February 2022 - tor-commits - lists.torproject.org

[tor/main] trunnel: Make hs/cell_common.trunnel generic
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit b5439d6bd0eb72501abce6e5f897f473d9b27fc1 Author: David Goulet <dgoulet(a)torproject.org> Date: Tue Dec 14 09:42:02 2021 -0500 trunnel: Make hs/cell_common.trunnel generic Move it to extension.trunnel instead so that extension ABI construction can be used in other parts of tor than just HS cells. Specifically, we'll use it in the ntorv3 data payload and make a congestion control parameter extension using that binary structure. Only rename. No code behavior changes. Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_cell.c | 47 +++--- src/feature/hs/hs_cell.h | 4 +- src/feature/hs/hs_circuit.c | 1 - src/feature/hs/hs_intropoint.c | 30 ++-- src/feature/hs/hs_service.c | 1 - src/test/test_hs_cell.c | 36 ++--- src/test/test_hs_intropoint.c | 6 +- src/trunnel/{hs/cell_common.c => extension.c} | 187 ++++++++++++------------ src/trunnel/extension.h | 197 +++++++++++++++++++++++++ src/trunnel/extension.trunnel | 14 ++ src/trunnel/hs/cell_common.h | 203 -------------------------- src/trunnel/hs/cell_common.trunnel | 12 -- src/trunnel/hs/cell_establish_intro.c | 68 ++++----- src/trunnel/hs/cell_establish_intro.h | 22 +-- src/trunnel/hs/cell_establish_intro.trunnel | 6 +- src/trunnel/hs/cell_introduce1.c | 94 ++++++------ src/trunnel/hs/cell_introduce1.h | 32 ++-- src/trunnel/hs/cell_introduce1.trunnel | 8 +- src/trunnel/include.am | 5 +- 19 files changed, 483 insertions(+), 490 deletions(-) diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c index f84407de9e..116395b3c8 100644 --- a/src/feature/hs/hs_cell.c +++ b/src/feature/hs/hs_cell.c @@ -19,7 +19,7 @@ /* Trunnel. */ #include "trunnel/ed25519_cert.h" -#include "trunnel/hs/cell_common.h" +#include "trunnel/extension.h" #include "trunnel/hs/cell_establish_intro.h" #include "trunnel/hs/cell_introduce1.h" #include "trunnel/hs/cell_rendezvous.h" @@ -379,7 +379,7 @@ introduce1_set_encrypted(trn_cell_introduce1_t *cell, const hs_cell_introduce1_data_t *data) { trn_cell_introduce_encrypted_t *enc_cell; - trn_cell_extension_t *ext; + trn_extension_t *ext; tor_assert(cell); tor_assert(data); @@ -388,9 +388,9 @@ introduce1_set_encrypted(trn_cell_introduce1_t *cell, tor_assert(enc_cell); /* Set extension data. None are used. */ - ext = trn_cell_extension_new(); + ext = trn_extension_new(); tor_assert(ext); - trn_cell_extension_set_num(ext, 0); + trn_extension_set_num(ext, 0); trn_cell_introduce_encrypted_set_extensions(enc_cell, ext); /* Set the rendezvous cookie. */ @@ -454,20 +454,20 @@ build_establish_intro_dos_param(trn_cell_extension_dos_t *dos_ext, * possible if there is a bug.) */ static int build_establish_intro_dos_extension(const hs_service_config_t *service_config, - trn_cell_extension_t *extensions) + trn_extension_t *extensions) { ssize_t ret; size_t dos_ext_encoded_len; uint8_t *field_array; - trn_cell_extension_field_t *field = NULL; + trn_extension_field_t *field = NULL; trn_cell_extension_dos_t *dos_ext = NULL; tor_assert(service_config); tor_assert(extensions); /* We are creating a cell extension field of the type DoS. */ - field = trn_cell_extension_field_new(); - trn_cell_extension_field_set_field_type(field, + field = trn_extension_field_new(); + trn_extension_field_set_field_type(field, TRUNNEL_CELL_EXTENSION_TYPE_DOS); /* Build DoS extension field. We will put in two parameters. */ @@ -490,24 +490,23 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config, } dos_ext_encoded_len = ret; /* Set length field and the field array size length. */ - trn_cell_extension_field_set_field_len(field, dos_ext_encoded_len); - trn_cell_extension_field_setlen_field(field, dos_ext_encoded_len); + trn_extension_field_set_field_len(field, dos_ext_encoded_len); + trn_extension_field_setlen_field(field, dos_ext_encoded_len); /* Encode the DoS extension into the cell extension field. */ - field_array = trn_cell_extension_field_getarray_field(field); + field_array = trn_extension_field_getarray_field(field); ret = trn_cell_extension_dos_encode(field_array, - trn_cell_extension_field_getlen_field(field), dos_ext); + trn_extension_field_getlen_field(field), dos_ext); if (BUG(ret <= 0)) { goto err; } tor_assert(ret == (ssize_t) dos_ext_encoded_len); /* Finally, encode field into the cell extension. */ - trn_cell_extension_add_fields(extensions, field); + trn_extension_add_fields(extensions, field); /* We've just add an extension field to the cell extensions so increment the * total number. */ - trn_cell_extension_set_num(extensions, - trn_cell_extension_get_num(extensions) + 1); + trn_extension_set_num(extensions, trn_extension_get_num(extensions) + 1); /* Cleanup. DoS extension has been encoded at this point. */ trn_cell_extension_dos_free(dos_ext); @@ -515,7 +514,7 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config, return 0; err: - trn_cell_extension_field_free(field); + trn_extension_field_free(field); trn_cell_extension_dos_free(dos_ext); return -1; } @@ -526,18 +525,18 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config, /** Allocate and build all the ESTABLISH_INTRO cell extension. The given * extensions pointer is always set to a valid cell extension object. */ -STATIC trn_cell_extension_t * +STATIC trn_extension_t * build_establish_intro_extensions(const hs_service_config_t *service_config, const hs_service_intro_point_t *ip) { int ret; - trn_cell_extension_t *extensions; + trn_extension_t *extensions; tor_assert(service_config); tor_assert(ip); - extensions = trn_cell_extension_new(); - trn_cell_extension_set_num(extensions, 0); + extensions = trn_extension_new(); + trn_extension_set_num(extensions, 0); /* If the defense has been enabled service side (by the operator with a * torrc option) and the intro point does support it. */ @@ -568,7 +567,7 @@ hs_cell_build_establish_intro(const char *circ_nonce, ssize_t cell_len = -1; uint16_t sig_len = ED25519_SIG_LEN; trn_cell_establish_intro_t *cell = NULL; - trn_cell_extension_t *extensions; + trn_extension_t *extensions; tor_assert(circ_nonce); tor_assert(service_config); @@ -947,7 +946,7 @@ hs_cell_build_introduce1(const hs_cell_introduce1_data_t *data, { ssize_t cell_len; trn_cell_introduce1_t *cell; - trn_cell_extension_t *ext; + trn_extension_t *ext; tor_assert(data); tor_assert(cell_out); @@ -956,9 +955,9 @@ hs_cell_build_introduce1(const hs_cell_introduce1_data_t *data, tor_assert(cell); /* Set extension data. None are used. */ - ext = trn_cell_extension_new(); + ext = trn_extension_new(); tor_assert(ext); - trn_cell_extension_set_num(ext, 0); + trn_extension_set_num(ext, 0); trn_cell_introduce1_set_extensions(cell, ext); /* Set the authentication key. */ diff --git a/src/feature/hs/hs_cell.h b/src/feature/hs/hs_cell.h index dc083ca03f..c25fd45567 100644 --- a/src/feature/hs/hs_cell.h +++ b/src/feature/hs/hs_cell.h @@ -115,9 +115,9 @@ void hs_cell_introduce1_data_clear(hs_cell_introduce1_data_t *data); #ifdef TOR_UNIT_TESTS -#include "trunnel/hs/cell_common.h" +#include "trunnel/extension.h" -STATIC trn_cell_extension_t * +STATIC trn_extension_t * build_establish_intro_extensions(const hs_service_config_t *service_config, const hs_service_intro_point_t *ip); diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index 0d7dd1c2b8..3347bdca07 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -35,7 +35,6 @@ /* Trunnel. */ #include "trunnel/ed25519_cert.h" -#include "trunnel/hs/cell_common.h" #include "trunnel/hs/cell_establish_intro.h" #include "core/or/cpath_build_state_st.h" diff --git a/src/feature/hs/hs_intropoint.c b/src/feature/hs/hs_intropoint.c index b589e44cc3..0a656b78dd 100644 --- a/src/feature/hs/hs_intropoint.c +++ b/src/feature/hs/hs_intropoint.c @@ -20,7 +20,7 @@ /* Trunnel */ #include "trunnel/ed25519_cert.h" -#include "trunnel/hs/cell_common.h" +#include "trunnel/extension.h" #include "trunnel/hs/cell_establish_intro.h" #include "trunnel/hs/cell_introduce1.h" @@ -155,14 +155,14 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ)) uint8_t *encoded_cell = NULL; ssize_t encoded_len, result_len; trn_cell_intro_established_t *cell; - trn_cell_extension_t *ext; + trn_extension_t *ext; tor_assert(circ); /* Build the cell payload. */ cell = trn_cell_intro_established_new(); - ext = trn_cell_extension_new(); - trn_cell_extension_set_num(ext, 0); + ext = trn_extension_new(); + trn_extension_set_num(ext, 0); trn_cell_intro_established_set_extensions(cell, ext); /* Encode the cell to binary format. */ encoded_len = trn_cell_intro_established_encoded_len(cell); @@ -249,7 +249,7 @@ cell_dos_extension_parameters_are_valid(uint64_t intro2_rate_per_sec, * values, the DoS defenses is disabled on the circuit. */ static void handle_establish_intro_cell_dos_extension( - const trn_cell_extension_field_t *field, + const trn_extension_field_t *field, or_circuit_t *circ) { ssize_t ret; @@ -260,8 +260,8 @@ handle_establish_intro_cell_dos_extension( tor_assert(circ); ret = trn_cell_extension_dos_parse(&dos, - trn_cell_extension_field_getconstarray_field(field), - trn_cell_extension_field_getlen_field(field)); + trn_extension_field_getconstarray_field(field), + trn_extension_field_getlen_field(field)); if (ret < 0) { goto end; } @@ -332,7 +332,7 @@ handle_establish_intro_cell_extensions( const trn_cell_establish_intro_t *parsed_cell, or_circuit_t *circ) { - const trn_cell_extension_t *extensions; + const trn_extension_t *extensions; tor_assert(parsed_cell); tor_assert(circ); @@ -343,15 +343,15 @@ handle_establish_intro_cell_extensions( } /* Go over all extensions. */ - for (size_t idx = 0; idx < trn_cell_extension_get_num(extensions); idx++) { - const trn_cell_extension_field_t *field = - trn_cell_extension_getconst_fields(extensions, idx); + for (size_t idx = 0; idx < trn_extension_get_num(extensions); idx++) { + const trn_extension_field_t *field = + trn_extension_getconst_fields(extensions, idx); if (BUG(field == NULL)) { /* The number of extensions should match the number of fields. */ break; } - switch (trn_cell_extension_field_get_field_type(field)) { + switch (trn_extension_field_get_field_type(field)) { case TRUNNEL_CELL_EXTENSION_TYPE_DOS: /* After this, the circuit should be set for DoS defenses. */ handle_establish_intro_cell_dos_extension(field, circ); @@ -541,7 +541,7 @@ send_introduce_ack_cell(or_circuit_t *circ, uint16_t status) uint8_t *encoded_cell = NULL; ssize_t encoded_len, result_len; trn_cell_introduce_ack_t *cell; - trn_cell_extension_t *ext; + trn_extension_t *ext; tor_assert(circ); @@ -550,8 +550,8 @@ send_introduce_ack_cell(or_circuit_t *circ, uint16_t status) cell = trn_cell_introduce_ack_new(); ret = trn_cell_introduce_ack_set_status(cell, status); /* We have no cell extensions in an INTRODUCE_ACK cell. */ - ext = trn_cell_extension_new(); - trn_cell_extension_set_num(ext, 0); + ext = trn_extension_new(); + trn_extension_set_num(ext, 0); trn_cell_introduce_ack_set_extensions(cell, ext); /* A wrong status is a very bad code flow error as this value is controlled * by the code in this file and not an external input. This means we use a diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 2b3699422a..bf99ad69bd 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -59,7 +59,6 @@ /* Trunnel */ #include "trunnel/ed25519_cert.h" -#include "trunnel/hs/cell_common.h" #include "trunnel/hs/cell_establish_intro.h" #ifdef HAVE_SYS_STAT_H diff --git a/src/test/test_hs_cell.c b/src/test/test_hs_cell.c index 818f7bfef7..cf7af8a38a 100644 --- a/src/test/test_hs_cell.c +++ b/src/test/test_hs_cell.c @@ -20,7 +20,7 @@ #include "feature/hs/hs_service.h" /* Trunnel. */ -#include "trunnel/hs/cell_common.h" +#include "trunnel/extension.h" #include "trunnel/hs/cell_establish_intro.h" /** We simulate the creation of an outgoing ESTABLISH_INTRO cell, and then we @@ -132,7 +132,7 @@ test_gen_establish_intro_dos_ext(void *arg) ssize_t ret; hs_service_config_t config; hs_service_intro_point_t *ip = NULL; - trn_cell_extension_t *extensions = NULL; + trn_extension_t *extensions = NULL; trn_cell_extension_dos_t *dos = NULL; (void) arg; @@ -144,8 +144,8 @@ test_gen_establish_intro_dos_ext(void *arg) /* Case 1: No DoS parameters so no extension to be built. */ extensions = build_establish_intro_extensions(&config, ip); - tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 0); - trn_cell_extension_free(extensions); + tt_int_op(trn_extension_get_num(extensions), OP_EQ, 0); + trn_extension_free(extensions); extensions = NULL; /* Case 2: Enable the DoS extension. Parameter set to 0 should indicate to @@ -153,15 +153,15 @@ test_gen_establish_intro_dos_ext(void *arg) * nonetheless in the cell. */ config.has_dos_defense_enabled = 1; extensions = build_establish_intro_extensions(&config, ip); - tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 1); + tt_int_op(trn_extension_get_num(extensions), OP_EQ, 1); /* Validate the extension. */ - const trn_cell_extension_field_t *field = - trn_cell_extension_getconst_fields(extensions, 0); - tt_int_op(trn_cell_extension_field_get_field_type(field), OP_EQ, + const trn_extension_field_t *field = + trn_extension_getconst_fields(extensions, 0); + tt_int_op(trn_extension_field_get_field_type(field), OP_EQ, TRUNNEL_CELL_EXTENSION_TYPE_DOS); ret = trn_cell_extension_dos_parse(&dos, - trn_cell_extension_field_getconstarray_field(field), - trn_cell_extension_field_getlen_field(field)); + trn_extension_field_getconstarray_field(field), + trn_extension_field_getlen_field(field)); tt_int_op(ret, OP_EQ, 19); /* Rate per sec param. */ const trn_cell_extension_dos_param_t *param = @@ -175,21 +175,21 @@ test_gen_establish_intro_dos_ext(void *arg) TRUNNEL_DOS_PARAM_TYPE_INTRO2_BURST_PER_SEC); tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 0); trn_cell_extension_dos_free(dos); dos = NULL; - trn_cell_extension_free(extensions); extensions = NULL; + trn_extension_free(extensions); extensions = NULL; /* Case 3: Enable the DoS extension. Parameter set to some normal values. */ config.has_dos_defense_enabled = 1; config.intro_dos_rate_per_sec = 42; config.intro_dos_burst_per_sec = 250; extensions = build_establish_intro_extensions(&config, ip); - tt_int_op(trn_cell_extension_get_num(extensions), OP_EQ, 1); + tt_int_op(trn_extension_get_num(extensions), OP_EQ, 1); /* Validate the extension. */ - field = trn_cell_extension_getconst_fields(extensions, 0); - tt_int_op(trn_cell_extension_field_get_field_type(field), OP_EQ, + field = trn_extension_getconst_fields(extensions, 0); + tt_int_op(trn_extension_field_get_field_type(field), OP_EQ, TRUNNEL_CELL_EXTENSION_TYPE_DOS); ret = trn_cell_extension_dos_parse(&dos, - trn_cell_extension_field_getconstarray_field(field), - trn_cell_extension_field_getlen_field(field)); + trn_extension_field_getconstarray_field(field), + trn_extension_field_getlen_field(field)); tt_int_op(ret, OP_EQ, 19); /* Rate per sec param. */ param = trn_cell_extension_dos_getconst_params(dos, 0); @@ -202,12 +202,12 @@ test_gen_establish_intro_dos_ext(void *arg) TRUNNEL_DOS_PARAM_TYPE_INTRO2_BURST_PER_SEC); tt_u64_op(trn_cell_extension_dos_param_get_value(param), OP_EQ, 250); trn_cell_extension_dos_free(dos); dos = NULL; - trn_cell_extension_free(extensions); extensions = NULL; + trn_extension_free(extensions); extensions = NULL; done: service_intro_point_free(ip); trn_cell_extension_dos_free(dos); - trn_cell_extension_free(extensions); + trn_extension_free(extensions); } struct testcase_t hs_cell_tests[] = { diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index a1ed281b4d..cbcdeade92 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -33,9 +33,9 @@ #include "core/or/or_circuit_st.h" /* Trunnel. */ +#include "trunnel/extension.h" #include "trunnel/hs/cell_establish_intro.h" #include "trunnel/hs/cell_introduce1.h" -#include "trunnel/hs/cell_common.h" static size_t new_establish_intro_cell(const char *circ_nonce, @@ -159,8 +159,8 @@ helper_create_introduce1_cell(void) /* Set the cell extensions to none. */ { - trn_cell_extension_t *ext = trn_cell_extension_new(); - trn_cell_extension_set_num(ext, 0); + trn_extension_t *ext = trn_extension_new(); + trn_extension_set_num(ext, 0); trn_cell_introduce1_set_extensions(cell, ext); } diff --git a/src/trunnel/hs/cell_common.c b/src/trunnel/extension.c similarity index 59% rename from src/trunnel/hs/cell_common.c rename to src/trunnel/extension.c index 1f50961d69..538ac62928 100644 --- a/src/trunnel/hs/cell_common.c +++ b/src/trunnel/extension.c @@ -1,11 +1,11 @@ -/* cell_common.c -- generated by Trunnel v1.5.3. +/* extension.c -- generated by Trunnel v1.5.3. * https://gitweb.torproject.org/trunnel.git * You probably shouldn't edit this file. */ #include <stdlib.h> #include "trunnel-impl.h" -#include "cell_common.h" +#include "extension.h" #define TRUNNEL_SET_ERROR_CODE(obj) \ do { \ @@ -15,8 +15,8 @@ #if defined(__COVERITY__) || defined(__clang_analyzer__) /* If we're running a static analysis tool, we don't want it to complain * that some of our remaining-bytes checks are dead-code. */ -int cellcommon_deadcode_dummy__ = 0; -#define OR_DEADCODE_DUMMY || cellcommon_deadcode_dummy__ +int extension_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || extension_deadcode_dummy__ #else #define OR_DEADCODE_DUMMY #endif @@ -28,10 +28,10 @@ int cellcommon_deadcode_dummy__ = 0; } \ } while (0) -trn_cell_extension_field_t * -trn_cell_extension_field_new(void) +trn_extension_field_t * +trn_extension_field_new(void) { - trn_cell_extension_field_t *val = trunnel_calloc(1, sizeof(trn_cell_extension_field_t)); + trn_extension_field_t *val = trunnel_calloc(1, sizeof(trn_extension_field_t)); if (NULL == val) return NULL; return val; @@ -40,7 +40,7 @@ trn_cell_extension_field_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -trn_cell_extension_field_clear(trn_cell_extension_field_t *obj) +trn_extension_field_clear(trn_extension_field_t *obj) { (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->field); @@ -48,62 +48,62 @@ trn_cell_extension_field_clear(trn_cell_extension_field_t *obj) } void -trn_cell_extension_field_free(trn_cell_extension_field_t *obj) +trn_extension_field_free(trn_extension_field_t *obj) { if (obj == NULL) return; - trn_cell_extension_field_clear(obj); - trunnel_memwipe(obj, sizeof(trn_cell_extension_field_t)); + trn_extension_field_clear(obj); + trunnel_memwipe(obj, sizeof(trn_extension_field_t)); trunnel_free_(obj); } uint8_t -trn_cell_extension_field_get_field_type(const trn_cell_extension_field_t *inp) +trn_extension_field_get_field_type(const trn_extension_field_t *inp) { return inp->field_type; } int -trn_cell_extension_field_set_field_type(trn_cell_extension_field_t *inp, uint8_t val) +trn_extension_field_set_field_type(trn_extension_field_t *inp, uint8_t val) { inp->field_type = val; return 0; } uint8_t -trn_cell_extension_field_get_field_len(const trn_cell_extension_field_t *inp) +trn_extension_field_get_field_len(const trn_extension_field_t *inp) { return inp->field_len; } int -trn_cell_extension_field_set_field_len(trn_cell_extension_field_t *inp, uint8_t val) +trn_extension_field_set_field_len(trn_extension_field_t *inp, uint8_t val) { inp->field_len = val; return 0; } size_t -trn_cell_extension_field_getlen_field(const trn_cell_extension_field_t *inp) +trn_extension_field_getlen_field(const trn_extension_field_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->field); } uint8_t -trn_cell_extension_field_get_field(trn_cell_extension_field_t *inp, size_t idx) +trn_extension_field_get_field(trn_extension_field_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->field, idx); } uint8_t -trn_cell_extension_field_getconst_field(const trn_cell_extension_field_t *inp, size_t idx) +trn_extension_field_getconst_field(const trn_extension_field_t *inp, size_t idx) { - return trn_cell_extension_field_get_field((trn_cell_extension_field_t*)inp, idx); + return trn_extension_field_get_field((trn_extension_field_t*)inp, idx); } int -trn_cell_extension_field_set_field(trn_cell_extension_field_t *inp, size_t idx, uint8_t elt) +trn_extension_field_set_field(trn_extension_field_t *inp, size_t idx, uint8_t elt) { TRUNNEL_DYNARRAY_SET(&inp->field, idx, elt); return 0; } int -trn_cell_extension_field_add_field(trn_cell_extension_field_t *inp, uint8_t elt) +trn_extension_field_add_field(trn_extension_field_t *inp, uint8_t elt) { #if SIZE_MAX >= UINT8_MAX if (inp->field.n_ == UINT8_MAX) @@ -117,17 +117,17 @@ trn_cell_extension_field_add_field(trn_cell_extension_field_t *inp, uint8_t elt) } uint8_t * -trn_cell_extension_field_getarray_field(trn_cell_extension_field_t *inp) +trn_extension_field_getarray_field(trn_extension_field_t *inp) { return inp->field.elts_; } const uint8_t * -trn_cell_extension_field_getconstarray_field(const trn_cell_extension_field_t *inp) +trn_extension_field_getconstarray_field(const trn_extension_field_t *inp) { - return (const uint8_t *)trn_cell_extension_field_getarray_field((trn_cell_extension_field_t*)inp); + return (const uint8_t *)trn_extension_field_getarray_field((trn_extension_field_t*)inp); } int -trn_cell_extension_field_setlen_field(trn_cell_extension_field_t *inp, size_t newlen) +trn_extension_field_setlen_field(trn_extension_field_t *inp, size_t newlen) { uint8_t *newptr; #if UINT8_MAX < SIZE_MAX @@ -147,7 +147,7 @@ trn_cell_extension_field_setlen_field(trn_cell_extension_field_t *inp, size_t ne return -1; } const char * -trn_cell_extension_field_check(const trn_cell_extension_field_t *obj) +trn_extension_field_check(const trn_extension_field_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -159,11 +159,11 @@ trn_cell_extension_field_check(const trn_cell_extension_field_t *obj) } ssize_t -trn_cell_extension_field_encoded_len(const trn_cell_extension_field_t *obj) +trn_extension_field_encoded_len(const trn_extension_field_t *obj) { ssize_t result = 0; - if (NULL != trn_cell_extension_field_check(obj)) + if (NULL != trn_extension_field_check(obj)) return -1; @@ -178,24 +178,24 @@ trn_cell_extension_field_encoded_len(const trn_cell_extension_field_t *obj) return result; } int -trn_cell_extension_field_clear_errors(trn_cell_extension_field_t *obj) +trn_extension_field_clear_errors(trn_extension_field_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -trn_cell_extension_field_encode(uint8_t *output, const size_t avail, const trn_cell_extension_field_t *obj) +trn_extension_field_encode(uint8_t *output, const size_t avail, const trn_extension_field_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = trn_cell_extension_field_encoded_len(obj); + const ssize_t encoded_len = trn_extension_field_encoded_len(obj); #endif - if (NULL != (msg = trn_cell_extension_field_check(obj))) + if (NULL != (msg = trn_extension_field_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -252,11 +252,11 @@ trn_cell_extension_field_encode(uint8_t *output, const size_t avail, const trn_c return result; } -/** As trn_cell_extension_field_parse(), but do not allocate the - * output object. +/** As trn_extension_field_parse(), but do not allocate the output + * object. */ static ssize_t -trn_cell_extension_field_parse_into(trn_cell_extension_field_t *obj, const uint8_t *input, const size_t len_in) +trn_extension_field_parse_into(trn_extension_field_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -290,23 +290,23 @@ trn_cell_extension_field_parse_into(trn_cell_extension_field_t *obj, const uint8 } ssize_t -trn_cell_extension_field_parse(trn_cell_extension_field_t **output, const uint8_t *input, const size_t len_in) +trn_extension_field_parse(trn_extension_field_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = trn_cell_extension_field_new(); + *output = trn_extension_field_new(); if (NULL == *output) return -1; - result = trn_cell_extension_field_parse_into(*output, input, len_in); + result = trn_extension_field_parse_into(*output, input, len_in); if (result < 0) { - trn_cell_extension_field_free(*output); + trn_extension_field_free(*output); *output = NULL; } return result; } -trn_cell_extension_t * -trn_cell_extension_new(void) +trn_extension_t * +trn_extension_new(void) { - trn_cell_extension_t *val = trunnel_calloc(1, sizeof(trn_cell_extension_t)); + trn_extension_t *val = trunnel_calloc(1, sizeof(trn_extension_t)); if (NULL == val) return NULL; return val; @@ -315,14 +315,14 @@ trn_cell_extension_new(void) /** Release all storage held inside 'obj', but do not free 'obj'. */ static void -trn_cell_extension_clear(trn_cell_extension_t *obj) +trn_extension_clear(trn_extension_t *obj) { (void) obj; { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - trn_cell_extension_field_free(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + trn_extension_field_free(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); } } TRUNNEL_DYNARRAY_WIPE(&obj->fields); @@ -330,92 +330,92 @@ trn_cell_extension_clear(trn_cell_extension_t *obj) } void -trn_cell_extension_free(trn_cell_extension_t *obj) +trn_extension_free(trn_extension_t *obj) { if (obj == NULL) return; - trn_cell_extension_clear(obj); - trunnel_memwipe(obj, sizeof(trn_cell_extension_t)); + trn_extension_clear(obj); + trunnel_memwipe(obj, sizeof(trn_extension_t)); trunnel_free_(obj); } uint8_t -trn_cell_extension_get_num(const trn_cell_extension_t *inp) +trn_extension_get_num(const trn_extension_t *inp) { return inp->num; } int -trn_cell_extension_set_num(trn_cell_extension_t *inp, uint8_t val) +trn_extension_set_num(trn_extension_t *inp, uint8_t val) { inp->num = val; return 0; } size_t -trn_cell_extension_getlen_fields(const trn_cell_extension_t *inp) +trn_extension_getlen_fields(const trn_extension_t *inp) { return TRUNNEL_DYNARRAY_LEN(&inp->fields); } -struct trn_cell_extension_field_st * -trn_cell_extension_get_fields(trn_cell_extension_t *inp, size_t idx) +struct trn_extension_field_st * +trn_extension_get_fields(trn_extension_t *inp, size_t idx) { return TRUNNEL_DYNARRAY_GET(&inp->fields, idx); } - const struct trn_cell_extension_field_st * -trn_cell_extension_getconst_fields(const trn_cell_extension_t *inp, size_t idx) + const struct trn_extension_field_st * +trn_extension_getconst_fields(const trn_extension_t *inp, size_t idx) { - return trn_cell_extension_get_fields((trn_cell_extension_t*)inp, idx); + return trn_extension_get_fields((trn_extension_t*)inp, idx); } int -trn_cell_extension_set_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_field_st * elt) +trn_extension_set_fields(trn_extension_t *inp, size_t idx, struct trn_extension_field_st * elt) { - trn_cell_extension_field_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->fields, idx); + trn_extension_field_t *oldval = TRUNNEL_DYNARRAY_GET(&inp->fields, idx); if (oldval && oldval != elt) - trn_cell_extension_field_free(oldval); - return trn_cell_extension_set0_fields(inp, idx, elt); + trn_extension_field_free(oldval); + return trn_extension_set0_fields(inp, idx, elt); } int -trn_cell_extension_set0_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_field_st * elt) +trn_extension_set0_fields(trn_extension_t *inp, size_t idx, struct trn_extension_field_st * elt) { TRUNNEL_DYNARRAY_SET(&inp->fields, idx, elt); return 0; } int -trn_cell_extension_add_fields(trn_cell_extension_t *inp, struct trn_cell_extension_field_st * elt) +trn_extension_add_fields(trn_extension_t *inp, struct trn_extension_field_st * elt) { #if SIZE_MAX >= UINT8_MAX if (inp->fields.n_ == UINT8_MAX) goto trunnel_alloc_failed; #endif - TRUNNEL_DYNARRAY_ADD(struct trn_cell_extension_field_st *, &inp->fields, elt, {}); + TRUNNEL_DYNARRAY_ADD(struct trn_extension_field_st *, &inp->fields, elt, {}); return 0; trunnel_alloc_failed: TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct trn_cell_extension_field_st * * -trn_cell_extension_getarray_fields(trn_cell_extension_t *inp) +struct trn_extension_field_st * * +trn_extension_getarray_fields(trn_extension_t *inp) { return inp->fields.elts_; } -const struct trn_cell_extension_field_st * const * -trn_cell_extension_getconstarray_fields(const trn_cell_extension_t *inp) +const struct trn_extension_field_st * const * +trn_extension_getconstarray_fields(const trn_extension_t *inp) { - return (const struct trn_cell_extension_field_st * const *)trn_cell_extension_getarray_fields((trn_cell_extension_t*)inp); + return (const struct trn_extension_field_st * const *)trn_extension_getarray_fields((trn_extension_t*)inp); } int -trn_cell_extension_setlen_fields(trn_cell_extension_t *inp, size_t newlen) +trn_extension_setlen_fields(trn_extension_t *inp, size_t newlen) { - struct trn_cell_extension_field_st * *newptr; + struct trn_extension_field_st * *newptr; #if UINT8_MAX < SIZE_MAX if (newlen > UINT8_MAX) goto trunnel_alloc_failed; #endif newptr = trunnel_dynarray_setlen(&inp->fields.allocated_, &inp->fields.n_, inp->fields.elts_, newlen, - sizeof(inp->fields.elts_[0]), (trunnel_free_fn_t) trn_cell_extension_field_free, + sizeof(inp->fields.elts_[0]), (trunnel_free_fn_t) trn_extension_field_free, &inp->trunnel_error_code_); if (newlen != 0 && newptr == NULL) goto trunnel_alloc_failed; @@ -426,7 +426,7 @@ trn_cell_extension_setlen_fields(trn_cell_extension_t *inp, size_t newlen) return -1; } const char * -trn_cell_extension_check(const trn_cell_extension_t *obj) +trn_extension_check(const trn_extension_t *obj) { if (obj == NULL) return "Object was NULL"; @@ -437,7 +437,7 @@ trn_cell_extension_check(const trn_cell_extension_t *obj) unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - if (NULL != (msg = trn_cell_extension_field_check(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)))) + if (NULL != (msg = trn_extension_field_check(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)))) return msg; } } @@ -447,46 +447,46 @@ trn_cell_extension_check(const trn_cell_extension_t *obj) } ssize_t -trn_cell_extension_encoded_len(const trn_cell_extension_t *obj) +trn_extension_encoded_len(const trn_extension_t *obj) { ssize_t result = 0; - if (NULL != trn_cell_extension_check(obj)) + if (NULL != trn_extension_check(obj)) return -1; /* Length of u8 num */ result += 1; - /* Length of struct trn_cell_extension_field fields[num] */ + /* Length of struct trn_extension_field fields[num] */ { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { - result += trn_cell_extension_field_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + result += trn_extension_field_encoded_len(TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); } } return result; } int -trn_cell_extension_clear_errors(trn_cell_extension_t *obj) +trn_extension_clear_errors(trn_extension_t *obj) { int r = obj->trunnel_error_code_; obj->trunnel_error_code_ = 0; return r; } ssize_t -trn_cell_extension_encode(uint8_t *output, const size_t avail, const trn_cell_extension_t *obj) +trn_extension_encode(uint8_t *output, const size_t avail, const trn_extension_t *obj) { ssize_t result = 0; size_t written = 0; uint8_t *ptr = output; const char *msg; #ifdef TRUNNEL_CHECK_ENCODED_LEN - const ssize_t encoded_len = trn_cell_extension_encoded_len(obj); + const ssize_t encoded_len = trn_extension_encoded_len(obj); #endif - if (NULL != (msg = trn_cell_extension_check(obj))) + if (NULL != (msg = trn_extension_check(obj))) goto check_failed; #ifdef TRUNNEL_CHECK_ENCODED_LEN @@ -500,13 +500,13 @@ trn_cell_extension_encode(uint8_t *output, const size_t avail, const trn_cell_ex trunnel_set_uint8(ptr, (obj->num)); written += 1; ptr += 1; - /* Encode struct trn_cell_extension_field fields[num] */ + /* Encode struct trn_extension_field fields[num] */ { unsigned idx; for (idx = 0; idx < TRUNNEL_DYNARRAY_LEN(&obj->fields); ++idx) { trunnel_assert(written <= avail); - result = trn_cell_extension_field_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); + result = trn_extension_field_encode(ptr, avail - written, TRUNNEL_DYNARRAY_GET(&obj->fields, idx)); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -537,11 +537,10 @@ trn_cell_extension_encode(uint8_t *output, const size_t avail, const trn_cell_ex return result; } -/** As trn_cell_extension_parse(), but do not allocate the output - * object. +/** As trn_extension_parse(), but do not allocate the output object. */ static ssize_t -trn_cell_extension_parse_into(trn_cell_extension_t *obj, const uint8_t *input, const size_t len_in) +trn_extension_parse_into(trn_extension_t *obj, const uint8_t *input, const size_t len_in) { const uint8_t *ptr = input; size_t remaining = len_in; @@ -553,18 +552,18 @@ trn_cell_extension_parse_into(trn_cell_extension_t *obj, const uint8_t *input, c obj->num = (trunnel_get_uint8(ptr)); remaining -= 1; ptr += 1; - /* Parse struct trn_cell_extension_field fields[num] */ - TRUNNEL_DYNARRAY_EXPAND(trn_cell_extension_field_t *, &obj->fields, obj->num, {}); + /* Parse struct trn_extension_field fields[num] */ + TRUNNEL_DYNARRAY_EXPAND(trn_extension_field_t *, &obj->fields, obj->num, {}); { - trn_cell_extension_field_t * elt; + trn_extension_field_t * elt; unsigned idx; for (idx = 0; idx < obj->num; ++idx) { - result = trn_cell_extension_field_parse(&elt, ptr, remaining); + result = trn_extension_field_parse(&elt, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); remaining -= result; ptr += result; - TRUNNEL_DYNARRAY_ADD(trn_cell_extension_field_t *, &obj->fields, elt, {trn_cell_extension_field_free(elt);}); + TRUNNEL_DYNARRAY_ADD(trn_extension_field_t *, &obj->fields, elt, {trn_extension_field_free(elt);}); } } trunnel_assert(ptr + remaining == input + len_in); @@ -580,15 +579,15 @@ trn_cell_extension_parse_into(trn_cell_extension_t *obj, const uint8_t *input, c } ssize_t -trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in) +trn_extension_parse(trn_extension_t **output, const uint8_t *input, const size_t len_in) { ssize_t result; - *output = trn_cell_extension_new(); + *output = trn_extension_new(); if (NULL == *output) return -1; - result = trn_cell_extension_parse_into(*output, input, len_in); + result = trn_extension_parse_into(*output, input, len_in); if (result < 0) { - trn_cell_extension_free(*output); + trn_extension_free(*output); *output = NULL; } return result; diff --git a/src/trunnel/extension.h b/src/trunnel/extension.h new file mode 100644 index 0000000000..eed89d140e --- /dev/null +++ b/src/trunnel/extension.h @@ -0,0 +1,197 @@ +/* extension.h -- generated by Trunnel v1.5.3. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_EXTENSION_H +#define TRUNNEL_EXTENSION_H + +#include <stdint.h> +#include "trunnel.h" + +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_EXTENSION_FIELD) +struct trn_extension_field_st { + uint8_t field_type; + uint8_t field_len; + TRUNNEL_DYNARRAY_HEAD(, uint8_t) field; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct trn_extension_field_st trn_extension_field_t; +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_EXTENSION) +struct trn_extension_st { + uint8_t num; + TRUNNEL_DYNARRAY_HEAD(, struct trn_extension_field_st *) fields; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct trn_extension_st trn_extension_t; +/** Return a newly allocated trn_extension_field with all elements set + * to zero. + */ +trn_extension_field_t *trn_extension_field_new(void); +/** Release all storage held by the trn_extension_field in 'victim'. + * (Do nothing if 'victim' is NULL.) + */ +void trn_extension_field_free(trn_extension_field_t *victim); +/** Try to parse a trn_extension_field from the buffer in 'input', + * using up to 'len_in' bytes from the input buffer. On success, + * return the number of bytes consumed and set *output to the newly + * allocated trn_extension_field_t. On failure, return -2 if the input + * appears truncated, and -1 if the input is otherwise invalid. + */ +ssize_t trn_extension_field_parse(trn_extension_field_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * trn_extension_field in 'obj'. On failure, return a negative value. + * Note that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t trn_extension_field_encoded_len(const trn_extension_field_t *obj); +/** Try to encode the trn_extension_field from 'input' into the buffer + * at 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t trn_extension_field_encode(uint8_t *output, size_t avail, const trn_extension_field_t *input); +/** Check whether the internal state of the trn_extension_field in + * 'obj' is consistent. Return NULL if it is, and a short message if + * it is not. + */ +const char *trn_extension_field_check(const trn_extension_field_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int trn_extension_field_clear_errors(trn_extension_field_t *obj); +/** Return the value of the field_type field of the + * trn_extension_field_t in 'inp' + */ +uint8_t trn_extension_field_get_field_type(const trn_extension_field_t *inp); +/** Set the value of the field_type field of the trn_extension_field_t + * in 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int trn_extension_field_set_field_type(trn_extension_field_t *inp, uint8_t val); +/** Return the value of the field_len field of the + * trn_extension_field_t in 'inp' + */ +uint8_t trn_extension_field_get_field_len(const trn_extension_field_t *inp); +/** Set the value of the field_len field of the trn_extension_field_t + * in 'inp' to 'val'. Return 0 on success; return -1 and set the error + * code on 'inp' on failure. + */ +int trn_extension_field_set_field_len(trn_extension_field_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the field field of + * the trn_extension_field_t in 'inp'. + */ +size_t trn_extension_field_getlen_field(const trn_extension_field_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * field of the trn_extension_field_t in 'inp'. + */ +uint8_t trn_extension_field_get_field(trn_extension_field_t *inp, size_t idx); +/** As trn_extension_field_get_field, but take and return a const + * pointer + */ +uint8_t trn_extension_field_getconst_field(const trn_extension_field_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * field of the trn_extension_field_t in 'inp', so that it will hold + * the value 'elt'. + */ +int trn_extension_field_set_field(trn_extension_field_t *inp, size_t idx, uint8_t elt); +/** Append a new element 'elt' to the dynamic array field field of the + * trn_extension_field_t in 'inp'. + */ +int trn_extension_field_add_field(trn_extension_field_t *inp, uint8_t elt); +/** Return a pointer to the variable-length array field field of + * 'inp'. + */ +uint8_t * trn_extension_field_getarray_field(trn_extension_field_t *inp); +/** As trn_extension_field_get_field, but take and return a const + * pointer + */ +const uint8_t * trn_extension_field_getconstarray_field(const trn_extension_field_t *inp); +/** Change the length of the variable-length array field field of + * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int trn_extension_field_setlen_field(trn_extension_field_t *inp, size_t newlen); +/** Return a newly allocated trn_extension with all elements set to + * zero. + */ +trn_extension_t *trn_extension_new(void); +/** Release all storage held by the trn_extension in 'victim'. (Do + * nothing if 'victim' is NULL.) + */ +void trn_extension_free(trn_extension_t *victim); +/** Try to parse a trn_extension from the buffer in 'input', using up + * to 'len_in' bytes from the input buffer. On success, return the + * number of bytes consumed and set *output to the newly allocated + * trn_extension_t. On failure, return -2 if the input appears + * truncated, and -1 if the input is otherwise invalid. + */ +ssize_t trn_extension_parse(trn_extension_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * trn_extension in 'obj'. On failure, return a negative value. Note + * that this value may be an overestimate, and can even be an + * underestimate for certain unencodeable objects. + */ +ssize_t trn_extension_encoded_len(const trn_extension_t *obj); +/** Try to encode the trn_extension from 'input' into the buffer at + * 'output', using up to 'avail' bytes of the output buffer. On + * success, return the number of bytes used. On failure, return -2 if + * the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t trn_extension_encode(uint8_t *output, size_t avail, const trn_extension_t *input); +/** Check whether the internal state of the trn_extension in 'obj' is + * consistent. Return NULL if it is, and a short message if it is not. + */ +const char *trn_extension_check(const trn_extension_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int trn_extension_clear_errors(trn_extension_t *obj); +/** Return the value of the num field of the trn_extension_t in 'inp' + */ +uint8_t trn_extension_get_num(const trn_extension_t *inp); +/** Set the value of the num field of the trn_extension_t in 'inp' to + * 'val'. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int trn_extension_set_num(trn_extension_t *inp, uint8_t val); +/** Return the length of the dynamic array holding the fields field of + * the trn_extension_t in 'inp'. + */ +size_t trn_extension_getlen_fields(const trn_extension_t *inp); +/** Return the element at position 'idx' of the dynamic array field + * fields of the trn_extension_t in 'inp'. + */ +struct trn_extension_field_st * trn_extension_get_fields(trn_extension_t *inp, size_t idx); +/** As trn_extension_get_fields, but take and return a const pointer + */ + const struct trn_extension_field_st * trn_extension_getconst_fields(const trn_extension_t *inp, size_t idx); +/** Change the element at position 'idx' of the dynamic array field + * fields of the trn_extension_t in 'inp', so that it will hold the + * value 'elt'. Free the previous value, if any. + */ +int trn_extension_set_fields(trn_extension_t *inp, size_t idx, struct trn_extension_field_st * elt); +/** As trn_extension_set_fields, but does not free the previous value. + */ +int trn_extension_set0_fields(trn_extension_t *inp, size_t idx, struct trn_extension_field_st * elt); +/** Append a new element 'elt' to the dynamic array field fields of + * the trn_extension_t in 'inp'. + */ +int trn_extension_add_fields(trn_extension_t *inp, struct trn_extension_field_st * elt); +/** Return a pointer to the variable-length array field fields of + * 'inp'. + */ +struct trn_extension_field_st * * trn_extension_getarray_fields(trn_extension_t *inp); +/** As trn_extension_get_fields, but take and return a const pointer + */ +const struct trn_extension_field_st * const * trn_extension_getconstarray_fields(const trn_extension_t *inp); +/** Change the length of the variable-length array field fields of + * 'inp' to 'newlen'.Fill extra elements with NULL; free removed + * elements. Return 0 on success; return -1 and set the error code on + * 'inp' on failure. + */ +int trn_extension_setlen_fields(trn_extension_t *inp, size_t newlen); + + +#endif diff --git a/src/trunnel/extension.trunnel b/src/trunnel/extension.trunnel new file mode 100644 index 0000000000..177eba0596 --- /dev/null +++ b/src/trunnel/extension.trunnel @@ -0,0 +1,14 @@ + +/* The cell extension ABI that is also used within other type of structures + * such as the ntorv3 data payload. */ + +struct trn_extension_field { + u8 field_type; + u8 field_len; + u8 field[field_len]; +}; + +struct trn_extension { + u8 num; + struct trn_extension_field fields[num]; +}; diff --git a/src/trunnel/hs/cell_common.h b/src/trunnel/hs/cell_common.h deleted file mode 100644 index beb65e015f..0000000000 --- a/src/trunnel/hs/cell_common.h +++ /dev/null @@ -1,203 +0,0 @@ -/* cell_common.h -- generated by Trunnel v1.5.3. - * https://gitweb.torproject.org/trunnel.git - * You probably shouldn't edit this file. - */ -#ifndef TRUNNEL_CELL_COMMON_H -#define TRUNNEL_CELL_COMMON_H - -#include <stdint.h> -#include "trunnel.h" - -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_EXTENSION_FIELD) -struct trn_cell_extension_field_st { - uint8_t field_type; - uint8_t field_len; - TRUNNEL_DYNARRAY_HEAD(, uint8_t) field; - uint8_t trunnel_error_code_; -}; -#endif -typedef struct trn_cell_extension_field_st trn_cell_extension_field_t; -#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_EXTENSION) -struct trn_cell_extension_st { - uint8_t num; - TRUNNEL_DYNARRAY_HEAD(, struct trn_cell_extension_field_st *) fields; - uint8_t trunnel_error_code_; -}; -#endif -typedef struct trn_cell_extension_st trn_cell_extension_t; -/** Return a newly allocated trn_cell_extension_field with all - * elements set to zero. - */ -trn_cell_extension_field_t *trn_cell_extension_field_new(void); -/** Release all storage held by the trn_cell_extension_field in - * 'victim'. (Do nothing if 'victim' is NULL.) - */ -void trn_cell_extension_field_free(trn_cell_extension_field_t *victim); -/** Try to parse a trn_cell_extension_field from the buffer in - * 'input', using up to 'len_in' bytes from the input buffer. On - * success, return the number of bytes consumed and set *output to the - * newly allocated trn_cell_extension_field_t. On failure, return -2 - * if the input appears truncated, and -1 if the input is otherwise - * invalid. - */ -ssize_t trn_cell_extension_field_parse(trn_cell_extension_field_t **output, const uint8_t *input, const size_t len_in); -/** Return the number of bytes we expect to need to encode the - * trn_cell_extension_field in 'obj'. On failure, return a negative - * value. Note that this value may be an overestimate, and can even be - * an underestimate for certain unencodeable objects. - */ -ssize_t trn_cell_extension_field_encoded_len(const trn_cell_extension_field_t *obj); -/** Try to encode the trn_cell_extension_field from 'input' into the - * buffer at 'output', using up to 'avail' bytes of the output buffer. - * On success, return the number of bytes used. On failure, return -2 - * if the buffer was not long enough, and -1 if the input was invalid. - */ -ssize_t trn_cell_extension_field_encode(uint8_t *output, size_t avail, const trn_cell_extension_field_t *input); -/** Check whether the internal state of the trn_cell_extension_field - * in 'obj' is consistent. Return NULL if it is, and a short message - * if it is not. - */ -const char *trn_cell_extension_field_check(const trn_cell_extension_field_t *obj); -/** Clear any errors that were set on the object 'obj' by its setter - * functions. Return true iff errors were cleared. - */ -int trn_cell_extension_field_clear_errors(trn_cell_extension_field_t *obj); -/** Return the value of the field_type field of the - * trn_cell_extension_field_t in 'inp' - */ -uint8_t trn_cell_extension_field_get_field_type(const trn_cell_extension_field_t *inp); -/** Set the value of the field_type field of the - * trn_cell_extension_field_t in 'inp' to 'val'. Return 0 on success; - * return -1 and set the error code on 'inp' on failure. - */ -int trn_cell_extension_field_set_field_type(trn_cell_extension_field_t *inp, uint8_t val); -/** Return the value of the field_len field of the - * trn_cell_extension_field_t in 'inp' - */ -uint8_t trn_cell_extension_field_get_field_len(const trn_cell_extension_field_t *inp); -/** Set the value of the field_len field of the - * trn_cell_extension_field_t in 'inp' to 'val'. Return 0 on success; - * return -1 and set the error code on 'inp' on failure. - */ -int trn_cell_extension_field_set_field_len(trn_cell_extension_field_t *inp, uint8_t val); -/** Return the length of the dynamic array holding the field field of - * the trn_cell_extension_field_t in 'inp'. - */ -size_t trn_cell_extension_field_getlen_field(const trn_cell_extension_field_t *inp); -/** Return the element at position 'idx' of the dynamic array field - * field of the trn_cell_extension_field_t in 'inp'. - */ -uint8_t trn_cell_extension_field_get_field(trn_cell_extension_field_t *inp, size_t idx); -/** As trn_cell_extension_field_get_field, but take and return a const - * pointer - */ -uint8_t trn_cell_extension_field_getconst_field(const trn_cell_extension_field_t *inp, size_t idx); -/** Change the element at position 'idx' of the dynamic array field - * field of the trn_cell_extension_field_t in 'inp', so that it will - * hold the value 'elt'. - */ -int trn_cell_extension_field_set_field(trn_cell_extension_field_t *inp, size_t idx, uint8_t elt); -/** Append a new element 'elt' to the dynamic array field field of the - * trn_cell_extension_field_t in 'inp'. - */ -int trn_cell_extension_field_add_field(trn_cell_extension_field_t *inp, uint8_t elt); -/** Return a pointer to the variable-length array field field of - * 'inp'. - */ -uint8_t * trn_cell_extension_field_getarray_field(trn_cell_extension_field_t *inp); -/** As trn_cell_extension_field_get_field, but take and return a const - * pointer - */ -const uint8_t * trn_cell_extension_field_getconstarray_field(const trn_cell_extension_field_t *inp); -/** Change the length of the variable-length array field field of - * 'inp' to 'newlen'.Fill extra elements with 0. Return 0 on success; - * return -1 and set the error code on 'inp' on failure. - */ -int trn_cell_extension_field_setlen_field(trn_cell_extension_field_t *inp, size_t newlen); -/** Return a newly allocated trn_cell_extension with all elements set - * to zero. - */ -trn_cell_extension_t *trn_cell_extension_new(void); -/** Release all storage held by the trn_cell_extension in 'victim'. - * (Do nothing if 'victim' is NULL.) - */ -void trn_cell_extension_free(trn_cell_extension_t *victim); -/** Try to parse a trn_cell_extension from the buffer in 'input', - * using up to 'len_in' bytes from the input buffer. On success, - * return the number of bytes consumed and set *output to the newly - * allocated trn_cell_extension_t. On failure, return -2 if the input - * appears truncated, and -1 if the input is otherwise invalid. - */ -ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); -/** Return the number of bytes we expect to need to encode the - * trn_cell_extension in 'obj'. On failure, return a negative value. - * Note that this value may be an overestimate, and can even be an - * underestimate for certain unencodeable objects. - */ -ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); -/** Try to encode the trn_cell_extension from 'input' into the buffer - * at 'output', using up to 'avail' bytes of the output buffer. On - * success, return the number of bytes used. On failure, return -2 if - * the buffer was not long enough, and -1 if the input was invalid. - */ -ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); -/** Check whether the internal state of the trn_cell_extension in - * 'obj' is consistent. Return NULL if it is, and a short message if - * it is not. - */ -const char *trn_cell_extension_check(const trn_cell_extension_t *obj); -/** Clear any errors that were set on the object 'obj' by its setter - * functions. Return true iff errors were cleared. - */ -int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); -/** Return the value of the num field of the trn_cell_extension_t in - * 'inp' - */ -uint8_t trn_cell_extension_get_num(const trn_cell_extension_t *inp); -/** Set the value of the num field of the trn_cell_extension_t in - * 'inp' to 'val'. Return 0 on success; return -1 and set the error - * code on 'inp' on failure. - */ -int trn_cell_extension_set_num(trn_cell_extension_t *inp, uint8_t val); -/** Return the length of the dynamic array holding the fields field of - * the trn_cell_extension_t in 'inp'. - */ -size_t trn_cell_extension_getlen_fields(const trn_cell_extension_t *inp); -/** Return the element at position 'idx' of the dynamic array field - * fields of the trn_cell_extension_t in 'inp'. - */ -struct trn_cell_extension_field_st * trn_cell_extension_get_fields(trn_cell_extension_t *inp, size_t idx); -/** As trn_cell_extension_get_fields, but take and return a const - * pointer - */ - const struct trn_cell_extension_field_st * trn_cell_extension_getconst_fields(const trn_cell_extension_t *inp, size_t idx); -/** Change the element at position 'idx' of the dynamic array field - * fields of the trn_cell_extension_t in 'inp', so that it will hold - * the value 'elt'. Free the previous value, if any. - */ -int trn_cell_extension_set_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_field_st * elt); -/** As trn_cell_extension_set_fields, but does not free the previous - * value. - */ -int trn_cell_extension_set0_fields(trn_cell_extension_t *inp, size_t idx, struct trn_cell_extension_field_st * elt); -/** Append a new element 'elt' to the dynamic array field fields of - * the trn_cell_extension_t in 'inp'. - */ -int trn_cell_extension_add_fields(trn_cell_extension_t *inp, struct trn_cell_extension_field_st * elt); -/** Return a pointer to the variable-length array field fields of - * 'inp'. - */ -struct trn_cell_extension_field_st * * trn_cell_extension_getarray_fields(trn_cell_extension_t *inp); -/** As trn_cell_extension_get_fields, but take and return a const - * pointer - */ -const struct trn_cell_extension_field_st * const * trn_cell_extension_getconstarray_fields(const trn_cell_extension_t *inp); -/** Change the length of the variable-length array field fields of - * 'inp' to 'newlen'.Fill extra elements with NULL; free removed - * elements. Return 0 on success; return -1 and set the error code on - * 'inp' on failure. - */ -int trn_cell_extension_setlen_fields(trn_cell_extension_t *inp, size_t newlen); - - -#endif diff --git a/src/trunnel/hs/cell_common.trunnel b/src/trunnel/hs/cell_common.trunnel deleted file mode 100644 index 7e99cbfa66..0000000000 --- a/src/trunnel/hs/cell_common.trunnel +++ /dev/null @@ -1,12 +0,0 @@ -/* This file contains common data structure that cells use. */ - -struct trn_cell_extension_field { - u8 field_type; - u8 field_len; - u8 field[field_len]; -}; - -struct trn_cell_extension { - u8 num; - struct trn_cell_extension_field fields[num]; -}; diff --git a/src/trunnel/hs/cell_establish_intro.c b/src/trunnel/hs/cell_establish_intro.c index f31404c55f..0f561b121b 100644 --- a/src/trunnel/hs/cell_establish_intro.c +++ b/src/trunnel/hs/cell_establish_intro.c @@ -28,14 +28,14 @@ int cellestablishintro_deadcode_dummy__ = 0; } \ } while (0) -typedef struct trn_cell_extension_st trn_cell_extension_t; -trn_cell_extension_t *trn_cell_extension_new(void); -void trn_cell_extension_free(trn_cell_extension_t *victim); -ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); -ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); -ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); -const char *trn_cell_extension_check(const trn_cell_extension_t *obj); -int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); +typedef struct trn_extension_st trn_extension_t; +trn_extension_t *trn_extension_new(void); +void trn_extension_free(trn_extension_t *victim); +ssize_t trn_extension_parse(trn_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_extension_encoded_len(const trn_extension_t *obj); +ssize_t trn_extension_encode(uint8_t *output, size_t avail, const trn_extension_t *input); +const char *trn_extension_check(const trn_extension_t *obj); +int trn_extension_clear_errors(trn_extension_t *obj); trn_cell_extension_dos_param_t * trn_cell_extension_dos_param_new(void) { @@ -232,7 +232,7 @@ trn_cell_establish_intro_clear(trn_cell_establish_intro_t *obj) (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); - trn_cell_extension_free(obj->extensions); + trn_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->sig); TRUNNEL_DYNARRAY_CLEAR(&obj->sig); @@ -346,25 +346,25 @@ trn_cell_establish_intro_setlen_auth_key(trn_cell_establish_intro_t *inp, size_t TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct trn_cell_extension_st * +struct trn_extension_st * trn_cell_establish_intro_get_extensions(trn_cell_establish_intro_t *inp) { return inp->extensions; } -const struct trn_cell_extension_st * +const struct trn_extension_st * trn_cell_establish_intro_getconst_extensions(const trn_cell_establish_intro_t *inp) { return trn_cell_establish_intro_get_extensions((trn_cell_establish_intro_t*) inp); } int -trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val) +trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_extension_st *val) { if (inp->extensions && inp->extensions != val) - trn_cell_extension_free(inp->extensions); + trn_extension_free(inp->extensions); return trn_cell_establish_intro_set0_extensions(inp, val); } int -trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val) +trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_extension_st *val) { inp->extensions = val; return 0; @@ -506,7 +506,7 @@ trn_cell_establish_intro_check(const trn_cell_establish_intro_t *obj) return "Length mismatch for auth_key"; { const char *msg; - if (NULL != (msg = trn_cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_extension_check(obj->extensions))) return msg; } if (TRUNNEL_DYNARRAY_LEN(&obj->sig) != obj->sig_len) @@ -532,8 +532,8 @@ trn_cell_establish_intro_encoded_len(const trn_cell_establish_intro_t *obj) /* Length of u8 auth_key[auth_key_len] */ result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); - /* Length of struct trn_cell_extension extensions */ - result += trn_cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_extension extensions */ + result += trn_extension_encoded_len(obj->extensions); /* Length of u8 handshake_mac[TRUNNEL_SHA3_256_LEN] */ result += TRUNNEL_SHA3_256_LEN; @@ -596,9 +596,9 @@ trn_cell_establish_intro_encode(uint8_t *output, const size_t avail, const trn_c written += elt_len; ptr += elt_len; } - /* Encode struct trn_cell_extension extensions */ + /* Encode struct trn_extension extensions */ trunnel_assert(written <= avail); - result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -685,8 +685,8 @@ trn_cell_establish_intro_parse_into(trn_cell_establish_intro_t *obj, const uint8 memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); ptr += obj->auth_key_len; remaining -= obj->auth_key_len; - /* Parse struct trn_cell_extension extensions */ - result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_extension extensions */ + result = trn_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -1045,7 +1045,7 @@ static void trn_cell_intro_established_clear(trn_cell_intro_established_t *obj) { (void) obj; - trn_cell_extension_free(obj->extensions); + trn_extension_free(obj->extensions); obj->extensions = NULL; } @@ -1059,25 +1059,25 @@ trn_cell_intro_established_free(trn_cell_intro_established_t *obj) trunnel_free_(obj); } -struct trn_cell_extension_st * +struct trn_extension_st * trn_cell_intro_established_get_extensions(trn_cell_intro_established_t *inp) { return inp->extensions; } -const struct trn_cell_extension_st * +const struct trn_extension_st * trn_cell_intro_established_getconst_extensions(const trn_cell_intro_established_t *inp) { return trn_cell_intro_established_get_extensions((trn_cell_intro_established_t*) inp); } int -trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val) +trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_extension_st *val) { if (inp->extensions && inp->extensions != val) - trn_cell_extension_free(inp->extensions); + trn_extension_free(inp->extensions); return trn_cell_intro_established_set0_extensions(inp, val); } int -trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val) +trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_extension_st *val) { inp->extensions = val; return 0; @@ -1091,7 +1091,7 @@ trn_cell_intro_established_check(const trn_cell_intro_established_t *obj) return "A set function failed on this object"; { const char *msg; - if (NULL != (msg = trn_cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_extension_check(obj->extensions))) return msg; } return NULL; @@ -1106,8 +1106,8 @@ trn_cell_intro_established_encoded_len(const trn_cell_intro_established_t *obj) return -1; - /* Length of struct trn_cell_extension extensions */ - result += trn_cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_extension extensions */ + result += trn_extension_encoded_len(obj->extensions); return result; } int @@ -1135,9 +1135,9 @@ trn_cell_intro_established_encode(uint8_t *output, const size_t avail, const trn trunnel_assert(encoded_len >= 0); #endif - /* Encode struct trn_cell_extension extensions */ + /* Encode struct trn_extension extensions */ trunnel_assert(written <= avail); - result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -1174,8 +1174,8 @@ trn_cell_intro_established_parse_into(trn_cell_intro_established_t *obj, const u ssize_t result = 0; (void)result; - /* Parse struct trn_cell_extension extensions */ - result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_extension extensions */ + result = trn_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); diff --git a/src/trunnel/hs/cell_establish_intro.h b/src/trunnel/hs/cell_establish_intro.h index 1924d9cab6..8be1531ed1 100644 --- a/src/trunnel/hs/cell_establish_intro.h +++ b/src/trunnel/hs/cell_establish_intro.h @@ -8,7 +8,7 @@ #include <stdint.h> #include "trunnel.h" -struct trn_cell_extension_st; +struct trn_extension_st; #define TRUNNEL_SHA3_256_LEN 32 #define TRUNNEL_CELL_EXTENSION_TYPE_DOS 1 #define TRUNNEL_DOS_PARAM_TYPE_INTRO2_RATE_PER_SEC 1 @@ -27,7 +27,7 @@ struct trn_cell_establish_intro_st { uint8_t auth_key_type; uint16_t auth_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; - struct trn_cell_extension_st *extensions; + struct trn_extension_st *extensions; const uint8_t *end_mac_fields; uint8_t handshake_mac[TRUNNEL_SHA3_256_LEN]; const uint8_t *end_sig_fields; @@ -47,7 +47,7 @@ struct trn_cell_extension_dos_st { typedef struct trn_cell_extension_dos_st trn_cell_extension_dos_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRO_ESTABLISHED) struct trn_cell_intro_established_st { - struct trn_cell_extension_st *extensions; + struct trn_extension_st *extensions; uint8_t trunnel_error_code_; }; #endif @@ -203,21 +203,21 @@ int trn_cell_establish_intro_setlen_auth_key(trn_cell_establish_intro_t *inp, si /** Return the value of the extensions field of the * trn_cell_establish_intro_t in 'inp' */ -struct trn_cell_extension_st * trn_cell_establish_intro_get_extensions(trn_cell_establish_intro_t *inp); +struct trn_extension_st * trn_cell_establish_intro_get_extensions(trn_cell_establish_intro_t *inp); /** As trn_cell_establish_intro_get_extensions, but take and return a * const pointer */ -const struct trn_cell_extension_st * trn_cell_establish_intro_getconst_extensions(const trn_cell_establish_intro_t *inp); +const struct trn_extension_st * trn_cell_establish_intro_getconst_extensions(const trn_cell_establish_intro_t *inp); /** Set the value of the extensions field of the * trn_cell_establish_intro_t in 'inp' to 'val'. Free the old value if * any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val); +int trn_cell_establish_intro_set_extensions(trn_cell_establish_intro_t *inp, struct trn_extension_st *val); /** As trn_cell_establish_intro_set_extensions, but does not free the * previous value. */ -int trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_cell_extension_st *val); +int trn_cell_establish_intro_set0_extensions(trn_cell_establish_intro_t *inp, struct trn_extension_st *val); /** Return the position for end_mac_fields when we parsed this object */ const uint8_t * trn_cell_establish_intro_get_end_mac_fields(const trn_cell_establish_intro_t *inp); @@ -415,21 +415,21 @@ int trn_cell_intro_established_clear_errors(trn_cell_intro_established_t *obj); /** Return the value of the extensions field of the * trn_cell_intro_established_t in 'inp' */ -struct trn_cell_extension_st * trn_cell_intro_established_get_extensions(trn_cell_intro_established_t *inp); +struct trn_extension_st * trn_cell_intro_established_get_extensions(trn_cell_intro_established_t *inp); /** As trn_cell_intro_established_get_extensions, but take and return * a const pointer */ -const struct trn_cell_extension_st * trn_cell_intro_established_getconst_extensions(const trn_cell_intro_established_t *inp); +const struct trn_extension_st * trn_cell_intro_established_getconst_extensions(const trn_cell_intro_established_t *inp); /** Set the value of the extensions field of the * trn_cell_intro_established_t in 'inp' to 'val'. Free the old value * if any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val); +int trn_cell_intro_established_set_extensions(trn_cell_intro_established_t *inp, struct trn_extension_st *val); /** As trn_cell_intro_established_set_extensions, but does not free * the previous value. */ -int trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_cell_extension_st *val); +int trn_cell_intro_established_set0_extensions(trn_cell_intro_established_t *inp, struct trn_extension_st *val); #endif diff --git a/src/trunnel/hs/cell_establish_intro.trunnel b/src/trunnel/hs/cell_establish_intro.trunnel index e30938f6c2..b33f8c1c93 100644 --- a/src/trunnel/hs/cell_establish_intro.trunnel +++ b/src/trunnel/hs/cell_establish_intro.trunnel @@ -4,7 +4,7 @@ * specified in proposal 224 section 3.1. */ -extern struct trn_cell_extension; +extern struct trn_extension; const TRUNNEL_SHA3_256_LEN = 32; @@ -19,7 +19,7 @@ struct trn_cell_establish_intro { u8 auth_key[auth_key_len]; /* Extension(s). Reserved fields. */ - struct trn_cell_extension extensions; + struct trn_extension extensions; @ptr end_mac_fields; /* Handshake MAC. */ @@ -37,7 +37,7 @@ struct trn_cell_establish_intro { * to version >= 3. */ struct trn_cell_intro_established { /* Extension(s). Reserved fields. */ - struct trn_cell_extension extensions; + struct trn_extension extensions; }; /* diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c index 016c9fa8d6..a6873b4199 100644 --- a/src/trunnel/hs/cell_introduce1.c +++ b/src/trunnel/hs/cell_introduce1.c @@ -28,14 +28,14 @@ int cellintroduce_deadcode_dummy__ = 0; } \ } while (0) -typedef struct trn_cell_extension_st trn_cell_extension_t; -trn_cell_extension_t *trn_cell_extension_new(void); -void trn_cell_extension_free(trn_cell_extension_t *victim); -ssize_t trn_cell_extension_parse(trn_cell_extension_t **output, const uint8_t *input, const size_t len_in); -ssize_t trn_cell_extension_encoded_len(const trn_cell_extension_t *obj); -ssize_t trn_cell_extension_encode(uint8_t *output, size_t avail, const trn_cell_extension_t *input); -const char *trn_cell_extension_check(const trn_cell_extension_t *obj); -int trn_cell_extension_clear_errors(trn_cell_extension_t *obj); +typedef struct trn_extension_st trn_extension_t; +trn_extension_t *trn_extension_new(void); +void trn_extension_free(trn_extension_t *victim); +ssize_t trn_extension_parse(trn_extension_t **output, const uint8_t *input, const size_t len_in); +ssize_t trn_extension_encoded_len(const trn_extension_t *obj); +ssize_t trn_extension_encode(uint8_t *output, size_t avail, const trn_extension_t *input); +const char *trn_extension_check(const trn_extension_t *obj); +int trn_extension_clear_errors(trn_extension_t *obj); typedef struct link_specifier_st link_specifier_t; link_specifier_t *link_specifier_new(void); void link_specifier_free(link_specifier_t *victim); @@ -62,7 +62,7 @@ trn_cell_introduce1_clear(trn_cell_introduce1_t *obj) (void) obj; TRUNNEL_DYNARRAY_WIPE(&obj->auth_key); TRUNNEL_DYNARRAY_CLEAR(&obj->auth_key); - trn_cell_extension_free(obj->extensions); + trn_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->encrypted); TRUNNEL_DYNARRAY_CLEAR(&obj->encrypted); @@ -207,25 +207,25 @@ trn_cell_introduce1_setlen_auth_key(trn_cell_introduce1_t *inp, size_t newlen) TRUNNEL_SET_ERROR_CODE(inp); return -1; } -struct trn_cell_extension_st * +struct trn_extension_st * trn_cell_introduce1_get_extensions(trn_cell_introduce1_t *inp) { return inp->extensions; } -const struct trn_cell_extension_st * +const struct trn_extension_st * trn_cell_introduce1_getconst_extensions(const trn_cell_introduce1_t *inp) { return trn_cell_introduce1_get_extensions((trn_cell_introduce1_t*) inp); } int -trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_extension_st *val) { if (inp->extensions && inp->extensions != val) - trn_cell_extension_free(inp->extensions); + trn_extension_free(inp->extensions); return trn_cell_introduce1_set0_extensions(inp, val); } int -trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_extension_st *val) { inp->extensions = val; return 0; @@ -302,7 +302,7 @@ trn_cell_introduce1_check(const trn_cell_introduce1_t *obj) return "Length mismatch for auth_key"; { const char *msg; - if (NULL != (msg = trn_cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_extension_check(obj->extensions))) return msg; } return NULL; @@ -329,8 +329,8 @@ trn_cell_introduce1_encoded_len(const trn_cell_introduce1_t *obj) /* Length of u8 auth_key[auth_key_len] */ result += TRUNNEL_DYNARRAY_LEN(&obj->auth_key); - /* Length of struct trn_cell_extension extensions */ - result += trn_cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_extension extensions */ + result += trn_extension_encoded_len(obj->extensions); /* Length of u8 encrypted[] */ result += TRUNNEL_DYNARRAY_LEN(&obj->encrypted); @@ -394,9 +394,9 @@ trn_cell_introduce1_encode(uint8_t *output, const size_t avail, const trn_cell_i written += elt_len; ptr += elt_len; } - /* Encode struct trn_cell_extension extensions */ + /* Encode struct trn_extension extensions */ trunnel_assert(written <= avail); - result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -472,8 +472,8 @@ trn_cell_introduce1_parse_into(trn_cell_introduce1_t *obj, const uint8_t *input, memcpy(obj->auth_key.elts_, ptr, obj->auth_key_len); ptr += obj->auth_key_len; remaining -= obj->auth_key_len; - /* Parse struct trn_cell_extension extensions */ - result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_extension extensions */ + result = trn_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -529,7 +529,7 @@ static void trn_cell_introduce_ack_clear(trn_cell_introduce_ack_t *obj) { (void) obj; - trn_cell_extension_free(obj->extensions); + trn_extension_free(obj->extensions); obj->extensions = NULL; } @@ -554,25 +554,25 @@ trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t val) inp->status = val; return 0; } -struct trn_cell_extension_st * +struct trn_extension_st * trn_cell_introduce_ack_get_extensions(trn_cell_introduce_ack_t *inp) { return inp->extensions; } -const struct trn_cell_extension_st * +const struct trn_extension_st * trn_cell_introduce_ack_getconst_extensions(const trn_cell_introduce_ack_t *inp) { return trn_cell_introduce_ack_get_extensions((trn_cell_introduce_ack_t*) inp); } int -trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_extension_st *val) { if (inp->extensions && inp->extensions != val) - trn_cell_extension_free(inp->extensions); + trn_extension_free(inp->extensions); return trn_cell_introduce_ack_set0_extensions(inp, val); } int -trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_extension_st *val) { inp->extensions = val; return 0; @@ -586,7 +586,7 @@ trn_cell_introduce_ack_check(const trn_cell_introduce_ack_t *obj) return "A set function failed on this object"; { const char *msg; - if (NULL != (msg = trn_cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_extension_check(obj->extensions))) return msg; } return NULL; @@ -604,8 +604,8 @@ trn_cell_introduce_ack_encoded_len(const trn_cell_introduce_ack_t *obj) /* Length of u16 status */ result += 2; - /* Length of struct trn_cell_extension extensions */ - result += trn_cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_extension extensions */ + result += trn_extension_encoded_len(obj->extensions); return result; } int @@ -640,9 +640,9 @@ trn_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const trn_cel trunnel_set_uint16(ptr, trunnel_htons(obj->status)); written += 2; ptr += 2; - /* Encode struct trn_cell_extension extensions */ + /* Encode struct trn_extension extensions */ trunnel_assert(written <= avail); - result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -687,8 +687,8 @@ trn_cell_introduce_ack_parse_into(trn_cell_introduce_ack_t *obj, const uint8_t * obj->status = trunnel_ntohs(trunnel_get_uint16(ptr)); remaining -= 2; ptr += 2; - /* Parse struct trn_cell_extension extensions */ - result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_extension extensions */ + result = trn_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); @@ -733,7 +733,7 @@ static void trn_cell_introduce_encrypted_clear(trn_cell_introduce_encrypted_t *obj) { (void) obj; - trn_cell_extension_free(obj->extensions); + trn_extension_free(obj->extensions); obj->extensions = NULL; TRUNNEL_DYNARRAY_WIPE(&obj->onion_key); TRUNNEL_DYNARRAY_CLEAR(&obj->onion_key); @@ -796,25 +796,25 @@ trn_cell_introduce_encrypted_getconstarray_rend_cookie(const trn_cell_introduce_ { return (const uint8_t *)trn_cell_introduce_encrypted_getarray_rend_cookie((trn_cell_introduce_encrypted_t*)inp); } -struct trn_cell_extension_st * +struct trn_extension_st * trn_cell_introduce_encrypted_get_extensions(trn_cell_introduce_encrypted_t *inp) { return inp->extensions; } -const struct trn_cell_extension_st * +const struct trn_extension_st * trn_cell_introduce_encrypted_getconst_extensions(const trn_cell_introduce_encrypted_t *inp) { return trn_cell_introduce_encrypted_get_extensions((trn_cell_introduce_encrypted_t*) inp); } int -trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_extension_st *val) { if (inp->extensions && inp->extensions != val) - trn_cell_extension_free(inp->extensions); + trn_extension_free(inp->extensions); return trn_cell_introduce_encrypted_set0_extensions(inp, val); } int -trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val) +trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_extension_st *val) { inp->extensions = val; return 0; @@ -1066,7 +1066,7 @@ trn_cell_introduce_encrypted_check(const trn_cell_introduce_encrypted_t *obj) return "A set function failed on this object"; { const char *msg; - if (NULL != (msg = trn_cell_extension_check(obj->extensions))) + if (NULL != (msg = trn_extension_check(obj->extensions))) return msg; } if (! (obj->onion_key_type == TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR)) @@ -1099,8 +1099,8 @@ trn_cell_introduce_encrypted_encoded_len(const trn_cell_introduce_encrypted_t *o /* Length of u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN] */ result += TRUNNEL_REND_COOKIE_LEN; - /* Length of struct trn_cell_extension extensions */ - result += trn_cell_extension_encoded_len(obj->extensions); + /* Length of struct trn_extension extensions */ + result += trn_extension_encoded_len(obj->extensions); /* Length of u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR] */ result += 1; @@ -1159,9 +1159,9 @@ trn_cell_introduce_encrypted_encode(uint8_t *output, const size_t avail, const t memcpy(ptr, obj->rend_cookie, TRUNNEL_REND_COOKIE_LEN); written += TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; - /* Encode struct trn_cell_extension extensions */ + /* Encode struct trn_extension extensions */ trunnel_assert(written <= avail); - result = trn_cell_extension_encode(ptr, avail - written, obj->extensions); + result = trn_extension_encode(ptr, avail - written, obj->extensions); if (result < 0) goto fail; /* XXXXXXX !*/ written += result; ptr += result; @@ -1263,8 +1263,8 @@ trn_cell_introduce_encrypted_parse_into(trn_cell_introduce_encrypted_t *obj, con memcpy(obj->rend_cookie, ptr, TRUNNEL_REND_COOKIE_LEN); remaining -= TRUNNEL_REND_COOKIE_LEN; ptr += TRUNNEL_REND_COOKIE_LEN; - /* Parse struct trn_cell_extension extensions */ - result = trn_cell_extension_parse(&obj->extensions, ptr, remaining); + /* Parse struct trn_extension extensions */ + result = trn_extension_parse(&obj->extensions, ptr, remaining); if (result < 0) goto relay_fail; trunnel_assert((size_t)result <= remaining); diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h index 8dabff3cb5..ea37502d8e 100644 --- a/src/trunnel/hs/cell_introduce1.h +++ b/src/trunnel/hs/cell_introduce1.h @@ -8,7 +8,7 @@ #include <stdint.h> #include "trunnel.h" -struct trn_cell_extension_st; +struct trn_extension_st; struct link_specifier_st; #define TRUNNEL_SHA1_LEN 20 #define TRUNNEL_REND_COOKIE_LEN 20 @@ -25,7 +25,7 @@ struct trn_cell_introduce1_st { uint8_t auth_key_type; uint16_t auth_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) auth_key; - struct trn_cell_extension_st *extensions; + struct trn_extension_st *extensions; TRUNNEL_DYNARRAY_HEAD(, uint8_t) encrypted; uint8_t trunnel_error_code_; }; @@ -34,7 +34,7 @@ typedef struct trn_cell_introduce1_st trn_cell_introduce1_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE_ACK) struct trn_cell_introduce_ack_st { uint16_t status; - struct trn_cell_extension_st *extensions; + struct trn_extension_st *extensions; uint8_t trunnel_error_code_; }; #endif @@ -42,7 +42,7 @@ typedef struct trn_cell_introduce_ack_st trn_cell_introduce_ack_t; #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE_ENCRYPTED) struct trn_cell_introduce_encrypted_st { uint8_t rend_cookie[TRUNNEL_REND_COOKIE_LEN]; - struct trn_cell_extension_st *extensions; + struct trn_extension_st *extensions; uint8_t onion_key_type; uint16_t onion_key_len; TRUNNEL_DYNARRAY_HEAD(, uint8_t) onion_key; @@ -169,21 +169,21 @@ int trn_cell_introduce1_setlen_auth_key(trn_cell_introduce1_t *inp, size_t newle /** Return the value of the extensions field of the * trn_cell_introduce1_t in 'inp' */ -struct trn_cell_extension_st * trn_cell_introduce1_get_extensions(trn_cell_introduce1_t *inp); +struct trn_extension_st * trn_cell_introduce1_get_extensions(trn_cell_introduce1_t *inp); /** As trn_cell_introduce1_get_extensions, but take and return a const * pointer */ -const struct trn_cell_extension_st * trn_cell_introduce1_getconst_extensions(const trn_cell_introduce1_t *inp); +const struct trn_extension_st * trn_cell_introduce1_getconst_extensions(const trn_cell_introduce1_t *inp); /** Set the value of the extensions field of the trn_cell_introduce1_t * in 'inp' to 'val'. Free the old value if any. Steals the * referenceto 'val'.Return 0 on success; return -1 and set the error * code on 'inp' on failure. */ -int trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce1_set_extensions(trn_cell_introduce1_t *inp, struct trn_extension_st *val); /** As trn_cell_introduce1_set_extensions, but does not free the * previous value. */ -int trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce1_set0_extensions(trn_cell_introduce1_t *inp, struct trn_extension_st *val); /** Return the length of the dynamic array holding the encrypted field * of the trn_cell_introduce1_t in 'inp'. */ @@ -266,21 +266,21 @@ int trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t va /** Return the value of the extensions field of the * trn_cell_introduce_ack_t in 'inp' */ -struct trn_cell_extension_st * trn_cell_introduce_ack_get_extensions(trn_cell_introduce_ack_t *inp); +struct trn_extension_st * trn_cell_introduce_ack_get_extensions(trn_cell_introduce_ack_t *inp); /** As trn_cell_introduce_ack_get_extensions, but take and return a * const pointer */ -const struct trn_cell_extension_st * trn_cell_introduce_ack_getconst_extensions(const trn_cell_introduce_ack_t *inp); +const struct trn_extension_st * trn_cell_introduce_ack_getconst_extensions(const trn_cell_introduce_ack_t *inp); /** Set the value of the extensions field of the * trn_cell_introduce_ack_t in 'inp' to 'val'. Free the old value if * any. Steals the referenceto 'val'.Return 0 on success; return -1 * and set the error code on 'inp' on failure. */ -int trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce_ack_set_extensions(trn_cell_introduce_ack_t *inp, struct trn_extension_st *val); /** As trn_cell_introduce_ack_set_extensions, but does not free the * previous value. */ -int trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce_ack_set0_extensions(trn_cell_introduce_ack_t *inp, struct trn_extension_st *val); /** Return a newly allocated trn_cell_introduce_encrypted with all * elements set to zero. */ @@ -347,21 +347,21 @@ const uint8_t * trn_cell_introduce_encrypted_getconstarray_rend_cookie(const tr /** Return the value of the extensions field of the * trn_cell_introduce_encrypted_t in 'inp' */ -struct trn_cell_extension_st * trn_cell_introduce_encrypted_get_extensions(trn_cell_introduce_encrypted_t *inp); +struct trn_extension_st * trn_cell_introduce_encrypted_get_extensions(trn_cell_introduce_encrypted_t *inp); /** As trn_cell_introduce_encrypted_get_extensions, but take and * return a const pointer */ -const struct trn_cell_extension_st * trn_cell_introduce_encrypted_getconst_extensions(const trn_cell_introduce_encrypted_t *inp); +const struct trn_extension_st * trn_cell_introduce_encrypted_getconst_extensions(const trn_cell_introduce_encrypted_t *inp); /** Set the value of the extensions field of the * trn_cell_introduce_encrypted_t in 'inp' to 'val'. Free the old * value if any. Steals the referenceto 'val'.Return 0 on success; * return -1 and set the error code on 'inp' on failure. */ -int trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce_encrypted_set_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_extension_st *val); /** As trn_cell_introduce_encrypted_set_extensions, but does not free * the previous value. */ -int trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_cell_extension_st *val); +int trn_cell_introduce_encrypted_set0_extensions(trn_cell_introduce_encrypted_t *inp, struct trn_extension_st *val); /** Return the value of the onion_key_type field of the * trn_cell_introduce_encrypted_t in 'inp' */ diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel index 5911c695a2..6682227b44 100644 --- a/src/trunnel/hs/cell_introduce1.trunnel +++ b/src/trunnel/hs/cell_introduce1.trunnel @@ -5,7 +5,7 @@ */ /* From cell_common.trunnel. */ -extern struct trn_cell_extension; +extern struct trn_extension; /* From ed25519_cert.trunnel. */ extern struct link_specifier; @@ -38,7 +38,7 @@ struct trn_cell_introduce1 { u8 auth_key[auth_key_len]; /* Extension(s). Reserved fields. */ - struct trn_cell_extension extensions; + struct trn_extension extensions; /* Variable length, up to the end of cell. */ u8 encrypted[]; @@ -50,7 +50,7 @@ struct trn_cell_introduce_ack { u16 status; /* Extension(s). Reserved fields. */ - struct trn_cell_extension extensions; + struct trn_extension extensions; }; /* Encrypted section of the INTRODUCE1/INTRODUCE2 cell. */ @@ -59,7 +59,7 @@ struct trn_cell_introduce_encrypted { u8 rend_cookie[TRUNNEL_REND_COOKIE_LEN]; /* Extension(s). Reserved fields. */ - struct trn_cell_extension extensions; + struct trn_extension extensions; /* Onion key material. */ u8 onion_key_type IN [TRUNNEL_HS_INTRO_ONION_KEY_TYPE_NTOR]; diff --git a/src/trunnel/include.am b/src/trunnel/include.am index d551af83bd..43d44d7720 100644 --- a/src/trunnel/include.am +++ b/src/trunnel/include.am @@ -8,6 +8,7 @@ endif TRUNNELINPUTS = \ src/trunnel/ed25519_cert.trunnel \ + src/trunnel/extension.trunnel \ src/trunnel/link_handshake.trunnel \ src/trunnel/pwbox.trunnel \ src/trunnel/channelpadding_negotiation.trunnel \ @@ -20,9 +21,9 @@ TRUNNELINPUTS = \ TRUNNELSOURCES = \ src/ext/trunnel/trunnel.c \ src/trunnel/ed25519_cert.c \ + src/trunnel/extension.c \ src/trunnel/link_handshake.c \ src/trunnel/pwbox.c \ - src/trunnel/hs/cell_common.c \ src/trunnel/hs/cell_establish_intro.c \ src/trunnel/hs/cell_introduce1.c \ src/trunnel/hs/cell_rendezvous.c \ @@ -39,9 +40,9 @@ TRUNNELHEADERS = \ src/ext/trunnel/trunnel-impl.h \ src/trunnel/trunnel-local.h \ src/trunnel/ed25519_cert.h \ + src/trunnel/extension.h \ src/trunnel/link_handshake.h \ src/trunnel/pwbox.h \ - src/trunnel/hs/cell_common.h \ src/trunnel/hs/cell_establish_intro.h \ src/trunnel/hs/cell_introduce1.h \ src/trunnel/hs/cell_rendezvous.h \

1 0

[tor/main] cc: Export sendme_inc validation into public function
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 02f4e7b42e2158039a138c9cb68211304a754a1d Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 22:43:58 2022 +0000 cc: Export sendme_inc validation into public function This is needed for client validation of server descriptor value, before launching a rend/intro. --- src/core/or/congestion_control_common.c | 24 ++++++++++++++++++++++++ src/core/or/congestion_control_common.h | 1 + 2 files changed, 25 insertions(+) diff --git a/src/core/or/congestion_control_common.c b/src/core/or/congestion_control_common.c index e999f435ed..6d4f34cff8 100644 --- a/src/core/or/congestion_control_common.c +++ b/src/core/or/congestion_control_common.c @@ -1312,6 +1312,30 @@ congestion_control_build_ext_response(const circuit_params_t *our_params, return (int)ret; } +/** Return true iff the given sendme increment is within the acceptable + * margins. */ +bool +congestion_control_validate_sendme_increment(uint8_t sendme_inc) +{ + /* We will only accept this response (and this circuit) if sendme_inc + * is within a factor of 2 of our consensus value. We should not need + * to change cc_sendme_inc much, and if we do, we can spread out those + * changes over smaller increments once every 4 hours. Exits that + * violate this range should just not be used. */ +#define MAX_SENDME_INC_NEGOTIATE_FACTOR 2 + + if (sendme_inc == 0) + return false; + + if (sendme_inc > + MAX_SENDME_INC_NEGOTIATE_FACTOR * congestion_control_sendme_inc() || + sendme_inc < + congestion_control_sendme_inc() / MAX_SENDME_INC_NEGOTIATE_FACTOR) { + return false; + } + return true; +} + /** Return 1 if CC is enabled which also will set the SENDME increment into our * params_out. Return 0 if CC is disabled. Else, return -1 on error. */ int diff --git a/src/core/or/congestion_control_common.h b/src/core/or/congestion_control_common.h index 21291983e0..936cb5887c 100644 --- a/src/core/or/congestion_control_common.h +++ b/src/core/or/congestion_control_common.h @@ -59,6 +59,7 @@ int congestion_control_build_ext_response(const circuit_params_t *our_params, int congestion_control_parse_ext_response(const uint8_t *msg, const size_t msg_len, circuit_params_t *params_out); +bool congestion_control_validate_sendme_increment(uint8_t sendme_inc); /* Ugh, C.. these are private. Use the getter instead, when * external to the congestion control code. */

1 0

[tor/main] hs: Setup congestion control on client rends
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit c79df44d2221211590ea0b33b555d559b2d467fa Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 19:37:30 2022 +0000 hs: Setup congestion control on client rends Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_client.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 206a42dc0c..69b071e197 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -11,12 +11,15 @@ #include "core/or/or.h" #include "app/config/config.h" #include "core/crypto/hs_ntor.h" +#include "core/crypto/onion_crypto.h" #include "core/mainloop/connection.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" #include "core/or/connection_edge.h" +#include "core/or/congestion_control_common.h" #include "core/or/extendinfo.h" +#include "core/or/protover.h" #include "core/or/reasons.h" #include "feature/client/circpathbias.h" #include "feature/dirclient/dirclient.h" @@ -756,6 +759,39 @@ client_intro_circ_has_opened(origin_circuit_t *circ) connection_ap_attach_pending(1); } +/** Setup the congestion control parameters on the given rendezvous circuit. + * This looks at the service descriptor flow control line (if any). */ +static void +setup_rendezvous_circ_congestion_control(origin_circuit_t *circ) +{ + circuit_params_t circ_params = {0}; + + tor_assert(circ); + + /* Setup congestion control parameters on the circuit. */ + const hs_descriptor_t *desc = + hs_cache_lookup_as_client(&circ->hs_ident->identity_pk); + if (BUG(desc == NULL)) { + /* This should really never happened but in case, scream and stop. */ + return; + } + + /* Check if the service lists support for congestion control in its + * descriptor. If not, we don't setup congestion control. */ + if (!desc->encrypted_data.flow_control_pv || + !protocol_list_supports_protocol(desc->encrypted_data.flow_control_pv, + PRT_FLOWCTRL, PROTOVER_FLOWCTRL_CC)) { + return; + } + + /* Take values from the consensus. */ + circ_params.cc_enabled = congestion_control_enabled(); + if (circ_params.cc_enabled) { + circ_params.sendme_inc_cells = desc->encrypted_data.sendme_inc; + TO_CIRCUIT(circ)->ccontrol = congestion_control_new(&circ_params); + } +} + /** Called when a rendezvous circuit has opened. */ static void client_rendezvous_circ_has_opened(origin_circuit_t *circ) @@ -785,6 +821,9 @@ client_rendezvous_circ_has_opened(origin_circuit_t *circ) log_info(LD_REND, "Rendezvous circuit has opened to %s.", safe_str_client(extend_info_describe(rp_ei))); + /* Setup congestion control parameters on the circuit. */ + setup_rendezvous_circ_congestion_control(circ); + /* Ignore returned value, nothing we can really do. On failure, the circuit * will be marked for close. */ hs_circ_send_establish_rendezvous(circ);

1 0

[tor/main] hs: Republish onion descriptor on sendme_inc change
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 0eaf0e8a31979621f8a2cfb1671cc4f02fe92b87 Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 19:04:34 2022 +0000 hs: Republish onion descriptor on sendme_inc change Republishing is necessary to ensure that clients connect using the correct sendme_inc upon any change. Additionally, introduction points must be re-chosen, so that cached descriptors with old values are not usable. We do not expect to change sendme_inc, unless cell size or TLS record size changes, so this should be rare. Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_service.c | 29 +++++++++++++++++++++++++++++ src/feature/hs/hs_service.h | 1 + src/feature/nodelist/networkstatus.c | 1 + 3 files changed, 31 insertions(+) diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index bf99ad69bd..ff34e5dc44 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -16,6 +16,7 @@ #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" +#include "core/or/congestion_control_common.h" #include "core/or/extendinfo.h" #include "core/or/relay.h" #include "feature/client/circpathbias.h" @@ -3690,6 +3691,34 @@ hs_service_map_has_changed(void) rescan_periodic_events(get_options()); } +/** Called when a new consensus has arrived and has been set globally. The new + * consensus is pointed by ns. */ +void +hs_service_new_consensus_params(const networkstatus_t *ns) +{ + tor_assert(ns); + + /* This value is the new value from the consensus. */ + uint8_t current_sendme_inc = congestion_control_sendme_inc(); + + if (!hs_service_map) + return; + + /* Check each service and look if their descriptor contains a different + * sendme increment. If so, nuke all intro points by forcing an expiration + * which will lead to rebuild and reupload with the new value. */ + FOR_EACH_SERVICE_BEGIN(service) { + FOR_EACH_DESCRIPTOR_BEGIN(service, desc) { + if (desc->desc && + desc->desc->encrypted_data.sendme_inc != current_sendme_inc) { + /* Passing the maximum time_t will force expiration of all intro points + * and thus will lead to a rebuild of the descriptor. */ + cleanup_intro_points(service, LONG_MAX); + } + } FOR_EACH_DESCRIPTOR_END; + } FOR_EACH_SERVICE_END; +} + /** Upload an encoded descriptor in encoded_desc of the given version. This * descriptor is for the service identity_pk and blinded_pk used to setup the * directory connection identifier. It is uploaded to the directory hsdir_rs diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h index c48f470245..95461289ce 100644 --- a/src/feature/hs/hs_service.h +++ b/src/feature/hs/hs_service.h @@ -355,6 +355,7 @@ smartlist_t *hs_service_get_metrics_stores(void); void hs_service_map_has_changed(void); void hs_service_dir_info_changed(void); +void hs_service_new_consensus_params(const networkstatus_t *ns); void hs_service_run_scheduled_events(time_t now); void hs_service_circuit_has_opened(origin_circuit_t *circ); int hs_service_receive_intro_established(origin_circuit_t *circ, diff --git a/src/feature/nodelist/networkstatus.c b/src/feature/nodelist/networkstatus.c index 77e2b547f5..41fd312295 100644 --- a/src/feature/nodelist/networkstatus.c +++ b/src/feature/nodelist/networkstatus.c @@ -1704,6 +1704,7 @@ notify_after_networkstatus_changes(void) router_new_consensus_params(c); congestion_control_new_consensus_params(c); flow_control_new_consensus_params(c); + hs_service_new_consensus_params(c); /* Maintenance of our L2 guard list */ maintain_layer2_guards();

1 0

[tor/main] Implement core of ntor3 negotiation.
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit bd2e9a44097ff85934bc1c34f4fce2017a7a92c8 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Sep 14 15:01:45 2021 -0400 Implement core of ntor3 negotiation. There are a lot of TODOs about what to send, whom to send it to, and etc. --- src/core/crypto/onion_crypto.c | 136 ++++++++++++++++++++++++++++++++++++++ src/core/crypto/onion_crypto.h | 3 + src/core/or/circuitbuild.c | 26 +++++++- src/core/or/circuitbuild.h | 4 ++ src/core/or/crypt_path_st.h | 3 + src/core/or/extend_info_st.h | 3 + src/core/or/extendinfo.c | 12 ++++ src/core/or/extendinfo.h | 1 + src/core/or/or.h | 3 +- src/feature/relay/relay_metrics.c | 2 + 10 files changed, 191 insertions(+), 2 deletions(-) diff --git a/src/core/crypto/onion_crypto.c b/src/core/crypto/onion_crypto.c index f93c2c8c58..b0808b80a8 100644 --- a/src/core/crypto/onion_crypto.c +++ b/src/core/crypto/onion_crypto.c @@ -35,14 +35,25 @@ #include "core/crypto/onion_crypto.h" #include "core/crypto/onion_fast.h" #include "core/crypto/onion_ntor.h" +#include "core/crypto/onion_ntor_v3.h" #include "core/crypto/onion_tap.h" #include "feature/relay/router.h" #include "lib/crypt_ops/crypto_dh.h" #include "lib/crypt_ops/crypto_util.h" +#include "feature/relay/routerkeys.h" + +#include "core/or/circuitbuild.h" #include "core/or/crypt_path_st.h" #include "core/or/extend_info_st.h" +/* TODO: Add this to the specification! */ +const uint8_t NTOR3_CIRC_VERIFICATION[] = "circuit extend"; +const size_t NTOR3_CIRC_VERIFICATION_LEN = 14; + +#define NTOR3_VERIFICATION_ARGS \ + NTOR3_CIRC_VERIFICATION, NTOR3_CIRC_VERIFICATION_LEN + /** Return a new server_onion_keys_t object with all of the keys * and other info we might need to do onion handshakes. (We make a copy of * our keys for each cpuworker to avoid race conditions with the main thread, @@ -52,6 +63,7 @@ server_onion_keys_new(void) { server_onion_keys_t *keys = tor_malloc_zero(sizeof(server_onion_keys_t)); memcpy(keys->my_identity, router_get_my_id_digest(), DIGEST_LEN); + ed25519_pubkey_copy(&keys->my_ed_identity, get_master_identity_key()); dup_onion_keys(&keys->onion_key, &keys->last_onion_key); keys->curve25519_key_map = construct_ntor_key_map(); keys->junk_keypair = tor_malloc_zero(sizeof(curve25519_keypair_t)); @@ -91,6 +103,9 @@ onion_handshake_state_release(onion_handshake_state_t *state) ntor_handshake_state_free(state->u.ntor); state->u.ntor = NULL; break; + case ONION_HANDSHAKE_TYPE_NTOR_V3: + ntor3_handshake_state_free(state->u.ntor3); + break; default: /* LCOV_EXCL_START * This state should not even exist. */ @@ -149,6 +164,37 @@ onion_skin_create(int type, r = NTOR_ONIONSKIN_LEN; break; + case ONION_HANDSHAKE_TYPE_NTOR_V3: + if (!extend_info_supports_ntor_v3(node)) + return -1; + if (ed25519_public_key_is_zero(&node->ed_identity)) + return -1; + size_t msg_len = 0; + uint8_t *msg = NULL; + if (client_circ_negotiation_message(node, &msg, &msg_len) < 0) + return -1; + uint8_t *onion_skin = NULL; + size_t onion_skin_len = 0; + int status = onion_skin_ntor3_create( + &node->ed_identity, + &node->curve25519_onion_key, + NTOR3_VERIFICATION_ARGS, + msg, msg_len, /* client message */ + &state_out->u.ntor3, + &onion_skin, &onion_skin_len); + tor_free(msg); + if (status < 0) { + return -1; + } + if (onion_skin_len > onion_skin_out_maxlen) { + tor_free(onion_skin); + return -1; + } + memcpy(onion_skin_out, onion_skin, onion_skin_len); + tor_free(onion_skin); + r = (int) onion_skin_len; + break; + default: /* LCOV_EXCL_START * We should never try to create an impossible handshake type. */ @@ -238,6 +284,64 @@ onion_skin_server_handshake(int type, r = NTOR_REPLY_LEN; } break; + case ONION_HANDSHAKE_TYPE_NTOR_V3: { + size_t keys_tmp_len = keys_out_len + DIGEST_LEN; + tor_assert(keys_tmp_len <= MAX_KEYS_TMP_LEN); + uint8_t keys_tmp[MAX_KEYS_TMP_LEN]; + uint8_t *client_msg = NULL; + size_t client_msg_len = 0; + ntor3_server_handshake_state_t *state = NULL; + + if (onion_skin_ntor3_server_handshake_part1( + keys->curve25519_key_map, + keys->junk_keypair, + &keys->my_ed_identity, + onion_skin, onionskin_len, + NTOR3_VERIFICATION_ARGS, + &client_msg, &client_msg_len, + &state) < 0) { + return -1; + } + + uint8_t reply_msg[1] = { 0 }; + size_t reply_msg_len = 1; + { + /* TODO, Okay, we have a message from the client trying to negotiate + * parameters. We need to decide whether the client's request is + * okay, what we're going to say in response, and what circuit + * parameters we've just negotiated + */ + + tor_free(client_msg); + } + + uint8_t *server_handshake = NULL; + size_t server_handshake_len = 0; + if (onion_skin_ntor3_server_handshake_part2( + state, + NTOR3_VERIFICATION_ARGS, + reply_msg, reply_msg_len, + &server_handshake, &server_handshake_len, + keys_tmp, keys_tmp_len) < 0) { + // XXX TODO free some stuff + return -1; + } + + if (server_handshake_len > reply_out_maxlen) { + // XXX TODO free that stuff + return -1; + } + + memcpy(keys_out, keys_tmp, keys_out_len); + memcpy(rend_nonce_out, keys_tmp+keys_out_len, DIGEST_LEN); + memcpy(reply_out, server_handshake, server_handshake_len); + memwipe(keys_tmp, 0, keys_tmp_len); + memwipe(server_handshake, 0, server_handshake_len); + tor_free(server_handshake); + + r = (int) server_handshake_len; + } + break; default: /* LCOV_EXCL_START * We should have rejected this far before this point */ @@ -321,6 +425,38 @@ onion_skin_client_handshake(int type, tor_free(keys_tmp); } return 0; + case ONION_HANDSHAKE_TYPE_NTOR_V3: { + size_t keys_tmp_len = keys_out_len + DIGEST_LEN; + uint8_t *keys_tmp = tor_malloc(keys_tmp_len); + uint8_t *server_msg = NULL; + size_t server_msg_len = 0; + int r = onion_ntor3_client_handshake( + handshake_state->u.ntor3, + reply, reply_len, + NTOR3_VERIFICATION_ARGS, + keys_tmp, keys_tmp_len, + &server_msg, &server_msg_len); + if (r < 0) { + tor_free(keys_tmp); + tor_free(server_msg); + return -1; + } + + // XXXX handle the server message! + { + // XXXX TODO: see what the server said, make sure it's okay, see what + // parameters it gave us, make sure we like them, and put them into + // `params_out` + } + tor_free(server_msg); + + memcpy(keys_out, keys_tmp, keys_out_len); + memcpy(rend_authenticator_out, keys_tmp + keys_out_len, DIGEST_LEN); + memwipe(keys_tmp, 0, keys_tmp_len); + tor_free(keys_tmp); + + return 0; + } default: log_warn(LD_BUG, "called with unknown handshake state type %d", type); tor_fragile_assert(); diff --git a/src/core/crypto/onion_crypto.h b/src/core/crypto/onion_crypto.h index af8dd1f03f..45e8eeca0c 100644 --- a/src/core/crypto/onion_crypto.h +++ b/src/core/crypto/onion_crypto.h @@ -12,8 +12,11 @@ #ifndef TOR_ONION_CRYPTO_H #define TOR_ONION_CRYPTO_H +#include "lib/crypt_ops/crypto_ed25519.h" + typedef struct server_onion_keys_t { uint8_t my_identity[DIGEST_LEN]; + ed25519_public_key_t my_ed_identity; crypto_pk_t *onion_key; crypto_pk_t *last_onion_key; struct di_digest256_map_t *curve25519_key_map; diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index f67fe196e5..ffb2c00493 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -841,7 +841,10 @@ circuit_pick_create_handshake(uint8_t *cell_type_out, * using the TAP handshake, and CREATE2 otherwise. */ if (extend_info_supports_ntor(ei)) { *cell_type_out = CELL_CREATE2; - *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR; + if (ei->supports_ntor3_and_param_negotiation) + *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR_V3; + else + *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR; } else { /* XXXX030 Remove support for deciding to use TAP and EXTEND. */ *cell_type_out = CELL_CREATE; @@ -2579,3 +2582,24 @@ circuit_upgrade_circuits_from_guard_wait(void) smartlist_free(to_upgrade); } + +/** + * Try to generate a circuit-negotiation message for communication with a + * given relay. Assumes we are using ntor v3, or some later version that + * supports parameter negotiatoin. + * + * On success, return 0 and pass back a message in the `out` parameters. + * Otherwise, return -1. + **/ +int +client_circ_negotiation_message(const extend_info_t *ei, + uint8_t **msg_out, + size_t *msg_len_out) +{ + tor_assert(ei && msg_out && msg_len_out); + if (! ei->supports_ntor3_and_param_negotiation) + return -1; + + /* TODO: fill in the client message that gets sent. */ + tor_assert_unreached(); +} diff --git a/src/core/or/circuitbuild.h b/src/core/or/circuitbuild.h index 278cdfae1c..a66c611132 100644 --- a/src/core/or/circuitbuild.h +++ b/src/core/or/circuitbuild.h @@ -64,6 +64,10 @@ circuit_deliver_create_cell,(circuit_t *circ, const struct create_cell_t *create_cell, int relayed)); +int client_circ_negotiation_message(const extend_info_t *ei, + uint8_t **msg_out, + size_t *msg_len_out); + #ifdef CIRCUITBUILD_PRIVATE STATIC circid_t get_unique_circ_id_by_chan(channel_t *chan); STATIC int new_route_len(uint8_t purpose, extend_info_t *exit_ei, diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index ddc85eec14..fdc6b6fbb2 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -21,11 +21,14 @@ struct fast_handshake_state_t; struct ntor_handshake_state_t; struct crypto_dh_t; struct onion_handshake_state_t { + /** One of `ONION_HANDSHAKE_TYPE_*`. Determines which member of the union + * is accessible. */ uint16_t tag; union { struct fast_handshake_state_t *fast; struct crypto_dh_t *tap; struct ntor_handshake_state_t *ntor; + struct ntor3_handshake_state_t *ntor3; } u; }; diff --git a/src/core/or/extend_info_st.h b/src/core/or/extend_info_st.h index 868417f392..1666b168ad 100644 --- a/src/core/or/extend_info_st.h +++ b/src/core/or/extend_info_st.h @@ -38,6 +38,9 @@ struct extend_info_t { crypto_pk_t *onion_key; /** Ntor onion key for this hop. */ curve25519_public_key_t curve25519_onion_key; + /** True if this hop supports NtorV3 _and_ negotiation of at least one + * relevant circuit parameter (currently only congestion control). */ + bool supports_ntor3_and_param_negotiation; }; #endif /* !defined(EXTEND_INFO_ST_H) */ diff --git a/src/core/or/extendinfo.c b/src/core/or/extendinfo.c index 6bcef181be..f33e887e7d 100644 --- a/src/core/or/extendinfo.c +++ b/src/core/or/extendinfo.c @@ -56,6 +56,9 @@ extend_info_new(const char *nickname, if (addr) { extend_info_add_orport(info, addr, port); } + + info->supports_ntor3_and_param_negotiation = false; // TODO: set this. + return info; } @@ -210,6 +213,15 @@ extend_info_supports_ntor(const extend_info_t* ei) CURVE25519_PUBKEY_LEN); } +/** Return true if we can use the Ntor v3 handshake with `ei` */ +int +extend_info_supports_ntor_v3(const extend_info_t *ei) +{ + tor_assert(ei); + return extend_info_supports_ntor(ei) && + ei->supports_ntor3_and_param_negotiation; +} + /* Does ei have an onion key which it would prefer to use? * Currently, we prefer ntor keys*/ int diff --git a/src/core/or/extendinfo.h b/src/core/or/extendinfo.h index 9c07205709..ffe8317431 100644 --- a/src/core/or/extendinfo.h +++ b/src/core/or/extendinfo.h @@ -26,6 +26,7 @@ void extend_info_free_(extend_info_t *info); int extend_info_addr_is_allowed(const tor_addr_t *addr); int extend_info_supports_tap(const extend_info_t* ei); int extend_info_supports_ntor(const extend_info_t* ei); +int extend_info_supports_ntor_v3(const extend_info_t *ei); int extend_info_has_preferred_onion_key(const extend_info_t* ei); bool extend_info_has_orport(const extend_info_t *ei, const tor_addr_t *addr, uint16_t port); diff --git a/src/core/or/or.h b/src/core/or/or.h index 392a848ee7..3911797563 100644 --- a/src/core/or/or.h +++ b/src/core/or/or.h @@ -790,7 +790,8 @@ typedef enum { #define ONION_HANDSHAKE_TYPE_TAP 0x0000 #define ONION_HANDSHAKE_TYPE_FAST 0x0001 #define ONION_HANDSHAKE_TYPE_NTOR 0x0002 -#define MAX_ONION_HANDSHAKE_TYPE 0x0002 +#define ONION_HANDSHAKE_TYPE_NTOR_V3 0x0003 /* TODO: Add to spec */ +#define MAX_ONION_HANDSHAKE_TYPE 0x0003 typedef struct onion_handshake_state_t onion_handshake_state_t; typedef struct relay_crypto_t relay_crypto_t; diff --git a/src/feature/relay/relay_metrics.c b/src/feature/relay/relay_metrics.c index fc8eb10d1b..908cfdb0d9 100644 --- a/src/feature/relay/relay_metrics.c +++ b/src/feature/relay/relay_metrics.c @@ -104,6 +104,8 @@ handshake_type_to_str(const uint16_t type) return "fast"; case ONION_HANDSHAKE_TYPE_NTOR: return "ntor"; + case ONION_HANDSHAKE_TYPE_NTOR_V3: + return "ntor_v3"; default: // LCOV_EXCL_START tor_assert_unreached();

1 0

[tor/main] hs: Decode flow-control line
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 89f5eeefb83231c6eb7b8a857b173a9f962f3c0d Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 20:06:36 2022 +0000 hs: Decode flow-control line This puts the flow control version (unparsed) in the descriptor. The client doesn't use it yet. Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_descriptor.c | 18 ++++++++++++++++++ src/feature/hs/hs_descriptor.h | 4 ++++ src/test/hs_test_helpers.c | 6 ++++++ src/test/test_protover.c | 25 +++++++++++++++++++++++-- 4 files changed, 51 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 80273c27b1..523ededf8c 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -2347,6 +2347,23 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, desc_encrypted_out->single_onion_service = 1; } + /* Get flow control if any. */ + tok = find_opt_by_keyword(tokens, R3_FLOW_CONTROL); + if (tok) { + int ok; + + tor_asprintf(&desc_encrypted_out->flow_control_pv, "FlowCtrl=%s", + tok->args[0]); + uint8_t sendme_inc = + (uint8_t) tor_parse_uint64(tok->args[1], 10, 0, UINT8_MAX, &ok, NULL); + if (!ok || !congestion_control_validate_sendme_increment(sendme_inc)) { + log_warn(LD_REND, "Service descriptor flow control sendme " + "value is invalid"); + goto err; + } + desc_encrypted_out->sendme_inc = sendme_inc; + } + /* Initialize the descriptor's introduction point list before we start * decoding. Having 0 intro point is valid. Then decode them all. */ desc_encrypted_out->intro_points = smartlist_new(); @@ -2757,6 +2774,7 @@ hs_desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) hs_desc_intro_point_free(ip)); smartlist_free(desc->intro_points); } + tor_free(desc->flow_control_pv); memwipe(desc, 0, sizeof(*desc)); } diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h index d959431369..8f5ee6a2f1 100644 --- a/src/feature/hs/hs_descriptor.h +++ b/src/feature/hs/hs_descriptor.h @@ -167,6 +167,10 @@ typedef struct hs_desc_encrypted_data_t { /** Is this descriptor a single onion service? */ unsigned int single_onion_service : 1; + /** Flow control protocol version line. */ + char *flow_control_pv; + uint8_t sendme_inc; + /** A list of intro points. Contains hs_desc_intro_point_t objects. */ smartlist_t *intro_points; } hs_desc_encrypted_data_t; diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c index 2af4f71d72..20b225ba4a 100644 --- a/src/test/hs_test_helpers.c +++ b/src/test/hs_test_helpers.c @@ -4,6 +4,7 @@ #define HS_CLIENT_PRIVATE #include "core/or/or.h" +#include "core/or/versions.h" #include "lib/crypt_ops/crypto_ed25519.h" #include "test/test.h" #include "feature/nodelist/torcert.h" @@ -186,6 +187,7 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip, desc->encrypted_data.create2_ntor = 1; desc->encrypted_data.intro_auth_types = smartlist_new(); desc->encrypted_data.single_onion_service = 1; + desc->encrypted_data.flow_control_pv = tor_strdup("FlowCtrl=1-2"); smartlist_add(desc->encrypted_data.intro_auth_types, tor_strdup("ed25519")); desc->encrypted_data.intro_points = smartlist_new(); if (!no_ip) { @@ -332,6 +334,10 @@ hs_helper_desc_equal(const hs_descriptor_t *desc1, /* Encrypted data section. */ tt_uint_op(desc1->encrypted_data.create2_ntor, OP_EQ, desc2->encrypted_data.create2_ntor); + tt_uint_op(desc1->encrypted_data.single_onion_service, OP_EQ, + desc2->encrypted_data.single_onion_service); + tt_str_op(desc1->encrypted_data.flow_control_pv, OP_EQ, + desc2->encrypted_data.flow_control_pv); /* Authentication type. */ tt_int_op(!!desc1->encrypted_data.intro_auth_types, OP_EQ, diff --git a/src/test/test_protover.c b/src/test/test_protover.c index ae40556220..7ad02cb9c1 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -355,6 +355,9 @@ test_protover_supports_version(void *arg) #define PROTOVER_PADDING_V1 1 #define PROTOVER_FLOWCTRL_V1 1 +#define PROTOVER_FLOWCTRL_V2 2 + +#define PROTOVER_RELAY_NTOR_V3 4 /* Make sure we haven't forgotten any supported protocols */ static void @@ -644,7 +647,8 @@ test_protover_vote_roundtrip_ours(void *args) "supports_establish_intro_dos_extension: %d,\n" \ "supports_v3_hsdir: %d,\n" \ "supports_v3_rendezvous_point: %d,\n" \ - "supports_hs_setup_padding: %d.", \ + "supports_hs_setup_padding: %d,\n" \ + "supports_congestion_control: %d.", \ (flags).protocols_known, \ (flags).supports_extend2_cells, \ (flags).supports_accepting_ipv6_extends, \ @@ -656,7 +660,8 @@ test_protover_vote_roundtrip_ours(void *args) (flags).supports_establish_intro_dos_extension, \ (flags).supports_v3_hsdir, \ (flags).supports_v3_rendezvous_point, \ - (flags).supports_hs_setup_padding); \ + (flags).supports_hs_setup_padding, \ + (flags).supports_congestion_control); \ STMT_END /* Test that the proto_string version version_macro sets summary_flag. */ @@ -699,6 +704,22 @@ test_protover_summarize_flags(void *args) /* Now check version exceptions */ + /* Congestion control. */ + memset(&flags, 0, sizeof(flags)); + summarize_protover_flags(&flags, + PROTOVER("FlowCtrl", PROTOVER_FLOWCTRL_V2), + NULL); + summarize_protover_flags(&flags, + PROTOVER("Relay", PROTOVER_RELAY_NTOR_V3), + NULL); + DEBUG_PROTOVER(flags); + tt_int_op(flags.protocols_known, OP_EQ, 1); + tt_int_op(flags.supports_congestion_control, OP_EQ, 1); + /* Now clear those flags, and check the rest are zero */ + flags.protocols_known = 0; + flags.supports_congestion_control = 0; + tt_mem_op(&flags, OP_EQ, &zero_flags, sizeof(flags)); + /* EXTEND2 cell support */ memset(&flags, 0, sizeof(flags)); summarize_protover_flags(&flags, NULL, "Tor 0.2.4.8-alpha");

1 0

[tor/main] hs: Fix tests for congestion control
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 27d948dab8f579890abdef155d20062938b84259 Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 12:11:42 2022 +0000 hs: Fix tests for congestion control --- src/test/test_hs_client.c | 4 ++++ src/test/test_hs_descriptor.c | 5 +++++ src/test/test_protover.c | 17 ----------------- 3 files changed, 9 insertions(+), 17 deletions(-) diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 0fe71ed7bd..11a5589d21 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -54,6 +54,9 @@ #include "core/or/origin_circuit_st.h" #include "core/or/socks_request_st.h" +#define TOR_CONGESTION_CONTROL_PRIVATE +#include "core/or/congestion_control_common.h" + static int mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn) { @@ -771,6 +774,7 @@ test_desc_has_arrived_cleanup(void *arg) (void) arg; hs_init(); + congestion_control_set_cc_enabled(); MOCK(networkstatus_get_reasonably_live_consensus, mock_networkstatus_get_reasonably_live_consensus); diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index ec6c8ba6b4..ecb7da2450 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -24,6 +24,9 @@ #include "test/log_test_helpers.h" #include "test/rng_test_helpers.h" +#define TOR_CONGESTION_CONTROL_PRIVATE +#include "core/or/congestion_control_common.h" + #ifdef HAVE_CFLAG_WOVERLENGTH_STRINGS DISABLE_GCC_WARNING("-Woverlength-strings") /* We allow huge string constants in the unit tests, but not in the code @@ -247,6 +250,8 @@ test_decode_descriptor(void *arg) (void) arg; + congestion_control_set_cc_enabled(); + ret = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(ret, OP_EQ, 0); desc = hs_helper_build_hs_desc_with_ip(&signing_kp); diff --git a/src/test/test_protover.c b/src/test/test_protover.c index 7ad02cb9c1..9d14fd678a 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -355,7 +355,6 @@ test_protover_supports_version(void *arg) #define PROTOVER_PADDING_V1 1 #define PROTOVER_FLOWCTRL_V1 1 -#define PROTOVER_FLOWCTRL_V2 2 #define PROTOVER_RELAY_NTOR_V3 4 @@ -704,22 +703,6 @@ test_protover_summarize_flags(void *args) /* Now check version exceptions */ - /* Congestion control. */ - memset(&flags, 0, sizeof(flags)); - summarize_protover_flags(&flags, - PROTOVER("FlowCtrl", PROTOVER_FLOWCTRL_V2), - NULL); - summarize_protover_flags(&flags, - PROTOVER("Relay", PROTOVER_RELAY_NTOR_V3), - NULL); - DEBUG_PROTOVER(flags); - tt_int_op(flags.protocols_known, OP_EQ, 1); - tt_int_op(flags.supports_congestion_control, OP_EQ, 1); - /* Now clear those flags, and check the rest are zero */ - flags.protocols_known = 0; - flags.supports_congestion_control = 0; - tt_mem_op(&flags, OP_EQ, &zero_flags, sizeof(flags)); - /* EXTEND2 cell support */ memset(&flags, 0, sizeof(flags)); summarize_protover_flags(&flags, NULL, "Tor 0.2.4.8-alpha");

1 0

[tor/main] hs: Decode and cache the INTRODUCE cell congestion control extension
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 729dd14fdec9ece47142a5dc1434d32da109982e Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 22:44:25 2022 +0000 hs: Decode and cache the INTRODUCE cell congestion control extension Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_cell.c | 41 +++++++++++++++++++++++++++++++++++++++++ src/feature/hs/hs_cell.h | 4 ++++ 2 files changed, 45 insertions(+) diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c index 4b961a6add..b7ab68f7c4 100644 --- a/src/feature/hs/hs_cell.c +++ b/src/feature/hs/hs_cell.c @@ -14,6 +14,7 @@ #include "feature/hs/hs_cell.h" #include "feature/hs/hs_ob.h" #include "core/crypto/hs_ntor.h" +#include "core/or/congestion_control_common.h" #include "core/or/origin_circuit_st.h" @@ -783,6 +784,31 @@ get_introduce2_keys_and_verify_mac(hs_cell_introduce2_data_t *data, return intro_keys_result; } +/** Parse the given INTRODUCE cell extension. Update the data object + * accordingly depending on the extension. */ +static void +parse_introduce_cell_extension(hs_cell_introduce2_data_t *data, + const trn_extension_field_t *field) +{ + trn_extension_field_cc_t *cc_field = NULL; + + tor_assert(data); + tor_assert(field); + + switch (trn_extension_field_get_field_type(field)) { + case TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST: + /* CC requests, enable it. */ + data->cc_enabled = 1; + data->pv.protocols_known = 1; + data->pv.supports_congestion_control = data->cc_enabled; + break; + default: + break; + } + + trn_extension_field_cc_free(cc_field); +} + /** Parse the INTRODUCE2 cell using data which contains everything we need to * do so and contains the destination buffers of information we extract and * compute from the cell. Return 0 on success else a negative value. The @@ -911,6 +937,21 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data, smartlist_add(data->link_specifiers, lspec_dup); } + /* Extract any extensions. */ + const trn_extension_t *extensions = + trn_cell_introduce_encrypted_get_extensions(enc_cell); + if (extensions != NULL) { + for (size_t idx = 0; idx < trn_extension_get_num(extensions); idx++) { + const trn_extension_field_t *field = + trn_extension_getconst_fields(extensions, idx); + if (BUG(field == NULL)) { + /* The number of extensions should match the number of fields. */ + break; + } + parse_introduce_cell_extension(data, field); + } + } + /* Success. */ ret = 0; log_info(LD_REND, "Valid INTRODUCE2 cell. Launching rendezvous circuit."); diff --git a/src/feature/hs/hs_cell.h b/src/feature/hs/hs_cell.h index 43be038a93..c76a0690a8 100644 --- a/src/feature/hs/hs_cell.h +++ b/src/feature/hs/hs_cell.h @@ -84,6 +84,10 @@ typedef struct hs_cell_introduce2_data_t { smartlist_t *link_specifiers; /** Replay cache of the introduction point. */ replaycache_t *replay_cache; + /** Flow control negotiation parameters. */ + protover_summary_flags_t pv; + /** Congestion control parameters. */ + unsigned int cc_enabled : 1; } hs_cell_introduce2_data_t; /* Build cell API. */

1 0

[tor/main] hs: Build INTRODUCE extension in the encrypted section
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 38e9d9b465f5ae825d054b7baf06a851ad6b371a Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Feb 3 21:06:28 2022 +0000 hs: Build INTRODUCE extension in the encrypted section Signed-off-by: David Goulet <dgoulet(a)torproject.org> --- src/feature/hs/hs_cell.c | 28 ++++++++++++++++++++++++++-- src/feature/hs/hs_cell.h | 2 ++ src/feature/hs/hs_circuit.c | 8 ++++++++ 3 files changed, 36 insertions(+), 2 deletions(-) diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c index 116395b3c8..4b961a6add 100644 --- a/src/feature/hs/hs_cell.c +++ b/src/feature/hs/hs_cell.c @@ -18,6 +18,7 @@ #include "core/or/origin_circuit_st.h" /* Trunnel. */ +#include "trunnel/congestion_control.h" #include "trunnel/ed25519_cert.h" #include "trunnel/extension.h" #include "trunnel/hs/cell_establish_intro.h" @@ -372,6 +373,26 @@ introduce1_encrypt_and_encode(trn_cell_introduce1_t *cell, tor_free(encrypted); } +/** Build and set the INTRODUCE congestion control extension in the given + * extensions. */ +static void +build_introduce_cc_extension(trn_extension_t *extensions) +{ + trn_extension_field_t *field = NULL; + + /* Build CC request extension. */ + field = trn_extension_field_new(); + trn_extension_field_set_field_type(field, + TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST); + + /* No payload indicating a request to use congestion control. */ + trn_extension_field_set_field_len(field, 0); + + /* Build final extension. */ + trn_extension_add_fields(extensions, field); + trn_extension_set_num(extensions, trn_extension_get_num(extensions) + 1); +} + /** Using the INTRODUCE1 data, setup the ENCRYPTED section in cell. This means * set it, encrypt it and encode it. */ static void @@ -387,10 +408,13 @@ introduce1_set_encrypted(trn_cell_introduce1_t *cell, enc_cell = trn_cell_introduce_encrypted_new(); tor_assert(enc_cell); - /* Set extension data. None are used. */ + /* Setup extension(s) if any. */ ext = trn_extension_new(); tor_assert(ext); - trn_extension_set_num(ext, 0); + /* Build congestion control extension is enabled. */ + if (data->cc_enabled) { + build_introduce_cc_extension(ext); + } trn_cell_introduce_encrypted_set_extensions(enc_cell, ext); /* Set the rendezvous cookie. */ diff --git a/src/feature/hs/hs_cell.h b/src/feature/hs/hs_cell.h index c25fd45567..43be038a93 100644 --- a/src/feature/hs/hs_cell.h +++ b/src/feature/hs/hs_cell.h @@ -40,6 +40,8 @@ typedef struct hs_cell_introduce1_data_t { const curve25519_keypair_t *client_kp; /** Rendezvous point link specifiers. */ smartlist_t *link_specifiers; + /** Congestion control parameters. */ + unsigned int cc_enabled : 1; } hs_cell_introduce1_data_t; /** This data structure contains data that we need to parse an INTRODUCE2 cell diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index 3347bdca07..10a6f51eb3 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -37,6 +37,7 @@ #include "trunnel/ed25519_cert.h" #include "trunnel/hs/cell_establish_intro.h" +#include "core/or/congestion_control_st.h" #include "core/or/cpath_build_state_st.h" #include "core/or/crypt_path_st.h" #include "feature/nodelist/node_st.h" @@ -549,6 +550,7 @@ setup_introduce1_data(const hs_desc_intro_point_t *ip, /* We can't rendezvous without the curve25519 onion key. */ goto end; } + /* Success, we have valid introduce data. */ ret = 0; @@ -1072,6 +1074,12 @@ hs_circ_send_introduce1(origin_circuit_t *intro_circ, goto close; } + /* If the rend circ was set up for congestion control, add that to the + * intro data, to signal it in an extension */ + if (TO_CIRCUIT(rend_circ)->ccontrol) { + intro1_data.cc_enabled = 1; + } + /* Final step before we encode a cell, we setup the circuit identifier which * will generate both the rendezvous cookie and client keypair for this * connection. Those are put in the ident. */

1 0

[tor/main] hs: Encode flow control value in the descriptor
by dgoulet＠torproject.org 22 Feb '22

22 Feb '22

commit 95639f35aede81bfde8bd4ee1616e10048176cc7 Author: David Goulet <dgoulet(a)torproject.org> Date: Thu Nov 4 10:26:04 2021 -0400 hs: Encode flow control value in the descriptor This simply adds the "flow-control" line, as detailed in prop324, to the descriptor. No decoding is done at this commit. Part of #40506 --- src/feature/dirparse/parsecommon.h | 1 + src/feature/hs/hs_descriptor.c | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/src/feature/dirparse/parsecommon.h b/src/feature/dirparse/parsecommon.h index 0f343e9c62..675c5f68d5 100644 --- a/src/feature/dirparse/parsecommon.h +++ b/src/feature/dirparse/parsecommon.h @@ -172,6 +172,7 @@ typedef enum { R3_DESC_AUTH_KEY, R3_DESC_AUTH_CLIENT, R3_ENCRYPTED, + R3_FLOW_CONTROL, R_IPO_IDENTIFIER, R_IPO_IP_ADDRESS, diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index a37eab5b5d..80273c27b1 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -61,6 +61,8 @@ #include "trunnel/ed25519_cert.h" /* Trunnel interface. */ #include "feature/hs/hs_descriptor.h" #include "core/or/circuitbuild.h" +#include "core/or/congestion_control_common.h" +#include "core/or/protover.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" #include "feature/dirparse/parsecommon.h" @@ -69,6 +71,7 @@ #include "feature/nodelist/torcert.h" /* tor_cert_encode_ed22519() */ #include "lib/memarea/memarea.h" #include "lib/crypt_ops/crypto_format.h" +#include "core/or/versions.h" #include "core/or/extend_info_st.h" @@ -92,6 +95,7 @@ #define str_ip_legacy_key "legacy-key" #define str_ip_legacy_key_cert "legacy-key-cert" #define str_intro_point_start "\n" str_intro_point " " +#define str_flow_control "flow-control" /* Constant string value for the construction to encrypt the encrypted data * section. */ #define str_enc_const_superencryption "hsdir-superencrypted-data" @@ -138,6 +142,7 @@ static token_rule_t hs_desc_encrypted_v3_token_table[] = { T1_START(str_create2_formats, R3_CREATE2_FORMATS, CONCAT_ARGS, NO_OBJ), T01(str_intro_auth_required, R3_INTRO_AUTH_REQUIRED, GE(1), NO_OBJ), T01(str_single_onion, R3_SINGLE_ONION_SERVICE, ARGS, NO_OBJ), + T01(str_flow_control, R3_FLOW_CONTROL, GE(2), NO_OBJ), END_OF_TABLE }; @@ -765,6 +770,13 @@ get_inner_encrypted_layer_plaintext(const hs_descriptor_t *desc) if (desc->encrypted_data.single_onion_service) { smartlist_add_asprintf(lines, "%s\n", str_single_onion); } + + if (congestion_control_enabled()) { + /* Add flow control line into the descriptor. */ + smartlist_add_asprintf(lines, "%s %s %u\n", str_flow_control, + protover_get_supported(PRT_FLOWCTRL), + congestion_control_sendme_inc()); + } } /* Build the introduction point(s) section. */

1 0