📄 rendservice.c
字号:
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2008, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rendservice_c_id[] =
"$Id$";
/**
* \file rendservice.c
* \brief The hidden-service side of rendezvous functionality.
**/
#include "or.h"
static origin_circuit_t *find_intro_circuit(rend_intro_point_t *intro,
const char *pk_digest,
int desc_version);
/** Represents the mapping from a virtual port of a rendezvous service to
* a real port on some IP.
*/
typedef struct rend_service_port_config_t {
uint16_t virtual_port;
uint16_t real_port;
uint32_t real_addr;
} rend_service_port_config_t;
/** Try to maintain this many intro points per service if possible. */
#define NUM_INTRO_POINTS 3
/** If we can't build our intro circuits, don't retry for this long. */
#define INTRO_CIRC_RETRY_PERIOD (60*5)
/** Don't try to build more than this many circuits before giving up
* for a while.*/
#define MAX_INTRO_CIRCS_PER_PERIOD 10
/** How many times will a hidden service operator attempt to connect to
* a requested rendezvous point before giving up? */
#define MAX_REND_FAILURES 30
/** How many seconds should we spend trying to connect to a requested
* rendezvous point before giving up? */
#define MAX_REND_TIMEOUT 30
/** Represents a single hidden service running at this OP. */
typedef struct rend_service_t {
/* Fields specified in config file */
char *directory; /**< where in the filesystem it stores it */
smartlist_t *ports; /**< List of rend_service_port_config_t */
char *intro_prefer_nodes; /**< comma-separated list of nicknames */
char *intro_exclude_nodes; /**< comma-separated list of nicknames */
int descriptor_version; /**< Rendezvous descriptor version that will be
* published. */
/* Other fields */
crypto_pk_env_t *private_key; /**< Permanent hidden-service key. */
char service_id[REND_SERVICE_ID_LEN_BASE32+1]; /**< Onion address without
* '.onion' */
char pk_digest[DIGEST_LEN]; /**< Hash of permanent hidden-service key. */
smartlist_t *intro_nodes; /**< List of rend_intro_point_t's we have,
* or are trying to establish. */
time_t intro_period_started; /**< Start of the current period to build
* introduction points. */
int n_intro_circuits_launched; /**< count of intro circuits we have
* established in this period. */
rend_service_descriptor_t *desc; /**< Current hidden service descriptor. */
time_t desc_is_dirty; /**< Time at which changes to the hidden service
* descriptor content occurred, or 0 if it's
* up-to-date. */
time_t next_upload_time; /**< Scheduled next hidden service descriptor
* upload time. */
} rend_service_t;
/** A list of rend_service_t's for services run on this OP.
*/
static smartlist_t *rend_service_list = NULL;
/** Return the number of rendezvous services we have configured. */
int
num_rend_services(void)
{
if (!rend_service_list)
return 0;
return smartlist_len(rend_service_list);
}
/** Release the storage held by <b>service</b>.
*/
static void
rend_service_free(rend_service_t *service)
{
if (!service) return;
tor_free(service->directory);
SMARTLIST_FOREACH(service->ports, void*, p, tor_free(p));
smartlist_free(service->ports);
if (service->private_key)
crypto_free_pk_env(service->private_key);
if (service->intro_nodes) {
SMARTLIST_FOREACH(service->intro_nodes, rend_intro_point_t *, intro,
rend_intro_point_free(intro););
smartlist_free(service->intro_nodes);
}
tor_free(service->intro_prefer_nodes);
tor_free(service->intro_exclude_nodes);
if (service->desc)
rend_service_descriptor_free(service->desc);
tor_free(service);
}
/** Release all the storage held in rend_service_list.
*/
void
rend_service_free_all(void)
{
if (!rend_service_list) {
return;
}
SMARTLIST_FOREACH(rend_service_list, rend_service_t*, ptr,
rend_service_free(ptr));
smartlist_free(rend_service_list);
rend_service_list = NULL;
}
/** Validate <b>service</b> and add it to rend_service_list if possible.
*/
static void
rend_add_service(rend_service_t *service)
{
int i;
rend_service_port_config_t *p;
struct in_addr addr;
if (!service->intro_prefer_nodes)
service->intro_prefer_nodes = tor_strdup("");
if (!service->intro_exclude_nodes)
service->intro_exclude_nodes = tor_strdup("");
service->intro_nodes = smartlist_create();
/* If the service is configured to publish unversioned (v0) and versioned
* descriptors (v2 or higher), split it up into two separate services. */
if (service->descriptor_version == -1) {
rend_service_t *v0_service = tor_malloc_zero(sizeof(rend_service_t));
v0_service->directory = tor_strdup(service->directory);
v0_service->ports = smartlist_create();
SMARTLIST_FOREACH(service->ports, rend_service_port_config_t *, p, {
rend_service_port_config_t *copy =
tor_malloc_zero(sizeof(rend_service_port_config_t));
memcpy(copy, p, sizeof(rend_service_port_config_t));
smartlist_add(v0_service->ports, copy);
});
v0_service->intro_prefer_nodes = tor_strdup(service->intro_prefer_nodes);
v0_service->intro_exclude_nodes = tor_strdup(service->intro_exclude_nodes);
v0_service->intro_period_started = service->intro_period_started;
v0_service->descriptor_version = 0; /* Unversioned descriptor. */
rend_add_service(v0_service);
service->descriptor_version = 2; /* Versioned descriptor. */
}
if (!smartlist_len(service->ports)) {
log_warn(LD_CONFIG, "Hidden service with no ports configured; ignoring.");
rend_service_free(service);
} else {
smartlist_add(rend_service_list, service);
log_debug(LD_REND,"Configuring service with directory \"%s\"",
service->directory);
for (i = 0; i < smartlist_len(service->ports); ++i) {
char addrbuf[INET_NTOA_BUF_LEN];
p = smartlist_get(service->ports, i);
addr.s_addr = htonl(p->real_addr);
tor_inet_ntoa(&addr, addrbuf, sizeof(addrbuf));
log_debug(LD_REND,"Service maps port %d to %s:%d",
p->virtual_port, addrbuf, p->real_port);
}
}
}
/** Parses a real-port to virtual-port mapping and returns a new
* rend_service_port_config_t.
*
* The format is: VirtualPort (IP|RealPort|IP:RealPort)?
*
* IP defaults to 127.0.0.1; RealPort defaults to VirtualPort.
*/
static rend_service_port_config_t *
parse_port_config(const char *string)
{
smartlist_t *sl;
int virtport;
int realport;
uint16_t p;
uint32_t addr;
const char *addrport;
rend_service_port_config_t *result = NULL;
sl = smartlist_create();
smartlist_split_string(sl, string, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(sl) < 1 || smartlist_len(sl) > 2) {
log_warn(LD_CONFIG, "Bad syntax in hidden service port configuration.");
goto err;
}
virtport = (int)tor_parse_long(smartlist_get(sl,0), 10, 1, 65535, NULL,NULL);
if (!virtport) {
log_warn(LD_CONFIG, "Missing or invalid port %s in hidden service port "
"configuration", escaped(smartlist_get(sl,0)));
goto err;
}
if (smartlist_len(sl) == 1) {
/* No addr:port part; use default. */
realport = virtport;
addr = 0x7F000001u; /* 127.0.0.1 */
} else {
addrport = smartlist_get(sl,1);
if (strchr(addrport, ':') || strchr(addrport, '.')) {
if (parse_addr_port(LOG_WARN, addrport, NULL, &addr, &p)<0) {
log_warn(LD_CONFIG,"Unparseable address in hidden service port "
"configuration.");
goto err;
}
realport = p?p:virtport;
} else {
/* No addr:port, no addr -- must be port. */
realport = (int)tor_parse_long(addrport, 10, 1, 65535, NULL, NULL);
if (!realport) {
log_warn(LD_CONFIG,"Unparseable or out-of-range port %s in hidden "
"service port configuration.", escaped(addrport));
goto err;
}
addr = 0x7F000001u; /* Default to 127.0.0.1 */
}
}
result = tor_malloc(sizeof(rend_service_port_config_t));
result->virtual_port = virtport;
result->real_port = realport;
result->real_addr = addr;
err:
SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
smartlist_free(sl);
return result;
}
/** Set up rend_service_list, based on the values of HiddenServiceDir and
* HiddenServicePort in <b>options</b>. Return 0 on success and -1 on
* failure. (If <b>validate_only</b> is set, parse, warn and return as
* normal, but don't actually change the configured services.)
*/
int
rend_config_services(or_options_t *options, int validate_only)
{
config_line_t *line;
rend_service_t *service = NULL;
rend_service_port_config_t *portcfg;
if (!validate_only) {
rend_service_free_all();
rend_service_list = smartlist_create();
}
for (line = options->RendConfigLines; line; line = line->next) {
if (!strcasecmp(line->key, "HiddenServiceDir")) {
if (service) {
if (validate_only)
rend_service_free(service);
else
rend_add_service(service);
}
service = tor_malloc_zero(sizeof(rend_service_t));
service->directory = tor_strdup(line->value);
service->ports = smartlist_create();
service->intro_period_started = time(NULL);
service->descriptor_version = -1; /**< All descriptor versions. */
continue;
}
if (!service) {
log_warn(LD_CONFIG, "%s with no preceding HiddenServiceDir directive",
line->key);
rend_service_free(service);
return -1;
}
if (!strcasecmp(line->key, "HiddenServicePort")) {
portcfg = parse_port_config(line->value);
if (!portcfg) {
rend_service_free(service);
return -1;
}
smartlist_add(service->ports, portcfg);
} else if (!strcasecmp(line->key, "HiddenServiceNodes")) {
if (service->intro_prefer_nodes) {
log_warn(LD_CONFIG,
"Got multiple HiddenServiceNodes lines for a single "
"service.");
rend_service_free(service);
return -1;
}
service->intro_prefer_nodes = tor_strdup(line->value);
} else if (!strcasecmp(line->key, "HiddenServiceExcludeNodes")) {
if (service->intro_exclude_nodes) {
log_warn(LD_CONFIG,
"Got multiple HiddenServiceExcludedNodes lines for "
"a single service.");
rend_service_free(service);
return -1;
}
service->intro_exclude_nodes = tor_strdup(line->value);
} else {
smartlist_t *versions;
char *version_str;
int i, version, ver_ok=1, versions_bitmask = 0;
tor_assert(!strcasecmp(line->key, "HiddenServiceVersion"));
versions = smartlist_create();
smartlist_split_string(versions, line->value, ",",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
for (i = 0; i < smartlist_len(versions); i++) {
version_str = smartlist_get(versions, i);
if (strlen(version_str) != 1 || strspn(version_str, "02") != 1) {
log_warn(LD_CONFIG,
"HiddenServiceVersion can only be 0 and/or 2.");
SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
smartlist_free(versions);
rend_service_free(service);
return -1;
}
version = (int)tor_parse_long(version_str, 10, 0, INT_MAX, &ver_ok,
NULL);
if (!ver_ok)
continue;
versions_bitmask |= 1 << version;
}
/* If exactly one version is set, change descriptor_version to that
* value; otherwise leave it at -1. */
if (versions_bitmask == 1 << 0) service->descriptor_version = 0;
if (versions_bitmask == 1 << 2) service->descriptor_version = 2;
SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp));
smartlist_free(versions);
}
}
if (service) {
if (validate_only)
rend_service_free(service);
else
rend_add_service(service);
}
return 0;
}
/** Replace the old value of <b>service</b>-\>desc with one that reflects
* the other fields in service.
*/
static void
rend_service_update_descriptor(rend_service_t *service)
{
rend_service_descriptor_t *d;
origin_circuit_t *circ;
int i;
if (service->desc) {
rend_service_descriptor_free(service->desc);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -