summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-08-08Don't double hash the ed25519 blind key parameter.George Kadianakis
We used to do: h = H(BLIND_STRING | H(A | s | B | N ) when we should be doing: h = H(BLIND_STRING | A | s | B | N) Change the logic so that hs_common.c does the hashing, and our ed25519 libraries just receive the hashed parameter ready-made. That's easier than doing the hashing on the ed25519 libraries, since that means we would have to pass them a variable-length param (depending on whether 's' is set or not). Also fix the ed25519 test vectors since they were also double hashing.
2017-08-08Don't set HSDir index if we don't have a live consensus.George Kadianakis
We also had to alter the SRV functions to take a consensus as optional input, since we might be setting our HSDir index using a consensus that is currently being processed and won't be returned by the networkstatus_get_live_consensus() function. This change has two results: a) It makes sure we are using a fresh consensus with the right SRV value when we are calculating the HSDir hash ring. b) It ensures that we will not use the sr_get_current/previous() functions when we don't have a consensus which would have falsely triggered the disaster SRV logic.
2017-08-08Correctly assign HSDir flags based on protocol listGeorge Kadianakis
In Nick's words: "We want to always return false if the platform is a Tor version, and it is not as new as 0.3.0.8 -- but if the platform is not a Tor version, or if the version is as new as 0.3.0.8, then we want to obey the protocol list. That way, other implementations of our protocol won't have to claim any particular Tor version, and future versions of Tor will have the freedom to drop this protocol in the distant future."
2017-08-08Fix small easy bugs all aroundGeorge Kadianakis
- Fix log message format string. - Do extra circuit purpose check. - wipe memory in a clear function - Make sure we don't double add intro points in our list - Make sure we don't double close intro circuits. - s/tt_u64_op/tt_i64_op/
2017-08-08Constify functions that can be constified.George Kadianakis
2017-08-08Improve documentation all around the codebase.George Kadianakis
2017-08-08Make ed25519 id keys optional for IPs and RPs.George Kadianakis
2017-08-08Improve setting hsdir index procedure.George Kadianakis
- Fix memleak.
2017-08-08Make HidServRevCounter be a LINELIST as it should.George Kadianakis
2017-08-08Rename some free() functions that are actually clear().George Kadianakis
2017-08-08Validate intro point limits to avoid asserts.George Kadianakis
2017-08-08Relax assertions: turn them to BUGs and non-fatal asserts.George Kadianakis
2017-08-08prop224: Don't use nodes as HSDirs if they don't have an HSDir index.George Kadianakis
2017-08-08memwipe interesting unused memoryGeorge Kadianakis
2017-08-08Fix 32-bit bug when writing address to descriptor.George Kadianakis
We used to sizeof() a pointer. Let's just use asprintf to avoid having to be smart.
2017-08-08Fix ternary operator abuse.George Kadianakis
2017-08-08Use htonll() when INT_8 is used.George Kadianakis
Also prepend period_length to any period_num, as specified by the spec.
2017-08-08prop224: Remove INTRODUCE2 legacy handlingDavid Goulet
Turns out that introduction points don't care about the INTRODUCE2 cell format as long as the top field is LEGACY_KEY_ID as expected. So let's use a single INTRODUCE format regardless of the introduction point being legacy or not. This also removes the polymorphic void* situation. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Unbreak test_upload_descriptors()George Kadianakis
To upload the descriptor we needed a state file to write the rev counters in, but that test did not have a state file initialized. Also fix the typo in its func name. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Unit tests for the revision counter state file codetheGeorge Kadianakis
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Use state file to save/load revision countersGeorge Kadianakis
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Refactor the overlap function to not use absolute time.George Kadianakis
We consider to be in overlap mode when we are in the period of time between a fresh SRV and the beginning of the new time period (in the normal network this is between 00:00 and 12:00 UTC). This commit edits that function to use the above semantic logic instead of absolute times. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Make prop224 time periods smaller in testnets.George Kadianakis
It used to be that time periods were 24 hours long even on chutney, which made testing harder. With this commit, time periods have the same length as a full SRV protocol run, which means that they will change every 4 minutes in a 10-second voting interval chutney network!
2017-08-08prop224: Refactor hs_get_time_period_num() to not use absolute time.George Kadianakis
Instead use the SRV protocol duration to calculate the rotation offset that was previously hardcoded to 12 hours.
2017-08-08prop224: Compute start time of next time period.George Kadianakis
2017-08-08SR: Calculate current SRV phase/run duration.George Kadianakis
This is also needed to make the HS desc overlap mode function independent of absolute hours.
2017-08-08SR: Compute the start time of the current protocol run.George Kadianakis
This function will be used to make the HS desc overlap function be independent of absolute times.
2017-08-08prop224: HSDir v3 support is >= 0.3.0.8David Goulet
Because of bug #22447, we have to select nodes that are at least this version. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Move get_intro_circuit() to hs_circuit.cDavid Goulet
Make this function public so we can use it both in hs_circuit.c and hs_service.c to avoid code duplication. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Make circuit prediction aware of v3 servicesDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Add service rendezvous circuit relaunchDavid Goulet
This introduces a callback to relaunch a service rendezvous circuit when a previous one failed to build or expired. It unifies the legacy function rend_service_relaunch_rendezvous() with one for specific to prop224. There is now only one entry point for that which is hs_circ_retry_service_rendezvous_point() supporting both legacy and prop224 circuits. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Different intro point timings with TestingNetworkDavid Goulet
Change the timing for intro point's lifetime and maximum amount of circuit we are allowed to launch in a TestingNetwork. This is particurlarly useful for chutney testing to test intro point rotation. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Add a circuit has closed callbackDavid Goulet
When the circuit is about to be freed which has been marked close before, for introduction circuit we now call this has_closed() callback so we can cleanup any introduction point that have retried to many times or at least flag them that their circuit is not established anymore. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08hs: Rename num_rend_services()David Goulet
Renamed to rend_num_services() so it is consistent with the legacy naming. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Fix prop224 HS descriptor to use subcredentialGeorge Kadianakis
We used to use NULL subcredential which is a terrible terrible idea. Refactor HS unittests to use subcredentials. Also add some non-fatal asserts to make sure that we always use subcredentials when decoding/encoding descs. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Add unit test coverage of hs_service.cDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Refactor HS tests to use the new ESTABLISH_INTRO cell codeDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Add test_hs_common unit testsDavid Goulet
Move tests from test_hs_service.c to this file. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Add test_hs_ntor unit testsDavid Goulet
Move the ntor test from test_hs_service.c to this file. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08test: Add test_hs_cell unit testsDavid Goulet
Move ESTABLISH_INTRO tests from test_hs_service.c to this new file. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Link rendezvous circuit to edge connectionDavid Goulet
This commit refactors the handle_hs_exit_conn() function introduced at a prior commit that connects the rendezvous circuit to the edge connection used to connect to the service virtual port requested in a BEGIN cell. The refactor adds the support for prop224 adding the hs_service_set_conn_addr_port() function that has the same purpose has rend_service_set_connection_addr_port() from the legacy code. The rend_service_set_connection_addr_port() has also been a bit refactored so the common code can be shared between the two HS subsystems (legacy and prop224). In terms of functionallity, nothing has changed, we still close the circuits in case of failure for the same reasons as the legacy system currently does. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08hs: Refactor the service exit connection codeDavid Goulet
This commit simply moves the code from the if condition of a rendezvous circuit to a function to handle such a connection. No code was modified _except_ the use or rh.stream_id changed to n_stream->stream_id so we don't have to pass the cell header to the function. This is groundwork for prop224 support which will break down the handle_hs_exit_conn() depending on the version of hidden service the circuit and edge connection is for. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Sandbox support for serviceDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Make the number of extra intro point a consensus paramDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Make intro point min/max lifetime a consensus paramDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Make INTRODUCE2 min/max a consensus paramDavid Goulet
Introduction point are rotated either if we get X amounts of INTRODUCE2 cells on it or a time based expiration. This commit adds two consensus parameters which are the min and max value bounding the random value X. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Implement a service intro point failure cacheDavid Goulet
Imagine a Tor network where you have only 8 nodes available due to some reasons. And your hidden service wants 8 introduction points. Everything is fine but then a node goes down bringing the network to 7. The service will retry 3 times that node and then give up but keep it in a failure cache for 5 minutes (INTRO_CIRC_RETRY_PERIOD) so it doesn't retry it non stop and exhaust the maximum number of circuit retry. In the real public network today, this is unlikely to happen unless the ExcludeNodes list is extremely restrictive. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Upload service descriptorsDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Directory function to upload descriptorDavid Goulet
This commit adds a directory command function to make an upload directory request for a service descriptor. It is not used yet, just the groundwork. Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08prop224: Add a responsible HSDir functionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>