Merge remote-tracking branch 'dgoulet/bug14847_027_06'

src/or/control.c

@@ -37,6 +37,8 @@
 #include "nodelist.h"
 #include "policies.h"
 #include "reasons.h"
+#include "rendclient.h"
+#include "rendcommon.h"
 #include "rephist.h"
 #include "router.h"
 #include "routerlist.h"
@@ -159,6 +161,8 @@ static int handle_control_resolve(control_connection_t *conn, uint32_t len,
 static int handle_control_usefeature(control_connection_t *conn,
                                      uint32_t len,
                                      const char *body);
+static int handle_control_hsfetch(control_connection_t *conn, uint32_t len,
+                                  const char *body);
 static int write_stream_target_to_buf(entry_connection_t *conn, char *buf,
                                       size_t len);
 static void orconn_target_get_name(char *buf, size_t len,
@@ -943,6 +947,7 @@ static const struct control_event_t control_event_table[] = {
   { EVENT_CIRC_BANDWIDTH_USED, "CIRC_BW" },
   { EVENT_TRANSPORT_LAUNCHED, "TRANSPORT_LAUNCHED" },
   { EVENT_HS_DESC, "HS_DESC" },
+  { EVENT_HS_DESC_CONTENT, "HS_DESC_CONTENT" },
   { 0, NULL },
 };
 
@@ -3276,6 +3281,113 @@ handle_control_dropguards(control_connection_t *conn,
   return 0;
 }
 
+/** Implementation for the HSFETCH command. */
+static int
+handle_control_hsfetch(control_connection_t *conn, uint32_t len,
+                       const char *body)
+{
+  int i;
+  char digest[DIGEST_LEN], *hsaddress = NULL, *arg1 = NULL, *desc_id = NULL;
+  smartlist_t *args = NULL, *hsdirs = NULL;
+  (void) len; /* body is nul-terminated; it's safe to ignore the length */
+  static const char *hsfetch_command = "HSFETCH";
+  static const char *v2_str = "v2-";
+  const size_t v2_str_len = strlen(v2_str);
+  rend_data_t *rend_query = NULL;
+
+  /* Make sure we have at least one argument, the HSAddress. */
+  args = getargs_helper(hsfetch_command, conn, body, 1, -1);
+  if (!args) {
+    goto exit;
+  }
+
+  /* Extract the first argument (either HSAddress or DescID). */
+  arg1 = smartlist_get(args, 0);
+  /* Test if it's an HS address without the .onion part. */
+  if (rend_valid_service_id(arg1)) {
+    hsaddress = arg1;
+  } else if (strcmpstart(arg1, v2_str) == 0 &&
+             rend_valid_descriptor_id(arg1 + v2_str_len) &&
+             base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
+                           REND_DESC_ID_V2_LEN_BASE32) == 0) {
+    /* We have a well formed version 2 descriptor ID. Keep the decoded value
+     * of the id. */
+    desc_id = digest;
+  } else {
+    connection_printf_to_buf(conn, "513 Unrecognized \"%s\"\r\n",
+                             arg1);
+    goto done;
+  }
+
+  static const char *opt_server = "SERVER=";
+
+  /* Skip first argument because it's the HSAddress or DescID. */
+  for (i = 1; i < smartlist_len(args); ++i) {
+    const char *arg = smartlist_get(args, i);
+    const node_t *node;
+
+    if (!strcasecmpstart(arg, opt_server)) {
+      const char *server;
+
+      server = arg + strlen(opt_server);
+      node = node_get_by_hex_id(server);
+      if (!node) {
+        connection_printf_to_buf(conn, "552 Server \"%s\" not found\r\n",
+                                 server);
+        goto done;
+      }
+      if (!hsdirs) {
+        /* Stores routerstatus_t object for each specified server. */
+        hsdirs = smartlist_new();
+      }
+      /* Valid server, add it to our local list. */
+      smartlist_add(hsdirs, node->rs);
+    } else {
+      connection_printf_to_buf(conn, "513 Unexpected argument \"%s\"\r\n",
+                               arg);
+      goto done;
+    }
+  }
+
+  rend_query = tor_malloc_zero(sizeof(*rend_query));
+
+  if (hsaddress) {
+    strncpy(rend_query->onion_address, hsaddress,
+            sizeof(rend_query->onion_address));
+  } else if (desc_id) {
+    /* Using a descriptor ID, we force the user to provide at least one
+     * hsdir server using the SERVER= option. */
+    if (!hsdirs || !smartlist_len(hsdirs)) {
+      connection_printf_to_buf(conn, "512 %s option is required\r\n",
+                               opt_server);
+      goto done;
+    }
+    memcpy(rend_query->descriptor_id, desc_id,
+           sizeof(rend_query->descriptor_id));
+  } else {
+    /* We can't get in here because of the first argument check. */
+    tor_assert(0);
+  }
+  /* We are about to trigger HSDir fetch so send the OK now because after
+   * that 650 event(s) are possible so better to have the 250 OK before them
+   * to avoid out of order replies. */
+  send_control_done(conn);
+
+  /* Trigger the fetch using the built rend query and possibly a list of HS
+   * directory to use. This function ignores the client cache thus this will
+   * always send a fetch command. */
+  rend_client_fetch_v2_desc(rend_query, hsdirs);
+
+done:
+  SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
+  smartlist_free(args);
+  /* Contains data pointer that we don't own thus no cleanup. */
+  smartlist_free(hsdirs);
+  tor_free(rend_query);
+exit:
+  return 0;
+}
+
 /** Called when <b>conn</b> has no more bytes left on its outbuf. */
 int
 connection_control_finished_flushing(control_connection_t *conn)
@@ -3573,6 +3685,9 @@ connection_control_process_inbuf(control_connection_t *conn)
   } else if (!strcasecmp(conn->incoming_cmd, "DROPGUARDS")) {
     if (handle_control_dropguards(conn, cmd_data_len, args))
       return -1;
+  } else if (!strcasecmp(conn->incoming_cmd, "HSFETCH")) {
+    if (handle_control_hsfetch(conn, cmd_data_len, args))
+      return -1;
   } else {
     connection_printf_to_buf(conn, "510 Unrecognized command \"%s\"\r\n",
                              conn->incoming_cmd);
@@ -5241,6 +5356,31 @@ node_describe_longname_by_id,(const char *id_digest))
   return longname;
 }
 
+
+/** Return either the onion address if the given pointer is a non empty
+ * string else the unknown string. */
+static const char *
+rend_hsaddress_str_or_unknown(const char *onion_address)
+{
+  static const char *str_unknown = "UNKNOWN";
+  const char *str_ret = str_unknown;
+
+  /* No valid pointer, unknown it is. */
+  if (!onion_address) {
+    goto end;
+  }
+  /* Empty onion address thus we don't know, unknown it is. */
+  if (onion_address[0] == '\0') {
+    goto end;
+  }
+  /* All checks are good so return the given onion address. */
+  str_ret = onion_address;
+
+end:
+  return str_ret;
+}
+
+
 /** send HS_DESC requested event.
  *
  * <b>rend_query</b> is used to fetch requested onion address and auth type.
@@ -5261,7 +5401,7 @@ control_event_hs_descriptor_requested(const rend_data_t *rend_query,
 
   send_control_event(EVENT_HS_DESC, ALL_FORMATS,
                      "650 HS_DESC REQUESTED %s %s %s %s\r\n",
-                     rend_query->onion_address,
+                     rend_hsaddress_str_or_unknown(rend_query->onion_address),
                      rend_auth_type_to_string(rend_query->auth_type),
                      node_describe_longname_by_id(id_digest),
                      desc_id_base32);
@@ -5277,15 +5417,16 @@ control_event_hs_descriptor_requested(const rend_data_t *rend_query,
  */
 void
 control_event_hs_descriptor_receive_end(const char *action,
-                                        const rend_data_t *rend_query,
+                                        const char *onion_address,
+                                        rend_auth_type_t auth_type,
                                         const char *id_digest,
                                         const char *reason)
 {
   char *reason_field = NULL;
 
-  if (!action || !rend_query || !id_digest) {
-    log_warn(LD_BUG, "Called with action==%p, rend_query==%p, "
-             "id_digest==%p", action, rend_query, id_digest);
+  if (!action || !id_digest || !onion_address) {
+    log_warn(LD_BUG, "Called with action==%p, id_digest==%p "
+             "onion_address==%p", action, id_digest, onion_address);
     return;
   }
 
@@ -5296,8 +5437,8 @@ control_event_hs_descriptor_receive_end(const char *action,
   send_control_event(EVENT_HS_DESC, ALL_FORMATS,
                      "650 HS_DESC %s %s %s %s%s\r\n",
                      action,
-                     rend_query->onion_address,
-                     rend_auth_type_to_string(rend_query->auth_type),
+                     rend_hsaddress_str_or_unknown(onion_address),
+                     rend_auth_type_to_string(auth_type),
                      node_describe_longname_by_id(id_digest),
                      reason_field ? reason_field : "");
 
@@ -5309,16 +5450,16 @@ control_event_hs_descriptor_receive_end(const char *action,
  * called when a we successfully received a hidden service descriptor.
  */
 void
-control_event_hs_descriptor_received(const rend_data_t *rend_query,
+control_event_hs_descriptor_received(const char *onion_address,
+                                     rend_auth_type_t auth_type,
                                      const char *id_digest)
 {
-  if (!rend_query || !id_digest) {
-    log_warn(LD_BUG, "Called with rend_query==%p, id_digest==%p",
-             rend_query, id_digest);
+  if (!id_digest) {
+    log_warn(LD_BUG, "Called with id_digest==%p", id_digest);
     return;
   }
-  control_event_hs_descriptor_receive_end("RECEIVED", rend_query,
-                                          id_digest, NULL);
+  control_event_hs_descriptor_receive_end("RECEIVED", onion_address,
+                                          auth_type, id_digest, NULL);
 }
 
 /** Send HS_DESC event to inform controller that query <b>rend_query</b>
@@ -5327,19 +5468,52 @@ control_event_hs_descriptor_received(const rend_data_t *rend_query,
  * field.
  */
 void
-control_event_hs_descriptor_failed(const rend_data_t *rend_query,
+control_event_hs_descriptor_failed(const char *onion_address,
+                                   rend_auth_type_t auth_type,
                                    const char *id_digest,
                                    const char *reason)
 {
-  if (!rend_query || !id_digest) {
-    log_warn(LD_BUG, "Called with rend_query==%p, id_digest==%p",
-             rend_query, id_digest);
+  if (!id_digest) {
+    log_warn(LD_BUG, "Called with id_digest==%p", id_digest);
     return;
   }
-  control_event_hs_descriptor_receive_end("FAILED", rend_query,
+  control_event_hs_descriptor_receive_end("FAILED", onion_address, auth_type,
                                           id_digest, reason);
 }
 
+/** send HS_DESC_CONTENT event after completion of a successful fetch from
+ * hs directory. */
+void
+control_event_hs_descriptor_content(const char *onion_address,
+                                    const char *desc_id,
+                                    const char *hsdir_id_digest,
+                                    const char *content)
+{
+  static const char *event_name = "HS_DESC_CONTENT";
+  char *esc_content = NULL;
+
+  if (!onion_address || !desc_id || !hsdir_id_digest) {
+    log_warn(LD_BUG, "Called with onion_address==%p, desc_id==%p, "
+             "hsdir_id_digest==%p", onion_address, desc_id, hsdir_id_digest);
+    return;
+  }
+
+  if (content == NULL) {
+    /* Point it to empty content so it can still be escaped. */
+    content = "";
+  }
+  write_escaped_data(content, strlen(content), &esc_content);
+
+  send_control_event(EVENT_HS_DESC_CONTENT, ALL_FORMATS,
+                     "650+%s %s %s %s\r\n%s650 OK\r\n",
+                     event_name,
+                     rend_hsaddress_str_or_unknown(onion_address),
+                     desc_id,
+                     node_describe_longname_by_id(hsdir_id_digest),
+                     esc_content);
+  tor_free(esc_content);
+}
+
 /** Free any leftover allocated memory of the control.c subsystem. */
 void
 control_free_all(void)

src/or/control.h

@@ -107,14 +107,21 @@ void control_event_hs_descriptor_requested(const rend_data_t *rend_query,
                                            const char *desc_id_base32,
                                            const char *hs_dir);
 void control_event_hs_descriptor_receive_end(const char *action,
-                                        const rend_data_t *rend_query,
-                                        const char *hs_dir,
-                                        const char *reason);
-void control_event_hs_descriptor_received(const rend_data_t *rend_query,
-                                          const char *hs_dir);
-void control_event_hs_descriptor_failed(const rend_data_t *rend_query,
-                                        const char *hs_dir,
+                                             const char *onion_address,
+                                             rend_auth_type_t auth_type,
+                                             const char *id_digest,
+                                             const char *reason);
+void control_event_hs_descriptor_received(const char *onion_address,
+                                          rend_auth_type_t auth_type,
+                                          const char *id_digest);
+void control_event_hs_descriptor_failed(const char *onion_address,
+                                        rend_auth_type_t auth_type,
+                                        const char *id_digest,
                                         const char *reason);
+void control_event_hs_descriptor_content(const char *onion_address,
+                                         const char *desc_id,
+                                         const char *hsdir_fp,
+                                         const char *content);
 
 void control_free_all(void);
 
@@ -158,7 +165,8 @@ void control_free_all(void);
 #define EVENT_CIRC_BANDWIDTH_USED     0x001D
 #define EVENT_TRANSPORT_LAUNCHED      0x0020
 #define EVENT_HS_DESC                 0x0021
-#define EVENT_MAX_                    0x0021
+#define EVENT_HS_DESC_CONTENT         0x0022
+#define EVENT_MAX_                    0x0022
 
 /* sizeof(control_connection_t.event_mask) in bits, currently a uint64_t */
 #define EVENT_CAPACITY_               0x0040

src/or/directory.c

@@ -2099,17 +2099,27 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
 
   if (conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2) {
     #define SEND_HS_DESC_FAILED_EVENT(reason) ( \
-      control_event_hs_descriptor_failed(conn->rend_data, \
+      control_event_hs_descriptor_failed(conn->rend_data->onion_address, \
+                                         conn->rend_data->auth_type, \
                                          conn->identity_digest, \
                                          reason) )
+    #define SEND_HS_DESC_FAILED_CONTENT() ( \
+      control_event_hs_descriptor_content(conn->rend_data->onion_address, \
+                                          conn->requested_resource, \
+                                          conn->identity_digest, \
+                                          NULL) )
     tor_assert(conn->rend_data);
     log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
              "(%s))",
              (int)body_len, status_code, escaped(reason));
     switch (status_code) {
       case 200:
+      {
+        rend_cache_entry_t *entry = NULL;
+
         switch (rend_cache_store_v2_desc_as_client(body,
-                                  conn->requested_resource, conn->rend_data)) {
+                                  conn->requested_resource, conn->rend_data,
+                                  &entry)) {
           case RCS_BADDESC:
           case RCS_NOTDIR: /* Impossible */
             log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
@@ -2117,25 +2127,41 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
             /* We'll retry when connection_about_to_close_connection()
              * cleans this dir conn up. */
             SEND_HS_DESC_FAILED_EVENT("BAD_DESC");
+            SEND_HS_DESC_FAILED_CONTENT();
             break;
           case RCS_OKAY:
           default:
+          {
+            char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
+            /* Should never be NULL here for an OKAY returned code. */
+            tor_assert(entry);
+            rend_get_service_id(entry->parsed->pk, service_id);
+
             /* success. notify pending connections about this. */
             log_info(LD_REND, "Successfully fetched v2 rendezvous "
                      "descriptor.");
-            control_event_hs_descriptor_received(conn->rend_data,
+            control_event_hs_descriptor_received(service_id,
+                                                 conn->rend_data->auth_type,
                                                  conn->identity_digest);
+            control_event_hs_descriptor_content(service_id,
+                                                conn->requested_resource,
+                                                conn->identity_digest,
+                                                body);
             conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2;
-            rend_client_desc_trynow(conn->rend_data->onion_address);
+            rend_client_desc_trynow(service_id);
+            memwipe(service_id, 0, sizeof(service_id));
             break;
+          }
         }
         break;
+      }
       case 404:
         /* Not there. We'll retry when
          * connection_about_to_close_connection() cleans this conn up. */
         log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
                          "Retrying at another directory.");
         SEND_HS_DESC_FAILED_EVENT("NOT_FOUND");
+        SEND_HS_DESC_FAILED_CONTENT();
         break;
       case 400:
         log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
@@ -2143,6 +2169,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
                  "v2 rendezvous query? Retrying at another directory.",
                  escaped(reason));
         SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED");
+        SEND_HS_DESC_FAILED_CONTENT();
         break;
       default:
         log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
@@ -2152,6 +2179,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
                  status_code, escaped(reason), conn->base_.address,
                  conn->base_.port);
         SEND_HS_DESC_FAILED_EVENT("UNEXPECTED");
+        SEND_HS_DESC_FAILED_CONTENT();
         break;
     }
   }
@@ -3066,7 +3094,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
     /* Handle v2 rendezvous descriptor fetch request. */
     const char *descp;
     const char *query = url + strlen("/tor/rendezvous2/");
-    if (strlen(query) == REND_DESC_ID_V2_LEN_BASE32) {
+    if (rend_valid_descriptor_id(query)) {
       log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
                safe_str(escaped(query)));
       switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {

src/or/or.h

@@ -799,6 +799,10 @@ typedef struct rend_data_t {
   /** Authorization type for accessing a service used by a client. */
   rend_auth_type_t auth_type;
 
+  /** Descriptor ID for a client request. The control port command HSFETCH
+   * can use this. */
+  char descriptor_id[DIGEST_LEN];
+
   /** Hash of the hidden service's PK used by a service. */
   char rend_pk_digest[DIGEST_LEN];
 

src/or/rendclient.c

@@ -496,15 +496,13 @@ get_last_hid_serv_requests(void)
                                        REND_SERVICE_ID_LEN_BASE32)
 
 /** Look up the last request time to hidden service directory <b>hs_dir</b>
- * for descriptor ID <b>desc_id_base32</b> for the service specified in
- * <b>rend_query</b>. If <b>set</b> is non-zero,
- * assign the current time <b>now</b> and return that. Otherwise, return
- * the most recent request time, or 0 if no such request has been sent
- * before. */
+ * for descriptor ID <b>desc_id_base32</b>. If <b>set</b> is non-zero,
+ * assign the current time <b>now</b> and return that. Otherwise, return the
+ * most recent request time, or 0 if no such request has been sent before.
+ */
 static time_t
 lookup_last_hid_serv_request(routerstatus_t *hs_dir,
                              const char *desc_id_base32,
-                             const rend_data_t *rend_query,
                              time_t now, int set)
 {
   char hsdir_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
@@ -513,10 +511,9 @@ lookup_last_hid_serv_request(routerstatus_t *hs_dir,
   strmap_t *last_hid_serv_requests = get_last_hid_serv_requests();
   base32_encode(hsdir_id_base32, sizeof(hsdir_id_base32),
                 hs_dir->identity_digest, DIGEST_LEN);
-  tor_snprintf(hsdir_desc_comb_id, sizeof(hsdir_desc_comb_id), "%s%s%s",
+  tor_snprintf(hsdir_desc_comb_id, sizeof(hsdir_desc_comb_id), "%s%s",
                hsdir_id_base32,
-               desc_id_base32,
-               rend_query->onion_address);
+               desc_id_base32);
   /* XXX023 tor_assert(strlen(hsdir_desc_comb_id) ==
                        LAST_HID_SERV_REQUEST_KEY_LEN); */
   if (set) {
@@ -609,64 +606,53 @@ rend_client_purge_last_hid_serv_requests(void)
   }
 }
 
-/** Determine the responsible hidden service directories for <b>desc_id</b>
- * and fetch the descriptor with that ID from one of them. Only
- * send a request to a hidden service directory that we have not yet tried
- * during this attempt to connect to this hidden service; on success, return 1,
- * in the case that no hidden service directory is left to ask for the
- * descriptor, return 0, and in case of a failure -1.  */
-static int
-directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
+/** This returns a good valid hs dir that should be used for the given
+ * descriptor id.
+ *
+ * Return NULL on error else the hsdir node pointer. */
+static routerstatus_t *
+pick_hsdir(const char *desc_id, const char *desc_id_base32)
 {
   smartlist_t *responsible_dirs = smartlist_new();
   smartlist_t *usable_responsible_dirs = smartlist_new();
   const or_options_t *options = get_options();
   routerstatus_t *hs_dir;
-  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
   time_t now = time(NULL);
-  char descriptor_cookie_base64[3*REND_DESC_COOKIE_LEN_BASE64];
-#ifdef ENABLE_TOR2WEB_MODE
-  const int tor2web_mode = options->Tor2webMode;
-  const int how_to_fetch = tor2web_mode ? DIRIND_ONEHOP : DIRIND_ANONYMOUS;
-#else
-  const int how_to_fetch = DIRIND_ANONYMOUS;
-#endif
   int excluded_some;
-  tor_assert(desc_id);
-  tor_assert(rend_query);
-  /* Determine responsible dirs. Even if we can't get all we want,
-   * work with the ones we have. If it's empty, we'll notice below. */
-  hid_serv_get_responsible_directories(responsible_dirs, desc_id);
 
-  base32_encode(desc_id_base32, sizeof(desc_id_base32),
-                desc_id, DIGEST_LEN);
+  tor_assert(desc_id);
+  tor_assert(desc_id_base32);
 
-  /* Only select those hidden service directories to which we did not send
-   * a request recently and for which we have a router descriptor here. */
+  /* Determine responsible dirs. Even if we can't get all we want, work with
+   * the ones we have. If it's empty, we'll notice below. */
+  hid_serv_get_responsible_directories(responsible_dirs, desc_id);
 
   /* Clean request history first. */
   directory_clean_last_hid_serv_requests(now);
 
-  SMARTLIST_FOREACH(responsible_dirs, routerstatus_t *, dir, {
-      time_t last = lookup_last_hid_serv_request(
-                            dir, desc_id_base32, rend_query, 0, 0);
-      const node_t *node = node_get_by_id(dir->identity_digest);
-      if (last + REND_HID_SERV_DIR_REQUERY_PERIOD >= now ||
-          !node || !node_has_descriptor(node)) {
-        SMARTLIST_DEL_CURRENT(responsible_dirs, dir);
-        continue;
-      }
-      if (! routerset_contains_node(options->ExcludeNodes, node)) {
-        smartlist_add(usable_responsible_dirs, dir);
-      }
-  });
+  /* Only select those hidden service directories to which we did not send a
+   * request recently and for which we have a router descriptor here. */
+  SMARTLIST_FOREACH_BEGIN(responsible_dirs, routerstatus_t *, dir) {
+    time_t last = lookup_last_hid_serv_request(dir, desc_id_base32,
+                                               0, 0);
+    const node_t *node = node_get_by_id(dir->identity_digest);
+    if (last + REND_HID_SERV_DIR_REQUERY_PERIOD >= now ||
+        !node || !node_has_descriptor(node)) {
+      SMARTLIST_DEL_CURRENT(responsible_dirs, dir);
+      continue;
+    }
+    if (!routerset_contains_node(options->ExcludeNodes, node)) {
+      smartlist_add(usable_responsible_dirs, dir);
+    }
+  } SMARTLIST_FOREACH_END(dir);
 
   excluded_some =
     smartlist_len(usable_responsible_dirs) < smartlist_len(responsible_dirs);
 
   hs_dir = smartlist_choose(usable_responsible_dirs);
-  if (! hs_dir && ! options->StrictNodes)
+  if (!hs_dir && !options->StrictNodes) {
     hs_dir = smartlist_choose(responsible_dirs);
+  }
 
   smartlist_free(responsible_dirs);
   smartlist_free(usable_responsible_dirs);
@@ -679,14 +665,52 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
                "requested hidden service: they are all either down or "
                "excluded, and StrictNodes is set.");
     }
-    return 0;
+  } else {
+    /* Remember that we are requesting a descriptor from this hidden service
+     * directory now. */
+    lookup_last_hid_serv_request(hs_dir, desc_id_base32, now, 1);
   }
 
-  /* Remember that we are requesting a descriptor from this hidden service
-   * directory now. */
-  lookup_last_hid_serv_request(hs_dir, desc_id_base32, rend_query, now, 1);
+  return hs_dir;
+}
 
-  /* Encode descriptor cookie for logging purposes. */
+/** Determine the responsible hidden service directories for <b>desc_id</b>
+ * and fetch the descriptor with that ID from one of them. Only
+ * send a request to a hidden service directory that we have not yet tried
+ * during this attempt to connect to this hidden service; on success, return 1,
+ * in the case that no hidden service directory is left to ask for the
+ * descriptor, return 0, and in case of a failure -1.  */
+static int
+directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query,
+                          routerstatus_t *rs_hsdir)
+{
+  routerstatus_t *hs_dir = rs_hsdir;
+  char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
+  char descriptor_cookie_base64[3*REND_DESC_COOKIE_LEN_BASE64];
+#ifdef ENABLE_TOR2WEB_MODE
+  const int tor2web_mode = get_options()->Tor2webMode;
+  const int how_to_fetch = tor2web_mode ? DIRIND_ONEHOP : DIRIND_ANONYMOUS;
+#else
+  const int how_to_fetch = DIRIND_ANONYMOUS;
+#endif
+
+  tor_assert(desc_id);
+
+  base32_encode(desc_id_base32, sizeof(desc_id_base32),
+                desc_id, DIGEST_LEN);
+
+  /* Automatically pick an hs dir if none given. */
+  if (!rs_hsdir) {
+    hs_dir = pick_hsdir(desc_id, desc_id_base32);
+    if (!hs_dir) {
+      /* No suitable hs dir can be found, stop right now. */
+      return 0;
+    }
+  }
+
+  /* Encode descriptor cookie for logging purposes. Also, if the cookie is
+   * malformed, no fetch is triggered thus this needs to be done before the
+   * fetch request. */
   if (rend_query->auth_type != REND_NO_AUTH) {
     if (base64_encode(descriptor_cookie_base64,
                       sizeof(descriptor_cookie_base64),
@@ -727,16 +751,136 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
   return 1;
 }
 
+/** Fetch a v2 descriptor using the given descriptor id. If any hsdir(s) are
+ * given, they will be used instead.
+ *
+ * On success, 1 is returned. If no hidden service is left to ask, return 0.
+ * On error, -1 is returned. */
+static int
+fetch_v2_desc_by_descid(const char *desc_id, const rend_data_t *rend_query,
+                        smartlist_t *hsdirs)
+{
+  int ret;
+
+  tor_assert(rend_query);
+
+  if (!hsdirs) {
+    ret = directory_get_from_hs_dir(desc_id, rend_query, NULL);
+    goto end; /* either success or failure, but we're done */
+  }
+
+  /* Using the given hsdir list, trigger a fetch on each of them. */
+  SMARTLIST_FOREACH_BEGIN(hsdirs, routerstatus_t *, hs_dir) {
+    /* This should always be a success. */
+    ret = directory_get_from_hs_dir(desc_id, rend_query, hs_dir);
+    tor_assert(ret);
+  } SMARTLIST_FOREACH_END(hs_dir);
+
+  /* Everything went well. */
+  ret = 0;
+
+end:
+  return ret;
+}
+
+/** Fetch a v2 descriptor using the onion address in the given query object.
+ * This will compute the descriptor id for each replicas and fetch it on the
+ * given hsdir(s) if any or the responsible ones that are choosen
+ * automatically.
+ *
+ * On success, 1 is returned. If no hidden service is left to ask, return 0.
+ * On error, -1 is returned. */
+static int
+fetch_v2_desc_by_addr(const rend_data_t *query,
+                      smartlist_t *hsdirs)
+{
+  char descriptor_id[DIGEST_LEN];
+  int replicas_left_to_try[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS];
+  int i, tries_left, ret;
+
+  tor_assert(query);
+
+  /* Randomly iterate over the replicas until a descriptor can be fetched
+   * from one of the consecutive nodes, or no options are left. */
+  for (i = 0; i < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; i++) {
+    replicas_left_to_try[i] = i;
+  }
+
+  tries_left = REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
+  while (tries_left > 0) {
+    int rand = crypto_rand_int(tries_left);
+    int chosen_replica = replicas_left_to_try[rand];
+    replicas_left_to_try[rand] = replicas_left_to_try[--tries_left];
+
+    ret = rend_compute_v2_desc_id(descriptor_id, query->onion_address,
+                                  query->auth_type == REND_STEALTH_AUTH ?
+                                  query->descriptor_cookie : NULL,
+                                  time(NULL), chosen_replica);
+    if (ret < 0) {
+      /* Normally, on failure the descriptor_id is untouched but let's be
+       * safe in general in case the function changes at some point. */
+      goto end;
+    }
+
+    /* Trigger the fetch with the computed descriptor ID. */
+    ret = fetch_v2_desc_by_descid(descriptor_id, query, hsdirs);
+    if (ret != 0) {
+      /* Either on success or failure, as long as we tried a fetch we are
+       * done here. */
+      goto end;
+    }
+  }
+
+  /* If we come here, there are no hidden service directories left. */
+  log_info(LD_REND, "Could not pick one of the responsible hidden "
+                    "service directories to fetch descriptors, because "
+                    "we already tried them all unsuccessfully.");
+  ret = 0;
+
+end:
+  memwipe(descriptor_id, 0, sizeof(descriptor_id));
+  return ret;
+}
+
+/** Fetch a v2 descriptor using the given query. If any hsdir are specified,
+ * use them for the fetch.
+ *
+ * On success, 1 is returned. If no hidden service is left to ask, return 0.
+ * On error, -1 is returned. */
+int
+rend_client_fetch_v2_desc(const rend_data_t *query,
+                          smartlist_t *hsdirs)
+{
+  int ret;
+
+  tor_assert(query);
+
+  /* Depending on what's available in the rend data query object, we will
+   * trigger a fetch by HS address or using a descriptor ID. */
+
+  if (query->onion_address[0] != '\0') {
+    ret = fetch_v2_desc_by_addr(query, hsdirs);
+  } else if (query->descriptor_id[0] != '\0') {
+    ret = fetch_v2_desc_by_descid(query->descriptor_id, query, hsdirs);
+  } else {
+    /* Query data is invalid. */
+    ret = -1;
+    goto error;
+  }
+
+error:
+  return ret;
+}
+
 /** Unless we already have a descriptor for <b>rend_query</b> with at least
  * one (possibly) working introduction point in it, start a connection to a
  * hidden service directory to fetch a v2 rendezvous service descriptor. */
 void
 rend_client_refetch_v2_renddesc(const rend_data_t *rend_query)
 {
-  char descriptor_id[DIGEST_LEN];
-  int replicas_left_to_try[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS];
-  int i, tries_left;
+  int ret;
   rend_cache_entry_t *e = NULL;
+
   tor_assert(rend_query);
   /* Are we configured to fetch descriptors? */
   if (!get_options()->FetchHidServDescriptors) {
@@ -753,44 +897,12 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query)
   }
   log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s",
             safe_str_client(rend_query->onion_address));
-  /* Randomly iterate over the replicas until a descriptor can be fetched
-   * from one of the consecutive nodes, or no options are left. */
-  tries_left = REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
-  for (i = 0; i < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; i++)
-    replicas_left_to_try[i] = i;
-  while (tries_left > 0) {
-    int rand = crypto_rand_int(tries_left);
-    int chosen_replica = replicas_left_to_try[rand];
-    replicas_left_to_try[rand] = replicas_left_to_try[--tries_left];
 
-    if (rend_compute_v2_desc_id(descriptor_id, rend_query->onion_address,
-                                rend_query->auth_type == REND_STEALTH_AUTH ?
-                                    rend_query->descriptor_cookie : NULL,
-                                time(NULL), chosen_replica) < 0) {
-      log_warn(LD_REND, "Internal error: Computing v2 rendezvous "
-                        "descriptor ID did not succeed.");
-      /*
-       * Hmm, can this write anything to descriptor_id and still fail?
-       * Let's clear it just to be safe.
-       *
-       * From here on, any returns should goto done which clears
-       * descriptor_id so we don't leave key-derived material on the stack.
-       */
-      goto done;
-    }
-    if (directory_get_from_hs_dir(descriptor_id, rend_query) != 0)
-      goto done; /* either success or failure, but we're done */
+  ret = rend_client_fetch_v2_desc(rend_query, NULL);
+  if (ret <= 0) {
+    /* Close pending connections on error or if no hsdir can be found. */
+    rend_client_desc_trynow(rend_query->onion_address);
   }
-  /* If we come here, there are no hidden service directories left. */
-  log_info(LD_REND, "Could not pick one of the responsible hidden "
-                    "service directories to fetch descriptors, because "
-                    "we already tried them all unsuccessfully.");
-  /* Close pending connections. */
-  rend_client_desc_trynow(rend_query->onion_address);
-
- done:
-  memwipe(descriptor_id, 0, sizeof(descriptor_id));
-
   return;
 }
 

src/or/rendclient.h

@@ -20,6 +20,8 @@ int rend_client_introduction_acked(origin_circuit_t *circ,
                                    const uint8_t *request,
                                    size_t request_len);
 void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query);
+int rend_client_fetch_v2_desc(const rend_data_t *query,
+                              smartlist_t *hsdirs);
 void rend_client_cancel_descriptor_fetches(void);
 void rend_client_purge_last_hid_serv_requests(void);
 

src/or/rendcommon.c

@@ -920,6 +920,24 @@ rend_valid_service_id(const char *query)
   return 1;
 }
 
+/** Return true iff <b>query</b> is a syntactically valid descriptor ID.
+ * (as generated by rend_get_descriptor_id_bytes). */
+int
+rend_valid_descriptor_id(const char *query)
+{
+  if (strlen(query) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+  if (strspn(query, BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+
+  return 1;
+
+invalid:
+  return 0;
+}
+
 /** Lookup in the client cache the given service ID <b>query</b> for
  * <b>version</b>.
  *
@@ -1137,12 +1155,14 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
  * If the descriptor's descriptor ID doesn't match <b>desc_id_base32</b>,
  * reject it.
  *
- * Return an appropriate rend_cache_store_status_t.
+ * Return an appropriate rend_cache_store_status_t. If entry is not NULL,
+ * set it with the cache entry pointer of the descriptor.
  */
 rend_cache_store_status_t
 rend_cache_store_v2_desc_as_client(const char *desc,
                                    const char *desc_id_base32,
-                                   const rend_data_t *rend_query)
+                                   const rend_data_t *rend_query,
+                                   rend_cache_entry_t **entry)
 {
   /*XXXX this seems to have a bit of duplicate code with
    * rend_cache_store_v2_desc_as_dir().  Fix that. */
@@ -1175,6 +1195,9 @@ rend_cache_store_v2_desc_as_client(const char *desc,
   tor_assert(desc);
   tor_assert(desc_id_base32);
   memset(want_desc_id, 0, sizeof(want_desc_id));
+  if (entry) {
+    *entry = NULL;
+  }
   if (base32_decode(want_desc_id, sizeof(want_desc_id),
                     desc_id_base32, strlen(desc_id_base32)) != 0) {
     log_warn(LD_BUG, "Couldn't decode base32 %s for descriptor id.",
@@ -1193,7 +1216,8 @@ rend_cache_store_v2_desc_as_client(const char *desc,
     log_warn(LD_REND, "Couldn't compute service ID.");
     goto err;
   }
-  if (strcmp(rend_query->onion_address, service_id)) {
+  if (rend_query->onion_address[0] != '\0' &&
+      strcmp(rend_query->onion_address, service_id)) {
     log_warn(LD_REND, "Received service descriptor for service ID %s; "
              "expected descriptor for service ID %s.",
              service_id, safe_str(rend_query->onion_address));
@@ -1240,7 +1264,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
                "service descriptor for %s. This is probably a (misguided) "
                "attempt to improve reliability, but it could also be an "
                "attempt to do a guard enumeration attack. Rejecting.",
-               safe_str_client(rend_query->onion_address));
+               safe_str_client(service_id));
 
       goto err;
     }
@@ -1286,9 +1310,15 @@ rend_cache_store_v2_desc_as_client(const char *desc,
   rend_cache_increment_allocation(rend_cache_entry_allocation(e));
   log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
             safe_str_client(service_id), (int)encoded_size);
+  if (entry) {
+    *entry = e;
+  }
   return RCS_OKAY;
 
  okay:
+  if (entry) {
+    *entry = e;
+  }
   retval = RCS_OKAY;
 
  err:

src/or/rendcommon.h

@@ -37,6 +37,7 @@ void rend_cache_clean_v2_descs_as_dir(time_t now, size_t min_to_remove);
 void rend_cache_purge(void);
 void rend_cache_free_all(void);
 int rend_valid_service_id(const char *query);
+int rend_valid_descriptor_id(const char *query);
 int rend_cache_lookup_entry(const char *query, int version,
                             rend_cache_entry_t **entry_out);
 int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc);
@@ -50,7 +51,8 @@ typedef enum {
 rend_cache_store_status_t rend_cache_store_v2_desc_as_dir(const char *desc);
 rend_cache_store_status_t rend_cache_store_v2_desc_as_client(const char *desc,
                                        const char *desc_id_base32,
-                                       const rend_data_t *rend_query);
+                                       const rend_data_t *rend_query,
+                                       rend_cache_entry_t **entry);
 int rend_encode_v2_descriptors(smartlist_t *descs_out,
                                rend_service_descriptor_t *desc, time_t now,
                                uint8_t period, rend_auth_type_t auth_type,

src/or/routerparse.c

@@ -4575,8 +4575,7 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
   tok = find_by_keyword(tokens, R_RENDEZVOUS_SERVICE_DESCRIPTOR);
   tor_assert(tok == smartlist_get(tokens, 0));
   tor_assert(tok->n_args == 1);
-  if (strlen(tok->args[0]) != REND_DESC_ID_V2_LEN_BASE32 ||
-      strspn(tok->args[0], BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+  if (!rend_valid_descriptor_id(tok->args[0])) {
     log_warn(LD_REND, "Invalid descriptor ID: '%s'", tok->args[0]);
     goto err;
   }

src/test/test_hs.c

@@ -28,6 +28,68 @@
 #define STR_HSDIR_NONE_EXIST_LONGNAME \
                        "$BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
 
+/* DuckDuckGo descriptor as an example. */
+static const char *hs_desc_content = "\
+rendezvous-service-descriptor g5ojobzupf275beh5ra72uyhb3dkpxwg\r\n\
+version 2\r\n\
+permanent-key\r\n\
+-----BEGIN RSA PUBLIC KEY-----\r\n\
+MIGJAoGBAJ/SzzgrXPxTlFrKVhXh3buCWv2QfcNgncUpDpKouLn3AtPH5Ocys0jE\r\n\
+aZSKdvaiQ62md2gOwj4x61cFNdi05tdQjS+2thHKEm/KsB9BGLSLBNJYY356bupg\r\n\
+I5gQozM65ENelfxYlysBjJ52xSDBd8C4f/p9umdzaaaCmzXG/nhzAgMBAAE=\r\n\
+-----END RSA PUBLIC KEY-----\r\n\
+secret-id-part anmjoxxwiupreyajjt5yasimfmwcnxlf\r\n\
+publication-time 2015-03-11 19:00:00\r\n\
+protocol-versions 2,3\r\n\
+introduction-points\r\n\
+-----BEGIN MESSAGE-----\r\n\
+aW50cm9kdWN0aW9uLXBvaW50IDd1bnd4cmg2dG5kNGh6eWt1Z3EzaGZzdHduc2ll\r\n\
+cmhyCmlwLWFkZHJlc3MgMTg4LjEzOC4xMjEuMTE4Cm9uaW9uLXBvcnQgOTAwMQpv\r\n\
+bmlvbi1rZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dC\r\n\
+QUxGRVVyeVpDbk9ROEhURmV5cDVjMTRObWVqL1BhekFLTTBxRENTNElKUWh0Y3g1\r\n\
+NXpRSFdOVWIKQ2hHZ0JqR1RjV3ZGRnA0N3FkdGF6WUZhVXE2c0lQKzVqeWZ5b0Q4\r\n\
+UmJ1bzBwQmFWclJjMmNhYUptWWM0RDh6Vgpuby9sZnhzOVVaQnZ1cWY4eHIrMDB2\r\n\
+S0JJNmFSMlA2OE1WeDhrMExqcUpUU2RKOE9idm9yQWdNQkFBRT0KLS0tLS1FTkQg\r\n\
+UlNBIFBVQkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQ\r\n\
+VUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTnJHb0ozeTlHNXQzN2F2ekI1cTlwN1hG\r\n\
+VUplRUVYMUNOaExnWmJXWGJhVk5OcXpoZFhyL0xTUQppM1Z6dW5OaUs3cndUVnE2\r\n\
+K2QyZ1lRckhMMmIvMXBBY3ZKWjJiNSs0bTRRc0NibFpjRENXTktRbHJnRWN5WXRJ\r\n\
+CkdscXJTbFFEaXA0ZnNrUFMvNDVkWTI0QmJsQ3NGU1k3RzVLVkxJck4zZFpGbmJr\r\n\
+NEZIS1hBZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJv\r\n\
+ZHVjdGlvbi1wb2ludCBiNGM3enlxNXNheGZzN2prNXFibG1wN3I1b3pwdHRvagpp\r\n\
+cC1hZGRyZXNzIDEwOS4xNjkuNDUuMjI2Cm9uaW9uLXBvcnQgOTAwMQpvbmlvbi1r\r\n\
+ZXkKLS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCk1JR0pBb0dCQU8xSXpw\r\n\
+WFFUTUY3RXZUb1NEUXpzVnZiRVFRQUQrcGZ6NzczMVRXZzVaUEJZY1EyUkRaeVp4\r\n\
+OEQKNUVQSU1FeUE1RE83cGd0ak5LaXJvYXJGMC8yempjMkRXTUlSaXZyU29YUWVZ\r\n\
+ZXlMM1pzKzFIajJhMDlCdkYxZAp6MEswblRFdVhoNVR5V3lyMHdsbGI1SFBnTlI0\r\n\
+MS9oYkprZzkwZitPVCtIeGhKL1duUml2QWdNQkFBRT0KLS0tLS1FTkQgUlNBIFBV\r\n\
+QkxJQyBLRVktLS0tLQpzZXJ2aWNlLWtleQotLS0tLUJFR0lOIFJTQSBQVUJMSUMg\r\n\
+S0VZLS0tLS0KTUlHSkFvR0JBSzNWZEJ2ajFtQllLL3JrcHNwcm9Ub0llNUtHVmth\r\n\
+QkxvMW1tK1I2YUVJek1VZFE1SjkwNGtyRwpCd3k5NC8rV0lGNFpGYXh5Z2phejl1\r\n\
+N2pKY1k3ZGJhd1pFeG1hYXFCRlRwL2h2ZG9rcHQ4a1ByRVk4OTJPRHJ1CmJORUox\r\n\
+N1FPSmVMTVZZZk5Kcjl4TWZCQ3JQai8zOGh2RUdrbWVRNmRVWElvbVFNaUJGOVRB\r\n\
+Z01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0tLS0tCmludHJvZHVjdGlv\r\n\
+bi1wb2ludCBhdjVtcWl0Y2Q3cjJkandsYmN0c2Jlc2R3eGt0ZWtvegppcC1hZGRy\r\n\
+ZXNzIDE0NC43Ni44LjczCm9uaW9uLXBvcnQgNDQzCm9uaW9uLWtleQotLS0tLUJF\r\n\
+R0lOIFJTQSBQVUJMSUMgS0VZLS0tLS0KTUlHSkFvR0JBTzVweVZzQmpZQmNmMXBE\r\n\
+dklHUlpmWXUzQ05nNldka0ZLMGlvdTBXTGZtejZRVDN0NWhzd3cyVwpjejlHMXhx\r\n\
+MmN0Nkd6VWkrNnVkTDlITTRVOUdHTi9BbW8wRG9GV1hKWHpBQkFXd2YyMVdsd1lW\r\n\
+eFJQMHRydi9WCkN6UDkzcHc5OG5vSmdGUGRUZ05iMjdKYmVUZENLVFBrTEtscXFt\r\n\
+b3NveUN2RitRa25vUS9BZ01CQUFFPQotLS0tLUVORCBSU0EgUFVCTElDIEtFWS0t\r\n\
+LS0tCnNlcnZpY2Uta2V5Ci0tLS0tQkVHSU4gUlNBIFBVQkxJQyBLRVktLS0tLQpN\r\n\
+SUdKQW9HQkFMVjNKSmtWN3lTNU9jc1lHMHNFYzFQOTVRclFRR3ZzbGJ6Wi9zRGxl\r\n\
+RlpKYXFSOUYvYjRUVERNClNGcFMxcU1GbldkZDgxVmRGMEdYRmN2WVpLamRJdHU2\r\n\
+SndBaTRJeEhxeXZtdTRKdUxrcXNaTEFLaXRLVkx4eGsKeERlMjlDNzRWMmJrOTRJ\r\n\
+MEgybTNKS2tzTHVwc3VxWWRVUmhOVXN0SElKZmgyZmNIalF0bEFnTUJBQUU9Ci0t\r\n\
+LS0tRU5EIFJTQSBQVUJMSUMgS0VZLS0tLS0KCg==\r\n\
+-----END MESSAGE-----\r\n\
+signature\r\n\
+-----BEGIN SIGNATURE-----\r\n\
+d4OuCE5OLAOnRB6cQN6WyMEmg/BHem144Vec+eYgeWoKwx3MxXFplUjFxgnMlmwN\r\n\
+PcftsZf2ztN0sbNCtPgDL3d0PqvxY3iHTQAI8EbaGq/IAJUZ8U4y963dD5+Bn6JQ\r\n\
+myE3ctmh0vy5+QxSiRjmQBkuEpCyks7LvWvHYrhnmcg=\r\n\
+-----END SIGNATURE-----";
+
 /* Helper global variable for hidden service descriptor event test.
  * It's used as a pointer to dynamically created message buffer in
  * send_control_event_string_replacement function, which mocks
@@ -70,6 +132,7 @@ test_hs_desc_event(void *arg)
 {
   #define STR_HS_ADDR "ajhb7kljbiru65qo"
   #define STR_HS_ID "b3oeducbhjmbqmgw2i3jtz4fekkrinwj"
+  #define STR_DESC_ID "g5ojobzupf275beh5ra72uyhb3dkpxwg"
 
   rend_data_t rend_query;
   const char *expected_msg;
@@ -96,7 +159,8 @@ test_hs_desc_event(void *arg)
 
   /* test received event */
   rend_query.auth_type = 1;
-  control_event_hs_descriptor_received(&rend_query, HSDIR_EXIST_ID);
+  control_event_hs_descriptor_received(rend_query.onion_address,
+                                       rend_query.auth_type, HSDIR_EXIST_ID);
   expected_msg = "650 HS_DESC RECEIVED "STR_HS_ADDR" BASIC_AUTH "\
                   STR_HSDIR_EXIST_LONGNAME"\r\n";
   tt_assert(received_msg);
@@ -105,7 +169,8 @@ test_hs_desc_event(void *arg)
 
   /* test failed event */
   rend_query.auth_type = 2;
-  control_event_hs_descriptor_failed(&rend_query, HSDIR_NONE_EXIST_ID,
+  control_event_hs_descriptor_failed(rend_query.onion_address,
+                                     rend_query.auth_type, HSDIR_NONE_EXIST_ID,
                                      "QUERY_REJECTED");
   expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" STEALTH_AUTH "\
                   STR_HSDIR_NONE_EXIST_LONGNAME" REASON=QUERY_REJECTED\r\n";
@@ -115,7 +180,8 @@ test_hs_desc_event(void *arg)
 
   /* test invalid auth type */
   rend_query.auth_type = 999;
-  control_event_hs_descriptor_failed(&rend_query, HSDIR_EXIST_ID,
+  control_event_hs_descriptor_failed(rend_query.onion_address,
+                                     rend_query.auth_type, HSDIR_EXIST_ID,
                                      "QUERY_REJECTED");
   expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" UNKNOWN "\
                   STR_HSDIR_EXIST_LONGNAME" REASON=QUERY_REJECTED\r\n";
@@ -123,6 +189,18 @@ test_hs_desc_event(void *arg)
   tt_str_op(received_msg,OP_EQ, expected_msg);
   tor_free(received_msg);
 
+  /* test valid content. */
+  char *exp_msg;
+  control_event_hs_descriptor_content(rend_query.onion_address, STR_DESC_ID,
+                                      HSDIR_EXIST_ID, hs_desc_content);
+  tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " " STR_DESC_ID \
+               " " STR_HSDIR_EXIST_LONGNAME "\r\n%s\r\n.\r\n650 OK\r\n",
+               hs_desc_content);
+  tt_assert(received_msg);
+  tt_str_op(received_msg, OP_EQ, exp_msg);
+  tor_free(received_msg);
+  tor_free(exp_msg);
+
  done:
   UNMOCK(send_control_event_string);
   UNMOCK(node_describe_longname_by_id);