1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
2 * Copyright (c) 2007-2011, The Tor Project, Inc. */
3 /* See LICENSE for licensing information */
7 * \brief Rendezvous implementation: shared code between
8 * introducers, services, clients, and rendezvous points.
12 #include "circuitbuild.h"
14 #include "rendclient.h"
15 #include "rendcommon.h"
17 #include "rendservice.h"
19 #include "routerlist.h"
20 #include "routerparse.h"
22 /** Return 0 if one and two are the same service ids, else -1 or 1 */
24 rend_cmp_service_ids(const char *one
, const char *two
)
26 return strcasecmp(one
,two
);
29 /** Free the storage held by the service descriptor <b>desc</b>.
32 rend_service_descriptor_free(rend_service_descriptor_t
*desc
)
37 crypto_free_pk_env(desc
->pk
);
38 if (desc
->intro_nodes
) {
39 SMARTLIST_FOREACH(desc
->intro_nodes
, rend_intro_point_t
*, intro
,
40 rend_intro_point_free(intro
););
41 smartlist_free(desc
->intro_nodes
);
43 if (desc
->successful_uploads
) {
44 SMARTLIST_FOREACH(desc
->successful_uploads
, char *, c
, tor_free(c
););
45 smartlist_free(desc
->successful_uploads
);
50 /** Length of the descriptor cookie that is used for versioned hidden
51 * service descriptors. */
52 #define REND_DESC_COOKIE_LEN 16
54 /** Length of the replica number that is used to determine the secret ID
55 * part of versioned hidden service descriptors. */
56 #define REND_REPLICA_LEN 1
58 /** Compute the descriptor ID for <b>service_id</b> of length
59 * <b>REND_SERVICE_ID_LEN</b> and <b>secret_id_part</b> of length
60 * <b>DIGEST_LEN</b>, and write it to <b>descriptor_id_out</b> of length
61 * <b>DIGEST_LEN</b>. */
63 rend_get_descriptor_id_bytes(char *descriptor_id_out
,
64 const char *service_id
,
65 const char *secret_id_part
)
67 crypto_digest_env_t
*digest
= crypto_new_digest_env();
68 crypto_digest_add_bytes(digest
, service_id
, REND_SERVICE_ID_LEN
);
69 crypto_digest_add_bytes(digest
, secret_id_part
, DIGEST_LEN
);
70 crypto_digest_get_digest(digest
, descriptor_id_out
, DIGEST_LEN
);
71 crypto_free_digest_env(digest
);
74 /** Compute the secret ID part for time_period,
75 * a <b>descriptor_cookie</b> of length
76 * <b>REND_DESC_COOKIE_LEN</b> which may also be <b>NULL</b> if no
77 * descriptor_cookie shall be used, and <b>replica</b>, and write it to
78 * <b>secret_id_part</b> of length DIGEST_LEN. */
80 get_secret_id_part_bytes(char *secret_id_part
, uint32_t time_period
,
81 const char *descriptor_cookie
, uint8_t replica
)
83 crypto_digest_env_t
*digest
= crypto_new_digest_env();
84 time_period
= htonl(time_period
);
85 crypto_digest_add_bytes(digest
, (char*)&time_period
, sizeof(uint32_t));
86 if (descriptor_cookie
) {
87 crypto_digest_add_bytes(digest
, descriptor_cookie
,
88 REND_DESC_COOKIE_LEN
);
90 crypto_digest_add_bytes(digest
, (const char *)&replica
, REND_REPLICA_LEN
);
91 crypto_digest_get_digest(digest
, secret_id_part
, DIGEST_LEN
);
92 crypto_free_digest_env(digest
);
95 /** Return the time period for time <b>now</b> plus a potentially
96 * intended <b>deviation</b> of one or more periods, based on the first byte
97 * of <b>service_id</b>. */
99 get_time_period(time_t now
, uint8_t deviation
, const char *service_id
)
101 /* The time period is the number of REND_TIME_PERIOD_V2_DESC_VALIDITY
102 * intervals that have passed since the epoch, offset slightly so that
103 * each service's time periods start and end at a fraction of that
104 * period based on their first byte. */
106 (now
+ ((uint8_t) *service_id
) * REND_TIME_PERIOD_V2_DESC_VALIDITY
/ 256)
107 / REND_TIME_PERIOD_V2_DESC_VALIDITY
+ deviation
;
110 /** Compute the time in seconds that a descriptor that is generated
111 * <b>now</b> for <b>service_id</b> will be valid. */
113 get_seconds_valid(time_t now
, const char *service_id
)
115 uint32_t result
= REND_TIME_PERIOD_V2_DESC_VALIDITY
-
117 (now
+ ((uint8_t) *service_id
) * REND_TIME_PERIOD_V2_DESC_VALIDITY
/ 256)
118 % REND_TIME_PERIOD_V2_DESC_VALIDITY
);
122 /** Compute the binary <b>desc_id_out</b> (DIGEST_LEN bytes long) for a given
123 * base32-encoded <b>service_id</b> and optional unencoded
124 * <b>descriptor_cookie</b> of length REND_DESC_COOKIE_LEN,
125 * at time <b>now</b> for replica number
126 * <b>replica</b>. <b>desc_id</b> needs to have <b>DIGEST_LEN</b> bytes
127 * free. Return 0 for success, -1 otherwise. */
129 rend_compute_v2_desc_id(char *desc_id_out
, const char *service_id
,
130 const char *descriptor_cookie
, time_t now
,
133 char service_id_binary
[REND_SERVICE_ID_LEN
];
134 char secret_id_part
[DIGEST_LEN
];
135 uint32_t time_period
;
137 strlen(service_id
) != REND_SERVICE_ID_LEN_BASE32
) {
138 log_warn(LD_REND
, "Could not compute v2 descriptor ID: "
139 "Illegal service ID: %s",
140 safe_str(service_id
));
143 if (replica
>= REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS
) {
144 log_warn(LD_REND
, "Could not compute v2 descriptor ID: "
145 "Replica number out of range: %d", replica
);
148 /* Convert service ID to binary. */
149 if (base32_decode(service_id_binary
, REND_SERVICE_ID_LEN
,
150 service_id
, REND_SERVICE_ID_LEN_BASE32
) < 0) {
151 log_warn(LD_REND
, "Could not compute v2 descriptor ID: "
152 "Illegal characters in service ID: %s",
153 safe_str_client(service_id
));
156 /* Calculate current time-period. */
157 time_period
= get_time_period(now
, 0, service_id_binary
);
158 /* Calculate secret-id-part = h(time-period + replica). */
159 get_secret_id_part_bytes(secret_id_part
, time_period
, descriptor_cookie
,
161 /* Calculate descriptor ID. */
162 rend_get_descriptor_id_bytes(desc_id_out
, service_id_binary
, secret_id_part
);
166 /** Encode the introduction points in <b>desc</b> and write the result to a
167 * newly allocated string pointed to by <b>encoded</b>. Return 0 for
168 * success, -1 otherwise. */
170 rend_encode_v2_intro_points(char **encoded
, rend_service_descriptor_t
*desc
)
174 size_t unenc_written
= 0;
177 /* Assemble unencrypted list of introduction points. */
178 unenc_len
= smartlist_len(desc
->intro_nodes
) * 1000; /* too long, but ok. */
179 unenc
= tor_malloc_zero(unenc_len
);
180 for (i
= 0; i
< smartlist_len(desc
->intro_nodes
); i
++) {
181 char id_base32
[REND_INTRO_POINT_ID_LEN_BASE32
+ 1];
182 char *onion_key
= NULL
;
183 size_t onion_key_len
;
184 crypto_pk_env_t
*intro_key
;
185 char *service_key
= NULL
;
186 char *address
= NULL
;
187 size_t service_key_len
;
189 rend_intro_point_t
*intro
= smartlist_get(desc
->intro_nodes
, i
);
190 /* Obtain extend info with introduction point details. */
191 extend_info_t
*info
= intro
->extend_info
;
192 /* Encode introduction point ID. */
193 base32_encode(id_base32
, sizeof(id_base32
),
194 info
->identity_digest
, DIGEST_LEN
);
195 /* Encode onion key. */
196 if (crypto_pk_write_public_key_to_string(info
->onion_key
, &onion_key
,
197 &onion_key_len
) < 0) {
198 log_warn(LD_REND
, "Could not write onion key.");
201 /* Encode intro key. */
202 intro_key
= intro
->intro_key
;
204 crypto_pk_write_public_key_to_string(intro_key
, &service_key
,
205 &service_key_len
) < 0) {
206 log_warn(LD_REND
, "Could not write intro key.");
210 /* Assemble everything for this introduction point. */
211 address
= tor_dup_addr(&info
->addr
);
212 res
= tor_snprintf(unenc
+ unenc_written
, unenc_len
- unenc_written
,
213 "introduction-point %s\n"
225 tor_free(service_key
);
227 log_warn(LD_REND
, "Not enough space for writing introduction point "
231 /* Update total number of written bytes for unencrypted intro points. */
232 unenc_written
+= res
;
234 /* Finalize unencrypted introduction points. */
235 if (unenc_len
< unenc_written
+ 2) {
236 log_warn(LD_REND
, "Not enough space for finalizing introduction point "
240 unenc
[unenc_written
++] = '\n';
241 unenc
[unenc_written
++] = 0;
250 /** Encrypt the encoded introduction points in <b>encoded</b> using
251 * authorization type 'basic' with <b>client_cookies</b> and write the
252 * result to a newly allocated string pointed to by <b>encrypted_out</b> of
253 * length <b>encrypted_len_out</b>. Return 0 for success, -1 otherwise. */
255 rend_encrypt_v2_intro_points_basic(char **encrypted_out
,
256 size_t *encrypted_len_out
,
258 smartlist_t
*client_cookies
)
260 int r
= -1, i
, pos
, enclen
, client_blocks
;
261 size_t len
, client_entries_len
;
262 char *enc
= NULL
, iv
[CIPHER_IV_LEN
], *client_part
= NULL
,
263 session_key
[CIPHER_KEY_LEN
];
264 smartlist_t
*encrypted_session_keys
= NULL
;
265 crypto_digest_env_t
*digest
;
266 crypto_cipher_env_t
*cipher
;
268 tor_assert(client_cookies
&& smartlist_len(client_cookies
) > 0);
270 /* Generate session key. */
271 if (crypto_rand(session_key
, CIPHER_KEY_LEN
) < 0) {
272 log_warn(LD_REND
, "Unable to generate random session key to encrypt "
273 "introduction point string.");
277 /* Determine length of encrypted introduction points including session
279 client_blocks
= 1 + ((smartlist_len(client_cookies
) - 1) /
280 REND_BASIC_AUTH_CLIENT_MULTIPLE
);
281 client_entries_len
= client_blocks
* REND_BASIC_AUTH_CLIENT_MULTIPLE
*
282 REND_BASIC_AUTH_CLIENT_ENTRY_LEN
;
283 len
= 2 + client_entries_len
+ CIPHER_IV_LEN
+ strlen(encoded
);
284 if (client_blocks
>= 256) {
285 log_warn(LD_REND
, "Too many clients in introduction point string.");
288 enc
= tor_malloc_zero(len
);
289 enc
[0] = 0x01; /* type of authorization. */
290 enc
[1] = (uint8_t)client_blocks
;
292 /* Encrypt with random session key. */
293 cipher
= crypto_create_init_cipher(session_key
, 1);
294 enclen
= crypto_cipher_encrypt_with_iv(cipher
,
295 enc
+ 2 + client_entries_len
,
296 CIPHER_IV_LEN
+ strlen(encoded
), encoded
, strlen(encoded
));
297 crypto_free_cipher_env(cipher
);
299 log_warn(LD_REND
, "Could not encrypt introduction point string.");
302 memcpy(iv
, enc
+ 2 + client_entries_len
, CIPHER_IV_LEN
);
304 /* Encrypt session key for cookies, determine client IDs, and put both
306 encrypted_session_keys
= smartlist_create();
307 SMARTLIST_FOREACH_BEGIN(client_cookies
, const char *, cookie
) {
308 client_part
= tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN
);
309 /* Encrypt session key. */
310 cipher
= crypto_create_init_cipher(cookie
, 1);
311 if (crypto_cipher_encrypt(cipher
, client_part
+
312 REND_BASIC_AUTH_CLIENT_ID_LEN
,
313 session_key
, CIPHER_KEY_LEN
) < 0) {
314 log_warn(LD_REND
, "Could not encrypt session key for client.");
315 crypto_free_cipher_env(cipher
);
316 tor_free(client_part
);
319 crypto_free_cipher_env(cipher
);
321 /* Determine client ID. */
322 digest
= crypto_new_digest_env();
323 crypto_digest_add_bytes(digest
, cookie
, REND_DESC_COOKIE_LEN
);
324 crypto_digest_add_bytes(digest
, iv
, CIPHER_IV_LEN
);
325 crypto_digest_get_digest(digest
, client_part
,
326 REND_BASIC_AUTH_CLIENT_ID_LEN
);
327 crypto_free_digest_env(digest
);
329 /* Put both together. */
330 smartlist_add(encrypted_session_keys
, client_part
);
331 } SMARTLIST_FOREACH_END(cookie
);
333 /* Add some fake client IDs and encrypted session keys. */
334 for (i
= (smartlist_len(client_cookies
) - 1) %
335 REND_BASIC_AUTH_CLIENT_MULTIPLE
;
336 i
< REND_BASIC_AUTH_CLIENT_MULTIPLE
- 1; i
++) {
337 client_part
= tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN
);
338 if (crypto_rand(client_part
, REND_BASIC_AUTH_CLIENT_ENTRY_LEN
) < 0) {
339 log_warn(LD_REND
, "Unable to generate fake client entry.");
340 tor_free(client_part
);
343 smartlist_add(encrypted_session_keys
, client_part
);
345 /* Sort smartlist and put elements in result in order. */
346 smartlist_sort_digests(encrypted_session_keys
);
348 SMARTLIST_FOREACH(encrypted_session_keys
, const char *, entry
, {
349 memcpy(enc
+ pos
, entry
, REND_BASIC_AUTH_CLIENT_ENTRY_LEN
);
350 pos
+= REND_BASIC_AUTH_CLIENT_ENTRY_LEN
;
352 *encrypted_out
= enc
;
353 *encrypted_len_out
= len
;
354 enc
= NULL
; /* prevent free. */
358 if (encrypted_session_keys
) {
359 SMARTLIST_FOREACH(encrypted_session_keys
, char *, d
, tor_free(d
););
360 smartlist_free(encrypted_session_keys
);
365 /** Encrypt the encoded introduction points in <b>encoded</b> using
366 * authorization type 'stealth' with <b>descriptor_cookie</b> of length
367 * REND_DESC_COOKIE_LEN and write the result to a newly allocated string
368 * pointed to by <b>encrypted_out</b> of length <b>encrypted_len_out</b>.
369 * Return 0 for success, -1 otherwise. */
371 rend_encrypt_v2_intro_points_stealth(char **encrypted_out
,
372 size_t *encrypted_len_out
,
374 const char *descriptor_cookie
)
377 crypto_cipher_env_t
*cipher
;
380 tor_assert(descriptor_cookie
);
382 enc
= tor_malloc_zero(1 + CIPHER_IV_LEN
+ strlen(encoded
));
383 enc
[0] = 0x02; /* Auth type */
384 cipher
= crypto_create_init_cipher(descriptor_cookie
, 1);
385 enclen
= crypto_cipher_encrypt_with_iv(cipher
, enc
+ 1,
386 CIPHER_IV_LEN
+strlen(encoded
),
387 encoded
, strlen(encoded
));
388 crypto_free_cipher_env(cipher
);
390 log_warn(LD_REND
, "Could not encrypt introduction point string.");
393 *encrypted_out
= enc
;
394 *encrypted_len_out
= enclen
;
395 enc
= NULL
; /* prevent free */
402 /** Attempt to parse the given <b>desc_str</b> and return true if this
403 * succeeds, false otherwise. */
405 rend_desc_v2_is_parsable(rend_encoded_v2_service_descriptor_t
*desc
)
407 rend_service_descriptor_t
*test_parsed
= NULL
;
408 char test_desc_id
[DIGEST_LEN
];
409 char *test_intro_content
= NULL
;
410 size_t test_intro_size
;
411 size_t test_encoded_size
;
412 const char *test_next
;
413 int res
= rend_parse_v2_service_descriptor(&test_parsed
, test_desc_id
,
417 &test_next
, desc
->desc_str
);
418 rend_service_descriptor_free(test_parsed
);
419 tor_free(test_intro_content
);
423 /** Free the storage held by an encoded v2 service descriptor. */
425 rend_encoded_v2_service_descriptor_free(
426 rend_encoded_v2_service_descriptor_t
*desc
)
430 tor_free(desc
->desc_str
);
434 /** Free the storage held by an introduction point info. */
436 rend_intro_point_free(rend_intro_point_t
*intro
)
441 extend_info_free(intro
->extend_info
);
442 crypto_free_pk_env(intro
->intro_key
);
446 /** Encode a set of rend_encoded_v2_service_descriptor_t's for <b>desc</b>
447 * at time <b>now</b> using <b>service_key</b>, depending on
448 * <b>auth_type</b> a <b>descriptor_cookie</b> and a list of
449 * <b>client_cookies</b> (which are both <b>NULL</b> if no client
450 * authorization is performed), and <b>period</b> (e.g. 0 for the current
451 * period, 1 for the next period, etc.) and add them to the existing list
452 * <b>descs_out</b>; return the number of seconds that the descriptors will
453 * be found by clients, or -1 if the encoding was not successful. */
455 rend_encode_v2_descriptors(smartlist_t
*descs_out
,
456 rend_service_descriptor_t
*desc
, time_t now
,
457 uint8_t period
, rend_auth_type_t auth_type
,
458 crypto_pk_env_t
*client_key
,
459 smartlist_t
*client_cookies
)
461 char service_id
[DIGEST_LEN
];
462 uint32_t time_period
;
463 char *ipos_base64
= NULL
, *ipos
= NULL
, *ipos_encrypted
= NULL
,
464 *descriptor_cookie
= NULL
;
465 size_t ipos_len
= 0, ipos_encrypted_len
= 0;
467 uint32_t seconds_valid
;
468 crypto_pk_env_t
*service_key
;
470 log_warn(LD_BUG
, "Could not encode v2 descriptor: No desc given.");
473 service_key
= (auth_type
== REND_STEALTH_AUTH
) ? client_key
: desc
->pk
;
474 tor_assert(service_key
);
475 if (auth_type
== REND_STEALTH_AUTH
) {
476 descriptor_cookie
= smartlist_get(client_cookies
, 0);
477 tor_assert(descriptor_cookie
);
479 /* Obtain service_id from public key. */
480 crypto_pk_get_digest(service_key
, service_id
);
481 /* Calculate current time-period. */
482 time_period
= get_time_period(now
, period
, service_id
);
483 /* Determine how many seconds the descriptor will be valid. */
484 seconds_valid
= period
* REND_TIME_PERIOD_V2_DESC_VALIDITY
+
485 get_seconds_valid(now
, service_id
);
486 /* Assemble, possibly encrypt, and encode introduction points. */
487 if (smartlist_len(desc
->intro_nodes
) > 0) {
488 if (rend_encode_v2_intro_points(&ipos
, desc
) < 0) {
489 log_warn(LD_REND
, "Encoding of introduction points did not succeed.");
494 ipos_len
= strlen(ipos
);
496 case REND_BASIC_AUTH
:
497 if (rend_encrypt_v2_intro_points_basic(&ipos_encrypted
,
498 &ipos_encrypted_len
, ipos
,
499 client_cookies
) < 0) {
500 log_warn(LD_REND
, "Encrypting of introduction points did not "
506 ipos
= ipos_encrypted
;
507 ipos_len
= ipos_encrypted_len
;
509 case REND_STEALTH_AUTH
:
510 if (rend_encrypt_v2_intro_points_stealth(&ipos_encrypted
,
511 &ipos_encrypted_len
, ipos
,
512 descriptor_cookie
) < 0) {
513 log_warn(LD_REND
, "Encrypting of introduction points did not "
519 ipos
= ipos_encrypted
;
520 ipos_len
= ipos_encrypted_len
;
523 log_warn(LD_REND
|LD_BUG
, "Unrecognized authorization type %d",
528 /* Base64-encode introduction points. */
529 ipos_base64
= tor_malloc_zero(ipos_len
* 2);
530 if (base64_encode(ipos_base64
, ipos_len
* 2, ipos
, ipos_len
)<0) {
531 log_warn(LD_REND
, "Could not encode introduction point string to "
532 "base64. length=%d", (int)ipos_len
);
533 tor_free(ipos_base64
);
539 /* Encode REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS descriptors. */
540 for (k
= 0; k
< REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS
; k
++) {
541 char secret_id_part
[DIGEST_LEN
];
542 char secret_id_part_base32
[REND_SECRET_ID_PART_LEN_BASE32
+ 1];
543 char desc_id_base32
[REND_DESC_ID_V2_LEN_BASE32
+ 1];
544 char *permanent_key
= NULL
;
545 size_t permanent_key_len
;
546 char published
[ISO_TIME_LEN
+1];
548 char protocol_versions_string
[16]; /* max len: "0,1,2,3,4,5,6,7\0" */
549 size_t protocol_versions_written
;
551 char *desc_str
= NULL
;
554 char desc_digest
[DIGEST_LEN
];
555 rend_encoded_v2_service_descriptor_t
*enc
=
556 tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t
));
557 /* Calculate secret-id-part = h(time-period + cookie + replica). */
558 get_secret_id_part_bytes(secret_id_part
, time_period
, descriptor_cookie
,
560 base32_encode(secret_id_part_base32
, sizeof(secret_id_part_base32
),
561 secret_id_part
, DIGEST_LEN
);
562 /* Calculate descriptor ID. */
563 rend_get_descriptor_id_bytes(enc
->desc_id
, service_id
, secret_id_part
);
564 base32_encode(desc_id_base32
, sizeof(desc_id_base32
),
565 enc
->desc_id
, DIGEST_LEN
);
566 /* PEM-encode the public key */
567 if (crypto_pk_write_public_key_to_string(service_key
, &permanent_key
,
568 &permanent_key_len
) < 0) {
569 log_warn(LD_BUG
, "Could not write public key to string.");
570 rend_encoded_v2_service_descriptor_free(enc
);
573 /* Encode timestamp. */
574 format_iso_time(published
, desc
->timestamp
);
575 /* Write protocol-versions bitmask to comma-separated value string. */
576 protocol_versions_written
= 0;
577 for (i
= 0; i
< 8; i
++) {
578 if (desc
->protocols
& 1 << i
) {
579 tor_snprintf(protocol_versions_string
+ protocol_versions_written
,
580 16 - protocol_versions_written
, "%d,", i
);
581 protocol_versions_written
+= 2;
584 if (protocol_versions_written
)
585 protocol_versions_string
[protocol_versions_written
- 1] = '\0';
587 protocol_versions_string
[0]= '\0';
588 /* Assemble complete descriptor. */
589 desc_len
= 2000 + smartlist_len(desc
->intro_nodes
) * 1000; /* far too long,
591 enc
->desc_str
= desc_str
= tor_malloc_zero(desc_len
);
592 result
= tor_snprintf(desc_str
, desc_len
,
593 "rendezvous-service-descriptor %s\n"
596 "secret-id-part %s\n"
597 "publication-time %s\n"
598 "protocol-versions %s\n",
601 secret_id_part_base32
,
603 protocol_versions_string
);
604 tor_free(permanent_key
);
606 log_warn(LD_BUG
, "Descriptor ran out of room.");
607 rend_encoded_v2_service_descriptor_free(enc
);
611 /* Add introduction points. */
613 result
= tor_snprintf(desc_str
+ written
, desc_len
- written
,
614 "introduction-points\n"
615 "-----BEGIN MESSAGE-----\n%s"
616 "-----END MESSAGE-----\n",
619 log_warn(LD_BUG
, "could not write introduction points.");
620 rend_encoded_v2_service_descriptor_free(enc
);
626 strlcpy(desc_str
+ written
, "signature\n", desc_len
- written
);
627 written
+= strlen(desc_str
+ written
);
628 if (crypto_digest(desc_digest
, desc_str
, written
) < 0) {
629 log_warn(LD_BUG
, "could not create digest.");
630 rend_encoded_v2_service_descriptor_free(enc
);
633 if (router_append_dirobj_signature(desc_str
+ written
,
635 desc_digest
, DIGEST_LEN
,
637 log_warn(LD_BUG
, "Couldn't sign desc.");
638 rend_encoded_v2_service_descriptor_free(enc
);
641 written
+= strlen(desc_str
+written
);
642 if (written
+2 > desc_len
) {
643 log_warn(LD_BUG
, "Could not finish desc.");
644 rend_encoded_v2_service_descriptor_free(enc
);
647 desc_str
[written
++] = '\n';
648 desc_str
[written
++] = 0;
649 /* Check if we can parse our own descriptor. */
650 if (!rend_desc_v2_is_parsable(enc
)) {
651 log_warn(LD_BUG
, "Could not parse my own descriptor: %s", desc_str
);
652 rend_encoded_v2_service_descriptor_free(enc
);
655 smartlist_add(descs_out
, enc
);
658 log_info(LD_REND
, "Successfully encoded a v2 descriptor and "
659 "confirmed that it is parsable.");
663 SMARTLIST_FOREACH(descs_out
, rend_encoded_v2_service_descriptor_t
*, d
,
664 rend_encoded_v2_service_descriptor_free(d
););
665 smartlist_clear(descs_out
);
669 tor_free(ipos_base64
);
670 return seconds_valid
;
673 /** Parse a service descriptor at <b>str</b> (<b>len</b> bytes). On
674 * success, return a newly alloced service_descriptor_t. On failure,
677 rend_service_descriptor_t
*
678 rend_parse_service_descriptor(const char *str
, size_t len
)
680 rend_service_descriptor_t
*result
= NULL
;
681 int i
, n_intro_points
;
682 size_t keylen
, asn1len
;
683 const char *end
, *cp
, *eos
;
684 rend_intro_point_t
*intro
;
686 result
= tor_malloc_zero(sizeof(rend_service_descriptor_t
));
689 if (end
-cp
<2) goto truncated
;
691 if (end
-cp
< 2) goto truncated
;
692 asn1len
= ntohs(get_uint16(cp
));
694 if ((size_t)(end
-cp
) < asn1len
) goto truncated
;
695 result
->pk
= crypto_pk_asn1_decode(cp
, asn1len
);
696 if (!result
->pk
) goto truncated
;
698 if (end
-cp
< 4) goto truncated
;
699 result
->timestamp
= (time_t) ntohl(get_uint32(cp
));
701 result
->protocols
= 1<<2; /* always use intro format 2 */
702 if (end
-cp
< 2) goto truncated
;
703 n_intro_points
= ntohs(get_uint16(cp
));
706 result
->intro_nodes
= smartlist_create();
707 for (i
=0;i
<n_intro_points
;++i
) {
708 if (end
-cp
< 2) goto truncated
;
709 eos
= (const char *)memchr(cp
,'\0',end
-cp
);
710 if (!eos
) goto truncated
;
711 /* Write nickname to extend info, but postpone the lookup whether
712 * we know that router. It's not part of the parsing process. */
713 intro
= tor_malloc_zero(sizeof(rend_intro_point_t
));
714 intro
->extend_info
= tor_malloc_zero(sizeof(extend_info_t
));
715 strlcpy(intro
->extend_info
->nickname
, cp
,
716 sizeof(intro
->extend_info
->nickname
));
717 smartlist_add(result
->intro_nodes
, intro
);
720 keylen
= crypto_pk_keysize(result
->pk
);
721 tor_assert(end
-cp
>= 0);
722 if ((size_t)(end
-cp
) < keylen
) goto truncated
;
723 if ((size_t)(end
-cp
) > keylen
) {
724 log_warn(LD_PROTOCOL
,
725 "Signature is %d bytes too long on service descriptor.",
726 (int)((size_t)(end
-cp
) - keylen
));
729 note_crypto_pk_op(REND_CLIENT
);
730 if (crypto_pk_public_checksig_digest(result
->pk
,
731 (char*)str
,cp
-str
, /* data */
732 (char*)cp
,end
-cp
/* signature*/
734 log_warn(LD_PROTOCOL
, "Bad signature on service descriptor.");
740 log_warn(LD_PROTOCOL
, "Truncated service descriptor.");
742 rend_service_descriptor_free(result
);
746 /** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
747 * base32 encoded. NUL-terminates out. (We use this string to
748 * identify services in directory requests and .onion URLs.)
751 rend_get_service_id(crypto_pk_env_t
*pk
, char *out
)
753 char buf
[DIGEST_LEN
];
755 if (crypto_pk_get_digest(pk
, buf
) < 0)
757 base32_encode(out
, REND_SERVICE_ID_LEN_BASE32
+1, buf
, REND_SERVICE_ID_LEN
);
761 /* ==== Rendezvous service descriptor cache. */
763 /** How old do we let hidden service descriptors get before discarding
764 * them as too old? */
765 #define REND_CACHE_MAX_AGE (2*24*60*60)
766 /** How wrong do we assume our clock may be when checking whether hidden
767 * services are too old or too new? */
768 #define REND_CACHE_MAX_SKEW (24*60*60)
770 /** Map from service id (as generated by rend_get_service_id) to
771 * rend_cache_entry_t. */
772 static strmap_t
*rend_cache
= NULL
;
774 /** Map from descriptor id to rend_cache_entry_t; only for hidden service
776 static digestmap_t
*rend_cache_v2_dir
= NULL
;
778 /** Initializes the service descriptor cache.
781 rend_cache_init(void)
783 rend_cache
= strmap_new();
784 rend_cache_v2_dir
= digestmap_new();
787 /** Helper: free storage held by a single service descriptor cache entry. */
789 rend_cache_entry_free(rend_cache_entry_t
*e
)
793 rend_service_descriptor_free(e
->parsed
);
799 _rend_cache_entry_free(void *p
)
801 rend_cache_entry_free(p
);
804 /** Free all storage held by the service descriptor cache. */
806 rend_cache_free_all(void)
808 strmap_free(rend_cache
, _rend_cache_entry_free
);
809 digestmap_free(rend_cache_v2_dir
, _rend_cache_entry_free
);
811 rend_cache_v2_dir
= NULL
;
814 /** Removes all old entries from the service descriptor cache.
817 rend_cache_clean(void)
822 rend_cache_entry_t
*ent
;
824 cutoff
= time(NULL
) - REND_CACHE_MAX_AGE
- REND_CACHE_MAX_SKEW
;
825 for (iter
= strmap_iter_init(rend_cache
); !strmap_iter_done(iter
); ) {
826 strmap_iter_get(iter
, &key
, &val
);
827 ent
= (rend_cache_entry_t
*)val
;
828 if (ent
->parsed
->timestamp
< cutoff
) {
829 iter
= strmap_iter_next_rmv(rend_cache
, iter
);
830 rend_cache_entry_free(ent
);
832 iter
= strmap_iter_next(rend_cache
, iter
);
837 /** Remove ALL entries from the rendezvous service descriptor cache.
840 rend_cache_purge(void)
843 strmap_free(rend_cache
, _rend_cache_entry_free
);
844 rend_cache
= strmap_new();
847 /** Remove all old v2 descriptors and those for which this hidden service
848 * directory is not responsible for any more. */
850 rend_cache_clean_v2_descs_as_dir(void)
852 digestmap_iter_t
*iter
;
853 time_t cutoff
= time(NULL
) - REND_CACHE_MAX_AGE
- REND_CACHE_MAX_SKEW
;
854 for (iter
= digestmap_iter_init(rend_cache_v2_dir
);
855 !digestmap_iter_done(iter
); ) {
858 rend_cache_entry_t
*ent
;
859 digestmap_iter_get(iter
, &key
, &val
);
861 if (ent
->parsed
->timestamp
< cutoff
||
862 !hid_serv_responsible_for_desc_id(key
)) {
863 char key_base32
[REND_DESC_ID_V2_LEN_BASE32
+ 1];
864 base32_encode(key_base32
, sizeof(key_base32
), key
, DIGEST_LEN
);
865 log_info(LD_REND
, "Removing descriptor with ID '%s' from cache",
866 safe_str_client(key_base32
));
867 iter
= digestmap_iter_next_rmv(rend_cache_v2_dir
, iter
);
868 rend_cache_entry_free(ent
);
870 iter
= digestmap_iter_next(rend_cache_v2_dir
, iter
);
875 /** Determines whether <b>a</b> is in the interval of <b>b</b> (excluded) and
876 * <b>c</b> (included) in a circular digest ring; returns 1 if this is the
877 * case, and 0 otherwise.
880 rend_id_is_in_interval(const char *a
, const char *b
, const char *c
)
887 /* There are five cases in which a is outside the interval ]b,c]: */
888 a_b
= memcmp(a
,b
,DIGEST_LEN
);
890 return 0; /* 1. a == b (b is excluded) */
891 b_c
= memcmp(b
,c
,DIGEST_LEN
);
893 return 0; /* 2. b == c (interval is empty) */
894 else if (a_b
<= 0 && b_c
< 0)
895 return 0; /* 3. a b c */
896 c_a
= memcmp(c
,a
,DIGEST_LEN
);
897 if (c_a
< 0 && a_b
<= 0)
898 return 0; /* 4. c a b */
899 else if (b_c
< 0 && c_a
< 0)
900 return 0; /* 5. b c a */
902 /* In the other cases (a c b; b a c; c b a), a is inside the interval. */
906 /** Return true iff <b>query</b> is a syntactically valid service ID (as
907 * generated by rend_get_service_id). */
909 rend_valid_service_id(const char *query
)
911 if (strlen(query
) != REND_SERVICE_ID_LEN_BASE32
)
914 if (strspn(query
, BASE32_CHARS
) != REND_SERVICE_ID_LEN_BASE32
)
920 /** If we have a cached rend_cache_entry_t for the service ID <b>query</b>
921 * with <b>version</b>, set *<b>e</b> to that entry and return 1.
922 * Else return 0. If <b>version</b> is nonnegative, only return an entry
923 * in that descriptor format version. Otherwise (if <b>version</b> is
924 * negative), return the most recent format we have.
927 rend_cache_lookup_entry(const char *query
, int version
, rend_cache_entry_t
**e
)
929 char key
[REND_SERVICE_ID_LEN_BASE32
+2]; /* <version><query>\0 */
930 tor_assert(rend_cache
);
931 if (!rend_valid_service_id(query
))
935 tor_snprintf(key
, sizeof(key
), "2%s", query
);
936 *e
= strmap_get_lc(rend_cache
, key
);
938 if (!*e
&& version
!= 2) {
939 tor_snprintf(key
, sizeof(key
), "0%s", query
);
940 *e
= strmap_get_lc(rend_cache
, key
);
944 tor_assert((*e
)->parsed
&& (*e
)->parsed
->intro_nodes
);
945 /* XXX023 hack for now, to return "not found" if there are no intro
946 * points remaining. See bug 997. */
947 if (! rend_client_any_intro_points_usable(*e
))
952 /** <b>query</b> is a base-32'ed service id. If it's malformed, return -1.
954 * - If it is found, point *desc to it, and write its length into
955 * *desc_len, and return 1.
956 * - If it is not found, return 0.
957 * Note: calls to rend_cache_clean or rend_cache_store may invalidate
961 rend_cache_lookup_desc(const char *query
, int version
, const char **desc
,
964 rend_cache_entry_t
*e
;
966 r
= rend_cache_lookup_entry(query
,version
,&e
);
967 if (r
<= 0) return r
;
973 /** Lookup the v2 service descriptor with base32-encoded <b>desc_id</b> and
974 * copy the pointer to it to *<b>desc</b>. Return 1 on success, 0 on
975 * well-formed-but-not-found, and -1 on failure.
978 rend_cache_lookup_v2_desc_as_dir(const char *desc_id
, const char **desc
)
980 rend_cache_entry_t
*e
;
981 char desc_id_digest
[DIGEST_LEN
];
982 tor_assert(rend_cache_v2_dir
);
983 if (base32_decode(desc_id_digest
, DIGEST_LEN
,
984 desc_id
, REND_DESC_ID_V2_LEN_BASE32
) < 0) {
985 log_warn(LD_REND
, "Descriptor ID contains illegal characters: %s",
989 /* Determine if we are responsible. */
990 if (hid_serv_responsible_for_desc_id(desc_id_digest
) < 0) {
991 log_info(LD_REND
, "Could not answer fetch request for v2 descriptor; "
992 "either we are no hidden service directory, or we are "
993 "not responsible for the requested ID.");
996 /* Lookup descriptor and return. */
997 e
= digestmap_get(rend_cache_v2_dir
, desc_id_digest
);
1005 /** Parse *desc, calculate its service id, and store it in the cache.
1006 * If we have a newer v0 descriptor with the same ID, ignore this one.
1007 * If we have an older descriptor with the same ID, replace it.
1008 * If we are acting as client due to the published flag and have any v2
1009 * descriptor with the same ID, reject this one in order to not get
1010 * confused with having both versions for the same service.
1012 * Return -2 if it's malformed or otherwise rejected; return -1 if we
1013 * already have a v2 descriptor here; return 0 if it's the same or older
1014 * than one we've already got; return 1 if it's novel.
1016 * The published flag tells us if we store the descriptor
1017 * in our role as directory (1) or if we cache it as client (0).
1020 rend_cache_store(const char *desc
, size_t desc_len
, int published
)
1022 rend_cache_entry_t
*e
;
1023 rend_service_descriptor_t
*parsed
;
1024 char query
[REND_SERVICE_ID_LEN_BASE32
+1];
1025 char key
[REND_SERVICE_ID_LEN_BASE32
+2]; /* 0<query>\0 */
1027 tor_assert(rend_cache
);
1028 parsed
= rend_parse_service_descriptor(desc
,desc_len
);
1030 log_warn(LD_PROTOCOL
,"Couldn't parse service descriptor.");
1033 if (rend_get_service_id(parsed
->pk
, query
)<0) {
1034 log_warn(LD_BUG
,"Couldn't compute service ID.");
1035 rend_service_descriptor_free(parsed
);
1039 if (parsed
->timestamp
< now
-REND_CACHE_MAX_AGE
-REND_CACHE_MAX_SKEW
) {
1040 log_fn(LOG_PROTOCOL_WARN
, LD_REND
,
1041 "Service descriptor %s is too old.",
1042 safe_str_client(query
));
1043 rend_service_descriptor_free(parsed
);
1046 if (parsed
->timestamp
> now
+REND_CACHE_MAX_SKEW
) {
1047 log_fn(LOG_PROTOCOL_WARN
, LD_REND
,
1048 "Service descriptor %s is too far in the future.",
1049 safe_str_client(query
));
1050 rend_service_descriptor_free(parsed
);
1053 /* Do we have a v2 descriptor and fetched this descriptor as a client? */
1054 tor_snprintf(key
, sizeof(key
), "2%s", query
);
1055 if (!published
&& strmap_get_lc(rend_cache
, key
)) {
1056 log_info(LD_REND
, "We already have a v2 descriptor for service %s.",
1057 safe_str_client(query
));
1058 rend_service_descriptor_free(parsed
);
1061 tor_snprintf(key
, sizeof(key
), "0%s", query
);
1062 e
= (rend_cache_entry_t
*) strmap_get_lc(rend_cache
, key
);
1063 if (e
&& e
->parsed
->timestamp
> parsed
->timestamp
) {
1064 log_info(LD_REND
,"We already have a newer service descriptor %s with the "
1065 "same ID and version.",
1066 safe_str_client(query
));
1067 rend_service_descriptor_free(parsed
);
1070 if (e
&& e
->len
== desc_len
&& !memcmp(desc
,e
->desc
,desc_len
)) {
1071 log_info(LD_REND
,"We already have this service descriptor %s.",
1072 safe_str_client(query
));
1073 e
->received
= time(NULL
);
1074 rend_service_descriptor_free(parsed
);
1078 e
= tor_malloc_zero(sizeof(rend_cache_entry_t
));
1079 strmap_set_lc(rend_cache
, key
, e
);
1081 rend_service_descriptor_free(e
->parsed
);
1084 e
->received
= time(NULL
);
1087 e
->desc
= tor_malloc(desc_len
);
1088 memcpy(e
->desc
, desc
, desc_len
);
1090 log_debug(LD_REND
,"Successfully stored rend desc '%s', len %d.",
1091 safe_str_client(query
), (int)desc_len
);
1095 /** Parse the v2 service descriptor(s) in <b>desc</b> and store it/them to the
1096 * local rend cache. Don't attempt to decrypt the included list of introduction
1097 * points (as we don't have a descriptor cookie for it).
1099 * If we have a newer descriptor with the same ID, ignore this one.
1100 * If we have an older descriptor with the same ID, replace it.
1101 * Return -2 if we are not acting as hidden service directory;
1102 * return -1 if the descriptor(s) were not parsable; return 0 if all
1103 * descriptors are the same or older than those we've already got;
1104 * return a positive number for the number of novel stored descriptors.
1107 rend_cache_store_v2_desc_as_dir(const char *desc
)
1109 rend_service_descriptor_t
*parsed
;
1110 char desc_id
[DIGEST_LEN
];
1111 char *intro_content
;
1113 size_t encoded_size
;
1114 char desc_id_base32
[REND_DESC_ID_V2_LEN_BASE32
+ 1];
1115 int number_parsed
= 0, number_stored
= 0;
1116 const char *current_desc
= desc
;
1117 const char *next_desc
;
1118 rend_cache_entry_t
*e
;
1119 time_t now
= time(NULL
);
1120 tor_assert(rend_cache_v2_dir
);
1122 if (!hid_serv_acting_as_directory()) {
1123 /* Cannot store descs, because we are (currently) not acting as
1124 * hidden service directory. */
1125 log_info(LD_REND
, "Cannot store descs: Not acting as hs dir");
1128 while (rend_parse_v2_service_descriptor(&parsed
, desc_id
, &intro_content
,
1129 &intro_size
, &encoded_size
,
1130 &next_desc
, current_desc
) >= 0) {
1132 /* We don't care about the introduction points. */
1133 tor_free(intro_content
);
1134 /* For pretty log statements. */
1135 base32_encode(desc_id_base32
, sizeof(desc_id_base32
),
1136 desc_id
, DIGEST_LEN
);
1137 /* Is desc ID in the range that we are (directly or indirectly) responsible
1139 if (!hid_serv_responsible_for_desc_id(desc_id
)) {
1140 log_info(LD_REND
, "Service descriptor with desc ID %s is not in "
1141 "interval that we are responsible for.",
1142 safe_str_client(desc_id_base32
));
1145 /* Is descriptor too old? */
1146 if (parsed
->timestamp
< now
- REND_CACHE_MAX_AGE
-REND_CACHE_MAX_SKEW
) {
1147 log_info(LD_REND
, "Service descriptor with desc ID %s is too old.",
1148 safe_str(desc_id_base32
));
1151 /* Is descriptor too far in the future? */
1152 if (parsed
->timestamp
> now
+ REND_CACHE_MAX_SKEW
) {
1153 log_info(LD_REND
, "Service descriptor with desc ID %s is too far in the "
1155 safe_str(desc_id_base32
));
1158 /* Do we already have a newer descriptor? */
1159 e
= digestmap_get(rend_cache_v2_dir
, desc_id
);
1160 if (e
&& e
->parsed
->timestamp
> parsed
->timestamp
) {
1161 log_info(LD_REND
, "We already have a newer service descriptor with the "
1162 "same desc ID %s and version.",
1163 safe_str(desc_id_base32
));
1166 /* Do we already have this descriptor? */
1167 if (e
&& !strcmp(desc
, e
->desc
)) {
1168 log_info(LD_REND
, "We already have this service descriptor with desc "
1169 "ID %s.", safe_str(desc_id_base32
));
1170 e
->received
= time(NULL
);
1173 /* Store received descriptor. */
1175 e
= tor_malloc_zero(sizeof(rend_cache_entry_t
));
1176 digestmap_set(rend_cache_v2_dir
, desc_id
, e
);
1178 rend_service_descriptor_free(e
->parsed
);
1181 e
->received
= time(NULL
);
1183 e
->desc
= tor_strndup(current_desc
, encoded_size
);
1184 e
->len
= encoded_size
;
1185 log_info(LD_REND
, "Successfully stored service descriptor with desc ID "
1187 safe_str(desc_id_base32
), (int)encoded_size
);
1191 rend_service_descriptor_free(parsed
);
1193 /* advance to next descriptor, if available. */
1194 current_desc
= next_desc
;
1195 /* check if there is a next descriptor. */
1196 if (!current_desc
||
1197 strcmpstart(current_desc
, "rendezvous-service-descriptor "))
1200 if (!number_parsed
) {
1201 log_info(LD_REND
, "Could not parse any descriptor.");
1204 log_info(LD_REND
, "Parsed %d and added %d descriptor%s.",
1205 number_parsed
, number_stored
, number_stored
!= 1 ? "s" : "");
1206 return number_stored
;
1209 /** Parse the v2 service descriptor in <b>desc</b>, decrypt the included list
1210 * of introduction points with <b>descriptor_cookie</b> (which may also be
1211 * <b>NULL</b> if decryption is not necessary), and store the descriptor to
1212 * the local cache under its version and service id.
1214 * If we have a newer v2 descriptor with the same ID, ignore this one.
1215 * If we have an older descriptor with the same ID, replace it.
1216 * If we have any v0 descriptor with the same ID, reject this one in order
1217 * to not get confused with having both versions for the same service.
1218 * Return -2 if it's malformed or otherwise rejected; return -1 if we
1219 * already have a v0 descriptor here; return 0 if it's the same or older
1220 * than one we've already got; return 1 if it's novel.
1223 rend_cache_store_v2_desc_as_client(const char *desc
,
1224 const rend_data_t
*rend_query
)
1226 /*XXXX this seems to have a bit of duplicate code with
1227 * rend_cache_store_v2_desc_as_dir(). Fix that. */
1228 /* Though having similar elements, both functions were separated on
1230 * - dirs don't care about encoded/encrypted introduction points, clients
1232 * - dirs store descriptors in a separate cache by descriptor ID, whereas
1233 * clients store them by service ID; both caches are different data
1234 * structures and have different access methods.
1235 * - dirs store a descriptor only if they are responsible for its ID,
1236 * clients do so in every way (because they have requested it before).
1237 * - dirs can process multiple concatenated descriptors which is required
1238 * for replication, whereas clients only accept a single descriptor.
1239 * Thus, combining both methods would result in a lot of if statements
1240 * which probably would not improve, but worsen code readability. -KL */
1241 rend_service_descriptor_t
*parsed
= NULL
;
1242 char desc_id
[DIGEST_LEN
];
1243 char *intro_content
= NULL
;
1245 size_t encoded_size
;
1246 const char *next_desc
;
1247 time_t now
= time(NULL
);
1248 char key
[REND_SERVICE_ID_LEN_BASE32
+2];
1249 char service_id
[REND_SERVICE_ID_LEN_BASE32
+1];
1250 rend_cache_entry_t
*e
;
1252 tor_assert(rend_cache
);
1254 /* Parse the descriptor. */
1255 if (rend_parse_v2_service_descriptor(&parsed
, desc_id
, &intro_content
,
1256 &intro_size
, &encoded_size
,
1257 &next_desc
, desc
) < 0) {
1258 log_warn(LD_REND
, "Could not parse descriptor.");
1262 /* Compute service ID from public key. */
1263 if (rend_get_service_id(parsed
->pk
, service_id
)<0) {
1264 log_warn(LD_REND
, "Couldn't compute service ID.");
1268 /* Decode/decrypt introduction points. */
1269 if (intro_content
) {
1270 if (rend_query
->auth_type
!= REND_NO_AUTH
&&
1271 !tor_mem_is_zero(rend_query
->descriptor_cookie
,
1272 sizeof(rend_query
->descriptor_cookie
))) {
1273 char *ipos_decrypted
= NULL
;
1274 size_t ipos_decrypted_size
;
1275 if (rend_decrypt_introduction_points(&ipos_decrypted
,
1276 &ipos_decrypted_size
,
1277 rend_query
->descriptor_cookie
,
1280 log_warn(LD_REND
, "Failed to decrypt introduction points. We are "
1281 "probably unable to parse the encoded introduction points.");
1283 /* Replace encrypted with decrypted introduction points. */
1284 log_info(LD_REND
, "Successfully decrypted introduction points.");
1285 tor_free(intro_content
);
1286 intro_content
= ipos_decrypted
;
1287 intro_size
= ipos_decrypted_size
;
1290 if (rend_parse_introduction_points(parsed
, intro_content
,
1292 log_warn(LD_REND
, "Failed to parse introduction points. Either the "
1293 "service has published a corrupt descriptor or you have "
1294 "provided invalid authorization data.");
1299 log_info(LD_REND
, "Descriptor does not contain any introduction points.");
1300 parsed
->intro_nodes
= smartlist_create();
1302 /* We don't need the encoded/encrypted introduction points any longer. */
1303 tor_free(intro_content
);
1304 /* Is descriptor too old? */
1305 if (parsed
->timestamp
< now
- REND_CACHE_MAX_AGE
-REND_CACHE_MAX_SKEW
) {
1306 log_warn(LD_REND
, "Service descriptor with service ID %s is too old.",
1307 safe_str_client(service_id
));
1311 /* Is descriptor too far in the future? */
1312 if (parsed
->timestamp
> now
+ REND_CACHE_MAX_SKEW
) {
1313 log_warn(LD_REND
, "Service descriptor with service ID %s is too far in "
1314 "the future.", safe_str_client(service_id
));
1318 /* Do we have a v0 descriptor? */
1319 tor_snprintf(key
, sizeof(key
), "0%s", service_id
);
1320 if (strmap_get_lc(rend_cache
, key
)) {
1321 log_info(LD_REND
, "We already have a v0 descriptor for service ID %s.",
1322 safe_str_client(service_id
));
1326 /* Do we already have a newer descriptor? */
1327 tor_snprintf(key
, sizeof(key
), "2%s", service_id
);
1328 e
= (rend_cache_entry_t
*) strmap_get_lc(rend_cache
, key
);
1329 if (e
&& e
->parsed
->timestamp
> parsed
->timestamp
) {
1330 log_info(LD_REND
, "We already have a newer service descriptor for "
1331 "service ID %s with the same desc ID and version.",
1332 safe_str_client(service_id
));
1336 /* Do we already have this descriptor? */
1337 if (e
&& !strcmp(desc
, e
->desc
)) {
1338 log_info(LD_REND
,"We already have this service descriptor %s.",
1339 safe_str_client(service_id
));
1340 e
->received
= time(NULL
);
1345 e
= tor_malloc_zero(sizeof(rend_cache_entry_t
));
1346 strmap_set_lc(rend_cache
, key
, e
);
1348 rend_service_descriptor_free(e
->parsed
);
1351 e
->received
= time(NULL
);
1353 e
->desc
= tor_malloc_zero(encoded_size
+ 1);
1354 strlcpy(e
->desc
, desc
, encoded_size
+ 1);
1355 e
->len
= encoded_size
;
1356 log_debug(LD_REND
,"Successfully stored rend desc '%s', len %d.",
1357 safe_str_client(service_id
), (int)encoded_size
);
1361 rend_service_descriptor_free(parsed
);
1362 tor_free(intro_content
);
1366 /** Called when we get a rendezvous-related relay cell on circuit
1367 * <b>circ</b>. Dispatch on rendezvous relay command. */
1369 rend_process_relay_cell(circuit_t
*circ
, const crypt_path_t
*layer_hint
,
1370 int command
, size_t length
,
1371 const uint8_t *payload
)
1373 or_circuit_t
*or_circ
= NULL
;
1374 origin_circuit_t
*origin_circ
= NULL
;
1376 if (CIRCUIT_IS_ORIGIN(circ
)) {
1377 origin_circ
= TO_ORIGIN_CIRCUIT(circ
);
1378 if (!layer_hint
|| layer_hint
!= origin_circ
->cpath
->prev
) {
1379 log_fn(LOG_PROTOCOL_WARN
, LD_APP
,
1380 "Relay cell (rend purpose %d) from wrong hop on origin circ",
1385 or_circ
= TO_OR_CIRCUIT(circ
);
1389 case RELAY_COMMAND_ESTABLISH_INTRO
:
1391 r
= rend_mid_establish_intro(or_circ
,payload
,length
);
1393 case RELAY_COMMAND_ESTABLISH_RENDEZVOUS
:
1395 r
= rend_mid_establish_rendezvous(or_circ
,payload
,length
);
1397 case RELAY_COMMAND_INTRODUCE1
:
1399 r
= rend_mid_introduce(or_circ
,payload
,length
);
1401 case RELAY_COMMAND_INTRODUCE2
:
1403 r
= rend_service_introduce(origin_circ
,payload
,length
);
1405 case RELAY_COMMAND_INTRODUCE_ACK
:
1407 r
= rend_client_introduction_acked(origin_circ
,payload
,length
);
1409 case RELAY_COMMAND_RENDEZVOUS1
:
1411 r
= rend_mid_rendezvous(or_circ
,payload
,length
);
1413 case RELAY_COMMAND_RENDEZVOUS2
:
1415 r
= rend_client_receive_rendezvous(origin_circ
,payload
,length
);
1417 case RELAY_COMMAND_INTRO_ESTABLISHED
:
1419 r
= rend_service_intro_established(origin_circ
,payload
,length
);
1421 case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED
:
1423 r
= rend_client_rendezvous_acked(origin_circ
,payload
,length
);
1426 tor_fragile_assert();
1430 log_info(LD_PROTOCOL
, "Dropping cell (type %d) for wrong circuit type.",
1434 /** Return the number of entries in our rendezvous descriptor cache. */
1436 rend_cache_size(void)
1438 return strmap_size(rend_cache
);
1441 /** Allocate and return a new rend_data_t with the same
1442 * contents as <b>query</b>. */
1444 rend_data_dup(const rend_data_t
*data
)
1447 return tor_memdup(data
, sizeof(rend_data_t
));