hs_control.c 8.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258
  1. /* Copyright (c) 2017, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file hs_control.c
  5. * \brief Contains control port event related code.
  6. **/
  7. #include "or.h"
  8. #include "control.h"
  9. #include "hs_common.h"
  10. #include "hs_control.h"
  11. #include "hs_descriptor.h"
  12. #include "hs_service.h"
  13. #include "nodelist.h"
  14. /* Send on the control port the "HS_DESC REQUESTED [...]" event.
  15. *
  16. * The onion_pk is the onion service public key, base64_blinded_pk is the
  17. * base64 encoded blinded key for the service and hsdir_rs is the routerstatus
  18. * object of the HSDir that this request is for. */
  19. void
  20. hs_control_desc_event_requested(const ed25519_public_key_t *onion_pk,
  21. const char *base64_blinded_pk,
  22. const routerstatus_t *hsdir_rs)
  23. {
  24. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  25. const uint8_t *hsdir_index;
  26. const node_t *hsdir_node;
  27. tor_assert(onion_pk);
  28. tor_assert(base64_blinded_pk);
  29. tor_assert(hsdir_rs);
  30. hs_build_address(onion_pk, HS_VERSION_THREE, onion_address);
  31. /* Get the node from the routerstatus object to get the HSDir index used for
  32. * this request. We can't have a routerstatus entry without a node and we
  33. * can't pick a node without an hsdir_index. */
  34. hsdir_node = node_get_by_id(hsdir_rs->identity_digest);
  35. tor_assert(hsdir_node);
  36. tor_assert(hsdir_node->hsdir_index);
  37. /* This is a fetch event. */
  38. hsdir_index = hsdir_node->hsdir_index->fetch;
  39. /* Trigger the event. */
  40. control_event_hs_descriptor_requested(onion_address, REND_NO_AUTH,
  41. hsdir_rs->identity_digest,
  42. base64_blinded_pk,
  43. hex_str((const char *) hsdir_index,
  44. DIGEST256_LEN));
  45. memwipe(onion_address, 0, sizeof(onion_address));
  46. }
  47. /* Send on the control port the "HS_DESC FAILED [...]" event.
  48. *
  49. * Using a directory connection identifier, the HSDir identity digest and a
  50. * reason for the failure. None can be NULL. */
  51. void
  52. hs_control_desc_event_failed(const hs_ident_dir_conn_t *ident,
  53. const char *hsdir_id_digest,
  54. const char *reason)
  55. {
  56. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  57. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  58. tor_assert(ident);
  59. tor_assert(hsdir_id_digest);
  60. tor_assert(reason);
  61. /* Build onion address and encoded blinded key. */
  62. IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
  63. &ident->blinded_pk) < 0) {
  64. return;
  65. }
  66. hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
  67. control_event_hsv3_descriptor_failed(onion_address, base64_blinded_pk,
  68. hsdir_id_digest, reason);
  69. }
  70. /* Send on the control port the "HS_DESC RECEIVED [...]" event.
  71. *
  72. * Using a directory connection identifier and the HSDir identity digest.
  73. * None can be NULL. */
  74. void
  75. hs_control_desc_event_received(const hs_ident_dir_conn_t *ident,
  76. const char *hsdir_id_digest)
  77. {
  78. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  79. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  80. tor_assert(ident);
  81. tor_assert(hsdir_id_digest);
  82. /* Build onion address and encoded blinded key. */
  83. IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
  84. &ident->blinded_pk) < 0) {
  85. return;
  86. }
  87. hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
  88. control_event_hsv3_descriptor_received(onion_address, base64_blinded_pk,
  89. hsdir_id_digest);
  90. }
  91. /* Send on the control port the "HS_DESC CREATED [...]" event.
  92. *
  93. * Using the onion address of the descriptor's service and the blinded public
  94. * key of the descriptor as a descriptor ID. None can be NULL. */
  95. void
  96. hs_control_desc_event_created(const char *onion_address,
  97. const ed25519_public_key_t *blinded_pk)
  98. {
  99. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  100. tor_assert(onion_address);
  101. tor_assert(blinded_pk);
  102. /* Build base64 encoded blinded key. */
  103. IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
  104. return;
  105. }
  106. /* Version 3 doesn't use the replica number in its descriptor ID computation
  107. * so we pass negative value so the control port subsystem can ignore it. */
  108. control_event_hs_descriptor_created(onion_address, base64_blinded_pk, -1);
  109. }
  110. /* Send on the control port the "HS_DESC UPLOAD [...]" event.
  111. *
  112. * Using the onion address of the descriptor's service, the HSDir identity
  113. * digest, the blinded public key of the descriptor as a descriptor ID and the
  114. * HSDir index for this particular request. None can be NULL. */
  115. void
  116. hs_control_desc_event_upload(const char *onion_address,
  117. const char *hsdir_id_digest,
  118. const ed25519_public_key_t *blinded_pk,
  119. const uint8_t *hsdir_index)
  120. {
  121. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  122. tor_assert(onion_address);
  123. tor_assert(hsdir_id_digest);
  124. tor_assert(blinded_pk);
  125. tor_assert(hsdir_index);
  126. /* Build base64 encoded blinded key. */
  127. IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
  128. return;
  129. }
  130. control_event_hs_descriptor_upload(onion_address, hsdir_id_digest,
  131. base64_blinded_pk,
  132. hex_str((const char *) hsdir_index,
  133. DIGEST256_LEN));
  134. }
  135. /* Send on the control port the "HS_DESC UPLOADED [...]" event.
  136. *
  137. * Using the directory connection identifier and the HSDir identity digest.
  138. * None can be NULL. */
  139. void
  140. hs_control_desc_event_uploaded(const hs_ident_dir_conn_t *ident,
  141. const char *hsdir_id_digest)
  142. {
  143. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  144. tor_assert(ident);
  145. tor_assert(hsdir_id_digest);
  146. hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
  147. control_event_hs_descriptor_uploaded(hsdir_id_digest, onion_address);
  148. }
  149. /* Send on the control port the "HS_DESC_CONTENT [...]" event.
  150. *
  151. * Using the directory connection identifier, the HSDir identity digest and
  152. * the body of the descriptor (as it was received from the directory). None
  153. * can be NULL. */
  154. void
  155. hs_control_desc_event_content(const hs_ident_dir_conn_t *ident,
  156. const char *hsdir_id_digest,
  157. const char *body)
  158. {
  159. char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  160. char base64_blinded_pk[ED25519_BASE64_LEN + 1];
  161. tor_assert(ident);
  162. tor_assert(hsdir_id_digest);
  163. /* Build onion address and encoded blinded key. */
  164. IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
  165. &ident->blinded_pk) < 0) {
  166. return;
  167. }
  168. hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
  169. control_event_hs_descriptor_content(onion_address, base64_blinded_pk,
  170. hsdir_id_digest, body);
  171. }
  172. /* Handle the "HSPOST [...]" command. The body is an encoded descriptor for
  173. * the given onion_address. The descriptor will be uploaded to each directory
  174. * in hsdirs_rs. If NULL, the responsible directories for the current time
  175. * period will be selected.
  176. *
  177. * Return -1 on if the descriptor plaintext section is not decodable. Else, 0
  178. * on success. */
  179. int
  180. hs_control_hspost_command(const char *body, const char *onion_address,
  181. const smartlist_t *hsdirs_rs)
  182. {
  183. int ret = -1;
  184. ed25519_public_key_t identity_pk;
  185. hs_desc_plaintext_data_t plaintext;
  186. smartlist_t *hsdirs = NULL;
  187. tor_assert(body);
  188. tor_assert(onion_address);
  189. /* This can't fail because we require the caller to pass us a valid onion
  190. * address that has passed hs_address_is_valid(). */
  191. if (BUG(hs_parse_address(onion_address, &identity_pk, NULL, NULL) < 0)) {
  192. goto done; // LCOV_EXCL_LINE
  193. }
  194. /* Only decode the plaintext part which is what the directory will do to
  195. * validate before caching. */
  196. if (hs_desc_decode_plaintext(body, &plaintext) < 0) {
  197. goto done;
  198. }
  199. /* No HSDir(s) given, we'll compute what the current ones should be. */
  200. if (hsdirs_rs == NULL) {
  201. hsdirs = smartlist_new();
  202. hs_get_responsible_hsdirs(&plaintext.blinded_pubkey,
  203. hs_get_time_period_num(0),
  204. 0, /* Always the current descriptor which uses
  205. * the first hsdir index. */
  206. 0, /* It is for storing on a directory. */
  207. hsdirs);
  208. hsdirs_rs = hsdirs;
  209. }
  210. SMARTLIST_FOREACH_BEGIN(hsdirs_rs, const routerstatus_t *, rs) {
  211. hs_service_upload_desc_to_dir(body, plaintext.version, &identity_pk,
  212. &plaintext.blinded_pubkey, rs);
  213. } SMARTLIST_FOREACH_END(rs);
  214. ret = 0;
  215. done:
  216. /* We don't have ownership of the objects in this list. */
  217. smartlist_free(hsdirs);
  218. return ret;
  219. }