commit a16627db1f099e8eaa2ac899cead604fe611f117 Author: David Goulet dgoulet@torproject.org Date: Tue Aug 22 14:51:27 2017 -0400
prop224: Add a function to find an intro point by legacy ID
The client needs to find the right intro point object from the circuit identity digest it is opened to. This new function does that.
Signed-off-by: David Goulet dgoulet@torproject.org --- src/or/hs_client.c | 64 ++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 45 insertions(+), 19 deletions(-)
diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 90124fb8e..cfbda2327 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -214,6 +214,42 @@ find_desc_intro_point_by_ident(const hs_ident_circuit_t *ident, return intro_point; }
+/* Find a descriptor intro point object from the descriptor object desc that + * matches the given legacy identity digest in legacy_id. Return NULL if not + * found. */ +static hs_desc_intro_point_t * +find_desc_intro_point_by_legacy_id(const char *legacy_id, + const hs_descriptor_t *desc) +{ + hs_desc_intro_point_t *ret_ip = NULL; + + tor_assert(legacy_id); + tor_assert(desc); + + /* We will go over every intro point and try to find which one is linked to + * that circuit. Those lists are small so it's not that expensive. */ + SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, + hs_desc_intro_point_t *, ip) { + SMARTLIST_FOREACH_BEGIN(ip->link_specifiers, + const hs_desc_link_specifier_t *, lspec) { + /* Not all tor node have an ed25519 identity key so we still rely on the + * legacy identity digest. */ + if (lspec->type != LS_LEGACY_ID) { + continue; + } + if (fast_memneq(legacy_id, lspec->u.legacy_id, DIGEST_LEN)) { + break; + } + /* Found it. */ + ret_ip = ip; + goto end; + } SMARTLIST_FOREACH_END(lspec); + } SMARTLIST_FOREACH_END(ip); + + end: + return ret_ip; +} + /* Send an INTRODUCE1 cell along the intro circuit and populate the rend * circuit identifier with the needed key material for the e2e encryption. * Return 0 on success, -1 if there is a transient error such that an action @@ -319,6 +355,7 @@ static void setup_intro_circ_auth_key(origin_circuit_t *circ) { const hs_descriptor_t *desc; + const hs_desc_intro_point_t *ip;
tor_assert(circ);
@@ -330,25 +367,14 @@ setup_intro_circ_auth_key(origin_circuit_t *circ)
/* We will go over every intro point and try to find which one is linked to * that circuit. Those lists are small so it's not that expensive. */ - SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points, - const hs_desc_intro_point_t *, ip) { - SMARTLIST_FOREACH_BEGIN(ip->link_specifiers, - const hs_desc_link_specifier_t *, lspec) { - /* Not all tor node have an ed25519 identity key so we still rely on the - * legacy identity digest. */ - if (lspec->type != LS_LEGACY_ID) { - continue; - } - if (fast_memneq(circ->build_state->chosen_exit->identity_digest, - lspec->u.legacy_id, DIGEST_LEN)) { - break; - } - /* We got it, copy its authentication key to the identifier. */ - ed25519_pubkey_copy(&circ->hs_ident->intro_auth_pk, - &ip->auth_key_cert->signed_key); - goto end; - } SMARTLIST_FOREACH_END(lspec); - } SMARTLIST_FOREACH_END(ip); + ip = find_desc_intro_point_by_legacy_id( + circ->build_state->chosen_exit->identity_digest, desc); + if (ip) { + /* We got it, copy its authentication key to the identifier. */ + ed25519_pubkey_copy(&circ->hs_ident->intro_auth_pk, + &ip->auth_key_cert->signed_key); + goto end; + }
/* Reaching this point means we didn't find any intro point for this circuit * which is not suppose to happen. */