tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE

rendcommon.c (4168B)

      1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
      2 * Copyright (c) 2007-2021, The Tor Project, Inc. */
      3 /* See LICENSE for licensing information */
      4 
      5 /**
      6 * \file rendcommon.c
      7 * \brief Rendezvous implementation: shared code between
      8 * introducers, services, clients, and rendezvous points.
      9 **/
     10 
     11 #define RENDCOMMON_PRIVATE
     12 
     13 #include "core/or/or.h"
     14 
     15 #include "app/config/config.h"
     16 
     17 #include "core/or/circuitlist.h"
     18 #include "core/or/circuituse.h"
     19 
     20 #include "feature/hs/hs_client.h"
     21 #include "feature/hs/hs_common.h"
     22 #include "feature/hs/hs_intropoint.h"
     23 #include "feature/rend/rendcommon.h"
     24 #include "feature/rend/rendmid.h"
     25 
     26 #include "core/or/circuit_st.h"
     27 #include "core/or/cpath_build_state_st.h"
     28 #include "core/or/crypt_path_st.h"
     29 #include "core/or/origin_circuit_st.h"
     30 
     31 /** Called when we get a rendezvous-related relay cell on circuit
     32 * <b>circ</b>.  Dispatch on rendezvous relay command. */
     33 void
     34 rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
     35                        int command, size_t length,
     36                        const uint8_t *payload)
     37 {
     38  or_circuit_t *or_circ = NULL;
     39  origin_circuit_t *origin_circ = NULL;
     40  int r = -2;
     41  if (CIRCUIT_IS_ORIGIN(circ)) {
     42    origin_circ = TO_ORIGIN_CIRCUIT(circ);
     43 
     44    /* Opened onion service circuit receiving cell MUST have an hs_ident as it
     45     * is the underlying assumption else we can't process the cell. If this is
     46     * the case, we can't recover so close the circuit. */
     47    if (BUG(!origin_circ->hs_ident)) {
     48      circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
     49      origin_circ = NULL;
     50    } else if (!layer_hint || layer_hint != origin_circ->cpath->prev) {
     51      log_fn(LOG_PROTOCOL_WARN, LD_APP,
     52             "Relay cell (rend purpose %d) from wrong hop on origin circ",
     53             command);
     54      origin_circ = NULL;
     55    }
     56  } else {
     57    or_circ = TO_OR_CIRCUIT(circ);
     58  }
     59 
     60  switch (command) {
     61    case RELAY_COMMAND_ESTABLISH_INTRO:
     62      if (or_circ)
     63        r = hs_intro_received_establish_intro(or_circ, payload, length);
     64      break;
     65    case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
     66      if (or_circ)
     67        r = rend_mid_establish_rendezvous(or_circ, payload, length);
     68      break;
     69    case RELAY_COMMAND_INTRODUCE1:
     70      if (or_circ)
     71        r = hs_intro_received_introduce1(or_circ, payload, length);
     72      break;
     73    case RELAY_COMMAND_INTRODUCE2:
     74      if (origin_circ)
     75        r = hs_service_receive_introduce2(origin_circ, payload, length);
     76      break;
     77    case RELAY_COMMAND_INTRODUCE_ACK:
     78      if (origin_circ)
     79        r = hs_client_receive_introduce_ack(origin_circ, payload, length);
     80      break;
     81    case RELAY_COMMAND_RENDEZVOUS1:
     82      if (or_circ)
     83        r = rend_mid_rendezvous(or_circ, payload, length);
     84      break;
     85    case RELAY_COMMAND_RENDEZVOUS2:
     86      if (origin_circ)
     87        r = hs_client_receive_rendezvous2(origin_circ, payload, length);
     88      break;
     89    case RELAY_COMMAND_INTRO_ESTABLISHED:
     90      if (origin_circ)
     91        r = hs_service_receive_intro_established(origin_circ, payload, length);
     92      break;
     93    case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
     94      if (origin_circ)
     95        r = hs_client_receive_rendezvous_acked(origin_circ, payload, length);
     96      break;
     97    default:
     98      tor_fragile_assert();
     99  }
    100 
    101  if (r == 0 && origin_circ) {
    102    /* This was a valid cell. Count it as delivered + overhead. */
    103    circuit_read_valid_data(origin_circ, length);
    104  }
    105 
    106  if (r == -2)
    107    log_info(LD_PROTOCOL, "Dropping cell (type %d) for wrong circuit type.",
    108             command);
    109 }
    110 
    111 /* Make sure that tor only builds one-hop circuits when they would not
    112 * compromise user anonymity.
    113 *
    114 * One-hop circuits are permitted in Single Onion modes.
    115 *
    116 * Single Onion modes are also allowed to make multi-hop circuits.
    117 * For example, single onion HSDir circuits are 3-hop to prevent denial of
    118 * service.
    119 */
    120 void
    121 assert_circ_anonymity_ok(const origin_circuit_t *circ,
    122                         const or_options_t *options)
    123 {
    124  tor_assert(options);
    125  tor_assert(circ);
    126  tor_assert(circ->build_state);
    127 
    128  if (circ->build_state->onehop_tunnel) {
    129    tor_assert(hs_service_allow_non_anonymous_connection(options));
    130  }
    131 }