search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
connect() on win32 can do more things than we thought?
[tor.git] / src / or / rendcommon.c
bloba899d144f046bddeedd017faaa32df5aa34c452d
1 /* Copyright 2004 Roger Dingledine, Nick Mathewson. */
2 /* See LICENSE for licensing information */
3 /* $Id$ */
4
5 /**
6 * \file rendcommon.c
7 * \brief Rendezvous implementation: shared code between
8 * introducers, services, clients, and rendezvous points.
9 **/
10
11 #include "or.h"
12
13 /** Return 0 if one and two are the same service ids, else -1 or 1 */
14 int rend_cmp_service_ids(const char *one, const char *two) {
15 return strcasecmp(one,two);
16 }
17
18 /** Free the storage held by the service descriptor <b>desc</b>.
19 */
20 void rend_service_descriptor_free(rend_service_descriptor_t *desc)
21 {
22 int i;
23 if (desc->pk)
24 crypto_free_pk_env(desc->pk);
25 if (desc->intro_points) {
26 for (i=0; i < desc->n_intro_points; ++i) {
27 tor_free(desc->intro_points[i]);
28 }
29 tor_free(desc->intro_points);
30 }
31 tor_free(desc);
32 }
33
34 /** Encode a service descriptor for <b>desc</b>, and sign it with
35 * <b>key</b>. Store the descriptor in *<b>str_out</b>, and set
36 * *<b>len_out</b> to its length.
37 */
38 int
39 rend_encode_service_descriptor(rend_service_descriptor_t *desc,
40 crypto_pk_env_t *key,
41 char **str_out, size_t *len_out)
42 {
43 char *buf, *cp, *ipoint;
44 int i;
45 size_t keylen, asn1len;
46 keylen = crypto_pk_keysize(desc->pk);
47 buf = tor_malloc(keylen*2); /* Too long, but that's okay. */
48 i = crypto_pk_asn1_encode(desc->pk, buf, keylen*2);
49 if (i<0) {
50 tor_free(buf);
51 return -1;
52 }
53 asn1len = i;
54 *len_out = 2 + asn1len + 4 + 2 + keylen;
55 for (i = 0; i < desc->n_intro_points; ++i) {
56 *len_out += strlen(desc->intro_points[i]) + 1;
57 }
58 cp = *str_out = tor_malloc(*len_out);
59 set_uint16(cp, htons((uint16_t)asn1len));
60 cp += 2;
61 memcpy(cp, buf, asn1len);
62 tor_free(buf);
63 cp += asn1len;
64 set_uint32(cp, htonl((uint32_t)desc->timestamp));
65 cp += 4;
66 set_uint16(cp, htons((uint16_t)desc->n_intro_points));
67 cp += 2;
68 for (i=0; i < desc->n_intro_points; ++i) {
69 ipoint = (char*)desc->intro_points[i];
70 strlcpy(cp, ipoint, *len_out-(cp-*str_out));
71 cp += strlen(ipoint)+1;
72 }
73 i = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
74 if (i<0) {
75 tor_free(*str_out);
76 return -1;
77 }
78 cp += i;
79 tor_assert(*len_out == (size_t)(cp-*str_out));
80 return 0;
81 }
82
83 /** Parse a service descriptor at <b>str</b> (<b>len</b> bytes). On
84 * success, return a newly alloced service_descriptor_t. On failure,
85 * return NULL.
86 */
87 rend_service_descriptor_t *rend_parse_service_descriptor(
88 const char *str, size_t len)
89 {
90 rend_service_descriptor_t *result = NULL;
91 int i;
92 size_t keylen, asn1len;
93 const char *end, *cp, *eos;
94
95 result = tor_malloc_zero(sizeof(rend_service_descriptor_t));
96 cp = str;
97 end = str+len;
98 if (end-cp < 2) goto truncated;
99 asn1len = ntohs(get_uint16(cp));
100 cp += 2;
101 if ((size_t)(end-cp) < asn1len) goto truncated;
102 result->pk = crypto_pk_asn1_decode(cp, asn1len);
103 if (!result->pk) goto truncated;
104 cp += asn1len;
105 if (end-cp < 4) goto truncated;
106 result->timestamp = (time_t) ntohl(get_uint32(cp));
107 cp += 4;
108 if (end-cp < 2) goto truncated;
109 result->n_intro_points = ntohs(get_uint16(cp));
110 result->intro_points = tor_malloc_zero(sizeof(char*)*result->n_intro_points);
111 cp += 2;
112 for (i=0;i<result->n_intro_points;++i) {
113 if (end-cp < 2) goto truncated;
114 eos = (const char *)memchr(cp,'\0',end-cp);
115 if (!eos) goto truncated;
116 result->intro_points[i] = tor_strdup(cp);
117 cp = eos+1;
118 }
119 keylen = crypto_pk_keysize(result->pk);
120 tor_assert(end-cp >= 0);
121 if ((size_t)(end-cp) < keylen) goto truncated;
122 if ((size_t)(end-cp) > keylen) {
123 log_fn(LOG_WARN, "Signature too long on service descriptor");
124 goto error;
125 }
126 if (crypto_pk_public_checksig_digest(result->pk,
127 (char*)str,cp-str, /* data */
128 (char*)cp,end-cp /* signature*/
129 )<0) {
130 log_fn(LOG_WARN, "Bad signature on service descriptor");
131 goto error;
132 }
133
134 return result;
135 truncated:
136 log_fn(LOG_WARN, "Truncated service descriptor");
137 error:
138 rend_service_descriptor_free(result);
139 return NULL;
140 }
141
142 /** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
143 * base32 encoded. NUL-terminates out. (We use this string to
144 * identify services in directory requests and .onion URLs.)
145 */
146 int rend_get_service_id(crypto_pk_env_t *pk, char *out)
147 {
148 char buf[DIGEST_LEN];
149 tor_assert(pk);
150 if (crypto_pk_get_digest(pk, buf) < 0)
151 return -1;
152 base32_encode(out, REND_SERVICE_ID_LEN+1, buf, 10);
153 return 0;
154 }
155
156 /* ==== Rendezvous service descriptor cache. */
157
158 #define REND_CACHE_MAX_AGE (24*60*60)
159 #define REND_CACHE_MAX_SKEW (90*60)
160
161 /** Map from service id (as generated by rend_get_service_id) to
162 * rend_cache_entry_t. */
163 static strmap_t *rend_cache = NULL;
164
165 /** Initializes the service descriptor cache.
166 */
167 void rend_cache_init(void)
168 {
169 rend_cache = strmap_new();
170 }
171
172 /** Removes all old entries from the service descriptor cache.
173 */
174 void rend_cache_clean(void)
175 {
176 strmap_iter_t *iter;
177 const char *key;
178 void *val;
179 rend_cache_entry_t *ent;
180 time_t cutoff;
181 cutoff = time(NULL) - REND_CACHE_MAX_AGE;
182 for (iter = strmap_iter_init(rend_cache); !strmap_iter_done(iter); ) {
183 strmap_iter_get(iter, &key, &val);
184 ent = (rend_cache_entry_t*)val;
185 if (ent->parsed->timestamp < cutoff) {
186 iter = strmap_iter_next_rmv(rend_cache, iter);
187 rend_service_descriptor_free(ent->parsed);
188 tor_free(ent->desc);
189 tor_free(ent);
190 } else {
191 iter = strmap_iter_next(rend_cache, iter);
192 }
193 }
194 }
195
196 /** Return true iff <b>query</b> is a syntactically valid service ID (as
197 * generated by rend_get_service_id). */
198 int rend_valid_service_id(const char *query) {
199 if(strlen(query) != REND_SERVICE_ID_LEN)
200 return 0;
201
202 if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN)
203 return 0;
204
205 return 1;
206 }
207
208 /** If we have a cached rend_cache_entry_t for the service ID <b>query</b>, set
209 * *<b>e</b> to that entry and return 1. Else return 0.
210 */
211 int rend_cache_lookup_entry(const char *query, rend_cache_entry_t **e)
212 {
213 tor_assert(rend_cache);
214 if (!rend_valid_service_id(query))
215 return -1;
216 *e = strmap_get_lc(rend_cache, query);
217 if (!*e)
218 return 0;
219 return 1;
220 }
221
222 /** <b>query</b> is a base-32'ed service id. If it's malformed, return -1.
223 * Else look it up.
224 * - If it is found, point *desc to it, and write its length into
225 * *desc_len, and return 1.
226 * - If it is not found, return 0.
227 * Note: calls to rend_cache_clean or rend_cache_store may invalidate
228 * *desc.
229 */
230 int rend_cache_lookup_desc(const char *query, const char **desc, size_t *desc_len)
231 {
232 rend_cache_entry_t *e;
233 int r;
234 r = rend_cache_lookup_entry(query,&e);
235 if (r <= 0) return r;
236 *desc = e->desc;
237 *desc_len = e->len;
238 return 1;
239 }
240
241 /** Parse *desc, calculate its service id, and store it in the cache.
242 * If we have a newer descriptor with the same ID, ignore this one.
243 * If we have an older descriptor with the same ID, replace it.
244 * Returns -1 if it's malformed or otherwise rejected, else return 0.
245 */
246 int rend_cache_store(const char *desc, size_t desc_len)
247 {
248 rend_cache_entry_t *e;
249 rend_service_descriptor_t *parsed;
250 char query[REND_SERVICE_ID_LEN+1];
251 time_t now;
252 tor_assert(rend_cache);
253 parsed = rend_parse_service_descriptor(desc,desc_len);
254 if (!parsed) {
255 log_fn(LOG_WARN,"Couldn't parse service descriptor");
256 return -1;
257 }
258 if (rend_get_service_id(parsed->pk, query)<0) {
259 log_fn(LOG_WARN,"Couldn't compute service ID");
260 rend_service_descriptor_free(parsed);
261 return -1;
262 }
263 now = time(NULL);
264 if (parsed->timestamp < now-REND_CACHE_MAX_AGE) {
265 log_fn(LOG_WARN,"Service descriptor %s is too old", query);
266 rend_service_descriptor_free(parsed);
267 return -1;
268 }
269 if (parsed->timestamp > now+REND_CACHE_MAX_SKEW) {
270 log_fn(LOG_WARN,"Service descriptor %s is too far in the future", query);
271 rend_service_descriptor_free(parsed);
272 return -1;
273 }
274 e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, query);
275 if (e && e->parsed->timestamp > parsed->timestamp) {
276 log_fn(LOG_INFO,"We already have a newer service descriptor %s with the same ID", query);
277 rend_service_descriptor_free(parsed);
278 return 0;
279 }
280 if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
281 log_fn(LOG_INFO,"We already have this service descriptor %s", query);
282 e->received = time(NULL);
283 rend_service_descriptor_free(parsed);
284 return 0;
285 }
286 if (!e) {
287 e = tor_malloc_zero(sizeof(rend_cache_entry_t));
288 strmap_set_lc(rend_cache, query, e);
289 } else {
290 rend_service_descriptor_free(e->parsed);
291 tor_free(e->desc);
292 }
293 e->received = time(NULL);
294 e->parsed = parsed;
295 e->len = desc_len;
296 e->desc = tor_malloc(desc_len);
297 memcpy(e->desc, desc, desc_len);
298
299 log_fn(LOG_INFO,"Successfully stored rend desc '%s', len %d", query, (int)desc_len);
300 return 0;
301 }
302
303 /** Called when we get a rendezvous-related relay cell on circuit
304 * <b>circ</b>. Dispatch on rendezvous relay command. */
305 void rend_process_relay_cell(circuit_t *circ, int command, size_t length,
306 const char *payload)
307 {
308 int r;
309 switch(command) {
310 case RELAY_COMMAND_ESTABLISH_INTRO:
311 r = rend_mid_establish_intro(circ,payload,length);
312 break;
313 case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
314 r = rend_mid_establish_rendezvous(circ,payload,length);
315 break;
316 case RELAY_COMMAND_INTRODUCE1:
317 r = rend_mid_introduce(circ,payload,length);
318 break;
319 case RELAY_COMMAND_INTRODUCE2:
320 r = rend_service_introduce(circ,payload,length);
321 break;
322 case RELAY_COMMAND_INTRODUCE_ACK:
323 r = rend_client_introduction_acked(circ,payload,length);
324 break;
325 case RELAY_COMMAND_RENDEZVOUS1:
326 r = rend_mid_rendezvous(circ,payload,length);
327 break;
328 case RELAY_COMMAND_RENDEZVOUS2:
329 r = rend_client_receive_rendezvous(circ,payload,length);
330 break;
331 case RELAY_COMMAND_INTRO_ESTABLISHED:
332 r = rend_service_intro_established(circ,payload,length);
333 break;
334 case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
335 r = rend_client_rendezvous_acked(circ,payload,length);
336 break;
337 default:
338 tor_assert(0);
339 }
340 }
341
The Onion Router