Merge branch 'bug4360'

  o Code simplification and refactoring:

    - Use the name "CERTS" consistently to refer to the new cell type;

      we were calling it CERT in some places and CERTS in others.

/** How many CELL_VPADDING cells have we received, ever? */

uint64_t stats_n_vpadding_cells_processed = 0;

/** How many CELL_CERTS cells have we received, ever? */

uint64_t stats_n_cert_cells_processed = 0;

uint64_t stats_n_certs_cells_processed = 0;

/** How many CELL_AUTH_CHALLENGE cells have we received, ever? */

uint64_t stats_n_auth_challenge_cells_processed = 0;

/** How many CELL_AUTHENTICATE cells have we received, ever? */

static void command_process_versions_cell(var_cell_t *cell,

                                          or_connection_t *conn);

static void command_process_netinfo_cell(cell_t *cell, or_connection_t *conn);

static void command_process_cert_cell(var_cell_t *cell,

static void command_process_certs_cell(var_cell_t *cell,

                                      or_connection_t *conn);

static void command_process_auth_challenge_cell(var_cell_t *cell,

                                          or_connection_t *conn);

#ifdef KEEP_TIMING_STATS

  /* how many of each cell have we seen so far this second? needs better

   * name. */

  static int num_versions=0, num_cert=0;

  static int num_versions=0, num_certs=0;

  time_t now = time(NULL);

  if (now > current_second) { /* the second has rolled over */

    /* print stats */

    log_info(LD_OR,

             "At end of second: %d versions (%d ms), %d cert (%d ms)",

             "At end of second: %d versions (%d ms), %d certs (%d ms)",

             num_versions, versions_time/1000,

             cert, cert_time/1000);

             num_certs, certs_time/1000);

    num_versions = num_cert = 0;

    versions_time = cert_time = 0;

    num_versions = num_certs = 0;

    versions_time = certs_time = 0;

    /* remember which second it is, for next time */

    current_second = now;

      ++stats_n_vpadding_cells_processed;

      /* Do nothing */

      break;

    case CELL_CERT:

      ++stats_n_cert_cells_processed;

      PROCESS_CELL(cert, cell, conn);

    case CELL_CERTS:

      ++stats_n_certs_cells_processed;

      PROCESS_CELL(certs, cell, conn);

      break;

    case CELL_AUTH_CHALLENGE:

      ++stats_n_auth_challenge_cells_processed;

      }

    }

    if (send_certs) {

      if (connection_or_send_cert_cell(conn) < 0) {

        log_warn(LD_OR, "Couldn't send cert cell");

      if (connection_or_send_certs_cell(conn) < 0) {

        log_warn(LD_OR, "Couldn't send certs cell");

        connection_mark_for_close(TO_CONN(conn));

        return;

      }

  assert_connection_ok(TO_CONN(conn),time(NULL));

}

/** Process a CERT cell from an OR connection.

/** Process a CERTS cell from an OR connection.

 *

 * If the other side should not have sent us a CERT cell, or the cell is

 * If the other side should not have sent us a CERTS cell, or the cell is

 * malformed, or it is supposed to authenticate the TLS key but it doesn't,

 * then mark the connection.

 *

 * If it's the server side, wait for an AUTHENTICATE cell.

 */

static void

command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)

command_process_certs_cell(var_cell_t *cell, or_connection_t *conn)

{

#define ERR(s)                                                  \

  do {                                                          \

    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,                      \

           "Received a bad CERT cell from %s:%d: %s",           \

           "Received a bad CERTS cell from %s:%d: %s",          \

           safe_str(conn->_base.address), conn->_base.port, (s)); \

    connection_mark_for_close(TO_CONN(conn));                   \

    goto err;                                                   \

    ERR("We're not doing a v3 handshake!");

  if (conn->link_proto < 3)

    ERR("We're not using link protocol >= 3");

  if (conn->handshake_state->received_cert_cell)

  if (conn->handshake_state->received_certs_cell)

    ERR("We already got one");

  if (conn->handshake_state->authenticated) {

    /* Should be unreachable, but let's make sure. */

      tor_cert_t *cert = tor_cert_decode(ptr + 3, cert_len);

      if (!cert) {

        log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,

               "Received undecodable certificate in CERT cell from %s:%d",

               "Received undecodable certificate in CERTS cell from %s:%d",

               safe_str(conn->_base.address), conn->_base.port);

      } else {

        if (cert_type == OR_CERT_TYPE_TLS_LINK) {

    id_cert = auth_cert = NULL;

  }

  conn->handshake_state->received_cert_cell = 1;

  conn->handshake_state->received_certs_cell = 1;

 err:

  tor_cert_free(id_cert);

  tor_cert_free(link_cert);

 * originator of the connection), or it's ill-formed, or we aren't doing a v3

 * handshake, mark the connection.  If the cell is well-formed but we don't

 * want to authenticate, just drop it.  If the cell is well-formed *and* we

 * want to authenticate, send an AUTHENTICATE cell. */

 * want to authenticate, send an AUTHENTICATE cell and then a NETINFO cell. */

static void

command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn)

{

    ERR("We didn't originate this connection");

  if (conn->handshake_state->received_auth_challenge)

    ERR("We already received one");

  if (! conn->handshake_state->received_cert_cell)

  if (! conn->handshake_state->received_certs_cell)

    ERR("We haven't gotten a CERTS cell yet");

  if (cell->payload_len < OR_AUTH_CHALLENGE_LEN + 2)

    ERR("It was too short");

 * If it's ill-formed or we weren't supposed to get one or we're not doing a

 * v3 handshake, then mark the connection.  If it does not authenticate the

 * other side of the connection successfully (because it isn't signed right,

 * we didn't get a CERT cell, etc) mark the connection.  Otherwise, accept

 * we didn't get a CERTS cell, etc) mark the connection.  Otherwise, accept

 * the identity of the router on the other side of the connection.

 */

static void

    /* Should be impossible given other checks */

    ERR("The peer is already authenticated");

  }

  if (! conn->handshake_state->received_cert_cell)

    ERR("We never got a cert cell");

  if (! conn->handshake_state->received_certs_cell)

    ERR("We never got a certs cell");

  if (conn->handshake_state->auth_cert == NULL)

    ERR("We never got an authentication certificate");

  if (conn->handshake_state->id_cert == NULL)

 * side of <b>conn</b> is <b>peer_id</b>.  For v1 and v2 handshakes,

 * this is right after we get a certificate chain in a TLS handshake

 * or renegotiation.  For v3 handshakes, this is right after we get a

 * certificate chain in a CERT cell.

 * certificate chain in a CERTS cell.

 *

 * If we want any particular ID before, record the one we got.

 *

  return 0;

}

/** Send a CERT cell on the connection <b>conn</b>.  Return 0 on success, -1

/** Send a CERTS cell on the connection <b>conn</b>.  Return 0 on success, -1

 * on failure. */

int

connection_or_send_cert_cell(or_connection_t *conn)

connection_or_send_certs_cell(or_connection_t *conn)

{

  const tor_cert_t *link_cert = NULL, *id_cert = NULL;

  const uint8_t *link_encoded = NULL, *id_encoded = NULL;

             2 * ( 1 + 2 ) /* For each cert: 1 byte for type, 2 for length */ +

             link_len + id_len;

  cell = var_cell_new(cell_len);

  cell->command = CELL_CERT;

  cell->command = CELL_CERTS;

  cell->payload[0] = 2;

  pos = 1;

                               int reason);

int connection_or_send_versions(or_connection_t *conn, int v3_plus);

int connection_or_send_netinfo(or_connection_t *conn);

int connection_or_send_cert_cell(or_connection_t *conn);

int connection_or_send_certs_cell(or_connection_t *conn);

int connection_or_send_auth_challenge_cell(or_connection_t *conn);

int connection_or_compute_authenticate_cell_body(or_connection_t *conn,

                                                 uint8_t *out, size_t outlen,

#define CELL_RELAY_EARLY 9

#define CELL_VPADDING 128

#define CELL_CERT 129

#define CELL_CERTS 129

#define CELL_AUTH_CHALLENGE 130

#define CELL_AUTHENTICATE 131

#define OR_AUTH_CHALLENGE_LEN 32

/**

 * @name Certificate types for CERT cells.

 * @name Certificate types for CERTS cells.

 *

 * These values are defined by the protocol, and affect how an X509

 * certificate in a CERT cell is interpreted and used.

 * certificate in a CERTS cell is interpreted and used.

 *

 * @{ */

/** A certificate that authenticates a TLS link key.  The subject key

  unsigned int received_versions : 1;

  /** True iff we have received and processed an AUTH_CHALLENGE cell */

  unsigned int received_auth_challenge : 1;

  /** True iff we have received and processed a CERT cell. */

  unsigned int received_cert_cell : 1;

  /** True iff we have received and processed a CERTS cell. */

  unsigned int received_certs_cell : 1;

  /** True iff we have received and processed an AUTHENTICATE cell */

  unsigned int received_authenticate : 1;

  crypto_digest_env_t *digest_received;

  /** @} */

  /** Certificates that a connection initiator sent us in a CERT cell; we're

  /** Certificates that a connection initiator sent us in a CERTS cell; we're

   * holding on to them until we get an AUTHENTICATE cell.

   *

   * @{