nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

cc: Use trunnel extension for ntorv3 circ parameters

Browse Source 
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2021-12-14 11:38:22 -05:00 committed by Mike Perry
parent b5439d6bd0
commit bbf160d311
11 changed files with 615 additions and 746 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
src/core/crypto/onion_crypto.c
View File

@ -47,7 +47,9 @@
#include "core/or/crypt_path_st.h"
#include "core/or/extend_info_st.h"
#include "trunnel/circ_params.h"
#include "trunnel/congestion_control.h"
#include "trunnel/extension.h"
static const uint8_t NTOR3_CIRC_VERIFICATION[] = "circuit extend";
static const size_t NTOR3_CIRC_VERIFICATION_LEN = 14;
@ -230,72 +232,29 @@ negotiate_v3_ntor_server_circ_params(const uint8_t *param_request_msg,
uint8_t **resp_msg_out,
size_t *resp_msg_len_out)
{
circ_params_response_t *resp = NULL;
circ_params_request_t *param_request = NULL;
ssize_t resp_msg_len;
int ret;
if (circ_params_request_parse(&param_request, param_request_msg,
param_request_len) < 0) {
return -1;
/* Parse request. */
ret = congestion_control_parse_ext_request(param_request_msg,
param_request_len);
if (ret < 0) {
goto err;
}
params_out->cc_enabled = ret && our_ns_params->cc_enabled;
/* CC is enabled if the client wants it, and our consensus paramers
* allow it. If both are true, its on. If either is false, it's off. */
params_out->cc_enabled =
circ_params_request_get_cc_supported(param_request) &&
our_ns_params->cc_enabled;
resp = circ_params_response_new();
if (circ_params_response_set_version(resp, 0) < 0) {
circ_params_request_free(param_request);
circ_params_response_free(resp);
return -1;
/* Build the response. */
ret = congestion_control_build_ext_response(our_ns_params, params_out,
resp_msg_out, resp_msg_len_out);
if (ret < 0) {
goto err;
}
/* The relay always chooses its sendme_inc, and sends it to the client */
params_out->sendme_inc_cells = our_ns_params->sendme_inc_cells;
if (circ_params_response_set_sendme_inc_cells(resp,
our_ns_params->sendme_inc_cells) < 0) {
circ_params_request_free(param_request);
circ_params_response_free(resp);
return -1;
}
/* Success. */
ret = 0;
/* Use the negotiated cc_enabled value to respond */
if (circ_params_response_set_cc_enabled(resp, params_out->cc_enabled) < 0) {
circ_params_request_free(param_request);
circ_params_response_free(resp);
return -1;
}
resp_msg_len = circ_params_response_encoded_len(resp);
if (resp_msg_len < 0) {
circ_params_request_free(param_request);
circ_params_response_free(resp);
return -1;
}
*resp_msg_out = tor_malloc_zero(resp_msg_len);
resp_msg_len = circ_params_response_encode(*resp_msg_out, resp_msg_len,
resp);
if (resp_msg_len < 0) {
circ_params_request_free(param_request);
circ_params_response_free(resp);
tor_free(*resp_msg_out);
return -1;
}
*resp_msg_len_out = (size_t)resp_msg_len;
circ_params_request_free(param_request);
circ_params_response_free(resp);
return 0;
err:
return ret;
}
/* This is the maximum value for keys_out_len passed to
@ -462,46 +421,29 @@ negotiate_v3_ntor_client_circ_params(const uint8_t *param_response_msg,
size_t param_response_len,
circuit_params_t *params_out)
{
circ_params_response_t *param_response = NULL;
bool cc_enabled;
uint8_t sendme_inc_cells;
if (circ_params_response_parse(&param_response, param_response_msg,
param_response_len) < 0) {
int ret = congestion_control_parse_ext_response(param_response_msg,
param_response_len,
params_out);
if (ret < 0) {
return -1;
}
cc_enabled =
circ_params_response_get_cc_enabled(param_response);
/* If congestion control came back enabled, but we didn't ask for it
* because the consensus said no, close the circuit */
if (cc_enabled && !congestion_control_enabled()) {
circ_params_response_free(param_response);
* because the consensus said no, close the circuit.
*
* This is a fatal error condition for the circuit, because it either
* means that congestion control was disabled by the consensus
* during the handshake, or the exit decided to send us an unsolicited
* congestion control response.
*
* In either case, we cannot proceed on this circuit, and must try a
* new one.
*/
if (ret && !congestion_control_enabled()) {
return -1;
}
params_out->cc_enabled = cc_enabled;
params_out->cc_enabled = ret;
/* We will only accept this response (and this circuit) if sendme_inc
* is within a factor of 2 of our consensus value. We should not need
* to change cc_sendme_inc much, and if we do, we can spread out those
* changes over smaller increments once every 4 hours. Exits that
* violate this range should just not be used. */
#define MAX_SENDME_INC_NEGOTIATE_FACTOR 2
sendme_inc_cells =
circ_params_response_get_sendme_inc_cells(param_response);
if (sendme_inc_cells >
MAX_SENDME_INC_NEGOTIATE_FACTOR*congestion_control_sendme_inc() ||
sendme_inc_cells <
congestion_control_sendme_inc()/MAX_SENDME_INC_NEGOTIATE_FACTOR) {
circ_params_response_free(param_response);
return -1;
}
params_out->sendme_inc_cells = sendme_inc_cells;
circ_params_response_free(param_response);
return 0;
}

31
src/core/or/circuitbuild.c
View File

@ -81,7 +81,9 @@
#include "feature/nodelist/node_st.h"
#include "core/or/or_circuit_st.h"
#include "core/or/origin_circuit_st.h"
#include "trunnel/circ_params.h"
#include "trunnel/extension.h"
#include "trunnel/congestion_control.h"
static int circuit_send_first_onion_skin(origin_circuit_t *circ);
static int circuit_build_no_more_hops(origin_circuit_t *circ);
@ -2607,33 +2609,10 @@ client_circ_negotiation_message(const extend_info_t *ei,
size_t *msg_len_out)
{
tor_assert(ei && msg_out && msg_len_out);
circ_params_request_t params = {0};
ssize_t msg_len = 0;
if (! ei->exit_supports_congestion_control)
return -1;
circ_params_request_set_version(&params, 0);
circ_params_request_set_cc_supported(&params,
congestion_control_enabled());
msg_len = circ_params_request_encoded_len(&params);
if (msg_len < 0) {
if (!ei->exit_supports_congestion_control) {
return -1;
}
*msg_out = tor_malloc_zero(msg_len);
msg_len = circ_params_request_encode(*msg_out, msg_len, &params);
if (msg_len < 0) {
tor_free(*msg_out);
return -1;
}
*msg_len_out = (size_t)msg_len;
return 0;
return congestion_control_build_ext_request(msg_out, msg_len_out);
}

287
src/core/or/congestion_control_common.c
View File

@ -28,6 +28,9 @@
#include "feature/nodelist/networkstatus.h"
#include "app/config/config.h"
#include "trunnel/congestion_control.h"
#include "trunnel/extension.h"
/* Consensus parameter defaults.
*
* More details for each of the parameters can be found in proposal 324,
@ -1096,3 +1099,287 @@ congestion_control_dispatch_cc_alg(congestion_control_t *cc,
return ret;
}
/**
* Build an extension field request to negotiate congestion control.
*
* If congestion control is enabled, field TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST
* is created in msg_out. It is a single 0-length field that signifies that we
* want to use congestion control. The length of msg_out is provided via
* msg_len_out.
*
* If congestion control is not enabled, a payload with 0 extensions is created
* and returned.
*
* If there is a failure building the request, -1 is returned, else 0.
*
* *msg_out must be freed if the return value is 0.
*/
int
congestion_control_build_ext_request(uint8_t **msg_out, size_t *msg_len_out)
{
uint8_t *request = NULL;
trn_extension_t *ext = NULL;
trn_extension_field_t *field = NULL;
ext = trn_extension_new();
/* With congestion control enabled, add the request, else it is an empty
* request in the payload. */
if (congestion_control_enabled()) {
/* Build the extension field that will hold the CC field. */
field = trn_extension_field_new();
trn_extension_field_set_field_type(field,
TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST);
/* No payload indicating a request to use congestion control. */
trn_extension_field_set_field_len(field, 0);
/* Build final extension. */
trn_extension_add_fields(ext, field);
trn_extension_set_num(ext, 1);
}
/* Encode extension. */
ssize_t ret = trn_extension_encoded_len(ext);
if (BUG(ret < 0)) {
goto err;
}
size_t request_len = ret;
request = tor_malloc_zero(request_len);
ret = trn_extension_encode(request, request_len, ext);
if (BUG(ret < 0)) {
tor_free(request);
goto err;
}
*msg_out = request;
*msg_len_out = request_len;
/* Free everything, we've encoded the request now. */
ret = 0;
err:
trn_extension_free(ext);
return (int)ret;
}
/**
* Parse a congestion control ntorv3 request payload for extensions.
*
* On parsing failure, -1 is returned.
*
* If congestion control request is present, return 1. If it is not present,
* return 0.
*
* WARNING: Called from CPU worker! Must not access any global state.
*/
int
congestion_control_parse_ext_request(const uint8_t *msg, const size_t msg_len)
{
ssize_t ret = 0;
trn_extension_t *ext = NULL;
size_t num_fields = 0;
/* Parse extension from payload. */
ret = trn_extension_parse(&ext, msg, msg_len);
if (ret < 0) {
goto end;
}
/* No extension implies no support for congestion control. In this case, we
* simply return 0 to indicate CC is disabled. */
if ((num_fields = trn_extension_get_num(ext)) == 0) {
ret = 0;
goto end;
}
/* Go over all fields. If any field is TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST,
* then congestion control is enabled. Ignore unknown fields. */
for (size_t f = 0; f < num_fields; f++) {
const trn_extension_field_t *field = trn_extension_get_fields(ext, f);
if (field == NULL) {
ret = -1;
goto end;
}
/* For congestion control to be enabled, we only need the field type. */
if (trn_extension_field_get_field_type(field) ==
TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST) {
ret = 1;
break;
}
}
end:
trn_extension_free(ext);
return (int)ret;
}
/**
* Given our observed parameters for circuits and congestion control,
* as well as the parameters for the resulting circuit, build a response
* payload using extension fields into *msg_out, with length specified in
* *msg_out_len.
*
* If congestion control will be enabled, the extension field for
* TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE will contain the sendme_inc value.
*
* If congestion control won't be enabled, an extension payload with 0
* fields will be created.
*
* Return 0 if an extension payload was created in *msg_out, and -1 on
* error.
*
* *msg_out must be freed if the return value is 0.
*
* WARNING: Called from CPU worker! Must not access any global state.
*/
int
congestion_control_build_ext_response(const circuit_params_t *our_params,
const circuit_params_t *circ_params,
uint8_t **msg_out, size_t *msg_len_out)
{
ssize_t ret;
uint8_t *request = NULL;
trn_extension_t *ext = NULL;
trn_extension_field_t *field = NULL;
trn_extension_field_cc_t *cc_field = NULL;
tor_assert(our_params);
tor_assert(circ_params);
tor_assert(msg_out);
tor_assert(msg_len_out);
ext = trn_extension_new();
if (circ_params->cc_enabled) {
/* Build the extension field that will hold the CC field. */
field = trn_extension_field_new();
trn_extension_field_set_field_type(field,
TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE);
/* Build the congestion control field response. */
cc_field = trn_extension_field_cc_new();
trn_extension_field_cc_set_sendme_inc(cc_field,
our_params->sendme_inc_cells);
ret = trn_extension_field_cc_encoded_len(cc_field);
if (BUG(ret <= 0)) {
goto err;
}
size_t field_len = ret;
trn_extension_field_set_field_len(field, field_len);
trn_extension_field_setlen_field(field, field_len);
uint8_t *field_array = trn_extension_field_getarray_field(field);
ret = trn_extension_field_cc_encode(field_array,
trn_extension_field_getlen_field(field), cc_field);
if (BUG(ret <= 0)) {
goto err;
}
/* Build final extension. */
trn_extension_add_fields(ext, field);
trn_extension_set_num(ext, 1);
}
/* Encode extension. */
ret = trn_extension_encoded_len(ext);
if (BUG(ret < 0)) {
goto err;
}
size_t request_len = ret;
request = tor_malloc_zero(request_len);
ret = trn_extension_encode(request, request_len, ext);
if (BUG(ret < 0)) {
tor_free(request);
goto err;
}
*msg_out = request;
*msg_len_out = request_len;
/* We've just encoded the extension, clean everything. */
ret = 0;
err:
if (ext) {
trn_extension_free(ext);
} else {
trn_extension_field_free(field);
}
trn_extension_field_cc_free(cc_field);
return (int)ret;
}
/** Return 1 if CC is enabled which also will set the SENDME increment into our
* params_out. Return 0 if CC is disabled. Else, return -1 on error. */
int
congestion_control_parse_ext_response(const uint8_t *msg,
const size_t msg_len,
circuit_params_t *params_out)
{
ssize_t ret = 0;
size_t num_fields = 0;
trn_extension_t *ext = NULL;
trn_extension_field_cc_t *cc_field = NULL;
/* We will only accept this response (and this circuit) if sendme_inc
* is within a factor of 2 of our consensus value. We should not need
* to change cc_sendme_inc much, and if we do, we can spread out those
* changes over smaller increments once every 4 hours. Exits that
* violate this range should just not be used. */
#define MAX_SENDME_INC_NEGOTIATE_FACTOR 2
/* Parse extension from payload. */
ret = trn_extension_parse(&ext, msg, msg_len);
if (ret < 0) {
goto end;
}
if ((num_fields = trn_extension_get_num(ext)) == 0) {
ret = 0;
goto end;
}
/* Go over all fields. If any field is TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE,
* then congestion control is enabled. Ignore unknown fields. */
for (size_t f = 0; f < num_fields; f++) {
const trn_extension_field_t *field = trn_extension_get_fields(ext, f);
if (field == NULL) {
ret = -1;
goto end;
}
/* Only examine TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE; ignore other fields */
if (trn_extension_field_get_field_type(field) ==
TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE) {
/* Parse the field into the congestion control field. */
ret = trn_extension_field_cc_parse(&cc_field,
trn_extension_field_getconstarray_field(field),
trn_extension_field_getlen_field(field));
if (ret < 0) {
goto end;
}
uint8_t sendme_inc_cells =
trn_extension_field_cc_get_sendme_inc(cc_field);
if (!congestion_control_validate_sendme_increment(sendme_inc_cells)) {
ret = -1;
goto end;
}
/* All good. Get value and break */
params_out->sendme_inc_cells = sendme_inc_cells;
ret = 1;
break;
}
}
end:
trn_extension_free(ext);
trn_extension_field_cc_free(cc_field);
return (int)ret;
}

13
src/core/or/congestion_control_common.h
View File

@ -9,6 +9,7 @@
#ifndef TOR_CONGESTION_CONTROL_COMMON_H
#define TOR_CONGESTION_CONTROL_COMMON_H
#include "core/crypto/onion_crypto.h"
#include "core/or/crypt_path_st.h"
#include "core/or/circuit_st.h"
@ -47,6 +48,18 @@ void congestion_control_new_consensus_params(const networkstatus_t *ns);
bool congestion_control_enabled(void);
int congestion_control_build_ext_request(uint8_t **msg_out,
size_t *msg_len_out);
int congestion_control_parse_ext_request(const uint8_t *msg,
const size_t msg_len);
int congestion_control_build_ext_response(const circuit_params_t *our_params,
const circuit_params_t *circ_params,
uint8_t **msg_out,
size_t *msg_len_out);
int congestion_control_parse_ext_response(const uint8_t *msg,
const size_t msg_len,
circuit_params_t *params_out);
/* Ugh, C.. these are private. Use the getter instead, when
* external to the congestion control code. */
extern uint32_t or_conn_highwater;

452
src/trunnel/circ_params.c
View File

@ -1,452 +0,0 @@
/* circ_params.c -- generated by Trunnel v1.5.3.
* https://gitweb.torproject.org/trunnel.git
* You probably shouldn't edit this file.
*/
#include <stdlib.h>
#include "trunnel-impl.h"
#include "circ_params.h"
#define TRUNNEL_SET_ERROR_CODE(obj) \
do { \
(obj)->trunnel_error_code_ = 1; \
} while (0)
#if defined(__COVERITY__) || defined(__clang_analyzer__)
/* If we're running a static analysis tool, we don't want it to complain
* that some of our remaining-bytes checks are dead-code. */
int circparams_deadcode_dummy__ = 0;
#define OR_DEADCODE_DUMMY || circparams_deadcode_dummy__
#else
#define OR_DEADCODE_DUMMY
#endif
#define CHECK_REMAINING(nbytes, label) \
do { \
if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \
goto label; \
} \
} while (0)
circ_params_request_t *
circ_params_request_new(void)
{
circ_params_request_t *val = trunnel_calloc(1, sizeof(circ_params_request_t));
if (NULL == val)
return NULL;
return val;
}
/** Release all storage held inside 'obj', but do not free 'obj'.
*/
static void
circ_params_request_clear(circ_params_request_t *obj)
{
(void) obj;
}
void
circ_params_request_free(circ_params_request_t *obj)
{
if (obj == NULL)
return;
circ_params_request_clear(obj);
trunnel_memwipe(obj, sizeof(circ_params_request_t));
trunnel_free_(obj);
}
uint8_t
circ_params_request_get_version(const circ_params_request_t *inp)
{
return inp->version;
}
int
circ_params_request_set_version(circ_params_request_t *inp, uint8_t val)
{
if (! ((val == 0))) {
TRUNNEL_SET_ERROR_CODE(inp);
return -1;
}
inp->version = val;
return 0;
}
uint8_t
circ_params_request_get_cc_supported(const circ_params_request_t *inp)
{
return inp->cc_supported;
}
int
circ_params_request_set_cc_supported(circ_params_request_t *inp, uint8_t val)
{
if (! ((val == 0 || val == 1))) {
TRUNNEL_SET_ERROR_CODE(inp);
return -1;
}
inp->cc_supported = val;
return 0;
}
const char *
circ_params_request_check(const circ_params_request_t *obj)
{
if (obj == NULL)
return "Object was NULL";
if (obj->trunnel_error_code_)
return "A set function failed on this object";
if (! (obj->version == 0))
return "Integer out of bounds";
if (! (obj->cc_supported == 0 || obj->cc_supported == 1))
return "Integer out of bounds";
return NULL;
}
ssize_t
circ_params_request_encoded_len(const circ_params_request_t *obj)
{
ssize_t result = 0;
if (NULL != circ_params_request_check(obj))
return -1;
/* Length of u8 version IN [0] */
result += 1;
/* Length of u8 cc_supported IN [0, 1] */
result += 1;
return result;
}
int
circ_params_request_clear_errors(circ_params_request_t *obj)
{
int r = obj->trunnel_error_code_;
obj->trunnel_error_code_ = 0;
return r;
}
ssize_t
circ_params_request_encode(uint8_t *output, const size_t avail, const circ_params_request_t *obj)
{
ssize_t result = 0;
size_t written = 0;
uint8_t *ptr = output;
const char *msg;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
const ssize_t encoded_len = circ_params_request_encoded_len(obj);
#endif
if (NULL != (msg = circ_params_request_check(obj)))
goto check_failed;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
trunnel_assert(encoded_len >= 0);
#endif
/* Encode u8 version IN [0] */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->version));
written += 1; ptr += 1;
/* Encode u8 cc_supported IN [0, 1] */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->cc_supported));
written += 1; ptr += 1;
trunnel_assert(ptr == output + written);
#ifdef TRUNNEL_CHECK_ENCODED_LEN
{
trunnel_assert(encoded_len >= 0);
trunnel_assert((size_t)encoded_len == written);
}
#endif
return written;
truncated:
result = -2;
goto fail;
check_failed:
(void)msg;
result = -1;
goto fail;
fail:
trunnel_assert(result < 0);
return result;
}
/** As circ_params_request_parse(), but do not allocate the output
* object.
*/
static ssize_t
circ_params_request_parse_into(circ_params_request_t *obj, const uint8_t *input, const size_t len_in)
{
const uint8_t *ptr = input;
size_t remaining = len_in;
ssize_t result = 0;
(void)result;
/* Parse u8 version IN [0] */
CHECK_REMAINING(1, truncated);
obj->version = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
if (! (obj->version == 0))
goto fail;
/* Parse u8 cc_supported IN [0, 1] */
CHECK_REMAINING(1, truncated);
obj->cc_supported = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
if (! (obj->cc_supported == 0 || obj->cc_supported == 1))
goto fail;
trunnel_assert(ptr + remaining == input + len_in);
return len_in - remaining;
truncated:
return -2;
fail:
result = -1;
return result;
}
ssize_t
circ_params_request_parse(circ_params_request_t **output, const uint8_t *input, const size_t len_in)
{
ssize_t result;
*output = circ_params_request_new();
if (NULL == *output)
return -1;
result = circ_params_request_parse_into(*output, input, len_in);
if (result < 0) {
circ_params_request_free(*output);
*output = NULL;
}
return result;
}
circ_params_response_t *
circ_params_response_new(void)
{
circ_params_response_t *val = trunnel_calloc(1, sizeof(circ_params_response_t));
if (NULL == val)
return NULL;
return val;
}
/** Release all storage held inside 'obj', but do not free 'obj'.
*/
static void
circ_params_response_clear(circ_params_response_t *obj)
{
(void) obj;
}
void
circ_params_response_free(circ_params_response_t *obj)
{
if (obj == NULL)
return;
circ_params_response_clear(obj);
trunnel_memwipe(obj, sizeof(circ_params_response_t));
trunnel_free_(obj);
}
uint8_t
circ_params_response_get_version(const circ_params_response_t *inp)
{
return inp->version;
}
int
circ_params_response_set_version(circ_params_response_t *inp, uint8_t val)
{
if (! ((val == 0))) {
TRUNNEL_SET_ERROR_CODE(inp);
return -1;
}
inp->version = val;
return 0;
}
uint8_t
circ_params_response_get_cc_enabled(const circ_params_response_t *inp)
{
return inp->cc_enabled;
}
int
circ_params_response_set_cc_enabled(circ_params_response_t *inp, uint8_t val)
{
if (! ((val == 0 || val == 1))) {
TRUNNEL_SET_ERROR_CODE(inp);
return -1;
}
inp->cc_enabled = val;
return 0;
}
uint8_t
circ_params_response_get_sendme_inc_cells(const circ_params_response_t *inp)
{
return inp->sendme_inc_cells;
}
int
circ_params_response_set_sendme_inc_cells(circ_params_response_t *inp, uint8_t val)
{
inp->sendme_inc_cells = val;
return 0;
}
const char *
circ_params_response_check(const circ_params_response_t *obj)
{
if (obj == NULL)
return "Object was NULL";
if (obj->trunnel_error_code_)
return "A set function failed on this object";
if (! (obj->version == 0))
return "Integer out of bounds";
if (! (obj->cc_enabled == 0 || obj->cc_enabled == 1))
return "Integer out of bounds";
return NULL;
}
ssize_t
circ_params_response_encoded_len(const circ_params_response_t *obj)
{
ssize_t result = 0;
if (NULL != circ_params_response_check(obj))
return -1;
/* Length of u8 version IN [0] */
result += 1;
/* Length of u8 cc_enabled IN [0, 1] */
result += 1;
/* Length of u8 sendme_inc_cells */
result += 1;
return result;
}
int
circ_params_response_clear_errors(circ_params_response_t *obj)
{
int r = obj->trunnel_error_code_;
obj->trunnel_error_code_ = 0;
return r;
}
ssize_t
circ_params_response_encode(uint8_t *output, const size_t avail, const circ_params_response_t *obj)
{
ssize_t result = 0;
size_t written = 0;
uint8_t *ptr = output;
const char *msg;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
const ssize_t encoded_len = circ_params_response_encoded_len(obj);
#endif
if (NULL != (msg = circ_params_response_check(obj)))
goto check_failed;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
trunnel_assert(encoded_len >= 0);
#endif
/* Encode u8 version IN [0] */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->version));
written += 1; ptr += 1;
/* Encode u8 cc_enabled IN [0, 1] */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->cc_enabled));
written += 1; ptr += 1;
/* Encode u8 sendme_inc_cells */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->sendme_inc_cells));
written += 1; ptr += 1;
trunnel_assert(ptr == output + written);
#ifdef TRUNNEL_CHECK_ENCODED_LEN
{
trunnel_assert(encoded_len >= 0);
trunnel_assert((size_t)encoded_len == written);
}
#endif
return written;
truncated:
result = -2;
goto fail;
check_failed:
(void)msg;
result = -1;
goto fail;
fail:
trunnel_assert(result < 0);
return result;
}
/** As circ_params_response_parse(), but do not allocate the output
* object.
*/
static ssize_t
circ_params_response_parse_into(circ_params_response_t *obj, const uint8_t *input, const size_t len_in)
{
const uint8_t *ptr = input;
size_t remaining = len_in;
ssize_t result = 0;
(void)result;
/* Parse u8 version IN [0] */
CHECK_REMAINING(1, truncated);
obj->version = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
if (! (obj->version == 0))
goto fail;
/* Parse u8 cc_enabled IN [0, 1] */
CHECK_REMAINING(1, truncated);
obj->cc_enabled = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
if (! (obj->cc_enabled == 0 || obj->cc_enabled == 1))
goto fail;
/* Parse u8 sendme_inc_cells */
CHECK_REMAINING(1, truncated);
obj->sendme_inc_cells = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
trunnel_assert(ptr + remaining == input + len_in);
return len_in - remaining;
truncated:
return -2;
fail:
result = -1;
return result;
}
ssize_t
circ_params_response_parse(circ_params_response_t **output, const uint8_t *input, const size_t len_in)
{
ssize_t result;
*output = circ_params_response_new();
if (NULL == *output)
return -1;
result = circ_params_response_parse_into(*output, input, len_in);
if (result < 0) {
circ_params_response_free(*output);
*output = NULL;
}
return result;
}

147
src/trunnel/circ_params.h
View File

@ -1,147 +0,0 @@
/* circ_params.h -- generated by Trunnel v1.5.3.
* https://gitweb.torproject.org/trunnel.git
* You probably shouldn't edit this file.
*/
#ifndef TRUNNEL_CIRC_PARAMS_H
#define TRUNNEL_CIRC_PARAMS_H
#include <stdint.h>
#include "trunnel.h"
#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CIRC_PARAMS_REQUEST)
struct circ_params_request_st {
uint8_t version;
uint8_t cc_supported;
uint8_t trunnel_error_code_;
};
#endif
typedef struct circ_params_request_st circ_params_request_t;
#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CIRC_PARAMS_RESPONSE)
struct circ_params_response_st {
uint8_t version;
uint8_t cc_enabled;
uint8_t sendme_inc_cells;
uint8_t trunnel_error_code_;
};
#endif
typedef struct circ_params_response_st circ_params_response_t;
/** Return a newly allocated circ_params_request with all elements set
* to zero.
*/
circ_params_request_t *circ_params_request_new(void);
/** Release all storage held by the circ_params_request in 'victim'.
* (Do nothing if 'victim' is NULL.)
*/
void circ_params_request_free(circ_params_request_t *victim);
/** Try to parse a circ_params_request from the buffer in 'input',
* using up to 'len_in' bytes from the input buffer. On success,
* return the number of bytes consumed and set *output to the newly
* allocated circ_params_request_t. On failure, return -2 if the input
* appears truncated, and -1 if the input is otherwise invalid.
*/
ssize_t circ_params_request_parse(circ_params_request_t **output, const uint8_t *input, const size_t len_in);
/** Return the number of bytes we expect to need to encode the
* circ_params_request in 'obj'. On failure, return a negative value.
* Note that this value may be an overestimate, and can even be an
* underestimate for certain unencodeable objects.
*/
ssize_t circ_params_request_encoded_len(const circ_params_request_t *obj);
/** Try to encode the circ_params_request from 'input' into the buffer
* at 'output', using up to 'avail' bytes of the output buffer. On
* success, return the number of bytes used. On failure, return -2 if
* the buffer was not long enough, and -1 if the input was invalid.
*/
ssize_t circ_params_request_encode(uint8_t *output, size_t avail, const circ_params_request_t *input);
/** Check whether the internal state of the circ_params_request in
* 'obj' is consistent. Return NULL if it is, and a short message if
* it is not.
*/
const char *circ_params_request_check(const circ_params_request_t *obj);
/** Clear any errors that were set on the object 'obj' by its setter
* functions. Return true iff errors were cleared.
*/
int circ_params_request_clear_errors(circ_params_request_t *obj);
/** Return the value of the version field of the circ_params_request_t
* in 'inp'
*/
uint8_t circ_params_request_get_version(const circ_params_request_t *inp);
/** Set the value of the version field of the circ_params_request_t in
* 'inp' to 'val'. Return 0 on success; return -1 and set the error
* code on 'inp' on failure.
*/
int circ_params_request_set_version(circ_params_request_t *inp, uint8_t val);
/** Return the value of the cc_supported field of the
* circ_params_request_t in 'inp'
*/
uint8_t circ_params_request_get_cc_supported(const circ_params_request_t *inp);
/** Set the value of the cc_supported field of the
* circ_params_request_t in 'inp' to 'val'. Return 0 on success;
* return -1 and set the error code on 'inp' on failure.
*/
int circ_params_request_set_cc_supported(circ_params_request_t *inp, uint8_t val);
/** Return a newly allocated circ_params_response with all elements
* set to zero.
*/
circ_params_response_t *circ_params_response_new(void);
/** Release all storage held by the circ_params_response in 'victim'.
* (Do nothing if 'victim' is NULL.)
*/
void circ_params_response_free(circ_params_response_t *victim);
/** Try to parse a circ_params_response from the buffer in 'input',
* using up to 'len_in' bytes from the input buffer. On success,
* return the number of bytes consumed and set *output to the newly
* allocated circ_params_response_t. On failure, return -2 if the
* input appears truncated, and -1 if the input is otherwise invalid.
*/
ssize_t circ_params_response_parse(circ_params_response_t **output, const uint8_t *input, const size_t len_in);
/** Return the number of bytes we expect to need to encode the
* circ_params_response in 'obj'. On failure, return a negative value.
* Note that this value may be an overestimate, and can even be an
* underestimate for certain unencodeable objects.
*/
ssize_t circ_params_response_encoded_len(const circ_params_response_t *obj);
/** Try to encode the circ_params_response from 'input' into the
* buffer at 'output', using up to 'avail' bytes of the output buffer.
* On success, return the number of bytes used. On failure, return -2
* if the buffer was not long enough, and -1 if the input was invalid.
*/
ssize_t circ_params_response_encode(uint8_t *output, size_t avail, const circ_params_response_t *input);
/** Check whether the internal state of the circ_params_response in
* 'obj' is consistent. Return NULL if it is, and a short message if
* it is not.
*/
const char *circ_params_response_check(const circ_params_response_t *obj);
/** Clear any errors that were set on the object 'obj' by its setter
* functions. Return true iff errors were cleared.
*/
int circ_params_response_clear_errors(circ_params_response_t *obj);
/** Return the value of the version field of the
* circ_params_response_t in 'inp'
*/
uint8_t circ_params_response_get_version(const circ_params_response_t *inp);
/** Set the value of the version field of the circ_params_response_t
* in 'inp' to 'val'. Return 0 on success; return -1 and set the error
* code on 'inp' on failure.
*/
int circ_params_response_set_version(circ_params_response_t *inp, uint8_t val);
/** Return the value of the cc_enabled field of the
* circ_params_response_t in 'inp'
*/
uint8_t circ_params_response_get_cc_enabled(const circ_params_response_t *inp);
/** Set the value of the cc_enabled field of the
* circ_params_response_t in 'inp' to 'val'. Return 0 on success;
* return -1 and set the error code on 'inp' on failure.
*/
int circ_params_response_set_cc_enabled(circ_params_response_t *inp, uint8_t val);
/** Return the value of the sendme_inc_cells field of the
* circ_params_response_t in 'inp'
*/
uint8_t circ_params_response_get_sendme_inc_cells(const circ_params_response_t *inp);
/** Set the value of the sendme_inc_cells field of the
* circ_params_response_t in 'inp' to 'val'. Return 0 on success;
* return -1 and set the error code on 'inp' on failure.
*/
int circ_params_response_set_sendme_inc_cells(circ_params_response_t *inp, uint8_t val);
#endif

25
src/trunnel/circ_params.trunnel
View File

@ -1,25 +0,0 @@
/* This file contains the definition for the encrypted payload of
* a circuit parameter negotiation request/response portion of the
* ntorv3 onionskin handshake. Currently only supports congestion
* control params. */
/* Param definitions */
struct circ_params_request {
/* Version */
u8 version IN [0];
/* Is cc supported or not? */
u8 cc_supported IN [0, 1];
}
/* Param definitions */
struct circ_params_response {
/* Version */
u8 version IN [0];
/* Is cc supported or not? */
u8 cc_enabled IN [0, 1];
/* How many cells does a SENDME ack? */
u8 sendme_inc_cells;
}

183
src/trunnel/congestion_control.c Normal file
View File

@ -0,0 +1,183 @@
/* congestion_control.c -- generated by Trunnel v1.5.3.
* https://gitweb.torproject.org/trunnel.git
* You probably shouldn't edit this file.
*/
#include <stdlib.h>
#include "trunnel-impl.h"
#include "congestion_control.h"
#define TRUNNEL_SET_ERROR_CODE(obj) \
do { \
(obj)->trunnel_error_code_ = 1; \
} while (0)
#if defined(__COVERITY__) || defined(__clang_analyzer__)
/* If we're running a static analysis tool, we don't want it to complain
* that some of our remaining-bytes checks are dead-code. */
int congestioncontrol_deadcode_dummy__ = 0;
#define OR_DEADCODE_DUMMY || congestioncontrol_deadcode_dummy__
#else
#define OR_DEADCODE_DUMMY
#endif
#define CHECK_REMAINING(nbytes, label) \
do { \
if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \
goto label; \
} \
} while (0)
trn_extension_field_cc_t *
trn_extension_field_cc_new(void)
{
trn_extension_field_cc_t *val = trunnel_calloc(1, sizeof(trn_extension_field_cc_t));
if (NULL == val)
return NULL;
return val;
}
/** Release all storage held inside 'obj', but do not free 'obj'.
*/
static void
trn_extension_field_cc_clear(trn_extension_field_cc_t *obj)
{
(void) obj;
}
void
trn_extension_field_cc_free(trn_extension_field_cc_t *obj)
{
if (obj == NULL)
return;
trn_extension_field_cc_clear(obj);
trunnel_memwipe(obj, sizeof(trn_extension_field_cc_t));
trunnel_free_(obj);
}
uint8_t
trn_extension_field_cc_get_sendme_inc(const trn_extension_field_cc_t *inp)
{
return inp->sendme_inc;
}
int
trn_extension_field_cc_set_sendme_inc(trn_extension_field_cc_t *inp, uint8_t val)
{
inp->sendme_inc = val;
return 0;
}
const char *
trn_extension_field_cc_check(const trn_extension_field_cc_t *obj)
{
if (obj == NULL)
return "Object was NULL";
if (obj->trunnel_error_code_)
return "A set function failed on this object";
return NULL;
}
ssize_t
trn_extension_field_cc_encoded_len(const trn_extension_field_cc_t *obj)
{
ssize_t result = 0;
if (NULL != trn_extension_field_cc_check(obj))
return -1;
/* Length of u8 sendme_inc */
result += 1;
return result;
}
int
trn_extension_field_cc_clear_errors(trn_extension_field_cc_t *obj)
{
int r = obj->trunnel_error_code_;
obj->trunnel_error_code_ = 0;
return r;
}
ssize_t
trn_extension_field_cc_encode(uint8_t *output, const size_t avail, const trn_extension_field_cc_t *obj)
{
ssize_t result = 0;
size_t written = 0;
uint8_t *ptr = output;
const char *msg;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
const ssize_t encoded_len = trn_extension_field_cc_encoded_len(obj);
#endif
if (NULL != (msg = trn_extension_field_cc_check(obj)))
goto check_failed;
#ifdef TRUNNEL_CHECK_ENCODED_LEN
trunnel_assert(encoded_len >= 0);
#endif
/* Encode u8 sendme_inc */
trunnel_assert(written <= avail);
if (avail - written < 1)
goto truncated;
trunnel_set_uint8(ptr, (obj->sendme_inc));
written += 1; ptr += 1;
trunnel_assert(ptr == output + written);
#ifdef TRUNNEL_CHECK_ENCODED_LEN
{
trunnel_assert(encoded_len >= 0);
trunnel_assert((size_t)encoded_len == written);
}
#endif
return written;
truncated:
result = -2;
goto fail;
check_failed:
(void)msg;
result = -1;
goto fail;
fail:
trunnel_assert(result < 0);
return result;
}
/** As trn_extension_field_cc_parse(), but do not allocate the output
* object.
*/
static ssize_t
trn_extension_field_cc_parse_into(trn_extension_field_cc_t *obj, const uint8_t *input, const size_t len_in)
{
const uint8_t *ptr = input;
size_t remaining = len_in;
ssize_t result = 0;
(void)result;
/* Parse u8 sendme_inc */
CHECK_REMAINING(1, truncated);
obj->sendme_inc = (trunnel_get_uint8(ptr));
remaining -= 1; ptr += 1;
trunnel_assert(ptr + remaining == input + len_in);
return len_in - remaining;
truncated:
return -2;
}
ssize_t
trn_extension_field_cc_parse(trn_extension_field_cc_t **output, const uint8_t *input, const size_t len_in)
{
ssize_t result;
*output = trn_extension_field_cc_new();
if (NULL == *output)
return -1;
result = trn_extension_field_cc_parse_into(*output, input, len_in);
if (result < 0) {
trn_extension_field_cc_free(*output);
*output = NULL;
}
return result;
}

67
src/trunnel/congestion_control.h Normal file
View File

@ -0,0 +1,67 @@
/* congestion_control.h -- generated by Trunnel v1.5.3.
* https://gitweb.torproject.org/trunnel.git
* You probably shouldn't edit this file.
*/
#ifndef TRUNNEL_CONGESTION_CONTROL_H
#define TRUNNEL_CONGESTION_CONTROL_H
#include <stdint.h>
#include "trunnel.h"
#define TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST 1
#define TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE 2
#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_TRN_EXTENSION_FIELD_CC)
struct trn_extension_field_cc_st {
uint8_t sendme_inc;
uint8_t trunnel_error_code_;
};
#endif
typedef struct trn_extension_field_cc_st trn_extension_field_cc_t;
/** Return a newly allocated trn_extension_field_cc with all elements
* set to zero.
*/
trn_extension_field_cc_t *trn_extension_field_cc_new(void);
/** Release all storage held by the trn_extension_field_cc in
* 'victim'. (Do nothing if 'victim' is NULL.)
*/
void trn_extension_field_cc_free(trn_extension_field_cc_t *victim);
/** Try to parse a trn_extension_field_cc from the buffer in 'input',
* using up to 'len_in' bytes from the input buffer. On success,
* return the number of bytes consumed and set *output to the newly
* allocated trn_extension_field_cc_t. On failure, return -2 if the
* input appears truncated, and -1 if the input is otherwise invalid.
*/
ssize_t trn_extension_field_cc_parse(trn_extension_field_cc_t **output, const uint8_t *input, const size_t len_in);
/** Return the number of bytes we expect to need to encode the
* trn_extension_field_cc in 'obj'. On failure, return a negative
* value. Note that this value may be an overestimate, and can even be
* an underestimate for certain unencodeable objects.
*/
ssize_t trn_extension_field_cc_encoded_len(const trn_extension_field_cc_t *obj);
/** Try to encode the trn_extension_field_cc from 'input' into the
* buffer at 'output', using up to 'avail' bytes of the output buffer.
* On success, return the number of bytes used. On failure, return -2
* if the buffer was not long enough, and -1 if the input was invalid.
*/
ssize_t trn_extension_field_cc_encode(uint8_t *output, size_t avail, const trn_extension_field_cc_t *input);
/** Check whether the internal state of the trn_extension_field_cc in
* 'obj' is consistent. Return NULL if it is, and a short message if
* it is not.
*/
const char *trn_extension_field_cc_check(const trn_extension_field_cc_t *obj);
/** Clear any errors that were set on the object 'obj' by its setter
* functions. Return true iff errors were cleared.
*/
int trn_extension_field_cc_clear_errors(trn_extension_field_cc_t *obj);
/** Return the value of the sendme_inc field of the
* trn_extension_field_cc_t in 'inp'
*/
uint8_t trn_extension_field_cc_get_sendme_inc(const trn_extension_field_cc_t *inp);
/** Set the value of the sendme_inc field of the
* trn_extension_field_cc_t in 'inp' to 'val'. Return 0 on success;
* return -1 and set the error code on 'inp' on failure.
*/
int trn_extension_field_cc_set_sendme_inc(trn_extension_field_cc_t *inp, uint8_t val);
#endif

22
src/trunnel/congestion_control.trunnel Normal file
View File

@ -0,0 +1,22 @@
/* This file contains the definition for the encrypted payload of a circuit
* parameter negotiation request/response portion of the trn_ntorv3 onionskin
* handshake. Currently only supports congestion control params. */
/* The following is encoded in the extension format. */
/* Field types. */
const TRUNNEL_EXT_TYPE_CC_FIELD_REQUEST = 0x01;
const TRUNNEL_EXT_TYPE_CC_FIELD_RESPONSE = 0x02;
/*
* "Request" is an empty payload signalling that CC is enabled.
*/
/*
* "Response" consists of 1 single byte:
* SENDME_INC -- Min: 0, Max: 255
*/
struct trn_extension_field_cc {
u8 sendme_inc;
};

6
src/trunnel/include.am
View File

@ -14,7 +14,7 @@ TRUNNELINPUTS = \
src/trunnel/channelpadding_negotiation.trunnel \
src/trunnel/sendme_cell.trunnel \
src/trunnel/flow_control_cells.trunnel \
src/trunnel/circ_params.trunnel \
src/trunnel/congestion_control.trunnel \
src/trunnel/socks5.trunnel \
src/trunnel/circpad_negotiation.trunnel
@ -30,7 +30,7 @@ TRUNNELSOURCES = \
src/trunnel/channelpadding_negotiation.c \
src/trunnel/sendme_cell.c \
src/trunnel/flow_control_cells.c \
src/trunnel/circ_params.c \
src/trunnel/congestion_control.c \
src/trunnel/socks5.c \
src/trunnel/netinfo.c \
src/trunnel/circpad_negotiation.c
@ -49,7 +49,7 @@ TRUNNELHEADERS = \
src/trunnel/channelpadding_negotiation.h \
src/trunnel/sendme_cell.h \
src/trunnel/flow_control_cells.h \
src/trunnel/circ_params.h \
src/trunnel/congestion_control.h \
src/trunnel/socks5.h \
src/trunnel/netinfo.h \
src/trunnel/circpad_negotiation.h