nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 12:23:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Documentation: Document which descriptor elements are (im)mutable.

Browse Source
This commit is contained in:
George Kadianakis 2018-10-23 16:34:43 +03:00
parent 29c194e022
commit df78fb2451
1 changed files with 37 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
src/feature/hs/hs_service.h
View File

@ -99,48 +99,64 @@ typedef struct hs_service_intropoints_t {
digestmap_t *failed_id; digestmap_t *failed_id;
} hs_service_intropoints_t; } hs_service_intropoints_t;
/* Representation of a service descriptor. */ /* Representation of a service descriptor.
*
* Some elements of the descriptor are mutable whereas others are immutable:
* Immutable elements are initialized once when the descriptor is built (when
* service descriptors gets rotated). This means that these elements are
* initialized once and then they don't change for the lifetime of the
* descriptor. See build_service_descriptor().
*
* Mutable elements are initialized when we build the descriptor but they are
* also altered during the lifetime of the descriptor. They could be
* _refreshed_ everytime we upload the descriptor (which happens multiple times
* over the lifetime of the descriptor), or through periodic events. We do this
* for elements like the descriptor revision counter and various
* certificates. See refresh_service_descriptor() and
* update_service_descriptor_intro_points().
*/
typedef struct hs_service_descriptor_t { typedef struct hs_service_descriptor_t {
/* Decoded descriptor. This object is used for encoding when the service /* Mutable: Decoded descriptor. This object is used for encoding when the
* publishes the descriptor. */ * service publishes the descriptor. */
hs_descriptor_t *desc; hs_descriptor_t *desc;
/* Client authorization ephemeral keypair. */ /* Immutable: Client authorization ephemeral keypair. */
curve25519_keypair_t auth_ephemeral_kp; curve25519_keypair_t auth_ephemeral_kp;
/* Descriptor cookie used to encrypt the descriptor, when the client /* Immutable: Descriptor cookie used to encrypt the descriptor, when the
* authorization is enabled */ * client authorization is enabled */
uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN]; uint8_t descriptor_cookie[HS_DESC_DESCRIPTOR_COOKIE_LEN];
/* Descriptor signing keypair. */ /* Immutable: Descriptor signing keypair. */
ed25519_keypair_t signing_kp; ed25519_keypair_t signing_kp;
/* Blinded keypair derived from the master identity public key. */ /* Immutable: Blinded keypair derived from the master identity public key. */
ed25519_keypair_t blinded_kp; ed25519_keypair_t blinded_kp;
/* When is the next time when we should upload the descriptor. */ /* Mutable: When is the next time when we should upload the descriptor. */
time_t next_upload_time; time_t next_upload_time;
/* Introduction points assign to this descriptor which contains /* Mutable: Introduction points assign to this descriptor which contains
* hs_service_intropoints_t object indexed by authentication key (the RSA * hs_service_intropoints_t object indexed by authentication key (the RSA key
* key if the node is legacy). */ * if the node is legacy). */
hs_service_intropoints_t intro_points; hs_service_intropoints_t intro_points;
/* The time period number this descriptor has been created for. */ /* Immutable: The time period number this descriptor has been created for. */
uint64_t time_period_num; uint64_t time_period_num;
/* True iff we have missing intro points for this descriptor because we /* Mutable: True iff we have missing intro points for this descriptor because
* couldn't pick any nodes. */ * we couldn't pick any nodes. */
unsigned int missing_intro_points : 1; unsigned int missing_intro_points : 1;
/** List of the responsible HSDirs (their b64ed identity digest) last time we /** Mutable: List of the responsible HSDirs (their b64ed identity digest)
* uploaded this descriptor. If the set of responsible HSDirs is different * last time we uploaded this descriptor. If the set of responsible HSDirs
* from this list, this means we received new dirinfo and we need to * is different from this list, this means we received new dirinfo and we
* reupload our descriptor. */ * need to reupload our descriptor. */
smartlist_t *previous_hsdirs; smartlist_t *previous_hsdirs;
/** The OPE cipher for encrypting revision counters for this descriptor. /** Immutable: The OPE cipher for encrypting revision counters for this
* Tied to the descriptor blinded key. */ * descriptor. Tied to the descriptor blinded key. */
struct crypto_ope_t *ope_cipher; struct crypto_ope_t *ope_cipher;
} hs_service_descriptor_t; } hs_service_descriptor_t;