mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
phase out non-tls handshake, now that tls is stable.
svn:r470
This commit is contained in:
parent
6f46316c31
commit
a66669859e
@ -33,22 +33,9 @@ char *conn_state_to_string[][15] = {
|
||||
"close", /* 2 */
|
||||
"close_wait" }, /* 3 */
|
||||
{ "ready" }, /* or listener, 0 */
|
||||
#ifdef USE_TLS
|
||||
{ "connect()ing", /* 0 */
|
||||
"handshaking", /* 1 */
|
||||
"open" }, /* 2 */
|
||||
#else
|
||||
{ "connecting (as OP)", /* or, 0 */
|
||||
"sending keys (as OP)", /* 1 */
|
||||
"connecting (as client)", /* 2 */
|
||||
"sending auth (as client)", /* 3 */
|
||||
"waiting for auth (as client)", /* 4 */
|
||||
"sending nonce (as client)", /* 5 */
|
||||
"waiting for auth (as server)", /* 6 */
|
||||
"sending auth (as server)", /* 7 */
|
||||
"waiting for nonce (as server)",/* 8 */
|
||||
"open" }, /* 9 */
|
||||
#endif
|
||||
{ "waiting for dest info", /* exit, 0 */
|
||||
"connecting", /* 1 */
|
||||
"open" }, /* 2 */
|
||||
@ -75,10 +62,8 @@ char *conn_state_to_string[][15] = {
|
||||
/********* END VARIABLES ************/
|
||||
|
||||
static int connection_init_accepted_conn(connection_t *conn);
|
||||
#ifdef USE_TLS
|
||||
static int connection_tls_continue_handshake(connection_t *conn);
|
||||
static int connection_tls_finish_handshake(connection_t *conn);
|
||||
#endif
|
||||
|
||||
/**************************************************************/
|
||||
|
||||
@ -103,21 +88,6 @@ connection_t *connection_new(int type) {
|
||||
conn->timestamp_lastread = now.tv_sec;
|
||||
conn->timestamp_lastwritten = now.tv_sec;
|
||||
|
||||
#ifndef USE_TLS
|
||||
if (connection_speaks_cells(conn)) {
|
||||
conn->f_crypto = crypto_new_cipher_env(CONNECTION_CIPHER);
|
||||
if (!conn->f_crypto) {
|
||||
free((void *)conn);
|
||||
return NULL;
|
||||
}
|
||||
conn->b_crypto = crypto_new_cipher_env(CONNECTION_CIPHER);
|
||||
if (!conn->b_crypto) {
|
||||
crypto_free_cipher_env(conn->f_crypto);
|
||||
free((void *)conn);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
return conn;
|
||||
}
|
||||
|
||||
@ -133,15 +103,8 @@ void connection_free(connection_t *conn) {
|
||||
|
||||
if(connection_speaks_cells(conn)) {
|
||||
directory_set_dirty();
|
||||
#ifdef USE_TLS
|
||||
if (conn->tls)
|
||||
tor_tls_free(conn->tls);
|
||||
#else
|
||||
if (conn->f_crypto)
|
||||
crypto_free_cipher_env(conn->f_crypto);
|
||||
if (conn->b_crypto)
|
||||
crypto_free_cipher_env(conn->b_crypto);
|
||||
#endif
|
||||
}
|
||||
|
||||
if (conn->pkey)
|
||||
@ -260,12 +223,8 @@ static int connection_init_accepted_conn(connection_t *conn) {
|
||||
|
||||
switch(conn->type) {
|
||||
case CONN_TYPE_OR:
|
||||
#ifdef USE_TLS
|
||||
if(connection_tls_start_handshake(conn, 1) < 0)
|
||||
return -1;
|
||||
#else
|
||||
conn->state = OR_CONN_STATE_SERVER_AUTH_WAIT;
|
||||
#endif
|
||||
break;
|
||||
case CONN_TYPE_AP:
|
||||
conn->state = AP_CONN_STATE_SOCKS_WAIT;
|
||||
@ -277,7 +236,6 @@ static int connection_init_accepted_conn(connection_t *conn) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifdef USE_TLS
|
||||
int connection_tls_start_handshake(connection_t *conn, int receiving) {
|
||||
conn->state = OR_CONN_STATE_HANDSHAKING;
|
||||
conn->tls = tor_tls_new(conn->s, receiving);
|
||||
@ -383,7 +341,6 @@ static int connection_tls_finish_handshake(connection_t *conn) {
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* take conn, make a nonblocking socket; try to connect to
|
||||
* addr:port (they arrive in *host order*). If fail, return -1. Else
|
||||
@ -525,7 +482,6 @@ int connection_read_to_buf(connection_t *conn) {
|
||||
if(conn->receiver_bucket >= 0 && at_most > conn->receiver_bucket)
|
||||
at_most = conn->receiver_bucket;
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(connection_speaks_cells(conn) && conn->state != OR_CONN_STATE_CONNECTING) {
|
||||
if(conn->state == OR_CONN_STATE_HANDSHAKING)
|
||||
return connection_tls_continue_handshake(conn);
|
||||
@ -546,9 +502,7 @@ int connection_read_to_buf(connection_t *conn) {
|
||||
case TOR_TLS_DONE: /* no data read, so nothing to process */
|
||||
return 0;
|
||||
}
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
} else {
|
||||
result = read_to_buf(conn->s, at_most, &conn->inbuf, &conn->inbuflen,
|
||||
&conn->inbuf_datalen, &conn->inbuf_reached_eof);
|
||||
// log(LOG_DEBUG,"connection_read_to_buf(): read_to_buf returned %d.",read_result);
|
||||
@ -601,7 +555,6 @@ int connection_handle_write(connection_t *conn) {
|
||||
my_gettimeofday(&now);
|
||||
conn->timestamp_lastwritten = now.tv_sec;
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(connection_speaks_cells(conn) && conn->state != OR_CONN_STATE_CONNECTING) {
|
||||
if(conn->state == OR_CONN_STATE_HANDSHAKING) {
|
||||
connection_stop_writing(conn);
|
||||
@ -634,9 +587,7 @@ int connection_handle_write(connection_t *conn) {
|
||||
* is empty, so we can stop writing.
|
||||
*/
|
||||
}
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
} else {
|
||||
if(flush_buf(conn->s, &conn->outbuf, &conn->outbuflen,
|
||||
&conn->outbuf_flushlen, &conn->outbuf_datalen) < 0)
|
||||
return -1;
|
||||
@ -802,10 +753,8 @@ void assert_connection_ok(connection_t *conn, time_t now)
|
||||
assert(conn->addr && conn->port);
|
||||
assert(conn->address);
|
||||
assert(conn->pkey);
|
||||
#ifdef USE_TLS
|
||||
if (conn->state != OR_CONN_STATE_CONNECTING)
|
||||
assert(conn->tls);
|
||||
#endif
|
||||
}
|
||||
|
||||
if (conn->type != CONN_TYPE_EXIT && conn->type != CONN_TYPE_AP) {
|
||||
|
@ -6,20 +6,6 @@
|
||||
|
||||
extern or_options_t options; /* command-line and config-file options */
|
||||
|
||||
#ifndef USE_TLS
|
||||
static int or_handshake_op_send_keys(connection_t *conn);
|
||||
static int or_handshake_op_finished_sending_keys(connection_t *conn);
|
||||
|
||||
static int or_handshake_client_process_auth(connection_t *conn);
|
||||
static int or_handshake_client_send_auth(connection_t *conn);
|
||||
|
||||
static int or_handshake_server_process_auth(connection_t *conn);
|
||||
static int or_handshake_server_process_nonce(connection_t *conn);
|
||||
|
||||
static void conn_or_init_crypto(connection_t *conn);
|
||||
static void connection_or_set_open(connection_t *conn);
|
||||
#endif
|
||||
|
||||
/**************************************************************/
|
||||
|
||||
static void cell_pack(char *dest, const cell_t *src) {
|
||||
@ -49,27 +35,9 @@ int connection_or_process_inbuf(connection_t *conn) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(conn->state != OR_CONN_STATE_OPEN)
|
||||
return 0; /* don't do anything */
|
||||
return connection_process_cell_from_inbuf(conn);
|
||||
#else
|
||||
// log(LOG_DEBUG,"connection_or_process_inbuf(): state %d.",conn->state);
|
||||
switch(conn->state) {
|
||||
case OR_CONN_STATE_CLIENT_AUTH_WAIT:
|
||||
return or_handshake_client_process_auth(conn);
|
||||
case OR_CONN_STATE_SERVER_AUTH_WAIT:
|
||||
return or_handshake_server_process_auth(conn);
|
||||
case OR_CONN_STATE_SERVER_NONCE_WAIT:
|
||||
return or_handshake_server_process_nonce(conn);
|
||||
case OR_CONN_STATE_OPEN:
|
||||
return connection_process_cell_from_inbuf(conn);
|
||||
default:
|
||||
log_fn(LOG_DEBUG,"called in state where I'm writing. Ignoring buf for now.");
|
||||
}
|
||||
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
int connection_or_finished_flushing(connection_t *conn) {
|
||||
@ -78,13 +46,7 @@ int connection_or_finished_flushing(connection_t *conn) {
|
||||
assert(conn && conn->type == CONN_TYPE_OR);
|
||||
|
||||
switch(conn->state) {
|
||||
#ifndef USE_TLS
|
||||
case OR_CONN_STATE_OP_SENDING_KEYS:
|
||||
return or_handshake_op_finished_sending_keys(conn);
|
||||
case OR_CONN_STATE_CLIENT_CONNECTING:
|
||||
#else
|
||||
case OR_CONN_STATE_CONNECTING:
|
||||
#endif
|
||||
if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (void*)&e, &len) < 0) { /* not yet */
|
||||
if(!ERRNO_CONN_EINPROGRESS(errno)){
|
||||
log_fn(LOG_DEBUG,"in-progress connect failed. Removing.");
|
||||
@ -98,31 +60,8 @@ int connection_or_finished_flushing(connection_t *conn) {
|
||||
log_fn(LOG_DEBUG,"OR connect() to router %s:%u finished.",
|
||||
conn->address,conn->port);
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(connection_tls_start_handshake(conn, 0) < 0)
|
||||
return -1;
|
||||
#else
|
||||
if(options.OnionRouter)
|
||||
return or_handshake_client_send_auth(conn);
|
||||
else
|
||||
return or_handshake_op_send_keys(conn);
|
||||
case OR_CONN_STATE_CLIENT_SENDING_AUTH:
|
||||
log_fn(LOG_DEBUG,"client finished sending auth.");
|
||||
conn->state = OR_CONN_STATE_CLIENT_AUTH_WAIT;
|
||||
connection_watch_events(conn, POLLIN);
|
||||
return 0;
|
||||
case OR_CONN_STATE_CLIENT_SENDING_NONCE:
|
||||
log_fn(LOG_DEBUG,"client finished sending nonce.");
|
||||
conn_or_init_crypto(conn);
|
||||
connection_or_set_open(conn);
|
||||
|
||||
return connection_process_inbuf(conn); /* in case there's anything waiting on it */
|
||||
case OR_CONN_STATE_SERVER_SENDING_AUTH:
|
||||
log_fn(LOG_DEBUG,"server finished sending auth.");
|
||||
conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
||||
connection_watch_events(conn, POLLIN);
|
||||
return 0;
|
||||
#endif
|
||||
case OR_CONN_STATE_OPEN:
|
||||
connection_stop_writing(conn);
|
||||
return 0;
|
||||
@ -178,25 +117,15 @@ connection_t *connection_or_connect(routerinfo_t *router) {
|
||||
connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
|
||||
/* writable indicates finish, readable indicates broken link,
|
||||
error indicates broken link on windows */
|
||||
#ifdef USE_TLS
|
||||
conn->state = OR_CONN_STATE_CONNECTING;
|
||||
#else
|
||||
conn->state = OR_CONN_STATE_CLIENT_CONNECTING;
|
||||
#endif
|
||||
return conn;
|
||||
/* case 1: fall through */
|
||||
}
|
||||
|
||||
connection_set_poll_socket(conn);
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(connection_tls_start_handshake(conn, 0) >= 0)
|
||||
return conn;
|
||||
#else
|
||||
if((options.OnionRouter && or_handshake_client_send_auth(conn) >= 0) ||
|
||||
(!options.OnionRouter && or_handshake_op_send_keys(conn) >= 0))
|
||||
return conn; /* success! */
|
||||
#endif
|
||||
|
||||
/* failure */
|
||||
connection_remove(conn);
|
||||
@ -206,473 +135,12 @@ connection_t *connection_or_connect(routerinfo_t *router) {
|
||||
|
||||
/* ********************************** */
|
||||
|
||||
#ifndef USE_TLS
|
||||
/* Helper functions to implement handshaking */
|
||||
|
||||
#define FLAGS_LEN 2
|
||||
#define KEY_LEN 16
|
||||
#define ADDR_LEN 4
|
||||
#define PORT_LEN 2
|
||||
#define PKEY_LEN 128
|
||||
|
||||
static int
|
||||
or_handshake_op_send_keys(connection_t *conn) {
|
||||
unsigned char message[FLAGS_LEN + KEY_LEN + KEY_LEN];
|
||||
unsigned char cipher[PKEY_LEN];
|
||||
int retval;
|
||||
|
||||
assert(conn && conn->type == CONN_TYPE_OR);
|
||||
|
||||
conn->bandwidth = DEFAULT_BANDWIDTH_OP;
|
||||
|
||||
/* generate random keys */
|
||||
if(crypto_cipher_generate_key(conn->f_crypto) ||
|
||||
crypto_cipher_generate_key(conn->b_crypto)) {
|
||||
log(LOG_ERR,"Cannot generate a secure symmetric key.");
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_op_send_keys() : Generated symmetric keys.");
|
||||
/* compose the message */
|
||||
*(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
|
||||
memcpy((void *)(message+FLAGS_LEN),
|
||||
(void *)crypto_cipher_get_key(conn->f_crypto), 16);
|
||||
memcpy((void *)(message+FLAGS_LEN+KEY_LEN),
|
||||
(void *)crypto_cipher_get_key(conn->b_crypto), 16);
|
||||
|
||||
/* encrypt with RSA */
|
||||
if(crypto_pk_public_encrypt(conn->pkey, message, sizeof(message), cipher, RSA_PKCS1_PADDING) < 0) {
|
||||
log(LOG_ERR,"or_handshake_op_send_keys(): Public key encryption failed.");
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_op_send_keys() : Encrypted authentication message.");
|
||||
|
||||
/* send message */
|
||||
|
||||
if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_op_send_keys(): my outbuf is full. Oops.");
|
||||
return -1;
|
||||
}
|
||||
retval = connection_flush_buf(conn);
|
||||
if(retval < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_op_send_keys(): bad socket while flushing.");
|
||||
return -1;
|
||||
}
|
||||
if(retval > 0) {
|
||||
/* still stuff on the buffer. */
|
||||
conn->state = OR_CONN_STATE_OP_SENDING_KEYS;
|
||||
connection_watch_events(conn, POLLOUT | POLLIN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* it finished sending */
|
||||
log(LOG_DEBUG,"or_handshake_op_send_keys(): Finished sending authentication message.");
|
||||
return or_handshake_op_finished_sending_keys(conn);
|
||||
}
|
||||
|
||||
static int
|
||||
or_handshake_op_finished_sending_keys(connection_t *conn) {
|
||||
|
||||
/* do crypto initialization, etc */
|
||||
conn_or_init_crypto(conn);
|
||||
|
||||
connection_or_set_open(conn);
|
||||
circuit_n_conn_open(conn); /* send the pending onion(s) */
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
or_handshake_client_send_auth(connection_t *conn) {
|
||||
int retval;
|
||||
char buf[FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+
|
||||
PORT_LEN+KEY_LEN+KEY_LEN];
|
||||
char cipher[PKEY_LEN];
|
||||
struct sockaddr_in me; /* my router identity */
|
||||
|
||||
assert(conn);
|
||||
|
||||
if(learn_my_address(&me) < 0)
|
||||
return -1;
|
||||
|
||||
/* generate random keys */
|
||||
if(crypto_cipher_generate_key(conn->f_crypto) ||
|
||||
crypto_cipher_generate_key(conn->b_crypto)) {
|
||||
log(LOG_ERR,"Cannot generate a secure symmetric key.");
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated symmetric keys.");
|
||||
|
||||
/* generate first message */
|
||||
*(uint16_t*)buf = htons(HANDSHAKE_AS_OR);
|
||||
*(uint32_t*)(buf+FLAGS_LEN) = me.sin_addr.s_addr; /* local address, network order */
|
||||
*(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN) = me.sin_port; /* local port, network order */
|
||||
*(uint32_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN) = htonl(conn->addr); /* remote address */
|
||||
*(uint16_t*)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN) = htons(conn->port); /* remote port */
|
||||
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN,
|
||||
crypto_cipher_get_key(conn->f_crypto),16); /* keys */
|
||||
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN,
|
||||
crypto_cipher_get_key(conn->b_crypto),16);
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
|
||||
|
||||
/* encrypt message */
|
||||
retval = crypto_pk_public_encrypt(conn->pkey, buf, sizeof(buf), cipher,RSA_PKCS1_PADDING);
|
||||
if (retval == -1) /* error */
|
||||
{
|
||||
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth() : Reason : %s.",crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth() : Encrypted authentication message.");
|
||||
|
||||
/* send message */
|
||||
|
||||
if(connection_write_to_buf(cipher, PKEY_LEN, conn) < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth(): my outbuf is full. Oops.");
|
||||
return -1;
|
||||
}
|
||||
retval = connection_flush_buf(conn);
|
||||
if(retval < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth(): bad socket while flushing.");
|
||||
return -1;
|
||||
}
|
||||
if(retval > 0) {
|
||||
/* still stuff on the buffer. */
|
||||
conn->state = OR_CONN_STATE_CLIENT_SENDING_AUTH;
|
||||
connection_watch_events(conn, POLLOUT | POLLIN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* it finished sending */
|
||||
log(LOG_DEBUG,"or_handshake_client_send_auth(): Finished sending authentication message.");
|
||||
conn->state = OR_CONN_STATE_CLIENT_AUTH_WAIT;
|
||||
connection_watch_events(conn, POLLIN);
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
static int
|
||||
or_handshake_client_process_auth(connection_t *conn) {
|
||||
char buf[128]; /* only 52 of this is expected to be used */
|
||||
char cipher[128];
|
||||
int retval;
|
||||
struct sockaddr_in me; /* my router identity */
|
||||
|
||||
assert(conn);
|
||||
|
||||
if(learn_my_address(&me) < 0)
|
||||
return -1;
|
||||
|
||||
if(conn->inbuf_datalen < 128) /* entire response available? */
|
||||
return 0; /* not yet */
|
||||
|
||||
connection_fetch_from_buf(cipher,128,conn);
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Received auth.");
|
||||
|
||||
/* decrypt response */
|
||||
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
||||
if (retval == -1)
|
||||
{
|
||||
log(LOG_ERR,"Public-key decryption failed during authentication to %s:%u.",
|
||||
conn->address,conn->port);
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Reason : %s.",
|
||||
crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
else if (retval != 52)
|
||||
{
|
||||
log(LOG_ERR,"client_process_auth: incorrect response from router %s:%u.",
|
||||
conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Decrypted response.");
|
||||
/* check validity */
|
||||
if ( (*(uint32_t*)buf != me.sin_addr.s_addr) || /* local address, network order */
|
||||
(*(uint16_t*)(buf+4) != me.sin_port) || /* local port, network order */
|
||||
(ntohl(*(uint32_t*)(buf+6)) != conn->addr) || /* remote address */
|
||||
(ntohs(*(uint16_t*)(buf+10)) != conn->port) ) { /* remote port */
|
||||
log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
if ( (memcmp(crypto_cipher_get_key(conn->f_crypto), buf+12, 16)) ||/* keys */
|
||||
(memcmp(crypto_cipher_get_key(conn->b_crypto), buf+28, 16)) ) {
|
||||
log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Response valid.");
|
||||
|
||||
/* reply is just local addr/port, remote addr/port, nonce */
|
||||
memcpy(buf+12, buf+44, 8);
|
||||
|
||||
/* encrypt reply */
|
||||
retval = crypto_pk_public_encrypt(conn->pkey, buf, 20, cipher,RSA_PKCS1_PADDING);
|
||||
if (retval == -1) /* error */
|
||||
{
|
||||
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Reason : %s.",crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* send the message */
|
||||
|
||||
if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth(): my outbuf is full. Oops.");
|
||||
return -1;
|
||||
}
|
||||
retval = connection_flush_buf(conn);
|
||||
if(retval < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth(): bad socket while flushing.");
|
||||
return -1;
|
||||
}
|
||||
if(retval > 0) {
|
||||
/* still stuff on the buffer. */
|
||||
conn->state = OR_CONN_STATE_CLIENT_SENDING_NONCE;
|
||||
connection_watch_events(conn, POLLOUT | POLLIN);
|
||||
/* return(connection_process_inbuf(conn)); process the rest of the inbuf */
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* it finished sending */
|
||||
log(LOG_DEBUG,"or_handshake_client_process_auth(): Finished sending nonce.");
|
||||
conn_or_init_crypto(conn);
|
||||
connection_or_set_open(conn);
|
||||
return connection_process_inbuf(conn); /* process the rest of the inbuf */
|
||||
}
|
||||
|
||||
/* auth handshake, as performed by OR *receiving* the connection */
|
||||
static int or_handshake_server_process_auth(connection_t *conn) {
|
||||
int retval;
|
||||
|
||||
char buf[128]; /* 50 of this is expected to be used for OR, 38 for OP */
|
||||
char cipher[128];
|
||||
|
||||
unsigned char iv[16];
|
||||
|
||||
uint32_t addr;
|
||||
uint16_t port;
|
||||
|
||||
routerinfo_t *router;
|
||||
|
||||
assert(conn);
|
||||
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() entered.");
|
||||
|
||||
if(conn->inbuf_datalen < 128) /* entire response available? */
|
||||
return 0; /* not yet */
|
||||
|
||||
connection_fetch_from_buf(cipher,128,conn);
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Received auth.");
|
||||
|
||||
/* decrypt response */
|
||||
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
||||
if (retval == -1) {
|
||||
log(LOG_ERR,"or_handshake_server_process_auth: Public-key decryption failed.");
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",
|
||||
crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (retval == 46) {
|
||||
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OR-style auth message.");
|
||||
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OR) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OR. Dropping.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* identify the router */
|
||||
addr = ntohl(*(uint32_t*)(buf+2)); /* save the IP address */
|
||||
port = ntohs(*(uint16_t*)(buf+6)); /* save the port */
|
||||
|
||||
router = router_get_by_addr_port(addr,port);
|
||||
if (!router) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : unknown router '%s:%d'. Will drop.", conn->address, port);
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
||||
router->address,router->or_port);
|
||||
|
||||
if(connection_exact_get_by_addr_port(addr,port)) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): That router is already connected. Dropping.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* save keys */
|
||||
crypto_cipher_set_key(conn->b_crypto,buf+14);
|
||||
crypto_cipher_set_key(conn->f_crypto,buf+30);
|
||||
|
||||
conn->bandwidth = router->bandwidth;
|
||||
|
||||
/* copy all relevant info to conn */
|
||||
conn->addr = router->addr, conn->port = router->or_port;
|
||||
conn->pkey = crypto_pk_dup_key(router->pkey);
|
||||
if(conn->address)
|
||||
free(conn->address);
|
||||
conn->address = strdup(router->address);
|
||||
|
||||
/* generate a nonce */
|
||||
retval = crypto_rand(8, conn->nonce);
|
||||
if (retval) { /* error */
|
||||
log(LOG_ERR,"Cannot generate a nonce.");
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): Nonce generated.");
|
||||
|
||||
memmove(buf, buf+2, 44);
|
||||
memcpy(buf+44,conn->nonce,8); /* append the nonce to the end of the message */
|
||||
|
||||
/* encrypt message */
|
||||
retval = crypto_pk_public_encrypt(conn->pkey, buf, 52, cipher,RSA_PKCS1_PADDING);
|
||||
if (retval == -1) { /* error */
|
||||
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reply encrypted.");
|
||||
|
||||
/* send message */
|
||||
|
||||
if(connection_write_to_buf(cipher, 128, conn) < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): my outbuf is full. Oops.");
|
||||
return -1;
|
||||
}
|
||||
retval = connection_flush_buf(conn);
|
||||
if(retval < 0) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): bad socket while flushing.");
|
||||
return -1;
|
||||
}
|
||||
if(retval > 0) {
|
||||
/* still stuff on the buffer. */
|
||||
conn->state = OR_CONN_STATE_SERVER_SENDING_AUTH;
|
||||
connection_watch_events(conn, POLLOUT | POLLIN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* it finished sending */
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): Finished sending auth.");
|
||||
conn->state = OR_CONN_STATE_SERVER_NONCE_WAIT;
|
||||
connection_watch_events(conn, POLLIN);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(retval == 34) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OP-style auth message.");
|
||||
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OP) {
|
||||
log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OP. Dropping.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
crypto_cipher_set_key(conn->b_crypto, buf+2);
|
||||
crypto_cipher_set_key(conn->f_crypto, buf+18);
|
||||
|
||||
memset(iv, 0, 16);
|
||||
crypto_cipher_set_iv(conn->b_crypto, iv);
|
||||
crypto_cipher_set_iv(conn->f_crypto, iv);
|
||||
|
||||
crypto_cipher_encrypt_init_cipher(conn->b_crypto);
|
||||
crypto_cipher_decrypt_init_cipher(conn->f_crypto);
|
||||
|
||||
conn->state = OR_CONN_STATE_OPEN;
|
||||
connection_watch_events(conn, POLLIN);
|
||||
|
||||
return connection_process_inbuf(conn); /* in case they sent some cells along with the keys */
|
||||
}
|
||||
|
||||
log(LOG_ERR,"or_handshake_server_process_auth(): received an incorrect authentication request.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int
|
||||
or_handshake_server_process_nonce(connection_t *conn) {
|
||||
|
||||
char buf[128];
|
||||
char cipher[128];
|
||||
int retval;
|
||||
struct sockaddr_in me; /* my router identity */
|
||||
|
||||
assert(conn);
|
||||
|
||||
if(learn_my_address(&me) < 0)
|
||||
return -1;
|
||||
|
||||
if(conn->inbuf_datalen < 128) /* entire response available? */
|
||||
return 0; /* not yet */
|
||||
|
||||
connection_fetch_from_buf(cipher,128,conn);
|
||||
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Received auth.");
|
||||
|
||||
/* decrypt response */
|
||||
retval = crypto_pk_private_decrypt(get_privatekey(), cipher, 128, buf,RSA_PKCS1_PADDING);
|
||||
if (retval == -1)
|
||||
{
|
||||
log(LOG_ERR,"Public-key decryption failed during authentication to %s:%u.",
|
||||
conn->address,conn->port);
|
||||
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Reason : %s.",
|
||||
crypto_perror());
|
||||
return -1;
|
||||
}
|
||||
else if (retval != 20)
|
||||
{
|
||||
log(LOG_ERR,"server_process_nonce: incorrect response from router %s:%u.",
|
||||
conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response decrypted.");
|
||||
|
||||
/* check validity */
|
||||
if ((ntohl(*(uint32_t*)buf) != conn->addr) || /* remote address */
|
||||
(ntohs(*(uint16_t*)(buf+4)) != conn->port) || /* remote port */
|
||||
(*(uint32_t*)(buf+6) != me.sin_addr.s_addr) || /* local address, network order */
|
||||
(*(uint16_t*)(buf+10) != me.sin_port) || /* local port, network order */
|
||||
(memcmp(conn->nonce,buf+12,8))) /* nonce */
|
||||
{
|
||||
log(LOG_ERR,"server_process_nonce: Router %s:%u gave bad response.",conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response valid. Authentication complete.");
|
||||
|
||||
conn_or_init_crypto(conn);
|
||||
connection_or_set_open(conn);
|
||||
return connection_process_inbuf(conn); /* process the rest of the inbuf */
|
||||
|
||||
}
|
||||
|
||||
/*********************/
|
||||
|
||||
static void
|
||||
connection_or_set_open(connection_t *conn) {
|
||||
conn->state = OR_CONN_STATE_OPEN;
|
||||
directory_set_dirty();
|
||||
connection_watch_events(conn, POLLIN);
|
||||
}
|
||||
|
||||
static void
|
||||
conn_or_init_crypto(connection_t *conn) {
|
||||
unsigned char iv[16];
|
||||
|
||||
assert(conn);
|
||||
|
||||
memset((void *)iv, 0, 16);
|
||||
crypto_cipher_set_iv(conn->f_crypto, iv);
|
||||
crypto_cipher_set_iv(conn->b_crypto, iv);
|
||||
|
||||
crypto_cipher_encrypt_init_cipher(conn->f_crypto);
|
||||
crypto_cipher_decrypt_init_cipher(conn->b_crypto);
|
||||
/* always encrypt with f, always decrypt with b */
|
||||
}
|
||||
#endif
|
||||
|
||||
int connection_write_cell_to_buf(const cell_t *cellp, connection_t *conn) {
|
||||
char networkcell[CELL_NETWORK_SIZE];
|
||||
char *n = networkcell;
|
||||
|
||||
cell_pack(n, cellp);
|
||||
|
||||
#ifndef USE_TLS
|
||||
if(connection_encrypt_cell(n,conn)<0) {
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
return connection_write_to_buf(n, CELL_NETWORK_SIZE, conn);
|
||||
}
|
||||
|
||||
@ -680,41 +148,13 @@ int connection_process_cell_from_inbuf(connection_t *conn) {
|
||||
/* check if there's a whole cell there.
|
||||
* * if yes, pull it off, decrypt it if we're not doing TLS, and process it.
|
||||
* */
|
||||
#ifndef USE_TLS
|
||||
char networkcell[CELL_NETWORK_SIZE];
|
||||
#endif
|
||||
char buf[CELL_NETWORK_SIZE];
|
||||
// int x;
|
||||
cell_t cell;
|
||||
|
||||
if(conn->inbuf_datalen < CELL_NETWORK_SIZE) /* entire response available? */
|
||||
return 0; /* not yet */
|
||||
|
||||
#ifdef USE_TLS
|
||||
connection_fetch_from_buf(buf, CELL_NETWORK_SIZE, conn);
|
||||
#else
|
||||
connection_fetch_from_buf(networkcell, CELL_NETWORK_SIZE, conn);
|
||||
#if 0
|
||||
printf("Cell header crypttext: ");
|
||||
for(x=0;x<8;x++) {
|
||||
printf("%u ",crypted[x]);
|
||||
}
|
||||
printf("\n");
|
||||
#endif
|
||||
/* decrypt */
|
||||
if(crypto_cipher_decrypt(conn->b_crypto, networkcell, CELL_NETWORK_SIZE, buf)) {
|
||||
log_fn(LOG_ERR,"Decryption failed, dropping.");
|
||||
return connection_process_inbuf(conn); /* process the remainder of the buffer */
|
||||
}
|
||||
// log_fn(LOG_DEBUG,"Cell decrypted (%d bytes).",outlen);
|
||||
#if 0
|
||||
printf("Cell header plaintext: ");
|
||||
for(x=0;x<8;x++) {
|
||||
printf("%u ",outbuf[x]);
|
||||
}
|
||||
printf("\n");
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* retrieve cell info from buf (create the host-order struct from the network-order string) */
|
||||
cell_unpack(&cell, buf);
|
||||
@ -725,24 +165,6 @@ int connection_process_cell_from_inbuf(connection_t *conn) {
|
||||
return connection_process_inbuf(conn); /* process the remainder of the buffer */
|
||||
}
|
||||
|
||||
#ifndef USE_TLS
|
||||
int connection_encrypt_cell(char *cellp, connection_t *conn) {
|
||||
char cryptcell[CELL_NETWORK_SIZE];
|
||||
|
||||
assert(conn);
|
||||
|
||||
if(crypto_cipher_encrypt(conn->f_crypto, cellp, CELL_NETWORK_SIZE, cryptcell)) {
|
||||
log(LOG_ERR,"Could not encrypt cell for connection %s:%u.",conn->address,conn->port);
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(cellp,cryptcell,CELL_NETWORK_SIZE);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
/*
|
||||
Local Variables:
|
||||
mode:c
|
||||
|
@ -449,7 +449,6 @@ static int do_main_loop(void) {
|
||||
set_signing_privatekey(prkey);
|
||||
}
|
||||
|
||||
#ifdef USE_TLS
|
||||
if(options.OnionRouter) {
|
||||
struct stat statbuf;
|
||||
if(stat(options.CertFile, &statbuf) < 0) {
|
||||
@ -472,7 +471,6 @@ static int do_main_loop(void) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* start up the necessary connections based on which ports are
|
||||
* non-zero. This is where we try to connect to all the other ORs,
|
||||
|
42
src/or/or.h
42
src/or/or.h
@ -7,7 +7,6 @@
|
||||
|
||||
#include "orconfig.h"
|
||||
|
||||
#define USE_TLS
|
||||
#define SEQUENTIAL_ACI
|
||||
|
||||
#include <stdio.h>
|
||||
@ -105,11 +104,6 @@
|
||||
#define MAX_BUF_SIZE (640*1024)
|
||||
#define DEFAULT_BANDWIDTH_OP (1024 * 1000)
|
||||
|
||||
#ifndef USE_TLS
|
||||
#define HANDSHAKE_AS_OP 1
|
||||
#define HANDSHAKE_AS_OR 2
|
||||
#endif
|
||||
|
||||
#define ACI_TYPE_LOWER 0
|
||||
#define ACI_TYPE_HIGHER 1
|
||||
#define ACI_TYPE_BOTH 2
|
||||
@ -139,30 +133,11 @@
|
||||
|
||||
#define CPUWORKER_TASK_ONION CPUWORKER_STATE_BUSY_ONION
|
||||
|
||||
#ifndef USE_TLS
|
||||
/* how to read these states:
|
||||
* foo_CONN_STATE_bar_baz:
|
||||
* "I am acting as a bar, currently in stage baz of talking with a foo."
|
||||
*/
|
||||
//#define OR_CONN_STATE_OP_CONNECTING 0 /* an application proxy wants me to connect to this OR */
|
||||
#define _OR_CONN_STATE_MIN 1
|
||||
#define OR_CONN_STATE_OP_SENDING_KEYS 1
|
||||
#define OR_CONN_STATE_CLIENT_CONNECTING 2 /* connecting to this OR */
|
||||
#define OR_CONN_STATE_CLIENT_SENDING_AUTH 3 /* sending address and info */
|
||||
#define OR_CONN_STATE_CLIENT_AUTH_WAIT 4 /* have sent address and info, waiting */
|
||||
#define OR_CONN_STATE_CLIENT_SENDING_NONCE 5 /* sending nonce, last piece of handshake */
|
||||
#define OR_CONN_STATE_SERVER_AUTH_WAIT 6 /* waiting for address and info */
|
||||
#define OR_CONN_STATE_SERVER_SENDING_AUTH 7 /* writing auth and nonce */
|
||||
#define OR_CONN_STATE_SERVER_NONCE_WAIT 8 /* waiting for confirmation of nonce */
|
||||
#define OR_CONN_STATE_OPEN 9 /* ready to send/receive cells. */
|
||||
#define _OR_CONN_STATE_MAX 9
|
||||
#else
|
||||
#define _OR_CONN_STATE_MIN 0
|
||||
#define OR_CONN_STATE_CONNECTING 0 /* waiting for connect() to finish */
|
||||
#define OR_CONN_STATE_HANDSHAKING 1 /* SSL is handshaking, not done yet */
|
||||
#define OR_CONN_STATE_OPEN 2 /* ready to send/receive cells. */
|
||||
#define _OR_CONN_STATE_MAX 2
|
||||
#endif
|
||||
|
||||
#define _EXIT_CONN_STATE_MIN 0
|
||||
#define EXIT_CONN_STATE_RESOLVING 0 /* waiting for response from dns farm */
|
||||
@ -209,10 +184,6 @@
|
||||
#define DEFAULT_CIPHER CRYPTO_CIPHER_AES_CTR
|
||||
/* Used to en/decrypt onion skins */
|
||||
#define ONION_CIPHER DEFAULT_CIPHER
|
||||
#ifndef USE_TLS
|
||||
/* Used to en/decrypt cells between ORs/OPs. */
|
||||
#define CONNECTION_CIPHER DEFAULT_CIPHER
|
||||
#endif
|
||||
/* Used to en/decrypt RELAY cells */
|
||||
#define CIRCUIT_CIPHER DEFAULT_CIPHER
|
||||
|
||||
@ -304,15 +275,7 @@ struct connection_t {
|
||||
crypto_pk_env_t *pkey; /* public RSA key for the other side */
|
||||
|
||||
/* Used only by OR connections: */
|
||||
#ifdef USE_TLS
|
||||
tor_tls *tls;
|
||||
#else
|
||||
/* link encryption */
|
||||
crypto_cipher_env_t *f_crypto;
|
||||
crypto_cipher_env_t *b_crypto;
|
||||
|
||||
char nonce[8];
|
||||
#endif
|
||||
#ifdef SEQUENTIAL_ACI
|
||||
uint16_t next_aci; /* Which ACI do we try to use next on this connection?
|
||||
* This is always in the range 0..1<<15-1.*/
|
||||
@ -532,9 +495,7 @@ void connection_free(connection_t *conn);
|
||||
int connection_create_listener(struct sockaddr_in *bindaddr, int type);
|
||||
int connection_handle_listener_read(connection_t *conn, int new_type);
|
||||
|
||||
#ifdef USE_TLS
|
||||
int connection_tls_start_handshake(connection_t *conn, int receiving);
|
||||
#endif
|
||||
|
||||
int connection_connect(connection_t *conn, char *address, uint32_t addr, uint16_t port);
|
||||
int retry_all_connections(uint16_t or_listenport, uint16_t ap_listenport, uint16_t dir_listenport);
|
||||
@ -586,9 +547,6 @@ connection_t *connection_or_connect(routerinfo_t *router);
|
||||
|
||||
int connection_write_cell_to_buf(const cell_t *cellp, connection_t *conn);
|
||||
int connection_process_cell_from_inbuf(connection_t *conn);
|
||||
#ifndef USE_TLS
|
||||
int connection_encrypt_cell(char *cellp, connection_t *conn);
|
||||
#endif
|
||||
|
||||
/********************************* cpuworker.c *****************************/
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user