const uint8_t *subcredential, + hs_descriptor_t **desc_out) +{ + int ret; + hs_descriptor_t *desc; + + tor_assert(encoded); + + desc = tor_malloc_zero(sizeof(hs_descriptor_t)); + + /* Subcredentials are optional. */ + if (subcredential) { + memcpy(desc->subcredential, subcredential, sizeof(desc->subcredential)); + } + + ret = hs_desc_decode_plaintext(encoded, &desc->plaintext_data); + if (ret < 0) { + goto err; + } + + ret = hs_desc_decode_encrypted(desc, &desc->encrypted_data); + if (ret < 0) { + goto err; + } + + if (desc_out) { + *desc_out = desc; + } else { + hs_descriptor_free(desc); + } + return ret; + + err: + hs_descriptor_free(desc); + if (desc_out) { + *desc_out = NULL; + } + + tor_assert(ret < 0); + return ret; +} + +/* Table of encode function version specific. The function are indexed by the + * version number so v3 callback is at index 3 in the array. */ +static int + (*encode_handlers[])( + const hs_descriptor_t *desc, + char **encoded_out) = +{ + /* v0 */ NULL, /* v1 */ NULL, /* v2 */ NULL, + desc_encode_v3, +}; + +/* Encode the given descriptor desc. On success, encoded_out points to a newly + * allocated NUL terminated string that contains the encoded descriptor as a + * string. + * + * Return 0 on success and encoded_out is a valid pointer. On error, -1 is + * returned and encoded_out is set to NULL. */ +int +hs_desc_encode_descriptor(const hs_descriptor_t *desc, char **encoded_out) +{ + int ret = -1; + + tor_assert(desc); + tor_assert(encoded_out); + + /* Make sure we support the version of the descriptor format. */ + if (!hs_desc_is_supported_version(desc->plaintext_data.version)) { + goto err; + } + /* Extra precaution. Having no handler for the supported version should + * never happened else we forgot to add it but we bumped the version. */ + tor_assert(ARRAY_LENGTH(encode_handlers) >= desc->plaintext_data.version); + tor_assert(encode_handlers[desc->plaintext_data.version]); + + ret = encode_handlers[desc->plaintext_data.version](desc, encoded_out); + if (ret < 0) { + goto err; + } + + /* Try to decode what we just encoded. Symmetry is nice! */ + ret = hs_desc_decode_descriptor(*encoded_out, desc->subcredential, NULL); + if (BUG(ret < 0)) { + goto err; + } + + return 0; + + err: + *encoded_out = NULL; + return ret; +} + +/* Free the descriptor plaintext data object. */ +void +hs_desc_plaintext_data_free(hs_desc_plaintext_data_t *desc) +{ + desc_plaintext_data_free_contents(desc); + tor_free(desc); +} + +/* Free the descriptor encrypted data object. */ +void +hs_desc_encrypted_data_free(hs_desc_encrypted_data_t *desc) +{ + desc_encrypted_data_free_contents(desc); + tor_free(desc); +} + +/* Free the given descriptor object. */ +void +hs_descriptor_free(hs_descriptor_t *desc) +{ + if (!desc) { + return; + } + + desc_plaintext_data_free_contents(&desc->plaintext_data); + desc_encrypted_data_free_contents(&desc->encrypted_data); + tor_free(desc); +} + +/* Return the size in bytes of the given plaintext data object. A sizeof() is + * not enough because the object contains pointers and the encrypted blob. + * This is particularly useful for our OOM subsystem that tracks the HSDir + * cache size for instance. */ +size_t +hs_desc_plaintext_obj_size(const hs_desc_plaintext_data_t *data) +{ + tor_assert(data); + return (sizeof(*data) + sizeof(*data->signing_key_cert) + + data->encrypted_blob_size); +} + diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h new file mode 100644 index 0000000000..083d353860 --- /dev/null +++ b/src/or/hs_descriptor.h @@ -0,0 +1,241 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file hs_descriptor.h + * \brief Header file for hs_descriptor.c + **/ + +#ifndef TOR_HS_DESCRIPTOR_H +#define TOR_HS_DESCRIPTOR_H + +#include <stdint.h> + +#include "or.h" +#include "address.h" +#include "container.h" +#include "crypto.h" +#include "crypto_ed25519.h" +#include "torcert.h" + +/* The earliest descriptor format version we support. */ +#define HS_DESC_SUPPORTED_FORMAT_VERSION_MIN 3 +/* The latest descriptor format version we support. */ +#define HS_DESC_SUPPORTED_FORMAT_VERSION_MAX 3 + +/* Maximum lifetime of a descriptor in seconds. The value is set at 12 hours + * which is 720 minutes or 43200 seconds. */ +#define HS_DESC_MAX_LIFETIME (12 * 60 * 60) +/* Lifetime of certificate in the descriptor. This defines the lifetime of the + * descriptor signing key and the cross certification cert of that key. */ +#define HS_DESC_CERT_LIFETIME (24 * 60 * 60) +/* Length of the salt needed for the encrypted section of a descriptor. */ +#define HS_DESC_ENCRYPTED_SALT_LEN 16 +/* Length of the secret input needed for the KDF construction which derives + * the encryption key for the encrypted data section of the descriptor. This + * adds up to 68 bytes being the blinded key, hashed subcredential and + * revision counter. */ +#define HS_DESC_ENCRYPTED_SECRET_INPUT_LEN \ + ED25519_PUBKEY_LEN + DIGEST256_LEN + sizeof(uint64_t) +/* Length of the KDF output value which is the length of the secret key, + * the secret IV and MAC key length which is the length of H() output. */ +#define HS_DESC_ENCRYPTED_KDF_OUTPUT_LEN \ + CIPHER_KEY_LEN + CIPHER_IV_LEN + DIGEST256_LEN +/* We need to pad the plaintext version of the encrypted data section before + * encryption and it has to be a multiple of this value. */ +#define HS_DESC_PLAINTEXT_PADDING_MULTIPLE 128 +/* XXX: Let's make sure this makes sense as an upper limit for the padded + * plaintext section. Then we should enforce it as now only an assert will be + * triggered if we are above it. */ +/* Once padded, this is the maximum length in bytes for the plaintext. */ +#define HS_DESC_PADDED_PLAINTEXT_MAX_LEN 8192 +/* Minimum length in bytes of the encrypted portion of the descriptor. */ +#define HS_DESC_ENCRYPTED_MIN_LEN \ + HS_DESC_ENCRYPTED_SALT_LEN + \ + HS_DESC_PLAINTEXT_PADDING_MULTIPLE + DIGEST256_LEN +/* Maximum length in bytes of a full hidden service descriptor. */ +#define HS_DESC_MAX_LEN 32768 // XXX justify +/* The minimum amount of fields a descriptor should contain. The parsing of + * the fields are version specific so the only required field, as a generic + * view of a descriptor, is 1 that is the version field. */ +#define HS_DESC_PLAINTEXT_MIN_FIELDS 1 + +/* Type of authentication in the descriptor. */ +typedef enum { + HS_DESC_AUTH_PASSWORD = 1, + HS_DESC_AUTH_ED25519 = 2, +} hs_desc_auth_type_t; + +/* Type of encryption key in the descriptor. */ +typedef enum { + HS_DESC_KEY_TYPE_LEGACY = 1, + HS_DESC_KEY_TYPE_CURVE25519 = 2, +} hs_desc_key_type_t; + +/* Link specifier object that contains information on how to extend to the + * relay that is the address, port and handshake type. */ +typedef struct hs_desc_link_specifier_t { + /* Indicate the type of link specifier. See trunnel ed25519_cert + * specification. */ + uint8_t type; + + /* It's either an address/port or a legacy identity fingerprint. */ + union { + /* IP address and port of the relay use to extend. */ + tor_addr_port_t ap; + /* Legacy identity. A 20-byte SHA1 identity fingerprint. */ + uint8_t legacy_id[DIGEST_LEN]; + } u; +} hs_desc_link_specifier_t; + +/* Introduction point information located in a descriptor. */ +typedef struct hs_desc_intro_point_t { + /* Link specifier(s) which details how to extend to the relay. This list + * contains hs_desc_link_specifier_t object. It MUST have at least one. */ + smartlist_t *link_specifiers; + + /* Authentication key used to establish the introduction point circuit and + * cross-certifies the blinded public key for the replica thus signed by + * the blinded key and in turn signs it. */ + tor_cert_t *auth_key_cert; + + /* Encryption key type so we know which one to use in the union below. */ + hs_desc_key_type_t enc_key_type; + + /* Keys are mutually exclusive thus the union. */ + union { + /* Encryption key used to encrypt request to hidden service. */ + curve25519_keypair_t curve25519; + + /* Backward compat: RSA 1024 encryption key for legacy purposes. + * Mutually exclusive with enc_key. */ + crypto_pk_t *legacy; + } enc_key; + + /* True iff the introduction point has passed the cross certification. Upon + * decoding an intro point, this must be true. */ + unsigned int cross_certified : 1; +} hs_desc_intro_point_t; + +/* The encrypted data section of a descriptor. Obviously the data in this is + * in plaintext but encrypted once encoded. */ +typedef struct hs_desc_encrypted_data_t { + /* Bitfield of CREATE2 cell supported formats. The only currently supported + * format is ntor. */ + unsigned int create2_ntor : 1; + + /* A list of authentication types that a client must at least support one + * in order to contact the service. Contains NULL terminated strings. */ + smartlist_t *auth_types; + + /* Is this descriptor a single onion service? */ + unsigned int single_onion_service : 1; + + /* A list of intro points. Contains hs_desc_intro_point_t objects. */ + smartlist_t *intro_points; +} hs_desc_encrypted_data_t; + +/* Plaintext data that is unencrypted information of the descriptor. */ +typedef struct hs_desc_plaintext_data_t { + /* Version of the descriptor format. Spec specifies this field as a + * positive integer. */ + uint32_t version; + + /* The lifetime of the descriptor in seconds. */ + uint32_t lifetime_sec; + + /* Certificate with the short-term ed22519 descriptor signing key for the + * replica which is signed by the blinded public key for that replica. */ + tor_cert_t *signing_key_cert; + + /* Signing keypair which is used to sign the descriptor. Same public key + * as in the signing key certificate. */ + ed25519_keypair_t signing_kp; + + /* Blinded keypair used for this descriptor derived from the master + * identity key and generated for a specific replica number. */ + ed25519_keypair_t blinded_kp; + + /* Revision counter is incremented at each upload, regardless of whether + * the descriptor has changed. This avoids leaking whether the descriptor + * has changed. Spec specifies this as a 8 bytes positive integer. */ + uint64_t revision_counter; + + /* Decoding only: The base64-decoded encrypted blob from the descriptor */ + uint8_t *encrypted_blob; + + /* Decoding only: Size of the encrypted_blob */ + size_t encrypted_blob_size; +} hs_desc_plaintext_data_t; + +/* Service descriptor in its decoded form. */ +typedef struct hs_descriptor_t { + /* Contains the plaintext part of the descriptor. */ + hs_desc_plaintext_data_t plaintext_data; + + /* The following contains what's in the encrypted part of the descriptor. + * It's only encrypted in the encoded version of the descriptor thus the + * data contained in that object is in plaintext. */ + hs_desc_encrypted_data_t encrypted_data; + + /* Subcredentials of a service, used by the client and service to decrypt + * the encrypted data. */ + uint8_t subcredential[DIGEST256_LEN]; +} hs_descriptor_t; + +/* Return true iff the given descriptor format version is supported. */ +static inline int +hs_desc_is_supported_version(uint32_t version) +{ + if (version < HS_DESC_SUPPORTED_FORMAT_VERSION_MIN || + version > HS_DESC_SUPPORTED_FORMAT_VERSION_MAX) { + return 0; + } + return 1; +} + +/* Public API. */ + +void hs_descriptor_free(hs_descriptor_t *desc); +void hs_desc_plaintext_data_free(hs_desc_plaintext_data_t *desc); +void hs_desc_encrypted_data_free(hs_desc_encrypted_data_t *desc); + +int hs_desc_encode_descriptor(const hs_descriptor_t *desc, + char **encoded_out); + +int hs_desc_decode_descriptor(const char *encoded, + const uint8_t *subcredential, + hs_descriptor_t **desc_out); +int hs_desc_decode_plaintext(const char *encoded, + hs_desc_plaintext_data_t *plaintext); +int hs_desc_decode_encrypted(const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_out); + +size_t hs_desc_plaintext_obj_size(const hs_desc_plaintext_data_t *data); + +#ifdef HS_DESCRIPTOR_PRIVATE + +/* Encoding. */ +STATIC char *encode_link_specifiers(const smartlist_t *specs); +STATIC size_t build_plaintext_padding(const char *plaintext, + size_t plaintext_len, + uint8_t **padded_out); +/* Decoding. */ +STATIC smartlist_t *decode_link_specifiers(const char *encoded); +STATIC hs_desc_intro_point_t *decode_introduction_point( + const hs_descriptor_t *desc, + const char *text); +STATIC int decode_intro_points(const hs_descriptor_t *desc, + hs_desc_encrypted_data_t *desc_enc, + const char *data); +STATIC int encrypted_data_length_is_valid(size_t len); +STATIC int cert_is_valid(tor_cert_t *cert, uint8_t type, + const char *log_obj_type); +STATIC int desc_sig_is_valid(const char *b64_sig, + const ed25519_keypair_t *signing_kp, + const char *encoded_desc, size_t encoded_len); +STATIC void desc_intro_point_free(hs_desc_intro_point_t *ip); +#endif /* HS_DESCRIPTOR_PRIVATE */ + +#endif /* TOR_HS_DESCRIPTOR_H */ + diff --git a/src/or/include.am b/src/or/include.am index ae493b7225..99912a9947 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -48,6 +48,9 @@ LIBTOR_A_SOURCES = \ src/or/entrynodes.c \ src/or/ext_orport.c \ src/or/hibernate.c \ + src/or/hs_cache.c \ + src/or/hs_common.c \ + src/or/hs_descriptor.c \ src/or/keypin.c \ src/or/main.c \ src/or/microdesc.c \ @@ -59,6 +62,7 @@ LIBTOR_A_SOURCES = \ src/or/shared_random.c \ src/or/shared_random_state.c \ src/or/transports.c \ + src/or/parsecommon.c \ src/or/periodic.c \ src/or/protover.c \ src/or/policies.c \ @@ -157,6 +161,9 @@ ORHEADERS = \ src/or/geoip.h \ src/or/entrynodes.h \ src/or/hibernate.h \ + src/or/hs_cache.h \ + src/or/hs_common.h \ + src/or/hs_descriptor.h \ src/or/keypin.h \ src/or/main.h \ src/or/microdesc.h \ @@ -171,6 +178,7 @@ ORHEADERS = \ src/or/shared_random.h \ src/or/shared_random_state.h \ src/or/transports.h \ + src/or/parsecommon.h \ src/or/periodic.h \ src/or/policies.h \ src/or/protover.h \ diff --git a/src/or/main.c b/src/or/main.c index 66a8571901..8239606c08 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -8,6 +8,42 @@ * \file main.c * \brief Toplevel module. Handles signals, multiplexes between * connections, implements main loop, and drives scheduled events. + * + * For the main loop itself; see run_main_loop_once(). It invokes the rest of + * Tor mostly through Libevent callbacks. Libevent callbacks can happen when + * a timer elapses, a signal is received, a socket is ready to read or write, + * or an event is manually activated. + * + * Most events in Tor are driven from these callbacks: + * <ul> + * <li>conn_read_callback() and conn_write_callback() here, which are + * invoked when a socket is ready to read or write respectively. + * <li>signal_callback(), which handles incoming signals. + * </ul> + * Other events are used for specific purposes, or for building more complex + * control structures. If you search for usage of tor_libevent_new(), you + * will find all the events that we construct in Tor. + * + * Tor has numerous housekeeping operations that need to happen + * regularly. They are handled in different ways: + * <ul> + * <li>The most frequent operations are handled after every read or write + * event, at the end of connection_handle_read() and + * connection_handle_write(). + * + * <li>The next most frequent operations happen after each invocation of the + * main loop, in run_main_loop_once(). + * + * <li>Once per second, we run all of the operations listed in + * second_elapsed_callback(), and in its child, run_scheduled_events(). + * + * <li>Once-a-second operations are handled in second_elapsed_callback(). + * + * <li>More infrequent operations take place based on the periodic event + * driver in periodic.c . These are stored in the periodic_events[] + * table. + * </ul> + * **/ #define MAIN_PRIVATE @@ -37,6 +73,7 @@ #include "entrynodes.h" #include "geoip.h" #include "hibernate.h" +#include "hs_cache.h" #include "keypin.h" #include "main.h" #include "microdesc.h" @@ -325,7 +362,7 @@ connection_unlink(connection_t *conn) } if (conn->type == CONN_TYPE_OR) { if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) - connection_or_remove_from_identity_map(TO_OR_CONN(conn)); + connection_or_clear_identity(TO_OR_CONN(conn)); /* connection_unlink() can only get called if the connection * was already on the closeable list, and it got there by * connection_mark_for_close(), which was called from @@ -1389,7 +1426,7 @@ run_scheduled_events(time_t now) } /* 5. We do housekeeping for each connection... */ - connection_or_set_bad_connections(NULL, 0); + channel_update_bad_for_new_circs(NULL, 0); int i; for (i=0;i<smartlist_len(connection_array);i++) { run_connection_housekeeping(i, now); @@ -1423,13 +1460,13 @@ run_scheduled_events(time_t now) pt_configure_remaining_proxies(); } +/* Periodic callback: Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion + * keys, shut down and restart all cpuworkers, and update our descriptor if + * necessary. + */ static int rotate_onion_key_callback(time_t now, const or_options_t *options) { - /* 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys, - * shut down and restart all cpuworkers, and update the directory if - * necessary. - */ if (server_mode(options)) { time_t rotation_time = get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME; if (rotation_time > now) { @@ -1449,6 +1486,9 @@ rotate_onion_key_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } +/* Periodic callback: Every 30 seconds, check whether it's time to make new + * Ed25519 subkeys. + */ static int check_ed_keys_callback(time_t now, const or_options_t *options) { @@ -1466,6 +1506,11 @@ check_ed_keys_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } +/** + * Periodic callback: Every {LAZY,GREEDY}_DESCRIPTOR_RETRY_INTERVAL, + * see about fetching descriptors, microdescriptors, and extrainfo + * documents. + */ static int launch_descriptor_fetches_callback(time_t now, const or_options_t *options) { @@ -1480,6 +1525,10 @@ launch_descriptor_fetches_callback(time_t now, const or_options_t *options) return GREEDY_DESCRIPTOR_RETRY_INTERVAL; } +/** + * Periodic event: Rotate our X.509 certificates and TLS keys once every + * MAX_SSL_KEY_LIFETIME_INTERNAL. + */ static int rotate_x509_certificate_callback(time_t now, const or_options_t *options) { @@ -1505,6 +1554,10 @@ rotate_x509_certificate_callback(time_t now, const or_options_t *options) return MAX_SSL_KEY_LIFETIME_INTERNAL; } +/** + * Periodic callback: once an hour, grab some more entropy from the + * kernel and feed it to our CSPRNG. + **/ static int add_entropy_callback(time_t now, const or_options_t *options) { @@ -1521,6 +1574,10 @@ add_entropy_callback(time_t now, const or_options_t *options) return ENTROPY_INTERVAL; } +/** + * Periodic callback: if we're an authority, make sure we test + * the routers on the network for reachability. + */ static int launch_reachability_tests_callback(time_t now, const or_options_t *options) { @@ -1532,6 +1589,10 @@ launch_reachability_tests_callback(time_t now, const or_options_t *options) return REACHABILITY_TEST_INTERVAL; } +/** + * Periodic callback: if we're an authority, discount the stability + * information (and other rephist information) that's older. + */ static int downrate_stability_callback(time_t now, const or_options_t *options) { @@ -1543,6 +1604,10 @@ downrate_stability_callback(time_t now, const or_options_t *options) return safe_timer_diff(now, next); } +/** + * Periodic callback: if we're an authority, record our measured stability + * information from rephist in an mtbf file. + */ static int save_stability_callback(time_t now, const or_options_t *options) { @@ -1555,6 +1620,10 @@ save_stability_callback(time_t now, const or_options_t *options) return SAVE_STABILITY_INTERVAL; } +/** + * Periodic callback: if we're an authority, check on our authority + * certificate (the one that authenticates our authority signing key). + */ static int check_authority_cert_callback(time_t now, const or_options_t *options) { @@ -1567,6 +1636,10 @@ check_authority_cert_callback(time_t now, const or_options_t *options) return CHECK_V3_CERTIFICATE_INTERVAL; } +/** + * Periodic callback: If our consensus is too old, recalculate whether + * we can actually use it. + */ static int check_expired_networkstatus_callback(time_t now, const or_options_t *options) { @@ -1586,6 +1659,9 @@ check_expired_networkstatus_callback(time_t now, const or_options_t *options) return CHECK_EXPIRED_NS_INTERVAL; } +/** + * Periodic callback: Write statistics to disk if appropriate. + */ static int write_stats_file_callback(time_t now, const or_options_t *options) { @@ -1633,6 +1709,9 @@ write_stats_file_callback(time_t now, const or_options_t *options) return safe_timer_diff(now, next_time_to_write_stats_files); } +/** + * Periodic callback: Write bridge statistics to disk if appropriate. + */ static int record_bridge_stats_callback(time_t now, const or_options_t *options) { @@ -1660,6 +1739,9 @@ record_bridge_stats_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } +/** + * Periodic callback: Clean in-memory caches every once in a while + */ static int clean_caches_callback(time_t now, const or_options_t *options) { @@ -1667,12 +1749,16 @@ clean_caches_callback(time_t now, const or_options_t *options) rep_history_clean(now - options->RephistTrackTime); rend_cache_clean(now, REND_CACHE_TYPE_CLIENT); rend_cache_clean(now, REND_CACHE_TYPE_SERVICE); - rend_cache_clean_v2_descs_as_dir(now, 0); + hs_cache_clean_as_dir(now); microdesc_cache_rebuild(NULL, 0); #define CLEAN_CACHES_INTERVAL (30*60) return CLEAN_CACHES_INTERVAL; } +/** + * Periodic callback: Clean the cache of failed hidden service lookups + * frequently frequently. + */ static int rend_cache_failure_clean_callback(time_t now, const or_options_t *options) { @@ -1684,20 +1770,21 @@ rend_cache_failure_clean_callback(time_t now, const or_options_t *options) return 30; } +/** + * Periodic callback: If we're a server and initializing dns failed, retry. + */ static int retry_dns_callback(time_t now, const or_options_t *options) { (void)now; #define RETRY_DNS_INTERVAL (10*60) - /* If we're a server and initializing dns failed, retry periodically. */ if (server_mode(options) && has_dns_init_failed()) dns_init(); return RETRY_DNS_INTERVAL; } - /* 2. Periodically, we consider force-uploading our descriptor - * (if we've passed our internal checks). */ - +/** Periodic callback: consider rebuilding or and re-uploading our descriptor + * (if we've passed our internal checks). */ static int check_descriptor_callback(time_t now, const or_options_t *options) { @@ -1724,6 +1811,11 @@ check_descriptor_callback(time_t now, const or_options_t *options) return CHECK_DESCRIPTOR_INTERVAL; } +/** + * Periodic callback: check whether we're reachable (as a relay), and + * whether our bandwidth has changed enough that we need to + * publish a new descriptor. + */ static int check_for_reachability_bw_callback(time_t now, const or_options_t *options) { @@ -1760,13 +1852,13 @@ check_for_reachability_bw_callback(time_t now, const or_options_t *options) return CHECK_DESCRIPTOR_INTERVAL; } +/** + * Periodic event: once a minute, (or every second if TestingTorNetwork, or + * during client bootstrap), check whether we want to download any + * networkstatus documents. */ static int fetch_networkstatus_callback(time_t now, const or_options_t *options) { - /* 2c. Every minute (or every second if TestingTorNetwork, or during - * client bootstrap), check whether we want to download any networkstatus - * documents. */ - /* How often do we check whether we should download network status * documents? */ const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping( @@ -1788,12 +1880,13 @@ fetch_networkstatus_callback(time_t now, const or_options_t *options) return networkstatus_dl_check_interval; } +/** + * Periodic callback: Every 60 seconds, we relaunch listeners if any died. */ static int retry_listeners_callback(time_t now, const or_options_t *options) { (void)now; (void)options; - /* 3d. And every 60 seconds, we relaunch listeners if any died. */ if (!net_is_disabled()) { retry_all_listeners(NULL, NULL, 0); return 60; @@ -1801,6 +1894,9 @@ retry_listeners_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } +/** + * Periodic callback: as a server, see if we have any old unused circuits + * that should be expired */ static int expire_old_ciruits_serverside_callback(time_t now, const or_options_t *options) { @@ -1810,6 +1906,10 @@ expire_old_ciruits_serverside_callback(time_t now, const or_options_t *options) return 11; } +/** + * Periodic event: if we're an exit, see if our DNS server is telling us + * obvious lies. + */ static int check_dns_honesty_callback(time_t now, const or_options_t *options) { @@ -1832,6 +1932,10 @@ check_dns_honesty_callback(time_t now, const or_options_t *options) return 12*3600 + crypto_rand_int(12*3600); } +/** + * Periodic callback: if we're the bridge authority, write a networkstatus + * file to disk. + */ static int write_bridge_ns_callback(time_t now, const or_options_t *options) { @@ -1844,6 +1948,9 @@ write_bridge_ns_callback(time_t now, const or_options_t *options) return PERIODIC_EVENT_NO_UPDATE; } +/** + * Periodic callback: poke the tor-fw-helper app if we're using one. + */ static int check_fw_helper_app_callback(time_t now, const or_options_t *options) { @@ -1867,7 +1974,9 @@ check_fw_helper_app_callback(time_t now, const or_options_t *options) return PORT_FORWARDING_CHECK_INTERVAL; } -/** Callback to write heartbeat message in the logs. */ +/** + * Periodic callback: write the heartbeat message in the logs. + */ static int heartbeat_callback(time_t now, const or_options_t *options) { @@ -2373,19 +2482,26 @@ run_main_loop_once(void) /* Make it easier to tell whether libevent failure is our fault or not. */ errno = 0; #endif - /* All active linked conns should get their read events activated. */ + + /* All active linked conns should get their read events activated, + * so that libevent knows to run their callbacks. */ SMARTLIST_FOREACH(active_linked_connection_lst, connection_t *, conn, event_active(conn->read_event, EV_READ, 1)); called_loop_once = smartlist_len(active_linked_connection_lst) ? 1 : 0; + /* Make sure we know (about) what time it is. */ update_approx_time(time(NULL)); - /* poll until we have an event, or the second ends, or until we have - * some active linked connections to trigger events for. */ + /* Here it is: the main loop. Here we tell Libevent to poll until we have + * an event, or the second ends, or until we have some active linked + * connections to trigger events for. Libevent will wait till one + * of these happens, then run all the appropriate callbacks. */ loop_result = event_base_loop(tor_libevent_get_base(), called_loop_once ? EVLOOP_ONCE : 0); - /* let catch() handle things like ^c, and otherwise don't worry about it */ + /* Oh, the loop failed. That might be an error that we need to + * catch, but more likely, it's just an interrupted poll() call or something, + * and we should try again. */ if (loop_result < 0) { int e = tor_socket_errno(-1); /* let the program survive things like ^z */ @@ -2408,9 +2524,17 @@ run_main_loop_once(void) } } - /* This will be pretty fast if nothing new is pending. Note that this gets - * called once per libevent loop, which will make it happen once per group - * of events that fire, or once per second. */ + /* And here is where we put callbacks that happen "every time the event loop + * runs." They must be very fast, or else the whole Tor process will get + * slowed down. + * + * Note that this gets called once per libevent loop, which will make it + * happen once per group of events that fire, or once per second. */ + + /* If there are any pending client connections, try attaching them to + * circuits (if we can.) This will be pretty fast if nothing new is + * pending. + */ connection_ap_attach_pending(0); return 1; @@ -2971,6 +3095,7 @@ tor_free_all(int postfork) rend_service_free_all(); rend_cache_free_all(); rend_service_authorization_free_all(); + hs_cache_free_all(); rep_hist_free_all(); dns_free_all(); clear_pending_onions(); diff --git a/src/or/microdesc.c b/src/or/microdesc.c index a81dc54628..140117f683 100644 --- a/src/or/microdesc.c +++ b/src/or/microdesc.c @@ -917,20 +917,9 @@ update_microdescs_from_networkstatus(time_t now) int we_use_microdescriptors_for_circuits(const or_options_t *options) { - int ret = options->UseMicrodescriptors; - if (ret == -1) { - /* UseMicrodescriptors is "auto"; we need to decide: */ - /* If we are configured to use bridges and none of our bridges - * know what a microdescriptor is, the answer is no. */ - if (options->UseBridges && !any_bridge_supports_microdescriptors()) - return 0; - /* Otherwise, we decide that we'll use microdescriptors iff we are - * not a server, and we're not autofetching everything. */ - /* XXXX++ what does not being a server have to do with it? also there's - * a partitioning issue here where bridges differ from clients. */ - ret = !server_mode(options) && !options->FetchUselessDescriptors; - } - return ret; + if (options->UseMicrodescriptors == 0) + return 0; /* the user explicitly picked no */ + return 1; /* yes and auto both mean yes */ } /** Return true iff we should try to download microdescriptors at all. */ diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 2d39c90380..bfb36413ce 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -6,8 +6,34 @@ /** * \file networkstatus.c - * \brief Functions and structures for handling network status documents as a - * client or cache. + * \brief Functions and structures for handling networkstatus documents as a + * client or as a directory cache. + * + * A consensus networkstatus object is created by the directory + * authorities. It authenticates a set of network parameters--most + * importantly, the list of all the relays in the network. This list + * of relays is represented as an array of routerstatus_t objects. + * + * There are currently two flavors of consensus. With the older "NS" + * flavor, each relay is associated with a digest of its router + * descriptor. Tor instances that use this consensus keep the list of + * router descriptors as routerinfo_t objects stored and managed in + * routerlist.c. With the newer "microdesc" flavor, each relay is + * associated with a digest of the microdescriptor that the authorities + * made for it. These are stored and managed in microdesc.c. Information + * about the router is divided between the the networkstatus and the + * microdescriptor according to the general rule that microdescriptors + * should hold information that changes much less frequently than the + * information in the networkstatus. + * + * Modern clients use microdescriptor networkstatuses. Directory caches + * need to keep both kinds of networkstatus document, so they can serve them. + * + * This module manages fetching, holding, storing, updating, and + * validating networkstatus objects. The download-and-validate process + * is slightly complicated by the fact that the keys you need to + * validate a consensus are stored in the authority certificates, which + * you might not have yet when you download the consensus. */ #define NETWORKSTATUS_PRIVATE @@ -788,8 +814,11 @@ networkstatus_nickname_is_unnamed(const char *nickname) #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60) /** Return true iff, given the options listed in <b>options</b>, <b>flavor</b> - * is the flavor of a consensus networkstatus that we would like to fetch. */ -static int + * is the flavor of a consensus networkstatus that we would like to fetch. + * + * For certificate fetches, use we_want_to_fetch_unknown_auth_certs, and + * for serving fetched documents, use directory_caches_dir_info. */ +int we_want_to_fetch_flavor(const or_options_t *options, int flavor) { if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) { @@ -811,6 +840,29 @@ we_want_to_fetch_flavor(const or_options_t *options, int flavor) return flavor == usable_consensus_flavor(); } +/** Return true iff, given the options listed in <b>options</b>, we would like + * to fetch and store unknown authority certificates. + * + * For consensus and descriptor fetches, use we_want_to_fetch_flavor, and + * for serving fetched certificates, use directory_caches_unknown_auth_certs. + */ +int +we_want_to_fetch_unknown_auth_certs(const or_options_t *options) +{ + if (authdir_mode_v3(options) || + directory_caches_unknown_auth_certs((options))) { + /* We want to serve all certs to others, regardless if we would use + * them ourselves. */ + return 1; + } + if (options->FetchUselessDescriptors) { + /* Unknown certificates are definitely useless. */ + return 1; + } + /* Otherwise, don't fetch unknown certificates. */ + return 0; +} + /** How long will we hang onto a possibly live consensus for which we're * fetching certs before we check whether there is a better one? */ #define DELAY_WHILE_FETCHING_CERTS (20*60) @@ -1702,9 +1754,9 @@ networkstatus_set_current_consensus(const char *consensus, } if (flav != usable_consensus_flavor() && - !directory_caches_dir_info(options)) { - /* This consensus is totally boring to us: we won't use it, and we won't - * serve it. Drop it. */ + !we_want_to_fetch_flavor(options, flav)) { + /* This consensus is totally boring to us: we won't use it, we didn't want + * it, and we won't serve it. Drop it. */ goto done; } @@ -1906,7 +1958,7 @@ networkstatus_set_current_consensus(const char *consensus, download_status_failed(&consensus_dl_status[flav], 0); } - if (directory_caches_dir_info(options)) { + if (we_want_to_fetch_flavor(options, flav)) { dirserv_set_cached_consensus_networkstatus(consensus, flavor, &c->digests, @@ -2355,9 +2407,9 @@ int client_would_use_router(const routerstatus_t *rs, time_t now, const or_options_t *options) { - if (!rs->is_flagged_running && !options->FetchUselessDescriptors) { + if (!rs->is_flagged_running) { /* If we had this router descriptor, we wouldn't even bother using it. - * But, if we want to have a complete list, fetch it anyway. */ + * (Fetching and storing depends on by we_want_to_fetch_flavor().) */ return 0; } if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index 71f36b69ed..454356e0bb 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -66,6 +66,8 @@ const routerstatus_t *router_get_consensus_status_by_nickname( int warn_if_unnamed); const char *networkstatus_get_router_digest_by_nickname(const char *nickname); int networkstatus_nickname_is_unnamed(const char *nickname); +int we_want_to_fetch_flavor(const or_options_t *options, int flavor); +int we_want_to_fetch_unknown_auth_certs(const or_options_t *options); void networkstatus_consensus_download_failed(int status_code, const char *flavname); void update_consensus_networkstatus_fetch_time(time_t now); diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 070e2e9e0d..3f2e111077 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -10,6 +10,32 @@ * \brief Structures and functions for tracking what we know about the routers * on the Tor network, and correlating information from networkstatus, * routerinfo, and microdescs. + * + * The key structure here is node_t: that's the canonical way to refer + * to a Tor relay that we might want to build a circuit through. Every + * node_t has either a routerinfo_t, or a routerstatus_t from the current + * networkstatus consensus. If it has a routerstatus_t, it will also + * need to have a microdesc_t before you can use it for circuits. + * + * The nodelist_t is a global singleton that maps identities to node_t + * objects. Access them with the node_get_*() functions. The nodelist_t + * is maintained by calls throughout the codebase + * + * Generally, other code should not have to reach inside a node_t to + * see what information it has. Instead, you should call one of the + * many accessor functions that works on a generic node_t. If there + * isn't one that does what you need, it's better to make such a function, + * and then use it. + * + * For historical reasons, some of the functions that select a node_t + * from the list of all usable node_t objects are in the routerlist.c + * module, since they originally selected a routerinfo_t. (TODO: They + * should move!) + * + * (TODO: Perhaps someday we should abstract the remaining ways of + * talking about a relay to also be node_t instances. Those would be + * routerstatus_t as used for directory requests, and dir_server_t as + * used for authorities and fallback directories.) */ #include "or.h" @@ -23,10 +49,12 @@ #include "networkstatus.h" #include "nodelist.h" #include "policies.h" +#include "protover.h" #include "rendservice.h" #include "router.h" #include "routerlist.h" #include "routerset.h" +#include "torcert.h" #include <string.h> @@ -620,6 +648,73 @@ node_get_by_nickname,(const char *nickname, int warn_if_unnamed)) } } +/** Return the Ed25519 identity key for the provided node, or NULL if it + * doesn't have one. */ +const ed25519_public_key_t * +node_get_ed25519_id(const node_t *node) +{ + if (node->ri) { + if (node->ri->cache_info.signing_key_cert) { + const ed25519_public_key_t *pk = + &node->ri->cache_info.signing_key_cert->signing_key; + if (BUG(ed25519_public_key_is_zero(pk))) + goto try_the_md; + return pk; + } + } + try_the_md: + if (node->md) { + if (node->md->ed25519_identity_pkey) { + return node->md->ed25519_identity_pkey; + } + } + return NULL; +} + +/** Return true iff this node's Ed25519 identity matches <b>id</b>. + * (An absent Ed25519 identity matches NULL or zero.) */ +int +node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id) +{ + const ed25519_public_key_t *node_id = node_get_ed25519_id(node); + if (node_id == NULL || ed25519_public_key_is_zero(node_id)) { + return id == NULL || ed25519_public_key_is_zero(id); + } else { + return id && ed25519_pubkey_eq(node_id, id); + } +} + +/** Return true iff <b>node</b> supports authenticating itself + * by ed25519 ID during the link handshake in a way that we can understand + * when we probe it. */ +int +node_supports_ed25519_link_authentication(const node_t *node) +{ + /* XXXX Oh hm. What if some day in the future there are link handshake + * versions that aren't 3 but which are ed25519 */ + if (! node_get_ed25519_id(node)) + return 0; + if (node->ri) { + const char *protos = node->ri->protocol_list; + if (protos == NULL) + return 0; + return protocol_list_supports_protocol(protos, PRT_LINKAUTH, 3); + } + if (node->rs) { + return node->rs->supports_ed25519_link_handshake; + } + tor_assert_nonfatal_unreached_once(); + return 0; +} + +/** Return the RSA ID key's SHA1 digest for the provided node. */ +const uint8_t * +node_get_rsa_id_digest(const node_t *node) +{ + tor_assert(node); + return (const uint8_t*)node->identity; +} + /** Return the nickname of <b>node</b>, or NULL if we can't find one. */ const char * node_get_nickname(const node_t *node) @@ -1543,8 +1638,8 @@ router_have_minimum_dir_info(void) * this can cause router_have_consensus_path() to be set to * CONSENSUS_PATH_EXIT, even if there are no nodes with accept exit policies. */ -consensus_path_type_t -router_have_consensus_path(void) +MOCK_IMPL(consensus_path_type_t, +router_have_consensus_path, (void)) { return have_consensus_path; } diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 71a91e107f..8456d21c6c 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -55,6 +55,11 @@ void node_get_address_string(const node_t *node, char *cp, size_t len); long node_get_declared_uptime(const node_t *node); time_t node_get_published_on(const node_t *node); const smartlist_t *node_get_declared_family(const node_t *node); +const ed25519_public_key_t *node_get_ed25519_id(const node_t *node); +int node_ed25519_id_matches(const node_t *node, + const ed25519_public_key_t *id); +int node_supports_ed25519_link_authentication(const node_t *node); +const uint8_t *node_get_rsa_id_digest(const node_t *node); int node_has_ipv6_addr(const node_t *node); int node_has_ipv6_orport(const node_t *node); @@ -118,7 +123,8 @@ typedef enum { * create exit and internal paths, circuits, streams, ... */ CONSENSUS_PATH_EXIT = 1 } consensus_path_type_t; -consensus_path_type_t router_have_consensus_path(void); + +MOCK_DECL(consensus_path_type_t, router_have_consensus_path, (void)); void router_dir_info_changed(void); const char *get_dir_info_status_string(void); diff --git a/src/or/onion.c b/src/or/onion.c index a987883802..42b9ca4b18 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -76,6 +76,9 @@ #include "rephist.h" #include "router.h" +// trunnel +#include "ed25519_cert.h" + /** Type for a linked list of circuits that are waiting for a free CPU worker * to process a waiting onion handshake. */ typedef struct onion_queue_t { @@ -871,13 +874,114 @@ check_extend_cell(const extend_cell_t *cell) return check_create_cell(&cell->create_cell, 1); } -/** Protocol constants for specifier types in EXTEND2 - * @{ - */ -#define SPECTYPE_IPV4 0 -#define SPECTYPE_IPV6 1 -#define SPECTYPE_LEGACY_ID 2 -/** @} */ +static int +extend_cell_from_extend1_cell_body(extend_cell_t *cell_out, + const extend1_cell_body_t *cell) +{ + tor_assert(cell_out); + tor_assert(cell); + memset(cell_out, 0, sizeof(*cell_out)); + tor_addr_make_unspec(&cell_out->orport_ipv4.addr); + tor_addr_make_unspec(&cell_out->orport_ipv6.addr); + + cell_out->cell_type = RELAY_COMMAND_EXTEND; + tor_addr_from_ipv4h(&cell_out->orport_ipv4.addr, cell->ipv4addr); + cell_out->orport_ipv4.port = cell->port; + if (tor_memeq(cell->onionskin, NTOR_CREATE_MAGIC, 16)) { + cell_out->create_cell.cell_type = CELL_CREATE2; + cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_NTOR; + cell_out->create_cell.handshake_len = NTOR_ONIONSKIN_LEN; + memcpy(cell_out->create_cell.onionskin, cell->onionskin + 16, + NTOR_ONIONSKIN_LEN); + } else { + cell_out->create_cell.cell_type = CELL_CREATE; + cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_TAP; + cell_out->create_cell.handshake_len = TAP_ONIONSKIN_CHALLENGE_LEN; + memcpy(cell_out->create_cell.onionskin, cell->onionskin, + TAP_ONIONSKIN_CHALLENGE_LEN); + } + memcpy(cell_out->node_id, cell->identity, DIGEST_LEN); + return 0; +} + +static int +create_cell_from_create2_cell_body(create_cell_t *cell_out, + const create2_cell_body_t *cell) +{ + tor_assert(cell_out); + tor_assert(cell); + memset(cell_out, 0, sizeof(create_cell_t)); + if (BUG(cell->handshake_len > sizeof(cell_out->onionskin))) { + /* This should be impossible because there just isn't enough room in the + * input cell to make the handshake_len this large and provide a + * handshake_data to match. */ + return -1; + } + + cell_out->cell_type = CELL_CREATE2; + cell_out->handshake_type = cell->handshake_type; + cell_out->handshake_len = cell->handshake_len; + memcpy(cell_out->onionskin, + create2_cell_body_getconstarray_handshake_data(cell), + cell->handshake_len); + return 0; +} + +static int +extend_cell_from_extend2_cell_body(extend_cell_t *cell_out, + const extend2_cell_body_t *cell) +{ + tor_assert(cell_out); + tor_assert(cell); + int found_ipv4 = 0, found_ipv6 = 0, found_rsa_id = 0, found_ed_id = 0; + memset(cell_out, 0, sizeof(*cell_out)); + tor_addr_make_unspec(&cell_out->orport_ipv4.addr); + tor_addr_make_unspec(&cell_out->orport_ipv6.addr); + cell_out->cell_type = RELAY_COMMAND_EXTEND2; + + unsigned i; + for (i = 0; i < cell->n_spec; ++i) { + const link_specifier_t *ls = extend2_cell_body_getconst_ls(cell, i); + switch (ls->ls_type) { + case LS_IPV4: + if (found_ipv4) + continue; + found_ipv4 = 1; + tor_addr_from_ipv4h(&cell_out->orport_ipv4.addr, ls->un_ipv4_addr); + cell_out->orport_ipv4.port = ls->un_ipv4_port; + break; + case LS_IPV6: + if (found_ipv6) + continue; + found_ipv6 = 1; + tor_addr_from_ipv6_bytes(&cell_out->orport_ipv6.addr, + (const char *)ls->un_ipv6_addr); + cell_out->orport_ipv6.port = ls->un_ipv6_port; + break; + case LS_LEGACY_ID: + if (found_rsa_id) + return -1; + found_rsa_id = 1; + memcpy(cell_out->node_id, ls->un_legacy_id, 20); + break; + case LS_ED25519_ID: + if (found_ed_id) + return -1; + found_ed_id = 1; + memcpy(cell_out->ed_pubkey.pubkey, ls->un_ed25519_id, 32); + break; + default: + /* Ignore this, whatever it is. */ + break; + } + } + + if (!found_rsa_id || !found_ipv4) /* These are mandatory */ + return -1; + + return create_cell_from_create2_cell_body(&cell_out->create_cell, + cell->create2); +} /** Parse an EXTEND or EXTEND2 cell (according to <b>command</b>) from the * <b>payload_length</b> bytes of <b>payload</b> into <b>cell_out</b>. Return @@ -886,101 +990,44 @@ int extend_cell_parse(extend_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_length) { - const uint8_t *eop; - memset(cell_out, 0, sizeof(*cell_out)); + tor_assert(cell_out); + tor_assert(payload); + if (payload_length > RELAY_PAYLOAD_SIZE) return -1; - eop = payload + payload_length; switch (command) { case RELAY_COMMAND_EXTEND: { - if (payload_length != 6 + TAP_ONIONSKIN_CHALLENGE_LEN + DIGEST_LEN) + extend1_cell_body_t *cell = NULL; + if (extend1_cell_body_parse(&cell, payload, payload_length)<0 || + cell == NULL) { + if (cell) + extend1_cell_body_free(cell); return -1; - - cell_out->cell_type = RELAY_COMMAND_EXTEND; - tor_addr_from_ipv4n(&cell_out->orport_ipv4.addr, get_uint32(payload)); - cell_out->orport_ipv4.port = ntohs(get_uint16(payload+4)); - tor_addr_make_unspec(&cell_out->orport_ipv6.addr); - if (tor_memeq(payload + 6, NTOR_CREATE_MAGIC, 16)) { - cell_out->create_cell.cell_type = CELL_CREATE2; - cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_NTOR; - cell_out->create_cell.handshake_len = NTOR_ONIONSKIN_LEN; - memcpy(cell_out->create_cell.onionskin, payload + 22, - NTOR_ONIONSKIN_LEN); - } else { - cell_out->create_cell.cell_type = CELL_CREATE; - cell_out->create_cell.handshake_type = ONION_HANDSHAKE_TYPE_TAP; - cell_out->create_cell.handshake_len = TAP_ONIONSKIN_CHALLENGE_LEN; - memcpy(cell_out->create_cell.onionskin, payload + 6, - TAP_ONIONSKIN_CHALLENGE_LEN); } - memcpy(cell_out->node_id, payload + 6 + TAP_ONIONSKIN_CHALLENGE_LEN, - DIGEST_LEN); - break; + int r = extend_cell_from_extend1_cell_body(cell_out, cell); + extend1_cell_body_free(cell); + if (r < 0) + return r; } + break; case RELAY_COMMAND_EXTEND2: { - uint8_t n_specs, spectype, speclen; - int i; - int found_ipv4 = 0, found_ipv6 = 0, found_id = 0; - tor_addr_make_unspec(&cell_out->orport_ipv4.addr); - tor_addr_make_unspec(&cell_out->orport_ipv6.addr); - - if (payload_length == 0) + extend2_cell_body_t *cell = NULL; + if (extend2_cell_body_parse(&cell, payload, payload_length) < 0 || + cell == NULL) { + if (cell) + extend2_cell_body_free(cell); return -1; - - cell_out->cell_type = RELAY_COMMAND_EXTEND2; - n_specs = *payload++; - /* Parse the specifiers. We'll only take the first IPv4 and first IPv6 - * address, and the node ID, and ignore everything else */ - for (i = 0; i < n_specs; ++i) { - if (eop - payload < 2) - return -1; - spectype = payload[0]; - speclen = payload[1]; - payload += 2; - if (eop - payload < speclen) - return -1; - switch (spectype) { - case SPECTYPE_IPV4: - if (speclen != 6) - return -1; - if (!found_ipv4) { - tor_addr_from_ipv4n(&cell_out->orport_ipv4.addr, - get_uint32(payload)); - cell_out->orport_ipv4.port = ntohs(get_uint16(payload+4)); - found_ipv4 = 1; - } - break; - case SPECTYPE_IPV6: - if (speclen != 18) - return -1; - if (!found_ipv6) { - tor_addr_from_ipv6_bytes(&cell_out->orport_ipv6.addr, - (const char*)payload); - cell_out->orport_ipv6.port = ntohs(get_uint16(payload+16)); - found_ipv6 = 1; - } - break; - case SPECTYPE_LEGACY_ID: - if (speclen != 20) - return -1; - if (found_id) - return -1; - memcpy(cell_out->node_id, payload, 20); - found_id = 1; - break; - } - payload += speclen; } - if (!found_id || !found_ipv4) - return -1; - if (parse_create2_payload(&cell_out->create_cell,payload,eop-payload)<0) - return -1; - break; + int r = extend_cell_from_extend2_cell_body(cell_out, cell); + extend2_cell_body_free(cell); + if (r < 0) + return r; } + break; default: return -1; } @@ -992,6 +1039,7 @@ extend_cell_parse(extend_cell_t *cell_out, const uint8_t command, static int check_extended_cell(const extended_cell_t *cell) { + tor_assert(cell); if (cell->created_cell.cell_type == CELL_CREATED) { if (cell->cell_type != RELAY_COMMAND_EXTENDED) return -1; @@ -1013,6 +1061,9 @@ extended_cell_parse(extended_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_len) { + tor_assert(cell_out); + tor_assert(payload); + memset(cell_out, 0, sizeof(*cell_out)); if (payload_len > RELAY_PAYLOAD_SIZE) return -1; @@ -1129,6 +1180,21 @@ created_cell_format(cell_t *cell_out, const created_cell_t *cell_in) return 0; } +/** Return true iff we are configured (by torrc or by the networkstatus + * parameters) to use Ed25519 identities in our Extend2 cells. */ +static int +should_include_ed25519_id_extend_cells(const networkstatus_t *ns, + const or_options_t *options) +{ + if (options->ExtendByEd25519ID != -1) + return options->ExtendByEd25519ID; /* The user has an opinion. */ + + return (int) networkstatus_get_param(ns, "ExtendByEd25519ID", + 0 /* default */, + 0 /* min */, + 1 /*max*/); +} + /** Format the EXTEND{,2} cell in <b>cell_in</b>, storing its relay payload in * <b>payload_out</b>, the number of bytes used in *<b>len_out</b>, and the * relay command in *<b>command_out</b>. The <b>payload_out</b> must have @@ -1137,12 +1203,11 @@ int extend_cell_format(uint8_t *command_out, uint16_t *len_out, uint8_t *payload_out, const extend_cell_t *cell_in) { - uint8_t *p, *eop; + uint8_t *p; if (check_extend_cell(cell_in) < 0) return -1; p = payload_out; - eop = payload_out + RELAY_PAYLOAD_SIZE; memset(p, 0, RELAY_PAYLOAD_SIZE); @@ -1165,33 +1230,56 @@ extend_cell_format(uint8_t *command_out, uint16_t *len_out, break; case RELAY_COMMAND_EXTEND2: { - uint8_t n = 2; + uint8_t n_specifiers = 2; *command_out = RELAY_COMMAND_EXTEND2; - - *p++ = n; /* 2 identifiers */ - *p++ = SPECTYPE_IPV4; /* First is IPV4. */ - *p++ = 6; /* It's 6 bytes long. */ - set_uint32(p, tor_addr_to_ipv4n(&cell_in->orport_ipv4.addr)); - set_uint16(p+4, htons(cell_in->orport_ipv4.port)); - p += 6; - *p++ = SPECTYPE_LEGACY_ID; /* Next is an identity digest. */ - *p++ = 20; /* It's 20 bytes long */ - memcpy(p, cell_in->node_id, DIGEST_LEN); - p += 20; - - /* Now we can send the handshake */ - set_uint16(p, htons(cell_in->create_cell.handshake_type)); - set_uint16(p+2, htons(cell_in->create_cell.handshake_len)); - p += 4; - - if (cell_in->create_cell.handshake_len > eop - p) - return -1; - - memcpy(p, cell_in->create_cell.onionskin, + extend2_cell_body_t *cell = extend2_cell_body_new(); + link_specifier_t *ls; + { + /* IPv4 specifier first. */ + ls = link_specifier_new(); + extend2_cell_body_add_ls(cell, ls); + ls->ls_type = LS_IPV4; + ls->ls_len = 6; + ls->un_ipv4_addr = tor_addr_to_ipv4h(&cell_in->orport_ipv4.addr); + ls->un_ipv4_port = cell_in->orport_ipv4.port; + } + { + /* Then RSA id */ + ls = link_specifier_new(); + extend2_cell_body_add_ls(cell, ls); + ls->ls_type = LS_LEGACY_ID; + ls->ls_len = DIGEST_LEN; + memcpy(ls->un_legacy_id, cell_in->node_id, DIGEST_LEN); + } + if (should_include_ed25519_id_extend_cells(NULL, get_options()) && + !ed25519_public_key_is_zero(&cell_in->ed_pubkey)) { + /* Then, maybe, the ed25519 id! */ + ++n_specifiers; + ls = link_specifier_new(); + extend2_cell_body_add_ls(cell, ls); + ls->ls_type = LS_ED25519_ID; + ls->ls_len = 32; + memcpy(ls->un_ed25519_id, cell_in->ed_pubkey.pubkey, 32); + } + cell->n_spec = n_specifiers; + + /* Now, the handshake */ + cell->create2 = create2_cell_body_new(); + cell->create2->handshake_type = cell_in->create_cell.handshake_type; + cell->create2->handshake_len = cell_in->create_cell.handshake_len; + create2_cell_body_setlen_handshake_data(cell->create2, + cell_in->create_cell.handshake_len); + memcpy(create2_cell_body_getarray_handshake_data(cell->create2), + cell_in->create_cell.onionskin, cell_in->create_cell.handshake_len); - p += cell_in->create_cell.handshake_len; - *len_out = p - payload_out; + ssize_t len_encoded = extend2_cell_body_encode( + payload_out, RELAY_PAYLOAD_SIZE, + cell); + extend2_cell_body_free(cell); + if (len_encoded < 0 || len_encoded > UINT16_MAX) + return -1; + *len_out = (uint16_t) len_encoded; } break; default: diff --git a/src/or/onion.h b/src/or/onion.h index 0275fa00d2..19e4a7c381 100644 --- a/src/or/onion.h +++ b/src/or/onion.h @@ -85,6 +85,8 @@ typedef struct extend_cell_t { tor_addr_port_t orport_ipv6; /** Identity fingerprint of the node we're conecting to.*/ uint8_t node_id[DIGEST_LEN]; + /** Ed25519 public identity key. Zero if not set. */ + ed25519_public_key_t ed_pubkey; /** The "create cell" embedded in this extend cell. Note that unlike the * create cells we generate ourself, this once can have a handshake type we * don't recognize. */ diff --git a/src/or/or.h b/src/or/or.h index 66717792b4..7e11bf05aa 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -114,6 +114,9 @@ #define NON_ANONYMOUS_MODE_ENABLED 1 #endif +/** Helper macro: Given a pointer to to.base_, of type from*, return &to. */ +#define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_)) + /** Length of longest allowable configured nickname. */ #define MAX_NICKNAME_LEN 19 /** Length of a router identity encoded as a hexadecimal digest, plus @@ -779,6 +782,24 @@ typedef struct rend_service_authorization_t { * establishment. Not all fields contain data depending on where this struct * is used. */ typedef struct rend_data_t { + /* Hidden service protocol version of this base object. */ + uint32_t version; + + /** List of HSDir fingerprints on which this request has been sent to. This + * contains binary identity digest of the directory of size DIGEST_LEN. */ + smartlist_t *hsdirs_fp; + + /** Rendezvous cookie used by both, client and service. */ + char rend_cookie[REND_COOKIE_LEN]; + + /** Number of streams associated with this rendezvous circuit. */ + int nr_streams; +} rend_data_t; + +typedef struct rend_data_v2_t { + /* Rendezvous base data. */ + rend_data_t base_; + /** Onion address (without the .onion part) that a client requests. */ char onion_address[REND_SERVICE_ID_LEN_BASE32+1]; @@ -800,17 +821,16 @@ typedef struct rend_data_t { /** Hash of the hidden service's PK used by a service. */ char rend_pk_digest[DIGEST_LEN]; +} rend_data_v2_t; - /** Rendezvous cookie used by both, client and service. */ - char rend_cookie[REND_COOKIE_LEN]; - - /** List of HSDir fingerprints on which this request has been sent to. - * This contains binary identity digest of the directory. */ - smartlist_t *hsdirs_fp; - - /** Number of streams associated with this rendezvous circuit. */ - int nr_streams; -} rend_data_t; +/* From a base rend_data_t object <b>d</d>, return the v2 object. */ +static inline +rend_data_v2_t *TO_REND_DATA_V2(const rend_data_t *d) +{ + tor_assert(d); + tor_assert(d->version == 2); + return DOWNCAST(rend_data_v2_t, d); +} /** Time interval for tracking replays of DH public keys received in * INTRODUCE2 cells. Used only to avoid launching multiple @@ -1348,13 +1368,30 @@ typedef struct listener_connection_t { #define OR_CERT_TYPE_RSA_ED_CROSSCERT 7 /**@}*/ -/** The one currently supported type of AUTHENTICATE cell. It contains +/** The first supported type of AUTHENTICATE cell. It contains * a bunch of structures signed with an RSA1024 key. The signed * structures include a HMAC using negotiated TLS secrets, and a digest * of all cells sent or received before the AUTHENTICATE cell (including * the random server-generated AUTH_CHALLENGE cell). */ #define AUTHTYPE_RSA_SHA256_TLSSECRET 1 +/** As AUTHTYPE_RSA_SHA256_TLSSECRET, but instead of using the + * negotiated TLS secrets, uses exported keying material from the TLS + * session as described in RFC 5705. + * + * Not used by today's tors, since everything that supports this + * also supports ED25519_SHA3_5705, which is better. + **/ +#define AUTHTYPE_RSA_SHA256_RFC5705 2 +/** As AUTHTYPE_RSA_SHA256_RFC5705, but uses an Ed25519 identity key to + * authenticate. */ +#define AUTHTYPE_ED25519_SHA256_RFC5705 3 +/* + * NOTE: authchallenge_type_is_better() relies on these AUTHTYPE codes + * being sorted in order of preference. If we someday add one with + * a higher numerical value that we don't like as much, we should revise + * authchallenge_type_is_better(). + */ /** The length of the part of the AUTHENTICATE cell body that the client and * server can generate independently (when using RSA_SHA256_TLSSECRET). It @@ -1365,6 +1402,34 @@ typedef struct listener_connection_t { * signs. */ #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16) +/** Structure to hold all the certificates we've received on an OR connection + */ +typedef struct or_handshake_certs_t { + /** True iff we originated this connection. */ + int started_here; + /** The cert for the 'auth' RSA key that's supposed to sign the AUTHENTICATE + * cell. Signed with the RSA identity key. */ + tor_x509_cert_t *auth_cert; + /** The cert for the 'link' RSA key that was used to negotiate the TLS + * connection. Signed with the RSA identity key. */ + tor_x509_cert_t *link_cert; + /** A self-signed identity certificate: the RSA identity key signed + * with itself. */ + tor_x509_cert_t *id_cert; + /** The Ed25519 signing key, signed with the Ed25519 identity key. */ + struct tor_cert_st *ed_id_sign; + /** A digest of the X509 link certificate for the TLS connection, signed + * with the Ed25519 siging key. */ + struct tor_cert_st *ed_sign_link; + /** The Ed25519 authentication key (that's supposed to sign an AUTHENTICATE + * cell) , signed with the Ed25519 siging key. */ + struct tor_cert_st *ed_sign_auth; + /** The Ed25519 identity key, crosssigned with the RSA identity key. */ + uint8_t *ed_rsa_crosscert; + /** The length of <b>ed_rsa_crosscert</b> in bytes */ + size_t ed_rsa_crosscert_len; +} or_handshake_certs_t; + /** Stores flags and information related to the portion of a v2/v3 Tor OR * connection handshake that happens after the TLS handshake is finished. */ @@ -1385,6 +1450,8 @@ typedef struct or_handshake_state_t { /* True iff we've received valid authentication to some identity. */ unsigned int authenticated : 1; + unsigned int authenticated_rsa : 1; + unsigned int authenticated_ed25519 : 1; /* True iff we have sent a netinfo cell */ unsigned int sent_netinfo : 1; @@ -1402,9 +1469,12 @@ typedef struct or_handshake_state_t { unsigned int digest_received_data : 1; /**@}*/ - /** Identity digest that we have received and authenticated for our peer + /** Identity RSA digest that we have received and authenticated for our peer * on this connection. */ - uint8_t authenticated_peer_id[DIGEST_LEN]; + uint8_t authenticated_rsa_peer_id[DIGEST_LEN]; + /** Identity Ed25519 public key that we have received and authenticated for + * our peer on this connection. */ + ed25519_public_key_t authenticated_ed25519_peer_id; /** Digests of the cells that we have sent or received as part of a V3 * handshake. Used for making and checking AUTHENTICATE cells. @@ -1417,14 +1487,8 @@ typedef struct or_handshake_state_t { /** Certificates that a connection initiator sent us in a CERTS cell; we're * holding on to them until we get an AUTHENTICATE cell. - * - * @{ */ - /** The cert for the key that's supposed to sign the AUTHENTICATE cell */ - tor_x509_cert_t *auth_cert; - /** A self-signed identity certificate */ - tor_x509_cert_t *id_cert; - /**@}*/ + or_handshake_certs_t *certs; } or_handshake_state_t; /** Length of Extended ORPort connection identifier. */ @@ -1517,8 +1581,6 @@ typedef struct or_connection_t { * bandwidthburst. (OPEN ORs only) */ int write_bucket; /**< When this hits 0, stop writing. Like read_bucket. */ - struct or_connection_t *next_with_same_id; /**< Next connection with same - * identity digest as this one. */ /** Last emptied read token bucket in msec since midnight; only used if * TB_EMPTY events are enabled. */ uint32_t read_emptied_time; @@ -1596,6 +1658,8 @@ typedef struct entry_connection_t { edge_connection_t edge_; /** Nickname of planned exit node -- used with .exit support. */ + /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too. + * That's logically part of the UI parts for prop220 though. */ char *chosen_exit_name; socks_request_t *socks_request; /**< SOCKS structure describing request (AP @@ -1761,8 +1825,6 @@ typedef struct control_connection_t { /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) -/** Helper macro: Given a pointer to to.base_, of type from*, return &to. */ -#define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_)) /** Cast a entry_connection_t subtype pointer to a edge_connection_t **/ #define ENTRY_TO_EDGE_CONN(c) (&(((c))->edge_)) @@ -2203,6 +2265,10 @@ typedef struct routerstatus_t { * accept EXTEND2 cells */ unsigned int supports_extend2_cells:1; + /** True iff this router has a protocol list that allows it to negotiate + * ed25519 identity keys on a link handshake. */ + unsigned int supports_ed25519_link_handshake:1; + unsigned int has_bandwidth:1; /**< The vote/consensus had bw info */ unsigned int has_exitsummary:1; /**< The vote/consensus had exit summaries */ unsigned int bw_is_unmeasured:1; /**< This is a consensus entry, with @@ -2365,9 +2431,6 @@ typedef struct node_t { /** Local info: we treat this node as if it rejects everything */ unsigned int rejects_all:1; - /** Local info: this node is in our list of guards */ - unsigned int using_as_guard:1; - /* Local info: derived. */ /** True if the IPv6 OR port is preferred over the IPv4 OR port. @@ -2647,7 +2710,10 @@ typedef struct { typedef struct extend_info_t { char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for * display. */ - char identity_digest[DIGEST_LEN]; /**< Hash of this router's identity key. */ + /** Hash of this router's RSA identity key. */ + char identity_digest[DIGEST_LEN]; + /** Ed25519 identity for this router, if any. */ + ed25519_public_key_t ed_identity; uint16_t port; /**< OR port. */ tor_addr_t addr; /**< IP address. */ crypto_pk_t *onion_key; /**< Current onionskin key. */ @@ -4507,6 +4573,15 @@ typedef struct { /** If 1, we skip all OOS checks. */ int DisableOOSCheck; + + /** Autobool: Should we include Ed25519 identities in extend2 cells? + * If -1, we should do whatever the consensus parameter says. */ + int ExtendByEd25519ID; + + /** Bool (default: 1): When testing routerinfos as a directory authority, + * do we enforce Ed25519 identity match? */ + /* NOTE: remove this option someday. */ + int AuthDirTestEd25519LinkKeys; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ diff --git a/src/or/parsecommon.c b/src/or/parsecommon.c new file mode 100644 index 0000000000..6622d7d671 --- /dev/null +++ b/src/or/parsecommon.c @@ -0,0 +1,450 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file parsecommon.c + * \brief Common code to parse and validate various type of descriptors. + **/ + +#include "parsecommon.h" +#include "torlog.h" +#include "util_format.h" + +#define MIN_ANNOTATION A_PURPOSE +#define MAX_ANNOTATION A_UNKNOWN_ + +#define ALLOC_ZERO(sz) memarea_alloc_zero(area,sz) +#define ALLOC(sz) memarea_alloc(area,sz) +#define STRDUP(str) memarea_strdup(area,str) +#define STRNDUP(str,n) memarea_strndup(area,(str),(n)) + +#define RET_ERR(msg) \ + STMT_BEGIN \ + if (tok) token_clear(tok); \ + tok = ALLOC_ZERO(sizeof(directory_token_t)); \ + tok->tp = ERR_; \ + tok->error = STRDUP(msg); \ + goto done_tokenizing; \ + STMT_END + +/** Free all resources allocated for <b>tok</b> */ +void +token_clear(directory_token_t *tok) +{ + if (tok->key) + crypto_pk_free(tok->key); +} + +/** Read all tokens from a string between <b>start</b> and <b>end</b>, and add + * them to <b>out</b>. Parse according to the token rules in <b>table</b>. + * Caller must free tokens in <b>out</b>. If <b>end</b> is NULL, use the + * entire string. + */ +int +tokenize_string(memarea_t *area, + const char *start, const char *end, smartlist_t *out, + token_rule_t *table, int flags) +{ + const char **s; + directory_token_t *tok = NULL; + int counts[NIL_]; + int i; + int first_nonannotation; + int prev_len = smartlist_len(out); + tor_assert(area); + + s = &start; + if (!end) { + end = start+strlen(start); + } else { + /* it's only meaningful to check for nuls if we got an end-of-string ptr */ + if (memchr(start, '\0', end-start)) { + log_warn(LD_DIR, "parse error: internal NUL character."); + return -1; + } + } + for (i = 0; i < NIL_; ++i) + counts[i] = 0; + + SMARTLIST_FOREACH(out, const directory_token_t *, t, ++counts[t->tp]); + + while (*s < end && (!tok || tok->tp != EOF_)) { + tok = get_next_token(area, s, end, table); + if (tok->tp == ERR_) { + log_warn(LD_DIR, "parse error: %s", tok->error); + token_clear(tok); + return -1; + } + ++counts[tok->tp]; + smartlist_add(out, tok); + *s = eat_whitespace_eos(*s, end); + } + + if (flags & TS_NOCHECK) + return 0; + + if ((flags & TS_ANNOTATIONS_OK)) { + first_nonannotation = -1; + for (i = 0; i < smartlist_len(out); ++i) { + tok = smartlist_get(out, i); + if (tok->tp < MIN_ANNOTATION || tok->tp > MAX_ANNOTATION) { + first_nonannotation = i; + break; + } + } + if (first_nonannotation < 0) { + log_warn(LD_DIR, "parse error: item contains only annotations"); + return -1; + } + for (i=first_nonannotation; i < smartlist_len(out); ++i) { + tok = smartlist_get(out, i); + if (tok->tp >= MIN_ANNOTATION && tok->tp <= MAX_ANNOTATION) { + log_warn(LD_DIR, "parse error: Annotations mixed with keywords"); + return -1; + } + } + if ((flags & TS_NO_NEW_ANNOTATIONS)) { + if (first_nonannotation != prev_len) { + log_warn(LD_DIR, "parse error: Unexpected annotations."); + return -1; + } + } + } else { + for (i=0; i < smartlist_len(out); ++i) { + tok = smartlist_get(out, i); + if (tok->tp >= MIN_ANNOTATION && tok->tp <= MAX_ANNOTATION) { + log_warn(LD_DIR, "parse error: no annotations allowed."); + return -1; + } + } + first_nonannotation = 0; + } + for (i = 0; table[i].t; ++i) { + if (counts[table[i].v] < table[i].min_cnt) { + log_warn(LD_DIR, "Parse error: missing %s element.", table[i].t); + return -1; + } + if (counts[table[i].v] > table[i].max_cnt) { + log_warn(LD_DIR, "Parse error: too many %s elements.", table[i].t); + return -1; + } + if (table[i].pos & AT_START) { + if (smartlist_len(out) < 1 || + (tok = smartlist_get(out, first_nonannotation))->tp != table[i].v) { + log_warn(LD_DIR, "Parse error: first item is not %s.", table[i].t); + return -1; + } + } + if (table[i].pos & AT_END) { + if (smartlist_len(out) < 1 || + (tok = smartlist_get(out, smartlist_len(out)-1))->tp != table[i].v) { + log_warn(LD_DIR, "Parse error: last item is not %s.", table[i].t); + return -1; + } + } + } + return 0; +} + +/** Helper: parse space-separated arguments from the string <b>s</b> ending at + * <b>eol</b>, and store them in the args field of <b>tok</b>. Store the + * number of parsed elements into the n_args field of <b>tok</b>. Allocate + * all storage in <b>area</b>. Return the number of arguments parsed, or + * return -1 if there was an insanely high number of arguments. */ +static inline int +get_token_arguments(memarea_t *area, directory_token_t *tok, + const char *s, const char *eol) +{ +/** Largest number of arguments we'll accept to any token, ever. */ +#define MAX_ARGS 512 + char *mem = memarea_strndup(area, s, eol-s); + char *cp = mem; + int j = 0; + char *args[MAX_ARGS]; + while (*cp) { + if (j == MAX_ARGS) + return -1; + args[j++] = cp; + cp = (char*)find_whitespace(cp); + if (!cp || !*cp) + break; /* End of the line. */ + *cp++ = '\0'; + cp = (char*)eat_whitespace(cp); + } + tok->n_args = j; + tok->args = memarea_memdup(area, args, j*sizeof(char*)); + return j; +#undef MAX_ARGS +} + +/** Helper: make sure that the token <b>tok</b> with keyword <b>kwd</b> obeys + * the object syntax of <b>o_syn</b>. Allocate all storage in <b>area</b>. + * Return <b>tok</b> on success, or a new ERR_ token if the token didn't + * conform to the syntax we wanted. + **/ +static inline directory_token_t * +token_check_object(memarea_t *area, const char *kwd, + directory_token_t *tok, obj_syntax o_syn) +{ + char ebuf[128]; + switch (o_syn) { + case NO_OBJ: + /* No object is allowed for this token. */ + if (tok->object_body) { + tor_snprintf(ebuf, sizeof(ebuf), "Unexpected object for %s", kwd); + RET_ERR(ebuf); + } + if (tok->key) { + tor_snprintf(ebuf, sizeof(ebuf), "Unexpected public key for %s", kwd); + RET_ERR(ebuf); + } + break; + case NEED_OBJ: + /* There must be a (non-key) object. */ + if (!tok->object_body) { + tor_snprintf(ebuf, sizeof(ebuf), "Missing object for %s", kwd); + RET_ERR(ebuf); + } + break; + case NEED_KEY_1024: /* There must be a 1024-bit public key. */ + case NEED_SKEY_1024: /* There must be a 1024-bit private key. */ + if (tok->key && crypto_pk_num_bits(tok->key) != PK_BYTES*8) { + tor_snprintf(ebuf, sizeof(ebuf), "Wrong size on key for %s: %d bits", + kwd, crypto_pk_num_bits(tok->key)); + RET_ERR(ebuf); + } + /* fall through */ + case NEED_KEY: /* There must be some kind of key. */ + if (!tok->key) { + tor_snprintf(ebuf, sizeof(ebuf), "Missing public key for %s", kwd); + RET_ERR(ebuf); + } + if (o_syn != NEED_SKEY_1024) { + if (crypto_pk_key_is_private(tok->key)) { + tor_snprintf(ebuf, sizeof(ebuf), + "Private key given for %s, which wants a public key", kwd); + RET_ERR(ebuf); + } + } else { /* o_syn == NEED_SKEY_1024 */ + if (!crypto_pk_key_is_private(tok->key)) { + tor_snprintf(ebuf, sizeof(ebuf), + "Public key given for %s, which wants a private key", kwd); + RET_ERR(ebuf); + } + } + break; + case OBJ_OK: + /* Anything goes with this token. */ + break; + } + + done_tokenizing: + return tok; +} + +/** Helper function: read the next token from *s, advance *s to the end of the + * token, and return the parsed token. Parse *<b>s</b> according to the list + * of tokens in <b>table</b>. + */ +directory_token_t * +get_next_token(memarea_t *area, + const char **s, const char *eos, token_rule_t *table) +{ + /** Reject any object at least this big; it is probably an overflow, an + * attack, a bug, or some other nonsense. */ +#define MAX_UNPARSED_OBJECT_SIZE (128*1024) + /** Reject any line at least this big; it is probably an overflow, an + * attack, a bug, or some other nonsense. */ +#define MAX_LINE_LENGTH (128*1024) + + const char *next, *eol, *obstart; + size_t obname_len; + int i; + directory_token_t *tok; + obj_syntax o_syn = NO_OBJ; + char ebuf[128]; + const char *kwd = ""; + + tor_assert(area); + tok = ALLOC_ZERO(sizeof(directory_token_t)); + tok->tp = ERR_; + + /* Set *s to first token, eol to end-of-line, next to after first token */ + *s = eat_whitespace_eos(*s, eos); /* eat multi-line whitespace */ + tor_assert(eos >= *s); + eol = memchr(*s, '\n', eos-*s); + if (!eol) + eol = eos; + if (eol - *s > MAX_LINE_LENGTH) { + RET_ERR("Line far too long"); + } + + next = find_whitespace_eos(*s, eol); + + if (!strcmp_len(*s, "opt", next-*s)) { + /* Skip past an "opt" at the start of the line. */ + *s = eat_whitespace_eos_no_nl(next, eol); + next = find_whitespace_eos(*s, eol); + } else if (*s == eos) { /* If no "opt", and end-of-line, line is invalid */ + RET_ERR("Unexpected EOF"); + } + + /* Search the table for the appropriate entry. (I tried a binary search + * instead, but it wasn't any faster.) */ + for (i = 0; table[i].t ; ++i) { + if (!strcmp_len(*s, table[i].t, next-*s)) { + /* We've found the keyword. */ + kwd = table[i].t; + tok->tp = table[i].v; + o_syn = table[i].os; + *s = eat_whitespace_eos_no_nl(next, eol); + /* We go ahead whether there are arguments or not, so that tok->args is + * always set if we want arguments. */ + if (table[i].concat_args) { + /* The keyword takes the line as a single argument */ + tok->args = ALLOC(sizeof(char*)); + tok->args[0] = STRNDUP(*s,eol-*s); /* Grab everything on line */ + tok->n_args = 1; + } else { + /* This keyword takes multiple arguments. */ + if (get_token_arguments(area, tok, *s, eol)<0) { + tor_snprintf(ebuf, sizeof(ebuf),"Far too many arguments to %s", kwd); + RET_ERR(ebuf); + } + *s = eol; + } + if (tok->n_args < table[i].min_args) { + tor_snprintf(ebuf, sizeof(ebuf), "Too few arguments to %s", kwd); + RET_ERR(ebuf); + } else if (tok->n_args > table[i].max_args) { + tor_snprintf(ebuf, sizeof(ebuf), "Too many arguments to %s", kwd); + RET_ERR(ebuf); + } + break; + } + } + + if (tok->tp == ERR_) { + /* No keyword matched; call it an "K_opt" or "A_unrecognized" */ + if (**s == '@') + tok->tp = A_UNKNOWN_; + else + tok->tp = K_OPT; + tok->args = ALLOC(sizeof(char*)); + tok->args[0] = STRNDUP(*s, eol-*s); + tok->n_args = 1; + o_syn = OBJ_OK; + } + + /* Check whether there's an object present */ + *s = eat_whitespace_eos(eol, eos); /* Scan from end of first line */ + tor_assert(eos >= *s); + eol = memchr(*s, '\n', eos-*s); + if (!eol || eol-*s<11 || strcmpstart(*s, "-----BEGIN ")) /* No object. */ + goto check_object; + + obstart = *s; /* Set obstart to start of object spec */ + if (*s+16 >= eol || memchr(*s+11,'\0',eol-*s-16) || /* no short lines, */ + strcmp_len(eol-5, "-----", 5) || /* nuls or invalid endings */ + (eol-*s) > MAX_UNPARSED_OBJECT_SIZE) { /* name too long */ + RET_ERR("Malformed object: bad begin line"); + } + tok->object_type = STRNDUP(*s+11, eol-*s-16); + obname_len = eol-*s-16; /* store objname length here to avoid a strlen() */ + *s = eol+1; /* Set *s to possible start of object data (could be eos) */ + + /* Go to the end of the object */ + next = tor_memstr(*s, eos-*s, "-----END "); + if (!next) { + RET_ERR("Malformed object: missing object end line"); + } + tor_assert(eos >= next); + eol = memchr(next, '\n', eos-next); + if (!eol) /* end-of-line marker, or eos if there's no '\n' */ + eol = eos; + /* Validate the ending tag, which should be 9 + NAME + 5 + eol */ + if ((size_t)(eol-next) != 9+obname_len+5 || + strcmp_len(next+9, tok->object_type, obname_len) || + strcmp_len(eol-5, "-----", 5)) { + tor_snprintf(ebuf, sizeof(ebuf), "Malformed object: mismatched end tag %s", + tok->object_type); + ebuf[sizeof(ebuf)-1] = '\0'; + RET_ERR(ebuf); + } + if (next - *s > MAX_UNPARSED_OBJECT_SIZE) + RET_ERR("Couldn't parse object: missing footer or object much too big."); + + if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */ + tok->key = crypto_pk_new(); + if (crypto_pk_read_public_key_from_string(tok->key, obstart, eol-obstart)) + RET_ERR("Couldn't parse public key."); + } else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */ + tok->key = crypto_pk_new(); + if (crypto_pk_read_private_key_from_string(tok->key, obstart, eol-obstart)) + RET_ERR("Couldn't parse private key."); + } else { /* If it's something else, try to base64-decode it */ + int r; + tok->object_body = ALLOC(next-*s); /* really, this is too much RAM. */ + r = base64_decode(tok->object_body, next-*s, *s, next-*s); + if (r<0) + RET_ERR("Malformed object: bad base64-encoded data"); + tok->object_size = r; + } + *s = eol; + + check_object: + tok = token_check_object(area, kwd, tok, o_syn); + + done_tokenizing: + return tok; + +#undef RET_ERR +#undef ALLOC +#undef ALLOC_ZERO +#undef STRDUP +#undef STRNDUP +} + +/** Find the first token in <b>s</b> whose keyword is <b>keyword</b>; fail + * with an assert if no such keyword is found. + */ +directory_token_t * +find_by_keyword_(smartlist_t *s, directory_keyword keyword, + const char *keyword_as_string) +{ + directory_token_t *tok = find_opt_by_keyword(s, keyword); + if (PREDICT_UNLIKELY(!tok)) { + log_err(LD_BUG, "Missing %s [%d] in directory object that should have " + "been validated. Internal error.", keyword_as_string, (int)keyword); + tor_assert(tok); + } + return tok; +} + +/** Find the first token in <b>s</b> whose keyword is <b>keyword</b>; return + * NULL if no such keyword is found. + */ +directory_token_t * +find_opt_by_keyword(smartlist_t *s, directory_keyword keyword) +{ + SMARTLIST_FOREACH(s, directory_token_t *, t, if (t->tp == keyword) return t); + return NULL; +} + +/** If there are any directory_token_t entries in <b>s</b> whose keyword is + * <b>k</b>, return a newly allocated smartlist_t containing all such entries, + * in the same order in which they occur in <b>s</b>. Otherwise return + * NULL. */ +smartlist_t * +find_all_by_keyword(smartlist_t *s, directory_keyword k) +{ + smartlist_t *out = NULL; + SMARTLIST_FOREACH(s, directory_token_t *, t, + if (t->tp == k) { + if (!out) + out = smartlist_new(); + smartlist_add(out, t); + }); + return out; +} + diff --git a/src/or/parsecommon.h b/src/or/parsecommon.h new file mode 100644 index 0000000000..3019df63eb --- /dev/null +++ b/src/or/parsecommon.h @@ -0,0 +1,315 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file parsecommon.h + * \brief Header file for parsecommon.c + **/ + +#ifndef TOR_PARSECOMMON_H +#define TOR_PARSECOMMON_H + +#include "container.h" +#include "crypto.h" +#include "memarea.h" + +/** Enumeration of possible token types. The ones starting with K_ correspond +* to directory 'keywords'. A_ is for an annotation, R or C is related to +* hidden services, ERR_ is an error in the tokenizing process, EOF_ is an +* end-of-file marker, and NIL_ is used to encode not-a-token. +*/ +typedef enum { + K_ACCEPT = 0, + K_ACCEPT6, + K_DIRECTORY_SIGNATURE, + K_RECOMMENDED_SOFTWARE, + K_REJECT, + K_REJECT6, + K_ROUTER, + K_SIGNED_DIRECTORY, + K_SIGNING_KEY, + K_ONION_KEY, + K_ONION_KEY_NTOR, + K_ROUTER_SIGNATURE, + K_PUBLISHED, + K_RUNNING_ROUTERS, + K_ROUTER_STATUS, + K_PLATFORM, + K_PROTO, + K_OPT, + K_BANDWIDTH, + K_CONTACT, + K_NETWORK_STATUS, + K_UPTIME, + K_DIR_SIGNING_KEY, + K_FAMILY, + K_FINGERPRINT, + K_HIBERNATING, + K_READ_HISTORY, + K_WRITE_HISTORY, + K_NETWORK_STATUS_VERSION, + K_DIR_SOURCE, + K_DIR_OPTIONS, + K_CLIENT_VERSIONS, + K_SERVER_VERSIONS, + K_RECOMMENDED_CLIENT_PROTOCOLS, + K_RECOMMENDED_RELAY_PROTOCOLS, + K_REQUIRED_CLIENT_PROTOCOLS, + K_REQUIRED_RELAY_PROTOCOLS, + K_OR_ADDRESS, + K_ID, + K_P, + K_P6, + K_R, + K_A, + K_S, + K_V, + K_W, + K_M, + K_EXTRA_INFO, + K_EXTRA_INFO_DIGEST, + K_CACHES_EXTRA_INFO, + K_HIDDEN_SERVICE_DIR, + K_ALLOW_SINGLE_HOP_EXITS, + K_IPV6_POLICY, + K_ROUTER_SIG_ED25519, + K_IDENTITY_ED25519, + K_MASTER_KEY_ED25519, + K_ONION_KEY_CROSSCERT, + K_NTOR_ONION_KEY_CROSSCERT, + + K_DIRREQ_END, + K_DIRREQ_V2_IPS, + K_DIRREQ_V3_IPS, + K_DIRREQ_V2_REQS, + K_DIRREQ_V3_REQS, + K_DIRREQ_V2_SHARE, + K_DIRREQ_V3_SHARE, + K_DIRREQ_V2_RESP, + K_DIRREQ_V3_RESP, + K_DIRREQ_V2_DIR, + K_DIRREQ_V3_DIR, + K_DIRREQ_V2_TUN, + K_DIRREQ_V3_TUN, + K_ENTRY_END, + K_ENTRY_IPS, + K_CELL_END, + K_CELL_PROCESSED, + K_CELL_QUEUED, + K_CELL_TIME, + K_CELL_CIRCS, + K_EXIT_END, + K_EXIT_WRITTEN, + K_EXIT_READ, + K_EXIT_OPENED, + + K_DIR_KEY_CERTIFICATE_VERSION, + K_DIR_IDENTITY_KEY, + K_DIR_KEY_PUBLISHED, + K_DIR_KEY_EXPIRES, + K_DIR_KEY_CERTIFICATION, + K_DIR_KEY_CROSSCERT, + K_DIR_ADDRESS, + K_DIR_TUNNELLED, + + K_VOTE_STATUS, + K_VALID_AFTER, + K_FRESH_UNTIL, + K_VALID_UNTIL, + K_VOTING_DELAY, + + K_KNOWN_FLAGS, + K_PARAMS, + K_BW_WEIGHTS, + K_VOTE_DIGEST, + K_CONSENSUS_DIGEST, + K_ADDITIONAL_DIGEST, + K_ADDITIONAL_SIGNATURE, + K_CONSENSUS_METHODS, + K_CONSENSUS_METHOD, + K_LEGACY_DIR_KEY, + K_DIRECTORY_FOOTER, + K_SIGNING_CERT_ED, + K_SR_FLAG, + K_COMMIT, + K_PREVIOUS_SRV, + K_CURRENT_SRV, + K_PACKAGE, + + A_PURPOSE, + A_LAST_LISTED, + A_UNKNOWN_, + + R_RENDEZVOUS_SERVICE_DESCRIPTOR, + R_VERSION, + R_PERMANENT_KEY, + R_SECRET_ID_PART, + R_PUBLICATION_TIME, + R_PROTOCOL_VERSIONS, + R_INTRODUCTION_POINTS, + R_SIGNATURE, + + R_HS_DESCRIPTOR, /* From version 3, this MUST be generic to all future + descriptor versions thus making it R_. */ + R3_DESC_LIFETIME, + R3_DESC_SIGNING_CERT, + R3_REVISION_COUNTER, + R3_ENCRYPTED, + R3_SIGNATURE, + R3_CREATE2_FORMATS, + R3_AUTHENTICATION_REQUIRED, + R3_SINGLE_ONION_SERVICE, + R3_INTRODUCTION_POINT, + R3_INTRO_AUTH_KEY, + R3_INTRO_ENC_KEY, + R3_INTRO_ENC_KEY_CERTIFICATION, + + R_IPO_IDENTIFIER, + R_IPO_IP_ADDRESS, + R_IPO_ONION_PORT, + R_IPO_ONION_KEY, + R_IPO_SERVICE_KEY, + + C_CLIENT_NAME, + C_DESCRIPTOR_COOKIE, + C_CLIENT_KEY, + + ERR_, + EOF_, + NIL_ +} directory_keyword; + +/** Structure to hold a single directory token. + * + * We parse a directory by breaking it into "tokens", each consisting + * of a keyword, a line full of arguments, and a binary object. The + * arguments and object are both optional, depending on the keyword + * type. + * + * This structure is only allocated in memareas; do not allocate it on + * the heap, or token_clear() won't work. + */ +typedef struct directory_token_t { + directory_keyword tp; /**< Type of the token. */ + int n_args:30; /**< Number of elements in args */ + char **args; /**< Array of arguments from keyword line. */ + + char *object_type; /**< -----BEGIN [object_type]-----*/ + size_t object_size; /**< Bytes in object_body */ + char *object_body; /**< Contents of object, base64-decoded. */ + + crypto_pk_t *key; /**< For public keys only. Heap-allocated. */ + + char *error; /**< For ERR_ tokens only. */ +} directory_token_t; + +/** We use a table of rules to decide how to parse each token type. */ + +/** Rules for whether the keyword needs an object. */ +typedef enum { + NO_OBJ, /**< No object, ever. */ + NEED_OBJ, /**< Object is required. */ + NEED_SKEY_1024,/**< Object is required, and must be a 1024 bit private key */ + NEED_KEY_1024, /**< Object is required, and must be a 1024 bit public key */ + NEED_KEY, /**< Object is required, and must be a public key. */ + OBJ_OK, /**< Object is optional. */ +} obj_syntax; + +#define AT_START 1 +#define AT_END 2 + +#define TS_ANNOTATIONS_OK 1 +#define TS_NOCHECK 2 +#define TS_NO_NEW_ANNOTATIONS 4 + +/** + * @name macros for defining token rules + * + * Helper macros to define token tables. 's' is a string, 't' is a + * directory_keyword, 'a' is a trio of argument multiplicities, and 'o' is an + * object syntax. + */ +/**@{*/ + +/** Appears to indicate the end of a table. */ +#define END_OF_TABLE { NULL, NIL_, 0,0,0, NO_OBJ, 0, INT_MAX, 0, 0 } +/** An item with no restrictions: used for obsolete document types */ +#define T(s,t,a,o) { s, t, a, o, 0, INT_MAX, 0, 0 } +/** An item with no restrictions on multiplicity or location. */ +#define T0N(s,t,a,o) { s, t, a, o, 0, INT_MAX, 0, 0 } +/** An item that must appear exactly once */ +#define T1(s,t,a,o) { s, t, a, o, 1, 1, 0, 0 } +/** An item that must appear exactly once, at the start of the document */ +#define T1_START(s,t,a,o) { s, t, a, o, 1, 1, AT_START, 0 } +/** An item that must appear exactly once, at the end of the document */ +#define T1_END(s,t,a,o) { s, t, a, o, 1, 1, AT_END, 0 } +/** An item that must appear one or more times */ +#define T1N(s,t,a,o) { s, t, a, o, 1, INT_MAX, 0, 0 } +/** An item that must appear no more than once */ +#define T01(s,t,a,o) { s, t, a, o, 0, 1, 0, 0 } +/** An annotation that must appear no more than once */ +#define A01(s,t,a,o) { s, t, a, o, 0, 1, 0, 1 } + +/** Argument multiplicity: any number of arguments. */ +#define ARGS 0,INT_MAX,0 +/** Argument multiplicity: no arguments. */ +#define NO_ARGS 0,0,0 +/** Argument multiplicity: concatenate all arguments. */ +#define CONCAT_ARGS 1,1,1 +/** Argument multiplicity: at least <b>n</b> arguments. */ +#define GE(n) n,INT_MAX,0 +/** Argument multiplicity: exactly <b>n</b> arguments. */ +#define EQ(n) n,n,0 +/**@}*/ + +/** Determines the parsing rules for a single token type. */ +typedef struct token_rule_t { + /** The string value of the keyword identifying the type of item. */ + const char *t; + /** The corresponding directory_keyword enum. */ + directory_keyword v; + /** Minimum number of arguments for this item */ + int min_args; + /** Maximum number of arguments for this item */ + int max_args; + /** If true, we concatenate all arguments for this item into a single + * string. */ + int concat_args; + /** Requirements on object syntax for this item. */ + obj_syntax os; + /** Lowest number of times this item may appear in a document. */ + int min_cnt; + /** Highest number of times this item may appear in a document. */ + int max_cnt; + /** One or more of AT_START/AT_END to limit where the item may appear in a + * document. */ + int pos; + /** True iff this token is an annotation. */ + int is_annotation; +} token_rule_t; + +void token_clear(directory_token_t *tok); + +int tokenize_string(memarea_t *area, + const char *start, const char *end, + smartlist_t *out, + token_rule_t *table, + int flags); +directory_token_t *get_next_token(memarea_t *area, + const char **s, + const char *eos, + token_rule_t *table); + +directory_token_t *find_by_keyword_(smartlist_t *s, + directory_keyword keyword, + const char *keyword_str); + +#define find_by_keyword(s, keyword) \ + find_by_keyword_((s), (keyword), #keyword) + +directory_token_t *find_opt_by_keyword(smartlist_t *s, + directory_keyword keyword); +smartlist_t * find_all_by_keyword(smartlist_t *s, directory_keyword k); + +#endif /* TOR_PARSECOMMON_H */ + diff --git a/src/or/policies.c b/src/or/policies.c index 227e168d9d..f4c0cddbcc 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -6,6 +6,13 @@ /** * \file policies.c * \brief Code to parse and use address policies and exit policies. + * + * We have two key kinds of address policy: full and compressed. A full + * policy is an array of accept/reject patterns, to be applied in order. + * A short policy is simply a list of ports. This module handles both + * kinds, including generic functions to apply them to addresses, and + * also including code to manage the global policies that we apply to + * incoming and outgoing connections. **/ #define POLICIES_PRIVATE @@ -2460,9 +2467,9 @@ policy_summarize(smartlist_t *policy, sa_family_t family) tor_snprintf(buf, sizeof(buf), "%d-%d", start_prt, AT(i)->prt_max); if (AT(i)->accepted) - smartlist_add(accepts, tor_strdup(buf)); + smartlist_add_strdup(accepts, buf); else - smartlist_add(rejects, tor_strdup(buf)); + smartlist_add_strdup(rejects, buf); if (last) break; @@ -2643,7 +2650,7 @@ write_short_policy(const short_policy_t *policy) smartlist_add_asprintf(sl, "%d-%d", e->min_port, e->max_port); } if (i < policy->n_entries-1) - smartlist_add(sl, tor_strdup(",")); + smartlist_add_strdup(sl, ","); } answer = smartlist_join_strings(sl, "", 0, NULL); SMARTLIST_FOREACH(sl, char *, a, tor_free(a)); diff --git a/src/or/protover.c b/src/or/protover.c index 0a4d4fb8fd..ceaf2d5ccf 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -293,7 +293,7 @@ protover_get_supported_protocols(void) "HSIntro=3 " "HSRend=1-2 " "Link=1-4 " - "LinkAuth=1 " + "LinkAuth=1,3 " "Microdesc=1-2 " "Relay=1-2"; } @@ -348,7 +348,7 @@ encode_protocol_list(const smartlist_t *sl) const char *separator = ""; smartlist_t *chunks = smartlist_new(); SMARTLIST_FOREACH_BEGIN(sl, const proto_entry_t *, ent) { - smartlist_add(chunks, tor_strdup(separator)); + smartlist_add_strdup(chunks, separator); proto_entry_encode_into(chunks, ent); @@ -477,7 +477,7 @@ contract_protocol_list(const smartlist_t *proto_strings) smartlist_sort(lst, cmp_single_ent_by_version); if (! first_entry) - smartlist_add(chunks, tor_strdup(" ")); + smartlist_add_strdup(chunks, " "); /* We're going to construct this entry from the ranges. */ proto_entry_t *entry = tor_malloc_zero(sizeof(proto_entry_t)); diff --git a/src/or/relay.c b/src/or/relay.c index 1794215378..8d48239e47 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -8,6 +8,41 @@ * \file relay.c * \brief Handle relay cell encryption/decryption, plus packaging and * receiving from circuits, plus queuing on circuits. + * + * This is a core modules that makes Tor work. It's responsible for + * dealing with RELAY cells (the ones that travel more than one hop along a + * circuit), by: + * <ul> + * <li>constructing relays cells, + * <li>encrypting relay cells, + * <li>decrypting relay cells, + * <li>demultiplexing relay cells as they arrive on a connection, + * <li>queueing relay cells for retransmission, + * <li>or handling relay cells that are for us to receive (as an exit or a + * client). + * </ul> + * + * RELAY cells are generated throughout the code at the client or relay side, + * using relay_send_command_from_edge() or one of the functions like + * connection_edge_send_command() that calls it. Of particular interest is + * connection_edge_package_raw_inbuf(), which takes information that has + * arrived on an edge connection socket, and packages it as a RELAY_DATA cell + * -- this is how information is actually sent across the Tor network. The + * cryptography for these functions is handled deep in + * circuit_package_relay_cell(), which either adds a single layer of + * encryption (if we're an exit), or multiple layers (if we're the origin of + * the circuit). After construction and encryption, the RELAY cells are + * passed to append_cell_to_circuit_queue(), which queues them for + * transmission and tells the circuitmux (see circuitmux.c) that the circuit + * is waiting to send something. + * + * Incoming RELAY cells arrive at circuit_receive_relay_cell(), called from + * command.c. There they are decrypted and, if they are for us, are passed to + * connection_edge_process_relay_cell(). If they're not for us, they're + * re-queued for retransmission again with append_cell_to_circuit_queue(). + * + * The connection_edge_process_relay_cell() function handles all the different + * types of relay cells, launching requests or transmitting data as needed. **/ #define RELAY_PRIVATE @@ -25,6 +60,7 @@ #include "connection_or.h" #include "control.h" #include "geoip.h" +#include "hs_cache.h" #include "main.h" #include "networkstatus.h" #include "nodelist.h" @@ -575,14 +611,14 @@ relay_send_command_from_edge_(streamid_t stream_id, circuit_t *circ, memset(&cell, 0, sizeof(cell_t)); cell.command = CELL_RELAY; - if (cpath_layer) { + if (CIRCUIT_IS_ORIGIN(circ)) { + tor_assert(cpath_layer); cell.circ_id = circ->n_circ_id; cell_direction = CELL_DIRECTION_OUT; - } else if (! CIRCUIT_IS_ORIGIN(circ)) { + } else { + tor_assert(! cpath_layer); cell.circ_id = TO_OR_CIRCUIT(circ)->p_circ_id; cell_direction = CELL_DIRECTION_IN; - } else { - return -1; } memset(&rh, 0, sizeof(rh)); @@ -2404,9 +2440,7 @@ cell_queues_check_size(void) if (rend_cache_total > get_options()->MaxMemInQueues / 5) { const size_t bytes_to_remove = rend_cache_total - (size_t)(get_options()->MaxMemInQueues / 10); - rend_cache_clean_v2_descs_as_dir(time(NULL), bytes_to_remove); - alloc -= rend_cache_total; - alloc += rend_cache_get_total_allocation(); + alloc -= hs_cache_handle_oom(time(NULL), bytes_to_remove); } circuits_handle_oom(alloc); return 1; diff --git a/src/or/rendcache.c b/src/or/rendcache.c index e61a96b677..bf43407289 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -86,7 +86,7 @@ rend_cache_get_total_allocation(void) } /** Decrement the total bytes attributed to the rendezvous cache by n. */ -STATIC void +void rend_cache_decrement_allocation(size_t n) { static int have_underflowed = 0; @@ -103,7 +103,7 @@ rend_cache_decrement_allocation(size_t n) } /** Increase the total bytes attributed to the rendezvous cache by n. */ -STATIC void +void rend_cache_increment_allocation(size_t n) { static int have_overflowed = 0; @@ -462,45 +462,36 @@ rend_cache_intro_failure_note(rend_intro_point_failure_t failure, } /** Remove all old v2 descriptors and those for which this hidden service - * directory is not responsible for any more. - * - * If at all possible, remove at least <b>force_remove</b> bytes of data. - */ -void -rend_cache_clean_v2_descs_as_dir(time_t now, size_t force_remove) + * directory is not responsible for any more. The cutoff is the time limit for + * which we want to keep the cache entry. In other words, any entry created + * before will be removed. */ +size_t +rend_cache_clean_v2_descs_as_dir(time_t cutoff) { digestmap_iter_t *iter; - time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW; - const int LAST_SERVED_CUTOFF_STEP = 1800; - time_t last_served_cutoff = cutoff; size_t bytes_removed = 0; - do { - for (iter = digestmap_iter_init(rend_cache_v2_dir); - !digestmap_iter_done(iter); ) { - const char *key; - void *val; - rend_cache_entry_t *ent; - digestmap_iter_get(iter, &key, &val); - ent = val; - if (ent->parsed->timestamp < cutoff || - ent->last_served < last_served_cutoff) { - char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; - base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN); - log_info(LD_REND, "Removing descriptor with ID '%s' from cache", - safe_str_client(key_base32)); - bytes_removed += rend_cache_entry_allocation(ent); - iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter); - rend_cache_entry_free(ent); - } else { - iter = digestmap_iter_next(rend_cache_v2_dir, iter); - } + + for (iter = digestmap_iter_init(rend_cache_v2_dir); + !digestmap_iter_done(iter); ) { + const char *key; + void *val; + rend_cache_entry_t *ent; + digestmap_iter_get(iter, &key, &val); + ent = val; + if (ent->parsed->timestamp < cutoff) { + char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; + base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN); + log_info(LD_REND, "Removing descriptor with ID '%s' from cache", + safe_str_client(key_base32)); + bytes_removed += rend_cache_entry_allocation(ent); + iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter); + rend_cache_entry_free(ent); + } else { + iter = digestmap_iter_next(rend_cache_v2_dir, iter); } + } - /* In case we didn't remove enough bytes, advance the cutoff a little. */ - last_served_cutoff += LAST_SERVED_CUTOFF_STEP; - if (last_served_cutoff > now) - break; - } while (bytes_removed < force_remove); + return bytes_removed; } /** Lookup in the client cache the given service ID <b>query</b> for @@ -849,6 +840,8 @@ rend_cache_store_v2_desc_as_client(const char *desc, char want_desc_id[DIGEST_LEN]; rend_cache_entry_t *e; int retval = -1; + rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query); + tor_assert(rend_cache); tor_assert(desc); tor_assert(desc_id_base32); @@ -874,11 +867,11 @@ rend_cache_store_v2_desc_as_client(const char *desc, log_warn(LD_REND, "Couldn't compute service ID."); goto err; } - if (rend_query->onion_address[0] != '\0' && - strcmp(rend_query->onion_address, service_id)) { + if (rend_data->onion_address[0] != '\0' && + strcmp(rend_data->onion_address, service_id)) { log_warn(LD_REND, "Received service descriptor for service ID %s; " "expected descriptor for service ID %s.", - service_id, safe_str(rend_query->onion_address)); + service_id, safe_str(rend_data->onion_address)); goto err; } if (tor_memneq(desc_id, want_desc_id, DIGEST_LEN)) { @@ -890,14 +883,14 @@ rend_cache_store_v2_desc_as_client(const char *desc, /* Decode/decrypt introduction points. */ if (intro_content && intro_size > 0) { int n_intro_points; - if (rend_query->auth_type != REND_NO_AUTH && - !tor_mem_is_zero(rend_query->descriptor_cookie, - sizeof(rend_query->descriptor_cookie))) { + if (rend_data->auth_type != REND_NO_AUTH && + !tor_mem_is_zero(rend_data->descriptor_cookie, + sizeof(rend_data->descriptor_cookie))) { char *ipos_decrypted = NULL; size_t ipos_decrypted_size; if (rend_decrypt_introduction_points(&ipos_decrypted, &ipos_decrypted_size, - rend_query->descriptor_cookie, + rend_data->descriptor_cookie, intro_content, intro_size) < 0) { log_warn(LD_REND, "Failed to decrypt introduction points. We are " diff --git a/src/or/rendcache.h b/src/or/rendcache.h index 270b614c38..746f142fcc 100644 --- a/src/or/rendcache.h +++ b/src/or/rendcache.h @@ -53,10 +53,17 @@ typedef enum { REND_CACHE_TYPE_SERVICE = 2, } rend_cache_type_t; +/* Return maximum lifetime in seconds of a cache entry. */ +static inline time_t +rend_cache_max_entry_lifetime(void) +{ + return REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW; +} + void rend_cache_init(void); void rend_cache_clean(time_t now, rend_cache_type_t cache_type); void rend_cache_failure_clean(time_t now); -void rend_cache_clean_v2_descs_as_dir(time_t now, size_t min_to_remove); +size_t rend_cache_clean_v2_descs_as_dir(time_t cutoff); void rend_cache_purge(void); void rend_cache_free_all(void); int rend_cache_lookup_entry(const char *query, int version, @@ -77,6 +84,8 @@ void rend_cache_intro_failure_note(rend_intro_point_failure_t failure, const uint8_t *identity, const char *service_id); void rend_cache_failure_purge(void); +void rend_cache_decrement_allocation(size_t n); +void rend_cache_increment_allocation(size_t n); #ifdef RENDCACHE_PRIVATE @@ -89,8 +98,6 @@ STATIC int cache_failure_intro_lookup(const uint8_t *identity, const char *service_id, rend_cache_failure_intro_t **intro_entry); -STATIC void rend_cache_decrement_allocation(size_t n); -STATIC void rend_cache_increment_allocation(size_t n); STATIC rend_cache_failure_intro_t *rend_cache_failure_intro_entry_new( rend_intro_point_failure_t failure); STATIC rend_cache_failure_t *rend_cache_failure_entry_new(void); diff --git a/src/or/rendclient.c b/src/or/rendclient.c index a93bc94a9c..b0dcf52507 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -16,6 +16,7 @@ #include "connection.h" #include "connection_edge.h" #include "directory.h" +#include "hs_common.h" #include "main.h" #include "networkstatus.h" #include "nodelist.h" @@ -104,7 +105,7 @@ rend_client_reextend_intro_circuit(origin_circuit_t *circ) if (!extend_info) { log_warn(LD_REND, "No usable introduction points left for %s. Closing.", - safe_str_client(circ->rend_data->onion_address)); + safe_str_client(rend_data_get_address(circ->rend_data))); circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL); return -1; } @@ -144,18 +145,19 @@ rend_client_send_introduction(origin_circuit_t *introcirc, off_t dh_offset; crypto_pk_t *intro_key = NULL; int status = 0; + const char *onion_address; tor_assert(introcirc->base_.purpose == CIRCUIT_PURPOSE_C_INTRODUCING); tor_assert(rendcirc->base_.purpose == CIRCUIT_PURPOSE_C_REND_READY); tor_assert(introcirc->rend_data); tor_assert(rendcirc->rend_data); - tor_assert(!rend_cmp_service_ids(introcirc->rend_data->onion_address, - rendcirc->rend_data->onion_address)); + tor_assert(!rend_cmp_service_ids(rend_data_get_address(introcirc->rend_data), + rend_data_get_address(rendcirc->rend_data))); assert_circ_anonymity_ok(introcirc, options); assert_circ_anonymity_ok(rendcirc, options); + onion_address = rend_data_get_address(introcirc->rend_data); - r = rend_cache_lookup_entry(introcirc->rend_data->onion_address, -1, - &entry); + r = rend_cache_lookup_entry(onion_address, -1, &entry); /* An invalid onion address is not possible else we have a big issue. */ tor_assert(r != -EINVAL); if (r < 0 || !rend_client_any_intro_points_usable(entry)) { @@ -164,14 +166,13 @@ rend_client_send_introduction(origin_circuit_t *introcirc, log_info(LD_REND, "query %s didn't have valid rend desc in cache. " "Refetching descriptor.", - safe_str_client(introcirc->rend_data->onion_address)); + safe_str_client(onion_address)); rend_client_refetch_v2_renddesc(introcirc->rend_data); { connection_t *conn; while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP, - AP_CONN_STATE_CIRCUIT_WAIT, - introcirc->rend_data->onion_address))) { + AP_CONN_STATE_CIRCUIT_WAIT, onion_address))) { connection_ap_mark_as_non_pending_circuit(TO_ENTRY_CONN(conn)); conn->state = AP_CONN_STATE_RENDDESC_WAIT; } @@ -195,7 +196,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, log_info(LD_REND, "Could not find intro key for %s at %s; we " "have a v2 rend desc with %d intro points. " "Trying a different intro point...", - safe_str_client(introcirc->rend_data->onion_address), + safe_str_client(onion_address), safe_str_client(extend_info_describe( introcirc->build_state->chosen_exit)), smartlist_len(entry->parsed->intro_nodes)); @@ -235,11 +236,12 @@ rend_client_send_introduction(origin_circuit_t *introcirc, /* If version is 3, write (optional) auth data and timestamp. */ if (entry->parsed->protocols & (1<<3)) { tmp[0] = 3; /* version 3 of the cell format */ - tmp[1] = (uint8_t)introcirc->rend_data->auth_type; /* auth type, if any */ + /* auth type, if any */ + tmp[1] = (uint8_t) TO_REND_DATA_V2(introcirc->rend_data)->auth_type; v3_shift = 1; - if (introcirc->rend_data->auth_type != REND_NO_AUTH) { + if (tmp[1] != REND_NO_AUTH) { set_uint16(tmp+2, htons(REND_DESC_COOKIE_LEN)); - memcpy(tmp+4, introcirc->rend_data->descriptor_cookie, + memcpy(tmp+4, TO_REND_DATA_V2(introcirc->rend_data)->descriptor_cookie, REND_DESC_COOKIE_LEN); v3_shift += 2+REND_DESC_COOKIE_LEN; } @@ -359,7 +361,7 @@ rend_client_rendcirc_has_opened(origin_circuit_t *circ) * Called to close other intro circuits we launched in parallel. */ static void -rend_client_close_other_intros(const char *onion_address) +rend_client_close_other_intros(const uint8_t *rend_pk_digest) { /* abort parallel intro circs, if any */ SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, c) { @@ -368,8 +370,7 @@ rend_client_close_other_intros(const char *onion_address) !c->marked_for_close && CIRCUIT_IS_ORIGIN(c)) { origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(c); if (oc->rend_data && - !rend_cmp_service_ids(onion_address, - oc->rend_data->onion_address)) { + rend_circuit_pk_digest_eq(oc, rend_pk_digest)) { log_info(LD_REND|LD_CIRC, "Closing introduction circuit %d that we " "built in parallel (Purpose %d).", oc->global_identifier, c->purpose); @@ -431,7 +432,8 @@ rend_client_introduction_acked(origin_circuit_t *circ, circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED); /* close any other intros launched in parallel */ - rend_client_close_other_intros(circ->rend_data->onion_address); + rend_client_close_other_intros(rend_data_get_pk_digest(circ->rend_data, + NULL)); } else { /* It's a NAK; the introduction point didn't relay our request. */ circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_C_INTRODUCING); @@ -440,7 +442,7 @@ rend_client_introduction_acked(origin_circuit_t *circ, * If none remain, refetch the service descriptor. */ log_info(LD_REND, "Got nack for %s from %s...", - safe_str_client(circ->rend_data->onion_address), + safe_str_client(rend_data_get_address(circ->rend_data)), safe_str_client(extend_info_describe(circ->build_state->chosen_exit))); if (rend_client_report_intro_point_failure(circ->build_state->chosen_exit, circ->rend_data, @@ -694,13 +696,15 @@ pick_hsdir(const char *desc_id, const char *desc_id_base32) * in the case that no hidden service directory is left to ask for the * descriptor, return 0, and in case of a failure -1. */ static int -directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, +directory_get_from_hs_dir(const char *desc_id, + const rend_data_t *rend_query, routerstatus_t *rs_hsdir) { routerstatus_t *hs_dir = rs_hsdir; char *hsdir_fp; char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; char descriptor_cookie_base64[3*REND_DESC_COOKIE_LEN_BASE64]; + const rend_data_v2_t *rend_data; #ifdef ENABLE_TOR2WEB_MODE const int tor2web_mode = get_options()->Tor2webMode; const int how_to_fetch = tor2web_mode ? DIRIND_ONEHOP : DIRIND_ANONYMOUS; @@ -709,6 +713,8 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, #endif tor_assert(desc_id); + tor_assert(rend_query); + rend_data = TO_REND_DATA_V2(rend_query); base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id, DIGEST_LEN); @@ -731,10 +737,11 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, /* Encode descriptor cookie for logging purposes. Also, if the cookie is * malformed, no fetch is triggered thus this needs to be done before the * fetch request. */ - if (rend_query->auth_type != REND_NO_AUTH) { + if (rend_data->auth_type != REND_NO_AUTH) { if (base64_encode(descriptor_cookie_base64, sizeof(descriptor_cookie_base64), - rend_query->descriptor_cookie, REND_DESC_COOKIE_LEN, + rend_data->descriptor_cookie, + REND_DESC_COOKIE_LEN, 0)<0) { log_warn(LD_BUG, "Could not base64-encode descriptor cookie."); return 0; @@ -760,9 +767,9 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, "service '%s' with descriptor ID '%s', auth type %d, " "and descriptor cookie '%s' to hidden service " "directory %s", - rend_query->onion_address, desc_id_base32, - rend_query->auth_type, - (rend_query->auth_type == REND_NO_AUTH ? "[none]" : + rend_data->onion_address, desc_id_base32, + rend_data->auth_type, + (rend_data->auth_type == REND_NO_AUTH ? "[none]" : escaped_safe_str_client(descriptor_cookie_base64)), routerstatus_describe(hs_dir)); control_event_hs_descriptor_requested(rend_query, @@ -777,8 +784,8 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, * On success, 1 is returned. If no hidden service is left to ask, return 0. * On error, -1 is returned. */ static int -fetch_v2_desc_by_descid(const char *desc_id, const rend_data_t *rend_query, - smartlist_t *hsdirs) +fetch_v2_desc_by_descid(const char *desc_id, + const rend_data_t *rend_query, smartlist_t *hsdirs) { int ret; @@ -811,13 +818,12 @@ fetch_v2_desc_by_descid(const char *desc_id, const rend_data_t *rend_query, * On success, 1 is returned. If no hidden service is left to ask, return 0. * On error, -1 is returned. */ static int -fetch_v2_desc_by_addr(rend_data_t *query, smartlist_t *hsdirs) +fetch_v2_desc_by_addr(rend_data_t *rend_query, smartlist_t *hsdirs) { char descriptor_id[DIGEST_LEN]; int replicas_left_to_try[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS]; int i, tries_left, ret; - - tor_assert(query); + rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query); /* Randomly iterate over the replicas until a descriptor can be fetched * from one of the consecutive nodes, or no options are left. */ @@ -831,9 +837,10 @@ fetch_v2_desc_by_addr(rend_data_t *query, smartlist_t *hsdirs) int chosen_replica = replicas_left_to_try[rand_val]; replicas_left_to_try[rand_val] = replicas_left_to_try[--tries_left]; - ret = rend_compute_v2_desc_id(descriptor_id, query->onion_address, - query->auth_type == REND_STEALTH_AUTH ? - query->descriptor_cookie : NULL, + ret = rend_compute_v2_desc_id(descriptor_id, + rend_data->onion_address, + rend_data->auth_type == REND_STEALTH_AUTH ? + rend_data->descriptor_cookie : NULL, time(NULL), chosen_replica); if (ret < 0) { /* Normally, on failure the descriptor_id is untouched but let's be @@ -841,18 +848,18 @@ fetch_v2_desc_by_addr(rend_data_t *query, smartlist_t *hsdirs) goto end; } - if (tor_memcmp(descriptor_id, query->descriptor_id[chosen_replica], + if (tor_memcmp(descriptor_id, rend_data->descriptor_id[chosen_replica], sizeof(descriptor_id)) != 0) { /* Not equal from what we currently have so purge the last hid serv * request cache and update the descriptor ID with the new value. */ purge_hid_serv_from_last_hid_serv_requests( - query->descriptor_id[chosen_replica]); - memcpy(query->descriptor_id[chosen_replica], descriptor_id, - sizeof(query->descriptor_id[chosen_replica])); + rend_data->descriptor_id[chosen_replica]); + memcpy(rend_data->descriptor_id[chosen_replica], descriptor_id, + sizeof(rend_data->descriptor_id[chosen_replica])); } /* Trigger the fetch with the computed descriptor ID. */ - ret = fetch_v2_desc_by_descid(descriptor_id, query, hsdirs); + ret = fetch_v2_desc_by_descid(descriptor_id, rend_query, hsdirs); if (ret != 0) { /* Either on success or failure, as long as we tried a fetch we are * done here. */ @@ -880,16 +887,23 @@ int rend_client_fetch_v2_desc(rend_data_t *query, smartlist_t *hsdirs) { int ret; + rend_data_v2_t *rend_data; + const char *onion_address; tor_assert(query); + /* Get the version 2 data structure of the query. */ + rend_data = TO_REND_DATA_V2(query); + onion_address = rend_data_get_address(query); + /* Depending on what's available in the rend data query object, we will * trigger a fetch by HS address or using a descriptor ID. */ - if (query->onion_address[0] != '\0') { + if (onion_address[0] != '\0') { ret = fetch_v2_desc_by_addr(query, hsdirs); - } else if (!tor_digest_is_zero(query->desc_id_fetch)) { - ret = fetch_v2_desc_by_descid(query->desc_id_fetch, query, hsdirs); + } else if (!tor_digest_is_zero(rend_data->desc_id_fetch)) { + ret = fetch_v2_desc_by_descid(rend_data->desc_id_fetch, query, + hsdirs); } else { /* Query data is invalid. */ ret = -1; @@ -907,10 +921,11 @@ void rend_client_refetch_v2_renddesc(rend_data_t *rend_query) { rend_cache_entry_t *e = NULL; + const char *onion_address = rend_data_get_address(rend_query); tor_assert(rend_query); /* Before fetching, check if we already have a usable descriptor here. */ - if (rend_cache_lookup_entry(rend_query->onion_address, -1, &e) == 0 && + if (rend_cache_lookup_entry(onion_address, -1, &e) == 0 && rend_client_any_intro_points_usable(e)) { log_info(LD_REND, "We would fetch a v2 rendezvous descriptor, but we " "already have a usable descriptor here. Not fetching."); @@ -923,7 +938,7 @@ rend_client_refetch_v2_renddesc(rend_data_t *rend_query) return; } log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s", - safe_str_client(rend_query->onion_address)); + safe_str_client(onion_address)); rend_client_fetch_v2_desc(rend_query, NULL); /* We don't need to look the error code because either on failure or @@ -959,7 +974,7 @@ rend_client_cancel_descriptor_fetches(void) } else { log_debug(LD_REND, "Marking for close dir conn fetching " "rendezvous descriptor for service %s", - safe_str(rd->onion_address)); + safe_str(rend_data_get_address(rd))); } connection_mark_for_close(conn); } @@ -989,25 +1004,26 @@ rend_client_cancel_descriptor_fetches(void) */ int rend_client_report_intro_point_failure(extend_info_t *failed_intro, - rend_data_t *rend_query, + rend_data_t *rend_data, unsigned int failure_type) { int i, r; rend_cache_entry_t *ent; connection_t *conn; + const char *onion_address = rend_data_get_address(rend_data); - r = rend_cache_lookup_entry(rend_query->onion_address, -1, &ent); + r = rend_cache_lookup_entry(onion_address, -1, &ent); if (r < 0) { /* Either invalid onion address or cache entry not found. */ switch (-r) { case EINVAL: log_warn(LD_BUG, "Malformed service ID %s.", - escaped_safe_str_client(rend_query->onion_address)); + escaped_safe_str_client(onion_address)); return -1; case ENOENT: log_info(LD_REND, "Unknown service %s. Re-fetching descriptor.", - escaped_safe_str_client(rend_query->onion_address)); - rend_client_refetch_v2_renddesc(rend_query); + escaped_safe_str_client(onion_address)); + rend_client_refetch_v2_renddesc(rend_data); return 0; default: log_warn(LD_BUG, "Unknown cache lookup returned code: %d", r); @@ -1031,7 +1047,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro, case INTRO_POINT_FAILURE_GENERIC: rend_cache_intro_failure_note(failure_type, (uint8_t *)failed_intro->identity_digest, - rend_query->onion_address); + onion_address); rend_intro_point_free(intro); smartlist_del(ent->parsed->intro_nodes, i); break; @@ -1049,8 +1065,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro, if (zap_intro_point) { rend_cache_intro_failure_note( failure_type, - (uint8_t *) failed_intro->identity_digest, - rend_query->onion_address); + (uint8_t *) failed_intro->identity_digest, onion_address); rend_intro_point_free(intro); smartlist_del(ent->parsed->intro_nodes, i); } @@ -1064,14 +1079,14 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro, if (! rend_client_any_intro_points_usable(ent)) { log_info(LD_REND, "No more intro points remain for %s. Re-fetching descriptor.", - escaped_safe_str_client(rend_query->onion_address)); - rend_client_refetch_v2_renddesc(rend_query); + escaped_safe_str_client(onion_address)); + rend_client_refetch_v2_renddesc(rend_data); /* move all pending streams back to renddesc_wait */ /* NOTE: We can now do this faster, if we use pending_entry_connections */ while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP, AP_CONN_STATE_CIRCUIT_WAIT, - rend_query->onion_address))) { + onion_address))) { connection_ap_mark_as_non_pending_circuit(TO_ENTRY_CONN(conn)); conn->state = AP_CONN_STATE_RENDDESC_WAIT; } @@ -1080,7 +1095,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro, } log_info(LD_REND,"%d options left for %s.", smartlist_len(ent->parsed->intro_nodes), - escaped_safe_str_client(rend_query->onion_address)); + escaped_safe_str_client(onion_address)); return 1; } @@ -1221,10 +1236,11 @@ rend_client_desc_trynow(const char *query) rend_data = ENTRY_TO_EDGE_CONN(conn)->rend_data; if (!rend_data) continue; - if (rend_cmp_service_ids(query, rend_data->onion_address)) + const char *onion_address = rend_data_get_address(rend_data); + if (rend_cmp_service_ids(query, onion_address)) continue; assert_connection_ok(base_conn, now); - if (rend_cache_lookup_entry(rend_data->onion_address, -1, + if (rend_cache_lookup_entry(onion_address, -1, &entry) == 0 && rend_client_any_intro_points_usable(entry)) { /* either this fetch worked, or it failed but there was a @@ -1259,11 +1275,12 @@ rend_client_note_connection_attempt_ended(const rend_data_t *rend_data) { unsigned int have_onion = 0; rend_cache_entry_t *cache_entry = NULL; + const char *onion_address = rend_data_get_address(rend_data); + rend_data_v2_t *rend_data_v2 = TO_REND_DATA_V2(rend_data); - if (*rend_data->onion_address != '\0') { + if (onion_address[0] != '\0') { /* Ignore return value; we find an entry, or we don't. */ - (void) rend_cache_lookup_entry(rend_data->onion_address, -1, - &cache_entry); + (void) rend_cache_lookup_entry(onion_address, -1, &cache_entry); have_onion = 1; } @@ -1277,17 +1294,17 @@ rend_client_note_connection_attempt_ended(const rend_data_t *rend_data) /* Remove the HS's entries in last_hid_serv_requests. */ if (have_onion) { unsigned int replica; - for (replica = 0; replica < ARRAY_LENGTH(rend_data->descriptor_id); + for (replica = 0; replica < ARRAY_LENGTH(rend_data_v2->descriptor_id); replica++) { - const char *desc_id = rend_data->descriptor_id[replica]; + const char *desc_id = rend_data_v2->descriptor_id[replica]; purge_hid_serv_from_last_hid_serv_requests(desc_id); } log_info(LD_REND, "Connection attempt for %s has ended; " "cleaning up temporary state.", - safe_str_client(rend_data->onion_address)); + safe_str_client(onion_address)); } else { /* We only have an ID for a fetch. Probably used by HSFETCH. */ - purge_hid_serv_from_last_hid_serv_requests(rend_data->desc_id_fetch); + purge_hid_serv_from_last_hid_serv_requests(rend_data_v2->desc_id_fetch); } } @@ -1301,12 +1318,13 @@ rend_client_get_random_intro(const rend_data_t *rend_query) int ret; extend_info_t *result; rend_cache_entry_t *entry; + const char *onion_address = rend_data_get_address(rend_query); - ret = rend_cache_lookup_entry(rend_query->onion_address, -1, &entry); + ret = rend_cache_lookup_entry(onion_address, -1, &entry); if (ret < 0 || !rend_client_any_intro_points_usable(entry)) { log_warn(LD_REND, "Query '%s' didn't have valid rend desc in cache. Failing.", - safe_str_client(rend_query->onion_address)); + safe_str_client(onion_address)); /* XXX: Should we refetch the descriptor here if the IPs are not usable * anymore ?. */ return NULL; diff --git a/src/or/rendclient.h b/src/or/rendclient.h index b8f8c2f871..164305a773 100644 --- a/src/or/rendclient.h +++ b/src/or/rendclient.h @@ -27,7 +27,7 @@ void rend_client_cancel_descriptor_fetches(void); void rend_client_purge_last_hid_serv_requests(void); int rend_client_report_intro_point_failure(extend_info_t *failed_intro, - rend_data_t *rend_query, + rend_data_t *rend_data, unsigned int failure_type); int rend_client_rendezvous_acked(origin_circuit_t *circ, diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index d9d39b1f19..f2060e528c 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -12,6 +12,7 @@ #include "circuitbuild.h" #include "config.h" #include "control.h" +#include "hs_common.h" #include "rendclient.h" #include "rendcommon.h" #include "rendmid.h" @@ -804,124 +805,6 @@ rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint, command); } -/** Allocate and return a new rend_data_t with the same - * contents as <b>query</b>. */ -rend_data_t * -rend_data_dup(const rend_data_t *data) -{ - rend_data_t *data_dup; - tor_assert(data); - data_dup = tor_memdup(data, sizeof(rend_data_t)); - data_dup->hsdirs_fp = smartlist_new(); - SMARTLIST_FOREACH(data->hsdirs_fp, char *, fp, - smartlist_add(data_dup->hsdirs_fp, - tor_memdup(fp, DIGEST_LEN))); - return data_dup; -} - -/** Compute descriptor ID for each replicas and save them. A valid onion - * address must be present in the <b>rend_data</b>. - * - * Return 0 on success else -1. */ -static int -compute_desc_id(rend_data_t *rend_data) -{ - int ret = 0; - unsigned replica; - time_t now = time(NULL); - - tor_assert(rend_data); - - /* Compute descriptor ID for each replicas. */ - for (replica = 0; replica < ARRAY_LENGTH(rend_data->descriptor_id); - replica++) { - ret = rend_compute_v2_desc_id(rend_data->descriptor_id[replica], - rend_data->onion_address, - rend_data->descriptor_cookie, - now, replica); - if (ret < 0) { - goto end; - } - } - - end: - return ret; -} - -/** Allocate and initialize a rend_data_t object for a service using the - * given arguments. Only the <b>onion_address</b> is not optional. - * - * Return a valid rend_data_t pointer. */ -rend_data_t * -rend_data_service_create(const char *onion_address, const char *pk_digest, - const uint8_t *cookie, rend_auth_type_t auth_type) -{ - rend_data_t *rend_data = tor_malloc_zero(sizeof(*rend_data)); - - /* We need at least one else the call is wrong. */ - tor_assert(onion_address != NULL); - - if (pk_digest) { - memcpy(rend_data->rend_pk_digest, pk_digest, - sizeof(rend_data->rend_pk_digest)); - } - if (cookie) { - memcpy(rend_data->rend_cookie, cookie, - sizeof(rend_data->rend_cookie)); - } - - strlcpy(rend_data->onion_address, onion_address, - sizeof(rend_data->onion_address)); - rend_data->auth_type = auth_type; - /* Won't be used but still need to initialize it for rend_data dup and - * free. */ - rend_data->hsdirs_fp = smartlist_new(); - - return rend_data; -} - -/** Allocate and initialize a rend_data_t object for a client request using - * the given arguments. Either an onion address or a descriptor ID is - * needed. Both can be given but only the onion address will be used to make - * the descriptor fetch. - * - * Return a valid rend_data_t pointer or NULL on error meaning the - * descriptor IDs couldn't be computed from the given data. */ -rend_data_t * -rend_data_client_create(const char *onion_address, const char *desc_id, - const char *cookie, rend_auth_type_t auth_type) -{ - rend_data_t *rend_data = tor_malloc_zero(sizeof(*rend_data)); - - /* We need at least one else the call is wrong. */ - tor_assert(onion_address != NULL || desc_id != NULL); - - if (cookie) { - memcpy(rend_data->descriptor_cookie, cookie, - sizeof(rend_data->descriptor_cookie)); - } - if (desc_id) { - memcpy(rend_data->desc_id_fetch, desc_id, - sizeof(rend_data->desc_id_fetch)); - } - if (onion_address) { - strlcpy(rend_data->onion_address, onion_address, - sizeof(rend_data->onion_address)); - if (compute_desc_id(rend_data) < 0) { - goto error; - } - } - - rend_data->auth_type = auth_type; - rend_data->hsdirs_fp = smartlist_new(); - - return rend_data; - - error: - rend_data_free(rend_data); - return NULL; -} - /** Determine the routers that are responsible for <b>id</b> (binary) and * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>. * Return -1 if we're returning an empty smartlist, else return 0. @@ -1116,3 +999,32 @@ assert_circ_anonymity_ok(origin_circuit_t *circ, } } +/* Return 1 iff the given <b>digest</b> of a permenanent hidden service key is + * equal to the digest in the origin circuit <b>ocirc</b> of its rend data . + * If the rend data doesn't exist, 0 is returned. This function is agnostic to + * the rend data version. */ +int +rend_circuit_pk_digest_eq(const origin_circuit_t *ocirc, + const uint8_t *digest) +{ + size_t rend_pk_digest_len; + const uint8_t *rend_pk_digest; + + tor_assert(ocirc); + tor_assert(digest); + + if (ocirc->rend_data == NULL) { + goto no_match; + } + + rend_pk_digest = rend_data_get_pk_digest(ocirc->rend_data, + &rend_pk_digest_len); + if (tor_memeq(rend_pk_digest, digest, rend_pk_digest_len)) { + goto match; + } + no_match: + return 0; + match: + return 1; +} + diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h index 090e6f25e0..942ace5761 100644 --- a/src/or/rendcommon.h +++ b/src/or/rendcommon.h @@ -18,19 +18,6 @@ typedef enum rend_intro_point_failure_t { INTRO_POINT_FAILURE_UNREACHABLE = 2, } rend_intro_point_failure_t; -/** Free all storage associated with <b>data</b> */ -static inline void -rend_data_free(rend_data_t *data) -{ - if (!data) { - return; - } - /* Cleanup the HSDir identity digest. */ - SMARTLIST_FOREACH(data->hsdirs_fp, char *, d, tor_free(d)); - smartlist_free(data->hsdirs_fp); - tor_free(data); -} - int rend_cmp_service_ids(const char *one, const char *two); void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint, @@ -60,15 +47,8 @@ void rend_get_descriptor_id_bytes(char *descriptor_id_out, int hid_serv_get_responsible_directories(smartlist_t *responsible_dirs, const char *id); -rend_data_t *rend_data_dup(const rend_data_t *data); -rend_data_t *rend_data_client_create(const char *onion_address, - const char *desc_id, - const char *cookie, - rend_auth_type_t auth_type); -rend_data_t *rend_data_service_create(const char *onion_address, - const char *pk_digest, - const uint8_t *cookie, - rend_auth_type_t auth_type); +int rend_circuit_pk_digest_eq(const origin_circuit_t *ocirc, + const uint8_t *digest); char *rend_auth_encode_cookie(const uint8_t *cookie_in, rend_auth_type_t auth_type); diff --git a/src/or/rendmid.c b/src/or/rendmid.c index ca0ad7b0d4..f39c92afae 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -106,7 +106,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request, RELAY_COMMAND_INTRO_ESTABLISHED, "", 0, NULL)<0) { log_info(LD_GENERAL, "Couldn't send INTRO_ESTABLISHED cell."); - goto err; + goto err_no_close; } /* Now, set up this circuit. */ @@ -122,8 +122,9 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request, log_warn(LD_PROTOCOL, "Rejecting truncated ESTABLISH_INTRO cell."); reason = END_CIRC_REASON_TORPROTOCOL; err: - if (pk) crypto_pk_free(pk); circuit_mark_for_close(TO_CIRCUIT(circ), reason); + err_no_close: + if (pk) crypto_pk_free(pk); return -1; } @@ -201,14 +202,15 @@ rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, (char*)request, request_len, NULL)) { log_warn(LD_GENERAL, "Unable to send INTRODUCE2 cell to Tor client."); - goto err; + /* Stop right now, the circuit has been closed. */ + return -1; } /* And send an ack down the client's circuit. Empty body means succeeded. */ if (relay_send_command_from_edge(0,TO_CIRCUIT(circ), RELAY_COMMAND_INTRODUCE_ACK, NULL,0,NULL)) { log_warn(LD_GENERAL, "Unable to send INTRODUCE_ACK cell to Tor client."); - circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL); + /* Stop right now, the circuit has been closed. */ return -1; } @@ -220,8 +222,6 @@ rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, RELAY_COMMAND_INTRODUCE_ACK, nak_body, 1, NULL)) { log_warn(LD_GENERAL, "Unable to send NAK to Tor client."); - /* Is this right? */ - circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL); } return -1; } @@ -269,8 +269,8 @@ rend_mid_establish_rendezvous(or_circuit_t *circ, const uint8_t *request, RELAY_COMMAND_RENDEZVOUS_ESTABLISHED, "", 0, NULL)<0) { log_warn(LD_PROTOCOL, "Couldn't send RENDEZVOUS_ESTABLISHED cell."); - reason = END_CIRC_REASON_INTERNAL; - goto err; + /* Stop right now, the circuit has been closed. */ + return -1; } circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_REND_POINT_WAITING); @@ -346,7 +346,8 @@ rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request, log_warn(LD_GENERAL, "Unable to send RENDEZVOUS2 cell to client on circuit %u.", (unsigned)rend_circ->p_circ_id); - goto err; + /* Stop right now, the circuit has been closed. */ + return -1; } /* Join the circuits. */ diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 4d04da02aa..545fba1449 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -17,6 +17,7 @@ #include "config.h" #include "control.h" #include "directory.h" +#include "hs_common.h" #include "main.h" #include "networkstatus.h" #include "nodelist.h" @@ -78,6 +79,10 @@ static int rend_service_check_private_dir(const or_options_t *options, static int rend_service_check_private_dir_impl(const or_options_t *options, const rend_service_t *s, int create); +static const smartlist_t* rend_get_service_list( + const smartlist_t* substitute_service_list); +static smartlist_t* rend_get_service_list_mutable( + smartlist_t* substitute_service_list); /** Represents the mapping from a virtual port of a rendezvous service to * a real port on some IP. @@ -123,18 +128,58 @@ static const char *hostname_fname = "hostname"; static const char *client_keys_fname = "client_keys"; static const char *sos_poison_fname = "onion_service_non_anonymous"; +/** A list of rend_service_t's for services run on this OP. + */ +static smartlist_t *rend_service_list = NULL; + +/* Like rend_get_service_list_mutable, but returns a read-only list. */ +static const smartlist_t* +rend_get_service_list(const smartlist_t* substitute_service_list) +{ + /* It is safe to cast away the const here, because + * rend_get_service_list_mutable does not actually modify the list */ + return rend_get_service_list_mutable((smartlist_t*)substitute_service_list); +} + +/* Return a mutable list of hidden services. + * If substitute_service_list is not NULL, return it. + * Otherwise, check if the global rend_service_list is non-NULL, and if so, + * return it. + * Otherwise, log a BUG message and return NULL. + * */ +static smartlist_t* +rend_get_service_list_mutable(smartlist_t* substitute_service_list) +{ + if (substitute_service_list) { + return substitute_service_list; + } + + /* If no special service list is provided, then just use the global one. */ + + if (BUG(!rend_service_list)) { + /* No global HS list, which is a programmer error. */ + return NULL; + } + + return rend_service_list; +} + +/** Tells if onion service <b>s</b> is ephemeral. + */ +static unsigned int +rend_service_is_ephemeral(const struct rend_service_t *s) +{ + return (s->directory == NULL); +} + /** Returns a escaped string representation of the service, <b>s</b>. */ static const char * rend_service_escaped_dir(const struct rend_service_t *s) { - return (s->directory) ? escaped(s->directory) : "[EPHEMERAL]"; + return rend_service_is_ephemeral(s) ? "[EPHEMERAL]" : escaped(s->directory); } -/** A list of rend_service_t's for services run on this OP. - */ -static smartlist_t *rend_service_list = NULL; - /** Return the number of rendezvous services we have configured. */ int num_rend_services(void) @@ -230,17 +275,13 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) int i; rend_service_port_config_t *p; - smartlist_t *s_list; - /* If no special service list is provided, then just use the global one. */ - if (!service_list) { - if (BUG(!rend_service_list)) { - /* No global HS list, which is a failure. */ - return -1; - } + tor_assert(service); - s_list = rend_service_list; - } else { - s_list = service_list; + smartlist_t *s_list = rend_get_service_list_mutable(service_list); + /* We must have a service list, even if it's a temporary one, so we can + * check for duplicate services */ + if (BUG(!s_list)) { + return -1; } service->intro_nodes = smartlist_new(); @@ -248,7 +289,7 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) if (service->max_streams_per_circuit < 0) { log_warn(LD_CONFIG, "Hidden service (%s) configured with negative max " - "streams per circuit; ignoring.", + "streams per circuit.", rend_service_escaped_dir(service)); rend_service_free(service); return -1; @@ -257,7 +298,7 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) if (service->max_streams_close_circuit < 0 || service->max_streams_close_circuit > 1) { log_warn(LD_CONFIG, "Hidden service (%s) configured with invalid " - "max streams handling; ignoring.", + "max streams handling.", rend_service_escaped_dir(service)); rend_service_free(service); return -1; @@ -267,15 +308,14 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) (!service->clients || smartlist_len(service->clients) == 0)) { log_warn(LD_CONFIG, "Hidden service (%s) with client authorization but no " - "clients; ignoring.", + "clients.", rend_service_escaped_dir(service)); rend_service_free(service); return -1; } if (!service->ports || !smartlist_len(service->ports)) { - log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured; " - "ignoring.", + log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured.", rend_service_escaped_dir(service)); rend_service_free(service); return -1; @@ -296,22 +336,22 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) * lock file. But this is enough to detect a simple mistake that * at least one person has actually made. */ - if (service->directory != NULL) { + tor_assert(s_list); + if (!rend_service_is_ephemeral(service)) { /* Skip dupe for ephemeral services. */ SMARTLIST_FOREACH(s_list, rend_service_t*, ptr, dupe = dupe || !strcmp(ptr->directory, service->directory)); if (dupe) { log_warn(LD_REND, "Another hidden service is already configured for " - "directory %s, ignoring.", + "directory %s.", rend_service_escaped_dir(service)); rend_service_free(service); return -1; } } - smartlist_add(s_list, service); - log_debug(LD_REND,"Configuring service with directory \"%s\"", - service->directory); + log_debug(LD_REND,"Configuring service with directory %s", + rend_service_escaped_dir(service)); for (i = 0; i < smartlist_len(service->ports); ++i) { p = smartlist_get(service->ports, i); if (!(p->is_unix_addr)) { @@ -325,14 +365,19 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) "Service maps port %d to socket at \"%s\"", p->virtual_port, p->unix_addr); #else - log_debug(LD_REND, - "Service maps port %d to an AF_UNIX socket, but we " - "have no AF_UNIX support on this platform. This is " - "probably a bug.", - p->virtual_port); + log_warn(LD_BUG, + "Service maps port %d to an AF_UNIX socket, but we " + "have no AF_UNIX support on this platform. This is " + "probably a bug.", + p->virtual_port); + rend_service_free(service); + return -1; #endif /* defined(HAVE_SYS_UN_H) */ } } + /* The service passed all the checks */ + tor_assert(s_list); + smartlist_add(s_list, service); return 0; } /* NOTREACHED */ @@ -354,9 +399,9 @@ rend_service_port_config_new(const char *socket_path) return conf; } -/** Parses a real-port to virtual-port mapping separated by the provided - * separator and returns a new rend_service_port_config_t, or NULL and an - * optional error string on failure. +/** Parses a virtual-port to real-port/socket mapping separated by + * the provided separator and returns a new rend_service_port_config_t, + * or NULL and an optional error string on failure. * * The format is: VirtualPort SEP (IP|RealPort|IP:RealPort|'socket':path)? * @@ -381,14 +426,12 @@ rend_service_parse_port_config(const char *string, const char *sep, smartlist_split_string(sl, string, sep, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2); if (smartlist_len(sl) < 1 || BUG(smartlist_len(sl) > 2)) { - if (err_msg_out) - err_msg = tor_strdup("Bad syntax in hidden service port configuration."); + err_msg = tor_strdup("Bad syntax in hidden service port configuration."); goto err; } virtport = (int)tor_parse_long(smartlist_get(sl,0), 10, 1, 65535, NULL,NULL); if (!virtport) { - if (err_msg_out) - tor_asprintf(&err_msg, "Missing or invalid port %s in hidden service " + tor_asprintf(&err_msg, "Missing or invalid port %s in hidden service " "port configuration", escaped(smartlist_get(sl,0))); goto err; @@ -416,10 +459,8 @@ rend_service_parse_port_config(const char *string, const char *sep, } else if (strchr(addrport, ':') || strchr(addrport, '.')) { /* else try it as an IP:port pair if it has a : or . in it */ if (tor_addr_port_lookup(addrport, &addr, &p)<0) { - if (err_msg_out) - err_msg = tor_strdup("Unparseable address in hidden service port " - "configuration."); - + err_msg = tor_strdup("Unparseable address in hidden service port " + "configuration."); goto err; } realport = p?p:virtport; @@ -427,11 +468,9 @@ rend_service_parse_port_config(const char *string, const char *sep, /* No addr:port, no addr -- must be port. */ realport = (int)tor_parse_long(addrport, 10, 1, 65535, NULL, NULL); if (!realport) { - if (err_msg_out) - tor_asprintf(&err_msg, "Unparseable or out-of-range port %s in " - "hidden service port configuration.", - escaped(addrport)); - + tor_asprintf(&err_msg, "Unparseable or out-of-range port %s in " + "hidden service port configuration.", + escaped(addrport)); goto err; } tor_addr_from_ipv4h(&addr, 0x7F000001u); /* Default to 127.0.0.1 */ @@ -450,7 +489,11 @@ rend_service_parse_port_config(const char *string, const char *sep, err: tor_free(addrport); - if (err_msg_out) *err_msg_out = err_msg; + if (err_msg_out != NULL) { + *err_msg_out = err_msg; + } else { + tor_free(err_msg); + } SMARTLIST_FOREACH(sl, char *, c, tor_free(c)); smartlist_free(sl); @@ -490,33 +533,13 @@ rend_service_check_dir_and_add(smartlist_t *service_list, return -1; } - if (validate_only) { - rend_service_free(service); - return 0; - } else { - /* Use service_list for unit tests */ - smartlist_t *s_list = NULL; - /* If no special service list is provided, then just use the global one. */ - if (!service_list) { - if (BUG(!rend_service_list)) { - /* No global HS list, which is a failure, because we plan on adding to - * it */ - return -1; - } - s_list = rend_service_list; - } else { - s_list = service_list; - } - /* s_list can not be NULL here - if both service_list and rend_service_list - * are NULL, and validate_only is false, we exit earlier in the function - */ - if (BUG(!s_list)) { - return -1; - } - /* Ignore service failures until 030 */ - rend_add_service(s_list, service); - return 0; + smartlist_t *s_list = rend_get_service_list_mutable(service_list); + /* We must have a service list, even if it's a temporary one, so we can + * check for duplicate services */ + if (BUG(!s_list)) { + return -1; } + return rend_add_service(s_list, service); } /** Set up rend_service_list, based on the values of HiddenServiceDir and @@ -531,19 +554,19 @@ rend_config_services(const or_options_t *options, int validate_only) rend_service_t *service = NULL; rend_service_port_config_t *portcfg; smartlist_t *old_service_list = NULL; + smartlist_t *temp_service_list = NULL; int ok = 0; - if (!validate_only) { - old_service_list = rend_service_list; - rend_service_list = smartlist_new(); - } + /* Use a temporary service list, so that we can check the new services' + * consistency with each other */ + temp_service_list = smartlist_new(); for (line = options->RendConfigLines; line; line = line->next) { if (!strcasecmp(line->key, "HiddenServiceDir")) { /* register the service we just finished parsing * this code registers every service except the last one parsed, * which is registered below the loop */ - if (rend_service_check_dir_and_add(NULL, options, service, + if (rend_service_check_dir_and_add(temp_service_list, options, service, validate_only) < 0) { return -1; } @@ -584,7 +607,8 @@ rend_config_services(const or_options_t *options, int validate_only) } log_info(LD_CONFIG, "HiddenServiceAllowUnknownPorts=%d for %s", - (int)service->allow_unknown_ports, service->directory); + (int)service->allow_unknown_ports, + rend_service_escaped_dir(service)); } else if (!strcasecmp(line->key, "HiddenServiceDirGroupReadable")) { service->dir_group_readable = (int)tor_parse_long(line->value, @@ -598,7 +622,8 @@ rend_config_services(const or_options_t *options, int validate_only) } log_info(LD_CONFIG, "HiddenServiceDirGroupReadable=%d for %s", - service->dir_group_readable, service->directory); + service->dir_group_readable, + rend_service_escaped_dir(service)); } else if (!strcasecmp(line->key, "HiddenServiceMaxStreams")) { service->max_streams_per_circuit = (int)tor_parse_long(line->value, 10, 0, 65535, &ok, NULL); @@ -611,7 +636,8 @@ rend_config_services(const or_options_t *options, int validate_only) } log_info(LD_CONFIG, "HiddenServiceMaxStreams=%d for %s", - service->max_streams_per_circuit, service->directory); + service->max_streams_per_circuit, + rend_service_escaped_dir(service)); } else if (!strcasecmp(line->key, "HiddenServiceMaxStreamsCloseCircuit")) { service->max_streams_close_circuit = (int)tor_parse_long(line->value, 10, 0, 1, &ok, NULL); @@ -625,7 +651,8 @@ rend_config_services(const or_options_t *options, int validate_only) } log_info(LD_CONFIG, "HiddenServiceMaxStreamsCloseCircuit=%d for %s", - (int)service->max_streams_close_circuit, service->directory); + (int)service->max_streams_close_circuit, + rend_service_escaped_dir(service)); } else if (!strcasecmp(line->key, "HiddenServiceNumIntroductionPoints")) { service->n_intro_points_wanted = (unsigned int) tor_parse_long(line->value, 10, @@ -641,7 +668,8 @@ rend_config_services(const or_options_t *options, int validate_only) return -1; } log_info(LD_CONFIG, "HiddenServiceNumIntroductionPoints=%d for %s", - service->n_intro_points_wanted, service->directory); + service->n_intro_points_wanted, + rend_service_escaped_dir(service)); } else if (!strcasecmp(line->key, "HiddenServiceAuthorizeClient")) { /* Parse auth type and comma-separated list of client names and add a * rend_authorized_client_t for each client to the service's list @@ -754,11 +782,27 @@ rend_config_services(const or_options_t *options, int validate_only) /* register the final service after we have finished parsing all services * this code only registers the last service, other services are registered * within the loop. It is ok for this service to be NULL, it is ignored. */ - if (rend_service_check_dir_and_add(NULL, options, service, + if (rend_service_check_dir_and_add(temp_service_list, options, service, validate_only) < 0) { return -1; } + /* Free the newly added services if validating */ + if (validate_only) { + SMARTLIST_FOREACH(temp_service_list, rend_service_t *, ptr, + rend_service_free(ptr)); + smartlist_free(temp_service_list); + temp_service_list = NULL; + return 0; + } + + /* Otherwise, use the newly added services as the new service list + * Since we have now replaced the global service list, from this point on we + * must succeed, or die trying. */ + old_service_list = rend_service_list; + rend_service_list = temp_service_list; + temp_service_list = NULL; + /* If this is a reload and there were hidden services configured before, * keep the introduction points that are still needed and close the * other ones. */ @@ -780,7 +824,7 @@ rend_config_services(const or_options_t *options, int validate_only) * will NOT have their intro point closed. */ SMARTLIST_FOREACH(old_service_list, rend_service_t *, old, { - if (!old->directory) { + if (rend_service_is_ephemeral(old)) { SMARTLIST_DEL_CURRENT(old_service_list, old); smartlist_add(surviving_services, old); smartlist_add(rend_service_list, old); @@ -792,15 +836,20 @@ rend_config_services(const or_options_t *options, int validate_only) * probably ok? */ SMARTLIST_FOREACH_BEGIN(rend_service_list, rend_service_t *, new) { SMARTLIST_FOREACH_BEGIN(old_service_list, rend_service_t *, old) { - if (new->directory && old->directory && - !strcmp(old->directory, new->directory)) { - smartlist_add_all(new->intro_nodes, old->intro_nodes); - smartlist_clear(old->intro_nodes); - smartlist_add_all(new->expiring_nodes, old->expiring_nodes); - smartlist_clear(old->expiring_nodes); - smartlist_add(surviving_services, old); - break; + if (BUG(rend_service_is_ephemeral(new)) || + BUG(rend_service_is_ephemeral(old))) { + continue; + } + if (BUG(!new->directory) || BUG(!old->directory) || + strcmp(old->directory, new->directory)) { + continue; } + smartlist_add_all(new->intro_nodes, old->intro_nodes); + smartlist_clear(old->intro_nodes); + smartlist_add_all(new->expiring_nodes, old->expiring_nodes); + smartlist_clear(old->expiring_nodes); + smartlist_add(surviving_services, old); + break; } SMARTLIST_FOREACH_END(old); } SMARTLIST_FOREACH_END(new); @@ -817,8 +866,7 @@ rend_config_services(const or_options_t *options, int validate_only) int keep_it = 0; tor_assert(oc->rend_data); SMARTLIST_FOREACH(surviving_services, rend_service_t *, ptr, { - if (tor_memeq(ptr->pk_digest, oc->rend_data->rend_pk_digest, - DIGEST_LEN)) { + if (rend_circuit_pk_digest_eq(oc, (uint8_t *) ptr->pk_digest)) { keep_it = 1; break; } @@ -828,7 +876,7 @@ rend_config_services(const or_options_t *options, int validate_only) log_info(LD_REND, "Closing intro point %s for service %s.", safe_str_client(extend_info_describe( oc->build_state->chosen_exit)), - oc->rend_data->onion_address); + rend_data_get_address(oc->rend_data)); circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED); /* XXXX Is there another reason we should use here? */ } @@ -938,7 +986,7 @@ rend_service_del_ephemeral(const char *service_id) "removal."); return -1; } - if (s->directory) { + if (!rend_service_is_ephemeral(s)) { log_warn(LD_CONFIG, "Requested non-ephemeral Onion Service for removal."); return -1; } @@ -955,12 +1003,13 @@ rend_service_del_ephemeral(const char *service_id) circ->purpose == CIRCUIT_PURPOSE_S_INTRO)) { origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); tor_assert(oc->rend_data); - if (!tor_memeq(s->pk_digest, oc->rend_data->rend_pk_digest, DIGEST_LEN)) + if (!rend_circuit_pk_digest_eq(oc, (uint8_t *) s->pk_digest)) { continue; + } log_debug(LD_REND, "Closing intro point %s for service %s.", safe_str_client(extend_info_describe( oc->build_state->chosen_exit)), - oc->rend_data->onion_address); + rend_data_get_address(oc->rend_data)); circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED); } } SMARTLIST_FOREACH_END(circ); @@ -1054,7 +1103,7 @@ rend_service_sos_poison_path(const rend_service_t *service) return rend_service_path(service, sos_poison_fname); } -/** Return True if hidden services <b>service> has been poisoned by single +/** Return True if hidden services <b>service</b> has been poisoned by single * onion mode. */ static int service_is_single_onion_poisoned(const rend_service_t *service) @@ -1067,7 +1116,7 @@ service_is_single_onion_poisoned(const rend_service_t *service) return 0; } - if (!service->directory) { + if (rend_service_is_ephemeral(service)) { return 0; } @@ -1119,8 +1168,13 @@ rend_service_verify_single_onion_poison(const rend_service_t* s, } /* Ephemeral services are checked at ADD_ONION time */ - if (!s->directory) { - return 0; + if (BUG(rend_service_is_ephemeral(s))) { + return -1; + } + + /* Service is expected to have a directory */ + if (BUG(!s->directory)) { + return -1; } /* Services without keys are always ok - their keys will only ever be used @@ -1163,7 +1217,7 @@ poison_new_single_onion_hidden_service_dir_impl(const rend_service_t *service, int retval = -1; char *poison_fname = NULL; - if (!service->directory) { + if (rend_service_is_ephemeral(service)) { log_info(LD_REND, "Ephemeral HS started in non-anonymous mode."); return 0; } @@ -1213,7 +1267,7 @@ poison_new_single_onion_hidden_service_dir_impl(const rend_service_t *service, return retval; } -/** We just got launched in Single Onion Mode. That's a non-anoymous mode for +/** We just got launched in Single Onion Mode. That's a non-anonymous mode for * hidden services. If s is new, we should mark its hidden service * directory appropriately so that it is never launched as a location-private * hidden service. (New directories don't have private key files.) @@ -1230,6 +1284,16 @@ rend_service_poison_new_single_onion_dir(const rend_service_t *s, /* We must only poison directories if we're in Single Onion mode */ tor_assert(rend_service_non_anonymous_mode_enabled(options)); + /* Ephemeral services aren't allowed in non-anonymous mode */ + if (BUG(rend_service_is_ephemeral(s))) { + return -1; + } + + /* Service is expected to have a directory */ + if (BUG(!s->directory)) { + return -1; + } + if (!rend_service_private_key_exists(s)) { if (poison_new_single_onion_hidden_service_dir_impl(s, options) < 0) { @@ -1249,22 +1313,17 @@ rend_service_poison_new_single_onion_dir(const rend_service_t *s, int rend_service_load_all_keys(const smartlist_t *service_list) { - const smartlist_t *s_list = NULL; - /* If no special service list is provided, then just use the global one. */ - if (!service_list) { - if (BUG(!rend_service_list)) { - return -1; - } - s_list = rend_service_list; - } else { - s_list = service_list; + /* Use service_list for unit tests */ + const smartlist_t *s_list = rend_get_service_list(service_list); + if (BUG(!s_list)) { + return -1; } SMARTLIST_FOREACH_BEGIN(s_list, rend_service_t *, s) { if (s->private_key) continue; - log_info(LD_REND, "Loading hidden-service keys from \"%s\"", - s->directory); + log_info(LD_REND, "Loading hidden-service keys from %s", + rend_service_escaped_dir(s)); if (rend_service_load_keys(s) < 0) return -1; @@ -1296,9 +1355,9 @@ rend_services_add_filenames_to_lists(smartlist_t *open_lst, if (!rend_service_list) return; SMARTLIST_FOREACH_BEGIN(rend_service_list, rend_service_t *, s) { - if (s->directory) { + if (!rend_service_is_ephemeral(s)) { rend_service_add_filenames_to_list(open_lst, s); - smartlist_add(stat_lst, tor_strdup(s->directory)); + smartlist_add_strdup(stat_lst, s->directory); } } SMARTLIST_FOREACH_END(s); } @@ -1793,7 +1852,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, const or_options_t *options = get_options(); char *err_msg = NULL; int err_msg_severity = LOG_WARN; - const char *stage_descr = NULL; + const char *stage_descr = NULL, *rend_pk_digest; int reason = END_CIRC_REASON_TORPROTOCOL; /* Service/circuit/key stuff we can learn before parsing */ char serviceid[REND_SERVICE_ID_LEN_BASE32+1]; @@ -1827,14 +1886,15 @@ rend_service_receive_introduction(origin_circuit_t *circuit, assert_circ_anonymity_ok(circuit, options); tor_assert(circuit->rend_data); + /* XXX: This is version 2 specific (only one supported). */ + rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data, NULL); /* We'll use this in a bazillion log messages */ base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); + rend_pk_digest, REND_SERVICE_ID_LEN); /* look up service depending on circuit. */ - service = - rend_service_get_by_pk_digest(circuit->rend_data->rend_pk_digest); + service = rend_service_get_by_pk_digest(rend_pk_digest); if (!service) { log_warn(LD_BUG, "Internal error: Got an INTRODUCE2 cell on an intro " @@ -2057,8 +2117,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, /* Fill in the circuit's state. */ launched->rend_data = - rend_data_service_create(service->service_id, - circuit->rend_data->rend_pk_digest, + rend_data_service_create(service->service_id, rend_pk_digest, parsed_req->rc, service->auth_type); launched->build_state->service_pending_final_cpath_ref = @@ -3092,9 +3151,9 @@ count_intro_point_circuits(const rend_service_t *service) circ->purpose == CIRCUIT_PURPOSE_S_INTRO)) { origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); if (oc->rend_data && - !rend_cmp_service_ids(service->service_id, - oc->rend_data->onion_address)) + rend_circuit_pk_digest_eq(oc, (uint8_t *) service->pk_digest)) { num_ipos++; + } } } SMARTLIST_FOREACH_END(circ); @@ -3114,17 +3173,19 @@ rend_service_intro_has_opened(origin_circuit_t *circuit) char auth[DIGEST_LEN + 9]; char serviceid[REND_SERVICE_ID_LEN_BASE32+1]; int reason = END_CIRC_REASON_TORPROTOCOL; + const char *rend_pk_digest; tor_assert(circuit->base_.purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO); assert_circ_anonymity_ok(circuit, get_options()); tor_assert(circuit->cpath); tor_assert(circuit->rend_data); + /* XXX: This is version 2 specific (only on supported). */ + rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data, NULL); base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); + rend_pk_digest, REND_SERVICE_ID_LEN); - service = rend_service_get_by_pk_digest( - circuit->rend_data->rend_pk_digest); + service = rend_service_get_by_pk_digest(rend_pk_digest); if (!service) { log_warn(LD_REND, "Unrecognized service ID %s on introduction circuit %u.", safe_str_client(serviceid), (unsigned)circuit->base_.n_circ_id); @@ -3165,9 +3226,8 @@ rend_service_intro_has_opened(origin_circuit_t *circuit) circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_C_GENERAL); { - rend_data_t *rend_data = circuit->rend_data; + rend_data_free(circuit->rend_data); circuit->rend_data = NULL; - rend_data_free(rend_data); } { crypto_pk_t *intro_key = circuit->intro_key; @@ -3200,7 +3260,7 @@ rend_service_intro_has_opened(origin_circuit_t *circuit) len += 2; memcpy(auth, circuit->cpath->prev->rend_circ_nonce, DIGEST_LEN); memcpy(auth+DIGEST_LEN, "INTRODUCE", 9); - if (crypto_digest(buf+len, auth, DIGEST_LEN+9)) + if (crypto_digest(buf+len, auth, DIGEST_LEN+9) < 0) goto err; len += 20; note_crypto_pk_op(REND_SERVER); @@ -3219,8 +3279,7 @@ rend_service_intro_has_opened(origin_circuit_t *circuit) log_info(LD_GENERAL, "Couldn't send introduction request for service %s on circuit %u", serviceid, (unsigned)circuit->base_.n_circ_id); - reason = END_CIRC_REASON_INTERNAL; - goto err; + goto done; } /* We've attempted to use this circuit */ @@ -3251,15 +3310,17 @@ rend_service_intro_established(origin_circuit_t *circuit, char serviceid[REND_SERVICE_ID_LEN_BASE32+1]; (void) request; (void) request_len; + tor_assert(circuit->rend_data); + /* XXX: This is version 2 specific (only supported one for now). */ + const char *rend_pk_digest = + (char *) rend_data_get_pk_digest(circuit->rend_data, NULL); if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_ESTABLISH_INTRO) { log_warn(LD_PROTOCOL, "received INTRO_ESTABLISHED cell on non-intro circuit."); goto err; } - tor_assert(circuit->rend_data); - service = rend_service_get_by_pk_digest( - circuit->rend_data->rend_pk_digest); + service = rend_service_get_by_pk_digest(rend_pk_digest); if (!service) { log_warn(LD_REND, "Unknown service on introduction circuit %u.", (unsigned)circuit->base_.n_circ_id); @@ -3282,7 +3343,7 @@ rend_service_intro_established(origin_circuit_t *circuit, circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_S_INTRO); base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32 + 1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); + rend_pk_digest, REND_SERVICE_ID_LEN); log_info(LD_REND, "Received INTRO_ESTABLISHED cell on circuit %u for service %s", (unsigned)circuit->base_.n_circ_id, serviceid); @@ -3309,6 +3370,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) char serviceid[REND_SERVICE_ID_LEN_BASE32+1]; char hexcookie[9]; int reason; + const char *rend_cookie, *rend_pk_digest; tor_assert(circuit->base_.purpose == CIRCUIT_PURPOSE_S_CONNECT_REND); tor_assert(circuit->cpath); @@ -3316,6 +3378,11 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) assert_circ_anonymity_ok(circuit, get_options()); tor_assert(circuit->rend_data); + /* XXX: This is version 2 specific (only one supported). */ + rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data, + NULL); + rend_cookie = circuit->rend_data->rend_cookie; + /* Declare the circuit dirty to avoid reuse, and for path-bias */ if (!circuit->base_.timestamp_dirty) circuit->base_.timestamp_dirty = time(NULL); @@ -3325,9 +3392,9 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) hop = circuit->build_state->service_pending_final_cpath_ref->cpath; - base16_encode(hexcookie,9,circuit->rend_data->rend_cookie,4); + base16_encode(hexcookie,9, rend_cookie,4); base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); + rend_pk_digest, REND_SERVICE_ID_LEN); log_info(LD_REND, "Done building circuit %u to rendezvous with " @@ -3356,8 +3423,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) circuit->build_state->pending_final_cpath = hop; circuit->build_state->service_pending_final_cpath_ref->cpath = NULL; - service = rend_service_get_by_pk_digest( - circuit->rend_data->rend_pk_digest); + service = rend_service_get_by_pk_digest(rend_pk_digest); if (!service) { log_warn(LD_GENERAL, "Internal error: unrecognized service ID on " "rendezvous circuit."); @@ -3366,7 +3432,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) } /* All we need to do is send a RELAY_RENDEZVOUS1 cell... */ - memcpy(buf, circuit->rend_data->rend_cookie, REND_COOKIE_LEN); + memcpy(buf, rend_cookie, REND_COOKIE_LEN); if (crypto_dh_get_public(hop->rend_dh_handshake_state, buf+REND_COOKIE_LEN, DH_KEY_LEN)<0) { log_warn(LD_GENERAL,"Couldn't get DH public key."); @@ -3382,8 +3448,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) buf, REND_COOKIE_LEN+DH_KEY_LEN+DIGEST_LEN, circuit->cpath->prev)<0) { log_warn(LD_GENERAL, "Couldn't send RENDEZVOUS1 cell."); - reason = END_CIRC_REASON_INTERNAL; - goto err; + goto done; } crypto_dh_free(hop->rend_dh_handshake_state); @@ -3430,8 +3495,8 @@ find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest) origin_circuit_t *circ = NULL; tor_assert(intro); - while ((circ = circuit_get_next_by_pk_and_purpose(circ,pk_digest, - CIRCUIT_PURPOSE_S_INTRO))) { + while ((circ = circuit_get_next_by_pk_and_purpose(circ, + (uint8_t *) pk_digest, CIRCUIT_PURPOSE_S_INTRO))) { if (tor_memeq(circ->build_state->chosen_exit->identity_digest, intro->extend_info->identity_digest, DIGEST_LEN) && circ->rend_data) { @@ -3440,8 +3505,9 @@ find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest) } circ = NULL; - while ((circ = circuit_get_next_by_pk_and_purpose(circ,pk_digest, - CIRCUIT_PURPOSE_S_ESTABLISH_INTRO))) { + while ((circ = circuit_get_next_by_pk_and_purpose(circ, + (uint8_t *) pk_digest, + CIRCUIT_PURPOSE_S_ESTABLISH_INTRO))) { if (tor_memeq(circ->build_state->chosen_exit->identity_digest, intro->extend_info->identity_digest, DIGEST_LEN) && circ->rend_data) { @@ -3480,7 +3546,7 @@ find_intro_point(origin_circuit_t *circ) tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO || TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_INTRO); tor_assert(circ->rend_data); - serviceid = circ->rend_data->onion_address; + serviceid = rend_data_get_address(circ->rend_data); SMARTLIST_FOREACH(rend_service_list, rend_service_t *, s, if (tor_memeq(s->service_id, serviceid, REND_SERVICE_ID_LEN_BASE32)) { @@ -3865,10 +3931,13 @@ void rend_service_desc_has_uploaded(const rend_data_t *rend_data) { rend_service_t *service; + const char *onion_address; tor_assert(rend_data); - service = rend_service_get_by_service_id(rend_data->onion_address); + onion_address = rend_data_get_address(rend_data); + + service = rend_service_get_by_service_id(onion_address); if (service == NULL) { return; } @@ -4168,8 +4237,8 @@ rend_service_dump_stats(int severity) for (i=0; i < smartlist_len(rend_service_list); ++i) { service = smartlist_get(rend_service_list, i); - tor_log(severity, LD_GENERAL, "Service configured in \"%s\":", - service->directory); + tor_log(severity, LD_GENERAL, "Service configured in %s:", + rend_service_escaped_dir(service)); for (j=0; j < smartlist_len(service->intro_nodes); ++j) { intro = smartlist_get(service->intro_nodes, j); safe_name = safe_str_client(intro->extend_info->nickname); @@ -4255,14 +4324,16 @@ rend_service_set_connection_addr_port(edge_connection_t *conn, smartlist_t *matching_ports; rend_service_port_config_t *chosen_port; unsigned int warn_once = 0; + const char *rend_pk_digest; tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_S_REND_JOINED); tor_assert(circ->rend_data); log_debug(LD_REND,"beginning to hunt for addr/port"); + /* XXX: This is version 2 specific (only one supported). */ + rend_pk_digest = (char *) rend_data_get_pk_digest(circ->rend_data, NULL); base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, - circ->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); - service = rend_service_get_by_pk_digest( - circ->rend_data->rend_pk_digest); + rend_pk_digest, REND_SERVICE_ID_LEN); + service = rend_service_get_by_pk_digest(rend_pk_digest); if (!service) { log_warn(LD_REND, "Couldn't find any service associated with pk %s on " "rendezvous circuit %u; closing.", diff --git a/src/or/router.c b/src/or/router.c index 6d3a32a60c..917caaa1f5 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1312,8 +1312,15 @@ extend_info_from_router(const routerinfo_t *r) /* Make sure we don't need to check address reachability */ tor_assert_nonfatal(router_skip_or_reachability(get_options(), 0)); + const ed25519_public_key_t *ed_id_key; + if (r->cache_info.signing_key_cert) + ed_id_key = &r->cache_info.signing_key_cert->signing_key; + else + ed_id_key = NULL; + router_get_prim_orport(r, &ap); return extend_info_new(r->nickname, r->cache_info.identity_digest, + ed_id_key, r->onion_pkey, r->onion_curve25519_pkey, &ap.addr, ap.port); } @@ -2206,7 +2213,7 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) log_warn(LD_CONFIG, "There is a router named \"%s\" in my " "declared family, but that isn't a legal nickname. " "Skipping it.", escaped(name)); - smartlist_add(warned_nonexistent_family, tor_strdup(name)); + smartlist_add_strdup(warned_nonexistent_family, name); } if (is_legal) { smartlist_add(ri->declared_family, name); @@ -2881,7 +2888,7 @@ router_dump_router_to_string(routerinfo_t *router, /* Write the exit policy to the end of 's'. */ if (!router->exit_policy || !smartlist_len(router->exit_policy)) { - smartlist_add(chunks, tor_strdup("reject *:*\n")); + smartlist_add_strdup(chunks, "reject *:*\n"); } else if (router->exit_policy) { char *exit_policy = router_dump_exit_policy_to_string(router,1,0); @@ -2903,12 +2910,12 @@ router_dump_router_to_string(routerinfo_t *router, if (decide_to_advertise_begindir(options, router->supports_tunnelled_dir_requests)) { - smartlist_add(chunks, tor_strdup("tunnelled-dir-server\n")); + smartlist_add_strdup(chunks, "tunnelled-dir-server\n"); } /* Sign the descriptor with Ed25519 */ if (emit_ed_sigs) { - smartlist_add(chunks, tor_strdup("router-sig-ed25519 ")); + smartlist_add_strdup(chunks, "router-sig-ed25519 "); crypto_digest_smartlist_prefix(digest, DIGEST256_LEN, ED_DESC_SIGNATURE_PREFIX, chunks, "", DIGEST_SHA256); @@ -2924,7 +2931,7 @@ router_dump_router_to_string(routerinfo_t *router, } /* Sign the descriptor with RSA */ - smartlist_add(chunks, tor_strdup("router-signature\n")); + smartlist_add_strdup(chunks, "router-signature\n"); crypto_digest_smartlist(digest, DIGEST_LEN, chunks, "", DIGEST_SHA1); @@ -2939,7 +2946,7 @@ router_dump_router_to_string(routerinfo_t *router, } /* include a last '\n' */ - smartlist_add(chunks, tor_strdup("\n")); + smartlist_add_strdup(chunks, "\n"); output = smartlist_join_strings(chunks, "", 0, NULL); @@ -3197,13 +3204,13 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, if (should_record_bridge_info(options) && write_stats_to_extrainfo) { const char *bridge_stats = geoip_get_bridge_stats_extrainfo(now); if (bridge_stats) { - smartlist_add(chunks, tor_strdup(bridge_stats)); + smartlist_add_strdup(chunks, bridge_stats); } } if (emit_ed_sigs) { char sha256_digest[DIGEST256_LEN]; - smartlist_add(chunks, tor_strdup("router-sig-ed25519 ")); + smartlist_add_strdup(chunks, "router-sig-ed25519 "); crypto_digest_smartlist_prefix(sha256_digest, DIGEST256_LEN, ED_DESC_SIGNATURE_PREFIX, chunks, "", DIGEST_SHA256); @@ -3218,7 +3225,7 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, smartlist_add_asprintf(chunks, "%s\n", buf); } - smartlist_add(chunks, tor_strdup("router-signature\n")); + smartlist_add_strdup(chunks, "router-signature\n"); s = smartlist_join_strings(chunks, "", 0, NULL); while (strlen(s) > MAX_EXTRAINFO_UPLOAD_SIZE - DIROBJ_MAX_SIG_LEN) { @@ -3253,7 +3260,7 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, "descriptor."); goto err; } - smartlist_add(chunks, tor_strdup(sig)); + smartlist_add_strdup(chunks, sig); tor_free(s); s = smartlist_join_strings(chunks, "", 0, NULL); diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index ca32228fc7..51802b15e5 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -5,8 +5,13 @@ * \file routerkeys.c * * \brief Functions and structures to handle generating and maintaining the - * set of keypairs necessary to be an OR. (Some of the code in router.c - * belongs here.) + * set of keypairs necessary to be an OR. + * + * The keys handled here now are the Ed25519 keys that Tor relays use to sign + * descriptors, authenticate themselves on links, and identify one another + * uniquely. Other keys are maintained in router.c and rendservice.c. + * + * (TODO: The keys in router.c should go here too.) */ #include "or.h" @@ -19,6 +24,7 @@ #define ENC_KEY_HEADER "Boxed Ed25519 key" #define ENC_KEY_TAG "master" +/* DOCDOC */ static ssize_t do_getpass(const char *prompt, char *buf, size_t buflen, int twice, const or_options_t *options) @@ -85,6 +91,7 @@ do_getpass(const char *prompt, char *buf, size_t buflen, return length; } +/* DOCDOC */ int read_encrypted_secret_key(ed25519_secret_key_t *out, const char *fname) @@ -157,6 +164,7 @@ read_encrypted_secret_key(ed25519_secret_key_t *out, return r; } +/* DOCDOC */ int write_encrypted_secret_key(const ed25519_secret_key_t *key, const char *fname) @@ -200,6 +208,7 @@ write_encrypted_secret_key(const ed25519_secret_key_t *key, return r; } +/* DOCDOC */ static int write_secret_key(const ed25519_secret_key_t *key, int encrypted, const char *fname, @@ -733,8 +742,12 @@ load_ed_keys(const or_options_t *options, time_t now) if (need_new_signing_key) { log_notice(LD_OR, "It looks like I need to generate and sign a new " - "medium-term signing key, because %s. To do that, I need to " - "load%s the permanent master identity key.", + "medium-term signing key, because %s. To do that, I " + "need to load%s the permanent master identity key. " + "If the master identity key was not moved or encrypted " + "with a passphrase, this will be done automatically and " + "no further action is required. Otherwise, provide the " + "necessary data using 'tor --keygen' to do it manually.", (NULL == use_signing) ? "I don't have one" : EXPIRES_SOON(check_signing_cert, 0) ? "the one I have is expired" : "you asked me to make one with --keygen", @@ -742,15 +755,19 @@ load_ed_keys(const or_options_t *options, time_t now) } else if (want_new_signing_key && !offline_master) { log_notice(LD_OR, "It looks like I should try to generate and sign a " "new medium-term signing key, because the one I have is " - "going to expire soon. To do that, I'm going to have to try to " - "load the permanent master identity key."); + "going to expire soon. To do that, I'm going to have to " + "try to load the permanent master identity key. " + "If the master identity key was not moved or encrypted " + "with a passphrase, this will be done automatically and " + "no further action is required. Otherwise, provide the " + "necessary data using 'tor --keygen' to do it manually."); } else if (want_new_signing_key) { log_notice(LD_OR, "It looks like I should try to generate and sign a " "new medium-term signing key, because the one I have is " "going to expire soon. But OfflineMasterKey is set, so I " - "won't try to load a permanent master identity key is set. " - "You will need to use 'tor --keygen' make a new signing key " - "and certificate."); + "won't try to load a permanent master identity key. You " + "will need to use 'tor --keygen' to make a new signing " + "key and certificate."); } { @@ -927,7 +944,18 @@ load_ed_keys(const or_options_t *options, time_t now) return -1; } -/* DOCDOC */ +/** + * Retrieve our currently-in-use Ed25519 link certificate and id certificate, + * and, if they would expire soon (based on the time <b>now</b>, generate new + * certificates (without embedding the public part of the signing key inside). + * + * The signed_key from the expiring certificate will be used to sign the new + * key within newly generated X509 certificate. + * + * Returns -1 upon error. Otherwise, returns 0 upon success (either when the + * current certificate is still valid, or when a new certificate was + * successfully generated). + */ int generate_ed_link_cert(const or_options_t *options, time_t now) { @@ -967,6 +995,17 @@ generate_ed_link_cert(const or_options_t *options, time_t now) #undef SET_KEY #undef SET_CERT +/** + * Return 1 if any of the following are true: + * + * - if one of our Ed25519 signing, auth, or link certificates would expire + * soon w.r.t. the time <b>now</b>, + * - if we do not currently have a link certificate, or + * - if our cached Ed25519 link certificate is not same as the one we're + * currently using. + * + * Otherwise, returns 0. + */ int should_make_new_ed_keys(const or_options_t *options, const time_t now) { @@ -997,6 +1036,61 @@ should_make_new_ed_keys(const or_options_t *options, const time_t now) #undef EXPIRES_SOON +#ifdef TOR_UNIT_TESTS +/* Helper for unit tests: populate the ed25519 keys without saving or + * loading */ +void +init_mock_ed_keys(const crypto_pk_t *rsa_identity_key) +{ + routerkeys_free_all(); + +#define MAKEKEY(k) \ + k = tor_malloc_zero(sizeof(*k)); \ + if (ed25519_keypair_generate(k, 0) < 0) { \ + log_warn(LD_BUG, "Couldn't make a keypair"); \ + goto err; \ + } + MAKEKEY(master_identity_key); + MAKEKEY(master_signing_key); + MAKEKEY(current_auth_key); +#define MAKECERT(cert, signing, signed_, type, flags) \ + cert = tor_cert_create(signing, \ + type, \ + &signed_->pubkey, \ + time(NULL), 86400, \ + flags); \ + if (!cert) { \ + log_warn(LD_BUG, "Couldn't make a %s certificate!", #cert); \ + goto err; \ + } + + MAKECERT(signing_key_cert, + master_identity_key, master_signing_key, CERT_TYPE_ID_SIGNING, + CERT_FLAG_INCLUDE_SIGNING_KEY); + MAKECERT(auth_key_cert, + master_signing_key, current_auth_key, CERT_TYPE_SIGNING_AUTH, 0); + + if (generate_ed_link_cert(get_options(), time(NULL)) < 0) { + log_warn(LD_BUG, "Couldn't make link certificate"); + goto err; + } + + rsa_ed_crosscert_len = tor_make_rsa_ed25519_crosscert( + &master_identity_key->pubkey, + rsa_identity_key, + time(NULL)+86400, + &rsa_ed_crosscert); + + return; + + err: + routerkeys_free_all(); + tor_assert_nonfatal_unreached(); +} +#undef MAKEKEY +#undef MAKECERT +#endif + const ed25519_public_key_t * get_master_identity_key(void) { @@ -1005,6 +1099,24 @@ get_master_identity_key(void) return &master_identity_key->pubkey; } +/** Return true iff <b>id</b> is our Ed25519 master identity key. */ +int +router_ed25519_id_is_me(const ed25519_public_key_t *id) +{ + return id && master_identity_key && + ed25519_pubkey_eq(id, &master_identity_key->pubkey); +} + +#ifdef TOR_UNIT_TESTS +/* only exists for the unit tests, since otherwise the identity key + * should be used to sign nothing but the signing key. */ +const ed25519_keypair_t * +get_master_identity_keypair(void) +{ + return master_identity_key; +} +#endif + const ed25519_keypair_t * get_master_signing_keypair(void) { @@ -1139,9 +1251,12 @@ routerkeys_free_all(void) tor_cert_free(signing_key_cert); tor_cert_free(link_cert_cert); tor_cert_free(auth_key_cert); + tor_free(rsa_ed_crosscert); master_identity_key = master_signing_key = NULL; current_auth_key = NULL; signing_key_cert = link_cert_cert = auth_key_cert = NULL; + rsa_ed_crosscert = NULL; // redundant + rsa_ed_crosscert_len = 0; } diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h index be9b19aea8..98894cdc0b 100644 --- a/src/or/routerkeys.h +++ b/src/or/routerkeys.h @@ -45,6 +45,8 @@ const struct tor_cert_st *get_current_auth_key_cert(void); void get_master_rsa_crosscert(const uint8_t **cert_out, size_t *size_out); +int router_ed25519_id_is_me(const ed25519_public_key_t *id); + struct tor_cert_st *make_ntor_onion_key_crosscert( const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, @@ -73,5 +75,10 @@ int write_encrypted_secret_key(const ed25519_secret_key_t *out, void routerkeys_free_all(void); +#ifdef TOR_UNIT_TESTS +const ed25519_keypair_t *get_master_identity_keypair(void); +void init_mock_ed_keys(const crypto_pk_t *rsa_identity_key); +#endif + #endif diff --git a/src/or/routerlist.c b/src/or/routerlist.c index b876795445..6bac57d4db 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -586,7 +586,7 @@ trusted_dirs_load_certs_from_string(const char *contents, int source, "signing key %s", from_store ? "cached" : "downloaded", ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN)); } else { - int adding = directory_caches_unknown_auth_certs(get_options()); + int adding = we_want_to_fetch_unknown_auth_certs(get_options()); log_info(LD_DIR, "%s %s certificate for unrecognized directory " "authority with signing key %s", adding ? "Adding" : "Not adding", @@ -929,7 +929,8 @@ authority_certs_fetch_resource_impl(const char *resource, const routerstatus_t *rs) { const or_options_t *options = get_options(); - int get_via_tor = purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0); + int get_via_tor = purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0, + resource); /* Make sure bridge clients never connect to anything but a bridge */ if (options->UseBridges) { @@ -1011,7 +1012,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now, char *resource = NULL; cert_list_t *cl; const or_options_t *options = get_options(); - const int cache = directory_caches_unknown_auth_certs(options); + const int keep_unknown = we_want_to_fetch_unknown_auth_certs(options); fp_pair_t *fp_tmp = NULL; char id_digest_str[2*DIGEST_LEN+1]; char sk_digest_str[2*DIGEST_LEN+1]; @@ -1083,9 +1084,10 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now, if (!smartlist_len(voter->sigs)) continue; /* This authority never signed this consensus, so don't * go looking for a cert with key digest 0000000000. */ - if (!cache && + if (!keep_unknown && !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest)) - continue; /* We are not a cache, and we don't know this authority.*/ + continue; /* We don't want unknown certs, and we don't know this + * authority.*/ /* * If we don't know *any* cert for this authority, and a download by ID @@ -1202,7 +1204,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now, int need_plus = 0; smartlist_t *fps = smartlist_new(); - smartlist_add(fps, tor_strdup("fp/")); + smartlist_add_strdup(fps, "fp/"); SMARTLIST_FOREACH_BEGIN(missing_id_digests, const char *, d) { char *fp = NULL; @@ -1242,7 +1244,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now, int need_plus = 0; smartlist_t *fp_pairs = smartlist_new(); - smartlist_add(fp_pairs, tor_strdup("fp-sk/")); + smartlist_add_strdup(fp_pairs, "fp-sk/"); SMARTLIST_FOREACH_BEGIN(missing_cert_digests, const fp_pair_t *, d) { char *fp_pair = NULL; @@ -2037,9 +2039,9 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags, !router_supports_extrainfo(node->identity, is_trusted_extrainfo)) continue; /* Don't make the same node a guard twice */ - if (for_guard && node->using_as_guard) { - continue; - } + if (for_guard && is_node_used_as_guard(node)) { + continue; + } /* Ensure that a directory guard is actually a guard node. */ if (for_guard && !node->is_possible_guard) { continue; @@ -3907,7 +3909,7 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg, router_describe(router)); *msg = "Router descriptor is not referenced by any network-status."; - /* Only journal this desc if we'll be serving it. */ + /* Only journal this desc if we want to keep old descriptors */ if (!from_cache && should_cache_old_descriptors()) signed_desc_append_to_journal(&router->cache_info, &routerlist->desc_store); @@ -4537,13 +4539,14 @@ router_load_extrainfo_from_string(const char *s, const char *eos, smartlist_free(extrainfo_list); } -/** Return true iff any networkstatus includes a descriptor whose digest - * is that of <b>desc</b>. */ +/** Return true iff the latest ns-flavored consensus includes a descriptor + * whose digest is that of <b>desc</b>. */ static int signed_desc_digest_is_recognized(signed_descriptor_t *desc) { const routerstatus_t *rs; - networkstatus_t *consensus = networkstatus_get_latest_consensus(); + networkstatus_t *consensus = networkstatus_get_latest_consensus_by_flavor( + FLAV_NS); if (consensus) { rs = networkstatus_vote_find_entry(consensus, desc->identity_digest); @@ -5166,7 +5169,7 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote, ++n_would_reject; continue; /* We would throw it out immediately. */ } - if (!directory_caches_dir_info(options) && + if (!we_want_to_fetch_flavor(options, consensus->flavor) && !client_would_use_router(rs, now, options)) { ++n_wouldnt_use; continue; /* We would never use it ourself. */ diff --git a/src/or/routerparse.c b/src/or/routerparse.c index a78d1ee53e..38ceb942a9 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -60,6 +60,7 @@ #include "circuitstats.h" #include "dirserv.h" #include "dirvote.h" +#include "parsecommon.h" #include "policies.h" #include "protover.h" #include "rendcommon.h" @@ -81,267 +82,6 @@ /****************************************************************************/ -/** Enumeration of possible token types. The ones starting with K_ correspond - * to directory 'keywords'. A_ is for an annotation, R or C is related to - * hidden services, ERR_ is an error in the tokenizing process, EOF_ is an - * end-of-file marker, and NIL_ is used to encode not-a-token. - */ -typedef enum { - K_ACCEPT = 0, - K_ACCEPT6, - K_DIRECTORY_SIGNATURE, - K_RECOMMENDED_SOFTWARE, - K_REJECT, - K_REJECT6, - K_ROUTER, - K_SIGNED_DIRECTORY, - K_SIGNING_KEY, - K_ONION_KEY, - K_ONION_KEY_NTOR, - K_ROUTER_SIGNATURE, - K_PUBLISHED, - K_RUNNING_ROUTERS, - K_ROUTER_STATUS, - K_PLATFORM, - K_PROTO, - K_OPT, - K_BANDWIDTH, - K_CONTACT, - K_NETWORK_STATUS, - K_UPTIME, - K_DIR_SIGNING_KEY, - K_FAMILY, - K_FINGERPRINT, - K_HIBERNATING, - K_READ_HISTORY, - K_WRITE_HISTORY, - K_NETWORK_STATUS_VERSION, - K_DIR_SOURCE, - K_DIR_OPTIONS, - K_CLIENT_VERSIONS, - K_SERVER_VERSIONS, - K_RECOMMENDED_CLIENT_PROTOCOLS, - K_RECOMMENDED_RELAY_PROTOCOLS, - K_REQUIRED_CLIENT_PROTOCOLS, - K_REQUIRED_RELAY_PROTOCOLS, - K_OR_ADDRESS, - K_ID, - K_P, - K_P6, - K_R, - K_A, - K_S, - K_V, - K_W, - K_M, - K_EXTRA_INFO, - K_EXTRA_INFO_DIGEST, - K_CACHES_EXTRA_INFO, - K_HIDDEN_SERVICE_DIR, - K_ALLOW_SINGLE_HOP_EXITS, - K_IPV6_POLICY, - K_ROUTER_SIG_ED25519, - K_IDENTITY_ED25519, - K_MASTER_KEY_ED25519, - K_ONION_KEY_CROSSCERT, - K_NTOR_ONION_KEY_CROSSCERT, - - K_DIRREQ_END, - K_DIRREQ_V2_IPS, - K_DIRREQ_V3_IPS, - K_DIRREQ_V2_REQS, - K_DIRREQ_V3_REQS, - K_DIRREQ_V2_SHARE, - K_DIRREQ_V3_SHARE, - K_DIRREQ_V2_RESP, - K_DIRREQ_V3_RESP, - K_DIRREQ_V2_DIR, - K_DIRREQ_V3_DIR, - K_DIRREQ_V2_TUN, - K_DIRREQ_V3_TUN, - K_ENTRY_END, - K_ENTRY_IPS, - K_CELL_END, - K_CELL_PROCESSED, - K_CELL_QUEUED, - K_CELL_TIME, - K_CELL_CIRCS, - K_EXIT_END, - K_EXIT_WRITTEN, - K_EXIT_READ, - K_EXIT_OPENED, - - K_DIR_KEY_CERTIFICATE_VERSION, - K_DIR_IDENTITY_KEY, - K_DIR_KEY_PUBLISHED, - K_DIR_KEY_EXPIRES, - K_DIR_KEY_CERTIFICATION, - K_DIR_KEY_CROSSCERT, - K_DIR_ADDRESS, - K_DIR_TUNNELLED, - - K_VOTE_STATUS, - K_VALID_AFTER, - K_FRESH_UNTIL, - K_VALID_UNTIL, - K_VOTING_DELAY, - - K_KNOWN_FLAGS, - K_PARAMS, - K_BW_WEIGHTS, - K_VOTE_DIGEST, - K_CONSENSUS_DIGEST, - K_ADDITIONAL_DIGEST, - K_ADDITIONAL_SIGNATURE, - K_CONSENSUS_METHODS, - K_CONSENSUS_METHOD, - K_LEGACY_DIR_KEY, - K_DIRECTORY_FOOTER, - K_SIGNING_CERT_ED, - K_SR_FLAG, - K_COMMIT, - K_PREVIOUS_SRV, - K_CURRENT_SRV, - K_PACKAGE, - - A_PURPOSE, - A_LAST_LISTED, - A_UNKNOWN_, - - R_RENDEZVOUS_SERVICE_DESCRIPTOR, - R_VERSION, - R_PERMANENT_KEY, - R_SECRET_ID_PART, - R_PUBLICATION_TIME, - R_PROTOCOL_VERSIONS, - R_INTRODUCTION_POINTS, - R_SIGNATURE, - - R_IPO_IDENTIFIER, - R_IPO_IP_ADDRESS, - R_IPO_ONION_PORT, - R_IPO_ONION_KEY, - R_IPO_SERVICE_KEY, - - C_CLIENT_NAME, - C_DESCRIPTOR_COOKIE, - C_CLIENT_KEY, - - ERR_, - EOF_, - NIL_ -} directory_keyword; - -#define MIN_ANNOTATION A_PURPOSE -#define MAX_ANNOTATION A_UNKNOWN_ - -/** Structure to hold a single directory token. - * - * We parse a directory by breaking it into "tokens", each consisting - * of a keyword, a line full of arguments, and a binary object. The - * arguments and object are both optional, depending on the keyword - * type. - * - * This structure is only allocated in memareas; do not allocate it on - * the heap, or token_clear() won't work. - */ -typedef struct directory_token_t { - directory_keyword tp; /**< Type of the token. */ - int n_args:30; /**< Number of elements in args */ - char **args; /**< Array of arguments from keyword line. */ - - char *object_type; /**< -----BEGIN [object_type]-----*/ - size_t object_size; /**< Bytes in object_body */ - char *object_body; /**< Contents of object, base64-decoded. */ - - crypto_pk_t *key; /**< For public keys only. Heap-allocated. */ - - char *error; /**< For ERR_ tokens only. */ -} directory_token_t; - -/* ********************************************************************** */ - -/** We use a table of rules to decide how to parse each token type. */ - -/** Rules for whether the keyword needs an object. */ -typedef enum { - NO_OBJ, /**< No object, ever. */ - NEED_OBJ, /**< Object is required. */ - NEED_SKEY_1024,/**< Object is required, and must be a 1024 bit private key */ - NEED_KEY_1024, /**< Object is required, and must be a 1024 bit public key */ - NEED_KEY, /**< Object is required, and must be a public key. */ - OBJ_OK, /**< Object is optional. */ -} obj_syntax; - -#define AT_START 1 -#define AT_END 2 - -/** Determines the parsing rules for a single token type. */ -typedef struct token_rule_t { - /** The string value of the keyword identifying the type of item. */ - const char *t; - /** The corresponding directory_keyword enum. */ - directory_keyword v; - /** Minimum number of arguments for this item */ - int min_args; - /** Maximum number of arguments for this item */ - int max_args; - /** If true, we concatenate all arguments for this item into a single - * string. */ - int concat_args; - /** Requirements on object syntax for this item. */ - obj_syntax os; - /** Lowest number of times this item may appear in a document. */ - int min_cnt; - /** Highest number of times this item may appear in a document. */ - int max_cnt; - /** One or more of AT_START/AT_END to limit where the item may appear in a - * document. */ - int pos; - /** True iff this token is an annotation. */ - int is_annotation; -} token_rule_t; - -/** - * @name macros for defining token rules - * - * Helper macros to define token tables. 's' is a string, 't' is a - * directory_keyword, 'a' is a trio of argument multiplicities, and 'o' is an - * object syntax. - */ -/**@{*/ - -/** Appears to indicate the end of a table. */ -#define END_OF_TABLE { NULL, NIL_, 0,0,0, NO_OBJ, 0, INT_MAX, 0, 0 } -/** An item with no restrictions: used for obsolete document types */ -#define T(s,t,a,o) { s, t, a, o, 0, INT_MAX, 0, 0 } -/** An item with no restrictions on multiplicity or location. */ -#define T0N(s,t,a,o) { s, t, a, o, 0, INT_MAX, 0, 0 } -/** An item that must appear exactly once */ -#define T1(s,t,a,o) { s, t, a, o, 1, 1, 0, 0 } -/** An item that must appear exactly once, at the start of the document */ -#define T1_START(s,t,a,o) { s, t, a, o, 1, 1, AT_START, 0 } -/** An item that must appear exactly once, at the end of the document */ -#define T1_END(s,t,a,o) { s, t, a, o, 1, 1, AT_END, 0 } -/** An item that must appear one or more times */ -#define T1N(s,t,a,o) { s, t, a, o, 1, INT_MAX, 0, 0 } -/** An item that must appear no more than once */ -#define T01(s,t,a,o) { s, t, a, o, 0, 1, 0, 0 } -/** An annotation that must appear no more than once */ -#define A01(s,t,a,o) { s, t, a, o, 0, 1, 0, 1 } - -/** Argument multiplicity: any number of arguments. */ -#define ARGS 0,INT_MAX,0 -/** Argument multiplicity: no arguments. */ -#define NO_ARGS 0,0,0 -/** Argument multiplicity: concatenate all arguments. */ -#define CONCAT_ARGS 1,1,1 -/** Argument multiplicity: at least <b>n</b> arguments. */ -#define GE(n) n,INT_MAX,0 -/** Argument multiplicity: exactly <b>n</b> arguments. */ -#define EQ(n) n,n,0 -/**@}*/ - /** List of tokens recognized in router descriptors */ static token_rule_t routerdesc_token_table[] = { T0N("reject", K_REJECT, ARGS, NO_OBJ ), @@ -628,28 +368,8 @@ static int router_get_hashes_impl(const char *s, size_t s_len, common_digests_t *digests, const char *start_str, const char *end_str, char end_char); -static void token_clear(directory_token_t *tok); -static smartlist_t *find_all_by_keyword(smartlist_t *s, directory_keyword k); static smartlist_t *find_all_exitpolicy(smartlist_t *s); -static directory_token_t *find_by_keyword_(smartlist_t *s, - directory_keyword keyword, - const char *keyword_str); -#define find_by_keyword(s, keyword) find_by_keyword_((s), (keyword), #keyword) -static directory_token_t *find_opt_by_keyword(smartlist_t *s, - directory_keyword keyword); - -#define TS_ANNOTATIONS_OK 1 -#define TS_NOCHECK 2 -#define TS_NO_NEW_ANNOTATIONS 4 -static int tokenize_string(memarea_t *area, - const char *start, const char *end, - smartlist_t *out, - token_rule_t *table, - int flags); -static directory_token_t *get_next_token(memarea_t *area, - const char **s, - const char *eos, - token_rule_t *table); + #define CST_CHECK_AUTHORITY (1<<0) #define CST_NO_CHECK_OBJTYPE (1<<1) static int check_signature_token(const char *digest, @@ -995,7 +715,7 @@ dump_desc_populate_one_file, (const char *dirname, const char *f)) * filename. */ if (crypto_digest256((char *)content_digest, desc, (size_t) st.st_size, - DIGEST_SHA256) != 0) { + DIGEST_SHA256) < 0) { /* Weird, but okay */ log_info(LD_DIR, "Unable to hash content of %s from unparseable descriptors " @@ -1159,7 +879,7 @@ dump_desc(const char *desc, const char *type) /* Get the hash for logging purposes anyway */ len = strlen(desc); if (crypto_digest256((char *)digest_sha256, desc, len, - DIGEST_SHA256) != 0) { + DIGEST_SHA256) < 0) { log_info(LD_DIR, "Unable to parse descriptor of type %s, and unable to even hash" " it!", type); @@ -2100,12 +1820,13 @@ router_parse_entry_from_string(const char *s, const char *end, ed25519_checkable_t check[3]; int check_ok[3]; - if (tor_cert_get_checkable_sig(&check[0], cert, NULL) < 0) { + time_t expires = TIME_MAX; + if (tor_cert_get_checkable_sig(&check[0], cert, NULL, &expires) < 0) { log_err(LD_BUG, "Couldn't create 'checkable' for cert."); goto err; } if (tor_cert_get_checkable_sig(&check[1], - ntor_cc_cert, &ntor_cc_pk) < 0) { + ntor_cc_cert, &ntor_cc_pk, &expires) < 0) { log_err(LD_BUG, "Couldn't create 'checkable' for ntor_cc_cert."); goto err; } @@ -2135,10 +1856,7 @@ router_parse_entry_from_string(const char *s, const char *end, } /* We check this before adding it to the routerlist. */ - if (cert->valid_until < ntor_cc_cert->valid_until) - router->cert_expiration_time = cert->valid_until; - else - router->cert_expiration_time = ntor_cc_cert->valid_until; + router->cert_expiration_time = expires; } } @@ -2220,7 +1938,7 @@ router_parse_entry_from_string(const char *s, const char *end, escaped(tok->args[i])); goto err; } - smartlist_add(router->declared_family, tor_strdup(tok->args[i])); + smartlist_add_strdup(router->declared_family, tok->args[i]); } } @@ -2452,7 +2170,7 @@ extrainfo_parse_entry_from_string(const char *s, const char *end, ed25519_checkable_t check[2]; int check_ok[2]; - if (tor_cert_get_checkable_sig(&check[0], cert, NULL) < 0) { + if (tor_cert_get_checkable_sig(&check[0], cert, NULL, NULL) < 0) { log_err(LD_BUG, "Couldn't create 'checkable' for cert."); goto err; } @@ -2964,6 +2682,8 @@ routerstatus_parse_entry_from_string(memarea_t *area, rs->protocols_known = 1; rs->supports_extend2_cells = protocol_list_supports_protocol(tok->args[0], PRT_RELAY, 2); + rs->supports_ed25519_link_handshake = + protocol_list_supports_protocol(tok->args[0], PRT_LINKAUTH, 3); } if ((tok = find_opt_by_keyword(tokens, K_V))) { tor_assert(tok->n_args == 1); @@ -3723,9 +3443,9 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, tok = find_opt_by_keyword(tokens, K_CONSENSUS_METHODS); if (tok) { for (i=0; i < tok->n_args; ++i) - smartlist_add(ns->supported_methods, tor_strdup(tok->args[i])); + smartlist_add_strdup(ns->supported_methods, tok->args[i]); } else { - smartlist_add(ns->supported_methods, tor_strdup("1")); + smartlist_add_strdup(ns->supported_methods, "1"); } } else { tok = find_opt_by_keyword(tokens, K_CONSENSUS_METHOD); @@ -3807,7 +3527,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, ns->package_lines = smartlist_new(); if (package_lst) { SMARTLIST_FOREACH(package_lst, directory_token_t *, t, - smartlist_add(ns->package_lines, tor_strdup(t->args[0]))); + smartlist_add_strdup(ns->package_lines, t->args[0])); } smartlist_free(package_lst); } @@ -3816,7 +3536,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, ns->known_flags = smartlist_new(); inorder = 1; for (i = 0; i < tok->n_args; ++i) { - smartlist_add(ns->known_flags, tor_strdup(tok->args[i])); + smartlist_add_strdup(ns->known_flags, tok->args[i]); if (i>0 && strcmp(tok->args[i-1], tok->args[i])>= 0) { log_warn(LD_DIR, "%s >= %s", tok->args[i-1], tok->args[i]); inorder = 0; @@ -3868,7 +3588,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, } tor_free(last_kwd); last_kwd = tor_strndup(tok->args[i], eq_pos); - smartlist_add(ns->net_params, tor_strdup(tok->args[i])); + smartlist_add_strdup(ns->net_params, tok->args[i]); } if (!inorder) { log_warn(LD_DIR, "params not in order"); @@ -4111,7 +3831,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, log_warn(LD_DIR, "Bad element '%s' in params", escaped(tok->args[i])); goto err; } - smartlist_add(ns->weight_params, tor_strdup(tok->args[i])); + smartlist_add_strdup(ns->weight_params, tok->args[i]); } } @@ -4740,445 +4460,6 @@ assert_addr_policy_ok(smartlist_t *lst) }); } -/* - * Low-level tokenizer for router descriptors and directories. - */ - -/** Free all resources allocated for <b>tok</b> */ -static void -token_clear(directory_token_t *tok) -{ - if (tok->key) - crypto_pk_free(tok->key); -} - -#define ALLOC_ZERO(sz) memarea_alloc_zero(area,sz) -#define ALLOC(sz) memarea_alloc(area,sz) -#define STRDUP(str) memarea_strdup(area,str) -#define STRNDUP(str,n) memarea_strndup(area,(str),(n)) - -#define RET_ERR(msg) \ - STMT_BEGIN \ - if (tok) token_clear(tok); \ - tok = ALLOC_ZERO(sizeof(directory_token_t)); \ - tok->tp = ERR_; \ - tok->error = STRDUP(msg); \ - goto done_tokenizing; \ - STMT_END - -/** Helper: make sure that the token <b>tok</b> with keyword <b>kwd</b> obeys - * the object syntax of <b>o_syn</b>. Allocate all storage in <b>area</b>. - * Return <b>tok</b> on success, or a new ERR_ token if the token didn't - * conform to the syntax we wanted. - **/ -static inline directory_token_t * -token_check_object(memarea_t *area, const char *kwd, - directory_token_t *tok, obj_syntax o_syn) -{ - char ebuf[128]; - switch (o_syn) { - case NO_OBJ: - /* No object is allowed for this token. */ - if (tok->object_body) { - tor_snprintf(ebuf, sizeof(ebuf), "Unexpected object for %s", kwd); - RET_ERR(ebuf); - } - if (tok->key) { - tor_snprintf(ebuf, sizeof(ebuf), "Unexpected public key for %s", kwd); - RET_ERR(ebuf); - } - break; - case NEED_OBJ: - /* There must be a (non-key) object. */ - if (!tok->object_body) { - tor_snprintf(ebuf, sizeof(ebuf), "Missing object for %s", kwd); - RET_ERR(ebuf); - } - break; - case NEED_KEY_1024: /* There must be a 1024-bit public key. */ - case NEED_SKEY_1024: /* There must be a 1024-bit private key. */ - if (tok->key && crypto_pk_num_bits(tok->key) != PK_BYTES*8) { - tor_snprintf(ebuf, sizeof(ebuf), "Wrong size on key for %s: %d bits", - kwd, crypto_pk_num_bits(tok->key)); - RET_ERR(ebuf); - } - /* fall through */ - case NEED_KEY: /* There must be some kind of key. */ - if (!tok->key) { - tor_snprintf(ebuf, sizeof(ebuf), "Missing public key for %s", kwd); - RET_ERR(ebuf); - } - if (o_syn != NEED_SKEY_1024) { - if (crypto_pk_key_is_private(tok->key)) { - tor_snprintf(ebuf, sizeof(ebuf), - "Private key given for %s, which wants a public key", kwd); - RET_ERR(ebuf); - } - } else { /* o_syn == NEED_SKEY_1024 */ - if (!crypto_pk_key_is_private(tok->key)) { - tor_snprintf(ebuf, sizeof(ebuf), - "Public key given for %s, which wants a private key", kwd); - RET_ERR(ebuf); - } - } - break; - case OBJ_OK: - /* Anything goes with this token. */ - break; - } - - done_tokenizing: - return tok; -} - -/** Helper: parse space-separated arguments from the string <b>s</b> ending at - * <b>eol</b>, and store them in the args field of <b>tok</b>. Store the - * number of parsed elements into the n_args field of <b>tok</b>. Allocate - * all storage in <b>area</b>. Return the number of arguments parsed, or - * return -1 if there was an insanely high number of arguments. */ -static inline int -get_token_arguments(memarea_t *area, directory_token_t *tok, - const char *s, const char *eol) -{ -/** Largest number of arguments we'll accept to any token, ever. */ -#define MAX_ARGS 512 - char *mem = memarea_strndup(area, s, eol-s); - char *cp = mem; - int j = 0; - char *args[MAX_ARGS]; - while (*cp) { - if (j == MAX_ARGS) - return -1; - args[j++] = cp; - cp = (char*)find_whitespace(cp); - if (!cp || !*cp) - break; /* End of the line. */ - *cp++ = '\0'; - cp = (char*)eat_whitespace(cp); - } - tok->n_args = j; - tok->args = memarea_memdup(area, args, j*sizeof(char*)); - return j; -#undef MAX_ARGS -} - -/** Helper function: read the next token from *s, advance *s to the end of the - * token, and return the parsed token. Parse *<b>s</b> according to the list - * of tokens in <b>table</b>. - */ -static directory_token_t * -get_next_token(memarea_t *area, - const char **s, const char *eos, token_rule_t *table) -{ - /** Reject any object at least this big; it is probably an overflow, an - * attack, a bug, or some other nonsense. */ -#define MAX_UNPARSED_OBJECT_SIZE (128*1024) - /** Reject any line at least this big; it is probably an overflow, an - * attack, a bug, or some other nonsense. */ -#define MAX_LINE_LENGTH (128*1024) - - const char *next, *eol, *obstart; - size_t obname_len; - int i; - directory_token_t *tok; - obj_syntax o_syn = NO_OBJ; - char ebuf[128]; - const char *kwd = ""; - - tor_assert(area); - tok = ALLOC_ZERO(sizeof(directory_token_t)); - tok->tp = ERR_; - - /* Set *s to first token, eol to end-of-line, next to after first token */ - *s = eat_whitespace_eos(*s, eos); /* eat multi-line whitespace */ - tor_assert(eos >= *s); - eol = memchr(*s, '\n', eos-*s); - if (!eol) - eol = eos; - if (eol - *s > MAX_LINE_LENGTH) { - RET_ERR("Line far too long"); - } - - next = find_whitespace_eos(*s, eol); - - if (!strcmp_len(*s, "opt", next-*s)) { - /* Skip past an "opt" at the start of the line. */ - *s = eat_whitespace_eos_no_nl(next, eol); - next = find_whitespace_eos(*s, eol); - } else if (*s == eos) { /* If no "opt", and end-of-line, line is invalid */ - RET_ERR("Unexpected EOF"); - } - - /* Search the table for the appropriate entry. (I tried a binary search - * instead, but it wasn't any faster.) */ - for (i = 0; table[i].t ; ++i) { - if (!strcmp_len(*s, table[i].t, next-*s)) { - /* We've found the keyword. */ - kwd = table[i].t; - tok->tp = table[i].v; - o_syn = table[i].os; - *s = eat_whitespace_eos_no_nl(next, eol); - /* We go ahead whether there are arguments or not, so that tok->args is - * always set if we want arguments. */ - if (table[i].concat_args) { - /* The keyword takes the line as a single argument */ - tok->args = ALLOC(sizeof(char*)); - tok->args[0] = STRNDUP(*s,eol-*s); /* Grab everything on line */ - tok->n_args = 1; - } else { - /* This keyword takes multiple arguments. */ - if (get_token_arguments(area, tok, *s, eol)<0) { - tor_snprintf(ebuf, sizeof(ebuf),"Far too many arguments to %s", kwd); - RET_ERR(ebuf); - } - *s = eol; - } - if (tok->n_args < table[i].min_args) { - tor_snprintf(ebuf, sizeof(ebuf), "Too few arguments to %s", kwd); - RET_ERR(ebuf); - } else if (tok->n_args > table[i].max_args) { - tor_snprintf(ebuf, sizeof(ebuf), "Too many arguments to %s", kwd); - RET_ERR(ebuf); - } - break; - } - } - - if (tok->tp == ERR_) { - /* No keyword matched; call it an "K_opt" or "A_unrecognized" */ - if (**s == '@') - tok->tp = A_UNKNOWN_; - else - tok->tp = K_OPT; - tok->args = ALLOC(sizeof(char*)); - tok->args[0] = STRNDUP(*s, eol-*s); - tok->n_args = 1; - o_syn = OBJ_OK; - } - - /* Check whether there's an object present */ - *s = eat_whitespace_eos(eol, eos); /* Scan from end of first line */ - tor_assert(eos >= *s); - eol = memchr(*s, '\n', eos-*s); - if (!eol || eol-*s<11 || strcmpstart(*s, "-----BEGIN ")) /* No object. */ - goto check_object; - - obstart = *s; /* Set obstart to start of object spec */ - if (*s+16 >= eol || memchr(*s+11,'\0',eol-*s-16) || /* no short lines, */ - strcmp_len(eol-5, "-----", 5) || /* nuls or invalid endings */ - (eol-*s) > MAX_UNPARSED_OBJECT_SIZE) { /* name too long */ - RET_ERR("Malformed object: bad begin line"); - } - tok->object_type = STRNDUP(*s+11, eol-*s-16); - obname_len = eol-*s-16; /* store objname length here to avoid a strlen() */ - *s = eol+1; /* Set *s to possible start of object data (could be eos) */ - - /* Go to the end of the object */ - next = tor_memstr(*s, eos-*s, "-----END "); - if (!next) { - RET_ERR("Malformed object: missing object end line"); - } - tor_assert(eos >= next); - eol = memchr(next, '\n', eos-next); - if (!eol) /* end-of-line marker, or eos if there's no '\n' */ - eol = eos; - /* Validate the ending tag, which should be 9 + NAME + 5 + eol */ - if ((size_t)(eol-next) != 9+obname_len+5 || - strcmp_len(next+9, tok->object_type, obname_len) || - strcmp_len(eol-5, "-----", 5)) { - tor_snprintf(ebuf, sizeof(ebuf), "Malformed object: mismatched end tag %s", - tok->object_type); - ebuf[sizeof(ebuf)-1] = '\0'; - RET_ERR(ebuf); - } - if (next - *s > MAX_UNPARSED_OBJECT_SIZE) - RET_ERR("Couldn't parse object: missing footer or object much too big."); - - if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */ - tok->key = crypto_pk_new(); - if (crypto_pk_read_public_key_from_string(tok->key, obstart, eol-obstart)) - RET_ERR("Couldn't parse public key."); - } else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */ - tok->key = crypto_pk_new(); - if (crypto_pk_read_private_key_from_string(tok->key, obstart, eol-obstart)) - RET_ERR("Couldn't parse private key."); - } else { /* If it's something else, try to base64-decode it */ - int r; - tok->object_body = ALLOC(next-*s); /* really, this is too much RAM. */ - r = base64_decode(tok->object_body, next-*s, *s, next-*s); - if (r<0) - RET_ERR("Malformed object: bad base64-encoded data"); - tok->object_size = r; - } - *s = eol; - - check_object: - tok = token_check_object(area, kwd, tok, o_syn); - - done_tokenizing: - return tok; - -#undef RET_ERR -#undef ALLOC -#undef ALLOC_ZERO -#undef STRDUP -#undef STRNDUP -} - -/** Read all tokens from a string between <b>start</b> and <b>end</b>, and add - * them to <b>out</b>. Parse according to the token rules in <b>table</b>. - * Caller must free tokens in <b>out</b>. If <b>end</b> is NULL, use the - * entire string. - */ -static int -tokenize_string(memarea_t *area, - const char *start, const char *end, smartlist_t *out, - token_rule_t *table, int flags) -{ - const char **s; - directory_token_t *tok = NULL; - int counts[NIL_]; - int i; - int first_nonannotation; - int prev_len = smartlist_len(out); - tor_assert(area); - - s = &start; - if (!end) { - end = start+strlen(start); - } else { - /* it's only meaningful to check for nuls if we got an end-of-string ptr */ - if (memchr(start, '\0', end-start)) { - log_warn(LD_DIR, "parse error: internal NUL character."); - return -1; - } - } - for (i = 0; i < NIL_; ++i) - counts[i] = 0; - - SMARTLIST_FOREACH(out, const directory_token_t *, t, ++counts[t->tp]); - - while (*s < end && (!tok || tok->tp != EOF_)) { - tok = get_next_token(area, s, end, table); - if (tok->tp == ERR_) { - log_warn(LD_DIR, "parse error: %s", tok->error); - token_clear(tok); - return -1; - } - ++counts[tok->tp]; - smartlist_add(out, tok); - *s = eat_whitespace_eos(*s, end); - } - - if (flags & TS_NOCHECK) - return 0; - - if ((flags & TS_ANNOTATIONS_OK)) { - first_nonannotation = -1; - for (i = 0; i < smartlist_len(out); ++i) { - tok = smartlist_get(out, i); - if (tok->tp < MIN_ANNOTATION || tok->tp > MAX_ANNOTATION) { - first_nonannotation = i; - break; - } - } - if (first_nonannotation < 0) { - log_warn(LD_DIR, "parse error: item contains only annotations"); - return -1; - } - for (i=first_nonannotation; i < smartlist_len(out); ++i) { - tok = smartlist_get(out, i); - if (tok->tp >= MIN_ANNOTATION && tok->tp <= MAX_ANNOTATION) { - log_warn(LD_DIR, "parse error: Annotations mixed with keywords"); - return -1; - } - } - if ((flags & TS_NO_NEW_ANNOTATIONS)) { - if (first_nonannotation != prev_len) { - log_warn(LD_DIR, "parse error: Unexpected annotations."); - return -1; - } - } - } else { - for (i=0; i < smartlist_len(out); ++i) { - tok = smartlist_get(out, i); - if (tok->tp >= MIN_ANNOTATION && tok->tp <= MAX_ANNOTATION) { - log_warn(LD_DIR, "parse error: no annotations allowed."); - return -1; - } - } - first_nonannotation = 0; - } - for (i = 0; table[i].t; ++i) { - if (counts[table[i].v] < table[i].min_cnt) { - log_warn(LD_DIR, "Parse error: missing %s element.", table[i].t); - return -1; - } - if (counts[table[i].v] > table[i].max_cnt) { - log_warn(LD_DIR, "Parse error: too many %s elements.", table[i].t); - return -1; - } - if (table[i].pos & AT_START) { - if (smartlist_len(out) < 1 || - (tok = smartlist_get(out, first_nonannotation))->tp != table[i].v) { - log_warn(LD_DIR, "Parse error: first item is not %s.", table[i].t); - return -1; - } - } - if (table[i].pos & AT_END) { - if (smartlist_len(out) < 1 || - (tok = smartlist_get(out, smartlist_len(out)-1))->tp != table[i].v) { - log_warn(LD_DIR, "Parse error: last item is not %s.", table[i].t); - return -1; - } - } - } - return 0; -} - -/** Find the first token in <b>s</b> whose keyword is <b>keyword</b>; return - * NULL if no such keyword is found. - */ -static directory_token_t * -find_opt_by_keyword(smartlist_t *s, directory_keyword keyword) -{ - SMARTLIST_FOREACH(s, directory_token_t *, t, if (t->tp == keyword) return t); - return NULL; -} - -/** Find the first token in <b>s</b> whose keyword is <b>keyword</b>; fail - * with an assert if no such keyword is found. - */ -static directory_token_t * -find_by_keyword_(smartlist_t *s, directory_keyword keyword, - const char *keyword_as_string) -{ - directory_token_t *tok = find_opt_by_keyword(s, keyword); - if (PREDICT_UNLIKELY(!tok)) { - log_err(LD_BUG, "Missing %s [%d] in directory object that should have " - "been validated. Internal error.", keyword_as_string, (int)keyword); - tor_assert(tok); - } - return tok; -} - -/** If there are any directory_token_t entries in <b>s</b> whose keyword is - * <b>k</b>, return a newly allocated smartlist_t containing all such entries, - * in the same order in which they occur in <b>s</b>. Otherwise return - * NULL. */ -static smartlist_t * -find_all_by_keyword(smartlist_t *s, directory_keyword k) -{ - smartlist_t *out = NULL; - SMARTLIST_FOREACH(s, directory_token_t *, t, - if (t->tp == k) { - if (!out) - out = smartlist_new(); - smartlist_add(out, t); - }); - return out; -} - /** Return a newly allocated smartlist of all accept or reject tokens in * <b>s</b>. */ @@ -5255,12 +4536,12 @@ router_get_hash_impl(const char *s, size_t s_len, char *digest, return -1; if (alg == DIGEST_SHA1) { - if (crypto_digest(digest, start, end-start)) { + if (crypto_digest(digest, start, end-start) < 0) { log_warn(LD_BUG,"couldn't compute digest"); return -1; } } else { - if (crypto_digest256(digest, start, end-start, alg)) { + if (crypto_digest256(digest, start, end-start, alg) < 0) { log_warn(LD_BUG,"couldn't compute digest"); return -1; } @@ -5476,7 +4757,7 @@ microdescs_parse_from_string(const char *s, const char *eos, escaped(tok->args[i])); goto next; } - smartlist_add(md->family, tor_strdup(tok->args[i])); + smartlist_add_strdup(md->family, tok->args[i]); } } diff --git a/src/or/routerset.c b/src/or/routerset.c index 58b66ea777..4182dbc5c4 100644 --- a/src/or/routerset.c +++ b/src/or/routerset.c @@ -262,12 +262,12 @@ routerset_add_unknown_ccs(routerset_t **setp, int only_if_some_cc_set) geoip_get_country("A1") >= 0; if (add_unknown) { - smartlist_add(set->country_names, tor_strdup("??")); - smartlist_add(set->list, tor_strdup("{??}")); + smartlist_add_strdup(set->country_names, "??"); + smartlist_add_strdup(set->list, "{??}"); } if (add_a1) { - smartlist_add(set->country_names, tor_strdup("a1")); - smartlist_add(set->list, tor_strdup("{a1}")); + smartlist_add_strdup(set->country_names, "a1"); + smartlist_add_strdup(set->list, "{a1}"); } if (add_unknown || add_a1) { diff --git a/src/or/scheduler.c b/src/or/scheduler.c index 49ac1b939a..033e6d119c 100644 --- a/src/or/scheduler.c +++ b/src/or/scheduler.c @@ -1,11 +1,6 @@ /* * Copyright (c) 2013-2016, The Tor Project, Inc. */ /* See LICENSE for licensing information */ -/** - * \file scheduler.c - * \brief Relay scheduling system - **/ - #include "or.h" #define TOR_CHANNEL_INTERNAL_ /* For channel_flush_some_cells() */ @@ -32,66 +27,102 @@ static uint32_t sched_q_high_water = 32768; static uint32_t sched_max_flush_cells = 16; -/* - * Write scheduling works by keeping track of which channels can +/** + * \file scheduler.c + * \brief Channel scheduling system: decides which channels should send and + * receive when. + * + * This module implements a scheduler algorithm, to decide + * which channels should send/receive when. + * + * The earliest versions of Tor approximated a kind of round-robin system + * among active connections, but only approximated it. + * + * Now, write scheduling works by keeping track of which channels can * accept cells, and have cells to write. From the scheduler's perspective, * a channel can be in four possible states: * - * 1.) Not open for writes, no cells to send - * - Not much to do here, and the channel will have scheduler_state == - * SCHED_CHAN_IDLE - * - Transitions from: - * - Open for writes/has cells by simultaneously draining all circuit + * <ol> + * <li> + * Not open for writes, no cells to send. + * <ul><li> Not much to do here, and the channel will have scheduler_state + * == SCHED_CHAN_IDLE + * <li> Transitions from: + * <ul> + * <li>Open for writes/has cells by simultaneously draining all circuit * queues and filling the output buffer. - * - Transitions to: - * - Not open for writes/has cells by arrival of cells on an attached + * </ul> + * <li> Transitions to: + * <ul> + * <li> Not open for writes/has cells by arrival of cells on an attached * circuit (this would be driven from append_cell_to_circuit_queue()) - * - Open for writes/no cells by a channel type specific path; + * <li> Open for writes/no cells by a channel type specific path; * driven from connection_or_flushed_some() for channel_tls_t. + * </ul> + * </ul> * - * 2.) Open for writes, no cells to send - * - Not much here either; this will be the state an idle but open channel - * can be expected to settle in. It will have scheduler_state == - * SCHED_CHAN_WAITING_FOR_CELLS - * - Transitions from: - * - Not open for writes/no cells by flushing some of the output + * <li> Open for writes, no cells to send + * <ul> + * <li>Not much here either; this will be the state an idle but open + * channel can be expected to settle in. It will have scheduler_state + * == SCHED_CHAN_WAITING_FOR_CELLS + * <li> Transitions from: + * <ul> + * <li>Not open for writes/no cells by flushing some of the output * buffer. - * - Open for writes/has cells by the scheduler moving cells from + * <li>Open for writes/has cells by the scheduler moving cells from * circuit queues to channel output queue, but not having enough * to fill the output queue. - * - Transitions to: - * - Open for writes/has cells by arrival of new cells on an attached + * </ul> + * <li> Transitions to: + * <ul> + * <li>Open for writes/has cells by arrival of new cells on an attached * circuit, in append_cell_to_circuit_queue() + * </ul> + * </ul> * - * 3.) Not open for writes, cells to send - * - This is the state of a busy circuit limited by output bandwidth; + * <li>Not open for writes, cells to send + * <ul> + * <li>This is the state of a busy circuit limited by output bandwidth; * cells have piled up in the circuit queues waiting to be relayed. * The channel will have scheduler_state == SCHED_CHAN_WAITING_TO_WRITE. - * - Transitions from: - * - Not open for writes/no cells by arrival of cells on an attached + * <li> Transitions from: + * <ul> + * <li>Not open for writes/no cells by arrival of cells on an attached * circuit - * - Open for writes/has cells by filling an output buffer without + * <li> Open for writes/has cells by filling an output buffer without * draining all cells from attached circuits - * - Transitions to: - * - Opens for writes/has cells by draining some of the output buffer + * </ul> + * <li> Transitions to: + * <ul> + * <li>Opens for writes/has cells by draining some of the output buffer * via the connection_or_flushed_some() path (for channel_tls_t). + * </ul> + * </ul> * - * 4.) Open for writes, cells to send - * - This connection is ready to relay some cells and waiting for + * <li>Open for writes, cells to send + * <ul> + * <li>This connection is ready to relay some cells and waiting for * the scheduler to choose it. The channel will have scheduler_state == * SCHED_CHAN_PENDING. - * - Transitions from: - * - Not open for writes/has cells by the connection_or_flushed_some() + * <li>Transitions from: + * <ul> + * <li> Not open for writes/has cells by the connection_or_flushed_some() * path - * - Open for writes/no cells by the append_cell_to_circuit_queue() + * <li> Open for writes/no cells by the append_cell_to_circuit_queue() * path - * - Transitions to: - * - Not open for writes/no cells by draining all circuit queues and - * simultaneously filling the output buffer. - * - Not open for writes/has cells by writing enough cells to fill the + * </ul> + * <li> Transitions to: + * <ul> + * <li>Not open for writes/no cells by draining all circuit queues and + * simultaneously filling the output buffer. + * <li>Not open for writes/has cells by writing enough cells to fill the * output buffer - * - Open for writes/no cells by draining all attached circuit queues + * <li>Open for writes/no cells by draining all attached circuit queues * without also filling the output buffer + * </ul> + * </ul> + * </ol> * * Other event-driven parts of the code move channels between these scheduling * states by calling scheduler functions; the scheduler only runs on open-for- diff --git a/src/or/shared_random.c b/src/or/shared_random.c index 5f6b03f1ba..0eb93382ca 100644 --- a/src/or/shared_random.c +++ b/src/or/shared_random.c @@ -192,7 +192,7 @@ verify_commit_and_reveal(const sr_commit_t *commit) /* Use the invariant length since the encoded reveal variable has an * extra byte for the NUL terminated byte. */ if (crypto_digest256(received_hashed_reveal, commit->encoded_reveal, - SR_REVEAL_BASE64_LEN, commit->alg)) { + SR_REVEAL_BASE64_LEN, commit->alg) < 0) { /* Unable to digest the reveal blob, this is unlikely. */ goto invalid; } @@ -932,7 +932,7 @@ sr_generate_our_commit(time_t timestamp, const authority_cert_t *my_rsa_cert) /* The invariant length is used here since the encoded reveal variable * has an extra byte added for the NULL terminated byte. */ if (crypto_digest256(commit->hashed_reveal, commit->encoded_reveal, - SR_REVEAL_BASE64_LEN, commit->alg)) { + SR_REVEAL_BASE64_LEN, commit->alg) < 0) { goto error; } @@ -1012,7 +1012,7 @@ sr_compute_srv(void) SMARTLIST_FOREACH(chunks, char *, s, tor_free(s)); smartlist_free(chunks); if (crypto_digest256(hashed_reveals, reveals, strlen(reveals), - SR_DIGEST_ALG)) { + SR_DIGEST_ALG) < 0) { goto end; } current_srv = generate_srv(hashed_reveals, reveal_num, diff --git a/src/or/torcert.c b/src/or/torcert.c index a6a33c675a..c58f3da2d3 100644 --- a/src/or/torcert.c +++ b/src/or/torcert.c @@ -6,8 +6,27 @@ * * \brief Implementation for ed25519-signed certificates as used in the Tor * protocol. + * + * This certificate format is designed to be simple and compact; it's + * documented in tor-spec.txt in the torspec.git repository. All of the + * certificates in this format are signed with an Ed25519 key; the + * contents themselves may be another Ed25519 key, a digest of a + * RSA key, or some other material. + * + * In this module there is also support for a crooss-certification of + * Ed25519 identities using (older) RSA1024 identities. + * + * Tor uses other types of certificate too, beyond those described in this + * module. Notably, our use of TLS requires us to touch X.509 certificates, + * even though sensible people would stay away from those. Our X.509 + * certificates are represented with tor_x509_cert_t, and implemented in + * tortls.c. We also have a separate certificate type that authorities + * use to authenticate their RSA signing keys with their RSA identity keys: + * that one is authority_cert_t, and it's mostly handled in routerlist.c. */ +#include "or.h" +#include "config.h" #include "crypto.h" #include "torcert.h" #include "ed25519_cert.h" @@ -137,7 +156,12 @@ tor_cert_parse(const uint8_t *encoded, const size_t len) cert->encoded_len = len; memcpy(cert->signed_key.pubkey, parsed->certified_key, 32); - cert->valid_until = parsed->exp_field * 3600; + int64_t valid_until_64 = ((int64_t)parsed->exp_field) * 3600; +#if SIZEOF_TIME_T < SIZEOF_INT64_T + if (valid_until_64 > TIME_MAX) + valid_until_64 = TIME_MAX - 1; +#endif + cert->valid_until = (time_t) valid_until_64; cert->cert_type = parsed->cert_type; for (unsigned i = 0; i < ed25519_cert_getlen_ext(parsed); ++i) { @@ -164,11 +188,17 @@ tor_cert_parse(const uint8_t *encoded, const size_t len) } /** Fill in <b>checkable_out</b> with the information needed to check - * the signature on <b>cert</b> with <b>pubkey</b>. */ + * the signature on <b>cert</b> with <b>pubkey</b>. + * + * On success, if <b>expiration_out</b> is provided, and it is some time + * _after_ the expiration time of this certificate, set it to the + * expiration time of this certificate. + */ int tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out, const tor_cert_t *cert, - const ed25519_public_key_t *pubkey) + const ed25519_public_key_t *pubkey, + time_t *expiration_out) { if (! pubkey) { if (cert->signing_key_included) @@ -185,6 +215,10 @@ tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out, memcpy(checkable_out->signature.sig, cert->encoded + signed_len, ED25519_SIG_LEN); + if (expiration_out) { + *expiration_out = MIN(*expiration_out, cert->valid_until); + } + return 0; } @@ -199,14 +233,15 @@ tor_cert_checksig(tor_cert_t *cert, { ed25519_checkable_t checkable; int okay; + time_t expires = TIME_MAX; - if (now && now > cert->valid_until) { - cert->cert_expired = 1; + if (tor_cert_get_checkable_sig(&checkable, cert, pubkey, &expires) < 0) return -1; - } - if (tor_cert_get_checkable_sig(&checkable, cert, pubkey) < 0) + if (now && now > expires) { + cert->cert_expired = 1; return -1; + } if (ed25519_checksig_batch(&okay, &checkable, 1) < 0) { cert->sig_bad = 1; @@ -255,6 +290,8 @@ tor_cert_opt_eq(const tor_cert_t *cert1, const tor_cert_t *cert2) return tor_cert_eq(cert1, cert2); } +#define RSA_ED_CROSSCERT_PREFIX "Tor TLS RSA/Ed25519 cross-certificate" + /** Create new cross-certification object to certify <b>ed_key</b> as the * master ed25519 identity key for the RSA identity key <b>rsa_key</b>. * Allocates and stores the encoded certificate in *<b>cert</b>, and returns @@ -279,11 +316,21 @@ tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, ssize_t sz = rsa_ed_crosscert_encode(res, alloc_sz, cc); tor_assert(sz > 0 && sz <= alloc_sz); + crypto_digest_t *d = crypto_digest256_new(DIGEST_SHA256); + crypto_digest_add_bytes(d, RSA_ED_CROSSCERT_PREFIX, + strlen(RSA_ED_CROSSCERT_PREFIX)); + const int signed_part_len = 32 + 4; + crypto_digest_add_bytes(d, (char*)res, signed_part_len); + + uint8_t digest[DIGEST256_LEN]; + crypto_digest_get_digest(d, (char*)digest, sizeof(digest)); + crypto_digest_free(d); + int siglen = crypto_pk_private_sign(rsa_key, (char*)rsa_ed_crosscert_getarray_sig(cc), rsa_ed_crosscert_getlen_sig(cc), - (char*)res, signed_part_len); + (char*)digest, sizeof(digest)); tor_assert(siglen > 0 && siglen <= (int)crypto_pk_keysize(rsa_key)); tor_assert(siglen <= UINT8_MAX); cc->sig_len = siglen; @@ -295,3 +342,350 @@ tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, return sz; } +/** + * Check whether the <b>crosscert_len</b> byte certificate in <b>crosscert</b> + * is in fact a correct cross-certification of <b>master_key</b> using + * the RSA key <b>rsa_id_key</b>. + * + * Also reject the certificate if it expired before + * <b>reject_if_expired_before</b>. + * + * Return 0 on success, negative on failure. + */ +int +rsa_ed25519_crosscert_check(const uint8_t *crosscert, + const size_t crosscert_len, + const crypto_pk_t *rsa_id_key, + const ed25519_public_key_t *master_key, + const time_t reject_if_expired_before) +{ + rsa_ed_crosscert_t *cc = NULL; + int rv; + +#define ERR(code, s) \ + do { \ + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, \ + "Received a bad RSA->Ed25519 crosscert: %s", \ + (s)); \ + rv = (code); \ + goto err; \ + } while (0) + + if (BUG(crypto_pk_keysize(rsa_id_key) > PK_BYTES)) + return -1; + + if (BUG(!crosscert)) + return -1; + + ssize_t parsed_len = rsa_ed_crosscert_parse(&cc, crosscert, crosscert_len); + if (parsed_len < 0 || crosscert_len != (size_t)parsed_len) { + ERR(-2, "Unparseable or overlong crosscert"); + } + + if (tor_memneq(rsa_ed_crosscert_getarray_ed_key(cc), + master_key->pubkey, + ED25519_PUBKEY_LEN)) { + ERR(-3, "Crosscert did not match Ed25519 key"); + } + + const uint32_t expiration_date = rsa_ed_crosscert_get_expiration(cc); + const uint64_t expiration_time = expiration_date * 3600; + + if (reject_if_expired_before < 0 || + expiration_time < (uint64_t)reject_if_expired_before) { + ERR(-4, "Crosscert is expired"); + } + + const uint8_t *eos = rsa_ed_crosscert_get_end_of_signed(cc); + const uint8_t *sig = rsa_ed_crosscert_getarray_sig(cc); + const uint8_t siglen = rsa_ed_crosscert_get_sig_len(cc); + tor_assert(eos >= crosscert); + tor_assert((size_t)(eos - crosscert) <= crosscert_len); + tor_assert(siglen == rsa_ed_crosscert_getlen_sig(cc)); + + /* Compute the digest */ + uint8_t digest[DIGEST256_LEN]; + crypto_digest_t *d = crypto_digest256_new(DIGEST_SHA256); + crypto_digest_add_bytes(d, RSA_ED_CROSSCERT_PREFIX, + strlen(RSA_ED_CROSSCERT_PREFIX)); + crypto_digest_add_bytes(d, (char*)crosscert, eos-crosscert); + crypto_digest_get_digest(d, (char*)digest, sizeof(digest)); + crypto_digest_free(d); + + /* Now check the signature */ + uint8_t signed_[PK_BYTES]; + int signed_len = crypto_pk_public_checksig(rsa_id_key, + (char*)signed_, sizeof(signed_), + (char*)sig, siglen); + if (signed_len < DIGEST256_LEN) { + ERR(-5, "Bad signature, or length of signed data not as expected"); + } + + if (tor_memneq(digest, signed_, DIGEST256_LEN)) { + ERR(-6, "The signature was good, but it didn't match the data"); + } + + rv = 0; + err: + rsa_ed_crosscert_free(cc); + return rv; +} + +/** Construct and return a new empty or_handshake_certs object */ +or_handshake_certs_t * +or_handshake_certs_new(void) +{ + return tor_malloc_zero(sizeof(or_handshake_certs_t)); +} + +/** Release all storage held in <b>certs</b> */ +void +or_handshake_certs_free(or_handshake_certs_t *certs) +{ + if (!certs) + return; + + tor_x509_cert_free(certs->auth_cert); + tor_x509_cert_free(certs->link_cert); + tor_x509_cert_free(certs->id_cert); + + tor_cert_free(certs->ed_id_sign); + tor_cert_free(certs->ed_sign_link); + tor_cert_free(certs->ed_sign_auth); + tor_free(certs->ed_rsa_crosscert); + + memwipe(certs, 0xBD, sizeof(*certs)); + tor_free(certs); +} + +#undef ERR +#define ERR(s) \ + do { \ + log_fn(severity, LD_PROTOCOL, \ + "Received a bad CERTS cell: %s", \ + (s)); \ + return 0; \ + } while (0) + +int +or_handshake_certs_rsa_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now) +{ + tor_x509_cert_t *link_cert = certs->link_cert; + tor_x509_cert_t *auth_cert = certs->auth_cert; + tor_x509_cert_t *id_cert = certs->id_cert; + + if (certs->started_here) { + if (! (id_cert && link_cert)) + ERR("The certs we wanted (ID, Link) were missing"); + if (! tor_tls_cert_matches_key(tls, link_cert)) + ERR("The link certificate didn't match the TLS public key"); + if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, now, 0)) + ERR("The link certificate was not valid"); + if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, now, 1)) + ERR("The ID certificate was not valid"); + } else { + if (! (id_cert && auth_cert)) + ERR("The certs we wanted (ID, Auth) were missing"); + if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, auth_cert, id_cert, now, 1)) + ERR("The authentication certificate was not valid"); + if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, now, 1)) + ERR("The ID certificate was not valid"); + } + + return 1; +} + +/** Check all the ed25519 certificates in <b>certs</b> against each other, and + * against the peer certificate in <b>tls</b> if appropriate. On success, + * return 0; on failure, return a negative value and warn at level + * <b>severity</b> */ +int +or_handshake_certs_ed25519_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now) +{ + ed25519_checkable_t check[10]; + unsigned n_checkable = 0; + time_t expiration = TIME_MAX; + +#define ADDCERT(cert, pk) \ + do { \ + tor_assert(n_checkable < ARRAY_LENGTH(check)); \ + if (tor_cert_get_checkable_sig(&check[n_checkable++], cert, pk, \ + &expiration) < 0) \ + ERR("Could not get checkable cert."); \ + } while (0) + + if (! certs->ed_id_sign || !certs->ed_id_sign->signing_key_included) { + ERR("No Ed25519 signing key"); + } + ADDCERT(certs->ed_id_sign, NULL); + + if (certs->started_here) { + if (! certs->ed_sign_link) + ERR("No Ed25519 link key"); + { + /* check for a match with the TLS cert. */ + tor_x509_cert_t *peer_cert = tor_tls_get_peer_cert(tls); + if (BUG(!peer_cert)) { + /* This is a bug, because if we got to this point, we are a connection + * that was initiated here, and we completed a TLS handshake. The + * other side *must* have given us a certificate! */ + ERR("No x509 peer cert"); // LCOV_EXCL_LINE + } + const common_digests_t *peer_cert_digests = + tor_x509_cert_get_cert_digests(peer_cert); + int okay = tor_memeq(peer_cert_digests->d[DIGEST_SHA256], + certs->ed_sign_link->signed_key.pubkey, + DIGEST256_LEN); + tor_x509_cert_free(peer_cert); + if (!okay) + ERR("Link certificate does not match TLS certificate"); + } + + ADDCERT(certs->ed_sign_link, &certs->ed_id_sign->signed_key); + + } else { + if (! certs->ed_sign_auth) + ERR("No Ed25519 link authentication key"); + ADDCERT(certs->ed_sign_auth, &certs->ed_id_sign->signed_key); + } + + if (expiration < now) { + ERR("At least one certificate expired."); + } + + /* Okay, we've gotten ready to check all the Ed25519 certificates. + * Now, we are going to check the RSA certificate's cross-certification + * with the ED certificates. + * + * FFFF In the future, we might want to make this optional. + */ + + tor_x509_cert_t *rsa_id_cert = certs->id_cert; + if (!rsa_id_cert) { + ERR("Missing legacy RSA ID certificate"); + } + if (! tor_tls_cert_is_valid(severity, rsa_id_cert, rsa_id_cert, now, 1)) { + ERR("The legacy RSA ID certificate was not valid"); + } + if (! certs->ed_rsa_crosscert) { + ERR("Missing RSA->Ed25519 crosscert"); + } + crypto_pk_t *rsa_id_key = tor_tls_cert_get_key(rsa_id_cert); + if (!rsa_id_key) { + ERR("RSA ID cert had no RSA key"); + } + + if (rsa_ed25519_crosscert_check(certs->ed_rsa_crosscert, + certs->ed_rsa_crosscert_len, + rsa_id_key, + &certs->ed_id_sign->signing_key, + now) < 0) { + crypto_pk_free(rsa_id_key); + ERR("Invalid RSA->Ed25519 crosscert"); + } + crypto_pk_free(rsa_id_key); + rsa_id_key = NULL; + + /* FFFF We could save a little time in the client case by queueing + * this batch to check it later, along with the signature from the + * AUTHENTICATE cell. That will change our data flow a bit, though, + * so I say "postpone". */ + + if (ed25519_checksig_batch(NULL, check, n_checkable) < 0) { + ERR("At least one Ed25519 certificate was badly signed"); + } + + return 1; +} + +/** + * Check the Ed certificates and/or the RSA certificates, as appropriate. If + * we obtained an Ed25519 identity, set *ed_id_out. If we obtained an RSA + * identity, set *rs_id_out. Otherwise, set them both to NULL. + */ +void +or_handshake_certs_check_both(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now, + const ed25519_public_key_t **ed_id_out, + const common_digests_t **rsa_id_out) +{ + tor_assert(ed_id_out); + tor_assert(rsa_id_out); + + *ed_id_out = NULL; + *rsa_id_out = NULL; + + if (certs->ed_id_sign) { + if (or_handshake_certs_ed25519_ok(severity, certs, tls, now)) { + tor_assert(certs->ed_id_sign); + tor_assert(certs->id_cert); + + *ed_id_out = &certs->ed_id_sign->signing_key; + *rsa_id_out = tor_x509_cert_get_id_digests(certs->id_cert); + + /* If we reached this point, we did not look at any of the + * subsidiary RSA certificates, so we'd better just remove them. + */ + tor_x509_cert_free(certs->link_cert); + tor_x509_cert_free(certs->auth_cert); + certs->link_cert = certs->auth_cert = NULL; + } + /* We do _not_ fall through here. If you provided us Ed25519 + * certificates, we expect to verify them! */ + } else { + /* No ed25519 keys given in the CERTS cell */ + if (or_handshake_certs_rsa_ok(severity, certs, tls, now)) { + *rsa_id_out = tor_x509_cert_get_id_digests(certs->id_cert); + } + } +} + +/* === ENCODING === */ + +/* Encode the ed25519 certificate <b>cert</b> and put the newly allocated + * string in <b>cert_str_out</b>. Return 0 on success else a negative value. */ +int +tor_cert_encode_ed22519(const tor_cert_t *cert, char **cert_str_out) +{ + int ret = -1; + char *ed_cert_b64 = NULL; + size_t ed_cert_b64_len; + + tor_assert(cert); + tor_assert(cert_str_out); + + /* Get the encoded size and add the NUL byte. */ + ed_cert_b64_len = base64_encode_size(cert->encoded_len, + BASE64_ENCODE_MULTILINE) + 1; + ed_cert_b64 = tor_malloc_zero(ed_cert_b64_len); + + /* Base64 encode the encoded certificate. */ + if (base64_encode(ed_cert_b64, ed_cert_b64_len, + (const char *) cert->encoded, cert->encoded_len, + BASE64_ENCODE_MULTILINE) < 0) { + log_err(LD_BUG, "Couldn't base64-encode ed22519 cert!"); + goto err; + } + + /* Put everything together in a NUL terminated string. */ + tor_asprintf(cert_str_out, + "-----BEGIN ED25519 CERT-----\n" + "%s" + "-----END ED25519 CERT-----", + ed_cert_b64); + /* Success! */ + ret = 0; + + err: + tor_free(ed_cert_b64); + return ret; +} + diff --git a/src/or/torcert.h b/src/or/torcert.h index 9c819c0abb..090f6b5811 100644 --- a/src/or/torcert.h +++ b/src/or/torcert.h @@ -6,12 +6,15 @@ #include "crypto_ed25519.h" -#define SIGNED_KEY_TYPE_ED25519 0x01 +#define SIGNED_KEY_TYPE_ED25519 0x01 -#define CERT_TYPE_ID_SIGNING 0x04 -#define CERT_TYPE_SIGNING_LINK 0x05 -#define CERT_TYPE_SIGNING_AUTH 0x06 -#define CERT_TYPE_ONION_ID 0x0A +#define CERT_TYPE_ID_SIGNING 0x04 +#define CERT_TYPE_SIGNING_LINK 0x05 +#define CERT_TYPE_SIGNING_AUTH 0x06 +#define CERT_TYPE_SIGNING_HS_DESC 0x08 +#define CERT_TYPE_AUTH_HS_IP_KEY 0x09 +#define CERT_TYPE_ONION_ID 0x0A +#define CERT_TYPE_CROSS_HS_IP_KEYS 0x0B #define CERT_FLAG_INCLUDE_SIGNING_KEY 0x1 @@ -57,8 +60,9 @@ tor_cert_t *tor_cert_parse(const uint8_t *cert, size_t certlen); void tor_cert_free(tor_cert_t *cert); int tor_cert_get_checkable_sig(ed25519_checkable_t *checkable_out, - const tor_cert_t *out, - const ed25519_public_key_t *pubkey); + const tor_cert_t *out, + const ed25519_public_key_t *pubkey, + time_t *expiration_out); int tor_cert_checksig(tor_cert_t *cert, const ed25519_public_key_t *pubkey, time_t now); @@ -71,6 +75,30 @@ ssize_t tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, const crypto_pk_t *rsa_key, time_t expires, uint8_t **cert); +int rsa_ed25519_crosscert_check(const uint8_t *crosscert, + const size_t crosscert_len, + const crypto_pk_t *rsa_id_key, + const ed25519_public_key_t *master_key, + const time_t reject_if_expired_before); + +or_handshake_certs_t *or_handshake_certs_new(void); +void or_handshake_certs_free(or_handshake_certs_t *certs); +int or_handshake_certs_rsa_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now); +int or_handshake_certs_ed25519_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now); +void or_handshake_certs_check_both(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls, + time_t now, + const ed25519_public_key_t **ed_id_out, + const common_digests_t **rsa_id_out); + +int tor_cert_encode_ed22519(const tor_cert_t *cert, char **cert_str_out); #endif diff --git a/src/or/transports.c b/src/or/transports.c index 7a52b737e4..f755882c16 100644 --- a/src/or/transports.c +++ b/src/or/transports.c @@ -430,7 +430,7 @@ add_transport_to_proxy(const char *transport, managed_proxy_t *mp) { tor_assert(mp->transports_to_launch); if (!smartlist_contains_string(mp->transports_to_launch, transport)) - smartlist_add(mp->transports_to_launch, tor_strdup(transport)); + smartlist_add_strdup(mp->transports_to_launch, transport); } /** Called when a SIGHUP occurs. Returns true if managed proxy @@ -1322,7 +1322,7 @@ create_managed_proxy_environment(const managed_proxy_t *mp) tor_free(state_tmp); } - smartlist_add(envs, tor_strdup("TOR_PT_MANAGED_TRANSPORT_VER=1")); + smartlist_add_strdup(envs, "TOR_PT_MANAGED_TRANSPORT_VER=1"); { char *transports_to_launch = diff --git a/src/test/include.am b/src/test/include.am index 8ecfaf10c6..8d0fc2ff6b 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -80,6 +80,7 @@ src_test_test_SOURCES = \ src/test/test_checkdir.c \ src/test/test_circuitlist.c \ src/test/test_circuitmux.c \ + src/test/test_circuituse.c \ src/test/test_compat_libevent.c \ src/test/test_config.c \ src/test/test_connection.c \ @@ -97,6 +98,8 @@ src_test_test_SOURCES = \ src/test/test_extorport.c \ src/test/test_hs.c \ src/test/test_handles.c \ + src/test/test_hs_cache.c \ + src/test/test_hs_descriptor.c \ src/test/test_introduce.c \ src/test/test_keypin.c \ src/test/test_link_handshake.c \ @@ -130,6 +133,7 @@ src_test_test_SOURCES = \ src/test/test_helpers.c \ src/test/test_dns.c \ src/test/testing_common.c \ + src/test/testing_rsakeys.c \ src/ext/tinytest.c src_test_test_slow_SOURCES = \ @@ -137,6 +141,7 @@ src_test_test_slow_SOURCES = \ src/test/test_crypto_slow.c \ src/test/test_util_slow.c \ src/test/testing_common.c \ + src/test/testing_rsakeys.c \ src/ext/tinytest.c src_test_test_memwipe_SOURCES = \ diff --git a/src/test/test.c b/src/test/test.c index 9a41b976b8..750d8b00e4 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1190,6 +1190,7 @@ struct testgroup_t testgroups[] = { { "checkdir/", checkdir_tests }, { "circuitlist/", circuitlist_tests }, { "circuitmux/", circuitmux_tests }, + { "circuituse/", circuituse_tests }, { "compat/libevent/", compat_libevent_tests }, { "config/", config_tests }, { "connection/", connection_tests }, @@ -1205,6 +1206,8 @@ struct testgroup_t testgroups[] = { { "guardfraction/", guardfraction_tests }, { "extorport/", extorport_tests }, { "hs/", hs_tests }, + { "hs_cache/", hs_cache }, + { "hs_descriptor/", hs_descriptor }, { "introduce/", introduce_tests }, { "keypin/", keypin_tests }, { "link-handshake/", link_handshake_tests }, diff --git a/src/test/test.h b/src/test/test.h index 25336ac83e..2fa73592ef 100644 --- a/src/test/test.h +++ b/src/test/test.h @@ -75,6 +75,8 @@ const char *get_fname(const char *name); const char *get_fname_rnd(const char *name); struct crypto_pk_t *pk_generate(int idx); +void init_pregenerated_keys(void); +void free_pregenerated_keys(void); #define US2_CONCAT_2__(a, b) a ## __ ## b #define US_CONCAT_2__(a, b) a ## _ ## b @@ -183,6 +185,7 @@ extern struct testcase_t channeltls_tests[]; extern struct testcase_t checkdir_tests[]; extern struct testcase_t circuitlist_tests[]; extern struct testcase_t circuitmux_tests[]; +extern struct testcase_t circuituse_tests[]; extern struct testcase_t compat_libevent_tests[]; extern struct testcase_t config_tests[]; extern struct testcase_t connection_tests[]; @@ -197,6 +200,8 @@ extern struct testcase_t entrynodes_tests[]; extern struct testcase_t guardfraction_tests[]; extern struct testcase_t extorport_tests[]; extern struct testcase_t hs_tests[]; +extern struct testcase_t hs_cache[]; +extern struct testcase_t hs_descriptor[]; extern struct testcase_t introduce_tests[]; extern struct testcase_t keypin_tests[]; extern struct testcase_t link_handshake_tests[]; diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c index f839a5b72c..bbcff38d6d 100644 --- a/src/test/test_cell_formats.c +++ b/src/test/test_cell_formats.c @@ -11,6 +11,7 @@ #include "channel.h" #include "connection_edge.h" #include "connection_or.h" +#include "config.h" #include "onion.h" #include "onion_tap.h" #include "onion_fast.h" @@ -698,6 +699,7 @@ test_cfmt_extend_cells(void *arg) tt_int_op(61681, OP_EQ, ec.orport_ipv4.port); tt_str_op("2002::f0:c51e", OP_EQ, fmt_addr(&ec.orport_ipv6.addr)); tt_int_op(4370, OP_EQ, ec.orport_ipv6.port); + tt_assert(ed25519_public_key_is_zero(&ec.ed_pubkey)); tt_mem_op(ec.node_id,OP_EQ, "anthropomorphization", 20); tt_int_op(cc->cell_type, OP_EQ, CELL_CREATE2); tt_int_op(cc->handshake_type, OP_EQ, 0x105); @@ -717,6 +719,37 @@ test_cfmt_extend_cells(void *arg) tt_mem_op(p2+1+8+22+4,OP_EQ, b, 99+20); tt_int_op(0, OP_EQ, create_cell_format_relayed(&cell, cc)); + /* Now let's add an ed25519 key to that extend2 cell. */ + memcpy(ec.ed_pubkey.pubkey, + "brownshoesdontmakeit/brownshoesd", 32); + + /* As before, since we aren't extending by ed25519. */ + get_options_mutable()->ExtendByEd25519ID = 0; + tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); + tt_int_op(p2_len, OP_EQ, 89+99-34-20); + test_memeq_hex(p2, + "02000612F40001F0F1" + "0214616e7468726f706f6d6f727068697a6174696f6e" + "01050063"); + + /* Now try with the ed25519 ID. */ + get_options_mutable()->ExtendByEd25519ID = 1; + tt_int_op(0, OP_EQ, extend_cell_format(&p2_cmd, &p2_len, p2, &ec)); + tt_int_op(p2_len, OP_EQ, 89+99-34-20 + 34); + test_memeq_hex(p2, + "03000612F40001F0F1" + "0214616e7468726f706f6d6f727068697a6174696f6e" + // ed digest follows: + "0320" "62726f776e73686f6573646f6e746d616b656" + "9742f62726f776e73686f657364" + "01050063"); + /* Can we parse that? Did the key come through right? */ + memset(&ec, 0, sizeof(ec)); + tt_int_op(0, OP_EQ, extend_cell_parse(&ec, RELAY_COMMAND_EXTEND2, + p2, p2_len)); + tt_mem_op("brownshoesdontmakeit/brownshoesd", OP_EQ, + ec.ed_pubkey.pubkey, 32); + /* == Now try parsing some junk */ /* Try a too-long handshake */ @@ -1257,7 +1290,7 @@ struct testcase_t cell_format_tests[] = { TEST(connected_cells, 0), TEST(create_cells, 0), TEST(created_cells, 0), - TEST(extend_cells, 0), + TEST(extend_cells, TT_FORK), TEST(extended_cells, 0), TEST(resolved_cells, 0), TEST(is_destroy, 0), diff --git a/src/test/test_channel.c b/src/test/test_channel.c index a9e0634d9e..862bd6dfa6 100644 --- a/src/test/test_channel.c +++ b/src/test/test_channel.c @@ -1405,10 +1405,14 @@ test_channel_queue_impossible(void *arg) /* Let it drain and check that the bad entry is discarded */ test_chan_accept_cells = 1; + tor_capture_bugs_(1); channel_change_state(ch, CHANNEL_STATE_OPEN); tt_assert(test_cells_written == old_count); tt_int_op(chan_cell_queue_len(&(ch->outgoing_queue)), ==, 0); + tt_int_op(smartlist_len(tor_get_captured_bug_log_()), ==, 1); + tor_end_capture_bugs_(); + done: free_fake_channel(ch); @@ -1764,6 +1768,112 @@ test_channel_write(void *arg) return; } +static void +test_channel_id_map(void *arg) +{ + (void)arg; +#define N_CHAN 6 + char rsa_id[N_CHAN][DIGEST_LEN]; + ed25519_public_key_t *ed_id[N_CHAN]; + channel_t *chan[N_CHAN]; + int i; + ed25519_public_key_t ed_zero; + memset(&ed_zero, 0, sizeof(ed_zero)); + + tt_assert(sizeof(rsa_id[0]) == DIGEST_LEN); // Do I remember C? + + for (i = 0; i < N_CHAN; ++i) { + crypto_rand(rsa_id[i], DIGEST_LEN); + ed_id[i] = tor_malloc_zero(sizeof(*ed_id[i])); + crypto_rand((char*)ed_id[i]->pubkey, sizeof(ed_id[i]->pubkey)); + } + + /* For channel 3, have no Ed identity. */ + tor_free(ed_id[3]); + + /* Channel 2 and 4 have same ROSA identity */ + memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN); + + /* Channel 2 and 4 and 5 have same RSA identity */ + memcpy(rsa_id[4], rsa_id[2], DIGEST_LEN); + memcpy(rsa_id[5], rsa_id[2], DIGEST_LEN); + + /* Channels 2 and 5 have same Ed25519 identity */ + memcpy(ed_id[5], ed_id[2], sizeof(*ed_id[2])); + + for (i = 0; i < N_CHAN; ++i) { + chan[i] = new_fake_channel(); + channel_register(chan[i]); + channel_set_identity_digest(chan[i], rsa_id[i], ed_id[i]); + } + + /* Lookup by RSA id only */ + tt_ptr_op(chan[0], OP_EQ, + channel_find_by_remote_identity(rsa_id[0], NULL)); + tt_ptr_op(chan[1], OP_EQ, + channel_find_by_remote_identity(rsa_id[1], NULL)); + tt_ptr_op(chan[3], OP_EQ, + channel_find_by_remote_identity(rsa_id[3], NULL)); + channel_t *ch; + ch = channel_find_by_remote_identity(rsa_id[2], NULL); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == NULL); + + /* As above, but with zero Ed25519 ID (meaning "any ID") */ + tt_ptr_op(chan[0], OP_EQ, + channel_find_by_remote_identity(rsa_id[0], &ed_zero)); + tt_ptr_op(chan[1], OP_EQ, + channel_find_by_remote_identity(rsa_id[1], &ed_zero)); + tt_ptr_op(chan[3], OP_EQ, + channel_find_by_remote_identity(rsa_id[3], &ed_zero)); + ch = channel_find_by_remote_identity(rsa_id[2], &ed_zero); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == chan[2] || ch == chan[4] || ch == chan[5]); + ch = channel_next_with_rsa_identity(ch); + tt_assert(ch == NULL); + + /* Lookup nonexistent RSA identity */ + tt_ptr_op(NULL, OP_EQ, + channel_find_by_remote_identity("!!!!!!!!!!!!!!!!!!!!", NULL)); + + /* Look up by full identity pair */ + tt_ptr_op(chan[0], OP_EQ, + channel_find_by_remote_identity(rsa_id[0], ed_id[0])); + tt_ptr_op(chan[1], OP_EQ, + channel_find_by_remote_identity(rsa_id[1], ed_id[1])); + tt_ptr_op(chan[3], OP_EQ, + channel_find_by_remote_identity(rsa_id[3], ed_id[3] /*NULL*/)); + tt_ptr_op(chan[4], OP_EQ, + channel_find_by_remote_identity(rsa_id[4], ed_id[4])); + ch = channel_find_by_remote_identity(rsa_id[2], ed_id[2]); + tt_assert(ch == chan[2] || ch == chan[5]); + + /* Look up RSA identity with wrong ed25519 identity */ + tt_ptr_op(NULL, OP_EQ, + channel_find_by_remote_identity(rsa_id[4], ed_id[0])); + tt_ptr_op(NULL, OP_EQ, + channel_find_by_remote_identity(rsa_id[2], ed_id[1])); + tt_ptr_op(NULL, OP_EQ, + channel_find_by_remote_identity(rsa_id[3], ed_id[1])); + + done: + for (i = 0; i < N_CHAN; ++i) { + channel_clear_identity_digest(chan[i]); + channel_unregister(chan[i]); + free_fake_channel(chan[i]); + tor_free(ed_id[i]); + } +#undef N_CHAN +} + struct testcase_t channel_tests[] = { { "dumpstats", test_channel_dumpstats, TT_FORK, NULL, NULL }, { "flush", test_channel_flush, TT_FORK, NULL, NULL }, @@ -1776,6 +1886,7 @@ struct testcase_t channel_tests[] = { { "queue_incoming", test_channel_queue_incoming, TT_FORK, NULL, NULL }, { "queue_size", test_channel_queue_size, TT_FORK, NULL, NULL }, { "write", test_channel_write, TT_FORK, NULL, NULL }, + { "id_map", test_channel_id_map, TT_FORK, NULL, NULL }, END_OF_TESTCASES }; diff --git a/src/test/test_channeltls.c b/src/test/test_channeltls.c index 08442e01b6..fd98ee40fb 100644 --- a/src/test/test_channeltls.c +++ b/src/test/test_channeltls.c @@ -32,6 +32,7 @@ static or_connection_t * tlschan_connection_or_connect_mock( const tor_addr_t *addr, uint16_t port, const char *digest, + const ed25519_public_key_t *ed_id, channel_tls_t *tlschan); static int tlschan_is_local_addr_mock(const tor_addr_t *addr); @@ -70,7 +71,7 @@ test_channeltls_create(void *arg) MOCK(connection_or_connect, tlschan_connection_or_connect_mock); /* Try connecting */ - ch = channel_tls_connect(&test_addr, 567, test_digest); + ch = channel_tls_connect(&test_addr, 567, test_digest, NULL); tt_assert(ch != NULL); done: @@ -119,7 +120,7 @@ test_channeltls_num_bytes_queued(void *arg) MOCK(connection_or_connect, tlschan_connection_or_connect_mock); /* Try connecting */ - ch = channel_tls_connect(&test_addr, 567, test_digest); + ch = channel_tls_connect(&test_addr, 567, test_digest, NULL); tt_assert(ch != NULL); /* @@ -204,7 +205,7 @@ test_channeltls_overhead_estimate(void *arg) MOCK(connection_or_connect, tlschan_connection_or_connect_mock); /* Try connecting */ - ch = channel_tls_connect(&test_addr, 567, test_digest); + ch = channel_tls_connect(&test_addr, 567, test_digest, NULL); tt_assert(ch != NULL); /* First case: silly low ratios should get clamped to 1.0 */ @@ -266,9 +267,11 @@ static or_connection_t * tlschan_connection_or_connect_mock(const tor_addr_t *addr, uint16_t port, const char *digest, + const ed25519_public_key_t *ed_id, channel_tls_t *tlschan) { or_connection_t *result = NULL; + (void) ed_id; // XXXX Not yet used. tt_assert(addr != NULL); tt_assert(port != 0); diff --git a/src/test/test_circuituse.c b/src/test/test_circuituse.c new file mode 100644 index 0000000000..edbc9f6391 --- /dev/null +++ b/src/test/test_circuituse.c @@ -0,0 +1,302 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "or.h" +#include "test.h" +#include "test_helpers.h" +#include "config.h" +#include "circuitlist.h" +#include "circuituse.h" +#include "circuitbuild.h" +#include "nodelist.h" + +static void +test_circuit_is_available_for_use_ret_false_when_marked_for_close(void *arg) +{ + (void)arg; + + circuit_t *circ = tor_malloc(sizeof(circuit_t)); + circ->marked_for_close = 1; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_ret_false_when_timestamp_dirty(void *arg) +{ + (void)arg; + + circuit_t *circ = tor_malloc(sizeof(circuit_t)); + circ->timestamp_dirty = 1; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_ret_false_for_non_general_purpose(void *arg) +{ + (void)arg; + + circuit_t *circ = tor_malloc(sizeof(circuit_t)); + circ->purpose = CIRCUIT_PURPOSE_REND_POINT_WAITING; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_ret_false_for_non_general_origin(void *arg) +{ + (void)arg; + + circuit_t *circ = tor_malloc(sizeof(circuit_t)); + circ->purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_ret_false_for_non_origin_purpose(void *arg) +{ + (void)arg; + + circuit_t *circ = tor_malloc(sizeof(circuit_t)); + circ->purpose = CIRCUIT_PURPOSE_OR; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_ret_false_unusable_for_new_conns(void *arg) +{ + (void)arg; + + circuit_t *circ = dummy_origin_circuit_new(30); + mark_circuit_unusable_for_new_conns(TO_ORIGIN_CIRCUIT(circ)); + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_returns_false_for_onehop_tunnel(void *arg) +{ + (void)arg; + + circuit_t *circ = dummy_origin_circuit_new(30); + origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); + oc->build_state = tor_malloc(sizeof(cpath_build_state_t)); + oc->build_state->onehop_tunnel = 1; + + tt_int_op(0, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static void +test_circuit_is_available_for_use_returns_true_for_clean_circuit(void *arg) +{ + (void)arg; + + circuit_t *circ = dummy_origin_circuit_new(30); + origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ); + oc->build_state = tor_malloc(sizeof(cpath_build_state_t)); + oc->build_state->onehop_tunnel = 0; + + tt_int_op(1, ==, circuit_is_available_for_use(circ)); + + done: + tor_free(circ); +} + +static int +mock_circuit_all_predicted_ports_handled(time_t now, + int *need_uptime, + int *need_capacity) +{ + (void)now; + + if (need_uptime && need_capacity) + return 0; + return 1; +} + +static consensus_path_type_t +mock_router_have_unknown_consensus_path(void) +{ + return CONSENSUS_PATH_UNKNOWN; +} + +static consensus_path_type_t +mock_router_have_exit_consensus_path(void) +{ + return CONSENSUS_PATH_EXIT; +} + +static void +test_needs_exit_circuits_ret_false_for_predicted_ports_and_path(void *arg) +{ + (void)arg; + + MOCK(circuit_all_predicted_ports_handled, + mock_circuit_all_predicted_ports_handled); + int needs_uptime = 1; + int needs_capacity = 0; + + time_t now = time(NULL); + tt_int_op(0, ==, needs_exit_circuits(now, &needs_uptime, &needs_capacity)); + + done: + UNMOCK(circuit_all_predicted_ports_handled); +} + +static void +test_needs_exit_circuits_ret_false_for_non_exit_consensus_path(void *arg) +{ + (void)arg; + + MOCK(circuit_all_predicted_ports_handled, + mock_circuit_all_predicted_ports_handled); + int needs_uptime = 1; + int needs_capacity = 1; + MOCK(router_have_consensus_path, mock_router_have_unknown_consensus_path); + + time_t now = time(NULL); + tt_int_op(0, ==, needs_exit_circuits(now, &needs_uptime, &needs_capacity)); + + done: + UNMOCK(circuit_all_predicted_ports_handled); + UNMOCK(router_have_consensus_path); +} + +static void +test_needs_exit_circuits_ret_true_for_predicted_ports_and_path(void *arg) +{ + (void)arg; + + MOCK(circuit_all_predicted_ports_handled, + mock_circuit_all_predicted_ports_handled); + int needs_uptime = 1; + int needs_capacity = 1; + MOCK(router_have_consensus_path, mock_router_have_exit_consensus_path); + + time_t now = time(NULL); + tt_int_op(1, ==, needs_exit_circuits(now, &needs_uptime, &needs_capacity)); + + done: + UNMOCK(circuit_all_predicted_ports_handled); + UNMOCK(router_have_consensus_path); +} + +static void +test_needs_circuits_for_build_ret_false_consensus_path_unknown(void *arg) +{ + (void)arg; + MOCK(router_have_consensus_path, mock_router_have_unknown_consensus_path); + tt_int_op(0, ==, needs_circuits_for_build(0)); + done: ; +} + +static void +test_needs_circuits_for_build_ret_false_if_num_less_than_max(void *arg) +{ + (void)arg; + MOCK(router_have_consensus_path, mock_router_have_exit_consensus_path); + tt_int_op(0, ==, needs_circuits_for_build(13)); + done: + UNMOCK(router_have_consensus_path); +} + +static void +test_needs_circuits_for_build_returns_true_when_more_are_needed(void *arg) +{ + (void)arg; + MOCK(router_have_consensus_path, mock_router_have_exit_consensus_path); + tt_int_op(1, ==, needs_circuits_for_build(0)); + done: + UNMOCK(router_have_consensus_path); +} + +struct testcase_t circuituse_tests[] = { + { "marked", + test_circuit_is_available_for_use_ret_false_when_marked_for_close, + TT_FORK, NULL, NULL + }, + { "timestamp", + test_circuit_is_available_for_use_ret_false_when_timestamp_dirty, + TT_FORK, NULL, NULL + }, + { "non_general", + test_circuit_is_available_for_use_ret_false_for_non_general_purpose, + TT_FORK, NULL, NULL + }, + { "non_general", + test_circuit_is_available_for_use_ret_false_for_non_general_origin, + TT_FORK, NULL, NULL + }, + { "origin", + test_circuit_is_available_for_use_ret_false_for_non_origin_purpose, + TT_FORK, NULL, NULL + }, + { "clean", + test_circuit_is_available_for_use_ret_false_unusable_for_new_conns, + TT_FORK, NULL, NULL + }, + { "onehop", + test_circuit_is_available_for_use_returns_false_for_onehop_tunnel, + TT_FORK, NULL, NULL + }, + { "clean_circ", + test_circuit_is_available_for_use_returns_true_for_clean_circuit, + TT_FORK, NULL, NULL + }, + { "exit_f", + test_needs_exit_circuits_ret_false_for_predicted_ports_and_path, + TT_FORK, NULL, NULL + }, + { "exit_t", + test_needs_exit_circuits_ret_true_for_predicted_ports_and_path, + TT_FORK, NULL, NULL + }, + { "non_exit", + test_needs_exit_circuits_ret_false_for_non_exit_consensus_path, + TT_FORK, NULL, NULL + }, + { "true", + test_needs_exit_circuits_ret_true_for_predicted_ports_and_path, + TT_FORK, NULL, NULL + }, + { "consensus_path_unknown", + test_needs_circuits_for_build_ret_false_consensus_path_unknown, + TT_FORK, NULL, NULL + }, + { "less_than_max", + test_needs_circuits_for_build_ret_false_if_num_less_than_max, + TT_FORK, NULL, NULL + }, + { "more_needed", + test_needs_circuits_for_build_returns_true_when_more_are_needed, + TT_FORK, NULL, NULL + }, + END_OF_TESTCASES +}; + diff --git a/src/test/test_connection.c b/src/test/test_connection.c index d394fc9852..5cda4f3175 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -10,6 +10,7 @@ #include "test.h" #include "connection.h" +#include "hs_common.h" #include "main.h" #include "microdesc.h" #include "networkstatus.h" @@ -265,13 +266,9 @@ test_conn_get_rend_setup(const struct testcase_t *tc) rend_cache_init(); /* TODO: use directory_initiate_command_rend() to do this - maybe? */ - conn->rend_data = tor_malloc_zero(sizeof(rend_data_t)); tor_assert(strlen(TEST_CONN_REND_ADDR) == REND_SERVICE_ID_LEN_BASE32); - memcpy(conn->rend_data->onion_address, - TEST_CONN_REND_ADDR, - REND_SERVICE_ID_LEN_BASE32+1); - conn->rend_data->hsdirs_fp = smartlist_new(); - + conn->rend_data = rend_data_client_create(TEST_CONN_REND_ADDR, NULL, NULL, + REND_NO_AUTH); assert_connection_ok(&conn->base_, time(NULL)); return conn; @@ -551,7 +548,8 @@ test_conn_get_rend(void *arg) tt_assert(connection_get_by_type_state_rendquery( conn->base_.type, conn->base_.state, - conn->rend_data->onion_address) + rend_data_get_address( + conn->rend_data)) == TO_CONN(conn)); tt_assert(connection_get_by_type_state_rendquery( TEST_CONN_TYPE, diff --git a/src/test/test_containers.c b/src/test/test_containers.c index d8b82e0661..d7291a2ce2 100644 --- a/src/test/test_containers.c +++ b/src/test/test_containers.c @@ -501,13 +501,13 @@ test_container_smartlist_pos(void *arg) (void) arg; smartlist_t *sl = smartlist_new(); - smartlist_add(sl, tor_strdup("This")); - smartlist_add(sl, tor_strdup("is")); - smartlist_add(sl, tor_strdup("a")); - smartlist_add(sl, tor_strdup("test")); - smartlist_add(sl, tor_strdup("for")); - smartlist_add(sl, tor_strdup("a")); - smartlist_add(sl, tor_strdup("function")); + smartlist_add_strdup(sl, "This"); + smartlist_add_strdup(sl, "is"); + smartlist_add_strdup(sl, "a"); + smartlist_add_strdup(sl, "test"); + smartlist_add_strdup(sl, "for"); + smartlist_add_strdup(sl, "a"); + smartlist_add_strdup(sl, "function"); /* Test string_pos */ tt_int_op(smartlist_string_pos(NULL, "Fred"), ==, -1); @@ -830,7 +830,7 @@ test_container_strmap(void *arg) found_keys = smartlist_new(); while (!strmap_iter_done(iter)) { strmap_iter_get(iter,&k,&v); - smartlist_add(found_keys, tor_strdup(k)); + smartlist_add_strdup(found_keys, k); tt_ptr_op(v,OP_EQ, strmap_get(map, k)); if (!strcmp(k, "K2")) { diff --git a/src/test/test_dir.c b/src/test/test_dir.c index cdc56acb89..fa0a174813 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -678,16 +678,16 @@ test_dir_parse_router_list(void *arg) routerinfo_t *ri = NULL; char d[DIGEST_LEN]; - smartlist_add(chunks, tor_strdup(EX_RI_MINIMAL)); // ri 0 - smartlist_add(chunks, tor_strdup(EX_RI_BAD_PORTS)); // bad ri 0 - smartlist_add(chunks, tor_strdup(EX_EI_MAXIMAL)); // ei 0 - smartlist_add(chunks, tor_strdup(EX_EI_BAD_SIG2)); // bad ei -- - smartlist_add(chunks, tor_strdup(EX_EI_BAD_NICKNAME));// bad ei 0 - smartlist_add(chunks, tor_strdup(EX_RI_BAD_SIG1)); // bad ri -- - smartlist_add(chunks, tor_strdup(EX_EI_BAD_PUBLISHED)); // bad ei 1 - smartlist_add(chunks, tor_strdup(EX_RI_MAXIMAL)); // ri 1 - smartlist_add(chunks, tor_strdup(EX_RI_BAD_FAMILY)); // bad ri 1 - smartlist_add(chunks, tor_strdup(EX_EI_MINIMAL)); // ei 1 + smartlist_add_strdup(chunks, EX_RI_MINIMAL); // ri 0 + smartlist_add_strdup(chunks, EX_RI_BAD_PORTS); // bad ri 0 + smartlist_add_strdup(chunks, EX_EI_MAXIMAL); // ei 0 + smartlist_add_strdup(chunks, EX_EI_BAD_SIG2); // bad ei -- + smartlist_add_strdup(chunks, EX_EI_BAD_NICKNAME);// bad ei 0 + smartlist_add_strdup(chunks, EX_RI_BAD_SIG1); // bad ri -- + smartlist_add_strdup(chunks, EX_EI_BAD_PUBLISHED); // bad ei 1 + smartlist_add_strdup(chunks, EX_RI_MAXIMAL); // ri 1 + smartlist_add_strdup(chunks, EX_RI_BAD_FAMILY); // bad ri 1 + smartlist_add_strdup(chunks, EX_EI_MINIMAL); // ei 1 list = smartlist_join_strings(chunks, "", 0, NULL); @@ -812,19 +812,19 @@ test_dir_load_routers(void *arg) #define ADD(str) \ do { \ tt_int_op(0,OP_EQ,router_get_router_hash(str, strlen(str), buf)); \ - smartlist_add(wanted, tor_strdup(hex_str(buf, DIGEST_LEN))); \ + smartlist_add_strdup(wanted, hex_str(buf, DIGEST_LEN)); \ } while (0) MOCK(router_get_dl_status_by_descriptor_digest, mock_router_get_dl_status); update_approx_time(1412510400); - smartlist_add(chunks, tor_strdup(EX_RI_MINIMAL)); - smartlist_add(chunks, tor_strdup(EX_RI_BAD_FINGERPRINT)); - smartlist_add(chunks, tor_strdup(EX_RI_BAD_SIG2)); - smartlist_add(chunks, tor_strdup(EX_RI_MAXIMAL)); - smartlist_add(chunks, tor_strdup(EX_RI_BAD_PORTS)); - smartlist_add(chunks, tor_strdup(EX_RI_BAD_TOKENS)); + smartlist_add_strdup(chunks, EX_RI_MINIMAL); + smartlist_add_strdup(chunks, EX_RI_BAD_FINGERPRINT); + smartlist_add_strdup(chunks, EX_RI_BAD_SIG2); + smartlist_add_strdup(chunks, EX_RI_MAXIMAL); + smartlist_add_strdup(chunks, EX_RI_BAD_PORTS); + smartlist_add_strdup(chunks, EX_RI_BAD_TOKENS); /* not ADDing MINIMIAL */ ADD(EX_RI_MAXIMAL); @@ -932,18 +932,18 @@ test_dir_load_extrainfo(void *arg) #define ADD(str) \ do { \ tt_int_op(0,OP_EQ,router_get_extrainfo_hash(str, strlen(str), buf)); \ - smartlist_add(wanted, tor_strdup(hex_str(buf, DIGEST_LEN))); \ + smartlist_add_strdup(wanted, hex_str(buf, DIGEST_LEN)); \ } while (0) mock_ei_insert_list = smartlist_new(); MOCK(router_get_by_extrainfo_digest, mock_get_by_ei_desc_digest); MOCK(extrainfo_insert, mock_ei_insert); - smartlist_add(chunks, tor_strdup(EX_EI_MINIMAL)); - smartlist_add(chunks, tor_strdup(EX_EI_BAD_NICKNAME)); - smartlist_add(chunks, tor_strdup(EX_EI_MAXIMAL)); - smartlist_add(chunks, tor_strdup(EX_EI_BAD_PUBLISHED)); - smartlist_add(chunks, tor_strdup(EX_EI_BAD_TOKENS)); + smartlist_add_strdup(chunks, EX_EI_MINIMAL); + smartlist_add_strdup(chunks, EX_EI_BAD_NICKNAME); + smartlist_add_strdup(chunks, EX_EI_MAXIMAL); + smartlist_add_strdup(chunks, EX_EI_BAD_PUBLISHED); + smartlist_add_strdup(chunks, EX_EI_BAD_TOKENS); /* not ADDing MINIMIAL */ ADD(EX_EI_MAXIMAL); @@ -1874,6 +1874,249 @@ test_routerstatus_for_v3ns(routerstatus_t *rs, time_t now) return; } +static void +test_dir_networkstatus_compute_bw_weights_v10(void *arg) +{ + (void) arg; + smartlist_t *chunks = smartlist_new(); + int64_t G, M, E, D, T, weight_scale; + int ret; + weight_scale = 10000; + + /* no case. one or more of the values is 0 */ + G = M = E = D = 0; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 0); + tt_int_op(smartlist_len(chunks), OP_EQ, 0); + + /* case 1 */ + /* XXX dir-spec not followed? See #20272. If it isn't closed, then this is + * testing current behavior, not spec. */ + G = E = 10; + M = D = 1; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_int_op(smartlist_len(chunks), OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=3333 " + "Wbe=3000 Wbg=3000 Wbm=10000 Wdb=10000 Web=10000 Wed=3333 Wee=7000 " + "Weg=3333 Wem=7000 Wgb=10000 Wgd=3333 Wgg=7000 Wgm=7000 Wmb=10000 " + "Wmd=3333 Wme=3000 Wmg=3000 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 2a E scarce */ + M = 100; + G = 20; + E = D = 5; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 Wbe=0 " + "Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=10000 Wee=10000 Weg=10000 " + "Wem=10000 Wgb=10000 Wgd=0 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=0 Wme=0 " + "Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 2a G scarce */ + M = 100; + E = 20; + G = D = 5; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 Wbe=0 " + "Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=0 Wee=10000 Weg=0 Wem=10000 " + "Wgb=10000 Wgd=10000 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=0 Wme=0 Wmg=0 " + "Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 2b1 (Wgg=1, Wmd=Wgd) */ + M = 10; + E = 30; + G = 10; + D = 100; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=4000 " + "Wbe=0 Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=2000 Wee=10000 Weg=2000 " + "Wem=10000 Wgb=10000 Wgd=4000 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=4000 " + "Wme=0 Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 2b2 */ + M = 60; + E = 30; + G = 10; + D = 100; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=666 Wbe=0 " + "Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=3666 Wee=10000 Weg=3666 " + "Wem=10000 Wgb=10000 Wgd=5668 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=666 " + "Wme=0 Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 2b3 */ + /* XXX I can't get a combination of values that hits this case without error, + * so this just tests that it fails. See #20285. Also see #20284 as 2b3 does + * not follow dir-spec. */ + /* (E < T/3 && G < T/3) && (E+D>=G || G+D>=E) && (M > T/3) */ + M = 80; + E = 30; + G = 30; + D = 30; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 0); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 3a G scarce */ + M = 10; + E = 30; + G = 10; + D = 5; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 " + "Wbe=3333 Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=0 Wee=6667 Weg=0 " + "Wem=6667 Wgb=10000 Wgd=10000 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=0 " + "Wme=3333 Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 3a E scarce */ + M = 10; + E = 10; + G = 30; + D = 5; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 Wbe=0 " + "Wbg=3333 Wbm=10000 Wdb=10000 Web=10000 Wed=10000 Wee=10000 Weg=10000 " + "Wem=10000 Wgb=10000 Wgd=0 Wgg=6667 Wgm=6667 Wmb=10000 Wmd=0 Wme=0 " + "Wmg=3333 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 3bg */ + M = 10; + E = 30; + G = 10; + D = 10; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 " + "Wbe=3334 Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=0 Wee=6666 Weg=0 " + "Wem=6666 Wgb=10000 Wgd=10000 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=0 " + "Wme=3334 Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case 3be */ + M = 10; + E = 10; + G = 30; + D = 10; + T = G + M + E + D; + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 Wbe=0 " + "Wbg=3334 Wbm=10000 Wdb=10000 Web=10000 Wed=10000 Wee=10000 Weg=10000 " + "Wem=10000 Wgb=10000 Wgd=0 Wgg=6666 Wgm=6666 Wmb=10000 Wmd=0 Wme=0 " + "Wmg=3334 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case from 21 Jul 2013 (3be) */ + G = 5483409; + M = 1455379; + E = 980834; + D = 3385803; + T = 11305425; + tt_i64_op(G+M+E+D, OP_EQ, T); + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=883 Wbe=0 " + "Wbg=3673 Wbm=10000 Wdb=10000 Web=10000 Wed=8233 Wee=10000 Weg=8233 " + "Wem=10000 Wgb=10000 Wgd=883 Wgg=6327 Wgm=6327 Wmb=10000 Wmd=883 Wme=0 " + "Wmg=3673 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case from 04 Oct 2016 (3a E scarce) */ + G=29322240; + M=4721546; + E=1522058; + D=9273571; + T=44839415; + tt_i64_op(G+M+E+D, OP_EQ, T); + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=0 Wbe=0 " + "Wbg=4194 Wbm=10000 Wdb=10000 Web=10000 Wed=10000 Wee=10000 Weg=10000 " + "Wem=10000 Wgb=10000 Wgd=0 Wgg=5806 Wgm=5806 Wmb=10000 Wmd=0 Wme=0 " + "Wmg=4194 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* case from 04 Sep 2013 (2b1) */ + G=3091352; + M=1838837; + E=2109300; + D=2469369; + T=9508858; + tt_i64_op(G+M+E+D, OP_EQ, T); + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=317 " + "Wbe=5938 Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=9366 Wee=4061 " + "Weg=9366 Wem=4061 Wgb=10000 Wgd=317 Wgg=10000 Wgm=10000 Wmb=10000 " + "Wmd=317 Wme=5938 Wmg=0 Wmm=10000\n"); + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_clear(chunks); + + /* explicitly test initializing weights to 1*/ + G=1; + M=1; + E=1; + D=1; + T=4; + tt_i64_op(G+M+E+D, OP_EQ, T); + ret = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D, T, + weight_scale); + tt_str_op(smartlist_get(chunks, 0), OP_EQ, "bandwidth-weights Wbd=3333 " + "Wbe=0 Wbg=0 Wbm=10000 Wdb=10000 Web=10000 Wed=3333 Wee=10000 Weg=3333 " + "Wem=10000 Wgb=10000 Wgd=3333 Wgg=10000 Wgm=10000 Wmb=10000 Wmd=3333 " + "Wme=0 Wmg=0 Wmm=10000\n"); + + done: + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_free(chunks); +} + static authority_cert_t *mock_cert; static authority_cert_t * @@ -3253,17 +3496,88 @@ test_dir_http_handling(void *args) } static void -test_dir_purpose_needs_anonymity(void *arg) +test_dir_purpose_needs_anonymity_returns_true_by_default(void *arg) +{ + (void)arg; + + tor_capture_bugs_(1); + setup_full_capture_of_logs(LOG_WARN); + tt_int_op(1, ==, purpose_needs_anonymity(0, 0, NULL)); + tt_int_op(1, ==, smartlist_len(tor_get_captured_bug_log_())); + expect_single_log_msg_containing("Called with dir_purpose=0"); + + tor_end_capture_bugs_(); + done: + tor_end_capture_bugs_(); + teardown_capture_of_logs(); +} + +static void +test_dir_purpose_needs_anonymity_returns_true_for_bridges(void *arg) +{ + (void)arg; + + tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE, NULL)); + tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE, + "foobar")); + tt_int_op(1, ==, purpose_needs_anonymity(DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2, + ROUTER_PURPOSE_BRIDGE, NULL)); + done: ; +} + +static void +test_dir_purpose_needs_anonymity_returns_false_for_own_bridge_desc(void *arg) { (void)arg; - tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE)); - tt_int_op(1, ==, purpose_needs_anonymity(0, ROUTER_PURPOSE_GENERAL)); - tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_MICRODESC, - ROUTER_PURPOSE_GENERAL)); + tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_FETCH_SERVERDESC, + ROUTER_PURPOSE_BRIDGE, + "authority.z")); done: ; } static void +test_dir_purpose_needs_anonymity_returns_true_for_sensitive_purpose(void *arg) +{ + (void)arg; + + tt_int_op(1, ==, purpose_needs_anonymity( + DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2, + ROUTER_PURPOSE_GENERAL, NULL)); + tt_int_op(1, ==, purpose_needs_anonymity( + DIR_PURPOSE_UPLOAD_RENDDESC_V2, 0, NULL)); + tt_int_op(1, ==, purpose_needs_anonymity( + DIR_PURPOSE_FETCH_RENDDESC_V2, 0, NULL)); + done: ; +} + +static void +test_dir_purpose_needs_anonymity_ret_false_for_non_sensitive_conn(void *arg) +{ + (void)arg; + + tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_DIR, + ROUTER_PURPOSE_GENERAL, NULL)); + tt_int_op(0, ==, purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_VOTE, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_UPLOAD_SIGNATURES, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_STATUS_VOTE, 0, NULL)); + tt_int_op(0, ==, purpose_needs_anonymity( + DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_CONSENSUS, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_SERVERDESC, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_EXTRAINFO, 0, NULL)); + tt_int_op(0, ==, + purpose_needs_anonymity(DIR_PURPOSE_FETCH_MICRODESC, 0, NULL)); + done: ; +} + +static void test_dir_fetch_type(void *arg) { (void)arg; @@ -5148,9 +5462,9 @@ listdir_mock(const char *dname) (void)dname; l = smartlist_new(); - smartlist_add(l, tor_strdup("foo")); - smartlist_add(l, tor_strdup("bar")); - smartlist_add(l, tor_strdup("baz")); + smartlist_add_strdup(l, "foo"); + smartlist_add_strdup(l, "bar"); + smartlist_add_strdup(l, "baz"); return l; } @@ -5437,6 +5751,67 @@ test_dir_assumed_flags(void *arg) routerstatus_free(rs); } +static void +test_dir_post_parsing(void *arg) +{ + (void) arg; + + /* Test the version parsing from an HS descriptor publish request. */ + { + const char *end; + const char *prefix = "/tor/hs/"; + int version = parse_hs_version_from_post("/tor/hs//publish", prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + version = parse_hs_version_from_post("/tor/hs/a/publish", prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + version = parse_hs_version_from_post("/tor/hs/3/publish", prefix, &end); + tt_int_op(version, OP_EQ, 3); + tt_str_op(end, OP_EQ, "/publish"); + version = parse_hs_version_from_post("/tor/hs/42/publish", prefix, &end); + tt_int_op(version, OP_EQ, 42); + tt_str_op(end, OP_EQ, "/publish"); + version = parse_hs_version_from_post("/tor/hs/18163/publish",prefix, &end); + tt_int_op(version, OP_EQ, 18163); + tt_str_op(end, OP_EQ, "/publish"); + version = parse_hs_version_from_post("JUNKJUNKJUNK", prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + version = parse_hs_version_from_post("/tor/hs/3/publish", "blah", &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + /* Missing the '/' at the end of the prefix. */ + version = parse_hs_version_from_post("/tor/hs/3/publish", "/tor/hs", &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + version = parse_hs_version_from_post("/random/blah/tor/hs/3/publish", + prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + version = parse_hs_version_from_post("/tor/hs/3/publish/random/junk", + prefix, &end); + tt_int_op(version, OP_EQ, 3); + tt_str_op(end, OP_EQ, "/publish/random/junk"); + version = parse_hs_version_from_post("/tor/hs/-1/publish", prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + /* INT_MAX */ + version = parse_hs_version_from_post("/tor/hs/2147483647/publish", + prefix, &end); + tt_int_op(version, OP_EQ, INT_MAX); + tt_str_op(end, OP_EQ, "/publish"); + /* INT_MAX + 1*/ + version = parse_hs_version_from_post("/tor/hs/2147483648/publish", + prefix, &end); + tt_int_op(version, OP_EQ, -1); + tt_ptr_op(end, OP_EQ, NULL); + } + + done: + ; +} + #define DIR_LEGACY(name) \ { #name, test_dir_ ## name , TT_FORK, NULL, NULL } @@ -5470,7 +5845,12 @@ struct testcase_t dir_tests[] = { DIR(fmt_control_ns, 0), DIR(dirserv_set_routerstatus_testing, 0), DIR(http_handling, 0), - DIR(purpose_needs_anonymity, 0), + DIR(purpose_needs_anonymity_returns_true_for_bridges, 0), + DIR(purpose_needs_anonymity_returns_false_for_own_bridge_desc, 0), + DIR(purpose_needs_anonymity_returns_true_by_default, 0), + DIR(purpose_needs_anonymity_returns_true_for_sensitive_purpose, 0), + DIR(purpose_needs_anonymity_ret_false_for_non_sensitive_conn, 0), + DIR(post_parsing, 0), DIR(fetch_type, 0), DIR(packages, 0), DIR(download_status_schedule, 0), @@ -5491,6 +5871,7 @@ struct testcase_t dir_tests[] = { DIR_ARG(find_dl_schedule, TT_FORK, "cf"), DIR_ARG(find_dl_schedule, TT_FORK, "ca"), DIR(assumed_flags, 0), + DIR(networkstatus_compute_bw_weights_v10, 0), END_OF_TESTCASES }; diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index a0f22f1f0c..c215feee26 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -50,19 +50,6 @@ ENABLE_GCC_WARNING(overlength-strings) #define NS_MODULE dir_handle_get -static void -connection_write_to_buf_mock(const char *string, size_t len, - connection_t *conn, int zlib) -{ - (void) zlib; - - tor_assert(string); - tor_assert(conn); - - write_to_buf(string, len, conn->outbuf); -} - -#define GET(path) "GET " path " HTTP/1.0\r\n\r\n" #define NOT_FOUND "HTTP/1.0 404 Not found\r\n\r\n" #define BAD_REQUEST "HTTP/1.0 400 Bad request\r\n\r\n" #define SERVER_BUSY "HTTP/1.0 503 Directory busy, try again later\r\n\r\n" diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c index 9580a1fd3f..50848cfec2 100644 --- a/src/test/test_entryconn.c +++ b/src/test/test_entryconn.c @@ -100,7 +100,7 @@ test_entryconn_rewrite_automap_ipv4(void *arg) ec3 = entry_connection_new(CONN_TYPE_AP, AF_INET); get_options_mutable()->AutomapHostsOnResolve = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, tor_strdup(".")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, "."); parse_virtual_addr_network("127.202.0.0/16", AF_INET, 0, &msg); /* Automap this on resolve. */ @@ -173,7 +173,7 @@ test_entryconn_rewrite_automap_ipv6(void *arg) ec3 = entry_connection_new(CONN_TYPE_AP, AF_INET6); get_options_mutable()->AutomapHostsOnResolve = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, tor_strdup(".")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, "."); parse_virtual_addr_network("FE80::/32", AF_INET6, 0, &msg); /* Automap this on resolve. */ @@ -489,8 +489,8 @@ test_entryconn_rewrite_automap_exit(void *arg) get_options_mutable()->AutomapHostsOnResolve = 1; get_options_mutable()->AllowDotExit = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, - tor_strdup(".EXIT")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, + ".EXIT"); parse_virtual_addr_network("127.1.0.0/16", AF_INET, 0, &msg); /* Automap this on resolve. */ @@ -574,8 +574,8 @@ test_entryconn_rewrite_mapaddress_automap_onion(void *arg) get_options_mutable()->AutomapHostsOnResolve = 1; get_options_mutable()->AllowDotExit = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, - tor_strdup(".onion")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, + ".onion"); parse_virtual_addr_network("192.168.0.0/16", AF_INET, 0, &msg); config_line_append(&get_options_mutable()->AddressMap, "MapAddress", "foo.onion abcdefghijklmnop.onion"); @@ -709,8 +709,8 @@ test_entryconn_rewrite_mapaddress_automap_onion2(void *arg) { char *msg = NULL; get_options_mutable()->AutomapHostsOnResolve = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, - tor_strdup(".onion")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, + ".onion"); parse_virtual_addr_network("192.168.0.0/16", AF_INET, 0, &msg); config_line_append(&get_options_mutable()->AddressMap, "MapAddress", "irc.example.com abcdefghijklmnop.onion"); @@ -736,8 +736,8 @@ test_entryconn_rewrite_mapaddress_automap_onion4(void *arg) { char *msg = NULL; get_options_mutable()->AutomapHostsOnResolve = 1; - smartlist_add(get_options_mutable()->AutomapHostsSuffixes, - tor_strdup(".onion")); + smartlist_add_strdup(get_options_mutable()->AutomapHostsSuffixes, + ".onion"); parse_virtual_addr_network("192.168.0.0/16", AF_INET, 0, &msg); test_entryconn_rewrite_mapaddress_automap_onion_common(arg, 0, 1); diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c index b1c3accfab..8e4f4061c6 100644 --- a/src/test/test_entrynodes.c +++ b/src/test/test_entrynodes.c @@ -254,7 +254,9 @@ populate_live_entry_guards_test_helper(int num_needed) { smartlist_t *our_nodelist = NULL; smartlist_t *live_entry_guards = smartlist_new(); - const smartlist_t *all_entry_guards = get_entry_guards(); + guard_selection_t *gs = get_guard_selection_info(); + const smartlist_t *all_entry_guards = + get_entry_guards_for_guard_selection(gs); or_options_t *options = get_options_mutable(); int retval; @@ -271,7 +273,7 @@ populate_live_entry_guards_test_helper(int num_needed) SMARTLIST_FOREACH_BEGIN(our_nodelist, const node_t *, node) { const node_t *node_tmp; - node_tmp = add_an_entry_guard(node, 0, 1, 0, 0); + node_tmp = add_an_entry_guard(gs, node, 0, 1, 0, 0); tt_assert(node_tmp); } SMARTLIST_FOREACH_END(node); @@ -582,7 +584,9 @@ static void test_entry_guards_set_from_config(void *arg) { or_options_t *options = get_options_mutable(); - const smartlist_t *all_entry_guards = get_entry_guards(); + guard_selection_t *gs = get_guard_selection_info(); + const smartlist_t *all_entry_guards = + get_entry_guards_for_guard_selection(gs); const char *entrynodes_str = "test003r"; const node_t *chosen_entry = NULL; int retval; @@ -597,7 +601,7 @@ test_entry_guards_set_from_config(void *arg) tt_int_op(retval, OP_GE, 0); /* Read nodes from EntryNodes */ - entry_guards_set_from_config(options); + entry_guards_set_from_config(gs, options); /* Test that only one guard was added. */ tt_int_op(smartlist_len(all_entry_guards), OP_EQ, 1); @@ -689,7 +693,9 @@ static void test_entry_is_live(void *arg) { smartlist_t *our_nodelist = NULL; - const smartlist_t *all_entry_guards = get_entry_guards(); + guard_selection_t *gs = get_guard_selection_info(); + const smartlist_t *all_entry_guards = + get_entry_guards_for_guard_selection(gs); const node_t *test_node = NULL; const entry_guard_t *test_entry = NULL; const char *msg; @@ -706,7 +712,7 @@ test_entry_is_live(void *arg) SMARTLIST_FOREACH_BEGIN(our_nodelist, const node_t *, node) { const node_t *node_tmp; - node_tmp = add_an_entry_guard(node, 0, 1, 0, 0); + node_tmp = add_an_entry_guard(gs, node, 0, 1, 0, 0); tt_assert(node_tmp); tt_int_op(node->is_stable, OP_EQ, 0); diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c index ae9fc7a243..132af39776 100644 --- a/src/test/test_helpers.c +++ b/src/test/test_helpers.c @@ -10,8 +10,10 @@ #include "orconfig.h" #include "or.h" +#include "relay.h" #include "routerlist.h" #include "nodelist.h" +#include "buffers.h" #include "test.h" #include "test_helpers.h" @@ -22,6 +24,8 @@ DISABLE_GCC_WARNING(overlength-strings) * at large. */ #endif #include "test_descriptors.inc" +#include "or.h" +#include "circuitlist.h" #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS ENABLE_GCC_WARNING(overlength-strings) #endif @@ -92,3 +96,35 @@ helper_setup_fake_routerlist(void) UNMOCK(router_descriptor_is_older_than); } +void +connection_write_to_buf_mock(const char *string, size_t len, + connection_t *conn, int zlib) +{ + (void) zlib; + + tor_assert(string); + tor_assert(conn); + + write_to_buf(string, len, conn->outbuf); +} + +/* Set up a fake origin circuit with the specified number of cells, + * Return a pointer to the newly-created dummy circuit */ +circuit_t * +dummy_origin_circuit_new(int n_cells) +{ + origin_circuit_t *circ = origin_circuit_new(); + int i; + cell_t cell; + + for (i=0; i < n_cells; ++i) { + crypto_rand((void*)&cell, sizeof(cell)); + cell_queue_append_packed_copy(TO_CIRCUIT(circ), + &TO_CIRCUIT(circ)->n_chan_cells, + 1, &cell, 1, 0); + } + + TO_CIRCUIT(circ)->purpose = CIRCUIT_PURPOSE_C_GENERAL; + return TO_CIRCUIT(circ); +} + diff --git a/src/test/test_helpers.h b/src/test/test_helpers.h index 684375e1b1..ba93b100d5 100644 --- a/src/test/test_helpers.h +++ b/src/test/test_helpers.h @@ -6,11 +6,17 @@ const char *get_yesterday_date_str(void); +circuit_t * dummy_origin_circuit_new(int num_cells); + /* Number of descriptors contained in test_descriptors.txt. */ #define HELPER_NUMBER_OF_DESCRIPTORS 8 void helper_setup_fake_routerlist(void); +#define GET(path) "GET " path " HTTP/1.0\r\n\r\n" +void connection_write_to_buf_mock(const char *string, size_t len, + connection_t *conn, int zlib); + extern const char TEST_DESCRIPTORS[]; #endif diff --git a/src/test/test_hs.c b/src/test/test_hs.c index 8237bbc50e..ac9788ceea 100644 --- a/src/test/test_hs.c +++ b/src/test/test_hs.c @@ -14,6 +14,7 @@ #include "test.h" #include "control.h" #include "config.h" +#include "hs_common.h" #include "rendcommon.h" #include "rendservice.h" #include "routerset.h" @@ -136,7 +137,7 @@ test_hs_desc_event(void *arg) #define STR_DESC_ID_BASE32 "hba3gmcgpfivzfhx5rtfqkfdhv65yrj3" int ret; - rend_data_t rend_query; + rend_data_v2_t rend_query; const char *expected_msg; char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; @@ -148,12 +149,13 @@ test_hs_desc_event(void *arg) /* setup rend_query struct */ memset(&rend_query, 0, sizeof(rend_query)); + rend_query.base_.version = 2; strncpy(rend_query.onion_address, STR_HS_ADDR, REND_SERVICE_ID_LEN_BASE32+1); rend_query.auth_type = REND_NO_AUTH; - rend_query.hsdirs_fp = smartlist_new(); - smartlist_add(rend_query.hsdirs_fp, tor_memdup(HSDIR_EXIST_ID, - DIGEST_LEN)); + rend_query.base_.hsdirs_fp = smartlist_new(); + smartlist_add(rend_query.base_.hsdirs_fp, tor_memdup(HSDIR_EXIST_ID, + DIGEST_LEN)); /* Compute descriptor ID for replica 0, should be STR_DESC_ID_BASE32. */ ret = rend_compute_v2_desc_id(rend_query.descriptor_id[0], @@ -167,7 +169,7 @@ test_hs_desc_event(void *arg) sizeof(desc_id_base32)); /* test request event */ - control_event_hs_descriptor_requested(&rend_query, HSDIR_EXIST_ID, + control_event_hs_descriptor_requested(&rend_query.base_, HSDIR_EXIST_ID, STR_DESC_ID_BASE32); expected_msg = "650 HS_DESC REQUESTED "STR_HS_ADDR" NO_AUTH "\ STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32 "\r\n"; @@ -178,7 +180,7 @@ test_hs_desc_event(void *arg) /* test received event */ rend_query.auth_type = REND_BASIC_AUTH; control_event_hs_descriptor_received(rend_query.onion_address, - &rend_query, HSDIR_EXIST_ID); + &rend_query.base_, HSDIR_EXIST_ID); expected_msg = "650 HS_DESC RECEIVED "STR_HS_ADDR" BASIC_AUTH "\ STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32"\r\n"; tt_assert(received_msg); @@ -187,7 +189,7 @@ test_hs_desc_event(void *arg) /* test failed event */ rend_query.auth_type = REND_STEALTH_AUTH; - control_event_hs_descriptor_failed(&rend_query, + control_event_hs_descriptor_failed(&rend_query.base_, HSDIR_NONE_EXIST_ID, "QUERY_REJECTED"); expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" STEALTH_AUTH "\ @@ -198,7 +200,7 @@ test_hs_desc_event(void *arg) /* test invalid auth type */ rend_query.auth_type = 999; - control_event_hs_descriptor_failed(&rend_query, + control_event_hs_descriptor_failed(&rend_query.base_, HSDIR_EXIST_ID, "QUERY_REJECTED"); expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" UNKNOWN "\ @@ -221,8 +223,8 @@ test_hs_desc_event(void *arg) tt_str_op(received_msg, OP_EQ, exp_msg); tor_free(received_msg); tor_free(exp_msg); - SMARTLIST_FOREACH(rend_query.hsdirs_fp, char *, d, tor_free(d)); - smartlist_free(rend_query.hsdirs_fp); + SMARTLIST_FOREACH(rend_query.base_.hsdirs_fp, char *, d, tor_free(d)); + smartlist_free(rend_query.base_.hsdirs_fp); done: UNMOCK(queue_control_event_string); @@ -322,42 +324,46 @@ test_hs_rend_data(void *arg) client = rend_data_client_create(STR_HS_ADDR, desc_id, client_cookie, REND_NO_AUTH); tt_assert(client); - tt_int_op(client->auth_type, ==, REND_NO_AUTH); - tt_str_op(client->onion_address, OP_EQ, STR_HS_ADDR); - tt_mem_op(client->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id)); - tt_mem_op(client->descriptor_cookie, OP_EQ, client_cookie, + rend_data_v2_t *client_v2 = TO_REND_DATA_V2(client); + tt_int_op(client_v2->auth_type, ==, REND_NO_AUTH); + tt_str_op(client_v2->onion_address, OP_EQ, STR_HS_ADDR); + tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id)); + tt_mem_op(client_v2->descriptor_cookie, OP_EQ, client_cookie, sizeof(client_cookie)); tt_assert(client->hsdirs_fp); tt_int_op(smartlist_len(client->hsdirs_fp), ==, 0); for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) { - int ret = rend_compute_v2_desc_id(desc_id, client->onion_address, - client->descriptor_cookie, now, rep); + int ret = rend_compute_v2_desc_id(desc_id, client_v2->onion_address, + client_v2->descriptor_cookie, now, rep); /* That shouldn't never fail. */ tt_int_op(ret, ==, 0); - tt_mem_op(client->descriptor_id[rep], OP_EQ, desc_id, sizeof(desc_id)); + tt_mem_op(client_v2->descriptor_id[rep], OP_EQ, desc_id, + sizeof(desc_id)); } /* The rest should be zeroed because this is a client request. */ - tt_int_op(tor_digest_is_zero(client->rend_pk_digest), ==, 1); + tt_int_op(tor_digest_is_zero(client_v2->rend_pk_digest), ==, 1); tt_int_op(tor_digest_is_zero(client->rend_cookie), ==, 1); /* Test dup(). */ client_dup = rend_data_dup(client); tt_assert(client_dup); - tt_int_op(client_dup->auth_type, ==, client->auth_type); - tt_str_op(client_dup->onion_address, OP_EQ, client->onion_address); - tt_mem_op(client_dup->desc_id_fetch, OP_EQ, client->desc_id_fetch, - sizeof(client_dup->desc_id_fetch)); - tt_mem_op(client_dup->descriptor_cookie, OP_EQ, client->descriptor_cookie, - sizeof(client_dup->descriptor_cookie)); + rend_data_v2_t *client_dup_v2 = TO_REND_DATA_V2(client_dup); + tt_int_op(client_dup_v2->auth_type, ==, client_v2->auth_type); + tt_str_op(client_dup_v2->onion_address, OP_EQ, client_v2->onion_address); + tt_mem_op(client_dup_v2->desc_id_fetch, OP_EQ, client_v2->desc_id_fetch, + sizeof(client_dup_v2->desc_id_fetch)); + tt_mem_op(client_dup_v2->descriptor_cookie, OP_EQ, + client_v2->descriptor_cookie, + sizeof(client_dup_v2->descriptor_cookie)); tt_assert(client_dup->hsdirs_fp); tt_int_op(smartlist_len(client_dup->hsdirs_fp), ==, 0); for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) { - tt_mem_op(client_dup->descriptor_id[rep], OP_EQ, - client->descriptor_id[rep], DIGEST_LEN); + tt_mem_op(client_dup_v2->descriptor_id[rep], OP_EQ, + client_v2->descriptor_id[rep], DIGEST_LEN); } /* The rest should be zeroed because this is a client request. */ - tt_int_op(tor_digest_is_zero(client_dup->rend_pk_digest), ==, 1); + tt_int_op(tor_digest_is_zero(client_dup_v2->rend_pk_digest), ==, 1); tt_int_op(tor_digest_is_zero(client_dup->rend_cookie), ==, 1); rend_data_free(client); client = NULL; @@ -373,18 +379,19 @@ test_hs_rend_data(void *arg) * zeroed out. */ client = rend_data_client_create(NULL, desc_id, NULL, REND_BASIC_AUTH); tt_assert(client); - tt_int_op(client->auth_type, ==, REND_BASIC_AUTH); - tt_int_op(strlen(client->onion_address), ==, 0); - tt_mem_op(client->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id)); - tt_int_op(tor_mem_is_zero(client->descriptor_cookie, - sizeof(client->descriptor_cookie)), ==, 1); + client_v2 = TO_REND_DATA_V2(client); + tt_int_op(client_v2->auth_type, ==, REND_BASIC_AUTH); + tt_int_op(strlen(client_v2->onion_address), ==, 0); + tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id)); + tt_int_op(tor_mem_is_zero(client_v2->descriptor_cookie, + sizeof(client_v2->descriptor_cookie)), ==, 1); tt_assert(client->hsdirs_fp); tt_int_op(smartlist_len(client->hsdirs_fp), ==, 0); for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) { - tt_int_op(tor_digest_is_zero(client->descriptor_id[rep]), ==, 1); + tt_int_op(tor_digest_is_zero(client_v2->descriptor_id[rep]), ==, 1); } /* The rest should be zeroed because this is a client request. */ - tt_int_op(tor_digest_is_zero(client->rend_pk_digest), ==, 1); + tt_int_op(tor_digest_is_zero(client_v2->rend_pk_digest), ==, 1); tt_int_op(tor_digest_is_zero(client->rend_cookie), ==, 1); rend_data_free(client); client = NULL; @@ -398,37 +405,39 @@ test_hs_rend_data(void *arg) service = rend_data_service_create(STR_HS_ADDR, rend_pk_digest, rend_cookie, REND_NO_AUTH); tt_assert(service); - tt_int_op(service->auth_type, ==, REND_NO_AUTH); - tt_str_op(service->onion_address, OP_EQ, STR_HS_ADDR); - tt_mem_op(service->rend_pk_digest, OP_EQ, rend_pk_digest, + rend_data_v2_t *service_v2 = TO_REND_DATA_V2(service); + tt_int_op(service_v2->auth_type, ==, REND_NO_AUTH); + tt_str_op(service_v2->onion_address, OP_EQ, STR_HS_ADDR); + tt_mem_op(service_v2->rend_pk_digest, OP_EQ, rend_pk_digest, sizeof(rend_pk_digest)); tt_mem_op(service->rend_cookie, OP_EQ, rend_cookie, sizeof(rend_cookie)); tt_assert(service->hsdirs_fp); tt_int_op(smartlist_len(service->hsdirs_fp), ==, 0); for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) { - tt_int_op(tor_digest_is_zero(service->descriptor_id[rep]), ==, 1); + tt_int_op(tor_digest_is_zero(service_v2->descriptor_id[rep]), ==, 1); } /* The rest should be zeroed because this is a service request. */ - tt_int_op(tor_digest_is_zero(service->descriptor_cookie), ==, 1); - tt_int_op(tor_digest_is_zero(service->desc_id_fetch), ==, 1); + tt_int_op(tor_digest_is_zero(service_v2->descriptor_cookie), ==, 1); + tt_int_op(tor_digest_is_zero(service_v2->desc_id_fetch), ==, 1); /* Test dup(). */ service_dup = rend_data_dup(service); + rend_data_v2_t *service_dup_v2 = TO_REND_DATA_V2(service_dup); tt_assert(service_dup); - tt_int_op(service_dup->auth_type, ==, service->auth_type); - tt_str_op(service_dup->onion_address, OP_EQ, service->onion_address); - tt_mem_op(service_dup->rend_pk_digest, OP_EQ, service->rend_pk_digest, - sizeof(service_dup->rend_pk_digest)); + tt_int_op(service_dup_v2->auth_type, ==, service_v2->auth_type); + tt_str_op(service_dup_v2->onion_address, OP_EQ, service_v2->onion_address); + tt_mem_op(service_dup_v2->rend_pk_digest, OP_EQ, service_v2->rend_pk_digest, + sizeof(service_dup_v2->rend_pk_digest)); tt_mem_op(service_dup->rend_cookie, OP_EQ, service->rend_cookie, sizeof(service_dup->rend_cookie)); tt_assert(service_dup->hsdirs_fp); tt_int_op(smartlist_len(service_dup->hsdirs_fp), ==, 0); for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) { - tt_int_op(tor_digest_is_zero(service_dup->descriptor_id[rep]), ==, 1); + tt_int_op(tor_digest_is_zero(service_dup_v2->descriptor_id[rep]), ==, 1); } /* The rest should be zeroed because this is a service request. */ - tt_int_op(tor_digest_is_zero(service_dup->descriptor_cookie), ==, 1); - tt_int_op(tor_digest_is_zero(service_dup->desc_id_fetch), ==, 1); + tt_int_op(tor_digest_is_zero(service_dup_v2->descriptor_cookie), ==, 1); + tt_int_op(tor_digest_is_zero(service_dup_v2->desc_id_fetch), ==, 1); done: rend_data_free(service); diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c new file mode 100644 index 0000000000..e7deec2e22 --- /dev/null +++ b/src/test/test_hs_cache.c @@ -0,0 +1,491 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_hs_cache.c + * \brief Test hidden service caches. + */ + +#define CONNECTION_PRIVATE +#define HS_CACHE_PRIVATE + +#include "ed25519_cert.h" +#include "hs_cache.h" +#include "rendcache.h" +#include "directory.h" +#include "connection.h" + +#include "test_helpers.h" +#include "test.h" + +/* Build an intro point using a blinded key and an address. */ +static hs_desc_intro_point_t * +helper_build_intro_point(const ed25519_keypair_t *blinded_kp, + const char *addr) +{ + int ret; + ed25519_keypair_t auth_kp; + hs_desc_intro_point_t *intro_point = NULL; + hs_desc_intro_point_t *ip = tor_malloc_zero(sizeof(*ip)); + ip->link_specifiers = smartlist_new(); + + { + hs_desc_link_specifier_t *ls = tor_malloc_zero(sizeof(*ls)); + ls->u.ap.port = 9001; + int family = tor_addr_parse(&ls->u.ap.addr, addr); + switch (family) { + case AF_INET: + ls->type = LS_IPV4; + break; + case AF_INET6: + ls->type = LS_IPV6; + break; + default: + /* Stop the test, not suppose to have an error. */ + tt_int_op(family, OP_EQ, AF_INET); + } + smartlist_add(ip->link_specifiers, ls); + } + + ret = ed25519_keypair_generate(&auth_kp, 0); + tt_int_op(ret, ==, 0); + ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY, + &auth_kp.pubkey, time(NULL), + HS_DESC_CERT_LIFETIME, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(ip->auth_key_cert); + + ret = curve25519_keypair_generate(&ip->enc_key.curve25519, 0); + tt_int_op(ret, ==, 0); + ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; + intro_point = ip; + done: + return intro_point; +} + +/* Return a valid hs_descriptor_t object. */ +static hs_descriptor_t * +helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime, + ed25519_keypair_t *blinded_kp) +{ + int ret; + hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); + + desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; + ret = ed25519_keypair_generate(&desc->plaintext_data.signing_kp, 0); + tt_int_op(ret, ==, 0); + if (blinded_kp) { + memcpy(&desc->plaintext_data.blinded_kp, blinded_kp, + sizeof(ed25519_keypair_t)); + } else { + ret = ed25519_keypair_generate(&desc->plaintext_data.blinded_kp, 0); + tt_int_op(ret, ==, 0); + } + + desc->plaintext_data.signing_key_cert = + tor_cert_create(&desc->plaintext_data.blinded_kp, + CERT_TYPE_SIGNING_HS_DESC, + &desc->plaintext_data.signing_kp.pubkey, time(NULL), + 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(desc->plaintext_data.signing_key_cert); + desc->plaintext_data.revision_counter = revision_counter; + desc->plaintext_data.lifetime_sec = lifetime; + + /* Setup encrypted data section. */ + desc->encrypted_data.create2_ntor = 1; + desc->encrypted_data.auth_types = smartlist_new(); + smartlist_add(desc->encrypted_data.auth_types, tor_strdup("ed25519")); + desc->encrypted_data.intro_points = smartlist_new(); + /* Add an intro point. */ + smartlist_add(desc->encrypted_data.intro_points, + helper_build_intro_point(&desc->plaintext_data.blinded_kp, + "1.2.3.4")); + + descp = desc; + done: + return descp; +} + +/* Static variable used to encoded the HSDir query. */ +static char query_b64[256]; + +/* Build an HSDir query using a ed25519 keypair. */ +static const char * +helper_get_hsdir_query(const hs_descriptor_t *desc) +{ + ed25519_public_to_base64(query_b64, + &desc->plaintext_data.blinded_kp.pubkey); + return query_b64; +} + +static void +init_test(void) +{ + /* Always needed. Initialize the subsystem. */ + hs_cache_init(); + /* We need the v2 cache since our OOM and cache cleanup does poke at it. */ + rend_cache_init(); +} + +static void +test_directory(void *arg) +{ + int ret; + size_t oom_size; + char *desc1_str=NULL; + const char *desc_out; + hs_descriptor_t *desc1; + + (void) arg; + + init_test(); + /* Generate a valid descriptor with normal values. */ + desc1 = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + tt_assert(desc1); + ret = hs_desc_encode_descriptor(desc1, &desc1_str); + tt_int_op(ret, OP_EQ, 0); + + /* Very first basic test, should be able to be stored, survive a + * clean, found with a lookup and then cleaned by our OOM. */ + { + ret = hs_cache_store_as_dir(desc1_str); + tt_int_op(ret, OP_EQ, 0); + /* Re-add, it should fail since we already have it. */ + ret = hs_cache_store_as_dir(desc1_str); + tt_int_op(ret, OP_EQ, -1); + /* Try to clean now which should be fine, there is at worst few seconds + * between the store and this call. */ + hs_cache_clean_as_dir(time(NULL)); + /* We should find it in our cache. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(desc_out, OP_EQ, desc1_str); + /* Tell our OOM to run and to at least remove a byte which will result in + * removing the descriptor from our cache. */ + oom_size = hs_cache_handle_oom(time(NULL), 1); + tt_int_op(oom_size, >=, 1); + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL); + tt_int_op(ret, OP_EQ, 0); + } + + /* Store two descriptors and remove the expiring one only. */ + { + hs_descriptor_t *desc_zero_lifetime = helper_build_hs_desc(1, 0, NULL); + tt_assert(desc_zero_lifetime); + char *desc_zero_lifetime_str; + ret = hs_desc_encode_descriptor(desc_zero_lifetime, + &desc_zero_lifetime_str); + tt_int_op(ret, OP_EQ, 0); + + ret = hs_cache_store_as_dir(desc1_str); + tt_int_op(ret, OP_EQ, 0); + ret = hs_cache_store_as_dir(desc_zero_lifetime_str); + tt_int_op(ret, OP_EQ, 0); + /* This one should clear out our zero lifetime desc. */ + hs_cache_clean_as_dir(time(NULL)); + /* We should find desc1 in our cache. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(desc_out, OP_EQ, desc1_str); + /* We should NOT find our zero lifetime desc in our cache. */ + ret = hs_cache_lookup_as_dir(3, + helper_get_hsdir_query(desc_zero_lifetime), + NULL); + tt_int_op(ret, OP_EQ, 0); + /* Cleanup our entire cache. */ + oom_size = hs_cache_handle_oom(time(NULL), 1); + tt_int_op(oom_size, >=, 1); + hs_descriptor_free(desc_zero_lifetime); + tor_free(desc_zero_lifetime_str); + } + + /* Throw junk at it. */ + { + ret = hs_cache_store_as_dir("blah"); + tt_int_op(ret, OP_EQ, -1); + /* Poor attempt at tricking the decoding. */ + ret = hs_cache_store_as_dir("hs-descriptor 3\nJUNK"); + tt_int_op(ret, OP_EQ, -1); + /* Undecodable base64 query. */ + ret = hs_cache_lookup_as_dir(3, "blah", NULL); + tt_int_op(ret, OP_EQ, -1); + /* Decodable base64 query but wrong ed25519 size. */ + ret = hs_cache_lookup_as_dir(3, "dW5pY29ybg==", NULL); + tt_int_op(ret, OP_EQ, -1); + } + + /* Test descriptor replacement with revision counter. */ + { + char *new_desc_str; + + /* Add a descriptor. */ + ret = hs_cache_store_as_dir(desc1_str); + tt_int_op(ret, OP_EQ, 0); + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out); + tt_int_op(ret, OP_EQ, 1); + /* Bump revision counter. */ + desc1->plaintext_data.revision_counter++; + ret = hs_desc_encode_descriptor(desc1, &new_desc_str); + tt_int_op(ret, OP_EQ, 0); + ret = hs_cache_store_as_dir(new_desc_str); + tt_int_op(ret, OP_EQ, 0); + /* Look it up, it should have been replaced. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), &desc_out); + tt_int_op(ret, OP_EQ, 1); + tt_str_op(desc_out, OP_EQ, new_desc_str); + tor_free(new_desc_str); + } + + done: + hs_descriptor_free(desc1); + tor_free(desc1_str); +} + +static void +test_clean_as_dir(void *arg) +{ + size_t ret; + char *desc1_str = NULL; + time_t now = time(NULL); + hs_descriptor_t *desc1 = NULL; + + (void) arg; + + init_test(); + + /* Generate a valid descriptor with values. */ + desc1 = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + tt_assert(desc1); + ret = hs_desc_encode_descriptor(desc1, &desc1_str); + tt_int_op(ret, OP_EQ, 0); + ret = hs_cache_store_as_dir(desc1_str); + tt_int_op(ret, OP_EQ, 0); + + /* With the lifetime being 3 hours, a cleanup shouldn't remove it. */ + ret = cache_clean_v3_as_dir(now, 0); + tt_int_op(ret, ==, 0); + /* Should be present after clean up. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL); + tt_int_op(ret, OP_EQ, 1); + /* Set a cutoff 100 seconds in the past. It should not remove the entry + * since the entry is still recent enough. */ + ret = cache_clean_v3_as_dir(now, now - 100); + tt_int_op(ret, ==, 0); + /* Should be present after clean up. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL); + tt_int_op(ret, OP_EQ, 1); + /* Set a cutoff of 100 seconds in the future. It should remove the entry + * that we've just added since it's not too old for the cutoff. */ + ret = cache_clean_v3_as_dir(now, now + 100); + tt_int_op(ret, >, 0); + /* Shouldn't be present after clean up. */ + ret = hs_cache_lookup_as_dir(3, helper_get_hsdir_query(desc1), NULL); + tt_int_op(ret, OP_EQ, 0); + + done: + hs_descriptor_free(desc1); + tor_free(desc1_str); +} + +/* Test helper: Fetch an HS descriptor from an HSDir (for the hidden service + with <b>blinded_key</b>. Return the received descriptor string. */ +static char * +helper_fetch_desc_from_hsdir(const ed25519_public_key_t *blinded_key) +{ + int retval; + + char *received_desc = NULL; + char *hsdir_query_str = NULL; + + /* The dir conn we are going to simulate */ + dir_connection_t *conn = NULL; + + /* First extract the blinded public key that we are going to use in our + query, and then build the actual query string. */ + { + char hsdir_cache_key[ED25519_BASE64_LEN+1]; + + retval = ed25519_public_to_base64(hsdir_cache_key, + blinded_key); + tt_int_op(retval, ==, 0); + tor_asprintf(&hsdir_query_str, GET("/tor/hs/3/%s"), hsdir_cache_key); + } + + /* Simulate an HTTP GET request to the HSDir */ + conn = dir_connection_new(AF_INET); + tor_addr_from_ipv4h(&conn->base_.addr, 0x7f000001); + TO_CONN(conn)->linked = 1;/* Pretend the conn is encrypted :) */ + retval = directory_handle_command_get(conn, hsdir_query_str, + NULL, 0); + tt_int_op(retval, OP_EQ, 0); + + /* Read the descriptor that the HSDir just served us */ + { + char *headers = NULL; + size_t body_used = 0; + + fetch_from_buf_http(TO_CONN(conn)->outbuf, &headers, MAX_HEADERS_SIZE, + &received_desc, &body_used, 10000, 0); + tor_free(headers); + } + + done: + tor_free(hsdir_query_str); + if (conn) + connection_free_(TO_CONN(conn)); + + return received_desc; +} + +/* Publish a descriptor to the HSDir, then fetch it. Check that the received + descriptor matches the published one. */ +static void +test_upload_and_download_hs_desc(void *arg) +{ + int retval; + hs_descriptor_t *published_desc; + + char *published_desc_str = NULL; + char *received_desc_str = NULL; + + (void) arg; + + /* Initialize HSDir cache subsystem */ + init_test(); + + /* Generate a valid descriptor with normal values. */ + { + published_desc = helper_build_hs_desc(42, 3 * 60 * 60, NULL); + tt_assert(published_desc); + retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + tt_int_op(retval, OP_EQ, 0); + } + + /* Publish descriptor to the HSDir */ + { + retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str); + tt_int_op(retval, ==, 200); + } + + /* Simulate a fetch of the previously published descriptor */ + { + const ed25519_public_key_t *blinded_key; + blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); + } + + /* Verify we received the exact same descriptor we published earlier */ + tt_str_op(received_desc_str, OP_EQ, published_desc_str); + + done: + tor_free(received_desc_str); + tor_free(published_desc_str); + hs_descriptor_free(published_desc); +} + +/* Test that HSDirs reject outdated descriptors based on their revision + * counter. Also test that HSDirs correctly replace old descriptors with newer + * descriptors. */ +static void +test_hsdir_revision_counter_check(void *arg) +{ + int retval; + + hs_descriptor_t *published_desc; + char *published_desc_str = NULL; + + char *received_desc_str = NULL; + hs_descriptor_t *received_desc = NULL; + + (void) arg; + + /* Initialize HSDir cache subsystem */ + init_test(); + + /* Generate a valid descriptor with normal values. */ + { + published_desc = helper_build_hs_desc(1312, 3 * 60 * 60, NULL); + tt_assert(published_desc); + retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + tt_int_op(retval, OP_EQ, 0); + } + + /* Publish descriptor to the HSDir */ + { + retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str); + tt_int_op(retval, ==, 200); + } + + /* Try publishing again with the same revision counter: Should fail. */ + { + retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str); + tt_int_op(retval, ==, 400); + } + + /* Fetch the published descriptor and validate the revision counter. */ + { + const ed25519_public_key_t *blinded_key; + + blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); + + retval = hs_desc_decode_descriptor(received_desc_str,NULL, &received_desc); + tt_int_op(retval, ==, 0); + tt_assert(received_desc); + + /* Check that the revision counter is correct */ + tt_u64_op(received_desc->plaintext_data.revision_counter, ==, 1312); + + hs_descriptor_free(received_desc); + received_desc = NULL; + tor_free(received_desc_str); + } + + /* Increment the revision counter and try again. Should work. */ + { + published_desc->plaintext_data.revision_counter = 1313; + tor_free(published_desc_str); + retval = hs_desc_encode_descriptor(published_desc, &published_desc_str); + tt_int_op(retval, OP_EQ, 0); + + retval = handle_post_hs_descriptor("/tor/hs/3/publish",published_desc_str); + tt_int_op(retval, ==, 200); + } + + /* Again, fetch the published descriptor and perform the revision counter + validation. The revision counter must have changed. */ + { + const ed25519_public_key_t *blinded_key; + + blinded_key = &published_desc->plaintext_data.blinded_kp.pubkey; + received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); + + retval = hs_desc_decode_descriptor(received_desc_str,NULL, &received_desc); + tt_int_op(retval, ==, 0); + tt_assert(received_desc); + + /* Check that the revision counter is the latest */ + tt_u64_op(received_desc->plaintext_data.revision_counter, ==, 1313); + } + + done: + hs_descriptor_free(published_desc); + hs_descriptor_free(received_desc); + tor_free(received_desc_str); + tor_free(published_desc_str); +} + +struct testcase_t hs_cache[] = { + /* Encoding tests. */ + { "directory", test_directory, TT_FORK, + NULL, NULL }, + { "clean_as_dir", test_clean_as_dir, TT_FORK, + NULL, NULL }, + { "hsdir_revision_counter_check", test_hsdir_revision_counter_check, TT_FORK, + NULL, NULL }, + { "upload_and_download_hs_desc", test_upload_and_download_hs_desc, TT_FORK, + NULL, NULL }, + + END_OF_TESTCASES +}; + diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c new file mode 100644 index 0000000000..9749c3b096 --- /dev/null +++ b/src/test/test_hs_descriptor.c @@ -0,0 +1,1020 @@ +/* Copyright (c) 2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file test_hs_descriptor.c + * \brief Test hidden service descriptor encoding and decoding. + */ + +#define HS_DESCRIPTOR_PRIVATE + +#include "crypto_ed25519.h" +#include "ed25519_cert.h" +#include "or.h" +#include "hs_descriptor.h" +#include "test.h" +#include "torcert.h" + +static hs_desc_intro_point_t * +helper_build_intro_point(const ed25519_keypair_t *blinded_kp, time_t now, + const char *addr, int legacy) +{ + int ret; + ed25519_keypair_t auth_kp; + hs_desc_intro_point_t *intro_point = NULL; + hs_desc_intro_point_t *ip = tor_malloc_zero(sizeof(*ip)); + ip->link_specifiers = smartlist_new(); + + { + hs_desc_link_specifier_t *ls = tor_malloc_zero(sizeof(*ls)); + if (legacy) { + ls->type = LS_LEGACY_ID; + memcpy(ls->u.legacy_id, "0299F268FCA9D55CD157976D39AE92B4B455B3A8", + DIGEST_LEN); + } else { + ls->u.ap.port = 9001; + int family = tor_addr_parse(&ls->u.ap.addr, addr); + switch (family) { + case AF_INET: + ls->type = LS_IPV4; + break; + case AF_INET6: + ls->type = LS_IPV6; + break; + default: + /* Stop the test, not suppose to have an error. */ + tt_int_op(family, OP_EQ, AF_INET); + } + } + smartlist_add(ip->link_specifiers, ls); + } + + ret = ed25519_keypair_generate(&auth_kp, 0); + tt_int_op(ret, ==, 0); + ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY, + &auth_kp.pubkey, now, + HS_DESC_CERT_LIFETIME, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(ip->auth_key_cert); + + if (legacy) { + ip->enc_key.legacy = crypto_pk_new(); + ip->enc_key_type = HS_DESC_KEY_TYPE_LEGACY; + tt_assert(ip->enc_key.legacy); + ret = crypto_pk_generate_key(ip->enc_key.legacy); + tt_int_op(ret, ==, 0); + } else { + ret = curve25519_keypair_generate(&ip->enc_key.curve25519, 0); + tt_int_op(ret, ==, 0); + ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; + } + + intro_point = ip; + done: + return intro_point; +} + +/* Return a valid hs_descriptor_t object. If no_ip is set, no introduction + * points are added. */ +static hs_descriptor_t * +helper_build_hs_desc(unsigned int no_ip) +{ + int ret; + time_t now = time(NULL); + hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); + + desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; + ret = ed25519_keypair_generate(&desc->plaintext_data.signing_kp, 0); + tt_int_op(ret, ==, 0); + ret = ed25519_keypair_generate(&desc->plaintext_data.blinded_kp, 0); + tt_int_op(ret, ==, 0); + + desc->plaintext_data.signing_key_cert = + tor_cert_create(&desc->plaintext_data.blinded_kp, + CERT_TYPE_SIGNING_HS_DESC, + &desc->plaintext_data.signing_kp.pubkey, now, + 3600, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(desc->plaintext_data.signing_key_cert); + desc->plaintext_data.revision_counter = 42; + desc->plaintext_data.lifetime_sec = 3 * 60 * 60; + + /* Setup encrypted data section. */ + desc->encrypted_data.create2_ntor = 1; + desc->encrypted_data.auth_types = smartlist_new(); + desc->encrypted_data.single_onion_service = 1; + smartlist_add(desc->encrypted_data.auth_types, tor_strdup("ed25519")); + desc->encrypted_data.intro_points = smartlist_new(); + if (!no_ip) { + /* Add four intro points. */ + smartlist_add(desc->encrypted_data.intro_points, + helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, + "1.2.3.4", 0)); + smartlist_add(desc->encrypted_data.intro_points, + helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, + "[2600::1]", 0)); + smartlist_add(desc->encrypted_data.intro_points, + helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, + "3.2.1.4", 1)); + smartlist_add(desc->encrypted_data.intro_points, + helper_build_intro_point(&desc->plaintext_data.blinded_kp, now, + "", 1)); + } + + descp = desc; + done: + return descp; +} + +static void +helper_compare_hs_desc(const hs_descriptor_t *desc1, + const hs_descriptor_t *desc2) +{ + /* Plaintext data section. */ + tt_int_op(desc1->plaintext_data.version, OP_EQ, + desc2->plaintext_data.version); + tt_uint_op(desc1->plaintext_data.lifetime_sec, OP_EQ, + desc2->plaintext_data.lifetime_sec); + tt_assert(tor_cert_eq(desc1->plaintext_data.signing_key_cert, + desc2->plaintext_data.signing_key_cert)); + tt_mem_op(desc1->plaintext_data.signing_kp.pubkey.pubkey, OP_EQ, + desc2->plaintext_data.signing_kp.pubkey.pubkey, + ED25519_PUBKEY_LEN); + tt_mem_op(desc1->plaintext_data.blinded_kp.pubkey.pubkey, OP_EQ, + desc2->plaintext_data.blinded_kp.pubkey.pubkey, + ED25519_PUBKEY_LEN); + tt_u64_op(desc1->plaintext_data.revision_counter, ==, + desc2->plaintext_data.revision_counter); + + /* NOTE: We can't compare the encrypted blob because when encoding the + * descriptor, the object is immutable thus we don't update it with the + * encrypted blob. As contrast to the decoding process where we populate a + * descriptor object. */ + + /* Encrypted data section. */ + tt_uint_op(desc1->encrypted_data.create2_ntor, ==, + desc2->encrypted_data.create2_ntor); + + /* Authentication type. */ + tt_int_op(!!desc1->encrypted_data.auth_types, ==, + !!desc2->encrypted_data.auth_types); + if (desc1->encrypted_data.auth_types && desc2->encrypted_data.auth_types) { + tt_int_op(smartlist_len(desc1->encrypted_data.auth_types), ==, + smartlist_len(desc2->encrypted_data.auth_types)); + for (int i = 0; i < smartlist_len(desc1->encrypted_data.auth_types); i++) { + tt_str_op(smartlist_get(desc1->encrypted_data.auth_types, i), OP_EQ, + smartlist_get(desc2->encrypted_data.auth_types, i)); + } + } + + /* Introduction points. */ + { + tt_assert(desc1->encrypted_data.intro_points); + tt_assert(desc2->encrypted_data.intro_points); + tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), ==, + smartlist_len(desc2->encrypted_data.intro_points)); + for (int i=0; i < smartlist_len(desc1->encrypted_data.intro_points); i++) { + hs_desc_intro_point_t *ip1 = smartlist_get(desc1->encrypted_data + .intro_points, i), + *ip2 = smartlist_get(desc2->encrypted_data + .intro_points, i); + tt_assert(tor_cert_eq(ip1->auth_key_cert, ip2->auth_key_cert)); + tt_int_op(ip1->enc_key_type, OP_EQ, ip2->enc_key_type); + tt_assert(ip1->enc_key_type == HS_DESC_KEY_TYPE_LEGACY || + ip1->enc_key_type == HS_DESC_KEY_TYPE_CURVE25519); + switch (ip1->enc_key_type) { + case HS_DESC_KEY_TYPE_LEGACY: + tt_int_op(crypto_pk_cmp_keys(ip1->enc_key.legacy, ip2->enc_key.legacy), + OP_EQ, 0); + break; + case HS_DESC_KEY_TYPE_CURVE25519: + tt_mem_op(ip1->enc_key.curve25519.pubkey.public_key, OP_EQ, + ip2->enc_key.curve25519.pubkey.public_key, + CURVE25519_PUBKEY_LEN); + break; + } + + tt_int_op(smartlist_len(ip1->link_specifiers), ==, + smartlist_len(ip2->link_specifiers)); + for (int j = 0; j < smartlist_len(ip1->link_specifiers); j++) { + hs_desc_link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j), + *ls2 = smartlist_get(ip2->link_specifiers, j); + tt_int_op(ls1->type, ==, ls2->type); + switch (ls1->type) { + case LS_IPV4: + case LS_IPV6: + { + char *addr1 = tor_addr_to_str_dup(&ls1->u.ap.addr), + *addr2 = tor_addr_to_str_dup(&ls2->u.ap.addr); + tt_str_op(addr1, OP_EQ, addr2); + tor_free(addr1); + tor_free(addr2); + tt_int_op(ls1->u.ap.port, ==, ls2->u.ap.port); + } + break; + case LS_LEGACY_ID: + tt_mem_op(ls1->u.legacy_id, OP_EQ, ls2->u.legacy_id, + sizeof(ls1->u.legacy_id)); + break; + default: + /* Unknown type, caught it and print its value. */ + tt_int_op(ls1->type, OP_EQ, -1); + } + } + } + } + + done: + ; +} + +/* Test certificate encoding put in a descriptor. */ +static void +test_cert_encoding(void *arg) +{ + int ret; + char *encoded = NULL; + time_t now = time(NULL); + ed25519_keypair_t kp; + ed25519_public_key_t signed_key; + ed25519_secret_key_t secret_key; + tor_cert_t *cert = NULL; + + (void) arg; + + ret = ed25519_keypair_generate(&kp, 0); + tt_int_op(ret, == , 0); + ret = ed25519_secret_key_generate(&secret_key, 0); + tt_int_op(ret, == , 0); + ret = ed25519_public_key_generate(&signed_key, &secret_key); + tt_int_op(ret, == , 0); + + cert = tor_cert_create(&kp, CERT_TYPE_SIGNING_AUTH, &signed_key, + now, 3600 * 2, CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(cert); + + /* Test the certificate encoding function. */ + ret = tor_cert_encode_ed22519(cert, &encoded); + tt_int_op(ret, ==, 0); + + /* Validated the certificate string. */ + { + char *end, *pos = encoded; + char *b64_cert, buf[256]; + size_t b64_cert_len; + tor_cert_t *parsed_cert; + + tt_int_op(strcmpstart(pos, "-----BEGIN ED25519 CERT-----\n"), ==, 0); + pos += strlen("-----BEGIN ED25519 CERT-----\n"); + + /* Isolate the base64 encoded certificate and try to decode it. */ + end = strstr(pos, "-----END ED25519 CERT-----"); + tt_assert(end); + b64_cert = pos; + b64_cert_len = end - pos; + ret = base64_decode(buf, sizeof(buf), b64_cert, b64_cert_len); + tt_int_op(ret, >, 0); + /* Parseable? */ + parsed_cert = tor_cert_parse((uint8_t *) buf, ret); + tt_assert(parsed_cert); + /* Signature is valid? */ + ret = tor_cert_checksig(parsed_cert, &kp.pubkey, now + 10); + tt_int_op(ret, ==, 0); + ret = tor_cert_eq(cert, parsed_cert); + tt_int_op(ret, ==, 1); + /* The cert did have the signing key? */ + ret= ed25519_pubkey_eq(&parsed_cert->signing_key, &kp.pubkey); + tt_int_op(ret, ==, 1); + tor_cert_free(parsed_cert); + + /* Get to the end part of the certificate. */ + pos += b64_cert_len; + tt_int_op(strcmpstart(pos, "-----END ED25519 CERT-----"), ==, 0); + pos += strlen("-----END ED25519 CERT-----"); + } + + done: + tor_cert_free(cert); + tor_free(encoded); +} + +/* Test the descriptor padding. */ +static void +test_descriptor_padding(void *arg) +{ + char *plaintext; + size_t plaintext_len, padded_len; + uint8_t *padded_plaintext = NULL; + +/* Example: if l = 129, the ceiled division gives 2 and then multiplied by 128 + * to give 256. With l = 127, ceiled division gives 1 then times 128. */ +#define PADDING_EXPECTED_LEN(l) \ + CEIL_DIV(l, HS_DESC_PLAINTEXT_PADDING_MULTIPLE) * \ + HS_DESC_PLAINTEXT_PADDING_MULTIPLE + + (void) arg; + + { /* test #1: no padding */ + plaintext_len = HS_DESC_PLAINTEXT_PADDING_MULTIPLE; + plaintext = tor_malloc(plaintext_len); + padded_len = build_plaintext_padding(plaintext, plaintext_len, + &padded_plaintext); + tt_assert(padded_plaintext); + tor_free(plaintext); + /* Make sure our padding has been zeroed. */ + tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + padded_len - plaintext_len), OP_EQ, 1); + tor_free(padded_plaintext); + /* Never never have a padded length smaller than the plaintext. */ + tt_int_op(padded_len, OP_GE, plaintext_len); + tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len)); + } + + { /* test #2: one byte padding? */ + plaintext_len = HS_DESC_PLAINTEXT_PADDING_MULTIPLE - 1; + plaintext = tor_malloc(plaintext_len); + padded_plaintext = NULL; + padded_len = build_plaintext_padding(plaintext, plaintext_len, + &padded_plaintext); + tt_assert(padded_plaintext); + tor_free(plaintext); + /* Make sure our padding has been zeroed. */ + tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + padded_len - plaintext_len), OP_EQ, 1); + tor_free(padded_plaintext); + /* Never never have a padded length smaller than the plaintext. */ + tt_int_op(padded_len, OP_GE, plaintext_len); + tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len)); + } + + { /* test #3: Lots more bytes of padding? */ + plaintext_len = HS_DESC_PLAINTEXT_PADDING_MULTIPLE + 1; + plaintext = tor_malloc(plaintext_len); + padded_plaintext = NULL; + padded_len = build_plaintext_padding(plaintext, plaintext_len, + &padded_plaintext); + tt_assert(padded_plaintext); + tor_free(plaintext); + /* Make sure our padding has been zeroed. */ + tt_int_op(tor_mem_is_zero((char *) padded_plaintext + plaintext_len, + padded_len - plaintext_len), OP_EQ, 1); + tor_free(padded_plaintext); + /* Never never have a padded length smaller than the plaintext. */ + tt_int_op(padded_len, OP_GE, plaintext_len); + tt_int_op(padded_len, OP_EQ, PADDING_EXPECTED_LEN(plaintext_len)); + } + + done: + return; +} + +static void +test_link_specifier(void *arg) +{ + ssize_t ret; + hs_desc_link_specifier_t spec; + smartlist_t *link_specifiers = smartlist_new(); + + (void) arg; + + /* Always this port. */ + spec.u.ap.port = 42; + smartlist_add(link_specifiers, &spec); + + /* Test IPv4 for starter. */ + { + char *b64, buf[256]; + uint32_t ipv4; + link_specifier_t *ls; + + spec.type = LS_IPV4; + ret = tor_addr_parse(&spec.u.ap.addr, "1.2.3.4"); + tt_int_op(ret, ==, AF_INET); + b64 = encode_link_specifiers(link_specifiers); + tt_assert(b64); + + /* Decode it and validate the format. */ + ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); + tt_int_op(ret, >, 0); + /* First byte is the number of link specifier. */ + tt_int_op(get_uint8(buf), ==, 1); + ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); + tt_int_op(ret, ==, 8); + /* Should be 2 bytes for port and 4 bytes for IPv4. */ + tt_int_op(link_specifier_get_ls_len(ls), ==, 6); + ipv4 = link_specifier_get_un_ipv4_addr(ls); + tt_int_op(tor_addr_to_ipv4h(&spec.u.ap.addr), ==, ipv4); + tt_int_op(link_specifier_get_un_ipv4_port(ls), ==, spec.u.ap.port); + + link_specifier_free(ls); + tor_free(b64); + } + + /* Test IPv6. */ + { + char *b64, buf[256]; + uint8_t ipv6[16]; + link_specifier_t *ls; + + spec.type = LS_IPV6; + ret = tor_addr_parse(&spec.u.ap.addr, "[1:2:3:4::]"); + tt_int_op(ret, ==, AF_INET6); + b64 = encode_link_specifiers(link_specifiers); + tt_assert(b64); + + /* Decode it and validate the format. */ + ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); + tt_int_op(ret, >, 0); + /* First byte is the number of link specifier. */ + tt_int_op(get_uint8(buf), ==, 1); + ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); + tt_int_op(ret, ==, 20); + /* Should be 2 bytes for port and 16 bytes for IPv6. */ + tt_int_op(link_specifier_get_ls_len(ls), ==, 18); + for (unsigned int i = 0; i < sizeof(ipv6); i++) { + ipv6[i] = link_specifier_get_un_ipv6_addr(ls, i); + } + tt_mem_op(tor_addr_to_in6_addr8(&spec.u.ap.addr), ==, ipv6, sizeof(ipv6)); + tt_int_op(link_specifier_get_un_ipv6_port(ls), ==, spec.u.ap.port); + + link_specifier_free(ls); + tor_free(b64); + } + + /* Test legacy. */ + { + char *b64, buf[256]; + uint8_t *id; + link_specifier_t *ls; + + spec.type = LS_LEGACY_ID; + memset(spec.u.legacy_id, 'Y', sizeof(spec.u.legacy_id)); + b64 = encode_link_specifiers(link_specifiers); + tt_assert(b64); + + /* Decode it and validate the format. */ + ret = base64_decode(buf, sizeof(buf), b64, strlen(b64)); + tt_int_op(ret, >, 0); + /* First byte is the number of link specifier. */ + tt_int_op(get_uint8(buf), ==, 1); + ret = link_specifier_parse(&ls, (uint8_t *) buf + 1, ret - 1); + /* 20 bytes digest + 1 byte type + 1 byte len. */ + tt_int_op(ret, ==, 22); + tt_int_op(link_specifier_getlen_un_legacy_id(ls), OP_EQ, DIGEST_LEN); + /* Digest length is 20 bytes. */ + tt_int_op(link_specifier_get_ls_len(ls), OP_EQ, DIGEST_LEN); + id = link_specifier_getarray_un_legacy_id(ls); + tt_mem_op(spec.u.legacy_id, OP_EQ, id, DIGEST_LEN); + + link_specifier_free(ls); + tor_free(b64); + } + + done: + smartlist_free(link_specifiers); +} + +static void +test_encode_descriptor(void *arg) +{ + int ret; + char *encoded = NULL; + hs_descriptor_t *desc = helper_build_hs_desc(0); + + (void) arg; + + ret = hs_desc_encode_descriptor(desc, &encoded); + tt_int_op(ret, ==, 0); + tt_assert(encoded); + + done: + hs_descriptor_free(desc); + tor_free(encoded); +} + +static void +test_decode_descriptor(void *arg) +{ + int ret; + char *encoded = NULL; + hs_descriptor_t *desc = helper_build_hs_desc(0); + hs_descriptor_t *decoded = NULL; + hs_descriptor_t *desc_no_ip = NULL; + + (void) arg; + + /* Give some bad stuff to the decoding function. */ + ret = hs_desc_decode_descriptor("hladfjlkjadf", NULL, &decoded); + tt_int_op(ret, OP_EQ, -1); + + ret = hs_desc_encode_descriptor(desc, &encoded); + tt_int_op(ret, ==, 0); + tt_assert(encoded); + + ret = hs_desc_decode_descriptor(encoded, NULL, &decoded); + tt_int_op(ret, ==, 0); + tt_assert(decoded); + + helper_compare_hs_desc(desc, decoded); + + /* Decode a descriptor with _no_ introduction points. */ + { + desc_no_ip = helper_build_hs_desc(1); + tt_assert(desc_no_ip); + tor_free(encoded); + ret = hs_desc_encode_descriptor(desc_no_ip, &encoded); + tt_int_op(ret, ==, 0); + tt_assert(encoded); + hs_descriptor_free(decoded); + ret = hs_desc_decode_descriptor(encoded, NULL, &decoded); + tt_int_op(ret, ==, 0); + tt_assert(decoded); + } + + done: + hs_descriptor_free(desc); + hs_descriptor_free(desc_no_ip); + hs_descriptor_free(decoded); + tor_free(encoded); +} + +static void +test_supported_version(void *arg) +{ + int ret; + + (void) arg; + + /* Unsupported. */ + ret = hs_desc_is_supported_version(42); + tt_int_op(ret, OP_EQ, 0); + /* To early. */ + ret = hs_desc_is_supported_version(HS_DESC_SUPPORTED_FORMAT_VERSION_MIN - 1); + tt_int_op(ret, OP_EQ, 0); + /* One too new. */ + ret = hs_desc_is_supported_version(HS_DESC_SUPPORTED_FORMAT_VERSION_MAX + 1); + tt_int_op(ret, OP_EQ, 0); + /* Valid version. */ + ret = hs_desc_is_supported_version(3); + tt_int_op(ret, OP_EQ, 1); + + done: + ; +} + +static void +test_encrypted_data_len(void *arg) +{ + int ret; + size_t value; + + (void) arg; + + /* No length, error. */ + ret = encrypted_data_length_is_valid(0); + tt_int_op(ret, OP_EQ, 0); + /* Not a multiple of our encryption algorithm (thus no padding). It's + * suppose to be aligned on HS_DESC_PLAINTEXT_PADDING_MULTIPLE. */ + value = HS_DESC_PLAINTEXT_PADDING_MULTIPLE * 10 - 1; + ret = encrypted_data_length_is_valid(value); + tt_int_op(ret, OP_EQ, 0); + /* Valid value. */ + value = HS_DESC_PADDED_PLAINTEXT_MAX_LEN + HS_DESC_ENCRYPTED_SALT_LEN + + DIGEST256_LEN; + ret = encrypted_data_length_is_valid(value); + tt_int_op(ret, OP_EQ, 1); + + /* XXX: Test maximum possible size. */ + + done: + ; +} + +static void +test_decode_intro_point(void *arg) +{ + int ret; + char *encoded_ip = NULL; + size_t len_out; + hs_desc_intro_point_t *ip = NULL; + hs_descriptor_t *desc = NULL; + + (void) arg; + + /* The following certificate expires in 2036. After that, one of the test + * will fail because of the expiry time. */ + + /* Seperate pieces of a valid encoded introduction point. */ + const char *intro_point = + "introduction-point AQIUMDI5OUYyNjhGQ0E5RDU1Q0QxNTc="; + const char *auth_key = + "auth-key\n" + "-----BEGIN ED25519 CERT-----\n" + "AQkACOhAAQW8ltYZMIWpyrfyE/b4Iyi8CNybCwYs6ADk7XfBaxsFAQAgBAD3/BE4\n" + "XojGE/N2bW/wgnS9r2qlrkydGyuCKIGayYx3haZ39LD4ZTmSMRxwmplMAqzG/XNP\n" + "0Kkpg4p2/VnLFJRdU1SMFo1lgQ4P0bqw7Tgx200fulZ4KUM5z5V7m+a/mgY=\n" + "-----END ED25519 CERT-----"; + const char *enc_key = + "enc-key ntor bpZKLsuhxP6woDQ3yVyjm5gUKSk7RjfAijT2qrzbQk0="; + const char *enc_key_legacy = + "enc-key legacy\n" + "-----BEGIN RSA PUBLIC KEY-----\n" + "MIGJAoGBAO4bATcW8kW4h6RQQAKEgg+aXCpF4JwbcO6vGZtzXTDB+HdPVQzwqkbh\n" + "XzFM6VGArhYw4m31wcP1Z7IwULir7UMnAFd7Zi62aYfU6l+Y1yAoZ1wzu1XBaAMK\n" + "ejpwQinW9nzJn7c2f69fVke3pkhxpNdUZ+vplSA/l9iY+y+v+415AgMBAAE=\n" + "-----END RSA PUBLIC KEY-----"; + const char *enc_key_cert = + "enc-key-certification\n" + "-----BEGIN ED25519 CERT-----\n" + "AQsACOhZAUpNvCZ1aJaaR49lS6MCdsVkhVGVrRqoj0Y2T4SzroAtAQAgBABFOcGg\n" + "lbTt1DF5nKTE/gU3Fr8ZtlCIOhu1A+F5LM7fqCUupfesg0KTHwyIZOYQbJuM5/he\n" + "/jDNyLy9woPJdjkxywaY2RPUxGjLYtMQV0E8PUxWyICV+7y52fTCYaKpYQw=\n" + "-----END ED25519 CERT-----"; + const char *enc_key_cert_legacy = + "enc-key-certification\n" + "-----BEGIN CROSSCERT-----\n" + "Sk28JnVolppHj2VLowJ2xWSFUZWtGqiPRjZPhLOugC0ACOhZgFPA5egeRDUXMM1U\n" + "Fn3c7Je0gJS6mVma5FzwlgwggeriF13UZcaT71vEAN/ZJXbxOfQVGMZ0rXuFpjUq\n" + "C8CvqmZIwEUaPE1nDFtmnTcucvNS1YQl9nsjH3ejbxc+4yqps/cXh46FmXsm5yz7\n" + "NZjBM9U1fbJhlNtOvrkf70K8bLk6\n" + "-----END CROSSCERT-----"; + + (void) enc_key_legacy; + (void) enc_key_cert_legacy; + + /* Start by testing the "decode all intro points" function. */ + { + char *line; + desc = helper_build_hs_desc(0); + tt_assert(desc); + /* Only try to decode an incomplete introduction point section. */ + tor_asprintf(&line, "\n%s", intro_point); + ret = decode_intro_points(desc, &desc->encrypted_data, line); + tor_free(line); + tt_int_op(ret, ==, -1); + + /* Decode one complete intro point. */ + smartlist_t *lines = smartlist_new(); + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) enc_key); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + tor_asprintf(&line, "\n%s", encoded_ip); + tor_free(encoded_ip); + ret = decode_intro_points(desc, &desc->encrypted_data, line); + tor_free(line); + smartlist_free(lines); + tt_int_op(ret, ==, 0); + } + + /* Try to decode a junk string. */ + { + hs_descriptor_free(desc); + desc = helper_build_hs_desc(0); + const char *junk = "this is not a descriptor"; + ip = decode_introduction_point(desc, junk); + tt_assert(!ip); + desc_intro_point_free(ip); + ip = NULL; + } + + /* Invalid link specifiers. */ + { + smartlist_t *lines = smartlist_new(); + const char *bad_line = "introduction-point blah"; + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) enc_key); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + desc_intro_point_free(ip); + ip = NULL; + } + + /* Invalid auth key type. */ + { + smartlist_t *lines = smartlist_new(); + /* Try to put a valid object that our tokenize function will be able to + * parse but that has nothing to do with the auth_key. */ + const char *bad_line = + "auth-key\n" + "-----BEGIN UNICORN CERT-----\n" + "MIGJAoGBAO4bATcW8kW4h6RQQAKEgg+aXCpF4JwbcO6vGZtzXTDB+HdPVQzwqkbh\n" + "XzFM6VGArhYw4m31wcP1Z7IwULir7UMnAFd7Zi62aYfU6l+Y1yAoZ1wzu1XBaAMK\n" + "ejpwQinW9nzJn7c2f69fVke3pkhxpNdUZ+vplSA/l9iY+y+v+415AgMBAAE=\n" + "-----END UNICORN CERT-----"; + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) enc_key); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + /* Invalid enc-key. */ + { + smartlist_t *lines = smartlist_new(); + const char *bad_line = + "enc-key unicorn bpZKLsuhxP6woDQ3yVyjm5gUKSk7RjfAijT2qrzbQk0="; + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + /* Invalid enc-key object. */ + { + smartlist_t *lines = smartlist_new(); + const char *bad_line = "enc-key ntor"; + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + /* Invalid enc-key base64 curv25519 key. */ + { + smartlist_t *lines = smartlist_new(); + const char *bad_line = "enc-key ntor blah==="; + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + /* Invalid enc-key invalid legacy. */ + { + smartlist_t *lines = smartlist_new(); + const char *bad_line = "enc-key legacy blah==="; + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) bad_line); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(!ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + /* Valid object. */ + { + smartlist_t *lines = smartlist_new(); + /* Build intro point text. */ + smartlist_add(lines, (char *) intro_point); + smartlist_add(lines, (char *) auth_key); + smartlist_add(lines, (char *) enc_key); + smartlist_add(lines, (char *) enc_key_cert); + encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); + tt_assert(encoded_ip); + ip = decode_introduction_point(desc, encoded_ip); + tt_assert(ip); + tor_free(encoded_ip); + smartlist_free(lines); + } + + done: + hs_descriptor_free(desc); + desc_intro_point_free(ip); +} + +static void +test_decode_plaintext(void *arg) +{ + int ret; + hs_desc_plaintext_data_t desc_plaintext; + const char *bad_value = "unicorn"; + + (void) arg; + +#define template \ + "hs-descriptor %s\n" \ + "descriptor-lifetime %s\n" \ + "descriptor-signing-key-cert\n" \ + "-----BEGIN ED25519 CERT-----\n" \ + "AQgABjvPAQaG3g+dc6oV/oJV4ODAtkvx56uBnPtBT9mYVuHVOhn7AQAgBABUg3mQ\n" \ + "myBr4bu5LCr53wUEbW2EXui01CbUgU7pfo9LvJG3AcXRojj6HlfsUs9BkzYzYdjF\n" \ + "A69Apikgu0ewHYkFFASt7Il+gB3w6J8YstQJZT7dtbtl+doM7ug8B68Qdg8=\n" \ + "-----END ED25519 CERT-----\n" \ + "revision-counter %s\n" \ + "encrypted\n" \ + "-----BEGIN %s-----\n" \ + "UNICORN\n" \ + "-----END MESSAGE-----\n" \ + "signature m20WJH5agqvwhq7QeuEZ1mYyPWQDO+eJOZUjLhAiKu8DbL17DsDfJE6kXbWy" \ + "HimbNj2we0enV3cCOOAsmPOaAw\n" + + /* Invalid version. */ + { + char *plaintext; + tor_asprintf(&plaintext, template, bad_value, "180", "42", "MESSAGE"); + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Missing fields. */ + { + const char *plaintext = "hs-descriptor 3\n"; + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Max length. */ + { + size_t big = 64000; + /* Must always be bigger than HS_DESC_MAX_LEN. */ + tt_int_op(HS_DESC_MAX_LEN, <, big); + char *plaintext = tor_malloc_zero(big); + memset(plaintext, 'a', big); + plaintext[big - 1] = '\0'; + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Bad lifetime value. */ + { + char *plaintext; + tor_asprintf(&plaintext, template, "3", bad_value, "42", "MESSAGE"); + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Huge lifetime value. */ + { + char *plaintext; + tor_asprintf(&plaintext, template, "3", "7181615", "42", "MESSAGE"); + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Invalid encrypted section. */ + { + char *plaintext; + tor_asprintf(&plaintext, template, "3", "180", "42", bad_value); + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + /* Invalid revision counter. */ + { + char *plaintext; + tor_asprintf(&plaintext, template, "3", "180", bad_value, "MESSAGE"); + ret = hs_desc_decode_plaintext(plaintext, &desc_plaintext); + tor_free(plaintext); + tt_int_op(ret, OP_EQ, -1); + } + + done: + ; +} + +static void +test_validate_cert(void *arg) +{ + int ret; + time_t now = time(NULL); + ed25519_keypair_t kp; + tor_cert_t *cert = NULL; + + (void) arg; + + ret = ed25519_keypair_generate(&kp, 0); + tt_int_op(ret, ==, 0); + + /* Cert of type CERT_TYPE_AUTH_HS_IP_KEY. */ + cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, + &kp.pubkey, now, 3600, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(cert); + /* Test with empty certificate. */ + ret = cert_is_valid(NULL, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn"); + tt_int_op(ret, OP_EQ, 0); + /* Test with a bad type. */ + ret = cert_is_valid(cert, CERT_TYPE_SIGNING_HS_DESC, "unicorn"); + tt_int_op(ret, OP_EQ, 0); + /* Normal validation. */ + ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn"); + tt_int_op(ret, OP_EQ, 1); + /* Break signing key so signature verification will fails. */ + memset(&cert->signing_key, 0, sizeof(cert->signing_key)); + ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn"); + tt_int_op(ret, OP_EQ, 0); + tor_cert_free(cert); + + /* Try a cert without including the signing key. */ + cert = tor_cert_create(&kp, CERT_TYPE_AUTH_HS_IP_KEY, &kp.pubkey, now, + 3600, 0); + tt_assert(cert); + /* Test with a bad type. */ + ret = cert_is_valid(cert, CERT_TYPE_AUTH_HS_IP_KEY, "unicorn"); + tt_int_op(ret, OP_EQ, 0); + + done: + tor_cert_free(cert); +} + +static void +test_desc_signature(void *arg) +{ + int ret; + char *data = NULL, *desc = NULL; + char sig_b64[ED25519_SIG_BASE64_LEN + 1]; + ed25519_keypair_t kp; + ed25519_signature_t sig; + + (void) arg; + + ed25519_keypair_generate(&kp, 0); + /* Setup a phoony descriptor but with a valid signature token that is the + * signature is verifiable. */ + tor_asprintf(&data, "This is a signed descriptor\n"); + ret = ed25519_sign_prefixed(&sig, (const uint8_t *) data, strlen(data), + "Tor onion service descriptor sig v3", &kp); + tt_int_op(ret, ==, 0); + ret = ed25519_signature_to_base64(sig_b64, &sig); + tt_int_op(ret, ==, 0); + /* Build the descriptor that should be valid. */ + tor_asprintf(&desc, "%ssignature %s\n", data, sig_b64); + ret = desc_sig_is_valid(sig_b64, &kp, desc, strlen(desc)); + tt_int_op(ret, ==, 1); + /* Junk signature. */ + ret = desc_sig_is_valid("JUNK", &kp, desc, strlen(desc)); + tt_int_op(ret, ==, 0); + + done: + tor_free(desc); + tor_free(data); +} + +struct testcase_t hs_descriptor[] = { + /* Encoding tests. */ + { "cert_encoding", test_cert_encoding, TT_FORK, + NULL, NULL }, + { "link_specifier", test_link_specifier, TT_FORK, + NULL, NULL }, + { "encode_descriptor", test_encode_descriptor, TT_FORK, + NULL, NULL }, + { "descriptor_padding", test_descriptor_padding, TT_FORK, + NULL, NULL }, + + /* Decoding tests. */ + { "decode_descriptor", test_decode_descriptor, TT_FORK, + NULL, NULL }, + { "encrypted_data_len", test_encrypted_data_len, TT_FORK, + NULL, NULL }, + { "decode_intro_point", test_decode_intro_point, TT_FORK, + NULL, NULL }, + { "decode_plaintext", test_decode_plaintext, TT_FORK, + NULL, NULL }, + + /* Misc. */ + { "version", test_supported_version, TT_FORK, + NULL, NULL }, + { "validate_cert", test_validate_cert, TT_FORK, + NULL, NULL }, + { "desc_signature", test_desc_signature, TT_FORK, + NULL, NULL }, + + END_OF_TESTCASES +}; + diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 6c0567098f..421f3aaedf 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -6,13 +6,27 @@ #define CHANNELTLS_PRIVATE #define CONNECTION_PRIVATE #define TOR_CHANNEL_INTERNAL_ +#define TORTLS_PRIVATE + +#include "compat.h" + +/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in + * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ +DISABLE_GCC_WARNING(redundant-decls) +#include <openssl/x509.h> +#include <openssl/ssl.h> +ENABLE_GCC_WARNING(redundant-decls) + #include "or.h" #include "config.h" #include "connection.h" #include "connection_or.h" #include "channeltls.h" #include "link_handshake.h" +#include "router.h" +#include "routerkeys.h" #include "scheduler.h" +#include "torcert.h" #include "test.h" #include "log_test_helpers.h" @@ -37,6 +51,16 @@ mock_tls_cert_matches_key(const tor_tls_t *tls, const tor_x509_cert_t *cert) (void) cert; // XXXX look at this. return 1; } +static tor_tls_t *mock_peer_cert_expect_tortls = NULL; +static tor_x509_cert_t *mock_peer_cert = NULL; +static tor_x509_cert_t * +mock_get_peer_cert(tor_tls_t *tls) +{ + if (mock_peer_cert_expect_tortls && + mock_peer_cert_expect_tortls != tls) + return NULL; + return mock_peer_cert; +} static int mock_send_netinfo_called = 0; static int @@ -57,33 +81,51 @@ mock_close_for_err(or_connection_t *orconn, int flush) } static int mock_send_authenticate_called = 0; +static int mock_send_authenticate_called_with_type = 0; static int mock_send_authenticate(or_connection_t *conn, int type) { (void) conn; - (void) type; + mock_send_authenticate_called_with_type = type; ++mock_send_authenticate_called;// XXX check_this return 0; } +static int +mock_export_key_material(tor_tls_t *tls, uint8_t *secrets_out, + const uint8_t *context, + size_t context_len, + const char *label) +{ + (void) tls; + (void)secrets_out; + (void)context; + (void)context_len; + (void)label; + memcpy(secrets_out, "int getRandomNumber(){return 4;}", 32); + return 0; +} /* Test good certs cells */ static void test_link_handshake_certs_ok(void *arg) { - (void) arg; - or_connection_t *c1 = or_connection_new(CONN_TYPE_OR, AF_INET); or_connection_t *c2 = or_connection_new(CONN_TYPE_OR, AF_INET); var_cell_t *cell1 = NULL, *cell2 = NULL; certs_cell_t *cc1 = NULL, *cc2 = NULL; channel_tls_t *chan1 = NULL, *chan2 = NULL; crypto_pk_t *key1 = NULL, *key2 = NULL; + const int with_ed = !strcmp((const char *)arg, "Ed25519"); + + tor_addr_from_ipv4h(&c1->base_.addr, 0x7f000001); + tor_addr_from_ipv4h(&c2->base_.addr, 0x7f000001); scheduler_init(); MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key); MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell); MOCK(connection_or_send_netinfo, mock_send_netinfo); + MOCK(tor_tls_get_peer_cert, mock_get_peer_cert); key1 = pk_generate(2); key2 = pk_generate(3); @@ -94,10 +136,18 @@ test_link_handshake_certs_ok(void *arg) tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, key1, key2, 86400), ==, 0); + if (with_ed) { + /* If we're making a CERTS cell for an ed handshake, let's make sure we + * have some Ed25519 certificates and keys. */ + init_mock_ed_keys(key2); + } + + /* c1 has started_here == 1 */ c1->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3; c1->link_proto = 3; tt_int_op(connection_init_or_handshake_state(c1, 1), ==, 0); + /* c2 has started_here == 0 */ c2->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3; c2->link_proto = 3; tt_int_op(connection_init_or_handshake_state(c2, 0), ==, 0); @@ -121,8 +171,13 @@ test_link_handshake_certs_ok(void *arg) tt_int_op(cell2->payload_len, ==, certs_cell_parse(&cc2, cell2->payload, cell2->payload_len)); - tt_int_op(2, ==, cc1->n_certs); - tt_int_op(2, ==, cc2->n_certs); + if (with_ed) { + tt_int_op(5, ==, cc1->n_certs); + tt_int_op(5, ==, cc2->n_certs); + } else { + tt_int_op(2, ==, cc1->n_certs); + tt_int_op(2, ==, cc2->n_certs); + } tt_int_op(certs_cell_get_certs(cc1, 0)->cert_type, ==, CERTTYPE_RSA1024_ID_AUTH); @@ -134,6 +189,22 @@ test_link_handshake_certs_ok(void *arg) tt_int_op(certs_cell_get_certs(cc2, 1)->cert_type, ==, CERTTYPE_RSA1024_ID_ID); + if (with_ed) { + tt_int_op(certs_cell_get_certs(cc1, 2)->cert_type, ==, + CERTTYPE_ED_ID_SIGN); + tt_int_op(certs_cell_get_certs(cc1, 3)->cert_type, ==, + CERTTYPE_ED_SIGN_AUTH); + tt_int_op(certs_cell_get_certs(cc1, 4)->cert_type, ==, + CERTTYPE_RSA1024_ID_EDID); + + tt_int_op(certs_cell_get_certs(cc2, 2)->cert_type, ==, + CERTTYPE_ED_ID_SIGN); + tt_int_op(certs_cell_get_certs(cc2, 3)->cert_type, ==, + CERTTYPE_ED_SIGN_LINK); + tt_int_op(certs_cell_get_certs(cc2, 4)->cert_type, ==, + CERTTYPE_RSA1024_ID_EDID); + } + chan1 = tor_malloc_zero(sizeof(*chan1)); channel_tls_common_init(chan1); c1->chan = chan1; @@ -144,13 +215,38 @@ test_link_handshake_certs_ok(void *arg) c1->base_.conn_array_index = -1; crypto_pk_get_digest(key2, c1->identity_digest); + if (with_ed) { + const tor_x509_cert_t *linkc, *idc; + tor_tls_get_my_certs(1, &linkc, &idc); + mock_peer_cert_expect_tortls = c1->tls; /* We should see this tls... */ + mock_peer_cert = tor_x509_cert_dup(linkc); /* and when we do, the peer's + * cert is this... */ + } channel_tls_process_certs_cell(cell2, chan1); + mock_peer_cert_expect_tortls = NULL; + mock_peer_cert = NULL; + + tor_assert(c1->handshake_state->authenticated); tt_assert(c1->handshake_state->received_certs_cell); - tt_assert(c1->handshake_state->auth_cert == NULL); - tt_assert(c1->handshake_state->id_cert); + tt_assert(c1->handshake_state->certs->auth_cert == NULL); + tt_assert(c1->handshake_state->certs->ed_sign_auth == NULL); + tt_assert(c1->handshake_state->certs->id_cert); + if (with_ed) { + tt_assert(c1->handshake_state->certs->ed_sign_link); + tt_assert(c1->handshake_state->certs->ed_rsa_crosscert); + tt_assert(c1->handshake_state->certs->ed_id_sign); + tt_assert(c1->handshake_state->authenticated_rsa); + tt_assert(c1->handshake_state->authenticated_ed25519); + } else { + tt_assert(c1->handshake_state->certs->ed_sign_link == NULL); + tt_assert(c1->handshake_state->certs->ed_rsa_crosscert == NULL); + tt_assert(c1->handshake_state->certs->ed_id_sign == NULL); + tt_assert(c1->handshake_state->authenticated_rsa); + tt_assert(! c1->handshake_state->authenticated_ed25519); + } tt_assert(! tor_mem_is_zero( - (char*)c1->handshake_state->authenticated_peer_id, 20)); + (char*)c1->handshake_state->authenticated_rsa_peer_id, 20)); chan2 = tor_malloc_zero(sizeof(*chan2)); channel_tls_common_init(chan2); @@ -165,15 +261,30 @@ test_link_handshake_certs_ok(void *arg) channel_tls_process_certs_cell(cell1, chan2); tt_assert(c2->handshake_state->received_certs_cell); - tt_assert(c2->handshake_state->auth_cert); - tt_assert(c2->handshake_state->id_cert); + if (with_ed) { + tt_assert(c2->handshake_state->certs->ed_sign_auth); + tt_assert(c2->handshake_state->certs->ed_rsa_crosscert); + tt_assert(c2->handshake_state->certs->ed_id_sign); + } else { + tt_assert(c2->handshake_state->certs->auth_cert); + tt_assert(c2->handshake_state->certs->ed_sign_auth == NULL); + tt_assert(c2->handshake_state->certs->ed_rsa_crosscert == NULL); + tt_assert(c2->handshake_state->certs->ed_id_sign == NULL); + } + tt_assert(c2->handshake_state->certs->id_cert); tt_assert(tor_mem_is_zero( - (char*)c2->handshake_state->authenticated_peer_id, 20)); + (char*)c2->handshake_state->authenticated_rsa_peer_id, 20)); + /* no authentication has happened yet, since we haen't gotten an AUTH cell. + */ + tt_assert(! c2->handshake_state->authenticated); + tt_assert(! c2->handshake_state->authenticated_rsa); + tt_assert(! c2->handshake_state->authenticated_ed25519); done: UNMOCK(tor_tls_cert_matches_key); UNMOCK(connection_or_write_var_cell_to_buf); UNMOCK(connection_or_send_netinfo); + UNMOCK(tor_tls_get_peer_cert); memset(c1->identity_digest, 0, sizeof(c1->identity_digest)); memset(c2->identity_digest, 0, sizeof(c2->identity_digest)); connection_free_(TO_CONN(c1)); @@ -193,6 +304,8 @@ test_link_handshake_certs_ok(void *arg) } typedef struct certs_data_s { + int is_ed; + int is_link_cert; or_connection_t *c; channel_tls_t *chan; certs_cell_t *ccell; @@ -208,11 +321,12 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj) UNMOCK(tor_tls_cert_matches_key); UNMOCK(connection_or_send_netinfo); UNMOCK(connection_or_close_for_error); + UNMOCK(tor_tls_get_peer_cert); if (d) { tor_free(d->cell); certs_cell_free(d->ccell); - connection_or_remove_from_identity_map(d->c); + connection_or_clear_identity(d->c); connection_free_(TO_CONN(d->c)); circuitmux_free(d->chan->base_.cmux); tor_free(d->chan); @@ -220,6 +334,7 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj) crypto_pk_free(d->key2); tor_free(d); } + routerkeys_free_all(); return 1; } @@ -231,11 +346,18 @@ recv_certs_setup(const struct testcase_t *test) certs_cell_cert_t *ccc1 = NULL; certs_cell_cert_t *ccc2 = NULL; ssize_t n; + int is_ed = d->is_ed = !strcmpstart(test->setup_data, "Ed25519"); + int is_rsa = !strcmpstart(test->setup_data, "RSA"); + int is_link = d->is_link_cert = !strcmpend(test->setup_data, "-Link"); + int is_auth = !strcmpend(test->setup_data, "-Auth"); + tor_assert(is_ed != is_rsa); + tor_assert(is_link != is_auth); d->c = or_connection_new(CONN_TYPE_OR, AF_INET); d->chan = tor_malloc_zero(sizeof(*d->chan)); d->c->chan = d->chan; d->c->base_.address = tor_strdup("HaveAnAddress"); + tor_addr_from_ipv4h(&d->c->base_.addr, 0x801f0127); d->c->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3; d->chan->conn = d->c; tt_int_op(connection_init_or_handshake_state(d->c, 1), ==, 0); @@ -246,19 +368,25 @@ recv_certs_setup(const struct testcase_t *test) tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, d->key1, d->key2, 86400), ==, 0); + if (is_ed) { + init_mock_ed_keys(d->key2); + } else { + routerkeys_free_all(); + } + d->ccell = certs_cell_new(); ccc1 = certs_cell_cert_new(); certs_cell_add_certs(d->ccell, ccc1); ccc2 = certs_cell_cert_new(); certs_cell_add_certs(d->ccell, ccc2); d->ccell->n_certs = 2; - ccc1->cert_type = 1; + ccc1->cert_type = is_link ? 1 : 3; ccc2->cert_type = 2; const tor_x509_cert_t *a,*b; const uint8_t *enca, *encb; size_t lena, lenb; - tor_tls_get_my_certs(1, &a, &b); + tor_tls_get_my_certs(is_link ? 1 : 0, &a, &b); tor_x509_cert_get_der(a, &enca, &lena); tor_x509_cert_get_der(b, &encb, &lenb); certs_cell_cert_setlen_body(ccc1, lena); @@ -269,6 +397,41 @@ recv_certs_setup(const struct testcase_t *test) memcpy(certs_cell_cert_getarray_body(ccc1), enca, lena); memcpy(certs_cell_cert_getarray_body(ccc2), encb, lenb); + if (is_ed) { + certs_cell_cert_t *ccc3 = NULL; /* Id->Sign */ + certs_cell_cert_t *ccc4 = NULL; /* Sign->Link or Sign->Auth. */ + certs_cell_cert_t *ccc5 = NULL; /* RSAId->Ed Id. */ + const tor_cert_t *id_sign = get_master_signing_key_cert(); + const tor_cert_t *secondary = + is_link ? get_current_link_cert_cert() : get_current_auth_key_cert(); + const uint8_t *cc = NULL; + size_t cc_sz; + get_master_rsa_crosscert(&cc, &cc_sz); + + ccc3 = certs_cell_cert_new(); + ccc4 = certs_cell_cert_new(); + ccc5 = certs_cell_cert_new(); + certs_cell_add_certs(d->ccell, ccc3); + certs_cell_add_certs(d->ccell, ccc4); + certs_cell_add_certs(d->ccell, ccc5); + ccc3->cert_len = id_sign->encoded_len; + ccc4->cert_len = secondary->encoded_len; + ccc5->cert_len = cc_sz; + certs_cell_cert_setlen_body(ccc3, ccc3->cert_len); + certs_cell_cert_setlen_body(ccc4, ccc4->cert_len); + certs_cell_cert_setlen_body(ccc5, ccc5->cert_len); + memcpy(certs_cell_cert_getarray_body(ccc3), id_sign->encoded, + ccc3->cert_len); + memcpy(certs_cell_cert_getarray_body(ccc4), secondary->encoded, + ccc4->cert_len); + memcpy(certs_cell_cert_getarray_body(ccc5), cc, ccc5->cert_len); + ccc3->cert_type = 4; + ccc4->cert_type = is_link ? 5 : 6; + ccc5->cert_type = 7; + + d->ccell->n_certs = 5; + } + d->cell = var_cell_new(4096); d->cell->command = CELL_CERTS; @@ -279,6 +442,12 @@ recv_certs_setup(const struct testcase_t *test) MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key); MOCK(connection_or_send_netinfo, mock_send_netinfo); MOCK(connection_or_close_for_error, mock_close_for_err); + MOCK(tor_tls_get_peer_cert, mock_get_peer_cert); + + if (is_link) { + /* Say that this is the peer's certificate */ + mock_peer_cert = tor_x509_cert_dup(a); + } tt_int_op(0, ==, d->c->handshake_state->received_certs_cell); tt_int_op(0, ==, mock_send_authenticate_called); @@ -302,9 +471,24 @@ test_link_handshake_recv_certs_ok(void *arg) channel_tls_process_certs_cell(d->cell, d->chan); tt_int_op(0, ==, mock_close_called); tt_int_op(d->c->handshake_state->authenticated, ==, 1); + tt_int_op(d->c->handshake_state->authenticated_rsa, ==, 1); tt_int_op(d->c->handshake_state->received_certs_cell, ==, 1); - tt_assert(d->c->handshake_state->id_cert != NULL); - tt_assert(d->c->handshake_state->auth_cert == NULL); + tt_assert(d->c->handshake_state->certs->id_cert != NULL); + tt_assert(d->c->handshake_state->certs->auth_cert == NULL); + + if (d->is_ed) { + tt_assert(d->c->handshake_state->certs->ed_id_sign != NULL); + tt_assert(d->c->handshake_state->certs->ed_sign_link != NULL); + tt_assert(d->c->handshake_state->certs->ed_sign_auth == NULL); + tt_assert(d->c->handshake_state->certs->ed_rsa_crosscert != NULL); + tt_int_op(d->c->handshake_state->authenticated_ed25519, ==, 1); + } else { + tt_assert(d->c->handshake_state->certs->ed_id_sign == NULL); + tt_assert(d->c->handshake_state->certs->ed_sign_link == NULL); + tt_assert(d->c->handshake_state->certs->ed_sign_auth == NULL); + tt_assert(d->c->handshake_state->certs->ed_rsa_crosscert == NULL); + tt_int_op(d->c->handshake_state->authenticated_ed25519, ==, 0); + } done: ; @@ -315,17 +499,20 @@ test_link_handshake_recv_certs_ok_server(void *arg) { certs_data_t *d = arg; d->c->handshake_state->started_here = 0; - certs_cell_get_certs(d->ccell, 0)->cert_type = 3; - certs_cell_get_certs(d->ccell, 1)->cert_type = 2; - ssize_t n = certs_cell_encode(d->cell->payload, 2048, d->ccell); - tt_int_op(n, >, 0); - d->cell->payload_len = n; + d->c->handshake_state->certs->started_here = 0; channel_tls_process_certs_cell(d->cell, d->chan); tt_int_op(0, ==, mock_close_called); tt_int_op(d->c->handshake_state->authenticated, ==, 0); tt_int_op(d->c->handshake_state->received_certs_cell, ==, 1); - tt_assert(d->c->handshake_state->id_cert != NULL); - tt_assert(d->c->handshake_state->auth_cert != NULL); + tt_assert(d->c->handshake_state->certs->id_cert != NULL); + tt_assert(d->c->handshake_state->certs->link_cert == NULL); + if (d->is_ed) { + tt_assert(d->c->handshake_state->certs->ed_sign_auth != NULL); + tt_assert(d->c->handshake_state->certs->auth_cert == NULL); + } else { + tt_assert(d->c->handshake_state->certs->ed_sign_auth == NULL); + tt_assert(d->c->handshake_state->certs->auth_cert != NULL); + } done: ; @@ -343,6 +530,8 @@ test_link_handshake_recv_certs_ok_server(void *arg) tt_int_op(1, ==, mock_close_called); \ tt_int_op(0, ==, mock_send_authenticate_called); \ tt_int_op(0, ==, mock_send_netinfo_called); \ + tt_int_op(0, ==, d->c->handshake_state->authenticated_rsa); \ + tt_int_op(0, ==, d->c->handshake_state->authenticated_ed25519); \ if (require_failure_message) { \ expect_log_msg_containing(require_failure_message); \ } \ @@ -383,12 +572,41 @@ CERTS_FAIL(truncated_3, d->cell->payload_len = 7; memcpy(d->cell->payload, "\x01\x01\x00\x05""abc", 7); }) +CERTS_FAIL(truncated_4, /* ed25519 */ + { + require_failure_message = "It couldn't be parsed"; + d->cell->payload_len -= 10; + }) +CERTS_FAIL(truncated_5, /* ed25519 */ + { + require_failure_message = "It couldn't be parsed"; + d->cell->payload_len -= 100; + }) + #define REENCODE() do { \ + const char *msg = certs_cell_check(d->ccell); \ + if (msg) puts(msg); \ ssize_t n = certs_cell_encode(d->cell->payload, 4096, d->ccell); \ tt_int_op(n, >, 0); \ d->cell->payload_len = n; \ } while (0) +CERTS_FAIL(truncated_6, /* ed25519 */ + { + /* truncate the link certificate */ + require_failure_message = "undecodable Ed certificate"; + certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 3), 7); + certs_cell_get_certs(d->ccell, 3)->cert_len = 7; + REENCODE(); + }) +CERTS_FAIL(truncated_7, /* ed25519 */ + { + /* truncate the crosscert */ + require_failure_message = "Unparseable or overlong crosscert"; + certs_cell_cert_setlen_body(certs_cell_get_certs(d->ccell, 4), 7); + certs_cell_get_certs(d->ccell, 4)->cert_len = 7; + REENCODE(); + }) CERTS_FAIL(not_x509, { require_failure_message = "Received undecodable certificate"; @@ -417,6 +635,206 @@ CERTS_FAIL(both_auth, certs_cell_get_certs(d->ccell, 1)->cert_type = 3; REENCODE(); }) +CERTS_FAIL(duplicate_id, /* ed25519 */ + { + require_failure_message = "Duplicate Ed25519 certificate"; + certs_cell_get_certs(d->ccell, 2)->cert_type = 4; + certs_cell_get_certs(d->ccell, 3)->cert_type = 4; + REENCODE(); + }) +CERTS_FAIL(duplicate_link, /* ed25519 */ + { + require_failure_message = "Duplicate Ed25519 certificate"; + certs_cell_get_certs(d->ccell, 2)->cert_type = 5; + certs_cell_get_certs(d->ccell, 3)->cert_type = 5; + REENCODE(); + }) +CERTS_FAIL(duplicate_crosscert, /* ed25519 */ + { + require_failure_message = "Duplicate RSA->Ed25519 crosscert"; + certs_cell_get_certs(d->ccell, 2)->cert_type = 7; + certs_cell_get_certs(d->ccell, 3)->cert_type = 7; + REENCODE(); + }) +static void +test_link_handshake_recv_certs_missing_id(void *arg) /* ed25519 */ +{ + certs_data_t *d = arg; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_set_certs(d->ccell, 2, certs_cell_get_certs(d->ccell, 4)); + certs_cell_set0_certs(d->ccell, 4, NULL); /* prevent free */ + certs_cell_setlen_certs(d->ccell, 4); + d->ccell->n_certs = 4; + REENCODE(); + + /* This handshake succeeds, but since we have no ID cert, we will + * just do the RSA handshake. */ + channel_tls_process_certs_cell(d->cell, d->chan); + tt_int_op(0, ==, mock_close_called); + tt_int_op(0, ==, d->c->handshake_state->authenticated_ed25519); + tt_int_op(1, ==, d->c->handshake_state->authenticated_rsa); + done: + ; +} +CERTS_FAIL(missing_signing_key, /* ed25519 */ + { + require_failure_message = "No Ed25519 signing key"; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 2); + tt_int_op(cert->cert_type, ==, CERTTYPE_ED_ID_SIGN); + /* replace this with a valid master->signing cert, but with no + * signing key. */ + const ed25519_keypair_t *mk = get_master_identity_keypair(); + const ed25519_keypair_t *sk = get_master_signing_keypair(); + tor_cert_t *bad_cert = tor_cert_create(mk, CERT_TYPE_ID_SIGNING, + &sk->pubkey, time(NULL), 86400, + 0 /* don't include signer */); + certs_cell_cert_setlen_body(cert, bad_cert->encoded_len); + memcpy(certs_cell_cert_getarray_body(cert), + bad_cert->encoded, bad_cert->encoded_len); + cert->cert_len = bad_cert->encoded_len; + tor_cert_free(bad_cert); + REENCODE(); + }) +CERTS_FAIL(missing_link, /* ed25519 */ + { + require_failure_message = "No Ed25519 link key"; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_set_certs(d->ccell, 3, certs_cell_get_certs(d->ccell, 4)); + certs_cell_set0_certs(d->ccell, 4, NULL); /* prevent free */ + certs_cell_setlen_certs(d->ccell, 4); + d->ccell->n_certs = 4; + REENCODE(); + }) +CERTS_FAIL(missing_auth, /* ed25519 */ + { + d->c->handshake_state->started_here = 0; + d->c->handshake_state->certs->started_here = 0; + require_failure_message = "No Ed25519 link authentication key"; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_set_certs(d->ccell, 3, certs_cell_get_certs(d->ccell, 4)); + certs_cell_set0_certs(d->ccell, 4, NULL); /* prevent free */ + certs_cell_setlen_certs(d->ccell, 4); + d->ccell->n_certs = 4; + REENCODE(); + }) +CERTS_FAIL(missing_crosscert, /* ed25519 */ + { + require_failure_message = "Missing RSA->Ed25519 crosscert"; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_setlen_certs(d->ccell, 4); + d->ccell->n_certs = 4; + REENCODE(); + }) +CERTS_FAIL(missing_rsa_id, /* ed25519 */ + { + require_failure_message = "Missing legacy RSA ID cert"; + tt_int_op(certs_cell_getlen_certs(d->ccell), OP_EQ, 5); + certs_cell_set_certs(d->ccell, 1, certs_cell_get_certs(d->ccell, 4)); + certs_cell_set0_certs(d->ccell, 4, NULL); /* prevent free */ + certs_cell_setlen_certs(d->ccell, 4); + d->ccell->n_certs = 4; + REENCODE(); + }) +CERTS_FAIL(link_mismatch, /* ed25519 */ + { + require_failure_message = "Link certificate does not match " + "TLS certificate"; + const tor_x509_cert_t *idc; + tor_tls_get_my_certs(1, NULL, &idc); + tor_x509_cert_free(mock_peer_cert); + /* Pretend that the peer cert was something else. */ + mock_peer_cert = tor_x509_cert_dup(idc); + /* No reencode needed. */ + }) +CERTS_FAIL(bad_ed_sig, /* ed25519 */ + { + require_failure_message = "At least one Ed25519 certificate was " + "badly signed"; + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 3); + uint8_t *body = certs_cell_cert_getarray_body(cert); + ssize_t body_len = certs_cell_cert_getlen_body(cert); + /* Frob a byte in the signature */ + body[body_len - 13] ^= 7; + REENCODE(); + }) +CERTS_FAIL(bad_crosscert, /*ed25519*/ + { + require_failure_message = "Invalid RSA->Ed25519 crosscert"; + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 4); + uint8_t *body = certs_cell_cert_getarray_body(cert); + ssize_t body_len = certs_cell_cert_getlen_body(cert); + /* Frob a byte in the signature */ + body[body_len - 13] ^= 7; + REENCODE(); + }) +CERTS_FAIL(bad_rsa_id_cert, /*ed25519*/ + { + require_failure_message = "legacy RSA ID certificate was not valid"; + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 1); + uint8_t *body = certs_cell_cert_getarray_body(cert); + ssize_t body_len = certs_cell_cert_getlen_body(cert); + /* Frob a byte in the signature */ + body[body_len - 13] ^= 7; + REENCODE(); + }) +CERTS_FAIL(expired_rsa_id, /* both */ + { + require_failure_message = "Certificate already expired"; + /* we're going to replace the identity cert with an expired one. */ + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 1); + const tor_x509_cert_t *idc; + tor_tls_get_my_certs(1, NULL, &idc); + X509 *newc = X509_dup(idc->cert); + time_t new_end = time(NULL) - 86400 * 10; + X509_time_adj(X509_get_notAfter(newc), 0, &new_end); + EVP_PKEY *pk = crypto_pk_get_evp_pkey_(d->key2, 1); + tt_assert(X509_sign(newc, pk, EVP_sha1())); + int len = i2d_X509(newc, NULL); + certs_cell_cert_setlen_body(cert, len); + uint8_t *body = certs_cell_cert_getarray_body(cert); + int len2 = i2d_X509(newc, &body); + tt_int_op(len, ==, len2); + REENCODE(); + X509_free(newc); + EVP_PKEY_free(pk); + }) +CERTS_FAIL(expired_ed_id, /* ed25519 */ + { + /* we're going to replace the Ed Id->sign cert with an expired one. */ + require_failure_message = "At least one certificate expired"; + /* We don't need to re-sign, since we check for expiration first. */ + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 2); + uint8_t *body = certs_cell_cert_getarray_body(cert); + /* The expiration field is bytes [2..5]. It is in HOURS since the + * epoch. */ + set_uint32(body+2, htonl(24)); /* Back to jan 2, 1970. */ + REENCODE(); + }) +CERTS_FAIL(expired_ed_link, /* ed25519 */ + { + /* we're going to replace the Ed Sign->link cert with an expired one. */ + require_failure_message = "At least one certificate expired"; + /* We don't need to re-sign, since we check for expiration first. */ + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 3); + uint8_t *body = certs_cell_cert_getarray_body(cert); + /* The expiration field is bytes [2..5]. It is in HOURS since the + * epoch. */ + set_uint32(body+2, htonl(24)); /* Back to jan 2, 1970. */ + REENCODE(); + }) +CERTS_FAIL(expired_crosscert, /* ed25519 */ + { + /* we're going to replace the Ed Sign->link cert with an expired one. */ + require_failure_message = "Crosscert is expired"; + /* We don't need to re-sign, since we check for expiration first. */ + certs_cell_cert_t *cert = certs_cell_get_certs(d->ccell, 4); + uint8_t *body = certs_cell_cert_getarray_body(cert); + /* The expiration field is bytes [32..35]. once again, HOURS. */ + set_uint32(body+32, htonl(24)); /* Back to jan 2, 1970. */ + REENCODE(); + }) + CERTS_FAIL(wrong_labels_1, { require_failure_message = "The link certificate was not valid"; @@ -441,21 +859,26 @@ CERTS_FAIL(wrong_labels_2, }) CERTS_FAIL(wrong_labels_3, { - require_failure_message = "The certs we wanted were missing"; + require_failure_message = + "The certs we wanted (ID, Link) were missing"; certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 1)->cert_type = 3; REENCODE(); }) CERTS_FAIL(server_missing_certs, { - require_failure_message = "The certs we wanted were missing"; + require_failure_message = + "The certs we wanted (ID, Auth) were missing"; d->c->handshake_state->started_here = 0; + d->c->handshake_state->certs->started_here = 0; + }) CERTS_FAIL(server_wrong_labels_1, { require_failure_message = "The authentication certificate was not valid"; d->c->handshake_state->started_here = 0; + d->c->handshake_state->certs->started_here = 0; certs_cell_get_certs(d->ccell, 0)->cert_type = 2; certs_cell_get_certs(d->ccell, 1)->cert_type = 3; REENCODE(); @@ -478,15 +901,15 @@ test_link_handshake_send_authchallenge(void *arg) cell1 = mock_got_var_cell; tt_int_op(0, ==, connection_or_send_auth_challenge_cell(c1)); cell2 = mock_got_var_cell; - tt_int_op(36, ==, cell1->payload_len); - tt_int_op(36, ==, cell2->payload_len); + tt_int_op(38, ==, cell1->payload_len); + tt_int_op(38, ==, cell2->payload_len); tt_int_op(0, ==, cell1->circ_id); tt_int_op(0, ==, cell2->circ_id); tt_int_op(CELL_AUTH_CHALLENGE, ==, cell1->command); tt_int_op(CELL_AUTH_CHALLENGE, ==, cell2->command); - tt_mem_op("\x00\x01\x00\x01", ==, cell1->payload + 32, 4); - tt_mem_op("\x00\x01\x00\x01", ==, cell2->payload + 32, 4); + tt_mem_op("\x00\x02\x00\x01\x00\x03", ==, cell1->payload + 32, 6); + tt_mem_op("\x00\x02\x00\x01\x00\x03", ==, cell2->payload + 32, 6); tt_mem_op(cell1->payload, !=, cell2->payload, 32); done: @@ -538,9 +961,9 @@ recv_authchallenge_setup(const struct testcase_t *test) d->c->handshake_state->received_certs_cell = 1; d->cell = var_cell_new(128); d->cell->payload_len = 38; - d->cell->payload[33] = 2; - d->cell->payload[35] = 7; - d->cell->payload[37] = 1; + d->cell->payload[33] = 2; /* 2 methods */ + d->cell->payload[35] = 7; /* This one isn't real */ + d->cell->payload[37] = 1; /* This is the old RSA one. */ d->cell->command = CELL_AUTH_CHALLENGE; get_options_mutable()->ORPort_set = 1; @@ -548,7 +971,6 @@ recv_authchallenge_setup(const struct testcase_t *test) MOCK(connection_or_close_for_error, mock_close_for_err); MOCK(connection_or_send_netinfo, mock_send_netinfo); MOCK(connection_or_send_authenticate_cell, mock_send_authenticate); - tt_int_op(0, ==, d->c->handshake_state->received_auth_challenge); tt_int_op(0, ==, mock_send_authenticate_called); tt_int_op(0, ==, mock_send_netinfo_called); @@ -574,6 +996,26 @@ test_link_handshake_recv_authchallenge_ok(void *arg) tt_int_op(1, ==, d->c->handshake_state->received_auth_challenge); tt_int_op(1, ==, mock_send_authenticate_called); tt_int_op(1, ==, mock_send_netinfo_called); + tt_int_op(1, ==, mock_send_authenticate_called_with_type); /* RSA */ + done: + ; +} + +static void +test_link_handshake_recv_authchallenge_ok_ed25519(void *arg) +{ + authchallenge_data_t *d = arg; + + /* Add the ed25519 authentication mechanism here. */ + d->cell->payload[33] = 3; /* 3 types are supported now. */ + d->cell->payload[39] = 3; + d->cell->payload_len += 2; + channel_tls_process_auth_challenge_cell(d->cell, d->chan); + tt_int_op(0, ==, mock_close_called); + tt_int_op(1, ==, d->c->handshake_state->received_auth_challenge); + tt_int_op(1, ==, mock_send_authenticate_called); + tt_int_op(1, ==, mock_send_netinfo_called); + tt_int_op(3, ==, mock_send_authenticate_called_with_type); /* Ed25519 */ done: ; } @@ -637,7 +1079,8 @@ AUTHCHALLENGE_FAIL(badproto, AUTHCHALLENGE_FAIL(as_server, require_failure_message = "We didn't originate this " "connection"; - d->c->handshake_state->started_here = 0;) + d->c->handshake_state->started_here = 0; + d->c->handshake_state->certs->started_here = 0;) AUTHCHALLENGE_FAIL(duplicate, require_failure_message = "We already received one"; d->c->handshake_state->received_auth_challenge = 1) @@ -655,14 +1098,6 @@ AUTHCHALLENGE_FAIL(nonzero_circid, require_failure_message = "It had a nonzero circuit ID"; d->cell->circ_id = 1337) -static tor_x509_cert_t *mock_peer_cert = NULL; -static tor_x509_cert_t * -mock_get_peer_cert(tor_tls_t *tls) -{ - (void)tls; - return mock_peer_cert; -} - static int mock_get_tlssecrets(tor_tls_t *tls, uint8_t *secrets_out) { @@ -682,6 +1117,7 @@ mock_set_circid_type(channel_t *chan, } typedef struct authenticate_data_s { + int is_ed; or_connection_t *c1, *c2; channel_tls_t *chan2; var_cell_t *cell; @@ -697,11 +1133,12 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg) UNMOCK(tor_tls_get_tlssecrets); UNMOCK(connection_or_close_for_error); UNMOCK(channel_set_circid_type); + UNMOCK(tor_tls_export_key_material); authenticate_data_t *d = arg; if (d) { tor_free(d->cell); - connection_or_remove_from_identity_map(d->c1); - connection_or_remove_from_identity_map(d->c2); + connection_or_clear_identity(d->c1); + connection_or_clear_identity(d->c2); connection_free_(TO_CONN(d->c1)); connection_free_(TO_CONN(d->c2)); circuitmux_free(d->chan2->base_.cmux); @@ -711,7 +1148,6 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg) tor_free(d); } mock_peer_cert = NULL; - return 1; } @@ -719,6 +1155,7 @@ static void * authenticate_data_setup(const struct testcase_t *test) { authenticate_data_t *d = tor_malloc_zero(sizeof(*d)); + int is_ed = d->is_ed = (test->setup_data == (void*)3); scheduler_init(); @@ -727,6 +1164,7 @@ authenticate_data_setup(const struct testcase_t *test) MOCK(tor_tls_get_tlssecrets, mock_get_tlssecrets); MOCK(connection_or_close_for_error, mock_close_for_err); MOCK(channel_set_circid_type, mock_set_circid_type); + MOCK(tor_tls_export_key_material, mock_export_key_material); d->c1 = or_connection_new(CONN_TYPE_OR, AF_INET); d->c2 = or_connection_new(CONN_TYPE_OR, AF_INET); tor_addr_from_ipv4h(&d->c1->base_.addr, 0x01020304); @@ -737,6 +1175,8 @@ authenticate_data_setup(const struct testcase_t *test) tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, d->key1, d->key2, 86400), ==, 0); + init_mock_ed_keys(d->key2); + d->c1->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3; d->c1->link_proto = 3; tt_int_op(connection_init_or_handshake_state(d->c1, 1), ==, 0); @@ -767,19 +1207,34 @@ authenticate_data_setup(const struct testcase_t *test) const uint8_t *der; size_t sz; tor_x509_cert_get_der(id_cert, &der, &sz); - d->c1->handshake_state->id_cert = tor_x509_cert_decode(der, sz); - d->c2->handshake_state->id_cert = tor_x509_cert_decode(der, sz); + d->c1->handshake_state->certs->id_cert = tor_x509_cert_decode(der, sz); + d->c2->handshake_state->certs->id_cert = tor_x509_cert_decode(der, sz); + + if (is_ed) { + d->c1->handshake_state->certs->ed_id_sign = + tor_cert_dup(get_master_signing_key_cert()); + d->c2->handshake_state->certs->ed_id_sign = + tor_cert_dup(get_master_signing_key_cert()); + d->c2->handshake_state->certs->ed_sign_auth = + tor_cert_dup(get_current_auth_key_cert()); + } else { + tt_assert(! tor_tls_get_my_certs(0, &auth_cert, &id_cert)); + tor_x509_cert_get_der(auth_cert, &der, &sz); + d->c2->handshake_state->certs->auth_cert = tor_x509_cert_decode(der, sz); + } tor_x509_cert_get_der(link_cert, &der, &sz); mock_peer_cert = tor_x509_cert_decode(der, sz); tt_assert(mock_peer_cert); - tt_assert(! tor_tls_get_my_certs(0, &auth_cert, &id_cert)); - tor_x509_cert_get_der(auth_cert, &der, &sz); - d->c2->handshake_state->auth_cert = tor_x509_cert_decode(der, sz); /* Make an authenticate cell ... */ - tt_int_op(0, ==, connection_or_send_authenticate_cell(d->c1, - AUTHTYPE_RSA_SHA256_TLSSECRET)); + int authtype; + if (is_ed) + authtype = AUTHTYPE_ED25519_SHA256_RFC5705; + else + authtype = AUTHTYPE_RSA_SHA256_TLSSECRET; + tt_int_op(0, ==, connection_or_send_authenticate_cell(d->c1, authtype)); + tt_assert(mock_got_var_cell); d->cell = mock_got_var_cell; mock_got_var_cell = NULL; @@ -805,42 +1260,64 @@ test_link_handshake_auth_cell(void *arg) /* Is the cell well-formed on the outer layer? */ tt_int_op(d->cell->command, ==, CELL_AUTHENTICATE); tt_int_op(d->cell->payload[0], ==, 0); - tt_int_op(d->cell->payload[1], ==, 1); + if (d->is_ed) + tt_int_op(d->cell->payload[1], ==, 3); + else + tt_int_op(d->cell->payload[1], ==, 1); tt_int_op(ntohs(get_uint16(d->cell->payload + 2)), ==, d->cell->payload_len - 4); /* Check it out for plausibility... */ auth_ctx_t ctx; - ctx.is_ed = 0; + ctx.is_ed = d->is_ed; tt_int_op(d->cell->payload_len-4, ==, auth1_parse(&auth1, d->cell->payload+4, d->cell->payload_len - 4, &ctx)); tt_assert(auth1); - tt_mem_op(auth1->type, ==, "AUTH0001", 8); + if (d->is_ed) { + tt_mem_op(auth1->type, ==, "AUTH0003", 8); + } else { + tt_mem_op(auth1->type, ==, "AUTH0001", 8); + } tt_mem_op(auth1->tlssecrets, ==, "int getRandomNumber(){return 4;}", 32); - tt_int_op(auth1_getlen_sig(auth1), >, 120); /* Is the signature okay? */ - uint8_t sig[128]; - uint8_t digest[32]; - - auth_pubkey = tor_tls_cert_get_key(d->c2->handshake_state->auth_cert); - int n = crypto_pk_public_checksig( + const uint8_t *start = d->cell->payload+4, *end = auth1->end_of_signed; + if (d->is_ed) { + ed25519_signature_t sig; + tt_int_op(auth1_getlen_sig(auth1), ==, ED25519_SIG_LEN); + memcpy(&sig.sig, auth1_getarray_sig(auth1), ED25519_SIG_LEN); + tt_assert(!ed25519_checksig(&sig, start, end-start, + &get_current_auth_keypair()->pubkey)); + } else { + uint8_t sig[128]; + uint8_t digest[32]; + tt_int_op(auth1_getlen_sig(auth1), >, 120); + auth_pubkey = tor_tls_cert_get_key( + d->c2->handshake_state->certs->auth_cert); + int n = crypto_pk_public_checksig( auth_pubkey, (char*)sig, sizeof(sig), (char*)auth1_getarray_sig(auth1), auth1_getlen_sig(auth1)); - tt_int_op(n, ==, 32); - const uint8_t *start = d->cell->payload+4, *end = auth1->end_of_signed; - crypto_digest256((char*)digest, - (const char*)start, end-start, DIGEST_SHA256); - tt_mem_op(sig, ==, digest, 32); + tt_int_op(n, ==, 32); + crypto_digest256((char*)digest, + (const char*)start, end-start, DIGEST_SHA256); + tt_mem_op(sig, ==, digest, 32); + } /* Then feed it to c2. */ tt_int_op(d->c2->handshake_state->authenticated, ==, 0); channel_tls_process_authenticate_cell(d->cell, d->chan2); tt_int_op(mock_close_called, ==, 0); tt_int_op(d->c2->handshake_state->authenticated, ==, 1); + if (d->is_ed) { + tt_int_op(d->c2->handshake_state->authenticated_ed25519, ==, 1); + tt_int_op(d->c2->handshake_state->authenticated_rsa, ==, 1); + } else { + tt_int_op(d->c2->handshake_state->authenticated_ed25519, ==, 0); + tt_int_op(d->c2->handshake_state->authenticated_rsa, ==, 1); + } done: auth1_free(auth1); @@ -874,7 +1351,8 @@ AUTHENTICATE_FAIL(badproto, d->c2->link_proto = 2) AUTHENTICATE_FAIL(atclient, require_failure_message = "We originated this connection"; - d->c2->handshake_state->started_here = 1) + d->c2->handshake_state->started_here = 1; + d->c2->handshake_state->certs->started_here = 1;) AUTHENTICATE_FAIL(duplicate, require_failure_message = "We already got one"; d->c2->handshake_state->received_authenticate = 1) @@ -898,13 +1376,13 @@ AUTHENTICATE_FAIL(nocerts, AUTHENTICATE_FAIL(noidcert, require_failure_message = "We never got an identity " "certificate"; - tor_x509_cert_free(d->c2->handshake_state->id_cert); - d->c2->handshake_state->id_cert = NULL) + tor_x509_cert_free(d->c2->handshake_state->certs->id_cert); + d->c2->handshake_state->certs->id_cert = NULL) AUTHENTICATE_FAIL(noauthcert, - require_failure_message = "We never got an authentication " - "certificate"; - tor_x509_cert_free(d->c2->handshake_state->auth_cert); - d->c2->handshake_state->auth_cert = NULL) + require_failure_message = "We never got an RSA " + "authentication certificate"; + tor_x509_cert_free(d->c2->handshake_state->certs->auth_cert); + d->c2->handshake_state->certs->auth_cert = NULL) AUTHENTICATE_FAIL(tooshort, require_failure_message = "Cell was way too short"; d->cell->payload_len = 3) @@ -928,11 +1406,33 @@ AUTHENTICATE_FAIL(badcontent, "cell body was not as expected"; d->cell->payload[10] ^= 0xff) AUTHENTICATE_FAIL(badsig_1, - require_failure_message = "Signature wasn't valid"; + if (d->is_ed) + require_failure_message = "Ed25519 signature wasn't valid"; + else + require_failure_message = "RSA signature wasn't valid"; d->cell->payload[d->cell->payload_len - 5] ^= 0xff) - -#define TEST(name, flags) \ - { #name , test_link_handshake_ ## name, (flags), NULL, NULL } +AUTHENTICATE_FAIL(missing_ed_id, + { + tor_cert_free(d->c2->handshake_state->certs->ed_id_sign); + d->c2->handshake_state->certs->ed_id_sign = NULL; + require_failure_message = "Ed authenticate without Ed ID " + "cert from peer"; + }) +AUTHENTICATE_FAIL(missing_ed_auth, + { + tor_cert_free(d->c2->handshake_state->certs->ed_sign_auth); + d->c2->handshake_state->certs->ed_sign_auth = NULL; + require_failure_message = "We never got an Ed25519 " + "authentication certificate"; + }) + +#define TEST_RSA(name, flags) \ + { #name , test_link_handshake_ ## name, (flags), \ + &passthrough_setup, (void*)"RSA" } + +#define TEST_ED(name, flags) \ + { #name "_ed25519" , test_link_handshake_ ## name, (flags), \ + &passthrough_setup, (void*)"Ed25519" } #define TEST_RCV_AUTHCHALLENGE(name) \ { "recv_authchallenge/" #name , \ @@ -942,17 +1442,34 @@ AUTHENTICATE_FAIL(badsig_1, #define TEST_RCV_CERTS(name) \ { "recv_certs/" #name , \ test_link_handshake_recv_certs_ ## name, TT_FORK, \ - &setup_recv_certs, NULL } + &setup_recv_certs, (void*)"RSA-Link" } + +#define TEST_RCV_CERTS_RSA(name,type) \ + { "recv_certs/" #name , \ + test_link_handshake_recv_certs_ ## name, TT_FORK, \ + &setup_recv_certs, (void*)type } + +#define TEST_RCV_CERTS_ED(name, type) \ + { "recv_certs/" #name "_ed25519", \ + test_link_handshake_recv_certs_ ## name, TT_FORK, \ + &setup_recv_certs, (void*)type } #define TEST_AUTHENTICATE(name) \ { "authenticate/" #name , test_link_handshake_auth_ ## name, TT_FORK, \ &setup_authenticate, NULL } +#define TEST_AUTHENTICATE_ED(name) \ + { "authenticate/" #name "_ed25519" , test_link_handshake_auth_ ## name, \ + TT_FORK, &setup_authenticate, (void*)3 } + struct testcase_t link_handshake_tests[] = { - TEST(certs_ok, TT_FORK), - //TEST(certs_bad, TT_FORK), + TEST_RSA(certs_ok, TT_FORK), + TEST_ED(certs_ok, TT_FORK), + TEST_RCV_CERTS(ok), - TEST_RCV_CERTS(ok_server), + TEST_RCV_CERTS_ED(ok, "Ed25519-Link"), + TEST_RCV_CERTS_RSA(ok_server, "RSA-Auth"), + TEST_RCV_CERTS_ED(ok_server, "Ed25519-Auth"), TEST_RCV_CERTS(badstate), TEST_RCV_CERTS(badproto), TEST_RCV_CERTS(duplicate), @@ -962,18 +1479,41 @@ struct testcase_t link_handshake_tests[] = { TEST_RCV_CERTS(truncated_1), TEST_RCV_CERTS(truncated_2), TEST_RCV_CERTS(truncated_3), + TEST_RCV_CERTS_ED(truncated_4, "Ed25519-Link"), + TEST_RCV_CERTS_ED(truncated_5, "Ed25519-Link"), + TEST_RCV_CERTS_ED(truncated_6, "Ed25519-Link"), + TEST_RCV_CERTS_ED(truncated_7, "Ed25519-Link"), TEST_RCV_CERTS(not_x509), TEST_RCV_CERTS(both_link), TEST_RCV_CERTS(both_id_rsa), TEST_RCV_CERTS(both_auth), + TEST_RCV_CERTS_ED(duplicate_id, "Ed25519-Link"), + TEST_RCV_CERTS_ED(duplicate_link, "Ed25519-Link"), + TEST_RCV_CERTS_ED(duplicate_crosscert, "Ed25519-Link"), + TEST_RCV_CERTS_ED(missing_crosscert, "Ed25519-Link"), + TEST_RCV_CERTS_ED(missing_id, "Ed25519-Link"), + TEST_RCV_CERTS_ED(missing_signing_key, "Ed25519-Link"), + TEST_RCV_CERTS_ED(missing_link, "Ed25519-Link"), + TEST_RCV_CERTS_ED(missing_auth, "Ed25519-Auth"), + TEST_RCV_CERTS_ED(missing_rsa_id, "Ed25519-Link"), + TEST_RCV_CERTS_ED(link_mismatch, "Ed25519-Link"), + TEST_RCV_CERTS_ED(bad_ed_sig, "Ed25519-Link"), + TEST_RCV_CERTS_ED(bad_rsa_id_cert, "Ed25519-Link"), + TEST_RCV_CERTS_ED(bad_crosscert, "Ed25519-Link"), + TEST_RCV_CERTS_RSA(expired_rsa_id, "RSA-Link"), + TEST_RCV_CERTS_ED(expired_rsa_id, "Ed25519-Link"), + TEST_RCV_CERTS_ED(expired_ed_id, "Ed25519-Link"), + TEST_RCV_CERTS_ED(expired_ed_link, "Ed25519-Link"), + TEST_RCV_CERTS_ED(expired_crosscert, "Ed25519-Link"), TEST_RCV_CERTS(wrong_labels_1), TEST_RCV_CERTS(wrong_labels_2), TEST_RCV_CERTS(wrong_labels_3), TEST_RCV_CERTS(server_missing_certs), TEST_RCV_CERTS(server_wrong_labels_1), - TEST(send_authchallenge, TT_FORK), + TEST_RSA(send_authchallenge, TT_FORK), TEST_RCV_AUTHCHALLENGE(ok), + TEST_RCV_AUTHCHALLENGE(ok_ed25519), TEST_RCV_AUTHCHALLENGE(ok_noserver), TEST_RCV_AUTHCHALLENGE(ok_unrecognized), TEST_RCV_AUTHCHALLENGE(badstate), @@ -986,6 +1526,7 @@ struct testcase_t link_handshake_tests[] = { TEST_RCV_AUTHCHALLENGE(nonzero_circid), TEST_AUTHENTICATE(cell), + TEST_AUTHENTICATE_ED(cell), TEST_AUTHENTICATE(badstate), TEST_AUTHENTICATE(badproto), TEST_AUTHENTICATE(atclient), @@ -1001,6 +1542,9 @@ struct testcase_t link_handshake_tests[] = { TEST_AUTHENTICATE(tooshort_1), TEST_AUTHENTICATE(badcontent), TEST_AUTHENTICATE(badsig_1), + TEST_AUTHENTICATE_ED(badsig_1), + TEST_AUTHENTICATE_ED(missing_ed_id), + TEST_AUTHENTICATE_ED(missing_ed_auth), //TEST_AUTHENTICATE(), END_OF_TESTCASES diff --git a/src/test/test_oom.c b/src/test/test_oom.c index 6102af01f5..0f97972032 100644 --- a/src/test/test_oom.c +++ b/src/test/test_oom.c @@ -15,6 +15,7 @@ #include "config.h" #include "relay.h" #include "test.h" +#include "test_helpers.h" /* small replacement mock for circuit_mark_for_close_ to avoid doing all * the other bookkeeping that comes with marking circuits. */ @@ -58,24 +59,6 @@ dummy_or_circuit_new(int n_p_cells, int n_n_cells) return TO_CIRCUIT(circ); } -static circuit_t * -dummy_origin_circuit_new(int n_cells) -{ - origin_circuit_t *circ = origin_circuit_new(); - int i; - cell_t cell; - - for (i=0; i < n_cells; ++i) { - crypto_rand((void*)&cell, sizeof(cell)); - cell_queue_append_packed_copy(TO_CIRCUIT(circ), - &TO_CIRCUIT(circ)->n_chan_cells, - 1, &cell, 1, 0); - } - - TO_CIRCUIT(circ)->purpose = CIRCUIT_PURPOSE_C_GENERAL; - return TO_CIRCUIT(circ); -} - static void add_bytes_to_buf(buf_t *buf, size_t n_bytes) { diff --git a/src/test/test_policy.c b/src/test/test_policy.c index 22f473f278..4df40f618e 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -527,10 +527,10 @@ test_policies_general(void *arg) { char *policy_strng = NULL; smartlist_t *chunks = smartlist_new(); - smartlist_add(chunks, tor_strdup("accept ")); + smartlist_add_strdup(chunks, "accept "); for (i=1; i<10000; ++i) smartlist_add_asprintf(chunks, "%d,", i); - smartlist_add(chunks, tor_strdup("20000")); + smartlist_add_strdup(chunks, "20000"); policy_strng = smartlist_join_strings(chunks, "", 0, NULL); SMARTLIST_FOREACH(chunks, char *, ch, tor_free(ch)); smartlist_free(chunks); @@ -544,9 +544,9 @@ test_policies_general(void *arg) for (i=1; i<2000; i+=2) { char buf[POLICY_BUF_LEN]; tor_snprintf(buf, sizeof(buf), "reject *:%d", i); - smartlist_add(sm, tor_strdup(buf)); + smartlist_add_strdup(sm, buf); } - smartlist_add(sm, tor_strdup("accept *:*")); + smartlist_add_strdup(sm, "accept *:*"); policy_str = smartlist_join_strings(sm, ",", 0, NULL); test_policy_summary_helper( policy_str, "accept 2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44," diff --git a/src/test/test_pt.c b/src/test/test_pt.c index e5cdc5f3cd..f93019f1c4 100644 --- a/src/test/test_pt.c +++ b/src/test/test_pt.c @@ -155,9 +155,9 @@ test_pt_get_transport_options(void *arg) opt_str = get_transport_options_for_server_proxy(mp); tt_ptr_op(opt_str, OP_EQ, NULL); - smartlist_add(mp->transports_to_launch, tor_strdup("gruyere")); - smartlist_add(mp->transports_to_launch, tor_strdup("roquefort")); - smartlist_add(mp->transports_to_launch, tor_strdup("stnectaire")); + smartlist_add_strdup(mp->transports_to_launch, "gruyere"); + smartlist_add_strdup(mp->transports_to_launch, "roquefort"); + smartlist_add_strdup(mp->transports_to_launch, "stnectaire"); tt_assert(options); @@ -305,7 +305,7 @@ tor_get_lines_from_handle_replacement(STDIN_HANDLE *handle, smartlist_add_asprintf(retval_sl, "SMETHOD mock%d 127.0.0.1:555%d", times_called, times_called); } else { - smartlist_add(retval_sl, tor_strdup("SMETHODS DONE")); + smartlist_add_strdup(retval_sl, "SMETHODS DONE"); } return retval_sl; diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index a5d3f351f8..7f72e441ee 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -10,6 +10,7 @@ #include "router.h" #include "routerlist.h" #include "config.h" +#include "hs_common.h" #include <openssl/rsa.h> #include "rend_test_helpers.h" #include "log_test_helpers.h" @@ -24,15 +25,16 @@ static const int TIME_IN_THE_FUTURE = REND_CACHE_MAX_SKEW + 60; static rend_data_t * mock_rend_data(const char *onion_address) { - rend_data_t *rend_query = tor_malloc_zero(sizeof(rend_data_t)); + rend_data_v2_t *v2_data = tor_malloc_zero(sizeof(*v2_data)); + rend_data_t *rend_query = &v2_data->base_; + rend_query->version = 2; - strlcpy(rend_query->onion_address, onion_address, - sizeof(rend_query->onion_address)); - rend_query->auth_type = REND_NO_AUTH; + strlcpy(v2_data->onion_address, onion_address, + sizeof(v2_data->onion_address)); + v2_data->auth_type = REND_NO_AUTH; rend_query->hsdirs_fp = smartlist_new(); smartlist_add(rend_query->hsdirs_fp, tor_memdup("aaaaaaaaaaaaaaaaaaaaaaaa", DIGEST_LEN)); - return rend_query; } @@ -144,7 +146,8 @@ test_rend_cache_store_v2_desc_as_client(void *data) // Test mismatch between service ID and onion address rend_cache_init(); - strncpy(mock_rend_query->onion_address, "abc", REND_SERVICE_ID_LEN_BASE32+1); + strncpy(TO_REND_DATA_V2(mock_rend_query)->onion_address, "abc", + REND_SERVICE_ID_LEN_BASE32+1); ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str, desc_id_base32, mock_rend_query, NULL); @@ -230,9 +233,9 @@ test_rend_cache_store_v2_desc_as_client(void *data) generate_desc(RECENT_TIME, &desc_holder, &service_id, 3); mock_rend_query = mock_rend_data(service_id); - mock_rend_query->auth_type = REND_BASIC_AUTH; + TO_REND_DATA_V2(mock_rend_query)->auth_type = REND_BASIC_AUTH; client_cookie[0] = 'A'; - memcpy(mock_rend_query->descriptor_cookie, client_cookie, + memcpy(TO_REND_DATA_V2(mock_rend_query)->descriptor_cookie, client_cookie, REND_DESC_COOKIE_LEN); base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id, DIGEST_LEN); @@ -250,7 +253,7 @@ test_rend_cache_store_v2_desc_as_client(void *data) generate_desc(RECENT_TIME, &desc_holder, &service_id, 3); mock_rend_query = mock_rend_data(service_id); - mock_rend_query->auth_type = REND_BASIC_AUTH; + TO_REND_DATA_V2(mock_rend_query)->auth_type = REND_BASIC_AUTH; base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id, DIGEST_LEN); ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str, @@ -1078,9 +1081,10 @@ static void test_rend_cache_clean_v2_descs_as_dir(void *data) { rend_cache_entry_t *e; - time_t now; + time_t now, cutoff; rend_service_descriptor_t *desc; now = time(NULL); + cutoff = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW); const char key[DIGEST_LEN] = "abcde"; (void)data; @@ -1088,7 +1092,7 @@ test_rend_cache_clean_v2_descs_as_dir(void *data) rend_cache_init(); // Test running with an empty cache - rend_cache_clean_v2_descs_as_dir(now, 0); + rend_cache_clean_v2_descs_as_dir(cutoff); tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0); // Test with only one new entry @@ -1100,38 +1104,15 @@ test_rend_cache_clean_v2_descs_as_dir(void *data) e->parsed = desc; digestmap_set(rend_cache_v2_dir, key, e); - rend_cache_clean_v2_descs_as_dir(now, 0); + /* Set the cutoff to minus 10 seconds. */ + rend_cache_clean_v2_descs_as_dir(cutoff - 10); tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1); // Test with one old entry - desc->timestamp = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW + 1000); - rend_cache_clean_v2_descs_as_dir(now, 0); - tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0); - - // Test with one entry that has an old last served - e = tor_malloc_zero(sizeof(rend_cache_entry_t)); - e->last_served = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW + 1000); - desc = tor_malloc_zero(sizeof(rend_service_descriptor_t)); - desc->timestamp = now; - desc->pk = pk_generate(0); - e->parsed = desc; - digestmap_set(rend_cache_v2_dir, key, e); - - rend_cache_clean_v2_descs_as_dir(now, 0); + desc->timestamp = cutoff - 1000; + rend_cache_clean_v2_descs_as_dir(cutoff); tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0); - // Test a run through asking for a large force_remove - e = tor_malloc_zero(sizeof(rend_cache_entry_t)); - e->last_served = now; - desc = tor_malloc_zero(sizeof(rend_service_descriptor_t)); - desc->timestamp = now; - desc->pk = pk_generate(0); - e->parsed = desc; - digestmap_set(rend_cache_v2_dir, key, e); - - rend_cache_clean_v2_descs_as_dir(now, 20000); - tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1); - done: rend_cache_free_all(); } diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c index 24b0da1c46..64692d28a0 100644 --- a/src/test/test_routerkeys.c +++ b/src/test/test_routerkeys.c @@ -614,6 +614,66 @@ test_routerkeys_cross_certify_tap(void *args) crypto_pk_free(onion_key); } +static void +test_routerkeys_rsa_ed_crosscert(void *arg) +{ + (void)arg; + ed25519_public_key_t ed; + crypto_pk_t *rsa = pk_generate(2); + + uint8_t *cc = NULL; + ssize_t cc_len; + time_t expires_in = 1470846177; + + tt_int_op(0, OP_EQ, ed25519_public_from_base64(&ed, + "ThisStringCanContainAnythingSoNoKeyHereNowX")); + cc_len = tor_make_rsa_ed25519_crosscert(&ed, rsa, expires_in, &cc); + + tt_int_op(cc_len, OP_GT, 0); + tt_int_op(cc_len, OP_GT, 37); /* key, expires, siglen */ + tt_mem_op(cc, OP_EQ, ed.pubkey, 32); + time_t expires_out = 3600 * ntohl(get_uint32(cc+32)); + tt_int_op(expires_out, OP_GE, expires_in); + tt_int_op(expires_out, OP_LE, expires_in + 3600); + + tt_int_op(cc_len, OP_EQ, 37 + get_uint8(cc+36)); + + tt_int_op(0, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed, + expires_in - 10)); + + /* Now try after it has expired */ + tt_int_op(-4, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed, + expires_out + 1)); + + /* Truncated object */ + tt_int_op(-2, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len - 2, rsa, &ed, + expires_in - 10)); + + /* Key not as expected */ + cc[0] ^= 3; + tt_int_op(-3, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed, + expires_in - 10)); + cc[0] ^= 3; + + /* Bad signature */ + cc[40] ^= 3; + tt_int_op(-5, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed, + expires_in - 10)); + cc[40] ^= 3; + + /* Signature of wrong data */ + cc[0] ^= 3; + ed.pubkey[0] ^= 3; + tt_int_op(-6, OP_EQ, rsa_ed25519_crosscert_check(cc, cc_len, rsa, &ed, + expires_in - 10)); + cc[0] ^= 3; + ed.pubkey[0] ^= 3; + + done: + crypto_pk_free(rsa); + tor_free(cc); +} + #define TEST(name, flags) \ { #name , test_routerkeys_ ## name, (flags), NULL, NULL } @@ -626,6 +686,7 @@ struct testcase_t routerkeys_tests[] = { TEST(ed_keys_init_all, TT_FORK), TEST(cross_certify_ntor, 0), TEST(cross_certify_tap, 0), + TEST(rsa_ed_crosscert, 0), END_OF_TESTCASES }; diff --git a/src/test/test_routerlist.c b/src/test/test_routerlist.c index 088bd257c3..af5c121ce2 100644 --- a/src/test/test_routerlist.c +++ b/src/test/test_routerlist.c @@ -15,6 +15,7 @@ #include "container.h" #include "directory.h" #include "dirvote.h" +#include "entrynodes.h" #include "microdesc.h" #include "networkstatus.h" #include "nodelist.h" @@ -203,6 +204,53 @@ mock_usable_consensus_flavor(void) return mock_usable_consensus_flavor_value; } +static smartlist_t *mock_is_guard_list = NULL; + +static int +mock_is_node_used_as_guard(const node_t *n) +{ + if (mock_is_guard_list) { + SMARTLIST_FOREACH_BEGIN(mock_is_guard_list, node_t *, e) { + if (e == n) return 1; + } SMARTLIST_FOREACH_END(e); + } + + return 0; +} + +static void +mark_node_used_as_guard(node_t *n) +{ + if (!n) return; + + if (!mock_is_guard_list) { + mock_is_guard_list = smartlist_new(); + } + + if (!mock_is_node_used_as_guard(n)) { + smartlist_add(mock_is_guard_list, n); + } +} + +static void +mark_node_unused_as_guard(node_t *n) +{ + if (!n) return; + + if (!mock_is_guard_list) return; + + smartlist_remove(mock_is_guard_list, n); +} + +static void +clear_mock_guard_list(void) +{ + if (mock_is_guard_list) { + smartlist_free(mock_is_guard_list); + mock_is_guard_list = NULL; + } +} + static void test_router_pick_directory_server_impl(void *arg) { @@ -223,6 +271,7 @@ test_router_pick_directory_server_impl(void *arg) (void)arg; MOCK(usable_consensus_flavor, mock_usable_consensus_flavor); + MOCK(is_node_used_as_guard, mock_is_node_used_as_guard); /* With no consensus, we must be bootstrapping, regardless of time or flavor */ @@ -336,28 +385,28 @@ test_router_pick_directory_server_impl(void *arg) node_router3->is_valid = 1; flags |= PDS_FOR_GUARD; - node_router1->using_as_guard = 1; - node_router2->using_as_guard = 1; - node_router3->using_as_guard = 1; + mark_node_used_as_guard(node_router1); + mark_node_used_as_guard(node_router2); + mark_node_used_as_guard(node_router3); rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL); tt_assert(rs == NULL); - node_router1->using_as_guard = 0; + mark_node_unused_as_guard(node_router1); rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL); tt_assert(rs != NULL); tt_assert(tor_memeq(rs->identity_digest, router1_id, DIGEST_LEN)); rs = NULL; - node_router2->using_as_guard = 0; - node_router3->using_as_guard = 0; + mark_node_unused_as_guard(node_router2); + mark_node_unused_as_guard(node_router3); /* One not valid, one guard. This should leave one remaining */ node_router1->is_valid = 0; - node_router2->using_as_guard = 1; + mark_node_used_as_guard(node_router2); rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL); tt_assert(rs != NULL); tt_assert(tor_memeq(rs->identity_digest, router3_id, DIGEST_LEN)); rs = NULL; node_router1->is_valid = 1; - node_router2->using_as_guard = 0; + mark_node_unused_as_guard(node_router2); /* Manipulate overloaded */ @@ -420,6 +469,9 @@ test_router_pick_directory_server_impl(void *arg) done: UNMOCK(usable_consensus_flavor); + UNMOCK(is_node_used_as_guard); + clear_mock_guard_list(); + if (router1_id) tor_free(router1_id); if (router2_id) diff --git a/src/test/test_routerset.c b/src/test/test_routerset.c index 1b526d430b..7efd042ed5 100644 --- a/src/test/test_routerset.c +++ b/src/test/test_routerset.c @@ -623,7 +623,7 @@ NS(test_main)(void *arg) (void)arg; tgt = routerset_new(); - smartlist_add(src->list, tor_strdup("{xx}")); + smartlist_add_strdup(src->list, "{xx}"); routerset_union(tgt, src); tt_int_op(smartlist_len(tgt->list), OP_NE, 0); @@ -745,7 +745,7 @@ NS(test_main)(void *arg) tt_int_op(is_empty, OP_NE, 0); set = routerset_new(); - smartlist_add(set->list, tor_strdup("{xx}")); + smartlist_add_strdup(set->list, "{xx}"); is_empty = routerset_is_empty(set); routerset_free(set); set = NULL; @@ -1616,7 +1616,7 @@ NS(test_main)(void *arg) NS_MOCK(node_get_by_nickname); NS(mock_nickname) = "foo"; - smartlist_add(set->list, tor_strdup(NS(mock_nickname))); + smartlist_add_strdup(set->list, NS(mock_nickname)); routerset_get_all_nodes(out, set, NULL, 0); out_len = smartlist_len(out); @@ -1667,7 +1667,7 @@ NS(test_main)(void *arg) NS(mock_node).is_running = 0; NS(mock_nickname) = "foo"; - smartlist_add(set->list, tor_strdup(NS(mock_nickname))); + smartlist_add_strdup(set->list, NS(mock_nickname)); routerset_get_all_nodes(out, set, NULL, 1); out_len = smartlist_len(out); @@ -1766,7 +1766,7 @@ NS(test_main)(void *arg) NS_MOCK(nodelist_get_list); - smartlist_add(set->country_names, tor_strdup("{xx}")); + smartlist_add_strdup(set->country_names, "{xx}"); NS(mock_smartlist) = smartlist_new(); routerset_get_all_nodes(out, set, NULL, 1); @@ -1813,7 +1813,7 @@ NS(test_main)(void *arg) NS_MOCK(nodelist_get_list); - smartlist_add(set->country_names, tor_strdup("{xx}")); + smartlist_add_strdup(set->country_names, "{xx}"); NS(mock_smartlist) = smartlist_new(); NS(mock_node).is_running = 0; smartlist_add(NS(mock_smartlist), (void *)&NS(mock_node)); @@ -1985,7 +1985,7 @@ NS(test_main)(void *arg) int r; (void)arg; - smartlist_add(b->list, tor_strdup("{xx}")); + smartlist_add_strdup(b->list, "{xx}"); r = routerset_equal(a, b); routerset_free(a); routerset_free(b); @@ -2010,9 +2010,9 @@ NS(test_main)(void *arg) int r; (void)arg; - smartlist_add(a->list, tor_strdup("{aa}")); - smartlist_add(b->list, tor_strdup("{b1}")); - smartlist_add(b->list, tor_strdup("{b2}")); + smartlist_add_strdup(a->list, "{aa}"); + smartlist_add_strdup(b->list, "{b1}"); + smartlist_add_strdup(b->list, "{b2}"); r = routerset_equal(a, b); routerset_free(a); routerset_free(b); @@ -2037,8 +2037,8 @@ NS(test_main)(void *arg) int r; (void)arg; - smartlist_add(a->list, tor_strdup("foo")); - smartlist_add(b->list, tor_strdup("bar")); + smartlist_add_strdup(a->list, "foo"); + smartlist_add_strdup(b->list, "bar"); r = routerset_equal(a, b); routerset_free(a); routerset_free(b); @@ -2063,8 +2063,8 @@ NS(test_main)(void *arg) int r; (void)arg; - smartlist_add(a->list, tor_strdup("foo")); - smartlist_add(b->list, tor_strdup("foo")); + smartlist_add_strdup(a->list, "foo"); + smartlist_add_strdup(b->list, "foo"); r = routerset_equal(a, b); routerset_free(a); routerset_free(b); diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c index 056f199b94..d511f163e3 100644 --- a/src/test/test_shared_random.c +++ b/src/test/test_shared_random.c @@ -348,12 +348,12 @@ test_sr_commit(void *arg) /* We'll build a list of values from our commit that our parsing function * takes from a vote line and see if we can parse it correctly. */ { - smartlist_add(args, tor_strdup("1")); - smartlist_add(args, - tor_strdup(crypto_digest_algorithm_get_name(our_commit->alg))); - smartlist_add(args, tor_strdup(sr_commit_get_rsa_fpr(our_commit))); - smartlist_add(args, tor_strdup(our_commit->encoded_commit)); - smartlist_add(args, tor_strdup(our_commit->encoded_reveal)); + smartlist_add_strdup(args, "1"); + smartlist_add_strdup(args, + crypto_digest_algorithm_get_name(our_commit->alg)); + smartlist_add_strdup(args, sr_commit_get_rsa_fpr(our_commit)); + smartlist_add_strdup(args, our_commit->encoded_commit); + smartlist_add_strdup(args, our_commit->encoded_reveal); parsed_commit = sr_parse_commit(args); tt_assert(parsed_commit); /* That parsed commit should be _EXACTLY_ like our original commit (we diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 1cba617a34..e2fee813bf 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -1086,13 +1086,13 @@ test_tortls_check_lifetime(void *ignored) time_t now = time(NULL); tls = tor_malloc_zero(sizeof(tor_tls_t)); - ret = tor_tls_check_lifetime(LOG_WARN, tls, 0, 0); + ret = tor_tls_check_lifetime(LOG_WARN, tls, time(NULL), 0, 0); tt_int_op(ret, OP_EQ, -1); tls->ssl = tor_malloc_zero(sizeof(SSL)); tls->ssl->session = tor_malloc_zero(sizeof(SSL_SESSION)); tls->ssl->session->peer = validCert; - ret = tor_tls_check_lifetime(LOG_WARN, tls, 0, 0); + ret = tor_tls_check_lifetime(LOG_WARN, tls, time(NULL), 0, 0); tt_int_op(ret, OP_EQ, 0); ASN1_STRING_free(validCert->cert_info->validity->notBefore); @@ -1100,10 +1100,10 @@ test_tortls_check_lifetime(void *ignored) ASN1_STRING_free(validCert->cert_info->validity->notAfter); validCert->cert_info->validity->notAfter = ASN1_TIME_set(NULL, now+60); - ret = tor_tls_check_lifetime(LOG_WARN, tls, 0, -1000); + ret = tor_tls_check_lifetime(LOG_WARN, tls, time(NULL), 0, -1000); tt_int_op(ret, OP_EQ, -1); - ret = tor_tls_check_lifetime(LOG_WARN, tls, -1000, 0); + ret = tor_tls_check_lifetime(LOG_WARN, tls, time(NULL), -1000, 0); tt_int_op(ret, OP_EQ, -1); done: @@ -2653,18 +2653,18 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_t *cert = NULL, *scert = NULL; scert = tor_malloc_zero(sizeof(tor_x509_cert_t)); - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 0); cert = tor_malloc_zero(sizeof(tor_x509_cert_t)); - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 0); tor_free(scert); tor_free(cert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 1); #ifndef OPENSSL_OPAQUE @@ -2675,7 +2675,7 @@ test_tortls_cert_is_valid(void *ignored) ASN1_TIME_free(cert->cert->cert_info->validity->notAfter); cert->cert->cert_info->validity->notAfter = ASN1_TIME_set(NULL, time(NULL)-1000000); - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 0); tor_x509_cert_free(cert); @@ -2684,7 +2684,7 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_x509_cert_new(read_cert_from(caCertString)); X509_PUBKEY_free(cert->cert->cert_info->key); cert->cert->cert_info->key = NULL; - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 1); tt_int_op(ret, OP_EQ, 0); #endif @@ -2695,7 +2695,7 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_x509_cert_new(read_cert_from(caCertString)); /* This doesn't actually change the key in the cert. XXXXXX */ BN_one(EVP_PKEY_get1_RSA(X509_get_pubkey(cert->cert))->n); - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 1); tt_int_op(ret, OP_EQ, 0); tor_x509_cert_free(cert); @@ -2704,7 +2704,7 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_x509_cert_new(read_cert_from(caCertString)); /* This doesn't actually change the key in the cert. XXXXXX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 1); tt_int_op(ret, OP_EQ, 0); tor_x509_cert_free(cert); @@ -2713,7 +2713,7 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_x509_cert_new(read_cert_from(caCertString)); /* This doesn't actually change the key in the cert. XXXXXX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 1); tor_x509_cert_free(cert); @@ -2723,7 +2723,7 @@ test_tortls_cert_is_valid(void *ignored) /* This doesn't actually change the key in the cert. XXXXXX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; X509_get_pubkey(cert->cert)->ameth = NULL; - ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); + ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, time(NULL), 0); tt_int_op(ret, OP_EQ, 0); #endif diff --git a/src/test/test_util.c b/src/test/test_util.c index fcda564569..7e5a44cb59 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -5612,6 +5612,33 @@ test_util_monotonic_time_ratchet(void *arg) ; } +static void +test_util_htonll(void *arg) +{ + (void)arg; +#ifdef WORDS_BIGENDIAN + const uint64_t res_be = 0x8877665544332211; +#else + const uint64_t res_le = 0x1122334455667788; +#endif + + tt_u64_op(0, OP_EQ, tor_htonll(0)); + tt_u64_op(0, OP_EQ, tor_ntohll(0)); + tt_u64_op(UINT64_MAX, OP_EQ, tor_htonll(UINT64_MAX)); + tt_u64_op(UINT64_MAX, OP_EQ, tor_ntohll(UINT64_MAX)); + +#ifdef WORDS_BIGENDIAN + tt_u64_op(res_be, OP_EQ, tor_htonll(0x8877665544332211)); + tt_u64_op(res_be, OP_EQ, tor_ntohll(0x8877665544332211)); +#else + tt_u64_op(res_le, OP_EQ, tor_htonll(0x8877665544332211)); + tt_u64_op(res_le, OP_EQ, tor_ntohll(0x8877665544332211)); +#endif + + done: + ; +} + #define UTIL_LEGACY(name) \ { #name, test_util_ ## name , 0, NULL, NULL } @@ -5705,6 +5732,7 @@ struct testcase_t util_tests[] = { UTIL_TEST(calloc_check, 0), UTIL_TEST(monotonic_time, 0), UTIL_TEST(monotonic_time_ratchet, TT_FORK), + UTIL_TEST(htonll, 0), END_OF_TESTCASES }; diff --git a/src/test/test_util_format.c b/src/test/test_util_format.c index 63a668238c..1d58ba2bf8 100644 --- a/src/test/test_util_format.c +++ b/src/test/test_util_format.c @@ -11,25 +11,14 @@ #define NS_MODULE util_format -#if !defined(HAVE_HTONLL) && !defined(htonll) -#ifdef WORDS_BIGENDIAN -#define htonll(x) (x) -#else -static uint64_t -htonll(uint64_t a) -{ - return htonl((uint32_t)(a>>32)) | (((uint64_t)htonl((uint32_t)a))<<32); -} -#endif -#endif - static void test_util_format_unaligned_accessors(void *ignored) { (void)ignored; char buf[9] = "onionsoup"; // 6f6e696f6e736f7570 - tt_u64_op(get_uint64(buf+1), OP_EQ, htonll(U64_LITERAL(0x6e696f6e736f7570))); + tt_u64_op(get_uint64(buf+1), OP_EQ, + tor_htonll(U64_LITERAL(0x6e696f6e736f7570))); tt_uint_op(get_uint32(buf+1), OP_EQ, htonl(0x6e696f6e)); tt_uint_op(get_uint16(buf+1), OP_EQ, htons(0x6e69)); tt_uint_op(get_uint8(buf+1), OP_EQ, 0x6e); @@ -43,7 +32,7 @@ test_util_format_unaligned_accessors(void *ignored) set_uint32(buf+1, htonl(0x78696465)); tt_mem_op(buf, OP_EQ, "oxidestop", 9); - set_uint64(buf+1, htonll(U64_LITERAL(0x6266757363617465))); + set_uint64(buf+1, tor_htonll(U64_LITERAL(0x6266757363617465))); tt_mem_op(buf, OP_EQ, "obfuscate", 9); done: ; diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 9c6580f788..caeae13a38 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -178,65 +178,6 @@ remove_directory(void) rm_rf(temp_dir); } -/** Define this if unit tests spend too much time generating public keys*/ -#define CACHE_GENERATED_KEYS - -#define N_PREGEN_KEYS 11 -static crypto_pk_t *pregen_keys[N_PREGEN_KEYS]; -static int next_key_idx; - -/** Generate and return a new keypair for use in unit tests. If we're using - * the key cache optimization, we might reuse keys. "idx" is ignored. - * Our only guarantee is that we won't reuse a key till this function has been - * called several times. The order in which keys are returned is slightly - * randomized, so that tests that depend on a particular order will not be - * reliable. */ -crypto_pk_t * -pk_generate(int idx) -{ - (void) idx; -#ifdef CACHE_GENERATED_KEYS - /* Either skip 1 or 2 keys. */ - next_key_idx += crypto_rand_int_range(1,3); - next_key_idx %= N_PREGEN_KEYS; - return crypto_pk_dup_key(pregen_keys[next_key_idx]); -#else - crypto_pk_t *result; - int res; - result = crypto_pk_new(); - res = crypto_pk_generate_key__real(result); - tor_assert(!res); - return result; -#endif -} - -#ifdef CACHE_GENERATED_KEYS -static int -crypto_pk_generate_key_with_bits__get_cached(crypto_pk_t *env, int bits) -{ - if (bits != 1024) - return crypto_pk_generate_key_with_bits__real(env, bits); - - crypto_pk_t *newkey = pk_generate(0); - crypto_pk_assign_(env, newkey); - crypto_pk_free(newkey); - return 0; -} -#endif - -/** Free all storage used for the cached key optimization. */ -static void -free_pregenerated_keys(void) -{ - unsigned idx; - for (idx = 0; idx < N_PREGEN_KEYS; ++idx) { - if (pregen_keys[idx]) { - crypto_pk_free(pregen_keys[idx]); - pregen_keys[idx] = NULL; - } - } -} - static void * passthrough_test_setup(const struct testcase_t *testcase) { @@ -365,15 +306,7 @@ main(int c, const char **v) } tor_set_failed_assertion_callback(an_assertion_failed); -#ifdef CACHE_GENERATED_KEYS - for (i = 0; i < N_PREGEN_KEYS; ++i) { - pregen_keys[i] = crypto_pk_new(); - int r = crypto_pk_generate_key(pregen_keys[i]); - tor_assert(r == 0); - } - MOCK(crypto_pk_generate_key_with_bits, - crypto_pk_generate_key_with_bits__get_cached); -#endif + init_pregenerated_keys(); atexit(remove_directory); diff --git a/src/test/testing_rsakeys.c b/src/test/testing_rsakeys.c new file mode 100644 index 0000000000..134770bb0d --- /dev/null +++ b/src/test/testing_rsakeys.c @@ -0,0 +1,546 @@ +/* Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2016, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "orconfig.h" +#include "or.h" +#include "test.h" + +/** Define this if unit tests spend too much time generating public keys. + * This module is meant to save time by using a bunch of pregenerated RSA +keys among */ +#define USE_PREGENERATED_RSA_KEYS + +#ifdef USE_PREGENERATED_RSA_KEYS + +static const char *PREGEN_KEYS_1024[] = { +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICWwIBAAKBgQCZa39BCgq7KWBWFSjGYHhqmTCHvQ7WNEFAb9Mujb6Xn/Zy01fu\n" +"WIpVvqmAKeLNEziItUm/gB8GwAN+/ZLwL9pufjIp2Ar+yqVXKySioZQxuCgTP2wm\n" +"Ku0OfmAra1Xbtrkc2OCJllxkyNPrJ/kxfwjWR96UP0+VMbOlkBoEH1FtvwIDAQAB\n" +"AoGAUXoygeMIYe+OdwkTt48CRHKIwH3aRE5KHSOGPyIOB05vvvmYqD8jcHgqYqNc\n" +"DNdZXdkRin9LevU8phObFq4DTXp08XggUx4Kk4AdsFKubQtJ8gHm3xlSKbZXX2m/\n" +"ZF0GRaZtVDQ3TRGh+OBLILt/2jT+BaFKGAyJ7al76F2nprECQQDJyLlteLDFBmrd\n" +"0kAjNBE50S5YskBCQeQACROfyTKW8lG1J57UBeYjXvbrDFBR4alIS9DEexGai9Gz\n" +"wxpgKg2nAkEAwqQmPstjHxvqGQRi41uXO026MLxY7dhEqs1aSw3tuT8v17pW3OEa\n" +"Qxv7JINePZ3+sNN+Ic+3RXBR0QuD7lSSKQJAZjVSF21GvMXfY7SX4D0DbLHUNAE2\n" +"I1mUz5/JXOpgwazETmpfPS4vwELd93kpRhBz2rbsbFmaNRoVgmSU+5jRiQJAZ1bV\n" +"g2NilgKxEGU2x3U6Xt8Oqo9lO6omEvUCKnUTsNWuZf/l3FGbKuQxO5qPr3Ex5tny\n" +"zqrEqBZRKgbOHfxCuQJAbJY5C3Nm5koemr031r00MY2YD1b6+hyKZyPdZ21HpyY8\n" +"z1kWShL0POjYPX/BnKE1FkpklWcKBb7wkK7dvAKkEQ==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQCyqMM2TfFGV5tVBTVabxLVln8146nDavIdR6q78DCUMh8Zfzkk\n" +"h9Lbl1NX4RU+AmrCZMPq21/EjIRxRQyRdgPYJVLdp96eGeYnEzmMkqvXiswXvDg/\n" +"tXqsjyJeYsoHMQWDTpCLfjYo4K1ol1sg8VIs4wQeq5og6QSdmhBoz7MyqQIDAQAB\n" +"AoGBAIJekey7nZeV8Bxva4ptSRIg+v0I/2VBUiG5nUX9NIW/uV/yrXERx/VDjKaw\n" +"8b5JJzxpKWnk4RJc83xwRYaT1qMYHiQfybxEI0K9SjhtaThAjtXkQGtZgLJILl3t\n" +"yh3LPTh1ocwafsKjU6eGYAe/DYn9/QwYHbtyaimcigu4etp9AkEA2DgC+HndoP1i\n" +"np26Lx+4TG0vAfrVYGSLT9FXwf2iBV3oJvdKqu6wr8ipb1SbshRPcOQd31/mCh6+\n" +"2BR+d4ddcwJBANOHrlBbGZdHnoEu6kKbPwwkc31IZYqyfSpkqm0Lb2oWZ9SInKfc\n" +"cz0qpH91p610XUpYmycaJr4K+N8jgrz86HMCQQCoqGBg1Ca2OpCf66bctWB8dTqS\n" +"z8d7rlIhC8npr1+f0hWRt5pN5Wx7YgoQpq3gZgllpPtMT7DQOhVh1fKkaDnTAkA4\n" +"XuskPPLX7t0dvhvtviOSH9CrLXTp/mD+wC7uumJpmij3aaSd01DelxOZaAhUYDNQ\n" +"UcafKAf1E0V5aaQ4qwljAkA9NVN6CtpzzcLrstTKxrx5P1Ylt/0UYQDo1lIaqwrT\n" +"aOFbXmOungiC9+p/4U7RbX0MEzjFDHCWlaHASviGVgta\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICWwIBAAKBgQDDt2V63APj3JSqaRgofUzhtB+prm0wII4uHyxfOxnpYIELOW5z\n" +"3UHmkr+B4D+Nif5jIp0i6W4OS4S+YHewKsDsXvXKRIW78KzOt6Le4JI9rSarNjy5\n" +"aJKksWQRALLCmxP/BdolaBFqF3fIPD5+Zxu8ESgxhkEQI4p7awUp3E730QIDAQAB\n" +"AoGAZktfAR4p8lkCYydW9yK2ommQ+xEuBK+fYL/uYz/yxSYpjIJSFsEYhrlA21Mo\n" +"JIRxr8MRuoOjgFk8YnztUeimuHpslDlZDaCBzjRjBRFCMepZNG9xqSEL0u7C+SH6\n" +"KU5f2x2P6PneBj6WaHZM+6Lf2xHlOoeuaVSUfq2Pk2VBF9kCQQDtawWWNwP0+xea\n" +"oCAQpanaLzYPjlqZfHJQ1AAI5eSkdf1qmlypIHwOtjAEa6XuEO/Or8RNkNy4nQdw\n" +"qhcQ7PXDAkEA0wjT6Z+Lrt67FnwPgoSvl4Nukcqw4OWHbBKhaQPsO9+oc3PAXLdD\n" +"SclUUqDF6NX1yONTV1KrPdz4zElmEua+2wJABm4inZnp2oW+cuqpU6oY+pbSwQMb\n" +"AxMyyWukgJkxYx7q+SsrHU2K7p8Sl9wOh28f/5oVGAC3aayfGfcRXtz8HwJAIqeO\n" +"dQzYGU1GF7kjquEzHIRewd4xEZ1fkaW1j9MvFd3ygZL+gbsud41yJWd1WHjaNbTu\n" +"2KYgrLX+vT1IX844hQJAbg0V7iHlttQqXL7yN09jIjQLprqVhDZCUHS9s9Dxe7fz\n" +"Ac0ZZD0D6EVNmSmBB71q7kLUWX/W/10d447TLnnfew==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXgIBAAKBgQDhCAjPEockl4lqkvoIb5O3NJJG8NWD31c63e/cPWY6MX5nOM/q\n" +"avof2eWJxFOk0HQ2BRVwIgNex6kLxtsdw7XE0A5uZorTp9DbRCGMqUqHNhHH9ci2\n" +"mMPP9jptq3ieWg310bH4Tad8h3WE2npSCDBvxyV6EmuH2rlQW9ZlHNoiRQIDAQAB\n" +"AoGBAI4PgWggPTqng7PJF5mNvsYQpSutzE0VCL977nmuNUQVjMPjRLarVD4ZU+QW\n" +"EevhQQv9R5xjjJcgGqL5pchzjeKDm0/LA+AygnZoDMs2O68Neieqvr7cPqr5ALGs\n" +"WuZvSn+bRJTenvV9sUh2ii0/u3GQbL1v7GWDkIdD7itDbmRhAkEA8iijuEY+W67w\n" +"7JusjY2MQ2Cm6xxxR0YcnYPzT6UDm+Z7NNJwKscQ6AjayNmxmXGpbUdukzLzXf8y\n" +"fccI9t6iHQJBAO3kx9nZay0Ktl51QP5o2gwoqRIbnogGfR06KJOlzIPGR0aPn8cg\n" +"uKq2SiyjewEaSBM6S/4UlxYUmvc3VKnxCEkCQQDpTjg2YQ7RPGIIRA/iLV7Wx3bq\n" +"C/QjjCwjoi44LK6mdE9928WPoUzrkSRg4EQYpwZqL6kcDrmkdSuLPMipOGQNAkA3\n" +"KtzlujPOiDNuiEaAORSHyU4b8ue6p7aP9pK+Wq6oyGxzAo+NABuTCx78ZxT5Vnzs\n" +"aJKC44d+CV0+g0hQ+KJxAkEAqFYzNWIzTHX8DVDdK9BpUaBg1DFxIeP5Kk+/X3FF\n" +"5BafG08B6OiLf8qIGGsxLXNRjIE0GVp3Sy23FUKtUymP+A==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQDMDk01VwPxQq/BAwOBmfGUP/x5BQn+uxI0Aat6bdWuz/2CsjbS\n" +"CWD/YLCaPm+DpHp9RMwk4HONJaw4B2XOw3ELPx7y9DEgdC1wZ9wRkJmqr2IJZoZR\n" +"C7x43nNv+/IXTiRkkljCcMpoL1Tld+L2VbmWR29PdZwvspWRILkEZu1mNwIDAQAB\n" +"AoGANvFK3KfXSei4xfF3yjeXEmHAKx2uOUZJenNQpqBYPr+F9ODjXd5knZ59LqrM\n" +"/9cTnBMgHHXK5yBTpKppQSjikLeQ2BF04Ktff9oGqVcS9x/rKo0CREuxsEfawZOW\n" +"OzOWENp4YcDKGP1I/Ctr185QzStaWrXVQftxmYQ53T77ShECQQDnhabwtqW7rfe4\n" +"+MfkWEJ9Y2s6iMs3JWnwPOX9G9R39PiAD4vAghHJyHHttS9Ipxmvp0hThu0x7a4g\n" +"8BfUpqgjAkEA4aFAmzarWKigREAACVTYH2RHpXbuk05vF9WqfMPiEvQUd5a1q6vc\n" +"xkGZsE3v/TExLjPRZP4FeUNV5sD7THzA3QJBAJxPoRlNx3GCEAlDdfnWGPX9JI09\n" +"hC40RWUcSI7ttjJTI1+an1kWuBnLChhaRpU/tFjikTNLmmMmPHUihIRfDI8CQG7g\n" +"3WzpKr8A7vFbOilbxnF2yDaqAYfmTXW7DHMPl/OUetJh/5kDdhT/e9VGF5+nIvH/\n" +"iPFGW85Bpt8lCtmFnQkCQQDjpp9iy2qesE7KKX4Kv3++QfCJ2w3g7lwg4iyncoDd\n" +"JrM53p29HROM21R6eekvqeWIe9tEX754b+E/N60ZjpGm\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXgIBAAKBgQDdDn3H+Eu0AW5GKohqDBntw6ubnd3VaJwZGzZyga4J2kLg8peP\n" +"RAW6GDD6pcHzW+KZbFWHtRk70FSwvmyGcf+DY0r5tfyCHyDGmbJyPR0o6OVCgSFl\n" +"ccf4eDvbyszzMdlx3uL05ABIpCShoKtEUqvyIQla3Jon+QBwuVkizMzyVwIDAQAB\n" +"AoGACoKh4Fwh3VEkGRn0mnYw1Wk0Q5Xh8j+jDF6K3C7mQ3mpLGDca+dkDlEQIxq2\n" +"egeoYnsQJf+qT3m8TRsAtfO9nj7+7IX4BfCtdIi4RNcorbs5YMWtFyaywnM6SQjS\n" +"+1qf74aL4On9WRO2FtvnTMjFAAkiWNbQp7mWwTmB59i620ECQQDwde6/PwhUzvZh\n" +"dyslKJdna5RjkDQyDIuh0zD/tFZ0Iko7Luec8q6n52ev/n0OiTLGetUh8goePsPP\n" +"HVZHidNJAkEA61eMCmmu+GCAg2vJRtL5sDakAXsbP5M9Bf/QVHXtc4EVXHC6T2ld\n" +"bldOJriNbBThBuPNmlQbssn9FApkyWT4nwJBAIuHIv3+CUuMvBJaH8L0BsaP+g67\n" +"wk24Ud2Yujnl3rSMoR4uXV8IwqfS8quAs/gXTEs3QyzrUUuzh9NKZqIkK2ECQQCz\n" +"vivBEDKIlPvSZBJYO25kfXcJgoKvLb9fw5/TwjXXD/HGpnpFiI3JZnjT7gRlVhT/\n" +"9CDmC/MTvF3EXqPXhXy1AkEAo3a2me23Ljmub21jycSKaCk09dK85QTRRMe9c/hs\n" +"i+pcGi9ZZW0Mm7cyQo47oXjNurkkv0fEvXIobVTEXAGU7w==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXAIBAAKBgQCv8R1IbfYnE3R3kNeezJ7m02XnyCBDDy0YfrQldQ+urdg1CFye\n" +"bO0iPniJb8fmV8NW7x6nUZTDznCg+igroKXtK/w0WYmJJiH4A7Oi5xNjAfRIPvJ/\n" +"J5GI8szS8rH8tp8pW1h8k/kNg2pnBjwQ2U9omhp95RGaHDQSRYzzH/fEFQIDAQAB\n" +"AoGAcy7+BcH/iZuB/xjzIIJDcUhqibCJ9n0D/+pLU85sYuZrCmUcBZe4M1gEn61v\n" +"iExilRJc1hthskL/l1POYql8lk+aqeeDuh38fWJj60TCV/sENiuXOsTmoFVA5pNn\n" +"lwlG8JlpBMsgr1fGqg1C/WLFfMmvXdKVGvpRqI06j7AYUa0CQQDfZ5rI+FhXBlxo\n" +"PR5CM1LB90DuHUMW+Kqoj0c9d2esXEQM7UqQ/9BiBQbL6Py7Z3VwCxibOqyz7+V7\n" +"2aGUMAKnAkEAyZy5Mu2tHs6YBBxPYam7huzMUYjddN7ixAZUyGwxQp9kTIF2NbSQ\n" +"yVDjKrco3s2lO4qj4pSumwVe3GGlsi6G4wJAOOS3pIqqZK84BUvbUtyjLMZ9AKbv\n" +"GQCG5ZpneB3ahyiQJAKiRL8BIJVLH87b3hYA8GHDCHUu2jwz4xCPd5+qbQJAV0TP\n" +"pYvb9AnZI25drhiaY7z8dA6aTYxs/A0Bhf/PEteLwtIHKRgP1BR/QG4n8slxTGSm\n" +"q91P9ypL9XkPECGzoQJBAIMvGEM7ZGevQHBjJ8HhU8IsgT4cYH/XEYb8jRy4F+Ui\n" +"jKxHPxLuFK4urAZunNUNrqhT0PxbB7hRjtHZrmFkrcc=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQDSpmV8ncLwc8gXzdFsZGPDtMO7C/IN9jKCIK13WIseMg1APlMt\n" +"PB5lMQ9fa3m9ZRU0L8HzRo+u/Xdos3yIBI38X2Avy0laGKnQxiOKaDT/5ZHeiBBh\n" +"nMZjP2WY5V1sgqNP9RD8enE6WaSvq1j0BM++mn9KEe//5+dWD8tboBKF4QIDAQAB\n" +"AoGBALgVoerdE1Z+WAY1XyaSNHz6o3H6ZnW9CTaex/jb7/dbVikmThnhx842qXCB\n" +"w8m3ZGhOs/edWkNaTde5wsI6+LhVGco/PWxN4v61jokxUU+5KvUvGacXhXIjzKwG\n" +"DrNCYmle62QCI1z4+TLQW/Lq+jw2Wzk70NWEvoP58gt5SJoBAkEA9wubRKRs49LW\n" +"5JNQZ9hjc+mAfP9YK/sMe4jkdloMMWXjSMlF3Z4mI9XQSpfbBqwWIBXsjU/15LIS\n" +"ftmujZsMKQJBANpJEZI7UFoRdSP7AlM0YJuXWnVGyn/K+VIeEso5AlZdKXCTpxqp\n" +"9blWq0UVC6jLesZ5UNPuBiAnrBaVwDA8YvkCQF+FQVfdK607TJO80g4VAP9EfcXX\n" +"BUScIUtytsN8NdKzzpnKGRWDnMOmXI87ABkoWLW3RGuvSyhOIhCiInfmR2ECQASc\n" +"FmroJcJBLCAeZOYs7P1cLOTdIdmhB7LcP7lVit8YCJAADj9Z536KfgNvdleSNH2M\n" +"glB3blmvfMrdTrm2DMECQQDj6GJ/Tc2rCsq534xknasVjrgtJMQFxmQCTVgBx9pc\n" +"gTflJAHAmNDvstacVqeObLCF2ZIvya8fSXGbDOJYeGDv\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXAIBAAKBgQDGgUJAm7vf/3focNGwzv4TkzYF2XwpAirnb61dyxvfug1zKv2k\n" +"AUg3qACiurR7JrI+kAbmxEnNaKV7ts7uO763wP9KE8YAuFZsp7NFA295rEZhw38T\n" +"rUlWHMCeaZ3mqW2q8gA14C/ZJCG4gS91SIHLjNGsbHwr2Jvri2ItwIP8FQIDAQAB\n" +"AoGAONceb32oiHWQkkBr6uL6ogRPPdGO2fdC7c5uqCLWsnOGEmpHAsVTNoym0fIA\n" +"aBsmgv+e2klukKDccdZg3prA+z7lHcc2a4bIFguF6ei80hLIis/dds66fFXofCzy\n" +"DMlkncSbJwIvQHG9gblxp9qSKElZF7XjABZEImarfUlakGkCQQD//msGy5N0ZhMI\n" +"yGMXkwXRJXfmRrIrOqHx6u1eUp4OuqDW+hBz4KCHnWfuRJkNGQIammSf18jPasP5\n" +"YHyr/LifAkEAxoJ8R8Vusexo9ZjuU44qXCSvJQ26UBV7mn6TGEAn2DRK1RWKDaHv\n" +"j2vnRjt3CO9WPDQL7SB/1HNAy+dIMPyqywJBAIB6tESIz8zPniX+TJ18UKMTZwXP\n" +"3YQMvVKpUdDRLjq+OBMtFizSRD9MJOlUzGvibUfkzTPcHRDcyNbUMj4vbIkCQBx4\n" +"6sqAjvgGKKfRX52sbnb47AYsieSisC/gp8h6qzxfg7w8cqix6WJw36M7ND+b1Iqe\n" +"DHfeiXc3cLvOWJRuKTECQCEYkujtSjXWb26xaESFWGtUI/nEvCyqYPQAFBpaGzQ3\n" +"tiTDeKHzypesWYoTxOiNQWCQMLrFGuUbDpYOuDOVNjw=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQCcwSAfytnspSSDX/sKmCPOMnpuCYeWA4wbz1wLyb63a8/KXhhG\n" +"6o2W0kt3x1vnGZkeWwZOeBFUqwoc+xHhoNcZFsMOyqbqA3UMZW5cx27MsexRTQHs\n" +"Go1newu/E+8NNCohY51G7z1Hdo0L6mi/Tldh7puuGsMwKqNG/Vvo/GQDgwIDAQAB\n" +"AoGBAIUdpBAbjXDe1OET0vYuOMnUKA/l29RS8tpy/zGrg1/0GCM8QNWIPfEEaL4w\n" +"+CSKonMazYI5iE4kaZQuygKXOdFqKxX8nrGK2hR0DIEUHhhiqyGMUKrf4ELkAJzK\n" +"tHtcO64OFEU2EGa72wCmyk2MhqhLxWxA7E00x24uvW6pen6xAkEAzHhbzlRgLZ+K\n" +"QuXmQHEqkGaS2Ccf6c9TA5Bf5S2/5zBl+OqVyJJQH0yrbPYR6Nn1NeSv3R4IDJYg\n" +"fSZLaVzWHQJBAMRCU6QtTnZoQ97pLvXCSKRYKJF+CnE3zDFTyoJrpK0W1FSnb1EE\n" +"DWjjdSdMLynf/InX+VOaLk3Gxwjme4NKjh8CQQCg2b4/HplayrsVzY3I/D2jw02Z\n" +"xY2RfYusrhMCU284DBbsLn8OfiuRs9rXqOyF5ZDFiNXgeROT8zYzvcBtbp7xAkBU\n" +"ZET9IvJLXjhZISItUXbVHIeNUIqC9sBaMbKx9EGioF97a2gliT2O7cgRtuPM+ODq\n" +"ETHILlNc5G3vuNRBt4x3AkBV98Y1SZA3TQlUVTsjGraxkFTfU1IlomiOdOwTQ+xZ\n" +"x+JxhhgZwZ+kgI3PidEufFCTZJ3WO6Wk9gk18Bx7CLjm\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXgIBAAKBgQDq/K7wNW3fcTbaRTjNZlM4W0G7tKeO+X0bca4+9uin3ML3ogNJ\n" +"6qT/B0QAZB6Vyi9kKa3E8plQkjmPuX8Q27zj2QjEuDZ12RGFnikeOosUhOYiDh3Z\n" +"T9CHnr6stozzgk79Xd6VI7bqRcgRwbY0uc9QVr6vwddyIfSploSpVcgspQIDAQAB\n" +"AoGBAJfUpo/sZc6uzxtfCKGmkPTj+ef3hSBbUZuu60AhtxfnC06HrwpOg0eJAUYj\n" +"aqOsHMziJTYQ7kDiCjE0UMaqxDNS5hueumznq2xM2mSN0nYoktU00kpANVkW4VPA\n" +"33TB16DyqlKq2/21Rs1g8/8+IKkKDbRLTC//1WqNHASQVoGNAkEA/+z4hxTVXZkr\n" +"9hz29tAHKURlqzxUEKLnS0eL+XGJRNfGJ+65eXL+gFiIbTnpVeidL1+lKWkZyYzl\n" +"75cNRdUHhwJBAOsOJ9mUOqTbLW5tzh18ewZGOa1JcxhOvf2E1d56N8tDK6lvoqkF\n" +"oUUb8kIweDxPLCVLCl8qFrbjn619fxDInXMCQAfEZGKNIlCd5nSoumIRPDZnagKB\n" +"aTe8CfMB7+CZLoZVWiE6IIzsDYdNqI5QFKHT1nlqmLOiCfNRAGV+GxwEdB8CQQDE\n" +"sHu4HclU2fMSTOAE3H01qt3om2WsGXfyBI3SNQMrG3IVvkymkwd4BQKbUGPMU5Pl\n" +"QP3U1CtdruuXCUSijrzxAkEAoqYub6+0zM8fakSQZcZ01TG9Fuo2xVFDCQsvqR3m\n" +"ZhRT/oinIvOxSh4fQs40bmt1RBmc2L1Is6YB2NTVQEBZDQ==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICWwIBAAKBgQCrf0rPvHYaGYQrc1ciRwaONs8TUvSVmUU98HMYXoFEkBL4CAGH\n" +"4oNHFk8kXHEOsBED0eccSYegWhqKHSz7PbjmJaXloExWrtx5ea3Twf8VTgcfDWQP\n" +"0TzD3G1TYjAFPQ1/LAZCpQFmwpMmTGGxegUhOzkpEWXdLVEVc9Uw4C4L2QIDAQAB\n" +"AoGAZXAJZA5pHM7y6nBynYe9TOkGWru6h7H8zsImkcd0VoWRcrvpi+JjG+0KKsuy\n" +"46kop0XEmWq0mhgxknfnX0QG1MKTqGMIUGN4qCaezOabIpCOdA4d/pr/mWoNgOWw\n" +"9Kc/tNCrKxPKsQMAlWP6ktHN30XRSlHgAjSeUVUiNHztvTECQQDUNin2nyIvj8ZA\n" +"QAsFW9qW+TiTkeUK6yiZ9Gvgf20gwZRWOe5/xnMxVvtN6v7Av1ew/l4VhBoj/w5g\n" +"ydIZk+2LAkEAzuJwdt+ccllG19qmEcbo9XFafgi2PvlEjPJmT1rHV2ns/7HIMu27\n" +"PJY36GgExSfFco6VmicaoOt+RKg+5acgqwJBAKQxAEjcGWQ5VsgRhTVxO3DChX7Q\n" +"TColhrWPwwPhM/s7K92HVzwvvKL5TNmdr9xMb7n3Ja56FouxZVuH6/J0XT8CQAat\n" +"Mhnz/3WFQg8HRGLAe5YoMVZt64u+uaKe1ARtlo9QoNBjqWVTXL6IzocWjEjcjrey\n" +"uEtARdC5qNqIX3dD3H8CP3pVCPvpHOTxkUaktmLYowSA1HSfO9wkE6bMCHhkLwXF\n" +"yTIJ+N7c5u5YN1B6hhVqpKbdnSv+K0MQ0xbfwOWNMw==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXAIBAAKBgQDGQmrKfO3WovoXkOTSh/shO9qjbX4izhg4pccVU3Tp45v/dgAE\n" +"uDUuaa/clToyH5AhOtuazO/asC3ZNajg1ia5VPzmQU3gtqiIZIEXFaOovPlOrXru\n" +"wyQnxaGORndJwfDXicG6bUwI+PDpNq8c4VOTujReeF0r74qMSc7TQLVlUQIDAQAB\n" +"AoGAakR/aTm9YibJVohbnl00xoOGlcLCsXU2lmaFZ3DsYdGWdD+TkvQJzW7ozJtQ\n" +"Lj2sy6L4wujGR7nXWW3hr2IaLpoc1UoyJpieAZM5os6bMN+N4MCqdcZMlazMtSWV\n" +"UDO7O7xQGFpcvvZmnfKCyluFaJ5K/tWxP+2TnS1/m0BDRIECQQD5DYvToA0eKBt+\n" +"7K4eEI8pzDot9NlcL21D86kNgpmuY4pifALU7GvXr299JpFFiYa2A1JVRfpQaoI3\n" +"hZzz0ze1AkEAy8opWJP+T2q4reD5Qq5UjjrHUXFID23KeJEjh5YF40/bHqyVpWVR\n" +"UMntNgAzs+13vRij48Zn6I8GRhStaQ3ArQJASPyFS8GN1paeaDXoWPs1WWR2cF1f\n" +"DbsAZHeVxVXOv+J//ZimI8wdVpodLCoPTLee+NxEVqUpVEPCYY8QjgwKOQJAATmj\n" +"6f5pxvxzQ8hYd0gpBfngfOLbdgxI7VSiDAyg2G8AeDy9YZMsW/n6zRpPNUO2NpLR\n" +"WWs18LX7aaxyJnGIuQJBAPPfy9pd4XEFsRBIIe3N23Gua1XkS/407RJtAGm73Vrt\n" +"QhtWh3i6D5gfpEApMoaE8aaQQ7H0z+0Uh1t8SWesy10=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICWwIBAAKBgQCc/M/X8etUqrxnmH3PyuAYLIPZhwNySch8qz9NB47izYjxzuBG\n" +"GSls6H7WeKIrB8UJY1gW8TLkdOLcrI/0hTANNHEPaueOE0xdABFj7tAaiiGPIM25\n" +"N0wc76me0ZAMYJrZTHk8JZK153y9wInYBwVZreXCVSVf11RuVwe+iFQa5QIDAQAB\n" +"AoGAQC4XJtivdhDLL6snHFF7pkZkrQTGgu3pOhakrXA+mTigGQOTqvTUe8LdP/9X\n" +"hTIK+tiTheWcAcxLhx5BSB0/VDKjYhS0ROpTc33Iq9KalOQaTJbBYGA4eagpQjwU\n" +"jGwr9u2sUsM9WI/Jg0VvLSKhfnNwYIUzLpK3BbWb2qAdh+0CQQDQ2s/8DlibFSBK\n" +"UsFK7lLpV8UgMk9CkaNM2BPzI8Hsjpp6s3pULVRd36m4YTSg15EEHv7bZ1N/+krX\n" +"mXb9xUULAkEAwGy5wHsUSjTK+kntkNXjlCU/+9R+HFpzg9Bwm/PqXTBwEWeU24hV\n" +"iRjPvqPtWFZrWi/nfcviuMaqtdliw1I1zwJAZ2mQxhtMYC2LuYFUWAe9YfClmJWQ\n" +"jUOTef8bka5I3RqW/t5TWc7AEWMnpDXtWx6hnUrDolt9Cschu7MvKeQ9lQJAL18U\n" +"46PpPNN+XNuyVoOxgRkihVasrUI/SeYYsuv7eHGiRUagyOLpW9T139LvbV3pE8zT\n" +"So7VA/Q0towL2lX01QJAGcoBNNouSpum9+5NvGQK1XXsZweawE+pFR2BE5XcjG+n\n" +"FnaLEUBX7nTxhTU2cSQET1PKRNp568a281NEna0nxw==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXAIBAAKBgQDFOqqGG/VtIScxayZYZ+BT+hcs5W1bD5qRxunbG9O36UVT18UE\n" +"CWw9HUf0Q5sDMGvVmBxwZ4GjbR5FDPfhIXaRCzobnejJXq/0k+O5NAVkcSPtJvhK\n" +"AaUqBrWA41vnjKOtJudTsZLfufKafzYwVonze7fXGyVsBRjVwHNS4iqq2QIDAQAB\n" +"AoGAJCoStI6R3RXUKvKb0GATuTJFZ50WBTmCPTK9FMkwdCuY47vPy2Ky7y3cUMTI\n" +"urf5PewrYs0H72CFyWGMXkKVi8aOYshsATEXMfGSqOcqXn+UDssRzvabZFlpnAUa\n" +"WDVt/iN092AdakXNna7/DxrLisDpq8HHJfjtlWGPfkXRg4ECQQDpHeKimTvwJcPc\n" +"iDa6Qb/n9gwLeRckfzhYtfX1luJYLIOHh+J9vjQN75thenBLQB/B6qlKtOn9ejxg\n" +"5z+3zIOpAkEA2JbxXVTCOA802p9khvHxDtLHdKi3w/BjjJiC7Mgqo69ZI+s3PB9E\n" +"F2HJA69kZqpGqvybWHDapjWsq7rcMlxrsQJBAME2yvR3y00VEAyGPc4M1vF8ZqlP\n" +"uRW/+ETWtEDUyU/JvU6lGt2bu2tdkEyv/cjxIiFIzP4litdT7B1pLc+6S9kCQBwE\n" +"usiWFGHoJbA6emiyl7qRLdg7kzo3uMkRWa6D3nA6WM+6t/SBHu/faH+fit91G5s2\n" +"/mmcf8yMmP/GNoIVTqECQFl4Pt6yGiz/YVoYSp35ljY5n3JB6T8o2pOmIrRLuPmT\n" +"6kgyygtJBAmx5nnQoeG8n08tl9QakWznKzkNJ0DIFKI=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQDCaOqJ0lsSAEBcnNB6X7BvVcEcol+evi/nJsPe0uT1SbtW50Ch\n" +"vYOHwK6aQR2C5x9VSs47cLynTL7tNt5d8oeryF3NpI8VTPLImDJCcvUZhS7p4bxn\n" +"JO+Wm+D/e3TWfyjreuWtdL+Mfimw2gzwWuBEtmj51GzQ89eYm7fh11SB6QIDAQAB\n" +"AoGAWaakMbZNxPlUtOCjyysBY/Y5vYira7rswD3CKak7aFn+CE9QIMYSN7IFUqEg\n" +"iNMoQd7jR8nvVX8wtJeO5+gF48W13C3n8FZSrW7c5N3bmfMIgo0xa/TGfeXHP98o\n" +"7vhH0I58j3ZZt0Q+3wTm7t7WPE/nJzgrCk30TqmoaEmstTkCQQDtV6YZ6juEK2Lp\n" +"LGUiqohcS/WJxvFrF5+LNpk86Xdgomf6FphZlkq42KYkvl7qibKDcfDqLKTbHHle\n" +"vQQeCgZ7AkEA0bFHi7F8o4iHtKleBvt4QCj1neA0q3CRDypCI5EqFSrNpxY4Krhh\n" +"WYSVX+xT00QYaCpKKWfYQztCw7Anylv96wJACl86Mwe5ch0zRV1bThiFvQLUyCCZ\n" +"jESMBFlueOr6/I4cXSF/puqaeVl+aTyoiTdbRcNE8/bffXPRGgLIm0d04QJBAJSY\n" +"lmTN789Lby99Xh6AkaSV4ghw26Ip8QHYJmph8npxjK69Niw/4Oy44cnKBVUPSmR2\n" +"o3tYFY7/Lb7S1D+4lOUCQQDbMQUGVsZT+ZjuOG1bAjIuXoAOfOd3mgH5VgQHjSgJ\n" +"ourZtlJ4OUpNrq9IfWqPkM+zSE8+0Dk8/9MS5ngBA/SJ\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIICXQIBAAKBgQDNbHjwg+7tVNr9erMLowXRnIcttp4pUJbr3B7Jo/u+kD/Yo3F3\n" +"4rIKhHpJl1uEHP1QmvAD+4ApFFI2hNG54xYI8dGflxL5HOs5xxyOPpkrwzQ8Qvnv\n" +"LPg7Gf6PAW9zF4McG4wK0TkrV28G6NhqcPs5VFY6UyvfZ0fEdWAeoWTIfQIDAQAB\n" +"AoGBAKOmkMp7MLLd8QAS6eSRYSdWHdLrMyES1MjduaFGBF4SKOr7en/Zl6ENXSaX\n" +"cA7V0XCPnjpt9/HCAKTyNupx4LCeFWiqdu8VGXhlzX8bdb896OSR2brKbxgRY5tF\n" +"36uL8akrZdrYgocykQCxmRARMB7/rHwDusiamjL6RUZ3+c45AkEA6UPTVmKZQRMr\n" +"A7Qgg5nXrXo9117Lpqf3FdZ1wdni9V59Ptf5xrx9oGZNZzctJPXSAH4M4cumSJrV\n" +"sZ1V8qE7AwJBAOFx+5luLrVKrdlG7MyOhTAdhKYUvKIvL4wvVSY6y+L2nNEx/cTx\n" +"KYbxGC+H1RJbkCS09rYir3VfDRWQ3W1c1n8CQH+X4hn2hO3blkPIW6CgniD+JKWR\n" +"7MOUTMtdK7yFemfM76VYbgAPSohabSxwOfllnSE30cQQqTw9tXYaIdE98BECQG+M\n" +"QWxSS0QillB6unIgVqBPCrJOcmNhK4qWZPBMiVNcqI0Nyj2nAeAl7MyfzfqOWY0A\n" +"CU5nbR+LD2NLUXRqSisCQQCN3IGv1WOWInmA5xhU6vCFDX5u48Dcji7VLJO/Nv/i\n" +"b/zHKAgjHk5Js7bi5ZWEGaUgA4Jt6cKmGdERheqTMKxx\n" +"-----END RSA PRIVATE KEY-----\n" +}; + +static const char *PREGEN_KEYS_2048[] = { +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIIEpAIBAAKCAQEAoksI1qIuIaFCqT4QbgDvOQCmr9Z9F0E7ku+U5Ep/5dWNANqB\n" +"bSzAOq0+cxiisfF+H4desoqiWDUwlOwXH74qD3ZsbChhvFUD78cQBWQkF+whLVHb\n" +"296QmF0LZqosqz9HMS9CdoMUc1brZb78Hb25QIOOjrg25KYHLZHaqcet1wfhHow6\n" +"Uehc6QTuWgOWFhJnfiXzYgen2o8lnLixxZozhk7Lm7Aix9ur2ckXdQ2Wgny4xw70\n" +"JW84Hapnd8oFUD98XXrExk4VFuIcA8qo7r7y18II6wx4Cw1suKru6bhW65cM/y51\n" +"KC4lB7VkvuoJCelRFdM1PfKZLv2tJP63oAqJrQIDAQABAoIBAQCWc38PEqw3avqU\n" +"UMAEaoNa0bq1Gd8/Nq8WqVnbRSFKHO2pk+cWIb1W6BITuwvgcGKesezdEV4s7apK\n" +"9I7/U1hEm2Ep50mrwRh0KZM1nD9Fmharn851Bt//D4qpMytT2caS1yADI8NKpZJ1\n" +"8VZh7+cT4qG+txHUaAIRgbw3VrBWvTIMu6SOSOZm+e3eOr5UU3du1KvjdJHJ2c2k\n" +"TceHvUdKxV7OYt+BBSN1oBOhs3ajUSRge1v3twRDg3cmbwG0DeXvwHNhGUTcF8IH\n" +"JO1RF5njbkFvyqdAi3ltjU41zYd4OMuPtrwzFOtxUjKT62Soz109HUXXE2CGKFPZ\n" +"PVi5/BIhAoGBANN1xqS5BgHszIB0nXbw5ImYpTRmyhO0KsTblBT9+8Q/B7BCK7bM\n" +"zl+dOPeyvEadSwE7RSMMt6CAlTakWIf3Quw/VZajvXy9C9/LHf52pEKXjxMFMPKE\n" +"aGLHpQnwMtDi8/H8AEAXxI3hpxB2KVR7sAYHWihSGjRJ6oPGvEmKEkb5AoGBAMR6\n" +"G2PKz0xk1vFrjfjSY+y13gH/t7xHaXUggjggUSGKaknQh2BDUllXjadeI0fi1eLW\n" +"r98ZImZZgntAgjaIZ4bAlooTDk4gRHaz9jI+z8lsRwOKnWdiigM7txiXZTMVwMqj\n" +"o5mMNGMA+A+ACkTViRHmkDI7S/9FqAvnbOqVwgFVAoGBALUcY6WDvwx5B3Jh7tgH\n" +"XIYpEh3+h8c2gYcX1g3gtvkPTwN8uToY0gz8eOVV1YHZiHsmi4GIi+HRH3usaRMT\n" +"COOVHzYlSc8Dj57+tdLTRL6wVl9hC9o647ju64DGlI9qQquYPZKniLZIdbFYsu9j\n" +"/JA9Tc/I+h6czFpPJccKlbrpAoGAAPWXrKUQ3g6f/g3IY66jTkSVEO1uuDyhBzFh\n" +"cWS3ALLsUe/yuUWa4VTMHEUZZwB0iucBdNVqlZVaTb/C4wFHgCDwmzv8leUScIHw\n" +"cc5ctV8R+bJzkk2o3tsrybLzi4xPpK2n3tgQaWtXyruVUUC5qpy1l4kylcyBRY2b\n" +"uomAqQECgYAiCNWtuWIDlRBcvtIB+kHguzcoFT3vTCCNhalTEn0zi/tbi+voQgVJ\n" +"SDJNptZv+6vRwQ/HfcQtljKIPO6hUZPYaFWRNhgbh7Ay85lRXYXQOottE8ayReBk\n" +"zZb0fl853Qah4DPsaOugAvhjjKeBmKg6bFWO1z6hj18I3UpDf2YnVQ==\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIIEpQIBAAKCAQEAssO0r37mSJNAkc/ISwXBsu9JjyLeWlsHPAhylQGkSAdp2rjz\n" +"E6AT0Eh3wrocNO31I4pvHReAuh1QedGY6T1cQwO/WAAhQtRCBQDK12qWRgfbC11y\n" +"Xu7zNYPd1Z7YIRy+FxhbL5f+lv3rEUv0HUG5c3CWhLtbANKg+jOieIDzA4Yp1s55\n" +"ynodQBUkTZrwQiT0P8yDSjiasf+clgJRfA1k2XK12KSAMRgyDuPTE4OtBxBvUM3L\n" +"Zvxs81PsmcOuAG4DLaFTg2a/QkCjt2VC1SYYuh/LVxpL41FFh3eMoK5g5deHkgRe\n" +"tlywKjAHIDJu/qgNzNgNW7ymwn2CfBvry9h0/wIDAQABAoIBAEMZ4wDdCWPEokAZ\n" +"Vn2Ss5qO53WrCPuxn42RPjFgZGIFJl7LfbKoK8fK6+lUIrJbf+DPXdX1tIQn7MVN\n" +"P7CNL8yX44MMyW9kbUOjgIBLqgyvdjFV6lBoMTKtRN+iuE31lATnR5Md4pqaxVnA\n" +"wOkaepoycM1x5j7w0SwZparF/HIdkYv0y/MysqT9ByupPA4Fqp/iRSrosHXahNtI\n" +"KZYj1TyERYtuDXq91P4dr/pWq3FmDNI8O3upblkL0YouvG/ZlFLdiNy77XbAyWcX\n" +"ps3YDddM+vECnXO3+sa3ZxgBYvXJdWrrIzM5A+jCkDRZQGsFAzK5I5/S7C2ljt6i\n" +"SmzqvMECgYEA16bGy2XTi6KBPb8aev/OBgK9XuGLwUqK1m15mS9Y2qPHmuc22qaZ\n" +"hw6zginPFrxAEtQWKanhZy4aVqlLkDPLwRnyeuMo1EZAc5B1gZ5ViSAKxBq99hA9\n" +"eqyakdb+IUQsEnRDxSc2gqUQ0EagksUyw5wGG5Q/CVEALmS/r1SU3KUCgYEA1DYf\n" +"6JYdzuRtule3vYeWXKf8sOJpdplgWV7tvLrKkQhdE564uwMCYB23HvYfwWqEdDYG\n" +"fsYg/ur/stk9MDZ3wZKffTEM8V3sX1t1JXnC3ogSAgMGhLZ3ILOLqkoO4BEZJnsS\n" +"dMdiNijlAtQkqs/BO/UVUAKysCtKP3v/+1775dMCgYEAvLjGFjApfnSbV/cK7IM6\n" +"wEXbhdIqZOCgOeEaXjVyM/zKbMRVW+oaR3hVHd8KzSG3jQKv1oxFpu9Qu3ByoWLC\n" +"uF3Ft0debs6ADuJoAyQWROeWpGGmxlUWCGpO5rxYL7KiQxAeUsXrTU+5NBvq4CbV\n" +"MxwyuCX3OGb7mp4upfiGQcUCgYEAuhVsDYv1P4LXJVvd5viKRV2ZG5KuYC1Ga5fu\n" +"aFxzXJI07At2eaa94oKsHR494mEBHNZzA5/BN0fiSHZuTWS1xqxH5oOokc6Gg2ez\n" +"ZdVLp88x20nD4YQPGkHW6tBeEuVrZG7vVC+yU0Ow7bYRISdkjqrusWZsQkbzqI+X\n" +"fFliEbkCgYEAu8x+47M1ordbI7NmbBGyiyP0r7nMRCZ+KEvGeCNYracWmsnCNnfV\n" +"zR2UzmwtSainw3Ho8Jv/rWDC8RIDauyBRYEi2VqOnUzT2ca0iymQyLeBCudAQuio\n" +"drOu4JU8RzZ3Ad6V3DNFnaqmX/7GA9Pa2GI8NJMyb8p1GAGv7Gi8nxc=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIIEowIBAAKCAQEAt01S8JuEwWy/Hzb90yO2O7oGWq3GfvfDpFOF4OQnwG3kQ/BP\n" +"4MoPDCYHdqb3iI9aD3vykZA6Q8zpdfGwjm4+bHrgRdiSmZWv8NvRwuQ5Ji9xbiGn\n" +"hA1XwqH9hvgFTiy6tRvirWSJ7kzH3Q/bEGpCbHUQkwMog4v6yCNKNrjlwjN++eCi\n" +"gFK/0RMOJMLOs8BD3zY+lKjd/pd8LBRujkMyUF5SryeRueAFjD2sq4OXq8DPABGt\n" +"zdR6vbTcsi4JwP1Q6y4x0/LIWEprzzewNU63I5E2zj0WnoRGAIM4aF+VuqcHjWUx\n" +"VWnyLZldSen6lScZ4xj4seitiDbSFvtFkDF6VwIDAQABAoIBAGTP9im2ntDyyjqU\n" +"uA0DuxomOZBtupniEouyFBOX5/UBe2WSKZxsBNKdp8UuFz3X+aRCeyprtF/NtyjT\n" +"AFOVdmebPPWtIxOtK9LAUyFo+7VwqmXzxHnwDLBS/2jXx7MzDozFBWpvvRx+xf1i\n" +"1wy0JEwaJj90oTeYKRkhr5NhJZwkX8zCNYaemBd3kHB3aGWGJasI1Y81UezeRKCn\n" +"hSbn2CrWalI7pyJ4lsavM11nIq1Eu2ZthJiNCMghbYrHoBHd+iVWiCYchP2rNEWV\n" +"sdHtaVHtQ9zdZ43bao3OzPu7lAjd6UAbxsuhUe+a2YdDz/+Up+6+BvQf1FCfYIjW\n" +"KFUdCoECgYEA4t5O+u0V9gkMUhKsevYb0zgc7O/mo8ivN+V++EpAtL0mhiwxeO8p\n" +"oef0szLyhdULQeLN9pJQDCeAbkGdwIe3L+AKU8o8BFGEWLFysZjMg9In/UTrp5MN\n" +"mMDy2SRKKu5BqsvdYH302xpZfHq1T2cMNDWE8lrZffduH06Cgq/XEtECgYEAztbj\n" +"bhFneADnrvk609VnOQvoQEjySeCQKFQFRRI6k/FguqMisL2IRXnMaWammosdeCAg\n" +"m7eZchnszHIst9cwZUKXUFqmAqeDuWSNdTI7uKZH6nT/A6IDlgdjaHsqhvpK0Ac9\n" +"ngycdHONitOZh0ZG74pdWjf828Dwzf+CuYjl9KcCgYEAmIvI6ZqvkJ8m5Kzfw1Jn\n" +"BVCOypbJK8oOX3R2Orea6KzjEYb3wQx3nwFcHX6danYFOskpmqlpH7MT/Y8rZsEa\n" +"4RsxdoPedTzm08iFiXtn0R9nejp0hlov402iPXXUVSedih3IflBTa1w9XaEY9wog\n" +"P57ZBSknYzcTmgNtaDiaUnECgYA5sWauhNw/dMEq5QmrnJK2LsQRakdqo+CR3x25\n" +"LmR4b5Nze51pfvRLrLV/kMpXwQXvQ8bUqFl8og6S2CXxAWzWUcSy/RXhF6h+RbXP\n" +"Qru1vWvB0fBvqvklF9p6giBSle3YKKzfMNVTBggs+OiR+uA+YHG5gHRfN2nzi5mC\n" +"9tRtcQKBgBnDSi4lRCjRe9pPnyAYaa4iyBUGhjPysScSLY9orel89+qmTBQ/Py6J\n" +"0+sefL4ZJaOsuaR2mSSPP/lbSkF9DMFs4tHbBqY+WkVNYLshAkauHwqv26HTVCSd\n" +"QKzeb7uZw9lNaRIzDvy/3wfCLvXfdDozPFrOUgkyaBN5pJSA/4sv\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIIEogIBAAKCAQEA9qtiDoJWqU/eSlpj381eG6UcDzfMguFh/q4e4s7QVdRYj5J0\n" +"Msv0PCkti8JHuvQUyncRpOPccBkhNbVjNbjIgw1pHaIZNdVotUDhP0kseRyJ6z3M\n" +"qbZ5qKn+0mHjVjPNItVDDe6tebYMT1BZpVyRrCOqY2v5z1ecLC+ReygmHgDpzg+L\n" +"0rWfIxGT10IPZ8pAlcdEn6xt5aEhi7mPCX/xwqfQChPIJz6zVLEC8UaPtvDBohPR\n" +"6NQTBTeZZAAtzrQ7+oNxfz1v6Fz6RwMei7Q+qOBnMiwpQmbcDBKABM2RnXSpD0LA\n" +"1GR7/+CiV1HQoShWVvEwrSIlM6jVAJo6iqF6WQIDAQABAoIBAHqwcdxPnfUm4aTP\n" +"4r9NcZKEhDlZgqJSoiA/0OL1BRC7xrTanmspoLhPrvTF1FG715+Aq8j9AQbMqQUC\n" +"zG7LEwiEIhV4K9vn4uXMeHy206UFud/E5EhBl695pmJUB/Q3XcAGnQyP+77++o50\n" +"o7IpIdeiAbzj1uP3aplbq5u7M4JV7fUZWA/368G4HolqFTxcAfBJ05GXlp97BBwY\n" +"AnY3/pNrKMz0NiPf3nsJHYWK18up0JCLPL3tomc94wuNZ66spIazHIL9aaKY0q3V\n" +"LkBrelndfYM1m4xRTnSOy6STu0qKTPOpX0C8XBLYs6uiXjRsChqSYwndCCeASaH3\n" +"LGNIcbUCgYEA/m4qvt8tdT4wEvnE+QUxEELmBtT4UFa3NnQISrzNlhNeI0Zd2xlp\n" +"SG0/pcw83mG2uX+V5xSaWL5LYfLBkvy83Y0yIWgYbbIkyyCOUZnTpwaDGU/FjWip\n" +"3TfXf5qpAgiez94sV+MsFpKfG05yxJh5u+3sIyGTVUAxp0HPx4LVgbMCgYEA+DD1\n" +"fu6ttpuV1UMrsFdjuk6gBvSbyJ9OilY2jT+yE7hSRc/yP3O9ikuR74tNlVrWTnO2\n" +"0kcYbyLJXE2cGUC2q5e4r8TDGiozNfQ7/OC2M3XaJ+xJk4zMf/8PuDDpWr+18ZXA\n" +"Pf+ibXWTFvZ6ZeUmpbrrfCrXdvmIZnwVuOI0FcMCgYAZn26emksxq3mb75tumJ9A\n" +"S/xuY7Q+Iv2Adl7/Z9QscPbiBowdLIn1yUrHn7Hhk2WbeMXX57NDjKZ6zr+/1cQP\n" +"a9DInHsZUP9zlWu/vAYcpAM/4VC71PaGWMFTEHhExCl6NZ2xnCcsfseXMGdOdSyN\n" +"SICnaRI1W6mkdnQ+W2a1EQKBgGEKA3KVr6XuPy8bDEHuaTe29irCCQbwAq1j+ABS\n" +"HzZGoyRYocbdYgZoda7LMJJs6c3SwHCHC66oU0KbtaTKAKImuDdBH2djiJJX4/yD\n" +"f7mvIpTpdfsS2gJRn7vMo/CvdFv4ySl0gfV6OwCHbmPYrLuv0dLCjWwfNI2dhoC7\n" +"MNIxAoGAIPSIG4BrShzbeX4c2L18iwIg+NlOcUbtl0Ccr1t6uLGI+ge/6I6T/5XH\n" +"DPKqYIf0IRYV8suxpfQNKiz/C0NPffA1d1M2hvuAg2v09o2cSwvdcQwdmakKZ5bl\n" +"sdCuYKdCIwomEUOz/4XgQrJl4XDUqxftJT6/egAjWvcIYvfNCsY=\n" +"-----END RSA PRIVATE KEY-----\n", + +"-----BEGIN RSA PRIVATE KEY-----\n" +"MIIEowIBAAKCAQEA1yHZMsgRLckL+v6rgpGq9qmxVBNDxeuul1V/QlFyOlcAk5n/\n" +"uduTalSqGQhc4NEePMxq6nFui4ucpkZOozmcEnhV0N9jld9IB9rLGt4erdg7RKl9\n" +"+gQ+zTn69j69U36E2I47H4dM69uxeSOyWP2Odxpw+biisa3o8mMz1zCmuj4GMDtG\n" +"DlnSpthFzgQR6N1pbvxLXrWg5F16GqFiJOD7kXDfy4/l6kB/mDs1T/3r8kav6DqR\n" +"c/t3aQZxgWGIpI7hc9Qgvp7coZRMey5dNOZEna3tqS8dn2tZlhkpYV5uyFUjmxjG\n" +"TERSULQ7hvUqW+eshGGsnxFtL7ANnTSc4xECowIDAQABAoIBAFhJJMhpQFuIySjd\n" +"AGeZ/g4x/3rgWQzNNp4WUR5XLEhy0eLA7ShJywp06kVRoEQGraEHxsyldldAGS5H\n" +"ZhgoGTufNKB+PHER646FpJpHE1IGjfQUloVW3qr8I1iQ0MOGBWCVpf+/V7rnMsLi\n" +"+lr421FXgYuJ0QKXuyRVv72M0q9U6i+ml3aVAhgW/19oFg+dW7YccX+9iVyD05Q5\n" +"KR64tX8xd4wrAqfAgYA3erbbE6GTyHYD5K54kIgfRr/+pIU4qc1L7XOCblnqc/rI\n" +"BilFysEC634r2MNe66uQvNui4oQTfBcFFlXg0zAmp7d5QE0ApOL6HpCsmbImm2uJ\n" +"sdFNYyECgYEA716kfEv7HfnF0P3pAP2AOuEsW6t8q0UtWvnHrwRQXQw8Yv90g7kD\n" +"pUV3/BjD9VQgsQZosbdSn5wbT4j7dypRdrzYk+8m/hBk4Q8M/tWoRGVOn46NudvK\n" +"/KX0A4ODLuulj8yAZVc7CM5Cdy4GCGJBVO+oVvBUAnHxfZziOyqBw9MCgYEA5hQg\n" +"HEORzdxvbbfAx1ggvH1Eg1lqRhmpI43PpRkaoqb8jLwXb2CyBeuv3RBft/X2Tr6F\n" +"mHpe0U1kN/5YEjii/Q/jUX8azIHaUNNSAjrriEeMQZOqFxmhCdiyeXuqg2fbFbhe\n" +"K3Q6/fsB1xj9OOSwyPMqm/M5U0LsoGjmg8TFE/ECgYAlImKUIdlwOgp1NJ7MF4eo\n" +"Gryd8AmkLFQv8+YFgb7R4I8RsJ2rva0SG6fUhScJTSbRL7RYNZ9swXP/L7oLL5Z5\n" +"vCxBLu22pmZv/7y9X/n9ulWrLRtRhQaFkV08mk9knQwPNeOJVTIEWLM49/vZmxyV\n" +"h6Ru8FOoGXMkUI1MLnj5HwKBgGJLkNhiacVYeuaWDa9c0EeXARFYvxWJ2wAMkvzG\n" +"9+ErlFQP+7ciyYvMAItidnJii8NilDLrfNzQwpNFf5zxQ3j4M7bapblfdMT5M10u\n" +"jPfhEWPm0VEjKvDI+p76HYQcd7YU2W6ZLqbZeRTLYUvQMFL5yGduBzyyJ+P0TR9Y\n" +"jpYRAoGBAM7vYGTprw4w2tTZPFICXVk1bQ0LO06oNRtwkiQTUT6UqPjWMFyvHnmN\n" +"11SVVBmRZ0RAk6e5eZLFX8WelJ4J4nSOGRcJheCtoEFlO7D1ewAUSbqWJ0pBqp2T\n" +"gV4oCS8LYe8zReVoYZJjuLwoHvxZzs/hUjc3SI2HRW2W/HQRPC25\n" +"-----END RSA PRIVATE KEY-----\n" +}; + +#define N_PREGEN_KEYS_1024 ARRAY_LENGTH(PREGEN_KEYS_1024) +static crypto_pk_t *pregen_keys_1024[N_PREGEN_KEYS_1024]; +static int next_key_idx_1024; +#define N_PREGEN_KEYS_2048 ARRAY_LENGTH(PREGEN_KEYS_2048) +static crypto_pk_t *pregen_keys_2048[N_PREGEN_KEYS_2048]; +static int next_key_idx_2048; +#endif + +/** Generate and return a new keypair for use in unit tests. If we're using + * the key cache optimization, we might reuse keys. "idx" is ignored. + * Our only guarantee is that we won't reuse a key till this function has been + * called several times. The order in which keys are returned is slightly + * randomized, so that tests that depend on a particular order will not be + * reliable. */ +static crypto_pk_t * +pk_generate_internal(int bits) +{ + tor_assert(bits == 2048 || bits == 1024); + +#ifdef USE_PREGENERATED_RSA_KEYS + int *idxp; + int n_pregen; + crypto_pk_t **pregen_array; + if (bits == 2048) { + idxp = &next_key_idx_2048; + n_pregen = N_PREGEN_KEYS_2048; + pregen_array = pregen_keys_2048; + } else { + idxp = &next_key_idx_1024; + n_pregen = N_PREGEN_KEYS_1024; + pregen_array = pregen_keys_1024; + } + /* Either skip 1 or 2 keys. */ + *idxp += crypto_rand_int_range(1,3); + *idxp %= n_pregen; + return crypto_pk_dup_key(pregen_array[*idxp]); +#else + crypto_pk_t *result; + int res; + result = crypto_pk_new(); + res = crypto_pk_generate_key_with_bits__real(result, bits); + tor_assert(!res); + return result; +#endif +} + +crypto_pk_t * +pk_generate(int idx) +{ + (void) idx; + return pk_generate_internal(1024); +} + +#ifdef USE_PREGENERATED_RSA_KEYS +static int +crypto_pk_generate_key_with_bits__get_cached(crypto_pk_t *env, int bits) +{ + if (bits == 1024 || bits == 2048) { + crypto_pk_t *newkey = pk_generate_internal(bits); + crypto_pk_assign_(env, newkey); + crypto_pk_free(newkey); + } else { + return crypto_pk_generate_key_with_bits__real(env, bits); + } + return 0; +} +#endif + +/** Free all storage used for the cached key optimization. */ +void +free_pregenerated_keys(void) +{ +#ifdef USE_PREGENERATED_RSA_KEYS + unsigned idx; + for (idx = 0; idx < N_PREGEN_KEYS_1024; ++idx) { + if (pregen_keys_1024[idx]) { + crypto_pk_free(pregen_keys_1024[idx]); + pregen_keys_1024[idx] = NULL; + } + } + for (idx = 0; idx < N_PREGEN_KEYS_2048; ++idx) { + if (pregen_keys_2048[idx]) { + crypto_pk_free(pregen_keys_2048[idx]); + pregen_keys_2048[idx] = NULL; + } + } +#endif +} + +void +init_pregenerated_keys(void) +{ +#ifdef USE_PREGENERATED_RSA_KEYS + const char *s; + crypto_pk_t *pk; + unsigned i; + for (i = 0; i < N_PREGEN_KEYS_1024; ++i) { + pk = pregen_keys_1024[i] = crypto_pk_new(); + s = PREGEN_KEYS_1024[i]; + int r = crypto_pk_read_private_key_from_string(pk, s, strlen(s)); + tor_assert(r == 0); + } + for (i = 0; i < N_PREGEN_KEYS_2048; ++i) { + pk = pregen_keys_2048[i] = crypto_pk_new(); + s = PREGEN_KEYS_2048[i]; + int r = crypto_pk_read_private_key_from_string(pk, s, strlen(s)); + tor_assert(r == 0); + } + + MOCK(crypto_pk_generate_key_with_bits, + crypto_pk_generate_key_with_bits__get_cached); +#endif +} + diff --git a/src/trunnel/ed25519_cert.c b/src/trunnel/ed25519_cert.c index 24988d510b..ee02fda646 100644 --- a/src/trunnel/ed25519_cert.c +++ b/src/trunnel/ed25519_cert.c @@ -1,4 +1,4 @@ -/* ed25519_cert.c -- generated by Trunnel v1.4.6. +/* ed25519_cert.c -- generated by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -28,6 +28,281 @@ int edcert_deadcode_dummy__ = 0; } \ } while (0) +create2_cell_body_t * +create2_cell_body_new(void) +{ + create2_cell_body_t *val = trunnel_calloc(1, sizeof(create2_cell_body_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +create2_cell_body_clear(create2_cell_body_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(&obj->handshake_data); + TRUNNEL_DYNARRAY_CLEAR(&obj->handshake_data); +} + +void +create2_cell_body_free(create2_cell_body_t *obj) +{ + if (obj == NULL) + return; + create2_cell_body_clear(obj); + trunnel_memwipe(obj, sizeof(create2_cell_body_t)); + trunnel_free_(obj); +} + +uint16_t +create2_cell_body_get_handshake_type(const create2_cell_body_t *inp) +{ + return inp->handshake_type; +} +int +create2_cell_body_set_handshake_type(create2_cell_body_t *inp, uint16_t val) +{ + inp->handshake_type = val; + return 0; +} +uint16_t +create2_cell_body_get_handshake_len(const create2_cell_body_t *inp) +{ + return inp->handshake_len; +} +int +create2_cell_body_set_handshake_len(create2_cell_body_t *inp, uint16_t val) +{ + inp->handshake_len = val; + return 0; +} +size_t +create2_cell_body_getlen_handshake_data(const create2_cell_body_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->handshake_data); +} + +uint8_t +create2_cell_body_get_handshake_data(create2_cell_body_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->handshake_data, idx); +} + +uint8_t +create2_cell_body_getconst_handshake_data(const create2_cell_body_t *inp, size_t idx) +{ + return create2_cell_body_get_handshake_data((create2_cell_body_t*)inp, idx); +} +int +create2_cell_body_set_handshake_data(create2_cell_body_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->handshake_data, idx, elt); + return 0; +} +int +create2_cell_body_add_handshake_data(create2_cell_body_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->handshake_data.n_ == UINT16_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->handshake_data, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +create2_cell_body_getarray_handshake_data(create2_cell_body_t *inp) +{ + return inp->handshake_data.elts_; +} +const uint8_t * +create2_cell_body_getconstarray_handshake_data(const create2_cell_body_t *inp) +{ + return (const uint8_t *)create2_cell_body_getarray_handshake_data((create2_cell_body_t*)inp); +} +int +create2_cell_body_setlen_handshake_data(create2_cell_body_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->handshake_data.allocated_, + &inp->handshake_data.n_, inp->handshake_data.elts_, newlen, + sizeof(inp->handshake_data.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->handshake_data.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +create2_cell_body_check(const create2_cell_body_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (TRUNNEL_DYNARRAY_LEN(&obj->handshake_data) != obj->handshake_len) + return "Length mismatch for handshake_data"; + return NULL; +} + +ssize_t +create2_cell_body_encoded_len(const create2_cell_body_t *obj) +{ + ssize_t result = 0; + + if (NULL != create2_cell_body_check(obj)) + return -1; + + + /* Length of u16 handshake_type */ + result += 2; + + /* Length of u16 handshake_len */ + result += 2; + + /* Length of u8 handshake_data[handshake_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->handshake_data); + return result; +} +int +create2_cell_body_clear_errors(create2_cell_body_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +create2_cell_body_encode(uint8_t *output, const size_t avail, const create2_cell_body_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = create2_cell_body_encoded_len(obj); +#endif + + if (NULL != (msg = create2_cell_body_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u16 handshake_type */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->handshake_type)); + written += 2; ptr += 2; + + /* Encode u16 handshake_len */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->handshake_len)); + written += 2; ptr += 2; + + /* Encode u8 handshake_data[handshake_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->handshake_data); + trunnel_assert(obj->handshake_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->handshake_data.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As create2_cell_body_parse(), but do not allocate the output + * object. + */ +static ssize_t +create2_cell_body_parse_into(create2_cell_body_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u16 handshake_type */ + CHECK_REMAINING(2, truncated); + obj->handshake_type = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u16 handshake_len */ + CHECK_REMAINING(2, truncated); + obj->handshake_len = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u8 handshake_data[handshake_len] */ + CHECK_REMAINING(obj->handshake_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->handshake_data, obj->handshake_len, {}); + obj->handshake_data.n_ = obj->handshake_len; + if (obj->handshake_len) + memcpy(obj->handshake_data.elts_, ptr, obj->handshake_len); + ptr += obj->handshake_len; remaining -= obj->handshake_len; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + trunnel_alloc_failed: + return -1; +} + +ssize_t +create2_cell_body_parse(create2_cell_body_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = create2_cell_body_new(); + if (NULL == *output) + return -1; + result = create2_cell_body_parse_into(*output, input, len_in); + if (result < 0) { + create2_cell_body_free(*output); + *output = NULL; + } + return result; +} ed25519_cert_extension_t * ed25519_cert_extension_new(void) { @@ -58,7 +333,7 @@ ed25519_cert_extension_free(ed25519_cert_extension_t *obj) } uint16_t -ed25519_cert_extension_get_ext_length(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_length(const ed25519_cert_extension_t *inp) { return inp->ext_length; } @@ -69,7 +344,7 @@ ed25519_cert_extension_set_ext_length(ed25519_cert_extension_t *inp, uint16_t va return 0; } uint8_t -ed25519_cert_extension_get_ext_type(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_type(const ed25519_cert_extension_t *inp) { return inp->ext_type; } @@ -80,7 +355,7 @@ ed25519_cert_extension_set_ext_type(ed25519_cert_extension_t *inp, uint8_t val) return 0; } uint8_t -ed25519_cert_extension_get_ext_flags(ed25519_cert_extension_t *inp) +ed25519_cert_extension_get_ext_flags(const ed25519_cert_extension_t *inp) { return inp->ext_flags; } @@ -97,12 +372,17 @@ ed25519_cert_extension_getlen_un_signing_key(const ed25519_cert_extension_t *inp } uint8_t -ed25519_cert_extension_get_un_signing_key(const ed25519_cert_extension_t *inp, size_t idx) +ed25519_cert_extension_get_un_signing_key(ed25519_cert_extension_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->un_signing_key[idx]; } +uint8_t +ed25519_cert_extension_getconst_un_signing_key(const ed25519_cert_extension_t *inp, size_t idx) +{ + return ed25519_cert_extension_get_un_signing_key((ed25519_cert_extension_t*)inp, idx); +} int ed25519_cert_extension_set_un_signing_key(ed25519_cert_extension_t *inp, size_t idx, uint8_t elt) { @@ -116,6 +396,11 @@ ed25519_cert_extension_getarray_un_signing_key(ed25519_cert_extension_t *inp) { return inp->un_signing_key; } +const uint8_t * +ed25519_cert_extension_getconstarray_un_signing_key(const ed25519_cert_extension_t *inp) +{ + return (const uint8_t *)ed25519_cert_extension_getarray_un_signing_key((ed25519_cert_extension_t*)inp); +} size_t ed25519_cert_extension_getlen_un_unparsed(const ed25519_cert_extension_t *inp) { @@ -128,6 +413,11 @@ ed25519_cert_extension_get_un_unparsed(ed25519_cert_extension_t *inp, size_t idx return TRUNNEL_DYNARRAY_GET(&inp->un_unparsed, idx); } +uint8_t +ed25519_cert_extension_getconst_un_unparsed(const ed25519_cert_extension_t *inp, size_t idx) +{ + return ed25519_cert_extension_get_un_unparsed((ed25519_cert_extension_t*)inp, idx); +} int ed25519_cert_extension_set_un_unparsed(ed25519_cert_extension_t *inp, size_t idx, uint8_t elt) { @@ -149,6 +439,11 @@ ed25519_cert_extension_getarray_un_unparsed(ed25519_cert_extension_t *inp) { return inp->un_unparsed.elts_; } +const uint8_t * +ed25519_cert_extension_getconstarray_un_unparsed(const ed25519_cert_extension_t *inp) +{ + return (const uint8_t *)ed25519_cert_extension_getarray_un_unparsed((ed25519_cert_extension_t*)inp); +} int ed25519_cert_extension_setlen_un_unparsed(ed25519_cert_extension_t *inp, size_t newlen) { @@ -410,6 +705,878 @@ ed25519_cert_extension_parse(ed25519_cert_extension_t **output, const uint8_t *i } return result; } +extend1_cell_body_t * +extend1_cell_body_new(void) +{ + extend1_cell_body_t *val = trunnel_calloc(1, sizeof(extend1_cell_body_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +extend1_cell_body_clear(extend1_cell_body_t *obj) +{ + (void) obj; +} + +void +extend1_cell_body_free(extend1_cell_body_t *obj) +{ + if (obj == NULL) + return; + extend1_cell_body_clear(obj); + trunnel_memwipe(obj, sizeof(extend1_cell_body_t)); + trunnel_free_(obj); +} + +uint32_t +extend1_cell_body_get_ipv4addr(const extend1_cell_body_t *inp) +{ + return inp->ipv4addr; +} +int +extend1_cell_body_set_ipv4addr(extend1_cell_body_t *inp, uint32_t val) +{ + inp->ipv4addr = val; + return 0; +} +uint16_t +extend1_cell_body_get_port(const extend1_cell_body_t *inp) +{ + return inp->port; +} +int +extend1_cell_body_set_port(extend1_cell_body_t *inp, uint16_t val) +{ + inp->port = val; + return 0; +} +size_t +extend1_cell_body_getlen_onionskin(const extend1_cell_body_t *inp) +{ + (void)inp; return 186; +} + +uint8_t +extend1_cell_body_get_onionskin(extend1_cell_body_t *inp, size_t idx) +{ + trunnel_assert(idx < 186); + return inp->onionskin[idx]; +} + +uint8_t +extend1_cell_body_getconst_onionskin(const extend1_cell_body_t *inp, size_t idx) +{ + return extend1_cell_body_get_onionskin((extend1_cell_body_t*)inp, idx); +} +int +extend1_cell_body_set_onionskin(extend1_cell_body_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < 186); + inp->onionskin[idx] = elt; + return 0; +} + +uint8_t * +extend1_cell_body_getarray_onionskin(extend1_cell_body_t *inp) +{ + return inp->onionskin; +} +const uint8_t * +extend1_cell_body_getconstarray_onionskin(const extend1_cell_body_t *inp) +{ + return (const uint8_t *)extend1_cell_body_getarray_onionskin((extend1_cell_body_t*)inp); +} +size_t +extend1_cell_body_getlen_identity(const extend1_cell_body_t *inp) +{ + (void)inp; return 20; +} + +uint8_t +extend1_cell_body_get_identity(extend1_cell_body_t *inp, size_t idx) +{ + trunnel_assert(idx < 20); + return inp->identity[idx]; +} + +uint8_t +extend1_cell_body_getconst_identity(const extend1_cell_body_t *inp, size_t idx) +{ + return extend1_cell_body_get_identity((extend1_cell_body_t*)inp, idx); +} +int +extend1_cell_body_set_identity(extend1_cell_body_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < 20); + inp->identity[idx] = elt; + return 0; +} + +uint8_t * +extend1_cell_body_getarray_identity(extend1_cell_body_t *inp) +{ + return inp->identity; +} +const uint8_t * +extend1_cell_body_getconstarray_identity(const extend1_cell_body_t *inp) +{ + return (const uint8_t *)extend1_cell_body_getarray_identity((extend1_cell_body_t*)inp); +} +const char * +extend1_cell_body_check(const extend1_cell_body_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + return NULL; +} + +ssize_t +extend1_cell_body_encoded_len(const extend1_cell_body_t *obj) +{ + ssize_t result = 0; + + if (NULL != extend1_cell_body_check(obj)) + return -1; + + + /* Length of u32 ipv4addr */ + result += 4; + + /* Length of u16 port */ + result += 2; + + /* Length of u8 onionskin[186] */ + result += 186; + + /* Length of u8 identity[20] */ + result += 20; + return result; +} +int +extend1_cell_body_clear_errors(extend1_cell_body_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +extend1_cell_body_encode(uint8_t *output, const size_t avail, const extend1_cell_body_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = extend1_cell_body_encoded_len(obj); +#endif + + if (NULL != (msg = extend1_cell_body_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u32 ipv4addr */ + trunnel_assert(written <= avail); + if (avail - written < 4) + goto truncated; + trunnel_set_uint32(ptr, trunnel_htonl(obj->ipv4addr)); + written += 4; ptr += 4; + + /* Encode u16 port */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->port)); + written += 2; ptr += 2; + + /* Encode u8 onionskin[186] */ + trunnel_assert(written <= avail); + if (avail - written < 186) + goto truncated; + memcpy(ptr, obj->onionskin, 186); + written += 186; ptr += 186; + + /* Encode u8 identity[20] */ + trunnel_assert(written <= avail); + if (avail - written < 20) + goto truncated; + memcpy(ptr, obj->identity, 20); + written += 20; ptr += 20; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As extend1_cell_body_parse(), but do not allocate the output + * object. + */ +static ssize_t +extend1_cell_body_parse_into(extend1_cell_body_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u32 ipv4addr */ + CHECK_REMAINING(4, truncated); + obj->ipv4addr = trunnel_ntohl(trunnel_get_uint32(ptr)); + remaining -= 4; ptr += 4; + + /* Parse u16 port */ + CHECK_REMAINING(2, truncated); + obj->port = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u8 onionskin[186] */ + CHECK_REMAINING(186, truncated); + memcpy(obj->onionskin, ptr, 186); + remaining -= 186; ptr += 186; + + /* Parse u8 identity[20] */ + CHECK_REMAINING(20, truncated); + memcpy(obj->identity, ptr, 20); + remaining -= 20; ptr += 20; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; +} + +ssize_t +extend1_cell_body_parse(extend1_cell_body_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = extend1_cell_body_new(); + if (NULL == *output) + return -1; + result = extend1_cell_body_parse_into(*output, input, len_in); + if (result < 0) { + extend1_cell_body_free(*output); + *output = NULL; + } + return result; +} +link_specifier_t * +link_specifier_new(void) +{ + link_specifier_t *val = trunnel_calloc(1, sizeof(link_specifier_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +link_specifier_clear(link_specifier_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(&obj->un_unrecognized); + TRUNNEL_DYNARRAY_CLEAR(&obj->un_unrecognized); +} + +void +link_specifier_free(link_specifier_t *obj) +{ + if (obj == NULL) + return; + link_specifier_clear(obj); + trunnel_memwipe(obj, sizeof(link_specifier_t)); + trunnel_free_(obj); +} + +uint8_t +link_specifier_get_ls_type(const link_specifier_t *inp) +{ + return inp->ls_type; +} +int +link_specifier_set_ls_type(link_specifier_t *inp, uint8_t val) +{ + inp->ls_type = val; + return 0; +} +uint8_t +link_specifier_get_ls_len(const link_specifier_t *inp) +{ + return inp->ls_len; +} +int +link_specifier_set_ls_len(link_specifier_t *inp, uint8_t val) +{ + inp->ls_len = val; + return 0; +} +uint32_t +link_specifier_get_un_ipv4_addr(const link_specifier_t *inp) +{ + return inp->un_ipv4_addr; +} +int +link_specifier_set_un_ipv4_addr(link_specifier_t *inp, uint32_t val) +{ + inp->un_ipv4_addr = val; + return 0; +} +uint16_t +link_specifier_get_un_ipv4_port(const link_specifier_t *inp) +{ + return inp->un_ipv4_port; +} +int +link_specifier_set_un_ipv4_port(link_specifier_t *inp, uint16_t val) +{ + inp->un_ipv4_port = val; + return 0; +} +size_t +link_specifier_getlen_un_ipv6_addr(const link_specifier_t *inp) +{ + (void)inp; return 16; +} + +uint8_t +link_specifier_get_un_ipv6_addr(link_specifier_t *inp, size_t idx) +{ + trunnel_assert(idx < 16); + return inp->un_ipv6_addr[idx]; +} + +uint8_t +link_specifier_getconst_un_ipv6_addr(const link_specifier_t *inp, size_t idx) +{ + return link_specifier_get_un_ipv6_addr((link_specifier_t*)inp, idx); +} +int +link_specifier_set_un_ipv6_addr(link_specifier_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < 16); + inp->un_ipv6_addr[idx] = elt; + return 0; +} + +uint8_t * +link_specifier_getarray_un_ipv6_addr(link_specifier_t *inp) +{ + return inp->un_ipv6_addr; +} +const uint8_t * +link_specifier_getconstarray_un_ipv6_addr(const link_specifier_t *inp) +{ + return (const uint8_t *)link_specifier_getarray_un_ipv6_addr((link_specifier_t*)inp); +} +uint16_t +link_specifier_get_un_ipv6_port(const link_specifier_t *inp) +{ + return inp->un_ipv6_port; +} +int +link_specifier_set_un_ipv6_port(link_specifier_t *inp, uint16_t val) +{ + inp->un_ipv6_port = val; + return 0; +} +size_t +link_specifier_getlen_un_legacy_id(const link_specifier_t *inp) +{ + (void)inp; return 20; +} + +uint8_t +link_specifier_get_un_legacy_id(link_specifier_t *inp, size_t idx) +{ + trunnel_assert(idx < 20); + return inp->un_legacy_id[idx]; +} + +uint8_t +link_specifier_getconst_un_legacy_id(const link_specifier_t *inp, size_t idx) +{ + return link_specifier_get_un_legacy_id((link_specifier_t*)inp, idx); +} +int +link_specifier_set_un_legacy_id(link_specifier_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < 20); + inp->un_legacy_id[idx] = elt; + return 0; +} + +uint8_t * +link_specifier_getarray_un_legacy_id(link_specifier_t *inp) +{ + return inp->un_legacy_id; +} +const uint8_t * +link_specifier_getconstarray_un_legacy_id(const link_specifier_t *inp) +{ + return (const uint8_t *)link_specifier_getarray_un_legacy_id((link_specifier_t*)inp); +} +size_t +link_specifier_getlen_un_ed25519_id(const link_specifier_t *inp) +{ + (void)inp; return 32; +} + +uint8_t +link_specifier_get_un_ed25519_id(link_specifier_t *inp, size_t idx) +{ + trunnel_assert(idx < 32); + return inp->un_ed25519_id[idx]; +} + +uint8_t +link_specifier_getconst_un_ed25519_id(const link_specifier_t *inp, size_t idx) +{ + return link_specifier_get_un_ed25519_id((link_specifier_t*)inp, idx); +} +int +link_specifier_set_un_ed25519_id(link_specifier_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < 32); + inp->un_ed25519_id[idx] = elt; + return 0; +} + +uint8_t * +link_specifier_getarray_un_ed25519_id(link_specifier_t *inp) +{ + return inp->un_ed25519_id; +} +const uint8_t * +link_specifier_getconstarray_un_ed25519_id(const link_specifier_t *inp) +{ + return (const uint8_t *)link_specifier_getarray_un_ed25519_id((link_specifier_t*)inp); +} +size_t +link_specifier_getlen_un_unrecognized(const link_specifier_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->un_unrecognized); +} + +uint8_t +link_specifier_get_un_unrecognized(link_specifier_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->un_unrecognized, idx); +} + +uint8_t +link_specifier_getconst_un_unrecognized(const link_specifier_t *inp, size_t idx) +{ + return link_specifier_get_un_unrecognized((link_specifier_t*)inp, idx); +} +int +link_specifier_set_un_unrecognized(link_specifier_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->un_unrecognized, idx, elt); + return 0; +} +int +link_specifier_add_un_unrecognized(link_specifier_t *inp, uint8_t elt) +{ + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->un_unrecognized, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +link_specifier_getarray_un_unrecognized(link_specifier_t *inp) +{ + return inp->un_unrecognized.elts_; +} +const uint8_t * +link_specifier_getconstarray_un_unrecognized(const link_specifier_t *inp) +{ + return (const uint8_t *)link_specifier_getarray_un_unrecognized((link_specifier_t*)inp); +} +int +link_specifier_setlen_un_unrecognized(link_specifier_t *inp, size_t newlen) +{ + uint8_t *newptr; + newptr = trunnel_dynarray_setlen(&inp->un_unrecognized.allocated_, + &inp->un_unrecognized.n_, inp->un_unrecognized.elts_, newlen, + sizeof(inp->un_unrecognized.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->un_unrecognized.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +link_specifier_check(const link_specifier_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + switch (obj->ls_type) { + + case LS_IPV4: + break; + + case LS_IPV6: + break; + + case LS_LEGACY_ID: + break; + + case LS_ED25519_ID: + break; + + default: + break; + } + return NULL; +} + +ssize_t +link_specifier_encoded_len(const link_specifier_t *obj) +{ + ssize_t result = 0; + + if (NULL != link_specifier_check(obj)) + return -1; + + + /* Length of u8 ls_type */ + result += 1; + + /* Length of u8 ls_len */ + result += 1; + switch (obj->ls_type) { + + case LS_IPV4: + + /* Length of u32 un_ipv4_addr */ + result += 4; + + /* Length of u16 un_ipv4_port */ + result += 2; + break; + + case LS_IPV6: + + /* Length of u8 un_ipv6_addr[16] */ + result += 16; + + /* Length of u16 un_ipv6_port */ + result += 2; + break; + + case LS_LEGACY_ID: + + /* Length of u8 un_legacy_id[20] */ + result += 20; + break; + + case LS_ED25519_ID: + + /* Length of u8 un_ed25519_id[32] */ + result += 32; + break; + + default: + + /* Length of u8 un_unrecognized[] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->un_unrecognized); + break; + } + return result; +} +int +link_specifier_clear_errors(link_specifier_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +link_specifier_encode(uint8_t *output, const size_t avail, const link_specifier_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = link_specifier_encoded_len(obj); +#endif + + uint8_t *backptr_ls_len = NULL; + + if (NULL != (msg = link_specifier_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 ls_type */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->ls_type)); + written += 1; ptr += 1; + + /* Encode u8 ls_len */ + backptr_ls_len = ptr; + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->ls_len)); + written += 1; ptr += 1; + { + size_t written_before_union = written; + + /* Encode union un[ls_type] */ + trunnel_assert(written <= avail); + switch (obj->ls_type) { + + case LS_IPV4: + + /* Encode u32 un_ipv4_addr */ + trunnel_assert(written <= avail); + if (avail - written < 4) + goto truncated; + trunnel_set_uint32(ptr, trunnel_htonl(obj->un_ipv4_addr)); + written += 4; ptr += 4; + + /* Encode u16 un_ipv4_port */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->un_ipv4_port)); + written += 2; ptr += 2; + break; + + case LS_IPV6: + + /* Encode u8 un_ipv6_addr[16] */ + trunnel_assert(written <= avail); + if (avail - written < 16) + goto truncated; + memcpy(ptr, obj->un_ipv6_addr, 16); + written += 16; ptr += 16; + + /* Encode u16 un_ipv6_port */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->un_ipv6_port)); + written += 2; ptr += 2; + break; + + case LS_LEGACY_ID: + + /* Encode u8 un_legacy_id[20] */ + trunnel_assert(written <= avail); + if (avail - written < 20) + goto truncated; + memcpy(ptr, obj->un_legacy_id, 20); + written += 20; ptr += 20; + break; + + case LS_ED25519_ID: + + /* Encode u8 un_ed25519_id[32] */ + trunnel_assert(written <= avail); + if (avail - written < 32) + goto truncated; + memcpy(ptr, obj->un_ed25519_id, 32); + written += 32; ptr += 32; + break; + + default: + + /* Encode u8 un_unrecognized[] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->un_unrecognized); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->un_unrecognized.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + break; + } + /* Write the length field back to ls_len */ + trunnel_assert(written >= written_before_union); +#if UINT8_MAX < SIZE_MAX + if (written - written_before_union > UINT8_MAX) + goto check_failed; +#endif + trunnel_set_uint8(backptr_ls_len, (written - written_before_union)); + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As link_specifier_parse(), but do not allocate the output object. + */ +static ssize_t +link_specifier_parse_into(link_specifier_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 ls_type */ + CHECK_REMAINING(1, truncated); + obj->ls_type = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse u8 ls_len */ + CHECK_REMAINING(1, truncated); + obj->ls_len = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + { + size_t remaining_after; + CHECK_REMAINING(obj->ls_len, truncated); + remaining_after = remaining - obj->ls_len; + remaining = obj->ls_len; + + /* Parse union un[ls_type] */ + switch (obj->ls_type) { + + case LS_IPV4: + + /* Parse u32 un_ipv4_addr */ + CHECK_REMAINING(4, fail); + obj->un_ipv4_addr = trunnel_ntohl(trunnel_get_uint32(ptr)); + remaining -= 4; ptr += 4; + + /* Parse u16 un_ipv4_port */ + CHECK_REMAINING(2, fail); + obj->un_ipv4_port = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + break; + + case LS_IPV6: + + /* Parse u8 un_ipv6_addr[16] */ + CHECK_REMAINING(16, fail); + memcpy(obj->un_ipv6_addr, ptr, 16); + remaining -= 16; ptr += 16; + + /* Parse u16 un_ipv6_port */ + CHECK_REMAINING(2, fail); + obj->un_ipv6_port = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + break; + + case LS_LEGACY_ID: + + /* Parse u8 un_legacy_id[20] */ + CHECK_REMAINING(20, fail); + memcpy(obj->un_legacy_id, ptr, 20); + remaining -= 20; ptr += 20; + break; + + case LS_ED25519_ID: + + /* Parse u8 un_ed25519_id[32] */ + CHECK_REMAINING(32, fail); + memcpy(obj->un_ed25519_id, ptr, 32); + remaining -= 32; ptr += 32; + break; + + default: + + /* Parse u8 un_unrecognized[] */ + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->un_unrecognized, remaining, {}); + obj->un_unrecognized.n_ = remaining; + if (remaining) + memcpy(obj->un_unrecognized.elts_, ptr, remaining); + ptr += remaining; remaining -= remaining; + break; + } + if (remaining != 0) + goto fail; + remaining = remaining_after; + } + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + trunnel_alloc_failed: + return -1; + fail: + result = -1; + return result; +} + +ssize_t +link_specifier_parse(link_specifier_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = link_specifier_new(); + if (NULL == *output) + return -1; + result = link_specifier_parse_into(*output, input, len_in); + if (result < 0) { + link_specifier_free(*output); + *output = NULL; + } + return result; +} ed25519_cert_t * ed25519_cert_new(void) { @@ -448,7 +1615,7 @@ ed25519_cert_free(ed25519_cert_t *obj) } uint8_t -ed25519_cert_get_version(ed25519_cert_t *inp) +ed25519_cert_get_version(const ed25519_cert_t *inp) { return inp->version; } @@ -463,7 +1630,7 @@ ed25519_cert_set_version(ed25519_cert_t *inp, uint8_t val) return 0; } uint8_t -ed25519_cert_get_cert_type(ed25519_cert_t *inp) +ed25519_cert_get_cert_type(const ed25519_cert_t *inp) { return inp->cert_type; } @@ -474,7 +1641,7 @@ ed25519_cert_set_cert_type(ed25519_cert_t *inp, uint8_t val) return 0; } uint32_t -ed25519_cert_get_exp_field(ed25519_cert_t *inp) +ed25519_cert_get_exp_field(const ed25519_cert_t *inp) { return inp->exp_field; } @@ -485,7 +1652,7 @@ ed25519_cert_set_exp_field(ed25519_cert_t *inp, uint32_t val) return 0; } uint8_t -ed25519_cert_get_cert_key_type(ed25519_cert_t *inp) +ed25519_cert_get_cert_key_type(const ed25519_cert_t *inp) { return inp->cert_key_type; } @@ -502,12 +1669,17 @@ ed25519_cert_getlen_certified_key(const ed25519_cert_t *inp) } uint8_t -ed25519_cert_get_certified_key(const ed25519_cert_t *inp, size_t idx) +ed25519_cert_get_certified_key(ed25519_cert_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->certified_key[idx]; } +uint8_t +ed25519_cert_getconst_certified_key(const ed25519_cert_t *inp, size_t idx) +{ + return ed25519_cert_get_certified_key((ed25519_cert_t*)inp, idx); +} int ed25519_cert_set_certified_key(ed25519_cert_t *inp, size_t idx, uint8_t elt) { @@ -521,8 +1693,13 @@ ed25519_cert_getarray_certified_key(ed25519_cert_t *inp) { return inp->certified_key; } +const uint8_t * +ed25519_cert_getconstarray_certified_key(const ed25519_cert_t *inp) +{ + return (const uint8_t *)ed25519_cert_getarray_certified_key((ed25519_cert_t*)inp); +} uint8_t -ed25519_cert_get_n_extensions(ed25519_cert_t *inp) +ed25519_cert_get_n_extensions(const ed25519_cert_t *inp) { return inp->n_extensions; } @@ -544,6 +1721,11 @@ ed25519_cert_get_ext(ed25519_cert_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->ext, idx); } + const struct ed25519_cert_extension_st * +ed25519_cert_getconst_ext(const ed25519_cert_t *inp, size_t idx) +{ + return ed25519_cert_get_ext((ed25519_cert_t*)inp, idx); +} int ed25519_cert_set_ext(ed25519_cert_t *inp, size_t idx, struct ed25519_cert_extension_st * elt) { @@ -577,6 +1759,11 @@ ed25519_cert_getarray_ext(ed25519_cert_t *inp) { return inp->ext.elts_; } +const struct ed25519_cert_extension_st * const * +ed25519_cert_getconstarray_ext(const ed25519_cert_t *inp) +{ + return (const struct ed25519_cert_extension_st * const *)ed25519_cert_getarray_ext((ed25519_cert_t*)inp); +} int ed25519_cert_setlen_ext(ed25519_cert_t *inp, size_t newlen) { @@ -604,12 +1791,17 @@ ed25519_cert_getlen_signature(const ed25519_cert_t *inp) } uint8_t -ed25519_cert_get_signature(const ed25519_cert_t *inp, size_t idx) +ed25519_cert_get_signature(ed25519_cert_t *inp, size_t idx) { trunnel_assert(idx < 64); return inp->signature[idx]; } +uint8_t +ed25519_cert_getconst_signature(const ed25519_cert_t *inp, size_t idx) +{ + return ed25519_cert_get_signature((ed25519_cert_t*)inp, idx); +} int ed25519_cert_set_signature(ed25519_cert_t *inp, size_t idx, uint8_t elt) { @@ -623,6 +1815,11 @@ ed25519_cert_getarray_signature(ed25519_cert_t *inp) { return inp->signature; } +const uint8_t * +ed25519_cert_getconstarray_signature(const ed25519_cert_t *inp) +{ + return (const uint8_t *)ed25519_cert_getarray_signature((ed25519_cert_t*)inp); +} const char * ed25519_cert_check(const ed25519_cert_t *obj) { @@ -887,3 +2084,630 @@ ed25519_cert_parse(ed25519_cert_t **output, const uint8_t *input, const size_t l } return result; } +extend2_cell_body_t * +extend2_cell_body_new(void) +{ + extend2_cell_body_t *val = trunnel_calloc(1, sizeof(extend2_cell_body_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +extend2_cell_body_clear(extend2_cell_body_t *obj) +{ + (void) obj; + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->ls); ++idx) { + link_specifier_free(TRUNNEL_DYNARRAY_GET(&obj->ls, idx)); + } + } + TRUNNEL_DYNARRAY_WIPE(&obj->ls); + TRUNNEL_DYNARRAY_CLEAR(&obj->ls); + create2_cell_body_free(obj->create2); + obj->create2 = NULL; +} + +void +extend2_cell_body_free(extend2_cell_body_t *obj) +{ + if (obj == NULL) + return; + extend2_cell_body_clear(obj); + trunnel_memwipe(obj, sizeof(extend2_cell_body_t)); + trunnel_free_(obj); +} + +uint8_t +extend2_cell_body_get_n_spec(const extend2_cell_body_t *inp) +{ + return inp->n_spec; +} +int +extend2_cell_body_set_n_spec(extend2_cell_body_t *inp, uint8_t val) +{ + inp->n_spec = val; + return 0; +} +size_t +extend2_cell_body_getlen_ls(const extend2_cell_body_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->ls); +} + +struct link_specifier_st * +extend2_cell_body_get_ls(extend2_cell_body_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->ls, idx); +} + + const struct link_specifier_st * +extend2_cell_body_getconst_ls(const extend2_cell_body_t *inp, size_t idx) +{ + return extend2_cell_body_get_ls((extend2_cell_body_t*)inp, idx); +} +int +extend2_cell_body_set_ls(extend2_cell_body_t *inp, size_t idx, struct link_specifier_st * elt) +{ + link_specifier_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->ls, idx); + if (oldval && oldval != elt) + link_specifier_free(oldval); + return extend2_cell_body_set0_ls(inp, idx, elt); +} +int +extend2_cell_body_set0_ls(extend2_cell_body_t *inp, size_t idx, struct link_specifier_st * elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->ls, idx, elt); + return 0; +} +int +extend2_cell_body_add_ls(extend2_cell_body_t *inp, struct link_specifier_st * elt) +{ +#if SIZE_MAX >= UINT8_MAX + if (inp->ls.n_ == UINT8_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(struct link_specifier_st *, &inp->ls, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +struct link_specifier_st * * +extend2_cell_body_getarray_ls(extend2_cell_body_t *inp) +{ + return inp->ls.elts_; +} +const struct link_specifier_st * const * +extend2_cell_body_getconstarray_ls(const extend2_cell_body_t *inp) +{ + return (const struct link_specifier_st * const *)extend2_cell_body_getarray_ls((extend2_cell_body_t*)inp); +} +int +extend2_cell_body_setlen_ls(extend2_cell_body_t *inp, size_t newlen) +{ + struct link_specifier_st * *newptr; +#if UINT8_MAX < SIZE_MAX + if (newlen > UINT8_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->ls.allocated_, + &inp->ls.n_, inp->ls.elts_, newlen, + sizeof(inp->ls.elts_[0]), (trunnel_free_fn_t) link_specifier_free, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->ls.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +struct create2_cell_body_st * +extend2_cell_body_get_create2(extend2_cell_body_t *inp) +{ + return inp->create2; +} +const struct create2_cell_body_st * +extend2_cell_body_getconst_create2(const extend2_cell_body_t *inp) +{ + return extend2_cell_body_get_create2((extend2_cell_body_t*) inp); +} +int +extend2_cell_body_set_create2(extend2_cell_body_t *inp, struct create2_cell_body_st *val) +{ + if (inp->create2 && inp->create2 != val) + create2_cell_body_free(inp->create2); + return extend2_cell_body_set0_create2(inp, val); +} +int +extend2_cell_body_set0_create2(extend2_cell_body_t *inp, struct create2_cell_body_st *val) +{ + inp->create2 = val; + return 0; +} +const char * +extend2_cell_body_check(const extend2_cell_body_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + { + const char *msg; + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->ls); ++idx) { + if (NULL != (msg = link_specifier_check(TRUNNEL_DYNARRAY_GET(&obj->ls, idx)))) + return msg; + } + } + if (TRUNNEL_DYNARRAY_LEN(&obj->ls) != obj->n_spec) + return "Length mismatch for ls"; + { + const char *msg; + if (NULL != (msg = create2_cell_body_check(obj->create2))) + return msg; + } + return NULL; +} + +ssize_t +extend2_cell_body_encoded_len(const extend2_cell_body_t *obj) +{ + ssize_t result = 0; + + if (NULL != extend2_cell_body_check(obj)) + return -1; + + + /* Length of u8 n_spec */ + result += 1; + + /* Length of struct link_specifier ls[n_spec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->ls); ++idx) { + result += link_specifier_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->ls, idx)); + } + } + + /* Length of struct create2_cell_body create2 */ + result += create2_cell_body_encoded_len(obj->create2); + return result; +} +int +extend2_cell_body_clear_errors(extend2_cell_body_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +extend2_cell_body_encode(uint8_t *output, const size_t avail, const extend2_cell_body_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = extend2_cell_body_encoded_len(obj); +#endif + + if (NULL != (msg = extend2_cell_body_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 n_spec */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->n_spec)); + written += 1; ptr += 1; + + /* Encode struct link_specifier ls[n_spec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->ls); ++idx) { + trunnel_assert(written <= avail); + result = link_specifier_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->ls, idx)); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + } + } + + /* Encode struct create2_cell_body create2 */ + trunnel_assert(written <= avail); + result = create2_cell_body_encode(ptr, avail - written, obj->create2); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As extend2_cell_body_parse(), but do not allocate the output + * object. + */ +static ssize_t +extend2_cell_body_parse_into(extend2_cell_body_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 n_spec */ + CHECK_REMAINING(1, truncated); + obj->n_spec = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse struct link_specifier ls[n_spec] */ + TRUNNEL_DYNARRAY_EXPAND(link_specifier_t *, &obj->ls, obj->n_spec, {}); + { + link_specifier_t * elt; + unsigned idx; + for (idx = 0; idx < obj->n_spec; ++idx) { + result = link_specifier_parse(&elt, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + TRUNNEL_DYNARRAY_ADD(link_specifier_t *, &obj->ls, elt, {link_specifier_free(elt);}); + } + } + + /* Parse struct create2_cell_body create2 */ + result = create2_cell_body_parse(&obj->create2, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; +} + +ssize_t +extend2_cell_body_parse(extend2_cell_body_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = extend2_cell_body_new(); + if (NULL == *output) + return -1; + result = extend2_cell_body_parse_into(*output, input, len_in); + if (result < 0) { + extend2_cell_body_free(*output); + *output = NULL; + } + return result; +} +link_specifier_list_t * +link_specifier_list_new(void) +{ + link_specifier_list_t *val = trunnel_calloc(1, sizeof(link_specifier_list_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +link_specifier_list_clear(link_specifier_list_t *obj) +{ + (void) obj; + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->spec); ++idx) { + link_specifier_free(TRUNNEL_DYNARRAY_GET(&obj->spec, idx)); + } + } + TRUNNEL_DYNARRAY_WIPE(&obj->spec); + TRUNNEL_DYNARRAY_CLEAR(&obj->spec); +} + +void +link_specifier_list_free(link_specifier_list_t *obj) +{ + if (obj == NULL) + return; + link_specifier_list_clear(obj); + trunnel_memwipe(obj, sizeof(link_specifier_list_t)); + trunnel_free_(obj); +} + +uint8_t +link_specifier_list_get_n_spec(const link_specifier_list_t *inp) +{ + return inp->n_spec; +} +int +link_specifier_list_set_n_spec(link_specifier_list_t *inp, uint8_t val) +{ + inp->n_spec = val; + return 0; +} +size_t +link_specifier_list_getlen_spec(const link_specifier_list_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->spec); +} + +struct link_specifier_st * +link_specifier_list_get_spec(link_specifier_list_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->spec, idx); +} + + const struct link_specifier_st * +link_specifier_list_getconst_spec(const link_specifier_list_t *inp, size_t idx) +{ + return link_specifier_list_get_spec((link_specifier_list_t*)inp, idx); +} +int +link_specifier_list_set_spec(link_specifier_list_t *inp, size_t idx, struct link_specifier_st * elt) +{ + link_specifier_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->spec, idx); + if (oldval && oldval != elt) + link_specifier_free(oldval); + return link_specifier_list_set0_spec(inp, idx, elt); +} +int +link_specifier_list_set0_spec(link_specifier_list_t *inp, size_t idx, struct link_specifier_st * elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->spec, idx, elt); + return 0; +} +int +link_specifier_list_add_spec(link_specifier_list_t *inp, struct link_specifier_st * elt) +{ +#if SIZE_MAX >= UINT8_MAX + if (inp->spec.n_ == UINT8_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(struct link_specifier_st *, &inp->spec, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +struct link_specifier_st * * +link_specifier_list_getarray_spec(link_specifier_list_t *inp) +{ + return inp->spec.elts_; +} +const struct link_specifier_st * const * +link_specifier_list_getconstarray_spec(const link_specifier_list_t *inp) +{ + return (const struct link_specifier_st * const *)link_specifier_list_getarray_spec((link_specifier_list_t*)inp); +} +int +link_specifier_list_setlen_spec(link_specifier_list_t *inp, size_t newlen) +{ + struct link_specifier_st * *newptr; +#if UINT8_MAX < SIZE_MAX + if (newlen > UINT8_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->spec.allocated_, + &inp->spec.n_, inp->spec.elts_, newlen, + sizeof(inp->spec.elts_[0]), (trunnel_free_fn_t) link_specifier_free, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->spec.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +link_specifier_list_check(const link_specifier_list_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + { + const char *msg; + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->spec); ++idx) { + if (NULL != (msg = link_specifier_check(TRUNNEL_DYNARRAY_GET(&obj->spec, idx)))) + return msg; + } + } + if (TRUNNEL_DYNARRAY_LEN(&obj->spec) != obj->n_spec) + return "Length mismatch for spec"; + return NULL; +} + +ssize_t +link_specifier_list_encoded_len(const link_specifier_list_t *obj) +{ + ssize_t result = 0; + + if (NULL != link_specifier_list_check(obj)) + return -1; + + + /* Length of u8 n_spec */ + result += 1; + + /* Length of struct link_specifier spec[n_spec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->spec); ++idx) { + result += link_specifier_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->spec, idx)); + } + } + return result; +} +int +link_specifier_list_clear_errors(link_specifier_list_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +link_specifier_list_encode(uint8_t *output, const size_t avail, const link_specifier_list_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = link_specifier_list_encoded_len(obj); +#endif + + if (NULL != (msg = link_specifier_list_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 n_spec */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->n_spec)); + written += 1; ptr += 1; + + /* Encode struct link_specifier spec[n_spec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->spec); ++idx) { + trunnel_assert(written <= avail); + result = link_specifier_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->spec, idx)); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + } + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As link_specifier_list_parse(), but do not allocate the output + * object. + */ +static ssize_t +link_specifier_list_parse_into(link_specifier_list_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 n_spec */ + CHECK_REMAINING(1, truncated); + obj->n_spec = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse struct link_specifier spec[n_spec] */ + TRUNNEL_DYNARRAY_EXPAND(link_specifier_t *, &obj->spec, obj->n_spec, {}); + { + link_specifier_t * elt; + unsigned idx; + for (idx = 0; idx < obj->n_spec; ++idx) { + result = link_specifier_parse(&elt, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + TRUNNEL_DYNARRAY_ADD(link_specifier_t *, &obj->spec, elt, {link_specifier_free(elt);}); + } + } + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; +} + +ssize_t +link_specifier_list_parse(link_specifier_list_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = link_specifier_list_new(); + if (NULL == *output) + return -1; + result = link_specifier_list_parse_into(*output, input, len_in); + if (result < 0) { + link_specifier_list_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/ed25519_cert.h b/src/trunnel/ed25519_cert.h index 28f6feef31..782bd59585 100644 --- a/src/trunnel/ed25519_cert.h +++ b/src/trunnel/ed25519_cert.h @@ -1,4 +1,4 @@ -/* ed25519_cert.h -- generated by by Trunnel v1.4.6. +/* ed25519_cert.h -- generated by by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -10,6 +10,19 @@ #define CERTEXT_SIGNED_WITH_KEY 4 #define CERTEXT_FLAG_AFFECTS_VALIDATION 1 +#define LS_IPV4 0 +#define LS_IPV6 1 +#define LS_LEGACY_ID 2 +#define LS_ED25519_ID 3 +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CREATE2_CELL_BODY) +struct create2_cell_body_st { + uint16_t handshake_type; + uint16_t handshake_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) handshake_data; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct create2_cell_body_st create2_cell_body_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_ED25519_CERT_EXTENSION) struct ed25519_cert_extension_st { uint16_t ext_length; @@ -21,6 +34,31 @@ struct ed25519_cert_extension_st { }; #endif typedef struct ed25519_cert_extension_st ed25519_cert_extension_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_EXTEND1_CELL_BODY) +struct extend1_cell_body_st { + uint32_t ipv4addr; + uint16_t port; + uint8_t onionskin[186]; + uint8_t identity[20]; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct extend1_cell_body_st extend1_cell_body_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_LINK_SPECIFIER) +struct link_specifier_st { + uint8_t ls_type; + uint8_t ls_len; + uint32_t un_ipv4_addr; + uint16_t un_ipv4_port; + uint8_t un_ipv6_addr[16]; + uint16_t un_ipv6_port; + uint8_t un_legacy_id[20]; + uint8_t un_ed25519_id[32]; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) un_unrecognized; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct link_specifier_st link_specifier_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_ED25519_CERT) struct ed25519_cert_st { uint8_t version; @@ -35,6 +73,112 @@ struct ed25519_cert_st { }; #endif typedef struct ed25519_cert_st ed25519_cert_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_EXTEND2_CELL_BODY) +struct extend2_cell_body_st { + uint8_t n_spec; + TRUNNEL_DYNARRAY_HEAD(, struct link_specifier_st *) ls; + struct create2_cell_body_st *create2; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct extend2_cell_body_st extend2_cell_body_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_LINK_SPECIFIER_LIST) +struct link_specifier_list_st { + uint8_t n_spec; + TRUNNEL_DYNARRAY_HEAD(, struct link_specifier_st *) spec; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct link_specifier_list_st link_specifier_list_t; +/** Return a newly allocated create2_cell_body with all elements set + * to zero. + */ +create2_cell_body_t *create2_cell_body_new(void); +/** Release all storage held by the create2_cell_body in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void create2_cell_body_free(create2_cell_body_t *victim); +/** Try to parse a create2_cell_body from the buffer in 'input', using + * up to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * create2_cell_body_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t create2_cell_body_parse(create2_cell_body_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * create2_cell_body in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t create2_cell_body_encoded_len(const create2_cell_body_t *obj); +/** Try to encode the create2_cell_body from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t create2_cell_body_encode(uint8_t *output, size_t avail, const create2_cell_body_t *input); +/** Check whether the internal state of the create2_cell_body in 'obj' + * is consistent. Return NULL if it is, and a short message if it is + * not. + */ +const char *create2_cell_body_check(const create2_cell_body_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int create2_cell_body_clear_errors(create2_cell_body_t *obj); +/** Return the value of the handshake_type field of the + * create2_cell_body_t in 'inp' + */ +uint16_t create2_cell_body_get_handshake_type(const create2_cell_body_t *inp); +/** Set the value of the handshake_type field of the + * create2_cell_body_t in 'inp' to 'val'. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int create2_cell_body_set_handshake_type(create2_cell_body_t *inp, uint16_t val); +/** Return the value of the handshake_len field of the + * create2_cell_body_t in 'inp' + */ +uint16_t create2_cell_body_get_handshake_len(const create2_cell_body_t *inp); +/** Set the value of the handshake_len field of the + * create2_cell_body_t in 'inp' to 'val'. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int create2_cell_body_set_handshake_len(create2_cell_body_t *inp, uint16_t val); +/** Return the length of the dynamic array holding the handshake_data + * field of the create2_cell_body_t in 'inp'. + */ +size_t create2_cell_body_getlen_handshake_data(const create2_cell_body_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * handshake_data of the create2_cell_body_t in 'inp'. + */ +uint8_t create2_cell_body_get_handshake_data(create2_cell_body_t *inp, size_t idx); +/** As create2_cell_body_get_handshake_data, but take and return a + * const pointer + */ +uint8_t create2_cell_body_getconst_handshake_data(const create2_cell_body_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * handshake_data of the create2_cell_body_t in 'inp', so that it will + * hold the value 'elt'. + */ +int create2_cell_body_set_handshake_data(create2_cell_body_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field + * handshake_data of the create2_cell_body_t in 'inp'. + */ +int create2_cell_body_add_handshake_data(create2_cell_body_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field handshake_data + * of 'inp'. + */ +uint8_t * create2_cell_body_getarray_handshake_data(create2_cell_body_t *inp); +/** As create2_cell_body_get_handshake_data, but take and return a + * const pointer + */ +const uint8_t * create2_cell_body_getconstarray_handshake_data(const create2_cell_body_t *inp); +/** Change the length of the variable-length array field + * handshake_data of 'inp' to 'newlen'.Fill extra elements with 0. + * Return 0 on success; return -1 and set the error code on 'inp' on + * failure. + */ +int create2_cell_body_setlen_handshake_data(create2_cell_body_t *inp, size_t newlen); /** Return a newly allocated ed25519_cert_extension with all elements * set to zero. */ @@ -74,7 +218,7 @@ int ed25519_cert_extension_clear_errors(ed25519_cert_extension_t *obj); /** Return the value of the ext_length field of the * ed25519_cert_extension_t in 'inp' */ -uint16_t ed25519_cert_extension_get_ext_length(ed25519_cert_extension_t *inp); +uint16_t ed25519_cert_extension_get_ext_length(const ed25519_cert_extension_t *inp); /** Set the value of the ext_length field of the * ed25519_cert_extension_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. @@ -83,7 +227,7 @@ int ed25519_cert_extension_set_ext_length(ed25519_cert_extension_t *inp, uint16_ /** Return the value of the ext_type field of the * ed25519_cert_extension_t in 'inp' */ -uint8_t ed25519_cert_extension_get_ext_type(ed25519_cert_extension_t *inp); +uint8_t ed25519_cert_extension_get_ext_type(const ed25519_cert_extension_t *inp); /** Set the value of the ext_type field of the * ed25519_cert_extension_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. @@ -92,7 +236,7 @@ int ed25519_cert_extension_set_ext_type(ed25519_cert_extension_t *inp, uint8_t v /** Return the value of the ext_flags field of the * ed25519_cert_extension_t in 'inp' */ -uint8_t ed25519_cert_extension_get_ext_flags(ed25519_cert_extension_t *inp); +uint8_t ed25519_cert_extension_get_ext_flags(const ed25519_cert_extension_t *inp); /** Set the value of the ext_flags field of the * ed25519_cert_extension_t in 'inp' to 'val'. Return 0 on success; * return -1 and set the error code on 'inp' on failure. @@ -105,7 +249,11 @@ size_t ed25519_cert_extension_getlen_un_signing_key(const ed25519_cert_extension /** Return the element at position 'idx' of the fixed array field * un_signing_key of the ed25519_cert_extension_t in 'inp'. */ -uint8_t ed25519_cert_extension_get_un_signing_key(const ed25519_cert_extension_t *inp, size_t idx); +uint8_t ed25519_cert_extension_get_un_signing_key(ed25519_cert_extension_t *inp, size_t idx); +/** As ed25519_cert_extension_get_un_signing_key, but take and return + * a const pointer + */ +uint8_t ed25519_cert_extension_getconst_un_signing_key(const ed25519_cert_extension_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * un_signing_key of the ed25519_cert_extension_t in 'inp', so that it * will hold the value 'elt'. @@ -115,6 +263,10 @@ int ed25519_cert_extension_set_un_signing_key(ed25519_cert_extension_t *inp, siz * 'inp'. */ uint8_t * ed25519_cert_extension_getarray_un_signing_key(ed25519_cert_extension_t *inp); +/** As ed25519_cert_extension_get_un_signing_key, but take and return + * a const pointer + */ +const uint8_t * ed25519_cert_extension_getconstarray_un_signing_key(const ed25519_cert_extension_t *inp); /** Return the length of the dynamic array holding the un_unparsed * field of the ed25519_cert_extension_t in 'inp'. */ @@ -123,6 +275,10 @@ size_t ed25519_cert_extension_getlen_un_unparsed(const ed25519_cert_extension_t * un_unparsed of the ed25519_cert_extension_t in 'inp'. */ uint8_t ed25519_cert_extension_get_un_unparsed(ed25519_cert_extension_t *inp, size_t idx); +/** As ed25519_cert_extension_get_un_unparsed, but take and return a + * const pointer + */ +uint8_t ed25519_cert_extension_getconst_un_unparsed(const ed25519_cert_extension_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * un_unparsed of the ed25519_cert_extension_t in 'inp', so that it * will hold the value 'elt'. @@ -136,11 +292,308 @@ int ed25519_cert_extension_add_un_unparsed(ed25519_cert_extension_t *inp, uint8_ * 'inp'. */ uint8_t * ed25519_cert_extension_getarray_un_unparsed(ed25519_cert_extension_t *inp); +/** As ed25519_cert_extension_get_un_unparsed, but take and return a + * const pointer + */ +const uint8_t * ed25519_cert_extension_getconstarray_un_unparsed(const ed25519_cert_extension_t *inp); /** Change the length of the variable-length array field un_unparsed * of 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on * success; return -1 and set the error code on 'inp' on failure. */ int ed25519_cert_extension_setlen_un_unparsed(ed25519_cert_extension_t *inp, size_t newlen); +/** Return a newly allocated extend1_cell_body with all elements set + * to zero. + */ +extend1_cell_body_t *extend1_cell_body_new(void); +/** Release all storage held by the extend1_cell_body in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void extend1_cell_body_free(extend1_cell_body_t *victim); +/** Try to parse a extend1_cell_body from the buffer in 'input', using + * up to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * extend1_cell_body_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t extend1_cell_body_parse(extend1_cell_body_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * extend1_cell_body in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t extend1_cell_body_encoded_len(const extend1_cell_body_t *obj); +/** Try to encode the extend1_cell_body from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t extend1_cell_body_encode(uint8_t *output, size_t avail, const extend1_cell_body_t *input); +/** Check whether the internal state of the extend1_cell_body in 'obj' + * is consistent. Return NULL if it is, and a short message if it is + * not. + */ +const char *extend1_cell_body_check(const extend1_cell_body_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int extend1_cell_body_clear_errors(extend1_cell_body_t *obj); +/** Return the value of the ipv4addr field of the extend1_cell_body_t + * in 'inp' + */ +uint32_t extend1_cell_body_get_ipv4addr(const extend1_cell_body_t *inp); +/** Set the value of the ipv4addr field of the extend1_cell_body_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int extend1_cell_body_set_ipv4addr(extend1_cell_body_t *inp, uint32_t val); +/** Return the value of the port field of the extend1_cell_body_t in + * 'inp' + */ +uint16_t extend1_cell_body_get_port(const extend1_cell_body_t *inp); +/** Set the value of the port field of the extend1_cell_body_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int extend1_cell_body_set_port(extend1_cell_body_t *inp, uint16_t val); +/** Return the (constant) length of the array holding the onionskin + * field of the extend1_cell_body_t in 'inp'. + */ +size_t extend1_cell_body_getlen_onionskin(const extend1_cell_body_t *inp); +/** Return the element at position 'idx' of the fixed array field + * onionskin of the extend1_cell_body_t in 'inp'. + */ +uint8_t extend1_cell_body_get_onionskin(extend1_cell_body_t *inp, size_t idx); +/** As extend1_cell_body_get_onionskin, but take and return a const + * pointer + */ +uint8_t extend1_cell_body_getconst_onionskin(const extend1_cell_body_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * onionskin of the extend1_cell_body_t in 'inp', so that it will hold + * the value 'elt'. + */ +int extend1_cell_body_set_onionskin(extend1_cell_body_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the 186-element array field onionskin of + * 'inp'. + */ +uint8_t * extend1_cell_body_getarray_onionskin(extend1_cell_body_t *inp); +/** As extend1_cell_body_get_onionskin, but take and return a const + * pointer + */ +const uint8_t * extend1_cell_body_getconstarray_onionskin(const extend1_cell_body_t *inp); +/** Return the (constant) length of the array holding the identity + * field of the extend1_cell_body_t in 'inp'. + */ +size_t extend1_cell_body_getlen_identity(const extend1_cell_body_t *inp); +/** Return the element at position 'idx' of the fixed array field + * identity of the extend1_cell_body_t in 'inp'. + */ +uint8_t extend1_cell_body_get_identity(extend1_cell_body_t *inp, size_t idx); +/** As extend1_cell_body_get_identity, but take and return a const + * pointer + */ +uint8_t extend1_cell_body_getconst_identity(const extend1_cell_body_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * identity of the extend1_cell_body_t in 'inp', so that it will hold + * the value 'elt'. + */ +int extend1_cell_body_set_identity(extend1_cell_body_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the 20-element array field identity of 'inp'. + */ +uint8_t * extend1_cell_body_getarray_identity(extend1_cell_body_t *inp); +/** As extend1_cell_body_get_identity, but take and return a const + * pointer + */ +const uint8_t * extend1_cell_body_getconstarray_identity(const extend1_cell_body_t *inp); +/** Return a newly allocated link_specifier with all elements set to + * zero. + */ +link_specifier_t *link_specifier_new(void); +/** Release all storage held by the link_specifier in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void link_specifier_free(link_specifier_t *victim); +/** Try to parse a link_specifier from the buffer in 'input', using up + * to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * link_specifier_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t link_specifier_parse(link_specifier_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * link_specifier in 'obj'. On failure, return a negative value. Note + * that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t link_specifier_encoded_len(const link_specifier_t *obj); +/** Try to encode the link_specifier from 'input' into the buffer at + * 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t link_specifier_encode(uint8_t *output, size_t avail, const link_specifier_t *input); +/** Check whether the internal state of the link_specifier in 'obj' is + * consistent. Return NULL if it is, and a short message if it is not. + */ +const char *link_specifier_check(const link_specifier_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int link_specifier_clear_errors(link_specifier_t *obj); +/** Return the value of the ls_type field of the link_specifier_t in + * 'inp' + */ +uint8_t link_specifier_get_ls_type(const link_specifier_t *inp); +/** Set the value of the ls_type field of the link_specifier_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int link_specifier_set_ls_type(link_specifier_t *inp, uint8_t val); +/** Return the value of the ls_len field of the link_specifier_t in + * 'inp' + */ +uint8_t link_specifier_get_ls_len(const link_specifier_t *inp); +/** Set the value of the ls_len field of the link_specifier_t in 'inp' + * to 'val'. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int link_specifier_set_ls_len(link_specifier_t *inp, uint8_t val); +/** Return the value of the un_ipv4_addr field of the link_specifier_t + * in 'inp' + */ +uint32_t link_specifier_get_un_ipv4_addr(const link_specifier_t *inp); +/** Set the value of the un_ipv4_addr field of the link_specifier_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int link_specifier_set_un_ipv4_addr(link_specifier_t *inp, uint32_t val); +/** Return the value of the un_ipv4_port field of the link_specifier_t + * in 'inp' + */ +uint16_t link_specifier_get_un_ipv4_port(const link_specifier_t *inp); +/** Set the value of the un_ipv4_port field of the link_specifier_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int link_specifier_set_un_ipv4_port(link_specifier_t *inp, uint16_t val); +/** Return the (constant) length of the array holding the un_ipv6_addr + * field of the link_specifier_t in 'inp'. + */ +size_t link_specifier_getlen_un_ipv6_addr(const link_specifier_t *inp); +/** Return the element at position 'idx' of the fixed array field + * un_ipv6_addr of the link_specifier_t in 'inp'. + */ +uint8_t link_specifier_get_un_ipv6_addr(link_specifier_t *inp, size_t idx); +/** As link_specifier_get_un_ipv6_addr, but take and return a const + * pointer + */ +uint8_t link_specifier_getconst_un_ipv6_addr(const link_specifier_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * un_ipv6_addr of the link_specifier_t in 'inp', so that it will hold + * the value 'elt'. + */ +int link_specifier_set_un_ipv6_addr(link_specifier_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the 16-element array field un_ipv6_addr of + * 'inp'. + */ +uint8_t * link_specifier_getarray_un_ipv6_addr(link_specifier_t *inp); +/** As link_specifier_get_un_ipv6_addr, but take and return a const + * pointer + */ +const uint8_t * link_specifier_getconstarray_un_ipv6_addr(const link_specifier_t *inp); +/** Return the value of the un_ipv6_port field of the link_specifier_t + * in 'inp' + */ +uint16_t link_specifier_get_un_ipv6_port(const link_specifier_t *inp); +/** Set the value of the un_ipv6_port field of the link_specifier_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int link_specifier_set_un_ipv6_port(link_specifier_t *inp, uint16_t val); +/** Return the (constant) length of the array holding the un_legacy_id + * field of the link_specifier_t in 'inp'. + */ +size_t link_specifier_getlen_un_legacy_id(const link_specifier_t *inp); +/** Return the element at position 'idx' of the fixed array field + * un_legacy_id of the link_specifier_t in 'inp'. + */ +uint8_t link_specifier_get_un_legacy_id(link_specifier_t *inp, size_t idx); +/** As link_specifier_get_un_legacy_id, but take and return a const + * pointer + */ +uint8_t link_specifier_getconst_un_legacy_id(const link_specifier_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * un_legacy_id of the link_specifier_t in 'inp', so that it will hold + * the value 'elt'. + */ +int link_specifier_set_un_legacy_id(link_specifier_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the 20-element array field un_legacy_id of + * 'inp'. + */ +uint8_t * link_specifier_getarray_un_legacy_id(link_specifier_t *inp); +/** As link_specifier_get_un_legacy_id, but take and return a const + * pointer + */ +const uint8_t * link_specifier_getconstarray_un_legacy_id(const link_specifier_t *inp); +/** Return the (constant) length of the array holding the + * un_ed25519_id field of the link_specifier_t in 'inp'. + */ +size_t link_specifier_getlen_un_ed25519_id(const link_specifier_t *inp); +/** Return the element at position 'idx' of the fixed array field + * un_ed25519_id of the link_specifier_t in 'inp'. + */ +uint8_t link_specifier_get_un_ed25519_id(link_specifier_t *inp, size_t idx); +/** As link_specifier_get_un_ed25519_id, but take and return a const + * pointer + */ +uint8_t link_specifier_getconst_un_ed25519_id(const link_specifier_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * un_ed25519_id of the link_specifier_t in 'inp', so that it will + * hold the value 'elt'. + */ +int link_specifier_set_un_ed25519_id(link_specifier_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the 32-element array field un_ed25519_id of + * 'inp'. + */ +uint8_t * link_specifier_getarray_un_ed25519_id(link_specifier_t *inp); +/** As link_specifier_get_un_ed25519_id, but take and return a const + * pointer + */ +const uint8_t * link_specifier_getconstarray_un_ed25519_id(const link_specifier_t *inp); +/** Return the length of the dynamic array holding the un_unrecognized + * field of the link_specifier_t in 'inp'. + */ +size_t link_specifier_getlen_un_unrecognized(const link_specifier_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * un_unrecognized of the link_specifier_t in 'inp'. + */ +uint8_t link_specifier_get_un_unrecognized(link_specifier_t *inp, size_t idx); +/** As link_specifier_get_un_unrecognized, but take and return a const + * pointer + */ +uint8_t link_specifier_getconst_un_unrecognized(const link_specifier_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * un_unrecognized of the link_specifier_t in 'inp', so that it will + * hold the value 'elt'. + */ +int link_specifier_set_un_unrecognized(link_specifier_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field + * un_unrecognized of the link_specifier_t in 'inp'. + */ +int link_specifier_add_un_unrecognized(link_specifier_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field + * un_unrecognized of 'inp'. + */ +uint8_t * link_specifier_getarray_un_unrecognized(link_specifier_t *inp); +/** As link_specifier_get_un_unrecognized, but take and return a const + * pointer + */ +const uint8_t * link_specifier_getconstarray_un_unrecognized(const link_specifier_t *inp); +/** Change the length of the variable-length array field + * un_unrecognized of 'inp' to 'newlen'.Fill extra elements with 0. + * Return 0 on success; return -1 and set the error code on 'inp' on + * failure. + */ +int link_specifier_setlen_un_unrecognized(link_specifier_t *inp, size_t newlen); /** Return a newly allocated ed25519_cert with all elements set to * zero. */ @@ -179,7 +632,7 @@ int ed25519_cert_clear_errors(ed25519_cert_t *obj); /** Return the value of the version field of the ed25519_cert_t in * 'inp' */ -uint8_t ed25519_cert_get_version(ed25519_cert_t *inp); +uint8_t ed25519_cert_get_version(const ed25519_cert_t *inp); /** Set the value of the version field of the ed25519_cert_t in 'inp' * to 'val'. Return 0 on success; return -1 and set the error code on * 'inp' on failure. @@ -188,7 +641,7 @@ int ed25519_cert_set_version(ed25519_cert_t *inp, uint8_t val); /** Return the value of the cert_type field of the ed25519_cert_t in * 'inp' */ -uint8_t ed25519_cert_get_cert_type(ed25519_cert_t *inp); +uint8_t ed25519_cert_get_cert_type(const ed25519_cert_t *inp); /** Set the value of the cert_type field of the ed25519_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -197,7 +650,7 @@ int ed25519_cert_set_cert_type(ed25519_cert_t *inp, uint8_t val); /** Return the value of the exp_field field of the ed25519_cert_t in * 'inp' */ -uint32_t ed25519_cert_get_exp_field(ed25519_cert_t *inp); +uint32_t ed25519_cert_get_exp_field(const ed25519_cert_t *inp); /** Set the value of the exp_field field of the ed25519_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -206,7 +659,7 @@ int ed25519_cert_set_exp_field(ed25519_cert_t *inp, uint32_t val); /** Return the value of the cert_key_type field of the ed25519_cert_t * in 'inp' */ -uint8_t ed25519_cert_get_cert_key_type(ed25519_cert_t *inp); +uint8_t ed25519_cert_get_cert_key_type(const ed25519_cert_t *inp); /** Set the value of the cert_key_type field of the ed25519_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -219,7 +672,11 @@ size_t ed25519_cert_getlen_certified_key(const ed25519_cert_t *inp); /** Return the element at position 'idx' of the fixed array field * certified_key of the ed25519_cert_t in 'inp'. */ -uint8_t ed25519_cert_get_certified_key(const ed25519_cert_t *inp, size_t idx); +uint8_t ed25519_cert_get_certified_key(ed25519_cert_t *inp, size_t idx); +/** As ed25519_cert_get_certified_key, but take and return a const + * pointer + */ +uint8_t ed25519_cert_getconst_certified_key(const ed25519_cert_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * certified_key of the ed25519_cert_t in 'inp', so that it will hold * the value 'elt'. @@ -229,10 +686,14 @@ int ed25519_cert_set_certified_key(ed25519_cert_t *inp, size_t idx, uint8_t elt) * 'inp'. */ uint8_t * ed25519_cert_getarray_certified_key(ed25519_cert_t *inp); +/** As ed25519_cert_get_certified_key, but take and return a const + * pointer + */ +const uint8_t * ed25519_cert_getconstarray_certified_key(const ed25519_cert_t *inp); /** Return the value of the n_extensions field of the ed25519_cert_t * in 'inp' */ -uint8_t ed25519_cert_get_n_extensions(ed25519_cert_t *inp); +uint8_t ed25519_cert_get_n_extensions(const ed25519_cert_t *inp); /** Set the value of the n_extensions field of the ed25519_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -246,6 +707,9 @@ size_t ed25519_cert_getlen_ext(const ed25519_cert_t *inp); * ext of the ed25519_cert_t in 'inp'. */ struct ed25519_cert_extension_st * ed25519_cert_get_ext(ed25519_cert_t *inp, size_t idx); +/** As ed25519_cert_get_ext, but take and return a const pointer + */ + const struct ed25519_cert_extension_st * ed25519_cert_getconst_ext(const ed25519_cert_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * ext of the ed25519_cert_t in 'inp', so that it will hold the value * 'elt'. Free the previous value, if any. @@ -261,6 +725,9 @@ int ed25519_cert_add_ext(ed25519_cert_t *inp, struct ed25519_cert_extension_st * /** Return a pointer to the variable-length array field ext of 'inp'. */ struct ed25519_cert_extension_st * * ed25519_cert_getarray_ext(ed25519_cert_t *inp); +/** As ed25519_cert_get_ext, but take and return a const pointer + */ +const struct ed25519_cert_extension_st * const * ed25519_cert_getconstarray_ext(const ed25519_cert_t *inp); /** Change the length of the variable-length array field ext of 'inp' * to 'newlen'.Fill extra elements with NULL; free removed elements. * Return 0 on success; return -1 and set the error code on 'inp' on @@ -274,7 +741,10 @@ size_t ed25519_cert_getlen_signature(const ed25519_cert_t *inp); /** Return the element at position 'idx' of the fixed array field * signature of the ed25519_cert_t in 'inp'. */ -uint8_t ed25519_cert_get_signature(const ed25519_cert_t *inp, size_t idx); +uint8_t ed25519_cert_get_signature(ed25519_cert_t *inp, size_t idx); +/** As ed25519_cert_get_signature, but take and return a const pointer + */ +uint8_t ed25519_cert_getconst_signature(const ed25519_cert_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * signature of the ed25519_cert_t in 'inp', so that it will hold the * value 'elt'. @@ -283,6 +753,190 @@ int ed25519_cert_set_signature(ed25519_cert_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 64-element array field signature of 'inp'. */ uint8_t * ed25519_cert_getarray_signature(ed25519_cert_t *inp); +/** As ed25519_cert_get_signature, but take and return a const pointer + */ +const uint8_t * ed25519_cert_getconstarray_signature(const ed25519_cert_t *inp); +/** Return a newly allocated extend2_cell_body with all elements set + * to zero. + */ +extend2_cell_body_t *extend2_cell_body_new(void); +/** Release all storage held by the extend2_cell_body in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void extend2_cell_body_free(extend2_cell_body_t *victim); +/** Try to parse a extend2_cell_body from the buffer in 'input', using + * up to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * extend2_cell_body_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t extend2_cell_body_parse(extend2_cell_body_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * extend2_cell_body in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t extend2_cell_body_encoded_len(const extend2_cell_body_t *obj); +/** Try to encode the extend2_cell_body from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t extend2_cell_body_encode(uint8_t *output, size_t avail, const extend2_cell_body_t *input); +/** Check whether the internal state of the extend2_cell_body in 'obj' + * is consistent. Return NULL if it is, and a short message if it is + * not. + */ +const char *extend2_cell_body_check(const extend2_cell_body_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int extend2_cell_body_clear_errors(extend2_cell_body_t *obj); +/** Return the value of the n_spec field of the extend2_cell_body_t in + * 'inp' + */ +uint8_t extend2_cell_body_get_n_spec(const extend2_cell_body_t *inp); +/** Set the value of the n_spec field of the extend2_cell_body_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int extend2_cell_body_set_n_spec(extend2_cell_body_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the ls field of the + * extend2_cell_body_t in 'inp'. + */ +size_t extend2_cell_body_getlen_ls(const extend2_cell_body_t *inp); +/** Return the element at position 'idx' of the dynamic array field ls + * of the extend2_cell_body_t in 'inp'. + */ +struct link_specifier_st * extend2_cell_body_get_ls(extend2_cell_body_t *inp, size_t idx); +/** As extend2_cell_body_get_ls, but take and return a const pointer + */ + const struct link_specifier_st * extend2_cell_body_getconst_ls(const extend2_cell_body_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field ls + * of the extend2_cell_body_t in 'inp', so that it will hold the value + * 'elt'. Free the previous value, if any. + */ +int extend2_cell_body_set_ls(extend2_cell_body_t *inp, size_t idx, struct link_specifier_st * elt); +/** As extend2_cell_body_set_ls, but does not free the previous value. + */ +int extend2_cell_body_set0_ls(extend2_cell_body_t *inp, size_t idx, struct link_specifier_st * elt); +/** Append a new element 'elt' to the dynamic array field ls of the + * extend2_cell_body_t in 'inp'. + */ +int extend2_cell_body_add_ls(extend2_cell_body_t *inp, struct link_specifier_st * elt); +/** Return a pointer to the variable-length array field ls of 'inp'. + */ +struct link_specifier_st * * extend2_cell_body_getarray_ls(extend2_cell_body_t *inp); +/** As extend2_cell_body_get_ls, but take and return a const pointer + */ +const struct link_specifier_st * const * extend2_cell_body_getconstarray_ls(const extend2_cell_body_t *inp); +/** Change the length of the variable-length array field ls of 'inp' + * to 'newlen'.Fill extra elements with NULL; free removed elements. + * Return 0 on success; return -1 and set the error code on 'inp' on + * failure. + */ +int extend2_cell_body_setlen_ls(extend2_cell_body_t *inp, size_t newlen); +/** Return the value of the create2 field of the extend2_cell_body_t + * in 'inp' + */ +struct create2_cell_body_st * extend2_cell_body_get_create2(extend2_cell_body_t *inp); +/** As extend2_cell_body_get_create2, but take and return a const + * pointer + */ +const struct create2_cell_body_st * extend2_cell_body_getconst_create2(const extend2_cell_body_t *inp); +/** Set the value of the create2 field of the extend2_cell_body_t in + * 'inp' to 'val'. Free the old value if any. Steals the referenceto + * 'val'.Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int extend2_cell_body_set_create2(extend2_cell_body_t *inp, struct create2_cell_body_st *val); +/** As extend2_cell_body_set_create2, but does not free the previous + * value. + */ +int extend2_cell_body_set0_create2(extend2_cell_body_t *inp, struct create2_cell_body_st *val); +/** Return a newly allocated link_specifier_list with all elements set + * to zero. + */ +link_specifier_list_t *link_specifier_list_new(void); +/** Release all storage held by the link_specifier_list in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void link_specifier_list_free(link_specifier_list_t *victim); +/** Try to parse a link_specifier_list from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated link_specifier_list_t. On failure, return -2 if the input + * appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t link_specifier_list_parse(link_specifier_list_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * link_specifier_list in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t link_specifier_list_encoded_len(const link_specifier_list_t *obj); +/** Try to encode the link_specifier_list from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t link_specifier_list_encode(uint8_t *output, size_t avail, const link_specifier_list_t *input); +/** Check whether the internal state of the link_specifier_list in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *link_specifier_list_check(const link_specifier_list_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int link_specifier_list_clear_errors(link_specifier_list_t *obj); +/** Return the value of the n_spec field of the link_specifier_list_t + * in 'inp' + */ +uint8_t link_specifier_list_get_n_spec(const link_specifier_list_t *inp); +/** Set the value of the n_spec field of the link_specifier_list_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int link_specifier_list_set_n_spec(link_specifier_list_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the spec field of + * the link_specifier_list_t in 'inp'. + */ +size_t link_specifier_list_getlen_spec(const link_specifier_list_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * spec of the link_specifier_list_t in 'inp'. + */ +struct link_specifier_st * link_specifier_list_get_spec(link_specifier_list_t *inp, size_t idx); +/** As link_specifier_list_get_spec, but take and return a const + * pointer + */ + const struct link_specifier_st * link_specifier_list_getconst_spec(const link_specifier_list_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * spec of the link_specifier_list_t in 'inp', so that it will hold + * the value 'elt'. Free the previous value, if any. + */ +int link_specifier_list_set_spec(link_specifier_list_t *inp, size_t idx, struct link_specifier_st * elt); +/** As link_specifier_list_set_spec, but does not free the previous + * value. + */ +int link_specifier_list_set0_spec(link_specifier_list_t *inp, size_t idx, struct link_specifier_st * elt); +/** Append a new element 'elt' to the dynamic array field spec of the + * link_specifier_list_t in 'inp'. + */ +int link_specifier_list_add_spec(link_specifier_list_t *inp, struct link_specifier_st * elt); +/** Return a pointer to the variable-length array field spec of 'inp'. + */ +struct link_specifier_st * * link_specifier_list_getarray_spec(link_specifier_list_t *inp); +/** As link_specifier_list_get_spec, but take and return a const + * pointer + */ +const struct link_specifier_st * const * link_specifier_list_getconstarray_spec(const link_specifier_list_t *inp); +/** Change the length of the variable-length array field spec of 'inp' + * to 'newlen'.Fill extra elements with NULL; free removed elements. + * Return 0 on success; return -1 and set the error code on 'inp' on + * failure. + */ +int link_specifier_list_setlen_spec(link_specifier_list_t *inp, size_t newlen); #endif diff --git a/src/trunnel/ed25519_cert.trunnel b/src/trunnel/ed25519_cert.trunnel index c46f1b6c6b..e424ce5464 100644 --- a/src/trunnel/ed25519_cert.trunnel +++ b/src/trunnel/ed25519_cert.trunnel @@ -23,39 +23,6 @@ struct ed25519_cert_extension { }; } -/* -struct cert_revocation { - u8 prefix[8]; - u8 version IN [1]; - u8 keytype; - u8 identity_key[32]; - u8 revoked_key[32]; - u64 published; - u8 n_extensions; - struct cert_extension ext[n_extensions]; - u8 signature[64]; -} - -struct crosscert_ed_rsa { - u8 ed_key[32]; - u32 expiration_date; - u8 signature[128]; -} - -struct auth02_cell { - u8 type[8]; - u8 cid[32]; - u8 sid[32]; - u8 cid_ed[32]; - u8 sid_ed[32]; - u8 slog[32]; - u8 clog[32]; - u8 scert[32]; - u8 tlssecrets[32]; - u8 rand[24]; - u8 sig[64]; -} - const LS_IPV4 = 0x00; const LS_IPV6 = 0x01; const LS_LEGACY_ID = 0x02; @@ -73,4 +40,27 @@ struct link_specifier { default: u8 unrecognized[]; }; } -*/
\ No newline at end of file + +struct link_specifier_list { + u8 n_spec; + struct link_specifier spec[n_spec]; +} + +struct extend1_cell_body { + u32 ipv4addr; + u16 port; + u8 onionskin[186]; + u8 identity[20]; +} + +struct create2_cell_body { + u16 handshake_type; + u16 handshake_len; + u8 handshake_data[handshake_len]; +} + +struct extend2_cell_body { + u8 n_spec; + struct link_specifier ls[n_spec]; + struct create2_cell_body create2; +} diff --git a/src/trunnel/hs/cell_common.c b/src/trunnel/hs/cell_common.c new file mode 100644 index 0000000000..830f2260ee --- /dev/null +++ b/src/trunnel/hs/cell_common.c @@ -0,0 +1,594 @@ +/* cell_common.c -- generated by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#include <stdlib.h> +#include "trunnel-impl.h" + +#include "cell_common.h" + +#define TRUNNEL_SET_ERROR_CODE(obj) \ + do { \ + (obj)->trunnel_error_code_ = 1; \ + } while (0) + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +/* If we're runnning a static analysis tool, we don't want it to complain + * that some of our remaining-bytes checks are dead-code. */ +int cellcommon_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || cellcommon_deadcode_dummy__ +#else +#define OR_DEADCODE_DUMMY +#endif + +#define CHECK_REMAINING(nbytes, label) \ + do { \ + if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \ + goto label; \ + } \ + } while (0) + +cell_extension_fields_t * +cell_extension_fields_new(void) +{ + cell_extension_fields_t *val = trunnel_calloc(1, sizeof(cell_extension_fields_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +cell_extension_fields_clear(cell_extension_fields_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(&obj->field); + TRUNNEL_DYNARRAY_CLEAR(&obj->field); +} + +void +cell_extension_fields_free(cell_extension_fields_t *obj) +{ + if (obj == NULL) + return; + cell_extension_fields_clear(obj); + trunnel_memwipe(obj, sizeof(cell_extension_fields_t)); + trunnel_free_(obj); +} + +uint8_t +cell_extension_fields_get_field_type(const cell_extension_fields_t *inp) +{ + return inp->field_type; +} +int +cell_extension_fields_set_field_type(cell_extension_fields_t *inp, uint8_t val) +{ + inp->field_type = val; + return 0; +} +uint8_t +cell_extension_fields_get_field_len(const cell_extension_fields_t *inp) +{ + return inp->field_len; +} +int +cell_extension_fields_set_field_len(cell_extension_fields_t *inp, uint8_t val) +{ + inp->field_len = val; + return 0; +} +size_t +cell_extension_fields_getlen_field(const cell_extension_fields_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->field); +} + +uint8_t +cell_extension_fields_get_field(cell_extension_fields_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->field, idx); +} + +uint8_t +cell_extension_fields_getconst_field(const cell_extension_fields_t *inp, size_t idx) +{ + return cell_extension_fields_get_field((cell_extension_fields_t*)inp, idx); +} +int +cell_extension_fields_set_field(cell_extension_fields_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->field, idx, elt); + return 0; +} +int +cell_extension_fields_add_field(cell_extension_fields_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT8_MAX + if (inp->field.n_ == UINT8_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->field, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +cell_extension_fields_getarray_field(cell_extension_fields_t *inp) +{ + return inp->field.elts_; +} +const uint8_t * +cell_extension_fields_getconstarray_field(const cell_extension_fields_t *inp) +{ + return (const uint8_t *)cell_extension_fields_getarray_field((cell_extension_fields_t*)inp); +} +int +cell_extension_fields_setlen_field(cell_extension_fields_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT8_MAX < SIZE_MAX + if (newlen > UINT8_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->field.allocated_, + &inp->field.n_, inp->field.elts_, newlen, + sizeof(inp->field.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->field.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +cell_extension_fields_check(const cell_extension_fields_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (TRUNNEL_DYNARRAY_LEN(&obj->field) != obj->field_len) + return "Length mismatch for field"; + return NULL; +} + +ssize_t +cell_extension_fields_encoded_len(const cell_extension_fields_t *obj) +{ + ssize_t result = 0; + + if (NULL != cell_extension_fields_check(obj)) + return -1; + + + /* Length of u8 field_type */ + result += 1; + + /* Length of u8 field_len */ + result += 1; + + /* Length of u8 field[field_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->field); + return result; +} +int +cell_extension_fields_clear_errors(cell_extension_fields_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +cell_extension_fields_encode(uint8_t *output, const size_t avail, const cell_extension_fields_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = cell_extension_fields_encoded_len(obj); +#endif + + if (NULL != (msg = cell_extension_fields_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 field_type */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->field_type)); + written += 1; ptr += 1; + + /* Encode u8 field_len */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->field_len)); + written += 1; ptr += 1; + + /* Encode u8 field[field_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->field); + trunnel_assert(obj->field_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->field.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As cell_extension_fields_parse(), but do not allocate the output + * object. + */ +static ssize_t +cell_extension_fields_parse_into(cell_extension_fields_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 field_type */ + CHECK_REMAINING(1, truncated); + obj->field_type = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse u8 field_len */ + CHECK_REMAINING(1, truncated); + obj->field_len = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse u8 field[field_len] */ + CHECK_REMAINING(obj->field_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->field, obj->field_len, {}); + obj->field.n_ = obj->field_len; + if (obj->field_len) + memcpy(obj->field.elts_, ptr, obj->field_len); + ptr += obj->field_len; remaining -= obj->field_len; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + trunnel_alloc_failed: + return -1; +} + +ssize_t +cell_extension_fields_parse(cell_extension_fields_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = cell_extension_fields_new(); + if (NULL == *output) + return -1; + result = cell_extension_fields_parse_into(*output, input, len_in); + if (result < 0) { + cell_extension_fields_free(*output); + *output = NULL; + } + return result; +} +cell_extension_t * +cell_extension_new(void) +{ + cell_extension_t *val = trunnel_calloc(1, sizeof(cell_extension_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +cell_extension_clear(cell_extension_t *obj) +{ + (void) obj; + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { + cell_extension_fields_free(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + } + } + TRUNNEL_DYNARRAY_WIPE(&obj->fields); + TRUNNEL_DYNARRAY_CLEAR(&obj->fields); +} + +void +cell_extension_free(cell_extension_t *obj) +{ + if (obj == NULL) + return; + cell_extension_clear(obj); + trunnel_memwipe(obj, sizeof(cell_extension_t)); + trunnel_free_(obj); +} + +uint8_t +cell_extension_get_num(const cell_extension_t *inp) +{ + return inp->num; +} +int +cell_extension_set_num(cell_extension_t *inp, uint8_t val) +{ + inp->num = val; + return 0; +} +size_t +cell_extension_getlen_fields(const cell_extension_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->fields); +} + +struct cell_extension_fields_st * +cell_extension_get_fields(cell_extension_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->fields, idx); +} + + const struct cell_extension_fields_st * +cell_extension_getconst_fields(const cell_extension_t *inp, size_t idx) +{ + return cell_extension_get_fields((cell_extension_t*)inp, idx); +} +int +cell_extension_set_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt) +{ + cell_extension_fields_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->fields, idx); + if (oldval && oldval != elt) + cell_extension_fields_free(oldval); + return cell_extension_set0_fields(inp, idx, elt); +} +int +cell_extension_set0_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->fields, idx, elt); + return 0; +} +int +cell_extension_add_fields(cell_extension_t *inp, struct cell_extension_fields_st * elt) +{ +#if SIZE_MAX >= UINT8_MAX + if (inp->fields.n_ == UINT8_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(struct cell_extension_fields_st *, &inp->fields, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +struct cell_extension_fields_st * * +cell_extension_getarray_fields(cell_extension_t *inp) +{ + return inp->fields.elts_; +} +const struct cell_extension_fields_st * const * +cell_extension_getconstarray_fields(const cell_extension_t *inp) +{ + return (const struct cell_extension_fields_st * const *)cell_extension_getarray_fields((cell_extension_t*)inp); +} +int +cell_extension_setlen_fields(cell_extension_t *inp, size_t newlen) +{ + struct cell_extension_fields_st * *newptr; +#if UINT8_MAX < SIZE_MAX + if (newlen > UINT8_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->fields.allocated_, + &inp->fields.n_, inp->fields.elts_, newlen, + sizeof(inp->fields.elts_[0]), (trunnel_free_fn_t) cell_extension_fields_free, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->fields.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +cell_extension_check(const cell_extension_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + { + const char *msg; + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { + if (NULL != (msg = cell_extension_fields_check(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)))) + return msg; + } + } + if (TRUNNEL_DYNARRAY_LEN(&obj->fields) != obj->num) + return "Length mismatch for fields"; + return NULL; +} + +ssize_t +cell_extension_encoded_len(const cell_extension_t *obj) +{ + ssize_t result = 0; + + if (NULL != cell_extension_check(obj)) + return -1; + + + /* Length of u8 num */ + result += 1; + + /* Length of struct cell_extension_fields fields[num] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { + result += cell_extension_fields_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + } + } + return result; +} +int +cell_extension_clear_errors(cell_extension_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +cell_extension_encode(uint8_t *output, const size_t avail, const cell_extension_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = cell_extension_encoded_len(obj); +#endif + + if (NULL != (msg = cell_extension_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 num */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->num)); + written += 1; ptr += 1; + + /* Encode struct cell_extension_fields fields[num] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { + trunnel_assert(written <= avail); + result = cell_extension_fields_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + } + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As cell_extension_parse(), but do not allocate the output object. + */ +static ssize_t +cell_extension_parse_into(cell_extension_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 num */ + CHECK_REMAINING(1, truncated); + obj->num = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse struct cell_extension_fields fields[num] */ + TRUNNEL_DYNARRAY_EXPAND(cell_extension_fields_t *, &obj->fields, obj->num, {}); + { + cell_extension_fields_t * elt; + unsigned idx; + for (idx = 0; idx < obj->num; ++idx) { + result = cell_extension_fields_parse(&elt, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + TRUNNEL_DYNARRAY_ADD(cell_extension_fields_t *, &obj->fields, elt, {cell_extension_fields_free(elt);}); + } + } + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; +} + +ssize_t +cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = cell_extension_new(); + if (NULL == *output) + return -1; + result = cell_extension_parse_into(*output, input, len_in); + if (result < 0) { + cell_extension_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/hs/cell_common.h b/src/trunnel/hs/cell_common.h new file mode 100644 index 0000000000..8999f7da40 --- /dev/null +++ b/src/trunnel/hs/cell_common.h @@ -0,0 +1,198 @@ +/* cell_common.h -- generated by by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_CELL_COMMON_H +#define TRUNNEL_CELL_COMMON_H + +#include <stdint.h> +#include "trunnel.h" + +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CELL_EXTENSION_FIELDS) +struct cell_extension_fields_st { + uint8_t field_type; + uint8_t field_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) field; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct cell_extension_fields_st cell_extension_fields_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CELL_EXTENSION) +struct cell_extension_st { + uint8_t num; + TRUNNEL_DYNARRAY_HEAD(, struct cell_extension_fields_st *) fields; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct cell_extension_st cell_extension_t; +/** Return a newly allocated cell_extension_fields with all elements + * set to zero. + */ +cell_extension_fields_t *cell_extension_fields_new(void); +/** Release all storage held by the cell_extension_fields in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void cell_extension_fields_free(cell_extension_fields_t *victim); +/** Try to parse a cell_extension_fields from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated cell_extension_fields_t. On failure, return -2 if the + * input appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t cell_extension_fields_parse(cell_extension_fields_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * cell_extension_fields in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t cell_extension_fields_encoded_len(const cell_extension_fields_t *obj); +/** Try to encode the cell_extension_fields from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t cell_extension_fields_encode(uint8_t *output, size_t avail, const cell_extension_fields_t *input); +/** Check whether the internal state of the cell_extension_fields in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *cell_extension_fields_check(const cell_extension_fields_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int cell_extension_fields_clear_errors(cell_extension_fields_t *obj); +/** Return the value of the field_type field of the + * cell_extension_fields_t in 'inp' + */ +uint8_t cell_extension_fields_get_field_type(const cell_extension_fields_t *inp); +/** Set the value of the field_type field of the + * cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int cell_extension_fields_set_field_type(cell_extension_fields_t *inp, uint8_t val); +/** Return the value of the field_len field of the + * cell_extension_fields_t in 'inp' + */ +uint8_t cell_extension_fields_get_field_len(const cell_extension_fields_t *inp); +/** Set the value of the field_len field of the + * cell_extension_fields_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int cell_extension_fields_set_field_len(cell_extension_fields_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the field field of + * the cell_extension_fields_t in 'inp'. + */ +size_t cell_extension_fields_getlen_field(const cell_extension_fields_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * field of the cell_extension_fields_t in 'inp'. + */ +uint8_t cell_extension_fields_get_field(cell_extension_fields_t *inp, size_t idx); +/** As cell_extension_fields_get_field, but take and return a const + * pointer + */ +uint8_t cell_extension_fields_getconst_field(const cell_extension_fields_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * field of the cell_extension_fields_t in 'inp', so that it will hold + * the value 'elt'. + */ +int cell_extension_fields_set_field(cell_extension_fields_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field field of the + * cell_extension_fields_t in 'inp'. + */ +int cell_extension_fields_add_field(cell_extension_fields_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field field of + * 'inp'. + */ +uint8_t * cell_extension_fields_getarray_field(cell_extension_fields_t *inp); +/** As cell_extension_fields_get_field, but take and return a const + * pointer + */ +const uint8_t * cell_extension_fields_getconstarray_field(const cell_extension_fields_t *inp); +/** Change the length of the variable-length array field field of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int cell_extension_fields_setlen_field(cell_extension_fields_t *inp, size_t newlen); +/** Return a newly allocated cell_extension with all elements set to + * zero. + */ +cell_extension_t *cell_extension_new(void); +/** Release all storage held by the cell_extension in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void cell_extension_free(cell_extension_t *victim); +/** Try to parse a cell_extension from the buffer in 'input', using up + * to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * cell_extension_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * cell_extension in 'obj'. On failure, return a negative value. Note + * that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t cell_extension_encoded_len(const cell_extension_t *obj); +/** Try to encode the cell_extension from 'input' into the buffer at + * 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); +/** Check whether the internal state of the cell_extension in 'obj' is + * consistent. Return NULL if it is, and a short message if it is not. + */ +const char *cell_extension_check(const cell_extension_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int cell_extension_clear_errors(cell_extension_t *obj); +/** Return the value of the num field of the cell_extension_t in 'inp' + */ +uint8_t cell_extension_get_num(const cell_extension_t *inp); +/** Set the value of the num field of the cell_extension_t in 'inp' to + * 'val'. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int cell_extension_set_num(cell_extension_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the fields field of + * the cell_extension_t in 'inp'. + */ +size_t cell_extension_getlen_fields(const cell_extension_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * fields of the cell_extension_t in 'inp'. + */ +struct cell_extension_fields_st * cell_extension_get_fields(cell_extension_t *inp, size_t idx); +/** As cell_extension_get_fields, but take and return a const pointer + */ + const struct cell_extension_fields_st * cell_extension_getconst_fields(const cell_extension_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * fields of the cell_extension_t in 'inp', so that it will hold the + * value 'elt'. Free the previous value, if any. + */ +int cell_extension_set_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt); +/** As cell_extension_set_fields, but does not free the previous + * value. + */ +int cell_extension_set0_fields(cell_extension_t *inp, size_t idx, struct cell_extension_fields_st * elt); +/** Append a new element 'elt' to the dynamic array field fields of + * the cell_extension_t in 'inp'. + */ +int cell_extension_add_fields(cell_extension_t *inp, struct cell_extension_fields_st * elt); +/** Return a pointer to the variable-length array field fields of + * 'inp'. + */ +struct cell_extension_fields_st * * cell_extension_getarray_fields(cell_extension_t *inp); +/** As cell_extension_get_fields, but take and return a const pointer + */ +const struct cell_extension_fields_st * const * cell_extension_getconstarray_fields(const cell_extension_t *inp); +/** Change the length of the variable-length array field fields of + * 'inp' to 'newlen'.Fill extra elements with NULL; free removed + * elements. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int cell_extension_setlen_fields(cell_extension_t *inp, size_t newlen); + + +#endif diff --git a/src/trunnel/hs/cell_common.trunnel b/src/trunnel/hs/cell_common.trunnel new file mode 100644 index 0000000000..1bbec5a1fe --- /dev/null +++ b/src/trunnel/hs/cell_common.trunnel @@ -0,0 +1,12 @@ +/* This file contains common data structure that cells use. */ + +struct cell_extension_fields { + u8 field_type; + u8 field_len; + u8 field[field_len]; +}; + +struct cell_extension { + u8 num; + struct cell_extension_fields fields[num]; +}; diff --git a/src/trunnel/hs/cell_establish_intro.c b/src/trunnel/hs/cell_establish_intro.c new file mode 100644 index 0000000000..02094fe2bf --- /dev/null +++ b/src/trunnel/hs/cell_establish_intro.c @@ -0,0 +1,735 @@ +/* cell_establish_intro.c -- generated by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#include <stdlib.h> +#include "trunnel-impl.h" + +#include "cell_establish_intro.h" + +#define TRUNNEL_SET_ERROR_CODE(obj) \ + do { \ + (obj)->trunnel_error_code_ = 1; \ + } while (0) + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +/* If we're runnning a static analysis tool, we don't want it to complain + * that some of our remaining-bytes checks are dead-code. */ +int cellestablishintro_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || cellestablishintro_deadcode_dummy__ +#else +#define OR_DEADCODE_DUMMY +#endif + +#define CHECK_REMAINING(nbytes, label) \ + do { \ + if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \ + goto label; \ + } \ + } while (0) + +typedef struct cell_extension_st cell_extension_t; +cell_extension_t *cell_extension_new(void); +void cell_extension_free(cell_extension_t *victim); +ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t cell_extension_encoded_len(const cell_extension_t *obj); +ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); +const char *cell_extension_check(const cell_extension_t *obj); +int cell_extension_clear_errors(cell_extension_t *obj); +hs_cell_establish_intro_t * +hs_cell_establish_intro_new(void) +{ + hs_cell_establish_intro_t *val = trunnel_calloc(1, sizeof(hs_cell_establish_intro_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +hs_cell_establish_intro_clear(hs_cell_establish_intro_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); + TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); + cell_extension_free(obj->extensions); + obj->extensions = NULL; + TRUNNEL_DYNARRAY_WIPE(&obj->sig); + TRUNNEL_DYNARRAY_CLEAR(&obj->sig); +} + +void +hs_cell_establish_intro_free(hs_cell_establish_intro_t *obj) +{ + if (obj == NULL) + return; + hs_cell_establish_intro_clear(obj); + trunnel_memwipe(obj, sizeof(hs_cell_establish_intro_t)); + trunnel_free_(obj); +} + +const uint8_t * +hs_cell_establish_intro_get_start_cell(const hs_cell_establish_intro_t *inp) +{ + return inp->start_cell; +} +uint8_t +hs_cell_establish_intro_get_auth_key_type(const hs_cell_establish_intro_t *inp) +{ + return inp->auth_key_type; +} +int +hs_cell_establish_intro_set_auth_key_type(hs_cell_establish_intro_t *inp, uint8_t val) +{ + if (! ((val == 0 || val == 1 || val == 2))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->auth_key_type = val; + return 0; +} +uint16_t +hs_cell_establish_intro_get_auth_key_len(const hs_cell_establish_intro_t *inp) +{ + return inp->auth_key_len; +} +int +hs_cell_establish_intro_set_auth_key_len(hs_cell_establish_intro_t *inp, uint16_t val) +{ + inp->auth_key_len = val; + return 0; +} +size_t +hs_cell_establish_intro_getlen_auth_key(const hs_cell_establish_intro_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->auth_key); +} + +uint8_t +hs_cell_establish_intro_get_auth_key(hs_cell_establish_intro_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->auth_key, idx); +} + +uint8_t +hs_cell_establish_intro_getconst_auth_key(const hs_cell_establish_intro_t *inp, size_t idx) +{ + return hs_cell_establish_intro_get_auth_key((hs_cell_establish_intro_t*)inp, idx); +} +int +hs_cell_establish_intro_set_auth_key(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->auth_key, idx, elt); + return 0; +} +int +hs_cell_establish_intro_add_auth_key(hs_cell_establish_intro_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->auth_key.n_ == UINT16_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->auth_key, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_establish_intro_getarray_auth_key(hs_cell_establish_intro_t *inp) +{ + return inp->auth_key.elts_; +} +const uint8_t * +hs_cell_establish_intro_getconstarray_auth_key(const hs_cell_establish_intro_t *inp) +{ + return (const uint8_t *)hs_cell_establish_intro_getarray_auth_key((hs_cell_establish_intro_t*)inp); +} +int +hs_cell_establish_intro_setlen_auth_key(hs_cell_establish_intro_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->auth_key.allocated_, + &inp->auth_key.n_, inp->auth_key.elts_, newlen, + sizeof(inp->auth_key.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->auth_key.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +struct cell_extension_st * +hs_cell_establish_intro_get_extensions(hs_cell_establish_intro_t *inp) +{ + return inp->extensions; +} +const struct cell_extension_st * +hs_cell_establish_intro_getconst_extensions(const hs_cell_establish_intro_t *inp) +{ + return hs_cell_establish_intro_get_extensions((hs_cell_establish_intro_t*) inp); +} +int +hs_cell_establish_intro_set_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val) +{ + if (inp->extensions && inp->extensions != val) + cell_extension_free(inp->extensions); + return hs_cell_establish_intro_set0_extensions(inp, val); +} +int +hs_cell_establish_intro_set0_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val) +{ + inp->extensions = val; + return 0; +} +const uint8_t * +hs_cell_establish_intro_get_end_mac_fields(const hs_cell_establish_intro_t *inp) +{ + return inp->end_mac_fields; +} +size_t +hs_cell_establish_intro_getlen_handshake_mac(const hs_cell_establish_intro_t *inp) +{ + (void)inp; return TRUNNEL_SHA3_256_LEN; +} + +uint8_t +hs_cell_establish_intro_get_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx) +{ + trunnel_assert(idx < TRUNNEL_SHA3_256_LEN); + return inp->handshake_mac[idx]; +} + +uint8_t +hs_cell_establish_intro_getconst_handshake_mac(const hs_cell_establish_intro_t *inp, size_t idx) +{ + return hs_cell_establish_intro_get_handshake_mac((hs_cell_establish_intro_t*)inp, idx); +} +int +hs_cell_establish_intro_set_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < TRUNNEL_SHA3_256_LEN); + inp->handshake_mac[idx] = elt; + return 0; +} + +uint8_t * +hs_cell_establish_intro_getarray_handshake_mac(hs_cell_establish_intro_t *inp) +{ + return inp->handshake_mac; +} +const uint8_t * +hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intro_t *inp) +{ + return (const uint8_t *)hs_cell_establish_intro_getarray_handshake_mac((hs_cell_establish_intro_t*)inp); +} +uint16_t +hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *inp) +{ + return inp->sig_len; +} +int +hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val) +{ + inp->sig_len = val; + return 0; +} +const uint8_t * +hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp) +{ + return inp->end_sig_fields; +} +size_t +hs_cell_establish_intro_getlen_sig(const hs_cell_establish_intro_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->sig); +} + +uint8_t +hs_cell_establish_intro_get_sig(hs_cell_establish_intro_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->sig, idx); +} + +uint8_t +hs_cell_establish_intro_getconst_sig(const hs_cell_establish_intro_t *inp, size_t idx) +{ + return hs_cell_establish_intro_get_sig((hs_cell_establish_intro_t*)inp, idx); +} +int +hs_cell_establish_intro_set_sig(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->sig, idx, elt); + return 0; +} +int +hs_cell_establish_intro_add_sig(hs_cell_establish_intro_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->sig.n_ == UINT16_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->sig, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_establish_intro_getarray_sig(hs_cell_establish_intro_t *inp) +{ + return inp->sig.elts_; +} +const uint8_t * +hs_cell_establish_intro_getconstarray_sig(const hs_cell_establish_intro_t *inp) +{ + return (const uint8_t *)hs_cell_establish_intro_getarray_sig((hs_cell_establish_intro_t*)inp); +} +int +hs_cell_establish_intro_setlen_sig(hs_cell_establish_intro_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->sig.allocated_, + &inp->sig.n_, inp->sig.elts_, newlen, + sizeof(inp->sig.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->sig.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2)) + return "Integer out of bounds"; + if (TRUNNEL_DYNARRAY_LEN(&obj->auth_key) != obj->auth_key_len) + return "Length mismatch for auth_key"; + { + const char *msg; + if (NULL != (msg = cell_extension_check(obj->extensions))) + return msg; + } + if (TRUNNEL_DYNARRAY_LEN(&obj->sig) != obj->sig_len) + return "Length mismatch for sig"; + return NULL; +} + +ssize_t +hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj) +{ + ssize_t result = 0; + + if (NULL != hs_cell_establish_intro_check(obj)) + return -1; + + + /* Length of u8 auth_key_type IN [0, 1, 2] */ + result += 1; + + /* Length of u16 auth_key_len */ + result += 2; + + /* Length of u8 auth_key[auth_key_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); + + /* Length of struct cell_extension extensions */ + result += cell_extension_encoded_len(obj->extensions); + + /* Length of u8 handshake_mac[TRUNNEL_SHA3_256_LEN] */ + result += TRUNNEL_SHA3_256_LEN; + + /* Length of u16 sig_len */ + result += 2; + + /* Length of u8 sig[sig_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->sig); + return result; +} +int +hs_cell_establish_intro_clear_errors(hs_cell_establish_intro_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +hs_cell_establish_intro_encode(uint8_t *output, const size_t avail, const hs_cell_establish_intro_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = hs_cell_establish_intro_encoded_len(obj); +#endif + + if (NULL != (msg = hs_cell_establish_intro_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 auth_key_type IN [0, 1, 2] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->auth_key_type)); + written += 1; ptr += 1; + + /* Encode u16 auth_key_len */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->auth_key_len)); + written += 2; ptr += 2; + + /* Encode u8 auth_key[auth_key_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->auth_key); + trunnel_assert(obj->auth_key_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->auth_key.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + /* Encode struct cell_extension extensions */ + trunnel_assert(written <= avail); + result = cell_extension_encode(ptr, avail - written, obj->extensions); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + /* Encode u8 handshake_mac[TRUNNEL_SHA3_256_LEN] */ + trunnel_assert(written <= avail); + if (avail - written < TRUNNEL_SHA3_256_LEN) + goto truncated; + memcpy(ptr, obj->handshake_mac, TRUNNEL_SHA3_256_LEN); + written += TRUNNEL_SHA3_256_LEN; ptr += TRUNNEL_SHA3_256_LEN; + + /* Encode u16 sig_len */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->sig_len)); + written += 2; ptr += 2; + + /* Encode u8 sig[sig_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->sig); + trunnel_assert(obj->sig_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->sig.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As hs_cell_establish_intro_parse(), but do not allocate the output + * object. + */ +static ssize_t +hs_cell_establish_intro_parse_into(hs_cell_establish_intro_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + obj->start_cell = ptr; + + /* Parse u8 auth_key_type IN [0, 1, 2] */ + CHECK_REMAINING(1, truncated); + obj->auth_key_type = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2)) + goto fail; + + /* Parse u16 auth_key_len */ + CHECK_REMAINING(2, truncated); + obj->auth_key_len = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u8 auth_key[auth_key_len] */ + CHECK_REMAINING(obj->auth_key_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->auth_key, obj->auth_key_len, {}); + obj->auth_key.n_ = obj->auth_key_len; + if (obj->auth_key_len) + memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); + ptr += obj->auth_key_len; remaining -= obj->auth_key_len; + + /* Parse struct cell_extension extensions */ + result = cell_extension_parse(&obj->extensions, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + obj->end_mac_fields = ptr; + + /* Parse u8 handshake_mac[TRUNNEL_SHA3_256_LEN] */ + CHECK_REMAINING(TRUNNEL_SHA3_256_LEN, truncated); + memcpy(obj->handshake_mac, ptr, TRUNNEL_SHA3_256_LEN); + remaining -= TRUNNEL_SHA3_256_LEN; ptr += TRUNNEL_SHA3_256_LEN; + + /* Parse u16 sig_len */ + CHECK_REMAINING(2, truncated); + obj->sig_len = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + obj->end_sig_fields = ptr; + + /* Parse u8 sig[sig_len] */ + CHECK_REMAINING(obj->sig_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->sig, obj->sig_len, {}); + obj->sig.n_ = obj->sig_len; + if (obj->sig_len) + memcpy(obj->sig.elts_, ptr, obj->sig_len); + ptr += obj->sig_len; remaining -= obj->sig_len; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; + fail: + result = -1; + return result; +} + +ssize_t +hs_cell_establish_intro_parse(hs_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = hs_cell_establish_intro_new(); + if (NULL == *output) + return -1; + result = hs_cell_establish_intro_parse_into(*output, input, len_in); + if (result < 0) { + hs_cell_establish_intro_free(*output); + *output = NULL; + } + return result; +} +hs_cell_intro_established_t * +hs_cell_intro_established_new(void) +{ + hs_cell_intro_established_t *val = trunnel_calloc(1, sizeof(hs_cell_intro_established_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +hs_cell_intro_established_clear(hs_cell_intro_established_t *obj) +{ + (void) obj; + cell_extension_free(obj->extensions); + obj->extensions = NULL; +} + +void +hs_cell_intro_established_free(hs_cell_intro_established_t *obj) +{ + if (obj == NULL) + return; + hs_cell_intro_established_clear(obj); + trunnel_memwipe(obj, sizeof(hs_cell_intro_established_t)); + trunnel_free_(obj); +} + +struct cell_extension_st * +hs_cell_intro_established_get_extensions(hs_cell_intro_established_t *inp) +{ + return inp->extensions; +} +const struct cell_extension_st * +hs_cell_intro_established_getconst_extensions(const hs_cell_intro_established_t *inp) +{ + return hs_cell_intro_established_get_extensions((hs_cell_intro_established_t*) inp); +} +int +hs_cell_intro_established_set_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val) +{ + if (inp->extensions && inp->extensions != val) + cell_extension_free(inp->extensions); + return hs_cell_intro_established_set0_extensions(inp, val); +} +int +hs_cell_intro_established_set0_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val) +{ + inp->extensions = val; + return 0; +} +const char * +hs_cell_intro_established_check(const hs_cell_intro_established_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + { + const char *msg; + if (NULL != (msg = cell_extension_check(obj->extensions))) + return msg; + } + return NULL; +} + +ssize_t +hs_cell_intro_established_encoded_len(const hs_cell_intro_established_t *obj) +{ + ssize_t result = 0; + + if (NULL != hs_cell_intro_established_check(obj)) + return -1; + + + /* Length of struct cell_extension extensions */ + result += cell_extension_encoded_len(obj->extensions); + return result; +} +int +hs_cell_intro_established_clear_errors(hs_cell_intro_established_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +hs_cell_intro_established_encode(uint8_t *output, const size_t avail, const hs_cell_intro_established_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = hs_cell_intro_established_encoded_len(obj); +#endif + + if (NULL != (msg = hs_cell_intro_established_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode struct cell_extension extensions */ + trunnel_assert(written <= avail); + result = cell_extension_encode(ptr, avail - written, obj->extensions); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As hs_cell_intro_established_parse(), but do not allocate the + * output object. + */ +static ssize_t +hs_cell_intro_established_parse_into(hs_cell_intro_established_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse struct cell_extension extensions */ + result = cell_extension_parse(&obj->extensions, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + relay_fail: + trunnel_assert(result < 0); + return result; +} + +ssize_t +hs_cell_intro_established_parse(hs_cell_intro_established_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = hs_cell_intro_established_new(); + if (NULL == *output) + return -1; + result = hs_cell_intro_established_parse_into(*output, input, len_in); + if (result < 0) { + hs_cell_intro_established_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/hs/cell_establish_intro.h b/src/trunnel/hs/cell_establish_intro.h new file mode 100644 index 0000000000..a9166f10d8 --- /dev/null +++ b/src/trunnel/hs/cell_establish_intro.h @@ -0,0 +1,275 @@ +/* cell_establish_intro.h -- generated by by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_CELL_ESTABLISH_INTRO_H +#define TRUNNEL_CELL_ESTABLISH_INTRO_H + +#include <stdint.h> +#include "trunnel.h" + +struct cell_extension_st; +#define TRUNNEL_SHA3_256_LEN 32 +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_ESTABLISH_INTRO) +struct hs_cell_establish_intro_st { + const uint8_t *start_cell; + uint8_t auth_key_type; + uint16_t auth_key_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; + struct cell_extension_st *extensions; + const uint8_t *end_mac_fields; + uint8_t handshake_mac[TRUNNEL_SHA3_256_LEN]; + uint16_t sig_len; + const uint8_t *end_sig_fields; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) sig; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct hs_cell_establish_intro_st hs_cell_establish_intro_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRO_ESTABLISHED) +struct hs_cell_intro_established_st { + struct cell_extension_st *extensions; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct hs_cell_intro_established_st hs_cell_intro_established_t; +/** Return a newly allocated hs_cell_establish_intro with all elements + * set to zero. + */ +hs_cell_establish_intro_t *hs_cell_establish_intro_new(void); +/** Release all storage held by the hs_cell_establish_intro in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void hs_cell_establish_intro_free(hs_cell_establish_intro_t *victim); +/** Try to parse a hs_cell_establish_intro from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated hs_cell_establish_intro_t. On failure, return -2 if the + * input appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t hs_cell_establish_intro_parse(hs_cell_establish_intro_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * hs_cell_establish_intro in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t hs_cell_establish_intro_encoded_len(const hs_cell_establish_intro_t *obj); +/** Try to encode the hs_cell_establish_intro from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t hs_cell_establish_intro_encode(uint8_t *output, size_t avail, const hs_cell_establish_intro_t *input); +/** Check whether the internal state of the hs_cell_establish_intro in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *hs_cell_establish_intro_check(const hs_cell_establish_intro_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int hs_cell_establish_intro_clear_errors(hs_cell_establish_intro_t *obj); +/** Return the position for start_cell when we parsed this object + */ +const uint8_t * hs_cell_establish_intro_get_start_cell(const hs_cell_establish_intro_t *inp); +/** Return the value of the auth_key_type field of the + * hs_cell_establish_intro_t in 'inp' + */ +uint8_t hs_cell_establish_intro_get_auth_key_type(const hs_cell_establish_intro_t *inp); +/** Set the value of the auth_key_type field of the + * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_set_auth_key_type(hs_cell_establish_intro_t *inp, uint8_t val); +/** Return the value of the auth_key_len field of the + * hs_cell_establish_intro_t in 'inp' + */ +uint16_t hs_cell_establish_intro_get_auth_key_len(const hs_cell_establish_intro_t *inp); +/** Set the value of the auth_key_len field of the + * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_set_auth_key_len(hs_cell_establish_intro_t *inp, uint16_t val); +/** Return the length of the dynamic array holding the auth_key field + * of the hs_cell_establish_intro_t in 'inp'. + */ +size_t hs_cell_establish_intro_getlen_auth_key(const hs_cell_establish_intro_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * auth_key of the hs_cell_establish_intro_t in 'inp'. + */ +uint8_t hs_cell_establish_intro_get_auth_key(hs_cell_establish_intro_t *inp, size_t idx); +/** As hs_cell_establish_intro_get_auth_key, but take and return a + * const pointer + */ +uint8_t hs_cell_establish_intro_getconst_auth_key(const hs_cell_establish_intro_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * auth_key of the hs_cell_establish_intro_t in 'inp', so that it will + * hold the value 'elt'. + */ +int hs_cell_establish_intro_set_auth_key(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field auth_key of + * the hs_cell_establish_intro_t in 'inp'. + */ +int hs_cell_establish_intro_add_auth_key(hs_cell_establish_intro_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field auth_key of + * 'inp'. + */ +uint8_t * hs_cell_establish_intro_getarray_auth_key(hs_cell_establish_intro_t *inp); +/** As hs_cell_establish_intro_get_auth_key, but take and return a + * const pointer + */ +const uint8_t * hs_cell_establish_intro_getconstarray_auth_key(const hs_cell_establish_intro_t *inp); +/** Change the length of the variable-length array field auth_key of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_setlen_auth_key(hs_cell_establish_intro_t *inp, size_t newlen); +/** Return the value of the extensions field of the + * hs_cell_establish_intro_t in 'inp' + */ +struct cell_extension_st * hs_cell_establish_intro_get_extensions(hs_cell_establish_intro_t *inp); +/** As hs_cell_establish_intro_get_extensions, but take and return a + * const pointer + */ +const struct cell_extension_st * hs_cell_establish_intro_getconst_extensions(const hs_cell_establish_intro_t *inp); +/** Set the value of the extensions field of the + * hs_cell_establish_intro_t in 'inp' to 'val'. Free the old value if + * any. Steals the referenceto 'val'.Return 0 on success; return -1 + * and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_set_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val); +/** As hs_cell_establish_intro_set_extensions, but does not free the + * previous value. + */ +int hs_cell_establish_intro_set0_extensions(hs_cell_establish_intro_t *inp, struct cell_extension_st *val); +/** Return the position for end_mac_fields when we parsed this object + */ +const uint8_t * hs_cell_establish_intro_get_end_mac_fields(const hs_cell_establish_intro_t *inp); +/** Return the (constant) length of the array holding the + * handshake_mac field of the hs_cell_establish_intro_t in 'inp'. + */ +size_t hs_cell_establish_intro_getlen_handshake_mac(const hs_cell_establish_intro_t *inp); +/** Return the element at position 'idx' of the fixed array field + * handshake_mac of the hs_cell_establish_intro_t in 'inp'. + */ +uint8_t hs_cell_establish_intro_get_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx); +/** As hs_cell_establish_intro_get_handshake_mac, but take and return + * a const pointer + */ +uint8_t hs_cell_establish_intro_getconst_handshake_mac(const hs_cell_establish_intro_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * handshake_mac of the hs_cell_establish_intro_t in 'inp', so that it + * will hold the value 'elt'. + */ +int hs_cell_establish_intro_set_handshake_mac(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the TRUNNEL_SHA3_256_LEN-element array field + * handshake_mac of 'inp'. + */ +uint8_t * hs_cell_establish_intro_getarray_handshake_mac(hs_cell_establish_intro_t *inp); +/** As hs_cell_establish_intro_get_handshake_mac, but take and return + * a const pointer + */ +const uint8_t * hs_cell_establish_intro_getconstarray_handshake_mac(const hs_cell_establish_intro_t *inp); +/** Return the value of the sig_len field of the + * hs_cell_establish_intro_t in 'inp' + */ +uint16_t hs_cell_establish_intro_get_sig_len(const hs_cell_establish_intro_t *inp); +/** Set the value of the sig_len field of the + * hs_cell_establish_intro_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_set_sig_len(hs_cell_establish_intro_t *inp, uint16_t val); +/** Return the position for end_sig_fields when we parsed this object + */ +const uint8_t * hs_cell_establish_intro_get_end_sig_fields(const hs_cell_establish_intro_t *inp); +/** Return the length of the dynamic array holding the sig field of + * the hs_cell_establish_intro_t in 'inp'. + */ +size_t hs_cell_establish_intro_getlen_sig(const hs_cell_establish_intro_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * sig of the hs_cell_establish_intro_t in 'inp'. + */ +uint8_t hs_cell_establish_intro_get_sig(hs_cell_establish_intro_t *inp, size_t idx); +/** As hs_cell_establish_intro_get_sig, but take and return a const + * pointer + */ +uint8_t hs_cell_establish_intro_getconst_sig(const hs_cell_establish_intro_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * sig of the hs_cell_establish_intro_t in 'inp', so that it will hold + * the value 'elt'. + */ +int hs_cell_establish_intro_set_sig(hs_cell_establish_intro_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field sig of the + * hs_cell_establish_intro_t in 'inp'. + */ +int hs_cell_establish_intro_add_sig(hs_cell_establish_intro_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field sig of 'inp'. + */ +uint8_t * hs_cell_establish_intro_getarray_sig(hs_cell_establish_intro_t *inp); +/** As hs_cell_establish_intro_get_sig, but take and return a const + * pointer + */ +const uint8_t * hs_cell_establish_intro_getconstarray_sig(const hs_cell_establish_intro_t *inp); +/** Change the length of the variable-length array field sig of 'inp' + * to 'newlen'.Fill extra elements with 0. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int hs_cell_establish_intro_setlen_sig(hs_cell_establish_intro_t *inp, size_t newlen); +/** Return a newly allocated hs_cell_intro_established with all + * elements set to zero. + */ +hs_cell_intro_established_t *hs_cell_intro_established_new(void); +/** Release all storage held by the hs_cell_intro_established in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void hs_cell_intro_established_free(hs_cell_intro_established_t *victim); +/** Try to parse a hs_cell_intro_established from the buffer in + * 'input', using up to 'len_in' bytes from the input buffer. On + * success, return the number of bytes consumed and set *output to the + * newly allocated hs_cell_intro_established_t. On failure, return -2 + * if the input appears truncated, and -1 if the input is otherwise + * invalid. + */ +ssize_t hs_cell_intro_established_parse(hs_cell_intro_established_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * hs_cell_intro_established in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t hs_cell_intro_established_encoded_len(const hs_cell_intro_established_t *obj); +/** Try to encode the hs_cell_intro_established from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t hs_cell_intro_established_encode(uint8_t *output, size_t avail, const hs_cell_intro_established_t *input); +/** Check whether the internal state of the hs_cell_intro_established + * in 'obj' is consistent. Return NULL if it is, and a short message + * if it is not. + */ +const char *hs_cell_intro_established_check(const hs_cell_intro_established_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int hs_cell_intro_established_clear_errors(hs_cell_intro_established_t *obj); +/** Return the value of the extensions field of the + * hs_cell_intro_established_t in 'inp' + */ +struct cell_extension_st * hs_cell_intro_established_get_extensions(hs_cell_intro_established_t *inp); +/** As hs_cell_intro_established_get_extensions, but take and return a + * const pointer + */ +const struct cell_extension_st * hs_cell_intro_established_getconst_extensions(const hs_cell_intro_established_t *inp); +/** Set the value of the extensions field of the + * hs_cell_intro_established_t in 'inp' to 'val'. Free the old value + * if any. Steals the referenceto 'val'.Return 0 on success; return -1 + * and set the error code on 'inp' on failure. + */ +int hs_cell_intro_established_set_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val); +/** As hs_cell_intro_established_set_extensions, but does not free the + * previous value. + */ +int hs_cell_intro_established_set0_extensions(hs_cell_intro_established_t *inp, struct cell_extension_st *val); + + +#endif diff --git a/src/trunnel/hs/cell_establish_intro.trunnel b/src/trunnel/hs/cell_establish_intro.trunnel new file mode 100644 index 0000000000..4f9e8f7e08 --- /dev/null +++ b/src/trunnel/hs/cell_establish_intro.trunnel @@ -0,0 +1,41 @@ +/* + * This contains the definition of the ESTABLISH_INTRO and INTRO_ESTABLISHED + * cell for onion service version 3 and onward. The following format is + * specified in proposal 224 section 3.1. + */ + +extern struct cell_extension; + +const TRUNNEL_SHA3_256_LEN = 32; + +/* ESTABLISH_INTRO payload. See details in section 3.1.1 */ +struct hs_cell_establish_intro { + /* Indicate the start of the handshake authentication data. */ + @ptr start_cell; + + /* Authentication key material. */ + u8 auth_key_type IN [0x00, 0x01, 0x02]; + u16 auth_key_len; + u8 auth_key[auth_key_len]; + + /* Extension(s). Reserved fields. */ + struct cell_extension extensions; + @ptr end_mac_fields; + + /* Handshake MAC. */ + u8 handshake_mac[TRUNNEL_SHA3_256_LEN]; + + /* Signature */ + u16 sig_len; + /* Indicate the end of the handshake authentication data. */ + @ptr end_sig_fields; + u8 sig[sig_len]; +}; + +/* INTRO_ESTABLISHED payload which is an acknowledge of the ESTABLISH_INTRO + * cell. For legacy node, this payload is empty so the following only applies + * to version >= 3. */ +struct hs_cell_intro_established { + /* Extension(s). Reserved fields. */ + struct cell_extension extensions; +}; diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c new file mode 100644 index 0000000000..5922a086dc --- /dev/null +++ b/src/trunnel/hs/cell_introduce1.c @@ -0,0 +1,1357 @@ +/* cell_introduce1.c -- generated by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#include <stdlib.h> +#include "trunnel-impl.h" + +#include "cell_introduce1.h" + +#define TRUNNEL_SET_ERROR_CODE(obj) \ + do { \ + (obj)->trunnel_error_code_ = 1; \ + } while (0) + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +/* If we're runnning a static analysis tool, we don't want it to complain + * that some of our remaining-bytes checks are dead-code. */ +int cellintroduce_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || cellintroduce_deadcode_dummy__ +#else +#define OR_DEADCODE_DUMMY +#endif + +#define CHECK_REMAINING(nbytes, label) \ + do { \ + if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \ + goto label; \ + } \ + } while (0) + +typedef struct cell_extension_st cell_extension_t; +cell_extension_t *cell_extension_new(void); +void cell_extension_free(cell_extension_t *victim); +ssize_t cell_extension_parse(cell_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t cell_extension_encoded_len(const cell_extension_t *obj); +ssize_t cell_extension_encode(uint8_t *output, size_t avail, const cell_extension_t *input); +const char *cell_extension_check(const cell_extension_t *obj); +int cell_extension_clear_errors(cell_extension_t *obj); +typedef struct link_specifier_st link_specifier_t; +link_specifier_t *link_specifier_new(void); +void link_specifier_free(link_specifier_t *victim); +ssize_t link_specifier_parse(link_specifier_t **output, const uint8_t *input, const size_t len_in); +ssize_t link_specifier_encoded_len(const link_specifier_t *obj); +ssize_t link_specifier_encode(uint8_t *output, size_t avail, const link_specifier_t *input); +const char *link_specifier_check(const link_specifier_t *obj); +int link_specifier_clear_errors(link_specifier_t *obj); +hs_cell_introduce1_t * +hs_cell_introduce1_new(void) +{ + hs_cell_introduce1_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce1_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +hs_cell_introduce1_clear(hs_cell_introduce1_t *obj) +{ + (void) obj; + TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); + TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); + cell_extension_free(obj->extensions); + obj->extensions = NULL; + TRUNNEL_DYNARRAY_WIPE(&obj->encrypted); + TRUNNEL_DYNARRAY_CLEAR(&obj->encrypted); +} + +void +hs_cell_introduce1_free(hs_cell_introduce1_t *obj) +{ + if (obj == NULL) + return; + hs_cell_introduce1_clear(obj); + trunnel_memwipe(obj, sizeof(hs_cell_introduce1_t)); + trunnel_free_(obj); +} + +size_t +hs_cell_introduce1_getlen_legacy_key_id(const hs_cell_introduce1_t *inp) +{ + (void)inp; return TRUNNEL_SHA1_LEN; +} + +uint8_t +hs_cell_introduce1_get_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx) +{ + trunnel_assert(idx < TRUNNEL_SHA1_LEN); + return inp->legacy_key_id[idx]; +} + +uint8_t +hs_cell_introduce1_getconst_legacy_key_id(const hs_cell_introduce1_t *inp, size_t idx) +{ + return hs_cell_introduce1_get_legacy_key_id((hs_cell_introduce1_t*)inp, idx); +} +int +hs_cell_introduce1_set_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < TRUNNEL_SHA1_LEN); + inp->legacy_key_id[idx] = elt; + return 0; +} + +uint8_t * +hs_cell_introduce1_getarray_legacy_key_id(hs_cell_introduce1_t *inp) +{ + return inp->legacy_key_id; +} +const uint8_t * +hs_cell_introduce1_getconstarray_legacy_key_id(const hs_cell_introduce1_t *inp) +{ + return (const uint8_t *)hs_cell_introduce1_getarray_legacy_key_id((hs_cell_introduce1_t*)inp); +} +uint8_t +hs_cell_introduce1_get_auth_key_type(const hs_cell_introduce1_t *inp) +{ + return inp->auth_key_type; +} +int +hs_cell_introduce1_set_auth_key_type(hs_cell_introduce1_t *inp, uint8_t val) +{ + if (! ((val == 0 || val == 1 || val == 2))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->auth_key_type = val; + return 0; +} +uint16_t +hs_cell_introduce1_get_auth_key_len(const hs_cell_introduce1_t *inp) +{ + return inp->auth_key_len; +} +int +hs_cell_introduce1_set_auth_key_len(hs_cell_introduce1_t *inp, uint16_t val) +{ + inp->auth_key_len = val; + return 0; +} +size_t +hs_cell_introduce1_getlen_auth_key(const hs_cell_introduce1_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->auth_key); +} + +uint8_t +hs_cell_introduce1_get_auth_key(hs_cell_introduce1_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->auth_key, idx); +} + +uint8_t +hs_cell_introduce1_getconst_auth_key(const hs_cell_introduce1_t *inp, size_t idx) +{ + return hs_cell_introduce1_get_auth_key((hs_cell_introduce1_t*)inp, idx); +} +int +hs_cell_introduce1_set_auth_key(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->auth_key, idx, elt); + return 0; +} +int +hs_cell_introduce1_add_auth_key(hs_cell_introduce1_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->auth_key.n_ == UINT16_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->auth_key, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_introduce1_getarray_auth_key(hs_cell_introduce1_t *inp) +{ + return inp->auth_key.elts_; +} +const uint8_t * +hs_cell_introduce1_getconstarray_auth_key(const hs_cell_introduce1_t *inp) +{ + return (const uint8_t *)hs_cell_introduce1_getarray_auth_key((hs_cell_introduce1_t*)inp); +} +int +hs_cell_introduce1_setlen_auth_key(hs_cell_introduce1_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->auth_key.allocated_, + &inp->auth_key.n_, inp->auth_key.elts_, newlen, + sizeof(inp->auth_key.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->auth_key.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +struct cell_extension_st * +hs_cell_introduce1_get_extensions(hs_cell_introduce1_t *inp) +{ + return inp->extensions; +} +const struct cell_extension_st * +hs_cell_introduce1_getconst_extensions(const hs_cell_introduce1_t *inp) +{ + return hs_cell_introduce1_get_extensions((hs_cell_introduce1_t*) inp); +} +int +hs_cell_introduce1_set_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val) +{ + if (inp->extensions && inp->extensions != val) + cell_extension_free(inp->extensions); + return hs_cell_introduce1_set0_extensions(inp, val); +} +int +hs_cell_introduce1_set0_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val) +{ + inp->extensions = val; + return 0; +} +size_t +hs_cell_introduce1_getlen_encrypted(const hs_cell_introduce1_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->encrypted); +} + +uint8_t +hs_cell_introduce1_get_encrypted(hs_cell_introduce1_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->encrypted, idx); +} + +uint8_t +hs_cell_introduce1_getconst_encrypted(const hs_cell_introduce1_t *inp, size_t idx) +{ + return hs_cell_introduce1_get_encrypted((hs_cell_introduce1_t*)inp, idx); +} +int +hs_cell_introduce1_set_encrypted(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->encrypted, idx, elt); + return 0; +} +int +hs_cell_introduce1_add_encrypted(hs_cell_introduce1_t *inp, uint8_t elt) +{ + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->encrypted, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_introduce1_getarray_encrypted(hs_cell_introduce1_t *inp) +{ + return inp->encrypted.elts_; +} +const uint8_t * +hs_cell_introduce1_getconstarray_encrypted(const hs_cell_introduce1_t *inp) +{ + return (const uint8_t *)hs_cell_introduce1_getarray_encrypted((hs_cell_introduce1_t*)inp); +} +int +hs_cell_introduce1_setlen_encrypted(hs_cell_introduce1_t *inp, size_t newlen) +{ + uint8_t *newptr; + newptr = trunnel_dynarray_setlen(&inp->encrypted.allocated_, + &inp->encrypted.n_, inp->encrypted.elts_, newlen, + sizeof(inp->encrypted.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->encrypted.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +hs_cell_introduce1_check(const hs_cell_introduce1_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2)) + return "Integer out of bounds"; + if (TRUNNEL_DYNARRAY_LEN(&obj->auth_key) != obj->auth_key_len) + return "Length mismatch for auth_key"; + { + const char *msg; + if (NULL != (msg = cell_extension_check(obj->extensions))) + return msg; + } + return NULL; +} + +ssize_t +hs_cell_introduce1_encoded_len(const hs_cell_introduce1_t *obj) +{ + ssize_t result = 0; + + if (NULL != hs_cell_introduce1_check(obj)) + return -1; + + + /* Length of u8 legacy_key_id[TRUNNEL_SHA1_LEN] */ + result += TRUNNEL_SHA1_LEN; + + /* Length of u8 auth_key_type IN [0, 1, 2] */ + result += 1; + + /* Length of u16 auth_key_len */ + result += 2; + + /* Length of u8 auth_key[auth_key_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); + + /* Length of struct cell_extension extensions */ + result += cell_extension_encoded_len(obj->extensions); + + /* Length of u8 encrypted[] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->encrypted); + return result; +} +int +hs_cell_introduce1_clear_errors(hs_cell_introduce1_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +hs_cell_introduce1_encode(uint8_t *output, const size_t avail, const hs_cell_introduce1_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = hs_cell_introduce1_encoded_len(obj); +#endif + + if (NULL != (msg = hs_cell_introduce1_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 legacy_key_id[TRUNNEL_SHA1_LEN] */ + trunnel_assert(written <= avail); + if (avail - written < TRUNNEL_SHA1_LEN) + goto truncated; + memcpy(ptr, obj->legacy_key_id, TRUNNEL_SHA1_LEN); + written += TRUNNEL_SHA1_LEN; ptr += TRUNNEL_SHA1_LEN; + + /* Encode u8 auth_key_type IN [0, 1, 2] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->auth_key_type)); + written += 1; ptr += 1; + + /* Encode u16 auth_key_len */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->auth_key_len)); + written += 2; ptr += 2; + + /* Encode u8 auth_key[auth_key_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->auth_key); + trunnel_assert(obj->auth_key_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->auth_key.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + /* Encode struct cell_extension extensions */ + trunnel_assert(written <= avail); + result = cell_extension_encode(ptr, avail - written, obj->extensions); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + /* Encode u8 encrypted[] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->encrypted); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->encrypted.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As hs_cell_introduce1_parse(), but do not allocate the output + * object. + */ +static ssize_t +hs_cell_introduce1_parse_into(hs_cell_introduce1_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 legacy_key_id[TRUNNEL_SHA1_LEN] */ + CHECK_REMAINING(TRUNNEL_SHA1_LEN, truncated); + memcpy(obj->legacy_key_id, ptr, TRUNNEL_SHA1_LEN); + remaining -= TRUNNEL_SHA1_LEN; ptr += TRUNNEL_SHA1_LEN; + + /* Parse u8 auth_key_type IN [0, 1, 2] */ + CHECK_REMAINING(1, truncated); + obj->auth_key_type = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->auth_key_type == 0 || obj->auth_key_type == 1 || obj->auth_key_type == 2)) + goto fail; + + /* Parse u16 auth_key_len */ + CHECK_REMAINING(2, truncated); + obj->auth_key_len = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u8 auth_key[auth_key_len] */ + CHECK_REMAINING(obj->auth_key_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->auth_key, obj->auth_key_len, {}); + obj->auth_key.n_ = obj->auth_key_len; + if (obj->auth_key_len) + memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); + ptr += obj->auth_key_len; remaining -= obj->auth_key_len; + + /* Parse struct cell_extension extensions */ + result = cell_extension_parse(&obj->extensions, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + + /* Parse u8 encrypted[] */ + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->encrypted, remaining, {}); + obj->encrypted.n_ = remaining; + if (remaining) + memcpy(obj->encrypted.elts_, ptr, remaining); + ptr += remaining; remaining -= remaining; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; + fail: + result = -1; + return result; +} + +ssize_t +hs_cell_introduce1_parse(hs_cell_introduce1_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = hs_cell_introduce1_new(); + if (NULL == *output) + return -1; + result = hs_cell_introduce1_parse_into(*output, input, len_in); + if (result < 0) { + hs_cell_introduce1_free(*output); + *output = NULL; + } + return result; +} +hs_cell_introduce_ack_t * +hs_cell_introduce_ack_new(void) +{ + hs_cell_introduce_ack_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce_ack_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +hs_cell_introduce_ack_clear(hs_cell_introduce_ack_t *obj) +{ + (void) obj; + cell_extension_free(obj->extensions); + obj->extensions = NULL; +} + +void +hs_cell_introduce_ack_free(hs_cell_introduce_ack_t *obj) +{ + if (obj == NULL) + return; + hs_cell_introduce_ack_clear(obj); + trunnel_memwipe(obj, sizeof(hs_cell_introduce_ack_t)); + trunnel_free_(obj); +} + +uint16_t +hs_cell_introduce_ack_get_status(const hs_cell_introduce_ack_t *inp) +{ + return inp->status; +} +int +hs_cell_introduce_ack_set_status(hs_cell_introduce_ack_t *inp, uint16_t val) +{ + if (! ((val == 0 || val == 1 || val == 2))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->status = val; + return 0; +} +struct cell_extension_st * +hs_cell_introduce_ack_get_extensions(hs_cell_introduce_ack_t *inp) +{ + return inp->extensions; +} +const struct cell_extension_st * +hs_cell_introduce_ack_getconst_extensions(const hs_cell_introduce_ack_t *inp) +{ + return hs_cell_introduce_ack_get_extensions((hs_cell_introduce_ack_t*) inp); +} +int +hs_cell_introduce_ack_set_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val) +{ + if (inp->extensions && inp->extensions != val) + cell_extension_free(inp->extensions); + return hs_cell_introduce_ack_set0_extensions(inp, val); +} +int +hs_cell_introduce_ack_set0_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val) +{ + inp->extensions = val; + return 0; +} +const char * +hs_cell_introduce_ack_check(const hs_cell_introduce_ack_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->status == 0 || obj->status == 1 || obj->status == 2)) + return "Integer out of bounds"; + { + const char *msg; + if (NULL != (msg = cell_extension_check(obj->extensions))) + return msg; + } + return NULL; +} + +ssize_t +hs_cell_introduce_ack_encoded_len(const hs_cell_introduce_ack_t *obj) +{ + ssize_t result = 0; + + if (NULL != hs_cell_introduce_ack_check(obj)) + return -1; + + + /* Length of u16 status IN [0, 1, 2] */ + result += 2; + + /* Length of struct cell_extension extensions */ + result += cell_extension_encoded_len(obj->extensions); + return result; +} +int +hs_cell_introduce_ack_clear_errors(hs_cell_introduce_ack_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +hs_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const hs_cell_introduce_ack_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = hs_cell_introduce_ack_encoded_len(obj); +#endif + + if (NULL != (msg = hs_cell_introduce_ack_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u16 status IN [0, 1, 2] */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->status)); + written += 2; ptr += 2; + + /* Encode struct cell_extension extensions */ + trunnel_assert(written <= avail); + result = cell_extension_encode(ptr, avail - written, obj->extensions); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As hs_cell_introduce_ack_parse(), but do not allocate the output + * object. + */ +static ssize_t +hs_cell_introduce_ack_parse_into(hs_cell_introduce_ack_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u16 status IN [0, 1, 2] */ + CHECK_REMAINING(2, truncated); + obj->status = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + if (! (obj->status == 0 || obj->status == 1 || obj->status == 2)) + goto fail; + + /* Parse struct cell_extension extensions */ + result = cell_extension_parse(&obj->extensions, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + fail: + result = -1; + return result; +} + +ssize_t +hs_cell_introduce_ack_parse(hs_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = hs_cell_introduce_ack_new(); + if (NULL == *output) + return -1; + result = hs_cell_introduce_ack_parse_into(*output, input, len_in); + if (result < 0) { + hs_cell_introduce_ack_free(*output); + *output = NULL; + } + return result; +} +hs_cell_introduce_encrypted_t * +hs_cell_introduce_encrypted_new(void) +{ + hs_cell_introduce_encrypted_t *val = trunnel_calloc(1, sizeof(hs_cell_introduce_encrypted_t)); + if (NULL == val) + return NULL; + val->onion_key_type = 1; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +hs_cell_introduce_encrypted_clear(hs_cell_introduce_encrypted_t *obj) +{ + (void) obj; + cell_extension_free(obj->extensions); + obj->extensions = NULL; + TRUNNEL_DYNARRAY_WIPE(&obj->onion_key); + TRUNNEL_DYNARRAY_CLEAR(&obj->onion_key); + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->nspecs); ++idx) { + link_specifier_free(TRUNNEL_DYNARRAY_GET(&obj->nspecs, idx)); + } + } + TRUNNEL_DYNARRAY_WIPE(&obj->nspecs); + TRUNNEL_DYNARRAY_CLEAR(&obj->nspecs); + TRUNNEL_DYNARRAY_WIPE(&obj->pad); + TRUNNEL_DYNARRAY_CLEAR(&obj->pad); +} + +void +hs_cell_introduce_encrypted_free(hs_cell_introduce_encrypted_t *obj) +{ + if (obj == NULL) + return; + hs_cell_introduce_encrypted_clear(obj); + trunnel_memwipe(obj, sizeof(hs_cell_introduce_encrypted_t)); + trunnel_free_(obj); +} + +size_t +hs_cell_introduce_encrypted_getlen_rend_cookie(const hs_cell_introduce_encrypted_t *inp) +{ + (void)inp; return TRUNNEL_REND_COOKIE_LEN; +} + +uint8_t +hs_cell_introduce_encrypted_get_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + trunnel_assert(idx < TRUNNEL_REND_COOKIE_LEN); + return inp->rend_cookie[idx]; +} + +uint8_t +hs_cell_introduce_encrypted_getconst_rend_cookie(const hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return hs_cell_introduce_encrypted_get_rend_cookie((hs_cell_introduce_encrypted_t*)inp, idx); +} +int +hs_cell_introduce_encrypted_set_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +{ + trunnel_assert(idx < TRUNNEL_REND_COOKIE_LEN); + inp->rend_cookie[idx] = elt; + return 0; +} + +uint8_t * +hs_cell_introduce_encrypted_getarray_rend_cookie(hs_cell_introduce_encrypted_t *inp) +{ + return inp->rend_cookie; +} +const uint8_t * +hs_cell_introduce_encrypted_getconstarray_rend_cookie(const hs_cell_introduce_encrypted_t *inp) +{ + return (const uint8_t *)hs_cell_introduce_encrypted_getarray_rend_cookie((hs_cell_introduce_encrypted_t*)inp); +} +struct cell_extension_st * +hs_cell_introduce_encrypted_get_extensions(hs_cell_introduce_encrypted_t *inp) +{ + return inp->extensions; +} +const struct cell_extension_st * +hs_cell_introduce_encrypted_getconst_extensions(const hs_cell_introduce_encrypted_t *inp) +{ + return hs_cell_introduce_encrypted_get_extensions((hs_cell_introduce_encrypted_t*) inp); +} +int +hs_cell_introduce_encrypted_set_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val) +{ + if (inp->extensions && inp->extensions != val) + cell_extension_free(inp->extensions); + return hs_cell_introduce_encrypted_set0_extensions(inp, val); +} +int +hs_cell_introduce_encrypted_set0_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val) +{ + inp->extensions = val; + return 0; +} +uint8_t +hs_cell_introduce_encrypted_get_onion_key_type(const hs_cell_introduce_encrypted_t *inp) +{ + return inp->onion_key_type; +} +int +hs_cell_introduce_encrypted_set_onion_key_type(hs_cell_introduce_encrypted_t *inp, uint8_t val) +{ + if (! ((val == 1))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->onion_key_type = val; + return 0; +} +uint16_t +hs_cell_introduce_encrypted_get_onion_key_len(const hs_cell_introduce_encrypted_t *inp) +{ + return inp->onion_key_len; +} +int +hs_cell_introduce_encrypted_set_onion_key_len(hs_cell_introduce_encrypted_t *inp, uint16_t val) +{ + inp->onion_key_len = val; + return 0; +} +size_t +hs_cell_introduce_encrypted_getlen_onion_key(const hs_cell_introduce_encrypted_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->onion_key); +} + +uint8_t +hs_cell_introduce_encrypted_get_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->onion_key, idx); +} + +uint8_t +hs_cell_introduce_encrypted_getconst_onion_key(const hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return hs_cell_introduce_encrypted_get_onion_key((hs_cell_introduce_encrypted_t*)inp, idx); +} +int +hs_cell_introduce_encrypted_set_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->onion_key, idx, elt); + return 0; +} +int +hs_cell_introduce_encrypted_add_onion_key(hs_cell_introduce_encrypted_t *inp, uint8_t elt) +{ +#if SIZE_MAX >= UINT16_MAX + if (inp->onion_key.n_ == UINT16_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->onion_key, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_introduce_encrypted_getarray_onion_key(hs_cell_introduce_encrypted_t *inp) +{ + return inp->onion_key.elts_; +} +const uint8_t * +hs_cell_introduce_encrypted_getconstarray_onion_key(const hs_cell_introduce_encrypted_t *inp) +{ + return (const uint8_t *)hs_cell_introduce_encrypted_getarray_onion_key((hs_cell_introduce_encrypted_t*)inp); +} +int +hs_cell_introduce_encrypted_setlen_onion_key(hs_cell_introduce_encrypted_t *inp, size_t newlen) +{ + uint8_t *newptr; +#if UINT16_MAX < SIZE_MAX + if (newlen > UINT16_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->onion_key.allocated_, + &inp->onion_key.n_, inp->onion_key.elts_, newlen, + sizeof(inp->onion_key.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->onion_key.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +uint8_t +hs_cell_introduce_encrypted_get_nspec(const hs_cell_introduce_encrypted_t *inp) +{ + return inp->nspec; +} +int +hs_cell_introduce_encrypted_set_nspec(hs_cell_introduce_encrypted_t *inp, uint8_t val) +{ + inp->nspec = val; + return 0; +} +size_t +hs_cell_introduce_encrypted_getlen_nspecs(const hs_cell_introduce_encrypted_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->nspecs); +} + +struct link_specifier_st * +hs_cell_introduce_encrypted_get_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->nspecs, idx); +} + + const struct link_specifier_st * +hs_cell_introduce_encrypted_getconst_nspecs(const hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return hs_cell_introduce_encrypted_get_nspecs((hs_cell_introduce_encrypted_t*)inp, idx); +} +int +hs_cell_introduce_encrypted_set_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) +{ + link_specifier_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->nspecs, idx); + if (oldval && oldval != elt) + link_specifier_free(oldval); + return hs_cell_introduce_encrypted_set0_nspecs(inp, idx, elt); +} +int +hs_cell_introduce_encrypted_set0_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->nspecs, idx, elt); + return 0; +} +int +hs_cell_introduce_encrypted_add_nspecs(hs_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt) +{ +#if SIZE_MAX >= UINT8_MAX + if (inp->nspecs.n_ == UINT8_MAX) + goto trunnel_alloc_failed; +#endif + TRUNNEL_DYNARRAY_ADD(struct link_specifier_st *, &inp->nspecs, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +struct link_specifier_st * * +hs_cell_introduce_encrypted_getarray_nspecs(hs_cell_introduce_encrypted_t *inp) +{ + return inp->nspecs.elts_; +} +const struct link_specifier_st * const * +hs_cell_introduce_encrypted_getconstarray_nspecs(const hs_cell_introduce_encrypted_t *inp) +{ + return (const struct link_specifier_st * const *)hs_cell_introduce_encrypted_getarray_nspecs((hs_cell_introduce_encrypted_t*)inp); +} +int +hs_cell_introduce_encrypted_setlen_nspecs(hs_cell_introduce_encrypted_t *inp, size_t newlen) +{ + struct link_specifier_st * *newptr; +#if UINT8_MAX < SIZE_MAX + if (newlen > UINT8_MAX) + goto trunnel_alloc_failed; +#endif + newptr = trunnel_dynarray_setlen(&inp->nspecs.allocated_, + &inp->nspecs.n_, inp->nspecs.elts_, newlen, + sizeof(inp->nspecs.elts_[0]), (trunnel_free_fn_t) link_specifier_free, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->nspecs.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +size_t +hs_cell_introduce_encrypted_getlen_pad(const hs_cell_introduce_encrypted_t *inp) +{ + return TRUNNEL_DYNARRAY_LEN(&inp->pad); +} + +uint8_t +hs_cell_introduce_encrypted_get_pad(hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return TRUNNEL_DYNARRAY_GET(&inp->pad, idx); +} + +uint8_t +hs_cell_introduce_encrypted_getconst_pad(const hs_cell_introduce_encrypted_t *inp, size_t idx) +{ + return hs_cell_introduce_encrypted_get_pad((hs_cell_introduce_encrypted_t*)inp, idx); +} +int +hs_cell_introduce_encrypted_set_pad(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt) +{ + TRUNNEL_DYNARRAY_SET(&inp->pad, idx, elt); + return 0; +} +int +hs_cell_introduce_encrypted_add_pad(hs_cell_introduce_encrypted_t *inp, uint8_t elt) +{ + TRUNNEL_DYNARRAY_ADD(uint8_t, &inp->pad, elt, {}); + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} + +uint8_t * +hs_cell_introduce_encrypted_getarray_pad(hs_cell_introduce_encrypted_t *inp) +{ + return inp->pad.elts_; +} +const uint8_t * +hs_cell_introduce_encrypted_getconstarray_pad(const hs_cell_introduce_encrypted_t *inp) +{ + return (const uint8_t *)hs_cell_introduce_encrypted_getarray_pad((hs_cell_introduce_encrypted_t*)inp); +} +int +hs_cell_introduce_encrypted_setlen_pad(hs_cell_introduce_encrypted_t *inp, size_t newlen) +{ + uint8_t *newptr; + newptr = trunnel_dynarray_setlen(&inp->pad.allocated_, + &inp->pad.n_, inp->pad.elts_, newlen, + sizeof(inp->pad.elts_[0]), (trunnel_free_fn_t) NULL, + &inp->trunnel_error_code_); + if (newlen != 0 && newptr == NULL) + goto trunnel_alloc_failed; + inp->pad.elts_ = newptr; + return 0; + trunnel_alloc_failed: + TRUNNEL_SET_ERROR_CODE(inp); + return -1; +} +const char * +hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + { + const char *msg; + if (NULL != (msg = cell_extension_check(obj->extensions))) + return msg; + } + if (! (obj->onion_key_type == 1)) + return "Integer out of bounds"; + if (TRUNNEL_DYNARRAY_LEN(&obj->onion_key) != obj->onion_key_len) + return "Length mismatch for onion_key"; + { + const char *msg; + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->nspecs); ++idx) { + if (NULL != (msg = link_specifier_check(TRUNNEL_DYNARRAY_GET(&obj->nspecs, idx)))) + return msg; + } + } + if (TRUNNEL_DYNARRAY_LEN(&obj->nspecs) != obj->nspec) + return "Length mismatch for nspecs"; + return NULL; +} + +ssize_t +hs_cell_introduce_encrypted_encoded_len(const hs_cell_introduce_encrypted_t *obj) +{ + ssize_t result = 0; + + if (NULL != hs_cell_introduce_encrypted_check(obj)) + return -1; + + + /* Length of u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN] */ + result += TRUNNEL_REND_COOKIE_LEN; + + /* Length of struct cell_extension extensions */ + result += cell_extension_encoded_len(obj->extensions); + + /* Length of u8 onion_key_type IN [1] */ + result += 1; + + /* Length of u16 onion_key_len */ + result += 2; + + /* Length of u8 onion_key[onion_key_len] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->onion_key); + + /* Length of u8 nspec */ + result += 1; + + /* Length of struct link_specifier nspecs[nspec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->nspecs); ++idx) { + result += link_specifier_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->nspecs, idx)); + } + } + + /* Length of u8 pad[] */ + result += TRUNNEL_DYNARRAY_LEN(&obj->pad); + return result; +} +int +hs_cell_introduce_encrypted_clear_errors(hs_cell_introduce_encrypted_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +hs_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const hs_cell_introduce_encrypted_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = hs_cell_introduce_encrypted_encoded_len(obj); +#endif + + if (NULL != (msg = hs_cell_introduce_encrypted_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN] */ + trunnel_assert(written <= avail); + if (avail - written < TRUNNEL_REND_COOKIE_LEN) + goto truncated; + memcpy(ptr, obj->rend_cookie, TRUNNEL_REND_COOKIE_LEN); + written += TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; + + /* Encode struct cell_extension extensions */ + trunnel_assert(written <= avail); + result = cell_extension_encode(ptr, avail - written, obj->extensions); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + + /* Encode u8 onion_key_type IN [1] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->onion_key_type)); + written += 1; ptr += 1; + + /* Encode u16 onion_key_len */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->onion_key_len)); + written += 2; ptr += 2; + + /* Encode u8 onion_key[onion_key_len] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->onion_key); + trunnel_assert(obj->onion_key_len == elt_len); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->onion_key.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + /* Encode u8 nspec */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->nspec)); + written += 1; ptr += 1; + + /* Encode struct link_specifier nspecs[nspec] */ + { + + unsigned idx; + for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->nspecs); ++idx) { + trunnel_assert(written <= avail); + result = link_specifier_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->nspecs, idx)); + if (result < 0) + goto fail; /* XXXXXXX !*/ + written += result; ptr += result; + } + } + + /* Encode u8 pad[] */ + { + size_t elt_len = TRUNNEL_DYNARRAY_LEN(&obj->pad); + trunnel_assert(written <= avail); + if (avail - written < elt_len) + goto truncated; + if (elt_len) + memcpy(ptr, obj->pad.elts_, elt_len); + written += elt_len; ptr += elt_len; + } + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As hs_cell_introduce_encrypted_parse(), but do not allocate the + * output object. + */ +static ssize_t +hs_cell_introduce_encrypted_parse_into(hs_cell_introduce_encrypted_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN] */ + CHECK_REMAINING(TRUNNEL_REND_COOKIE_LEN, truncated); + memcpy(obj->rend_cookie, ptr, TRUNNEL_REND_COOKIE_LEN); + remaining -= TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; + + /* Parse struct cell_extension extensions */ + result = cell_extension_parse(&obj->extensions, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + + /* Parse u8 onion_key_type IN [1] */ + CHECK_REMAINING(1, truncated); + obj->onion_key_type = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->onion_key_type == 1)) + goto fail; + + /* Parse u16 onion_key_len */ + CHECK_REMAINING(2, truncated); + obj->onion_key_len = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u8 onion_key[onion_key_len] */ + CHECK_REMAINING(obj->onion_key_len, truncated); + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->onion_key, obj->onion_key_len, {}); + obj->onion_key.n_ = obj->onion_key_len; + if (obj->onion_key_len) + memcpy(obj->onion_key.elts_, ptr, obj->onion_key_len); + ptr += obj->onion_key_len; remaining -= obj->onion_key_len; + + /* Parse u8 nspec */ + CHECK_REMAINING(1, truncated); + obj->nspec = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + + /* Parse struct link_specifier nspecs[nspec] */ + TRUNNEL_DYNARRAY_EXPAND(link_specifier_t *, &obj->nspecs, obj->nspec, {}); + { + link_specifier_t * elt; + unsigned idx; + for (idx = 0; idx < obj->nspec; ++idx) { + result = link_specifier_parse(&elt, ptr, remaining); + if (result < 0) + goto relay_fail; + trunnel_assert((size_t)result <= remaining); + remaining -= result; ptr += result; + TRUNNEL_DYNARRAY_ADD(link_specifier_t *, &obj->nspecs, elt, {link_specifier_free(elt);}); + } + } + + /* Parse u8 pad[] */ + TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->pad, remaining, {}); + obj->pad.n_ = remaining; + if (remaining) + memcpy(obj->pad.elts_, ptr, remaining); + ptr += remaining; remaining -= remaining; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + relay_fail: + trunnel_assert(result < 0); + return result; + trunnel_alloc_failed: + return -1; + fail: + result = -1; + return result; +} + +ssize_t +hs_cell_introduce_encrypted_parse(hs_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = hs_cell_introduce_encrypted_new(); + if (NULL == *output) + return -1; + result = hs_cell_introduce_encrypted_parse_into(*output, input, len_in); + if (result < 0) { + hs_cell_introduce_encrypted_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h new file mode 100644 index 0000000000..ccd2cda904 --- /dev/null +++ b/src/trunnel/hs/cell_introduce1.h @@ -0,0 +1,493 @@ +/* cell_introduce1.h -- generated by by Trunnel v1.5.1. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_CELL_INTRODUCE1_H +#define TRUNNEL_CELL_INTRODUCE1_H + +#include <stdint.h> +#include "trunnel.h" + +struct cell_extension_st; +struct link_specifier_st; +#define TRUNNEL_SHA1_LEN 20 +#define TRUNNEL_REND_COOKIE_LEN 20 +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE1) +struct hs_cell_introduce1_st { + uint8_t legacy_key_id[TRUNNEL_SHA1_LEN]; + uint8_t auth_key_type; + uint16_t auth_key_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; + struct cell_extension_st *extensions; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) encrypted; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct hs_cell_introduce1_st hs_cell_introduce1_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE_ACK) +struct hs_cell_introduce_ack_st { + uint16_t status; + struct cell_extension_st *extensions; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct hs_cell_introduce_ack_st hs_cell_introduce_ack_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_HS_CELL_INTRODUCE_ENCRYPTED) +struct hs_cell_introduce_encrypted_st { + uint8_t rend_cookie[TRUNNEL_REND_COOKIE_LEN]; + struct cell_extension_st *extensions; + uint8_t onion_key_type; + uint16_t onion_key_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) onion_key; + uint8_t nspec; + TRUNNEL_DYNARRAY_HEAD(, struct link_specifier_st *) nspecs; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) pad; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct hs_cell_introduce_encrypted_st hs_cell_introduce_encrypted_t; +/** Return a newly allocated hs_cell_introduce1 with all elements set + * to zero. + */ +hs_cell_introduce1_t *hs_cell_introduce1_new(void); +/** Release all storage held by the hs_cell_introduce1 in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void hs_cell_introduce1_free(hs_cell_introduce1_t *victim); +/** Try to parse a hs_cell_introduce1 from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated hs_cell_introduce1_t. On failure, return -2 if the input + * appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t hs_cell_introduce1_parse(hs_cell_introduce1_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * hs_cell_introduce1 in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t hs_cell_introduce1_encoded_len(const hs_cell_introduce1_t *obj); +/** Try to encode the hs_cell_introduce1 from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t hs_cell_introduce1_encode(uint8_t *output, size_t avail, const hs_cell_introduce1_t *input); +/** Check whether the internal state of the hs_cell_introduce1 in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *hs_cell_introduce1_check(const hs_cell_introduce1_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int hs_cell_introduce1_clear_errors(hs_cell_introduce1_t *obj); +/** Return the (constant) length of the array holding the + * legacy_key_id field of the hs_cell_introduce1_t in 'inp'. + */ +size_t hs_cell_introduce1_getlen_legacy_key_id(const hs_cell_introduce1_t *inp); +/** Return the element at position 'idx' of the fixed array field + * legacy_key_id of the hs_cell_introduce1_t in 'inp'. + */ +uint8_t hs_cell_introduce1_get_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx); +/** As hs_cell_introduce1_get_legacy_key_id, but take and return a + * const pointer + */ +uint8_t hs_cell_introduce1_getconst_legacy_key_id(const hs_cell_introduce1_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * legacy_key_id of the hs_cell_introduce1_t in 'inp', so that it will + * hold the value 'elt'. + */ +int hs_cell_introduce1_set_legacy_key_id(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the TRUNNEL_SHA1_LEN-element array field + * legacy_key_id of 'inp'. + */ +uint8_t * hs_cell_introduce1_getarray_legacy_key_id(hs_cell_introduce1_t *inp); +/** As hs_cell_introduce1_get_legacy_key_id, but take and return a + * const pointer + */ +const uint8_t * hs_cell_introduce1_getconstarray_legacy_key_id(const hs_cell_introduce1_t *inp); +/** Return the value of the auth_key_type field of the + * hs_cell_introduce1_t in 'inp' + */ +uint8_t hs_cell_introduce1_get_auth_key_type(const hs_cell_introduce1_t *inp); +/** Set the value of the auth_key_type field of the + * hs_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce1_set_auth_key_type(hs_cell_introduce1_t *inp, uint8_t val); +/** Return the value of the auth_key_len field of the + * hs_cell_introduce1_t in 'inp' + */ +uint16_t hs_cell_introduce1_get_auth_key_len(const hs_cell_introduce1_t *inp); +/** Set the value of the auth_key_len field of the + * hs_cell_introduce1_t in 'inp' to 'val'. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce1_set_auth_key_len(hs_cell_introduce1_t *inp, uint16_t val); +/** Return the length of the dynamic array holding the auth_key field + * of the hs_cell_introduce1_t in 'inp'. + */ +size_t hs_cell_introduce1_getlen_auth_key(const hs_cell_introduce1_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * auth_key of the hs_cell_introduce1_t in 'inp'. + */ +uint8_t hs_cell_introduce1_get_auth_key(hs_cell_introduce1_t *inp, size_t idx); +/** As hs_cell_introduce1_get_auth_key, but take and return a const + * pointer + */ +uint8_t hs_cell_introduce1_getconst_auth_key(const hs_cell_introduce1_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * auth_key of the hs_cell_introduce1_t in 'inp', so that it will hold + * the value 'elt'. + */ +int hs_cell_introduce1_set_auth_key(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field auth_key of + * the hs_cell_introduce1_t in 'inp'. + */ +int hs_cell_introduce1_add_auth_key(hs_cell_introduce1_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field auth_key of + * 'inp'. + */ +uint8_t * hs_cell_introduce1_getarray_auth_key(hs_cell_introduce1_t *inp); +/** As hs_cell_introduce1_get_auth_key, but take and return a const + * pointer + */ +const uint8_t * hs_cell_introduce1_getconstarray_auth_key(const hs_cell_introduce1_t *inp); +/** Change the length of the variable-length array field auth_key of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce1_setlen_auth_key(hs_cell_introduce1_t *inp, size_t newlen); +/** Return the value of the extensions field of the + * hs_cell_introduce1_t in 'inp' + */ +struct cell_extension_st * hs_cell_introduce1_get_extensions(hs_cell_introduce1_t *inp); +/** As hs_cell_introduce1_get_extensions, but take and return a const + * pointer + */ +const struct cell_extension_st * hs_cell_introduce1_getconst_extensions(const hs_cell_introduce1_t *inp); +/** Set the value of the extensions field of the hs_cell_introduce1_t + * in 'inp' to 'val'. Free the old value if any. Steals the + * referenceto 'val'.Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int hs_cell_introduce1_set_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val); +/** As hs_cell_introduce1_set_extensions, but does not free the + * previous value. + */ +int hs_cell_introduce1_set0_extensions(hs_cell_introduce1_t *inp, struct cell_extension_st *val); +/** Return the length of the dynamic array holding the encrypted field + * of the hs_cell_introduce1_t in 'inp'. + */ +size_t hs_cell_introduce1_getlen_encrypted(const hs_cell_introduce1_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * encrypted of the hs_cell_introduce1_t in 'inp'. + */ +uint8_t hs_cell_introduce1_get_encrypted(hs_cell_introduce1_t *inp, size_t idx); +/** As hs_cell_introduce1_get_encrypted, but take and return a const + * pointer + */ +uint8_t hs_cell_introduce1_getconst_encrypted(const hs_cell_introduce1_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * encrypted of the hs_cell_introduce1_t in 'inp', so that it will + * hold the value 'elt'. + */ +int hs_cell_introduce1_set_encrypted(hs_cell_introduce1_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field encrypted of + * the hs_cell_introduce1_t in 'inp'. + */ +int hs_cell_introduce1_add_encrypted(hs_cell_introduce1_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field encrypted of + * 'inp'. + */ +uint8_t * hs_cell_introduce1_getarray_encrypted(hs_cell_introduce1_t *inp); +/** As hs_cell_introduce1_get_encrypted, but take and return a const + * pointer + */ +const uint8_t * hs_cell_introduce1_getconstarray_encrypted(const hs_cell_introduce1_t *inp); +/** Change the length of the variable-length array field encrypted of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce1_setlen_encrypted(hs_cell_introduce1_t *inp, size_t newlen); +/** Return a newly allocated hs_cell_introduce_ack with all elements + * set to zero. + */ +hs_cell_introduce_ack_t *hs_cell_introduce_ack_new(void); +/** Release all storage held by the hs_cell_introduce_ack in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void hs_cell_introduce_ack_free(hs_cell_introduce_ack_t *victim); +/** Try to parse a hs_cell_introduce_ack from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated hs_cell_introduce_ack_t. On failure, return -2 if the + * input appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t hs_cell_introduce_ack_parse(hs_cell_introduce_ack_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * hs_cell_introduce_ack in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t hs_cell_introduce_ack_encoded_len(const hs_cell_introduce_ack_t *obj); +/** Try to encode the hs_cell_introduce_ack from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t hs_cell_introduce_ack_encode(uint8_t *output, size_t avail, const hs_cell_introduce_ack_t *input); +/** Check whether the internal state of the hs_cell_introduce_ack in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *hs_cell_introduce_ack_check(const hs_cell_introduce_ack_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int hs_cell_introduce_ack_clear_errors(hs_cell_introduce_ack_t *obj); +/** Return the value of the status field of the + * hs_cell_introduce_ack_t in 'inp' + */ +uint16_t hs_cell_introduce_ack_get_status(const hs_cell_introduce_ack_t *inp); +/** Set the value of the status field of the hs_cell_introduce_ack_t + * in 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int hs_cell_introduce_ack_set_status(hs_cell_introduce_ack_t *inp, uint16_t val); +/** Return the value of the extensions field of the + * hs_cell_introduce_ack_t in 'inp' + */ +struct cell_extension_st * hs_cell_introduce_ack_get_extensions(hs_cell_introduce_ack_t *inp); +/** As hs_cell_introduce_ack_get_extensions, but take and return a + * const pointer + */ +const struct cell_extension_st * hs_cell_introduce_ack_getconst_extensions(const hs_cell_introduce_ack_t *inp); +/** Set the value of the extensions field of the + * hs_cell_introduce_ack_t in 'inp' to 'val'. Free the old value if + * any. Steals the referenceto 'val'.Return 0 on success; return -1 + * and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_ack_set_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val); +/** As hs_cell_introduce_ack_set_extensions, but does not free the + * previous value. + */ +int hs_cell_introduce_ack_set0_extensions(hs_cell_introduce_ack_t *inp, struct cell_extension_st *val); +/** Return a newly allocated hs_cell_introduce_encrypted with all + * elements set to zero. + */ +hs_cell_introduce_encrypted_t *hs_cell_introduce_encrypted_new(void); +/** Release all storage held by the hs_cell_introduce_encrypted in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void hs_cell_introduce_encrypted_free(hs_cell_introduce_encrypted_t *victim); +/** Try to parse a hs_cell_introduce_encrypted from the buffer in + * 'input', using up to 'len_in' bytes from the input buffer. On + * success, return the number of bytes consumed and set *output to the + * newly allocated hs_cell_introduce_encrypted_t. On failure, return + * -2 if the input appears truncated, and -1 if the input is otherwise + * invalid. + */ +ssize_t hs_cell_introduce_encrypted_parse(hs_cell_introduce_encrypted_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * hs_cell_introduce_encrypted in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t hs_cell_introduce_encrypted_encoded_len(const hs_cell_introduce_encrypted_t *obj); +/** Try to encode the hs_cell_introduce_encrypted from 'input' into + * the buffer at 'output', using up to 'avail' bytes of the output + * buffer. On success, return the number of bytes used. On failure, + * return -2 if the buffer was not long enough, and -1 if the input + * was invalid. + */ +ssize_t hs_cell_introduce_encrypted_encode(uint8_t *output, size_t avail, const hs_cell_introduce_encrypted_t *input); +/** Check whether the internal state of the + * hs_cell_introduce_encrypted in 'obj' is consistent. Return NULL if + * it is, and a short message if it is not. + */ +const char *hs_cell_introduce_encrypted_check(const hs_cell_introduce_encrypted_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int hs_cell_introduce_encrypted_clear_errors(hs_cell_introduce_encrypted_t *obj); +/** Return the (constant) length of the array holding the rend_cookie + * field of the hs_cell_introduce_encrypted_t in 'inp'. + */ +size_t hs_cell_introduce_encrypted_getlen_rend_cookie(const hs_cell_introduce_encrypted_t *inp); +/** Return the element at position 'idx' of the fixed array field + * rend_cookie of the hs_cell_introduce_encrypted_t in 'inp'. + */ +uint8_t hs_cell_introduce_encrypted_get_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx); +/** As hs_cell_introduce_encrypted_get_rend_cookie, but take and + * return a const pointer + */ +uint8_t hs_cell_introduce_encrypted_getconst_rend_cookie(const hs_cell_introduce_encrypted_t *inp, size_t idx); +/** Change the element at position 'idx' of the fixed array field + * rend_cookie of the hs_cell_introduce_encrypted_t in 'inp', so that + * it will hold the value 'elt'. + */ +int hs_cell_introduce_encrypted_set_rend_cookie(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +/** Return a pointer to the TRUNNEL_REND_COOKIE_LEN-element array + * field rend_cookie of 'inp'. + */ +uint8_t * hs_cell_introduce_encrypted_getarray_rend_cookie(hs_cell_introduce_encrypted_t *inp); +/** As hs_cell_introduce_encrypted_get_rend_cookie, but take and + * return a const pointer + */ +const uint8_t * hs_cell_introduce_encrypted_getconstarray_rend_cookie(const hs_cell_introduce_encrypted_t *inp); +/** Return the value of the extensions field of the + * hs_cell_introduce_encrypted_t in 'inp' + */ +struct cell_extension_st * hs_cell_introduce_encrypted_get_extensions(hs_cell_introduce_encrypted_t *inp); +/** As hs_cell_introduce_encrypted_get_extensions, but take and return + * a const pointer + */ +const struct cell_extension_st * hs_cell_introduce_encrypted_getconst_extensions(const hs_cell_introduce_encrypted_t *inp); +/** Set the value of the extensions field of the + * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Free the old value + * if any. Steals the referenceto 'val'.Return 0 on success; return -1 + * and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_set_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val); +/** As hs_cell_introduce_encrypted_set_extensions, but does not free + * the previous value. + */ +int hs_cell_introduce_encrypted_set0_extensions(hs_cell_introduce_encrypted_t *inp, struct cell_extension_st *val); +/** Return the value of the onion_key_type field of the + * hs_cell_introduce_encrypted_t in 'inp' + */ +uint8_t hs_cell_introduce_encrypted_get_onion_key_type(const hs_cell_introduce_encrypted_t *inp); +/** Set the value of the onion_key_type field of the + * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * success; return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_set_onion_key_type(hs_cell_introduce_encrypted_t *inp, uint8_t val); +/** Return the value of the onion_key_len field of the + * hs_cell_introduce_encrypted_t in 'inp' + */ +uint16_t hs_cell_introduce_encrypted_get_onion_key_len(const hs_cell_introduce_encrypted_t *inp); +/** Set the value of the onion_key_len field of the + * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * success; return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_set_onion_key_len(hs_cell_introduce_encrypted_t *inp, uint16_t val); +/** Return the length of the dynamic array holding the onion_key field + * of the hs_cell_introduce_encrypted_t in 'inp'. + */ +size_t hs_cell_introduce_encrypted_getlen_onion_key(const hs_cell_introduce_encrypted_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * onion_key of the hs_cell_introduce_encrypted_t in 'inp'. + */ +uint8_t hs_cell_introduce_encrypted_get_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx); +/** As hs_cell_introduce_encrypted_get_onion_key, but take and return + * a const pointer + */ +uint8_t hs_cell_introduce_encrypted_getconst_onion_key(const hs_cell_introduce_encrypted_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * onion_key of the hs_cell_introduce_encrypted_t in 'inp', so that it + * will hold the value 'elt'. + */ +int hs_cell_introduce_encrypted_set_onion_key(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field onion_key of + * the hs_cell_introduce_encrypted_t in 'inp'. + */ +int hs_cell_introduce_encrypted_add_onion_key(hs_cell_introduce_encrypted_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field onion_key of + * 'inp'. + */ +uint8_t * hs_cell_introduce_encrypted_getarray_onion_key(hs_cell_introduce_encrypted_t *inp); +/** As hs_cell_introduce_encrypted_get_onion_key, but take and return + * a const pointer + */ +const uint8_t * hs_cell_introduce_encrypted_getconstarray_onion_key(const hs_cell_introduce_encrypted_t *inp); +/** Change the length of the variable-length array field onion_key of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_setlen_onion_key(hs_cell_introduce_encrypted_t *inp, size_t newlen); +/** Return the value of the nspec field of the + * hs_cell_introduce_encrypted_t in 'inp' + */ +uint8_t hs_cell_introduce_encrypted_get_nspec(const hs_cell_introduce_encrypted_t *inp); +/** Set the value of the nspec field of the + * hs_cell_introduce_encrypted_t in 'inp' to 'val'. Return 0 on + * success; return -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_set_nspec(hs_cell_introduce_encrypted_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the nspecs field of + * the hs_cell_introduce_encrypted_t in 'inp'. + */ +size_t hs_cell_introduce_encrypted_getlen_nspecs(const hs_cell_introduce_encrypted_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * nspecs of the hs_cell_introduce_encrypted_t in 'inp'. + */ +struct link_specifier_st * hs_cell_introduce_encrypted_get_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx); +/** As hs_cell_introduce_encrypted_get_nspecs, but take and return a + * const pointer + */ + const struct link_specifier_st * hs_cell_introduce_encrypted_getconst_nspecs(const hs_cell_introduce_encrypted_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * nspecs of the hs_cell_introduce_encrypted_t in 'inp', so that it + * will hold the value 'elt'. Free the previous value, if any. + */ +int hs_cell_introduce_encrypted_set_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); +/** As hs_cell_introduce_encrypted_set_nspecs, but does not free the + * previous value. + */ +int hs_cell_introduce_encrypted_set0_nspecs(hs_cell_introduce_encrypted_t *inp, size_t idx, struct link_specifier_st * elt); +/** Append a new element 'elt' to the dynamic array field nspecs of + * the hs_cell_introduce_encrypted_t in 'inp'. + */ +int hs_cell_introduce_encrypted_add_nspecs(hs_cell_introduce_encrypted_t *inp, struct link_specifier_st * elt); +/** Return a pointer to the variable-length array field nspecs of + * 'inp'. + */ +struct link_specifier_st * * hs_cell_introduce_encrypted_getarray_nspecs(hs_cell_introduce_encrypted_t *inp); +/** As hs_cell_introduce_encrypted_get_nspecs, but take and return a + * const pointer + */ +const struct link_specifier_st * const * hs_cell_introduce_encrypted_getconstarray_nspecs(const hs_cell_introduce_encrypted_t *inp); +/** Change the length of the variable-length array field nspecs of + * 'inp' to 'newlen'.Fill extra elements with NULL; free removed + * elements. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int hs_cell_introduce_encrypted_setlen_nspecs(hs_cell_introduce_encrypted_t *inp, size_t newlen); +/** Return the length of the dynamic array holding the pad field of + * the hs_cell_introduce_encrypted_t in 'inp'. + */ +size_t hs_cell_introduce_encrypted_getlen_pad(const hs_cell_introduce_encrypted_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * pad of the hs_cell_introduce_encrypted_t in 'inp'. + */ +uint8_t hs_cell_introduce_encrypted_get_pad(hs_cell_introduce_encrypted_t *inp, size_t idx); +/** As hs_cell_introduce_encrypted_get_pad, but take and return a + * const pointer + */ +uint8_t hs_cell_introduce_encrypted_getconst_pad(const hs_cell_introduce_encrypted_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * pad of the hs_cell_introduce_encrypted_t in 'inp', so that it will + * hold the value 'elt'. + */ +int hs_cell_introduce_encrypted_set_pad(hs_cell_introduce_encrypted_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field pad of the + * hs_cell_introduce_encrypted_t in 'inp'. + */ +int hs_cell_introduce_encrypted_add_pad(hs_cell_introduce_encrypted_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field pad of 'inp'. + */ +uint8_t * hs_cell_introduce_encrypted_getarray_pad(hs_cell_introduce_encrypted_t *inp); +/** As hs_cell_introduce_encrypted_get_pad, but take and return a + * const pointer + */ +const uint8_t * hs_cell_introduce_encrypted_getconstarray_pad(const hs_cell_introduce_encrypted_t *inp); +/** Change the length of the variable-length array field pad of 'inp' + * to 'newlen'.Fill extra elements with 0. Return 0 on success; return + * -1 and set the error code on 'inp' on failure. + */ +int hs_cell_introduce_encrypted_setlen_pad(hs_cell_introduce_encrypted_t *inp, size_t newlen); + + +#endif diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel new file mode 100644 index 0000000000..f7776879cd --- /dev/null +++ b/src/trunnel/hs/cell_introduce1.trunnel @@ -0,0 +1,60 @@ +/* + * This contains the definition of the INTRODUCE1 and INTRODUCE_ACK cell for + * onion service version 3 and onward. The following format is specified in + * proposal 224 section 3.2. + */ + +/* From cell_common.trunnel. */ +extern struct cell_extension; +/* From ed25519_cert.trunnel. */ +extern struct link_specifier; + +const TRUNNEL_SHA1_LEN = 20; +const TRUNNEL_REND_COOKIE_LEN = 20; + +/* INTRODUCE1 payload. See details in section 3.2.1. */ +struct hs_cell_introduce1 { + /* Always zeroed. MUST be checked explicitely by the caller. */ + u8 legacy_key_id[TRUNNEL_SHA1_LEN]; + + /* Authentication key material. */ + u8 auth_key_type IN [0x00, 0x01, 0x02]; + u16 auth_key_len; + u8 auth_key[auth_key_len]; + + /* Extension(s). Reserved fields. */ + struct cell_extension extensions; + + /* Variable length, up to the end of cell. */ + u8 encrypted[]; +}; + +/* INTRODUCE_ACK payload. See details in section 3.2.2. */ +struct hs_cell_introduce_ack { + /* Status of introduction. */ + u16 status IN [0x0000, 0x0001, 0x0002]; + + /* Extension(s). Reserved fields. */ + struct cell_extension extensions; +}; + +/* Encrypted section of the INTRODUCE1/INTRODUCE2 cell. */ +struct hs_cell_introduce_encrypted { + /* Rendezvous cookie. */ + u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN]; + + /* Extension(s). Reserved fields. */ + struct cell_extension extensions; + + /* Onion key material. */ + u8 onion_key_type IN [0x01]; + u16 onion_key_len; + u8 onion_key[onion_key_len]; + + /* Link specifiers(s) */ + u8 nspec; + struct link_specifier nspecs[nspec]; + + /* Optional padding. This might be empty or not. */ + u8 pad[]; +}; diff --git a/src/trunnel/include.am b/src/trunnel/include.am index b1448b7cb2..9b26d58615 100644 --- a/src/trunnel/include.am +++ b/src/trunnel/include.am @@ -1,4 +1,3 @@ - noinst_LIBRARIES += \ src/trunnel/libor-trunnel.a @@ -18,15 +17,21 @@ TRUNNELSOURCES = \ src/ext/trunnel/trunnel.c \ src/trunnel/ed25519_cert.c \ src/trunnel/link_handshake.c \ - src/trunnel/pwbox.c + src/trunnel/pwbox.c \ + src/trunnel/hs/cell_common.c \ + src/trunnel/hs/cell_establish_intro.c \ + src/trunnel/hs/cell_introduce1.c TRUNNELHEADERS = \ src/ext/trunnel/trunnel.h \ src/ext/trunnel/trunnel-impl.h \ - src/trunnel/trunnel-local.h \ + src/trunnel/trunnel-local.h \ src/trunnel/ed25519_cert.h \ - src/trunnel/link_handshake.h \ - src/trunnel/pwbox.h + src/trunnel/link_handshake.h \ + src/trunnel/pwbox.h \ + src/trunnel/hs/cell_common.h \ + src/trunnel/hs/cell_establish_intro.h \ + src/trunnel/hs/cell_introduce1.h src_trunnel_libor_trunnel_a_SOURCES = $(TRUNNELSOURCES) src_trunnel_libor_trunnel_a_CPPFLAGS = -DTRUNNEL_LOCAL_H $(AM_CPPFLAGS) diff --git a/src/trunnel/link_handshake.c b/src/trunnel/link_handshake.c index c2717f36bf..887f710d9c 100644 --- a/src/trunnel/link_handshake.c +++ b/src/trunnel/link_handshake.c @@ -1,4 +1,4 @@ -/* link_handshake.c -- generated by Trunnel v1.4.6. +/* link_handshake.c -- generated by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -64,12 +64,17 @@ auth_challenge_cell_getlen_challenge(const auth_challenge_cell_t *inp) } uint8_t -auth_challenge_cell_get_challenge(const auth_challenge_cell_t *inp, size_t idx) +auth_challenge_cell_get_challenge(auth_challenge_cell_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->challenge[idx]; } +uint8_t +auth_challenge_cell_getconst_challenge(const auth_challenge_cell_t *inp, size_t idx) +{ + return auth_challenge_cell_get_challenge((auth_challenge_cell_t*)inp, idx); +} int auth_challenge_cell_set_challenge(auth_challenge_cell_t *inp, size_t idx, uint8_t elt) { @@ -83,8 +88,13 @@ auth_challenge_cell_getarray_challenge(auth_challenge_cell_t *inp) { return inp->challenge; } +const uint8_t * +auth_challenge_cell_getconstarray_challenge(const auth_challenge_cell_t *inp) +{ + return (const uint8_t *)auth_challenge_cell_getarray_challenge((auth_challenge_cell_t*)inp); +} uint16_t -auth_challenge_cell_get_n_methods(auth_challenge_cell_t *inp) +auth_challenge_cell_get_n_methods(const auth_challenge_cell_t *inp) { return inp->n_methods; } @@ -106,6 +116,11 @@ auth_challenge_cell_get_methods(auth_challenge_cell_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->methods, idx); } +uint16_t +auth_challenge_cell_getconst_methods(const auth_challenge_cell_t *inp, size_t idx) +{ + return auth_challenge_cell_get_methods((auth_challenge_cell_t*)inp, idx); +} int auth_challenge_cell_set_methods(auth_challenge_cell_t *inp, size_t idx, uint16_t elt) { @@ -131,6 +146,11 @@ auth_challenge_cell_getarray_methods(auth_challenge_cell_t *inp) { return inp->methods.elts_; } +const uint16_t * +auth_challenge_cell_getconstarray_methods(const auth_challenge_cell_t *inp) +{ + return (const uint16_t *)auth_challenge_cell_getarray_methods((auth_challenge_cell_t*)inp); +} int auth_challenge_cell_setlen_methods(auth_challenge_cell_t *inp, size_t newlen) { @@ -342,7 +362,7 @@ auth_ctx_free(auth_ctx_t *obj) } uint8_t -auth_ctx_get_is_ed(auth_ctx_t *inp) +auth_ctx_get_is_ed(const auth_ctx_t *inp) { return inp->is_ed; } @@ -382,7 +402,7 @@ certs_cell_cert_free(certs_cell_cert_t *obj) } uint8_t -certs_cell_cert_get_cert_type(certs_cell_cert_t *inp) +certs_cell_cert_get_cert_type(const certs_cell_cert_t *inp) { return inp->cert_type; } @@ -393,7 +413,7 @@ certs_cell_cert_set_cert_type(certs_cell_cert_t *inp, uint8_t val) return 0; } uint16_t -certs_cell_cert_get_cert_len(certs_cell_cert_t *inp) +certs_cell_cert_get_cert_len(const certs_cell_cert_t *inp) { return inp->cert_len; } @@ -415,6 +435,11 @@ certs_cell_cert_get_body(certs_cell_cert_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->body, idx); } +uint8_t +certs_cell_cert_getconst_body(const certs_cell_cert_t *inp, size_t idx) +{ + return certs_cell_cert_get_body((certs_cell_cert_t*)inp, idx); +} int certs_cell_cert_set_body(certs_cell_cert_t *inp, size_t idx, uint8_t elt) { @@ -440,6 +465,11 @@ certs_cell_cert_getarray_body(certs_cell_cert_t *inp) { return inp->body.elts_; } +const uint8_t * +certs_cell_cert_getconstarray_body(const certs_cell_cert_t *inp) +{ + return (const uint8_t *)certs_cell_cert_getarray_body((certs_cell_cert_t*)inp); +} int certs_cell_cert_setlen_body(certs_cell_cert_t *inp, size_t newlen) { @@ -652,12 +682,17 @@ rsa_ed_crosscert_getlen_ed_key(const rsa_ed_crosscert_t *inp) } uint8_t -rsa_ed_crosscert_get_ed_key(const rsa_ed_crosscert_t *inp, size_t idx) +rsa_ed_crosscert_get_ed_key(rsa_ed_crosscert_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->ed_key[idx]; } +uint8_t +rsa_ed_crosscert_getconst_ed_key(const rsa_ed_crosscert_t *inp, size_t idx) +{ + return rsa_ed_crosscert_get_ed_key((rsa_ed_crosscert_t*)inp, idx); +} int rsa_ed_crosscert_set_ed_key(rsa_ed_crosscert_t *inp, size_t idx, uint8_t elt) { @@ -671,8 +706,13 @@ rsa_ed_crosscert_getarray_ed_key(rsa_ed_crosscert_t *inp) { return inp->ed_key; } +const uint8_t * +rsa_ed_crosscert_getconstarray_ed_key(const rsa_ed_crosscert_t *inp) +{ + return (const uint8_t *)rsa_ed_crosscert_getarray_ed_key((rsa_ed_crosscert_t*)inp); +} uint32_t -rsa_ed_crosscert_get_expiration(rsa_ed_crosscert_t *inp) +rsa_ed_crosscert_get_expiration(const rsa_ed_crosscert_t *inp) { return inp->expiration; } @@ -688,7 +728,7 @@ rsa_ed_crosscert_get_end_of_signed(const rsa_ed_crosscert_t *inp) return inp->end_of_signed; } uint8_t -rsa_ed_crosscert_get_sig_len(rsa_ed_crosscert_t *inp) +rsa_ed_crosscert_get_sig_len(const rsa_ed_crosscert_t *inp) { return inp->sig_len; } @@ -710,6 +750,11 @@ rsa_ed_crosscert_get_sig(rsa_ed_crosscert_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->sig, idx); } +uint8_t +rsa_ed_crosscert_getconst_sig(const rsa_ed_crosscert_t *inp, size_t idx) +{ + return rsa_ed_crosscert_get_sig((rsa_ed_crosscert_t*)inp, idx); +} int rsa_ed_crosscert_set_sig(rsa_ed_crosscert_t *inp, size_t idx, uint8_t elt) { @@ -735,6 +780,11 @@ rsa_ed_crosscert_getarray_sig(rsa_ed_crosscert_t *inp) { return inp->sig.elts_; } +const uint8_t * +rsa_ed_crosscert_getconstarray_sig(const rsa_ed_crosscert_t *inp) +{ + return (const uint8_t *)rsa_ed_crosscert_getarray_sig((rsa_ed_crosscert_t*)inp); +} int rsa_ed_crosscert_setlen_sig(rsa_ed_crosscert_t *inp, size_t newlen) { @@ -964,12 +1014,17 @@ auth1_getlen_type(const auth1_t *inp) } uint8_t -auth1_get_type(const auth1_t *inp, size_t idx) +auth1_get_type(auth1_t *inp, size_t idx) { trunnel_assert(idx < 8); return inp->type[idx]; } +uint8_t +auth1_getconst_type(const auth1_t *inp, size_t idx) +{ + return auth1_get_type((auth1_t*)inp, idx); +} int auth1_set_type(auth1_t *inp, size_t idx, uint8_t elt) { @@ -983,6 +1038,11 @@ auth1_getarray_type(auth1_t *inp) { return inp->type; } +const uint8_t * +auth1_getconstarray_type(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_type((auth1_t*)inp); +} size_t auth1_getlen_cid(const auth1_t *inp) { @@ -990,12 +1050,17 @@ auth1_getlen_cid(const auth1_t *inp) } uint8_t -auth1_get_cid(const auth1_t *inp, size_t idx) +auth1_get_cid(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->cid[idx]; } +uint8_t +auth1_getconst_cid(const auth1_t *inp, size_t idx) +{ + return auth1_get_cid((auth1_t*)inp, idx); +} int auth1_set_cid(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1009,6 +1074,11 @@ auth1_getarray_cid(auth1_t *inp) { return inp->cid; } +const uint8_t * +auth1_getconstarray_cid(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_cid((auth1_t*)inp); +} size_t auth1_getlen_sid(const auth1_t *inp) { @@ -1016,12 +1086,17 @@ auth1_getlen_sid(const auth1_t *inp) } uint8_t -auth1_get_sid(const auth1_t *inp, size_t idx) +auth1_get_sid(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->sid[idx]; } +uint8_t +auth1_getconst_sid(const auth1_t *inp, size_t idx) +{ + return auth1_get_sid((auth1_t*)inp, idx); +} int auth1_set_sid(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1035,6 +1110,11 @@ auth1_getarray_sid(auth1_t *inp) { return inp->sid; } +const uint8_t * +auth1_getconstarray_sid(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_sid((auth1_t*)inp); +} size_t auth1_getlen_u1_cid_ed(const auth1_t *inp) { @@ -1042,12 +1122,17 @@ auth1_getlen_u1_cid_ed(const auth1_t *inp) } uint8_t -auth1_get_u1_cid_ed(const auth1_t *inp, size_t idx) +auth1_get_u1_cid_ed(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->u1_cid_ed[idx]; } +uint8_t +auth1_getconst_u1_cid_ed(const auth1_t *inp, size_t idx) +{ + return auth1_get_u1_cid_ed((auth1_t*)inp, idx); +} int auth1_set_u1_cid_ed(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1061,6 +1146,11 @@ auth1_getarray_u1_cid_ed(auth1_t *inp) { return inp->u1_cid_ed; } +const uint8_t * +auth1_getconstarray_u1_cid_ed(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_u1_cid_ed((auth1_t*)inp); +} size_t auth1_getlen_u1_sid_ed(const auth1_t *inp) { @@ -1068,12 +1158,17 @@ auth1_getlen_u1_sid_ed(const auth1_t *inp) } uint8_t -auth1_get_u1_sid_ed(const auth1_t *inp, size_t idx) +auth1_get_u1_sid_ed(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->u1_sid_ed[idx]; } +uint8_t +auth1_getconst_u1_sid_ed(const auth1_t *inp, size_t idx) +{ + return auth1_get_u1_sid_ed((auth1_t*)inp, idx); +} int auth1_set_u1_sid_ed(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1087,6 +1182,11 @@ auth1_getarray_u1_sid_ed(auth1_t *inp) { return inp->u1_sid_ed; } +const uint8_t * +auth1_getconstarray_u1_sid_ed(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_u1_sid_ed((auth1_t*)inp); +} size_t auth1_getlen_slog(const auth1_t *inp) { @@ -1094,12 +1194,17 @@ auth1_getlen_slog(const auth1_t *inp) } uint8_t -auth1_get_slog(const auth1_t *inp, size_t idx) +auth1_get_slog(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->slog[idx]; } +uint8_t +auth1_getconst_slog(const auth1_t *inp, size_t idx) +{ + return auth1_get_slog((auth1_t*)inp, idx); +} int auth1_set_slog(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1113,6 +1218,11 @@ auth1_getarray_slog(auth1_t *inp) { return inp->slog; } +const uint8_t * +auth1_getconstarray_slog(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_slog((auth1_t*)inp); +} size_t auth1_getlen_clog(const auth1_t *inp) { @@ -1120,12 +1230,17 @@ auth1_getlen_clog(const auth1_t *inp) } uint8_t -auth1_get_clog(const auth1_t *inp, size_t idx) +auth1_get_clog(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->clog[idx]; } +uint8_t +auth1_getconst_clog(const auth1_t *inp, size_t idx) +{ + return auth1_get_clog((auth1_t*)inp, idx); +} int auth1_set_clog(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1139,6 +1254,11 @@ auth1_getarray_clog(auth1_t *inp) { return inp->clog; } +const uint8_t * +auth1_getconstarray_clog(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_clog((auth1_t*)inp); +} size_t auth1_getlen_scert(const auth1_t *inp) { @@ -1146,12 +1266,17 @@ auth1_getlen_scert(const auth1_t *inp) } uint8_t -auth1_get_scert(const auth1_t *inp, size_t idx) +auth1_get_scert(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->scert[idx]; } +uint8_t +auth1_getconst_scert(const auth1_t *inp, size_t idx) +{ + return auth1_get_scert((auth1_t*)inp, idx); +} int auth1_set_scert(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1165,6 +1290,11 @@ auth1_getarray_scert(auth1_t *inp) { return inp->scert; } +const uint8_t * +auth1_getconstarray_scert(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_scert((auth1_t*)inp); +} size_t auth1_getlen_tlssecrets(const auth1_t *inp) { @@ -1172,12 +1302,17 @@ auth1_getlen_tlssecrets(const auth1_t *inp) } uint8_t -auth1_get_tlssecrets(const auth1_t *inp, size_t idx) +auth1_get_tlssecrets(auth1_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->tlssecrets[idx]; } +uint8_t +auth1_getconst_tlssecrets(const auth1_t *inp, size_t idx) +{ + return auth1_get_tlssecrets((auth1_t*)inp, idx); +} int auth1_set_tlssecrets(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1191,6 +1326,11 @@ auth1_getarray_tlssecrets(auth1_t *inp) { return inp->tlssecrets; } +const uint8_t * +auth1_getconstarray_tlssecrets(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_tlssecrets((auth1_t*)inp); +} const uint8_t * auth1_get_end_of_fixed_part(const auth1_t *inp) { @@ -1203,12 +1343,17 @@ auth1_getlen_rand(const auth1_t *inp) } uint8_t -auth1_get_rand(const auth1_t *inp, size_t idx) +auth1_get_rand(auth1_t *inp, size_t idx) { trunnel_assert(idx < 24); return inp->rand[idx]; } +uint8_t +auth1_getconst_rand(const auth1_t *inp, size_t idx) +{ + return auth1_get_rand((auth1_t*)inp, idx); +} int auth1_set_rand(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1222,6 +1367,11 @@ auth1_getarray_rand(auth1_t *inp) { return inp->rand; } +const uint8_t * +auth1_getconstarray_rand(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_rand((auth1_t*)inp); +} const uint8_t * auth1_get_end_of_signed(const auth1_t *inp) { @@ -1239,6 +1389,11 @@ auth1_get_sig(auth1_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->sig, idx); } +uint8_t +auth1_getconst_sig(const auth1_t *inp, size_t idx) +{ + return auth1_get_sig((auth1_t*)inp, idx); +} int auth1_set_sig(auth1_t *inp, size_t idx, uint8_t elt) { @@ -1260,6 +1415,11 @@ auth1_getarray_sig(auth1_t *inp) { return inp->sig.elts_; } +const uint8_t * +auth1_getconstarray_sig(const auth1_t *inp) +{ + return (const uint8_t *)auth1_getarray_sig((auth1_t*)inp); +} int auth1_setlen_sig(auth1_t *inp, size_t newlen) { @@ -1647,7 +1807,7 @@ certs_cell_free(certs_cell_t *obj) } uint8_t -certs_cell_get_n_certs(certs_cell_t *inp) +certs_cell_get_n_certs(const certs_cell_t *inp) { return inp->n_certs; } @@ -1669,6 +1829,11 @@ certs_cell_get_certs(certs_cell_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->certs, idx); } + const struct certs_cell_cert_st * +certs_cell_getconst_certs(const certs_cell_t *inp, size_t idx) +{ + return certs_cell_get_certs((certs_cell_t*)inp, idx); +} int certs_cell_set_certs(certs_cell_t *inp, size_t idx, struct certs_cell_cert_st * elt) { @@ -1702,6 +1867,11 @@ certs_cell_getarray_certs(certs_cell_t *inp) { return inp->certs.elts_; } +const struct certs_cell_cert_st * const * +certs_cell_getconstarray_certs(const certs_cell_t *inp) +{ + return (const struct certs_cell_cert_st * const *)certs_cell_getarray_certs((certs_cell_t*)inp); +} int certs_cell_setlen_certs(certs_cell_t *inp, size_t newlen) { diff --git a/src/trunnel/link_handshake.h b/src/trunnel/link_handshake.h index 54611b96e8..418662631a 100644 --- a/src/trunnel/link_handshake.h +++ b/src/trunnel/link_handshake.h @@ -1,4 +1,4 @@ -/* link_handshake.h -- generated by by Trunnel v1.4.6. +/* link_handshake.h -- generated by by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -121,7 +121,11 @@ size_t auth_challenge_cell_getlen_challenge(const auth_challenge_cell_t *inp); /** Return the element at position 'idx' of the fixed array field * challenge of the auth_challenge_cell_t in 'inp'. */ -uint8_t auth_challenge_cell_get_challenge(const auth_challenge_cell_t *inp, size_t idx); +uint8_t auth_challenge_cell_get_challenge(auth_challenge_cell_t *inp, size_t idx); +/** As auth_challenge_cell_get_challenge, but take and return a const + * pointer + */ +uint8_t auth_challenge_cell_getconst_challenge(const auth_challenge_cell_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * challenge of the auth_challenge_cell_t in 'inp', so that it will * hold the value 'elt'. @@ -130,10 +134,14 @@ int auth_challenge_cell_set_challenge(auth_challenge_cell_t *inp, size_t idx, ui /** Return a pointer to the 32-element array field challenge of 'inp'. */ uint8_t * auth_challenge_cell_getarray_challenge(auth_challenge_cell_t *inp); +/** As auth_challenge_cell_get_challenge, but take and return a const + * pointer + */ +const uint8_t * auth_challenge_cell_getconstarray_challenge(const auth_challenge_cell_t *inp); /** Return the value of the n_methods field of the * auth_challenge_cell_t in 'inp' */ -uint16_t auth_challenge_cell_get_n_methods(auth_challenge_cell_t *inp); +uint16_t auth_challenge_cell_get_n_methods(const auth_challenge_cell_t *inp); /** Set the value of the n_methods field of the auth_challenge_cell_t * in 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -147,6 +155,10 @@ size_t auth_challenge_cell_getlen_methods(const auth_challenge_cell_t *inp); * methods of the auth_challenge_cell_t in 'inp'. */ uint16_t auth_challenge_cell_get_methods(auth_challenge_cell_t *inp, size_t idx); +/** As auth_challenge_cell_get_methods, but take and return a const + * pointer + */ +uint16_t auth_challenge_cell_getconst_methods(const auth_challenge_cell_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * methods of the auth_challenge_cell_t in 'inp', so that it will hold * the value 'elt'. @@ -160,6 +172,10 @@ int auth_challenge_cell_add_methods(auth_challenge_cell_t *inp, uint16_t elt); * 'inp'. */ uint16_t * auth_challenge_cell_getarray_methods(auth_challenge_cell_t *inp); +/** As auth_challenge_cell_get_methods, but take and return a const + * pointer + */ +const uint16_t * auth_challenge_cell_getconstarray_methods(const auth_challenge_cell_t *inp); /** Change the length of the variable-length array field methods of * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; * return -1 and set the error code on 'inp' on failure. @@ -174,7 +190,7 @@ auth_ctx_t *auth_ctx_new(void); void auth_ctx_free(auth_ctx_t *victim); /** Return the value of the is_ed field of the auth_ctx_t in 'inp' */ -uint8_t auth_ctx_get_is_ed(auth_ctx_t *inp); +uint8_t auth_ctx_get_is_ed(const auth_ctx_t *inp); /** Set the value of the is_ed field of the auth_ctx_t in 'inp' to * 'val'. Return 0 on success; return -1 and set the error code on * 'inp' on failure. @@ -219,7 +235,7 @@ int certs_cell_cert_clear_errors(certs_cell_cert_t *obj); /** Return the value of the cert_type field of the certs_cell_cert_t * in 'inp' */ -uint8_t certs_cell_cert_get_cert_type(certs_cell_cert_t *inp); +uint8_t certs_cell_cert_get_cert_type(const certs_cell_cert_t *inp); /** Set the value of the cert_type field of the certs_cell_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -228,7 +244,7 @@ int certs_cell_cert_set_cert_type(certs_cell_cert_t *inp, uint8_t val); /** Return the value of the cert_len field of the certs_cell_cert_t in * 'inp' */ -uint16_t certs_cell_cert_get_cert_len(certs_cell_cert_t *inp); +uint16_t certs_cell_cert_get_cert_len(const certs_cell_cert_t *inp); /** Set the value of the cert_len field of the certs_cell_cert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -242,6 +258,9 @@ size_t certs_cell_cert_getlen_body(const certs_cell_cert_t *inp); * body of the certs_cell_cert_t in 'inp'. */ uint8_t certs_cell_cert_get_body(certs_cell_cert_t *inp, size_t idx); +/** As certs_cell_cert_get_body, but take and return a const pointer + */ +uint8_t certs_cell_cert_getconst_body(const certs_cell_cert_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * body of the certs_cell_cert_t in 'inp', so that it will hold the * value 'elt'. @@ -254,6 +273,9 @@ int certs_cell_cert_add_body(certs_cell_cert_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field body of 'inp'. */ uint8_t * certs_cell_cert_getarray_body(certs_cell_cert_t *inp); +/** As certs_cell_cert_get_body, but take and return a const pointer + */ +const uint8_t * certs_cell_cert_getconstarray_body(const certs_cell_cert_t *inp); /** Change the length of the variable-length array field body of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. @@ -302,7 +324,11 @@ size_t rsa_ed_crosscert_getlen_ed_key(const rsa_ed_crosscert_t *inp); /** Return the element at position 'idx' of the fixed array field * ed_key of the rsa_ed_crosscert_t in 'inp'. */ -uint8_t rsa_ed_crosscert_get_ed_key(const rsa_ed_crosscert_t *inp, size_t idx); +uint8_t rsa_ed_crosscert_get_ed_key(rsa_ed_crosscert_t *inp, size_t idx); +/** As rsa_ed_crosscert_get_ed_key, but take and return a const + * pointer + */ +uint8_t rsa_ed_crosscert_getconst_ed_key(const rsa_ed_crosscert_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * ed_key of the rsa_ed_crosscert_t in 'inp', so that it will hold the * value 'elt'. @@ -311,10 +337,14 @@ int rsa_ed_crosscert_set_ed_key(rsa_ed_crosscert_t *inp, size_t idx, uint8_t elt /** Return a pointer to the 32-element array field ed_key of 'inp'. */ uint8_t * rsa_ed_crosscert_getarray_ed_key(rsa_ed_crosscert_t *inp); +/** As rsa_ed_crosscert_get_ed_key, but take and return a const + * pointer + */ +const uint8_t * rsa_ed_crosscert_getconstarray_ed_key(const rsa_ed_crosscert_t *inp); /** Return the value of the expiration field of the rsa_ed_crosscert_t * in 'inp' */ -uint32_t rsa_ed_crosscert_get_expiration(rsa_ed_crosscert_t *inp); +uint32_t rsa_ed_crosscert_get_expiration(const rsa_ed_crosscert_t *inp); /** Set the value of the expiration field of the rsa_ed_crosscert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -326,7 +356,7 @@ const uint8_t * rsa_ed_crosscert_get_end_of_signed(const rsa_ed_crosscert_t *inp /** Return the value of the sig_len field of the rsa_ed_crosscert_t in * 'inp' */ -uint8_t rsa_ed_crosscert_get_sig_len(rsa_ed_crosscert_t *inp); +uint8_t rsa_ed_crosscert_get_sig_len(const rsa_ed_crosscert_t *inp); /** Set the value of the sig_len field of the rsa_ed_crosscert_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -340,6 +370,9 @@ size_t rsa_ed_crosscert_getlen_sig(const rsa_ed_crosscert_t *inp); * sig of the rsa_ed_crosscert_t in 'inp'. */ uint8_t rsa_ed_crosscert_get_sig(rsa_ed_crosscert_t *inp, size_t idx); +/** As rsa_ed_crosscert_get_sig, but take and return a const pointer + */ +uint8_t rsa_ed_crosscert_getconst_sig(const rsa_ed_crosscert_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * sig of the rsa_ed_crosscert_t in 'inp', so that it will hold the * value 'elt'. @@ -352,6 +385,9 @@ int rsa_ed_crosscert_add_sig(rsa_ed_crosscert_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field sig of 'inp'. */ uint8_t * rsa_ed_crosscert_getarray_sig(rsa_ed_crosscert_t *inp); +/** As rsa_ed_crosscert_get_sig, but take and return a const pointer + */ +const uint8_t * rsa_ed_crosscert_getconstarray_sig(const rsa_ed_crosscert_t *inp); /** Change the length of the variable-length array field sig of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. @@ -398,7 +434,10 @@ size_t auth1_getlen_type(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field type * of the auth1_t in 'inp'. */ -uint8_t auth1_get_type(const auth1_t *inp, size_t idx); +uint8_t auth1_get_type(auth1_t *inp, size_t idx); +/** As auth1_get_type, but take and return a const pointer + */ +uint8_t auth1_getconst_type(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field type * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -406,6 +445,9 @@ int auth1_set_type(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 8-element array field type of 'inp'. */ uint8_t * auth1_getarray_type(auth1_t *inp); +/** As auth1_get_type, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_type(const auth1_t *inp); /** Return the (constant) length of the array holding the cid field of * the auth1_t in 'inp'. */ @@ -413,7 +455,10 @@ size_t auth1_getlen_cid(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field cid * of the auth1_t in 'inp'. */ -uint8_t auth1_get_cid(const auth1_t *inp, size_t idx); +uint8_t auth1_get_cid(auth1_t *inp, size_t idx); +/** As auth1_get_cid, but take and return a const pointer + */ +uint8_t auth1_getconst_cid(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field cid * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -421,6 +466,9 @@ int auth1_set_cid(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field cid of 'inp'. */ uint8_t * auth1_getarray_cid(auth1_t *inp); +/** As auth1_get_cid, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_cid(const auth1_t *inp); /** Return the (constant) length of the array holding the sid field of * the auth1_t in 'inp'. */ @@ -428,7 +476,10 @@ size_t auth1_getlen_sid(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field sid * of the auth1_t in 'inp'. */ -uint8_t auth1_get_sid(const auth1_t *inp, size_t idx); +uint8_t auth1_get_sid(auth1_t *inp, size_t idx); +/** As auth1_get_sid, but take and return a const pointer + */ +uint8_t auth1_getconst_sid(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field sid * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -436,6 +487,9 @@ int auth1_set_sid(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field sid of 'inp'. */ uint8_t * auth1_getarray_sid(auth1_t *inp); +/** As auth1_get_sid, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_sid(const auth1_t *inp); /** Return the (constant) length of the array holding the u1_cid_ed * field of the auth1_t in 'inp'. */ @@ -443,7 +497,10 @@ size_t auth1_getlen_u1_cid_ed(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field * u1_cid_ed of the auth1_t in 'inp'. */ -uint8_t auth1_get_u1_cid_ed(const auth1_t *inp, size_t idx); +uint8_t auth1_get_u1_cid_ed(auth1_t *inp, size_t idx); +/** As auth1_get_u1_cid_ed, but take and return a const pointer + */ +uint8_t auth1_getconst_u1_cid_ed(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * u1_cid_ed of the auth1_t in 'inp', so that it will hold the value * 'elt'. @@ -452,6 +509,9 @@ int auth1_set_u1_cid_ed(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field u1_cid_ed of 'inp'. */ uint8_t * auth1_getarray_u1_cid_ed(auth1_t *inp); +/** As auth1_get_u1_cid_ed, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_u1_cid_ed(const auth1_t *inp); /** Return the (constant) length of the array holding the u1_sid_ed * field of the auth1_t in 'inp'. */ @@ -459,7 +519,10 @@ size_t auth1_getlen_u1_sid_ed(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field * u1_sid_ed of the auth1_t in 'inp'. */ -uint8_t auth1_get_u1_sid_ed(const auth1_t *inp, size_t idx); +uint8_t auth1_get_u1_sid_ed(auth1_t *inp, size_t idx); +/** As auth1_get_u1_sid_ed, but take and return a const pointer + */ +uint8_t auth1_getconst_u1_sid_ed(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * u1_sid_ed of the auth1_t in 'inp', so that it will hold the value * 'elt'. @@ -468,6 +531,9 @@ int auth1_set_u1_sid_ed(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field u1_sid_ed of 'inp'. */ uint8_t * auth1_getarray_u1_sid_ed(auth1_t *inp); +/** As auth1_get_u1_sid_ed, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_u1_sid_ed(const auth1_t *inp); /** Return the (constant) length of the array holding the slog field * of the auth1_t in 'inp'. */ @@ -475,7 +541,10 @@ size_t auth1_getlen_slog(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field slog * of the auth1_t in 'inp'. */ -uint8_t auth1_get_slog(const auth1_t *inp, size_t idx); +uint8_t auth1_get_slog(auth1_t *inp, size_t idx); +/** As auth1_get_slog, but take and return a const pointer + */ +uint8_t auth1_getconst_slog(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field slog * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -483,6 +552,9 @@ int auth1_set_slog(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field slog of 'inp'. */ uint8_t * auth1_getarray_slog(auth1_t *inp); +/** As auth1_get_slog, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_slog(const auth1_t *inp); /** Return the (constant) length of the array holding the clog field * of the auth1_t in 'inp'. */ @@ -490,7 +562,10 @@ size_t auth1_getlen_clog(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field clog * of the auth1_t in 'inp'. */ -uint8_t auth1_get_clog(const auth1_t *inp, size_t idx); +uint8_t auth1_get_clog(auth1_t *inp, size_t idx); +/** As auth1_get_clog, but take and return a const pointer + */ +uint8_t auth1_getconst_clog(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field clog * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -498,6 +573,9 @@ int auth1_set_clog(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field clog of 'inp'. */ uint8_t * auth1_getarray_clog(auth1_t *inp); +/** As auth1_get_clog, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_clog(const auth1_t *inp); /** Return the (constant) length of the array holding the scert field * of the auth1_t in 'inp'. */ @@ -505,7 +583,10 @@ size_t auth1_getlen_scert(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field * scert of the auth1_t in 'inp'. */ -uint8_t auth1_get_scert(const auth1_t *inp, size_t idx); +uint8_t auth1_get_scert(auth1_t *inp, size_t idx); +/** As auth1_get_scert, but take and return a const pointer + */ +uint8_t auth1_getconst_scert(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * scert of the auth1_t in 'inp', so that it will hold the value * 'elt'. @@ -514,6 +595,9 @@ int auth1_set_scert(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field scert of 'inp'. */ uint8_t * auth1_getarray_scert(auth1_t *inp); +/** As auth1_get_scert, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_scert(const auth1_t *inp); /** Return the (constant) length of the array holding the tlssecrets * field of the auth1_t in 'inp'. */ @@ -521,7 +605,10 @@ size_t auth1_getlen_tlssecrets(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field * tlssecrets of the auth1_t in 'inp'. */ -uint8_t auth1_get_tlssecrets(const auth1_t *inp, size_t idx); +uint8_t auth1_get_tlssecrets(auth1_t *inp, size_t idx); +/** As auth1_get_tlssecrets, but take and return a const pointer + */ +uint8_t auth1_getconst_tlssecrets(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field * tlssecrets of the auth1_t in 'inp', so that it will hold the value * 'elt'. @@ -531,6 +618,9 @@ int auth1_set_tlssecrets(auth1_t *inp, size_t idx, uint8_t elt); * 'inp'. */ uint8_t * auth1_getarray_tlssecrets(auth1_t *inp); +/** As auth1_get_tlssecrets, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_tlssecrets(const auth1_t *inp); /** Return the position for end_of_fixed_part when we parsed this * object */ @@ -542,7 +632,10 @@ size_t auth1_getlen_rand(const auth1_t *inp); /** Return the element at position 'idx' of the fixed array field rand * of the auth1_t in 'inp'. */ -uint8_t auth1_get_rand(const auth1_t *inp, size_t idx); +uint8_t auth1_get_rand(auth1_t *inp, size_t idx); +/** As auth1_get_rand, but take and return a const pointer + */ +uint8_t auth1_getconst_rand(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field rand * of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -550,6 +643,9 @@ int auth1_set_rand(auth1_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 24-element array field rand of 'inp'. */ uint8_t * auth1_getarray_rand(auth1_t *inp); +/** As auth1_get_rand, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_rand(const auth1_t *inp); /** Return the position for end_of_signed when we parsed this object */ const uint8_t * auth1_get_end_of_signed(const auth1_t *inp); @@ -561,6 +657,9 @@ size_t auth1_getlen_sig(const auth1_t *inp); * sig of the auth1_t in 'inp'. */ uint8_t auth1_get_sig(auth1_t *inp, size_t idx); +/** As auth1_get_sig, but take and return a const pointer + */ +uint8_t auth1_getconst_sig(const auth1_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * sig of the auth1_t in 'inp', so that it will hold the value 'elt'. */ @@ -572,6 +671,9 @@ int auth1_add_sig(auth1_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field sig of 'inp'. */ uint8_t * auth1_getarray_sig(auth1_t *inp); +/** As auth1_get_sig, but take and return a const pointer + */ +const uint8_t * auth1_getconstarray_sig(const auth1_t *inp); /** Change the length of the variable-length array field sig of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. @@ -613,7 +715,7 @@ const char *certs_cell_check(const certs_cell_t *obj); int certs_cell_clear_errors(certs_cell_t *obj); /** Return the value of the n_certs field of the certs_cell_t in 'inp' */ -uint8_t certs_cell_get_n_certs(certs_cell_t *inp); +uint8_t certs_cell_get_n_certs(const certs_cell_t *inp); /** Set the value of the n_certs field of the certs_cell_t in 'inp' to * 'val'. Return 0 on success; return -1 and set the error code on * 'inp' on failure. @@ -627,6 +729,9 @@ size_t certs_cell_getlen_certs(const certs_cell_t *inp); * certs of the certs_cell_t in 'inp'. */ struct certs_cell_cert_st * certs_cell_get_certs(certs_cell_t *inp, size_t idx); +/** As certs_cell_get_certs, but take and return a const pointer + */ + const struct certs_cell_cert_st * certs_cell_getconst_certs(const certs_cell_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * certs of the certs_cell_t in 'inp', so that it will hold the value * 'elt'. Free the previous value, if any. @@ -643,6 +748,9 @@ int certs_cell_add_certs(certs_cell_t *inp, struct certs_cell_cert_st * elt); * 'inp'. */ struct certs_cell_cert_st * * certs_cell_getarray_certs(certs_cell_t *inp); +/** As certs_cell_get_certs, but take and return a const pointer + */ +const struct certs_cell_cert_st * const * certs_cell_getconstarray_certs(const certs_cell_t *inp); /** Change the length of the variable-length array field certs of * 'inp' to 'newlen'.Fill extra elements with NULL; free removed * elements. Return 0 on success; return -1 and set the error code on diff --git a/src/trunnel/pwbox.c b/src/trunnel/pwbox.c index 62662a9369..f4b910bdab 100644 --- a/src/trunnel/pwbox.c +++ b/src/trunnel/pwbox.c @@ -1,4 +1,4 @@ -/* pwbox.c -- generated by Trunnel v1.4.6. +/* pwbox.c -- generated by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -62,7 +62,7 @@ pwbox_encoded_free(pwbox_encoded_t *obj) } uint32_t -pwbox_encoded_get_fixedbytes0(pwbox_encoded_t *inp) +pwbox_encoded_get_fixedbytes0(const pwbox_encoded_t *inp) { return inp->fixedbytes0; } @@ -77,7 +77,7 @@ pwbox_encoded_set_fixedbytes0(pwbox_encoded_t *inp, uint32_t val) return 0; } uint32_t -pwbox_encoded_get_fixedbytes1(pwbox_encoded_t *inp) +pwbox_encoded_get_fixedbytes1(const pwbox_encoded_t *inp) { return inp->fixedbytes1; } @@ -92,7 +92,7 @@ pwbox_encoded_set_fixedbytes1(pwbox_encoded_t *inp, uint32_t val) return 0; } uint8_t -pwbox_encoded_get_header_len(pwbox_encoded_t *inp) +pwbox_encoded_get_header_len(const pwbox_encoded_t *inp) { return inp->header_len; } @@ -114,6 +114,11 @@ pwbox_encoded_get_skey_header(pwbox_encoded_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->skey_header, idx); } +uint8_t +pwbox_encoded_getconst_skey_header(const pwbox_encoded_t *inp, size_t idx) +{ + return pwbox_encoded_get_skey_header((pwbox_encoded_t*)inp, idx); +} int pwbox_encoded_set_skey_header(pwbox_encoded_t *inp, size_t idx, uint8_t elt) { @@ -139,6 +144,11 @@ pwbox_encoded_getarray_skey_header(pwbox_encoded_t *inp) { return inp->skey_header.elts_; } +const uint8_t * +pwbox_encoded_getconstarray_skey_header(const pwbox_encoded_t *inp) +{ + return (const uint8_t *)pwbox_encoded_getarray_skey_header((pwbox_encoded_t*)inp); +} int pwbox_encoded_setlen_skey_header(pwbox_encoded_t *inp, size_t newlen) { @@ -166,12 +176,17 @@ pwbox_encoded_getlen_iv(const pwbox_encoded_t *inp) } uint8_t -pwbox_encoded_get_iv(const pwbox_encoded_t *inp, size_t idx) +pwbox_encoded_get_iv(pwbox_encoded_t *inp, size_t idx) { trunnel_assert(idx < 16); return inp->iv[idx]; } +uint8_t +pwbox_encoded_getconst_iv(const pwbox_encoded_t *inp, size_t idx) +{ + return pwbox_encoded_get_iv((pwbox_encoded_t*)inp, idx); +} int pwbox_encoded_set_iv(pwbox_encoded_t *inp, size_t idx, uint8_t elt) { @@ -185,6 +200,11 @@ pwbox_encoded_getarray_iv(pwbox_encoded_t *inp) { return inp->iv; } +const uint8_t * +pwbox_encoded_getconstarray_iv(const pwbox_encoded_t *inp) +{ + return (const uint8_t *)pwbox_encoded_getarray_iv((pwbox_encoded_t*)inp); +} size_t pwbox_encoded_getlen_data(const pwbox_encoded_t *inp) { @@ -197,6 +217,11 @@ pwbox_encoded_get_data(pwbox_encoded_t *inp, size_t idx) return TRUNNEL_DYNARRAY_GET(&inp->data, idx); } +uint8_t +pwbox_encoded_getconst_data(const pwbox_encoded_t *inp, size_t idx) +{ + return pwbox_encoded_get_data((pwbox_encoded_t*)inp, idx); +} int pwbox_encoded_set_data(pwbox_encoded_t *inp, size_t idx, uint8_t elt) { @@ -218,6 +243,11 @@ pwbox_encoded_getarray_data(pwbox_encoded_t *inp) { return inp->data.elts_; } +const uint8_t * +pwbox_encoded_getconstarray_data(const pwbox_encoded_t *inp) +{ + return (const uint8_t *)pwbox_encoded_getarray_data((pwbox_encoded_t*)inp); +} int pwbox_encoded_setlen_data(pwbox_encoded_t *inp, size_t newlen) { @@ -241,12 +271,17 @@ pwbox_encoded_getlen_hmac(const pwbox_encoded_t *inp) } uint8_t -pwbox_encoded_get_hmac(const pwbox_encoded_t *inp, size_t idx) +pwbox_encoded_get_hmac(pwbox_encoded_t *inp, size_t idx) { trunnel_assert(idx < 32); return inp->hmac[idx]; } +uint8_t +pwbox_encoded_getconst_hmac(const pwbox_encoded_t *inp, size_t idx) +{ + return pwbox_encoded_get_hmac((pwbox_encoded_t*)inp, idx); +} int pwbox_encoded_set_hmac(pwbox_encoded_t *inp, size_t idx, uint8_t elt) { @@ -260,6 +295,11 @@ pwbox_encoded_getarray_hmac(pwbox_encoded_t *inp) { return inp->hmac; } +const uint8_t * +pwbox_encoded_getconstarray_hmac(const pwbox_encoded_t *inp) +{ + return (const uint8_t *)pwbox_encoded_getarray_hmac((pwbox_encoded_t*)inp); +} const char * pwbox_encoded_check(const pwbox_encoded_t *obj) { diff --git a/src/trunnel/pwbox.h b/src/trunnel/pwbox.h index 77a813d123..939b3c41a7 100644 --- a/src/trunnel/pwbox.h +++ b/src/trunnel/pwbox.h @@ -1,4 +1,4 @@ -/* pwbox.h -- generated by by Trunnel v1.4.6. +/* pwbox.h -- generated by by Trunnel v1.5.1. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ @@ -61,7 +61,7 @@ int pwbox_encoded_clear_errors(pwbox_encoded_t *obj); /** Return the value of the fixedbytes0 field of the pwbox_encoded_t * in 'inp' */ -uint32_t pwbox_encoded_get_fixedbytes0(pwbox_encoded_t *inp); +uint32_t pwbox_encoded_get_fixedbytes0(const pwbox_encoded_t *inp); /** Set the value of the fixedbytes0 field of the pwbox_encoded_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -70,7 +70,7 @@ int pwbox_encoded_set_fixedbytes0(pwbox_encoded_t *inp, uint32_t val); /** Return the value of the fixedbytes1 field of the pwbox_encoded_t * in 'inp' */ -uint32_t pwbox_encoded_get_fixedbytes1(pwbox_encoded_t *inp); +uint32_t pwbox_encoded_get_fixedbytes1(const pwbox_encoded_t *inp); /** Set the value of the fixedbytes1 field of the pwbox_encoded_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -79,7 +79,7 @@ int pwbox_encoded_set_fixedbytes1(pwbox_encoded_t *inp, uint32_t val); /** Return the value of the header_len field of the pwbox_encoded_t in * 'inp' */ -uint8_t pwbox_encoded_get_header_len(pwbox_encoded_t *inp); +uint8_t pwbox_encoded_get_header_len(const pwbox_encoded_t *inp); /** Set the value of the header_len field of the pwbox_encoded_t in * 'inp' to 'val'. Return 0 on success; return -1 and set the error * code on 'inp' on failure. @@ -93,6 +93,10 @@ size_t pwbox_encoded_getlen_skey_header(const pwbox_encoded_t *inp); * skey_header of the pwbox_encoded_t in 'inp'. */ uint8_t pwbox_encoded_get_skey_header(pwbox_encoded_t *inp, size_t idx); +/** As pwbox_encoded_get_skey_header, but take and return a const + * pointer + */ +uint8_t pwbox_encoded_getconst_skey_header(const pwbox_encoded_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * skey_header of the pwbox_encoded_t in 'inp', so that it will hold * the value 'elt'. @@ -106,6 +110,10 @@ int pwbox_encoded_add_skey_header(pwbox_encoded_t *inp, uint8_t elt); * 'inp'. */ uint8_t * pwbox_encoded_getarray_skey_header(pwbox_encoded_t *inp); +/** As pwbox_encoded_get_skey_header, but take and return a const + * pointer + */ +const uint8_t * pwbox_encoded_getconstarray_skey_header(const pwbox_encoded_t *inp); /** Change the length of the variable-length array field skey_header * of 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on * success; return -1 and set the error code on 'inp' on failure. @@ -118,7 +126,10 @@ size_t pwbox_encoded_getlen_iv(const pwbox_encoded_t *inp); /** Return the element at position 'idx' of the fixed array field iv * of the pwbox_encoded_t in 'inp'. */ -uint8_t pwbox_encoded_get_iv(const pwbox_encoded_t *inp, size_t idx); +uint8_t pwbox_encoded_get_iv(pwbox_encoded_t *inp, size_t idx); +/** As pwbox_encoded_get_iv, but take and return a const pointer + */ +uint8_t pwbox_encoded_getconst_iv(const pwbox_encoded_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field iv * of the pwbox_encoded_t in 'inp', so that it will hold the value * 'elt'. @@ -127,6 +138,9 @@ int pwbox_encoded_set_iv(pwbox_encoded_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 16-element array field iv of 'inp'. */ uint8_t * pwbox_encoded_getarray_iv(pwbox_encoded_t *inp); +/** As pwbox_encoded_get_iv, but take and return a const pointer + */ +const uint8_t * pwbox_encoded_getconstarray_iv(const pwbox_encoded_t *inp); /** Return the length of the dynamic array holding the data field of * the pwbox_encoded_t in 'inp'. */ @@ -135,6 +149,9 @@ size_t pwbox_encoded_getlen_data(const pwbox_encoded_t *inp); * data of the pwbox_encoded_t in 'inp'. */ uint8_t pwbox_encoded_get_data(pwbox_encoded_t *inp, size_t idx); +/** As pwbox_encoded_get_data, but take and return a const pointer + */ +uint8_t pwbox_encoded_getconst_data(const pwbox_encoded_t *inp, size_t idx); /** Change the element at position 'idx' of the dynamic array field * data of the pwbox_encoded_t in 'inp', so that it will hold the * value 'elt'. @@ -147,6 +164,9 @@ int pwbox_encoded_add_data(pwbox_encoded_t *inp, uint8_t elt); /** Return a pointer to the variable-length array field data of 'inp'. */ uint8_t * pwbox_encoded_getarray_data(pwbox_encoded_t *inp); +/** As pwbox_encoded_get_data, but take and return a const pointer + */ +const uint8_t * pwbox_encoded_getconstarray_data(const pwbox_encoded_t *inp); /** Change the length of the variable-length array field data of 'inp' * to 'newlen'.Fill extra elements with 0. Return 0 on success; return * -1 and set the error code on 'inp' on failure. @@ -159,7 +179,10 @@ size_t pwbox_encoded_getlen_hmac(const pwbox_encoded_t *inp); /** Return the element at position 'idx' of the fixed array field hmac * of the pwbox_encoded_t in 'inp'. */ -uint8_t pwbox_encoded_get_hmac(const pwbox_encoded_t *inp, size_t idx); +uint8_t pwbox_encoded_get_hmac(pwbox_encoded_t *inp, size_t idx); +/** As pwbox_encoded_get_hmac, but take and return a const pointer + */ +uint8_t pwbox_encoded_getconst_hmac(const pwbox_encoded_t *inp, size_t idx); /** Change the element at position 'idx' of the fixed array field hmac * of the pwbox_encoded_t in 'inp', so that it will hold the value * 'elt'. @@ -168,6 +191,9 @@ int pwbox_encoded_set_hmac(pwbox_encoded_t *inp, size_t idx, uint8_t elt); /** Return a pointer to the 32-element array field hmac of 'inp'. */ uint8_t * pwbox_encoded_getarray_hmac(pwbox_encoded_t *inp); +/** As pwbox_encoded_get_hmac, but take and return a const pointer + */ +const uint8_t * pwbox_encoded_getconstarray_hmac(const pwbox_encoded_t *inp); #endif diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 65216fa12c..c113efb402 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.9.6-rc-dev" +#define VERSION "0.3.0.0-alpha-dev" |