Code implementing the Extended ORPort. More...
#include "or.h"#include "connection.h"#include "connection_or.h"#include "control.h"#include "config.h"#include "crypto_rand.h"#include "crypto_util.h"#include "ext_orport.h"#include "main.h"#include "proto_ext_or.h"#include "util.h"
Macros | |
| #define | EXT_ORPORT_PRIVATE |
| #define | EXT_OR_PORT_AUTH_COOKIE_LEN 32 |
| #define | EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN 32 |
| #define | EXT_OR_PORT_AUTH_COOKIE_HEADER "! Extended ORPort Auth Cookie !\x0a" |
| #define | EXT_OR_PORT_AUTH_HASH_LEN DIGEST256_LEN |
| #define | EXT_OR_PORT_AUTH_NONCE_LEN 32 |
| #define | EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST "ExtORPort authentication server-to-client hash" |
| #define | EXT_OR_PORT_AUTH_CLIENT_TO_SERVER_CONST "ExtORPort authentication client-to-server hash" |
| #define | EXT_OR_AUTHTYPE_SAFECOOKIE 0x01 |
| #define | connection_ext_or_auth_send_result_success(c) connection_ext_or_auth_send_result(c, 1) |
| #define | connection_ext_or_auth_send_result_fail(c) connection_ext_or_auth_send_result(c, 0) |
| #define | EXT_OR_CMD_TB_DONE 0x0000 |
| #define | EXT_OR_CMD_TB_USERADDR 0x0001 |
| #define | EXT_OR_CMD_TB_TRANSPORT 0x0002 |
| #define | EXT_OR_CMD_BT_OKAY 0x1000 |
| #define | EXT_OR_CMD_BT_DENY 0x1001 |
| #define | EXT_OR_CMD_BT_CONTROL 0x1002 |
| #define | EXT_OR_CONN_STATE_IS_AUTHENTICATING(st) ((st) <= EXT_OR_CONN_STATE_AUTH_MAX) |
Functions | |
| ext_or_cmd_t * | ext_or_cmd_new (uint16_t len) |
| void | ext_or_cmd_free_ (ext_or_cmd_t *cmd) |
| STATIC int | connection_write_ext_or_command (connection_t *conn, uint16_t command, const char *body, size_t bodylen) |
| char * | get_ext_or_auth_cookie_file_name (void) |
| int | init_ext_or_cookie_authentication (int is_enabled) |
| STATIC int | handle_client_auth_nonce (const char *client_nonce, size_t client_nonce_len, char **client_hash_out, char **reply_out, size_t *reply_len_out) |
| int | connection_ext_or_process_inbuf (or_connection_t *or_conn) |
| int | connection_ext_or_finished_flushing (or_connection_t *conn) |
| int | connection_ext_or_start_auth (or_connection_t *or_conn) |
| void | ext_orport_free_all (void) |
Variables | |
| STATIC int | ext_or_auth_cookie_is_set = 0 |
| STATIC uint8_t * | ext_or_auth_cookie = NULL |
Detailed Description
Code implementing the Extended ORPort.
The Extended ORPort interface is used by pluggable transports to communicate additional information to a Tor bridge, including address information. For more information on this interface, see pt-spec.txt in torspec.git.
There is no separate structure for extended ORPort connections; they use or_connection_t objects, and share most of their implementation with connection_or.c. Once the handshake is done, an extended ORPort connection turns into a regular OR connection, using connection_ext_or_transition().
Macro Definition Documentation
◆ EXT_OR_CMD_BT_OKAY
| #define EXT_OR_CMD_BT_OKAY 0x1000 |
Extended ORPort commands (Bridge-to-Transport)
◆ EXT_OR_CMD_TB_DONE
| #define EXT_OR_CMD_TB_DONE 0x0000 |
Extended ORPort commands (Transport-to-Bridge)
◆ EXT_OR_PORT_AUTH_COOKIE_HEADER
| #define EXT_OR_PORT_AUTH_COOKIE_HEADER "! Extended ORPort Auth Cookie !\x0a" |
Static cookie file header.
◆ EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN
| #define EXT_OR_PORT_AUTH_COOKIE_HEADER_LEN 32 |
Length of the header of the cookie file.
◆ EXT_OR_PORT_AUTH_COOKIE_LEN
| #define EXT_OR_PORT_AUTH_COOKIE_LEN 32 |
Length of authentication cookie.
◆ EXT_OR_PORT_AUTH_HASH_LEN
| #define EXT_OR_PORT_AUTH_HASH_LEN DIGEST256_LEN |
Length of safe-cookie protocol hashes.
◆ EXT_OR_PORT_AUTH_NONCE_LEN
| #define EXT_OR_PORT_AUTH_NONCE_LEN 32 |
Length of safe-cookie protocol nonces.
◆ EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST
| #define EXT_OR_PORT_AUTH_SERVER_TO_CLIENT_CONST "ExtORPort authentication server-to-client hash" |
Safe-cookie protocol constants.
Function Documentation
◆ connection_ext_or_finished_flushing()
| int connection_ext_or_finished_flushing | ( | or_connection_t * | conn | ) |
conn finished flushing Extended ORPort messages to the network, and is now ready to accept OR traffic. This function does the transition.
◆ connection_ext_or_process_inbuf()
| int connection_ext_or_process_inbuf | ( | or_connection_t * | or_conn | ) |
Process Extended ORPort messages from or_conn.
◆ connection_ext_or_start_auth()
| int connection_ext_or_start_auth | ( | or_connection_t * | or_conn | ) |
Initiate Extended ORPort authentication, by sending the list of supported authentication types to the client.
◆ connection_write_ext_or_command()
| STATIC int connection_write_ext_or_command | ( | connection_t * | conn, |
| uint16_t | command, | ||
| const char * | body, | ||
| size_t | bodylen | ||
| ) |
Write an Extended ORPort message to conn. Use command as the command type, bodylen as the body length, and body, if it's present, as the body of the message.
◆ ext_or_cmd_free_()
| void ext_or_cmd_free_ | ( | ext_or_cmd_t * | cmd | ) |
Deallocate the Extended ORPort message in cmd.
◆ ext_or_cmd_new()
| ext_or_cmd_t* ext_or_cmd_new | ( | uint16_t | len | ) |
Allocate and return a structure capable of holding an Extended ORPort message of body length len.
◆ ext_orport_free_all()
| void ext_orport_free_all | ( | void | ) |
Free any leftover allocated memory of the ext_orport.c subsystem.
◆ get_ext_or_auth_cookie_file_name()
| char* get_ext_or_auth_cookie_file_name | ( | void | ) |
Helper: Return a newly allocated string containing a path to the file where we store our authentication cookie.
Variable Documentation
◆ ext_or_auth_cookie
| STATIC uint8_t* ext_or_auth_cookie = NULL |
If ext_or_auth_cookie_is_set, a secret cookie that we've stored to disk and which we're using to authenticate controllers. (If the controller can read it off disk, it has permission to connect.)
◆ ext_or_auth_cookie_is_set
| STATIC int ext_or_auth_cookie_is_set = 0 |
If true, we've set ext_or_auth_cookie to a secret code and stored it to disk.
