/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2020, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
* \file microdesc_parse.c
* \brief Code to parse and validate microdescriptors.
**/
#include "core/or/or.h"
#include "app/config/config.h"
#include "core/or/policies.h"
#include "feature/dirparse/microdesc_parse.h"
#include "feature/dirparse/parsecommon.h"
#include "feature/dirparse/routerparse.h"
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/nickname.h"
#include "feature/nodelist/nodefamily.h"
#include "feature/relay/router.h"
#include "lib/crypt_ops/crypto_curve25519.h"
#include "lib/crypt_ops/crypto_ed25519.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/memarea/memarea.h"
#include "feature/nodelist/microdesc_st.h"
/** List of tokens recognized in microdescriptors */
// clang-format off
static token_rule_t microdesc_token_table[] = {
T1_START("onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024),
T01("ntor-onion-key", K_ONION_KEY_NTOR, GE(1), NO_OBJ ),
T0N("id", K_ID, GE(2), NO_OBJ ),
T0N("a", K_A, GE(1), NO_OBJ ),
T01("family", K_FAMILY, CONCAT_ARGS, NO_OBJ ),
T01("p", K_P, CONCAT_ARGS, NO_OBJ ),
T01("p6", K_P6, CONCAT_ARGS, NO_OBJ ),
A01("@last-listed", A_LAST_LISTED, CONCAT_ARGS, NO_OBJ ),
END_OF_TABLE
};
// clang-format on
/** Assuming that s starts with a microdesc, return the start of the
* *NEXT* one. Return NULL on "not found." */
static const char *
find_start_of_next_microdesc(const char *s, const char *eos)
{
int started_with_annotations;
s = eat_whitespace_eos(s, eos);
if (!s)
return NULL;
#define CHECK_LENGTH() STMT_BEGIN \
if (eos - s < 32) \
return NULL; \
STMT_END
#define NEXT_LINE() STMT_BEGIN \
s = memchr(s, '\n', eos-s); \
if (!s || eos - s <= 1) \
return NULL; \
s++; \
STMT_END
CHECK_LENGTH();
started_with_annotations = (*s == '@');
if (started_with_annotations) {
/* Start by advancing to the first non-annotation line. */
while (*s == '@')
NEXT_LINE();
}
CHECK_LENGTH();
/* Now we should be pointed at an onion-key line. If we are, then skip
* it. */
if (!strcmpstart(s, "onion-key"))
NEXT_LINE();
/* Okay, now we're pointed at the first line of the microdescriptor which is
not an annotation or onion-key. The next line that _is_ an annotation or
onion-key is the start of the next microdescriptor. */
while (eos - s > 32) {
if (*s == '@' || !strcmpstart(s, "onion-key"))
return s;
NEXT_LINE();
}
return NULL;
#undef CHECK_LENGTH
#undef NEXT_LINE
}
static inline int
policy_is_reject_star_or_null(struct short_policy_t *policy)
{
return !policy || short_policy_is_reject_star(policy);
}
/**
* Return a human-readable description of a given saved_location_t.
* Never returns NULL.
**/
static const char *
saved_location_to_string(saved_location_t where)
{
const char *location;
switch (where) {
case SAVED_NOWHERE:
location = "download or generated string";
break;
case SAVED_IN_CACHE:
location = "cache";
break;
case SAVED_IN_JOURNAL:
location = "journal";
break;
default:
location = "unknown location";
break;
}
return location;
}
/**
* Given a microdescriptor stored in where which starts at s,
* which ends at start_of_next_microdescriptor, and which is located
* within a larger document beginning at start: Fill in the body,
* bodylen, bodylen, saved_location, off, and digest fields of md as
* appropriate.
*
* The body field will be an alias within s if saved_location
* is SAVED_IN_CACHE, and will be copied into body and nul-terminated
* otherwise.
**/
static int
microdesc_extract_body(microdesc_t *md,
const char *start,
const char *s, const char *start_of_next_microdesc,
saved_location_t where)
{
const bool copy_body = (where != SAVED_IN_CACHE);
const char *cp = tor_memstr(s, start_of_next_microdesc-s, "onion-key");
const bool no_onion_key = (cp == NULL);
if (no_onion_key) {
cp = s; /* So that we have *some* junk to put in the body */
}
md->bodylen = start_of_next_microdesc - cp;
md->saved_location = where;
if (copy_body)
md->body = tor_memdup_nulterm(cp, md->bodylen);
else
md->body = (char*)cp;
md->off = cp - start;
crypto_digest256(md->digest, md->body, md->bodylen, DIGEST_SHA256);
return no_onion_key ? -1 : 0;
}
/**
* Parse a microdescriptor which begins at s and ends at
* start_of_next_microdesc. Store its fields into md. Use
* where for generating log information. If allow_annotations
* is true, then one or more annotations may precede the microdescriptor body
* proper. Use area for memory management, clearing it when done.
*
* On success, return 0; otherwise return -1.
**/
static int
microdesc_parse_fields(microdesc_t *md,
memarea_t *area,
const char *s, const char *start_of_next_microdesc,
int allow_annotations,
saved_location_t where)
{
smartlist_t *tokens = smartlist_new();
int rv = -1;
int flags = allow_annotations ? TS_ANNOTATIONS_OK : 0;
directory_token_t *tok;
if (tokenize_string(area, s, start_of_next_microdesc, tokens,
microdesc_token_table, flags)) {
log_warn(LD_DIR, "Unparseable microdescriptor found in %s",
saved_location_to_string(where));
goto err;
}
if ((tok = find_opt_by_keyword(tokens, A_LAST_LISTED))) {
if (parse_iso_time(tok->args[0], &md->last_listed)) {
log_warn(LD_DIR, "Bad last-listed time in microdescriptor");
goto err;
}
}
tok = find_by_keyword(tokens, K_ONION_KEY);
if (!crypto_pk_public_exponent_ok(tok->key)) {
log_warn(LD_DIR,
"Relay's onion key had invalid exponent.");
goto err;
}
md->onion_pkey = tor_memdup(tok->object_body, tok->object_size);
md->onion_pkey_len = tok->object_size;
crypto_pk_free(tok->key);
if ((tok = find_opt_by_keyword(tokens, K_ONION_KEY_NTOR))) {
curve25519_public_key_t k;
tor_assert(tok->n_args >= 1);
if (curve25519_public_from_base64(&k, tok->args[0]) < 0) {
log_warn(LD_DIR, "Bogus ntor-onion-key in microdesc");
goto err;
}
md->onion_curve25519_pkey =
tor_memdup(&k, sizeof(curve25519_public_key_t));
}
smartlist_t *id_lines = find_all_by_keyword(tokens, K_ID);
if (id_lines) {
SMARTLIST_FOREACH_BEGIN(id_lines, directory_token_t *, t) {
tor_assert(t->n_args >= 2);
if (!strcmp(t->args[0], "ed25519")) {
if (md->ed25519_identity_pkey) {
log_warn(LD_DIR, "Extra ed25519 key in microdesc");
smartlist_free(id_lines);
goto err;
}
ed25519_public_key_t k;
if (ed25519_public_from_base64(&k, t->args[1])<0) {
log_warn(LD_DIR, "Bogus ed25519 key in microdesc");
smartlist_free(id_lines);
goto err;
}
md->ed25519_identity_pkey = tor_memdup(&k, sizeof(k));
}
} SMARTLIST_FOREACH_END(t);
smartlist_free(id_lines);
}
{
smartlist_t *a_lines = find_all_by_keyword(tokens, K_A);
if (a_lines) {
find_single_ipv6_orport(a_lines, &md->ipv6_addr, &md->ipv6_orport);
smartlist_free(a_lines);
}
}
if ((tok = find_opt_by_keyword(tokens, K_FAMILY))) {
md->family = nodefamily_parse(tok->args[0],
NULL,
NF_WARN_MALFORMED);
}
if ((tok = find_opt_by_keyword(tokens, K_P))) {
md->exit_policy = parse_short_policy(tok->args[0]);
}
if ((tok = find_opt_by_keyword(tokens, K_P6))) {
md->ipv6_exit_policy = parse_short_policy(tok->args[0]);
}
if (policy_is_reject_star_or_null(md->exit_policy) &&
policy_is_reject_star_or_null(md->ipv6_exit_policy)) {
md->policy_is_reject_star = 1;
}
rv = 0;
err:
SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
memarea_clear(area);
smartlist_free(tokens);
return rv;
}
/** Parse as many microdescriptors as are found from the string starting at
* s and ending at eos. If allow_annotations is set, read any
* annotations we recognize and ignore ones we don't.
*
* If saved_location isn't SAVED_IN_CACHE, make a local copy of each
* descriptor in the body field of each microdesc_t.
*
* Return all newly parsed microdescriptors in a newly allocated
* smartlist_t. If invalid_disgests_out is provided, add a SHA256
* microdesc digest to it for every microdesc that we found to be badly
* formed. (This may cause duplicates) */
smartlist_t *
microdescs_parse_from_string(const char *s, const char *eos,
int allow_annotations,
saved_location_t where,
smartlist_t *invalid_digests_out)
{
smartlist_t *result;
microdesc_t *md = NULL;
memarea_t *area;
const char *start = s;
const char *start_of_next_microdesc;
if (!eos)
eos = s + strlen(s);
s = eat_whitespace_eos(s, eos);
area = memarea_new();
result = smartlist_new();
while (s < eos) {
bool okay = false;
start_of_next_microdesc = find_start_of_next_microdesc(s, eos);
if (!start_of_next_microdesc)
start_of_next_microdesc = eos;
md = tor_malloc_zero(sizeof(microdesc_t));
uint8_t md_digest[DIGEST256_LEN];
{
const bool body_not_found =
microdesc_extract_body(md, start, s,
start_of_next_microdesc,
where) < 0;
memcpy(md_digest, md->digest, DIGEST256_LEN);
if (body_not_found) {
log_fn(LOG_PROTOCOL_WARN, LD_DIR, "Malformed or truncated descriptor");
goto next;
}
}
if (microdesc_parse_fields(md, area, s, start_of_next_microdesc,
allow_annotations, where) == 0) {
smartlist_add(result, md);
md = NULL; // prevent free
okay = true;
}
next:
if (! okay && invalid_digests_out) {
smartlist_add(invalid_digests_out,
tor_memdup(md_digest, DIGEST256_LEN));
}
microdesc_free(md);
md = NULL;
s = start_of_next_microdesc;
}
memarea_drop_all(area);
return result;
}