diff options
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/or.h | 9 | ||||
-rw-r--r-- | src/or/rendcommon.c | 5 | ||||
-rw-r--r-- | src/or/rendservice.c | 22 |
3 files changed, 19 insertions, 17 deletions
diff --git a/src/or/or.h b/src/or/or.h index 9c81d0e134..b53220fcba 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3505,9 +3505,12 @@ typedef struct rend_intro_point_t { * included in the last HS descriptor we generated. */ unsigned int listed_in_last_desc : 1; - /** (Service side only) The number of INTRODUCE2 cells this intro - * point's circuit has received. */ - unsigned int introduction_count : 24; + /** (Service side only) A digestmap recording the INTRODUCE2 cells + * this intro point's circuit has received. Each key is the digest + * of the RSA-encrypted part of a received INTRODUCE2 cell; each + * value is a pointer to the time_t at which the cell was + * received. */ + digestmap_t *accepted_intros; /** (Service side only) The time at which this intro point was first * published, or -1 if this intro point has not yet been diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index c5bf88163d..0a478c1147 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -440,6 +440,11 @@ rend_intro_point_free(rend_intro_point_t *intro) extend_info_free(intro->extend_info); crypto_free_pk_env(intro->intro_key); + + if (intro->accepted_intros != NULL) { + digestmap_free(intro->accepted_intros, _tor_free); + } + tor_free(intro); } diff --git a/src/or/rendservice.c b/src/or/rendservice.c index ee34edfa6e..413d4f670a 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1005,14 +1005,14 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, if (!service->accepted_intros) service->accepted_intros = digestmap_new(); + if (!intro_point->accepted_intros) + intro_point->accepted_intros = digestmap_new(); + { char pkpart_digest[DIGEST_LEN]; - /* Check for replay of PK-encrypted portion. It is slightly naughty to - use the same digestmap to check for this and for g^x replays, but - collisions are tremendously unlikely. - */ + /* Check for replay of PK-encrypted portion. */ crypto_digest(pkpart_digest, (char*)request+DIGEST_LEN, keylen); - access_time = digestmap_get(service->accepted_intros, pkpart_digest); + access_time = digestmap_get(intro_point->accepted_intros, pkpart_digest); if (access_time != NULL) { log_warn(LD_REND, "Possible replay detected! We received an " "INTRODUCE2 cell with same PK-encrypted part %d seconds ago. " @@ -1021,14 +1021,7 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, } access_time = tor_malloc(sizeof(time_t)); *access_time = now; - digestmap_set(service->accepted_intros, pkpart_digest, access_time); - } - - /* Record that we've received another INTRODUCE2 cell through this - * intro point. */ - ++(intro_point->introduction_count); - if (intro_point->introduction_count == 0) { - --(intro_point->introduction_count); + digestmap_set(intro_point->accepted_intros, pkpart_digest, access_time); } /* Next N bytes is encrypted with service key */ @@ -1935,7 +1928,8 @@ intro_point_should_expire_now(rend_intro_point_t *intro, return 1; } - if (intro->introduction_count >= INTRO_POINT_LIFETIME_INTRODUCTIONS) { + if (digestmap_size(intro->accepted_intros) >= + INTRO_POINT_LIFETIME_INTRODUCTIONS) { /* This intro point has been used too many times. Expire it now. */ return 1; } |