[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r11496: Drop support for v1 rendezvous descriptors, since we never u (in tor/trunk: . doc/spec src/or)
Author: arma
Date: 2007-09-18 17:17:45 -0400 (Tue, 18 Sep 2007)
New Revision: 11496
Modified:
tor/trunk/ChangeLog
tor/trunk/doc/spec/rend-spec.txt
tor/trunk/src/or/connection_edge.c
tor/trunk/src/or/directory.c
tor/trunk/src/or/or.h
tor/trunk/src/or/rendclient.c
tor/trunk/src/or/rendcommon.c
tor/trunk/src/or/rendservice.c
tor/trunk/src/or/test.c
Log:
Drop support for v1 rendezvous descriptors, since we never used
them anyway, and the code has probably rotted by now. Based on
patch from Karsten Loesing.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/ChangeLog 2007-09-18 21:17:45 UTC (rev 11496)
@@ -27,6 +27,9 @@
- Remove the contrib scripts ExerciseServer.py, PathDemo.py,
and TorControl.py, as they use the old v0 controller protocol,
and are obsoleted by TorFlow anyway.
+ - Drop support for v1 rendezvous descriptors, since we never used
+ them anyway, and the code has probably rotted by now. Based on
+ patch from Karsten Loesing.
o Major bugfixes:
- Fix possible segfaults in functions called from
Modified: tor/trunk/doc/spec/rend-spec.txt
===================================================================
--- tor/trunk/doc/spec/rend-spec.txt 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/doc/spec/rend-spec.txt 2007-09-18 21:17:45 UTC (rev 11496)
@@ -200,6 +200,7 @@
[Once Tor 0.1.0.x is obsolete, we can stop generating or using V0
descriptors. -NM]
+ [This should rather be retarded until V2 descriptors are stable. -KL]
1.3. Bob's OP establishes his introduction points.
@@ -282,14 +283,11 @@
1.6. Alice's OP retrieves a service descriptor.
Alice opens a stream to a directory server via Tor, and makes an HTTP GET
- request for the document '/tor/rendezvous/<z>' or '/tor/rendezvous1/<z>',
- where '<z>' is replaced with the encoding of Bob's public key as described
- above. (She may re-use old circuits for this.) The directory replies with
- a 404 HTTP response if it does not recognize <z>, and otherwise returns
- Bob's most recently uploaded service descriptor. (If Alice requests
- 'rendezvous1', the directory server provides a V1 descriptor or a V0
- descriptor if no V1 descriptor is available. If Alice requests
- 'rendezvous', the directory server returns a V0 descriptor.)
+ request for the document '/tor/rendezvous/<z>', where '<z>' is replaced
+ with the encoding of Bob's public key as described above. (She may re-use
+ old circuits for this.) The directory replies with a 404 HTTP response if
+ it does not recognize <z>, and otherwise returns Bob's most recently
+ uploaded service descriptor.
If Alice's OP receives a 404 response, it tries the other directory
servers, and only fails the lookup if none recognize the public key hash.
@@ -356,7 +354,7 @@
RC Rendezvous cookie [20 octets]
g^x Diffie-Hellman data, part 1 [128 octets]
OR
- VER Version byte: set to 3. [1 octet]
+ VER Version byte: set to 4. [1 octet]
ATYPE An address type (typically 4) [1 octet]
ADDR Rendezvous point's IP address [4 or 16 octets]
PORT Rendezvous point's OR port [2 octets]
@@ -373,11 +371,12 @@
and must contain EITHER a nickname, or an identity key digest, encoded in
hex, and prefixed with a '$'.
- Implementations SHOULD accept all variants, and list the variants they
- accept in their V1 descriptor. Implementations should only generate the
- variants listed in the service's V1 descriptor; if no V1 descriptor is
- available, only the first variant should be generated. No version should
- generate the second variant (version byte=1).
+ Implementations SHOULD accept all variants, although only the first,
+ unversioned variant SHOULD be generated. If V1 descriptors were used,
+ implementations SHOULD have listed the variants they accept in their V1
+ descriptor, and implementations SHOULD only have generated the variants
+ listed in the service's V1 descriptor. No version SHOULD generate the
+ second variant (version byte=1).
The hybrid encryption to Bob's PK works just like the hybrid
encryption in CREATE cells (see main spec). Thus the payload of the
Modified: tor/trunk/src/or/connection_edge.c
===================================================================
--- tor/trunk/src/or/connection_edge.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/connection_edge.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -1441,7 +1441,7 @@
log_info(LD_REND,"Got a hidden service request for ID '%s'",
safe_str(conn->rend_query));
/* see if we already have it cached */
- r = rend_cache_lookup_entry(conn->rend_query, -1, &entry);
+ r = rend_cache_lookup_entry(conn->rend_query, 0, &entry);
if (r<0) {
log_warn(LD_BUG,"Invalid service name '%s'",
safe_str(conn->rend_query));
Modified: tor/trunk/src/or/directory.c
===================================================================
--- tor/trunk/src/or/directory.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/directory.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -1515,7 +1515,7 @@
switch (status_code) {
case 200:
if (rend_cache_store(body, body_len, 0) < 0) {
- log_warn(LD_REND,"Failed to store rendezvous descriptor.");
+ log_warn(LD_REND,"Failed to fetch rendezvous descriptor.");
/* alice's ap_stream will notice when connection_mark_for_close
* cleans it up */
} else {
@@ -2209,17 +2209,14 @@
goto done;
}
- if (options->HSAuthoritativeDir &&
- (!strcmpstart(url,"/tor/rendezvous/") ||
- !strcmpstart(url,"/tor/rendezvous1/"))) {
+ if (options->HSAuthoritativeDir && !strcmpstart(url,"/tor/rendezvous/")) {
/* rendezvous descriptor fetch */
const char *descp;
size_t desc_len;
- int versioned = !strcmpstart(url,"/tor/rendezvous1/");
- const char *query = url+strlen("/tor/rendezvous/")+(versioned?1:0);
+ const char *query = url+strlen("/tor/rendezvous/");
log_info(LD_REND, "Handling rendezvous descriptor get");
- switch (rend_cache_lookup_desc(query, versioned?-1:0, &descp, &desc_len)) {
+ switch (rend_cache_lookup_desc(query, 0, &descp, &desc_len)) {
case 1: /* valid */
write_http_response_header_impl(conn, desc_len,
"application/octet-stream",
@@ -2376,7 +2373,6 @@
/* rendezvous descriptor post */
log_info(LD_REND, "Handling rendezvous descriptor post.");
if (rend_cache_store(body, body_len, 1) < 0) {
-// char tmp[1024*2+1];
log_fn(LOG_PROTOCOL_WARN, LD_DIRSERV,
"Rejected rend descriptor (length %d) from %s.",
(int)body_len, conn->_base.address);
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/or.h 2007-09-18 21:17:45 UTC (rev 11496)
@@ -3244,7 +3244,7 @@
/** Information used to connect to a hidden service. */
typedef struct rend_service_descriptor_t {
crypto_pk_env_t *pk; /**< This service's public key. */
- int version; /**< 0 or 1. */
+ int version; /**< 0. */
time_t timestamp; /**< Time when the descriptor was generated. */
uint16_t protocols; /**< Bitmask: which rendezvous protocols are supported?
* (We allow bits '0', '1', and '2' to be set.) */
@@ -3267,7 +3267,6 @@
void rend_service_descriptor_free(rend_service_descriptor_t *desc);
int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
- int version,
crypto_pk_env_t *key,
char **str_out,
size_t *len_out);
Modified: tor/trunk/src/or/rendclient.c
===================================================================
--- tor/trunk/src/or/rendclient.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/rendclient.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -69,7 +69,7 @@
tor_assert(!rend_cmp_service_ids(introcirc->rend_query,
rendcirc->rend_query));
- if (rend_cache_lookup_entry(introcirc->rend_query, -1, &entry) < 1) {
+ if (rend_cache_lookup_entry(introcirc->rend_query, 0, &entry) < 1) {
log_warn(LD_REND,
"query %s didn't have valid rend desc in cache. Failing.",
escaped_safe_str(introcirc->rend_query));
@@ -281,7 +281,7 @@
rend_cache_entry_t *ent;
connection_t *conn;
- r = rend_cache_lookup_entry(query, -1, &ent);
+ r = rend_cache_lookup_entry(query, 0, &ent);
if (r<0) {
log_warn(LD_BUG, "Malformed service ID %s.", escaped_safe_str(query));
return -1;
@@ -450,7 +450,7 @@
if (rend_cmp_service_ids(query, conn->rend_query))
continue;
assert_connection_ok(TO_CONN(conn), now);
- if (rend_cache_lookup_entry(conn->rend_query, -1, &entry) == 1 &&
+ if (rend_cache_lookup_entry(conn->rend_query, 0, &entry) == 1 &&
entry->parsed->n_intro_points > 0) {
/* either this fetch worked, or it failed but there was a
* valid entry from before which we should reuse */
@@ -486,7 +486,7 @@
int i;
rend_cache_entry_t *entry;
- if (rend_cache_lookup_entry(query, -1, &entry) < 1) {
+ if (rend_cache_lookup_entry(query, 0, &entry) < 1) {
log_warn(LD_REND,
"Query '%s' didn't have valid rend desc in cache. Failing.",
safe_str(query));
Modified: tor/trunk/src/or/rendcommon.c
===================================================================
--- tor/trunk/src/or/rendcommon.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/rendcommon.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -49,7 +49,6 @@
*/
int
rend_encode_service_descriptor(rend_service_descriptor_t *desc,
- int version,
crypto_pk_env_t *key,
char **str_out, size_t *len_out)
{
@@ -60,42 +59,17 @@
size_t buflen = PK_BYTES*2*(desc->n_intro_points+2);/*Too long, but ok*/
cp = *str_out = tor_malloc(buflen);
end = cp + PK_BYTES*2*(desc->n_intro_points+1);
- if (version) {
- *(uint8_t*)cp = (uint8_t)0xff;
- *(uint8_t*)(cp+1) = (uint8_t)version;
- cp += 2;
- }
asn1len = crypto_pk_asn1_encode(desc->pk, cp+2, end-(cp+2));
set_uint16(cp, htons((uint16_t)asn1len));
cp += 2+asn1len;
set_uint32(cp, htonl((uint32_t)desc->timestamp));
cp += 4;
- if (version == 1) {
- set_uint16(cp, htons(desc->protocols));
- cp += 2;
- }
set_uint16(cp, htons((uint16_t)desc->n_intro_points));
cp += 2;
- if (version == 0) {
- for (i=0; i < desc->n_intro_points; ++i) {
- char *ipoint = (char*)desc->intro_points[i];
- strlcpy(cp, ipoint, buflen-(cp-*str_out));
- cp += strlen(ipoint)+1;
- }
- } else {
- if (desc->n_intro_points)
- tor_assert(desc->intro_point_extend_info);
- for (i=0; i < desc->n_intro_points; ++i) {
- extend_info_t *info = desc->intro_point_extend_info[i];
- int klen;
- set_uint32(cp, htonl(info->addr));
- set_uint16(cp+4, htons(info->port));
- memcpy(cp+6, info->identity_digest, DIGEST_LEN);
- klen = crypto_pk_asn1_encode(info->onion_key, cp+6+DIGEST_LEN+2,
- (end-(cp+6+DIGEST_LEN+2)));
- set_uint16(cp+6+DIGEST_LEN, htons((uint16_t)klen));
- cp += 6+DIGEST_LEN+2+klen;
- }
+ for (i=0; i < desc->n_intro_points; ++i) {
+ char *ipoint = (char*)desc->intro_points[i];
+ strlcpy(cp, ipoint, buflen-(cp-*str_out));
+ cp += strlen(ipoint)+1;
}
note_crypto_pk_op(REND_SERVER);
i = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
@@ -119,18 +93,12 @@
int i;
size_t keylen, asn1len;
const char *end, *cp, *eos;
- int version = 0;
result = tor_malloc_zero(sizeof(rend_service_descriptor_t));
cp = str;
end = str+len;
if (end-cp<2) goto truncated;
- if (*(uint8_t*)cp == 0xff) {
- result->version = version = *(uint8_t*)(cp+1);
- cp += 2;
- } else {
- result->version = version = 0;
- }
+ result->version = 0;
if (end-cp < 2) goto truncated;
asn1len = ntohs(get_uint16(cp));
cp += 2;
@@ -141,18 +109,12 @@
if (end-cp < 4) goto truncated;
result->timestamp = (time_t) ntohl(get_uint32(cp));
cp += 4;
- if (version == 1) {
- if (end-cp < 2) goto truncated;
- result->protocols = ntohs(get_uint16(cp));
- cp += 2;
- } else {
- result->protocols = 1;
- }
+ result->protocols = 1;
if (end-cp < 2) goto truncated;
result->n_intro_points = ntohs(get_uint16(cp));
cp += 2;
- if (version == 0 && result->n_intro_points != 0) {
+ if (result->n_intro_points != 0) {
result->intro_points =
tor_malloc_zero(sizeof(char*)*result->n_intro_points);
for (i=0;i<result->n_intro_points;++i) {
@@ -162,33 +124,6 @@
result->intro_points[i] = tor_strdup(cp);
cp = eos+1;
}
- } else if (version != 0 && result->n_intro_points != 0) {
- result->intro_point_extend_info =
- tor_malloc_zero(sizeof(extend_info_t*)*result->n_intro_points);
- result->intro_points =
- tor_malloc_zero(sizeof(char*)*result->n_intro_points);
- for (i=0;i<result->n_intro_points;++i) {
- extend_info_t *info = result->intro_point_extend_info[i] =
- tor_malloc_zero(sizeof(extend_info_t));
- int klen;
- if (end-cp < 8+DIGEST_LEN) goto truncated;
- info->addr = ntohl(get_uint32(cp));
- info->port = ntohs(get_uint16(cp+4));
- memcpy(info->identity_digest, cp+6, DIGEST_LEN);
- info->nickname[0] = '$';
- base16_encode(info->nickname+1, sizeof(info->nickname)-1,
- info->identity_digest, DIGEST_LEN);
- result->intro_points[i] = tor_strdup(info->nickname);
- klen = ntohs(get_uint16(cp+6+DIGEST_LEN));
- cp += 8+DIGEST_LEN;
- if (end-cp < klen) goto truncated;
- if (!(info->onion_key = crypto_pk_asn1_decode(cp,klen))) {
- log_warn(LD_PROTOCOL,
- "Internal error decoding onion key for intro point.");
- goto error;
- }
- cp += klen;
- }
}
keylen = crypto_pk_keysize(result->pk);
tor_assert(end-cp >= 0);
@@ -307,28 +242,20 @@
return 1;
}
-/** If we have a cached rend_cache_entry_t for the service ID <b>query</b>,
- * set *<b>e</b> to that entry and return 1. Else return 0. If
- * <b>version</b> is nonnegative, only return an entry in that descriptor
- * format version. Otherwise (if <b>version</b> is negative), return the most
- * recent format we have.
+/** If we have a cached rend_cache_entry_t for the service ID <b>query</b>
+ * with <b>version</b>, set *<b>e</b> to that entry and return 1.
+ * Else return 0.
*/
int
rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
{
- char key[REND_SERVICE_ID_LEN+2]; /* 1<query>\0 or 0<query>\0 */
+ char key[REND_SERVICE_ID_LEN+2]; /* <version><query>\0 */
tor_assert(rend_cache);
+ tor_assert(!version);
if (!rend_valid_service_id(query))
return -1;
- *e = NULL;
- if (version != 0) {
- tor_snprintf(key, sizeof(key), "1%s", query);
- *e = strmap_get_lc(rend_cache, key);
- }
- if (!*e && version != 1) {
- tor_snprintf(key, sizeof(key), "0%s", query);
- *e = strmap_get_lc(rend_cache, key);
- }
+ tor_snprintf(key, sizeof(key), "%d%s", version, query);
+ *e = strmap_get_lc(rend_cache, key);
if (!*e)
return 0;
return 1;
@@ -369,7 +296,7 @@
rend_cache_entry_t *e;
rend_service_descriptor_t *parsed;
char query[REND_SERVICE_ID_LEN+1];
- char key[REND_SERVICE_ID_LEN+2]; /* 1<query>\0 or 0<query>\0 */
+ char key[REND_SERVICE_ID_LEN+2]; /* 0<query>\0 */
time_t now;
or_options_t *options = get_options();
tor_assert(rend_cache);
@@ -383,7 +310,7 @@
rend_service_descriptor_free(parsed);
return -1;
}
- tor_snprintf(key, sizeof(key), "%c%s", parsed->version?'1':'0', query);
+ tor_snprintf(key, sizeof(key), "0%s", query);
now = time(NULL);
if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_fn(LOG_PROTOCOL_WARN, LD_REND,
Modified: tor/trunk/src/or/rendservice.c
===================================================================
--- tor/trunk/src/or/rendservice.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/rendservice.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -937,7 +937,7 @@
* and upload it to all the dirservers.
*/
static void
-upload_service_descriptor(rend_service_t *service, int version)
+upload_service_descriptor(rend_service_t *service)
{
char *desc;
size_t desc_len;
@@ -946,7 +946,6 @@
/* Update the descriptor. */
rend_service_update_descriptor(service);
if (rend_encode_service_descriptor(service->desc,
- version,
service->private_key,
&desc, &desc_len)<0) {
log_warn(LD_BUG, "Internal error: couldn't encode service descriptor; "
@@ -1110,7 +1109,7 @@
/* if it's time, or if the directory servers have a wrong service
* descriptor and ours has been stable for 30 seconds, upload a
* new one of each format. */
- upload_service_descriptor(service, 0);
+ upload_service_descriptor(service);
service->next_upload_time = now + rendpostperiod;
}
}
Modified: tor/trunk/src/or/test.c
===================================================================
--- tor/trunk/src/or/test.c 2007-09-18 20:35:10 UTC (rev 11495)
+++ tor/trunk/src/or/test.c 2007-09-18 21:17:45 UTC (rev 11496)
@@ -2916,7 +2916,7 @@
pk1 = pk_generate(0);
pk2 = pk_generate(1);
- /* Test unversioned descriptor */
+ /* Test unversioned (v0) descriptor */
d1 = tor_malloc_zero(sizeof(rend_service_descriptor_t));
d1->pk = crypto_pk_dup_key(pk1);
now = time(NULL);
@@ -2927,7 +2927,7 @@
d1->intro_points[0] = tor_strdup("tom");
d1->intro_points[1] = tor_strdup("crow");
d1->intro_points[2] = tor_strdup("joel");
- test_assert(! rend_encode_service_descriptor(d1, 0, pk1, &encoded, &len));
+ test_assert(! rend_encode_service_descriptor(d1, pk1, &encoded, &len));
d2 = rend_parse_service_descriptor(encoded, len);
test_assert(d2);
@@ -2945,62 +2945,11 @@
rend_service_descriptor_free(d2);
tor_free(encoded);
- /* Test versioned descriptor. */
- d1 = tor_malloc_zero(sizeof(rend_service_descriptor_t));
- d1->pk = crypto_pk_dup_key(pk1);
- now = time(NULL);
- d1->timestamp = now;
- d1->n_intro_points = 2;
- d1->version = 1;
- d1->protocols = 60;
- d1->intro_points = tor_malloc(sizeof(char*)*2);
- d1->intro_point_extend_info = tor_malloc(sizeof(extend_info_t*)*2);
- d1->intro_points[0] = tor_strdup("tom");
- d1->intro_points[1] = tor_strdup("crow");
- d1->intro_point_extend_info[0] = tor_malloc_zero(sizeof(extend_info_t));
- strlcpy(d1->intro_point_extend_info[0]->nickname, "tom", 4);
- d1->intro_point_extend_info[0]->addr = 1234;
- d1->intro_point_extend_info[0]->port = 4567;
- d1->intro_point_extend_info[0]->onion_key = crypto_pk_dup_key(pk1);
- memset(d1->intro_point_extend_info[0]->identity_digest, 'a', DIGEST_LEN);
-
- d1->intro_point_extend_info[1] = tor_malloc_zero(sizeof(extend_info_t));
- strlcpy(d1->intro_point_extend_info[1]->nickname, "crow", 5);
- d1->intro_point_extend_info[1]->addr = 6060842;
- d1->intro_point_extend_info[1]->port = 8000;
- d1->intro_point_extend_info[1]->onion_key = crypto_pk_dup_key(pk2);
- memset(d1->intro_point_extend_info[1]->identity_digest, 'b', DIGEST_LEN);
-
- test_assert(! rend_encode_service_descriptor(d1, 1, pk1, &encoded, &len));
- d2 = rend_parse_service_descriptor(encoded, len);
- test_assert(d2);
-
- test_assert(!crypto_pk_cmp_keys(d1->pk, d2->pk));
- test_eq(d2->timestamp, now);
- test_eq(d2->version, 1);
- test_eq(d2->protocols, 60);
- test_eq(d2->n_intro_points, 2);
- test_streq(d2->intro_points[0], d2->intro_point_extend_info[0]->nickname);
- test_streq(d2->intro_points[1], d2->intro_point_extend_info[1]->nickname);
- test_eq(d2->intro_point_extend_info[0]->addr, 1234);
- test_eq(d2->intro_point_extend_info[0]->port, 4567);
- test_assert(!crypto_pk_cmp_keys(pk1,
- d2->intro_point_extend_info[0]->onion_key));
- test_memeq(d2->intro_point_extend_info[0]->identity_digest,
- d1->intro_point_extend_info[0]->identity_digest, DIGEST_LEN);
- test_eq(d2->intro_point_extend_info[1]->addr, 6060842);
- test_eq(d2->intro_point_extend_info[1]->port, 8000);
-
- test_memeq(d2->intro_point_extend_info[1]->identity_digest,
- d1->intro_point_extend_info[1]->identity_digest, DIGEST_LEN);
-
test_assert(BAD_HOSTNAME == parse_extended_hostname(address1));
test_assert(ONION_HOSTNAME == parse_extended_hostname(address2));
test_assert(EXIT_HOSTNAME == parse_extended_hostname(address3));
test_assert(NORMAL_HOSTNAME == parse_extended_hostname(address4));
- rend_service_descriptor_free(d1);
- rend_service_descriptor_free(d2);
crypto_free_pk_env(pk1);
crypto_free_pk_env(pk2);
}