tor
master
|
Code implementing the Extended ORPort. More...
#include "or.h"
#include "connection.h"
#include "connection_or.h"
#include "control.h"
#include "config.h"
#include "crypto_rand.h"
#include "crypto_util.h"
#include "ext_orport.h"
#include "main.h"
#include "proto_ext_or.h"
#include "util.h"
Macros | |
#define | EXT_ORPORT_PRIVATE |
#define | EXT_OR_PORT_AUTH_COOKIE_LEN 32 |
#define | EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN 32 |
#define | EXT_OR_PORT_AUTH_COOKIE_HEADER "! Extended ORPort Auth Cookie !\x0a" |
#define | EXT_OR_PORT_AUTH_HASH_LEN DIGEST256_LEN |
#define | EXT_OR_PORT_AUTH_NONCE_LEN 32 |
#define | EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST "ExtORPort authentication server-to-client hash" |
#define | EXT_OR_PORT_AUTH_CLIENT_TO_SERVER_CONST "ExtORPort authentication client-to-server hash" |
#define | EXT_OR_AUTHTYPE_SAFECOOKIE 0x01 |
#define | connection_ext_or_auth_send_result_success(c) connection_ext_or_auth_send_result(c, 1) |
#define | connection_ext_or_auth_send_result_fail(c) connection_ext_or_auth_send_result(c, 0) |
#define | EXT_OR_CMD_TB_DONE 0x0000 |
#define | EXT_OR_CMD_TB_USERADDR 0x0001 |
#define | EXT_OR_CMD_TB_TRANSPORT 0x0002 |
#define | EXT_OR_CMD_BT_OKAY 0x1000 |
#define | EXT_OR_CMD_BT_DENY 0x1001 |
#define | EXT_OR_CMD_BT_CONTROL 0x1002 |
#define | EXT_OR_CONN_STATE_IS_AUTHENTICATING(st) ((st) <= EXT_OR_CONN_STATE_AUTH_MAX) |
Functions | |
ext_or_cmd_t * | ext_or_cmd_new (uint16_t len) |
void | ext_or_cmd_free_ (ext_or_cmd_t *cmd) |
STATIC int | connection_write_ext_or_command (connection_t *conn, uint16_t command, const char *body, size_t bodylen) |
char * | get_ext_or_auth_cookie_file_name (void) |
int | init_ext_or_cookie_authentication (int is_enabled) |
STATIC int | handle_client_auth_nonce (const char *client_nonce, size_t client_nonce_len, char **client_hash_out, char **reply_out, size_t *reply_len_out) |
int | connection_ext_or_process_inbuf (or_connection_t *or_conn) |
int | connection_ext_or_finished_flushing (or_connection_t *conn) |
int | connection_ext_or_start_auth (or_connection_t *or_conn) |
void | ext_orport_free_all (void) |
Variables | |
STATIC int | ext_or_auth_cookie_is_set = 0 |
STATIC uint8_t * | ext_or_auth_cookie = NULL |
Code implementing the Extended ORPort.
The Extended ORPort interface is used by pluggable transports to communicate additional information to a Tor bridge, including address information. For more information on this interface, see pt-spec.txt in torspec.git.
There is no separate structure for extended ORPort connections; they use or_connection_t objects, and share most of their implementation with connection_or.c. Once the handshake is done, an extended ORPort connection turns into a regular OR connection, using connection_ext_or_transition().
#define EXT_OR_CMD_BT_OKAY 0x1000 |
Extended ORPort commands (Bridge-to-Transport)
#define EXT_OR_CMD_TB_DONE 0x0000 |
Extended ORPort commands (Transport-to-Bridge)
#define EXT_OR_PORT_AUTH_COOKIE_HEADER "! Extended ORPort Auth Cookie !\x0a" |
Static cookie file header.
#define EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN 32 |
Length of the header of the cookie file.
#define EXT_OR_PORT_AUTH_COOKIE_LEN 32 |
Length of authentication cookie.
#define EXT_OR_PORT_AUTH_HASH_LEN DIGEST256_LEN |
Length of safe-cookie protocol hashes.
#define EXT_OR_PORT_AUTH_NONCE_LEN 32 |
Length of safe-cookie protocol nonces.
#define EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST "ExtORPort authentication server-to-client hash" |
Safe-cookie protocol constants.
int connection_ext_or_finished_flushing | ( | or_connection_t * | conn | ) |
conn finished flushing Extended ORPort messages to the network, and is now ready to accept OR traffic. This function does the transition.
int connection_ext_or_process_inbuf | ( | or_connection_t * | or_conn | ) |
Process Extended ORPort messages from or_conn.
int connection_ext_or_start_auth | ( | or_connection_t * | or_conn | ) |
Initiate Extended ORPort authentication, by sending the list of supported authentication types to the client.
STATIC int connection_write_ext_or_command | ( | connection_t * | conn, |
uint16_t | command, | ||
const char * | body, | ||
size_t | bodylen | ||
) |
Write an Extended ORPort message to conn. Use command as the command type, bodylen as the body length, and body, if it's present, as the body of the message.
void ext_or_cmd_free_ | ( | ext_or_cmd_t * | cmd | ) |
Deallocate the Extended ORPort message in cmd.
ext_or_cmd_t* ext_or_cmd_new | ( | uint16_t | len | ) |
Allocate and return a structure capable of holding an Extended ORPort message of body length len.
void ext_orport_free_all | ( | void | ) |
Free any leftover allocated memory of the ext_orport.c subsystem.
char* get_ext_or_auth_cookie_file_name | ( | void | ) |
Helper: Return a newly allocated string containing a path to the file where we store our authentication cookie.
STATIC uint8_t* ext_or_auth_cookie = NULL |
If ext_or_auth_cookie_is_set, a secret cookie that we've stored to disk and which we're using to authenticate controllers. (If the controller can read it off disk, it has permission to connect.)
STATIC int ext_or_auth_cookie_is_set = 0 |
If true, we've set ext_or_auth_cookie to a secret code and stored it to disk.