From 8e2854372d777d6be63d1bf766ca6db9100490de Mon Sep 17 00:00:00 2001 From: David Goulet Date: Thu, 29 Jun 2017 13:29:23 -0400 Subject: [PATCH] prop224: Helper function to assert on invalid client intro circuit Put all the possible assert() we can do on a client introduction circuit in one helper function to make sure it is valid and usable. It is disabled for now so gcc doesn't complain that we have a unused function. Signed-off-by: David Goulet --- src/or/hs_client.c | 14 ++++++++++++++ src/or/hs_common.c | 1 + src/or/hs_ident.c | 22 ++++++++++++++++++++++ src/or/hs_ident.h | 3 +++ src/or/rendcommon.c | 2 +- src/or/rendcommon.h | 2 +- 6 files changed, 42 insertions(+), 2 deletions(-) diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 8cf98a6b90..514ecf99ba 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -140,6 +140,20 @@ fetch_v3_desc(const ed25519_public_key_t *onion_identity_pk) return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs); } +#if 0 +/* Make sure that the given origin circuit circ is a valid correct + * introduction circuit. This asserts on validation failure. */ +static void +assert_intro_circ(const origin_circuit_t *circ) +{ + tor_assert(circ); + tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_C_INTRODUCING); + tor_assert(circ->hs_ident); + tor_assert(hs_ident_intro_circ_is_valid(circ->hs_ident)); + assert_circ_anonymity_ok(circ, get_options()); +} +#endif + /** A circuit just finished connecting to a hidden service that the stream * conn has been waiting for. Let the HS subsystem know about this. */ void diff --git a/src/or/hs_common.c b/src/or/hs_common.c index bc44265d53..e0c7dca4bc 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -18,6 +18,7 @@ #include "nodelist.h" #include "hs_cache.h" #include "hs_common.h" +#include "hs_ident.h" #include "hs_service.h" #include "rendcommon.h" #include "rendservice.h" diff --git a/src/or/hs_ident.c b/src/or/hs_ident.c index e69350d82e..df39285158 100644 --- a/src/or/hs_ident.c +++ b/src/or/hs_ident.c @@ -86,3 +86,25 @@ hs_ident_edge_conn_free(hs_ident_edge_conn_t *ident) tor_free(ident); } +/* Return true if the given ident is valid for an introduction circuit. */ +int +hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident) +{ + if (ident == NULL) { + goto invalid; + } + + if (ed25519_public_key_is_zero(&ident->identity_pk)) { + goto invalid; + } + + if (ed25519_public_key_is_zero(&ident->intro_auth_pk)) { + goto invalid; + } + + /* Valid. */ + return 1; + invalid: + return 0; +} + diff --git a/src/or/hs_ident.h b/src/or/hs_ident.h index e259fde54d..cfcde781d1 100644 --- a/src/or/hs_ident.h +++ b/src/or/hs_ident.h @@ -126,5 +126,8 @@ hs_ident_edge_conn_t *hs_ident_edge_conn_new( const ed25519_public_key_t *identity_pk); void hs_ident_edge_conn_free(hs_ident_edge_conn_t *ident); +/* Validators */ +int hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident); + #endif /* TOR_HS_IDENT_H */ diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 8829ede960..a6b59881ad 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -990,7 +990,7 @@ rend_non_anonymous_mode_enabled(const or_options_t *options) * service. */ void -assert_circ_anonymity_ok(origin_circuit_t *circ, +assert_circ_anonymity_ok(const origin_circuit_t *circ, const or_options_t *options) { tor_assert(options); diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h index f03a57f2e1..af8dd60099 100644 --- a/src/or/rendcommon.h +++ b/src/or/rendcommon.h @@ -60,7 +60,7 @@ int rend_auth_decode_cookie(const char *cookie_in, int rend_allow_non_anonymous_connection(const or_options_t* options); int rend_non_anonymous_mode_enabled(const or_options_t *options); -void assert_circ_anonymity_ok(origin_circuit_t *circ, +void assert_circ_anonymity_ok(const origin_circuit_t *circ, const or_options_t *options); #ifdef RENDCOMMON_PRIVATE