tor  0.4.1.0-alpha-dev
Macros | Functions | Variables
rendservice.c File Reference
#include "core/or/or.h"
#include "app/config/config.h"
#include "core/mainloop/mainloop.h"
#include "core/or/circuitbuild.h"
#include "core/or/circuitlist.h"
#include "core/or/circuituse.h"
#include "core/or/policies.h"
#include "core/or/relay.h"
#include "feature/client/circpathbias.h"
#include "feature/control/control.h"
#include "feature/dirclient/dirclient.h"
#include "feature/dircommon/directory.h"
#include "feature/hs/hs_common.h"
#include "feature/hs/hs_config.h"
#include "feature/hs_common/replaycache.h"
#include "feature/keymgt/loadkey.h"
#include "feature/nodelist/describe.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nickname.h"
#include "feature/nodelist/node_select.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerset.h"
#include "feature/rend/rendclient.h"
#include "feature/rend/rendcommon.h"
#include "feature/rend/rendparse.h"
#include "feature/rend/rendservice.h"
#include "feature/stats/predict_ports.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/encoding/confline.h"
#include "lib/net/resolve.h"
#include "core/or/cpath_build_state_st.h"
#include "core/or/crypt_path_st.h"
#include "core/or/crypt_path_reference_st.h"
#include "core/or/edge_connection_st.h"
#include "core/or/extend_info_st.h"
#include "feature/nodelist/networkstatus_st.h"
#include "core/or/origin_circuit_st.h"
#include "feature/rend/rend_authorized_client_st.h"
#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
#include "feature/rend/rend_intro_point_st.h"
#include "feature/rend/rend_service_descriptor_st.h"
#include "feature/nodelist/routerstatus_st.h"

Go to the source code of this file.

Macros

#define RENDSERVICE_PRIVATE
 
#define INTRO_CIRC_RETRY_PERIOD_SLOP   10
 
#define MIN_REND_INITIAL_POST_DELAY   (30)
 
#define MIN_REND_INITIAL_POST_DELAY_TESTING   (5)
 
#define MAX_STREAM_WARN_INTERVAL   600
 

Functions

static origin_circuit_tfind_intro_circuit (rend_intro_point_t *intro, const char *pk_digest)
 
static rend_intro_point_tfind_intro_point (origin_circuit_t *circ)
 
static rend_intro_point_tfind_expiring_intro_point (struct rend_service_t *service, origin_circuit_t *circ)
 
static extend_info_tfind_rp_for_intro (const rend_intro_cell_t *intro, char **err_msg_out)
 
static int intro_point_accepted_intro_count (rend_intro_point_t *intro)
 
static int intro_point_should_expire_now (rend_intro_point_t *intro, time_t now)
 
static int rend_service_derive_key_digests (struct rend_service_t *s)
 
static int rend_service_load_keys (struct rend_service_t *s)
 
static int rend_service_load_auth_keys (struct rend_service_t *s, const char *hfname)
 
static struct rend_service_t * rend_service_get_by_pk_digest (const char *digest)
 
static struct rend_service_t * rend_service_get_by_service_id (const char *id)
 
static const char * rend_service_escaped_dir (const struct rend_service_t *s)
 
static ssize_t rend_service_parse_intro_for_v0_or_v1 (rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
 
static ssize_t rend_service_parse_intro_for_v2 (rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
 
static ssize_t rend_service_parse_intro_for_v3 (rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
 
static int rend_service_check_private_dir (const or_options_t *options, const rend_service_t *s, int create)
 
static const smartlist_trend_get_service_list (const smartlist_t *substitute_service_list)
 
static smartlist_trend_get_service_list_mutable (smartlist_t *substitute_service_list)
 
static int rend_max_intro_circs_per_period (unsigned int n_intro_points_wanted)
 
static unsigned int rend_service_is_ephemeral (const struct rend_service_t *s)
 
int rend_num_services (void)
 
void rend_authorized_client_free_ (rend_authorized_client_t *client)
 
static void rend_authorized_client_free_void (void *authorized_client)
 
STATIC void rend_service_free_ (rend_service_t *service)
 
void rend_service_free_staging_list (void)
 
void rend_service_free_all (void)
 
void rend_service_init (void)
 
static int rend_validate_service (const smartlist_t *service_list, const rend_service_t *service)
 
static int rend_add_service (smartlist_t *service_list, rend_service_t *service)
 
static rend_service_port_config_trend_service_port_config_new (const char *socket_path)
 
rend_service_port_config_trend_service_parse_port_config (const char *string, const char *sep, char **err_msg_out)
 
void rend_service_port_config_free_ (rend_service_port_config_t *p)
 
static void copy_service_on_prunning (rend_service_t *dst, rend_service_t *src)
 
STATIC void rend_service_prune_list_impl_ (void)
 
void rend_service_prune_list (void)
 
static void service_config_shadow_copy (rend_service_t *service, hs_service_config_t *config)
 
int rend_config_service (const config_line_t *line_, const or_options_t *options, hs_service_config_t *config)
 
hs_service_add_ephemeral_status_t rend_service_add_ephemeral (crypto_pk_t *pk, smartlist_t *ports, int max_streams_per_circuit, int max_streams_close_circuit, rend_auth_type_t auth_type, smartlist_t *auth_clients, char **service_id_out)
 
int rend_service_del_ephemeral (const char *service_id)
 
static void rend_log_intro_limit (const rend_service_t *service, int min_severity)
 
static void rend_service_update_descriptor (rend_service_t *service)
 
static char * rend_service_path (const rend_service_t *service, const char *file_name)
 
STATIC char * rend_service_sos_poison_path (const rend_service_t *service)
 
static int service_is_single_onion_poisoned (const rend_service_t *service)
 
static int rend_service_private_key_exists (const rend_service_t *service)
 
STATIC int rend_service_verify_single_onion_poison (const rend_service_t *s, const or_options_t *options)
 
static int poison_new_single_onion_hidden_service_dir_impl (const rend_service_t *service, const or_options_t *options)
 
STATIC int rend_service_poison_new_single_onion_dir (const rend_service_t *s, const or_options_t *options)
 
int rend_service_key_on_disk (const char *directory_path)
 
int rend_service_load_all_keys (const smartlist_t *service_list)
 
static void rend_service_add_filenames_to_list (smartlist_t *lst, const rend_service_t *s)
 
void rend_services_add_filenames_to_lists (smartlist_t *open_lst, smartlist_t *stat_lst)
 
static int rend_check_authorization (rend_service_t *service, const char *descriptor_cookie, size_t cookie_len)
 
static int rend_service_use_direct_connection (const or_options_t *options, const extend_info_t *ei)
 
static int rend_service_use_direct_connection_node (const or_options_t *options, const node_t *node)
 
int rend_service_receive_introduction (origin_circuit_t *circuit, const uint8_t *request, size_t request_len)
 
void rend_service_free_intro_ (rend_intro_cell_t *request)
 
rend_intro_cell_trend_service_begin_parse_intro (const uint8_t *request, size_t request_len, uint8_t type, char **err_msg_out)
 
int rend_service_decrypt_intro (rend_intro_cell_t *intro, crypto_pk_t *key, char **err_msg_out)
 
int rend_service_parse_intro_plaintext (rend_intro_cell_t *intro, char **err_msg_out)
 
int rend_service_validate_intro_late (const rend_intro_cell_t *intro, char **err_msg_out)
 
void rend_service_relaunch_rendezvous (origin_circuit_t *oldcirc)
 
static int rend_service_launch_establish_intro (rend_service_t *service, rend_intro_point_t *intro)
 
static unsigned int count_established_intro_points (const rend_service_t *service)
 
static unsigned int count_intro_point_circuits (const rend_service_t *service)
 
ssize_t rend_service_encode_establish_intro_cell (char *cell_body_out, size_t cell_body_out_len, crypto_pk_t *intro_key, const char *rend_circ_nonce)
 
void rend_service_intro_has_opened (origin_circuit_t *circuit)
 
int rend_service_intro_established (origin_circuit_t *circuit, const uint8_t *request, size_t request_len)
 
void rend_service_rendezvous_has_opened (origin_circuit_t *circuit)
 
void directory_post_to_hs_dir (rend_service_descriptor_t *renddesc, smartlist_t *descs, smartlist_t *hs_dirs, const char *service_id, int seconds_valid)
 
static void upload_service_descriptor (rend_service_t *service)
 
static void remove_invalid_intro_points (rend_service_t *service, smartlist_t *exclude_nodes, smartlist_t *retry_nodes, time_t now)
 
void rend_service_desc_has_uploaded (const rend_data_t *rend_data)
 
void rend_consider_services_intro_points (time_t now)
 
void rend_consider_services_upload (time_t now)
 
void rend_hsdir_routers_changed (void)
 
void rend_consider_descriptor_republication (void)
 
void rend_service_dump_stats (int severity)
 
int rend_service_set_connection_addr_port (edge_connection_t *conn, origin_circuit_t *circ)
 
static int rend_service_non_anonymous_mode_consistent (const or_options_t *options)
 
int rend_service_allow_non_anonymous_connection (const or_options_t *options)
 
int rend_service_reveal_startup_time (const or_options_t *options)
 
int rend_service_non_anonymous_mode_enabled (const or_options_t *options)
 

Variables

static const char * private_key_fname = "private_key"
 
static const char * hostname_fname = "hostname"
 
static const char * client_keys_fname = "client_keys"
 
static const char * sos_poison_fname = "onion_service_non_anonymous"
 
static smartlist_trend_service_list = NULL
 
static smartlist_trend_service_staging_list = NULL
 
static ssize_t(* intro_version_handlers [])(rend_intro_cell_t *, const uint8_t *, size_t, char **)
 
static int consider_republishing_rend_descriptors = 1
 

Detailed Description

The hidden-service side of rendezvous functionality.

Definition in file rendservice.c.

Function Documentation

◆ count_established_intro_points()

static unsigned int count_established_intro_points ( const rend_service_t *  service)
static

Return the number of introduction points that are established for the given service.

Definition at line 3166 of file rendservice.c.

References rend_intro_point_t::circuit_established, and SMARTLIST_FOREACH.

◆ count_intro_point_circuits()

static unsigned int count_intro_point_circuits ( const rend_service_t *  service)
static

Return the number of introduction points that are or are being established for the given service. This function iterates over all circuit and count those that are linked to the service and are waiting for the intro point to respond.

Definition at line 3181 of file rendservice.c.

References CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, CIRCUIT_STATE_OPEN, origin_circuit_t::rend_data, SMARTLIST_FOREACH_BEGIN, and TO_ORIGIN_CIRCUIT().

◆ directory_post_to_hs_dir()

void directory_post_to_hs_dir ( rend_service_descriptor_t renddesc,
smartlist_t descs,
smartlist_t hs_dirs,
const char *  service_id,
int  seconds_valid 
)

Upload the rend_encoded_v2_service_descriptor_t's in descs associated with the rend_service_descriptor_t renddesc to the responsible hidden service directories OR the hidden service directories specified by hs_dirs; service_id and seconds_valid are only passed for logging purposes.

If any HSDirs are specified, they should be used instead of the responsible directories

Definition at line 3659 of file rendservice.c.

◆ find_expiring_intro_point()

static rend_intro_point_t * find_expiring_intro_point ( rend_service_t *  service,
origin_circuit_t circ 
)
static

Return the corresponding introdution point using the circuit circ found in the service. NULL is returned if not found.

Definition at line 3608 of file rendservice.c.

References CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, crypto_pk_eq_keys(), SMARTLIST_FOREACH, TO_CIRCUIT, and tor_assert().

◆ find_intro_circuit()

static origin_circuit_t * find_intro_circuit ( rend_intro_point_t intro,
const char *  pk_digest 
)
static

Return the (possibly non-open) introduction circuit ending at intro for the service whose public key is pk_digest. (desc_version is ignored). Return NULL if no such service is found.

Definition at line 3578 of file rendservice.c.

References origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, circuit_get_next_by_pk_and_purpose(), CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, DIGEST_LEN, rend_intro_point_t::extend_info, extend_info_t::identity_digest, origin_circuit_t::rend_data, tor_assert(), and tor_memeq().

Referenced by remove_invalid_intro_points().

◆ find_intro_point()

static rend_intro_point_t * find_intro_point ( origin_circuit_t circ)
static

Return a pointer to the rend_intro_point_t corresponding to the service-side introduction circuit circ.

Definition at line 3626 of file rendservice.c.

References CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, origin_circuit_t::rend_data, TO_CIRCUIT, and tor_assert().

◆ find_rp_for_intro()

static extend_info_t * find_rp_for_intro ( const rend_intro_cell_t intro,
char **  err_msg_out 
)
static

Given a parsed and decrypted INTRODUCE2, find the rendezvous point or return NULL and an error string if we can't. Return a newly allocated extend_info_t* for the rendezvous point.

Definition at line 2213 of file rendservice.c.

◆ intro_point_accepted_intro_count()

static int intro_point_accepted_intro_count ( rend_intro_point_t intro)
static

Return the number of INTRODUCE2 cells this hidden service has received from this intro point.

Definition at line 3889 of file rendservice.c.

References rend_intro_point_t::accepted_introduce2_count.

Referenced by intro_point_should_expire_now().

◆ intro_point_should_expire_now()

static int intro_point_should_expire_now ( rend_intro_point_t intro,
time_t  now 
)
static

Return non-zero iff intro should 'expire' now (i.e. we should stop publishing it in new descriptors and eventually close it).

Definition at line 3898 of file rendservice.c.

References crypto_rand_int_range(), intro_point_accepted_intro_count(), INTRO_POINT_LIFETIME_MAX_SECONDS, INTRO_POINT_LIFETIME_MIN_SECONDS, rend_intro_point_t::max_introductions, rend_intro_point_t::time_published, rend_intro_point_t::time_to_expire, and tor_assert().

◆ remove_invalid_intro_points()

static void remove_invalid_intro_points ( rend_service_t *  service,
smartlist_t exclude_nodes,
smartlist_t retry_nodes,
time_t  now 
)
static

Iterate over intro points in the given service and remove the invalid ones. For an intro point object to be considered invalid, the circuit and node need to have disappeared.

If the intro point should expire, it's placed into the expiring_nodes list of the service and removed from the active intro nodes list.

If exclude_nodes is not NULL, add the valid nodes to it.

If retry_nodes is not NULL, add the valid node to it if the circuit disappeared but the node is still in the consensus.

Definition at line 3945 of file rendservice.c.

References find_intro_circuit(), SMARTLIST_DEL_CURRENT, SMARTLIST_FOREACH_BEGIN, and tor_assert().

◆ rend_add_service()

static int rend_add_service ( smartlist_t service_list,
rend_service_t *  service 
)
static

Add it to service_list, or to the global rend_service_list if service_list is NULL. Return 0 on success. On failure, free service and return -1. Takes ownership of service.

Definition at line 337 of file rendservice.c.

References tor_assert().

◆ rend_authorized_client_free_()

void rend_authorized_client_free_ ( rend_authorized_client_t client)

Helper: free storage held by a single service authorized client entry.

Definition at line 192 of file rendservice.c.

Referenced by rend_authorized_client_free_void().

◆ rend_authorized_client_free_void()

static void rend_authorized_client_free_void ( void *  authorized_client)
static

Helper for strmap_free.

Definition at line 207 of file rendservice.c.

References rend_authorized_client_free_().

◆ rend_check_authorization()

static int rend_check_authorization ( rend_service_t *  service,
const char *  descriptor_cookie,
size_t  cookie_len 
)
static

Check client authorization of a given descriptor_cookie of length cookie_len for service. Return 1 for success and 0 for failure.

Definition at line 1798 of file rendservice.c.

References tor_assert().

◆ rend_consider_descriptor_republication()

void rend_consider_descriptor_republication ( void  )

Consider republication of v2 rendezvous service descriptors that failed previously, but without regenerating descriptor contents.

Definition at line 4331 of file rendservice.c.

References consider_republishing_rend_descriptors.

◆ rend_consider_services_intro_points()

void rend_consider_services_intro_points ( time_t  now)

For every service, check how many intro points it currently has, and:

  • Invalidate introdution points based on specific criteria, see remove_invalid_intro_points comments.
  • Pick new intro points as necessary.
  • Launch circuits to any new intro points.

This is called once a second by the main loop.

Definition at line 4089 of file rendservice.c.

◆ rend_consider_services_upload()

void rend_consider_services_upload ( time_t  now)

Regenerate and upload rendezvous service descriptors for all services, if necessary. If the descriptor has been dirty enough for long enough, definitely upload; else only upload when the periodic timeout has expired.

For the first upload, pick a random time between now and two periods from now, and pick it independently for each service.

Definition at line 4272 of file rendservice.c.

References or_options_t::RendPostPeriod, and or_options_t::TestingTorNetwork.

◆ rend_hsdir_routers_changed()

void rend_hsdir_routers_changed ( void  )

Called when our internal view of the directory has changed, so that we might have router descriptors of hidden service directories available that we did not have before.

Definition at line 4322 of file rendservice.c.

References consider_republishing_rend_descriptors.

Referenced by router_dir_info_changed().

◆ rend_log_intro_limit()

static void rend_log_intro_limit ( const rend_service_t *  service,
int  min_severity 
)
static

Log information about the intro point creation rate and current intro points for service, upgrading the log level from min_severity to warn if we have stopped launching new intro point circuits.

Definition at line 1028 of file rendservice.c.

References LOG_WARN, and rend_max_intro_circs_per_period().

◆ rend_max_intro_circs_per_period()

static int rend_max_intro_circs_per_period ( unsigned int  n_intro_points_wanted)
static

Don't try to build more than this many circuits before giving up for a while. Dynamically calculated based on the configured number of introduction points for the service, n_intro_points_wanted.

Definition at line 4067 of file rendservice.c.

References NUM_INTRO_POINTS_EXTRA, NUM_INTRO_POINTS_MAX, and tor_assert().

Referenced by rend_log_intro_limit().

◆ rend_num_services()

int rend_num_services ( void  )

Return the number of rendezvous services we have configured.

Definition at line 183 of file rendservice.c.

References rend_service_list.

Referenced by check_network_participation_callback().

◆ rend_service_add_ephemeral()

hs_service_add_ephemeral_status_t rend_service_add_ephemeral ( crypto_pk_t pk,
smartlist_t ports,
int  max_streams_per_circuit,
int  max_streams_close_circuit,
rend_auth_type_t  auth_type,
smartlist_t auth_clients,
char **  service_id_out 
)

Add the ephemeral service pk/ports if possible, using client authorization auth_type and an optional list of rend_authorized_client_t in auth_clients, with max_streams_per_circuit streams allowed per rendezvous circuit, and circuit closure on max streams being exceeded set by max_streams_close_circuit.

Ownership of pk, ports, and auth_clients is passed to this routine. Regardless of success/failure, callers should not touch these values after calling this routine, and may assume that correct cleanup has been done on failure.

Return an appropriate hs_service_add_ephemeral_status_t.

Definition at line 903 of file rendservice.c.

◆ rend_service_add_filenames_to_list()

static void rend_service_add_filenames_to_list ( smartlist_t lst,
const rend_service_t *  s 
)
static

Add to lst every filename used by s.

Definition at line 1409 of file rendservice.c.

References smartlist_add(), and tor_assert().

Referenced by rend_services_add_filenames_to_lists().

◆ rend_service_begin_parse_intro()

rend_intro_cell_t* rend_service_begin_parse_intro ( const uint8_t *  request,
size_t  request_len,
uint8_t  type,
char **  err_msg_out 
)

Parse an INTRODUCE1 or INTRODUCE2 cell into a newly allocated rend_intro_cell_t structure. Free it with rend_service_free_intro() when finished. The type parameter should be 1 or 2 to indicate whether this is INTRODUCE1 or INTRODUCE2. This parses only the non-encrypted parts; after this, call rend_service_decrypt_intro() with a key, then rend_service_parse_intro_plaintext() to finish parsing. The optional err_msg_out parameter is set to a string suitable for log output if parsing fails. This function does some validation, but only that which depends solely on the contents of the cell and the key; it can be unit-tested. Further validation is done in rend_service_validate_intro().

Definition at line 2371 of file rendservice.c.

◆ rend_service_check_private_dir()

static int rend_service_check_private_dir ( const or_options_t options,
const rend_service_t *  s,
int  create 
)
static

Make sure that the directory for s is private, using the config in options. If create is true:

  • if the directory exists, change permissions if needed,
  • if the directory does not exist, create it with the correct permissions. If create is false:
  • if the directory exists, check permissions,
  • if the directory does not exist, check if we think we can create it. Return 0 on success, -1 on failure.

Definition at line 1465 of file rendservice.c.

Referenced by rend_service_load_keys().

◆ rend_service_decrypt_intro()

int rend_service_decrypt_intro ( rend_intro_cell_t intro,
crypto_pk_t key,
char **  err_msg_out 
)

Decrypt the encrypted part of an INTRODUCE1 or INTRODUCE2 cell, return 0 if successful, or < 0 and write an error message to *err_msg_out if provided.

Definition at line 2747 of file rendservice.c.

References DIGEST_LEN, RELAY_PAYLOAD_SIZE, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_service_del_ephemeral()

int rend_service_del_ephemeral ( const char *  service_id)

Remove the ephemeral service service_id if possible. Returns 0 on success, and -1 on failure.

Definition at line 971 of file rendservice.c.

References rend_valid_v2_service_id().

Referenced by connection_control_closed().

◆ rend_service_derive_key_digests()

static int rend_service_derive_key_digests ( struct rend_service_t *  s)
static

Derive all rend_service_t internal material based on the service's key. Returns 0 on success, -1 on failure.

Definition at line 1441 of file rendservice.c.

References rend_get_service_id().

◆ rend_service_desc_has_uploaded()

void rend_service_desc_has_uploaded ( const rend_data_t rend_data)

A new descriptor has been successfully uploaded for the given rend_data. Remove and free the expiring nodes from the associated service.

Definition at line 4036 of file rendservice.c.

References tor_assert().

◆ rend_service_dump_stats()

void rend_service_dump_stats ( int  severity)

Log the status of introduction points for all rendezvous services at log severity severity.

Definition at line 4357 of file rendservice.c.

◆ rend_service_escaped_dir()

static const char * rend_service_escaped_dir ( const struct rend_service_t *  s)
static

Returns a escaped string representation of the service, s.

Definition at line 176 of file rendservice.c.

References escaped(), and rend_service_is_ephemeral().

◆ rend_service_free_()

STATIC void rend_service_free_ ( rend_service_t *  service)

Release the storage held by service.

Definition at line 215 of file rendservice.c.

References SMARTLIST_FOREACH, and tor_free.

◆ rend_service_free_all()

void rend_service_free_all ( void  )

Release all the storage held in both rend_service_list and rend_service_staging_list.

Definition at line 266 of file rendservice.c.

References rend_service_list, and SMARTLIST_FOREACH.

◆ rend_service_free_intro_()

void rend_service_free_intro_ ( rend_intro_cell_t request)

Free a parsed INTRODUCE1 or INTRODUCE2 cell that was allocated by rend_service_parse_intro().

Definition at line 2302 of file rendservice.c.

References memwipe(), and tor_free.

◆ rend_service_get_by_pk_digest()

static rend_service_t * rend_service_get_by_pk_digest ( const char *  digest)
static

Return the service whose public key has a digest of digest, or NULL if no such service exists.

Definition at line 1772 of file rendservice.c.

References DIGEST_LEN, rend_service_list, SMARTLIST_FOREACH, and tor_memeq().

◆ rend_service_get_by_service_id()

static struct rend_service_t * rend_service_get_by_service_id ( const char *  id)
static

Return the service whose service id is id, or NULL if no such service exists.

Definition at line 1784 of file rendservice.c.

References REND_SERVICE_ID_LEN_BASE32, rend_service_list, SMARTLIST_FOREACH, tor_assert(), and tor_memeq().

◆ rend_service_intro_established()

int rend_service_intro_established ( origin_circuit_t circuit,
const uint8_t *  request,
size_t  request_len 
)

Called when we get an INTRO_ESTABLISHED cell; mark the circuit as a live introduction point, and note that the service descriptor is now out-of-date.

Definition at line 3388 of file rendservice.c.

References origin_circuit_t::rend_data, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_intro_has_opened()

void rend_service_intro_has_opened ( origin_circuit_t circuit)

Called when we're done building a circuit to an introduction point: sends a RELAY_ESTABLISH_INTRO cell.

Definition at line 3256 of file rendservice.c.

References RELAY_PAYLOAD_SIZE, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_service_is_ephemeral()

static unsigned int rend_service_is_ephemeral ( const struct rend_service_t *  s)
static

Tells if onion service s is ephemeral.

Definition at line 168 of file rendservice.c.

Referenced by rend_service_escaped_dir(), and rend_services_add_filenames_to_lists().

◆ rend_service_launch_establish_intro()

static int rend_service_launch_establish_intro ( rend_service_t *  service,
rend_intro_point_t intro 
)
static

Launch a circuit to serve as an introduction point for the service service at the introduction point nickname

Definition at line 3079 of file rendservice.c.

References CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_UPTIME, and rend_intro_point_t::extend_info.

◆ rend_service_load_all_keys()

int rend_service_load_all_keys ( const smartlist_t service_list)

Load and/or generate private keys for all hidden services, possibly including keys for client authorization. If a service_list is provided, treat it as the list of hidden services (used in unittests). Otherwise, require that rend_service_list is not NULL. Return 0 on success, -1 on failure.

Definition at line 1386 of file rendservice.c.

◆ rend_service_load_auth_keys()

static int rend_service_load_auth_keys ( rend_service_t *  s,
const char *  hfname 
)
static

Load and/or generate client authorization keys for the hidden service s, which stores its hostname in hfname. Return 0 on success, -1 on failure.

Definition at line 1588 of file rendservice.c.

References REND_DESC_COOKIE_LEN_BASE64.

◆ rend_service_load_keys()

static int rend_service_load_keys ( rend_service_t *  s)
static

Load and/or generate private keys for the hidden service s, possibly including keys for client authorization. Return 0 on success, -1 on failure.

Definition at line 1529 of file rendservice.c.

References rend_service_check_private_dir().

◆ rend_service_parse_intro_for_v0_or_v1()

static ssize_t rend_service_parse_intro_for_v0_or_v1 ( rend_intro_cell_t intro,
const uint8_t *  buf,
size_t  plaintext_len,
char **  err_msg_out 
)
static

Parse the version-specific parts of a v0 or v1 INTRODUCE1 or INTRODUCE2 cell

Definition at line 2434 of file rendservice.c.

References is_legal_nickname(), is_legal_nickname_or_hexdigest(), MAX_HEX_NICKNAME_LEN, MAX_NICKNAME_LEN, and tor_asprintf().

◆ rend_service_parse_intro_for_v2()

static ssize_t rend_service_parse_intro_for_v2 ( rend_intro_cell_t intro,
const uint8_t *  buf,
size_t  plaintext_len,
char **  err_msg_out 
)
static

Parse the version-specific parts of a v2 INTRODUCE1 or INTRODUCE2 cell

Definition at line 2507 of file rendservice.c.

References DIGEST_LEN, and tor_asprintf().

◆ rend_service_parse_intro_for_v3()

static ssize_t rend_service_parse_intro_for_v3 ( rend_intro_cell_t intro,
const uint8_t *  buf,
size_t  plaintext_len,
char **  err_msg_out 
)
static

Parse the version-specific parts of a v3 INTRODUCE1 or INTRODUCE2 cell

Definition at line 2609 of file rendservice.c.

References tor_asprintf().

◆ rend_service_parse_intro_plaintext()

int rend_service_parse_intro_plaintext ( rend_intro_cell_t intro,
char **  err_msg_out 
)

Parse the plaintext of the encrypted part of an INTRODUCE1 or INTRODUCE2 cell, return 0 if successful, or < 0 and write an error message to *err_msg_out if provided.

The rendezvous cookie and Diffie-Hellman stuff are version-invariant and at the end of the plaintext of the encrypted part of the cell.

Definition at line 2870 of file rendservice.c.

◆ rend_service_parse_port_config()

rend_service_port_config_t* rend_service_parse_port_config ( const char *  string,
const char *  sep,
char **  err_msg_out 
)

Parses a virtual-port to real-port/socket mapping separated by the provided separator and returns a new rend_service_port_config_t, or NULL and an optional error string on failure.

The format is: VirtualPort SEP (IP|RealPort|IP:RealPort|'socket':path)?

IP defaults to 127.0.0.1; RealPort defaults to VirtualPort.

Definition at line 418 of file rendservice.c.

References smartlist_split_string().

◆ rend_service_poison_new_single_onion_dir()

STATIC int rend_service_poison_new_single_onion_dir ( const rend_service_t *  s,
const or_options_t options 
)

We just got launched in Single Onion Mode. That's a non-anonymous mode for hidden services. If s is new, we should mark its hidden service directory appropriately so that it is never launched as a location-private hidden service. (New directories don't have private key files.) Return 0 on success, -1 on fail.

Definition at line 1325 of file rendservice.c.

◆ rend_service_port_config_free_()

void rend_service_port_config_free_ ( rend_service_port_config_t p)

Release all storage held in a rend_service_port_config_t.

Definition at line 520 of file rendservice.c.

References tor_free.

◆ rend_service_port_config_new()

static rend_service_port_config_t* rend_service_port_config_new ( const char *  socket_path)
static

Return a new rend_service_port_config_t with its path set to socket_path or empty if socket_path is NULL

Definition at line 396 of file rendservice.c.

◆ rend_service_receive_introduction()

int rend_service_receive_introduction ( origin_circuit_t circuit,
const uint8_t *  request,
size_t  request_len 
)

Respond to an INTRODUCE2 cell by launching a circuit to the chosen rendezvous point.

Definition at line 1875 of file rendservice.c.

◆ rend_service_relaunch_rendezvous()

void rend_service_relaunch_rendezvous ( origin_circuit_t oldcirc)

Called when we fail building a rendezvous circuit at some point other than the last hop: launches a new circuit to the same rendezvous point.

Definition at line 3011 of file rendservice.c.

References origin_circuit_t::build_state, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, CIRCUIT_PURPOSE_S_CONNECT_REND, circuit_t::purpose, cpath_build_state_t::service_pending_final_cpath_ref, and tor_assert().

◆ rend_service_rendezvous_has_opened()

void rend_service_rendezvous_has_opened ( origin_circuit_t circuit)

Called once a circuit to a rendezvous point is established: sends a RELAY_COMMAND_RENDEZVOUS1 cell.

Definition at line 3449 of file rendservice.c.

References origin_circuit_t::build_state, CIRCUIT_PURPOSE_S_CONNECT_REND, origin_circuit_t::cpath, circuit_t::purpose, RELAY_PAYLOAD_SIZE, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_set_connection_addr_port()

int rend_service_set_connection_addr_port ( edge_connection_t conn,
origin_circuit_t circ 
)

Given conn, a rendezvous exit stream, look up the hidden service for circ, and look up the port and address based on conn->port. Assign the actual conn->addr and conn->port. Return -2 on failure for which the circuit should be closed, -1 on other failure, or 0 for success.

Definition at line 4392 of file rendservice.c.

References CIRCUIT_PURPOSE_S_REND_JOINED, circuit_t::purpose, origin_circuit_t::rend_data, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_update_descriptor()

static void rend_service_update_descriptor ( rend_service_t *  service)
static

Replace the old value of service->desc with one that reflects the other fields in service.

Definition at line 1063 of file rendservice.c.

◆ rend_service_validate_intro_late()

int rend_service_validate_intro_late ( const rend_intro_cell_t intro,
char **  err_msg_out 
)

Do validity checks on a parsed intro cell after decryption; some of these are not done in rend_service_parse_intro_plaintext() itself because they depend on a lot of other state and would make it hard to unit test. Returns >= 0 if successful or < 0 if the intro cell is invalid, and optionally writes out an error message for logging. If an err_msg pointer is provided, it is the caller's responsibility to free any provided message.

Definition at line 2976 of file rendservice.c.

◆ rend_service_verify_single_onion_poison()

STATIC int rend_service_verify_single_onion_poison ( const rend_service_t *  s,
const or_options_t options 
)

Check the single onion service poison state of the directory for s:

  • If the service is poisoned, and we are in Single Onion Mode, return 0,
  • If the service is not poisoned, and we are not in Single Onion Mode, return 0,
  • Otherwise, the poison state is invalid: the service was created in one mode, and is being used in the other, return -1. Hidden service directories without keys are always considered consistent. They will be poisoned after their directory is created (if needed).

Definition at line 1210 of file rendservice.c.

◆ rend_services_add_filenames_to_lists()

void rend_services_add_filenames_to_lists ( smartlist_t open_lst,
smartlist_t stat_lst 
)

Add to open_lst every filename used by a configured hidden service, and to stat_lst every directory used by a configured hidden service

Definition at line 1424 of file rendservice.c.

References rend_service_add_filenames_to_list(), rend_service_is_ephemeral(), rend_service_list, smartlist_add_strdup(), and SMARTLIST_FOREACH_BEGIN.

◆ service_is_single_onion_poisoned()

static int service_is_single_onion_poisoned ( const rend_service_t *  service)
static

Return True if hidden services service has been poisoned by single onion mode.

Definition at line 1157 of file rendservice.c.

◆ upload_service_descriptor()

static void upload_service_descriptor ( rend_service_t *  service)
static

Encode and sign an up-to-date service descriptor for service, and upload it/them to the responsible hidden service directories.

Definition at line 3773 of file rendservice.c.

References REND_SERVICE_ID_LEN_BASE32.

Variable Documentation

◆ consider_republishing_rend_descriptors

int consider_republishing_rend_descriptors = 1
static

True if the list of available router descriptors might have changed so that we should have a look whether we can republish previously failed rendezvous service descriptors.

Definition at line 4316 of file rendservice.c.

Referenced by rend_consider_descriptor_republication(), and rend_hsdir_routers_changed().

◆ intro_version_handlers

ssize_t(* intro_version_handlers[])(rend_intro_cell_t *, const uint8_t *, size_t, char **)
static
Initial value:
=
static ssize_t rend_service_parse_intro_for_v3(rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
Definition: rendservice.c:2609
static ssize_t rend_service_parse_intro_for_v2(rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
Definition: rendservice.c:2507
static ssize_t rend_service_parse_intro_for_v0_or_v1(rend_intro_cell_t *intro, const uint8_t *buf, size_t plaintext_len, char **err_msg_out)
Definition: rendservice.c:2434

Table of parser functions for version-specific parts of an INTRODUCE2 cell.

Definition at line 2731 of file rendservice.c.

◆ rend_service_list

smartlist_t* rend_service_list = NULL
static

A list of rend_service_t's for services run on this OP.

Definition at line 127 of file rendservice.c.

Referenced by rend_num_services(), rend_service_free_all(), rend_service_get_by_pk_digest(), rend_service_get_by_service_id(), and rend_services_add_filenames_to_lists().

◆ rend_service_staging_list

smartlist_t* rend_service_staging_list = NULL
static

A list of rend_service_t's for services run on this OP which is used as a staging area before they are put in the main list in order to prune dying service on config reload.

Definition at line 131 of file rendservice.c.