[tor-commits] [tor] 09/77: hs: Move rendezvous circuit data structure

gitolite role git at cupani.torproject.org
Wed May 10 15:46:53 UTC 2023


This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch main
in repository tor.

commit f0b63ca242a66cb5172e6b11a9f068ed348f601b
Author: David Goulet <dgoulet at torproject.org>
AuthorDate: Wed Jun 29 11:05:35 2022 -0400

    hs: Move rendezvous circuit data structure
    
    When parsing an INTRODUCE2 cell, we extract data in order to launch the
    rendezvous circuit. This commit creates a data structure just for that
    data so it can be used by future commits for prop327 in order to copy
    that data over a priority queue instead of the whole intro data data
    structure which contains pointers that could dissapear.
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/feature/hs/hs_cell.c    | 23 ++++++++++++-----------
 src/feature/hs/hs_cell.h    | 27 +++++++++++++++++----------
 src/feature/hs/hs_circuit.c | 25 ++++++++++++++-----------
 3 files changed, 43 insertions(+), 32 deletions(-)

diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c
index 32da706a63..603d997c42 100644
--- a/src/feature/hs/hs_cell.c
+++ b/src/feature/hs/hs_cell.c
@@ -812,7 +812,7 @@ get_introduce2_keys_and_verify_mac(hs_cell_introduce2_data_t *data,
                                            data->n_subcredentials,
                                            data->subcredentials,
                                            encrypted_section,
-                                           &data->client_pk);
+                                           &data->rdv_data.client_pk);
   if (intro_keys == NULL) {
     log_info(LD_REND, "Invalid INTRODUCE2 encrypted data. Unable to "
              "compute key material");
@@ -875,9 +875,9 @@ parse_introduce_cell_extension(hs_cell_introduce2_data_t *data,
   switch (trn_extension_field_get_field_type(field)) {
   case TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST:
     /* CC requests, enable it. */
-    data->cc_enabled = 1;
+    data->rdv_data.cc_enabled = 1;
     data->pv.protocols_known = 1;
-    data->pv.supports_congestion_control = data->cc_enabled;
+    data->pv.supports_congestion_control = data->rdv_data.cc_enabled;
     break;
   default:
     break;
@@ -944,7 +944,7 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
    * guaranteed to exist because of the length check above). We are gonna use
    * the client public key to compute the ntor keys and decrypt the payload:
    */
-  memcpy(&data->client_pk.public_key, encrypted_section,
+  memcpy(&data->rdv_data.client_pk.public_key, encrypted_section,
          CURVE25519_PUBKEY_LEN);
 
   /* Get the right INTRODUCE2 ntor keys and verify the cell MAC */
@@ -960,12 +960,13 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
   {
     /* The ENCRYPTED_DATA section starts just after the CLIENT_PK. */
     const uint8_t *encrypted_data =
-      encrypted_section + sizeof(data->client_pk);
+      encrypted_section + sizeof(data->rdv_data.client_pk);
     /* It's symmetric encryption so it's correct to use the ENCRYPTED length
      * for decryption. Computes the length of ENCRYPTED_DATA meaning removing
      * the CLIENT_PK and MAC length. */
     size_t encrypted_data_len =
-      encrypted_section_len - (sizeof(data->client_pk) + DIGEST256_LEN);
+      encrypted_section_len -
+      (sizeof(data->rdv_data.client_pk) + DIGEST256_LEN);
 
     /* This decrypts the ENCRYPTED_DATA section of the cell. */
     decrypted = decrypt_introduce2(intro_keys->enc_key,
@@ -992,12 +993,12 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
 
   /* Extract onion key and rendezvous cookie from the cell used for the
    * rendezvous point circuit e2e encryption. */
-  memcpy(data->onion_pk.public_key,
+  memcpy(data->rdv_data.onion_pk.public_key,
          trn_cell_introduce_encrypted_getconstarray_onion_key(enc_cell),
          CURVE25519_PUBKEY_LEN);
-  memcpy(data->rendezvous_cookie,
+  memcpy(data->rdv_data.rendezvous_cookie,
          trn_cell_introduce_encrypted_getconstarray_rend_cookie(enc_cell),
-         sizeof(data->rendezvous_cookie));
+         sizeof(data->rdv_data.rendezvous_cookie));
 
   /* Extract rendezvous link specifiers. */
   for (size_t idx = 0;
@@ -1011,7 +1012,7 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
     if (BUG(!lspec_dup)) {
       goto done;
     }
-    smartlist_add(data->link_specifiers, lspec_dup);
+    smartlist_add(data->rdv_data.link_specifiers, lspec_dup);
   }
 
   /* Extract any extensions. */
@@ -1031,7 +1032,7 @@ hs_cell_parse_introduce2(hs_cell_introduce2_data_t *data,
 
   /* If the client asked for congestion control, but we don't support it,
    * that's a failure. It should not have asked, based on our descriptor. */
-  if (data->cc_enabled && !congestion_control_enabled()) {
+  if (data->rdv_data.cc_enabled && !congestion_control_enabled()) {
     goto done;
   }
 
diff --git a/src/feature/hs/hs_cell.h b/src/feature/hs/hs_cell.h
index 2735401c05..61c0a94b20 100644
--- a/src/feature/hs/hs_cell.h
+++ b/src/feature/hs/hs_cell.h
@@ -47,6 +47,21 @@ typedef struct hs_cell_introduce1_data_t {
   const hs_pow_solution_t *pow_solution;
 } hs_cell_introduce1_data_t;
 
+/** Introduction data needed to launch a rendezvous circuit. This is set after
+ * receiving an INTRODUCE2 valid cell. */
+typedef struct hs_cell_intro_rdv_data_t {
+  /** Onion public key computed using the INTRODUCE2 encrypted section. */
+  curve25519_public_key_t onion_pk;
+  /** Rendezvous cookie taken from the INTRODUCE2 encrypted section. */
+  uint8_t rendezvous_cookie[REND_COOKIE_LEN];
+  /** Client public key from the INTRODUCE2 encrypted section. */
+  curve25519_public_key_t client_pk;
+  /** Link specifiers of the rendezvous point. Contains link_specifier_t. */
+  smartlist_t *link_specifiers;
+  /** Congestion control parameters. */
+  unsigned int cc_enabled : 1;
+} hs_cell_intro_rdv_data_t;
+
 /** This data structure contains data that we need to parse an INTRODUCE2 cell
  * which is used by the INTRODUCE2 cell parsing function. On a successful
  * parsing, the onion_pk and rendezvous_cookie will be populated with the
@@ -77,20 +92,12 @@ typedef struct hs_cell_introduce2_data_t {
 
   /*** Mutable Section: Set upon parsing INTRODUCE2 cell. ***/
 
-  /** Onion public key computed using the INTRODUCE2 encrypted section. */
-  curve25519_public_key_t onion_pk;
-  /** Rendezvous cookie taken from the INTRODUCE2 encrypted section. */
-  uint8_t rendezvous_cookie[REND_COOKIE_LEN];
-  /** Client public key from the INTRODUCE2 encrypted section. */
-  curve25519_public_key_t client_pk;
-  /** Link specifiers of the rendezvous point. Contains link_specifier_t. */
-  smartlist_t *link_specifiers;
+  /** Data needed to launch a rendezvous circuit. */
+  hs_cell_intro_rdv_data_t rdv_data;
   /** Replay cache of the introduction point. */
   replaycache_t *replay_cache;
   /** Flow control negotiation parameters. */
   protover_summary_flags_t pv;
-  /** Congestion control parameters. */
-  unsigned int cc_enabled : 1;
 } hs_cell_introduce2_data_t;
 
 /* Build cell API. */
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
index 3f8f16955f..835cd366ad 100644
--- a/src/feature/hs/hs_circuit.c
+++ b/src/feature/hs/hs_circuit.c
@@ -326,8 +326,8 @@ launch_rendezvous_point_circuit,(const hs_service_t *service,
 
   /* Get the extend info data structure for the chosen rendezvous point
    * specified by the given link specifiers. */
-  info = hs_get_extend_info_from_lspecs(data->link_specifiers,
-                                        &data->onion_pk,
+  info = hs_get_extend_info_from_lspecs(data->rdv_data.link_specifiers,
+                                        &data->rdv_data.onion_pk,
                                         service->config.is_single_onion);
   if (info == NULL) {
     /* We are done here, we can't extend to the rendezvous point. */
@@ -374,7 +374,8 @@ launch_rendezvous_point_circuit,(const hs_service_t *service,
   log_info(LD_REND, "Rendezvous circuit launched to %s with cookie %s "
                     "for %s service %s",
            safe_str_client(extend_info_describe(info)),
-           safe_str_client(hex_str((const char *) data->rendezvous_cookie,
+           safe_str_client(hex_str((const char *)
+                                   data->rdv_data.rendezvous_cookie,
                                    REND_COOKIE_LEN)),
            get_service_anonymity_string(service),
            safe_str_client(service->onion_address));
@@ -393,7 +394,8 @@ launch_rendezvous_point_circuit,(const hs_service_t *service,
     curve25519_keypair_generate(&ephemeral_kp, 0);
     if (hs_ntor_service_get_rendezvous1_keys(&ip->auth_key_kp.pubkey,
                                              &ip->enc_key_kp,
-                                             &ephemeral_kp, &data->client_pk,
+                                             &ephemeral_kp,
+                                             &data->rdv_data.client_pk,
                                              &keys) < 0) {
       /* This should not really happened but just in case, don't make tor
        * freak out, close the circuit and move on. */
@@ -404,15 +406,15 @@ launch_rendezvous_point_circuit,(const hs_service_t *service,
       goto end;
     }
     circ->hs_ident = create_rp_circuit_identifier(service,
-                                                  data->rendezvous_cookie,
-                                                  &ephemeral_kp.pubkey, &keys);
+                                       data->rdv_data.rendezvous_cookie,
+                                       &ephemeral_kp.pubkey, &keys);
     memwipe(&ephemeral_kp, 0, sizeof(ephemeral_kp));
     memwipe(&keys, 0, sizeof(keys));
     tor_assert(circ->hs_ident);
   }
 
   /* Setup congestion control if asked by the client from the INTRO cell. */
-  if (data->cc_enabled) {
+  if (data->rdv_data.cc_enabled) {
     hs_circ_setup_congestion_control(circ, congestion_control_sendme_inc(),
                                      service->config.is_single_onion);
   }
@@ -1003,9 +1005,9 @@ hs_circ_handle_introduce2(const hs_service_t *service,
   data.enc_kp = &ip->enc_key_kp;
   data.payload = payload;
   data.payload_len = payload_len;
-  data.link_specifiers = smartlist_new();
   data.replay_cache = ip->replay_cache;
-  data.cc_enabled = 0;
+  data.rdv_data.link_specifiers = smartlist_new();
+  data.rdv_data.cc_enabled = 0;
 
   if (get_subcredential_for_handling_intro2_cell(service, &data,
                                                  subcredential)) {
@@ -1022,7 +1024,8 @@ hs_circ_handle_introduce2(const hs_service_t *service,
   /* Check whether we've seen this REND_COOKIE before to detect repeats. */
   if (replaycache_add_test_and_elapsed(
            service->state.replay_cache_rend_cookie,
-           data.rendezvous_cookie, sizeof(data.rendezvous_cookie),
+           data.rdv_data.rendezvous_cookie,
+           sizeof(data.rdv_data.rendezvous_cookie),
            &elapsed)) {
     /* A Tor client will send a new INTRODUCE1 cell with the same REND_COOKIE
      * as its previous one if its intro circ times out while in state
@@ -1048,7 +1051,7 @@ hs_circ_handle_introduce2(const hs_service_t *service,
   ret = 0;
 
  done:
-  link_specifier_smartlist_free(data.link_specifiers);
+  link_specifier_smartlist_free(data.rdv_data.link_specifiers);
   memwipe(&data, 0, sizeof(data));
   return ret;
 }

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tor-commits mailing list