|
| 1 | +--- a/src/common/compat.h |
| 2 | ++++ b/src/common/compat.h |
| 3 | +@@ -542,6 +542,8 @@ typedef enum { |
| 4 | + SOCKS5_TTL_EXPIRED = 0x06, |
| 5 | + SOCKS5_COMMAND_NOT_SUPPORTED = 0x07, |
| 6 | + SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08, |
| 7 | ++ SOCKS5_HS_NOT_FOUND = 0x23, |
| 8 | ++ SOCKS5_HS_UNREACHABLE = 0x24, |
| 9 | + } socks5_reply_status_t; |
| 10 | + |
| 11 | + /* ===== Insecure rng */ |
| 12 | +diff --git a/src/or/or.h b/src/or/or.h |
| 13 | +index 3a53e5e..9d6445e 100644 |
| 14 | +--- a/src/or/or.h |
| 15 | ++++ b/src/or/or.h |
| 16 | +@@ -623,6 +623,11 @@ typedef enum { |
| 17 | + * you don't want to do that over a randomly chosen exit */ |
| 18 | + #define END_STREAM_REASON_PRIVATE_ADDR 262 |
| 19 | + |
| 20 | ++/* The connection the hidden service has failed because it was not found inside |
| 21 | ++ * of any Hidden Service Directory Authority, or the connection to it failed. */ |
| 22 | ++#define END_STREAM_REASON_HS_NOT_FOUND 323 |
| 23 | ++#define END_STREAM_REASON_HS_UNREACHABLE 324 |
| 24 | ++ |
| 25 | + /** Bitwise-and this value with endreason to mask out all flags. */ |
| 26 | + #define END_STREAM_REASON_MASK 511 |
| 27 | + |
| 28 | +diff --git a/src/or/reasons.c b/src/or/reasons.c |
| 29 | +index c51d8ee..8a8ef4f 100644 |
| 30 | +--- a/src/or/reasons.c |
| 31 | ++++ b/src/or/reasons.c |
| 32 | +@@ -72,6 +72,8 @@ stream_end_reason_to_string(int reason) |
| 33 | + case END_STREAM_REASON_CONNRESET: return "connection reset"; |
| 34 | + case END_STREAM_REASON_TORPROTOCOL: return "Tor protocol error"; |
| 35 | + case END_STREAM_REASON_NOTDIRECTORY: return "not a directory"; |
| 36 | ++ case END_STREAM_REASON_HS_NOT_FOUND: return "hidden service not found"; |
| 37 | ++ case END_STREAM_REASON_HS_UNREACHABLE: return "hidden service not reachable"; |
| 38 | + default: |
| 39 | + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, |
| 40 | + "Reason for ending (%d) not recognized.",reason); |
| 41 | +@@ -130,6 +132,12 @@ stream_end_reason_to_socks5_response(int reason) |
| 42 | + case END_STREAM_REASON_PRIVATE_ADDR: |
| 43 | + return SOCKS5_GENERAL_ERROR; |
| 44 | + |
| 45 | ++ case END_STREAM_REASON_HS_NOT_FOUND: |
| 46 | ++ return SOCKS5_HS_NOT_FOUND; |
| 47 | ++ case END_STREAM_REASON_HS_UNREACHABLE: |
| 48 | ++ return SOCKS5_HS_UNREACHABLE; |
| 49 | ++ |
| 50 | ++ |
| 51 | + default: |
| 52 | + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, |
| 53 | + "Reason for ending (%d) not recognized; " |
| 54 | +diff --git a/src/or/rendclient.c b/src/or/rendclient.c |
| 55 | +index 6c751be..b966249 100644 |
| 56 | +--- a/src/or/rendclient.c |
| 57 | ++++ b/src/or/rendclient.c |
| 58 | +@@ -1212,8 +1212,8 @@ |
| 59 | + if (rend_cmp_service_ids(query, rend_data->onion_address)) |
| 60 | + continue; |
| 61 | + assert_connection_ok(base_conn, now); |
| 62 | +- if (rend_cache_lookup_entry(rend_data->onion_address, -1, |
| 63 | +- &entry) == 0 && |
| 64 | ++ rend_cache_lookup_entry(rend_data->onion_address, -1, &entry); |
| 65 | ++ if (entry != NULL && |
| 66 | + rend_client_any_intro_points_usable(entry)) { |
| 67 | + /* either this fetch worked, or it failed but there was a |
| 68 | + * valid entry from before which we should reuse */ |
| 69 | +@@ -1232,11 +1232,27 @@ |
| 70 | + if (!base_conn->marked_for_close) |
| 71 | + connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH); |
| 72 | + } |
| 73 | +- } else { /* 404, or fetch didn't get that far */ |
| 74 | ++ } else if (entry == NULL) { |
| 75 | ++ /* We couldn't get a descriptor for this HS at all; maybe it |
| 76 | ++ * doesn't exist. */ |
| 77 | ++ |
| 78 | ++ log_notice(LD_REND,"Closing stream for '%s.onion': hidden service was " |
| 79 | ++ "not found (no descriptors for it found).", |
| 80 | ++ safe_str_client(query)); |
| 81 | ++ |
| 82 | ++ connection_mark_unattached_ap(conn, END_STREAM_REASON_HS_NOT_FOUND); |
| 83 | ++ rend_client_note_connection_attempt_ended(query); |
| 84 | ++ |
| 85 | ++ } else { |
| 86 | ++ /* We got a descriptor, but either (a) the HS published no intro points |
| 87 | ++ * (i.e. it was shut down cleanly) or (b) we tried all the intro points |
| 88 | ++ * it listed, and they failed. */ |
| 89 | ++ |
| 90 | + log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is " |
| 91 | + "unavailable (try again later).", |
| 92 | + safe_str_client(query)); |
| 93 | +- connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED); |
| 94 | ++ |
| 95 | ++ connection_mark_unattached_ap(conn, END_STREAM_REASON_HS_UNREACHABLE); |
| 96 | + rend_client_note_connection_attempt_ended(rend_data); |
| 97 | + } |
| 98 | + } SMARTLIST_FOREACH_END(base_conn); |
| 99 | +diff --git a/src/tools/tor-resolve.c b/src/tools/tor-resolve.c |
| 100 | +index 4ef84f4..e24fbbd 100644 |
| 101 | +--- a/src/tools/tor-resolve.c |
| 102 | ++++ b/src/tools/tor-resolve.c |
| 103 | +@@ -167,6 +167,10 @@ socks5_reason_to_string(char reason) |
| 104 | + return "command not supported"; |
| 105 | + case SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED: |
| 106 | + return "address type not supported"; |
| 107 | ++ case SOCKS5_HS_NOT_FOUND: |
| 108 | ++ return "hidden service not found"; |
| 109 | ++ case SOCKS5_HS_UNREACHABLE: |
| 110 | ++ return "hidden service unreachable"; |
| 111 | + default: |
| 112 | + return "unknown SOCKS5 code"; |
| 113 | + } |
0 commit comments