tor  0.4.1.0-alpha-dev
hs_control.c
Go to the documentation of this file.
1 /* Copyright (c) 2017-2019, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
9 #include "core/or/or.h"
13 #include "feature/hs/hs_client.h"
14 #include "feature/hs/hs_common.h"
15 #include "feature/hs/hs_control.h"
17 #include "feature/hs/hs_service.h"
19 
20 #include "feature/nodelist/node_st.h"
21 #include "feature/nodelist/routerstatus_st.h"
22 
23 /* Send on the control port the "HS_DESC REQUESTED [...]" event.
24  *
25  * The onion_pk is the onion service public key, base64_blinded_pk is the
26  * base64 encoded blinded key for the service and hsdir_rs is the routerstatus
27  * object of the HSDir that this request is for. */
28 void
29 hs_control_desc_event_requested(const ed25519_public_key_t *onion_pk,
30  const char *base64_blinded_pk,
31  const routerstatus_t *hsdir_rs)
32 {
33  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
34  const uint8_t *hsdir_index;
35  const node_t *hsdir_node;
36 
37  tor_assert(onion_pk);
38  tor_assert(base64_blinded_pk);
39  tor_assert(hsdir_rs);
40 
41  hs_build_address(onion_pk, HS_VERSION_THREE, onion_address);
42 
43  /* Get the node from the routerstatus object to get the HSDir index used for
44  * this request. We can't have a routerstatus entry without a node and we
45  * can't pick a node without an hsdir_index. */
46  hsdir_node = node_get_by_id(hsdir_rs->identity_digest);
47  tor_assert(hsdir_node);
48  /* This is a fetch event. */
49  hsdir_index = hsdir_node->hsdir_index.fetch;
50 
51  /* Trigger the event. */
52  control_event_hs_descriptor_requested(onion_address, REND_NO_AUTH,
53  hsdir_rs->identity_digest,
54  base64_blinded_pk,
55  hex_str((const char *) hsdir_index,
56  DIGEST256_LEN));
57  memwipe(onion_address, 0, sizeof(onion_address));
58 }
59 
60 /* Send on the control port the "HS_DESC FAILED [...]" event.
61  *
62  * Using a directory connection identifier, the HSDir identity digest and a
63  * reason for the failure. None can be NULL. */
64 void
65 hs_control_desc_event_failed(const hs_ident_dir_conn_t *ident,
66  const char *hsdir_id_digest,
67  const char *reason)
68 {
69  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
70  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
71 
72  tor_assert(ident);
73  tor_assert(hsdir_id_digest);
74  tor_assert(reason);
75 
76  /* Build onion address and encoded blinded key. */
77  IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
78  &ident->blinded_pk) < 0) {
79  return;
80  }
81  hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
82 
83  control_event_hsv3_descriptor_failed(onion_address, base64_blinded_pk,
84  hsdir_id_digest, reason);
85 }
86 
87 /* Send on the control port the "HS_DESC RECEIVED [...]" event.
88  *
89  * Using a directory connection identifier and the HSDir identity digest.
90  * None can be NULL. */
91 void
92 hs_control_desc_event_received(const hs_ident_dir_conn_t *ident,
93  const char *hsdir_id_digest)
94 {
95  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
96  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
97 
98  tor_assert(ident);
99  tor_assert(hsdir_id_digest);
100 
101  /* Build onion address and encoded blinded key. */
102  IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
103  &ident->blinded_pk) < 0) {
104  return;
105  }
106  hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
107 
108  control_event_hsv3_descriptor_received(onion_address, base64_blinded_pk,
109  hsdir_id_digest);
110 }
111 
112 /* Send on the control port the "HS_DESC CREATED [...]" event.
113  *
114  * Using the onion address of the descriptor's service and the blinded public
115  * key of the descriptor as a descriptor ID. None can be NULL. */
116 void
117 hs_control_desc_event_created(const char *onion_address,
118  const ed25519_public_key_t *blinded_pk)
119 {
120  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
121 
122  tor_assert(onion_address);
123  tor_assert(blinded_pk);
124 
125  /* Build base64 encoded blinded key. */
126  IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
127  return;
128  }
129 
130  /* Version 3 doesn't use the replica number in its descriptor ID computation
131  * so we pass negative value so the control port subsystem can ignore it. */
132  control_event_hs_descriptor_created(onion_address, base64_blinded_pk, -1);
133 }
134 
135 /* Send on the control port the "HS_DESC UPLOAD [...]" event.
136  *
137  * Using the onion address of the descriptor's service, the HSDir identity
138  * digest, the blinded public key of the descriptor as a descriptor ID and the
139  * HSDir index for this particular request. None can be NULL. */
140 void
141 hs_control_desc_event_upload(const char *onion_address,
142  const char *hsdir_id_digest,
143  const ed25519_public_key_t *blinded_pk,
144  const uint8_t *hsdir_index)
145 {
146  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
147 
148  tor_assert(onion_address);
149  tor_assert(hsdir_id_digest);
150  tor_assert(blinded_pk);
151  tor_assert(hsdir_index);
152 
153  /* Build base64 encoded blinded key. */
154  IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
155  return;
156  }
157 
158  control_event_hs_descriptor_upload(onion_address, hsdir_id_digest,
159  base64_blinded_pk,
160  hex_str((const char *) hsdir_index,
161  DIGEST256_LEN));
162 }
163 
164 /* Send on the control port the "HS_DESC UPLOADED [...]" event.
165  *
166  * Using the directory connection identifier and the HSDir identity digest.
167  * None can be NULL. */
168 void
169 hs_control_desc_event_uploaded(const hs_ident_dir_conn_t *ident,
170  const char *hsdir_id_digest)
171 {
172  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
173 
174  tor_assert(ident);
175  tor_assert(hsdir_id_digest);
176 
177  hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
178 
179  control_event_hs_descriptor_uploaded(hsdir_id_digest, onion_address);
180 }
181 
182 /* Send on the control port the "HS_DESC_CONTENT [...]" event.
183  *
184  * Using the directory connection identifier, the HSDir identity digest and
185  * the body of the descriptor (as it was received from the directory). None
186  * can be NULL. */
187 void
188 hs_control_desc_event_content(const hs_ident_dir_conn_t *ident,
189  const char *hsdir_id_digest,
190  const char *body)
191 {
192  char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
193  char base64_blinded_pk[ED25519_BASE64_LEN + 1];
194 
195  tor_assert(ident);
196  tor_assert(hsdir_id_digest);
197 
198  /* Build onion address and encoded blinded key. */
199  IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
200  &ident->blinded_pk) < 0) {
201  return;
202  }
203  hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
204 
205  control_event_hs_descriptor_content(onion_address, base64_blinded_pk,
206  hsdir_id_digest, body);
207 }
208 
209 /* Handle the "HSPOST [...]" command. The body is an encoded descriptor for
210  * the given onion_address. The descriptor will be uploaded to each directory
211  * in hsdirs_rs. If NULL, the responsible directories for the current time
212  * period will be selected.
213  *
214  * Return -1 on if the descriptor plaintext section is not decodable. Else, 0
215  * on success. */
216 int
217 hs_control_hspost_command(const char *body, const char *onion_address,
218  const smartlist_t *hsdirs_rs)
219 {
220  int ret = -1;
221  ed25519_public_key_t identity_pk;
222  hs_desc_plaintext_data_t plaintext;
223  smartlist_t *hsdirs = NULL;
224 
225  tor_assert(body);
226  tor_assert(onion_address);
227 
228  /* This can't fail because we require the caller to pass us a valid onion
229  * address that has passed hs_address_is_valid(). */
230  if (BUG(hs_parse_address(onion_address, &identity_pk, NULL, NULL) < 0)) {
231  goto done; // LCOV_EXCL_LINE
232  }
233 
234  /* Only decode the plaintext part which is what the directory will do to
235  * validate before caching. */
236  if (hs_desc_decode_plaintext(body, &plaintext) < 0) {
237  goto done;
238  }
239 
240  /* No HSDir(s) given, we'll compute what the current ones should be. */
241  if (hsdirs_rs == NULL) {
242  hsdirs = smartlist_new();
243  hs_get_responsible_hsdirs(&plaintext.blinded_pubkey,
245  0, /* Always the current descriptor which uses
246  * the first hsdir index. */
247  0, /* It is for storing on a directory. */
248  hsdirs);
249  hsdirs_rs = hsdirs;
250  }
251 
252  SMARTLIST_FOREACH_BEGIN(hsdirs_rs, const routerstatus_t *, rs) {
253  hs_service_upload_desc_to_dir(body, plaintext.version, &identity_pk,
254  &plaintext.blinded_pubkey, rs);
255  } SMARTLIST_FOREACH_END(rs);
256  ret = 0;
257 
258  done:
259  /* We don't have ownership of the objects in this list. */
260  smartlist_free(hsdirs);
261  return ret;
262 }
263 
264 /* With a given <b>onion_identity_pk</b>, fetch its descriptor, optionally
265  * using the list of directory servers given in <b>hsdirs</b>, or a random
266  * server if it is NULL. This function calls hs_client_launch_v3_desc_fetch().
267  */
268 void
269 hs_control_hsfetch_command(const ed25519_public_key_t *onion_identity_pk,
270  const smartlist_t *hsdirs)
271 {
272  tor_assert(onion_identity_pk);
273 
274  hs_client_launch_v3_desc_fetch(onion_identity_pk, hsdirs);
275 }
void control_event_hs_descriptor_content(const char *onion_address, const char *desc_id, const char *hsdir_id_digest, const char *content)
Definition: control.c:7500
void control_event_hs_descriptor_upload(const char *onion_address, const char *id_digest, const char *desc_id, const char *hsdir_index)
Definition: control.c:7264
Header file containing common data for the whole HS subsytem.
void control_event_hs_descriptor_created(const char *onion_address, const char *desc_id, int replica)
Definition: control.c:7236
Definition: node_st.h:28
Header file containing service data for the HS subsytem.
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Header file containing client data for the HS subsytem.
void control_event_hsv3_descriptor_failed(const char *onion_address, const char *desc_id, const char *hsdir_id_digest, const char *reason)
Definition: control.c:7474
char identity_digest[DIGEST_LEN]
Header file for nodelist.c.
int ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey)
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:57
void control_event_hs_descriptor_requested(const char *onion_address, rend_auth_type_t auth_type, const char *id_digest, const char *desc_id, const char *hsdir_index)
Definition: control.c:7158
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Common functions for cryptographic routines.
tor_assert(buffer)
Header for crypto_format.c.
Master header file for Tor-specific functionality.
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
Header file for hs_descriptor.c.
Header file containing control port event related code.
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:214
Header file for control.c.
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:265
void control_event_hs_descriptor_uploaded(const char *id_digest, const char *onion_address)
Definition: control.c:7423