From 095224cdfa5563973e4832c46f0d162310393156 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Thu, 4 Nov 2021 00:01:33 +0000 Subject: Add circuit param payload definitions to trunnel --- src/trunnel/circ_params.c | 452 ++++++++++++++++++++++++++++++++++++++++ src/trunnel/circ_params.h | 147 +++++++++++++ src/trunnel/circ_params.trunnel | 25 +++ src/trunnel/include.am | 3 + 4 files changed, 627 insertions(+) create mode 100644 src/trunnel/circ_params.c create mode 100644 src/trunnel/circ_params.h create mode 100644 src/trunnel/circ_params.trunnel (limited to 'src') diff --git a/src/trunnel/circ_params.c b/src/trunnel/circ_params.c new file mode 100644 index 0000000000..650b533a0c --- /dev/null +++ b/src/trunnel/circ_params.c @@ -0,0 +1,452 @@ +/* circ_params.c -- generated by Trunnel v1.5.3. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#include +#include "trunnel-impl.h" + +#include "circ_params.h" + +#define TRUNNEL_SET_ERROR_CODE(obj) \ + do { \ + (obj)->trunnel_error_code_ = 1; \ + } while (0) + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +/* If we're running a static analysis tool, we don't want it to complain + * that some of our remaining-bytes checks are dead-code. */ +int circparams_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || circparams_deadcode_dummy__ +#else +#define OR_DEADCODE_DUMMY +#endif + +#define CHECK_REMAINING(nbytes, label) \ + do { \ + if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \ + goto label; \ + } \ + } while (0) + +circ_params_request_t * +circ_params_request_new(void) +{ + circ_params_request_t *val = trunnel_calloc(1, sizeof(circ_params_request_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +circ_params_request_clear(circ_params_request_t *obj) +{ + (void) obj; +} + +void +circ_params_request_free(circ_params_request_t *obj) +{ + if (obj == NULL) + return; + circ_params_request_clear(obj); + trunnel_memwipe(obj, sizeof(circ_params_request_t)); + trunnel_free_(obj); +} + +uint8_t +circ_params_request_get_version(const circ_params_request_t *inp) +{ + return inp->version; +} +int +circ_params_request_set_version(circ_params_request_t *inp, uint8_t val) +{ + if (! ((val == 0))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->version = val; + return 0; +} +uint8_t +circ_params_request_get_cc_supported(const circ_params_request_t *inp) +{ + return inp->cc_supported; +} +int +circ_params_request_set_cc_supported(circ_params_request_t *inp, uint8_t val) +{ + if (! ((val == 0 || val == 1))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->cc_supported = val; + return 0; +} +const char * +circ_params_request_check(const circ_params_request_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->version == 0)) + return "Integer out of bounds"; + if (! (obj->cc_supported == 0 || obj->cc_supported == 1)) + return "Integer out of bounds"; + return NULL; +} + +ssize_t +circ_params_request_encoded_len(const circ_params_request_t *obj) +{ + ssize_t result = 0; + + if (NULL != circ_params_request_check(obj)) + return -1; + + + /* Length of u8 version IN [0] */ + result += 1; + + /* Length of u8 cc_supported IN [0, 1] */ + result += 1; + return result; +} +int +circ_params_request_clear_errors(circ_params_request_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +circ_params_request_encode(uint8_t *output, const size_t avail, const circ_params_request_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = circ_params_request_encoded_len(obj); +#endif + + if (NULL != (msg = circ_params_request_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 version IN [0] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->version)); + written += 1; ptr += 1; + + /* Encode u8 cc_supported IN [0, 1] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->cc_supported)); + written += 1; ptr += 1; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As circ_params_request_parse(), but do not allocate the output + * object. + */ +static ssize_t +circ_params_request_parse_into(circ_params_request_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 version IN [0] */ + CHECK_REMAINING(1, truncated); + obj->version = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->version == 0)) + goto fail; + + /* Parse u8 cc_supported IN [0, 1] */ + CHECK_REMAINING(1, truncated); + obj->cc_supported = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->cc_supported == 0 || obj->cc_supported == 1)) + goto fail; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + fail: + result = -1; + return result; +} + +ssize_t +circ_params_request_parse(circ_params_request_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = circ_params_request_new(); + if (NULL == *output) + return -1; + result = circ_params_request_parse_into(*output, input, len_in); + if (result < 0) { + circ_params_request_free(*output); + *output = NULL; + } + return result; +} +circ_params_response_t * +circ_params_response_new(void) +{ + circ_params_response_t *val = trunnel_calloc(1, sizeof(circ_params_response_t)); + if (NULL == val) + return NULL; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +circ_params_response_clear(circ_params_response_t *obj) +{ + (void) obj; +} + +void +circ_params_response_free(circ_params_response_t *obj) +{ + if (obj == NULL) + return; + circ_params_response_clear(obj); + trunnel_memwipe(obj, sizeof(circ_params_response_t)); + trunnel_free_(obj); +} + +uint8_t +circ_params_response_get_version(const circ_params_response_t *inp) +{ + return inp->version; +} +int +circ_params_response_set_version(circ_params_response_t *inp, uint8_t val) +{ + if (! ((val == 0))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->version = val; + return 0; +} +uint8_t +circ_params_response_get_cc_enabled(const circ_params_response_t *inp) +{ + return inp->cc_enabled; +} +int +circ_params_response_set_cc_enabled(circ_params_response_t *inp, uint8_t val) +{ + if (! ((val == 0 || val == 1))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->cc_enabled = val; + return 0; +} +uint8_t +circ_params_response_get_sendme_inc_cells(const circ_params_response_t *inp) +{ + return inp->sendme_inc_cells; +} +int +circ_params_response_set_sendme_inc_cells(circ_params_response_t *inp, uint8_t val) +{ + inp->sendme_inc_cells = val; + return 0; +} +const char * +circ_params_response_check(const circ_params_response_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->version == 0)) + return "Integer out of bounds"; + if (! (obj->cc_enabled == 0 || obj->cc_enabled == 1)) + return "Integer out of bounds"; + return NULL; +} + +ssize_t +circ_params_response_encoded_len(const circ_params_response_t *obj) +{ + ssize_t result = 0; + + if (NULL != circ_params_response_check(obj)) + return -1; + + + /* Length of u8 version IN [0] */ + result += 1; + + /* Length of u8 cc_enabled IN [0, 1] */ + result += 1; + + /* Length of u8 sendme_inc_cells */ + result += 1; + return result; +} +int +circ_params_response_clear_errors(circ_params_response_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +circ_params_response_encode(uint8_t *output, const size_t avail, const circ_params_response_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = circ_params_response_encoded_len(obj); +#endif + + if (NULL != (msg = circ_params_response_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 version IN [0] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->version)); + written += 1; ptr += 1; + + /* Encode u8 cc_enabled IN [0, 1] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->cc_enabled)); + written += 1; ptr += 1; + + /* Encode u8 sendme_inc_cells */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->sendme_inc_cells)); + written += 1; ptr += 1; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As circ_params_response_parse(), but do not allocate the output + * object. + */ +static ssize_t +circ_params_response_parse_into(circ_params_response_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 version IN [0] */ + CHECK_REMAINING(1, truncated); + obj->version = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->version == 0)) + goto fail; + + /* Parse u8 cc_enabled IN [0, 1] */ + CHECK_REMAINING(1, truncated); + obj->cc_enabled = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->cc_enabled == 0 || obj->cc_enabled == 1)) + goto fail; + + /* Parse u8 sendme_inc_cells */ + CHECK_REMAINING(1, truncated); + obj->sendme_inc_cells = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + fail: + result = -1; + return result; +} + +ssize_t +circ_params_response_parse(circ_params_response_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = circ_params_response_new(); + if (NULL == *output) + return -1; + result = circ_params_response_parse_into(*output, input, len_in); + if (result < 0) { + circ_params_response_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/circ_params.h b/src/trunnel/circ_params.h new file mode 100644 index 0000000000..f69b0073dc --- /dev/null +++ b/src/trunnel/circ_params.h @@ -0,0 +1,147 @@ +/* circ_params.h -- generated by Trunnel v1.5.3. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_CIRC_PARAMS_H +#define TRUNNEL_CIRC_PARAMS_H + +#include +#include "trunnel.h" + +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CIRC_PARAMS_REQUEST) +struct circ_params_request_st { + uint8_t version; + uint8_t cc_supported; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct circ_params_request_st circ_params_request_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CIRC_PARAMS_RESPONSE) +struct circ_params_response_st { + uint8_t version; + uint8_t cc_enabled; + uint8_t sendme_inc_cells; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct circ_params_response_st circ_params_response_t; +/** Return a newly allocated circ_params_request with all elements set + * to zero. + */ +circ_params_request_t *circ_params_request_new(void); +/** Release all storage held by the circ_params_request in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void circ_params_request_free(circ_params_request_t *victim); +/** Try to parse a circ_params_request from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated circ_params_request_t. On failure, return -2 if the input + * appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t circ_params_request_parse(circ_params_request_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * circ_params_request in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t circ_params_request_encoded_len(const circ_params_request_t *obj); +/** Try to encode the circ_params_request from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t circ_params_request_encode(uint8_t *output, size_t avail, const circ_params_request_t *input); +/** Check whether the internal state of the circ_params_request in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *circ_params_request_check(const circ_params_request_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int circ_params_request_clear_errors(circ_params_request_t *obj); +/** Return the value of the version field of the circ_params_request_t + * in 'inp' + */ +uint8_t circ_params_request_get_version(const circ_params_request_t *inp); +/** Set the value of the version field of the circ_params_request_t in + * 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int circ_params_request_set_version(circ_params_request_t *inp, uint8_t val); +/** Return the value of the cc_supported field of the + * circ_params_request_t in 'inp' + */ +uint8_t circ_params_request_get_cc_supported(const circ_params_request_t *inp); +/** Set the value of the cc_supported field of the + * circ_params_request_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int circ_params_request_set_cc_supported(circ_params_request_t *inp, uint8_t val); +/** Return a newly allocated circ_params_response with all elements + * set to zero. + */ +circ_params_response_t *circ_params_response_new(void); +/** Release all storage held by the circ_params_response in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void circ_params_response_free(circ_params_response_t *victim); +/** Try to parse a circ_params_response from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated circ_params_response_t. On failure, return -2 if the + * input appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t circ_params_response_parse(circ_params_response_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * circ_params_response in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t circ_params_response_encoded_len(const circ_params_response_t *obj); +/** Try to encode the circ_params_response from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t circ_params_response_encode(uint8_t *output, size_t avail, const circ_params_response_t *input); +/** Check whether the internal state of the circ_params_response in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *circ_params_response_check(const circ_params_response_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int circ_params_response_clear_errors(circ_params_response_t *obj); +/** Return the value of the version field of the + * circ_params_response_t in 'inp' + */ +uint8_t circ_params_response_get_version(const circ_params_response_t *inp); +/** Set the value of the version field of the circ_params_response_t + * in 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int circ_params_response_set_version(circ_params_response_t *inp, uint8_t val); +/** Return the value of the cc_enabled field of the + * circ_params_response_t in 'inp' + */ +uint8_t circ_params_response_get_cc_enabled(const circ_params_response_t *inp); +/** Set the value of the cc_enabled field of the + * circ_params_response_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int circ_params_response_set_cc_enabled(circ_params_response_t *inp, uint8_t val); +/** Return the value of the sendme_inc_cells field of the + * circ_params_response_t in 'inp' + */ +uint8_t circ_params_response_get_sendme_inc_cells(const circ_params_response_t *inp); +/** Set the value of the sendme_inc_cells field of the + * circ_params_response_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int circ_params_response_set_sendme_inc_cells(circ_params_response_t *inp, uint8_t val); + + +#endif diff --git a/src/trunnel/circ_params.trunnel b/src/trunnel/circ_params.trunnel new file mode 100644 index 0000000000..74f84b05ff --- /dev/null +++ b/src/trunnel/circ_params.trunnel @@ -0,0 +1,25 @@ +/* This file contains the definition for the encrypted payload of + * a circuit parameter negotiation request/response portion of the + * ntorv3 onionskin handshake. Currently only supports congestion + * control params. */ + +/* Param definitions */ +struct circ_params_request { + /* Version */ + u8 version IN [0]; + + /* Is cc supported or not? */ + u8 cc_supported IN [0, 1]; +} + +/* Param definitions */ +struct circ_params_response { + /* Version */ + u8 version IN [0]; + + /* Is cc supported or not? */ + u8 cc_enabled IN [0, 1]; + + /* How many cells does a SENDME ack? */ + u8 sendme_inc_cells; +} diff --git a/src/trunnel/include.am b/src/trunnel/include.am index 00a96536f1..d551af83bd 100644 --- a/src/trunnel/include.am +++ b/src/trunnel/include.am @@ -13,6 +13,7 @@ TRUNNELINPUTS = \ src/trunnel/channelpadding_negotiation.trunnel \ src/trunnel/sendme_cell.trunnel \ src/trunnel/flow_control_cells.trunnel \ + src/trunnel/circ_params.trunnel \ src/trunnel/socks5.trunnel \ src/trunnel/circpad_negotiation.trunnel @@ -28,6 +29,7 @@ TRUNNELSOURCES = \ src/trunnel/channelpadding_negotiation.c \ src/trunnel/sendme_cell.c \ src/trunnel/flow_control_cells.c \ + src/trunnel/circ_params.c \ src/trunnel/socks5.c \ src/trunnel/netinfo.c \ src/trunnel/circpad_negotiation.c @@ -46,6 +48,7 @@ TRUNNELHEADERS = \ src/trunnel/channelpadding_negotiation.h \ src/trunnel/sendme_cell.h \ src/trunnel/flow_control_cells.h \ + src/trunnel/circ_params.h \ src/trunnel/socks5.h \ src/trunnel/netinfo.h \ src/trunnel/circpad_negotiation.h -- cgit v1.2.3-54-g00ecf