nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 15:43:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use protover to signal support for ntor3 + congestion control.

Browse Source
This commit is contained in:
Nick Mathewson 2021-09-14 16:31:48 -04:00 committed by Mike Perry
parent bd2e9a4409
commit baaabb503c
12 changed files with 44 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/core/or/circuituse.c
View File

@ -2462,7 +2462,8 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
digest, digest,
NULL, /* Ed25519 ID */ NULL, /* Ed25519 ID */
NULL, NULL, /* onion keys */ NULL, NULL, /* onion keys */
&addr, conn->socks_request->port); &addr, conn->socks_request->port,
NULL);
} else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */ } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */
/* We will need an onion key for the router, and we /* We will need an onion key for the router, and we
* don't have one. Refuse or relax requirements. */ * don't have one. Refuse or relax requirements. */

14
src/core/or/extendinfo.c
View File

@ -35,7 +35,8 @@ extend_info_new(const char *nickname,
const ed25519_public_key_t *ed_id, const ed25519_public_key_t *ed_id,
crypto_pk_t *onion_key, crypto_pk_t *onion_key,
const curve25519_public_key_t *ntor_key, const curve25519_public_key_t *ntor_key,
const tor_addr_t *addr, uint16_t port) const tor_addr_t *addr, uint16_t port,
const protover_summary_flags_t *pv)
{ {
extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t)); extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t));
if (rsa_id_digest) if (rsa_id_digest)
@ -57,7 +58,10 @@ extend_info_new(const char *nickname,
extend_info_add_orport(info, addr, port); extend_info_add_orport(info, addr, port);
} }
info->supports_ntor3_and_param_negotiation = false; // TODO: set this. if (pv) {
info->supports_ntor3_and_param_negotiation =
pv->supports_ntor3_and_param_negotiation;
}
return info; return info;
} }
@ -152,7 +156,8 @@ extend_info_from_node(const node_t *node, int for_direct_connect)
rsa_pubkey, rsa_pubkey,
curve_pubkey, curve_pubkey,
&ap.addr, &ap.addr,
ap.port); ap.port,
&node->ri->pv);
} else if (valid_addr && node->rs && node->md) { } else if (valid_addr && node->rs && node->md) {
info = extend_info_new(node->rs->nickname, info = extend_info_new(node->rs->nickname,
node->identity, node->identity,
@ -160,7 +165,8 @@ extend_info_from_node(const node_t *node, int for_direct_connect)
rsa_pubkey, rsa_pubkey,
curve_pubkey, curve_pubkey,
&ap.addr, &ap.addr,
ap.port); ap.port,
&node->rs->pv);
} }
crypto_pk_free(rsa_pubkey); crypto_pk_free(rsa_pubkey);

3
src/core/or/extendinfo.h
View File

@ -17,7 +17,8 @@ extend_info_t *extend_info_new(const char *nickname,
const struct ed25519_public_key_t *ed_id, const struct ed25519_public_key_t *ed_id,
crypto_pk_t *onion_key, crypto_pk_t *onion_key,
const struct curve25519_public_key_t *ntor_key, const struct curve25519_public_key_t *ntor_key,
const tor_addr_t *addr, uint16_t port); const tor_addr_t *addr, uint16_t port,
const struct protover_summary_flags_t *pv);
extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect);
extend_info_t *extend_info_dup(extend_info_t *info); extend_info_t *extend_info_dup(extend_info_t *info);
void extend_info_free_(extend_info_t *info); void extend_info_free_(extend_info_t *info);

4
src/core/or/or.h
View File

@ -732,6 +732,10 @@ typedef struct protover_summary_flags_t {
* negotiate hs circuit setup padding. Requires Padding=2. */ * negotiate hs circuit setup padding. Requires Padding=2. */
unsigned int supports_hs_setup_padding : 1; unsigned int supports_hs_setup_padding : 1;
/** True iff this router supports ntor3 _and_ supports negotiating
* additional circuit parameters via the handshake used in ntor3.
*/
unsigned int supports_ntor3_and_param_negotiation : 1;
} protover_summary_flags_t; } protover_summary_flags_t;
typedef struct routerinfo_t routerinfo_t; typedef struct routerinfo_t routerinfo_t;

2
src/core/or/protover.c
View File

@ -430,6 +430,8 @@ protover_get_supported_protocols(void)
* XXX: WARNING! * XXX: WARNING!
*/ */
/* TODO: Add a new Relay=* and a new FlowCtrl=* version to indicate support
* for Ntorv3 and prop324. Make sure they get into the spec. */
return return
"Cons=1-2 " "Cons=1-2 "
"Desc=1-2 " "Desc=1-2 "

9
src/core/or/versions.c
View File

@ -482,6 +482,15 @@ memoize_protover_summary(protover_summary_flags_t *out,
protocol_list_supports_protocol(protocols, PRT_PADDING, protocol_list_supports_protocol(protocols, PRT_PADDING,
PROTOVER_HS_SETUP_PADDING); PROTOVER_HS_SETUP_PADDING);
/* TODO: Set these flags based on real values.
out->supports_ntor3_and_param_negotiation =
protocol_list_supports_protocol(protocols, PRT_RELAY,
XXXX)
&&
protocol_list_supports_protocol(protocols, PRT_FLOWCTRL,
XXXX);
*/
protover_summary_flags_t *new_cached = tor_memdup(out, sizeof(*out)); protover_summary_flags_t *new_cached = tor_memdup(out, sizeof(*out));
cached = strmap_set(protover_summary_map, protocols, new_cached); cached = strmap_set(protover_summary_map, protocols, new_cached);
tor_assert(!cached); tor_assert(!cached);

6
src/feature/hs/hs_common.c
View File

@ -1687,7 +1687,11 @@ hs_get_extend_info_from_lspecs(const smartlist_t *lspecs,
/* We do have everything for which we think we can connect successfully. */ /* We do have everything for which we think we can connect successfully. */
info = extend_info_new(NULL, legacy_id, info = extend_info_new(NULL, legacy_id,
(have_ed25519_id) ? &ed25519_pk : NULL, NULL, (have_ed25519_id) ? &ed25519_pk : NULL, NULL,
onion_key, &ap.addr, ap.port); onion_key, &ap.addr, ap.port,
/* TODO: The protover summary here needs to explain
if we support the newer congestion control or
not. This may require new specification stuff */
NULL);
done: done:
return info; return info;
} }

2
src/feature/nodelist/nodelist.c
View File

@ -1205,7 +1205,7 @@ node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
/** Dummy object that should be unreturnable. Used to ensure that /** Dummy object that should be unreturnable. Used to ensure that
* node_get_protover_summary_flags() always returns non-NULL. */ * node_get_protover_summary_flags() always returns non-NULL. */
static const protover_summary_flags_t zero_protover_flags = { static const protover_summary_flags_t zero_protover_flags = {
0,0,0,0,0,0,0,0,0,0,0,0 0,0,0,0,0,0,0,0,0,0,0,0,0
}; };
/** Return the protover_summary_flags for a given node. */ /** Return the protover_summary_flags for a given node. */

3
src/feature/relay/circuitbuild_relay.c
View File

@ -392,7 +392,8 @@ circuit_open_connection_for_extend(const struct extend_cell_t *ec,
NULL, /*onion_key*/ NULL, /*onion_key*/
NULL, /*curve25519_key*/ NULL, /*curve25519_key*/
&chosen_ap->addr, &chosen_ap->addr,
chosen_ap->port); chosen_ap->port,
NULL /* protover summary */);
circ->n_chan_create_cell = tor_memdup(&ec->create_cell, circ->n_chan_create_cell = tor_memdup(&ec->create_cell,
sizeof(ec->create_cell)); sizeof(ec->create_cell));

3
src/feature/relay/selftest.c
View File

@ -228,7 +228,8 @@ extend_info_from_router(const routerinfo_t *r, int family)
info = extend_info_new(r->nickname, r->cache_info.identity_digest, info = extend_info_new(r->nickname, r->cache_info.identity_digest,
ed_id_key, ed_id_key,
rsa_pubkey, r->onion_curve25519_pkey, rsa_pubkey, r->onion_curve25519_pkey,
&ap.addr, ap.port); &ap.addr, ap.port,
NULL /* should self-tests use ntor3? */);
crypto_pk_free(rsa_pubkey); crypto_pk_free(rsa_pubkey);
return info; return info;
} }

2
src/test/test_circuitpadding.c
View File

@ -1609,7 +1609,7 @@ simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay,
hop->extend_info = extend_info_new( hop->extend_info = extend_info_new(
padding ? "padding" : "non-padding", padding ? "padding" : "non-padding",
digest, NULL, NULL, NULL, digest, NULL, NULL, NULL,
&addr, padding); &addr, padding, NULL);
cpath_init_circuit_crypto(hop, whatevs_key, sizeof(whatevs_key), 0, 0); cpath_init_circuit_crypto(hop, whatevs_key, sizeof(whatevs_key), 0, 0);

8
src/test/test_hs_client.c
View File

@ -1186,7 +1186,7 @@ test_socks_hs_errors(void *arg)
/* Code path will log this exit so build it. */ /* Code path will log this exit so build it. */
ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest,
NULL, NULL, NULL, &addr, NULL, NULL, NULL, &addr,
4242); 4242, NULL);
/* Attach socks connection to this rendezvous circuit. */ /* Attach socks connection to this rendezvous circuit. */
ocirc->p_streams = ENTRY_TO_EDGE_CONN(socks_conn); ocirc->p_streams = ENTRY_TO_EDGE_CONN(socks_conn);
/* Trigger the rendezvous failure. Timeout the circuit and free. */ /* Trigger the rendezvous failure. Timeout the circuit and free. */
@ -1281,7 +1281,7 @@ test_close_intro_circuit_failure(void *arg)
/* Code path will log this exit so build it. */ /* Code path will log this exit so build it. */
ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest,
NULL, NULL, NULL, &addr, NULL, NULL, NULL, &addr,
4242); 4242, NULL);
ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey); ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey);
/* We'll make for close the circuit for a timeout failure. It should _NOT_ /* We'll make for close the circuit for a timeout failure. It should _NOT_
@ -1308,7 +1308,7 @@ test_close_intro_circuit_failure(void *arg)
/* Code path will log this exit so build it. */ /* Code path will log this exit so build it. */
ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest,
NULL, NULL, NULL, &addr, NULL, NULL, NULL, &addr,
4242); 4242, NULL);
ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey); ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey);
/* On free, we should get an unreachable failure. */ /* On free, we should get an unreachable failure. */
@ -1331,7 +1331,7 @@ test_close_intro_circuit_failure(void *arg)
/* Code path will log this exit so build it. */ /* Code path will log this exit so build it. */
ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest, ocirc->build_state->chosen_exit = extend_info_new("TestNickname", digest,
NULL, NULL, NULL, &addr, NULL, NULL, NULL, &addr,
4242); 4242, NULL);
ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey); ed25519_pubkey_copy(&ocirc->hs_ident->intro_auth_pk, &intro_kp.pubkey);
circuit_mark_for_close(circ, END_CIRC_REASON_TIMEOUT); circuit_mark_for_close(circ, END_CIRC_REASON_TIMEOUT);