hs_client.c 57 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619
  1. /* Copyright (c) 2016-2017, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file hs_client.c
  5. * \brief Implement next generation hidden service client functionality
  6. **/
  7. #define HS_CLIENT_PRIVATE
  8. #include "or.h"
  9. #include "circpathbias.h"
  10. #include "circuitbuild.h"
  11. #include "circuitlist.h"
  12. #include "circuituse.h"
  13. #include "config.h"
  14. #include "connection.h"
  15. #include "connection_edge.h"
  16. #include "container.h"
  17. #include "crypto_rand.h"
  18. #include "crypto_util.h"
  19. #include "directory.h"
  20. #include "hs_cache.h"
  21. #include "hs_cell.h"
  22. #include "hs_circuit.h"
  23. #include "hs_client.h"
  24. #include "hs_control.h"
  25. #include "hs_descriptor.h"
  26. #include "hs_ident.h"
  27. #include "hs_ntor.h"
  28. #include "networkstatus.h"
  29. #include "nodelist.h"
  30. #include "reasons.h"
  31. #include "rendclient.h"
  32. #include "router.h"
  33. #include "routerset.h"
  34. #include "entry_connection_st.h"
  35. /* Return a human-readable string for the client fetch status code. */
  36. static const char *
  37. fetch_status_to_string(hs_client_fetch_status_t status)
  38. {
  39. switch (status) {
  40. case HS_CLIENT_FETCH_ERROR:
  41. return "Internal error";
  42. case HS_CLIENT_FETCH_LAUNCHED:
  43. return "Descriptor fetch launched";
  44. case HS_CLIENT_FETCH_HAVE_DESC:
  45. return "Already have descriptor";
  46. case HS_CLIENT_FETCH_NO_HSDIRS:
  47. return "No more HSDir available to query";
  48. case HS_CLIENT_FETCH_NOT_ALLOWED:
  49. return "Fetching descriptors is not allowed";
  50. case HS_CLIENT_FETCH_MISSING_INFO:
  51. return "Missing directory information";
  52. case HS_CLIENT_FETCH_PENDING:
  53. return "Pending descriptor fetch";
  54. default:
  55. return "(Unknown client fetch status code)";
  56. }
  57. }
  58. /* Return true iff tor should close the SOCKS request(s) for the descriptor
  59. * fetch that ended up with this given status code. */
  60. static int
  61. fetch_status_should_close_socks(hs_client_fetch_status_t status)
  62. {
  63. switch (status) {
  64. case HS_CLIENT_FETCH_NO_HSDIRS:
  65. /* No more HSDir to query, we can't complete the SOCKS request(s). */
  66. case HS_CLIENT_FETCH_ERROR:
  67. /* The fetch triggered an internal error. */
  68. case HS_CLIENT_FETCH_NOT_ALLOWED:
  69. /* Client is not allowed to fetch (FetchHidServDescriptors 0). */
  70. goto close;
  71. case HS_CLIENT_FETCH_MISSING_INFO:
  72. case HS_CLIENT_FETCH_HAVE_DESC:
  73. case HS_CLIENT_FETCH_PENDING:
  74. case HS_CLIENT_FETCH_LAUNCHED:
  75. /* The rest doesn't require tor to close the SOCKS request(s). */
  76. goto no_close;
  77. }
  78. no_close:
  79. return 0;
  80. close:
  81. return 1;
  82. }
  83. /* Cancel all descriptor fetches currently in progress. */
  84. static void
  85. cancel_descriptor_fetches(void)
  86. {
  87. smartlist_t *conns =
  88. connection_list_by_type_state(CONN_TYPE_DIR, DIR_PURPOSE_FETCH_HSDESC);
  89. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
  90. const hs_ident_dir_conn_t *ident = TO_DIR_CONN(conn)->hs_ident;
  91. if (BUG(ident == NULL)) {
  92. /* A directory connection fetching a service descriptor can't have an
  93. * empty hidden service identifier. */
  94. continue;
  95. }
  96. log_debug(LD_REND, "Marking for close a directory connection fetching "
  97. "a hidden service descriptor for service %s.",
  98. safe_str_client(ed25519_fmt(&ident->identity_pk)));
  99. connection_mark_for_close(conn);
  100. } SMARTLIST_FOREACH_END(conn);
  101. /* No ownership of the objects in this list. */
  102. smartlist_free(conns);
  103. log_info(LD_REND, "Hidden service client descriptor fetches cancelled.");
  104. }
  105. /* Get all connections that are waiting on a circuit and flag them back to
  106. * waiting for a hidden service descriptor for the given service key
  107. * service_identity_pk. */
  108. static void
  109. flag_all_conn_wait_desc(const ed25519_public_key_t *service_identity_pk)
  110. {
  111. tor_assert(service_identity_pk);
  112. smartlist_t *conns =
  113. connection_list_by_type_state(CONN_TYPE_AP, AP_CONN_STATE_CIRCUIT_WAIT);
  114. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
  115. edge_connection_t *edge_conn;
  116. if (BUG(!CONN_IS_EDGE(conn))) {
  117. continue;
  118. }
  119. edge_conn = TO_EDGE_CONN(conn);
  120. if (edge_conn->hs_ident &&
  121. ed25519_pubkey_eq(&edge_conn->hs_ident->identity_pk,
  122. service_identity_pk)) {
  123. connection_ap_mark_as_non_pending_circuit(TO_ENTRY_CONN(conn));
  124. conn->state = AP_CONN_STATE_RENDDESC_WAIT;
  125. }
  126. } SMARTLIST_FOREACH_END(conn);
  127. smartlist_free(conns);
  128. }
  129. /* Remove tracked HSDir requests from our history for this hidden service
  130. * identity public key. */
  131. static void
  132. purge_hid_serv_request(const ed25519_public_key_t *identity_pk)
  133. {
  134. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  135. ed25519_public_key_t blinded_pk;
  136. tor_assert(identity_pk);
  137. /* Get blinded pubkey of hidden service. It is possible that we just moved
  138. * to a new time period meaning that we won't be able to purge the request
  139. * from the previous time period. That is fine because they will expire at
  140. * some point and we don't care about those anymore. */
  141. hs_build_blinded_pubkey(identity_pk, NULL, 0,
  142. hs_get_time_period_num(0), &blinded_pk);
  143. if (BUG(ed25519_public_to_base64(base64_blinded_pk, &blinded_pk) < 0)) {
  144. return;
  145. }
  146. /* Purge last hidden service request from cache for this blinded key. */
  147. hs_purge_hid_serv_from_last_hid_serv_requests(base64_blinded_pk);
  148. }
  149. /* Return true iff there is at least one pending directory descriptor request
  150. * for the service identity_pk. */
  151. static int
  152. directory_request_is_pending(const ed25519_public_key_t *identity_pk)
  153. {
  154. int ret = 0;
  155. smartlist_t *conns =
  156. connection_list_by_type_purpose(CONN_TYPE_DIR, DIR_PURPOSE_FETCH_HSDESC);
  157. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
  158. const hs_ident_dir_conn_t *ident = TO_DIR_CONN(conn)->hs_ident;
  159. if (BUG(ident == NULL)) {
  160. /* A directory connection fetching a service descriptor can't have an
  161. * empty hidden service identifier. */
  162. continue;
  163. }
  164. if (!ed25519_pubkey_eq(identity_pk, &ident->identity_pk)) {
  165. continue;
  166. }
  167. ret = 1;
  168. break;
  169. } SMARTLIST_FOREACH_END(conn);
  170. /* No ownership of the objects in this list. */
  171. smartlist_free(conns);
  172. return ret;
  173. }
  174. /* We failed to fetch a descriptor for the service with <b>identity_pk</b>
  175. * because of <b>status</b>. Find all pending SOCKS connections for this
  176. * service that are waiting on the descriptor and close them with
  177. * <b>reason</b>. */
  178. static void
  179. close_all_socks_conns_waiting_for_desc(const ed25519_public_key_t *identity_pk,
  180. hs_client_fetch_status_t status,
  181. int reason)
  182. {
  183. unsigned int count = 0;
  184. time_t now = approx_time();
  185. smartlist_t *conns =
  186. connection_list_by_type_state(CONN_TYPE_AP, AP_CONN_STATE_RENDDESC_WAIT);
  187. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  188. entry_connection_t *entry_conn = TO_ENTRY_CONN(base_conn);
  189. const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(entry_conn);
  190. /* Only consider the entry connections that matches the service for which
  191. * we tried to get the descriptor */
  192. if (!edge_conn->hs_ident ||
  193. !ed25519_pubkey_eq(identity_pk,
  194. &edge_conn->hs_ident->identity_pk)) {
  195. continue;
  196. }
  197. assert_connection_ok(base_conn, now);
  198. /* Unattach the entry connection which will close for the reason. */
  199. connection_mark_unattached_ap(entry_conn, reason);
  200. count++;
  201. } SMARTLIST_FOREACH_END(base_conn);
  202. if (count > 0) {
  203. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  204. hs_build_address(identity_pk, HS_VERSION_THREE, onion_address);
  205. log_notice(LD_REND, "Closed %u streams for service %s.onion "
  206. "for reason %s. Fetch status: %s.",
  207. count, safe_str_client(onion_address),
  208. stream_end_reason_to_string(reason),
  209. fetch_status_to_string(status));
  210. }
  211. /* No ownership of the object(s) in this list. */
  212. smartlist_free(conns);
  213. }
  214. /* Find all pending SOCKS connection waiting for a descriptor and retry them
  215. * all. This is called when the directory information changed. */
  216. static void
  217. retry_all_socks_conn_waiting_for_desc(void)
  218. {
  219. smartlist_t *conns =
  220. connection_list_by_type_state(CONN_TYPE_AP, AP_CONN_STATE_RENDDESC_WAIT);
  221. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  222. hs_client_fetch_status_t status;
  223. const edge_connection_t *edge_conn =
  224. ENTRY_TO_EDGE_CONN(TO_ENTRY_CONN(base_conn));
  225. /* Ignore non HS or non v3 connection. */
  226. if (edge_conn->hs_ident == NULL) {
  227. continue;
  228. }
  229. /* In this loop, we will possibly try to fetch a descriptor for the
  230. * pending connections because we just got more directory information.
  231. * However, the refetch process can cleanup all SOCKS request so the same
  232. * service if an internal error happens. Thus, we can end up with closed
  233. * connections in our list. */
  234. if (base_conn->marked_for_close) {
  235. continue;
  236. }
  237. /* XXX: There is an optimization we could do which is that for a service
  238. * key, we could check if we can fetch and remember that decision. */
  239. /* Order a refetch in case it works this time. */
  240. status = hs_client_refetch_hsdesc(&edge_conn->hs_ident->identity_pk);
  241. if (BUG(status == HS_CLIENT_FETCH_HAVE_DESC)) {
  242. /* This case is unique because it can NOT happen in theory. Once we get
  243. * a new descriptor, the HS client subsystem is notified immediately and
  244. * the connections waiting for it are handled which means the state will
  245. * change from renddesc wait state. Log this and continue to next
  246. * connection. */
  247. continue;
  248. }
  249. /* In the case of an error, either all SOCKS connections have been
  250. * closed or we are still missing directory information. Leave the
  251. * connection in renddesc wait state so when we get more info, we'll be
  252. * able to try it again. */
  253. } SMARTLIST_FOREACH_END(base_conn);
  254. /* We don't have ownership of those objects. */
  255. smartlist_free(conns);
  256. }
  257. /* A v3 HS circuit successfully connected to the hidden service. Update the
  258. * stream state at <b>hs_conn_ident</b> appropriately. */
  259. static void
  260. note_connection_attempt_succeeded(const hs_ident_edge_conn_t *hs_conn_ident)
  261. {
  262. tor_assert(hs_conn_ident);
  263. /* Remove from the hid serv cache all requests for that service so we can
  264. * query the HSDir again later on for various reasons. */
  265. purge_hid_serv_request(&hs_conn_ident->identity_pk);
  266. /* The v2 subsystem cleans up the intro point time out flag at this stage.
  267. * We don't try to do it here because we still need to keep intact the intro
  268. * point state for future connections. Even though we are able to connect to
  269. * the service, doesn't mean we should reset the timed out intro points.
  270. *
  271. * It is not possible to have successfully connected to an intro point
  272. * present in our cache that was on error or timed out. Every entry in that
  273. * cache have a 2 minutes lifetime so ultimately the intro point(s) state
  274. * will be reset and thus possible to be retried. */
  275. }
  276. /* Given the pubkey of a hidden service in <b>onion_identity_pk</b>, fetch its
  277. * descriptor by launching a dir connection to <b>hsdir</b>. Return a
  278. * hs_client_fetch_status_t status code depending on how it went. */
  279. static hs_client_fetch_status_t
  280. directory_launch_v3_desc_fetch(const ed25519_public_key_t *onion_identity_pk,
  281. const routerstatus_t *hsdir)
  282. {
  283. uint64_t current_time_period = hs_get_time_period_num(0);
  284. ed25519_public_key_t blinded_pubkey;
  285. char base64_blinded_pubkey[ED25519_BASE64_LEN + 1];
  286. hs_ident_dir_conn_t hs_conn_dir_ident;
  287. int retval;
  288. tor_assert(hsdir);
  289. tor_assert(onion_identity_pk);
  290. /* Get blinded pubkey */
  291. hs_build_blinded_pubkey(onion_identity_pk, NULL, 0,
  292. current_time_period, &blinded_pubkey);
  293. /* ...and base64 it. */
  294. retval = ed25519_public_to_base64(base64_blinded_pubkey, &blinded_pubkey);
  295. if (BUG(retval < 0)) {
  296. return HS_CLIENT_FETCH_ERROR;
  297. }
  298. /* Copy onion pk to a dir_ident so that we attach it to the dir conn */
  299. hs_ident_dir_conn_init(onion_identity_pk, &blinded_pubkey,
  300. &hs_conn_dir_ident);
  301. /* Setup directory request */
  302. directory_request_t *req =
  303. directory_request_new(DIR_PURPOSE_FETCH_HSDESC);
  304. directory_request_set_routerstatus(req, hsdir);
  305. directory_request_set_indirection(req, DIRIND_ANONYMOUS);
  306. directory_request_set_resource(req, base64_blinded_pubkey);
  307. directory_request_fetch_set_hs_ident(req, &hs_conn_dir_ident);
  308. directory_initiate_request(req);
  309. directory_request_free(req);
  310. log_info(LD_REND, "Descriptor fetch request for service %s with blinded "
  311. "key %s to directory %s",
  312. safe_str_client(ed25519_fmt(onion_identity_pk)),
  313. safe_str_client(base64_blinded_pubkey),
  314. safe_str_client(routerstatus_describe(hsdir)));
  315. /* Fire a REQUESTED event on the control port. */
  316. hs_control_desc_event_requested(onion_identity_pk, base64_blinded_pubkey,
  317. hsdir);
  318. /* Cleanup memory. */
  319. memwipe(&blinded_pubkey, 0, sizeof(blinded_pubkey));
  320. memwipe(base64_blinded_pubkey, 0, sizeof(base64_blinded_pubkey));
  321. memwipe(&hs_conn_dir_ident, 0, sizeof(hs_conn_dir_ident));
  322. return HS_CLIENT_FETCH_LAUNCHED;
  323. }
  324. /** Return the HSDir we should use to fetch the descriptor of the hidden
  325. * service with identity key <b>onion_identity_pk</b>. */
  326. STATIC routerstatus_t *
  327. pick_hsdir_v3(const ed25519_public_key_t *onion_identity_pk)
  328. {
  329. int retval;
  330. char base64_blinded_pubkey[ED25519_BASE64_LEN + 1];
  331. uint64_t current_time_period = hs_get_time_period_num(0);
  332. smartlist_t *responsible_hsdirs;
  333. ed25519_public_key_t blinded_pubkey;
  334. routerstatus_t *hsdir_rs = NULL;
  335. tor_assert(onion_identity_pk);
  336. responsible_hsdirs = smartlist_new();
  337. /* Get blinded pubkey of hidden service */
  338. hs_build_blinded_pubkey(onion_identity_pk, NULL, 0,
  339. current_time_period, &blinded_pubkey);
  340. /* ...and base64 it. */
  341. retval = ed25519_public_to_base64(base64_blinded_pubkey, &blinded_pubkey);
  342. if (BUG(retval < 0)) {
  343. return NULL;
  344. }
  345. /* Get responsible hsdirs of service for this time period */
  346. hs_get_responsible_hsdirs(&blinded_pubkey, current_time_period,
  347. 0, 1, responsible_hsdirs);
  348. log_debug(LD_REND, "Found %d responsible HSDirs and about to pick one.",
  349. smartlist_len(responsible_hsdirs));
  350. /* Pick an HSDir from the responsible ones. The ownership of
  351. * responsible_hsdirs is given to this function so no need to free it. */
  352. hsdir_rs = hs_pick_hsdir(responsible_hsdirs, base64_blinded_pubkey);
  353. return hsdir_rs;
  354. }
  355. /** Fetch a v3 descriptor using the given <b>onion_identity_pk</b>.
  356. *
  357. * On success, HS_CLIENT_FETCH_LAUNCHED is returned. Otherwise, an error from
  358. * hs_client_fetch_status_t is returned. */
  359. MOCK_IMPL(STATIC hs_client_fetch_status_t,
  360. fetch_v3_desc, (const ed25519_public_key_t *onion_identity_pk))
  361. {
  362. routerstatus_t *hsdir_rs =NULL;
  363. tor_assert(onion_identity_pk);
  364. hsdir_rs = pick_hsdir_v3(onion_identity_pk);
  365. if (!hsdir_rs) {
  366. log_info(LD_REND, "Couldn't pick a v3 hsdir.");
  367. return HS_CLIENT_FETCH_NO_HSDIRS;
  368. }
  369. return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs);
  370. }
  371. /* Make sure that the given v3 origin circuit circ is a valid correct
  372. * introduction circuit. This will BUG() on any problems and hard assert if
  373. * the anonymity of the circuit is not ok. Return 0 on success else -1 where
  374. * the circuit should be mark for closed immediately. */
  375. static int
  376. intro_circ_is_ok(const origin_circuit_t *circ)
  377. {
  378. int ret = 0;
  379. tor_assert(circ);
  380. if (BUG(TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCING &&
  381. TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT &&
  382. TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACKED)) {
  383. ret = -1;
  384. }
  385. if (BUG(circ->hs_ident == NULL)) {
  386. ret = -1;
  387. }
  388. if (BUG(!hs_ident_intro_circ_is_valid(circ->hs_ident))) {
  389. ret = -1;
  390. }
  391. /* This can stop the tor daemon but we want that since if we don't have
  392. * anonymity on this circuit, something went really wrong. */
  393. assert_circ_anonymity_ok(circ, get_options());
  394. return ret;
  395. }
  396. /* Find a descriptor intro point object that matches the given ident in the
  397. * given descriptor desc. Return NULL if not found. */
  398. static const hs_desc_intro_point_t *
  399. find_desc_intro_point_by_ident(const hs_ident_circuit_t *ident,
  400. const hs_descriptor_t *desc)
  401. {
  402. const hs_desc_intro_point_t *intro_point = NULL;
  403. tor_assert(ident);
  404. tor_assert(desc);
  405. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  406. const hs_desc_intro_point_t *, ip) {
  407. if (ed25519_pubkey_eq(&ident->intro_auth_pk,
  408. &ip->auth_key_cert->signed_key)) {
  409. intro_point = ip;
  410. break;
  411. }
  412. } SMARTLIST_FOREACH_END(ip);
  413. return intro_point;
  414. }
  415. /* Find a descriptor intro point object from the descriptor object desc that
  416. * matches the given legacy identity digest in legacy_id. Return NULL if not
  417. * found. */
  418. static hs_desc_intro_point_t *
  419. find_desc_intro_point_by_legacy_id(const char *legacy_id,
  420. const hs_descriptor_t *desc)
  421. {
  422. hs_desc_intro_point_t *ret_ip = NULL;
  423. tor_assert(legacy_id);
  424. tor_assert(desc);
  425. /* We will go over every intro point and try to find which one is linked to
  426. * that circuit. Those lists are small so it's not that expensive. */
  427. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  428. hs_desc_intro_point_t *, ip) {
  429. SMARTLIST_FOREACH_BEGIN(ip->link_specifiers,
  430. const hs_desc_link_specifier_t *, lspec) {
  431. /* Not all tor node have an ed25519 identity key so we still rely on the
  432. * legacy identity digest. */
  433. if (lspec->type != LS_LEGACY_ID) {
  434. continue;
  435. }
  436. if (fast_memneq(legacy_id, lspec->u.legacy_id, DIGEST_LEN)) {
  437. break;
  438. }
  439. /* Found it. */
  440. ret_ip = ip;
  441. goto end;
  442. } SMARTLIST_FOREACH_END(lspec);
  443. } SMARTLIST_FOREACH_END(ip);
  444. end:
  445. return ret_ip;
  446. }
  447. /* Send an INTRODUCE1 cell along the intro circuit and populate the rend
  448. * circuit identifier with the needed key material for the e2e encryption.
  449. * Return 0 on success, -1 if there is a transient error such that an action
  450. * has been taken to recover and -2 if there is a permanent error indicating
  451. * that both circuits were closed. */
  452. static int
  453. send_introduce1(origin_circuit_t *intro_circ,
  454. origin_circuit_t *rend_circ)
  455. {
  456. int status;
  457. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  458. const ed25519_public_key_t *service_identity_pk = NULL;
  459. const hs_desc_intro_point_t *ip;
  460. tor_assert(rend_circ);
  461. if (intro_circ_is_ok(intro_circ) < 0) {
  462. goto perm_err;
  463. }
  464. service_identity_pk = &intro_circ->hs_ident->identity_pk;
  465. /* For logging purposes. There will be a time where the hs_ident will have a
  466. * version number but for now there is none because it's all v3. */
  467. hs_build_address(service_identity_pk, HS_VERSION_THREE, onion_address);
  468. log_info(LD_REND, "Sending INTRODUCE1 cell to service %s on circuit %u",
  469. safe_str_client(onion_address), TO_CIRCUIT(intro_circ)->n_circ_id);
  470. /* 1) Get descriptor from our cache. */
  471. const hs_descriptor_t *desc =
  472. hs_cache_lookup_as_client(service_identity_pk);
  473. if (desc == NULL || !hs_client_any_intro_points_usable(service_identity_pk,
  474. desc)) {
  475. log_info(LD_REND, "Request to %s %s. Trying to fetch a new descriptor.",
  476. safe_str_client(onion_address),
  477. (desc) ? "didn't have usable intro points" :
  478. "didn't have a descriptor");
  479. hs_client_refetch_hsdesc(service_identity_pk);
  480. /* We just triggered a refetch, make sure every connections are back
  481. * waiting for that descriptor. */
  482. flag_all_conn_wait_desc(service_identity_pk);
  483. /* We just asked for a refetch so this is a transient error. */
  484. goto tran_err;
  485. }
  486. /* We need to find which intro point in the descriptor we are connected to
  487. * on intro_circ. */
  488. ip = find_desc_intro_point_by_ident(intro_circ->hs_ident, desc);
  489. if (BUG(ip == NULL)) {
  490. /* If we can find a descriptor from this introduction circuit ident, we
  491. * must have a valid intro point object. Permanent error. */
  492. goto perm_err;
  493. }
  494. /* Send the INTRODUCE1 cell. */
  495. if (hs_circ_send_introduce1(intro_circ, rend_circ, ip,
  496. desc->subcredential) < 0) {
  497. /* Unable to send the cell, the intro circuit has been marked for close so
  498. * this is a permanent error. */
  499. tor_assert_nonfatal(TO_CIRCUIT(intro_circ)->marked_for_close);
  500. goto perm_err;
  501. }
  502. /* Cell has been sent successfully. Copy the introduction point
  503. * authentication and encryption key in the rendezvous circuit identifier so
  504. * we can compute the ntor keys when we receive the RENDEZVOUS2 cell. */
  505. memcpy(&rend_circ->hs_ident->intro_enc_pk, &ip->enc_key,
  506. sizeof(rend_circ->hs_ident->intro_enc_pk));
  507. ed25519_pubkey_copy(&rend_circ->hs_ident->intro_auth_pk,
  508. &intro_circ->hs_ident->intro_auth_pk);
  509. /* Now, we wait for an ACK or NAK on this circuit. */
  510. circuit_change_purpose(TO_CIRCUIT(intro_circ),
  511. CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT);
  512. /* Set timestamp_dirty, because circuit_expire_building expects it to
  513. * specify when a circuit entered the _C_INTRODUCE_ACK_WAIT state. */
  514. TO_CIRCUIT(intro_circ)->timestamp_dirty = time(NULL);
  515. pathbias_count_use_attempt(intro_circ);
  516. /* Success. */
  517. status = 0;
  518. goto end;
  519. perm_err:
  520. /* Permanent error: it is possible that the intro circuit was closed prior
  521. * because we weren't able to send the cell. Make sure we don't double close
  522. * it which would result in a warning. */
  523. if (!TO_CIRCUIT(intro_circ)->marked_for_close) {
  524. circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_INTERNAL);
  525. }
  526. circuit_mark_for_close(TO_CIRCUIT(rend_circ), END_CIRC_REASON_INTERNAL);
  527. status = -2;
  528. goto end;
  529. tran_err:
  530. status = -1;
  531. end:
  532. memwipe(onion_address, 0, sizeof(onion_address));
  533. return status;
  534. }
  535. /* Using the introduction circuit circ, setup the authentication key of the
  536. * intro point this circuit has extended to. */
  537. static void
  538. setup_intro_circ_auth_key(origin_circuit_t *circ)
  539. {
  540. const hs_descriptor_t *desc;
  541. const hs_desc_intro_point_t *ip;
  542. tor_assert(circ);
  543. desc = hs_cache_lookup_as_client(&circ->hs_ident->identity_pk);
  544. if (BUG(desc == NULL)) {
  545. /* Opening intro circuit without the descriptor is no good... */
  546. goto end;
  547. }
  548. /* We will go over every intro point and try to find which one is linked to
  549. * that circuit. Those lists are small so it's not that expensive. */
  550. ip = find_desc_intro_point_by_legacy_id(
  551. circ->build_state->chosen_exit->identity_digest, desc);
  552. if (ip) {
  553. /* We got it, copy its authentication key to the identifier. */
  554. ed25519_pubkey_copy(&circ->hs_ident->intro_auth_pk,
  555. &ip->auth_key_cert->signed_key);
  556. goto end;
  557. }
  558. /* Reaching this point means we didn't find any intro point for this circuit
  559. * which is not suppose to happen. */
  560. tor_assert_nonfatal_unreached();
  561. end:
  562. return;
  563. }
  564. /* Called when an introduction circuit has opened. */
  565. static void
  566. client_intro_circ_has_opened(origin_circuit_t *circ)
  567. {
  568. tor_assert(circ);
  569. tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
  570. log_info(LD_REND, "Introduction circuit %u has opened. Attaching streams.",
  571. (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
  572. /* This is an introduction circuit so we'll attach the correct
  573. * authentication key to the circuit identifier so it can be identified
  574. * properly later on. */
  575. setup_intro_circ_auth_key(circ);
  576. connection_ap_attach_pending(1);
  577. }
  578. /* Called when a rendezvous circuit has opened. */
  579. static void
  580. client_rendezvous_circ_has_opened(origin_circuit_t *circ)
  581. {
  582. tor_assert(circ);
  583. tor_assert(TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND);
  584. const extend_info_t *rp_ei = circ->build_state->chosen_exit;
  585. /* Check that we didn't accidentally choose a node that does not understand
  586. * the v3 rendezvous protocol */
  587. if (rp_ei) {
  588. const node_t *rp_node = node_get_by_id(rp_ei->identity_digest);
  589. if (rp_node) {
  590. if (BUG(!node_supports_v3_rendezvous_point(rp_node))) {
  591. return;
  592. }
  593. }
  594. }
  595. log_info(LD_REND, "Rendezvous circuit has opened to %s.",
  596. safe_str_client(extend_info_describe(rp_ei)));
  597. /* Ignore returned value, nothing we can really do. On failure, the circuit
  598. * will be marked for close. */
  599. hs_circ_send_establish_rendezvous(circ);
  600. /* Register rend circuit in circuitmap if it's still alive. */
  601. if (!TO_CIRCUIT(circ)->marked_for_close) {
  602. hs_circuitmap_register_rend_circ_client_side(circ,
  603. circ->hs_ident->rendezvous_cookie);
  604. }
  605. }
  606. /* This is an helper function that convert a descriptor intro point object ip
  607. * to a newly allocated extend_info_t object fully initialized. Return NULL if
  608. * we can't convert it for which chances are that we are missing or malformed
  609. * link specifiers. */
  610. STATIC extend_info_t *
  611. desc_intro_point_to_extend_info(const hs_desc_intro_point_t *ip)
  612. {
  613. extend_info_t *ei;
  614. smartlist_t *lspecs = smartlist_new();
  615. tor_assert(ip);
  616. /* We first encode the descriptor link specifiers into the binary
  617. * representation which is a trunnel object. */
  618. SMARTLIST_FOREACH_BEGIN(ip->link_specifiers,
  619. const hs_desc_link_specifier_t *, desc_lspec) {
  620. link_specifier_t *lspec = hs_desc_lspec_to_trunnel(desc_lspec);
  621. smartlist_add(lspecs, lspec);
  622. } SMARTLIST_FOREACH_END(desc_lspec);
  623. /* Explicitly put the direct connection option to 0 because this is client
  624. * side and there is no such thing as a non anonymous client. */
  625. ei = hs_get_extend_info_from_lspecs(lspecs, &ip->onion_key, 0);
  626. SMARTLIST_FOREACH(lspecs, link_specifier_t *, ls, link_specifier_free(ls));
  627. smartlist_free(lspecs);
  628. return ei;
  629. }
  630. /* Return true iff the intro point ip for the service service_pk is usable.
  631. * This function checks if the intro point is in the client intro state cache
  632. * and checks at the failures. It is considered usable if:
  633. * - No error happened (INTRO_POINT_FAILURE_GENERIC)
  634. * - It is not flagged as timed out (INTRO_POINT_FAILURE_TIMEOUT)
  635. * - The unreachable count is lower than
  636. * MAX_INTRO_POINT_REACHABILITY_FAILURES (INTRO_POINT_FAILURE_UNREACHABLE)
  637. */
  638. static int
  639. intro_point_is_usable(const ed25519_public_key_t *service_pk,
  640. const hs_desc_intro_point_t *ip)
  641. {
  642. const hs_cache_intro_state_t *state;
  643. tor_assert(service_pk);
  644. tor_assert(ip);
  645. state = hs_cache_client_intro_state_find(service_pk,
  646. &ip->auth_key_cert->signed_key);
  647. if (state == NULL) {
  648. /* This means we've never encountered any problem thus usable. */
  649. goto usable;
  650. }
  651. if (state->error) {
  652. log_info(LD_REND, "Intro point with auth key %s had an error. Not usable",
  653. safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
  654. goto not_usable;
  655. }
  656. if (state->timed_out) {
  657. log_info(LD_REND, "Intro point with auth key %s timed out. Not usable",
  658. safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
  659. goto not_usable;
  660. }
  661. if (state->unreachable_count >= MAX_INTRO_POINT_REACHABILITY_FAILURES) {
  662. log_info(LD_REND, "Intro point with auth key %s unreachable. Not usable",
  663. safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)));
  664. goto not_usable;
  665. }
  666. usable:
  667. return 1;
  668. not_usable:
  669. return 0;
  670. }
  671. /* Using a descriptor desc, return a newly allocated extend_info_t object of a
  672. * randomly picked introduction point from its list. Return NULL if none are
  673. * usable. */
  674. STATIC extend_info_t *
  675. client_get_random_intro(const ed25519_public_key_t *service_pk)
  676. {
  677. extend_info_t *ei = NULL, *ei_excluded = NULL;
  678. smartlist_t *usable_ips = NULL;
  679. const hs_descriptor_t *desc;
  680. const hs_desc_encrypted_data_t *enc_data;
  681. const or_options_t *options = get_options();
  682. /* Calculate the onion address for logging purposes */
  683. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  684. tor_assert(service_pk);
  685. desc = hs_cache_lookup_as_client(service_pk);
  686. /* Assume the service is v3 if the descriptor is missing. This is ok,
  687. * because we only use the address in log messages */
  688. hs_build_address(service_pk,
  689. desc ? desc->plaintext_data.version : HS_VERSION_THREE,
  690. onion_address);
  691. if (desc == NULL || !hs_client_any_intro_points_usable(service_pk,
  692. desc)) {
  693. log_info(LD_REND, "Unable to randomly select an introduction point "
  694. "for service %s because descriptor %s. We can't connect.",
  695. safe_str_client(onion_address),
  696. (desc) ? "doesn't have any usable intro points"
  697. : "is missing (assuming v3 onion address)");
  698. goto end;
  699. }
  700. enc_data = &desc->encrypted_data;
  701. usable_ips = smartlist_new();
  702. smartlist_add_all(usable_ips, enc_data->intro_points);
  703. while (smartlist_len(usable_ips) != 0) {
  704. int idx;
  705. const hs_desc_intro_point_t *ip;
  706. /* Pick a random intro point and immediately remove it from the usable
  707. * list so we don't pick it again if we have to iterate more. */
  708. idx = crypto_rand_int(smartlist_len(usable_ips));
  709. ip = smartlist_get(usable_ips, idx);
  710. smartlist_del(usable_ips, idx);
  711. /* We need to make sure we have a usable intro points which is in a good
  712. * state in our cache. */
  713. if (!intro_point_is_usable(service_pk, ip)) {
  714. continue;
  715. }
  716. /* Generate an extend info object from the intro point object. */
  717. ei = desc_intro_point_to_extend_info(ip);
  718. if (ei == NULL) {
  719. /* We can get here for instance if the intro point is a private address
  720. * and we aren't allowed to extend to those. */
  721. log_info(LD_REND, "Unable to select introduction point with auth key %s "
  722. "for service %s, because we could not extend to it.",
  723. safe_str_client(ed25519_fmt(&ip->auth_key_cert->signed_key)),
  724. safe_str_client(onion_address));
  725. continue;
  726. }
  727. /* Test the pick against ExcludeNodes. */
  728. if (routerset_contains_extendinfo(options->ExcludeNodes, ei)) {
  729. /* If this pick is in the ExcludeNodes list, we keep its reference so if
  730. * we ever end up not being able to pick anything else and StrictNodes is
  731. * unset, we'll use it. */
  732. if (ei_excluded) {
  733. /* If something was already here free it. After the loop is gone we
  734. * will examine the last excluded intro point, and that's fine since
  735. * that's random anyway */
  736. extend_info_free(ei_excluded);
  737. }
  738. ei_excluded = ei;
  739. continue;
  740. }
  741. /* Good pick! Let's go with this. */
  742. goto end;
  743. }
  744. /* Reaching this point means a couple of things. Either we can't use any of
  745. * the intro point listed because the IP address can't be extended to or it
  746. * is listed in the ExcludeNodes list. In the later case, if StrictNodes is
  747. * set, we are forced to not use anything. */
  748. ei = ei_excluded;
  749. if (options->StrictNodes) {
  750. log_warn(LD_REND, "Every introduction point for service %s is in the "
  751. "ExcludeNodes set and StrictNodes is set. We can't connect.",
  752. safe_str_client(onion_address));
  753. extend_info_free(ei);
  754. ei = NULL;
  755. } else {
  756. log_fn(LOG_PROTOCOL_WARN, LD_REND, "Every introduction point for service "
  757. "%s is unusable or we can't extend to it. We can't connect.",
  758. safe_str_client(onion_address));
  759. }
  760. end:
  761. smartlist_free(usable_ips);
  762. memwipe(onion_address, 0, sizeof(onion_address));
  763. return ei;
  764. }
  765. /* For this introduction circuit, we'll look at if we have any usable
  766. * introduction point left for this service. If so, we'll use the circuit to
  767. * re-extend to a new intro point. Else, we'll close the circuit and its
  768. * corresponding rendezvous circuit. Return 0 if we are re-extending else -1
  769. * if we are closing the circuits.
  770. *
  771. * This is called when getting an INTRODUCE_ACK cell with a NACK. */
  772. static int
  773. close_or_reextend_intro_circ(origin_circuit_t *intro_circ)
  774. {
  775. int ret = -1;
  776. const hs_descriptor_t *desc;
  777. origin_circuit_t *rend_circ;
  778. tor_assert(intro_circ);
  779. desc = hs_cache_lookup_as_client(&intro_circ->hs_ident->identity_pk);
  780. if (BUG(desc == NULL)) {
  781. /* We can't continue without a descriptor. */
  782. goto close;
  783. }
  784. /* We still have the descriptor, great! Let's try to see if we can
  785. * re-extend by looking up if there are any usable intro points. */
  786. if (!hs_client_any_intro_points_usable(&intro_circ->hs_ident->identity_pk,
  787. desc)) {
  788. goto close;
  789. }
  790. /* Try to re-extend now. */
  791. if (hs_client_reextend_intro_circuit(intro_circ) < 0) {
  792. goto close;
  793. }
  794. /* Success on re-extending. Don't return an error. */
  795. ret = 0;
  796. goto end;
  797. close:
  798. /* Change the intro circuit purpose before so we don't report an intro point
  799. * failure again triggering an extra descriptor fetch. The circuit can
  800. * already be closed on failure to re-extend. */
  801. if (!TO_CIRCUIT(intro_circ)->marked_for_close) {
  802. circuit_change_purpose(TO_CIRCUIT(intro_circ),
  803. CIRCUIT_PURPOSE_C_INTRODUCE_ACKED);
  804. circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_FINISHED);
  805. }
  806. /* Close the related rendezvous circuit. */
  807. rend_circ = hs_circuitmap_get_rend_circ_client_side(
  808. intro_circ->hs_ident->rendezvous_cookie);
  809. /* The rendezvous circuit might have collapsed while the INTRODUCE_ACK was
  810. * inflight so we can't expect one every time. */
  811. if (rend_circ) {
  812. circuit_mark_for_close(TO_CIRCUIT(rend_circ), END_CIRC_REASON_FINISHED);
  813. }
  814. end:
  815. return ret;
  816. }
  817. /* Called when we get an INTRODUCE_ACK success status code. Do the appropriate
  818. * actions for the rendezvous point and finally close intro_circ. */
  819. static void
  820. handle_introduce_ack_success(origin_circuit_t *intro_circ)
  821. {
  822. origin_circuit_t *rend_circ = NULL;
  823. tor_assert(intro_circ);
  824. log_info(LD_REND, "Received INTRODUCE_ACK ack! Informing rendezvous");
  825. /* Get the rendezvous circuit for this rendezvous cookie. */
  826. uint8_t *rendezvous_cookie = intro_circ->hs_ident->rendezvous_cookie;
  827. rend_circ =
  828. hs_circuitmap_get_established_rend_circ_client_side(rendezvous_cookie);
  829. if (rend_circ == NULL) {
  830. log_warn(LD_REND, "Can't find any rendezvous circuit. Stopping");
  831. goto end;
  832. }
  833. assert_circ_anonymity_ok(rend_circ, get_options());
  834. /* It is possible to get a RENDEZVOUS2 cell before the INTRODUCE_ACK which
  835. * means that the circuit will be joined and already transmitting data. In
  836. * that case, simply skip the purpose change and close the intro circuit
  837. * like it should be. */
  838. if (TO_CIRCUIT(rend_circ)->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
  839. goto end;
  840. }
  841. circuit_change_purpose(TO_CIRCUIT(rend_circ),
  842. CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED);
  843. /* Set timestamp_dirty, because circuit_expire_building expects it to
  844. * specify when a circuit entered the
  845. * CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED state. */
  846. TO_CIRCUIT(rend_circ)->timestamp_dirty = time(NULL);
  847. end:
  848. /* We don't need the intro circuit anymore. It did what it had to do! */
  849. circuit_change_purpose(TO_CIRCUIT(intro_circ),
  850. CIRCUIT_PURPOSE_C_INTRODUCE_ACKED);
  851. circuit_mark_for_close(TO_CIRCUIT(intro_circ), END_CIRC_REASON_FINISHED);
  852. /* XXX: Close pending intro circuits we might have in parallel. */
  853. return;
  854. }
  855. /* Called when we get an INTRODUCE_ACK failure status code. Depending on our
  856. * failure cache status, either close the circuit or re-extend to a new
  857. * introduction point. */
  858. static void
  859. handle_introduce_ack_bad(origin_circuit_t *circ, int status)
  860. {
  861. tor_assert(circ);
  862. log_info(LD_REND, "Received INTRODUCE_ACK nack by %s. Reason: %u",
  863. safe_str_client(extend_info_describe(circ->build_state->chosen_exit)),
  864. status);
  865. /* It's a NAK. The introduction point didn't relay our request. */
  866. circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_C_INTRODUCING);
  867. /* Note down this failure in the intro point failure cache. Depending on how
  868. * many times we've tried this intro point, close it or reextend. */
  869. hs_cache_client_intro_state_note(&circ->hs_ident->identity_pk,
  870. &circ->hs_ident->intro_auth_pk,
  871. INTRO_POINT_FAILURE_GENERIC);
  872. }
  873. /* Called when we get an INTRODUCE_ACK on the intro circuit circ. The encoded
  874. * cell is in payload of length payload_len. Return 0 on success else a
  875. * negative value. The circuit is either close or reuse to re-extend to a new
  876. * introduction point. */
  877. static int
  878. handle_introduce_ack(origin_circuit_t *circ, const uint8_t *payload,
  879. size_t payload_len)
  880. {
  881. int status, ret = -1;
  882. tor_assert(circ);
  883. tor_assert(circ->build_state);
  884. tor_assert(circ->build_state->chosen_exit);
  885. assert_circ_anonymity_ok(circ, get_options());
  886. tor_assert(payload);
  887. status = hs_cell_parse_introduce_ack(payload, payload_len);
  888. switch (status) {
  889. case HS_CELL_INTRO_ACK_SUCCESS:
  890. ret = 0;
  891. handle_introduce_ack_success(circ);
  892. goto end;
  893. case HS_CELL_INTRO_ACK_FAILURE:
  894. case HS_CELL_INTRO_ACK_BADFMT:
  895. case HS_CELL_INTRO_ACK_NORELAY:
  896. handle_introduce_ack_bad(circ, status);
  897. /* We are going to see if we have to close the circuits (IP and RP) or we
  898. * can re-extend to a new intro point. */
  899. ret = close_or_reextend_intro_circ(circ);
  900. break;
  901. default:
  902. log_info(LD_PROTOCOL, "Unknown INTRODUCE_ACK status code %u from %s",
  903. status,
  904. safe_str_client(extend_info_describe(circ->build_state->chosen_exit)));
  905. break;
  906. }
  907. end:
  908. return ret;
  909. }
  910. /* Called when we get a RENDEZVOUS2 cell on the rendezvous circuit circ. The
  911. * encoded cell is in payload of length payload_len. Return 0 on success or a
  912. * negative value on error. On error, the circuit is marked for close. */
  913. STATIC int
  914. handle_rendezvous2(origin_circuit_t *circ, const uint8_t *payload,
  915. size_t payload_len)
  916. {
  917. int ret = -1;
  918. curve25519_public_key_t server_pk;
  919. uint8_t auth_mac[DIGEST256_LEN] = {0};
  920. uint8_t handshake_info[CURVE25519_PUBKEY_LEN + sizeof(auth_mac)] = {0};
  921. hs_ntor_rend_cell_keys_t keys;
  922. const hs_ident_circuit_t *ident;
  923. tor_assert(circ);
  924. tor_assert(payload);
  925. /* Make things easier. */
  926. ident = circ->hs_ident;
  927. tor_assert(ident);
  928. if (hs_cell_parse_rendezvous2(payload, payload_len, handshake_info,
  929. sizeof(handshake_info)) < 0) {
  930. goto err;
  931. }
  932. /* Get from the handshake info the SERVER_PK and AUTH_MAC. */
  933. memcpy(&server_pk, handshake_info, CURVE25519_PUBKEY_LEN);
  934. memcpy(auth_mac, handshake_info + CURVE25519_PUBKEY_LEN, sizeof(auth_mac));
  935. /* Generate the handshake info. */
  936. if (hs_ntor_client_get_rendezvous1_keys(&ident->intro_auth_pk,
  937. &ident->rendezvous_client_kp,
  938. &ident->intro_enc_pk, &server_pk,
  939. &keys) < 0) {
  940. log_info(LD_REND, "Unable to compute the rendezvous keys.");
  941. goto err;
  942. }
  943. /* Critical check, make sure that the MAC matches what we got with what we
  944. * computed just above. */
  945. if (!hs_ntor_client_rendezvous2_mac_is_good(&keys, auth_mac)) {
  946. log_info(LD_REND, "Invalid MAC in RENDEZVOUS2. Rejecting cell.");
  947. goto err;
  948. }
  949. /* Setup the e2e encryption on the circuit and finalize its state. */
  950. if (hs_circuit_setup_e2e_rend_circ(circ, keys.ntor_key_seed,
  951. sizeof(keys.ntor_key_seed), 0) < 0) {
  952. log_info(LD_REND, "Unable to setup the e2e encryption.");
  953. goto err;
  954. }
  955. /* Success. Hidden service connection finalized! */
  956. ret = 0;
  957. goto end;
  958. err:
  959. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  960. end:
  961. memwipe(&keys, 0, sizeof(keys));
  962. return ret;
  963. }
  964. /* Return true iff the client can fetch a descriptor for this service public
  965. * identity key and status_out if not NULL is untouched. If the client can
  966. * _not_ fetch the descriptor and if status_out is not NULL, it is set with
  967. * the fetch status code. */
  968. static unsigned int
  969. can_client_refetch_desc(const ed25519_public_key_t *identity_pk,
  970. hs_client_fetch_status_t *status_out)
  971. {
  972. hs_client_fetch_status_t status;
  973. tor_assert(identity_pk);
  974. /* Are we configured to fetch descriptors? */
  975. if (!get_options()->FetchHidServDescriptors) {
  976. log_warn(LD_REND, "We received an onion address for a hidden service "
  977. "descriptor but we are configured to not fetch.");
  978. status = HS_CLIENT_FETCH_NOT_ALLOWED;
  979. goto cannot;
  980. }
  981. /* Without a live consensus we can't do any client actions. It is needed to
  982. * compute the hashring for a service. */
  983. if (!networkstatus_get_live_consensus(approx_time())) {
  984. log_info(LD_REND, "Can't fetch descriptor for service %s because we "
  985. "are missing a live consensus. Stalling connection.",
  986. safe_str_client(ed25519_fmt(identity_pk)));
  987. status = HS_CLIENT_FETCH_MISSING_INFO;
  988. goto cannot;
  989. }
  990. if (!router_have_minimum_dir_info()) {
  991. log_info(LD_REND, "Can't fetch descriptor for service %s because we "
  992. "dont have enough descriptors. Stalling connection.",
  993. safe_str_client(ed25519_fmt(identity_pk)));
  994. status = HS_CLIENT_FETCH_MISSING_INFO;
  995. goto cannot;
  996. }
  997. /* Check if fetching a desc for this HS is useful to us right now */
  998. {
  999. const hs_descriptor_t *cached_desc = NULL;
  1000. cached_desc = hs_cache_lookup_as_client(identity_pk);
  1001. if (cached_desc && hs_client_any_intro_points_usable(identity_pk,
  1002. cached_desc)) {
  1003. log_info(LD_GENERAL, "We would fetch a v3 hidden service descriptor "
  1004. "but we already have a usable descriptor.");
  1005. status = HS_CLIENT_FETCH_HAVE_DESC;
  1006. goto cannot;
  1007. }
  1008. }
  1009. /* Don't try to refetch while we have a pending request for it. */
  1010. if (directory_request_is_pending(identity_pk)) {
  1011. log_info(LD_REND, "Already a pending directory request. Waiting on it.");
  1012. status = HS_CLIENT_FETCH_PENDING;
  1013. goto cannot;
  1014. }
  1015. /* Yes, client can fetch! */
  1016. return 1;
  1017. cannot:
  1018. if (status_out) {
  1019. *status_out = status;
  1020. }
  1021. return 0;
  1022. }
  1023. /* ========== */
  1024. /* Public API */
  1025. /* ========== */
  1026. /** A circuit just finished connecting to a hidden service that the stream
  1027. * <b>conn</b> has been waiting for. Let the HS subsystem know about this. */
  1028. void
  1029. hs_client_note_connection_attempt_succeeded(const edge_connection_t *conn)
  1030. {
  1031. tor_assert(connection_edge_is_rendezvous_stream(conn));
  1032. if (BUG(conn->rend_data && conn->hs_ident)) {
  1033. log_warn(LD_BUG, "Stream had both rend_data and hs_ident..."
  1034. "Prioritizing hs_ident");
  1035. }
  1036. if (conn->hs_ident) { /* It's v3: pass it to the prop224 handler */
  1037. note_connection_attempt_succeeded(conn->hs_ident);
  1038. return;
  1039. } else if (conn->rend_data) { /* It's v2: pass it to the legacy handler */
  1040. rend_client_note_connection_attempt_ended(conn->rend_data);
  1041. return;
  1042. }
  1043. }
  1044. /* With the given encoded descriptor in desc_str and the service key in
  1045. * service_identity_pk, decode the descriptor and set the desc pointer with a
  1046. * newly allocated descriptor object.
  1047. *
  1048. * Return 0 on success else a negative value and desc is set to NULL. */
  1049. int
  1050. hs_client_decode_descriptor(const char *desc_str,
  1051. const ed25519_public_key_t *service_identity_pk,
  1052. hs_descriptor_t **desc)
  1053. {
  1054. int ret;
  1055. uint8_t subcredential[DIGEST256_LEN];
  1056. ed25519_public_key_t blinded_pubkey;
  1057. tor_assert(desc_str);
  1058. tor_assert(service_identity_pk);
  1059. tor_assert(desc);
  1060. /* Create subcredential for this HS so that we can decrypt */
  1061. {
  1062. uint64_t current_time_period = hs_get_time_period_num(0);
  1063. hs_build_blinded_pubkey(service_identity_pk, NULL, 0, current_time_period,
  1064. &blinded_pubkey);
  1065. hs_get_subcredential(service_identity_pk, &blinded_pubkey, subcredential);
  1066. }
  1067. /* Parse descriptor */
  1068. ret = hs_desc_decode_descriptor(desc_str, subcredential, desc);
  1069. memwipe(subcredential, 0, sizeof(subcredential));
  1070. if (ret < 0) {
  1071. log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
  1072. if (get_options()->SafeLogging_ == SAFELOG_SCRUB_NONE) {
  1073. log_warn(LD_GENERAL, "%s", escaped(desc_str));
  1074. }
  1075. goto err;
  1076. }
  1077. /* Make sure the descriptor signing key cross certifies with the computed
  1078. * blinded key. Without this validation, anyone knowing the subcredential
  1079. * and onion address can forge a descriptor. */
  1080. tor_cert_t *cert = (*desc)->plaintext_data.signing_key_cert;
  1081. if (tor_cert_checksig(cert,
  1082. &blinded_pubkey, approx_time()) < 0) {
  1083. log_warn(LD_GENERAL, "Descriptor signing key certificate signature "
  1084. "doesn't validate with computed blinded key: %s",
  1085. tor_cert_describe_signature_status(cert));
  1086. goto err;
  1087. }
  1088. return 0;
  1089. err:
  1090. return -1;
  1091. }
  1092. /* Return true iff there are at least one usable intro point in the service
  1093. * descriptor desc. */
  1094. int
  1095. hs_client_any_intro_points_usable(const ed25519_public_key_t *service_pk,
  1096. const hs_descriptor_t *desc)
  1097. {
  1098. tor_assert(service_pk);
  1099. tor_assert(desc);
  1100. SMARTLIST_FOREACH_BEGIN(desc->encrypted_data.intro_points,
  1101. const hs_desc_intro_point_t *, ip) {
  1102. if (intro_point_is_usable(service_pk, ip)) {
  1103. goto usable;
  1104. }
  1105. } SMARTLIST_FOREACH_END(ip);
  1106. return 0;
  1107. usable:
  1108. return 1;
  1109. }
  1110. /** Launch a connection to a hidden service directory to fetch a hidden
  1111. * service descriptor using <b>identity_pk</b> to get the necessary keys.
  1112. *
  1113. * A hs_client_fetch_status_t code is returned. */
  1114. int
  1115. hs_client_refetch_hsdesc(const ed25519_public_key_t *identity_pk)
  1116. {
  1117. hs_client_fetch_status_t status;
  1118. tor_assert(identity_pk);
  1119. if (!can_client_refetch_desc(identity_pk, &status)) {
  1120. return status;
  1121. }
  1122. /* Try to fetch the desc and if we encounter an unrecoverable error, mark
  1123. * the desc as unavailable for now. */
  1124. status = fetch_v3_desc(identity_pk);
  1125. if (fetch_status_should_close_socks(status)) {
  1126. close_all_socks_conns_waiting_for_desc(identity_pk, status,
  1127. END_STREAM_REASON_RESOLVEFAILED);
  1128. /* Remove HSDir fetch attempts so that we can retry later if the user
  1129. * wants us to regardless of if we closed any connections. */
  1130. purge_hid_serv_request(identity_pk);
  1131. }
  1132. return status;
  1133. }
  1134. /* This is called when we are trying to attach an AP connection to these
  1135. * hidden service circuits from connection_ap_handshake_attach_circuit().
  1136. * Return 0 on success, -1 for a transient error that is actions were
  1137. * triggered to recover or -2 for a permenent error where both circuits will
  1138. * marked for close.
  1139. *
  1140. * The following supports every hidden service version. */
  1141. int
  1142. hs_client_send_introduce1(origin_circuit_t *intro_circ,
  1143. origin_circuit_t *rend_circ)
  1144. {
  1145. return (intro_circ->hs_ident) ? send_introduce1(intro_circ, rend_circ) :
  1146. rend_client_send_introduction(intro_circ,
  1147. rend_circ);
  1148. }
  1149. /* Called when the client circuit circ has been established. It can be either
  1150. * an introduction or rendezvous circuit. This function handles all hidden
  1151. * service versions. */
  1152. void
  1153. hs_client_circuit_has_opened(origin_circuit_t *circ)
  1154. {
  1155. tor_assert(circ);
  1156. /* Handle both version. v2 uses rend_data and v3 uses the hs circuit
  1157. * identifier hs_ident. Can't be both. */
  1158. switch (TO_CIRCUIT(circ)->purpose) {
  1159. case CIRCUIT_PURPOSE_C_INTRODUCING:
  1160. if (circ->hs_ident) {
  1161. client_intro_circ_has_opened(circ);
  1162. } else {
  1163. rend_client_introcirc_has_opened(circ);
  1164. }
  1165. break;
  1166. case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
  1167. if (circ->hs_ident) {
  1168. client_rendezvous_circ_has_opened(circ);
  1169. } else {
  1170. rend_client_rendcirc_has_opened(circ);
  1171. }
  1172. break;
  1173. default:
  1174. tor_assert_nonfatal_unreached();
  1175. }
  1176. }
  1177. /* Called when we receive a RENDEZVOUS_ESTABLISHED cell. Change the state of
  1178. * the circuit to CIRCUIT_PURPOSE_C_REND_READY. Return 0 on success else a
  1179. * negative value and the circuit marked for close. */
  1180. int
  1181. hs_client_receive_rendezvous_acked(origin_circuit_t *circ,
  1182. const uint8_t *payload, size_t payload_len)
  1183. {
  1184. tor_assert(circ);
  1185. tor_assert(payload);
  1186. (void) payload_len;
  1187. if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND) {
  1188. log_warn(LD_PROTOCOL, "Got a RENDEZVOUS_ESTABLISHED but we were not "
  1189. "expecting one. Closing circuit.");
  1190. goto err;
  1191. }
  1192. log_info(LD_REND, "Received an RENDEZVOUS_ESTABLISHED. This circuit is "
  1193. "now ready for rendezvous.");
  1194. circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_C_REND_READY);
  1195. /* Set timestamp_dirty, because circuit_expire_building expects it to
  1196. * specify when a circuit entered the _C_REND_READY state. */
  1197. TO_CIRCUIT(circ)->timestamp_dirty = time(NULL);
  1198. /* From a path bias point of view, this circuit is now successfully used.
  1199. * Waiting any longer opens us up to attacks from malicious hidden services.
  1200. * They could induce the client to attempt to connect to their hidden
  1201. * service and never reply to the client's rend requests */
  1202. pathbias_mark_use_success(circ);
  1203. /* If we already have the introduction circuit built, make sure we send
  1204. * the INTRODUCE cell _now_ */
  1205. connection_ap_attach_pending(1);
  1206. return 0;
  1207. err:
  1208. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  1209. return -1;
  1210. }
  1211. /* This is called when a descriptor has arrived following a fetch request and
  1212. * has been stored in the client cache. Every entry connection that matches
  1213. * the service identity key in the ident will get attached to the hidden
  1214. * service circuit. */
  1215. void
  1216. hs_client_desc_has_arrived(const hs_ident_dir_conn_t *ident)
  1217. {
  1218. time_t now = time(NULL);
  1219. smartlist_t *conns = NULL;
  1220. tor_assert(ident);
  1221. conns = connection_list_by_type_state(CONN_TYPE_AP,
  1222. AP_CONN_STATE_RENDDESC_WAIT);
  1223. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  1224. const hs_descriptor_t *desc;
  1225. entry_connection_t *entry_conn = TO_ENTRY_CONN(base_conn);
  1226. const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(entry_conn);
  1227. /* Only consider the entry connections that matches the service for which
  1228. * we just fetched its descriptor. */
  1229. if (!edge_conn->hs_ident ||
  1230. !ed25519_pubkey_eq(&ident->identity_pk,
  1231. &edge_conn->hs_ident->identity_pk)) {
  1232. continue;
  1233. }
  1234. assert_connection_ok(base_conn, now);
  1235. /* We were just called because we stored the descriptor for this service
  1236. * so not finding a descriptor means we have a bigger problem. */
  1237. desc = hs_cache_lookup_as_client(&ident->identity_pk);
  1238. if (BUG(desc == NULL)) {
  1239. goto end;
  1240. }
  1241. if (!hs_client_any_intro_points_usable(&ident->identity_pk, desc)) {
  1242. log_info(LD_REND, "Hidden service descriptor is unusable. "
  1243. "Closing streams.");
  1244. connection_mark_unattached_ap(entry_conn,
  1245. END_STREAM_REASON_RESOLVEFAILED);
  1246. /* We are unable to use the descriptor so remove the directory request
  1247. * from the cache so the next connection can try again. */
  1248. note_connection_attempt_succeeded(edge_conn->hs_ident);
  1249. goto end;
  1250. }
  1251. log_info(LD_REND, "Descriptor has arrived. Launching circuits.");
  1252. /* Because the connection can now proceed to opening circuit and
  1253. * ultimately connect to the service, reset those timestamp so the
  1254. * connection is considered "fresh" and can continue without being closed
  1255. * too early. */
  1256. base_conn->timestamp_created = now;
  1257. base_conn->timestamp_last_read_allowed = now;
  1258. base_conn->timestamp_last_write_allowed = now;
  1259. /* Change connection's state into waiting for a circuit. */
  1260. base_conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
  1261. connection_ap_mark_as_pending_circuit(entry_conn);
  1262. } SMARTLIST_FOREACH_END(base_conn);
  1263. end:
  1264. /* We don't have ownership of the objects in this list. */
  1265. smartlist_free(conns);
  1266. }
  1267. /* Return a newly allocated extend_info_t for a randomly chosen introduction
  1268. * point for the given edge connection identifier ident. Return NULL if we
  1269. * can't pick any usable introduction points. */
  1270. extend_info_t *
  1271. hs_client_get_random_intro_from_edge(const edge_connection_t *edge_conn)
  1272. {
  1273. tor_assert(edge_conn);
  1274. return (edge_conn->hs_ident) ?
  1275. client_get_random_intro(&edge_conn->hs_ident->identity_pk) :
  1276. rend_client_get_random_intro(edge_conn->rend_data);
  1277. }
  1278. /* Called when get an INTRODUCE_ACK cell on the introduction circuit circ.
  1279. * Return 0 on success else a negative value is returned. The circuit will be
  1280. * closed or reuse to extend again to another intro point. */
  1281. int
  1282. hs_client_receive_introduce_ack(origin_circuit_t *circ,
  1283. const uint8_t *payload, size_t payload_len)
  1284. {
  1285. int ret = -1;
  1286. tor_assert(circ);
  1287. tor_assert(payload);
  1288. if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) {
  1289. log_warn(LD_PROTOCOL, "Unexpected INTRODUCE_ACK on circuit %u.",
  1290. (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
  1291. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  1292. goto end;
  1293. }
  1294. ret = (circ->hs_ident) ? handle_introduce_ack(circ, payload, payload_len) :
  1295. rend_client_introduction_acked(circ, payload,
  1296. payload_len);
  1297. /* For path bias: This circuit was used successfully. NACK or ACK counts. */
  1298. pathbias_mark_use_success(circ);
  1299. end:
  1300. return ret;
  1301. }
  1302. /* Called when get a RENDEZVOUS2 cell on the rendezvous circuit circ. Return
  1303. * 0 on success else a negative value is returned. The circuit will be closed
  1304. * on error. */
  1305. int
  1306. hs_client_receive_rendezvous2(origin_circuit_t *circ,
  1307. const uint8_t *payload, size_t payload_len)
  1308. {
  1309. int ret = -1;
  1310. tor_assert(circ);
  1311. tor_assert(payload);
  1312. /* Circuit can possibly be in both state because we could receive a
  1313. * RENDEZVOUS2 cell before the INTRODUCE_ACK has been received. */
  1314. if (TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_REND_READY &&
  1315. TO_CIRCUIT(circ)->purpose != CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) {
  1316. log_warn(LD_PROTOCOL, "Unexpected RENDEZVOUS2 cell on circuit %u. "
  1317. "Closing circuit.",
  1318. (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
  1319. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  1320. goto end;
  1321. }
  1322. log_info(LD_REND, "Got RENDEZVOUS2 cell from hidden service on circuit %u.",
  1323. TO_CIRCUIT(circ)->n_circ_id);
  1324. ret = (circ->hs_ident) ? handle_rendezvous2(circ, payload, payload_len) :
  1325. rend_client_receive_rendezvous(circ, payload,
  1326. payload_len);
  1327. end:
  1328. return ret;
  1329. }
  1330. /* Extend the introduction circuit circ to another valid introduction point
  1331. * for the hidden service it is trying to connect to, or mark it and launch a
  1332. * new circuit if we can't extend it. Return 0 on success or possible
  1333. * success. Return -1 and mark the introduction circuit for close on permanent
  1334. * failure.
  1335. *
  1336. * On failure, the caller is responsible for marking the associated rendezvous
  1337. * circuit for close. */
  1338. int
  1339. hs_client_reextend_intro_circuit(origin_circuit_t *circ)
  1340. {
  1341. int ret = -1;
  1342. extend_info_t *ei;
  1343. tor_assert(circ);
  1344. ei = (circ->hs_ident) ?
  1345. client_get_random_intro(&circ->hs_ident->identity_pk) :
  1346. rend_client_get_random_intro(circ->rend_data);
  1347. if (ei == NULL) {
  1348. log_warn(LD_REND, "No usable introduction points left. Closing.");
  1349. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
  1350. goto end;
  1351. }
  1352. if (circ->remaining_relay_early_cells) {
  1353. log_info(LD_REND, "Re-extending circ %u, this time to %s.",
  1354. (unsigned int) TO_CIRCUIT(circ)->n_circ_id,
  1355. safe_str_client(extend_info_describe(ei)));
  1356. ret = circuit_extend_to_new_exit(circ, ei);
  1357. if (ret == 0) {
  1358. /* We were able to extend so update the timestamp so we avoid expiring
  1359. * this circuit too early. The intro circuit is short live so the
  1360. * linkability issue is minimized, we just need the circuit to hold a
  1361. * bit longer so we can introduce. */
  1362. TO_CIRCUIT(circ)->timestamp_dirty = time(NULL);
  1363. }
  1364. } else {
  1365. log_info(LD_REND, "Closing intro circ %u (out of RELAY_EARLY cells).",
  1366. (unsigned int) TO_CIRCUIT(circ)->n_circ_id);
  1367. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
  1368. /* connection_ap_handshake_attach_circuit will launch a new intro circ. */
  1369. ret = 0;
  1370. }
  1371. end:
  1372. extend_info_free(ei);
  1373. return ret;
  1374. }
  1375. /* Release all the storage held by the client subsystem. */
  1376. void
  1377. hs_client_free_all(void)
  1378. {
  1379. /* Purge the hidden service request cache. */
  1380. hs_purge_last_hid_serv_requests();
  1381. }
  1382. /* Purge all potentially remotely-detectable state held in the hidden
  1383. * service client code. Called on SIGNAL NEWNYM. */
  1384. void
  1385. hs_client_purge_state(void)
  1386. {
  1387. /* v2 subsystem. */
  1388. rend_client_purge_state();
  1389. /* Cancel all descriptor fetches. Do this first so once done we are sure
  1390. * that our descriptor cache won't modified. */
  1391. cancel_descriptor_fetches();
  1392. /* Purge the introduction point state cache. */
  1393. hs_cache_client_intro_state_purge();
  1394. /* Purge the descriptor cache. */
  1395. hs_cache_purge_as_client();
  1396. /* Purge the last hidden service request cache. */
  1397. hs_purge_last_hid_serv_requests();
  1398. log_info(LD_REND, "Hidden service client state has been purged.");
  1399. }
  1400. /* Called when our directory information has changed. */
  1401. void
  1402. hs_client_dir_info_changed(void)
  1403. {
  1404. /* We have possibly reached the minimum directory information or new
  1405. * consensus so retry all pending SOCKS connection in
  1406. * AP_CONN_STATE_RENDDESC_WAIT state in order to fetch the descriptor. */
  1407. retry_all_socks_conn_waiting_for_desc();
  1408. }