Tor  0.4.5.0-alpha-dev
hs_client.c
Go to the documentation of this file.
1 /* Copyright (c) 2016-2020, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 /**
5  * \file hs_client.c
6  * \brief Implement next generation hidden service client functionality
7  **/
8 
9 #define HS_CLIENT_PRIVATE
10 
11 #include "core/or/or.h"
12 #include "app/config/config.h"
13 #include "core/crypto/hs_ntor.h"
15 #include "core/or/circuitbuild.h"
16 #include "core/or/circuitlist.h"
17 #include "core/or/circuituse.h"
19 #include "core/or/extendinfo.h"
20 #include "core/or/reasons.h"
21 #include "feature/client/circpathbias.h"
24 #include "feature/hs/hs_cache.h"
25 #include "feature/hs/hs_cell.h"
26 #include "feature/hs/hs_circuit.h"
28 #include "feature/hs/hs_client.h"
29 #include "feature/hs/hs_control.h"
31 #include "feature/hs/hs_ident.h"
40 
44 #include "core/or/extend_info_st.h"
47 
48 /** Client-side authorizations for hidden services; map of service identity
49  * public key to hs_client_service_authorization_t *. */
50 static digest256map_t *client_auths = NULL;
51 
52 #include "trunnel/hs/cell_introduce1.h"
53 
54 /** Return a human-readable string for the client fetch status code. */
55 static const char *
57 {
58  switch (status) {
60  return "Internal error";
62  return "Descriptor fetch launched";
64  return "Already have descriptor";
66  return "No more HSDir available to query";
68  return "Fetching descriptors is not allowed";
70  return "Missing directory information";
72  return "Pending descriptor fetch";
73  default:
74  return "(Unknown client fetch status code)";
75  }
76 }
77 
78 /** Return true iff tor should close the SOCKS request(s) for the descriptor
79  * fetch that ended up with this given status code. */
80 static int
82 {
83  switch (status) {
85  /* No more HSDir to query, we can't complete the SOCKS request(s). */
87  /* The fetch triggered an internal error. */
89  /* Client is not allowed to fetch (FetchHidServDescriptors 0). */
90  goto close;
95  /* The rest doesn't require tor to close the SOCKS request(s). */
96  goto no_close;
97  }
98 
99  no_close:
100  return 0;
101  close:
102  return 1;
103 }
104 
105 /* Return a newly allocated list of all the entry connections that matches the
106  * given service identity pk. If service_identity_pk is NULL, all entry
107  * connections with an hs_ident are returned.
108  *
109  * Caller must free the returned list but does NOT have ownership of the
110  * object inside thus they have to remain untouched. */
111 static smartlist_t *
112 find_entry_conns(const ed25519_public_key_t *service_identity_pk)
113 {
114  time_t now = time(NULL);
115  smartlist_t *conns = NULL, *entry_conns = NULL;
116 
117  entry_conns = smartlist_new();
118 
119  conns = connection_list_by_type_state(CONN_TYPE_AP,
121  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
122  entry_connection_t *entry_conn = TO_ENTRY_CONN(base_conn);
123  const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(entry_conn);
124 
125  /* Only consider the entry connections that matches the service for which
126  * we just fetched its descriptor. */
127  if (!edge_conn->hs_ident ||
128  (service_identity_pk &&
129  !ed25519_pubkey_eq(service_identity_pk,
130  &edge_conn->hs_ident->identity_pk))) {
131  continue;
132  }
133  assert_connection_ok(base_conn, now);
134 
135  /* Validated! Add the entry connection to the list. */
136  smartlist_add(entry_conns, entry_conn);
137  } SMARTLIST_FOREACH_END(base_conn);
138 
139  /* We don't have ownership of the objects in this list. */
140  smartlist_free(conns);
141  return entry_conns;
142 }
143 
144 /* Cancel all descriptor fetches currently in progress. */
145 static void
146 cancel_descriptor_fetches(void)
147 {
148  smartlist_t *conns =
149  connection_list_by_type_purpose(CONN_TYPE_DIR, DIR_PURPOSE_FETCH_HSDESC);
150  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
151  const hs_ident_dir_conn_t *ident = TO_DIR_CONN(conn)->hs_ident;
152  if (BUG(ident == NULL)) {
153  /* A directory connection fetching a service descriptor can't have an
154  * empty hidden service identifier. */
155  continue;
156  }
157  log_debug(LD_REND, "Marking for close a directory connection fetching "
158  "a hidden service descriptor for service %s.",
159  safe_str_client(ed25519_fmt(&ident->identity_pk)));
160  connection_mark_for_close(conn);
161  } SMARTLIST_FOREACH_END(conn);
162 
163  /* No ownership of the objects in this list. */
164  smartlist_free(conns);
165  log_info(LD_REND, "Hidden service client descriptor fetches cancelled.");
166 }
167 
168 /** Get all connections that are waiting on a circuit and flag them back to
169  * waiting for a hidden service descriptor for the given service key
170  * service_identity_pk. */
171 static void
173 {
174  tor_assert(service_identity_pk);
175 
176  smartlist_t *conns =
177  connection_list_by_type_state(CONN_TYPE_AP, AP_CONN_STATE_CIRCUIT_WAIT);
178 
179  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
180  edge_connection_t *edge_conn;
181  if (BUG(!CONN_IS_EDGE(conn))) {
182  continue;
183  }
184  edge_conn = TO_EDGE_CONN(conn);
185  if (edge_conn->hs_ident &&
186  ed25519_pubkey_eq(&edge_conn->hs_ident->identity_pk,
187  service_identity_pk)) {
189  }
190  } SMARTLIST_FOREACH_END(conn);
191 
192  smartlist_free(conns);
193 }
194 
195 /** Remove tracked HSDir requests from our history for this hidden service
196  * identity public key. */
197 static void
199 {
200  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
201  ed25519_public_key_t blinded_pk;
202 
203  tor_assert(identity_pk);
204 
205  /* Get blinded pubkey of hidden service. It is possible that we just moved
206  * to a new time period meaning that we won't be able to purge the request
207  * from the previous time period. That is fine because they will expire at
208  * some point and we don't care about those anymore. */
209  hs_build_blinded_pubkey(identity_pk, NULL, 0,
210  hs_get_time_period_num(0), &blinded_pk);
211  ed25519_public_to_base64(base64_blinded_pk, &blinded_pk);
212  /* Purge last hidden service request from cache for this blinded key. */
214 }
215 
216 /** Return true iff there is at least one pending directory descriptor request
217  * for the service identity_pk. */
218 static int
220 {
221  int ret = 0;
222  smartlist_t *conns =
223  connection_list_by_type_purpose(CONN_TYPE_DIR, DIR_PURPOSE_FETCH_HSDESC);
224 
225  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
226  const hs_ident_dir_conn_t *ident = TO_DIR_CONN(conn)->hs_ident;
227  if (BUG(ident == NULL)) {
228  /* A directory connection fetching a service descriptor can't have an
229  * empty hidden service identifier. */
230  continue;
231  }
232  if (!ed25519_pubkey_eq(identity_pk, &ident->identity_pk)) {
233  continue;
234  }
235  ret = 1;
236  break;
237  } SMARTLIST_FOREACH_END(conn);
238 
239  /* No ownership of the objects in this list. */
240  smartlist_free(conns);
241  return ret;
242 }
243 
244 /** Helper function that changes the state of an entry connection to waiting
245  * for a circuit. For this to work properly, the connection timestamps are set
246  * to now and the connection is then marked as pending for a circuit. */
247 static void
249 {
250  tor_assert(conn);
251 
252  /* Because the connection can now proceed to opening circuit and ultimately
253  * connect to the service, reset those timestamp so the connection is
254  * considered "fresh" and can continue without being closed too early. */
255  conn->timestamp_created = now;
256  conn->timestamp_last_read_allowed = now;
257  conn->timestamp_last_write_allowed = now;
258  /* Change connection's state into waiting for a circuit. */
260 
261  connection_ap_mark_as_pending_circuit(TO_ENTRY_CONN(conn));
262 }
263 
264 /** We failed to fetch a descriptor for the service with <b>identity_pk</b>
265  * because of <b>status</b>. Find all pending SOCKS connections for this
266  * service that are waiting on the descriptor and close them with
267  * <b>reason</b>. */
268 static void
271  int reason)
272 {
273  unsigned int count = 0;
274  smartlist_t *entry_conns = find_entry_conns(identity_pk);
275 
276  SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) {
277  /* Unattach the entry connection which will close for the reason. */
278  connection_mark_unattached_ap(entry_conn, reason);
279  count++;
280  } SMARTLIST_FOREACH_END(entry_conn);
281 
282  if (count > 0) {
283  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
284  hs_build_address(identity_pk, HS_VERSION_THREE, onion_address);
285  log_notice(LD_REND, "Closed %u streams for service %s.onion "
286  "for reason %s. Fetch status: %s.",
287  count, safe_str_client(onion_address),
289  fetch_status_to_string(status));
290  }
291 
292  /* No ownership of the object(s) in this list. */
293  smartlist_free(entry_conns);
294 }
295 
296 /** Find all pending SOCKS connection waiting for a descriptor and retry them
297  * all. This is called when the directory information changed. */
298 STATIC void
300 {
301  smartlist_t *entry_conns = find_entry_conns(NULL);
302 
303  SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) {
305  edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(entry_conn);
306  connection_t *base_conn = &edge_conn->base_;
307 
308  /* Ignore non HS or non v3 connection. */
309  if (edge_conn->hs_ident == NULL) {
310  continue;
311  }
312 
313  /* In this loop, we will possibly try to fetch a descriptor for the
314  * pending connections because we just got more directory information.
315  * However, the refetch process can cleanup all SOCKS request to the same
316  * service if an internal error happens. Thus, we can end up with closed
317  * connections in our list. */
318  if (base_conn->marked_for_close) {
319  continue;
320  }
321 
322  /* XXX: There is an optimization we could do which is that for a service
323  * key, we could check if we can fetch and remember that decision. */
324 
325  /* Order a refetch in case it works this time. */
326  status = hs_client_refetch_hsdesc(&edge_conn->hs_ident->identity_pk);
327  if (status == HS_CLIENT_FETCH_HAVE_DESC) {
328  /* This is a rare case where a SOCKS connection is in state waiting for
329  * a descriptor but we do have it in the cache.
330  *
331  * This can happen is tor comes back from suspend where it previously
332  * had the descriptor but the intro points were not usuable. Once it
333  * came back to life, the intro point failure cache was cleaned up and
334  * thus the descriptor became usable again leaving us in this code path.
335  *
336  * We'll mark the connection as waiting for a circuit so the descriptor
337  * can be retried. This is safe because a connection in state waiting
338  * for a descriptor can not be in the entry connection pending list. */
340  continue;
341  }
342  /* In the case of an error, either all SOCKS connections have been
343  * closed or we are still missing directory information. Leave the
344  * connection in renddesc wait state so when we get more info, we'll be
345  * able to try it again. */
346  } SMARTLIST_FOREACH_END(entry_conn);
347 
348  /* We don't have ownership of those objects. */
349  smartlist_free(entry_conns);
350 }
351 
352 /** A v3 HS circuit successfully connected to the hidden service. Update the
353  * stream state at <b>hs_conn_ident</b> appropriately. */
354 static void
356 {
357  tor_assert(hs_conn_ident);
358 
359  /* Remove from the hid serv cache all requests for that service so we can
360  * query the HSDir again later on for various reasons. */
361  purge_hid_serv_request(&hs_conn_ident->identity_pk);
362 
363  /* The v2 subsystem cleans up the intro point time out flag at this stage.
364  * We don't try to do it here because we still need to keep intact the intro
365  * point state for future connections. Even though we are able to connect to
366  * the service, doesn't mean we should reset the timed out intro points.
367  *
368  * It is not possible to have successfully connected to an intro point
369  * present in our cache that was on error or timed out. Every entry in that
370  * cache have a 2 minutes lifetime so ultimately the intro point(s) state
371  * will be reset and thus possible to be retried. */
372 }
373 
374 /** Given the pubkey of a hidden service in <b>onion_identity_pk</b>, fetch its
375  * descriptor by launching a dir connection to <b>hsdir</b>. Return a
376  * hs_client_fetch_status_t status code depending on how it went. */
379  const routerstatus_t *hsdir)
380 {
381  uint64_t current_time_period = hs_get_time_period_num(0);
382  ed25519_public_key_t blinded_pubkey;
383  char base64_blinded_pubkey[ED25519_BASE64_LEN + 1];
384  hs_ident_dir_conn_t hs_conn_dir_ident;
385 
386  tor_assert(hsdir);
387  tor_assert(onion_identity_pk);
388 
389  /* Get blinded pubkey */
390  hs_build_blinded_pubkey(onion_identity_pk, NULL, 0,
391  current_time_period, &blinded_pubkey);
392  /* ...and base64 it. */
393  ed25519_public_to_base64(base64_blinded_pubkey, &blinded_pubkey);
394 
395  /* Copy onion pk to a dir_ident so that we attach it to the dir conn */
396  hs_ident_dir_conn_init(onion_identity_pk, &blinded_pubkey,
397  &hs_conn_dir_ident);
398 
399  /* Setup directory request */
400  directory_request_t *req =
404  directory_request_set_resource(req, base64_blinded_pubkey);
405  directory_request_fetch_set_hs_ident(req, &hs_conn_dir_ident);
407  directory_request_free(req);
408 
409  log_info(LD_REND, "Descriptor fetch request for service %s with blinded "
410  "key %s to directory %s",
411  safe_str_client(ed25519_fmt(onion_identity_pk)),
412  safe_str_client(base64_blinded_pubkey),
413  safe_str_client(routerstatus_describe(hsdir)));
414 
415  /* Fire a REQUESTED event on the control port. */
416  hs_control_desc_event_requested(onion_identity_pk, base64_blinded_pubkey,
417  hsdir);
418 
419  /* Cleanup memory. */
420  memwipe(&blinded_pubkey, 0, sizeof(blinded_pubkey));
421  memwipe(base64_blinded_pubkey, 0, sizeof(base64_blinded_pubkey));
422  memwipe(&hs_conn_dir_ident, 0, sizeof(hs_conn_dir_ident));
423 
425 }
426 
427 /** Return the HSDir we should use to fetch the descriptor of the hidden
428  * service with identity key <b>onion_identity_pk</b>. */
430 pick_hsdir_v3(const ed25519_public_key_t *onion_identity_pk)
431 {
432  char base64_blinded_pubkey[ED25519_BASE64_LEN + 1];
433  uint64_t current_time_period = hs_get_time_period_num(0);
434  smartlist_t *responsible_hsdirs = NULL;
435  ed25519_public_key_t blinded_pubkey;
436  routerstatus_t *hsdir_rs = NULL;
437 
438  tor_assert(onion_identity_pk);
439 
440  /* Get blinded pubkey of hidden service */
441  hs_build_blinded_pubkey(onion_identity_pk, NULL, 0,
442  current_time_period, &blinded_pubkey);
443  /* ...and base64 it. */
444  ed25519_public_to_base64(base64_blinded_pubkey, &blinded_pubkey);
445 
446  /* Get responsible hsdirs of service for this time period */
447  responsible_hsdirs = smartlist_new();
448 
449  hs_get_responsible_hsdirs(&blinded_pubkey, current_time_period,
450  0, 1, responsible_hsdirs);
451 
452  log_debug(LD_REND, "Found %d responsible HSDirs and about to pick one.",
453  smartlist_len(responsible_hsdirs));
454 
455  /* Pick an HSDir from the responsible ones. The ownership of
456  * responsible_hsdirs is given to this function so no need to free it. */
457  hsdir_rs = hs_pick_hsdir(responsible_hsdirs, base64_blinded_pubkey, NULL);
458 
459  return hsdir_rs;
460 }
461 
462 /** Fetch a v3 descriptor using the given <b>onion_identity_pk</b>.
463  *
464  * On success, HS_CLIENT_FETCH_LAUNCHED is returned. Otherwise, an error from
465  * hs_client_fetch_status_t is returned. */
467 fetch_v3_desc, (const ed25519_public_key_t *onion_identity_pk))
468 {
469  routerstatus_t *hsdir_rs =NULL;
470 
471  tor_assert(onion_identity_pk);
472 
473  hsdir_rs = pick_hsdir_v3(onion_identity_pk);
474  if (!hsdir_rs) {
475  log_info(LD_REND, "Couldn't pick a v3 hsdir.");
477  }
478 
479  return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs);
480 }
481 
482 /** With a given <b>onion_identity_pk</b>, fetch its descriptor. If
483  * <b>hsdirs</b> is specified, use the directory servers specified in the list.
484  * Else, use a random server. */
485 void
487  const smartlist_t *hsdirs)
488 {
489  tor_assert(onion_identity_pk);
490 
491  if (hsdirs != NULL) {
492  SMARTLIST_FOREACH_BEGIN(hsdirs, const routerstatus_t *, hsdir) {
493  directory_launch_v3_desc_fetch(onion_identity_pk, hsdir);
494  } SMARTLIST_FOREACH_END(hsdir);
495  } else {
496  fetch_v3_desc(onion_identity_pk);
497  }
498 }
499 
500 /** Make sure that the given v3 origin circuit circ is a valid correct
501  * introduction circuit. This will BUG() on any problems and hard assert if
502  * the anonymity of the circuit is not ok. Return 0 on success else -1 where
503  * the circuit should be mark for closed immediately. */
504 static int
506 {
507  int ret = 0;
508 
509  tor_assert(circ);
510 
511  if (BUG(TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCING &&
513  TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACKED)) {
514  ret = -1;
515  }
516  if (BUG(circ->hs_ident == NULL)) {
517  ret = -1;
518  }
519  if (BUG(!hs_ident_intro_circ_is_valid(circ->hs_ident))) {
520  ret = -1;
521  }
522 
523  /* This can stop the tor daemon but we want that since if we don't have
524  * anonymity on this circuit, something went really wrong. */
525  assert_circ_anonymity_ok(circ, get_options());
526  return ret;
527 }
528 
529 /** Find a descriptor intro point object that matches the given ident in the
530  * given descriptor desc. Return NULL if not found. */
531 static const hs_desc_intro_point_t *
533  const hs_descriptor_t *desc)
534 {
535  const hs_desc_intro_point_t *intro_point = NULL;
536 
537  tor_assert(ident);
538  tor_assert(desc);
539 
541  const hs_desc_intro_point_t *, ip) {
542  if (ed25519_pubkey_eq(&ident->intro_auth_pk,
543  &ip->auth_key_cert->signed_key)) {
544  intro_point = ip;
545  break;
546  }
547  } SMARTLIST_FOREACH_END(ip);
548 
549  return intro_point;
550 }
551 
552 /** Find a descriptor intro point object from the descriptor object desc that
553  * matches the given legacy identity digest in legacy_id. Return NULL if not
554  * found. */
555 static hs_desc_intro_point_t *
557  const hs_descriptor_t *desc)
558 {
559  hs_desc_intro_point_t *ret_ip = NULL;
560 
561  tor_assert(legacy_id);
562  tor_assert(desc);
563 
564  /* We will go over every intro point and try to find which one is linked to
565  * that circuit. Those lists are small so it's not that expensive. */
567  hs_desc_intro_point_t *, ip) {
568  SMARTLIST_FOREACH_BEGIN(ip->link_specifiers,
569  const link_specifier_t *, lspec) {
570  /* Not all tor node have an ed25519 identity key so we still rely on the
571  * legacy identity digest. */
572  if (link_specifier_get_ls_type(lspec) != LS_LEGACY_ID) {
573  continue;
574  }
575  if (fast_memneq(legacy_id,
576  link_specifier_getconstarray_un_legacy_id(lspec),
577  DIGEST_LEN)) {
578  break;
579  }
580  /* Found it. */
581  ret_ip = ip;
582  goto end;
583  } SMARTLIST_FOREACH_END(lspec);
584  } SMARTLIST_FOREACH_END(ip);
585 
586  end:
587  return ret_ip;
588 }
589 
590 /** Send an INTRODUCE1 cell along the intro circuit and populate the rend
591  * circuit identifier with the needed key material for the e2e encryption.
592  * Return 0 on success, -1 if there is a transient error such that an action
593  * has been taken to recover and -2 if there is a permanent error indicating
594  * that both circuits were closed. */
595 static int
597  origin_circuit_t *rend_circ)
598 {
599  int status;
600  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
601  const ed25519_public_key_t *service_identity_pk = NULL;
602  const hs_desc_intro_point_t *ip;
603 
604  tor_assert(rend_circ);
605  if (intro_circ_is_ok(intro_circ) < 0) {
606  goto perm_err;
607  }
608 
609  service_identity_pk = &intro_circ->hs_ident->identity_pk;
610  /* For logging purposes. There will be a time where the hs_ident will have a
611  * version number but for now there is none because it's all v3. */
612  hs_build_address(service_identity_pk, HS_VERSION_THREE, onion_address);
613 
614  log_info(LD_REND, "Sending INTRODUCE1 cell to service %s on circuit %u",
615  safe_str_client(onion_address), TO_CIRCUIT(intro_circ)->n_circ_id);
616 
617  /* 1) Get descriptor from our cache. */
618  const hs_descriptor_t *desc =
619  hs_cache_lookup_as_client(service_identity_pk);
620  if (desc == NULL || !hs_client_any_intro_points_usable(service_identity_pk,
621  desc)) {
622  log_info(LD_REND, "Request to %s %s. Trying to fetch a new descriptor.",
623  safe_str_client(onion_address),
624  (desc) ? "didn't have usable intro points" :
625  "didn't have a descriptor");
626  hs_client_refetch_hsdesc(service_identity_pk);
627  /* We just triggered a refetch, make sure every connections are back
628  * waiting for that descriptor. */
629  flag_all_conn_wait_desc(service_identity_pk);
630  /* We just asked for a refetch so this is a transient error. */
631  goto tran_err;
632  }
633 
634  /* We need to find which intro point in the descriptor we are connected to
635  * on intro_circ. */
636  ip = find_desc_intro_point_by_ident(intro_circ->hs_ident, desc);
637  if (ip == NULL) {
638  /* The following is possible if the descriptor was changed while we had
639  * this introduction circuit open and waiting for the rendezvous circuit to
640  * be ready. Which results in this situation where we can't find the
641  * corresponding intro point within the descriptor of the service. */
642  log_info(LD_REND, "Unable to find introduction point for service %s "
643  "while trying to send an INTRODUCE1 cell.",
644  safe_str_client(onion_address));
645  goto perm_err;
646  }
647 
648  /* Send the INTRODUCE1 cell. */
649  if (hs_circ_send_introduce1(intro_circ, rend_circ, ip,
650  &desc->subcredential) < 0) {
651  if (TO_CIRCUIT(intro_circ)->marked_for_close) {
652  /* If the introduction circuit was closed, we were unable to send the
653  * cell for some reasons. In any case, the intro circuit has to be
654  * closed by the above function. We'll return a transient error so tor
655  * can recover and pick a new intro point. To avoid picking that same
656  * intro point, we'll note down the intro point failure so it doesn't
657  * get reused. */
658  hs_cache_client_intro_state_note(service_identity_pk,
659  &intro_circ->hs_ident->intro_auth_pk,
660  INTRO_POINT_FAILURE_GENERIC);
661  }
662  /* It is also possible that the rendezvous circuit was closed due to being
663  * unable to use the rendezvous point node_t so in that case, we also want
664  * to recover and let tor pick a new one. */
665  goto tran_err;
666  }
667 
668  /* Cell has been sent successfully. Copy the introduction point
669  * authentication and encryption key in the rendezvous circuit identifier so
670  * we can compute the ntor keys when we receive the RENDEZVOUS2 cell. */
671  memcpy(&rend_circ->hs_ident->intro_enc_pk, &ip->enc_key,
672  sizeof(rend_circ->hs_ident->intro_enc_pk));
674  &intro_circ->hs_ident->intro_auth_pk);
675 
676  /* Now, we wait for an ACK or NAK on this circuit. */
679  /* Set timestamp_dirty, because circuit_expire_building expects it to
680  * specify when a circuit entered the _C_INTRODUCE_ACK_WAIT state. */
681  TO_CIRCUIT(intro_circ)->timestamp_dirty = time(NULL);
682  pathbias_count_use_attempt(intro_circ);
683 
684  /* Success. */
685  status = 0;
686  goto end;
687 
688  perm_err:
689  /* Permanent error: it is possible that the intro circuit was closed prior
690  * because we weren't able to send the cell. Make sure we don't double close
691  * it which would result in a warning. */
692  if (!TO_CIRCUIT(intro_circ)->marked_for_close) {
693  circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_INTERNAL);
694  }
695  circuit_mark_for_close(TO_CIRCUIT(rend_circ), END_CIRC_REASON_INTERNAL);
696  status = -2;
697  goto end;
698 
699  tran_err:
700  status = -1;
701 
702  end:
703  memwipe(onion_address, 0, sizeof(onion_address));
704  return status;
705 }
706 
707 /** Using the introduction circuit circ, setup the authentication key of the
708  * intro point this circuit has extended to.
709  *
710  * Return 0 if everything went well, otherwise return -1 in the case of errors.
711  */
712 static int
714 {
715  const hs_descriptor_t *desc;
716  const hs_desc_intro_point_t *ip;
717 
718  tor_assert(circ);
719 
721  if (desc == NULL) {
722  /* There is a very small race window between the opening of this circuit
723  * and the client descriptor cache that gets purged (NEWNYM) or the
724  * cleaned up because it expired. Mark the circuit for close so a new
725  * descriptor fetch can occur. */
726  goto err;
727  }
728 
729  /* We will go over every intro point and try to find which one is linked to
730  * that circuit. Those lists are small so it's not that expensive. */
732  circ->build_state->chosen_exit->identity_digest, desc);
733  if (!ip) {
734  /* Reaching this point means we didn't find any intro point for this
735  * circuit which is not supposed to happen. */
736  log_info(LD_REND,"Could not match opened intro circuit with intro point.");
737  goto err;
738  }
739 
740  /* We got it, copy its authentication key to the identifier. */
742  &ip->auth_key_cert->signed_key);
743  return 0;
744 
745  err:
746  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
747  return -1;
748 }
749 
750 /** Called when an introduction circuit has opened. */
751 static void
753 {
754  tor_assert(circ);
756  log_info(LD_REND, "Introduction circuit %u has opened. Attaching streams.",
757  (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
758 
759  /* This is an introduction circuit so we'll attach the correct
760  * authentication key to the circuit identifier so it can be identified
761  * properly later on. */
762  if (setup_intro_circ_auth_key(circ) < 0) {
763  return;
764  }
765 
767 }
768 
769 /** Called when a rendezvous circuit has opened. */
770 static void
772 {
773  tor_assert(circ);
775 
776  const extend_info_t *rp_ei = circ->build_state->chosen_exit;
777 
778  /* Check that we didn't accidentally choose a node that does not understand
779  * the v3 rendezvous protocol */
780  if (rp_ei) {
781  const node_t *rp_node = node_get_by_id(rp_ei->identity_digest);
782  if (rp_node) {
783  if (BUG(!node_supports_v3_rendezvous_point(rp_node))) {
784  return;
785  }
786  }
787  }
788 
789  log_info(LD_REND, "Rendezvous circuit has opened to %s.",
790  safe_str_client(extend_info_describe(rp_ei)));
791 
792  /* Ignore returned value, nothing we can really do. On failure, the circuit
793  * will be marked for close. */
795 
796  /* Register rend circuit in circuitmap if it's still alive. */
797  if (!TO_CIRCUIT(circ)->marked_for_close) {
799  circ->hs_ident->rendezvous_cookie);
800  }
801 }
802 
803 /** This is an helper function that convert a descriptor intro point object ip
804  * to a newly allocated extend_info_t object fully initialized. Return NULL if
805  * we can't convert it for which chances are that we are missing or malformed
806  * link specifiers. */
809 {
810  extend_info_t *ei;
811 
812  tor_assert(ip);
813 
814  /* Explicitly put the direct connection option to 0 because this is client
815  * side and there is no such thing as a non anonymous client. */
817 
818  return ei;
819 }
820 
821 /** Return true iff the intro point ip for the service service_pk is usable.
822  * This function checks if the intro point is in the client intro state cache
823  * and checks at the failures. It is considered usable if:
824  * - No error happened (INTRO_POINT_FAILURE_GENERIC)
825  * - It is not flagged as timed out (INTRO_POINT_FAILURE_TIMEOUT)
826  * - The unreachable count is lower than
827  * MAX_INTRO_POINT_REACHABILITY_FAILURES (INTRO_POINT_FAILURE_UNREACHABLE)
828  */
829 static int
831  const hs_desc_intro_point_t *ip)
832 {
833  const hs_cache_intro_state_t *state;
834 
835  tor_assert(service_pk);
836  tor_assert(ip);
837 
838  state = hs_cache_client_intro_state_find(service_pk,
839  &ip->auth_key_cert->signed_key);
840  if (state == NULL) {
841  /* This means we've never encountered any problem thus usable. */
842  goto usable;
843  }
844  if (state->error) {
845  log_info(LD_REND, "Intro point with auth key %s had an error. Not usable",
846  safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
847  goto not_usable;
848  }
849  if (state->timed_out) {
850  log_info(LD_REND, "Intro point with auth key %s timed out. Not usable",
851  safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
852  goto not_usable;
853  }
855  log_info(LD_REND, "Intro point with auth key %s unreachable. Not usable",
856  safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
857  goto not_usable;
858  }
859 
860  usable:
861  return 1;
862  not_usable:
863  return 0;
864 }
865 
866 /** Using a descriptor desc, return a newly allocated extend_info_t object of a
867  * randomly picked introduction point from its list. Return NULL if none are
868  * usable. */
871 {
872  extend_info_t *ei = NULL, *ei_excluded = NULL;
873  smartlist_t *usable_ips = NULL;
874  const hs_descriptor_t *desc;
875  const hs_desc_encrypted_data_t *enc_data;
876  const or_options_t *options = get_options();
877  /* Calculate the onion address for logging purposes */
878  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
879 
880  tor_assert(service_pk);
881 
882  desc = hs_cache_lookup_as_client(service_pk);
883  /* Assume the service is v3 if the descriptor is missing. This is ok,
884  * because we only use the address in log messages */
885  hs_build_address(service_pk,
886  desc ? desc->plaintext_data.version : HS_VERSION_THREE,
887  onion_address);
888  if (desc == NULL || !hs_client_any_intro_points_usable(service_pk,
889  desc)) {
890  log_info(LD_REND, "Unable to randomly select an introduction point "
891  "for service %s because descriptor %s. We can't connect.",
892  safe_str_client(onion_address),
893  (desc) ? "doesn't have any usable intro points"
894  : "is missing (assuming v3 onion address)");
895  goto end;
896  }
897 
898  enc_data = &desc->encrypted_data;
899  usable_ips = smartlist_new();
900  smartlist_add_all(usable_ips, enc_data->intro_points);
901  while (smartlist_len(usable_ips) != 0) {
902  int idx;
903  const hs_desc_intro_point_t *ip;
904 
905  /* Pick a random intro point and immediately remove it from the usable
906  * list so we don't pick it again if we have to iterate more. */
907  idx = crypto_rand_int(smartlist_len(usable_ips));
908  ip = smartlist_get(usable_ips, idx);
909  smartlist_del(usable_ips, idx);
910 
911  /* We need to make sure we have a usable intro points which is in a good
912  * state in our cache. */
913  if (!intro_point_is_usable(service_pk, ip)) {
914  continue;
915  }
916 
917  /* Generate an extend info object from the intro point object. */
919  if (ei == NULL) {
920  /* We can get here for instance if the intro point is a private address
921  * and we aren't allowed to extend to those. */
922  log_info(LD_REND, "Unable to select introduction point with auth key %s "
923  "for service %s, because we could not extend to it.",
924  safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)),
925  safe_str_client(onion_address));
926  continue;
927  }
928 
929  /* Test the pick against ExcludeNodes. */
930  if (routerset_contains_extendinfo(options->ExcludeNodes, ei)) {
931  /* If this pick is in the ExcludeNodes list, we keep its reference so if
932  * we ever end up not being able to pick anything else and StrictNodes is
933  * unset, we'll use it. */
934  if (ei_excluded) {
935  /* If something was already here free it. After the loop is gone we
936  * will examine the last excluded intro point, and that's fine since
937  * that's random anyway */
938  extend_info_free(ei_excluded);
939  }
940  ei_excluded = ei;
941  continue;
942  }
943 
944  /* Good pick! Let's go with this. */
945  goto end;
946  }
947 
948  /* Reaching this point means a couple of things. Either we can't use any of
949  * the intro point listed because the IP address can't be extended to or it
950  * is listed in the ExcludeNodes list. In the later case, if StrictNodes is
951  * set, we are forced to not use anything. */
952  ei = ei_excluded;
953  if (options->StrictNodes) {
954  log_warn(LD_REND, "Every introduction point for service %s is in the "
955  "ExcludeNodes set and StrictNodes is set. We can't connect.",
956  safe_str_client(onion_address));
957  extend_info_free(ei);
958  ei = NULL;
959  } else {
960  log_fn(LOG_PROTOCOL_WARN, LD_REND, "Every introduction point for service "
961  "%s is unusable or we can't extend to it. We can't connect.",
962  safe_str_client(onion_address));
963  }
964 
965  end:
966  smartlist_free(usable_ips);
967  memwipe(onion_address, 0, sizeof(onion_address));
968  return ei;
969 }
970 
971 /** Return true iff all intro points for the given service have timed out. */
972 static bool
974 {
975  bool ret = false;
976 
977  tor_assert(service_pk);
978 
979  const hs_descriptor_t *desc = hs_cache_lookup_as_client(service_pk);
980  if (BUG(!desc)) {
981  /* We can't introduce without a descriptor so ending up here means somehow
982  * between the introduction failure and this, the cache entry was removed
983  * which shouldn't be possible in theory. */
984  goto end;
985  }
986 
988  const hs_desc_intro_point_t *, ip) {
989  const hs_cache_intro_state_t *state =
991  &ip->auth_key_cert->signed_key);
992  if (!state || !state->timed_out) {
993  /* No state or if this intro point has not timed out, we are done since
994  * clearly not all of them have timed out. */
995  goto end;
996  }
997  } SMARTLIST_FOREACH_END(ip);
998 
999  /* Exiting the loop here means that all intro points we've looked at have
1000  * timed out. Note that we can _not_ have a descriptor without intro points
1001  * in the client cache. */
1002  ret = true;
1003 
1004  end:
1005  return ret;
1006 }
1007 
1008 /** Called when a rendezvous circuit has timed out. Every stream attached to
1009  * the circuit will get set with the SOCKS5_HS_REND_FAILED (0xF3) extended
1010  * error code so if the connection to the rendezvous point ends up not
1011  * working, this code could be sent back as a reason. */
1012 static void
1014 {
1015  tor_assert(rend_circ);
1016 
1017  /* For each entry connection attached to this rendezvous circuit, report
1018  * the error. */
1019  for (edge_connection_t *edge = rend_circ->p_streams; edge;
1020  edge = edge->next_stream) {
1021  entry_connection_t *entry = EDGE_TO_ENTRY_CONN(edge);
1022  if (entry->socks_request) {
1024  SOCKS5_HS_REND_FAILED;
1025  }
1026  }
1027 }
1028 
1029 /** Called when introduction has failed meaning there is no more usable
1030  * introduction points to be used (either NACKed or failed) for the given
1031  * entry connection.
1032  *
1033  * This function only reports back the SOCKS5_HS_INTRO_FAILED (0xF2) code or
1034  * SOCKS5_HS_INTRO_TIMEDOUT (0xF7) if all intros have timed out. The caller
1035  * has to make sure to close the entry connections. */
1036 static void
1038  const ed25519_public_key_t *identity_pk)
1039 {
1040  socks5_reply_status_t code = SOCKS5_HS_INTRO_FAILED;
1041 
1042  tor_assert(conn);
1043  tor_assert(conn->socks_request);
1044  tor_assert(identity_pk);
1045 
1046  if (intro_points_all_timed_out(identity_pk)) {
1047  code = SOCKS5_HS_INTRO_TIMEDOUT;
1048  }
1050 }
1051 
1052 /** For this introduction circuit, we'll look at if we have any usable
1053  * introduction point left for this service. If so, we'll use the circuit to
1054  * re-extend to a new intro point. Else, we'll close the circuit and its
1055  * corresponding rendezvous circuit. Return 0 if we are re-extending else -1
1056  * if we are closing the circuits.
1057  *
1058  * This is called when getting an INTRODUCE_ACK cell with a NACK. */
1059 static int
1061 {
1062  int ret = -1;
1063  const hs_descriptor_t *desc;
1064  origin_circuit_t *rend_circ;
1065 
1066  tor_assert(intro_circ);
1067 
1068  desc = hs_cache_lookup_as_client(&intro_circ->hs_ident->identity_pk);
1069  if (desc == NULL) {
1070  /* We can't continue without a descriptor. This is possible if the cache
1071  * was cleaned up between the intro point established and the reception of
1072  * the introduce ack. */
1073  goto close;
1074  }
1075  /* We still have the descriptor, great! Let's try to see if we can
1076  * re-extend by looking up if there are any usable intro points. */
1078  desc)) {
1079  goto close;
1080  }
1081  /* Try to re-extend now. */
1082  if (hs_client_reextend_intro_circuit(intro_circ) < 0) {
1083  goto close;
1084  }
1085  /* Success on re-extending. Don't return an error. */
1086  ret = 0;
1087  goto end;
1088 
1089  close:
1090  /* Change the intro circuit purpose before so we don't report an intro point
1091  * failure again triggering an extra descriptor fetch. The circuit can
1092  * already be closed on failure to re-extend. */
1093  if (!TO_CIRCUIT(intro_circ)->marked_for_close) {
1094  circuit_change_purpose(TO_CIRCUIT(intro_circ),
1096  circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_FINISHED);
1097  }
1098  /* Close the related rendezvous circuit. */
1100  intro_circ->hs_ident->rendezvous_cookie);
1101  /* The rendezvous circuit might have collapsed while the INTRODUCE_ACK was
1102  * inflight so we can't expect one every time. */
1103  if (rend_circ) {
1104  circuit_mark_for_close(TO_CIRCUIT(rend_circ), END_CIRC_REASON_FINISHED);
1105  }
1106 
1107  end:
1108  return ret;
1109 }
1110 
1111 /** Called when we get an INTRODUCE_ACK success status code. Do the appropriate
1112  * actions for the rendezvous point and finally close intro_circ. */
1113 static void
1115 {
1116  origin_circuit_t *rend_circ = NULL;
1117 
1118  tor_assert(intro_circ);
1119 
1120  log_info(LD_REND, "Received INTRODUCE_ACK ack! Informing rendezvous");
1121 
1122  /* Get the rendezvous circuit for this rendezvous cookie. */
1123  uint8_t *rendezvous_cookie = intro_circ->hs_ident->rendezvous_cookie;
1124  rend_circ =
1126  if (rend_circ == NULL) {
1127  log_warn(LD_REND, "Can't find any rendezvous circuit. Stopping");
1128  goto end;
1129  }
1130 
1131  assert_circ_anonymity_ok(rend_circ, get_options());
1132 
1133  /* It is possible to get a RENDEZVOUS2 cell before the INTRODUCE_ACK which
1134  * means that the circuit will be joined and already transmitting data. In
1135  * that case, simply skip the purpose change and close the intro circuit
1136  * like it should be. */
1137  if (TO_CIRCUIT(rend_circ)->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
1138  goto end;
1139  }
1142  /* Set timestamp_dirty, because circuit_expire_building expects it to
1143  * specify when a circuit entered the
1144  * CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED state. */
1145  TO_CIRCUIT(rend_circ)->timestamp_dirty = time(NULL);
1146 
1147  end:
1148  /* We don't need the intro circuit anymore. It did what it had to do! */
1149  circuit_change_purpose(TO_CIRCUIT(intro_circ),
1151  circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_FINISHED);
1152 
1153  /* XXX: Close pending intro circuits we might have in parallel. */
1154  return;
1155 }
1156 
1157 /** Called when we get an INTRODUCE_ACK failure status code. Depending on our
1158  * failure cache status, either close the circuit or re-extend to a new
1159  * introduction point. */
1160 static void
1162 {
1163  tor_assert(circ);
1164 
1165  log_info(LD_REND, "Received INTRODUCE_ACK nack by %s. Reason: %u",
1166  safe_str_client(extend_info_describe(circ->build_state->chosen_exit)),
1167  status);
1168 
1169  /* It's a NAK. The introduction point didn't relay our request. */
1171 
1172  /* Note down this failure in the intro point failure cache. Depending on how
1173  * many times we've tried this intro point, close it or reextend. */
1175  &circ->hs_ident->intro_auth_pk,
1176  INTRO_POINT_FAILURE_GENERIC);
1177 }
1178 
1179 /** Called when we get an INTRODUCE_ACK on the intro circuit circ. The encoded
1180  * cell is in payload of length payload_len. Return 0 on success else a
1181  * negative value. The circuit is either close or reuse to re-extend to a new
1182  * introduction point. */
1183 static int
1184 handle_introduce_ack(origin_circuit_t *circ, const uint8_t *payload,
1185  size_t payload_len)
1186 {
1187  int status, ret = -1;
1188 
1189  tor_assert(circ);
1190  tor_assert(circ->build_state);
1192  assert_circ_anonymity_ok(circ, get_options());
1193  tor_assert(payload);
1194 
1195  status = hs_cell_parse_introduce_ack(payload, payload_len);
1196  switch (status) {
1197  case TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS:
1198  ret = 0;
1200  goto end;
1201  case TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID:
1202  case TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT:
1203  /* It is possible that the intro point can send us an unknown status code
1204  * for the NACK that we do not know about like a new code for instance.
1205  * Just fallthrough so we can note down the NACK and re-extend. */
1206  default:
1207  handle_introduce_ack_bad(circ, status);
1208  /* We are going to see if we have to close the circuits (IP and RP) or we
1209  * can re-extend to a new intro point. */
1210  ret = close_or_reextend_intro_circ(circ);
1211  break;
1212  }
1213 
1214  end:
1215  return ret;
1216 }
1217 
1218 /** Called when we get a RENDEZVOUS2 cell on the rendezvous circuit circ. The
1219  * encoded cell is in payload of length payload_len. Return 0 on success or a
1220  * negative value on error. On error, the circuit is marked for close. */
1221 STATIC int
1222 handle_rendezvous2(origin_circuit_t *circ, const uint8_t *payload,
1223  size_t payload_len)
1224 {
1225  int ret = -1;
1226  curve25519_public_key_t server_pk;
1227  uint8_t auth_mac[DIGEST256_LEN] = {0};
1228  uint8_t handshake_info[CURVE25519_PUBKEY_LEN + sizeof(auth_mac)] = {0};
1230  const hs_ident_circuit_t *ident;
1231 
1232  tor_assert(circ);
1233  tor_assert(payload);
1234 
1235  /* Make things easier. */
1236  ident = circ->hs_ident;
1237  tor_assert(ident);
1238 
1239  if (hs_cell_parse_rendezvous2(payload, payload_len, handshake_info,
1240  sizeof(handshake_info)) < 0) {
1241  goto err;
1242  }
1243  /* Get from the handshake info the SERVER_PK and AUTH_MAC. */
1244  memcpy(&server_pk, handshake_info, CURVE25519_PUBKEY_LEN);
1245  memcpy(auth_mac, handshake_info + CURVE25519_PUBKEY_LEN, sizeof(auth_mac));
1246 
1247  /* Generate the handshake info. */
1248  if (hs_ntor_client_get_rendezvous1_keys(&ident->intro_auth_pk,
1249  &ident->rendezvous_client_kp,
1250  &ident->intro_enc_pk, &server_pk,
1251  &keys) < 0) {
1252  log_info(LD_REND, "Unable to compute the rendezvous keys.");
1253  goto err;
1254  }
1255 
1256  /* Critical check, make sure that the MAC matches what we got with what we
1257  * computed just above. */
1258  if (!hs_ntor_client_rendezvous2_mac_is_good(&keys, auth_mac)) {
1259  log_info(LD_REND, "Invalid MAC in RENDEZVOUS2. Rejecting cell.");
1260  goto err;
1261  }
1262 
1263  /* Setup the e2e encryption on the circuit and finalize its state. */
1264  if (hs_circuit_setup_e2e_rend_circ(circ, keys.ntor_key_seed,
1265  sizeof(keys.ntor_key_seed), 0) < 0) {
1266  log_info(LD_REND, "Unable to setup the e2e encryption.");
1267  goto err;
1268  }
1269  /* Success. Hidden service connection finalized! */
1270  ret = 0;
1271  goto end;
1272 
1273  err:
1274  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
1275  end:
1276  memwipe(&keys, 0, sizeof(keys));
1277  return ret;
1278 }
1279 
1280 /** Return true iff the client can fetch a descriptor for this service public
1281  * identity key and status_out if not NULL is untouched. If the client can
1282  * _not_ fetch the descriptor and if status_out is not NULL, it is set with
1283  * the fetch status code. */
1284 static unsigned int
1286  hs_client_fetch_status_t *status_out)
1287 {
1288  hs_client_fetch_status_t status;
1289 
1290  tor_assert(identity_pk);
1291 
1292  /* Are we configured to fetch descriptors? */
1293  if (!get_options()->FetchHidServDescriptors) {
1294  log_warn(LD_REND, "We received an onion address for a hidden service "
1295  "descriptor but we are configured to not fetch.");
1296  status = HS_CLIENT_FETCH_NOT_ALLOWED;
1297  goto cannot;
1298  }
1299 
1300  /* Without a live consensus we can't do any client actions. It is needed to
1301  * compute the hashring for a service. */
1303  log_info(LD_REND, "Can't fetch descriptor for service %s because we "
1304  "are missing a live consensus. Stalling connection.",
1305  safe_str_client(ed25519_fmt(identity_pk)));
1307  goto cannot;
1308  }
1309 
1311  log_info(LD_REND, "Can't fetch descriptor for service %s because we "
1312  "dont have enough descriptors. Stalling connection.",
1313  safe_str_client(ed25519_fmt(identity_pk)));
1315  goto cannot;
1316  }
1317 
1318  /* Check if fetching a desc for this HS is useful to us right now */
1319  {
1320  const hs_descriptor_t *cached_desc = NULL;
1321  cached_desc = hs_cache_lookup_as_client(identity_pk);
1322  if (cached_desc && hs_client_any_intro_points_usable(identity_pk,
1323  cached_desc)) {
1324  log_info(LD_GENERAL, "We would fetch a v3 hidden service descriptor "
1325  "but we already have a usable descriptor.");
1326  status = HS_CLIENT_FETCH_HAVE_DESC;
1327  goto cannot;
1328  }
1329  }
1330 
1331  /* Don't try to refetch while we have a pending request for it. */
1332  if (directory_request_is_pending(identity_pk)) {
1333  log_info(LD_REND, "Already a pending directory request. Waiting on it.");
1334  status = HS_CLIENT_FETCH_PENDING;
1335  goto cannot;
1336  }
1337 
1338  /* Yes, client can fetch! */
1339  return 1;
1340  cannot:
1341  if (status_out) {
1342  *status_out = status;
1343  }
1344  return 0;
1345 }
1346 
1347 /** Purge the client authorization cache of all ephemeral entries that is the
1348  * entries that are not flagged with CLIENT_AUTH_FLAG_IS_PERMANENT.
1349  *
1350  * This is called from the hs_client_purge_state() used by a SIGNEWNYM. */
1351 STATIC void
1353 {
1354  DIGEST256MAP_FOREACH_MODIFY(client_auths, key,
1356  /* Cleanup every entry that are _NOT_ permanent that is ephemeral. */
1357  if (!(auth->flags & CLIENT_AUTH_FLAG_IS_PERMANENT)) {
1358  MAP_DEL_CURRENT(key);
1359  client_service_authorization_free(auth);
1360  }
1362 
1363  log_info(LD_REND, "Client onion service ephemeral authorization "
1364  "cache has been purged.");
1365 }
1366 
1367 /** Return the client auth in the map using the service identity public key.
1368  * Return NULL if it does not exist in the map. */
1370 find_client_auth(const ed25519_public_key_t *service_identity_pk)
1371 {
1372  /* If the map is not allocated, we can assume that we do not have any client
1373  * auth information. */
1374  if (!client_auths) {
1375  return NULL;
1376  }
1377  return digest256map_get(client_auths, service_identity_pk->pubkey);
1378 }
1379 
1380 /** This is called when a descriptor has arrived following a fetch request and
1381  * has been stored in the client cache. The given entry connections, matching
1382  * the service identity key, will get attached to the service circuit. */
1383 static void
1385 {
1386  time_t now = time(NULL);
1387 
1388  tor_assert(entry_conns);
1389 
1390  SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) {
1391  const hs_descriptor_t *desc;
1392  edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(entry_conn);
1393  const ed25519_public_key_t *identity_pk =
1394  &edge_conn->hs_ident->identity_pk;
1395 
1396  /* We were just called because we stored the descriptor for this service
1397  * so not finding a descriptor means we have a bigger problem. */
1398  desc = hs_cache_lookup_as_client(identity_pk);
1399  if (BUG(desc == NULL)) {
1400  goto end;
1401  }
1402 
1403  if (!hs_client_any_intro_points_usable(identity_pk, desc)) {
1404  log_info(LD_REND, "Hidden service descriptor is unusable. "
1405  "Closing streams.");
1406  /* Report the extended socks error code that we were unable to introduce
1407  * to the service. */
1408  socks_mark_introduction_failed(entry_conn, identity_pk);
1409 
1410  connection_mark_unattached_ap(entry_conn,
1411  END_STREAM_REASON_RESOLVEFAILED);
1412  /* We are unable to use the descriptor so remove the directory request
1413  * from the cache so the next connection can try again. */
1414  note_connection_attempt_succeeded(edge_conn->hs_ident);
1415  continue;
1416  }
1417 
1418  log_info(LD_REND, "Descriptor has arrived. Launching circuits.");
1419 
1420  /* Mark connection as waiting for a circuit since we do have a usable
1421  * descriptor now. */
1422  mark_conn_as_waiting_for_circuit(&edge_conn->base_, now);
1423  } SMARTLIST_FOREACH_END(entry_conn);
1424 
1425  end:
1426  return;
1427 }
1428 
1429 /** This is called when a descriptor fetch was successful but the descriptor
1430  * couldn't be decrypted due to missing or bad client authorization. */
1431 static void
1433  hs_desc_decode_status_t status)
1434 {
1435  tor_assert(entry_conns);
1436 
1437  SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) {
1438  socks5_reply_status_t code;
1439  if (status == HS_DESC_DECODE_BAD_CLIENT_AUTH) {
1440  code = SOCKS5_HS_BAD_CLIENT_AUTH;
1441  } else if (status == HS_DESC_DECODE_NEED_CLIENT_AUTH) {
1442  code = SOCKS5_HS_MISSING_CLIENT_AUTH;
1443  } else {
1444  /* We should not be called with another type of status. Recover by
1445  * sending a generic error. */
1447  code = SOCKS5_GENERAL_ERROR;
1448  }
1449  entry_conn->socks_request->socks_extended_error_code = code;
1450  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_MISC);
1451  } SMARTLIST_FOREACH_END(entry_conn);
1452 }
1453 
1454 /** Called when we get a 200 directory fetch status code. */
1455 static void
1457  const smartlist_t *entry_conns, const char *body)
1458 {
1459  hs_desc_decode_status_t decode_status;
1460 
1461  tor_assert(dir_conn);
1462  tor_assert(entry_conns);
1463  tor_assert(body);
1464 
1465  /* We got something: Try storing it in the cache. */
1466  decode_status = hs_cache_store_as_client(body,
1467  &dir_conn->hs_ident->identity_pk);
1468  switch (decode_status) {
1469  case HS_DESC_DECODE_OK:
1470  case HS_DESC_DECODE_NEED_CLIENT_AUTH:
1471  case HS_DESC_DECODE_BAD_CLIENT_AUTH:
1472  log_info(LD_REND, "Stored hidden service descriptor successfully.");
1473  TO_CONN(dir_conn)->purpose = DIR_PURPOSE_HAS_FETCHED_HSDESC;
1474  if (decode_status == HS_DESC_DECODE_OK) {
1475  client_desc_has_arrived(entry_conns);
1476  } else {
1477  /* This handles both client auth decode status. */
1478  client_desc_missing_bad_client_auth(entry_conns, decode_status);
1479  log_info(LD_REND, "Stored hidden service descriptor requires "
1480  "%s client authorization.",
1481  decode_status == HS_DESC_DECODE_NEED_CLIENT_AUTH ? "missing"
1482  : "new");
1483  }
1484  /* Fire control port RECEIVED event. */
1485  hs_control_desc_event_received(dir_conn->hs_ident,
1486  dir_conn->identity_digest);
1487  hs_control_desc_event_content(dir_conn->hs_ident,
1488  dir_conn->identity_digest, body);
1489  break;
1490  case HS_DESC_DECODE_ENCRYPTED_ERROR:
1491  case HS_DESC_DECODE_SUPERENC_ERROR:
1492  case HS_DESC_DECODE_PLAINTEXT_ERROR:
1493  case HS_DESC_DECODE_GENERIC_ERROR:
1494  default:
1495  log_info(LD_REND, "Failed to store hidden service descriptor. "
1496  "Descriptor decoding status: %d", decode_status);
1497  /* Fire control port FAILED event. */
1498  hs_control_desc_event_failed(dir_conn->hs_ident,
1499  dir_conn->identity_digest, "BAD_DESC");
1500  hs_control_desc_event_content(dir_conn->hs_ident,
1501  dir_conn->identity_digest, NULL);
1502  break;
1503  }
1504 }
1505 
1506 /** Called when we get a 404 directory fetch status code. */
1507 static void
1509  const smartlist_t *entry_conns)
1510 {
1511  tor_assert(entry_conns);
1512 
1513  /* Not there. We'll retry when connection_about_to_close_connection() tries
1514  * to clean this conn up. */
1515  log_info(LD_REND, "Fetching hidden service v3 descriptor not found: "
1516  "Retrying at another directory.");
1517  /* Fire control port FAILED event. */
1518  hs_control_desc_event_failed(dir_conn->hs_ident, dir_conn->identity_digest,
1519  "NOT_FOUND");
1520  hs_control_desc_event_content(dir_conn->hs_ident, dir_conn->identity_digest,
1521  NULL);
1522 
1523  /* Flag every entry connections that the descriptor was not found. */
1524  SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) {
1526  SOCKS5_HS_NOT_FOUND;
1527  } SMARTLIST_FOREACH_END(entry_conn);
1528 }
1529 
1530 /** Called when we get a 400 directory fetch status code. */
1531 static void
1532 client_dir_fetch_400(dir_connection_t *dir_conn, const char *reason)
1533 {
1534  tor_assert(dir_conn);
1535 
1536  log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
1537  "http status 400 (%s). Dirserver didn't like our "
1538  "query? Retrying at another directory.",
1539  escaped(reason));
1540 
1541  /* Fire control port FAILED event. */
1542  hs_control_desc_event_failed(dir_conn->hs_ident, dir_conn->identity_digest,
1543  "QUERY_REJECTED");
1544  hs_control_desc_event_content(dir_conn->hs_ident, dir_conn->identity_digest,
1545  NULL);
1546 }
1547 
1548 /** Called when we get an unexpected directory fetch status code. */
1549 static void
1550 client_dir_fetch_unexpected(dir_connection_t *dir_conn, const char *reason,
1551  const int status_code)
1552 {
1553  tor_assert(dir_conn);
1554 
1555  log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
1556  "http status %d (%s) response unexpected from HSDir "
1557  "server %s'. Retrying at another directory.",
1558  status_code, escaped(reason),
1559  connection_describe_peer(TO_CONN(dir_conn)));
1560  /* Fire control port FAILED event. */
1561  hs_control_desc_event_failed(dir_conn->hs_ident, dir_conn->identity_digest,
1562  "UNEXPECTED");
1563  hs_control_desc_event_content(dir_conn->hs_ident, dir_conn->identity_digest,
1564  NULL);
1565 }
1566 
1567 /** Get the full filename for storing the client auth credentials for the
1568  * service in <b>onion_address</b>. The base directory is <b>dir</b>.
1569  * This function never returns NULL. */
1570 static char *
1571 get_client_auth_creds_filename(const char *onion_address,
1572  const char *dir)
1573 {
1574  char *full_fname = NULL;
1575  char *fname;
1576 
1577  tor_asprintf(&fname, "%s.auth_private", onion_address);
1578  full_fname = hs_path_from_filename(dir, fname);
1579  tor_free(fname);
1580 
1581  return full_fname;
1582 }
1583 
1584 /** Permanently store the credentials in <b>creds</b> to disk.
1585  *
1586  * Return -1 if there was an error while storing the credentials, otherwise
1587  * return 0.
1588  */
1589 static int
1591  const hs_client_service_authorization_t *creds)
1592 {
1593  const or_options_t *options = get_options();
1594  char *full_fname = NULL;
1595  char *file_contents = NULL;
1596  char priv_key_b32[BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)+1];
1597  int retval = -1;
1598 
1599  tor_assert(creds->flags & CLIENT_AUTH_FLAG_IS_PERMANENT);
1600 
1601  /* We need ClientOnionAuthDir to be set, otherwise we can't proceed */
1602  if (!options->ClientOnionAuthDir) {
1603  log_warn(LD_GENERAL, "Can't register permanent client auth credentials "
1604  "for %s without ClientOnionAuthDir option. Discarding.",
1605  creds->onion_address);
1606  goto err;
1607  }
1608 
1609  /* Make sure the directory exists and is private enough. */
1610  if (check_private_dir(options->ClientOnionAuthDir, 0, options->User) < 0) {
1611  goto err;
1612  }
1613 
1614  /* Get filename that we should store the credentials */
1615  full_fname = get_client_auth_creds_filename(creds->onion_address,
1616  options->ClientOnionAuthDir);
1617 
1618  /* Encode client private key */
1619  base32_encode(priv_key_b32, sizeof(priv_key_b32),
1620  (char*)creds->enc_seckey.secret_key,
1621  sizeof(creds->enc_seckey.secret_key));
1622 
1623  /* Get the full file contents and write it to disk! */
1624  tor_asprintf(&file_contents, "%s:descriptor:x25519:%s",
1625  creds->onion_address, priv_key_b32);
1626  if (write_str_to_file(full_fname, file_contents, 0) < 0) {
1627  log_warn(LD_GENERAL, "Failed to write client auth creds file for %s!",
1628  creds->onion_address);
1629  goto err;
1630  }
1631 
1632  retval = 0;
1633 
1634  err:
1635  tor_free(file_contents);
1636  tor_free(full_fname);
1637 
1638  return retval;
1639 }
1640 
1641 /** Register the credential <b>creds</b> as part of the client auth subsystem.
1642  *
1643  * Takes ownership of <b>creds</b>.
1644  **/
1645 hs_client_register_auth_status_t
1647 {
1648  ed25519_public_key_t service_identity_pk;
1649  hs_client_service_authorization_t *old_creds = NULL;
1650  hs_client_register_auth_status_t retval = REGISTER_SUCCESS;
1651 
1652  tor_assert(creds);
1653 
1654  if (!client_auths) {
1655  client_auths = digest256map_new();
1656  }
1657 
1658  if (hs_parse_address(creds->onion_address, &service_identity_pk,
1659  NULL, NULL) < 0) {
1660  client_service_authorization_free(creds);
1661  return REGISTER_FAIL_BAD_ADDRESS;
1662  }
1663 
1664  /* If we reach this point, the credentials will be stored one way or another:
1665  * Make them permanent if the user asked us to. */
1666  if (creds->flags & CLIENT_AUTH_FLAG_IS_PERMANENT) {
1667  if (store_permanent_client_auth_credentials(creds) < 0) {
1668  client_service_authorization_free(creds);
1669  return REGISTER_FAIL_PERMANENT_STORAGE;
1670  }
1671  }
1672 
1673  old_creds = digest256map_get(client_auths, service_identity_pk.pubkey);
1674  if (old_creds) {
1675  digest256map_remove(client_auths, service_identity_pk.pubkey);
1676  client_service_authorization_free(old_creds);
1677  retval = REGISTER_SUCCESS_ALREADY_EXISTS;
1678  }
1679 
1680  digest256map_set(client_auths, service_identity_pk.pubkey, creds);
1681 
1682  /** Now that we set the new credentials, also try to decrypt any cached
1683  * descriptors. */
1684  if (hs_cache_client_new_auth_parse(&service_identity_pk)) {
1685  retval = REGISTER_SUCCESS_AND_DECRYPTED;
1686  }
1687 
1688  return retval;
1689 }
1690 
1691 /** Load a client authorization file with <b>filename</b> that is stored under
1692  * the global client auth directory, and return a newly-allocated credentials
1693  * object if it parsed well. Otherwise, return NULL.
1694  */
1697  const or_options_t *options)
1698 {
1699  hs_client_service_authorization_t *auth = NULL;
1700  char *client_key_file_path = NULL;
1701  char *client_key_str = NULL;
1702 
1703  log_info(LD_REND, "Loading a client authorization key file %s...",
1704  filename);
1705 
1706  if (!auth_key_filename_is_valid(filename)) {
1707  log_notice(LD_REND, "Client authorization unrecognized filename %s. "
1708  "File must end in .auth_private. Ignoring.",
1709  filename);
1710  goto err;
1711  }
1712 
1713  /* Create a full path for a file. */
1714  client_key_file_path = hs_path_from_filename(options->ClientOnionAuthDir,
1715  filename);
1716 
1717  client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
1718  if (!client_key_str) {
1719  log_warn(LD_REND, "The file %s cannot be read.", filename);
1720  goto err;
1721  }
1722 
1723  auth = parse_auth_file_content(client_key_str);
1724  if (!auth) {
1725  goto err;
1726  }
1727 
1728  err:
1729  tor_free(client_key_str);
1730  tor_free(client_key_file_path);
1731 
1732  return auth;
1733 }
1734 
1735 /*
1736  * Remove the file in <b>filename</b> under the global client auth credential
1737  * storage.
1738  */
1739 static void
1740 remove_client_auth_creds_file(const char *filename)
1741 {
1742  char *creds_file_path = NULL;
1743  const or_options_t *options = get_options();
1744 
1745  creds_file_path = hs_path_from_filename(options->ClientOnionAuthDir,
1746  filename);
1747  if (tor_unlink(creds_file_path) != 0) {
1748  log_warn(LD_REND, "Failed to remove client auth file (%s).",
1749  creds_file_path);
1750  goto end;
1751  }
1752 
1753  log_warn(LD_REND, "Successfuly removed client auth file (%s).",
1754  creds_file_path);
1755 
1756  end:
1757  tor_free(creds_file_path);
1758 }
1759 
1760 /**
1761  * Find the filesystem file corresponding to the permanent client auth
1762  * credentials in <b>cred</b> and remove it.
1763  */
1764 static void
1767 {
1768  smartlist_t *file_list = NULL;
1769  const or_options_t *options = get_options();
1770 
1772 
1773  if (!options->ClientOnionAuthDir) {
1774  log_warn(LD_REND, "Found permanent credential but no ClientOnionAuthDir "
1775  "configured. There is no file to be removed.");
1776  goto end;
1777  }
1778 
1779  file_list = tor_listdir(options->ClientOnionAuthDir);
1780  if (file_list == NULL) {
1781  log_warn(LD_REND, "Client authorization key directory %s can't be listed.",
1782  options->ClientOnionAuthDir);
1783  goto end;
1784  }
1785 
1786  SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) {
1787  hs_client_service_authorization_t *tmp_cred = NULL;
1788 
1789  tmp_cred = get_creds_from_client_auth_filename(filename, options);
1790  if (!tmp_cred) {
1791  continue;
1792  }
1793 
1794  /* Find the right file for this credential */
1795  if (!strcmp(tmp_cred->onion_address, cred->onion_address)) {
1796  /* Found it! Remove the file! */
1797  remove_client_auth_creds_file(filename);
1798  /* cleanup and get out of here */
1799  client_service_authorization_free(tmp_cred);
1800  break;
1801  }
1802 
1803  client_service_authorization_free(tmp_cred);
1804  } SMARTLIST_FOREACH_END(filename);
1805 
1806  end:
1807  if (file_list) {
1808  SMARTLIST_FOREACH(file_list, char *, s, tor_free(s));
1809  smartlist_free(file_list);
1810  }
1811 }
1812 
1813 /** Remove client auth credentials for the service <b>hs_address</b>. */
1814 hs_client_removal_auth_status_t
1816 {
1817  ed25519_public_key_t service_identity_pk;
1818 
1819  if (!client_auths) {
1820  return REMOVAL_SUCCESS_NOT_FOUND;
1821  }
1822 
1823  if (hs_parse_address(hsaddress, &service_identity_pk, NULL, NULL) < 0) {
1824  return REMOVAL_BAD_ADDRESS;
1825  }
1826 
1827  hs_client_service_authorization_t *cred = NULL;
1828  cred = digest256map_remove(client_auths, service_identity_pk.pubkey);
1829 
1830  /* digestmap_remove() returns the previously stored data if there were any */
1831  if (cred) {
1832  if (cred->flags & CLIENT_AUTH_FLAG_IS_PERMANENT) {
1833  /* These creds are stored on disk: remove the corresponding file. */
1835  }
1836 
1837  /* Remove associated descriptor if any. */
1838  hs_cache_remove_as_client(&service_identity_pk);
1839 
1840  client_service_authorization_free(cred);
1841  return REMOVAL_SUCCESS;
1842  }
1843 
1844  return REMOVAL_SUCCESS_NOT_FOUND;
1845 }
1846 
1847 /** Get the HS client auth map. */
1848 digest256map_t *
1850 {
1851  return client_auths;
1852 }
1853 
1854 /* ========== */
1855 /* Public API */
1856 /* ========== */
1857 
1858 /** Called when a circuit was just cleaned up. This is done right before the
1859  * circuit is marked for close. */
1860 void
1862 {
1863  bool has_timed_out;
1864 
1865  tor_assert(circ);
1867 
1868  has_timed_out =
1869  (circ->marked_for_close_orig_reason == END_CIRC_REASON_TIMEOUT);
1870 
1871  switch (circ->purpose) {
1876  /* Report extended SOCKS error code when a rendezvous circuit times out.
1877  * This MUST be done on_close() because it is possible the entry
1878  * connection would get closed before the circuit is freed and thus
1879  * would fail to report the error code. */
1880  if (has_timed_out) {
1881  socks_mark_rend_circuit_timed_out(CONST_TO_ORIGIN_CIRCUIT(circ));
1882  }
1883  break;
1884  default:
1885  break;
1886  }
1887 }
1888 
1889 /** Called when a circuit was just cleaned up. This is done right before the
1890  * circuit is freed. */
1891 void
1893 {
1894  bool has_timed_out;
1895  rend_intro_point_failure_t failure = INTRO_POINT_FAILURE_GENERIC;
1896  const origin_circuit_t *orig_circ = NULL;
1897 
1898  tor_assert(circ);
1900 
1901  orig_circ = CONST_TO_ORIGIN_CIRCUIT(circ);
1902  tor_assert(orig_circ->hs_ident);
1903 
1904  has_timed_out =
1905  (circ->marked_for_close_orig_reason == END_CIRC_REASON_TIMEOUT);
1906  if (has_timed_out) {
1907  failure = INTRO_POINT_FAILURE_TIMEOUT;
1908  }
1909 
1910  switch (circ->purpose) {
1912  log_info(LD_REND, "Failed v3 intro circ for service %s to intro point %s "
1913  "(awaiting ACK). Failure code: %d",
1914  safe_str_client(ed25519_fmt(&orig_circ->hs_ident->identity_pk)),
1915  safe_str_client(build_state_get_exit_nickname(orig_circ->build_state)),
1916  failure);
1918  &orig_circ->hs_ident->intro_auth_pk,
1919  failure);
1920  break;
1922  if (has_timed_out || !orig_circ->build_state) {
1923  break;
1924  }
1925  failure = INTRO_POINT_FAILURE_UNREACHABLE;
1926  log_info(LD_REND, "Failed v3 intro circ for service %s to intro point %s "
1927  "(while building circuit). Marking as unreachable.",
1928  safe_str_client(ed25519_fmt(&orig_circ->hs_ident->identity_pk)),
1929  safe_str_client(build_state_get_exit_nickname(orig_circ->build_state)));
1931  &orig_circ->hs_ident->intro_auth_pk,
1932  failure);
1933  break;
1934  default:
1935  break;
1936  }
1937 }
1938 
1939 /** A circuit just finished connecting to a hidden service that the stream
1940  * <b>conn</b> has been waiting for. Let the HS subsystem know about this. */
1941 void
1943 {
1945 
1946  if (BUG(conn->rend_data && conn->hs_ident)) {
1947  log_warn(LD_BUG, "Stream had both rend_data and hs_ident..."
1948  "Prioritizing hs_ident");
1949  }
1950 
1951  if (conn->hs_ident) { /* It's v3: pass it to the prop224 handler */
1952  note_connection_attempt_succeeded(conn->hs_ident);
1953  return;
1954  } else if (conn->rend_data) { /* It's v2: pass it to the legacy handler */
1956  return;
1957  }
1958 }
1959 
1960 /** With the given encoded descriptor in desc_str and the service key in
1961  * service_identity_pk, decode the descriptor and set the desc pointer with a
1962  * newly allocated descriptor object.
1963  *
1964  * On success, HS_DESC_DECODE_OK is returned and desc is set to the decoded
1965  * descriptor. On error, desc is set to NULL and a decoding error status is
1966  * returned depending on what was the issue. */
1968 hs_client_decode_descriptor(const char *desc_str,
1969  const ed25519_public_key_t *service_identity_pk,
1970  hs_descriptor_t **desc)
1971 {
1973  hs_subcredential_t subcredential;
1974  ed25519_public_key_t blinded_pubkey;
1975  hs_client_service_authorization_t *client_auth = NULL;
1976  curve25519_secret_key_t *client_auth_sk = NULL;
1977 
1978  tor_assert(desc_str);
1979  tor_assert(service_identity_pk);
1980  tor_assert(desc);
1981 
1982  /* Check if we have a client authorization for this service in the map. */
1983  client_auth = find_client_auth(service_identity_pk);
1984  if (client_auth) {
1985  client_auth_sk = &client_auth->enc_seckey;
1986  }
1987 
1988  /* Create subcredential for this HS so that we can decrypt */
1989  {
1990  uint64_t current_time_period = hs_get_time_period_num(0);
1991  hs_build_blinded_pubkey(service_identity_pk, NULL, 0, current_time_period,
1992  &blinded_pubkey);
1993  hs_get_subcredential(service_identity_pk, &blinded_pubkey, &subcredential);
1994  }
1995 
1996  /* Parse descriptor */
1997  ret = hs_desc_decode_descriptor(desc_str, &subcredential,
1998  client_auth_sk, desc);
1999  memwipe(&subcredential, 0, sizeof(subcredential));
2000  if (ret != HS_DESC_DECODE_OK) {
2001  goto err;
2002  }
2003 
2004  /* Make sure the descriptor signing key cross certifies with the computed
2005  * blinded key. Without this validation, anyone knowing the subcredential
2006  * and onion address can forge a descriptor. */
2007  tor_cert_t *cert = (*desc)->plaintext_data.signing_key_cert;
2008  if (tor_cert_checksig(cert,
2009  &blinded_pubkey, approx_time()) < 0) {
2010  log_warn(LD_GENERAL, "Descriptor signing key certificate signature "
2011  "doesn't validate with computed blinded key: %s",
2013  ret = HS_DESC_DECODE_GENERIC_ERROR;
2014  goto err;
2015  }
2016 
2017  return HS_DESC_DECODE_OK;
2018  err:
2019  return ret;
2020 }
2021 
2022 /** Return true iff there are at least one usable intro point in the service
2023  * descriptor desc. */
2024 int
2026  const hs_descriptor_t *desc)
2027 {
2028  tor_assert(service_pk);
2029  tor_assert(desc);
2030 
2032  const hs_desc_intro_point_t *, ip) {
2033  if (intro_point_is_usable(service_pk, ip)) {
2034  goto usable;
2035  }
2036  } SMARTLIST_FOREACH_END(ip);
2037 
2038  return 0;
2039  usable:
2040  return 1;
2041 }
2042 
2043 /** Launch a connection to a hidden service directory to fetch a hidden
2044  * service descriptor using <b>identity_pk</b> to get the necessary keys.
2045  *
2046  * A hs_client_fetch_status_t code is returned. */
2047 int
2049 {
2050  hs_client_fetch_status_t status;
2051 
2052  tor_assert(identity_pk);
2053 
2054  if (!can_client_refetch_desc(identity_pk, &status)) {
2055  return status;
2056  }
2057 
2058  /* Try to fetch the desc and if we encounter an unrecoverable error, mark
2059  * the desc as unavailable for now. */
2060  status = fetch_v3_desc(identity_pk);
2061  if (fetch_status_should_close_socks(status)) {
2062  close_all_socks_conns_waiting_for_desc(identity_pk, status,
2063  END_STREAM_REASON_RESOLVEFAILED);
2064  /* Remove HSDir fetch attempts so that we can retry later if the user
2065  * wants us to regardless of if we closed any connections. */
2066  purge_hid_serv_request(identity_pk);
2067  }
2068  return status;
2069 }
2070 
2071 /** This is called when we are trying to attach an AP connection to these
2072  * hidden service circuits from connection_ap_handshake_attach_circuit().
2073  * Return 0 on success, -1 for a transient error that is actions were
2074  * triggered to recover or -2 for a permenent error where both circuits will
2075  * marked for close.
2076  *
2077  * The following supports every hidden service version. */
2078 int
2080  origin_circuit_t *rend_circ)
2081 {
2082  return (intro_circ->hs_ident) ? send_introduce1(intro_circ, rend_circ) :
2083  rend_client_send_introduction(intro_circ,
2084  rend_circ);
2085 }
2086 
2087 /** Called when the client circuit circ has been established. It can be either
2088  * an introduction or rendezvous circuit. This function handles all hidden
2089  * service versions. */
2090 void
2092 {
2093  tor_assert(circ);
2094 
2095  /* Handle both version. v2 uses rend_data and v3 uses the hs circuit
2096  * identifier hs_ident. Can't be both. */
2097  switch (TO_CIRCUIT(circ)->purpose) {
2099  if (circ->hs_ident) {
2101  } else {
2103  }
2104  break;
2106  if (circ->hs_ident) {
2108  } else {
2110  }
2111  break;
2112  default:
2114  }
2115 }
2116 
2117 /** Called when we receive a RENDEZVOUS_ESTABLISHED cell. Change the state of
2118  * the circuit to CIRCUIT_PURPOSE_C_REND_READY. Return 0 on success else a
2119  * negative value and the circuit marked for close. */
2120 int
2122  const uint8_t *payload, size_t payload_len)
2123 {
2124  tor_assert(circ);
2125  tor_assert(payload);
2126 
2127  (void) payload_len;
2128 
2129  if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND) {
2130  log_warn(LD_PROTOCOL, "Got a RENDEZVOUS_ESTABLISHED but we were not "
2131  "expecting one. Closing circuit.");
2132  goto err;
2133  }
2134 
2135  log_info(LD_REND, "Received an RENDEZVOUS_ESTABLISHED. This circuit is "
2136  "now ready for rendezvous.");
2138 
2139  /* Set timestamp_dirty, because circuit_expire_building expects it to
2140  * specify when a circuit entered the _C_REND_READY state. */
2141  TO_CIRCUIT(circ)->timestamp_dirty = time(NULL);
2142 
2143  /* From a path bias point of view, this circuit is now successfully used.
2144  * Waiting any longer opens us up to attacks from malicious hidden services.
2145  * They could induce the client to attempt to connect to their hidden
2146  * service and never reply to the client's rend requests */
2148 
2149  /* If we already have the introduction circuit built, make sure we send
2150  * the INTRODUCE cell _now_ */
2152 
2153  return 0;
2154  err:
2155  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
2156  return -1;
2157 }
2158 
2159 void
2160 client_service_authorization_free_(hs_client_service_authorization_t *auth)
2161 {
2162  if (!auth) {
2163  return;
2164  }
2165 
2166  memwipe(auth, 0, sizeof(*auth));
2167  tor_free(auth);
2168 }
2169 
2170 /** Helper for digest256map_free. */
2171 static void
2173 {
2174  client_service_authorization_free_(auth);
2175 }
2176 
2177 static void
2178 client_service_authorization_free_all(void)
2179 {
2180  if (!client_auths) {
2181  return;
2182  }
2184 }
2185 
2186 /** Check if the auth key file name is valid or not. Return 1 if valid,
2187  * otherwise return 0. */
2188 STATIC int
2189 auth_key_filename_is_valid(const char *filename)
2190 {
2191  int ret = 1;
2192  const char *valid_extension = ".auth_private";
2193 
2194  tor_assert(filename);
2195 
2196  /* The length of the filename must be greater than the length of the
2197  * extension and the valid extension must be at the end of filename. */
2198  if (!strcmpend(filename, valid_extension) &&
2199  strlen(filename) != strlen(valid_extension)) {
2200  ret = 1;
2201  } else {
2202  ret = 0;
2203  }
2204 
2205  return ret;
2206 }
2207 
2208 /** Parse the client auth credentials off a string in <b>client_key_str</b>
2209  * based on the file format documented in the "Client side configuration"
2210  * section of rend-spec-v3.txt.
2211  *
2212  * Return NULL if there was an error, otherwise return a newly allocated
2213  * hs_client_service_authorization_t structure.
2214  */
2216 parse_auth_file_content(const char *client_key_str)
2217 {
2218  char *onion_address = NULL;
2219  char *auth_type = NULL;
2220  char *key_type = NULL;
2221  char *seckey_b32 = NULL;
2222  hs_client_service_authorization_t *auth = NULL;
2223  smartlist_t *fields = smartlist_new();
2224 
2225  tor_assert(client_key_str);
2226 
2227  smartlist_split_string(fields, client_key_str, ":",
2228  SPLIT_SKIP_SPACE, 0);
2229  /* Wrong number of fields. */
2230  if (smartlist_len(fields) != 4) {
2231  goto err;
2232  }
2233 
2234  onion_address = smartlist_get(fields, 0);
2235  auth_type = smartlist_get(fields, 1);
2236  key_type = smartlist_get(fields, 2);
2237  seckey_b32 = smartlist_get(fields, 3);
2238 
2239  /* Currently, the only supported auth type is "descriptor" and the only
2240  * supported key type is "x25519". */
2241  if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) {
2242  goto err;
2243  }
2244 
2245  if (strlen(seckey_b32) != BASE32_NOPAD_LEN(CURVE25519_SECKEY_LEN)) {
2246  log_warn(LD_REND, "Client authorization encoded base32 private key "
2247  "length is invalid: %s", seckey_b32);
2248  goto err;
2249  }
2250 
2251  auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t));
2252  if (base32_decode((char *) auth->enc_seckey.secret_key,
2253  sizeof(auth->enc_seckey.secret_key),
2254  seckey_b32, strlen(seckey_b32)) !=
2255  sizeof(auth->enc_seckey.secret_key)) {
2256  log_warn(LD_REND, "Client authorization encoded base32 private key "
2257  "can't be decoded: %s", seckey_b32);
2258  goto err;
2259  }
2260 
2261  if (fast_mem_is_zero((const char*)auth->enc_seckey.secret_key,
2262  sizeof(auth->enc_seckey.secret_key))) {
2263  log_warn(LD_REND, "Client authorization private key can't be all-zeroes");
2264  goto err;
2265  }
2266 
2267  strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32);
2268 
2269  /* We are reading this from the disk, so set the permanent flag anyway. */
2270  auth->flags |= CLIENT_AUTH_FLAG_IS_PERMANENT;
2271 
2272  /* Success. */
2273  goto done;
2274 
2275  err:
2276  client_service_authorization_free(auth);
2277  done:
2278  /* It is also a good idea to wipe the private key. */
2279  if (seckey_b32) {
2280  memwipe(seckey_b32, 0, strlen(seckey_b32));
2281  }
2282  tor_assert(fields);
2283  SMARTLIST_FOREACH(fields, char *, s, tor_free(s));
2284  smartlist_free(fields);
2285  return auth;
2286 }
2287 
2288 /** From a set of <b>options</b>, setup every client authorization detail
2289  * found. Return 0 on success or -1 on failure. If <b>validate_only</b>
2290  * is set, parse, warn and return as normal, but don't actually change
2291  * the configuration. */
2292 int
2294  int validate_only)
2295 {
2296  int ret = -1;
2297  digest256map_t *auths = digest256map_new();
2298  smartlist_t *file_list = NULL;
2299 
2300  tor_assert(options);
2301 
2302  /* There is no client auth configured. We can just silently ignore this
2303  * function. */
2304  if (!options->ClientOnionAuthDir) {
2305  ret = 0;
2306  goto end;
2307  }
2308 
2309  /* Make sure the directory exists and is private enough. */
2310  if (check_private_dir(options->ClientOnionAuthDir, 0, options->User) < 0) {
2311  goto end;
2312  }
2313 
2314  file_list = tor_listdir(options->ClientOnionAuthDir);
2315  if (file_list == NULL) {
2316  log_warn(LD_REND, "Client authorization key directory %s can't be listed.",
2317  options->ClientOnionAuthDir);
2318  goto end;
2319  }
2320 
2321  SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) {
2322  hs_client_service_authorization_t *auth = NULL;
2323  ed25519_public_key_t identity_pk;
2324 
2325  auth = get_creds_from_client_auth_filename(filename, options);
2326  if (!auth) {
2327  continue;
2328  }
2329 
2330  /* Parse the onion address to get an identity public key and use it
2331  * as a key of global map in the future. */
2332  if (hs_parse_address(auth->onion_address, &identity_pk,
2333  NULL, NULL) < 0) {
2334  log_warn(LD_REND, "The onion address \"%s\" is invalid in "
2335  "file %s", filename, auth->onion_address);
2336  client_service_authorization_free(auth);
2337  continue;
2338  }
2339 
2340  if (digest256map_get(auths, identity_pk.pubkey)) {
2341  log_warn(LD_REND, "Duplicate authorization for the same hidden "
2342  "service address %s.",
2343  safe_str_client_opts(options, auth->onion_address));
2344  client_service_authorization_free(auth);
2345  goto end;
2346  }
2347 
2348  digest256map_set(auths, identity_pk.pubkey, auth);
2349  log_info(LD_REND, "Loaded a client authorization key file %s.",
2350  filename);
2351  } SMARTLIST_FOREACH_END(filename);
2352 
2353  /* Success. */
2354  ret = 0;
2355 
2356  end:
2357  if (file_list) {
2358  SMARTLIST_FOREACH(file_list, char *, s, tor_free(s));
2359  smartlist_free(file_list);
2360  }
2361 
2362  if (!validate_only && ret == 0) {
2363  client_service_authorization_free_all();
2364  client_auths = auths;
2365  } else {
2366  digest256map_free(auths, client_service_authorization_free_void);
2367  }
2368 
2369  return ret;
2370 }
2371 
2372 /** Called when a descriptor directory fetch is done.
2373  *
2374  * Act accordingly on all entry connections depending on the HTTP status code
2375  * we got. In case of an error, the SOCKS error is set (if ExtendedErrors is
2376  * set).
2377  *
2378  * The reason is a human readable string returned by the directory server
2379  * which can describe the status of the request. The body is the response
2380  * content, on 200 code it is the descriptor itself. Finally, the status_code
2381  * is the HTTP code returned by the directory server. */
2382 void
2383 hs_client_dir_fetch_done(dir_connection_t *dir_conn, const char *reason,
2384  const char *body, const int status_code)
2385 {
2386  smartlist_t *entry_conns;
2387 
2388  tor_assert(dir_conn);
2389  tor_assert(body);
2390 
2391  /* Get all related entry connections. */
2392  entry_conns = find_entry_conns(&dir_conn->hs_ident->identity_pk);
2393 
2394  switch (status_code) {
2395  case 200:
2396  client_dir_fetch_200(dir_conn, entry_conns, body);
2397  break;
2398  case 404:
2399  client_dir_fetch_404(dir_conn, entry_conns);
2400  break;
2401  case 400:
2402  client_dir_fetch_400(dir_conn, reason);
2403  break;
2404  default:
2405  client_dir_fetch_unexpected(dir_conn, reason, status_code);
2406  break;
2407  }
2408 
2409  /* We don't have ownership of the objects in this list. */
2410  smartlist_free(entry_conns);
2411 }
2412 
2413 /** Return a newly allocated extend_info_t for a randomly chosen introduction
2414  * point for the given edge connection identifier ident. Return NULL if we
2415  * can't pick any usable introduction points. */
2416 extend_info_t *
2418 {
2419  tor_assert(edge_conn);
2420 
2421  return (edge_conn->hs_ident) ?
2422  client_get_random_intro(&edge_conn->hs_ident->identity_pk) :
2424 }
2425 
2426 /** Called when get an INTRODUCE_ACK cell on the introduction circuit circ.
2427  * Return 0 on success else a negative value is returned. The circuit will be
2428  * closed or reuse to extend again to another intro point. */
2429 int
2431  const uint8_t *payload, size_t payload_len)
2432 {
2433  int ret = -1;
2434 
2435  tor_assert(circ);
2436  tor_assert(payload);
2437 
2438  if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) {
2439  log_warn(LD_PROTOCOL, "Unexpected INTRODUCE_ACK on circuit %u.",
2440  (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
2441  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
2442  goto end;
2443  }
2444 
2445  ret = (circ->hs_ident) ? handle_introduce_ack(circ, payload, payload_len) :
2446  rend_client_introduction_acked(circ, payload,
2447  payload_len);
2448  /* For path bias: This circuit was used successfully. NACK or ACK counts. */
2450 
2451  end:
2452  return ret;
2453 }
2454 
2455 /** Called when get a RENDEZVOUS2 cell on the rendezvous circuit circ. Return
2456  * 0 on success else a negative value is returned. The circuit will be closed
2457  * on error. */
2458 int
2460  const uint8_t *payload, size_t payload_len)
2461 {
2462  int ret = -1;
2463 
2464  tor_assert(circ);
2465  tor_assert(payload);
2466 
2467  /* Circuit can possibly be in both state because we could receive a
2468  * RENDEZVOUS2 cell before the INTRODUCE_ACK has been received. */
2469  if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_REND_READY &&
2471  log_warn(LD_PROTOCOL, "Unexpected RENDEZVOUS2 cell on circuit %u. "
2472  "Closing circuit.",
2473  (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
2474  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
2475  goto end;
2476  }
2477 
2478  log_info(LD_REND, "Got RENDEZVOUS2 cell from hidden service on circuit %u.",
2479  TO_CIRCUIT(circ)->n_circ_id);
2480 
2481  ret = (circ->hs_ident) ? handle_rendezvous2(circ, payload, payload_len) :
2482  rend_client_receive_rendezvous(circ, payload,
2483  payload_len);
2484  end:
2485  return ret;
2486 }
2487 
2488 /** Extend the introduction circuit circ to another valid introduction point
2489  * for the hidden service it is trying to connect to, or mark it and launch a
2490  * new circuit if we can't extend it. Return 0 on success or possible
2491  * success. Return -1 and mark the introduction circuit for close on permanent
2492  * failure.
2493  *
2494  * On failure, the caller is responsible for marking the associated rendezvous
2495  * circuit for close. */
2496 int
2498 {
2499  int ret = -1;
2500  extend_info_t *ei;
2501 
2502  tor_assert(circ);
2503 
2504  ei = (circ->hs_ident) ?
2507  if (ei == NULL) {
2508  log_warn(LD_REND, "No usable introduction points left. Closing.");
2509  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
2510  goto end;
2511  }
2512 
2513  if (circ->remaining_relay_early_cells) {
2514  log_info(LD_REND, "Re-extending circ %u, this time to %s.",
2515  (unsigned int) TO_CIRCUIT(circ)->n_circ_id,
2516  safe_str_client(extend_info_describe(ei)));
2517  ret = circuit_extend_to_new_exit(circ, ei);
2518  if (ret == 0) {
2519  /* We were able to extend so update the timestamp so we avoid expiring
2520  * this circuit too early. The intro circuit is short live so the
2521  * linkability issue is minimized, we just need the circuit to hold a
2522  * bit longer so we can introduce. */
2523  TO_CIRCUIT(circ)->timestamp_dirty = time(NULL);
2524  }
2525  } else {
2526  log_info(LD_REND, "Closing intro circ %u (out of RELAY_EARLY cells).",
2527  (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
2528  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
2529  /* connection_ap_handshake_attach_circuit will launch a new intro circ. */
2530  ret = 0;
2531  }
2532 
2533  end:
2534  extend_info_free(ei);
2535  return ret;
2536 }
2537 
2538 /** Close all client introduction circuits related to the given descriptor.
2539  * This is called with a descriptor that is about to get replaced in the
2540  * client cache.
2541  *
2542  * Even though the introduction point might be exactly the same, we'll rebuild
2543  * them if needed but the odds are very low that an existing matching
2544  * introduction circuit exists at that stage. */
2545 void
2547 {
2548  origin_circuit_t *ocirc = NULL;
2549 
2550  tor_assert(desc);
2551 
2552  /* We iterate over all client intro circuits because they aren't kept in the
2553  * HS circuitmap. That is probably something we want to do one day. */
2554  while ((ocirc = circuit_get_next_intro_circ(ocirc, true))) {
2555  if (ocirc->hs_ident == NULL) {
2556  /* Not a v3 circuit, ignore it. */
2557  continue;
2558  }
2559 
2560  /* Does it match any IP in the given descriptor? If not, ignore. */
2561  if (find_desc_intro_point_by_ident(ocirc->hs_ident, desc) == NULL) {
2562  continue;
2563  }
2564 
2565  /* We have a match. Close the circuit as consider it expired. */
2566  circuit_mark_for_close(TO_CIRCUIT(ocirc), END_CIRC_REASON_FINISHED);
2567  }
2568 }
2569 
2570 /** Release all the storage held by the client subsystem. */
2571 void
2573 {
2574  /* Purge the hidden service request cache. */
2576  client_service_authorization_free_all();
2577 }
2578 
2579 /** Purge all potentially remotely-detectable state held in the hidden
2580  * service client code. Called on SIGNAL NEWNYM. */
2581 void
2583 {
2584  /* v2 subsystem. */
2586 
2587  /* Cancel all descriptor fetches. Do this first so once done we are sure
2588  * that our descriptor cache won't modified. */
2589  cancel_descriptor_fetches();
2590  /* Purge the introduction point state cache. */
2592  /* Purge the descriptor cache. */
2594  /* Purge the last hidden service request cache. */
2596  /* Purge ephemeral client authorization. */
2598 
2599  log_info(LD_REND, "Hidden service client state has been purged.");
2600 }
2601 
2602 /** Called when our directory information has changed. */
2603 void
2605 {
2606  /* We have possibly reached the minimum directory information or new
2607  * consensus so retry all pending SOCKS connection in
2608  * AP_CONN_STATE_RENDDESC_WAIT state in order to fetch the descriptor. */
2610 }
2611 
2612 #ifdef TOR_UNIT_TESTS
2613 
2614 STATIC void
2615 set_hs_client_auths_map(digest256map_t *map)
2616 {
2617  client_auths = map;
2618 }
2619 
2620 #endif /* defined(TOR_UNIT_TESTS) */
close_or_reextend_intro_circ
static int close_or_reextend_intro_circ(origin_circuit_t *intro_circ)
Definition: hs_client.c:1060
edge_connection_t::rend_data
rend_data_t * rend_data
Definition: edge_connection_st.h:38
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:287
hs_circuit_setup_e2e_rend_circ
int hs_circuit_setup_e2e_rend_circ(origin_circuit_t *circ, const uint8_t *ntor_key_seed, size_t seed_len, int is_service_side)
Definition: hs_circuit.c:1092
HS_CLIENT_FETCH_HAVE_DESC
@ HS_CLIENT_FETCH_HAVE_DESC
Definition: hs_client.h:25
tor_free
#define tor_free(p)
Definition: malloc.h:52
connection_edge.h
Header file for connection_edge.c.
CURVE25519_PUBKEY_LEN
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
get_client_auth_creds_filename
static char * get_client_auth_creds_filename(const char *onion_address, const char *dir)
Definition: hs_client.c:1571
smartlist_split_string
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
Definition: smartlist_split.c:37
rend_client_get_random_intro
extend_info_t * rend_client_get_random_intro(const rend_data_t *rend_query)
Definition: rendclient.c:1016
hs_cache_store_as_client
hs_desc_decode_status_t hs_cache_store_as_client(const char *desc_str, const ed25519_public_key_t *identity_pk)
Definition: hs_cache.c:860
circuit_t::purpose
uint8_t purpose
Definition: circuit_st.h:111
hs_config_client_authorization
int hs_config_client_authorization(const or_options_t *options, int validate_only)
Definition: hs_client.c:2293
hs_cache_client_intro_state_note
void hs_cache_client_intro_state_note(const ed25519_public_key_t *service_pk, const ed25519_public_key_t *auth_key, rend_intro_point_failure_t failure)
Definition: hs_cache.c:957
hs_client_circuit_has_opened
void hs_client_circuit_has_opened(origin_circuit_t *circ)
Definition: hs_client.c:2091
routerstatus_describe
const char * routerstatus_describe(const routerstatus_t *rs)
Definition: describe.c:182
hs_ntor_client_rendezvous2_mac_is_good
int hs_ntor_client_rendezvous2_mac_is_good(const hs_ntor_rend_cell_keys_t *hs_ntor_rend_cell_keys, const uint8_t *rcvd_mac)
Definition: hs_ntor.c:594
hs_desc_decode_status_t
hs_desc_decode_status_t
Definition: hs_descriptor.h:74
entry_connection_st.h
Entry connection structure.
tor_cert_t
Definition: torcert.h:28
hs_ident.h
Header file containing circuit and connection identifier data for the whole HS subsytem.
memwipe
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:55
ED25519_BASE64_LEN
#define ED25519_BASE64_LEN
Definition: x25519_sizes.h:43
circuit_get_next_intro_circ
origin_circuit_t * circuit_get_next_intro_circ(const origin_circuit_t *start, bool want_client_circ)
Definition: circuitlist.c:1734
note_connection_attempt_succeeded
static void note_connection_attempt_succeeded(const hs_ident_edge_conn_t *hs_conn_ident)
Definition: hs_client.c:355
directory_initiate_request
void directory_initiate_request(directory_request_t *request)
Definition: dirclient.c:1235
approx_time
time_t approx_time(void)
Definition: approx_time.c:32
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
intro_circ_is_ok
static int intro_circ_is_ok(const origin_circuit_t *circ)
Definition: hs_client.c:505
hs_client_fetch_status_t
hs_client_fetch_status_t
Definition: hs_client.h:19
hs_client_receive_introduce_ack
int hs_client_receive_introduce_ack(origin_circuit_t *circ, const uint8_t *payload, size_t payload_len)
Definition: hs_client.c:2430
desc_intro_point_to_extend_info
STATIC extend_info_t * desc_intro_point_to_extend_info(const hs_desc_intro_point_t *ip)
Definition: hs_client.c:808
circuit_extend_to_new_exit
int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
Definition: circuitbuild.c:2083
dir_connection_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: dir_connection_st.h:57
HS_CLIENT_FETCH_ERROR
@ HS_CLIENT_FETCH_ERROR
Definition: hs_client.h:21
HS_CLIENT_FETCH_NO_HSDIRS
@ HS_CLIENT_FETCH_NO_HSDIRS
Definition: hs_client.h:27
or_options_t::User
char * User
Definition: or_options_st.h:142
parse_auth_file_content
STATIC hs_client_service_authorization_t * parse_auth_file_content(const char *client_key_str)
Definition: hs_client.c:2216
socks5_reply_status_t
socks5_reply_status_t
Definition: socks5_status.h:20
hs_ident_intro_circ_is_valid
int hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident)
Definition: hs_ident.c:104
hs_desc_encrypted_data_t
Definition: hs_descriptor.h:158
routerset_contains_extendinfo
int routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
Definition: routerset.c:307
AP_CONN_STATE_CIRCUIT_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
Definition: connection_edge.h:49
hs_client_circuit_cleanup_on_free
void hs_client_circuit_cleanup_on_free(const circuit_t *circ)
Definition: hs_client.c:1892
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
hs_desc_intro_point_t::link_specifiers
smartlist_t * link_specifiers
Definition: hs_descriptor.h:102
CONN_TYPE_DIR
#define CONN_TYPE_DIR
Definition: connection.h:55
LD_BUG
#define LD_BUG
Definition: log.h:86
ed25519_pubkey_eq
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
Definition: crypto_ed25519.c:642
hs_circ_send_establish_rendezvous
int hs_circ_send_establish_rendezvous(origin_circuit_t *circ)
Definition: hs_circuit.c:1227
cpath_build_state_st.h
Circuit-build-stse structure.
hs_cache_intro_state_t
Definition: hs_cache.h:26
hs_ident_circuit_t::identity_pk
ed25519_public_key_t identity_pk
Definition: hs_ident.h:45
fast_mem_is_zero
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
circuituse.h
Header file for circuituse.c.
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
DIGESTMAP_FOREACH_END
#define DIGESTMAP_FOREACH_END
Definition: map.h:168
describe.h
Header file for describe.c.
smartlist_add_all
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
Definition: smartlist_core.c:125
purge_hid_serv_request
static void purge_hid_serv_request(const ed25519_public_key_t *identity_pk)
Definition: hs_client.c:198
pathbias_count_use_attempt
void pathbias_count_use_attempt(origin_circuit_t *circ)
Definition: circpathbias.c:604
store_permanent_client_auth_credentials
static int store_permanent_client_auth_credentials(const hs_client_service_authorization_t *creds)
Definition: hs_client.c:1590
hs_client_note_connection_attempt_succeeded
void hs_client_note_connection_attempt_succeeded(const edge_connection_t *conn)
Definition: hs_client.c:1942
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
networkstatus_get_live_consensus
networkstatus_t * networkstatus_get_live_consensus(time_t now)
Definition: networkstatus.c:1416
handle_introduce_ack_success
static void handle_introduce_ack_success(origin_circuit_t *intro_circ)
Definition: hs_client.c:1114
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
HS_CLIENT_FETCH_MISSING_INFO
@ HS_CLIENT_FETCH_MISSING_INFO
Definition: hs_client.h:31
hs_descriptor_t::plaintext_data
hs_desc_plaintext_data_t plaintext_data
Definition: hs_descriptor.h:228
hs_desc_plaintext_data_t::version
uint32_t version
Definition: hs_descriptor.h:196
CIRCUIT_PURPOSE_C_REND_JOINED
#define CIRCUIT_PURPOSE_C_REND_JOINED
Definition: circuitlist.h:90
routerstatus_t
Definition: routerstatus_st.h:19
ed25519_pubkey_copy
void ed25519_pubkey_copy(ed25519_public_key_t *dest, const ed25519_public_key_t *src)
Definition: crypto_ed25519.c:654
setup_intro_circ_auth_key
static int setup_intro_circ_auth_key(origin_circuit_t *circ)
Definition: hs_client.c:713
client_dir_fetch_unexpected
static void client_dir_fetch_unexpected(dir_connection_t *dir_conn, const char *reason, const int status_code)
Definition: hs_client.c:1550
hs_build_address
void hs_build_address(const ed25519_public_key_t *key, uint8_t version, char *addr_out)
Definition: hs_common.c:1019
client_service_authorization_free_void
static void client_service_authorization_free_void(void *auth)
Definition: hs_client.c:2172
hs_control_desc_event_failed
void hs_control_desc_event_failed(const hs_ident_dir_conn_t *ident, const char *hsdir_id_digest, const char *reason)
Definition: hs_control.c:65
hs_client_any_intro_points_usable
int hs_client_any_intro_points_usable(const ed25519_public_key_t *service_pk, const hs_descriptor_t *desc)
Definition: hs_client.c:2025
CLIENT_AUTH_FLAG_IS_PERMANENT
#define CLIENT_AUTH_FLAG_IS_PERMANENT
Definition: hs_client.h:63
tor_cert_checksig
int tor_cert_checksig(tor_cert_t *cert, const ed25519_public_key_t *pubkey, time_t now)
Definition: torcert.c:244
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
reasons.h
Header file for reasons.c.
hs_desc_intro_point_t::auth_key_cert
tor_cert_t * auth_key_cert
Definition: hs_descriptor.h:111
hs_client_launch_v3_desc_fetch
void hs_client_launch_v3_desc_fetch(const ed25519_public_key_t *onion_identity_pk, const smartlist_t *hsdirs)
Definition: hs_client.c:486
socks_request_st.h
Client request structure.
CIRCUIT_IS_ORIGIN
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:146
HS_CLIENT_FETCH_NOT_ALLOWED
@ HS_CLIENT_FETCH_NOT_ALLOWED
Definition: hs_client.h:29
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
Definition: circuitlist.h:78
rend_client_receive_rendezvous
int rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, size_t request_len)
Definition: rendclient.c:898
ed25519_public_to_base64
void ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey)
Definition: crypto_format.c:227
hs_client_dir_fetch_done
void hs_client_dir_fetch_done(dir_connection_t *dir_conn, const char *reason, const char *body, const int status_code)
Definition: hs_client.c:2383
strcmpend
int strcmpend(const char *s1, const char *s2)
Definition: util_string.c:242
intro_points_all_timed_out
static bool intro_points_all_timed_out(const ed25519_public_key_t *service_pk)
Definition: hs_client.c:973
hs_control_desc_event_content
void hs_control_desc_event_content(const hs_ident_dir_conn_t *ident, const char *hsdir_id_digest, const char *body)
Definition: hs_control.c:178
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
hs_client_receive_rendezvous2
int hs_client_receive_rendezvous2(origin_circuit_t *circ, const uint8_t *payload, size_t payload_len)
Definition: hs_client.c:2459
crypto_rand_int
int crypto_rand_int(unsigned int max)
Definition: crypto_rand_numeric.c:52
extend_info_describe
const char * extend_info_describe(const extend_info_t *ei)
Definition: describe.c:202
hs_cell.h
Header file containing cell data for the whole HS subsytem.
base32_decode
int base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:90
build_state_get_exit_nickname
const char * build_state_get_exit_nickname(cpath_build_state_t *state)
Definition: circuitbuild.c:2492
hs_circ_send_introduce1
int hs_circ_send_introduce1(origin_circuit_t *intro_circ, origin_circuit_t *rend_circ, const hs_desc_intro_point_t *ip, const hs_subcredential_t *subcredential)
Definition: hs_circuit.c:1148
networkstatus.h
Header file for networkstatus.c.
hs_control_desc_event_requested
void hs_control_desc_event_requested(const ed25519_public_key_t *onion_pk, const char *base64_blinded_pk, const routerstatus_t *hsdir_rs)
Definition: hs_control.c:29
rend_client_send_introduction
int rend_client_send_introduction(origin_circuit_t *introcirc, origin_circuit_t *rendcirc)
Definition: rendclient.c:113
CIRCUIT_PURPOSE_C_ESTABLISH_REND
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND
Definition: circuitlist.h:83
hs_client_purge_state
void hs_client_purge_state(void)
Definition: hs_client.c:2582
hs_client.h
Header file containing client data for the HS subsytem.
base32_encode
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
ed25519_fmt
const char * ed25519_fmt(const ed25519_public_key_t *pkey)
Definition: crypto_format.c:193
hs_client_get_random_intro_from_edge
extend_info_t * hs_client_get_random_intro_from_edge(const edge_connection_t *edge_conn)
Definition: hs_client.c:2417
crypto_util.h
Common functions for cryptographic routines.
hs_purge_last_hid_serv_requests
void hs_purge_last_hid_serv_requests(void)
Definition: hs_common.c:1599
hs_client_receive_rendezvous_acked
int hs_client_receive_rendezvous_acked(origin_circuit_t *circ, const uint8_t *payload, size_t payload_len)
Definition: hs_client.c:2121
hs_cache.h
Header file for hs_cache.c.
mark_conn_as_waiting_for_circuit
static void mark_conn_as_waiting_for_circuit(connection_t *conn, time_t now)
Definition: hs_client.c:248
socks_request_t::socks_extended_error_code
socks5_reply_status_t socks_extended_error_code
Definition: socks_request_st.h:72
ENTRY_TO_EDGE_CONN
#define ENTRY_TO_EDGE_CONN(c)
Definition: entry_connection_st.h:102
hs_cache_purge_as_client
void hs_cache_purge_as_client(void)
Definition: hs_cache.c:939
hs_circuitmap_get_established_rend_circ_client_side
origin_circuit_t * hs_circuitmap_get_established_rend_circ_client_side(const uint8_t *cookie)
Definition: hs_circuitmap.c:492
rend_client_note_connection_attempt_ended
void rend_client_note_connection_attempt_ended(const rend_data_t *rend_data)
Definition: rendclient.c:974
circuitlist.h
Header file for circuitlist.c.
hs_desc_intro_point_t::enc_key
curve25519_public_key_t enc_key
Definition: hs_descriptor.h:114
write_str_to_file
int write_str_to_file(const char *fname, const char *str, int bin)
Definition: files.c:258
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
hs_pick_hsdir
routerstatus_t * hs_pick_hsdir(smartlist_t *responsible_dirs, const char *req_key_str, bool *is_rate_limited_out)
Definition: hs_common.c:1627
circuit_t::marked_for_close_orig_reason
int marked_for_close_orig_reason
Definition: circuit_st.h:201
pick_hsdir_v3
STATIC routerstatus_t * pick_hsdir_v3(const ed25519_public_key_t *onion_identity_pk)
Definition: hs_client.c:430
rend_client_introduction_acked
int rend_client_introduction_acked(origin_circuit_t *circ, const uint8_t *request, size_t request_len)
Definition: rendclient.c:383
CONN_TYPE_AP
#define CONN_TYPE_AP
Definition: connection.h:51
crypto_format.h
Header for crypto_format.c.
cpath_build_state_t::chosen_exit
extend_info_t * chosen_exit
Definition: cpath_build_state_st.h:20
DIR_PURPOSE_FETCH_HSDESC
#define DIR_PURPOSE_FETCH_HSDESC
Definition: directory.h:75
find_desc_intro_point_by_legacy_id
static hs_desc_intro_point_t * find_desc_intro_point_by_legacy_id(const char *legacy_id, const hs_descriptor_t *desc)
Definition: hs_client.c:556
handle_rendezvous2
STATIC int handle_rendezvous2(origin_circuit_t *circ, const uint8_t *payload, size_t payload_len)
Definition: hs_client.c:1222
TO_ENTRY_CONN
entry_connection_t * TO_ENTRY_CONN(connection_t *c)
Definition: connection_edge.c:202
intro_point_is_usable
static int intro_point_is_usable(const ed25519_public_key_t *service_pk, const hs_desc_intro_point_t *ip)
Definition: hs_client.c:830
hs_ident_circuit_t::intro_auth_pk
ed25519_public_key_t intro_auth_pk
Definition: hs_ident.h:51
connection_ap_mark_as_waiting_for_renddesc
void connection_ap_mark_as_waiting_for_renddesc(entry_connection_t *entry_conn)
Definition: connection_edge.c:1445
hs_path_from_filename
char * hs_path_from_filename(const char *directory, const char *filename)
Definition: hs_common.c:179
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
get_hs_client_auths_map
digest256map_t * get_hs_client_auths_map(void)
Definition: hs_client.c:1849
hs_cache_client_intro_state_purge
void hs_cache_client_intro_state_purge(void)
Definition: hs_cache.c:1009
node_t
Definition: node_st.h:34
origin_circuit_t
Definition: origin_circuit_st.h:79
directory_request_set_routerstatus
void directory_request_set_routerstatus(directory_request_t *req, const routerstatus_t *status)
Definition: dirclient.c:1162
hs_ident_dir_conn_init
void hs_ident_dir_conn_init(const ed25519_public_key_t *identity_pk, const ed25519_public_key_t *blinded_pk, hs_ident_dir_conn_t *ident)
Definition: hs_ident.c:69
client_auths
static digest256map_t * client_auths
Definition: hs_client.c:50
connection_describe_peer
const char * connection_describe_peer(const connection_t *conn)
Definition: connection.c:514
hs_circuitmap_get_rend_circ_client_side
origin_circuit_t * hs_circuitmap_get_rend_circ_client_side(const uint8_t *cookie)
Definition: hs_circuitmap.c:461
directory.h
Header file for directory.c.
hs_desc_decode_descriptor
hs_desc_decode_status_t hs_desc_decode_descriptor(const char *encoded, const hs_subcredential_t *subcredential, const curve25519_secret_key_t *client_auth_sk, hs_descriptor_t **desc_out)
Definition: hs_descriptor.c:2571
ed25519_public_key_t
Definition: crypto_ed25519.h:23
or_options_t::ExcludeNodes
struct routerset_t * ExcludeNodes
Definition: or_options_st.h:102
hs_client_send_introduce1
int hs_client_send_introduce1(origin_circuit_t *intro_circ, origin_circuit_t *rend_circ)
Definition: hs_client.c:2079
hs_cache_lookup_as_client
const hs_descriptor_t * hs_cache_lookup_as_client(const ed25519_public_key_t *key)
Definition: hs_cache.c:829
client_dir_fetch_404
static void client_dir_fetch_404(dir_connection_t *dir_conn, const smartlist_t *entry_conns)
Definition: hs_client.c:1508
MAX_INTRO_POINT_REACHABILITY_FAILURES
#define MAX_INTRO_POINT_REACHABILITY_FAILURES
Definition: or.h:1077
LD_REND
#define LD_REND
Definition: log.h:84
escaped
const char * escaped(const char *s)
Definition: escape.c:126
tor_unlink
int tor_unlink(const char *pathname)
Definition: files.c:154
or_options_t::StrictNodes
int StrictNodes
Definition: or_options_st.h:99
hs_cache_remove_as_client
void hs_cache_remove_as_client(const ed25519_public_key_t *key)
Definition: hs_cache.c:896
circuit_change_purpose
void circuit_change_purpose(circuit_t *circ, uint8_t new_purpose)
Definition: circuituse.c:3117
smartlist_del
void smartlist_del(smartlist_t *sl, int idx)
Definition: smartlist_core.c:214
connection_ap_attach_pending
void connection_ap_attach_pending(int retry)
Definition: connection_edge.c:1304
AP_CONN_STATE_RENDDESC_WAIT
#define AP_CONN_STATE_RENDDESC_WAIT
Definition: connection_edge.h:44
connection_t::marked_for_close
uint16_t marked_for_close
Definition: connection_st.h:149
circuit_t
Definition: circuit_st.h:61
nodelist.h
Header file for nodelist.c.
hs_control.h
Header file containing control port event related code.
hs_ident_dir_conn_t
Definition: hs_ident.h:87
hs_descriptor_t
Definition: hs_descriptor.h:226
hs_client_close_intro_circuits_from_desc
void hs_client_close_intro_circuits_from_desc(const hs_descriptor_t *desc)
Definition: hs_client.c:2546
flag_all_conn_wait_desc
static void flag_all_conn_wait_desc(const ed25519_public_key_t *service_identity_pk)
Definition: hs_client.c:172
routerset.h
Header file for routerset.c.
hs_purge_hid_serv_from_last_hid_serv_requests
void hs_purge_hid_serv_from_last_hid_serv_requests(const char *req_key_str)
Definition: hs_common.c:1558
close_all_socks_conns_waiting_for_desc
static void close_all_socks_conns_waiting_for_desc(const ed25519_public_key_t *identity_pk, hs_client_fetch_status_t status, int reason)
Definition: hs_client.c:269
assert_connection_ok
void assert_connection_ok(connection_t *conn, time_t now)
Definition: connection.c:5524
directory_request_is_pending
static int directory_request_is_pending(const ed25519_public_key_t *identity_pk)
Definition: hs_client.c:219
find_client_auth
static hs_client_service_authorization_t * find_client_auth(const ed25519_public_key_t *service_identity_pk)
Definition: hs_client.c:1370
client_desc_missing_bad_client_auth
static void client_desc_missing_bad_client_auth(const smartlist_t *entry_conns, hs_desc_decode_status_t status)
Definition: hs_client.c:1432
rend_client_purge_state
void rend_client_purge_state(void)
Definition: rendclient.c:57
hs_cache_intro_state_t::timed_out
unsigned int timed_out
Definition: hs_cache.h:34
DIGEST256_LEN
#define DIGEST256_LEN
Definition: digest_sizes.h:23
rend_client_rendcirc_has_opened
void rend_client_rendcirc_has_opened(origin_circuit_t *circ)
Definition: rendclient.c:344
hs_cell_parse_rendezvous2
int hs_cell_parse_rendezvous2(const uint8_t *payload, size_t payload_len, uint8_t *handshake_info, size_t handshake_info_len)
Definition: hs_cell.c:1098
extendinfo.h
Header for core/or/extendinfo.c.
hs_cache_intro_state_t::error
unsigned int error
Definition: hs_cache.h:31
tor_cert_describe_signature_status
const char * tor_cert_describe_signature_status(const tor_cert_t *cert)
Definition: torcert.c:279
hs_desc_intro_point_t::onion_key
curve25519_public_key_t onion_key
Definition: hs_descriptor.h:106
fetch_v3_desc
STATIC hs_client_fetch_status_t fetch_v3_desc(const ed25519_public_key_t *onion_identity_pk)
Definition: hs_client.c:467
fetch_status_should_close_socks
static int fetch_status_should_close_socks(hs_client_fetch_status_t status)
Definition: hs_client.c:81
fast_memneq
#define fast_memneq(a, b, c)
Definition: di_ops.h:42
connection_t
Definition: connection_st.h:45
pathbias_mark_use_success
void pathbias_mark_use_success(origin_circuit_t *circ)
Definition: circpathbias.c:661
hs_client_refetch_hsdesc
int hs_client_refetch_hsdesc(const ed25519_public_key_t *identity_pk)
Definition: hs_client.c:2048
hs_ident_dir_conn_t::identity_pk
ed25519_public_key_t identity_pk
Definition: hs_ident.h:90
hs_client_service_authorization_t
Definition: hs_client.h:66
crypto_rand.h
Common functions for using (pseudo-)random number generators.
HS_CLIENT_FETCH_LAUNCHED
@ HS_CLIENT_FETCH_LAUNCHED
Definition: hs_client.h:23
entry_connection_t::socks_request
socks_request_t * socks_request
Definition: entry_connection_st.h:27
get_options
const or_options_t * get_options(void)
Definition: config.c:928
hs_circuitmap_register_rend_circ_client_side
void hs_circuitmap_register_rend_circ_client_side(origin_circuit_t *or_circ, const uint8_t *cookie)
Definition: hs_circuitmap.c:554
origin_circuit_t::build_state
cpath_build_state_t * build_state
Definition: origin_circuit_st.h:123
get_creds_from_client_auth_filename
static hs_client_service_authorization_t * get_creds_from_client_auth_filename(const char *filename, const or_options_t *options)
Definition: hs_client.c:1696
circuitbuild.h
Header file for circuitbuild.c.
TO_EDGE_CONN
edge_connection_t * TO_EDGE_CONN(connection_t *c)
Definition: connection_edge.c:176
hs_get_responsible_hsdirs
void hs_get_responsible_hsdirs(const ed25519_public_key_t *blinded_pk, uint64_t time_period_num, int use_second_hsdir_index, int for_fetching, smartlist_t *responsible_dirs)
Definition: hs_common.c:1341
client_dir_fetch_400
static void client_dir_fetch_400(dir_connection_t *dir_conn, const char *reason)
Definition: hs_client.c:1532
connection_edge_is_rendezvous_stream
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
Definition: connection_edge.c:4412
origin_circuit_t::remaining_relay_early_cells
unsigned int remaining_relay_early_cells
Definition: origin_circuit_st.h:149
directory_request_set_resource
void directory_request_set_resource(directory_request_t *req, const char *resource)
Definition: dirclient.c:1045
fetch_status_to_string
static const char * fetch_status_to_string(hs_client_fetch_status_t status)
Definition: hs_client.c:56
hs_client_dir_info_changed
void hs_client_dir_info_changed(void)
Definition: hs_client.c:2604
extend_info_st.h
Extend-info structure.
CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
Definition: circuitlist.h:81
curve25519_public_key_t
Definition: crypto_curve25519.h:24
socks_mark_rend_circuit_timed_out
static void socks_mark_rend_circuit_timed_out(const origin_circuit_t *rend_circ)
Definition: hs_client.c:1013
DIR_PURPOSE_HAS_FETCHED_HSDESC
#define DIR_PURPOSE_HAS_FETCHED_HSDESC
Definition: directory.h:78
purge_ephemeral_client_auth
STATIC void purge_ephemeral_client_auth(void)
Definition: hs_client.c:1352
hs_control_desc_event_received
void hs_control_desc_event_received(const hs_ident_dir_conn_t *ident, const char *hsdir_id_digest)
Definition: hs_control.c:89
CIRCUIT_PURPOSE_C_REND_READY
#define CIRCUIT_PURPOSE_C_REND_READY
Definition: circuitlist.h:85
connection.h
Header file for connection.c.
extend_info_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: extend_info_st.h:31
directory_request_new
directory_request_t * directory_request_new(uint8_t dir_purpose)
Definition: dirclient.c:948
hs_client_service_authorization_t::enc_seckey
curve25519_secret_key_t enc_seckey
Definition: hs_client.h:69
hs_get_extend_info_from_lspecs
extend_info_t * hs_get_extend_info_from_lspecs(const smartlist_t *lspecs, const curve25519_public_key_t *onion_key, int direct_conn)
Definition: hs_common.c:1714
hs_subcredential_t
Definition: hs_ntor.h:43
stream_end_reason_to_string
const char * stream_end_reason_to_string(int reason)
Definition: reasons.c:64
hs_client_decode_descriptor
hs_desc_decode_status_t hs_client_decode_descriptor(const char *desc_str, const ed25519_public_key_t *service_identity_pk, hs_descriptor_t **desc)
Definition: hs_client.c:1968
hs_ident_circuit_t
Definition: hs_ident.h:42
curve25519_secret_key_t
Definition: crypto_curve25519.h:33
dirclient.h
Header file for dirclient.c.
node_supports_v3_rendezvous_point
bool node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1190
CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
Definition: circuitlist.h:88
hs_cell_parse_introduce_ack
int hs_cell_parse_introduce_ack(const uint8_t *payload, size_t payload_len)
Definition: hs_cell.c:1063
safe_str_client_opts
const char * safe_str_client_opts(const or_options_t *options, const char *address)
Definition: config.c:1081
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
hs_client_free_all
void hs_client_free_all(void)
Definition: hs_client.c:2572
origin_circuit_t::rend_data
rend_data_t * rend_data
Definition: origin_circuit_st.h:132
hs_get_time_period_num
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:270
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
socks_mark_introduction_failed
static void socks_mark_introduction_failed(entry_connection_t *conn, const ed25519_public_key_t *identity_pk)
Definition: hs_client.c:1037
hs_client_circuit_cleanup_on_close
void hs_client_circuit_cleanup_on_close(const circuit_t *circ)
Definition: hs_client.c:1861
hs_ident_circuit_t::rendezvous_cookie
uint8_t rendezvous_cookie[HS_REND_COOKIE_LEN]
Definition: hs_ident.h:60
hs_cache_client_intro_state_find
const hs_cache_intro_state_t * hs_cache_client_intro_state_find(const ed25519_public_key_t *service_pk, const ed25519_public_key_t *auth_key)
Definition: hs_cache.c:979
client_intro_circ_has_opened
static void client_intro_circ_has_opened(origin_circuit_t *circ)
Definition: hs_client.c:752
HS_VERSION_THREE
#define HS_VERSION_THREE
Definition: hs_common.h:26
connection_t::timestamp_last_write_allowed
time_t timestamp_last_write_allowed
Definition: connection_st.h:106
dir_connection_st.h
Client/server directory connection structure.
directory_request_fetch_set_hs_ident
void directory_request_fetch_set_hs_ident(directory_request_t *req, const hs_ident_dir_conn_t *ident)
Definition: dirclient.c:1125
MAP_DEL_CURRENT
#define MAP_DEL_CURRENT(keyvar)
Definition: map.h:140
client_rendezvous_circ_has_opened
static void client_rendezvous_circ_has_opened(origin_circuit_t *circ)
Definition: hs_client.c:771
hs_ntor_rend_cell_keys_t
Definition: hs_ntor.h:30
hs_desc_encrypted_data_t::intro_points
smartlist_t * intro_points
Definition: hs_descriptor.h:171
hs_descriptor_t::encrypted_data
hs_desc_encrypted_data_t encrypted_data
Definition: hs_descriptor.h:238
edge_connection_t
Definition: edge_connection_st.h:21
client_get_random_intro
STATIC extend_info_t * client_get_random_intro(const ed25519_public_key_t *service_pk)
Definition: hs_client.c:870
client_dir_fetch_200
static void client_dir_fetch_200(dir_connection_t *dir_conn, const smartlist_t *entry_conns, const char *body)
Definition: hs_client.c:1456
hs_cache_intro_state_t::unreachable_count
uint32_t unreachable_count
Definition: hs_cache.h:37
hs_build_blinded_pubkey
void hs_build_blinded_pubkey(const ed25519_public_key_t *pk, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, ed25519_public_key_t *blinded_pk_out)
Definition: hs_common.c:1045
TO_DIR_CONN
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:89
hs_ntor.h
Header for hs_ntor.c.
hs_circuitmap.h
Header file for hs_circuitmap.c.
hs_client_register_auth_credentials
hs_client_register_auth_status_t hs_client_register_auth_credentials(hs_client_service_authorization_t *creds)
Definition: hs_client.c:1646
client_desc_has_arrived
static void client_desc_has_arrived(const smartlist_t *entry_conns)
Definition: hs_client.c:1384
or_options_t::ClientOnionAuthDir
char * ClientOnionAuthDir
Definition: or_options_st.h:411
find_desc_intro_point_by_ident
static const hs_desc_intro_point_t * find_desc_intro_point_by_ident(const hs_ident_circuit_t *ident, const hs_descriptor_t *desc)
Definition: hs_client.c:532
handle_introduce_ack_bad
static void handle_introduce_ack_bad(origin_circuit_t *circ, int status)
Definition: hs_client.c:1161
config.h
Header file for config.c.
rend_client_introcirc_has_opened
void rend_client_introcirc_has_opened(origin_circuit_t *circ)
Definition: rendclient.c:68
retry_all_socks_conn_waiting_for_desc
STATIC void retry_all_socks_conn_waiting_for_desc(void)
Definition: hs_client.c:299
hs_ident_edge_conn_t
Definition: hs_ident.h:103
can_client_refetch_desc
static unsigned int can_client_refetch_desc(const ed25519_public_key_t *identity_pk, hs_client_fetch_status_t *status_out)
Definition: hs_client.c:1285
hs_descriptor_t::subcredential
hs_subcredential_t subcredential
Definition: hs_descriptor.h:242
send_introduce1
static int send_introduce1(origin_circuit_t *intro_circ, origin_circuit_t *rend_circ)
Definition: hs_client.c:596
connection_t::timestamp_created
time_t timestamp_created
Definition: connection_st.h:109
hs_parse_address
int hs_parse_address(const char *address, ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out)
Definition: hs_common.c:958
connection_t::state
uint8_t state
Definition: connection_st.h:49
origin_circuit_t::hs_ident
struct hs_ident_circuit_t * hs_ident
Definition: origin_circuit_st.h:136
origin_circuit_t::p_streams
edge_connection_t * p_streams
Definition: origin_circuit_st.h:84
TO_CIRCUIT
#define TO_CIRCUIT(x)
Definition: or.h:965
edge_connection_t::next_stream
struct edge_connection_t * next_stream
Definition: edge_connection_st.h:24
or_options_t
Definition: or_options_st.h:45
tor_cert_t::signed_key
ed25519_public_key_t signed_key
Definition: torcert.h:30
TO_CONN
#define TO_CONN(c)
Definition: or.h:736
STATIC
#define STATIC
Definition: testsupport.h:32
hs_ident_edge_conn_t::identity_pk
ed25519_public_key_t identity_pk
Definition: hs_ident.h:106
find_and_remove_client_auth_creds_file
static void find_and_remove_client_auth_creds_file(const hs_client_service_authorization_t *cred)
Definition: hs_client.c:1765
dir_connection_t
Definition: dir_connection_st.h:21
router_have_minimum_dir_info
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2346
hs_client_reextend_intro_circuit
int hs_client_reextend_intro_circuit(origin_circuit_t *circ)
Definition: hs_client.c:2497
hs_circuit.h
Header file containing circuit data for the whole HS subsytem.
entry_connection_t
Definition: entry_connection_st.h:19
CURVE25519_SECKEY_LEN
#define CURVE25519_SECKEY_LEN
Definition: x25519_sizes.h:22
DIRIND_ANONYMOUS
@ DIRIND_ANONYMOUS
Definition: dirclient.h:39
directory_request_t
struct directory_request_t directory_request_t
Definition: dirclient.h:52
hs_get_subcredential
void hs_get_subcredential(const ed25519_public_key_t *identity_pk, const ed25519_public_key_t *blinded_pk, hs_subcredential_t *subcred_out)
Definition: hs_common.c:816
origin_circuit_st.h
Origin circuit structure.
connection_t::timestamp_last_read_allowed
time_t timestamp_last_read_allowed
Definition: connection_st.h:104
CONN_IS_EDGE
#define CONN_IS_EDGE(x)
Definition: connection_st.h:183
hs_desc_intro_point_t
Definition: hs_descriptor.h:99
HS_CLIENT_FETCH_PENDING
@ HS_CLIENT_FETCH_PENDING
Definition: hs_client.h:33
hs_descriptor.h
Header file for hs_descriptor.c.
smartlist_t
Definition: smartlist_core.h:26
HS_SERVICE_ADDR_LEN_BASE32
#define HS_SERVICE_ADDR_LEN_BASE32
Definition: hs_common.h:83
rendclient.h
Header file for rendclient.c.
hs_ident_circuit_t::intro_enc_pk
curve25519_public_key_t intro_enc_pk
Definition: hs_ident.h:55
directory_request_set_indirection
void directory_request_set_indirection(directory_request_t *req, dir_indirection_t indirection)
Definition: dirclient.c:1032
CIRCUIT_PURPOSE_C_INTRODUCING
#define CIRCUIT_PURPOSE_C_INTRODUCING
Definition: circuitlist.h:75
EDGE_TO_ENTRY_CONN
entry_connection_t * EDGE_TO_ENTRY_CONN(edge_connection_t *c)
Definition: connection_edge.c:227
hs_ident_circuit_t::rendezvous_client_kp
curve25519_keypair_t rendezvous_client_kp
Definition: hs_ident.h:72
check_private_dir
int check_private_dir(const char *dirname, cpd_check_t check, const char *effective_user)
Definition: dir.c:71
extend_info_t
Definition: extend_info_st.h:27
tor_listdir
smartlist_t * tor_listdir(const char *dirname)
Definition: dir.c:307
directory_launch_v3_desc_fetch
static hs_client_fetch_status_t directory_launch_v3_desc_fetch(const ed25519_public_key_t *onion_identity_pk, const routerstatus_t *hsdir)
Definition: hs_client.c:378
hs_client_remove_auth_credentials
hs_client_removal_auth_status_t hs_client_remove_auth_credentials(const char *hsaddress)
Definition: hs_client.c:1815
or.h
Master header file for Tor-specific functionality.
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72
handle_introduce_ack
static int handle_introduce_ack(origin_circuit_t *circ, const uint8_t *payload, size_t payload_len)
Definition: hs_client.c:1184
hs_client_service_authorization_t::onion_address
char onion_address[HS_SERVICE_ADDR_LEN_BASE32+1]
Definition: hs_client.h:72
auth_key_filename_is_valid
STATIC int auth_key_filename_is_valid(const char *filename)
Definition: hs_client.c:2189