123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261 |
- /* Copyright (c) 2017-2019, The Tor Project, Inc. */
- /* See LICENSE for licensing information */
- /**
- * \file hs_control.c
- * \brief Contains control port event related code.
- **/
- #include "core/or/or.h"
- #include "feature/control/control.h"
- #include "lib/crypt_ops/crypto_format.h"
- #include "lib/crypt_ops/crypto_util.h"
- #include "feature/hs/hs_common.h"
- #include "feature/hs/hs_control.h"
- #include "feature/hs/hs_descriptor.h"
- #include "feature/hs/hs_service.h"
- #include "feature/nodelist/nodelist.h"
- #include "feature/nodelist/node_st.h"
- #include "feature/nodelist/routerstatus_st.h"
- /* Send on the control port the "HS_DESC REQUESTED [...]" event.
- *
- * The onion_pk is the onion service public key, base64_blinded_pk is the
- * base64 encoded blinded key for the service and hsdir_rs is the routerstatus
- * object of the HSDir that this request is for. */
- void
- hs_control_desc_event_requested(const ed25519_public_key_t *onion_pk,
- const char *base64_blinded_pk,
- const routerstatus_t *hsdir_rs)
- {
- char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
- const uint8_t *hsdir_index;
- const node_t *hsdir_node;
- tor_assert(onion_pk);
- tor_assert(base64_blinded_pk);
- tor_assert(hsdir_rs);
- hs_build_address(onion_pk, HS_VERSION_THREE, onion_address);
- /* Get the node from the routerstatus object to get the HSDir index used for
- * this request. We can't have a routerstatus entry without a node and we
- * can't pick a node without an hsdir_index. */
- hsdir_node = node_get_by_id(hsdir_rs->identity_digest);
- tor_assert(hsdir_node);
- /* This is a fetch event. */
- hsdir_index = hsdir_node->hsdir_index.fetch;
- /* Trigger the event. */
- control_event_hs_descriptor_requested(onion_address, REND_NO_AUTH,
- hsdir_rs->identity_digest,
- base64_blinded_pk,
- hex_str((const char *) hsdir_index,
- DIGEST256_LEN));
- memwipe(onion_address, 0, sizeof(onion_address));
- }
- /* Send on the control port the "HS_DESC FAILED [...]" event.
- *
- * Using a directory connection identifier, the HSDir identity digest and a
- * reason for the failure. None can be NULL. */
- void
- hs_control_desc_event_failed(const hs_ident_dir_conn_t *ident,
- const char *hsdir_id_digest,
- const char *reason)
- {
- char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
- char base64_blinded_pk[ED25519_BASE64_LEN + 1];
- tor_assert(ident);
- tor_assert(hsdir_id_digest);
- tor_assert(reason);
- /* Build onion address and encoded blinded key. */
- IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
- &ident->blinded_pk) < 0) {
- return;
- }
- hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
- control_event_hsv3_descriptor_failed(onion_address, base64_blinded_pk,
- hsdir_id_digest, reason);
- }
- /* Send on the control port the "HS_DESC RECEIVED [...]" event.
- *
- * Using a directory connection identifier and the HSDir identity digest.
- * None can be NULL. */
- void
- hs_control_desc_event_received(const hs_ident_dir_conn_t *ident,
- const char *hsdir_id_digest)
- {
- char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
- char base64_blinded_pk[ED25519_BASE64_LEN + 1];
- tor_assert(ident);
- tor_assert(hsdir_id_digest);
- /* Build onion address and encoded blinded key. */
- IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
- &ident->blinded_pk) < 0) {
- return;
- }
- hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
- control_event_hsv3_descriptor_received(onion_address, base64_blinded_pk,
- hsdir_id_digest);
- }
- /* Send on the control port the "HS_DESC CREATED [...]" event.
- *
- * Using the onion address of the descriptor's service and the blinded public
- * key of the descriptor as a descriptor ID. None can be NULL. */
- void
- hs_control_desc_event_created(const char *onion_address,
- const ed25519_public_key_t *blinded_pk)
- {
- char base64_blinded_pk[ED25519_BASE64_LEN + 1];
- tor_assert(onion_address);
- tor_assert(blinded_pk);
- /* Build base64 encoded blinded key. */
- IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
- return;
- }
- /* Version 3 doesn't use the replica number in its descriptor ID computation
- * so we pass negative value so the control port subsystem can ignore it. */
- control_event_hs_descriptor_created(onion_address, base64_blinded_pk, -1);
- }
- /* Send on the control port the "HS_DESC UPLOAD [...]" event.
- *
- * Using the onion address of the descriptor's service, the HSDir identity
- * digest, the blinded public key of the descriptor as a descriptor ID and the
- * HSDir index for this particular request. None can be NULL. */
- void
- hs_control_desc_event_upload(const char *onion_address,
- const char *hsdir_id_digest,
- const ed25519_public_key_t *blinded_pk,
- const uint8_t *hsdir_index)
- {
- char base64_blinded_pk[ED25519_BASE64_LEN + 1];
- tor_assert(onion_address);
- tor_assert(hsdir_id_digest);
- tor_assert(blinded_pk);
- tor_assert(hsdir_index);
- /* Build base64 encoded blinded key. */
- IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk, blinded_pk) < 0) {
- return;
- }
- control_event_hs_descriptor_upload(onion_address, hsdir_id_digest,
- base64_blinded_pk,
- hex_str((const char *) hsdir_index,
- DIGEST256_LEN));
- }
- /* Send on the control port the "HS_DESC UPLOADED [...]" event.
- *
- * Using the directory connection identifier and the HSDir identity digest.
- * None can be NULL. */
- void
- hs_control_desc_event_uploaded(const hs_ident_dir_conn_t *ident,
- const char *hsdir_id_digest)
- {
- char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
- tor_assert(ident);
- tor_assert(hsdir_id_digest);
- hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
- control_event_hs_descriptor_uploaded(hsdir_id_digest, onion_address);
- }
- /* Send on the control port the "HS_DESC_CONTENT [...]" event.
- *
- * Using the directory connection identifier, the HSDir identity digest and
- * the body of the descriptor (as it was received from the directory). None
- * can be NULL. */
- void
- hs_control_desc_event_content(const hs_ident_dir_conn_t *ident,
- const char *hsdir_id_digest,
- const char *body)
- {
- char onion_address[HS_SERVICE_ADDR_LEN_BASE32 + 1];
- char base64_blinded_pk[ED25519_BASE64_LEN + 1];
- tor_assert(ident);
- tor_assert(hsdir_id_digest);
- /* Build onion address and encoded blinded key. */
- IF_BUG_ONCE(ed25519_public_to_base64(base64_blinded_pk,
- &ident->blinded_pk) < 0) {
- return;
- }
- hs_build_address(&ident->identity_pk, HS_VERSION_THREE, onion_address);
- control_event_hs_descriptor_content(onion_address, base64_blinded_pk,
- hsdir_id_digest, body);
- }
- /* Handle the "HSPOST [...]" command. The body is an encoded descriptor for
- * the given onion_address. The descriptor will be uploaded to each directory
- * in hsdirs_rs. If NULL, the responsible directories for the current time
- * period will be selected.
- *
- * Return -1 on if the descriptor plaintext section is not decodable. Else, 0
- * on success. */
- int
- hs_control_hspost_command(const char *body, const char *onion_address,
- const smartlist_t *hsdirs_rs)
- {
- int ret = -1;
- ed25519_public_key_t identity_pk;
- hs_desc_plaintext_data_t plaintext;
- smartlist_t *hsdirs = NULL;
- tor_assert(body);
- tor_assert(onion_address);
- /* This can't fail because we require the caller to pass us a valid onion
- * address that has passed hs_address_is_valid(). */
- if (BUG(hs_parse_address(onion_address, &identity_pk, NULL, NULL) < 0)) {
- goto done; // LCOV_EXCL_LINE
- }
- /* Only decode the plaintext part which is what the directory will do to
- * validate before caching. */
- if (hs_desc_decode_plaintext(body, &plaintext) < 0) {
- goto done;
- }
- /* No HSDir(s) given, we'll compute what the current ones should be. */
- if (hsdirs_rs == NULL) {
- hsdirs = smartlist_new();
- hs_get_responsible_hsdirs(&plaintext.blinded_pubkey,
- hs_get_time_period_num(0),
- 0, /* Always the current descriptor which uses
- * the first hsdir index. */
- 0, /* It is for storing on a directory. */
- hsdirs);
- hsdirs_rs = hsdirs;
- }
- SMARTLIST_FOREACH_BEGIN(hsdirs_rs, const routerstatus_t *, rs) {
- hs_service_upload_desc_to_dir(body, plaintext.version, &identity_pk,
- &plaintext.blinded_pubkey, rs);
- } SMARTLIST_FOREACH_END(rs);
- ret = 0;
- done:
- /* We don't have ownership of the objects in this list. */
- smartlist_free(hsdirs);
- return ret;
- }
|