tor  0.4.0.0-alpha-dev
Data Structures | Macros | Typedefs | Enumerations | Functions
hs_common.h File Reference
#include "core/or/or.h"
#include "lib/defs/x25519_sizes.h"
#include "trunnel/ed25519_cert.h"

Go to the source code of this file.

Data Structures

struct  rend_service_port_config_t
 

Macros

#define HS_VERSION_TWO   2
 
#define HS_VERSION_THREE   3
 
#define HS_VERSION_MIN   HS_VERSION_TWO
 
#define HS_VERSION_MAX   HS_VERSION_THREE
 
#define NUM_INTRO_POINTS_DEFAULT   3
 
#define NUM_INTRO_POINTS_MAX   10
 
#define NUM_INTRO_POINTS_EXTRA   2
 
#define INTRO_CIRC_RETRY_PERIOD   (60*5)
 
#define MAX_INTRO_CIRCS_PER_PERIOD   10
 
#define MAX_REND_FAILURES   1
 
#define MAX_REND_TIMEOUT   30
 
#define ESTABLISH_INTRO_SIG_PREFIX   "Tor establish-intro cell v1"
 
#define HS_TIME_PERIOD_LENGTH_DEFAULT   1440 /* 1440 minutes == one day */
 
#define HS_TIME_PERIOD_LENGTH_MIN   30 /* minutes */
 
#define HS_TIME_PERIOD_LENGTH_MAX   (60 * 24 * 10) /* 10 days or 14400 minutes */
 
#define HS_SERVICE_ADDR_CHECKSUM_PREFIX   ".onion checksum"
 
#define HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN   (sizeof(HS_SERVICE_ADDR_CHECKSUM_PREFIX) - 1)
 
#define HS_SERVICE_ADDR_CHECKSUM_INPUT_LEN   (HS_SERVICE_ADDR_CHECKSUM_PREFIX_LEN + ED25519_PUBKEY_LEN + sizeof(uint8_t))
 
#define HS_SERVICE_ADDR_CHECKSUM_LEN_USED   2
 
#define HS_SERVICE_ADDR_LEN   (ED25519_PUBKEY_LEN + HS_SERVICE_ADDR_CHECKSUM_LEN_USED + sizeof(uint8_t))
 
#define HS_SERVICE_ADDR_LEN_BASE32   (CEIL_DIV(HS_SERVICE_ADDR_LEN * 8, 5))
 
#define HS_TIME_PERIOD_LENGTH_DEFAULT   1440 /* 1440 minutes == one day */
 
#define HS_TIME_PERIOD_LENGTH_MIN   30 /* minutes */
 
#define HS_TIME_PERIOD_LENGTH_MAX   (60 * 24 * 10) /* 10 days or 14400 minutes */
 
#define HS_TIME_PERIOD_ROTATION_OFFSET   (12 * 60) /* minutes */
 
#define HS_KEYBLIND_NONCE_PREFIX   "key-blind"
 
#define HS_KEYBLIND_NONCE_PREFIX_LEN   (sizeof(HS_KEYBLIND_NONCE_PREFIX) - 1)
 
#define HS_KEYBLIND_NONCE_LEN   (HS_KEYBLIND_NONCE_PREFIX_LEN + sizeof(uint64_t) + sizeof(uint64_t))
 
#define HS_CREDENTIAL_PREFIX   "credential"
 
#define HS_CREDENTIAL_PREFIX_LEN   (sizeof(HS_CREDENTIAL_PREFIX) - 1)
 
#define HS_SUBCREDENTIAL_PREFIX   "subcredential"
 
#define HS_SUBCREDENTIAL_PREFIX_LEN   (sizeof(HS_SUBCREDENTIAL_PREFIX) - 1)
 
#define HS_INDEX_PREFIX   "store-at-idx"
 
#define HS_INDEX_PREFIX_LEN   (sizeof(HS_INDEX_PREFIX) - 1)
 
#define HSDIR_INDEX_PREFIX   "node-idx"
 
#define HSDIR_INDEX_PREFIX_LEN   (sizeof(HSDIR_INDEX_PREFIX) - 1)
 
#define HS_SRV_DISASTER_PREFIX   "shared-random-disaster"
 
#define HS_SRV_DISASTER_PREFIX_LEN   (sizeof(HS_SRV_DISASTER_PREFIX) - 1)
 
#define HS_DEFAULT_HSDIR_N_REPLICAS   2
 
#define HS_DEFAULT_HSDIR_SPREAD_STORE   4
 
#define HS_DEFAULT_HSDIR_SPREAD_FETCH   3
 
#define HS_LEGACY_RENDEZVOUS_CELL_SIZE   (REND_COOKIE_LEN + DH1024_KEY_LEN + DIGEST_LEN)
 
#define rend_data_free(data)   FREE_AND_NULL(rend_data_t, rend_data_free_, (data))
 

Typedefs

typedef struct rend_service_port_config_t rend_service_port_config_t
 

Enumerations

enum  hs_auth_key_type_t { HS_AUTH_KEY_TYPE_LEGACY = 1, HS_AUTH_KEY_TYPE_ED25519 = 2 }
 
enum  hs_service_add_ephemeral_status_t {
  RSAE_BADAUTH = -5, RSAE_BADVIRTPORT = -4, RSAE_ADDREXISTS = -3, RSAE_BADPRIVKEY = -2,
  RSAE_INTERNAL = -1, RSAE_OKAY = 0
}
 

Functions

void hs_init (void)
 
void hs_free_all (void)
 
void hs_cleanup_circ (circuit_t *circ)
 
int hs_check_service_private_dir (const char *username, const char *path, unsigned int dir_group_readable, unsigned int create)
 
int hs_get_service_max_rend_failures (void)
 
char * hs_path_from_filename (const char *directory, const char *filename)
 
void hs_build_address (const struct ed25519_public_key_t *key, uint8_t version, char *addr_out)
 
int hs_address_is_valid (const char *address)
 
int hs_parse_address (const char *address, struct ed25519_public_key_t *key_out, uint8_t *checksum_out, uint8_t *version_out)
 
void hs_build_blinded_pubkey (const struct ed25519_public_key_t *pubkey, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, struct ed25519_public_key_t *pubkey_out)
 
void hs_build_blinded_keypair (const struct ed25519_keypair_t *kp, const uint8_t *secret, size_t secret_len, uint64_t time_period_num, struct ed25519_keypair_t *kp_out)
 
int hs_service_requires_uptime_circ (const smartlist_t *ports)
 
void rend_data_free_ (rend_data_t *data)
 
rend_data_trend_data_dup (const rend_data_t *data)
 
rend_data_trend_data_client_create (const char *onion_address, const char *desc_id, const char *cookie, rend_auth_type_t auth_type)
 
rend_data_trend_data_service_create (const char *onion_address, const char *pk_digest, const uint8_t *cookie, rend_auth_type_t auth_type)
 
const char * rend_data_get_address (const rend_data_t *rend_data)
 
const char * rend_data_get_desc_id (const rend_data_t *rend_data, uint8_t replica, size_t *len_out)
 
const uint8_t * rend_data_get_pk_digest (const rend_data_t *rend_data, size_t *len_out)
 
routerstatus_tpick_hsdir (const char *desc_id, const char *desc_id_base32)
 
void hs_get_subcredential (const struct ed25519_public_key_t *identity_pk, const struct ed25519_public_key_t *blinded_pk, uint8_t *subcred_out)
 
uint64_t hs_get_previous_time_period_num (time_t now)
 
uint64_t hs_get_time_period_num (time_t now)
 
uint64_t hs_get_next_time_period_num (time_t now)
 
time_t hs_get_start_time_of_next_time_period (time_t now)
 
link_specifier_t * hs_link_specifier_dup (const link_specifier_t *lspec)
 
 MOCK_DECL (int, hs_in_period_between_tp_and_srv,(const networkstatus_t *consensus, time_t now))
 
uint8_t * hs_get_current_srv (uint64_t time_period_num, const networkstatus_t *ns)
 
uint8_t * hs_get_previous_srv (uint64_t time_period_num, const networkstatus_t *ns)
 
void hs_build_hsdir_index (const struct ed25519_public_key_t *identity_pk, const uint8_t *srv, uint64_t period_num, uint8_t *hsdir_index_out)
 
void hs_build_hs_index (uint64_t replica, const struct ed25519_public_key_t *blinded_pk, uint64_t period_num, uint8_t *hs_index_out)
 
int32_t hs_get_hsdir_n_replicas (void)
 
int32_t hs_get_hsdir_spread_fetch (void)
 
int32_t hs_get_hsdir_spread_store (void)
 
void hs_get_responsible_hsdirs (const struct ed25519_public_key_t *blinded_pk, uint64_t time_period_num, int use_second_hsdir_index, int for_fetching, smartlist_t *responsible_dirs)
 
routerstatus_ths_pick_hsdir (smartlist_t *responsible_dirs, const char *req_key_str)
 
time_t hs_hsdir_requery_period (const or_options_t *options)
 
time_t hs_lookup_last_hid_serv_request (routerstatus_t *hs_dir, const char *desc_id_base32, time_t now, int set)
 
void hs_clean_last_hid_serv_requests (time_t now)
 
void hs_purge_hid_serv_from_last_hid_serv_requests (const char *desc_id)
 
void hs_purge_last_hid_serv_requests (void)
 
int hs_set_conn_addr_port (const smartlist_t *ports, edge_connection_t *conn)
 
void hs_inc_rdv_stream_counter (origin_circuit_t *circ)
 
void hs_dec_rdv_stream_counter (origin_circuit_t *circ)
 
extend_info_ths_get_extend_info_from_lspecs (const smartlist_t *lspecs, const struct curve25519_public_key_t *onion_key, int direct_conn)
 

Detailed Description

Header file containing common data for the whole HS subsytem.

Definition in file hs_common.h.

Macro Definition Documentation

◆ INTRO_CIRC_RETRY_PERIOD

#define INTRO_CIRC_RETRY_PERIOD   (60*5)

If we can't build our intro circuits, don't retry for this long.

Definition at line 40 of file hs_common.h.

◆ MAX_INTRO_CIRCS_PER_PERIOD

#define MAX_INTRO_CIRCS_PER_PERIOD   10

Don't try to build more than this many circuits before giving up for a while.

Definition at line 43 of file hs_common.h.

◆ MAX_REND_FAILURES

#define MAX_REND_FAILURES   1

How many times will a hidden service operator attempt to connect to a requested rendezvous point before giving up?

Definition at line 46 of file hs_common.h.

◆ MAX_REND_TIMEOUT

#define MAX_REND_TIMEOUT   30

How many seconds should we spend trying to connect to a requested rendezvous point before giving up?

Definition at line 49 of file hs_common.h.

◆ NUM_INTRO_POINTS_DEFAULT

#define NUM_INTRO_POINTS_DEFAULT   3

Try to maintain this many intro points per service by default.

Definition at line 32 of file hs_common.h.

◆ NUM_INTRO_POINTS_EXTRA

#define NUM_INTRO_POINTS_EXTRA   2

Number of extra intro points we launch if our set of intro nodes is empty. See proposal 155, section 4.

Definition at line 37 of file hs_common.h.

Referenced by rend_max_intro_circs_per_period().

◆ NUM_INTRO_POINTS_MAX

#define NUM_INTRO_POINTS_MAX   10

Maximum number of intro points per generic and version 2 service.

Definition at line 34 of file hs_common.h.

Referenced by rend_max_intro_circs_per_period().

Enumeration Type Documentation

◆ hs_service_add_ephemeral_status_t

Enumerator
RSAE_BADAUTH 

Invalid auth_type/auth_clients

RSAE_BADVIRTPORT 

Invalid VIRTPORT/TARGET(s)

RSAE_ADDREXISTS 

Onion address collision

RSAE_BADPRIVKEY 

Invalid public key

RSAE_INTERNAL 

Internal error

RSAE_OKAY 

Service added as expected

Definition at line 140 of file hs_common.h.

Function Documentation

◆ hs_clean_last_hid_serv_requests()

void hs_clean_last_hid_serv_requests ( time_t  now)

Clean the history of request times to hidden service directories, so that it does not contain requests older than REND_HID_SERV_DIR_REQUERY_PERIOD seconds any more.

Definition at line 1519 of file hs_common.c.

References get_last_hid_serv_requests(), hs_hsdir_requery_period(), and tor_free.

Referenced by hs_pick_hsdir().

◆ hs_get_next_time_period_num()

uint64_t hs_get_next_time_period_num ( time_t  now)

Get the number of the upcoming HS time period, given that the current time is now. If now is not set, we try to get the time from a live consensus.

Definition at line 300 of file hs_common.c.

References hs_get_time_period_num().

◆ hs_get_service_max_rend_failures()

int hs_get_service_max_rend_failures ( void  )

How many times will a hidden service operator attempt to connect to a requested rendezvous point before giving up?

Definition at line 229 of file hs_common.c.

◆ hs_get_time_period_num()

uint64_t hs_get_time_period_num ( time_t  now)

Get the HS time period number at time now. If now is not set, we try to get the time ourselves from a live consensus.

Definition at line 265 of file hs_common.c.

References approx_time(), get_time_period_length(), sr_state_get_phase_duration(), tor_assert(), and networkstatus_t::valid_after.

Referenced by hs_get_next_time_period_num().

◆ hs_hsdir_requery_period()

time_t hs_hsdir_requery_period ( const or_options_t options)

Return the period for which a hidden service directory cannot be queried for the same descriptor ID again, taking TestingTorNetwork into account.

Definition at line 1442 of file hs_common.c.

References or_options_t::TestingTorNetwork, and tor_assert().

Referenced by hs_clean_last_hid_serv_requests(), and hs_pick_hsdir().

◆ hs_lookup_last_hid_serv_request()

time_t hs_lookup_last_hid_serv_request ( routerstatus_t hs_dir,
const char *  req_key_str,
time_t  now,
int  set 
)

Look up the last request time to hidden service directory hs_dir for descriptor request key req_key_str which is the descriptor ID for a v2 service or the blinded key for v3. If set is non-zero, assign the current time now and return that. Otherwise, return the most recent request time, or 0 if no such request has been sent before.

Definition at line 1485 of file hs_common.c.

References BASE32_DIGEST_LEN, base32_encode(), DIGEST_LEN, get_last_hid_serv_requests(), routerstatus_t::identity_digest, and tor_asprintf().

Referenced by hs_pick_hsdir().

◆ hs_pick_hsdir()

routerstatus_t* hs_pick_hsdir ( smartlist_t responsible_dirs,
const char *  req_key_str 
)

Given the list of responsible HSDirs in responsible_dirs, pick the one that we should use to fetch a descriptor right now. Take into account previous failed attempts at fetching this descriptor from HSDirs using the string identifier req_key_str.

Steals ownership of responsible_dirs.

Return the routerstatus of the chosen HSDir if successful, otherwise return NULL if no HSDirs are worth trying right now.

Definition at line 1616 of file hs_common.c.

References or_options_t::ExcludeNodes, hs_clean_last_hid_serv_requests(), hs_hsdir_requery_period(), hs_lookup_last_hid_serv_request(), node_has_preferred_descriptor(), routerset_contains_node(), smartlist_add(), SMARTLIST_DEL_CURRENT, SMARTLIST_FOREACH_BEGIN, and tor_assert().

◆ hs_purge_hid_serv_from_last_hid_serv_requests()

void hs_purge_hid_serv_from_last_hid_serv_requests ( const char *  req_key_str)

Remove all requests related to the descriptor request key string req_key_str from the history of times of requests to hidden service directories.

This is called from rend_client_note_connection_attempt_ended(), which must be idempotent, so any future changes to this function must leave it idempotent too.

Definition at line 1548 of file hs_common.c.

References get_last_hid_serv_requests(), REND_DESC_ID_V2_LEN_BASE32, tor_free, and tor_memeq().

Referenced by purge_v2_hidserv_req().

◆ hs_purge_last_hid_serv_requests()

void hs_purge_last_hid_serv_requests ( void  )

Purge the history of request times to hidden service directories, so that future lookups of an HS descriptor will not fail because we accessed all of the HSDir relays responsible for the descriptor recently.

Definition at line 1589 of file hs_common.c.

References last_hid_serv_requests_.

Referenced by rend_client_purge_state().

◆ rend_data_free_()

void rend_data_free_ ( rend_data_t data)

Free all storage associated with data

Definition at line 357 of file hs_common.c.

References rend_data_t::hsdirs_fp, SMARTLIST_FOREACH, tor_assert(), and tor_free.