37#define CHANNEL_OBJECT_PRIVATE
39#define CHANNELTLS_PRIVATE
47#include "core/or/dos.h"
55#include "trunnel/link_handshake.h"
65#include "trunnel/channelpadding_negotiation.h"
66#include "trunnel/netinfo.h"
67#include "core/or/channelpadding.h"
140 channel_tls_t *tlschan);
142 channel_tls_t *tlschan);
145 channel_tls_t *tlschan);
147 channel_tls_t *chan);
160 chan = &(tlschan->base_);
162 chan->
magic = TLS_CHAN_MAGIC;
195 const char *id_digest,
198 channel_tls_t *tlschan = tor_malloc_zero(
sizeof(*tlschan));
204 "In channel_tls_connect() for channel %p "
205 "(global id %"PRIu64
")",
211 "Marking new outgoing channel %"PRIu64
" at %p as local",
216 "Marking new outgoing channel %"PRIu64
" at %p as remote",
226 if (!(tlschan->conn)) {
233 "Got orconn %p for channel with global id %"PRIu64,
239 circuitmux_free(chan->
cmux);
274 listener = tor_malloc_zero(
sizeof(*listener));
284 "Starting TLS channel listener %p with global id %"PRIu64,
305 "Shutting down TLS channels...");
314 "Closing channel_tls_listener with ID %"PRIu64
320 channel_listener_free(old_listener);
325 "Done shutting down TLS channels");
334 channel_tls_t *tlschan = tor_malloc_zero(
sizeof(*tlschan));
343 tlschan->conn = orconn;
344 orconn->
chan = tlschan;
348 "Marking new incoming channel %"PRIu64
" at %p as local",
353 "Marking new incoming channel %"PRIu64
" at %p as remote",
363 char *transport_name = NULL;
365 &transport_name) < 0) {
366 transport_name = NULL;
372 &
TO_CONN(orconn)->addr, transport_name,
374 dos_new_client_conn(orconn, transport_name);
395 if (chan->
magic != TLS_CHAN_MAGIC)
402 tlschan->conn->potentially_used_for_bootstrapping = 1;
415 if (!tlschan)
return NULL;
417 return &(tlschan->base_);
427 if (!chan)
return NULL;
431 return (channel_tls_t *)(chan);
465 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
473 "Tried to close channel_tls_t %p with NULL conn",
488 static char *buf = NULL;
490 channel_tls_t *tlschan;
491 const char *rv = NULL;
495 tlschan = BASE_CHAN_TO_TLS(chan);
498 id =
TO_CONN(tlschan->conn)->global_identifier;
502 "TLS channel (connection %"PRIu64
")",
507 rv =
"TLS channel (no connection)";
526 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
531 tlschan->conn->chan = NULL;
532 tlschan->conn = NULL;
542 double overhead = 1.0;
543 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
549 if (tlschan->conn->bytes_xmitted > 0 &&
550 tlschan->conn->bytes_xmitted_by_tls >=
551 tlschan->conn->bytes_xmitted) {
552 overhead = ((double)(tlschan->conn->bytes_xmitted_by_tls)) /
553 ((
double)(tlschan->conn->bytes_xmitted));
564 "Estimated overhead ratio for TLS chan %"PRIu64
" is %f",
583 const channel_tls_t *tlschan = CONST_BASE_CHAN_TO_TLS(chan);
588 if (tlschan->conn == NULL) {
610 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
616 if (!tlschan->conn->ext_or_transport)
619 *transport_out = tor_strdup(tlschan->conn->ext_or_transport);
632 const channel_tls_t *tlschan = CONST_BASE_CHAN_TO_TLS(chan);
638 return "(No connection)";
652 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
655 if (!(tlschan->conn)) {
657 "something called has_queued_writes on a tlschan "
658 "(%p with ID %"PRIu64
" but no conn",
662 outbuf_len = (tlschan->conn != NULL) ?
663 connection_get_outbuf_len(
TO_CONN(tlschan->conn)) :
666 return (outbuf_len > 0);
679 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
689 answer = tlschan->conn->is_canonical;
708 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
714 if (!(tlschan->conn)) {
716 "something called matches_extend_info on a tlschan "
717 "(%p with ID %"PRIu64
" but no conn",
748 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
754 if (!(tlschan->conn)) {
756 "something called matches_target on a tlschan "
757 "(%p with ID %"PRIu64
" but no conn",
784 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
789 return connection_get_outbuf_len(
TO_CONN(tlschan->conn));
804 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
805 size_t cell_network_size;
810 cell_network_size = get_cell_network_size(tlschan->conn->wide_circ_ids);
811 outbuf_len = connection_get_outbuf_len(
TO_CONN(tlschan->conn));
815#if SIZEOF_SIZE_T > SIZEOF_INT
816 if (n > INT_MAX) n = INT_MAX;
831 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
842 "something called write_cell on a tlschan "
843 "(%p with ID %"PRIu64
" but no conn",
864 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
865 size_t cell_network_size = get_cell_network_size(chan->wide_circ_ids);
871 connection_buf_add(packed_cell->
body, cell_network_size,
875 "something called write_packed_cell on a tlschan "
876 "(%p with ID %"PRIu64
" but no conn",
893 channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
904 "something called write_var_cell on a tlschan "
905 "(%p with ID %"PRIu64
" but no conn",
943 } SMARTLIST_FOREACH_END(ichan);
966 return "TLS channel (listening)";
991 base_chan = TLS_CHAN_TO_BASE(chan);
997 CHANNEL_IS_OPEN(base_chan) ||
998 CHANNEL_IS_MAINT(base_chan) ||
999 CHANNEL_IS_CLOSING(base_chan));
1017 if (CHANNEL_IS_OPEN(base_chan)) {
1023#ifdef KEEP_TIMING_STATS
1033channel_tls_time_process_cell(
cell_t *cell, channel_tls_t *chan,
int *time,
1034 void (*func)(
cell_t *, channel_tls_t *))
1041 (*func)(cell, chan);
1044 time_passed =
tv_udiff(&start, &end) ;
1046 if (time_passed > 10000) {
1047 log_debug(
LD_OR,
"That call just took %ld ms.",time_passed/1000);
1050 if (time_passed < 0) {
1051 log_info(
LD_GENERAL,
"That call took us back in time!");
1055 *time += time_passed;
1059#ifdef KEEP_TIMING_STATS
1060#define PROCESS_CELL(tp, cl, cn) STMT_BEGIN { \
1062 channel_tls_time_process_cell(cl, cn, & tp ## time , \
1063 channel_tls_process_ ## tp ## _cell); \
1066#define PROCESS_CELL(tp, cl, cn) channel_tls_process_ ## tp ## _cell(cl, cn)
1085 channel_tls_t *chan;
1095 "Got a cell_t on an OR connection with no channel");
1107 if (handshaking && cell->
command != CELL_VERSIONS &&
1108 cell->
command != CELL_NETINFO) {
1110 "Received unexpected cell command %d in chan state %s / "
1111 "conn state %s; closing the connection.",
1127 if (TLS_CHAN_TO_BASE(chan)->padding_enabled)
1133 if (TLS_CHAN_TO_BASE(chan)->padding_enabled)
1146 "Received unexpected VERSIONS cell on a channel using link "
1151 PROCESS_CELL(netinfo, cell, chan);
1153 case CELL_PADDING_NEGOTIATE:
1155 PROCESS_CELL(padding_negotiate, cell, chan);
1158 case CELL_CREATE_FAST:
1160 case CELL_CREATED_FAST:
1162 case CELL_RELAY_EARLY:
1174 "Cell of unknown type (%d) received in channeltls.c. "
1201 channel_tls_t *chan;
1203#ifdef KEEP_TIMING_STATS
1206 static int num_versions = 0, num_certs = 0;
1208 time_t now = time(NULL);
1214 "At end of second: %d versions (%d ms), %d certs (%d ms)",
1218 num_versions = num_certs = 0;
1219 versions_time = certs_time = 0;
1233 "Got a var_cell_t on an OR connection with no channel");
1237 if (
TO_CONN(conn)->marked_for_close)
1240 switch (
TO_CONN(conn)->state) {
1247 tor_assert_nonfatal_unreached_once();
1252 "Received a cell with command %d in unexpected "
1253 "orconn state \"%s\" [%d], channel state \"%s\" [%d]; "
1254 "closing the connection.",
1259 (
int)(TLS_CHAN_TO_BASE(chan)->state));
1269 if (var_cell->
command != CELL_AUTHENTICATE)
1276 "Received a variable-length cell with command %d in orconn "
1277 "state %s [%d], channel state %s [%d] with link protocol %d; "
1283 (
int)(TLS_CHAN_TO_BASE(chan)->state),
1290 "Received var-length cell with command %d in unexpected "
1291 "orconn state \"%s\" [%d], channel state \"%s\" [%d]; "
1297 (
int)(TLS_CHAN_TO_BASE(chan)->state));
1310 PROCESS_CELL(versions, var_cell, chan);
1318 PROCESS_CELL(certs, var_cell, chan);
1320 case CELL_AUTH_CHALLENGE:
1322 PROCESS_CELL(auth_challenge, var_cell, chan);
1324 case CELL_AUTHENTICATE:
1326 PROCESS_CELL(authenticate, var_cell, chan);
1328 case CELL_AUTHORIZE:
1334 "Variable-length cell of unknown type (%d) received.",
1360 chan = TLS_CHAN_TO_BASE(conn->
chan);
1365 "Marking channel %"PRIu64
" at %p as local",
1372 "Marking channel %"PRIu64
" at %p as remote",
1391 case CELL_AUTHORIZE:
1409 int started_here = 0;
1423 "Received a cell while TLS-handshaking, not in "
1424 "OR_HANDSHAKING_V3, on a connection we originated.");
1432 chan->conn->handshake_state, cell, 1);
1448 int highest_supported_version = 0;
1449 int started_here = 0;
1457 "Received a VERSION cell with odd payload length %d; "
1465 if (chan->conn->link_proto != 0 ||
1466 (chan->conn->handshake_state &&
1467 chan->conn->handshake_state->received_versions)) {
1469 "Received a VERSIONS cell on a connection with its version "
1470 "already set to %d; dropping",
1471 (
int)(chan->conn->link_proto));
1474 switch (chan->conn->base_.state)
1482 "VERSIONS cell while in unexpected state");
1490 const uint8_t *cp = cell->
payload;
1491 for (i = 0; i < cell->
payload_len / 2; ++i, cp += 2) {
1494 highest_supported_version = v;
1497 if (!highest_supported_version) {
1499 "Couldn't find a version in common between my version list and the "
1500 "list in the VERSIONS cell; closing connection.");
1503 }
else if (highest_supported_version == 1) {
1507 "Used version negotiation protocol to negotiate a v1 connection. "
1508 "That's crazily non-compliant. Closing connection.");
1511 }
else if (highest_supported_version < 3 &&
1514 "Negotiated link protocol 2 or lower after doing a v3 TLS "
1515 "handshake. Closing connection.");
1522 chan->conn->link_proto = highest_supported_version;
1523 chan->conn->handshake_state->received_versions = 1;
1525 if (chan->conn->link_proto == 2) {
1527 "Negotiated version %d on %s; sending NETINFO.",
1528 highest_supported_version,
1536 const int send_versions = !started_here;
1540 const int send_chall = !started_here;
1543 const int send_netinfo = !started_here;
1544 const int send_any =
1545 send_versions || send_certs || send_chall || send_netinfo;
1549 "Negotiated version %d with on %s; %s%s%s%s%s",
1550 highest_supported_version,
1552 send_any ?
"Sending cells:" :
"Waiting for CERTS cell",
1553 send_versions ?
" VERSIONS" :
"",
1554 send_certs ?
" CERTS" :
"",
1555 send_chall ?
" AUTH_CHALLENGE" :
"",
1556 send_netinfo ?
" NETINFO" :
"");
1558#ifdef DISABLE_V3_LINKPROTO_SERVERSIDE
1565 if (send_versions) {
1567 log_warn(
LD_OR,
"Couldn't send versions cell");
1575 TLS_CHAN_TO_BASE(chan)->wide_circ_ids =
1576 chan->conn->link_proto >= MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS;
1577 chan->conn->wide_circ_ids = TLS_CHAN_TO_BASE(chan)->wide_circ_ids;
1579 TLS_CHAN_TO_BASE(chan)->padding_enabled =
1580 chan->conn->link_proto >= MIN_LINK_PROTO_FOR_CHANNEL_PADDING;
1584 log_warn(
LD_OR,
"Couldn't send certs cell");
1591 log_warn(
LD_OR,
"Couldn't send auth_challenge cell");
1598 log_warn(
LD_OR,
"Couldn't send netinfo cell");
1616 channelpadding_negotiate_t *negotiation;
1621 if (chan->conn->link_proto < MIN_LINK_PROTO_FOR_CHANNEL_PADDING) {
1623 "Received a PADDING_NEGOTIATE cell on v%d connection; dropping.",
1624 chan->conn->link_proto);
1628 if (channelpadding_negotiate_parse(&negotiation, cell->
payload,
1631 "Received malformed PADDING_NEGOTIATE cell on v%d connection; "
1632 "dropping.", chan->conn->link_proto);
1640 channelpadding_negotiate_free(negotiation);
1649 const netinfo_addr_t *netinfo_addr) {
1653 uint8_t type = netinfo_addr_get_addr_type(netinfo_addr);
1654 uint8_t len = netinfo_addr_get_len(netinfo_addr);
1656 if (type == NETINFO_ADDR_TYPE_IPV4 && len == 4) {
1657 uint32_t ipv4 = netinfo_addr_get_addr_ipv4(netinfo_addr);
1659 }
else if (type == NETINFO_ADDR_TYPE_IPV6 && len == 16) {
1660 const uint8_t *ipv6_bytes = netinfo_addr_getconstarray_addr_ipv6(
1664 log_fn(LOG_PROTOCOL_WARN,
LD_OR,
"Cannot read address from NETINFO "
1665 "- wrong type/length.");
1681 return (val < 0) ? -val : val;
1697 if (chan->conn->link_proto < 2) {
1699 "Received a NETINFO cell on %s connection; dropping.",
1700 chan->conn->link_proto == 0 ?
"non-versioned" :
"a v1");
1707 "Received a NETINFO cell on non-handshaking connection; dropping.");
1713 tor_assert(chan->conn->handshake_state->received_versions);
1735 if (BUG(chan->conn->handshake_state->authenticated)) {
1740 (
const char*)(chan->conn->handshake_state->
1741 authenticated_rsa_peer_id)));
1743 (
const char*)(chan->conn->handshake_state->
1744 authenticated_ed25519_peer_id.pubkey), 32));
1750 chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
1753 &(chan->conn->base_.addr),
1754 chan->conn->base_.port,
1756 (
const char*)(chan->conn->handshake_state->
1757 authenticated_rsa_peer_id),
1772 uint8_t my_addr_type;
1773 uint8_t my_addr_len;
1774 uint8_t n_other_addrs;
1775 time_t now = time(NULL);
1778 time_t apparent_skew = 0;
1780 int started_here = 0;
1781 const char *identity_digest = NULL;
1794 identity_digest = chan->conn->identity_digest;
1799 if (!(chan->conn->handshake_state->authenticated)) {
1801 "Got a NETINFO cell from server, "
1802 "but no authentication. Closing the connection.");
1812 if (!(chan->conn->handshake_state->authenticated)) {
1819 netinfo_cell_t *netinfo_cell = NULL;
1821 ssize_t parsed = netinfo_cell_parse(&netinfo_cell, cell->
payload,
1826 "Failed to parse NETINFO cell - closing connection.");
1831 timestamp = netinfo_cell_get_timestamp(netinfo_cell);
1833 const netinfo_addr_t *my_addr =
1834 netinfo_cell_getconst_other_addr(netinfo_cell);
1836 my_addr_type = netinfo_addr_get_addr_type(my_addr);
1837 my_addr_len = netinfo_addr_get_len(my_addr);
1839 if ((now - chan->conn->handshake_state->sent_versions_at) < 180) {
1840 apparent_skew = now - timestamp;
1850 netinfo_cell_free(netinfo_cell);
1854 if (my_addr_type == NETINFO_ADDR_TYPE_IPV4 && my_addr_len == 4) {
1857 TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer = 1;
1859 }
else if (my_addr_type == NETINFO_ADDR_TYPE_IPV6 &&
1860 my_addr_len == 16) {
1864 TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer = 1;
1871 tor_addr_copy(&TLS_CHAN_TO_BASE(chan)->addr_according_to_peer,
1875 n_other_addrs = netinfo_cell_get_n_my_addrs(netinfo_cell);
1876 for (uint8_t i = 0; i < n_other_addrs; i++) {
1880 const netinfo_addr_t *netinfo_addr =
1881 netinfo_cell_getconst_my_addrs(netinfo_cell, i);
1887 "Bad address in netinfo cell; Skipping.");
1898 connection_or_set_canonical(chan->conn, 1);
1903 netinfo_cell_free(netinfo_cell);
1905 if (me && !TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer &&
1908 TLS_CHAN_TO_BASE(chan));
1910 "We made a connection to a relay at %s (fp=%s) but we think "
1911 "they will not consider this connection canonical. They "
1912 "think we are at %s, but we think its %s.",
1922#define NETINFO_NOTICE_SKEW 3600
1923 if (
time_abs(apparent_skew) > NETINFO_NOTICE_SKEW &&
1926 int trusted = router_digest_is_trusted_dir(chan->conn->identity_digest);
1928 "NETINFO cell",
"OR");
1938 if (! chan->conn->handshake_state->sent_netinfo) {
1950 "Got good NETINFO cell on %s; but "
1951 "was unable to make the OR connection become open.",
1956 "Got good NETINFO cell on %s; OR connection is now "
1957 "open, using protocol version %d. Its ID digest is %s. "
1958 "Our address is apparently %s.",
1960 (
int)(chan->conn->link_proto),
1989 case CERTTYPE_RSA1024_ID_LINK:
1990 case CERTTYPE_RSA1024_ID_ID:
1991 case CERTTYPE_RSA1024_ID_AUTH:
1993 case CERTTYPE_ED_ID_SIGN:
1994 case CERTTYPE_ED_SIGN_LINK:
1995 case CERTTYPE_ED_SIGN_AUTH:
1997 case CERTTYPE_RSA1024_ID_EDID:
2022#define MAX_CERT_TYPE_WANTED CERTTYPE_RSA1024_ID_EDID
2025 tor_x509_cert_t *x509_certs[MAX_CERT_TYPE_WANTED + 1];
2026 tor_cert_t *ed_certs[MAX_CERT_TYPE_WANTED + 1];
2027 uint8_t *rsa_ed_cc_cert = NULL;
2028 size_t rsa_ed_cc_cert_len = 0;
2031 certs_cell_t *cc = NULL;
2033 int send_netinfo = 0, started_here = 0;
2035 memset(x509_certs, 0,
sizeof(x509_certs));
2036 memset(ed_certs, 0,
sizeof(ed_certs));
2043 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, \
2044 "Received a bad CERTS cell on %s: %s", \
2045 connection_describe(TO_CONN(chan->conn)), \
2047 connection_or_close_for_error(chan->conn, 0); \
2054 started_here = chan->conn->handshake_state->started_here;
2057 ERR(
"We're not doing a v3 handshake!");
2058 if (chan->conn->link_proto < 3)
2059 ERR(
"We're not using link protocol >= 3");
2060 if (chan->conn->handshake_state->received_certs_cell)
2061 ERR(
"We already got one");
2062 if (chan->conn->handshake_state->authenticated) {
2064 ERR(
"We're already authenticated!");
2067 ERR(
"It had no body");
2069 ERR(
"It had a nonzero circuit ID");
2072 ERR(
"It couldn't be parsed.");
2074 n_certs = cc->n_certs;
2076 for (i = 0; i < n_certs; ++i) {
2077 certs_cell_cert_t *c = certs_cell_get_certs(cc, i);
2079 uint16_t cert_type = c->cert_type;
2080 uint16_t cert_len = c->cert_len;
2081 uint8_t *cert_body = certs_cell_cert_getarray_body(c);
2083 if (cert_type > MAX_CERT_TYPE_WANTED)
2094 "Received undecodable certificate in CERTS cell on %s",
2097 if (x509_certs[cert_type]) {
2098 tor_x509_cert_free(x509_cert);
2099 ERR(
"Duplicate x509 certificate");
2101 x509_certs[cert_type] = x509_cert;
2110 "Received undecodable Ed certificate "
2111 "in CERTS cell on %s",
2114 if (ed_certs[cert_type]) {
2115 tor_cert_free(ed_cert);
2116 ERR(
"Duplicate Ed25519 certificate");
2118 ed_certs[cert_type] = ed_cert;
2125 if (rsa_ed_cc_cert) {
2126 ERR(
"Duplicate RSA->Ed25519 crosscert");
2128 rsa_ed_cc_cert = tor_memdup(cert_body, cert_len);
2129 rsa_ed_cc_cert_len = cert_len;
2138 tor_x509_cert_t *id_cert = x509_certs[CERTTYPE_RSA1024_ID_ID];
2139 tor_x509_cert_t *auth_cert = x509_certs[CERTTYPE_RSA1024_ID_AUTH];
2140 tor_x509_cert_t *link_cert = x509_certs[CERTTYPE_RSA1024_ID_LINK];
2141 chan->conn->handshake_state->certs->auth_cert = auth_cert;
2142 chan->conn->handshake_state->certs->link_cert = link_cert;
2143 chan->conn->handshake_state->certs->id_cert = id_cert;
2144 x509_certs[CERTTYPE_RSA1024_ID_ID] =
2145 x509_certs[CERTTYPE_RSA1024_ID_AUTH] =
2146 x509_certs[CERTTYPE_RSA1024_ID_LINK] = NULL;
2148 tor_cert_t *ed_id_sign = ed_certs[CERTTYPE_ED_ID_SIGN];
2149 tor_cert_t *ed_sign_link = ed_certs[CERTTYPE_ED_SIGN_LINK];
2150 tor_cert_t *ed_sign_auth = ed_certs[CERTTYPE_ED_SIGN_AUTH];
2151 chan->conn->handshake_state->certs->ed_id_sign = ed_id_sign;
2152 chan->conn->handshake_state->certs->ed_sign_link = ed_sign_link;
2153 chan->conn->handshake_state->certs->ed_sign_auth = ed_sign_auth;
2154 ed_certs[CERTTYPE_ED_ID_SIGN] =
2155 ed_certs[CERTTYPE_ED_SIGN_LINK] =
2156 ed_certs[CERTTYPE_ED_SIGN_AUTH] = NULL;
2158 chan->conn->handshake_state->certs->ed_rsa_crosscert = rsa_ed_cc_cert;
2159 chan->conn->handshake_state->certs->ed_rsa_crosscert_len =
2161 rsa_ed_cc_cert = NULL;
2168 router_digest_is_trusted_dir(TLS_CHAN_TO_BASE(chan)->identity_digest))
2171 severity = LOG_PROTOCOL_WARN;
2176 chan->conn->handshake_state->certs,
2182 if (!checked_rsa_id)
2183 ERR(
"Invalid certificate chain!");
2188 chan->conn->handshake_state->authenticated = 1;
2189 chan->conn->handshake_state->authenticated_rsa = 1;
2194 ERR(
"Couldn't compute digests for key in ID cert");
2197 if (!identity_rcvd) {
2198 ERR(
"Couldn't get RSA key from ID cert.");
2200 memcpy(chan->conn->handshake_state->authenticated_rsa_peer_id,
2203 chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
2204 crypto_pk_free(identity_rcvd);
2207 if (checked_ed_id) {
2208 chan->conn->handshake_state->authenticated_ed25519 = 1;
2209 memcpy(&chan->conn->handshake_state->authenticated_ed25519_peer_id,
2213 log_debug(
LD_HANDSHAKE,
"calling client_learned_peer_id from "
2214 "process_certs_cell");
2217 chan->conn->handshake_state->authenticated_rsa_peer_id,
2219 ERR(
"Problem setting or checking peer id");
2222 "Got some good certificates on %s: Authenticated it with "
2225 checked_ed_id ?
" and Ed25519" :
"");
2236 "Got some good RSA%s certificates on %s. "
2237 "Waiting for AUTHENTICATE.",
2238 checked_ed_id ?
" and Ed25519" :
"",
2243 chan->conn->handshake_state->received_certs_cell = 1;
2247 log_warn(
LD_OR,
"Couldn't send netinfo cell");
2254 for (
unsigned u = 0; u <
ARRAY_LENGTH(x509_certs); ++u) {
2255 tor_x509_cert_free(x509_certs[u]);
2257 for (
unsigned u = 0; u <
ARRAY_LENGTH(ed_certs); ++u) {
2258 tor_cert_free(ed_certs[u]);
2261 certs_cell_free(cc);
2278 int n_types, i, use_type = -1;
2279 auth_challenge_cell_t *ac = NULL;
2287 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, \
2288 "Received a bad AUTH_CHALLENGE cell on %s: %s", \
2289 connection_describe(TO_CONN(chan->conn)), \
2291 connection_or_close_for_error(chan->conn, 0); \
2296 ERR(
"We're not currently doing a v3 handshake");
2297 if (chan->conn->link_proto < 3)
2298 ERR(
"We're not using link protocol >= 3");
2299 if (!(chan->conn->handshake_state->started_here))
2300 ERR(
"We didn't originate this connection");
2301 if (chan->conn->handshake_state->received_auth_challenge)
2302 ERR(
"We already received one");
2303 if (!(chan->conn->handshake_state->received_certs_cell))
2304 ERR(
"We haven't gotten a CERTS cell yet");
2306 ERR(
"It had a nonzero circuit ID");
2309 ERR(
"It was not well-formed.");
2311 n_types = ac->n_methods;
2314 for (i = 0; i < n_types; ++i) {
2315 uint16_t authtype = auth_challenge_cell_get_methods(ac, i);
2317 if (use_type == -1 ||
2319 use_type = authtype;
2324 chan->conn->handshake_state->received_auth_challenge = 1;
2333 if (use_type >= 0) {
2335 "Got an AUTH_CHALLENGE cell on %s: Sending "
2336 "authentication type %d",
2342 "Couldn't send authenticate cell");
2348 "Got an AUTH_CHALLENGE cell on %s, but we don't "
2349 "know any of its authentication types. Not authenticating.",
2354 log_warn(
LD_OR,
"Couldn't send netinfo cell");
2360 auth_challenge_cell_free(ac);
2378 const uint8_t *auth;
2389 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, \
2390 "Received a bad AUTHENTICATE cell on %s: %s", \
2391 connection_describe(TO_CONN(chan->conn)), \
2393 connection_or_close_for_error(chan->conn, 0); \
2394 var_cell_free(expected_cell); \
2399 ERR(
"We're not doing a v3 handshake");
2400 if (chan->conn->link_proto < 3)
2401 ERR(
"We're not using link protocol >= 3");
2402 if (chan->conn->handshake_state->started_here)
2403 ERR(
"We originated this connection");
2404 if (chan->conn->handshake_state->received_authenticate)
2405 ERR(
"We already got one!");
2406 if (chan->conn->handshake_state->authenticated) {
2408 ERR(
"The peer is already authenticated");
2410 if (!(chan->conn->handshake_state->received_certs_cell))
2411 ERR(
"We never got a certs cell");
2412 if (chan->conn->handshake_state->certs->id_cert == NULL)
2413 ERR(
"We never got an identity certificate");
2415 ERR(
"Cell was way too short");
2422 ERR(
"Authenticator was truncated");
2425 ERR(
"Authenticator type was not recognized");
2433 ERR(
"Authenticator was too short");
2436 chan->conn, authtype, NULL, 1);
2437 if (! expected_cell)
2438 ERR(
"Couldn't compute expected AUTHENTICATE cell body");
2444 ERR(
"Unsupported authentication type");
2452 ERR(
"Expected AUTHENTICATE cell body len not as expected.");
2456 if (BUG(bodylen < 24)) {
2458 ERR(
"Bodylen is somehow less than 24, which should really be impossible");
2463 ERR(
"Some field in the AUTHENTICATE cell body was not as expected");
2466 if (chan->conn->handshake_state->certs->ed_id_sign == NULL)
2467 ERR(
"We never got an Ed25519 identity certificate.");
2468 if (chan->conn->handshake_state->certs->ed_sign_auth == NULL)
2469 ERR(
"We never got an Ed25519 authentication certificate.");
2472 &chan->conn->handshake_state->certs->ed_sign_auth->signed_key;
2477 ERR(
"Ed25519 signature wasn't valid.");
2482 chan->conn->handshake_state->received_authenticate = 1;
2483 chan->conn->handshake_state->authenticated = 1;
2484 chan->conn->handshake_state->authenticated_rsa = 1;
2485 chan->conn->handshake_state->digest_received_data = 0;
2487 tor_x509_cert_t *id_cert = chan->conn->handshake_state->certs->id_cert;
2493 chan->conn->handshake_state->authenticated_ed25519 = 1;
2494 ed_identity_received =
2495 &chan->conn->handshake_state->certs->ed_id_sign->signing_key;
2496 memcpy(&chan->conn->handshake_state->authenticated_ed25519_peer_id,
2503 memcpy(chan->conn->handshake_state->authenticated_rsa_peer_id,
2507 chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
2508 crypto_pk_free(identity_rcvd);
2511 "Calling connection_or_init_conn_from_address on %s "
2512 " from %s, with%s ed25519 id.",
2515 ed_identity_received ?
"" :
"out");
2518 &(chan->conn->base_.addr),
2519 chan->conn->base_.port,
2520 (
const char*)(chan->conn->handshake_state->
2521 authenticated_rsa_peer_id),
2522 ed_identity_received,
2526 "Got an AUTHENTICATE cell on %s, type %d: Looks good.",
2531 var_cell_free(expected_cell);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_make_unspec(tor_addr_t *a)
int tor_addr_is_null(const tor_addr_t *addr)
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const uint8_t *ipv6_bytes)
#define fmt_and_decorate_addr(a)
#define tor_addr_from_ipv4h(dest, v4addr)
#define tor_addr_eq(a, b)
static bool tor_addr_is_unspec(const tor_addr_t *a)
const char * hex_str(const char *from, size_t fromlen)
static uint16_t get_uint16(const void *cp)
Fixed-size cell structure.
void channel_set_circid_type(channel_t *chan, crypto_pk_t *identity_rcvd, int consider_identity)
void channel_listener_unregister(channel_listener_t *chan_l)
void channel_mark_local(channel_t *chan)
void channel_mark_client(channel_t *chan)
void channel_mark_incoming(channel_t *chan)
void channel_init_listener(channel_listener_t *chan_l)
void channel_listener_mark_for_close(channel_listener_t *chan_l)
void channel_process_cell(channel_t *chan, cell_t *cell)
void channel_change_state_open(channel_t *chan)
int channel_is_canonical(channel_t *chan)
const char * channel_state_to_string(channel_state_t state)
void channel_register(channel_t *chan)
void channel_listener_register(channel_listener_t *chan_l)
void channel_mark_remote(channel_t *chan)
int channel_is_local(channel_t *chan)
const char * channel_describe_peer(channel_t *chan)
void channel_mark_for_close(channel_t *chan)
void channel_listener_change_state(channel_listener_t *chan_l, channel_listener_state_t to_state)
void channel_mark_outgoing(channel_t *chan)
void channel_init(channel_t *chan)
void channel_change_state(channel_t *chan, channel_state_t to_state)
Header file for channel.c.
@ CHANNEL_LISTENER_STATE_ERROR
@ CHANNEL_LISTENER_STATE_LISTENING
@ CHANNEL_LISTENER_STATE_CLOSING
@ CHANNEL_LISTENER_STATE_CLOSED
int channelpadding_update_padding_for_channel(channel_t *chan, const channelpadding_negotiate_t *pad_vars)
static int channel_tls_get_remote_addr_method(const channel_t *chan, tor_addr_t *addr_out)
void channel_tls_free_all(void)
void channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
static channel_listener_t * channel_tls_listener
STATIC void channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
static void channel_tls_listener_close_method(channel_listener_t *chan_l)
void channel_mark_as_used_for_origin_circuit(channel_t *chan)
static int tor_addr_from_netinfo_addr(tor_addr_t *tor_addr, const netinfo_addr_t *netinfo_addr)
static const char * channel_tls_describe_transport_method(channel_t *chan)
channel_listener_t * channel_tls_start_listener(void)
static int channel_tls_write_var_cell_method(channel_t *chan, var_cell_t *var_cell)
static int channel_tls_has_queued_writes_method(channel_t *chan)
static void mark_channel_tls_endpoint_as_client(channel_tls_t *chan)
static double channel_tls_get_overhead_estimate_method(channel_t *chan)
void channel_tls_handle_state_change_on_orconn(channel_tls_t *chan, or_connection_t *conn, uint8_t state)
void channel_tls_handle_cell(cell_t *cell, or_connection_t *conn)
static int command_allowed_before_handshake(uint8_t command)
static bool can_process_netinfo_cell(const channel_tls_t *chan)
uint64_t stats_n_padding_cells_processed
channel_listener_t * channel_tls_get_listener(void)
@ CERT_ENCODING_RSA_CROSSCERT
const channel_tls_t * channel_tls_from_base_const(const channel_t *chan)
channel_tls_t * channel_tls_from_base(channel_t *chan)
uint64_t stats_n_certs_cells_processed
static int channel_tls_write_cell_method(channel_t *chan, cell_t *cell)
STATIC void channel_tls_process_auth_challenge_cell(var_cell_t *cell, channel_tls_t *chan)
static void channel_tls_close_method(channel_t *chan)
static int channel_tls_num_cells_writeable_method(channel_t *chan)
static void channel_tls_process_padding_negotiate_cell(cell_t *cell, channel_tls_t *chan)
STATIC void channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
uint64_t stats_n_auth_challenge_cells_processed
void channel_tls_update_marks(or_connection_t *conn)
uint64_t stats_n_authorize_cells_processed
uint64_t stats_n_versions_cells_processed
static int enter_v3_handshake_with_cell(var_cell_t *cell, channel_tls_t *tlschan)
const channel_t * channel_tls_to_base_const(const channel_tls_t *tlschan)
uint64_t stats_n_authenticate_cells_processed
static size_t channel_tls_num_bytes_queued_method(channel_t *chan)
static const char * channel_tls_describe_peer_method(const channel_t *chan)
channel_t * channel_tls_handle_incoming(or_connection_t *orconn)
static void channel_tls_free_method(channel_t *chan)
static cert_encoding_t certs_cell_typenum_to_cert_type(int typenum)
uint64_t stats_n_vpadding_cells_processed
static int channel_tls_is_canonical_method(channel_t *chan)
static int channel_tls_matches_extend_info_method(channel_t *chan, extend_info_t *extend_info)
static void channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *tlschan)
channel_t * channel_tls_to_base(channel_tls_t *tlschan)
channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id)
static int channel_tls_write_packed_cell_method(channel_t *chan, packed_cell_t *packed_cell)
static int channel_tls_get_transport_name_method(channel_t *chan, char **transport_out)
static const char * channel_tls_listener_describe_transport_method(channel_listener_t *chan_l)
static time_t time_abs(time_t val)
static void channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *tlschan)
STATIC void channel_tls_common_init(channel_tls_t *tlschan)
static int channel_tls_matches_target_method(channel_t *chan, const tor_addr_t *target)
uint64_t stats_n_netinfo_cells_processed
Header file for channeltls.c.
void circuitmux_set_policy(circuitmux_t *cmux, const circuitmux_policy_t *pol)
circuitmux_t * circuitmux_alloc(void)
Header file for circuitmux.c.
Header file for circuitmux_ewma.c.
Header file for command.c.
const or_options_t * get_options(void)
tor_cmdline_mode_t command
Header file for config.c.
Public APIs for congestion control.
static uint32_t or_conn_highwatermark(void)
void clock_skew_warning(const connection_t *conn, long apparent_skew, int trusted, log_domain_mask_t domain, const char *received, const char *source)
void assert_connection_ok(connection_t *conn, time_t now)
const char * connection_describe_peer(const connection_t *conn)
const char * connection_describe(const connection_t *conn)
const char * conn_state_to_string(int type, int state)
Header file for connection.c.
int connection_or_nonopen_was_started_here(struct or_connection_t *conn)
int is_or_protocol_version_known(uint16_t v)
int connection_or_set_state_open(or_connection_t *conn)
void connection_or_write_cell_to_buf(const cell_t *cell, or_connection_t *conn)
int connection_or_send_versions(or_connection_t *conn, int v3_plus)
int connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id, const ed25519_public_key_t *ed_peer_id)
void or_handshake_state_record_var_cell(or_connection_t *conn, or_handshake_state_t *state, const var_cell_t *cell, int incoming)
int connection_or_send_netinfo(or_connection_t *conn)
void connection_or_change_state(or_connection_t *conn, uint8_t state)
void or_handshake_state_record_cell(or_connection_t *conn, or_handshake_state_t *state, const cell_t *cell, int incoming)
int connection_or_digest_is_known_relay(const char *id_digest)
void connection_or_init_conn_from_address(or_connection_t *conn, const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, int started_here)
or_connection_t * connection_or_connect(const tor_addr_t *_addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, channel_tls_t *chan)
void connection_or_close_for_error(or_connection_t *orconn, int flush)
ssize_t connection_or_num_cells_writeable(or_connection_t *conn)
int connection_init_or_handshake_state(or_connection_t *conn, int started_here)
void connection_or_close_normally(or_connection_t *orconn, int flush)
void connection_or_write_var_cell_to_buf(const var_cell_t *cell, or_connection_t *conn)
Header file for connection_or.c.
Header file for control.c.
int ed25519_checksig(const ed25519_signature_t *signature, const uint8_t *msg, size_t len, const ed25519_public_key_t *pubkey)
#define tor_memneq(a, b, sz)
Header file for dirlist.c.
void entry_guards_note_internet_connectivity(guard_selection_t *gs)
guard_selection_t * get_guard_selection_info(void)
Header file for circuitbuild.c.
bool extend_info_has_orport(const extend_info_t *ei, const tor_addr_t *addr, uint16_t port)
Header for core/or/extendinfo.c.
Header file for geoip_stats.c.
void geoip_note_client_seen(geoip_client_action_t action, const tor_addr_t *addr, const char *transport_name, time_t now)
#define log_fn(severity, domain, args,...)
static time_t current_second
Header file for networkstatus.c.
Master header file for Tor-specific functionality.
#define CELL_PAYLOAD_SIZE
#define AUTHTYPE_ED25519_SHA256_RFC5705
OR handshake certs structure.
OR handshake state structure.
#define OR_CONN_STATE_SERVER_VERSIONS_WAIT
#define OR_CONN_STATE_TLS_HANDSHAKING
#define OR_CONN_STATE_OR_HANDSHAKING_V3
#define OR_CONN_STATE_OPEN
int tor_asprintf(char **strp, const char *fmt,...)
void relay_address_new_suggestion(const tor_addr_t *suggested_addr, const tor_addr_t *peer_addr, const char *identity_digest)
Header file for relay_find_addr.c.
int authchallenge_type_is_better(uint16_t challenge_type_a, uint16_t challenge_type_b)
int connection_or_send_certs_cell(or_connection_t *conn)
var_cell_t * connection_or_compute_authenticate_cell_body(or_connection_t *conn, const int authtype, const ed25519_keypair_t *ed_signing_key, int server)
int authchallenge_type_is_supported(uint16_t challenge_type)
int connection_or_send_authenticate_cell(or_connection_t *conn, int authtype)
int connection_or_send_auth_challenge_cell(or_connection_t *conn)
Header for feature/relay/relay_handshake.c.
void rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here)
void rep_hist_padding_count_read(padding_type_t type)
Header file for rephist.c.
@ PADDING_TYPE_ENABLED_CELL
@ PADDING_TYPE_ENABLED_TOTAL
bool is_local_to_resolve_addr(const tor_addr_t *addr)
: Return true iff the given addr is judged to be local to our resolved address.
Header file for resolve_addr.c.
const routerinfo_t * router_get_my_routerinfo(void)
Header file for router.c.
Router descriptor structure.
int public_server_mode(const or_options_t *options)
Header file for routermode.c.
void scheduler_channel_wants_writes(channel_t *chan)
Header file for scheduler*.c.
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint8_t payload[CELL_PAYLOAD_SIZE]
channel_listener_state_t state
const char *(* describe_transport)(channel_listener_t *)
uint64_t global_identifier
smartlist_t * incoming_list
void(* close)(channel_listener_t *)
void(* free_fn)(channel_t *)
int(* is_canonical)(channel_t *)
void(* close)(channel_t *)
int(* matches_extend_info)(channel_t *, extend_info_t *)
uint64_t global_identifier
int(* write_packed_cell)(channel_t *, packed_cell_t *)
const char *(* describe_transport)(channel_t *)
double(* get_overhead_estimate)(channel_t *)
int(* matches_target)(channel_t *, const tor_addr_t *)
const char *(* describe_peer)(const channel_t *)
int(* write_var_cell)(channel_t *, var_cell_t *)
int(* has_queued_writes)(channel_t *)
enum channel_t::@8 reason_for_closing
char d[N_COMMON_DIGEST_ALGORITHMS][DIGEST256_LEN]
uint16_t marked_for_close
or_handshake_state_t * handshake_state
char body[CELL_MAX_NETWORK_SIZE]
uint8_t payload[FLEXIBLE_ARRAY_MEMBER]
void tor_gettimeofday(struct timeval *timeval)
void or_handshake_certs_check_both(int severity, or_handshake_certs_t *certs, tor_tls_t *tls, time_t now, const ed25519_public_key_t **ed_id_out, const common_digests_t **rsa_id_out)
tor_cert_t * tor_cert_parse(const uint8_t *encoded, const size_t len)
long tv_udiff(const struct timeval *start, const struct timeval *end)
#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL
int fast_mem_is_zero(const char *mem, size_t len)
int tor_digest_is_zero(const char *digest)
Variable-length cell structure.
crypto_pk_t * tor_tls_cert_get_key(tor_x509_cert_t *cert)
tor_x509_cert_t * tor_x509_cert_decode(const uint8_t *certificate, size_t certificate_len)
const common_digests_t * tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert)