hs_intropoint.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592
  1. /* Copyright (c) 2016, The Tor Project, Inc. */
  2. /* See LICENSE for licensing information */
  3. /**
  4. * \file hs_intropoint.c
  5. * \brief Implement next generation introductions point functionality
  6. **/
  7. #define HS_INTROPOINT_PRIVATE
  8. #include "or.h"
  9. #include "config.h"
  10. #include "circuitlist.h"
  11. #include "circuituse.h"
  12. #include "config.h"
  13. #include "relay.h"
  14. #include "rendmid.h"
  15. #include "rephist.h"
  16. /* Trunnel */
  17. #include "ed25519_cert.h"
  18. #include "hs/cell_common.h"
  19. #include "hs/cell_establish_intro.h"
  20. #include "hs/cell_introduce1.h"
  21. #include "hs_circuitmap.h"
  22. #include "hs_intropoint.h"
  23. #include "hs_common.h"
  24. /** Extract the authentication key from an ESTABLISH_INTRO or INTRODUCE1 using
  25. * the given <b>cell_type</b> from <b>cell</b> and place it in
  26. * <b>auth_key_out</b>. */
  27. STATIC void
  28. get_auth_key_from_cell(ed25519_public_key_t *auth_key_out,
  29. unsigned int cell_type, const void *cell)
  30. {
  31. size_t auth_key_len;
  32. const uint8_t *key_array;
  33. tor_assert(auth_key_out);
  34. tor_assert(cell);
  35. switch (cell_type) {
  36. case RELAY_COMMAND_ESTABLISH_INTRO:
  37. {
  38. const hs_cell_establish_intro_t *c_cell = cell;
  39. key_array = hs_cell_establish_intro_getconstarray_auth_key(c_cell);
  40. auth_key_len = hs_cell_establish_intro_getlen_auth_key(c_cell);
  41. break;
  42. }
  43. case RELAY_COMMAND_INTRODUCE1:
  44. {
  45. const hs_cell_introduce1_t *c_cell = cell;
  46. key_array = hs_cell_introduce1_getconstarray_auth_key(cell);
  47. auth_key_len = hs_cell_introduce1_getlen_auth_key(c_cell);
  48. break;
  49. }
  50. default:
  51. /* Getting here is really bad as it means we got a unknown cell type from
  52. * this file where every call has an hardcoded value. */
  53. tor_assert(0); /* LCOV_EXCL_LINE */
  54. }
  55. tor_assert(key_array);
  56. tor_assert(auth_key_len == sizeof(auth_key_out->pubkey));
  57. memcpy(auth_key_out->pubkey, key_array, auth_key_len);
  58. }
  59. /** We received an ESTABLISH_INTRO <b>cell</b>. Verify its signature and MAC,
  60. * given <b>circuit_key_material</b>. Return 0 on success else -1 on error. */
  61. STATIC int
  62. verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
  63. const uint8_t *circuit_key_material,
  64. size_t circuit_key_material_len)
  65. {
  66. /* We only reach this function if the first byte of the cell is 0x02 which
  67. * means that auth_key_type is AUTH_KEY_ED25519, hence this check should
  68. * always pass. See hs_intro_received_establish_intro(). */
  69. if (BUG(cell->auth_key_type != AUTH_KEY_ED25519)) {
  70. return -1;
  71. }
  72. /* Make sure the auth key length is of the right size for this type. For
  73. * EXTRA safety, we check both the size of the array and the length which
  74. * must be the same. Safety first!*/
  75. if (hs_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN ||
  76. hs_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) {
  77. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  78. "ESTABLISH_INTRO auth key length is invalid");
  79. return -1;
  80. }
  81. const uint8_t *msg = cell->start_cell;
  82. /* Verify the sig */
  83. {
  84. ed25519_signature_t sig_struct;
  85. const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell);
  86. /* Make sure the signature length is of the right size. For EXTRA safety,
  87. * we check both the size of the array and the length which must be the
  88. * same. Safety first!*/
  89. if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
  90. hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
  91. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  92. "ESTABLISH_INTRO sig len is invalid");
  93. return -1;
  94. }
  95. /* We are now sure that sig_len is of the right size. */
  96. memcpy(sig_struct.sig, sig_array, cell->sig_len);
  97. ed25519_public_key_t auth_key;
  98. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_ESTABLISH_INTRO, cell);
  99. const size_t sig_msg_len = cell->end_sig_fields - msg;
  100. int sig_mismatch = ed25519_checksig_prefixed(&sig_struct,
  101. msg, sig_msg_len,
  102. ESTABLISH_INTRO_SIG_PREFIX,
  103. &auth_key);
  104. if (sig_mismatch) {
  105. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  106. "ESTABLISH_INTRO signature not as expected");
  107. return -1;
  108. }
  109. }
  110. /* Verify the MAC */
  111. {
  112. const size_t auth_msg_len = cell->end_mac_fields - msg;
  113. uint8_t mac[DIGEST256_LEN];
  114. crypto_mac_sha3_256(mac, sizeof(mac),
  115. circuit_key_material, circuit_key_material_len,
  116. msg, auth_msg_len);
  117. if (tor_memneq(mac, cell->handshake_mac, sizeof(mac))) {
  118. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  119. "ESTABLISH_INTRO handshake_auth not as expected");
  120. return -1;
  121. }
  122. }
  123. return 0;
  124. }
  125. /* Send an INTRO_ESTABLISHED cell to <b>circ</b>. */
  126. MOCK_IMPL(int,
  127. hs_intro_send_intro_established_cell,(or_circuit_t *circ))
  128. {
  129. int ret;
  130. uint8_t *encoded_cell = NULL;
  131. ssize_t encoded_len, result_len;
  132. hs_cell_intro_established_t *cell;
  133. cell_extension_t *ext;
  134. tor_assert(circ);
  135. /* Build the cell payload. */
  136. cell = hs_cell_intro_established_new();
  137. ext = cell_extension_new();
  138. cell_extension_set_num(ext, 0);
  139. hs_cell_intro_established_set_extensions(cell, ext);
  140. /* Encode the cell to binary format. */
  141. encoded_len = hs_cell_intro_established_encoded_len(cell);
  142. tor_assert(encoded_len > 0);
  143. encoded_cell = tor_malloc_zero(encoded_len);
  144. result_len = hs_cell_intro_established_encode(encoded_cell, encoded_len,
  145. cell);
  146. tor_assert(encoded_len == result_len);
  147. ret = relay_send_command_from_edge(0, TO_CIRCUIT(circ),
  148. RELAY_COMMAND_INTRO_ESTABLISHED,
  149. (char *) encoded_cell, encoded_len,
  150. NULL);
  151. /* On failure, the above function will close the circuit. */
  152. hs_cell_intro_established_free(cell);
  153. tor_free(encoded_cell);
  154. return ret;
  155. }
  156. /** We received an ESTABLISH_INTRO <b>parsed_cell</b> on <b>circ</b>. It's
  157. * well-formed and passed our verifications. Perform appropriate actions to
  158. * establish an intro point. */
  159. static int
  160. handle_verified_establish_intro_cell(or_circuit_t *circ,
  161. const hs_cell_establish_intro_t *parsed_cell)
  162. {
  163. /* Get the auth key of this intro point */
  164. ed25519_public_key_t auth_key;
  165. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_ESTABLISH_INTRO,
  166. parsed_cell);
  167. /* Then notify the hidden service that the intro point is established by
  168. sending an INTRO_ESTABLISHED cell */
  169. if (hs_intro_send_intro_established_cell(circ)) {
  170. log_warn(LD_PROTOCOL, "Couldn't send INTRO_ESTABLISHED cell.");
  171. return -1;
  172. }
  173. /* Associate intro point auth key with this circuit. */
  174. hs_circuitmap_register_intro_circ_v3(circ, &auth_key);
  175. /* Repurpose this circuit into an intro circuit. */
  176. circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_INTRO_POINT);
  177. return 0;
  178. }
  179. /** We just received an ESTABLISH_INTRO cell in <b>circ</b> with payload in
  180. * <b>request</b>. Handle it by making <b>circ</b> an intro circuit. Return 0
  181. * if everything went well, or -1 if there were errors. */
  182. static int
  183. handle_establish_intro(or_circuit_t *circ, const uint8_t *request,
  184. size_t request_len)
  185. {
  186. int cell_ok, retval = -1;
  187. hs_cell_establish_intro_t *parsed_cell = NULL;
  188. tor_assert(circ);
  189. tor_assert(request);
  190. log_info(LD_REND, "Received an ESTABLISH_INTRO request on circuit %" PRIu32,
  191. circ->p_circ_id);
  192. /* Check that the circuit is in shape to become an intro point */
  193. if (!hs_intro_circuit_is_suitable_for_establish_intro(circ)) {
  194. goto err;
  195. }
  196. /* Parse the cell */
  197. ssize_t parsing_result = hs_cell_establish_intro_parse(&parsed_cell,
  198. request, request_len);
  199. if (parsing_result < 0) {
  200. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  201. "Rejecting %s ESTABLISH_INTRO cell.",
  202. parsing_result == -1 ? "invalid" : "truncated");
  203. goto err;
  204. }
  205. cell_ok = verify_establish_intro_cell(parsed_cell,
  206. (uint8_t *) circ->rend_circ_nonce,
  207. sizeof(circ->rend_circ_nonce));
  208. if (cell_ok < 0) {
  209. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  210. "Failed to verify ESTABLISH_INTRO cell.");
  211. goto err;
  212. }
  213. /* This cell is legit. Take the appropriate actions. */
  214. cell_ok = handle_verified_establish_intro_cell(circ, parsed_cell);
  215. if (cell_ok < 0) {
  216. goto err;
  217. }
  218. /* We are done! */
  219. retval = 0;
  220. goto done;
  221. err:
  222. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  223. done:
  224. hs_cell_establish_intro_free(parsed_cell);
  225. return retval;
  226. }
  227. /* Return True if circuit is suitable for being an intro circuit. */
  228. static int
  229. circuit_is_suitable_intro_point(const or_circuit_t *circ,
  230. const char *log_cell_type_str)
  231. {
  232. tor_assert(circ);
  233. tor_assert(log_cell_type_str);
  234. /* Basic circuit state sanity checks. */
  235. if (circ->base_.purpose != CIRCUIT_PURPOSE_OR) {
  236. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  237. "Rejecting %s on non-OR circuit.", log_cell_type_str);
  238. return 0;
  239. }
  240. if (circ->base_.n_chan) {
  241. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  242. "Rejecting %s on non-edge circuit.", log_cell_type_str);
  243. return 0;
  244. }
  245. /* Suitable. */
  246. return 1;
  247. }
  248. /* Return True if circuit is suitable for being service-side intro circuit. */
  249. int
  250. hs_intro_circuit_is_suitable_for_establish_intro(const or_circuit_t *circ)
  251. {
  252. return circuit_is_suitable_intro_point(circ, "ESTABLISH_INTRO");
  253. }
  254. /* We just received an ESTABLISH_INTRO cell in <b>circ</b>. Figure out of it's
  255. * a legacy or a next gen cell, and pass it to the appropriate handler. */
  256. int
  257. hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request,
  258. size_t request_len)
  259. {
  260. tor_assert(circ);
  261. tor_assert(request);
  262. if (request_len == 0) {
  263. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Empty ESTABLISH_INTRO cell.");
  264. goto err;
  265. }
  266. /* Using the first byte of the cell, figure out the version of
  267. * ESTABLISH_INTRO and pass it to the appropriate cell handler */
  268. const uint8_t first_byte = request[0];
  269. switch (first_byte) {
  270. case HS_INTRO_AUTH_KEY_TYPE_LEGACY0:
  271. case HS_INTRO_AUTH_KEY_TYPE_LEGACY1:
  272. return rend_mid_establish_intro_legacy(circ, request, request_len);
  273. case HS_INTRO_AUTH_KEY_TYPE_ED25519:
  274. return handle_establish_intro(circ, request, request_len);
  275. default:
  276. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  277. "Unrecognized AUTH_KEY_TYPE %u.", first_byte);
  278. goto err;
  279. }
  280. err:
  281. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  282. return -1;
  283. }
  284. /* Send an INTRODUCE_ACK cell onto the circuit <b>circ</b> with the status
  285. * value in <b>status</b>. Depending on the status, it can be ACK or a NACK.
  286. * Return 0 on success else a negative value on error which will close the
  287. * circuit. */
  288. static int
  289. send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status)
  290. {
  291. int ret = -1;
  292. uint8_t *encoded_cell = NULL;
  293. ssize_t encoded_len, result_len;
  294. hs_cell_introduce_ack_t *cell;
  295. cell_extension_t *ext;
  296. tor_assert(circ);
  297. /* Setup the INTRODUCE_ACK cell. We have no extensions so the N_EXTENSIONS
  298. * field is set to 0 by default with a new object. */
  299. cell = hs_cell_introduce_ack_new();
  300. ret = hs_cell_introduce_ack_set_status(cell, status);
  301. /* We have no cell extensions in an INTRODUCE_ACK cell. */
  302. ext = cell_extension_new();
  303. cell_extension_set_num(ext, 0);
  304. hs_cell_introduce_ack_set_extensions(cell, ext);
  305. /* A wrong status is a very bad code flow error as this value is controlled
  306. * by the code in this file and not an external input. This means we use a
  307. * code that is not known by the trunnel ABI. */
  308. tor_assert(ret == 0);
  309. /* Encode the payload. We should never fail to get the encoded length. */
  310. encoded_len = hs_cell_introduce_ack_encoded_len(cell);
  311. tor_assert(encoded_len > 0);
  312. encoded_cell = tor_malloc_zero(encoded_len);
  313. result_len = hs_cell_introduce_ack_encode(encoded_cell, encoded_len, cell);
  314. tor_assert(encoded_len == result_len);
  315. ret = relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ),
  316. RELAY_COMMAND_INTRODUCE_ACK,
  317. (char *) encoded_cell, encoded_len,
  318. NULL);
  319. /* On failure, the above function will close the circuit. */
  320. hs_cell_introduce_ack_free(cell);
  321. tor_free(encoded_cell);
  322. return ret;
  323. }
  324. /* Validate a parsed INTRODUCE1 <b>cell</b>. Return 0 if valid or else a
  325. * negative value for an invalid cell that should be NACKed. */
  326. STATIC int
  327. validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell)
  328. {
  329. size_t legacy_key_id_len;
  330. const uint8_t *legacy_key_id;
  331. tor_assert(cell);
  332. /* This code path SHOULD NEVER be reached if the cell is a legacy type so
  333. * safety net here. The legacy ID must be zeroes in this case. */
  334. legacy_key_id_len = hs_cell_introduce1_getlen_legacy_key_id(cell);
  335. legacy_key_id = hs_cell_introduce1_getconstarray_legacy_key_id(cell);
  336. if (BUG(!tor_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) {
  337. goto invalid;
  338. }
  339. /* The auth key of an INTRODUCE1 should be of type ed25519 thus leading to a
  340. * known fixed length as well. */
  341. if (hs_cell_introduce1_get_auth_key_type(cell) !=
  342. HS_INTRO_AUTH_KEY_TYPE_ED25519) {
  343. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  344. "Rejecting invalid INTRODUCE1 cell auth key type. "
  345. "Responding with NACK.");
  346. goto invalid;
  347. }
  348. if (hs_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN ||
  349. hs_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) {
  350. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  351. "Rejecting invalid INTRODUCE1 cell auth key length. "
  352. "Responding with NACK.");
  353. goto invalid;
  354. }
  355. if (hs_cell_introduce1_getlen_encrypted(cell) == 0) {
  356. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  357. "Rejecting invalid INTRODUCE1 cell encrypted length. "
  358. "Responding with NACK.");
  359. goto invalid;
  360. }
  361. return 0;
  362. invalid:
  363. return -1;
  364. }
  365. /* We just received a non legacy INTRODUCE1 cell on <b>client_circ</b> with
  366. * the payload in <b>request</b> of size <b>request_len</b>. Return 0 if
  367. * everything went well, or -1 if an error occured. This function is in charge
  368. * of sending back an INTRODUCE_ACK cell and will close client_circ on error.
  369. */
  370. STATIC int
  371. handle_introduce1(or_circuit_t *client_circ, const uint8_t *request,
  372. size_t request_len)
  373. {
  374. int ret = -1;
  375. or_circuit_t *service_circ;
  376. hs_cell_introduce1_t *parsed_cell;
  377. hs_intro_ack_status_t status = HS_INTRO_ACK_STATUS_SUCCESS;
  378. tor_assert(client_circ);
  379. tor_assert(request);
  380. /* Parse cell. Note that we can only parse the non encrypted section for
  381. * which we'll use the authentication key to find the service introduction
  382. * circuit and relay the cell on it. */
  383. ssize_t cell_size = hs_cell_introduce1_parse(&parsed_cell, request,
  384. request_len);
  385. if (cell_size < 0) {
  386. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  387. "Rejecting %s INTRODUCE1 cell. Responding with NACK.",
  388. cell_size == -1 ? "invalid" : "truncated");
  389. /* Inform client that the INTRODUCE1 has a bad format. */
  390. status = HS_INTRO_ACK_STATUS_BAD_FORMAT;
  391. goto send_ack;
  392. }
  393. /* Once parsed validate the cell format. */
  394. if (validate_introduce1_parsed_cell(parsed_cell) < 0) {
  395. /* Inform client that the INTRODUCE1 has bad format. */
  396. status = HS_INTRO_ACK_STATUS_BAD_FORMAT;
  397. goto send_ack;
  398. }
  399. /* Find introduction circuit through our circuit map. */
  400. {
  401. ed25519_public_key_t auth_key;
  402. get_auth_key_from_cell(&auth_key, RELAY_COMMAND_INTRODUCE1, parsed_cell);
  403. service_circ = hs_circuitmap_get_intro_circ_v3(&auth_key);
  404. if (service_circ == NULL) {
  405. char b64_key[ED25519_BASE64_LEN + 1];
  406. ed25519_public_to_base64(b64_key, &auth_key);
  407. log_info(LD_REND, "No intro circuit found for INTRODUCE1 cell "
  408. "with auth key %s from circuit %" PRIu32 ". "
  409. "Responding with NACK.",
  410. safe_str(b64_key), client_circ->p_circ_id);
  411. /* Inform the client that we don't know the requested service ID. */
  412. status = HS_INTRO_ACK_STATUS_UNKNOWN_ID;
  413. goto send_ack;
  414. }
  415. }
  416. /* Relay the cell to the service on its intro circuit with an INTRODUCE2
  417. * cell which is the same exact payload. */
  418. if (relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(service_circ),
  419. RELAY_COMMAND_INTRODUCE2,
  420. (char *) request, request_len, NULL)) {
  421. log_warn(LD_PROTOCOL, "Unable to send INTRODUCE2 cell to the service.");
  422. /* Inform the client that we can't relay the cell. */
  423. status = HS_INTRO_ACK_STATUS_CANT_RELAY;
  424. goto send_ack;
  425. }
  426. /* Success! Send an INTRODUCE_ACK success status onto the client circuit. */
  427. status = HS_INTRO_ACK_STATUS_SUCCESS;
  428. ret = 0;
  429. send_ack:
  430. /* Send INTRODUCE_ACK or INTRODUCE_NACK to client */
  431. if (send_introduce_ack_cell(client_circ, status) < 0) {
  432. log_warn(LD_PROTOCOL, "Unable to send an INTRODUCE ACK status %d "
  433. "to client.", status);
  434. /* Circuit has been closed on failure of transmission. */
  435. goto done;
  436. }
  437. if (status != HS_INTRO_ACK_STATUS_SUCCESS) {
  438. /* We just sent a NACK that is a non success status code so close the
  439. * circuit because it's not useful to keep it open. Remember, a client can
  440. * only send one INTRODUCE1 cell on a circuit. */
  441. circuit_mark_for_close(TO_CIRCUIT(client_circ), END_CIRC_REASON_INTERNAL);
  442. }
  443. done:
  444. hs_cell_introduce1_free(parsed_cell);
  445. return ret;
  446. }
  447. /* Identify if the encoded cell we just received is a legacy one or not. The
  448. * <b>request</b> should be at least DIGEST_LEN bytes long. */
  449. STATIC int
  450. introduce1_cell_is_legacy(const uint8_t *request)
  451. {
  452. tor_assert(request);
  453. /* If the first 20 bytes of the cell (DIGEST_LEN) are NOT zeroes, it
  454. * indicates a legacy cell (v2). */
  455. if (!tor_mem_is_zero((const char *) request, DIGEST_LEN)) {
  456. /* Legacy cell. */
  457. return 1;
  458. }
  459. /* Not a legacy cell. */
  460. return 0;
  461. }
  462. /* Return true iff the circuit <b>circ</b> is suitable for receiving an
  463. * INTRODUCE1 cell. */
  464. STATIC int
  465. circuit_is_suitable_for_introduce1(const or_circuit_t *circ)
  466. {
  467. tor_assert(circ);
  468. /* Is this circuit an intro point circuit? */
  469. if (!circuit_is_suitable_intro_point(circ, "INTRODUCE1")) {
  470. return 0;
  471. }
  472. if (circ->already_received_introduce1) {
  473. log_fn(LOG_PROTOCOL_WARN, LD_REND,
  474. "Blocking multiple introductions on the same circuit. "
  475. "Someone might be trying to attack a hidden service through "
  476. "this relay.");
  477. return 0;
  478. }
  479. return 1;
  480. }
  481. /* We just received an INTRODUCE1 cell on <b>circ</b>. Figure out which type
  482. * it is and pass it to the appropriate handler. Return 0 on success else a
  483. * negative value and the circuit is closed. */
  484. int
  485. hs_intro_received_introduce1(or_circuit_t *circ, const uint8_t *request,
  486. size_t request_len)
  487. {
  488. int ret;
  489. tor_assert(circ);
  490. tor_assert(request);
  491. /* A cell that can't hold a DIGEST_LEN is invalid as we need to check if
  492. * it's a legacy cell or not using the first DIGEST_LEN bytes. */
  493. if (request_len < DIGEST_LEN) {
  494. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Invalid INTRODUCE1 cell length.");
  495. goto err;
  496. }
  497. /* Make sure we have a circuit that can have an INTRODUCE1 cell on it. */
  498. if (!circuit_is_suitable_for_introduce1(circ)) {
  499. /* We do not send a NACK because the circuit is not suitable for any kind
  500. * of response or transmission as it's a violation of the protocol. */
  501. goto err;
  502. }
  503. /* Mark the circuit that we got this cell. None are allowed after this as a
  504. * DoS mitigation since one circuit with one client can hammer a service. */
  505. circ->already_received_introduce1 = 1;
  506. /* We are sure here to have at least DIGEST_LEN bytes. */
  507. if (introduce1_cell_is_legacy(request)) {
  508. /* Handle a legacy cell. */
  509. ret = rend_mid_introduce_legacy(circ, request, request_len);
  510. } else {
  511. /* Handle a non legacy cell. */
  512. ret = handle_introduce1(circ, request, request_len);
  513. }
  514. return ret;
  515. err:
  516. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
  517. return -1;
  518. }