search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
In routerlist_assert_ok(), check r2 before taking &(r2->cache_info)
[tor.git] / src / or / rendcommon.c
bloba664b5d5019633cbe34cee3d8a81664070af21c7
1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
2 * Copyright (c) 2007-2013, The Tor Project, Inc. */
3 /* See LICENSE for licensing information */
4
5 /**
6 * \file rendcommon.c
7 * \brief Rendezvous implementation: shared code between
8 * introducers, services, clients, and rendezvous points.
9 **/
10
11 #include "or.h"
12 #include "circuitbuild.h"
13 #include "config.h"
14 #include "rendclient.h"
15 #include "rendcommon.h"
16 #include "rendmid.h"
17 #include "rendservice.h"
18 #include "rephist.h"
19 #include "routerlist.h"
20 #include "routerparse.h"
21
22 /** Return 0 if one and two are the same service ids, else -1 or 1 */
23 int
24 rend_cmp_service_ids(const char *one, const char *two)
25 {
26 return strcasecmp(one,two);
27 }
28
29 /** Free the storage held by the service descriptor <b>desc</b>.
30 */
31 void
32 rend_service_descriptor_free(rend_service_descriptor_t *desc)
33 {
34 if (!desc)
35 return;
36 if (desc->pk)
37 crypto_pk_free(desc->pk);
38 if (desc->intro_nodes) {
39 SMARTLIST_FOREACH(desc->intro_nodes, rend_intro_point_t *, intro,
40 rend_intro_point_free(intro););
41 smartlist_free(desc->intro_nodes);
42 }
43 if (desc->successful_uploads) {
44 SMARTLIST_FOREACH(desc->successful_uploads, char *, c, tor_free(c););
45 smartlist_free(desc->successful_uploads);
46 }
47 tor_free(desc);
48 }
49
50 /** Length of the descriptor cookie that is used for versioned hidden
51 * service descriptors. */
52 #define REND_DESC_COOKIE_LEN 16
53
54 /** Length of the replica number that is used to determine the secret ID
55 * part of versioned hidden service descriptors. */
56 #define REND_REPLICA_LEN 1
57
58 /** Compute the descriptor ID for <b>service_id</b> of length
59 * <b>REND_SERVICE_ID_LEN</b> and <b>secret_id_part</b> of length
60 * <b>DIGEST_LEN</b>, and write it to <b>descriptor_id_out</b> of length
61 * <b>DIGEST_LEN</b>. */
62 void
63 rend_get_descriptor_id_bytes(char *descriptor_id_out,
64 const char *service_id,
65 const char *secret_id_part)
66 {
67 crypto_digest_t *digest = crypto_digest_new();
68 crypto_digest_add_bytes(digest, service_id, REND_SERVICE_ID_LEN);
69 crypto_digest_add_bytes(digest, secret_id_part, DIGEST_LEN);
70 crypto_digest_get_digest(digest, descriptor_id_out, DIGEST_LEN);
71 crypto_digest_free(digest);
72 }
73
74 /** Compute the secret ID part for time_period,
75 * a <b>descriptor_cookie</b> of length
76 * <b>REND_DESC_COOKIE_LEN</b> which may also be <b>NULL</b> if no
77 * descriptor_cookie shall be used, and <b>replica</b>, and write it to
78 * <b>secret_id_part</b> of length DIGEST_LEN. */
79 static void
80 get_secret_id_part_bytes(char *secret_id_part, uint32_t time_period,
81 const char *descriptor_cookie, uint8_t replica)
82 {
83 crypto_digest_t *digest = crypto_digest_new();
84 time_period = htonl(time_period);
85 crypto_digest_add_bytes(digest, (char*)&time_period, sizeof(uint32_t));
86 if (descriptor_cookie) {
87 crypto_digest_add_bytes(digest, descriptor_cookie,
88 REND_DESC_COOKIE_LEN);
89 }
90 crypto_digest_add_bytes(digest, (const char *)&replica, REND_REPLICA_LEN);
91 crypto_digest_get_digest(digest, secret_id_part, DIGEST_LEN);
92 crypto_digest_free(digest);
93 }
94
95 /** Return the time period for time <b>now</b> plus a potentially
96 * intended <b>deviation</b> of one or more periods, based on the first byte
97 * of <b>service_id</b>. */
98 static uint32_t
99 get_time_period(time_t now, uint8_t deviation, const char *service_id)
100 {
101 /* The time period is the number of REND_TIME_PERIOD_V2_DESC_VALIDITY
102 * intervals that have passed since the epoch, offset slightly so that
103 * each service's time periods start and end at a fraction of that
104 * period based on their first byte. */
105 return (uint32_t)
106 (now + ((uint8_t) *service_id) * REND_TIME_PERIOD_V2_DESC_VALIDITY / 256)
107 / REND_TIME_PERIOD_V2_DESC_VALIDITY + deviation;
108 }
109
110 /** Compute the time in seconds that a descriptor that is generated
111 * <b>now</b> for <b>service_id</b> will be valid. */
112 static uint32_t
113 get_seconds_valid(time_t now, const char *service_id)
114 {
115 uint32_t result = REND_TIME_PERIOD_V2_DESC_VALIDITY -
116 ((uint32_t)
117 (now + ((uint8_t) *service_id) * REND_TIME_PERIOD_V2_DESC_VALIDITY / 256)
118 % REND_TIME_PERIOD_V2_DESC_VALIDITY);
119 return result;
120 }
121
122 /** Compute the binary <b>desc_id_out</b> (DIGEST_LEN bytes long) for a given
123 * base32-encoded <b>service_id</b> and optional unencoded
124 * <b>descriptor_cookie</b> of length REND_DESC_COOKIE_LEN,
125 * at time <b>now</b> for replica number
126 * <b>replica</b>. <b>desc_id</b> needs to have <b>DIGEST_LEN</b> bytes
127 * free. Return 0 for success, -1 otherwise. */
128 int
129 rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
130 const char *descriptor_cookie, time_t now,
131 uint8_t replica)
132 {
133 char service_id_binary[REND_SERVICE_ID_LEN];
134 char secret_id_part[DIGEST_LEN];
135 uint32_t time_period;
136 if (!service_id ||
137 strlen(service_id) != REND_SERVICE_ID_LEN_BASE32) {
138 log_warn(LD_REND, "Could not compute v2 descriptor ID: "
139 "Illegal service ID: %s",
140 safe_str(service_id));
141 return -1;
142 }
143 if (replica >= REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS) {
144 log_warn(LD_REND, "Could not compute v2 descriptor ID: "
145 "Replica number out of range: %d", replica);
146 return -1;
147 }
148 /* Convert service ID to binary. */
149 if (base32_decode(service_id_binary, REND_SERVICE_ID_LEN,
150 service_id, REND_SERVICE_ID_LEN_BASE32) < 0) {
151 log_warn(LD_REND, "Could not compute v2 descriptor ID: "
152 "Illegal characters in service ID: %s",
153 safe_str_client(service_id));
154 return -1;
155 }
156 /* Calculate current time-period. */
157 time_period = get_time_period(now, 0, service_id_binary);
158 /* Calculate secret-id-part = h(time-period + replica). */
159 get_secret_id_part_bytes(secret_id_part, time_period, descriptor_cookie,
160 replica);
161 /* Calculate descriptor ID. */
162 rend_get_descriptor_id_bytes(desc_id_out, service_id_binary, secret_id_part);
163 return 0;
164 }
165
166 /** Encode the introduction points in <b>desc</b> and write the result to a
167 * newly allocated string pointed to by <b>encoded</b>. Return 0 for
168 * success, -1 otherwise. */
169 static int
170 rend_encode_v2_intro_points(char **encoded, rend_service_descriptor_t *desc)
171 {
172 size_t unenc_len;
173 char *unenc = NULL;
174 size_t unenc_written = 0;
175 int i;
176 int r = -1;
177 /* Assemble unencrypted list of introduction points. */
178 unenc_len = smartlist_len(desc->intro_nodes) * 1000; /* too long, but ok. */
179 unenc = tor_malloc_zero(unenc_len);
180 for (i = 0; i < smartlist_len(desc->intro_nodes); i++) {
181 char id_base32[REND_INTRO_POINT_ID_LEN_BASE32 + 1];
182 char *onion_key = NULL;
183 size_t onion_key_len;
184 crypto_pk_t *intro_key;
185 char *service_key = NULL;
186 char *address = NULL;
187 size_t service_key_len;
188 int res;
189 rend_intro_point_t *intro = smartlist_get(desc->intro_nodes, i);
190 /* Obtain extend info with introduction point details. */
191 extend_info_t *info = intro->extend_info;
192 /* Encode introduction point ID. */
193 base32_encode(id_base32, sizeof(id_base32),
194 info->identity_digest, DIGEST_LEN);
195 /* Encode onion key. */
196 if (crypto_pk_write_public_key_to_string(info->onion_key, &onion_key,
197 &onion_key_len) < 0) {
198 log_warn(LD_REND, "Could not write onion key.");
199 goto done;
200 }
201 /* Encode intro key. */
202 intro_key = intro->intro_key;
203 if (!intro_key ||
204 crypto_pk_write_public_key_to_string(intro_key, &service_key,
205 &service_key_len) < 0) {
206 log_warn(LD_REND, "Could not write intro key.");
207 tor_free(onion_key);
208 goto done;
209 }
210 /* Assemble everything for this introduction point. */
211 address = tor_dup_addr(&info->addr);
212 res = tor_snprintf(unenc + unenc_written, unenc_len - unenc_written,
213 "introduction-point %s\n"
214 "ip-address %s\n"
215 "onion-port %d\n"
216 "onion-key\n%s"
217 "service-key\n%s",
218 id_base32,
219 address,
220 info->port,
221 onion_key,
222 service_key);
223 tor_free(address);
224 tor_free(onion_key);
225 tor_free(service_key);
226 if (res < 0) {
227 log_warn(LD_REND, "Not enough space for writing introduction point "
228 "string.");
229 goto done;
230 }
231 /* Update total number of written bytes for unencrypted intro points. */
232 unenc_written += res;
233 }
234 /* Finalize unencrypted introduction points. */
235 if (unenc_len < unenc_written + 2) {
236 log_warn(LD_REND, "Not enough space for finalizing introduction point "
237 "string.");
238 goto done;
239 }
240 unenc[unenc_written++] = '\n';
241 unenc[unenc_written++] = 0;
242 *encoded = unenc;
243 r = 0;
244 done:
245 if (r<0)
246 tor_free(unenc);
247 return r;
248 }
249
250 /** Encrypt the encoded introduction points in <b>encoded</b> using
251 * authorization type 'basic' with <b>client_cookies</b> and write the
252 * result to a newly allocated string pointed to by <b>encrypted_out</b> of
253 * length <b>encrypted_len_out</b>. Return 0 for success, -1 otherwise. */
254 static int
255 rend_encrypt_v2_intro_points_basic(char **encrypted_out,
256 size_t *encrypted_len_out,
257 const char *encoded,
258 smartlist_t *client_cookies)
259 {
260 int r = -1, i, pos, enclen, client_blocks;
261 size_t len, client_entries_len;
262 char *enc = NULL, iv[CIPHER_IV_LEN], *client_part = NULL,
263 session_key[CIPHER_KEY_LEN];
264 smartlist_t *encrypted_session_keys = NULL;
265 crypto_digest_t *digest;
266 crypto_cipher_t *cipher;
267 tor_assert(encoded);
268 tor_assert(client_cookies && smartlist_len(client_cookies) > 0);
269
270 /* Generate session key. */
271 if (crypto_rand(session_key, CIPHER_KEY_LEN) < 0) {
272 log_warn(LD_REND, "Unable to generate random session key to encrypt "
273 "introduction point string.");
274 goto done;
275 }
276
277 /* Determine length of encrypted introduction points including session
278 * keys. */
279 client_blocks = 1 + ((smartlist_len(client_cookies) - 1) /
280 REND_BASIC_AUTH_CLIENT_MULTIPLE);
281 client_entries_len = client_blocks * REND_BASIC_AUTH_CLIENT_MULTIPLE *
282 REND_BASIC_AUTH_CLIENT_ENTRY_LEN;
283 len = 2 + client_entries_len + CIPHER_IV_LEN + strlen(encoded);
284 if (client_blocks >= 256) {
285 log_warn(LD_REND, "Too many clients in introduction point string.");
286 goto done;
287 }
288 enc = tor_malloc_zero(len);
289 enc[0] = 0x01; /* type of authorization. */
290 enc[1] = (uint8_t)client_blocks;
291
292 /* Encrypt with random session key. */
293 enclen = crypto_cipher_encrypt_with_iv(session_key,
294 enc + 2 + client_entries_len,
295 CIPHER_IV_LEN + strlen(encoded), encoded, strlen(encoded));
296
297 if (enclen < 0) {
298 log_warn(LD_REND, "Could not encrypt introduction point string.");
299 goto done;
300 }
301 memcpy(iv, enc + 2 + client_entries_len, CIPHER_IV_LEN);
302
303 /* Encrypt session key for cookies, determine client IDs, and put both
304 * in a smartlist. */
305 encrypted_session_keys = smartlist_new();
306 SMARTLIST_FOREACH_BEGIN(client_cookies, const char *, cookie) {
307 client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
308 /* Encrypt session key. */
309 cipher = crypto_cipher_new(cookie);
310 if (crypto_cipher_encrypt(cipher, client_part +
311 REND_BASIC_AUTH_CLIENT_ID_LEN,
312 session_key, CIPHER_KEY_LEN) < 0) {
313 log_warn(LD_REND, "Could not encrypt session key for client.");
314 crypto_cipher_free(cipher);
315 tor_free(client_part);
316 goto done;
317 }
318 crypto_cipher_free(cipher);
319
320 /* Determine client ID. */
321 digest = crypto_digest_new();
322 crypto_digest_add_bytes(digest, cookie, REND_DESC_COOKIE_LEN);
323 crypto_digest_add_bytes(digest, iv, CIPHER_IV_LEN);
324 crypto_digest_get_digest(digest, client_part,
325 REND_BASIC_AUTH_CLIENT_ID_LEN);
326 crypto_digest_free(digest);
327
328 /* Put both together. */
329 smartlist_add(encrypted_session_keys, client_part);
330 } SMARTLIST_FOREACH_END(cookie);
331
332 /* Add some fake client IDs and encrypted session keys. */
333 for (i = (smartlist_len(client_cookies) - 1) %
334 REND_BASIC_AUTH_CLIENT_MULTIPLE;
335 i < REND_BASIC_AUTH_CLIENT_MULTIPLE - 1; i++) {
336 client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
337 if (crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN) < 0) {
338 log_warn(LD_REND, "Unable to generate fake client entry.");
339 tor_free(client_part);
340 goto done;
341 }
342 smartlist_add(encrypted_session_keys, client_part);
343 }
344 /* Sort smartlist and put elements in result in order. */
345 smartlist_sort_digests(encrypted_session_keys);
346 pos = 2;
347 SMARTLIST_FOREACH(encrypted_session_keys, const char *, entry, {
348 memcpy(enc + pos, entry, REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
349 pos += REND_BASIC_AUTH_CLIENT_ENTRY_LEN;
350 });
351 *encrypted_out = enc;
352 *encrypted_len_out = len;
353 enc = NULL; /* prevent free. */
354 r = 0;
355 done:
356 tor_free(enc);
357 if (encrypted_session_keys) {
358 SMARTLIST_FOREACH(encrypted_session_keys, char *, d, tor_free(d););
359 smartlist_free(encrypted_session_keys);
360 }
361 return r;
362 }
363
364 /** Encrypt the encoded introduction points in <b>encoded</b> using
365 * authorization type 'stealth' with <b>descriptor_cookie</b> of length
366 * REND_DESC_COOKIE_LEN and write the result to a newly allocated string
367 * pointed to by <b>encrypted_out</b> of length <b>encrypted_len_out</b>.
368 * Return 0 for success, -1 otherwise. */
369 static int
370 rend_encrypt_v2_intro_points_stealth(char **encrypted_out,
371 size_t *encrypted_len_out,
372 const char *encoded,
373 const char *descriptor_cookie)
374 {
375 int r = -1, enclen;
376 char *enc;
377 tor_assert(encoded);
378 tor_assert(descriptor_cookie);
379
380 enc = tor_malloc_zero(1 + CIPHER_IV_LEN + strlen(encoded));
381 enc[0] = 0x02; /* Auth type */
382 enclen = crypto_cipher_encrypt_with_iv(descriptor_cookie,
383 enc + 1,
384 CIPHER_IV_LEN+strlen(encoded),
385 encoded, strlen(encoded));
386 if (enclen < 0) {
387 log_warn(LD_REND, "Could not encrypt introduction point string.");
388 goto done;
389 }
390 *encrypted_out = enc;
391 *encrypted_len_out = enclen;
392 enc = NULL; /* prevent free */
393 r = 0;
394 done:
395 tor_free(enc);
396 return r;
397 }
398
399 /** Attempt to parse the given <b>desc_str</b> and return true if this
400 * succeeds, false otherwise. */
401 static int
402 rend_desc_v2_is_parsable(rend_encoded_v2_service_descriptor_t *desc)
403 {
404 rend_service_descriptor_t *test_parsed = NULL;
405 char test_desc_id[DIGEST_LEN];
406 char *test_intro_content = NULL;
407 size_t test_intro_size;
408 size_t test_encoded_size;
409 const char *test_next;
410 int res = rend_parse_v2_service_descriptor(&test_parsed, test_desc_id,
411 &test_intro_content,
412 &test_intro_size,
413 &test_encoded_size,
414 &test_next, desc->desc_str);
415 rend_service_descriptor_free(test_parsed);
416 tor_free(test_intro_content);
417 return (res >= 0);
418 }
419
420 /** Free the storage held by an encoded v2 service descriptor. */
421 void
422 rend_encoded_v2_service_descriptor_free(
423 rend_encoded_v2_service_descriptor_t *desc)
424 {
425 if (!desc)
426 return;
427 tor_free(desc->desc_str);
428 tor_free(desc);
429 }
430
431 /** Free the storage held by an introduction point info. */
432 void
433 rend_intro_point_free(rend_intro_point_t *intro)
434 {
435 if (!intro)
436 return;
437
438 extend_info_free(intro->extend_info);
439 crypto_pk_free(intro->intro_key);
440
441 if (intro->accepted_intro_rsa_parts != NULL) {
442 replaycache_free(intro->accepted_intro_rsa_parts);
443 }
444
445 tor_free(intro);
446 }
447
448 /** Encode a set of rend_encoded_v2_service_descriptor_t's for <b>desc</b>
449 * at time <b>now</b> using <b>service_key</b>, depending on
450 * <b>auth_type</b> a <b>descriptor_cookie</b> and a list of
451 * <b>client_cookies</b> (which are both <b>NULL</b> if no client
452 * authorization is performed), and <b>period</b> (e.g. 0 for the current
453 * period, 1 for the next period, etc.) and add them to the existing list
454 * <b>descs_out</b>; return the number of seconds that the descriptors will
455 * be found by clients, or -1 if the encoding was not successful. */
456 int
457 rend_encode_v2_descriptors(smartlist_t *descs_out,
458 rend_service_descriptor_t *desc, time_t now,
459 uint8_t period, rend_auth_type_t auth_type,
460 crypto_pk_t *client_key,
461 smartlist_t *client_cookies)
462 {
463 char service_id[DIGEST_LEN];
464 uint32_t time_period;
465 char *ipos_base64 = NULL, *ipos = NULL, *ipos_encrypted = NULL,
466 *descriptor_cookie = NULL;
467 size_t ipos_len = 0, ipos_encrypted_len = 0;
468 int k;
469 uint32_t seconds_valid;
470 crypto_pk_t *service_key;
471 if (!desc) {
472 log_warn(LD_BUG, "Could not encode v2 descriptor: No desc given.");
473 return -1;
474 }
475 service_key = (auth_type == REND_STEALTH_AUTH) ? client_key : desc->pk;
476 tor_assert(service_key);
477 if (auth_type == REND_STEALTH_AUTH) {
478 descriptor_cookie = smartlist_get(client_cookies, 0);
479 tor_assert(descriptor_cookie);
480 }
481 /* Obtain service_id from public key. */
482 crypto_pk_get_digest(service_key, service_id);
483 /* Calculate current time-period. */
484 time_period = get_time_period(now, period, service_id);
485 /* Determine how many seconds the descriptor will be valid. */
486 seconds_valid = period * REND_TIME_PERIOD_V2_DESC_VALIDITY +
487 get_seconds_valid(now, service_id);
488 /* Assemble, possibly encrypt, and encode introduction points. */
489 if (smartlist_len(desc->intro_nodes) > 0) {
490 if (rend_encode_v2_intro_points(&ipos, desc) < 0) {
491 log_warn(LD_REND, "Encoding of introduction points did not succeed.");
492 return -1;
493 }
494 switch (auth_type) {
495 case REND_NO_AUTH:
496 ipos_len = strlen(ipos);
497 break;
498 case REND_BASIC_AUTH:
499 if (rend_encrypt_v2_intro_points_basic(&ipos_encrypted,
500 &ipos_encrypted_len, ipos,
501 client_cookies) < 0) {
502 log_warn(LD_REND, "Encrypting of introduction points did not "
503 "succeed.");
504 tor_free(ipos);
505 return -1;
506 }
507 tor_free(ipos);
508 ipos = ipos_encrypted;
509 ipos_len = ipos_encrypted_len;
510 break;
511 case REND_STEALTH_AUTH:
512 if (rend_encrypt_v2_intro_points_stealth(&ipos_encrypted,
513 &ipos_encrypted_len, ipos,
514 descriptor_cookie) < 0) {
515 log_warn(LD_REND, "Encrypting of introduction points did not "
516 "succeed.");
517 tor_free(ipos);
518 return -1;
519 }
520 tor_free(ipos);
521 ipos = ipos_encrypted;
522 ipos_len = ipos_encrypted_len;
523 break;
524 default:
525 log_warn(LD_REND|LD_BUG, "Unrecognized authorization type %d",
526 (int)auth_type);
527 tor_free(ipos);
528 return -1;
529 }
530 /* Base64-encode introduction points. */
531 ipos_base64 = tor_malloc_zero(ipos_len * 2);
532 if (base64_encode(ipos_base64, ipos_len * 2, ipos, ipos_len)<0) {
533 log_warn(LD_REND, "Could not encode introduction point string to "
534 "base64. length=%d", (int)ipos_len);
535 tor_free(ipos_base64);
536 tor_free(ipos);
537 return -1;
538 }
539 tor_free(ipos);
540 }
541 /* Encode REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS descriptors. */
542 for (k = 0; k < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; k++) {
543 char secret_id_part[DIGEST_LEN];
544 char secret_id_part_base32[REND_SECRET_ID_PART_LEN_BASE32 + 1];
545 char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
546 char *permanent_key = NULL;
547 size_t permanent_key_len;
548 char published[ISO_TIME_LEN+1];
549 int i;
550 char protocol_versions_string[16]; /* max len: "0,1,2,3,4,5,6,7\0" */
551 size_t protocol_versions_written;
552 size_t desc_len;
553 char *desc_str = NULL;
554 int result = 0;
555 size_t written = 0;
556 char desc_digest[DIGEST_LEN];
557 rend_encoded_v2_service_descriptor_t *enc =
558 tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t));
559 /* Calculate secret-id-part = h(time-period + cookie + replica). */
560 get_secret_id_part_bytes(secret_id_part, time_period, descriptor_cookie,
561 k);
562 base32_encode(secret_id_part_base32, sizeof(secret_id_part_base32),
563 secret_id_part, DIGEST_LEN);
564 /* Calculate descriptor ID. */
565 rend_get_descriptor_id_bytes(enc->desc_id, service_id, secret_id_part);
566 base32_encode(desc_id_base32, sizeof(desc_id_base32),
567 enc->desc_id, DIGEST_LEN);
568 /* PEM-encode the public key */
569 if (crypto_pk_write_public_key_to_string(service_key, &permanent_key,
570 &permanent_key_len) < 0) {
571 log_warn(LD_BUG, "Could not write public key to string.");
572 rend_encoded_v2_service_descriptor_free(enc);
573 goto err;
574 }
575 /* Encode timestamp. */
576 format_iso_time(published, desc->timestamp);
577 /* Write protocol-versions bitmask to comma-separated value string. */
578 protocol_versions_written = 0;
579 for (i = 0; i < 8; i++) {
580 if (desc->protocols & 1 << i) {
581 tor_snprintf(protocol_versions_string + protocol_versions_written,
582 16 - protocol_versions_written, "%d,", i);
583 protocol_versions_written += 2;
584 }
585 }
586 if (protocol_versions_written)
587 protocol_versions_string[protocol_versions_written - 1] = '\0';
588 else
589 protocol_versions_string[0]= '\0';
590 /* Assemble complete descriptor. */
591 desc_len = 2000 + smartlist_len(desc->intro_nodes) * 1000; /* far too long,
592 but okay.*/
593 enc->desc_str = desc_str = tor_malloc_zero(desc_len);
594 result = tor_snprintf(desc_str, desc_len,
595 "rendezvous-service-descriptor %s\n"
596 "version 2\n"
597 "permanent-key\n%s"
598 "secret-id-part %s\n"
599 "publication-time %s\n"
600 "protocol-versions %s\n",
601 desc_id_base32,
602 permanent_key,
603 secret_id_part_base32,
604 published,
605 protocol_versions_string);
606 tor_free(permanent_key);
607 if (result < 0) {
608 log_warn(LD_BUG, "Descriptor ran out of room.");
609 rend_encoded_v2_service_descriptor_free(enc);
610 goto err;
611 }
612 written = result;
613 /* Add introduction points. */
614 if (ipos_base64) {
615 result = tor_snprintf(desc_str + written, desc_len - written,
616 "introduction-points\n"
617 "-----BEGIN MESSAGE-----\n%s"
618 "-----END MESSAGE-----\n",
619 ipos_base64);
620 if (result < 0) {
621 log_warn(LD_BUG, "could not write introduction points.");
622 rend_encoded_v2_service_descriptor_free(enc);
623 goto err;
624 }
625 written += result;
626 }
627 /* Add signature. */
628 strlcpy(desc_str + written, "signature\n", desc_len - written);
629 written += strlen(desc_str + written);
630 if (crypto_digest(desc_digest, desc_str, written) < 0) {
631 log_warn(LD_BUG, "could not create digest.");
632 rend_encoded_v2_service_descriptor_free(enc);
633 goto err;
634 }
635 if (router_append_dirobj_signature(desc_str + written,
636 desc_len - written,
637 desc_digest, DIGEST_LEN,
638 service_key) < 0) {
639 log_warn(LD_BUG, "Couldn't sign desc.");
640 rend_encoded_v2_service_descriptor_free(enc);
641 goto err;
642 }
643 written += strlen(desc_str+written);
644 if (written+2 > desc_len) {
645 log_warn(LD_BUG, "Could not finish desc.");
646 rend_encoded_v2_service_descriptor_free(enc);
647 goto err;
648 }
649 desc_str[written++] = '\n';
650 desc_str[written++] = 0;
651 /* Check if we can parse our own descriptor. */
652 if (!rend_desc_v2_is_parsable(enc)) {
653 log_warn(LD_BUG, "Could not parse my own descriptor: %s", desc_str);
654 rend_encoded_v2_service_descriptor_free(enc);
655 goto err;
656 }
657 smartlist_add(descs_out, enc);
658 }
659
660 log_info(LD_REND, "Successfully encoded a v2 descriptor and "
661 "confirmed that it is parsable.");
662 goto done;
663
664 err:
665 SMARTLIST_FOREACH(descs_out, rend_encoded_v2_service_descriptor_t *, d,
666 rend_encoded_v2_service_descriptor_free(d););
667 smartlist_clear(descs_out);
668 seconds_valid = -1;
669
670 done:
671 tor_free(ipos_base64);
672 return seconds_valid;
673 }
674
675 /** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
676 * base32 encoded. NUL-terminates out. (We use this string to
677 * identify services in directory requests and .onion URLs.)
678 */
679 int
680 rend_get_service_id(crypto_pk_t *pk, char *out)
681 {
682 char buf[DIGEST_LEN];
683 tor_assert(pk);
684 if (crypto_pk_get_digest(pk, buf) < 0)
685 return -1;
686 base32_encode(out, REND_SERVICE_ID_LEN_BASE32+1, buf, REND_SERVICE_ID_LEN);
687 return 0;
688 }
689
690 /* ==== Rendezvous service descriptor cache. */
691
692 /** How old do we let hidden service descriptors get before discarding
693 * them as too old? */
694 #define REND_CACHE_MAX_AGE (2*24*60*60)
695 /** How wrong do we assume our clock may be when checking whether hidden
696 * services are too old or too new? */
697 #define REND_CACHE_MAX_SKEW (24*60*60)
698
699 /** Map from service id (as generated by rend_get_service_id) to
700 * rend_cache_entry_t. */
701 static strmap_t *rend_cache = NULL;
702
703 /** Map from descriptor id to rend_cache_entry_t; only for hidden service
704 * directories. */
705 static digestmap_t *rend_cache_v2_dir = NULL;
706
707 /** Initializes the service descriptor cache.
708 */
709 void
710 rend_cache_init(void)
711 {
712 rend_cache = strmap_new();
713 rend_cache_v2_dir = digestmap_new();
714 }
715
716 /** Helper: free storage held by a single service descriptor cache entry. */
717 static void
718 rend_cache_entry_free(rend_cache_entry_t *e)
719 {
720 if (!e)
721 return;
722 rend_service_descriptor_free(e->parsed);
723 tor_free(e->desc);
724 tor_free(e);
725 }
726
727 /** Helper: deallocate a rend_cache_entry_t. (Used with strmap_free(), which
728 * requires a function pointer whose argument is void*). */
729 static void
730 rend_cache_entry_free_(void *p)
731 {
732 rend_cache_entry_free(p);
733 }
734
735 /** Free all storage held by the service descriptor cache. */
736 void
737 rend_cache_free_all(void)
738 {
739 strmap_free(rend_cache, rend_cache_entry_free_);
740 digestmap_free(rend_cache_v2_dir, rend_cache_entry_free_);
741 rend_cache = NULL;
742 rend_cache_v2_dir = NULL;
743 }
744
745 /** Removes all old entries from the service descriptor cache.
746 */
747 void
748 rend_cache_clean(time_t now)
749 {
750 strmap_iter_t *iter;
751 const char *key;
752 void *val;
753 rend_cache_entry_t *ent;
754 time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
755 for (iter = strmap_iter_init(rend_cache); !strmap_iter_done(iter); ) {
756 strmap_iter_get(iter, &key, &val);
757 ent = (rend_cache_entry_t*)val;
758 if (ent->parsed->timestamp < cutoff) {
759 iter = strmap_iter_next_rmv(rend_cache, iter);
760 rend_cache_entry_free(ent);
761 } else {
762 iter = strmap_iter_next(rend_cache, iter);
763 }
764 }
765 }
766
767 /** Remove ALL entries from the rendezvous service descriptor cache.
768 */
769 void
770 rend_cache_purge(void)
771 {
772 if (rend_cache) {
773 log_info(LD_REND, "Purging HS descriptor cache");
774 strmap_free(rend_cache, rend_cache_entry_free_);
775 }
776 rend_cache = strmap_new();
777 }
778
779 /** Remove all old v2 descriptors and those for which this hidden service
780 * directory is not responsible for any more. */
781 void
782 rend_cache_clean_v2_descs_as_dir(time_t now)
783 {
784 digestmap_iter_t *iter;
785 time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
786 for (iter = digestmap_iter_init(rend_cache_v2_dir);
787 !digestmap_iter_done(iter); ) {
788 const char *key;
789 void *val;
790 rend_cache_entry_t *ent;
791 digestmap_iter_get(iter, &key, &val);
792 ent = val;
793 if (ent->parsed->timestamp < cutoff ||
794 !hid_serv_responsible_for_desc_id(key)) {
795 char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
796 base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
797 log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
798 safe_str_client(key_base32));
799 iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
800 rend_cache_entry_free(ent);
801 } else {
802 iter = digestmap_iter_next(rend_cache_v2_dir, iter);
803 }
804 }
805 }
806
807 /** Determines whether <b>a</b> is in the interval of <b>b</b> (excluded) and
808 * <b>c</b> (included) in a circular digest ring; returns 1 if this is the
809 * case, and 0 otherwise.
810 */
811 int
812 rend_id_is_in_interval(const char *a, const char *b, const char *c)
813 {
814 int a_b, b_c, c_a;
815 tor_assert(a);
816 tor_assert(b);
817 tor_assert(c);
818
819 /* There are five cases in which a is outside the interval ]b,c]: */
820 a_b = tor_memcmp(a,b,DIGEST_LEN);
821 if (a_b == 0)
822 return 0; /* 1. a == b (b is excluded) */
823 b_c = tor_memcmp(b,c,DIGEST_LEN);
824 if (b_c == 0)
825 return 0; /* 2. b == c (interval is empty) */
826 else if (a_b <= 0 && b_c < 0)
827 return 0; /* 3. a b c */
828 c_a = tor_memcmp(c,a,DIGEST_LEN);
829 if (c_a < 0 && a_b <= 0)
830 return 0; /* 4. c a b */
831 else if (b_c < 0 && c_a < 0)
832 return 0; /* 5. b c a */
833
834 /* In the other cases (a c b; b a c; c b a), a is inside the interval. */
835 return 1;
836 }
837
838 /** Return true iff <b>query</b> is a syntactically valid service ID (as
839 * generated by rend_get_service_id). */
840 int
841 rend_valid_service_id(const char *query)
842 {
843 if (strlen(query) != REND_SERVICE_ID_LEN_BASE32)
844 return 0;
845
846 if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32)
847 return 0;
848
849 return 1;
850 }
851
852 /** If we have a cached rend_cache_entry_t for the service ID <b>query</b>
853 * with <b>version</b>, set *<b>e</b> to that entry and return 1.
854 * Else return 0. If <b>version</b> is nonnegative, only return an entry
855 * in that descriptor format version. Otherwise (if <b>version</b> is
856 * negative), return the most recent format we have.
857 */
858 int
859 rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
860 {
861 char key[REND_SERVICE_ID_LEN_BASE32+2]; /* <version><query>\0 */
862 tor_assert(rend_cache);
863 if (!rend_valid_service_id(query))
864 return -1;
865 *e = NULL;
866 if (version != 0) {
867 tor_snprintf(key, sizeof(key), "2%s", query);
868 *e = strmap_get_lc(rend_cache, key);
869 }
870 if (!*e && version != 2) {
871 tor_snprintf(key, sizeof(key), "0%s", query);
872 *e = strmap_get_lc(rend_cache, key);
873 }
874 if (!*e)
875 return 0;
876 tor_assert((*e)->parsed && (*e)->parsed->intro_nodes);
877 /* XXX023 hack for now, to return "not found" if there are no intro
878 * points remaining. See bug 997. */
879 if (! rend_client_any_intro_points_usable(*e))
880 return 0;
881 return 1;
882 }
883
884 /** Lookup the v2 service descriptor with base32-encoded <b>desc_id</b> and
885 * copy the pointer to it to *<b>desc</b>. Return 1 on success, 0 on
886 * well-formed-but-not-found, and -1 on failure.
887 */
888 int
889 rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
890 {
891 rend_cache_entry_t *e;
892 char desc_id_digest[DIGEST_LEN];
893 tor_assert(rend_cache_v2_dir);
894 if (base32_decode(desc_id_digest, DIGEST_LEN,
895 desc_id, REND_DESC_ID_V2_LEN_BASE32) < 0) {
896 log_fn(LOG_PROTOCOL_WARN, LD_REND,
897 "Rejecting v2 rendezvous descriptor request -- descriptor ID "
898 "contains illegal characters: %s",
899 safe_str(desc_id));
900 return -1;
901 }
902 /* Lookup descriptor and return. */
903 e = digestmap_get(rend_cache_v2_dir, desc_id_digest);
904 if (e) {
905 *desc = e->desc;
906 return 1;
907 }
908 return 0;
909 }
910
911 /* Do not allow more than this many introduction points in a hidden service
912 * descriptor */
913 #define MAX_INTRO_POINTS 10
914
915 /** Parse the v2 service descriptor(s) in <b>desc</b> and store it/them to the
916 * local rend cache. Don't attempt to decrypt the included list of introduction
917 * points (as we don't have a descriptor cookie for it).
918 *
919 * If we have a newer descriptor with the same ID, ignore this one.
920 * If we have an older descriptor with the same ID, replace it.
921 *
922 * Return an appropriate rend_cache_store_status_t.
923 */
924 rend_cache_store_status_t
925 rend_cache_store_v2_desc_as_dir(const char *desc)
926 {
927 rend_service_descriptor_t *parsed;
928 char desc_id[DIGEST_LEN];
929 char *intro_content;
930 size_t intro_size;
931 size_t encoded_size;
932 char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
933 int number_parsed = 0, number_stored = 0;
934 const char *current_desc = desc;
935 const char *next_desc;
936 rend_cache_entry_t *e;
937 time_t now = time(NULL);
938 tor_assert(rend_cache_v2_dir);
939 tor_assert(desc);
940 if (!hid_serv_acting_as_directory()) {
941 /* Cannot store descs, because we are (currently) not acting as
942 * hidden service directory. */
943 log_info(LD_REND, "Cannot store descs: Not acting as hs dir");
944 return RCS_NOTDIR;
945 }
946 while (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
947 &intro_size, &encoded_size,
948 &next_desc, current_desc) >= 0) {
949 number_parsed++;
950 /* We don't care about the introduction points. */
951 tor_free(intro_content);
952 /* For pretty log statements. */
953 base32_encode(desc_id_base32, sizeof(desc_id_base32),
954 desc_id, DIGEST_LEN);
955 /* Is desc ID in the range that we are (directly or indirectly) responsible
956 * for? */
957 if (!hid_serv_responsible_for_desc_id(desc_id)) {
958 log_info(LD_REND, "Service descriptor with desc ID %s is not in "
959 "interval that we are responsible for.",
960 safe_str_client(desc_id_base32));
961 goto skip;
962 }
963 /* Is descriptor too old? */
964 if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
965 log_info(LD_REND, "Service descriptor with desc ID %s is too old.",
966 safe_str(desc_id_base32));
967 goto skip;
968 }
969 /* Is descriptor too far in the future? */
970 if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
971 log_info(LD_REND, "Service descriptor with desc ID %s is too far in the "
972 "future.",
973 safe_str(desc_id_base32));
974 goto skip;
975 }
976 /* Do we already have a newer descriptor? */
977 e = digestmap_get(rend_cache_v2_dir, desc_id);
978 if (e && e->parsed->timestamp > parsed->timestamp) {
979 log_info(LD_REND, "We already have a newer service descriptor with the "
980 "same desc ID %s and version.",
981 safe_str(desc_id_base32));
982 goto skip;
983 }
984 /* Do we already have this descriptor? */
985 if (e && !strcmp(desc, e->desc)) {
986 log_info(LD_REND, "We already have this service descriptor with desc "
987 "ID %s.", safe_str(desc_id_base32));
988 e->received = time(NULL);
989 goto skip;
990 }
991 /* Store received descriptor. */
992 if (!e) {
993 e = tor_malloc_zero(sizeof(rend_cache_entry_t));
994 digestmap_set(rend_cache_v2_dir, desc_id, e);
995 } else {
996 rend_service_descriptor_free(e->parsed);
997 tor_free(e->desc);
998 }
999 e->received = time(NULL);
1000 e->parsed = parsed;
1001 e->desc = tor_strndup(current_desc, encoded_size);
1002 e->len = encoded_size;
1003 log_info(LD_REND, "Successfully stored service descriptor with desc ID "
1004 "'%s' and len %d.",
1005 safe_str(desc_id_base32), (int)encoded_size);
1006 number_stored++;
1007 goto advance;
1008 skip:
1009 rend_service_descriptor_free(parsed);
1010 advance:
1011 /* advance to next descriptor, if available. */
1012 current_desc = next_desc;
1013 /* check if there is a next descriptor. */
1014 if (!current_desc ||
1015 strcmpstart(current_desc, "rendezvous-service-descriptor "))
1016 break;
1017 }
1018 if (!number_parsed) {
1019 log_info(LD_REND, "Could not parse any descriptor.");
1020 return RCS_BADDESC;
1021 }
1022 log_info(LD_REND, "Parsed %d and added %d descriptor%s.",
1023 number_parsed, number_stored, number_stored != 1 ? "s" : "");
1024 return RCS_OKAY;
1025 }
1026
1027 /** Parse the v2 service descriptor in <b>desc</b>, decrypt the included list
1028 * of introduction points with <b>descriptor_cookie</b> (which may also be
1029 * <b>NULL</b> if decryption is not necessary), and store the descriptor to
1030 * the local cache under its version and service id.
1031 *
1032 * If we have a newer v2 descriptor with the same ID, ignore this one.
1033 * If we have an older descriptor with the same ID, replace it.
1034 * If the descriptor's service ID does not match
1035 * <b>rend_query</b>-\>onion_address, reject it.
1036 *
1037 * Return an appropriate rend_cache_store_status_t.
1038 */
1039 rend_cache_store_status_t
1040 rend_cache_store_v2_desc_as_client(const char *desc,
1041 const rend_data_t *rend_query)
1042 {
1043 /*XXXX this seems to have a bit of duplicate code with
1044 * rend_cache_store_v2_desc_as_dir(). Fix that. */
1045 /* Though having similar elements, both functions were separated on
1046 * purpose:
1047 * - dirs don't care about encoded/encrypted introduction points, clients
1048 * do.
1049 * - dirs store descriptors in a separate cache by descriptor ID, whereas
1050 * clients store them by service ID; both caches are different data
1051 * structures and have different access methods.
1052 * - dirs store a descriptor only if they are responsible for its ID,
1053 * clients do so in every way (because they have requested it before).
1054 * - dirs can process multiple concatenated descriptors which is required
1055 * for replication, whereas clients only accept a single descriptor.
1056 * Thus, combining both methods would result in a lot of if statements
1057 * which probably would not improve, but worsen code readability. -KL */
1058 rend_service_descriptor_t *parsed = NULL;
1059 char desc_id[DIGEST_LEN];
1060 char *intro_content = NULL;
1061 size_t intro_size;
1062 size_t encoded_size;
1063 const char *next_desc;
1064 time_t now = time(NULL);
1065 char key[REND_SERVICE_ID_LEN_BASE32+2];
1066 char service_id[REND_SERVICE_ID_LEN_BASE32+1];
1067 rend_cache_entry_t *e;
1068 rend_cache_store_status_t retval = RCS_BADDESC;
1069 tor_assert(rend_cache);
1070 tor_assert(desc);
1071 /* Parse the descriptor. */
1072 if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
1073 &intro_size, &encoded_size,
1074 &next_desc, desc) < 0) {
1075 log_warn(LD_REND, "Could not parse descriptor.");
1076 goto err;
1077 }
1078 /* Compute service ID from public key. */
1079 if (rend_get_service_id(parsed->pk, service_id)<0) {
1080 log_warn(LD_REND, "Couldn't compute service ID.");
1081 goto err;
1082 }
1083 if (strcmp(rend_query->onion_address, service_id)) {
1084 log_warn(LD_REND, "Received service descriptor for service ID %s; "
1085 "expected descriptor for service ID %s.",
1086 service_id, safe_str(rend_query->onion_address));
1087 goto err;
1088 }
1089 /* Decode/decrypt introduction points. */
1090 if (intro_content) {
1091 int n_intro_points;
1092 if (rend_query->auth_type != REND_NO_AUTH &&
1093 !tor_mem_is_zero(rend_query->descriptor_cookie,
1094 sizeof(rend_query->descriptor_cookie))) {
1095 char *ipos_decrypted = NULL;
1096 size_t ipos_decrypted_size;
1097 if (rend_decrypt_introduction_points(&ipos_decrypted,
1098 &ipos_decrypted_size,
1099 rend_query->descriptor_cookie,
1100 intro_content,
1101 intro_size) < 0) {
1102 log_warn(LD_REND, "Failed to decrypt introduction points. We are "
1103 "probably unable to parse the encoded introduction points.");
1104 } else {
1105 /* Replace encrypted with decrypted introduction points. */
1106 log_info(LD_REND, "Successfully decrypted introduction points.");
1107 tor_free(intro_content);
1108 intro_content = ipos_decrypted;
1109 intro_size = ipos_decrypted_size;
1110 }
1111 }
1112 n_intro_points = rend_parse_introduction_points(parsed, intro_content,
1113 intro_size);
1114 if (n_intro_points <= 0) {
1115 log_warn(LD_REND, "Failed to parse introduction points. Either the "
1116 "service has published a corrupt descriptor or you have "
1117 "provided invalid authorization data.");
1118 goto err;
1119 } else if (n_intro_points > MAX_INTRO_POINTS) {
1120 log_warn(LD_REND, "Found too many introduction points on a hidden "
1121 "service descriptor for %s. This is probably a (misguided) "
1122 "attempt to improve reliability, but it could also be an "
1123 "attempt to do a guard enumeration attack. Rejecting.",
1124 safe_str_client(rend_query->onion_address));
1125
1126 goto err;
1127 }
1128 } else {
1129 log_info(LD_REND, "Descriptor does not contain any introduction points.");
1130 parsed->intro_nodes = smartlist_new();
1131 }
1132 /* We don't need the encoded/encrypted introduction points any longer. */
1133 tor_free(intro_content);
1134 /* Is descriptor too old? */
1135 if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
1136 log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
1137 safe_str_client(service_id));
1138 goto err;
1139 }
1140 /* Is descriptor too far in the future? */
1141 if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
1142 log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
1143 "the future.", safe_str_client(service_id));
1144 goto err;
1145 }
1146 /* Do we already have a newer descriptor? */
1147 tor_snprintf(key, sizeof(key), "2%s", service_id);
1148 e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
1149 if (e && e->parsed->timestamp > parsed->timestamp) {
1150 log_info(LD_REND, "We already have a newer service descriptor for "
1151 "service ID %s with the same desc ID and version.",
1152 safe_str_client(service_id));
1153 goto okay;
1154 }
1155 /* Do we already have this descriptor? */
1156 if (e && !strcmp(desc, e->desc)) {
1157 log_info(LD_REND,"We already have this service descriptor %s.",
1158 safe_str_client(service_id));
1159 e->received = time(NULL);
1160 goto okay;
1161 }
1162 if (!e) {
1163 e = tor_malloc_zero(sizeof(rend_cache_entry_t));
1164 strmap_set_lc(rend_cache, key, e);
1165 } else {
1166 rend_service_descriptor_free(e->parsed);
1167 tor_free(e->desc);
1168 }
1169 e->received = time(NULL);
1170 e->parsed = parsed;
1171 e->desc = tor_malloc_zero(encoded_size + 1);
1172 strlcpy(e->desc, desc, encoded_size + 1);
1173 e->len = encoded_size;
1174 log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
1175 safe_str_client(service_id), (int)encoded_size);
1176 return RCS_OKAY;
1177
1178 okay:
1179 retval = RCS_OKAY;
1180
1181 err:
1182 rend_service_descriptor_free(parsed);
1183 tor_free(intro_content);
1184 return retval;
1185 }
1186
1187 /** Called when we get a rendezvous-related relay cell on circuit
1188 * <b>circ</b>. Dispatch on rendezvous relay command. */
1189 void
1190 rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
1191 int command, size_t length,
1192 const uint8_t *payload)
1193 {
1194 or_circuit_t *or_circ = NULL;
1195 origin_circuit_t *origin_circ = NULL;
1196 int r = -2;
1197 if (CIRCUIT_IS_ORIGIN(circ)) {
1198 origin_circ = TO_ORIGIN_CIRCUIT(circ);
1199 if (!layer_hint || layer_hint != origin_circ->cpath->prev) {
1200 log_fn(LOG_PROTOCOL_WARN, LD_APP,
1201 "Relay cell (rend purpose %d) from wrong hop on origin circ",
1202 command);
1203 origin_circ = NULL;
1204 }
1205 } else {
1206 or_circ = TO_OR_CIRCUIT(circ);
1207 }
1208
1209 switch (command) {
1210 case RELAY_COMMAND_ESTABLISH_INTRO:
1211 if (or_circ)
1212 r = rend_mid_establish_intro(or_circ,payload,length);
1213 break;
1214 case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
1215 if (or_circ)
1216 r = rend_mid_establish_rendezvous(or_circ,payload,length);
1217 break;
1218 case RELAY_COMMAND_INTRODUCE1:
1219 if (or_circ)
1220 r = rend_mid_introduce(or_circ,payload,length);
1221 break;
1222 case RELAY_COMMAND_INTRODUCE2:
1223 if (origin_circ)
1224 r = rend_service_introduce(origin_circ,payload,length);
1225 break;
1226 case RELAY_COMMAND_INTRODUCE_ACK:
1227 if (origin_circ)
1228 r = rend_client_introduction_acked(origin_circ,payload,length);
1229 break;
1230 case RELAY_COMMAND_RENDEZVOUS1:
1231 if (or_circ)
1232 r = rend_mid_rendezvous(or_circ,payload,length);
1233 break;
1234 case RELAY_COMMAND_RENDEZVOUS2:
1235 if (origin_circ)
1236 r = rend_client_receive_rendezvous(origin_circ,payload,length);
1237 break;
1238 case RELAY_COMMAND_INTRO_ESTABLISHED:
1239 if (origin_circ)
1240 r = rend_service_intro_established(origin_circ,payload,length);
1241 break;
1242 case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
1243 if (origin_circ)
1244 r = rend_client_rendezvous_acked(origin_circ,payload,length);
1245 break;
1246 default:
1247 tor_fragile_assert();
1248 }
1249
1250 if (r == -2)
1251 log_info(LD_PROTOCOL, "Dropping cell (type %d) for wrong circuit type.",
1252 command);
1253 }
1254
1255 /** Allocate and return a new rend_data_t with the same
1256 * contents as <b>query</b>. */
1257 rend_data_t *
1258 rend_data_dup(const rend_data_t *data)
1259 {
1260 tor_assert(data);
1261 return tor_memdup(data, sizeof(rend_data_t));
1262 }
1263
The Onion Router