[tor-commits] [tor/master] prop224: Handle service RENDEZVOUS1 cell

nickm at torproject.org nickm at torproject.org
Wed Aug 9 00:36:37 UTC 2017


commit dfa6301aed8f1c7164b1e8513ab64119944d976c
Author: David Goulet <dgoulet at torproject.org>
Date:   Thu Mar 9 12:54:51 2017 -0500

    prop224: Handle service RENDEZVOUS1 cell
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/or/hs_cell.c    | 35 ++++++++++++++++++++++++++++++++
 src/or/hs_cell.h    |  7 +++++++
 src/or/hs_circuit.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/or/hs_circuit.h |  5 ++---
 src/or/hs_service.c | 35 +++++++++++++++++++++++++++++++-
 5 files changed, 135 insertions(+), 4 deletions(-)

diff --git a/src/or/hs_cell.c b/src/or/hs_cell.c
index 18d15fe0a..68c201b89 100644
--- a/src/or/hs_cell.c
+++ b/src/or/hs_cell.c
@@ -18,6 +18,7 @@
 #include "hs/cell_common.h"
 #include "hs/cell_establish_intro.h"
 #include "hs/cell_introduce1.h"
+#include "hs/cell_rendezvous.h"
 
 /* Compute the MAC of an INTRODUCE cell in mac_out. The encoded_cell param is
  * the cell content up to the ENCRYPTED section of length encoded_cell_len.
@@ -500,3 +501,37 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
   return ret;
 }
 
+/* Build a RENDEZVOUS1 cell with the given rendezvous cookie and handshake
+ * info. The encoded cell is put in cell_out and the length of the data is
+ * returned. This can't fail. */
+ssize_t
+hs_cell_build_rendezvous1(const uint8_t *rendezvous_cookie,
+                          size_t rendezvous_cookie_len,
+                          const uint8_t *rendezvous_handshake_info,
+                          size_t rendezvous_handshake_info_len,
+                          uint8_t *cell_out)
+{
+  ssize_t cell_len;
+  trn_cell_rendezvous1_t *cell;
+
+  tor_assert(rendezvous_cookie);
+  tor_assert(rendezvous_handshake_info);
+  tor_assert(cell_out);
+
+  cell = trn_cell_rendezvous1_new();
+  /* Set the RENDEZVOUS_COOKIE. */
+  memcpy(trn_cell_rendezvous1_getarray_rendezvous_cookie(cell),
+         rendezvous_cookie, rendezvous_cookie_len);
+  /* Set the HANDSHAKE_INFO. */
+  trn_cell_rendezvous1_setlen_handshake_info(cell,
+                                            rendezvous_handshake_info_len);
+  memcpy(trn_cell_rendezvous1_getarray_handshake_info(cell),
+         rendezvous_handshake_info, rendezvous_handshake_info_len);
+  /* Encoding. */
+  cell_len = trn_cell_rendezvous1_encode(cell_out, RELAY_PAYLOAD_SIZE, cell);
+  tor_assert(cell_len > 0);
+
+  trn_cell_rendezvous1_free(cell);
+  return cell_len;
+}
+
diff --git a/src/or/hs_cell.h b/src/or/hs_cell.h
index 901ff81aa..fb4950d51 100644
--- a/src/or/hs_cell.h
+++ b/src/or/hs_cell.h
@@ -47,10 +47,17 @@ typedef struct hs_cell_introduce2_data_t {
   smartlist_t *link_specifiers;
 } hs_cell_introduce2_data_t;
 
+/* Build cell API. */
 ssize_t hs_cell_build_establish_intro(const char *circ_nonce,
                                       const hs_service_intro_point_t *ip,
                                       uint8_t *cell_out);
+ssize_t hs_cell_build_rendezvous1(const uint8_t *rendezvous_cookie,
+                                  size_t rendezvous_cookie_len,
+                                  const uint8_t *rendezvous_handshake_info,
+                                  size_t rendezvous_handshake_info_len,
+                                  uint8_t *cell_out);
 
+/* Parse cell API. */
 ssize_t hs_cell_parse_intro_established(const uint8_t *payload,
                                         size_t payload_len);
 ssize_t hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c
index 7184e1e18..22a2c3347 100644
--- a/src/or/hs_circuit.c
+++ b/src/or/hs_circuit.c
@@ -685,6 +685,63 @@ hs_circ_service_intro_has_opened(hs_service_t *service,
   return ret;
 }
 
+/* Called when a service rendezvous point circuit is done building. Given the
+ * service and the circuit, this function will send a RENDEZVOUS1 cell on the
+ * circuit using the information in the circuit identifier. If the cell can't
+ * be sent, the circuit is closed. */
+void
+hs_circ_service_rp_has_opened(const hs_service_t *service,
+                              origin_circuit_t *circ)
+{
+  size_t payload_len;
+  uint8_t payload[RELAY_PAYLOAD_SIZE] = {0};
+
+  tor_assert(service);
+  tor_assert(circ);
+  tor_assert(circ->hs_ident);
+
+  /* Some useful logging. */
+  log_info(LD_REND, "Rendezvous circuit %u has opened with cookie %s "
+                    "for service %s",
+           TO_CIRCUIT(circ)->n_circ_id,
+           hex_str((const char *) circ->hs_ident->rendezvous_cookie,
+                   REND_COOKIE_LEN),
+           safe_str_client(service->onion_address));
+  circuit_log_path(LOG_INFO, LD_REND, circ);
+
+  /* This can't fail. */
+  payload_len = hs_cell_build_rendezvous1(
+                        circ->hs_ident->rendezvous_cookie,
+                        sizeof(circ->hs_ident->rendezvous_cookie),
+                        circ->hs_ident->rendezvous_handshake_info,
+                        sizeof(circ->hs_ident->rendezvous_handshake_info),
+                        payload);
+
+  if (relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ),
+                                   RELAY_COMMAND_RENDEZVOUS1,
+                                   (const char *) payload, payload_len,
+                                   circ->cpath->prev) < 0) {
+    /* On error, circuit is closed. */
+    log_warn(LD_REND, "Unable to send RENDEZVOUS1 cell on circuit %u "
+                      "for service %s",
+             TO_CIRCUIT(circ)->n_circ_id,
+             safe_str_client(service->onion_address));
+    goto done;
+  }
+
+  /* Setup end-to-end rendezvous circuit between the client and us. */
+  if (hs_circuit_setup_e2e_rend_circ(circ,
+                       circ->hs_ident->rendezvous_ntor_key_seed,
+                       sizeof(circ->hs_ident->rendezvous_ntor_key_seed),
+                       1) < 0) {
+    log_warn(LD_GENERAL, "Failed to setup circ");
+    goto done;
+  }
+
+ done:
+  memwipe(payload, 0, sizeof(payload));
+}
+
 /* Handle an INTRO_ESTABLISHED cell payload of length payload_len arriving on
  * the given introduction circuit circ. The service is only used for logging
  * purposes. Return 0 on success else a negative value. */
diff --git a/src/or/hs_circuit.h b/src/or/hs_circuit.h
index 1cada0b8a..ca8f1b2f6 100644
--- a/src/or/hs_circuit.h
+++ b/src/or/hs_circuit.h
@@ -20,6 +20,8 @@ int hs_circ_service_intro_has_opened(hs_service_t *service,
                                      hs_service_intro_point_t *ip,
                                      const hs_service_descriptor_t *desc,
                                      origin_circuit_t *circ);
+void hs_circ_service_rp_has_opened(const hs_service_t *service,
+                                   origin_circuit_t *circ);
 int hs_circ_launch_intro_point(hs_service_t *service,
                                const hs_service_intro_point_t *ip,
                                extend_info_t *ei, time_t now);
@@ -28,9 +30,6 @@ int hs_circ_launch_rendezvous_point(const hs_service_t *service,
                                     const uint8_t *rendezvous_cookie);
 
 /* Cell API. */
-void hs_circ_send_establish_intro(const hs_service_t *service,
-                                  hs_service_intro_point_t *ip,
-                                  origin_circuit_t *circ);
 int hs_circ_handle_intro_established(const hs_service_t *service,
                                      const hs_service_intro_point_t *ip,
                                      origin_circuit_t *circ,
diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index 83b8b507f..a2ab0629a 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -1782,11 +1782,44 @@ service_intro_circ_has_opened(origin_circuit_t *circ)
   return;
 }
 
+/* Called when a rendezvous circuit is done building and ready to be used. */
 static void
 service_rendezvous_circ_has_opened(origin_circuit_t *circ)
 {
+  hs_service_t *service = NULL;
+
   tor_assert(circ);
-  /* XXX: Implement rendezvous support. */
+  tor_assert(circ->cpath);
+  /* Getting here means this is a v3 intro circuit. */
+  tor_assert(circ->hs_ident);
+  tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND);
+
+  /* Declare the circuit dirty to avoid reuse, and for path-bias */
+  if (!TO_CIRCUIT(circ)->timestamp_dirty)
+    TO_CIRCUIT(circ)->timestamp_dirty = time(NULL);
+  pathbias_count_use_attempt(circ);
+
+  /* Get the corresponding service and intro point. */
+  get_objects_from_ident(circ->hs_ident, &service, NULL, NULL);
+  if (service == NULL) {
+    log_warn(LD_REND, "Unknown service identity key %s on the rendezvous "
+                      "circuit %u with cookie %s. Can't find onion service.",
+             safe_str_client(ed25519_fmt(&circ->hs_ident->identity_pk)),
+             TO_CIRCUIT(circ)->n_circ_id,
+             hex_str((const char *) circ->hs_ident->rendezvous_cookie,
+                     REND_COOKIE_LEN));
+    goto err;
+  }
+
+  /* If the cell can't be sent, the circuit will be closed within this
+   * function. */
+  hs_circ_service_rp_has_opened(service, circ);
+  goto done;
+
+ err:
+  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_NOSUCHSERVICE);
+ done:
+  return;
 }
 
 /* Handle an INTRO_ESTABLISHED cell arriving on the given introduction





More information about the tor-commits mailing list