Tor  0.4.5.0-alpha-dev
Macros | Functions | Variables
hs_common.c File Reference

Contains code shared between different HS protocol version as well as useful data structures and accessors used by other subsystems. The rendcommon.c should only contains code relating to the v2 protocol. More...

#include "core/or/or.h"
#include "app/config/config.h"
#include "core/or/circuitbuild.h"
#include "core/or/policies.h"
#include "core/or/extendinfo.h"
#include "feature/dirauth/shared_random_state.h"
#include "feature/hs/hs_cache.h"
#include "feature/hs/hs_circuitmap.h"
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_common.h"
#include "feature/hs/hs_dos.h"
#include "feature/hs/hs_ob.h"
#include "feature/hs/hs_ident.h"
#include "feature/hs/hs_service.h"
#include "feature/hs_common/shared_random_client.h"
#include "feature/nodelist/describe.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerset.h"
#include "feature/rend/rendcommon.h"
#include "feature/rend/rendservice.h"
#include "feature/relay/routermode.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "core/or/edge_connection_st.h"
#include "feature/nodelist/networkstatus_st.h"
#include "feature/nodelist/node_st.h"
#include "core/or/origin_circuit_st.h"
#include "feature/nodelist/routerstatus_st.h"
#include "trunnel/ed25519_cert.h"

Go to the source code of this file.

Macros

#define HS_COMMON_PRIVATE
 
#define MAX_REND_FAILURES_DEFAULT   2
 
#define MAX_REND_FAILURES_MIN   1
 
#define MAX_REND_FAILURES_MAX   10
 

Functions

static int set_unix_port (edge_connection_t *conn, rend_service_port_config_t *p)
 
static int add_unix_port (smartlist_t *ports, rend_service_port_config_t *p)
 
static int compare_digest_to_fetch_hsdir_index (const void *_key, const void **_member)
 
static int compare_digest_to_store_first_hsdir_index (const void *_key, const void **_member)
 
static int compare_digest_to_store_second_hsdir_index (const void *_key, const void **_member)
 
static int compare_node_fetch_hsdir_index (const void **a, const void **b)
 
static int compare_node_store_first_hsdir_index (const void **a, const void **b)
 
static int compare_node_store_second_hsdir_index (const void **a, const void **b)
 
char * hs_path_from_filename (const char *directory, const char *filename)
 
int hs_check_service_private_dir (const char *username, const char *path, unsigned int dir_group_readable, unsigned int create)
 
int hs_get_service_max_rend_failures (void)
 
STATIC uint64_t get_time_period_length (void)
 
uint64_t hs_get_time_period_num (time_t now)
 
uint64_t hs_get_next_time_period_num (time_t now)
 
uint64_t hs_get_previous_time_period_num (time_t now)
 
time_t hs_get_start_time_of_next_time_period (time_t now)
 
static rend_data_trend_data_alloc (uint32_t version)
 
void rend_data_free_ (rend_data_t *data)
 
rend_data_trend_data_dup (const rend_data_t *data)
 
static int compute_desc_id (rend_data_t *rend_data)
 
rend_data_trend_data_service_create (const char *onion_address, const char *pk_digest, const uint8_t *cookie, rend_auth_type_t auth_type)
 
rend_data_trend_data_client_create (const char *onion_address, const char *desc_id, const char *cookie, rend_auth_type_t auth_type)
 
const char * rend_data_get_address (const rend_data_t *rend_data)
 
const char * rend_data_get_desc_id (const rend_data_t *rend_data, uint8_t replica, size_t *len_out)
 
const uint8_t * rend_data_get_pk_digest (const rend_data_t *rend_data, size_t *len_out)
 
static void compute_disaster_srv (uint64_t time_period_num, uint8_t *srv_out)
 
STATIC void get_disaster_srv (uint64_t time_period_num, uint8_t *srv_out)
 
static void build_blinded_key_param (const ed25519_public_key_t *pubkey, const uint8_t *secret, size_t secret_len, uint64_t period_num, uint64_t period_length, uint8_t *param_out)
 
static void build_hs_checksum (const ed25519_public_key_t *key, uint8_t version, uint8_t *checksum_out)
 
static void build_hs_address (const ed25519_public_key_t *key, const uint8_t *checksum, uint8_t version, char *addr_out)
 
static void hs_parse_address_impl (const char *address, ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out)
 
void hs_get_subcredential (const ed25519_public_key_t *identity_pk, const ed25519_public_key_t *blinded_pk, hs_subcredential_t *subcred_out)
 
int hs_set_conn_addr_port (const smartlist_t *ports, edge_connection_t *conn)
 
int hs_parse_address_no_log (const char *address, ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out, const char **errmsg)
 
int hs_parse_address (const char *address, ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out)
 
int hs_address_is_valid (const char *address)
 
void hs_build_address (const ed25519_public_key_t *key, uint8_t version, char *addr_out)
 
void hs_build_blinded_pubkey (const ed25519_public_key_t *pk, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, ed25519_public_key_t *blinded_pk_out)
 
void hs_build_blinded_keypair (const ed25519_keypair_t *kp, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, ed25519_keypair_t *blinded_kp_out)
 
int hs_in_period_between_tp_and_srv (const networkstatus_t *consensus, time_t now)
 
int hs_service_requires_uptime_circ (const smartlist_t *ports)
 
void hs_build_hs_index (uint64_t replica, const ed25519_public_key_t *blinded_pk, uint64_t period_num, uint8_t *hs_index_out)
 
void hs_build_hsdir_index (const ed25519_public_key_t *identity_pk, const uint8_t *srv_value, uint64_t period_num, uint8_t *hsdir_index_out)
 
uint8_t * hs_get_current_srv (uint64_t time_period_num, const networkstatus_t *ns)
 
uint8_t * hs_get_previous_srv (uint64_t time_period_num, const networkstatus_t *ns)
 
int32_t hs_get_hsdir_n_replicas (void)
 
int32_t hs_get_hsdir_spread_fetch (void)
 
int32_t hs_get_hsdir_spread_store (void)
 
static int node_has_hsdir_index (const node_t *node)
 
void hs_get_responsible_hsdirs (const ed25519_public_key_t *blinded_pk, uint64_t time_period_num, int use_second_hsdir_index, int for_fetching, smartlist_t *responsible_dirs)
 
time_t hs_hsdir_requery_period (const or_options_t *options)
 
STATIC strmap_t * get_last_hid_serv_requests (void)
 
time_t hs_lookup_last_hid_serv_request (routerstatus_t *hs_dir, const char *req_key_str, time_t now, int set)
 
void hs_clean_last_hid_serv_requests (time_t now)
 
void hs_purge_hid_serv_from_last_hid_serv_requests (const char *req_key_str)
 
void hs_purge_last_hid_serv_requests (void)
 
routerstatus_ths_pick_hsdir (smartlist_t *responsible_dirs, const char *req_key_str, bool *is_rate_limited_out)
 
extend_info_ths_get_extend_info_from_lspecs (const smartlist_t *lspecs, const curve25519_public_key_t *onion_key, int direct_conn)
 
void hs_init (void)
 
void hs_free_all (void)
 
void hs_dec_rdv_stream_counter (origin_circuit_t *circ)
 
void hs_inc_rdv_stream_counter (origin_circuit_t *circ)
 
link_specifier_t * link_specifier_dup (const link_specifier_t *src)
 

Variables

static const char * str_ed25519_basepoint
 
static uint8_t cached_disaster_srv [2][DIGEST256_LEN]
 
static uint64_t cached_time_period_nums [2] = {0}
 
static strmap_t * last_hid_serv_requests_ = NULL
 

Detailed Description

Contains code shared between different HS protocol version as well as useful data structures and accessors used by other subsystems. The rendcommon.c should only contains code relating to the v2 protocol.

Definition in file hs_common.c.

Function Documentation

◆ build_blinded_key_param()

static void build_blinded_key_param ( const ed25519_public_key_t pubkey,
const uint8_t *  secret,
size_t  secret_len,
uint64_t  period_num,
uint64_t  period_length,
uint8_t *  param_out 
)
static

When creating a blinded key, we need a parameter which construction is as follow: H(pubkey | [secret] | ed25519-basepoint | nonce).

The nonce has a pre-defined format which uses the time period number period_num and the start of the period in second start_time_period.

The secret of size secret_len is optional meaning that it can be NULL and thus will be ignored for the param construction.

The result is put in param_out.

Definition at line 687 of file hs_common.c.

Referenced by hs_build_blinded_keypair(), and hs_build_blinded_pubkey().

◆ build_hs_address()

static void build_hs_address ( const ed25519_public_key_t key,
const uint8_t *  checksum,
uint8_t  version,
char *  addr_out 
)
static

Using an ed25519 public key, checksum and version to build the binary representation of a service address. Put in addr_out. Format is: addr_out = PUBKEY || CHECKSUM || VERSION

addr_out must be large enough to receive HS_SERVICE_ADDR_LEN bytes.

Definition at line 763 of file hs_common.c.

Referenced by hs_build_address().

◆ build_hs_checksum()

static void build_hs_checksum ( const ed25519_public_key_t key,
uint8_t  version,
uint8_t *  checksum_out 
)
static

Using an ed25519 public key and version to build the checksum of an address. Put in checksum_out. Format is: SHA3-256(".onion checksum" || PUBKEY || VERSION)

checksum_out must be large enough to receive 32 bytes (DIGEST256_LEN).

Definition at line 736 of file hs_common.c.

Referenced by hs_address_is_valid(), and hs_build_address().

◆ compare_digest_to_fetch_hsdir_index()

static int compare_digest_to_fetch_hsdir_index ( const void *  _key,
const void **  _member 
)
static

Helper function: The key is a digest that we compare to a node_t object current hsdir_index.

Definition at line 114 of file hs_common.c.

◆ compare_digest_to_store_first_hsdir_index()

static int compare_digest_to_store_first_hsdir_index ( const void *  _key,
const void **  _member 
)
static

Helper function: The key is a digest that we compare to a node_t object next hsdir_index.

Definition at line 124 of file hs_common.c.

◆ compare_digest_to_store_second_hsdir_index()

static int compare_digest_to_store_second_hsdir_index ( const void *  _key,
const void **  _member 
)
static

Helper function: The key is a digest that we compare to a node_t object next hsdir_index.

Definition at line 135 of file hs_common.c.

◆ compare_node_fetch_hsdir_index()

static int compare_node_fetch_hsdir_index ( const void **  a,
const void **  b 
)
static

Helper function: Compare two node_t objects current hsdir_index.

Definition at line 145 of file hs_common.c.

◆ compare_node_store_first_hsdir_index()

static int compare_node_store_first_hsdir_index ( const void **  a,
const void **  b 
)
static

Helper function: Compare two node_t objects next hsdir_index.

Definition at line 156 of file hs_common.c.

◆ compare_node_store_second_hsdir_index()

static int compare_node_store_second_hsdir_index ( const void **  a,
const void **  b 
)
static

Helper function: Compare two node_t objects next hsdir_index.

Definition at line 167 of file hs_common.c.

◆ compute_desc_id()

static int compute_desc_id ( rend_data_t rend_data)
static

Compute the descriptor ID for each HS descriptor replica and save them. A valid onion address must be present in the rend_data.

Return 0 on success else -1.

Definition at line 420 of file hs_common.c.

◆ compute_disaster_srv()

static void compute_disaster_srv ( uint64_t  time_period_num,
uint8_t *  srv_out 
)
static

Using the given time period number, compute the disaster shared random value and put it in srv_out. It MUST be at least DIGEST256_LEN bytes.

Definition at line 591 of file hs_common.c.

◆ get_disaster_srv()

STATIC void get_disaster_srv ( uint64_t  time_period_num,
uint8_t *  srv_out 
)

Compute the disaster SRV value for this time_period_num and put it in srv_out (of size at least DIGEST256_LEN). First check our caches to see if we have already computed it.

Definition at line 635 of file hs_common.c.

◆ get_last_hid_serv_requests()

STATIC strmap_t* get_last_hid_serv_requests ( void  )

Returns last_hid_serv_requests_, initializing it to a new strmap if necessary.

Definition at line 1482 of file hs_common.c.

Referenced by hs_clean_last_hid_serv_requests(), hs_lookup_last_hid_serv_request(), and hs_purge_hid_serv_from_last_hid_serv_requests().

◆ get_time_period_length()

STATIC uint64_t get_time_period_length ( void  )

Get the default HS time period length in minutes from the consensus.

Definition at line 244 of file hs_common.c.

Referenced by hs_build_blinded_keypair(), hs_build_blinded_pubkey(), hs_get_start_time_of_next_time_period(), and hs_get_time_period_num().

◆ hs_address_is_valid()

int hs_address_is_valid ( const char *  address)

Validate a given onion address. The length, the base32 decoding, and checksum are validated. Return 1 if valid else 0.

Definition at line 974 of file hs_common.c.

Referenced by connection_control_closed(), handle_control_hspost(), and hs_build_address().

◆ hs_build_address()

void hs_build_address ( const ed25519_public_key_t key,
uint8_t  version,
char *  addr_out 
)

Build a service address using an ed25519 public key and a given version. The returned address is base32 encoded and put in addr_out. The caller MUST make sure the addr_out is at least HS_SERVICE_ADDR_LEN_BASE32 + 1 long.

Format is as follows: base32(PUBKEY || CHECKSUM || VERSION) CHECKSUM = H(".onion checksum" || PUBKEY || VERSION)

Definition at line 1019 of file hs_common.c.

Referenced by client_get_random_intro(), hs_control_desc_event_content(), hs_control_desc_event_failed(), hs_control_desc_event_received(), hs_control_desc_event_requested(), and hs_control_desc_event_uploaded().

◆ hs_build_blinded_keypair()

void hs_build_blinded_keypair ( const ed25519_keypair_t kp,
const uint8_t *  secret,
size_t  secret_len,
uint64_t  time_period_num,
ed25519_keypair_t blinded_kp_out 
)

From a given ed25519 keypair kp and an optional secret, compute a blinded keypair for the current time period and put it in blinded_kp_out. This is only useful by the service side because the client doesn't have access to the identity secret key.

Definition at line 1069 of file hs_common.c.

Referenced by build_service_desc_keys().

◆ hs_build_blinded_pubkey()

void hs_build_blinded_pubkey ( const ed25519_public_key_t pk,
const uint8_t *  secret,
size_t  secret_len,
uint64_t  time_period_num,
ed25519_public_key_t blinded_pk_out 
)

From a given ed25519 public key pk and an optional secret, compute a blinded public key and put it in blinded_pk_out. This is only useful to the client side because the client only has access to the identity public key of the service.

Definition at line 1045 of file hs_common.c.

Referenced by build_subcredential(), directory_launch_v3_desc_fetch(), hs_client_decode_descriptor(), pick_hsdir_v3(), and purge_hid_serv_request().

◆ hs_build_hs_index()

void hs_build_hs_index ( uint64_t  replica,
const ed25519_public_key_t blinded_pk,
uint64_t  period_num,
uint8_t *  hs_index_out 
)

Build hs_index which is used to find the responsible hsdirs. This index value is used to select the responsible HSDir where their hsdir_index is closest to this value. SHA3-256("store-at-idx" | blinded_public_key | INT_8(replicanum) | INT_8(period_length) | INT_8(period_num) )

hs_index_out must be large enough to receive DIGEST256_LEN bytes.

Definition at line 1154 of file hs_common.c.

◆ hs_build_hsdir_index()

void hs_build_hsdir_index ( const ed25519_public_key_t identity_pk,
const uint8_t *  srv_value,
uint64_t  period_num,
uint8_t *  hsdir_index_out 
)

Build hsdir_index which is used to find the responsible hsdirs. This is the index value that is compare to the hs_index when selecting an HSDir. SHA3-256("node-idx" | node_identity | shared_random_value | INT_8(period_length) | INT_8(period_num) )

hsdir_index_out must be large enough to receive DIGEST256_LEN bytes.

Definition at line 1195 of file hs_common.c.

◆ hs_check_service_private_dir()

int hs_check_service_private_dir ( const char *  username,
const char *  path,
unsigned int  dir_group_readable,
unsigned int  create 
)

Make sure that the directory for service is private, using the config username.

If create is true:

  • if the directory exists, change permissions if needed,
  • if the directory does not exist, create it with the correct permissions. If create is false:
  • if the directory exists, check permissions,
  • if the directory does not exist, check if we think we can create it. Return 0 on success, -1 on failure.

Definition at line 201 of file hs_common.c.

Referenced by load_service_keys().

◆ hs_clean_last_hid_serv_requests()

void hs_clean_last_hid_serv_requests ( time_t  now)

Clean the history of request times to hidden service directories, so that it does not contain requests older than REND_HID_SERV_DIR_REQUERY_PERIOD seconds any more.

Definition at line 1529 of file hs_common.c.

◆ hs_dec_rdv_stream_counter()

void hs_dec_rdv_stream_counter ( origin_circuit_t circ)

For the given origin circuit circ, decrement the number of rendezvous stream counter. This handles every hidden service version.

Definition at line 1840 of file hs_common.c.

◆ hs_free_all()

void hs_free_all ( void  )

Release and cleanup all memory of the HS subsystem (all version). This is called by tor_free_all().

Definition at line 1828 of file hs_common.c.

◆ hs_get_current_srv()

uint8_t* hs_get_current_srv ( uint64_t  time_period_num,
const networkstatus_t ns 
)

Return a newly allocated buffer containing the current shared random value or if not present, a disaster value is computed using the given time period number. If a consensus is provided in ns, use it to get the SRV value. This function can't fail.

Definition at line 1234 of file hs_common.c.

◆ hs_get_extend_info_from_lspecs()

extend_info_t* hs_get_extend_info_from_lspecs ( const smartlist_t lspecs,
const curve25519_public_key_t onion_key,
int  direct_conn 
)

Given a list of link specifiers lspecs, a curve 25519 onion_key, and a direct connection boolean direct_conn (true for single onion services), return a newly allocated extend_info_t object.

This function always returns an extend info with a valid IP address and ORPort, or NULL. If direct_conn is false, the IP address is always IPv4.

It performs the following checks: if there is no usable IP address, or legacy ID is missing, return NULL. if direct_conn, and we can't reach any IP address, return NULL.

Definition at line 1714 of file hs_common.c.

Referenced by desc_intro_point_to_extend_info(), and launch_rendezvous_point_circuit().

◆ hs_get_hsdir_n_replicas()

int32_t hs_get_hsdir_n_replicas ( void  )

Return the number of replicas defined by a consensus parameter or the default value.

Definition at line 1269 of file hs_common.c.

◆ hs_get_hsdir_spread_fetch()

int32_t hs_get_hsdir_spread_fetch ( void  )

Return the spread fetch value defined by a consensus parameter or the default value.

Definition at line 1279 of file hs_common.c.

◆ hs_get_hsdir_spread_store()

int32_t hs_get_hsdir_spread_store ( void  )

Return the spread store value defined by a consensus parameter or the default value.

Definition at line 1289 of file hs_common.c.

◆ hs_get_next_time_period_num()

uint64_t hs_get_next_time_period_num ( time_t  now)

Get the number of the upcoming HS time period, given that the current time is now. If now is not set, we try to get the time from a live consensus.

Definition at line 305 of file hs_common.c.

Referenced by build_descriptors_for_new_service(), and hs_get_start_time_of_next_time_period().

◆ hs_get_previous_srv()

uint8_t* hs_get_previous_srv ( uint64_t  time_period_num,
const networkstatus_t ns 
)

Return a newly allocated buffer containing the previous shared random value or if not present, a disaster value is computed using the given time period number. This function can't fail.

Definition at line 1252 of file hs_common.c.

◆ hs_get_previous_time_period_num()

uint64_t hs_get_previous_time_period_num ( time_t  now)

Get the number of the previous HS time period, given that the current time is now. If now is not set, we try to get the time from a live consensus.

Definition at line 314 of file hs_common.c.

Referenced by build_descriptors_for_new_service().

◆ hs_get_responsible_hsdirs()

void hs_get_responsible_hsdirs ( const ed25519_public_key_t blinded_pk,
uint64_t  time_period_num,
int  use_second_hsdir_index,
int  for_fetching,
smartlist_t responsible_dirs 
)

For a given blinded key and time period number, get the responsible HSDir and put their routerstatus_t object in the responsible_dirs list. If 'use_second_hsdir_index' is true, use the second hsdir_index of the node_t is used. If 'for_fetching' is true, the spread fetch consensus parameter is used else the spread store is used which is only for upload. This function can't fail but it is possible that the responsible_dirs list contains fewer nodes than expected.

This function goes over the latest consensus routerstatus list and sorts it by their node_t hsdir_index then does a binary search to find the closest node. All of this makes it a bit CPU intensive so use it wisely.

Definition at line 1341 of file hs_common.c.

Referenced by pick_hsdir_v3(), and upload_descriptor_to_all().

◆ hs_get_service_max_rend_failures()

int hs_get_service_max_rend_failures ( void  )

How many times will a hidden service operator attempt to connect to a requested rendezvous point before giving up?

Definition at line 234 of file hs_common.c.

◆ hs_get_start_time_of_next_time_period()

time_t hs_get_start_time_of_next_time_period ( time_t  now)

Return the start time of the upcoming time period based on now. If now is not set, we try to get the time ourselves from a live consensus.

Definition at line 323 of file hs_common.c.

Referenced by hs_in_period_between_tp_and_srv().

◆ hs_get_subcredential()

void hs_get_subcredential ( const ed25519_public_key_t identity_pk,
const ed25519_public_key_t blinded_pk,
hs_subcredential_t subcred_out 
)

Using the given identity public key and a blinded public key, compute the subcredential and put it in subcred_out. This can't fail.

Definition at line 816 of file hs_common.c.

Referenced by build_service_desc_plaintext(), build_subcredential(), and hs_client_decode_descriptor().

◆ hs_get_time_period_num()

uint64_t hs_get_time_period_num ( time_t  now)

Get the HS time period number at time now. If now is not set, we try to get the time ourselves from a live consensus.

Definition at line 270 of file hs_common.c.

Referenced by build_descriptors_for_new_service(), compute_subcredentials(), directory_launch_v3_desc_fetch(), hs_client_decode_descriptor(), hs_get_next_time_period_num(), hs_get_previous_time_period_num(), pick_hsdir_v3(), and purge_hid_serv_request().

◆ hs_hsdir_requery_period()

time_t hs_hsdir_requery_period ( const or_options_t options)

Return the period for which a hidden service directory cannot be queried for the same descriptor ID again, taking TestingTorNetwork into account.

Definition at line 1452 of file hs_common.c.

Referenced by hs_clean_last_hid_serv_requests().

◆ hs_in_period_between_tp_and_srv()

int hs_in_period_between_tp_and_srv ( const networkstatus_t consensus,
time_t  now 
)

Return true if we are currently in the time segment between a new time period and a new SRV (in the real network that happens between 12:00 and 00:00 UTC). Here is a diagram showing exactly when this returns true:

+---------------------------------------------------------------—+ | | | 00:00 12:00 00:00 12:00 00:00 12:00 | | SRV#1 TP#1 SRV#2 TP#2 SRV#3 TP#3 | | | | $==========|--------—$===========|--------—$===========| | | ^^^^^^^^^^^^ ^^^^^^^^^^^^ | | | +---------------------------------------------------------------—+

Definition at line 1105 of file hs_common.c.

Referenced by build_descriptors_for_new_service().

◆ hs_inc_rdv_stream_counter()

void hs_inc_rdv_stream_counter ( origin_circuit_t circ)

For the given origin circuit circ, increment the number of rendezvous stream counter. This handles every hidden service version.

Definition at line 1857 of file hs_common.c.

◆ hs_init()

void hs_init ( void  )

Initialize the entire HS subsytem. This is called in tor_init() before any torrc options are loaded. Only for >= v3.

Definition at line 1818 of file hs_common.c.

Referenced by tor_init().

◆ hs_lookup_last_hid_serv_request()

time_t hs_lookup_last_hid_serv_request ( routerstatus_t hs_dir,
const char *  req_key_str,
time_t  now,
int  set 
)

Look up the last request time to hidden service directory hs_dir for descriptor request key req_key_str which is the descriptor ID for a v2 service or the blinded key for v3. If set is non-zero, assign the current time now and return that. Otherwise, return the most recent request time, or 0 if no such request has been sent before.

Definition at line 1495 of file hs_common.c.

◆ hs_parse_address()

int hs_parse_address ( const char *  address,
ed25519_public_key_t key_out,
uint8_t *  checksum_out,
uint8_t *  version_out 
)

Same has hs_parse_address_no_log() but emits a log warning on parsing failure.

Definition at line 958 of file hs_common.c.

Referenced by hs_address_is_valid(), and hs_service_del_ephemeral().

◆ hs_parse_address_impl()

static void hs_parse_address_impl ( const char *  address,
ed25519_public_key_t key_out,
uint8_t *  checksum_out,
uint8_t *  version_out 
)
static

Helper for hs_parse_address(): Using a binary representation of a service address, parse its content into the key_out, checksum_out and version_out. Any out variable can be NULL in case the caller would want only one field. checksum_out MUST at least be 2 bytes long. address must be at least HS_SERVICE_ADDR_LEN bytes but doesn't need to be NUL terminated.

Definition at line 786 of file hs_common.c.

Referenced by hs_parse_address_no_log().

◆ hs_parse_address_no_log()

int hs_parse_address_no_log ( const char *  address,
ed25519_public_key_t key_out,
uint8_t *  checksum_out,
uint8_t *  version_out,
const char **  errmsg 
)

Using a base32 representation of a service address, parse its content into the key_out, checksum_out and version_out. Any out variable can be NULL in case the caller would want only one field. checksum_out MUST at least be 2 bytes long.

Return 0 if parsing went well; return -1 in case of error and if errmsg is non NULL, a human readable string message is set.

Definition at line 918 of file hs_common.c.

Referenced by hs_parse_address().

◆ hs_path_from_filename()

char* hs_path_from_filename ( const char *  directory,
const char *  filename 
)

Allocate and return a string containing the path to filename in directory. This function will never return NULL. The caller must free this path.

Definition at line 179 of file hs_common.c.

Referenced by get_client_auth_creds_filename(), hs_ob_parse_config_file(), load_client_keys(), load_service_keys(), service_add_fnames_to_list(), and service_key_on_disk().

◆ hs_pick_hsdir()

routerstatus_t* hs_pick_hsdir ( smartlist_t responsible_dirs,
const char *  req_key_str,
bool *  is_rate_limited_out 
)

Given the list of responsible HSDirs in responsible_dirs, pick the one that we should use to fetch a descriptor right now. Take into account previous failed attempts at fetching this descriptor from HSDirs using the string identifier req_key_str. We return whether we are rate limited into *is_rate_limited_out if it is not NULL.

Steals ownership of responsible_dirs.

Return the routerstatus of the chosen HSDir if successful, otherwise return NULL if no HSDirs are worth trying right now.

Definition at line 1627 of file hs_common.c.

◆ hs_purge_hid_serv_from_last_hid_serv_requests()

void hs_purge_hid_serv_from_last_hid_serv_requests ( const char *  req_key_str)

Remove all requests related to the descriptor request key string req_key_str from the history of times of requests to hidden service directories.

This is called from rend_client_note_connection_attempt_ended(), which must be idempotent, so any future changes to this function must leave it idempotent too.

Definition at line 1558 of file hs_common.c.

Referenced by purge_hid_serv_request(), and purge_v2_hidserv_req().

◆ hs_purge_last_hid_serv_requests()

void hs_purge_last_hid_serv_requests ( void  )

Purge the history of request times to hidden service directories, so that future lookups of an HS descriptor will not fail because we accessed all of the HSDir relays responsible for the descriptor recently.

Definition at line 1599 of file hs_common.c.

Referenced by hs_client_free_all(), and rend_client_purge_state().

◆ hs_service_requires_uptime_circ()

int hs_service_requires_uptime_circ ( const smartlist_t ports)

Return 1 if any virtual port in ports needs a circuit with good uptime. Else return 0.

Definition at line 1133 of file hs_common.c.

Referenced by launch_rendezvous_point_circuit().

◆ hs_set_conn_addr_port()

int hs_set_conn_addr_port ( const smartlist_t ports,
edge_connection_t conn 
)

From the given list of hidden service ports, find the ones that match the given edge connection conn, pick one at random and use it to set the connection address. Return 0 on success or -1 if none.

Definition at line 857 of file hs_common.c.

◆ link_specifier_dup()

link_specifier_t* link_specifier_dup ( const link_specifier_t *  src)

Return a newly allocated link specifier object that is a copy of dst.

Definition at line 1873 of file hs_common.c.

◆ node_has_hsdir_index()

static int node_has_hsdir_index ( const node_t node)
static

node is an HSDir so make sure that we have assigned an hsdir index. Return 0 if everything is as expected, else return -1.

Definition at line 1299 of file hs_common.c.

◆ rend_data_alloc()

static rend_data_t* rend_data_alloc ( uint32_t  version)
static

Create a new rend_data_t for a specific given version. Return a pointer to the newly allocated data structure.

Definition at line 339 of file hs_common.c.

Referenced by rend_data_client_create(), and rend_data_service_create().

◆ rend_data_client_create()

rend_data_t* rend_data_client_create ( const char *  onion_address,
const char *  desc_id,
const char *  cookie,
rend_auth_type_t  auth_type 
)

Allocate and initialize a rend_data_t object for a client request using the given arguments. Either an onion address or a descriptor ID is needed. Both can be given but in this case only the onion address will be used to make the descriptor fetch. The cookie is the rendezvous cookie and auth_type is which authentiation the service is configured with.

Return a valid rend_data_t pointer or NULL on error meaning the descriptor IDs couldn't be computed from the given data.

Definition at line 494 of file hs_common.c.

◆ rend_data_dup()

rend_data_t* rend_data_dup ( const rend_data_t data)

Allocate and return a deep copy of data.

Definition at line 387 of file hs_common.c.

◆ rend_data_free_()

void rend_data_free_ ( rend_data_t data)

Free all storage associated with data

Definition at line 362 of file hs_common.c.

◆ rend_data_get_address()

const char* rend_data_get_address ( const rend_data_t rend_data)

◆ rend_data_get_desc_id()

const char* rend_data_get_desc_id ( const rend_data_t rend_data,
uint8_t  replica,
size_t *  len_out 
)

Return the descriptor ID for a specific replica number from the rend data. The returned data is a binary digest and depending on the version its size can vary. The size of the descriptor ID is put in len_out if non NULL.

Definition at line 547 of file hs_common.c.

◆ rend_data_get_pk_digest()

const uint8_t* rend_data_get_pk_digest ( const rend_data_t rend_data,
size_t *  len_out 
)

Return the public key digest using the given rend_data. The size of the digest is put in len_out (if set) which can differ depending on the version.

Definition at line 569 of file hs_common.c.

Referenced by rend_service_intro_established().

◆ rend_data_service_create()

rend_data_t* rend_data_service_create ( const char *  onion_address,
const char *  pk_digest,
const uint8_t *  cookie,
rend_auth_type_t  auth_type 
)

Allocate and initialize a rend_data_t object for a service using the provided arguments. All arguments are optional (can be NULL), except from onion_address which MUST be set. The pk_digest is the hash of the service private key. The cookie is the rendezvous cookie and auth_type is which authentiation this service is configured with.

Return a valid rend_data_t pointer. This only returns a version 2 object of rend_data_t.

Definition at line 462 of file hs_common.c.

Variable Documentation

◆ cached_disaster_srv

uint8_t cached_disaster_srv[2][DIGEST256_LEN]
static

Due to the high cost of computing the disaster SRV and that potentially we would have to do it thousands of times in a row, we always cache the computer disaster SRV (and its corresponding time period num) in case we want to reuse it soon after. We need to cache two SRVs, one for each active time period.

Definition at line 628 of file hs_common.c.

◆ last_hid_serv_requests_

strmap_t* last_hid_serv_requests_ = NULL
static

Tracks requests for fetching hidden service descriptors. It's used by hidden service clients, to avoid querying HSDirs that have already failed giving back a descriptor. The same data structure is used to track both v2 and v3 HS descriptor requests.

The string map is a key/value store that contains the last request times to hidden service directories for certain queries. Specifically:

key = base32(hsdir_identity) + base32(hs_identity) value = time_t of last request for that hs_identity to that HSDir

where 'hsdir_identity' is the identity digest of the HSDir node, and 'hs_identity' is the descriptor ID of the HS in the v2 case, or the ed25519 blinded public key of the HS in the v3 case.

Definition at line 1477 of file hs_common.c.

Referenced by get_last_hid_serv_requests(), and hs_purge_last_hid_serv_requests().

◆ str_ed25519_basepoint

const char* str_ed25519_basepoint
static
Initial value:
=
"(15112221349535400772501151409588531511"
"454012693041857206046113283949847762202, "
"463168356949264781694283940034751631413"
"07993866256225615783033603165251855960)"

Ed25519 Basepoint value. Taken from section 5 of https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03

Definition at line 51 of file hs_common.c.