Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ticket32709 044 02 #1679

Merged
merged 14 commits into from Feb 24, 2020
Merged

Ticket32709 044 02 #1679

merged 14 commits into from Feb 24, 2020

Conversation

Reviewers

@teor2345 teor2345

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
6 participants
@nmathewson @coveralls @teor2345 @torproject-pusher @dgoulet-tor @asn-d6
@nmathewson
Copy link
Contributor

@nmathewson nmathewson commented Jan 21, 2020

No description provided.

dgoulet-tor and others added 14 commits Jan 21, 2020
@dgoulet-tor @nmathewson
hs-v3: Implement hs_parse_address_no_log()
16a201e 
The hs_parse_address() can not be used without an options_t object existing
since on error it uses the escaped_safe_str() that looks at the options.

This new function won't log and returns an error message in case of failure
that can then be used to log.

Signed-off-by: David Goulet <dgoulet@torproject.org>
@asn-d6 @nmathewson
hs-v3: Extract INTRO2 key computation to its own function.
f1498e7 
Part of #32709

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
hs-v3: Add the Onion Balance config file option
ef28afa 
At this commit, the service reads the config file and parse it to finally set
the service config object with the options.

Part of #32709

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
hs-v3: Validate INTRO2 cells for onion balance
02f1caa 
Closes #32709

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
hs-v3: Code improvement for INTRO2 MAC validation
780e498 
Pointed by nickm during the review of #32709.

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
hs-v3: Implement hs_ob_service_is_instance()
faada6a 
Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
test: Add HS onion balance tests
7c18860 
Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor @nmathewson
practracker: Make it happy
3484608 
Signed-off-by: David Goulet <dgoulet@torproject.org>
@nmathewson
Turn hs_subcredential_t into a proper struct.
4532c7e
@nmathewson
Remove a dead BUG() check.
bd0efb2
@nmathewson
Define a variant of hs_ntor that takes multiple subcredentials.
46e6a48
@nmathewson
Pass multiple subcredentials all the way down to hs_ntor.
b625023 
This approach saves us a pair of curve25519 operations for every
subcredential but the first.  It is not yet constant-time.

I've noted a few places where IMO we should refactor the code so
that the complete list of subcredentials is passed in earlier.
@nmathewson
Add a function to maybe memcpy() a value, in constant time.
4269ab9
@nmathewson
Use time-invariant conditional memcpy to make onionbalance loop safer
9425432
@coveralls
Copy link

@coveralls coveralls commented Jan 21, 2020

Pull Request Test Coverage Report for Build 7839

  • 165 of 204 (80.88%) changed or added relevant lines in 10 files are covered.
  • 2 unchanged lines in 2 files lost coverage.
  • Overall coverage increased (+0.04%) to 63.365%
Changes Missing Coverage Covered Lines Changed/Added Lines %
src/feature/hs/hs_client.c 3 4 75.0%
src/feature/hs/hs_config.c 9 12 75.0%
src/feature/hs/hs_ob.c 87 92 94.57%
src/feature/hs/hs_cell.c 17 47 36.17%
Files with Coverage Reduction New Missed Lines %
src/feature/hs/hs_cell.c 1 41.36%
src/feature/hs/hs_config.c 1 85.17%
Totals Coverage Status
Change from base Build 7834: 0.04%
Covered Lines: 50078
Relevant Lines: 79031
💛 - Coveralls

teor2345
teor2345 reviewed Feb 3, 2020
View changes
src/feature/hs/hs_cell.c
* subcredential in order to validate. */
hs_cell_introduce2_data_t new_data = *data;
/* XXXX This list should have been the descriptor's subcredentials all
* XXXX along.
Copy link
Contributor

@teor2345 teor2345 Feb 3, 2020

Why is there an XXXX in this comment?

teor2345
teor2345 reviewed Feb 3, 2020
View changes
src/feature/hs/hs_circuit.c
@@ -983,7 +983,10 @@ hs_circ_handle_introduce2(const hs_service_t *service,
* parsed, decrypted and key material computed correctly. */
data.auth_pk = &ip->auth_key_kp.pubkey;
data.enc_kp = &ip->enc_key_kp;
data.subcredential = subcredential;
// XXXX We should replace these elements with something precomputed for
// XXXX the onionbalance case.
Copy link
Contributor

@teor2345 teor2345 Feb 3, 2020

Why is there an XXXX in this comment?

teor2345
teor2345 reviewed Feb 3, 2020
View changes
src/feature/hs/hs_ob.c
*
* \details
*
* XXX:
Copy link
Contributor

@teor2345 teor2345 Feb 3, 2020

Please document.

@torproject-pusher torproject-pusher merged commit 9425432 into torproject:master Feb 24, 2020
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment