tor  0.4.1.0-alpha-dev
rendcache.c
Go to the documentation of this file.
1 /* Copyright (c) 2015-2019, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
9 #define RENDCACHE_PRIVATE
10 #include "feature/rend/rendcache.h"
11 
12 #include "app/config/config.h"
13 #include "feature/stats/rephist.h"
16 #include "feature/rend/rendparse.h"
17 
18 #include "core/or/extend_info_st.h"
19 #include "feature/rend/rend_intro_point_st.h"
20 #include "feature/rend/rend_service_descriptor_st.h"
21 
24 STATIC strmap_t *rend_cache = NULL;
25 
27 static strmap_t *rend_cache_local_service = NULL;
28 
31 STATIC digestmap_t *rend_cache_v2_dir = NULL;
32 
58 STATIC strmap_t *rend_cache_failure = NULL;
59 
60 /* DOCDOC */
61 STATIC size_t rend_cache_total_allocation = 0;
62 
65 void
67 {
68  rend_cache = strmap_new();
69  rend_cache_v2_dir = digestmap_new();
70  rend_cache_local_service = strmap_new();
71  rend_cache_failure = strmap_new();
72 }
73 
75 STATIC size_t
77 {
78  if (!e)
79  return 0;
80 
81  /* This doesn't count intro_nodes or key size */
82  return sizeof(*e) + e->len + sizeof(*e->parsed);
83 }
84 
85 /* DOCDOC */
86 size_t
87 rend_cache_get_total_allocation(void)
88 {
89  return rend_cache_total_allocation;
90 }
91 
93 void
95 {
96  static int have_underflowed = 0;
97 
98  if (rend_cache_total_allocation >= n) {
99  rend_cache_total_allocation -= n;
100  } else {
101  rend_cache_total_allocation = 0;
102  if (! have_underflowed) {
103  have_underflowed = 1;
104  log_warn(LD_BUG, "Underflow in rend_cache_decrement_allocation");
105  }
106  }
107 }
108 
110 void
112 {
113  static int have_overflowed = 0;
114  if (rend_cache_total_allocation <= SIZE_MAX - n) {
115  rend_cache_total_allocation += n;
116  } else {
117  rend_cache_total_allocation = SIZE_MAX;
118  if (! have_overflowed) {
119  have_overflowed = 1;
120  log_warn(LD_BUG, "Overflow in rend_cache_increment_allocation");
121  }
122  }
123 }
124 
126 STATIC void
128 {
129  if (entry == NULL) {
130  return;
131  }
132  tor_free(entry);
133 }
134 
135 static void
136 rend_cache_failure_intro_entry_free_void(void *entry)
137 {
139 }
140 
144 rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
145 {
146  rend_cache_failure_intro_t *entry = tor_malloc(sizeof(*entry));
147  entry->failure_type = failure;
148  entry->created_ts = time(NULL);
149  return entry;
150 }
151 
153 STATIC void
155 {
156  if (entry == NULL) {
157  return;
158  }
159 
160  /* Free and remove every intro failure object. */
161  digestmap_free(entry->intro_failures,
162  rend_cache_failure_intro_entry_free_void);
163 
164  tor_free(entry);
165 }
166 
169 STATIC void
171 {
173 }
174 
177 STATIC rend_cache_failure_t *
179 {
180  rend_cache_failure_t *entry = tor_malloc(sizeof(*entry));
181  entry->intro_failures = digestmap_new();
182  return entry;
183 }
184 
187 STATIC void
189 {
190  char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
191  rend_cache_failure_t *entry;
192 
193  if (desc == NULL) {
194  return;
195  }
196  if (rend_get_service_id(desc->pk, service_id) < 0) {
197  return;
198  }
199  entry = strmap_get_lc(rend_cache_failure, service_id);
200  if (entry != NULL) {
202  rend_cache_failure_entry_free(entry);
203  }
204 }
205 
207 STATIC void
209 {
210  if (!e)
211  return;
213  /* We are about to remove a descriptor from the cache so remove the entry
214  * in the failure cache. */
216  rend_service_descriptor_free(e->parsed);
217  tor_free(e->desc);
218  tor_free(e);
219 }
220 
223 static void
225 {
227 }
228 
230 void
232 {
237  rend_cache = NULL;
238  rend_cache_v2_dir = NULL;
240  rend_cache_failure = NULL;
241  rend_cache_total_allocation = 0;
242 }
243 
251 void
253 {
254  time_t cutoff = now - REND_CACHE_FAILURE_MAX_AGE;
255  STRMAP_FOREACH_MODIFY(rend_cache_failure, key,
256  rend_cache_failure_t *, ent) {
257  /* Free and remove every intro failure object that match the cutoff. */
258  DIGESTMAP_FOREACH_MODIFY(ent->intro_failures, ip_key,
259  rend_cache_failure_intro_t *, ip_ent) {
260  if (ip_ent->created_ts < cutoff) {
261  rend_cache_failure_intro_entry_free(ip_ent);
262  MAP_DEL_CURRENT(ip_key);
263  }
265  /* If the entry is now empty of intro point failures, remove it. */
266  if (digestmap_isempty(ent->intro_failures)) {
267  rend_cache_failure_entry_free(ent);
268  MAP_DEL_CURRENT(key);
269  }
270  } STRMAP_FOREACH_END;
271 }
272 
275 void
276 rend_cache_clean(time_t now, rend_cache_type_t cache_type)
277 {
278  strmap_iter_t *iter;
279  const char *key;
280  void *val;
281  rend_cache_entry_t *ent;
282  time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
283  strmap_t *cache = NULL;
284 
285  if (cache_type == REND_CACHE_TYPE_CLIENT) {
286  cache = rend_cache;
287  } else if (cache_type == REND_CACHE_TYPE_SERVICE) {
288  cache = rend_cache_local_service;
289  }
290  tor_assert(cache);
291 
292  for (iter = strmap_iter_init(cache); !strmap_iter_done(iter); ) {
293  strmap_iter_get(iter, &key, &val);
294  ent = (rend_cache_entry_t*)val;
295  if (ent->parsed->timestamp < cutoff) {
296  iter = strmap_iter_next_rmv(cache, iter);
297  rend_cache_entry_free(ent);
298  } else {
299  iter = strmap_iter_next(cache, iter);
300  }
301  }
302 }
303 
306 void
308 {
309  if (rend_cache) {
310  log_info(LD_REND, "Purging HS v2 descriptor cache");
312  }
313  rend_cache = strmap_new();
314 }
315 
318 void
320 {
321  if (rend_cache_failure) {
322  log_info(LD_REND, "Purging HS v2 failure cache");
324  }
325  rend_cache_failure = strmap_new();
326 }
327 
332 STATIC int
333 cache_failure_intro_lookup(const uint8_t *identity, const char *service_id,
334  rend_cache_failure_intro_t **intro_entry)
335 {
336  rend_cache_failure_t *elem;
337  rend_cache_failure_intro_t *intro_elem;
338 
340 
341  if (intro_entry) {
342  *intro_entry = NULL;
343  }
344 
345  /* Lookup descriptor and return it. */
346  elem = strmap_get_lc(rend_cache_failure, service_id);
347  if (elem == NULL) {
348  goto not_found;
349  }
350  intro_elem = digestmap_get(elem->intro_failures, (char *) identity);
351  if (intro_elem == NULL) {
352  goto not_found;
353  }
354  if (intro_entry) {
355  *intro_entry = intro_elem;
356  }
357  return 1;
358  not_found:
359  return 0;
360 }
361 
366 {
367  rend_cache_failure_intro_t *ent_dup =
368  rend_cache_failure_intro_entry_new(entry->failure_type);
369  ent_dup->created_ts = entry->created_ts;
370  return ent_dup;
371 }
372 
376 STATIC void
377 cache_failure_intro_add(const uint8_t *identity, const char *service_id,
378  rend_intro_point_failure_t failure)
379 {
380  rend_cache_failure_t *fail_entry;
381  rend_cache_failure_intro_t *entry, *old_entry;
382 
383  /* Make sure we have a failure object for this service ID and if not,
384  * create it with this new intro failure entry. */
385  fail_entry = strmap_get_lc(rend_cache_failure, service_id);
386  if (fail_entry == NULL) {
387  fail_entry = rend_cache_failure_entry_new();
388  /* Add failure entry to global rend failure cache. */
389  strmap_set_lc(rend_cache_failure, service_id, fail_entry);
390  }
391  entry = rend_cache_failure_intro_entry_new(failure);
392  old_entry = digestmap_set(fail_entry->intro_failures,
393  (char *) identity, entry);
394  /* This _should_ be NULL, but in case it isn't, free it. */
395  rend_cache_failure_intro_entry_free(old_entry);
396 }
397 
403 STATIC void
405  const char *service_id)
406 {
407  rend_cache_failure_t *new_entry, *cur_entry;
408  /* New entry for the service ID that will be replacing the one in the
409  * failure cache since we have a new descriptor. In the case where all
410  * intro points are removed, we are assured that the new entry is the same
411  * as the current one. */
412  new_entry = tor_malloc(sizeof(*new_entry));
413  new_entry->intro_failures = digestmap_new();
414 
415  tor_assert(desc);
416 
418  int found;
420  const uint8_t *identity =
421  (uint8_t *) intro->extend_info->identity_digest;
422 
423  found = cache_failure_intro_lookup(identity, service_id, &entry);
424  if (found) {
425  /* Dup here since it will be freed at the end when removing the
426  * original entry in the cache. */
428  /* This intro point is in our cache, discard it from the descriptor
429  * because chances are that it's unusable. */
430  SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
431  /* Keep it for our new entry. */
432  digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
433  /* Only free it when we're done looking at it. */
434  rend_intro_point_free(intro);
435  continue;
436  }
437  } SMARTLIST_FOREACH_END(intro);
438 
439  /* Swap the failure entry in the cache and free the current one. */
440  cur_entry = strmap_get_lc(rend_cache_failure, service_id);
441  if (cur_entry != NULL) {
442  rend_cache_failure_entry_free(cur_entry);
443  }
444  strmap_set_lc(rend_cache_failure, service_id, new_entry);
445 }
446 
451 void
452 rend_cache_intro_failure_note(rend_intro_point_failure_t failure,
453  const uint8_t *identity,
454  const char *service_id)
455 {
456  int found;
458 
459  found = cache_failure_intro_lookup(identity, service_id, &entry);
460  if (!found) {
461  cache_failure_intro_add(identity, service_id, failure);
462  } else {
463  /* Replace introduction point failure with this one. */
464  entry->failure_type = failure;
465  }
466 }
467 
472 size_t
474 {
475  digestmap_iter_t *iter;
476  size_t bytes_removed = 0;
477 
478  for (iter = digestmap_iter_init(rend_cache_v2_dir);
479  !digestmap_iter_done(iter); ) {
480  const char *key;
481  void *val;
482  rend_cache_entry_t *ent;
483  digestmap_iter_get(iter, &key, &val);
484  ent = val;
485  if (ent->parsed->timestamp < cutoff) {
486  char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
487  base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
488  log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
489  safe_str_client(key_base32));
490  bytes_removed += rend_cache_entry_allocation(ent);
491  iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
492  rend_cache_entry_free(ent);
493  } else {
494  iter = digestmap_iter_next(rend_cache_v2_dir, iter);
495  }
496  }
497 
498  return bytes_removed;
499 }
500 
508 int
509 rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
510 {
511  int ret = 0;
512  char key[REND_SERVICE_ID_LEN_BASE32 + 2]; /* <version><query>\0 */
513  rend_cache_entry_t *entry = NULL;
514  static const int default_version = 2;
515 
517  tor_assert(query);
518 
519  if (!rend_valid_v2_service_id(query)) {
520  ret = -EINVAL;
521  goto end;
522  }
523 
524  switch (version) {
525  case 0:
526  log_warn(LD_REND, "Cache lookup of a v0 renddesc is deprecated.");
527  break;
528  case 2:
529  /* Default is version 2. */
530  default:
531  tor_snprintf(key, sizeof(key), "%d%s", default_version, query);
532  entry = strmap_get_lc(rend_cache, key);
533  break;
534  }
535  if (!entry) {
536  ret = -ENOENT;
537  goto end;
538  }
539  tor_assert(entry->parsed && entry->parsed->intro_nodes);
540 
541  if (e) {
542  *e = entry;
543  }
544 
545  end:
546  return ret;
547 }
548 
549 /*
550  * Lookup the v2 service descriptor with the service ID <b>query</b> in the
551  * local service descriptor cache. Return 0 if found and if <b>e</b> is
552  * non NULL, set it with the entry found. Else, a negative value is returned
553  * and <b>e</b> is untouched.
554  * -EINVAL means that <b>query</b> is not a valid service id.
555  * -ENOENT means that no entry in the cache was found. */
556 int
557 rend_cache_lookup_v2_desc_as_service(const char *query, rend_cache_entry_t **e)
558 {
559  int ret = 0;
560  rend_cache_entry_t *entry = NULL;
561 
563  tor_assert(query);
564 
565  if (!rend_valid_v2_service_id(query)) {
566  ret = -EINVAL;
567  goto end;
568  }
569 
570  /* Lookup descriptor and return. */
571  entry = strmap_get_lc(rend_cache_local_service, query);
572  if (!entry) {
573  ret = -ENOENT;
574  goto end;
575  }
576 
577  if (e) {
578  *e = entry;
579  }
580 
581  end:
582  return ret;
583 }
584 
589 int
590 rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
591 {
593  char desc_id_digest[DIGEST_LEN];
595  if (base32_decode(desc_id_digest, DIGEST_LEN,
596  desc_id, REND_DESC_ID_V2_LEN_BASE32) != DIGEST_LEN) {
597  log_fn(LOG_PROTOCOL_WARN, LD_REND,
598  "Rejecting v2 rendezvous descriptor request -- descriptor ID "
599  "has wrong length or illegal characters: %s",
600  safe_str(desc_id));
601  return -1;
602  }
603  /* Lookup descriptor and return. */
604  e = digestmap_get(rend_cache_v2_dir, desc_id_digest);
605  if (e) {
606  *desc = e->desc;
607  e->last_served = approx_time();
608  return 1;
609  }
610  return 0;
611 }
612 
624 int
626 {
627  const or_options_t *options = get_options();
629  char desc_id[DIGEST_LEN];
630  char *intro_content;
631  size_t intro_size;
632  size_t encoded_size;
633  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
634  int number_parsed = 0, number_stored = 0;
635  const char *current_desc = desc;
636  const char *next_desc;
638  time_t now = time(NULL);
640  tor_assert(desc);
641  while (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
642  &intro_size, &encoded_size,
643  &next_desc, current_desc, 1) >= 0) {
644  number_parsed++;
645  /* We don't care about the introduction points. */
646  tor_free(intro_content);
647  /* For pretty log statements. */
648  base32_encode(desc_id_base32, sizeof(desc_id_base32),
649  desc_id, DIGEST_LEN);
650  /* Is descriptor too old? */
651  if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
652  log_info(LD_REND, "Service descriptor with desc ID %s is too old.",
653  safe_str(desc_id_base32));
654  goto skip;
655  }
656  /* Is descriptor too far in the future? */
657  if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
658  log_info(LD_REND, "Service descriptor with desc ID %s is too far in the "
659  "future.",
660  safe_str(desc_id_base32));
661  goto skip;
662  }
663  /* Do we already have a newer descriptor? */
664  e = digestmap_get(rend_cache_v2_dir, desc_id);
665  if (e && e->parsed->timestamp > parsed->timestamp) {
666  log_info(LD_REND, "We already have a newer service descriptor with the "
667  "same desc ID %s and version.",
668  safe_str(desc_id_base32));
669  goto skip;
670  }
671  /* Do we already have this descriptor? */
672  if (e && !strcmp(desc, e->desc)) {
673  log_info(LD_REND, "We already have this service descriptor with desc "
674  "ID %s.", safe_str(desc_id_base32));
675  goto skip;
676  }
677  /* Store received descriptor. */
678  if (!e) {
679  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
680  digestmap_set(rend_cache_v2_dir, desc_id, e);
681  /* Treat something just uploaded as having been served a little
682  * while ago, so that flooding with new descriptors doesn't help
683  * too much.
684  */
685  e->last_served = approx_time() - 3600;
686  } else {
688  rend_service_descriptor_free(e->parsed);
689  tor_free(e->desc);
690  }
691  e->parsed = parsed;
692  e->desc = tor_strndup(current_desc, encoded_size);
693  e->len = encoded_size;
695  log_info(LD_REND, "Successfully stored service descriptor with desc ID "
696  "'%s' and len %d.",
697  safe_str(desc_id_base32), (int)encoded_size);
698  /* Statistics: Note down this potentially new HS. */
699  if (options->HiddenServiceStatistics) {
701  }
702 
703  number_stored++;
704  goto advance;
705  skip:
706  rend_service_descriptor_free(parsed);
707  advance:
708  /* advance to next descriptor, if available. */
709  current_desc = next_desc;
710  /* check if there is a next descriptor. */
711  if (!current_desc ||
712  strcmpstart(current_desc, "rendezvous-service-descriptor "))
713  break;
714  }
715  if (!number_parsed) {
716  log_info(LD_REND, "Could not parse any descriptor.");
717  return -1;
718  }
719  log_info(LD_REND, "Parsed %d and added %d descriptor%s.",
720  number_parsed, number_stored, number_stored != 1 ? "s" : "");
721  return 0;
722 }
723 
733 int
735 {
736  rend_service_descriptor_t *parsed = NULL;
737  char desc_id[DIGEST_LEN];
738  char *intro_content = NULL;
739  size_t intro_size;
740  size_t encoded_size;
741  const char *next_desc;
742  char service_id[REND_SERVICE_ID_LEN_BASE32+1];
744  int retval = -1;
746  tor_assert(desc);
747 
748  /* Parse the descriptor. */
749  if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
750  &intro_size, &encoded_size,
751  &next_desc, desc, 0) < 0) {
752  log_warn(LD_REND, "Could not parse descriptor.");
753  goto err;
754  }
755  /* Compute service ID from public key. */
756  if (rend_get_service_id(parsed->pk, service_id)<0) {
757  log_warn(LD_REND, "Couldn't compute service ID.");
758  goto err;
759  }
760 
761  /* Do we already have a newer descriptor? Allow new descriptors with a
762  rounded timestamp equal to or newer than the current descriptor */
764  service_id);
765  if (e && e->parsed->timestamp > parsed->timestamp) {
766  log_info(LD_REND, "We already have a newer service descriptor for "
767  "service ID %s.", safe_str_client(service_id));
768  goto okay;
769  }
770  /* We don't care about the introduction points. */
771  tor_free(intro_content);
772  if (!e) {
773  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
774  strmap_set_lc(rend_cache_local_service, service_id, e);
775  } else {
777  rend_service_descriptor_free(e->parsed);
778  tor_free(e->desc);
779  }
780  e->parsed = parsed;
781  e->desc = tor_malloc_zero(encoded_size + 1);
782  strlcpy(e->desc, desc, encoded_size + 1);
783  e->len = encoded_size;
785  log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
786  safe_str_client(service_id), (int)encoded_size);
787  return 0;
788 
789  okay:
790  retval = 0;
791 
792  err:
793  rend_service_descriptor_free(parsed);
794  tor_free(intro_content);
795  return retval;
796 }
797 
814 int
816  const char *desc_id_base32,
817  const rend_data_t *rend_query,
818  rend_cache_entry_t **entry)
819 {
820  /*XXXX this seems to have a bit of duplicate code with
821  * rend_cache_store_v2_desc_as_dir(). Fix that. */
822  /* Though having similar elements, both functions were separated on
823  * purpose:
824  * - dirs don't care about encoded/encrypted introduction points, clients
825  * do.
826  * - dirs store descriptors in a separate cache by descriptor ID, whereas
827  * clients store them by service ID; both caches are different data
828  * structures and have different access methods.
829  * - dirs store a descriptor only if they are responsible for its ID,
830  * clients do so in every way (because they have requested it before).
831  * - dirs can process multiple concatenated descriptors which is required
832  * for replication, whereas clients only accept a single descriptor.
833  * Thus, combining both methods would result in a lot of if statements
834  * which probably would not improve, but worsen code readability. -KL */
835  rend_service_descriptor_t *parsed = NULL;
836  char desc_id[DIGEST_LEN];
837  char *intro_content = NULL;
838  size_t intro_size;
839  size_t encoded_size;
840  const char *next_desc;
841  time_t now = time(NULL);
842  char key[REND_SERVICE_ID_LEN_BASE32+2];
843  char service_id[REND_SERVICE_ID_LEN_BASE32+1];
844  char want_desc_id[DIGEST_LEN];
846  int retval = -1;
847  rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query);
848 
850  tor_assert(desc);
851  tor_assert(desc_id_base32);
852  memset(want_desc_id, 0, sizeof(want_desc_id));
853  if (entry) {
854  *entry = NULL;
855  }
856  if (base32_decode(want_desc_id, sizeof(want_desc_id),
857  desc_id_base32, strlen(desc_id_base32)) !=
858  sizeof(want_desc_id)) {
859  log_warn(LD_BUG, "Couldn't decode base32 %s for descriptor id.",
860  escaped_safe_str_client(desc_id_base32));
861  goto err;
862  }
863  /* Parse the descriptor. */
864  if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
865  &intro_size, &encoded_size,
866  &next_desc, desc, 0) < 0) {
867  log_warn(LD_REND, "Could not parse descriptor.");
868  goto err;
869  }
870  /* Compute service ID from public key. */
871  if (rend_get_service_id(parsed->pk, service_id)<0) {
872  log_warn(LD_REND, "Couldn't compute service ID.");
873  goto err;
874  }
875  if (rend_data->onion_address[0] != '\0' &&
876  strcmp(rend_data->onion_address, service_id)) {
877  log_warn(LD_REND, "Received service descriptor for service ID %s; "
878  "expected descriptor for service ID %s.",
879  service_id, safe_str(rend_data->onion_address));
880  goto err;
881  }
882  if (tor_memneq(desc_id, want_desc_id, DIGEST_LEN)) {
883  log_warn(LD_REND, "Received service descriptor for %s with incorrect "
884  "descriptor ID.", service_id);
885  goto err;
886  }
887 
888  /* Decode/decrypt introduction points. */
889  if (intro_content && intro_size > 0) {
890  int n_intro_points;
891  if (rend_data->auth_type != REND_NO_AUTH &&
893  sizeof(rend_data->descriptor_cookie))) {
894  char *ipos_decrypted = NULL;
895  size_t ipos_decrypted_size;
896  if (rend_decrypt_introduction_points(&ipos_decrypted,
897  &ipos_decrypted_size,
898  rend_data->descriptor_cookie,
899  intro_content,
900  intro_size) < 0) {
901  log_warn(LD_REND, "Failed to decrypt introduction points. We are "
902  "probably unable to parse the encoded introduction points.");
903  } else {
904  /* Replace encrypted with decrypted introduction points. */
905  log_info(LD_REND, "Successfully decrypted introduction points.");
906  tor_free(intro_content);
907  intro_content = ipos_decrypted;
908  intro_size = ipos_decrypted_size;
909  }
910  }
911  n_intro_points = rend_parse_introduction_points(parsed, intro_content,
912  intro_size);
913  if (n_intro_points <= 0) {
914  log_warn(LD_REND, "Failed to parse introduction points. Either the "
915  "service has published a corrupt descriptor or you have "
916  "provided invalid authorization data.");
917  goto err;
918  } else if (n_intro_points > MAX_INTRO_POINTS) {
919  log_warn(LD_REND, "Found too many introduction points on a hidden "
920  "service descriptor for %s. This is probably a (misguided) "
921  "attempt to improve reliability, but it could also be an "
922  "attempt to do a guard enumeration attack. Rejecting.",
923  safe_str_client(service_id));
924 
925  goto err;
926  }
927  } else {
928  log_info(LD_REND, "Descriptor does not contain any introduction points.");
929  parsed->intro_nodes = smartlist_new();
930  }
931  /* We don't need the encoded/encrypted introduction points any longer. */
932  tor_free(intro_content);
933  /* Is descriptor too old? */
934  if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
935  log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
936  safe_str_client(service_id));
937  goto err;
938  }
939  /* Is descriptor too far in the future? */
940  if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
941  log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
942  "the future.", safe_str_client(service_id));
943  goto err;
944  }
945  /* Do we have the same exact copy already in our cache? */
946  tor_snprintf(key, sizeof(key), "2%s", service_id);
948  if (e && !strcmp(desc, e->desc)) {
949  log_info(LD_REND,"We already have this service descriptor %s.",
950  safe_str_client(service_id));
951  goto okay;
952  }
953  /* Verify that we are not replacing an older descriptor. It's important to
954  * avoid an evil HSDir serving old descriptor. We validate if the
955  * timestamp is greater than and not equal because it's a rounded down
956  * timestamp to the hour so if the descriptor changed in the same hour,
957  * the rend cache failure will tell us if we have a new descriptor. */
958  if (e && e->parsed->timestamp > parsed->timestamp) {
959  log_info(LD_REND, "We already have a new enough service descriptor for "
960  "service ID %s with the same desc ID and version.",
961  safe_str_client(service_id));
962  goto okay;
963  }
964  /* Lookup our failure cache for intro point that might be unusable. */
965  validate_intro_point_failure(parsed, service_id);
966  /* It's now possible that our intro point list is empty, which means that
967  * this descriptor is useless to us because intro points have all failed
968  * somehow before. Discard the descriptor. */
969  if (smartlist_len(parsed->intro_nodes) == 0) {
970  log_info(LD_REND, "Service descriptor with service ID %s has no "
971  "usable intro points. Discarding it.",
972  safe_str_client(service_id));
973  goto err;
974  }
975  /* Now either purge the current one and replace its content or create a
976  * new one and add it to the rend cache. */
977  if (!e) {
978  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
979  strmap_set_lc(rend_cache, key, e);
980  } else {
983  rend_service_descriptor_free(e->parsed);
984  tor_free(e->desc);
985  }
986  e->parsed = parsed;
987  e->desc = tor_malloc_zero(encoded_size + 1);
988  strlcpy(e->desc, desc, encoded_size + 1);
989  e->len = encoded_size;
991  log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
992  safe_str_client(service_id), (int)encoded_size);
993  if (entry) {
994  *entry = e;
995  }
996  return 0;
997 
998  okay:
999  if (entry) {
1000  *entry = e;
1001  }
1002  retval = 0;
1003 
1004  err:
1005  rend_service_descriptor_free(parsed);
1006  tor_free(intro_content);
1007  return retval;
1008 }
STATIC strmap_t * rend_cache
Definition: rendcache.c:24
Header file for rendcommon.c.
void * strmap_get_lc(const strmap_t *map, const char *key)
Definition: map.c:393
STATIC void rend_cache_failure_remove(rend_service_descriptor_t *desc)
Definition: rendcache.c:188
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
rend_service_descriptor_t * parsed
Definition: rendcache.h:34
STATIC void cache_failure_intro_add(const uint8_t *identity, const char *service_id, rend_intro_point_failure_t failure)
Definition: rendcache.c:377
STATIC strmap_t * rend_cache_failure
Definition: rendcache.c:58
int tor_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
size_t len
Definition: rendcache.h:30
STATIC void rend_cache_entry_free_(rend_cache_entry_t *e)
Definition: rendcache.c:208
STATIC int cache_failure_intro_lookup(const uint8_t *identity, const char *service_id, rend_cache_failure_intro_t **intro_entry)
Definition: rendcache.c:333
char descriptor_cookie[REND_DESC_COOKIE_LEN]
Definition: or.h:446
void rend_cache_intro_failure_note(rend_intro_point_failure_t failure, const uint8_t *identity, const char *service_id)
Definition: rendcache.c:452
#define REND_CACHE_MAX_SKEW
Definition: rendcache.h:20
void rend_cache_purge(void)
Definition: rendcache.c:307
void rend_cache_failure_purge(void)
Definition: rendcache.c:319
int rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
Definition: rendcache.c:590
STATIC void rend_cache_failure_entry_free_(rend_cache_failure_t *entry)
Definition: rendcache.c:154
size_t rend_cache_clean_v2_descs_as_dir(time_t cutoff)
Definition: rendcache.c:473
#define REND_DESC_ID_V2_LEN_BASE32
Definition: or.h:354
int HiddenServiceStatistics
Header file for config.c.
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
int rend_parse_introduction_points(rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size)
Definition: rendparse.c:378
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:209
#define MAP_DEL_CURRENT(keyvar)
Definition: map.h:139
int rend_decrypt_introduction_points(char **ipos_decrypted, size_t *ipos_decrypted_size, const char *descriptor_cookie, const char *ipos_encrypted, size_t ipos_encrypted_size)
Definition: rendparse.c:267
#define tor_free(p)
Definition: malloc.h:52
void rend_cache_clean(time_t now, rend_cache_type_t cache_type)
Definition: rendcache.c:276
#define SMARTLIST_DEL_CURRENT(sl, var)
void * strmap_set_lc(strmap_t *map, const char *key, void *val)
Definition: map.c:379
STATIC digestmap_t * rend_cache_v2_dir
Definition: rendcache.c:31
STATIC void rend_cache_failure_entry_free_void(void *entry)
Definition: rendcache.c:170
Definition: rendcache.h:29
int base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:90
int rend_cache_store_v2_desc_as_dir(const char *desc)
Definition: rendcache.c:625
void rend_cache_free_all(void)
Definition: rendcache.c:231
tor_assert(buffer)
#define DIGEST_LEN
Definition: digest_sizes.h:20
Header file for rendcache.c.
void rend_cache_decrement_allocation(size_t n)
Definition: rendcache.c:94
void rend_cache_failure_clean(time_t now)
Definition: rendcache.c:252
STATIC void rend_cache_failure_intro_entry_free_(rend_cache_failure_intro_t *entry)
Definition: rendcache.c:127
void * strmap_remove_lc(strmap_t *map, const char *key)
Definition: map.c:405
Header file for rephist.c.
int rend_valid_v2_service_id(const char *query)
Definition: rendcommon.c:719
int rend_cache_store_v2_desc_as_client(const char *desc, const char *desc_id_base32, const rend_data_t *rend_query, rend_cache_entry_t **entry)
Definition: rendcache.c:815
#define LD_REND
Definition: log.h:81
int rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
Definition: rendcache.c:509
time_t last_served
Definition: rendcache.h:31
STATIC rend_cache_failure_intro_t * rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
Definition: rendcache.c:144
#define DIGESTMAP_FOREACH_END
Definition: map.h:167
#define REND_SERVICE_ID_LEN_BASE32
Definition: or.h:331
rend_auth_type_t auth_type
Definition: or.h:449
#define REND_CACHE_FAILURE_MAX_AGE
Definition: rendcache.h:22
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
char * desc
Definition: rendcache.h:33
#define REND_CACHE_MAX_AGE
Definition: rendcache.h:17
#define DIGESTMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar)
Definition: map.h:164
#define log_fn(severity, domain, args,...)
Definition: log.h:266
int rend_get_service_id(crypto_pk_t *pk, char *out)
Definition: rendcommon.c:706
STATIC void validate_intro_point_failure(const rend_service_descriptor_t *desc, const char *service_id)
Definition: rendcache.c:404
void rep_hist_stored_maybe_new_hs(const crypto_pk_t *pubkey)
Definition: rephist.c:2569
void rend_cache_init(void)
Definition: rendcache.c:66
time_t approx_time(void)
Definition: approx_time.c:32
STATIC rend_cache_failure_t * rend_cache_failure_entry_new(void)
Definition: rendcache.c:178
static void rend_cache_entry_free_void(void *p)
Definition: rendcache.c:224
int rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out, char *desc_id_out, char **intro_points_encrypted_out, size_t *intro_points_encrypted_size_out, size_t *encoded_size_out, const char **next_out, const char *desc, int as_hsdir)
Definition: rendparse.c:72
int rend_cache_store_v2_desc_as_service(const char *desc)
Definition: rendcache.c:734
void rend_cache_increment_allocation(size_t n)
Definition: rendcache.c:111
char onion_address[REND_SERVICE_ID_LEN_BASE32+1]
Definition: or.h:438
STATIC size_t rend_cache_entry_allocation(const rend_cache_entry_t *e)
Definition: rendcache.c:76
static rend_cache_failure_intro_t * cache_failure_intro_dup(const rend_cache_failure_intro_t *entry)
Definition: rendcache.c:365
static strmap_t * rend_cache_local_service
Definition: rendcache.c:27
#define LD_BUG
Definition: log.h:83
Header file for routerlist.c.
const char * escaped_safe_str_client(const char *address)
Definition: config.c:1100