prop224: Helper function to assert on invalid client intro circuit

Put all the possible assert() we can do on a client introduction circuit in
one helper function to make sure it is valid and usable.

It is disabled for now so gcc doesn't complain that we have a unused function.

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/src/or/hs_client.c b/src/or/hs_client.c
index 8cf98a6b90fa91d1fe2f533c9ebae2dec039eaeb..514ecf99ba86cef7805c3afc33316aeec533f822 100644 (file)
--- a/src/or/hs_client.c
+++ b/src/or/hs_client.c
@@ -140,6 +140,20 @@ fetch_v3_desc(const ed25519_public_key_t *onion_identity_pk)
   return directory_launch_v3_desc_fetch(onion_identity_pk, hsdir_rs);
 }
 
+#if 0
+/* Make sure that the given origin circuit circ is a valid correct
+ * introduction circuit. This asserts on validation failure. */
+static void
+assert_intro_circ(const origin_circuit_t *circ)
+{
+  tor_assert(circ);
+  tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
+  tor_assert(circ->hs_ident);
+  tor_assert(hs_ident_intro_circ_is_valid(circ->hs_ident));
+  assert_circ_anonymity_ok(circ, get_options());
+}
+#endif
+
 /** A circuit just finished connecting to a hidden service that the stream
  *  <b>conn</b> has been waiting for. Let the HS subsystem know about this. */
 void

diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index bc44265d53b0cfa9440bf3e71d8b1f2c0e1b8c0f..e0c7dca4bc5d60978672c51d7dee91f3dce8c168 100644 (file)
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -18,6 +18,7 @@
 #include "nodelist.h"
 #include "hs_cache.h"
 #include "hs_common.h"
+#include "hs_ident.h"
 #include "hs_service.h"
 #include "rendcommon.h"
 #include "rendservice.h"

diff --git a/src/or/hs_ident.c b/src/or/hs_ident.c
index e69350d82e5828f983e8db0d76fa05817d5ae904..df392851589280e7bdc77d0dbecbe3ffcfd0afb8 100644 (file)
--- a/src/or/hs_ident.c
+++ b/src/or/hs_ident.c
@@ -86,3 +86,25 @@ hs_ident_edge_conn_free(hs_ident_edge_conn_t *ident)
   tor_free(ident);
 }
 
+/* Return true if the given ident is valid for an introduction circuit. */
+int
+hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident)
+{
+  if (ident == NULL) {
+    goto invalid;
+  }
+
+  if (ed25519_public_key_is_zero(&ident->identity_pk)) {
+    goto invalid;
+  }
+
+  if (ed25519_public_key_is_zero(&ident->intro_auth_pk)) {
+    goto invalid;
+  }
+
+  /* Valid. */
+  return 1;
+ invalid:
+  return 0;
+}
+

diff --git a/src/or/hs_ident.h b/src/or/hs_ident.h
index e259fde54d0c2de10262be605d84772b6a0ecebc..cfcde781d1402627d3a2b250dbf58eb4606373da 100644 (file)
--- a/src/or/hs_ident.h
+++ b/src/or/hs_ident.h
@@ -126,5 +126,8 @@ hs_ident_edge_conn_t *hs_ident_edge_conn_new(
                                     const ed25519_public_key_t *identity_pk);
 void hs_ident_edge_conn_free(hs_ident_edge_conn_t *ident);
 
+/* Validators */
+int hs_ident_intro_circ_is_valid(const hs_ident_circuit_t *ident);
+
 #endif /* TOR_HS_IDENT_H */
 

diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 8829ede960a19c8d61a4e149041b343de96dbc43..a6b59881adb2bd0ab3a502189c3f50992cdf8de2 100644 (file)
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -990,7 +990,7 @@ rend_non_anonymous_mode_enabled(const or_options_t *options)
  * service.
  */
 void
-assert_circ_anonymity_ok(origin_circuit_t *circ,
+assert_circ_anonymity_ok(const origin_circuit_t *circ,
                          const or_options_t *options)
 {
   tor_assert(options);

diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h
index f03a57f2e15fa3707666f1df4db375085475860d..af8dd600993cd7f3c397c512f9983299065980de 100644 (file)
--- a/src/or/rendcommon.h
+++ b/src/or/rendcommon.h
@@ -60,7 +60,7 @@ int rend_auth_decode_cookie(const char *cookie_in,
 int rend_allow_non_anonymous_connection(const or_options_t* options);
 int rend_non_anonymous_mode_enabled(const or_options_t *options);
 
-void assert_circ_anonymity_ok(origin_circuit_t *circ,
+void assert_circ_anonymity_ok(const origin_circuit_t *circ,
                               const or_options_t *options);
 
 #ifdef RENDCOMMON_PRIVATE