Tor  0.4.5.0-alpha-dev
rendclient.c
Go to the documentation of this file.
1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
2  * Copyright (c) 2007-2020, The Tor Project, Inc. */
3 /* See LICENSE for licensing information */
4 
5 /**
6  * \file rendclient.c
7  * \brief Client code to access location-hidden services.
8  **/
9 
10 #include "core/or/or.h"
11 #include "app/config/config.h"
13 #include "core/mainloop/mainloop.h"
14 #include "core/or/circuitbuild.h"
15 #include "core/or/circuitlist.h"
16 #include "core/or/circuituse.h"
18 #include "core/or/extendinfo.h"
19 #include "core/or/relay.h"
20 #include "feature/client/circpathbias.h"
24 #include "feature/hs/hs_circuit.h"
25 #include "feature/hs/hs_client.h"
26 #include "feature/hs/hs_common.h"
34 #include "feature/stats/rephist.h"
38 #include "lib/encoding/confline.h"
39 
41 #include "core/or/crypt_path_st.h"
44 #include "core/or/extend_info_st.h"
49 
51  const rend_cache_entry_t *rend_query,
52  const int strict, const int warnings);
53 
54 /** Purge all potentially remotely-detectable state held in the hidden
55  * service client code. Called on SIGNAL NEWNYM. */
56 void
58 {
63 }
64 
65 /** Called when we've established a circuit to an introduction point:
66  * send the introduction request. */
67 void
69 {
71  tor_assert(circ->cpath);
72 
73  log_info(LD_REND,"introcirc is open");
75 }
76 
77 /** Send the establish-rendezvous cell along a rendezvous circuit. if
78  * it fails, mark the circ for close and return -1. else return 0.
79  */
80 static int
82 {
84  tor_assert(circ->rend_data);
85  log_info(LD_REND, "Sending an ESTABLISH_RENDEZVOUS cell");
86 
88 
89  /* Set timestamp_dirty, because circuit_expire_building expects it,
90  * and the rend cookie also means we've used the circ. */
91  circ->base_.timestamp_dirty = time(NULL);
92 
93  /* We've attempted to use this circuit. Probe it if we fail */
95 
96  if (relay_send_command_from_edge(0, TO_CIRCUIT(circ),
97  RELAY_COMMAND_ESTABLISH_RENDEZVOUS,
98  circ->rend_data->rend_cookie,
100  circ->cpath->prev)<0) {
101  /* circ is already marked for close */
102  log_warn(LD_GENERAL, "Couldn't send ESTABLISH_RENDEZVOUS cell");
103  return -1;
104  }
105 
106  return 0;
107 }
108 
109 /** Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell
110  * down introcirc if possible.
111  */
112 int
114  origin_circuit_t *rendcirc)
115 {
116  const or_options_t *options = get_options();
117  size_t payload_len;
118  int r, v3_shift = 0;
119  char payload[RELAY_PAYLOAD_SIZE];
120  char tmp[RELAY_PAYLOAD_SIZE];
121  rend_cache_entry_t *entry = NULL;
122  crypt_path_t *cpath;
123  ptrdiff_t dh_offset;
124  crypto_pk_t *intro_key = NULL;
125  int status = 0;
126  const char *onion_address;
127 
128  tor_assert(introcirc->base_.purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
129  tor_assert(rendcirc->base_.purpose == CIRCUIT_PURPOSE_C_REND_READY);
130  tor_assert(introcirc->rend_data);
131  tor_assert(rendcirc->rend_data);
133  rend_data_get_address(rendcirc->rend_data)));
134  assert_circ_anonymity_ok(introcirc, options);
135  assert_circ_anonymity_ok(rendcirc, options);
136  onion_address = rend_data_get_address(introcirc->rend_data);
137 
138  r = rend_cache_lookup_entry(onion_address, -1, &entry);
139  /* An invalid onion address is not possible else we have a big issue. */
140  tor_assert(r != -EINVAL);
141  if (r < 0 || !rend_client_any_intro_points_usable(entry)) {
142  /* If the descriptor is not found or the intro points are not usable
143  * anymore, trigger a fetch. */
144  log_info(LD_REND,
145  "query %s didn't have valid rend desc in cache. "
146  "Refetching descriptor.",
147  safe_str_client(onion_address));
149  {
150  connection_t *conn;
151 
153  AP_CONN_STATE_CIRCUIT_WAIT, onion_address))) {
154  connection_ap_mark_as_waiting_for_renddesc(TO_ENTRY_CONN(conn));
155  }
156  }
157 
158  status = -1;
159  goto cleanup;
160  }
161 
162  /* first 20 bytes of payload are the hash of the service's pk */
163  intro_key = NULL;
165  intro, {
166  if (tor_memeq(introcirc->build_state->chosen_exit->identity_digest,
167  intro->extend_info->identity_digest, DIGEST_LEN)) {
168  intro_key = intro->intro_key;
169  break;
170  }
171  });
172  if (!intro_key) {
173  log_info(LD_REND, "Could not find intro key for %s at %s; we "
174  "have a v2 rend desc with %d intro points. "
175  "Trying a different intro point...",
176  safe_str_client(onion_address),
177  safe_str_client(extend_info_describe(
178  introcirc->build_state->chosen_exit)),
179  smartlist_len(entry->parsed->intro_nodes));
180 
181  if (hs_client_reextend_intro_circuit(introcirc)) {
182  status = -2;
183  goto perm_err;
184  } else {
185  status = -1;
186  goto cleanup;
187  }
188  }
189  if (crypto_pk_get_digest(intro_key, payload)<0) {
190  log_warn(LD_BUG, "Internal error: couldn't hash public key.");
191  status = -2;
192  goto perm_err;
193  }
194 
195  /* Initialize the pending_final_cpath and start the DH handshake. */
196  cpath = rendcirc->build_state->pending_final_cpath;
197  if (!cpath) {
198  cpath = rendcirc->build_state->pending_final_cpath =
199  tor_malloc_zero(sizeof(crypt_path_t));
200  cpath->magic = CRYPT_PATH_MAGIC;
201  if (!(cpath->rend_dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
202  log_warn(LD_BUG, "Internal error: couldn't allocate DH.");
203  status = -2;
204  goto perm_err;
205  }
206  if (crypto_dh_generate_public(cpath->rend_dh_handshake_state)<0) {
207  log_warn(LD_BUG, "Internal error: couldn't generate g^x.");
208  status = -2;
209  goto perm_err;
210  }
211  }
212 
213  /* If version is 3, write (optional) auth data and timestamp. */
214  if (entry->parsed->protocols & (1<<3)) {
215  tmp[0] = 3; /* version 3 of the cell format */
216  /* auth type, if any */
217  tmp[1] = (uint8_t) TO_REND_DATA_V2(introcirc->rend_data)->auth_type;
218  v3_shift = 1;
219  if (tmp[1] != REND_NO_AUTH) {
220  set_uint16(tmp+2, htons(REND_DESC_COOKIE_LEN));
221  memcpy(tmp+4, TO_REND_DATA_V2(introcirc->rend_data)->descriptor_cookie,
223  v3_shift += 2+REND_DESC_COOKIE_LEN;
224  }
225  /* Once this held a timestamp. */
226  set_uint32(tmp+v3_shift+1, 0);
227  v3_shift += 4;
228  } /* if version 2 only write version number */
229  else if (entry->parsed->protocols & (1<<2)) {
230  tmp[0] = 2; /* version 2 of the cell format */
231  }
232 
233  /* write the remaining items into tmp */
234  if (entry->parsed->protocols & (1<<3) || entry->parsed->protocols & (1<<2)) {
235  /* version 2 format */
236  extend_info_t *extend_info = rendcirc->build_state->chosen_exit;
237  int klen;
238  const tor_addr_port_t *orport =
239  extend_info_get_orport(extend_info, AF_INET);
240  IF_BUG_ONCE(! orport) {
241  /* we should never put an IPv6 address here. */
242  goto perm_err;
243  }
244  /* nul pads */
245  set_uint32(tmp+v3_shift+1, tor_addr_to_ipv4n(&orport->addr));
246  set_uint16(tmp+v3_shift+5, htons(orport->port));
247  memcpy(tmp+v3_shift+7, extend_info->identity_digest, DIGEST_LEN);
248  klen = crypto_pk_asn1_encode(extend_info->onion_key,
249  tmp+v3_shift+7+DIGEST_LEN+2,
250  sizeof(tmp)-(v3_shift+7+DIGEST_LEN+2));
251  if (klen < 0) {
252  log_warn(LD_BUG,"Internal error: can't encode public key.");
253  status = -2;
254  goto perm_err;
255  }
256  set_uint16(tmp+v3_shift+7+DIGEST_LEN, htons(klen));
257  memcpy(tmp+v3_shift+7+DIGEST_LEN+2+klen, rendcirc->rend_data->rend_cookie,
259  dh_offset = v3_shift+7+DIGEST_LEN+2+klen+REND_COOKIE_LEN;
260  } else {
261  /* Version 0. */
262 
263  /* Some compilers are smart enough to work out that nickname can be more
264  * than 19 characters, when it's a hexdigest. They warn that strncpy()
265  * will truncate hexdigests without NUL-terminating them. But we only put
266  * hexdigests in HSDir and general circuit exits. */
267  if (BUG(strlen(rendcirc->build_state->chosen_exit->nickname)
268  > MAX_NICKNAME_LEN)) {
269  goto perm_err;
270  }
271  strncpy(tmp, rendcirc->build_state->chosen_exit->nickname,
272  (MAX_NICKNAME_LEN+1)); /* nul pads */
273  memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_data->rend_cookie,
275  dh_offset = MAX_NICKNAME_LEN+1+REND_COOKIE_LEN;
276  }
277 
278  if (crypto_dh_get_public(cpath->rend_dh_handshake_state, tmp+dh_offset,
279  DH1024_KEY_LEN)<0) {
280  log_warn(LD_BUG, "Internal error: couldn't extract g^x.");
281  status = -2;
282  goto perm_err;
283  }
284 
285  /*XXX maybe give crypto_pk_obsolete_public_hybrid_encrypt a max_len arg,
286  * to avoid buffer overflows? */
288  sizeof(payload)-DIGEST_LEN,
289  tmp,
290  (int)(dh_offset+DH1024_KEY_LEN),
292  if (r<0) {
293  log_warn(LD_BUG,"Internal error: hybrid pk encrypt failed.");
294  status = -2;
295  goto perm_err;
296  }
297 
298  payload_len = DIGEST_LEN + r;
299  tor_assert(payload_len <= RELAY_PAYLOAD_SIZE); /* we overran something */
300 
301  /* Copy the rendezvous cookie from rendcirc to introcirc, so that
302  * when introcirc gets an ack, we can change the state of the right
303  * rendezvous circuit. */
304  memcpy(introcirc->rend_data->rend_cookie, rendcirc->rend_data->rend_cookie,
306 
307  log_info(LD_REND, "Sending an INTRODUCE1 cell");
308  if (relay_send_command_from_edge(0, TO_CIRCUIT(introcirc),
309  RELAY_COMMAND_INTRODUCE1,
310  payload, payload_len,
311  introcirc->cpath->prev)<0) {
312  /* introcirc is already marked for close. leave rendcirc alone. */
313  log_warn(LD_BUG, "Couldn't send INTRODUCE1 cell");
314  status = -2;
315  goto cleanup;
316  }
317 
318  /* Now, we wait for an ACK or NAK on this circuit. */
321  /* Set timestamp_dirty, because circuit_expire_building expects it
322  * to specify when a circuit entered the _C_INTRODUCE_ACK_WAIT
323  * state. */
324  introcirc->base_.timestamp_dirty = time(NULL);
325 
326  pathbias_count_use_attempt(introcirc);
327 
328  goto cleanup;
329 
330  perm_err:
331  if (!introcirc->base_.marked_for_close)
332  circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
333  circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
334  cleanup:
335  memwipe(payload, 0, sizeof(payload));
336  memwipe(tmp, 0, sizeof(tmp));
337 
338  return status;
339 }
340 
341 /** Called when a rendezvous circuit is open; sends a establish
342  * rendezvous circuit as appropriate. */
343 void
345 {
347 
348  log_info(LD_REND,"rendcirc is open");
349 
350  /* generate a rendezvous cookie, store it in circ */
352  return;
353  }
354 }
355 
356 /**
357  * Called to close other intro circuits we launched in parallel.
358  */
359 static void
360 rend_client_close_other_intros(const uint8_t *rend_pk_digest)
361 {
362  /* abort parallel intro circs, if any */
364  if ((c->purpose == CIRCUIT_PURPOSE_C_INTRODUCING ||
365  c->purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) &&
366  !c->marked_for_close && CIRCUIT_IS_ORIGIN(c)) {
368  if (oc->rend_data &&
369  rend_circuit_pk_digest_eq(oc, rend_pk_digest)) {
370  log_info(LD_REND|LD_CIRC, "Closing introduction circuit %d that we "
371  "built in parallel (Purpose %d).", oc->global_identifier,
372  c->purpose);
373  circuit_mark_for_close(c, END_CIRC_REASON_IP_NOW_REDUNDANT);
374  }
375  }
376  }
377  SMARTLIST_FOREACH_END(c);
378 }
379 
380 /** Called when get an ACK or a NAK for a REND_INTRODUCE1 cell.
381  */
382 int
384  const uint8_t *request, size_t request_len)
385 {
386  const or_options_t *options = get_options();
387  origin_circuit_t *rendcirc;
388  (void) request; // XXXX Use this.
389 
390  tor_assert(circ->build_state);
392  assert_circ_anonymity_ok(circ, options);
393  tor_assert(circ->rend_data);
394 
395  if (request_len == 0) {
396  /* It's an ACK; the introduction point relayed our introduction request. */
397  /* Locate the rend circ which is waiting to hear about this ack,
398  * and tell it.
399  */
400  log_info(LD_REND,"Received ack. Telling rend circ...");
402  if (rendcirc) { /* remember the ack */
403  assert_circ_anonymity_ok(rendcirc, options);
406  /* Set timestamp_dirty, because circuit_expire_building expects
407  * it to specify when a circuit entered the
408  * _C_REND_READY_INTRO_ACKED state. */
409  rendcirc->base_.timestamp_dirty = time(NULL);
410  } else {
411  log_info(LD_REND,"...Found no rend circ. Dropping on the floor.");
412  }
413  /* Save the rend data digest to a temporary object so that we don't access
414  * it after we mark the circuit for close. */
415  const uint8_t *rend_digest_tmp = NULL;
416  size_t digest_len;
417  uint8_t *cached_rend_digest = NULL;
418  rend_digest_tmp = rend_data_get_pk_digest(circ->rend_data, &digest_len);
419  cached_rend_digest = tor_malloc_zero(digest_len);
420  memcpy(cached_rend_digest, rend_digest_tmp, digest_len);
421 
422  /* close the circuit: we won't need it anymore. */
425  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
426 
427  /* close any other intros launched in parallel */
428  rend_client_close_other_intros(cached_rend_digest);
429  tor_free(cached_rend_digest); /* free the temporary digest */
430  } else {
431  /* It's a NAK; the introduction point didn't relay our request. */
433  /* Remove this intro point from the set of viable introduction
434  * points. If any remain, extend to a new one and try again.
435  * If none remain, refetch the service descriptor.
436  */
437  log_info(LD_REND, "Got nack for %s from %s...",
438  safe_str_client(rend_data_get_address(circ->rend_data)),
439  safe_str_client(extend_info_describe(circ->build_state->chosen_exit)));
441  circ->rend_data,
442  INTRO_POINT_FAILURE_GENERIC)>0) {
443  /* There are introduction points left. Re-extend the circuit to
444  * another intro point and try again. */
445  int result = hs_client_reextend_intro_circuit(circ);
446  /* XXXX If that call failed, should we close the rend circuit,
447  * too? */
448  return result;
449  } else {
450  /* Close circuit because no more intro points are usable thus not
451  * useful anymore. Change it's purpose before so we don't report an
452  * intro point failure again triggering an extra descriptor fetch. */
455  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
456  }
457  }
458  return 0;
459 }
460 
461 /** Determine the responsible hidden service directories for <b>desc_id</b>
462  * and fetch the descriptor with that ID from one of them. Only
463  * send a request to a hidden service directory that we have not yet tried
464  * during this attempt to connect to this hidden service; on success, return 1,
465  * in the case that no hidden service directory is left to ask for the
466  * descriptor, return 0, and in case of a failure -1. */
467 static int
468 directory_get_from_hs_dir(const char *desc_id,
469  const rend_data_t *rend_query,
470  routerstatus_t *rs_hsdir)
471 {
472  routerstatus_t *hs_dir = rs_hsdir;
473  char *hsdir_fp;
474  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
475  char descriptor_cookie_base64[3*REND_DESC_COOKIE_LEN_BASE64];
476  const rend_data_v2_t *rend_data;
477  const int how_to_fetch = DIRIND_ANONYMOUS;
478 
479  tor_assert(desc_id);
480  tor_assert(rend_query);
481  rend_data = TO_REND_DATA_V2(rend_query);
482 
483  base32_encode(desc_id_base32, sizeof(desc_id_base32),
484  desc_id, DIGEST_LEN);
485 
486  /* Automatically pick an hs dir if none given. */
487  if (!rs_hsdir) {
488  bool rate_limited = false;
489 
490  /* Determine responsible dirs. Even if we can't get all we want, work with
491  * the ones we have. If it's empty, we'll notice in hs_pick_hsdir(). */
492  smartlist_t *responsible_dirs = smartlist_new();
493  hid_serv_get_responsible_directories(responsible_dirs, desc_id);
494 
495  hs_dir = hs_pick_hsdir(responsible_dirs, desc_id_base32, &rate_limited);
496  if (!hs_dir) {
497  /* No suitable hs dir can be found, stop right now. */
498  const char *query_response = (rate_limited) ? "QUERY_RATE_LIMITED" :
499  "QUERY_NO_HSDIR";
500  control_event_hsv2_descriptor_failed(rend_query, NULL, query_response);
502  desc_id_base32, NULL, NULL);
503  return 0;
504  }
505  }
506 
507  /* Add a copy of the HSDir identity digest to the query so we can track it
508  * on the control port. */
509  hsdir_fp = tor_memdup(hs_dir->identity_digest,
510  sizeof(hs_dir->identity_digest));
511  smartlist_add(rend_query->hsdirs_fp, hsdir_fp);
512 
513  /* Encode descriptor cookie for logging purposes. Also, if the cookie is
514  * malformed, no fetch is triggered thus this needs to be done before the
515  * fetch request. */
516  if (rend_data->auth_type != REND_NO_AUTH) {
517  if (base64_encode(descriptor_cookie_base64,
518  sizeof(descriptor_cookie_base64),
519  rend_data->descriptor_cookie,
521  0)<0) {
522  log_warn(LD_BUG, "Could not base64-encode descriptor cookie.");
523  control_event_hsv2_descriptor_failed(rend_query, hsdir_fp, "BAD_DESC");
525  desc_id_base32, hsdir_fp, NULL);
526  return 0;
527  }
528  /* Remove == signs. */
529  descriptor_cookie_base64[strlen(descriptor_cookie_base64)-2] = '\0';
530  } else {
531  strlcpy(descriptor_cookie_base64, "(none)",
532  sizeof(descriptor_cookie_base64));
533  }
534 
535  /* Send fetch request. (Pass query and possibly descriptor cookie so that
536  * they can be written to the directory connection and be referred to when
537  * the response arrives. */
538  directory_request_t *req =
541  directory_request_set_indirection(req, how_to_fetch);
542  directory_request_set_resource(req, desc_id_base32);
543  directory_request_set_rend_query(req, rend_query);
545  directory_request_free(req);
546 
547  log_info(LD_REND, "Sending fetch request for v2 descriptor for "
548  "service '%s' with descriptor ID '%s', auth type %d, "
549  "and descriptor cookie '%s' to hidden service "
550  "directory %s",
551  rend_data->onion_address, desc_id_base32,
552  rend_data->auth_type,
553  (rend_data->auth_type == REND_NO_AUTH ? "[none]" :
554  escaped_safe_str_client(descriptor_cookie_base64)),
555  routerstatus_describe(hs_dir));
557  rend_data->auth_type,
558  hs_dir->identity_digest,
559  desc_id_base32, NULL);
560  return 1;
561 }
562 
563 /** Remove tracked HSDir requests from our history for this hidden service
564  * descriptor <b>desc_id</b> (of size DIGEST_LEN) */
565 static void
566 purge_v2_hidserv_req(const char *desc_id)
567 {
568  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
569 
570  /* The hsdir request tracker stores v2 keys using the base32 encoded
571  desc_id. Do it: */
572  base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
573  DIGEST_LEN);
575 }
576 
577 /** Fetch a v2 descriptor using the given descriptor id. If any hsdir(s) are
578  * given, they will be used instead.
579  *
580  * On success, 1 is returned. If no hidden service is left to ask, return 0.
581  * On error, -1 is returned. */
582 static int
583 fetch_v2_desc_by_descid(const char *desc_id,
584  const rend_data_t *rend_query, smartlist_t *hsdirs)
585 {
586  int ret;
587 
588  tor_assert(rend_query);
589 
590  if (!hsdirs) {
591  ret = directory_get_from_hs_dir(desc_id, rend_query, NULL);
592  goto end; /* either success or failure, but we're done */
593  }
594 
595  /* Using the given hsdir list, trigger a fetch on each of them. */
596  SMARTLIST_FOREACH_BEGIN(hsdirs, routerstatus_t *, hs_dir) {
597  /* This should always be a success. */
598  ret = directory_get_from_hs_dir(desc_id, rend_query, hs_dir);
599  tor_assert(ret);
600  } SMARTLIST_FOREACH_END(hs_dir);
601 
602  /* Everything went well. */
603  ret = 0;
604 
605  end:
606  return ret;
607 }
608 
609 /** Fetch a v2 descriptor using the onion address in the given query object.
610  * This will compute the descriptor id for each replicas and fetch it on the
611  * given hsdir(s) if any or the responsible ones that are chosen
612  * automatically.
613  *
614  * On success, 1 is returned. If no hidden service is left to ask, return 0.
615  * On error, -1 is returned. */
616 static int
618 {
619  char descriptor_id[DIGEST_LEN];
620  int replicas_left_to_try[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS];
621  int i, tries_left, ret;
622  rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query);
623 
624  /* Randomly iterate over the replicas until a descriptor can be fetched
625  * from one of the consecutive nodes, or no options are left. */
626  for (i = 0; i < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; i++) {
627  replicas_left_to_try[i] = i;
628  }
629 
631  while (tries_left > 0) {
632  int rand_val = crypto_rand_int(tries_left);
633  int chosen_replica = replicas_left_to_try[rand_val];
634  replicas_left_to_try[rand_val] = replicas_left_to_try[--tries_left];
635 
636  ret = rend_compute_v2_desc_id(descriptor_id,
637  rend_data->onion_address,
638  rend_data->auth_type == REND_STEALTH_AUTH ?
639  rend_data->descriptor_cookie : NULL,
640  time(NULL), chosen_replica);
641  if (ret < 0) {
642  /* Normally, on failure the descriptor_id is untouched but let's be
643  * safe in general in case the function changes at some point. */
644  goto end;
645  }
646 
647  if (tor_memcmp(descriptor_id, rend_data->descriptor_id[chosen_replica],
648  sizeof(descriptor_id)) != 0) {
649  /* Not equal from what we currently have so purge the last hid serv
650  * request cache and update the descriptor ID with the new value. */
651  purge_v2_hidserv_req(rend_data->descriptor_id[chosen_replica]);
652  memcpy(rend_data->descriptor_id[chosen_replica], descriptor_id,
653  sizeof(rend_data->descriptor_id[chosen_replica]));
654  }
655 
656  /* Trigger the fetch with the computed descriptor ID. */
657  ret = fetch_v2_desc_by_descid(descriptor_id, rend_query, hsdirs);
658  if (ret != 0) {
659  /* Either on success or failure, as long as we tried a fetch we are
660  * done here. */
661  goto end;
662  }
663  }
664 
665  /* If we come here, there are no hidden service directories left. */
666  log_info(LD_REND, "Could not pick one of the responsible hidden "
667  "service directories to fetch descriptors, because "
668  "we already tried them all unsuccessfully.");
669  ret = 0;
670 
671  end:
672  memwipe(descriptor_id, 0, sizeof(descriptor_id));
673  return ret;
674 }
675 
676 /** Fetch a v2 descriptor using the given query. If any hsdir are specified,
677  * use them for the fetch.
678  *
679  * On success, 1 is returned. If no hidden service is left to ask, return 0.
680  * On error, -1 is returned. */
681 int
683 {
684  int ret;
685  rend_data_v2_t *rend_data;
686  const char *onion_address;
687 
688  tor_assert(query);
689 
690  /* Get the version 2 data structure of the query. */
691  rend_data = TO_REND_DATA_V2(query);
692  onion_address = rend_data_get_address(query);
693 
694  /* Depending on what's available in the rend data query object, we will
695  * trigger a fetch by HS address or using a descriptor ID. */
696 
697  if (onion_address[0] != '\0') {
698  ret = fetch_v2_desc_by_addr(query, hsdirs);
699  } else if (!tor_digest_is_zero(rend_data->desc_id_fetch)) {
700  ret = fetch_v2_desc_by_descid(rend_data->desc_id_fetch, query,
701  hsdirs);
702  } else {
703  /* Query data is invalid. */
704  ret = -1;
705  goto error;
706  }
707 
708  error:
709  return ret;
710 }
711 
712 /** Unless we already have a descriptor for <b>rend_query</b> with at least
713  * one (possibly) working introduction point in it, start a connection to a
714  * hidden service directory to fetch a v2 rendezvous service descriptor. */
715 void
717 {
718  rend_cache_entry_t *e = NULL;
719  const char *onion_address = rend_data_get_address(rend_query);
720 
721  tor_assert(rend_query);
722  /* Before fetching, check if we already have a usable descriptor here. */
723  if (rend_cache_lookup_entry(onion_address, -1, &e) == 0 &&
725  log_info(LD_REND, "We would fetch a v2 rendezvous descriptor, but we "
726  "already have a usable descriptor here. Not fetching.");
727  return;
728  }
729  /* Are we configured to fetch descriptors? */
730  if (!get_options()->FetchHidServDescriptors) {
731  log_warn(LD_REND, "We received an onion address for a v2 rendezvous "
732  "service descriptor, but are not fetching service descriptors.");
733  return;
734  }
735  log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s",
736  safe_str_client(onion_address));
737 
738  rend_client_fetch_v2_desc(rend_query, NULL);
739  /* We don't need to look the error code because either on failure or
740  * success, the necessary steps to continue the HS connection will be
741  * triggered once the descriptor arrives or if all fetch failed. */
742  return;
743 }
744 
745 /** Cancel all rendezvous descriptor fetches currently in progress.
746  */
747 void
749 {
751 
753  if (conn->type == CONN_TYPE_DIR &&
754  conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2) {
755  /* It's a rendezvous descriptor fetch in progress -- cancel it
756  * by marking the connection for close.
757  *
758  * Even if this connection has already reached EOF, this is
759  * enough to make sure that if the descriptor hasn't been
760  * processed yet, it won't be. See the end of
761  * connection_handle_read; connection_reached_eof (indirectly)
762  * processes whatever response the connection received. */
763 
764  const rend_data_t *rd = (TO_DIR_CONN(conn))->rend_data;
765  if (!rd) {
766  log_warn(LD_BUG | LD_REND,
767  "Marking for close dir conn fetching rendezvous "
768  "descriptor for unknown service!");
769  } else {
770  log_debug(LD_REND, "Marking for close dir conn fetching "
771  "rendezvous descriptor for service %s",
772  safe_str(rend_data_get_address(rd)));
773  }
774  connection_mark_for_close(conn);
775  }
776  } SMARTLIST_FOREACH_END(conn);
777 }
778 
779 /** Mark <b>failed_intro</b> as a failed introduction point for the
780  * hidden service specified by <b>rend_query</b>. If the HS now has no
781  * usable intro points, or we do not have an HS descriptor for it,
782  * then launch a new renddesc fetch.
783  *
784  * If <b>failure_type</b> is INTRO_POINT_FAILURE_GENERIC, remove the
785  * intro point from (our parsed copy of) the HS descriptor.
786  *
787  * If <b>failure_type</b> is INTRO_POINT_FAILURE_TIMEOUT, mark the
788  * intro point as 'timed out'; it will not be retried until the
789  * current hidden service connection attempt has ended or it has
790  * appeared in a newly fetched rendezvous descriptor.
791  *
792  * If <b>failure_type</b> is INTRO_POINT_FAILURE_UNREACHABLE,
793  * increment the intro point's reachability-failure count; if it has
794  * now failed MAX_INTRO_POINT_REACHABILITY_FAILURES or more times,
795  * remove the intro point from (our parsed copy of) the HS descriptor.
796  *
797  * Return -1 if error, 0 if no usable intro points remain or service
798  * unrecognized, 1 if recognized and some intro points remain.
799  */
800 int
802  rend_data_t *rend_data,
803  unsigned int failure_type)
804 {
805  int i, r;
806  rend_cache_entry_t *ent;
807  connection_t *conn;
808  const char *onion_address = rend_data_get_address(rend_data);
809 
810  r = rend_cache_lookup_entry(onion_address, -1, &ent);
811  if (r < 0) {
812  /* Either invalid onion address or cache entry not found. */
813  switch (-r) {
814  case EINVAL:
815  log_warn(LD_BUG, "Malformed service ID %s.",
816  escaped_safe_str_client(onion_address));
817  return -1;
818  case ENOENT:
819  log_info(LD_REND, "Unknown service %s. Re-fetching descriptor.",
820  escaped_safe_str_client(onion_address));
822  return 0;
823  default:
824  log_warn(LD_BUG, "Unknown cache lookup returned code: %d", r);
825  return -1;
826  }
827  }
828  /* The intro points are not checked here if they are usable or not because
829  * this is called when an intro point circuit is closed thus there must be
830  * at least one intro point that is usable and is about to be flagged. */
831 
832  for (i = 0; i < smartlist_len(ent->parsed->intro_nodes); i++) {
833  rend_intro_point_t *intro = smartlist_get(ent->parsed->intro_nodes, i);
834  if (tor_memeq(failed_intro->identity_digest,
836  switch (failure_type) {
837  default:
838  log_warn(LD_BUG, "Unknown failure type %u. Removing intro point.",
839  failure_type);
841  FALLTHROUGH;
842  case INTRO_POINT_FAILURE_GENERIC:
843  rend_cache_intro_failure_note(failure_type,
844  (uint8_t *)failed_intro->identity_digest,
845  onion_address);
846  rend_intro_point_free(intro);
847  smartlist_del(ent->parsed->intro_nodes, i);
848  break;
849  case INTRO_POINT_FAILURE_TIMEOUT:
850  intro->timed_out = 1;
851  break;
852  case INTRO_POINT_FAILURE_UNREACHABLE:
853  ++(intro->unreachable_count);
854  {
855  int zap_intro_point =
857  log_info(LD_REND, "Failed to reach this intro point %u times.%s",
858  intro->unreachable_count,
859  zap_intro_point ? " Removing from descriptor.": "");
860  if (zap_intro_point) {
862  failure_type,
863  (uint8_t *) failed_intro->identity_digest, onion_address);
864  rend_intro_point_free(intro);
865  smartlist_del(ent->parsed->intro_nodes, i);
866  }
867  }
868  break;
869  }
870  break;
871  }
872  }
873 
875  log_info(LD_REND,
876  "No more intro points remain for %s. Re-fetching descriptor.",
877  escaped_safe_str_client(onion_address));
879 
880  /* move all pending streams back to renddesc_wait */
881  /* NOTE: We can now do this faster, if we use pending_entry_connections */
884  onion_address))) {
885  connection_ap_mark_as_waiting_for_renddesc(TO_ENTRY_CONN(conn));
886  }
887 
888  return 0;
889  }
890  log_info(LD_REND,"%d options left for %s.",
891  smartlist_len(ent->parsed->intro_nodes),
892  escaped_safe_str_client(onion_address));
893  return 1;
894 }
895 
896 /** The service sent us a rendezvous cell; join the circuits. */
897 int
898 rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request,
899  size_t request_len)
900 {
901  if (request_len != DH1024_KEY_LEN+DIGEST_LEN) {
902  log_warn(LD_PROTOCOL,"Incorrect length (%d) on RENDEZVOUS2 cell.",
903  (int)request_len);
904  goto err;
905  }
906 
907  if (hs_circuit_setup_e2e_rend_circ_legacy_client(circ, request) < 0) {
908  log_warn(LD_GENERAL, "Failed to setup circ");
909  goto err;
910  }
911  return 0;
912 
913  err:
914  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
915  return -1;
916 }
917 
918 /** Find all the apconns in state AP_CONN_STATE_RENDDESC_WAIT that are
919  * waiting on <b>query</b>. If there's a working cache entry here with at
920  * least one intro point, move them to the next state. */
921 void
922 rend_client_desc_trynow(const char *query)
923 {
924  entry_connection_t *conn;
925  rend_cache_entry_t *entry;
926  const rend_data_t *rend_data;
927  time_t now = time(NULL);
928 
930  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
931  if (base_conn->type != CONN_TYPE_AP ||
932  base_conn->state != AP_CONN_STATE_RENDDESC_WAIT ||
933  base_conn->marked_for_close)
934  continue;
935  conn = TO_ENTRY_CONN(base_conn);
936  rend_data = ENTRY_TO_EDGE_CONN(conn)->rend_data;
937  if (!rend_data)
938  continue;
939  const char *onion_address = rend_data_get_address(rend_data);
940  if (rend_cmp_service_ids(query, onion_address))
941  continue;
942  assert_connection_ok(base_conn, now);
943  if (rend_cache_lookup_entry(onion_address, -1,
944  &entry) == 0 &&
946  /* either this fetch worked, or it failed but there was a
947  * valid entry from before which we should reuse */
948  log_info(LD_REND,"Rend desc is usable. Launching circuits.");
949  base_conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
950 
951  /* restart their timeout values, so they get a fair shake at
952  * connecting to the hidden service. */
953  base_conn->timestamp_created = now;
954  base_conn->timestamp_last_read_allowed = now;
955  base_conn->timestamp_last_write_allowed = now;
956 
957  connection_ap_mark_as_pending_circuit(conn);
958  } else { /* 404, or fetch didn't get that far */
959  log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
960  "unavailable (try again later).",
961  safe_str_client(query));
962  connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED);
964  }
965  } SMARTLIST_FOREACH_END(base_conn);
966 }
967 
968 /** Clear temporary state used only during an attempt to connect to the
969  * hidden service with <b>rend_data</b>. Called when a connection attempt
970  * has ended; it is possible for this to be called multiple times while
971  * handling an ended connection attempt, and any future changes to this
972  * function must ensure it remains idempotent. */
973 void
975 {
976  unsigned int have_onion = 0;
977  rend_cache_entry_t *cache_entry = NULL;
978  const char *onion_address = rend_data_get_address(rend_data);
979  rend_data_v2_t *rend_data_v2 = TO_REND_DATA_V2(rend_data);
980 
981  if (onion_address[0] != '\0') {
982  /* Ignore return value; we find an entry, or we don't. */
983  (void) rend_cache_lookup_entry(onion_address, -1, &cache_entry);
984  have_onion = 1;
985  }
986 
987  /* Clear the timed_out flag on all remaining intro points for this HS. */
988  if (cache_entry != NULL) {
989  SMARTLIST_FOREACH(cache_entry->parsed->intro_nodes,
990  rend_intro_point_t *, ip,
991  ip->timed_out = 0; );
992  }
993 
994  /* Remove the HS's entries in last_hid_serv_requests. */
995  if (have_onion) {
996  unsigned int replica;
997  for (replica = 0; replica < ARRAY_LENGTH(rend_data_v2->descriptor_id);
998  replica++) {
999  const char *desc_id = rend_data_v2->descriptor_id[replica];
1000  purge_v2_hidserv_req(desc_id);
1001  }
1002  log_info(LD_REND, "Connection attempt for %s has ended; "
1003  "cleaning up temporary state.",
1004  safe_str_client(onion_address));
1005  } else {
1006  /* We only have an ID for a fetch. Probably used by HSFETCH. */
1007  purge_v2_hidserv_req(rend_data_v2->desc_id_fetch);
1008  }
1009 }
1010 
1011 /** Return a newly allocated extend_info_t* for a randomly chosen introduction
1012  * point for the named hidden service. Return NULL if all introduction points
1013  * have been tried and failed.
1014  */
1015 extend_info_t *
1017 {
1018  int ret;
1019  extend_info_t *result;
1020  rend_cache_entry_t *entry;
1021  const char *onion_address = rend_data_get_address(rend_query);
1022 
1023  ret = rend_cache_lookup_entry(onion_address, -1, &entry);
1024  if (ret < 0 || !rend_client_any_intro_points_usable(entry)) {
1025  log_warn(LD_REND,
1026  "Query '%s' didn't have valid rend desc in cache. Failing.",
1027  safe_str_client(onion_address));
1028  /* XXX: Should we refetch the descriptor here if the IPs are not usable
1029  * anymore ?. */
1030  return NULL;
1031  }
1032 
1033  /* See if we can get a node that complies with ExcludeNodes */
1034  if ((result = rend_client_get_random_intro_impl(entry, 1, 1)))
1035  return result;
1036  /* If not, and StrictNodes is not set, see if we can return any old node
1037  */
1038  if (!get_options()->StrictNodes)
1039  return rend_client_get_random_intro_impl(entry, 0, 1);
1040  return NULL;
1041 }
1042 
1043 /** As rend_client_get_random_intro, except assume that StrictNodes is set
1044  * iff <b>strict</b> is true. If <b>warnings</b> is false, don't complain
1045  * to the user when we're out of nodes, even if StrictNodes is true.
1046  */
1047 static extend_info_t *
1049  const int strict,
1050  const int warnings)
1051 {
1052  int i;
1053 
1054  rend_intro_point_t *intro;
1055  const or_options_t *options = get_options();
1056  smartlist_t *usable_nodes;
1057  int n_excluded = 0;
1058  char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
1059 
1060  /* We'll keep a separate list of the usable nodes. If this becomes empty,
1061  * no nodes are usable. */
1062  usable_nodes = smartlist_new();
1063  smartlist_add_all(usable_nodes, entry->parsed->intro_nodes);
1064 
1065  /* Get service ID so we can use it to query the failure cache. If we fail to
1066  * parse it, this cache entry is no good. */
1067  if (BUG(rend_get_service_id(entry->parsed->pk, service_id) < 0)) {
1068  smartlist_free(usable_nodes);
1069  return NULL;
1070  }
1071 
1072  /* Remove the intro points that have timed out during this HS
1073  * connection attempt from our list of usable nodes. */
1074  SMARTLIST_FOREACH_BEGIN(usable_nodes, const rend_intro_point_t *, ip) {
1075  bool failed_intro =
1077  (const uint8_t *) ip->extend_info->identity_digest);
1078  if (ip->timed_out || failed_intro) {
1079  SMARTLIST_DEL_CURRENT(usable_nodes, ip);
1080  };
1081  } SMARTLIST_FOREACH_END(ip);
1082 
1083  again:
1084  if (smartlist_len(usable_nodes) == 0) {
1085  if (n_excluded && get_options()->StrictNodes && warnings) {
1086  /* We only want to warn if StrictNodes is really set. Otherwise
1087  * we're just about to retry anyways.
1088  */
1089  log_warn(LD_REND, "All introduction points for hidden service are "
1090  "at excluded relays, and StrictNodes is set. Skipping.");
1091  }
1092  smartlist_free(usable_nodes);
1093  return NULL;
1094  }
1095 
1096  i = crypto_rand_int(smartlist_len(usable_nodes));
1097  intro = smartlist_get(usable_nodes, i);
1098  if (BUG(!intro->extend_info)) {
1099  /* This should never happen, but it isn't fatal, just try another */
1100  smartlist_del(usable_nodes, i);
1101  goto again;
1102  }
1103  /* All version 2 HS descriptors come with a TAP onion key.
1104  * Clients used to try to get the TAP onion key from the consensus, but this
1105  * meant that hidden services could discover which consensus clients have. */
1106  if (!extend_info_supports_tap(intro->extend_info)) {
1107  log_info(LD_REND, "The HS descriptor is missing a TAP onion key for the "
1108  "intro-point relay '%s'; trying another.",
1109  safe_str_client(extend_info_describe(intro->extend_info)));
1110  smartlist_del(usable_nodes, i);
1111  goto again;
1112  }
1113  /* Check if we should refuse to talk to this router. */
1114  if (strict &&
1116  intro->extend_info)) {
1117  n_excluded++;
1118  smartlist_del(usable_nodes, i);
1119  goto again;
1120  }
1121 
1122  smartlist_free(usable_nodes);
1123  return extend_info_dup(intro->extend_info);
1124 }
1125 
1126 /** Return true iff any introduction points still listed in <b>entry</b> are
1127  * usable. */
1128 int
1130 {
1131  extend_info_t *extend_info =
1132  rend_client_get_random_intro_impl(entry, get_options()->StrictNodes, 0);
1133 
1134  int rv = (extend_info != NULL);
1135 
1136  extend_info_free(extend_info);
1137  return rv;
1138 }
1139 
1140 /** Client-side authorizations for hidden services; map of onion address to
1141  * rend_service_authorization_t*. */
1142 static strmap_t *auth_hid_servs = NULL;
1143 
1144 /** Look up the client-side authorization for the hidden service with
1145  * <b>onion_address</b>. Return NULL if no authorization is available for
1146  * that address. */
1149 {
1150  tor_assert(onion_address);
1151  if (!auth_hid_servs) return NULL;
1152  return strmap_get(auth_hid_servs, onion_address);
1153 }
1154 
1155 #define rend_service_authorization_free(val) \
1156  FREE_AND_NULL(rend_service_authorization_t, \
1157  rend_service_authorization_free_, (val))
1158 
1159 /** Helper: Free storage held by rend_service_authorization_t. */
1160 static void
1162 {
1163  tor_free(auth);
1164 }
1165 
1166 /** Helper for strmap_free. */
1167 static void
1169 {
1170  rend_service_authorization_free_(service_auth);
1171 }
1172 
1173 /** Release all the storage held in auth_hid_servs.
1174  */
1175 void
1177 {
1178  if (!auth_hid_servs) {
1179  return;
1180  }
1182  auth_hid_servs = NULL;
1183 }
1184 
1185 /** Parse <b>config_line</b> as a client-side authorization for a hidden
1186  * service and add it to the local map of hidden service authorizations.
1187  * Return 0 for success and -1 for failure. */
1188 int
1190  int validate_only)
1191 {
1192  config_line_t *line;
1193  int res = -1;
1194  strmap_t *parsed = strmap_new();
1195  smartlist_t *sl = smartlist_new();
1196  rend_service_authorization_t *auth = NULL;
1197  char *err_msg = NULL;
1198 
1199  for (line = options->HidServAuth; line; line = line->next) {
1200  char *onion_address, *descriptor_cookie;
1201  auth = NULL;
1202  SMARTLIST_FOREACH(sl, char *, c, tor_free(c););
1203  smartlist_clear(sl);
1204  smartlist_split_string(sl, line->value, " ",
1205  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 3);
1206  if (smartlist_len(sl) < 2) {
1207  log_warn(LD_CONFIG, "Configuration line does not consist of "
1208  "\"onion-address authorization-cookie [service-name]\": "
1209  "'%s'", line->value);
1210  goto err;
1211  }
1212  auth = tor_malloc_zero(sizeof(rend_service_authorization_t));
1213  /* Parse onion address. */
1214  onion_address = smartlist_get(sl, 0);
1215  if (strlen(onion_address) != REND_SERVICE_ADDRESS_LEN ||
1216  strcmpend(onion_address, ".onion")) {
1217  log_warn(LD_CONFIG, "Onion address has wrong format: '%s'",
1218  onion_address);
1219  goto err;
1220  }
1221  strlcpy(auth->onion_address, onion_address, REND_SERVICE_ID_LEN_BASE32+1);
1222  if (!rend_valid_v2_service_id(auth->onion_address)) {
1223  log_warn(LD_CONFIG, "Onion address has wrong format: '%s'",
1224  onion_address);
1225  goto err;
1226  }
1227  /* Parse descriptor cookie. */
1228  descriptor_cookie = smartlist_get(sl, 1);
1229  if (rend_auth_decode_cookie(descriptor_cookie, auth->descriptor_cookie,
1230  &auth->auth_type, &err_msg) < 0) {
1231  tor_assert(err_msg);
1232  log_warn(LD_CONFIG, "%s", err_msg);
1233  tor_free(err_msg);
1234  goto err;
1235  }
1236  if (strmap_get(parsed, auth->onion_address)) {
1237  log_warn(LD_CONFIG, "Duplicate authorization for the same hidden "
1238  "service.");
1239  goto err;
1240  }
1241  strmap_set(parsed, auth->onion_address, auth);
1242  auth = NULL;
1243  }
1244  res = 0;
1245  goto done;
1246  err:
1247  res = -1;
1248  done:
1249  rend_service_authorization_free(auth);
1250  SMARTLIST_FOREACH(sl, char *, c, tor_free(c););
1251  smartlist_free(sl);
1252  if (!validate_only && res == 0) {
1254  auth_hid_servs = parsed;
1255  } else {
1256  strmap_free(parsed, rend_service_authorization_free_void);
1257  }
1258  return res;
1259 }
1260 
1261 /** The given circuit is being freed. Take appropriate action if it is of
1262  * interest to the client subsystem. */
1263 void
1265 {
1266  int reason, orig_reason;
1267  bool has_timed_out, ip_is_redundant;
1268  const origin_circuit_t *ocirc = NULL;
1269 
1270  tor_assert(circ);
1272 
1273  reason = circ->marked_for_close_reason;
1274  orig_reason = circ->marked_for_close_orig_reason;
1275  ocirc = CONST_TO_ORIGIN_CIRCUIT(circ);
1276  tor_assert(ocirc->rend_data);
1277 
1278  has_timed_out = (reason == END_CIRC_REASON_TIMEOUT);
1279  ip_is_redundant = (orig_reason == END_CIRC_REASON_IP_NOW_REDUNDANT);
1280 
1281  switch (circ->purpose) {
1283  {
1284  if (ip_is_redundant) {
1285  break;
1286  }
1289  /* Treat this like getting a nack from it */
1290  log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). %s",
1291  safe_str_client(rend_data_get_address(ocirc->rend_data)),
1292  safe_str_client(build_state_get_exit_nickname(ocirc->build_state)),
1293  has_timed_out ? "Recording timeout." : "Removing from descriptor.");
1295  ocirc->rend_data,
1296  has_timed_out ?
1297  INTRO_POINT_FAILURE_TIMEOUT :
1298  INTRO_POINT_FAILURE_GENERIC);
1299  break;
1300  }
1302  {
1303  /* Ignore if we were introducing and it timed out, we didn't pick an exit
1304  * point yet (IP) or the reason indicate that it was a redundant IP. */
1305  if (has_timed_out || !ocirc->build_state->chosen_exit || ip_is_redundant) {
1306  break;
1307  }
1308  log_info(LD_REND, "Failed intro circ %s to %s "
1309  "(building circuit to intro point). "
1310  "Marking intro point as possibly unreachable.",
1311  safe_str_client(rend_data_get_address(ocirc->rend_data)),
1312  safe_str_client(build_state_get_exit_nickname(
1313  ocirc->build_state)));
1315  ocirc->rend_data,
1316  INTRO_POINT_FAILURE_UNREACHABLE);
1317  break;
1318  }
1319  default:
1320  break;
1321  }
1322 }
tor_free
#define tor_free(p)
Definition: malloc.h:52
connection_edge.h
Header file for connection_edge.c.
smartlist_split_string
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
Definition: smartlist_split.c:37
CIRCUIT_STATE_OPEN
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:32
rend_client_get_random_intro
extend_info_t * rend_client_get_random_intro(const rend_data_t *rend_query)
Definition: rendclient.c:1016
circuit_t::purpose
uint8_t purpose
Definition: circuit_st.h:111
rend_cache_entry_t
Definition: rendcache.h:29
circuit_t::timestamp_dirty
time_t timestamp_dirty
Definition: circuit_st.h:187
routerstatus_describe
const char * routerstatus_describe(const routerstatus_t *rs)
Definition: describe.c:185
entry_connection_st.h
Entry connection structure.
memwipe
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:55
rend_data_v2_t::desc_id_fetch
char desc_id_fetch[DIGEST_LEN]
Definition: or.h:455
directory_initiate_request
void directory_initiate_request(directory_request_t *request)
Definition: dirclient.c:1232
rend_service_authorization_free_
static void rend_service_authorization_free_(rend_service_authorization_t *auth)
Definition: rendclient.c:1161
REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS
#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS
Definition: or.h:349
extend_info_t::onion_key
crypto_pk_t * onion_key
Definition: extend_info_st.h:38
circuit_get_global_list
smartlist_t * circuit_get_global_list(void)
Definition: circuitlist.c:692
rend_data_v2_t::auth_type
rend_auth_type_t auth_type
Definition: or.h:450
REND_SERVICE_ADDRESS_LEN
#define REND_SERVICE_ADDRESS_LEN
Definition: or.h:335
routerset_contains_extendinfo
int routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
Definition: routerset.c:307
rend_service_descriptor_st.h
Parsed v2 HS descriptor structure.
AP_CONN_STATE_CIRCUIT_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
Definition: connection_edge.h:45
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
CONN_TYPE_DIR
#define CONN_TYPE_DIR
Definition: connection.h:53
LD_BUG
#define LD_BUG
Definition: log.h:86
cpath_build_state_st.h
Circuit-build-stse structure.
tor_addr_to_ipv4n
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
Definition: address.h:152
circuituse.h
Header file for circuituse.c.
directory_get_from_hs_dir
static int directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query, routerstatus_t *rs_hsdir)
Definition: rendclient.c:468
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
rend_client_get_random_intro_impl
static extend_info_t * rend_client_get_random_intro_impl(const rend_cache_entry_t *rend_query, const int strict, const int warnings)
Definition: rendclient.c:1048
rend_service_authorization_free_void
static void rend_service_authorization_free_void(void *service_auth)
Definition: rendclient.c:1168
tor_fragile_assert
#define tor_fragile_assert()
Definition: util_bug.h:259
RELAY_PAYLOAD_SIZE
#define RELAY_PAYLOAD_SIZE
Definition: or.h:606
describe.h
Header file for describe.c.
crypto_pk_asn1_encode
int crypto_pk_asn1_encode(const crypto_pk_t *pk, char *dest, size_t dest_len)
Definition: crypto_rsa_nss.c:595
smartlist_add_all
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
Definition: smartlist_core.c:125
REND_SERVICE_ID_LEN_BASE32
#define REND_SERVICE_ID_LEN_BASE32
Definition: or.h:332
pathbias_count_use_attempt
void pathbias_count_use_attempt(origin_circuit_t *circ)
Definition: circpathbias.c:604
rend_client_send_establish_rendezvous
static int rend_client_send_establish_rendezvous(origin_circuit_t *circ)
Definition: rendclient.c:81
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
routerstatus_t
Definition: routerstatus_st.h:19
circuit_t::marked_for_close_reason
int marked_for_close_reason
Definition: circuit_st.h:197
directory_request_set_rend_query
void directory_request_set_rend_query(directory_request_t *req, const rend_data_t *query)
Definition: dirclient.c:1093
control_event_hs_descriptor_content
void control_event_hs_descriptor_content(const char *onion_address, const char *desc_id, const char *hsdir_id_digest, const char *content)
Definition: control_events.c:2291
rend_cache_intro_failure_exists
bool rend_cache_intro_failure_exists(const char *service_id, const uint8_t *intro_identity)
Definition: rendcache.c:233
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
base64_encode
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
Definition: binascii.c:215
CIRCUIT_IS_ORIGIN
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:146
rend_intro_point_st.h
v2 hidden service introduction point structure.
crypt_path_t
Definition: crypt_path_st.h:47
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
Definition: circuitlist.h:78
DIR_PURPOSE_FETCH_RENDDESC_V2
#define DIR_PURPOSE_FETCH_RENDDESC_V2
Definition: directory.h:68
rend_client_receive_rendezvous
int rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, size_t request_len)
Definition: rendclient.c:898
strcmpend
int strcmpend(const char *s1, const char *s2)
Definition: util_string.c:242
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
crypto_rand_int
int crypto_rand_int(unsigned int max)
Definition: crypto_rand_numeric.c:52
extend_info_describe
const char * extend_info_describe(const extend_info_t *ei)
Definition: describe.c:205
build_state_get_exit_nickname
const char * build_state_get_exit_nickname(cpath_build_state_t *state)
Definition: circuitbuild.c:2486
rend_client_circuit_cleanup_on_free
void rend_client_circuit_cleanup_on_free(const circuit_t *circ)
Definition: rendclient.c:1264
networkstatus.h
Header file for networkstatus.c.
origin_circuit_t::global_identifier
uint32_t global_identifier
Definition: origin_circuit_st.h:240
rend_client_send_introduction
int rend_client_send_introduction(origin_circuit_t *introcirc, origin_circuit_t *rendcirc)
Definition: rendclient.c:113
CIRCUIT_PURPOSE_C_ESTABLISH_REND
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND
Definition: circuitlist.h:83
hs_client.h
Header file containing client data for the HS subsytem.
rend_cache_lookup_entry
int rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
Definition: rendcache.c:522
tor_memeq
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
base32_encode
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
rend_client_fetch_v2_desc
int rend_client_fetch_v2_desc(rend_data_t *query, smartlist_t *hsdirs)
Definition: rendclient.c:682
escaped_safe_str_client
const char * escaped_safe_str_client(const char *address)
Definition: config.c:1117
crypto_util.h
Common functions for cryptographic routines.
hs_purge_last_hid_serv_requests
void hs_purge_last_hid_serv_requests(void)
Definition: hs_common.c:1599
connection_get_by_type_state_rendquery
connection_t * connection_get_by_type_state_rendquery(int type, int state, const char *rendquery)
Definition: connection.c:4618
REND_DESC_ID_V2_LEN_BASE32
#define REND_DESC_ID_V2_LEN_BASE32
Definition: or.h:355
LD_CIRC
#define LD_CIRC
Definition: log.h:82
ENTRY_TO_EDGE_CONN
#define ENTRY_TO_EDGE_CONN(c)
Definition: entry_connection_st.h:102
rend_intro_point_t::extend_info
extend_info_t * extend_info
Definition: rend_intro_point_st.h:22
rend_client_note_connection_attempt_ended
void rend_client_note_connection_attempt_ended(const rend_data_t *rend_data)
Definition: rendclient.c:974
circuitlist.h
Header file for circuitlist.c.
mainloop.h
Header file for mainloop.c.
crypt_path_st.h
Path structures for origin circuits.
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
rend_cmp_service_ids
int rend_cmp_service_ids(const char *one, const char *two)
Definition: rendcommon.c:49
hs_pick_hsdir
routerstatus_t * hs_pick_hsdir(smartlist_t *responsible_dirs, const char *req_key_str, bool *is_rate_limited_out)
Definition: hs_common.c:1627
rend_cache_entry_t::parsed
rend_service_descriptor_t * parsed
Definition: rendcache.h:34
circuit_t::marked_for_close_orig_reason
int marked_for_close_orig_reason
Definition: circuit_st.h:201
rend_client_introduction_acked
int rend_client_introduction_acked(origin_circuit_t *circ, const uint8_t *request, size_t request_len)
Definition: rendclient.c:383
CONN_TYPE_AP
#define CONN_TYPE_AP
Definition: connection.h:49
control_event_hs_descriptor_requested
void control_event_hs_descriptor_requested(const char *onion_address, rend_auth_type_t auth_type, const char *id_digest, const char *desc_id, const char *hsdir_index)
Definition: control_events.c:1949
cpath_build_state_t::chosen_exit
extend_info_t * chosen_exit
Definition: cpath_build_state_st.h:20
DH1024_KEY_LEN
#define DH1024_KEY_LEN
Definition: dh_sizes.h:20
connection_ap_mark_as_waiting_for_renddesc
void connection_ap_mark_as_waiting_for_renddesc(entry_connection_t *entry_conn)
Definition: connection_edge.c:1396
tor_addr_port_t
Definition: address.h:80
rend_client_any_intro_points_usable
int rend_client_any_intro_points_usable(const rend_cache_entry_t *entry)
Definition: rendclient.c:1129
origin_circuit_t
Definition: origin_circuit_st.h:79
directory_request_set_routerstatus
void directory_request_set_routerstatus(directory_request_t *req, const routerstatus_t *status)
Definition: dirclient.c:1159
rend_data_v2_t::descriptor_cookie
char descriptor_cookie[REND_DESC_COOKIE_LEN]
Definition: or.h:447
crypto_dh.h
Headers for crypto_dh.c.
directory.h
Header file for directory.c.
crypto_pk_get_digest
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
tor_digest_is_zero
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96
or_options_t::ExcludeNodes
struct routerset_t * ExcludeNodes
Definition: or_options_st.h:92
auth_hid_servs
static strmap_t * auth_hid_servs
Definition: rendclient.c:1142
crypto_dh_get_public
int crypto_dh_get_public(crypto_dh_t *dh, char *pubkey_out, size_t pubkey_out_len)
Definition: crypto_dh_nss.c:116
REND_COOKIE_LEN
#define REND_COOKIE_LEN
Definition: or.h:400
rend_cache_purge
void rend_cache_purge(void)
Definition: rendcache.c:320
rend_service_descriptor_t::pk
crypto_pk_t * pk
Definition: rend_service_descriptor_st.h:20
MAX_INTRO_POINT_REACHABILITY_FAILURES
#define MAX_INTRO_POINT_REACHABILITY_FAILURES
Definition: or.h:1077
LD_REND
#define LD_REND
Definition: log.h:84
rend_cache_intro_failure_note
void rend_cache_intro_failure_note(rend_intro_point_failure_t failure, const uint8_t *identity, const char *service_id)
Definition: rendcache.c:465
rend_service_authorization_t
Definition: or.h:410
circuit_change_purpose
void circuit_change_purpose(circuit_t *circ, uint8_t new_purpose)
Definition: circuituse.c:3105
smartlist_del
void smartlist_del(smartlist_t *sl, int idx)
Definition: smartlist_core.c:214
connection_ap_attach_pending
void connection_ap_attach_pending(int retry)
Definition: connection_edge.c:1255
get_connection_array
smartlist_t * get_connection_array(void)
Definition: mainloop.c:452
rend_parse_service_authorization
int rend_parse_service_authorization(const or_options_t *options, int validate_only)
Definition: rendclient.c:1189
AP_CONN_STATE_RENDDESC_WAIT
#define AP_CONN_STATE_RENDDESC_WAIT
Definition: connection_edge.h:40
circuit_t
Definition: circuit_st.h:61
rend_client_cancel_descriptor_fetches
void rend_client_cancel_descriptor_fetches(void)
Definition: rendclient.c:748
nodelist.h
Header file for nodelist.c.
rend_valid_v2_service_id
int rend_valid_v2_service_id(const char *query)
Definition: rendcommon.c:725
rend_intro_point_t::unreachable_count
unsigned int unreachable_count
Definition: rend_intro_point_st.h:37
rend_service_authorization_free_all
void rend_service_authorization_free_all(void)
Definition: rendclient.c:1176
routerlist.h
Header file for routerlist.c.
routerset.h
Header file for routerset.c.
hs_purge_hid_serv_from_last_hid_serv_requests
void hs_purge_hid_serv_from_last_hid_serv_requests(const char *req_key_str)
Definition: hs_common.c:1558
assert_connection_ok
void assert_connection_ok(connection_t *conn, time_t now)
Definition: connection.c:5363
rend_intro_point_t::timed_out
unsigned int timed_out
Definition: rend_intro_point_st.h:32
rend_client_purge_state
void rend_client_purge_state(void)
Definition: rendclient.c:57
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
rend_client_rendcirc_has_opened
void rend_client_rendcirc_has_opened(origin_circuit_t *circ)
Definition: rendclient.c:344
extendinfo.h
Header for core/or/extendinfo.c.
rend_client_desc_trynow
void rend_client_desc_trynow(const char *query)
Definition: rendclient.c:922
crypto_dh_generate_public
int crypto_dh_generate_public(crypto_dh_t *dh)
Definition: crypto_dh_nss.c:100
REND_DESC_COOKIE_LEN_BASE64
#define REND_DESC_COOKIE_LEN_BASE64
Definition: or.h:371
rend_data_t::rend_cookie
char rend_cookie[REND_COOKIE_LEN]
Definition: or.h:428
rend_client_refetch_v2_renddesc
void rend_client_refetch_v2_renddesc(rend_data_t *rend_query)
Definition: rendclient.c:716
connection_t
Definition: connection_st.h:45
ARRAY_LENGTH
#define ARRAY_LENGTH(x)
Definition: compat_compiler.h:222
rend_client_close_other_intros
static void rend_client_close_other_intros(const uint8_t *rend_pk_digest)
Definition: rendclient.c:360
crypto_rand.h
Common functions for using (pseudo-)random number generators.
control_events.h
Header file for control_events.c.
get_options
const or_options_t * get_options(void)
Definition: config.c:926
origin_circuit_t::build_state
cpath_build_state_t * build_state
Definition: origin_circuit_st.h:123
tor_memcmp
int tor_memcmp(const void *a, const void *b, size_t len)
Definition: di_ops.c:31
rend_intro_point_t
Definition: rend_intro_point_st.h:21
connection_array
STATIC smartlist_t * connection_array
Definition: mainloop.c:165
circuitbuild.h
Header file for circuitbuild.c.
MAX_NICKNAME_LEN
#define MAX_NICKNAME_LEN
Definition: or.h:112
rend_service_descriptor_t::intro_nodes
smartlist_t * intro_nodes
Definition: rend_service_descriptor_st.h:28
smartlist_clear
void smartlist_clear(smartlist_t *sl)
Definition: smartlist_core.c:50
fetch_v2_desc_by_descid
static int fetch_v2_desc_by_descid(const char *desc_id, const rend_data_t *rend_query, smartlist_t *hsdirs)
Definition: rendclient.c:583
control_event_hsv2_descriptor_failed
void control_event_hsv2_descriptor_failed(const rend_data_t *rend_data, const char *hsdir_id_digest, const char *reason)
Definition: control_events.c:2231
crypto_pk_obsolete_public_hybrid_encrypt
int crypto_pk_obsolete_public_hybrid_encrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int force)
Definition: crypto_rsa.c:94
directory_request_set_resource
void directory_request_set_resource(directory_request_t *req, const char *resource)
Definition: dirclient.c:1042
extend_info_st.h
Extend-info structure.
routerstatus_st.h
Routerstatus (consensus entry) structure.
CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
Definition: circuitlist.h:81
hs_common.h
Header file containing common data for the whole HS subsytem.
origin_circuit_t::cpath
crypt_path_t * cpath
Definition: origin_circuit_st.h:129
set_uint32
static void set_uint32(void *cp, uint32_t v)
Definition: bytes.h:87
IF_BUG_ONCE
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:246
PK_PKCS1_OAEP_PADDING
#define PK_PKCS1_OAEP_PADDING
Definition: crypto_rsa.h:27
TO_ORIGIN_CIRCUIT
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:166
relay.h
Header file for relay.c.
CIRCUIT_PURPOSE_C_REND_READY
#define CIRCUIT_PURPOSE_C_REND_READY
Definition: circuitlist.h:85
connection.h
Header file for connection.c.
rend_cache_failure_purge
void rend_cache_failure_purge(void)
Definition: rendcache.c:332
extend_info_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: extend_info_st.h:31
confline.h
Header for confline.c.
directory_request_new
directory_request_t * directory_request_new(uint8_t dir_purpose)
Definition: dirclient.c:945
crypt_path_t::prev
struct crypt_path_t * prev
Definition: crypt_path_st.h:75
rend_auth_decode_cookie
int rend_auth_decode_cookie(const char *cookie_in, uint8_t *cookie_out, rend_auth_type_t *auth_type_out, char **err_msg_out)
Definition: rendcommon.c:930
hs_circuit_setup_e2e_rend_circ_legacy_client
int hs_circuit_setup_e2e_rend_circ_legacy_client(origin_circuit_t *circ, const uint8_t *rend_cell_body)
Definition: hs_circuit.c:1119
dirclient.h
Header file for dirclient.c.
REND_DESC_COOKIE_LEN
#define REND_DESC_COOKIE_LEN
Definition: or.h:367
CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
Definition: circuitlist.h:88
rend_data_v2_t::descriptor_id
char descriptor_id[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS][DIGEST_LEN]
Definition: or.h:444
origin_circuit_t::rend_data
rend_data_t * rend_data
Definition: origin_circuit_st.h:132
crypto_dh_new
crypto_dh_t * crypto_dh_new(int dh_type)
Definition: crypto_dh_nss.c:73
circuit_get_ready_rend_circ_by_rend_data
origin_circuit_t * circuit_get_ready_rend_circ_by_rend_data(const rend_data_t *rend_data)
Definition: circuitlist.c:1687
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
rend_data_v2_t::onion_address
char onion_address[REND_SERVICE_ID_LEN_BASE32+1]
Definition: or.h:439
crypto_pk_t
Definition: crypto_rsa_nss.c:36
SMARTLIST_DEL_CURRENT
#define SMARTLIST_DEL_CURRENT(sl, var)
Definition: smartlist_foreach.h:120
dir_connection_st.h
Client/server directory connection structure.
rend_data_t
Definition: or.h:419
TO_DIR_CONN
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:85
extend_info_dup
extend_info_t * extend_info_dup(extend_info_t *info)
Definition: extendinfo.c:177
rend_data_get_address
const char * rend_data_get_address(const rend_data_t *rend_data)
Definition: hs_common.c:529
config_line_t
Definition: confline.h:29
config.h
Header file for config.c.
rend_client_introcirc_has_opened
void rend_client_introcirc_has_opened(origin_circuit_t *circ)
Definition: rendclient.c:68
or_options_t::HidServAuth
struct config_line_t * HidServAuth
Definition: or_options_st.h:398
fetch_v2_desc_by_addr
static int fetch_v2_desc_by_addr(rend_data_t *rend_query, smartlist_t *hsdirs)
Definition: rendclient.c:617
hid_serv_get_responsible_directories
int hid_serv_get_responsible_directories(smartlist_t *responsible_dirs, const char *id)
Definition: rendcommon.c:848
extend_info_get_orport
const tor_addr_port_t * extend_info_get_orport(const extend_info_t *ei, int family)
Definition: extendinfo.c:260
TO_CIRCUIT
#define TO_CIRCUIT(x)
Definition: or.h:965
or_options_t
Definition: or_options_st.h:39
crypto_rand
void crypto_rand(char *to, size_t n)
Definition: crypto_rand.c:477
set_uint16
static void set_uint16(void *cp, uint16_t v)
Definition: bytes.h:78
rend_client_report_intro_point_failure
int rend_client_report_intro_point_failure(extend_info_t *failed_intro, rend_data_t *rend_data, unsigned int failure_type)
Definition: rendclient.c:801
hs_client_reextend_intro_circuit
int hs_client_reextend_intro_circuit(origin_circuit_t *circ)
Definition: hs_client.c:2489
rend_client_lookup_service_authorization
rend_service_authorization_t * rend_client_lookup_service_authorization(const char *onion_address)
Definition: rendclient.c:1148
hs_circuit.h
Header file containing circuit data for the whole HS subsytem.
entry_connection_t
Definition: entry_connection_st.h:19
rend_data_v2_t
Definition: or.h:434
DIRIND_ANONYMOUS
@ DIRIND_ANONYMOUS
Definition: dirclient.h:39
directory_request_t
struct directory_request_t directory_request_t
Definition: dirclient.h:52
routerstatus_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: routerstatus_st.h:27
rend_data_t::hsdirs_fp
smartlist_t * hsdirs_fp
Definition: or.h:425
origin_circuit_st.h
Origin circuit structure.
smartlist_t
Definition: smartlist_core.h:26
rendclient.h
Header file for rendclient.c.
circuit_t::state
uint8_t state
Definition: circuit_st.h:110
rendcommon.h
Header file for rendcommon.c.
directory_request_set_indirection
void directory_request_set_indirection(directory_request_t *req, dir_indirection_t indirection)
Definition: dirclient.c:1029
rend_data_get_pk_digest
const uint8_t * rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out)
Definition: hs_common.c:569
rephist.h
Header file for rephist.c.
CIRCUIT_PURPOSE_C_INTRODUCING
#define CIRCUIT_PURPOSE_C_INTRODUCING
Definition: circuitlist.h:75
extend_info_t
Definition: extend_info_st.h:27
rend_get_service_id
int rend_get_service_id(crypto_pk_t *pk, char *out)
Definition: rendcommon.c:712
or.h
Master header file for Tor-specific functionality.
purge_v2_hidserv_req
static void purge_v2_hidserv_req(const char *desc_id)
Definition: rendclient.c:566
rend_compute_v2_desc_id
int rend_compute_v2_desc_id(char *desc_id_out, const char *service_id, const char *descriptor_cookie, time_t now, uint8_t replica)
Definition: rendcommon.c:154
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72