mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
r16414@catbus: nickm | 2007-11-05 13:14:46 -0500
Function to process link auth cells; stub function for cert cell processing svn:r12385
This commit is contained in:
parent
12afd4777c
commit
44eab517fc
7
doc/TODO
7
doc/TODO
@ -37,14 +37,15 @@ Things we'd like to do in 0.2.0.x:
|
||||
- functions to parse x509 certs
|
||||
- functions to validate a single x509 cert against a TLS connection
|
||||
- functions to validate a chain of x509 certs, and extract a PK.
|
||||
o function to encode x509 certs
|
||||
- Parse CERT cells
|
||||
- Generate CERT cells
|
||||
o Keep copies of X509 certs around, not necessarily associated with
|
||||
connection.
|
||||
- LINK_AUTH cells
|
||||
- Code to generate
|
||||
. Code to generate
|
||||
o Remember certificate digests from TLS
|
||||
- Code to parse and check
|
||||
o Code to parse and check
|
||||
- Unit tests
|
||||
- Revised handshake: TLS
|
||||
- Server checks for new cipher types, and if it finds them, sends
|
||||
@ -53,7 +54,7 @@ Things we'd like to do in 0.2.0.x:
|
||||
- Client sends new cipher list.
|
||||
- Client sends correct extension list.
|
||||
- Revised handshake: post-TLS.
|
||||
- If in 'handshaking' state (since v2+ conn is in use), accept
|
||||
o If in 'handshaking' state (since v2+ conn is in use), accept
|
||||
VERSIONS and NETINFO and CERT and LINK_AUTH.
|
||||
- After we send NETINFO, send CERT and LINK_AUTH if needed.
|
||||
- Once we get a good LINK_AUTH, the connection is OPEN.
|
||||
|
104
src/or/command.c
104
src/or/command.c
@ -27,6 +27,8 @@ uint64_t stats_n_relay_cells_processed = 0;
|
||||
uint64_t stats_n_destroy_cells_processed = 0;
|
||||
uint64_t stats_n_versions_cells_processed = 0;
|
||||
uint64_t stats_n_netinfo_cells_processed = 0;
|
||||
uint64_t stats_n_cert_cells_processed = 0;
|
||||
uint64_t stats_n_link_auth_cells_processed = 0;
|
||||
|
||||
/* These are the main functions for processing cells */
|
||||
static void command_process_create_cell(cell_t *cell, or_connection_t *conn);
|
||||
@ -35,6 +37,8 @@ static void command_process_relay_cell(cell_t *cell, or_connection_t *conn);
|
||||
static void command_process_destroy_cell(cell_t *cell, or_connection_t *conn);
|
||||
static void command_process_versions_cell(cell_t *cell, or_connection_t *conn);
|
||||
static void command_process_netinfo_cell(cell_t *cell, or_connection_t *conn);
|
||||
static void command_process_cert_cell(cell_t *cell, or_connection_t *conn);
|
||||
static void command_process_link_auth_cell(cell_t *cell,or_connection_t *conn);
|
||||
|
||||
#ifdef KEEP_TIMING_STATS
|
||||
/** This is a wrapper function around the actual function that processes the
|
||||
@ -113,6 +117,8 @@ command_process_cell(cell_t *cell, or_connection_t *conn)
|
||||
#define PROCESS_CELL(tp, cl, cn) command_process_ ## tp ## _cell(cl, cn)
|
||||
#endif
|
||||
|
||||
/*XXXX020 reject all but VERSIONS, NETINFO, CERT, LINK_AUTH when
|
||||
* handshaking. */
|
||||
switch (cell->command) {
|
||||
case CELL_PADDING:
|
||||
++stats_n_padding_cells_processed;
|
||||
@ -144,6 +150,14 @@ command_process_cell(cell_t *cell, or_connection_t *conn)
|
||||
++stats_n_netinfo_cells_processed;
|
||||
PROCESS_CELL(netinfo, cell, conn);
|
||||
break;
|
||||
case CELL_CERT:
|
||||
++stats_n_cert_cells_processed;
|
||||
PROCESS_CELL(cert, cell, conn);
|
||||
break;
|
||||
case CELL_LINK_AUTH:
|
||||
++stats_n_link_auth_cells_processed;
|
||||
PROCESS_CELL(link_auth, cell, conn);
|
||||
break;
|
||||
default:
|
||||
log_fn(LOG_INFO, LD_PROTOCOL,
|
||||
"Cell of unknown type (%d) received. Dropping.", cell->command);
|
||||
@ -500,6 +514,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
||||
conn->handshake_state->received_netinfo = 1;
|
||||
}
|
||||
|
||||
/*XXXX020 move to connection_or.c */
|
||||
/** DOCDOC Called when we're done authenticating; act on stuff we
|
||||
* learned in netinfo. */
|
||||
void
|
||||
@ -536,3 +551,92 @@ connection_or_act_on_netinfo(or_connection_t *conn)
|
||||
conn->is_canonical = 1;
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
command_process_cert_cell(cell_t *cell, or_connection_t *conn)
|
||||
{
|
||||
(void) cell;
|
||||
(void) conn;
|
||||
|
||||
/* Parse certs. */
|
||||
/* Verify that identity cert has signed peer cert in SSL, or
|
||||
* peer cert in the cell. */
|
||||
/* Verify that identity cert is self-signed. */
|
||||
/* Learn ID digest. */
|
||||
/* Learn cert digests. */
|
||||
/* Remember peer cert public key. */
|
||||
/* set received_certs. */
|
||||
}
|
||||
|
||||
#define LINK_AUTH_STRING "Tor initiator certificate verification"
|
||||
|
||||
/** DOCDOC */
|
||||
static void
|
||||
command_process_link_auth_cell(cell_t *cell, or_connection_t *conn)
|
||||
{
|
||||
or_handshake_state_t *s;
|
||||
char hmac[DIGEST_LEN];
|
||||
size_t sig_len;
|
||||
const char *sig;
|
||||
char *checked = NULL;
|
||||
int checked_len;
|
||||
tor_assert(conn);
|
||||
if (conn->_base.state != OR_CONN_STATE_OR_HANDSHAKING) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR,
|
||||
"Received a LINK_AUTH cell on connection in the wrong state; "
|
||||
"dropping.");
|
||||
return;
|
||||
}
|
||||
s = conn->handshake_state;
|
||||
tor_assert(s);
|
||||
if (s->started_here) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR,
|
||||
"Got a LINK_AUTH cell from a server; closing the connection.");
|
||||
goto err;
|
||||
}
|
||||
if (!s->received_netinfo || !s->received_versions || !s->received_certs) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Got a LINK_AUTH cell too early; "
|
||||
"closing the connection");
|
||||
goto err;
|
||||
}
|
||||
if (cell->payload[0] != 0x00) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Unrecognized LINK_AUTH signature "
|
||||
"version; closing the connection");
|
||||
goto err;
|
||||
}
|
||||
connection_or_compute_link_auth_hmac(conn, hmac);
|
||||
|
||||
tor_assert(s->signing_key);
|
||||
|
||||
/*XXXX020 these two are wrong; fix when protocol is revised. */
|
||||
sig = cell->payload+1;
|
||||
sig_len = 128;
|
||||
checked = tor_malloc(crypto_pk_keysize(s->signing_key));
|
||||
checked_len = crypto_pk_public_checksig(s->signing_key,checked,sig,sig_len);
|
||||
if (checked_len < 0) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Bad signature on LINK_AUTH cell; "
|
||||
"closing the connection");
|
||||
goto err;
|
||||
}
|
||||
if (checked_len != DIGEST_LEN) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Bad length (%d) of signed material in "
|
||||
"LINK_AUTH cell; closing the connection", checked_len);
|
||||
goto err;
|
||||
}
|
||||
if (memcmp(checked, hmac, DIGEST_LEN) != 0) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Bad signed data in LINK_AUTH cell; "
|
||||
"closing the connection.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* Okay, we're authenticated. */
|
||||
s->authenticated = 1;
|
||||
|
||||
/* XXXX020 act on being authenticated: */
|
||||
|
||||
return;
|
||||
err:
|
||||
tor_free(checked);
|
||||
connection_mark_for_close(TO_CONN(conn));
|
||||
}
|
||||
|
||||
|
@ -947,3 +947,37 @@ connection_or_send_netinfo(or_connection_t *conn)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#define LINK_AUTH_STRING "Tor initiator certificate verification"
|
||||
/** DOCDOC */
|
||||
int
|
||||
connection_or_compute_link_auth_hmac(or_connection_t *conn,
|
||||
char *hmac_out)
|
||||
{
|
||||
char buf[64 + 2*TOR_TLS_RANDOM_LEN + 2*DIGEST_LEN];
|
||||
char *cp;
|
||||
or_handshake_state_t *s;
|
||||
tor_assert(conn);
|
||||
tor_assert(conn->handshake_state);
|
||||
tor_assert(conn->tls);
|
||||
s = conn->handshake_state;
|
||||
|
||||
/* Fill the buffer. */
|
||||
strlcpy(buf, LINK_AUTH_STRING, sizeof(buf));
|
||||
cp = buf+strlen(buf);
|
||||
++cp; /* Skip the NUL */
|
||||
memcpy(cp, s->client_random, TOR_TLS_RANDOM_LEN);
|
||||
cp += TOR_TLS_RANDOM_LEN;
|
||||
memcpy(cp, s->server_random, TOR_TLS_RANDOM_LEN);
|
||||
cp += TOR_TLS_RANDOM_LEN;
|
||||
memcpy(cp, s->client_cert_digest, DIGEST_LEN);
|
||||
cp += DIGEST_LEN;
|
||||
memcpy(cp, s->server_cert_digest, DIGEST_LEN);
|
||||
cp += DIGEST_LEN;
|
||||
tor_assert(cp < buf+sizeof(buf));
|
||||
|
||||
if (tor_tls_hmac_with_master_secret(conn->tls, hmac_out, buf, cp-buf) < 0)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
@ -657,6 +657,8 @@ typedef enum {
|
||||
#define CELL_CREATED_FAST 6
|
||||
#define CELL_VERSIONS 7
|
||||
#define CELL_NETINFO 8
|
||||
#define CELL_CERT 9
|
||||
#define CELL_LINK_AUTH 10
|
||||
|
||||
/** How long to test reachability before complaining to the user. */
|
||||
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
|
||||
@ -2778,6 +2780,10 @@ void connection_or_write_cell_to_buf(const cell_t *cell,
|
||||
int connection_or_send_destroy(uint16_t circ_id, or_connection_t *conn,
|
||||
int reason);
|
||||
int connection_or_send_netinfo(or_connection_t *conn);
|
||||
int connection_or_send_certs(or_connection_t *conn);
|
||||
int connection_or_send_link_auth(or_connection_t *conn);
|
||||
int connection_or_compute_link_auth_hmac(or_connection_t *conn,
|
||||
char *hmac_out);
|
||||
|
||||
void cell_pack(packed_cell_t *dest, const cell_t *src);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user