Add version 3 onion service support to HSFETCH

This commit is contained in:
Neel Chauhan 2019-01-14 14:09:53 -05:00
parent cef910642e
commit c985940de9
6 changed files with 64 additions and 6 deletions

4
changes/ticket25417 Normal file
View File

@ -0,0 +1,4 @@
o Minor features (controller):
- Add onion service version 3 support to HSFETCH. Previously, only
version 2 onion services were supported. Closes ticket 25417.
Patch by Neel Chauhan

View File

@ -4426,6 +4426,8 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
static const char *v2_str = "v2-"; static const char *v2_str = "v2-";
const size_t v2_str_len = strlen(v2_str); const size_t v2_str_len = strlen(v2_str);
rend_data_t *rend_query = NULL; rend_data_t *rend_query = NULL;
ed25519_public_key_t v3_pk;
uint32_t version;
/* Make sure we have at least one argument, the HSAddress. */ /* Make sure we have at least one argument, the HSAddress. */
args = getargs_helper(hsfetch_command, conn, body, 1, -1); args = getargs_helper(hsfetch_command, conn, body, 1, -1);
@ -4438,6 +4440,7 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
/* Test if it's an HS address without the .onion part. */ /* Test if it's an HS address without the .onion part. */
if (rend_valid_v2_service_id(arg1)) { if (rend_valid_v2_service_id(arg1)) {
hsaddress = arg1; hsaddress = arg1;
version = HS_VERSION_TWO;
} else if (strcmpstart(arg1, v2_str) == 0 && } else if (strcmpstart(arg1, v2_str) == 0 &&
rend_valid_descriptor_id(arg1 + v2_str_len) && rend_valid_descriptor_id(arg1 + v2_str_len) &&
base32_decode(digest, sizeof(digest), arg1 + v2_str_len, base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
@ -4445,6 +4448,11 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
/* We have a well formed version 2 descriptor ID. Keep the decoded value /* We have a well formed version 2 descriptor ID. Keep the decoded value
* of the id. */ * of the id. */
desc_id = digest; desc_id = digest;
version = HS_VERSION_TWO;
} else if (hs_address_is_valid(arg1)) {
hsaddress = arg1;
version = HS_VERSION_THREE;
hs_parse_address(hsaddress, &v3_pk, NULL, NULL);
} else { } else {
connection_printf_to_buf(conn, "513 Invalid argument \"%s\"\r\n", connection_printf_to_buf(conn, "513 Invalid argument \"%s\"\r\n",
arg1); arg1);
@ -4481,11 +4489,13 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
} }
} }
rend_query = rend_data_client_create(hsaddress, desc_id, NULL, if (version == HS_VERSION_TWO) {
REND_NO_AUTH); rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
if (rend_query == NULL) { REND_NO_AUTH);
connection_printf_to_buf(conn, "551 Error creating the HS query\r\n"); if (rend_query == NULL) {
goto done; connection_printf_to_buf(conn, "551 Error creating the HS query\r\n");
goto done;
}
} }
/* Using a descriptor ID, we force the user to provide at least one /* Using a descriptor ID, we force the user to provide at least one
@ -4504,7 +4514,11 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
/* Trigger the fetch using the built rend query and possibly a list of HS /* Trigger the fetch using the built rend query and possibly a list of HS
* directory to use. This function ignores the client cache thus this will * directory to use. This function ignores the client cache thus this will
* always send a fetch command. */ * always send a fetch command. */
rend_client_fetch_v2_desc(rend_query, hsdirs); if (version == HS_VERSION_TWO) {
rend_client_fetch_v2_desc(rend_query, hsdirs);
} else if (version == HS_VERSION_THREE) {
hs_control_hsfetch_command(&v3_pk, hsdirs);
}
done: done:
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp)); SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));

View File

@ -459,6 +459,24 @@ fetch_v3_desc, (const ed25519_public_key_t *onion_identity_pk))
return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs); return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs);
} }
/* With a given <b>onion_identity_pk</b>, fetch its descriptor. If
* <b>hsdirs</b> is specified, use the directory servers specified in the list.
* Else, use a random server. */
void
hs_client_launch_v3_desc_fetch(const ed25519_public_key_t *onion_identity_pk,
const smartlist_t *hsdirs)
{
tor_assert(onion_identity_pk);
if (hsdirs != NULL) {
SMARTLIST_FOREACH_BEGIN(hsdirs, const routerstatus_t *, hsdir) {
directory_launch_v3_desc_fetch(onion_identity_pk, hsdir);
} SMARTLIST_FOREACH_END(hsdir);
} else {
fetch_v3_desc(onion_identity_pk);
}
}
/* Make sure that the given v3 origin circuit circ is a valid correct /* Make sure that the given v3 origin circuit circ is a valid correct
* introduction circuit. This will BUG() on any problems and hard assert if * introduction circuit. This will BUG() on any problems and hard assert if
* the anonymity of the circuit is not ok. Return 0 on success else -1 where * the anonymity of the circuit is not ok. Return 0 on success else -1 where

View File

@ -44,6 +44,10 @@ typedef struct hs_client_service_authorization_t {
void hs_client_note_connection_attempt_succeeded( void hs_client_note_connection_attempt_succeeded(
const edge_connection_t *conn); const edge_connection_t *conn);
void hs_client_launch_v3_desc_fetch(
const ed25519_public_key_t *onion_identity_pk,
const smartlist_t *hsdirs);
int hs_client_decode_descriptor( int hs_client_decode_descriptor(
const char *desc_str, const char *desc_str,
const ed25519_public_key_t *service_identity_pk, const ed25519_public_key_t *service_identity_pk,

View File

@ -10,6 +10,7 @@
#include "feature/control/control.h" #include "feature/control/control.h"
#include "lib/crypt_ops/crypto_format.h" #include "lib/crypt_ops/crypto_format.h"
#include "lib/crypt_ops/crypto_util.h" #include "lib/crypt_ops/crypto_util.h"
#include "feature/hs/hs_client.h"
#include "feature/hs/hs_common.h" #include "feature/hs/hs_common.h"
#include "feature/hs/hs_control.h" #include "feature/hs/hs_control.h"
#include "feature/hs/hs_descriptor.h" #include "feature/hs/hs_descriptor.h"
@ -259,3 +260,16 @@ hs_control_hspost_command(const char *body, const char *onion_address,
smartlist_free(hsdirs); smartlist_free(hsdirs);
return ret; return ret;
} }
/* With a given <b>onion_identity_pk</b>, fetch its descriptor, optionally
* using the list of directory servers given in <b>hsdirs</b>, or a random
* server if it is NULL. This function calls hs_client_launch_v3_desc_fetch().
*/
void
hs_control_hsfetch_command(const ed25519_public_key_t *onion_identity_pk,
const smartlist_t *hsdirs)
{
tor_assert(onion_identity_pk);
hs_client_launch_v3_desc_fetch(onion_identity_pk, hsdirs);
}

View File

@ -48,5 +48,9 @@ void hs_control_desc_event_content(const hs_ident_dir_conn_t *ident,
int hs_control_hspost_command(const char *body, const char *onion_address, int hs_control_hspost_command(const char *body, const char *onion_address,
const smartlist_t *hsdirs_rs); const smartlist_t *hsdirs_rs);
/* Command "HSFETCH [...]" */
void hs_control_hsfetch_command(const ed25519_public_key_t *onion_identity_pk,
const smartlist_t *hsdirs);
#endif /* !defined(TOR_HS_CONTROL_H) */ #endif /* !defined(TOR_HS_CONTROL_H) */