2007-12-12 22:09:01 +01:00
|
|
|
/* Copyright (c) 2001-2004, Roger Dingledine.
|
|
|
|
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
2013-01-16 07:54:56 +01:00
|
|
|
* Copyright (c) 2007-2013, The Tor Project, Inc. */
|
2004-11-07 02:33:06 +01:00
|
|
|
/* See LICENSE for licensing information */
|
2002-09-26 14:09:10 +02:00
|
|
|
|
|
|
|
#include "or.h"
|
2010-07-22 00:46:18 +02:00
|
|
|
#include "buffers.h"
|
2010-07-22 01:21:00 +02:00
|
|
|
#include "circuitbuild.h"
|
2010-07-22 10:22:51 +02:00
|
|
|
#include "config.h"
|
2010-07-22 10:32:52 +02:00
|
|
|
#include "connection.h"
|
2010-07-22 10:43:02 +02:00
|
|
|
#include "connection_edge.h"
|
2010-07-22 11:35:09 +02:00
|
|
|
#include "control.h"
|
2010-07-22 11:54:50 +02:00
|
|
|
#include "directory.h"
|
2010-07-22 12:09:49 +02:00
|
|
|
#include "dirserv.h"
|
2010-07-22 12:19:28 +02:00
|
|
|
#include "dirvote.h"
|
2012-10-15 20:48:34 +02:00
|
|
|
#include "entrynodes.h"
|
2010-07-21 14:38:52 +02:00
|
|
|
#include "geoip.h"
|
2010-07-23 19:58:06 +02:00
|
|
|
#include "main.h"
|
2010-05-11 23:20:33 +02:00
|
|
|
#include "microdesc.h"
|
2010-07-23 20:18:55 +02:00
|
|
|
#include "networkstatus.h"
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
#include "nodelist.h"
|
2010-07-23 20:51:25 +02:00
|
|
|
#include "policies.h"
|
2010-07-22 00:13:51 +02:00
|
|
|
#include "rendclient.h"
|
2010-07-21 17:52:54 +02:00
|
|
|
#include "rendcommon.h"
|
2010-07-23 22:57:20 +02:00
|
|
|
#include "rephist.h"
|
2010-07-21 16:17:10 +02:00
|
|
|
#include "router.h"
|
2010-07-21 17:08:11 +02:00
|
|
|
#include "routerlist.h"
|
2010-07-23 23:23:43 +02:00
|
|
|
#include "routerparse.h"
|
2012-09-13 18:46:39 +02:00
|
|
|
#include "routerset.h"
|
2010-07-21 14:38:52 +02:00
|
|
|
|
2007-08-21 00:31:39 +02:00
|
|
|
#if defined(EXPORTMALLINFO) && defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO)
|
2009-01-04 23:47:42 +01:00
|
|
|
#ifndef OPENBSD
|
2007-08-21 00:11:56 +02:00
|
|
|
#include <malloc.h>
|
|
|
|
#endif
|
2009-01-04 23:47:42 +01:00
|
|
|
#endif
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/**
|
|
|
|
* \file directory.c
|
2005-06-11 07:31:17 +02:00
|
|
|
* \brief Code to send and fetch directories and router
|
|
|
|
* descriptors via HTTP. Directories use dirserv.c to generate the
|
|
|
|
* results; clients use routers.c to parse them.
|
2004-05-09 18:47:25 +02:00
|
|
|
**/
|
2004-05-05 04:50:38 +02:00
|
|
|
|
2004-05-13 01:48:57 +02:00
|
|
|
/* In-points to directory.c:
|
|
|
|
*
|
|
|
|
* - directory_post_to_dirservers(), called from
|
|
|
|
* router_upload_dir_desc_to_dirservers() in router.c
|
|
|
|
* upload_service_descriptor() in rendservice.c
|
|
|
|
* - directory_get_from_dirserver(), called from
|
|
|
|
* rend_client_refetch_renddesc() in rendclient.c
|
|
|
|
* run_scheduled_events() in main.c
|
|
|
|
* do_hup() in main.c
|
|
|
|
* - connection_dir_process_inbuf(), called from
|
|
|
|
* connection_process_inbuf() in connection.c
|
|
|
|
* - connection_dir_finished_flushing(), called from
|
|
|
|
* connection_finished_flushing() in connection.c
|
|
|
|
* - connection_dir_finished_connecting(), called from
|
|
|
|
* connection_finished_connecting() in connection.c
|
|
|
|
*/
|
2007-07-26 00:56:40 +02:00
|
|
|
static void directory_send_command(dir_connection_t *conn,
|
2007-10-28 21:30:21 +01:00
|
|
|
int purpose, int direct, const char *resource,
|
|
|
|
const char *payload, size_t payload_len,
|
|
|
|
time_t if_modified_since);
|
2006-07-26 21:07:26 +02:00
|
|
|
static int directory_handle_command(dir_connection_t *conn);
|
2005-01-19 23:47:48 +01:00
|
|
|
static int body_is_plausible(const char *body, size_t body_len, int purpose);
|
2007-07-26 00:56:50 +02:00
|
|
|
static int purpose_needs_anonymity(uint8_t dir_purpose,
|
|
|
|
uint8_t router_purpose);
|
2005-08-24 00:27:17 +02:00
|
|
|
static char *http_get_header(const char *headers, const char *which);
|
2006-07-04 20:18:08 +02:00
|
|
|
static void http_set_address_origin(const char *headers, connection_t *conn);
|
2006-07-26 21:07:26 +02:00
|
|
|
static void connection_dir_download_routerdesc_failed(dir_connection_t *conn);
|
2010-08-10 23:07:50 +02:00
|
|
|
static void connection_dir_bridge_routerdesc_failed(dir_connection_t *conn);
|
2007-10-09 17:27:45 +02:00
|
|
|
static void connection_dir_download_cert_failed(
|
|
|
|
dir_connection_t *conn, int status_code);
|
2010-09-13 03:12:17 +02:00
|
|
|
static void connection_dir_retry_bridges(smartlist_t *descs);
|
2006-12-25 03:47:37 +01:00
|
|
|
static void dir_routerdesc_download_failed(smartlist_t *failed,
|
2007-05-18 23:19:19 +02:00
|
|
|
int status_code,
|
2007-11-04 01:15:42 +01:00
|
|
|
int router_purpose,
|
2007-09-21 08:14:36 +02:00
|
|
|
int was_extrainfo,
|
|
|
|
int was_descriptor_digests);
|
2010-05-11 23:20:33 +02:00
|
|
|
static void dir_microdesc_download_failed(smartlist_t *failed,
|
|
|
|
int status_code);
|
2008-06-02 17:09:19 +02:00
|
|
|
static void note_client_request(int purpose, int compressed, size_t bytes);
|
2008-04-24 17:43:25 +02:00
|
|
|
static int client_likes_consensus(networkstatus_t *v, const char *want_url);
|
2003-09-16 07:41:49 +02:00
|
|
|
|
2008-09-24 16:44:29 +02:00
|
|
|
static void directory_initiate_command_rend(const char *address,
|
|
|
|
const tor_addr_t *addr,
|
|
|
|
uint16_t or_port,
|
|
|
|
uint16_t dir_port,
|
|
|
|
const char *digest,
|
|
|
|
uint8_t dir_purpose,
|
|
|
|
uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection,
|
2008-09-24 16:44:29 +02:00
|
|
|
const char *resource,
|
|
|
|
const char *payload,
|
|
|
|
size_t payload_len,
|
|
|
|
time_t if_modified_since,
|
|
|
|
const rend_data_t *rend_query);
|
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
/********* START VARIABLES **********/
|
|
|
|
|
2006-03-12 23:48:18 +01:00
|
|
|
/** How far in the future do we allow a directory server to tell us it is
|
|
|
|
* before deciding that one of us has the wrong time? */
|
|
|
|
#define ALLOW_DIRECTORY_TIME_SKEW (30*60)
|
2004-08-15 22:30:15 +02:00
|
|
|
|
2006-07-17 08:35:06 +02:00
|
|
|
#define X_ADDRESS_HEADER "X-Your-Address-Is: "
|
|
|
|
|
2007-02-02 21:06:43 +01:00
|
|
|
/** HTTP cache control: how long do we tell proxies they can cache each
|
|
|
|
* kind of document we serve? */
|
2006-10-20 01:05:34 +02:00
|
|
|
#define FULL_DIR_CACHE_LIFETIME (60*60)
|
|
|
|
#define RUNNINGROUTERS_CACHE_LIFETIME (20*60)
|
2008-12-07 02:21:19 +01:00
|
|
|
#define DIRPORTFRONTPAGE_CACHE_LIFETIME (20*60)
|
2006-10-20 01:05:34 +02:00
|
|
|
#define NETWORKSTATUS_CACHE_LIFETIME (5*60)
|
|
|
|
#define ROUTERDESC_CACHE_LIFETIME (30*60)
|
2006-10-20 01:28:38 +02:00
|
|
|
#define ROUTERDESC_BY_DIGEST_CACHE_LIFETIME (48*60*60)
|
2006-10-20 01:05:34 +02:00
|
|
|
#define ROBOTS_CACHE_LIFETIME (24*60*60)
|
2009-10-18 21:45:57 +02:00
|
|
|
#define MICRODESC_CACHE_LIFETIME (48*60*60)
|
2006-10-20 01:05:34 +02:00
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
/********* END VARIABLES ************/
|
|
|
|
|
2010-01-12 20:05:12 +01:00
|
|
|
/** Return true iff the directory purpose <b>dir_purpose</b> (and if it's
|
|
|
|
* fetching descriptors, it's fetching them for <b>router_purpose</b>)
|
|
|
|
* must use an anonymous connection to a directory. */
|
2005-03-14 04:28:46 +01:00
|
|
|
static int
|
2007-07-22 02:16:48 +02:00
|
|
|
purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2006-02-19 23:02:02 +01:00
|
|
|
if (get_options()->AllDirActionsPrivate)
|
|
|
|
return 1;
|
2012-04-27 17:27:32 +02:00
|
|
|
if (router_purpose == ROUTER_PURPOSE_BRIDGE)
|
|
|
|
return 1; /* if no circuits yet, this might break bootstrapping, but it's
|
|
|
|
* needed to be safe. */
|
2008-12-08 00:53:39 +01:00
|
|
|
if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR ||
|
2007-07-26 00:56:44 +02:00
|
|
|
dir_purpose == DIR_PURPOSE_UPLOAD_VOTE ||
|
2007-07-29 04:55:21 +02:00
|
|
|
dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES ||
|
2007-08-24 16:41:06 +02:00
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_STATUS_VOTE ||
|
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES ||
|
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS ||
|
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_CERTIFICATE ||
|
2007-07-22 02:16:48 +02:00
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
|
2010-05-11 23:20:33 +02:00
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
|
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_MICRODESC)
|
2005-02-27 10:47:01 +01:00
|
|
|
return 0;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
/** Return a newly allocated string describing <b>auth</b>. Only describes
|
|
|
|
* authority features. */
|
|
|
|
static char *
|
|
|
|
authdir_type_to_string(dirinfo_type_t auth)
|
2007-05-09 04:20:03 +02:00
|
|
|
{
|
2007-05-09 06:15:46 +02:00
|
|
|
char *result;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *lst = smartlist_new();
|
2010-11-08 20:35:02 +01:00
|
|
|
if (auth & V1_DIRINFO)
|
2007-05-09 06:15:46 +02:00
|
|
|
smartlist_add(lst, (void*)"V1");
|
2010-11-08 20:35:02 +01:00
|
|
|
if (auth & V3_DIRINFO)
|
2010-04-04 03:53:29 +02:00
|
|
|
smartlist_add(lst, (void*)"V3");
|
2010-11-08 20:35:02 +01:00
|
|
|
if (auth & BRIDGE_DIRINFO)
|
2007-05-09 06:15:46 +02:00
|
|
|
smartlist_add(lst, (void*)"Bridge");
|
|
|
|
if (smartlist_len(lst)) {
|
|
|
|
result = smartlist_join_strings(lst, ", ", 0, NULL);
|
|
|
|
} else {
|
|
|
|
result = tor_strdup("[Not an authority]");
|
2007-05-09 04:20:03 +02:00
|
|
|
}
|
2007-05-09 06:15:46 +02:00
|
|
|
smartlist_free(lst);
|
|
|
|
return result;
|
2007-05-09 04:20:03 +02:00
|
|
|
}
|
|
|
|
|
2007-08-24 16:41:06 +02:00
|
|
|
/** Return a string describing a given directory connection purpose. */
|
|
|
|
static const char *
|
|
|
|
dir_conn_purpose_to_string(int purpose)
|
|
|
|
{
|
|
|
|
switch (purpose)
|
|
|
|
{
|
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC:
|
|
|
|
return "hidden-service descriptor fetch";
|
|
|
|
case DIR_PURPOSE_UPLOAD_DIR:
|
|
|
|
return "server descriptor upload";
|
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC:
|
|
|
|
return "hidden-service descriptor upload";
|
|
|
|
case DIR_PURPOSE_UPLOAD_VOTE:
|
|
|
|
return "server vote upload";
|
|
|
|
case DIR_PURPOSE_UPLOAD_SIGNATURES:
|
|
|
|
return "consensus signature upload";
|
|
|
|
case DIR_PURPOSE_FETCH_SERVERDESC:
|
|
|
|
return "server descriptor fetch";
|
|
|
|
case DIR_PURPOSE_FETCH_EXTRAINFO:
|
|
|
|
return "extra-info fetch";
|
|
|
|
case DIR_PURPOSE_FETCH_CONSENSUS:
|
|
|
|
return "consensus network-status fetch";
|
|
|
|
case DIR_PURPOSE_FETCH_CERTIFICATE:
|
|
|
|
return "authority cert fetch";
|
|
|
|
case DIR_PURPOSE_FETCH_STATUS_VOTE:
|
|
|
|
return "status vote fetch";
|
|
|
|
case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
|
|
|
|
return "consensus signature fetch";
|
2007-10-29 20:10:42 +01:00
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC_V2:
|
|
|
|
return "hidden-service v2 descriptor fetch";
|
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
|
|
|
|
return "hidden-service v2 descriptor upload";
|
2010-05-11 23:20:33 +02:00
|
|
|
case DIR_PURPOSE_FETCH_MICRODESC:
|
|
|
|
return "microdescriptor fetch";
|
2007-08-24 16:41:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
log_warn(LD_BUG, "Called with unknown purpose %d", purpose);
|
|
|
|
return "(unknown)";
|
|
|
|
}
|
|
|
|
|
2007-05-29 19:31:13 +02:00
|
|
|
/** Return true iff <b>identity_digest</b> is the digest of a router we
|
|
|
|
* believe to support extrainfo downloads. (If <b>is_authority</b> we do
|
|
|
|
* additional checking that's only valid for authorities.) */
|
2007-05-18 23:19:19 +02:00
|
|
|
int
|
|
|
|
router_supports_extrainfo(const char *identity_digest, int is_authority)
|
|
|
|
{
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
const node_t *node = node_get_by_id(identity_digest);
|
2007-05-18 23:19:19 +02:00
|
|
|
|
2010-10-05 06:39:01 +02:00
|
|
|
if (node && node->ri) {
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
if (node->ri->caches_extra_info)
|
2007-05-18 23:19:19 +02:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
if (is_authority) {
|
2012-09-08 05:21:18 +02:00
|
|
|
return 1;
|
2007-05-18 23:19:19 +02:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-02-21 07:06:45 +01:00
|
|
|
/** Return true iff any trusted directory authority has accepted our
|
|
|
|
* server descriptor.
|
|
|
|
*
|
|
|
|
* We consider any authority sufficient because waiting for all of
|
|
|
|
* them means it never happens while any authority is down; we don't
|
|
|
|
* go for something more complex in the middle (like \>1/3 or \>1/2 or
|
|
|
|
* \>=1/2) because that doesn't seem necessary yet.
|
|
|
|
*/
|
2007-09-18 17:53:53 +02:00
|
|
|
int
|
|
|
|
directories_have_accepted_server_descriptor(void)
|
|
|
|
{
|
2012-09-08 04:55:53 +02:00
|
|
|
const smartlist_t *servers = router_get_trusted_dir_servers();
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2012-09-10 21:55:27 +02:00
|
|
|
SMARTLIST_FOREACH(servers, dir_server_t *, d, {
|
2012-10-12 18:22:13 +02:00
|
|
|
if ((d->type & options->PublishServerDescriptor_) &&
|
2008-02-21 07:06:45 +01:00
|
|
|
d->has_accepted_serverdesc) {
|
|
|
|
return 1;
|
2007-09-18 17:53:53 +02:00
|
|
|
}
|
|
|
|
});
|
2008-02-21 07:06:45 +01:00
|
|
|
return 0;
|
2007-09-18 17:53:53 +02:00
|
|
|
}
|
|
|
|
|
2007-05-29 19:31:13 +02:00
|
|
|
/** Start a connection to every suitable directory authority, using
|
2011-03-11 09:09:24 +01:00
|
|
|
* connection purpose <b>dir_purpose</b> and uploading <b>payload</b>
|
|
|
|
* (of length <b>payload_len</b>). The dir_purpose should be one of
|
2004-05-13 01:48:57 +02:00
|
|
|
* 'DIR_PURPOSE_UPLOAD_DIR' or 'DIR_PURPOSE_UPLOAD_RENDDESC'.
|
2007-05-01 22:13:49 +02:00
|
|
|
*
|
2011-03-11 09:09:24 +01:00
|
|
|
* <b>router_purpose</b> describes the type of descriptor we're
|
|
|
|
* publishing, if we're publishing a descriptor -- e.g. general or bridge.
|
|
|
|
*
|
2014-01-29 21:17:05 +01:00
|
|
|
* <b>type</b> specifies what sort of dir authorities (V1, V3,
|
|
|
|
* HIDSERV, BRIDGE, etc) we should upload to.
|
2007-05-07 11:28:48 +02:00
|
|
|
*
|
2007-05-29 19:31:13 +02:00
|
|
|
* If <b>extrainfo_len</b> is nonzero, the first <b>payload_len</b> bytes of
|
|
|
|
* <b>payload</b> hold a router descriptor, and the next <b>extrainfo_len</b>
|
|
|
|
* bytes of <b>payload</b> hold an extra-info document. Upload the descriptor
|
|
|
|
* to all authorities, and the extra-info document to all authorities that
|
|
|
|
* support it.
|
2004-05-13 01:48:57 +02:00
|
|
|
*/
|
|
|
|
void
|
2007-07-22 02:16:48 +02:00
|
|
|
directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
|
2010-11-08 20:27:36 +01:00
|
|
|
dirinfo_type_t type,
|
2007-05-07 11:28:48 +02:00
|
|
|
const char *payload,
|
2007-05-01 22:13:49 +02:00
|
|
|
size_t payload_len, size_t extrainfo_len)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2005-11-19 11:12:10 +01:00
|
|
|
int post_via_tor;
|
2012-09-08 04:55:53 +02:00
|
|
|
const smartlist_t *dirservers = router_get_trusted_dir_servers();
|
2007-05-09 04:20:03 +02:00
|
|
|
int found = 0;
|
2011-05-12 06:47:00 +02:00
|
|
|
const int exclude_self = (dir_purpose == DIR_PURPOSE_UPLOAD_VOTE ||
|
|
|
|
dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES);
|
2004-10-15 21:04:38 +02:00
|
|
|
tor_assert(dirservers);
|
2004-10-15 21:17:36 +02:00
|
|
|
/* This tries dirservers which we believe to be down, but ultimately, that's
|
|
|
|
* harmless, and we may as well err on the side of getting things uploaded.
|
|
|
|
*/
|
2012-09-10 21:55:27 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(dirservers, dir_server_t *, ds) {
|
2007-10-09 17:27:15 +02:00
|
|
|
routerstatus_t *rs = &(ds->fake_status);
|
2007-05-01 22:13:49 +02:00
|
|
|
size_t upload_len = payload_len;
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_t ds_addr;
|
2007-05-09 06:15:46 +02:00
|
|
|
|
|
|
|
if ((type & ds->type) == 0)
|
2006-02-06 05:56:18 +01:00
|
|
|
continue;
|
2007-05-09 06:15:46 +02:00
|
|
|
|
2014-02-08 11:02:27 +01:00
|
|
|
if (exclude_self && router_digest_is_me(ds->digest)) {
|
|
|
|
/* we don't upload to ourselves, but at least there's now at least
|
|
|
|
* one authority of this type that has what we wanted to upload. */
|
|
|
|
found = 1;
|
2011-05-12 06:47:00 +02:00
|
|
|
continue;
|
2014-02-08 11:02:27 +01:00
|
|
|
}
|
2011-05-12 06:47:00 +02:00
|
|
|
|
2011-07-07 17:52:13 +02:00
|
|
|
if (options->StrictNodes &&
|
2011-04-27 20:36:30 +02:00
|
|
|
routerset_contains_routerstatus(options->ExcludeNodes, rs, -1)) {
|
2011-03-11 09:09:24 +01:00
|
|
|
log_warn(LD_DIR, "Wanted to contact authority '%s' for %s, but "
|
|
|
|
"it's in our ExcludedNodes list and StrictNodes is set. "
|
|
|
|
"Skipping.",
|
|
|
|
ds->nickname,
|
|
|
|
dir_conn_purpose_to_string(dir_purpose));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2007-05-09 04:20:03 +02:00
|
|
|
found = 1; /* at least one authority of this type was listed */
|
2007-07-22 02:16:48 +02:00
|
|
|
if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR)
|
2007-01-06 06:42:31 +01:00
|
|
|
ds->has_accepted_serverdesc = 0;
|
2007-05-01 22:29:32 +02:00
|
|
|
|
2007-05-18 23:19:19 +02:00
|
|
|
if (extrainfo_len && router_supports_extrainfo(ds->digest, 1)) {
|
2007-05-01 22:13:49 +02:00
|
|
|
upload_len += extrainfo_len;
|
2009-04-01 15:02:04 +02:00
|
|
|
log_info(LD_DIR, "Uploading an extrainfo too (length %d)",
|
2007-05-01 22:42:23 +02:00
|
|
|
(int) extrainfo_len);
|
2007-05-01 22:13:49 +02:00
|
|
|
}
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_from_ipv4h(&ds_addr, ds->addr);
|
2007-07-22 02:16:48 +02:00
|
|
|
post_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose) ||
|
2008-08-05 22:08:19 +02:00
|
|
|
!fascist_firewall_allows_address_dir(&ds_addr, ds->dir_port);
|
2007-07-22 02:16:48 +02:00
|
|
|
directory_initiate_command_routerstatus(rs, dir_purpose,
|
|
|
|
router_purpose,
|
2007-06-10 09:34:21 +02:00
|
|
|
post_via_tor,
|
2007-10-28 21:30:21 +01:00
|
|
|
NULL, payload, upload_len, 0);
|
2008-08-05 22:08:19 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ds);
|
2007-05-09 04:20:03 +02:00
|
|
|
if (!found) {
|
2010-11-08 20:21:32 +01:00
|
|
|
char *s = authdir_type_to_string(type);
|
2007-05-09 04:20:03 +02:00
|
|
|
log_warn(LD_DIR, "Publishing server descriptor to directory authorities "
|
2007-05-09 06:15:46 +02:00
|
|
|
"of type '%s', but no authorities of that type listed!", s);
|
|
|
|
tor_free(s);
|
2007-05-09 04:20:03 +02:00
|
|
|
}
|
2004-05-13 01:48:57 +02:00
|
|
|
}
|
|
|
|
|
2012-12-11 18:44:18 +01:00
|
|
|
/** Return true iff, according to the values in <b>options</b>, we should be
|
|
|
|
* using directory guards for direct downloads of directory information. */
|
|
|
|
static int
|
|
|
|
should_use_directory_guards(const or_options_t *options)
|
|
|
|
{
|
|
|
|
/* Public (non-bridge) servers never use directory guards. */
|
|
|
|
if (public_server_mode(options))
|
|
|
|
return 0;
|
|
|
|
/* If guards are disabled, or directory guards are disabled, we can't
|
|
|
|
* use directory guards.
|
|
|
|
*/
|
2012-12-11 19:05:35 +01:00
|
|
|
if (!options->UseEntryGuards || !options->UseEntryGuardsAsDirGuards)
|
2012-12-11 18:44:18 +01:00
|
|
|
return 0;
|
|
|
|
/* If we're configured to fetch directory info aggressively or of a
|
|
|
|
* nonstandard type, don't use directory guards. */
|
|
|
|
if (options->DownloadExtraInfo || options->FetchDirInfoEarly ||
|
2014-01-29 21:17:05 +01:00
|
|
|
options->FetchDirInfoExtraEarly || options->FetchUselessDescriptors)
|
2012-12-11 18:44:18 +01:00
|
|
|
return 0;
|
|
|
|
if (! options->PreferTunneledDirConns)
|
|
|
|
return 0;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Pick an unconsetrained directory server from among our guards, the latest
|
|
|
|
* networkstatus, or the fallback dirservers, for use in downloading
|
|
|
|
* information of type <b>type</b>, and return its routerstatus. */
|
2012-12-11 17:25:36 +01:00
|
|
|
static const routerstatus_t *
|
|
|
|
directory_pick_generic_dirserver(dirinfo_type_t type, int pds_flags,
|
|
|
|
uint8_t dir_purpose)
|
|
|
|
{
|
2012-12-26 05:37:41 +01:00
|
|
|
const routerstatus_t *rs = NULL;
|
2012-12-11 18:44:18 +01:00
|
|
|
const or_options_t *options = get_options();
|
2012-12-11 17:25:36 +01:00
|
|
|
|
2012-12-11 18:44:18 +01:00
|
|
|
if (options->UseBridges)
|
|
|
|
log_warn(LD_BUG, "Called when we have UseBridges set.");
|
|
|
|
|
|
|
|
if (should_use_directory_guards(options)) {
|
|
|
|
const node_t *node = choose_random_dirguard(type);
|
|
|
|
if (node)
|
|
|
|
rs = node->rs;
|
|
|
|
} else {
|
|
|
|
/* anybody with a non-zero dirport will do */
|
|
|
|
rs = router_pick_directory_server(type, pds_flags);
|
|
|
|
}
|
2012-12-11 17:25:36 +01:00
|
|
|
if (!rs) {
|
|
|
|
log_info(LD_DIR, "No router found for %s; falling back to "
|
|
|
|
"dirserver list.", dir_conn_purpose_to_string(dir_purpose));
|
|
|
|
rs = router_pick_fallback_dirserver(type, pds_flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
return rs;
|
|
|
|
}
|
|
|
|
|
2004-11-15 04:53:03 +01:00
|
|
|
/** Start a connection to a random running directory server, using
|
2007-07-22 02:16:48 +02:00
|
|
|
* connection purpose <b>dir_purpose</b>, intending to fetch descriptors
|
|
|
|
* of purpose <b>router_purpose</b>, and requesting <b>resource</b>.
|
2008-12-14 20:39:54 +01:00
|
|
|
* Use <b>pds_flags</b> as arguments to router_pick_directory_server()
|
|
|
|
* or router_pick_trusteddirserver().
|
2004-05-13 01:48:57 +02:00
|
|
|
*/
|
|
|
|
void
|
2007-07-22 02:16:48 +02:00
|
|
|
directory_get_from_dirserver(uint8_t dir_purpose, uint8_t router_purpose,
|
2008-12-11 20:12:45 +01:00
|
|
|
const char *resource, int pds_flags)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *rs = NULL;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-12-01 05:58:53 +01:00
|
|
|
int prefer_authority = directory_fetches_from_authorities(options);
|
2012-04-17 18:09:19 +02:00
|
|
|
int require_authority = 0;
|
2007-07-22 02:16:48 +02:00
|
|
|
int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose);
|
2010-11-08 20:27:36 +01:00
|
|
|
dirinfo_type_t type;
|
2007-10-28 21:30:21 +01:00
|
|
|
time_t if_modified_since = 0;
|
2006-09-29 01:57:59 +02:00
|
|
|
|
2006-10-07 02:50:39 +02:00
|
|
|
/* FFFF we could break this switch into its own function, and call
|
|
|
|
* it elsewhere in directory.c. -RD */
|
2007-06-10 09:34:21 +02:00
|
|
|
switch (dir_purpose) {
|
2007-05-18 23:19:19 +02:00
|
|
|
case DIR_PURPOSE_FETCH_EXTRAINFO:
|
2010-11-08 20:35:02 +01:00
|
|
|
type = EXTRAINFO_DIRINFO |
|
|
|
|
(router_purpose == ROUTER_PURPOSE_BRIDGE ? BRIDGE_DIRINFO :
|
|
|
|
V3_DIRINFO);
|
2007-05-18 23:19:19 +02:00
|
|
|
break;
|
2006-09-29 01:57:59 +02:00
|
|
|
case DIR_PURPOSE_FETCH_SERVERDESC:
|
2010-11-08 20:35:02 +01:00
|
|
|
type = (router_purpose == ROUTER_PURPOSE_BRIDGE ? BRIDGE_DIRINFO :
|
|
|
|
V3_DIRINFO);
|
2006-09-29 01:57:59 +02:00
|
|
|
break;
|
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC:
|
2010-11-08 20:35:02 +01:00
|
|
|
type = HIDSERV_DIRINFO;
|
2006-09-29 01:57:59 +02:00
|
|
|
break;
|
2007-08-24 16:41:06 +02:00
|
|
|
case DIR_PURPOSE_FETCH_STATUS_VOTE:
|
|
|
|
case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
|
2011-07-14 20:19:18 +02:00
|
|
|
case DIR_PURPOSE_FETCH_CERTIFICATE:
|
2010-11-08 20:35:02 +01:00
|
|
|
type = V3_DIRINFO;
|
2007-09-22 08:06:05 +02:00
|
|
|
break;
|
2007-08-24 16:41:06 +02:00
|
|
|
case DIR_PURPOSE_FETCH_CONSENSUS:
|
2010-11-08 20:35:02 +01:00
|
|
|
type = V3_DIRINFO;
|
2011-07-14 20:19:18 +02:00
|
|
|
if (resource && !strcmp(resource,"microdesc"))
|
|
|
|
type |= MICRODESC_DIRINFO;
|
2007-08-24 16:41:06 +02:00
|
|
|
break;
|
2010-05-11 23:20:33 +02:00
|
|
|
case DIR_PURPOSE_FETCH_MICRODESC:
|
2010-11-08 20:21:32 +01:00
|
|
|
type = MICRODESC_DIRINFO;
|
2010-05-11 23:20:33 +02:00
|
|
|
break;
|
2006-09-29 01:57:59 +02:00
|
|
|
default:
|
2007-06-10 09:34:21 +02:00
|
|
|
log_warn(LD_BUG, "Unexpected purpose %d", (int)dir_purpose);
|
2006-09-29 01:57:59 +02:00
|
|
|
return;
|
|
|
|
}
|
2005-09-08 20:14:01 +02:00
|
|
|
|
2009-10-27 01:12:52 +01:00
|
|
|
if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
|
2010-09-17 04:12:03 +02:00
|
|
|
int flav = FLAV_NS;
|
|
|
|
networkstatus_t *v;
|
|
|
|
if (resource)
|
|
|
|
flav = networkstatus_parse_flavor_name(resource);
|
|
|
|
|
|
|
|
if (flav != -1) {
|
|
|
|
/* IF we have a parsed consensus of this type, we can do an
|
|
|
|
* if-modified-time based on it. */
|
|
|
|
v = networkstatus_get_latest_consensus_by_flavor(flav);
|
|
|
|
if (v)
|
|
|
|
if_modified_since = v->valid_after + 180;
|
|
|
|
} else {
|
|
|
|
/* Otherwise it might be a consensus we don't parse, but which we
|
|
|
|
* do cache. Look at the cached copy, perhaps. */
|
2011-12-02 16:35:45 +01:00
|
|
|
cached_dir_t *cd = dirserv_get_consensus(resource);
|
2010-09-17 04:12:03 +02:00
|
|
|
if (cd)
|
|
|
|
if_modified_since = cd->published + 180;
|
|
|
|
}
|
2007-10-28 21:30:21 +01:00
|
|
|
}
|
|
|
|
|
2010-11-08 20:35:02 +01:00
|
|
|
if (!options->FetchServerDescriptors && type != HIDSERV_DIRINFO)
|
2006-02-19 23:02:02 +01:00
|
|
|
return;
|
|
|
|
|
2007-09-21 08:14:36 +02:00
|
|
|
if (!get_via_tor) {
|
2010-11-08 20:35:02 +01:00
|
|
|
if (options->UseBridges && type != BRIDGE_DIRINFO) {
|
2012-01-26 00:54:59 +01:00
|
|
|
/* We want to ask a running bridge for which we have a descriptor.
|
|
|
|
*
|
2012-01-26 02:49:32 +01:00
|
|
|
* When we ask choose_random_entry() for a bridge, we specify what
|
|
|
|
* sort of dir fetch we'll be doing, so it won't return a bridge
|
|
|
|
* that can't answer our question.
|
2012-01-26 00:54:59 +01:00
|
|
|
*/
|
2012-01-26 02:18:51 +01:00
|
|
|
/* XXX024 Not all bridges handle conditional consensus downloading,
|
|
|
|
* so, for now, never assume the server supports that. -PP */
|
2013-02-12 22:23:12 +01:00
|
|
|
const node_t *node = choose_random_dirguard(type);
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
if (node && node->ri) {
|
|
|
|
/* every bridge has a routerinfo. */
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_t addr;
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
routerinfo_t *ri = node->ri;
|
|
|
|
node_get_addr(node, &addr);
|
2008-08-05 22:08:19 +02:00
|
|
|
directory_initiate_command(ri->address, &addr,
|
2012-09-08 05:21:18 +02:00
|
|
|
ri->or_port, 0/*no dirport*/,
|
|
|
|
ri->cache_info.identity_digest,
|
2007-09-21 08:14:36 +02:00
|
|
|
dir_purpose,
|
|
|
|
router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
DIRIND_ONEHOP,
|
|
|
|
resource, NULL, 0, if_modified_since);
|
2007-09-21 08:14:36 +02:00
|
|
|
} else
|
|
|
|
log_notice(LD_DIR, "Ignoring directory request, since no bridge "
|
|
|
|
"nodes are available yet.");
|
|
|
|
return;
|
|
|
|
} else {
|
2010-11-08 20:35:02 +01:00
|
|
|
if (prefer_authority || type == BRIDGE_DIRINFO) {
|
2007-09-21 08:14:36 +02:00
|
|
|
/* only ask authdirservers, and don't ask myself */
|
2008-12-11 20:12:45 +01:00
|
|
|
rs = router_pick_trusteddirserver(type, pds_flags);
|
2010-05-11 23:20:33 +02:00
|
|
|
if (rs == NULL && (pds_flags & (PDS_NO_EXISTING_SERVERDESC_FETCH|
|
|
|
|
PDS_NO_EXISTING_MICRODESC_FETCH))) {
|
2008-12-11 20:12:48 +01:00
|
|
|
/* We don't want to fetch from any authorities that we're currently
|
|
|
|
* fetching server descriptors from, and we got no match. Did we
|
|
|
|
* get no match because all the authorities have connections
|
|
|
|
* fetching server descriptors (in which case we should just
|
|
|
|
* return,) or because all the authorities are down or on fire or
|
|
|
|
* unreachable or something (in which case we should go on with
|
|
|
|
* our fallback code)? */
|
2010-05-11 23:20:33 +02:00
|
|
|
pds_flags &= ~(PDS_NO_EXISTING_SERVERDESC_FETCH|
|
|
|
|
PDS_NO_EXISTING_MICRODESC_FETCH);
|
2008-12-11 20:12:48 +01:00
|
|
|
rs = router_pick_trusteddirserver(type, pds_flags);
|
|
|
|
if (rs) {
|
|
|
|
log_debug(LD_DIR, "Deferring serverdesc fetch: all authorities "
|
|
|
|
"are in use.");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2012-04-17 18:09:19 +02:00
|
|
|
if (rs == NULL && require_authority) {
|
|
|
|
log_info(LD_DIR, "No authorities were available for %s: will try "
|
|
|
|
"later.", dir_conn_purpose_to_string(dir_purpose));
|
|
|
|
return;
|
|
|
|
}
|
2007-09-21 08:14:36 +02:00
|
|
|
}
|
2010-11-08 20:35:02 +01:00
|
|
|
if (!rs && type != BRIDGE_DIRINFO) {
|
2012-12-11 17:25:36 +01:00
|
|
|
/* */
|
|
|
|
rs = directory_pick_generic_dirserver(type, pds_flags,
|
|
|
|
dir_purpose);
|
2007-09-21 08:14:36 +02:00
|
|
|
if (!rs) {
|
2012-12-11 17:25:36 +01:00
|
|
|
/*XXXX024 I'm pretty sure this can never do any good, since
|
|
|
|
* rs isn't set. */
|
|
|
|
get_via_tor = 1; /* last resort: try routing it via Tor */
|
2007-09-21 08:14:36 +02:00
|
|
|
}
|
2004-10-14 03:44:32 +02:00
|
|
|
}
|
2004-07-20 08:44:16 +02:00
|
|
|
}
|
2007-07-22 02:16:48 +02:00
|
|
|
} else { /* get_via_tor */
|
2004-10-15 06:57:36 +02:00
|
|
|
/* Never use fascistfirewall; we're going via Tor. */
|
2007-06-10 09:34:21 +02:00
|
|
|
if (dir_purpose == DIR_PURPOSE_FETCH_RENDDESC) {
|
2006-10-07 02:50:39 +02:00
|
|
|
/* only ask hidserv authorities, any of them will do */
|
2008-12-11 20:12:45 +01:00
|
|
|
pds_flags |= PDS_IGNORE_FASCISTFIREWALL|PDS_ALLOW_SELF;
|
2010-11-08 20:35:02 +01:00
|
|
|
rs = router_pick_trusteddirserver(HIDSERV_DIRINFO, pds_flags);
|
2005-11-19 11:12:10 +01:00
|
|
|
} else {
|
|
|
|
/* anybody with a non-zero dirport will do. Disregard firewalls. */
|
2008-12-11 20:12:45 +01:00
|
|
|
pds_flags |= PDS_IGNORE_FASCISTFIREWALL;
|
|
|
|
rs = router_pick_directory_server(type, pds_flags);
|
2005-12-15 21:44:15 +01:00
|
|
|
/* If we have any hope of building an indirect conn, we know some router
|
2005-12-15 22:26:39 +01:00
|
|
|
* descriptors. If (rs==NULL), we can't build circuits anyway, so
|
2006-10-07 02:50:39 +02:00
|
|
|
* there's no point in falling back to the authorities in this case. */
|
2005-11-19 11:12:10 +01:00
|
|
|
}
|
2004-07-20 08:44:16 +02:00
|
|
|
}
|
|
|
|
|
2012-09-12 16:15:58 +02:00
|
|
|
if (rs) {
|
|
|
|
const dir_indirection_t indirection =
|
|
|
|
get_via_tor ? DIRIND_ANONYMOUS : DIRIND_ONEHOP;
|
2007-06-10 09:34:21 +02:00
|
|
|
directory_initiate_command_routerstatus(rs, dir_purpose,
|
2007-07-22 02:16:48 +02:00
|
|
|
router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
indirection,
|
2007-10-28 21:30:21 +01:00
|
|
|
resource, NULL, 0,
|
|
|
|
if_modified_since);
|
2012-09-12 16:15:58 +02:00
|
|
|
} else {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_DIR,
|
2006-10-15 09:42:51 +02:00
|
|
|
"While fetching directory info, "
|
|
|
|
"no running dirservers known. Will try again later. "
|
2007-06-10 09:34:21 +02:00
|
|
|
"(purpose %d)", dir_purpose);
|
2007-07-22 02:16:48 +02:00
|
|
|
if (!purpose_needs_anonymity(dir_purpose, router_purpose)) {
|
2005-01-10 18:39:41 +01:00
|
|
|
/* remember we tried them all and failed. */
|
2005-02-05 22:42:46 +01:00
|
|
|
directory_all_unreachable(time(NULL));
|
2005-01-10 18:39:41 +01:00
|
|
|
}
|
2005-01-03 21:51:24 +01:00
|
|
|
}
|
2004-05-13 01:48:57 +02:00
|
|
|
}
|
|
|
|
|
2007-09-22 08:06:05 +02:00
|
|
|
/** As directory_get_from_dirserver, but initiates a request to <i>every</i>
|
|
|
|
* directory authority other than ourself. Only for use by authorities when
|
|
|
|
* searching for missing information while voting. */
|
|
|
|
void
|
|
|
|
directory_get_from_all_authorities(uint8_t dir_purpose,
|
|
|
|
uint8_t router_purpose,
|
|
|
|
const char *resource)
|
|
|
|
{
|
|
|
|
tor_assert(dir_purpose == DIR_PURPOSE_FETCH_STATUS_VOTE ||
|
|
|
|
dir_purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES);
|
|
|
|
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
|
2012-09-10 21:55:27 +02:00
|
|
|
dir_server_t *, ds) {
|
2007-09-22 08:06:05 +02:00
|
|
|
routerstatus_t *rs;
|
|
|
|
if (router_digest_is_me(ds->digest))
|
|
|
|
continue;
|
2010-11-08 20:35:02 +01:00
|
|
|
if (!(ds->type & V3_DIRINFO))
|
2007-09-22 08:06:05 +02:00
|
|
|
continue;
|
2007-10-09 17:27:15 +02:00
|
|
|
rs = &ds->fake_status;
|
2007-09-22 08:06:05 +02:00
|
|
|
directory_initiate_command_routerstatus(rs, dir_purpose, router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
DIRIND_ONEHOP, resource, NULL,
|
|
|
|
0, 0);
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ds);
|
2007-09-22 08:06:05 +02:00
|
|
|
}
|
|
|
|
|
2012-09-12 16:15:58 +02:00
|
|
|
/** Return true iff <b>ind</b> requires a multihop circuit. */
|
|
|
|
static int
|
|
|
|
dirind_is_anon(dir_indirection_t ind)
|
|
|
|
{
|
|
|
|
return ind == DIRIND_ANON_DIRPORT || ind == DIRIND_ANONYMOUS;
|
|
|
|
}
|
|
|
|
|
2008-09-24 16:44:29 +02:00
|
|
|
/** Same as directory_initiate_command_routerstatus(), but accepts
|
|
|
|
* rendezvous data to fetch a hidden service descriptor. */
|
2005-12-14 23:00:58 +01:00
|
|
|
void
|
2010-09-29 07:35:08 +02:00
|
|
|
directory_initiate_command_routerstatus_rend(const routerstatus_t *status,
|
2008-09-24 16:44:29 +02:00
|
|
|
uint8_t dir_purpose,
|
|
|
|
uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection,
|
2008-09-24 16:44:29 +02:00
|
|
|
const char *resource,
|
|
|
|
const char *payload,
|
|
|
|
size_t payload_len,
|
|
|
|
time_t if_modified_since,
|
|
|
|
const rend_data_t *rend_query)
|
2004-10-12 17:55:20 +02:00
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
const node_t *node;
|
2006-06-30 12:50:43 +02:00
|
|
|
char address_buf[INET_NTOA_BUF_LEN+1];
|
2005-12-14 23:00:58 +01:00
|
|
|
struct in_addr in;
|
|
|
|
const char *address;
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_t addr;
|
2012-09-12 16:15:58 +02:00
|
|
|
const int anonymized_connection = dirind_is_anon(indirection);
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
node = node_get_by_id(status->identity_digest);
|
2011-03-11 09:09:24 +01:00
|
|
|
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
if (!node && anonymized_connection) {
|
2008-09-09 23:09:15 +02:00
|
|
|
log_info(LD_DIR, "Not sending anonymized request to directory '%s'; we "
|
2011-05-16 03:58:46 +02:00
|
|
|
"don't have its router descriptor.",
|
|
|
|
routerstatus_describe(status));
|
2008-09-09 23:08:02 +02:00
|
|
|
return;
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
} else if (node) {
|
|
|
|
node_get_address_string(node, address_buf, sizeof(address_buf));
|
|
|
|
address = address_buf;
|
2005-12-14 23:00:58 +01:00
|
|
|
} else {
|
|
|
|
in.s_addr = htonl(status->addr);
|
|
|
|
tor_inet_ntoa(&in, address_buf, sizeof(address_buf));
|
|
|
|
address = address_buf;
|
|
|
|
}
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_from_ipv4h(&addr, status->addr);
|
2011-03-11 09:09:24 +01:00
|
|
|
|
|
|
|
if (options->ExcludeNodes && options->StrictNodes &&
|
2011-04-27 20:36:30 +02:00
|
|
|
routerset_contains_routerstatus(options->ExcludeNodes, status, -1)) {
|
2011-05-16 03:58:46 +02:00
|
|
|
log_warn(LD_DIR, "Wanted to contact directory mirror %s for %s, but "
|
2011-03-11 09:09:24 +01:00
|
|
|
"it's in our ExcludedNodes list and StrictNodes is set. "
|
|
|
|
"Skipping. This choice might make your Tor not work.",
|
2011-05-16 03:58:46 +02:00
|
|
|
routerstatus_describe(status),
|
2011-03-11 09:09:24 +01:00
|
|
|
dir_conn_purpose_to_string(dir_purpose));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2008-09-24 16:44:29 +02:00
|
|
|
directory_initiate_command_rend(address, &addr,
|
2007-04-27 12:26:09 +02:00
|
|
|
status->or_port, status->dir_port,
|
2007-01-27 22:18:08 +01:00
|
|
|
status->identity_digest,
|
2007-06-10 09:34:21 +02:00
|
|
|
dir_purpose, router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
indirection, resource,
|
2008-09-24 16:44:29 +02:00
|
|
|
payload, payload_len, if_modified_since,
|
|
|
|
rend_query);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Launch a new connection to the directory server <b>status</b> to
|
|
|
|
* upload or download a server or rendezvous
|
|
|
|
* descriptor. <b>dir_purpose</b> determines what
|
|
|
|
* kind of directory connection we're launching, and must be one of
|
|
|
|
* DIR_PURPOSE_{FETCH|UPLOAD}_{DIR|RENDDESC|RENDDESC_V2}. <b>router_purpose</b>
|
|
|
|
* specifies the descriptor purposes we have in mind (currently only
|
|
|
|
* used for FETCH_DIR).
|
|
|
|
*
|
|
|
|
* When uploading, <b>payload</b> and <b>payload_len</b> determine the content
|
|
|
|
* of the HTTP post. Otherwise, <b>payload</b> should be NULL.
|
|
|
|
*
|
|
|
|
* When fetching a rendezvous descriptor, <b>resource</b> is the service ID we
|
|
|
|
* want to fetch.
|
|
|
|
*/
|
|
|
|
void
|
2010-09-29 07:35:08 +02:00
|
|
|
directory_initiate_command_routerstatus(const routerstatus_t *status,
|
2008-09-24 16:44:29 +02:00
|
|
|
uint8_t dir_purpose,
|
|
|
|
uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection,
|
2008-09-24 16:44:29 +02:00
|
|
|
const char *resource,
|
|
|
|
const char *payload,
|
|
|
|
size_t payload_len,
|
|
|
|
time_t if_modified_since)
|
|
|
|
{
|
|
|
|
directory_initiate_command_routerstatus_rend(status, dir_purpose,
|
|
|
|
router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
indirection, resource,
|
2008-09-24 16:44:29 +02:00
|
|
|
payload, payload_len,
|
|
|
|
if_modified_since, NULL);
|
2004-10-12 17:55:20 +02:00
|
|
|
}
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Return true iff <b>conn</b> is the client side of a directory connection
|
|
|
|
* we launched to ourself in order to determine the reachability of our
|
|
|
|
* dir_port. */
|
2007-01-06 06:42:31 +01:00
|
|
|
static int
|
|
|
|
directory_conn_is_self_reachability_test(dir_connection_t *conn)
|
|
|
|
{
|
|
|
|
if (conn->requested_resource &&
|
|
|
|
!strcmpstart(conn->requested_resource,"authority")) {
|
2010-09-29 06:38:32 +02:00
|
|
|
const routerinfo_t *me = router_get_my_routerinfo();
|
2007-01-06 06:42:31 +01:00
|
|
|
if (me &&
|
|
|
|
router_digest_is_me(conn->identity_digest) &&
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_addr_eq_ipv4h(&conn->base_.addr, me->addr) && /*XXXX prop 118*/
|
|
|
|
me->dir_port == conn->base_.port)
|
2007-01-06 06:42:31 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-12-25 03:47:37 +01:00
|
|
|
/** Called when we are unable to complete the client's request to a directory
|
|
|
|
* server due to a network error: Mark the router as down and try again if
|
|
|
|
* possible.
|
2005-01-03 21:07:07 +01:00
|
|
|
*/
|
2011-06-22 20:08:30 +02:00
|
|
|
static void
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_request_failed(dir_connection_t *conn)
|
2005-01-03 21:07:07 +01:00
|
|
|
{
|
2007-01-29 19:13:37 +01:00
|
|
|
if (directory_conn_is_self_reachability_test(conn)) {
|
2005-09-14 05:49:17 +02:00
|
|
|
return; /* this was a test fetch. don't retry. */
|
2007-01-29 19:13:37 +01:00
|
|
|
}
|
2010-09-12 06:20:00 +02:00
|
|
|
if (!entry_list_is_constrained(get_options()))
|
2007-12-10 18:16:41 +01:00
|
|
|
router_set_status(conn->identity_digest, 0); /* don't try him again */
|
2014-01-29 21:17:05 +01:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) {
|
2010-05-11 23:20:33 +02:00
|
|
|
log_info(LD_DIR, "Giving up on serverdesc/extrainfo fetch from "
|
|
|
|
"directory server at '%s'; retrying",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address);
|
2010-08-10 23:07:50 +02:00
|
|
|
if (conn->router_purpose == ROUTER_PURPOSE_BRIDGE)
|
|
|
|
connection_dir_bridge_routerdesc_failed(conn);
|
2005-09-15 07:19:38 +02:00
|
|
|
connection_dir_download_routerdesc_failed(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
} else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
|
2011-02-23 18:32:15 +01:00
|
|
|
if (conn->requested_resource)
|
|
|
|
networkstatus_consensus_download_failed(0, conn->requested_resource);
|
2012-10-12 18:22:13 +02:00
|
|
|
} else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
|
2010-05-11 23:20:33 +02:00
|
|
|
log_info(LD_DIR, "Giving up on certificate fetch from directory server "
|
|
|
|
"at '%s'; retrying",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address);
|
2007-10-09 17:27:45 +02:00
|
|
|
connection_dir_download_cert_failed(conn, 0);
|
2012-10-12 18:22:13 +02:00
|
|
|
} else if (conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) {
|
2007-10-22 18:32:06 +02:00
|
|
|
log_info(LD_DIR, "Giving up downloading detached signatures from '%s'",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address);
|
|
|
|
} else if (conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) {
|
2007-10-22 18:32:06 +02:00
|
|
|
log_info(LD_DIR, "Giving up downloading votes from '%s'",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address);
|
|
|
|
} else if (conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC) {
|
2010-05-11 23:20:33 +02:00
|
|
|
log_info(LD_DIR, "Giving up on downloading microdescriptors from "
|
2013-09-29 12:15:00 +02:00
|
|
|
"directory server at '%s'; will retry", conn->base_.address);
|
2010-05-11 23:20:33 +02:00
|
|
|
connection_dir_download_routerdesc_failed(conn);
|
2005-01-03 21:07:07 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-08-10 23:07:50 +02:00
|
|
|
/** Helper: Attempt to fetch directly the descriptors of each bridge
|
|
|
|
* listed in <b>failed</b>.
|
|
|
|
*/
|
|
|
|
static void
|
2010-09-13 03:12:17 +02:00
|
|
|
connection_dir_retry_bridges(smartlist_t *descs)
|
2010-08-10 23:07:50 +02:00
|
|
|
{
|
|
|
|
char digest[DIGEST_LEN];
|
2010-08-31 21:45:44 +02:00
|
|
|
SMARTLIST_FOREACH(descs, const char *, cp,
|
2010-08-10 23:07:50 +02:00
|
|
|
{
|
|
|
|
if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp))<0) {
|
|
|
|
log_warn(LD_BUG, "Malformed fingerprint in list: %s",
|
|
|
|
escaped(cp));
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
retry_bridge_descriptor_fetch_directly(digest);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2005-09-30 01:26:42 +02:00
|
|
|
/** Called when an attempt to download one or more router descriptors
|
2007-05-18 23:19:19 +02:00
|
|
|
* or extra-info documents on connection <b>conn</b> failed.
|
2005-09-15 07:19:38 +02:00
|
|
|
*/
|
|
|
|
static void
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_download_routerdesc_failed(dir_connection_t *conn)
|
2005-09-15 07:19:38 +02:00
|
|
|
{
|
2007-02-08 23:08:04 +01:00
|
|
|
/* No need to increment the failure count for routerdescs, since
|
2007-01-27 20:02:37 +01:00
|
|
|
* it's not their fault. */
|
2007-02-08 23:08:04 +01:00
|
|
|
|
2007-02-24 22:21:38 +01:00
|
|
|
/* No need to relaunch descriptor downloads here: we already do it
|
2008-06-24 10:00:30 +02:00
|
|
|
* every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
|
2007-02-22 08:41:10 +01:00
|
|
|
|
2006-06-05 00:42:13 +02:00
|
|
|
(void) conn;
|
2005-09-15 07:19:38 +02:00
|
|
|
}
|
|
|
|
|
2010-08-10 23:07:50 +02:00
|
|
|
/** Called when an attempt to download a bridge's routerdesc from
|
|
|
|
* one of the authorities failed due to a network error. If
|
|
|
|
* possible attempt to download descriptors from the bridge directly.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
connection_dir_bridge_routerdesc_failed(dir_connection_t *conn)
|
|
|
|
{
|
|
|
|
smartlist_t *which = NULL;
|
|
|
|
|
|
|
|
/* Requests for bridge descriptors are in the form 'fp/', so ignore
|
|
|
|
anything else. */
|
2010-09-12 15:10:16 +02:00
|
|
|
if (!conn->requested_resource || strcmpstart(conn->requested_resource,"fp/"))
|
2010-08-10 23:07:50 +02:00
|
|
|
return;
|
|
|
|
|
2012-01-18 21:53:30 +01:00
|
|
|
which = smartlist_new();
|
2010-08-31 21:45:44 +02:00
|
|
|
dir_split_resource_into_fingerprints(conn->requested_resource
|
|
|
|
+ strlen("fp/"),
|
|
|
|
which, NULL, 0);
|
2010-08-10 23:07:50 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.purpose != DIR_PURPOSE_FETCH_EXTRAINFO);
|
2010-08-10 23:07:50 +02:00
|
|
|
if (smartlist_len(which)) {
|
2010-08-31 21:45:44 +02:00
|
|
|
connection_dir_retry_bridges(which);
|
2010-08-10 23:07:50 +02:00
|
|
|
SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
|
|
|
|
}
|
|
|
|
smartlist_free(which);
|
|
|
|
}
|
|
|
|
|
2007-10-09 17:27:45 +02:00
|
|
|
/** Called when an attempt to fetch a certificate fails. */
|
|
|
|
static void
|
|
|
|
connection_dir_download_cert_failed(dir_connection_t *conn, int status)
|
|
|
|
{
|
2013-05-09 17:23:53 +02:00
|
|
|
const char *fp_pfx = "fp/";
|
|
|
|
const char *fpsk_pfx = "fp-sk/";
|
2007-10-09 17:27:45 +02:00
|
|
|
smartlist_t *failed;
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE);
|
2007-10-09 17:27:45 +02:00
|
|
|
|
|
|
|
if (!conn->requested_resource)
|
|
|
|
return;
|
2012-01-18 21:53:30 +01:00
|
|
|
failed = smartlist_new();
|
2013-05-09 13:56:54 +02:00
|
|
|
/*
|
|
|
|
* We have two cases download by fingerprint (resource starts
|
|
|
|
* with "fp/") or download by fingerprint/signing key pair
|
|
|
|
* (resource starts with "fp-sk/").
|
|
|
|
*/
|
2013-05-09 17:23:53 +02:00
|
|
|
if (!strcmpstart(conn->requested_resource, fp_pfx)) {
|
2013-05-09 13:56:54 +02:00
|
|
|
/* Download by fingerprint case */
|
2013-05-09 17:23:53 +02:00
|
|
|
dir_split_resource_into_fingerprints(conn->requested_resource +
|
|
|
|
strlen(fp_pfx),
|
2013-05-09 13:56:54 +02:00
|
|
|
failed, NULL, DSR_HEX);
|
|
|
|
SMARTLIST_FOREACH_BEGIN(failed, char *, cp) {
|
|
|
|
/* Null signing key digest indicates download by fp only */
|
|
|
|
authority_cert_dl_failed(cp, NULL, status);
|
|
|
|
tor_free(cp);
|
|
|
|
} SMARTLIST_FOREACH_END(cp);
|
2013-05-09 17:23:53 +02:00
|
|
|
} else if (!strcmpstart(conn->requested_resource, fpsk_pfx)) {
|
2013-05-09 13:56:54 +02:00
|
|
|
/* Download by (fp,sk) pairs */
|
2013-05-09 17:23:53 +02:00
|
|
|
dir_split_resource_into_fingerprint_pairs(conn->requested_resource +
|
|
|
|
strlen(fpsk_pfx), failed);
|
2013-05-09 13:56:54 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(failed, fp_pair_t *, cp) {
|
|
|
|
authority_cert_dl_failed(cp->first, cp->second, status);
|
|
|
|
tor_free(cp);
|
|
|
|
} SMARTLIST_FOREACH_END(cp);
|
|
|
|
} else {
|
|
|
|
log_warn(LD_DIR,
|
|
|
|
"Don't know what to do with failure for cert fetch %s",
|
|
|
|
conn->requested_resource);
|
|
|
|
}
|
|
|
|
|
2007-10-09 17:27:45 +02:00
|
|
|
smartlist_free(failed);
|
2007-10-22 19:31:22 +02:00
|
|
|
|
|
|
|
update_certificate_downloads(time(NULL));
|
2007-10-09 17:27:45 +02:00
|
|
|
}
|
|
|
|
|
2008-03-19 00:12:41 +01:00
|
|
|
/** Evaluate the situation and decide if we should use an encrypted
|
|
|
|
* "begindir-style" connection for this directory request.
|
|
|
|
* 1) If or_port is 0, or it's a direct conn and or_port is firewalled
|
|
|
|
* or we're a dir mirror, no.
|
|
|
|
* 2) If we prefer to avoid begindir conns, and we're not fetching or
|
2010-01-12 20:05:12 +01:00
|
|
|
* publishing a bridge relay descriptor, no.
|
2008-03-19 00:12:41 +01:00
|
|
|
* 3) Else yes.
|
|
|
|
*/
|
|
|
|
static int
|
2011-06-14 19:01:38 +02:00
|
|
|
directory_command_should_use_begindir(const or_options_t *options,
|
2008-08-05 22:08:19 +02:00
|
|
|
const tor_addr_t *addr,
|
2008-03-19 00:12:41 +01:00
|
|
|
int or_port, uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection)
|
2008-03-19 00:12:41 +01:00
|
|
|
{
|
|
|
|
if (!or_port)
|
|
|
|
return 0; /* We don't know an ORPort -- no chance. */
|
2012-09-12 16:15:58 +02:00
|
|
|
if (indirection == DIRIND_DIRECT_CONN || indirection == DIRIND_ANON_DIRPORT)
|
|
|
|
return 0;
|
|
|
|
if (indirection == DIRIND_ONEHOP)
|
2008-03-19 00:12:41 +01:00
|
|
|
if (!fascist_firewall_allows_address_or(addr, or_port) ||
|
2011-09-28 20:50:43 +02:00
|
|
|
directory_fetches_from_authorities(options))
|
2008-03-19 00:12:41 +01:00
|
|
|
return 0; /* We're firewalled or are acting like a relay -- also no. */
|
|
|
|
if (!options->TunnelDirConns &&
|
|
|
|
router_purpose != ROUTER_PURPOSE_BRIDGE)
|
|
|
|
return 0; /* We prefer to avoid using begindir conns. Fine. */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2007-10-28 21:30:21 +01:00
|
|
|
/** Helper for directory_initiate_command_routerstatus: send the
|
2004-11-12 17:39:03 +01:00
|
|
|
* command to a server whose address is <b>address</b>, whose IP is
|
2007-01-27 22:18:08 +01:00
|
|
|
* <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version
|
|
|
|
* <b>supports_begindir</b>, and whose identity key digest is
|
|
|
|
* <b>digest</b>. */
|
2007-01-28 09:06:00 +01:00
|
|
|
void
|
2008-08-05 22:08:19 +02:00
|
|
|
directory_initiate_command(const char *address, const tor_addr_t *_addr,
|
2007-04-27 12:26:09 +02:00
|
|
|
uint16_t or_port, uint16_t dir_port,
|
2012-09-08 05:21:18 +02:00
|
|
|
const char *digest,
|
2007-06-10 09:34:21 +02:00
|
|
|
uint8_t dir_purpose, uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection, const char *resource,
|
2007-10-28 21:30:21 +01:00
|
|
|
const char *payload, size_t payload_len,
|
|
|
|
time_t if_modified_since)
|
2008-09-24 16:44:29 +02:00
|
|
|
{
|
|
|
|
directory_initiate_command_rend(address, _addr, or_port, dir_port,
|
2012-09-08 05:21:18 +02:00
|
|
|
digest, dir_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
router_purpose, indirection,
|
2008-09-24 16:44:29 +02:00
|
|
|
resource, payload, payload_len,
|
|
|
|
if_modified_since, NULL);
|
|
|
|
}
|
|
|
|
|
2011-06-14 01:12:47 +02:00
|
|
|
/** Return non-zero iff a directory connection with purpose
|
|
|
|
* <b>dir_purpose</b> reveals sensitive information about a Tor
|
|
|
|
* instance's client activities. (Such connections must be performed
|
|
|
|
* through normal three-hop Tor circuits.) */
|
|
|
|
static int
|
|
|
|
is_sensitive_dir_purpose(uint8_t dir_purpose)
|
|
|
|
{
|
|
|
|
return ((dir_purpose == DIR_PURPOSE_FETCH_RENDDESC) ||
|
|
|
|
(dir_purpose == DIR_PURPOSE_HAS_FETCHED_RENDDESC) ||
|
|
|
|
(dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC) ||
|
|
|
|
(dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) ||
|
|
|
|
(dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2));
|
|
|
|
}
|
|
|
|
|
2008-09-24 16:44:29 +02:00
|
|
|
/** Same as directory_initiate_command(), but accepts rendezvous data to
|
|
|
|
* fetch a hidden service descriptor. */
|
|
|
|
static void
|
|
|
|
directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
|
|
|
|
uint16_t or_port, uint16_t dir_port,
|
2012-09-08 05:21:18 +02:00
|
|
|
const char *digest,
|
2008-09-24 16:44:29 +02:00
|
|
|
uint8_t dir_purpose, uint8_t router_purpose,
|
2012-09-12 16:15:58 +02:00
|
|
|
dir_indirection_t indirection,
|
2008-09-24 16:44:29 +02:00
|
|
|
const char *resource,
|
|
|
|
const char *payload, size_t payload_len,
|
|
|
|
time_t if_modified_since,
|
|
|
|
const rend_data_t *rend_query)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2006-07-26 21:07:26 +02:00
|
|
|
dir_connection_t *conn;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2008-06-11 03:14:23 +02:00
|
|
|
int socket_error = 0;
|
2012-09-08 05:21:18 +02:00
|
|
|
int use_begindir = directory_command_should_use_begindir(options, _addr,
|
2012-09-12 16:15:58 +02:00
|
|
|
or_port, router_purpose, indirection);
|
|
|
|
const int anonymized_connection = dirind_is_anon(indirection);
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_t addr;
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(address);
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_assert(_addr);
|
2007-06-12 11:17:23 +02:00
|
|
|
tor_assert(or_port || dir_port);
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(digest);
|
2004-07-20 08:44:16 +02:00
|
|
|
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_copy(&addr, _addr);
|
|
|
|
|
2007-10-28 09:16:19 +01:00
|
|
|
log_debug(LD_DIR, "anonymized %d, use_begindir %d.",
|
|
|
|
anonymized_connection, use_begindir);
|
2006-12-13 01:28:56 +01:00
|
|
|
|
2007-08-24 16:41:06 +02:00
|
|
|
log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose));
|
2002-09-28 07:53:00 +02:00
|
|
|
|
2011-11-23 23:07:46 +01:00
|
|
|
#ifndef NON_ANONYMOUS_MODE_ENABLED
|
2011-06-14 01:12:47 +02:00
|
|
|
tor_assert(!(is_sensitive_dir_purpose(dir_purpose) &&
|
|
|
|
!anonymized_connection));
|
2011-11-23 23:07:46 +01:00
|
|
|
#else
|
|
|
|
(void)is_sensitive_dir_purpose;
|
|
|
|
#endif
|
2011-06-14 01:12:47 +02:00
|
|
|
|
2009-06-19 01:59:18 +02:00
|
|
|
/* ensure that we don't make direct connections when a SOCKS server is
|
|
|
|
* configured. */
|
2010-10-29 19:41:24 +02:00
|
|
|
if (!anonymized_connection && !use_begindir && !options->HTTPProxy &&
|
2009-06-19 01:59:18 +02:00
|
|
|
(options->Socks4Proxy || options->Socks5Proxy)) {
|
|
|
|
log_warn(LD_DIR, "Cannot connect to a directory server through a "
|
|
|
|
"SOCKS proxy!");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2011-11-24 19:01:56 +01:00
|
|
|
conn = dir_connection_new(tor_addr_family(&addr));
|
2002-09-26 14:09:10 +02:00
|
|
|
|
|
|
|
/* set up conn so it's got all the data we need to remember */
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_addr_copy(&conn->base_.addr, &addr);
|
|
|
|
conn->base_.port = use_begindir ? or_port : dir_port;
|
|
|
|
conn->base_.address = tor_strdup(address);
|
2004-10-12 17:55:20 +02:00
|
|
|
memcpy(conn->identity_digest, digest, DIGEST_LEN);
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose = dir_purpose;
|
2007-06-10 09:34:21 +02:00
|
|
|
conn->router_purpose = router_purpose;
|
2004-03-26 23:07:45 +01:00
|
|
|
|
2004-04-17 22:19:43 +02:00
|
|
|
/* give it an initial state */
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CONNECTING;
|
2004-04-17 22:19:43 +02:00
|
|
|
|
2007-10-28 09:16:19 +01:00
|
|
|
/* decide whether we can learn our IP address from this conn */
|
2012-09-12 16:15:58 +02:00
|
|
|
/* XXXX This is a bad name for this field now. */
|
2007-10-28 09:16:19 +01:00
|
|
|
conn->dirconn_direct = !anonymized_connection;
|
|
|
|
|
2008-09-24 16:44:29 +02:00
|
|
|
/* copy rendezvous data, if any */
|
|
|
|
if (rend_query)
|
|
|
|
conn->rend_data = rend_data_dup(rend_query);
|
|
|
|
|
2007-10-28 09:16:19 +01:00
|
|
|
if (!anonymized_connection && !use_begindir) {
|
|
|
|
/* then we want to connect to dirport directly */
|
2005-02-27 10:47:01 +01:00
|
|
|
|
2010-10-29 19:41:24 +02:00
|
|
|
if (options->HTTPProxy) {
|
|
|
|
tor_addr_copy(&addr, &options->HTTPProxyAddr);
|
|
|
|
dir_port = options->HTTPProxyPort;
|
2005-02-27 10:47:01 +01:00
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
switch (connection_connect(TO_CONN(conn), conn->base_.address, &addr,
|
2008-06-11 03:14:23 +02:00
|
|
|
dir_port, &socket_error)) {
|
2004-03-31 00:57:49 +02:00
|
|
|
case -1:
|
2005-09-12 09:36:26 +02:00
|
|
|
connection_dir_request_failed(conn); /* retry if we want */
|
2007-11-04 03:36:09 +01:00
|
|
|
/* XXX we only pass 'conn' above, not 'resource', 'payload',
|
|
|
|
* etc. So in many situations it can't retry! -RD */
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_free(TO_CONN(conn));
|
2004-03-31 00:57:49 +02:00
|
|
|
return;
|
|
|
|
case 1:
|
2006-07-26 21:07:37 +02:00
|
|
|
/* start flushing conn */
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
|
2004-03-31 00:57:49 +02:00
|
|
|
/* fall through */
|
|
|
|
case 0:
|
2004-05-09 18:33:04 +02:00
|
|
|
/* queue the command on the outbuf */
|
2007-06-10 09:34:21 +02:00
|
|
|
directory_send_command(conn, dir_purpose, 1, resource,
|
2008-04-24 17:43:25 +02:00
|
|
|
payload, payload_len,
|
|
|
|
if_modified_since);
|
2009-06-04 20:49:16 +02:00
|
|
|
connection_watch_events(TO_CONN(conn), READ_EVENT | WRITE_EVENT);
|
2004-03-31 00:57:49 +02:00
|
|
|
/* writable indicates finish, readable indicates broken link,
|
|
|
|
error indicates broken link in windowsland. */
|
|
|
|
}
|
2007-10-28 09:16:19 +01:00
|
|
|
} else { /* we want to connect via a tor connection */
|
2011-07-20 18:55:42 +02:00
|
|
|
entry_connection_t *linked_conn;
|
2011-07-08 21:54:30 +02:00
|
|
|
/* Anonymized tunneled connections can never share a circuit.
|
|
|
|
* One-hop directory connections can share circuits with each other
|
|
|
|
* but nothing else. */
|
|
|
|
int iso_flags = anonymized_connection ? ISO_STREAM : ISO_SESSIONGRP;
|
2008-02-19 22:30:24 +01:00
|
|
|
|
|
|
|
/* If it's an anonymized connection, remember the fact that we
|
|
|
|
* wanted it for later: maybe we'll want it again soon. */
|
|
|
|
if (anonymized_connection && use_begindir)
|
2008-02-19 22:41:43 +01:00
|
|
|
rep_hist_note_used_internal(time(NULL), 0, 1);
|
2008-02-19 22:30:24 +01:00
|
|
|
else if (anonymized_connection && !use_begindir)
|
2012-10-12 18:22:13 +02:00
|
|
|
rep_hist_note_used_port(time(NULL), conn->base_.port);
|
2008-02-19 22:30:24 +01:00
|
|
|
|
2004-03-31 00:57:49 +02:00
|
|
|
/* make an AP connection
|
2004-07-20 08:44:16 +02:00
|
|
|
* populate it and add it at the right state
|
2007-04-25 09:04:53 +02:00
|
|
|
* hook up both sides
|
2004-03-31 00:57:49 +02:00
|
|
|
*/
|
2007-04-21 19:26:12 +02:00
|
|
|
linked_conn =
|
2009-08-11 21:16:16 +02:00
|
|
|
connection_ap_make_link(TO_CONN(conn),
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port,
|
2011-07-08 21:54:30 +02:00
|
|
|
digest,
|
|
|
|
SESSION_GROUP_DIRCONN, iso_flags,
|
|
|
|
use_begindir, conn->dirconn_direct);
|
2007-04-21 19:26:12 +02:00
|
|
|
if (!linked_conn) {
|
2007-06-09 07:17:33 +02:00
|
|
|
log_warn(LD_NET,"Making tunnel to dirserver failed.");
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
2004-04-01 00:02:13 +02:00
|
|
|
return;
|
|
|
|
}
|
2004-03-31 00:57:49 +02:00
|
|
|
|
2006-07-26 21:07:26 +02:00
|
|
|
if (connection_add(TO_CONN(conn)) < 0) {
|
2007-06-09 07:17:33 +02:00
|
|
|
log_warn(LD_NET,"Unable to add connection for link to dirserver.");
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
2006-01-10 20:24:40 +01:00
|
|
|
return;
|
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
|
2004-05-09 18:33:04 +02:00
|
|
|
/* queue the command on the outbuf */
|
2007-06-10 09:34:21 +02:00
|
|
|
directory_send_command(conn, dir_purpose, 0, resource,
|
2008-04-24 17:43:25 +02:00
|
|
|
payload, payload_len,
|
|
|
|
if_modified_since);
|
2009-08-11 21:16:16 +02:00
|
|
|
|
2009-06-04 20:49:16 +02:00
|
|
|
connection_watch_events(TO_CONN(conn), READ_EVENT|WRITE_EVENT);
|
2011-07-20 18:55:42 +02:00
|
|
|
IF_HAS_BUFFEREVENT(ENTRY_TO_CONN(linked_conn), {
|
|
|
|
connection_watch_events(ENTRY_TO_CONN(linked_conn),
|
|
|
|
READ_EVENT|WRITE_EVENT);
|
2009-08-11 21:16:16 +02:00
|
|
|
}) ELSE_IF_NO_BUFFEREVENT
|
2011-07-20 18:55:42 +02:00
|
|
|
connection_start_reading(ENTRY_TO_CONN(linked_conn));
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2008-01-10 18:48:36 +01:00
|
|
|
/** Return true iff anything we say on <b>conn</b> is being encrypted before
|
|
|
|
* we send it to the client/server. */
|
|
|
|
int
|
|
|
|
connection_dir_is_encrypted(dir_connection_t *conn)
|
|
|
|
{
|
|
|
|
/* Right now it's sufficient to see if conn is or has been linked, since
|
|
|
|
* the only thing it could be linked to is an edge connection on a
|
|
|
|
* circuit, and the only way it could have been unlinked is at the edge
|
|
|
|
* connection getting closed.
|
|
|
|
*/
|
|
|
|
return TO_CONN(conn)->linked;
|
|
|
|
}
|
|
|
|
|
2008-04-24 17:43:25 +02:00
|
|
|
/** Helper for sorting
|
|
|
|
*
|
|
|
|
* sort strings alphabetically
|
|
|
|
*/
|
|
|
|
static int
|
2012-10-12 18:22:13 +02:00
|
|
|
compare_strs_(const void **a, const void **b)
|
2008-04-24 17:43:25 +02:00
|
|
|
{
|
|
|
|
const char *s1 = *a, *s2 = *b;
|
|
|
|
return strcmp(s1, s2);
|
|
|
|
}
|
|
|
|
|
2008-12-22 18:53:04 +01:00
|
|
|
#define CONDITIONAL_CONSENSUS_FPR_LEN 3
|
|
|
|
#if (CONDITIONAL_CONSENSUS_FPR_LEN > DIGEST_LEN)
|
|
|
|
#error "conditional consensus fingerprint length is larger than digest length"
|
|
|
|
#endif
|
|
|
|
|
2008-04-24 17:43:25 +02:00
|
|
|
/** Return the URL we should use for a consensus download.
|
|
|
|
*
|
|
|
|
* This url depends on whether or not the server we go to
|
|
|
|
* is sufficiently new to support conditional consensus downloading,
|
|
|
|
* i.e. GET .../consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>
|
2010-09-17 04:12:03 +02:00
|
|
|
*
|
|
|
|
* If 'resource' is provided, it is the name of a consensus flavor to request.
|
2008-04-24 17:43:25 +02:00
|
|
|
*/
|
|
|
|
static char *
|
2012-09-08 05:21:18 +02:00
|
|
|
directory_get_consensus_url(const char *resource)
|
2008-04-24 17:43:25 +02:00
|
|
|
{
|
2010-09-17 04:12:03 +02:00
|
|
|
char *url = NULL;
|
2011-02-23 18:32:15 +01:00
|
|
|
const char *hyphen, *flavor;
|
|
|
|
if (resource==NULL || strcmp(resource, "ns")==0) {
|
|
|
|
flavor = ""; /* Request ns consensuses as "", so older servers will work*/
|
|
|
|
hyphen = "";
|
|
|
|
} else {
|
|
|
|
flavor = resource;
|
|
|
|
hyphen = "-";
|
|
|
|
}
|
2008-04-24 17:43:25 +02:00
|
|
|
|
2012-09-08 05:21:18 +02:00
|
|
|
{
|
2008-04-24 17:43:25 +02:00
|
|
|
char *authority_id_list;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *authority_digests = smartlist_new();
|
2008-04-24 17:43:25 +02:00
|
|
|
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
|
2012-09-10 21:55:27 +02:00
|
|
|
dir_server_t *, ds) {
|
2008-04-24 23:29:47 +02:00
|
|
|
char *hex;
|
2010-11-08 20:35:02 +01:00
|
|
|
if (!(ds->type & V3_DIRINFO))
|
2008-04-24 23:29:47 +02:00
|
|
|
continue;
|
|
|
|
|
|
|
|
hex = tor_malloc(2*CONDITIONAL_CONSENSUS_FPR_LEN+1);
|
2008-04-24 17:43:25 +02:00
|
|
|
base16_encode(hex, 2*CONDITIONAL_CONSENSUS_FPR_LEN+1,
|
2008-04-24 23:29:47 +02:00
|
|
|
ds->v3_identity_digest, CONDITIONAL_CONSENSUS_FPR_LEN);
|
2009-06-20 09:21:52 +02:00
|
|
|
smartlist_add(authority_digests, hex);
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ds);
|
2012-10-12 18:22:13 +02:00
|
|
|
smartlist_sort(authority_digests, compare_strs_);
|
2009-06-20 09:21:52 +02:00
|
|
|
authority_id_list = smartlist_join_strings(authority_digests,
|
2008-04-24 17:43:25 +02:00
|
|
|
"+", 0, NULL);
|
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
tor_asprintf(&url, "/tor/status-vote/current/consensus%s%s/%s.z",
|
|
|
|
hyphen, flavor, authority_id_list);
|
2008-04-24 17:43:25 +02:00
|
|
|
|
2009-06-20 09:21:52 +02:00
|
|
|
SMARTLIST_FOREACH(authority_digests, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(authority_digests);
|
2008-04-24 17:43:25 +02:00
|
|
|
tor_free(authority_id_list);
|
|
|
|
}
|
|
|
|
return url;
|
|
|
|
}
|
|
|
|
|
2004-11-12 22:59:27 +01:00
|
|
|
/** Queue an appropriate HTTP command on conn-\>outbuf. The other args
|
2010-01-12 20:05:12 +01:00
|
|
|
* are as in directory_initiate_command().
|
2004-05-05 04:50:38 +02:00
|
|
|
*/
|
2004-10-08 07:53:59 +02:00
|
|
|
static void
|
2007-01-27 22:18:08 +01:00
|
|
|
directory_send_command(dir_connection_t *conn,
|
2006-12-13 01:28:56 +01:00
|
|
|
int purpose, int direct, const char *resource,
|
2007-10-28 21:30:21 +01:00
|
|
|
const char *payload, size_t payload_len,
|
|
|
|
time_t if_modified_since)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2005-05-20 10:51:45 +02:00
|
|
|
char proxystring[256];
|
2004-10-08 07:53:59 +02:00
|
|
|
char hoststring[128];
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *headers = smartlist_new();
|
2005-09-07 22:03:02 +02:00
|
|
|
char *url;
|
|
|
|
char request[8192];
|
2004-10-27 23:14:11 +02:00
|
|
|
const char *httpcommand = NULL;
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
2004-09-27 05:39:30 +02:00
|
|
|
|
2005-09-08 22:18:15 +02:00
|
|
|
tor_free(conn->requested_resource);
|
2005-09-08 22:36:40 +02:00
|
|
|
if (resource)
|
|
|
|
conn->requested_resource = tor_strdup(resource);
|
2005-09-08 22:18:15 +02:00
|
|
|
|
2005-05-20 10:51:45 +02:00
|
|
|
/* come up with a string for which Host: we want */
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.port == 80) {
|
|
|
|
strlcpy(hoststring, conn->base_.address, sizeof(hoststring));
|
2004-10-08 07:53:59 +02:00
|
|
|
} else {
|
2005-12-14 21:40:40 +01:00
|
|
|
tor_snprintf(hoststring, sizeof(hoststring),"%s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2004-10-08 07:53:59 +02:00
|
|
|
}
|
2005-05-20 10:51:45 +02:00
|
|
|
|
2007-10-28 21:30:21 +01:00
|
|
|
/* Format if-modified-since */
|
2011-06-24 22:38:44 +02:00
|
|
|
if (if_modified_since) {
|
2007-10-28 21:30:21 +01:00
|
|
|
char b[RFC1123_TIME_LEN+1];
|
|
|
|
format_rfc1123_time(b, if_modified_since);
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(headers, "If-Modified-Since: %s\r\n", b);
|
2007-10-28 21:30:21 +01:00
|
|
|
}
|
|
|
|
|
2005-05-20 10:51:45 +02:00
|
|
|
/* come up with some proxy lines, if we're using one. */
|
2010-10-29 19:41:24 +02:00
|
|
|
if (direct && get_options()->HTTPProxy) {
|
2005-05-20 10:51:45 +02:00
|
|
|
char *base64_authenticator=NULL;
|
2010-10-29 19:41:24 +02:00
|
|
|
const char *authenticator = get_options()->HTTPProxyAuthenticator;
|
2005-05-20 10:51:45 +02:00
|
|
|
|
2004-10-27 08:37:34 +02:00
|
|
|
tor_snprintf(proxystring, sizeof(proxystring),"http://%s", hoststring);
|
2005-05-20 10:51:45 +02:00
|
|
|
if (authenticator) {
|
|
|
|
base64_authenticator = alloc_http_authenticator(authenticator);
|
|
|
|
if (!base64_authenticator)
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Encoding http authenticator failed");
|
2005-05-20 10:51:45 +02:00
|
|
|
}
|
|
|
|
if (base64_authenticator) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(headers,
|
2011-06-24 22:38:44 +02:00
|
|
|
"Proxy-Authorization: Basic %s\r\n",
|
2005-05-20 10:51:45 +02:00
|
|
|
base64_authenticator);
|
|
|
|
tor_free(base64_authenticator);
|
|
|
|
}
|
2004-10-08 07:53:59 +02:00
|
|
|
} else {
|
|
|
|
proxystring[0] = 0;
|
|
|
|
}
|
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (purpose) {
|
2007-08-24 16:41:06 +02:00
|
|
|
case DIR_PURPOSE_FETCH_CONSENSUS:
|
2010-09-17 04:12:03 +02:00
|
|
|
/* resource is optional. If present, it's a flavor name */
|
2007-08-24 16:41:06 +02:00
|
|
|
tor_assert(!payload);
|
|
|
|
httpcommand = "GET";
|
2012-09-08 05:21:18 +02:00
|
|
|
url = directory_get_consensus_url(resource);
|
2008-09-14 09:17:44 +02:00
|
|
|
log_info(LD_DIR, "Downloading consensus from %s using %s",
|
|
|
|
hoststring, url);
|
2007-08-24 16:41:06 +02:00
|
|
|
break;
|
|
|
|
case DIR_PURPOSE_FETCH_CERTIFICATE:
|
|
|
|
tor_assert(resource);
|
|
|
|
tor_assert(!payload);
|
|
|
|
httpcommand = "GET";
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&url, "/tor/keys/%s", resource);
|
2007-08-24 16:41:06 +02:00
|
|
|
break;
|
|
|
|
case DIR_PURPOSE_FETCH_STATUS_VOTE:
|
|
|
|
tor_assert(resource);
|
|
|
|
tor_assert(!payload);
|
|
|
|
httpcommand = "GET";
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&url, "/tor/status-vote/next/%s.z", resource);
|
2007-08-24 16:41:06 +02:00
|
|
|
break;
|
|
|
|
case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
|
|
|
|
tor_assert(!resource);
|
|
|
|
tor_assert(!payload);
|
|
|
|
httpcommand = "GET";
|
|
|
|
url = tor_strdup("/tor/status-vote/next/consensus-signatures.z");
|
|
|
|
break;
|
2005-09-07 22:03:02 +02:00
|
|
|
case DIR_PURPOSE_FETCH_SERVERDESC:
|
2008-09-05 23:19:53 +02:00
|
|
|
tor_assert(resource);
|
2005-09-08 22:36:40 +02:00
|
|
|
httpcommand = "GET";
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&url, "/tor/server/%s", resource);
|
2003-09-17 22:09:06 +02:00
|
|
|
break;
|
2007-05-18 23:19:19 +02:00
|
|
|
case DIR_PURPOSE_FETCH_EXTRAINFO:
|
2008-09-05 23:19:53 +02:00
|
|
|
tor_assert(resource);
|
2007-05-18 23:19:19 +02:00
|
|
|
httpcommand = "GET";
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&url, "/tor/extra/%s", resource);
|
2007-05-18 23:19:19 +02:00
|
|
|
break;
|
2010-05-11 23:20:33 +02:00
|
|
|
case DIR_PURPOSE_FETCH_MICRODESC:
|
|
|
|
tor_assert(resource);
|
|
|
|
httpcommand = "GET";
|
2010-10-08 02:41:15 +02:00
|
|
|
tor_asprintf(&url, "/tor/micro/%s", resource);
|
2010-05-11 23:20:33 +02:00
|
|
|
break;
|
2011-06-24 22:43:08 +02:00
|
|
|
case DIR_PURPOSE_UPLOAD_DIR: {
|
|
|
|
const char *why = router_get_descriptor_gen_reason();
|
2004-11-12 17:39:03 +01:00
|
|
|
tor_assert(!resource);
|
2004-04-25 22:37:37 +02:00
|
|
|
tor_assert(payload);
|
2004-10-08 07:53:59 +02:00
|
|
|
httpcommand = "POST";
|
2005-09-07 22:03:02 +02:00
|
|
|
url = tor_strdup("/tor/");
|
2011-06-24 22:43:08 +02:00
|
|
|
if (why) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(headers, "X-Desc-Gen-Reason: %s\r\n", why);
|
2011-06-24 22:43:08 +02:00
|
|
|
}
|
2004-03-31 00:57:49 +02:00
|
|
|
break;
|
2011-06-24 22:43:08 +02:00
|
|
|
}
|
2007-07-26 00:56:44 +02:00
|
|
|
case DIR_PURPOSE_UPLOAD_VOTE:
|
|
|
|
tor_assert(!resource);
|
|
|
|
tor_assert(payload);
|
|
|
|
httpcommand = "POST";
|
|
|
|
url = tor_strdup("/tor/post/vote");
|
|
|
|
break;
|
2007-07-29 04:55:21 +02:00
|
|
|
case DIR_PURPOSE_UPLOAD_SIGNATURES:
|
|
|
|
tor_assert(!resource);
|
|
|
|
tor_assert(payload);
|
|
|
|
httpcommand = "POST";
|
2007-08-14 16:30:33 +02:00
|
|
|
url = tor_strdup("/tor/post/consensus-signature");
|
2007-07-29 04:55:21 +02:00
|
|
|
break;
|
2007-10-29 20:10:42 +01:00
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC_V2:
|
|
|
|
tor_assert(resource);
|
2007-10-31 21:48:06 +01:00
|
|
|
tor_assert(strlen(resource) <= REND_DESC_ID_V2_LEN_BASE32);
|
2008-09-24 16:44:29 +02:00
|
|
|
tor_assert(!payload);
|
2007-10-29 20:10:42 +01:00
|
|
|
httpcommand = "GET";
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&url, "/tor/rendezvous2/%s", resource);
|
2007-10-29 20:10:42 +01:00
|
|
|
break;
|
2004-04-01 23:32:01 +02:00
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC:
|
2004-11-12 17:39:03 +01:00
|
|
|
tor_assert(!resource);
|
2004-04-25 22:37:37 +02:00
|
|
|
tor_assert(payload);
|
2004-10-08 07:53:59 +02:00
|
|
|
httpcommand = "POST";
|
2005-09-07 22:03:02 +02:00
|
|
|
url = tor_strdup("/tor/rendezvous/publish");
|
2003-09-17 22:09:06 +02:00
|
|
|
break;
|
2007-10-29 20:10:42 +01:00
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
|
|
|
|
tor_assert(!resource);
|
|
|
|
tor_assert(payload);
|
|
|
|
httpcommand = "POST";
|
|
|
|
url = tor_strdup("/tor/rendezvous2/publish");
|
|
|
|
break;
|
2005-09-08 08:22:44 +02:00
|
|
|
default:
|
|
|
|
tor_assert(0);
|
|
|
|
return;
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
2006-02-03 16:17:48 +01:00
|
|
|
|
|
|
|
if (strlen(proxystring) + strlen(url) >= 4096) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,
|
2007-05-13 11:25:06 +02:00
|
|
|
"Squid does not like URLs longer than 4095 bytes, and this "
|
2006-02-13 10:37:53 +01:00
|
|
|
"one is %d bytes long: %s%s",
|
|
|
|
(int)(strlen(proxystring) + strlen(url)), proxystring, url);
|
2006-02-03 16:17:48 +01:00
|
|
|
}
|
|
|
|
|
2005-09-07 22:03:02 +02:00
|
|
|
tor_snprintf(request, sizeof(request), "%s %s", httpcommand, proxystring);
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(request, strlen(request), TO_CONN(conn));
|
|
|
|
connection_write_to_buf(url, strlen(url), TO_CONN(conn));
|
2005-09-07 22:03:02 +02:00
|
|
|
tor_free(url);
|
2004-10-08 07:53:59 +02:00
|
|
|
|
2011-06-24 22:38:44 +02:00
|
|
|
if (!strcmp(httpcommand, "POST") || payload) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(headers, "Content-Length: %lu\r\n",
|
2011-06-24 22:38:44 +02:00
|
|
|
payload ? (unsigned long)payload_len : 0);
|
2006-01-10 20:24:40 +01:00
|
|
|
}
|
2011-06-24 22:38:44 +02:00
|
|
|
|
2012-01-11 19:44:10 +01:00
|
|
|
{
|
|
|
|
char *header = smartlist_join_strings(headers, "", 0, NULL);
|
|
|
|
tor_snprintf(request, sizeof(request), " HTTP/1.0\r\nHost: %s\r\n%s\r\n",
|
|
|
|
hoststring, header);
|
|
|
|
tor_free(header);
|
|
|
|
}
|
2011-06-24 22:38:44 +02:00
|
|
|
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(request, strlen(request), TO_CONN(conn));
|
2005-09-07 22:03:02 +02:00
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
if (payload) {
|
2004-10-08 07:53:59 +02:00
|
|
|
/* then send the payload afterwards too */
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(payload, payload_len, TO_CONN(conn));
|
2004-10-08 07:53:59 +02:00
|
|
|
}
|
2011-06-24 22:38:44 +02:00
|
|
|
|
|
|
|
SMARTLIST_FOREACH(headers, char *, h, tor_free(h));
|
|
|
|
smartlist_free(headers);
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
|
|
|
|
2004-10-08 07:53:59 +02:00
|
|
|
/** Parse an HTTP request string <b>headers</b> of the form
|
2005-05-17 19:01:36 +02:00
|
|
|
* \verbatim
|
2004-10-08 07:53:59 +02:00
|
|
|
* "\%s [http[s]://]\%s HTTP/1..."
|
2005-05-17 19:01:36 +02:00
|
|
|
* \endverbatim
|
2004-09-27 05:39:30 +02:00
|
|
|
* If it's well-formed, strdup the second \%s into *<b>url</b>, and
|
2006-07-15 21:21:30 +02:00
|
|
|
* nul-terminate it. If the url doesn't start with "/tor/", rewrite it
|
2004-09-27 05:39:30 +02:00
|
|
|
* so it does. Return 0.
|
2004-03-31 00:57:49 +02:00
|
|
|
* Otherwise, return -1.
|
|
|
|
*/
|
2013-09-03 02:14:43 +02:00
|
|
|
STATIC int
|
2007-01-30 23:19:41 +01:00
|
|
|
parse_http_url(const char *headers, char **url)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2004-10-08 07:53:59 +02:00
|
|
|
char *s, *start, *tmp;
|
2004-03-31 00:57:49 +02:00
|
|
|
|
|
|
|
s = (char *)eat_whitespace_no_nl(headers);
|
|
|
|
if (!*s) return -1;
|
|
|
|
s = (char *)find_whitespace(s); /* get past GET/POST */
|
|
|
|
if (!*s) return -1;
|
|
|
|
s = (char *)eat_whitespace_no_nl(s);
|
|
|
|
if (!*s) return -1;
|
2004-09-27 05:39:30 +02:00
|
|
|
start = s; /* this is it, assuming it's valid */
|
2004-09-27 08:45:32 +02:00
|
|
|
s = (char *)find_whitespace(start);
|
2004-03-31 00:57:49 +02:00
|
|
|
if (!*s) return -1;
|
2004-10-08 07:53:59 +02:00
|
|
|
|
|
|
|
/* tolerate the http[s] proxy style of putting the hostname in the url */
|
2004-11-28 10:05:49 +01:00
|
|
|
if (s-start >= 4 && !strcmpstart(start,"http")) {
|
2004-10-08 07:53:59 +02:00
|
|
|
tmp = start + 4;
|
2004-11-28 10:05:49 +01:00
|
|
|
if (*tmp == 's')
|
2004-10-08 07:53:59 +02:00
|
|
|
tmp++;
|
2004-11-28 10:05:49 +01:00
|
|
|
if (s-tmp >= 3 && !strcmpstart(tmp,"://")) {
|
2004-10-08 07:53:59 +02:00
|
|
|
tmp = strchr(tmp+3, '/');
|
2004-11-28 10:05:49 +01:00
|
|
|
if (tmp && tmp < s) {
|
2010-01-12 20:05:12 +01:00
|
|
|
log_debug(LD_DIR,"Skipping over 'http[s]://hostname/' string");
|
2004-10-08 07:53:59 +02:00
|
|
|
start = tmp;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-09-03 02:14:43 +02:00
|
|
|
/* Check if the header is well formed (next sequence
|
2013-09-03 17:37:04 +02:00
|
|
|
* should be HTTP/1.X\r\n). Assumes we're supporting 1.0? */
|
|
|
|
{
|
|
|
|
unsigned minor_ver;
|
|
|
|
char ch;
|
2013-09-03 19:39:31 +02:00
|
|
|
char *e = (char *)eat_whitespace_no_nl(s);
|
2013-09-03 17:37:04 +02:00
|
|
|
if (2 != tor_sscanf(e, "HTTP/1.%u%c", &minor_ver, &ch)) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (ch != '\r')
|
|
|
|
return -1;
|
2013-09-03 02:14:43 +02:00
|
|
|
}
|
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
if (s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */
|
2004-09-27 05:39:30 +02:00
|
|
|
*url = tor_malloc(s - start + 5);
|
2004-10-27 08:48:16 +02:00
|
|
|
strlcpy(*url,"/tor", s-start+5);
|
|
|
|
strlcat((*url)+4, start, s-start+1);
|
2004-09-27 05:39:30 +02:00
|
|
|
} else {
|
|
|
|
*url = tor_strndup(start, s-start);
|
|
|
|
}
|
2002-09-26 14:09:10 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-08-24 00:27:17 +02:00
|
|
|
/** Return a copy of the first HTTP header in <b>headers</b> whose key is
|
|
|
|
* <b>which</b>. The key should be given with a terminating colon and space;
|
|
|
|
* this function copies everything after, up to but not including the
|
2005-09-09 04:02:20 +02:00
|
|
|
* following \\r\\n. */
|
2005-08-24 00:27:17 +02:00
|
|
|
static char *
|
|
|
|
http_get_header(const char *headers, const char *which)
|
|
|
|
{
|
|
|
|
const char *cp = headers;
|
|
|
|
while (cp) {
|
2007-12-23 02:28:25 +01:00
|
|
|
if (!strcasecmpstart(cp, which)) {
|
2005-08-24 00:27:17 +02:00
|
|
|
char *eos;
|
|
|
|
cp += strlen(which);
|
2005-09-09 04:02:20 +02:00
|
|
|
if ((eos = strchr(cp,'\r')))
|
2005-08-24 00:27:17 +02:00
|
|
|
return tor_strndup(cp, eos-cp);
|
|
|
|
else
|
|
|
|
return tor_strdup(cp);
|
|
|
|
}
|
2005-08-24 14:14:44 +02:00
|
|
|
cp = strchr(cp, '\n');
|
2005-08-24 00:27:17 +02:00
|
|
|
if (cp)
|
|
|
|
++cp;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2006-07-04 20:18:08 +02:00
|
|
|
/** If <b>headers</b> indicates that a proxy was involved, then rewrite
|
2006-07-17 08:35:06 +02:00
|
|
|
* <b>conn</b>-\>address to describe our best guess of the address that
|
|
|
|
* originated this HTTP request. */
|
2006-07-04 20:18:08 +02:00
|
|
|
static void
|
|
|
|
http_set_address_origin(const char *headers, connection_t *conn)
|
2005-08-24 00:27:17 +02:00
|
|
|
{
|
|
|
|
char *fwd;
|
|
|
|
|
|
|
|
fwd = http_get_header(headers, "Forwarded-For: ");
|
|
|
|
if (!fwd)
|
|
|
|
fwd = http_get_header(headers, "X-Forwarded-For: ");
|
|
|
|
if (fwd) {
|
2007-02-07 04:40:06 +01:00
|
|
|
struct in_addr in;
|
|
|
|
if (!tor_inet_aton(fwd, &in) || is_internal_IP(ntohl(in.s_addr), 0)) {
|
2007-02-26 06:36:02 +01:00
|
|
|
log_debug(LD_DIR, "Ignoring unrecognized or internal IP %s",
|
|
|
|
escaped(fwd));
|
2007-02-07 04:40:06 +01:00
|
|
|
tor_free(fwd);
|
|
|
|
return;
|
|
|
|
}
|
2006-07-04 20:18:08 +02:00
|
|
|
tor_free(conn->address);
|
2007-02-07 04:40:06 +01:00
|
|
|
conn->address = tor_strdup(fwd);
|
2006-07-17 08:35:06 +02:00
|
|
|
tor_free(fwd);
|
2005-08-24 00:27:17 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Parse an HTTP response string <b>headers</b> of the form
|
2005-05-17 19:01:36 +02:00
|
|
|
* \verbatim
|
2004-05-10 06:34:48 +02:00
|
|
|
* "HTTP/1.\%d \%d\%s\r\n...".
|
2005-05-17 19:01:36 +02:00
|
|
|
* \endverbatim
|
2005-03-22 19:43:24 +01:00
|
|
|
*
|
|
|
|
* If it's well-formed, assign the status code to *<b>code</b> and
|
|
|
|
* return 0. Otherwise, return -1.
|
|
|
|
*
|
|
|
|
* On success: If <b>date</b> is provided, set *date to the Date
|
|
|
|
* header in the http headers, or 0 if no such header is found. If
|
|
|
|
* <b>compression</b> is provided, set *<b>compression</b> to the
|
|
|
|
* compression method given in the Content-Encoding header, or 0 if no
|
|
|
|
* such header is found, or -1 if the value of the header is not
|
|
|
|
* recognized. If <b>reason</b> is provided, strdup the reason string
|
|
|
|
* into it.
|
2004-03-12 13:43:13 +01:00
|
|
|
*/
|
2005-02-24 11:56:55 +01:00
|
|
|
int
|
2004-11-12 17:39:03 +01:00
|
|
|
parse_http_response(const char *headers, int *code, time_t *date,
|
2006-10-09 05:39:06 +02:00
|
|
|
compress_method_t *compression, char **reason)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2009-03-03 19:02:36 +01:00
|
|
|
unsigned n1, n2;
|
2004-08-15 22:30:15 +02:00
|
|
|
char datestr[RFC1123_TIME_LEN+1];
|
2004-09-08 08:52:33 +02:00
|
|
|
smartlist_t *parsed_headers;
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(headers);
|
|
|
|
tor_assert(code);
|
2004-03-12 13:43:13 +01:00
|
|
|
|
2004-12-08 01:42:50 +01:00
|
|
|
while (TOR_ISSPACE(*headers)) headers++; /* tolerate leading whitespace */
|
2004-03-12 13:43:13 +01:00
|
|
|
|
2009-03-03 19:02:36 +01:00
|
|
|
if (tor_sscanf(headers, "HTTP/1.%u %u", &n1, &n2) < 2 ||
|
2004-11-28 12:39:53 +01:00
|
|
|
(n1 != 0 && n1 != 1) ||
|
|
|
|
(n2 < 100 || n2 >= 600)) {
|
2006-03-05 10:50:26 +01:00
|
|
|
log_warn(LD_HTTP,"Failed to parse header %s",escaped(headers));
|
2004-03-12 13:43:13 +01:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
*code = n2;
|
2004-11-12 17:39:03 +01:00
|
|
|
|
2012-01-18 21:53:30 +01:00
|
|
|
parsed_headers = smartlist_new();
|
2004-09-08 08:52:33 +02:00
|
|
|
smartlist_split_string(parsed_headers, headers, "\n",
|
|
|
|
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
|
2005-03-22 19:43:24 +01:00
|
|
|
if (reason) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *status_line_elements = smartlist_new();
|
2005-03-22 19:43:24 +01:00
|
|
|
tor_assert(smartlist_len(parsed_headers));
|
|
|
|
smartlist_split_string(status_line_elements,
|
|
|
|
smartlist_get(parsed_headers, 0),
|
|
|
|
" ", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 3);
|
|
|
|
tor_assert(smartlist_len(status_line_elements) <= 3);
|
|
|
|
if (smartlist_len(status_line_elements) == 3) {
|
|
|
|
*reason = smartlist_get(status_line_elements, 2);
|
|
|
|
smartlist_set(status_line_elements, 2, NULL); /* Prevent free */
|
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH(status_line_elements, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(status_line_elements);
|
|
|
|
}
|
2004-08-15 22:30:15 +02:00
|
|
|
if (date) {
|
|
|
|
*date = 0;
|
2004-09-08 08:52:33 +02:00
|
|
|
SMARTLIST_FOREACH(parsed_headers, const char *, s,
|
|
|
|
if (!strcmpstart(s, "Date: ")) {
|
|
|
|
strlcpy(datestr, s+6, sizeof(datestr));
|
2004-08-15 22:30:15 +02:00
|
|
|
/* This will do nothing on failure, so we don't need to check
|
|
|
|
the result. We shouldn't warn, since there are many other valid
|
|
|
|
date formats besides the one we use. */
|
|
|
|
parse_rfc1123_time(datestr, date);
|
|
|
|
break;
|
2004-09-08 08:52:33 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
if (compression) {
|
|
|
|
const char *enc = NULL;
|
|
|
|
SMARTLIST_FOREACH(parsed_headers, const char *, s,
|
|
|
|
if (!strcmpstart(s, "Content-Encoding: ")) {
|
2004-10-01 06:45:14 +02:00
|
|
|
enc = s+18; break;
|
2004-09-08 08:52:33 +02:00
|
|
|
});
|
2004-10-01 06:45:14 +02:00
|
|
|
if (!enc || !strcmp(enc, "identity")) {
|
2006-10-09 05:39:06 +02:00
|
|
|
*compression = NO_METHOD;
|
2004-09-08 08:52:33 +02:00
|
|
|
} else if (!strcmp(enc, "deflate") || !strcmp(enc, "x-deflate")) {
|
|
|
|
*compression = ZLIB_METHOD;
|
|
|
|
} else if (!strcmp(enc, "gzip") || !strcmp(enc, "x-gzip")) {
|
|
|
|
*compression = GZIP_METHOD;
|
|
|
|
} else {
|
2006-03-05 10:50:26 +01:00
|
|
|
log_info(LD_HTTP, "Unrecognized content encoding: %s. Trying to deal.",
|
|
|
|
escaped(enc));
|
2006-10-09 05:39:06 +02:00
|
|
|
*compression = UNKNOWN_METHOD;
|
2004-08-15 22:30:15 +02:00
|
|
|
}
|
|
|
|
}
|
2004-09-08 08:52:33 +02:00
|
|
|
SMARTLIST_FOREACH(parsed_headers, char *, s, tor_free(s));
|
|
|
|
smartlist_free(parsed_headers);
|
2004-08-15 22:30:15 +02:00
|
|
|
|
2004-03-12 13:43:13 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-01-19 23:40:33 +01:00
|
|
|
/** Return true iff <b>body</b> doesn't start with a plausible router or
|
|
|
|
* running-list or directory opening. This is a sign of possible compression.
|
|
|
|
**/
|
|
|
|
static int
|
2005-01-19 23:47:48 +01:00
|
|
|
body_is_plausible(const char *body, size_t len, int purpose)
|
2005-01-19 23:40:33 +01:00
|
|
|
{
|
|
|
|
int i;
|
2005-01-21 04:18:49 +01:00
|
|
|
if (len == 0)
|
|
|
|
return 1; /* empty bodies don't need decompression */
|
2005-01-19 23:40:33 +01:00
|
|
|
if (len < 32)
|
|
|
|
return 0;
|
2010-05-11 23:20:33 +02:00
|
|
|
if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
|
|
|
|
return (!strcmpstart(body,"onion-key"));
|
|
|
|
}
|
2005-01-19 23:47:48 +01:00
|
|
|
if (purpose != DIR_PURPOSE_FETCH_RENDDESC) {
|
|
|
|
if (!strcmpstart(body,"router") ||
|
|
|
|
!strcmpstart(body,"signed-directory") ||
|
|
|
|
!strcmpstart(body,"network-status") ||
|
|
|
|
!strcmpstart(body,"running-routers"))
|
|
|
|
return 1;
|
|
|
|
for (i=0;i<32;++i) {
|
2005-01-22 01:42:58 +01:00
|
|
|
if (!TOR_ISPRINT(body[i]) && !TOR_ISSPACE(body[i]))
|
2005-01-19 23:47:48 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
} else {
|
2005-01-19 23:40:33 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-04 18:21:58 +02:00
|
|
|
/** Called when we've just fetched a bunch of router descriptors in
|
|
|
|
* <b>body</b>. The list <b>which</b>, if present, holds digests for
|
|
|
|
* descriptors we requested: descriptor digests if <b>descriptor_digests</b>
|
|
|
|
* is true, or identity digests otherwise. Parse the descriptors, validate
|
|
|
|
* them, and annotate them as having purpose <b>purpose</b> and as having been
|
2008-12-23 22:17:52 +01:00
|
|
|
* downloaded from <b>source</b>.
|
|
|
|
*
|
|
|
|
* Return the number of routers actually added. */
|
|
|
|
static int
|
2007-09-27 22:46:30 +02:00
|
|
|
load_downloaded_routers(const char *body, smartlist_t *which,
|
|
|
|
int descriptor_digests,
|
|
|
|
int router_purpose,
|
|
|
|
const char *source)
|
|
|
|
{
|
|
|
|
char buf[256];
|
|
|
|
char time_buf[ISO_TIME_LEN+1];
|
2008-12-23 22:17:52 +01:00
|
|
|
int added = 0;
|
2007-09-27 22:46:30 +02:00
|
|
|
int general = router_purpose == ROUTER_PURPOSE_GENERAL;
|
|
|
|
format_iso_time(time_buf, time(NULL));
|
2007-10-04 18:21:58 +02:00
|
|
|
tor_assert(source);
|
2007-09-27 22:46:30 +02:00
|
|
|
|
|
|
|
if (tor_snprintf(buf, sizeof(buf),
|
|
|
|
"@downloaded-at %s\n"
|
|
|
|
"@source %s\n"
|
|
|
|
"%s%s%s", time_buf, escaped(source),
|
|
|
|
!general ? "@purpose " : "",
|
|
|
|
!general ? router_purpose_to_string(router_purpose) : "",
|
|
|
|
!general ? "\n" : "")<0)
|
2008-12-23 22:17:52 +01:00
|
|
|
return added;
|
2007-09-27 22:46:30 +02:00
|
|
|
|
2008-12-23 22:17:52 +01:00
|
|
|
added = router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
|
2007-09-27 22:46:30 +02:00
|
|
|
descriptor_digests, buf);
|
2013-10-08 17:50:53 +02:00
|
|
|
if (general)
|
|
|
|
control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
|
|
|
|
count_loading_descriptors_progress());
|
2008-12-23 22:17:52 +01:00
|
|
|
return added;
|
2007-09-27 22:46:30 +02:00
|
|
|
}
|
|
|
|
|
2004-07-20 04:44:26 +02:00
|
|
|
/** We are a client, and we've finished reading the server's
|
2007-11-26 03:18:57 +01:00
|
|
|
* response. Parse it and act appropriately.
|
2004-07-20 04:44:26 +02:00
|
|
|
*
|
2005-12-15 22:15:16 +01:00
|
|
|
* If we're still happy with using this directory server in the future, return
|
|
|
|
* 0. Otherwise return -1; and the caller should consider trying the request
|
|
|
|
* again.
|
2005-09-12 09:36:26 +02:00
|
|
|
*
|
|
|
|
* The caller will take care of marking the connection for close.
|
2004-05-05 04:50:38 +02:00
|
|
|
*/
|
2004-07-20 04:44:26 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_client_reached_eof(dir_connection_t *conn)
|
2004-07-20 04:44:26 +02:00
|
|
|
{
|
2004-04-01 23:32:01 +02:00
|
|
|
char *body;
|
2004-03-12 13:43:13 +01:00
|
|
|
char *headers;
|
2005-03-22 19:43:24 +01:00
|
|
|
char *reason = NULL;
|
2013-10-09 17:13:06 +02:00
|
|
|
size_t body_len = 0, orig_len = 0;
|
2004-03-12 13:43:13 +01:00
|
|
|
int status_code;
|
2013-10-09 17:13:06 +02:00
|
|
|
time_t date_header = 0;
|
2008-02-22 20:09:45 +01:00
|
|
|
long delta;
|
2006-10-09 05:39:06 +02:00
|
|
|
compress_method_t compression;
|
2005-01-19 23:40:33 +01:00
|
|
|
int plausible;
|
2013-10-09 17:13:06 +02:00
|
|
|
int skewed = 0;
|
2012-10-12 18:22:13 +02:00
|
|
|
int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
|
2013-10-09 17:13:06 +02:00
|
|
|
int was_compressed = 0;
|
2007-05-02 11:12:04 +02:00
|
|
|
time_t now = time(NULL);
|
2013-05-09 13:56:54 +02:00
|
|
|
int src_code;
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2009-08-09 20:40:28 +02:00
|
|
|
switch (connection_fetch_from_buf_http(TO_CONN(conn),
|
2004-11-28 12:39:53 +01:00
|
|
|
&headers, MAX_HEADERS_SIZE,
|
2007-02-16 21:00:50 +01:00
|
|
|
&body, &body_len, MAX_DIR_DL_SIZE,
|
2005-10-14 04:26:13 +02:00
|
|
|
allow_partial)) {
|
2004-07-20 04:44:26 +02:00
|
|
|
case -1: /* overflow */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_PROTOCOL,
|
|
|
|
"'fetch' response too large (server '%s:%d'). Closing.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2004-07-20 04:44:26 +02:00
|
|
|
return -1;
|
|
|
|
case 0:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_HTTP,
|
|
|
|
"'fetch' response not all here, but we're at eof. Closing.");
|
2004-07-20 04:44:26 +02:00
|
|
|
return -1;
|
|
|
|
/* case 1, fall through */
|
|
|
|
}
|
2006-01-10 00:13:53 +01:00
|
|
|
orig_len = body_len;
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
if (parse_http_response(headers, &status_code, &date_header,
|
2005-03-22 19:43:24 +01:00
|
|
|
&compression, &reason) < 0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_HTTP,"Unparseable headers (server '%s:%d'). Closing.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2004-09-29 08:52:36 +02:00
|
|
|
tor_free(body); tor_free(headers);
|
2004-07-20 04:44:26 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2005-03-22 19:43:24 +01:00
|
|
|
if (!reason) reason = tor_strdup("[no reason given]");
|
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIR,
|
2011-11-24 17:40:10 +01:00
|
|
|
"Received response from directory server '%s:%d': %d %s "
|
|
|
|
"(purpose: %d)",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port, status_code,
|
2011-11-24 17:40:10 +01:00
|
|
|
escaped(reason),
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose);
|
2005-03-22 19:43:24 +01:00
|
|
|
|
2006-07-17 08:35:06 +02:00
|
|
|
/* now check if it's got any hints for us about our IP address. */
|
2006-09-30 22:14:15 +02:00
|
|
|
if (conn->dirconn_direct) {
|
|
|
|
char *guess = http_get_header(headers, X_ADDRESS_HEADER);
|
|
|
|
if (guess) {
|
2008-02-09 11:36:49 +01:00
|
|
|
router_new_address_suggestion(guess, conn);
|
2006-09-30 22:14:15 +02:00
|
|
|
tor_free(guess);
|
|
|
|
}
|
2006-07-17 08:35:06 +02:00
|
|
|
}
|
|
|
|
|
2004-08-15 22:30:15 +02:00
|
|
|
if (date_header > 0) {
|
2007-01-10 17:33:40 +01:00
|
|
|
/* The date header was written very soon after we sent our request,
|
|
|
|
* so compute the skew as the difference between sending the request
|
|
|
|
* and the date header. (We used to check now-date_header, but that's
|
|
|
|
* inaccurate if we spend a lot of time downloading.)
|
|
|
|
*/
|
2012-10-12 18:22:13 +02:00
|
|
|
delta = conn->base_.timestamp_lastwritten - date_header;
|
2008-02-22 20:09:45 +01:00
|
|
|
if (labs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
|
2007-10-30 16:17:07 +01:00
|
|
|
char dbuf[64];
|
2007-01-06 06:42:31 +01:00
|
|
|
int trusted = router_digest_is_trusted_dir(conn->identity_digest);
|
2007-10-30 16:17:07 +01:00
|
|
|
format_time_interval(dbuf, sizeof(dbuf), delta);
|
2007-01-06 06:42:31 +01:00
|
|
|
log_fn(trusted ? LOG_WARN : LOG_INFO,
|
2005-10-25 10:20:10 +02:00
|
|
|
LD_HTTP,
|
2005-12-14 21:40:40 +01:00
|
|
|
"Received directory with skewed time (server '%s:%d'): "
|
2007-10-30 16:17:07 +01:00
|
|
|
"It seems that our clock is %s by %s, or that theirs is %s. "
|
2008-12-22 10:10:06 +01:00
|
|
|
"Tor requires an accurate clock to work: please check your time, "
|
|
|
|
"timezone, and date settings.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port,
|
2007-10-30 16:17:07 +01:00
|
|
|
delta>0 ? "ahead" : "behind", dbuf,
|
|
|
|
delta>0 ? "behind" : "ahead");
|
2005-01-29 12:48:37 +01:00
|
|
|
skewed = 1; /* don't check the recommended-versions line */
|
2011-02-10 23:11:06 +01:00
|
|
|
if (trusted)
|
|
|
|
control_event_general_status(LOG_WARN,
|
|
|
|
"CLOCK_SKEW SKEW=%ld SOURCE=DIRSERV:%s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
delta, conn->base_.address, conn->base_.port);
|
2004-08-15 22:30:15 +02:00
|
|
|
} else {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_HTTP, "Time on received directory is within tolerance; "
|
2008-02-22 20:09:45 +01:00
|
|
|
"we are %ld seconds skewed. (That's okay.)", delta);
|
2004-08-15 22:30:15 +02:00
|
|
|
}
|
|
|
|
}
|
2006-11-14 04:45:48 +01:00
|
|
|
(void) skewed; /* skewed isn't used yet. */
|
2004-07-20 04:44:26 +02:00
|
|
|
|
2009-10-27 14:14:52 +01:00
|
|
|
if (status_code == 503) {
|
2011-03-25 22:11:04 +01:00
|
|
|
routerstatus_t *rs;
|
2012-09-10 21:55:27 +02:00
|
|
|
dir_server_t *ds;
|
2011-05-06 03:56:52 +02:00
|
|
|
const char *id_digest = conn->identity_digest;
|
2011-03-25 22:11:04 +01:00
|
|
|
log_info(LD_DIR,"Received http status code %d (%s) from server "
|
|
|
|
"'%s:%d'. I'll try again soon.",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2011-05-06 03:56:52 +02:00
|
|
|
if ((rs = router_get_mutable_consensus_status_by_id(id_digest)))
|
2011-03-25 22:11:04 +01:00
|
|
|
rs->last_dir_503_at = now;
|
2012-09-10 21:23:39 +02:00
|
|
|
if ((ds = router_get_fallback_dirserver_by_digest(id_digest)))
|
2011-03-25 22:11:04 +01:00
|
|
|
ds->fake_status.last_dir_503_at = now;
|
2009-10-27 14:14:52 +01:00
|
|
|
|
2011-03-25 22:11:04 +01:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
|
|
|
return -1;
|
2006-02-03 13:08:31 +01:00
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
plausible = body_is_plausible(body, body_len, conn->base_.purpose);
|
2006-10-09 05:39:06 +02:00
|
|
|
if (compression != NO_METHOD || !plausible) {
|
2005-01-19 23:40:33 +01:00
|
|
|
char *new_body = NULL;
|
|
|
|
size_t new_len = 0;
|
2006-10-09 05:39:06 +02:00
|
|
|
compress_method_t guessed = detect_compression_method(body, body_len);
|
|
|
|
if (compression == UNKNOWN_METHOD || guessed != compression) {
|
2005-01-19 23:40:33 +01:00
|
|
|
/* Tell the user if we don't believe what we're told about compression.*/
|
|
|
|
const char *description1, *description2;
|
|
|
|
if (compression == ZLIB_METHOD)
|
|
|
|
description1 = "as deflated";
|
2005-01-19 23:47:48 +01:00
|
|
|
else if (compression == GZIP_METHOD)
|
2005-01-19 23:40:33 +01:00
|
|
|
description1 = "as gzipped";
|
2006-10-09 08:22:31 +02:00
|
|
|
else if (compression == NO_METHOD)
|
2005-01-19 23:40:33 +01:00
|
|
|
description1 = "as uncompressed";
|
|
|
|
else
|
|
|
|
description1 = "with an unknown Content-Encoding";
|
|
|
|
if (guessed == ZLIB_METHOD)
|
|
|
|
description2 = "deflated";
|
|
|
|
else if (guessed == GZIP_METHOD)
|
|
|
|
description2 = "gzipped";
|
|
|
|
else if (!plausible)
|
|
|
|
description2 = "confusing binary junk";
|
|
|
|
else
|
|
|
|
description2 = "uncompressed";
|
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_HTTP, "HTTP body from server '%s:%d' was labeled %s, "
|
|
|
|
"but it seems to be %s.%s",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port, description1,
|
2006-07-26 21:07:37 +02:00
|
|
|
description2,
|
2006-02-13 10:37:53 +01:00
|
|
|
(compression>0 && guessed>0)?" Trying both.":"");
|
2005-01-19 23:40:33 +01:00
|
|
|
}
|
|
|
|
/* Try declared compression first if we can. */
|
2006-10-09 05:39:06 +02:00
|
|
|
if (compression == GZIP_METHOD || compression == ZLIB_METHOD)
|
2005-10-14 04:26:13 +02:00
|
|
|
tor_gzip_uncompress(&new_body, &new_len, body, body_len, compression,
|
2006-06-29 13:04:42 +02:00
|
|
|
!allow_partial, LOG_PROTOCOL_WARN);
|
2005-01-19 23:40:33 +01:00
|
|
|
/* Okay, if that didn't work, and we think that it was compressed
|
|
|
|
* differently, try that. */
|
2006-10-09 05:39:06 +02:00
|
|
|
if (!new_body &&
|
|
|
|
(guessed == GZIP_METHOD || guessed == ZLIB_METHOD) &&
|
|
|
|
compression != guessed)
|
2005-10-14 04:26:13 +02:00
|
|
|
tor_gzip_uncompress(&new_body, &new_len, body, body_len, guessed,
|
2006-06-29 13:04:42 +02:00
|
|
|
!allow_partial, LOG_PROTOCOL_WARN);
|
2005-01-19 23:40:33 +01:00
|
|
|
/* If we're pretty sure that we have a compressed directory, and
|
|
|
|
* we didn't manage to uncompress it, then warn and bail. */
|
|
|
|
if (!plausible && !new_body) {
|
2006-02-13 00:44:02 +01:00
|
|
|
log_fn(LOG_PROTOCOL_WARN, LD_HTTP,
|
|
|
|
"Unable to decompress HTTP body (server '%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2005-03-22 19:43:24 +01:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
2004-09-08 08:52:33 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2005-01-19 23:40:33 +01:00
|
|
|
if (new_body) {
|
|
|
|
tor_free(body);
|
|
|
|
body = new_body;
|
|
|
|
body_len = new_len;
|
2006-01-10 00:13:53 +01:00
|
|
|
was_compressed = 1;
|
2005-01-19 23:40:33 +01:00
|
|
|
}
|
2004-09-08 08:52:33 +02:00
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
|
2007-11-03 16:55:15 +01:00
|
|
|
int r;
|
2011-02-23 18:32:15 +01:00
|
|
|
const char *flavname = conn->requested_resource;
|
2007-10-08 19:44:09 +02:00
|
|
|
if (status_code != 200) {
|
2007-10-28 21:30:21 +01:00
|
|
|
int severity = (status_code == 304) ? LOG_INFO : LOG_WARN;
|
2013-02-01 21:43:37 +01:00
|
|
|
tor_log(severity, LD_DIR,
|
2007-10-08 19:44:09 +02:00
|
|
|
"Received http status code %d (%s) from server "
|
|
|
|
"'%s:%d' while fetching consensus directory.",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2007-10-08 19:44:09 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_consensus_download_failed(status_code, flavname);
|
2007-10-08 19:44:09 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
log_info(LD_DIR,"Received consensus directory (size %d) from server "
|
2012-10-12 18:22:13 +02:00
|
|
|
"'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port);
|
2010-09-17 04:12:03 +02:00
|
|
|
if ((r=networkstatus_set_current_consensus(body, flavname, 0))<0) {
|
2007-11-03 16:55:15 +01:00
|
|
|
log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
|
2010-09-17 04:12:03 +02:00
|
|
|
"Unable to load %s consensus directory downloaded from "
|
2008-04-24 07:32:55 +02:00
|
|
|
"server '%s:%d'. I'll try again soon.",
|
2012-10-12 18:22:13 +02:00
|
|
|
flavname, conn->base_.address, conn->base_.port);
|
2007-10-08 19:44:09 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_consensus_download_failed(0, flavname);
|
2007-10-08 19:44:09 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2007-11-11 18:37:59 +01:00
|
|
|
/* launches router downloads as needed */
|
|
|
|
routers_update_all_from_networkstatus(now, 3);
|
2010-09-21 22:16:56 +02:00
|
|
|
update_microdescs_from_networkstatus(now);
|
|
|
|
update_microdesc_downloads(now);
|
2007-10-16 01:15:24 +02:00
|
|
|
directory_info_has_arrived(now, 0);
|
2007-10-08 19:44:09 +02:00
|
|
|
log_info(LD_DIR, "Successfully loaded consensus.");
|
2007-08-24 16:41:06 +02:00
|
|
|
}
|
2007-10-28 21:30:21 +01:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
|
2007-09-08 21:08:39 +02:00
|
|
|
if (status_code != 200) {
|
2007-10-13 23:57:02 +02:00
|
|
|
log_warn(LD_DIR,
|
2007-09-08 21:08:39 +02:00
|
|
|
"Received http status code %d (%s) from server "
|
|
|
|
"'%s:%d' while fetching \"/tor/keys/%s\".",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port, conn->requested_resource);
|
2007-10-09 17:27:45 +02:00
|
|
|
connection_dir_download_cert_failed(conn, status_code);
|
2007-09-08 21:08:39 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
|
|
|
return -1;
|
|
|
|
}
|
2007-10-10 21:33:06 +02:00
|
|
|
log_info(LD_DIR,"Received authority certificates (size %d) from server "
|
2012-10-12 18:22:13 +02:00
|
|
|
"'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port);
|
2013-05-11 04:39:48 +02:00
|
|
|
|
2013-05-09 13:56:54 +02:00
|
|
|
/*
|
|
|
|
* Tell trusted_dirs_load_certs_from_string() whether it was by fp
|
|
|
|
* or fp-sk pair.
|
|
|
|
*/
|
|
|
|
src_code = -1;
|
|
|
|
if (!strcmpstart(conn->requested_resource, "fp/")) {
|
|
|
|
src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST;
|
|
|
|
} else if (!strcmpstart(conn->requested_resource, "fp-sk/")) {
|
|
|
|
src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (src_code != -1) {
|
|
|
|
if (trusted_dirs_load_certs_from_string(body, src_code, 1)<0) {
|
|
|
|
log_warn(LD_DIR, "Unable to parse fetched certificates");
|
|
|
|
/* if we fetched more than one and only some failed, the successful
|
|
|
|
* ones got flushed to disk so it's safe to call this on them */
|
|
|
|
connection_dir_download_cert_failed(conn, status_code);
|
|
|
|
} else {
|
|
|
|
directory_info_has_arrived(now, 0);
|
|
|
|
log_info(LD_DIR, "Successfully loaded certificates from fetch.");
|
|
|
|
}
|
2007-09-08 21:08:39 +02:00
|
|
|
} else {
|
2013-05-09 13:56:54 +02:00
|
|
|
log_warn(LD_DIR,
|
|
|
|
"Couldn't figure out what to do with fetched certificates for "
|
|
|
|
"unknown resource %s",
|
|
|
|
conn->requested_resource);
|
|
|
|
connection_dir_download_cert_failed(conn, status_code);
|
2007-09-08 21:08:39 +02:00
|
|
|
}
|
2007-08-24 16:41:06 +02:00
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) {
|
2007-09-22 08:06:05 +02:00
|
|
|
const char *msg;
|
|
|
|
int st;
|
|
|
|
log_info(LD_DIR,"Got votes (size %d) from server %s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
(int)body_len, conn->base_.address, conn->base_.port);
|
2007-09-22 08:06:05 +02:00
|
|
|
if (status_code != 200) {
|
2007-10-13 23:57:02 +02:00
|
|
|
log_warn(LD_DIR,
|
2007-09-22 08:06:05 +02:00
|
|
|
"Received http status code %d (%s) from server "
|
|
|
|
"'%s:%d' while fetching \"/tor/status-vote/next/%s.z\".",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port, conn->requested_resource);
|
2007-09-22 08:06:05 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
|
|
|
return -1;
|
|
|
|
}
|
2007-10-16 17:34:14 +02:00
|
|
|
dirvote_add_vote(body, &msg, &st);
|
|
|
|
if (st > 299) {
|
2007-09-22 08:06:05 +02:00
|
|
|
log_warn(LD_DIR, "Error adding retrieved vote: %s", msg);
|
|
|
|
} else {
|
2007-10-16 17:34:14 +02:00
|
|
|
log_info(LD_DIR, "Added vote(s) successfully [msg: %s]", msg);
|
2007-09-22 08:06:05 +02:00
|
|
|
}
|
2007-08-24 16:41:06 +02:00
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) {
|
2007-10-10 01:02:02 +02:00
|
|
|
const char *msg = NULL;
|
2007-09-22 08:06:05 +02:00
|
|
|
log_info(LD_DIR,"Got detached signatures (size %d) from server %s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
(int)body_len, conn->base_.address, conn->base_.port);
|
2007-09-22 08:06:05 +02:00
|
|
|
if (status_code != 200) {
|
2007-10-13 23:57:02 +02:00
|
|
|
log_warn(LD_DIR,
|
2009-11-04 17:38:57 +01:00
|
|
|
"Received http status code %d (%s) from server '%s:%d' while fetching "
|
|
|
|
"\"/tor/status-vote/next/consensus-signatures.z\".",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2007-09-22 08:06:05 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
|
|
|
return -1;
|
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
if (dirvote_add_signatures(body, conn->base_.address, &msg)<0) {
|
2007-10-10 01:02:02 +02:00
|
|
|
log_warn(LD_DIR, "Problem adding detached signatures from %s:%d: %s",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port, msg?msg:"???");
|
2007-10-10 01:02:02 +02:00
|
|
|
}
|
2007-08-24 16:41:06 +02:00
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) {
|
|
|
|
int was_ei = conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO;
|
2005-09-15 07:19:38 +02:00
|
|
|
smartlist_t *which = NULL;
|
2005-09-15 23:11:48 +02:00
|
|
|
int n_asked_for = 0;
|
2007-09-21 08:14:36 +02:00
|
|
|
int descriptor_digests = conn->requested_resource &&
|
|
|
|
!strcmpstart(conn->requested_resource,"d/");
|
2007-05-18 23:19:19 +02:00
|
|
|
log_info(LD_DIR,"Received %s (size %d) from server '%s:%d'",
|
2007-06-12 11:17:23 +02:00
|
|
|
was_ei ? "extra server info" : "server info",
|
2012-10-12 18:22:13 +02:00
|
|
|
(int)body_len, conn->base_.address, conn->base_.port);
|
2005-09-15 07:19:38 +02:00
|
|
|
if (conn->requested_resource &&
|
2007-09-21 08:14:36 +02:00
|
|
|
(!strcmpstart(conn->requested_resource,"d/") ||
|
|
|
|
!strcmpstart(conn->requested_resource,"fp/"))) {
|
2012-01-18 21:53:30 +01:00
|
|
|
which = smartlist_new();
|
2007-09-21 08:14:36 +02:00
|
|
|
dir_split_resource_into_fingerprints(conn->requested_resource +
|
|
|
|
(descriptor_digests ? 2 : 3),
|
2009-10-18 21:45:57 +02:00
|
|
|
which, NULL, 0);
|
2005-09-15 23:11:48 +02:00
|
|
|
n_asked_for = smartlist_len(which);
|
2005-09-18 06:15:39 +02:00
|
|
|
}
|
|
|
|
if (status_code != 200) {
|
2007-10-13 23:57:02 +02:00
|
|
|
int dir_okay = status_code == 404 ||
|
2005-12-18 23:34:24 +01:00
|
|
|
(status_code == 400 && !strcmp(reason, "Servers unavailable."));
|
2005-10-05 03:27:08 +02:00
|
|
|
/* 404 means that it didn't have them; no big deal.
|
|
|
|
* Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */
|
2005-12-15 22:15:16 +01:00
|
|
|
log_fn(dir_okay ? LOG_INFO : LOG_WARN, LD_DIR,
|
2006-03-05 10:50:26 +01:00
|
|
|
"Received http status code %d (%s) from server '%s:%d' "
|
2005-12-14 21:40:40 +01:00
|
|
|
"while fetching \"/tor/server/%s\". I'll try again soon.",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port, conn->requested_resource);
|
2005-09-18 06:15:39 +02:00
|
|
|
if (!which) {
|
|
|
|
connection_dir_download_routerdesc_failed(conn);
|
|
|
|
} else {
|
2007-09-21 08:14:36 +02:00
|
|
|
dir_routerdesc_download_failed(which, status_code,
|
2007-11-04 01:15:42 +01:00
|
|
|
conn->router_purpose,
|
2007-09-21 08:14:36 +02:00
|
|
|
was_ei, descriptor_digests);
|
2005-09-18 06:15:39 +02:00
|
|
|
SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(which);
|
|
|
|
}
|
2005-09-30 01:06:48 +02:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
2005-12-15 22:15:16 +01:00
|
|
|
return dir_okay ? 0 : -1;
|
2005-09-18 06:15:39 +02:00
|
|
|
}
|
2007-06-12 11:17:23 +02:00
|
|
|
/* Learn the routers, assuming we requested by fingerprint or "all"
|
2007-06-15 04:12:15 +02:00
|
|
|
* or "authority".
|
|
|
|
*
|
|
|
|
* We use "authority" to fetch our own descriptor for
|
|
|
|
* testing, and to fetch bridge descriptors for bootstrapping. Ignore
|
|
|
|
* the output of "authority" requests unless we are using bridges,
|
|
|
|
* since otherwise they'll be the response from reachability tests,
|
|
|
|
* and we don't really want to add that to our routerlist. */
|
2005-09-30 22:04:55 +02:00
|
|
|
if (which || (conn->requested_resource &&
|
2007-06-12 11:17:23 +02:00
|
|
|
(!strcmpstart(conn->requested_resource, "all") ||
|
2007-06-15 04:12:15 +02:00
|
|
|
(!strcmpstart(conn->requested_resource, "authority") &&
|
|
|
|
get_options()->UseBridges)))) {
|
2005-09-30 22:04:55 +02:00
|
|
|
/* as we learn from them, we remove them from 'which' */
|
2007-05-18 23:19:19 +02:00
|
|
|
if (was_ei) {
|
2007-09-21 08:14:36 +02:00
|
|
|
router_load_extrainfo_from_string(body, NULL, SAVED_NOWHERE, which,
|
|
|
|
descriptor_digests);
|
2007-05-18 23:19:19 +02:00
|
|
|
} else {
|
2007-09-27 22:46:30 +02:00
|
|
|
//router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
|
|
|
|
// descriptor_digests, conn->router_purpose);
|
2008-12-23 22:17:52 +01:00
|
|
|
if (load_downloaded_routers(body, which, descriptor_digests,
|
2007-09-27 22:46:30 +02:00
|
|
|
conn->router_purpose,
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address))
|
2008-12-23 22:17:52 +01:00
|
|
|
directory_info_has_arrived(now, 0);
|
2007-05-18 23:19:19 +02:00
|
|
|
}
|
2005-09-30 22:04:55 +02:00
|
|
|
}
|
2005-09-30 04:08:57 +02:00
|
|
|
if (which) { /* mark remaining ones as failed */
|
2007-10-18 16:50:59 +02:00
|
|
|
log_info(LD_DIR, "Received %d/%d %s requested from %s:%d",
|
2006-02-13 10:37:53 +01:00
|
|
|
n_asked_for-smartlist_len(which), n_asked_for,
|
2007-10-18 16:50:59 +02:00
|
|
|
was_ei ? "extra-info documents" : "router descriptors",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, (int)conn->base_.port);
|
2005-09-15 07:19:38 +02:00
|
|
|
if (smartlist_len(which)) {
|
2007-09-21 08:14:36 +02:00
|
|
|
dir_routerdesc_download_failed(which, status_code,
|
2007-11-04 01:15:42 +01:00
|
|
|
conn->router_purpose,
|
2007-09-21 08:14:36 +02:00
|
|
|
was_ei, descriptor_digests);
|
2005-09-15 07:19:38 +02:00
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(which);
|
|
|
|
}
|
2007-01-06 06:42:31 +01:00
|
|
|
if (directory_conn_is_self_reachability_test(conn))
|
|
|
|
router_dirport_found_reachable();
|
2005-09-08 08:22:44 +02:00
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC) {
|
2010-05-11 23:20:33 +02:00
|
|
|
smartlist_t *which = NULL;
|
|
|
|
log_info(LD_DIR,"Received answer to microdescriptor request (status %d, "
|
|
|
|
"size %d) from server '%s:%d'",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, (int)body_len, conn->base_.address,
|
|
|
|
conn->base_.port);
|
2010-05-11 23:20:33 +02:00
|
|
|
tor_assert(conn->requested_resource &&
|
|
|
|
!strcmpstart(conn->requested_resource, "d/"));
|
2012-01-18 21:53:30 +01:00
|
|
|
which = smartlist_new();
|
2010-05-11 23:20:33 +02:00
|
|
|
dir_split_resource_into_fingerprints(conn->requested_resource+2,
|
|
|
|
which, NULL,
|
|
|
|
DSR_DIGEST256|DSR_BASE64);
|
|
|
|
if (status_code != 200) {
|
|
|
|
log_info(LD_DIR, "Received status code %d (%s) from server "
|
|
|
|
"'%s:%d' while fetching \"/tor/micro/%s\". I'll try again "
|
|
|
|
"soon.",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
(int)conn->base_.port, conn->requested_resource);
|
2010-05-11 23:20:33 +02:00
|
|
|
dir_microdesc_download_failed(which, status_code);
|
|
|
|
SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(which);
|
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
smartlist_t *mds;
|
|
|
|
mds = microdescs_add_to_cache(get_microdesc_cache(),
|
|
|
|
body, body+body_len, SAVED_NOWHERE, 0,
|
|
|
|
now, which);
|
|
|
|
if (smartlist_len(which)) {
|
|
|
|
/* Mark remaining ones as failed. */
|
|
|
|
dir_microdesc_download_failed(which, status_code);
|
|
|
|
}
|
2013-10-08 17:31:08 +02:00
|
|
|
control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
|
|
|
|
count_loading_descriptors_progress());
|
2010-05-11 23:20:33 +02:00
|
|
|
SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(which);
|
2011-02-24 15:47:33 +01:00
|
|
|
smartlist_free(mds);
|
2010-05-11 23:20:33 +02:00
|
|
|
}
|
|
|
|
}
|
2005-09-08 08:22:44 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_DIR) {
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (status_code) {
|
2007-01-06 06:42:31 +01:00
|
|
|
case 200: {
|
2012-09-10 21:55:27 +02:00
|
|
|
dir_server_t *ds =
|
2007-01-06 06:42:31 +01:00
|
|
|
router_get_trusteddirserver_by_digest(conn->identity_digest);
|
2007-11-01 06:01:24 +01:00
|
|
|
char *rejected_hdr = http_get_header(headers,
|
|
|
|
"X-Descriptor-Not-New: ");
|
|
|
|
if (rejected_hdr) {
|
2007-11-01 14:40:29 +01:00
|
|
|
if (!strcmp(rejected_hdr, "Yes")) {
|
2009-03-31 07:24:36 +02:00
|
|
|
log_info(LD_GENERAL,
|
|
|
|
"Authority '%s' declined our descriptor (not new)",
|
|
|
|
ds->nickname);
|
2008-12-18 17:11:24 +01:00
|
|
|
/* XXXX use this information; be sure to upload next one
|
2008-02-21 16:39:24 +01:00
|
|
|
* sooner. -NM */
|
2011-03-25 21:01:16 +01:00
|
|
|
/* XXXX023 On further thought, the task above implies that we're
|
2008-12-18 17:11:24 +01:00
|
|
|
* basing our regenerate-descriptor time on when we uploaded the
|
|
|
|
* last descriptor, not on the published time of the last
|
|
|
|
* descriptor. If those are different, that's a bad thing to
|
|
|
|
* do. -NM */
|
2007-11-01 06:01:24 +01:00
|
|
|
}
|
|
|
|
tor_free(rejected_hdr);
|
|
|
|
}
|
2007-01-06 06:42:31 +01:00
|
|
|
log_info(LD_GENERAL,"eof (status 200) after uploading server "
|
|
|
|
"descriptor: finished.");
|
|
|
|
control_event_server_status(
|
|
|
|
LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2007-01-06 06:42:31 +01:00
|
|
|
|
|
|
|
ds->has_accepted_serverdesc = 1;
|
2007-09-18 17:53:53 +02:00
|
|
|
if (directories_have_accepted_server_descriptor())
|
2007-01-06 06:42:31 +01:00
|
|
|
control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR");
|
|
|
|
}
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
|
|
|
case 400:
|
2006-03-05 10:50:26 +01:00
|
|
|
log_warn(LD_GENERAL,"http status 400 (%s) response from "
|
2006-02-13 10:37:53 +01:00
|
|
|
"dirserver '%s:%d'. Please correct.",
|
2012-10-12 18:22:13 +02:00
|
|
|
escaped(reason), conn->base_.address, conn->base_.port);
|
2007-01-06 06:42:31 +01:00
|
|
|
control_event_server_status(LOG_WARN,
|
|
|
|
"BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port, escaped(reason));
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
|
|
|
default:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_GENERAL,
|
2006-10-07 08:28:50 +02:00
|
|
|
"http status %d (%s) reason unexpected while uploading "
|
2006-09-30 00:33:40 +02:00
|
|
|
"descriptor to server '%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
2004-06-16 23:08:29 +02:00
|
|
|
}
|
2005-09-12 09:36:26 +02:00
|
|
|
/* return 0 in all cases, since we don't want to mark any
|
|
|
|
* dirservers down just because they don't like us. */
|
2004-07-20 04:44:26 +02:00
|
|
|
}
|
2004-06-16 23:08:29 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_VOTE) {
|
2007-07-26 00:56:44 +02:00
|
|
|
switch (status_code) {
|
|
|
|
case 200: {
|
|
|
|
log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2007-07-26 00:56:44 +02:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 400:
|
2007-07-29 04:55:21 +02:00
|
|
|
log_warn(LD_DIR,"http status 400 (%s) response after uploading "
|
2007-07-26 00:56:44 +02:00
|
|
|
"vote to dirserver '%s:%d'. Please correct.",
|
2012-10-12 18:22:13 +02:00
|
|
|
escaped(reason), conn->base_.address, conn->base_.port);
|
2007-07-26 00:56:44 +02:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
log_warn(LD_GENERAL,
|
|
|
|
"http status %d (%s) reason unexpected while uploading "
|
|
|
|
"vote to server '%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2007-07-26 00:56:44 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
/* return 0 in all cases, since we don't want to mark any
|
|
|
|
* dirservers down just because they don't like us. */
|
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES) {
|
2007-07-29 04:55:21 +02:00
|
|
|
switch (status_code) {
|
|
|
|
case 200: {
|
2007-08-14 18:39:18 +02:00
|
|
|
log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, conn->base_.port);
|
2007-07-29 04:55:21 +02:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 400:
|
|
|
|
log_warn(LD_DIR,"http status 400 (%s) response after uploading "
|
|
|
|
"signatures to dirserver '%s:%d'. Please correct.",
|
2012-10-12 18:22:13 +02:00
|
|
|
escaped(reason), conn->base_.address, conn->base_.port);
|
2007-07-29 04:55:21 +02:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
log_warn(LD_GENERAL,
|
|
|
|
"http status %d (%s) reason unexpected while uploading "
|
|
|
|
"signatures to server '%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2007-07-29 04:55:21 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
/* return 0 in all cases, since we don't want to mark any
|
|
|
|
* dirservers down just because they don't like us. */
|
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC) {
|
2008-09-24 16:44:29 +02:00
|
|
|
tor_assert(conn->rend_data);
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
|
2006-03-05 10:50:26 +01:00
|
|
|
"(%s))",
|
|
|
|
(int)body_len, status_code, escaped(reason));
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (status_code) {
|
2004-07-20 04:44:26 +02:00
|
|
|
case 200:
|
2011-04-27 22:37:08 +02:00
|
|
|
if (rend_cache_store(body, body_len, 0,
|
|
|
|
conn->rend_data->onion_address) < -1) {
|
2008-10-02 09:32:13 +02:00
|
|
|
log_warn(LD_REND,"Failed to parse rendezvous descriptor.");
|
2008-01-24 05:45:30 +01:00
|
|
|
/* Any pending rendezvous attempts will notice when
|
|
|
|
* connection_about_to_close_connection()
|
|
|
|
* cleans this dir conn up. */
|
|
|
|
/* We could retry. But since v0 descriptors are going out of
|
|
|
|
* style, it isn't worth the hassle. We'll do better in v2. */
|
2004-07-20 04:44:26 +02:00
|
|
|
} else {
|
2008-10-02 09:32:13 +02:00
|
|
|
/* Success, or at least there's a v2 descriptor already
|
|
|
|
* present. Notify pending connections about this. */
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
|
2009-05-03 01:04:25 +02:00
|
|
|
rend_client_desc_trynow(conn->rend_data->onion_address);
|
2004-07-20 04:44:26 +02:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 404:
|
2008-01-24 05:45:30 +01:00
|
|
|
/* Not there. Pending connections will be notified when
|
|
|
|
* connection_about_to_close_connection() cleans this conn up. */
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
|
|
|
case 400:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_REND,
|
2006-03-05 10:50:26 +01:00
|
|
|
"http status 400 (%s). Dirserver didn't like our "
|
|
|
|
"rendezvous query?", escaped(reason));
|
2005-03-22 19:43:24 +01:00
|
|
|
break;
|
|
|
|
default:
|
2006-09-30 00:33:40 +02:00
|
|
|
log_warn(LD_REND,"http status %d (%s) response unexpected while "
|
2006-10-07 08:28:50 +02:00
|
|
|
"fetching hidden service descriptor (server '%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
2002-09-28 02:52:59 +02:00
|
|
|
}
|
2004-07-20 04:44:26 +02:00
|
|
|
}
|
2004-03-31 00:57:49 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2) {
|
2013-10-09 17:13:06 +02:00
|
|
|
#define SEND_HS_DESC_FAILED_EVENT() ( \
|
|
|
|
control_event_hs_descriptor_failed(conn->rend_data, \
|
2014-02-05 01:33:48 +01:00
|
|
|
conn->identity_digest) )
|
2008-09-24 16:44:29 +02:00
|
|
|
tor_assert(conn->rend_data);
|
2007-10-29 20:10:42 +01:00
|
|
|
log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
|
|
|
|
"(%s))",
|
|
|
|
(int)body_len, status_code, escaped(reason));
|
|
|
|
switch (status_code) {
|
|
|
|
case 200:
|
2008-09-24 16:44:29 +02:00
|
|
|
switch (rend_cache_store_v2_desc_as_client(body, conn->rend_data)) {
|
2008-01-24 23:49:14 +01:00
|
|
|
case -2:
|
|
|
|
log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
|
|
|
|
"Retrying at another directory.");
|
|
|
|
/* We'll retry when connection_about_to_close_connection()
|
|
|
|
* cleans this dir conn up. */
|
2013-10-09 17:13:06 +02:00
|
|
|
SEND_HS_DESC_FAILED_EVENT();
|
2008-01-24 23:49:14 +01:00
|
|
|
break;
|
|
|
|
case -1:
|
|
|
|
/* We already have a v0 descriptor here. Ignoring this one
|
|
|
|
* and _not_ performing another request. */
|
|
|
|
log_info(LD_REND, "Successfully fetched v2 rendezvous "
|
|
|
|
"descriptor, but we already have a v0 descriptor.");
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
|
2008-01-24 23:49:14 +01:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
/* success. notify pending connections about this. */
|
|
|
|
log_info(LD_REND, "Successfully fetched v2 rendezvous "
|
|
|
|
"descriptor.");
|
2013-10-09 17:13:06 +02:00
|
|
|
control_event_hs_descriptor_received(conn->rend_data,
|
2014-02-05 01:33:48 +01:00
|
|
|
conn->identity_digest);
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
|
2009-05-03 01:04:25 +02:00
|
|
|
rend_client_desc_trynow(conn->rend_data->onion_address);
|
2008-01-24 23:49:14 +01:00
|
|
|
break;
|
2007-10-29 20:10:42 +01:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 404:
|
2008-01-24 05:45:30 +01:00
|
|
|
/* Not there. We'll retry when
|
|
|
|
* connection_about_to_close_connection() cleans this conn up. */
|
2008-01-24 04:28:50 +01:00
|
|
|
log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
|
|
|
|
"Retrying at another directory.");
|
2013-10-09 17:13:06 +02:00
|
|
|
SEND_HS_DESC_FAILED_EVENT();
|
2007-10-29 20:10:42 +01:00
|
|
|
break;
|
|
|
|
case 400:
|
|
|
|
log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
|
|
|
|
"http status 400 (%s). Dirserver didn't like our "
|
2008-01-24 04:28:50 +01:00
|
|
|
"v2 rendezvous query? Retrying at another directory.",
|
|
|
|
escaped(reason));
|
2013-10-09 17:13:06 +02:00
|
|
|
SEND_HS_DESC_FAILED_EVENT();
|
2007-10-29 20:10:42 +01:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
|
|
|
|
"http status %d (%s) response unexpected while "
|
2008-01-24 04:28:50 +01:00
|
|
|
"fetching v2 hidden service descriptor (server '%s:%d'). "
|
|
|
|
"Retrying at another directory.",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2013-10-09 17:13:06 +02:00
|
|
|
SEND_HS_DESC_FAILED_EVENT();
|
2007-10-29 20:10:42 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC ||
|
|
|
|
conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) {
|
2007-10-29 20:10:42 +01:00
|
|
|
log_info(LD_REND,"Uploaded rendezvous descriptor (status %d "
|
|
|
|
"(%s))",
|
2007-08-11 16:13:25 +02:00
|
|
|
status_code, escaped(reason));
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (status_code) {
|
2004-07-20 04:44:26 +02:00
|
|
|
case 200:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_REND,
|
|
|
|
"Uploading rendezvous descriptor: finished with status "
|
2006-03-05 10:50:26 +01:00
|
|
|
"200 (%s)", escaped(reason));
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
|
|
|
case 400:
|
2006-03-05 10:50:26 +01:00
|
|
|
log_warn(LD_REND,"http status 400 (%s) response from dirserver "
|
2006-02-13 10:37:53 +01:00
|
|
|
"'%s:%d'. Malformed rendezvous descriptor?",
|
2012-10-12 18:22:13 +02:00
|
|
|
escaped(reason), conn->base_.address, conn->base_.port);
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
|
|
|
default:
|
2006-03-05 10:50:26 +01:00
|
|
|
log_warn(LD_REND,"http status %d (%s) response unexpected (server "
|
2006-02-13 10:37:53 +01:00
|
|
|
"'%s:%d').",
|
2012-10-12 18:22:13 +02:00
|
|
|
status_code, escaped(reason), conn->base_.address,
|
|
|
|
conn->base_.port);
|
2004-07-20 04:44:26 +02:00
|
|
|
break;
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
2004-07-20 04:44:26 +02:00
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
note_client_request(conn->base_.purpose, was_compressed, orig_len);
|
2005-03-22 19:43:24 +01:00
|
|
|
tor_free(body); tor_free(headers); tor_free(reason);
|
2004-07-20 04:44:26 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-02-09 04:11:10 +01:00
|
|
|
/** Called when a directory connection reaches EOF. */
|
2005-06-11 20:52:12 +02:00
|
|
|
int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_reached_eof(dir_connection_t *conn)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2004-11-21 11:14:57 +01:00
|
|
|
int retval;
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.state != DIR_CONN_STATE_CLIENT_READING) {
|
2007-04-21 19:26:12 +02:00
|
|
|
log_info(LD_HTTP,"conn reached eof, not reading. [state=%d] Closing.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state);
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_close_immediate(TO_CONN(conn)); /* error: give up on flushing */
|
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
2004-11-21 11:14:57 +01:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
retval = connection_dir_client_reached_eof(conn);
|
2005-09-12 09:36:26 +02:00
|
|
|
if (retval == 0) /* success */
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CLIENT_FINISHED;
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
2004-11-21 11:14:57 +01:00
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
2006-12-29 06:07:25 +01:00
|
|
|
/** If any directory object is arriving, and it's over 10MB large, we're
|
|
|
|
* getting DoS'd. (As of 0.1.2.x, raw directories are about 1MB, and we never
|
|
|
|
* ask for more than 96 router descriptors at a time.)
|
|
|
|
*/
|
|
|
|
#define MAX_DIRECTORY_OBJECT_SIZE (10*(1<<20))
|
|
|
|
|
2004-07-20 04:44:26 +02:00
|
|
|
/** Read handler for directory connections. (That's connections <em>to</em>
|
|
|
|
* directory servers and connections <em>at</em> directory servers.)
|
|
|
|
*/
|
2005-09-30 03:09:52 +02:00
|
|
|
int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_process_inbuf(dir_connection_t *conn)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
2004-07-20 04:44:26 +02:00
|
|
|
|
|
|
|
/* Directory clients write, then read data until they receive EOF;
|
|
|
|
* directory servers read data until they get an HTTP command, then
|
|
|
|
* write their response (when it's finished flushing, they mark for
|
|
|
|
* close).
|
|
|
|
*/
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-05-05 04:50:38 +02:00
|
|
|
/* If we're on the dirserver side, look for a command. */
|
2012-10-12 18:22:13 +02:00
|
|
|
if (conn->base_.state == DIR_CONN_STATE_SERVER_COMMAND_WAIT) {
|
2004-03-31 00:57:49 +02:00
|
|
|
if (directory_handle_command(conn) < 0) {
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
2004-03-31 00:57:49 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2004-03-31 07:01:30 +02:00
|
|
|
return 0;
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
2003-09-17 22:09:06 +02:00
|
|
|
|
2009-07-31 17:39:31 +02:00
|
|
|
if (connection_get_inbuf_len(TO_CONN(conn)) > MAX_DIRECTORY_OBJECT_SIZE) {
|
2007-01-05 07:03:10 +01:00
|
|
|
log_warn(LD_HTTP, "Too much data received from directory connection: "
|
|
|
|
"denial of service attempt, or you need to upgrade?");
|
2006-12-29 06:07:25 +01:00
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
|
|
|
return -1;
|
|
|
|
}
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
if (!conn->base_.inbuf_reached_eof)
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_HTTP,"Got data, not eof. Leaving on inbuf.");
|
2002-09-26 14:09:10 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2011-06-22 19:57:19 +02:00
|
|
|
/** Called when we're about to finally unlink and free a directory connection:
|
|
|
|
* perform necessary accounting and cleanup */
|
|
|
|
void
|
|
|
|
connection_dir_about_to_close(dir_connection_t *dir_conn)
|
|
|
|
{
|
|
|
|
connection_t *conn = TO_CONN(dir_conn);
|
|
|
|
|
|
|
|
if (conn->state < DIR_CONN_STATE_CLIENT_FINISHED) {
|
|
|
|
/* It's a directory connection and connecting or fetching
|
|
|
|
* failed: forget about this router, and maybe try again. */
|
|
|
|
connection_dir_request_failed(dir_conn);
|
|
|
|
}
|
|
|
|
/* If we were trying to fetch a v2 rend desc and did not succeed,
|
|
|
|
* retry as needed. (If a fetch is successful, the connection state
|
|
|
|
* is changed to DIR_PURPOSE_HAS_FETCHED_RENDDESC to mark that
|
|
|
|
* refetching is unnecessary.) */
|
|
|
|
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 &&
|
|
|
|
dir_conn->rend_data &&
|
|
|
|
strlen(dir_conn->rend_data->onion_address) == REND_SERVICE_ID_LEN_BASE32)
|
|
|
|
rend_client_refetch_v2_renddesc(dir_conn->rend_data);
|
|
|
|
}
|
|
|
|
|
2005-01-20 21:07:36 +01:00
|
|
|
/** Create an http response for the client <b>conn</b> out of
|
|
|
|
* <b>status</b> and <b>reason_phrase</b>. Write it to <b>conn</b>.
|
|
|
|
*/
|
2005-01-20 20:46:02 +01:00
|
|
|
static void
|
2006-07-26 21:07:26 +02:00
|
|
|
write_http_status_line(dir_connection_t *conn, int status,
|
2005-01-20 20:46:02 +01:00
|
|
|
const char *reason_phrase)
|
|
|
|
{
|
2005-01-20 21:07:36 +01:00
|
|
|
char buf[256];
|
|
|
|
if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n\r\n",
|
2007-05-27 05:41:09 +02:00
|
|
|
status, reason_phrase ? reason_phrase : "OK") < 0) {
|
2007-03-04 21:11:46 +01:00
|
|
|
log_warn(LD_BUG,"status line too long.");
|
2005-01-20 20:46:02 +01:00
|
|
|
return;
|
2005-01-20 21:07:36 +01:00
|
|
|
}
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(buf, strlen(buf), TO_CONN(conn));
|
2005-01-20 20:46:02 +01:00
|
|
|
}
|
2004-03-12 13:43:13 +01:00
|
|
|
|
2006-10-20 21:11:12 +02:00
|
|
|
/** Write the header for an HTTP/1.0 response onto <b>conn</b>-\>outbuf,
|
2006-10-20 01:05:34 +02:00
|
|
|
* with <b>type</b> as the Content-Type.
|
|
|
|
*
|
|
|
|
* If <b>length</b> is nonnegative, it is the Content-Length.
|
|
|
|
* If <b>encoding</b> is provided, it is the Content-Encoding.
|
|
|
|
* If <b>cache_lifetime</b> is greater than 0, the content may be cached for
|
|
|
|
* up to cache_lifetime seconds. Otherwise, the content may not be cached. */
|
2006-06-30 12:50:43 +02:00
|
|
|
static void
|
2007-08-15 21:55:57 +02:00
|
|
|
write_http_response_header_impl(dir_connection_t *conn, ssize_t length,
|
2006-10-20 01:05:34 +02:00
|
|
|
const char *type, const char *encoding,
|
2007-11-01 14:40:29 +01:00
|
|
|
const char *extra_headers,
|
2008-02-22 20:09:45 +01:00
|
|
|
long cache_lifetime)
|
2006-06-30 12:50:43 +02:00
|
|
|
{
|
|
|
|
char date[RFC1123_TIME_LEN+1];
|
|
|
|
char tmp[1024];
|
|
|
|
char *cp;
|
2006-10-20 01:05:34 +02:00
|
|
|
time_t now = time(NULL);
|
2006-06-30 12:50:43 +02:00
|
|
|
|
|
|
|
tor_assert(conn);
|
|
|
|
|
2006-10-20 01:05:34 +02:00
|
|
|
format_rfc1123_time(date, now);
|
2006-06-30 12:50:43 +02:00
|
|
|
cp = tmp;
|
|
|
|
tor_snprintf(cp, sizeof(tmp),
|
2007-11-01 06:01:24 +01:00
|
|
|
"HTTP/1.0 200 OK\r\nDate: %s\r\n",
|
|
|
|
date);
|
2006-06-30 12:50:43 +02:00
|
|
|
cp += strlen(tmp);
|
2007-11-01 06:01:24 +01:00
|
|
|
if (type) {
|
|
|
|
tor_snprintf(cp, sizeof(tmp)-(cp-tmp), "Content-Type: %s\r\n", type);
|
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
2012-10-12 18:22:13 +02:00
|
|
|
if (!is_local_addr(&conn->base_.addr)) {
|
2008-02-11 06:31:56 +01:00
|
|
|
/* Don't report the source address for a nearby/private connection.
|
|
|
|
* Otherwise we tend to mis-report in cases where incoming ports are
|
|
|
|
* being forwarded to a Tor server running behind the firewall. */
|
2006-12-25 04:42:38 +01:00
|
|
|
tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
|
2012-10-12 18:22:13 +02:00
|
|
|
X_ADDRESS_HEADER "%s\r\n", conn->base_.address);
|
2006-12-25 04:42:38 +01:00
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
2006-06-30 12:50:43 +02:00
|
|
|
if (encoding) {
|
|
|
|
tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
|
|
|
|
"Content-Encoding: %s\r\n", encoding);
|
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
|
|
|
if (length >= 0) {
|
|
|
|
tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
|
2006-07-01 23:51:21 +02:00
|
|
|
"Content-Length: %ld\r\n", (long)length);
|
2006-06-30 12:50:43 +02:00
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
2006-10-20 01:05:34 +02:00
|
|
|
if (cache_lifetime > 0) {
|
|
|
|
char expbuf[RFC1123_TIME_LEN+1];
|
|
|
|
format_rfc1123_time(expbuf, now + cache_lifetime);
|
|
|
|
/* We could say 'Cache-control: max-age=%d' here if we start doing
|
|
|
|
* http/1.1 */
|
|
|
|
tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
|
|
|
|
"Expires: %s\r\n", expbuf);
|
|
|
|
cp += strlen(cp);
|
2007-11-01 06:01:24 +01:00
|
|
|
} else if (cache_lifetime == 0) {
|
2006-10-20 01:05:34 +02:00
|
|
|
/* We could say 'Cache-control: no-cache' here if we start doing
|
|
|
|
* http/1.1 */
|
|
|
|
strlcpy(cp, "Pragma: no-cache\r\n", sizeof(tmp)-(cp-tmp));
|
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
2009-01-28 17:06:46 +01:00
|
|
|
if (extra_headers) {
|
2007-11-01 06:01:24 +01:00
|
|
|
strlcpy(cp, extra_headers, sizeof(tmp)-(cp-tmp));
|
2009-01-28 17:06:46 +01:00
|
|
|
cp += strlen(cp);
|
|
|
|
}
|
2006-06-30 12:50:43 +02:00
|
|
|
if (sizeof(tmp)-(cp-tmp) > 3)
|
|
|
|
memcpy(cp, "\r\n", 3);
|
|
|
|
else
|
|
|
|
tor_assert(0);
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(tmp, strlen(tmp), TO_CONN(conn));
|
2006-06-30 12:50:43 +02:00
|
|
|
}
|
|
|
|
|
2007-08-15 21:56:01 +02:00
|
|
|
/** As write_http_response_header_impl, but sets encoding and content-typed
|
2008-01-26 02:05:16 +01:00
|
|
|
* based on whether the response will be <b>compressed</b> or not. */
|
2007-08-15 21:55:57 +02:00
|
|
|
static void
|
|
|
|
write_http_response_header(dir_connection_t *conn, ssize_t length,
|
2008-02-22 20:09:45 +01:00
|
|
|
int compressed, long cache_lifetime)
|
2007-08-15 21:55:57 +02:00
|
|
|
{
|
|
|
|
write_http_response_header_impl(conn, length,
|
2008-01-26 02:05:16 +01:00
|
|
|
compressed?"application/octet-stream":"text/plain",
|
|
|
|
compressed?"deflate":"identity",
|
2007-11-01 06:01:24 +01:00
|
|
|
NULL,
|
2007-08-15 21:55:57 +02:00
|
|
|
cache_lifetime);
|
|
|
|
}
|
|
|
|
|
2012-06-05 01:51:00 +02:00
|
|
|
#if defined(INSTRUMENT_DOWNLOADS) || defined(RUNNING_DOXYGEN)
|
|
|
|
/* DOCDOC */
|
2008-06-09 19:07:53 +02:00
|
|
|
typedef struct request_t {
|
2008-12-17 23:58:20 +01:00
|
|
|
uint64_t bytes; /**< How many bytes have we transferred? */
|
|
|
|
uint64_t count; /**< How many requests have we made? */
|
2008-06-09 19:07:53 +02:00
|
|
|
} request_t;
|
|
|
|
|
2008-12-17 23:58:20 +01:00
|
|
|
/** Map used to keep track of how much data we've up/downloaded in what kind
|
|
|
|
* of request. Maps from request type to pointer to request_t. */
|
2008-06-09 19:07:53 +02:00
|
|
|
static strmap_t *request_map = NULL;
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2008-12-22 18:53:04 +01:00
|
|
|
/** Record that a client request of <b>purpose</b> was made, and that
|
|
|
|
* <b>bytes</b> bytes of possibly <b>compressed</b> data were sent/received.
|
|
|
|
* Used to keep track of how much we've up/downloaded in what kind of
|
|
|
|
* request. */
|
2008-06-02 17:09:19 +02:00
|
|
|
static void
|
|
|
|
note_client_request(int purpose, int compressed, size_t bytes)
|
|
|
|
{
|
|
|
|
char *key;
|
|
|
|
const char *kind = NULL;
|
|
|
|
switch (purpose) {
|
|
|
|
case DIR_PURPOSE_FETCH_CONSENSUS: kind = "dl/consensus"; break;
|
|
|
|
case DIR_PURPOSE_FETCH_CERTIFICATE: kind = "dl/cert"; break;
|
|
|
|
case DIR_PURPOSE_FETCH_STATUS_VOTE: kind = "dl/vote"; break;
|
2008-06-09 20:32:43 +02:00
|
|
|
case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES: kind = "dl/detached_sig";
|
|
|
|
break;
|
2008-06-02 17:09:19 +02:00
|
|
|
case DIR_PURPOSE_FETCH_SERVERDESC: kind = "dl/server"; break;
|
|
|
|
case DIR_PURPOSE_FETCH_EXTRAINFO: kind = "dl/extra"; break;
|
|
|
|
case DIR_PURPOSE_UPLOAD_DIR: kind = "dl/ul-dir"; break;
|
|
|
|
case DIR_PURPOSE_UPLOAD_VOTE: kind = "dl/ul-vote"; break;
|
|
|
|
case DIR_PURPOSE_UPLOAD_SIGNATURES: kind = "dl/ul-sig"; break;
|
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC: kind = "dl/rend"; break;
|
|
|
|
case DIR_PURPOSE_FETCH_RENDDESC_V2: kind = "dl/rend2"; break;
|
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC: kind = "dl/ul-rend"; break;
|
|
|
|
case DIR_PURPOSE_UPLOAD_RENDDESC_V2: kind = "dl/ul-rend2"; break;
|
|
|
|
}
|
|
|
|
if (kind) {
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&key, "%s%s", kind, compressed?".z":"");
|
2008-06-02 17:09:19 +02:00
|
|
|
} else {
|
2012-01-11 20:02:59 +01:00
|
|
|
tor_asprintf(&key, "unknown purpose (%d)%s",
|
2008-06-17 00:39:23 +02:00
|
|
|
purpose, compressed?".z":"");
|
2008-06-02 17:09:19 +02:00
|
|
|
}
|
|
|
|
note_request(key, bytes);
|
|
|
|
tor_free(key);
|
|
|
|
}
|
|
|
|
|
2008-12-17 23:58:20 +01:00
|
|
|
/** Helper: initialize the request map to instrument downloads. */
|
2008-06-09 19:07:53 +02:00
|
|
|
static void
|
2008-06-10 21:06:46 +02:00
|
|
|
ensure_request_map_initialized(void)
|
|
|
|
{
|
2008-06-09 19:07:53 +02:00
|
|
|
if (!request_map)
|
|
|
|
request_map = strmap_new();
|
|
|
|
}
|
|
|
|
|
2007-02-02 19:58:11 +01:00
|
|
|
/** Called when we just transmitted or received <b>bytes</b> worth of data
|
|
|
|
* because of a request of type <b>key</b> (an arbitrary identifier): adds
|
|
|
|
* <b>bytes</b> to the total associated with key. */
|
2008-06-02 17:09:29 +02:00
|
|
|
void
|
2006-01-08 23:09:54 +01:00
|
|
|
note_request(const char *key, size_t bytes)
|
|
|
|
{
|
2008-06-09 19:07:53 +02:00
|
|
|
request_t *r;
|
|
|
|
ensure_request_map_initialized();
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2008-06-09 19:07:53 +02:00
|
|
|
r = strmap_get(request_map, key);
|
|
|
|
if (!r) {
|
|
|
|
r = tor_malloc_zero(sizeof(request_t));
|
|
|
|
strmap_set(request_map, key, r);
|
2006-01-08 23:09:54 +01:00
|
|
|
}
|
2008-06-09 19:07:53 +02:00
|
|
|
r->bytes += bytes;
|
|
|
|
r->count++;
|
2006-01-08 23:09:54 +01:00
|
|
|
}
|
|
|
|
|
2007-02-02 19:58:11 +01:00
|
|
|
/** Return a newly allocated string holding a summary of bytes used per
|
|
|
|
* request type. */
|
2006-01-10 00:13:53 +01:00
|
|
|
char *
|
|
|
|
directory_dump_request_log(void)
|
2006-01-08 23:09:54 +01:00
|
|
|
{
|
|
|
|
smartlist_t *lines;
|
|
|
|
char *result;
|
|
|
|
strmap_iter_t *iter;
|
|
|
|
|
2008-06-09 19:07:53 +02:00
|
|
|
ensure_request_map_initialized();
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2012-01-18 21:53:30 +01:00
|
|
|
lines = smartlist_new();
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2008-06-09 19:07:53 +02:00
|
|
|
for (iter = strmap_iter_init(request_map);
|
2006-01-08 23:09:54 +01:00
|
|
|
!strmap_iter_done(iter);
|
2008-06-09 19:07:53 +02:00
|
|
|
iter = strmap_iter_next(request_map, iter)) {
|
2006-01-08 23:09:54 +01:00
|
|
|
const char *key;
|
|
|
|
void *val;
|
2008-06-09 19:07:53 +02:00
|
|
|
request_t *r;
|
2006-01-08 23:09:54 +01:00
|
|
|
strmap_iter_get(iter, &key, &val);
|
2008-06-09 19:07:53 +02:00
|
|
|
r = val;
|
2012-01-11 20:02:59 +01:00
|
|
|
smartlist_add_asprintf(lines, "%s "U64_FORMAT" "U64_FORMAT"\n",
|
2008-06-09 19:07:53 +02:00
|
|
|
key, U64_PRINTF_ARG(r->bytes), U64_PRINTF_ARG(r->count));
|
2006-01-08 23:09:54 +01:00
|
|
|
}
|
|
|
|
smartlist_sort_strings(lines);
|
|
|
|
result = smartlist_join_strings(lines, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(lines);
|
|
|
|
return result;
|
|
|
|
}
|
2006-01-08 23:19:41 +01:00
|
|
|
#else
|
2008-06-02 17:09:19 +02:00
|
|
|
static void
|
|
|
|
note_client_request(int purpose, int compressed, size_t bytes)
|
|
|
|
{
|
|
|
|
(void)purpose;
|
|
|
|
(void)compressed;
|
|
|
|
(void)bytes;
|
|
|
|
}
|
|
|
|
|
2008-06-02 17:09:29 +02:00
|
|
|
void
|
2006-01-08 23:19:41 +01:00
|
|
|
note_request(const char *key, size_t bytes)
|
|
|
|
{
|
2006-06-05 00:42:13 +02:00
|
|
|
(void)key;
|
|
|
|
(void)bytes;
|
2006-01-08 23:19:41 +01:00
|
|
|
}
|
|
|
|
|
2006-01-10 00:13:53 +01:00
|
|
|
char *
|
|
|
|
directory_dump_request_log(void)
|
2006-01-08 23:19:41 +01:00
|
|
|
{
|
|
|
|
return tor_strdup("Not supported.");
|
|
|
|
}
|
|
|
|
#endif
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2010-01-12 20:05:12 +01:00
|
|
|
/** Decide whether a client would accept the consensus we have.
|
2008-04-24 17:43:25 +02:00
|
|
|
*
|
|
|
|
* Clients can say they only want a consensus if it's signed by more
|
|
|
|
* than half the authorities in a list. They pass this list in
|
|
|
|
* the url as "...consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>".
|
|
|
|
*
|
2008-12-22 15:56:16 +01:00
|
|
|
* <b>fpr</b> may be an abbreviated fingerprint, i.e. only a left substring
|
2008-04-24 17:43:25 +02:00
|
|
|
* of the full authority identity digest. (Only strings of even length,
|
|
|
|
* i.e. encodings of full bytes, are handled correctly. In the case
|
|
|
|
* of an odd number of hex digits the last one is silently ignored.)
|
|
|
|
*
|
|
|
|
* Returns 1 if more than half of the requested authorities signed the
|
|
|
|
* consensus, 0 otherwise.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
client_likes_consensus(networkstatus_t *v, const char *want_url)
|
|
|
|
{
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *want_authorities = smartlist_new();
|
2008-04-24 17:43:25 +02:00
|
|
|
int need_at_least;
|
|
|
|
int have = 0;
|
|
|
|
|
2009-10-18 21:45:57 +02:00
|
|
|
dir_split_resource_into_fingerprints(want_url, want_authorities, NULL, 0);
|
2008-04-24 17:43:25 +02:00
|
|
|
need_at_least = smartlist_len(want_authorities)/2+1;
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(want_authorities, const char *, d) {
|
2008-04-24 17:43:25 +02:00
|
|
|
char want_digest[DIGEST_LEN];
|
2009-09-01 05:23:47 +02:00
|
|
|
size_t want_len = strlen(d)/2;
|
2008-04-24 17:43:25 +02:00
|
|
|
if (want_len > DIGEST_LEN)
|
|
|
|
want_len = DIGEST_LEN;
|
|
|
|
|
|
|
|
if (base16_decode(want_digest, DIGEST_LEN, d, want_len*2) < 0) {
|
2010-01-25 18:05:20 +01:00
|
|
|
log_fn(LOG_PROTOCOL_WARN, LD_DIR,
|
|
|
|
"Failed to decode requested authority digest %s.", d);
|
2008-04-24 17:43:25 +02:00
|
|
|
continue;
|
|
|
|
};
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(v->voters, networkstatus_voter_info_t *, vi) {
|
|
|
|
if (smartlist_len(vi->sigs) &&
|
2011-05-11 22:23:42 +02:00
|
|
|
tor_memeq(vi->identity_digest, want_digest, want_len)) {
|
2008-04-24 17:43:25 +02:00
|
|
|
have++;
|
|
|
|
break;
|
|
|
|
};
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(vi);
|
2008-04-24 17:43:25 +02:00
|
|
|
|
|
|
|
/* early exit, if we already have enough */
|
|
|
|
if (have >= need_at_least)
|
|
|
|
break;
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(d);
|
2008-04-24 17:43:25 +02:00
|
|
|
|
|
|
|
SMARTLIST_FOREACH(want_authorities, char *, d, tor_free(d));
|
|
|
|
smartlist_free(want_authorities);
|
|
|
|
return (have >= need_at_least);
|
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Helper function: called when a dirserver gets a complete HTTP GET
|
2004-05-06 13:08:04 +02:00
|
|
|
* request. Look for a request for a directory or for a rendezvous
|
|
|
|
* service descriptor. On finding one, write a response into
|
2004-09-27 05:39:30 +02:00
|
|
|
* conn-\>outbuf. If the request is unrecognized, send a 400.
|
2004-05-06 13:08:04 +02:00
|
|
|
* Always return 0. */
|
2004-05-13 01:48:57 +02:00
|
|
|
static int
|
2007-01-30 23:19:41 +01:00
|
|
|
directory_handle_command_get(dir_connection_t *conn, const char *headers,
|
2011-07-01 17:33:07 +02:00
|
|
|
const char *req_body, size_t req_body_len)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2003-09-28 10:06:18 +02:00
|
|
|
size_t dlen;
|
2007-08-15 21:55:57 +02:00
|
|
|
char *url, *url_mem, *header;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-06-02 17:26:57 +02:00
|
|
|
time_t if_modified_since = 0;
|
2008-01-26 02:05:16 +01:00
|
|
|
int compressed;
|
2007-08-15 21:55:57 +02:00
|
|
|
size_t url_len;
|
2007-06-02 17:26:57 +02:00
|
|
|
|
2006-06-05 00:42:13 +02:00
|
|
|
/* We ignore the body of a GET request. */
|
2011-07-01 17:33:07 +02:00
|
|
|
(void)req_body;
|
|
|
|
(void)req_body_len;
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"Received GET command.");
|
2003-12-17 10:42:28 +01:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
|
2003-12-17 10:42:28 +01:00
|
|
|
|
2004-03-31 00:57:49 +02:00
|
|
|
if (parse_http_url(headers, &url) < 0) {
|
2005-01-20 20:46:02 +01:00
|
|
|
write_http_status_line(conn, 400, "Bad request");
|
2004-03-12 13:43:13 +01:00
|
|
|
return 0;
|
2003-12-17 10:42:28 +01:00
|
|
|
}
|
2007-06-02 17:26:57 +02:00
|
|
|
if ((header = http_get_header(headers, "If-Modified-Since: "))) {
|
|
|
|
struct tm tm;
|
|
|
|
if (parse_http_time(header, &tm) == 0) {
|
2012-09-11 16:41:59 +02:00
|
|
|
if (tor_timegm(&tm, &if_modified_since)<0)
|
|
|
|
if_modified_since = 0;
|
2007-06-02 17:26:57 +02:00
|
|
|
}
|
|
|
|
/* The correct behavior on a malformed If-Modified-Since header is to
|
|
|
|
* act as if no If-Modified-Since header had been given. */
|
|
|
|
tor_free(header);
|
|
|
|
}
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"rewritten url as '%s'.", url);
|
2003-12-17 10:42:28 +01:00
|
|
|
|
2007-08-15 21:55:57 +02:00
|
|
|
url_mem = url;
|
|
|
|
url_len = strlen(url);
|
2008-01-26 02:05:16 +01:00
|
|
|
compressed = url_len > 2 && !strcmp(url+url_len-2, ".z");
|
|
|
|
if (compressed) {
|
2007-08-15 21:55:57 +02:00
|
|
|
url[url_len-2] = '\0';
|
|
|
|
url_len -= 2;
|
|
|
|
}
|
|
|
|
|
2008-12-07 02:21:19 +01:00
|
|
|
if (!strcmp(url,"/tor/")) {
|
|
|
|
const char *frontpage = get_dirportfrontpage();
|
|
|
|
|
|
|
|
if (frontpage) {
|
|
|
|
dlen = strlen(frontpage);
|
2008-12-07 02:34:45 +01:00
|
|
|
/* Let's return a disclaimer page (users shouldn't use V1 anymore,
|
|
|
|
and caches don't fetch '/', so this is safe). */
|
2009-06-22 18:34:32 +02:00
|
|
|
|
|
|
|
/* [We don't check for write_bucket_low here, since we want to serve
|
|
|
|
* this page no matter what.] */
|
2008-12-07 02:21:19 +01:00
|
|
|
note_request(url, dlen);
|
|
|
|
write_http_response_header_impl(conn, dlen, "text/html", "identity",
|
|
|
|
NULL, DIRPORTFRONTPAGE_CACHE_LIFETIME);
|
|
|
|
connection_write_to_buf(frontpage, dlen, TO_CONN(conn));
|
|
|
|
goto done;
|
|
|
|
}
|
2008-12-07 02:34:45 +01:00
|
|
|
/* if no disclaimer file, fall through and continue */
|
2008-12-07 02:21:19 +01:00
|
|
|
}
|
|
|
|
|
2008-09-14 06:07:29 +02:00
|
|
|
if (!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir")) { /* v1 dir fetch */
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_t *d = dirserv_get_directory();
|
2004-03-31 00:57:49 +02:00
|
|
|
|
2006-06-18 09:38:55 +02:00
|
|
|
if (!d) {
|
2008-03-01 18:47:41 +01:00
|
|
|
log_info(LD_DIRSERV,"Client asked for the mirrored directory, but we "
|
|
|
|
"don't have a good one yet. Sending 503 Dir not available.");
|
2005-01-20 20:46:02 +01:00
|
|
|
write_http_status_line(conn, 503, "Directory unavailable");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2006-02-12 00:15:40 +01:00
|
|
|
}
|
2007-06-02 17:26:57 +02:00
|
|
|
if (d->published < if_modified_since) {
|
|
|
|
write_http_status_line(conn, 304, "Not modified");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-06-02 17:26:57 +02:00
|
|
|
}
|
|
|
|
|
2008-01-26 02:05:16 +01:00
|
|
|
dlen = compressed ? d->dir_z_len : d->dir_len;
|
2006-02-12 00:15:40 +01:00
|
|
|
|
2007-01-26 09:01:29 +01:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
|
2008-03-17 05:07:51 +01:00
|
|
|
log_debug(LD_DIRSERV,
|
2006-02-13 10:37:53 +01:00
|
|
|
"Client asked for the mirrored directory, but we've been "
|
|
|
|
"writing too many bytes lately. Sending 503 Dir busy.");
|
2006-02-12 00:15:40 +01:00
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
|
|
|
|
2006-02-12 00:15:40 +01:00
|
|
|
note_request(url, dlen);
|
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"Dumping %sdirectory to client.",
|
2008-01-26 02:05:16 +01:00
|
|
|
compressed?"compressed ":"");
|
|
|
|
write_http_response_header(conn, dlen, compressed,
|
2006-10-20 01:05:34 +02:00
|
|
|
FULL_DIR_CACHE_LIFETIME);
|
2006-06-18 09:38:55 +02:00
|
|
|
conn->cached_dir = d;
|
|
|
|
conn->cached_dir_offset = 0;
|
2008-01-26 02:05:16 +01:00
|
|
|
if (!compressed)
|
2006-06-18 09:38:55 +02:00
|
|
|
conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
|
|
|
|
++d->refcnt;
|
|
|
|
|
|
|
|
/* Prime the connection with some data. */
|
2006-06-20 02:48:23 +02:00
|
|
|
conn->dir_spool_src = DIR_SPOOL_CACHED_DIR;
|
2006-06-18 09:38:55 +02:00
|
|
|
connection_dirserv_flushed_some(conn);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
|
|
|
|
2007-08-15 21:55:57 +02:00
|
|
|
if (!strcmp(url,"/tor/running-routers")) { /* running-routers fetch */
|
2007-06-02 17:26:57 +02:00
|
|
|
cached_dir_t *d = dirserv_get_runningrouters();
|
|
|
|
if (!d) {
|
2005-01-20 20:46:02 +01:00
|
|
|
write_http_status_line(conn, 503, "Directory unavailable");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2004-06-30 23:48:02 +02:00
|
|
|
}
|
2007-06-02 17:26:57 +02:00
|
|
|
if (d->published < if_modified_since) {
|
|
|
|
write_http_status_line(conn, 304, "Not modified");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-06-02 17:26:57 +02:00
|
|
|
}
|
2008-01-26 02:05:16 +01:00
|
|
|
dlen = compressed ? d->dir_z_len : d->dir_len;
|
2007-06-02 17:26:57 +02:00
|
|
|
|
2007-01-26 09:01:29 +01:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
|
2006-12-23 09:48:16 +01:00
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
"Client asked for running-routers, but we've been "
|
|
|
|
"writing too many bytes lately. Sending 503 Dir busy.");
|
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later");
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2006-12-23 09:48:16 +01:00
|
|
|
}
|
|
|
|
note_request(url, dlen);
|
2008-01-26 02:05:16 +01:00
|
|
|
write_http_response_header(conn, dlen, compressed,
|
2006-10-20 01:05:34 +02:00
|
|
|
RUNNINGROUTERS_CACHE_LIFETIME);
|
2008-01-26 02:05:16 +01:00
|
|
|
connection_write_to_buf(compressed ? d->dir_z : d->dir, dlen,
|
|
|
|
TO_CONN(conn));
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2004-06-16 23:08:29 +02:00
|
|
|
}
|
|
|
|
|
2014-01-29 21:17:05 +01:00
|
|
|
if (!strcmpstart(url, "/tor/status-vote/current/consensus")) {
|
|
|
|
/* v3 network status fetch. */
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *dir_fps = smartlist_new();
|
2006-01-08 23:09:54 +01:00
|
|
|
const char *request_type = NULL;
|
2008-02-22 20:09:45 +01:00
|
|
|
long lifetime = NETWORKSTATUS_CACHE_LIFETIME;
|
2009-10-18 21:45:57 +02:00
|
|
|
|
2014-01-29 21:17:05 +01:00
|
|
|
if (1) {
|
2012-06-15 16:50:41 +02:00
|
|
|
networkstatus_t *v;
|
2007-10-22 18:32:10 +02:00
|
|
|
time_t now = time(NULL);
|
2009-10-18 21:45:57 +02:00
|
|
|
const char *want_fps = NULL;
|
|
|
|
char *flavor = NULL;
|
2012-06-15 16:50:41 +02:00
|
|
|
int flav = FLAV_NS;
|
2008-04-24 17:43:25 +02:00
|
|
|
#define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/"
|
2009-10-18 21:45:57 +02:00
|
|
|
#define CONSENSUS_FLAVORED_PREFIX "/tor/status-vote/current/consensus-"
|
|
|
|
/* figure out the flavor if any, and who we wanted to sign the thing */
|
|
|
|
if (!strcmpstart(url, CONSENSUS_FLAVORED_PREFIX)) {
|
|
|
|
const char *f, *cp;
|
|
|
|
f = url + strlen(CONSENSUS_FLAVORED_PREFIX);
|
|
|
|
cp = strchr(f, '/');
|
|
|
|
if (cp) {
|
|
|
|
want_fps = cp+1;
|
|
|
|
flavor = tor_strndup(f, cp-f);
|
|
|
|
} else {
|
|
|
|
flavor = tor_strdup(f);
|
|
|
|
}
|
2012-06-15 16:50:41 +02:00
|
|
|
flav = networkstatus_parse_flavor_name(flavor);
|
|
|
|
if (flav < 0)
|
|
|
|
flav = FLAV_NS;
|
2009-10-18 21:45:57 +02:00
|
|
|
} else {
|
|
|
|
if (!strcmpstart(url, CONSENSUS_URL_PREFIX))
|
|
|
|
want_fps = url+strlen(CONSENSUS_URL_PREFIX);
|
|
|
|
}
|
|
|
|
|
2012-06-15 16:50:41 +02:00
|
|
|
v = networkstatus_get_latest_consensus_by_flavor(flav);
|
|
|
|
|
2009-10-18 21:45:57 +02:00
|
|
|
if (v && want_fps &&
|
|
|
|
!client_likes_consensus(v, want_fps)) {
|
2008-04-24 17:43:25 +02:00
|
|
|
write_http_status_line(conn, 404, "Consensus not signed by sufficient "
|
|
|
|
"number of requested authorities");
|
|
|
|
smartlist_free(dir_fps);
|
2013-01-17 10:45:19 +01:00
|
|
|
geoip_note_ns_response(GEOIP_REJECT_NOT_ENOUGH_SIGS);
|
2009-10-18 21:45:57 +02:00
|
|
|
tor_free(flavor);
|
2008-04-24 17:43:25 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-10-18 21:45:57 +02:00
|
|
|
{
|
|
|
|
char *fp = tor_malloc_zero(DIGEST_LEN);
|
|
|
|
if (flavor)
|
|
|
|
strlcpy(fp, flavor, DIGEST_LEN);
|
|
|
|
tor_free(flavor);
|
|
|
|
smartlist_add(dir_fps, fp);
|
|
|
|
}
|
2008-01-26 02:05:16 +01:00
|
|
|
request_type = compressed?"v3.z":"v3";
|
2007-10-22 18:32:06 +02:00
|
|
|
lifetime = (v && v->fresh_until > now) ? v->fresh_until - now : 0;
|
2007-07-30 01:11:44 +02:00
|
|
|
}
|
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
if (!smartlist_len(dir_fps)) { /* we failed to create/cache cp */
|
2005-08-25 22:33:17 +02:00
|
|
|
write_http_status_line(conn, 503, "Network status object unavailable");
|
2006-06-20 02:48:23 +02:00
|
|
|
smartlist_free(dir_fps);
|
2014-01-29 21:17:05 +01:00
|
|
|
geoip_note_ns_response(GEOIP_REJECT_UNAVAILABLE);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
2007-08-14 22:19:58 +02:00
|
|
|
|
|
|
|
if (!dirserv_remove_old_statuses(dir_fps, if_modified_since)) {
|
|
|
|
write_http_status_line(conn, 404, "Not found");
|
|
|
|
SMARTLIST_FOREACH(dir_fps, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(dir_fps);
|
2014-01-29 21:17:05 +01:00
|
|
|
geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-08-14 22:19:58 +02:00
|
|
|
} else if (!smartlist_len(dir_fps)) {
|
2007-06-02 17:26:57 +02:00
|
|
|
write_http_status_line(conn, 304, "Not modified");
|
2007-08-14 22:19:58 +02:00
|
|
|
SMARTLIST_FOREACH(dir_fps, char *, cp, tor_free(cp));
|
2007-06-02 17:26:57 +02:00
|
|
|
smartlist_free(dir_fps);
|
2014-01-29 21:17:05 +01:00
|
|
|
geoip_note_ns_response(GEOIP_REJECT_NOT_MODIFIED);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-06-02 17:26:57 +02:00
|
|
|
}
|
|
|
|
|
2008-01-26 02:05:16 +01:00
|
|
|
dlen = dirserv_estimate_data_size(dir_fps, 0, compressed);
|
2007-01-26 09:01:29 +01:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), dlen, 2)) {
|
2008-03-17 05:07:51 +01:00
|
|
|
log_debug(LD_DIRSERV,
|
2007-01-22 03:34:50 +01:00
|
|
|
"Client asked for network status lists, but we've been "
|
2007-01-05 07:03:10 +01:00
|
|
|
"writing too many bytes lately. Sending 503 Dir busy.");
|
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later");
|
2007-05-17 00:15:14 +02:00
|
|
|
SMARTLIST_FOREACH(dir_fps, char *, fp, tor_free(fp));
|
2007-01-22 03:34:50 +01:00
|
|
|
smartlist_free(dir_fps);
|
2014-01-29 21:17:05 +01:00
|
|
|
|
|
|
|
geoip_note_ns_response(GEOIP_REJECT_BUSY);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-01-05 07:03:10 +01:00
|
|
|
}
|
|
|
|
|
2014-01-29 21:17:05 +01:00
|
|
|
if (1) {
|
2012-02-09 15:54:00 +01:00
|
|
|
struct in_addr in;
|
|
|
|
tor_addr_t addr;
|
|
|
|
if (tor_inet_aton((TO_CONN(conn))->address, &in)) {
|
|
|
|
tor_addr_from_ipv4h(&addr, ntohl(in.s_addr));
|
2013-02-11 20:51:41 +01:00
|
|
|
geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS,
|
|
|
|
&addr, NULL,
|
|
|
|
time(NULL));
|
2013-01-17 10:45:19 +01:00
|
|
|
geoip_note_ns_response(GEOIP_SUCCESS);
|
2012-02-09 15:54:00 +01:00
|
|
|
/* Note that a request for a network status has started, so that we
|
|
|
|
* can measure the download time later on. */
|
2012-09-04 09:33:16 +02:00
|
|
|
if (conn->dirreq_id)
|
2013-01-17 10:45:19 +01:00
|
|
|
geoip_start_dirreq(conn->dirreq_id, dlen, DIRREQ_TUNNELED);
|
2012-02-09 15:54:00 +01:00
|
|
|
else
|
2013-01-17 10:45:19 +01:00
|
|
|
geoip_start_dirreq(TO_CONN(conn)->global_identifier, dlen,
|
2012-02-09 15:54:00 +01:00
|
|
|
DIRREQ_DIRECT);
|
|
|
|
}
|
|
|
|
}
|
2008-05-29 04:29:35 +02:00
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
// note_request(request_type,dlen);
|
2006-11-14 04:45:48 +01:00
|
|
|
(void) request_type;
|
2008-01-26 02:05:16 +01:00
|
|
|
write_http_response_header(conn, -1, compressed,
|
2007-10-22 18:32:06 +02:00
|
|
|
smartlist_len(dir_fps) == 1 ? lifetime : 0);
|
2006-06-20 02:48:23 +02:00
|
|
|
conn->fingerprint_stack = dir_fps;
|
2008-01-26 02:05:16 +01:00
|
|
|
if (! compressed)
|
2006-06-20 02:48:23 +02:00
|
|
|
conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
|
|
|
|
|
|
|
|
/* Prime the connection with some data. */
|
|
|
|
conn->dir_spool_src = DIR_SPOOL_NETWORKSTATUS;
|
|
|
|
connection_dirserv_flushed_some(conn);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
2007-08-15 21:55:52 +02:00
|
|
|
if (!strcmpstart(url,"/tor/status-vote/current/") ||
|
|
|
|
!strcmpstart(url,"/tor/status-vote/next/")) {
|
2007-12-22 11:54:21 +01:00
|
|
|
/* XXXX If-modified-since is only implemented for the current
|
2007-10-10 22:28:01 +02:00
|
|
|
* consensus: that's probably fine, since it's the only vote document
|
2009-03-31 03:29:07 +02:00
|
|
|
* people fetch much. */
|
2008-01-25 02:34:20 +01:00
|
|
|
int current;
|
2007-08-15 21:55:52 +02:00
|
|
|
ssize_t body_len = 0;
|
2007-10-10 22:06:38 +02:00
|
|
|
ssize_t estimated_len = 0;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *items = smartlist_new();
|
|
|
|
smartlist_t *dir_items = smartlist_new();
|
2011-03-25 21:01:16 +01:00
|
|
|
int lifetime = 60; /* XXXX023 should actually use vote intervals. */
|
2007-08-15 21:55:52 +02:00
|
|
|
url += strlen("/tor/status-vote/");
|
|
|
|
current = !strcmpstart(url, "current/");
|
|
|
|
url = strchr(url, '/');
|
|
|
|
tor_assert(url);
|
|
|
|
++url;
|
|
|
|
if (!strcmp(url, "consensus")) {
|
|
|
|
const char *item;
|
|
|
|
tor_assert(!current); /* we handle current consensus specially above,
|
|
|
|
* since it wants to be spooled. */
|
2009-09-22 22:52:51 +02:00
|
|
|
if ((item = dirvote_get_pending_consensus(FLAV_NS)))
|
2007-08-15 21:55:52 +02:00
|
|
|
smartlist_add(items, (char*)item);
|
2007-08-24 16:41:06 +02:00
|
|
|
} else if (!current && !strcmp(url, "consensus-signatures")) {
|
2008-02-06 00:20:44 +01:00
|
|
|
/* XXXX the spec says that we should implement
|
|
|
|
* current/consensus-signatures too. It doesn't seem to be needed,
|
|
|
|
* though. */
|
2007-08-15 21:55:52 +02:00
|
|
|
const char *item;
|
|
|
|
if ((item=dirvote_get_pending_detached_signatures()))
|
|
|
|
smartlist_add(items, (char*)item);
|
2007-10-02 22:19:43 +02:00
|
|
|
} else if (!strcmp(url, "authority")) {
|
2007-08-15 21:55:52 +02:00
|
|
|
const cached_dir_t *d;
|
2007-10-09 21:14:48 +02:00
|
|
|
int flags = DGV_BY_ID |
|
|
|
|
(current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
|
|
|
|
if ((d=dirvote_get_vote(NULL, flags)))
|
2007-08-15 21:55:52 +02:00
|
|
|
smartlist_add(dir_items, (cached_dir_t*)d);
|
2007-10-02 22:19:43 +02:00
|
|
|
} else {
|
2007-08-15 21:55:52 +02:00
|
|
|
const cached_dir_t *d;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fps = smartlist_new();
|
2007-10-09 21:14:48 +02:00
|
|
|
int flags;
|
2007-10-02 22:19:43 +02:00
|
|
|
if (!strcmpstart(url, "d/")) {
|
|
|
|
url += 2;
|
2007-10-15 16:59:44 +02:00
|
|
|
flags = DGV_INCLUDE_PENDING | DGV_INCLUDE_PREVIOUS;
|
2007-10-02 22:19:43 +02:00
|
|
|
} else {
|
2007-10-09 21:14:48 +02:00
|
|
|
flags = DGV_BY_ID |
|
|
|
|
(current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
|
2007-10-02 22:19:43 +02:00
|
|
|
}
|
2009-10-18 21:45:57 +02:00
|
|
|
dir_split_resource_into_fingerprints(url, fps, NULL,
|
|
|
|
DSR_HEX|DSR_SORT_UNIQ);
|
2007-08-15 21:55:52 +02:00
|
|
|
SMARTLIST_FOREACH(fps, char *, fp, {
|
2007-10-09 21:14:48 +02:00
|
|
|
if ((d = dirvote_get_vote(fp, flags)))
|
2007-08-15 21:55:52 +02:00
|
|
|
smartlist_add(dir_items, (cached_dir_t*)d);
|
|
|
|
tor_free(fp);
|
|
|
|
});
|
|
|
|
smartlist_free(fps);
|
|
|
|
}
|
|
|
|
if (!smartlist_len(dir_items) && !smartlist_len(items)) {
|
|
|
|
write_http_status_line(conn, 404, "Not found");
|
2007-10-10 22:06:38 +02:00
|
|
|
goto vote_done;
|
2007-08-15 21:55:52 +02:00
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH(dir_items, cached_dir_t *, d,
|
2008-01-26 02:05:16 +01:00
|
|
|
body_len += compressed ? d->dir_z_len : d->dir_len);
|
2007-10-10 22:06:38 +02:00
|
|
|
estimated_len += body_len;
|
|
|
|
SMARTLIST_FOREACH(items, const char *, item, {
|
|
|
|
size_t ln = strlen(item);
|
2008-02-01 06:27:12 +01:00
|
|
|
if (compressed) {
|
2007-10-10 22:06:38 +02:00
|
|
|
estimated_len += ln/2;
|
2008-01-25 02:45:06 +01:00
|
|
|
} else {
|
|
|
|
body_len += ln; estimated_len += ln;
|
2007-10-10 22:06:38 +02:00
|
|
|
}
|
|
|
|
});
|
|
|
|
|
2009-03-31 03:29:07 +02:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), estimated_len, 2)) {
|
2007-10-10 22:06:38 +02:00
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later.");
|
|
|
|
goto vote_done;
|
|
|
|
}
|
2008-01-26 02:05:16 +01:00
|
|
|
write_http_response_header(conn, body_len ? body_len : -1, compressed,
|
2007-08-15 21:55:52 +02:00
|
|
|
lifetime);
|
|
|
|
|
|
|
|
if (smartlist_len(items)) {
|
2008-01-26 02:05:16 +01:00
|
|
|
if (compressed) {
|
2007-08-15 21:55:52 +02:00
|
|
|
conn->zlib_state = tor_zlib_new(1, ZLIB_METHOD);
|
|
|
|
SMARTLIST_FOREACH(items, const char *, c,
|
|
|
|
connection_write_to_buf_zlib(c, strlen(c), conn, 0));
|
|
|
|
connection_write_to_buf_zlib("", 0, conn, 1);
|
|
|
|
} else {
|
|
|
|
SMARTLIST_FOREACH(items, const char *, c,
|
|
|
|
connection_write_to_buf(c, strlen(c), TO_CONN(conn)));
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
SMARTLIST_FOREACH(dir_items, cached_dir_t *, d,
|
2008-01-26 02:05:16 +01:00
|
|
|
connection_write_to_buf(compressed ? d->dir_z : d->dir,
|
|
|
|
compressed ? d->dir_z_len : d->dir_len,
|
2007-08-15 21:55:52 +02:00
|
|
|
TO_CONN(conn)));
|
|
|
|
}
|
2007-10-10 22:06:38 +02:00
|
|
|
vote_done:
|
|
|
|
smartlist_free(items);
|
|
|
|
smartlist_free(dir_items);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-08-15 21:55:52 +02:00
|
|
|
}
|
|
|
|
|
2009-10-18 21:45:57 +02:00
|
|
|
if (!strcmpstart(url, "/tor/micro/d/")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fps = smartlist_new();
|
2009-10-18 21:45:57 +02:00
|
|
|
|
|
|
|
dir_split_resource_into_fingerprints(url+strlen("/tor/micro/d/"),
|
|
|
|
fps, NULL,
|
|
|
|
DSR_DIGEST256|DSR_BASE64|DSR_SORT_UNIQ);
|
|
|
|
|
|
|
|
if (!dirserv_have_any_microdesc(fps)) {
|
|
|
|
write_http_status_line(conn, 404, "Not found");
|
|
|
|
SMARTLIST_FOREACH(fps, char *, fp, tor_free(fp));
|
|
|
|
smartlist_free(fps);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
dlen = dirserv_estimate_microdesc_size(fps, compressed);
|
|
|
|
if (global_write_bucket_low(TO_CONN(conn), dlen, 2)) {
|
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
"Client asked for server descriptors, but we've been "
|
|
|
|
"writing too many bytes lately. Sending 503 Dir busy.");
|
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later");
|
|
|
|
SMARTLIST_FOREACH(fps, char *, fp, tor_free(fp));
|
|
|
|
smartlist_free(fps);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
write_http_response_header(conn, -1, compressed, MICRODESC_CACHE_LIFETIME);
|
|
|
|
conn->dir_spool_src = DIR_SPOOL_MICRODESC;
|
|
|
|
conn->fingerprint_stack = fps;
|
|
|
|
|
|
|
|
if (compressed)
|
|
|
|
conn->zlib_state = tor_zlib_new(1, ZLIB_METHOD);
|
|
|
|
|
|
|
|
connection_dirserv_flushed_some(conn);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-04-16 20:39:39 +02:00
|
|
|
if (!strcmpstart(url,"/tor/server/") ||
|
2009-01-06 17:03:38 +01:00
|
|
|
(!options->BridgeAuthoritativeDir &&
|
|
|
|
!options->BridgeRelay && !strcmpstart(url,"/tor/extra/"))) {
|
2005-10-18 19:09:57 +02:00
|
|
|
int res;
|
|
|
|
const char *msg;
|
2006-01-08 23:09:54 +01:00
|
|
|
const char *request_type = NULL;
|
2006-10-20 01:05:34 +02:00
|
|
|
int cache_lifetime = 0;
|
2007-04-16 20:39:39 +02:00
|
|
|
int is_extra = !strcmpstart(url,"/tor/extra/");
|
|
|
|
url += is_extra ? strlen("/tor/extra/") : strlen("/tor/server/");
|
2012-01-18 21:53:30 +01:00
|
|
|
conn->fingerprint_stack = smartlist_new();
|
2006-06-18 10:07:16 +02:00
|
|
|
res = dirserv_get_routerdesc_fingerprints(conn->fingerprint_stack, url,
|
2008-01-10 18:48:40 +01:00
|
|
|
&msg,
|
2009-01-06 16:37:51 +01:00
|
|
|
!connection_dir_is_encrypted(conn),
|
|
|
|
is_extra);
|
2006-01-08 23:09:54 +01:00
|
|
|
|
2007-04-16 20:39:39 +02:00
|
|
|
if (!strcmpstart(url, "fp/")) {
|
2008-01-26 02:05:16 +01:00
|
|
|
request_type = compressed?"/tor/server/fp.z":"/tor/server/fp";
|
2006-10-20 01:05:34 +02:00
|
|
|
if (smartlist_len(conn->fingerprint_stack) == 1)
|
|
|
|
cache_lifetime = ROUTERDESC_CACHE_LIFETIME;
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmpstart(url, "authority")) {
|
2008-01-26 02:05:16 +01:00
|
|
|
request_type = compressed?"/tor/server/authority.z":
|
2006-01-08 23:09:54 +01:00
|
|
|
"/tor/server/authority";
|
2006-10-20 01:05:34 +02:00
|
|
|
cache_lifetime = ROUTERDESC_CACHE_LIFETIME;
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmpstart(url, "all")) {
|
2008-01-26 02:05:16 +01:00
|
|
|
request_type = compressed?"/tor/server/all.z":"/tor/server/all";
|
2006-10-20 01:05:34 +02:00
|
|
|
cache_lifetime = FULL_DIR_CACHE_LIFETIME;
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmpstart(url, "d/")) {
|
2008-01-26 02:05:16 +01:00
|
|
|
request_type = compressed?"/tor/server/d.z":"/tor/server/d";
|
2006-10-20 01:05:34 +02:00
|
|
|
if (smartlist_len(conn->fingerprint_stack) == 1)
|
2006-10-20 01:28:38 +02:00
|
|
|
cache_lifetime = ROUTERDESC_BY_DIGEST_CACHE_LIFETIME;
|
2006-10-20 01:05:34 +02:00
|
|
|
} else {
|
2006-01-08 23:09:54 +01:00
|
|
|
request_type = "/tor/server/?";
|
2006-10-20 01:05:34 +02:00
|
|
|
}
|
2006-11-14 04:45:48 +01:00
|
|
|
(void) request_type; /* usable for note_request. */
|
2007-04-16 20:39:39 +02:00
|
|
|
if (!strcmpstart(url, "d/"))
|
|
|
|
conn->dir_spool_src =
|
|
|
|
is_extra ? DIR_SPOOL_EXTRA_BY_DIGEST : DIR_SPOOL_SERVER_BY_DIGEST;
|
2006-06-18 10:16:05 +02:00
|
|
|
else
|
2007-04-16 20:39:39 +02:00
|
|
|
conn->dir_spool_src =
|
|
|
|
is_extra ? DIR_SPOOL_EXTRA_BY_FP : DIR_SPOOL_SERVER_BY_FP;
|
2007-08-14 22:19:58 +02:00
|
|
|
|
|
|
|
if (!dirserv_have_any_serverdesc(conn->fingerprint_stack,
|
|
|
|
conn->dir_spool_src)) {
|
|
|
|
res = -1;
|
|
|
|
msg = "Not found";
|
|
|
|
}
|
|
|
|
|
2005-10-18 19:09:57 +02:00
|
|
|
if (res < 0)
|
|
|
|
write_http_status_line(conn, 404, msg);
|
|
|
|
else {
|
2007-01-05 07:03:10 +01:00
|
|
|
dlen = dirserv_estimate_data_size(conn->fingerprint_stack,
|
2008-01-26 02:05:16 +01:00
|
|
|
1, compressed);
|
2007-01-26 09:01:29 +01:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), dlen, 2)) {
|
2007-01-05 07:03:10 +01:00
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
"Client asked for server descriptors, but we've been "
|
|
|
|
"writing too many bytes lately. Sending 503 Dir busy.");
|
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later");
|
2007-12-20 06:06:02 +01:00
|
|
|
conn->dir_spool_src = DIR_SPOOL_NONE;
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-01-05 07:03:10 +01:00
|
|
|
}
|
2008-01-26 02:05:16 +01:00
|
|
|
write_http_response_header(conn, -1, compressed, cache_lifetime);
|
|
|
|
if (compressed)
|
2006-06-18 09:38:55 +02:00
|
|
|
conn->zlib_state = tor_zlib_new(1, ZLIB_METHOD);
|
|
|
|
/* Prime the connection with some data. */
|
|
|
|
connection_dirserv_flushed_some(conn);
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
2007-08-14 23:09:30 +02:00
|
|
|
if (!strcmpstart(url,"/tor/keys/")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *certs = smartlist_new();
|
2007-08-14 23:09:30 +02:00
|
|
|
ssize_t len = -1;
|
2007-08-15 17:38:53 +02:00
|
|
|
if (!strcmp(url, "/tor/keys/all")) {
|
2008-01-27 00:18:30 +01:00
|
|
|
authority_cert_get_all(certs);
|
2007-08-15 17:38:53 +02:00
|
|
|
} else if (!strcmp(url, "/tor/keys/authority")) {
|
2007-08-14 23:09:30 +02:00
|
|
|
authority_cert_t *cert = get_my_v3_authority_cert();
|
|
|
|
if (cert)
|
|
|
|
smartlist_add(certs, cert);
|
2007-08-15 17:38:53 +02:00
|
|
|
} else if (!strcmpstart(url, "/tor/keys/fp/")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fps = smartlist_new();
|
2007-08-15 17:38:53 +02:00
|
|
|
dir_split_resource_into_fingerprints(url+strlen("/tor/keys/fp/"),
|
2009-10-18 21:45:57 +02:00
|
|
|
fps, NULL,
|
|
|
|
DSR_HEX|DSR_SORT_UNIQ);
|
2007-08-14 23:09:30 +02:00
|
|
|
SMARTLIST_FOREACH(fps, char *, d, {
|
|
|
|
authority_cert_t *c = authority_cert_get_newest_by_id(d);
|
|
|
|
if (c) smartlist_add(certs, c);
|
|
|
|
tor_free(d);
|
|
|
|
});
|
|
|
|
smartlist_free(fps);
|
2007-08-15 17:38:53 +02:00
|
|
|
} else if (!strcmpstart(url, "/tor/keys/sk/")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fps = smartlist_new();
|
2007-08-15 17:38:53 +02:00
|
|
|
dir_split_resource_into_fingerprints(url+strlen("/tor/keys/sk/"),
|
2009-10-18 21:45:57 +02:00
|
|
|
fps, NULL,
|
|
|
|
DSR_HEX|DSR_SORT_UNIQ);
|
2007-08-14 23:09:30 +02:00
|
|
|
SMARTLIST_FOREACH(fps, char *, d, {
|
|
|
|
authority_cert_t *c = authority_cert_get_by_sk_digest(d);
|
|
|
|
if (c) smartlist_add(certs, c);
|
|
|
|
tor_free(d);
|
|
|
|
});
|
|
|
|
smartlist_free(fps);
|
2008-12-12 20:05:36 +01:00
|
|
|
} else if (!strcmpstart(url, "/tor/keys/fp-sk/")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fp_sks = smartlist_new();
|
2008-12-12 20:05:36 +01:00
|
|
|
dir_split_resource_into_fingerprint_pairs(url+strlen("/tor/keys/fp-sk/"),
|
|
|
|
fp_sks);
|
|
|
|
SMARTLIST_FOREACH(fp_sks, fp_pair_t *, pair, {
|
|
|
|
authority_cert_t *c = authority_cert_get_by_digests(pair->first,
|
|
|
|
pair->second);
|
|
|
|
if (c) smartlist_add(certs, c);
|
|
|
|
tor_free(pair);
|
|
|
|
});
|
|
|
|
smartlist_free(fp_sks);
|
2007-08-14 23:09:30 +02:00
|
|
|
} else {
|
|
|
|
write_http_status_line(conn, 400, "Bad request");
|
2007-10-10 22:06:38 +02:00
|
|
|
goto keys_done;
|
2007-08-14 23:09:30 +02:00
|
|
|
}
|
|
|
|
if (!smartlist_len(certs)) {
|
|
|
|
write_http_status_line(conn, 404, "Not found");
|
2007-10-10 22:06:38 +02:00
|
|
|
goto keys_done;
|
2007-08-14 23:09:30 +02:00
|
|
|
}
|
2007-10-10 22:28:01 +02:00
|
|
|
SMARTLIST_FOREACH(certs, authority_cert_t *, c,
|
2007-10-10 22:29:52 +02:00
|
|
|
if (c->cache_info.published_on < if_modified_since)
|
2007-10-10 22:28:01 +02:00
|
|
|
SMARTLIST_DEL_CURRENT(certs, c));
|
|
|
|
if (!smartlist_len(certs)) {
|
2007-10-10 22:29:52 +02:00
|
|
|
write_http_status_line(conn, 304, "Not modified");
|
2007-10-10 22:28:01 +02:00
|
|
|
goto keys_done;
|
|
|
|
}
|
2007-10-10 22:06:38 +02:00
|
|
|
len = 0;
|
|
|
|
SMARTLIST_FOREACH(certs, authority_cert_t *, c,
|
|
|
|
len += c->cache_info.signed_descriptor_len);
|
|
|
|
|
2009-03-31 03:29:07 +02:00
|
|
|
if (global_write_bucket_low(TO_CONN(conn), compressed?len/2:len, 2)) {
|
2007-10-10 22:06:38 +02:00
|
|
|
write_http_status_line(conn, 503, "Directory busy, try again later.");
|
|
|
|
goto keys_done;
|
2007-08-14 23:09:30 +02:00
|
|
|
}
|
2007-10-10 22:06:38 +02:00
|
|
|
|
2008-01-26 02:05:16 +01:00
|
|
|
write_http_response_header(conn, compressed?-1:len, compressed, 60*60);
|
|
|
|
if (compressed) {
|
2007-08-14 23:09:30 +02:00
|
|
|
conn->zlib_state = tor_zlib_new(1, ZLIB_METHOD);
|
|
|
|
SMARTLIST_FOREACH(certs, authority_cert_t *, c,
|
|
|
|
connection_write_to_buf_zlib(c->cache_info.signed_descriptor_body,
|
|
|
|
c->cache_info.signed_descriptor_len,
|
|
|
|
conn, 0));
|
|
|
|
connection_write_to_buf_zlib("", 0, conn, 1);
|
|
|
|
} else {
|
|
|
|
SMARTLIST_FOREACH(certs, authority_cert_t *, c,
|
|
|
|
connection_write_to_buf(c->cache_info.signed_descriptor_body,
|
|
|
|
c->cache_info.signed_descriptor_len,
|
|
|
|
TO_CONN(conn)));
|
|
|
|
}
|
2007-10-10 22:06:38 +02:00
|
|
|
keys_done:
|
2007-08-14 23:09:30 +02:00
|
|
|
smartlist_free(certs);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2007-08-14 23:09:30 +02:00
|
|
|
}
|
|
|
|
|
2007-10-29 20:10:42 +01:00
|
|
|
if (options->HidServDirectoryV2 &&
|
2012-09-11 22:00:05 +02:00
|
|
|
connection_dir_is_encrypted(conn) &&
|
2007-10-29 20:10:42 +01:00
|
|
|
!strcmpstart(url,"/tor/rendezvous2/")) {
|
|
|
|
/* Handle v2 rendezvous descriptor fetch request. */
|
2007-10-29 20:10:47 +01:00
|
|
|
const char *descp;
|
2007-10-29 20:10:42 +01:00
|
|
|
const char *query = url + strlen("/tor/rendezvous2/");
|
2007-10-31 21:48:06 +01:00
|
|
|
if (strlen(query) == REND_DESC_ID_V2_LEN_BASE32) {
|
2007-10-29 20:10:42 +01:00
|
|
|
log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
|
2008-02-13 17:34:00 +01:00
|
|
|
safe_str(query));
|
2007-10-31 21:48:06 +01:00
|
|
|
switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {
|
2007-10-29 20:10:42 +01:00
|
|
|
case 1: /* valid */
|
|
|
|
write_http_response_header(conn, strlen(descp), 0, 0);
|
|
|
|
connection_write_to_buf(descp, strlen(descp), TO_CONN(conn));
|
|
|
|
break;
|
|
|
|
case 0: /* well-formed but not present */
|
|
|
|
write_http_status_line(conn, 404, "Not found");
|
|
|
|
break;
|
|
|
|
case -1: /* not well-formed */
|
|
|
|
write_http_status_line(conn, 400, "Bad request");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
} else { /* not well-formed */
|
|
|
|
write_http_status_line(conn, 400, "Bad request");
|
|
|
|
}
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-12-22 11:54:21 +01:00
|
|
|
if (options->BridgeAuthoritativeDir &&
|
2012-10-12 18:22:13 +02:00
|
|
|
options->BridgePassword_AuthDigest_ &&
|
2008-01-18 05:51:12 +01:00
|
|
|
connection_dir_is_encrypted(conn) &&
|
2007-12-22 11:54:21 +01:00
|
|
|
!strcmp(url,"/tor/networkstatus-bridges")) {
|
|
|
|
char *status;
|
2012-04-01 04:51:28 +02:00
|
|
|
char digest[DIGEST256_LEN];
|
2007-12-22 11:54:21 +01:00
|
|
|
|
2007-12-23 02:28:25 +01:00
|
|
|
header = http_get_header(headers, "Authorization: Basic ");
|
2012-04-01 04:51:28 +02:00
|
|
|
if (header)
|
|
|
|
crypto_digest256(digest, header, strlen(header), DIGEST_SHA256);
|
2007-12-22 11:54:21 +01:00
|
|
|
|
2008-02-20 03:05:28 +01:00
|
|
|
/* now make sure the password is there and right */
|
2012-04-01 04:51:28 +02:00
|
|
|
if (!header ||
|
2012-04-01 21:59:38 +02:00
|
|
|
tor_memneq(digest,
|
2012-10-12 18:22:13 +02:00
|
|
|
options->BridgePassword_AuthDigest_, DIGEST256_LEN)) {
|
2007-12-22 11:54:21 +01:00
|
|
|
write_http_status_line(conn, 404, "Not found");
|
|
|
|
tor_free(header);
|
|
|
|
goto done;
|
|
|
|
}
|
2008-02-20 03:05:28 +01:00
|
|
|
tor_free(header);
|
2007-12-22 11:54:21 +01:00
|
|
|
|
|
|
|
/* all happy now. send an answer. */
|
|
|
|
status = networkstatus_getinfo_by_purpose("bridge", time(NULL));
|
2007-12-22 12:48:17 +01:00
|
|
|
dlen = strlen(status);
|
|
|
|
write_http_response_header(conn, dlen, 0, 0);
|
|
|
|
connection_write_to_buf(status, dlen, TO_CONN(conn));
|
2007-12-22 11:54:21 +01:00
|
|
|
tor_free(status);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2006-01-08 23:09:54 +01:00
|
|
|
if (!strcmpstart(url,"/tor/bytes.txt")) {
|
2006-01-10 00:13:53 +01:00
|
|
|
char *bytes = directory_dump_request_log();
|
2006-01-08 23:09:54 +01:00
|
|
|
size_t len = strlen(bytes);
|
2007-08-15 21:55:57 +02:00
|
|
|
write_http_response_header(conn, len, 0, 0);
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(bytes, len, TO_CONN(conn));
|
2006-01-08 23:09:54 +01:00
|
|
|
tor_free(bytes);
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2006-01-08 23:09:54 +01:00
|
|
|
}
|
|
|
|
|
2006-03-27 09:33:13 +02:00
|
|
|
if (!strcmp(url,"/tor/robots.txt")) { /* /robots.txt will have been
|
|
|
|
rewritten to /tor/robots.txt */
|
|
|
|
char robots[] = "User-agent: *\r\nDisallow: /\r\n";
|
|
|
|
size_t len = strlen(robots);
|
2007-08-15 21:55:57 +02:00
|
|
|
write_http_response_header(conn, len, 0, ROBOTS_CACHE_LIFETIME);
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_write_to_buf(robots, len, TO_CONN(conn));
|
2007-08-15 21:55:57 +02:00
|
|
|
goto done;
|
2006-06-16 00:52:56 +02:00
|
|
|
}
|
|
|
|
|
2008-09-26 20:02:48 +02:00
|
|
|
if (!strcmp(url,"/tor/dbg-stability.txt")) {
|
|
|
|
const char *stability;
|
|
|
|
size_t len;
|
2010-01-18 01:41:22 +01:00
|
|
|
if (options->BridgeAuthoritativeDir ||
|
|
|
|
! authdir_mode_tests_reachability(options) ||
|
2008-09-26 20:02:48 +02:00
|
|
|
! (stability = rep_hist_get_router_stability_doc(time(NULL)))) {
|
|
|
|
write_http_status_line(conn, 404, "Not found.");
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
len = strlen(stability);
|
|
|
|
write_http_response_header(conn, len, 0, 0);
|
|
|
|
connection_write_to_buf(stability, len, TO_CONN(conn));
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-08-21 00:31:39 +02:00
|
|
|
#if defined(EXPORTMALLINFO) && defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO)
|
2007-08-21 00:11:56 +02:00
|
|
|
#define ADD_MALLINFO_LINE(x) do { \
|
2012-01-11 20:02:59 +01:00
|
|
|
smartlist_add_asprintf(lines, "%s %d\n", #x, mi.x); \
|
2007-08-21 00:23:22 +02:00
|
|
|
}while(0);
|
2007-08-21 00:11:56 +02:00
|
|
|
|
|
|
|
if (!strcmp(url,"/tor/mallinfo.txt") &&
|
2012-10-12 18:22:13 +02:00
|
|
|
(tor_addr_eq_ipv4h(&conn->base_.addr, 0x7f000001ul))) {
|
2007-08-21 00:11:56 +02:00
|
|
|
char *result;
|
|
|
|
size_t len;
|
|
|
|
struct mallinfo mi;
|
|
|
|
smartlist_t *lines;
|
|
|
|
|
2007-08-21 00:13:14 +02:00
|
|
|
memset(&mi, 0, sizeof(mi));
|
2007-08-21 00:11:56 +02:00
|
|
|
mi = mallinfo();
|
2012-01-18 21:53:30 +01:00
|
|
|
lines = smartlist_new();
|
2007-08-21 00:11:56 +02:00
|
|
|
|
|
|
|
ADD_MALLINFO_LINE(arena)
|
|
|
|
ADD_MALLINFO_LINE(ordblks)
|
|
|
|
ADD_MALLINFO_LINE(smblks)
|
|
|
|
ADD_MALLINFO_LINE(hblks)
|
|
|
|
ADD_MALLINFO_LINE(hblkhd)
|
|
|
|
ADD_MALLINFO_LINE(usmblks)
|
|
|
|
ADD_MALLINFO_LINE(fsmblks)
|
|
|
|
ADD_MALLINFO_LINE(uordblks)
|
|
|
|
ADD_MALLINFO_LINE(fordblks)
|
|
|
|
ADD_MALLINFO_LINE(keepcost)
|
|
|
|
|
|
|
|
result = smartlist_join_strings(lines, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(lines);
|
|
|
|
|
|
|
|
len = strlen(result);
|
|
|
|
write_http_response_header(conn, len, 0, 0);
|
|
|
|
connection_write_to_buf(result, len, TO_CONN(conn));
|
|
|
|
tor_free(result);
|
2007-08-21 00:40:09 +02:00
|
|
|
goto done;
|
2007-08-21 00:11:56 +02:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2004-03-31 00:57:49 +02:00
|
|
|
/* we didn't recognize the url */
|
2005-01-20 20:46:02 +01:00
|
|
|
write_http_status_line(conn, 404, "Not found");
|
2007-08-15 21:55:57 +02:00
|
|
|
|
|
|
|
done:
|
|
|
|
tor_free(url_mem);
|
2003-12-17 10:42:28 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Helper function: called when a dirserver gets a complete HTTP POST
|
2004-05-06 13:08:04 +02:00
|
|
|
* request. Look for an uploaded server descriptor or rendezvous
|
|
|
|
* service descriptor. On finding one, process it and write a
|
2004-05-10 06:34:48 +02:00
|
|
|
* response into conn-\>outbuf. If the request is unrecognized, send a
|
2004-09-27 05:39:30 +02:00
|
|
|
* 400. Always return 0. */
|
2004-05-13 01:48:57 +02:00
|
|
|
static int
|
2007-01-30 23:19:41 +01:00
|
|
|
directory_handle_command_post(dir_connection_t *conn, const char *headers,
|
|
|
|
const char *body, size_t body_len)
|
2004-05-13 01:48:57 +02:00
|
|
|
{
|
2005-08-24 00:27:17 +02:00
|
|
|
char *url = NULL;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2003-12-17 10:42:28 +01:00
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"Received POST command.");
|
2004-03-31 00:57:49 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
|
2004-03-31 00:57:49 +02:00
|
|
|
|
2007-10-29 20:10:42 +01:00
|
|
|
if (parse_http_url(headers, &url) < 0) {
|
|
|
|
write_http_status_line(conn, 400, "Bad request");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
log_debug(LD_DIRSERV,"rewritten url as '%s'.", url);
|
|
|
|
|
|
|
|
/* Handle v2 rendezvous service publish request. */
|
|
|
|
if (options->HidServDirectoryV2 &&
|
2012-09-11 22:00:05 +02:00
|
|
|
connection_dir_is_encrypted(conn) &&
|
2007-10-29 20:10:42 +01:00
|
|
|
!strcmpstart(url,"/tor/rendezvous2/publish")) {
|
2008-01-06 02:54:09 +01:00
|
|
|
switch (rend_cache_store_v2_desc_as_dir(body)) {
|
|
|
|
case -2:
|
2008-01-07 00:37:48 +01:00
|
|
|
log_info(LD_REND, "Rejected v2 rend descriptor (length %d) from %s "
|
|
|
|
"since we're not currently a hidden service directory.",
|
2012-10-12 18:22:13 +02:00
|
|
|
(int)body_len, conn->base_.address);
|
2008-01-06 02:54:09 +01:00
|
|
|
write_http_status_line(conn, 503, "Currently not acting as v2 "
|
|
|
|
"hidden service directory");
|
|
|
|
break;
|
|
|
|
case -1:
|
2008-01-07 00:37:48 +01:00
|
|
|
log_warn(LD_REND, "Rejected v2 rend descriptor (length %d) from %s.",
|
2012-10-12 18:22:13 +02:00
|
|
|
(int)body_len, conn->base_.address);
|
2008-09-23 10:54:03 +02:00
|
|
|
write_http_status_line(conn, 400,
|
|
|
|
"Invalid v2 service descriptor rejected");
|
2008-01-06 02:54:09 +01:00
|
|
|
break;
|
|
|
|
default:
|
2008-09-23 10:54:03 +02:00
|
|
|
write_http_status_line(conn, 200, "Service descriptor (v2) stored");
|
2008-01-06 02:54:09 +01:00
|
|
|
log_info(LD_REND, "Handled v2 rendezvous descriptor post: accepted");
|
2007-10-29 20:10:42 +01:00
|
|
|
}
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2006-10-02 00:16:55 +02:00
|
|
|
if (!authdir_mode(options)) {
|
2004-07-21 10:40:57 +02:00
|
|
|
/* we just provide cached directories; we don't want to
|
|
|
|
* receive anything. */
|
2005-12-14 21:40:40 +01:00
|
|
|
write_http_status_line(conn, 400, "Nonauthoritative directory does not "
|
|
|
|
"accept posted server descriptors");
|
2008-09-05 22:52:15 +02:00
|
|
|
goto done;
|
2004-07-21 10:40:57 +02:00
|
|
|
}
|
|
|
|
|
2007-12-19 00:45:24 +01:00
|
|
|
if (authdir_mode_handles_descs(options, -1) &&
|
2007-05-02 11:12:04 +02:00
|
|
|
!strcmp(url,"/tor/")) { /* server descriptor post */
|
2008-12-17 22:50:01 +01:00
|
|
|
const char *msg = "[None]";
|
2007-06-09 09:05:19 +02:00
|
|
|
uint8_t purpose = authdir_mode_bridge(options) ?
|
2007-09-27 22:46:28 +02:00
|
|
|
ROUTER_PURPOSE_BRIDGE : ROUTER_PURPOSE_GENERAL;
|
2008-12-17 22:50:01 +01:00
|
|
|
was_router_added_t r = dirserv_add_multiple_descriptors(body, purpose,
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, &msg);
|
2005-08-31 08:14:37 +02:00
|
|
|
tor_assert(msg);
|
2008-12-17 22:50:01 +01:00
|
|
|
if (WRA_WAS_ADDED(r))
|
2006-06-18 09:38:55 +02:00
|
|
|
dirserv_get_directory(); /* rebuild and write to disk */
|
2008-12-17 22:50:01 +01:00
|
|
|
|
|
|
|
if (r == ROUTER_ADDED_NOTIFY_GENERATOR) {
|
|
|
|
/* Accepted with a message. */
|
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
"Problematic router descriptor or extra-info from %s "
|
|
|
|
"(\"%s\").",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, msg);
|
2008-12-17 22:50:01 +01:00
|
|
|
write_http_status_line(conn, 400, msg);
|
|
|
|
} else if (r == ROUTER_ADDED_SUCCESSFULLY) {
|
|
|
|
write_http_status_line(conn, 200, msg);
|
|
|
|
} else if (WRA_WAS_OUTDATED(r)) {
|
|
|
|
write_http_response_header_impl(conn, -1, NULL, NULL,
|
|
|
|
"X-Descriptor-Not-New: Yes\r\n", -1);
|
|
|
|
} else {
|
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
"Rejected router descriptor or extra-info from %s "
|
|
|
|
"(\"%s\").",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, msg);
|
2008-12-17 22:50:01 +01:00
|
|
|
write_http_status_line(conn, 400, msg);
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
2008-12-22 07:21:28 +01:00
|
|
|
goto done;
|
2004-03-31 00:57:49 +02:00
|
|
|
}
|
|
|
|
|
2007-07-26 00:56:44 +02:00
|
|
|
if (authdir_mode_v3(options) &&
|
2007-12-02 05:39:56 +01:00
|
|
|
!strcmp(url,"/tor/post/vote")) { /* v3 networkstatus vote */
|
2007-07-26 00:56:44 +02:00
|
|
|
const char *msg = "OK";
|
2007-08-13 23:01:02 +02:00
|
|
|
int status;
|
|
|
|
if (dirvote_add_vote(body, &msg, &status)) {
|
|
|
|
write_http_status_line(conn, status, "Vote stored");
|
2007-07-26 00:56:44 +02:00
|
|
|
} else {
|
|
|
|
tor_assert(msg);
|
2011-03-15 17:13:25 +01:00
|
|
|
log_warn(LD_DIRSERV, "Rejected vote from %s (\"%s\").",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, msg);
|
2007-08-13 23:01:02 +02:00
|
|
|
write_http_status_line(conn, status, msg);
|
2007-07-26 00:56:44 +02:00
|
|
|
}
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-07-29 04:55:21 +02:00
|
|
|
if (authdir_mode_v3(options) &&
|
|
|
|
!strcmp(url,"/tor/post/consensus-signature")) { /* sigs on consensus. */
|
2007-10-10 01:02:02 +02:00
|
|
|
const char *msg = NULL;
|
2012-10-12 18:22:13 +02:00
|
|
|
if (dirvote_add_signatures(body, conn->base_.address, &msg)>=0) {
|
2007-10-10 01:02:02 +02:00
|
|
|
write_http_status_line(conn, 200, msg?msg:"Signatures stored");
|
2007-07-29 04:55:21 +02:00
|
|
|
} else {
|
2007-10-10 01:02:02 +02:00
|
|
|
log_warn(LD_DIR, "Unable to store signatures posted by %s: %s",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address, msg?msg:"???");
|
2007-10-10 01:02:02 +02:00
|
|
|
write_http_status_line(conn, 400, msg?msg:"Unable to store signatures");
|
2007-07-29 04:55:21 +02:00
|
|
|
}
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2004-03-31 00:57:49 +02:00
|
|
|
/* we didn't recognize the url */
|
2005-01-20 20:46:02 +01:00
|
|
|
write_http_status_line(conn, 404, "Not found");
|
2005-08-24 00:27:17 +02:00
|
|
|
|
|
|
|
done:
|
2004-09-27 05:39:30 +02:00
|
|
|
tor_free(url);
|
2003-12-17 10:42:28 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Called when a dirserver receives data on a directory connection;
|
2004-05-05 04:50:38 +02:00
|
|
|
* looks for an HTTP request. If the request is complete, remove it
|
|
|
|
* from the inbuf, try to process it; otherwise, leave it on the
|
|
|
|
* buffer. Return a 0 on success, or -1 on error.
|
|
|
|
*/
|
2005-06-11 20:52:12 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
directory_handle_command(dir_connection_t *conn)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2003-12-17 10:42:28 +01:00
|
|
|
char *headers=NULL, *body=NULL;
|
2004-10-14 04:47:09 +02:00
|
|
|
size_t body_len=0;
|
2003-12-17 10:42:28 +01:00
|
|
|
int r;
|
|
|
|
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2009-08-09 20:40:28 +02:00
|
|
|
switch (connection_fetch_from_buf_http(TO_CONN(conn),
|
2004-11-28 12:39:53 +01:00
|
|
|
&headers, MAX_HEADERS_SIZE,
|
2007-02-16 21:00:50 +01:00
|
|
|
&body, &body_len, MAX_DIR_UL_SIZE, 0)) {
|
2003-09-17 22:09:06 +02:00
|
|
|
case -1: /* overflow */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_DIRSERV,
|
2009-11-22 05:09:24 +01:00
|
|
|
"Request too large from address '%s' to DirPort. Closing.",
|
2012-10-12 18:22:13 +02:00
|
|
|
safe_str(conn->base_.address));
|
2003-09-17 22:09:06 +02:00
|
|
|
return -1;
|
|
|
|
case 0:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"command not all here yet.");
|
2003-09-17 22:09:06 +02:00
|
|
|
return 0;
|
|
|
|
/* case 1, fall through */
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
|
|
|
|
2006-07-26 21:07:26 +02:00
|
|
|
http_set_address_origin(headers, TO_CONN(conn));
|
2006-03-05 10:50:26 +01:00
|
|
|
//log_debug(LD_DIRSERV,"headers %s, body %s.", headers, body);
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
if (!strncasecmp(headers,"GET",3))
|
2004-03-31 07:01:30 +02:00
|
|
|
r = directory_handle_command_get(conn, headers, body, body_len);
|
2003-12-17 10:42:28 +01:00
|
|
|
else if (!strncasecmp(headers,"POST",4))
|
2004-03-31 07:01:30 +02:00
|
|
|
r = directory_handle_command_post(conn, headers, body, body_len);
|
2003-12-17 10:42:28 +01:00
|
|
|
else {
|
2006-03-12 05:36:17 +01:00
|
|
|
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
|
|
|
"Got headers %s with unknown command. Closing.",
|
|
|
|
escaped(headers));
|
2003-12-17 10:42:28 +01:00
|
|
|
r = -1;
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
|
|
|
|
2003-12-17 10:42:28 +01:00
|
|
|
tor_free(headers); tor_free(body);
|
|
|
|
return r;
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Write handler for directory connections; called when all data has
|
2004-05-12 21:17:09 +02:00
|
|
|
* been flushed. Close the connection or wait for a response as
|
|
|
|
* appropriate.
|
2004-05-05 04:50:38 +02:00
|
|
|
*/
|
2005-06-11 20:52:12 +02:00
|
|
|
int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_finished_flushing(dir_connection_t *conn)
|
2005-06-11 20:52:12 +02:00
|
|
|
{
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2009-07-12 16:33:31 +02:00
|
|
|
/* Note that we have finished writing the directory response. For direct
|
|
|
|
* connections this means we're done, for tunneled connections its only
|
|
|
|
* an intermediate step. */
|
2012-09-04 09:33:16 +02:00
|
|
|
if (conn->dirreq_id)
|
|
|
|
geoip_change_dirreq_state(conn->dirreq_id, DIRREQ_TUNNELED,
|
2009-07-14 22:24:50 +02:00
|
|
|
DIRREQ_FLUSHING_DIR_CONN_FINISHED);
|
2009-07-12 16:33:31 +02:00
|
|
|
else
|
|
|
|
geoip_change_dirreq_state(TO_CONN(conn)->global_identifier,
|
2009-07-14 22:24:50 +02:00
|
|
|
DIRREQ_DIRECT,
|
|
|
|
DIRREQ_FLUSHING_DIR_CONN_FINISHED);
|
2012-10-12 18:22:13 +02:00
|
|
|
switch (conn->base_.state) {
|
2009-08-11 21:16:16 +02:00
|
|
|
case DIR_CONN_STATE_CONNECTING:
|
2004-03-31 00:57:49 +02:00
|
|
|
case DIR_CONN_STATE_CLIENT_SENDING:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIR,"client finished sending command.");
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CLIENT_READING;
|
2002-09-26 14:09:10 +02:00
|
|
|
return 0;
|
2003-09-17 22:09:06 +02:00
|
|
|
case DIR_CONN_STATE_SERVER_WRITING:
|
2011-08-26 22:10:17 +02:00
|
|
|
if (conn->dir_spool_src != DIR_SPOOL_NONE) {
|
|
|
|
#ifdef USE_BUFFEREVENTS
|
|
|
|
/* This can happen with paired bufferevents, since a paired connection
|
|
|
|
* can flush immediately when you write to it, making the subsequent
|
|
|
|
* check in connection_handle_write_cb() decide that the connection
|
|
|
|
* is flushed. */
|
|
|
|
log_debug(LD_DIRSERV, "Emptied a dirserv buffer, but still spooling.");
|
|
|
|
#else
|
|
|
|
log_warn(LD_BUG, "Emptied a dirserv buffer, but it's still spooling!");
|
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
|
|
|
#endif
|
|
|
|
} else {
|
|
|
|
log_debug(LD_DIRSERV, "Finished writing server response. Closing.");
|
|
|
|
connection_mark_for_close(TO_CONN(conn));
|
|
|
|
}
|
2004-02-28 05:11:53 +01:00
|
|
|
return 0;
|
2002-09-26 14:09:10 +02:00
|
|
|
default:
|
2007-03-04 21:11:46 +01:00
|
|
|
log_warn(LD_BUG,"called in unexpected state %d.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state);
|
2005-04-26 20:52:16 +02:00
|
|
|
tor_fragile_assert();
|
2003-09-26 12:03:50 +02:00
|
|
|
return -1;
|
2002-09-26 14:09:10 +02:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-05-12 21:17:09 +02:00
|
|
|
/** Connected handler for directory connections: begin sending data to the
|
|
|
|
* server */
|
2005-06-11 20:52:12 +02:00
|
|
|
int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dir_finished_connecting(dir_connection_t *conn)
|
2004-05-12 21:17:09 +02:00
|
|
|
{
|
2004-10-17 00:14:52 +02:00
|
|
|
tor_assert(conn);
|
2012-10-12 18:22:13 +02:00
|
|
|
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
|
|
|
tor_assert(conn->base_.state == DIR_CONN_STATE_CONNECTING);
|
2004-05-12 21:17:09 +02:00
|
|
|
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_HTTP,"Dir connection to router %s:%u established.",
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.address,conn->base_.port);
|
2004-05-12 21:17:09 +02:00
|
|
|
|
2012-10-12 18:22:13 +02:00
|
|
|
conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING; /* start flushing conn */
|
2004-05-12 21:17:09 +02:00
|
|
|
return 0;
|
|
|
|
}
|
2005-06-09 21:03:31 +02:00
|
|
|
|
2013-05-24 09:48:15 +02:00
|
|
|
/** Decide which download schedule we want to use based on descriptor type
|
|
|
|
* in <b>dls</b> and whether we are acting as directory <b>server</b>, and
|
|
|
|
* then return a list of int pointers defining download delays in seconds.
|
|
|
|
* Helper function for download_status_increment_failure() and
|
|
|
|
* download_status_reset(). */
|
|
|
|
static const smartlist_t *
|
2013-05-16 12:08:48 +02:00
|
|
|
find_dl_schedule_and_len(download_status_t *dls, int server)
|
2008-12-27 08:30:47 +01:00
|
|
|
{
|
|
|
|
switch (dls->schedule) {
|
|
|
|
case DL_SCHED_GENERIC:
|
2013-05-16 12:08:48 +02:00
|
|
|
if (server)
|
|
|
|
return get_options()->TestingServerDownloadSchedule;
|
|
|
|
else
|
|
|
|
return get_options()->TestingClientDownloadSchedule;
|
2008-12-27 08:30:47 +01:00
|
|
|
case DL_SCHED_CONSENSUS:
|
2013-05-16 12:08:48 +02:00
|
|
|
if (server)
|
|
|
|
return get_options()->TestingServerConsensusDownloadSchedule;
|
|
|
|
else
|
|
|
|
return get_options()->TestingClientConsensusDownloadSchedule;
|
2008-12-27 08:30:47 +01:00
|
|
|
case DL_SCHED_BRIDGE:
|
2013-05-16 12:08:48 +02:00
|
|
|
return get_options()->TestingBridgeDownloadSchedule;
|
2008-12-27 08:30:47 +01:00
|
|
|
default:
|
|
|
|
tor_assert(0);
|
|
|
|
}
|
|
|
|
}
|
2007-10-24 21:53:08 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Called when an attempt to download <b>dls</b> has failed with HTTP status
|
|
|
|
* <b>status_code</b>. Increment the failure count (if the code indicates a
|
2008-12-31 15:11:46 +01:00
|
|
|
* real failure) and set <b>dls</b>-\>next_attempt_at to an appropriate time
|
|
|
|
* in the future. */
|
2007-10-09 17:27:45 +02:00
|
|
|
time_t
|
|
|
|
download_status_increment_failure(download_status_t *dls, int status_code,
|
|
|
|
const char *item, int server, time_t now)
|
|
|
|
{
|
2013-05-24 09:48:15 +02:00
|
|
|
const smartlist_t *schedule;
|
2007-10-24 21:53:08 +02:00
|
|
|
int increment;
|
2007-10-09 17:27:45 +02:00
|
|
|
tor_assert(dls);
|
2008-12-23 22:17:52 +01:00
|
|
|
if (status_code != 503 || server) {
|
2008-12-31 18:22:18 +01:00
|
|
|
if (dls->n_download_failures < IMPOSSIBLE_TO_DOWNLOAD-1)
|
2008-12-23 22:17:52 +01:00
|
|
|
++dls->n_download_failures;
|
|
|
|
}
|
2007-10-24 21:53:08 +02:00
|
|
|
|
2013-05-16 12:08:48 +02:00
|
|
|
schedule = find_dl_schedule_and_len(dls, server);
|
2007-10-24 21:53:08 +02:00
|
|
|
|
2013-05-16 12:08:48 +02:00
|
|
|
if (dls->n_download_failures < smartlist_len(schedule))
|
|
|
|
increment = *(int *)smartlist_get(schedule, dls->n_download_failures);
|
2009-01-02 21:46:32 +01:00
|
|
|
else if (dls->n_download_failures == IMPOSSIBLE_TO_DOWNLOAD)
|
2008-12-25 16:42:03 +01:00
|
|
|
increment = INT_MAX;
|
2007-10-24 21:53:08 +02:00
|
|
|
else
|
2013-05-16 12:08:48 +02:00
|
|
|
increment = *(int *)smartlist_get(schedule, smartlist_len(schedule) - 1);
|
2007-10-24 21:53:08 +02:00
|
|
|
|
|
|
|
if (increment < INT_MAX)
|
|
|
|
dls->next_attempt_at = now+increment;
|
|
|
|
else
|
2008-12-25 21:16:22 +01:00
|
|
|
dls->next_attempt_at = TIME_MAX;
|
2007-10-24 21:53:08 +02:00
|
|
|
|
2007-10-09 17:27:45 +02:00
|
|
|
if (item) {
|
2008-12-31 15:11:46 +01:00
|
|
|
if (increment == 0)
|
2007-10-09 17:27:45 +02:00
|
|
|
log_debug(LD_DIR, "%s failed %d time(s); I'll try again immediately.",
|
|
|
|
item, (int)dls->n_download_failures);
|
2008-12-25 21:16:22 +01:00
|
|
|
else if (dls->next_attempt_at < TIME_MAX)
|
2007-10-09 17:27:45 +02:00
|
|
|
log_debug(LD_DIR, "%s failed %d time(s); I'll try again in %d seconds.",
|
|
|
|
item, (int)dls->n_download_failures,
|
|
|
|
(int)(dls->next_attempt_at-now));
|
|
|
|
else
|
|
|
|
log_debug(LD_DIR, "%s failed %d time(s); Giving up for a while.",
|
|
|
|
item, (int)dls->n_download_failures);
|
|
|
|
}
|
|
|
|
return dls->next_attempt_at;
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Reset <b>dls</b> so that it will be considered downloadable
|
2008-12-27 08:30:47 +01:00
|
|
|
* immediately, and/or to show that we don't need it anymore.
|
|
|
|
*
|
|
|
|
* (We find the zeroth element of the download schedule, and set
|
|
|
|
* next_attempt_at to be the appropriate offset from 'now'. In most
|
|
|
|
* cases this means setting it to 'now', so the item will be immediately
|
|
|
|
* downloadable; in the case of bridge descriptors, the zeroth element
|
|
|
|
* is an hour from now.) */
|
2007-10-09 17:27:45 +02:00
|
|
|
void
|
|
|
|
download_status_reset(download_status_t *dls)
|
|
|
|
{
|
2013-05-24 09:48:15 +02:00
|
|
|
const smartlist_t *schedule = find_dl_schedule_and_len(
|
2013-05-16 12:08:48 +02:00
|
|
|
dls, get_options()->DirPort_set);
|
2008-12-27 08:30:47 +01:00
|
|
|
|
2007-10-09 17:27:45 +02:00
|
|
|
dls->n_download_failures = 0;
|
2013-05-16 12:08:48 +02:00
|
|
|
dls->next_attempt_at = time(NULL) + *(int *)smartlist_get(schedule, 0);
|
2007-10-09 17:27:45 +02:00
|
|
|
}
|
|
|
|
|
2010-09-02 22:42:18 +02:00
|
|
|
/** Return the number of failures on <b>dls</b> since the last success (if
|
|
|
|
* any). */
|
|
|
|
int
|
|
|
|
download_status_get_n_failures(const download_status_t *dls)
|
|
|
|
{
|
|
|
|
return dls->n_download_failures;
|
|
|
|
}
|
|
|
|
|
2007-05-29 19:31:13 +02:00
|
|
|
/** Called when one or more routerdesc (or extrainfo, if <b>was_extrainfo</b>)
|
2007-09-21 08:14:36 +02:00
|
|
|
* fetches have failed (with uppercase fingerprints listed in <b>failed</b>,
|
|
|
|
* either as descriptor digests or as identity digests based on
|
|
|
|
* <b>was_descriptor_digests</b>).
|
|
|
|
*/
|
2007-11-04 01:15:42 +01:00
|
|
|
static void
|
2007-05-18 23:19:19 +02:00
|
|
|
dir_routerdesc_download_failed(smartlist_t *failed, int status_code,
|
2007-11-04 01:15:42 +01:00
|
|
|
int router_purpose,
|
2007-09-21 08:14:36 +02:00
|
|
|
int was_extrainfo, int was_descriptor_digests)
|
2005-09-15 07:19:38 +02:00
|
|
|
{
|
2005-09-18 06:15:39 +02:00
|
|
|
char digest[DIGEST_LEN];
|
2005-09-22 08:34:29 +02:00
|
|
|
time_t now = time(NULL);
|
2007-12-01 05:58:53 +01:00
|
|
|
int server = directory_fetches_from_authorities(get_options());
|
2007-11-04 01:15:42 +01:00
|
|
|
if (!was_descriptor_digests) {
|
|
|
|
if (router_purpose == ROUTER_PURPOSE_BRIDGE) {
|
2010-08-31 21:45:44 +02:00
|
|
|
tor_assert(!was_extrainfo);
|
|
|
|
connection_dir_retry_bridges(failed);
|
2007-11-04 01:15:42 +01:00
|
|
|
}
|
|
|
|
return; /* FFFF should implement for other-than-router-purpose someday */
|
|
|
|
}
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(failed, const char *, cp) {
|
2007-05-18 23:19:53 +02:00
|
|
|
download_status_t *dls = NULL;
|
2008-01-14 20:00:23 +01:00
|
|
|
if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) < 0) {
|
|
|
|
log_warn(LD_BUG, "Malformed fingerprint in list: %s", escaped(cp));
|
|
|
|
continue;
|
|
|
|
}
|
2007-05-18 23:19:53 +02:00
|
|
|
if (was_extrainfo) {
|
|
|
|
signed_descriptor_t *sd =
|
|
|
|
router_get_by_extrainfo_digest(digest);
|
|
|
|
if (sd)
|
|
|
|
dls = &sd->ei_dl_status;
|
|
|
|
} else {
|
2007-10-16 01:15:24 +02:00
|
|
|
dls = router_get_dl_status_by_descriptor_digest(digest);
|
2007-05-18 23:19:53 +02:00
|
|
|
}
|
2013-05-16 12:08:48 +02:00
|
|
|
if (!dls || dls->n_download_failures >=
|
|
|
|
get_options()->TestingDescriptorMaxDownloadTries)
|
2005-09-18 04:51:12 +02:00
|
|
|
continue;
|
2007-10-09 17:27:45 +02:00
|
|
|
download_status_increment_failure(dls, status_code, cp, server, now);
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(cp);
|
2005-09-22 08:34:29 +02:00
|
|
|
|
2007-02-24 22:21:38 +01:00
|
|
|
/* No need to relaunch descriptor downloads here: we already do it
|
2007-11-04 01:15:42 +01:00
|
|
|
* every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
|
2005-09-15 07:19:38 +02:00
|
|
|
}
|
|
|
|
|
2012-06-05 00:50:13 +02:00
|
|
|
/** Called when a connection to download microdescriptors has failed in whole
|
|
|
|
* or in part. <b>failed</b> is a list of every microdesc digest we didn't
|
|
|
|
* get. <b>status_code</b> is the http status code we received. Reschedule the
|
|
|
|
* microdesc downloads as appropriate. */
|
2010-05-11 23:20:33 +02:00
|
|
|
static void
|
|
|
|
dir_microdesc_download_failed(smartlist_t *failed,
|
|
|
|
int status_code)
|
|
|
|
{
|
|
|
|
networkstatus_t *consensus
|
|
|
|
= networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC);
|
|
|
|
routerstatus_t *rs;
|
|
|
|
download_status_t *dls;
|
|
|
|
time_t now = time(NULL);
|
|
|
|
int server = directory_fetches_from_authorities(get_options());
|
|
|
|
|
|
|
|
if (! consensus)
|
|
|
|
return;
|
|
|
|
SMARTLIST_FOREACH_BEGIN(failed, const char *, d) {
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
rs = router_get_mutable_consensus_status_by_descriptor_digest(consensus,d);
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!rs)
|
|
|
|
continue;
|
|
|
|
dls = &rs->dl_status;
|
2013-05-16 12:08:48 +02:00
|
|
|
if (dls->n_download_failures >=
|
|
|
|
get_options()->TestingMicrodescMaxDownloadTries)
|
2010-05-11 23:20:33 +02:00
|
|
|
continue;
|
|
|
|
{
|
|
|
|
char buf[BASE64_DIGEST256_LEN+1];
|
|
|
|
digest256_to_base64(buf, d);
|
|
|
|
download_status_increment_failure(dls, status_code, buf,
|
|
|
|
server, now);
|
|
|
|
}
|
|
|
|
} SMARTLIST_FOREACH_END(d);
|
|
|
|
}
|
|
|
|
|
2011-05-10 22:58:38 +02:00
|
|
|
/** Helper. Compare two fp_pair_t objects, and return negative, 0, or
|
|
|
|
* positive as appropriate. */
|
2008-12-12 20:05:36 +01:00
|
|
|
static int
|
2012-10-12 18:22:13 +02:00
|
|
|
compare_pairs_(const void **a, const void **b)
|
2008-12-12 20:05:36 +01:00
|
|
|
{
|
|
|
|
const fp_pair_t *fp1 = *a, *fp2 = *b;
|
|
|
|
int r;
|
2011-05-10 22:58:38 +02:00
|
|
|
if ((r = fast_memcmp(fp1->first, fp2->first, DIGEST_LEN)))
|
2008-12-12 20:05:36 +01:00
|
|
|
return r;
|
|
|
|
else
|
2011-05-10 22:58:38 +02:00
|
|
|
return fast_memcmp(fp1->second, fp2->second, DIGEST_LEN);
|
2008-12-12 20:05:36 +01:00
|
|
|
}
|
|
|
|
|
2008-12-17 23:58:20 +01:00
|
|
|
/** Divide a string <b>res</b> of the form FP1-FP2+FP3-FP4...[.z], where each
|
|
|
|
* FP is a hex-encoded fingerprint, into a sequence of distinct sorted
|
|
|
|
* fp_pair_t. Skip malformed pairs. On success, return 0 and add those
|
|
|
|
* fp_pair_t into <b>pairs_out</b>. On failure, return -1. */
|
2008-12-12 20:05:36 +01:00
|
|
|
int
|
|
|
|
dir_split_resource_into_fingerprint_pairs(const char *res,
|
|
|
|
smartlist_t *pairs_out)
|
|
|
|
{
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *pairs_tmp = smartlist_new();
|
|
|
|
smartlist_t *pairs_result = smartlist_new();
|
2008-12-12 20:05:36 +01:00
|
|
|
|
|
|
|
smartlist_split_string(pairs_tmp, res, "+", 0, 0);
|
|
|
|
if (smartlist_len(pairs_tmp)) {
|
|
|
|
char *last = smartlist_get(pairs_tmp,smartlist_len(pairs_tmp)-1);
|
|
|
|
size_t last_len = strlen(last);
|
|
|
|
if (last_len > 2 && !strcmp(last+last_len-2, ".z")) {
|
|
|
|
last[last_len-2] = '\0';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH_BEGIN(pairs_tmp, char *, cp) {
|
|
|
|
if (strlen(cp) != HEX_DIGEST_LEN*2+1) {
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"Skipping digest pair %s with non-standard length.", escaped(cp));
|
|
|
|
} else if (cp[HEX_DIGEST_LEN] != '-') {
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"Skipping digest pair %s with missing dash.", escaped(cp));
|
|
|
|
} else {
|
|
|
|
fp_pair_t pair;
|
|
|
|
if (base16_decode(pair.first, DIGEST_LEN, cp, HEX_DIGEST_LEN)<0 ||
|
|
|
|
base16_decode(pair.second,
|
|
|
|
DIGEST_LEN, cp+HEX_DIGEST_LEN+1, HEX_DIGEST_LEN)<0) {
|
|
|
|
log_info(LD_DIR, "Skipping non-decodable digest pair %s", escaped(cp));
|
|
|
|
} else {
|
|
|
|
smartlist_add(pairs_result, tor_memdup(&pair, sizeof(pair)));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
tor_free(cp);
|
|
|
|
} SMARTLIST_FOREACH_END(cp);
|
|
|
|
smartlist_free(pairs_tmp);
|
|
|
|
|
|
|
|
/* Uniq-and-sort */
|
2012-10-12 18:22:13 +02:00
|
|
|
smartlist_sort(pairs_result, compare_pairs_);
|
|
|
|
smartlist_uniq(pairs_result, compare_pairs_, tor_free_);
|
2008-12-12 20:05:36 +01:00
|
|
|
|
|
|
|
smartlist_add_all(pairs_out, pairs_result);
|
|
|
|
smartlist_free(pairs_result);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-02-02 21:06:43 +01:00
|
|
|
/** Given a directory <b>resource</b> request, containing zero
|
2005-09-30 22:04:55 +02:00
|
|
|
* or more strings separated by plus signs, followed optionally by ".z", store
|
|
|
|
* the strings, in order, into <b>fp_out</b>. If <b>compressed_out</b> is
|
2009-10-18 21:45:57 +02:00
|
|
|
* non-NULL, set it to 1 if the resource ends in ".z", else set it to 0.
|
|
|
|
*
|
|
|
|
* If (flags & DSR_HEX), then delete all elements that aren't hex digests, and
|
|
|
|
* decode the rest. If (flags & DSR_BASE64), then use "-" rather than "+" as
|
|
|
|
* a separator, delete all the elements that aren't base64-encoded digests,
|
|
|
|
* and decode the rest. If (flags & DSR_DIGEST256), these digests should be
|
|
|
|
* 256 bits long; else they should be 160.
|
|
|
|
*
|
|
|
|
* If (flags & DSR_SORT_UNIQ), then sort the list and remove all duplicates.
|
2005-09-30 22:04:55 +02:00
|
|
|
*/
|
2005-09-16 06:42:45 +02:00
|
|
|
int
|
|
|
|
dir_split_resource_into_fingerprints(const char *resource,
|
2005-10-14 06:56:20 +02:00
|
|
|
smartlist_t *fp_out, int *compressed_out,
|
2009-10-18 21:45:57 +02:00
|
|
|
int flags)
|
2005-09-16 06:42:45 +02:00
|
|
|
{
|
2009-10-18 21:45:57 +02:00
|
|
|
const int decode_hex = flags & DSR_HEX;
|
|
|
|
const int decode_base64 = flags & DSR_BASE64;
|
|
|
|
const int digests_are_256 = flags & DSR_DIGEST256;
|
|
|
|
const int sort_uniq = flags & DSR_SORT_UNIQ;
|
|
|
|
|
|
|
|
const int digest_len = digests_are_256 ? DIGEST256_LEN : DIGEST_LEN;
|
|
|
|
const int hex_digest_len = digests_are_256 ?
|
|
|
|
HEX_DIGEST256_LEN : HEX_DIGEST_LEN;
|
|
|
|
const int base64_digest_len = digests_are_256 ?
|
|
|
|
BASE64_DIGEST256_LEN : BASE64_DIGEST_LEN;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *fp_tmp = smartlist_new();
|
2009-10-18 21:45:57 +02:00
|
|
|
|
|
|
|
tor_assert(!(decode_hex && decode_base64));
|
2005-10-28 01:16:08 +02:00
|
|
|
tor_assert(fp_out);
|
2009-10-18 21:45:57 +02:00
|
|
|
|
|
|
|
smartlist_split_string(fp_tmp, resource, decode_base64?"-":"+", 0, 0);
|
2005-09-16 06:42:45 +02:00
|
|
|
if (compressed_out)
|
|
|
|
*compressed_out = 0;
|
2006-06-21 06:57:12 +02:00
|
|
|
if (smartlist_len(fp_tmp)) {
|
|
|
|
char *last = smartlist_get(fp_tmp,smartlist_len(fp_tmp)-1);
|
2005-09-16 06:42:45 +02:00
|
|
|
size_t last_len = strlen(last);
|
|
|
|
if (last_len > 2 && !strcmp(last+last_len-2, ".z")) {
|
|
|
|
last[last_len-2] = '\0';
|
|
|
|
if (compressed_out)
|
|
|
|
*compressed_out = 1;
|
|
|
|
}
|
|
|
|
}
|
2009-10-18 21:45:57 +02:00
|
|
|
if (decode_hex || decode_base64) {
|
|
|
|
const size_t encoded_len = decode_hex ? hex_digest_len : base64_digest_len;
|
2005-10-14 06:56:20 +02:00
|
|
|
int i;
|
2005-10-25 09:03:22 +02:00
|
|
|
char *cp, *d = NULL;
|
2006-06-21 06:57:12 +02:00
|
|
|
for (i = 0; i < smartlist_len(fp_tmp); ++i) {
|
|
|
|
cp = smartlist_get(fp_tmp, i);
|
2009-10-18 21:45:57 +02:00
|
|
|
if (strlen(cp) != encoded_len) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIR,
|
2006-03-05 10:50:26 +01:00
|
|
|
"Skipping digest %s with non-standard length.", escaped(cp));
|
2006-06-21 06:57:12 +02:00
|
|
|
smartlist_del_keeporder(fp_tmp, i--);
|
2005-10-25 09:03:22 +02:00
|
|
|
goto again;
|
2005-10-14 06:56:20 +02:00
|
|
|
}
|
2009-10-18 21:45:57 +02:00
|
|
|
d = tor_malloc_zero(digest_len);
|
|
|
|
if (decode_hex ?
|
|
|
|
(base16_decode(d, digest_len, cp, hex_digest_len)<0) :
|
|
|
|
(base64_decode(d, digest_len, cp, base64_digest_len)<0)) {
|
|
|
|
log_info(LD_DIR, "Skipping non-decodable digest %s", escaped(cp));
|
|
|
|
smartlist_del_keeporder(fp_tmp, i--);
|
|
|
|
goto again;
|
2005-10-14 06:56:20 +02:00
|
|
|
}
|
2006-06-21 06:57:12 +02:00
|
|
|
smartlist_set(fp_tmp, i, d);
|
2005-10-25 09:03:22 +02:00
|
|
|
d = NULL;
|
|
|
|
again:
|
|
|
|
tor_free(cp);
|
|
|
|
tor_free(d);
|
2005-10-14 06:56:20 +02:00
|
|
|
}
|
|
|
|
}
|
2006-06-21 06:57:12 +02:00
|
|
|
if (sort_uniq) {
|
2009-10-18 21:45:57 +02:00
|
|
|
if (decode_hex || decode_base64) {
|
|
|
|
if (digests_are_256) {
|
|
|
|
smartlist_sort_digests256(fp_tmp);
|
|
|
|
smartlist_uniq_digests256(fp_tmp);
|
|
|
|
} else {
|
|
|
|
smartlist_sort_digests(fp_tmp);
|
|
|
|
smartlist_uniq_digests(fp_tmp);
|
|
|
|
}
|
|
|
|
} else {
|
2006-06-21 06:57:12 +02:00
|
|
|
smartlist_sort_strings(fp_tmp);
|
2009-10-18 21:45:57 +02:00
|
|
|
smartlist_uniq_strings(fp_tmp);
|
2006-06-21 06:57:12 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
smartlist_add_all(fp_out, fp_tmp);
|
|
|
|
smartlist_free(fp_tmp);
|
2005-09-16 06:52:53 +02:00
|
|
|
return 0;
|
2005-09-16 06:42:45 +02:00
|
|
|
}
|
|
|
|
|