tor  0.4.2.0-alpha-dev
rendcache.c
Go to the documentation of this file.
1 /* Copyright (c) 2015-2019, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
9 #define RENDCACHE_PRIVATE
10 #include "feature/rend/rendcache.h"
11 
12 #include "app/config/config.h"
13 #include "feature/stats/rephist.h"
16 #include "feature/rend/rendparse.h"
17 
18 #include "core/or/extend_info_st.h"
19 #include "feature/rend/rend_intro_point_st.h"
20 #include "feature/rend/rend_service_descriptor_st.h"
21 
22 #include "lib/ctime/di_ops.h"
23 
26 STATIC strmap_t *rend_cache = NULL;
27 
29 static strmap_t *rend_cache_local_service = NULL;
30 
33 STATIC digestmap_t *rend_cache_v2_dir = NULL;
34 
60 STATIC strmap_t *rend_cache_failure = NULL;
61 
62 /* DOCDOC */
63 STATIC size_t rend_cache_total_allocation = 0;
64 
67 void
69 {
70  rend_cache = strmap_new();
71  rend_cache_v2_dir = digestmap_new();
72  rend_cache_local_service = strmap_new();
73  rend_cache_failure = strmap_new();
74 }
75 
77 STATIC size_t
79 {
80  if (!e)
81  return 0;
82 
83  /* This doesn't count intro_nodes or key size */
84  return sizeof(*e) + e->len + sizeof(*e->parsed);
85 }
86 
87 /* DOCDOC */
88 size_t
89 rend_cache_get_total_allocation(void)
90 {
91  return rend_cache_total_allocation;
92 }
93 
95 void
97 {
98  static int have_underflowed = 0;
99 
100  if (rend_cache_total_allocation >= n) {
101  rend_cache_total_allocation -= n;
102  } else {
103  rend_cache_total_allocation = 0;
104  if (! have_underflowed) {
105  have_underflowed = 1;
106  log_warn(LD_BUG, "Underflow in rend_cache_decrement_allocation");
107  }
108  }
109 }
110 
112 void
114 {
115  static int have_overflowed = 0;
116  if (rend_cache_total_allocation <= SIZE_MAX - n) {
117  rend_cache_total_allocation += n;
118  } else {
119  rend_cache_total_allocation = SIZE_MAX;
120  if (! have_overflowed) {
121  have_overflowed = 1;
122  log_warn(LD_BUG, "Overflow in rend_cache_increment_allocation");
123  }
124  }
125 }
126 
128 STATIC void
130 {
131  if (entry == NULL) {
132  return;
133  }
134  tor_free(entry);
135 }
136 
137 static void
138 rend_cache_failure_intro_entry_free_void(void *entry)
139 {
141 }
142 
146 rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
147 {
148  rend_cache_failure_intro_t *entry = tor_malloc(sizeof(*entry));
149  entry->failure_type = failure;
150  entry->created_ts = time(NULL);
151  return entry;
152 }
153 
155 STATIC void
157 {
158  if (entry == NULL) {
159  return;
160  }
161 
162  /* Free and remove every intro failure object. */
163  digestmap_free(entry->intro_failures,
164  rend_cache_failure_intro_entry_free_void);
165 
166  tor_free(entry);
167 }
168 
171 STATIC void
173 {
175 }
176 
179 STATIC rend_cache_failure_t *
181 {
182  rend_cache_failure_t *entry = tor_malloc(sizeof(*entry));
183  entry->intro_failures = digestmap_new();
184  return entry;
185 }
186 
189 STATIC void
191 {
192  char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
193  rend_cache_failure_t *entry;
194 
195  if (desc == NULL) {
196  return;
197  }
198  if (rend_get_service_id(desc->pk, service_id) < 0) {
199  return;
200  }
201  entry = strmap_get_lc(rend_cache_failure, service_id);
202  if (entry != NULL) {
204  rend_cache_failure_entry_free(entry);
205  }
206 }
207 
209 STATIC void
211 {
212  if (!e)
213  return;
215  /* We are about to remove a descriptor from the cache so remove the entry
216  * in the failure cache. */
218  rend_service_descriptor_free(e->parsed);
219  tor_free(e->desc);
220  tor_free(e);
221 }
222 
225 static void
227 {
229 }
230 
232 void
234 {
239  rend_cache = NULL;
240  rend_cache_v2_dir = NULL;
242  rend_cache_failure = NULL;
243  rend_cache_total_allocation = 0;
244 }
245 
253 void
255 {
256  time_t cutoff = now - REND_CACHE_FAILURE_MAX_AGE;
257  STRMAP_FOREACH_MODIFY(rend_cache_failure, key,
258  rend_cache_failure_t *, ent) {
259  /* Free and remove every intro failure object that match the cutoff. */
260  DIGESTMAP_FOREACH_MODIFY(ent->intro_failures, ip_key,
261  rend_cache_failure_intro_t *, ip_ent) {
262  if (ip_ent->created_ts < cutoff) {
263  rend_cache_failure_intro_entry_free(ip_ent);
264  MAP_DEL_CURRENT(ip_key);
265  }
267  /* If the entry is now empty of intro point failures, remove it. */
268  if (digestmap_isempty(ent->intro_failures)) {
269  rend_cache_failure_entry_free(ent);
270  MAP_DEL_CURRENT(key);
271  }
272  } STRMAP_FOREACH_END;
273 }
274 
277 void
278 rend_cache_clean(time_t now, rend_cache_type_t cache_type)
279 {
280  strmap_iter_t *iter;
281  const char *key;
282  void *val;
283  rend_cache_entry_t *ent;
284  time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
285  strmap_t *cache = NULL;
286 
287  if (cache_type == REND_CACHE_TYPE_CLIENT) {
288  cache = rend_cache;
289  } else if (cache_type == REND_CACHE_TYPE_SERVICE) {
290  cache = rend_cache_local_service;
291  }
292  tor_assert(cache);
293 
294  for (iter = strmap_iter_init(cache); !strmap_iter_done(iter); ) {
295  strmap_iter_get(iter, &key, &val);
296  ent = (rend_cache_entry_t*)val;
297  if (ent->parsed->timestamp < cutoff) {
298  iter = strmap_iter_next_rmv(cache, iter);
299  rend_cache_entry_free(ent);
300  } else {
301  iter = strmap_iter_next(cache, iter);
302  }
303  }
304 }
305 
308 void
310 {
311  if (rend_cache) {
312  log_info(LD_REND, "Purging HS v2 descriptor cache");
314  }
315  rend_cache = strmap_new();
316 }
317 
320 void
322 {
323  if (rend_cache_failure) {
324  log_info(LD_REND, "Purging HS v2 failure cache");
326  }
327  rend_cache_failure = strmap_new();
328 }
329 
334 STATIC int
335 cache_failure_intro_lookup(const uint8_t *identity, const char *service_id,
336  rend_cache_failure_intro_t **intro_entry)
337 {
338  rend_cache_failure_t *elem;
339  rend_cache_failure_intro_t *intro_elem;
340 
342 
343  if (intro_entry) {
344  *intro_entry = NULL;
345  }
346 
347  /* Lookup descriptor and return it. */
348  elem = strmap_get_lc(rend_cache_failure, service_id);
349  if (elem == NULL) {
350  goto not_found;
351  }
352  intro_elem = digestmap_get(elem->intro_failures, (char *) identity);
353  if (intro_elem == NULL) {
354  goto not_found;
355  }
356  if (intro_entry) {
357  *intro_entry = intro_elem;
358  }
359  return 1;
360  not_found:
361  return 0;
362 }
363 
368 {
369  rend_cache_failure_intro_t *ent_dup =
370  rend_cache_failure_intro_entry_new(entry->failure_type);
371  ent_dup->created_ts = entry->created_ts;
372  return ent_dup;
373 }
374 
378 STATIC void
379 cache_failure_intro_add(const uint8_t *identity, const char *service_id,
380  rend_intro_point_failure_t failure)
381 {
382  rend_cache_failure_t *fail_entry;
383  rend_cache_failure_intro_t *entry, *old_entry;
384 
385  /* Make sure we have a failure object for this service ID and if not,
386  * create it with this new intro failure entry. */
387  fail_entry = strmap_get_lc(rend_cache_failure, service_id);
388  if (fail_entry == NULL) {
389  fail_entry = rend_cache_failure_entry_new();
390  /* Add failure entry to global rend failure cache. */
391  strmap_set_lc(rend_cache_failure, service_id, fail_entry);
392  }
393  entry = rend_cache_failure_intro_entry_new(failure);
394  old_entry = digestmap_set(fail_entry->intro_failures,
395  (char *) identity, entry);
396  /* This _should_ be NULL, but in case it isn't, free it. */
397  rend_cache_failure_intro_entry_free(old_entry);
398 }
399 
405 STATIC void
407  const char *service_id)
408 {
409  rend_cache_failure_t *new_entry, *cur_entry;
410  /* New entry for the service ID that will be replacing the one in the
411  * failure cache since we have a new descriptor. In the case where all
412  * intro points are removed, we are assured that the new entry is the same
413  * as the current one. */
414  new_entry = tor_malloc(sizeof(*new_entry));
415  new_entry->intro_failures = digestmap_new();
416 
417  tor_assert(desc);
418 
420  int found;
422  const uint8_t *identity =
423  (uint8_t *) intro->extend_info->identity_digest;
424 
425  found = cache_failure_intro_lookup(identity, service_id, &entry);
426  if (found) {
427  /* Dup here since it will be freed at the end when removing the
428  * original entry in the cache. */
430  /* This intro point is in our cache, discard it from the descriptor
431  * because chances are that it's unusable. */
432  SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
433  /* Keep it for our new entry. */
434  digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
435  /* Only free it when we're done looking at it. */
436  rend_intro_point_free(intro);
437  continue;
438  }
439  } SMARTLIST_FOREACH_END(intro);
440 
441  /* Swap the failure entry in the cache and free the current one. */
442  cur_entry = strmap_get_lc(rend_cache_failure, service_id);
443  if (cur_entry != NULL) {
444  rend_cache_failure_entry_free(cur_entry);
445  }
446  strmap_set_lc(rend_cache_failure, service_id, new_entry);
447 }
448 
453 void
454 rend_cache_intro_failure_note(rend_intro_point_failure_t failure,
455  const uint8_t *identity,
456  const char *service_id)
457 {
458  int found;
460 
461  found = cache_failure_intro_lookup(identity, service_id, &entry);
462  if (!found) {
463  cache_failure_intro_add(identity, service_id, failure);
464  } else {
465  /* Replace introduction point failure with this one. */
466  entry->failure_type = failure;
467  }
468 }
469 
474 size_t
476 {
477  digestmap_iter_t *iter;
478  size_t bytes_removed = 0;
479 
480  for (iter = digestmap_iter_init(rend_cache_v2_dir);
481  !digestmap_iter_done(iter); ) {
482  const char *key;
483  void *val;
484  rend_cache_entry_t *ent;
485  digestmap_iter_get(iter, &key, &val);
486  ent = val;
487  if (ent->parsed->timestamp < cutoff) {
488  char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
489  base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
490  log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
491  safe_str_client(key_base32));
492  bytes_removed += rend_cache_entry_allocation(ent);
493  iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
494  rend_cache_entry_free(ent);
495  } else {
496  iter = digestmap_iter_next(rend_cache_v2_dir, iter);
497  }
498  }
499 
500  return bytes_removed;
501 }
502 
510 int
511 rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
512 {
513  int ret = 0;
514  char key[REND_SERVICE_ID_LEN_BASE32 + 2]; /* <version><query>\0 */
515  rend_cache_entry_t *entry = NULL;
516  static const int default_version = 2;
517 
519  tor_assert(query);
520 
521  if (!rend_valid_v2_service_id(query)) {
522  ret = -EINVAL;
523  goto end;
524  }
525 
526  switch (version) {
527  case 0:
528  log_warn(LD_REND, "Cache lookup of a v0 renddesc is deprecated.");
529  break;
530  case 2:
531  /* Default is version 2. */
532  default:
533  tor_snprintf(key, sizeof(key), "%d%s", default_version, query);
534  entry = strmap_get_lc(rend_cache, key);
535  break;
536  }
537  if (!entry) {
538  ret = -ENOENT;
539  goto end;
540  }
541  tor_assert(entry->parsed && entry->parsed->intro_nodes);
542 
543  if (e) {
544  *e = entry;
545  }
546 
547  end:
548  return ret;
549 }
550 
551 /*
552  * Lookup the v2 service descriptor with the service ID <b>query</b> in the
553  * local service descriptor cache. Return 0 if found and if <b>e</b> is
554  * non NULL, set it with the entry found. Else, a negative value is returned
555  * and <b>e</b> is untouched.
556  * -EINVAL means that <b>query</b> is not a valid service id.
557  * -ENOENT means that no entry in the cache was found. */
558 int
559 rend_cache_lookup_v2_desc_as_service(const char *query, rend_cache_entry_t **e)
560 {
561  int ret = 0;
562  rend_cache_entry_t *entry = NULL;
563 
565  tor_assert(query);
566 
567  if (!rend_valid_v2_service_id(query)) {
568  ret = -EINVAL;
569  goto end;
570  }
571 
572  /* Lookup descriptor and return. */
573  entry = strmap_get_lc(rend_cache_local_service, query);
574  if (!entry) {
575  ret = -ENOENT;
576  goto end;
577  }
578 
579  if (e) {
580  *e = entry;
581  }
582 
583  end:
584  return ret;
585 }
586 
591 int
592 rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
593 {
595  char desc_id_digest[DIGEST_LEN];
597  if (base32_decode(desc_id_digest, DIGEST_LEN,
598  desc_id, REND_DESC_ID_V2_LEN_BASE32) != DIGEST_LEN) {
599  log_fn(LOG_PROTOCOL_WARN, LD_REND,
600  "Rejecting v2 rendezvous descriptor request -- descriptor ID "
601  "has wrong length or illegal characters: %s",
602  safe_str(desc_id));
603  return -1;
604  }
605  /* Lookup descriptor and return. */
606  e = digestmap_get(rend_cache_v2_dir, desc_id_digest);
607  if (e) {
608  *desc = e->desc;
609  e->last_served = approx_time();
610  return 1;
611  }
612  return 0;
613 }
614 
626 int
628 {
629  const or_options_t *options = get_options();
631  char desc_id[DIGEST_LEN];
632  char *intro_content;
633  size_t intro_size;
634  size_t encoded_size;
635  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
636  int number_parsed = 0, number_stored = 0;
637  const char *current_desc = desc;
638  const char *next_desc;
640  time_t now = time(NULL);
642  tor_assert(desc);
643  while (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
644  &intro_size, &encoded_size,
645  &next_desc, current_desc, 1) >= 0) {
646  number_parsed++;
647  /* We don't care about the introduction points. */
648  tor_free(intro_content);
649  /* For pretty log statements. */
650  base32_encode(desc_id_base32, sizeof(desc_id_base32),
651  desc_id, DIGEST_LEN);
652  /* Is descriptor too old? */
653  if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
654  log_info(LD_REND, "Service descriptor with desc ID %s is too old.",
655  safe_str(desc_id_base32));
656  goto skip;
657  }
658  /* Is descriptor too far in the future? */
659  if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
660  log_info(LD_REND, "Service descriptor with desc ID %s is too far in the "
661  "future.",
662  safe_str(desc_id_base32));
663  goto skip;
664  }
665  /* Do we already have a newer descriptor? */
666  e = digestmap_get(rend_cache_v2_dir, desc_id);
667  if (e && e->parsed->timestamp > parsed->timestamp) {
668  log_info(LD_REND, "We already have a newer service descriptor with the "
669  "same desc ID %s and version.",
670  safe_str(desc_id_base32));
671  goto skip;
672  }
673  /* Do we already have this descriptor? */
674  if (e && !strcmp(desc, e->desc)) {
675  log_info(LD_REND, "We already have this service descriptor with desc "
676  "ID %s.", safe_str(desc_id_base32));
677  goto skip;
678  }
679  /* Store received descriptor. */
680  if (!e) {
681  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
682  digestmap_set(rend_cache_v2_dir, desc_id, e);
683  /* Treat something just uploaded as having been served a little
684  * while ago, so that flooding with new descriptors doesn't help
685  * too much.
686  */
687  e->last_served = approx_time() - 3600;
688  } else {
690  rend_service_descriptor_free(e->parsed);
691  tor_free(e->desc);
692  }
693  e->parsed = parsed;
694  e->desc = tor_strndup(current_desc, encoded_size);
695  e->len = encoded_size;
697  log_info(LD_REND, "Successfully stored service descriptor with desc ID "
698  "'%s' and len %d.",
699  safe_str(desc_id_base32), (int)encoded_size);
700  /* Statistics: Note down this potentially new HS. */
701  if (options->HiddenServiceStatistics) {
703  }
704 
705  number_stored++;
706  goto advance;
707  skip:
708  rend_service_descriptor_free(parsed);
709  advance:
710  /* advance to next descriptor, if available. */
711  current_desc = next_desc;
712  /* check if there is a next descriptor. */
713  if (!current_desc ||
714  strcmpstart(current_desc, "rendezvous-service-descriptor "))
715  break;
716  }
717  if (!number_parsed) {
718  log_info(LD_REND, "Could not parse any descriptor.");
719  return -1;
720  }
721  log_info(LD_REND, "Parsed %d and added %d descriptor%s.",
722  number_parsed, number_stored, number_stored != 1 ? "s" : "");
723  return 0;
724 }
725 
735 int
737 {
738  rend_service_descriptor_t *parsed = NULL;
739  char desc_id[DIGEST_LEN];
740  char *intro_content = NULL;
741  size_t intro_size;
742  size_t encoded_size;
743  const char *next_desc;
744  char service_id[REND_SERVICE_ID_LEN_BASE32+1];
746  int retval = -1;
748  tor_assert(desc);
749 
750  /* Parse the descriptor. */
751  if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
752  &intro_size, &encoded_size,
753  &next_desc, desc, 0) < 0) {
754  log_warn(LD_REND, "Could not parse descriptor.");
755  goto err;
756  }
757  /* Compute service ID from public key. */
758  if (rend_get_service_id(parsed->pk, service_id)<0) {
759  log_warn(LD_REND, "Couldn't compute service ID.");
760  goto err;
761  }
762 
763  /* Do we already have a newer descriptor? Allow new descriptors with a
764  rounded timestamp equal to or newer than the current descriptor */
766  service_id);
767  if (e && e->parsed->timestamp > parsed->timestamp) {
768  log_info(LD_REND, "We already have a newer service descriptor for "
769  "service ID %s.", safe_str_client(service_id));
770  goto okay;
771  }
772  /* We don't care about the introduction points. */
773  tor_free(intro_content);
774  if (!e) {
775  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
776  strmap_set_lc(rend_cache_local_service, service_id, e);
777  } else {
779  rend_service_descriptor_free(e->parsed);
780  tor_free(e->desc);
781  }
782  e->parsed = parsed;
783  e->desc = tor_malloc_zero(encoded_size + 1);
784  strlcpy(e->desc, desc, encoded_size + 1);
785  e->len = encoded_size;
787  log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
788  safe_str_client(service_id), (int)encoded_size);
789  return 0;
790 
791  okay:
792  retval = 0;
793 
794  err:
795  rend_service_descriptor_free(parsed);
796  tor_free(intro_content);
797  return retval;
798 }
799 
816 int
818  const char *desc_id_base32,
819  const rend_data_t *rend_query,
820  rend_cache_entry_t **entry)
821 {
822  /*XXXX this seems to have a bit of duplicate code with
823  * rend_cache_store_v2_desc_as_dir(). Fix that. */
824  /* Though having similar elements, both functions were separated on
825  * purpose:
826  * - dirs don't care about encoded/encrypted introduction points, clients
827  * do.
828  * - dirs store descriptors in a separate cache by descriptor ID, whereas
829  * clients store them by service ID; both caches are different data
830  * structures and have different access methods.
831  * - dirs store a descriptor only if they are responsible for its ID,
832  * clients do so in every way (because they have requested it before).
833  * - dirs can process multiple concatenated descriptors which is required
834  * for replication, whereas clients only accept a single descriptor.
835  * Thus, combining both methods would result in a lot of if statements
836  * which probably would not improve, but worsen code readability. -KL */
837  rend_service_descriptor_t *parsed = NULL;
838  char desc_id[DIGEST_LEN];
839  char *intro_content = NULL;
840  size_t intro_size;
841  size_t encoded_size;
842  const char *next_desc;
843  time_t now = time(NULL);
844  char key[REND_SERVICE_ID_LEN_BASE32+2];
845  char service_id[REND_SERVICE_ID_LEN_BASE32+1];
846  char want_desc_id[DIGEST_LEN];
848  int retval = -1;
849  rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query);
850 
852  tor_assert(desc);
853  tor_assert(desc_id_base32);
854  memset(want_desc_id, 0, sizeof(want_desc_id));
855  if (entry) {
856  *entry = NULL;
857  }
858  if (base32_decode(want_desc_id, sizeof(want_desc_id),
859  desc_id_base32, strlen(desc_id_base32)) !=
860  sizeof(want_desc_id)) {
861  log_warn(LD_BUG, "Couldn't decode base32 %s for descriptor id.",
862  escaped_safe_str_client(desc_id_base32));
863  goto err;
864  }
865  /* Parse the descriptor. */
866  if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
867  &intro_size, &encoded_size,
868  &next_desc, desc, 0) < 0) {
869  log_warn(LD_REND, "Could not parse descriptor.");
870  goto err;
871  }
872  /* Compute service ID from public key. */
873  if (rend_get_service_id(parsed->pk, service_id)<0) {
874  log_warn(LD_REND, "Couldn't compute service ID.");
875  goto err;
876  }
877  if (rend_data->onion_address[0] != '\0' &&
878  strcmp(rend_data->onion_address, service_id)) {
879  log_warn(LD_REND, "Received service descriptor for service ID %s; "
880  "expected descriptor for service ID %s.",
881  service_id, safe_str(rend_data->onion_address));
882  goto err;
883  }
884  if (tor_memneq(desc_id, want_desc_id, DIGEST_LEN)) {
885  log_warn(LD_REND, "Received service descriptor for %s with incorrect "
886  "descriptor ID.", service_id);
887  goto err;
888  }
889 
890  /* Decode/decrypt introduction points. */
891  if (intro_content && intro_size > 0) {
892  int n_intro_points;
893  if (rend_data->auth_type != REND_NO_AUTH &&
895  sizeof(rend_data->descriptor_cookie))) {
896  char *ipos_decrypted = NULL;
897  size_t ipos_decrypted_size;
898  if (rend_decrypt_introduction_points(&ipos_decrypted,
899  &ipos_decrypted_size,
900  rend_data->descriptor_cookie,
901  intro_content,
902  intro_size) < 0) {
903  log_warn(LD_REND, "Failed to decrypt introduction points. We are "
904  "probably unable to parse the encoded introduction points.");
905  } else {
906  /* Replace encrypted with decrypted introduction points. */
907  log_info(LD_REND, "Successfully decrypted introduction points.");
908  tor_free(intro_content);
909  intro_content = ipos_decrypted;
910  intro_size = ipos_decrypted_size;
911  }
912  }
913  n_intro_points = rend_parse_introduction_points(parsed, intro_content,
914  intro_size);
915  if (n_intro_points <= 0) {
916  log_warn(LD_REND, "Failed to parse introduction points. Either the "
917  "service has published a corrupt descriptor or you have "
918  "provided invalid authorization data.");
919  goto err;
920  } else if (n_intro_points > MAX_INTRO_POINTS) {
921  log_warn(LD_REND, "Found too many introduction points on a hidden "
922  "service descriptor for %s. This is probably a (misguided) "
923  "attempt to improve reliability, but it could also be an "
924  "attempt to do a guard enumeration attack. Rejecting.",
925  safe_str_client(service_id));
926 
927  goto err;
928  }
929  } else {
930  log_info(LD_REND, "Descriptor does not contain any introduction points.");
931  parsed->intro_nodes = smartlist_new();
932  }
933  /* We don't need the encoded/encrypted introduction points any longer. */
934  tor_free(intro_content);
935  /* Is descriptor too old? */
936  if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
937  log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
938  safe_str_client(service_id));
939  goto err;
940  }
941  /* Is descriptor too far in the future? */
942  if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
943  log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
944  "the future.", safe_str_client(service_id));
945  goto err;
946  }
947  /* Do we have the same exact copy already in our cache? */
948  tor_snprintf(key, sizeof(key), "2%s", service_id);
950  if (e && !strcmp(desc, e->desc)) {
951  log_info(LD_REND,"We already have this service descriptor %s.",
952  safe_str_client(service_id));
953  goto okay;
954  }
955  /* Verify that we are not replacing an older descriptor. It's important to
956  * avoid an evil HSDir serving old descriptor. We validate if the
957  * timestamp is greater than and not equal because it's a rounded down
958  * timestamp to the hour so if the descriptor changed in the same hour,
959  * the rend cache failure will tell us if we have a new descriptor. */
960  if (e && e->parsed->timestamp > parsed->timestamp) {
961  log_info(LD_REND, "We already have a new enough service descriptor for "
962  "service ID %s with the same desc ID and version.",
963  safe_str_client(service_id));
964  goto okay;
965  }
966  /* Lookup our failure cache for intro point that might be unusable. */
967  validate_intro_point_failure(parsed, service_id);
968  /* It's now possible that our intro point list is empty, which means that
969  * this descriptor is useless to us because intro points have all failed
970  * somehow before. Discard the descriptor. */
971  if (smartlist_len(parsed->intro_nodes) == 0) {
972  log_info(LD_REND, "Service descriptor with service ID %s has no "
973  "usable intro points. Discarding it.",
974  safe_str_client(service_id));
975  goto err;
976  }
977  /* Now either purge the current one and replace its content or create a
978  * new one and add it to the rend cache. */
979  if (!e) {
980  e = tor_malloc_zero(sizeof(rend_cache_entry_t));
981  strmap_set_lc(rend_cache, key, e);
982  } else {
985  rend_service_descriptor_free(e->parsed);
986  tor_free(e->desc);
987  }
988  e->parsed = parsed;
989  e->desc = tor_malloc_zero(encoded_size + 1);
990  strlcpy(e->desc, desc, encoded_size + 1);
991  e->len = encoded_size;
993  log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
994  safe_str_client(service_id), (int)encoded_size);
995  if (entry) {
996  *entry = e;
997  }
998  return 0;
999 
1000  okay:
1001  if (entry) {
1002  *entry = e;
1003  }
1004  retval = 0;
1005 
1006  err:
1007  rend_service_descriptor_free(parsed);
1008  tor_free(intro_content);
1009  return retval;
1010 }
STATIC strmap_t * rend_cache
Definition: rendcache.c:26
Header file for rendcommon.c.
void * strmap_get_lc(const strmap_t *map, const char *key)
Definition: map.c:393
STATIC void rend_cache_failure_remove(rend_service_descriptor_t *desc)
Definition: rendcache.c:190
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Headers for di_ops.c.
rend_service_descriptor_t * parsed
Definition: rendcache.h:34
STATIC void cache_failure_intro_add(const uint8_t *identity, const char *service_id, rend_intro_point_failure_t failure)
Definition: rendcache.c:379
STATIC strmap_t * rend_cache_failure
Definition: rendcache.c:60
size_t len
Definition: rendcache.h:30
STATIC void rend_cache_entry_free_(rend_cache_entry_t *e)
Definition: rendcache.c:210
STATIC int cache_failure_intro_lookup(const uint8_t *identity, const char *service_id, rend_cache_failure_intro_t **intro_entry)
Definition: rendcache.c:335
char descriptor_cookie[REND_DESC_COOKIE_LEN]
Definition: or.h:446
void rend_cache_intro_failure_note(rend_intro_point_failure_t failure, const uint8_t *identity, const char *service_id)
Definition: rendcache.c:454
#define REND_CACHE_MAX_SKEW
Definition: rendcache.h:20
void rend_cache_purge(void)
Definition: rendcache.c:309
void rend_cache_failure_purge(void)
Definition: rendcache.c:321
int rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
Definition: rendcache.c:592
STATIC void rend_cache_failure_entry_free_(rend_cache_failure_t *entry)
Definition: rendcache.c:156
size_t rend_cache_clean_v2_descs_as_dir(time_t cutoff)
Definition: rendcache.c:475
#define REND_DESC_ID_V2_LEN_BASE32
Definition: or.h:354
int HiddenServiceStatistics
Header file for config.c.
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
int rend_parse_introduction_points(rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size)
Definition: rendparse.c:378
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:206
#define MAP_DEL_CURRENT(keyvar)
Definition: map.h:139
int rend_decrypt_introduction_points(char **ipos_decrypted, size_t *ipos_decrypted_size, const char *descriptor_cookie, const char *ipos_encrypted, size_t ipos_encrypted_size)
Definition: rendparse.c:267
#define tor_free(p)
Definition: malloc.h:52
void rend_cache_clean(time_t now, rend_cache_type_t cache_type)
Definition: rendcache.c:278
#define SMARTLIST_DEL_CURRENT(sl, var)
void * strmap_set_lc(strmap_t *map, const char *key, void *val)
Definition: map.c:379
STATIC digestmap_t * rend_cache_v2_dir
Definition: rendcache.c:33
STATIC void rend_cache_failure_entry_free_void(void *entry)
Definition: rendcache.c:172
Definition: rendcache.h:29
int base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:90
int rend_cache_store_v2_desc_as_dir(const char *desc)
Definition: rendcache.c:627
void rend_cache_free_all(void)
Definition: rendcache.c:233
tor_assert(buffer)
#define DIGEST_LEN
Definition: digest_sizes.h:20
Header file for rendcache.c.
void rend_cache_decrement_allocation(size_t n)
Definition: rendcache.c:96
void rend_cache_failure_clean(time_t now)
Definition: rendcache.c:254
STATIC void rend_cache_failure_intro_entry_free_(rend_cache_failure_intro_t *entry)
Definition: rendcache.c:129
void * strmap_remove_lc(strmap_t *map, const char *key)
Definition: map.c:405
Header file for rephist.c.
int rend_valid_v2_service_id(const char *query)
Definition: rendcommon.c:719
int rend_cache_store_v2_desc_as_client(const char *desc, const char *desc_id_base32, const rend_data_t *rend_query, rend_cache_entry_t **entry)
Definition: rendcache.c:817
#define LD_REND
Definition: log.h:81
int rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
Definition: rendcache.c:511
time_t last_served
Definition: rendcache.h:31
STATIC rend_cache_failure_intro_t * rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
Definition: rendcache.c:146
#define DIGESTMAP_FOREACH_END
Definition: map.h:167
#define REND_SERVICE_ID_LEN_BASE32
Definition: or.h:331
rend_auth_type_t auth_type
Definition: or.h:449
#define REND_CACHE_FAILURE_MAX_AGE
Definition: rendcache.h:22
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
char * desc
Definition: rendcache.h:33
#define REND_CACHE_MAX_AGE
Definition: rendcache.h:17
#define DIGESTMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar)
Definition: map.h:164
#define log_fn(severity, domain, args,...)
Definition: log.h:272
int rend_get_service_id(crypto_pk_t *pk, char *out)
Definition: rendcommon.c:706
STATIC void validate_intro_point_failure(const rend_service_descriptor_t *desc, const char *service_id)
Definition: rendcache.c:406
void rep_hist_stored_maybe_new_hs(const crypto_pk_t *pubkey)
Definition: rephist.c:2569
void rend_cache_init(void)
Definition: rendcache.c:68
time_t approx_time(void)
Definition: approx_time.c:32
STATIC rend_cache_failure_t * rend_cache_failure_entry_new(void)
Definition: rendcache.c:180
int safe_mem_is_zero(const void *mem, size_t sz)
Definition: di_ops.c:221
static void rend_cache_entry_free_void(void *p)
Definition: rendcache.c:226
int rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out, char *desc_id_out, char **intro_points_encrypted_out, size_t *intro_points_encrypted_size_out, size_t *encoded_size_out, const char **next_out, const char *desc, int as_hsdir)
Definition: rendparse.c:72
int rend_cache_store_v2_desc_as_service(const char *desc)
Definition: rendcache.c:736
void rend_cache_increment_allocation(size_t n)
Definition: rendcache.c:113
char onion_address[REND_SERVICE_ID_LEN_BASE32+1]
Definition: or.h:438
STATIC size_t rend_cache_entry_allocation(const rend_cache_entry_t *e)
Definition: rendcache.c:78
static rend_cache_failure_intro_t * cache_failure_intro_dup(const rend_cache_failure_intro_t *entry)
Definition: rendcache.c:367
static strmap_t * rend_cache_local_service
Definition: rendcache.c:29
#define LD_BUG
Definition: log.h:83
Header file for routerlist.c.
const char * escaped_safe_str_client(const char *address)
Definition: config.c:1103