2003-09-27 23:30:10 +02:00
|
|
|
/* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
|
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
/* $Id$ */
|
|
|
|
|
|
|
|
#include "or.h"
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/**
|
|
|
|
* \file dirserv.c
|
|
|
|
* \brief Directory server core implementation.
|
2004-05-10 06:34:48 +02:00
|
|
|
**/
|
2004-05-05 02:30:43 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** How far in the future do we allow a router to get? (seconds) */
|
2003-10-22 18:41:35 +02:00
|
|
|
#define ROUTER_ALLOW_SKEW (30*60)
|
2004-09-23 21:58:44 +02:00
|
|
|
/** How many seconds do we wait before regenerating the directory? */
|
|
|
|
#define DIR_REGEN_SLACK_TIME 10
|
2003-10-22 18:41:35 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
extern or_options_t options; /**< command-line and config-file options */
|
2003-09-30 01:14:49 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Do we need to regenerate the directory when someone asks for it? */
|
2003-09-27 23:30:10 +02:00
|
|
|
static int the_directory_is_dirty = 1;
|
2004-06-25 02:29:31 +02:00
|
|
|
static int runningrouters_is_dirty = 1;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2003-10-01 02:43:34 +02:00
|
|
|
static int list_running_servers(char **nicknames_out);
|
2004-04-13 22:06:08 +02:00
|
|
|
static void directory_remove_unrecognized(void);
|
2004-09-02 20:57:09 +02:00
|
|
|
static int dirserv_regenerate_directory(void);
|
2004-09-29 00:24:56 +02:00
|
|
|
static void encode_digest_to_fingerprint(char *fp, const char *digest);
|
2003-10-01 02:43:34 +02:00
|
|
|
|
2003-09-29 09:50:08 +02:00
|
|
|
/************** Fingerprint handling code ************/
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
typedef struct fingerprint_entry_t {
|
|
|
|
char *nickname;
|
|
|
|
char *fingerprint;
|
|
|
|
} fingerprint_entry_t;
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** List of nickname-\>identity fingerprint mappings for all the routers
|
2004-05-05 02:30:43 +02:00
|
|
|
* that we recognize. Used to prevent Sybil attacks. */
|
2004-05-18 19:41:40 +02:00
|
|
|
static smartlist_t *fingerprint_list = NULL;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Add the fingerprint <b>fp</b> for the nickname <b>nickname</b> to
|
|
|
|
* the global list of recognized identity key fingerprints.
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2004-03-29 21:50:59 +02:00
|
|
|
void /* Should be static; exposed for testing */
|
2003-09-30 21:27:54 +02:00
|
|
|
add_fingerprint_to_dir(const char *nickname, const char *fp)
|
|
|
|
{
|
|
|
|
int i;
|
2004-05-18 19:41:40 +02:00
|
|
|
fingerprint_entry_t *ent;
|
|
|
|
if (!fingerprint_list)
|
|
|
|
fingerprint_list = smartlist_create();
|
|
|
|
|
|
|
|
for (i = 0; i < smartlist_len(fingerprint_list); ++i) {
|
|
|
|
ent = smartlist_get(fingerprint_list, i);
|
|
|
|
if (!strcasecmp(ent->nickname,nickname)) {
|
|
|
|
tor_free(ent->fingerprint);
|
|
|
|
ent->fingerprint = tor_strdup(fp);
|
2003-09-30 21:27:54 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
ent = tor_malloc(sizeof(fingerprint_entry_t));
|
|
|
|
ent->nickname = tor_strdup(nickname);
|
|
|
|
ent->fingerprint = tor_strdup(fp);
|
|
|
|
smartlist_add(fingerprint_list, ent);
|
2003-09-30 21:27:54 +02:00
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Add the nickname and fingerprint for this OR to the recognized list.
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2003-09-30 21:27:54 +02:00
|
|
|
int
|
|
|
|
dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk)
|
|
|
|
{
|
|
|
|
char fp[FINGERPRINT_LEN+1];
|
|
|
|
if (crypto_pk_get_fingerprint(pk, fp)<0) {
|
|
|
|
log_fn(LOG_ERR, "Error computing fingerprint");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
add_fingerprint_to_dir(nickname, fp);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Parse the nickname-\>fingerprint mappings stored in the file named
|
|
|
|
* <b>fname</b>. The file format is line-based, with each non-blank
|
2004-05-05 02:30:43 +02:00
|
|
|
* holding one nickname, some space, and a fingerprint for that
|
|
|
|
* nickname. On success, replace the current fingerprint list with
|
2004-05-10 06:34:48 +02:00
|
|
|
* the contents of <b>fname</b> and return 0. On failure, leave the
|
2004-05-05 02:30:43 +02:00
|
|
|
* current fingerprint list untouched, and return -1. */
|
2003-12-14 07:03:46 +01:00
|
|
|
int
|
2003-09-27 23:30:10 +02:00
|
|
|
dirserv_parse_fingerprint_file(const char *fname)
|
|
|
|
{
|
|
|
|
FILE *file;
|
2003-09-29 09:50:08 +02:00
|
|
|
char line[FINGERPRINT_LEN+MAX_NICKNAME_LEN+20+1];
|
|
|
|
char *nickname, *fingerprint;
|
2004-05-18 19:41:40 +02:00
|
|
|
smartlist_t *fingerprint_list_new;
|
2003-09-29 09:50:08 +02:00
|
|
|
int i, result;
|
2004-05-18 19:41:40 +02:00
|
|
|
fingerprint_entry_t *ent;
|
2003-09-29 09:50:08 +02:00
|
|
|
|
|
|
|
if(!(file = fopen(fname, "r"))) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN, "Cannot open fingerprint file %s", fname);
|
2003-09-29 09:50:08 +02:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
fingerprint_list_new = smartlist_create();
|
2003-09-29 09:50:08 +02:00
|
|
|
while( (result=parse_line_from_file(line, sizeof(line),file,&nickname,&fingerprint)) > 0) {
|
2003-09-27 23:30:10 +02:00
|
|
|
if (strlen(nickname) > MAX_NICKNAME_LEN) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log(LOG_WARN, "Nickname %s too long in fingerprint file. Skipping.", nickname);
|
2003-09-29 09:50:08 +02:00
|
|
|
continue;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-09-29 09:50:08 +02:00
|
|
|
if(strlen(fingerprint) != FINGERPRINT_LEN ||
|
|
|
|
!crypto_pk_check_fingerprint_syntax(fingerprint)) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN, "Invalid fingerprint (nickname %s, fingerprint %s). Skipping.",
|
2003-09-29 09:50:08 +02:00
|
|
|
nickname, fingerprint);
|
|
|
|
continue;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
for (i = 0; i < smartlist_len(fingerprint_list_new); ++i) {
|
|
|
|
ent = smartlist_get(fingerprint_list_new, i);
|
|
|
|
if (0==strcasecmp(ent->nickname, nickname)) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log(LOG_WARN, "Duplicate nickname %s. Skipping.",nickname);
|
2003-09-29 09:50:08 +02:00
|
|
|
break; /* out of the for. the 'if' below means skip to the next line. */
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
if(i == smartlist_len(fingerprint_list_new)) { /* not a duplicate */
|
|
|
|
ent = tor_malloc(sizeof(fingerprint_entry_t));
|
|
|
|
ent->nickname = tor_strdup(nickname);
|
|
|
|
ent->fingerprint = tor_strdup(fingerprint);
|
|
|
|
smartlist_add(fingerprint_list_new, ent);
|
2003-09-29 09:50:08 +02:00
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-09-29 09:50:08 +02:00
|
|
|
fclose(file);
|
|
|
|
if(result == 0) { /* eof; replace the global fingerprints list. */
|
|
|
|
dirserv_free_fingerprint_list();
|
2004-05-18 19:41:40 +02:00
|
|
|
fingerprint_list = fingerprint_list_new;
|
2004-04-13 22:06:08 +02:00
|
|
|
/* Delete any routers whose fingerprints we no longer recognize */
|
|
|
|
directory_remove_unrecognized();
|
2003-09-29 09:50:08 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
/* error */
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN, "Error reading from fingerprint file");
|
2004-05-18 19:41:40 +02:00
|
|
|
for (i = 0; i < smartlist_len(fingerprint_list_new); ++i) {
|
|
|
|
ent = smartlist_get(fingerprint_list_new, i);
|
|
|
|
tor_free(ent->nickname);
|
|
|
|
tor_free(ent->fingerprint);
|
|
|
|
tor_free(ent);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
smartlist_free(fingerprint_list_new);
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
2003-12-14 06:25:23 +01:00
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Check whether <b>router</b> has a nickname/identity key combination that
|
2004-05-05 02:30:43 +02:00
|
|
|
* we recognize from the fingerprint list. Return 1 if router's
|
|
|
|
* identity and nickname match, -1 if we recognize the nickname but
|
|
|
|
* the identity key is wrong, and 0 if the nickname is not known. */
|
2003-09-27 23:30:10 +02:00
|
|
|
int
|
|
|
|
dirserv_router_fingerprint_is_known(const routerinfo_t *router)
|
|
|
|
{
|
2004-05-18 19:41:40 +02:00
|
|
|
int i, found=0;
|
2003-09-27 23:30:10 +02:00
|
|
|
fingerprint_entry_t *ent =NULL;
|
|
|
|
char fp[FINGERPRINT_LEN+1];
|
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!fingerprint_list)
|
|
|
|
fingerprint_list = smartlist_create();
|
|
|
|
|
|
|
|
log_fn(LOG_DEBUG, "%d fingerprints known.", smartlist_len(fingerprint_list));
|
|
|
|
for (i=0;i<smartlist_len(fingerprint_list);++i) {
|
|
|
|
ent = smartlist_get(fingerprint_list, i);
|
|
|
|
log_fn(LOG_DEBUG,"%s vs %s", router->nickname, ent->nickname);
|
|
|
|
if (!strcasecmp(router->nickname,ent->nickname)) {
|
|
|
|
found = 1;
|
2003-09-27 23:30:10 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2003-12-13 23:53:17 +01:00
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!found) { /* No such server known */
|
2003-11-12 06:12:51 +01:00
|
|
|
log_fn(LOG_INFO,"no fingerprint found for %s",router->nickname);
|
2003-09-27 23:30:10 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (crypto_pk_get_fingerprint(router->identity_pkey, fp)) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN,"error computing fingerprint");
|
2003-11-12 06:12:51 +01:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
if (0==strcasecmp(ent->fingerprint, fp)) {
|
2003-09-30 21:27:54 +02:00
|
|
|
log_fn(LOG_DEBUG,"good fingerprint for %s",router->nickname);
|
2003-09-29 09:50:08 +02:00
|
|
|
return 1; /* Right fingerprint. */
|
2003-09-27 23:30:10 +02:00
|
|
|
} else {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN,"mismatched fingerprint for %s",router->nickname);
|
2003-11-12 06:12:51 +01:00
|
|
|
return -1; /* Wrong fingerprint. */
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-09-29 00:24:56 +02:00
|
|
|
/** If we are an authoritative directory, and the list of approved
|
|
|
|
* servers contains one whose identity key digest is <b>digest</b>,
|
|
|
|
* return that router's nickname. Otherwise return NULL. */
|
|
|
|
const char *dirserv_get_nickname_by_digest(const char *digest)
|
2004-05-05 06:55:00 +02:00
|
|
|
{
|
2004-07-13 20:23:40 +02:00
|
|
|
char fp[FINGERPRINT_LEN+1];
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!fingerprint_list)
|
2004-09-29 00:24:56 +02:00
|
|
|
return NULL;
|
|
|
|
tor_assert(digest);
|
|
|
|
encode_digest_to_fingerprint(fp, digest);
|
|
|
|
|
|
|
|
SMARTLIST_FOREACH(fingerprint_list, fingerprint_entry_t*, ent,
|
|
|
|
{ if (!strcasecmp(fp, ent->fingerprint))
|
|
|
|
return ent->nickname; } );
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Set fp to contain the hex encoding of <b>digest</b>, with every 4
|
|
|
|
* hex digits separated by a space. The digest must be DIGEST_LEN bytes long;
|
|
|
|
* fp must have FINGERPRINT_LEN+1 bytes free. */
|
|
|
|
static void encode_digest_to_fingerprint(char *fp, const char *digest)
|
|
|
|
{
|
|
|
|
char hexdigest[HEX_DIGEST_LEN+1];
|
|
|
|
int i,j;
|
|
|
|
|
|
|
|
tor_assert(fp&&digest);
|
2004-05-18 19:41:40 +02:00
|
|
|
|
2004-07-22 00:54:27 +02:00
|
|
|
base16_encode(hexdigest, sizeof(hexdigest), digest, DIGEST_LEN);
|
|
|
|
for (i=j=0;j<HEX_DIGEST_LEN;++i,++j) {
|
|
|
|
fp[i]=hexdigest[j];
|
|
|
|
if ((j%4)==3 && j != 39)
|
2004-07-13 20:23:40 +02:00
|
|
|
fp[++i]=' ';
|
|
|
|
}
|
|
|
|
fp[i]='\0';
|
2004-09-29 00:24:56 +02:00
|
|
|
}
|
2004-07-13 20:23:40 +02:00
|
|
|
|
2004-09-29 00:24:56 +02:00
|
|
|
/** Return true iff any router named <b>nickname</b> with <b>digest</b>
|
|
|
|
* is in the verified fingerprint list. */
|
|
|
|
static int
|
|
|
|
router_nickname_is_approved(const char *nickname, const char *digest)
|
|
|
|
{
|
|
|
|
const char *n;
|
|
|
|
|
|
|
|
n = dirserv_get_nickname_by_digest(digest);
|
|
|
|
if (n && !strcasecmp(n,nickname))
|
|
|
|
return 1;
|
|
|
|
else
|
|
|
|
return 0;
|
2004-05-05 06:55:00 +02:00
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Clear the current fingerprint list. */
|
2003-12-17 22:09:31 +01:00
|
|
|
void
|
2003-09-27 23:30:10 +02:00
|
|
|
dirserv_free_fingerprint_list()
|
|
|
|
{
|
|
|
|
int i;
|
2004-05-18 19:41:40 +02:00
|
|
|
fingerprint_entry_t *ent;
|
|
|
|
if (!fingerprint_list)
|
|
|
|
return;
|
|
|
|
|
|
|
|
for (i = 0; i < smartlist_len(fingerprint_list); ++i) {
|
|
|
|
ent = smartlist_get(fingerprint_list, i);
|
|
|
|
tor_free(ent->nickname);
|
|
|
|
tor_free(ent->fingerprint);
|
|
|
|
tor_free(ent);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
smartlist_free(fingerprint_list);
|
|
|
|
fingerprint_list = NULL;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Descriptor list
|
|
|
|
*/
|
2004-05-05 02:30:43 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** A directory server's view of a server descriptor. Contains both
|
2004-05-05 02:30:43 +02:00
|
|
|
* parsed and unparsed versions. */
|
2003-09-27 23:30:10 +02:00
|
|
|
typedef struct descriptor_entry_t {
|
|
|
|
char *nickname;
|
|
|
|
time_t published;
|
|
|
|
size_t desc_len;
|
|
|
|
char *descriptor;
|
2004-07-13 20:23:40 +02:00
|
|
|
int verified;
|
2004-04-13 22:06:08 +02:00
|
|
|
routerinfo_t *router;
|
2003-09-27 23:30:10 +02:00
|
|
|
} descriptor_entry_t;
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** List of all server descriptors that this dirserv is holding. */
|
2004-05-18 19:41:40 +02:00
|
|
|
static smartlist_t *descriptor_list = NULL;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Release the storage held by <b>desc</b> */
|
2003-09-27 23:30:10 +02:00
|
|
|
static void free_descriptor_entry(descriptor_entry_t *desc)
|
|
|
|
{
|
2003-10-21 11:48:17 +02:00
|
|
|
tor_free(desc->descriptor);
|
|
|
|
tor_free(desc->nickname);
|
2004-04-13 22:06:08 +02:00
|
|
|
routerinfo_free(desc->router);
|
2003-09-27 23:30:10 +02:00
|
|
|
free(desc);
|
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Release all storage that the dirserv is holding for server
|
2004-05-05 02:30:43 +02:00
|
|
|
* descriptors. */
|
2003-12-14 07:03:46 +01:00
|
|
|
void
|
2003-09-27 23:30:10 +02:00
|
|
|
dirserv_free_descriptors()
|
|
|
|
{
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!descriptor_list)
|
|
|
|
return;
|
|
|
|
SMARTLIST_FOREACH(descriptor_list, descriptor_entry_t *, d,
|
|
|
|
free_descriptor_entry(d));
|
|
|
|
smartlist_clear(descriptor_list);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Parse the server descriptor at *desc and maybe insert it into the
|
2004-08-08 13:15:38 +02:00
|
|
|
* list of server descriptors, and (if the descriptor is well-formed)
|
2004-05-05 02:30:43 +02:00
|
|
|
* advance *desc immediately past the descriptor's end.
|
2004-03-12 13:43:13 +01:00
|
|
|
*
|
2004-05-05 02:30:43 +02:00
|
|
|
* Return 1 if descriptor is well-formed and accepted;
|
|
|
|
* 0 if well-formed and server is unapproved;
|
|
|
|
* -1 if not well-formed or other error.
|
2003-11-12 06:12:51 +01:00
|
|
|
*/
|
2003-09-27 23:30:10 +02:00
|
|
|
int
|
|
|
|
dirserv_add_descriptor(const char **desc)
|
|
|
|
{
|
2004-05-18 19:41:40 +02:00
|
|
|
descriptor_entry_t *ent = NULL;
|
2003-09-27 23:30:10 +02:00
|
|
|
routerinfo_t *ri = NULL;
|
2004-05-18 19:41:40 +02:00
|
|
|
int i, r, found=-1;
|
2003-09-27 23:30:10 +02:00
|
|
|
char *start, *end;
|
2003-12-09 00:45:37 +01:00
|
|
|
char *desc_tmp = NULL;
|
|
|
|
const char *cp;
|
2003-09-27 23:30:10 +02:00
|
|
|
size_t desc_len;
|
2004-03-29 21:28:16 +02:00
|
|
|
time_t now;
|
2004-07-21 11:13:12 +02:00
|
|
|
int verified=1; /* whether we knew its fingerprint already */
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!descriptor_list)
|
|
|
|
descriptor_list = smartlist_create();
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
start = strstr(*desc, "router ");
|
|
|
|
if (!start) {
|
2004-04-05 02:47:48 +02:00
|
|
|
log_fn(LOG_WARN, "no 'router' line found. This is not a descriptor.");
|
2004-03-12 13:43:13 +01:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-09-30 22:04:40 +02:00
|
|
|
if ((end = strstr(start+6, "\nrouter "))) {
|
2003-09-27 23:30:10 +02:00
|
|
|
++end; /* Include NL. */
|
2003-09-30 22:04:40 +02:00
|
|
|
} else if ((end = strstr(start+6, "\ndirectory-signature"))) {
|
|
|
|
++end;
|
2003-09-27 23:30:10 +02:00
|
|
|
} else {
|
|
|
|
end = start+strlen(start);
|
|
|
|
}
|
|
|
|
desc_len = end-start;
|
2003-12-09 00:45:37 +01:00
|
|
|
cp = desc_tmp = tor_strndup(start, desc_len);
|
2003-09-27 23:30:10 +02:00
|
|
|
|
|
|
|
/* Check: is the descriptor syntactically valid? */
|
2004-05-10 19:30:51 +02:00
|
|
|
ri = router_parse_entry_from_string(cp, NULL);
|
2004-03-12 13:43:13 +01:00
|
|
|
tor_free(desc_tmp);
|
2003-09-27 23:30:10 +02:00
|
|
|
if (!ri) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log(LOG_WARN, "Couldn't parse descriptor");
|
2004-03-12 13:43:13 +01:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
/* Okay. Now check whether the fingerprint is recognized. */
|
2003-11-12 06:12:51 +01:00
|
|
|
r = dirserv_router_fingerprint_is_known(ri);
|
2004-07-21 11:13:12 +02:00
|
|
|
if(r==-1) {
|
|
|
|
log_fn(LOG_WARN, "Known nickname %s, wrong fingerprint. Not adding.", ri->nickname);
|
2003-11-12 06:12:51 +01:00
|
|
|
routerinfo_free(ri);
|
|
|
|
*desc = end;
|
|
|
|
return 0;
|
2003-10-22 18:41:35 +02:00
|
|
|
}
|
2004-07-21 11:13:12 +02:00
|
|
|
if(r==0) {
|
|
|
|
char fp[FINGERPRINT_LEN+1];
|
2004-07-22 08:04:13 +02:00
|
|
|
log_fn(LOG_INFO, "Unknown nickname %s (%s:%d). Adding.",
|
2004-07-21 11:13:12 +02:00
|
|
|
ri->nickname, ri->address, ri->or_port);
|
|
|
|
if (crypto_pk_get_fingerprint(ri->identity_pkey, fp) < 0) {
|
|
|
|
log_fn(LOG_WARN, "Error computing fingerprint for %s", ri->nickname);
|
|
|
|
} else {
|
2004-07-22 08:04:13 +02:00
|
|
|
log_fn(LOG_INFO, "Fingerprint line: %s %s", ri->nickname, fp);
|
2004-07-21 11:13:12 +02:00
|
|
|
}
|
|
|
|
verified = 0;
|
|
|
|
}
|
2003-10-22 18:41:35 +02:00
|
|
|
/* Is there too much clock skew? */
|
2004-03-29 21:28:16 +02:00
|
|
|
now = time(NULL);
|
|
|
|
if (ri->published_on > now+ROUTER_ALLOW_SKEW) {
|
2004-03-30 01:23:01 +02:00
|
|
|
log_fn(LOG_WARN, "Publication time for nickname %s is too far in the future; possible clock skew. Not adding.", ri->nickname);
|
2003-11-12 06:12:51 +01:00
|
|
|
routerinfo_free(ri);
|
|
|
|
*desc = end;
|
2004-03-30 01:23:01 +02:00
|
|
|
return 0;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-03-29 21:28:16 +02:00
|
|
|
if (ri->published_on < now-ROUTER_MAX_AGE) {
|
2004-03-30 01:23:01 +02:00
|
|
|
log_fn(LOG_WARN, "Publication time for router with nickname %s is too far in the past. Not adding.", ri->nickname);
|
2004-03-29 21:28:16 +02:00
|
|
|
routerinfo_free(ri);
|
|
|
|
*desc = end;
|
2004-03-30 01:23:01 +02:00
|
|
|
return 0;
|
2004-03-29 21:28:16 +02:00
|
|
|
}
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
/* Do we already have an entry for this router? */
|
2004-05-18 19:41:40 +02:00
|
|
|
for (i = 0; i < smartlist_len(descriptor_list); ++i) {
|
|
|
|
ent = smartlist_get(descriptor_list, i);
|
|
|
|
if (!strcasecmp(ri->nickname, ent->nickname)) {
|
|
|
|
found = i;
|
2003-09-27 23:30:10 +02:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2004-05-18 19:41:40 +02:00
|
|
|
if (found >= 0) {
|
2003-09-27 23:30:10 +02:00
|
|
|
/* if so, decide whether to update it. */
|
2004-08-08 13:15:38 +02:00
|
|
|
if (ent->published >= ri->published_on) {
|
|
|
|
/* We already have a newer or equal-time descriptor */
|
|
|
|
log_fn(LOG_INFO,"We already have a new enough desc for nickname %s. Not adding.",ri->nickname);
|
2004-03-12 13:43:13 +01:00
|
|
|
/* This isn't really an error; return success. */
|
2003-11-12 06:12:51 +01:00
|
|
|
routerinfo_free(ri);
|
2003-09-30 21:27:54 +02:00
|
|
|
*desc = end;
|
2004-03-12 13:43:13 +01:00
|
|
|
return 1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
/* We don't have a newer one; we'll update this one. */
|
2004-04-25 21:04:11 +02:00
|
|
|
log_fn(LOG_INFO,"Dirserv updating desc for nickname %s",ri->nickname);
|
2004-05-18 19:41:40 +02:00
|
|
|
free_descriptor_entry(ent);
|
|
|
|
smartlist_del_keeporder(descriptor_list, found);
|
2003-09-27 23:30:10 +02:00
|
|
|
} else {
|
2004-05-18 19:41:40 +02:00
|
|
|
/* Add at the end. */
|
|
|
|
log_fn(LOG_INFO,"Dirserv adding desc for nickname %s",ri->nickname);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
ent = tor_malloc(sizeof(descriptor_entry_t));
|
|
|
|
ent->nickname = tor_strdup(ri->nickname);
|
|
|
|
ent->published = ri->published_on;
|
|
|
|
ent->desc_len = desc_len;
|
|
|
|
ent->descriptor = tor_malloc(desc_len+1);
|
|
|
|
strncpy(ent->descriptor, start, desc_len);
|
|
|
|
ent->descriptor[desc_len] = '\0';
|
|
|
|
ent->router = ri;
|
2004-07-21 11:13:12 +02:00
|
|
|
/* XXX008 is ent->verified useful/used for anything? */
|
|
|
|
ent->verified = verified; /* XXXX008 support other possibilities. */
|
2004-05-18 19:41:40 +02:00
|
|
|
smartlist_add(descriptor_list, ent);
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
*desc = end;
|
2003-12-14 06:25:23 +01:00
|
|
|
directory_set_dirty();
|
|
|
|
|
2004-03-12 13:43:13 +01:00
|
|
|
return 1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Remove all descriptors whose nicknames or fingerprints we don't
|
2004-05-05 02:30:43 +02:00
|
|
|
* recognize. (Descriptors that used to be good can become
|
|
|
|
* unrecognized when we reload the fingerprint list.)
|
|
|
|
*/
|
2004-04-13 22:06:08 +02:00
|
|
|
static void
|
|
|
|
directory_remove_unrecognized(void)
|
|
|
|
{
|
|
|
|
int i;
|
2004-05-18 19:41:40 +02:00
|
|
|
descriptor_entry_t *ent;
|
|
|
|
if (!descriptor_list)
|
|
|
|
descriptor_list = smartlist_create();
|
|
|
|
|
|
|
|
for (i = 0; i < smartlist_len(descriptor_list); ++i) {
|
|
|
|
ent = smartlist_get(descriptor_list, i);
|
|
|
|
if (dirserv_router_fingerprint_is_known(ent->router)<=0) {
|
2004-04-13 22:06:08 +02:00
|
|
|
log(LOG_INFO, "Router %s is no longer recognized",
|
2004-05-18 19:41:40 +02:00
|
|
|
ent->nickname);
|
|
|
|
free_descriptor_entry(ent);
|
|
|
|
smartlist_del(descriptor_list, i--);
|
2004-04-13 22:06:08 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Mark the directory as <b>dirty</b> -- when we're next asked for a
|
2004-05-05 02:30:43 +02:00
|
|
|
* directory, we will rebuild it instead of reusing the most recently
|
|
|
|
* generated one.
|
|
|
|
*/
|
2003-12-17 22:09:31 +01:00
|
|
|
void
|
2003-09-27 23:30:10 +02:00
|
|
|
directory_set_dirty()
|
|
|
|
{
|
2004-09-23 21:58:44 +02:00
|
|
|
time_t now = time(NULL);
|
|
|
|
|
|
|
|
if(!the_directory_is_dirty)
|
|
|
|
the_directory_is_dirty = now;
|
|
|
|
if(!runningrouters_is_dirty)
|
|
|
|
runningrouters_is_dirty = now;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
2004-06-25 02:29:31 +02:00
|
|
|
/** Load all descriptors from a directory stored in the string
|
2004-05-10 06:34:48 +02:00
|
|
|
* <b>dir</b>.
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2003-12-17 22:09:31 +01:00
|
|
|
int
|
2004-06-25 02:29:31 +02:00
|
|
|
dirserv_load_from_directory_string(const char *dir)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
|
|
|
const char *cp = dir;
|
|
|
|
while(1) {
|
|
|
|
cp = strstr(cp, "\nrouter ");
|
|
|
|
if (!cp) break;
|
|
|
|
++cp;
|
2004-03-12 13:43:13 +01:00
|
|
|
if (dirserv_add_descriptor(&cp) < 0) {
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
--cp; /*Back up to newline.*/
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Set *<b>nicknames_out</b> to a comma-separated list of all the ORs that we
|
2004-05-05 02:30:43 +02:00
|
|
|
* believe are currently running (because we have open connections to
|
|
|
|
* them). Return 0 on success; -1 on error.
|
|
|
|
*/
|
2003-12-14 07:03:46 +01:00
|
|
|
static int
|
2003-10-01 02:43:34 +02:00
|
|
|
list_running_servers(char **nicknames_out)
|
|
|
|
{
|
|
|
|
connection_t **connection_array;
|
|
|
|
int n_conns;
|
|
|
|
connection_t *conn;
|
|
|
|
char *cp;
|
2004-05-18 19:41:40 +02:00
|
|
|
int i;
|
2003-10-01 02:43:34 +02:00
|
|
|
int length;
|
2004-07-01 13:32:26 +02:00
|
|
|
smartlist_t *nicknames_up, *nicknames_down;
|
2004-05-19 21:42:50 +02:00
|
|
|
|
2003-10-01 02:43:34 +02:00
|
|
|
*nicknames_out = NULL;
|
2004-07-01 13:32:26 +02:00
|
|
|
nicknames_up = smartlist_create();
|
|
|
|
nicknames_down = smartlist_create();
|
2004-07-13 20:23:40 +02:00
|
|
|
smartlist_add(nicknames_up, tor_strdup(options.Nickname));
|
2003-12-14 07:03:46 +01:00
|
|
|
|
2003-10-01 02:43:34 +02:00
|
|
|
get_connection_array(&connection_array, &n_conns);
|
|
|
|
for (i = 0; i<n_conns; ++i) {
|
2004-07-13 20:23:40 +02:00
|
|
|
char *name;
|
2003-10-01 02:43:34 +02:00
|
|
|
conn = connection_array[i];
|
2004-07-01 13:32:26 +02:00
|
|
|
if (conn->type != CONN_TYPE_OR || !conn->nickname)
|
|
|
|
continue; /* only list ORs. */
|
2004-07-13 20:23:40 +02:00
|
|
|
if (router_nickname_is_approved(conn->nickname, conn->identity_digest)) {
|
|
|
|
name = tor_strdup(conn->nickname);
|
|
|
|
} else {
|
2004-07-17 01:05:40 +02:00
|
|
|
name = tor_malloc(HEX_DIGEST_LEN+2);
|
|
|
|
*name = '$';
|
2004-07-22 00:37:03 +02:00
|
|
|
base16_encode(name+1, HEX_DIGEST_LEN+1, conn->identity_digest, DIGEST_LEN);
|
2004-07-13 20:23:40 +02:00
|
|
|
}
|
|
|
|
|
2004-07-01 13:32:26 +02:00
|
|
|
if(conn->state == OR_CONN_STATE_OPEN)
|
2004-07-13 20:23:40 +02:00
|
|
|
smartlist_add(nicknames_up, name);
|
2004-07-01 13:32:26 +02:00
|
|
|
else
|
2004-07-13 20:23:40 +02:00
|
|
|
smartlist_add(nicknames_down, name);
|
2003-10-01 02:43:34 +02:00
|
|
|
}
|
2004-07-01 13:32:26 +02:00
|
|
|
length = smartlist_len(nicknames_up) +
|
|
|
|
2*smartlist_len(nicknames_down) + 1;
|
|
|
|
/* spaces + EOS + !'s + 1. */
|
|
|
|
SMARTLIST_FOREACH(nicknames_up, char *, c, length += strlen(c));
|
|
|
|
SMARTLIST_FOREACH(nicknames_down, char *, c, length += strlen(c));
|
2003-11-18 09:20:19 +01:00
|
|
|
*nicknames_out = tor_malloc_zero(length);
|
2003-10-01 02:43:34 +02:00
|
|
|
cp = *nicknames_out;
|
2004-07-01 13:32:26 +02:00
|
|
|
for (i = 0; i<smartlist_len(nicknames_up); ++i) {
|
2003-10-01 02:43:34 +02:00
|
|
|
if (i)
|
|
|
|
strcat(cp, " ");
|
2004-07-01 13:32:26 +02:00
|
|
|
strcat(cp, (char*)smartlist_get(nicknames_up,i)); /* can't overflow */
|
|
|
|
while (*cp)
|
|
|
|
++cp;
|
|
|
|
}
|
|
|
|
for (i = 0; i<smartlist_len(nicknames_down); ++i) {
|
|
|
|
strcat(cp, " !");
|
|
|
|
strcat(cp, (char*)smartlist_get(nicknames_down,i)); /* can't overflow */
|
2003-12-17 22:09:31 +01:00
|
|
|
while (*cp)
|
2003-10-01 02:43:34 +02:00
|
|
|
++cp;
|
|
|
|
}
|
2004-07-13 20:23:40 +02:00
|
|
|
SMARTLIST_FOREACH(nicknames_up, char *, victim, tor_free(victim));
|
|
|
|
SMARTLIST_FOREACH(nicknames_down, char *, victim, tor_free(victim));
|
2004-07-01 13:32:26 +02:00
|
|
|
smartlist_free(nicknames_up);
|
|
|
|
smartlist_free(nicknames_down);
|
2003-10-01 02:43:34 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-08-07 00:15:25 +02:00
|
|
|
/** Remove any descriptors from the directory that are more than <b>age</b>
|
2004-03-29 21:28:16 +02:00
|
|
|
* seconds old.
|
|
|
|
*/
|
|
|
|
void
|
2004-08-07 00:15:25 +02:00
|
|
|
dirserv_remove_old_servers(int age)
|
2004-03-29 21:28:16 +02:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
time_t cutoff;
|
2004-05-18 19:41:40 +02:00
|
|
|
descriptor_entry_t *ent;
|
|
|
|
if (!descriptor_list)
|
|
|
|
descriptor_list = smartlist_create();
|
|
|
|
|
2004-08-07 00:15:25 +02:00
|
|
|
cutoff = time(NULL) - age;
|
2004-05-18 19:41:40 +02:00
|
|
|
for (i = 0; i < smartlist_len(descriptor_list); ++i) {
|
|
|
|
ent = smartlist_get(descriptor_list, i);
|
2004-08-07 00:15:25 +02:00
|
|
|
if (ent->published <= cutoff) {
|
2004-03-29 21:28:16 +02:00
|
|
|
/* descriptor_list[i] is too old. Remove it. */
|
2004-05-18 19:41:40 +02:00
|
|
|
free_descriptor_entry(ent);
|
|
|
|
smartlist_del(descriptor_list, i--);
|
2004-03-29 21:28:16 +02:00
|
|
|
directory_set_dirty();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Dump all routers currently in the directory into the string
|
|
|
|
* <b>s</b>, using at most <b>maxlen</b> characters, and signing the
|
|
|
|
* directory with <b>private_key</b>. Return 0 on success, -1 on
|
|
|
|
* failure.
|
2004-03-29 21:28:16 +02:00
|
|
|
*/
|
2003-09-27 23:30:10 +02:00
|
|
|
int
|
2004-04-28 22:13:21 +02:00
|
|
|
dirserv_dump_directory_to_string(char *s, unsigned int maxlen,
|
2003-09-27 23:30:10 +02:00
|
|
|
crypto_pk_env_t *private_key)
|
|
|
|
{
|
|
|
|
char *cp, *eos;
|
|
|
|
char digest[20];
|
|
|
|
char signature[128];
|
|
|
|
char published[33];
|
|
|
|
time_t published_on;
|
|
|
|
int i;
|
|
|
|
eos = s+maxlen;
|
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!descriptor_list)
|
|
|
|
descriptor_list = smartlist_create();
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
if (list_running_servers(&cp))
|
|
|
|
return -1;
|
2004-08-07 00:15:25 +02:00
|
|
|
dirserv_remove_old_servers(ROUTER_MAX_AGE);
|
2003-09-27 23:30:10 +02:00
|
|
|
published_on = time(NULL);
|
2004-08-07 04:46:16 +02:00
|
|
|
format_iso_time(published, published_on);
|
2003-09-27 23:30:10 +02:00
|
|
|
snprintf(s, maxlen,
|
|
|
|
"signed-directory\n"
|
|
|
|
"published %s\n"
|
2003-11-13 07:49:25 +01:00
|
|
|
"recommended-software %s\n"
|
2004-06-25 02:29:31 +02:00
|
|
|
"running-routers %s\n\n",
|
|
|
|
published, options.RecommendedVersions, cp);
|
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
free(cp);
|
|
|
|
i = strlen(s);
|
|
|
|
cp = s+i;
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2004-05-18 19:41:40 +02:00
|
|
|
SMARTLIST_FOREACH(descriptor_list, descriptor_entry_t *, d,
|
|
|
|
if (strlcat(s, d->descriptor, maxlen) >= maxlen)
|
|
|
|
goto truncated);
|
|
|
|
|
2004-03-29 21:28:16 +02:00
|
|
|
/* These multiple strlcat calls are inefficient, but dwarfed by the RSA
|
2003-09-27 23:30:10 +02:00
|
|
|
signature.
|
|
|
|
*/
|
2004-04-25 00:17:50 +02:00
|
|
|
if (strlcat(s, "directory-signature ", maxlen) >= maxlen)
|
2004-03-29 21:28:16 +02:00
|
|
|
goto truncated;
|
2004-04-25 00:17:50 +02:00
|
|
|
if (strlcat(s, options.Nickname, maxlen) >= maxlen)
|
|
|
|
goto truncated;
|
|
|
|
if (strlcat(s, "\n", maxlen) >= maxlen)
|
|
|
|
goto truncated;
|
|
|
|
|
2003-09-30 21:27:54 +02:00
|
|
|
if (router_get_dir_hash(s,digest)) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN,"couldn't compute digest");
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN,"couldn't sign digest");
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2004-04-06 22:16:12 +02:00
|
|
|
log(LOG_DEBUG,"generated directory digest begins with %s",hex_str(digest,4));
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2004-03-29 21:28:16 +02:00
|
|
|
if (strlcat(cp, "-----BEGIN SIGNATURE-----\n", maxlen) >= maxlen)
|
|
|
|
goto truncated;
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
i = strlen(s);
|
|
|
|
cp = s+i;
|
|
|
|
if (base64_encode(cp, maxlen-i, signature, 128) < 0) {
|
2003-10-10 03:48:32 +02:00
|
|
|
log_fn(LOG_WARN,"couldn't base64-encode signature");
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2004-07-23 01:21:12 +02:00
|
|
|
|
2004-03-29 21:28:16 +02:00
|
|
|
if (strlcat(s, "-----END SIGNATURE-----\n", maxlen) >= maxlen)
|
|
|
|
goto truncated;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
|
|
|
return 0;
|
2004-03-29 21:28:16 +02:00
|
|
|
truncated:
|
|
|
|
log_fn(LOG_WARN,"tried to exceed string length.");
|
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Most recently generated encoded signed directory. */
|
2003-12-14 06:25:23 +01:00
|
|
|
static char *the_directory = NULL;
|
|
|
|
static int the_directory_len = -1;
|
2004-09-02 20:57:09 +02:00
|
|
|
static char *the_directory_z = NULL;
|
|
|
|
static int the_directory_z_len = -1;
|
|
|
|
|
2004-06-30 23:48:02 +02:00
|
|
|
static char *cached_directory = NULL; /* used only by non-auth dirservers */
|
2004-06-21 06:37:27 +02:00
|
|
|
static int cached_directory_len = -1;
|
2004-09-02 20:57:09 +02:00
|
|
|
static char *cached_directory_z = NULL;
|
|
|
|
static int cached_directory_z_len = -1;
|
|
|
|
static time_t cached_directory_published = 0;
|
2004-06-21 06:37:27 +02:00
|
|
|
|
|
|
|
void dirserv_set_cached_directory(const char *directory, time_t when)
|
|
|
|
{
|
|
|
|
time_t now;
|
2004-09-08 08:52:33 +02:00
|
|
|
char filename[512];
|
2004-06-30 23:48:02 +02:00
|
|
|
tor_assert(!options.AuthoritativeDir);
|
2004-06-21 06:37:27 +02:00
|
|
|
now = time(NULL);
|
2004-09-08 08:52:33 +02:00
|
|
|
if (when<=cached_directory_published) {
|
|
|
|
log_fn(LOG_INFO, "Ignoring old directory; not caching.");
|
|
|
|
} else if (when>=now+ROUTER_ALLOW_SKEW) {
|
|
|
|
log_fn(LOG_INFO, "Ignoring future directory; not caching.");
|
2004-09-27 08:57:16 +02:00
|
|
|
} else if (when>cached_directory_published &&
|
2004-09-08 08:52:33 +02:00
|
|
|
when<now+ROUTER_ALLOW_SKEW) {
|
|
|
|
log_fn(LOG_DEBUG, "Caching directory.");
|
2004-06-21 06:37:27 +02:00
|
|
|
tor_free(cached_directory);
|
|
|
|
cached_directory = tor_strdup(directory);
|
|
|
|
cached_directory_len = strlen(cached_directory);
|
2004-09-02 20:57:09 +02:00
|
|
|
tor_free(cached_directory_z);
|
2004-09-27 09:28:48 +02:00
|
|
|
if (tor_gzip_compress(&cached_directory_z, &cached_directory_z_len,
|
2004-09-02 20:57:09 +02:00
|
|
|
cached_directory, cached_directory_len,
|
|
|
|
ZLIB_METHOD)) {
|
|
|
|
log_fn(LOG_WARN,"Error compressing cached directory");
|
|
|
|
}
|
2004-06-25 02:29:31 +02:00
|
|
|
cached_directory_published = when;
|
2004-09-08 08:52:33 +02:00
|
|
|
if(get_data_directory(&options)) {
|
|
|
|
sprintf(filename,"%s/cached-directory", get_data_directory(&options));
|
2004-09-08 09:16:34 +02:00
|
|
|
if(write_str_to_file(filename,cached_directory,0) < 0) {
|
2004-09-08 08:52:33 +02:00
|
|
|
log_fn(LOG_WARN, "Couldn't write cached directory to disk. Ignoring.");
|
|
|
|
}
|
|
|
|
}
|
2004-06-21 06:37:27 +02:00
|
|
|
}
|
|
|
|
}
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Set *<b>directory</b> to the most recently generated encoded signed
|
|
|
|
* directory, generating a new one as necessary. */
|
2004-09-27 08:57:16 +02:00
|
|
|
size_t dirserv_get_directory(const char **directory, int compress)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2004-06-21 06:37:27 +02:00
|
|
|
if (!options.AuthoritativeDir) {
|
2004-09-27 08:57:16 +02:00
|
|
|
if (compress?cached_directory_z:cached_directory) {
|
|
|
|
*directory = compress?cached_directory_z:cached_directory;
|
|
|
|
return (size_t) (compress?cached_directory_z_len:cached_directory_len);
|
2004-06-21 06:37:27 +02:00
|
|
|
} else {
|
|
|
|
/* no directory yet retrieved */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
2004-09-23 21:58:44 +02:00
|
|
|
if (the_directory_is_dirty &&
|
|
|
|
the_directory_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL)) {
|
2004-09-02 20:57:09 +02:00
|
|
|
if (dirserv_regenerate_directory())
|
2003-09-27 23:30:10 +02:00
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
log(LOG_INFO,"Directory still clean, reusing.");
|
|
|
|
}
|
2004-09-27 08:57:16 +02:00
|
|
|
*directory = compress ? the_directory_z : the_directory;
|
|
|
|
return compress ? the_directory_z_len : the_directory_len;
|
2004-09-02 20:57:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Generate a fresh directory (authdirservers only.)
|
|
|
|
*/
|
|
|
|
static int dirserv_regenerate_directory(void)
|
|
|
|
{
|
|
|
|
char *new_directory;
|
|
|
|
char filename[512];
|
|
|
|
|
|
|
|
size_t z_dir_len;
|
|
|
|
new_directory = tor_malloc(MAX_DIR_SIZE);
|
|
|
|
if (dirserv_dump_directory_to_string(new_directory, MAX_DIR_SIZE,
|
|
|
|
get_identity_key())) {
|
|
|
|
log(LOG_WARN, "Error creating directory.");
|
|
|
|
tor_free(new_directory);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
tor_free(the_directory);
|
|
|
|
the_directory = new_directory;
|
|
|
|
the_directory_len = strlen(the_directory);
|
|
|
|
log_fn(LOG_INFO,"New directory (size %d):\n%s",the_directory_len,
|
|
|
|
the_directory);
|
|
|
|
tor_free(the_directory_z);
|
|
|
|
if (tor_gzip_compress(&the_directory_z, &z_dir_len,
|
|
|
|
the_directory, the_directory_len,
|
|
|
|
ZLIB_METHOD)) {
|
|
|
|
log_fn(LOG_WARN, "Error gzipping directory.");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
the_directory_z_len = (int)z_dir_len;
|
|
|
|
|
|
|
|
/* Now read the directory we just made in order to update our own
|
|
|
|
* router lists. This does more signature checking than is strictly
|
|
|
|
* necessary, but safe is better than sorry. */
|
|
|
|
new_directory = tor_strdup(the_directory);
|
|
|
|
/* use a new copy of the dir, since get_dir_from_string scribbles on it */
|
|
|
|
if (router_load_routerlist_from_directory(new_directory, get_identity_key())) {
|
|
|
|
log_fn(LOG_ERR, "We just generated a directory we can't parse. Dying.");
|
|
|
|
tor_cleanup();
|
|
|
|
exit(0);
|
|
|
|
}
|
|
|
|
free(new_directory);
|
|
|
|
if(get_data_directory(&options)) {
|
|
|
|
sprintf(filename,"%s/cached-directory", get_data_directory(&options));
|
2004-09-08 09:16:34 +02:00
|
|
|
if(write_str_to_file(filename,the_directory,0) < 0) {
|
2004-09-02 20:57:09 +02:00
|
|
|
log_fn(LOG_WARN, "Couldn't write cached directory to disk. Ignoring.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
the_directory_is_dirty = 0;
|
|
|
|
|
|
|
|
return 0;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-10-18 05:23:26 +02:00
|
|
|
|
2004-06-25 02:29:31 +02:00
|
|
|
static char *runningrouters_string=NULL;
|
|
|
|
static size_t runningrouters_len=0;
|
|
|
|
|
|
|
|
/** Replace the current running-routers list with a newly generated one. */
|
|
|
|
static int generate_runningrouters(crypto_pk_env_t *private_key)
|
|
|
|
{
|
|
|
|
char *s, *cp;
|
|
|
|
char digest[DIGEST_LEN];
|
|
|
|
char signature[PK_BYTES];
|
2004-08-04 01:57:05 +02:00
|
|
|
int i;
|
2004-06-25 02:29:31 +02:00
|
|
|
char published[33];
|
2004-08-04 01:57:05 +02:00
|
|
|
size_t len;
|
2004-06-25 02:29:31 +02:00
|
|
|
time_t published_on;
|
|
|
|
|
2004-07-22 23:31:04 +02:00
|
|
|
len = 1024+(MAX_HEX_NICKNAME_LEN+2)*smartlist_len(descriptor_list);
|
2004-06-25 02:29:31 +02:00
|
|
|
s = tor_malloc_zero(len);
|
|
|
|
if (list_running_servers(&cp))
|
|
|
|
return -1;
|
|
|
|
published_on = time(NULL);
|
2004-08-07 04:46:16 +02:00
|
|
|
format_iso_time(published, published_on);
|
2004-06-25 02:29:31 +02:00
|
|
|
sprintf(s, "network-status\n"
|
|
|
|
"published %s\n"
|
|
|
|
"running-routers %s\n"
|
|
|
|
"directory-signature %s\n"
|
|
|
|
"-----BEGIN SIGNATURE-----\n",
|
|
|
|
published, cp, options.Nickname);
|
2004-07-21 11:13:12 +02:00
|
|
|
tor_free(cp);
|
2004-06-25 02:29:31 +02:00
|
|
|
if (router_get_runningrouters_hash(s,digest)) {
|
|
|
|
log_fn(LOG_WARN,"couldn't compute digest");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
|
|
|
|
log_fn(LOG_WARN,"couldn't sign digest");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
i = strlen(s);
|
|
|
|
cp = s+i;
|
|
|
|
if (base64_encode(cp, len-i, signature, 128) < 0) {
|
|
|
|
log_fn(LOG_WARN,"couldn't base64-encode signature");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (strlcat(s, "-----END SIGNATURE-----\n", len) >= len) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
tor_free(runningrouters_string);
|
|
|
|
runningrouters_string = s;
|
|
|
|
runningrouters_len = strlen(s);
|
|
|
|
runningrouters_is_dirty = 0;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-06-16 23:08:29 +02:00
|
|
|
/** Set *<b>rr</b> to the most recently generated encoded signed
|
2004-08-06 22:00:16 +02:00
|
|
|
* running-routers list, generating a new one as necessary. Return the
|
|
|
|
* size of the directory on success, and 0 on failure. */
|
2004-06-16 23:08:29 +02:00
|
|
|
size_t dirserv_get_runningrouters(const char **rr)
|
|
|
|
{
|
2004-09-23 21:58:44 +02:00
|
|
|
if (runningrouters_is_dirty &&
|
|
|
|
runningrouters_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL)) {
|
2004-06-25 02:29:31 +02:00
|
|
|
if(generate_runningrouters(get_identity_key())) {
|
|
|
|
log_fn(LOG_ERR, "Couldn't generate running-routers list?");
|
2004-08-06 22:00:16 +02:00
|
|
|
return 0;
|
2004-06-25 02:29:31 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
*rr = runningrouters_string;
|
|
|
|
return runningrouters_len;
|
2004-06-16 23:08:29 +02:00
|
|
|
}
|
|
|
|
|
2004-04-03 06:05:12 +02:00
|
|
|
/*
|
|
|
|
Local Variables:
|
|
|
|
mode:c
|
|
|
|
indent-tabs-mode:nil
|
|
|
|
c-basic-offset:2
|
|
|
|
End:
|
|
|
|
*/
|