aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common/crypto.c2
-rw-r--r--src/common/crypto.h1
-rw-r--r--src/common/util.c11
-rw-r--r--src/common/util.h2
-rw-r--r--src/or/circuit.c2
-rw-r--r--src/or/command.c2
-rw-r--r--src/or/connection_edge.c1
-rw-r--r--src/or/or.h2
-rw-r--r--src/or/rendcommon.c4
-rw-r--r--src/or/rendmid.c21
-rw-r--r--src/or/rendservice.c1
11 files changed, 36 insertions, 13 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 04859ed4b..16f7c18b1 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1403,8 +1403,6 @@ base64_decode(char *dest, int destlen, const char *src, int srclen)
return ret;
}
-static const char BASE32_CHARS[] = "abcdefghijklmnopqrstuvwxyz012345";
-
int
base32_encode(char *dest, int destlen, const char *src, int srclen)
{
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 1ecd5a3de..970be675c 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -77,6 +77,7 @@ int crypto_pk_check_fingerprint_syntax(const char *s);
int base64_encode(char *dest, int destlen, const char *src, int srclen);
int base64_decode(char *dest, int destlen, const char *src, int srclen);
+#define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz012345"
int base32_encode(char *dest, int destlen, const char *src, int srclen);
/* Key negotiation */
diff --git a/src/common/util.c b/src/common/util.c
index 8dd6dce91..a54ebe559 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -109,6 +109,17 @@ void set_uint32(char *cp, uint32_t v)
}
#endif
+void hex_encode(const char *from, int fromlen, char *to)
+{
+ const unsigned char *fp = from;
+ static const char TABLE[] = "0123456789abcdef";
+ while (fromlen) {
+ *to++ = TABLE[*fp >> 4];
+ *to++ = TABLE[*fp & 7];
+ ++fp;
+ }
+ *to = '\0';
+}
/*
* A simple smartlist interface to make an unordered list of acceptable
diff --git a/src/common/util.h b/src/common/util.h
index f8918eead..e5fdb4fde 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -81,6 +81,8 @@ void set_uint32(char *cp, uint32_t v);
#endif
#endif
+void hex_encode(const char *from, int fromlen, char *to);
+
typedef struct smartlist_t {
void **list;
int num_used;
diff --git a/src/or/circuit.c b/src/or/circuit.c
index cecc63e03..f3f1c6f58 100644
--- a/src/or/circuit.c
+++ b/src/or/circuit.c
@@ -347,7 +347,7 @@ circuit_t *circuit_get_next_by_service_and_purpose(circuit_t *start,
continue;
if (circ->purpose != purpose)
continue;
- if (!memcmp(circ->rend_service, servid, REND_COOKIE_LEN))
+ if (!memcmp(circ->rend_service, servid, CRYPTO_SHA1_DIGEST_LEN))
return circ;
}
return NULL;
diff --git a/src/or/command.c b/src/or/command.c
index cf7dffc5e..b180c4750 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -103,7 +103,7 @@ static void command_process_create_cell(cell_t *cell, connection_t *conn) {
circ = circuit_new(cell->circ_id, conn);
circ->state = CIRCUIT_STATE_ONIONSKIN_PENDING;
- circ->purpose = CIRCUIT_PURPOSE_INTERMEDIATE;
+ circ->purpose = CIRCUIT_PURPOSE_OR;
memcpy(circ->onionskin, cell->payload, ONIONSKIN_CHALLENGE_LEN);
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index f8a319bea..89d7dabae 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -792,6 +792,7 @@ static int connection_ap_handshake_attach_circuit(connection_t *conn) {
desired_circuit_purpose = CIRCUIT_PURPOSE_C_INTRODUCING;
break;
default:
+ log_fn(LOG_ERR, "Got unexpected purpose: %d", conn->purpose);
assert(0); /* never reached */
}
diff --git a/src/or/or.h b/src/or/or.h
index bf23ac5e6..7f1015d87 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -201,7 +201,7 @@
#define _CIRCUIT_PURPOSE_MIN 1
/* these circuits were initiated elsewhere */
-#define CIRCUIT_PURPOSE_INTERMEDIATE 1 /* normal circuit, at OR. */
+#define CIRCUIT_PURPOSE_OR 1 /* normal circuit, at OR. */
#define CIRCUIT_PURPOSE_INTRO_POINT 2 /* At OR, from Bob, waiting for intro from Alices */
#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3 /* At OR, from Alice, waiting for Bob */
#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4 /* At OR, both circuits have this purpose */
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 3b1d8fc45..ece9c59f2 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -169,7 +169,9 @@ int rend_valid_service_id(char *query) {
if(strlen(query) != REND_SERVICE_ID_LEN)
return 0;
- /* XXXX also check for bad chars. */
+ if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN)
+ return 0;
+
return 1;
}
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index 7fe4d0d4a..ab2e07c70 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -16,9 +16,12 @@ rend_mid_establish_intro(circuit_t *circ, char *request, int request_len)
char pk_digest[20];
int asn1len;
circuit_t *c;
+ char hexid[9];
- if (circ->purpose != CIRCUIT_PURPOSE_INTERMEDIATE) {
- log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-intermediate circuit");
+ log_fn(LOG_INFO, "Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
+
+ if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
+ log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit");
goto err;
}
if (request_len < 22)
@@ -60,10 +63,13 @@ rend_mid_establish_intro(circuit_t *circ, char *request, int request_len)
goto err;
}
+ hex_encode(pk_digest, 4, hexid);
+
/* Close any other intro circuits with the same pk. */
c = NULL;
while ((c = circuit_get_next_by_service_and_purpose(
c,pk_digest,CIRCUIT_PURPOSE_INTRO_POINT))) {
+ log_fn(LOG_INFO, "Replacing old circuit %d for service %s", c->p_circ_id, hexid);
circuit_mark_for_close(c);
}
@@ -71,6 +77,9 @@ rend_mid_establish_intro(circuit_t *circ, char *request, int request_len)
circ->purpose = CIRCUIT_PURPOSE_INTRO_POINT;
memcpy(circ->rend_service, pk_digest, 20);
+ log_fn(LOG_INFO, "Established introduction point on circuit %d for service %s",
+ circ->p_circ_id, hexid);
+
return 0;
truncated:
log_fn(LOG_WARN, "Rejecting truncated ESTABLISH_INTRO cell");
@@ -123,8 +132,8 @@ rend_mid_introduce(circuit_t *circ, char *request, int request_len)
int
rend_mid_establish_rendezvous(circuit_t *circ, char *request, int request_len)
{
- if (circ->purpose != CIRCUIT_PURPOSE_INTERMEDIATE) {
- log_fn(LOG_WARN, "Tried to establish rendezvous on non-intermediate circuit");
+ if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
+ log_fn(LOG_WARN, "Tried to establish rendezvous on non-OR or non-edge circuit");
goto err;
}
@@ -155,8 +164,8 @@ rend_mid_rendezvous(circuit_t *circ, char *request, int request_len)
{
circuit_t *rend_circ;
- if (circ->purpose != CIRCUIT_PURPOSE_INTERMEDIATE) {
- log_fn(LOG_WARN, "Tried to complete rendezvous on non-intermediate circuit");
+ if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
+ log_fn(LOG_WARN, "Tried to complete rendezvous on non-OR or non-edge circuit");
goto err;
}
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index e6aa52151..b0b4feb83 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -166,7 +166,6 @@ static rend_service_port_config_t *parse_port_config(const char *string)
return result;
}
-
/* Set up rend_service_list, based on the values of HiddenServiceDir and
* HiddenServicePort in 'options'. Return 0 on success and -1 on
* failure.
generated by cgit v1.2.3 (git 2.45.0) at 2025-01-05 06:52:01 +0000