routerparse.c (51175B)
1 /* Copyright (c) 2001 Matej Pfajfar. 2 * Copyright (c) 2001-2004, Roger Dingledine. 3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. 4 * Copyright (c) 2007-2021, The Tor Project, Inc. */ 5 /* See LICENSE for licensing information */ 6 7 /** 8 * \file routerparse.c 9 * \brief Code to parse and validate router descriptors, consenus directories, 10 * and similar objects. 11 * 12 * The objects parsed by this module use a common text-based metaformat, 13 * documented in dir-spec.txt in torspec.git. This module is itself divided 14 * into two major kinds of function: code to handle the metaformat, and code 15 * to convert from particular instances of the metaformat into the 16 * objects that Tor uses. 17 * 18 * The generic parsing code works by calling a table-based tokenizer on the 19 * input string. Each token corresponds to a single line with a token, plus 20 * optional arguments on that line, plus an optional base-64 encoded object 21 * after that line. Each token has a definition in a table of token_rule_t 22 * entries that describes how many arguments it can take, whether it takes an 23 * object, how many times it may appear, whether it must appear first, and so 24 * on. 25 * 26 * The tokenizer function tokenize_string() converts its string input into a 27 * smartlist full of instances of directory_token_t, according to a provided 28 * table of token_rule_t. 29 * 30 * The generic parts of this module additionally include functions for 31 * finding the start and end of signed information inside a signed object, and 32 * computing the digest that will be signed. 33 * 34 * There are also functions for saving objects to disk that have caused 35 * parsing to fail. 36 * 37 * The specific parts of this module describe conversions between 38 * particular lists of directory_token_t and particular objects. The 39 * kinds of objects that can be parsed here are: 40 * <ul> 41 * <li>router descriptors (managed from routerlist.c) 42 * <li>extra-info documents (managed from routerlist.c) 43 * <li>microdescriptors (managed from microdesc.c) 44 * <li>vote and consensus networkstatus documents, and the routerstatus_t 45 * objects that they comprise (managed from networkstatus.c) 46 * <li>detached-signature objects used by authorities for gathering 47 * signatures on the networkstatus consensus (managed from dirvote.c) 48 * <li>authority key certificates (managed from routerlist.c) 49 * <li>hidden service descriptors (managed from rendcommon.c and rendcache.c) 50 * </ul> 51 **/ 52 53 #define ROUTERDESC_TOKEN_TABLE_PRIVATE 54 #define ROUTERPARSE_PRIVATE 55 56 #include "core/or/or.h" 57 #include "app/config/config.h" 58 #include "core/or/policies.h" 59 #include "core/or/versions.h" 60 #include "feature/dirparse/parsecommon.h" 61 #include "feature/dirparse/policy_parse.h" 62 #include "feature/dirparse/routerparse.h" 63 #include "feature/dirparse/sigcommon.h" 64 #include "feature/dirparse/unparseable.h" 65 #include "feature/nodelist/describe.h" 66 #include "feature/nodelist/nickname.h" 67 #include "feature/nodelist/routerinfo.h" 68 #include "feature/nodelist/routerlist.h" 69 #include "feature/nodelist/torcert.h" 70 #include "feature/relay/router.h" 71 #include "lib/crypt_ops/crypto_curve25519.h" 72 #include "lib/crypt_ops/crypto_ed25519.h" 73 #include "lib/crypt_ops/crypto_format.h" 74 #include "lib/memarea/memarea.h" 75 #include "lib/sandbox/sandbox.h" 76 77 #include "core/or/addr_policy_st.h" 78 #include "feature/nodelist/extrainfo_st.h" 79 #include "feature/nodelist/routerinfo_st.h" 80 #include "feature/nodelist/routerlist_st.h" 81 82 /****************************************************************************/ 83 84 /** List of tokens recognized in router descriptors */ 85 // clang-format off 86 const token_rule_t routerdesc_token_table[] = { 87 T0N("reject", K_REJECT, ARGS, NO_OBJ ), 88 T0N("accept", K_ACCEPT, ARGS, NO_OBJ ), 89 T0N("reject6", K_REJECT6, ARGS, NO_OBJ ), 90 T0N("accept6", K_ACCEPT6, ARGS, NO_OBJ ), 91 T1_START( "router", K_ROUTER, GE(5), NO_OBJ ), 92 T01("ipv6-policy", K_IPV6_POLICY, CONCAT_ARGS, NO_OBJ), 93 T1( "signing-key", K_SIGNING_KEY, NO_ARGS, NEED_KEY_1024 ), 94 T01("onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024 ), 95 T1("ntor-onion-key", K_ONION_KEY_NTOR, GE(1), NO_OBJ ), 96 T1_END( "router-signature", K_ROUTER_SIGNATURE, NO_ARGS, NEED_OBJ ), 97 T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ), 98 T01("uptime", K_UPTIME, GE(1), NO_OBJ ), 99 T01("fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ), 100 T01("hibernating", K_HIBERNATING, GE(1), NO_OBJ ), 101 T01("platform", K_PLATFORM, CONCAT_ARGS, NO_OBJ ), 102 T1("proto", K_PROTO, CONCAT_ARGS, NO_OBJ ), 103 T01("contact", K_CONTACT, CONCAT_ARGS, NO_OBJ ), 104 T01("read-history", K_READ_HISTORY, ARGS, NO_OBJ ), 105 T01("write-history", K_WRITE_HISTORY, ARGS, NO_OBJ ), 106 T01("extra-info-digest", K_EXTRA_INFO_DIGEST, GE(1), NO_OBJ ), 107 T01("hidden-service-dir", K_HIDDEN_SERVICE_DIR, NO_ARGS, NO_OBJ ), 108 T1("identity-ed25519", K_IDENTITY_ED25519, NO_ARGS, NEED_OBJ ), 109 T1("master-key-ed25519", K_MASTER_KEY_ED25519, GE(1), NO_OBJ ), 110 T1("router-sig-ed25519", K_ROUTER_SIG_ED25519, GE(1), NO_OBJ ), 111 T01("onion-key-crosscert", K_ONION_KEY_CROSSCERT, NO_ARGS, NEED_OBJ ), 112 T1("ntor-onion-key-crosscert", K_NTOR_ONION_KEY_CROSSCERT, 113 EQ(1), NEED_OBJ ), 114 115 T01("allow-single-hop-exits",K_ALLOW_SINGLE_HOP_EXITS, NO_ARGS, NO_OBJ ), 116 117 T01("family", K_FAMILY, ARGS, NO_OBJ ), 118 T0N("family-cert", K_FAMILY_CERT, ARGS, NEED_OBJ ), 119 T01("caches-extra-info", K_CACHES_EXTRA_INFO, NO_ARGS, NO_OBJ ), 120 T0N("or-address", K_OR_ADDRESS, GE(1), NO_OBJ ), 121 122 T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ), 123 T1( "bandwidth", K_BANDWIDTH, GE(3), NO_OBJ ), 124 A01("@purpose", A_PURPOSE, GE(1), NO_OBJ ), 125 T01("tunnelled-dir-server",K_DIR_TUNNELLED, NO_ARGS, NO_OBJ ), 126 127 END_OF_TABLE 128 }; 129 // clang-format on 130 131 /** List of tokens recognized in extra-info documents. */ 132 // clang-format off 133 static token_rule_t extrainfo_token_table[] = { 134 T1_END( "router-signature", K_ROUTER_SIGNATURE, NO_ARGS, NEED_OBJ ), 135 T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ), 136 T1("identity-ed25519", K_IDENTITY_ED25519, NO_ARGS, NEED_OBJ ), 137 T1("router-sig-ed25519", K_ROUTER_SIG_ED25519, GE(1), NO_OBJ ), 138 T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ), 139 T01("read-history", K_READ_HISTORY, ARGS, NO_OBJ ), 140 T01("write-history", K_WRITE_HISTORY, ARGS, NO_OBJ ), 141 T01("dirreq-stats-end", K_DIRREQ_END, ARGS, NO_OBJ ), 142 T01("dirreq-v2-ips", K_DIRREQ_V2_IPS, ARGS, NO_OBJ ), 143 T01("dirreq-v3-ips", K_DIRREQ_V3_IPS, ARGS, NO_OBJ ), 144 T01("dirreq-v2-reqs", K_DIRREQ_V2_REQS, ARGS, NO_OBJ ), 145 T01("dirreq-v3-reqs", K_DIRREQ_V3_REQS, ARGS, NO_OBJ ), 146 T01("dirreq-v2-share", K_DIRREQ_V2_SHARE, ARGS, NO_OBJ ), 147 T01("dirreq-v3-share", K_DIRREQ_V3_SHARE, ARGS, NO_OBJ ), 148 T01("dirreq-v2-resp", K_DIRREQ_V2_RESP, ARGS, NO_OBJ ), 149 T01("dirreq-v3-resp", K_DIRREQ_V3_RESP, ARGS, NO_OBJ ), 150 T01("dirreq-v2-direct-dl", K_DIRREQ_V2_DIR, ARGS, NO_OBJ ), 151 T01("dirreq-v3-direct-dl", K_DIRREQ_V3_DIR, ARGS, NO_OBJ ), 152 T01("dirreq-v2-tunneled-dl", K_DIRREQ_V2_TUN, ARGS, NO_OBJ ), 153 T01("dirreq-v3-tunneled-dl", K_DIRREQ_V3_TUN, ARGS, NO_OBJ ), 154 T01("entry-stats-end", K_ENTRY_END, ARGS, NO_OBJ ), 155 T01("entry-ips", K_ENTRY_IPS, ARGS, NO_OBJ ), 156 T01("cell-stats-end", K_CELL_END, ARGS, NO_OBJ ), 157 T01("cell-processed-cells", K_CELL_PROCESSED, ARGS, NO_OBJ ), 158 T01("cell-queued-cells", K_CELL_QUEUED, ARGS, NO_OBJ ), 159 T01("cell-time-in-queue", K_CELL_TIME, ARGS, NO_OBJ ), 160 T01("cell-circuits-per-decile", K_CELL_CIRCS, ARGS, NO_OBJ ), 161 T01("exit-stats-end", K_EXIT_END, ARGS, NO_OBJ ), 162 T01("exit-kibibytes-written", K_EXIT_WRITTEN, ARGS, NO_OBJ ), 163 T01("exit-kibibytes-read", K_EXIT_READ, ARGS, NO_OBJ ), 164 T01("exit-streams-opened", K_EXIT_OPENED, ARGS, NO_OBJ ), 165 166 T1_START( "extra-info", K_EXTRA_INFO, GE(2), NO_OBJ ), 167 168 END_OF_TABLE 169 }; 170 // clang-format on 171 172 #undef T 173 174 /* static function prototypes */ 175 static int router_add_exit_policy(routerinfo_t *router,directory_token_t *tok); 176 static smartlist_t *find_all_exitpolicy(smartlist_t *s); 177 static int check_family_certs(const smartlist_t *family_cert_tokens, 178 const ed25519_public_key_t *identity_key, 179 smartlist_t **family_ids_out, 180 time_t *family_expiration_out); 181 182 /** Set <b>digest</b> to the SHA-1 digest of the hash of the first router in 183 * <b>s</b>. Return 0 on success, -1 on failure. 184 */ 185 int 186 router_get_router_hash(const char *s, size_t s_len, char *digest) 187 { 188 return router_get_hash_impl(s, s_len, digest, 189 "router ","\nrouter-signature", '\n', 190 DIGEST_SHA1); 191 } 192 193 /** Set <b>digest</b> to the SHA-1 digest of the hash of the <b>s_len</b>-byte 194 * extrainfo string at <b>s</b>. Return 0 on success, -1 on failure. */ 195 int 196 router_get_extrainfo_hash(const char *s, size_t s_len, char *digest) 197 { 198 return router_get_hash_impl(s, s_len, digest, "extra-info", 199 "\nrouter-signature",'\n', DIGEST_SHA1); 200 } 201 202 /** Helper: move *<b>s_ptr</b> ahead to the next router, the next extra-info, 203 * or to the first of the annotations proceeding the next router or 204 * extra-info---whichever comes first. Set <b>is_extrainfo_out</b> to true if 205 * we found an extrainfo, or false if found a router. Do not scan beyond 206 * <b>eos</b>. Return -1 if we found nothing; 0 if we found something. */ 207 static int 208 find_start_of_next_router_or_extrainfo(const char **s_ptr, 209 const char *eos, 210 int *is_extrainfo_out) 211 { 212 const char *annotations = NULL; 213 const char *s = *s_ptr; 214 215 s = eat_whitespace_eos(s, eos); 216 217 while (s < eos-32) { /* 32 gives enough room for a the first keyword. */ 218 /* We're at the start of a line. */ 219 tor_assert(*s != '\n'); 220 221 if (*s == '@' && !annotations) { 222 annotations = s; 223 } else if (*s == 'r' && !strcmpstart(s, "router ")) { 224 *s_ptr = annotations ? annotations : s; 225 *is_extrainfo_out = 0; 226 return 0; 227 } else if (*s == 'e' && !strcmpstart(s, "extra-info ")) { 228 *s_ptr = annotations ? annotations : s; 229 *is_extrainfo_out = 1; 230 return 0; 231 } 232 233 if (!(s = memchr(s+1, '\n', eos-(s+1)))) 234 break; 235 s = eat_whitespace_eos(s, eos); 236 } 237 return -1; 238 } 239 240 /** Given a string *<b>s</b> containing a concatenated sequence of router 241 * descriptors (or extra-info documents if <b>want_extrainfo</b> is set), 242 * parses them and stores the result in <b>dest</b>. All routers are marked 243 * running and valid. Advances *s to a point immediately following the last 244 * router entry. Ignore any trailing router entries that are not complete. 245 * 246 * If <b>saved_location</b> isn't SAVED_IN_CACHE, make a local copy of each 247 * descriptor in the signed_descriptor_body field of each routerinfo_t. If it 248 * isn't SAVED_NOWHERE, remember the offset of each descriptor. 249 * 250 * Returns 0 on success and -1 on failure. Adds a digest to 251 * <b>invalid_digests_out</b> for every entry that was unparseable or 252 * invalid. (This may cause duplicate entries.) 253 */ 254 int 255 router_parse_list_from_string(const char **s, const char *eos, 256 smartlist_t *dest, 257 saved_location_t saved_location, 258 int want_extrainfo, 259 int allow_annotations, 260 const char *prepend_annotations, 261 smartlist_t *invalid_digests_out) 262 { 263 routerinfo_t *router; 264 extrainfo_t *extrainfo; 265 signed_descriptor_t *signed_desc = NULL; 266 void *elt; 267 const char *end, *start; 268 int have_extrainfo; 269 270 tor_assert(s); 271 tor_assert(*s); 272 tor_assert(dest); 273 274 start = *s; 275 if (!eos) 276 eos = *s + strlen(*s); 277 278 tor_assert(eos >= *s); 279 280 while (1) { 281 char raw_digest[DIGEST_LEN]; 282 int have_raw_digest = 0; 283 int dl_again = 0; 284 if (find_start_of_next_router_or_extrainfo(s, eos, &have_extrainfo) < 0) 285 break; 286 287 end = tor_memstr(*s, eos-*s, "\nrouter-signature"); 288 if (end) 289 end = tor_memstr(end, eos-end, "\n-----END SIGNATURE-----\n"); 290 if (end) 291 end += strlen("\n-----END SIGNATURE-----\n"); 292 293 if (!end) 294 break; 295 296 elt = NULL; 297 298 if (have_extrainfo && want_extrainfo) { 299 routerlist_t *rl = router_get_routerlist(); 300 have_raw_digest = router_get_extrainfo_hash(*s, end-*s, raw_digest) == 0; 301 extrainfo = extrainfo_parse_entry_from_string(*s, end, 302 saved_location != SAVED_IN_CACHE, 303 rl->identity_map, &dl_again); 304 if (extrainfo) { 305 signed_desc = &extrainfo->cache_info; 306 elt = extrainfo; 307 } 308 } else if (!have_extrainfo && !want_extrainfo) { 309 have_raw_digest = router_get_router_hash(*s, end-*s, raw_digest) == 0; 310 router = router_parse_entry_from_string(*s, end, 311 saved_location != SAVED_IN_CACHE, 312 allow_annotations, 313 prepend_annotations, &dl_again); 314 if (router) { 315 log_debug(LD_DIR, "Read router '%s', purpose '%s'", 316 router_describe(router), 317 router_purpose_to_string(router->purpose)); 318 signed_desc = &router->cache_info; 319 elt = router; 320 } 321 } 322 if (! elt && ! dl_again && have_raw_digest && invalid_digests_out) { 323 smartlist_add(invalid_digests_out, tor_memdup(raw_digest, DIGEST_LEN)); 324 } 325 if (!elt) { 326 *s = end; 327 continue; 328 } 329 if (saved_location != SAVED_NOWHERE) { 330 tor_assert(signed_desc); 331 signed_desc->saved_location = saved_location; 332 signed_desc->saved_offset = *s - start; 333 } 334 *s = end; 335 smartlist_add(dest, elt); 336 } 337 338 return 0; 339 } 340 341 /** Try to find an IPv6 OR port in <b>list</b> of directory_token_t's 342 * with at least one argument (use GE(1) in setup). If found, store 343 * address and port number to <b>addr_out</b> and 344 * <b>port_out</b>. Return number of OR ports found. */ 345 int 346 find_single_ipv6_orport(const smartlist_t *list, 347 tor_addr_t *addr_out, 348 uint16_t *port_out) 349 { 350 int ret = 0; 351 tor_assert(list != NULL); 352 tor_assert(addr_out != NULL); 353 tor_assert(port_out != NULL); 354 355 SMARTLIST_FOREACH_BEGIN(list, directory_token_t *, t) { 356 tor_addr_t a; 357 maskbits_t bits; 358 uint16_t port_min, port_max; 359 tor_assert(t->n_args >= 1); 360 /* XXXX Prop186 the full spec allows much more than this. */ 361 if (tor_addr_parse_mask_ports(t->args[0], 0, 362 &a, &bits, &port_min, 363 &port_max) == AF_INET6 && 364 bits == 128 && 365 port_min == port_max) { 366 /* Okay, this is one we can understand. Use it and ignore 367 any potential more addresses in list. */ 368 tor_addr_copy(addr_out, &a); 369 *port_out = port_min; 370 ret = 1; 371 break; 372 } 373 } SMARTLIST_FOREACH_END(t); 374 375 return ret; 376 } 377 378 /** Helper function: reads a single router entry from *<b>s</b> ... 379 * *<b>end</b>. Mallocs a new router and returns it if all goes well, else 380 * returns NULL. If <b>cache_copy</b> is true, duplicate the contents of 381 * s through end into the signed_descriptor_body of the resulting 382 * routerinfo_t. 383 * 384 * If <b>end</b> is NULL, <b>s</b> must be properly NUL-terminated. 385 * 386 * If <b>allow_annotations</b>, it's okay to encounter annotations in <b>s</b> 387 * before the router; if it's false, reject the router if it's annotated. If 388 * <b>prepend_annotations</b> is set, it should contain some annotations: 389 * append them to the front of the router before parsing it, and keep them 390 * around when caching the router. 391 * 392 * Only one of allow_annotations and prepend_annotations may be set. 393 * 394 * If <b>can_dl_again_out</b> is provided, set *<b>can_dl_again_out</b> to 1 395 * if it's okay to try to download a descriptor with this same digest again, 396 * and 0 if it isn't. (It might not be okay to download it again if part of 397 * the part covered by the digest is invalid.) 398 */ 399 routerinfo_t * 400 router_parse_entry_from_string(const char *s, const char *end, 401 int cache_copy, int allow_annotations, 402 const char *prepend_annotations, 403 int *can_dl_again_out) 404 { 405 routerinfo_t *router = NULL; 406 char digest[128]; 407 smartlist_t *tokens = NULL, *exit_policy_tokens = NULL; 408 directory_token_t *tok; 409 struct in_addr in; 410 const char *start_of_annotations, *cp, *s_dup = s; 411 size_t prepend_len = prepend_annotations ? strlen(prepend_annotations) : 0; 412 int ok = 1; 413 memarea_t *area = NULL; 414 tor_cert_t *ntor_cc_cert = NULL; 415 /* Do not set this to '1' until we have parsed everything that we intend to 416 * parse that's covered by the hash. */ 417 int can_dl_again = 0; 418 crypto_pk_t *rsa_pubkey = NULL; 419 420 tor_assert(!allow_annotations || !prepend_annotations); 421 422 if (!end) { 423 end = s + strlen(s); 424 } 425 426 /* point 'end' to a point immediately after the final newline. */ 427 while (end > s+2 && *(end-1) == '\n' && *(end-2) == '\n') 428 --end; 429 430 area = memarea_new(); 431 tokens = smartlist_new(); 432 if (prepend_annotations) { 433 if (tokenize_string(area,prepend_annotations,NULL,tokens, 434 routerdesc_token_table,TS_NOCHECK)) { 435 log_warn(LD_DIR, "Error tokenizing router descriptor (annotations)."); 436 goto err; 437 } 438 } 439 440 start_of_annotations = s; 441 cp = tor_memstr(s, end-s, "\nrouter "); 442 if (!cp) { 443 if (end-s < 7 || strcmpstart(s, "router ")) { 444 log_warn(LD_DIR, "No router keyword found."); 445 goto err; 446 } 447 } else { 448 s = cp+1; 449 } 450 451 if (start_of_annotations != s) { /* We have annotations */ 452 if (allow_annotations) { 453 if (tokenize_string(area,start_of_annotations,s,tokens, 454 routerdesc_token_table,TS_NOCHECK)) { 455 log_warn(LD_DIR, "Error tokenizing router descriptor (annotations)."); 456 goto err; 457 } 458 } else { 459 log_warn(LD_DIR, "Found unexpected annotations on router descriptor not " 460 "loaded from disk. Dropping it."); 461 goto err; 462 } 463 } 464 465 if (!tor_memstr(s, end-s, "\nproto ")) { 466 log_debug(LD_DIR, "Found an obsolete router descriptor. " 467 "Rejecting quietly."); 468 goto err; 469 } 470 471 if (router_get_router_hash(s, end - s, digest) < 0) { 472 log_warn(LD_DIR, "Couldn't compute router hash."); 473 goto err; 474 } 475 { 476 int flags = 0; 477 if (allow_annotations) 478 flags |= TS_ANNOTATIONS_OK; 479 if (prepend_annotations) 480 flags |= TS_ANNOTATIONS_OK|TS_NO_NEW_ANNOTATIONS; 481 482 if (tokenize_string(area,s,end,tokens,routerdesc_token_table, flags)) { 483 log_warn(LD_DIR, "Error tokenizing router descriptor."); 484 goto err; 485 } 486 } 487 488 if (smartlist_len(tokens) < 2) { 489 log_warn(LD_DIR, "Impossibly short router descriptor."); 490 goto err; 491 } 492 493 tok = find_by_keyword(tokens, K_ROUTER); 494 const int router_token_pos = smartlist_pos(tokens, tok); 495 tor_assert(tok->n_args >= 5); 496 497 router = tor_malloc_zero(sizeof(routerinfo_t)); 498 router->cert_expiration_time = TIME_MAX; 499 router->cache_info.routerlist_index = -1; 500 router->cache_info.annotations_len = s-start_of_annotations + prepend_len; 501 router->cache_info.signed_descriptor_len = end-s; 502 if (cache_copy) { 503 size_t len = router->cache_info.signed_descriptor_len + 504 router->cache_info.annotations_len; 505 char *signed_body = 506 router->cache_info.signed_descriptor_body = tor_malloc(len+1); 507 if (prepend_annotations) { 508 memcpy(signed_body, prepend_annotations, prepend_len); 509 signed_body += prepend_len; 510 } 511 /* This assertion will always succeed. 512 * len == signed_desc_len + annotations_len 513 * == end-s + s-start_of_annotations + prepend_len 514 * == end-start_of_annotations + prepend_len 515 * We already wrote prepend_len bytes into the buffer; now we're 516 * writing end-start_of_annotations -NM. */ 517 tor_assert(signed_body+(end-start_of_annotations) == 518 router->cache_info.signed_descriptor_body+len); 519 memcpy(signed_body, start_of_annotations, end-start_of_annotations); 520 router->cache_info.signed_descriptor_body[len] = '\0'; 521 tor_assert(strlen(router->cache_info.signed_descriptor_body) == len); 522 } 523 memcpy(router->cache_info.signed_descriptor_digest, digest, DIGEST_LEN); 524 525 router->nickname = tor_strdup(tok->args[0]); 526 if (!is_legal_nickname(router->nickname)) { 527 log_warn(LD_DIR,"Router nickname is invalid"); 528 goto err; 529 } 530 if (!tor_inet_aton(tok->args[1], &in)) { 531 log_warn(LD_DIR,"Router address is not an IP address."); 532 goto err; 533 } 534 tor_addr_from_in(&router->ipv4_addr, &in); 535 536 router->ipv4_orport = 537 (uint16_t) tor_parse_long(tok->args[2],10,0,65535,&ok,NULL); 538 if (!ok) { 539 log_warn(LD_DIR,"Invalid OR port %s", escaped(tok->args[2])); 540 goto err; 541 } 542 router->ipv4_dirport = 543 (uint16_t) tor_parse_long(tok->args[4],10,0,65535,&ok,NULL); 544 if (!ok) { 545 log_warn(LD_DIR,"Invalid dir port %s", escaped(tok->args[4])); 546 goto err; 547 } 548 549 tok = find_by_keyword(tokens, K_BANDWIDTH); 550 tor_assert(tok->n_args >= 3); 551 router->bandwidthrate = (int) 552 tor_parse_long(tok->args[0],10,1,INT_MAX,&ok,NULL); 553 554 if (!ok) { 555 log_warn(LD_DIR, "bandwidthrate %s unreadable or 0. Failing.", 556 escaped(tok->args[0])); 557 goto err; 558 } 559 router->bandwidthburst = 560 (int) tor_parse_long(tok->args[1],10,0,INT_MAX,&ok,NULL); 561 if (!ok) { 562 log_warn(LD_DIR, "Invalid bandwidthburst %s", escaped(tok->args[1])); 563 goto err; 564 } 565 router->bandwidthcapacity = (int) 566 tor_parse_long(tok->args[2],10,0,INT_MAX,&ok,NULL); 567 if (!ok) { 568 log_warn(LD_DIR, "Invalid bandwidthcapacity %s", escaped(tok->args[1])); 569 goto err; 570 } 571 572 if ((tok = find_opt_by_keyword(tokens, A_PURPOSE))) { 573 tor_assert(tok->n_args); 574 router->purpose = router_purpose_from_string(tok->args[0]); 575 if (router->purpose == ROUTER_PURPOSE_UNKNOWN) { 576 goto err; 577 } 578 } else { 579 router->purpose = ROUTER_PURPOSE_GENERAL; 580 } 581 router->cache_info.send_unencrypted = 582 (router->purpose == ROUTER_PURPOSE_GENERAL) ? 1 : 0; 583 584 if ((tok = find_opt_by_keyword(tokens, K_UPTIME))) { 585 tor_assert(tok->n_args >= 1); 586 router->uptime = tor_parse_long(tok->args[0],10,0,LONG_MAX,&ok,NULL); 587 if (!ok) { 588 log_warn(LD_DIR, "Invalid uptime %s", escaped(tok->args[0])); 589 goto err; 590 } 591 } 592 593 if ((tok = find_opt_by_keyword(tokens, K_HIBERNATING))) { 594 tor_assert(tok->n_args >= 1); 595 router->is_hibernating 596 = (tor_parse_long(tok->args[0],10,0,LONG_MAX,NULL,NULL) != 0); 597 } 598 599 tok = find_by_keyword(tokens, K_PUBLISHED); 600 tor_assert(tok->n_args == 1); 601 if (parse_iso_time(tok->args[0], &router->cache_info.published_on) < 0) 602 goto err; 603 604 tok = find_opt_by_keyword(tokens, K_ONION_KEY); 605 if (tok) { 606 if (!crypto_pk_public_exponent_ok(tok->key)) { 607 log_warn(LD_DIR, 608 "Relay's onion key had invalid exponent."); 609 goto err; 610 } 611 router->tap_onion_pkey = tor_memdup(tok->object_body, tok->object_size); 612 router->tap_onion_pkey_len = tok->object_size; 613 crypto_pk_free(tok->key); 614 } 615 616 if ((tok = find_opt_by_keyword(tokens, K_ONION_KEY_NTOR))) { 617 curve25519_public_key_t k; 618 tor_assert(tok->n_args >= 1); 619 if (curve25519_public_from_base64(&k, tok->args[0]) < 0) { 620 log_warn(LD_DIR, "Bogus ntor-onion-key in routerinfo"); 621 goto err; 622 } 623 router->onion_curve25519_pkey = 624 tor_memdup(&k, sizeof(curve25519_public_key_t)); 625 } 626 627 tok = find_by_keyword(tokens, K_SIGNING_KEY); 628 router->identity_pkey = tok->key; 629 tok->key = NULL; /* Prevent free */ 630 if (crypto_pk_get_digest(router->identity_pkey, 631 router->cache_info.identity_digest)) { 632 log_warn(LD_DIR, "Couldn't calculate key digest"); goto err; 633 } 634 635 { 636 directory_token_t *ed_sig_tok, *ed_cert_tok, *cc_tap_tok, *cc_ntor_tok, 637 *master_key_tok; 638 ed_sig_tok = find_by_keyword(tokens, K_ROUTER_SIG_ED25519); 639 ed_cert_tok = find_by_keyword(tokens, K_IDENTITY_ED25519); 640 master_key_tok = find_by_keyword(tokens, K_MASTER_KEY_ED25519); 641 cc_ntor_tok = find_by_keyword(tokens, K_NTOR_ONION_KEY_CROSSCERT); 642 /* This, and only this, is optional. */ 643 cc_tap_tok = find_opt_by_keyword(tokens, K_ONION_KEY_CROSSCERT); 644 645 if (bool_neq(cc_tap_tok==NULL, router->tap_onion_pkey==NULL)) { 646 log_warn(LD_DIR, "Router descriptor had only one of (onion-key, " 647 "onion-key-crosscert)."); 648 goto err; 649 } 650 651 IF_BUG_ONCE(! (ed_sig_tok && ed_cert_tok&& cc_ntor_tok &&master_key_tok)) { 652 goto err; 653 } 654 655 tor_cert_t *cert; 656 { 657 /* Parse the identity certificate */ 658 cert = tor_cert_parse( 659 (const uint8_t*)ed_cert_tok->object_body, 660 ed_cert_tok->object_size); 661 if (! cert) { 662 log_warn(LD_DIR, "Couldn't parse ed25519 cert"); 663 goto err; 664 } 665 /* makes sure it gets freed. */ 666 router->cache_info.signing_key_cert = cert; 667 668 if (cert->cert_type != CERT_TYPE_ID_SIGNING || 669 ! cert->signing_key_included) { 670 log_warn(LD_DIR, "Invalid form for ed25519 cert"); 671 goto err; 672 } 673 } 674 675 if (cc_tap_tok) { 676 rsa_pubkey = router_get_rsa_onion_pkey(router->tap_onion_pkey, 677 router->tap_onion_pkey_len); 678 if (rsa_pubkey == NULL) { 679 log_warn(LD_DIR, "No pubkey for TAP cross-verification."); 680 goto err; 681 } 682 if (strcmp(cc_tap_tok->object_type, "CROSSCERT")) { 683 log_warn(LD_DIR, "Wrong object type on onion-key-crosscert " 684 "in descriptor"); 685 goto err; 686 } 687 if (check_tap_onion_key_crosscert( 688 (const uint8_t*)cc_tap_tok->object_body, 689 (int)cc_tap_tok->object_size, 690 rsa_pubkey, 691 &cert->signing_key, 692 (const uint8_t*)router->cache_info.identity_digest)<0) { 693 log_warn(LD_DIR, "Incorrect TAP cross-verification"); 694 goto err; 695 } 696 } 697 698 { 699 tor_assert(ed_sig_tok && ed_cert_tok && cc_ntor_tok); 700 const int ed_cert_token_pos = smartlist_pos(tokens, ed_cert_tok); 701 if (ed_cert_token_pos == -1 || router_token_pos == -1 || 702 (ed_cert_token_pos != router_token_pos + 1 && 703 ed_cert_token_pos != router_token_pos - 1)) { 704 log_warn(LD_DIR, "Ed25519 certificate in wrong position"); 705 goto err; 706 } 707 if (ed_sig_tok != smartlist_get(tokens, smartlist_len(tokens)-2)) { 708 log_warn(LD_DIR, "Ed25519 signature in wrong position"); 709 goto err; 710 } 711 if (strcmp(ed_cert_tok->object_type, "ED25519 CERT")) { 712 log_warn(LD_DIR, "Wrong object type on identity-ed25519 " 713 "in descriptor"); 714 goto err; 715 } 716 if (strcmp(cc_ntor_tok->object_type, "ED25519 CERT")) { 717 log_warn(LD_DIR, "Wrong object type on ntor-onion-key-crosscert " 718 "in descriptor"); 719 goto err; 720 } 721 if (strcmp(cc_ntor_tok->args[0], "0") && 722 strcmp(cc_ntor_tok->args[0], "1")) { 723 log_warn(LD_DIR, "Bad sign bit on ntor-onion-key-crosscert"); 724 goto err; 725 } 726 int ntor_cc_sign_bit = !strcmp(cc_ntor_tok->args[0], "1"); 727 uint8_t d256[DIGEST256_LEN]; 728 const char *signed_start, *signed_end; 729 730 if (master_key_tok) { 731 /* This token is optional, but if it's present, it must match 732 * the signature in the signing cert, or supplant it. */ 733 tor_assert(master_key_tok->n_args >= 1); 734 ed25519_public_key_t pkey; 735 if (ed25519_public_from_base64(&pkey, master_key_tok->args[0])<0) { 736 log_warn(LD_DIR, "Can't parse ed25519 master key"); 737 goto err; 738 } 739 740 if (fast_memneq(&cert->signing_key.pubkey, 741 pkey.pubkey, ED25519_PUBKEY_LEN)) { 742 log_warn(LD_DIR, "Ed25519 master key does not match " 743 "key in certificate"); 744 goto err; 745 } 746 } 747 ntor_cc_cert = tor_cert_parse((const uint8_t*)cc_ntor_tok->object_body, 748 cc_ntor_tok->object_size); 749 if (!ntor_cc_cert) { 750 log_warn(LD_DIR, "Couldn't parse ntor-onion-key-crosscert cert"); 751 goto err; 752 } 753 if (ntor_cc_cert->cert_type != CERT_TYPE_ONION_ID || 754 ! ed25519_pubkey_eq(&ntor_cc_cert->signed_key, &cert->signing_key)) { 755 log_warn(LD_DIR, "Invalid contents for ntor-onion-key-crosscert cert"); 756 goto err; 757 } 758 759 ed25519_public_key_t ntor_cc_pk; 760 if (ed25519_public_key_from_curve25519_public_key(&ntor_cc_pk, 761 router->onion_curve25519_pkey, 762 ntor_cc_sign_bit)<0) { 763 log_warn(LD_DIR, "Error converting onion key to ed25519"); 764 goto err; 765 } 766 767 if (router_get_hash_impl_helper(s, end-s, "router ", 768 "\nrouter-sig-ed25519", 769 ' ', LOG_WARN, 770 &signed_start, &signed_end) < 0) { 771 log_warn(LD_DIR, "Can't find ed25519-signed portion of descriptor"); 772 goto err; 773 } 774 crypto_digest_t *d = crypto_digest256_new(DIGEST_SHA256); 775 crypto_digest_add_bytes(d, ED_DESC_SIGNATURE_PREFIX, 776 strlen(ED_DESC_SIGNATURE_PREFIX)); 777 crypto_digest_add_bytes(d, signed_start, signed_end-signed_start); 778 779 crypto_digest_get_digest(d, (char*)d256, sizeof(d256)); 780 crypto_digest_free(d); 781 782 ed25519_checkable_t check[3]; 783 int check_ok[3]; 784 time_t expires = TIME_MAX; 785 if (tor_cert_get_checkable_sig(&check[0], cert, NULL, &expires) < 0) { 786 log_err(LD_BUG, "Couldn't create 'checkable' for cert."); 787 goto err; 788 } 789 if (tor_cert_get_checkable_sig(&check[1], 790 ntor_cc_cert, &ntor_cc_pk, &expires) < 0) { 791 log_err(LD_BUG, "Couldn't create 'checkable' for ntor_cc_cert."); 792 goto err; 793 } 794 795 if (ed25519_signature_from_base64(&check[2].signature, 796 ed_sig_tok->args[0])<0) { 797 log_warn(LD_DIR, "Couldn't decode ed25519 signature"); 798 goto err; 799 } 800 check[2].pubkey = &cert->signed_key; 801 check[2].msg = d256; 802 check[2].len = DIGEST256_LEN; 803 804 if (ed25519_checksig_batch(check_ok, check, 3) < 0) { 805 log_warn(LD_DIR, "Incorrect ed25519 signature(s)"); 806 goto err; 807 } 808 809 /* We check this before adding it to the routerlist. */ 810 router->cert_expiration_time = expires; 811 } 812 } 813 814 if ((tok = find_opt_by_keyword(tokens, K_FINGERPRINT))) { 815 /* If there's a fingerprint line, it must match the identity digest. */ 816 char d[DIGEST_LEN]; 817 tor_assert(tok->n_args == 1); 818 tor_strstrip(tok->args[0], " "); 819 if (base16_decode(d, DIGEST_LEN, 820 tok->args[0], strlen(tok->args[0])) != DIGEST_LEN) { 821 log_warn(LD_DIR, "Couldn't decode router fingerprint %s", 822 escaped(tok->args[0])); 823 goto err; 824 } 825 if (tor_memneq(d,router->cache_info.identity_digest, DIGEST_LEN)) { 826 log_warn(LD_DIR, "Fingerprint '%s' does not match identity digest.", 827 tok->args[0]); 828 goto err; 829 } 830 } 831 832 { 833 const char *version = NULL, *protocols = NULL; 834 if ((tok = find_opt_by_keyword(tokens, K_PLATFORM))) { 835 router->platform = tor_strdup(tok->args[0]); 836 version = tok->args[0]; 837 } 838 839 if ((tok = find_opt_by_keyword(tokens, K_PROTO))) { 840 router->protocol_list = tor_strdup(tok->args[0]); 841 protocols = tok->args[0]; 842 } 843 844 summarize_protover_flags(&router->pv, protocols, version); 845 } 846 847 if ((tok = find_opt_by_keyword(tokens, K_CONTACT))) { 848 router->contact_info = tor_strdup(tok->args[0]); 849 } 850 851 if (find_opt_by_keyword(tokens, K_REJECT6) || 852 find_opt_by_keyword(tokens, K_ACCEPT6)) { 853 log_warn(LD_DIR, "Rejecting router with reject6/accept6 line: they crash " 854 "older Tors."); 855 goto err; 856 } 857 { 858 smartlist_t *or_addresses = find_all_by_keyword(tokens, K_OR_ADDRESS); 859 if (or_addresses) { 860 find_single_ipv6_orport(or_addresses, &router->ipv6_addr, 861 &router->ipv6_orport); 862 smartlist_free(or_addresses); 863 } 864 } 865 exit_policy_tokens = find_all_exitpolicy(tokens); 866 if (!smartlist_len(exit_policy_tokens)) { 867 log_warn(LD_DIR, "No exit policy tokens in descriptor."); 868 goto err; 869 } 870 SMARTLIST_FOREACH(exit_policy_tokens, directory_token_t *, t, 871 if (router_add_exit_policy(router,t)<0) { 872 log_warn(LD_DIR,"Error in exit policy"); 873 goto err; 874 }); 875 policy_expand_private(&router->exit_policy); 876 877 if ((tok = find_opt_by_keyword(tokens, K_IPV6_POLICY)) && tok->n_args) { 878 router->ipv6_exit_policy = parse_short_policy(tok->args[0]); 879 if (! router->ipv6_exit_policy) { 880 log_warn(LD_DIR , "Error in ipv6-policy %s", escaped(tok->args[0])); 881 goto err; 882 } 883 } 884 885 if (policy_is_reject_star(router->exit_policy, AF_INET, 1) && 886 (!router->ipv6_exit_policy || 887 short_policy_is_reject_star(router->ipv6_exit_policy))) 888 router->policy_is_reject_star = 1; 889 890 if ((tok = find_opt_by_keyword(tokens, K_FAMILY)) && tok->n_args) { 891 int i; 892 router->declared_family = smartlist_new(); 893 for (i=0;i<tok->n_args;++i) { 894 if (!is_legal_nickname_or_hexdigest(tok->args[i])) { 895 log_warn(LD_DIR, "Illegal nickname %s in family line", 896 escaped(tok->args[i])); 897 goto err; 898 } 899 smartlist_add_strdup(router->declared_family, tok->args[i]); 900 } 901 } 902 903 { 904 smartlist_t *family_cert_toks = find_all_by_keyword(tokens, K_FAMILY_CERT); 905 time_t family_expiration = TIME_MAX; 906 int r = 0; 907 if (family_cert_toks) { 908 r = check_family_certs(family_cert_toks, 909 &router->cache_info.signing_key_cert->signing_key, 910 &router->family_ids, 911 &family_expiration); 912 smartlist_free(family_cert_toks); 913 } 914 if (r<0) 915 goto err; 916 } 917 918 if (find_opt_by_keyword(tokens, K_CACHES_EXTRA_INFO)) 919 router->caches_extra_info = 1; 920 921 if (find_opt_by_keyword(tokens, K_ALLOW_SINGLE_HOP_EXITS)) 922 router->allow_single_hop_exits = 1; 923 924 if ((tok = find_opt_by_keyword(tokens, K_EXTRA_INFO_DIGEST))) { 925 tor_assert(tok->n_args >= 1); 926 if (strlen(tok->args[0]) == HEX_DIGEST_LEN) { 927 if (base16_decode(router->cache_info.extra_info_digest, DIGEST_LEN, 928 tok->args[0], HEX_DIGEST_LEN) != DIGEST_LEN) { 929 log_warn(LD_DIR,"Invalid extra info digest"); 930 } 931 } else { 932 log_warn(LD_DIR, "Invalid extra info digest %s", escaped(tok->args[0])); 933 } 934 935 if (tok->n_args >= 2) { 936 if (digest256_from_base64(router->cache_info.extra_info_digest256, 937 tok->args[1]) < 0) { 938 log_warn(LD_DIR, "Invalid extra info digest256 %s", 939 escaped(tok->args[1])); 940 } 941 } 942 } 943 944 if (find_opt_by_keyword(tokens, K_HIDDEN_SERVICE_DIR)) { 945 router->wants_to_be_hs_dir = 1; 946 } 947 948 /* This router accepts tunnelled directory requests via begindir if it has 949 * an open dirport or it included "tunnelled-dir-server". */ 950 if (find_opt_by_keyword(tokens, K_DIR_TUNNELLED) || 951 router->ipv4_dirport > 0) { 952 router->supports_tunnelled_dir_requests = 1; 953 } 954 955 tok = find_by_keyword(tokens, K_ROUTER_SIGNATURE); 956 957 if (!router->ipv4_orport) { 958 log_warn(LD_DIR,"or_port unreadable or 0. Failing."); 959 goto err; 960 } 961 962 /* We've checked everything that's covered by the hash. */ 963 can_dl_again = 1; 964 if (check_signature_token(digest, DIGEST_LEN, tok, router->identity_pkey, 0, 965 "router descriptor") < 0) 966 goto err; 967 968 if (!router->platform) { 969 router->platform = tor_strdup("<unknown>"); 970 } 971 goto done; 972 973 err: 974 dump_desc(s_dup, "router descriptor"); 975 routerinfo_free(router); 976 router = NULL; 977 done: 978 crypto_pk_free(rsa_pubkey); 979 tor_cert_free(ntor_cc_cert); 980 if (tokens) { 981 SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); 982 smartlist_free(tokens); 983 } 984 smartlist_free(exit_policy_tokens); 985 if (area) { 986 DUMP_AREA(area, "routerinfo"); 987 memarea_drop_all(area); 988 } 989 if (can_dl_again_out) 990 *can_dl_again_out = can_dl_again; 991 return router; 992 } 993 994 /** Parse a single extrainfo entry from the string <b>s</b>, ending at 995 * <b>end</b>. (If <b>end</b> is NULL, parse up to the end of <b>s</b>.) If 996 * <b>cache_copy</b> is true, make a copy of the extra-info document in the 997 * cache_info fields of the result. If <b>routermap</b> is provided, use it 998 * as a map from router identity to routerinfo_t when looking up signing keys. 999 * 1000 * If <b>can_dl_again_out</b> is provided, set *<b>can_dl_again_out</b> to 1 1001 * if it's okay to try to download an extrainfo with this same digest again, 1002 * and 0 if it isn't. (It might not be okay to download it again if part of 1003 * the part covered by the digest is invalid.) 1004 */ 1005 extrainfo_t * 1006 extrainfo_parse_entry_from_string(const char *s, const char *end, 1007 int cache_copy, struct digest_ri_map_t *routermap, 1008 int *can_dl_again_out) 1009 { 1010 extrainfo_t *extrainfo = NULL; 1011 char digest[128]; 1012 smartlist_t *tokens = NULL; 1013 directory_token_t *tok; 1014 crypto_pk_t *key = NULL; 1015 routerinfo_t *router = NULL; 1016 memarea_t *area = NULL; 1017 const char *s_dup = s; 1018 /* Do not set this to '1' until we have parsed everything that we intend to 1019 * parse that's covered by the hash. */ 1020 int can_dl_again = 0; 1021 1022 if (BUG(s == NULL)) 1023 return NULL; 1024 1025 if (!end) { 1026 end = s + strlen(s); 1027 } 1028 1029 /* point 'end' to a point immediately after the final newline. */ 1030 while (end > s+2 && *(end-1) == '\n' && *(end-2) == '\n') 1031 --end; 1032 1033 if (!tor_memstr(s, end-s, "\nidentity-ed25519")) { 1034 log_debug(LD_DIR, "Found an obsolete extrainfo. Rejecting quietly."); 1035 goto err; 1036 } 1037 1038 if (router_get_extrainfo_hash(s, end-s, digest) < 0) { 1039 log_warn(LD_DIR, "Couldn't compute router hash."); 1040 goto err; 1041 } 1042 tokens = smartlist_new(); 1043 area = memarea_new(); 1044 if (tokenize_string(area,s,end,tokens,extrainfo_token_table,0)) { 1045 log_warn(LD_DIR, "Error tokenizing extra-info document."); 1046 goto err; 1047 } 1048 1049 if (smartlist_len(tokens) < 2) { 1050 log_warn(LD_DIR, "Impossibly short extra-info document."); 1051 goto err; 1052 } 1053 1054 /* XXXX Accept this in position 1 too, and ed identity in position 0. */ 1055 tok = smartlist_get(tokens,0); 1056 if (tok->tp != K_EXTRA_INFO) { 1057 log_warn(LD_DIR,"Entry does not start with \"extra-info\""); 1058 goto err; 1059 } 1060 1061 extrainfo = tor_malloc_zero(sizeof(extrainfo_t)); 1062 extrainfo->cache_info.is_extrainfo = 1; 1063 if (cache_copy) 1064 extrainfo->cache_info.signed_descriptor_body = tor_memdup_nulterm(s,end-s); 1065 extrainfo->cache_info.signed_descriptor_len = end-s; 1066 memcpy(extrainfo->cache_info.signed_descriptor_digest, digest, DIGEST_LEN); 1067 crypto_digest256((char*)extrainfo->digest256, s, end-s, DIGEST_SHA256); 1068 1069 tor_assert(tok->n_args >= 2); 1070 if (!is_legal_nickname(tok->args[0])) { 1071 log_warn(LD_DIR,"Bad nickname %s on \"extra-info\"",escaped(tok->args[0])); 1072 goto err; 1073 } 1074 strlcpy(extrainfo->nickname, tok->args[0], sizeof(extrainfo->nickname)); 1075 if (strlen(tok->args[1]) != HEX_DIGEST_LEN || 1076 base16_decode(extrainfo->cache_info.identity_digest, DIGEST_LEN, 1077 tok->args[1], HEX_DIGEST_LEN) != DIGEST_LEN) { 1078 log_warn(LD_DIR,"Invalid fingerprint %s on \"extra-info\"", 1079 escaped(tok->args[1])); 1080 goto err; 1081 } 1082 1083 tok = find_by_keyword(tokens, K_PUBLISHED); 1084 if (parse_iso_time(tok->args[0], &extrainfo->cache_info.published_on)) { 1085 log_warn(LD_DIR,"Invalid published time %s on \"extra-info\"", 1086 escaped(tok->args[0])); 1087 goto err; 1088 } 1089 1090 { 1091 directory_token_t *ed_sig_tok, *ed_cert_tok; 1092 ed_sig_tok = find_opt_by_keyword(tokens, K_ROUTER_SIG_ED25519); 1093 ed_cert_tok = find_opt_by_keyword(tokens, K_IDENTITY_ED25519); 1094 int n_ed_toks = !!ed_sig_tok + !!ed_cert_tok; 1095 if (n_ed_toks != 0 && n_ed_toks != 2) { 1096 log_warn(LD_DIR, "Router descriptor with only partial ed25519/" 1097 "cross-certification support"); 1098 goto err; 1099 } 1100 if (ed_sig_tok) { 1101 tor_assert(ed_cert_tok); 1102 const int ed_cert_token_pos = smartlist_pos(tokens, ed_cert_tok); 1103 if (ed_cert_token_pos != 1) { 1104 /* Accept this in position 0 XXXX */ 1105 log_warn(LD_DIR, "Ed25519 certificate in wrong position"); 1106 goto err; 1107 } 1108 if (ed_sig_tok != smartlist_get(tokens, smartlist_len(tokens)-2)) { 1109 log_warn(LD_DIR, "Ed25519 signature in wrong position"); 1110 goto err; 1111 } 1112 if (strcmp(ed_cert_tok->object_type, "ED25519 CERT")) { 1113 log_warn(LD_DIR, "Wrong object type on identity-ed25519 " 1114 "in descriptor"); 1115 goto err; 1116 } 1117 1118 uint8_t d256[DIGEST256_LEN]; 1119 const char *signed_start, *signed_end; 1120 tor_cert_t *cert = tor_cert_parse( 1121 (const uint8_t*)ed_cert_tok->object_body, 1122 ed_cert_tok->object_size); 1123 if (! cert) { 1124 log_warn(LD_DIR, "Couldn't parse ed25519 cert"); 1125 goto err; 1126 } 1127 /* makes sure it gets freed. */ 1128 extrainfo->cache_info.signing_key_cert = cert; 1129 1130 if (cert->cert_type != CERT_TYPE_ID_SIGNING || 1131 ! cert->signing_key_included) { 1132 log_warn(LD_DIR, "Invalid form for ed25519 cert"); 1133 goto err; 1134 } 1135 1136 if (router_get_hash_impl_helper(s, end-s, "extra-info ", 1137 "\nrouter-sig-ed25519", 1138 ' ', LOG_WARN, 1139 &signed_start, &signed_end) < 0) { 1140 log_warn(LD_DIR, "Can't find ed25519-signed portion of extrainfo"); 1141 goto err; 1142 } 1143 crypto_digest_t *d = crypto_digest256_new(DIGEST_SHA256); 1144 crypto_digest_add_bytes(d, ED_DESC_SIGNATURE_PREFIX, 1145 strlen(ED_DESC_SIGNATURE_PREFIX)); 1146 crypto_digest_add_bytes(d, signed_start, signed_end-signed_start); 1147 crypto_digest_get_digest(d, (char*)d256, sizeof(d256)); 1148 crypto_digest_free(d); 1149 1150 ed25519_checkable_t check[2]; 1151 int check_ok[2]; 1152 if (tor_cert_get_checkable_sig(&check[0], cert, NULL, NULL) < 0) { 1153 log_err(LD_BUG, "Couldn't create 'checkable' for cert."); 1154 goto err; 1155 } 1156 1157 if (ed25519_signature_from_base64(&check[1].signature, 1158 ed_sig_tok->args[0])<0) { 1159 log_warn(LD_DIR, "Couldn't decode ed25519 signature"); 1160 goto err; 1161 } 1162 check[1].pubkey = &cert->signed_key; 1163 check[1].msg = d256; 1164 check[1].len = DIGEST256_LEN; 1165 1166 if (ed25519_checksig_batch(check_ok, check, 2) < 0) { 1167 log_warn(LD_DIR, "Incorrect ed25519 signature(s)"); 1168 goto err; 1169 } 1170 /* We don't check the certificate expiration time: checking that it 1171 * matches the cert in the router descriptor is adequate. */ 1172 } 1173 } 1174 1175 /* We've checked everything that's covered by the hash. */ 1176 can_dl_again = 1; 1177 1178 if (routermap && 1179 (router = digestmap_get((digestmap_t*)routermap, 1180 extrainfo->cache_info.identity_digest))) { 1181 key = router->identity_pkey; 1182 } 1183 1184 tok = find_by_keyword(tokens, K_ROUTER_SIGNATURE); 1185 if (strcmp(tok->object_type, "SIGNATURE") || 1186 tok->object_size < 128 || tok->object_size > 512) { 1187 log_warn(LD_DIR, "Bad object type or length on extra-info signature"); 1188 goto err; 1189 } 1190 1191 if (key) { 1192 if (check_signature_token(digest, DIGEST_LEN, tok, key, 0, 1193 "extra-info") < 0) 1194 goto err; 1195 1196 if (router) 1197 extrainfo->cache_info.send_unencrypted = 1198 router->cache_info.send_unencrypted; 1199 } else { 1200 extrainfo->pending_sig = tor_memdup(tok->object_body, 1201 tok->object_size); 1202 extrainfo->pending_sig_len = tok->object_size; 1203 } 1204 1205 goto done; 1206 err: 1207 dump_desc(s_dup, "extra-info descriptor"); 1208 extrainfo_free(extrainfo); 1209 extrainfo = NULL; 1210 done: 1211 if (tokens) { 1212 SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); 1213 smartlist_free(tokens); 1214 } 1215 if (area) { 1216 DUMP_AREA(area, "extrainfo"); 1217 memarea_drop_all(area); 1218 } 1219 if (can_dl_again_out) 1220 *can_dl_again_out = can_dl_again; 1221 return extrainfo; 1222 } 1223 1224 /** Add an exit policy stored in the token <b>tok</b> to the router info in 1225 * <b>router</b>. Return 0 on success, -1 on failure. */ 1226 static int 1227 router_add_exit_policy(routerinfo_t *router, directory_token_t *tok) 1228 { 1229 addr_policy_t *newe; 1230 /* Use the standard interpretation of accept/reject *, an IPv4 wildcard. */ 1231 newe = router_parse_addr_policy(tok, 0); 1232 if (!newe) 1233 return -1; 1234 if (! router->exit_policy) 1235 router->exit_policy = smartlist_new(); 1236 1237 /* Ensure that in descriptors, accept/reject fields are followed by 1238 * IPv4 addresses, and accept6/reject6 fields are followed by 1239 * IPv6 addresses. Unlike torrcs, descriptor exit policies do not permit 1240 * accept/reject followed by IPv6. */ 1241 if (((tok->tp == K_ACCEPT6 || tok->tp == K_REJECT6) && 1242 tor_addr_family(&newe->addr) == AF_INET) 1243 || 1244 ((tok->tp == K_ACCEPT || tok->tp == K_REJECT) && 1245 tor_addr_family(&newe->addr) == AF_INET6)) { 1246 /* There's nothing the user can do about other relays' descriptors, 1247 * so we don't provide usage advice here. */ 1248 log_warn(LD_DIR, "Mismatch between field type and address type in exit " 1249 "policy '%s'. Discarding entire router descriptor.", 1250 tok->n_args == 1 ? tok->args[0] : ""); 1251 addr_policy_free(newe); 1252 return -1; 1253 } 1254 1255 smartlist_add(router->exit_policy, newe); 1256 1257 return 0; 1258 } 1259 1260 /** Return a newly allocated smartlist of all accept or reject tokens in 1261 * <b>s</b>. 1262 */ 1263 static smartlist_t * 1264 find_all_exitpolicy(smartlist_t *s) 1265 { 1266 smartlist_t *out = smartlist_new(); 1267 SMARTLIST_FOREACH(s, directory_token_t *, t, 1268 if (t->tp == K_ACCEPT || t->tp == K_ACCEPT6 || 1269 t->tp == K_REJECT || t->tp == K_REJECT6) 1270 smartlist_add(out,t)); 1271 return out; 1272 } 1273 1274 /** 1275 * Parse and validate a single `FAMILY_CERT` token's object. 1276 * 1277 * Arguments are as for `check_family_certs()`. 1278 */ 1279 STATIC int 1280 check_one_family_cert(const uint8_t *cert_body, 1281 size_t cert_body_size, 1282 const ed25519_public_key_t *identity_key, 1283 char **family_id_out, 1284 time_t *family_expiration_out) 1285 { 1286 tor_cert_t *cert = NULL; 1287 int r = -1; 1288 1289 cert = tor_cert_parse(cert_body, cert_body_size); 1290 1291 if (! cert) 1292 goto done; 1293 if (cert->cert_type != CERT_TYPE_FAMILY_V_IDENTITY) { 1294 log_warn(LD_DIR, "Wrong cert type in family certificate."); 1295 goto done; 1296 } 1297 if (! cert->signing_key_included) { 1298 log_warn(LD_DIR, "Missing family key in family certificate."); 1299 goto done; 1300 } 1301 if (! ed25519_pubkey_eq(&cert->signed_key, identity_key)) { 1302 log_warn(LD_DIR, "Key mismatch in family certificate."); 1303 goto done; 1304 } 1305 1306 time_t valid_until = cert->valid_until; 1307 1308 /* We're using NULL for the key, since the cert has the signing key included. 1309 * We're using 0 for "now", since we're going to extract the expiration 1310 * separately. 1311 */ 1312 if (tor_cert_checksig(cert, NULL, 0) < 0) { 1313 log_warn(LD_DIR, "Invalid signature in family certificate"); 1314 goto done; 1315 } 1316 1317 /* At this point we know that the cert is valid. 1318 * We extract the expiration time and the signing key. */ 1319 *family_expiration_out = valid_until; 1320 1321 char buf[ED25519_BASE64_LEN+1]; 1322 ed25519_public_to_base64(buf, &cert->signing_key); 1323 tor_asprintf(family_id_out, "ed25519:%s", buf); 1324 1325 r = 0; 1326 done: 1327 tor_cert_free(cert); 1328 return r; 1329 } 1330 1331 /** 1332 * Given a list of `FAMILY_CERT` tokens, and a relay's ed25519 `identity_key`, 1333 * validate the family certificates in all the tokens, and convert them into 1334 * family IDs in a newly allocated `family_ids_out` list. 1335 * Set `family_expiration_out` to the earliest time at which any certificate 1336 * in the list expires. 1337 * Return 0 on success, and -1 on failure. 1338 */ 1339 static int 1340 check_family_certs(const smartlist_t *family_cert_tokens, 1341 const ed25519_public_key_t *identity_key, 1342 smartlist_t **family_ids_out, 1343 time_t *family_expiration_out) 1344 { 1345 if (BUG(!identity_key) || 1346 BUG(!family_ids_out) || 1347 BUG(!family_expiration_out)) 1348 return -1; 1349 1350 *family_expiration_out = TIME_MAX; 1351 1352 if (family_cert_tokens == NULL || smartlist_len(family_cert_tokens) == 0) { 1353 *family_ids_out = NULL; 1354 return 0; 1355 } 1356 1357 *family_ids_out = smartlist_new(); 1358 SMARTLIST_FOREACH_BEGIN(family_cert_tokens, directory_token_t *, tok) { 1359 if (BUG(tok->object_body == NULL)) 1360 goto err; 1361 1362 char *this_id = NULL; 1363 time_t this_expiration = TIME_MAX; 1364 if (check_one_family_cert((const uint8_t*)tok->object_body, 1365 tok->object_size, 1366 identity_key, 1367 &this_id, &this_expiration) < 0) 1368 goto err; 1369 smartlist_add(*family_ids_out, this_id); 1370 *family_expiration_out = MIN(*family_expiration_out, this_expiration); 1371 } SMARTLIST_FOREACH_END(tok); 1372 1373 smartlist_sort_strings(*family_ids_out); 1374 smartlist_uniq_strings(*family_ids_out); 1375 1376 return 0; 1377 err: 1378 SMARTLIST_FOREACH(*family_ids_out, char *, cp, tor_free(cp)); 1379 smartlist_free(*family_ids_out); 1380 return -1; 1381 } 1382 1383 /** Called on startup; right now we just handle scanning the unparseable 1384 * descriptor dumps, but hang anything else we might need to do in the 1385 * future here as well. 1386 */ 1387 void 1388 routerparse_init(void) 1389 { 1390 /* 1391 * Check both if the sandbox is active and whether it's configured; no 1392 * point in loading all that if we won't be able to use it after the 1393 * sandbox becomes active. 1394 */ 1395 if (!(sandbox_is_active() || get_options()->Sandbox)) { 1396 dump_desc_init(); 1397 } 1398 } 1399 1400 /** Clean up all data structures used by routerparse.c at exit */ 1401 void 1402 routerparse_free_all(void) 1403 { 1404 dump_desc_fifo_cleanup(); 1405 }