tor  0.4.0.0-alpha-dev
rendparse.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2018, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
12 #include "core/or/or.h"
16 #include "feature/rend/rendparse.h"
17 #include "lib/memarea/memarea.h"
18 
19 #include "core/or/extend_info_st.h"
20 #include "feature/rend/rend_authorized_client_st.h"
21 #include "feature/rend/rend_intro_point_st.h"
22 #include "feature/rend/rend_service_descriptor_st.h"
23 
26  T1_START("rendezvous-service-descriptor", R_RENDEZVOUS_SERVICE_DESCRIPTOR,
27  EQ(1), NO_OBJ),
28  T1("version", R_VERSION, EQ(1), NO_OBJ),
29  T1("permanent-key", R_PERMANENT_KEY, NO_ARGS, NEED_KEY_1024),
30  T1("secret-id-part", R_SECRET_ID_PART, EQ(1), NO_OBJ),
31  T1("publication-time", R_PUBLICATION_TIME, CONCAT_ARGS, NO_OBJ),
32  T1("protocol-versions", R_PROTOCOL_VERSIONS, EQ(1), NO_OBJ),
33  T01("introduction-points", R_INTRODUCTION_POINTS, NO_ARGS, NEED_OBJ),
34  T1_END("signature", R_SIGNATURE, NO_ARGS, NEED_OBJ),
36 };
37 
41  T1_START("introduction-point", R_IPO_IDENTIFIER, EQ(1), NO_OBJ),
42  T1("ip-address", R_IPO_IP_ADDRESS, EQ(1), NO_OBJ),
43  T1("onion-port", R_IPO_ONION_PORT, EQ(1), NO_OBJ),
44  T1("onion-key", R_IPO_ONION_KEY, NO_ARGS, NEED_KEY_1024),
45  T1("service-key", R_IPO_SERVICE_KEY, NO_ARGS, NEED_KEY_1024),
47 };
48 
52  T1_START("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ),
53  T1("descriptor-cookie", C_DESCRIPTOR_COOKIE, EQ(1), NO_OBJ),
54  T01("client-key", C_CLIENT_KEY, NO_ARGS, NEED_SKEY_1024),
56 };
57 
71 int
73  char *desc_id_out,
74  char **intro_points_encrypted_out,
75  size_t *intro_points_encrypted_size_out,
76  size_t *encoded_size_out,
77  const char **next_out, const char *desc,
78  int as_hsdir)
79 {
81  tor_malloc_zero(sizeof(rend_service_descriptor_t));
82  char desc_hash[DIGEST_LEN];
83  const char *eos;
84  smartlist_t *tokens = smartlist_new();
85  directory_token_t *tok;
86  char secret_id_part[DIGEST_LEN];
87  int i, version, num_ok=1;
88  smartlist_t *versions;
89  char public_key_hash[DIGEST_LEN];
90  char test_desc_id[DIGEST_LEN];
91  memarea_t *area = NULL;
92  const int strict_time_fmt = as_hsdir;
93 
94  tor_assert(desc);
95  /* Check if desc starts correctly. */
96  if (strcmpstart(desc, "rendezvous-service-descriptor ")) {
97  log_info(LD_REND, "Descriptor does not start correctly.");
98  goto err;
99  }
100  /* Compute descriptor hash for later validation. */
101  if (router_get_hash_impl(desc, strlen(desc), desc_hash,
102  "rendezvous-service-descriptor ",
103  "\nsignature", '\n', DIGEST_SHA1) < 0) {
104  log_warn(LD_REND, "Couldn't compute descriptor hash.");
105  goto err;
106  }
107  /* Determine end of string. */
108  eos = strstr(desc, "\nrendezvous-service-descriptor ");
109  if (!eos)
110  eos = desc + strlen(desc);
111  else
112  eos = eos + 1;
113  /* Check length. */
114  if (eos-desc > REND_DESC_MAX_SIZE) {
115  /* XXXX+ If we are parsing this descriptor as a server, this
116  * should be a protocol warning. */
117  log_warn(LD_REND, "Descriptor length is %d which exceeds "
118  "maximum rendezvous descriptor size of %d bytes.",
119  (int)(eos-desc), REND_DESC_MAX_SIZE);
120  goto err;
121  }
122  /* Tokenize descriptor. */
123  area = memarea_new();
124  if (tokenize_string(area, desc, eos, tokens, desc_token_table, 0)) {
125  log_warn(LD_REND, "Error tokenizing descriptor.");
126  goto err;
127  }
128  /* Set next to next descriptor, if available. */
129  *next_out = eos;
130  /* Set length of encoded descriptor. */
131  *encoded_size_out = eos - desc;
132  /* Check min allowed length of token list. */
133  if (smartlist_len(tokens) < 7) {
134  log_warn(LD_REND, "Impossibly short descriptor.");
135  goto err;
136  }
137  /* Parse base32-encoded descriptor ID. */
138  tok = find_by_keyword(tokens, R_RENDEZVOUS_SERVICE_DESCRIPTOR);
139  tor_assert(tok == smartlist_get(tokens, 0));
140  tor_assert(tok->n_args == 1);
141  if (!rend_valid_descriptor_id(tok->args[0])) {
142  log_warn(LD_REND, "Invalid descriptor ID: '%s'", tok->args[0]);
143  goto err;
144  }
145  if (base32_decode(desc_id_out, DIGEST_LEN,
146  tok->args[0], REND_DESC_ID_V2_LEN_BASE32) < 0) {
147  log_warn(LD_REND, "Descriptor ID contains illegal characters: %s",
148  tok->args[0]);
149  goto err;
150  }
151  /* Parse descriptor version. */
152  tok = find_by_keyword(tokens, R_VERSION);
153  tor_assert(tok->n_args == 1);
154  result->version =
155  (int) tor_parse_long(tok->args[0], 10, 0, INT_MAX, &num_ok, NULL);
156  if (result->version != 2 || !num_ok) {
157  /* If it's <2, it shouldn't be under this format. If the number
158  * is greater than 2, we bumped it because we broke backward
159  * compatibility. See how version numbers in our other formats
160  * work. */
161  log_warn(LD_REND, "Unrecognized descriptor version: %s",
162  escaped(tok->args[0]));
163  goto err;
164  }
165  /* Parse public key. */
166  tok = find_by_keyword(tokens, R_PERMANENT_KEY);
167  result->pk = tok->key;
168  tok->key = NULL; /* Prevent free */
169  /* Parse secret ID part. */
170  tok = find_by_keyword(tokens, R_SECRET_ID_PART);
171  tor_assert(tok->n_args == 1);
172  if (strlen(tok->args[0]) != REND_SECRET_ID_PART_LEN_BASE32 ||
173  strspn(tok->args[0], BASE32_CHARS) != REND_SECRET_ID_PART_LEN_BASE32) {
174  log_warn(LD_REND, "Invalid secret ID part: '%s'", tok->args[0]);
175  goto err;
176  }
177  if (base32_decode(secret_id_part, DIGEST_LEN, tok->args[0], 32) < 0) {
178  log_warn(LD_REND, "Secret ID part contains illegal characters: %s",
179  tok->args[0]);
180  goto err;
181  }
182  /* Parse publication time -- up-to-date check is done when storing the
183  * descriptor. */
184  tok = find_by_keyword(tokens, R_PUBLICATION_TIME);
185  tor_assert(tok->n_args == 1);
186  if (parse_iso_time_(tok->args[0], &result->timestamp,
187  strict_time_fmt, 0) < 0) {
188  log_warn(LD_REND, "Invalid publication time: '%s'", tok->args[0]);
189  goto err;
190  }
191  /* Parse protocol versions. */
192  tok = find_by_keyword(tokens, R_PROTOCOL_VERSIONS);
193  tor_assert(tok->n_args == 1);
194  versions = smartlist_new();
195  smartlist_split_string(versions, tok->args[0], ",",
196  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
197  for (i = 0; i < smartlist_len(versions); i++) {
198  version = (int) tor_parse_long(smartlist_get(versions, i),
199  10, 0, INT_MAX, &num_ok, NULL);
200  if (!num_ok) /* It's a string; let's ignore it. */
201  continue;
202  if (version >= REND_PROTOCOL_VERSION_BITMASK_WIDTH)
203  /* Avoid undefined left-shift behaviour. */
204  continue;
205  result->protocols |= 1 << version;
206  }
207  SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
208  smartlist_free(versions);
209  /* Parse encrypted introduction points. Don't verify. */
210  tok = find_opt_by_keyword(tokens, R_INTRODUCTION_POINTS);
211  if (tok) {
212  if (strcmp(tok->object_type, "MESSAGE")) {
213  log_warn(LD_DIR, "Bad object type: introduction points should be of "
214  "type MESSAGE");
215  goto err;
216  }
217  *intro_points_encrypted_out = tor_memdup(tok->object_body,
218  tok->object_size);
219  *intro_points_encrypted_size_out = tok->object_size;
220  } else {
221  *intro_points_encrypted_out = NULL;
222  *intro_points_encrypted_size_out = 0;
223  }
224  /* Parse and verify signature. */
225  tok = find_by_keyword(tokens, R_SIGNATURE);
226  if (check_signature_token(desc_hash, DIGEST_LEN, tok, result->pk, 0,
227  "v2 rendezvous service descriptor") < 0)
228  goto err;
229  /* Verify that descriptor ID belongs to public key and secret ID part. */
230  if (crypto_pk_get_digest(result->pk, public_key_hash) < 0) {
231  log_warn(LD_REND, "Unable to compute rend descriptor public key digest");
232  goto err;
233  }
234  rend_get_descriptor_id_bytes(test_desc_id, public_key_hash,
235  secret_id_part);
236  if (tor_memneq(desc_id_out, test_desc_id, DIGEST_LEN)) {
237  log_warn(LD_REND, "Parsed descriptor ID does not match "
238  "computed descriptor ID.");
239  goto err;
240  }
241  goto done;
242  err:
243  rend_service_descriptor_free(result);
244  result = NULL;
245  done:
246  if (tokens) {
248  smartlist_free(tokens);
249  }
250  if (area)
251  memarea_drop_all(area);
252  *parsed_out = result;
253  if (result)
254  return 0;
255  return -1;
256 }
257 
263 int
264 rend_decrypt_introduction_points(char **ipos_decrypted,
265  size_t *ipos_decrypted_size,
266  const char *descriptor_cookie,
267  const char *ipos_encrypted,
268  size_t ipos_encrypted_size)
269 {
270  tor_assert(ipos_encrypted);
271  tor_assert(descriptor_cookie);
272  if (ipos_encrypted_size < 2) {
273  log_warn(LD_REND, "Size of encrypted introduction points is too "
274  "small.");
275  return -1;
276  }
277  if (ipos_encrypted[0] == (int)REND_BASIC_AUTH) {
278  char iv[CIPHER_IV_LEN], client_id[REND_BASIC_AUTH_CLIENT_ID_LEN],
279  session_key[CIPHER_KEY_LEN], *dec;
280  int declen, client_blocks;
281  size_t pos = 0, len, client_entries_len;
282  crypto_digest_t *digest;
283  crypto_cipher_t *cipher;
284  client_blocks = (int) ipos_encrypted[1];
285  client_entries_len = client_blocks * REND_BASIC_AUTH_CLIENT_MULTIPLE *
287  if (ipos_encrypted_size < 2 + client_entries_len + CIPHER_IV_LEN + 1) {
288  log_warn(LD_REND, "Size of encrypted introduction points is too "
289  "small.");
290  return -1;
291  }
292  memcpy(iv, ipos_encrypted + 2 + client_entries_len, CIPHER_IV_LEN);
293  digest = crypto_digest_new();
294  crypto_digest_add_bytes(digest, descriptor_cookie, REND_DESC_COOKIE_LEN);
296  crypto_digest_get_digest(digest, client_id,
298  crypto_digest_free(digest);
299  for (pos = 2; pos < 2 + client_entries_len;
301  if (tor_memeq(ipos_encrypted + pos, client_id,
303  /* Attempt to decrypt introduction points. */
304  cipher = crypto_cipher_new(descriptor_cookie);
305  if (crypto_cipher_decrypt(cipher, session_key, ipos_encrypted
307  CIPHER_KEY_LEN) < 0) {
308  log_warn(LD_REND, "Could not decrypt session key for client.");
309  crypto_cipher_free(cipher);
310  return -1;
311  }
312  crypto_cipher_free(cipher);
313 
314  len = ipos_encrypted_size - 2 - client_entries_len - CIPHER_IV_LEN;
315  dec = tor_malloc_zero(len + 1);
316  declen = crypto_cipher_decrypt_with_iv(session_key, dec, len,
317  ipos_encrypted + 2 + client_entries_len,
318  ipos_encrypted_size - 2 - client_entries_len);
319 
320  if (declen < 0) {
321  log_warn(LD_REND, "Could not decrypt introduction point string.");
322  tor_free(dec);
323  return -1;
324  }
325  if (fast_memcmpstart(dec, declen, "introduction-point ")) {
326  log_warn(LD_REND, "Decrypted introduction points don't "
327  "look like we could parse them.");
328  tor_free(dec);
329  continue;
330  }
331  *ipos_decrypted = dec;
332  *ipos_decrypted_size = declen;
333  return 0;
334  }
335  }
336  log_warn(LD_REND, "Could not decrypt introduction points. Please "
337  "check your authorization for this service!");
338  return -1;
339  } else if (ipos_encrypted[0] == (int)REND_STEALTH_AUTH) {
340  char *dec;
341  int declen;
342  if (ipos_encrypted_size < CIPHER_IV_LEN + 2) {
343  log_warn(LD_REND, "Size of encrypted introduction points is too "
344  "small.");
345  return -1;
346  }
347  dec = tor_malloc_zero(ipos_encrypted_size - CIPHER_IV_LEN - 1 + 1);
348 
349  declen = crypto_cipher_decrypt_with_iv(descriptor_cookie, dec,
350  ipos_encrypted_size -
351  CIPHER_IV_LEN - 1,
352  ipos_encrypted + 1,
353  ipos_encrypted_size - 1);
354 
355  if (declen < 0) {
356  log_warn(LD_REND, "Decrypting introduction points failed!");
357  tor_free(dec);
358  return -1;
359  }
360  *ipos_decrypted = dec;
361  *ipos_decrypted_size = declen;
362  return 0;
363  } else {
364  log_warn(LD_REND, "Unknown authorization type number: %d",
365  ipos_encrypted[0]);
366  return -1;
367  }
368 }
369 
374 int
376  const char *intro_points_encoded,
377  size_t intro_points_encoded_size)
378 {
379  const char *current_ipo, *end_of_intro_points;
380  smartlist_t *tokens = NULL;
381  directory_token_t *tok;
382  rend_intro_point_t *intro;
383  extend_info_t *info;
384  int result, num_ok=1;
385  memarea_t *area = NULL;
386  tor_assert(parsed);
388  tor_assert(!parsed->intro_nodes);
389  if (!intro_points_encoded || intro_points_encoded_size == 0) {
390  log_warn(LD_REND, "Empty or zero size introduction point list");
391  goto err;
392  }
393  /* Consider one intro point after the other. */
394  current_ipo = intro_points_encoded;
395  end_of_intro_points = intro_points_encoded + intro_points_encoded_size;
396  tokens = smartlist_new();
397  parsed->intro_nodes = smartlist_new();
398  area = memarea_new();
399 
400  while (!fast_memcmpstart(current_ipo, end_of_intro_points-current_ipo,
401  "introduction-point ")) {
402  /* Determine end of string. */
403  const char *eos = tor_memstr(current_ipo, end_of_intro_points-current_ipo,
404  "\nintroduction-point ");
405  if (!eos)
406  eos = end_of_intro_points;
407  else
408  eos = eos+1;
409  tor_assert(eos <= intro_points_encoded+intro_points_encoded_size);
410  /* Free tokens and clear token list. */
412  smartlist_clear(tokens);
413  memarea_clear(area);
414  /* Tokenize string. */
415  if (tokenize_string(area, current_ipo, eos, tokens, ipo_token_table, 0)) {
416  log_warn(LD_REND, "Error tokenizing introduction point");
417  goto err;
418  }
419  /* Advance to next introduction point, if available. */
420  current_ipo = eos;
421  /* Check minimum allowed length of introduction point. */
422  if (smartlist_len(tokens) < 5) {
423  log_warn(LD_REND, "Impossibly short introduction point.");
424  goto err;
425  }
426  /* Allocate new intro point and extend info. */
427  intro = tor_malloc_zero(sizeof(rend_intro_point_t));
428  info = intro->extend_info = tor_malloc_zero(sizeof(extend_info_t));
429  /* Parse identifier. */
430  tok = find_by_keyword(tokens, R_IPO_IDENTIFIER);
432  tok->args[0], REND_INTRO_POINT_ID_LEN_BASE32) < 0) {
433  log_warn(LD_REND, "Identity digest contains illegal characters: %s",
434  tok->args[0]);
435  rend_intro_point_free(intro);
436  goto err;
437  }
438  /* Write identifier to nickname. */
439  info->nickname[0] = '$';
440  base16_encode(info->nickname + 1, sizeof(info->nickname) - 1,
441  info->identity_digest, DIGEST_LEN);
442  /* Parse IP address. */
443  tok = find_by_keyword(tokens, R_IPO_IP_ADDRESS);
444  if (tor_addr_parse(&info->addr, tok->args[0])<0) {
445  log_warn(LD_REND, "Could not parse introduction point address.");
446  rend_intro_point_free(intro);
447  goto err;
448  }
449  if (tor_addr_family(&info->addr) != AF_INET) {
450  log_warn(LD_REND, "Introduction point address was not ipv4.");
451  rend_intro_point_free(intro);
452  goto err;
453  }
454 
455  /* Parse onion port. */
456  tok = find_by_keyword(tokens, R_IPO_ONION_PORT);
457  info->port = (uint16_t) tor_parse_long(tok->args[0],10,1,65535,
458  &num_ok,NULL);
459  if (!info->port || !num_ok) {
460  log_warn(LD_REND, "Introduction point onion port %s is invalid",
461  escaped(tok->args[0]));
462  rend_intro_point_free(intro);
463  goto err;
464  }
465  /* Parse onion key. */
466  tok = find_by_keyword(tokens, R_IPO_ONION_KEY);
467  if (!crypto_pk_public_exponent_ok(tok->key)) {
468  log_warn(LD_REND,
469  "Introduction point's onion key had invalid exponent.");
470  rend_intro_point_free(intro);
471  goto err;
472  }
473  info->onion_key = tok->key;
474  tok->key = NULL; /* Prevent free */
475  /* Parse service key. */
476  tok = find_by_keyword(tokens, R_IPO_SERVICE_KEY);
477  if (!crypto_pk_public_exponent_ok(tok->key)) {
478  log_warn(LD_REND,
479  "Introduction point key had invalid exponent.");
480  rend_intro_point_free(intro);
481  goto err;
482  }
483  intro->intro_key = tok->key;
484  tok->key = NULL; /* Prevent free */
485  /* Add extend info to list of introduction points. */
486  smartlist_add(parsed->intro_nodes, intro);
487  }
488  result = smartlist_len(parsed->intro_nodes);
489  goto done;
490 
491  err:
492  result = -1;
493 
494  done:
495  /* Free tokens and clear token list. */
496  if (tokens) {
498  smartlist_free(tokens);
499  }
500  if (area)
501  memarea_drop_all(area);
502 
503  return result;
504 }
505 
510 int
511 rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
512 {
513  int result = -1;
514  smartlist_t *tokens;
515  directory_token_t *tok;
516  const char *current_entry = NULL;
517  memarea_t *area = NULL;
518  char *err_msg = NULL;
519  if (!ckstr || strlen(ckstr) == 0)
520  return -1;
521  tokens = smartlist_new();
522  /* Begin parsing with first entry, skipping comments or whitespace at the
523  * beginning. */
524  area = memarea_new();
525  current_entry = eat_whitespace(ckstr);
526  while (!strcmpstart(current_entry, "client-name ")) {
527  rend_authorized_client_t *parsed_entry;
528  /* Determine end of string. */
529  const char *eos = strstr(current_entry, "\nclient-name ");
530  if (!eos)
531  eos = current_entry + strlen(current_entry);
532  else
533  eos = eos + 1;
534  /* Free tokens and clear token list. */
536  smartlist_clear(tokens);
537  memarea_clear(area);
538  /* Tokenize string. */
539  if (tokenize_string(area, current_entry, eos, tokens,
541  log_warn(LD_REND, "Error tokenizing client keys file.");
542  goto err;
543  }
544  /* Advance to next entry, if available. */
545  current_entry = eos;
546  /* Check minimum allowed length of token list. */
547  if (smartlist_len(tokens) < 2) {
548  log_warn(LD_REND, "Impossibly short client key entry.");
549  goto err;
550  }
551  /* Parse client name. */
552  tok = find_by_keyword(tokens, C_CLIENT_NAME);
553  tor_assert(tok == smartlist_get(tokens, 0));
554  tor_assert(tok->n_args == 1);
555 
556  if (!rend_valid_client_name(tok->args[0])) {
557  log_warn(LD_CONFIG, "Illegal client name: %s. (Length must be "
558  "between 1 and %d, and valid characters are "
559  "[A-Za-z0-9+-_].)", tok->args[0], REND_CLIENTNAME_MAX_LEN);
560  goto err;
561  }
562  /* Check if client name is duplicate. */
563  if (strmap_get(parsed_clients, tok->args[0])) {
564  log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains a "
565  "duplicate client name: '%s'. Ignoring.", tok->args[0]);
566  goto err;
567  }
568  parsed_entry = tor_malloc_zero(sizeof(rend_authorized_client_t));
569  parsed_entry->client_name = tor_strdup(tok->args[0]);
570  strmap_set(parsed_clients, parsed_entry->client_name, parsed_entry);
571  /* Parse client key. */
572  tok = find_opt_by_keyword(tokens, C_CLIENT_KEY);
573  if (tok) {
574  parsed_entry->client_key = tok->key;
575  tok->key = NULL; /* Prevent free */
576  }
577 
578  /* Parse descriptor cookie. */
579  tok = find_by_keyword(tokens, C_DESCRIPTOR_COOKIE);
580  tor_assert(tok->n_args == 1);
581  if (rend_auth_decode_cookie(tok->args[0], parsed_entry->descriptor_cookie,
582  NULL, &err_msg) < 0) {
583  tor_assert(err_msg);
584  log_warn(LD_REND, "%s", err_msg);
585  tor_free(err_msg);
586  goto err;
587  }
588  }
589  result = strmap_size(parsed_clients);
590  goto done;
591  err:
592  result = -1;
593  done:
594  /* Free tokens and clear token list. */
596  smartlist_free(tokens);
597  if (area)
598  memarea_drop_all(area);
599  return result;
600 }
int crypto_cipher_decrypt_with_iv(const char *key, char *to, size_t tolen, const char *from, size_t fromlen)
struct crypto_pk_t * key
Definition: parsecommon.h:210
Header file for rendcommon.c.
void crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, size_t len)
int rend_auth_decode_cookie(const char *cookie_in, uint8_t *cookie_out, rend_auth_type_t *auth_type_out, char **err_msg_out)
Definition: rendcommon.c:923
#define END_OF_TABLE
Definition: parsecommon.h:244
int rend_valid_descriptor_id(const char *query)
Definition: rendcommon.c:732
void smartlist_add(smartlist_t *sl, void *element)
#define REND_DESC_MAX_SIZE
Definition: or.h:387
crypto_digest_t * crypto_digest_new(void)
#define REND_DESC_ID_V2_LEN_BASE32
Definition: or.h:354
#define REND_BASIC_AUTH_CLIENT_ID_LEN
Definition: or.h:374
int rend_parse_introduction_points(rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size)
Definition: rendparse.c:375
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:209
int rend_decrypt_introduction_points(char **ipos_decrypted, size_t *ipos_decrypted_size, const char *descriptor_cookie, const char *ipos_encrypted, size_t ipos_encrypted_size)
Definition: rendparse.c:264
#define tor_free(p)
Definition: malloc.h:52
#define CIPHER_KEY_LEN
Definition: crypto_cipher.h:22
#define T1_START(s, t, a, o)
Definition: parsecommon.h:252
void memarea_clear(memarea_t *area)
Definition: memarea.c:178
memarea_t * memarea_new(void)
Definition: memarea.c:153
#define REND_CLIENTNAME_MAX_LEN
Definition: or.h:395
crypto_pk_t * onion_key
#define CIPHER_IV_LEN
Definition: crypto_cipher.h:24
int parse_iso_time_(const char *cp, time_t *t, int strict, int nospace)
Definition: time_fmt.c:332
extend_info_t * extend_info
int base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:90
#define NO_ARGS
Definition: parsecommon.h:265
tor_assert(buffer)
static token_rule_t ipo_token_table[]
Definition: rendparse.c:40
static token_rule_t client_keys_token_table[]
Definition: rendparse.c:51
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
char nickname[MAX_HEX_NICKNAME_LEN+1]
#define DIGEST_LEN
Definition: digest_sizes.h:20
void crypto_digest_get_digest(crypto_digest_t *digest, char *out, size_t out_len)
Master header file for Tor-specific functionality.
const char * eat_whitespace(const char *s)
Definition: util_string.c:271
#define REND_BASIC_AUTH_CLIENT_ENTRY_LEN
Definition: or.h:383
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1185
#define REND_SECRET_ID_PART_LEN_BASE32
Definition: or.h:358
struct crypto_pk_t * intro_key
Header for memarea.c.
#define EQ(n)
Definition: parsecommon.h:271
int fast_memcmpstart(const void *mem, size_t memlen, const char *prefix)
Definition: util_string.c:232
void rend_get_descriptor_id_bytes(char *descriptor_id_out, const char *service_id, const char *secret_id_part)
Definition: rendcommon.c:87
int crypto_cipher_decrypt(crypto_cipher_t *env, char *to, const char *from, size_t fromlen)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:476
#define CONCAT_ARGS
Definition: parsecommon.h:267
int rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
Definition: rendparse.c:511
#define LD_REND
Definition: log.h:80
int rend_valid_client_name(const char *client_name)
Definition: rendcommon.c:750
directory_token_t * find_opt_by_keyword(const smartlist_t *s, directory_keyword keyword)
Definition: parsecommon.c:450
#define REND_INTRO_POINT_ID_LEN_BASE32
Definition: or.h:362
int crypto_pk_public_exponent_ok(const crypto_pk_t *env)
#define T1_END(s, t, a, o)
Definition: parsecommon.h:254
#define LD_DIR
Definition: log.h:84
static token_rule_t desc_token_table[]
Definition: rendparse.c:25
Header file for parsecommon.c.
#define REND_BASIC_AUTH_CLIENT_MULTIPLE
Definition: or.h:379
crypto_cipher_t * crypto_cipher_new(const char *key)
Definition: crypto_cipher.c:65
#define BASE32_CHARS
Definition: binascii.h:53
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:351
char identity_digest[DIGEST_LEN]
#define SMARTLIST_FOREACH(sl, type, var, cmd)
const char * escaped(const char *s)
Definition: escape.c:126
#define T1(s, t, a, o)
Definition: parsecommon.h:250
void token_clear(directory_token_t *tok)
Definition: parsecommon.c:41
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:56
int rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out, char *desc_id_out, char **intro_points_encrypted_out, size_t *intro_points_encrypted_size_out, size_t *encoded_size_out, const char **next_out, const char *desc, int as_hsdir)
Definition: rendparse.c:72
int router_get_hash_impl(const char *s, size_t s_len, char *digest, const char *start_str, const char *end_str, char end_c, digest_algorithm_t alg)
Definition: sigcommon.c:74
int check_signature_token(const char *digest, ssize_t digest_len, directory_token_t *tok, crypto_pk_t *pkey, int flags, const char *doctype)
Definition: sigcommon.c:143
tor_addr_t addr
void smartlist_clear(smartlist_t *sl)
#define REND_DESC_COOKIE_LEN
Definition: or.h:366
int tokenize_string(memarea_t *area, const char *start, const char *end, smartlist_t *out, const token_rule_t *table, int flags)
Definition: parsecommon.c:53
#define T01(s, t, a, o)
Definition: parsecommon.h:258
Header file for sigcommon.c.
#define LD_CONFIG
Definition: log.h:64
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)