tor  0.4.0.0-alpha-dev
Macros | Functions
rendcommon.c File Reference
#include "core/or/or.h"
#include "core/or/circuitbuild.h"
#include "core/or/circuitlist.h"
#include "core/or/circuituse.h"
#include "app/config/config.h"
#include "feature/control/control.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_common.h"
#include "feature/hs/hs_intropoint.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/rend/rendclient.h"
#include "feature/rend/rendcommon.h"
#include "feature/rend/rendmid.h"
#include "feature/rend/rendparse.h"
#include "feature/rend/rendservice.h"
#include "feature/stats/rephist.h"
#include "feature/hs_common/replaycache.h"
#include "feature/relay/router.h"
#include "feature/nodelist/routerlist.h"
#include "feature/dirparse/signing.h"
#include "core/or/cpath_build_state_st.h"
#include "core/or/crypt_path_st.h"
#include "core/or/extend_info_st.h"
#include "feature/nodelist/networkstatus_st.h"
#include "core/or/origin_circuit_st.h"
#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
#include "feature/rend/rend_intro_point_st.h"
#include "feature/rend/rend_service_descriptor_st.h"
#include "feature/nodelist/routerstatus_st.h"

Go to the source code of this file.

Macros

#define RENDCOMMON_PRIVATE
 
#define REND_DESC_COOKIE_LEN   16
 
#define REND_REPLICA_LEN   1
 
#define REND_DESC_COOKIE_LEN_EXT   (REND_DESC_COOKIE_LEN + 1)
 
#define REND_DESC_COOKIE_LEN_EXT_BASE64   (REND_DESC_COOKIE_LEN_BASE64 + 2)
 

Functions

int rend_cmp_service_ids (const char *one, const char *two)
 
void rend_service_descriptor_free_ (rend_service_descriptor_t *desc)
 
void rend_get_descriptor_id_bytes (char *descriptor_id_out, const char *service_id, const char *secret_id_part)
 
static void get_secret_id_part_bytes (char *secret_id_part, uint32_t time_period, const char *descriptor_cookie, uint8_t replica)
 
static uint32_t get_time_period (time_t now, uint8_t deviation, const char *service_id)
 
static uint32_t get_seconds_valid (time_t now, const char *service_id)
 
int rend_compute_v2_desc_id (char *desc_id_out, const char *service_id, const char *descriptor_cookie, time_t now, uint8_t replica)
 
static int rend_encode_v2_intro_points (char **encoded, rend_service_descriptor_t *desc)
 
static int rend_encrypt_v2_intro_points_basic (char **encrypted_out, size_t *encrypted_len_out, const char *encoded, smartlist_t *client_cookies)
 
static int rend_encrypt_v2_intro_points_stealth (char **encrypted_out, size_t *encrypted_len_out, const char *encoded, const char *descriptor_cookie)
 
STATIC int rend_desc_v2_is_parsable (rend_encoded_v2_service_descriptor_t *desc)
 
void rend_encoded_v2_service_descriptor_free_ (rend_encoded_v2_service_descriptor_t *desc)
 
void rend_intro_point_free_ (rend_intro_point_t *intro)
 
int rend_encode_v2_descriptors (smartlist_t *descs_out, rend_service_descriptor_t *desc, time_t now, uint8_t period, rend_auth_type_t auth_type, crypto_pk_t *client_key, smartlist_t *client_cookies)
 
int rend_get_service_id (crypto_pk_t *pk, char *out)
 
int rend_valid_v2_service_id (const char *query)
 
int rend_valid_descriptor_id (const char *query)
 
int rend_valid_client_name (const char *client_name)
 
void rend_process_relay_cell (circuit_t *circ, const crypt_path_t *layer_hint, int command, size_t length, const uint8_t *payload)
 
int hid_serv_get_responsible_directories (smartlist_t *responsible_dirs, const char *id)
 
char * rend_auth_encode_cookie (const uint8_t *cookie_in, rend_auth_type_t auth_type)
 
int rend_auth_decode_cookie (const char *cookie_in, uint8_t *cookie_out, rend_auth_type_t *auth_type_out, char **err_msg_out)
 
int rend_allow_non_anonymous_connection (const or_options_t *options)
 
int rend_non_anonymous_mode_enabled (const or_options_t *options)
 
void assert_circ_anonymity_ok (const origin_circuit_t *circ, const or_options_t *options)
 
int rend_circuit_pk_digest_eq (const origin_circuit_t *ocirc, const uint8_t *digest)
 

Detailed Description

Rendezvous implementation: shared code between introducers, services, clients, and rendezvous points.

Definition in file rendcommon.c.

Macro Definition Documentation

◆ REND_DESC_COOKIE_LEN

#define REND_DESC_COOKIE_LEN   16

Length of the descriptor cookie that is used for versioned hidden service descriptors.

Definition at line 76 of file rendcommon.c.

Referenced by get_secret_id_part_bytes().

◆ REND_REPLICA_LEN

#define REND_REPLICA_LEN   1

Length of the replica number that is used to determine the secret ID part of versioned hidden service descriptors.

Definition at line 80 of file rendcommon.c.

Referenced by get_secret_id_part_bytes().

Function Documentation

◆ get_seconds_valid()

static uint32_t get_seconds_valid ( time_t  now,
const char *  service_id 
)
static

Compute the time in seconds that a descriptor that is generated now for service_id will be valid.

Definition at line 137 of file rendcommon.c.

References REND_TIME_PERIOD_V2_DESC_VALIDITY.

◆ get_secret_id_part_bytes()

static void get_secret_id_part_bytes ( char *  secret_id_part,
uint32_t  time_period,
const char *  descriptor_cookie,
uint8_t  replica 
)
static

Compute the secret ID part for time_period, a descriptor_cookie of length REND_DESC_COOKIE_LEN which may also be NULL if no descriptor_cookie shall be used, and replica, and write it to secret_id_part of length DIGEST_LEN.

Definition at line 104 of file rendcommon.c.

References crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_digest_new(), DIGEST_LEN, REND_DESC_COOKIE_LEN, and REND_REPLICA_LEN.

◆ get_time_period()

static uint32_t get_time_period ( time_t  now,
uint8_t  deviation,
const char *  service_id 
)
static

Return the time period for time now plus a potentially intended deviation of one or more periods, based on the first byte of service_id.

Definition at line 123 of file rendcommon.c.

References REND_TIME_PERIOD_V2_DESC_VALIDITY.

◆ hid_serv_get_responsible_directories()

int hid_serv_get_responsible_directories ( smartlist_t responsible_dirs,
const char *  id 
)

Determine the routers that are responsible for id (binary) and add pointers to those routers' routerstatus_t to responsible_dirs. Return -1 if we're returning an empty smartlist, else return 0.

Definition at line 841 of file rendcommon.c.

◆ rend_auth_decode_cookie()

int rend_auth_decode_cookie ( const char *  cookie_in,
uint8_t *  cookie_out,
rend_auth_type_t auth_type_out,
char **  err_msg_out 
)

Decode a base64-encoded client authorization descriptor cookie. The descriptor_cookie can be truncated to REND_DESC_COOKIE_LEN_BASE64 characters (as given to clients), or may include the two padding characters (as stored by the service).

The result is stored in REND_DESC_COOKIE_LEN bytes of cookie_out. The rend_auth_type_t decoded from the cookie is stored in the optional auth_type_out parameter.

Return 0 on success, or -1 on error. The caller is responsible for freeing the returned err_msg.

Definition at line 923 of file rendcommon.c.

◆ rend_auth_encode_cookie()

char* rend_auth_encode_cookie ( const uint8_t *  cookie_in,
rend_auth_type_t  auth_type 
)

Encode a client authorization descriptor cookie. The result of this function is suitable for use in the HidServAuth option. The trailing padding characters are removed, and the auth type is encoded into the cookie.

Returns a new base64-encoded cookie. This function cannot fail. The caller is responsible for freeing the returned value.

Definition at line 887 of file rendcommon.c.

◆ rend_cmp_service_ids()

int rend_cmp_service_ids ( const char *  one,
const char *  two 
)

Return 0 if one and two are the same service ids, else -1 or 1

Definition at line 48 of file rendcommon.c.

Referenced by circuit_get_ready_rend_circ_by_rend_data(), and circuit_matches_with_rend_stream().

◆ rend_compute_v2_desc_id()

int rend_compute_v2_desc_id ( char *  desc_id_out,
const char *  service_id,
const char *  descriptor_cookie,
time_t  now,
uint8_t  replica 
)

Compute the binary desc_id_out (DIGEST_LEN bytes long) for a given base32-encoded service_id and optional unencoded descriptor_cookie of length REND_DESC_COOKIE_LEN, at time now for replica number replica. desc_id needs to have DIGEST_LEN bytes free. Return 0 for success, -1 otherwise.

Definition at line 153 of file rendcommon.c.

References DIGEST_LEN, REND_SERVICE_ID_LEN, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_desc_v2_is_parsable()

STATIC int rend_desc_v2_is_parsable ( rend_encoded_v2_service_descriptor_t desc)

Attempt to parse the given desc_str and return true if this succeeds, false otherwise.

Definition at line 418 of file rendcommon.c.

References rend_encoded_v2_service_descriptor_t::desc_str, DIGEST_LEN, and rend_parse_v2_service_descriptor().

◆ rend_encode_v2_descriptors()

int rend_encode_v2_descriptors ( smartlist_t descs_out,
rend_service_descriptor_t desc,
time_t  now,
uint8_t  period,
rend_auth_type_t  auth_type,
crypto_pk_t client_key,
smartlist_t client_cookies 
)

Encode a set of rend_encoded_v2_service_descriptor_t's for desc at time now using service_key, depending on auth_type a descriptor_cookie and a list of client_cookies (which are both NULL if no client authorization is performed), and period (e.g. 0 for the current period, 1 for the next period, etc.) and add them to the existing list descs_out; return the number of seconds that the descriptors will be found by clients, or -1 if the encoding was not successful.

Definition at line 473 of file rendcommon.c.

References DIGEST_LEN, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_encode_v2_intro_points()

static int rend_encode_v2_intro_points ( char **  encoded,
rend_service_descriptor_t desc 
)
static

Encode the introduction points in desc and write the result to a newly allocated string pointed to by encoded. Return 0 for success, -1 otherwise.

Definition at line 194 of file rendcommon.c.

◆ rend_encoded_v2_service_descriptor_free_()

void rend_encoded_v2_service_descriptor_free_ ( rend_encoded_v2_service_descriptor_t desc)

Free the storage held by an encoded v2 service descriptor.

Definition at line 438 of file rendcommon.c.

References rend_encoded_v2_service_descriptor_t::desc_str, and tor_free.

◆ rend_encrypt_v2_intro_points_basic()

static int rend_encrypt_v2_intro_points_basic ( char **  encrypted_out,
size_t *  encrypted_len_out,
const char *  encoded,
smartlist_t client_cookies 
)
static

Encrypt the encoded introduction points in encoded using authorization type 'basic' with client_cookies and write the result to a newly allocated string pointed to by encrypted_out of length encrypted_len_out. Return 0 for success, -1 otherwise.

Definition at line 279 of file rendcommon.c.

References CIPHER_IV_LEN, CIPHER_KEY_LEN, and tor_assert().

◆ rend_encrypt_v2_intro_points_stealth()

static int rend_encrypt_v2_intro_points_stealth ( char **  encrypted_out,
size_t *  encrypted_len_out,
const char *  encoded,
const char *  descriptor_cookie 
)
static

Encrypt the encoded introduction points in encoded using authorization type 'stealth' with descriptor_cookie of length REND_DESC_COOKIE_LEN and write the result to a newly allocated string pointed to by encrypted_out of length encrypted_len_out. Return 0 for success, -1 otherwise.

Definition at line 386 of file rendcommon.c.

References tor_assert().

◆ rend_get_descriptor_id_bytes()

void rend_get_descriptor_id_bytes ( char *  descriptor_id_out,
const char *  service_id,
const char *  secret_id_part 
)

Compute the descriptor ID for service_id of length REND_SERVICE_ID_LEN and secret_id_part of length DIGEST_LEN, and write it to descriptor_id_out of length DIGEST_LEN.

Definition at line 87 of file rendcommon.c.

References crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_digest_new(), DIGEST_LEN, and REND_SERVICE_ID_LEN.

◆ rend_get_service_id()

int rend_get_service_id ( crypto_pk_t pk,
char *  out 
)

Sets out to the first 10 bytes of the digest of pk, base32 encoded. NUL-terminates out. (We use this string to identify services in directory requests and .onion URLs.)

Definition at line 705 of file rendcommon.c.

References base32_encode(), crypto_pk_get_digest(), DIGEST_LEN, REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

Referenced by rend_cache_failure_remove(), and rend_service_derive_key_digests().

◆ rend_intro_point_free_()

void rend_intro_point_free_ ( rend_intro_point_t intro)

Free the storage held by an introduction point info.

Definition at line 449 of file rendcommon.c.

◆ rend_process_relay_cell()

void rend_process_relay_cell ( circuit_t circ,
const crypt_path_t layer_hint,
int  command,
size_t  length,
const uint8_t *  payload 
)

Called when we get a rendezvous-related relay cell on circuit circ. Dispatch on rendezvous relay command.

Definition at line 766 of file rendcommon.c.

References CIRCUIT_IS_ORIGIN, origin_circuit_t::cpath, log_fn, crypt_path_t::prev, and TO_ORIGIN_CIRCUIT().

◆ rend_service_descriptor_free_()

void rend_service_descriptor_free_ ( rend_service_descriptor_t desc)

Free the storage held by the service descriptor desc.

Definition at line 56 of file rendcommon.c.

References rend_service_descriptor_t::pk.

◆ rend_valid_client_name()

int rend_valid_client_name ( const char *  client_name)

Return true iff client_name is a syntactically valid name for rendezvous client authentication.

Definition at line 750 of file rendcommon.c.

References REND_CLIENTNAME_MAX_LEN, and REND_LEGAL_CLIENTNAME_CHARACTERS.

◆ rend_valid_descriptor_id()

int rend_valid_descriptor_id ( const char *  query)

Return true iff query is a syntactically valid descriptor ID. (as generated by rend_get_descriptor_id_bytes).

Definition at line 732 of file rendcommon.c.

References BASE32_CHARS, and REND_DESC_ID_V2_LEN_BASE32.

◆ rend_valid_v2_service_id()

int rend_valid_v2_service_id ( const char *  query)

Return true iff query is a syntactically valid service ID (as generated by rend_get_service_id).

Definition at line 718 of file rendcommon.c.

References BASE32_CHARS, and REND_SERVICE_ID_LEN_BASE32.

Referenced by connection_control_closed(), connection_dir_client_refetch_hsdesc_if_needed(), rend_cache_lookup_entry(), and rend_service_del_ephemeral().