| blob | e16ec89ccb51a5fb4d64fb4e1bc556c08ac2e9fe |
1 /* Copyright (c) 2016-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 /**
5 * \file hs_common.c
6 * \brief Contains code shared between different HS protocol version as well
7 * as useful data structures and accessors used by other subsystems.
8 **/
10 #define HS_COMMON_PRIVATE
45 /* Trunnel */
48 /** Ed25519 Basepoint value. Taken from section 5 of
49 * https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03 */
51 "(15112221349535400772501151409588531511"
52 "454012693041857206046113283949847762202, "
53 "463168356949264781694283940034751631413"
56 #ifdef HAVE_SYS_UN_H
58 /** Given <b>ports</b>, a smartlist containing hs_port_config_t,
59 * add the given <b>p</b>, a AF_UNIX port to the list. Return 0 on success
60 * else return -ENOSYS if AF_UNIX is not supported (see function in the
61 * #else statement below). */
62 static int
64 {
71 }
73 /** Given <b>conn</b> set it to use the given port <b>p</b> values. Return 0
74 * on success else return -ENOSYS if AF_UNIX is not supported (see function
75 * in the #else statement below). */
76 static int
78 {
88 }
92 static int
94 {
98 }
100 static int
102 {
106 }
110 /** Helper function: The key is a digest that we compare to a node_t object
111 * current hsdir_index. */
112 static int
114 {
118 }
120 /** Helper function: The key is a digest that we compare to a node_t object
121 * next hsdir_index. */
122 static int
125 {
129 }
131 /** Helper function: The key is a digest that we compare to a node_t object
132 * next hsdir_index. */
133 static int
136 {
140 }
142 /** Helper function: Compare two node_t objects current hsdir_index. */
143 static int
145 {
150 DIGEST256_LEN);
151 }
153 /** Helper function: Compare two node_t objects next hsdir_index. */
154 static int
156 {
161 DIGEST256_LEN);
162 }
164 /** Helper function: Compare two node_t objects next hsdir_index. */
165 static int
167 {
172 DIGEST256_LEN);
173 }
175 /** Allocate and return a string containing the path to filename in directory.
176 * This function will never return NULL. The caller must free this path. */
179 {
187 }
189 /** Make sure that the directory for <b>service</b> is private, using the
190 * config <b>username</b>.
191 *
192 * If <b>create</b> is true:
193 * - if the directory exists, change permissions if needed,
194 * - if the directory does not exist, create it with the correct permissions.
195 * If <b>create</b> is false:
196 * - if the directory exists, check permissions,
197 * - if the directory does not exist, check if we think we can create it.
198 * Return 0 on success, -1 on failure. */
199 int
203 {
213 }
216 }
217 /* Check/create directory */
220 }
222 }
224 /* Default, minimum, and maximum values for the maximum rendezvous failures
225 * consensus parameter. */
226 #define MAX_REND_FAILURES_DEFAULT 2
227 #define MAX_REND_FAILURES_MIN 1
228 #define MAX_REND_FAILURES_MAX 10
230 /** How many times will a hidden service operator attempt to connect to
231 * a requested rendezvous point before giving up? */
232 int
234 {
236 MAX_REND_FAILURES_DEFAULT,
237 MAX_REND_FAILURES_MIN,
238 MAX_REND_FAILURES_MAX);
239 }
241 /** Get the default HS time period length in minutes from the consensus. */
242 STATIC uint64_t
244 {
245 /* If we are on a test network, make the time period smaller than normal so
246 that we actually see it rotate. Specifically, make it the same length as
247 an SRV protocol run. */
250 /* An SRV run should take more than a minute (it's 24 rounds) */
252 /* Turn it from seconds to minutes before returning: */
254 }
257 HS_TIME_PERIOD_LENGTH_DEFAULT,
258 HS_TIME_PERIOD_LENGTH_MIN,
259 HS_TIME_PERIOD_LENGTH_MAX);
260 /* Make sure it's a positive value. */
262 /* uint64_t will always be able to contain a positive int32_t */
264 }
266 /** Get the HS time period number at time <b>now</b>. If <b>now</b> is not set,
267 * we try to get the time ourselves from a live consensus. */
268 uint64_t
270 {
274 /* If no time is specified, set current time based on consensus time, and
275 * only fall back to system time if that fails. */
283 }
285 /* Start by calculating minutes since the epoch */
289 /* Apply the rotation offset as specified by prop224 (section
290 * [TIME-PERIODS]), so that new time periods synchronize nicely with SRV
291 * publication */
297 /* Calculate the time period */
300 }
302 /** Get the number of the _upcoming_ HS time period, given that the current
303 * time is <b>now</b>. If <b>now</b> is not set, we try to get the time from a
304 * live consensus. */
305 uint64_t
307 {
309 }
311 /** Get the number of the _previous_ HS time period, given that the current
312 * time is <b>now</b>. If <b>now</b> is not set, we try to get the time from a
313 * live consensus. */
314 uint64_t
316 {
318 }
320 /** Return the start time of the upcoming time period based on <b>now</b>. If
321 * <b>now</b> is not set, we try to get the time ourselves from a live
322 * consensus. */
323 time_t
325 {
328 /* Get start time of next time period */
332 /* Apply rotation offset as specified by prop224 section [TIME-PERIODS] */
335 }
337 /** Using the given time period number, compute the disaster shared random
338 * value and put it in srv_out. It MUST be at least DIGEST256_LEN bytes. */
339 static void
341 {
348 /* Start setting up payload:
349 * H("shared-random-disaster" | INT_8(period_length) | INT_8(period_num)) */
351 HS_SRV_DISASTER_PREFIX_LEN);
353 /* Setup INT_8(period_length) | INT_8(period_num) */
354 {
365 }
369 }
371 /** Due to the high cost of computing the disaster SRV and that potentially we
372 * would have to do it thousands of times in a row, we always cache the
373 * computer disaster SRV (and its corresponding time period num) in case we
374 * want to reuse it soon after. We need to cache two SRVs, one for each active
375 * time period.
376 */
380 /** Compute the disaster SRV value for this <b>time_period_num</b> and put it
381 * in <b>srv_out</b> (of size at least DIGEST256_LEN). First check our caches
382 * to see if we have already computed it. */
383 STATIC void
385 {
394 // Replace the lower period number.
399 }
404 }
405 }
407 #ifdef TOR_UNIT_TESTS
409 /** Get the first cached disaster SRV. Only used by unittests. */
412 {
414 }
416 /** Get the second cached disaster SRV. Only used by unittests. */
419 {
421 }
425 /** When creating a blinded key, we need a parameter which construction is as
426 * follow: H(pubkey | [secret] | ed25519-basepoint | nonce).
427 *
428 * The nonce has a pre-defined format which uses the time period number
429 * period_num and the start of the period in second start_time_period.
430 *
431 * The secret of size secret_len is optional meaning that it can be NULL and
432 * thus will be ignored for the param construction.
433 *
434 * The result is put in param_out. */
435 STATIC void
440 {
449 /* Create the nonce N. The construction is as follow:
450 * N = "key-blind" || INT_8(period_num) || INT_8(period_length) */
459 /* Generate the parameter h and the construction is as follow:
460 * h = H(BLIND_STRING | pubkey | [secret] | ed25519-basepoint | N) */
464 /* Optional secret. */
467 }
472 /* Extract digest and put it in the param. */
477 }
479 /** Using an ed25519 public key and version to build the checksum of an
480 * address. Put in checksum_out. Format is:
481 * SHA3-256(".onion checksum" || PUBKEY || VERSION)
482 *
483 * checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN). */
484 static void
487 {
491 /* Build checksum data. */
493 HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN);
501 /* Hash the data payload to create the checksum. */
503 DIGEST_SHA3_256);
504 }
506 /** Using an ed25519 public key, checksum and version to build the binary
507 * representation of a service address. Put in addr_out. Format is:
508 * addr_out = PUBKEY || CHECKSUM || VERSION
509 *
510 * addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes. */
511 static void
514 {
527 }
529 /** Helper for hs_parse_address(): Using a binary representation of a service
530 * address, parse its content into the key_out, checksum_out and version_out.
531 * Any out variable can be NULL in case the caller would want only one field.
532 * checksum_out MUST at least be 2 bytes long. address must be at least
533 * HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated. */
534 static void
537 {
543 /* First is the key. */
545 }
548 /* Followed by a 2 bytes checksum. */
550 }
553 /* Finally, version value is 1 byte. */
555 }
557 /* Extra safety. */
559 }
561 /** Using the given identity public key and a blinded public key, compute the
562 * subcredential and put it in subcred_out.
563 * This can't fail. */
564 void
568 {
576 /* First, build the credential. Construction is as follow:
577 * credential = H("credential" | public-identity-key) */
580 HS_CREDENTIAL_PREFIX_LEN);
582 ED25519_PUBKEY_LEN);
586 /* Now, compute the subcredential. Construction is as follow:
587 * subcredential = H("subcredential" | credential | blinded-public-key). */
590 HS_SUBCREDENTIAL_PREFIX_LEN);
594 ED25519_PUBKEY_LEN);
596 SUBCRED_LEN);
600 }
602 /** From the given list of hidden service ports, find the ones that match the
603 * given edge connection conn, pick one at random and use it to set the
604 * connection address. Return 0 on success or -1 if none. */
605 int
607 {
619 }
625 /* Unix port not supported so warn only once. */
627 "which is unsupported on this platform. "
630 }
631 warn_once++;
632 }
633 }
640 /* There is always a connection identifier at this point. Regardless of a
641 * Unix or TCP port, note the virtual port. */
643 }
646 /* Get a non-AF_UNIX connection ready for connection_exit_connect() */
651 /* Simply impossible to end up here else we were able to add a Unix
652 * port without AF_UNIX support... ? */
654 }
655 }
656 }
658 }
660 /** Return a new hs_port_config_t with its path set to
661 * <b>socket_path</b> or empty if <b>socket_path</b> is NULL */
664 {
674 }
676 /** Parses a virtual-port to real-port/socket mapping separated by
677 * the provided separator and returns a new hs_port_config_t,
678 * or NULL and an optional error string on failure.
679 *
680 * The format is: VirtualPort SEP (IP|RealPort|IP:RealPort|'socket':path)?
681 *
682 * IP defaults to 127.0.0.1; RealPort defaults to VirtualPort.
683 */
684 hs_port_config_t *
687 {
692 tor_addr_t addr;
705 }
712 }
714 /* No addr:port part; use default. */
730 }
736 }
742 /* else try it as an IP:port pair if it has a : or . in it */
747 }
750 /* No addr:port, no addr -- must be port. */
757 }
759 }
760 }
762 /* Allow room for unix_addr */
770 }
772 err:
778 }
783 }
785 /** Release all storage held in a hs_port_config_t. */
786 void
788 {
790 }
792 /** Using a base32 representation of a service address, parse its content into
793 * the key_out, checksum_out and version_out. Any out variable can be NULL in
794 * case the caller would want only one field. checksum_out MUST at least be 2
795 * bytes long.
796 *
797 * Return 0 if parsing went well; return -1 in case of error and if errmsg is
798 * non NULL, a human readable string message is set. */
799 int
803 {
810 }
812 /* Obvious length check. */
816 }
818 }
820 /* Decode address so we can extract needed fields. */
825 }
827 }
829 /* Parse the decoded address into the fields we need. */
833 invalid:
835 }
837 /** Same has hs_parse_address_no_log() but emits a log warning on parsing
838 * failure. */
839 int
842 {
849 }
851 }
853 /** Validate a given onion address. The length, the base32 decoding, and
854 * checksum are validated. Return 1 if valid else 0. */
855 int
857 {
861 ed25519_public_key_t service_pubkey;
863 /* Parse the decoded address into the fields we need. */
866 }
868 /* Get the checksum it's supposed to be and compare it with what we have
869 * encoded in the address. */
875 }
877 /* Validate that this pubkey does not have a torsion component. We need to do
878 * this on the prop224 client-side so that attackers can't give equivalent
879 * forms of an onion address to users. */
884 }
886 /* Valid address. */
888 invalid:
890 }
892 /** Build a service address using an ed25519 public key and a given version.
893 * The returned address is base32 encoded and put in addr_out. The caller MUST
894 * make sure the addr_out is at least HS_SERVICE_ADDR_LEN_BASE32 + 1 long.
895 *
896 * Format is as follows:
897 * base32(PUBKEY || CHECKSUM || VERSION)
898 * CHECKSUM = H(".onion checksum" || PUBKEY || VERSION)
899 * */
900 void
903 {
910 /* Get the checksum of the address. */
912 /* Get the binary address representation. */
915 /* Encode the address. addr_out will be NUL terminated after this. */
918 /* Validate what we just built. */
920 }
922 /** From a given ed25519 public key pk and an optional secret, compute a
923 * blinded public key and put it in blinded_pk_out. This is only useful to
924 * the client side because the client only has access to the identity public
925 * key of the service. */
926 void
931 {
932 /* Our blinding key API requires a 32 bytes parameter. */
944 }
946 /** From a given ed25519 keypair kp and an optional secret, compute a blinded
947 * keypair for the current time period and put it in blinded_kp_out. This is
948 * only useful by the service side because the client doesn't have access to
949 * the identity secret key. */
950 void
955 {
956 /* Our blinding key API requires a 32 bytes parameter. */
961 /* Extra safety. A zeroed key is bad. */
970 }
972 /** Return true if we are currently in the time segment between a new time
973 * period and a new SRV (in the real network that happens between 12:00 and
974 * 00:00 UTC). Here is a diagram showing exactly when this returns true:
975 *
976 * +------------------------------------------------------------------+
977 * | |
978 * | 00:00 12:00 00:00 12:00 00:00 12:00 |
979 * | SRV#1 TP#1 SRV#2 TP#2 SRV#3 TP#3 |
980 * | |
981 * | $==========|-----------$===========|-----------$===========| |
982 * | ^^^^^^^^^^^^ ^^^^^^^^^^^^ |
983 * | |
984 * +------------------------------------------------------------------+
985 */
988 {
997 }
998 }
1000 /* Get start time of next TP and of current SRV protocol run, and check if we
1001 * are between them. */
1008 }
1011 }
1013 /** Return 1 if any virtual port in ports needs a circuit with good uptime.
1014 * Else return 0. */
1015 int
1017 {
1024 }
1027 }
1029 /** Build hs_index which is used to find the responsible hsdirs. This index
1030 * value is used to select the responsible HSDir where their hsdir_index is
1031 * closest to this value.
1032 * SHA3-256("store-at-idx" | blinded_public_key |
1033 * INT_8(replicanum) | INT_8(period_length) | INT_8(period_num) )
1034 *
1035 * hs_index_out must be large enough to receive DIGEST256_LEN bytes. */
1036 void
1039 {
1045 /* Build hs_index. See construction at top of function comment. */
1049 ED25519_PUBKEY_LEN);
1051 /* Now setup INT_8(replicanum) | INT_8(period_length) | INT_8(period_num) */
1052 {
1065 }
1069 }
1071 /** Build hsdir_index which is used to find the responsible hsdirs. This is the
1072 * index value that is compare to the hs_index when selecting an HSDir.
1073 * SHA3-256("node-idx" | node_identity |
1074 * shared_random_value | INT_8(period_length) | INT_8(period_num) )
1075 *
1076 * hsdir_index_out must be large enough to receive DIGEST256_LEN bytes. */
1077 void
1081 {
1088 /* Build hsdir_index. See construction at top of function comment. */
1092 ED25519_PUBKEY_LEN);
1095 {
1106 }
1110 }
1112 /** Return a newly allocated buffer containing the current shared random value
1113 * or if not present, a disaster value is computed using the given time period
1114 * number. If a consensus is provided in <b>ns</b>, use it to get the SRV
1115 * value. This function can't fail. */
1118 {
1125 /* Disaster mode. */
1127 }
1129 }
1131 /** Return a newly allocated buffer containing the previous shared random
1132 * value or if not present, a disaster value is computed using the given time
1133 * period number. This function can't fail. */
1136 {
1143 /* Disaster mode. */
1145 }
1147 }
1149 /** Return the number of replicas defined by a consensus parameter or the
1150 * default value. */
1151 int32_t
1153 {
1154 /* The [1,16] range is a specification requirement. */
1157 }
1159 /** Return the spread fetch value defined by a consensus parameter or the
1160 * default value. */
1161 int32_t
1163 {
1164 /* The [1,128] range is a specification requirement. */
1167 }
1169 /** Return the spread store value defined by a consensus parameter or the
1170 * default value. */
1171 int32_t
1173 {
1174 /* The [1,128] range is a specification requirement. */
1177 }
1179 /** <b>node</b> is an HSDir so make sure that we have assigned an hsdir index.
1180 * Return 0 if everything is as expected, else return -1. */
1181 static int
1183 {
1186 /* A node can't have an HSDir index without a descriptor since we need desc
1187 * to get its ed25519 key. for_direct_connect should be zero, since we
1188 * always use the consensus-indexed node's keys to build the hash ring, even
1189 * if some of the consensus-indexed nodes are also bridges. */
1192 }
1194 /* At this point, since the node has a desc, this node must also have an
1195 * hsdir index. If not, something went wrong, so BUG out. */
1197 DIGEST256_LEN))) {
1199 }
1201 DIGEST256_LEN))) {
1203 }
1205 DIGEST256_LEN))) {
1207 }
1210 }
1212 /** For a given blinded key and time period number, get the responsible HSDir
1213 * and put their routerstatus_t object in the responsible_dirs list. If
1214 * 'use_second_hsdir_index' is true, use the second hsdir_index of the node_t
1215 * is used. If 'for_fetching' is true, the spread fetch consensus parameter is
1216 * used else the spread store is used which is only for upload. This function
1217 * can't fail but it is possible that the responsible_dirs list contains fewer
1218 * nodes than expected.
1219 *
1220 * This function goes over the latest consensus routerstatus list and sorts it
1221 * by their node_t hsdir_index then does a binary search to find the closest
1222 * node. All of this makes it a bit CPU intensive so use it wisely. */
1223 void
1227 {
1229 /* The compare function used for the smartlist bsearch. We have two
1230 * different depending on is_next_period. */
1238 /* Make sure we actually have a live consensus */
1246 }
1248 /* Ensure the nodelist is fresh, since it contains the HSDir indices. */
1251 /* Add every node_t that support HSDir v3 for which we do have a valid
1252 * hsdir_index already computed for them for this consensus. */
1253 {
1255 /* Even though this node_t object won't be modified and should be const,
1256 * we can't add const object in a smartlist_t. */
1264 }
1266 }
1268 }
1272 }
1274 /* First thing we have to do is sort all node_t by hsdir_index. The
1275 * is_next_period tells us if we want the current or the next one. Set the
1276 * bsearch compare function also while we are at it. */
1286 }
1288 /* For all replicas, we'll select a set of HSDirs using the consensus
1289 * parameters and the sorted list. The replica starting at value 1 is
1290 * defined by the specification. */
1294 /* Number of node to add to the responsible dirs list depends on if we are
1295 * trying to fetch or store. A client always fetches. */
1299 /* Get the index that we should use to select the node. */
1301 /* The compare function pointer has been set correctly earlier. */
1304 /* Getting the length of the list if no member is greater than the key we
1305 * are looking for so start at the first element. */
1308 }
1311 /* If the node has already been selected which is possible between
1312 * replicas, the specification says to skip over. */
1316 }
1318 /* Wrap if we've reached the end of the list. */
1320 }
1322 /* We've gone over the whole list, stop and avoid infinite loop. */
1324 }
1325 }
1326 }
1328 done:
1330 }
1332 /*********************** HSDir request tracking ***************************/
1334 /** Return the period for which a hidden service directory cannot be queried
1335 * for the same descriptor ID again, taking TestingTorNetwork into account. */
1336 time_t
1338 {
1345 }
1346 }
1348 /** Tracks requests for fetching hidden service descriptors. It's used by
1349 * hidden service clients, to avoid querying HSDirs that have already failed
1350 * giving back a descriptor. The same data structure is used to track v3 HS
1351 * descriptor requests.
1352 *
1353 * The string map is a key/value store that contains the last request times to
1354 * hidden service directories for certain queries. Specifically:
1355 *
1356 * key = base32(hsdir_identity) + base32(hs_identity)
1357 * value = time_t of last request for that hs_identity to that HSDir
1358 *
1359 * where 'hsdir_identity' is the identity digest of the HSDir node, and
1360 * 'hs_identity' is the ed25519 blinded public key of the HS for v3. */
1363 /** Returns last_hid_serv_requests_, initializing it to a new strmap if
1364 * necessary. */
1365 STATIC strmap_t *
1367 {
1371 }
1373 /** Look up the last request time to hidden service directory <b>hs_dir</b>
1374 * for descriptor request key <b>req_key_str</b> which is the blinded key for
1375 * v3. If <b>set</b> is non-zero, assign the current time <b>now</b> and
1376 * return that. Otherwise, return the most recent request time, or 0 if no
1377 * such request has been sent before. */
1378 time_t
1382 {
1388 /* Create the key */
1398 last_request_ptr);
1402 hsdir_desc_comb_id);
1403 }
1407 }
1409 /** Clean the history of request times to hidden service directories, so that
1410 * it does not contain requests older than REND_HID_SERV_DIR_REQUERY_PERIOD
1411 * seconds any more. */
1412 void
1414 {
1430 }
1431 }
1432 }
1434 /** Remove all requests related to the descriptor request key string
1435 * <b>req_key_str</b> from the history of times of requests to hidden service
1436 * directories.
1437 *
1438 * This is called from purge_hid_serv_request(), which must be idempotent, so
1439 * any future changes to this function must leave it idempotent too. */
1440 void
1442 {
1452 /* XXX: The use of REND_DESC_ID_V2_LEN_BASE32 is very wrong in terms of
1453 * semantic, see #23305. */
1455 /* This strmap contains variable-sized elements so this is a basic length
1456 * check on the strings we are about to compare. The key is variable sized
1457 * since it's composed as follows:
1458 * key = base32(hsdir_identity) + base32(req_key_str)
1459 * where 'req_key_str' is the ed25519 blinded public key of the HS v3. */
1463 }
1465 /* Check if the tracked request matches our request key */
1472 }
1473 }
1474 }
1476 /** Purge the history of request times to hidden service directories,
1477 * so that future lookups of an HS descriptor will not fail because we
1478 * accessed all of the HSDir relays responsible for the descriptor
1479 * recently. */
1480 void
1482 {
1483 /* Don't create the table if it doesn't exist yet (and it may very
1484 * well not exist if the user hasn't accessed any HSes)... */
1486 /* ... and let get_last_hid_serv_requests re-create it for us if
1487 * necessary. */
1493 }
1494 }
1496 /***********************************************************************/
1498 /** Given the list of responsible HSDirs in <b>responsible_dirs</b>, pick the
1499 * one that we should use to fetch a descriptor right now. Take into account
1500 * previous failed attempts at fetching this descriptor from HSDirs using the
1501 * string identifier <b>req_key_str</b>. We return whether we are rate limited
1502 * into *<b>is_rate_limited_out</b> if it is not NULL.
1503 *
1504 * Steals ownership of <b>responsible_dirs</b>.
1505 *
1506 * Return the routerstatus of the chosen HSDir if successful, otherwise return
1507 * NULL if no HSDirs are worth trying right now. */
1508 routerstatus_t *
1511 {
1523 /* Clean outdated request history first. */
1526 /* Only select those hidden service directories to which we did not send a
1527 * request recently and for which we have a router descriptor here.
1528 *
1529 * Use for_direct_connect==0 even if we will be connecting to the node
1530 * directly, since we always use the key information in the
1531 * consensus-indexed node descriptors for building the index.
1532 **/
1539 rate_limited_count++;
1541 }
1544 }
1549 }
1551 excluded_some =
1557 }
1568 "requested hidden service: they are all either down or "
1570 }
1572 /* Remember that we are requesting a descriptor from this hidden service
1573 * directory now. */
1575 }
1579 }
1582 }
1584 /** Given a list of link specifiers lspecs, a curve 25519 onion_key, and
1585 * a direct connection boolean direct_conn (true for single onion services),
1586 * return a newly allocated extend_info_t object.
1587 *
1588 * This function always returns an extend info with a valid IP address and
1589 * ORPort, or NULL. If direct_conn is false, the IP address is always IPv4.
1590 *
1591 * It performs the following checks:
1592 * if there is no usable IP address, or legacy ID is missing, return NULL.
1593 * if direct_conn, and we can't reach any IP address, return NULL.
1594 */
1595 extend_info_t *
1599 {
1602 ed25519_public_key_t ed25519_pk;
1604 tor_addr_port_t ap;
1612 }
1617 }
1621 /* Return NULL. */
1623 }
1628 /* Skip if we already seen a v4. If direct_conn is true, we skip this
1629 * block because reachable_addr_choose_from_ls() will set ap. If
1630 * direct_conn is false, set ap to the first IPv4 address and port in
1631 * the link specifiers.*/
1639 /* Make sure we do have enough bytes for the legacy ID. */
1642 }
1650 ED25519_PUBKEY_LEN);
1654 /* Ignore unknown. */
1656 }
1659 /* Choose a preferred address first, but fall back to an allowed address. */
1663 /* Legacy ID is mandatory, and we require an IP address. */
1665 /* If we're missing the IP address, log a warning and return NULL. */
1668 }
1670 /* If we're missing the legacy ID, log a warning and return NULL. */
1673 }
1675 /* We will add support for falling back to a 3-hop path in a later
1676 * release. */
1678 /* We'll validate now that the address we've picked isn't a private one. If
1679 * it is, are we allowed to extend to private addresses? */
1682 "Requested address is private and we are not allowed to extend to "
1685 }
1687 /* We do have everything for which we think we can connect successfully. */
1691 done:
1693 }
1695 /***********************************************************************/
1697 /** Initialize the entire HS subsystem. This is called in tor_init() before any
1698 * torrc options are loaded. Only for >= v3. */
1699 void
1701 {
1705 }
1707 /** Release and cleanup all memory of the HS subsystem (all version). This is
1708 * called by tor_free_all(). */
1709 void
1711 {
1717 }
1719 /** For the given origin circuit circ, decrement the number of rendezvous
1720 * stream counter. This handles every hidden service version. */
1721 void
1723 {
1729 /* Should not be called if this circuit is not for hidden service. */
1731 }
1732 }
1734 /** For the given origin circuit circ, increment the number of rendezvous
1735 * stream counter. This handles every hidden service version. */
1736 void
1738 {
1744 /* Should not be called if this circuit is not for hidden service. */
1746 }
1747 }
1749 /** Return a newly allocated link specifier object that is a copy of dst. */
1750 link_specifier_t *
1752 {
1758 }
1763 }
1767 encoded_len_alloc,
1768 src);
1771 }
1776 }
1780 err:
1783 done:
1786 }