mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Add a bunch of work-in-progress comments for 15056 planning
This commit is contained in:
Nick Mathewson
parent
ef5158b2d2
commit
bfff729728
@ -153,13 +153,23 @@ struct channel_s {
|
|||||||
int (*write_var_cell)(channel_t *, var_cell_t *);
|
int (*write_var_cell)(channel_t *, var_cell_t *);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Hash of the public RSA key for the other side's RSA identity key, or
|
* Hash of the public RSA key for the other side's RSA identity key -- or
|
||||||
* zeroes if the other side hasn't shown us a valid RSA identity key.
|
* zeroes if we don't have an RSA identity in mind for the other side, and
|
||||||
|
* it hasn't shown us one.
|
||||||
|
*
|
||||||
|
* Note that this is the RSA identity that we hope the other side has -- not
|
||||||
|
* necessarily its true identity. Don't believe this identity unless
|
||||||
|
* authentication has happened.
|
||||||
*/
|
*/
|
||||||
char identity_digest[DIGEST_LEN];
|
char identity_digest[DIGEST_LEN];
|
||||||
/**
|
/**
|
||||||
* The Ed25519 public identity key for the other side, or zeros if the other
|
* Ed25519 key for the other side of this channel -- or zeroes if we don't
|
||||||
* size hasn't shown us a valid Ed25519 identity key
|
* have an Ed25519 identity in mind for the other side, and it hasn't shown
|
||||||
|
* us one.
|
||||||
|
*
|
||||||
|
* Note that this is the identity that we hope the other side has -- not
|
||||||
|
* necessarily its true identity. Don't believe this identity unless
|
||||||
|
* authentication has happened.
|
||||||
*/
|
*/
|
||||||
ed25519_public_key_t ed25519_identity;
|
ed25519_public_key_t ed25519_identity;
|
||||||
|
|
||||||
@ -167,8 +177,8 @@ struct channel_s {
|
|||||||
char *nickname;
|
char *nickname;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Linked list of channels with the same identity digest, for the
|
* Linked list of channels with the same RSA identity digest, for use with
|
||||||
* digest->channel map
|
* the digest->channel map
|
||||||
*/
|
*/
|
||||||
TOR_LIST_ENTRY(channel_s) next_with_same_id;
|
TOR_LIST_ENTRY(channel_s) next_with_same_id;
|
||||||
|
|
||||||
|
|||||||
@ -1651,9 +1651,10 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
|
|||||||
connection_or_init_conn_from_address(chan->conn,
|
connection_or_init_conn_from_address(chan->conn,
|
||||||
&(chan->conn->base_.addr),
|
&(chan->conn->base_.addr),
|
||||||
chan->conn->base_.port,
|
chan->conn->base_.port,
|
||||||
|
/* zero, checked above */
|
||||||
(const char*)(chan->conn->handshake_state->
|
(const char*)(chan->conn->handshake_state->
|
||||||
authenticated_rsa_peer_id),
|
authenticated_rsa_peer_id),
|
||||||
NULL, // XXXX Ed key
|
NULL, /* Ed25519 ID: Also checked as zero */
|
||||||
0);
|
0);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1185,6 +1185,10 @@ circuit_extend(cell_t *cell, circuit_t *circ)
|
|||||||
"Client asked me to extend back to the previous hop.");
|
"Client asked me to extend back to the previous hop.");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
// XXX 15056 check prev-hop Ed ID too
|
||||||
|
|
||||||
|
// XXX 15056 Fill in ed_pubkey if it was not provided and we can infer
|
||||||
|
// XXX 15056 it from the networkstatus.
|
||||||
|
|
||||||
n_chan = channel_get_for_extend((const char*)ec.node_id,
|
n_chan = channel_get_for_extend((const char*)ec.node_id,
|
||||||
&ec.ed_pubkey,
|
&ec.ed_pubkey,
|
||||||
|
|||||||
@ -80,7 +80,7 @@ static void connection_or_change_state(or_connection_t *conn, uint8_t state);
|
|||||||
/** Map from identity digest of connected OR or desired OR to a connection_t
|
/** Map from identity digest of connected OR or desired OR to a connection_t
|
||||||
* with that identity digest. If there is more than one such connection_t,
|
* with that identity digest. If there is more than one such connection_t,
|
||||||
* they form a linked list, with next_with_same_id as the next pointer. */
|
* they form a linked list, with next_with_same_id as the next pointer. */
|
||||||
static digestmap_t *orconn_identity_map = NULL;
|
static digestmap_t *orconn_identity_map = NULL; // XXXX 15056 disused.
|
||||||
|
|
||||||
/** Global map between Extended ORPort identifiers and OR
|
/** Global map between Extended ORPort identifiers and OR
|
||||||
* connections. */
|
* connections. */
|
||||||
@ -883,7 +883,7 @@ connection_or_init_conn_from_address(or_connection_t *conn,
|
|||||||
const ed25519_public_key_t *ed_id,
|
const ed25519_public_key_t *ed_id,
|
||||||
int started_here)
|
int started_here)
|
||||||
{
|
{
|
||||||
(void) ed_id; // not fully used yet.
|
(void) ed_id; // not fully used yet. 15056
|
||||||
const node_t *r = node_get_by_id(id_digest);
|
const node_t *r = node_get_by_id(id_digest);
|
||||||
connection_or_set_identity_digest(conn, id_digest, ed_id);
|
connection_or_set_identity_digest(conn, id_digest, ed_id);
|
||||||
connection_or_update_token_buckets_helper(conn, 1, get_options());
|
connection_or_update_token_buckets_helper(conn, 1, get_options());
|
||||||
@ -981,6 +981,9 @@ connection_or_mark_bad_for_new_circs(or_connection_t *or_conn)
|
|||||||
static void
|
static void
|
||||||
connection_or_group_set_badness(or_connection_t *head, int force)
|
connection_or_group_set_badness(or_connection_t *head, int force)
|
||||||
{
|
{
|
||||||
|
// XXXX 15056 we should make this about channels instead, so we
|
||||||
|
// can finally remove orconn_identity_map.
|
||||||
|
|
||||||
or_connection_t *or_conn = NULL, *best = NULL;
|
or_connection_t *or_conn = NULL, *best = NULL;
|
||||||
int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0;
|
int n_old = 0, n_inprogress = 0, n_canonical = 0, n_other = 0;
|
||||||
time_t now = time(NULL);
|
time_t now = time(NULL);
|
||||||
@ -1109,6 +1112,9 @@ connection_or_set_bad_connections(const char *digest, int force)
|
|||||||
if (!orconn_identity_map)
|
if (!orconn_identity_map)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
// XXXX This is just about the only remaining user of orconn_identity_map!
|
||||||
|
// XXXX If we kill it, we can yoink out the map. 15056.
|
||||||
|
|
||||||
DIGESTMAP_FOREACH(orconn_identity_map, identity, or_connection_t *, conn) {
|
DIGESTMAP_FOREACH(orconn_identity_map, identity, or_connection_t *, conn) {
|
||||||
if (!digest || tor_memeq(digest, conn->identity_digest, DIGEST_LEN))
|
if (!digest || tor_memeq(digest, conn->identity_digest, DIGEST_LEN))
|
||||||
connection_or_group_set_badness(conn, force);
|
connection_or_group_set_badness(conn, force);
|
||||||
@ -1573,7 +1579,7 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn,
|
|||||||
if (started_here)
|
if (started_here)
|
||||||
return connection_or_client_learned_peer_id(conn,
|
return connection_or_client_learned_peer_id(conn,
|
||||||
(const uint8_t*)digest_rcvd_out,
|
(const uint8_t*)digest_rcvd_out,
|
||||||
NULL // Ed25519 ID
|
NULL // Ed25519 ID 15056
|
||||||
);
|
);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
@ -1607,7 +1613,7 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
|
|||||||
const uint8_t *rsa_peer_id,
|
const uint8_t *rsa_peer_id,
|
||||||
const ed25519_public_key_t *ed_peer_id)
|
const ed25519_public_key_t *ed_peer_id)
|
||||||
{
|
{
|
||||||
(void) ed_peer_id; // not used yet.
|
(void) ed_peer_id; // not used yet. 15056
|
||||||
|
|
||||||
const or_options_t *options = get_options();
|
const or_options_t *options = get_options();
|
||||||
|
|
||||||
@ -1685,7 +1691,7 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
|
|||||||
}
|
}
|
||||||
if (authdir_mode_tests_reachability(options)) {
|
if (authdir_mode_tests_reachability(options)) {
|
||||||
dirserv_orconn_tls_done(&conn->base_.addr, conn->base_.port,
|
dirserv_orconn_tls_done(&conn->base_.addr, conn->base_.port,
|
||||||
(const char*)rsa_peer_id /*, ed_id XXXX */);
|
(const char*)rsa_peer_id /*, ed_id XXXX 15056 */);
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user