search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix an assert error introduced in 0.1.2.5-alpha: if a single TLS
[tor.git] / src / or / rendcommon.c
blob2ecc2c3513b08334d86f08810751253dfe943911
1 /* Copyright 2004-2006 Roger Dingledine, Nick Mathewson. */
2 /* See LICENSE for licensing information */
3 /* $Id$ */
4 const char rendcommon_c_id[] =
5 "$Id$";
6
7 /**
8 * \file rendcommon.c
9 * \brief Rendezvous implementation: shared code between
10 * introducers, services, clients, and rendezvous points.
11 **/
12
13 #include "or.h"
14
15 /** Return 0 if one and two are the same service ids, else -1 or 1 */
16 int
17 rend_cmp_service_ids(const char *one, const char *two)
18 {
19 return strcasecmp(one,two);
20 }
21
22 /** Free the storage held by the service descriptor <b>desc</b>.
23 */
24 void
25 rend_service_descriptor_free(rend_service_descriptor_t *desc)
26 {
27 int i;
28 if (desc->pk)
29 crypto_free_pk_env(desc->pk);
30 if (desc->intro_points) {
31 for (i=0; i < desc->n_intro_points; ++i) {
32 tor_free(desc->intro_points[i]);
33 }
34 tor_free(desc->intro_points);
35 }
36 if (desc->intro_point_extend_info) {
37 for (i=0; i < desc->n_intro_points; ++i) {
38 if (desc->intro_point_extend_info[i])
39 extend_info_free(desc->intro_point_extend_info[i]);
40 }
41 tor_free(desc->intro_point_extend_info);
42 }
43 tor_free(desc);
44 }
45
46 /** Encode a service descriptor for <b>desc</b>, and sign it with
47 * <b>key</b>. Store the descriptor in *<b>str_out</b>, and set
48 * *<b>len_out</b> to its length.
49 */
50 int
51 rend_encode_service_descriptor(rend_service_descriptor_t *desc,
52 int version,
53 crypto_pk_env_t *key,
54 char **str_out, size_t *len_out)
55 {
56 char *cp;
57 char *end;
58 int i;
59 size_t asn1len;
60 size_t buflen = PK_BYTES*2*(desc->n_intro_points+2);/*Too long, but ok*/
61 cp = *str_out = tor_malloc(buflen);
62 end = cp + PK_BYTES*2*(desc->n_intro_points+1);
63 if (version) {
64 *(uint8_t*)cp = (uint8_t)0xff;
65 *(uint8_t*)(cp+1) = (uint8_t)version;
66 cp += 2;
67 }
68 asn1len = crypto_pk_asn1_encode(desc->pk, cp+2, end-(cp+2));
69 set_uint16(cp, htons((uint16_t)asn1len));
70 cp += 2+asn1len;
71 set_uint32(cp, htonl((uint32_t)desc->timestamp));
72 cp += 4;
73 if (version == 1) {
74 set_uint16(cp, htons(desc->protocols));
75 cp += 2;
76 }
77 set_uint16(cp, htons((uint16_t)desc->n_intro_points));
78 cp += 2;
79 if (version == 0) {
80 for (i=0; i < desc->n_intro_points; ++i) {
81 char *ipoint = (char*)desc->intro_points[i];
82 strlcpy(cp, ipoint, buflen-(cp-*str_out));
83 cp += strlen(ipoint)+1;
84 }
85 } else {
86 if (desc->n_intro_points)
87 tor_assert(desc->intro_point_extend_info);
88 for (i=0; i < desc->n_intro_points; ++i) {
89 extend_info_t *info = desc->intro_point_extend_info[i];
90 int klen;
91 set_uint32(cp, htonl(info->addr));
92 set_uint16(cp+4, htons(info->port));
93 memcpy(cp+6, info->identity_digest, DIGEST_LEN);
94 klen = crypto_pk_asn1_encode(info->onion_key, cp+6+DIGEST_LEN+2,
95 (end-(cp+6+DIGEST_LEN+2)));
96 set_uint16(cp+6+DIGEST_LEN, htons((uint16_t)klen));
97 cp += 6+DIGEST_LEN+2+klen;
98 }
99 }
100 note_crypto_pk_op(REND_SERVER);
101 i = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
102 if (i<0) {
103 tor_free(*str_out);
104 return -1;
105 }
106 cp += i;
107 *len_out = (size_t)(cp-*str_out);
108 return 0;
109 }
110
111 /** Parse a service descriptor at <b>str</b> (<b>len</b> bytes). On
112 * success, return a newly alloced service_descriptor_t. On failure,
113 * return NULL.
114 */
115 rend_service_descriptor_t *
116 rend_parse_service_descriptor(const char *str, size_t len)
117 {
118 rend_service_descriptor_t *result = NULL;
119 int i;
120 size_t keylen, asn1len;
121 const char *end, *cp, *eos;
122 int version = 0;
123
124 result = tor_malloc_zero(sizeof(rend_service_descriptor_t));
125 cp = str;
126 end = str+len;
127 if (end-cp<2) goto truncated;
128 if (*(uint8_t*)cp == 0xff) {
129 result->version = version = *(uint8_t*)(cp+1);
130 cp += 2;
131 } else {
132 result->version = version = 0;
133 }
134 if (end-cp < 2) goto truncated;
135 asn1len = ntohs(get_uint16(cp));
136 cp += 2;
137 if ((size_t)(end-cp) < asn1len) goto truncated;
138 result->pk = crypto_pk_asn1_decode(cp, asn1len);
139 if (!result->pk) goto truncated;
140 cp += asn1len;
141 if (end-cp < 4) goto truncated;
142 result->timestamp = (time_t) ntohl(get_uint32(cp));
143 cp += 4;
144 if (version == 1) {
145 if (end-cp < 2) goto truncated;
146 result->protocols = ntohs(get_uint16(cp));
147 cp += 2;
148 } else {
149 result->protocols = 1;
150 }
151 if (end-cp < 2) goto truncated;
152 result->n_intro_points = ntohs(get_uint16(cp));
153 cp += 2;
154
155 if (version == 0 && result->n_intro_points != 0) {
156 result->intro_points =
157 tor_malloc_zero(sizeof(char*)*result->n_intro_points);
158 for (i=0;i<result->n_intro_points;++i) {
159 if (end-cp < 2) goto truncated;
160 eos = (const char *)memchr(cp,'\0',end-cp);
161 if (!eos) goto truncated;
162 result->intro_points[i] = tor_strdup(cp);
163 cp = eos+1;
164 }
165 } else if (version != 0 && result->n_intro_points != 0) {
166 result->intro_point_extend_info =
167 tor_malloc_zero(sizeof(extend_info_t*)*result->n_intro_points);
168 result->intro_points =
169 tor_malloc_zero(sizeof(char*)*result->n_intro_points);
170 for (i=0;i<result->n_intro_points;++i) {
171 extend_info_t *info = result->intro_point_extend_info[i] =
172 tor_malloc_zero(sizeof(extend_info_t));
173 int klen;
174 if (end-cp < 8+DIGEST_LEN) goto truncated;
175 info->addr = ntohl(get_uint32(cp));
176 info->port = ntohs(get_uint16(cp+4));
177 memcpy(info->identity_digest, cp+6, DIGEST_LEN);
178 info->nickname[0] = '$';
179 base16_encode(info->nickname+1, sizeof(info->nickname)-1,
180 info->identity_digest, DIGEST_LEN);
181 result->intro_points[i] = tor_strdup(info->nickname);
182 klen = ntohs(get_uint16(cp+6+DIGEST_LEN));
183 cp += 8+DIGEST_LEN;
184 if (end-cp < klen) goto truncated;
185 if (!(info->onion_key = crypto_pk_asn1_decode(cp,klen))) {
186 log_warn(LD_PROTOCOL,
187 "Internal error decoding onion key for intro point.");
188 goto error;
189 }
190 cp += klen;
191 }
192 }
193 keylen = crypto_pk_keysize(result->pk);
194 tor_assert(end-cp >= 0);
195 if ((size_t)(end-cp) < keylen) goto truncated;
196 if ((size_t)(end-cp) > keylen) {
197 log_warn(LD_PROTOCOL,
198 "Signature is %d bytes too long on service descriptor.",
199 (int)((size_t)(end-cp) - keylen));
200 goto error;
201 }
202 note_crypto_pk_op(REND_CLIENT);
203 if (crypto_pk_public_checksig_digest(result->pk,
204 (char*)str,cp-str, /* data */
205 (char*)cp,end-cp /* signature*/
206 )<0) {
207 log_warn(LD_PROTOCOL, "Bad signature on service descriptor.");
208 goto error;
209 }
210
211 return result;
212 truncated:
213 log_warn(LD_PROTOCOL, "Truncated service descriptor.");
214 error:
215 rend_service_descriptor_free(result);
216 return NULL;
217 }
218
219 /** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
220 * base32 encoded. NUL-terminates out. (We use this string to
221 * identify services in directory requests and .onion URLs.)
222 */
223 int
224 rend_get_service_id(crypto_pk_env_t *pk, char *out)
225 {
226 char buf[DIGEST_LEN];
227 tor_assert(pk);
228 if (crypto_pk_get_digest(pk, buf) < 0)
229 return -1;
230 base32_encode(out, REND_SERVICE_ID_LEN+1, buf, 10);
231 return 0;
232 }
233
234 /* ==== Rendezvous service descriptor cache. */
235
236 /** How old do we let hidden service descriptors get discarding them as too
237 * old? */
238 #define REND_CACHE_MAX_AGE (2*24*60*60)
239 /** How wrong do we assume our clock may be when checking whether hidden
240 * services are too old or too new? */
241 #define REND_CACHE_MAX_SKEW (24*60*60)
242
243 /** Map from service id (as generated by rend_get_service_id) to
244 * rend_cache_entry_t. */
245 static strmap_t *rend_cache = NULL;
246
247 /** Initializes the service descriptor cache.
248 */
249 void
250 rend_cache_init(void)
251 {
252 rend_cache = strmap_new();
253 }
254
255 /** Helper: free storage held by a single service descriptor cache entry. */
256 static void
257 _rend_cache_entry_free(void *p)
258 {
259 rend_cache_entry_t *e = p;
260 rend_service_descriptor_free(e->parsed);
261 tor_free(e->desc);
262 tor_free(e);
263 }
264
265 /** Free all storage held by the service descriptor cache. */
266 void
267 rend_cache_free_all(void)
268 {
269 strmap_free(rend_cache, _rend_cache_entry_free);
270 rend_cache = NULL;
271 }
272
273 /** Removes all old entries from the service descriptor cache.
274 */
275 void
276 rend_cache_clean(void)
277 {
278 strmap_iter_t *iter;
279 const char *key;
280 void *val;
281 rend_cache_entry_t *ent;
282 time_t cutoff;
283 cutoff = time(NULL) - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
284 for (iter = strmap_iter_init(rend_cache); !strmap_iter_done(iter); ) {
285 strmap_iter_get(iter, &key, &val);
286 ent = (rend_cache_entry_t*)val;
287 if (ent->parsed->timestamp < cutoff) {
288 iter = strmap_iter_next_rmv(rend_cache, iter);
289 _rend_cache_entry_free(ent);
290 } else {
291 iter = strmap_iter_next(rend_cache, iter);
292 }
293 }
294 }
295
296 /** Return true iff <b>query</b> is a syntactically valid service ID (as
297 * generated by rend_get_service_id). */
298 int
299 rend_valid_service_id(const char *query)
300 {
301 if (strlen(query) != REND_SERVICE_ID_LEN)
302 return 0;
303
304 if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN)
305 return 0;
306
307 return 1;
308 }
309
310 /** If we have a cached rend_cache_entry_t for the service ID <b>query</b>,
311 * set *<b>e</b> to that entry and return 1. Else return 0. If
312 * <b>version</b> is nonnegative, only return an entry in that descriptor
313 * format version. Otherwise (if <b>version</b> is negative), return the most
314 * recent format we have.
315 */
316 int
317 rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
318 {
319 char key[REND_SERVICE_ID_LEN+2]; /* 1<query>\0 or 0<query>\0 */
320 tor_assert(rend_cache);
321 if (!rend_valid_service_id(query))
322 return -1;
323 *e = NULL;
324 if (version != 0) {
325 tor_snprintf(key, sizeof(key), "1%s", query);
326 *e = strmap_get_lc(rend_cache, key);
327 }
328 if (!*e && version != 1) {
329 tor_snprintf(key, sizeof(key), "0%s", query);
330 *e = strmap_get_lc(rend_cache, key);
331 }
332 if (!*e)
333 return 0;
334 return 1;
335 }
336
337 /** <b>query</b> is a base-32'ed service id. If it's malformed, return -1.
338 * Else look it up.
339 * - If it is found, point *desc to it, and write its length into
340 * *desc_len, and return 1.
341 * - If it is not found, return 0.
342 * Note: calls to rend_cache_clean or rend_cache_store may invalidate
343 * *desc.
344 */
345 int
346 rend_cache_lookup_desc(const char *query, int version, const char **desc,
347 size_t *desc_len)
348 {
349 rend_cache_entry_t *e;
350 int r;
351 r = rend_cache_lookup_entry(query,version,&e);
352 if (r <= 0) return r;
353 *desc = e->desc;
354 *desc_len = e->len;
355 return 1;
356 }
357
358 /** Parse *desc, calculate its service id, and store it in the cache.
359 * If we have a newer descriptor with the same ID, ignore this one.
360 * If we have an older descriptor with the same ID, replace it.
361 * Return -1 if it's malformed or otherwise rejected; return 0 if
362 * it's the same or older than one we've already got; return 1 if
363 * it's novel.
364 */
365 int
366 rend_cache_store(const char *desc, size_t desc_len)
367 {
368 rend_cache_entry_t *e;
369 rend_service_descriptor_t *parsed;
370 char query[REND_SERVICE_ID_LEN+1];
371 char key[REND_SERVICE_ID_LEN+2]; /* 1<query>\0 or 0<query>\0 */
372 time_t now;
373
374 tor_assert(rend_cache);
375 parsed = rend_parse_service_descriptor(desc,desc_len);
376 if (!parsed) {
377 log_warn(LD_PROTOCOL,"Couldn't parse service descriptor.");
378 return -1;
379 }
380 if (rend_get_service_id(parsed->pk, query)<0) {
381 log_warn(LD_BUG,"Couldn't compute service ID.");
382 rend_service_descriptor_free(parsed);
383 return -1;
384 }
385 tor_snprintf(key, sizeof(key), "%c%s", parsed->version?'1':'0', query);
386 now = time(NULL);
387 if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
388 log_fn(LOG_PROTOCOL_WARN, LD_REND,
389 "Service descriptor %s is too old.", safe_str(query));
390 rend_service_descriptor_free(parsed);
391 return -1;
392 }
393 if (parsed->timestamp > now+REND_CACHE_MAX_SKEW) {
394 log_fn(LOG_PROTOCOL_WARN, LD_REND,
395 "Service descriptor %s is too far in the future.", safe_str(query));
396 rend_service_descriptor_free(parsed);
397 return -1;
398 }
399 e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
400 if (e && e->parsed->timestamp > parsed->timestamp) {
401 log_info(LD_REND,"We already have a newer service descriptor %s with the "
402 "same ID and version.", safe_str(query));
403 rend_service_descriptor_free(parsed);
404 return 0;
405 }
406 if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
407 log_info(LD_REND,"We already have this service descriptor %s.",
408 safe_str(query));
409 e->received = time(NULL);
410 rend_service_descriptor_free(parsed);
411 return 0;
412 }
413 if (!e) {
414 e = tor_malloc_zero(sizeof(rend_cache_entry_t));
415 strmap_set_lc(rend_cache, key, e);
416 } else {
417 rend_service_descriptor_free(e->parsed);
418 tor_free(e->desc);
419 }
420 e->received = time(NULL);
421 e->parsed = parsed;
422 e->len = desc_len;
423 e->desc = tor_malloc(desc_len);
424 memcpy(e->desc, desc, desc_len);
425
426 log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
427 safe_str(query), (int)desc_len);
428 return 1;
429 }
430
431 /** Called when we get a rendezvous-related relay cell on circuit
432 * <b>circ</b>. Dispatch on rendezvous relay command. */
433 void
434 rend_process_relay_cell(circuit_t *circ, int command, size_t length,
435 const char *payload)
436 {
437 or_circuit_t *or_circ = NULL;
438 origin_circuit_t *origin_circ = NULL;
439 int r;
440 if (CIRCUIT_IS_ORIGIN(circ))
441 origin_circ = TO_ORIGIN_CIRCUIT(circ);
442 else
443 or_circ = TO_OR_CIRCUIT(circ);
444
445 switch (command) {
446 case RELAY_COMMAND_ESTABLISH_INTRO:
447 r = rend_mid_establish_intro(or_circ,payload,length);
448 break;
449 case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
450 r = rend_mid_establish_rendezvous(or_circ,payload,length);
451 break;
452 case RELAY_COMMAND_INTRODUCE1:
453 r = rend_mid_introduce(or_circ,payload,length);
454 break;
455 case RELAY_COMMAND_INTRODUCE2:
456 r = rend_service_introduce(origin_circ,payload,length);
457 break;
458 case RELAY_COMMAND_INTRODUCE_ACK:
459 r = rend_client_introduction_acked(origin_circ,payload,length);
460 break;
461 case RELAY_COMMAND_RENDEZVOUS1:
462 r = rend_mid_rendezvous(or_circ,payload,length);
463 break;
464 case RELAY_COMMAND_RENDEZVOUS2:
465 r = rend_client_receive_rendezvous(origin_circ,payload,length);
466 break;
467 case RELAY_COMMAND_INTRO_ESTABLISHED:
468 r = rend_service_intro_established(origin_circ,payload,length);
469 break;
470 case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
471 r = rend_client_rendezvous_acked(origin_circ,payload,length);
472 break;
473 default:
474 tor_assert(0);
475 }
476
477 (void)r;
478 }
479
The Onion Router