Go to the documentation of this file.
16 #include "core/or/dos.h"
24 #include "core/or/or_circuit_st.h"
40 int reason = END_CIRC_REASON_INTERNAL;
43 "Received a legacy ESTABLISH_INTRO request on circuit %u",
47 reason = END_CIRC_REASON_TORPROTOCOL;
61 reason = END_CIRC_REASON_TORPROTOCOL;
70 log_warn(
LD_BUG,
"Internal error computing digest.");
75 "Hash of session info was not as expected.");
76 reason = END_CIRC_REASON_TORPROTOCOL;
85 "Incorrect signature on ESTABLISH_INTRO cell; rejecting.");
86 reason = END_CIRC_REASON_TORPROTOCOL;
92 log_warn(
LD_BUG,
"Internal error: couldn't hash public key.");
105 (
const uint8_t *)pk_digest))) {
106 log_info(
LD_REND,
"Replacing old circuit for service %s",
107 safe_str(serviceid));
108 circuit_mark_for_close(
TO_CIRCUIT(c), END_CIRC_REASON_FINISHED);
114 log_info(
LD_GENERAL,
"Couldn't send INTRO_ESTABLISHED cell.");
124 "Established introduction point on circuit %u for service %s",
125 (
unsigned) circ->
p_circ_id, safe_str(serviceid));
129 log_warn(
LD_PROTOCOL,
"Rejecting truncated ESTABLISH_INTRO cell.");
130 reason = END_CIRC_REASON_TORPROTOCOL;
132 circuit_mark_for_close(
TO_CIRCUIT(circ), reason);
134 if (pk) crypto_pk_free(pk);
150 log_info(
LD_REND,
"Received an INTRODUCE1 request on circuit %u",
166 "Impossibly short INTRODUCE1 cell on circuit %u; "
167 "responding with nack.", (
unsigned)circ->
p_circ_id);
177 (
const uint8_t*)request);
180 "No intro circ found for INTRODUCE1 cell (%s) from circuit %u; "
181 "responding with nack.",
182 safe_str(serviceid), (
unsigned)circ->
p_circ_id);
189 log_info(
LD_PROTOCOL,
"Can't relay INTRODUCE1 v2 cell due to DoS "
190 "limitations. Sending NACK to client.");
195 "Sending introduction request for service %s "
196 "from circ %u to circ %u",
197 safe_str(serviceid), (
unsigned)circ->
p_circ_id,
201 if (relay_send_command_from_edge(0,
TO_CIRCUIT(intro_circ),
202 RELAY_COMMAND_INTRODUCE2,
203 (
char*)request, request_len, NULL)) {
205 "Unable to send INTRODUCE2 cell to Tor client.");
210 if (relay_send_command_from_edge(0,
TO_CIRCUIT(circ),
211 RELAY_COMMAND_INTRODUCE_ACK,
213 log_warn(
LD_GENERAL,
"Unable to send INTRODUCE_ACK cell to Tor client.");
222 if (relay_send_command_from_edge(0,
TO_CIRCUIT(circ),
223 RELAY_COMMAND_INTRODUCE_ACK,
224 nak_body, 1, NULL)) {
225 log_warn(
LD_GENERAL,
"Unable to send NAK to Tor client.");
238 int reason = END_CIRC_REASON_TORPROTOCOL;
240 log_info(
LD_REND,
"Received an ESTABLISH_RENDEZVOUS request on circuit %u",
245 "Tried to establish rendezvous on non-OR circuit with purpose %s",
253 dos_should_refuse_single_hop_client()) {
255 dos_note_refuse_single_hop_client();
262 "Tried to establish rendezvous on non-edge circuit");
268 LD_PROTOCOL,
"Invalid length on ESTABLISH_RENDEZVOUS.");
274 "Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.");
279 if (relay_send_command_from_edge(0,
TO_CIRCUIT(circ),
280 RELAY_COMMAND_RENDEZVOUS_ESTABLISHED,
282 log_warn(
LD_PROTOCOL,
"Couldn't send RENDEZVOUS_ESTABLISHED cell.");
293 "Established rendezvous point on circuit %u for cookie %s",
298 circuit_mark_for_close(
TO_CIRCUIT(circ), reason);
313 int reason = END_CIRC_REASON_INTERNAL;
317 "Tried to complete rendezvous on non-OR or non-edge circuit %u.",
319 reason = END_CIRC_REASON_TORPROTOCOL;
325 "Rejecting RENDEZVOUS1 cell with bad length (%d) on circuit %u.",
326 (
int)request_len, (
unsigned)circ->
p_circ_id);
327 reason = END_CIRC_REASON_TORPROTOCOL;
331 base16_encode(hexid,
sizeof(hexid), (
const char*)request, 4);
334 "Got request for rendezvous from circuit %u to cookie %s.",
340 "Rejecting RENDEZVOUS1 cell with unrecognized rendezvous cookie %s.",
342 reason = END_CIRC_REASON_TORPROTOCOL;
355 if (relay_send_command_from_edge(0,
TO_CIRCUIT(rend_circ),
356 RELAY_COMMAND_RENDEZVOUS2,
360 "Unable to send RENDEZVOUS2 cell to client on circuit %u.",
368 "Completing rendezvous: circuit %u joins circuit %u (cookie %s)",
381 circuit_mark_for_close(
TO_CIRCUIT(circ), reason);
#define log_fn(severity, domain, args,...)
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
int channel_is_client(const channel_t *chan)
#define CIRCUIT_PURPOSE_INTRO_POINT
Header file for circuituse.c.
Header file for channel.c.
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
char rend_circ_nonce[DIGEST_LEN]
#define REND_SERVICE_ID_LEN_BASE32
bool hs_dos_can_send_intro2(or_circuit_t *s_intro_circ)
int rend_mid_establish_rendezvous(or_circuit_t *circ, const uint8_t *request, size_t request_len)
crypto_pk_t * crypto_pk_asn1_decode(const char *str, size_t len)
int crypto_digest(char *digest, const char *m, size_t len)
Header file containing denial of service defenses for the HS subsystem for all versions.
#define CIRCUIT_PURPOSE_REND_POINT_WAITING
#define PKCS1_OAEP_PADDING_OVERHEAD
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
#define CIRCUIT_PURPOSE_OR
void hs_circuitmap_remove_circuit(circuit_t *circ)
Header file for circuitlist.c.
int hs_intro_send_intro_established_cell(or_circuit_t *circ)
int crypto_pk_public_checksig_digest(crypto_pk_t *env, const char *data, size_t datalen, const char *sig, size_t siglen)
void hs_circuitmap_register_intro_circ_v2_relay_side(or_circuit_t *circ, const uint8_t *digest)
#define tor_memneq(a, b, sz)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
void hs_circuitmap_register_rend_circ_relay_side(or_circuit_t *circ, const uint8_t *cookie)
or_circuit_t * hs_circuitmap_get_intro_circ_v2_relay_side(const uint8_t *digest)
void circuit_change_purpose(circuit_t *circ, uint8_t new_purpose)
Header file for rendmid.c.
int HiddenServiceStatistics
struct or_circuit_t * rend_splice
or_circuit_t * hs_circuitmap_get_rend_circ_relay_side(const uint8_t *cookie)
const or_options_t * get_options(void)
int rend_mid_establish_intro_legacy(or_circuit_t *circ, const uint8_t *request, size_t request_len)
#define REND_SERVICE_ID_LEN
Headers for crypto_cipher.c.
unsigned int circuit_carries_hs_traffic_stats
void hs_dos_setup_default_intro2_defenses(or_circuit_t *circ)
int hs_intro_circuit_is_suitable_for_establish_intro(const or_circuit_t *circ)
Header file for hs_intropoint.c.
Header file for hs_circuitmap.c.
Header file for config.c.
static uint16_t get_uint16(const void *cp)
int rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request, size_t request_len)
Header file for rephist.c.
const char * circuit_purpose_to_string(uint8_t purpose)
Master header file for Tor-specific functionality.
int rend_mid_introduce_legacy(or_circuit_t *circ, const uint8_t *request, size_t request_len)