This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit 138fd5707258fb2d6768e93587ac2ae547acdf18 Author: Micah Elizabeth Scott beth@torproject.org AuthorDate: Wed Apr 26 15:29:04 2023 -0700
hs_pow: add per-circuit effort information to control port
This lets controller apps see the outgoing PoW effort on client circuits, and the validated effort received on an incoming service circuit.
Signed-off-by: Micah Elizabeth Scott beth@torproject.org --- src/core/or/origin_circuit_st.h | 4 ++++ src/feature/control/control_fmt.c | 7 +++++++ src/feature/hs/hs_circuit.c | 7 +++++++ src/feature/hs/hs_pow.c | 3 +++ 4 files changed, 21 insertions(+)
diff --git a/src/core/or/origin_circuit_st.h b/src/core/or/origin_circuit_st.h index 3b3fcc9b42..22fc3316b9 100644 --- a/src/core/or/origin_circuit_st.h +++ b/src/core/or/origin_circuit_st.h @@ -212,6 +212,10 @@ struct origin_circuit_t { * (in host byte order) for response comparison. */ uint32_t pathbias_probe_nonce;
+ /** This is nonzero iff hs_with_pow_circ is set and there was a valid proof + * of work solution associated with this circuit. */ + uint32_t hs_pow_effort; + /** Set iff this is a hidden-service circuit for a HS with PoW defenses * enabled, so that we know to be more lenient with timing out the * circuit-build to allow the service time to work through the queue of diff --git a/src/feature/control/control_fmt.c b/src/feature/control/control_fmt.c index cc8686818a..b6efd18163 100644 --- a/src/feature/control/control_fmt.c +++ b/src/feature/control/control_fmt.c @@ -153,6 +153,13 @@ circuit_describe_status_for_controller(origin_circuit_t *circ) tor_free(socks_password_escaped); }
+ /* Attach the proof-of-work solution effort, if it's nonzero. Clients set + * this to the effort they've chosen, services set this to a value that + * was provided by the client and then verified by the service. */ + if (circ->hs_pow_effort > 0) { + smartlist_add_asprintf(descparts, "HS_POW=v1,%u", circ->hs_pow_effort); + } + rv = smartlist_join_strings(descparts, " ", 0, NULL);
SMARTLIST_FOREACH(descparts, char *, cp, tor_free(cp)); diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index ccd6711041..9311a26169 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -429,6 +429,13 @@ launch_rendezvous_point_circuit,(const hs_service_t *service, tor_assert(circ->hs_ident); }
+ /* Remember PoW state if this introduction included a valid proof of work + * client puzzle extension. */ + if (rdv_data->pow_effort > 0) { + circ->hs_pow_effort = rdv_data->pow_effort; + circ->hs_with_pow_circ = 1; + } + /* Setup congestion control if asked by the client from the INTRO cell. */ if (rdv_data->cc_enabled) { hs_circ_setup_congestion_control(circ, congestion_control_sendme_inc(), diff --git a/src/feature/hs/hs_pow.c b/src/feature/hs/hs_pow.c index 4f662b58d9..1a23c69836 100644 --- a/src/feature/hs/hs_pow.c +++ b/src/feature/hs/hs_pow.c @@ -446,6 +446,9 @@ pow_worker_replyfn(void *work_) * timing out while waiting for the service-side circuit to be built. */ rend_circ->hs_with_pow_circ = 1;
+ /* Remember the PoW effort we chose, for client-side rend circuits. */ + rend_circ->hs_pow_effort = job->pow_inputs.effort; + // and then send that intro cell if (send_introduce1(intro_circ, rend_circ, desc, job->pow_solution_out, ip) < 0) {