When the ONION_CLIENT_AUTH_REMOVE command is given to tor, now also remove the
descriptor associated with the client authorization credentials.
Fixes#33148
Signed-off-by: David Goulet <dgoulet@torproject.org>
- Remove key_dir which is useless.
- Kill an indentation layer.
We want to make it cleaner and slimmer so that we can reuse parts of it in the
REMOVE command for removing the right client auth file.
Because the function that parses client auth credentials saved on
disk (parse_auth_file_content()) is not future compatible, there is no way to
add support for storing the nickname on the disk. Hence, nicknames cannot
persist after Tor restart making them pretty much useless.
In the future we can introduce nicknames by adding a new file format for client
auth credentials, but this was not deemed worth doing at this stage.
- See hs_client_register_auth_credentials() for the entry point.
- Also set the permanent flag for credentials we read from the filesystem.
- Also add some missing documentation.
By centralizing the circuit cleanup type that is: on close, free and
repurpose, some actions on the circuit can not happen for a certain cleanup
type or for all types.
This passes a cleanup type so the HS subsystem (v2 and v3) can take actions
based on the type of cleanup.
For instance, there is slow code that we do not run on a circuit close but
rather only on free.
Part of #32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
Report back to the v3 subsystem any introduction point client circuit failure
so they can be noted down in the failure cache.
Fixes#32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit extract most of the code that dirclient.c had to handle the end of
a descriptor directory requests (fetch). It is moved into hs_client.c in order
to have one single point of entry and the rest is fully handled by the HS
subsystem.
As part of #30382, depending on how the descriptor ended up stored (decoded or
not), different SOCKS error code can be returned.
Signed-off-by: David Goulet <dgoulet@torproject.org>
We now keep the descriptor in the cache, obviously not decoded, if it can't be
decrypted for which we believe client authorization is missing or unusable
(bad).
This way, it can be used later once the client authorization are added or
updated.
Part of #30382
Signed-off-by: David Goulet <dgoulet@torproject.org>
hs_client_purge_state() and hs_cache_clean_as_client() can remove a descriptor
from the client cache with a NEWNYM or simply when the descriptor expires.
Which means that for an INTRO circuit being established during that time, once
it opens, we lookup the descriptor to get the IP object but hey surprised, no
more descriptor.
The approach here is minimalist that is accept the race and close the circuit
since we can not continue. Before that, the circuit would stay opened and the
client wait the SockTimeout.
Fixers #28970.
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit introduces the hs_desc_decode_status_t enum which aims at having
more fine grained error code when decoding a descriptor.
This will be useful in later commits when we support keeping a descriptor that
can't be decrypted due to missing or bad client authorization creds.
No behavior change.
Part of #30382.
Signed-off-by: David Goulet <dgoulet@torproject.org>
No code behavior change. This removes duplicate code that was finding all
entry connections for a specific onion service identity key.
The find_entry_conns() helper function is introduced for that.
Part of #30382
Signed-off-by: David Goulet <dgoulet@torproject.org>
... and ed25519_public_to_base64(). Also remove all checks for the return
values, which were redundant anyway, because the functions never failed.
Part of 29960.
The previous commits for 23576 confused hs_desc_link_specifier_t
and link_specifier_t. Removing hs_desc_link_specifier_t fixes this
confusion.
Fixes bug 22781; bugfix on 0.3.2.1-alpha.
Also, when we log about a failure from base32_decode(), we now
say that the length is wrong or that the characters were invalid:
previously we would just say that there were invalid characters.
Follow-up on 28913 work.
