tor  0.4.0.1-alpha
Data Structures | Macros | Typedefs | Functions
rendservice.h File Reference
#include "core/or/or.h"
#include "feature/hs/hs_service.h"

Go to the source code of this file.

Data Structures

struct  rend_intro_cell_t
 

Macros

#define rend_service_free_intro(req)
 
#define rend_service_port_config_free(p)
 
#define rend_authorized_client_free(client)
 

Typedefs

typedef struct rend_intro_cell_t rend_intro_cell_t
 

Functions

int rend_num_services (void)
 
int rend_config_service (const struct config_line_t *line_, const or_options_t *options, hs_service_config_t *config)
 
void rend_service_prune_list (void)
 
void rend_service_free_staging_list (void)
 
int rend_service_load_all_keys (const smartlist_t *service_list)
 
int rend_service_key_on_disk (const char *directory_path)
 
void rend_services_add_filenames_to_lists (smartlist_t *open_lst, smartlist_t *stat_lst)
 
void rend_consider_services_intro_points (time_t now)
 
void rend_consider_services_upload (time_t now)
 
void rend_hsdir_routers_changed (void)
 
void rend_consider_descriptor_republication (void)
 
void rend_service_intro_has_opened (origin_circuit_t *circuit)
 
int rend_service_intro_established (origin_circuit_t *circuit, const uint8_t *request, size_t request_len)
 
void rend_service_rendezvous_has_opened (origin_circuit_t *circuit)
 
int rend_service_receive_introduction (origin_circuit_t *circuit, const uint8_t *request, size_t request_len)
 
int rend_service_decrypt_intro (rend_intro_cell_t *request, crypto_pk_t *key, char **err_msg_out)
 
void rend_service_free_intro_ (rend_intro_cell_t *request)
 
rend_intro_cell_trend_service_begin_parse_intro (const uint8_t *request, size_t request_len, uint8_t type, char **err_msg_out)
 
int rend_service_parse_intro_plaintext (rend_intro_cell_t *intro, char **err_msg_out)
 
ssize_t rend_service_encode_establish_intro_cell (char *cell_body_out, size_t cell_body_out_len, crypto_pk_t *intro_key, const char *rend_circ_nonce)
 
int rend_service_validate_intro_late (const rend_intro_cell_t *intro, char **err_msg_out)
 
void rend_service_relaunch_rendezvous (origin_circuit_t *oldcirc)
 
int rend_service_set_connection_addr_port (edge_connection_t *conn, origin_circuit_t *circ)
 
void rend_service_dump_stats (int severity)
 
void rend_service_free_all (void)
 
void rend_service_init (void)
 
rend_service_port_config_trend_service_parse_port_config (const char *string, const char *sep, char **err_msg_out)
 
void rend_service_port_config_free_ (rend_service_port_config_t *p)
 
void rend_authorized_client_free_ (rend_authorized_client_t *client)
 
hs_service_add_ephemeral_status_t rend_service_add_ephemeral (crypto_pk_t *pk, smartlist_t *ports, int max_streams_per_circuit, int max_streams_close_circuit, rend_auth_type_t auth_type, smartlist_t *auth_clients, char **service_id_out)
 
int rend_service_del_ephemeral (const char *service_id)
 
void directory_post_to_hs_dir (rend_service_descriptor_t *renddesc, smartlist_t *descs, smartlist_t *hs_dirs, const char *service_id, int seconds_valid)
 
void rend_service_desc_has_uploaded (const rend_data_t *rend_data)
 
int rend_service_allow_non_anonymous_connection (const or_options_t *options)
 
int rend_service_reveal_startup_time (const or_options_t *options)
 
int rend_service_non_anonymous_mode_enabled (const or_options_t *options)
 

Detailed Description

Header file for rendservice.c.

Definition in file rendservice.h.

Macro Definition Documentation

◆ rend_authorized_client_free

#define rend_authorized_client_free (   client)
Value:
(client))
void rend_authorized_client_free_(rend_authorized_client_t *client)
Definition: rendservice.c:192

Definition at line 200 of file rendservice.h.

◆ rend_service_free_intro

#define rend_service_free_intro (   req)
Value:
do { \
rend_service_free_intro_(req); \
(req) = NULL; \
} while (0)

Definition at line 168 of file rendservice.h.

◆ rend_service_port_config_free

#define rend_service_port_config_free (   p)
Value:
(p))
void rend_service_port_config_free_(rend_service_port_config_t *p)
Definition: rendservice.c:520

Definition at line 195 of file rendservice.h.

Function Documentation

◆ directory_post_to_hs_dir()

void directory_post_to_hs_dir ( rend_service_descriptor_t renddesc,
smartlist_t descs,
smartlist_t hs_dirs,
const char *  service_id,
int  seconds_valid 
)

Upload the rend_encoded_v2_service_descriptor_t's in descs associated with the rend_service_descriptor_t renddesc to the responsible hidden service directories OR the hidden service directories specified by hs_dirs; service_id and seconds_valid are only passed for logging purposes.

If any HSDirs are specified, they should be used instead of the responsible directories

Definition at line 3637 of file rendservice.c.

◆ rend_authorized_client_free_()

void rend_authorized_client_free_ ( rend_authorized_client_t client)

Helper: free storage held by a single service authorized client entry.

Definition at line 192 of file rendservice.c.

Referenced by rend_authorized_client_free_void().

◆ rend_consider_descriptor_republication()

void rend_consider_descriptor_republication ( void  )

Consider republication of v2 rendezvous service descriptors that failed previously, but without regenerating descriptor contents.

Definition at line 4309 of file rendservice.c.

References consider_republishing_rend_descriptors.

◆ rend_consider_services_intro_points()

void rend_consider_services_intro_points ( time_t  now)

For every service, check how many intro points it currently has, and:

  • Invalidate introdution points based on specific criteria, see remove_invalid_intro_points comments.
  • Pick new intro points as necessary.
  • Launch circuits to any new intro points.

This is called once a second by the main loop.

Definition at line 4067 of file rendservice.c.

◆ rend_consider_services_upload()

void rend_consider_services_upload ( time_t  now)

Regenerate and upload rendezvous service descriptors for all services, if necessary. If the descriptor has been dirty enough for long enough, definitely upload; else only upload when the periodic timeout has expired.

For the first upload, pick a random time between now and two periods from now, and pick it independently for each service.

Definition at line 4250 of file rendservice.c.

References or_options_t::RendPostPeriod, and or_options_t::TestingTorNetwork.

◆ rend_hsdir_routers_changed()

void rend_hsdir_routers_changed ( void  )

Called when our internal view of the directory has changed, so that we might have router descriptors of hidden service directories available that we did not have before.

Definition at line 4300 of file rendservice.c.

References consider_republishing_rend_descriptors.

Referenced by router_dir_info_changed().

◆ rend_num_services()

int rend_num_services ( void  )

Return the number of rendezvous services we have configured.

Definition at line 183 of file rendservice.c.

References rend_service_list.

Referenced by check_network_participation_callback().

◆ rend_service_add_ephemeral()

hs_service_add_ephemeral_status_t rend_service_add_ephemeral ( crypto_pk_t pk,
smartlist_t ports,
int  max_streams_per_circuit,
int  max_streams_close_circuit,
rend_auth_type_t  auth_type,
smartlist_t auth_clients,
char **  service_id_out 
)

Add the ephemeral service pk/ports if possible, using client authorization auth_type and an optional list of rend_authorized_client_t in auth_clients, with max_streams_per_circuit streams allowed per rendezvous circuit, and circuit closure on max streams being exceeded set by max_streams_close_circuit.

Ownership of pk, ports, and auth_clients is passed to this routine. Regardless of success/failure, callers should not touch these values after calling this routine, and may assume that correct cleanup has been done on failure.

Return an appropriate hs_service_add_ephemeral_status_t.

Definition at line 903 of file rendservice.c.

◆ rend_service_begin_parse_intro()

rend_intro_cell_t* rend_service_begin_parse_intro ( const uint8_t *  request,
size_t  request_len,
uint8_t  type,
char **  err_msg_out 
)

Parse an INTRODUCE1 or INTRODUCE2 cell into a newly allocated rend_intro_cell_t structure. Free it with rend_service_free_intro() when finished. The type parameter should be 1 or 2 to indicate whether this is INTRODUCE1 or INTRODUCE2. This parses only the non-encrypted parts; after this, call rend_service_decrypt_intro() with a key, then rend_service_parse_intro_plaintext() to finish parsing. The optional err_msg_out parameter is set to a string suitable for log output if parsing fails. This function does some validation, but only that which depends solely on the contents of the cell and the key; it can be unit-tested. Further validation is done in rend_service_validate_intro().

Definition at line 2371 of file rendservice.c.

◆ rend_service_decrypt_intro()

int rend_service_decrypt_intro ( rend_intro_cell_t intro,
crypto_pk_t key,
char **  err_msg_out 
)

Decrypt the encrypted part of an INTRODUCE1 or INTRODUCE2 cell, return 0 if successful, or < 0 and write an error message to *err_msg_out if provided.

Definition at line 2747 of file rendservice.c.

References DIGEST_LEN, RELAY_PAYLOAD_SIZE, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_service_del_ephemeral()

int rend_service_del_ephemeral ( const char *  service_id)

Remove the ephemeral service service_id if possible. Returns 0 on success, and -1 on failure.

Definition at line 971 of file rendservice.c.

References rend_valid_v2_service_id().

Referenced by connection_control_closed().

◆ rend_service_desc_has_uploaded()

void rend_service_desc_has_uploaded ( const rend_data_t rend_data)

A new descriptor has been successfully uploaded for the given rend_data. Remove and free the expiring nodes from the associated service.

Definition at line 4014 of file rendservice.c.

References tor_assert().

◆ rend_service_dump_stats()

void rend_service_dump_stats ( int  severity)

Log the status of introduction points for all rendezvous services at log severity severity.

Definition at line 4335 of file rendservice.c.

◆ rend_service_free_all()

void rend_service_free_all ( void  )

Release all the storage held in both rend_service_list and rend_service_staging_list.

Definition at line 266 of file rendservice.c.

References rend_service_list, and SMARTLIST_FOREACH.

◆ rend_service_free_intro_()

void rend_service_free_intro_ ( rend_intro_cell_t request)

Free a parsed INTRODUCE1 or INTRODUCE2 cell that was allocated by rend_service_parse_intro().

Definition at line 2302 of file rendservice.c.

References memwipe(), and tor_free.

◆ rend_service_intro_established()

int rend_service_intro_established ( origin_circuit_t circuit,
const uint8_t *  request,
size_t  request_len 
)

Called when we get an INTRO_ESTABLISHED cell; mark the circuit as a live introduction point, and note that the service descriptor is now out-of-date.

Definition at line 3366 of file rendservice.c.

References origin_circuit_t::rend_data, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_intro_has_opened()

void rend_service_intro_has_opened ( origin_circuit_t circuit)

Called when we're done building a circuit to an introduction point: sends a RELAY_ESTABLISH_INTRO cell.

Definition at line 3234 of file rendservice.c.

References RELAY_PAYLOAD_SIZE, and REND_SERVICE_ID_LEN_BASE32.

◆ rend_service_load_all_keys()

int rend_service_load_all_keys ( const smartlist_t service_list)

Load and/or generate private keys for all hidden services, possibly including keys for client authorization. If a service_list is provided, treat it as the list of hidden services (used in unittests). Otherwise, require that rend_service_list is not NULL. Return 0 on success, -1 on failure.

Definition at line 1386 of file rendservice.c.

◆ rend_service_parse_intro_plaintext()

int rend_service_parse_intro_plaintext ( rend_intro_cell_t intro,
char **  err_msg_out 
)

Parse the plaintext of the encrypted part of an INTRODUCE1 or INTRODUCE2 cell, return 0 if successful, or < 0 and write an error message to *err_msg_out if provided.

The rendezvous cookie and Diffie-Hellman stuff are version-invariant and at the end of the plaintext of the encrypted part of the cell.

Definition at line 2870 of file rendservice.c.

◆ rend_service_parse_port_config()

rend_service_port_config_t* rend_service_parse_port_config ( const char *  string,
const char *  sep,
char **  err_msg_out 
)

Parses a virtual-port to real-port/socket mapping separated by the provided separator and returns a new rend_service_port_config_t, or NULL and an optional error string on failure.

The format is: VirtualPort SEP (IP|RealPort|IP:RealPort|'socket':path)?

IP defaults to 127.0.0.1; RealPort defaults to VirtualPort.

Definition at line 418 of file rendservice.c.

References smartlist_split_string().

◆ rend_service_port_config_free_()

void rend_service_port_config_free_ ( rend_service_port_config_t p)

Release all storage held in a rend_service_port_config_t.

Definition at line 520 of file rendservice.c.

References tor_free.

◆ rend_service_receive_introduction()

int rend_service_receive_introduction ( origin_circuit_t circuit,
const uint8_t *  request,
size_t  request_len 
)

Respond to an INTRODUCE2 cell by launching a circuit to the chosen rendezvous point.

Definition at line 1875 of file rendservice.c.

◆ rend_service_relaunch_rendezvous()

void rend_service_relaunch_rendezvous ( origin_circuit_t oldcirc)

Called when we fail building a rendezvous circuit at some point other than the last hop: launches a new circuit to the same rendezvous point.

Definition at line 3011 of file rendservice.c.

References origin_circuit_t::build_state, CIRCUIT_PURPOSE_S_CONNECT_REND, circuit_t::purpose, cpath_build_state_t::service_pending_final_cpath_ref, and tor_assert().

◆ rend_service_rendezvous_has_opened()

void rend_service_rendezvous_has_opened ( origin_circuit_t circuit)

Called once a circuit to a rendezvous point is established: sends a RELAY_COMMAND_RENDEZVOUS1 cell.

Definition at line 3427 of file rendservice.c.

References origin_circuit_t::build_state, CIRCUIT_PURPOSE_S_CONNECT_REND, origin_circuit_t::cpath, circuit_t::purpose, RELAY_PAYLOAD_SIZE, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_set_connection_addr_port()

int rend_service_set_connection_addr_port ( edge_connection_t conn,
origin_circuit_t circ 
)

Given conn, a rendezvous exit stream, look up the hidden service for circ, and look up the port and address based on conn->port. Assign the actual conn->addr and conn->port. Return -2 on failure for which the circuit should be closed, -1 on other failure, or 0 for success.

Definition at line 4370 of file rendservice.c.

References CIRCUIT_PURPOSE_S_REND_JOINED, circuit_t::purpose, origin_circuit_t::rend_data, REND_SERVICE_ID_LEN_BASE32, and tor_assert().

◆ rend_service_validate_intro_late()

int rend_service_validate_intro_late ( const rend_intro_cell_t intro,
char **  err_msg_out 
)

Do validity checks on a parsed intro cell after decryption; some of these are not done in rend_service_parse_intro_plaintext() itself because they depend on a lot of other state and would make it hard to unit test. Returns >= 0 if successful or < 0 if the intro cell is invalid, and optionally writes out an error message for logging. If an err_msg pointer is provided, it is the caller's responsibility to free any provided message.

Definition at line 2976 of file rendservice.c.

◆ rend_services_add_filenames_to_lists()

void rend_services_add_filenames_to_lists ( smartlist_t open_lst,
smartlist_t stat_lst 
)

Add to open_lst every filename used by a configured hidden service, and to stat_lst every directory used by a configured hidden service

Definition at line 1424 of file rendservice.c.

References rend_service_add_filenames_to_list(), rend_service_is_ephemeral(), rend_service_list, smartlist_add_strdup(), and SMARTLIST_FOREACH_BEGIN.