commit 590d97bc1065bdb93c70695c91de9c548ef802af Author: David Goulet <dgoulet@torproject.org> Date: Thu May 9 12:55:52 2019 -0400 hs: Define INTRODUCE_ACK status code in trunnel Remove the hs_intro_ack_status_t enum and move the value into trunnel. Only use these values from now on in the intro point code. Interestingly enough, the client side also re-define these values in hs_cell.h with the hs_cell_introd_ack_status_t enum. Next commit will fix that and force to use the trunnel ABI. Part of #30454 Signed-off-by: David Goulet <dgoulet@torproject.org> --- src/or/hs_intropoint.c | 16 ++++++++-------- src/or/hs_intropoint.h | 7 ------- src/trunnel/hs/cell_introduce1.c | 13 +++++++------ src/trunnel/hs/cell_introduce1.h | 3 +++ src/trunnel/hs/cell_introduce1.trunnel | 9 ++++++++- 5 files changed, 26 insertions(+), 22 deletions(-) diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index e0ab27bd3..472e4afe9 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -336,7 +336,7 @@ hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request, * Return 0 on success else a negative value on error which will close the * circuit. */ static int -send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status) +send_introduce_ack_cell(or_circuit_t *circ, uint16_t status) { int ret = -1; uint8_t *encoded_cell = NULL; @@ -433,7 +433,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, int ret = -1; or_circuit_t *service_circ; trn_cell_introduce1_t *parsed_cell; - hs_intro_ack_status_t status = HS_INTRO_ACK_STATUS_SUCCESS; + uint16_t status = TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS; tor_assert(client_circ); tor_assert(request); @@ -448,14 +448,14 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, "Rejecting %s INTRODUCE1 cell. Responding with NACK.", cell_size == -1 ? "invalid" : "truncated"); /* Inform client that the INTRODUCE1 has a bad format. */ - status = HS_INTRO_ACK_STATUS_BAD_FORMAT; + status = TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT; goto send_ack; } /* Once parsed validate the cell format. */ if (validate_introduce1_parsed_cell(parsed_cell) < 0) { /* Inform client that the INTRODUCE1 has bad format. */ - status = HS_INTRO_ACK_STATUS_BAD_FORMAT; + status = TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT; goto send_ack; } @@ -472,7 +472,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, "Responding with NACK.", safe_str(b64_key), client_circ->p_circ_id); /* Inform the client that we don't know the requested service ID. */ - status = HS_INTRO_ACK_STATUS_UNKNOWN_ID; + status = TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID; goto send_ack; } } @@ -485,12 +485,12 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, log_warn(LD_PROTOCOL, "Unable to send INTRODUCE2 cell to the service."); /* Inform the client that we can't relay the cell. Use the unknown ID * status code since it means that we do not know the service. */ - status = HS_INTRO_ACK_STATUS_UNKNOWN_ID; + status = TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID; goto send_ack; } /* Success! Send an INTRODUCE_ACK success status onto the client circuit. */ - status = HS_INTRO_ACK_STATUS_SUCCESS; + status = TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS; ret = 0; send_ack: @@ -501,7 +501,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request, /* Circuit has been closed on failure of transmission. */ goto done; } - if (status != HS_INTRO_ACK_STATUS_SUCCESS) { + if (status != TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS) { /* We just sent a NACK that is a non success status code so close the * circuit because it's not useful to keep it open. Remember, a client can * only send one INTRODUCE1 cell on a circuit. */ diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h index 014f9339a..1c2cc564a 100644 --- a/src/or/hs_intropoint.h +++ b/src/or/hs_intropoint.h @@ -19,13 +19,6 @@ typedef enum { HS_INTRO_AUTH_KEY_TYPE_ED25519 = 0x02, } hs_intro_auth_key_type_t; -/* INTRODUCE_ACK status code. */ -typedef enum { - HS_INTRO_ACK_STATUS_SUCCESS = 0x0000, - HS_INTRO_ACK_STATUS_UNKNOWN_ID = 0x0001, - HS_INTRO_ACK_STATUS_BAD_FORMAT = 0x0002, -} hs_intro_ack_status_t; - /* Object containing introduction point common data between the service and * the client side. */ typedef struct hs_intropoint_t { diff --git a/src/trunnel/hs/cell_introduce1.c b/src/trunnel/hs/cell_introduce1.c index 358b355cd..b93add64c 100644 --- a/src/trunnel/hs/cell_introduce1.c +++ b/src/trunnel/hs/cell_introduce1.c @@ -519,6 +519,7 @@ trn_cell_introduce_ack_new(void) trn_cell_introduce_ack_t *val = trunnel_calloc(1, sizeof(trn_cell_introduce_ack_t)); if (NULL == val) return NULL; + val->status = TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT; return val; } @@ -550,7 +551,7 @@ trn_cell_introduce_ack_get_status(const trn_cell_introduce_ack_t *inp) int trn_cell_introduce_ack_set_status(trn_cell_introduce_ack_t *inp, uint16_t val) { - if (! ((val == 0 || val == 1 || val == 2))) { + if (! ((val == TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT || val == TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS || val == TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID))) { TRUNNEL_SET_ERROR_CODE(inp); return -1; } @@ -587,7 +588,7 @@ trn_cell_introduce_ack_check(const trn_cell_introduce_ack_t *obj) return "Object was NULL"; if (obj->trunnel_error_code_) return "A set function failed on this object"; - if (! (obj->status == 0 || obj->status == 1 || obj->status == 2)) + if (! (obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT || obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS || obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID)) return "Integer out of bounds"; { const char *msg; @@ -606,7 +607,7 @@ trn_cell_introduce_ack_encoded_len(const trn_cell_introduce_ack_t *obj) return -1; - /* Length of u16 status IN [0, 1, 2] */ + /* Length of u16 status IN [TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT, TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS, TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID] */ result += 2; /* Length of struct trn_cell_extension extensions */ @@ -638,7 +639,7 @@ trn_cell_introduce_ack_encode(uint8_t *output, const size_t avail, const trn_cel trunnel_assert(encoded_len >= 0); #endif - /* Encode u16 status IN [0, 1, 2] */ + /* Encode u16 status IN [TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT, TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS, TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID] */ trunnel_assert(written <= avail); if (avail - written < 2) goto truncated; @@ -687,11 +688,11 @@ trn_cell_introduce_ack_parse_into(trn_cell_introduce_ack_t *obj, const uint8_t * ssize_t result = 0; (void)result; - /* Parse u16 status IN [0, 1, 2] */ + /* Parse u16 status IN [TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT, TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS, TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID] */ CHECK_REMAINING(2, truncated); obj->status = trunnel_ntohs(trunnel_get_uint16(ptr)); remaining -= 2; ptr += 2; - if (! (obj->status == 0 || obj->status == 1 || obj->status == 2)) + if (! (obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT || obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS || obj->status == TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID)) goto fail; /* Parse struct trn_cell_extension extensions */ diff --git a/src/trunnel/hs/cell_introduce1.h b/src/trunnel/hs/cell_introduce1.h index fa218adc6..1bec014b6 100644 --- a/src/trunnel/hs/cell_introduce1.h +++ b/src/trunnel/hs/cell_introduce1.h @@ -12,6 +12,9 @@ struct trn_cell_extension_st; struct link_specifier_st; #define TRUNNEL_SHA1_LEN 20 #define TRUNNEL_REND_COOKIE_LEN 20 +#define TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS 0 +#define TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID 1 +#define TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT 2 #if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_CELL_INTRODUCE1) struct trn_cell_introduce1_st { uint8_t legacy_key_id[TRUNNEL_SHA1_LEN]; diff --git a/src/trunnel/hs/cell_introduce1.trunnel b/src/trunnel/hs/cell_introduce1.trunnel index 574382b16..6d924058f 100644 --- a/src/trunnel/hs/cell_introduce1.trunnel +++ b/src/trunnel/hs/cell_introduce1.trunnel @@ -12,6 +12,11 @@ extern struct link_specifier; const TRUNNEL_SHA1_LEN = 20; const TRUNNEL_REND_COOKIE_LEN = 20; +/* Introduce ACK status code. */ +const TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS = 0x0000; +const TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID = 0x0001; +const TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT = 0x0002; + /* INTRODUCE1 payload. See details in section 3.2.1. */ struct trn_cell_introduce1 { /* Always zeroed. MUST be checked explicitly by the caller. */ @@ -32,7 +37,9 @@ struct trn_cell_introduce1 { /* INTRODUCE_ACK payload. See details in section 3.2.2. */ struct trn_cell_introduce_ack { /* Status of introduction. */ - u16 status IN [0x0000, 0x0001, 0x0002]; + u16 status IN [TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS, + TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID, + TRUNNEL_HS_INTRO_ACK_STATUS_BAD_FORMAT]; /* Extension(s). Reserved fields. */ struct trn_cell_extension extensions;