hs_intropoint.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596
  1. /* Copyright (c) 2016-2017, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file hs_intropoint.c
  5. * \brief Implement next generation introductions point functionality
  6. **/
  7. #define HS_INTROPOINT_PRIVATE
  8. #include "or.h"
  9. #include "config.h"
  10. #include "circuitlist.h"
  11. #include "circuituse.h"
  12. #include "config.h"
  13. #include "relay.h"
  14. #include "rendmid.h"
  15. #include "rephist.h"
  16. /* Trunnel */
  17. #include "ed25519_cert.h"
  18. #include "hs/cell_common.h"
  19. #include "hs/cell_establish_intro.h"
  20. #include "hs/cell_introduce1.h"
  21. #include "hs_circuitmap.h"
  22. #include "hs_intropoint.h"
  23. #include "hs_common.h"
  24. /** Extract the authentication key from an ESTABLISH_INTRO or INTRODUCE1 using
  25. * the given <b>cell_type</b> from <b>cell</b> and place it in
  26. * <b>auth_key_out</b>. */
  27. STATIC void
  28. get_auth_key_from_cell(ed25519_public_key_t *auth_key_out,
  29. unsigned int cell_type, const void *cell)
  30. {
  31. size_t auth_key_len;
  32. const uint8_t *key_array;
  33. tor_assert(auth_key_out);
  34. tor_assert(cell);
  35. switch (cell_type) {
  36. case RELAY_COMMAND_ESTABLISH_INTRO:
  37. {
  38. const trn_cell_establish_intro_t *c_cell = cell;
  39. key_array = trn_cell_establish_intro_getconstarray_auth_key(c_cell);
  40. auth_key_len = trn_cell_establish_intro_getlen_auth_key(c_cell);
  41. break;
  42. }
  43. case RELAY_COMMAND_INTRODUCE1:
  44. {
  45. const trn_cell_introduce1_t *c_cell = cell;
  46. key_array = trn_cell_introduce1_getconstarray_auth_key(cell);
  47. auth_key_len = trn_cell_introduce1_getlen_auth_key(c_cell);
  48. break;
  49. }
  50. default:
  51. /* Getting here is really bad as it means we got a unknown cell type from
  52. * this file where every call has an hardcoded value. */
  53. tor_assert(0); /* LCOV_EXCL_LINE */
  54. }
  55. tor_assert(key_array);
  56. tor_assert(auth_key_len == sizeof(auth_key_out->pubkey));
  57. memcpy(auth_key_out->pubkey, key_array, auth_key_len);
  58. }
  59. /** We received an ESTABLISH_INTRO <b>cell</b>. Verify its signature and MAC,
  60. * given <b>circuit_key_material</b>. Return 0 on success else -1 on error. */
  61. STATIC int
  62. verify_establish_intro_cell(const trn_cell_establish_intro_t *cell,
  63. const uint8_t *circuit_key_material,
  64. size_t circuit_key_material_len)
  65. {
  66. /* We only reach this function if the first byte of the cell is 0x02 which
  67. * means that auth_key_type is of ed25519 type, hence this check should
  68. * always pass. See hs_intro_received_establish_intro(). */
  69. if (BUG(cell->auth_key_type != HS_INTRO_AUTH_KEY_TYPE_ED25519)) {
  70. return -1;
  71. }
  72. /* Make sure the auth key length is of the right size for this type. For
  73. * EXTRA safety, we check both the size of the array and the length which
  74. * must be the same. Safety first!*/
  75. if (trn_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN ||
  76. trn_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) {
  77. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  78. "ESTABLISH_INTRO auth key length is invalid");
  79. return -1;
  80. }
  81. const uint8_t *msg = cell->start_cell;
  82. /* Verify the sig */
  83. {
  84. ed25519_signature_t sig_struct;
  85. const uint8_t *sig_array =
  86. trn_cell_establish_intro_getconstarray_sig(cell);
  87. /* Make sure the signature length is of the right size. For EXTRA safety,
  88. * we check both the size of the array and the length which must be the
  89. * same. Safety first!*/
  90. if (trn_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
  91. trn_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
  92. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  93. "ESTABLISH_INTRO sig len is invalid");
  94. return -1;
  95. }
  96. /* We are now sure that sig_len is of the right size. */
  97. memcpy(sig_struct.sig, sig_array, cell->sig_len);
  98. ed25519_public_key_t auth_key;
  99. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_ESTABLISH_INTRO, cell);
  100. const size_t sig_msg_len = cell->end_sig_fields - msg;
  101. int sig_mismatch = ed25519_checksig_prefixed(&sig_struct,
  102. msg, sig_msg_len,
  103. ESTABLISH_INTRO_SIG_PREFIX,
  104. &auth_key);
  105. if (sig_mismatch) {
  106. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  107. "ESTABLISH_INTRO signature not as expected");
  108. return -1;
  109. }
  110. }
  111. /* Verify the MAC */
  112. {
  113. const size_t auth_msg_len = cell->end_mac_fields - msg;
  114. uint8_t mac[DIGEST256_LEN];
  115. crypto_mac_sha3_256(mac, sizeof(mac),
  116. circuit_key_material, circuit_key_material_len,
  117. msg, auth_msg_len);
  118. if (tor_memneq(mac, cell->handshake_mac, sizeof(mac))) {
  119. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  120. "ESTABLISH_INTRO handshake_auth not as expected");
  121. return -1;
  122. }
  123. }
  124. return 0;
  125. }
  126. /* Send an INTRO_ESTABLISHED cell to <b>circ</b>. */
  127. MOCK_IMPL(int,
  128. hs_intro_send_intro_established_cell,(or_circuit_t *circ))
  129. {
  130. int ret;
  131. uint8_t *encoded_cell = NULL;
  132. ssize_t encoded_len, result_len;
  133. trn_cell_intro_established_t *cell;
  134. trn_cell_extension_t *ext;
  135. tor_assert(circ);
  136. /* Build the cell payload. */
  137. cell = trn_cell_intro_established_new();
  138. ext = trn_cell_extension_new();
  139. trn_cell_extension_set_num(ext, 0);
  140. trn_cell_intro_established_set_extensions(cell, ext);
  141. /* Encode the cell to binary format. */
  142. encoded_len = trn_cell_intro_established_encoded_len(cell);
  143. tor_assert(encoded_len > 0);
  144. encoded_cell = tor_malloc_zero(encoded_len);
  145. result_len = trn_cell_intro_established_encode(encoded_cell, encoded_len,
  146. cell);
  147. tor_assert(encoded_len == result_len);
  148. ret = relay_send_command_from_edge(0, TO_CIRCUIT(circ),
  149. RELAY_COMMAND_INTRO_ESTABLISHED,
  150. (char *) encoded_cell, encoded_len,
  151. NULL);
  152. /* On failure, the above function will close the circuit. */
  153. trn_cell_intro_established_free(cell);
  154. tor_free(encoded_cell);
  155. return ret;
  156. }
  157. /** We received an ESTABLISH_INTRO <b>parsed_cell</b> on <b>circ</b>. It's
  158. * well-formed and passed our verifications. Perform appropriate actions to
  159. * establish an intro point. */
  160. static int
  161. handle_verified_establish_intro_cell(or_circuit_t *circ,
  162. const trn_cell_establish_intro_t *parsed_cell)
  163. {
  164. /* Get the auth key of this intro point */
  165. ed25519_public_key_t auth_key;
  166. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_ESTABLISH_INTRO,
  167. parsed_cell);
  168. /* Then notify the hidden service that the intro point is established by
  169. sending an INTRO_ESTABLISHED cell */
  170. if (hs_intro_send_intro_established_cell(circ)) {
  171. log_warn(LD_BUG, "Couldn't send INTRO_ESTABLISHED cell.");
  172. return -1;
  173. }
  174. /* Associate intro point auth key with this circuit. */
  175. hs_circuitmap_register_intro_circ_v3_relay_side(circ, &auth_key);
  176. /* Repurpose this circuit into an intro circuit. */
  177. circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_INTRO_POINT);
  178. return 0;
  179. }
  180. /** We just received an ESTABLISH_INTRO cell in <b>circ</b> with payload in
  181. * <b>request</b>. Handle it by making <b>circ</b> an intro circuit. Return 0
  182. * if everything went well, or -1 if there were errors. */
  183. static int
  184. handle_establish_intro(or_circuit_t *circ, const uint8_t *request,
  185. size_t request_len)
  186. {
  187. int cell_ok, retval = -1;
  188. trn_cell_establish_intro_t *parsed_cell = NULL;
  189. tor_assert(circ);
  190. tor_assert(request);
  191. log_info(LD_REND, "Received an ESTABLISH_INTRO request on circuit %" PRIu32,
  192. circ->p_circ_id);
  193. /* Check that the circuit is in shape to become an intro point */
  194. if (!hs_intro_circuit_is_suitable_for_establish_intro(circ)) {
  195. goto err;
  196. }
  197. /* Parse the cell */
  198. ssize_t parsing_result = trn_cell_establish_intro_parse(&parsed_cell,
  199. request, request_len);
  200. if (parsing_result < 0) {
  201. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  202. "Rejecting %s ESTABLISH_INTRO cell.",
  203. parsing_result == -1 ? "invalid" : "truncated");
  204. goto err;
  205. }
  206. cell_ok = verify_establish_intro_cell(parsed_cell,
  207. (uint8_t *) circ->rend_circ_nonce,
  208. sizeof(circ->rend_circ_nonce));
  209. if (cell_ok < 0) {
  210. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  211. "Failed to verify ESTABLISH_INTRO cell.");
  212. goto err;
  213. }
  214. /* This cell is legit. Take the appropriate actions. */
  215. cell_ok = handle_verified_establish_intro_cell(circ, parsed_cell);
  216. if (cell_ok < 0) {
  217. goto err;
  218. }
  219. log_warn(LD_GENERAL, "Established prop224 intro point on circuit %" PRIu32,
  220. circ->p_circ_id);
  221. /* We are done! */
  222. retval = 0;
  223. goto done;
  224. err:
  225. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  226. done:
  227. trn_cell_establish_intro_free(parsed_cell);
  228. return retval;
  229. }
  230. /* Return True if circuit is suitable for being an intro circuit. */
  231. static int
  232. circuit_is_suitable_intro_point(const or_circuit_t *circ,
  233. const char *log_cell_type_str)
  234. {
  235. tor_assert(circ);
  236. tor_assert(log_cell_type_str);
  237. /* Basic circuit state sanity checks. */
  238. if (circ->base_.purpose != CIRCUIT_PURPOSE_OR) {
  239. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  240. "Rejecting %s on non-OR circuit.", log_cell_type_str);
  241. return 0;
  242. }
  243. if (circ->base_.n_chan) {
  244. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  245. "Rejecting %s on non-edge circuit.", log_cell_type_str);
  246. return 0;
  247. }
  248. /* Suitable. */
  249. return 1;
  250. }
  251. /* Return True if circuit is suitable for being service-side intro circuit. */
  252. int
  253. hs_intro_circuit_is_suitable_for_establish_intro(const or_circuit_t *circ)
  254. {
  255. return circuit_is_suitable_intro_point(circ, "ESTABLISH_INTRO");
  256. }
  257. /* We just received an ESTABLISH_INTRO cell in <b>circ</b>. Figure out of it's
  258. * a legacy or a next gen cell, and pass it to the appropriate handler. */
  259. int
  260. hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request,
  261. size_t request_len)
  262. {
  263. tor_assert(circ);
  264. tor_assert(request);
  265. if (request_len == 0) {
  266. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Empty ESTABLISH_INTRO cell.");
  267. goto err;
  268. }
  269. /* Using the first byte of the cell, figure out the version of
  270. * ESTABLISH_INTRO and pass it to the appropriate cell handler */
  271. const uint8_t first_byte = request[0];
  272. switch (first_byte) {
  273. case HS_INTRO_AUTH_KEY_TYPE_LEGACY0:
  274. case HS_INTRO_AUTH_KEY_TYPE_LEGACY1:
  275. return rend_mid_establish_intro_legacy(circ, request, request_len);
  276. case HS_INTRO_AUTH_KEY_TYPE_ED25519:
  277. return handle_establish_intro(circ, request, request_len);
  278. default:
  279. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  280. "Unrecognized AUTH_KEY_TYPE %u.", first_byte);
  281. goto err;
  282. }
  283. err:
  284. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  285. return -1;
  286. }
  287. /* Send an INTRODUCE_ACK cell onto the circuit <b>circ</b> with the status
  288. * value in <b>status</b>. Depending on the status, it can be ACK or a NACK.
  289. * Return 0 on success else a negative value on error which will close the
  290. * circuit. */
  291. static int
  292. send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status)
  293. {
  294. int ret = -1;
  295. uint8_t *encoded_cell = NULL;
  296. ssize_t encoded_len, result_len;
  297. trn_cell_introduce_ack_t *cell;
  298. trn_cell_extension_t *ext;
  299. tor_assert(circ);
  300. /* Setup the INTRODUCE_ACK cell. We have no extensions so the N_EXTENSIONS
  301. * field is set to 0 by default with a new object. */
  302. cell = trn_cell_introduce_ack_new();
  303. ret = trn_cell_introduce_ack_set_status(cell, status);
  304. /* We have no cell extensions in an INTRODUCE_ACK cell. */
  305. ext = trn_cell_extension_new();
  306. trn_cell_extension_set_num(ext, 0);
  307. trn_cell_introduce_ack_set_extensions(cell, ext);
  308. /* A wrong status is a very bad code flow error as this value is controlled
  309. * by the code in this file and not an external input. This means we use a
  310. * code that is not known by the trunnel ABI. */
  311. tor_assert(ret == 0);
  312. /* Encode the payload. We should never fail to get the encoded length. */
  313. encoded_len = trn_cell_introduce_ack_encoded_len(cell);
  314. tor_assert(encoded_len > 0);
  315. encoded_cell = tor_malloc_zero(encoded_len);
  316. result_len = trn_cell_introduce_ack_encode(encoded_cell, encoded_len, cell);
  317. tor_assert(encoded_len == result_len);
  318. ret = relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ),
  319. RELAY_COMMAND_INTRODUCE_ACK,
  320. (char *) encoded_cell, encoded_len,
  321. NULL);
  322. /* On failure, the above function will close the circuit. */
  323. trn_cell_introduce_ack_free(cell);
  324. tor_free(encoded_cell);
  325. return ret;
  326. }
  327. /* Validate a parsed INTRODUCE1 <b>cell</b>. Return 0 if valid or else a
  328. * negative value for an invalid cell that should be NACKed. */
  329. STATIC int
  330. validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell)
  331. {
  332. size_t legacy_key_id_len;
  333. const uint8_t *legacy_key_id;
  334. tor_assert(cell);
  335. /* This code path SHOULD NEVER be reached if the cell is a legacy type so
  336. * safety net here. The legacy ID must be zeroes in this case. */
  337. legacy_key_id_len = trn_cell_introduce1_getlen_legacy_key_id(cell);
  338. legacy_key_id = trn_cell_introduce1_getconstarray_legacy_key_id(cell);
  339. if (BUG(!tor_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) {
  340. goto invalid;
  341. }
  342. /* The auth key of an INTRODUCE1 should be of type ed25519 thus leading to a
  343. * known fixed length as well. */
  344. if (trn_cell_introduce1_get_auth_key_type(cell) !=
  345. HS_INTRO_AUTH_KEY_TYPE_ED25519) {
  346. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  347. "Rejecting invalid INTRODUCE1 cell auth key type. "
  348. "Responding with NACK.");
  349. goto invalid;
  350. }
  351. if (trn_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN ||
  352. trn_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) {
  353. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  354. "Rejecting invalid INTRODUCE1 cell auth key length. "
  355. "Responding with NACK.");
  356. goto invalid;
  357. }
  358. if (trn_cell_introduce1_getlen_encrypted(cell) == 0) {
  359. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  360. "Rejecting invalid INTRODUCE1 cell encrypted length. "
  361. "Responding with NACK.");
  362. goto invalid;
  363. }
  364. return 0;
  365. invalid:
  366. return -1;
  367. }
  368. /* We just received a non legacy INTRODUCE1 cell on <b>client_circ</b> with
  369. * the payload in <b>request</b> of size <b>request_len</b>. Return 0 if
  370. * everything went well, or -1 if an error occured. This function is in charge
  371. * of sending back an INTRODUCE_ACK cell and will close client_circ on error.
  372. */
  373. STATIC int
  374. handle_introduce1(or_circuit_t *client_circ, const uint8_t *request,
  375. size_t request_len)
  376. {
  377. int ret = -1;
  378. or_circuit_t *service_circ;
  379. trn_cell_introduce1_t *parsed_cell;
  380. hs_intro_ack_status_t status = HS_INTRO_ACK_STATUS_SUCCESS;
  381. tor_assert(client_circ);
  382. tor_assert(request);
  383. /* Parse cell. Note that we can only parse the non encrypted section for
  384. * which we'll use the authentication key to find the service introduction
  385. * circuit and relay the cell on it. */
  386. ssize_t cell_size = trn_cell_introduce1_parse(&parsed_cell, request,
  387. request_len);
  388. if (cell_size < 0) {
  389. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  390. "Rejecting %s INTRODUCE1 cell. Responding with NACK.",
  391. cell_size == -1 ? "invalid" : "truncated");
  392. /* Inform client that the INTRODUCE1 has a bad format. */
  393. status = HS_INTRO_ACK_STATUS_BAD_FORMAT;
  394. goto send_ack;
  395. }
  396. /* Once parsed validate the cell format. */
  397. if (validate_introduce1_parsed_cell(parsed_cell) < 0) {
  398. /* Inform client that the INTRODUCE1 has bad format. */
  399. status = HS_INTRO_ACK_STATUS_BAD_FORMAT;
  400. goto send_ack;
  401. }
  402. /* Find introduction circuit through our circuit map. */
  403. {
  404. ed25519_public_key_t auth_key;
  405. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_INTRODUCE1, parsed_cell);
  406. service_circ = hs_circuitmap_get_intro_circ_v3_relay_side(&auth_key);
  407. if (service_circ == NULL) {
  408. char b64_key[ED25519_BASE64_LEN + 1];
  409. ed25519_public_to_base64(b64_key, &auth_key);
  410. log_info(LD_REND, "No intro circuit found for INTRODUCE1 cell "
  411. "with auth key %s from circuit %" PRIu32 ". "
  412. "Responding with NACK.",
  413. safe_str(b64_key), client_circ->p_circ_id);
  414. /* Inform the client that we don't know the requested service ID. */
  415. status = HS_INTRO_ACK_STATUS_UNKNOWN_ID;
  416. goto send_ack;
  417. }
  418. }
  419. /* Relay the cell to the service on its intro circuit with an INTRODUCE2
  420. * cell which is the same exact payload. */
  421. if (relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(service_circ),
  422. RELAY_COMMAND_INTRODUCE2,
  423. (char *) request, request_len, NULL)) {
  424. log_warn(LD_REND, "Unable to send INTRODUCE2 cell to the service.");
  425. /* Inform the client that we can't relay the cell. */
  426. status = HS_INTRO_ACK_STATUS_CANT_RELAY;
  427. goto send_ack;
  428. }
  429. /* Success! Send an INTRODUCE_ACK success status onto the client circuit. */
  430. status = HS_INTRO_ACK_STATUS_SUCCESS;
  431. ret = 0;
  432. send_ack:
  433. /* Send INTRODUCE_ACK or INTRODUCE_NACK to client */
  434. if (send_introduce_ack_cell(client_circ, status) < 0) {
  435. log_warn(LD_REND, "Unable to send an INTRODUCE ACK status %d to client.",
  436. status);
  437. /* Circuit has been closed on failure of transmission. */
  438. goto done;
  439. }
  440. if (status != HS_INTRO_ACK_STATUS_SUCCESS) {
  441. /* We just sent a NACK that is a non success status code so close the
  442. * circuit because it's not useful to keep it open. Remember, a client can
  443. * only send one INTRODUCE1 cell on a circuit. */
  444. circuit_mark_for_close(TO_CIRCUIT(client_circ), END_CIRC_REASON_INTERNAL);
  445. }
  446. done:
  447. trn_cell_introduce1_free(parsed_cell);
  448. return ret;
  449. }
  450. /* Identify if the encoded cell we just received is a legacy one or not. The
  451. * <b>request</b> should be at least DIGEST_LEN bytes long. */
  452. STATIC int
  453. introduce1_cell_is_legacy(const uint8_t *request)
  454. {
  455. tor_assert(request);
  456. /* If the first 20 bytes of the cell (DIGEST_LEN) are NOT zeroes, it
  457. * indicates a legacy cell (v2). */
  458. if (!tor_mem_is_zero((const char *) request, DIGEST_LEN)) {
  459. /* Legacy cell. */
  460. return 1;
  461. }
  462. /* Not a legacy cell. */
  463. return 0;
  464. }
  465. /* Return true iff the circuit <b>circ</b> is suitable for receiving an
  466. * INTRODUCE1 cell. */
  467. STATIC int
  468. circuit_is_suitable_for_introduce1(const or_circuit_t *circ)
  469. {
  470. tor_assert(circ);
  471. /* Is this circuit an intro point circuit? */
  472. if (!circuit_is_suitable_intro_point(circ, "INTRODUCE1")) {
  473. return 0;
  474. }
  475. if (circ->already_received_introduce1) {
  476. log_fn(LOG_PROTOCOL_WARN, LD_REND,
  477. "Blocking multiple introductions on the same circuit. "
  478. "Someone might be trying to attack a hidden service through "
  479. "this relay.");
  480. return 0;
  481. }
  482. return 1;
  483. }
  484. /* We just received an INTRODUCE1 cell on <b>circ</b>. Figure out which type
  485. * it is and pass it to the appropriate handler. Return 0 on success else a
  486. * negative value and the circuit is closed. */
  487. int
  488. hs_intro_received_introduce1(or_circuit_t *circ, const uint8_t *request,
  489. size_t request_len)
  490. {
  491. int ret;
  492. tor_assert(circ);
  493. tor_assert(request);
  494. /* A cell that can't hold a DIGEST_LEN is invalid as we need to check if
  495. * it's a legacy cell or not using the first DIGEST_LEN bytes. */
  496. if (request_len < DIGEST_LEN) {
  497. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Invalid INTRODUCE1 cell length.");
  498. goto err;
  499. }
  500. /* Make sure we have a circuit that can have an INTRODUCE1 cell on it. */
  501. if (!circuit_is_suitable_for_introduce1(circ)) {
  502. /* We do not send a NACK because the circuit is not suitable for any kind
  503. * of response or transmission as it's a violation of the protocol. */
  504. goto err;
  505. }
  506. /* Mark the circuit that we got this cell. None are allowed after this as a
  507. * DoS mitigation since one circuit with one client can hammer a service. */
  508. circ->already_received_introduce1 = 1;
  509. /* We are sure here to have at least DIGEST_LEN bytes. */
  510. if (introduce1_cell_is_legacy(request)) {
  511. /* Handle a legacy cell. */
  512. ret = rend_mid_introduce_legacy(circ, request, request_len);
  513. } else {
  514. /* Handle a non legacy cell. */
  515. ret = handle_introduce1(circ, request, request_len);
  516. }
  517. return ret;
  518. err:
  519. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  520. return -1;
  521. }