diff options
Diffstat (limited to 'src/feature/hs')
-rw-r--r-- | src/feature/hs/hs_config.c | 29 | ||||
-rw-r--r-- | src/feature/hs/hs_service.c | 6 | ||||
-rw-r--r-- | src/feature/hs/hs_service.h | 14 |
3 files changed, 42 insertions, 7 deletions
diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c index 16bfe7c544..2378a4d3b2 100644 --- a/src/feature/hs/hs_config.c +++ b/src/feature/hs/hs_config.c @@ -145,6 +145,31 @@ helper_parse_uint64(const char *opt, const char *value, uint64_t min, return ret; } +/** Helper function: Given a configuration option and its value, parse the + * value as a hs_circuit_id_protocol_t. On success, ok is set to 1 and ret is + * the parse value. On error, ok is set to 0 and the "none" + * hs_circuit_id_protocol_t is returned. This function logs on error. */ +static hs_circuit_id_protocol_t +helper_parse_circuit_id_protocol(const char *key, const char *value, int *ok) +{ + tor_assert(value); + tor_assert(ok); + + hs_circuit_id_protocol_t ret = HS_CIRCUIT_ID_PROTOCOL_NONE; + *ok = 0; + + if (! strcasecmp(value, "haproxy")) { + *ok = 1; + ret = HS_CIRCUIT_ID_PROTOCOL_HAPROXY; + } else { + log_warn(LD_CONFIG, "%s must be 'haproxy'.", key); + goto err; + } + + err: + return ret; +} + /* Return the service version by trying to learn it from the key on disk if * any. If nothing is found, the current service configured version is * returned. */ @@ -295,8 +320,8 @@ config_service_v3(const config_line_t *line_, continue; } if (!strcasecmp(line->key, "HiddenServiceExportCircuitID")) { - config->export_circuit_id = - (unsigned int) helper_parse_uint64(line->key, line->value, 0, 1, &ok); + config->circuit_id_protocol = + helper_parse_circuit_id_protocol(line->key, line->value, &ok); if (!ok || export_circuit_id) { if (export_circuit_id) { dup_opt_seen = line->key; diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 75d7cb75ed..e87cb990f5 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -3764,15 +3764,15 @@ hs_service_set_conn_addr_port(const origin_circuit_t *circ, /** Does the service with identity pubkey <b>pk</b> export the circuit IDs of * its clients? */ -bool +hs_circuit_id_protocol_t hs_service_exports_circuit_id(const ed25519_public_key_t *pk) { hs_service_t *service = find_service(hs_service_map, pk); if (!service) { - return 0; + return HS_CIRCUIT_ID_PROTOCOL_NONE; } - return service->config.export_circuit_id; + return service->config.circuit_id_protocol; } /* Add to file_list every filename used by a configured hidden service, and to diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h index e541cb28b9..6fb15b9d37 100644 --- a/src/feature/hs/hs_service.h +++ b/src/feature/hs/hs_service.h @@ -161,6 +161,15 @@ typedef struct hs_service_authorized_client_t { curve25519_public_key_t client_pk; } hs_service_authorized_client_t; +/** Which protocol to use for exporting HS client circuit ID. */ +typedef enum { + /** Don't expose the circuit id. */ + HS_CIRCUIT_ID_PROTOCOL_NONE, + + /** Use the HAProxy proxy protocol. */ + HS_CIRCUIT_ID_PROTOCOL_HAPROXY +} hs_circuit_id_protocol_t; + /* Service configuration. The following are set from the torrc options either * set by the configuration file or by the control port. Nothing else should * change those values. */ @@ -212,7 +221,7 @@ typedef struct hs_service_config_t { unsigned int is_ephemeral : 1; /* Does this service export the circuit ID of its clients? */ - bool export_circuit_id; + hs_circuit_id_protocol_t circuit_id_protocol; } hs_service_config_t; /* Service state. */ @@ -319,7 +328,8 @@ void hs_service_upload_desc_to_dir(const char *encoded_desc, const ed25519_public_key_t *blinded_pk, const routerstatus_t *hsdir_rs); -bool hs_service_exports_circuit_id(const ed25519_public_key_t *pk); +hs_circuit_id_protocol_t +hs_service_exports_circuit_id(const ed25519_public_key_t *pk); #ifdef HS_SERVICE_PRIVATE |