proto: Take CircuitBinding one step forward into Reactor::add_hop.

crates/tor-proto/src/circuit.rs

@@ -591,11 +591,11 @@ impl ClientCirc {
         seed: impl handshake::KeyGenerator,
         params: CircParameters,
     ) -> Result<()> {
-        let (outbound, inbound) = protocol.construct_layers(role, seed)?;
+        let (outbound, inbound, binding) = protocol.construct_layers(role, seed)?;
 
         let (tx, rx) = oneshot::channel();
         let message = CtrlMsg::ExtendVirtual {
-            cell_crypto: (outbound, inbound),
+            cell_crypto: (outbound, inbound, binding),
             params,
             done: tx,
         };

crates/tor-proto/src/circuit/handshake.rs

@@ -11,6 +11,7 @@
 // that can wait IMO until we have a second circuit creation mechanism for use
 // with onion services.
 
+use crate::crypto::binding::CircuitBinding;
 use crate::crypto::cell::{
     ClientLayer, CryptInit, InboundClientLayer, OutboundClientLayer, Tor1Hsv3RelayCrypto,
 };
@@ -44,6 +45,7 @@ pub enum HandshakeRole {
 impl RelayProtocol {
     /// Construct the cell-crypto layers that are needed for a given set of
     /// circuit hop parameters.
+    #[allow(clippy::type_complexity)] // XXXX
     pub(crate) fn construct_layers(
         self,
         role: HandshakeRole,
@@ -51,18 +53,19 @@ impl RelayProtocol {
     ) -> Result<(
         Box<dyn OutboundClientLayer + Send>,
         Box<dyn InboundClientLayer + Send>,
+        Option<CircuitBinding>,
     )> {
         match self {
             RelayProtocol::HsV3 => {
                 let seed_needed = Tor1Hsv3RelayCrypto::seed_len();
                 let seed = keygen.expand(seed_needed)?;
                 let layer = Tor1Hsv3RelayCrypto::initialize(&seed)?;
-                let (fwd, back, _) = layer.split();
+                let (fwd, back, binding) = layer.split();
                 let (fwd, back) = match role {
                     HandshakeRole::Initiator => (fwd, back),
                     HandshakeRole::Responder => (back, fwd),
                 };
-                Ok((Box::new(fwd), Box::new(back)))
+                Ok((Box::new(fwd), Box::new(back), Some(binding)))
             }
         }
     }

crates/tor-proto/src/circuit/reactor.rs

@@ -22,6 +22,7 @@ use crate::circuit::unique_id::UniqId;
 use crate::circuit::{
     sendme, streammap, CircParameters, Create2Wrap, CreateFastWrap, CreateHandshakeWrap,
 };
+use crate::crypto::binding::CircuitBinding;
 use crate::crypto::cell::{
     ClientLayer, CryptInit, HopNum, InboundClientCrypt, InboundClientLayer, OutboundClientCrypt,
     OutboundClientLayer, RelayCellBody, Tor1RelayCrypto,
@@ -134,6 +135,7 @@ pub(super) enum CtrlMsg {
         cell_crypto: (
             Box<dyn OutboundClientLayer + Send>,
             Box<dyn InboundClientLayer + Send>,
+            Option<CircuitBinding>,
         ),
         /// A set of parameters used to configure this hop.
         params: CircParameters,
@@ -490,11 +492,12 @@ where
         debug!("{}: Handshake complete; circuit extended.", self.unique_id);
 
         // If we get here, it succeeded.  Add a new hop to the circuit.
-        let (layer_fwd, layer_back, _) = layer.split();
+        let (layer_fwd, layer_back, binding) = layer.split();
         reactor.add_hop(
             path::HopDetail::Relay(self.peer_id.clone()),
             Box::new(layer_fwd),
             Box::new(layer_back),
+            Some(binding),
             &self.params,
         );
         Ok(MetaCellDisposition::ConversationFinished)
@@ -937,7 +940,14 @@ impl Reactor {
 
         let fwd = Box::new(DummyCrypto::new(fwd_lasthop));
         let rev = Box::new(DummyCrypto::new(rev_lasthop));
-        self.add_hop(path::HopDetail::Relay(dummy_peer_id), fwd, rev, params);
+        let binding = None;
+        self.add_hop(
+            path::HopDetail::Relay(dummy_peer_id),
+            fwd,
+            rev,
+            binding,
+            params,
+        );
         let _ = done.send(Ok(()));
     }
 
@@ -991,13 +1001,14 @@ impl Reactor {
 
         debug!("{}: Handshake complete; circuit created.", self.unique_id);
 
-        let (layer_fwd, layer_back, _) = layer.split();
+        let (layer_fwd, layer_back, binding) = layer.split();
         let peer_id = self.channel.target().clone();
 
         self.add_hop(
             path::HopDetail::Relay(peer_id),
             Box::new(layer_fwd),
             Box::new(layer_back),
+            Some(binding),
             params,
         );
         Ok(())
@@ -1062,12 +1073,14 @@ impl Reactor {
         peer_id: path::HopDetail,
         fwd: Box<dyn OutboundClientLayer + 'static + Send>,
         rev: Box<dyn InboundClientLayer + 'static + Send>,
+        binding: Option<CircuitBinding>,
         params: &CircParameters,
     ) {
         let hop = crate::circuit::reactor::CircHop::new(params.initial_send_window());
         self.hops.push(hop);
         self.crypto_in.add_layer(rev);
         self.crypto_out.add_layer(fwd);
+        drop(binding); // XXXX
         let mut mutable = self.mutable.lock().expect("poisoned lock");
         Arc::make_mut(&mut mutable.path).push_hop(peer_id);
     }
@@ -1382,13 +1395,13 @@ impl Reactor {
                 params,
                 done,
             } => {
-                let (outbound, inbound) = cell_crypto;
+                let (outbound, inbound, binding) = cell_crypto;
 
                 // TODO HS: Perhaps this should describe the onion service, or
                 // describe why the virtual hop was added, or something?
                 let peer_id = path::HopDetail::Virtual;
 
-                self.add_hop(peer_id, outbound, inbound, &params);
+                self.add_hop(peer_id, outbound, inbound, binding, &params);
                 let _ = done.send(Ok(()));
             }
             CtrlMsg::BeginStream {

crates/tor-proto/src/crypto.rs

@@ -6,7 +6,7 @@
 //!   * `handshake` implements the ntor handshake.
 //!   * `ll` provides building blocks for other parts of the protocol.
 
-mod binding;
+pub(crate) mod binding;
 pub(crate) mod cell;
 pub(crate) mod handshake;
 pub(crate) mod ll;