[tor-commits] [tor/master] hs-v2: Removal of service and relay support
dgoulet at torproject.org
dgoulet at torproject.org
Fri Feb 19 21:22:23 UTC 2021
commit 2c865542b6d2e78d2c2942ecdc6acfe1d8fb24bf
Author: David Goulet <dgoulet at torproject.org>
Date: Fri Feb 5 12:51:41 2021 -0500
hs-v2: Removal of service and relay support
This is unfortunately massive but both functionalities were extremely
intertwined and it would have required us to actually change the HSv2 code in
order to be able to split this into multiple commits.
After this commit, there are still artefacts of v2 in the code but there is no
more support for service, intro point and HSDir.
The v2 support for rendezvous circuit is still available since that code is
the same for the v3 and we will leave it in so if a client is able to
rendezvous on v2 then it can still transfer traffic. Once the entire network
has moved away from v2, we can remove v2 rendezvous point support.
Related to #40266
Signed-off-by: David Goulet <dgoulet at torproject.org>
---
src/app/config/config.c | 14 +-
src/app/config/or_options_st.h | 2 +-
src/app/main/main.c | 5 +-
src/app/main/shutdown.c | 2 -
src/core/mainloop/connection.c | 30 -
src/core/mainloop/mainloop.c | 9 +-
src/core/or/channel.c | 4 +-
src/core/or/channelpadding.c | 4 +-
src/core/or/circuitbuild.c | 10 +-
src/core/or/circuitlist.c | 70 +-
src/core/or/circuitlist.h | 10 +-
src/core/or/circuitstats.c | 6 +-
src/core/or/circuituse.c | 47 +-
src/core/or/connection_edge.c | 13 +-
src/core/or/connection_or.c | 4 +-
src/core/or/cpath_build_state_st.h | 5 -
src/core/or/edge_connection_st.h | 3 -
src/core/or/or.h | 54 -
src/core/or/origin_circuit_st.h | 3 -
src/core/or/relay.c | 9 +-
src/feature/control/control.c | 8 +-
src/feature/control/control_cmd.c | 306 +-
src/feature/control/control_cmd.h | 6 +-
src/feature/control/control_events.c | 112 -
src/feature/control/control_events.h | 7 -
src/feature/control/control_fmt.c | 10 +-
src/feature/control/control_getinfo.c | 1 -
src/feature/dircache/dircache.c | 58 -
src/feature/dirclient/dirclient.c | 203 +-
src/feature/dirclient/dirclient.h | 4 -
src/feature/dircommon/dir_connection_st.h | 3 -
src/feature/dircommon/directory.c | 3 -
src/feature/dircommon/directory.h | 15 +-
src/feature/hs/hs_cache.c | 81 +-
src/feature/hs/hs_cache.h | 20 +-
src/feature/hs/hs_cell.c | 78 +-
src/feature/hs/hs_circuit.c | 157 +-
src/feature/hs/hs_client.c | 7 -
src/feature/hs/hs_common.c | 261 +-
src/feature/hs/hs_common.h | 23 +-
src/feature/hs/hs_config.c | 55 +-
src/feature/hs/hs_descriptor.c | 1 -
src/feature/hs/hs_service.c | 97 +-
src/feature/hs/hs_service.h | 5 +
src/feature/nodelist/nodelist.c | 2 -
src/feature/relay/selftest.c | 4 +-
src/feature/rend/feature_rend.md | 7 -
src/feature/rend/include.am | 14 +-
src/feature/rend/rend_authorized_client_st.h | 22 -
.../rend/rend_encoded_v2_service_descriptor_st.h | 21 -
src/feature/rend/rend_intro_point_st.h | 81 -
src/feature/rend/rend_service_descriptor_st.h | 38 -
src/feature/rend/rendcache.c | 1029 -----
src/feature/rend/rendcache.h | 132 -
src/feature/rend/rendcommon.c | 944 +----
src/feature/rend/rendcommon.h | 53 -
src/feature/rend/rendparse.c | 612 ---
src/feature/rend/rendparse.h | 32 -
src/feature/rend/rendservice.c | 4403 --------------------
src/feature/rend/rendservice.h | 215 -
src/test/fuzz/fuzz_hsdescv2.c | 52 -
src/test/fuzz/include.am | 58 -
src/test/include.am | 5 -
src/test/rend_test_helpers.c | 99 -
src/test/rend_test_helpers.h | 16 -
src/test/test.c | 131 -
src/test/test.h | 3 -
src/test/test_config.c | 1 -
src/test/test_connection.c | 87 -
src/test/test_controller.c | 161 -
src/test/test_dir.c | 29 -
src/test/test_dir_handle_get.c | 198 -
src/test/test_entryconn.c | 3 -
src/test/test_hs.c | 1003 -----
src/test/test_hs_cache.c | 3 -
src/test/test_hs_client.c | 139 +-
src/test/test_hs_config.c | 175 +-
src/test/test_hs_control.c | 11 +-
src/test/test_hs_intropoint.c | 138 +-
src/test/test_hs_service.c | 21 +-
src/test/test_introduce.c | 539 ---
src/test/test_rendcache.c | 1248 ------
82 files changed, 274 insertions(+), 13280 deletions(-)
diff --git a/src/app/config/config.c b/src/app/config/config.c
index dec4890e70..abb408767c 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -103,8 +103,6 @@
#include "feature/relay/routermode.h"
#include "feature/relay/relay_config.h"
#include "feature/relay/transport_config.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
#include "lib/geoip/geoip.h"
#include "feature/stats/geoip_stats.h"
#include "lib/compress/compress.h"
@@ -2089,7 +2087,7 @@ options_act,(const or_options_t *old_options))
return -1;
}
- if (rend_non_anonymous_mode_enabled(options)) {
+ if (hs_service_non_anonymous_mode_enabled(options)) {
log_warn(LD_GENERAL, "This copy of Tor was compiled or configured to run "
"in a non-anonymous mode. It will provide NO ANONYMITY.");
}
@@ -3199,7 +3197,7 @@ options_validate_single_onion(or_options_t *options, char **msg)
}
/* Now that we've checked that the two options are consistent, we can safely
- * call the rend_service_* functions that abstract these options. */
+ * call the hs_service_* functions that abstract these options. */
/* If you run an anonymous client with an active Single Onion service, the
* client loses anonymity. */
@@ -3208,13 +3206,13 @@ options_validate_single_onion(or_options_t *options, char **msg)
options->NATDPort_set ||
options->DNSPort_set ||
options->HTTPTunnelPort_set);
- if (rend_service_non_anonymous_mode_enabled(options) && client_port_set) {
+ if (hs_service_non_anonymous_mode_enabled(options) && client_port_set) {
REJECT("HiddenServiceNonAnonymousMode is incompatible with using Tor as "
"an anonymous client. Please set Socks/Trans/NATD/DNSPort to 0, or "
"revert HiddenServiceNonAnonymousMode to 0.");
}
- if (rend_service_allow_non_anonymous_connection(options)
+ if (hs_service_allow_non_anonymous_connection(options)
&& options->UseEntryGuards) {
/* Single Onion services only use entry guards when uploading descriptors;
* all other connections are one-hop. Further, Single Onions causes the
@@ -3564,7 +3562,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
if (!(options->UseEntryGuards) &&
(options->RendConfigLines != NULL) &&
- !rend_service_allow_non_anonymous_connection(options)) {
+ !hs_service_allow_non_anonymous_connection(options)) {
log_warn(LD_CONFIG,
"UseEntryGuards is disabled, but you have configured one or more "
"hidden services on this Tor instance. Your hidden services "
@@ -3607,7 +3605,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
}
/* Single Onion Services: non-anonymous hidden services */
- if (rend_service_non_anonymous_mode_enabled(options)) {
+ if (hs_service_non_anonymous_mode_enabled(options)) {
log_warn(LD_CONFIG,
"HiddenServiceNonAnonymousMode is set. Every hidden service on "
"this tor instance is NON-ANONYMOUS. If "
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index f9c6dae2b6..90302eae7b 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -336,7 +336,7 @@ struct or_options_t {
/* Makes hidden service clients and servers non-anonymous on this tor
* instance. Allows the non-anonymous HiddenServiceSingleHopMode. Enables
* non-anonymous behaviour in the hidden service protocol.
- * Use rend_service_non_anonymous_mode_enabled() instead of using this option
+ * Use hs_service_non_anonymous_mode_enabled() instead of using this option
* directly.
*/
int HiddenServiceNonAnonymousMode;
diff --git a/src/app/main/main.c b/src/app/main/main.c
index e7ffb31b4f..902ff66f6d 100644
--- a/src/app/main/main.c
+++ b/src/app/main/main.c
@@ -44,6 +44,7 @@
#include "feature/dirparse/routerparse.h"
#include "feature/hibernate/hibernate.h"
#include "feature/hs/hs_dos.h"
+#include "feature/hs/hs_service.h"
#include "feature/nodelist/authcert.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/routerlist.h"
@@ -51,8 +52,6 @@
#include "feature/relay/ext_orport.h"
#include "feature/relay/routerkeys.h"
#include "feature/relay/routermode.h"
-#include "feature/rend/rendcache.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/predict_ports.h"
#include "feature/stats/bwhist.h"
#include "feature/stats/rephist.h"
@@ -427,7 +426,6 @@ dumpstats(int severity)
dumpmemusage(severity);
rep_hist_dump_stats(now,severity);
- rend_service_dump_stats(severity);
hs_service_dump_stats(severity);
}
@@ -553,7 +551,6 @@ tor_init(int argc, char *argv[])
rep_hist_init();
bwhist_init();
/* Initialize the service cache. */
- rend_cache_init();
addressmap_init(); /* Init the client dns cache. Do it always, since it's
* cheap. */
diff --git a/src/app/main/shutdown.c b/src/app/main/shutdown.c
index fe80a92991..921f84143f 100644
--- a/src/app/main/shutdown.c
+++ b/src/app/main/shutdown.c
@@ -45,7 +45,6 @@
#include "feature/nodelist/routerlist.h"
#include "feature/relay/ext_orport.h"
#include "feature/relay/relay_config.h"
-#include "feature/rend/rendcache.h"
#include "feature/stats/bwhist.h"
#include "feature/stats/geoip_stats.h"
#include "feature/stats/rephist.h"
@@ -118,7 +117,6 @@ tor_free_all(int postfork)
networkstatus_free_all();
addressmap_free_all();
dirserv_free_all();
- rend_cache_free_all();
rep_hist_free_all();
bwhist_free_all();
circuit_free_all();
diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index 376994f1c1..9bf9f32eaa 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -897,7 +897,6 @@ connection_free_minimal(connection_t *conn)
}
}
if (CONN_IS_EDGE(conn)) {
- rend_data_free(TO_EDGE_CONN(conn)->rend_data);
hs_ident_edge_conn_free(TO_EDGE_CONN(conn)->hs_ident);
}
if (conn->type == CONN_TYPE_CONTROL) {
@@ -926,7 +925,6 @@ connection_free_minimal(connection_t *conn)
tor_compress_free(dir_conn->compress_state);
dir_conn_clear_spool(dir_conn);
- rend_data_free(dir_conn->rend_data);
hs_ident_dir_conn_free(dir_conn->hs_ident);
if (dir_conn->guard_state) {
/* Cancel before freeing, if it's still there. */
@@ -4804,34 +4802,6 @@ connection_get_by_type_nonlinked,(int type))
CONN_GET_TEMPLATE(conn, conn->type == type && !conn->linked);
}
-/** Return a connection of type <b>type</b> that has rendquery equal
- * to <b>rendquery</b>, and that is not marked for close. If state
- * is non-zero, conn must be of that state too.
- */
-connection_t *
-connection_get_by_type_state_rendquery(int type, int state,
- const char *rendquery)
-{
- tor_assert(type == CONN_TYPE_DIR ||
- type == CONN_TYPE_AP || type == CONN_TYPE_EXIT);
- tor_assert(rendquery);
-
- CONN_GET_TEMPLATE(conn,
- (conn->type == type &&
- (!state || state == conn->state)) &&
- (
- (type == CONN_TYPE_DIR &&
- TO_DIR_CONN(conn)->rend_data &&
- !rend_cmp_service_ids(rendquery,
- rend_data_get_address(TO_DIR_CONN(conn)->rend_data)))
- ||
- (CONN_IS_EDGE(conn) &&
- TO_EDGE_CONN(conn)->rend_data &&
- !rend_cmp_service_ids(rendquery,
- rend_data_get_address(TO_EDGE_CONN(conn)->rend_data)))
- ));
-}
-
/** Return a new smartlist of dir_connection_t * from get_connection_array()
* that satisfy conn_test on connection_t *conn_var, and dirconn_test on
* dir_connection_t *dirconn_var. conn_var must be of CONN_TYPE_DIR and not
diff --git a/src/core/mainloop/mainloop.c b/src/core/mainloop/mainloop.c
index f30545eef0..ba87e62af7 100644
--- a/src/core/mainloop/mainloop.c
+++ b/src/core/mainloop/mainloop.c
@@ -91,8 +91,6 @@
#include "feature/relay/routerkeys.h"
#include "feature/relay/routermode.h"
#include "feature/relay/selftest.h"
-#include "feature/rend/rendcache.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/geoip_stats.h"
#include "feature/stats/predict_ports.h"
#include "feature/stats/connstats.h"
@@ -1468,8 +1466,7 @@ get_my_roles(const or_options_t *options)
int is_relay = server_mode(options);
int is_dirauth = authdir_mode_v3(options);
int is_bridgeauth = authdir_mode_bridge(options);
- int is_hidden_service = !!hs_service_get_num_services() ||
- !!rend_num_services();
+ int is_hidden_service = !!hs_service_get_num_services();
int is_dirserver = dir_server_mode(options);
int sending_control_events = control_any_per_second_event_enabled();
@@ -1826,7 +1823,7 @@ check_network_participation_callback(time_t now, const or_options_t *options)
/* If we're running an onion service, we can't become dormant. */
/* XXXX this would be nice to change, so that we can be dormant with a
* service. */
- if (hs_service_get_num_services() || rend_num_services()) {
+ if (hs_service_get_num_services()) {
goto found_activity;
}
@@ -2013,7 +2010,6 @@ clean_caches_callback(time_t now, const or_options_t *options)
{
/* Remove old information from rephist and the rend cache. */
rep_history_clean(now - options->RephistTrackTime);
- rend_cache_clean(now, REND_CACHE_TYPE_SERVICE);
hs_cache_clean_as_client(now);
hs_cache_clean_as_dir(now);
microdesc_cache_rebuild(NULL, 0);
@@ -2032,7 +2028,6 @@ rend_cache_failure_clean_callback(time_t now, const or_options_t *options)
/* We don't keep entries that are more than five minutes old so we try to
* clean it as soon as we can since we want to make sure the client waits
* as little as possible for reachability reasons. */
- rend_cache_failure_clean(now);
hs_cache_client_intro_state_clean(now);
return 30;
}
diff --git a/src/core/or/channel.c b/src/core/or/channel.c
index 26c93d169f..c0c5f5e1d1 100644
--- a/src/core/or/channel.c
+++ b/src/core/or/channel.c
@@ -71,12 +71,12 @@
#include "core/or/relay.h"
#include "core/or/scheduler.h"
#include "feature/client/entrynodes.h"
+#include "feature/hs/hs_service.h"
#include "feature/nodelist/dirlist.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerlist.h"
#include "feature/relay/router.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/geoip_stats.h"
#include "feature/stats/rephist.h"
#include "lib/evloop/timers.h"
@@ -1897,7 +1897,7 @@ channel_do_open_actions(channel_t *chan)
if (!get_options()->ConnectionPadding) {
/* Disable if torrc disabled */
channelpadding_disable_padding_on_channel(chan);
- } else if (rend_service_allow_non_anonymous_connection(get_options()) &&
+ } else if (hs_service_allow_non_anonymous_connection(get_options()) &&
!networkstatus_get_param(NULL,
CHANNELPADDING_SOS_PARAM,
CHANNELPADDING_SOS_DEFAULT, 0, 1)) {
diff --git a/src/core/or/channelpadding.c b/src/core/or/channelpadding.c
index d0c43e8bdc..441545b98b 100644
--- a/src/core/or/channelpadding.c
+++ b/src/core/or/channelpadding.c
@@ -27,8 +27,8 @@
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "lib/time/compat_time.h"
-#include "feature/rend/rendservice.h"
#include "lib/evloop/timers.h"
+#include "feature/hs/hs_service.h"
#include "core/or/cell_st.h"
#include "core/or/or_connection_st.h"
@@ -744,7 +744,7 @@ channelpadding_decide_to_pad_channel(channel_t *chan)
return CHANNELPADDING_WONTPAD;
}
- if (rend_service_allow_non_anonymous_connection(options) &&
+ if (hs_service_allow_non_anonymous_connection(options) &&
!consensus_nf_pad_single_onion) {
/* If the consensus just changed values, this channel may still
* think padding is enabled. Negotiate it off. */
diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
index c0c918abe4..03af7e3e82 100644
--- a/src/core/or/circuitbuild.c
+++ b/src/core/or/circuitbuild.c
@@ -69,7 +69,6 @@
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "feature/relay/selftest.h"
-#include "feature/rend/rendcommon.h"
#include "feature/stats/predict_ports.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/trace/events.h"
@@ -1331,16 +1330,13 @@ circuit_truncated(origin_circuit_t *circ, int reason)
* CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
*
* - A hidden service connecting to a rendezvous point, which the
- * client picked (CIRCUIT_PURPOSE_S_CONNECT_REND, via
- * rend_service_receive_introduction() and
- * rend_service_relaunch_rendezvous)
+ * client picked (CIRCUIT_PURPOSE_S_CONNECT_REND.
*
* There are currently two situations where we picked the exit node
* ourselves, making DEFAULT_ROUTE_LEN a safe circuit length:
*
* - We are a hidden service connecting to an introduction point
- * (CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, via
- * rend_service_launch_establish_intro())
+ * (CIRCUIT_PURPOSE_S_ESTABLISH_INTRO).
*
* - We are a router testing its own reachabiity
* (CIRCUIT_PURPOSE_TESTING, via router_do_reachability_checks())
@@ -2030,7 +2026,7 @@ onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit_ei,
if (state->onehop_tunnel) {
log_debug(LD_CIRC, "Launching a one-hop circuit for dir tunnel%s.",
- (rend_allow_non_anonymous_connection(get_options()) ?
+ (hs_service_allow_non_anonymous_connection(get_options()) ?
", or intro or rendezvous connection" : ""));
state->desired_path_len = 1;
} else {
diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c
index f6d9fcf534..19e1902560 100644
--- a/src/core/or/circuitlist.c
+++ b/src/core/or/circuitlist.c
@@ -43,7 +43,6 @@
* For hidden services, we need to be able to look up introduction point
* circuits and rendezvous circuits by cookie, key, etc. These are
* currently handled with linear searches in
- * circuit_get_ready_rend_circuit_by_rend_data(),
* circuit_get_next_by_pk_and_purpose(), and with hash lookups in
* circuit_get_rendezvous() and circuit_get_intro_point().
*
@@ -77,6 +76,7 @@
#include "feature/dircommon/directory.h"
#include "feature/client/entrynodes.h"
#include "core/mainloop/mainloop.h"
+#include "feature/hs/hs_cache.h"
#include "feature/hs/hs_circuit.h"
#include "feature/hs/hs_circuitmap.h"
#include "feature/hs/hs_ident.h"
@@ -88,7 +88,6 @@
#include "core/or/policies.h"
#include "core/or/relay.h"
#include "core/crypto/relay_crypto.h"
-#include "feature/rend/rendcache.h"
#include "feature/rend/rendcommon.h"
#include "feature/stats/predict_ports.h"
#include "feature/stats/bwhist.h"
@@ -135,7 +134,6 @@ static smartlist_t *circuits_pending_other_guards = NULL;
* circuit_mark_for_close and which are waiting for circuit_about_to_free. */
static smartlist_t *circuits_pending_close = NULL;
-static void cpath_ref_decref(crypt_path_reference_t *cpath_ref);
static void circuit_about_to_free_atexit(circuit_t *circ);
static void circuit_about_to_free(circuit_t *circ);
@@ -1163,8 +1161,6 @@ circuit_free_(circuit_t *circ)
if (ocirc->build_state) {
extend_info_free(ocirc->build_state->chosen_exit);
- cpath_free(ocirc->build_state->pending_final_cpath);
- cpath_ref_decref(ocirc->build_state->service_pending_final_cpath_ref);
}
tor_free(ocirc->build_state);
@@ -1177,7 +1173,6 @@ circuit_free_(circuit_t *circ)
circuit_clear_cpath(ocirc);
crypto_pk_free(ocirc->intro_key);
- rend_data_free(ocirc->rend_data);
/* Finally, free the identifier of the circuit and nullify it so multiple
* cleanup will work. */
@@ -1354,18 +1349,6 @@ circuit_free_all(void)
HT_CLEAR(chan_circid_map, &chan_circid_map);
}
-/** Release a crypt_path_reference_t*, which may be NULL. */
-static void
-cpath_ref_decref(crypt_path_reference_t *cpath_ref)
-{
- if (cpath_ref != NULL) {
- if (--(cpath_ref->refcount) == 0) {
- cpath_free(cpath_ref->cpath);
- tor_free(cpath_ref);
- }
- }
-}
-
/** A helper function for circuit_dump_by_conn() below. Log a bunch
* of information about circuit <b>circ</b>.
*/
@@ -1684,37 +1667,6 @@ circuit_unlink_all_from_channel(channel_t *chan, int reason)
smartlist_free(detached);
}
-/** Return a circ such that
- * - circ-\>rend_data-\>onion_address is equal to
- * <b>rend_data</b>-\>onion_address,
- * - circ-\>rend_data-\>rend_cookie is equal to
- * <b>rend_data</b>-\>rend_cookie, and
- * - circ-\>purpose is equal to CIRCUIT_PURPOSE_C_REND_READY.
- *
- * Return NULL if no such circuit exists.
- */
-origin_circuit_t *
-circuit_get_ready_rend_circ_by_rend_data(const rend_data_t *rend_data)
-{
- SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
- if (!circ->marked_for_close &&
- circ->purpose == CIRCUIT_PURPOSE_C_REND_READY) {
- origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
- if (ocirc->rend_data == NULL) {
- continue;
- }
- if (!rend_cmp_service_ids(rend_data_get_address(rend_data),
- rend_data_get_address(ocirc->rend_data)) &&
- tor_memeq(ocirc->rend_data->rend_cookie,
- rend_data->rend_cookie,
- REND_COOKIE_LEN))
- return ocirc;
- }
- }
- SMARTLIST_FOREACH_END(circ);
- return NULL;
-}
-
/** Return the first introduction circuit originating from the global circuit
* list after <b>start</b> or at the start of the list if <b>start</b> is
* NULL. Return NULL if no circuit is found.
@@ -1811,14 +1763,10 @@ circuit_get_next_service_rp_circ(origin_circuit_t *start)
}
/** Return the first circuit originating here in global_circuitlist after
- * <b>start</b> whose purpose is <b>purpose</b>, and where <b>digest</b> (if
- * set) matches the private key digest of the rend data associated with the
- * circuit. Return NULL if no circuit is found. If <b>start</b> is NULL,
- * begin at the start of the list.
- */
+ * <b>start</b> whose purpose is <b>purpose</b>. Return NULL if no circuit is
+ * found. If <b>start</b> is NULL, begin at the start of the list. */
origin_circuit_t *
-circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
- const uint8_t *digest, uint8_t purpose)
+circuit_get_next_by_purpose(origin_circuit_t *start, uint8_t purpose)
{
int idx;
smartlist_t *lst = circuit_get_global_list();
@@ -1830,7 +1778,6 @@ circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
for ( ; idx < smartlist_len(lst); ++idx) {
circuit_t *circ = smartlist_get(lst, idx);
- origin_circuit_t *ocirc;
if (circ->marked_for_close)
continue;
@@ -1841,12 +1788,7 @@ circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
if (BUG(!CIRCUIT_PURPOSE_IS_ORIGIN(circ->purpose))) {
break;
}
- ocirc = TO_ORIGIN_CIRCUIT(circ);
- if (!digest)
- return ocirc;
- if (rend_circuit_pk_digest_eq(ocirc, digest)) {
- return ocirc;
- }
+ return TO_ORIGIN_CIRCUIT(circ);
}
return NULL;
}
@@ -2670,7 +2612,7 @@ circuits_handle_oom(size_t current_allocation)
tor_zlib_get_total_allocation(),
tor_zstd_get_total_allocation(),
tor_lzma_get_total_allocation(),
- rend_cache_get_total_allocation());
+ hs_cache_get_total_allocation());
{
size_t mem_target = (size_t)(get_options()->MaxMemInQueues *
diff --git a/src/core/or/circuitlist.h b/src/core/or/circuitlist.h
index 3178e6cd0d..b600f9646a 100644
--- a/src/core/or/circuitlist.h
+++ b/src/core/or/circuitlist.h
@@ -60,9 +60,7 @@
* to becoming open, or they are open and have sent the
* establish_rendezvous cell but haven't received an ack.
* circuits that are c_rend_ready are open and have received a
- * rend ack, but haven't heard from the service yet. if they have a
- * buildstate->pending_final_cpath then they're expecting a
- * cell from the service, else they're not.
+ * rend ack, but haven't heard from the service yet.
* circuits that are c_rend_ready_intro_acked are open, and
* some intro circ has sent its intro and received an ack.
* circuits that are c_rend_joined are open, have heard from
@@ -206,10 +204,8 @@ int circuit_id_in_use_on_channel(circid_t circ_id, channel_t *chan);
circuit_t *circuit_get_by_edge_conn(edge_connection_t *conn);
void circuit_unlink_all_from_channel(channel_t *chan, int reason);
origin_circuit_t *circuit_get_by_global_id(uint32_t id);
-origin_circuit_t *circuit_get_ready_rend_circ_by_rend_data(
- const rend_data_t *rend_data);
-origin_circuit_t *circuit_get_next_by_pk_and_purpose(origin_circuit_t *start,
- const uint8_t *digest, uint8_t purpose);
+origin_circuit_t *circuit_get_next_by_purpose(origin_circuit_t *start,
+ uint8_t purpose);
origin_circuit_t *circuit_get_next_intro_circ(const origin_circuit_t *start,
bool want_client_circ);
origin_circuit_t *circuit_get_next_service_rp_circ(origin_circuit_t *start);
diff --git a/src/core/or/circuitstats.c b/src/core/or/circuitstats.c
index 7f3b5007b3..d6729eb11f 100644
--- a/src/core/or/circuitstats.c
+++ b/src/core/or/circuitstats.c
@@ -34,7 +34,6 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "core/mainloop/mainloop.h"
#include "feature/nodelist/networkstatus.h"
-#include "feature/rend/rendservice.h"
#include "feature/relay/router.h"
#include "app/config/statefile.h"
#include "core/or/circuitlist.h"
@@ -43,6 +42,7 @@
#include "lib/time/tvdiff.h"
#include "lib/encoding/confline.h"
#include "feature/dirauth/authmode.h"
+#include "feature/hs/hs_service.h"
#include "feature/relay/relay_periodic.h"
#include "core/or/crypt_path_st.h"
@@ -145,8 +145,8 @@ circuit_build_times_disabled_(const or_options_t *options,
*
* If we fix both of these issues someday, we should test
* these modes with LearnCircuitBuildTimeout on again. */
- int single_onion_disabled = rend_service_allow_non_anonymous_connection(
- options);
+ int single_onion_disabled = hs_service_allow_non_anonymous_connection(
+ options);
if (consensus_disabled || config_disabled || dirauth_disabled ||
state_disabled || single_onion_disabled) {
diff --git a/src/core/or/circuituse.c b/src/core/or/circuituse.c
index 26c4711a5b..b00d24407a 100644
--- a/src/core/or/circuituse.c
+++ b/src/core/or/circuituse.c
@@ -58,8 +58,6 @@
#include "feature/nodelist/routerlist.h"
#include "feature/relay/routermode.h"
#include "feature/relay/selftest.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/predict_ports.h"
#include "lib/math/fp.h"
#include "lib/time/tvdiff.h"
@@ -83,16 +81,6 @@ static int
circuit_matches_with_rend_stream(const edge_connection_t *edge_conn,
const origin_circuit_t *origin_circ)
{
- /* Check if this is a v2 rendezvous circ/stream */
- if ((edge_conn->rend_data && !origin_circ->rend_data) ||
- (!edge_conn->rend_data && origin_circ->rend_data) ||
- (edge_conn->rend_data && origin_circ->rend_data &&
- rend_cmp_service_ids(rend_data_get_address(edge_conn->rend_data),
- rend_data_get_address(origin_circ->rend_data)))) {
- /* this circ is not for this conn */
- return 0;
- }
-
/* Check if this is a v3 rendezvous circ/stream */
if ((edge_conn->hs_ident && !origin_circ->hs_ident) ||
(!edge_conn->hs_ident && origin_circ->hs_ident) ||
@@ -688,8 +676,7 @@ circuit_expire_building(void)
/* c_rend_ready circs measure age since timestamp_dirty,
* because that's set when they switch purposes
*/
- if (TO_ORIGIN_CIRCUIT(victim)->rend_data ||
- TO_ORIGIN_CIRCUIT(victim)->hs_ident ||
+ if (TO_ORIGIN_CIRCUIT(victim)->hs_ident ||
victim->timestamp_dirty > cutoff.tv_sec)
continue;
break;
@@ -896,7 +883,7 @@ circuit_log_ancient_one_hop_circuits(int age)
continue;
/* Single Onion Services deliberately make long term one-hop intro
* and rendezvous connections. Don't log the established ones. */
- if (rend_service_allow_non_anonymous_connection(options) &&
+ if (hs_service_allow_non_anonymous_connection(options) &&
(circ->purpose == CIRCUIT_PURPOSE_S_INTRO ||
circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED))
continue;
@@ -1141,7 +1128,7 @@ needs_exit_circuits(time_t now, int *needs_uptime, int *needs_capacity)
STATIC int
needs_hs_server_circuits(time_t now, int num_uptime_internal)
{
- if (!rend_num_services() && !hs_service_get_num_services()) {
+ if (!hs_service_get_num_services()) {
/* No services, we don't need anything. */
goto no_need;
}
@@ -2013,14 +2000,6 @@ circuit_purpose_is_hs_vanguards(const uint8_t purpose)
return (purpose == CIRCUIT_PURPOSE_HS_VANGUARDS);
}
-/** Return true iff the given circuit is an HS v2 circuit. */
-bool
-circuit_is_hs_v2(const circuit_t *circ)
-{
- return (CIRCUIT_IS_ORIGIN(circ) &&
- (CONST_TO_ORIGIN_CIRCUIT(circ)->rend_data != NULL));
-}
-
/** Return true iff the given circuit is an HS v3 circuit. */
bool
circuit_is_hs_v3(const circuit_t *circ)
@@ -2451,11 +2430,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
connection_ap_mark_as_waiting_for_renddesc(conn);
return 0;
}
- log_info(LD_REND,"Chose %s as intro point for '%s'.",
- extend_info_describe(extend_info),
- (edge_conn->rend_data) ?
- safe_str_client(rend_data_get_address(edge_conn->rend_data)) :
- "service");
+ log_info(LD_REND,"Chose %s as intro point for service",
+ extend_info_describe(extend_info));
}
/* If we have specified a particular exit node for our
@@ -2579,10 +2555,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
rep_hist_note_used_internal(time(NULL), need_uptime, 1);
if (circ) {
const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
- if (edge_conn->rend_data) {
- /* write the service_id into circ */
- circ->rend_data = rend_data_dup(edge_conn->rend_data);
- } else if (edge_conn->hs_ident) {
+ if (edge_conn->hs_ident) {
circ->hs_ident =
hs_ident_circuit_new(&edge_conn->hs_ident->identity_pk);
}
@@ -2829,13 +2802,9 @@ connection_ap_get_nonrend_circ_purpose(const entry_connection_t *conn)
if (base_conn->linked_conn &&
base_conn->linked_conn->type == CONN_TYPE_DIR) {
/* Set a custom purpose for hsdir activity */
- if (base_conn->linked_conn->purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2 ||
- base_conn->linked_conn->purpose == DIR_PURPOSE_UPLOAD_HSDESC) {
+ if (base_conn->linked_conn->purpose == DIR_PURPOSE_UPLOAD_HSDESC) {
return CIRCUIT_PURPOSE_S_HSDIR_POST;
- } else if (base_conn->linked_conn->purpose
- == DIR_PURPOSE_FETCH_RENDDESC_V2 ||
- base_conn->linked_conn->purpose
- == DIR_PURPOSE_FETCH_HSDESC) {
+ } else if (base_conn->linked_conn->purpose == DIR_PURPOSE_FETCH_HSDESC) {
return CIRCUIT_PURPOSE_C_HSDIR_GET;
}
}
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index 37cc24672e..b407fd4b1b 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -97,7 +97,6 @@
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/predict_ports.h"
#include "feature/stats/rephist.h"
#include "lib/buf/buffers.h"
@@ -3823,13 +3822,7 @@ handle_hs_exit_conn(circuit_t *circ, edge_connection_t *conn)
conn->base_.address = tor_strdup("(rendezvous)");
conn->base_.state = EXIT_CONN_STATE_CONNECTING;
- /* The circuit either has an hs identifier for v3+ or a rend_data for legacy
- * service. */
- if (origin_circ->rend_data) {
- conn->rend_data = rend_data_dup(origin_circ->rend_data);
- tor_assert(connection_edge_is_rendezvous_stream(conn));
- ret = rend_service_set_connection_addr_port(conn, origin_circ);
- } else if (origin_circ->hs_ident) {
+ if (origin_circ->hs_ident) {
/* Setup the identifier to be the one for the circuit service. */
conn->hs_ident =
hs_ident_edge_conn_new(&origin_circ->hs_ident->identity_pk);
@@ -4392,10 +4385,8 @@ int
connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
{
tor_assert(conn);
- /* It should not be possible to set both of these structs */
- tor_assert_nonfatal(!(conn->rend_data && conn->hs_ident));
- if (conn->rend_data || conn->hs_ident) {
+ if (conn->hs_ident) {
return 1;
}
return 0;
diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c
index 40c4441de6..fdae8ea19c 100644
--- a/src/core/or/connection_or.c
+++ b/src/core/or/connection_or.c
@@ -66,6 +66,7 @@
#include "feature/nodelist/torcert.h"
#include "core/or/channelpadding.h"
#include "feature/dirauth/authmode.h"
+#include "feature/hs/hs_service.h"
#include "core/or/cell_st.h"
#include "core/or/cell_queue_st.h"
@@ -1979,7 +1980,8 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
conn->identity_digest);
const int is_authority_fingerprint = router_digest_is_trusted_dir(
conn->identity_digest);
- const int non_anonymous_mode = rend_non_anonymous_mode_enabled(options);
+ const int non_anonymous_mode =
+ hs_service_non_anonymous_mode_enabled(options);
int severity;
const char *extra_log = "";
diff --git a/src/core/or/cpath_build_state_st.h b/src/core/or/cpath_build_state_st.h
index eb8e97edc5..e31af4c8ed 100644
--- a/src/core/or/cpath_build_state_st.h
+++ b/src/core/or/cpath_build_state_st.h
@@ -30,11 +30,6 @@ struct cpath_build_state_t {
* These are for encrypted dir conns that exit to this router, not
* for arbitrary exits from the circuit. */
unsigned int onehop_tunnel : 1;
- /** The crypt_path_t to append after rendezvous: used for rendezvous. */
- crypt_path_t *pending_final_cpath;
- /** A ref-counted reference to the crypt_path_t to append after
- * rendezvous; used on the service side. */
- crypt_path_reference_t *service_pending_final_cpath_ref;
/** How many times has building a circuit for this task failed? */
int failure_count;
/** At what time should we give up on this task? */
diff --git a/src/core/or/edge_connection_st.h b/src/core/or/edge_connection_st.h
index 9b2f031b9d..e850c40755 100644
--- a/src/core/or/edge_connection_st.h
+++ b/src/core/or/edge_connection_st.h
@@ -33,9 +33,6 @@ struct edge_connection_t {
/** A pointer to which node in the circ this conn exits at. Set for AP
* connections and for hidden service exit connections. */
struct crypt_path_t *cpath_layer;
- /** What rendezvous service are we querying for (if an AP) or providing (if
- * an exit)? */
- rend_data_t *rend_data;
/* Hidden service connection identifier for edge connections. Used by the HS
* client-side code to identify client SOCKS connections and by the
diff --git a/src/core/or/or.h b/src/core/or/or.h
index 182ebc48eb..5bade00128 100644
--- a/src/core/or/or.h
+++ b/src/core/or/or.h
@@ -415,60 +415,6 @@ typedef struct rend_service_authorization_t {
rend_auth_type_t auth_type;
} rend_service_authorization_t;
-/** Client- and server-side data that is used for hidden service connection
- * establishment. Not all fields contain data depending on where this struct
- * is used. */
-typedef struct rend_data_t {
- /* Hidden service protocol version of this base object. */
- uint32_t version;
-
- /** List of HSDir fingerprints on which this request has been sent to. This
- * contains binary identity digest of the directory of size DIGEST_LEN. */
- smartlist_t *hsdirs_fp;
-
- /** Rendezvous cookie used by both, client and service. */
- char rend_cookie[REND_COOKIE_LEN];
-
- /** Number of streams associated with this rendezvous circuit. */
- int nr_streams;
-} rend_data_t;
-
-typedef struct rend_data_v2_t {
- /* Rendezvous base data. */
- rend_data_t base_;
-
- /** Onion address (without the .onion part) that a client requests. */
- char onion_address[REND_SERVICE_ID_LEN_BASE32+1];
-
- /** Descriptor ID for each replicas computed from the onion address. If
- * the onion address is empty, this array MUST be empty. We keep them so
- * we know when to purge our entry in the last hsdir request table. */
- char descriptor_id[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS][DIGEST_LEN];
-
- /** (Optional) descriptor cookie that is used by a client. */
- char descriptor_cookie[REND_DESC_COOKIE_LEN];
-
- /** Authorization type for accessing a service used by a client. */
- rend_auth_type_t auth_type;
-
- /** Descriptor ID for a client request. The control port command HSFETCH
- * uses this. It's set if the descriptor query should only use this
- * descriptor ID. */
- char desc_id_fetch[DIGEST_LEN];
-
- /** Hash of the hidden service's PK used by a service. */
- char rend_pk_digest[DIGEST_LEN];
-} rend_data_v2_t;
-
-/* From a base rend_data_t object <b>d</d>, return the v2 object. */
-static inline
-rend_data_v2_t *TO_REND_DATA_V2(const rend_data_t *d)
-{
- tor_assert(d);
- tor_assert(d->version == 2);
- return DOWNCAST(rend_data_v2_t, d);
-}
-
/* Stub because we can't include hs_ident.h. */
struct hs_ident_edge_conn_t;
struct hs_ident_dir_conn_t;
diff --git a/src/core/or/origin_circuit_st.h b/src/core/or/origin_circuit_st.h
index a45a6573dc..4822760c8d 100644
--- a/src/core/or/origin_circuit_st.h
+++ b/src/core/or/origin_circuit_st.h
@@ -128,9 +128,6 @@ struct origin_circuit_t {
*/
crypt_path_t *cpath;
- /** Holds all rendezvous data on either client or service side. */
- rend_data_t *rend_data;
-
/** Holds hidden service identifier on either client or service side. This
* is for both introduction and rendezvous circuit. */
struct hs_ident_circuit_t *hs_ident;
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index f986883370..32d6ca731a 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -78,7 +78,6 @@
#include "core/or/reasons.h"
#include "core/or/relay.h"
#include "core/crypto/relay_crypto.h"
-#include "feature/rend/rendcache.h"
#include "feature/rend/rendcommon.h"
#include "feature/nodelist/describe.h"
#include "feature/nodelist/routerlist.h"
@@ -2711,8 +2710,8 @@ cell_queues_check_size(void)
alloc += half_streams_get_total_allocation();
alloc += buf_get_total_allocation();
alloc += tor_compress_get_total_allocation();
- const size_t rend_cache_total = rend_cache_get_total_allocation();
- alloc += rend_cache_total;
+ const size_t hs_cache_total = hs_cache_get_total_allocation();
+ alloc += hs_cache_total;
const size_t geoip_client_cache_total =
geoip_client_cache_total_allocation();
alloc += geoip_client_cache_total;
@@ -2724,9 +2723,9 @@ cell_queues_check_size(void)
/* If we're spending over 20% of the memory limit on hidden service
* descriptors, free them until we're down to 10%. Do the same for geoip
* client cache. */
- if (rend_cache_total > get_options()->MaxMemInQueues / 5) {
+ if (hs_cache_total > get_options()->MaxMemInQueues / 5) {
const size_t bytes_to_remove =
- rend_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
+ hs_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
alloc -= hs_cache_handle_oom(now, bytes_to_remove);
}
if (geoip_client_cache_total > get_options()->MaxMemInQueues / 5) {
diff --git a/src/feature/control/control.c b/src/feature/control/control.c
index 2aebe1aac6..2cb20b700f 100644
--- a/src/feature/control/control.c
+++ b/src/feature/control/control.c
@@ -48,8 +48,8 @@
#include "feature/control/control_cmd.h"
#include "feature/control/control_events.h"
#include "feature/control/control_proto.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
+#include "feature/hs/hs_common.h"
+#include "feature/hs/hs_service.h"
#include "lib/evloop/procmon.h"
#include "feature/control/control_connection_st.h"
@@ -240,9 +240,7 @@ connection_control_closed(control_connection_t *conn)
*/
if (conn->ephemeral_onion_services) {
SMARTLIST_FOREACH_BEGIN(conn->ephemeral_onion_services, char *, cp) {
- if (rend_valid_v2_service_id(cp)) {
- rend_service_del_ephemeral(cp);
- } else if (hs_address_is_valid(cp)) {
+ if (hs_address_is_valid(cp)) {
hs_service_del_ephemeral(cp);
} else {
/* An invalid .onion in our list should NEVER happen */
diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c
index e88f17de09..009105bb20 100644
--- a/src/feature/control/control_cmd.c
+++ b/src/feature/control/control_cmd.c
@@ -38,8 +38,6 @@
#include "feature/nodelist/routerinfo.h"
#include "feature/nodelist/routerlist.h"
#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendparse.h"
-#include "feature/rend/rendservice.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/encoding/confline.h"
@@ -53,9 +51,6 @@
#include "feature/control/control_connection_st.h"
#include "feature/nodelist/node_st.h"
#include "feature/nodelist/routerinfo_st.h"
-#include "feature/rend/rend_authorized_client_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
#include "src/app/config/statefile.h"
@@ -1442,31 +1437,15 @@ handle_control_hsfetch(control_connection_t *conn,
const control_cmd_args_t *args)
{
- char digest[DIGEST_LEN], *desc_id = NULL;
+ char *desc_id = NULL;
smartlist_t *hsdirs = NULL;
- static const char *v2_str = "v2-";
- const size_t v2_str_len = strlen(v2_str);
- rend_data_t *rend_query = NULL;
ed25519_public_key_t v3_pk;
uint32_t version;
const char *hsaddress = NULL;
/* Extract the first argument (either HSAddress or DescID). */
const char *arg1 = smartlist_get(args->args, 0);
- /* Test if it's an HS address without the .onion part. */
- if (rend_valid_v2_service_id(arg1)) {
- hsaddress = arg1;
- version = HS_VERSION_TWO;
- } else if (strcmpstart(arg1, v2_str) == 0 &&
- rend_valid_descriptor_id(arg1 + v2_str_len) &&
- base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
- REND_DESC_ID_V2_LEN_BASE32) ==
- sizeof(digest)) {
- /* We have a well formed version 2 descriptor ID. Keep the decoded value
- * of the id. */
- desc_id = digest;
- version = HS_VERSION_TWO;
- } else if (hs_address_is_valid(arg1)) {
+ if (hs_address_is_valid(arg1)) {
hsaddress = arg1;
version = HS_VERSION_THREE;
hs_parse_address(hsaddress, &v3_pk, NULL, NULL);
@@ -1495,15 +1474,6 @@ handle_control_hsfetch(control_connection_t *conn,
}
}
- if (version == HS_VERSION_TWO) {
- rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
- REND_NO_AUTH);
- if (rend_query == NULL) {
- control_write_endreply(conn, 551, "Error creating the HS query");
- goto done;
- }
- }
-
/* Using a descriptor ID, we force the user to provide at least one
* hsdir server using the SERVER= option. */
if (desc_id && (!hsdirs || !smartlist_len(hsdirs))) {
@@ -1526,7 +1496,6 @@ handle_control_hsfetch(control_connection_t *conn,
done:
/* Contains data pointer that we don't own thus no cleanup. */
smartlist_free(hsdirs);
- rend_data_free(rend_query);
return 0;
}
@@ -1547,7 +1516,6 @@ handle_control_hspost(control_connection_t *conn,
{
smartlist_t *hs_dirs = NULL;
const char *encoded_desc = args->cmddata;
- size_t encoded_desc_len = args->cmddata_len;
const char *onion_address = NULL;
const config_line_t *line;
@@ -1587,44 +1555,6 @@ handle_control_hspost(control_connection_t *conn,
goto done;
}
- /* From this point on, it is only v2. */
-
- /* parse it. */
- rend_encoded_v2_service_descriptor_t *desc =
- tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t));
- desc->desc_str = tor_memdup_nulterm(encoded_desc, encoded_desc_len);
-
- rend_service_descriptor_t *parsed = NULL;
- char *intro_content = NULL;
- size_t intro_size;
- size_t encoded_size;
- const char *next_desc;
- if (!rend_parse_v2_service_descriptor(&parsed, desc->desc_id, &intro_content,
- &intro_size, &encoded_size,
- &next_desc, desc->desc_str, 1)) {
- /* Post the descriptor. */
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- if (!rend_get_service_id(parsed->pk, serviceid)) {
- smartlist_t *descs = smartlist_new();
- smartlist_add(descs, desc);
-
- /* We are about to trigger HS descriptor upload so send the OK now
- * because after that 650 event(s) are possible so better to have the
- * 250 OK before them to avoid out of order replies. */
- send_control_done(conn);
-
- /* Trigger the descriptor upload */
- directory_post_to_hs_dir(parsed, descs, hs_dirs, serviceid, 0);
- smartlist_free(descs);
- }
-
- rend_service_descriptor_free(parsed);
- } else {
- control_write_endreply(conn, 554, "Invalid descriptor");
- }
-
- tor_free(intro_content);
- rend_encoded_v2_service_descriptor_free(desc);
done:
smartlist_free(hs_dirs); /* Contents belong to the rend service code. */
return 0;
@@ -1640,7 +1570,6 @@ handle_control_hspost(control_connection_t *conn,
* The port_cfgs is a list of service port. Ownership transferred to service.
* The max_streams refers to the MaxStreams= key.
* The max_streams_close_circuit refers to the MaxStreamsCloseCircuit key.
- * The auth_type is the authentication type of the clients in auth_clients.
* The ownership of that list is transferred to the service.
*
* On success (RSAE_OKAY), the address_out points to a newly allocated string
@@ -1650,8 +1579,7 @@ STATIC hs_service_add_ephemeral_status_t
add_onion_helper_add_service(int hs_version,
add_onion_secret_key_t *pk,
smartlist_t *port_cfgs, int max_streams,
- int max_streams_close_circuit, int auth_type,
- smartlist_t *auth_clients,
+ int max_streams_close_circuit,
smartlist_t *auth_clients_v3, char **address_out)
{
hs_service_add_ephemeral_status_t ret;
@@ -1661,11 +1589,6 @@ add_onion_helper_add_service(int hs_version,
tor_assert(address_out);
switch (hs_version) {
- case HS_VERSION_TWO:
- ret = rend_service_add_ephemeral(pk->v2, port_cfgs, max_streams,
- max_streams_close_circuit, auth_type,
- auth_clients, address_out);
- break;
case HS_VERSION_THREE:
ret = hs_service_add_ephemeral(pk->v3, port_cfgs, max_streams,
max_streams_close_circuit,
@@ -1711,16 +1634,14 @@ handle_control_add_onion(control_connection_t *conn,
* material first, since there's no reason to touch that at all if any of
* the other arguments are malformed.
*/
+ rend_auth_type_t auth_type = REND_NO_AUTH;
smartlist_t *port_cfgs = smartlist_new();
- smartlist_t *auth_clients = NULL;
- smartlist_t *auth_created_clients = NULL;
smartlist_t *auth_clients_v3 = NULL;
smartlist_t *auth_clients_v3_str = NULL;
int discard_pk = 0;
int detach = 0;
int max_streams = 0;
int max_streams_close_circuit = 0;
- rend_auth_type_t auth_type = REND_NO_AUTH;
int non_anonymous = 0;
const config_line_t *arg;
@@ -1758,7 +1679,6 @@ handle_control_add_onion(control_connection_t *conn,
static const char *discard_flag = "DiscardPK";
static const char *detach_flag = "Detach";
static const char *max_s_close_flag = "MaxStreamsCloseCircuit";
- static const char *basicauth_flag = "BasicAuth";
static const char *v3auth_flag = "V3Auth";
static const char *non_anonymous_flag = "NonAnonymous";
@@ -1778,8 +1698,6 @@ handle_control_add_onion(control_connection_t *conn,
detach = 1;
} else if (!strcasecmp(flag, max_s_close_flag)) {
max_streams_close_circuit = 1;
- } else if (!strcasecmp(flag, basicauth_flag)) {
- auth_type = REND_BASIC_AUTH;
} else if (!strcasecmp(flag, v3auth_flag)) {
auth_type = REND_V3_AUTH;
} else if (!strcasecmp(flag, non_anonymous_flag)) {
@@ -1795,36 +1713,6 @@ handle_control_add_onion(control_connection_t *conn,
smartlist_free(flags);
if (bad)
goto out;
-
- } else if (!strcasecmp(arg->key, "ClientAuth")) {
- int created = 0;
- rend_authorized_client_t *client =
- add_onion_helper_clientauth(arg->value, &created, conn);
- if (!client) {
- goto out;
- }
-
- if (auth_clients != NULL) {
- int bad = 0;
- SMARTLIST_FOREACH_BEGIN(auth_clients, rend_authorized_client_t *, ac) {
- if (strcmp(ac->client_name, client->client_name) == 0) {
- bad = 1;
- break;
- }
- } SMARTLIST_FOREACH_END(ac);
- if (bad) {
- control_write_endreply(conn, 512, "Duplicate name in ClientAuth");
- rend_authorized_client_free(client);
- goto out;
- }
- } else {
- auth_clients = smartlist_new();
- auth_created_clients = smartlist_new();
- }
- smartlist_add(auth_clients, client);
- if (created) {
- smartlist_add(auth_created_clients, client);
- }
} else if (!strcasecmp(arg->key, "ClientAuthV3")) {
hs_service_authorized_client_t *client_v3 =
parse_authorized_client_key(arg->value, LOG_INFO);
@@ -1848,31 +1736,14 @@ handle_control_add_onion(control_connection_t *conn,
if (smartlist_len(port_cfgs) == 0) {
control_write_endreply(conn, 512, "Missing 'Port' argument");
goto out;
- } else if (auth_type == REND_NO_AUTH &&
- (auth_clients != NULL && auth_clients_v3 != NULL)) {
+ } else if (auth_type == REND_NO_AUTH && auth_clients_v3 != NULL) {
control_write_endreply(conn, 512, "No auth type specified");
goto out;
- } else if (auth_type != REND_NO_AUTH &&
- (auth_clients == NULL && auth_clients_v3 == NULL)) {
+ } else if (auth_type != REND_NO_AUTH && auth_clients_v3 == NULL) {
control_write_endreply(conn, 512, "No auth clients specified");
goto out;
- } else if ((auth_type == REND_BASIC_AUTH &&
- smartlist_len(auth_clients) > 512) ||
- (auth_type == REND_STEALTH_AUTH &&
- smartlist_len(auth_clients) > 16)) {
- control_write_endreply(conn, 512, "Too many auth clients");
- goto out;
- } else if ((auth_type == REND_BASIC_AUTH ||
- auth_type == REND_STEALTH_AUTH) && auth_clients_v3) {
- control_write_endreply(conn, 512,
- "ClientAuthV3 does not support basic or stealth auth");
- goto out;
- } else if (auth_type == REND_V3_AUTH && auth_clients) {
- control_write_endreply(conn, 512, "ClientAuth does not support v3 auth");
- goto out;
-
- } else if (non_anonymous != rend_service_non_anonymous_mode_enabled(
- get_options())) {
+ } else if (non_anonymous != hs_service_non_anonymous_mode_enabled(
+ get_options())) {
/* If we failed, and the non-anonymous flag is set, Tor must be in
* anonymous hidden service mode.
* The error message changes based on the current Tor config:
@@ -1899,29 +1770,15 @@ handle_control_add_onion(control_connection_t *conn,
goto out;
}
- /* We can't mix ClientAuth and Version 3 Onion Services, or ClientAuthV3 and
- * Version 2. If that's the case, send back an error. */
- if (hs_version == HS_VERSION_THREE && auth_clients) {
- control_write_endreply(conn, 513, "ClientAuth not supported");
- goto out;
- }
- if (hs_version == HS_VERSION_TWO && auth_clients_v3) {
- control_write_endreply(conn, 513, "ClientAuthV3 not supported");
- goto out;
- }
-
- /* Create the HS, using private key pk, client authentication auth_type,
- * the list of auth_clients, and port config port_cfg.
- * rend_service_add_ephemeral() will take ownership of pk and port_cfg,
- * regardless of success/failure.
- */
+ /* Create the HS, using private key pk and port config port_cfg.
+ * hs_service_add_ephemeral() will take ownership of pk and port_cfg,
+ * regardless of success/failure. */
char *service_id = NULL;
- int ret =
- add_onion_helper_add_service(hs_version, &pk, port_cfgs, max_streams,
- max_streams_close_circuit, auth_type,
- auth_clients, auth_clients_v3, &service_id);
- port_cfgs = NULL; /* port_cfgs is now owned by the rendservice code. */
- auth_clients = NULL; /* so is auth_clients */
+ int ret = add_onion_helper_add_service(hs_version, &pk, port_cfgs,
+ max_streams,
+ max_streams_close_circuit,
+ auth_clients_v3, &service_id);
+ port_cfgs = NULL; /* port_cfgs is now owned by the hs_service code. */
auth_clients_v3 = NULL; /* so is auth_clients_v3 */
switch (ret) {
case RSAE_OKAY:
@@ -1943,17 +1800,6 @@ handle_control_add_onion(control_connection_t *conn,
control_printf_midreply(conn, 250, "PrivateKey=%s:%s",
key_new_alg, key_new_blob);
}
- if (auth_created_clients) {
- SMARTLIST_FOREACH(auth_created_clients, rend_authorized_client_t *, ac, {
- char *encoded = rend_auth_encode_cookie(ac->descriptor_cookie,
- auth_type);
- tor_assert(encoded);
- control_printf_midreply(conn, 250, "ClientAuth=%s:%s",
- ac->client_name, encoded);
- memwipe(encoded, 0, strlen(encoded));
- tor_free(encoded);
- });
- }
if (auth_clients_v3_str) {
SMARTLIST_FOREACH(auth_clients_v3_str, char *, client_str, {
control_printf_midreply(conn, 250, "ClientAuthV3=%s", client_str);
@@ -1990,12 +1836,6 @@ handle_control_add_onion(control_connection_t *conn,
hs_port_config_free(p));
smartlist_free(port_cfgs);
}
-
- if (auth_clients) {
- SMARTLIST_FOREACH(auth_clients, rend_authorized_client_t *, ac,
- rend_authorized_client_free(ac));
- smartlist_free(auth_clients);
- }
if (auth_clients_v3) {
SMARTLIST_FOREACH(auth_clients_v3, hs_service_authorized_client_t *, ac,
service_authorized_client_free(ac));
@@ -2007,10 +1847,6 @@ handle_control_add_onion(control_connection_t *conn,
smartlist_free(auth_clients_v3_str);
}
- if (auth_created_clients) {
- // Do not free entries; they are the same as auth_clients
- smartlist_free(auth_created_clients);
- }
return 0;
}
@@ -2034,7 +1870,6 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
control_connection_t *conn)
{
smartlist_t *key_args = smartlist_new();
- crypto_pk_t *pk = NULL;
const char *key_new_alg = NULL;
char *key_new_blob = NULL;
int ret = -1;
@@ -2048,27 +1883,12 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
/* The format is "KeyType:KeyBlob". */
static const char *key_type_new = "NEW";
static const char *key_type_best = "BEST";
- static const char *key_type_rsa1024 = "RSA1024";
static const char *key_type_ed25519_v3 = "ED25519-V3";
const char *key_type = smartlist_get(key_args, 0);
const char *key_blob = smartlist_get(key_args, 1);
- if (!strcasecmp(key_type_rsa1024, key_type)) {
- /* "RSA:<Base64 Blob>" - Loading a pre-existing RSA1024 key. */
- pk = crypto_pk_base64_decode_private(key_blob, strlen(key_blob));
- if (!pk) {
- control_write_endreply(conn, 512, "Failed to decode RSA key");
- goto err;
- }
- if (crypto_pk_num_bits(pk) != PK_BYTES*8) {
- crypto_pk_free(pk);
- control_write_endreply(conn, 512, "Invalid RSA key size");
- goto err;
- }
- decoded_key->v2 = pk;
- *hs_version = HS_VERSION_TWO;
- } else if (!strcasecmp(key_type_ed25519_v3, key_type)) {
+ if (!strcasecmp(key_type_ed25519_v3, key_type)) {
/* parsing of private ed25519 key */
/* "ED25519-V3:<Base64 Blob>" - Loading a pre-existing ed25519 key. */
ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk));
@@ -2082,27 +1902,8 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
*hs_version = HS_VERSION_THREE;
} else if (!strcasecmp(key_type_new, key_type)) {
/* "NEW:<Algorithm>" - Generating a new key, blob as algorithm. */
- if (!strcasecmp(key_type_rsa1024, key_blob)) {
- /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */
- pk = crypto_pk_new();
- if (crypto_pk_generate_key(pk)) {
- control_printf_endreply(conn, 551, "Failed to generate %s key",
- key_type_rsa1024);
- goto err;
- }
- if (!discard_pk) {
- if (crypto_pk_base64_encode_private(pk, &key_new_blob)) {
- crypto_pk_free(pk);
- control_printf_endreply(conn, 551, "Failed to encode %s key",
- key_type_rsa1024);
- goto err;
- }
- key_new_alg = key_type_rsa1024;
- }
- decoded_key->v2 = pk;
- *hs_version = HS_VERSION_TWO;
- } else if (!strcasecmp(key_type_ed25519_v3, key_blob) ||
- !strcasecmp(key_type_best, key_blob)) {
+ if (!strcasecmp(key_type_ed25519_v3, key_blob) ||
+ !strcasecmp(key_type_best, key_blob)) {
/* "ED25519-V3", ed25519 key, also currently "BEST" by default. */
ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk));
if (ed25519_secret_key_generate(sk, 1) < 0) {
@@ -2151,68 +1952,6 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
return ret;
}
-/** Helper function to handle parsing a ClientAuth argument to the
- * ADD_ONION command. Return a new rend_authorized_client_t, or NULL
- * and an optional control protocol error message on failure. The
- * caller is responsible for freeing the returned auth_client.
- *
- * If 'created' is specified, it will be set to 1 when a new cookie has
- * been generated.
- *
- * Note: conn is only used for writing control replies. For testing
- * purposes, it can be NULL if control_write_reply() is appropriately
- * mocked.
- */
-STATIC rend_authorized_client_t *
-add_onion_helper_clientauth(const char *arg, int *created,
- control_connection_t *conn)
-{
- int ok = 0;
-
- tor_assert(arg);
- tor_assert(created);
-
- smartlist_t *auth_args = smartlist_new();
- rend_authorized_client_t *client =
- tor_malloc_zero(sizeof(rend_authorized_client_t));
- smartlist_split_string(auth_args, arg, ":", 0, 0);
- if (smartlist_len(auth_args) < 1 || smartlist_len(auth_args) > 2) {
- control_write_endreply(conn, 512, "Invalid ClientAuth syntax");
- goto err;
- }
- client->client_name = tor_strdup(smartlist_get(auth_args, 0));
- if (smartlist_len(auth_args) == 2) {
- char *decode_err_msg = NULL;
- if (rend_auth_decode_cookie(smartlist_get(auth_args, 1),
- client->descriptor_cookie,
- NULL, &decode_err_msg) < 0) {
- tor_assert(decode_err_msg);
- control_write_endreply(conn, 512, decode_err_msg);
- tor_free(decode_err_msg);
- goto err;
- }
- *created = 0;
- } else {
- crypto_rand((char *) client->descriptor_cookie, REND_DESC_COOKIE_LEN);
- *created = 1;
- }
-
- if (!rend_valid_client_name(client->client_name)) {
- control_write_endreply(conn, 512, "Invalid name in ClientAuth");
- goto err;
- }
-
- ok = 1;
- err:
- SMARTLIST_FOREACH(auth_args, char *, item, tor_free(item));
- smartlist_free(auth_args);
- if (!ok) {
- rend_authorized_client_free(client);
- client = NULL;
- }
- return client;
-}
-
static const control_cmd_syntax_t del_onion_syntax = {
.min_args = 1, .max_args = 1,
};
@@ -2228,9 +1967,7 @@ handle_control_del_onion(control_connection_t *conn,
tor_assert(smartlist_len(args) == 1);
const char *service_id = smartlist_get(args, 0);
- if (rend_valid_v2_service_id(service_id)) {
- hs_version = HS_VERSION_TWO;
- } else if (hs_address_is_valid(service_id)) {
+ if (hs_address_is_valid(service_id)) {
hs_version = HS_VERSION_THREE;
} else {
control_write_endreply(conn, 512, "Malformed Onion Service id");
@@ -2261,9 +1998,6 @@ handle_control_del_onion(control_connection_t *conn,
} else {
int ret = -1;
switch (hs_version) {
- case HS_VERSION_TWO:
- ret = rend_service_del_ephemeral(service_id);
- break;
case HS_VERSION_THREE:
ret = hs_service_del_ephemeral(service_id);
break;
diff --git a/src/feature/control/control_cmd.h b/src/feature/control/control_cmd.h
index b3c1d5cb2f..f21dc65edd 100644
--- a/src/feature/control/control_cmd.h
+++ b/src/feature/control/control_cmd.h
@@ -99,13 +99,9 @@ STATIC hs_service_add_ephemeral_status_t add_onion_helper_add_service(
int hs_version,
add_onion_secret_key_t *pk,
smartlist_t *port_cfgs, int max_streams,
- int max_streams_close_circuit, int auth_type,
- smartlist_t *auth_clients,
+ int max_streams_close_circuit,
smartlist_t *auth_clients_v3, char **address_out);
-STATIC rend_authorized_client_t *add_onion_helper_clientauth(const char *arg,
- int *created, control_connection_t *conn);
-
STATIC control_cmd_args_t *control_cmd_parse_args(
const char *command,
const control_cmd_syntax_t *syntax,
diff --git a/src/feature/control/control_events.c b/src/feature/control/control_events.c
index b38b7a4f42..2e192c98ad 100644
--- a/src/feature/control/control_events.c
+++ b/src/feature/control/control_events.c
@@ -2066,8 +2066,6 @@ control_event_hs_descriptor_upload(const char *onion_address,
/** send HS_DESC event after got response from hs directory.
*
* NOTE: this is an internal function used by following functions:
- * control_event_hsv2_descriptor_received
- * control_event_hsv2_descriptor_failed
* control_event_hsv3_descriptor_failed
*
* So do not call this function directly.
@@ -2138,82 +2136,6 @@ control_event_hs_descriptor_upload_end(const char *action,
tor_free(reason_field);
}
-/** For an HS descriptor query <b>rend_data</b>, using the
- * <b>onion_address</b> and HSDir fingerprint <b>hsdir_fp</b>, find out
- * which descriptor ID in the query is the right one.
- *
- * Return a pointer of the binary descriptor ID found in the query's object
- * or NULL if not found. */
-static const char *
-get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp)
-{
- int replica;
- const char *desc_id = NULL;
- const rend_data_v2_t *rend_data_v2 = TO_REND_DATA_V2(rend_data);
-
- /* Possible if the fetch was done using a descriptor ID. This means that
- * the HSFETCH command was used. */
- if (!tor_digest_is_zero(rend_data_v2->desc_id_fetch)) {
- desc_id = rend_data_v2->desc_id_fetch;
- goto end;
- }
-
- /* Without a directory fingerprint at this stage, we can't do much. */
- if (hsdir_fp == NULL) {
- goto end;
- }
-
- /* OK, we have an onion address so now let's find which descriptor ID
- * is the one associated with the HSDir fingerprint. */
- for (replica = 0; replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
- replica++) {
- const char *digest = rend_data_get_desc_id(rend_data, replica, NULL);
-
- SMARTLIST_FOREACH_BEGIN(rend_data->hsdirs_fp, char *, fingerprint) {
- if (tor_memcmp(fingerprint, hsdir_fp, DIGEST_LEN) == 0) {
- /* Found it! This descriptor ID is the right one. */
- desc_id = digest;
- goto end;
- }
- } SMARTLIST_FOREACH_END(fingerprint);
- }
-
- end:
- return desc_id;
-}
-
-/** send HS_DESC RECEIVED event
- *
- * called when we successfully received a hidden service descriptor.
- */
-void
-control_event_hsv2_descriptor_received(const char *onion_address,
- const rend_data_t *rend_data,
- const char *hsdir_id_digest)
-{
- char *desc_id_field = NULL;
- const char *desc_id;
-
- if (BUG(!rend_data || !hsdir_id_digest || !onion_address)) {
- return;
- }
-
- desc_id = get_desc_id_from_query(rend_data, hsdir_id_digest);
- if (desc_id != NULL) {
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- /* Set the descriptor ID digest to base32 so we can send it. */
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
- DIGEST_LEN);
- /* Extra whitespace is needed before the value. */
- tor_asprintf(&desc_id_field, " %s", desc_id_base32);
- }
-
- event_hs_descriptor_receive_end("RECEIVED", onion_address, desc_id_field,
- TO_REND_DATA_V2(rend_data)->auth_type,
- hsdir_id_digest, NULL);
- tor_free(desc_id_field);
-}
-
/* Send HS_DESC RECEIVED event
*
* Called when we successfully received a hidden service descriptor. */
@@ -2253,40 +2175,6 @@ control_event_hs_descriptor_uploaded(const char *id_digest,
id_digest, NULL);
}
-/** Send HS_DESC event to inform controller that query <b>rend_data</b>
- * failed to retrieve hidden service descriptor from directory identified by
- * <b>id_digest</b>. If NULL, "UNKNOWN" is used. If <b>reason</b> is not NULL,
- * add it to REASON= field.
- */
-void
-control_event_hsv2_descriptor_failed(const rend_data_t *rend_data,
- const char *hsdir_id_digest,
- const char *reason)
-{
- char *desc_id_field = NULL;
- const char *desc_id;
-
- if (BUG(!rend_data)) {
- return;
- }
-
- desc_id = get_desc_id_from_query(rend_data, hsdir_id_digest);
- if (desc_id != NULL) {
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- /* Set the descriptor ID digest to base32 so we can send it. */
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
- DIGEST_LEN);
- /* Extra whitespace is needed before the value. */
- tor_asprintf(&desc_id_field, " %s", desc_id_base32);
- }
-
- event_hs_descriptor_receive_end("FAILED", rend_data_get_address(rend_data),
- desc_id_field,
- TO_REND_DATA_V2(rend_data)->auth_type,
- hsdir_id_digest, reason);
- tor_free(desc_id_field);
-}
-
/** Send HS_DESC event to inform controller that the query to
* <b>onion_address</b> failed to retrieve hidden service descriptor
* <b>desc_id</b> from directory identified by <b>hsdir_id_digest</b>. If
diff --git a/src/feature/control/control_events.h b/src/feature/control/control_events.h
index e499c037ba..d20091e662 100644
--- a/src/feature/control/control_events.h
+++ b/src/feature/control/control_events.h
@@ -202,13 +202,6 @@ void control_event_hs_descriptor_upload_end(const char *action,
const char *reason);
void control_event_hs_descriptor_uploaded(const char *hs_dir,
const char *onion_address);
-/* Hidden service v2 HS_DESC specific. */
-void control_event_hsv2_descriptor_failed(const rend_data_t *rend_data,
- const char *id_digest,
- const char *reason);
-void control_event_hsv2_descriptor_received(const char *onion_address,
- const rend_data_t *rend_data,
- const char *id_digest);
/* Hidden service v3 HS_DESC specific. */
void control_event_hsv3_descriptor_failed(const char *onion_address,
const char *desc_id,
diff --git a/src/feature/control/control_fmt.c b/src/feature/control/control_fmt.c
index 014427c5b5..cb0673ee7d 100644
--- a/src/feature/control/control_fmt.c
+++ b/src/feature/control/control_fmt.c
@@ -122,15 +122,11 @@ circuit_describe_status_for_controller(origin_circuit_t *circ)
}
}
- if (circ->rend_data != NULL || circ->hs_ident != NULL) {
+ if (circ->hs_ident != NULL) {
char addr[HS_SERVICE_ADDR_LEN_BASE32 + 1];
const char *onion_address;
- if (circ->rend_data) {
- onion_address = rend_data_get_address(circ->rend_data);
- } else {
- hs_build_address(&circ->hs_ident->identity_pk, HS_VERSION_THREE, addr);
- onion_address = addr;
- }
+ hs_build_address(&circ->hs_ident->identity_pk, HS_VERSION_THREE, addr);
+ onion_address = addr;
smartlist_add_asprintf(descparts, "REND_QUERY=%s", onion_address);
}
diff --git a/src/feature/control/control_getinfo.c b/src/feature/control/control_getinfo.c
index 75d5418d19..29032111ef 100644
--- a/src/feature/control/control_getinfo.c
+++ b/src/feature/control/control_getinfo.c
@@ -47,7 +47,6 @@
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "feature/relay/selftest.h"
-#include "feature/rend/rendcache.h"
#include "feature/stats/geoip_stats.h"
#include "feature/stats/predict_ports.h"
#include "feature/stats/rephist.h"
diff --git a/src/feature/dircache/dircache.c b/src/feature/dircache/dircache.c
index 00bb0abf23..013fd1f9ae 100644
--- a/src/feature/dircache/dircache.c
+++ b/src/feature/dircache/dircache.c
@@ -31,7 +31,6 @@
#include "feature/nodelist/routerlist.h"
#include "feature/relay/relay_config.h"
#include "feature/relay/routermode.h"
-#include "feature/rend/rendcache.h"
#include "feature/stats/geoip_stats.h"
#include "feature/stats/rephist.h"
#include "lib/compress/compress.h"
@@ -353,8 +352,6 @@ static int handle_get_descriptor(dir_connection_t *conn,
const get_handler_args_t *args);
static int handle_get_keys(dir_connection_t *conn,
const get_handler_args_t *args);
-static int handle_get_hs_descriptor_v2(dir_connection_t *conn,
- const get_handler_args_t *args);
static int handle_get_robots(dir_connection_t *conn,
const get_handler_args_t *args);
static int handle_get_networkstatus_bridges(dir_connection_t *conn,
@@ -373,7 +370,6 @@ static const url_table_ent_t url_table[] = {
{ "/tor/server/", 1, handle_get_descriptor },
{ "/tor/extra/", 1, handle_get_descriptor },
{ "/tor/keys/", 1, handle_get_keys },
- { "/tor/rendezvous2/", 1, handle_get_hs_descriptor_v2 },
{ "/tor/hs/3/", 1, handle_get_hs_descriptor_v3 },
{ "/tor/robots.txt", 0, handle_get_robots },
{ "/tor/networkstatus-bridges", 0, handle_get_networkstatus_bridges },
@@ -1347,44 +1343,6 @@ handle_get_keys(dir_connection_t *conn, const get_handler_args_t *args)
return 0;
}
-/** Helper function for GET /tor/rendezvous2/
- */
-static int
-handle_get_hs_descriptor_v2(dir_connection_t *conn,
- const get_handler_args_t *args)
-{
- const char *url = args->url;
- if (connection_dir_is_encrypted(conn)) {
- /* Handle v2 rendezvous descriptor fetch request. */
- const char *descp;
- const char *query = url + strlen("/tor/rendezvous2/");
- if (rend_valid_descriptor_id(query)) {
- log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
- safe_str(escaped(query)));
- switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {
- case 1: /* valid */
- write_http_response_header(conn, strlen(descp), NO_METHOD, 0);
- connection_buf_add(descp, strlen(descp), TO_CONN(conn));
- break;
- case 0: /* well-formed but not present */
- write_short_http_response(conn, 404, "Not found");
- break;
- case -1: /* not well-formed */
- write_short_http_response(conn, 400, "Bad request");
- break;
- }
- } else { /* not well-formed */
- write_short_http_response(conn, 400, "Bad request");
- }
- goto done;
- } else {
- /* Not encrypted! */
- write_short_http_response(conn, 404, "Not found");
- }
- done:
- return 0;
-}
-
/** Helper function for GET `/tor/hs/3/...`. Only for version 3.
*/
STATIC int
@@ -1626,22 +1584,6 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers,
}
log_debug(LD_DIRSERV,"rewritten url as '%s'.", escaped(url));
- /* Handle v2 rendezvous service publish request. */
- if (connection_dir_is_encrypted(conn) &&
- !strcmpstart(url,"/tor/rendezvous2/publish")) {
- if (rend_cache_store_v2_desc_as_dir(body) < 0) {
- log_warn(LD_REND, "Rejected v2 rend descriptor (body size %d) from %s.",
- (int)body_len,
- connection_describe_peer(TO_CONN(conn)));
- write_short_http_response(conn, 400,
- "Invalid v2 service descriptor rejected");
- } else {
- write_short_http_response(conn, 200, "Service descriptor (v2) stored");
- log_info(LD_REND, "Handled v2 rendezvous descriptor post: accepted");
- }
- goto done;
- }
-
/* Handle HS descriptor publish request. We force an anonymous connection
* (which also tests for encrypted). We do not allow single-hop client to
* post a descriptor onto an HSDir. */
diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c
index dd7af9dbfc..c5b0d19dd7 100644
--- a/src/feature/dirclient/dirclient.c
+++ b/src/feature/dirclient/dirclient.c
@@ -47,9 +47,7 @@
#include "feature/relay/relay_find_addr.h"
#include "feature/relay/routermode.h"
#include "feature/relay/selftest.h"
-#include "feature/rend/rendcache.h"
#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/predict_ports.h"
#include "lib/cc/ctassert.h"
@@ -66,7 +64,6 @@
#include "feature/nodelist/networkstatus_st.h"
#include "feature/nodelist/node_st.h"
#include "feature/nodelist/routerinfo_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
/** Maximum size, in bytes, for any directory object that we've downloaded. */
#define MAX_DIR_DL_SIZE ((1<<24)-1) /* 16 MB - 1 */
@@ -119,10 +116,6 @@ dir_conn_purpose_to_string(int purpose)
return "status vote fetch";
case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
return "consensus signature fetch";
- case DIR_PURPOSE_FETCH_RENDDESC_V2:
- return "hidden-service v2 descriptor fetch";
- case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
- return "hidden-service v2 descriptor upload";
case DIR_PURPOSE_FETCH_HSDESC:
return "hidden-service descriptor fetch";
case DIR_PURPOSE_UPLOAD_HSDESC:
@@ -949,7 +942,6 @@ directory_request_new(uint8_t dir_purpose)
tor_assert(dir_purpose >= DIR_PURPOSE_MIN_);
tor_assert(dir_purpose <= DIR_PURPOSE_MAX_);
tor_assert(dir_purpose != DIR_PURPOSE_SERVER);
- tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2);
tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_HSDESC);
directory_request_t *result = tor_malloc_zero(sizeof(*result));
@@ -1086,21 +1078,6 @@ directory_request_add_header(directory_request_t *req,
{
config_line_prepend(&req->additional_headers, key, val);
}
-/**
- * Set an object containing HS data to be associated with this request. Note
- * that only an alias to <b>query</b> is stored, so the <b>query</b> object
- * must outlive the request.
- */
-void
-directory_request_set_rend_query(directory_request_t *req,
- const rend_data_t *query)
-{
- if (query) {
- tor_assert(req->dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 ||
- req->dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
- }
- req->rend_query = query;
-}
/**
* Set an object containing HS connection identifier to be associated with
* this request. Note that only an alias to <b>ident</b> is stored, so the
@@ -1249,7 +1226,6 @@ directory_initiate_request,(directory_request_t *request))
const uint8_t router_purpose = request->router_purpose;
const dir_indirection_t indirection = request->indirection;
const char *resource = request->resource;
- const rend_data_t *rend_query = request->rend_query;
const hs_ident_dir_conn_t *hs_ident = request->hs_ident;
circuit_guard_state_t *guard_state = request->guard_state;
@@ -1285,7 +1261,7 @@ directory_initiate_request,(directory_request_t *request))
if (purpose_needs_anonymity(dir_purpose, router_purpose, resource)) {
tor_assert(anonymized_connection ||
- rend_non_anonymous_mode_enabled(options));
+ hs_service_non_anonymous_mode_enabled(options));
}
/* use encrypted begindir connections for everything except relays
@@ -1337,15 +1313,7 @@ directory_initiate_request,(directory_request_t *request))
/* XXXX This is a bad name for this field now. */
conn->dirconn_direct = !anonymized_connection;
- /* copy rendezvous data, if any */
- if (rend_query) {
- /* We can't have both v2 and v3+ identifier. */
- tor_assert_nonfatal(!hs_ident);
- conn->rend_data = rend_data_dup(rend_query);
- }
if (hs_ident) {
- /* We can't have both v2 and v3+ identifier. */
- tor_assert_nonfatal(!rend_query);
conn->hs_ident = hs_ident_dir_conn_dup(hs_ident);
}
@@ -1680,13 +1648,6 @@ directory_send_command(dir_connection_t *conn,
httpcommand = "POST";
url = tor_strdup("/tor/post/consensus-signature");
break;
- case DIR_PURPOSE_FETCH_RENDDESC_V2:
- tor_assert(resource);
- tor_assert(strlen(resource) <= REND_DESC_ID_V2_LEN_BASE32);
- tor_assert(!payload);
- httpcommand = "GET";
- tor_asprintf(&url, "/tor/rendezvous2/%s", resource);
- break;
case DIR_PURPOSE_FETCH_HSDESC:
tor_assert(resource);
tor_assert(strlen(resource) <= ED25519_BASE64_LEN);
@@ -1694,12 +1655,6 @@ directory_send_command(dir_connection_t *conn,
httpcommand = "GET";
tor_asprintf(&url, "/tor/hs/3/%s", resource);
break;
- case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
- tor_assert(!resource);
- tor_assert(payload);
- httpcommand = "POST";
- url = tor_strdup("/tor/rendezvous2/publish");
- break;
case DIR_PURPOSE_UPLOAD_HSDESC:
tor_assert(resource);
tor_assert(payload);
@@ -1843,10 +1798,6 @@ static int handle_response_upload_vote(dir_connection_t *,
const response_handler_args_t *);
static int handle_response_upload_signatures(dir_connection_t *,
const response_handler_args_t *);
-static int handle_response_fetch_renddesc_v2(dir_connection_t *,
- const response_handler_args_t *);
-static int handle_response_upload_renddesc_v2(dir_connection_t *,
- const response_handler_args_t *);
static int handle_response_upload_hsdesc(dir_connection_t *,
const response_handler_args_t *);
@@ -2193,9 +2144,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
case DIR_PURPOSE_FETCH_MICRODESC:
rv = handle_response_fetch_microdesc(conn, &args);
break;
- case DIR_PURPOSE_FETCH_RENDDESC_V2:
- rv = handle_response_fetch_renddesc_v2(conn, &args);
- break;
case DIR_PURPOSE_UPLOAD_DIR:
rv = handle_response_upload_dir(conn, &args);
break;
@@ -2205,9 +2153,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
case DIR_PURPOSE_UPLOAD_VOTE:
rv = handle_response_upload_vote(conn, &args);
break;
- case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
- rv = handle_response_upload_renddesc_v2(conn, &args);
- break;
case DIR_PURPOSE_UPLOAD_HSDESC:
rv = handle_response_upload_hsdesc(conn, &args);
break;
@@ -2800,152 +2745,6 @@ handle_response_fetch_hsdesc_v3(dir_connection_t *conn,
return 0;
}
-/**
- * Handler function: processes a response to a request for a v2 hidden service
- * descriptor.
- **/
-static int
-handle_response_fetch_renddesc_v2(dir_connection_t *conn,
- const response_handler_args_t *args)
-{
- tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2);
- const int status_code = args->status_code;
- const char *reason = args->reason;
- const char *body = args->body;
- const size_t body_len = args->body_len;
-
-#define SEND_HS_DESC_FAILED_EVENT(reason) \
- (control_event_hsv2_descriptor_failed(conn->rend_data, \
- conn->identity_digest, \
- reason))
-#define SEND_HS_DESC_FAILED_CONTENT() \
- (control_event_hs_descriptor_content( \
- rend_data_get_address(conn->rend_data), \
- conn->requested_resource, \
- conn->identity_digest, \
- NULL))
-
- tor_assert(conn->rend_data);
- log_info(LD_REND,"Received rendezvous descriptor (body size %d, status %d "
- "(%s))",
- (int)body_len, status_code, escaped(reason));
- switch (status_code) {
- case 200:
- {
- rend_cache_entry_t *entry = NULL;
-
- if (rend_cache_store_v2_desc_as_client(body,
- conn->requested_resource,
- conn->rend_data, &entry) < 0) {
- log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
- "Retrying at another directory.");
- /* We'll retry when connection_about_to_close_connection()
- * cleans this dir conn up. */
- SEND_HS_DESC_FAILED_EVENT("BAD_DESC");
- SEND_HS_DESC_FAILED_CONTENT();
- } else {
- char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
- /* Should never be NULL here if we found the descriptor. */
- tor_assert(entry);
- rend_get_service_id(entry->parsed->pk, service_id);
-
- /* success. notify pending connections about this. */
- log_info(LD_REND, "Successfully fetched v2 rendezvous "
- "descriptor.");
- control_event_hsv2_descriptor_received(service_id,
- conn->rend_data,
- conn->identity_digest);
- control_event_hs_descriptor_content(service_id,
- conn->requested_resource,
- conn->identity_digest,
- body);
- conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2;
- memwipe(service_id, 0, sizeof(service_id));
- }
- break;
- }
- case 404:
- /* Not there. We'll retry when
- * connection_about_to_close_connection() cleans this conn up. */
- log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
- "Retrying at another directory.");
- SEND_HS_DESC_FAILED_EVENT("NOT_FOUND");
- SEND_HS_DESC_FAILED_CONTENT();
- break;
- case 400:
- log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
- "http status 400 (%s). Dirserver didn't like our "
- "v2 rendezvous query? Retrying at another directory.",
- escaped(reason));
- SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED");
- SEND_HS_DESC_FAILED_CONTENT();
- break;
- default:
- log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
- "http status %d (%s) response unexpected while "
- "fetching v2 hidden service descriptor (server %s). "
- "Retrying at another directory.",
- status_code, escaped(reason),
- connection_describe_peer(TO_CONN(conn)));
- SEND_HS_DESC_FAILED_EVENT("UNEXPECTED");
- SEND_HS_DESC_FAILED_CONTENT();
- break;
- }
-
- return 0;
-}
-
-/**
- * Handler function: processes a response to a POST request to upload a v2
- * hidden service descriptor.
- **/
-static int
-handle_response_upload_renddesc_v2(dir_connection_t *conn,
- const response_handler_args_t *args)
-{
- tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
- const int status_code = args->status_code;
- const char *reason = args->reason;
-
-#define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) \
- (control_event_hs_descriptor_upload_failed( \
- conn->identity_digest, \
- rend_data_get_address(conn->rend_data), \
- reason))
-
- log_info(LD_REND,"Uploaded rendezvous descriptor (status %d "
- "(%s))",
- status_code, escaped(reason));
- /* Without the rend data, we'll have a problem identifying what has been
- * uploaded for which service. */
- tor_assert(conn->rend_data);
- switch (status_code) {
- case 200:
- log_info(LD_REND,
- "Uploading rendezvous descriptor: finished with status "
- "200 (%s)", escaped(reason));
- control_event_hs_descriptor_uploaded(conn->identity_digest,
- rend_data_get_address(conn->rend_data));
- rend_service_desc_has_uploaded(conn->rend_data);
- break;
- case 400:
- log_warn(LD_REND,"http status 400 (%s) response from dirserver "
- "%s. Malformed rendezvous descriptor?",
- escaped(reason), connection_describe_peer(TO_CONN(conn)));
- SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED");
- break;
- default:
- log_warn(LD_REND,"http status %d (%s) response unexpected (server "
- "%s).",
- status_code, escaped(reason),
- connection_describe_peer(TO_CONN(conn)));
- SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED");
- break;
- }
-
- return 0;
-}
-
/**
* Handler function: processes a response to a POST request to upload an
* hidden service descriptor.
diff --git a/src/feature/dirclient/dirclient.h b/src/feature/dirclient/dirclient.h
index 096b197526..519cbb1211 100644
--- a/src/feature/dirclient/dirclient.h
+++ b/src/feature/dirclient/dirclient.h
@@ -74,8 +74,6 @@ void directory_request_set_payload(directory_request_t *req,
size_t payload_len);
void directory_request_set_if_modified_since(directory_request_t *req,
time_t if_modified_since);
-void directory_request_set_rend_query(directory_request_t *req,
- const rend_data_t *query);
void directory_request_upload_set_hs_ident(directory_request_t *req,
const hs_ident_dir_conn_t *ident);
void directory_request_fetch_set_hs_ident(directory_request_t *req,
@@ -125,8 +123,6 @@ struct directory_request_t {
size_t payload_len;
/** Value to send in an if-modified-since header, or 0 for none. */
time_t if_modified_since;
- /** Hidden-service-specific information v2. */
- const rend_data_t *rend_query;
/** Extra headers to append to the request */
struct config_line_t *additional_headers;
/** Hidden-service-specific information for v3+. */
diff --git a/src/feature/dircommon/dir_connection_st.h b/src/feature/dircommon/dir_connection_st.h
index 12230e6741..958dc623d4 100644
--- a/src/feature/dircommon/dir_connection_st.h
+++ b/src/feature/dircommon/dir_connection_st.h
@@ -42,9 +42,6 @@ struct dir_connection_t {
/** The compression object doing on-the-fly compression for spooled data. */
struct tor_compress_state_t *compress_state;
- /** What rendezvous service are we querying for? */
- rend_data_t *rend_data;
-
/* Hidden service connection identifier for dir connections: Used by HS
client-side code to fetch HS descriptors, and by the service-side code to
upload descriptors. */
diff --git a/src/feature/dircommon/directory.c b/src/feature/dircommon/directory.c
index 0029eb37a1..f264fd0750 100644
--- a/src/feature/dircommon/directory.c
+++ b/src/feature/dircommon/directory.c
@@ -142,9 +142,6 @@ purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose,
case DIR_PURPOSE_FETCH_MICRODESC:
return 0;
case DIR_PURPOSE_HAS_FETCHED_HSDESC:
- case DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2:
- case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
- case DIR_PURPOSE_FETCH_RENDDESC_V2:
case DIR_PURPOSE_FETCH_HSDESC:
case DIR_PURPOSE_UPLOAD_HSDESC:
return 1;
diff --git a/src/feature/dircommon/directory.h b/src/feature/dircommon/directory.h
index 0aa2ff53ef..5e4b097816 100644
--- a/src/feature/dircommon/directory.h
+++ b/src/feature/dircommon/directory.h
@@ -30,10 +30,7 @@ const dir_connection_t *CONST_TO_DIR_CONN(const connection_t *c);
#define DIR_CONN_STATE_SERVER_WRITING 6
#define DIR_CONN_STATE_MAX_ 6
-#define DIR_PURPOSE_MIN_ 4
-/** A connection to a directory server: set after a v2 rendezvous
- * descriptor is downloaded. */
-#define DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 4
+#define DIR_PURPOSE_MIN_ 6
/** A connection to a directory server: download one or more server
* descriptors. */
#define DIR_PURPOSE_FETCH_SERVERDESC 6
@@ -61,12 +58,9 @@ const dir_connection_t *CONST_TO_DIR_CONN(const connection_t *c);
/** Purpose for connection at a directory server. */
#define DIR_PURPOSE_SERVER 16
-/** A connection to a hidden service directory server: upload a v2 rendezvous
- * descriptor. */
-#define DIR_PURPOSE_UPLOAD_RENDDESC_V2 17
-/** A connection to a hidden service directory server: download a v2 rendezvous
- * descriptor. */
-#define DIR_PURPOSE_FETCH_RENDDESC_V2 18
+
+/** Value 17 and 18 were onion service v2 purposes. */
+
/** A connection to a directory server: download a microdescriptor. */
#define DIR_PURPOSE_FETCH_MICRODESC 19
/** A connection to a hidden service directory: upload a v3 descriptor. */
@@ -84,7 +78,6 @@ const dir_connection_t *CONST_TO_DIR_CONN(const connection_t *c);
((p)==DIR_PURPOSE_UPLOAD_DIR || \
(p)==DIR_PURPOSE_UPLOAD_VOTE || \
(p)==DIR_PURPOSE_UPLOAD_SIGNATURES || \
- (p)==DIR_PURPOSE_UPLOAD_RENDDESC_V2 || \
(p)==DIR_PURPOSE_UPLOAD_HSDESC)
enum compress_method_t;
diff --git a/src/feature/hs/hs_cache.c b/src/feature/hs/hs_cache.c
index 765323df0d..ac43e78767 100644
--- a/src/feature/hs/hs_cache.c
+++ b/src/feature/hs/hs_cache.c
@@ -19,13 +19,15 @@
#include "feature/hs/hs_descriptor.h"
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/networkstatus.h"
-#include "feature/rend/rendcache.h"
#include "feature/stats/rephist.h"
#include "feature/hs/hs_cache.h"
#include "feature/nodelist/networkstatus_st.h"
+/* Total counter of the cache size. */
+static size_t hs_cache_total_allocation = 0;
+
static int cached_client_descriptor_has_expired(time_t now,
const hs_cache_client_descriptor_t *cached_desc);
@@ -164,7 +166,7 @@ cache_store_v3_as_dir(hs_cache_dir_descriptor_t *desc)
* remove the entry we currently have from our cache so we can then
* store the new one. */
remove_v3_desc_as_dir(cache_entry);
- rend_cache_decrement_allocation(cache_get_dir_entry_size(cache_entry));
+ hs_cache_decrement_allocation(cache_get_dir_entry_size(cache_entry));
cache_dir_desc_free(cache_entry);
}
/* Store the descriptor we just got. We are sure here that either we
@@ -174,7 +176,7 @@ cache_store_v3_as_dir(hs_cache_dir_descriptor_t *desc)
/* Update our total cache size with this entry for the OOM. This uses the
* old HS protocol cache subsystem for which we are tied with. */
- rend_cache_increment_allocation(cache_get_dir_entry_size(desc));
+ hs_cache_increment_allocation(cache_get_dir_entry_size(desc));
/* Update HSv3 statistics */
if (get_options()->HiddenServiceStatistics) {
@@ -259,7 +261,7 @@ cache_clean_v3_as_dir(time_t now, time_t global_cutoff)
/* Entry is not in the cache anymore, destroy it. */
cache_dir_desc_free(entry);
/* Update our cache entry allocation size for the OOM. */
- rend_cache_decrement_allocation(entry_size);
+ hs_cache_decrement_allocation(entry_size);
/* Logging. */
{
char key_b64[BASE64_DIGEST256_LEN + 1];
@@ -336,12 +338,6 @@ hs_cache_lookup_as_dir(uint32_t version, const char *query,
void
hs_cache_clean_as_dir(time_t now)
{
- time_t cutoff;
-
- /* Start with v2 cache cleaning. */
- cutoff = now - rend_cache_max_entry_lifetime();
- rend_cache_clean_v2_descs_as_dir(cutoff);
-
/* Now, clean the v3 cache. Set the cutoff to 0 telling the cleanup function
* to compute the cutoff by itself using the lifetime value. */
cache_clean_v3_as_dir(now, 0);
@@ -387,7 +383,7 @@ remove_v3_desc_as_client(const hs_cache_client_descriptor_t *desc)
tor_assert(desc);
digest256map_remove(hs_cache_v3_client, desc->key.pubkey);
/* Update cache size with this entry for the OOM handler. */
- rend_cache_decrement_allocation(cache_get_client_entry_size(desc));
+ hs_cache_decrement_allocation(cache_get_client_entry_size(desc));
}
/** Store a given descriptor in our cache. */
@@ -397,7 +393,7 @@ store_v3_desc_as_client(hs_cache_client_descriptor_t *desc)
tor_assert(desc);
digest256map_set(hs_cache_v3_client, desc->key.pubkey, desc);
/* Update cache size with this entry for the OOM handler. */
- rend_cache_increment_allocation(cache_get_client_entry_size(desc));
+ hs_cache_increment_allocation(cache_get_client_entry_size(desc));
}
/** Query our cache and return the entry or NULL if not found or if expired. */
@@ -796,7 +792,7 @@ cache_clean_v3_as_client(time_t now)
cache_client_desc_free(entry);
/* Update our OOM. We didn't use the remove() function because we are in
* a loop so we have to explicitly decrement. */
- rend_cache_decrement_allocation(entry_size);
+ hs_cache_decrement_allocation(entry_size);
/* Logging. */
{
char key_b64[BASE64_DIGEST256_LEN + 1];
@@ -934,8 +930,6 @@ hs_cache_remove_as_client(const ed25519_public_key_t *key)
void
hs_cache_clean_as_client(time_t now)
{
- /* Start with v2 cache cleaning. */
- rend_cache_clean(now, REND_CACHE_TYPE_CLIENT);
/* Now, clean the v3 cache. Set the cutoff to 0 telling the cleanup function
* to compute the cutoff by itself using the lifetime value. */
cache_clean_v3_as_client(now);
@@ -952,7 +946,7 @@ hs_cache_purge_as_client(void)
cache_client_desc_free(entry);
/* Update our OOM. We didn't use the remove() function because we are in
* a loop so we have to explicitly decrement. */
- rend_cache_decrement_allocation(entry_size);
+ hs_cache_decrement_allocation(entry_size);
} DIGEST256MAP_FOREACH_END;
log_info(LD_REND, "Hidden service client descriptor cache purged.");
@@ -1074,19 +1068,16 @@ hs_cache_handle_oom(time_t now, size_t min_remove_bytes)
/* The algorithm is as follow. K is the oldest expected descriptor age.
*
- * 1) Deallocate all entries from v2 cache that are older than K hours.
- * 1.1) If the amount of remove bytes has been reached, stop.
- * 2) Deallocate all entries from v3 cache that are older than K hours
+ * 1) Deallocate all entries from v3 cache that are older than K hours
* 2.1) If the amount of remove bytes has been reached, stop.
- * 3) Set K = K - RendPostPeriod and repeat process until K is < 0.
+ * 2) Set K = K - RendPostPeriod and repeat process until K is < 0.
*
* This ends up being O(Kn).
*/
/* Set K to the oldest expected age in seconds which is the maximum
- * lifetime of a cache entry. We'll use the v2 lifetime because it's much
- * bigger than the v3 thus leading to cleaning older descriptors. */
- k = rend_cache_max_entry_lifetime();
+ * lifetime of a cache entry. */
+ k = hs_cache_max_entry_lifetime();
do {
time_t cutoff;
@@ -1099,9 +1090,6 @@ hs_cache_handle_oom(time_t now, size_t min_remove_bytes)
/* Compute a cutoff value with K and the current time. */
cutoff = now - k;
- /* Start by cleaning the v2 cache with that cutoff. */
- bytes_removed += rend_cache_clean_v2_descs_as_dir(cutoff);
-
if (bytes_removed < min_remove_bytes) {
/* We haven't remove enough bytes so clean v3 cache. */
bytes_removed += cache_clean_v3_as_dir(now, cutoff);
@@ -1150,4 +1138,45 @@ hs_cache_free_all(void)
digest256map_free(hs_cache_client_intro_state,
cache_client_intro_state_free_void);
hs_cache_client_intro_state = NULL;
+ hs_cache_total_allocation = 0;
+}
+
+/* Return total size of the cache. */
+size_t
+hs_cache_get_total_allocation(void)
+{
+ return hs_cache_total_allocation;
+}
+
+/** Decrement the total bytes attributed to the rendezvous cache by n. */
+void
+hs_cache_decrement_allocation(size_t n)
+{
+ static int have_underflowed = 0;
+
+ if (hs_cache_total_allocation >= n) {
+ hs_cache_total_allocation -= n;
+ } else {
+ hs_cache_total_allocation = 0;
+ if (! have_underflowed) {
+ have_underflowed = 1;
+ log_warn(LD_BUG, "Underflow in hs_cache_decrement_allocation");
+ }
+ }
+}
+
+/** Increase the total bytes attributed to the rendezvous cache by n. */
+void
+hs_cache_increment_allocation(size_t n)
+{
+ static int have_overflowed = 0;
+ if (hs_cache_total_allocation <= SIZE_MAX - n) {
+ hs_cache_total_allocation += n;
+ } else {
+ hs_cache_total_allocation = SIZE_MAX;
+ if (! have_overflowed) {
+ have_overflowed = 1;
+ log_warn(LD_BUG, "Overflow in hs_cache_increment_allocation");
+ }
+ }
}
diff --git a/src/feature/hs/hs_cache.h b/src/feature/hs/hs_cache.h
index bb3c77f224..e8165569db 100644
--- a/src/feature/hs/hs_cache.h
+++ b/src/feature/hs/hs_cache.h
@@ -21,6 +21,14 @@ struct ed25519_public_key_t;
/** This is the maximum time an introduction point state object can stay in the
* client cache in seconds (2 mins or 120 seconds). */
#define HS_CACHE_CLIENT_INTRO_STATE_MAX_AGE (2 * 60)
+/** How old do we let hidden service descriptors get before discarding
+ * them as too old? */
+#define HS_CACHE_MAX_AGE (2*24*60*60)
+/** How wrong do we assume our clock may be when checking whether hidden
+ * services are too old or too new? */
+#define HS_CACHE_MAX_SKEW (24*60*60)
+/** How old do we keep an intro point failure entry in the failure cache? */
+#define HS_CACHE_FAILURE_MAX_AGE (5*60)
/** Introduction point state. */
typedef struct hs_cache_intro_state_t {
@@ -57,7 +65,6 @@ typedef struct hs_cache_dir_descriptor_t {
/** Descriptor plaintext information. Obviously, we can't decrypt the
* encrypted part of the descriptor. */
hs_desc_plaintext_data_t *plaintext_data;
-
/** Encoded descriptor which is basically in text form. It's a NUL terminated
* string thus safe to strlen(). */
char *encoded_desc;
@@ -65,6 +72,13 @@ typedef struct hs_cache_dir_descriptor_t {
/* Public API */
+/* Return maximum lifetime in seconds of a cache entry. */
+static inline time_t
+hs_cache_max_entry_lifetime(void)
+{
+ return HS_CACHE_MAX_AGE + HS_CACHE_MAX_SKEW;
+}
+
void hs_cache_init(void);
void hs_cache_free_all(void);
void hs_cache_clean_as_dir(time_t now);
@@ -102,6 +116,10 @@ void hs_cache_client_intro_state_purge(void);
bool hs_cache_client_new_auth_parse(const ed25519_public_key_t *service_pk);
+size_t hs_cache_get_total_allocation(void);
+void hs_cache_decrement_allocation(size_t n);
+void hs_cache_increment_allocation(size_t n);
+
#ifdef HS_CACHE_PRIVATE
#include "lib/crypt_ops/crypto_ed25519.h"
diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c
index 8bdaa4922a..01dd39e231 100644
--- a/src/feature/hs/hs_cell.c
+++ b/src/feature/hs/hs_cell.c
@@ -9,7 +9,6 @@
#include "core/or/or.h"
#include "app/config/config.h"
#include "lib/crypt_ops/crypto_util.h"
-#include "feature/rend/rendservice.h"
#include "feature/hs_common/replaycache.h"
#include "feature/hs/hs_cell.h"
@@ -194,37 +193,10 @@ parse_introduce2_encrypted(const uint8_t *decrypted_data,
return NULL;
}
-/** Build a legacy ESTABLISH_INTRO cell with the given circuit nonce and RSA
- * encryption key. The encoded cell is put in cell_out that MUST at least be
- * of the size of RELAY_PAYLOAD_SIZE. Return the encoded cell length on
- * success else a negative value and cell_out is untouched. */
-static ssize_t
-build_legacy_establish_intro(const char *circ_nonce, crypto_pk_t *enc_key,
- uint8_t *cell_out)
-{
- ssize_t cell_len;
-
- tor_assert(circ_nonce);
- tor_assert(enc_key);
- tor_assert(cell_out);
-
- memwipe(cell_out, 0, RELAY_PAYLOAD_SIZE);
-
- cell_len = rend_service_encode_establish_intro_cell((char*)cell_out,
- RELAY_PAYLOAD_SIZE,
- enc_key, circ_nonce);
- return cell_len;
-}
-
/** Parse an INTRODUCE2 cell from payload of size payload_len for the given
* service and circuit which are used only for logging purposes. The resulting
* parsed cell is put in cell_ptr_out.
*
- * This function only parses prop224 INTRODUCE2 cells even when the intro point
- * is a legacy intro point. That's because intro points don't actually care
- * about the contents of the introduce cell. Legacy INTRODUCE cells are only
- * used by the legacy system now.
- *
* Return 0 on success else a negative value and cell_ptr_out is untouched. */
static int
parse_introduce2_cell(const hs_service_t *service,
@@ -457,28 +429,6 @@ introduce1_set_auth_key(trn_cell_introduce1_t *cell,
data->auth_pk->pubkey, trn_cell_introduce1_getlen_auth_key(cell));
}
-/** Set the legacy ID field in the INTRODUCE1 cell from the given data. */
-static void
-introduce1_set_legacy_id(trn_cell_introduce1_t *cell,
- const hs_cell_introduce1_data_t *data)
-{
- tor_assert(cell);
- tor_assert(data);
-
- if (data->is_legacy) {
- uint8_t digest[DIGEST_LEN];
- if (BUG(crypto_pk_get_digest(data->legacy_key, (char *) digest) < 0)) {
- return;
- }
- memcpy(trn_cell_introduce1_getarray_legacy_key_id(cell),
- digest, trn_cell_introduce1_getlen_legacy_key_id(cell));
- } else {
- /* We have to zeroed the LEGACY_KEY_ID field. */
- memset(trn_cell_introduce1_getarray_legacy_key_id(cell), 0,
- trn_cell_introduce1_getlen_legacy_key_id(cell));
- }
-}
-
/** Build and add to the given DoS cell extension the given parameter type and
* value. */
static void
@@ -608,8 +558,7 @@ build_establish_intro_extensions(const hs_service_config_t *service_config,
/** Build an ESTABLISH_INTRO cell with the given circuit nonce and intro point
* object. The encoded cell is put in cell_out that MUST at least be of the
* size of RELAY_PAYLOAD_SIZE. Return the encoded cell length on success else
- * a negative value and cell_out is untouched. This function also supports
- * legacy cell creation. */
+ * a negative value and cell_out is untouched. */
ssize_t
hs_cell_build_establish_intro(const char *circ_nonce,
const hs_service_config_t *service_config,
@@ -625,16 +574,6 @@ hs_cell_build_establish_intro(const char *circ_nonce,
tor_assert(service_config);
tor_assert(ip);
- /* Quickly handle the legacy IP. */
- if (ip->base.is_only_legacy) {
- tor_assert(ip->legacy_key);
- cell_len = build_legacy_establish_intro(circ_nonce, ip->legacy_key,
- cell_out);
- tor_assert(cell_len <= RELAY_PAYLOAD_SIZE);
- /* Success or not we are done here. */
- goto done;
- }
-
/* Build the extensions, if any. */
extensions = build_establish_intro_extensions(service_config, ip);
@@ -1022,9 +961,6 @@ hs_cell_build_introduce1(const hs_cell_introduce1_data_t *data,
trn_cell_extension_set_num(ext, 0);
trn_cell_introduce1_set_extensions(cell, ext);
- /* Set the legacy ID field. */
- introduce1_set_legacy_id(cell, data);
-
/* Set the authentication key. */
introduce1_set_auth_key(cell, data);
@@ -1067,18 +1003,6 @@ hs_cell_parse_introduce_ack(const uint8_t *payload, size_t payload_len)
tor_assert(payload);
- /* If it is a legacy IP, rend-spec.txt specifies that a ACK is 0 byte and a
- * NACK is 1 byte. We can't use the legacy function for this so we have to
- * do a special case. */
- if (payload_len <= 1) {
- if (payload_len == 0) {
- ret = TRUNNEL_HS_INTRO_ACK_STATUS_SUCCESS;
- } else {
- ret = TRUNNEL_HS_INTRO_ACK_STATUS_UNKNOWN_ID;
- }
- goto end;
- }
-
if (trn_cell_introduce_ack_parse(&cell, payload, payload_len) < 0) {
log_info(LD_REND, "Invalid INTRODUCE_ACK cell. Unable to parse it.");
goto end;
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
index b246ab423c..548e1cbe2a 100644
--- a/src/feature/hs/hs_circuit.c
+++ b/src/feature/hs/hs_circuit.c
@@ -28,7 +28,6 @@
#include "feature/hs/hs_service.h"
#include "feature/nodelist/describe.h"
#include "feature/nodelist/nodelist.h"
-#include "feature/rend/rendservice.h"
#include "feature/stats/rephist.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_rand.h"
@@ -105,57 +104,6 @@ create_rend_cpath(const uint8_t *ntor_key_seed, size_t seed_len,
return cpath;
}
-/** We are a v2 legacy HS client: Create and return a crypt path for the hidden
- * service on the other side of the rendezvous circuit <b>circ</b>. Initialize
- * the crypt path crypto using the body of the RENDEZVOUS1 cell at
- * <b>rend_cell_body</b> (which must be at least DH1024_KEY_LEN+DIGEST_LEN
- * bytes).
- */
-static crypt_path_t *
-create_rend_cpath_legacy(origin_circuit_t *circ, const uint8_t *rend_cell_body)
-{
- crypt_path_t *hop = NULL;
- char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];
-
- /* first DH1024_KEY_LEN bytes are g^y from the service. Finish the dh
- * handshake...*/
- tor_assert(circ->build_state);
- tor_assert(circ->build_state->pending_final_cpath);
- hop = circ->build_state->pending_final_cpath;
-
- tor_assert(hop->rend_dh_handshake_state);
- if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN, hop->rend_dh_handshake_state,
- (char*)rend_cell_body, DH1024_KEY_LEN,
- keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
- log_warn(LD_GENERAL, "Couldn't complete DH handshake.");
- goto err;
- }
- /* ... and set up cpath. */
- if (cpath_init_circuit_crypto(hop,
- keys+DIGEST_LEN, sizeof(keys)-DIGEST_LEN,
- 0, 0) < 0)
- goto err;
-
- /* Check whether the digest is right... */
- if (tor_memneq(keys, rend_cell_body+DH1024_KEY_LEN, DIGEST_LEN)) {
- log_warn(LD_PROTOCOL, "Incorrect digest of key material.");
- goto err;
- }
-
- /* clean up the crypto stuff we just made */
- crypto_dh_free(hop->rend_dh_handshake_state);
- hop->rend_dh_handshake_state = NULL;
-
- goto done;
-
- err:
- hop = NULL;
-
- done:
- memwipe(keys, 0, sizeof(keys));
- return hop;
-}
-
/** Append the final <b>hop</b> to the cpath of the rend <b>circ</b>, and mark
* <b>circ</b> ready for use to transfer HS relay cells. */
static void
@@ -184,13 +132,6 @@ finalize_rend_circuit(origin_circuit_t *circ, crypt_path_t *hop,
/* Append the hop to the cpath of this circuit */
cpath_extend_linked_list(&circ->cpath, hop);
- /* In legacy code, 'pending_final_cpath' points to the final hop we just
- * appended to the cpath. We set the original pointer to NULL so that we
- * don't double free it. */
- if (circ->build_state) {
- circ->build_state->pending_final_cpath = NULL;
- }
-
/* Finally, mark circuit as ready to be used for client streams */
if (!is_service_side) {
circuit_try_attaching_streams(circ);
@@ -198,7 +139,7 @@ finalize_rend_circuit(origin_circuit_t *circ, crypt_path_t *hop,
}
/** For a given circuit and a service introduction point object, register the
- * intro circuit to the circuitmap. This supports legacy intro point. */
+ * intro circuit to the circuitmap. */
static void
register_intro_circ(const hs_service_intro_point_t *ip,
origin_circuit_t *circ)
@@ -206,13 +147,8 @@ register_intro_circ(const hs_service_intro_point_t *ip,
tor_assert(ip);
tor_assert(circ);
- if (ip->base.is_only_legacy) {
- hs_circuitmap_register_intro_circ_v2_service_side(circ,
- ip->legacy_key_digest);
- } else {
- hs_circuitmap_register_intro_circ_v3_service_side(circ,
- &ip->auth_key_kp.pubkey);
- }
+ hs_circuitmap_register_intro_circ_v3_service_side(circ,
+ &ip->auth_key_kp.pubkey);
}
/** Return the number of opened introduction circuit for the given circuit that
@@ -605,10 +541,6 @@ setup_introduce1_data(const hs_desc_intro_point_t *ip,
/* Populate the introduce1 data object. */
memset(intro1_data, 0, sizeof(hs_cell_introduce1_data_t));
- if (ip->legacy.key != NULL) {
- intro1_data->is_legacy = 1;
- intro1_data->legacy_key = ip->legacy.key;
- }
intro1_data->auth_pk = &ip->auth_key_cert->signed_key;
intro1_data->enc_pk = &ip->enc_key;
intro1_data->subcredential = subcredential;
@@ -635,8 +567,8 @@ cleanup_on_close_client_circ(circuit_t *circ)
if (circuit_is_hs_v3(circ)) {
hs_client_circuit_cleanup_on_close(circ);
}
- /* It is possible the circuit has an HS purpose but no identifier (rend_data
- * or hs_ident). Thus possible that this passes through. */
+ /* It is possible the circuit has an HS purpose but no identifier (hs_ident).
+ * Thus possible that this passes through. */
}
/** Helper: cleanup function for client circuit. This is for every HS version.
@@ -649,8 +581,8 @@ cleanup_on_free_client_circ(circuit_t *circ)
if (circuit_is_hs_v3(circ)) {
hs_client_circuit_cleanup_on_free(circ);
}
- /* It is possible the circuit has an HS purpose but no identifier (rend_data
- * or hs_ident). Thus possible that this passes through. */
+ /* It is possible the circuit has an HS purpose but no identifier (hs_ident).
+ * Thus possible that this passes through. */
}
/* ========== */
@@ -664,12 +596,7 @@ hs_circ_service_get_intro_circ(const hs_service_intro_point_t *ip)
{
tor_assert(ip);
- if (ip->base.is_only_legacy) {
- return hs_circuitmap_get_intro_circ_v2_service_side(ip->legacy_key_digest);
- } else {
- return hs_circuitmap_get_intro_circ_v3_service_side(
- &ip->auth_key_kp.pubkey);
- }
+ return hs_circuitmap_get_intro_circ_v3_service_side(&ip->auth_key_kp.pubkey);
}
/** Return an introduction point established circuit matching the given intro
@@ -682,12 +609,7 @@ hs_circ_service_get_established_intro_circ(const hs_service_intro_point_t *ip)
tor_assert(ip);
- if (ip->base.is_only_legacy) {
- circ = hs_circuitmap_get_intro_circ_v2_service_side(ip->legacy_key_digest);
- } else {
- circ = hs_circuitmap_get_intro_circ_v3_service_side(
- &ip->auth_key_kp.pubkey);
- }
+ circ = hs_circuitmap_get_intro_circ_v3_service_side(&ip->auth_key_kp.pubkey);
/* Only return circuit if it is established. */
return (circ && TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_INTRO) ?
@@ -695,8 +617,7 @@ hs_circ_service_get_established_intro_circ(const hs_service_intro_point_t *ip)
}
/** Called when we fail building a rendezvous circuit at some point other than
- * the last hop: launches a new circuit to the same rendezvous point. This
- * supports legacy service.
+ * the last hop: launches a new circuit to the same rendezvous point.
*
* We currently relaunch connections to rendezvous points if:
* - A rendezvous circuit timed out before connecting to RP.
@@ -726,8 +647,6 @@ hs_circ_retry_service_rendezvous_point(origin_circuit_t *circ)
/* Legacy services don't have a hidden service ident. */
if (circ->hs_ident) {
retry_service_rendezvous_point(circ);
- } else {
- rend_service_relaunch_rendezvous(circ);
}
done:
@@ -762,9 +681,7 @@ hs_circ_launch_intro_point(hs_service_t *service,
goto end;
}
/* We only use a one-hop path on the first attempt. If the first attempt
- * fails, we use a 3-hop path for reachability / reliability.
- * (Unlike v2, retries is incremented by the caller before it calls this
- * function.) */
+ * fails, we use a 3-hop path for reachability / reliability. */
if (direct_conn && ip->circuit_retries == 1) {
circ_flags |= CIRCLAUNCH_ONEHOP_TUNNEL;
}
@@ -952,10 +869,8 @@ hs_circ_handle_intro_established(const hs_service_t *service,
}
/* Try to parse the payload into a cell making sure we do actually have a
- * valid cell. For a legacy node, it's an empty payload so as long as we
- * have the cell, we are good. */
- if (!ip->base.is_only_legacy &&
- hs_cell_parse_intro_established(payload, payload_len) < 0) {
+ * valid cell. */
+ if (hs_cell_parse_intro_established(payload, payload_len) < 0) {
log_warn(LD_REND, "Unable to parse the INTRO_ESTABLISHED cell on "
"circuit %u for service %s",
TO_CIRCUIT(circ)->n_circ_id,
@@ -1112,31 +1027,6 @@ hs_circuit_setup_e2e_rend_circ(origin_circuit_t *circ,
return 0;
}
-/** We are a v2 legacy HS client and we just received a RENDEZVOUS1 cell
- * <b>rend_cell_body</b> on <b>circ</b>. Finish up the DH key exchange and then
- * extend the crypt path of <b>circ</b> so that the hidden service is on the
- * other side. */
-int
-hs_circuit_setup_e2e_rend_circ_legacy_client(origin_circuit_t *circ,
- const uint8_t *rend_cell_body)
-{
-
- if (BUG(!circuit_purpose_is_correct_for_rend(
- TO_CIRCUIT(circ)->purpose, 0))) {
- return -1;
- }
-
- crypt_path_t *hop = create_rend_cpath_legacy(circ, rend_cell_body);
- if (!hop) {
- log_warn(LD_GENERAL, "Couldn't get v2 cpath.");
- return -1;
- }
-
- finalize_rend_circuit(circ, hop, 0);
-
- return 0;
-}
-
/** Given the introduction circuit intro_circ, the rendezvous circuit
* rend_circ, a descriptor intro point object ip and the service's
* subcredential, send an INTRODUCE1 cell on intro_circ.
@@ -1381,31 +1271,20 @@ hs_circ_is_rend_sent_in_intro1(const origin_circuit_t *circ)
* confirmed rendezsvous circuit but without an introduction ACK. */
tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_C_REND_READY);
- /* The v2 and v3 circuit are handled differently:
- *
- * v2: A circ's pending_final_cpath field is non-NULL iff it is a rend circ
- * and we have tried to send an INTRODUCE1 cell specifying it. Thus, if the
- * pending_final_cpath field *is* NULL, then we want to not spare it.
- *
- * v3: When the INTRODUCE1 cell is sent, the introduction encryption public
+ /* When the INTRODUCE1 cell is sent, the introduction encryption public
* key is copied in the rendezvous circuit hs identifier. If it is a valid
* key, we know that this circuit is waiting the ACK on the introduction
* circuit. We want to _not_ spare the circuit if the key was never set. */
- if (circ->rend_data) {
- /* v2. */
- if (circ->build_state && circ->build_state->pending_final_cpath != NULL) {
- return true;
- }
- } else if (circ->hs_ident) {
+ if (circ->hs_ident) {
/* v3. */
if (curve25519_public_key_is_ok(&circ->hs_ident->intro_enc_pk)) {
return true;
}
} else {
- /* A circuit with an HS purpose without an hs_ident or rend_data in theory
- * can not happen. In case, scream loudly and return false to the caller
- * that the rendezvous was not sent in the INTRO1 cell. */
+ /* A circuit with an HS purpose without an hs_ident in theory can not
+ * happen. In case, scream loudly and return false to the caller that the
+ * rendezvous was not sent in the INTRO1 cell. */
tor_assert_nonfatal_unreached();
}
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index 28bbe72459..f1c17f4f90 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1950,11 +1950,6 @@ hs_client_note_connection_attempt_succeeded(const edge_connection_t *conn)
{
tor_assert(connection_edge_is_rendezvous_stream(conn));
- if (BUG(conn->rend_data && conn->hs_ident)) {
- log_warn(LD_BUG, "Stream had both rend_data and hs_ident..."
- "Prioritizing hs_ident");
- }
-
if (conn->hs_ident) { /* It's v3: pass it to the prop224 handler */
note_connection_attempt_succeeded(conn->hs_ident);
return;
@@ -2094,8 +2089,6 @@ hs_client_circuit_has_opened(origin_circuit_t *circ)
{
tor_assert(circ);
- /* Handle both version. v2 uses rend_data and v3 uses the hs circuit
- * identifier hs_ident. Can't be both. */
switch (TO_CIRCUIT(circ)->purpose) {
case CIRCUIT_PURPOSE_C_INTRODUCING:
if (circ->hs_ident) {
diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c
index 55cc4d5518..ae4a9cd970 100644
--- a/src/feature/hs/hs_common.c
+++ b/src/feature/hs/hs_common.c
@@ -33,7 +33,6 @@
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerset.h"
#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
#include "feature/relay/routermode.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
@@ -337,258 +336,6 @@ hs_get_start_time_of_next_time_period(time_t now)
return (time_t)(start_of_next_tp_in_mins * 60 + time_period_rotation_offset);
}
-/** Create a new rend_data_t for a specific given <b>version</b>.
- * Return a pointer to the newly allocated data structure. */
-static rend_data_t *
-rend_data_alloc(uint32_t version)
-{
- rend_data_t *rend_data = NULL;
-
- switch (version) {
- case HS_VERSION_TWO:
- {
- rend_data_v2_t *v2 = tor_malloc_zero(sizeof(*v2));
- v2->base_.version = HS_VERSION_TWO;
- v2->base_.hsdirs_fp = smartlist_new();
- rend_data = &v2->base_;
- break;
- }
- default:
- tor_assert(0);
- break;
- }
-
- return rend_data;
-}
-
-/** Free all storage associated with <b>data</b> */
-void
-rend_data_free_(rend_data_t *data)
-{
- if (!data) {
- return;
- }
- /* By using our allocation function, this should always be set. */
- tor_assert(data->hsdirs_fp);
- /* Cleanup the HSDir identity digest. */
- SMARTLIST_FOREACH(data->hsdirs_fp, char *, d, tor_free(d));
- smartlist_free(data->hsdirs_fp);
- /* Depending on the version, cleanup. */
- switch (data->version) {
- case HS_VERSION_TWO:
- {
- rend_data_v2_t *v2_data = TO_REND_DATA_V2(data);
- tor_free(v2_data);
- break;
- }
- default:
- tor_assert(0);
- }
-}
-
-/** Allocate and return a deep copy of <b>data</b>. */
-rend_data_t *
-rend_data_dup(const rend_data_t *data)
-{
- rend_data_t *data_dup = NULL;
- smartlist_t *hsdirs_fp = smartlist_new();
-
- tor_assert(data);
- tor_assert(data->hsdirs_fp);
-
- SMARTLIST_FOREACH(data->hsdirs_fp, char *, fp,
- smartlist_add(hsdirs_fp, tor_memdup(fp, DIGEST_LEN)));
-
- switch (data->version) {
- case HS_VERSION_TWO:
- {
- rend_data_v2_t *v2_data = tor_memdup(TO_REND_DATA_V2(data),
- sizeof(*v2_data));
- data_dup = &v2_data->base_;
- data_dup->hsdirs_fp = hsdirs_fp;
- break;
- }
- default:
- tor_assert(0);
- break;
- }
-
- return data_dup;
-}
-
-/** Compute the descriptor ID for each HS descriptor replica and save them. A
- * valid onion address must be present in the <b>rend_data</b>.
- *
- * Return 0 on success else -1. */
-static int
-compute_desc_id(rend_data_t *rend_data)
-{
- int ret = 0;
- unsigned replica;
- time_t now = time(NULL);
-
- tor_assert(rend_data);
-
- switch (rend_data->version) {
- case HS_VERSION_TWO:
- {
- rend_data_v2_t *v2_data = TO_REND_DATA_V2(rend_data);
- /* Compute descriptor ID for each replicas. */
- for (replica = 0; replica < ARRAY_LENGTH(v2_data->descriptor_id);
- replica++) {
- ret = rend_compute_v2_desc_id(v2_data->descriptor_id[replica],
- v2_data->onion_address,
- v2_data->descriptor_cookie,
- now, replica);
- if (ret < 0) {
- goto end;
- }
- }
- break;
- }
- default:
- tor_assert(0);
- }
-
- end:
- return ret;
-}
-
-/** Allocate and initialize a rend_data_t object for a service using the
- * provided arguments. All arguments are optional (can be NULL), except from
- * <b>onion_address</b> which MUST be set. The <b>pk_digest</b> is the hash of
- * the service private key. The <b>cookie</b> is the rendezvous cookie and
- * <b>auth_type</b> is which authentiation this service is configured with.
- *
- * Return a valid rend_data_t pointer. This only returns a version 2 object of
- * rend_data_t. */
-rend_data_t *
-rend_data_service_create(const char *onion_address, const char *pk_digest,
- const uint8_t *cookie, rend_auth_type_t auth_type)
-{
- /* Create a rend_data_t object for version 2. */
- rend_data_t *rend_data = rend_data_alloc(HS_VERSION_TWO);
- rend_data_v2_t *v2= TO_REND_DATA_V2(rend_data);
-
- /* We need at least one else the call is wrong. */
- tor_assert(onion_address != NULL);
-
- if (pk_digest) {
- memcpy(v2->rend_pk_digest, pk_digest, sizeof(v2->rend_pk_digest));
- }
- if (cookie) {
- memcpy(rend_data->rend_cookie, cookie, sizeof(rend_data->rend_cookie));
- }
-
- strlcpy(v2->onion_address, onion_address, sizeof(v2->onion_address));
- v2->auth_type = auth_type;
-
- return rend_data;
-}
-
-/** Allocate and initialize a rend_data_t object for a client request using the
- * given arguments. Either an onion address or a descriptor ID is needed. Both
- * can be given but in this case only the onion address will be used to make
- * the descriptor fetch. The <b>cookie</b> is the rendezvous cookie and
- * <b>auth_type</b> is which authentiation the service is configured with.
- *
- * Return a valid rend_data_t pointer or NULL on error meaning the
- * descriptor IDs couldn't be computed from the given data. */
-rend_data_t *
-rend_data_client_create(const char *onion_address, const char *desc_id,
- const char *cookie, rend_auth_type_t auth_type)
-{
- /* Create a rend_data_t object for version 2. */
- rend_data_t *rend_data = rend_data_alloc(HS_VERSION_TWO);
- rend_data_v2_t *v2= TO_REND_DATA_V2(rend_data);
-
- /* We need at least one else the call is wrong. */
- tor_assert(onion_address != NULL || desc_id != NULL);
-
- if (cookie) {
- memcpy(v2->descriptor_cookie, cookie, sizeof(v2->descriptor_cookie));
- }
- if (desc_id) {
- memcpy(v2->desc_id_fetch, desc_id, sizeof(v2->desc_id_fetch));
- }
- if (onion_address) {
- strlcpy(v2->onion_address, onion_address, sizeof(v2->onion_address));
- if (compute_desc_id(rend_data) < 0) {
- goto error;
- }
- }
-
- v2->auth_type = auth_type;
-
- return rend_data;
-
- error:
- rend_data_free(rend_data);
- return NULL;
-}
-
-/** Return the onion address from the rend data. Depending on the version,
- * the size of the address can vary but it's always NUL terminated. */
-const char *
-rend_data_get_address(const rend_data_t *rend_data)
-{
- tor_assert(rend_data);
-
- switch (rend_data->version) {
- case HS_VERSION_TWO:
- return TO_REND_DATA_V2(rend_data)->onion_address;
- default:
- /* We should always have a supported version. */
- tor_assert_unreached();
- }
-}
-
-/** Return the descriptor ID for a specific replica number from the rend
- * data. The returned data is a binary digest and depending on the version its
- * size can vary. The size of the descriptor ID is put in <b>len_out</b> if
- * non NULL. */
-const char *
-rend_data_get_desc_id(const rend_data_t *rend_data, uint8_t replica,
- size_t *len_out)
-{
- tor_assert(rend_data);
-
- switch (rend_data->version) {
- case HS_VERSION_TWO:
- tor_assert(replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS);
- if (len_out) {
- *len_out = DIGEST_LEN;
- }
- return TO_REND_DATA_V2(rend_data)->descriptor_id[replica];
- default:
- /* We should always have a supported version. */
- tor_assert_unreached();
- }
-}
-
-/** Return the public key digest using the given <b>rend_data</b>. The size of
- * the digest is put in <b>len_out</b> (if set) which can differ depending on
- * the version. */
-const uint8_t *
-rend_data_get_pk_digest(const rend_data_t *rend_data, size_t *len_out)
-{
- tor_assert(rend_data);
-
- switch (rend_data->version) {
- case HS_VERSION_TWO:
- {
- const rend_data_v2_t *v2_data = TO_REND_DATA_V2(rend_data);
- if (len_out) {
- *len_out = sizeof(v2_data->rend_pk_digest);
- }
- return (const uint8_t *) v2_data->rend_pk_digest;
- }
- default:
- /* We should always have a supported version. */
- tor_assert_unreached();
- }
-}
-
/** Using the given time period number, compute the disaster shared random
* value and put it in srv_out. It MUST be at least DIGEST256_LEN bytes. */
static void
@@ -1981,9 +1728,7 @@ hs_dec_rdv_stream_counter(origin_circuit_t *circ)
{
tor_assert(circ);
- if (circ->rend_data) {
- circ->rend_data->nr_streams--;
- } else if (circ->hs_ident) {
+ if (circ->hs_ident) {
circ->hs_ident->num_rdv_streams--;
} else {
/* Should not be called if this circuit is not for hidden service. */
@@ -1998,9 +1743,7 @@ hs_inc_rdv_stream_counter(origin_circuit_t *circ)
{
tor_assert(circ);
- if (circ->rend_data) {
- circ->rend_data->nr_streams++;
- } else if (circ->hs_ident) {
+ if (circ->hs_ident) {
circ->hs_ident->num_rdv_streams++;
} else {
/* Should not be called if this circuit is not for hidden service. */
diff --git a/src/feature/hs/hs_common.h b/src/feature/hs/hs_common.h
index 894b0e4844..5ddc6fd2d8 100644
--- a/src/feature/hs/hs_common.h
+++ b/src/feature/hs/hs_common.h
@@ -19,13 +19,10 @@ struct ed25519_keypair_t;
/* Trunnel */
#include "trunnel/ed25519_cert.h"
-/** Protocol version 2. Use this instead of hardcoding "2" in the code base,
- * this adds a clearer semantic to the value when used. */
-#define HS_VERSION_TWO 2
/** Version 3 of the protocol (prop224). */
#define HS_VERSION_THREE 3
/** Earliest version we support. */
-#define HS_VERSION_MIN HS_VERSION_TWO
+#define HS_VERSION_MIN HS_VERSION_THREE
/** Latest version we support. */
#define HS_VERSION_MAX HS_VERSION_THREE
@@ -194,24 +191,6 @@ void hs_build_blinded_keypair(const struct ed25519_keypair_t *kp,
struct ed25519_keypair_t *kp_out);
int hs_service_requires_uptime_circ(const smartlist_t *ports);
-void rend_data_free_(rend_data_t *data);
-#define rend_data_free(data) \
- FREE_AND_NULL(rend_data_t, rend_data_free_, (data))
-rend_data_t *rend_data_dup(const rend_data_t *data);
-rend_data_t *rend_data_client_create(const char *onion_address,
- const char *desc_id,
- const char *cookie,
- rend_auth_type_t auth_type);
-rend_data_t *rend_data_service_create(const char *onion_address,
- const char *pk_digest,
- const uint8_t *cookie,
- rend_auth_type_t auth_type);
-const char *rend_data_get_address(const rend_data_t *rend_data);
-const char *rend_data_get_desc_id(const rend_data_t *rend_data,
- uint8_t replica, size_t *len_out);
-const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data,
- size_t *len_out);
-
routerstatus_t *pick_hsdir(const char *desc_id, const char *desc_id_base32);
struct hs_subcredential_t;
diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c
index b100acfcd4..e2e1756f21 100644
--- a/src/feature/hs/hs_config.c
+++ b/src/feature/hs/hs_config.c
@@ -28,7 +28,6 @@
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_ob.h"
#include "feature/hs/hs_service.h"
-#include "feature/rend/rendservice.h"
#include "lib/encoding/confline.h"
#include "lib/conf/confdecl.h"
#include "lib/confmgt/confmgt.h"
@@ -101,23 +100,6 @@ stage_services(smartlist_t *service_list)
{
tor_assert(service_list);
- /* This is v2 specific. Trigger service pruning which will make sure the
- * just configured services end up in the main global list. It should only
- * be done in non validation mode because v2 subsystem handles service
- * object differently. */
- rend_service_prune_list();
-
- /* Cleanup v2 service from the list, we don't need those object anymore
- * because we validated them all against the others and we want to stage
- * only >= v3 service. And remember, v2 has a different object type which is
- * shadow copied from an hs_service_t type. */
- SMARTLIST_FOREACH_BEGIN(service_list, hs_service_t *, s) {
- if (s->config.version == HS_VERSION_TWO) {
- SMARTLIST_DEL_CURRENT(service_list, s);
- hs_service_free(s);
- }
- } SMARTLIST_FOREACH_END(s);
-
/* This is >= v3 specific. Using the newly configured service list, stage
* them into our global state. Every object ownership is lost after. */
hs_service_stage_services(service_list);
@@ -145,8 +127,7 @@ service_is_duplicate_in_list(const smartlist_t *service_list,
/* XXX: Validate if we have any service that has the given service dir path.
* This has two problems:
*
- * a) It's O(n^2), but the same comment from the bottom of
- * rend_config_services() should apply.
+ * a) It's O(n^2)
*
* b) We only compare directory paths as strings, so we can't
* detect two distinct paths that specify the same directory
@@ -269,15 +250,6 @@ config_has_invalid_options(const config_line_t *line_,
NULL /* End marker. */
};
- const char *opts_exclude_v2[] = {
- "HiddenServiceExportCircuitID",
- "HiddenServiceEnableIntroDoSDefense",
- "HiddenServiceEnableIntroDoSRatePerSec",
- "HiddenServiceEnableIntroDoSBurstPerSec",
- "HiddenServiceOnionBalanceInstance",
- NULL /* End marker. */
- };
-
/* Defining the size explicitly allows us to take advantage of the compiler
* which warns us if we ever bump the max version but forget to grow this
* array. The plus one is because we have a version 0 :). */
@@ -286,7 +258,7 @@ config_has_invalid_options(const config_line_t *line_,
} exclude_lists[HS_VERSION_MAX + 1] = {
{ NULL }, /* v0. */
{ NULL }, /* v1. */
- { opts_exclude_v2 }, /* v2 */
+ { NULL }, /* v2. */
{ opts_exclude_v3 }, /* v3. */
};
@@ -310,16 +282,6 @@ config_has_invalid_options(const config_line_t *line_,
"version %" PRIu32 " of service in %s",
opt, service->config.version,
service->config.directory_path);
-
- if (!strcasecmp(line->key, "HiddenServiceAuthorizeClient")) {
- /* Special case this v2 option so that we can offer alternatives.
- * If more such special cases appear, it would be good to
- * generalize the exception mechanism here. */
- log_warn(LD_CONFIG, "For v3 onion service client authorization, "
- "please read the 'CLIENT AUTHORIZATION' section in the "
- "manual.");
- }
-
ret = 1;
/* Continue the loop so we can find all possible options. */
continue;
@@ -521,7 +483,7 @@ config_generic_service(const hs_opts_t *hs_opts,
/* Check if we are configured in non anonymous mode meaning every service
* becomes a single onion service. */
- if (rend_service_non_anonymous_mode_enabled(options)) {
+ if (hs_service_non_anonymous_mode_enabled(options)) {
config->is_single_onion = 1;
}
@@ -594,8 +556,7 @@ config_service(config_line_t *line, const or_options_t *options,
service->config.version = config_learn_service_version(service);
}
- /* We make sure that this set of options for a service are valid that is for
- * instance an option only for v2 is not used for v3. */
+ /* We make sure that this set of options for a service are valid. */
if (config_has_invalid_options(line->next, service)) {
goto err;
}
@@ -604,9 +565,6 @@ config_service(config_line_t *line, const or_options_t *options,
* start just after the service directory line so once we hit another
* directory line, the function knows that it has to stop parsing. */
switch (service->config.version) {
- case HS_VERSION_TWO:
- ret = rend_config_service(hs_opts, options, &service->config);
- break;
case HS_VERSION_THREE:
ret = config_service_v3(hs_opts, &service->config);
break;
@@ -687,11 +645,6 @@ hs_config_service_all(const or_options_t *options, int validate_only)
* services. We don't need those objects anymore. */
SMARTLIST_FOREACH(new_service_list, hs_service_t *, s,
hs_service_free(s));
- /* For the v2 subsystem, the configuration function adds the service
- * object to the staging list and it is transferred in the main list
- * through the prunning process. In validation mode, we thus have to purge
- * the staging list so it's not kept in memory as valid service. */
- rend_service_free_staging_list();
}
/* Success. Note that the service list has no ownership of its content. */
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c
index 0656224e48..0faa91f871 100644
--- a/src/feature/hs/hs_descriptor.c
+++ b/src/feature/hs/hs_descriptor.c
@@ -64,7 +64,6 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/dirparse/parsecommon.h"
-#include "feature/rend/rendcache.h"
#include "feature/hs/hs_cache.h"
#include "feature/hs/hs_config.h"
#include "feature/nodelist/torcert.h" /* tor_cert_encode_ed22519() */
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index b33013ba1f..79734a67d5 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -29,7 +29,6 @@
#include "feature/nodelist/nickname.h"
#include "feature/nodelist/node_select.h"
#include "feature/nodelist/nodelist.h"
-#include "feature/rend/rendservice.h"
#include "lib/crypt_ops/crypto_ope.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/crypt_ops/crypto_util.h"
@@ -2666,8 +2665,6 @@ run_housekeeping_event(time_t now)
static void
run_build_descriptor_event(time_t now)
{
- /* For v2 services, this step happens in the upload event. */
-
/* Run v3+ events. */
/* We start by rotating the descriptors only if needed. */
rotate_all_descriptors(now);
@@ -2840,11 +2837,6 @@ run_build_circuit_event(time_t now)
return;
}
- /* Run v2 check. */
- if (rend_num_services() > 0) {
- rend_consider_services_intro_points(now);
- }
-
/* Run v3+ check. */
FOR_EACH_SERVICE_BEGIN(service) {
/* For introduction circuit, we need to make sure we don't stress too much
@@ -3280,13 +3272,6 @@ refresh_service_descriptor(const hs_service_t *service,
STATIC void
run_upload_descriptor_event(time_t now)
{
- /* v2 services use the same function for descriptor creation and upload so
- * we do everything here because the intro circuits were checked before. */
- if (rend_num_services() > 0) {
- rend_consider_services_upload(now);
- rend_consider_descriptor_republication();
- }
-
/* Run v3+ check. */
FOR_EACH_SERVICE_BEGIN(service) {
FOR_EACH_DESCRIPTOR_BEGIN(service, desc) {
@@ -3615,6 +3600,54 @@ service_encode_descriptor(const hs_service_t *service,
/* Public API */
/* ========== */
+/* Are HiddenServiceSingleHopMode and HiddenServiceNonAnonymousMode consistent?
+ */
+static int
+hs_service_non_anonymous_mode_consistent(const or_options_t *options)
+{
+ /* !! is used to make these options boolean */
+ return (!! options->HiddenServiceSingleHopMode ==
+ !! options->HiddenServiceNonAnonymousMode);
+}
+
+/* Do the options allow onion services to make direct (non-anonymous)
+ * connections to introduction or rendezvous points?
+ * Must only be called after options_validate_single_onion() has successfully
+ * checked onion service option consistency.
+ * Returns true if tor is in HiddenServiceSingleHopMode. */
+int
+hs_service_allow_non_anonymous_connection(const or_options_t *options)
+{
+ tor_assert(hs_service_non_anonymous_mode_consistent(options));
+ return options->HiddenServiceSingleHopMode ? 1 : 0;
+}
+
+/* Do the options allow us to reveal the exact startup time of the onion
+ * service?
+ * Single Onion Services prioritise availability over hiding their
+ * startup time, as their IP address is publicly discoverable anyway.
+ * Must only be called after options_validate_single_onion() has successfully
+ * checked onion service option consistency.
+ * Returns true if tor is in non-anonymous hidden service mode. */
+int
+hs_service_reveal_startup_time(const or_options_t *options)
+{
+ tor_assert(hs_service_non_anonymous_mode_consistent(options));
+ return hs_service_non_anonymous_mode_enabled(options);
+}
+
+/* Is non-anonymous mode enabled using the HiddenServiceNonAnonymousMode
+ * config option?
+ * Must only be called after options_validate_single_onion() has successfully
+ * checked onion service option consistency.
+ */
+int
+hs_service_non_anonymous_mode_enabled(const or_options_t *options)
+{
+ tor_assert(hs_service_non_anonymous_mode_consistent(options));
+ return options->HiddenServiceNonAnonymousMode ? 1 : 0;
+}
+
/** Called when a circuit was just cleaned up. This is done right before the
* circuit is marked for close. */
void
@@ -3641,7 +3674,7 @@ hs_service_circuit_cleanup_on_close(const circuit_t *circ)
}
}
-/** This is called every time the service map (v2 or v3) changes that is if an
+/** This is called every time the service map changes that is if an
* element is added or removed. */
void
hs_service_map_has_changed(void)
@@ -3992,9 +4025,6 @@ hs_service_lists_fnames_for_sandbox(smartlist_t *file_list,
tor_assert(file_list);
tor_assert(dir_list);
- /* Add files and dirs for legacy services. */
- rend_services_add_filenames_to_lists(file_list, dir_list);
-
/* Add files and dirs for v3+. */
FOR_EACH_SERVICE_BEGIN(service) {
/* Skip ephemeral service, they don't touch the disk. */
@@ -4046,9 +4076,6 @@ hs_service_receive_introduce2(origin_circuit_t *circ, const uint8_t *payload,
if (circ->hs_ident) {
ret = service_handle_introduce2(circ, payload, payload_len);
hs_stats_note_introduce2_cell(1);
- } else {
- ret = rend_service_receive_introduction(circ, payload, payload_len);
- hs_stats_note_introduce2_cell(0);
}
done:
@@ -4075,12 +4102,8 @@ hs_service_receive_intro_established(origin_circuit_t *circ,
goto err;
}
- /* Handle both version. v2 uses rend_data and v3 uses the hs circuit
- * identifier hs_ident. Can't be both. */
if (circ->hs_ident) {
ret = service_handle_intro_established(circ, payload, payload_len);
- } else {
- ret = rend_service_intro_established(circ, payload, payload_len);
}
if (ret < 0) {
@@ -4099,21 +4122,15 @@ hs_service_circuit_has_opened(origin_circuit_t *circ)
{
tor_assert(circ);
- /* Handle both version. v2 uses rend_data and v3 uses the hs circuit
- * identifier hs_ident. Can't be both. */
switch (TO_CIRCUIT(circ)->purpose) {
case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO:
if (circ->hs_ident) {
service_intro_circ_has_opened(circ);
- } else {
- rend_service_intro_has_opened(circ);
}
break;
case CIRCUIT_PURPOSE_S_CONNECT_REND:
if (circ->hs_ident) {
service_rendezvous_circ_has_opened(circ);
- } else {
- rend_service_rendezvous_has_opened(circ);
}
break;
default:
@@ -4141,11 +4158,6 @@ hs_service_get_version_from_key(const hs_service_t *service)
version = HS_VERSION_THREE;
goto end;
}
- /* Version 2 check. */
- if (rend_service_key_on_disk(directory_path)) {
- version = HS_VERSION_TWO;
- goto end;
- }
end:
return version;
@@ -4156,13 +4168,6 @@ hs_service_get_version_from_key(const hs_service_t *service)
int
hs_service_load_all_keys(void)
{
- /* Load v2 service keys if we have v2. */
- if (rend_num_services() != 0) {
- if (rend_service_load_all_keys(NULL) < 0) {
- goto err;
- }
- }
-
/* Load or/and generate them for v3+. */
SMARTLIST_FOREACH_BEGIN(hs_service_staging_list, hs_service_t *, service) {
/* Ignore ephemeral service, they already have their keys set. */
@@ -4362,9 +4367,6 @@ hs_service_init(void)
tor_assert(!hs_service_map);
tor_assert(!hs_service_staging_list);
- /* v2 specific. */
- rend_service_init();
-
hs_service_map = tor_malloc_zero(sizeof(struct hs_service_ht));
HT_INIT(hs_service_ht, hs_service_map);
@@ -4375,7 +4377,6 @@ hs_service_init(void)
void
hs_service_free_all(void)
{
- rend_service_free_all();
service_free_all();
hs_config_free_all();
}
diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h
index 54d646d3e4..be01ce3cfb 100644
--- a/src/feature/hs/hs_service.h
+++ b/src/feature/hs/hs_service.h
@@ -398,6 +398,11 @@ service_authorized_client_free_(hs_service_authorized_client_t *client);
FREE_AND_NULL(hs_service_authorized_client_t, \
service_authorized_client_free_, (c))
+/* Config options. */
+int hs_service_allow_non_anonymous_connection(const or_options_t *options);
+int hs_service_non_anonymous_mode_enabled(const or_options_t *options);
+int hs_service_reveal_startup_time(const or_options_t *options);
+
#ifdef HS_SERVICE_PRIVATE
#ifdef TOR_UNIT_TESTS
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
index 7387f0d1d3..f807a34449 100644
--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@ -64,7 +64,6 @@
#include "feature/nodelist/routerlist.h"
#include "feature/nodelist/routerset.h"
#include "feature/nodelist/torcert.h"
-#include "feature/rend/rendservice.h"
#include "lib/encoding/binascii.h"
#include "lib/err/backtrace.h"
#include "lib/geoip/geoip.h"
@@ -2471,7 +2470,6 @@ void
router_dir_info_changed(void)
{
need_to_update_have_min_dir_info = 1;
- rend_hsdir_routers_changed();
hs_service_dir_info_changed();
hs_client_dir_info_changed();
}
diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c
index 137c478fef..1b438b0330 100644
--- a/src/feature/relay/selftest.c
+++ b/src/feature/relay/selftest.c
@@ -526,8 +526,8 @@ router_perform_bandwidth_test(int num_circs, time_t now)
origin_circuit_t *circ = NULL;
log_notice(LD_OR,"Performing bandwidth self-test...done.");
- while ((circ = circuit_get_next_by_pk_and_purpose(circ, NULL,
- CIRCUIT_PURPOSE_TESTING))) {
+ while ((circ = circuit_get_next_by_purpose(circ,
+ CIRCUIT_PURPOSE_TESTING))) {
/* dump cells_per_circuit drop cells onto this circ */
int i = cells_per_circuit;
if (circ->base_.state != CIRCUIT_STATE_OPEN)
diff --git a/src/feature/rend/feature_rend.md b/src/feature/rend/feature_rend.md
deleted file mode 100644
index bfd8ae3dbc..0000000000
--- a/src/feature/rend/feature_rend.md
+++ /dev/null
@@ -1,7 +0,0 @@
- at dir /feature/rend
- at brief feature/rend: version 2 (old) hidden services
-
-This directory implements the v2 onion service protocol,
-as specified in
-[rend-spec-v2.txt](https://gitweb.torproject.org/torspec.git/tree/rend-spec-v2.txt).
-
diff --git a/src/feature/rend/include.am b/src/feature/rend/include.am
index 8ad85bd7b1..d338869b5b 100644
--- a/src/feature/rend/include.am
+++ b/src/feature/rend/include.am
@@ -1,20 +1,10 @@
# ADD_C_FILE: INSERT SOURCES HERE.
LIBTOR_APP_A_SOURCES += \
- src/feature/rend/rendcache.c \
src/feature/rend/rendcommon.c \
- src/feature/rend/rendmid.c \
- src/feature/rend/rendparse.c \
- src/feature/rend/rendservice.c
+ src/feature/rend/rendmid.c
# ADD_C_FILE: INSERT HEADERS HERE.
noinst_HEADERS += \
- src/feature/rend/rend_authorized_client_st.h \
- src/feature/rend/rend_encoded_v2_service_descriptor_st.h \
- src/feature/rend/rend_intro_point_st.h \
- src/feature/rend/rend_service_descriptor_st.h \
- src/feature/rend/rendcache.h \
src/feature/rend/rendcommon.h \
- src/feature/rend/rendmid.h \
- src/feature/rend/rendparse.h \
- src/feature/rend/rendservice.h
+ src/feature/rend/rendmid.h
diff --git a/src/feature/rend/rend_authorized_client_st.h b/src/feature/rend/rend_authorized_client_st.h
deleted file mode 100644
index c6a6676da9..0000000000
--- a/src/feature/rend/rend_authorized_client_st.h
+++ /dev/null
@@ -1,22 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * @file rend_authorized_client_st.h
- * @brief Hidden-service authorized client structure.
- **/
-
-#ifndef REND_AUTHORIZED_CLIENT_ST_H
-#define REND_AUTHORIZED_CLIENT_ST_H
-
-/** Hidden-service side configuration of client authorization. */
-struct rend_authorized_client_t {
- char *client_name;
- uint8_t descriptor_cookie[REND_DESC_COOKIE_LEN];
- crypto_pk_t *client_key;
-};
-
-#endif /* !defined(REND_AUTHORIZED_CLIENT_ST_H) */
diff --git a/src/feature/rend/rend_encoded_v2_service_descriptor_st.h b/src/feature/rend/rend_encoded_v2_service_descriptor_st.h
deleted file mode 100644
index fea91b876a..0000000000
--- a/src/feature/rend/rend_encoded_v2_service_descriptor_st.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * @file rend_encoded_v2_service_descriptor_st.h
- * @brief Encoded v2 HS descriptor structure.
- **/
-
-#ifndef REND_ENCODED_V2_SERVICE_DESCRIPTOR_ST_H
-#define REND_ENCODED_V2_SERVICE_DESCRIPTOR_ST_H
-
-/** ASCII-encoded v2 hidden service descriptor. */
-struct rend_encoded_v2_service_descriptor_t {
- char desc_id[DIGEST_LEN]; /**< Descriptor ID. */
- char *desc_str; /**< Descriptor string. */
-};
-
-#endif /* !defined(REND_ENCODED_V2_SERVICE_DESCRIPTOR_ST_H) */
diff --git a/src/feature/rend/rend_intro_point_st.h b/src/feature/rend/rend_intro_point_st.h
deleted file mode 100644
index 4f0aa01523..0000000000
--- a/src/feature/rend/rend_intro_point_st.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * @file rend_intro_point_st.h
- * @brief v2 hidden service introduction point structure.
- **/
-
-#ifndef REND_INTRO_POINT_ST_H
-#define REND_INTRO_POINT_ST_H
-
-struct replaycache_t;
-struct crypto_pk_t;
-
-/** Introduction point information. Used both in rend_service_t (on
- * the service side) and in rend_service_descriptor_t (on both the
- * client and service side). */
-struct rend_intro_point_t {
- extend_info_t *extend_info; /**< Extend info for connecting to this
- * introduction point via a multi-hop path. */
- struct crypto_pk_t *intro_key; /**< Introduction key that replaces the
- * service key, if this descriptor is V2. */
-
- /** (Client side only) Flag indicating that a timeout has occurred
- * after sending an INTRODUCE cell to this intro point. After a
- * timeout, an intro point should not be tried again during the same
- * hidden service connection attempt, but it may be tried again
- * during a future connection attempt. */
- unsigned int timed_out : 1;
-
- /** (Client side only) The number of times we have failed to build a
- * circuit to this intro point for some reason other than our
- * circuit-build timeout. See also MAX_INTRO_POINT_REACHABILITY_FAILURES. */
- unsigned int unreachable_count : 3;
-
- /** (Service side only) Flag indicating that this intro point was
- * included in the last HS descriptor we generated. */
- unsigned int listed_in_last_desc : 1;
-
- /** (Service side only) A replay cache recording the RSA-encrypted parts
- * of INTRODUCE2 cells this intro point's circuit has received. This is
- * used to prevent replay attacks. */
- struct replaycache_t *accepted_intro_rsa_parts;
-
- /** (Service side only) Count of INTRODUCE2 cells accepted from this
- * intro point.
- */
- int accepted_introduce2_count;
-
- /** (Service side only) Maximum number of INTRODUCE2 cells that this IP
- * will accept. This is a random value between
- * INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS and
- * INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS. */
- int max_introductions;
-
- /** (Service side only) The time at which this intro point was first
- * published, or -1 if this intro point has not yet been
- * published. */
- time_t time_published;
-
- /** (Service side only) The time at which this intro point should
- * (start to) expire, or -1 if we haven't decided when this intro
- * point should expire. */
- time_t time_to_expire;
-
- /** (Service side only) The amount of circuit creation we've made to this
- * intro point. This is incremented every time we do a circuit relaunch on
- * this object which is triggered when the circuit dies but the node is
- * still in the consensus. After MAX_INTRO_POINT_CIRCUIT_RETRIES, we give
- * up on it. */
- unsigned int circuit_retries;
-
- /** (Service side only) Set if this intro point has an established circuit
- * and unset if it doesn't. */
- unsigned int circuit_established:1;
-};
-
-#endif /* !defined(REND_INTRO_POINT_ST_H) */
diff --git a/src/feature/rend/rend_service_descriptor_st.h b/src/feature/rend/rend_service_descriptor_st.h
deleted file mode 100644
index 80c8034f46..0000000000
--- a/src/feature/rend/rend_service_descriptor_st.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * @file rend_service_descriptor_st.h
- * @brief Parsed v2 HS descriptor structure.
- **/
-
-#ifndef REND_SERVICE_DESCRIPTOR_ST_H
-#define REND_SERVICE_DESCRIPTOR_ST_H
-
-#define REND_PROTOCOL_VERSION_BITMASK_WIDTH 16
-
-/** Information used to connect to a hidden service. Used on both the
- * service side and the client side. */
-struct rend_service_descriptor_t {
- crypto_pk_t *pk; /**< This service's public key. */
- int version; /**< Version of the descriptor format: 0 or 2. */
- time_t timestamp; /**< Time when the descriptor was generated. */
- /** Bitmask: which introduce/rendezvous protocols are supported?
- * (We allow bits '0', '1', '2' and '3' to be set.) */
- unsigned protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH;
- /** List of the service's introduction points. Elements are removed if
- * introduction attempts fail. */
- smartlist_t *intro_nodes;
- /** Has descriptor been uploaded to all hidden service directories? */
- int all_uploads_performed;
- /** List of hidden service directories to which an upload request for
- * this descriptor could be sent. Smartlist exists only when at least one
- * of the previous upload requests failed (otherwise it's not important
- * to know which uploads succeeded and which not). */
- smartlist_t *successful_uploads;
-};
-
-#endif /* !defined(REND_SERVICE_DESCRIPTOR_ST_H) */
diff --git a/src/feature/rend/rendcache.c b/src/feature/rend/rendcache.c
deleted file mode 100644
index a471c8f463..0000000000
--- a/src/feature/rend/rendcache.c
+++ /dev/null
@@ -1,1029 +0,0 @@
-/* Copyright (c) 2015-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendcache.c
- * \brief Hidden service descriptor cache.
- **/
-
-#define RENDCACHE_PRIVATE
-#include "feature/rend/rendcache.h"
-
-#include "app/config/config.h"
-#include "feature/stats/rephist.h"
-#include "feature/nodelist/routerlist.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendparse.h"
-
-#include "core/or/extend_info_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-
-#include "lib/ctime/di_ops.h"
-
-/** Map from service id (as generated by rend_get_service_id) to
- * rend_cache_entry_t. */
-STATIC strmap_t *rend_cache = NULL;
-
-/** Map from service id to rend_cache_entry_t; only for hidden services. */
-static strmap_t *rend_cache_local_service = NULL;
-
-/** Map from descriptor id to rend_cache_entry_t; only for hidden service
- * directories. */
-STATIC digestmap_t *rend_cache_v2_dir = NULL;
-
-/** (Client side only) Map from service id to rend_cache_failure_t. This
- * cache is used to track intro point(IP) failures so we know when to keep
- * or discard a new descriptor we just fetched. Here is a description of the
- * cache behavior.
- *
- * Every time tor discards an IP (ex: receives a NACK), we add an entry to
- * this cache noting the identity digest of the IP and it's failure type for
- * the service ID. The reason we indexed this cache by service ID is to
- * differentiate errors that can occur only for a specific service like a
- * NACK for instance. It applies for one but maybe not for the others.
- *
- * Once a service descriptor is fetched and considered valid, each IP is
- * looked up in this cache and if present, it is discarded from the fetched
- * descriptor. At the end, all IP(s) in the cache, for a specific service
- * ID, that were NOT present in the descriptor are removed from this cache.
- * Which means that if at least one IP was not in this cache, thus usable,
- * it's considered a new descriptor so we keep it. Else, if all IPs were in
- * this cache, we discard the descriptor as it's considered unusable.
- *
- * Once a descriptor is removed from the rend cache or expires, the entry
- * in this cache is also removed for the service ID.
- *
- * This scheme allows us to not rely on the descriptor's timestamp (which
- * is rounded down to the hour) to know if we have a newer descriptor. We
- * only rely on the usability of intro points from an internal state. */
-STATIC strmap_t *rend_cache_failure = NULL;
-
-/* DOCDOC */
-STATIC size_t rend_cache_total_allocation = 0;
-
-/** Initializes the service descriptor cache.
-*/
-void
-rend_cache_init(void)
-{
- rend_cache = strmap_new();
- rend_cache_v2_dir = digestmap_new();
- rend_cache_local_service = strmap_new();
- rend_cache_failure = strmap_new();
-}
-
-/** Return the approximate number of bytes needed to hold <b>e</b>. */
-STATIC size_t
-rend_cache_entry_allocation(const rend_cache_entry_t *e)
-{
- if (!e)
- return 0;
-
- /* This doesn't count intro_nodes or key size */
- return sizeof(*e) + e->len + sizeof(*e->parsed);
-}
-
-/* DOCDOC */
-size_t
-rend_cache_get_total_allocation(void)
-{
- return rend_cache_total_allocation;
-}
-
-/** Decrement the total bytes attributed to the rendezvous cache by n. */
-void
-rend_cache_decrement_allocation(size_t n)
-{
- static int have_underflowed = 0;
-
- if (rend_cache_total_allocation >= n) {
- rend_cache_total_allocation -= n;
- } else {
- rend_cache_total_allocation = 0;
- if (! have_underflowed) {
- have_underflowed = 1;
- log_warn(LD_BUG, "Underflow in rend_cache_decrement_allocation");
- }
- }
-}
-
-/** Increase the total bytes attributed to the rendezvous cache by n. */
-void
-rend_cache_increment_allocation(size_t n)
-{
- static int have_overflowed = 0;
- if (rend_cache_total_allocation <= SIZE_MAX - n) {
- rend_cache_total_allocation += n;
- } else {
- rend_cache_total_allocation = SIZE_MAX;
- if (! have_overflowed) {
- have_overflowed = 1;
- log_warn(LD_BUG, "Overflow in rend_cache_increment_allocation");
- }
- }
-}
-
-/** Helper: free a rend cache failure intro object. */
-STATIC void
-rend_cache_failure_intro_entry_free_(rend_cache_failure_intro_t *entry)
-{
- if (entry == NULL) {
- return;
- }
- tor_free(entry);
-}
-
-static void
-rend_cache_failure_intro_entry_free_void(void *entry)
-{
- rend_cache_failure_intro_entry_free_(entry);
-}
-
-/** Allocate a rend cache failure intro object and return it. <b>failure</b>
- * is set into the object. This function can not fail. */
-STATIC rend_cache_failure_intro_t *
-rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
-{
- rend_cache_failure_intro_t *entry = tor_malloc(sizeof(*entry));
- entry->failure_type = failure;
- entry->created_ts = time(NULL);
- return entry;
-}
-
-/** Helper: free a rend cache failure object. */
-STATIC void
-rend_cache_failure_entry_free_(rend_cache_failure_t *entry)
-{
- if (entry == NULL) {
- return;
- }
-
- /* Free and remove every intro failure object. */
- digestmap_free(entry->intro_failures,
- rend_cache_failure_intro_entry_free_void);
-
- tor_free(entry);
-}
-
-/** Helper: deallocate a rend_cache_failure_t. (Used with strmap_free(),
- * which requires a function pointer whose argument is void*). */
-STATIC void
-rend_cache_failure_entry_free_void(void *entry)
-{
- rend_cache_failure_entry_free_(entry);
-}
-
-/** Allocate a rend cache failure object and return it. This function can
- * not fail. */
-STATIC rend_cache_failure_t *
-rend_cache_failure_entry_new(void)
-{
- rend_cache_failure_t *entry = tor_malloc(sizeof(*entry));
- entry->intro_failures = digestmap_new();
- return entry;
-}
-
-/** Remove failure cache entry for the service ID in the given descriptor
- * <b>desc</b>. */
-STATIC void
-rend_cache_failure_remove(rend_service_descriptor_t *desc)
-{
- char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
- rend_cache_failure_t *entry;
-
- if (desc == NULL) {
- return;
- }
- if (rend_get_service_id(desc->pk, service_id) < 0) {
- return;
- }
- entry = strmap_get_lc(rend_cache_failure, service_id);
- if (entry != NULL) {
- strmap_remove_lc(rend_cache_failure, service_id);
- rend_cache_failure_entry_free(entry);
- }
-}
-
-/** Helper: free storage held by a single service descriptor cache entry. */
-STATIC void
-rend_cache_entry_free_(rend_cache_entry_t *e)
-{
- if (!e)
- return;
- rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
- /* We are about to remove a descriptor from the cache so remove the entry
- * in the failure cache. */
- rend_cache_failure_remove(e->parsed);
- rend_service_descriptor_free(e->parsed);
- tor_free(e->desc);
- tor_free(e);
-}
-
-/** Helper: deallocate a rend_cache_entry_t. (Used with strmap_free(), which
- * requires a function pointer whose argument is void*). */
-static void
-rend_cache_entry_free_void(void *p)
-{
- rend_cache_entry_free_(p);
-}
-
-/** Check if a failure cache entry exists for the given intro point. */
-bool
-rend_cache_intro_failure_exists(const char *service_id,
- const uint8_t *intro_identity)
-{
- tor_assert(service_id);
- tor_assert(intro_identity);
-
- return cache_failure_intro_lookup(intro_identity, service_id, NULL);
-}
-
-/** Free all storage held by the service descriptor cache. */
-void
-rend_cache_free_all(void)
-{
- strmap_free(rend_cache, rend_cache_entry_free_void);
- digestmap_free(rend_cache_v2_dir, rend_cache_entry_free_void);
- strmap_free(rend_cache_local_service, rend_cache_entry_free_void);
- strmap_free(rend_cache_failure, rend_cache_failure_entry_free_void);
- rend_cache = NULL;
- rend_cache_v2_dir = NULL;
- rend_cache_local_service = NULL;
- rend_cache_failure = NULL;
- rend_cache_total_allocation = 0;
-}
-
-/** Remove all entries that re REND_CACHE_FAILURE_MAX_AGE old. This is
- * called every second.
- *
- * We have to clean these regularly else if for whatever reasons an hidden
- * service goes offline and a client tries to connect to it during that
- * time, a failure entry is created and the client will be unable to connect
- * for a while even though the service has return online. */
-void
-rend_cache_failure_clean(time_t now)
-{
- time_t cutoff = now - REND_CACHE_FAILURE_MAX_AGE;
- STRMAP_FOREACH_MODIFY(rend_cache_failure, key,
- rend_cache_failure_t *, ent) {
- /* Free and remove every intro failure object that match the cutoff. */
- DIGESTMAP_FOREACH_MODIFY(ent->intro_failures, ip_key,
- rend_cache_failure_intro_t *, ip_ent) {
- if (ip_ent->created_ts < cutoff) {
- rend_cache_failure_intro_entry_free(ip_ent);
- MAP_DEL_CURRENT(ip_key);
- }
- } DIGESTMAP_FOREACH_END;
- /* If the entry is now empty of intro point failures, remove it. */
- if (digestmap_isempty(ent->intro_failures)) {
- rend_cache_failure_entry_free(ent);
- MAP_DEL_CURRENT(key);
- }
- } STRMAP_FOREACH_END;
-}
-
-/** Removes all old entries from the client or service descriptor cache.
-*/
-void
-rend_cache_clean(time_t now, rend_cache_type_t cache_type)
-{
- strmap_iter_t *iter;
- const char *key;
- void *val;
- rend_cache_entry_t *ent;
- time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
- strmap_t *cache = NULL;
-
- if (cache_type == REND_CACHE_TYPE_CLIENT) {
- cache = rend_cache;
- } else if (cache_type == REND_CACHE_TYPE_SERVICE) {
- cache = rend_cache_local_service;
- }
- tor_assert(cache);
-
- for (iter = strmap_iter_init(cache); !strmap_iter_done(iter); ) {
- strmap_iter_get(iter, &key, &val);
- ent = (rend_cache_entry_t*)val;
- if (ent->parsed->timestamp < cutoff) {
- iter = strmap_iter_next_rmv(cache, iter);
- rend_cache_entry_free(ent);
- } else {
- iter = strmap_iter_next(cache, iter);
- }
- }
-}
-
-/** Remove ALL entries from the rendezvous service descriptor cache.
-*/
-void
-rend_cache_purge(void)
-{
- if (rend_cache) {
- log_info(LD_REND, "Purging HS v2 descriptor cache");
- strmap_free(rend_cache, rend_cache_entry_free_void);
- }
- rend_cache = strmap_new();
-}
-
-/** Remove ALL entries from the failure cache. This is also called when a
- * NEWNYM signal is received. */
-void
-rend_cache_failure_purge(void)
-{
- if (rend_cache_failure) {
- log_info(LD_REND, "Purging HS v2 failure cache");
- strmap_free(rend_cache_failure, rend_cache_failure_entry_free_void);
- }
- rend_cache_failure = strmap_new();
-}
-
-/** Lookup the rend failure cache using a relay identity digest in
- * <b>identity</b> which has DIGEST_LEN bytes and service ID <b>service_id</b>
- * which is a null-terminated string. If @a intro_entry is provided, then it
- * is set to the entry on success, and to NULL on failure.
- * Return 1 iff found else 0. */
-STATIC int
-cache_failure_intro_lookup(const uint8_t *identity, const char *service_id,
- rend_cache_failure_intro_t **intro_entry)
-{
- rend_cache_failure_t *elem;
- rend_cache_failure_intro_t *intro_elem;
-
- tor_assert(rend_cache_failure);
-
- if (intro_entry) {
- *intro_entry = NULL;
- }
-
- /* Lookup descriptor and return it. */
- elem = strmap_get_lc(rend_cache_failure, service_id);
- if (elem == NULL) {
- goto not_found;
- }
- intro_elem = digestmap_get(elem->intro_failures, (char *) identity);
- if (intro_elem == NULL) {
- goto not_found;
- }
- if (intro_entry) {
- *intro_entry = intro_elem;
- }
- return 1;
- not_found:
- return 0;
-}
-
-/** Allocate a new cache failure intro object and copy the content from
- * <b>entry</b> to this newly allocated object. Return it. */
-static rend_cache_failure_intro_t *
-cache_failure_intro_dup(const rend_cache_failure_intro_t *entry)
-{
- rend_cache_failure_intro_t *ent_dup =
- rend_cache_failure_intro_entry_new(entry->failure_type);
- ent_dup->created_ts = entry->created_ts;
- return ent_dup;
-}
-
-/** Add an intro point failure to the failure cache using the relay
- * <b>identity</b> and service ID <b>service_id</b>. Record the
- * <b>failure</b> in that object. */
-STATIC void
-cache_failure_intro_add(const uint8_t *identity, const char *service_id,
- rend_intro_point_failure_t failure)
-{
- rend_cache_failure_t *fail_entry;
- rend_cache_failure_intro_t *entry, *old_entry;
-
- /* Make sure we have a failure object for this service ID and if not,
- * create it with this new intro failure entry. */
- fail_entry = strmap_get_lc(rend_cache_failure, service_id);
- if (fail_entry == NULL) {
- fail_entry = rend_cache_failure_entry_new();
- /* Add failure entry to global rend failure cache. */
- strmap_set_lc(rend_cache_failure, service_id, fail_entry);
- }
- entry = rend_cache_failure_intro_entry_new(failure);
- old_entry = digestmap_set(fail_entry->intro_failures,
- (char *) identity, entry);
- /* This _should_ be NULL, but in case it isn't, free it. */
- rend_cache_failure_intro_entry_free(old_entry);
-}
-
-/** Using a parsed descriptor <b>desc</b>, check if the introduction points
- * are present in the failure cache and if so they are removed from the
- * descriptor and kept into the failure cache. Then, each intro points that
- * are NOT in the descriptor but in the failure cache for the given
- * <b>service_id</b> are removed from the failure cache. */
-STATIC void
-validate_intro_point_failure(const rend_service_descriptor_t *desc,
- const char *service_id)
-{
- rend_cache_failure_t *new_entry, *cur_entry;
- /* New entry for the service ID that will be replacing the one in the
- * failure cache since we have a new descriptor. In the case where all
- * intro points are removed, we are assured that the new entry is the same
- * as the current one. */
- new_entry = tor_malloc(sizeof(*new_entry));
- new_entry->intro_failures = digestmap_new();
-
- tor_assert(desc);
-
- SMARTLIST_FOREACH_BEGIN(desc->intro_nodes, rend_intro_point_t *, intro) {
- int found;
- rend_cache_failure_intro_t *entry;
- const uint8_t *identity =
- (uint8_t *) intro->extend_info->identity_digest;
-
- found = cache_failure_intro_lookup(identity, service_id, &entry);
- if (found) {
- /* Dup here since it will be freed at the end when removing the
- * original entry in the cache. */
- rend_cache_failure_intro_t *ent_dup = cache_failure_intro_dup(entry);
- /* This intro point is in our cache, discard it from the descriptor
- * because chances are that it's unusable. */
- SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
- /* Keep it for our new entry. */
- digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
- /* Only free it when we're done looking at it. */
- rend_intro_point_free(intro);
- continue;
- }
- } SMARTLIST_FOREACH_END(intro);
-
- /* Swap the failure entry in the cache and free the current one. */
- cur_entry = strmap_get_lc(rend_cache_failure, service_id);
- if (cur_entry != NULL) {
- rend_cache_failure_entry_free(cur_entry);
- }
- strmap_set_lc(rend_cache_failure, service_id, new_entry);
-}
-
-/** Note down an intro failure in the rend failure cache using the type of
- * failure in <b>failure</b> for the relay identity digest in
- * <b>identity</b> and service ID <b>service_id</b>. If an entry already
- * exists in the cache, the failure type is changed with <b>failure</b>. */
-void
-rend_cache_intro_failure_note(rend_intro_point_failure_t failure,
- const uint8_t *identity,
- const char *service_id)
-{
- int found;
- rend_cache_failure_intro_t *entry;
-
- found = cache_failure_intro_lookup(identity, service_id, &entry);
- if (!found) {
- cache_failure_intro_add(identity, service_id, failure);
- } else {
- /* Replace introduction point failure with this one. */
- entry->failure_type = failure;
- }
-}
-
-/** Remove all old v2 descriptors and those for which this hidden service
- * directory is not responsible for any more. The cutoff is the time limit for
- * which we want to keep the cache entry. In other words, any entry created
- * before will be removed. */
-size_t
-rend_cache_clean_v2_descs_as_dir(time_t cutoff)
-{
- digestmap_iter_t *iter;
- size_t bytes_removed = 0;
-
- for (iter = digestmap_iter_init(rend_cache_v2_dir);
- !digestmap_iter_done(iter); ) {
- const char *key;
- void *val;
- rend_cache_entry_t *ent;
- digestmap_iter_get(iter, &key, &val);
- ent = val;
- if (ent->parsed->timestamp < cutoff) {
- char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
- log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
- safe_str_client(key_base32));
- bytes_removed += rend_cache_entry_allocation(ent);
- iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
- rend_cache_entry_free(ent);
- } else {
- iter = digestmap_iter_next(rend_cache_v2_dir, iter);
- }
- }
-
- return bytes_removed;
-}
-
-/** Lookup in the client cache the given service ID <b>query</b> for
- * <b>version</b>.
- *
- * Return 0 if found and if <b>e</b> is non NULL, set it with the entry
- * found. Else, a negative value is returned and <b>e</b> is untouched.
- * -EINVAL means that <b>query</b> is not a valid service id.
- * -ENOENT means that no entry in the cache was found. */
-int
-rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
-{
- int ret = 0;
- char key[REND_SERVICE_ID_LEN_BASE32 + 2]; /* <version><query>\0 */
- rend_cache_entry_t *entry = NULL;
- static const int default_version = 2;
-
- tor_assert(query);
-
- /* This is possible if we are in the shutdown process and the cache was
- * freed while some other subsystem might do a lookup to the cache for
- * cleanup reasons such HS circuit cleanup for instance. */
- if (!rend_cache) {
- ret = -ENOENT;
- goto end;
- }
-
- if (!rend_valid_v2_service_id(query)) {
- ret = -EINVAL;
- goto end;
- }
-
- switch (version) {
- case 0:
- log_warn(LD_REND, "Cache lookup of a v0 renddesc is deprecated.");
- break;
- case 2:
- /* Default is version 2. */
- default:
- tor_snprintf(key, sizeof(key), "%d%s", default_version, query);
- entry = strmap_get_lc(rend_cache, key);
- break;
- }
- if (!entry) {
- ret = -ENOENT;
- goto end;
- }
- tor_assert(entry->parsed && entry->parsed->intro_nodes);
-
- if (e) {
- *e = entry;
- }
-
- end:
- return ret;
-}
-
-/*
- * Lookup the v2 service descriptor with the service ID <b>query</b> in the
- * local service descriptor cache. Return 0 if found and if <b>e</b> is
- * non NULL, set it with the entry found. Else, a negative value is returned
- * and <b>e</b> is untouched.
- * -EINVAL means that <b>query</b> is not a valid service id.
- * -ENOENT means that no entry in the cache was found. */
-int
-rend_cache_lookup_v2_desc_as_service(const char *query, rend_cache_entry_t **e)
-{
- int ret = 0;
- rend_cache_entry_t *entry = NULL;
-
- tor_assert(rend_cache_local_service);
- tor_assert(query);
-
- if (!rend_valid_v2_service_id(query)) {
- ret = -EINVAL;
- goto end;
- }
-
- /* Lookup descriptor and return. */
- entry = strmap_get_lc(rend_cache_local_service, query);
- if (!entry) {
- ret = -ENOENT;
- goto end;
- }
-
- if (e) {
- *e = entry;
- }
-
- end:
- return ret;
-}
-
-/** Lookup the v2 service descriptor with base32-encoded <b>desc_id</b> and
- * copy the pointer to it to *<b>desc</b>. Return 1 on success, 0 on
- * well-formed-but-not-found, and -1 on failure.
- */
-int
-rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
-{
- rend_cache_entry_t *e;
- char desc_id_digest[DIGEST_LEN];
- tor_assert(rend_cache_v2_dir);
- if (base32_decode(desc_id_digest, DIGEST_LEN,
- desc_id, REND_DESC_ID_V2_LEN_BASE32) != DIGEST_LEN) {
- log_fn(LOG_PROTOCOL_WARN, LD_REND,
- "Rejecting v2 rendezvous descriptor request -- descriptor ID "
- "has wrong length or illegal characters: %s",
- safe_str(desc_id));
- return -1;
- }
- /* Lookup descriptor and return. */
- e = digestmap_get(rend_cache_v2_dir, desc_id_digest);
- if (e) {
- *desc = e->desc;
- e->last_served = approx_time();
- return 1;
- }
- return 0;
-}
-
-/** Parse the v2 service descriptor(s) in <b>desc</b> and store it/them to the
- * local rend cache. Don't attempt to decrypt the included list of introduction
- * points (as we don't have a descriptor cookie for it).
- *
- * If we have a newer descriptor with the same ID, ignore this one.
- * If we have an older descriptor with the same ID, replace it.
- *
- * Return 0 on success, or -1 if we couldn't parse any of them.
- *
- * We should only call this function for public (e.g. non bridge) relays.
- */
-int
-rend_cache_store_v2_desc_as_dir(const char *desc)
-{
- const or_options_t *options = get_options();
- rend_service_descriptor_t *parsed;
- char desc_id[DIGEST_LEN];
- char *intro_content;
- size_t intro_size;
- size_t encoded_size;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- int number_parsed = 0, number_stored = 0;
- const char *current_desc = desc;
- const char *next_desc;
- rend_cache_entry_t *e;
- time_t now = time(NULL);
- tor_assert(rend_cache_v2_dir);
- tor_assert(desc);
- while (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
- &intro_size, &encoded_size,
- &next_desc, current_desc, 1) >= 0) {
- number_parsed++;
- /* We don't care about the introduction points. */
- tor_free(intro_content);
- /* For pretty log statements. */
- base32_encode(desc_id_base32, sizeof(desc_id_base32),
- desc_id, DIGEST_LEN);
- /* Is descriptor too old? */
- if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
- log_info(LD_REND, "Service descriptor with desc ID %s is too old.",
- safe_str(desc_id_base32));
- goto skip;
- }
- /* Is descriptor too far in the future? */
- if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
- log_info(LD_REND, "Service descriptor with desc ID %s is too far in the "
- "future.",
- safe_str(desc_id_base32));
- goto skip;
- }
- /* Do we already have a newer descriptor? */
- e = digestmap_get(rend_cache_v2_dir, desc_id);
- if (e && e->parsed->timestamp > parsed->timestamp) {
- log_info(LD_REND, "We already have a newer service descriptor with the "
- "same desc ID %s and version.",
- safe_str(desc_id_base32));
- goto skip;
- }
- /* Do we already have this descriptor? */
- if (e && !strcmp(desc, e->desc)) {
- log_info(LD_REND, "We already have this service descriptor with desc "
- "ID %s.", safe_str(desc_id_base32));
- goto skip;
- }
- /* Store received descriptor. */
- if (!e) {
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- digestmap_set(rend_cache_v2_dir, desc_id, e);
- /* Treat something just uploaded as having been served a little
- * while ago, so that flooding with new descriptors doesn't help
- * too much.
- */
- e->last_served = approx_time() - 3600;
- } else {
- rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
- rend_service_descriptor_free(e->parsed);
- tor_free(e->desc);
- }
- e->parsed = parsed;
- e->desc = tor_strndup(current_desc, encoded_size);
- e->len = encoded_size;
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- log_info(LD_REND, "Successfully stored service descriptor with desc ID "
- "'%s' and len %d.",
- safe_str(desc_id_base32), (int)encoded_size);
- /* Statistics: Note down this potentially new HS. */
- if (options->HiddenServiceStatistics) {
- rep_hist_hsdir_stored_maybe_new_v2_onion(e->parsed->pk);
- }
-
- number_stored++;
- goto advance;
- skip:
- rend_service_descriptor_free(parsed);
- advance:
- /* advance to next descriptor, if available. */
- current_desc = next_desc;
- /* check if there is a next descriptor. */
- if (!current_desc ||
- strcmpstart(current_desc, "rendezvous-service-descriptor "))
- break;
- }
- if (!number_parsed) {
- log_info(LD_REND, "Could not parse any descriptor.");
- return -1;
- }
- log_info(LD_REND, "Parsed %d and added %d descriptor%s.",
- number_parsed, number_stored, number_stored != 1 ? "s" : "");
- return 0;
-}
-
-/** Parse the v2 service descriptor in <b>desc</b> and store it to the
-* local service rend cache. Don't attempt to decrypt the included list of
-* introduction points.
-*
-* If we have a newer descriptor with the same ID, ignore this one.
-* If we have an older descriptor with the same ID, replace it.
-*
-* Return 0 on success, or -1 if we couldn't understand the descriptor.
-*/
-int
-rend_cache_store_v2_desc_as_service(const char *desc)
-{
- rend_service_descriptor_t *parsed = NULL;
- char desc_id[DIGEST_LEN];
- char *intro_content = NULL;
- size_t intro_size;
- size_t encoded_size;
- const char *next_desc;
- char service_id[REND_SERVICE_ID_LEN_BASE32+1];
- rend_cache_entry_t *e;
- int retval = -1;
- tor_assert(rend_cache_local_service);
- tor_assert(desc);
-
- /* Parse the descriptor. */
- if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
- &intro_size, &encoded_size,
- &next_desc, desc, 0) < 0) {
- log_warn(LD_REND, "Could not parse descriptor.");
- goto err;
- }
- /* Compute service ID from public key. */
- if (rend_get_service_id(parsed->pk, service_id)<0) {
- log_warn(LD_REND, "Couldn't compute service ID.");
- goto err;
- }
-
- /* Do we already have a newer descriptor? Allow new descriptors with a
- rounded timestamp equal to or newer than the current descriptor */
- e = (rend_cache_entry_t*) strmap_get_lc(rend_cache_local_service,
- service_id);
- if (e && e->parsed->timestamp > parsed->timestamp) {
- log_info(LD_REND, "We already have a newer service descriptor for "
- "service ID %s.", safe_str_client(service_id));
- goto okay;
- }
- /* We don't care about the introduction points. */
- tor_free(intro_content);
- if (!e) {
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- strmap_set_lc(rend_cache_local_service, service_id, e);
- } else {
- rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
- rend_service_descriptor_free(e->parsed);
- tor_free(e->desc);
- }
- e->parsed = parsed;
- e->desc = tor_malloc_zero(encoded_size + 1);
- strlcpy(e->desc, desc, encoded_size + 1);
- e->len = encoded_size;
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str_client(service_id), (int)encoded_size);
- return 0;
-
- okay:
- retval = 0;
-
- err:
- rend_service_descriptor_free(parsed);
- tor_free(intro_content);
- return retval;
-}
-
-/** Parse the v2 service descriptor in <b>desc</b>, decrypt the included list
- * of introduction points with <b>descriptor_cookie</b> (which may also be
- * <b>NULL</b> if decryption is not necessary), and store the descriptor to
- * the local cache under its version and service id.
- *
- * If we have a newer v2 descriptor with the same ID, ignore this one.
- * If we have an older descriptor with the same ID, replace it.
- * If the descriptor's service ID does not match
- * <b>rend_query</b>-\>onion_address, reject it.
- *
- * If the descriptor's descriptor ID doesn't match <b>desc_id_base32</b>,
- * reject it.
- *
- * Return 0 on success, or -1 if we rejected the descriptor.
- * If entry is not NULL, set it with the cache entry pointer of the descriptor.
- */
-int
-rend_cache_store_v2_desc_as_client(const char *desc,
- const char *desc_id_base32,
- const rend_data_t *rend_query,
- rend_cache_entry_t **entry)
-{
- /*XXXX this seems to have a bit of duplicate code with
- * rend_cache_store_v2_desc_as_dir(). Fix that. */
- /* Though having similar elements, both functions were separated on
- * purpose:
- * - dirs don't care about encoded/encrypted introduction points, clients
- * do.
- * - dirs store descriptors in a separate cache by descriptor ID, whereas
- * clients store them by service ID; both caches are different data
- * structures and have different access methods.
- * - dirs store a descriptor only if they are responsible for its ID,
- * clients do so in every way (because they have requested it before).
- * - dirs can process multiple concatenated descriptors which is required
- * for replication, whereas clients only accept a single descriptor.
- * Thus, combining both methods would result in a lot of if statements
- * which probably would not improve, but worsen code readability. -KL */
- rend_service_descriptor_t *parsed = NULL;
- char desc_id[DIGEST_LEN];
- char *intro_content = NULL;
- size_t intro_size;
- size_t encoded_size;
- const char *next_desc;
- time_t now = time(NULL);
- char key[REND_SERVICE_ID_LEN_BASE32+2];
- char service_id[REND_SERVICE_ID_LEN_BASE32+1];
- char want_desc_id[DIGEST_LEN];
- rend_cache_entry_t *e;
- int retval = -1;
- rend_data_v2_t *rend_data = TO_REND_DATA_V2(rend_query);
-
- tor_assert(rend_cache);
- tor_assert(desc);
- tor_assert(desc_id_base32);
- memset(want_desc_id, 0, sizeof(want_desc_id));
- if (entry) {
- *entry = NULL;
- }
- if (base32_decode(want_desc_id, sizeof(want_desc_id),
- desc_id_base32, strlen(desc_id_base32)) !=
- sizeof(want_desc_id)) {
- log_warn(LD_BUG, "Couldn't decode base32 %s for descriptor id.",
- escaped_safe_str_client(desc_id_base32));
- goto err;
- }
- /* Parse the descriptor. */
- if (rend_parse_v2_service_descriptor(&parsed, desc_id, &intro_content,
- &intro_size, &encoded_size,
- &next_desc, desc, 0) < 0) {
- log_warn(LD_REND, "Could not parse descriptor.");
- goto err;
- }
- /* Compute service ID from public key. */
- if (rend_get_service_id(parsed->pk, service_id)<0) {
- log_warn(LD_REND, "Couldn't compute service ID.");
- goto err;
- }
- if (rend_data->onion_address[0] != '\0' &&
- strcmp(rend_data->onion_address, service_id)) {
- log_warn(LD_REND, "Received service descriptor for service ID %s; "
- "expected descriptor for service ID %s.",
- service_id, safe_str(rend_data->onion_address));
- goto err;
- }
- if (tor_memneq(desc_id, want_desc_id, DIGEST_LEN)) {
- log_warn(LD_REND, "Received service descriptor for %s with incorrect "
- "descriptor ID.", service_id);
- goto err;
- }
-
- /* Decode/decrypt introduction points. */
- if (intro_content && intro_size > 0) {
- int n_intro_points;
- if (rend_data->auth_type != REND_NO_AUTH &&
- !safe_mem_is_zero(rend_data->descriptor_cookie,
- sizeof(rend_data->descriptor_cookie))) {
- char *ipos_decrypted = NULL;
- size_t ipos_decrypted_size;
- if (rend_decrypt_introduction_points(&ipos_decrypted,
- &ipos_decrypted_size,
- rend_data->descriptor_cookie,
- intro_content,
- intro_size) < 0) {
- log_warn(LD_REND, "Failed to decrypt introduction points. We are "
- "probably unable to parse the encoded introduction points.");
- } else {
- /* Replace encrypted with decrypted introduction points. */
- log_info(LD_REND, "Successfully decrypted introduction points.");
- tor_free(intro_content);
- intro_content = ipos_decrypted;
- intro_size = ipos_decrypted_size;
- }
- }
- n_intro_points = rend_parse_introduction_points(parsed, intro_content,
- intro_size);
- if (n_intro_points <= 0) {
- log_warn(LD_REND, "Failed to parse introduction points. Either the "
- "service has published a corrupt descriptor or you have "
- "provided invalid authorization data.");
- goto err;
- } else if (n_intro_points > MAX_INTRO_POINTS) {
- log_warn(LD_REND, "Found too many introduction points on a hidden "
- "service descriptor for %s. This is probably a (misguided) "
- "attempt to improve reliability, but it could also be an "
- "attempt to do a guard enumeration attack. Rejecting.",
- safe_str_client(service_id));
-
- goto err;
- }
- } else {
- log_info(LD_REND, "Descriptor does not contain any introduction points.");
- parsed->intro_nodes = smartlist_new();
- }
- /* We don't need the encoded/encrypted introduction points any longer. */
- tor_free(intro_content);
- /* Is descriptor too old? */
- if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
- log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
- safe_str_client(service_id));
- goto err;
- }
- /* Is descriptor too far in the future? */
- if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
- log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
- "the future.", safe_str_client(service_id));
- goto err;
- }
- /* Do we have the same exact copy already in our cache? */
- tor_snprintf(key, sizeof(key), "2%s", service_id);
- e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
- if (e && !strcmp(desc, e->desc)) {
- log_info(LD_REND,"We already have this service descriptor %s.",
- safe_str_client(service_id));
- goto okay;
- }
- /* Verify that we are not replacing an older descriptor. It's important to
- * avoid an evil HSDir serving old descriptor. We validate if the
- * timestamp is greater than and not equal because it's a rounded down
- * timestamp to the hour so if the descriptor changed in the same hour,
- * the rend cache failure will tell us if we have a new descriptor. */
- if (e && e->parsed->timestamp > parsed->timestamp) {
- log_info(LD_REND, "We already have a new enough service descriptor for "
- "service ID %s with the same desc ID and version.",
- safe_str_client(service_id));
- goto okay;
- }
- /* Lookup our failure cache for intro point that might be unusable. */
- validate_intro_point_failure(parsed, service_id);
- /* It's now possible that our intro point list is empty, which means that
- * this descriptor is useless to us because intro points have all failed
- * somehow before. Discard the descriptor. */
- if (smartlist_len(parsed->intro_nodes) == 0) {
- log_info(LD_REND, "Service descriptor with service ID %s has no "
- "usable intro points. Discarding it.",
- safe_str_client(service_id));
- goto err;
- }
- /* Now either purge the current one and replace its content or create a
- * new one and add it to the rend cache. */
- if (!e) {
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- strmap_set_lc(rend_cache, key, e);
- } else {
- rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
- rend_cache_failure_remove(e->parsed);
- rend_service_descriptor_free(e->parsed);
- tor_free(e->desc);
- }
- e->parsed = parsed;
- e->desc = tor_malloc_zero(encoded_size + 1);
- strlcpy(e->desc, desc, encoded_size + 1);
- e->len = encoded_size;
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str_client(service_id), (int)encoded_size);
- if (entry) {
- *entry = e;
- }
- return 0;
-
- okay:
- if (entry) {
- *entry = e;
- }
- retval = 0;
-
- err:
- rend_service_descriptor_free(parsed);
- tor_free(intro_content);
- return retval;
-}
diff --git a/src/feature/rend/rendcache.h b/src/feature/rend/rendcache.h
deleted file mode 100644
index 45410610b4..0000000000
--- a/src/feature/rend/rendcache.h
+++ /dev/null
@@ -1,132 +0,0 @@
-/* Copyright (c) 2015-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendcache.h
- * \brief Header file for rendcache.c
- **/
-
-#ifndef TOR_RENDCACHE_H
-#define TOR_RENDCACHE_H
-
-#include "core/or/or.h"
-#include "feature/rend/rendcommon.h"
-
-/** How old do we let hidden service descriptors get before discarding
- * them as too old? */
-#define REND_CACHE_MAX_AGE (2*24*60*60)
-/** How wrong do we assume our clock may be when checking whether hidden
- * services are too old or too new? */
-#define REND_CACHE_MAX_SKEW (24*60*60)
-/** How old do we keep an intro point failure entry in the failure cache? */
-#define REND_CACHE_FAILURE_MAX_AGE (5*60)
-
-/* Do not allow more than this many introduction points in a hidden service
- * descriptor */
-#define MAX_INTRO_POINTS 10
-
-/** A cached rendezvous descriptor. */
-typedef struct rend_cache_entry_t {
- size_t len; /**< Length of <b>desc</b> */
- time_t last_served; /**< When did we last write this one to somebody?
- * (HSDir only) */
- char *desc; /**< Service descriptor */
- rend_service_descriptor_t *parsed; /**< Parsed value of 'desc' */
-} rend_cache_entry_t;
-
-/* Introduction point failure type. */
-typedef struct rend_cache_failure_intro_t {
- /* When this intro point failure occurred thus we allocated this object and
- * cache it. */
- time_t created_ts;
- rend_intro_point_failure_t failure_type;
-} rend_cache_failure_intro_t;
-
-/** Cache failure object indexed by service ID. */
-typedef struct rend_cache_failure_t {
- /* Contains rend_cache_failure_intro_t indexed by identity digest. */
- digestmap_t *intro_failures;
-} rend_cache_failure_t;
-
-typedef enum {
- REND_CACHE_TYPE_CLIENT = 1,
- REND_CACHE_TYPE_SERVICE = 2,
-} rend_cache_type_t;
-
-/* Return maximum lifetime in seconds of a cache entry. */
-static inline time_t
-rend_cache_max_entry_lifetime(void)
-{
- return REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW;
-}
-
-void rend_cache_init(void);
-void rend_cache_clean(time_t now, rend_cache_type_t cache_type);
-void rend_cache_failure_clean(time_t now);
-size_t rend_cache_clean_v2_descs_as_dir(time_t cutoff);
-void rend_cache_purge(void);
-void rend_cache_free_all(void);
-int rend_cache_lookup_entry(const char *query, int version,
- rend_cache_entry_t **entry_out);
-int rend_cache_lookup_v2_desc_as_service(const char *query,
- rend_cache_entry_t **entry_out);
-int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc);
-
-int rend_cache_store_v2_desc_as_dir(const char *desc);
-int rend_cache_store_v2_desc_as_service(const char *desc);
-int rend_cache_store_v2_desc_as_client(const char *desc,
- const char *desc_id_base32,
- const rend_data_t *rend_query,
- rend_cache_entry_t **entry);
-size_t rend_cache_get_total_allocation(void);
-
-bool rend_cache_intro_failure_exists(const char *service_id,
- const uint8_t *intro_identity);
-void rend_cache_intro_failure_note(rend_intro_point_failure_t failure,
- const uint8_t *identity,
- const char *service_id);
-void rend_cache_failure_purge(void);
-void rend_cache_decrement_allocation(size_t n);
-void rend_cache_increment_allocation(size_t n);
-
-#ifdef RENDCACHE_PRIVATE
-
-STATIC size_t rend_cache_entry_allocation(const rend_cache_entry_t *e);
-STATIC void rend_cache_entry_free_(rend_cache_entry_t *e);
-#define rend_cache_entry_free(e) \
- FREE_AND_NULL(rend_cache_entry_t, rend_cache_entry_free_, (e))
-STATIC void rend_cache_failure_intro_entry_free_(rend_cache_failure_intro_t
- *entry);
-#define rend_cache_failure_intro_entry_free(e) \
- FREE_AND_NULL(rend_cache_failure_intro_t, \
- rend_cache_failure_intro_entry_free_, (e))
-STATIC void rend_cache_failure_entry_free_(rend_cache_failure_t *entry);
-#define rend_cache_failure_entry_free(e) \
- FREE_AND_NULL(rend_cache_failure_t, \
- rend_cache_failure_entry_free_, (e))
-STATIC int cache_failure_intro_lookup(const uint8_t *identity,
- const char *service_id,
- rend_cache_failure_intro_t
- **intro_entry);
-STATIC rend_cache_failure_intro_t *rend_cache_failure_intro_entry_new(
- rend_intro_point_failure_t failure);
-STATIC rend_cache_failure_t *rend_cache_failure_entry_new(void);
-STATIC void rend_cache_failure_remove(rend_service_descriptor_t *desc);
-STATIC void cache_failure_intro_add(const uint8_t *identity,
- const char *service_id,
- rend_intro_point_failure_t failure);
-STATIC void validate_intro_point_failure(const rend_service_descriptor_t *desc,
- const char *service_id);
-
-STATIC void rend_cache_failure_entry_free_void(void *entry);
-
-#ifdef TOR_UNIT_TESTS
-extern strmap_t *rend_cache;
-extern strmap_t *rend_cache_failure;
-extern digestmap_t *rend_cache_v2_dir;
-extern size_t rend_cache_total_allocation;
-#endif /* defined(TOR_UNIT_TESTS) */
-#endif /* defined(RENDCACHE_PRIVATE) */
-
-#endif /* !defined(TOR_RENDCACHE_H) */
-
diff --git a/src/feature/rend/rendcommon.c b/src/feature/rend/rendcommon.c
index 275ee52968..c512e3e670 100644
--- a/src/feature/rend/rendcommon.c
+++ b/src/feature/rend/rendcommon.c
@@ -11,763 +11,22 @@
#define RENDCOMMON_PRIVATE
#include "core/or/or.h"
-#include "core/or/circuitbuild.h"
+
+#include "app/config/config.h"
+
#include "core/or/circuitlist.h"
#include "core/or/circuituse.h"
-#include "core/or/extendinfo.h"
-#include "app/config/config.h"
-#include "feature/control/control_events.h"
-#include "lib/crypt_ops/crypto_rand.h"
-#include "lib/crypt_ops/crypto_util.h"
+
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_common.h"
#include "feature/hs/hs_intropoint.h"
-#include "feature/nodelist/networkstatus.h"
-#include "feature/rend/rendcache.h"
#include "feature/rend/rendcommon.h"
#include "feature/rend/rendmid.h"
-#include "feature/rend/rendparse.h"
-#include "feature/rend/rendservice.h"
-#include "feature/stats/rephist.h"
-#include "feature/hs_common/replaycache.h"
-#include "feature/relay/router.h"
-#include "feature/nodelist/routerlist.h"
-#include "feature/dirparse/signing.h"
+#include "core/or/circuit_st.h"
#include "core/or/cpath_build_state_st.h"
#include "core/or/crypt_path_st.h"
-#include "core/or/extend_info_st.h"
-#include "feature/nodelist/networkstatus_st.h"
#include "core/or/origin_circuit_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-#include "feature/nodelist/routerstatus_st.h"
-
-/** Return 0 if one and two are the same service ids, else -1 or 1 */
-int
-rend_cmp_service_ids(const char *one, const char *two)
-{
- return strcasecmp(one,two);
-}
-
-/** Free the storage held by the service descriptor <b>desc</b>.
- */
-void
-rend_service_descriptor_free_(rend_service_descriptor_t *desc)
-{
- if (!desc)
- return;
- if (desc->pk)
- crypto_pk_free(desc->pk);
- if (desc->intro_nodes) {
- SMARTLIST_FOREACH(desc->intro_nodes, rend_intro_point_t *, intro,
- rend_intro_point_free(intro););
- smartlist_free(desc->intro_nodes);
- }
- if (desc->successful_uploads) {
- SMARTLIST_FOREACH(desc->successful_uploads, char *, c, tor_free(c););
- smartlist_free(desc->successful_uploads);
- }
- tor_free(desc);
-}
-
-/** Length of the descriptor cookie that is used for versioned hidden
- * service descriptors. */
-#define REND_DESC_COOKIE_LEN 16
-
-/** Length of the replica number that is used to determine the secret ID
- * part of versioned hidden service descriptors. */
-#define REND_REPLICA_LEN 1
-
-/** Compute the descriptor ID for <b>service_id</b> of length
- * <b>REND_SERVICE_ID_LEN</b> and <b>secret_id_part</b> of length
- * <b>DIGEST_LEN</b>, and write it to <b>descriptor_id_out</b> of length
- * <b>DIGEST_LEN</b>. */
-void
-rend_get_descriptor_id_bytes(char *descriptor_id_out,
- const char *service_id,
- const char *secret_id_part)
-{
- crypto_digest_t *digest = crypto_digest_new();
- crypto_digest_add_bytes(digest, service_id, REND_SERVICE_ID_LEN);
- crypto_digest_add_bytes(digest, secret_id_part, DIGEST_LEN);
- crypto_digest_get_digest(digest, descriptor_id_out, DIGEST_LEN);
- crypto_digest_free(digest);
-}
-
-/** Compute the secret ID part for time_period,
- * a <b>descriptor_cookie</b> of length
- * <b>REND_DESC_COOKIE_LEN</b> which may also be <b>NULL</b> if no
- * descriptor_cookie shall be used, and <b>replica</b>, and write it to
- * <b>secret_id_part</b> of length DIGEST_LEN. */
-static void
-get_secret_id_part_bytes(char *secret_id_part, uint32_t time_period,
- const char *descriptor_cookie, uint8_t replica)
-{
- crypto_digest_t *digest = crypto_digest_new();
- time_period = htonl(time_period);
- crypto_digest_add_bytes(digest, (char*)&time_period, sizeof(uint32_t));
- if (descriptor_cookie) {
- crypto_digest_add_bytes(digest, descriptor_cookie,
- REND_DESC_COOKIE_LEN);
- }
- crypto_digest_add_bytes(digest, (const char *)&replica, REND_REPLICA_LEN);
- crypto_digest_get_digest(digest, secret_id_part, DIGEST_LEN);
- crypto_digest_free(digest);
-}
-
-/** Return the time period for time <b>now</b> plus a potentially
- * intended <b>deviation</b> of one or more periods, based on the first byte
- * of <b>service_id</b>. */
-static uint32_t
-get_time_period(time_t now, uint8_t deviation, const char *service_id)
-{
- /* The time period is the number of REND_TIME_PERIOD_V2_DESC_VALIDITY
- * intervals that have passed since the epoch, offset slightly so that
- * each service's time periods start and end at a fraction of that
- * period based on their first byte. */
- return (uint32_t)
- (now + ((uint8_t) *service_id) * REND_TIME_PERIOD_V2_DESC_VALIDITY / 256)
- / REND_TIME_PERIOD_V2_DESC_VALIDITY + deviation;
-}
-
-/** Compute the time in seconds that a descriptor that is generated
- * <b>now</b> for <b>service_id</b> will be valid. */
-static uint32_t
-get_seconds_valid(time_t now, const char *service_id)
-{
- uint32_t result = REND_TIME_PERIOD_V2_DESC_VALIDITY -
- ((uint32_t)
- (now + ((uint8_t) *service_id) * REND_TIME_PERIOD_V2_DESC_VALIDITY / 256)
- % REND_TIME_PERIOD_V2_DESC_VALIDITY);
- return result;
-}
-
-/** Compute the binary <b>desc_id_out</b> (DIGEST_LEN bytes long) for a given
- * base32-encoded <b>service_id</b> and optional unencoded
- * <b>descriptor_cookie</b> of length REND_DESC_COOKIE_LEN,
- * at time <b>now</b> for replica number
- * <b>replica</b>. <b>desc_id</b> needs to have <b>DIGEST_LEN</b> bytes
- * free. Return 0 for success, -1 otherwise. */
-int
-rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
- const char *descriptor_cookie, time_t now,
- uint8_t replica)
-{
- char service_id_binary[REND_SERVICE_ID_LEN];
- char secret_id_part[DIGEST_LEN];
- uint32_t time_period;
- if (!service_id ||
- strlen(service_id) != REND_SERVICE_ID_LEN_BASE32) {
- log_warn(LD_REND, "Could not compute v2 descriptor ID: "
- "Illegal service ID: %s",
- safe_str(service_id));
- return -1;
- }
- if (replica >= REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS) {
- log_warn(LD_REND, "Could not compute v2 descriptor ID: "
- "Replica number out of range: %d", replica);
- return -1;
- }
- /* Convert service ID to binary. */
- if (base32_decode(service_id_binary, REND_SERVICE_ID_LEN,
- service_id, REND_SERVICE_ID_LEN_BASE32) !=
- REND_SERVICE_ID_LEN) {
- log_warn(LD_REND, "Could not compute v2 descriptor ID: "
- "Illegal characters or wrong length for service ID: %s",
- safe_str_client(service_id));
- return -1;
- }
- /* Calculate current time-period. */
- time_period = get_time_period(now, 0, service_id_binary);
- /* Calculate secret-id-part = h(time-period | desc-cookie | replica). */
- get_secret_id_part_bytes(secret_id_part, time_period, descriptor_cookie,
- replica);
- /* Calculate descriptor ID: H(permanent-id | secret-id-part) */
- rend_get_descriptor_id_bytes(desc_id_out, service_id_binary, secret_id_part);
- return 0;
-}
-
-/** Encode the introduction points in <b>desc</b> and write the result to a
- * newly allocated string pointed to by <b>encoded</b>. Return 0 for
- * success, -1 otherwise. */
-static int
-rend_encode_v2_intro_points(char **encoded, rend_service_descriptor_t *desc)
-{
- size_t unenc_len;
- char *unenc = NULL;
- size_t unenc_written = 0;
- int i;
- int r = -1;
- /* Assemble unencrypted list of introduction points. */
- unenc_len = smartlist_len(desc->intro_nodes) * 1000; /* too long, but ok. */
- unenc = tor_malloc_zero(unenc_len);
- for (i = 0; i < smartlist_len(desc->intro_nodes); i++) {
- char id_base32[REND_INTRO_POINT_ID_LEN_BASE32 + 1];
- char *onion_key = NULL;
- size_t onion_key_len;
- crypto_pk_t *intro_key;
- char *service_key = NULL;
- char *address = NULL;
- size_t service_key_len;
- int res;
- rend_intro_point_t *intro = smartlist_get(desc->intro_nodes, i);
- /* Obtain extend info with introduction point details. */
- extend_info_t *info = intro->extend_info;
- /* Encode introduction point ID. */
- base32_encode(id_base32, sizeof(id_base32),
- info->identity_digest, DIGEST_LEN);
- /* Encode onion key. */
- if (crypto_pk_write_public_key_to_string(info->onion_key, &onion_key,
- &onion_key_len) < 0) {
- log_warn(LD_REND, "Could not write onion key.");
- goto done;
- }
- /* Encode intro key. */
- intro_key = intro->intro_key;
- if (!intro_key ||
- crypto_pk_write_public_key_to_string(intro_key, &service_key,
- &service_key_len) < 0) {
- log_warn(LD_REND, "Could not write intro key.");
- tor_free(onion_key);
- goto done;
- }
- /* Assemble everything for this introduction point. */
- const tor_addr_port_t *orport = extend_info_get_orport(info, AF_INET);
- IF_BUG_ONCE(!orport) {
- /* There must be an IPv4 address for v2 hs. */
- goto done;
- }
- address = tor_addr_to_str_dup(&orport->addr);
- res = tor_snprintf(unenc + unenc_written, unenc_len - unenc_written,
- "introduction-point %s\n"
- "ip-address %s\n"
- "onion-port %d\n"
- "onion-key\n%s"
- "service-key\n%s",
- id_base32,
- address,
- orport->port,
- onion_key,
- service_key);
- tor_free(address);
- tor_free(onion_key);
- tor_free(service_key);
- if (res < 0) {
- log_warn(LD_REND, "Not enough space for writing introduction point "
- "string.");
- goto done;
- }
- /* Update total number of written bytes for unencrypted intro points. */
- unenc_written += res;
- }
- /* Finalize unencrypted introduction points. */
- if (unenc_len < unenc_written + 2) {
- log_warn(LD_REND, "Not enough space for finalizing introduction point "
- "string.");
- goto done;
- }
- unenc[unenc_written++] = '\n';
- unenc[unenc_written++] = 0;
- *encoded = unenc;
- r = 0;
- done:
- if (r<0)
- tor_free(unenc);
- return r;
-}
-
-/** Encrypt the encoded introduction points in <b>encoded</b> using
- * authorization type 'basic' with <b>client_cookies</b> and write the
- * result to a newly allocated string pointed to by <b>encrypted_out</b> of
- * length <b>encrypted_len_out</b>. Return 0 for success, -1 otherwise. */
-static int
-rend_encrypt_v2_intro_points_basic(char **encrypted_out,
- size_t *encrypted_len_out,
- const char *encoded,
- smartlist_t *client_cookies)
-{
- int r = -1, i, pos, enclen, client_blocks;
- size_t len, client_entries_len;
- char *enc = NULL, iv[CIPHER_IV_LEN], *client_part = NULL,
- session_key[CIPHER_KEY_LEN];
- smartlist_t *encrypted_session_keys = NULL;
- crypto_digest_t *digest;
- crypto_cipher_t *cipher;
- tor_assert(encoded);
- tor_assert(client_cookies && smartlist_len(client_cookies) > 0);
-
- /* Generate session key. */
- crypto_rand(session_key, CIPHER_KEY_LEN);
-
- /* Determine length of encrypted introduction points including session
- * keys. */
- client_blocks = 1 + ((smartlist_len(client_cookies) - 1) /
- REND_BASIC_AUTH_CLIENT_MULTIPLE);
- client_entries_len = client_blocks * REND_BASIC_AUTH_CLIENT_MULTIPLE *
- REND_BASIC_AUTH_CLIENT_ENTRY_LEN;
- len = 2 + client_entries_len + CIPHER_IV_LEN + strlen(encoded);
- if (client_blocks >= 256) {
- log_warn(LD_REND, "Too many clients in introduction point string.");
- goto done;
- }
- enc = tor_malloc_zero(len);
- enc[0] = 0x01; /* type of authorization. */
- enc[1] = (uint8_t)client_blocks;
-
- /* Encrypt with random session key. */
- enclen = crypto_cipher_encrypt_with_iv(session_key,
- enc + 2 + client_entries_len,
- CIPHER_IV_LEN + strlen(encoded), encoded, strlen(encoded));
-
- if (enclen < 0) {
- log_warn(LD_REND, "Could not encrypt introduction point string.");
- goto done;
- }
- memcpy(iv, enc + 2 + client_entries_len, CIPHER_IV_LEN);
-
- /* Encrypt session key for cookies, determine client IDs, and put both
- * in a smartlist. */
- encrypted_session_keys = smartlist_new();
- SMARTLIST_FOREACH_BEGIN(client_cookies, const char *, cookie) {
- client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- /* Encrypt session key. */
- cipher = crypto_cipher_new(cookie);
- if (crypto_cipher_encrypt(cipher, client_part +
- REND_BASIC_AUTH_CLIENT_ID_LEN,
- session_key, CIPHER_KEY_LEN) < 0) {
- log_warn(LD_REND, "Could not encrypt session key for client.");
- crypto_cipher_free(cipher);
- tor_free(client_part);
- goto done;
- }
- crypto_cipher_free(cipher);
-
- /* Determine client ID. */
- digest = crypto_digest_new();
- crypto_digest_add_bytes(digest, cookie, REND_DESC_COOKIE_LEN);
- crypto_digest_add_bytes(digest, iv, CIPHER_IV_LEN);
- crypto_digest_get_digest(digest, client_part,
- REND_BASIC_AUTH_CLIENT_ID_LEN);
- crypto_digest_free(digest);
-
- /* Put both together. */
- smartlist_add(encrypted_session_keys, client_part);
- } SMARTLIST_FOREACH_END(cookie);
-
- /* Add some fake client IDs and encrypted session keys. */
- for (i = (smartlist_len(client_cookies) - 1) %
- REND_BASIC_AUTH_CLIENT_MULTIPLE;
- i < REND_BASIC_AUTH_CLIENT_MULTIPLE - 1; i++) {
- client_part = tor_malloc_zero(REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- crypto_rand(client_part, REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- smartlist_add(encrypted_session_keys, client_part);
- }
- /* Sort smartlist and put elements in result in order. */
- smartlist_sort_digests(encrypted_session_keys);
- pos = 2;
- SMARTLIST_FOREACH(encrypted_session_keys, const char *, entry, {
- memcpy(enc + pos, entry, REND_BASIC_AUTH_CLIENT_ENTRY_LEN);
- pos += REND_BASIC_AUTH_CLIENT_ENTRY_LEN;
- });
- *encrypted_out = enc;
- *encrypted_len_out = len;
- enc = NULL; /* prevent free. */
- r = 0;
- done:
- tor_free(enc);
- if (encrypted_session_keys) {
- SMARTLIST_FOREACH(encrypted_session_keys, char *, d, tor_free(d););
- smartlist_free(encrypted_session_keys);
- }
- return r;
-}
-
-/** Encrypt the encoded introduction points in <b>encoded</b> using
- * authorization type 'stealth' with <b>descriptor_cookie</b> of length
- * REND_DESC_COOKIE_LEN and write the result to a newly allocated string
- * pointed to by <b>encrypted_out</b> of length <b>encrypted_len_out</b>.
- * Return 0 for success, -1 otherwise. */
-static int
-rend_encrypt_v2_intro_points_stealth(char **encrypted_out,
- size_t *encrypted_len_out,
- const char *encoded,
- const char *descriptor_cookie)
-{
- int r = -1, enclen;
- char *enc;
- tor_assert(encoded);
- tor_assert(descriptor_cookie);
-
- enc = tor_malloc_zero(1 + CIPHER_IV_LEN + strlen(encoded));
- enc[0] = 0x02; /* Auth type */
- enclen = crypto_cipher_encrypt_with_iv(descriptor_cookie,
- enc + 1,
- CIPHER_IV_LEN+strlen(encoded),
- encoded, strlen(encoded));
- if (enclen < 0) {
- log_warn(LD_REND, "Could not encrypt introduction point string.");
- goto done;
- }
- *encrypted_out = enc;
- *encrypted_len_out = enclen;
- enc = NULL; /* prevent free */
- r = 0;
- done:
- tor_free(enc);
- return r;
-}
-
-/** Attempt to parse the given <b>desc_str</b> and return true if this
- * succeeds, false otherwise. */
-STATIC int
-rend_desc_v2_is_parsable(rend_encoded_v2_service_descriptor_t *desc)
-{
- rend_service_descriptor_t *test_parsed = NULL;
- char test_desc_id[DIGEST_LEN];
- char *test_intro_content = NULL;
- size_t test_intro_size;
- size_t test_encoded_size;
- const char *test_next;
- int res = rend_parse_v2_service_descriptor(&test_parsed, test_desc_id,
- &test_intro_content,
- &test_intro_size,
- &test_encoded_size,
- &test_next, desc->desc_str, 1);
- rend_service_descriptor_free(test_parsed);
- tor_free(test_intro_content);
- return (res >= 0);
-}
-
-/** Free the storage held by an encoded v2 service descriptor. */
-void
-rend_encoded_v2_service_descriptor_free_(
- rend_encoded_v2_service_descriptor_t *desc)
-{
- if (!desc)
- return;
- tor_free(desc->desc_str);
- tor_free(desc);
-}
-
-/** Free the storage held by an introduction point info. */
-void
-rend_intro_point_free_(rend_intro_point_t *intro)
-{
- if (!intro)
- return;
-
- extend_info_free(intro->extend_info);
- crypto_pk_free(intro->intro_key);
-
- if (intro->accepted_intro_rsa_parts != NULL) {
- replaycache_free(intro->accepted_intro_rsa_parts);
- }
-
- tor_free(intro);
-}
-
-/** Encode a set of rend_encoded_v2_service_descriptor_t's for <b>desc</b>
- * at time <b>now</b> using <b>service_key</b>, depending on
- * <b>auth_type</b> a <b>descriptor_cookie</b> and a list of
- * <b>client_cookies</b> (which are both <b>NULL</b> if no client
- * authorization is performed), and <b>period</b> (e.g. 0 for the current
- * period, 1 for the next period, etc.) and add them to the existing list
- * <b>descs_out</b>; return the number of seconds that the descriptors will
- * be found by clients, or -1 if the encoding was not successful. */
-int
-rend_encode_v2_descriptors(smartlist_t *descs_out,
- rend_service_descriptor_t *desc, time_t now,
- uint8_t period, rend_auth_type_t auth_type,
- crypto_pk_t *client_key,
- smartlist_t *client_cookies)
-{
- char service_id[DIGEST_LEN];
- char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
- uint32_t time_period;
- char *ipos_base64 = NULL, *ipos = NULL, *ipos_encrypted = NULL,
- *descriptor_cookie = NULL;
- size_t ipos_len = 0, ipos_encrypted_len = 0;
- int k;
- uint32_t seconds_valid;
- crypto_pk_t *service_key;
- if (!desc) {
- log_warn(LD_BUG, "Could not encode v2 descriptor: No desc given.");
- return -1;
- }
- service_key = (auth_type == REND_STEALTH_AUTH) ? client_key : desc->pk;
- tor_assert(service_key);
- if (auth_type == REND_STEALTH_AUTH) {
- descriptor_cookie = smartlist_get(client_cookies, 0);
- tor_assert(descriptor_cookie);
- }
- /* Obtain service_id from public key. */
- if (crypto_pk_get_digest(service_key, service_id) < 0) {
- log_warn(LD_BUG, "Couldn't compute service key digest.");
- return -1;
- }
- /* Calculate current time-period. */
- time_period = get_time_period(now, period, service_id);
- /* Determine how many seconds the descriptor will be valid. */
- seconds_valid = period * REND_TIME_PERIOD_V2_DESC_VALIDITY +
- get_seconds_valid(now, service_id);
- /* Assemble, possibly encrypt, and encode introduction points. */
- if (smartlist_len(desc->intro_nodes) > 0) {
- if (rend_encode_v2_intro_points(&ipos, desc) < 0) {
- log_warn(LD_REND, "Encoding of introduction points did not succeed.");
- return -1;
- }
- switch (auth_type) {
- case REND_NO_AUTH:
- ipos_len = strlen(ipos);
- break;
- case REND_BASIC_AUTH:
- if (rend_encrypt_v2_intro_points_basic(&ipos_encrypted,
- &ipos_encrypted_len, ipos,
- client_cookies) < 0) {
- log_warn(LD_REND, "Encrypting of introduction points did not "
- "succeed.");
- tor_free(ipos);
- return -1;
- }
- tor_free(ipos);
- ipos = ipos_encrypted;
- ipos_len = ipos_encrypted_len;
- break;
- case REND_STEALTH_AUTH:
- if (rend_encrypt_v2_intro_points_stealth(&ipos_encrypted,
- &ipos_encrypted_len, ipos,
- descriptor_cookie) < 0) {
- log_warn(LD_REND, "Encrypting of introduction points did not "
- "succeed.");
- tor_free(ipos);
- return -1;
- }
- tor_free(ipos);
- ipos = ipos_encrypted;
- ipos_len = ipos_encrypted_len;
- break;
- case REND_V3_AUTH:
- break; /* v3 service, break. */
- default:
- log_warn(LD_REND|LD_BUG, "Unrecognized authorization type %d",
- (int)auth_type);
- tor_free(ipos);
- return -1;
- }
- /* Base64-encode introduction points. */
- ipos_base64 = tor_calloc(ipos_len, 2);
- if (base64_encode(ipos_base64, ipos_len * 2, ipos, ipos_len,
- BASE64_ENCODE_MULTILINE)<0) {
- log_warn(LD_REND, "Could not encode introduction point string to "
- "base64. length=%d", (int)ipos_len);
- tor_free(ipos_base64);
- tor_free(ipos);
- return -1;
- }
- tor_free(ipos);
- }
- /* Encode REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS descriptors. */
- for (k = 0; k < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; k++) {
- char secret_id_part[DIGEST_LEN];
- char secret_id_part_base32[REND_SECRET_ID_PART_LEN_BASE32 + 1];
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- char *permanent_key = NULL;
- size_t permanent_key_len;
- char published[ISO_TIME_LEN+1];
- int i;
- char protocol_versions_string[16]; /* max len: "0,1,2,3,4,5,6,7\0" */
- size_t protocol_versions_written;
- size_t desc_len;
- char *desc_str = NULL;
- int result = 0;
- size_t written = 0;
- char desc_digest[DIGEST_LEN];
- rend_encoded_v2_service_descriptor_t *enc =
- tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t));
- /* Calculate secret-id-part = h(time-period | cookie | replica). */
- get_secret_id_part_bytes(secret_id_part, time_period, descriptor_cookie,
- k);
- base32_encode(secret_id_part_base32, sizeof(secret_id_part_base32),
- secret_id_part, DIGEST_LEN);
- /* Calculate descriptor ID. */
- rend_get_descriptor_id_bytes(enc->desc_id, service_id, secret_id_part);
- base32_encode(desc_id_base32, sizeof(desc_id_base32),
- enc->desc_id, DIGEST_LEN);
- /* PEM-encode the public key */
- if (crypto_pk_write_public_key_to_string(service_key, &permanent_key,
- &permanent_key_len) < 0) {
- log_warn(LD_BUG, "Could not write public key to string.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- /* Encode timestamp. */
- format_iso_time(published, desc->timestamp);
- /* Write protocol-versions bitmask to comma-separated value string. */
- protocol_versions_written = 0;
- for (i = 0; i < 8; i++) {
- if (desc->protocols & 1 << i) {
- tor_snprintf(protocol_versions_string + protocol_versions_written,
- 16 - protocol_versions_written, "%d,", i);
- protocol_versions_written += 2;
- }
- }
- if (protocol_versions_written)
- protocol_versions_string[protocol_versions_written - 1] = '\0';
- else
- protocol_versions_string[0]= '\0';
- /* Assemble complete descriptor. */
- desc_len = 2000 + smartlist_len(desc->intro_nodes) * 1000; /* far too long,
- but okay.*/
- enc->desc_str = desc_str = tor_malloc_zero(desc_len);
- result = tor_snprintf(desc_str, desc_len,
- "rendezvous-service-descriptor %s\n"
- "version 2\n"
- "permanent-key\n%s"
- "secret-id-part %s\n"
- "publication-time %s\n"
- "protocol-versions %s\n",
- desc_id_base32,
- permanent_key,
- secret_id_part_base32,
- published,
- protocol_versions_string);
- tor_free(permanent_key);
- if (result < 0) {
- log_warn(LD_BUG, "Descriptor ran out of room.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- written = result;
- /* Add introduction points. */
- if (ipos_base64) {
- result = tor_snprintf(desc_str + written, desc_len - written,
- "introduction-points\n"
- "-----BEGIN MESSAGE-----\n%s"
- "-----END MESSAGE-----\n",
- ipos_base64);
- if (result < 0) {
- log_warn(LD_BUG, "could not write introduction points.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- written += result;
- }
- /* Add signature. */
- strlcpy(desc_str + written, "signature\n", desc_len - written);
- written += strlen(desc_str + written);
- if (crypto_digest(desc_digest, desc_str, written) < 0) {
- log_warn(LD_BUG, "could not create digest.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- if (router_append_dirobj_signature(desc_str + written,
- desc_len - written,
- desc_digest, DIGEST_LEN,
- service_key) < 0) {
- log_warn(LD_BUG, "Couldn't sign desc.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- written += strlen(desc_str+written);
- if (written+2 > desc_len) {
- log_warn(LD_BUG, "Could not finish desc.");
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- desc_str[written++] = 0;
- /* Check if we can parse our own descriptor. */
- if (!rend_desc_v2_is_parsable(enc)) {
- log_warn(LD_BUG, "Could not parse my own descriptor: %s", desc_str);
- rend_encoded_v2_service_descriptor_free(enc);
- goto err;
- }
- smartlist_add(descs_out, enc);
- /* Add the uploaded descriptor to the local service's descriptor cache */
- rend_cache_store_v2_desc_as_service(enc->desc_str);
- base32_encode(service_id_base32, sizeof(service_id_base32),
- service_id, REND_SERVICE_ID_LEN);
- control_event_hs_descriptor_created(service_id_base32, desc_id_base32, k);
- }
-
- log_info(LD_REND, "Successfully encoded a v2 descriptor and "
- "confirmed that it is parsable.");
- goto done;
-
- err:
- SMARTLIST_FOREACH(descs_out, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d););
- smartlist_clear(descs_out);
- seconds_valid = -1;
-
- done:
- tor_free(ipos_base64);
- return seconds_valid;
-}
-
-/** Sets <b>out</b> to the first 10 bytes of the digest of <b>pk</b>,
- * base32 encoded. NUL-terminates out. (We use this string to
- * identify services in directory requests and .onion URLs.)
- */
-int
-rend_get_service_id(crypto_pk_t *pk, char *out)
-{
- char buf[DIGEST_LEN];
- tor_assert(pk);
- if (crypto_pk_get_digest(pk, buf) < 0)
- return -1;
- base32_encode(out, REND_SERVICE_ID_LEN_BASE32+1, buf, REND_SERVICE_ID_LEN);
- return 0;
-}
-
-/** Return true iff <b>query</b> is a syntactically valid service ID (as
- * generated by rend_get_service_id). */
-int
-rend_valid_v2_service_id(const char *query)
-{
- if (strlen(query) != REND_SERVICE_ID_LEN_BASE32)
- return 0;
-
- if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32)
- return 0;
-
- return 1;
-}
-
-/** Return true iff <b>query</b> is a syntactically valid descriptor ID.
- * (as generated by rend_get_descriptor_id_bytes). */
-int
-rend_valid_descriptor_id(const char *query)
-{
- if (strlen(query) != REND_DESC_ID_V2_LEN_BASE32) {
- goto invalid;
- }
- if (strspn(query, BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
- goto invalid;
- }
-
- return 1;
-
- invalid:
- return 0;
-}
-
-/** Return true iff <b>client_name</b> is a syntactically valid name
- * for rendezvous client authentication. */
-int
-rend_valid_client_name(const char *client_name)
-{
- size_t len = strlen(client_name);
- if (len < 1 || len > REND_CLIENTNAME_MAX_LEN) {
- return 0;
- }
- if (strspn(client_name, REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
- return 0;
- }
-
- return 1;
-}
/** Called when we get a rendezvous-related relay cell on circuit
* <b>circ</b>. Dispatch on rendezvous relay command. */
@@ -842,168 +101,6 @@ rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
command);
}
-/** Determine the routers that are responsible for <b>id</b> (binary) and
- * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
- * Return -1 if we're returning an empty smartlist, else return 0.
- */
-int
-hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
- const char *id)
-{
- int start, found, n_added = 0, i;
- networkstatus_t *c = networkstatus_get_latest_consensus();
- if (!c || !smartlist_len(c->routerstatus_list)) {
- log_info(LD_REND, "We don't have a consensus, so we can't perform v2 "
- "rendezvous operations.");
- return -1;
- }
- tor_assert(id);
- start = networkstatus_vote_find_entry_idx(c, id, &found);
- if (start == smartlist_len(c->routerstatus_list)) start = 0;
- i = start;
- do {
- routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
- if (r->is_hs_dir) {
- smartlist_add(responsible_dirs, r);
- if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
- return 0;
- }
- if (++i == smartlist_len(c->routerstatus_list))
- i = 0;
- } while (i != start);
-
- /* Even though we don't have the desired number of hidden service
- * directories, be happy if we got any. */
- return smartlist_len(responsible_dirs) ? 0 : -1;
-}
-
-/* Length of the 'extended' auth cookie used to encode auth type before
- * base64 encoding. */
-#define REND_DESC_COOKIE_LEN_EXT (REND_DESC_COOKIE_LEN + 1)
-/* Length of the zero-padded auth cookie when base64 encoded. These two
- * padding bytes always (A=) are stripped off of the returned cookie. */
-#define REND_DESC_COOKIE_LEN_EXT_BASE64 (REND_DESC_COOKIE_LEN_BASE64 + 2)
-
-/** Encode a client authorization descriptor cookie.
- * The result of this function is suitable for use in the HidServAuth
- * option. The trailing padding characters are removed, and the
- * auth type is encoded into the cookie.
- *
- * Returns a new base64-encoded cookie. This function cannot fail.
- * The caller is responsible for freeing the returned value.
- */
-char *
-rend_auth_encode_cookie(const uint8_t *cookie_in, rend_auth_type_t auth_type)
-{
- uint8_t extended_cookie[REND_DESC_COOKIE_LEN_EXT];
- char *cookie_out = tor_malloc_zero(REND_DESC_COOKIE_LEN_EXT_BASE64 + 1);
- int re;
-
- tor_assert(cookie_in);
-
- memcpy(extended_cookie, cookie_in, REND_DESC_COOKIE_LEN);
- extended_cookie[REND_DESC_COOKIE_LEN] = ((int)auth_type - 1) << 4;
- re = base64_encode(cookie_out, REND_DESC_COOKIE_LEN_EXT_BASE64 + 1,
- (const char *) extended_cookie, REND_DESC_COOKIE_LEN_EXT,
- 0);
- tor_assert(re == REND_DESC_COOKIE_LEN_EXT_BASE64);
-
- /* Remove the trailing 'A='. Auth type is encoded in the high bits
- * of the last byte, so the last base64 character will always be zero
- * (A). This is subtly different behavior from base64_encode_nopad. */
- cookie_out[REND_DESC_COOKIE_LEN_BASE64] = '\0';
- memwipe(extended_cookie, 0, sizeof(extended_cookie));
- return cookie_out;
-}
-
-/** Decode a base64-encoded client authorization descriptor cookie.
- * The descriptor_cookie can be truncated to REND_DESC_COOKIE_LEN_BASE64
- * characters (as given to clients), or may include the two padding
- * characters (as stored by the service).
- *
- * The result is stored in REND_DESC_COOKIE_LEN bytes of cookie_out.
- * The rend_auth_type_t decoded from the cookie is stored in the
- * optional auth_type_out parameter.
- *
- * Return 0 on success, or -1 on error. The caller is responsible for
- * freeing the returned err_msg.
- */
-int
-rend_auth_decode_cookie(const char *cookie_in, uint8_t *cookie_out,
- rend_auth_type_t *auth_type_out, char **err_msg_out)
-{
- uint8_t descriptor_cookie_decoded[REND_DESC_COOKIE_LEN_EXT + 1] = { 0 };
- char descriptor_cookie_base64ext[REND_DESC_COOKIE_LEN_EXT_BASE64 + 1];
- const char *descriptor_cookie = cookie_in;
- char *err_msg = NULL;
- int auth_type_val = 0;
- int res = -1;
- int decoded_len;
-
- size_t len = strlen(descriptor_cookie);
- if (len == REND_DESC_COOKIE_LEN_BASE64) {
- /* Add a trailing zero byte to make base64-decoding happy. */
- tor_snprintf(descriptor_cookie_base64ext,
- sizeof(descriptor_cookie_base64ext),
- "%sA=", descriptor_cookie);
- descriptor_cookie = descriptor_cookie_base64ext;
- } else if (len != REND_DESC_COOKIE_LEN_EXT_BASE64) {
- tor_asprintf(&err_msg, "Authorization cookie has wrong length: %s",
- escaped(cookie_in));
- goto err;
- }
-
- decoded_len = base64_decode((char *) descriptor_cookie_decoded,
- sizeof(descriptor_cookie_decoded),
- descriptor_cookie,
- REND_DESC_COOKIE_LEN_EXT_BASE64);
- if (decoded_len != REND_DESC_COOKIE_LEN &&
- decoded_len != REND_DESC_COOKIE_LEN_EXT) {
- tor_asprintf(&err_msg, "Authorization cookie has invalid characters: %s",
- escaped(cookie_in));
- goto err;
- }
-
- if (auth_type_out) {
- auth_type_val = (descriptor_cookie_decoded[REND_DESC_COOKIE_LEN] >> 4) + 1;
- if (auth_type_val < 1 || auth_type_val > 2) {
- tor_asprintf(&err_msg, "Authorization cookie type is unknown: %s",
- escaped(cookie_in));
- goto err;
- }
- *auth_type_out = auth_type_val == 1 ? REND_BASIC_AUTH : REND_STEALTH_AUTH;
- }
-
- memcpy(cookie_out, descriptor_cookie_decoded, REND_DESC_COOKIE_LEN);
- res = 0;
- err:
- if (err_msg_out) {
- *err_msg_out = err_msg;
- } else {
- tor_free(err_msg);
- }
- memwipe(descriptor_cookie_decoded, 0, sizeof(descriptor_cookie_decoded));
- memwipe(descriptor_cookie_base64ext, 0, sizeof(descriptor_cookie_base64ext));
- return res;
-}
-
-/* Is this a rend client or server that allows direct (non-anonymous)
- * connections?
- * Onion services can be configured to start in this mode for single onion. */
-int
-rend_allow_non_anonymous_connection(const or_options_t* options)
-{
- return rend_service_allow_non_anonymous_connection(options);
-}
-
-/* Is this a rend client or server in non-anonymous mode?
- * Onion services can be configured to start in this mode for single onion. */
-int
-rend_non_anonymous_mode_enabled(const or_options_t *options)
-{
- return rend_service_non_anonymous_mode_enabled(options);
-}
-
/* Make sure that tor only builds one-hop circuits when they would not
* compromise user anonymity.
*
@@ -1022,35 +119,6 @@ assert_circ_anonymity_ok(const origin_circuit_t *circ,
tor_assert(circ->build_state);
if (circ->build_state->onehop_tunnel) {
- tor_assert(rend_allow_non_anonymous_connection(options));
- }
-}
-
-/* Return 1 iff the given <b>digest</b> of a permenanent hidden service key is
- * equal to the digest in the origin circuit <b>ocirc</b> of its rend data .
- * If the rend data doesn't exist, 0 is returned. This function is agnostic to
- * the rend data version. */
-int
-rend_circuit_pk_digest_eq(const origin_circuit_t *ocirc,
- const uint8_t *digest)
-{
- size_t rend_pk_digest_len;
- const uint8_t *rend_pk_digest;
-
- tor_assert(ocirc);
- tor_assert(digest);
-
- if (ocirc->rend_data == NULL) {
- goto no_match;
- }
-
- rend_pk_digest = rend_data_get_pk_digest(ocirc->rend_data,
- &rend_pk_digest_len);
- if (tor_memeq(rend_pk_digest, digest, rend_pk_digest_len)) {
- goto match;
+ tor_assert(hs_service_allow_non_anonymous_connection(options));
}
- no_match:
- return 0;
- match:
- return 1;
}
diff --git a/src/feature/rend/rendcommon.h b/src/feature/rend/rendcommon.h
index d8281e0578..502d594940 100644
--- a/src/feature/rend/rendcommon.h
+++ b/src/feature/rend/rendcommon.h
@@ -18,65 +18,12 @@ typedef enum rend_intro_point_failure_t {
INTRO_POINT_FAILURE_UNREACHABLE = 2,
} rend_intro_point_failure_t;
-int rend_cmp_service_ids(const char *one, const char *two);
-
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
int command, size_t length,
const uint8_t *payload);
-void rend_service_descriptor_free_(rend_service_descriptor_t *desc);
-#define rend_service_descriptor_free(desc) \
- FREE_AND_NULL(rend_service_descriptor_t, rend_service_descriptor_free_, \
- (desc))
-int rend_get_service_id(crypto_pk_t *pk, char *out);
-void rend_encoded_v2_service_descriptor_free_(
- rend_encoded_v2_service_descriptor_t *desc);
-#define rend_encoded_v2_service_descriptor_free(desc) \
- FREE_AND_NULL(rend_encoded_v2_service_descriptor_t, \
- rend_encoded_v2_service_descriptor_free_, (desc))
-void rend_intro_point_free_(rend_intro_point_t *intro);
-#define rend_intro_point_free(intro) \
- FREE_AND_NULL(rend_intro_point_t, rend_intro_point_free_, (intro))
-
-int rend_valid_v2_service_id(const char *query);
-int rend_valid_descriptor_id(const char *query);
-int rend_valid_client_name(const char *client_name);
-int rend_encode_v2_descriptors(smartlist_t *descs_out,
- rend_service_descriptor_t *desc, time_t now,
- uint8_t period, rend_auth_type_t auth_type,
- crypto_pk_t *client_key,
- smartlist_t *client_cookies);
-int rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
- const char *descriptor_cookie,
- time_t now, uint8_t replica);
-void rend_get_descriptor_id_bytes(char *descriptor_id_out,
- const char *service_id,
- const char *secret_id_part);
-int hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
- const char *id);
-
-int rend_circuit_pk_digest_eq(const origin_circuit_t *ocirc,
- const uint8_t *digest);
-
-char *rend_auth_encode_cookie(const uint8_t *cookie_in,
- rend_auth_type_t auth_type);
-int rend_auth_decode_cookie(const char *cookie_in,
- uint8_t *cookie_out,
- rend_auth_type_t *auth_type_out,
- char **err_msg_out);
-
-int rend_allow_non_anonymous_connection(const or_options_t* options);
-int rend_non_anonymous_mode_enabled(const or_options_t *options);
-
void assert_circ_anonymity_ok(const origin_circuit_t *circ,
const or_options_t *options);
-#ifdef RENDCOMMON_PRIVATE
-
-STATIC int
-rend_desc_v2_is_parsable(rend_encoded_v2_service_descriptor_t *desc);
-
-#endif /* defined(RENDCOMMON_PRIVATE) */
-
#endif /* !defined(TOR_RENDCOMMON_H) */
diff --git a/src/feature/rend/rendparse.c b/src/feature/rend/rendparse.c
deleted file mode 100644
index c28add5ca9..0000000000
--- a/src/feature/rend/rendparse.c
+++ /dev/null
@@ -1,612 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendparse.c
- * \brief Code to parse and validate v2 hidden service descriptors.
- **/
-
-#include "core/or/or.h"
-#include "core/or/extendinfo.h"
-#include "feature/dirparse/parsecommon.h"
-#include "feature/dirparse/sigcommon.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendparse.h"
-#include "lib/memarea/memarea.h"
-
-#include "core/or/extend_info_st.h"
-#include "feature/rend/rend_authorized_client_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-
-/** List of tokens recognized in rendezvous service descriptors */
-static token_rule_t desc_token_table[] = {
- T1_START("rendezvous-service-descriptor", R_RENDEZVOUS_SERVICE_DESCRIPTOR,
- EQ(1), NO_OBJ),
- T1("version", R_VERSION, EQ(1), NO_OBJ),
- T1("permanent-key", R_PERMANENT_KEY, NO_ARGS, NEED_KEY_1024),
- T1("secret-id-part", R_SECRET_ID_PART, EQ(1), NO_OBJ),
- T1("publication-time", R_PUBLICATION_TIME, CONCAT_ARGS, NO_OBJ),
- T1("protocol-versions", R_PROTOCOL_VERSIONS, EQ(1), NO_OBJ),
- T01("introduction-points", R_INTRODUCTION_POINTS, NO_ARGS, NEED_OBJ),
- T1_END("signature", R_SIGNATURE, NO_ARGS, NEED_OBJ),
- END_OF_TABLE
-};
-
-/** List of tokens recognized in the (encrypted) list of introduction points of
- * rendezvous service descriptors */
-static token_rule_t ipo_token_table[] = {
- T1_START("introduction-point", R_IPO_IDENTIFIER, EQ(1), NO_OBJ),
- T1("ip-address", R_IPO_IP_ADDRESS, EQ(1), NO_OBJ),
- T1("onion-port", R_IPO_ONION_PORT, EQ(1), NO_OBJ),
- T1("onion-key", R_IPO_ONION_KEY, NO_ARGS, NEED_KEY_1024),
- T1("service-key", R_IPO_SERVICE_KEY, NO_ARGS, NEED_KEY_1024),
- END_OF_TABLE
-};
-
-/** List of tokens recognized in the (possibly encrypted) list of introduction
- * points of rendezvous service descriptors */
-static token_rule_t client_keys_token_table[] = {
- T1_START("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ),
- T1("descriptor-cookie", C_DESCRIPTOR_COOKIE, EQ(1), NO_OBJ),
- T01("client-key", C_CLIENT_KEY, NO_ARGS, NEED_SKEY_1024),
- END_OF_TABLE
-};
-
-/** Parse and validate the ASCII-encoded v2 descriptor in <b>desc</b>,
- * write the parsed descriptor to the newly allocated *<b>parsed_out</b>, the
- * binary descriptor ID of length DIGEST_LEN to <b>desc_id_out</b>, the
- * encrypted introduction points to the newly allocated
- * *<b>intro_points_encrypted_out</b>, their encrypted size to
- * *<b>intro_points_encrypted_size_out</b>, the size of the encoded descriptor
- * to *<b>encoded_size_out</b>, and a pointer to the possibly next
- * descriptor to *<b>next_out</b>; return 0 for success (including validation)
- * and -1 for failure.
- *
- * If <b>as_hsdir</b> is 1, we're parsing this as an HSDir, and we should
- * be strict about time formats.
- */
-int
-rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
- char *desc_id_out,
- char **intro_points_encrypted_out,
- size_t *intro_points_encrypted_size_out,
- size_t *encoded_size_out,
- const char **next_out, const char *desc,
- int as_hsdir)
-{
- rend_service_descriptor_t *result =
- tor_malloc_zero(sizeof(rend_service_descriptor_t));
- char desc_hash[DIGEST_LEN];
- const char *eos;
- smartlist_t *tokens = smartlist_new();
- directory_token_t *tok;
- char secret_id_part[DIGEST_LEN];
- int i, version, num_ok=1;
- smartlist_t *versions;
- char public_key_hash[DIGEST_LEN];
- char test_desc_id[DIGEST_LEN];
- memarea_t *area = NULL;
- const int strict_time_fmt = as_hsdir;
-
- tor_assert(desc);
- /* Check if desc starts correctly. */
- if (strcmpstart(desc, "rendezvous-service-descriptor ")) {
- log_info(LD_REND, "Descriptor does not start correctly.");
- goto err;
- }
- /* Compute descriptor hash for later validation. */
- if (router_get_hash_impl(desc, strlen(desc), desc_hash,
- "rendezvous-service-descriptor ",
- "\nsignature", '\n', DIGEST_SHA1) < 0) {
- log_warn(LD_REND, "Couldn't compute descriptor hash.");
- goto err;
- }
- /* Determine end of string. */
- eos = strstr(desc, "\nrendezvous-service-descriptor ");
- if (!eos)
- eos = desc + strlen(desc);
- else
- eos = eos + 1;
- /* Check length. */
- if (eos-desc > REND_DESC_MAX_SIZE) {
- /* XXXX+ If we are parsing this descriptor as a server, this
- * should be a protocol warning. */
- log_warn(LD_REND, "Descriptor length is %d which exceeds "
- "maximum rendezvous descriptor size of %d bytes.",
- (int)(eos-desc), REND_DESC_MAX_SIZE);
- goto err;
- }
- /* Tokenize descriptor. */
- area = memarea_new();
- if (tokenize_string(area, desc, eos, tokens, desc_token_table, 0)) {
- log_warn(LD_REND, "Error tokenizing descriptor.");
- goto err;
- }
- /* Set next to next descriptor, if available. */
- *next_out = eos;
- /* Set length of encoded descriptor. */
- *encoded_size_out = eos - desc;
- /* Check min allowed length of token list. */
- if (smartlist_len(tokens) < 7) {
- log_warn(LD_REND, "Impossibly short descriptor.");
- goto err;
- }
- /* Parse base32-encoded descriptor ID. */
- tok = find_by_keyword(tokens, R_RENDEZVOUS_SERVICE_DESCRIPTOR);
- tor_assert(tok == smartlist_get(tokens, 0));
- tor_assert(tok->n_args == 1);
- if (!rend_valid_descriptor_id(tok->args[0])) {
- log_warn(LD_REND, "Invalid descriptor ID: '%s'", tok->args[0]);
- goto err;
- }
- if (base32_decode(desc_id_out, DIGEST_LEN,
- tok->args[0], REND_DESC_ID_V2_LEN_BASE32) != DIGEST_LEN) {
- log_warn(LD_REND,
- "Descriptor ID has wrong length or illegal characters: %s",
- tok->args[0]);
- goto err;
- }
- /* Parse descriptor version. */
- tok = find_by_keyword(tokens, R_VERSION);
- tor_assert(tok->n_args == 1);
- result->version =
- (int) tor_parse_long(tok->args[0], 10, 0, INT_MAX, &num_ok, NULL);
- if (result->version != 2 || !num_ok) {
- /* If it's <2, it shouldn't be under this format. If the number
- * is greater than 2, we bumped it because we broke backward
- * compatibility. See how version numbers in our other formats
- * work. */
- log_warn(LD_REND, "Unrecognized descriptor version: %s",
- escaped(tok->args[0]));
- goto err;
- }
- /* Parse public key. */
- tok = find_by_keyword(tokens, R_PERMANENT_KEY);
- result->pk = tok->key;
- tok->key = NULL; /* Prevent free */
- /* Parse secret ID part. */
- tok = find_by_keyword(tokens, R_SECRET_ID_PART);
- tor_assert(tok->n_args == 1);
- if (strlen(tok->args[0]) != REND_SECRET_ID_PART_LEN_BASE32 ||
- strspn(tok->args[0], BASE32_CHARS) != REND_SECRET_ID_PART_LEN_BASE32) {
- log_warn(LD_REND, "Invalid secret ID part: '%s'", tok->args[0]);
- goto err;
- }
- if (base32_decode(secret_id_part, DIGEST_LEN, tok->args[0], 32) !=
- DIGEST_LEN) {
- log_warn(LD_REND,
- "Secret ID part has wrong length or illegal characters: %s",
- tok->args[0]);
- goto err;
- }
- /* Parse publication time -- up-to-date check is done when storing the
- * descriptor. */
- tok = find_by_keyword(tokens, R_PUBLICATION_TIME);
- tor_assert(tok->n_args == 1);
- if (parse_iso_time_(tok->args[0], &result->timestamp,
- strict_time_fmt, 0) < 0) {
- log_warn(LD_REND, "Invalid publication time: '%s'", tok->args[0]);
- goto err;
- }
- /* Parse protocol versions. */
- tok = find_by_keyword(tokens, R_PROTOCOL_VERSIONS);
- tor_assert(tok->n_args == 1);
- versions = smartlist_new();
- smartlist_split_string(versions, tok->args[0], ",",
- SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
- for (i = 0; i < smartlist_len(versions); i++) {
- version = (int) tor_parse_long(smartlist_get(versions, i),
- 10, 0, INT_MAX, &num_ok, NULL);
- if (!num_ok) /* It's a string; let's ignore it. */
- continue;
- if (version >= REND_PROTOCOL_VERSION_BITMASK_WIDTH)
- /* Avoid undefined left-shift behaviour. */
- continue;
- result->protocols |= 1 << version;
- }
- SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
- smartlist_free(versions);
- /* Parse encrypted introduction points. Don't verify. */
- tok = find_opt_by_keyword(tokens, R_INTRODUCTION_POINTS);
- if (tok) {
- if (strcmp(tok->object_type, "MESSAGE")) {
- log_warn(LD_DIR, "Bad object type: introduction points should be of "
- "type MESSAGE");
- goto err;
- }
- *intro_points_encrypted_out = tor_memdup(tok->object_body,
- tok->object_size);
- *intro_points_encrypted_size_out = tok->object_size;
- } else {
- *intro_points_encrypted_out = NULL;
- *intro_points_encrypted_size_out = 0;
- }
- /* Parse and verify signature. */
- tok = find_by_keyword(tokens, R_SIGNATURE);
- if (check_signature_token(desc_hash, DIGEST_LEN, tok, result->pk, 0,
- "v2 rendezvous service descriptor") < 0)
- goto err;
- /* Verify that descriptor ID belongs to public key and secret ID part. */
- if (crypto_pk_get_digest(result->pk, public_key_hash) < 0) {
- log_warn(LD_REND, "Unable to compute rend descriptor public key digest");
- goto err;
- }
- rend_get_descriptor_id_bytes(test_desc_id, public_key_hash,
- secret_id_part);
- if (tor_memneq(desc_id_out, test_desc_id, DIGEST_LEN)) {
- log_warn(LD_REND, "Parsed descriptor ID does not match "
- "computed descriptor ID.");
- goto err;
- }
- goto done;
- err:
- rend_service_descriptor_free(result);
- result = NULL;
- done:
- if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
- smartlist_free(tokens);
- }
- if (area)
- memarea_drop_all(area);
- *parsed_out = result;
- if (result)
- return 0;
- return -1;
-}
-
-/** Decrypt the encrypted introduction points in <b>ipos_encrypted</b> of
- * length <b>ipos_encrypted_size</b> using <b>descriptor_cookie</b> and
- * write the result to a newly allocated string that is pointed to by
- * <b>ipos_decrypted</b> and its length to <b>ipos_decrypted_size</b>.
- * Return 0 if decryption was successful and -1 otherwise. */
-int
-rend_decrypt_introduction_points(char **ipos_decrypted,
- size_t *ipos_decrypted_size,
- const char *descriptor_cookie,
- const char *ipos_encrypted,
- size_t ipos_encrypted_size)
-{
- tor_assert(ipos_encrypted);
- tor_assert(descriptor_cookie);
- if (ipos_encrypted_size < 2) {
- log_warn(LD_REND, "Size of encrypted introduction points is too "
- "small.");
- return -1;
- }
- if (ipos_encrypted[0] == (int)REND_BASIC_AUTH) {
- char iv[CIPHER_IV_LEN], client_id[REND_BASIC_AUTH_CLIENT_ID_LEN],
- session_key[CIPHER_KEY_LEN], *dec;
- int declen, client_blocks;
- size_t pos = 0, len, client_entries_len;
- crypto_digest_t *digest;
- crypto_cipher_t *cipher;
- client_blocks = (int) ipos_encrypted[1];
- client_entries_len = client_blocks * REND_BASIC_AUTH_CLIENT_MULTIPLE *
- REND_BASIC_AUTH_CLIENT_ENTRY_LEN;
- if (ipos_encrypted_size < 2 + client_entries_len + CIPHER_IV_LEN + 1) {
- log_warn(LD_REND, "Size of encrypted introduction points is too "
- "small.");
- return -1;
- }
- memcpy(iv, ipos_encrypted + 2 + client_entries_len, CIPHER_IV_LEN);
- digest = crypto_digest_new();
- crypto_digest_add_bytes(digest, descriptor_cookie, REND_DESC_COOKIE_LEN);
- crypto_digest_add_bytes(digest, iv, CIPHER_IV_LEN);
- crypto_digest_get_digest(digest, client_id,
- REND_BASIC_AUTH_CLIENT_ID_LEN);
- crypto_digest_free(digest);
- for (pos = 2; pos < 2 + client_entries_len;
- pos += REND_BASIC_AUTH_CLIENT_ENTRY_LEN) {
- if (tor_memeq(ipos_encrypted + pos, client_id,
- REND_BASIC_AUTH_CLIENT_ID_LEN)) {
- /* Attempt to decrypt introduction points. */
- cipher = crypto_cipher_new(descriptor_cookie);
- if (crypto_cipher_decrypt(cipher, session_key, ipos_encrypted
- + pos + REND_BASIC_AUTH_CLIENT_ID_LEN,
- CIPHER_KEY_LEN) < 0) {
- log_warn(LD_REND, "Could not decrypt session key for client.");
- crypto_cipher_free(cipher);
- return -1;
- }
- crypto_cipher_free(cipher);
-
- len = ipos_encrypted_size - 2 - client_entries_len - CIPHER_IV_LEN;
- dec = tor_malloc_zero(len + 1);
- declen = crypto_cipher_decrypt_with_iv(session_key, dec, len,
- ipos_encrypted + 2 + client_entries_len,
- ipos_encrypted_size - 2 - client_entries_len);
-
- if (declen < 0) {
- log_warn(LD_REND, "Could not decrypt introduction point string.");
- tor_free(dec);
- return -1;
- }
- if (fast_memcmpstart(dec, declen, "introduction-point ")) {
- log_warn(LD_REND, "Decrypted introduction points don't "
- "look like we could parse them.");
- tor_free(dec);
- continue;
- }
- *ipos_decrypted = dec;
- *ipos_decrypted_size = declen;
- return 0;
- }
- }
- log_warn(LD_REND, "Could not decrypt introduction points. Please "
- "check your authorization for this service!");
- return -1;
- } else if (ipos_encrypted[0] == (int)REND_STEALTH_AUTH) {
- char *dec;
- int declen;
- if (ipos_encrypted_size < CIPHER_IV_LEN + 2) {
- log_warn(LD_REND, "Size of encrypted introduction points is too "
- "small.");
- return -1;
- }
- dec = tor_malloc_zero(ipos_encrypted_size - CIPHER_IV_LEN - 1 + 1);
-
- declen = crypto_cipher_decrypt_with_iv(descriptor_cookie, dec,
- ipos_encrypted_size -
- CIPHER_IV_LEN - 1,
- ipos_encrypted + 1,
- ipos_encrypted_size - 1);
-
- if (declen < 0) {
- log_warn(LD_REND, "Decrypting introduction points failed!");
- tor_free(dec);
- return -1;
- }
- *ipos_decrypted = dec;
- *ipos_decrypted_size = declen;
- return 0;
- } else {
- log_warn(LD_REND, "Unknown authorization type number: %d",
- ipos_encrypted[0]);
- return -1;
- }
-}
-
-/** Parse the encoded introduction points in <b>intro_points_encoded</b> of
- * length <b>intro_points_encoded_size</b> and write the result to the
- * descriptor in <b>parsed</b>; return the number of successfully parsed
- * introduction points or -1 in case of a failure. */
-int
-rend_parse_introduction_points(rend_service_descriptor_t *parsed,
- const char *intro_points_encoded,
- size_t intro_points_encoded_size)
-{
- const char *current_ipo, *end_of_intro_points;
- smartlist_t *tokens = NULL;
- directory_token_t *tok;
- rend_intro_point_t *intro;
- extend_info_t *info;
- int result, num_ok=1;
- memarea_t *area = NULL;
- tor_assert(parsed);
- /** Function may only be invoked once. */
- tor_assert(!parsed->intro_nodes);
- if (!intro_points_encoded || intro_points_encoded_size == 0) {
- log_warn(LD_REND, "Empty or zero size introduction point list");
- goto err;
- }
- /* Consider one intro point after the other. */
- current_ipo = intro_points_encoded;
- end_of_intro_points = intro_points_encoded + intro_points_encoded_size;
- tokens = smartlist_new();
- parsed->intro_nodes = smartlist_new();
- area = memarea_new();
-
- while (!fast_memcmpstart(current_ipo, end_of_intro_points-current_ipo,
- "introduction-point ")) {
- /* Determine end of string. */
- const char *eos = tor_memstr(current_ipo, end_of_intro_points-current_ipo,
- "\nintroduction-point ");
- if (!eos)
- eos = end_of_intro_points;
- else
- eos = eos+1;
- tor_assert(eos <= intro_points_encoded+intro_points_encoded_size);
- /* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
- smartlist_clear(tokens);
- memarea_clear(area);
- /* Tokenize string. */
- if (tokenize_string(area, current_ipo, eos, tokens, ipo_token_table, 0)) {
- log_warn(LD_REND, "Error tokenizing introduction point");
- goto err;
- }
- /* Advance to next introduction point, if available. */
- current_ipo = eos;
- /* Check minimum allowed length of introduction point. */
- if (smartlist_len(tokens) < 5) {
- log_warn(LD_REND, "Impossibly short introduction point.");
- goto err;
- }
- /* Allocate new intro point and extend info. */
- intro = tor_malloc_zero(sizeof(rend_intro_point_t));
- info = intro->extend_info =
- extend_info_new(NULL, NULL, NULL, NULL, NULL, NULL, 0);
- /* Parse identifier. */
- tok = find_by_keyword(tokens, R_IPO_IDENTIFIER);
- if (base32_decode(info->identity_digest, DIGEST_LEN,
- tok->args[0], REND_INTRO_POINT_ID_LEN_BASE32) !=
- DIGEST_LEN) {
- log_warn(LD_REND,
- "Identity digest has wrong length or illegal characters: %s",
- tok->args[0]);
- rend_intro_point_free(intro);
- goto err;
- }
- /* Write identifier to nickname. */
- info->nickname[0] = '$';
- base16_encode(info->nickname + 1, sizeof(info->nickname) - 1,
- info->identity_digest, DIGEST_LEN);
- /* Parse IP address. */
- tok = find_by_keyword(tokens, R_IPO_IP_ADDRESS);
- tor_addr_t addr;
- if (tor_addr_parse(&addr, tok->args[0])<0) {
- log_warn(LD_REND, "Could not parse introduction point address.");
- rend_intro_point_free(intro);
- goto err;
- }
- if (tor_addr_family(&addr) != AF_INET) {
- log_warn(LD_REND, "Introduction point address was not ipv4.");
- rend_intro_point_free(intro);
- goto err;
- }
-
- /* Parse onion port. */
- tok = find_by_keyword(tokens, R_IPO_ONION_PORT);
- uint16_t port = (uint16_t) tor_parse_long(tok->args[0],10,1,65535,
- &num_ok,NULL);
- if (!port || !num_ok) {
- log_warn(LD_REND, "Introduction point onion port %s is invalid",
- escaped(tok->args[0]));
- rend_intro_point_free(intro);
- goto err;
- }
-
- /* Add the address and port. */
- extend_info_add_orport(info, &addr, port);
-
- /* Parse onion key. */
- tok = find_by_keyword(tokens, R_IPO_ONION_KEY);
- if (!crypto_pk_public_exponent_ok(tok->key)) {
- log_warn(LD_REND,
- "Introduction point's onion key had invalid exponent.");
- rend_intro_point_free(intro);
- goto err;
- }
- info->onion_key = tok->key;
- tok->key = NULL; /* Prevent free */
- /* Parse service key. */
- tok = find_by_keyword(tokens, R_IPO_SERVICE_KEY);
- if (!crypto_pk_public_exponent_ok(tok->key)) {
- log_warn(LD_REND,
- "Introduction point key had invalid exponent.");
- rend_intro_point_free(intro);
- goto err;
- }
- intro->intro_key = tok->key;
- tok->key = NULL; /* Prevent free */
- /* Add extend info to list of introduction points. */
- smartlist_add(parsed->intro_nodes, intro);
- }
- result = smartlist_len(parsed->intro_nodes);
- goto done;
-
- err:
- result = -1;
-
- done:
- /* Free tokens and clear token list. */
- if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
- smartlist_free(tokens);
- }
- if (area)
- memarea_drop_all(area);
-
- return result;
-}
-
-/** Parse the content of a client_key file in <b>ckstr</b> and add
- * rend_authorized_client_t's for each parsed client to
- * <b>parsed_clients</b>. Return the number of parsed clients as result
- * or -1 for failure. */
-int
-rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
-{
- int result = -1;
- smartlist_t *tokens;
- directory_token_t *tok;
- const char *current_entry = NULL;
- memarea_t *area = NULL;
- char *err_msg = NULL;
- if (!ckstr || strlen(ckstr) == 0)
- return -1;
- tokens = smartlist_new();
- /* Begin parsing with first entry, skipping comments or whitespace at the
- * beginning. */
- area = memarea_new();
- current_entry = eat_whitespace(ckstr);
- while (!strcmpstart(current_entry, "client-name ")) {
- rend_authorized_client_t *parsed_entry;
- /* Determine end of string. */
- const char *eos = strstr(current_entry, "\nclient-name ");
- if (!eos)
- eos = current_entry + strlen(current_entry);
- else
- eos = eos + 1;
- /* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
- smartlist_clear(tokens);
- memarea_clear(area);
- /* Tokenize string. */
- if (tokenize_string(area, current_entry, eos, tokens,
- client_keys_token_table, 0)) {
- log_warn(LD_REND, "Error tokenizing client keys file.");
- goto err;
- }
- /* Advance to next entry, if available. */
- current_entry = eos;
- /* Check minimum allowed length of token list. */
- if (smartlist_len(tokens) < 2) {
- log_warn(LD_REND, "Impossibly short client key entry.");
- goto err;
- }
- /* Parse client name. */
- tok = find_by_keyword(tokens, C_CLIENT_NAME);
- tor_assert(tok == smartlist_get(tokens, 0));
- tor_assert(tok->n_args == 1);
-
- if (!rend_valid_client_name(tok->args[0])) {
- log_warn(LD_CONFIG, "Illegal client name: %s. (Length must be "
- "between 1 and %d, and valid characters are "
- "[A-Za-z0-9+-_].)", tok->args[0], REND_CLIENTNAME_MAX_LEN);
- goto err;
- }
- /* Check if client name is duplicate. */
- if (strmap_get(parsed_clients, tok->args[0])) {
- log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains a "
- "duplicate client name: '%s'. Ignoring.", tok->args[0]);
- goto err;
- }
- parsed_entry = tor_malloc_zero(sizeof(rend_authorized_client_t));
- parsed_entry->client_name = tor_strdup(tok->args[0]);
- strmap_set(parsed_clients, parsed_entry->client_name, parsed_entry);
- /* Parse client key. */
- tok = find_opt_by_keyword(tokens, C_CLIENT_KEY);
- if (tok) {
- parsed_entry->client_key = tok->key;
- tok->key = NULL; /* Prevent free */
- }
-
- /* Parse descriptor cookie. */
- tok = find_by_keyword(tokens, C_DESCRIPTOR_COOKIE);
- tor_assert(tok->n_args == 1);
- if (rend_auth_decode_cookie(tok->args[0], parsed_entry->descriptor_cookie,
- NULL, &err_msg) < 0) {
- tor_assert(err_msg);
- log_warn(LD_REND, "%s", err_msg);
- tor_free(err_msg);
- goto err;
- }
- }
- result = strmap_size(parsed_clients);
- goto done;
- err:
- result = -1;
- done:
- /* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
- smartlist_free(tokens);
- if (area)
- memarea_drop_all(area);
- return result;
-}
diff --git a/src/feature/rend/rendparse.h b/src/feature/rend/rendparse.h
deleted file mode 100644
index 75109c204d..0000000000
--- a/src/feature/rend/rendparse.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendparse.h
- * \brief Header file for rendparse.c.
- **/
-
-#ifndef TOR_REND_PARSE_H
-#define TOR_REND_PARSE_H
-
-int rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
- char *desc_id_out,
- char **intro_points_encrypted_out,
- size_t *intro_points_encrypted_size_out,
- size_t *encoded_size_out,
- const char **next_out, const char *desc,
- int as_hsdir);
-int rend_decrypt_introduction_points(char **ipos_decrypted,
- size_t *ipos_decrypted_size,
- const char *descriptor_cookie,
- const char *ipos_encrypted,
- size_t ipos_encrypted_size);
-int rend_parse_introduction_points(rend_service_descriptor_t *parsed,
- const char *intro_points_encoded,
- size_t intro_points_encoded_size);
-int rend_parse_client_keys(strmap_t *parsed_clients, const char *str);
-
-#endif /* !defined(TOR_REND_PARSE_H) */
diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c
deleted file mode 100644
index a744f6f93a..0000000000
--- a/src/feature/rend/rendservice.c
+++ /dev/null
@@ -1,4403 +0,0 @@
-/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendservice.c
- * \brief The hidden-service side of rendezvous functionality.
- **/
-
-#define RENDSERVICE_PRIVATE
-
-#include "core/or/or.h"
-
-#include "app/config/config.h"
-#include "core/mainloop/mainloop.h"
-#include "core/or/circuitbuild.h"
-#include "core/or/circuitlist.h"
-#include "core/or/circuituse.h"
-#include "core/or/extendinfo.h"
-#include "core/or/policies.h"
-#include "core/or/relay.h"
-#include "core/or/crypt_path.h"
-#include "feature/client/circpathbias.h"
-#include "feature/control/control_events.h"
-#include "feature/dirclient/dirclient.h"
-#include "feature/dircommon/directory.h"
-#include "feature/hs/hs_common.h"
-#include "feature/hs/hs_config.h"
-#include "feature/hs_common/replaycache.h"
-#include "feature/keymgt/loadkey.h"
-#include "feature/nodelist/describe.h"
-#include "feature/nodelist/networkstatus.h"
-#include "feature/nodelist/nickname.h"
-#include "feature/nodelist/node_select.h"
-#include "feature/nodelist/nodelist.h"
-#include "feature/nodelist/routerset.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendparse.h"
-#include "feature/rend/rendservice.h"
-#include "feature/stats/predict_ports.h"
-#include "lib/crypt_ops/crypto_dh.h"
-#include "lib/crypt_ops/crypto_rand.h"
-#include "lib/crypt_ops/crypto_util.h"
-#include "lib/encoding/confline.h"
-#include "lib/net/resolve.h"
-
-#include "core/or/cpath_build_state_st.h"
-#include "core/or/crypt_path_st.h"
-#include "core/or/crypt_path_reference_st.h"
-#include "core/or/edge_connection_st.h"
-#include "core/or/extend_info_st.h"
-#include "feature/hs/hs_opts_st.h"
-#include "feature/nodelist/networkstatus_st.h"
-#include "core/or/origin_circuit_st.h"
-#include "feature/rend/rend_authorized_client_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-#include "feature/nodelist/routerstatus_st.h"
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-struct rend_service_t;
-static origin_circuit_t *find_intro_circuit(rend_intro_point_t *intro,
- const char *pk_digest);
-static rend_intro_point_t *find_intro_point(origin_circuit_t *circ);
-static rend_intro_point_t *find_expiring_intro_point(
- struct rend_service_t *service, origin_circuit_t *circ);
-
-static extend_info_t *find_rp_for_intro(
- const rend_intro_cell_t *intro,
- char **err_msg_out);
-
-static int intro_point_accepted_intro_count(rend_intro_point_t *intro);
-static int intro_point_should_expire_now(rend_intro_point_t *intro,
- time_t now);
-static int rend_service_derive_key_digests(struct rend_service_t *s);
-static int rend_service_load_keys(struct rend_service_t *s);
-static int rend_service_load_auth_keys(struct rend_service_t *s,
- const char *hfname);
-static struct rend_service_t *rend_service_get_by_pk_digest(
- const char* digest);
-static struct rend_service_t *rend_service_get_by_service_id(const char *id);
-static const char *rend_service_escaped_dir(
- const struct rend_service_t *s);
-
-static ssize_t rend_service_parse_intro_for_v0_or_v1(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out);
-static ssize_t rend_service_parse_intro_for_v2(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out);
-static ssize_t rend_service_parse_intro_for_v3(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out);
-
-static int rend_service_check_private_dir(const or_options_t *options,
- const rend_service_t *s,
- int create);
-static const smartlist_t* rend_get_service_list(
- const smartlist_t* substitute_service_list);
-static smartlist_t* rend_get_service_list_mutable(
- smartlist_t* substitute_service_list);
-static int rend_max_intro_circs_per_period(unsigned int n_intro_points_wanted);
-
-/* Hidden service directory file names:
- * new file names should be added to rend_service_add_filenames_to_list()
- * for sandboxing purposes. */
-static const char *private_key_fname = "private_key";
-static const char *hostname_fname = "hostname";
-static const char *client_keys_fname = "client_keys";
-static const char *sos_poison_fname = "onion_service_non_anonymous";
-
-/** A list of rend_service_t's for services run on this OP. */
-static smartlist_t *rend_service_list = NULL;
-/** A list of rend_service_t's for services run on this OP which is used as a
- * staging area before they are put in the main list in order to prune dying
- * service on config reload. */
-static smartlist_t *rend_service_staging_list = NULL;
-
-/** Helper: log the deprecation warning for version 2 only once. */
-static void
-log_once_deprecation_warning(void)
-{
- static bool logged_once = false;
- if (!logged_once) {
- log_warn(LD_REND, "DEPRECATED: Onion service version 2 are deprecated. "
- "Please use version 3 which is the default now. "
- "Currently, version 2 is planned to be obsolete in "
- "the Tor version 0.4.6 stable series.");
- logged_once = true;
- }
-}
-/** Macro to make it very explicit that we are warning about deprecation. */
-#define WARN_ONCE_DEPRECATION() log_once_deprecation_warning()
-
-/* Like rend_get_service_list_mutable, but returns a read-only list. */
-static const smartlist_t*
-rend_get_service_list(const smartlist_t* substitute_service_list)
-{
- /* It is safe to cast away the const here, because
- * rend_get_service_list_mutable does not actually modify the list */
- return rend_get_service_list_mutable((smartlist_t*)substitute_service_list);
-}
-
-/* Return a mutable list of hidden services.
- * If substitute_service_list is not NULL, return it.
- * Otherwise, check if the global rend_service_list is non-NULL, and if so,
- * return it.
- * Otherwise, log a BUG message and return NULL.
- * */
-static smartlist_t*
-rend_get_service_list_mutable(smartlist_t* substitute_service_list)
-{
- if (substitute_service_list) {
- return substitute_service_list;
- }
-
- /* If no special service list is provided, then just use the global one. */
-
- if (BUG(!rend_service_list)) {
- /* No global HS list, which is a programmer error. */
- return NULL;
- }
-
- return rend_service_list;
-}
-
-/** Tells if onion service <b>s</b> is ephemeral.
- */
-static unsigned int
-rend_service_is_ephemeral(const struct rend_service_t *s)
-{
- return (s->directory == NULL);
-}
-
-/** Returns a escaped string representation of the service, <b>s</b>.
- */
-static const char *
-rend_service_escaped_dir(const struct rend_service_t *s)
-{
- return rend_service_is_ephemeral(s) ? "[EPHEMERAL]" : escaped(s->directory);
-}
-
-/** Return the number of rendezvous services we have configured. */
-int
-rend_num_services(void)
-{
- if (!rend_service_list)
- return 0;
- return smartlist_len(rend_service_list);
-}
-
-/** Helper: free storage held by a single service authorized client entry. */
-void
-rend_authorized_client_free_(rend_authorized_client_t *client)
-{
- if (!client)
- return;
- if (client->client_key)
- crypto_pk_free(client->client_key);
- if (client->client_name)
- memwipe(client->client_name, 0, strlen(client->client_name));
- tor_free(client->client_name);
- memwipe(client->descriptor_cookie, 0, sizeof(client->descriptor_cookie));
- tor_free(client);
-}
-
-/** Helper for strmap_free. */
-static void
-rend_authorized_client_free_void(void *authorized_client)
-{
- rend_authorized_client_free_(authorized_client);
-}
-
-/** Release the storage held by <b>service</b>.
- */
-STATIC void
-rend_service_free_(rend_service_t *service)
-{
- if (!service)
- return;
-
- tor_free(service->directory);
- if (service->ports) {
- SMARTLIST_FOREACH(service->ports, hs_port_config_t*, p,
- hs_port_config_free(p));
- smartlist_free(service->ports);
- }
- if (service->private_key)
- crypto_pk_free(service->private_key);
- if (service->intro_nodes) {
- SMARTLIST_FOREACH(service->intro_nodes, rend_intro_point_t *, intro,
- rend_intro_point_free(intro););
- smartlist_free(service->intro_nodes);
- }
- if (service->expiring_nodes) {
- SMARTLIST_FOREACH(service->expiring_nodes, rend_intro_point_t *, intro,
- rend_intro_point_free(intro););
- smartlist_free(service->expiring_nodes);
- }
-
- rend_service_descriptor_free(service->desc);
- if (service->clients) {
- SMARTLIST_FOREACH(service->clients, rend_authorized_client_t *, c,
- rend_authorized_client_free(c););
- smartlist_free(service->clients);
- }
- if (service->accepted_intro_dh_parts) {
- replaycache_free(service->accepted_intro_dh_parts);
- }
- tor_free(service);
-}
-
-/* Release all the storage held in rend_service_staging_list. */
-void
-rend_service_free_staging_list(void)
-{
- if (rend_service_staging_list) {
- SMARTLIST_FOREACH(rend_service_staging_list, rend_service_t*, ptr,
- rend_service_free(ptr));
- smartlist_free(rend_service_staging_list);
- rend_service_staging_list = NULL;
- }
-}
-
-/** Release all the storage held in both rend_service_list and
- * rend_service_staging_list. */
-void
-rend_service_free_all(void)
-{
- if (rend_service_list) {
- SMARTLIST_FOREACH(rend_service_list, rend_service_t*, ptr,
- rend_service_free(ptr));
- smartlist_free(rend_service_list);
- rend_service_list = NULL;
- }
- rend_service_free_staging_list();
-}
-
-/* Initialize the subsystem. */
-void
-rend_service_init(void)
-{
- tor_assert(!rend_service_list);
- tor_assert(!rend_service_staging_list);
-
- rend_service_list = smartlist_new();
- rend_service_staging_list = smartlist_new();
-}
-
-/* Validate a <b>service</b>. Use the <b>service_list</b> to make sure there
- * is no duplicate entry for the given service object. Return 0 if valid else
- * -1 if not.*/
-static int
-rend_validate_service(const smartlist_t *service_list,
- const rend_service_t *service)
-{
- tor_assert(service_list);
- tor_assert(service);
-
- if (service->max_streams_per_circuit < 0) {
- log_warn(LD_CONFIG, "Hidden service (%s) configured with negative max "
- "streams per circuit.",
- rend_service_escaped_dir(service));
- goto invalid;
- }
-
- if (service->max_streams_close_circuit < 0 ||
- service->max_streams_close_circuit > 1) {
- log_warn(LD_CONFIG, "Hidden service (%s) configured with invalid "
- "max streams handling.",
- rend_service_escaped_dir(service));
- goto invalid;
- }
-
- if (service->auth_type != REND_NO_AUTH &&
- (!service->clients || smartlist_len(service->clients) == 0)) {
- log_warn(LD_CONFIG, "Hidden service (%s) with client authorization but "
- "no clients.",
- rend_service_escaped_dir(service));
- goto invalid;
- }
-
- if (!service->ports || !smartlist_len(service->ports)) {
- log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured.",
- rend_service_escaped_dir(service));
- goto invalid;
- }
-
- /* Valid. */
- return 0;
- invalid:
- return -1;
-}
-
-/** Add it to <b>service_list</b>, or to the global rend_service_list if
- * <b>service_list</b> is NULL. Return 0 on success. On failure, free
- * <b>service</b> and return -1. Takes ownership of <b>service</b>. */
-static int
-rend_add_service(smartlist_t *service_list, rend_service_t *service)
-{
- int i;
- hs_port_config_t *p;
-
- tor_assert(service);
-
- smartlist_t *s_list = rend_get_service_list_mutable(service_list);
- /* We must have a service list, even if it's a temporary one, so we can
- * check for duplicate services */
- if (BUG(!s_list)) {
- rend_service_free(service);
- return -1;
- }
-
- service->intro_nodes = smartlist_new();
- service->expiring_nodes = smartlist_new();
-
- log_debug(LD_REND,"Configuring service with directory %s",
- rend_service_escaped_dir(service));
- for (i = 0; i < smartlist_len(service->ports); ++i) {
- p = smartlist_get(service->ports, i);
- if (!(p->is_unix_addr)) {
- log_debug(LD_REND,
- "Service maps port %d to %s",
- p->virtual_port,
- fmt_addrport(&p->real_addr, p->real_port));
- } else {
-#ifdef HAVE_SYS_UN_H
- log_debug(LD_REND,
- "Service maps port %d to socket at \"%s\"",
- p->virtual_port, p->unix_addr);
-#else
- log_warn(LD_BUG,
- "Service maps port %d to an AF_UNIX socket, but we "
- "have no AF_UNIX support on this platform. This is "
- "probably a bug.",
- p->virtual_port);
- rend_service_free(service);
- return -1;
-#endif /* defined(HAVE_SYS_UN_H) */
- }
- }
- /* The service passed all the checks */
- tor_assert(s_list);
- smartlist_add(s_list, service);
-
- /* Notify that our global service list has changed only if this new service
- * went into our global list. If not, when we move service from the staging
- * list to the new list, a notify is triggered. */
- if (s_list == rend_service_list) {
- hs_service_map_has_changed();
- }
- return 0;
-}
-
-/* Copy relevant data from service src to dst while pruning the service lists.
- * This should only be called during the pruning process which takes existing
- * services and copy their data to the newly configured services. The src
- * service replaycache will be set to NULL after this call. */
-static void
-copy_service_on_prunning(rend_service_t *dst, rend_service_t *src)
-{
- tor_assert(dst);
- tor_assert(src);
-
- /* Keep the timestamps for when the content changed and the next upload
- * time so we can properly upload the descriptor if needed for the new
- * service object. */
- dst->desc_is_dirty = src->desc_is_dirty;
- dst->next_upload_time = src->next_upload_time;
- /* Move the replaycache to the new object. */
- dst->accepted_intro_dh_parts = src->accepted_intro_dh_parts;
- src->accepted_intro_dh_parts = NULL;
- /* Copy intro point information to destination service. */
- dst->intro_period_started = src->intro_period_started;
- dst->n_intro_circuits_launched = src->n_intro_circuits_launched;
- dst->n_intro_points_wanted = src->n_intro_points_wanted;
-}
-
-/* Helper: Actual implementation of the pruning on reload which we've
- * decoupled in order to make the unit test workeable without ugly hacks.
- * Furthermore, this function does NOT free any memory but will nullify the
- * temporary list pointer whatever happens. */
-STATIC void
-rend_service_prune_list_impl_(void)
-{
- origin_circuit_t *ocirc = NULL;
- smartlist_t *surviving_services, *old_service_list, *new_service_list;
-
- /* When pruning our current service list, we must have a staging list that
- * contains what we want to check else it's a code flow error. */
- tor_assert(rend_service_staging_list);
-
- /* We are about to prune the current list of its dead service so set the
- * semantic for that list to be the "old" one. */
- old_service_list = rend_service_list;
- /* The staging list is now the "new" list so set this semantic. */
- new_service_list = rend_service_staging_list;
- /* After this, whatever happens, we'll use our new list. */
- rend_service_list = new_service_list;
- /* Finally, nullify the staging list pointer as we don't need it anymore
- * and it needs to be NULL before the next reload. */
- rend_service_staging_list = NULL;
- /* Nothing to prune if we have no service list so stop right away. */
- if (!old_service_list) {
- return;
- }
-
- /* This contains all _existing_ services that survives the relaod that is
- * that haven't been removed from the configuration. The difference between
- * this list and the new service list is that the new list can possibly
- * contain newly configured service that have no introduction points opened
- * yet nor key material loaded or generated. */
- surviving_services = smartlist_new();
-
- /* Preserve the existing ephemeral services.
- *
- * This is the ephemeral service equivalent of the "Copy introduction
- * points to new services" block, except there's no copy required since
- * the service structure isn't regenerated.
- *
- * After this is done, all ephemeral services will be:
- * * Removed from old_service_list, so the equivalent non-ephemeral code
- * will not attempt to preserve them.
- * * Added to the new_service_list (that previously only had the
- * services listed in the configuration).
- * * Added to surviving_services, which is the list of services that
- * will NOT have their intro point closed.
- */
- SMARTLIST_FOREACH_BEGIN(old_service_list, rend_service_t *, old) {
- if (rend_service_is_ephemeral(old)) {
- SMARTLIST_DEL_CURRENT(old_service_list, old);
- smartlist_add(surviving_services, old);
- smartlist_add(new_service_list, old);
- }
- } SMARTLIST_FOREACH_END(old);
-
- /* Copy introduction points to new services. This is O(n^2), but it's only
- * called on reconfigure, so it's ok performance wise. */
- SMARTLIST_FOREACH_BEGIN(new_service_list, rend_service_t *, new) {
- SMARTLIST_FOREACH_BEGIN(old_service_list, rend_service_t *, old) {
- /* Skip ephemeral services as we only want to copy introduction points
- * from current services to newly configured one that already exists.
- * The same directory means it's the same service. */
- if (rend_service_is_ephemeral(new) || rend_service_is_ephemeral(old) ||
- strcmp(old->directory, new->directory)) {
- continue;
- }
- smartlist_add_all(new->intro_nodes, old->intro_nodes);
- smartlist_clear(old->intro_nodes);
- smartlist_add_all(new->expiring_nodes, old->expiring_nodes);
- smartlist_clear(old->expiring_nodes);
-
- /* Copy needed information from old to new. */
- copy_service_on_prunning(new, old);
-
- /* This regular service will survive the closing IPs step after. */
- smartlist_add(surviving_services, old);
- break;
- } SMARTLIST_FOREACH_END(old);
- } SMARTLIST_FOREACH_END(new);
-
- /* For every service introduction circuit we can find, see if we have a
- * matching surviving configured service. If not, close the circuit. */
- while ((ocirc = circuit_get_next_intro_circ(ocirc, false))) {
- int keep_it = 0;
- if (ocirc->rend_data == NULL) {
- /* This is a v3 circuit, ignore it. */
- continue;
- }
- SMARTLIST_FOREACH_BEGIN(surviving_services, const rend_service_t *, s) {
- if (rend_circuit_pk_digest_eq(ocirc, (uint8_t *) s->pk_digest)) {
- /* Keep this circuit as we have a matching configured service. */
- keep_it = 1;
- break;
- }
- } SMARTLIST_FOREACH_END(s);
- if (keep_it) {
- continue;
- }
- log_info(LD_REND, "Closing intro point %s for service %s.",
- safe_str_client(extend_info_describe(
- ocirc->build_state->chosen_exit)),
- safe_str_client(rend_data_get_address(ocirc->rend_data)));
- /* Reason is FINISHED because service has been removed and thus the
- * circuit is considered old/unneeded. */
- circuit_mark_for_close(TO_CIRCUIT(ocirc), END_CIRC_REASON_FINISHED);
- }
- smartlist_free(surviving_services);
- /* Notify that our global service list has changed. */
- hs_service_map_has_changed();
-}
-
-/* Try to prune our main service list using the temporary one that we just
- * loaded and parsed successfully. The pruning process decides which onion
- * services to keep and which to discard after a reload. */
-void
-rend_service_prune_list(void)
-{
- smartlist_t *old_service_list = rend_service_list;
-
- if (!rend_service_staging_list) {
- rend_service_staging_list = smartlist_new();
- }
-
- rend_service_prune_list_impl_();
- if (old_service_list) {
- /* Every remaining service in the old list have been removed from the
- * configuration so clean them up safely. */
- SMARTLIST_FOREACH(old_service_list, rend_service_t *, s,
- rend_service_free(s));
- smartlist_free(old_service_list);
- }
-}
-
-/* Copy all the relevant data that the hs_service object contains over to the
- * rend_service_t object. The reason to do so is because when configuring a
- * service, we go through a generic handler that creates an hs_service_t
- * object which so we have to copy the parsed values to a rend service object
- * which is version 2 specific. */
-static void
-service_config_shadow_copy(rend_service_t *service,
- hs_service_config_t *config)
-{
- tor_assert(service);
- tor_assert(config);
-
- service->directory = tor_strdup(config->directory_path);
- service->dir_group_readable = config->dir_group_readable;
- service->allow_unknown_ports = config->allow_unknown_ports;
- /* This value can't go above HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT (65535)
- * if the code flow is right so this cast is safe. But just in case, we'll
- * check it. */
- service->max_streams_per_circuit = (int) config->max_streams_per_rdv_circuit;
- if (BUG(config->max_streams_per_rdv_circuit >
- HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT)) {
- service->max_streams_per_circuit = HS_CONFIG_MAX_STREAMS_PER_RDV_CIRCUIT;
- }
- service->max_streams_close_circuit = config->max_streams_close_circuit;
- service->n_intro_points_wanted = config->num_intro_points;
- /* Switching ownership of the ports to the rend service object. */
- smartlist_add_all(service->ports, config->ports);
- smartlist_free(config->ports);
- config->ports = NULL;
-}
-
-/* Parse the hidden service configuration from <b>hs_opts</b> using the
- * already configured generic service configuration in <b>config</b>. This
- * function will translate the config object to a rend_service_t and add it to
- * the temporary list if valid. If <b>validate_only</b> is set, parse, warn
- * and return as normal but don't actually add the service to the list. */
-int
-rend_config_service(const hs_opts_t *hs_opts,
- const or_options_t *options,
- hs_service_config_t *config)
-{
- rend_service_t *service = NULL;
-
- tor_assert(options);
- tor_assert(hs_opts);
- tor_assert(config);
-
- /* We are about to configure a version 2 service. Warn of deprecation. */
- WARN_ONCE_DEPRECATION();
-
- /* Use the staging service list so that we can check then do the pruning
- * process using the main list at the end. */
- if (rend_service_staging_list == NULL) {
- rend_service_staging_list = smartlist_new();
- }
-
- /* Initialize service. */
- service = tor_malloc_zero(sizeof(rend_service_t));
- service->intro_period_started = time(NULL);
- service->ports = smartlist_new();
- /* From the hs_service object which has been used to load the generic
- * options, we'll copy over the useful data to the rend_service_t object. */
- service_config_shadow_copy(service, config);
-
- /* Number of introduction points. */
- if (hs_opts->HiddenServiceNumIntroductionPoints > NUM_INTRO_POINTS_MAX) {
- log_warn(LD_CONFIG, "HiddenServiceNumIntroductionPoints must be "
- "between 0 and %d, not %d.",
- NUM_INTRO_POINTS_MAX,
- hs_opts->HiddenServiceNumIntroductionPoints);
- goto err;
- }
- service->n_intro_points_wanted = hs_opts->HiddenServiceNumIntroductionPoints;
- log_info(LD_CONFIG, "HiddenServiceNumIntroductionPoints=%d for %s",
- service->n_intro_points_wanted, escaped(service->directory));
-
- /* Client authorization */
- if (hs_opts->HiddenServiceAuthorizeClient) {
- /* Parse auth type and comma-separated list of client names and add a
- * rend_authorized_client_t for each client to the service's list
- * of authorized clients. */
- smartlist_t *type_names_split, *clients;
- const char *authname;
- type_names_split = smartlist_new();
- smartlist_split_string(type_names_split,
- hs_opts->HiddenServiceAuthorizeClient, " ", 0, 2);
- if (smartlist_len(type_names_split) < 1) {
- log_warn(LD_BUG, "HiddenServiceAuthorizeClient has no value. This "
- "should have been prevented when parsing the "
- "configuration.");
- smartlist_free(type_names_split);
- goto err;
- }
- authname = smartlist_get(type_names_split, 0);
- if (!strcasecmp(authname, "basic")) {
- service->auth_type = REND_BASIC_AUTH;
- } else if (!strcasecmp(authname, "stealth")) {
- service->auth_type = REND_STEALTH_AUTH;
- } else {
- log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains "
- "unrecognized auth-type '%s'. Only 'basic' or 'stealth' "
- "are recognized.",
- (char *) smartlist_get(type_names_split, 0));
- SMARTLIST_FOREACH(type_names_split, char *, cp, tor_free(cp));
- smartlist_free(type_names_split);
- goto err;
- }
- service->clients = smartlist_new();
- if (smartlist_len(type_names_split) < 2) {
- log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains "
- "auth-type '%s', but no client names.",
- service->auth_type == REND_BASIC_AUTH ? "basic" : "stealth");
- SMARTLIST_FOREACH(type_names_split, char *, cp, tor_free(cp));
- smartlist_free(type_names_split);
- goto err;
- }
- clients = smartlist_new();
- smartlist_split_string(clients, smartlist_get(type_names_split, 1),
- ",", SPLIT_SKIP_SPACE, 0);
- SMARTLIST_FOREACH(type_names_split, char *, cp, tor_free(cp));
- smartlist_free(type_names_split);
- /* Remove duplicate client names. */
- {
- int num_clients = smartlist_len(clients);
- smartlist_sort_strings(clients);
- smartlist_uniq_strings(clients);
- if (smartlist_len(clients) < num_clients) {
- log_info(LD_CONFIG, "HiddenServiceAuthorizeClient contains %d "
- "duplicate client name(s); removing.",
- num_clients - smartlist_len(clients));
- }
- }
- SMARTLIST_FOREACH_BEGIN(clients, const char *, client_name) {
- rend_authorized_client_t *client;
- if (!rend_valid_client_name(client_name)) {
- log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains an "
- "illegal client name: '%s'. Names must be "
- "between 1 and %d characters and contain "
- "only [A-Za-z0-9+_-].",
- client_name, REND_CLIENTNAME_MAX_LEN);
- SMARTLIST_FOREACH(clients, char *, cp, tor_free(cp));
- smartlist_free(clients);
- goto err;
- }
- client = tor_malloc_zero(sizeof(rend_authorized_client_t));
- client->client_name = tor_strdup(client_name);
- smartlist_add(service->clients, client);
- log_debug(LD_REND, "Adding client name '%s'", client_name);
- } SMARTLIST_FOREACH_END(client_name);
- SMARTLIST_FOREACH(clients, char *, cp, tor_free(cp));
- smartlist_free(clients);
- /* Ensure maximum number of clients. */
- if ((service->auth_type == REND_BASIC_AUTH &&
- smartlist_len(service->clients) > 512) ||
- (service->auth_type == REND_STEALTH_AUTH &&
- smartlist_len(service->clients) > 16)) {
- log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains %d "
- "client authorization entries, but only a "
- "maximum of %d entries is allowed for "
- "authorization type '%s'.",
- smartlist_len(service->clients),
- service->auth_type == REND_BASIC_AUTH ? 512 : 16,
- service->auth_type == REND_BASIC_AUTH ? "basic" : "stealth");
- goto err;
- }
- }
-
- /* Validate the service just parsed. */
- if (rend_validate_service(rend_service_staging_list, service) < 0) {
- /* Service is in the staging list so don't try to free it. */
- goto err;
- }
-
- /* Add it to the temporary list which we will use to prune our current
- * list if any after configuring all services. */
- if (rend_add_service(rend_service_staging_list, service) < 0) {
- /* The object has been freed on error already. */
- service = NULL;
- goto err;
- }
-
- return 0;
- err:
- rend_service_free(service);
- return -1;
-}
-
-/** Add the ephemeral service <b>pk</b>/<b>ports</b> if possible, using
- * client authorization <b>auth_type</b> and an optional list of
- * rend_authorized_client_t in <b>auth_clients</b>, with
- * <b>max_streams_per_circuit</b> streams allowed per rendezvous circuit,
- * and circuit closure on max streams being exceeded set by
- * <b>max_streams_close_circuit</b>.
- *
- * Ownership of pk, ports, and auth_clients is passed to this routine.
- * Regardless of success/failure, callers should not touch these values
- * after calling this routine, and may assume that correct cleanup has
- * been done on failure.
- *
- * Return an appropriate hs_service_add_ephemeral_status_t.
- */
-hs_service_add_ephemeral_status_t
-rend_service_add_ephemeral(crypto_pk_t *pk,
- smartlist_t *ports,
- int max_streams_per_circuit,
- int max_streams_close_circuit,
- rend_auth_type_t auth_type,
- smartlist_t *auth_clients,
- char **service_id_out)
-{
- *service_id_out = NULL;
- /* Allocate the service structure, and initialize the key, and key derived
- * parameters.
- */
- rend_service_t *s = tor_malloc_zero(sizeof(rend_service_t));
- s->directory = NULL; /* This indicates the service is ephemeral. */
- s->private_key = pk;
- s->auth_type = auth_type;
- s->clients = auth_clients;
- s->ports = ports;
- s->intro_period_started = time(NULL);
- s->n_intro_points_wanted = NUM_INTRO_POINTS_DEFAULT;
- s->max_streams_per_circuit = max_streams_per_circuit;
- s->max_streams_close_circuit = max_streams_close_circuit;
- if (rend_service_derive_key_digests(s) < 0) {
- rend_service_free(s);
- return RSAE_BADPRIVKEY;
- }
-
- if (!s->ports || smartlist_len(s->ports) == 0) {
- log_warn(LD_CONFIG, "At least one VIRTPORT/TARGET must be specified.");
- rend_service_free(s);
- return RSAE_BADVIRTPORT;
- }
- if (s->auth_type != REND_NO_AUTH &&
- (!s->clients || smartlist_len(s->clients) == 0)) {
- log_warn(LD_CONFIG, "At least one authorized client must be specified.");
- rend_service_free(s);
- return RSAE_BADAUTH;
- }
-
- /* Enforcing pk/id uniqueness should be done by rend_service_load_keys(), but
- * it's not, see #14828.
- */
- if (rend_service_get_by_pk_digest(s->pk_digest)) {
- log_warn(LD_CONFIG, "Onion Service private key collides with an "
- "existing service.");
- rend_service_free(s);
- return RSAE_ADDREXISTS;
- }
- if (rend_service_get_by_service_id(s->service_id)) {
- log_warn(LD_CONFIG, "Onion Service id collides with an existing service.");
- rend_service_free(s);
- return RSAE_ADDREXISTS;
- }
-
- /* Initialize the service. */
- if (rend_add_service(NULL, s)) {
- return RSAE_INTERNAL;
- }
- *service_id_out = tor_strdup(s->service_id);
-
- log_debug(LD_CONFIG, "Added ephemeral Onion Service: %s", s->service_id);
- return RSAE_OKAY;
-}
-
-/** Remove the ephemeral service <b>service_id</b> if possible. Returns 0 on
- * success, and -1 on failure.
- */
-int
-rend_service_del_ephemeral(const char *service_id)
-{
- rend_service_t *s;
- if (!rend_valid_v2_service_id(service_id)) {
- log_warn(LD_CONFIG, "Requested malformed Onion Service id for removal.");
- return -1;
- }
- if ((s = rend_service_get_by_service_id(service_id)) == NULL) {
- log_warn(LD_CONFIG, "Requested non-existent Onion Service id for "
- "removal.");
- return -1;
- }
- if (!rend_service_is_ephemeral(s)) {
- log_warn(LD_CONFIG, "Requested non-ephemeral Onion Service for removal.");
- return -1;
- }
-
- /* Kill the intro point circuit for the Onion Service, and remove it from
- * the list. Closing existing connections is the application's problem.
- *
- * XXX: As with the comment in rend_config_services(), a nice abstraction
- * would be ideal here, but for now just duplicate the code.
- */
- SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
- if (!circ->marked_for_close &&
- (circ->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO ||
- circ->purpose == CIRCUIT_PURPOSE_S_INTRO)) {
- origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ);
- if (oc->rend_data == NULL ||
- !rend_circuit_pk_digest_eq(oc, (uint8_t *) s->pk_digest)) {
- continue;
- }
- log_debug(LD_REND, "Closing intro point %s for service %s.",
- safe_str_client(extend_info_describe(
- oc->build_state->chosen_exit)),
- rend_data_get_address(oc->rend_data));
- circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
- }
- } SMARTLIST_FOREACH_END(circ);
- smartlist_remove(rend_service_list, s);
- /* Notify that we just removed a service from our global list. */
- hs_service_map_has_changed();
- rend_service_free(s);
-
- log_debug(LD_CONFIG, "Removed ephemeral Onion Service: %s", service_id);
-
- return 0;
-}
-
-/* There can be 1 second's delay due to second_elapsed_callback, and perhaps
- * another few seconds due to blocking calls. */
-#define INTRO_CIRC_RETRY_PERIOD_SLOP 10
-
-/** Log information about the intro point creation rate and current intro
- * points for service, upgrading the log level from min_severity to warn if
- * we have stopped launching new intro point circuits. */
-static void
-rend_log_intro_limit(const rend_service_t *service, int min_severity)
-{
- int exceeded_limit = (service->n_intro_circuits_launched >=
- rend_max_intro_circs_per_period(
- service->n_intro_points_wanted));
- int severity = min_severity;
- /* We stopped creating circuits */
- if (exceeded_limit) {
- severity = LOG_WARN;
- }
- time_t intro_period_elapsed = time(NULL) - service->intro_period_started;
- tor_assert_nonfatal(intro_period_elapsed >= 0);
- {
- char *msg;
- static ratelim_t rlimit = RATELIM_INIT(INTRO_CIRC_RETRY_PERIOD);
- if ((msg = rate_limit_log(&rlimit, approx_time()))) {
- log_fn(severity, LD_REND,
- "Hidden service %s %s %d intro points in the last %d seconds. "
- "Intro circuit launches are limited to %d per %d seconds.%s",
- service->service_id,
- exceeded_limit ? "exceeded launch limit with" : "launched",
- service->n_intro_circuits_launched,
- (int)intro_period_elapsed,
- rend_max_intro_circs_per_period(service->n_intro_points_wanted),
- INTRO_CIRC_RETRY_PERIOD, msg);
- rend_service_dump_stats(severity);
- tor_free(msg);
- }
- }
-}
-
-/** Replace the old value of <b>service</b>-\>desc with one that reflects
- * the other fields in service.
- */
-static void
-rend_service_update_descriptor(rend_service_t *service)
-{
- rend_service_descriptor_t *d;
- int i;
-
- rend_service_descriptor_free(service->desc);
- service->desc = NULL;
-
- d = service->desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- d->pk = crypto_pk_dup_key(service->private_key);
- d->timestamp = time(NULL);
- d->timestamp -= d->timestamp % 3600; /* Round down to nearest hour */
- d->intro_nodes = smartlist_new();
- /* Support intro protocols 2 and 3. */
- d->protocols = (1 << 2) + (1 << 3);
-
- for (i = 0; i < smartlist_len(service->intro_nodes); ++i) {
- rend_intro_point_t *intro_svc = smartlist_get(service->intro_nodes, i);
- rend_intro_point_t *intro_desc;
-
- /* This intro point won't be listed in the descriptor... */
- intro_svc->listed_in_last_desc = 0;
-
- /* circuit_established is set in rend_service_intro_established(), and
- * checked every second in rend_consider_services_intro_points(), so it's
- * safe to use it here */
- if (!intro_svc->circuit_established) {
- continue;
- }
-
- /* ...unless this intro point is listed in the descriptor. */
- intro_svc->listed_in_last_desc = 1;
-
- /* We have an entirely established intro circuit. Publish it in
- * our descriptor. */
- intro_desc = tor_malloc_zero(sizeof(rend_intro_point_t));
- intro_desc->extend_info = extend_info_dup(intro_svc->extend_info);
- if (intro_svc->intro_key)
- intro_desc->intro_key = crypto_pk_dup_key(intro_svc->intro_key);
- smartlist_add(d->intro_nodes, intro_desc);
-
- if (intro_svc->time_published == -1) {
- /* We are publishing this intro point in a descriptor for the
- * first time -- note the current time in the service's copy of
- * the intro point. */
- intro_svc->time_published = time(NULL);
- }
- }
-
- /* Check that we have the right number of intro points */
- unsigned int have_intro = (unsigned int)smartlist_len(d->intro_nodes);
- if (have_intro != service->n_intro_points_wanted) {
- int severity;
- /* Getting less than we wanted or more than we're allowed is serious */
- if (have_intro < service->n_intro_points_wanted ||
- have_intro > NUM_INTRO_POINTS_MAX) {
- severity = LOG_WARN;
- } else {
- /* Getting more than we wanted is weird, but less of a problem */
- severity = LOG_NOTICE;
- }
- log_fn(severity, LD_REND, "Hidden service %s wanted %d intro points, but "
- "descriptor was updated with %d instead.",
- service->service_id,
- service->n_intro_points_wanted, have_intro);
- /* Now log an informative message about how we might have got here. */
- rend_log_intro_limit(service, severity);
- }
-}
-
-/* Allocate and return a string containing the path to file_name in
- * service->directory. Asserts that service has a directory.
- * This function will never return NULL.
- * The caller must free this path. */
-static char *
-rend_service_path(const rend_service_t *service, const char *file_name)
-{
- tor_assert(service->directory);
- return hs_path_from_filename(service->directory, file_name);
-}
-
-/* Allocate and return a string containing the path to the single onion
- * service poison file in service->directory. Asserts that service has a
- * directory.
- * The caller must free this path. */
-STATIC char *
-rend_service_sos_poison_path(const rend_service_t *service)
-{
- return rend_service_path(service, sos_poison_fname);
-}
-
-/** Return True if hidden services <b>service</b> has been poisoned by single
- * onion mode. */
-static int
-service_is_single_onion_poisoned(const rend_service_t *service)
-{
- char *poison_fname = NULL;
- file_status_t fstatus;
-
- /* Passing a NULL service is a bug */
- if (BUG(!service)) {
- return 0;
- }
-
- if (rend_service_is_ephemeral(service)) {
- return 0;
- }
-
- poison_fname = rend_service_sos_poison_path(service);
-
- fstatus = file_status(poison_fname);
- tor_free(poison_fname);
-
- /* If this fname is occupied, the hidden service has been poisoned.
- * fstatus can be FN_ERROR if the service directory does not exist, in that
- * case, there is obviously no private key. */
- if (fstatus == FN_FILE || fstatus == FN_EMPTY) {
- return 1;
- }
-
- return 0;
-}
-
-/* Return 1 if the private key file for service exists and has a non-zero size,
- * and 0 otherwise. */
-static int
-rend_service_private_key_exists(const rend_service_t *service)
-{
- char *private_key_path = rend_service_path(service, private_key_fname);
- const file_status_t private_key_status = file_status(private_key_path);
- tor_free(private_key_path);
- /* Only non-empty regular private key files could have been used before.
- * fstatus can be FN_ERROR if the service directory does not exist, in that
- * case, there is obviously no private key. */
- return private_key_status == FN_FILE;
-}
-
-/** Check the single onion service poison state of the directory for s:
- * - If the service is poisoned, and we are in Single Onion Mode,
- * return 0,
- * - If the service is not poisoned, and we are not in Single Onion Mode,
- * return 0,
- * - Otherwise, the poison state is invalid: the service was created in one
- * mode, and is being used in the other, return -1.
- * Hidden service directories without keys are always considered consistent.
- * They will be poisoned after their directory is created (if needed). */
-STATIC int
-rend_service_verify_single_onion_poison(const rend_service_t* s,
- const or_options_t* options)
-{
- /* Passing a NULL service is a bug */
- if (BUG(!s)) {
- return -1;
- }
-
- /* Ephemeral services are checked at ADD_ONION time */
- if (BUG(rend_service_is_ephemeral(s))) {
- return -1;
- }
-
- /* Service is expected to have a directory */
- if (BUG(!s->directory)) {
- return -1;
- }
-
- /* Services without keys are always ok - their keys will only ever be used
- * in the current mode */
- if (!rend_service_private_key_exists(s)) {
- return 0;
- }
-
- /* The key has been used before in a different mode */
- if (service_is_single_onion_poisoned(s) !=
- rend_service_non_anonymous_mode_enabled(options)) {
- return -1;
- }
-
- /* The key exists and is consistent with the current mode */
- return 0;
-}
-
-/*** Helper for rend_service_poison_new_single_onion_dir(). Add a file to
- * the hidden service directory for s that marks it as a single onion service.
- * Tor must be in single onion mode before calling this function, and the
- * service directory must already have been created.
- * Returns 0 when a directory is successfully poisoned, or if it is already
- * poisoned. Returns -1 on a failure to read the directory or write the poison
- * file, or if there is an existing private key file in the directory. (The
- * service should have been poisoned when the key was created.) */
-static int
-poison_new_single_onion_hidden_service_dir_impl(const rend_service_t *service,
- const or_options_t* options)
-{
- /* Passing a NULL service is a bug */
- if (BUG(!service)) {
- return -1;
- }
-
- /* We must only poison directories if we're in Single Onion mode */
- tor_assert(rend_service_non_anonymous_mode_enabled(options));
-
- int fd;
- int retval = -1;
- char *poison_fname = NULL;
-
- if (rend_service_is_ephemeral(service)) {
- log_info(LD_REND, "Ephemeral HS started in non-anonymous mode.");
- return 0;
- }
-
- /* Make sure we're only poisoning new hidden service directories */
- if (rend_service_private_key_exists(service)) {
- log_warn(LD_BUG, "Tried to single onion poison a service directory after "
- "the private key was created.");
- return -1;
- }
-
- /* Make sure the directory was created before calling this function. */
- if (BUG(hs_check_service_private_dir(options->User, service->directory,
- service->dir_group_readable, 0) < 0))
- return -1;
-
- poison_fname = rend_service_sos_poison_path(service);
-
- switch (file_status(poison_fname)) {
- case FN_DIR:
- case FN_ERROR:
- log_warn(LD_FS, "Can't read single onion poison file \"%s\"",
- poison_fname);
- goto done;
- case FN_FILE: /* single onion poison file already exists. NOP. */
- case FN_EMPTY: /* single onion poison file already exists. NOP. */
- log_debug(LD_FS, "Tried to re-poison a single onion poisoned file \"%s\"",
- poison_fname);
- break;
- case FN_NOENT:
- fd = tor_open_cloexec(poison_fname, O_RDWR|O_CREAT|O_TRUNC, 0600);
- if (fd < 0) {
- log_warn(LD_FS, "Could not create single onion poison file %s",
- poison_fname);
- goto done;
- }
- close(fd);
- break;
- default:
- tor_assert(0);
- }
-
- retval = 0;
-
- done:
- tor_free(poison_fname);
-
- return retval;
-}
-
-/** We just got launched in Single Onion Mode. That's a non-anonymous mode for
- * hidden services. If s is new, we should mark its hidden service
- * directory appropriately so that it is never launched as a location-private
- * hidden service. (New directories don't have private key files.)
- * Return 0 on success, -1 on fail. */
-STATIC int
-rend_service_poison_new_single_onion_dir(const rend_service_t *s,
- const or_options_t* options)
-{
- /* Passing a NULL service is a bug */
- if (BUG(!s)) {
- return -1;
- }
-
- /* We must only poison directories if we're in Single Onion mode */
- tor_assert(rend_service_non_anonymous_mode_enabled(options));
-
- /* Ephemeral services aren't allowed in non-anonymous mode */
- if (BUG(rend_service_is_ephemeral(s))) {
- return -1;
- }
-
- /* Service is expected to have a directory */
- if (BUG(!s->directory)) {
- return -1;
- }
-
- if (!rend_service_private_key_exists(s)) {
- if (poison_new_single_onion_hidden_service_dir_impl(s, options)
- < 0) {
- return -1;
- }
- }
-
- return 0;
-}
-
-/* Return true iff the given service identity key is present on disk. This is
- * used to try to learn the service version during configuration time. */
-int
-rend_service_key_on_disk(const char *directory_path)
-{
- int ret = 0;
- char *fname;
- crypto_pk_t *pk = NULL;
-
- tor_assert(directory_path);
-
- /* Load key */
- fname = hs_path_from_filename(directory_path, private_key_fname);
- pk = init_key_from_file(fname, 0, LOG_DEBUG, NULL);
- if (pk) {
- ret = 1;
- }
-
- crypto_pk_free(pk);
- tor_free(fname);
- return ret;
-}
-
-/** Load and/or generate private keys for all hidden services, possibly
- * including keys for client authorization.
- * If a <b>service_list</b> is provided, treat it as the list of hidden
- * services (used in unittests). Otherwise, require that rend_service_list is
- * not NULL.
- * Return 0 on success, -1 on failure. */
-int
-rend_service_load_all_keys(const smartlist_t *service_list)
-{
- /* Use service_list for unit tests */
- const smartlist_t *s_list = rend_get_service_list(service_list);
- if (BUG(!s_list)) {
- return -1;
- }
-
- SMARTLIST_FOREACH_BEGIN(s_list, rend_service_t *, s) {
- if (s->private_key)
- continue;
- log_info(LD_REND, "Loading hidden-service keys from %s",
- rend_service_escaped_dir(s));
-
- if (rend_service_load_keys(s) < 0)
- return -1;
- } SMARTLIST_FOREACH_END(s);
-
- return 0;
-}
-
-/** Add to <b>lst</b> every filename used by <b>s</b>. */
-static void
-rend_service_add_filenames_to_list(smartlist_t *lst, const rend_service_t *s)
-{
- tor_assert(lst);
- tor_assert(s);
- tor_assert(s->directory);
- smartlist_add(lst, rend_service_path(s, private_key_fname));
- smartlist_add(lst, rend_service_path(s, hostname_fname));
- smartlist_add(lst, rend_service_path(s, client_keys_fname));
- smartlist_add(lst, rend_service_sos_poison_path(s));
-}
-
-/** Add to <b>open_lst</b> every filename used by a configured hidden service,
- * and to <b>stat_lst</b> every directory used by a configured hidden
- * service */
-void
-rend_services_add_filenames_to_lists(smartlist_t *open_lst,
- smartlist_t *stat_lst)
-{
- if (!rend_service_list)
- return;
- SMARTLIST_FOREACH_BEGIN(rend_service_list, rend_service_t *, s) {
- if (!rend_service_is_ephemeral(s)) {
- rend_service_add_filenames_to_list(open_lst, s);
- smartlist_add_strdup(stat_lst, s->directory);
- }
- } SMARTLIST_FOREACH_END(s);
-}
-
-/** Derive all rend_service_t internal material based on the service's key.
- * Returns 0 on success, -1 on failure.
- */
-static int
-rend_service_derive_key_digests(struct rend_service_t *s)
-{
- if (rend_get_service_id(s->private_key, s->service_id)<0) {
- log_warn(LD_BUG, "Internal error: couldn't encode service ID.");
- return -1;
- }
- if (crypto_pk_get_digest(s->private_key, s->pk_digest)<0) {
- log_warn(LD_BUG, "Couldn't compute hash of public key.");
- return -1;
- }
-
- return 0;
-}
-
-/** Make sure that the directory for <b>s</b> is private, using the config in
- * <b>options</b>.
- * If <b>create</b> is true:
- * - if the directory exists, change permissions if needed,
- * - if the directory does not exist, create it with the correct permissions.
- * If <b>create</b> is false:
- * - if the directory exists, check permissions,
- * - if the directory does not exist, check if we think we can create it.
- * Return 0 on success, -1 on failure. */
-static int
-rend_service_check_private_dir(const or_options_t *options,
- const rend_service_t *s,
- int create)
-{
- /* Passing a NULL service is a bug */
- if (BUG(!s)) {
- return -1;
- }
-
- /* Check/create directory */
- if (hs_check_service_private_dir(options->User, s->directory,
- s->dir_group_readable, create) < 0) {
- return -1;
- }
-
- /* Check if the hidden service key exists, and was created in a different
- * single onion service mode, and refuse to launch if it has.
- * This is safe to call even when create is false, as it ignores missing
- * keys and directories: they are always valid.
- */
- if (rend_service_verify_single_onion_poison(s, options) < 0) {
- /* We can't use s->service_id here, as the key may not have been loaded */
- log_warn(LD_GENERAL, "We are configured with "
- "HiddenServiceNonAnonymousMode %d, but the hidden "
- "service key in directory %s was created in %s mode. "
- "This is not allowed.",
- rend_service_non_anonymous_mode_enabled(options) ? 1 : 0,
- rend_service_escaped_dir(s),
- rend_service_non_anonymous_mode_enabled(options) ?
- "an anonymous" : "a non-anonymous"
- );
- return -1;
- }
-
- /* Poison new single onion directories immediately after they are created,
- * so that we never accidentally launch non-anonymous hidden services
- * thinking they are anonymous. Any keys created later will end up with the
- * correct poisoning state.
- */
- if (create && rend_service_non_anonymous_mode_enabled(options)) {
- static int logged_warning = 0;
-
- if (rend_service_poison_new_single_onion_dir(s, options) < 0) {
- log_warn(LD_GENERAL,"Failed to mark new hidden services as non-anonymous"
- ".");
- return -1;
- }
-
- if (!logged_warning) {
- /* The keys for these services are linked to the server IP address */
- log_notice(LD_REND, "The configured onion service directories have been "
- "used in single onion mode. They can not be used for "
- "anonymous hidden services.");
- logged_warning = 1;
- }
- }
-
- return 0;
-}
-
-/** Load and/or generate private keys for the hidden service <b>s</b>,
- * possibly including keys for client authorization. Return 0 on success, -1
- * on failure. */
-static int
-rend_service_load_keys(rend_service_t *s)
-{
- char *fname = NULL;
- char buf[128];
-
- /* Create the directory if needed which will also poison it in case of
- * single onion service. */
- if (rend_service_check_private_dir(get_options(), s, 1) < 0)
- goto err;
-
- /* Load key */
- fname = rend_service_path(s, private_key_fname);
- s->private_key = init_key_from_file(fname, 1, LOG_ERR, NULL);
-
- if (!s->private_key)
- goto err;
-
- if (rend_service_derive_key_digests(s) < 0)
- goto err;
-
- tor_free(fname);
- /* Create service file */
- fname = rend_service_path(s, hostname_fname);
-
- tor_snprintf(buf, sizeof(buf),"%s.onion\n", s->service_id);
- if (write_str_to_file_if_not_equal(fname, buf)) {
- log_warn(LD_CONFIG, "Could not write onion address to hostname file.");
- goto err;
- }
-#ifndef _WIN32
- if (s->dir_group_readable) {
- /* Also verify hostname file created with group read. */
- if (chmod(fname, 0640))
- log_warn(LD_FS,"Unable to make hidden hostname file %s group-readable.",
- fname);
- }
-#endif /* !defined(_WIN32) */
-
- /* If client authorization is configured, load or generate keys. */
- if (s->auth_type != REND_NO_AUTH) {
- if (rend_service_load_auth_keys(s, fname) < 0) {
- goto err;
- }
- }
-
- int r = 0;
- goto done;
- err:
- r = -1;
- done:
- memwipe(buf, 0, sizeof(buf));
- tor_free(fname);
- return r;
-}
-
-/** Load and/or generate client authorization keys for the hidden service
- * <b>s</b>, which stores its hostname in <b>hfname</b>. Return 0 on success,
- * -1 on failure. */
-static int
-rend_service_load_auth_keys(rend_service_t *s, const char *hfname)
-{
- int r = 0;
- char *cfname = NULL;
- char *client_keys_str = NULL;
- strmap_t *parsed_clients = strmap_new();
- FILE *cfile, *hfile;
- open_file_t *open_cfile = NULL, *open_hfile = NULL;
- char desc_cook_out[3*REND_DESC_COOKIE_LEN_BASE64+1];
- char service_id[16+1];
- char buf[1500];
-
- /* Load client keys and descriptor cookies, if available. */
- cfname = rend_service_path(s, client_keys_fname);
- client_keys_str = read_file_to_str(cfname, RFTS_IGNORE_MISSING, NULL);
- if (client_keys_str) {
- if (rend_parse_client_keys(parsed_clients, client_keys_str) < 0) {
- log_warn(LD_CONFIG, "Previously stored client_keys file could not "
- "be parsed.");
- goto err;
- } else {
- log_info(LD_CONFIG, "Parsed %d previously stored client entries.",
- strmap_size(parsed_clients));
- }
- }
-
- /* Prepare client_keys and hostname files. */
- if (!(cfile = start_writing_to_stdio_file(cfname,
- OPEN_FLAGS_REPLACE | O_TEXT,
- 0600, &open_cfile))) {
- log_warn(LD_CONFIG, "Could not open client_keys file %s",
- escaped(cfname));
- goto err;
- }
-
- if (!(hfile = start_writing_to_stdio_file(hfname,
- OPEN_FLAGS_REPLACE | O_TEXT,
- 0600, &open_hfile))) {
- log_warn(LD_CONFIG, "Could not open hostname file %s", escaped(hfname));
- goto err;
- }
-
- /* Either use loaded keys for configured clients or generate new
- * ones if a client is new. */
- SMARTLIST_FOREACH_BEGIN(s->clients, rend_authorized_client_t *, client) {
- rend_authorized_client_t *parsed =
- strmap_get(parsed_clients, client->client_name);
- int written;
- size_t len;
- /* Copy descriptor cookie from parsed entry or create new one. */
- if (parsed) {
- memcpy(client->descriptor_cookie, parsed->descriptor_cookie,
- REND_DESC_COOKIE_LEN);
- } else {
- crypto_rand((char *) client->descriptor_cookie, REND_DESC_COOKIE_LEN);
- }
- /* For compatibility with older tor clients, this does not
- * truncate the padding characters, unlike rend_auth_encode_cookie. */
- if (base64_encode(desc_cook_out, 3*REND_DESC_COOKIE_LEN_BASE64+1,
- (char *) client->descriptor_cookie,
- REND_DESC_COOKIE_LEN, 0) < 0) {
- log_warn(LD_BUG, "Could not base64-encode descriptor cookie.");
- goto err;
- }
- /* Copy client key from parsed entry or create new one if required. */
- if (parsed && parsed->client_key) {
- client->client_key = crypto_pk_dup_key(parsed->client_key);
- } else if (s->auth_type == REND_STEALTH_AUTH) {
- /* Create private key for client. */
- crypto_pk_t *prkey = NULL;
- if (!(prkey = crypto_pk_new())) {
- log_warn(LD_BUG,"Error constructing client key");
- goto err;
- }
- if (crypto_pk_generate_key(prkey)) {
- log_warn(LD_BUG,"Error generating client key");
- crypto_pk_free(prkey);
- goto err;
- }
- if (! crypto_pk_is_valid_private_key(prkey)) {
- log_warn(LD_BUG,"Generated client key seems invalid");
- crypto_pk_free(prkey);
- goto err;
- }
- client->client_key = prkey;
- }
- /* Add entry to client_keys file. */
- written = tor_snprintf(buf, sizeof(buf),
- "client-name %s\ndescriptor-cookie %s\n",
- client->client_name, desc_cook_out);
- if (written < 0) {
- log_warn(LD_BUG, "Could not write client entry.");
- goto err;
- }
- if (client->client_key) {
- char *client_key_out = NULL;
- if (crypto_pk_write_private_key_to_string(client->client_key,
- &client_key_out, &len) != 0) {
- log_warn(LD_BUG, "Internal error: "
- "crypto_pk_write_private_key_to_string() failed.");
- goto err;
- }
- if (rend_get_service_id(client->client_key, service_id)<0) {
- log_warn(LD_BUG, "Internal error: couldn't encode service ID.");
- /*
- * len is string length, not buffer length, but last byte is NUL
- * anyway.
- */
- memwipe(client_key_out, 0, len);
- tor_free(client_key_out);
- goto err;
- }
- written = tor_snprintf(buf + written, sizeof(buf) - written,
- "client-key\n%s", client_key_out);
- memwipe(client_key_out, 0, len);
- tor_free(client_key_out);
- if (written < 0) {
- log_warn(LD_BUG, "Could not write client entry.");
- goto err;
- }
- } else {
- strlcpy(service_id, s->service_id, sizeof(service_id));
- }
-
- if (fputs(buf, cfile) < 0) {
- log_warn(LD_FS, "Could not append client entry to file: %s",
- strerror(errno));
- goto err;
- }
-
- /* Add line to hostname file. This is not the same encoding as in
- * client_keys. */
- char *encoded_cookie = rend_auth_encode_cookie(client->descriptor_cookie,
- s->auth_type);
- if (!encoded_cookie) {
- log_warn(LD_BUG, "Could not base64-encode descriptor cookie.");
- goto err;
- }
- tor_snprintf(buf, sizeof(buf), "%s.onion %s # client: %s\n",
- service_id, encoded_cookie, client->client_name);
- memwipe(encoded_cookie, 0, strlen(encoded_cookie));
- tor_free(encoded_cookie);
-
- if (fputs(buf, hfile)<0) {
- log_warn(LD_FS, "Could not append host entry to file: %s",
- strerror(errno));
- goto err;
- }
- } SMARTLIST_FOREACH_END(client);
-
- finish_writing_to_file(open_cfile);
- finish_writing_to_file(open_hfile);
-
- goto done;
- err:
- r = -1;
- if (open_cfile)
- abort_writing_to_file(open_cfile);
- if (open_hfile)
- abort_writing_to_file(open_hfile);
- done:
- if (client_keys_str) {
- memwipe(client_keys_str, 0, strlen(client_keys_str));
- tor_free(client_keys_str);
- }
- strmap_free(parsed_clients, rend_authorized_client_free_void);
-
- if (cfname) {
- memwipe(cfname, 0, strlen(cfname));
- tor_free(cfname);
- }
-
- /* Clear stack buffers that held key-derived material. */
- memwipe(buf, 0, sizeof(buf));
- memwipe(desc_cook_out, 0, sizeof(desc_cook_out));
- memwipe(service_id, 0, sizeof(service_id));
-
- return r;
-}
-
-/** Return the service whose public key has a digest of <b>digest</b>, or
- * NULL if no such service exists.
- */
-static rend_service_t *
-rend_service_get_by_pk_digest(const char* digest)
-{
- SMARTLIST_FOREACH(rend_service_list, rend_service_t*, s,
- if (tor_memeq(s->pk_digest,digest,DIGEST_LEN))
- return s);
- return NULL;
-}
-
-/** Return the service whose service id is <b>id</b>, or NULL if no such
- * service exists.
- */
-static struct rend_service_t *
-rend_service_get_by_service_id(const char *id)
-{
- tor_assert(strlen(id) == REND_SERVICE_ID_LEN_BASE32);
- SMARTLIST_FOREACH(rend_service_list, rend_service_t*, s, {
- if (tor_memeq(s->service_id, id, REND_SERVICE_ID_LEN_BASE32))
- return s;
- });
- return NULL;
-}
-
-/** Check client authorization of a given <b>descriptor_cookie</b> of
- * length <b>cookie_len</b> for <b>service</b>. Return 1 for success
- * and 0 for failure. */
-static int
-rend_check_authorization(rend_service_t *service,
- const char *descriptor_cookie,
- size_t cookie_len)
-{
- rend_authorized_client_t *auth_client = NULL;
- tor_assert(service);
- tor_assert(descriptor_cookie);
- if (!service->clients) {
- log_warn(LD_BUG, "Can't check authorization for a service that has no "
- "authorized clients configured.");
- return 0;
- }
-
- if (cookie_len != REND_DESC_COOKIE_LEN) {
- log_info(LD_REND, "Descriptor cookie is %lu bytes, but we expected "
- "%lu bytes. Dropping cell.",
- (unsigned long)cookie_len, (unsigned long)REND_DESC_COOKIE_LEN);
- return 0;
- }
-
- /* Look up client authorization by descriptor cookie. */
- SMARTLIST_FOREACH(service->clients, rend_authorized_client_t *, client, {
- if (tor_memeq(client->descriptor_cookie, descriptor_cookie,
- REND_DESC_COOKIE_LEN)) {
- auth_client = client;
- break;
- }
- });
- if (!auth_client) {
- char descriptor_cookie_base64[3*REND_DESC_COOKIE_LEN_BASE64];
- base64_encode(descriptor_cookie_base64, sizeof(descriptor_cookie_base64),
- descriptor_cookie, REND_DESC_COOKIE_LEN, 0);
- log_info(LD_REND, "No authorization found for descriptor cookie '%s'! "
- "Dropping cell!",
- descriptor_cookie_base64);
- return 0;
- }
-
- /* Allow the request. */
- log_info(LD_REND, "Client %s authorized for service %s.",
- auth_client->client_name, service->service_id);
- return 1;
-}
-
-/* Can this service make a direct connection to ei?
- * It must be a single onion service, and the firewall rules must allow ei. */
-static int
-rend_service_use_direct_connection(const or_options_t* options,
- const extend_info_t* ei)
-{
- /* We'll connect directly all reachable addresses, whether preferred or not.
- * The prefer_ipv6 argument to reachable_addr_allows_addr is
- * ignored, because pref_only is 0. */
- const tor_addr_port_t *ap = extend_info_get_orport(ei, AF_INET);
- if (!ap)
- return 0;
- return (rend_service_allow_non_anonymous_connection(options) &&
- reachable_addr_allows_addr(&ap->addr, ap->port,
- FIREWALL_OR_CONNECTION, 0, 0));
-}
-
-/* Like rend_service_use_direct_connection, but to a node. */
-static int
-rend_service_use_direct_connection_node(const or_options_t* options,
- const node_t* node)
-{
- /* We'll connect directly all reachable addresses, whether preferred or not.
- */
- return (rend_service_allow_non_anonymous_connection(options) &&
- reachable_addr_allows_node(node, FIREWALL_OR_CONNECTION, 0));
-}
-
-/******
- * Handle cells
- ******/
-
-/** Respond to an INTRODUCE2 cell by launching a circuit to the chosen
- * rendezvous point.
- */
-int
-rend_service_receive_introduction(origin_circuit_t *circuit,
- const uint8_t *request,
- size_t request_len)
-{
- /* Global status stuff */
- int status = 0, result;
- const or_options_t *options = get_options();
- char *err_msg = NULL;
- int err_msg_severity = LOG_WARN;
- const char *stage_descr = NULL, *rend_pk_digest;
- int reason = END_CIRC_REASON_TORPROTOCOL;
- /* Service/circuit/key stuff we can learn before parsing */
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- rend_service_t *service = NULL;
- rend_intro_point_t *intro_point = NULL;
- crypto_pk_t *intro_key = NULL;
- /* Parsed cell */
- rend_intro_cell_t *parsed_req = NULL;
- /* Rendezvous point */
- extend_info_t *rp = NULL;
- /* XXX not handled yet */
- char buf[RELAY_PAYLOAD_SIZE];
- char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
- int i;
- crypto_dh_t *dh = NULL;
- origin_circuit_t *launched = NULL;
- crypt_path_t *cpath = NULL;
- char hexcookie[9];
- int circ_needs_uptime;
- time_t now = time(NULL);
- time_t elapsed;
- int replay;
- ssize_t keylen;
-
- /* Do some initial validation and logging before we parse the cell */
- if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_INTRO) {
- log_warn(LD_PROTOCOL,
- "Got an INTRODUCE2 over a non-introduction circuit %u.",
- (unsigned) circuit->base_.n_circ_id);
- goto err;
- }
-
- assert_circ_anonymity_ok(circuit, options);
- tor_assert(circuit->rend_data);
- /* XXX: This is version 2 specific (only one supported). */
- rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data, NULL);
-
- /* We'll use this in a bazillion log messages */
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
-
- /* look up service depending on circuit. */
- service = rend_service_get_by_pk_digest(rend_pk_digest);
- if (!service) {
- log_warn(LD_BUG,
- "Internal error: Got an INTRODUCE2 cell on an intro "
- "circ for an unrecognized service %s.",
- escaped(serviceid));
- goto err;
- }
-
- intro_point = find_intro_point(circuit);
- if (intro_point == NULL) {
- intro_point = find_expiring_intro_point(service, circuit);
- if (intro_point == NULL) {
- log_warn(LD_BUG,
- "Internal error: Got an INTRODUCE2 cell on an "
- "intro circ (for service %s) with no corresponding "
- "rend_intro_point_t.",
- escaped(serviceid));
- goto err;
- }
- }
-
- log_info(LD_REND, "Received INTRODUCE2 cell for service %s on circ %u.",
- escaped(serviceid), (unsigned)circuit->base_.n_circ_id);
-
- /* use intro key instead of service key. */
- intro_key = circuit->intro_key;
-
- tor_free(err_msg);
- stage_descr = NULL;
-
- stage_descr = "early parsing";
- /* Early parsing pass (get pk, ciphertext); type 2 is INTRODUCE2 */
- parsed_req =
- rend_service_begin_parse_intro(request, request_len, 2, &err_msg);
- if (!parsed_req) {
- goto log_error;
- } else if (err_msg) {
- log_info(LD_REND, "%s on circ %u.", err_msg,
- (unsigned)circuit->base_.n_circ_id);
- tor_free(err_msg);
- }
-
- /* make sure service replay caches are present */
- if (!service->accepted_intro_dh_parts) {
- service->accepted_intro_dh_parts =
- replaycache_new(REND_REPLAY_TIME_INTERVAL,
- REND_REPLAY_TIME_INTERVAL);
- }
-
- if (!intro_point->accepted_intro_rsa_parts) {
- intro_point->accepted_intro_rsa_parts = replaycache_new(0, 0);
- }
-
- /* check for replay of PK-encrypted portion. */
- keylen = crypto_pk_keysize(intro_key);
- replay = replaycache_add_test_and_elapsed(
- intro_point->accepted_intro_rsa_parts,
- parsed_req->ciphertext, MIN(parsed_req->ciphertext_len, keylen),
- &elapsed);
-
- if (replay) {
- log_warn(LD_REND,
- "Possible replay detected! We received an "
- "INTRODUCE2 cell with same PK-encrypted part %d "
- "seconds ago. Dropping cell.",
- (int)elapsed);
- goto err;
- }
-
- stage_descr = "decryption";
- /* Now try to decrypt it */
- result = rend_service_decrypt_intro(parsed_req, intro_key, &err_msg);
- if (result < 0) {
- goto log_error;
- } else if (err_msg) {
- log_info(LD_REND, "%s on circ %u.", err_msg,
- (unsigned)circuit->base_.n_circ_id);
- tor_free(err_msg);
- }
-
- stage_descr = "late parsing";
- /* Parse the plaintext */
- result = rend_service_parse_intro_plaintext(parsed_req, &err_msg);
- if (result < 0) {
- goto log_error;
- } else if (err_msg) {
- log_info(LD_REND, "%s on circ %u.", err_msg,
- (unsigned)circuit->base_.n_circ_id);
- tor_free(err_msg);
- }
-
- stage_descr = "late validation";
- /* Validate the parsed plaintext parts */
- result = rend_service_validate_intro_late(parsed_req, &err_msg);
- if (result < 0) {
- goto log_error;
- } else if (err_msg) {
- log_info(LD_REND, "%s on circ %u.", err_msg,
- (unsigned)circuit->base_.n_circ_id);
- tor_free(err_msg);
- }
- stage_descr = NULL;
-
- /* Increment INTRODUCE2 counter */
- ++(intro_point->accepted_introduce2_count);
-
- /* Find the rendezvous point */
- rp = find_rp_for_intro(parsed_req, &err_msg);
- if (!rp) {
- err_msg_severity = LOG_PROTOCOL_WARN;
- goto log_error;
- }
-
- /* Check if we'd refuse to talk to this router */
- if (options->StrictNodes &&
- routerset_contains_extendinfo(options->ExcludeNodes, rp)) {
- log_warn(LD_REND, "Client asked to rendezvous at a relay that we "
- "exclude, and StrictNodes is set. Refusing service.");
- reason = END_CIRC_REASON_INTERNAL; /* XXX might leak why we refused */
- goto err;
- }
-
- base16_encode(hexcookie, 9, (const char *)(parsed_req->rc), 4);
-
- /* Check whether there is a past request with the same Diffie-Hellman,
- * part 1. */
- replay = replaycache_add_test_and_elapsed(
- service->accepted_intro_dh_parts,
- parsed_req->dh, DH1024_KEY_LEN,
- &elapsed);
-
- if (replay) {
- /* A Tor client will send a new INTRODUCE1 cell with the same rend
- * cookie and DH public key as its previous one if its intro circ
- * times out while in state CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT .
- * If we received the first INTRODUCE1 cell (the intro-point relay
- * converts it into an INTRODUCE2 cell), we are already trying to
- * connect to that rend point (and may have already succeeded);
- * drop this cell. */
- log_info(LD_REND, "We received an "
- "INTRODUCE2 cell with same first part of "
- "Diffie-Hellman handshake %d seconds ago. Dropping "
- "cell.",
- (int) elapsed);
- goto err;
- }
-
- /* If the service performs client authorization, check included auth data. */
- if (service->clients) {
- if (parsed_req->version == 3 && parsed_req->u.v3.auth_len > 0) {
- if (rend_check_authorization(service,
- (const char*)parsed_req->u.v3.auth_data,
- parsed_req->u.v3.auth_len)) {
- log_info(LD_REND, "Authorization data in INTRODUCE2 cell are valid.");
- } else {
- log_info(LD_REND, "The authorization data that are contained in "
- "the INTRODUCE2 cell are invalid. Dropping cell.");
- reason = END_CIRC_REASON_CONNECTFAILED;
- goto err;
- }
- } else {
- log_info(LD_REND, "INTRODUCE2 cell does not contain authentication "
- "data, but we require client authorization. Dropping cell.");
- reason = END_CIRC_REASON_CONNECTFAILED;
- goto err;
- }
- }
-
- /* Try DH handshake... */
- dh = crypto_dh_new(DH_TYPE_REND);
- if (!dh || crypto_dh_generate_public(dh)<0) {
- log_warn(LD_BUG,"Internal error: couldn't build DH state "
- "or generate public key.");
- reason = END_CIRC_REASON_INTERNAL;
- goto err;
- }
- if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh,
- (char *)(parsed_req->dh),
- DH1024_KEY_LEN, keys,
- DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
- log_warn(LD_BUG, "Internal error: couldn't complete DH handshake");
- reason = END_CIRC_REASON_INTERNAL;
- goto err;
- }
-
- circ_needs_uptime = hs_service_requires_uptime_circ(service->ports);
-
- /* help predict this next time */
- rep_hist_note_used_internal(now, circ_needs_uptime, 1);
-
- /* Launch a circuit to the client's chosen rendezvous point.
- */
- int max_rend_failures=hs_get_service_max_rend_failures();
- for (i=0;i<max_rend_failures;i++) {
- int flags = CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_IS_INTERNAL;
- if (circ_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME;
- /* A Single Onion Service only uses a direct connection if its
- * firewall rules permit direct connections to the address.
- *
- * We only use a one-hop path on the first attempt. If the first attempt
- * fails, we use a 3-hop path for reachability / reliability.
- * See the comment in rend_service_relaunch_rendezvous() for details. */
- if (rend_service_use_direct_connection(options, rp) && i == 0) {
- flags = flags | CIRCLAUNCH_ONEHOP_TUNNEL;
- }
- launched = circuit_launch_by_extend_info(
- CIRCUIT_PURPOSE_S_CONNECT_REND, rp, flags);
-
- if (launched)
- break;
- }
- if (!launched) { /* give up */
- log_warn(LD_REND, "Giving up launching first hop of circuit to rendezvous "
- "point %s for service %s.",
- safe_str_client(extend_info_describe(rp)),
- serviceid);
- reason = END_CIRC_REASON_CONNECTFAILED;
- goto err;
- }
- log_info(LD_REND,
- "Accepted intro; launching circuit to %s "
- "(cookie %s) for service %s.",
- safe_str_client(extend_info_describe(rp)),
- hexcookie, serviceid);
- tor_assert(launched->build_state);
- /* Fill in the circuit's state. */
-
- launched->rend_data =
- rend_data_service_create(service->service_id, rend_pk_digest,
- parsed_req->rc, service->auth_type);
-
- launched->build_state->service_pending_final_cpath_ref =
- tor_malloc_zero(sizeof(crypt_path_reference_t));
- launched->build_state->service_pending_final_cpath_ref->refcount = 1;
-
- launched->build_state->service_pending_final_cpath_ref->cpath = cpath =
- tor_malloc_zero(sizeof(crypt_path_t));
- cpath->magic = CRYPT_PATH_MAGIC;
- launched->build_state->expiry_time = now + MAX_REND_TIMEOUT;
-
- cpath->rend_dh_handshake_state = dh;
- dh = NULL;
- if (cpath_init_circuit_crypto(cpath,
- keys+DIGEST_LEN, sizeof(keys)-DIGEST_LEN,
- 1, 0)<0)
- goto err;
- memcpy(cpath->rend_circ_nonce, keys, DIGEST_LEN);
-
- goto done;
-
- log_error:
- if (!err_msg) {
- if (stage_descr) {
- tor_asprintf(&err_msg,
- "unknown %s error for INTRODUCE2", stage_descr);
- } else {
- err_msg = tor_strdup("unknown error for INTRODUCE2");
- }
- }
-
- log_fn(err_msg_severity, LD_REND, "%s on circ %u", err_msg,
- (unsigned)circuit->base_.n_circ_id);
- err:
- status = -1;
- if (dh) crypto_dh_free(dh);
- if (launched) {
- circuit_mark_for_close(TO_CIRCUIT(launched), reason);
- }
- tor_free(err_msg);
-
- done:
- memwipe(keys, 0, sizeof(keys));
- memwipe(buf, 0, sizeof(buf));
- memwipe(serviceid, 0, sizeof(serviceid));
- memwipe(hexcookie, 0, sizeof(hexcookie));
-
- /* Free the parsed cell */
- rend_service_free_intro(parsed_req);
-
- /* Free rp */
- extend_info_free(rp);
-
- return status;
-}
-
-/** Given a parsed and decrypted INTRODUCE2, find the rendezvous point or
- * return NULL and an error string if we can't. Return a newly allocated
- * extend_info_t* for the rendezvous point. */
-static extend_info_t *
-find_rp_for_intro(const rend_intro_cell_t *intro,
- char **err_msg_out)
-{
- extend_info_t *rp = NULL;
- char *err_msg = NULL;
- const char *rp_nickname = NULL;
- const node_t *node = NULL;
-
- if (!intro) {
- if (err_msg_out)
- err_msg = tor_strdup("Bad parameters to find_rp_for_intro()");
-
- goto err;
- }
-
- if (intro->version == 0 || intro->version == 1) {
- rp_nickname = (const char *)(intro->u.v0_v1.rp);
-
- node = node_get_by_nickname(rp_nickname, NNF_NO_WARN_UNNAMED);
- if (!node) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "Couldn't find router %s named in INTRODUCE2 cell",
- escaped_safe_str_client(rp_nickname));
- }
-
- goto err;
- }
-
- /* Are we in single onion mode? */
- const int allow_direct = rend_service_allow_non_anonymous_connection(
- get_options());
- rp = extend_info_from_node(node, allow_direct);
- if (!rp) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "Couldn't build extend_info_t for router %s named "
- "in INTRODUCE2 cell",
- escaped_safe_str_client(rp_nickname));
- }
-
- goto err;
- }
- } else if (intro->version == 2) {
- rp = extend_info_dup(intro->u.v2.extend_info);
- } else if (intro->version == 3) {
- rp = extend_info_dup(intro->u.v3.extend_info);
- } else {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "Unknown version %d in INTRODUCE2 cell",
- (int)(intro->version));
- }
-
- goto err;
- }
-
- /* rp is always set here: extend_info_dup guarantees a non-NULL result, and
- * the other cases goto err. */
- tor_assert(rp);
-
- /* Make sure the RP we are being asked to connect to is _not_ a private
- * address unless it's allowed. Let's avoid to build a circuit to our
- * second middle node and fail right after when extending to the RP. */
- const tor_addr_port_t *orport = extend_info_get_orport(rp, AF_INET);
- if (! orport || !extend_info_addr_is_allowed(&orport->addr)) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "Relay IP in INTRODUCE2 cell is private address.");
- }
- extend_info_free(rp);
- rp = NULL;
- goto err;
- }
- goto done;
-
- err:
- if (err_msg_out)
- *err_msg_out = err_msg;
- else
- tor_free(err_msg);
-
- done:
- return rp;
-}
-
-/** Free a parsed INTRODUCE1 or INTRODUCE2 cell that was allocated by
- * rend_service_parse_intro().
- */
-void
-rend_service_free_intro_(rend_intro_cell_t *request)
-{
- if (!request) {
- return;
- }
-
- /* Free ciphertext */
- tor_free(request->ciphertext);
- request->ciphertext_len = 0;
-
- /* Have plaintext? */
- if (request->plaintext) {
- /* Zero it out just to be safe */
- memwipe(request->plaintext, 0, request->plaintext_len);
- tor_free(request->plaintext);
- request->plaintext_len = 0;
- }
-
- /* Have parsed plaintext? */
- if (request->parsed) {
- switch (request->version) {
- case 0:
- case 1:
- /*
- * Nothing more to do; these formats have no further pointers
- * in them.
- */
- break;
- case 2:
- extend_info_free(request->u.v2.extend_info);
- request->u.v2.extend_info = NULL;
- break;
- case 3:
- if (request->u.v3.auth_data) {
- memwipe(request->u.v3.auth_data, 0, request->u.v3.auth_len);
- tor_free(request->u.v3.auth_data);
- }
-
- extend_info_free(request->u.v3.extend_info);
- request->u.v3.extend_info = NULL;
- break;
- default:
- log_info(LD_BUG,
- "rend_service_free_intro() saw unknown protocol "
- "version %d.",
- request->version);
- }
- }
-
- /* Zero it out to make sure sensitive stuff doesn't hang around in memory */
- memwipe(request, 0, sizeof(*request));
-
- tor_free(request);
-}
-
-/** Parse an INTRODUCE1 or INTRODUCE2 cell into a newly allocated
- * rend_intro_cell_t structure. Free it with rend_service_free_intro()
- * when finished. The type parameter should be 1 or 2 to indicate whether
- * this is INTRODUCE1 or INTRODUCE2. This parses only the non-encrypted
- * parts; after this, call rend_service_decrypt_intro() with a key, then
- * rend_service_parse_intro_plaintext() to finish parsing. The optional
- * err_msg_out parameter is set to a string suitable for log output
- * if parsing fails. This function does some validation, but only
- * that which depends solely on the contents of the cell and the
- * key; it can be unit-tested. Further validation is done in
- * rend_service_validate_intro().
- */
-
-rend_intro_cell_t *
-rend_service_begin_parse_intro(const uint8_t *request,
- size_t request_len,
- uint8_t type,
- char **err_msg_out)
-{
- rend_intro_cell_t *rv = NULL;
- char *err_msg = NULL;
-
- if (!request || request_len <= 0) goto err;
- if (!(type == 1 || type == 2)) goto err;
-
- /* First, check that the cell is long enough to be a sensible INTRODUCE */
-
- /* min key length plus digest length plus nickname length */
- if (request_len <
- (DIGEST_LEN + REND_COOKIE_LEN + (MAX_NICKNAME_LEN + 1) +
- DH1024_KEY_LEN + 42)) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "got a truncated INTRODUCE%d cell",
- (int)type);
- }
- goto err;
- }
-
- /* Allocate a new parsed cell structure */
- rv = tor_malloc_zero(sizeof(*rv));
-
- /* Set the type */
- rv->type = type;
-
- /* Copy in the ID */
- memcpy(rv->pk, request, DIGEST_LEN);
-
- /* Copy in the ciphertext */
- rv->ciphertext = tor_malloc(request_len - DIGEST_LEN);
- memcpy(rv->ciphertext, request + DIGEST_LEN, request_len - DIGEST_LEN);
- rv->ciphertext_len = request_len - DIGEST_LEN;
-
- goto done;
-
- err:
- rend_service_free_intro(rv);
- rv = NULL;
-
- if (err_msg_out && !err_msg) {
- tor_asprintf(&err_msg,
- "unknown INTRODUCE%d error",
- (int)type);
- }
-
- done:
- if (err_msg_out) *err_msg_out = err_msg;
- else tor_free(err_msg);
-
- return rv;
-}
-
-/** Parse the version-specific parts of a v0 or v1 INTRODUCE1 or INTRODUCE2
- * cell
- */
-
-static ssize_t
-rend_service_parse_intro_for_v0_or_v1(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out)
-{
- const char *rp_nickname, *endptr;
- size_t nickname_field_len, ver_specific_len;
-
- if (intro->version == 1) {
- ver_specific_len = MAX_HEX_NICKNAME_LEN + 2;
- rp_nickname = ((const char *)buf) + 1;
- nickname_field_len = MAX_HEX_NICKNAME_LEN + 1;
- } else if (intro->version == 0) {
- ver_specific_len = MAX_NICKNAME_LEN + 1;
- rp_nickname = (const char *)buf;
- nickname_field_len = MAX_NICKNAME_LEN + 1;
- } else {
- if (err_msg_out)
- tor_asprintf(err_msg_out,
- "rend_service_parse_intro_for_v0_or_v1() called with "
- "bad version %d on INTRODUCE%d cell (this is a bug)",
- intro->version,
- (int)(intro->type));
- goto err;
- }
-
- if (plaintext_len < ver_specific_len) {
- if (err_msg_out)
- tor_asprintf(err_msg_out,
- "short plaintext of encrypted part in v1 INTRODUCE%d "
- "cell (%lu bytes, needed %lu)",
- (int)(intro->type),
- (unsigned long)plaintext_len,
- (unsigned long)ver_specific_len);
- goto err;
- }
-
- endptr = memchr(rp_nickname, 0, nickname_field_len);
- if (!endptr || endptr == rp_nickname) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "couldn't find a nul-padded nickname in "
- "INTRODUCE%d cell",
- (int)(intro->type));
- }
- goto err;
- }
-
- if ((intro->version == 0 &&
- !is_legal_nickname(rp_nickname)) ||
- (intro->version == 1 &&
- !is_legal_nickname_or_hexdigest(rp_nickname))) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "bad nickname in INTRODUCE%d cell",
- (int)(intro->type));
- }
- goto err;
- }
-
- memcpy(intro->u.v0_v1.rp, rp_nickname, endptr - rp_nickname + 1);
-
- return ver_specific_len;
-
- err:
- return -1;
-}
-
-/** Parse the version-specific parts of a v2 INTRODUCE1 or INTRODUCE2 cell
- */
-
-static ssize_t
-rend_service_parse_intro_for_v2(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out)
-{
- unsigned int klen;
- extend_info_t *extend_info = NULL;
- ssize_t ver_specific_len;
-
- /*
- * We accept version 3 too so that the v3 parser can call this with
- * an adjusted buffer for the latter part of a v3 cell, which is
- * identical to a v2 cell.
- */
- if (!(intro->version == 2 ||
- intro->version == 3)) {
- if (err_msg_out)
- tor_asprintf(err_msg_out,
- "rend_service_parse_intro_for_v2() called with "
- "bad version %d on INTRODUCE%d cell (this is a bug)",
- intro->version,
- (int)(intro->type));
- goto err;
- }
-
- /* 7 == version, IP and port, DIGEST_LEN == id, 2 == key length */
- if (plaintext_len < 7 + DIGEST_LEN + 2) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "truncated plaintext of encrypted parted of "
- "version %d INTRODUCE%d cell",
- intro->version,
- (int)(intro->type));
- }
-
- goto err;
- }
-
- extend_info = extend_info_new(NULL, NULL, NULL, NULL, NULL, NULL, 0);
- tor_addr_t addr;
- tor_addr_from_ipv4n(&addr, get_uint32(buf + 1));
- uint16_t port = ntohs(get_uint16(buf + 5));
- extend_info_add_orport(extend_info, &addr, port);
- memcpy(extend_info->identity_digest, buf + 7, DIGEST_LEN);
- extend_info->nickname[0] = '$';
- base16_encode(extend_info->nickname + 1, sizeof(extend_info->nickname) - 1,
- extend_info->identity_digest, DIGEST_LEN);
- klen = ntohs(get_uint16(buf + 7 + DIGEST_LEN));
-
- /* 7 == version, IP and port, DIGEST_LEN == id, 2 == key length */
- if (plaintext_len < 7 + DIGEST_LEN + 2 + klen) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "truncated plaintext of encrypted parted of "
- "version %d INTRODUCE%d cell",
- intro->version,
- (int)(intro->type));
- }
-
- goto err;
- }
-
- extend_info->onion_key =
- crypto_pk_asn1_decode((const char *)(buf + 7 + DIGEST_LEN + 2), klen);
- if (!extend_info->onion_key) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "error decoding onion key in version %d "
- "INTRODUCE%d cell",
- intro->version,
- (intro->type));
- }
-
- goto err;
- }
- if (128 != crypto_pk_keysize(extend_info->onion_key)) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "invalid onion key size in version %d INTRODUCE%d cell",
- intro->version,
- (intro->type));
- }
-
- goto err;
- }
-
- ver_specific_len = 7+DIGEST_LEN+2+klen;
-
- if (intro->version == 2) intro->u.v2.extend_info = extend_info;
- else intro->u.v3.extend_info = extend_info;
-
- return ver_specific_len;
-
- err:
- extend_info_free(extend_info);
-
- return -1;
-}
-
-/** Parse the version-specific parts of a v3 INTRODUCE1 or INTRODUCE2 cell
- */
-
-static ssize_t
-rend_service_parse_intro_for_v3(
- rend_intro_cell_t *intro,
- const uint8_t *buf,
- size_t plaintext_len,
- char **err_msg_out)
-{
- ssize_t adjust, v2_ver_specific_len, ts_offset;
-
- /* This should only be called on v3 cells */
- if (intro->version != 3) {
- if (err_msg_out)
- tor_asprintf(err_msg_out,
- "rend_service_parse_intro_for_v3() called with "
- "bad version %d on INTRODUCE%d cell (this is a bug)",
- intro->version,
- (int)(intro->type));
- goto err;
- }
-
- /*
- * Check that we have at least enough to get auth_len:
- *
- * 1 octet for version, 1 for auth_type, 2 for auth_len
- */
- if (plaintext_len < 4) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "truncated plaintext of encrypted parted of "
- "version %d INTRODUCE%d cell",
- intro->version,
- (int)(intro->type));
- }
-
- goto err;
- }
-
- /*
- * The rend_client_send_introduction() function over in rendclient.c is
- * broken (i.e., fails to match the spec) in such a way that we can't
- * change it without breaking the protocol. Specifically, it doesn't
- * emit auth_len when auth-type is REND_NO_AUTH, so everything is off
- * by two bytes after that. Calculate ts_offset and do everything from
- * the timestamp on relative to that to handle this dain bramage.
- */
-
- intro->u.v3.auth_type = buf[1];
- if (intro->u.v3.auth_type != REND_NO_AUTH) {
- intro->u.v3.auth_len = ntohs(get_uint16(buf + 2));
- ts_offset = 4 + intro->u.v3.auth_len;
- } else {
- intro->u.v3.auth_len = 0;
- ts_offset = 2;
- }
-
- /* Check that auth len makes sense for this auth type */
- if (intro->u.v3.auth_type == REND_BASIC_AUTH ||
- intro->u.v3.auth_type == REND_STEALTH_AUTH) {
- if (intro->u.v3.auth_len != REND_DESC_COOKIE_LEN) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "wrong auth data size %d for INTRODUCE%d cell, "
- "should be %d",
- (int)(intro->u.v3.auth_len),
- (int)(intro->type),
- REND_DESC_COOKIE_LEN);
- }
-
- goto err;
- }
- }
-
- /* Check that we actually have everything up through the timestamp */
- if (plaintext_len < (size_t)(ts_offset)+4) {
- if (err_msg_out) {
- tor_asprintf(err_msg_out,
- "truncated plaintext of encrypted parted of "
- "version %d INTRODUCE%d cell",
- intro->version,
- (int)(intro->type));
- }
-
- goto err;
- }
-
- if (intro->u.v3.auth_type != REND_NO_AUTH &&
- intro->u.v3.auth_len > 0) {
- /* Okay, we can go ahead and copy auth_data */
- intro->u.v3.auth_data = tor_malloc(intro->u.v3.auth_len);
- /*
- * We know we had an auth_len field in this case, so 4 is
- * always right.
- */
- memcpy(intro->u.v3.auth_data, buf + 4, intro->u.v3.auth_len);
- }
-
- /*
- * From here on, the format is as in v2, so we call the v2 parser with
- * adjusted buffer and length. We are 4 + ts_offset octets in, but the
- * v2 parser expects to skip over a version byte at the start, so we
- * adjust by 3 + ts_offset.
- */
- adjust = 3 + ts_offset;
-
- v2_ver_specific_len =
- rend_service_parse_intro_for_v2(intro,
- buf + adjust, plaintext_len - adjust,
- err_msg_out);
-
- /* Success in v2 parser */
- if (v2_ver_specific_len >= 0) return v2_ver_specific_len + adjust;
- /* Failure in v2 parser; it will have provided an err_msg */
- else return v2_ver_specific_len;
-
- err:
- return -1;
-}
-
-/** Table of parser functions for version-specific parts of an INTRODUCE2
- * cell.
- */
-
-static ssize_t
- (*intro_version_handlers[])(
- rend_intro_cell_t *,
- const uint8_t *,
- size_t,
- char **) =
-{ rend_service_parse_intro_for_v0_or_v1,
- rend_service_parse_intro_for_v0_or_v1,
- rend_service_parse_intro_for_v2,
- rend_service_parse_intro_for_v3 };
-
-/** Decrypt the encrypted part of an INTRODUCE1 or INTRODUCE2 cell,
- * return 0 if successful, or < 0 and write an error message to
- * *err_msg_out if provided.
- */
-
-int
-rend_service_decrypt_intro(
- rend_intro_cell_t *intro,
- crypto_pk_t *key,
- char **err_msg_out)
-{
- char *err_msg = NULL;
- uint8_t key_digest[DIGEST_LEN];
- char service_id[REND_SERVICE_ID_LEN_BASE32+1];
- ssize_t key_len;
- uint8_t buf[RELAY_PAYLOAD_SIZE];
- int result, status = -1;
-
- if (!intro || !key) {
- if (err_msg_out) {
- err_msg =
- tor_strdup("rend_service_decrypt_intro() called with bad "
- "parameters");
- }
-
- status = -2;
- goto err;
- }
-
- /* Make sure we have ciphertext */
- if (!(intro->ciphertext) || intro->ciphertext_len <= 0) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "rend_intro_cell_t was missing ciphertext for "
- "INTRODUCE%d cell",
- (int)(intro->type));
- }
- status = -3;
- goto err;
- }
-
- /* Check that this cell actually matches this service key */
-
- /* first DIGEST_LEN bytes of request is intro or service pk digest */
- if (crypto_pk_get_digest(key, (char *)key_digest) < 0) {
- if (err_msg_out)
- *err_msg_out = tor_strdup("Couldn't compute RSA digest.");
- log_warn(LD_BUG, "Couldn't compute key digest.");
- status = -7;
- goto err;
- }
-
- if (tor_memneq(key_digest, intro->pk, DIGEST_LEN)) {
- if (err_msg_out) {
- base32_encode(service_id, REND_SERVICE_ID_LEN_BASE32 + 1,
- (char*)(intro->pk), REND_SERVICE_ID_LEN);
- tor_asprintf(&err_msg,
- "got an INTRODUCE%d cell for the wrong service (%s)",
- (int)(intro->type),
- escaped(service_id));
- }
-
- status = -4;
- goto err;
- }
-
- /* Make sure the encrypted part is long enough to decrypt */
-
- key_len = crypto_pk_keysize(key);
- if (intro->ciphertext_len < key_len) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "got an INTRODUCE%d cell with a truncated PK-encrypted "
- "part",
- (int)(intro->type));
- }
-
- status = -5;
- goto err;
- }
-
- /* Decrypt the encrypted part */
- result =
- crypto_pk_obsolete_private_hybrid_decrypt(
- key, (char *)buf, sizeof(buf),
- (const char *)(intro->ciphertext), intro->ciphertext_len,
- PK_PKCS1_OAEP_PADDING, 1);
- if (result < 0) {
- if (err_msg_out) {
- tor_asprintf(&err_msg,
- "couldn't decrypt INTRODUCE%d cell",
- (int)(intro->type));
- }
- status = -6;
- goto err;
- }
- intro->plaintext_len = result;
- intro->plaintext = tor_malloc(intro->plaintext_len);
- memcpy(intro->plaintext, buf, intro->plaintext_len);
-
- status = 0;
-
- goto done;
-
- err:
- if (err_msg_out && !err_msg) {
- tor_asprintf(&err_msg,
- "unknown INTRODUCE%d error decrypting encrypted part",
- intro ? (int)(intro->type) : -1);
- }
-
- done:
- if (err_msg_out) *err_msg_out = err_msg;
- else tor_free(err_msg);
-
- /* clean up potentially sensitive material */
- memwipe(buf, 0, sizeof(buf));
- memwipe(key_digest, 0, sizeof(key_digest));
- memwipe(service_id, 0, sizeof(service_id));
-
- return status;
-}
-
-/** Parse the plaintext of the encrypted part of an INTRODUCE1 or
- * INTRODUCE2 cell, return 0 if successful, or < 0 and write an error
- * message to *err_msg_out if provided.
- */
-
-int
-rend_service_parse_intro_plaintext(
- rend_intro_cell_t *intro,
- char **err_msg_out)
-{
- char *err_msg = NULL;
- ssize_t ver_specific_len, ver_invariant_len;
- uint8_t version;
- int status = -1;
-
- if (!intro) {
- if (err_msg_out) {
- err_msg =
- tor_strdup("rend_service_parse_intro_plaintext() called with NULL "
- "rend_intro_cell_t");
- }
-
- status = -2;
- goto err;
- }
-
- /* Check that we have plaintext */
- if (!(intro->plaintext) || intro->plaintext_len <= 0) {
- if (err_msg_out) {
- err_msg = tor_strdup("rend_intro_cell_t was missing plaintext");
- }
- status = -3;
- goto err;
- }
-
- /* In all formats except v0, the first byte is a version number */
- version = intro->plaintext[0];
-
- /* v0 has no version byte (stupid...), so handle it as a fallback */
- if (version > 3) version = 0;
-
- /* Copy the version into the parsed cell structure */
- intro->version = version;
-
- /* Call the version-specific parser from the table */
- ver_specific_len =
- intro_version_handlers[version](intro,
- intro->plaintext, intro->plaintext_len,
- &err_msg);
- if (ver_specific_len < 0) {
- status = -4;
- goto err;
- }
-
- /** The rendezvous cookie and Diffie-Hellman stuff are version-invariant
- * and at the end of the plaintext of the encrypted part of the cell.
- */
-
- ver_invariant_len = intro->plaintext_len - ver_specific_len;
- if (ver_invariant_len < REND_COOKIE_LEN + DH1024_KEY_LEN) {
- tor_asprintf(&err_msg,
- "decrypted plaintext of INTRODUCE%d cell was truncated (%ld bytes)",
- (int)(intro->type),
- (long)(intro->plaintext_len));
- status = -5;
- goto err;
- } else if (ver_invariant_len > REND_COOKIE_LEN + DH1024_KEY_LEN) {
- tor_asprintf(&err_msg,
- "decrypted plaintext of INTRODUCE%d cell was too long (%ld bytes)",
- (int)(intro->type),
- (long)(intro->plaintext_len));
- status = -6;
- goto err;
- } else {
- memcpy(intro->rc,
- intro->plaintext + ver_specific_len,
- REND_COOKIE_LEN);
- memcpy(intro->dh,
- intro->plaintext + ver_specific_len + REND_COOKIE_LEN,
- DH1024_KEY_LEN);
- }
-
- /* Flag it as being fully parsed */
- intro->parsed = 1;
-
- status = 0;
- goto done;
-
- err:
- if (err_msg_out && !err_msg) {
- tor_asprintf(&err_msg,
- "unknown INTRODUCE%d error parsing encrypted part",
- intro ? (int)(intro->type) : -1);
- }
-
- done:
- if (err_msg_out) *err_msg_out = err_msg;
- else tor_free(err_msg);
-
- return status;
-}
-
-/** Do validity checks on a parsed intro cell after decryption; some of
- * these are not done in rend_service_parse_intro_plaintext() itself because
- * they depend on a lot of other state and would make it hard to unit test.
- * Returns >= 0 if successful or < 0 if the intro cell is invalid, and
- * optionally writes out an error message for logging. If an err_msg
- * pointer is provided, it is the caller's responsibility to free any
- * provided message.
- */
-
-int
-rend_service_validate_intro_late(const rend_intro_cell_t *intro,
- char **err_msg_out)
-{
- int status = 0;
-
- if (!intro) {
- if (err_msg_out)
- *err_msg_out =
- tor_strdup("NULL intro cell passed to "
- "rend_service_validate_intro_late()");
-
- status = -1;
- goto err;
- }
-
- if (intro->version == 3 && intro->parsed) {
- if (!(intro->u.v3.auth_type == REND_NO_AUTH ||
- intro->u.v3.auth_type == REND_BASIC_AUTH ||
- intro->u.v3.auth_type == REND_STEALTH_AUTH)) {
- /* This is an informative message, not an error, as in the old code */
- if (err_msg_out)
- tor_asprintf(err_msg_out,
- "unknown authorization type %d",
- intro->u.v3.auth_type);
- }
- }
-
- err:
- return status;
-}
-
-/** Called when we fail building a rendezvous circuit at some point other
- * than the last hop: launches a new circuit to the same rendezvous point.
- */
-void
-rend_service_relaunch_rendezvous(origin_circuit_t *oldcirc)
-{
- origin_circuit_t *newcirc;
- cpath_build_state_t *newstate, *oldstate;
- const char *rend_pk_digest;
- rend_service_t *service = NULL;
-
- int flags = CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_IS_INTERNAL;
-
- tor_assert(oldcirc->base_.purpose == CIRCUIT_PURPOSE_S_CONNECT_REND);
- oldstate = oldcirc->build_state;
- tor_assert(oldstate);
-
- if (oldstate->service_pending_final_cpath_ref == NULL) {
- log_info(LD_REND,"Skipping relaunch of circ that failed on its first hop. "
- "Initiator will retry.");
- return;
- }
-
- log_info(LD_REND,"Reattempting rendezvous circuit to '%s'",
- safe_str(extend_info_describe(oldstate->chosen_exit)));
-
- /* Look up the service. */
- rend_pk_digest = (char *) rend_data_get_pk_digest(oldcirc->rend_data, NULL);
- service = rend_service_get_by_pk_digest(rend_pk_digest);
-
- if (!service) {
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
-
- log_warn(LD_BUG, "Internal error: Trying to relaunch a rendezvous circ "
- "for an unrecognized service %s.",
- safe_str_client(serviceid));
- return;
- }
-
- if (hs_service_requires_uptime_circ(service->ports)) {
- flags |= CIRCLAUNCH_NEED_UPTIME;
- }
-
- /* You'd think Single Onion Services would want to retry the rendezvous
- * using a direct connection. But if it's blocked by a firewall, or the
- * service is IPv6-only, or the rend point avoiding becoming a one-hop
- * proxy, we need a 3-hop connection. */
- newcirc = circuit_launch_by_extend_info(CIRCUIT_PURPOSE_S_CONNECT_REND,
- oldstate->chosen_exit, flags);
-
- if (!newcirc) {
- log_warn(LD_REND,"Couldn't relaunch rendezvous circuit to '%s'.",
- safe_str(extend_info_describe(oldstate->chosen_exit)));
- return;
- }
- newstate = newcirc->build_state;
- tor_assert(newstate);
- newstate->failure_count = oldstate->failure_count+1;
- newstate->expiry_time = oldstate->expiry_time;
- newstate->service_pending_final_cpath_ref =
- oldstate->service_pending_final_cpath_ref;
- ++(newstate->service_pending_final_cpath_ref->refcount);
-
- newcirc->rend_data = rend_data_dup(oldcirc->rend_data);
-}
-
-/** Launch a circuit to serve as an introduction point for the service
- * <b>service</b> at the introduction point <b>nickname</b>
- */
-static int
-rend_service_launch_establish_intro(rend_service_t *service,
- rend_intro_point_t *intro)
-{
- origin_circuit_t *launched;
- int flags = CIRCLAUNCH_NEED_UPTIME|CIRCLAUNCH_IS_INTERNAL;
- const or_options_t *options = get_options();
- extend_info_t *launch_ei = intro->extend_info;
- extend_info_t *direct_ei = NULL;
-
- /* Are we in single onion mode?
- *
- * We only use a one-hop path on the first attempt. If the first attempt
- * fails, we use a 3-hop path for reachability / reliability.
- * (Unlike v3, retries is incremented by the caller after it calls this
- * function.)
- */
- if (rend_service_allow_non_anonymous_connection(options) &&
- intro->circuit_retries == 0) {
- /* Do we have a descriptor for the node?
- * We've either just chosen it from the consensus, or we've just reviewed
- * our intro points to see which ones are still valid, and deleted the ones
- * that aren't in the consensus any more. */
- const node_t *node = node_get_by_id(launch_ei->identity_digest);
- if (BUG(!node)) {
- /* The service has kept an intro point after it went missing from the
- * consensus. If we did anything else here, it would be a consensus
- * distinguisher. Which are less of an issue for single onion services,
- * but still a bug. */
- return -1;
- }
- /* Can we connect to the node directly? If so, replace launch_ei
- * (a multi-hop extend_info) with one suitable for direct connection. */
- if (rend_service_use_direct_connection_node(options, node)) {
- direct_ei = extend_info_from_node(node, 1);
- if (BUG(!direct_ei)) {
- /* rend_service_use_direct_connection_node and extend_info_from_node
- * disagree about which addresses on this node are permitted. This
- * should never happen. Avoiding the connection is a safe response. */
- return -1;
- }
- flags = flags | CIRCLAUNCH_ONEHOP_TUNNEL;
- launch_ei = direct_ei;
- }
- }
- /* launch_ei is either intro->extend_info, or has been replaced with a valid
- * extend_info for single onion service direct connection. */
- tor_assert(launch_ei);
- /* We must have the same intro when making a direct connection. */
- tor_assert(tor_memeq(intro->extend_info->identity_digest,
- launch_ei->identity_digest,
- DIGEST_LEN));
-
- log_info(LD_REND,
- "Launching circuit to introduction point %s%s%s for service %s",
- safe_str_client(extend_info_describe(intro->extend_info)),
- direct_ei ? " via direct address " : "",
- direct_ei ? safe_str_client(extend_info_describe(direct_ei)) : "",
- service->service_id);
-
- rep_hist_note_used_internal(time(NULL), 1, 0);
-
- ++service->n_intro_circuits_launched;
- launched = circuit_launch_by_extend_info(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO,
- launch_ei, flags);
-
- if (!launched) {
- log_info(LD_REND,
- "Can't launch circuit to establish introduction at %s%s%s.",
- safe_str_client(extend_info_describe(intro->extend_info)),
- direct_ei ? " via direct address " : "",
- direct_ei ? safe_str_client(extend_info_describe(direct_ei)) : ""
- );
- extend_info_free(direct_ei);
- return -1;
- }
- /* We must have the same exit node even if cannibalized or direct connection.
- */
- tor_assert(tor_memeq(intro->extend_info->identity_digest,
- launched->build_state->chosen_exit->identity_digest,
- DIGEST_LEN));
-
- launched->rend_data = rend_data_service_create(service->service_id,
- service->pk_digest, NULL,
- service->auth_type);
- launched->intro_key = crypto_pk_dup_key(intro->intro_key);
- if (launched->base_.state == CIRCUIT_STATE_OPEN)
- rend_service_intro_has_opened(launched);
- extend_info_free(direct_ei);
- return 0;
-}
-
-/** Return the number of introduction points that are established for the
- * given service. */
-static unsigned int
-count_established_intro_points(const rend_service_t *service)
-{
- unsigned int num = 0;
-
- SMARTLIST_FOREACH(service->intro_nodes, rend_intro_point_t *, intro,
- num += intro->circuit_established
- );
- return num;
-}
-
-/** Return the number of introduction points that are or are being
- * established for the given service. This function iterates over all
- * circuit and count those that are linked to the service and are waiting
- * for the intro point to respond. */
-static unsigned int
-count_intro_point_circuits(const rend_service_t *service)
-{
- unsigned int num_ipos = 0;
- SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
- if (!circ->marked_for_close &&
- circ->state == CIRCUIT_STATE_OPEN &&
- (circ->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO ||
- circ->purpose == CIRCUIT_PURPOSE_S_INTRO)) {
- origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ);
- if (oc->rend_data &&
- rend_circuit_pk_digest_eq(oc, (uint8_t *) service->pk_digest)) {
- num_ipos++;
- }
- }
- }
- SMARTLIST_FOREACH_END(circ);
- return num_ipos;
-}
-
-/* Given a buffer of at least RELAY_PAYLOAD_SIZE bytes in <b>cell_body_out</b>,
- write the body of a legacy ESTABLISH_INTRO cell in it. Use <b>intro_key</b>
- as the intro point auth key, and <b>rend_circ_nonce</b> as the circuit
- crypto material. On success, fill <b>cell_body_out</b> and return the number
- of bytes written. On fail, return -1.
- */
-ssize_t
-rend_service_encode_establish_intro_cell(char *cell_body_out,
- size_t cell_body_out_len,
- crypto_pk_t *intro_key,
- const char *rend_circ_nonce)
-{
- int retval = -1;
- int r;
- int len = 0;
- char auth[DIGEST_LEN + 9];
-
- tor_assert(intro_key);
- tor_assert(rend_circ_nonce);
-
- /* Build the payload for a RELAY_ESTABLISH_INTRO cell. */
- r = crypto_pk_asn1_encode(intro_key, cell_body_out+2,
- RELAY_PAYLOAD_SIZE-2);
- if (r < 0) {
- log_warn(LD_BUG, "Internal error; failed to establish intro point.");
- goto err;
- }
- len = r;
- set_uint16(cell_body_out, htons((uint16_t)len));
- len += 2;
- memcpy(auth, rend_circ_nonce, DIGEST_LEN);
- memcpy(auth+DIGEST_LEN, "INTRODUCE", 9);
- if (crypto_digest(cell_body_out+len, auth, DIGEST_LEN+9))
- goto err;
- len += 20;
- r = crypto_pk_private_sign_digest(intro_key, cell_body_out+len,
- cell_body_out_len - len,
- cell_body_out, len);
- if (r<0) {
- log_warn(LD_BUG, "Internal error: couldn't sign introduction request.");
- goto err;
- }
- len += r;
-
- retval = len;
-
- err:
- memwipe(auth, 0, sizeof(auth));
-
- return retval;
-}
-
-/** Called when we're done building a circuit to an introduction point:
- * sends a RELAY_ESTABLISH_INTRO cell.
- */
-void
-rend_service_intro_has_opened(origin_circuit_t *circuit)
-{
- rend_service_t *service;
- char buf[RELAY_PAYLOAD_SIZE];
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- unsigned int expiring_nodes_len, num_ip_circuits, valid_ip_circuits = 0;
- int reason = END_CIRC_REASON_TORPROTOCOL;
- const char *rend_pk_digest;
-
- tor_assert(circuit->base_.purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO);
- assert_circ_anonymity_ok(circuit, get_options());
- tor_assert(circuit->cpath);
- tor_assert(circuit->rend_data);
- /* XXX: This is version 2 specific (only on supported). */
- rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data, NULL);
-
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
-
- service = rend_service_get_by_pk_digest(rend_pk_digest);
- if (!service) {
- log_warn(LD_REND, "Unrecognized service ID %s on introduction circuit %u.",
- safe_str_client(serviceid), (unsigned)circuit->base_.n_circ_id);
- reason = END_CIRC_REASON_NOSUCHSERVICE;
- goto err;
- }
-
- /* Take the current amount of expiring nodes and the current amount of IP
- * circuits and compute how many valid IP circuits we have. */
- expiring_nodes_len = (unsigned int) smartlist_len(service->expiring_nodes);
- num_ip_circuits = count_intro_point_circuits(service);
- /* Let's avoid an underflow. The valid_ip_circuits is initialized to 0 in
- * case this condition turns out false because it means that all circuits
- * are expiring so we need to keep this circuit. */
- if (num_ip_circuits > expiring_nodes_len) {
- valid_ip_circuits = num_ip_circuits - expiring_nodes_len;
- }
-
- /* If we already have enough introduction circuits for this service,
- * redefine this one as a general circuit or close it, depending.
- * Subtract the amount of expiring nodes here because the circuits are
- * still opened. */
- if (valid_ip_circuits > service->n_intro_points_wanted) {
- const or_options_t *options = get_options();
- /* Remove the intro point associated with this circuit, it's being
- * repurposed or closed thus cleanup memory. */
- rend_intro_point_t *intro = find_intro_point(circuit);
- if (intro != NULL) {
- smartlist_remove(service->intro_nodes, intro);
- rend_intro_point_free(intro);
- }
-
- if (options->ExcludeNodes) {
- /* XXXX in some future version, we can test whether the transition is
- allowed or not given the actual nodes in the circuit. But for now,
- this case, we might as well close the thing. */
- log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
- "circuit, but we already have enough. Closing it.");
- reason = END_CIRC_REASON_NONE;
- goto err;
- } else {
- tor_assert(circuit->build_state->is_internal);
- log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
- "circuit, but we already have enough. Redefining purpose to "
- "general; leaving as internal.");
-
- if (circuit_should_use_vanguards(TO_CIRCUIT(circuit)->purpose)) {
- circuit_change_purpose(TO_CIRCUIT(circuit),
- CIRCUIT_PURPOSE_HS_VANGUARDS);
- } else {
- circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_C_GENERAL);
- }
-
- {
- rend_data_free(circuit->rend_data);
- circuit->rend_data = NULL;
- }
- {
- crypto_pk_t *intro_key = circuit->intro_key;
- circuit->intro_key = NULL;
- crypto_pk_free(intro_key);
- }
-
- circuit_has_opened(circuit);
- goto done;
- }
- }
-
- log_info(LD_REND,
- "Established circuit %u as introduction point for service %s",
- (unsigned)circuit->base_.n_circ_id, serviceid);
- circuit_log_path(LOG_INFO, LD_REND, circuit);
-
- /* Send the ESTABLISH_INTRO cell */
- {
- ssize_t len;
- len = rend_service_encode_establish_intro_cell(buf, sizeof(buf),
- circuit->intro_key,
- circuit->cpath->prev->rend_circ_nonce);
- if (len < 0) {
- reason = END_CIRC_REASON_INTERNAL;
- goto err;
- }
-
- if (relay_send_command_from_edge(0, TO_CIRCUIT(circuit),
- RELAY_COMMAND_ESTABLISH_INTRO,
- buf, len, circuit->cpath->prev)<0) {
- log_info(LD_GENERAL,
- "Couldn't send introduction request for service %s on circuit %u",
- serviceid, (unsigned)circuit->base_.n_circ_id);
- goto done;
- }
- }
-
- /* We've attempted to use this circuit */
- pathbias_count_use_attempt(circuit);
-
- goto done;
-
- err:
- circuit_mark_for_close(TO_CIRCUIT(circuit), reason);
- done:
- memwipe(buf, 0, sizeof(buf));
- memwipe(serviceid, 0, sizeof(serviceid));
-
- return;
-}
-
-/** Called when we get an INTRO_ESTABLISHED cell; mark the circuit as a
- * live introduction point, and note that the service descriptor is
- * now out-of-date. */
-int
-rend_service_intro_established(origin_circuit_t *circuit,
- const uint8_t *request,
- size_t request_len)
-{
- rend_service_t *service;
- rend_intro_point_t *intro;
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- (void) request;
- (void) request_len;
- tor_assert(circuit->rend_data);
- /* XXX: This is version 2 specific (only supported one for now). */
- const char *rend_pk_digest =
- (char *) rend_data_get_pk_digest(circuit->rend_data, NULL);
-
- if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_ESTABLISH_INTRO) {
- log_warn(LD_PROTOCOL,
- "received INTRO_ESTABLISHED cell on non-intro circuit.");
- goto err;
- }
- service = rend_service_get_by_pk_digest(rend_pk_digest);
- if (!service) {
- log_warn(LD_REND, "Unknown service on introduction circuit %u.",
- (unsigned)circuit->base_.n_circ_id);
- goto err;
- }
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32 + 1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
- /* We've just successfully established a intro circuit to one of our
- * introduction point, account for it. */
- intro = find_intro_point(circuit);
- if (intro == NULL) {
- log_warn(LD_REND,
- "Introduction circuit established without a rend_intro_point_t "
- "object for service %s on circuit %u",
- safe_str_client(serviceid), (unsigned)circuit->base_.n_circ_id);
- goto err;
- }
- intro->circuit_established = 1;
- /* We might not have every introduction point ready but at this point we
- * know that the descriptor needs to be uploaded. */
- service->desc_is_dirty = time(NULL);
- circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_S_INTRO);
-
- log_info(LD_REND,
- "Received INTRO_ESTABLISHED cell on circuit %u for service %s",
- (unsigned)circuit->base_.n_circ_id, serviceid);
-
- /* Getting a valid INTRODUCE_ESTABLISHED means we've successfully
- * used the circ */
- pathbias_mark_use_success(circuit);
-
- return 0;
- err:
- circuit_mark_for_close(TO_CIRCUIT(circuit), END_CIRC_REASON_TORPROTOCOL);
- return -1;
-}
-
-/** Called once a circuit to a rendezvous point is established: sends a
- * RELAY_COMMAND_RENDEZVOUS1 cell.
- */
-void
-rend_service_rendezvous_has_opened(origin_circuit_t *circuit)
-{
- rend_service_t *service;
- char buf[RELAY_PAYLOAD_SIZE];
- crypt_path_t *hop;
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- char hexcookie[9];
- int reason;
- const char *rend_cookie, *rend_pk_digest;
-
- tor_assert(circuit->base_.purpose == CIRCUIT_PURPOSE_S_CONNECT_REND);
- tor_assert(circuit->cpath);
- tor_assert(circuit->build_state);
- assert_circ_anonymity_ok(circuit, get_options());
- tor_assert(circuit->rend_data);
-
- /* XXX: This is version 2 specific (only one supported). */
- rend_pk_digest = (char *) rend_data_get_pk_digest(circuit->rend_data,
- NULL);
- rend_cookie = circuit->rend_data->rend_cookie;
-
- /* Declare the circuit dirty to avoid reuse, and for path-bias. We set the
- * timestamp regardless of its content because that circuit could have been
- * cannibalized so in any cases, we are about to use that circuit more. */
- circuit->base_.timestamp_dirty = time(NULL);
-
- /* This may be redundant */
- pathbias_count_use_attempt(circuit);
-
- hop = circuit->build_state->service_pending_final_cpath_ref->cpath;
-
- base16_encode(hexcookie,9, rend_cookie,4);
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
-
- log_info(LD_REND,
- "Done building circuit %u to rendezvous with "
- "cookie %s for service %s",
- (unsigned)circuit->base_.n_circ_id, hexcookie, serviceid);
- circuit_log_path(LOG_INFO, LD_REND, circuit);
-
- /* Clear the 'in-progress HS circ has timed out' flag for
- * consistency with what happens on the client side; this line has
- * no effect on Tor's behaviour. */
- circuit->hs_circ_has_timed_out = 0;
-
- /* If hop is NULL, another rend circ has already connected to this
- * rend point. Close this circ. */
- if (hop == NULL) {
- log_info(LD_REND, "Another rend circ has already reached this rend point; "
- "closing this rend circ.");
- reason = END_CIRC_REASON_NONE;
- goto err;
- }
-
- /* Remove our final cpath element from the reference, so that no
- * other circuit will try to use it. Store it in
- * pending_final_cpath for now to ensure that it will be freed if
- * our rendezvous attempt fails. */
- circuit->build_state->pending_final_cpath = hop;
- circuit->build_state->service_pending_final_cpath_ref->cpath = NULL;
-
- service = rend_service_get_by_pk_digest(rend_pk_digest);
- if (!service) {
- log_warn(LD_GENERAL, "Internal error: unrecognized service ID on "
- "rendezvous circuit.");
- reason = END_CIRC_REASON_INTERNAL;
- goto err;
- }
-
- /* All we need to do is send a RELAY_RENDEZVOUS1 cell... */
- memcpy(buf, rend_cookie, REND_COOKIE_LEN);
- if (crypto_dh_get_public(hop->rend_dh_handshake_state,
- buf+REND_COOKIE_LEN, DH1024_KEY_LEN)<0) {
- log_warn(LD_GENERAL,"Couldn't get DH public key.");
- reason = END_CIRC_REASON_INTERNAL;
- goto err;
- }
- memcpy(buf+REND_COOKIE_LEN+DH1024_KEY_LEN, hop->rend_circ_nonce,
- DIGEST_LEN);
-
- /* Send the cell */
- if (relay_send_command_from_edge(0, TO_CIRCUIT(circuit),
- RELAY_COMMAND_RENDEZVOUS1,
- buf, HS_LEGACY_RENDEZVOUS_CELL_SIZE,
- circuit->cpath->prev)<0) {
- log_warn(LD_GENERAL, "Couldn't send RENDEZVOUS1 cell.");
- goto done;
- }
-
- crypto_dh_free(hop->rend_dh_handshake_state);
- hop->rend_dh_handshake_state = NULL;
-
- /* Append the cpath entry. */
- hop->state = CPATH_STATE_OPEN;
- /* set the windows to default. these are the windows
- * that the service thinks the client has.
- */
- hop->package_window = circuit_initial_package_window();
- hop->deliver_window = CIRCWINDOW_START;
-
- cpath_extend_linked_list(&circuit->cpath, hop);
- circuit->build_state->pending_final_cpath = NULL; /* prevent double-free */
-
- /* Change the circuit purpose. */
- circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_S_REND_JOINED);
-
- goto done;
-
- err:
- circuit_mark_for_close(TO_CIRCUIT(circuit), reason);
- done:
- memwipe(buf, 0, sizeof(buf));
- memwipe(serviceid, 0, sizeof(serviceid));
- memwipe(hexcookie, 0, sizeof(hexcookie));
-
- return;
-}
-
-/*
- * Manage introduction points
- */
-
-/** Return the (possibly non-open) introduction circuit ending at
- * <b>intro</b> for the service whose public key is <b>pk_digest</b>.
- * (<b>desc_version</b> is ignored). Return NULL if no such service is
- * found.
- */
-static origin_circuit_t *
-find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest)
-{
- origin_circuit_t *circ = NULL;
-
- tor_assert(intro);
- while ((circ = circuit_get_next_by_pk_and_purpose(circ,
- (uint8_t *) pk_digest, CIRCUIT_PURPOSE_S_INTRO))) {
- if (tor_memeq(circ->build_state->chosen_exit->identity_digest,
- intro->extend_info->identity_digest, DIGEST_LEN) &&
- circ->rend_data) {
- return circ;
- }
- }
-
- circ = NULL;
- while ((circ = circuit_get_next_by_pk_and_purpose(circ,
- (uint8_t *) pk_digest,
- CIRCUIT_PURPOSE_S_ESTABLISH_INTRO))) {
- if (tor_memeq(circ->build_state->chosen_exit->identity_digest,
- intro->extend_info->identity_digest, DIGEST_LEN) &&
- circ->rend_data) {
- return circ;
- }
- }
- return NULL;
-}
-
-/** Return the corresponding introdution point using the circuit <b>circ</b>
- * found in the <b>service</b>. NULL is returned if not found. */
-static rend_intro_point_t *
-find_expiring_intro_point(rend_service_t *service, origin_circuit_t *circ)
-{
- tor_assert(service);
- tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO ||
- TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_INTRO);
-
- SMARTLIST_FOREACH(service->expiring_nodes, rend_intro_point_t *,
- intro_point,
- if (crypto_pk_eq_keys(intro_point->intro_key, circ->intro_key)) {
- return intro_point;
- });
-
- return NULL;
-}
-
-/** Return a pointer to the rend_intro_point_t corresponding to the
- * service-side introduction circuit <b>circ</b>. */
-static rend_intro_point_t *
-find_intro_point(origin_circuit_t *circ)
-{
- const char *serviceid;
- rend_service_t *service = NULL;
-
- tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO ||
- TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_INTRO);
- tor_assert(circ->rend_data);
- serviceid = rend_data_get_address(circ->rend_data);
-
- SMARTLIST_FOREACH(rend_service_list, rend_service_t *, s,
- if (tor_memeq(s->service_id, serviceid, REND_SERVICE_ID_LEN_BASE32)) {
- service = s;
- break;
- });
-
- if (service == NULL) return NULL;
-
- SMARTLIST_FOREACH(service->intro_nodes, rend_intro_point_t *, intro_point,
- if (crypto_pk_eq_keys(intro_point->intro_key, circ->intro_key)) {
- return intro_point;
- });
-
- return NULL;
-}
-
-/** Upload the rend_encoded_v2_service_descriptor_t's in <b>descs</b>
- * associated with the rend_service_descriptor_t <b>renddesc</b> to
- * the responsible hidden service directories OR the hidden service
- * directories specified by <b>hs_dirs</b>; <b>service_id</b> and
- * <b>seconds_valid</b> are only passed for logging purposes.
- */
-void
-directory_post_to_hs_dir(rend_service_descriptor_t *renddesc,
- smartlist_t *descs, smartlist_t *hs_dirs,
- const char *service_id, int seconds_valid)
-{
- int i, j, failed_upload = 0;
- smartlist_t *responsible_dirs = smartlist_new();
- smartlist_t *successful_uploads = smartlist_new();
- routerstatus_t *hs_dir;
- for (i = 0; i < smartlist_len(descs); i++) {
- rend_encoded_v2_service_descriptor_t *desc = smartlist_get(descs, i);
- /** If any HSDirs are specified, they should be used instead of
- * the responsible directories */
- if (hs_dirs && smartlist_len(hs_dirs) > 0) {
- smartlist_add_all(responsible_dirs, hs_dirs);
- } else {
- /* Determine responsible dirs. */
- if (hid_serv_get_responsible_directories(responsible_dirs,
- desc->desc_id) < 0) {
- log_warn(LD_REND, "Could not determine the responsible hidden service "
- "directories to post descriptors to.");
- control_event_hs_descriptor_upload(service_id,
- "UNKNOWN",
- "UNKNOWN", NULL);
- goto done;
- }
- }
- for (j = 0; j < smartlist_len(responsible_dirs); j++) {
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- char *hs_dir_ip;
- const node_t *node;
- rend_data_t *rend_data;
- hs_dir = smartlist_get(responsible_dirs, j);
- if (smartlist_contains_digest(renddesc->successful_uploads,
- hs_dir->identity_digest))
- /* Don't upload descriptor if we succeeded in doing so last time. */
- continue;
- node = node_get_by_id(hs_dir->identity_digest);
- if (!node || !node_has_preferred_descriptor(node,0)) {
- log_info(LD_REND, "Not launching upload for for v2 descriptor to "
- "hidden service directory %s; we don't have its "
- "router descriptor. Queuing for later upload.",
- safe_str_client(routerstatus_describe(hs_dir)));
- failed_upload = -1;
- continue;
- }
- /* Send publish request. */
-
- /* We need the service ID to identify which service did the upload
- * request. Lookup is made in rend_service_desc_has_uploaded(). */
- rend_data = rend_data_client_create(service_id, desc->desc_id, NULL,
- REND_NO_AUTH);
- directory_request_t *req =
- directory_request_new(DIR_PURPOSE_UPLOAD_RENDDESC_V2);
- directory_request_set_routerstatus(req, hs_dir);
- directory_request_set_indirection(req, DIRIND_ANONYMOUS);
- directory_request_set_payload(req,
- desc->desc_str, strlen(desc->desc_str));
- directory_request_set_rend_query(req, rend_data);
- directory_initiate_request(req);
- directory_request_free(req);
-
- rend_data_free(rend_data);
- base32_encode(desc_id_base32, sizeof(desc_id_base32),
- desc->desc_id, DIGEST_LEN);
- hs_dir_ip = tor_addr_to_str_dup(&hs_dir->ipv4_addr);
- if (hs_dir_ip) {
- log_info(LD_REND, "Launching upload for v2 descriptor for "
- "service '%s' with descriptor ID '%s' with validity "
- "of %d seconds to hidden service directory '%s' on "
- "%s:%d.",
- safe_str_client(service_id),
- safe_str_client(desc_id_base32),
- seconds_valid,
- hs_dir->nickname,
- hs_dir_ip,
- hs_dir->ipv4_orport);
- tor_free(hs_dir_ip);
- }
-
- control_event_hs_descriptor_upload(service_id,
- hs_dir->identity_digest,
- desc_id_base32, NULL);
- /* Remember successful upload to this router for next time. */
- if (!smartlist_contains_digest(successful_uploads,
- hs_dir->identity_digest))
- smartlist_add(successful_uploads, hs_dir->identity_digest);
- }
- smartlist_clear(responsible_dirs);
- }
- if (!failed_upload) {
- if (renddesc->successful_uploads) {
- SMARTLIST_FOREACH(renddesc->successful_uploads, char *, c, tor_free(c););
- smartlist_free(renddesc->successful_uploads);
- renddesc->successful_uploads = NULL;
- }
- renddesc->all_uploads_performed = 1;
- } else {
- /* Remember which routers worked this time, so that we don't upload the
- * descriptor to them again. */
- if (!renddesc->successful_uploads)
- renddesc->successful_uploads = smartlist_new();
- SMARTLIST_FOREACH(successful_uploads, const char *, c, {
- if (!smartlist_contains_digest(renddesc->successful_uploads, c)) {
- char *hsdir_id = tor_memdup(c, DIGEST_LEN);
- smartlist_add(renddesc->successful_uploads, hsdir_id);
- }
- });
- }
- done:
- smartlist_free(responsible_dirs);
- smartlist_free(successful_uploads);
-}
-
-/** Encode and sign an up-to-date service descriptor for <b>service</b>,
- * and upload it/them to the responsible hidden service directories.
- */
-static void
-upload_service_descriptor(rend_service_t *service)
-{
- time_t now = time(NULL);
- int rendpostperiod;
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- int uploaded = 0;
-
- rendpostperiod = get_options()->RendPostPeriod;
-
- networkstatus_t *c = networkstatus_get_latest_consensus();
- if (c && smartlist_len(c->routerstatus_list) > 0) {
- int seconds_valid, i, j, num_descs;
- smartlist_t *descs = smartlist_new();
- smartlist_t *client_cookies = smartlist_new();
- /* Either upload a single descriptor (including replicas) or one
- * descriptor for each authorized client in case of authorization
- * type 'stealth'. */
- num_descs = service->auth_type == REND_STEALTH_AUTH ?
- smartlist_len(service->clients) : 1;
- for (j = 0; j < num_descs; j++) {
- crypto_pk_t *client_key = NULL;
- rend_authorized_client_t *client = NULL;
- smartlist_clear(client_cookies);
- switch (service->auth_type) {
- case REND_NO_AUTH:
- case REND_V3_AUTH:
- /* Do nothing here. */
- break;
- case REND_BASIC_AUTH:
- SMARTLIST_FOREACH(service->clients, rend_authorized_client_t *,
- cl, smartlist_add(client_cookies, cl->descriptor_cookie));
- break;
- case REND_STEALTH_AUTH:
- client = smartlist_get(service->clients, j);
- client_key = client->client_key;
- smartlist_add(client_cookies, client->descriptor_cookie);
- break;
- }
- /* Encode the current descriptor. */
- seconds_valid = rend_encode_v2_descriptors(descs, service->desc,
- now, 0,
- service->auth_type,
- client_key,
- client_cookies);
- if (seconds_valid < 0) {
- log_warn(LD_BUG, "Internal error: couldn't encode service "
- "descriptor; not uploading.");
- smartlist_free(descs);
- smartlist_free(client_cookies);
- return;
- }
- rend_get_service_id(service->desc->pk, serviceid);
- if (get_options()->PublishHidServDescriptors) {
- /* Post the current descriptors to the hidden service directories. */
- /* This log message is used by Chutney as part of its bootstrap
- * detection mechanism. Please don't change without first checking
- * Chutney. */
- log_info(LD_REND, "Launching upload for hidden service %s",
- serviceid);
- directory_post_to_hs_dir(service->desc, descs, NULL, serviceid,
- seconds_valid);
- }
- /* Free memory for descriptors. */
- for (i = 0; i < smartlist_len(descs); i++)
- rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
- smartlist_clear(descs);
- /* Update next upload time. */
- if (seconds_valid - REND_TIME_PERIOD_OVERLAPPING_V2_DESCS
- > rendpostperiod)
- service->next_upload_time = now + rendpostperiod;
- else if (seconds_valid < REND_TIME_PERIOD_OVERLAPPING_V2_DESCS)
- service->next_upload_time = now + seconds_valid + 1;
- else
- service->next_upload_time = now + seconds_valid -
- REND_TIME_PERIOD_OVERLAPPING_V2_DESCS + 1;
- /* Post also the next descriptors, if necessary. */
- if (seconds_valid < REND_TIME_PERIOD_OVERLAPPING_V2_DESCS) {
- seconds_valid = rend_encode_v2_descriptors(descs, service->desc,
- now, 1,
- service->auth_type,
- client_key,
- client_cookies);
- if (seconds_valid < 0) {
- log_warn(LD_BUG, "Internal error: couldn't encode service "
- "descriptor; not uploading.");
- smartlist_free(descs);
- smartlist_free(client_cookies);
- return;
- }
- if (get_options()->PublishHidServDescriptors) {
- directory_post_to_hs_dir(service->desc, descs, NULL, serviceid,
- seconds_valid);
- }
- /* Free memory for descriptors. */
- for (i = 0; i < smartlist_len(descs); i++)
- rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
- smartlist_clear(descs);
- }
- }
- smartlist_free(descs);
- smartlist_free(client_cookies);
- uploaded = 1;
- if (get_options()->PublishHidServDescriptors) {
- log_info(LD_REND, "Successfully uploaded v2 rend descriptors!");
- } else {
- log_info(LD_REND, "Successfully stored created v2 rend descriptors!");
- }
- }
-
- /* If not uploaded, try again in one minute. */
- if (!uploaded)
- service->next_upload_time = now + 60;
-
- /* Unmark dirty flag of this service. */
- service->desc_is_dirty = 0;
-}
-
-/** Return the number of INTRODUCE2 cells this hidden service has received
- * from this intro point. */
-static int
-intro_point_accepted_intro_count(rend_intro_point_t *intro)
-{
- return intro->accepted_introduce2_count;
-}
-
-/** Return non-zero iff <b>intro</b> should 'expire' now (i.e. we
- * should stop publishing it in new descriptors and eventually close
- * it). */
-static int
-intro_point_should_expire_now(rend_intro_point_t *intro,
- time_t now)
-{
- tor_assert(intro != NULL);
-
- if (intro->time_published == -1) {
- /* Don't expire an intro point if we haven't even published it yet. */
- return 0;
- }
-
- if (intro_point_accepted_intro_count(intro) >=
- intro->max_introductions) {
- /* This intro point has been used too many times. Expire it now. */
- return 1;
- }
-
- if (intro->time_to_expire == -1) {
- /* This intro point has been published, but we haven't picked an
- * expiration time for it. Pick one now. */
- int intro_point_lifetime_seconds =
- crypto_rand_int_range(INTRO_POINT_LIFETIME_MIN_SECONDS,
- INTRO_POINT_LIFETIME_MAX_SECONDS);
-
- /* Start the expiration timer now, rather than when the intro
- * point was first published. There shouldn't be much of a time
- * difference. */
- intro->time_to_expire = now + intro_point_lifetime_seconds;
-
- return 0;
- }
-
- /* This intro point has a time to expire set already. Use it. */
- return (now >= intro->time_to_expire);
-}
-
-/** Iterate over intro points in the given service and remove the invalid
- * ones. For an intro point object to be considered invalid, the circuit
- * _and_ node need to have disappeared.
- *
- * If the intro point should expire, it's placed into the expiring_nodes
- * list of the service and removed from the active intro nodes list.
- *
- * If <b>exclude_nodes</b> is not NULL, add the valid nodes to it.
- *
- * If <b>retry_nodes</b> is not NULL, add the valid node to it if the
- * circuit disappeared but the node is still in the consensus. */
-static void
-remove_invalid_intro_points(rend_service_t *service,
- smartlist_t *exclude_nodes,
- smartlist_t *retry_nodes, time_t now)
-{
- tor_assert(service);
-
- /* Remove any expired nodes that doesn't have a circuit. */
- SMARTLIST_FOREACH_BEGIN(service->expiring_nodes, rend_intro_point_t *,
- intro) {
- origin_circuit_t *intro_circ =
- find_intro_circuit(intro, service->pk_digest);
- if (intro_circ) {
- continue;
- }
- /* No more circuit, cleanup the into point object. */
- SMARTLIST_DEL_CURRENT(service->expiring_nodes, intro);
- rend_intro_point_free(intro);
- } SMARTLIST_FOREACH_END(intro);
-
- SMARTLIST_FOREACH_BEGIN(service->intro_nodes, rend_intro_point_t *,
- intro) {
- /* Find the introduction point node object. */
- const node_t *node =
- node_get_by_id(intro->extend_info->identity_digest);
- /* Find the intro circuit, this might be NULL. */
- origin_circuit_t *intro_circ =
- find_intro_circuit(intro, service->pk_digest);
-
- /* Add the valid node to the exclusion list so we don't try to establish
- * an introduction point to it again. */
- if (node && exclude_nodes) {
- smartlist_add(exclude_nodes, (void*) node);
- }
-
- /* First, make sure we still have a valid circuit for this intro point.
- * If we dont, we'll give up on it and make a new one. */
- if (intro_circ == NULL) {
- log_info(LD_REND, "Attempting to retry on %s as intro point for %s"
- " (circuit disappeared).",
- safe_str_client(extend_info_describe(intro->extend_info)),
- safe_str_client(service->service_id));
- /* We've lost the circuit for this intro point, flag it so it can be
- * accounted for when considiring uploading a descriptor. */
- intro->circuit_established = 0;
-
- /* Node is gone or we've reached our maximum circuit creation retry
- * count, clean up everything, we'll find a new one. */
- if (node == NULL ||
- intro->circuit_retries >= MAX_INTRO_POINT_CIRCUIT_RETRIES) {
- rend_intro_point_free(intro);
- SMARTLIST_DEL_CURRENT(service->intro_nodes, intro);
- /* We've just killed the intro point, nothing left to do. */
- continue;
- }
-
- /* The intro point is still alive so let's try to use it again because
- * we have a published descriptor containing it. Keep the intro point
- * in the intro_nodes list because it's still valid, we are rebuilding
- * a circuit to it. */
- if (retry_nodes) {
- smartlist_add(retry_nodes, intro);
- }
- }
- /* else, the circuit is valid so in both cases, node being alive or not,
- * we leave the circuit and intro point object as is. Closing the
- * circuit here would leak new consensus timing and freeing the intro
- * point object would make the intro circuit unusable. */
-
- /* Now, check if intro point should expire. If it does, queue it so
- * it can be cleaned up once it has been replaced properly. */
- if (intro_point_should_expire_now(intro, now)) {
- log_info(LD_REND, "Expiring %s as intro point for %s.",
- safe_str_client(extend_info_describe(intro->extend_info)),
- safe_str_client(service->service_id));
- /* We might have put it in the retry list if so, undo. */
- if (retry_nodes) {
- smartlist_remove(retry_nodes, intro);
- }
- smartlist_add(service->expiring_nodes, intro);
- SMARTLIST_DEL_CURRENT(service->intro_nodes, intro);
- /* Intro point is expired, we need a new one thus don't consider it
- * anymore has a valid established intro point. */
- intro->circuit_established = 0;
- }
- } SMARTLIST_FOREACH_END(intro);
-}
-
-/** A new descriptor has been successfully uploaded for the given
- * <b>rend_data</b>. Remove and free the expiring nodes from the associated
- * service. */
-void
-rend_service_desc_has_uploaded(const rend_data_t *rend_data)
-{
- rend_service_t *service;
- const char *onion_address;
-
- tor_assert(rend_data);
-
- onion_address = rend_data_get_address(rend_data);
-
- service = rend_service_get_by_service_id(onion_address);
- if (service == NULL) {
- return;
- }
-
- SMARTLIST_FOREACH_BEGIN(service->expiring_nodes, rend_intro_point_t *,
- intro) {
- origin_circuit_t *intro_circ =
- find_intro_circuit(intro, service->pk_digest);
- if (intro_circ != NULL) {
- circuit_mark_for_close(TO_CIRCUIT(intro_circ),
- END_CIRC_REASON_FINISHED);
- }
- SMARTLIST_DEL_CURRENT(service->expiring_nodes, intro);
- rend_intro_point_free(intro);
- } SMARTLIST_FOREACH_END(intro);
-}
-
-/** Don't try to build more than this many circuits before giving up
- * for a while. Dynamically calculated based on the configured number of
- * introduction points for the service, n_intro_points_wanted. */
-static int
-rend_max_intro_circs_per_period(unsigned int n_intro_points_wanted)
-{
- /* Allow all but one of the initial connections to fail and be
- * retried. (If all fail, we *want* to wait, because something is broken.) */
- tor_assert(n_intro_points_wanted <= NUM_INTRO_POINTS_MAX);
-
- /* For the normal use case, 3 intro points plus 2 extra for performance and
- * allow that twice because once every 24h or so, we can do it twice for two
- * descriptors that is the current one and the next one. So (3 + 2) * 2 ==
- * 12 allowed attempts for one period. */
- return ((n_intro_points_wanted + NUM_INTRO_POINTS_EXTRA) * 2);
-}
-
-/** For every service, check how many intro points it currently has, and:
- * - Invalidate introdution points based on specific criteria, see
- * remove_invalid_intro_points comments.
- * - Pick new intro points as necessary.
- * - Launch circuits to any new intro points.
- *
- * This is called once a second by the main loop.
- */
-void
-rend_consider_services_intro_points(time_t now)
-{
- int i;
- const or_options_t *options = get_options();
- /* Are we in single onion mode? */
- const int allow_direct = rend_service_allow_non_anonymous_connection(
- get_options());
- /* List of nodes we need to _exclude_ when choosing a new node to
- * establish an intro point to. */
- smartlist_t *exclude_nodes;
- /* List of nodes we need to retry to build a circuit on them because the
- * node is valid but circuit died. */
- smartlist_t *retry_nodes;
-
- if (!have_completed_a_circuit())
- return;
-
- exclude_nodes = smartlist_new();
- retry_nodes = smartlist_new();
-
- SMARTLIST_FOREACH_BEGIN(rend_service_list, rend_service_t *, service) {
- int r;
- /* Number of intro points we want to open and add to the intro nodes
- * list of the service. */
- unsigned int n_intro_points_to_open;
- /* Have an unsigned len so we can use it to compare values else gcc is
- * not happy with unmatching signed comparison. */
- unsigned int intro_nodes_len;
- /* Different service are allowed to have the same introduction point as
- * long as they are on different circuit thus why we clear this list. */
- smartlist_clear(exclude_nodes);
- smartlist_clear(retry_nodes);
-
- /* Cleanup the invalid intro points and save the node objects, if any,
- * in the exclude_nodes and retry_nodes lists. */
- remove_invalid_intro_points(service, exclude_nodes, retry_nodes, now);
-
- /* This retry period is important here so we don't stress circuit
- * creation. */
-
- if (now > service->intro_period_started + INTRO_CIRC_RETRY_PERIOD) {
- /* One period has elapsed:
- * - if we stopped, we can try building circuits again,
- * - if we haven't, we reset the circuit creation counts. */
- rend_log_intro_limit(service, LOG_INFO);
- service->intro_period_started = now;
- service->n_intro_circuits_launched = 0;
- } else if (service->n_intro_circuits_launched >=
- rend_max_intro_circs_per_period(
- service->n_intro_points_wanted)) {
- /* We have failed too many times in this period; wait for the next
- * one before we try to initiate any more connections. */
- rend_log_intro_limit(service, LOG_WARN);
- continue;
- }
-
- /* Let's try to rebuild circuit on the nodes we want to retry on. */
- SMARTLIST_FOREACH_BEGIN(retry_nodes, rend_intro_point_t *, intro) {
- r = rend_service_launch_establish_intro(service, intro);
- if (r < 0) {
- log_warn(LD_REND, "Error launching circuit to node %s for service %s.",
- safe_str_client(extend_info_describe(intro->extend_info)),
- safe_str_client(service->service_id));
- /* Unable to launch a circuit to that intro point, remove it from
- * the valid list so we can create a new one. */
- smartlist_remove(service->intro_nodes, intro);
- rend_intro_point_free(intro);
- continue;
- }
- intro->circuit_retries++;
- } SMARTLIST_FOREACH_END(intro);
-
- /* Avoid mismatched signed comparison below. */
- intro_nodes_len = (unsigned int) smartlist_len(service->intro_nodes);
-
- /* Quiescent state, we have more or the equal amount of wanted node for
- * this service. Proceed to the next service. We can have more nodes
- * because we launch extra preemptive circuits if our intro nodes list was
- * originally empty for performance reasons. */
- if (intro_nodes_len >= service->n_intro_points_wanted) {
- continue;
- }
-
- /* Number of intro points we want to open which is the wanted amount minus
- * the current amount of valid nodes. We know that this won't underflow
- * because of the check above. */
- n_intro_points_to_open = service->n_intro_points_wanted - intro_nodes_len;
- if (intro_nodes_len == 0) {
- /* We want to end up with n_intro_points_wanted intro points, but if
- * we have no intro points at all (chances are they all cycled or we
- * are starting up), we launch NUM_INTRO_POINTS_EXTRA extra circuits
- * and use the first n_intro_points_wanted that complete. See proposal
- * #155, section 4 for the rationale of this which is purely for
- * performance.
- *
- * The ones after the first n_intro_points_to_open will be converted
- * to 'general' internal circuits in rend_service_intro_has_opened(),
- * and then we'll drop them from the list of intro points. */
- n_intro_points_to_open += NUM_INTRO_POINTS_EXTRA;
- }
-
- for (i = 0; i < (int) n_intro_points_to_open; i++) {
- const node_t *node;
- rend_intro_point_t *intro;
- router_crn_flags_t flags = CRN_NEED_UPTIME|CRN_NEED_DESC;
- router_crn_flags_t direct_flags = flags;
- direct_flags |= CRN_PREF_ADDR;
- direct_flags |= CRN_DIRECT_CONN;
-
- node = router_choose_random_node(exclude_nodes,
- options->ExcludeNodes,
- allow_direct ? direct_flags : flags);
- /* If we are in single onion mode, retry node selection for a 3-hop
- * path */
- if (allow_direct && !node) {
- log_info(LD_REND,
- "Unable to find an intro point that we can connect to "
- "directly for %s, falling back to a 3-hop path.",
- safe_str_client(service->service_id));
- node = router_choose_random_node(exclude_nodes,
- options->ExcludeNodes, flags);
- }
-
- if (!node) {
- log_warn(LD_REND,
- "We only have %d introduction points established for %s; "
- "wanted %u.",
- smartlist_len(service->intro_nodes),
- safe_str_client(service->service_id),
- n_intro_points_to_open);
- break;
- }
- /* Add the chosen node to the exclusion list in order to avoid picking
- * it again in the next iteration. */
- smartlist_add(exclude_nodes, (void*)node);
- intro = tor_malloc_zero(sizeof(rend_intro_point_t));
- /* extend_info is for clients, so we want the multi-hop primary ORPort,
- * even if we are a single onion service and intend to connect to it
- * directly ourselves. */
- intro->extend_info = extend_info_from_node(node, 0);
- if (BUG(intro->extend_info == NULL)) {
- tor_free(intro);
- break;
- }
- intro->intro_key = crypto_pk_new();
- const int fail = crypto_pk_generate_key(intro->intro_key);
- tor_assert(!fail);
- intro->time_published = -1;
- intro->time_to_expire = -1;
- intro->max_introductions =
- crypto_rand_int_range(INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS,
- INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS);
- smartlist_add(service->intro_nodes, intro);
- log_info(LD_REND, "Picked router %s as an intro point for %s.",
- safe_str_client(node_describe(node)),
- safe_str_client(service->service_id));
- /* Establish new introduction circuit to our chosen intro point. */
- r = rend_service_launch_establish_intro(service, intro);
- if (r < 0) {
- log_warn(LD_REND, "Error launching circuit to node %s for service %s.",
- safe_str_client(extend_info_describe(intro->extend_info)),
- safe_str_client(service->service_id));
- /* This function will be called again by the main loop so this intro
- * point without a intro circuit will be retried on or removed after
- * a maximum number of attempts. */
- }
- }
- } SMARTLIST_FOREACH_END(service);
- smartlist_free(exclude_nodes);
- smartlist_free(retry_nodes);
-}
-
-#define MIN_REND_INITIAL_POST_DELAY (30)
-#define MIN_REND_INITIAL_POST_DELAY_TESTING (5)
-
-/** Regenerate and upload rendezvous service descriptors for all
- * services, if necessary. If the descriptor has been dirty enough
- * for long enough, definitely upload; else only upload when the
- * periodic timeout has expired.
- *
- * For the first upload, pick a random time between now and two periods
- * from now, and pick it independently for each service.
- */
-void
-rend_consider_services_upload(time_t now)
-{
- int i;
- rend_service_t *service;
- const or_options_t *options = get_options();
- int rendpostperiod = options->RendPostPeriod;
- int rendinitialpostdelay = (options->TestingTorNetwork ?
- MIN_REND_INITIAL_POST_DELAY_TESTING :
- MIN_REND_INITIAL_POST_DELAY);
-
- for (i=0; i < smartlist_len(rend_service_list); ++i) {
- service = smartlist_get(rend_service_list, i);
- if (!service->next_upload_time) { /* never been uploaded yet */
- /* The fixed lower bound of rendinitialpostdelay seconds ensures that
- * the descriptor is stable before being published. See comment below. */
- service->next_upload_time =
- now + rendinitialpostdelay + crypto_rand_int(2*rendpostperiod);
- /* Single Onion Services prioritise availability over hiding their
- * startup time, as their IP address is publicly discoverable anyway.
- */
- if (rend_service_reveal_startup_time(options)) {
- service->next_upload_time = now + rendinitialpostdelay;
- }
- }
- /* Does every introduction points have been established? */
- unsigned int intro_points_ready =
- count_established_intro_points(service) >=
- service->n_intro_points_wanted;
- if (intro_points_ready &&
- (service->next_upload_time < now ||
- (service->desc_is_dirty &&
- service->desc_is_dirty < now-rendinitialpostdelay))) {
- /* if it's time, or if the directory servers have a wrong service
- * descriptor and ours has been stable for rendinitialpostdelay seconds,
- * upload a new one of each format. */
- rend_service_update_descriptor(service);
- upload_service_descriptor(service);
- }
- }
-}
-
-/** True if the list of available router descriptors might have changed so
- * that we should have a look whether we can republish previously failed
- * rendezvous service descriptors. */
-static int consider_republishing_rend_descriptors = 1;
-
-/** Called when our internal view of the directory has changed, so that we
- * might have router descriptors of hidden service directories available that
- * we did not have before. */
-void
-rend_hsdir_routers_changed(void)
-{
- consider_republishing_rend_descriptors = 1;
-}
-
-/** Consider republication of v2 rendezvous service descriptors that failed
- * previously, but without regenerating descriptor contents.
- */
-void
-rend_consider_descriptor_republication(void)
-{
- int i;
- rend_service_t *service;
-
- if (!consider_republishing_rend_descriptors)
- return;
- consider_republishing_rend_descriptors = 0;
-
- if (!get_options()->PublishHidServDescriptors)
- return;
-
- for (i=0; i < smartlist_len(rend_service_list); ++i) {
- service = smartlist_get(rend_service_list, i);
- if (service->desc && !service->desc->all_uploads_performed) {
- /* If we failed in uploading a descriptor last time, try again *without*
- * updating the descriptor's contents. */
- upload_service_descriptor(service);
- }
- }
-}
-
-/** Log the status of introduction points for all rendezvous services
- * at log severity <b>severity</b>.
- */
-void
-rend_service_dump_stats(int severity)
-{
- rend_service_t *service;
- rend_intro_point_t *intro;
- const char *safe_name;
- origin_circuit_t *circ;
-
- for (int i = 0; i < smartlist_len(rend_service_list); ++i) {
- service = smartlist_get(rend_service_list, i);
- tor_log(severity, LD_GENERAL, "Service configured in %s:",
- rend_service_escaped_dir(service));
- for (int j = 0; j < smartlist_len(service->intro_nodes); ++j) {
- intro = smartlist_get(service->intro_nodes, j);
- safe_name = safe_str_client(intro->extend_info->nickname);
-
- circ = find_intro_circuit(intro, service->pk_digest);
- if (!circ) {
- tor_log(severity, LD_GENERAL, " Intro point %d at %s: no circuit",
- j, safe_name);
- continue;
- }
- tor_log(severity, LD_GENERAL, " Intro point %d at %s: circuit is %s",
- j, safe_name, circuit_state_to_string(circ->base_.state));
- }
- }
-}
-
-/** Given <b>conn</b>, a rendezvous exit stream, look up the hidden service for
- * <b>circ</b>, and look up the port and address based on conn-\>port.
- * Assign the actual conn-\>addr and conn-\>port. Return -2 on failure
- * for which the circuit should be closed, -1 on other failure,
- * or 0 for success.
- */
-int
-rend_service_set_connection_addr_port(edge_connection_t *conn,
- origin_circuit_t *circ)
-{
- rend_service_t *service;
- char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
- const char *rend_pk_digest;
-
- tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_S_REND_JOINED);
- tor_assert(circ->rend_data);
- log_debug(LD_REND,"beginning to hunt for addr/port");
- rend_pk_digest = (char *) rend_data_get_pk_digest(circ->rend_data, NULL);
- base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
- rend_pk_digest, REND_SERVICE_ID_LEN);
- service = rend_service_get_by_pk_digest(rend_pk_digest);
- if (!service) {
- log_warn(LD_REND, "Couldn't find any service associated with pk %s on "
- "rendezvous circuit %u; closing.",
- serviceid, (unsigned)circ->base_.n_circ_id);
- return -2;
- }
- if (service->max_streams_per_circuit > 0) {
- /* Enforce the streams-per-circuit limit, and refuse to provide a
- * mapping if this circuit will exceed the limit. */
-#define MAX_STREAM_WARN_INTERVAL 600
- static struct ratelim_t stream_ratelim =
- RATELIM_INIT(MAX_STREAM_WARN_INTERVAL);
- if (circ->rend_data->nr_streams >= service->max_streams_per_circuit) {
- log_fn_ratelim(&stream_ratelim, LOG_WARN, LD_REND,
- "Maximum streams per circuit limit reached on rendezvous "
- "circuit %u; %s. Circuit has %d out of %d streams.",
- (unsigned)circ->base_.n_circ_id,
- service->max_streams_close_circuit ?
- "closing circuit" :
- "ignoring open stream request",
- circ->rend_data->nr_streams,
- service->max_streams_per_circuit);
- return service->max_streams_close_circuit ? -2 : -1;
- }
- }
-
- if (hs_set_conn_addr_port(service->ports, conn) == 0) {
- /* Successfully set the port to the connection. We are done. */
- return 0;
- }
-
- log_info(LD_REND,
- "No virtual port mapping exists for port %d on service %s",
- conn->base_.port, serviceid);
-
- if (service->allow_unknown_ports)
- return -1;
- else
- return -2;
-}
-
-/* Are HiddenServiceSingleHopMode and HiddenServiceNonAnonymousMode consistent?
- */
-static int
-rend_service_non_anonymous_mode_consistent(const or_options_t *options)
-{
- /* !! is used to make these options boolean */
- return (!! options->HiddenServiceSingleHopMode ==
- !! options->HiddenServiceNonAnonymousMode);
-}
-
-/* Do the options allow onion services to make direct (non-anonymous)
- * connections to introduction or rendezvous points?
- * Must only be called after options_validate_single_onion() has successfully
- * checked onion service option consistency.
- * Returns true if tor is in HiddenServiceSingleHopMode. */
-int
-rend_service_allow_non_anonymous_connection(const or_options_t *options)
-{
- tor_assert(rend_service_non_anonymous_mode_consistent(options));
- return options->HiddenServiceSingleHopMode ? 1 : 0;
-}
-
-/* Do the options allow us to reveal the exact startup time of the onion
- * service?
- * Single Onion Services prioritise availability over hiding their
- * startup time, as their IP address is publicly discoverable anyway.
- * Must only be called after options_validate_single_onion() has successfully
- * checked onion service option consistency.
- * Returns true if tor is in non-anonymous hidden service mode. */
-int
-rend_service_reveal_startup_time(const or_options_t *options)
-{
- tor_assert(rend_service_non_anonymous_mode_consistent(options));
- return rend_service_non_anonymous_mode_enabled(options);
-}
-
-/* Is non-anonymous mode enabled using the HiddenServiceNonAnonymousMode
- * config option?
- * Must only be called after options_validate_single_onion() has successfully
- * checked onion service option consistency.
- */
-int
-rend_service_non_anonymous_mode_enabled(const or_options_t *options)
-{
- tor_assert(rend_service_non_anonymous_mode_consistent(options));
- return options->HiddenServiceNonAnonymousMode ? 1 : 0;
-}
-
-#ifdef TOR_UNIT_TESTS
-
-STATIC void
-set_rend_service_list(smartlist_t *new_list)
-{
- rend_service_list = new_list;
-}
-
-STATIC void
-set_rend_rend_service_staging_list(smartlist_t *new_list)
-{
- rend_service_staging_list = new_list;
-}
-
-#endif /* defined(TOR_UNIT_TESTS) */
diff --git a/src/feature/rend/rendservice.h b/src/feature/rend/rendservice.h
deleted file mode 100644
index cd44787ce2..0000000000
--- a/src/feature/rend/rendservice.h
+++ /dev/null
@@ -1,215 +0,0 @@
-/* Copyright (c) 2001 Matej Pfajfar.
- * Copyright (c) 2001-2004, Roger Dingledine.
- * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file rendservice.h
- * \brief Header file for rendservice.c.
- **/
-
-#ifndef TOR_RENDSERVICE_H
-#define TOR_RENDSERVICE_H
-
-#include "core/or/or.h"
-#include "feature/hs/hs_service.h"
-
-typedef struct rend_intro_cell_t rend_intro_cell_t;
-struct config_line_t;
-
-/* This can be used for both INTRODUCE1 and INTRODUCE2 */
-
-struct rend_intro_cell_t {
- /* Is this an INTRODUCE1 or INTRODUCE2? (set to 1 or 2) */
- uint8_t type;
- /* Public key digest */
- uint8_t pk[DIGEST_LEN];
- /* Optionally, store ciphertext here */
- uint8_t *ciphertext;
- ssize_t ciphertext_len;
- /* Optionally, store plaintext */
- uint8_t *plaintext;
- ssize_t plaintext_len;
- /* Have we parsed the plaintext? */
- uint8_t parsed;
- /* intro protocol version (0, 1, 2 or 3) */
- uint8_t version;
- /* Version-specific parts */
- union {
- struct {
- /* Rendezvous point nickname or hex-encoded key digest */
- uint8_t rp[42];
- } v0_v1;
- struct {
- /* The extend_info_t struct has everything v2 uses */
- extend_info_t *extend_info;
- } v2;
- struct {
- /* Auth type used */
- uint8_t auth_type;
- /* Length of auth data */
- uint16_t auth_len;
- /* Auth data */
- uint8_t *auth_data;
- /* Rendezvous point's IP address/port, identity digest and onion key */
- extend_info_t *extend_info;
- } v3;
- } u;
- /* Rendezvous cookie */
- uint8_t rc[REND_COOKIE_LEN];
- /* Diffie-Hellman data */
- uint8_t dh[DH1024_KEY_LEN];
-};
-
-#ifdef RENDSERVICE_PRIVATE
-
-/** Represents a single hidden service running at this OP. */
-typedef struct rend_service_t {
- /* Fields specified in config file */
- char *directory; /**< where in the filesystem it stores it. Will be NULL if
- * this service is ephemeral. */
- int dir_group_readable; /**< if 1, allow group read
- permissions on directory */
- smartlist_t *ports; /**< List of hs_port_config_t */
- rend_auth_type_t auth_type; /**< Client authorization type or 0 if no client
- * authorization is performed. */
- smartlist_t *clients; /**< List of rend_authorized_client_t's of
- * clients that may access our service. Can be NULL
- * if no client authorization is performed. */
- /* Other fields */
- crypto_pk_t *private_key; /**< Permanent hidden-service key. */
- char service_id[REND_SERVICE_ID_LEN_BASE32+1]; /**< Onion address without
- * '.onion' */
- char pk_digest[DIGEST_LEN]; /**< Hash of permanent hidden-service key. */
- smartlist_t *intro_nodes; /**< List of rend_intro_point_t's we have,
- * or are trying to establish. */
- /** List of rend_intro_point_t that are expiring. They are removed once
- * the new descriptor is successfully uploaded. A node in this list CAN
- * NOT appear in the intro_nodes list. */
- smartlist_t *expiring_nodes;
- time_t intro_period_started; /**< Start of the current period to build
- * introduction points. */
- int n_intro_circuits_launched; /**< Count of intro circuits we have
- * established in this period. */
- unsigned int n_intro_points_wanted; /**< Number of intro points this
- * service wants to have open. */
- rend_service_descriptor_t *desc; /**< Current hidden service descriptor. */
- time_t desc_is_dirty; /**< Time at which changes to the hidden service
- * descriptor content occurred, or 0 if it's
- * up-to-date. */
- time_t next_upload_time; /**< Scheduled next hidden service descriptor
- * upload time. */
- /** Replay cache for Diffie-Hellman values of INTRODUCE2 cells, to
- * detect repeats. Clients may send INTRODUCE1 cells for the same
- * rendezvous point through two or more different introduction points;
- * when they do, this keeps us from launching multiple simultaneous attempts
- * to connect to the same rend point. */
- replaycache_t *accepted_intro_dh_parts;
- /** If true, we don't close circuits for making requests to unsupported
- * ports. */
- int allow_unknown_ports;
- /** The maximum number of simultaneous streams-per-circuit that are allowed
- * to be established, or 0 if no limit is set.
- */
- int max_streams_per_circuit;
- /** If true, we close circuits that exceed the max_streams_per_circuit
- * limit. */
- int max_streams_close_circuit;
-} rend_service_t;
-
-STATIC void rend_service_free_(rend_service_t *service);
-#define rend_service_free(s) \
- FREE_AND_NULL(rend_service_t, rend_service_free_, (s))
-STATIC char *rend_service_sos_poison_path(const rend_service_t *service);
-STATIC int rend_service_verify_single_onion_poison(
- const rend_service_t *s,
- const or_options_t *options);
-STATIC int rend_service_poison_new_single_onion_dir(
- const rend_service_t *s,
- const or_options_t* options);
-#ifdef TOR_UNIT_TESTS
-
-STATIC void set_rend_service_list(smartlist_t *new_list);
-STATIC void set_rend_rend_service_staging_list(smartlist_t *new_list);
-STATIC void rend_service_prune_list_impl_(void);
-
-#endif /* defined(TOR_UNIT_TESTS) */
-
-#endif /* defined(RENDSERVICE_PRIVATE) */
-
-int rend_num_services(void);
-struct hs_opts_t;
-int rend_config_service(const struct hs_opts_t *hs_opts,
- const or_options_t *options,
- hs_service_config_t *config);
-void rend_service_prune_list(void);
-void rend_service_free_staging_list(void);
-int rend_service_load_all_keys(const smartlist_t *service_list);
-int rend_service_key_on_disk(const char *directory_path);
-void rend_services_add_filenames_to_lists(smartlist_t *open_lst,
- smartlist_t *stat_lst);
-void rend_consider_services_intro_points(time_t now);
-void rend_consider_services_upload(time_t now);
-void rend_hsdir_routers_changed(void);
-void rend_consider_descriptor_republication(void);
-
-void rend_service_intro_has_opened(origin_circuit_t *circuit);
-int rend_service_intro_established(origin_circuit_t *circuit,
- const uint8_t *request,
- size_t request_len);
-void rend_service_rendezvous_has_opened(origin_circuit_t *circuit);
-int rend_service_receive_introduction(origin_circuit_t *circuit,
- const uint8_t *request,
- size_t request_len);
-int rend_service_decrypt_intro(rend_intro_cell_t *request,
- crypto_pk_t *key,
- char **err_msg_out);
-void rend_service_free_intro_(rend_intro_cell_t *request);
-#define rend_service_free_intro(req) do { \
- rend_service_free_intro_(req); \
- (req) = NULL; \
- } while (0)
-rend_intro_cell_t * rend_service_begin_parse_intro(const uint8_t *request,
- size_t request_len,
- uint8_t type,
- char **err_msg_out);
-int rend_service_parse_intro_plaintext(rend_intro_cell_t *intro,
- char **err_msg_out);
-ssize_t rend_service_encode_establish_intro_cell(char *cell_body_out,
- size_t cell_body_out_len,
- crypto_pk_t *intro_key,
- const char *rend_circ_nonce);
-int rend_service_validate_intro_late(const rend_intro_cell_t *intro,
- char **err_msg_out);
-void rend_service_relaunch_rendezvous(origin_circuit_t *oldcirc);
-int rend_service_set_connection_addr_port(edge_connection_t *conn,
- origin_circuit_t *circ);
-void rend_service_dump_stats(int severity);
-void rend_service_free_all(void);
-void rend_service_init(void);
-
-void rend_authorized_client_free_(rend_authorized_client_t *client);
-#define rend_authorized_client_free(client) \
- FREE_AND_NULL(rend_authorized_client_t, rend_authorized_client_free_, \
- (client))
-
-hs_service_add_ephemeral_status_t rend_service_add_ephemeral(crypto_pk_t *pk,
- smartlist_t *ports,
- int max_streams_per_circuit,
- int max_streams_close_circuit,
- rend_auth_type_t auth_type,
- smartlist_t *auth_clients,
- char **service_id_out);
-int rend_service_del_ephemeral(const char *service_id);
-
-void directory_post_to_hs_dir(rend_service_descriptor_t *renddesc,
- smartlist_t *descs, smartlist_t *hs_dirs,
- const char *service_id, int seconds_valid);
-void rend_service_desc_has_uploaded(const rend_data_t *rend_data);
-
-int rend_service_allow_non_anonymous_connection(const or_options_t *options);
-int rend_service_reveal_startup_time(const or_options_t *options);
-int rend_service_non_anonymous_mode_enabled(const or_options_t *options);
-
-#endif /* !defined(TOR_RENDSERVICE_H) */
diff --git a/src/test/fuzz/fuzz_hsdescv2.c b/src/test/fuzz/fuzz_hsdescv2.c
deleted file mode 100644
index 81d9e5f00e..0000000000
--- a/src/test/fuzz/fuzz_hsdescv2.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/* Copyright (c) 2016-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-#include "core/or/or.h"
-#include "feature/dirparse/unparseable.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendparse.h"
-#include "lib/crypt_ops/crypto_ed25519.h"
-#include "test/fuzz/fuzzing.h"
-
-static void
-mock_dump_desc__nodump(const char *desc, const char *type)
-{
- (void)desc;
- (void)type;
-}
-
-int
-fuzz_init(void)
-{
- disable_signature_checking();
- MOCK(dump_desc, mock_dump_desc__nodump);
- ed25519_init();
- return 0;
-}
-
-int
-fuzz_cleanup(void)
-{
- return 0;
-}
-
-int
-fuzz_main(const uint8_t *data, size_t sz)
-{
- rend_service_descriptor_t *desc = NULL;
- char desc_id[64];
- char *ipts = NULL;
- size_t ipts_size, esize;
- const char *next;
- char *str = tor_memdup_nulterm(data, sz);
- (void) rend_parse_v2_service_descriptor(&desc, desc_id, &ipts, &ipts_size,
- &esize, &next, str, 1);
- if (desc) {
- log_debug(LD_GENERAL, "Parsing okay");
- rend_service_descriptor_free(desc);
- } else {
- log_debug(LD_GENERAL, "Parsing failed");
- }
- tor_free(ipts);
- tor_free(str);
- return 0;
-}
diff --git a/src/test/fuzz/include.am b/src/test/fuzz/include.am
index ef952c3812..9bdced9e6f 100644
--- a/src/test/fuzz/include.am
+++ b/src/test/fuzz/include.am
@@ -83,16 +83,6 @@ src_test_fuzz_fuzz_extrainfo_LDFLAGS = $(FUZZING_LDFLAG)
src_test_fuzz_fuzz_extrainfo_LDADD = $(FUZZING_LIBS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_fuzz_hsdescv2_SOURCES = \
- src/test/fuzz/fuzzing_common.c \
- src/test/fuzz/fuzz_hsdescv2.c
-src_test_fuzz_fuzz_hsdescv2_CPPFLAGS = $(FUZZING_CPPFLAGS)
-src_test_fuzz_fuzz_hsdescv2_CFLAGS = $(FUZZING_CFLAGS)
-src_test_fuzz_fuzz_hsdescv2_LDFLAGS = $(FUZZING_LDFLAG)
-src_test_fuzz_fuzz_hsdescv2_LDADD = $(FUZZING_LIBS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_fuzz_hsdescv3_SOURCES = \
src/test/fuzz/fuzzing_common.c \
@@ -123,16 +113,6 @@ src_test_fuzz_fuzz_http_connect_LDFLAGS = $(FUZZING_LDFLAG)
src_test_fuzz_fuzz_http_connect_LDADD = $(FUZZING_LIBS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_fuzz_iptsv2_SOURCES = \
- src/test/fuzz/fuzzing_common.c \
- src/test/fuzz/fuzz_iptsv2.c
-src_test_fuzz_fuzz_iptsv2_CPPFLAGS = $(FUZZING_CPPFLAGS)
-src_test_fuzz_fuzz_iptsv2_CFLAGS = $(FUZZING_CFLAGS)
-src_test_fuzz_fuzz_iptsv2_LDFLAGS = $(FUZZING_LDFLAG)
-src_test_fuzz_fuzz_iptsv2_LDADD = $(FUZZING_LIBS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_fuzz_microdesc_SOURCES = \
src/test/fuzz/fuzzing_common.c \
@@ -180,11 +160,9 @@ FUZZERS = \
src/test/fuzz/fuzz-diff \
src/test/fuzz/fuzz-diff-apply \
src/test/fuzz/fuzz-extrainfo \
- src/test/fuzz/fuzz-hsdescv2 \
src/test/fuzz/fuzz-hsdescv3 \
src/test/fuzz/fuzz-http \
src/test/fuzz/fuzz-http-connect \
- src/test/fuzz/fuzz-iptsv2 \
src/test/fuzz/fuzz-microdesc \
src/test/fuzz/fuzz-socks \
src/test/fuzz/fuzz-strops \
@@ -239,15 +217,6 @@ src_test_fuzz_lf_fuzz_extrainfo_LDFLAGS = $(LIBFUZZER_LDFLAG)
src_test_fuzz_lf_fuzz_extrainfo_LDADD = $(LIBFUZZER_LIBS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_lf_fuzz_hsdescv2_SOURCES = \
- $(src_test_fuzz_fuzz_hsdescv2_SOURCES)
-src_test_fuzz_lf_fuzz_hsdescv2_CPPFLAGS = $(LIBFUZZER_CPPFLAGS)
-src_test_fuzz_lf_fuzz_hsdescv2_CFLAGS = $(LIBFUZZER_CFLAGS)
-src_test_fuzz_lf_fuzz_hsdescv2_LDFLAGS = $(LIBFUZZER_LDFLAG)
-src_test_fuzz_lf_fuzz_hsdescv2_LDADD = $(LIBFUZZER_LIBS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_lf_fuzz_hsdescv3_SOURCES = \
$(src_test_fuzz_fuzz_hsdescv3_SOURCES)
@@ -275,15 +244,6 @@ src_test_fuzz_lf_fuzz_http_connect_LDFLAGS = $(LIBFUZZER_LDFLAG)
src_test_fuzz_lf_fuzz_http_connect_LDADD = $(LIBFUZZER_LIBS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_lf_fuzz_iptsv2_SOURCES = \
- $(src_test_fuzz_fuzz_iptsv2_SOURCES)
-src_test_fuzz_lf_fuzz_iptsv2_CPPFLAGS = $(LIBFUZZER_CPPFLAGS)
-src_test_fuzz_lf_fuzz_iptsv2_CFLAGS = $(LIBFUZZER_CFLAGS)
-src_test_fuzz_lf_fuzz_iptsv2_LDFLAGS = $(LIBFUZZER_LDFLAG)
-src_test_fuzz_lf_fuzz_iptsv2_LDADD = $(LIBFUZZER_LIBS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_lf_fuzz_microdesc_SOURCES = \
$(src_test_fuzz_fuzz_microdesc_SOURCES)
@@ -326,11 +286,9 @@ LIBFUZZER_FUZZERS = \
src/test/fuzz/lf-fuzz-diff \
src/test/fuzz/lf-fuzz-diff-apply \
src/test/fuzz/lf-fuzz-extrainfo \
- src/test/fuzz/lf-fuzz-hsdescv2 \
src/test/fuzz/lf-fuzz-hsdescv3 \
src/test/fuzz/lf-fuzz-http \
src/test/fuzz/lf-fuzz-http-connect \
- src/test/fuzz/lf-fuzz-iptsv2 \
src/test/fuzz/lf-fuzz-microdesc \
src/test/fuzz/lf-fuzz-socks \
src/test/fuzz/lf-fuzz-strops \
@@ -378,13 +336,6 @@ src_test_fuzz_liboss_fuzz_extrainfo_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS)
src_test_fuzz_liboss_fuzz_extrainfo_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_liboss_fuzz_hsdescv2_a_SOURCES = \
- $(src_test_fuzz_fuzz_hsdescv2_SOURCES)
-src_test_fuzz_liboss_fuzz_hsdescv2_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS)
-src_test_fuzz_liboss_fuzz_hsdescv2_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_liboss_fuzz_hsdescv3_a_SOURCES = \
$(src_test_fuzz_fuzz_hsdescv3_SOURCES)
@@ -406,13 +357,6 @@ src_test_fuzz_liboss_fuzz_http_connect_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS)
src_test_fuzz_liboss_fuzz_http_connect_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS)
endif
-if UNITTESTS_ENABLED
-src_test_fuzz_liboss_fuzz_iptsv2_a_SOURCES = \
- $(src_test_fuzz_fuzz_iptsv2_SOURCES)
-src_test_fuzz_liboss_fuzz_iptsv2_a_CPPFLAGS = $(LIBOSS_FUZZ_CPPFLAGS)
-src_test_fuzz_liboss_fuzz_iptsv2_a_CFLAGS = $(LIBOSS_FUZZ_CFLAGS)
-endif
-
if UNITTESTS_ENABLED
src_test_fuzz_liboss_fuzz_microdesc_a_SOURCES = \
$(src_test_fuzz_fuzz_microdesc_SOURCES)
@@ -447,11 +391,9 @@ OSS_FUZZ_FUZZERS = \
src/test/fuzz/liboss-fuzz-diff.a \
src/test/fuzz/liboss-fuzz-diff-apply.a \
src/test/fuzz/liboss-fuzz-extrainfo.a \
- src/test/fuzz/liboss-fuzz-hsdescv2.a \
src/test/fuzz/liboss-fuzz-hsdescv3.a \
src/test/fuzz/liboss-fuzz-http.a \
src/test/fuzz/liboss-fuzz-http-connect.a \
- src/test/fuzz/liboss-fuzz-iptsv2.a \
src/test/fuzz/liboss-fuzz-microdesc.a \
src/test/fuzz/liboss-fuzz-socks.a \
src/test/fuzz/liboss-fuzz-strops.a \
diff --git a/src/test/include.am b/src/test/include.am
index cdf3b20c48..9372b796f8 100644
--- a/src/test/include.am
+++ b/src/test/include.am
@@ -130,7 +130,6 @@ src_test_test_SOURCES += \
src/test/log_test_helpers.c \
src/test/hs_test_helpers.c \
src/test/opts_test_helpers.c \
- src/test/rend_test_helpers.c \
src/test/resolve_test_helpers.c \
src/test/rng_test_helpers.c \
src/test/test.c \
@@ -181,7 +180,6 @@ src_test_test_SOURCES += \
src/test/test_geoip.c \
src/test/test_guardfraction.c \
src/test/test_extorport.c \
- src/test/test_hs.c \
src/test/test_hs_common.c \
src/test/test_hs_config.c \
src/test/test_hs_cell.c \
@@ -196,7 +194,6 @@ src_test_test_SOURCES += \
src/test/test_hs_descriptor.c \
src/test/test_hs_dos.c \
src/test/test_hs_metrics.c \
- src/test/test_introduce.c \
src/test/test_keypin.c \
src/test/test_link_handshake.c \
src/test/test_logging.c \
@@ -227,7 +224,6 @@ src_test_test_SOURCES += \
src/test/test_relay.c \
src/test/test_relaycell.c \
src/test/test_relaycrypt.c \
- src/test/test_rendcache.c \
src/test/test_replay.c \
src/test/test_router.c \
src/test/test_routerkeys.c \
@@ -380,7 +376,6 @@ noinst_HEADERS+= \
src/test/hs_test_helpers.h \
src/test/log_test_helpers.h \
src/test/opts_test_helpers.h \
- src/test/rend_test_helpers.h \
src/test/resolve_test_helpers.h \
src/test/rng_test_helpers.h \
src/test/test.h \
diff --git a/src/test/rend_test_helpers.c b/src/test/rend_test_helpers.c
deleted file mode 100644
index 8e40167aeb..0000000000
--- a/src/test/rend_test_helpers.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* Copyright (c) 2014-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-#include "core/or/or.h"
-#include "core/or/extendinfo.h"
-#include "lib/crypt_ops/crypto_rand.h"
-#include "test/test.h"
-#include "feature/rend/rendcommon.h"
-#include "test/rend_test_helpers.h"
-
-#include "core/or/extend_info_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-
-void
-generate_desc(int time_diff, rend_encoded_v2_service_descriptor_t **desc,
- char **service_id, int intro_points)
-{
- rend_service_descriptor_t *generated = NULL;
- smartlist_t *descs = smartlist_new();
- time_t now;
-
- now = time(NULL) + time_diff;
- create_descriptor(&generated, service_id, intro_points);
- generated->timestamp = now;
-
- rend_encode_v2_descriptors(descs, generated, now, 0, REND_NO_AUTH, NULL,
- NULL);
- tor_assert(smartlist_len(descs) > 1);
- *desc = smartlist_get(descs, 0);
- smartlist_set(descs, 0, NULL);
-
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- rend_service_descriptor_free(generated);
-}
-
-void
-create_descriptor(rend_service_descriptor_t **generated, char **service_id,
- int intro_points)
-{
- crypto_pk_t *pk1 = NULL;
- crypto_pk_t *pk2 = NULL;
- int i;
-
- *service_id = tor_malloc(REND_SERVICE_ID_LEN_BASE32+1);
- pk1 = pk_generate(0);
- pk2 = pk_generate(1);
-
- *generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- (*generated)->pk = crypto_pk_dup_key(pk1);
- rend_get_service_id((*generated)->pk, *service_id);
-
- (*generated)->version = 2;
- (*generated)->protocols = 42;
- (*generated)->intro_nodes = smartlist_new();
-
- for (i = 0; i < intro_points; i++) {
- rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
- crypto_pk_t *okey = pk_generate(2 + i);
- intro->extend_info =
- extend_info_new(NULL, NULL, NULL, NULL, NULL, NULL, 0);
- intro->extend_info->onion_key = okey;
- crypto_pk_get_digest(intro->extend_info->onion_key,
- intro->extend_info->identity_digest);
- intro->extend_info->nickname[0] = '$';
- base16_encode(intro->extend_info->nickname + 1,
- sizeof(intro->extend_info->nickname) - 1,
- intro->extend_info->identity_digest, DIGEST_LEN);
- tor_addr_t addr;
- uint16_t port;
- /* Does not cover all IP addresses. */
- tor_addr_from_ipv4h(&addr, crypto_rand_int(65536) + 1);
- port = 1 + crypto_rand_int(65535);
- extend_info_add_orport(intro->extend_info, &addr, port);
- intro->intro_key = crypto_pk_dup_key(pk2);
- smartlist_add((*generated)->intro_nodes, intro);
- }
-
- crypto_pk_free(pk1);
- crypto_pk_free(pk2);
-}
-
-rend_data_t *
-mock_rend_data(const char *onion_address)
-{
- rend_data_v2_t *v2_data = tor_malloc_zero(sizeof(*v2_data));
- rend_data_t *rend_query = &v2_data->base_;
- rend_query->version = 2;
-
- strlcpy(v2_data->onion_address, onion_address,
- sizeof(v2_data->onion_address));
- v2_data->auth_type = REND_NO_AUTH;
- rend_query->hsdirs_fp = smartlist_new();
- smartlist_add(rend_query->hsdirs_fp, tor_memdup("aaaaaaaaaaaaaaaaaaaaaaaa",
- DIGEST_LEN));
- return rend_query;
-}
diff --git a/src/test/rend_test_helpers.h b/src/test/rend_test_helpers.h
deleted file mode 100644
index b1078ce866..0000000000
--- a/src/test/rend_test_helpers.h
+++ /dev/null
@@ -1,16 +0,0 @@
-/* Copyright (c) 2014-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-#include "core/or/or.h"
-
-#ifndef TOR_REND_TEST_HELPERS_H
-#define TOR_REND_TEST_HELPERS_H
-
-void generate_desc(int time_diff, rend_encoded_v2_service_descriptor_t **desc,
- char **service_id, int intro_points);
-void create_descriptor(rend_service_descriptor_t **generated,
- char **service_id, int intro_points);
-rend_data_t *mock_rend_data(const char *onion_address);
-
-#endif /* !defined(TOR_REND_TEST_HELPERS_H) */
-
diff --git a/src/test/test.c b/src/test/test.c
index 0d6c0a0d4a..fd9ce230ea 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -45,9 +45,6 @@
#include "app/config/config.h"
#include "core/or/connection_edge.h"
#include "core/or/extendinfo.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendcache.h"
-#include "feature/rend/rendparse.h"
#include "test/test.h"
#include "core/mainloop/mainloop.h"
#include "lib/memarea/memarea.h"
@@ -62,9 +59,6 @@
#include "core/or/extend_info_st.h"
#include "core/or/or_circuit_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
#include "feature/relay/onion_queue.h"
/** Run unit tests for the onion handshake code. */
@@ -619,127 +613,6 @@ test_circuit_timeout(void *arg)
testing_disable_deterministic_rng();
}
-/** Test encoding and parsing of rendezvous service descriptors. */
-static void
-test_rend_fns(void *arg)
-{
- rend_service_descriptor_t *generated = NULL, *parsed = NULL;
- char service_id[DIGEST_LEN];
- char service_id_base32[REND_SERVICE_ID_LEN_BASE32+1];
- const char *next_desc;
- smartlist_t *descs = smartlist_new();
- char computed_desc_id[DIGEST_LEN];
- char parsed_desc_id[DIGEST_LEN];
- crypto_pk_t *pk1 = NULL, *pk2 = NULL;
- time_t now;
- char *intro_points_encrypted = NULL;
- size_t intro_points_size;
- size_t encoded_size;
- int i;
-
- (void)arg;
-
- /* Initialize the service cache. */
- rend_cache_init();
-
- pk1 = pk_generate(0);
- pk2 = pk_generate(1);
- generated = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- generated->pk = crypto_pk_dup_key(pk1);
- crypto_pk_get_digest(generated->pk, service_id);
- base32_encode(service_id_base32, REND_SERVICE_ID_LEN_BASE32+1,
- service_id, REND_SERVICE_ID_LEN);
- now = time(NULL);
- generated->timestamp = now;
- generated->version = 2;
- generated->protocols = 42;
- generated->intro_nodes = smartlist_new();
-
- for (i = 0; i < 3; i++) {
- rend_intro_point_t *intro = tor_malloc_zero(sizeof(rend_intro_point_t));
- crypto_pk_t *okey = pk_generate(2 + i);
- intro->extend_info =
- extend_info_new(NULL, NULL, NULL, NULL, NULL, NULL, 0);
- intro->extend_info->onion_key = okey;
- crypto_pk_get_digest(intro->extend_info->onion_key,
- intro->extend_info->identity_digest);
- //crypto_rand(info->identity_digest, DIGEST_LEN); /* Would this work? */
- intro->extend_info->nickname[0] = '$';
- base16_encode(intro->extend_info->nickname + 1,
- sizeof(intro->extend_info->nickname) - 1,
- intro->extend_info->identity_digest, DIGEST_LEN);
- tor_addr_t addr;
- uint16_t port;
- /* Does not cover all IP addresses. */
- tor_addr_from_ipv4h(&addr, crypto_rand_int(65536) + 1);
- port = 1 + crypto_rand_int(65535);
- extend_info_add_orport(intro->extend_info, &addr, port);
- intro->intro_key = crypto_pk_dup_key(pk2);
- smartlist_add(generated->intro_nodes, intro);
- }
- int rv = rend_encode_v2_descriptors(descs, generated, now, 0,
- REND_NO_AUTH, NULL, NULL);
- tt_int_op(rv, OP_GT, 0);
- rv = rend_compute_v2_desc_id(computed_desc_id, service_id_base32, NULL,
- now, 0);
- tt_int_op(rv, OP_EQ, 0);
- tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0))->desc_id, OP_EQ,
- computed_desc_id, DIGEST_LEN);
- rv = rend_parse_v2_service_descriptor(&parsed, parsed_desc_id,
- &intro_points_encrypted, &intro_points_size, &encoded_size,
- &next_desc,
- ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0))
- ->desc_str, 1);
- tt_int_op(rv, OP_EQ, 0);
- tt_assert(parsed);
- tt_mem_op(((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0))->desc_id,OP_EQ, parsed_desc_id, DIGEST_LEN);
- tt_int_op(rend_parse_introduction_points(parsed, intro_points_encrypted,
- intro_points_size),OP_EQ, 3);
- tt_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk));
- tt_int_op(parsed->timestamp,OP_EQ, now);
- tt_int_op(parsed->version,OP_EQ, 2);
- tt_int_op(parsed->protocols,OP_EQ, 42);
- tt_int_op(smartlist_len(parsed->intro_nodes),OP_EQ, 3);
- for (i = 0; i < smartlist_len(parsed->intro_nodes); i++) {
- rend_intro_point_t *par_intro = smartlist_get(parsed->intro_nodes, i),
- *gen_intro = smartlist_get(generated->intro_nodes, i);
- extend_info_t *par_info = par_intro->extend_info;
- extend_info_t *gen_info = gen_intro->extend_info;
- tt_assert(!crypto_pk_cmp_keys(gen_info->onion_key, par_info->onion_key));
- tt_mem_op(gen_info->identity_digest,OP_EQ, par_info->identity_digest,
- DIGEST_LEN);
- tt_str_op(gen_info->nickname,OP_EQ, par_info->nickname);
- const tor_addr_port_t *a1, *a2;
- a1 = extend_info_get_orport(gen_info, AF_INET);
- a2 = extend_info_get_orport(par_info, AF_INET);
- tt_assert(a1 && a2);
- tt_assert(tor_addr_eq(&a1->addr, &a2->addr));
- tt_int_op(a2->port,OP_EQ, a2->port);
- }
-
- rend_service_descriptor_free(parsed);
- rend_service_descriptor_free(generated);
- parsed = generated = NULL;
-
- done:
- if (descs) {
- for (i = 0; i < smartlist_len(descs); i++)
- rend_encoded_v2_service_descriptor_free_(smartlist_get(descs, i));
- smartlist_free(descs);
- }
- if (parsed)
- rend_service_descriptor_free(parsed);
- if (generated)
- rend_service_descriptor_free(generated);
- if (pk1)
- crypto_pk_free(pk1);
- if (pk2)
- crypto_pk_free(pk2);
- tor_free(intro_points_encrypted);
-}
-
#define ENT(name) \
{ #name, test_ ## name , 0, NULL, NULL }
#define FORK(name) \
@@ -753,7 +626,6 @@ static struct testcase_t test_array[] = {
{ "fast_handshake", test_fast_handshake, 0, NULL, NULL },
FORK(circuit_timeout),
FORK(circuit_timeout_xm_alpha),
- FORK(rend_fns),
END_OF_TESTCASES
};
@@ -828,9 +700,7 @@ struct testgroup_t testgroups[] = {
{ "hs_ntor/", hs_ntor_tests },
{ "hs_ob/", hs_ob_tests },
{ "hs_service/", hs_service_tests },
- { "introduce/", introduce_tests },
{ "keypin/", keypin_tests },
- { "legacy_hs/", hs_tests },
{ "link-handshake/", link_handshake_tests },
{ "mainloop/", mainloop_tests },
{ "metrics/", metrics_tests },
@@ -856,7 +726,6 @@ struct testgroup_t testgroups[] = {
{ "relay/" , relay_tests },
{ "relaycell/", relaycell_tests },
{ "relaycrypt/", relaycrypt_tests },
- { "rend_cache/", rend_cache_tests },
{ "replaycache/", replaycache_tests },
{ "router/", router_tests },
{ "routerkeys/", routerkeys_tests },
diff --git a/src/test/test.h b/src/test/test.h
index 56037648d3..bdbbe25cb9 100644
--- a/src/test/test.h
+++ b/src/test/test.h
@@ -145,8 +145,6 @@ extern struct testcase_t hs_metrics_tests[];
extern struct testcase_t hs_ntor_tests[];
extern struct testcase_t hs_ob_tests[];
extern struct testcase_t hs_service_tests[];
-extern struct testcase_t hs_tests[];
-extern struct testcase_t introduce_tests[];
extern struct testcase_t keypin_tests[];
extern struct testcase_t link_handshake_tests[];
extern struct testcase_t logging_tests[];
@@ -179,7 +177,6 @@ extern struct testcase_t pubsub_msg_tests[];
extern struct testcase_t relay_tests[];
extern struct testcase_t relaycell_tests[];
extern struct testcase_t relaycrypt_tests[];
-extern struct testcase_t rend_cache_tests[];
extern struct testcase_t replaycache_tests[];
extern struct testcase_t router_tests[];
extern struct testcase_t routerkeys_tests[];
diff --git a/src/test/test_config.c b/src/test/test_config.c
index 5bca3e04fc..710336cb28 100644
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@ -41,7 +41,6 @@
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
#include "core/or/policies.h"
-#include "feature/rend/rendservice.h"
#include "feature/relay/relay_find_addr.h"
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
diff --git a/src/test/test_connection.c b/src/test/test_connection.c
index cf5626ead7..2ebe9afbe2 100644
--- a/src/test/test_connection.c
+++ b/src/test/test_connection.c
@@ -19,7 +19,6 @@
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/networkstatus.h"
-#include "feature/rend/rendcache.h"
#include "feature/dircommon/directory.h"
#include "core/or/connection_or.h"
#include "lib/net/resolve.h"
@@ -38,10 +37,6 @@ static void * test_conn_get_basic_setup(const struct testcase_t *tc);
static int test_conn_get_basic_teardown(const struct testcase_t *tc,
void *arg);
-static void * test_conn_get_rend_setup(const struct testcase_t *tc);
-static int test_conn_get_rend_teardown(const struct testcase_t *tc,
- void *arg);
-
static void * test_conn_get_rsrc_setup(const struct testcase_t *tc);
static int test_conn_get_rsrc_teardown(const struct testcase_t *tc,
void *arg);
@@ -179,52 +174,6 @@ test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg)
return 0;
}
-static void *
-test_conn_get_rend_setup(const struct testcase_t *tc)
-{
- dir_connection_t *conn = DOWNCAST(dir_connection_t,
- test_conn_get_connection(
- TEST_CONN_STATE,
- TEST_CONN_TYPE,
- TEST_CONN_REND_PURPOSE));
- tt_assert(conn);
- assert_connection_ok(&conn->base_, time(NULL));
-
- rend_cache_init();
-
- /* TODO: use directory_initiate_request() to do this - maybe? */
- tor_assert(strlen(TEST_CONN_REND_ADDR) == REND_SERVICE_ID_LEN_BASE32);
- conn->rend_data = rend_data_client_create(TEST_CONN_REND_ADDR, NULL, NULL,
- REND_NO_AUTH);
- assert_connection_ok(&conn->base_, time(NULL));
- return conn;
-
- /* On failure */
- done:
- test_conn_get_rend_teardown(tc, conn);
- /* Returning NULL causes the unit test to fail */
- return NULL;
-}
-
-static int
-test_conn_get_rend_teardown(const struct testcase_t *tc, void *arg)
-{
- dir_connection_t *conn = DOWNCAST(dir_connection_t, arg);
- int rv = 0;
-
- tt_assert(conn);
- assert_connection_ok(&conn->base_, time(NULL));
-
- /* avoid a last-ditch attempt to refetch the descriptor */
- conn->base_.purpose = TEST_CONN_REND_PURPOSE_SUCCESSFUL;
-
- /* connection_free_() cleans up rend_data */
- rv = test_conn_get_basic_teardown(tc, arg);
- done:
- rend_cache_free_all();
- return rv;
-}
-
static dir_connection_t *
test_conn_download_status_add_a_connection(const char *resource)
{
@@ -369,10 +318,6 @@ static struct testcase_setup_t test_conn_get_basic_st = {
test_conn_get_basic_setup, test_conn_get_basic_teardown
};
-static struct testcase_setup_t test_conn_get_rend_st = {
- test_conn_get_rend_setup, test_conn_get_rend_teardown
-};
-
static struct testcase_setup_t test_conn_get_rsrc_st = {
test_conn_get_rsrc_setup, test_conn_get_rsrc_teardown
};
@@ -489,37 +434,6 @@ test_conn_get_basic(void *arg)
;
}
-static void
-test_conn_get_rend(void *arg)
-{
- dir_connection_t *conn = DOWNCAST(dir_connection_t, arg);
- tt_assert(conn);
- assert_connection_ok(&conn->base_, time(NULL));
-
- tt_assert(connection_get_by_type_state_rendquery(
- conn->base_.type,
- conn->base_.state,
- rend_data_get_address(
- conn->rend_data))
- == TO_CONN(conn));
- tt_assert(connection_get_by_type_state_rendquery(
- TEST_CONN_TYPE,
- TEST_CONN_STATE,
- TEST_CONN_REND_ADDR)
- == TO_CONN(conn));
- tt_assert(connection_get_by_type_state_rendquery(TEST_CONN_REND_TYPE_2,
- !conn->base_.state,
- "")
- == NULL);
- tt_assert(connection_get_by_type_state_rendquery(TEST_CONN_REND_TYPE_2,
- !TEST_CONN_STATE,
- TEST_CONN_REND_ADDR_2)
- == NULL);
-
- done:
- ;
-}
-
#define sl_is_conn_assert(sl_input, conn) \
do { \
the_sl = (sl_input); \
@@ -1091,7 +1005,6 @@ static const unsigned int PROXY_HAPROXY_ARG = PROXY_HAPROXY;
struct testcase_t connection_tests[] = {
CONNECTION_TESTCASE(get_basic, TT_FORK, test_conn_get_basic_st),
- CONNECTION_TESTCASE(get_rend, TT_FORK, test_conn_get_rend_st),
CONNECTION_TESTCASE(get_rsrc, TT_FORK, test_conn_get_rsrc_st),
CONNECTION_TESTCASE_ARG(download_status, TT_FORK,
diff --git a/src/test/test_controller.c b/src/test/test_controller.c
index 0745651aca..4737a35939 100644
--- a/src/test/test_controller.c
+++ b/src/test/test_controller.c
@@ -16,7 +16,6 @@
#include "feature/dircache/dirserv.h"
#include "feature/hs/hs_common.h"
#include "feature/nodelist/networkstatus.h"
-#include "feature/rend/rendservice.h"
#include "feature/nodelist/authcert.h"
#include "feature/nodelist/nodelist.h"
#include "feature/stats/rephist.h"
@@ -316,110 +315,6 @@ test_add_onion_helper_keyarg_v3(void *arg)
UNMOCK(control_write_reply);
}
-static void
-test_add_onion_helper_keyarg_v2(void *arg)
-{
- int ret, hs_version;
- add_onion_secret_key_t pk;
- crypto_pk_t *pk1 = NULL;
- const char *key_new_alg = NULL;
- char *key_new_blob = NULL;
- char *encoded = NULL;
- char *arg_str = NULL;
-
- (void) arg;
- MOCK(control_write_reply, mock_control_write_reply);
-
- memset(&pk, 0, sizeof(pk));
-
- /* Test explicit RSA1024 key generation. */
- tor_free(reply_str);
- ret = add_onion_helper_keyarg("NEW:RSA1024", 0, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, 0);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(pk.v2);
- tt_str_op(key_new_alg, OP_EQ, "RSA1024");
- tt_assert(key_new_blob);
- tt_ptr_op(reply_str, OP_EQ, NULL);
-
- /* Test discarding the private key. */
- crypto_pk_free(pk.v2); pk.v2 = NULL;
- tor_free(key_new_blob);
- ret = add_onion_helper_keyarg("NEW:RSA1024", 1, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, 0);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(pk.v2);
- tt_ptr_op(key_new_alg, OP_EQ, NULL);
- tt_ptr_op(key_new_blob, OP_EQ, NULL);
- tt_ptr_op(reply_str, OP_EQ, NULL);
-
- /* Test generating a invalid key type. */
- crypto_pk_free(pk.v2); pk.v2 = NULL;
- ret = add_onion_helper_keyarg("NEW:RSA512", 0, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, -1);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(!pk.v2);
- tt_ptr_op(key_new_alg, OP_EQ, NULL);
- tt_ptr_op(key_new_blob, OP_EQ, NULL);
- tt_assert(reply_str);
-
- /* Test loading a RSA1024 key. */
- tor_free(reply_str);
- pk1 = pk_generate(0);
- tt_int_op(0, OP_EQ, crypto_pk_base64_encode_private(pk1, &encoded));
- tor_asprintf(&arg_str, "RSA1024:%s", encoded);
- ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, 0);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(pk.v2);
- tt_ptr_op(key_new_alg, OP_EQ, NULL);
- tt_ptr_op(key_new_blob, OP_EQ, NULL);
- tt_ptr_op(reply_str, OP_EQ, NULL);
- tt_int_op(crypto_pk_cmp_keys(pk1, pk.v2), OP_EQ, 0);
-
- /* Test loading a invalid key type. */
- tor_free(arg_str);
- crypto_pk_free(pk1); pk1 = NULL;
- crypto_pk_free(pk.v2); pk.v2 = NULL;
- tor_asprintf(&arg_str, "RSA512:%s", encoded);
- ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, -1);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(!pk.v2);
- tt_ptr_op(key_new_alg, OP_EQ, NULL);
- tt_ptr_op(key_new_blob, OP_EQ, NULL);
- tt_assert(reply_str);
-
- /* Test loading a invalid key. */
- tor_free(arg_str);
- crypto_pk_free(pk.v2); pk.v2 = NULL;
- tor_free(reply_str);
- encoded[strlen(encoded)/2] = '\0';
- tor_asprintf(&arg_str, "RSA1024:%s", encoded);
- ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob,
- &pk, &hs_version, NULL);
- tt_int_op(ret, OP_EQ, -1);
- tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO);
- tt_assert(!pk.v2);
- tt_ptr_op(key_new_alg, OP_EQ, NULL);
- tt_ptr_op(key_new_blob, OP_EQ, NULL);
- tt_assert(reply_str);
-
- done:
- crypto_pk_free(pk1);
- crypto_pk_free(pk.v2);
- tor_free(key_new_blob);
- tor_free(reply_str);
- tor_free(encoded);
- tor_free(arg_str);
- UNMOCK(control_write_reply);
-}
-
static void
test_getinfo_helper_onion(void *arg)
{
@@ -567,58 +462,6 @@ test_hs_parse_port_config(void *arg)
tor_free(err_msg);
}
-static void
-test_add_onion_helper_clientauth(void *arg)
-{
- rend_authorized_client_t *client = NULL;
- int created = 0;
-
- (void)arg;
-
- MOCK(control_write_reply, mock_control_write_reply);
- /* Test "ClientName" only. */
- tor_free(reply_str);
- client = add_onion_helper_clientauth("alice", &created, NULL);
- tt_assert(client);
- tt_assert(created);
- tt_ptr_op(reply_str, OP_EQ, NULL);
- rend_authorized_client_free(client);
-
- /* Test "ClientName:Blob" */
- tor_free(reply_str);
- client = add_onion_helper_clientauth("alice:475hGBHPlq7Mc0cRZitK/B",
- &created, NULL);
- tt_assert(client);
- tt_assert(!created);
- tt_ptr_op(reply_str, OP_EQ, NULL);
- rend_authorized_client_free(client);
-
- /* Test invalid client names */
- tor_free(reply_str);
- client = add_onion_helper_clientauth("no*asterisks*allowed", &created,
- NULL);
- tt_ptr_op(client, OP_EQ, NULL);
- tt_assert(reply_str);
-
- /* Test invalid auth cookie */
- tor_free(reply_str);
- client = add_onion_helper_clientauth("alice:12345", &created, NULL);
- tt_ptr_op(client, OP_EQ, NULL);
- tt_assert(reply_str);
-
- /* Test invalid syntax */
- tor_free(reply_str);
- client = add_onion_helper_clientauth(":475hGBHPlq7Mc0cRZitK/B", &created,
- NULL);
- tt_ptr_op(client, OP_EQ, NULL);
- tt_assert(reply_str);
-
- done:
- rend_authorized_client_free(client);
- tor_free(reply_str);
- UNMOCK(control_write_reply);
-}
-
/* Mocks and data/variables used for GETINFO download status tests */
static const download_status_t dl_status_default =
@@ -2209,15 +2052,11 @@ struct testcase_t controller_tests[] = {
PARSER_TEST(no_args_one_obj),
PARSER_TEST(no_args_kwargs),
PARSER_TEST(one_arg_kwargs),
- { "add_onion_helper_keyarg_v2", test_add_onion_helper_keyarg_v2, 0,
- NULL, NULL },
{ "add_onion_helper_keyarg_v3", test_add_onion_helper_keyarg_v3, 0,
NULL, NULL },
{ "getinfo_helper_onion", test_getinfo_helper_onion, 0, NULL, NULL },
{ "hs_parse_port_config", test_hs_parse_port_config, 0,
NULL, NULL },
- { "add_onion_helper_clientauth", test_add_onion_helper_clientauth, 0, NULL,
- NULL },
{ "download_status_consensus", test_download_status_consensus, 0, NULL,
NULL },
{"getinfo_helper_current_consensus_from_cache",
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index d62dd3fb9e..bb2bc6ad21 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -4848,9 +4848,6 @@ test_dir_purpose_needs_anonymity_returns_true_for_bridges(void *arg)
tt_int_op(1, OP_EQ, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE, NULL));
tt_int_op(1, OP_EQ, purpose_needs_anonymity(0, ROUTER_PURPOSE_BRIDGE,
"foobar"));
- tt_int_op(1, OP_EQ,
- purpose_needs_anonymity(DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2,
- ROUTER_PURPOSE_BRIDGE, NULL));
done: ;
}
@@ -4864,21 +4861,6 @@ test_dir_purpose_needs_anonymity_returns_false_for_own_bridge_desc(void *arg)
done: ;
}
-static void
-test_dir_purpose_needs_anonymity_returns_true_for_sensitive_purpose(void *arg)
-{
- (void)arg;
-
- tt_int_op(1, OP_EQ, purpose_needs_anonymity(
- DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2,
- ROUTER_PURPOSE_GENERAL, NULL));
- tt_int_op(1, OP_EQ, purpose_needs_anonymity(
- DIR_PURPOSE_UPLOAD_RENDDESC_V2, 0, NULL));
- tt_int_op(1, OP_EQ, purpose_needs_anonymity(
- DIR_PURPOSE_FETCH_RENDDESC_V2, 0, NULL));
- done: ;
-}
-
static void
test_dir_purpose_needs_anonymity_ret_false_for_non_sensitive_conn(void *arg)
{
@@ -4937,12 +4919,6 @@ test_dir_fetch_type(void *arg)
tt_int_op(dir_fetch_type(DIR_PURPOSE_FETCH_MICRODESC, ROUTER_PURPOSE_GENERAL,
NULL), OP_EQ, MICRODESC_DIRINFO);
- /* This will give a warning, because this function isn't supposed to be
- * used for HS descriptors. */
- setup_full_capture_of_logs(LOG_WARN);
- tt_int_op(dir_fetch_type(DIR_PURPOSE_FETCH_RENDDESC_V2,
- ROUTER_PURPOSE_GENERAL, NULL), OP_EQ, NO_DIRINFO);
- expect_single_log_msg_containing("Unexpected purpose");
done:
teardown_capture_of_logs();
}
@@ -5300,10 +5276,6 @@ test_dir_conn_purpose_to_string(void *data)
EXPECT_CONN_PURPOSE(DIR_PURPOSE_FETCH_STATUS_VOTE, "status vote fetch");
EXPECT_CONN_PURPOSE(DIR_PURPOSE_FETCH_DETACHED_SIGNATURES,
"consensus signature fetch");
- EXPECT_CONN_PURPOSE(DIR_PURPOSE_FETCH_RENDDESC_V2,
- "hidden-service v2 descriptor fetch");
- EXPECT_CONN_PURPOSE(DIR_PURPOSE_UPLOAD_RENDDESC_V2,
- "hidden-service v2 descriptor upload");
EXPECT_CONN_PURPOSE(DIR_PURPOSE_FETCH_MICRODESC, "microdescriptor fetch");
/* This will give a warning, because there is no purpose 1024. */
@@ -7311,7 +7283,6 @@ struct testcase_t dir_tests[] = {
DIR(purpose_needs_anonymity_returns_true_for_bridges, 0),
DIR(purpose_needs_anonymity_returns_false_for_own_bridge_desc, 0),
DIR(purpose_needs_anonymity_returns_true_by_default, 0),
- DIR(purpose_needs_anonymity_returns_true_for_sensitive_purpose, 0),
DIR(purpose_needs_anonymity_ret_false_for_non_sensitive_conn, 0),
DIR(post_parsing, 0),
DIR(fetch_type, 0),
diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c
index 28f07efbe8..06ab309362 100644
--- a/src/test/test_dir_handle_get.c
+++ b/src/test/test_dir_handle_get.c
@@ -18,14 +18,11 @@
#include "feature/dircache/dircache.h"
#include "test/test.h"
#include "lib/compress/compress.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendcache.h"
#include "feature/relay/relay_config.h"
#include "feature/relay/router.h"
#include "feature/nodelist/authcert.h"
#include "feature/nodelist/dirlist.h"
#include "feature/nodelist/routerlist.h"
-#include "test/rend_test_helpers.h"
#include "feature/nodelist/microdesc.h"
#include "test/test_helpers.h"
#include "feature/nodelist/nodelist.h"
@@ -44,7 +41,6 @@
#include "feature/dircommon/dir_connection_st.h"
#include "feature/dirclient/dir_server_st.h"
#include "feature/nodelist/networkstatus_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
#include "feature/nodelist/routerinfo_st.h"
#include "feature/nodelist/routerlist_st.h"
@@ -261,125 +257,6 @@ test_dir_handle_get_robots_txt(void *data)
tor_free(body);
}
-#define RENDEZVOUS2_GET(descid) GET("/tor/rendezvous2/" descid)
-static void
-test_dir_handle_get_rendezvous2_not_found_if_not_encrypted(void *data)
-{
- dir_connection_t *conn = NULL;
- char *header = NULL;
- (void) data;
-
- MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock);
-
- conn = new_dir_conn();
-
- // connection is not encrypted
- tt_assert(!connection_dir_is_encrypted(conn));
-
- tt_int_op(directory_handle_command_get(conn, RENDEZVOUS2_GET(), NULL, 0),
- OP_EQ, 0);
- fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE,
- NULL, NULL, 1, 0);
-
- tt_str_op(NOT_FOUND, OP_EQ, header);
-
- done:
- UNMOCK(connection_write_to_buf_impl_);
- connection_free_minimal(TO_CONN(conn));
- tor_free(header);
-}
-
-static void
-test_dir_handle_get_rendezvous2_on_encrypted_conn_with_invalid_desc_id(
- void *data)
-{
- dir_connection_t *conn = NULL;
- char *header = NULL;
- (void) data;
-
- MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock);
- conn = new_dir_conn();
-
- // connection is encrypted
- TO_CONN(conn)->linked = 1;
- tt_assert(connection_dir_is_encrypted(conn));
-
- tt_int_op(directory_handle_command_get(conn,
- RENDEZVOUS2_GET("invalid-desc-id"), NULL, 0), OP_EQ, 0);
- fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE,
- NULL, NULL, 1, 0);
-
- tt_str_op(header, OP_EQ, BAD_REQUEST);
-
- done:
- UNMOCK(connection_write_to_buf_impl_);
- connection_free_minimal(TO_CONN(conn));
- tor_free(header);
-}
-
-static void
-test_dir_handle_get_rendezvous2_on_encrypted_conn_not_well_formed(void *data)
-{
- dir_connection_t *conn = NULL;
- char *header = NULL;
- (void) data;
-
- MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock);
- conn = new_dir_conn();
-
- // connection is encrypted
- TO_CONN(conn)->linked = 1;
- tt_assert(connection_dir_is_encrypted(conn));
-
- //TODO: this can't be reached because rend_valid_descriptor_id() prevents
- //this case to happen. This test is the same as
- //test_dir_handle_get_rendezvous2_on_encrypted_conn_with_invalid_desc_id We
- //should refactor to remove the case from the switch.
-
- const char *req = RENDEZVOUS2_GET("1bababababababababababababababab");
- tt_int_op(directory_handle_command_get(conn, req, NULL, 0), OP_EQ, 0);
-
- fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE,
- NULL, NULL, 1, 0);
-
- tt_str_op(header, OP_EQ, BAD_REQUEST);
-
- done:
- UNMOCK(connection_write_to_buf_impl_);
- connection_free_minimal(TO_CONN(conn));
- tor_free(header);
-}
-
-static void
-test_dir_handle_get_rendezvous2_not_found(void *data)
-{
- dir_connection_t *conn = NULL;
- char *header = NULL;
- (void) data;
-
- MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock);
- conn = new_dir_conn();
-
- rend_cache_init();
-
- // connection is encrypted
- TO_CONN(conn)->linked = 1;
- tt_assert(connection_dir_is_encrypted(conn));
-
- const char *req = RENDEZVOUS2_GET("3xqunszqnaolrrfmtzgaki7mxelgvkje");
- tt_int_op(directory_handle_command_get(conn, req, NULL, 0), OP_EQ, 0);
- fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE,
- NULL, NULL, 1, 0);
-
- tt_str_op(NOT_FOUND, OP_EQ, header);
-
- done:
- UNMOCK(connection_write_to_buf_impl_);
- connection_free_minimal(TO_CONN(conn));
- tor_free(header);
- rend_cache_free_all();
-}
-
static const routerinfo_t * dhg_tests_router_get_my_routerinfo(void);
ATTR_UNUSED static int dhg_tests_router_get_my_routerinfo_called = 0;
@@ -395,76 +272,6 @@ dhg_tests_router_get_my_routerinfo(void)
return mock_routerinfo;
}
-static void
-test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data)
-{
- dir_connection_t *conn = NULL;
- char *header = NULL;
- char *body = NULL;
- size_t body_used = 0;
- char buff[30];
- char req[70];
- rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
- char *service_id = NULL;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- size_t body_len = 0;
- (void) data;
-
- MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock);
- MOCK(router_get_my_routerinfo,
- dhg_tests_router_get_my_routerinfo);
-
- rend_cache_init();
-
- /* create a valid rend service descriptor */
- #define RECENT_TIME -10
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
-
- tt_int_op(rend_cache_store_v2_desc_as_dir(desc_holder->desc_str),
- OP_EQ, 0);
-
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
-
- conn = new_dir_conn();
-
- // connection is encrypted
- TO_CONN(conn)->linked = 1;
- tt_assert(connection_dir_is_encrypted(conn));
-
- tor_snprintf(req, sizeof(req), RENDEZVOUS2_GET("%s"), desc_id_base32);
-
- tt_int_op(directory_handle_command_get(conn, req, NULL, 0), OP_EQ, 0);
-
- body_len = strlen(desc_holder->desc_str);
- fetch_from_buf_http(TO_CONN(conn)->outbuf, &header, MAX_HEADERS_SIZE,
- &body, &body_used, body_len+1, 0);
-
- tt_assert(header);
- tt_assert(body);
-
- tt_ptr_op(strstr(header, "HTTP/1.0 200 OK\r\n"), OP_EQ, header);
- tt_assert(strstr(header, "Content-Type: text/plain\r\n"));
- tt_assert(strstr(header, "Content-Encoding: identity\r\n"));
- tt_assert(strstr(header, "Pragma: no-cache\r\n"));
- tor_snprintf(buff, sizeof(buff), "Content-Length: %ld\r\n", (long) body_len);
- tt_assert(strstr(header, buff));
-
- tt_int_op(body_used, OP_EQ, strlen(body));
- tt_str_op(body, OP_EQ, desc_holder->desc_str);
-
- done:
- UNMOCK(connection_write_to_buf_impl_);
- UNMOCK(router_get_my_routerinfo);
-
- connection_free_minimal(TO_CONN(conn));
- tor_free(header);
- tor_free(body);
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_cache_free_all();
-}
-
#define MICRODESC_GET(digest) GET("/tor/micro/d/" digest)
static void
test_dir_handle_get_micro_d_not_found(void *data)
@@ -2934,11 +2741,6 @@ struct testcase_t dir_handle_get_tests[] = {
DIR_HANDLE_CMD(v1_command_not_found, 0),
DIR_HANDLE_CMD(v1_command, 0),
DIR_HANDLE_CMD(robots_txt, 0),
- DIR_HANDLE_CMD(rendezvous2_not_found_if_not_encrypted, 0),
- DIR_HANDLE_CMD(rendezvous2_not_found, 0),
- DIR_HANDLE_CMD(rendezvous2_on_encrypted_conn_with_invalid_desc_id, 0),
- DIR_HANDLE_CMD(rendezvous2_on_encrypted_conn_not_well_formed, 0),
- DIR_HANDLE_CMD(rendezvous2_on_encrypted_conn_success, 0),
DIR_HANDLE_CMD(micro_d_not_found, 0),
DIR_HANDLE_CMD(micro_d_server_busy, 0),
DIR_HANDLE_CMD(micro_d, 0),
diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c
index 11840b2c4f..d426934882 100644
--- a/src/test/test_entryconn.c
+++ b/src/test/test_entryconn.c
@@ -17,7 +17,6 @@
#include "feature/nodelist/nodelist.h"
#include "feature/hs/hs_cache.h"
-#include "feature/rend/rendcache.h"
#include "core/or/entry_connection_st.h"
#include "core/or/socks_request_st.h"
@@ -748,7 +747,6 @@ test_entryconn_rewrite_onion_v3(void *arg)
/* Make an onion connection using the SOCKS request */
conn->entry_cfg.onion_traffic = 1;
ENTRY_TO_CONN(conn)->state = AP_CONN_STATE_SOCKS_WAIT;
- tt_assert(!ENTRY_TO_EDGE_CONN(conn)->rend_data);
tt_assert(!ENTRY_TO_EDGE_CONN(conn)->hs_ident);
/* Handle SOCKS and rewrite! */
@@ -763,7 +761,6 @@ test_entryconn_rewrite_onion_v3(void *arg)
"25njqamcweflpvkl73j4szahhihoc4xt3ktcgjnpaingr5yhkenl5sid");
/* check that HS information got attached to the connection */
tt_assert(ENTRY_TO_EDGE_CONN(conn)->hs_ident);
- tt_assert(!ENTRY_TO_EDGE_CONN(conn)->rend_data);
done:
hs_free_all();
diff --git a/src/test/test_hs.c b/src/test/test_hs.c
deleted file mode 100644
index 42e663330a..0000000000
--- a/src/test/test_hs.c
+++ /dev/null
@@ -1,1003 +0,0 @@
-/* Copyright (c) 2007-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file test_hs.c
- * \brief Unit tests for hidden service.
- **/
-
-#define CONTROL_EVENTS_PRIVATE
-#define CIRCUITBUILD_PRIVATE
-#define RENDCOMMON_PRIVATE
-#define RENDSERVICE_PRIVATE
-#define HS_SERVICE_PRIVATE
-
-#include "core/or/or.h"
-#include "test/test.h"
-#include "feature/control/control.h"
-#include "feature/control/control_events.h"
-#include "feature/control/control_fmt.h"
-#include "app/config/config.h"
-#include "feature/hs/hs_common.h"
-#include "feature/rend/rendcommon.h"
-#include "feature/rend/rendservice.h"
-#include "feature/nodelist/routerlist.h"
-#include "feature/nodelist/routerset.h"
-#include "core/or/circuitbuild.h"
-
-#include "feature/nodelist/node_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/nodelist/routerinfo_st.h"
-
-#include "test/test_helpers.h"
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-/* mock ID digest and longname for node that's in nodelist */
-#define HSDIR_EXIST_ID "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" \
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
-#define STR_HSDIR_EXIST_LONGNAME \
- "$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=TestDir"
-/* mock ID digest and longname for node that's not in nodelist */
-#define HSDIR_NONE_EXIST_ID "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB" \
- "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"
-#define STR_HSDIR_NONE_EXIST_LONGNAME \
- "$BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
-
-/* DuckDuckGo descriptor as an example. This one has extra "\r" at the end so
- * the control port is happy. */
-static const char *hs_desc_content_control = "\
-rendezvous-service-descriptor g5ojobzupf275beh5ra72uyhb3dkpxwg\r\n\
-version 2\r\n\
-permanent-key\r\n\
------BEGIN RSA PUBLIC KEY-----\r\n\
-MIGJAoGBAJ/SzzgrXPxTlFrKVhXh3buCWv2QfcNgncUpDpKouLn3AtPH5Ocys0jE\r\n\
-aZSKdvaiQ62md2gOwj4x61cFNdi05tdQjS+2thHKEm/KsB9BGLSLBNJYY356bupg\r\n\
-I5gQozM65ENelfxYlysBjJ52xSDBd8C4f/p9umdzaaaCmzXG/nhzAgMBAAE=\r\n\
------END RSA PUBLIC KEY-----\r\n\
-secret-id-part anmjoxxwiupreyajjt5yasimfmwcnxlf\r\n\
-publication-time 2015-03-11 19:00:00\r\n\
-protocol-versions 2,3\r\n\
-introduction-points\r\n\
------BEGIN MESSAGE-----\r\n\
-aW50cm9kdWN0aW9uLXBvaW50IDd1bnd4cmg2dG5kNGh6eWt1Z3EzaGZzdHduc2ll\r\n\
-cmhyCmlwLWFkZHJlc3MgMTg4LjEzOC4xMjEuMTE4Cm9uaW9uLXBvcnQgOTAwMQpv\r\n\
-bmlvbi1rZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dC\r\n\
-QUxGRVVyeVpDbk9ROEhURmV5cDVjMTRObWVqL1BhekFLTTBxRENTNElKUWh0Y3g1\r\n\
-NXpRSFdOVWIKQ2hHZ0JqR1RjV3ZGRnA0N3FkdGF6WUZhVXE2c0lQKzVqeWZ5b0Q4\r\n\
-UmJ1bzBwQmFWclJjMmNhYUptWWM0RDh6Vgpuby9sZnhzOVVaQnZ1cWY4eHIrMDB2\r\n\
-S0JJNmFSMlA2OE1WeDhrMExqcUpUU2RKOE9idm9yQWdNQkFBRT0KLS0tLS1FTkQg\r\n\
-UlNBIFBVQkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQ\r\n\
-VUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTnJHb0ozeTlHNXQzN2F2ekI1cTlwN1hG\r\n\
-VUplRUVYMUNOaExnWmJXWGJhVk5OcXpoZFhyL0xTUQppM1Z6dW5OaUs3cndUVnE2\r\n\
-K2QyZ1lRckhMMmIvMXBBY3ZKWjJiNSs0bTRRc0NibFpjRENXTktRbHJnRWN5WXRJ\r\n\
-CkdscXJTbFFEaXA0ZnNrUFMvNDVkWTI0QmJsQ3NGU1k3RzVLVkxJck4zZFpGbmJr\r\n\
-NEZIS1hBZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJv\r\n\
-ZHVjdGlvbi1wb2ludCBiNGM3enlxNXNheGZzN2prNXFibG1wN3I1b3pwdHRvagpp\r\n\
-cC1hZGRyZXNzIDEwOS4xNjkuNDUuMjI2Cm9uaW9uLXBvcnQgOTAwMQpvbmlvbi1r\r\n\
-ZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dCQU8xSXpw\r\n\
-WFFUTUY3RXZUb1NEUXpzVnZiRVFRQUQrcGZ6NzczMVRXZzVaUEJZY1EyUkRaeVp4\r\n\
-OEQKNUVQSU1FeUE1RE83cGd0ak5LaXJvYXJGMC8yempjMkRXTUlSaXZyU29YUWVZ\r\n\
-ZXlMM1pzKzFIajJhMDlCdkYxZAp6MEswblRFdVhoNVR5V3lyMHdsbGI1SFBnTlI0\r\n\
-MS9oYkprZzkwZitPVCtIeGhKL1duUml2QWdNQkFBRT0KLS0tLS1FTkQgUlNBIFBV\r\n\
-QkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQVUJMSUMg\r\n\
-S0VZLS0tLS0KTUlHSkFvR0JBSzNWZEJ2ajFtQllLL3JrcHNwcm9Ub0llNUtHVmth\r\n\
-QkxvMW1tK1I2YUVJek1VZFE1SjkwNGtyRwpCd3k5NC8rV0lGNFpGYXh5Z2phejl1\r\n\
-N2pKY1k3ZGJhd1pFeG1hYXFCRlRwL2h2ZG9rcHQ4a1ByRVk4OTJPRHJ1CmJORUox\r\n\
-N1FPSmVMTVZZZk5Kcjl4TWZCQ3JQai8zOGh2RUdrbWVRNmRVWElvbVFNaUJGOVRB\r\n\
-Z01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJvZHVjdGlv\r\n\
-bi1wb2ludCBhdjVtcWl0Y2Q3cjJkandsYmN0c2Jlc2R3eGt0ZWtvegppcC1hZGRy\r\n\
-ZXNzIDE0NC43Ni44LjczCm9uaW9uLXBvcnQgNDQzCm9uaW9uLWtleQotLS0tLUJF\r\n\
-R0lOIFJTQSBQVUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTzVweVZzQmpZQmNmMXBE\r\n\
-dklHUlpmWXUzQ05nNldka0ZLMGlvdTBXTGZtejZRVDN0NWhzd3cyVwpjejlHMXhx\r\n\
-MmN0Nkd6VWkrNnVkTDlITTRVOUdHTi9BbW8wRG9GV1hKWHpBQkFXd2YyMVdsd1lW\r\n\
-eFJQMHRydi9WCkN6UDkzcHc5OG5vSmdGUGRUZ05iMjdKYmVUZENLVFBrTEtscXFt\r\n\
-b3NveUN2RitRa25vUS9BZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0t\r\n\
-LS0tCnNlcnZpY2Uta2V5Ci0tLS0tQkVHSU4gUlNBIFBVQkxJQyBLRVktLS0tLQpN\r\n\
-SUdKQW9HQkFMVjNKSmtWN3lTNU9jc1lHMHNFYzFQOTVRclFRR3ZzbGJ6Wi9zRGxl\r\n\
-RlpKYXFSOUYvYjRUVERNClNGcFMxcU1GbldkZDgxVmRGMEdYRmN2WVpLamRJdHU2\r\n\
-SndBaTRJeEhxeXZtdTRKdUxrcXNaTEFLaXRLVkx4eGsKeERlMjlDNzRWMmJrOTRJ\r\n\
-MEgybTNKS2tzTHVwc3VxWWRVUmhOVXN0SElKZmgyZmNIalF0bEFnTUJBQUU9Ci0t\r\n\
-LS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0KCg==\r\n\
------END MESSAGE-----\r\n\
-signature\r\n\
------BEGIN SIGNATURE-----\r\n\
-d4OuCE5OLAOnRB6cQN6WyMEmg/BHem144Vec+eYgeWoKwx3MxXFplUjFxgnMlmwN\r\n\
-PcftsZf2ztN0sbNCtPgDL3d0PqvxY3iHTQAI8EbaGq/IAJUZ8U4y963dD5+Bn6JQ\r\n\
-myE3ctmh0vy5+QxSiRjmQBkuEpCyks7LvWvHYrhnmcg=\r\n\
------END SIGNATURE-----";
-
-/* DuckDuckGo descriptor as an example. */
-static const char *hs_desc_content = "\
-rendezvous-service-descriptor g5ojobzupf275beh5ra72uyhb3dkpxwg\n\
-version 2\n\
-permanent-key\n\
------BEGIN RSA PUBLIC KEY-----\n\
-MIGJAoGBAJ/SzzgrXPxTlFrKVhXh3buCWv2QfcNgncUpDpKouLn3AtPH5Ocys0jE\n\
-aZSKdvaiQ62md2gOwj4x61cFNdi05tdQjS+2thHKEm/KsB9BGLSLBNJYY356bupg\n\
-I5gQozM65ENelfxYlysBjJ52xSDBd8C4f/p9umdzaaaCmzXG/nhzAgMBAAE=\n\
------END RSA PUBLIC KEY-----\n\
-secret-id-part anmjoxxwiupreyajjt5yasimfmwcnxlf\n\
-publication-time 2015-03-11 19:00:00\n\
-protocol-versions 2,3\n\
-introduction-points\n\
------BEGIN MESSAGE-----\n\
-aW50cm9kdWN0aW9uLXBvaW50IDd1bnd4cmg2dG5kNGh6eWt1Z3EzaGZzdHduc2ll\n\
-cmhyCmlwLWFkZHJlc3MgMTg4LjEzOC4xMjEuMTE4Cm9uaW9uLXBvcnQgOTAwMQpv\n\
-bmlvbi1rZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dC\n\
-QUxGRVVyeVpDbk9ROEhURmV5cDVjMTRObWVqL1BhekFLTTBxRENTNElKUWh0Y3g1\n\
-NXpRSFdOVWIKQ2hHZ0JqR1RjV3ZGRnA0N3FkdGF6WUZhVXE2c0lQKzVqeWZ5b0Q4\n\
-UmJ1bzBwQmFWclJjMmNhYUptWWM0RDh6Vgpuby9sZnhzOVVaQnZ1cWY4eHIrMDB2\n\
-S0JJNmFSMlA2OE1WeDhrMExqcUpUU2RKOE9idm9yQWdNQkFBRT0KLS0tLS1FTkQg\n\
-UlNBIFBVQkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQ\n\
-VUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTnJHb0ozeTlHNXQzN2F2ekI1cTlwN1hG\n\
-VUplRUVYMUNOaExnWmJXWGJhVk5OcXpoZFhyL0xTUQppM1Z6dW5OaUs3cndUVnE2\n\
-K2QyZ1lRckhMMmIvMXBBY3ZKWjJiNSs0bTRRc0NibFpjRENXTktRbHJnRWN5WXRJ\n\
-CkdscXJTbFFEaXA0ZnNrUFMvNDVkWTI0QmJsQ3NGU1k3RzVLVkxJck4zZFpGbmJr\n\
-NEZIS1hBZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJv\n\
-ZHVjdGlvbi1wb2ludCBiNGM3enlxNXNheGZzN2prNXFibG1wN3I1b3pwdHRvagpp\n\
-cC1hZGRyZXNzIDEwOS4xNjkuNDUuMjI2Cm9uaW9uLXBvcnQgOTAwMQpvbmlvbi1r\n\
-ZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dCQU8xSXpw\n\
-WFFUTUY3RXZUb1NEUXpzVnZiRVFRQUQrcGZ6NzczMVRXZzVaUEJZY1EyUkRaeVp4\n\
-OEQKNUVQSU1FeUE1RE83cGd0ak5LaXJvYXJGMC8yempjMkRXTUlSaXZyU29YUWVZ\n\
-ZXlMM1pzKzFIajJhMDlCdkYxZAp6MEswblRFdVhoNVR5V3lyMHdsbGI1SFBnTlI0\n\
-MS9oYkprZzkwZitPVCtIeGhKL1duUml2QWdNQkFBRT0KLS0tLS1FTkQgUlNBIFBV\n\
-QkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQVUJMSUMg\n\
-S0VZLS0tLS0KTUlHSkFvR0JBSzNWZEJ2ajFtQllLL3JrcHNwcm9Ub0llNUtHVmth\n\
-QkxvMW1tK1I2YUVJek1VZFE1SjkwNGtyRwpCd3k5NC8rV0lGNFpGYXh5Z2phejl1\n\
-N2pKY1k3ZGJhd1pFeG1hYXFCRlRwL2h2ZG9rcHQ4a1ByRVk4OTJPRHJ1CmJORUox\n\
-N1FPSmVMTVZZZk5Kcjl4TWZCQ3JQai8zOGh2RUdrbWVRNmRVWElvbVFNaUJGOVRB\n\
-Z01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJvZHVjdGlv\n\
-bi1wb2ludCBhdjVtcWl0Y2Q3cjJkandsYmN0c2Jlc2R3eGt0ZWtvegppcC1hZGRy\n\
-ZXNzIDE0NC43Ni44LjczCm9uaW9uLXBvcnQgNDQzCm9uaW9uLWtleQotLS0tLUJF\n\
-R0lOIFJTQSBQVUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTzVweVZzQmpZQmNmMXBE\n\
-dklHUlpmWXUzQ05nNldka0ZLMGlvdTBXTGZtejZRVDN0NWhzd3cyVwpjejlHMXhx\n\
-MmN0Nkd6VWkrNnVkTDlITTRVOUdHTi9BbW8wRG9GV1hKWHpBQkFXd2YyMVdsd1lW\n\
-eFJQMHRydi9WCkN6UDkzcHc5OG5vSmdGUGRUZ05iMjdKYmVUZENLVFBrTEtscXFt\n\
-b3NveUN2RitRa25vUS9BZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0t\n\
-LS0tCnNlcnZpY2Uta2V5Ci0tLS0tQkVHSU4gUlNBIFBVQkxJQyBLRVktLS0tLQpN\n\
-SUdKQW9HQkFMVjNKSmtWN3lTNU9jc1lHMHNFYzFQOTVRclFRR3ZzbGJ6Wi9zRGxl\n\
-RlpKYXFSOUYvYjRUVERNClNGcFMxcU1GbldkZDgxVmRGMEdYRmN2WVpLamRJdHU2\n\
-SndBaTRJeEhxeXZtdTRKdUxrcXNaTEFLaXRLVkx4eGsKeERlMjlDNzRWMmJrOTRJ\n\
-MEgybTNKS2tzTHVwc3VxWWRVUmhOVXN0SElKZmgyZmNIalF0bEFnTUJBQUU9Ci0t\n\
-LS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0KCg==\n\
------END MESSAGE-----\n\
-signature\n\
------BEGIN SIGNATURE-----\n\
-d4OuCE5OLAOnRB6cQN6WyMEmg/BHem144Vec+eYgeWoKwx3MxXFplUjFxgnMlmwN\n\
-PcftsZf2ztN0sbNCtPgDL3d0PqvxY3iHTQAI8EbaGq/IAJUZ8U4y963dD5+Bn6JQ\n\
-myE3ctmh0vy5+QxSiRjmQBkuEpCyks7LvWvHYrhnmcg=\n\
------END SIGNATURE-----";
-
-/* Helper global variable for hidden service descriptor event test.
- * It's used as a pointer to dynamically created message buffer in
- * send_control_event_string_replacement function, which mocks
- * send_control_event_string function.
- *
- * Always free it after use! */
-static char *received_msg = NULL;
-
-/** Mock function for send_control_event_string
- */
-static void
-queue_control_event_string_replacement(uint16_t event, char *msg)
-{
- (void) event;
- tor_free(received_msg);
- received_msg = msg;
-}
-
-/** Mock function for node_describe_longname_by_id, it returns either
- * STR_HSDIR_EXIST_LONGNAME or STR_HSDIR_NONE_EXIST_LONGNAME
- */
-static const char *
-node_describe_longname_by_id_replacement(const char *id_digest)
-{
- if (!strcmp(id_digest, HSDIR_EXIST_ID)) {
- return STR_HSDIR_EXIST_LONGNAME;
- } else {
- return STR_HSDIR_NONE_EXIST_LONGNAME;
- }
-}
-
-/** Test that we can parse a hardcoded v2 HS desc. */
-static void
-test_hs_parse_static_v2_desc(void *arg)
-{
- int ret;
- rend_encoded_v2_service_descriptor_t desc;
-
- (void) arg;
-
- /* Test an obviously not parseable string */
- desc.desc_str = tor_strdup("ceci n'est pas un HS descriptor");
- ret = rend_desc_v2_is_parsable(&desc);
- tor_free(desc.desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Test an actual descriptor */
- desc.desc_str = tor_strdup(hs_desc_content);
- ret = rend_desc_v2_is_parsable(&desc);
- tor_free(desc.desc_str);
- tt_int_op(ret, OP_EQ, 1);
-
- done: ;
-}
-
-/** Make sure each hidden service descriptor async event generation
- *
- * function generates the message in expected format.
- */
-static void
-test_hs_desc_event(void *arg)
-{
- #define STR_HS_ADDR "ajhb7kljbiru65qo"
- #define STR_HS_CONTENT_DESC_ID "g5ojobzupf275beh5ra72uyhb3dkpxwg"
- #define STR_DESC_ID_BASE32 "hba3gmcgpfivzfhx5rtfqkfdhv65yrj3"
-
- int ret;
- rend_data_v2_t rend_query;
- const char *expected_msg;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
-
- (void) arg;
- MOCK(queue_control_event_string,
- queue_control_event_string_replacement);
- MOCK(node_describe_longname_by_id,
- node_describe_longname_by_id_replacement);
-
- /* setup rend_query struct */
- memset(&rend_query, 0, sizeof(rend_query));
- rend_query.base_.version = 2;
- strncpy(rend_query.onion_address, STR_HS_ADDR,
- REND_SERVICE_ID_LEN_BASE32+1);
- rend_query.auth_type = REND_NO_AUTH;
- rend_query.base_.hsdirs_fp = smartlist_new();
- smartlist_add(rend_query.base_.hsdirs_fp, tor_memdup(HSDIR_EXIST_ID,
- DIGEST_LEN));
-
- /* Compute descriptor ID for replica 0, should be STR_DESC_ID_BASE32. */
- ret = rend_compute_v2_desc_id(rend_query.descriptor_id[0],
- rend_query.onion_address,
- NULL, 0, 0);
- tt_int_op(ret, OP_EQ, 0);
- base32_encode(desc_id_base32, sizeof(desc_id_base32),
- rend_query.descriptor_id[0], DIGEST_LEN);
- /* Make sure rend_compute_v2_desc_id works properly. */
- tt_mem_op(desc_id_base32, OP_EQ, STR_DESC_ID_BASE32,
- sizeof(desc_id_base32));
-
- /* test request event */
- control_event_hs_descriptor_requested(rend_query.onion_address,
- rend_query.auth_type, HSDIR_EXIST_ID,
- STR_DESC_ID_BASE32, NULL);
- expected_msg = "650 HS_DESC REQUESTED "STR_HS_ADDR" NO_AUTH "\
- STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32 "\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* test received event */
- rend_query.auth_type = REND_BASIC_AUTH;
- control_event_hsv2_descriptor_received(rend_query.onion_address,
- &rend_query.base_, HSDIR_EXIST_ID);
- expected_msg = "650 HS_DESC RECEIVED "STR_HS_ADDR" BASIC_AUTH "\
- STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32"\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* test failed event */
- rend_query.auth_type = REND_STEALTH_AUTH;
- control_event_hsv2_descriptor_failed(&rend_query.base_,
- HSDIR_NONE_EXIST_ID,
- "QUERY_REJECTED");
- expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" STEALTH_AUTH "\
- STR_HSDIR_NONE_EXIST_LONGNAME" REASON=QUERY_REJECTED\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* test invalid auth type */
- rend_query.auth_type = 999;
- control_event_hsv2_descriptor_failed(&rend_query.base_,
- HSDIR_EXIST_ID,
- "QUERY_REJECTED");
- expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" UNKNOWN "\
- STR_HSDIR_EXIST_LONGNAME " " STR_DESC_ID_BASE32\
- " REASON=QUERY_REJECTED\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* test no HSDir fingerprint type */
- rend_query.auth_type = REND_NO_AUTH;
- control_event_hsv2_descriptor_failed(&rend_query.base_, NULL,
- "QUERY_NO_HSDIR");
- expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" NO_AUTH " \
- "UNKNOWN REASON=QUERY_NO_HSDIR\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* test HSDir rate limited */
- rend_query.auth_type = REND_NO_AUTH;
- control_event_hsv2_descriptor_failed(&rend_query.base_, NULL,
- "QUERY_RATE_LIMITED");
- expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" NO_AUTH " \
- "UNKNOWN REASON=QUERY_RATE_LIMITED\r\n";
- tt_assert(received_msg);
- tt_str_op(received_msg,OP_EQ, expected_msg);
- tor_free(received_msg);
-
- /* Test invalid content with no HSDir fingerprint. */
- char *exp_msg;
- control_event_hs_descriptor_content(rend_query.onion_address,
- STR_HS_CONTENT_DESC_ID, NULL, NULL);
- tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " "\
- STR_HS_CONTENT_DESC_ID " UNKNOWN" \
- "\r\n\r\n.\r\n650 OK\r\n");
- tt_assert(received_msg);
- tt_str_op(received_msg, OP_EQ, exp_msg);
- tor_free(received_msg);
- tor_free(exp_msg);
-
- /* test valid content. */
- control_event_hs_descriptor_content(rend_query.onion_address,
- STR_HS_CONTENT_DESC_ID, HSDIR_EXIST_ID,
- hs_desc_content_control);
- tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " "\
- STR_HS_CONTENT_DESC_ID " " STR_HSDIR_EXIST_LONGNAME\
- "\r\n%s\r\n.\r\n650 OK\r\n", hs_desc_content_control);
-
- tt_assert(received_msg);
- tt_str_op(received_msg, OP_EQ, exp_msg);
- tor_free(received_msg);
- tor_free(exp_msg);
- SMARTLIST_FOREACH(rend_query.base_.hsdirs_fp, char *, d, tor_free(d));
- smartlist_free(rend_query.base_.hsdirs_fp);
-
- done:
- UNMOCK(queue_control_event_string);
- UNMOCK(node_describe_longname_by_id);
- tor_free(received_msg);
-}
-
-/* Make sure rend_data_t is valid at creation, destruction and when
- * duplicated. */
-static void
-test_hs_rend_data(void *arg)
-{
- int rep;
- rend_data_t *client = NULL, *client_dup = NULL;
- /* Binary format of a descriptor ID. */
- char desc_id[DIGEST_LEN];
- char client_cookie[REND_DESC_COOKIE_LEN];
- time_t now = time(NULL);
- rend_data_t *service_dup = NULL;
- rend_data_t *service = NULL;
-
- (void)arg;
-
- base32_decode(desc_id, sizeof(desc_id), STR_DESC_ID_BASE32,
- REND_DESC_ID_V2_LEN_BASE32);
- memset(client_cookie, 'e', sizeof(client_cookie));
-
- client = rend_data_client_create(STR_HS_ADDR, desc_id, client_cookie,
- REND_NO_AUTH);
- tt_assert(client);
- rend_data_v2_t *client_v2 = TO_REND_DATA_V2(client);
- tt_int_op(client_v2->auth_type, OP_EQ, REND_NO_AUTH);
- tt_str_op(client_v2->onion_address, OP_EQ, STR_HS_ADDR);
- tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id));
- tt_mem_op(client_v2->descriptor_cookie, OP_EQ, client_cookie,
- sizeof(client_cookie));
- tt_assert(client->hsdirs_fp);
- tt_int_op(smartlist_len(client->hsdirs_fp), OP_EQ, 0);
- for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
- int ret = rend_compute_v2_desc_id(desc_id, client_v2->onion_address,
- client_v2->descriptor_cookie, now, rep);
- /* That shouldn't never fail. */
- tt_int_op(ret, OP_EQ, 0);
- tt_mem_op(client_v2->descriptor_id[rep], OP_EQ, desc_id,
- sizeof(desc_id));
- }
- /* The rest should be zeroed because this is a client request. */
- tt_int_op(tor_digest_is_zero(client_v2->rend_pk_digest), OP_EQ, 1);
- tt_int_op(tor_digest_is_zero(client->rend_cookie), OP_EQ, 1);
-
- /* Test dup(). */
- client_dup = rend_data_dup(client);
- tt_assert(client_dup);
- rend_data_v2_t *client_dup_v2 = TO_REND_DATA_V2(client_dup);
- tt_int_op(client_dup_v2->auth_type, OP_EQ, client_v2->auth_type);
- tt_str_op(client_dup_v2->onion_address, OP_EQ, client_v2->onion_address);
- tt_mem_op(client_dup_v2->desc_id_fetch, OP_EQ, client_v2->desc_id_fetch,
- sizeof(client_dup_v2->desc_id_fetch));
- tt_mem_op(client_dup_v2->descriptor_cookie, OP_EQ,
- client_v2->descriptor_cookie,
- sizeof(client_dup_v2->descriptor_cookie));
-
- tt_assert(client_dup->hsdirs_fp);
- tt_int_op(smartlist_len(client_dup->hsdirs_fp), OP_EQ, 0);
- for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
- tt_mem_op(client_dup_v2->descriptor_id[rep], OP_EQ,
- client_v2->descriptor_id[rep], DIGEST_LEN);
- }
- /* The rest should be zeroed because this is a client request. */
- tt_int_op(tor_digest_is_zero(client_dup_v2->rend_pk_digest), OP_EQ, 1);
- tt_int_op(tor_digest_is_zero(client_dup->rend_cookie), OP_EQ, 1);
- rend_data_free(client);
- client = NULL;
- rend_data_free(client_dup);
- client_dup = NULL;
-
- /* Reset state. */
- base32_decode(desc_id, sizeof(desc_id), STR_DESC_ID_BASE32,
- REND_DESC_ID_V2_LEN_BASE32);
- memset(client_cookie, 'e', sizeof(client_cookie));
-
- /* Try with different parameters here for which some content should be
- * zeroed out. */
- client = rend_data_client_create(NULL, desc_id, NULL, REND_BASIC_AUTH);
- tt_assert(client);
- client_v2 = TO_REND_DATA_V2(client);
- tt_int_op(client_v2->auth_type, OP_EQ, REND_BASIC_AUTH);
- tt_int_op(strlen(client_v2->onion_address), OP_EQ, 0);
- tt_mem_op(client_v2->desc_id_fetch, OP_EQ, desc_id, sizeof(desc_id));
- tt_int_op(fast_mem_is_zero(client_v2->descriptor_cookie,
- sizeof(client_v2->descriptor_cookie)), OP_EQ, 1);
- tt_assert(client->hsdirs_fp);
- tt_int_op(smartlist_len(client->hsdirs_fp), OP_EQ, 0);
- for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
- tt_int_op(tor_digest_is_zero(client_v2->descriptor_id[rep]), OP_EQ, 1);
- }
- /* The rest should be zeroed because this is a client request. */
- tt_int_op(tor_digest_is_zero(client_v2->rend_pk_digest), OP_EQ, 1);
- tt_int_op(tor_digest_is_zero(client->rend_cookie), OP_EQ, 1);
- rend_data_free(client);
- client = NULL;
-
- /* Let's test the service object now. */
- char rend_pk_digest[DIGEST_LEN];
- uint8_t rend_cookie[DIGEST_LEN];
- memset(rend_pk_digest, 'f', sizeof(rend_pk_digest));
- memset(rend_cookie, 'g', sizeof(rend_cookie));
-
- service = rend_data_service_create(STR_HS_ADDR, rend_pk_digest,
- rend_cookie, REND_NO_AUTH);
- tt_assert(service);
- rend_data_v2_t *service_v2 = TO_REND_DATA_V2(service);
- tt_int_op(service_v2->auth_type, OP_EQ, REND_NO_AUTH);
- tt_str_op(service_v2->onion_address, OP_EQ, STR_HS_ADDR);
- tt_mem_op(service_v2->rend_pk_digest, OP_EQ, rend_pk_digest,
- sizeof(rend_pk_digest));
- tt_mem_op(service->rend_cookie, OP_EQ, rend_cookie, sizeof(rend_cookie));
- tt_assert(service->hsdirs_fp);
- tt_int_op(smartlist_len(service->hsdirs_fp), OP_EQ, 0);
- for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
- tt_int_op(tor_digest_is_zero(service_v2->descriptor_id[rep]), OP_EQ, 1);
- }
- /* The rest should be zeroed because this is a service request. */
- tt_int_op(tor_digest_is_zero(service_v2->descriptor_cookie), OP_EQ, 1);
- tt_int_op(tor_digest_is_zero(service_v2->desc_id_fetch), OP_EQ, 1);
-
- /* Test dup(). */
- service_dup = rend_data_dup(service);
- rend_data_v2_t *service_dup_v2 = TO_REND_DATA_V2(service_dup);
- tt_assert(service_dup);
- tt_int_op(service_dup_v2->auth_type, OP_EQ, service_v2->auth_type);
- tt_str_op(service_dup_v2->onion_address, OP_EQ, service_v2->onion_address);
- tt_mem_op(service_dup_v2->rend_pk_digest, OP_EQ, service_v2->rend_pk_digest,
- sizeof(service_dup_v2->rend_pk_digest));
- tt_mem_op(service_dup->rend_cookie, OP_EQ, service->rend_cookie,
- sizeof(service_dup->rend_cookie));
- tt_assert(service_dup->hsdirs_fp);
- tt_int_op(smartlist_len(service_dup->hsdirs_fp), OP_EQ, 0);
- for (rep = 0; rep < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; rep++) {
- tt_assert(tor_digest_is_zero(service_dup_v2->descriptor_id[rep]));
- }
- /* The rest should be zeroed because this is a service request. */
- tt_int_op(tor_digest_is_zero(service_dup_v2->descriptor_cookie), OP_EQ, 1);
- tt_int_op(tor_digest_is_zero(service_dup_v2->desc_id_fetch), OP_EQ, 1);
-
- done:
- rend_data_free(service);
- rend_data_free(service_dup);
- rend_data_free(client);
- rend_data_free(client_dup);
-}
-
-/* Test encoding and decoding service authorization cookies */
-static void
-test_hs_auth_cookies(void *arg)
-{
-#define TEST_COOKIE_RAW ((const uint8_t *) "abcdefghijklmnop")
-#define TEST_COOKIE_ENCODED "YWJjZGVmZ2hpamtsbW5vcA"
-#define TEST_COOKIE_ENCODED_STEALTH "YWJjZGVmZ2hpamtsbW5vcB"
-#define TEST_COOKIE_ENCODED_INVALID "YWJjZGVmZ2hpamtsbW5vcD"
-
- char *encoded_cookie = NULL;
- uint8_t raw_cookie[REND_DESC_COOKIE_LEN];
- rend_auth_type_t auth_type;
- char *err_msg = NULL;
- int re;
-
- (void)arg;
-
- /* Test that encoding gives the expected result */
- encoded_cookie = rend_auth_encode_cookie(TEST_COOKIE_RAW, REND_BASIC_AUTH);
- tt_str_op(encoded_cookie, OP_EQ, TEST_COOKIE_ENCODED);
- tor_free(encoded_cookie);
-
- encoded_cookie = rend_auth_encode_cookie(TEST_COOKIE_RAW, REND_STEALTH_AUTH);
- tt_str_op(encoded_cookie, OP_EQ, TEST_COOKIE_ENCODED_STEALTH);
- tor_free(encoded_cookie);
-
- /* Decoding should give the original value */
- re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED, raw_cookie, &auth_type,
- &err_msg);
- tt_assert(!re);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
- tt_int_op(auth_type, OP_EQ, REND_BASIC_AUTH);
- memset(raw_cookie, 0, sizeof(raw_cookie));
-
- re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED_STEALTH, raw_cookie,
- &auth_type, &err_msg);
- tt_assert(!re);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
- tt_int_op(auth_type, OP_EQ, REND_STEALTH_AUTH);
- memset(raw_cookie, 0, sizeof(raw_cookie));
-
- /* Decoding with padding characters should also work */
- re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED "==", raw_cookie, NULL,
- &err_msg);
- tt_assert(!re);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_mem_op(raw_cookie, OP_EQ, TEST_COOKIE_RAW, REND_DESC_COOKIE_LEN);
-
- /* Decoding with an unknown type should fail */
- re = rend_auth_decode_cookie(TEST_COOKIE_ENCODED_INVALID, raw_cookie,
- &auth_type, &err_msg);
- tt_int_op(re, OP_LT, 0);
- tt_assert(err_msg);
- tor_free(err_msg);
-
- done:
- tor_free(encoded_cookie);
- tor_free(err_msg);
-
- return;
-}
-
-static int mock_get_options_calls = 0;
-static or_options_t *mock_options = NULL;
-
-static void
-reset_options(or_options_t *options, int *get_options_calls)
-{
- memset(options, 0, sizeof(or_options_t));
- options->TestingTorNetwork = 1;
-
- *get_options_calls = 0;
-}
-
-static const or_options_t *
-mock_get_options(void)
-{
- ++mock_get_options_calls;
- tor_assert(mock_options);
- return mock_options;
-}
-
-/* arg can't be 0 (the test fails) or 2 (the test is skipped) */
-#define CREATE_HS_DIR_NONE ((intptr_t)0x04)
-#define CREATE_HS_DIR1 ((intptr_t)0x08)
-#define CREATE_HS_DIR2 ((intptr_t)0x10)
-
-/* Test that single onion poisoning works. */
-static void
-test_single_onion_poisoning(void *arg)
-{
- or_options_t opt;
- mock_options = &opt;
- reset_options(mock_options, &mock_get_options_calls);
- MOCK(get_options, mock_get_options);
-
- int ret = -1;
- intptr_t create_dir_mask = (intptr_t)arg;
- /* Get directories with a random suffix so we can repeat the tests */
- mock_options->DataDirectory = tor_strdup(get_fname_rnd("test_data_dir"));
- rend_service_t *service_1 = tor_malloc_zero(sizeof(rend_service_t));
- char *dir1 = tor_strdup(get_fname_rnd("test_hs_dir1"));
- rend_service_t *service_2 = tor_malloc_zero(sizeof(rend_service_t));
- char *dir2 = tor_strdup(get_fname_rnd("test_hs_dir2"));
- smartlist_t *services = smartlist_new();
- char *poison_path = NULL;
- char *err_msg = NULL;
-
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
-
- /* Create the data directory, and, if the correct bit in arg is set,
- * create a directory for that service.
- * The data directory is required for the lockfile, which is used when
- * loading keys. */
- ret = check_private_dir(mock_options->DataDirectory, CPD_CREATE, NULL);
- tt_int_op(ret, OP_EQ, 0);
- if (create_dir_mask & CREATE_HS_DIR1) {
- ret = check_private_dir(dir1, CPD_CREATE, NULL);
- tt_int_op(ret, OP_EQ, 0);
- }
- if (create_dir_mask & CREATE_HS_DIR2) {
- ret = check_private_dir(dir2, CPD_CREATE, NULL);
- tt_int_op(ret, OP_EQ, 0);
- }
-
- service_1->directory = dir1;
- service_2->directory = dir2;
- /* The services own the directory pointers now */
- dir1 = dir2 = NULL;
- /* Add port to service 1 */
- service_1->ports = smartlist_new();
- service_2->ports = smartlist_new();
- hs_port_config_t *port1 = hs_parse_port_config("80", " ", &err_msg);
- tt_assert(port1);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- smartlist_add(service_1->ports, port1);
-
- hs_port_config_t *port2 = hs_parse_port_config("90", " ", &err_msg);
- /* Add port to service 2 */
- tt_assert(port2);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- smartlist_add(service_2->ports, port2);
-
- /* No services, a service to verify, no problem! */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Either way, no problem. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Add the first service */
- ret = hs_check_service_private_dir(mock_options->User, service_1->directory,
- service_1->dir_group_readable, 1);
- tt_int_op(ret, OP_EQ, 0);
- smartlist_add(services, service_1);
- /* But don't add the second service yet. */
-
- /* Service directories, but no previous keys, no problem! */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Either way, no problem. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Poison! Poison! Poison!
- * This can only be done in HiddenServiceSingleHopMode. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_poison_new_single_onion_dir(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- /* Poisoning twice is a no-op. */
- ret = rend_service_poison_new_single_onion_dir(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Poisoned service directories, but no previous keys, no problem! */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Either way, no problem. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Now add some keys, and we'll have a problem. */
- ret = rend_service_load_all_keys(services);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Poisoned service directories with previous keys are not allowed. */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_LT, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* But they are allowed if we're in non-anonymous mode. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Re-poisoning directories with existing keys is a no-op, because
- * directories with existing keys are ignored. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_poison_new_single_onion_dir(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- /* And it keeps the poison. */
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Now add the second service: it has no key and no poison file */
- ret = hs_check_service_private_dir(mock_options->User, service_2->directory,
- service_2->dir_group_readable, 1);
- tt_int_op(ret, OP_EQ, 0);
- smartlist_add(services, service_2);
-
- /* A new service, and an existing poisoned service. Not ok. */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_LT, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* But ok to add in non-anonymous mode. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Now remove the poisoning from the first service, and we have the opposite
- * problem. */
- poison_path = rend_service_sos_poison_path(service_1);
- tt_assert(poison_path);
- ret = unlink(poison_path);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Unpoisoned service directories with previous keys are ok, as are empty
- * directories. */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* But the existing unpoisoned key is not ok in non-anonymous mode, even if
- * there is an empty service. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_LT, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Poisoning directories with existing keys is a no-op, because directories
- * with existing keys are ignored. But the new directory should poison. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_poison_new_single_onion_dir(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_poison_new_single_onion_dir(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- /* And the old directory remains unpoisoned. */
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_LT, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* And the new directory should be ignored, because it has no key. */
- mock_options->HiddenServiceSingleHopMode = 0;
- mock_options->HiddenServiceNonAnonymousMode = 0;
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- /* Re-poisoning directories without existing keys is a no-op. */
- mock_options->HiddenServiceSingleHopMode = 1;
- mock_options->HiddenServiceNonAnonymousMode = 1;
- ret = rend_service_poison_new_single_onion_dir(service_1, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- ret = rend_service_poison_new_single_onion_dir(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
- /* And the old directory remains unpoisoned. */
- ret = rend_service_verify_single_onion_poison(service_1, mock_options);
- tt_int_op(ret, OP_LT, 0);
- ret = rend_service_verify_single_onion_poison(service_2, mock_options);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- /* The test harness deletes the directories at exit */
- tor_free(poison_path);
- tor_free(dir1);
- tor_free(dir2);
- smartlist_free(services);
- rend_service_free(service_1);
- rend_service_free(service_2);
- UNMOCK(get_options);
- tor_free(mock_options->DataDirectory);
- tor_free(err_msg);
-}
-
-static rend_service_t *
-helper_create_rend_service(const char *path)
-{
- rend_service_t *s = tor_malloc_zero(sizeof(rend_service_t));
- s->ports = smartlist_new();
- s->intro_nodes = smartlist_new();
- s->expiring_nodes = smartlist_new();
- if (path) {
- s->directory = tor_strdup(path);
- }
- return s;
-}
-
-static void
-test_prune_services_on_reload(void *arg)
-{
- smartlist_t *new = smartlist_new(), *old = smartlist_new();
- /* Non ephemeral service. */
- rend_service_t *s1 = helper_create_rend_service("SomePath");
- /* Create a non ephemeral service with the _same_ path as so we can test the
- * transfer of introduction point between the same services on reload. */
- rend_service_t *s2 = helper_create_rend_service(s1->directory);
- /* Ephemeral service (directory is NULL). */
- rend_service_t *e1 = helper_create_rend_service(NULL);
- rend_service_t *e2 = helper_create_rend_service(NULL);
-
- (void) arg;
-
- {
- /* Add both services to the old list. */
- smartlist_add(old, s1);
- smartlist_add(old, e1);
- /* Only put the non ephemeral in the new list. */
- smartlist_add(new, s1);
- set_rend_service_list(old);
- set_rend_rend_service_staging_list(new);
- rend_service_prune_list_impl_();
- /* We expect that the ephemeral one is in the new list but removed from
- * the old one. */
- tt_int_op(smartlist_len(old), OP_EQ, 1);
- tt_assert(smartlist_get(old, 0) == s1);
- tt_int_op(smartlist_len(new), OP_EQ, 2);
- tt_assert(smartlist_get(new, 0) == s1);
- tt_assert(smartlist_get(new, 1) == e1);
- /* Cleanup for next test. */
- smartlist_clear(new);
- smartlist_clear(old);
- }
-
- {
- /* This test will make sure that only the ephemeral service is kept if the
- * new list is empty. The old list should contain only the non ephemeral
- * one. */
- smartlist_add(old, s1);
- smartlist_add(old, e1);
- set_rend_service_list(old);
- set_rend_rend_service_staging_list(new);
- rend_service_prune_list_impl_();
- tt_int_op(smartlist_len(old), OP_EQ, 1);
- tt_assert(smartlist_get(old, 0) == s1);
- tt_int_op(smartlist_len(new), OP_EQ, 1);
- tt_assert(smartlist_get(new, 0) == e1);
- /* Cleanup for next test. */
- smartlist_clear(new);
- smartlist_clear(old);
- }
-
- {
- /* This test makes sure that the new list stays the same even from the old
- * list being completely different. */
- smartlist_add(new, s1);
- smartlist_add(new, e1);
- set_rend_service_list(old);
- set_rend_rend_service_staging_list(new);
- rend_service_prune_list_impl_();
- tt_int_op(smartlist_len(old), OP_EQ, 0);
- tt_int_op(smartlist_len(new), OP_EQ, 2);
- tt_assert(smartlist_get(new, 0) == s1);
- tt_assert(smartlist_get(new, 1) == e1);
- /* Cleanup for next test. */
- smartlist_clear(new);
- }
-
- {
- rend_intro_point_t ip1;
- /* This IP should be found in the s2 service after pruning. */
- smartlist_add(s1->intro_nodes, &ip1);
- /* Setup our list. */
- smartlist_add(old, s1);
- smartlist_add(new, s2);
- set_rend_service_list(old);
- set_rend_rend_service_staging_list(new);
- rend_service_prune_list_impl_();
- tt_int_op(smartlist_len(old), OP_EQ, 1);
- /* Intro nodes have been moved to the s2 in theory so it must be empty. */
- tt_int_op(smartlist_len(s1->intro_nodes), OP_EQ, 0);
- tt_int_op(smartlist_len(new), OP_EQ, 1);
- rend_service_t *elem = smartlist_get(new, 0);
- tt_assert(elem);
- tt_assert(elem == s2);
- tt_int_op(smartlist_len(elem->intro_nodes), OP_EQ, 1);
- tt_assert(smartlist_get(elem->intro_nodes, 0) == &ip1);
- smartlist_clear(s1->intro_nodes);
- smartlist_clear(s2->intro_nodes);
- /* Cleanup for next test. */
- smartlist_clear(new);
- smartlist_clear(old);
- }
-
- {
- /* Test two ephemeral services. */
- smartlist_add(old, e1);
- smartlist_add(old, e2);
- set_rend_service_list(old);
- set_rend_rend_service_staging_list(new);
- rend_service_prune_list_impl_();
- /* Check if they've all been transferred. */
- tt_int_op(smartlist_len(old), OP_EQ, 0);
- tt_int_op(smartlist_len(new), OP_EQ, 2);
- }
-
- done:
- rend_service_free(s1);
- rend_service_free(s2);
- rend_service_free(e1);
- rend_service_free(e2);
- smartlist_free(new);
- smartlist_free(old);
-}
-
-struct testcase_t hs_tests[] = {
- { "hs_rend_data", test_hs_rend_data, TT_FORK,
- NULL, NULL },
- { "hs_parse_static_v2_desc", test_hs_parse_static_v2_desc, TT_FORK,
- NULL, NULL },
- { "hs_desc_event", test_hs_desc_event, TT_FORK,
- NULL, NULL },
- { "hs_auth_cookies", test_hs_auth_cookies, TT_FORK,
- NULL, NULL },
- { "single_onion_poisoning_create_dir_none", test_single_onion_poisoning,
- TT_FORK, &passthrough_setup, (void*)(CREATE_HS_DIR_NONE) },
- { "single_onion_poisoning_create_dir1", test_single_onion_poisoning,
- TT_FORK, &passthrough_setup, (void*)(CREATE_HS_DIR1) },
- { "single_onion_poisoning_create_dir2", test_single_onion_poisoning,
- TT_FORK, &passthrough_setup, (void*)(CREATE_HS_DIR2) },
- { "single_onion_poisoning_create_dir_both", test_single_onion_poisoning,
- TT_FORK, &passthrough_setup, (void*)(CREATE_HS_DIR1 | CREATE_HS_DIR2) },
- { "prune_services_on_reload", test_prune_services_on_reload, TT_FORK,
- NULL, NULL },
-
- END_OF_TESTCASES
-};
diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c
index df96b2c791..c3e0eee691 100644
--- a/src/test/test_hs_cache.c
+++ b/src/test/test_hs_cache.c
@@ -14,7 +14,6 @@
#include "trunnel/ed25519_cert.h"
#include "feature/hs/hs_cache.h"
-#include "feature/rend/rendcache.h"
#include "feature/dircache/dircache.h"
#include "feature/dirclient/dirclient.h"
#include "feature/nodelist/networkstatus.h"
@@ -51,8 +50,6 @@ init_test(void)
{
/* Always needed. Initialize the subsystem. */
hs_cache_init();
- /* We need the v2 cache since our OOM and cache cleanup does poke at it. */
- rend_cache_init();
}
static void
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index f59b3a59cd..7df9fc5d31 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -19,7 +19,6 @@
#include "test/test.h"
#include "test/test_helpers.h"
#include "test/log_test_helpers.h"
-#include "test/rend_test_helpers.h"
#include "test/hs_test_helpers.h"
#include "app/config/config.h"
@@ -38,7 +37,6 @@
#include "feature/hs/hs_config.h"
#include "feature/hs/hs_ident.h"
#include "feature/hs/hs_cache.h"
-#include "feature/rend/rendcache.h"
#include "core/or/circuitlist.h"
#include "core/or/circuitbuild.h"
#include "core/or/extendinfo.h"
@@ -137,12 +135,9 @@ helper_add_random_client_auth(const ed25519_public_key_t *service_pk)
* hidden service. */
static int
helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
- connection_t **conn_out,
- int is_legacy)
+ connection_t **conn_out)
{
- int retval;
channel_tls_t *n_chan=NULL;
- rend_data_t *conn_rend_data = NULL;
origin_circuit_t *or_circ = NULL;
connection_t *conn = NULL;
ed25519_public_key_t service_pk;
@@ -151,20 +146,13 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
conn = test_conn_get_connection(AP_CONN_STATE_CIRCUIT_WAIT,
CONN_TYPE_AP /* ??? */,
0);
- if (is_legacy) {
- /* Legacy: Setup rend_data of stream */
- char service_id[REND_SERVICE_ID_LEN_BASE32+1] = {0};
- TO_EDGE_CONN(conn)->rend_data = mock_rend_data(service_id);
- conn_rend_data = TO_EDGE_CONN(conn)->rend_data;
- } else {
- /* prop224: Setup hs conn identifier on the stream */
- ed25519_secret_key_t sk;
- tt_int_op(0, OP_EQ, ed25519_secret_key_generate(&sk, 0));
- tt_int_op(0, OP_EQ, ed25519_public_key_generate(&service_pk, &sk));
-
- /* Setup hs_conn_identifier of stream */
- TO_EDGE_CONN(conn)->hs_ident = hs_ident_edge_conn_new(&service_pk);
- }
+ /* prop224: Setup hs conn identifier on the stream */
+ ed25519_secret_key_t sk;
+ tt_int_op(0, OP_EQ, ed25519_secret_key_generate(&sk, 0));
+ tt_int_op(0, OP_EQ, ed25519_public_key_generate(&service_pk, &sk));
+
+ /* Setup hs_conn_identifier of stream */
+ TO_EDGE_CONN(conn)->hs_ident = hs_ident_edge_conn_new(&service_pk);
/* Make it wait for circuit */
connection_ap_mark_as_pending_circuit(TO_ENTRY_CONN(conn));
@@ -184,23 +172,8 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
or_circ->build_state->is_internal = 1;
- if (is_legacy) {
- /* Legacy: Setup rend data and final cpath */
- or_circ->build_state->pending_final_cpath =
- tor_malloc_zero(sizeof(crypt_path_t));
- or_circ->build_state->pending_final_cpath->magic = CRYPT_PATH_MAGIC;
- or_circ->build_state->pending_final_cpath->rend_dh_handshake_state =
- crypto_dh_new(DH_TYPE_REND);
- tt_assert(
- or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
- retval = crypto_dh_generate_public(
- or_circ->build_state->pending_final_cpath->rend_dh_handshake_state);
- tt_int_op(retval, OP_EQ, 0);
- or_circ->rend_data = rend_data_dup(conn_rend_data);
- } else {
- /* prop224: Setup hs ident on the circuit */
- or_circ->hs_ident = hs_ident_circuit_new(&service_pk);
- }
+ /* prop224: Setup hs ident on the circuit */
+ or_circ->hs_ident = hs_ident_circuit_new(&service_pk);
TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN;
@@ -219,91 +192,6 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out,
return -1;
}
-/* Test: Ensure that setting up legacy e2e rendezvous circuits works
- * correctly. */
-static void
-test_e2e_rend_circuit_setup_legacy(void *arg)
-{
- ssize_t retval;
- origin_circuit_t *or_circ = NULL;
- connection_t *conn = NULL;
-
- (void) arg;
-
- /** In this test we create a v2 legacy HS stream and a circuit with the same
- * hidden service destination. We make the stream wait for circuits to be
- * established to the hidden service, and then we complete the circuit using
- * the hs_circuit_setup_e2e_rend_circ_legacy_client() function. We then
- * check that the end-to-end cpath was setup correctly and that the stream
- * was attached to the circuit as expected. */
-
- MOCK(connection_ap_handshake_send_begin,
- mock_connection_ap_handshake_send_begin);
-
- /* Setup */
- retval = helper_get_circ_and_stream_for_test( &or_circ, &conn, 1);
- tt_int_op(retval, OP_EQ, 0);
- tt_assert(or_circ);
- tt_assert(conn);
-
- /* Check number of hops */
- retval = cpath_get_n_hops(&or_circ->cpath);
- tt_int_op(retval, OP_EQ, 0);
-
- /* Check that our stream is not attached on any circuits */
- tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, NULL);
-
- /********************************************** */
-
- /* Make a good RENDEZVOUS1 cell body because it needs to pass key exchange
- * digest verification... */
- uint8_t rend_cell_body[DH1024_KEY_LEN+DIGEST_LEN] = {2};
- {
- char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];
- crypto_dh_t *dh_state =
- or_circ->build_state->pending_final_cpath->rend_dh_handshake_state;
- /* compute and overwrite digest of cell body with the right value */
- retval = crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh_state,
- (char*)rend_cell_body, DH1024_KEY_LEN,
- keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN);
- tt_int_op(retval, OP_GT, 0);
- memcpy(rend_cell_body+DH1024_KEY_LEN, keys, DIGEST_LEN);
- }
-
- /* Setup the circuit */
- retval = hs_circuit_setup_e2e_rend_circ_legacy_client(or_circ,
- rend_cell_body);
- tt_int_op(retval, OP_EQ, 0);
-
- /**********************************************/
-
- /* See that a hop was added to the circuit's cpath */
- retval = cpath_get_n_hops(&or_circ->cpath);
- tt_int_op(retval, OP_EQ, 1);
-
- /* Check the digest algo */
- tt_int_op(
- crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest),
- OP_EQ, DIGEST_SHA1);
- tt_int_op(
- crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest),
- OP_EQ, DIGEST_SHA1);
- tt_assert(or_circ->cpath->pvt_crypto.f_crypto);
- tt_assert(or_circ->cpath->pvt_crypto.b_crypto);
-
- /* Ensure that circ purpose was changed */
- tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED);
-
- /* Test that stream got attached */
- tt_ptr_op(TO_EDGE_CONN(conn)->on_circuit, OP_EQ, TO_CIRCUIT(or_circ));
-
- done:
- connection_free_minimal(conn);
- if (or_circ)
- tor_free(TO_CIRCUIT(or_circ)->n_chan);
- circuit_free_(TO_CIRCUIT(or_circ));
-}
-
/* Test: Ensure that setting up v3 rendezvous circuits works correctly. */
static void
test_e2e_rend_circuit_setup(void *arg)
@@ -326,7 +214,7 @@ test_e2e_rend_circuit_setup(void *arg)
mock_connection_ap_handshake_send_begin);
/* Setup */
- retval = helper_get_circ_and_stream_for_test(&or_circ, &conn, 0);
+ retval = helper_get_circ_and_stream_for_test(&or_circ, &conn);
tt_int_op(retval, OP_EQ, 0);
tt_assert(or_circ);
tt_assert(conn);
@@ -974,7 +862,6 @@ test_close_intro_circuits_new_desc(void *arg)
(void) arg;
hs_init();
- rend_cache_init();
/* This is needed because of the client cache expiration timestamp is based
* on having a consensus. See cached_client_descriptor_has_expired(). */
@@ -1120,7 +1007,6 @@ test_close_intro_circuits_cache_clean(void *arg)
(void) arg;
hs_init();
- rend_cache_init();
/* This is needed because of the client cache expiration timestamp is based
* on having a consensus. See cached_client_descriptor_has_expired(). */
@@ -1189,7 +1075,6 @@ test_close_intro_circuits_cache_clean(void *arg)
circuit_free(circ);
hs_descriptor_free(desc1);
hs_free_all();
- rend_cache_free_all();
UNMOCK(networkstatus_get_reasonably_live_consensus);
}
@@ -1554,8 +1439,6 @@ test_purge_ephemeral_client_auth(void *arg)
}
struct testcase_t hs_client_tests[] = {
- { "e2e_rend_circuit_setup_legacy", test_e2e_rend_circuit_setup_legacy,
- TT_FORK, NULL, NULL },
{ "e2e_rend_circuit_setup", test_e2e_rend_circuit_setup,
TT_FORK, NULL, NULL },
{ "client_pick_intro", test_client_pick_intro,
diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c
index dc3b598c34..104e5effbb 100644
--- a/src/test/test_hs_config.c
+++ b/src/test/test_hs_config.c
@@ -18,7 +18,6 @@
#include "feature/hs/hs_common.h"
#include "feature/hs/hs_config.h"
#include "feature/hs/hs_service.h"
-#include "feature/rend/rendservice.h"
static int
helper_config_service(const char *conf, int validate_only)
@@ -49,7 +48,7 @@ test_invalid_service(void *arg)
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
tt_int_op(ret, OP_EQ, -1);
- expect_log_msg_containing("HiddenServiceVersion must be between 2 and 3");
+ expect_log_msg_containing("HiddenServiceVersion must be between 3 and 3");
teardown_capture_of_logs();
}
@@ -57,7 +56,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServiceAllowUnknownPorts 2\n"; /* Should be 0 or 1. */
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -72,7 +71,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServiceDirGroupReadable 2\n"; /* Should be 0 or 1. */
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -87,7 +86,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServiceMaxStreamsCloseCircuit 2\n"; /* Should be 0 or 1. */
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -102,7 +101,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServicePort 80\n"
"HiddenServiceMaxStreams 65536\n"; /* One too many. */
setup_full_capture_of_logs(LOG_WARN);
@@ -117,10 +116,10 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServicePort 80\n"
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServicePort 81\n";
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -134,7 +133,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServicePort 65536\n";
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -147,7 +146,7 @@ test_invalid_service(void *arg)
{
const char *conf =
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServicePort 80 127.0.0.1 8000\n";
setup_full_capture_of_logs(LOG_WARN);
ret = helper_config_service(conf, 1);
@@ -160,7 +159,7 @@ test_invalid_service(void *arg)
/* Out of order directives. */
{
const char *conf =
- "HiddenServiceVersion 2\n"
+ "HiddenServiceVersion 3\n"
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
"HiddenServicePort 80\n";
setup_full_capture_of_logs(LOG_WARN);
@@ -182,18 +181,11 @@ test_valid_service(void *arg)
(void) arg;
- /* Mix of v2 and v3. Still valid. */
{
const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
"HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs2\n"
"HiddenServiceVersion 3\n"
- "HiddenServicePort 81\n"
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 82\n";
+ "HiddenServicePort 81\n";
ret = helper_config_service(conf, 1);
tt_int_op(ret, OP_EQ, 0);
}
@@ -202,127 +194,6 @@ test_valid_service(void *arg)
;
}
-static void
-test_invalid_service_v2(void *arg)
-{
- int validate_only = 1, ret;
-
- (void) arg;
-
- /* Try with a missing port configuration. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n";
- setup_full_capture_of_logs(LOG_WARN);
- ret = helper_config_service(conf, validate_only);
- tt_int_op(ret, OP_EQ, -1);
- expect_log_msg_containing("with no ports configured.");
- teardown_capture_of_logs();
- }
-
- /* Too many introduction points. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
- "HiddenServiceNumIntroductionPoints 11\n"; /* One too many. */
- setup_full_capture_of_logs(LOG_WARN);
- ret = helper_config_service(conf, validate_only);
- tt_int_op(ret, OP_EQ, -1);
- expect_log_msg_containing("HiddenServiceNumIntroductionPoints must "
- "be between 0 and 10, not 11.");
- teardown_capture_of_logs();
- }
-
- /* Too little introduction points. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
- "HiddenServiceNumIntroductionPoints -1\n";
- setup_full_capture_of_logs(LOG_WARN);
- ret = helper_config_service(conf, validate_only);
- tt_int_op(ret, OP_EQ, -1);
- expect_log_msg_containing("Could not parse "
- "HiddenServiceNumIntroductionPoints: "
- "Integer -1 is malformed or out of bounds.");
- teardown_capture_of_logs();
- }
-
- /* Bad authorized client type. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
- "HiddenServiceAuthorizeClient blah alice,bob\n"; /* blah is no good. */
- setup_full_capture_of_logs(LOG_WARN);
- ret = helper_config_service(conf, validate_only);
- tt_int_op(ret, OP_EQ, -1);
- expect_log_msg_containing("HiddenServiceAuthorizeClient contains "
- "unrecognized auth-type");
- teardown_capture_of_logs();
- }
-
- done:
- ;
-}
-
-static void
-test_valid_service_v2(void *arg)
-{
- int ret;
-
- (void) arg;
- mock_hostname_resolver();
-
- /* Valid complex configuration. Basic client authorization. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
- "HiddenServicePort 22 localhost:22\n"
-#ifdef HAVE_SYS_UN_H
- "HiddenServicePort 42 unix:/path/to/socket\n"
-#endif
- "HiddenServiceAuthorizeClient basic alice,bob,eve\n"
- "HiddenServiceAllowUnknownPorts 1\n"
- "HiddenServiceMaxStreams 42\n"
- "HiddenServiceMaxStreamsCloseCircuit 0\n"
- "HiddenServiceDirGroupReadable 1\n"
- "HiddenServiceNumIntroductionPoints 7\n";
- ret = helper_config_service(conf, 1);
- tt_int_op(ret, OP_EQ, 0);
- }
-
- /* Valid complex configuration. Stealth client authorization. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs2\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 65535\n"
- "HiddenServicePort 22 1.1.1.1:22\n"
-#ifdef HAVE_SYS_UN_H
- "HiddenServicePort 9000 unix:/path/to/socket\n"
-#endif
- "HiddenServiceAuthorizeClient stealth charlie,romeo\n"
- "HiddenServiceAllowUnknownPorts 0\n"
- "HiddenServiceMaxStreams 42\n"
- "HiddenServiceMaxStreamsCloseCircuit 0\n"
- "HiddenServiceDirGroupReadable 1\n"
- "HiddenServiceNumIntroductionPoints 8\n";
- ret = helper_config_service(conf, 1);
- tt_int_op(ret, OP_EQ, 0);
- }
-
- done:
- unmock_hostname_resolver();
-}
-
static void
test_invalid_service_v3(void *arg)
{
@@ -438,22 +309,6 @@ test_valid_service_v3(void *arg)
tt_int_op(ret, OP_EQ, 0);
}
- /* Mix of v2 and v3. Still valid. */
- {
- const char *conf =
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 80\n"
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs2\n"
- "HiddenServiceVersion 3\n"
- "HiddenServicePort 81\n"
- "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs3\n"
- "HiddenServiceVersion 2\n"
- "HiddenServicePort 82\n";
- ret = helper_config_service(conf, 1);
- tt_int_op(ret, OP_EQ, 0);
- }
-
done:
unmock_hostname_resolver();
}
@@ -489,8 +344,6 @@ test_staging_service_v3(void *arg)
tt_int_op(ret, OP_EQ, 0);
/* Ok, we have a service in our map! Registration went well. */
tt_int_op(get_hs_service_staging_list_size(), OP_EQ, 1);
- /* Make sure we don't have a magic v2 service out of this. */
- tt_int_op(rend_num_services(), OP_EQ, 0);
done:
hs_free_all();
@@ -611,12 +464,6 @@ struct testcase_t hs_config_tests[] = {
{ "valid_service", test_valid_service, TT_FORK,
NULL, NULL },
- /* Test case only for version 2. */
- { "invalid_service_v2", test_invalid_service_v2, TT_FORK,
- NULL, NULL },
- { "valid_service_v2", test_valid_service_v2, TT_FORK,
- NULL, NULL },
-
/* Test case only for version 3. */
{ "invalid_service_v3", test_invalid_service_v3, TT_FORK,
NULL, NULL },
diff --git a/src/test/test_hs_control.c b/src/test/test_hs_control.c
index dfc1e5445e..e4999a4ed5 100644
--- a/src/test/test_hs_control.c
+++ b/src/test/test_hs_control.c
@@ -25,7 +25,6 @@
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_control.h"
#include "feature/nodelist/nodelist.h"
-#include "feature/rend/rendservice.h"
#include "feature/nodelist/node_st.h"
#include "feature/nodelist/routerstatus_st.h"
@@ -797,7 +796,7 @@ test_hs_control_add_onion_helper_add_service(void *arg)
hs_service_authorized_client_t *client_good, *client_bad;
smartlist_t *list_good, *list_bad;
hs_service_ht *global_map;
- rend_service_port_config_t *portcfg;
+ hs_port_config_t *portcfg;
smartlist_t *portcfgs;
char *address_out_good, *address_out_bad;
hs_service_t *service_good = NULL;
@@ -808,7 +807,7 @@ test_hs_control_add_onion_helper_add_service(void *arg)
hs_init();
global_map = get_hs_service_map();
- portcfg = rend_service_parse_port_config("8080", ",", NULL);
+ portcfg = hs_parse_port_config("8080", ",", NULL);
portcfgs = smartlist_new();
smartlist_add(portcfgs, portcfg);
@@ -831,7 +830,7 @@ test_hs_control_add_onion_helper_add_service(void *arg)
smartlist_add(list_good, client_good);
add_onion_helper_add_service(HS_VERSION_THREE, &sk_good, portcfgs, 1, 1,
- REND_V3_AUTH, NULL, list_good, &address_out_good);
+ list_good, &address_out_good);
service_good = find_service(global_map, &pk_good);
tt_int_op(smartlist_len(service_good->config.clients), OP_EQ, 1);
@@ -841,12 +840,12 @@ test_hs_control_add_onion_helper_add_service(void *arg)
list_bad = smartlist_new();
smartlist_add(list_bad, client_bad);
- portcfg = rend_service_parse_port_config("8080", ",", NULL);
+ portcfg = hs_parse_port_config("8080", ",", NULL);
portcfgs = smartlist_new();
smartlist_add(portcfgs, portcfg);
add_onion_helper_add_service(HS_VERSION_THREE, &sk_bad, portcfgs, 1, 1,
- REND_V3_AUTH, NULL, list_bad, &address_out_bad);
+ list_bad, &address_out_bad);
service_bad = find_service(global_map, &pk_bad);
diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c
index e6b27d7a50..d18de775ae 100644
--- a/src/test/test_hs_intropoint.c
+++ b/src/test/test_hs_intropoint.c
@@ -21,7 +21,6 @@
#include "core/or/circuituse.h"
#include "ht.h"
#include "core/or/relay.h"
-#include "feature/rend/rendservice.h"
#include "feature/hs/hs_cell.h"
#include "feature/hs/hs_circuitmap.h"
@@ -517,42 +516,6 @@ helper_establish_intro_v3(or_circuit_t *intro_circ)
return cell;
}
-/* Helper function: Send a well-formed v2 ESTABLISH_INTRO cell to
- * <b>intro_circ</b>. Return the public key advertised in the cell. */
-static crypto_pk_t *
-helper_establish_intro_v2(or_circuit_t *intro_circ)
-{
- crypto_pk_t *key1 = NULL;
- int retval;
- uint8_t cell_body[RELAY_PAYLOAD_SIZE];
- ssize_t cell_len = 0;
- char circ_nonce[DIGEST_LEN] = {0};
-
- tt_assert(intro_circ);
-
- /* Prepare the circuit for the incoming ESTABLISH_INTRO */
- crypto_rand(circ_nonce, sizeof(circ_nonce));
- helper_prepare_circ_for_intro(intro_circ, circ_nonce);
-
- /* Send legacy establish_intro */
- key1 = pk_generate(0);
-
- /* Use old circ_nonce why not */
- cell_len = rend_service_encode_establish_intro_cell(
- (char*)cell_body,
- sizeof(cell_body), key1,
- circ_nonce);
- tt_int_op(cell_len, OP_GT, 0);
-
- /* Receive legacy establish_intro */
- retval = hs_intro_received_establish_intro(intro_circ,
- cell_body, (size_t) cell_len);
- tt_int_op(retval, OP_EQ, 0);
-
- done:
- return key1;
-}
-
/* Helper function: test circuitmap free_all function outside of
* test_intro_point_registration to prevent Coverity from seeing a
* double free if the assertion hypothetically fails.
@@ -571,21 +534,17 @@ test_circuitmap_free_all(void)
;
}
-/** Successfully register a v2 intro point and a v3 intro point. Ensure that HS
+/** Successfully register a v3 intro point. Ensure that HS
* circuitmap is maintained properly. */
static void
test_intro_point_registration(void *arg)
{
- int retval;
hs_circuitmap_ht *the_hs_circuitmap = NULL;
or_circuit_t *intro_circ = NULL;
trn_cell_establish_intro_t *establish_intro_cell = NULL;
ed25519_public_key_t auth_key;
- crypto_pk_t *legacy_auth_key = NULL;
- or_circuit_t *legacy_intro_circ = NULL;
-
or_circuit_t *returned_intro_circ = NULL;
(void) arg;
@@ -621,35 +580,11 @@ test_intro_point_registration(void *arg)
tt_ptr_op(intro_circ, OP_EQ, returned_intro_circ);
}
- /* Create a v2 intro point */
- {
- char key_digest[DIGEST_LEN];
-
- legacy_intro_circ = or_circuit_new(1, NULL);
- tt_assert(legacy_intro_circ);
- legacy_auth_key = helper_establish_intro_v2(legacy_intro_circ);
- tt_assert(legacy_auth_key);
-
- /* Check that the circuitmap now has two elements */
- the_hs_circuitmap = get_hs_circuitmap();
- tt_assert(the_hs_circuitmap);
- tt_int_op(2, OP_EQ, HT_SIZE(the_hs_circuitmap));
-
- /* Check that the new element is our legacy intro circuit. */
- retval = crypto_pk_get_digest(legacy_auth_key, key_digest);
- tt_int_op(retval, OP_EQ, 0);
- returned_intro_circ =
- hs_circuitmap_get_intro_circ_v2_relay_side((uint8_t*)key_digest);
- tt_ptr_op(legacy_intro_circ, OP_EQ, returned_intro_circ);
- }
-
/* XXX Continue test and try to register a second v3 intro point with the
* same auth key. Make sure that old intro circuit gets closed. */
done:
- crypto_pk_free(legacy_auth_key);
circuit_free_(TO_CIRCUIT(intro_circ));
- circuit_free_(TO_CIRCUIT(legacy_intro_circ));
trn_cell_establish_intro_free(establish_intro_cell);
test_circuitmap_free_all();
@@ -719,31 +654,6 @@ test_introduce1_suitable_circuit(void *arg)
;
}
-static void
-test_introduce1_is_legacy(void *arg)
-{
- int ret;
- uint8_t request[256];
-
- (void) arg;
-
- /* For a cell to be considered legacy, according to the specification, the
- * first 20 bytes MUST BE non-zero else it's a v3 cell. */
- memset(request, 'a', DIGEST_LEN);
- memset(request + DIGEST_LEN, 0, sizeof(request) - DIGEST_LEN);
- ret = introduce1_cell_is_legacy(request);
- tt_int_op(ret, OP_EQ, 1);
-
- /* This is a NON legacy cell. */
- memset(request, 0, DIGEST_LEN);
- memset(request + DIGEST_LEN, 'a', sizeof(request) - DIGEST_LEN);
- ret = introduce1_cell_is_legacy(request);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- ;
-}
-
static void
test_introduce1_validation(void *arg)
{
@@ -757,20 +667,6 @@ test_introduce1_validation(void *arg)
cell = helper_create_introduce1_cell();
tt_assert(cell);
-#ifndef ALL_BUGS_ARE_FATAL
- /* It should NOT be a legacy cell which will trigger a BUG(). */
- memset(cell->legacy_key_id, 'a', sizeof(cell->legacy_key_id));
- tor_capture_bugs_(1);
- ret = validate_introduce1_parsed_cell(cell);
- tor_end_capture_bugs_();
- tt_int_op(ret, OP_EQ, -1);
-#endif /* !defined(ALL_BUGS_ARE_FATAL) */
-
- /* Reset legacy ID and make sure it's correct. */
- memset(cell->legacy_key_id, 0, sizeof(cell->legacy_key_id));
- ret = validate_introduce1_parsed_cell(cell);
- tt_int_op(ret, OP_EQ, 0);
-
/* Non existing auth key type. */
cell->auth_key_type = 42;
ret = validate_introduce1_parsed_cell(cell);
@@ -877,35 +773,6 @@ test_received_introduce1_handling(void *arg)
tt_int_op(ret, OP_EQ, 0);
}
- /* Valid legacy cell. */
- {
- tor_free(request);
- trn_cell_introduce1_free(cell);
- cell = helper_create_introduce1_cell();
- uint8_t *legacy_key_id = trn_cell_introduce1_getarray_legacy_key_id(cell);
- memset(legacy_key_id, 'a', DIGEST_LEN);
- /* Add an arbitrary amount of data for the payload of a v2 cell. */
- size_t request_len = trn_cell_introduce1_encoded_len(cell) + 256;
- tt_size_op(request_len, OP_GT, 0);
- request = tor_malloc_zero(request_len + 256);
- ssize_t encoded_len =
- trn_cell_introduce1_encode(request, request_len, cell);
- tt_int_op((int)encoded_len, OP_GT, 0);
-
- circ = helper_create_intro_circuit();
- or_circuit_t *service_circ = helper_create_intro_circuit();
- circuit_change_purpose(TO_CIRCUIT(service_circ),
- CIRCUIT_PURPOSE_INTRO_POINT);
- /* Register the circuit in the map for the auth key of the cell. */
- uint8_t token[REND_TOKEN_LEN];
- memcpy(token, legacy_key_id, sizeof(token));
- hs_circuitmap_register_intro_circ_v2_relay_side(service_circ, token);
- ret = hs_intro_received_introduce1(circ, request, request_len);
- circuit_free_(TO_CIRCUIT(circ));
- circuit_free_(TO_CIRCUIT(service_circ));
- tt_int_op(ret, OP_EQ, 0);
- }
-
done:
trn_cell_introduce1_free(cell);
tor_free(request);
@@ -1109,9 +976,6 @@ struct testcase_t hs_intropoint_tests[] = {
{ "introduce1_suitable_circuit",
test_introduce1_suitable_circuit, TT_FORK, NULL, &test_setup},
- { "introduce1_is_legacy",
- test_introduce1_is_legacy, TT_FORK, NULL, &test_setup},
-
{ "introduce1_validation",
test_introduce1_validation, TT_FORK, NULL, &test_setup},
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index 66e8e2f473..91d4689848 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -26,7 +26,6 @@
#include "test/test.h"
#include "test/test_helpers.h"
#include "test/log_test_helpers.h"
-#include "test/rend_test_helpers.h"
#include "test/hs_test_helpers.h"
#include "core/or/or.h"
@@ -58,7 +57,6 @@
#include "feature/hs/hs_service.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
-#include "feature/rend/rendservice.h"
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/fs/dir.h"
@@ -383,14 +381,13 @@ test_load_keys(void *arg)
{
int ret;
char *conf = NULL;
- char *hsdir_v2 = tor_strdup(get_fname("hs2"));
char *hsdir_v3 = tor_strdup(get_fname("hs3"));
char addr[HS_SERVICE_ADDR_LEN_BASE32 + 1];
(void) arg;
- /* We'll register two services, a v2 and a v3, then we'll load keys and
- * validate that both are in a correct state. */
+ /* We'll register one service then we'll load keys and validate that both
+ * are in a correct state. */
hs_init();
@@ -399,15 +396,6 @@ test_load_keys(void *arg)
"HiddenServiceVersion %d\n" \
"HiddenServicePort 65535\n"
- /* v2 service. */
- tor_asprintf(&conf, conf_fmt, hsdir_v2, HS_VERSION_TWO);
- ret = helper_config_service(conf);
- tor_free(conf);
- tt_int_op(ret, OP_EQ, 0);
- /* This one should now be registered into the v2 list. */
- tt_int_op(get_hs_service_staging_list_size(), OP_EQ, 0);
- tt_int_op(rend_num_services(), OP_EQ, 1);
-
/* v3 service. */
tor_asprintf(&conf, conf_fmt, hsdir_v3, HS_VERSION_THREE);
ret = helper_config_service(conf);
@@ -441,7 +429,6 @@ test_load_keys(void *arg)
tt_assert(!s->config.is_client_auth_enabled);
done:
- tor_free(hsdir_v2);
tor_free(hsdir_v3);
hs_free_all();
}
@@ -634,8 +621,8 @@ test_access_service(void *arg)
(void) arg;
- /* We'll register two services, a v2 and a v3, then we'll load keys and
- * validate that both are in a correct state. */
+ /* We'll register one service then we'll load keys and validate that both
+ * are in a correct state. */
hs_init();
diff --git a/src/test/test_introduce.c b/src/test/test_introduce.c
deleted file mode 100644
index 0ae78496b2..0000000000
--- a/src/test/test_introduce.c
+++ /dev/null
@@ -1,539 +0,0 @@
-/* Copyright (c) 2012-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-#include "orconfig.h"
-#include "lib/crypt_ops/crypto_cipher.h"
-#include "core/or/or.h"
-#include "test/test.h"
-
-#define RENDSERVICE_PRIVATE
-#include "feature/rend/rendservice.h"
-
-static uint8_t v0_test_plaintext[] =
- /* 20 bytes of rendezvous point nickname */
- { 0x4e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- /* 20 bytes dummy rendezvous cookie */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 128 bytes dummy DH handshake data */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
-
-static uint8_t v1_test_plaintext[] =
- /* Version byte */
- { 0x01,
- /* 42 bytes of dummy rendezvous point hex digest */
- 0x24, 0x30, 0x30, 0x30, 0x31, 0x30, 0x32, 0x30,
- 0x33, 0x30, 0x34, 0x30, 0x35, 0x30, 0x36, 0x30,
- 0x37, 0x30, 0x38, 0x30, 0x39, 0x30, 0x41, 0x30,
- 0x42, 0x30, 0x43, 0x30, 0x44, 0x30, 0x45, 0x30,
- 0x46, 0x31, 0x30, 0x31, 0x31, 0x31, 0x32, 0x31,
- 0x33, 0x00,
- /* 20 bytes dummy rendezvous cookie */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 128 bytes dummy DH handshake data */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
-
-static uint8_t v2_test_plaintext[] =
- /* Version byte */
- { 0x02,
- /* 4 bytes rendezvous point's IP address */
- 0xc0, 0xa8, 0x00, 0x01,
- /* 2 bytes rendezvous point's OR port */
- 0x23, 0x5a,
- /* 20 bytes dummy rendezvous point's identity digest */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 2 bytes length of onion key */
- 0x00, 0x8c,
- /* Onion key (140 bytes taken from live test) */
- 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xb1,
- 0xcd, 0x46, 0xa9, 0x18, 0xd2, 0x0f, 0x01, 0xf8,
- 0xb2, 0xad, 0xa4, 0x79, 0xb4, 0xbb, 0x4b, 0xf4,
- 0x54, 0x1e, 0x3f, 0x03, 0x54, 0xcf, 0x7c, 0xb6,
- 0xb5, 0xf0, 0xfe, 0xed, 0x4b, 0x7d, 0xd7, 0x61,
- 0xdb, 0x6d, 0xd9, 0x19, 0xe2, 0x72, 0x04, 0xaa,
- 0x3e, 0x89, 0x26, 0x14, 0x62, 0x9a, 0x6c, 0x11,
- 0x0b, 0x35, 0x99, 0x2c, 0x9f, 0x2c, 0x64, 0xa1,
- 0xd9, 0xe2, 0x88, 0xce, 0xf6, 0x54, 0xfe, 0x1d,
- 0x37, 0x5e, 0x6d, 0x73, 0x95, 0x54, 0x90, 0xf0,
- 0x7b, 0xfa, 0xd4, 0x44, 0xac, 0xb2, 0x23, 0x9f,
- 0x75, 0x36, 0xe2, 0x78, 0x62, 0x82, 0x80, 0xa4,
- 0x23, 0x22, 0xc9, 0xbf, 0xc4, 0x36, 0xd1, 0x31,
- 0x33, 0x8e, 0x64, 0xb4, 0xa9, 0x74, 0xa1, 0xcb,
- 0x42, 0x8d, 0x60, 0xc7, 0xbb, 0x8e, 0x6e, 0x0f,
- 0x36, 0x74, 0x8e, 0xf4, 0x08, 0x99, 0x06, 0x92,
- 0xb1, 0x3f, 0xb3, 0xdd, 0xed, 0xf7, 0xc9, 0x02,
- 0x03, 0x01, 0x00, 0x01,
- /* 20 bytes dummy rendezvous cookie */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 128 bytes dummy DH handshake data */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
-
-static uint8_t v3_no_auth_test_plaintext[] =
- /* Version byte */
- { 0x03,
- /* Auth type (0 for no auth len/auth data) */
- 0x00,
- /* Timestamp */
- 0x50, 0x0b, 0xb5, 0xaa,
- /* 4 bytes rendezvous point's IP address */
- 0xc0, 0xa8, 0x00, 0x01,
- /* 2 bytes rendezvous point's OR port */
- 0x23, 0x5a,
- /* 20 bytes dummy rendezvous point's identity digest */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 2 bytes length of onion key */
- 0x00, 0x8c,
- /* Onion key (140 bytes taken from live test) */
- 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xb1,
- 0xcd, 0x46, 0xa9, 0x18, 0xd2, 0x0f, 0x01, 0xf8,
- 0xb2, 0xad, 0xa4, 0x79, 0xb4, 0xbb, 0x4b, 0xf4,
- 0x54, 0x1e, 0x3f, 0x03, 0x54, 0xcf, 0x7c, 0xb6,
- 0xb5, 0xf0, 0xfe, 0xed, 0x4b, 0x7d, 0xd7, 0x61,
- 0xdb, 0x6d, 0xd9, 0x19, 0xe2, 0x72, 0x04, 0xaa,
- 0x3e, 0x89, 0x26, 0x14, 0x62, 0x9a, 0x6c, 0x11,
- 0x0b, 0x35, 0x99, 0x2c, 0x9f, 0x2c, 0x64, 0xa1,
- 0xd9, 0xe2, 0x88, 0xce, 0xf6, 0x54, 0xfe, 0x1d,
- 0x37, 0x5e, 0x6d, 0x73, 0x95, 0x54, 0x90, 0xf0,
- 0x7b, 0xfa, 0xd4, 0x44, 0xac, 0xb2, 0x23, 0x9f,
- 0x75, 0x36, 0xe2, 0x78, 0x62, 0x82, 0x80, 0xa4,
- 0x23, 0x22, 0xc9, 0xbf, 0xc4, 0x36, 0xd1, 0x31,
- 0x33, 0x8e, 0x64, 0xb4, 0xa9, 0x74, 0xa1, 0xcb,
- 0x42, 0x8d, 0x60, 0xc7, 0xbb, 0x8e, 0x6e, 0x0f,
- 0x36, 0x74, 0x8e, 0xf4, 0x08, 0x99, 0x06, 0x92,
- 0xb1, 0x3f, 0xb3, 0xdd, 0xed, 0xf7, 0xc9, 0x02,
- 0x03, 0x01, 0x00, 0x01,
- /* 20 bytes dummy rendezvous cookie */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 128 bytes dummy DH handshake data */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
-
-static uint8_t v3_basic_auth_test_plaintext[] =
- /* Version byte */
- { 0x03,
- /* Auth type (1 for REND_BASIC_AUTH) */
- 0x01,
- /* Auth len (must be 16 bytes for REND_BASIC_AUTH) */
- 0x00, 0x10,
- /* Auth data (a 16-byte dummy descriptor cookie) */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- /* Timestamp */
- 0x50, 0x0b, 0xb5, 0xaa,
- /* 4 bytes rendezvous point's IP address */
- 0xc0, 0xa8, 0x00, 0x01,
- /* 2 bytes rendezvous point's OR port */
- 0x23, 0x5a,
- /* 20 bytes dummy rendezvous point's identity digest */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 2 bytes length of onion key */
- 0x00, 0x8c,
- /* Onion key (140 bytes taken from live test) */
- 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xb1,
- 0xcd, 0x46, 0xa9, 0x18, 0xd2, 0x0f, 0x01, 0xf8,
- 0xb2, 0xad, 0xa4, 0x79, 0xb4, 0xbb, 0x4b, 0xf4,
- 0x54, 0x1e, 0x3f, 0x03, 0x54, 0xcf, 0x7c, 0xb6,
- 0xb5, 0xf0, 0xfe, 0xed, 0x4b, 0x7d, 0xd7, 0x61,
- 0xdb, 0x6d, 0xd9, 0x19, 0xe2, 0x72, 0x04, 0xaa,
- 0x3e, 0x89, 0x26, 0x14, 0x62, 0x9a, 0x6c, 0x11,
- 0x0b, 0x35, 0x99, 0x2c, 0x9f, 0x2c, 0x64, 0xa1,
- 0xd9, 0xe2, 0x88, 0xce, 0xf6, 0x54, 0xfe, 0x1d,
- 0x37, 0x5e, 0x6d, 0x73, 0x95, 0x54, 0x90, 0xf0,
- 0x7b, 0xfa, 0xd4, 0x44, 0xac, 0xb2, 0x23, 0x9f,
- 0x75, 0x36, 0xe2, 0x78, 0x62, 0x82, 0x80, 0xa4,
- 0x23, 0x22, 0xc9, 0xbf, 0xc4, 0x36, 0xd1, 0x31,
- 0x33, 0x8e, 0x64, 0xb4, 0xa9, 0x74, 0xa1, 0xcb,
- 0x42, 0x8d, 0x60, 0xc7, 0xbb, 0x8e, 0x6e, 0x0f,
- 0x36, 0x74, 0x8e, 0xf4, 0x08, 0x99, 0x06, 0x92,
- 0xb1, 0x3f, 0xb3, 0xdd, 0xed, 0xf7, 0xc9, 0x02,
- 0x03, 0x01, 0x00, 0x01,
- /* 20 bytes dummy rendezvous cookie */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13,
- /* 128 bytes dummy DH handshake data */
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
- 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
-
-static void do_decrypt_test(uint8_t *plaintext, size_t plaintext_len);
-static void do_early_parse_test(uint8_t *plaintext, size_t plaintext_len);
-static void do_late_parse_test(uint8_t *plaintext, size_t plaintext_len);
-static void do_parse_test(uint8_t *plaintext, size_t plaintext_len, int phase);
-static ssize_t make_intro_from_plaintext(
- void *buf, size_t len, crypto_pk_t *key, void **cell_out);
-
-#define EARLY_PARSE_ONLY 1
-#define DECRYPT_ONLY 2
-#define ALL_PARSING 3
-
-static void
-do_early_parse_test(uint8_t *plaintext, size_t plaintext_len)
-{
- do_parse_test(plaintext, plaintext_len, EARLY_PARSE_ONLY);
-}
-
-static void
-do_decrypt_test(uint8_t *plaintext, size_t plaintext_len)
-{
- do_parse_test(plaintext, plaintext_len, DECRYPT_ONLY);
-}
-
-static void
-do_late_parse_test(uint8_t *plaintext, size_t plaintext_len)
-{
- do_parse_test(plaintext, plaintext_len, ALL_PARSING);
-}
-
-/** Test utility function: checks that the <b>plaintext_len</b>-byte string at
- * <b>plaintext</b> is at least superficially parseable.
- */
-static void
-do_parse_test(uint8_t *plaintext, size_t plaintext_len, int phase)
-{
- crypto_pk_t *k = NULL;
- ssize_t r;
- uint8_t *cell = NULL;
- size_t cell_len;
- rend_intro_cell_t *parsed_req = NULL;
- char *err_msg = NULL;
- char digest[DIGEST_LEN];
-
- /* Get a key */
- k = crypto_pk_new();
- tt_assert(k);
- r = crypto_pk_read_private_key_from_string(k, AUTHORITY_SIGNKEY_1, -1);
- tt_assert(!r);
-
- /* Get digest for future comparison */
- r = crypto_pk_get_digest(k, digest);
- tt_assert(r >= 0);
-
- /* Make a cell out of it */
- r = make_intro_from_plaintext(
- plaintext, plaintext_len,
- k, (void **)(&cell));
- tt_assert(r > 0);
- tt_assert(cell);
- cell_len = r;
-
- /* Do early parsing */
- parsed_req = rend_service_begin_parse_intro(cell, cell_len, 2, &err_msg);
- tt_assert(parsed_req);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_mem_op(parsed_req->pk,OP_EQ, digest, DIGEST_LEN);
- tt_assert(parsed_req->ciphertext);
- tt_assert(parsed_req->ciphertext_len > 0);
-
- if (phase == EARLY_PARSE_ONLY)
- goto done;
-
- /* Do decryption */
- r = rend_service_decrypt_intro(parsed_req, k, &err_msg);
- tt_assert(!r);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_assert(parsed_req->plaintext);
- tt_assert(parsed_req->plaintext_len > 0);
-
- if (phase == DECRYPT_ONLY)
- goto done;
-
- /* Do late parsing */
- r = rend_service_parse_intro_plaintext(parsed_req, &err_msg);
- tt_assert(!r);
- tt_ptr_op(err_msg, OP_EQ, NULL);
- tt_assert(parsed_req->parsed);
-
- done:
- tor_free(cell);
- crypto_pk_free(k);
- rend_service_free_intro(parsed_req);
- tor_free(err_msg);
-}
-
-/** Given the plaintext of the encrypted part of an INTRODUCE1/2 and a key,
- * construct the encrypted cell for testing.
- */
-
-static ssize_t
-make_intro_from_plaintext(
- void *buf, size_t len, crypto_pk_t *key, void **cell_out)
-{
- char *cell = NULL;
- ssize_t cell_len = -1, r;
- /* Assemble key digest and ciphertext, then construct the cell */
- ssize_t ciphertext_size;
-
- if (!(buf && key && len > 0 && cell_out)) goto done;
-
- /*
- * Figure out an upper bound on how big the ciphertext will be
- * (see crypto_pk_obsolete_public_hybrid_encrypt())
- */
- ciphertext_size = PKCS1_OAEP_PADDING_OVERHEAD;
- ciphertext_size += crypto_pk_keysize(key);
- ciphertext_size += CIPHER_KEY_LEN;
- ciphertext_size += len;
-
- /*
- * Allocate space for the cell
- */
- cell = tor_malloc(DIGEST_LEN + ciphertext_size);
-
- /* Compute key digest (will be first DIGEST_LEN octets of cell) */
- r = crypto_pk_get_digest(key, cell);
- tt_assert(r >= 0);
-
- /* Do encryption */
- r = crypto_pk_obsolete_public_hybrid_encrypt(
- key, cell + DIGEST_LEN, ciphertext_size,
- buf, len,
- PK_PKCS1_OAEP_PADDING, 0);
- tt_assert(r >= 0);
-
- /* Figure out cell length */
- cell_len = DIGEST_LEN + r;
-
- /* Output the cell */
- *cell_out = cell;
- cell = NULL;
-
- done:
- tor_free(cell);
- return cell_len;
-}
-
-/** Test v0 INTRODUCE2 parsing through decryption only
- */
-
-static void
-test_introduce_decrypt_v0(void *arg)
-{
- (void)arg;
- do_decrypt_test(v0_test_plaintext, sizeof(v0_test_plaintext));
-}
-
-/** Test v1 INTRODUCE2 parsing through decryption only
- */
-
-static void
-test_introduce_decrypt_v1(void *arg)
-{
- (void)arg;
- do_decrypt_test(v1_test_plaintext, sizeof(v1_test_plaintext));
-}
-
-/** Test v2 INTRODUCE2 parsing through decryption only
- */
-
-static void
-test_introduce_decrypt_v2(void *arg)
-{
- (void)arg;
- do_decrypt_test(v2_test_plaintext, sizeof(v2_test_plaintext));
-}
-
-/** Test v3 INTRODUCE2 parsing through decryption only
- */
-
-static void
-test_introduce_decrypt_v3(void *arg)
-{
- (void)arg;
- do_decrypt_test(
- v3_no_auth_test_plaintext, sizeof(v3_no_auth_test_plaintext));
- do_decrypt_test(
- v3_basic_auth_test_plaintext, sizeof(v3_basic_auth_test_plaintext));
-}
-
-/** Test v0 INTRODUCE2 parsing through early parsing only
- */
-
-static void
-test_introduce_early_parse_v0(void *arg)
-{
- (void)arg;
- do_early_parse_test(v0_test_plaintext, sizeof(v0_test_plaintext));
-}
-
-/** Test v1 INTRODUCE2 parsing through early parsing only
- */
-
-static void
-test_introduce_early_parse_v1(void *arg)
-{
- (void)arg;
- do_early_parse_test(v1_test_plaintext, sizeof(v1_test_plaintext));
-}
-
-/** Test v2 INTRODUCE2 parsing through early parsing only
- */
-
-static void
-test_introduce_early_parse_v2(void *arg)
-{
- (void)arg;
- do_early_parse_test(v2_test_plaintext, sizeof(v2_test_plaintext));
-}
-
-/** Test v3 INTRODUCE2 parsing through early parsing only
- */
-
-static void
-test_introduce_early_parse_v3(void *arg)
-{
- (void)arg;
- do_early_parse_test(
- v3_no_auth_test_plaintext, sizeof(v3_no_auth_test_plaintext));
- do_early_parse_test(
- v3_basic_auth_test_plaintext, sizeof(v3_basic_auth_test_plaintext));
-}
-
-/** Test v0 INTRODUCE2 parsing
- */
-
-static void
-test_introduce_late_parse_v0(void *arg)
-{
- (void)arg;
- do_late_parse_test(v0_test_plaintext, sizeof(v0_test_plaintext));
-}
-
-/** Test v1 INTRODUCE2 parsing
- */
-
-static void
-test_introduce_late_parse_v1(void *arg)
-{
- (void)arg;
- do_late_parse_test(v1_test_plaintext, sizeof(v1_test_plaintext));
-}
-
-/** Test v2 INTRODUCE2 parsing
- */
-
-static void
-test_introduce_late_parse_v2(void *arg)
-{
- (void)arg;
- do_late_parse_test(v2_test_plaintext, sizeof(v2_test_plaintext));
-}
-
-/** Test v3 INTRODUCE2 parsing
- */
-
-static void
-test_introduce_late_parse_v3(void *arg)
-{
- (void)arg;
- do_late_parse_test(
- v3_no_auth_test_plaintext, sizeof(v3_no_auth_test_plaintext));
- do_late_parse_test(
- v3_basic_auth_test_plaintext, sizeof(v3_basic_auth_test_plaintext));
-}
-
-#define INTRODUCE_LEGACY(name) \
- { #name, test_introduce_ ## name , 0, NULL, NULL }
-
-struct testcase_t introduce_tests[] = {
- INTRODUCE_LEGACY(early_parse_v0),
- INTRODUCE_LEGACY(early_parse_v1),
- INTRODUCE_LEGACY(early_parse_v2),
- INTRODUCE_LEGACY(early_parse_v3),
- INTRODUCE_LEGACY(decrypt_v0),
- INTRODUCE_LEGACY(decrypt_v1),
- INTRODUCE_LEGACY(decrypt_v2),
- INTRODUCE_LEGACY(decrypt_v3),
- INTRODUCE_LEGACY(late_parse_v0),
- INTRODUCE_LEGACY(late_parse_v1),
- INTRODUCE_LEGACY(late_parse_v2),
- INTRODUCE_LEGACY(late_parse_v3),
- END_OF_TESTCASES
-};
diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
deleted file mode 100644
index 06167635c1..0000000000
--- a/src/test/test_rendcache.c
+++ /dev/null
@@ -1,1248 +0,0 @@
-/* Copyright (c) 2010-2020, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-#include "orconfig.h"
-#include "core/or/or.h"
-
-#include "test/test.h"
-#define RENDCACHE_PRIVATE
-#include "feature/rend/rendcache.h"
-#include "feature/relay/router.h"
-#include "feature/nodelist/routerlist.h"
-#include "app/config/config.h"
-#include "feature/hs/hs_common.h"
-
-#include "core/or/extend_info_st.h"
-#include "feature/rend/rend_encoded_v2_service_descriptor_st.h"
-#include "feature/rend/rend_intro_point_st.h"
-#include "feature/rend/rend_service_descriptor_st.h"
-#include "feature/nodelist/routerinfo_st.h"
-
-#include "test/rend_test_helpers.h"
-#include "test/log_test_helpers.h"
-
-static const int RECENT_TIME = -10;
-static const int TIME_IN_THE_PAST = -(REND_CACHE_MAX_AGE + \
- REND_CACHE_MAX_SKEW + 60);
-static const int TIME_IN_THE_FUTURE = REND_CACHE_MAX_SKEW + 60;
-
-static void
-test_rend_cache_lookup_entry(void *data)
-{
- int ret;
- rend_data_t *mock_rend_query = NULL;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- rend_cache_entry_t *entry = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
- char *service_id = NULL;
- (void)data;
-
- rend_cache_init();
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
-
- ret = rend_cache_lookup_entry("abababababababab", 0, NULL);
- tt_int_op(ret, OP_EQ, -ENOENT);
-
- ret = rend_cache_lookup_entry("invalid query", 2, NULL);
- tt_int_op(ret, OP_EQ, -EINVAL);
-
- ret = rend_cache_lookup_entry("abababababababab", 2, NULL);
- tt_int_op(ret, OP_EQ, -ENOENT);
-
- ret = rend_cache_lookup_entry("abababababababab", 4224, NULL);
- tt_int_op(ret, OP_EQ, -ENOENT);
-
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- rend_cache_store_v2_desc_as_client(desc_holder->desc_str, desc_id_base32,
- mock_rend_query, NULL);
-
- ret = rend_cache_lookup_entry(service_id, 2, NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- ret = rend_cache_lookup_entry(service_id, 2, &entry);
- tt_int_op(ret, OP_EQ, 0);
- tt_assert(entry);
- tt_int_op(entry->len, OP_EQ, strlen(desc_holder->desc_str));
- tt_str_op(entry->desc, OP_EQ, desc_holder->desc_str);
-
- done:
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_cache_free_all();
- rend_data_free(mock_rend_query);
-}
-
-static void
-test_rend_cache_store_v2_desc_as_client(void *data)
-{
- int ret;
- rend_data_t *mock_rend_query;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- rend_cache_entry_t *entry = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
- char *service_id = NULL;
- char client_cookie[REND_DESC_COOKIE_LEN];
- (void)data;
-
- rend_cache_init();
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
-
- // Test success
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- &entry);
-
- tt_int_op(ret, OP_EQ, 0);
- tt_assert(entry);
- tt_int_op(entry->len, OP_EQ, strlen(desc_holder->desc_str));
- tt_str_op(entry->desc, OP_EQ, desc_holder->desc_str);
-
- // Test various failure modes
-
- // TODO: a too long desc_id_base32 argument crashes the function
- /* ret = rend_cache_store_v2_desc_as_client( */
- /* desc_holder->desc_str, */
- /* "3TOOLONG3TOOLONG3TOOLONG3TOOLONG3TOOLONG3TOOLONG", */
- /* &mock_rend_query, NULL); */
- /* tt_int_op(ret, OP_EQ, -1); */
-
- // Test bad base32 failure
- // This causes an assertion failure if we're running with assertions.
- // But when building without asserts, we can test it.
-#ifdef DISABLE_ASSERTS_IN_UNIT_TESTS
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- "!xqunszqnaolrrfmtzgaki7mxelgvkj", mock_rend_query, NULL);
- tt_int_op(ret, OP_EQ, -1);
-#endif
-
- // Test invalid descriptor
- ret = rend_cache_store_v2_desc_as_client("invalid descriptor",
- "3xqunszqnaolrrfmtzgaki7mxelgvkje", mock_rend_query, NULL);
- tt_int_op(ret, OP_EQ, -1);
-
- // TODO: it doesn't seem to be possible to test invalid service ID condition.
- // that means it is likely not possible to have that condition without
- // earlier conditions failing first (such as signature checking of the desc)
-
- rend_cache_free_all();
-
- // Test mismatch between service ID and onion address
- rend_cache_init();
- strncpy(TO_REND_DATA_V2(mock_rend_query)->onion_address, "abc",
- REND_SERVICE_ID_LEN_BASE32+1);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32,
- mock_rend_query, NULL);
- tt_int_op(ret, OP_EQ, -1);
- rend_cache_free_all();
- rend_data_free(mock_rend_query);
-
- // Test incorrect descriptor ID
- rend_cache_init();
- mock_rend_query = mock_rend_data(service_id);
- char orig = desc_id_base32[0];
- if (desc_id_base32[0] == 'a')
- desc_id_base32[0] = 'b';
- else
- desc_id_base32[0] = 'a';
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, -1);
- desc_id_base32[0] = orig;
- rend_cache_free_all();
-
- // Test too old descriptor
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(TIME_IN_THE_PAST, &desc_holder, &service_id, 3);
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
-
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32,
- mock_rend_query, NULL);
- tt_int_op(ret, OP_EQ, -1);
- rend_cache_free_all();
-
- // Test too new descriptor (in the future)
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(TIME_IN_THE_FUTURE, &desc_holder, &service_id, 3);
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
-
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, -1);
- rend_cache_free_all();
-
- // Test when a descriptor is already in the cache
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
-
- rend_cache_store_v2_desc_as_client(desc_holder->desc_str, desc_id_base32,
- mock_rend_query, NULL);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- &entry);
- tt_int_op(ret, OP_EQ, 0);
- tt_assert(entry);
- rend_cache_free_all();
-
- // Test unsuccessful decrypting of introduction points
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
- mock_rend_query = mock_rend_data(service_id);
- TO_REND_DATA_V2(mock_rend_query)->auth_type = REND_BASIC_AUTH;
- client_cookie[0] = 'A';
- memcpy(TO_REND_DATA_V2(mock_rend_query)->descriptor_cookie, client_cookie,
- REND_DESC_COOKIE_LEN);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, 0);
- rend_cache_free_all();
-
- // Test successful run when we have REND_BASIC_AUTH but not cookie
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
- mock_rend_query = mock_rend_data(service_id);
- TO_REND_DATA_V2(mock_rend_query)->auth_type = REND_BASIC_AUTH;
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- rend_cache_free_all();
-
- // Test when we have no introduction points
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 0);
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, -1);
- rend_cache_free_all();
-
- // Test when we have too many intro points
- rend_cache_init();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_data_free(mock_rend_query);
-
- generate_desc(RECENT_TIME, &desc_holder, &service_id, MAX_INTRO_POINTS+1);
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, -1);
-
- done:
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_cache_free_all();
- rend_data_free(mock_rend_query);
-}
-
-static void
-test_rend_cache_store_v2_desc_as_client_with_different_time(void *data)
-{
- int ret;
- rend_data_t *mock_rend_query;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- rend_service_descriptor_t *generated = NULL;
- smartlist_t *descs = smartlist_new();
- time_t t;
- char *service_id = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder_newer;
- rend_encoded_v2_service_descriptor_t *desc_holder_older;
-
- t = time(NULL);
- rend_cache_init();
-
- create_descriptor(&generated, &service_id, 3);
-
- generated->timestamp = t + RECENT_TIME;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_newer = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
-
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- descs = smartlist_new();
-
- generated->timestamp = (t + RECENT_TIME) - 20;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_older = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
- (void)data;
-
- // Test when a descriptor is already in the cache and it is newer than the
- // one we submit
- mock_rend_query = mock_rend_data(service_id);
- base32_encode(desc_id_base32, sizeof(desc_id_base32),
- desc_holder_newer->desc_id, DIGEST_LEN);
- rend_cache_store_v2_desc_as_client(desc_holder_newer->desc_str,
- desc_id_base32, mock_rend_query, NULL);
- ret = rend_cache_store_v2_desc_as_client(desc_holder_older->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- rend_cache_free_all();
-
- // Test when an old descriptor is in the cache and we submit a newer one
- rend_cache_init();
- rend_cache_store_v2_desc_as_client(desc_holder_older->desc_str,
- desc_id_base32, mock_rend_query, NULL);
- ret = rend_cache_store_v2_desc_as_client(desc_holder_newer->desc_str,
- desc_id_base32, mock_rend_query,
- NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- rend_encoded_v2_service_descriptor_free(desc_holder_newer);
- rend_encoded_v2_service_descriptor_free(desc_holder_older);
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- rend_service_descriptor_free(generated);
- tor_free(service_id);
- rend_cache_free_all();
- rend_data_free(mock_rend_query);
-}
-
-static const routerinfo_t *rcache_lookup_v2_as_dir_get_my_routerinfo(void);
-
-static routerinfo_t *mock_routerinfo;
-
-static const routerinfo_t *
-rcache_lookup_v2_as_dir_get_my_routerinfo(void)
-{
- if (!mock_routerinfo) {
- mock_routerinfo = tor_malloc(sizeof(routerinfo_t));
- }
-
- return mock_routerinfo;
-}
-
-static void
-test_rend_cache_lookup_v2_desc_as_dir(void *data)
-{
- int ret;
- char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
- rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
- char *service_id = NULL;
- const char *ret_desc = NULL;
-
- (void)data;
-
- MOCK(router_get_my_routerinfo,
- rcache_lookup_v2_as_dir_get_my_routerinfo);
-
- rend_cache_init();
-
- // Test invalid base32
- ret = rend_cache_lookup_v2_desc_as_dir("!bababababababab", NULL);
- tt_int_op(ret, OP_EQ, -1);
-
- // Test non-existent descriptor but well formed
- ret = rend_cache_lookup_v2_desc_as_dir("3xqunszqnaolrrfmtzgaki7mxelgvkje",
- NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- // Test existing descriptor
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
- rend_cache_store_v2_desc_as_dir(desc_holder->desc_str);
- base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
- DIGEST_LEN);
- ret = rend_cache_lookup_v2_desc_as_dir(desc_id_base32, &ret_desc);
- tt_int_op(ret, OP_EQ, 1);
- tt_assert(ret_desc);
-
- done:
- UNMOCK(router_get_my_routerinfo);
- tor_free(mock_routerinfo);
- rend_cache_free_all();
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
-}
-
-static const routerinfo_t *rcache_store_v2_as_dir_get_my_routerinfo(void);
-
-static const routerinfo_t *
-rcache_store_v2_as_dir_get_my_routerinfo(void)
-{
- return mock_routerinfo;
-}
-
-static void
-test_rend_cache_store_v2_desc_as_dir(void *data)
-{
- (void)data;
- int ret;
- rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
- char *service_id = NULL;
-
- MOCK(router_get_my_routerinfo,
- rcache_store_v2_as_dir_get_my_routerinfo);
-
- rend_cache_init();
-
- // Test when we can't parse the descriptor
- mock_routerinfo = tor_malloc(sizeof(routerinfo_t));
- ret = rend_cache_store_v2_desc_as_dir("unparseable");
- tt_int_op(ret, OP_EQ, -1);
-
- // Test when we have an old descriptor
- generate_desc(TIME_IN_THE_PAST, &desc_holder, &service_id, 3);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
-
- // Test when we have a descriptor in the future
- generate_desc(TIME_IN_THE_FUTURE, &desc_holder, &service_id, 3);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
-
- // Test when two descriptors
- generate_desc(TIME_IN_THE_FUTURE, &desc_holder, &service_id, 3);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
-
- // Test when asking for hidden service statistics HiddenServiceStatistics
- rend_cache_purge();
- generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
- get_options_mutable()->HiddenServiceStatistics = 1;
- ret = rend_cache_store_v2_desc_as_dir(desc_holder->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- UNMOCK(router_get_my_routerinfo);
- rend_encoded_v2_service_descriptor_free(desc_holder);
- tor_free(service_id);
- rend_cache_free_all();
- tor_free(mock_routerinfo);
-}
-
-static void
-test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data)
-{
- (void)data;
-
- int ret;
- rend_service_descriptor_t *generated = NULL;
- smartlist_t *descs = smartlist_new();
- time_t t;
- char *service_id = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder_newer;
- rend_encoded_v2_service_descriptor_t *desc_holder_older;
-
- MOCK(router_get_my_routerinfo,
- rcache_store_v2_as_dir_get_my_routerinfo);
-
- rend_cache_init();
-
- t = time(NULL);
-
- create_descriptor(&generated, &service_id, 3);
- generated->timestamp = t + RECENT_TIME;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_newer = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- descs = smartlist_new();
-
- generated->timestamp = (t + RECENT_TIME) - 20;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_older = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
-
- // Test when we have a newer descriptor stored
- mock_routerinfo = tor_malloc(sizeof(routerinfo_t));
- rend_cache_store_v2_desc_as_dir(desc_holder_newer->desc_str);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder_older->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- // Test when we have an old descriptor stored
- rend_cache_purge();
- rend_cache_store_v2_desc_as_dir(desc_holder_older->desc_str);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder_newer->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- UNMOCK(router_get_my_routerinfo);
- rend_cache_free_all();
- rend_service_descriptor_free(generated);
- tor_free(service_id);
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- rend_encoded_v2_service_descriptor_free(desc_holder_newer);
- rend_encoded_v2_service_descriptor_free(desc_holder_older);
- tor_free(mock_routerinfo);
-}
-
-static void
-test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data)
-{
- (void)data;
-
- int ret;
- rend_service_descriptor_t *generated = NULL;
- smartlist_t *descs = smartlist_new();
- time_t t;
- char *service_id = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder_one = NULL;
- rend_encoded_v2_service_descriptor_t *desc_holder_two = NULL;
-
- MOCK(router_get_my_routerinfo,
- rcache_store_v2_as_dir_get_my_routerinfo);
-
- rend_cache_init();
-
- t = time(NULL);
-
- create_descriptor(&generated, &service_id, 3);
- generated->timestamp = t + RECENT_TIME;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_one = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
-
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- descs = smartlist_new();
-
- generated->timestamp = t + RECENT_TIME;
- generated->protocols = 41;
- rend_encode_v2_descriptors(descs, generated, t + RECENT_TIME, 0,
- REND_NO_AUTH, NULL, NULL);
- desc_holder_two = ((rend_encoded_v2_service_descriptor_t *)
- smartlist_get(descs, 0));
- smartlist_set(descs, 0, NULL);
-
- // Test when we have another descriptor stored, with a different descriptor
- mock_routerinfo = tor_malloc(sizeof(routerinfo_t));
- rend_cache_store_v2_desc_as_dir(desc_holder_one->desc_str);
- ret = rend_cache_store_v2_desc_as_dir(desc_holder_two->desc_str);
- tt_int_op(ret, OP_EQ, 0);
-
- done:
- UNMOCK(router_get_my_routerinfo);
- rend_cache_free_all();
- rend_service_descriptor_free(generated);
- tor_free(service_id);
- SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
- rend_encoded_v2_service_descriptor_free(d));
- smartlist_free(descs);
- rend_encoded_v2_service_descriptor_free(desc_holder_one);
- rend_encoded_v2_service_descriptor_free(desc_holder_two);
-}
-
-static void
-test_rend_cache_init(void *data)
-{
- (void)data;
-
- tt_assert_msg(!rend_cache, "rend_cache should be NULL when starting");
- tt_assert_msg(!rend_cache_v2_dir, "rend_cache_v2_dir should be NULL "
- "when starting");
- tt_assert_msg(!rend_cache_failure, "rend_cache_failure should be NULL when "
- "starting");
-
- rend_cache_init();
-
- tt_assert_msg(rend_cache, "rend_cache should not be NULL after initing");
- tt_assert_msg(rend_cache_v2_dir, "rend_cache_v2_dir should not be NULL "
- "after initing");
- tt_assert_msg(rend_cache_failure, "rend_cache_failure should not be NULL "
- "after initing");
-
- tt_int_op(strmap_size(rend_cache), OP_EQ, 0);
- tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_decrement_allocation(void *data)
-{
- (void)data;
-
- // Test when the cache has enough allocations
- rend_cache_total_allocation = 10;
- rend_cache_decrement_allocation(3);
- tt_int_op(rend_cache_total_allocation, OP_EQ, 7);
-
- // Test when there are not enough allocations
- rend_cache_total_allocation = 1;
- setup_full_capture_of_logs(LOG_WARN);
- rend_cache_decrement_allocation(2);
- tt_int_op(rend_cache_total_allocation, OP_EQ, 0);
- expect_single_log_msg_containing(
- "Underflow in rend_cache_decrement_allocation");
- teardown_capture_of_logs();
-
- // And again
- rend_cache_decrement_allocation(2);
- tt_int_op(rend_cache_total_allocation, OP_EQ, 0);
-
- done:
- teardown_capture_of_logs();
-}
-
-static void
-test_rend_cache_increment_allocation(void *data)
-{
- (void)data;
-
- // Test when the cache is not overflowing
- rend_cache_total_allocation = 5;
- rend_cache_increment_allocation(3);
- tt_int_op(rend_cache_total_allocation, OP_EQ, 8);
-
- // Test when there are too many allocations
- rend_cache_total_allocation = SIZE_MAX-1;
- setup_full_capture_of_logs(LOG_WARN);
- rend_cache_increment_allocation(2);
- tt_u64_op(rend_cache_total_allocation, OP_EQ, SIZE_MAX);
- expect_single_log_msg_containing(
- "Overflow in rend_cache_increment_allocation");
- teardown_capture_of_logs();
-
- // And again
- rend_cache_increment_allocation(2);
- tt_u64_op(rend_cache_total_allocation, OP_EQ, SIZE_MAX);
-
- done:
- teardown_capture_of_logs();
-}
-
-static void
-test_rend_cache_failure_intro_entry_new(void *data)
-{
- time_t now;
- rend_cache_failure_intro_t *entry;
- rend_intro_point_failure_t failure;
-
- (void)data;
-
- failure = INTRO_POINT_FAILURE_TIMEOUT;
- now = time(NULL);
- entry = rend_cache_failure_intro_entry_new(failure);
-
- tt_int_op(entry->failure_type, OP_EQ, INTRO_POINT_FAILURE_TIMEOUT);
- tt_int_op(entry->created_ts, OP_GE, now-5);
- tt_int_op(entry->created_ts, OP_LE, now+5);
-
- done:
- tor_free(entry);
-}
-
-static void
-test_rend_cache_failure_intro_lookup(void *data)
-{
- (void)data;
- int ret;
- rend_cache_failure_t *failure;
- rend_cache_failure_intro_t *ip;
- rend_cache_failure_intro_t *entry;
- const char key_ip_one[DIGEST_LEN] = "ip1";
- const char key_ip_two[DIGEST_LEN] = "ip2";
- const char key_foo[DIGEST_LEN] = "foo1";
-
- rend_cache_init();
-
- failure = rend_cache_failure_entry_new();
- ip = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- digestmap_set(failure->intro_failures, key_ip_one, ip);
- strmap_set_lc(rend_cache_failure, "foo1", failure);
-
- // Test not found
- ret = cache_failure_intro_lookup((const uint8_t *) key_foo, "foo2", NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- // Test found with no intro failures in it
- ret = cache_failure_intro_lookup((const uint8_t *) key_ip_two, "foo1", NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- // Test found
- ret = cache_failure_intro_lookup((const uint8_t *) key_ip_one, "foo1", NULL);
- tt_int_op(ret, OP_EQ, 1);
-
- // Test found and asking for entry
- cache_failure_intro_lookup((const uint8_t *) key_ip_one, "foo1", &entry);
- tt_assert(entry);
- tt_assert(entry == ip);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_clean(void *data)
-{
- rend_cache_entry_t *one, *two;
- rend_service_descriptor_t *desc_one, *desc_two;
- strmap_iter_t *iter = NULL;
- const char *key;
- void *val;
-
- (void)data;
-
- rend_cache_init();
-
- // Test with empty rendcache
- rend_cache_clean(time(NULL), REND_CACHE_TYPE_CLIENT);
- tt_int_op(strmap_size(rend_cache), OP_EQ, 0);
-
- // Test with two old entries
- one = tor_malloc_zero(sizeof(rend_cache_entry_t));
- two = tor_malloc_zero(sizeof(rend_cache_entry_t));
- desc_one = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- desc_two = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- one->parsed = desc_one;
- two->parsed = desc_two;
-
- desc_one->timestamp = time(NULL) + TIME_IN_THE_PAST;
- desc_two->timestamp = (time(NULL) + TIME_IN_THE_PAST) - 10;
- desc_one->pk = pk_generate(0);
- desc_two->pk = pk_generate(1);
-
- strmap_set_lc(rend_cache, "foo1", one);
- rend_cache_increment_allocation(rend_cache_entry_allocation(one));
- strmap_set_lc(rend_cache, "foo2", two);
- rend_cache_increment_allocation(rend_cache_entry_allocation(two));
-
- rend_cache_clean(time(NULL), REND_CACHE_TYPE_CLIENT);
- tt_int_op(strmap_size(rend_cache), OP_EQ, 0);
-
- // Test with one old entry and one newer entry
- one = tor_malloc_zero(sizeof(rend_cache_entry_t));
- two = tor_malloc_zero(sizeof(rend_cache_entry_t));
- desc_one = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- desc_two = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- one->parsed = desc_one;
- two->parsed = desc_two;
-
- desc_one->timestamp = (time(NULL) + TIME_IN_THE_PAST) - 10;
- desc_two->timestamp = time(NULL) - 100;
- desc_one->pk = pk_generate(0);
- desc_two->pk = pk_generate(1);
-
- rend_cache_increment_allocation(rend_cache_entry_allocation(one));
- strmap_set_lc(rend_cache, "foo1", one);
- rend_cache_increment_allocation(rend_cache_entry_allocation(two));
- strmap_set_lc(rend_cache, "foo2", two);
-
- rend_cache_clean(time(NULL), REND_CACHE_TYPE_CLIENT);
- tt_int_op(strmap_size(rend_cache), OP_EQ, 1);
-
- iter = strmap_iter_init(rend_cache);
- strmap_iter_get(iter, &key, &val);
- tt_str_op(key, OP_EQ, "foo2");
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_failure_entry_new(void *data)
-{
- rend_cache_failure_t *failure;
-
- (void)data;
-
- failure = rend_cache_failure_entry_new();
- tt_assert(failure);
- tt_int_op(digestmap_size(failure->intro_failures), OP_EQ, 0);
-
- done:
- rend_cache_failure_entry_free(failure);
-}
-
-static void
-test_rend_cache_failure_entry_free(void *data)
-{
- (void)data;
-
- // Test that it can deal with a NULL argument
- rend_cache_failure_entry_free_(NULL);
-
- /* done: */
- /* (void)0; */
-}
-
-static void
-test_rend_cache_failure_clean(void *data)
-{
- rend_cache_failure_t *failure;
- rend_cache_failure_intro_t *ip_one, *ip_two;
-
- const char key_one[DIGEST_LEN] = "ip1";
- const char key_two[DIGEST_LEN] = "ip2";
-
- (void)data;
-
- rend_cache_init();
-
- // Test with empty failure cache
- rend_cache_failure_clean(time(NULL));
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
-
- // Test with one empty failure entry
- failure = rend_cache_failure_entry_new();
- strmap_set_lc(rend_cache_failure, "foo1", failure);
- rend_cache_failure_clean(time(NULL));
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
-
- // Test with one new intro point
- failure = rend_cache_failure_entry_new();
- ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- digestmap_set(failure->intro_failures, key_one, ip_one);
- strmap_set_lc(rend_cache_failure, "foo1", failure);
- rend_cache_failure_clean(time(NULL));
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 1);
-
- // Test with one old intro point
- rend_cache_failure_purge();
- failure = rend_cache_failure_entry_new();
- ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- ip_one->created_ts = time(NULL) - 7*60;
- digestmap_set(failure->intro_failures, key_one, ip_one);
- strmap_set_lc(rend_cache_failure, "foo1", failure);
- rend_cache_failure_clean(time(NULL));
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
-
- // Test with one old intro point and one new one
- rend_cache_failure_purge();
- failure = rend_cache_failure_entry_new();
- ip_one = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- ip_one->created_ts = time(NULL) - 7*60;
- digestmap_set(failure->intro_failures, key_one, ip_one);
- ip_two = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- ip_two->created_ts = time(NULL) - 2*60;
- digestmap_set(failure->intro_failures, key_two, ip_two);
- strmap_set_lc(rend_cache_failure, "foo1", failure);
- rend_cache_failure_clean(time(NULL));
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 1);
- tt_int_op(digestmap_size(failure->intro_failures), OP_EQ, 1);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_failure_remove(void *data)
-{
- rend_service_descriptor_t *desc;
- (void)data;
-
- rend_cache_init();
-
- // Test that it deals well with a NULL desc
- rend_cache_failure_remove(NULL);
-
- // Test a descriptor that isn't in the cache
- desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- desc->pk = pk_generate(0);
- rend_cache_failure_remove(desc);
-
- // There seems to not exist any way of getting rend_cache_failure_remove()
- // to fail because of a problem with rend_get_service_id from here
- rend_cache_free_all();
-
- rend_service_descriptor_free(desc);
- /* done: */
- /* (void)0; */
-}
-
-static void
-test_rend_cache_free_all(void *data)
-{
- rend_cache_failure_t *failure;
- rend_cache_entry_t *one;
- rend_service_descriptor_t *desc_one;
-
- (void)data;
-
- rend_cache_init();
-
- failure = rend_cache_failure_entry_new();
- strmap_set_lc(rend_cache_failure, "foo1", failure);
-
- one = tor_malloc_zero(sizeof(rend_cache_entry_t));
- desc_one = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- one->parsed = desc_one;
- desc_one->timestamp = time(NULL) + TIME_IN_THE_PAST;
- desc_one->pk = pk_generate(0);
- rend_cache_increment_allocation(rend_cache_entry_allocation(one));
- strmap_set_lc(rend_cache, "foo1", one);
-
- rend_cache_free_all();
-
- tt_ptr_op(rend_cache, OP_EQ, NULL);
- tt_ptr_op(rend_cache_v2_dir, OP_EQ, NULL);
- tt_ptr_op(rend_cache_failure, OP_EQ, NULL);
- tt_assert(!rend_cache_total_allocation);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_entry_free(void *data)
-{
- (void)data;
- rend_cache_entry_t *e;
-
- // Handles NULL correctly
- rend_cache_entry_free_(NULL);
-
- // Handles NULL descriptor correctly
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- rend_cache_entry_free(e);
-
- // Handles non-NULL descriptor correctly
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- e->desc = tor_malloc(10);
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- rend_cache_entry_free(e);
-
- /* done: */
- /* (void)0; */
-}
-
-static void
-test_rend_cache_purge(void *data)
-{
- (void)data;
-
- // Deals with a NULL rend_cache
- rend_cache_purge();
- tt_assert(rend_cache);
- tt_assert(strmap_size(rend_cache) == 0);
-
- // Deals with existing rend_cache
- rend_cache_free_all();
- rend_cache_init();
- tt_assert(rend_cache);
- tt_assert(strmap_size(rend_cache) == 0);
-
- rend_cache_purge();
- tt_assert(rend_cache);
- tt_assert(strmap_size(rend_cache) == 0);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_failure_intro_add(void *data)
-{
- (void)data;
- rend_cache_failure_t *fail_entry;
- rend_cache_failure_intro_t *entry;
- const char identity[DIGEST_LEN] = "foo1";
-
- rend_cache_init();
-
- // Adds non-existing entry
- cache_failure_intro_add((const uint8_t *) identity, "foo2",
- INTRO_POINT_FAILURE_TIMEOUT);
- fail_entry = strmap_get_lc(rend_cache_failure, "foo2");
- tt_assert(fail_entry);
- tt_int_op(digestmap_size(fail_entry->intro_failures), OP_EQ, 1);
- entry = digestmap_get(fail_entry->intro_failures, identity);
- tt_assert(entry);
-
- // Adds existing entry
- cache_failure_intro_add((const uint8_t *) identity, "foo2",
- INTRO_POINT_FAILURE_TIMEOUT);
- fail_entry = strmap_get_lc(rend_cache_failure, "foo2");
- tt_assert(fail_entry);
- tt_int_op(digestmap_size(fail_entry->intro_failures), OP_EQ, 1);
- entry = digestmap_get(fail_entry->intro_failures, identity);
- tt_assert(entry);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_intro_failure_note(void *data)
-{
- (void)data;
- rend_cache_failure_t *fail_entry;
- rend_cache_failure_intro_t *entry;
- const char key[DIGEST_LEN] = "foo1";
-
- rend_cache_init();
-
- // Test not found
- rend_cache_intro_failure_note(INTRO_POINT_FAILURE_TIMEOUT,
- (const uint8_t *) key, "foo2");
- fail_entry = strmap_get_lc(rend_cache_failure, "foo2");
- tt_assert(fail_entry);
- tt_int_op(digestmap_size(fail_entry->intro_failures), OP_EQ, 1);
- entry = digestmap_get(fail_entry->intro_failures, key);
- tt_assert(entry);
- tt_int_op(entry->failure_type, OP_EQ, INTRO_POINT_FAILURE_TIMEOUT);
-
- // Test found
- rend_cache_intro_failure_note(INTRO_POINT_FAILURE_UNREACHABLE,
- (const uint8_t *) key, "foo2");
- tt_int_op(entry->failure_type, OP_EQ, INTRO_POINT_FAILURE_UNREACHABLE);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_clean_v2_descs_as_dir(void *data)
-{
- rend_cache_entry_t *e;
- time_t now, cutoff;
- rend_service_descriptor_t *desc;
- now = time(NULL);
- cutoff = now - (REND_CACHE_MAX_AGE + REND_CACHE_MAX_SKEW);
- const char key[DIGEST_LEN] = "abcde";
-
- (void)data;
-
- rend_cache_init();
-
- // Test running with an empty cache
- rend_cache_clean_v2_descs_as_dir(cutoff);
- tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
-
- // Test with only one new entry
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- e->last_served = now;
- desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- desc->timestamp = now;
- desc->pk = pk_generate(0);
- e->parsed = desc;
- rend_cache_increment_allocation(rend_cache_entry_allocation(e));
- digestmap_set(rend_cache_v2_dir, key, e);
-
- /* Set the cutoff to minus 10 seconds. */
- rend_cache_clean_v2_descs_as_dir(cutoff - 10);
- tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 1);
-
- // Test with one old entry
- desc->timestamp = cutoff - 1000;
- rend_cache_clean_v2_descs_as_dir(cutoff);
- tt_int_op(digestmap_size(rend_cache_v2_dir), OP_EQ, 0);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_entry_allocation(void *data)
-{
- (void)data;
-
- size_t ret;
- rend_cache_entry_t *e = NULL;
-
- // Handles a null argument
- ret = rend_cache_entry_allocation(NULL);
- tt_int_op(ret, OP_EQ, 0);
-
- // Handles a non-null argument
- e = tor_malloc_zero(sizeof(rend_cache_entry_t));
- ret = rend_cache_entry_allocation(e);
- tt_int_op(ret, OP_GT, sizeof(rend_cache_entry_t));
-
- done:
- tor_free(e);
-}
-
-static void
-test_rend_cache_failure_intro_entry_free(void *data)
-{
- (void)data;
- rend_cache_failure_intro_t *entry;
-
- // Handles a null argument
- rend_cache_failure_intro_entry_free_(NULL);
-
- // Handles a non-null argument
- entry = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- rend_cache_failure_intro_entry_free(entry);
-}
-
-static void
-test_rend_cache_failure_purge(void *data)
-{
- (void)data;
-
- // Handles a null failure cache
- strmap_free(rend_cache_failure, rend_cache_failure_entry_free_void);
- rend_cache_failure = NULL;
-
- rend_cache_failure_purge();
-
- tt_ptr_op(rend_cache_failure, OP_NE, NULL);
- tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
-
- done:
- rend_cache_free_all();
-}
-
-static void
-test_rend_cache_validate_intro_point_failure(void *data)
-{
- (void)data;
- rend_service_descriptor_t *desc = NULL;
- char *service_id = NULL;
- rend_intro_point_t *intro = NULL;
- const char *identity = NULL;
- rend_cache_failure_t *failure;
- rend_cache_failure_intro_t *ip;
-
- rend_cache_init();
-
- create_descriptor(&desc, &service_id, 3);
- desc->timestamp = time(NULL) + RECENT_TIME;
-
- intro = (rend_intro_point_t *)smartlist_get(desc->intro_nodes, 0);
- identity = intro->extend_info->identity_digest;
-
- failure = rend_cache_failure_entry_new();
- ip = rend_cache_failure_intro_entry_new(INTRO_POINT_FAILURE_TIMEOUT);
- digestmap_set(failure->intro_failures, identity, ip);
- strmap_set_lc(rend_cache_failure, service_id, failure);
-
- // Test when we have an intro point in our cache
- validate_intro_point_failure(desc, service_id);
- tt_int_op(smartlist_len(desc->intro_nodes), OP_EQ, 2);
-
- done:
- rend_cache_free_all();
- rend_service_descriptor_free(desc);
- tor_free(service_id);
-}
-
-struct testcase_t rend_cache_tests[] = {
- { "init", test_rend_cache_init, 0, NULL, NULL },
- { "decrement_allocation", test_rend_cache_decrement_allocation, 0,
- NULL, NULL },
- { "increment_allocation", test_rend_cache_increment_allocation, 0,
- NULL, NULL },
- { "clean", test_rend_cache_clean, TT_FORK, NULL, NULL },
- { "clean_v2_descs_as_dir", test_rend_cache_clean_v2_descs_as_dir, 0,
- NULL, NULL },
- { "entry_allocation", test_rend_cache_entry_allocation, 0, NULL, NULL },
- { "entry_free", test_rend_cache_entry_free, 0, NULL, NULL },
- { "failure_intro_entry_free", test_rend_cache_failure_intro_entry_free, 0,
- NULL, NULL },
- { "free_all", test_rend_cache_free_all, 0, NULL, NULL },
- { "purge", test_rend_cache_purge, 0, NULL, NULL },
- { "failure_clean", test_rend_cache_failure_clean, 0, NULL, NULL },
- { "failure_entry_new", test_rend_cache_failure_entry_new, 0, NULL, NULL },
- { "failure_entry_free", test_rend_cache_failure_entry_free, 0, NULL, NULL },
- { "failure_intro_add", test_rend_cache_failure_intro_add, 0, NULL, NULL },
- { "failure_intro_entry_new", test_rend_cache_failure_intro_entry_new, 0,
- NULL, NULL },
- { "failure_intro_lookup", test_rend_cache_failure_intro_lookup, 0,
- NULL, NULL },
- { "failure_purge", test_rend_cache_failure_purge, 0, NULL, NULL },
- { "failure_remove", test_rend_cache_failure_remove, 0, NULL, NULL },
- { "intro_failure_note", test_rend_cache_intro_failure_note, 0, NULL, NULL },
- { "lookup", test_rend_cache_lookup_entry, 0, NULL, NULL },
- { "lookup_v2_desc_as_dir", test_rend_cache_lookup_v2_desc_as_dir, 0,
- NULL, NULL },
- { "store_v2_desc_as_client", test_rend_cache_store_v2_desc_as_client, 0,
- NULL, NULL },
- { "store_v2_desc_as_client_with_different_time",
- test_rend_cache_store_v2_desc_as_client_with_different_time, 0,
- NULL, NULL },
- { "store_v2_desc_as_dir", test_rend_cache_store_v2_desc_as_dir, 0,
- NULL, NULL },
- { "store_v2_desc_as_dir_with_different_time",
- test_rend_cache_store_v2_desc_as_dir_with_different_time, 0, NULL, NULL },
- { "store_v2_desc_as_dir_with_different_content",
- test_rend_cache_store_v2_desc_as_dir_with_different_content, 0,
- NULL, NULL },
- { "validate_intro_point_failure",
- test_rend_cache_validate_intro_point_failure, 0, NULL, NULL },
- END_OF_TESTCASES
-};
More information about the tor-commits
mailing list