1 /* Copyright 2004-2006 Roger Dingledine, Nick Mathewson. */
2 /* See LICENSE for licensing information */
4 const char rendcommon_c_id
[] =
9 * \brief Rendezvous implementation: shared code between
10 * introducers, services, clients, and rendezvous points.
15 /** Return 0 if one and two are the same service ids, else -1 or 1 */
17 rend_cmp_service_ids(const char *one
, const char *two
)
19 return strcasecmp(one
,two
);
22 /** Free the storage held by the service descriptor <b>desc</b>.
25 rend_service_descriptor_free(rend_service_descriptor_t
*desc
)
29 crypto_free_pk_env(desc
->pk
);
30 if (desc
->intro_points
) {
31 for (i
=0; i
< desc
->n_intro_points
; ++i
) {
32 tor_free(desc
->intro_points
[i
]);
34 tor_free(desc
->intro_points
);
36 if (desc
->intro_point_extend_info
) {
37 for (i
=0; i
< desc
->n_intro_points
; ++i
) {
38 if (desc
->intro_point_extend_info
[i
])
39 extend_info_free(desc
->intro_point_extend_info
[i
]);
41 tor_free(desc
->intro_point_extend_info
);
46 /** Encode a service descriptor for <b>desc</b>, and sign it with
47 * <b>key</b>. Store the descriptor in *<b>str_out</b>, and set
48 * *<b>len_out</b> to its length.
51 rend_encode_service_descriptor(rend_service_descriptor_t
*desc
,
54 char **str_out
, size_t *len_out
)
60 size_t buflen
= PK_BYTES
*2*(desc
->n_intro_points
+2);/*Too long, but ok*/
61 cp
= *str_out
= tor_malloc(buflen
);
62 end
= cp
+ PK_BYTES
*2*(desc
->n_intro_points
+1);
64 *(uint8_t*)cp
= (uint8_t)0xff;
65 *(uint8_t*)(cp
+1) = (uint8_t)version
;
68 asn1len
= crypto_pk_asn1_encode(desc
->pk
, cp
+2, end
-(cp
+2));
69 set_uint16(cp
, htons((uint16_t)asn1len
));
71 set_uint32(cp
, htonl((uint32_t)desc
->timestamp
));
74 set_uint16(cp
, htons(desc
->protocols
));
77 set_uint16(cp
, htons((uint16_t)desc
->n_intro_points
));
80 for (i
=0; i
< desc
->n_intro_points
; ++i
) {
81 char *ipoint
= (char*)desc
->intro_points
[i
];
82 strlcpy(cp
, ipoint
, buflen
-(cp
-*str_out
));
83 cp
+= strlen(ipoint
)+1;
86 if (desc
->n_intro_points
)
87 tor_assert(desc
->intro_point_extend_info
);
88 for (i
=0; i
< desc
->n_intro_points
; ++i
) {
89 extend_info_t
*info
= desc
->intro_point_extend_info
[i
];
91 set_uint32(cp
, htonl(info
->addr
));
92 set_uint16(cp
+4, htons(info
->port
));
93 memcpy(cp
+6, info
->identity_digest
, DIGEST_LEN
);
94 klen
= crypto_pk_asn1_encode(info
->onion_key
, cp
+6+DIGEST_LEN
+2,
95 (end
-(cp
+6+DIGEST_LEN
+2)));
96 set_uint16(cp
+6+DIGEST_LEN
, htons((uint16_t)klen
));
97 cp
+= 6+DIGEST_LEN
+2+klen
;
100 note_crypto_pk_op(REND_SERVER
);
101 i
= crypto_pk_private_sign_digest(key
, cp
, *str_out
, cp
-*str_out
);
107 *len_out
= (size_t)(cp
-*str_out
);
111 /** Parse a service descriptor at <b>str</b> (<b>len</b> bytes). On
112 * success, return a newly alloced service_descriptor_t. On failure,
115 rend_service_descriptor_t
*
116 rend_parse_service_descriptor(const char *str
, size_t len
)
118 rend_service_descriptor_t
*result
= NULL
;
120 size_t keylen
, asn1len
;
121 const char *end
, *cp
, *eos
;
124 result
= tor_malloc_zero(sizeof(rend_service_descriptor_t
));
127 if (end
-cp
<2) goto truncated
;
128 if (*(uint8_t*)cp
== 0xff) {
129 result
->version
= version
= *(uint8_t*)(cp
+1);
132 result
->version
= version
= 0;
134 if (end
-cp
< 2) goto truncated
;
135 asn1len
= ntohs(get_uint16(cp
));
137 if ((size_t)(end
-cp
) < asn1len
) goto truncated
;
138 result
->pk
= crypto_pk_asn1_decode(cp
, asn1len
);
139 if (!result
->pk
) goto truncated
;
141 if (end
-cp
< 4) goto truncated
;
142 result
->timestamp
= (time_t) ntohl(get_uint32(cp
));
145 if (end
-cp
< 2) goto truncated
;
146 result
->protocols
= ntohs(get_uint16(cp
));
149 result
->protocols
= 1;
151 if (end
-cp
< 2) goto truncated
;
152 result
->n_intro_points
= ntohs(get_uint16(cp
));
155 if (version
== 0 && result
->n_intro_points
!= 0) {
156 result
->intro_points
=
157 tor_malloc_zero(sizeof(char*)*result
->n_intro_points
);
158 for (i
=0;i
<result
->n_intro_points
;++i
) {
159 if (end
-cp
< 2) goto truncated
;
160 eos
= (const char *)memchr(cp
,'\0',end
-cp
);
161 if (!eos
) goto truncated
;
162 result
->intro_points
[i
] = tor_strdup(cp
);
165 } else if (version
!= 0 && result
->n_intro_points
!= 0) {
166 result
->intro_point_extend_info
=
167 tor_malloc_zero(sizeof(extend_info_t
*)*result
->n_intro_points
);
168 result
->intro_points
=
169 tor_malloc_zero(sizeof(char*)*result
->n_intro_points
);
170 for (i
=0;i
<result
->n_intro_points
;++i
) {
171 extend_info_t
*info
= result
->intro_point_extend_info
[i
] =
172 tor_malloc_zero(sizeof(extend_info_t
));
174 if (end
-cp
< 8+DIGEST_LEN
) goto truncated
;
175 info
->addr
= ntohl(get_uint32(cp
));
176 info
->port
= ntohs(get_uint16(cp
+4));
177 memcpy(info
->identity_digest
, cp
+6, DIGEST_LEN
);
178 info
->nickname
[0] = '$';
179 base16_encode(info
->nickname
+1, sizeof(info
->nickname
)-1,
180 info
->identity_digest
, DIGEST_LEN
);
181 result
->intro_points
[i
] = tor_strdup(info
->nickname
);
182 klen
= ntohs(get_uint16(cp
+6+DIGEST_LEN
));
184 if (end
-cp
< klen
) goto truncated
;
185 if (!(info
->onion_key
= crypto_pk_asn1_decode(cp
,klen
))) {
186 log_warn(LD_PROTOCOL
,
187 "Internal error decoding onion key for intro point.");
193 keylen
= crypto_pk_keysize(result
->pk
);
194 tor_assert(end
-cp
>= 0);
195 if ((size_t)(end
-cp
) < keylen
) goto truncated
;
196 if ((size_t)(end
-cp
) > keylen
) {
197 log_warn(LD_PROTOCOL
,
198 "Signature is %d bytes too long on service descriptor.",
199 (int)((size_t)(end
-cp
) - keylen
));
202 note_crypto_pk_op(REND_CLIENT
);
203 if (crypto_pk_public_checksig_digest(result
->pk
,
204 (char*)str
,cp
-str
, /* data */
205 (char*)cp
,end
-cp
/* signature*/
207 log_warn(LD_PROTOCOL
, "Bad signature on service descriptor.");
213 log_warn(LD_PROTOCOL
, "Truncated service descriptor.");
215 rend_service_descriptor_free(result
);
219 /** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
220 * base32 encoded. NUL-terminates out. (We use this string to
221 * identify services in directory requests and .onion URLs.)
224 rend_get_service_id(crypto_pk_env_t
*pk
, char *out
)
226 char buf
[DIGEST_LEN
];
228 if (crypto_pk_get_digest(pk
, buf
) < 0)
230 base32_encode(out
, REND_SERVICE_ID_LEN
+1, buf
, 10);
234 /* ==== Rendezvous service descriptor cache. */
236 /** How old do we let hidden service descriptors get discarding them as too
238 #define REND_CACHE_MAX_AGE (2*24*60*60)
239 /** How wrong do we assume our clock may be when checking whether hidden
240 * services are too old or too new? */
241 #define REND_CACHE_MAX_SKEW (24*60*60)
243 /** Map from service id (as generated by rend_get_service_id) to
244 * rend_cache_entry_t. */
245 static strmap_t
*rend_cache
= NULL
;
247 /** Initializes the service descriptor cache.
250 rend_cache_init(void)
252 rend_cache
= strmap_new();
255 /** Helper: free storage held by a single service descriptor cache entry. */
257 _rend_cache_entry_free(void *p
)
259 rend_cache_entry_t
*e
= p
;
260 rend_service_descriptor_free(e
->parsed
);
265 /** Free all storage held by the service descriptor cache. */
267 rend_cache_free_all(void)
269 strmap_free(rend_cache
, _rend_cache_entry_free
);
273 /** Removes all old entries from the service descriptor cache.
276 rend_cache_clean(void)
281 rend_cache_entry_t
*ent
;
283 cutoff
= time(NULL
) - REND_CACHE_MAX_AGE
- REND_CACHE_MAX_SKEW
;
284 for (iter
= strmap_iter_init(rend_cache
); !strmap_iter_done(iter
); ) {
285 strmap_iter_get(iter
, &key
, &val
);
286 ent
= (rend_cache_entry_t
*)val
;
287 if (ent
->parsed
->timestamp
< cutoff
) {
288 iter
= strmap_iter_next_rmv(rend_cache
, iter
);
289 _rend_cache_entry_free(ent
);
291 iter
= strmap_iter_next(rend_cache
, iter
);
296 /** Return true iff <b>query</b> is a syntactically valid service ID (as
297 * generated by rend_get_service_id). */
299 rend_valid_service_id(const char *query
)
301 if (strlen(query
) != REND_SERVICE_ID_LEN
)
304 if (strspn(query
, BASE32_CHARS
) != REND_SERVICE_ID_LEN
)
310 /** If we have a cached rend_cache_entry_t for the service ID <b>query</b>,
311 * set *<b>e</b> to that entry and return 1. Else return 0. If
312 * <b>version</b> is nonnegative, only return an entry in that descriptor
313 * format version. Otherwise (if <b>version</b> is negative), return the most
314 * recent format we have.
317 rend_cache_lookup_entry(const char *query
, int version
, rend_cache_entry_t
**e
)
319 char key
[REND_SERVICE_ID_LEN
+2]; /* 1<query>\0 or 0<query>\0 */
320 tor_assert(rend_cache
);
321 if (!rend_valid_service_id(query
))
325 tor_snprintf(key
, sizeof(key
), "1%s", query
);
326 *e
= strmap_get_lc(rend_cache
, key
);
328 if (!*e
&& version
!= 1) {
329 tor_snprintf(key
, sizeof(key
), "0%s", query
);
330 *e
= strmap_get_lc(rend_cache
, key
);
337 /** <b>query</b> is a base-32'ed service id. If it's malformed, return -1.
339 * - If it is found, point *desc to it, and write its length into
340 * *desc_len, and return 1.
341 * - If it is not found, return 0.
342 * Note: calls to rend_cache_clean or rend_cache_store may invalidate
346 rend_cache_lookup_desc(const char *query
, int version
, const char **desc
,
349 rend_cache_entry_t
*e
;
351 r
= rend_cache_lookup_entry(query
,version
,&e
);
352 if (r
<= 0) return r
;
358 /** Parse *desc, calculate its service id, and store it in the cache.
359 * If we have a newer descriptor with the same ID, ignore this one.
360 * If we have an older descriptor with the same ID, replace it.
361 * Return -1 if it's malformed or otherwise rejected; return 0 if
362 * it's the same or older than one we've already got; return 1 if
366 rend_cache_store(const char *desc
, size_t desc_len
)
368 rend_cache_entry_t
*e
;
369 rend_service_descriptor_t
*parsed
;
370 char query
[REND_SERVICE_ID_LEN
+1];
371 char key
[REND_SERVICE_ID_LEN
+2]; /* 1<query>\0 or 0<query>\0 */
374 tor_assert(rend_cache
);
375 parsed
= rend_parse_service_descriptor(desc
,desc_len
);
377 log_warn(LD_PROTOCOL
,"Couldn't parse service descriptor.");
380 if (rend_get_service_id(parsed
->pk
, query
)<0) {
381 log_warn(LD_BUG
,"Couldn't compute service ID.");
382 rend_service_descriptor_free(parsed
);
385 tor_snprintf(key
, sizeof(key
), "%c%s", parsed
->version
?'1':'0', query
);
387 if (parsed
->timestamp
< now
-REND_CACHE_MAX_AGE
-REND_CACHE_MAX_SKEW
) {
388 log_fn(LOG_PROTOCOL_WARN
, LD_REND
,
389 "Service descriptor %s is too old.", safe_str(query
));
390 rend_service_descriptor_free(parsed
);
393 if (parsed
->timestamp
> now
+REND_CACHE_MAX_SKEW
) {
394 log_fn(LOG_PROTOCOL_WARN
, LD_REND
,
395 "Service descriptor %s is too far in the future.", safe_str(query
));
396 rend_service_descriptor_free(parsed
);
399 e
= (rend_cache_entry_t
*) strmap_get_lc(rend_cache
, key
);
400 if (e
&& e
->parsed
->timestamp
> parsed
->timestamp
) {
401 log_info(LD_REND
,"We already have a newer service descriptor %s with the "
402 "same ID and version.", safe_str(query
));
403 rend_service_descriptor_free(parsed
);
406 if (e
&& e
->len
== desc_len
&& !memcmp(desc
,e
->desc
,desc_len
)) {
407 log_info(LD_REND
,"We already have this service descriptor %s.",
409 e
->received
= time(NULL
);
410 rend_service_descriptor_free(parsed
);
414 e
= tor_malloc_zero(sizeof(rend_cache_entry_t
));
415 strmap_set_lc(rend_cache
, key
, e
);
417 rend_service_descriptor_free(e
->parsed
);
420 e
->received
= time(NULL
);
423 e
->desc
= tor_malloc(desc_len
);
424 memcpy(e
->desc
, desc
, desc_len
);
426 log_debug(LD_REND
,"Successfully stored rend desc '%s', len %d.",
427 safe_str(query
), (int)desc_len
);
431 /** Called when we get a rendezvous-related relay cell on circuit
432 * <b>circ</b>. Dispatch on rendezvous relay command. */
434 rend_process_relay_cell(circuit_t
*circ
, int command
, size_t length
,
437 or_circuit_t
*or_circ
= NULL
;
438 origin_circuit_t
*origin_circ
= NULL
;
440 if (CIRCUIT_IS_ORIGIN(circ
))
441 origin_circ
= TO_ORIGIN_CIRCUIT(circ
);
443 or_circ
= TO_OR_CIRCUIT(circ
);
446 case RELAY_COMMAND_ESTABLISH_INTRO
:
447 r
= rend_mid_establish_intro(or_circ
,payload
,length
);
449 case RELAY_COMMAND_ESTABLISH_RENDEZVOUS
:
450 r
= rend_mid_establish_rendezvous(or_circ
,payload
,length
);
452 case RELAY_COMMAND_INTRODUCE1
:
453 r
= rend_mid_introduce(or_circ
,payload
,length
);
455 case RELAY_COMMAND_INTRODUCE2
:
456 r
= rend_service_introduce(origin_circ
,payload
,length
);
458 case RELAY_COMMAND_INTRODUCE_ACK
:
459 r
= rend_client_introduction_acked(origin_circ
,payload
,length
);
461 case RELAY_COMMAND_RENDEZVOUS1
:
462 r
= rend_mid_rendezvous(or_circ
,payload
,length
);
464 case RELAY_COMMAND_RENDEZVOUS2
:
465 r
= rend_client_receive_rendezvous(origin_circ
,payload
,length
);
467 case RELAY_COMMAND_INTRO_ESTABLISHED
:
468 r
= rend_service_intro_established(origin_circ
,payload
,length
);
470 case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED
:
471 r
= rend_client_rendezvous_acked(origin_circ
,payload
,length
);