2004-11-07 02:33:06 +01:00
|
|
|
/* Copyright 2001-2004 Roger Dingledine.
|
2007-02-12 22:39:53 +01:00
|
|
|
* Copyright 2004-2007 Roger Dingledine, Nick Mathewson. */
|
2003-09-27 23:30:10 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
/* $Id$ */
|
2005-12-14 21:40:40 +01:00
|
|
|
const char dirserv_c_id[] =
|
|
|
|
|
"$Id$";
|
2003-09-27 23:30:10 +02:00
|
|
|
|
|
|
|
|
#include "or.h"
|
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/**
|
|
|
|
|
* \file dirserv.c
|
2005-06-11 07:31:17 +02:00
|
|
|
* \brief Directory server core implementation. Manages directory
|
|
|
|
|
* contents and generates directories.
|
2004-05-10 06:34:48 +02:00
|
|
|
**/
|
2004-05-05 02:30:43 +02:00
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** How far in the future do we allow a router to get? (seconds) */
|
2006-03-12 23:48:18 +01:00
|
|
|
#define ROUTER_ALLOW_SKEW (60*60*12)
|
2004-09-23 21:58:44 +02:00
|
|
|
/** How many seconds do we wait before regenerating the directory? */
|
2005-09-08 22:47:11 +02:00
|
|
|
#define DIR_REGEN_SLACK_TIME 30
|
2006-01-08 22:26:33 +01:00
|
|
|
/** If we're a cache, keep this many networkstatuses around from non-trusted
|
|
|
|
|
* directory authorities. */
|
|
|
|
|
#define MAX_UNTRUSTED_NETWORKSTATUSES 16
|
2003-10-22 18:41:35 +02:00
|
|
|
|
2007-02-25 04:43:00 +01:00
|
|
|
/** If a v1 directory is older than this, discard it. */
|
|
|
|
|
#define MAX_V1_DIRECTORY_AGE (30*24*60*60)
|
|
|
|
|
/** If a v1 running-routers is older than this, discard it. */
|
|
|
|
|
#define MAX_V1_RR_AGE (7*24*60*60)
|
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Do we need to regenerate the directory when someone asks for it? */
|
2003-09-27 23:30:10 +02:00
|
|
|
static int the_directory_is_dirty = 1;
|
2004-06-25 02:29:31 +02:00
|
|
|
static int runningrouters_is_dirty = 1;
|
2005-08-27 00:16:09 +02:00
|
|
|
static int the_v2_networkstatus_is_dirty = 1;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2005-06-21 03:00:42 +02:00
|
|
|
static void directory_remove_invalid(void);
|
2006-06-18 23:30:03 +02:00
|
|
|
static cached_dir_t *dirserv_regenerate_directory(void);
|
2005-08-25 22:33:17 +02:00
|
|
|
static char *format_versions_list(config_line_t *ln);
|
2004-11-02 04:02:17 +01:00
|
|
|
/* Should be static; exposed for testing */
|
2007-04-11 15:18:25 +02:00
|
|
|
/* XXXX020 not actually tested. */
|
2006-10-23 05:48:42 +02:00
|
|
|
struct authdir_config_t;
|
2005-12-14 21:40:40 +01:00
|
|
|
int add_fingerprint_to_dir(const char *nickname, const char *fp,
|
2006-10-23 05:48:42 +02:00
|
|
|
struct authdir_config_t *list);
|
|
|
|
|
static uint32_t dirserv_router_get_status(const routerinfo_t *router,
|
|
|
|
|
const char **msg);
|
|
|
|
|
static uint32_t
|
2005-12-06 07:55:43 +01:00
|
|
|
dirserv_get_status_impl(const char *fp, const char *nickname,
|
|
|
|
|
const char *address,
|
|
|
|
|
uint32_t addr, uint16_t or_port,
|
|
|
|
|
const char *platform, const char *contact,
|
|
|
|
|
const char **msg, int should_log);
|
2005-09-15 07:19:38 +02:00
|
|
|
static int dirserv_thinks_router_is_reachable(routerinfo_t *router,
|
|
|
|
|
time_t now);
|
2006-06-18 09:38:55 +02:00
|
|
|
static void clear_cached_dir(cached_dir_t *d);
|
2003-10-01 02:43:34 +02:00
|
|
|
|
2003-09-29 09:50:08 +02:00
|
|
|
/************** Fingerprint handling code ************/
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
#define FP_NAMED 1 /**< Listed in fingerprint file. */
|
|
|
|
|
#define FP_INVALID 2 /**< Believed invalid. */
|
|
|
|
|
#define FP_REJECT 4 /**< We will not publish this router. */
|
|
|
|
|
#define FP_BADEXIT 8 /**< We'll tell clients not to use this as an exit. */
|
|
|
|
|
|
2007-02-16 21:39:37 +01:00
|
|
|
/** Encapsulate a nickname and an FP_* status; target of status_by_digest
|
|
|
|
|
* map. */
|
2006-10-23 05:48:42 +02:00
|
|
|
typedef struct router_status_t {
|
|
|
|
|
char nickname[MAX_NICKNAME_LEN+1];
|
|
|
|
|
uint32_t status;
|
|
|
|
|
} router_status_t;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** List of nickname-\>identity fingerprint mappings for all the routers
|
2007-02-16 21:39:37 +01:00
|
|
|
* that we name. Used to prevent router impersonation. */
|
2006-10-23 05:48:42 +02:00
|
|
|
typedef struct authdir_config_t {
|
2007-02-24 08:50:38 +01:00
|
|
|
strmap_t *fp_by_name; /**< Map from lc nickname to fingerprint. */
|
|
|
|
|
digestmap_t *status_by_digest; /**< Map from digest to router_status_t. */
|
2006-10-23 05:48:42 +02:00
|
|
|
} authdir_config_t;
|
|
|
|
|
|
2007-02-24 08:50:38 +01:00
|
|
|
/** Should be static; exposed for testing. */
|
2007-04-11 15:18:25 +02:00
|
|
|
/* XXXX020 not actually tested. */
|
2006-10-23 05:48:42 +02:00
|
|
|
authdir_config_t *fingerprint_list = NULL;
|
|
|
|
|
|
2007-02-16 21:39:37 +01:00
|
|
|
/** Allocate and return a new, empty, authdir_config_t. */
|
2006-10-23 05:48:42 +02:00
|
|
|
static authdir_config_t *
|
|
|
|
|
authdir_config_new(void)
|
|
|
|
|
{
|
|
|
|
|
authdir_config_t *list = tor_malloc_zero(sizeof(authdir_config_t));
|
|
|
|
|
list->fp_by_name = strmap_new();
|
|
|
|
|
list->status_by_digest = digestmap_new();
|
|
|
|
|
return list;
|
|
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Add the fingerprint <b>fp</b> for the nickname <b>nickname</b> to
|
2005-06-21 03:00:42 +02:00
|
|
|
* the smartlist of fingerprint_entry_t's <b>list</b>. Return 0 if it's
|
|
|
|
|
* new, or 1 if we replaced the old value.
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2007-04-11 15:18:25 +02:00
|
|
|
/* static */ int
|
2006-10-23 05:48:42 +02:00
|
|
|
add_fingerprint_to_dir(const char *nickname, const char *fp,
|
|
|
|
|
authdir_config_t *list)
|
2003-09-30 21:27:54 +02:00
|
|
|
{
|
2005-08-24 00:00:35 +02:00
|
|
|
char *fingerprint;
|
2006-10-23 05:48:42 +02:00
|
|
|
char d[DIGEST_LEN];
|
|
|
|
|
router_status_t *status;
|
2005-06-21 03:00:42 +02:00
|
|
|
tor_assert(nickname);
|
|
|
|
|
tor_assert(fp);
|
|
|
|
|
tor_assert(list);
|
2004-05-18 19:41:40 +02:00
|
|
|
|
2006-11-20 17:26:52 +01:00
|
|
|
fingerprint = tor_strdup(fp);
|
2005-08-24 00:00:35 +02:00
|
|
|
tor_strstrip(fingerprint, " ");
|
2006-10-23 05:48:42 +02:00
|
|
|
if (base16_decode(d, DIGEST_LEN, fingerprint, strlen(fingerprint))) {
|
|
|
|
|
log_warn(LD_DIRSERV, "Couldn't decode fingerprint \"%s\"",
|
|
|
|
|
escaped(fp));
|
2006-11-20 17:22:46 +01:00
|
|
|
tor_free(fingerprint);
|
2006-10-23 05:48:42 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
2005-08-24 00:00:35 +02:00
|
|
|
|
2006-09-29 06:51:28 +02:00
|
|
|
if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) {
|
|
|
|
|
log_warn(LD_DIRSERV, "Tried to add a mapping for reserved nickname %s",
|
|
|
|
|
UNNAMED_ROUTER_NICKNAME);
|
2006-11-20 17:22:46 +01:00
|
|
|
tor_free(fingerprint);
|
2006-09-29 06:51:28 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
status = digestmap_get(list->status_by_digest, d);
|
|
|
|
|
if (!status) {
|
|
|
|
|
status = tor_malloc_zero(sizeof(router_status_t));
|
|
|
|
|
digestmap_set(list->status_by_digest, d, status);
|
|
|
|
|
}
|
|
|
|
|
|
2005-10-05 00:23:31 +02:00
|
|
|
if (nickname[0] != '!') {
|
2006-10-23 05:48:42 +02:00
|
|
|
char *old_fp = strmap_get_lc(list->fp_by_name, nickname);
|
2006-10-24 23:38:31 +02:00
|
|
|
if (old_fp && !strcasecmp(fingerprint, old_fp)) {
|
|
|
|
|
tor_free(fingerprint);
|
|
|
|
|
} else {
|
|
|
|
|
tor_free(old_fp);
|
|
|
|
|
strmap_set_lc(list->fp_by_name, nickname, fingerprint);
|
2003-09-30 21:27:54 +02:00
|
|
|
}
|
2006-10-23 05:48:42 +02:00
|
|
|
status->status |= FP_NAMED;
|
|
|
|
|
strlcpy(status->nickname, nickname, sizeof(status->nickname));
|
|
|
|
|
} else {
|
2006-11-20 17:36:44 +01:00
|
|
|
tor_free(fingerprint);
|
2006-10-23 05:48:42 +02:00
|
|
|
if (!strcasecmp(nickname, "!reject")) {
|
|
|
|
|
status->status |= FP_REJECT;
|
|
|
|
|
} else if (!strcasecmp(nickname, "!invalid")) {
|
|
|
|
|
status->status |= FP_INVALID;
|
|
|
|
|
} else if (!strcasecmp(nickname, "!badexit")) {
|
|
|
|
|
status->status |= FP_BADEXIT;
|
|
|
|
|
}
|
2003-09-30 21:27:54 +02:00
|
|
|
}
|
2005-06-21 03:00:42 +02:00
|
|
|
return 0;
|
2003-09-30 21:27:54 +02:00
|
|
|
}
|
|
|
|
|
|
2005-06-21 03:00:42 +02:00
|
|
|
/** Add the nickname and fingerprint for this OR to the
|
|
|
|
|
* global list of recognized identity key fingerprints. */
|
2003-09-30 21:27:54 +02:00
|
|
|
int
|
|
|
|
|
dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk)
|
|
|
|
|
{
|
|
|
|
|
char fp[FINGERPRINT_LEN+1];
|
2004-10-06 15:31:48 +02:00
|
|
|
if (crypto_pk_get_fingerprint(pk, fp, 0)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_err(LD_BUG, "Error computing fingerprint");
|
2003-09-30 21:27:54 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2005-06-21 03:00:42 +02:00
|
|
|
if (!fingerprint_list)
|
2006-10-23 05:48:42 +02:00
|
|
|
fingerprint_list = authdir_config_new();
|
2005-06-21 03:00:42 +02:00
|
|
|
add_fingerprint_to_dir(nickname, fp, fingerprint_list);
|
2003-09-30 21:27:54 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-14 06:53:23 +02:00
|
|
|
/** Load the nickname-\>fingerprint mappings stored in the approved-routers
|
|
|
|
|
* file. The file format is line-based, with each non-blank holding one
|
|
|
|
|
* nickname, some space, and a fingerprint for that nickname. On success,
|
|
|
|
|
* replace the current fingerprint list with the new list and return 0. On
|
|
|
|
|
* failure, leave the current fingerprint list untouched, and
|
|
|
|
|
* return -1. */
|
2003-12-14 07:03:46 +01:00
|
|
|
int
|
2006-09-14 07:00:02 +02:00
|
|
|
dirserv_load_fingerprint_file(void)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2006-09-14 06:53:23 +02:00
|
|
|
char fname[512];
|
2004-11-06 06:18:11 +01:00
|
|
|
char *cf;
|
2003-09-29 09:50:08 +02:00
|
|
|
char *nickname, *fingerprint;
|
2006-10-23 05:48:42 +02:00
|
|
|
authdir_config_t *fingerprint_list_new;
|
2005-06-21 03:00:42 +02:00
|
|
|
int result;
|
2005-07-22 23:12:10 +02:00
|
|
|
config_line_t *front=NULL, *list;
|
2006-09-14 06:53:23 +02:00
|
|
|
or_options_t *options = get_options();
|
|
|
|
|
|
|
|
|
|
tor_snprintf(fname, sizeof(fname),
|
|
|
|
|
"%s/approved-routers", options->DataDirectory);
|
|
|
|
|
log_info(LD_GENERAL,
|
|
|
|
|
"Reloading approved fingerprints from \"%s\"...", fname);
|
2003-09-29 09:50:08 +02:00
|
|
|
|
2006-10-20 01:05:02 +02:00
|
|
|
cf = read_file_to_str(fname, 0, NULL);
|
2004-11-06 06:18:11 +01:00
|
|
|
if (!cf) {
|
2006-09-14 06:53:23 +02:00
|
|
|
if (options->NamingAuthoritativeDir) {
|
2006-03-18 01:22:23 +01:00
|
|
|
log_warn(LD_FS, "Cannot open fingerprint file '%s'. Failing.", fname);
|
|
|
|
|
return -1;
|
|
|
|
|
} else {
|
|
|
|
|
log_info(LD_FS, "Cannot open fingerprint file '%s'. Returning.", fname);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-11-06 06:18:11 +01:00
|
|
|
result = config_get_lines(cf, &front);
|
|
|
|
|
tor_free(cf);
|
|
|
|
|
if (result < 0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_CONFIG, "Error reading from fingerprint file");
|
2004-11-06 06:18:11 +01:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
fingerprint_list_new = authdir_config_new();
|
2004-11-06 06:18:11 +01:00
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
for (list=front; list; list=list->next) {
|
2004-11-06 06:18:11 +01:00
|
|
|
nickname = list->key; fingerprint = list->value;
|
2003-09-27 23:30:10 +02:00
|
|
|
if (strlen(nickname) > MAX_NICKNAME_LEN) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_CONFIG,
|
|
|
|
|
"Nickname '%s' too long in fingerprint file. Skipping.",
|
|
|
|
|
nickname);
|
2003-09-29 09:50:08 +02:00
|
|
|
continue;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2005-09-15 16:39:05 +02:00
|
|
|
if (!is_legal_nickname(nickname) &&
|
2005-09-15 23:10:58 +02:00
|
|
|
strcasecmp(nickname, "!reject") &&
|
2006-10-23 05:48:42 +02:00
|
|
|
strcasecmp(nickname, "!invalid") &&
|
|
|
|
|
strcasecmp(nickname, "!badexit")) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_CONFIG,
|
|
|
|
|
"Invalid nickname '%s' in fingerprint file. Skipping.",
|
|
|
|
|
nickname);
|
2005-09-15 16:39:05 +02:00
|
|
|
continue;
|
|
|
|
|
}
|
2004-11-28 10:05:49 +01:00
|
|
|
if (strlen(fingerprint) != FINGERPRINT_LEN ||
|
2004-11-28 12:39:53 +01:00
|
|
|
!crypto_pk_check_fingerprint_syntax(fingerprint)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_CONFIG,
|
|
|
|
|
"Invalid fingerprint (nickname '%s', "
|
|
|
|
|
"fingerprint %s). Skipping.",
|
|
|
|
|
nickname, fingerprint);
|
2003-09-29 09:50:08 +02:00
|
|
|
continue;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-11-09 21:04:00 +01:00
|
|
|
if (0==strcasecmp(nickname, DEFAULT_CLIENT_NICKNAME)) {
|
2004-11-09 19:22:17 +01:00
|
|
|
/* If you approved an OR called "client", then clients who use
|
|
|
|
|
* the default nickname could all be rejected. That's no good. */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_CONFIG,
|
2007-05-02 11:12:04 +02:00
|
|
|
"Authorizing nickname '%s' would break "
|
2006-10-23 05:48:42 +02:00
|
|
|
"many clients; skipping.",
|
|
|
|
|
DEFAULT_CLIENT_NICKNAME);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (0==strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) {
|
|
|
|
|
/* If you approved an OR called "unnamed", then clients will be
|
2006-10-29 08:41:25 +01:00
|
|
|
* confused. */
|
2006-10-23 05:48:42 +02:00
|
|
|
log_notice(LD_CONFIG,
|
2007-05-02 11:12:04 +02:00
|
|
|
"Authorizing nickname '%s' is not allowed; skipping.",
|
2006-10-23 05:48:42 +02:00
|
|
|
UNNAMED_ROUTER_NICKNAME);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2005-12-14 21:40:40 +01:00
|
|
|
if (add_fingerprint_to_dir(nickname, fingerprint, fingerprint_list_new)
|
|
|
|
|
!= 0)
|
2006-02-13 10:37:53 +01:00
|
|
|
log_notice(LD_CONFIG, "Duplicate nickname '%s'.", nickname);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2004-11-06 06:18:11 +01:00
|
|
|
|
|
|
|
|
config_free_lines(front);
|
|
|
|
|
dirserv_free_fingerprint_list();
|
|
|
|
|
fingerprint_list = fingerprint_list_new;
|
|
|
|
|
/* Delete any routers whose fingerprints we no longer recognize */
|
2005-06-21 03:00:42 +02:00
|
|
|
directory_remove_invalid();
|
2004-11-06 06:18:11 +01:00
|
|
|
return 0;
|
2003-12-14 06:25:23 +01:00
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Check whether <b>router</b> has a nickname/identity key combination that
|
2005-09-15 02:51:42 +02:00
|
|
|
* we recognize from the fingerprint list, or an IP we automatically act on
|
2005-09-15 08:15:31 +02:00
|
|
|
* according to our configuration. Return the appropriate router status.
|
|
|
|
|
*
|
|
|
|
|
* If the status is 'FP_REJECT' and <b>msg</b> is provided, set
|
2005-12-06 07:55:43 +01:00
|
|
|
* *<b>msg</b> to an explanation of why. */
|
2006-10-23 05:48:42 +02:00
|
|
|
static uint32_t
|
2005-09-15 02:51:42 +02:00
|
|
|
dirserv_router_get_status(const routerinfo_t *router, const char **msg)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2006-10-23 05:48:42 +02:00
|
|
|
char d[DIGEST_LEN];
|
2004-05-18 19:41:40 +02:00
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
if (crypto_pk_get_digest(router->identity_pkey, d)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"Error computing fingerprint");
|
2006-12-04 19:54:01 +01:00
|
|
|
if (msg)
|
|
|
|
|
*msg = "Bug: Error computing fingerprint";
|
2006-10-09 04:35:51 +02:00
|
|
|
return FP_REJECT;
|
2005-09-15 16:39:05 +02:00
|
|
|
}
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
return dirserv_get_status_impl(d, router->nickname,
|
2005-12-06 07:55:43 +01:00
|
|
|
router->address,
|
|
|
|
|
router->addr, router->or_port,
|
|
|
|
|
router->platform, router->contact_info,
|
|
|
|
|
msg, 1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Return true if there is no point in downloading the router described by
|
|
|
|
|
* <b>rs</b> because this directory would reject it. */
|
|
|
|
|
int
|
|
|
|
|
dirserv_would_reject_router(routerstatus_t *rs)
|
|
|
|
|
{
|
2006-10-23 05:48:42 +02:00
|
|
|
uint32_t res;
|
2005-12-06 07:55:43 +01:00
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
res = dirserv_get_status_impl(rs->identity_digest, rs->nickname,
|
2005-12-06 07:55:43 +01:00
|
|
|
"", /* address is only used in logs */
|
|
|
|
|
rs->addr, rs->or_port,
|
|
|
|
|
NULL, NULL,
|
|
|
|
|
NULL, 0);
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
return (res & FP_REJECT) != 0;
|
2005-12-06 07:55:43 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Helper: As dirserv_get_router_status, but takes the router fingerprint
|
|
|
|
|
* (hex, no spaces), nickname, address (used for logging only), IP address, OR
|
|
|
|
|
* port, platform (logging only) and contact info (logging only) as arguments.
|
|
|
|
|
*
|
|
|
|
|
* If should_log is false, do not log messages. (There's not much point in
|
|
|
|
|
* logging that we're rejecting servers we'll not download.)
|
|
|
|
|
*/
|
2006-10-23 05:48:42 +02:00
|
|
|
static uint32_t
|
|
|
|
|
dirserv_get_status_impl(const char *id_digest, const char *nickname,
|
2005-12-06 07:55:43 +01:00
|
|
|
const char *address,
|
|
|
|
|
uint32_t addr, uint16_t or_port,
|
|
|
|
|
const char *platform, const char *contact,
|
|
|
|
|
const char **msg, int should_log)
|
|
|
|
|
{
|
2006-10-23 05:48:42 +02:00
|
|
|
char fp[HEX_DIGEST_LEN+1];
|
2005-12-15 22:39:38 +01:00
|
|
|
int reject_unlisted = get_options()->AuthDirRejectUnlisted;
|
2006-10-23 05:48:42 +02:00
|
|
|
uint32_t result = 0;
|
|
|
|
|
router_status_t *status_by_digest;
|
|
|
|
|
char *fp_by_name;
|
2005-12-06 07:55:43 +01:00
|
|
|
if (!fingerprint_list)
|
2006-10-23 05:48:42 +02:00
|
|
|
fingerprint_list = authdir_config_new();
|
|
|
|
|
|
|
|
|
|
base16_encode(fp, sizeof(fp), id_digest, DIGEST_LEN);
|
2005-12-06 07:55:43 +01:00
|
|
|
|
|
|
|
|
if (should_log)
|
2006-10-24 23:38:31 +02:00
|
|
|
log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.",
|
|
|
|
|
strmap_size(fingerprint_list->fp_by_name),
|
2006-10-23 05:48:42 +02:00
|
|
|
digestmap_size(fingerprint_list->status_by_digest));
|
2005-09-15 02:51:42 +02:00
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
if ((fp_by_name =
|
|
|
|
|
strmap_get_lc(fingerprint_list->fp_by_name, nickname))) {
|
|
|
|
|
if (!strcasecmp(fp, fp_by_name)) {
|
|
|
|
|
result |= FP_NAMED;
|
|
|
|
|
if (should_log)
|
|
|
|
|
log_debug(LD_DIRSERV,"Good fingerprint for '%s'",nickname);
|
|
|
|
|
} else {
|
|
|
|
|
if (should_log) {
|
|
|
|
|
char *esc_contact = esc_for_log(contact);
|
|
|
|
|
log_warn(LD_DIRSERV,
|
|
|
|
|
"Mismatched fingerprint for '%s': expected '%s' got '%s'. "
|
|
|
|
|
"ContactInfo '%s', platform '%s'.)",
|
|
|
|
|
nickname, fp_by_name, fp,
|
|
|
|
|
esc_contact,
|
|
|
|
|
platform ? escaped(platform) : "");
|
|
|
|
|
tor_free(esc_contact);
|
|
|
|
|
}
|
2005-09-15 16:39:05 +02:00
|
|
|
if (msg)
|
2006-10-23 05:48:42 +02:00
|
|
|
*msg = "Rejected: There is already a named server with this nickname "
|
|
|
|
|
"and a different fingerprint.";
|
|
|
|
|
return FP_REJECT; /* Wrong fingerprint. */
|
2005-09-15 16:39:05 +02:00
|
|
|
}
|
|
|
|
|
}
|
2006-10-23 05:48:42 +02:00
|
|
|
status_by_digest = digestmap_get(fingerprint_list->status_by_digest,
|
|
|
|
|
id_digest);
|
2006-10-24 22:51:28 +02:00
|
|
|
if (status_by_digest)
|
|
|
|
|
result |= (status_by_digest->status & ~FP_NAMED);
|
2006-10-23 05:48:42 +02:00
|
|
|
|
|
|
|
|
if (result & FP_REJECT) {
|
|
|
|
|
if (msg)
|
|
|
|
|
*msg = "Fingerprint is marked rejected";
|
|
|
|
|
return FP_REJECT;
|
|
|
|
|
} else if (result & FP_INVALID) {
|
|
|
|
|
if (msg)
|
|
|
|
|
*msg = "Fingerprint is marked invalid";
|
|
|
|
|
}
|
2005-09-15 16:39:05 +02:00
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
if (authdir_policy_badexit_address(addr, or_port)) {
|
|
|
|
|
if (should_log)
|
|
|
|
|
log_info(LD_DIRSERV, "Marking '%s' as bad exit because of address '%s'",
|
|
|
|
|
nickname, address);
|
|
|
|
|
result |= FP_BADEXIT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(result & FP_NAMED)) {
|
2006-03-27 04:25:34 +02:00
|
|
|
if (!authdir_policy_permits_address(addr, or_port)) {
|
2005-12-06 07:55:43 +01:00
|
|
|
if (should_log)
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "Rejecting '%s' because of address '%s'",
|
|
|
|
|
nickname, address);
|
2005-09-15 16:39:05 +02:00
|
|
|
if (msg)
|
|
|
|
|
*msg = "Authdir is rejecting routers in this range.";
|
|
|
|
|
return FP_REJECT;
|
|
|
|
|
}
|
2006-03-27 04:25:34 +02:00
|
|
|
if (!authdir_policy_valid_address(addr, or_port)) {
|
2005-12-06 07:55:43 +01:00
|
|
|
if (should_log)
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "Not marking '%s' valid because of address '%s'",
|
|
|
|
|
nickname, address);
|
2006-10-23 05:48:42 +02:00
|
|
|
result |= FP_INVALID;
|
2005-09-15 16:39:05 +02:00
|
|
|
}
|
2006-12-04 19:54:01 +01:00
|
|
|
if (reject_unlisted) {
|
|
|
|
|
if (msg)
|
|
|
|
|
*msg = "Authdir rejects unknown routers.";
|
2006-10-23 05:48:42 +02:00
|
|
|
return FP_REJECT;
|
2006-12-04 19:54:01 +01:00
|
|
|
}
|
2006-10-23 05:48:42 +02:00
|
|
|
/* 0.1.0.2-rc was the first version that did enough self-testing that
|
2006-10-29 08:41:25 +01:00
|
|
|
* we're willing to take its word about whether it's running. */
|
2006-10-24 23:51:06 +02:00
|
|
|
if (platform && !tor_version_as_new_as(platform,"0.1.0.2-rc"))
|
2006-10-23 05:48:42 +02:00
|
|
|
result |= FP_INVALID;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2006-10-23 05:48:42 +02:00
|
|
|
|
|
|
|
|
return result;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
2004-09-29 01:27:41 +02:00
|
|
|
/** If we are an authoritative dirserver, and the list of approved
|
2004-09-29 00:24:56 +02:00
|
|
|
* servers contains one whose identity key digest is <b>digest</b>,
|
|
|
|
|
* return that router's nickname. Otherwise return NULL. */
|
2005-06-11 20:52:12 +02:00
|
|
|
const char *
|
|
|
|
|
dirserv_get_nickname_by_digest(const char *digest)
|
2004-05-05 06:55:00 +02:00
|
|
|
{
|
2006-10-23 05:48:42 +02:00
|
|
|
router_status_t *status;
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!fingerprint_list)
|
2004-09-29 00:24:56 +02:00
|
|
|
return NULL;
|
|
|
|
|
tor_assert(digest);
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
status = digestmap_get(fingerprint_list->status_by_digest, digest);
|
|
|
|
|
return status ? status->nickname : NULL;
|
2004-09-29 00:24:56 +02:00
|
|
|
}
|
|
|
|
|
|
2004-05-09 18:47:25 +02:00
|
|
|
/** Clear the current fingerprint list. */
|
2003-12-17 22:09:31 +01:00
|
|
|
void
|
2005-09-30 00:59:17 +02:00
|
|
|
dirserv_free_fingerprint_list(void)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2004-05-18 19:41:40 +02:00
|
|
|
if (!fingerprint_list)
|
|
|
|
|
return;
|
|
|
|
|
|
2006-10-23 05:48:42 +02:00
|
|
|
strmap_free(fingerprint_list->fp_by_name, _tor_free);
|
|
|
|
|
digestmap_free(fingerprint_list->status_by_digest, _tor_free);
|
|
|
|
|
tor_free(fingerprint_list);
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Descriptor list
|
|
|
|
|
*/
|
2004-05-05 02:30:43 +02:00
|
|
|
|
2005-01-06 22:03:27 +01:00
|
|
|
/** Return -1 if <b>ri</b> has a private or otherwise bad address,
|
|
|
|
|
* unless we're configured to not care. Return 0 if all ok. */
|
|
|
|
|
static int
|
|
|
|
|
dirserv_router_has_valid_address(routerinfo_t *ri)
|
|
|
|
|
{
|
|
|
|
|
struct in_addr iaddr;
|
|
|
|
|
if (get_options()->DirAllowPrivateAddresses)
|
|
|
|
|
return 0; /* whatever it is, we're fine with it */
|
|
|
|
|
if (!tor_inet_aton(ri->address, &iaddr)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV,"Router '%s' published non-IP address '%s'. Refusing.",
|
|
|
|
|
ri->nickname, ri->address);
|
2005-01-06 22:03:27 +01:00
|
|
|
return -1;
|
|
|
|
|
}
|
2005-12-09 03:46:46 +01:00
|
|
|
if (is_internal_IP(ntohl(iaddr.s_addr), 0)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
|
"Router '%s' published internal IP address '%s'. Refusing.",
|
|
|
|
|
ri->nickname, ri->address);
|
2005-01-06 22:03:27 +01:00
|
|
|
return -1; /* it's a private IP, we should reject it */
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2005-09-15 02:51:42 +02:00
|
|
|
/** Check whether we, as a directory server, want to accept <b>ri</b>. If so,
|
2006-01-03 11:42:20 +01:00
|
|
|
* set its is_valid,named,running fields and return 0. Otherwise, return -1.
|
2005-09-15 07:19:38 +02:00
|
|
|
*
|
2005-09-21 23:10:36 +02:00
|
|
|
* If the router is rejected, set *<b>msg</b> to an explanation of why.
|
2006-01-03 11:42:20 +01:00
|
|
|
*
|
|
|
|
|
* If <b>complain</b> then explain at log-level 'notice' why we refused
|
|
|
|
|
* a descriptor; else explain at log-level 'info'.
|
2005-09-15 02:51:42 +02:00
|
|
|
*/
|
2003-09-27 23:30:10 +02:00
|
|
|
int
|
2006-01-03 11:42:20 +01:00
|
|
|
authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
|
|
|
|
|
int complain)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
|
|
|
|
/* Okay. Now check whether the fingerprint is recognized. */
|
2006-10-23 05:48:42 +02:00
|
|
|
uint32_t status = dirserv_router_get_status(ri, msg);
|
2005-08-26 22:59:04 +02:00
|
|
|
time_t now;
|
2006-01-03 11:42:20 +01:00
|
|
|
int severity = complain ? LOG_NOTICE : LOG_INFO;
|
2005-09-23 19:11:20 +02:00
|
|
|
tor_assert(msg);
|
2006-10-23 05:48:42 +02:00
|
|
|
if (status & FP_REJECT)
|
2005-09-15 02:51:42 +02:00
|
|
|
return -1; /* msg is already set. */
|
|
|
|
|
|
2003-10-22 18:41:35 +02:00
|
|
|
/* Is there too much clock skew? */
|
2004-03-29 21:28:16 +02:00
|
|
|
now = time(NULL);
|
2005-11-05 21:15:27 +01:00
|
|
|
if (ri->cache_info.published_on > now+ROUTER_ALLOW_SKEW) {
|
2006-01-03 11:42:20 +01:00
|
|
|
log_fn(severity, LD_DIRSERV, "Publication time for nickname '%s' is too "
|
|
|
|
|
"far (%d minutes) in the future; possible clock skew. Not adding "
|
2006-03-11 03:21:30 +01:00
|
|
|
"(%s)",
|
2005-11-05 21:15:27 +01:00
|
|
|
ri->nickname, (int)((ri->cache_info.published_on-now)/60),
|
2006-03-11 03:21:30 +01:00
|
|
|
esc_router_info(ri));
|
2005-12-14 21:40:40 +01:00
|
|
|
*msg = "Rejected: Your clock is set too far in the future, or your "
|
|
|
|
|
"timezone is not correct.";
|
2005-01-20 21:18:32 +01:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2006-03-08 07:29:52 +01:00
|
|
|
if (ri->cache_info.published_on < now-ROUTER_MAX_AGE_TO_PUBLISH) {
|
2006-01-03 11:42:20 +01:00
|
|
|
log_fn(severity, LD_DIRSERV,
|
2005-12-10 09:27:01 +01:00
|
|
|
"Publication time for router with nickname '%s' is too far "
|
2006-03-11 03:21:30 +01:00
|
|
|
"(%d minutes) in the past. Not adding (%s)",
|
2005-11-05 21:15:27 +01:00
|
|
|
ri->nickname, (int)((now-ri->cache_info.published_on)/60),
|
2006-03-11 03:21:30 +01:00
|
|
|
esc_router_info(ri));
|
2005-12-14 21:40:40 +01:00
|
|
|
*msg = "Rejected: Server is expired, or your clock is too far in the past,"
|
|
|
|
|
" or your timezone is not correct.";
|
2005-01-20 21:18:32 +01:00
|
|
|
return -1;
|
2004-03-29 21:28:16 +02:00
|
|
|
}
|
2005-01-06 22:03:27 +01:00
|
|
|
if (dirserv_router_has_valid_address(ri) < 0) {
|
2006-01-03 11:42:20 +01:00
|
|
|
log_fn(severity, LD_DIRSERV,
|
|
|
|
|
"Router with nickname '%s' has invalid address '%s'. "
|
2006-03-11 03:21:30 +01:00
|
|
|
"Not adding (%s).",
|
2005-05-03 00:06:04 +02:00
|
|
|
ri->nickname, ri->address,
|
2006-03-11 03:21:30 +01:00
|
|
|
esc_router_info(ri));
|
2005-01-20 21:18:32 +01:00
|
|
|
*msg = "Rejected: Address is not an IP, or IP is a private address.";
|
|
|
|
|
return -1;
|
2005-01-06 22:03:27 +01:00
|
|
|
}
|
2005-09-15 02:51:42 +02:00
|
|
|
/* Okay, looks like we're willing to accept this one. */
|
2006-10-23 05:48:42 +02:00
|
|
|
ri->is_named = (status & FP_NAMED) ? 1 : 0;
|
|
|
|
|
ri->is_valid = (status & FP_INVALID) ? 0 : 1;
|
|
|
|
|
ri->is_bad_exit = (status & FP_BADEXIT) ? 1 : 0;
|
2005-09-15 02:51:42 +02:00
|
|
|
|
2005-08-26 22:59:04 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-04-30 21:48:33 +02:00
|
|
|
/** As for dirserv_add_descriptor, but accepts multiple documents, and
|
|
|
|
|
* returns the most severe error that occurred for any one of them. */
|
|
|
|
|
int
|
|
|
|
|
dirserv_add_multiple_descriptors(const char *desc, const char **msg)
|
|
|
|
|
{
|
|
|
|
|
int r=100; /* higher than any actual return value. */
|
|
|
|
|
int r_tmp;
|
|
|
|
|
const char *msg_out;
|
|
|
|
|
|
|
|
|
|
while (desc && *desc) {
|
|
|
|
|
const char *eos = strstr(desc, "\nrouter-signature");
|
|
|
|
|
const char *next = NULL;
|
|
|
|
|
if (eos) {
|
|
|
|
|
char *next_extra = strstr(eos, "\nextra-info");
|
|
|
|
|
char *next_routerinfo = strstr(eos, "\nrouter ");
|
|
|
|
|
if (next_extra)
|
|
|
|
|
next = next_extra;
|
|
|
|
|
if (!next || (next_routerinfo && next_routerinfo < next))
|
|
|
|
|
next = next_routerinfo;
|
|
|
|
|
}
|
|
|
|
|
if (next)
|
|
|
|
|
++next;
|
|
|
|
|
|
|
|
|
|
r_tmp = dirserv_add_descriptor(desc, next, &msg_out);
|
|
|
|
|
desc = next;
|
|
|
|
|
|
|
|
|
|
if (r_tmp < r) {
|
|
|
|
|
r = r_tmp;
|
|
|
|
|
*msg = msg_out;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return r <= 2 ? r : -2;
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-31 08:14:37 +02:00
|
|
|
/** Parse the server descriptor at <b>desc</b> and maybe insert it into
|
|
|
|
|
* the list of server descriptors. Set *<b>msg</b> to a message that
|
|
|
|
|
* should be passed back to the origin of this descriptor.
|
2005-08-26 22:59:04 +02:00
|
|
|
*
|
2005-08-31 08:14:37 +02:00
|
|
|
* Return 2 if descriptor is well-formed and accepted;
|
|
|
|
|
* 1 if well-formed and accepted but origin should hear *msg;
|
2005-08-26 23:55:38 +02:00
|
|
|
* 0 if well-formed but redundant with one we already have;
|
2005-08-26 22:59:04 +02:00
|
|
|
* -1 if it looks vaguely like a router descriptor but rejected;
|
2005-08-31 08:14:37 +02:00
|
|
|
* -2 if we can't find a router descriptor in <b>desc</b>.
|
2005-08-26 22:59:04 +02:00
|
|
|
*/
|
|
|
|
|
int
|
2007-04-30 21:48:33 +02:00
|
|
|
dirserv_add_descriptor(const char *desc, const char *end, const char **msg)
|
2005-08-26 22:59:04 +02:00
|
|
|
{
|
2005-08-26 23:46:24 +02:00
|
|
|
int r;
|
2005-10-12 20:25:25 +02:00
|
|
|
routerinfo_t *ri = NULL, *ri_old = NULL;
|
2007-04-16 20:39:39 +02:00
|
|
|
extrainfo_t *ei = NULL;
|
2005-08-26 22:59:04 +02:00
|
|
|
tor_assert(msg);
|
|
|
|
|
*msg = NULL;
|
2007-04-16 20:39:39 +02:00
|
|
|
desc = eat_whitespace(desc);
|
|
|
|
|
|
|
|
|
|
if (!strcmpstart(desc, "extra-info")) {
|
|
|
|
|
/* It's an extra-info thingie. */
|
|
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2007-04-30 21:48:33 +02:00
|
|
|
ei = extrainfo_parse_entry_from_string(desc, end, 1, rl->identity_map);
|
2007-04-16 20:39:39 +02:00
|
|
|
if (!ei) {
|
|
|
|
|
log_warn(LD_DIRSERV, "Couldn't parse uploaded extra-info descriptor");
|
|
|
|
|
*msg = "Rejected: couldn't parse extra-info descriptor";
|
|
|
|
|
return -2;
|
|
|
|
|
}
|
|
|
|
|
ri = router_get_by_digest(ei->cache_info.identity_digest);
|
|
|
|
|
if (!ri) {
|
|
|
|
|
*msg = "No corresponding router descriptor for extra-info descriptor";
|
|
|
|
|
extrainfo_free(ei);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (routerinfo_incompatible_with_extrainfo(ri, ei)) {
|
|
|
|
|
*msg = "Router descriptor incompatible with extra-info descriptor";
|
|
|
|
|
extrainfo_free(ei);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2007-04-16 23:37:21 +02:00
|
|
|
router_add_extrainfo_to_routerlist(ei, msg, 0, 0);
|
2007-04-16 20:39:39 +02:00
|
|
|
return 2;
|
|
|
|
|
}
|
2005-08-26 22:59:04 +02:00
|
|
|
|
|
|
|
|
/* Check: is the descriptor syntactically valid? */
|
2007-04-30 21:48:33 +02:00
|
|
|
ri = router_parse_entry_from_string(desc, end, 1);
|
2005-08-26 22:59:04 +02:00
|
|
|
if (!ri) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_DIRSERV, "Couldn't parse uploaded server descriptor");
|
2005-08-26 22:59:04 +02:00
|
|
|
*msg = "Rejected: Couldn't parse server descriptor.";
|
2005-08-31 08:14:37 +02:00
|
|
|
return -2;
|
2005-08-26 22:59:04 +02:00
|
|
|
}
|
2005-10-12 20:25:25 +02:00
|
|
|
/* Check whether this descriptor is semantically identical to the last one
|
|
|
|
|
* from this server. (We do this here and not in router_add_to_routerlist
|
|
|
|
|
* because we want to be able to accept the newest router descriptor that
|
|
|
|
|
* another authority has, so we all converge on the same one.) */
|
2005-11-05 21:15:27 +01:00
|
|
|
ri_old = router_get_by_digest(ri->cache_info.identity_digest);
|
|
|
|
|
if (ri_old && ri_old->cache_info.published_on < ri->cache_info.published_on
|
2006-01-08 22:33:15 +01:00
|
|
|
&& router_differences_are_cosmetic(ri_old, ri)
|
|
|
|
|
&& !router_is_me(ri)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
|
"Not replacing descriptor from '%s'; differences are cosmetic.",
|
|
|
|
|
ri->nickname);
|
2005-12-14 21:40:40 +01:00
|
|
|
*msg = "Not replacing router descriptor; no information has changed since "
|
|
|
|
|
"the last one with this identity.";
|
2005-10-28 21:10:53 +02:00
|
|
|
routerinfo_free(ri);
|
2005-11-19 19:35:43 +01:00
|
|
|
control_event_or_authdir_new_descriptor("DROPPED", desc, *msg);
|
2005-10-12 20:25:25 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
2006-01-04 05:42:10 +01:00
|
|
|
if ((r = router_add_to_routerlist(ri, msg, 0, 0))<0) {
|
2005-11-19 19:35:43 +01:00
|
|
|
if (r < -1) /* unless the routerinfo was fine, just out-of-date */
|
|
|
|
|
control_event_or_authdir_new_descriptor("REJECTED", desc, *msg);
|
2005-08-26 23:46:24 +02:00
|
|
|
return r == -1 ? 0 : -1;
|
2005-08-26 22:59:04 +02:00
|
|
|
} else {
|
2005-11-20 17:53:49 +01:00
|
|
|
smartlist_t *changed;
|
2005-11-19 19:35:43 +01:00
|
|
|
control_event_or_authdir_new_descriptor("ACCEPTED", desc, *msg);
|
|
|
|
|
|
2005-11-20 17:53:49 +01:00
|
|
|
changed = smartlist_create();
|
2005-08-26 23:02:18 +02:00
|
|
|
smartlist_add(changed, ri);
|
|
|
|
|
control_event_descriptors_changed(changed);
|
|
|
|
|
smartlist_free(changed);
|
2005-08-26 23:46:24 +02:00
|
|
|
if (!*msg) {
|
2006-03-19 02:21:59 +01:00
|
|
|
*msg = ri->is_valid ? "Descriptor for valid server accepted" :
|
|
|
|
|
"Descriptor for invalid server accepted";
|
2005-08-26 23:46:24 +02:00
|
|
|
}
|
2005-08-31 08:14:37 +02:00
|
|
|
return r == 0 ? 2 : 1;
|
2005-08-26 22:59:04 +02:00
|
|
|
}
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
2005-06-21 03:00:42 +02:00
|
|
|
/** Remove all descriptors whose nicknames or fingerprints no longer
|
|
|
|
|
* are allowed by our fingerprint list. (Descriptors that used to be
|
|
|
|
|
* good can become bad when we reload the fingerprint list.)
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2004-04-13 22:06:08 +02:00
|
|
|
static void
|
2005-06-21 03:00:42 +02:00
|
|
|
directory_remove_invalid(void)
|
2004-04-13 22:06:08 +02:00
|
|
|
{
|
|
|
|
|
int i;
|
2005-08-26 22:59:04 +02:00
|
|
|
int changed = 0;
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2004-05-18 19:41:40 +02:00
|
|
|
|
2007-04-30 07:32:57 +02:00
|
|
|
routerlist_assert_ok(rl);
|
|
|
|
|
|
2005-10-18 19:43:54 +02:00
|
|
|
for (i = 0; i < smartlist_len(rl->routers); ++i) {
|
2005-09-15 02:51:42 +02:00
|
|
|
const char *msg;
|
2005-10-18 19:43:54 +02:00
|
|
|
routerinfo_t *ent = smartlist_get(rl->routers, i);
|
2006-10-23 05:48:42 +02:00
|
|
|
uint32_t r = dirserv_router_get_status(ent, &msg);
|
|
|
|
|
if (r & FP_REJECT) {
|
|
|
|
|
log_info(LD_DIRSERV, "Router '%s' is now rejected: %s",
|
|
|
|
|
ent->nickname, msg?msg:"");
|
|
|
|
|
routerlist_remove(rl, ent, i--, 0);
|
|
|
|
|
changed = 1;
|
2007-04-30 07:32:57 +02:00
|
|
|
continue;
|
2006-10-23 05:48:42 +02:00
|
|
|
}
|
2006-10-24 23:41:48 +02:00
|
|
|
if (bool_neq((r & FP_NAMED), ent->is_named)) {
|
2006-10-23 05:48:42 +02:00
|
|
|
log_info(LD_DIRSERV,
|
|
|
|
|
"Router '%s' is now %snamed.", ent->nickname,
|
|
|
|
|
(r&FP_NAMED)?"":"un");
|
|
|
|
|
ent->is_named = (r&FP_NAMED)?1:0;
|
|
|
|
|
changed = 1;
|
|
|
|
|
}
|
2006-10-24 23:41:48 +02:00
|
|
|
if (bool_neq((r & FP_INVALID), !ent->is_valid)) {
|
2006-10-23 05:48:42 +02:00
|
|
|
log_info(LD_DIRSERV, "Router '%s' is now %svalid.", ent->nickname,
|
|
|
|
|
(r&FP_INVALID) ? "in" : "");
|
|
|
|
|
ent->is_valid = (r&FP_INVALID)?0:1;
|
|
|
|
|
changed = 1;
|
|
|
|
|
}
|
2006-10-24 23:41:48 +02:00
|
|
|
if (bool_neq((r & FP_BADEXIT), ent->is_bad_exit)) {
|
2006-10-23 05:48:42 +02:00
|
|
|
log_info(LD_DIRSERV, "Router '%s' is now a %s exit", ent->nickname,
|
|
|
|
|
(r & FP_BADEXIT) ? "bad" : "good");
|
|
|
|
|
ent->is_bad_exit = (r&FP_BADEXIT) ? 1: 0;
|
|
|
|
|
changed = 1;
|
2004-04-13 22:06:08 +02:00
|
|
|
}
|
|
|
|
|
}
|
2005-08-26 22:59:04 +02:00
|
|
|
if (changed)
|
|
|
|
|
directory_set_dirty();
|
2007-04-30 07:32:57 +02:00
|
|
|
|
|
|
|
|
routerlist_assert_ok(rl);
|
2004-04-13 22:06:08 +02:00
|
|
|
}
|
|
|
|
|
|
2005-08-13 03:55:23 +02:00
|
|
|
/** Write a list of unregistered descriptors into a newly allocated
|
|
|
|
|
* string and return it. Used by dirserv operators to keep track of
|
|
|
|
|
* fast nodes that haven't registered.
|
|
|
|
|
*/
|
2006-12-08 05:39:13 +01:00
|
|
|
int
|
|
|
|
|
getinfo_helper_dirserv_unregistered(control_connection_t *control_conn,
|
|
|
|
|
const char *question, char **answer_out)
|
2005-08-13 03:55:23 +02:00
|
|
|
{
|
|
|
|
|
smartlist_t *answerlist;
|
|
|
|
|
char buf[1024];
|
|
|
|
|
char *answer;
|
2005-08-13 04:20:00 +02:00
|
|
|
int min_bw = atoi(question);
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2005-08-13 03:55:23 +02:00
|
|
|
|
2006-12-08 05:39:13 +01:00
|
|
|
(void) control_conn;
|
|
|
|
|
|
|
|
|
|
if (strcmpstart(question, "unregistered-servers-"))
|
|
|
|
|
return 0;
|
|
|
|
|
question += strlen("unregistered-servers-");
|
|
|
|
|
|
2005-08-13 03:55:23 +02:00
|
|
|
answerlist = smartlist_create();
|
2005-10-18 19:43:54 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ent, {
|
2006-10-23 05:48:42 +02:00
|
|
|
uint32_t r = dirserv_router_get_status(ent, NULL);
|
2006-03-28 14:01:58 +02:00
|
|
|
if (router_get_advertised_bandwidth(ent) >= (size_t)min_bw &&
|
2006-10-23 05:48:42 +02:00
|
|
|
!(r & FP_NAMED)) {
|
2005-08-13 03:55:23 +02:00
|
|
|
/* then log this one */
|
|
|
|
|
tor_snprintf(buf, sizeof(buf),
|
|
|
|
|
"%s: BW %d on '%s'.",
|
2006-03-28 14:01:58 +02:00
|
|
|
ent->nickname, router_get_advertised_bandwidth(ent),
|
2005-08-13 03:55:23 +02:00
|
|
|
ent->platform ? ent->platform : "");
|
|
|
|
|
smartlist_add(answerlist, tor_strdup(buf));
|
|
|
|
|
}
|
2005-10-18 19:43:54 +02:00
|
|
|
});
|
2005-08-13 03:55:23 +02:00
|
|
|
answer = smartlist_join_strings(answerlist, "\r\n", 0, NULL);
|
|
|
|
|
SMARTLIST_FOREACH(answerlist, char *, cp, tor_free(cp));
|
|
|
|
|
smartlist_free(answerlist);
|
2006-12-08 05:39:13 +01:00
|
|
|
*answer_out = answer;
|
|
|
|
|
return 0;
|
2005-08-13 03:55:23 +02:00
|
|
|
}
|
|
|
|
|
|
2004-05-10 06:34:48 +02:00
|
|
|
/** Mark the directory as <b>dirty</b> -- when we're next asked for a
|
2004-05-05 02:30:43 +02:00
|
|
|
* directory, we will rebuild it instead of reusing the most recently
|
|
|
|
|
* generated one.
|
|
|
|
|
*/
|
2003-12-17 22:09:31 +01:00
|
|
|
void
|
2005-09-30 00:59:17 +02:00
|
|
|
directory_set_dirty(void)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2004-09-23 21:58:44 +02:00
|
|
|
time_t now = time(NULL);
|
|
|
|
|
|
2004-11-28 10:05:49 +01:00
|
|
|
if (!the_directory_is_dirty)
|
2004-09-23 21:58:44 +02:00
|
|
|
the_directory_is_dirty = now;
|
2004-11-28 10:05:49 +01:00
|
|
|
if (!runningrouters_is_dirty)
|
2004-09-23 21:58:44 +02:00
|
|
|
runningrouters_is_dirty = now;
|
2005-09-15 01:14:37 +02:00
|
|
|
if (!the_v2_networkstatus_is_dirty)
|
|
|
|
|
the_v2_networkstatus_is_dirty = now;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
2004-10-27 02:48:51 +02:00
|
|
|
/**
|
|
|
|
|
* Allocate and return a description of the status of the server <b>desc</b>,
|
2007-05-02 11:12:04 +02:00
|
|
|
* for use in a v1-style router-status line. The server is listed
|
2004-10-27 02:48:51 +02:00
|
|
|
* as running iff <b>is_live</b> is true.
|
2004-05-05 02:30:43 +02:00
|
|
|
*/
|
2004-10-27 02:48:51 +02:00
|
|
|
static char *
|
2005-05-02 23:22:31 +02:00
|
|
|
list_single_server_status(routerinfo_t *desc, int is_live)
|
2003-10-01 02:43:34 +02:00
|
|
|
{
|
2004-10-27 02:48:51 +02:00
|
|
|
char buf[MAX_NICKNAME_LEN+HEX_DIGEST_LEN+4]; /* !nickname=$hexdigest\0 */
|
2003-10-01 02:43:34 +02:00
|
|
|
char *cp;
|
2004-07-13 20:23:40 +02:00
|
|
|
|
2004-10-27 02:48:51 +02:00
|
|
|
tor_assert(desc);
|
|
|
|
|
|
|
|
|
|
cp = buf;
|
|
|
|
|
if (!is_live) {
|
|
|
|
|
*cp++ = '!';
|
|
|
|
|
}
|
2006-03-19 02:21:59 +01:00
|
|
|
if (desc->is_valid) {
|
2004-10-27 08:48:16 +02:00
|
|
|
strlcpy(cp, desc->nickname, sizeof(buf)-(cp-buf));
|
2004-10-27 02:48:51 +02:00
|
|
|
cp += strlen(cp);
|
2005-05-02 23:22:31 +02:00
|
|
|
*cp++ = '=';
|
2004-10-27 02:48:51 +02:00
|
|
|
}
|
2005-05-02 23:22:31 +02:00
|
|
|
*cp++ = '$';
|
2005-11-05 21:15:27 +01:00
|
|
|
base16_encode(cp, HEX_DIGEST_LEN+1, desc->cache_info.identity_digest,
|
2005-05-02 23:22:31 +02:00
|
|
|
DIGEST_LEN);
|
2004-10-27 02:48:51 +02:00
|
|
|
return tor_strdup(buf);
|
|
|
|
|
}
|
|
|
|
|
|
2006-03-12 22:24:03 +01:00
|
|
|
/** Each server needs to have passed a reachability test no more
|
|
|
|
|
* than this number of seconds ago, or he is listed as down in
|
|
|
|
|
* the directory. */
|
2006-05-28 18:14:26 +02:00
|
|
|
#define REACHABLE_TIMEOUT (45*60)
|
2005-08-24 04:31:02 +02:00
|
|
|
|
2005-08-30 08:43:07 +02:00
|
|
|
/** Treat a router as alive if
|
|
|
|
|
* - It's me, and I'm not hibernating.
|
2006-03-12 21:57:52 +01:00
|
|
|
* or - We've found it reachable recently. */
|
2005-08-30 08:43:07 +02:00
|
|
|
static int
|
|
|
|
|
dirserv_thinks_router_is_reachable(routerinfo_t *router, time_t now)
|
|
|
|
|
{
|
|
|
|
|
if (router_is_me(router) && !we_are_hibernating())
|
|
|
|
|
return 1;
|
2006-03-12 21:57:52 +01:00
|
|
|
return get_options()->AssumeReachable ||
|
|
|
|
|
now < router->last_reachable + REACHABLE_TIMEOUT;
|
2005-08-30 08:43:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Return 1 if we're confident that there's a problem with
|
|
|
|
|
* <b>router</b>'s reachability and its operator should be notified.
|
|
|
|
|
*/
|
2005-08-31 08:14:37 +02:00
|
|
|
int
|
2005-12-14 21:40:40 +01:00
|
|
|
dirserv_thinks_router_is_blatantly_unreachable(routerinfo_t *router,
|
|
|
|
|
time_t now)
|
2005-08-30 08:43:07 +02:00
|
|
|
{
|
2005-08-30 08:48:24 +02:00
|
|
|
if (router->is_hibernating)
|
|
|
|
|
return 0;
|
2007-01-04 00:58:03 +01:00
|
|
|
if (now >= router->last_reachable + 5*REACHABLE_TIMEOUT &&
|
2005-08-30 08:43:07 +02:00
|
|
|
router->testing_since &&
|
2007-01-04 00:58:03 +01:00
|
|
|
now >= router->testing_since + 5*REACHABLE_TIMEOUT)
|
2005-08-30 08:43:07 +02:00
|
|
|
return 1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-23 20:15:10 +01:00
|
|
|
/** Based on the routerinfo_ts in <b>routers</b>, allocate the
|
2007-05-02 11:12:04 +02:00
|
|
|
* contents of a v1-style router-status line, and store it in
|
2005-05-02 23:22:31 +02:00
|
|
|
* *<b>router_status_out</b>. Return 0 on success, -1 on failure.
|
2006-10-27 04:07:04 +02:00
|
|
|
*
|
|
|
|
|
* If for_controller is true, include the routers with very old descriptors.
|
|
|
|
|
* If for_controller is >1, use the verbose nickname format.
|
2004-10-27 02:48:51 +02:00
|
|
|
*/
|
2005-03-22 04:27:51 +01:00
|
|
|
int
|
2006-10-27 04:07:04 +02:00
|
|
|
list_server_status(smartlist_t *routers, char **router_status_out,
|
|
|
|
|
int for_controller)
|
2004-10-27 02:48:51 +02:00
|
|
|
{
|
|
|
|
|
/* List of entries in a router-status style: An optional !, then an optional
|
|
|
|
|
* equals-suffixed nickname, then a dollar-prefixed hexdigest. */
|
|
|
|
|
smartlist_t *rs_entries;
|
2005-08-24 04:31:02 +02:00
|
|
|
time_t now = time(NULL);
|
2006-03-08 07:29:52 +01:00
|
|
|
time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
2007-05-02 11:12:04 +02:00
|
|
|
or_options_t *options = get_options();
|
|
|
|
|
/* We include v2 dir auths here too, because they need to answer
|
|
|
|
|
* controllers. Eventually we'll deprecate this whole function. */
|
|
|
|
|
int authdir = authdir_mode_handles_descs(options);
|
2005-05-02 23:22:31 +02:00
|
|
|
tor_assert(router_status_out);
|
2004-10-27 02:48:51 +02:00
|
|
|
|
|
|
|
|
rs_entries = smartlist_create();
|
|
|
|
|
|
2005-03-23 20:15:10 +01:00
|
|
|
SMARTLIST_FOREACH(routers, routerinfo_t *, ri,
|
2004-10-27 02:48:51 +02:00
|
|
|
{
|
2007-05-02 11:12:04 +02:00
|
|
|
if (authdir) {
|
2005-08-29 20:42:36 +02:00
|
|
|
/* Update router status in routerinfo_t. */
|
2005-08-30 08:43:07 +02:00
|
|
|
ri->is_running = dirserv_thinks_router_is_reachable(ri, now);
|
2005-03-23 20:15:10 +01:00
|
|
|
}
|
2006-10-27 04:07:04 +02:00
|
|
|
if (for_controller == 1 || ri->cache_info.published_on >= cutoff)
|
2006-02-05 03:33:40 +01:00
|
|
|
smartlist_add(rs_entries, list_single_server_status(ri, ri->is_running));
|
2006-10-27 04:07:04 +02:00
|
|
|
else if (for_controller > 2) {
|
|
|
|
|
char name_buf[MAX_VERBOSE_NICKNAME_LEN+2];
|
|
|
|
|
char *cp = name_buf;
|
|
|
|
|
if (!ri->is_running)
|
|
|
|
|
*cp++ = '!';
|
|
|
|
|
router_get_verbose_nickname(cp, ri);
|
|
|
|
|
smartlist_add(rs_entries, tor_strdup(name_buf));
|
|
|
|
|
}
|
2004-10-27 02:48:51 +02:00
|
|
|
});
|
|
|
|
|
|
2005-08-30 08:43:07 +02:00
|
|
|
*router_status_out = smartlist_join_strings(rs_entries, " ", 0, NULL);
|
2004-10-27 02:48:51 +02:00
|
|
|
|
|
|
|
|
SMARTLIST_FOREACH(rs_entries, char *, cp, tor_free(cp));
|
|
|
|
|
smartlist_free(rs_entries);
|
|
|
|
|
|
2003-10-01 02:43:34 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-02 21:06:43 +01:00
|
|
|
/** Given a (possibly empty) list of config_line_t, each line of which contains
|
2005-08-26 17:34:53 +02:00
|
|
|
* a list of comma-separated version numbers surrounded by optional space,
|
|
|
|
|
* allocate and return a new string containing the version numbers, in order,
|
2005-09-15 08:15:31 +02:00
|
|
|
* separated by commas. Used to generate Recommended(Client|Server)?Versions
|
|
|
|
|
*/
|
2005-08-25 22:33:17 +02:00
|
|
|
static char *
|
|
|
|
|
format_versions_list(config_line_t *ln)
|
|
|
|
|
{
|
|
|
|
|
smartlist_t *versions;
|
|
|
|
|
char *result;
|
|
|
|
|
versions = smartlist_create();
|
|
|
|
|
for ( ; ln; ln = ln->next) {
|
|
|
|
|
smartlist_split_string(versions, ln->value, ",",
|
|
|
|
|
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
|
|
|
|
|
}
|
2006-04-03 08:23:24 +02:00
|
|
|
sort_version_list(versions, 1);
|
2005-08-25 22:33:17 +02:00
|
|
|
result = smartlist_join_strings(versions,",",0,NULL);
|
|
|
|
|
SMARTLIST_FOREACH(versions,char *,s,tor_free(s));
|
|
|
|
|
smartlist_free(versions);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-28 22:06:05 +01:00
|
|
|
/** Return 1 if <b>ri</b>'s descriptor is "active" -- running, valid,
|
|
|
|
|
* not hibernating, and not too old. Else return 0.
|
2006-03-29 10:56:39 +02:00
|
|
|
*/
|
|
|
|
|
static int
|
2007-02-28 22:06:05 +01:00
|
|
|
router_is_active(routerinfo_t *ri, time_t now)
|
2006-03-29 10:56:39 +02:00
|
|
|
{
|
|
|
|
|
time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
|
|
|
|
if (ri->cache_info.published_on < cutoff)
|
|
|
|
|
return 0;
|
2007-02-28 22:06:05 +01:00
|
|
|
if (!ri->is_running || !ri->is_valid || ri->is_hibernating)
|
2006-03-29 11:21:23 +02:00
|
|
|
return 0;
|
2006-03-29 10:56:39 +02:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Generate a new v1 directory and write it into a newly allocated string.
|
2004-12-24 03:17:32 +01:00
|
|
|
* Point *<b>dir_out</b> to the allocated string. Sign the
|
2004-05-10 06:34:48 +02:00
|
|
|
* directory with <b>private_key</b>. Return 0 on success, -1 on
|
2006-06-13 13:11:19 +02:00
|
|
|
* failure. If <b>complete</b> is set, give us all the descriptors;
|
|
|
|
|
* otherwise leave out non-running and non-valid ones.
|
2004-03-29 21:28:16 +02:00
|
|
|
*/
|
2003-09-27 23:30:10 +02:00
|
|
|
int
|
2004-12-24 03:17:32 +01:00
|
|
|
dirserv_dump_directory_to_string(char **dir_out,
|
2006-06-13 13:11:19 +02:00
|
|
|
crypto_pk_env_t *private_key, int complete)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2005-10-08 08:02:41 +02:00
|
|
|
char *cp;
|
2005-05-02 23:22:31 +02:00
|
|
|
char *router_status;
|
2004-10-07 23:10:40 +02:00
|
|
|
char *identity_pkey; /* Identity key, DER64-encoded. */
|
2004-10-15 07:09:48 +02:00
|
|
|
char *recommended_versions;
|
2005-08-25 22:33:17 +02:00
|
|
|
char digest[DIGEST_LEN];
|
|
|
|
|
char published[ISO_TIME_LEN+1];
|
2004-12-24 03:17:32 +01:00
|
|
|
char *buf = NULL;
|
|
|
|
|
size_t buf_len;
|
2005-05-02 23:22:31 +02:00
|
|
|
size_t identity_pkey_len;
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2006-03-22 22:32:42 +01:00
|
|
|
time_t now = time(NULL);
|
2004-12-24 03:17:32 +01:00
|
|
|
|
|
|
|
|
tor_assert(dir_out);
|
|
|
|
|
*dir_out = NULL;
|
2003-09-27 23:30:10 +02:00
|
|
|
|
2006-10-27 04:07:04 +02:00
|
|
|
if (list_server_status(rl->routers, &router_status, 0))
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
2004-10-07 05:11:42 +02:00
|
|
|
|
2005-05-02 23:22:31 +02:00
|
|
|
if (crypto_pk_write_public_key_to_string(private_key,&identity_pkey,
|
|
|
|
|
&identity_pkey_len)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"write identity_pkey to string failed!");
|
2004-10-06 15:31:48 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2004-10-15 07:09:48 +02:00
|
|
|
|
2005-12-14 21:40:40 +01:00
|
|
|
recommended_versions =
|
|
|
|
|
format_versions_list(get_options()->RecommendedVersions);
|
2004-11-09 21:04:00 +01:00
|
|
|
|
2006-03-22 22:32:42 +01:00
|
|
|
format_iso_time(published, now);
|
2004-12-24 03:17:32 +01:00
|
|
|
|
2005-05-02 23:22:31 +02:00
|
|
|
buf_len = 2048+strlen(recommended_versions)+
|
2004-12-24 03:17:32 +01:00
|
|
|
strlen(router_status);
|
2005-10-18 19:43:54 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
|
2007-02-28 22:06:05 +01:00
|
|
|
if (complete || router_is_active(ri, now))
|
2006-03-22 22:32:42 +01:00
|
|
|
buf_len += ri->cache_info.signed_descriptor_len+1);
|
2004-12-24 03:17:32 +01:00
|
|
|
buf = tor_malloc(buf_len);
|
|
|
|
|
/* We'll be comparing against buf_len throughout the rest of the
|
|
|
|
|
function, though strictly speaking we shouldn't be able to exceed
|
|
|
|
|
it. This is C, after all, so we may as well check for buffer
|
|
|
|
|
overruns.*/
|
|
|
|
|
|
|
|
|
|
tor_snprintf(buf, buf_len,
|
2005-12-10 10:36:26 +01:00
|
|
|
"signed-directory\n"
|
|
|
|
|
"published %s\n"
|
|
|
|
|
"recommended-software %s\n"
|
|
|
|
|
"router-status %s\n"
|
|
|
|
|
"dir-signing-key\n%s\n",
|
|
|
|
|
published, recommended_versions, router_status,
|
|
|
|
|
identity_pkey);
|
2004-06-25 02:29:31 +02:00
|
|
|
|
2005-02-01 00:47:25 +01:00
|
|
|
tor_free(recommended_versions);
|
2004-10-27 02:48:51 +02:00
|
|
|
tor_free(router_status);
|
2004-10-06 15:31:48 +02:00
|
|
|
tor_free(identity_pkey);
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2005-10-08 08:02:41 +02:00
|
|
|
cp = buf + strlen(buf);
|
2005-10-18 19:43:54 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
|
2005-10-08 08:02:41 +02:00
|
|
|
{
|
2005-11-05 21:15:27 +01:00
|
|
|
size_t len = ri->cache_info.signed_descriptor_len;
|
2006-01-12 19:04:17 +01:00
|
|
|
const char *body;
|
2007-02-28 22:06:05 +01:00
|
|
|
if (!complete && !router_is_active(ri, now))
|
2006-03-22 22:32:42 +01:00
|
|
|
continue;
|
2005-11-05 21:15:27 +01:00
|
|
|
if (cp+len+1 >= buf+buf_len)
|
2005-10-08 08:02:41 +02:00
|
|
|
goto truncated;
|
2006-01-12 19:04:17 +01:00
|
|
|
body = signed_descriptor_get_body(&ri->cache_info);
|
|
|
|
|
memcpy(cp, body, len);
|
2005-11-05 21:15:27 +01:00
|
|
|
cp += len;
|
2005-10-08 08:02:41 +02:00
|
|
|
*cp++ = '\n'; /* add an extra newline in case somebody was depending on
|
|
|
|
|
* it. */
|
|
|
|
|
});
|
|
|
|
|
*cp = '\0';
|
2004-05-18 19:41:40 +02:00
|
|
|
|
2004-03-29 21:28:16 +02:00
|
|
|
/* These multiple strlcat calls are inefficient, but dwarfed by the RSA
|
2006-02-05 03:33:40 +01:00
|
|
|
signature. */
|
2004-12-24 03:17:32 +01:00
|
|
|
if (strlcat(buf, "directory-signature ", buf_len) >= buf_len)
|
2004-03-29 21:28:16 +02:00
|
|
|
goto truncated;
|
2004-12-24 03:17:32 +01:00
|
|
|
if (strlcat(buf, get_options()->Nickname, buf_len) >= buf_len)
|
2004-04-25 00:17:50 +02:00
|
|
|
goto truncated;
|
2004-12-24 03:17:32 +01:00
|
|
|
if (strlcat(buf, "\n", buf_len) >= buf_len)
|
2004-04-25 00:17:50 +02:00
|
|
|
goto truncated;
|
|
|
|
|
|
2004-12-24 03:17:32 +01:00
|
|
|
if (router_get_dir_hash(buf,digest)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"couldn't compute digest");
|
2004-12-24 03:17:32 +01:00
|
|
|
tor_free(buf);
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-31 20:17:07 +01:00
|
|
|
note_crypto_pk_op(SIGN_DIR);
|
2005-08-26 17:34:53 +02:00
|
|
|
if (router_append_dirobj_signature(buf,buf_len,digest,private_key)<0) {
|
2004-12-24 03:17:32 +01:00
|
|
|
tor_free(buf);
|
2003-09-27 23:30:10 +02:00
|
|
|
return -1;
|
|
|
|
|
}
|
2004-07-23 01:21:12 +02:00
|
|
|
|
2004-12-24 03:17:32 +01:00
|
|
|
*dir_out = buf;
|
2003-09-27 23:30:10 +02:00
|
|
|
return 0;
|
2004-03-29 21:28:16 +02:00
|
|
|
truncated:
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"tried to exceed string length.");
|
2004-12-24 03:17:32 +01:00
|
|
|
tor_free(buf);
|
2004-03-29 21:28:16 +02:00
|
|
|
return -1;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
|
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** Most recently generated encoded signed v1 directory. (v1 auth dirservers
|
|
|
|
|
* only.) */
|
2006-06-18 09:38:55 +02:00
|
|
|
static cached_dir_t *the_directory = NULL;
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/* Used only by non-v1-auth dirservers: The v1 directory and
|
|
|
|
|
* runningrouters we'll serve when requested. */
|
2006-06-18 09:38:55 +02:00
|
|
|
static cached_dir_t *cached_directory = NULL;
|
|
|
|
|
static cached_dir_t cached_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
|
2004-06-21 06:37:27 +02:00
|
|
|
|
2007-02-02 21:06:43 +01:00
|
|
|
/** Used for other dirservers' v2 network statuses. Map from hexdigest to
|
2005-08-25 22:33:17 +02:00
|
|
|
* cached_dir_t. */
|
2005-10-18 22:12:22 +02:00
|
|
|
static digestmap_t *cached_v2_networkstatus = NULL;
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2005-08-26 17:34:53 +02:00
|
|
|
/** Possibly replace the contents of <b>d</b> with the value of
|
2005-08-28 06:20:37 +02:00
|
|
|
* <b>directory</b> published on <b>when</b>, unless <b>when</b> is older than
|
|
|
|
|
* the last value, or too far in the future.
|
|
|
|
|
*
|
2006-07-21 09:53:21 +02:00
|
|
|
* Does not copy <b>directory</b>; frees it if it isn't used.
|
2005-08-28 06:20:37 +02:00
|
|
|
*/
|
2005-08-25 22:33:17 +02:00
|
|
|
static void
|
2005-08-28 06:20:37 +02:00
|
|
|
set_cached_dir(cached_dir_t *d, char *directory, time_t when)
|
2004-06-21 06:37:27 +02:00
|
|
|
{
|
2005-08-25 22:33:17 +02:00
|
|
|
time_t now = time(NULL);
|
2004-11-15 05:04:20 +01:00
|
|
|
if (when<=d->published) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "Ignoring old directory; not caching.");
|
2005-08-28 06:20:37 +02:00
|
|
|
tor_free(directory);
|
2006-03-08 07:29:52 +01:00
|
|
|
} else if (when>=now+ROUTER_MAX_AGE_TO_PUBLISH) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "Ignoring future directory; not caching.");
|
2005-08-28 06:20:37 +02:00
|
|
|
tor_free(directory);
|
2005-03-23 07:39:53 +01:00
|
|
|
} else {
|
|
|
|
|
/* if (when>d->published && when<now+ROUTER_MAX_AGE) */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV, "Caching directory.");
|
2004-11-15 05:04:20 +01:00
|
|
|
tor_free(d->dir);
|
2005-08-28 06:20:37 +02:00
|
|
|
d->dir = directory;
|
2004-11-15 05:04:20 +01:00
|
|
|
d->dir_len = strlen(directory);
|
|
|
|
|
tor_free(d->dir_z);
|
|
|
|
|
if (tor_gzip_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len,
|
2004-09-02 20:57:09 +02:00
|
|
|
ZLIB_METHOD)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"Error compressing cached directory");
|
2004-09-02 20:57:09 +02:00
|
|
|
}
|
2004-11-15 05:04:20 +01:00
|
|
|
d->published = when;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Decrement the reference count on <b>d</b>, and free it if it no longer has
|
|
|
|
|
* any references. */
|
2006-06-18 09:38:55 +02:00
|
|
|
void
|
|
|
|
|
cached_dir_decref(cached_dir_t *d)
|
|
|
|
|
{
|
|
|
|
|
if (!d || --d->refcnt > 0)
|
|
|
|
|
return;
|
|
|
|
|
clear_cached_dir(d);
|
|
|
|
|
tor_free(d);
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Allocate and return a new cached_dir_t containing the string <b>s</b>,
|
|
|
|
|
* published at <b>published</b>. */
|
2006-06-18 09:38:55 +02:00
|
|
|
static cached_dir_t *
|
|
|
|
|
new_cached_dir(char *s, time_t published)
|
|
|
|
|
{
|
|
|
|
|
cached_dir_t *d = tor_malloc_zero(sizeof(cached_dir_t));
|
|
|
|
|
d->refcnt = 1;
|
|
|
|
|
d->dir = s;
|
|
|
|
|
d->dir_len = strlen(s);
|
|
|
|
|
d->published = published;
|
|
|
|
|
if (tor_gzip_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len,
|
|
|
|
|
ZLIB_METHOD)) {
|
|
|
|
|
log_warn(LD_BUG, "Error compressing directory");
|
|
|
|
|
}
|
|
|
|
|
return d;
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-26 17:34:53 +02:00
|
|
|
/** Remove all storage held in <b>d</b>, but do not free <b>d</b> itself. */
|
2005-08-25 22:33:17 +02:00
|
|
|
static void
|
|
|
|
|
clear_cached_dir(cached_dir_t *d)
|
|
|
|
|
{
|
|
|
|
|
tor_free(d->dir);
|
|
|
|
|
tor_free(d->dir_z);
|
|
|
|
|
memset(d, 0, sizeof(cached_dir_t));
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-26 17:34:53 +02:00
|
|
|
/** Free all storage held by the cached_dir_t in <b>d</b>. */
|
2005-08-25 22:33:17 +02:00
|
|
|
static void
|
2006-06-20 02:48:23 +02:00
|
|
|
_free_cached_dir(void *_d)
|
2005-08-25 22:33:17 +02:00
|
|
|
{
|
|
|
|
|
cached_dir_t *d = (cached_dir_t *)_d;
|
2006-06-20 02:48:23 +02:00
|
|
|
cached_dir_decref(d);
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
|
2007-02-24 02:12:53 +01:00
|
|
|
/** If we have no cached directory, or it is older than <b>published</b>,
|
|
|
|
|
* then replace it with <b>directory</b>, published at <b>published</b>.
|
|
|
|
|
*
|
2007-02-25 04:43:00 +01:00
|
|
|
* If <b>published</b> is too old, do nothing.
|
|
|
|
|
*
|
2007-05-02 11:12:04 +02:00
|
|
|
* If <b>is_running_routers</b>, this is really a v1 running_routers
|
|
|
|
|
* document rather than a v1 directory.
|
2005-08-25 22:33:17 +02:00
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
dirserv_set_cached_directory(const char *directory, time_t published,
|
|
|
|
|
int is_running_routers)
|
|
|
|
|
{
|
2007-02-25 04:43:00 +01:00
|
|
|
time_t now = time(NULL);
|
|
|
|
|
|
2006-06-18 09:38:55 +02:00
|
|
|
if (is_running_routers) {
|
2007-02-25 04:43:00 +01:00
|
|
|
if (published >= now - MAX_V1_RR_AGE)
|
|
|
|
|
set_cached_dir(&cached_runningrouters, tor_strdup(directory), published);
|
2006-06-18 09:38:55 +02:00
|
|
|
} else {
|
2007-02-25 04:43:00 +01:00
|
|
|
if (published >= now - MAX_V1_DIRECTORY_AGE) {
|
|
|
|
|
cached_dir_decref(cached_directory);
|
|
|
|
|
cached_directory = new_cached_dir(tor_strdup(directory), published);
|
|
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** If <b>networkstatus</b> is non-NULL, we've just received a v2
|
|
|
|
|
* network-status for an authoritative directory with identity digest
|
|
|
|
|
* <b>identity</b> published at <b>published</b> -- store it so we can
|
|
|
|
|
* serve it to others.
|
|
|
|
|
*
|
|
|
|
|
* If <b>networkstatus</b> is NULL, remove the entry with the given
|
|
|
|
|
* identity fingerprint from the v2 cache.
|
2005-08-26 20:02:49 +02:00
|
|
|
*/
|
2005-08-25 22:33:17 +02:00
|
|
|
void
|
2006-01-08 22:26:33 +01:00
|
|
|
dirserv_set_cached_networkstatus_v2(const char *networkstatus,
|
2005-10-18 22:12:22 +02:00
|
|
|
const char *identity,
|
2005-08-25 22:33:17 +02:00
|
|
|
time_t published)
|
|
|
|
|
{
|
2006-06-20 02:48:23 +02:00
|
|
|
cached_dir_t *d, *old_d;
|
2006-01-08 22:26:33 +01:00
|
|
|
smartlist_t *trusted_dirs;
|
2005-08-25 22:33:17 +02:00
|
|
|
if (!cached_v2_networkstatus)
|
2005-10-18 22:12:22 +02:00
|
|
|
cached_v2_networkstatus = digestmap_new();
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
old_d = digestmap_get(cached_v2_networkstatus, identity);
|
|
|
|
|
if (!old_d && !networkstatus)
|
|
|
|
|
return;
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2006-01-08 22:26:33 +01:00
|
|
|
if (networkstatus) {
|
2006-06-20 02:48:23 +02:00
|
|
|
if (!old_d || published > old_d->published) {
|
|
|
|
|
d = new_cached_dir(tor_strdup(networkstatus), published);
|
|
|
|
|
digestmap_set(cached_v2_networkstatus, identity, d);
|
|
|
|
|
if (old_d)
|
|
|
|
|
cached_dir_decref(old_d);
|
2006-01-08 22:26:33 +01:00
|
|
|
}
|
2005-09-12 08:56:42 +02:00
|
|
|
} else {
|
2006-06-20 02:48:23 +02:00
|
|
|
if (old_d) {
|
|
|
|
|
digestmap_remove(cached_v2_networkstatus, identity);
|
|
|
|
|
cached_dir_decref(old_d);
|
|
|
|
|
}
|
2005-09-12 08:56:42 +02:00
|
|
|
}
|
2006-01-08 22:26:33 +01:00
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
/* Now purge old entries. */
|
2006-04-10 03:35:56 +02:00
|
|
|
trusted_dirs = router_get_trusted_dir_servers();
|
2006-01-08 22:26:33 +01:00
|
|
|
if (digestmap_size(cached_v2_networkstatus) >
|
|
|
|
|
smartlist_len(trusted_dirs) + MAX_UNTRUSTED_NETWORKSTATUSES) {
|
|
|
|
|
/* We need to remove the oldest untrusted networkstatus. */
|
|
|
|
|
const char *oldest = NULL;
|
|
|
|
|
time_t oldest_published = TIME_MAX;
|
|
|
|
|
digestmap_iter_t *iter;
|
|
|
|
|
|
|
|
|
|
for (iter = digestmap_iter_init(cached_v2_networkstatus);
|
|
|
|
|
!digestmap_iter_done(iter);
|
|
|
|
|
iter = digestmap_iter_next(cached_v2_networkstatus, iter)) {
|
|
|
|
|
const char *ident;
|
|
|
|
|
void *val;
|
|
|
|
|
digestmap_iter_get(iter, &ident, &val);
|
|
|
|
|
d = val;
|
|
|
|
|
if (d->published < oldest_published &&
|
2006-09-29 01:57:59 +02:00
|
|
|
!router_digest_is_trusted_dir(ident)) {
|
2006-01-08 22:26:33 +01:00
|
|
|
oldest = ident;
|
|
|
|
|
oldest_published = d->published;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
tor_assert(oldest);
|
|
|
|
|
d = digestmap_remove(cached_v2_networkstatus, oldest);
|
|
|
|
|
if (d)
|
2006-06-20 02:48:23 +02:00
|
|
|
cached_dir_decref(d);
|
2006-01-08 22:26:33 +01:00
|
|
|
}
|
2005-09-07 18:42:53 +02:00
|
|
|
}
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** Remove any v2 networkstatus from the directory cache that was published
|
2007-01-10 21:43:40 +01:00
|
|
|
* before <b>cutoff</b>. */
|
|
|
|
|
void
|
|
|
|
|
dirserv_clear_old_networkstatuses(time_t cutoff)
|
|
|
|
|
{
|
|
|
|
|
digestmap_iter_t *iter;
|
|
|
|
|
|
2007-01-11 15:13:04 +01:00
|
|
|
if (!cached_v2_networkstatus)
|
|
|
|
|
return;
|
|
|
|
|
|
2007-01-10 21:43:40 +01:00
|
|
|
for (iter = digestmap_iter_init(cached_v2_networkstatus);
|
|
|
|
|
!digestmap_iter_done(iter); ) {
|
|
|
|
|
const char *ident;
|
|
|
|
|
void *val;
|
|
|
|
|
cached_dir_t *dir;
|
|
|
|
|
digestmap_iter_get(iter, &ident, &val);
|
|
|
|
|
dir = val;
|
|
|
|
|
if (dir->published < cutoff) {
|
|
|
|
|
char *fname;
|
|
|
|
|
iter = digestmap_iter_next_rmv(cached_v2_networkstatus, iter);
|
|
|
|
|
fname = networkstatus_get_cache_filename(ident);
|
|
|
|
|
if (file_status(fname) == FN_FILE) {
|
|
|
|
|
log_info(LD_DIR, "Removing too-old untrusted networkstatus in %s",
|
|
|
|
|
fname);
|
|
|
|
|
unlink(fname);
|
|
|
|
|
}
|
|
|
|
|
tor_free(fname);
|
|
|
|
|
cached_dir_decref(dir);
|
|
|
|
|
} else {
|
|
|
|
|
iter = digestmap_iter_next(cached_v2_networkstatus, iter);
|
|
|
|
|
}
|
|
|
|
|
}
|
2007-02-13 00:39:24 +01:00
|
|
|
}
|
2007-01-10 21:43:40 +01:00
|
|
|
|
2007-02-24 02:12:53 +01:00
|
|
|
/** Remove any v1 info from the directory cache that was published
|
|
|
|
|
* too long ago. */
|
2007-02-13 00:39:24 +01:00
|
|
|
void
|
|
|
|
|
dirserv_clear_old_v1_info(time_t now)
|
|
|
|
|
{
|
|
|
|
|
if (cached_directory &&
|
2007-02-24 02:12:53 +01:00
|
|
|
cached_directory->published < (now - MAX_V1_DIRECTORY_AGE)) {
|
2007-02-13 00:39:24 +01:00
|
|
|
cached_dir_decref(cached_directory);
|
2007-02-25 00:55:36 +01:00
|
|
|
cached_directory = NULL;
|
2007-02-13 00:39:24 +01:00
|
|
|
}
|
|
|
|
|
if (cached_runningrouters.published < (now - MAX_V1_RR_AGE)) {
|
|
|
|
|
clear_cached_dir(&cached_runningrouters);
|
|
|
|
|
}
|
2007-01-10 21:43:40 +01:00
|
|
|
}
|
|
|
|
|
|
2007-05-04 10:04:27 +02:00
|
|
|
/** Helper: If we're an authority for the right directory version
|
|
|
|
|
* (based on <b>auth_type</b>), try to regenerate
|
2005-09-13 23:14:55 +02:00
|
|
|
* auth_src as appropriate and return it, falling back to cache_src on
|
2007-05-04 10:04:27 +02:00
|
|
|
* failure. If we're a cache, simply return cache_src.
|
2005-09-13 23:14:55 +02:00
|
|
|
*/
|
2005-09-07 18:42:53 +02:00
|
|
|
static cached_dir_t *
|
|
|
|
|
dirserv_pick_cached_dir_obj(cached_dir_t *cache_src,
|
|
|
|
|
cached_dir_t *auth_src,
|
2006-06-18 23:30:03 +02:00
|
|
|
time_t dirty, cached_dir_t *(*regenerate)(void),
|
2005-09-07 18:42:53 +02:00
|
|
|
const char *name,
|
2007-05-04 10:04:27 +02:00
|
|
|
authority_type_t auth_type)
|
2005-09-07 18:42:53 +02:00
|
|
|
{
|
2007-05-02 11:12:04 +02:00
|
|
|
or_options_t *options = get_options();
|
2007-05-04 10:04:27 +02:00
|
|
|
int authority = (auth_type == V1_AUTHORITY && authdir_mode_v1(options)) ||
|
|
|
|
|
(auth_type == V2_AUTHORITY && authdir_mode_v2(options));
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2007-05-04 10:04:27 +02:00
|
|
|
if (!authority || authdir_mode_bridge(options)) { /* XXX020 */
|
2005-09-07 18:42:53 +02:00
|
|
|
return cache_src;
|
|
|
|
|
} else {
|
|
|
|
|
/* We're authoritative. */
|
|
|
|
|
if (regenerate != NULL) {
|
|
|
|
|
if (dirty && dirty + DIR_REGEN_SLACK_TIME < time(NULL)) {
|
2006-06-18 23:30:03 +02:00
|
|
|
if (!(auth_src = regenerate())) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_err(LD_BUG, "Couldn't generate %s?", name);
|
2005-09-07 18:42:53 +02:00
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "The %s is still clean; reusing.", name);
|
2005-09-07 18:42:53 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return auth_src ? auth_src : cache_src;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-26 20:02:49 +02:00
|
|
|
/** Helper: If we're authoritative and <b>auth_src</b> is set, use
|
|
|
|
|
* <b>auth_src</b>, otherwise use <b>cache_src</b>. If we're using
|
|
|
|
|
* <b>auth_src</b> and it's been <b>dirty</b> for at least
|
|
|
|
|
* DIR_REGEN_SLACK_TIME seconds, call <b>regenerate</b>() to make a fresh one.
|
|
|
|
|
* Yields the compressed version of the directory object if <b>compress</b> is
|
|
|
|
|
* set; otherwise return the uncompressed version. (In either case, sets
|
2005-09-13 23:14:55 +02:00
|
|
|
* *<b>out</b> and returns the size of the buffer in *<b>out</b>.)
|
2005-09-07 18:42:53 +02:00
|
|
|
*
|
2007-05-04 10:04:27 +02:00
|
|
|
* Use <b>auth_type</b> to help determine whether we're authoritative for
|
2005-09-13 23:14:55 +02:00
|
|
|
* this kind of object.
|
2005-09-07 18:42:53 +02:00
|
|
|
**/
|
2005-08-25 22:33:17 +02:00
|
|
|
static size_t
|
2006-06-18 09:38:55 +02:00
|
|
|
dirserv_get_obj(const char **out,
|
|
|
|
|
int compress,
|
2005-08-25 22:33:17 +02:00
|
|
|
cached_dir_t *cache_src,
|
|
|
|
|
cached_dir_t *auth_src,
|
2006-06-18 23:30:03 +02:00
|
|
|
time_t dirty, cached_dir_t *(*regenerate)(void),
|
2005-09-07 18:42:53 +02:00
|
|
|
const char *name,
|
2007-05-04 10:04:27 +02:00
|
|
|
authority_type_t auth_type)
|
2005-08-25 22:33:17 +02:00
|
|
|
{
|
2005-09-07 18:42:53 +02:00
|
|
|
cached_dir_t *d = dirserv_pick_cached_dir_obj(
|
|
|
|
|
cache_src, auth_src,
|
2007-05-04 10:04:27 +02:00
|
|
|
dirty, regenerate, name, auth_type);
|
2005-09-07 18:42:53 +02:00
|
|
|
|
2005-08-25 22:33:17 +02:00
|
|
|
if (!d)
|
|
|
|
|
return 0;
|
|
|
|
|
*out = compress ? d->dir_z : d->dir;
|
|
|
|
|
if (*out) {
|
|
|
|
|
return compress ? d->dir_z_len : d->dir_len;
|
|
|
|
|
} else {
|
|
|
|
|
/* not yet available. */
|
|
|
|
|
return 0;
|
2004-06-21 06:37:27 +02:00
|
|
|
}
|
|
|
|
|
}
|
2003-12-14 06:25:23 +01:00
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** Return the most recently generated encoded signed v1 directory,
|
|
|
|
|
* generating a new one as necessary. If not a v1 authoritative directory
|
|
|
|
|
* may return NULL if no directory is yet cached. */
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_t *
|
|
|
|
|
dirserv_get_directory(void)
|
2003-09-27 23:30:10 +02:00
|
|
|
{
|
2006-06-18 09:38:55 +02:00
|
|
|
return dirserv_pick_cached_dir_obj(cached_directory, the_directory,
|
|
|
|
|
the_directory_is_dirty,
|
|
|
|
|
dirserv_regenerate_directory,
|
2007-05-04 10:04:27 +02:00
|
|
|
"server directory", V1_AUTHORITY);
|
2004-09-02 20:57:09 +02:00
|
|
|
}
|
|
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** Only called by v1 auth dirservers.
|
|
|
|
|
* Generate a fresh v1 directory; set the_directory and return a pointer
|
|
|
|
|
* to the new value.
|
2004-09-02 20:57:09 +02:00
|
|
|
*/
|
2006-06-18 23:30:03 +02:00
|
|
|
static cached_dir_t *
|
2005-06-11 20:52:12 +02:00
|
|
|
dirserv_regenerate_directory(void)
|
2004-09-02 20:57:09 +02:00
|
|
|
{
|
2004-12-24 03:17:32 +01:00
|
|
|
char *new_directory=NULL;
|
2004-09-02 20:57:09 +02:00
|
|
|
|
2004-12-24 03:17:32 +01:00
|
|
|
if (dirserv_dump_directory_to_string(&new_directory,
|
2006-06-13 13:11:19 +02:00
|
|
|
get_identity_key(), 0)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Error creating directory.");
|
2004-09-02 20:57:09 +02:00
|
|
|
tor_free(new_directory);
|
2006-06-18 23:30:03 +02:00
|
|
|
return NULL;
|
2004-09-02 20:57:09 +02:00
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_decref(the_directory);
|
|
|
|
|
the_directory = new_cached_dir(new_directory, time(NULL));
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV,"New directory (size %d) has been built.",
|
2006-06-18 09:38:55 +02:00
|
|
|
(int)the_directory->dir_len);
|
2006-02-13 10:37:53 +01:00
|
|
|
log_debug(LD_DIRSERV,"New directory (size %d):\n%s",
|
2006-06-18 09:38:55 +02:00
|
|
|
(int)the_directory->dir_len, the_directory->dir);
|
2004-09-02 20:57:09 +02:00
|
|
|
|
|
|
|
|
the_directory_is_dirty = 0;
|
|
|
|
|
|
2004-11-15 17:17:59 +01:00
|
|
|
/* Save the directory to disk so we re-load it quickly on startup.
|
|
|
|
|
*/
|
2006-06-18 09:38:55 +02:00
|
|
|
dirserv_set_cached_directory(the_directory->dir, time(NULL), 0);
|
2004-11-15 17:17:59 +01:00
|
|
|
|
2006-06-18 23:30:03 +02:00
|
|
|
return the_directory;
|
2003-09-27 23:30:10 +02:00
|
|
|
}
|
2003-10-18 05:23:26 +02:00
|
|
|
|
2007-02-24 02:12:53 +01:00
|
|
|
/** For authoritative directories: the current (v1) network status. */
|
2006-06-18 09:38:55 +02:00
|
|
|
static cached_dir_t the_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
|
2004-06-25 02:29:31 +02:00
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** Only called by v1 auth dirservers.
|
|
|
|
|
* Replace the current running-routers list with a newly generated one. */
|
2006-06-18 23:30:03 +02:00
|
|
|
static cached_dir_t *
|
2005-08-25 22:33:17 +02:00
|
|
|
generate_runningrouters(void)
|
2004-06-25 02:29:31 +02:00
|
|
|
{
|
2005-08-25 22:33:17 +02:00
|
|
|
char *s=NULL;
|
2004-10-27 14:34:02 +02:00
|
|
|
char *router_status=NULL;
|
2004-06-25 02:29:31 +02:00
|
|
|
char digest[DIGEST_LEN];
|
2005-08-25 22:33:17 +02:00
|
|
|
char published[ISO_TIME_LEN+1];
|
2004-08-04 01:57:05 +02:00
|
|
|
size_t len;
|
2005-08-25 22:33:17 +02:00
|
|
|
crypto_pk_env_t *private_key = get_identity_key();
|
2004-10-07 23:10:40 +02:00
|
|
|
char *identity_pkey; /* Identity key, DER64-encoded. */
|
2005-05-02 23:22:31 +02:00
|
|
|
size_t identity_pkey_len;
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2005-03-23 20:15:10 +01:00
|
|
|
|
2006-10-27 04:07:04 +02:00
|
|
|
if (list_server_status(rl->routers, &router_status, 0)) {
|
2004-10-27 14:34:02 +02:00
|
|
|
goto err;
|
|
|
|
|
}
|
2005-05-02 23:22:31 +02:00
|
|
|
if (crypto_pk_write_public_key_to_string(private_key,&identity_pkey,
|
|
|
|
|
&identity_pkey_len)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"write identity_pkey to string failed!");
|
2004-10-27 14:34:02 +02:00
|
|
|
goto err;
|
2004-10-07 23:10:40 +02:00
|
|
|
}
|
2005-08-25 22:33:17 +02:00
|
|
|
format_iso_time(published, time(NULL));
|
2004-12-24 02:41:52 +01:00
|
|
|
|
|
|
|
|
len = 2048+strlen(router_status);
|
|
|
|
|
s = tor_malloc_zero(len);
|
2005-08-25 22:33:17 +02:00
|
|
|
tor_snprintf(s, len,
|
|
|
|
|
"network-status\n"
|
|
|
|
|
"published %s\n"
|
|
|
|
|
"router-status %s\n"
|
|
|
|
|
"dir-signing-key\n%s"
|
|
|
|
|
"directory-signature %s\n",
|
2005-12-14 21:40:40 +01:00
|
|
|
published, router_status, identity_pkey,
|
|
|
|
|
get_options()->Nickname);
|
2004-10-27 02:48:51 +02:00
|
|
|
tor_free(router_status);
|
2004-10-07 23:10:40 +02:00
|
|
|
tor_free(identity_pkey);
|
2004-06-25 02:29:31 +02:00
|
|
|
if (router_get_runningrouters_hash(s,digest)) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"couldn't compute digest");
|
2004-10-27 14:34:02 +02:00
|
|
|
goto err;
|
2004-06-25 02:29:31 +02:00
|
|
|
}
|
2006-10-31 20:17:07 +01:00
|
|
|
note_crypto_pk_op(SIGN_DIR);
|
2005-08-26 17:34:53 +02:00
|
|
|
if (router_append_dirobj_signature(s, len, digest, private_key)<0)
|
2004-10-27 14:34:02 +02:00
|
|
|
goto err;
|
2004-06-25 02:29:31 +02:00
|
|
|
|
2005-08-25 22:33:17 +02:00
|
|
|
set_cached_dir(&the_runningrouters, s, time(NULL));
|
2004-06-25 02:29:31 +02:00
|
|
|
runningrouters_is_dirty = 0;
|
2004-11-15 17:17:59 +01:00
|
|
|
|
2006-06-18 23:30:03 +02:00
|
|
|
return &the_runningrouters;
|
2004-10-27 14:34:02 +02:00
|
|
|
err:
|
|
|
|
|
tor_free(s);
|
|
|
|
|
tor_free(router_status);
|
2006-06-18 23:30:03 +02:00
|
|
|
return NULL;
|
2004-06-25 02:29:31 +02:00
|
|
|
}
|
|
|
|
|
|
2004-06-16 23:08:29 +02:00
|
|
|
/** Set *<b>rr</b> to the most recently generated encoded signed
|
2004-08-06 22:00:16 +02:00
|
|
|
* running-routers list, generating a new one as necessary. Return the
|
|
|
|
|
* size of the directory on success, and 0 on failure. */
|
2005-06-11 20:52:12 +02:00
|
|
|
size_t
|
|
|
|
|
dirserv_get_runningrouters(const char **rr, int compress)
|
2004-06-16 23:08:29 +02:00
|
|
|
{
|
2005-08-25 22:33:17 +02:00
|
|
|
return dirserv_get_obj(rr, compress,
|
|
|
|
|
&cached_runningrouters, &the_runningrouters,
|
|
|
|
|
runningrouters_is_dirty,
|
|
|
|
|
generate_runningrouters,
|
2007-05-04 10:04:27 +02:00
|
|
|
"v1 network status list", V1_AUTHORITY);
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
|
2007-02-24 02:12:53 +01:00
|
|
|
/** For authoritative directories: the current (v2) network status. */
|
2006-06-20 02:48:23 +02:00
|
|
|
static cached_dir_t *the_v2_networkstatus = NULL;
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2007-02-16 21:39:37 +01:00
|
|
|
/** Return true iff our opinion of the routers has been stale for long
|
2007-05-02 11:12:04 +02:00
|
|
|
* enough that we should generate a new v2 network status doc. */
|
2005-11-29 18:14:10 +01:00
|
|
|
static int
|
|
|
|
|
should_generate_v2_networkstatus(void)
|
|
|
|
|
{
|
2007-05-02 11:12:04 +02:00
|
|
|
return authdir_mode_v2(get_options()) &&
|
2007-05-04 10:04:27 +02:00
|
|
|
!authdir_mode_bridge(get_options()) && /* XXX020 */
|
2005-11-29 18:14:10 +01:00
|
|
|
the_v2_networkstatus_is_dirty &&
|
|
|
|
|
the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-10 06:43:35 +01:00
|
|
|
/** If a router's uptime is at least this value, then it is always
|
|
|
|
|
* considered stable, regardless of the rest of the network. This
|
|
|
|
|
* way we resist attacks where an attacker doubles the size of the
|
|
|
|
|
* network using allegedly high-uptime nodes, displacing all the
|
|
|
|
|
* current guards. */
|
|
|
|
|
#define UPTIME_TO_GUARANTEE_STABLE (3600*24*30)
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/* Thresholds for server performance: set by
|
|
|
|
|
* dirserv_compute_performance_thresholds, and used by
|
|
|
|
|
* generate_v2_networkstatus */
|
2006-03-20 22:41:12 +01:00
|
|
|
static uint32_t stable_uptime = 0; /* start at a safe value */
|
|
|
|
|
static uint32_t fast_bandwidth = 0;
|
2007-01-26 10:03:20 +01:00
|
|
|
static uint32_t guard_bandwidth_including_exits = 0;
|
|
|
|
|
static uint32_t guard_bandwidth_excluding_exits = 0;
|
2006-12-19 20:48:48 +01:00
|
|
|
static uint64_t total_bandwidth = 0;
|
|
|
|
|
static uint64_t total_exit_bandwidth = 0;
|
2006-01-02 04:32:55 +01:00
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Helper: estimate the uptime of a router given its stated uptime and the
|
|
|
|
|
* amount of time since it last stated its stated uptime. */
|
2006-04-08 07:43:52 +02:00
|
|
|
static INLINE int
|
|
|
|
|
real_uptime(routerinfo_t *router, time_t now)
|
|
|
|
|
{
|
2006-07-14 05:14:02 +02:00
|
|
|
if (now < router->cache_info.published_on)
|
|
|
|
|
return router->uptime;
|
|
|
|
|
else
|
|
|
|
|
return router->uptime + (now - router->cache_info.published_on);
|
2006-04-08 07:43:52 +02:00
|
|
|
}
|
|
|
|
|
|
2005-12-15 22:30:57 +01:00
|
|
|
/** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
|
|
|
|
|
* If <b>need_uptime</b> is non-zero, we require a minimum uptime.
|
|
|
|
|
* If <b>need_capacity</b> is non-zero, we require a minimum advertised
|
|
|
|
|
* bandwidth.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
2006-04-03 01:01:01 +02:00
|
|
|
dirserv_thinks_router_is_unreliable(time_t now,
|
|
|
|
|
routerinfo_t *router,
|
2005-12-15 22:30:57 +01:00
|
|
|
int need_uptime, int need_capacity)
|
|
|
|
|
{
|
2007-03-10 06:43:35 +01:00
|
|
|
if (need_uptime) {
|
|
|
|
|
int uptime = real_uptime(router, now);
|
|
|
|
|
if ((unsigned)uptime < stable_uptime &&
|
|
|
|
|
(unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
2006-03-28 14:01:58 +02:00
|
|
|
if (need_capacity &&
|
|
|
|
|
router_get_advertised_bandwidth(router) < fast_bandwidth)
|
2005-12-15 22:30:57 +01:00
|
|
|
return 1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-24 02:12:53 +01:00
|
|
|
/** Helper: returns a tristate based on comparing **(uint32_t**)<b>a</b>
|
|
|
|
|
* to **(uint32_t**)<b>b</b>. */
|
2006-01-02 04:32:55 +01:00
|
|
|
static int
|
2006-03-20 22:41:12 +01:00
|
|
|
_compare_uint32(const void **a, const void **b)
|
2006-01-02 04:32:55 +01:00
|
|
|
{
|
2006-03-20 22:41:12 +01:00
|
|
|
uint32_t first = **(uint32_t **)a, second = **(uint32_t **)b;
|
2006-01-02 04:32:55 +01:00
|
|
|
if (first < second) return -1;
|
|
|
|
|
if (first > second) return 1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2006-12-19 20:48:48 +01:00
|
|
|
/** Look through the routerlist, and assign the median uptime of running valid
|
|
|
|
|
* servers to stable_uptime, and the relative bandwidth capacities to
|
|
|
|
|
* fast_bandwidth and guard_bandwidth. Set total_bandwidth to the total
|
|
|
|
|
* capacity of all running valid servers and total_exit_bandwidth to the
|
2007-01-06 07:26:53 +01:00
|
|
|
* capacity of all running valid exits. Set the is_exit flag of each router
|
|
|
|
|
* appropriately. */
|
2006-01-11 04:59:55 +01:00
|
|
|
static void
|
2006-03-20 22:41:12 +01:00
|
|
|
dirserv_compute_performance_thresholds(routerlist_t *rl)
|
2006-01-02 04:32:55 +01:00
|
|
|
{
|
2007-01-26 10:03:20 +01:00
|
|
|
smartlist_t *uptimes, *bandwidths, *bandwidths_excluding_exits;
|
2006-04-03 01:01:01 +02:00
|
|
|
time_t now = time(NULL);
|
2006-03-20 22:41:12 +01:00
|
|
|
|
2007-01-26 10:03:20 +01:00
|
|
|
/* initialize these all here, in case there are no routers */
|
|
|
|
|
stable_uptime = 0;
|
|
|
|
|
fast_bandwidth = 0;
|
|
|
|
|
guard_bandwidth_including_exits = 0;
|
|
|
|
|
guard_bandwidth_excluding_exits = 0;
|
|
|
|
|
|
2006-12-19 20:48:48 +01:00
|
|
|
total_bandwidth = 0;
|
|
|
|
|
total_exit_bandwidth = 0;
|
|
|
|
|
|
2006-03-20 22:41:12 +01:00
|
|
|
uptimes = smartlist_create();
|
|
|
|
|
bandwidths = smartlist_create();
|
2007-01-26 10:03:20 +01:00
|
|
|
bandwidths_excluding_exits = smartlist_create();
|
2006-01-02 04:32:55 +01:00
|
|
|
|
|
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
|
2007-02-28 22:06:05 +01:00
|
|
|
if (router_is_active(ri, now)) {
|
2006-03-20 22:41:12 +01:00
|
|
|
uint32_t *up = tor_malloc(sizeof(uint32_t));
|
2006-03-22 12:23:00 +01:00
|
|
|
uint32_t *bw = tor_malloc(sizeof(uint32_t));
|
2007-01-06 07:26:53 +01:00
|
|
|
ri->is_exit = exit_policy_is_general_exit(ri->exit_policy);
|
2006-04-08 07:43:52 +02:00
|
|
|
*up = (uint32_t) real_uptime(ri, now);
|
2006-01-02 04:32:55 +01:00
|
|
|
smartlist_add(uptimes, up);
|
2006-03-28 14:01:58 +02:00
|
|
|
*bw = router_get_advertised_bandwidth(ri);
|
2006-12-19 20:48:48 +01:00
|
|
|
total_bandwidth += *bw;
|
2007-01-26 10:03:20 +01:00
|
|
|
if (ri->is_exit && !ri->is_bad_exit) {
|
2007-01-06 07:26:53 +01:00
|
|
|
total_exit_bandwidth += *bw;
|
2007-01-26 10:03:20 +01:00
|
|
|
} else {
|
|
|
|
|
uint32_t *bw_not_exit = tor_malloc(sizeof(uint32_t));
|
|
|
|
|
*bw_not_exit = *bw;
|
|
|
|
|
smartlist_add(bandwidths_excluding_exits, bw_not_exit);
|
|
|
|
|
}
|
2006-03-20 22:41:12 +01:00
|
|
|
smartlist_add(bandwidths, bw);
|
2006-01-02 04:32:55 +01:00
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
2006-03-20 22:41:12 +01:00
|
|
|
smartlist_sort(uptimes, _compare_uint32);
|
|
|
|
|
smartlist_sort(bandwidths, _compare_uint32);
|
2007-01-26 10:03:20 +01:00
|
|
|
smartlist_sort(bandwidths_excluding_exits, _compare_uint32);
|
2006-03-20 22:41:12 +01:00
|
|
|
|
|
|
|
|
if (smartlist_len(uptimes))
|
|
|
|
|
stable_uptime = *(uint32_t*)smartlist_get(uptimes,
|
|
|
|
|
smartlist_len(uptimes)/2);
|
2006-01-02 04:32:55 +01:00
|
|
|
|
2006-03-20 22:49:55 +01:00
|
|
|
if (smartlist_len(bandwidths)) {
|
2006-03-20 22:41:12 +01:00
|
|
|
fast_bandwidth = *(uint32_t*)smartlist_get(bandwidths,
|
2006-03-20 22:49:55 +01:00
|
|
|
smartlist_len(bandwidths)/8);
|
2006-04-15 09:15:23 +02:00
|
|
|
if (fast_bandwidth < ROUTER_REQUIRED_MIN_BANDWIDTH)
|
|
|
|
|
fast_bandwidth = *(uint32_t*)smartlist_get(bandwidths,
|
|
|
|
|
smartlist_len(bandwidths)/4);
|
2007-01-26 10:03:20 +01:00
|
|
|
guard_bandwidth_including_exits =
|
|
|
|
|
*(uint32_t*)smartlist_get(bandwidths, smartlist_len(bandwidths)/2);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (smartlist_len(bandwidths_excluding_exits)) {
|
|
|
|
|
guard_bandwidth_excluding_exits =
|
|
|
|
|
*(uint32_t*)smartlist_get(bandwidths_excluding_exits,
|
|
|
|
|
smartlist_len(bandwidths_excluding_exits)/2);
|
2006-03-20 22:49:55 +01:00
|
|
|
}
|
2006-01-02 04:32:55 +01:00
|
|
|
|
2006-09-29 02:19:43 +02:00
|
|
|
log(LOG_INFO, LD_DIRSERV,
|
2007-01-26 10:03:20 +01:00
|
|
|
"Cutoffs: %lus uptime, %lu b/s fast, %lu or %lu b/s guard.",
|
2006-09-29 02:19:43 +02:00
|
|
|
(unsigned long)stable_uptime,
|
|
|
|
|
(unsigned long)fast_bandwidth,
|
2007-01-26 10:03:20 +01:00
|
|
|
(unsigned long)guard_bandwidth_including_exits,
|
|
|
|
|
(unsigned long)guard_bandwidth_excluding_exits);
|
2006-01-02 04:32:55 +01:00
|
|
|
|
2006-03-20 22:41:12 +01:00
|
|
|
SMARTLIST_FOREACH(uptimes, uint32_t *, up, tor_free(up));
|
|
|
|
|
SMARTLIST_FOREACH(bandwidths, uint32_t *, bw, tor_free(bw));
|
2007-01-26 10:03:20 +01:00
|
|
|
SMARTLIST_FOREACH(bandwidths_excluding_exits, uint32_t *, bw, tor_free(bw));
|
2006-01-02 04:32:55 +01:00
|
|
|
smartlist_free(uptimes);
|
2006-03-20 22:41:12 +01:00
|
|
|
smartlist_free(bandwidths);
|
2007-01-26 10:03:20 +01:00
|
|
|
smartlist_free(bandwidths_excluding_exits);
|
2006-01-02 04:32:55 +01:00
|
|
|
}
|
|
|
|
|
|
2007-05-02 11:12:04 +02:00
|
|
|
/** For v2 authoritative directories only: replace the contents of
|
2005-08-26 20:02:49 +02:00
|
|
|
* <b>the_v2_networkstatus</b> with a newly generated network status
|
|
|
|
|
* object. */
|
2006-06-18 23:30:03 +02:00
|
|
|
static cached_dir_t *
|
2005-08-25 22:33:17 +02:00
|
|
|
generate_v2_networkstatus(void)
|
|
|
|
|
{
|
2007-02-16 21:39:37 +01:00
|
|
|
/** Longest status flag name that we generate. */
|
2006-10-20 16:58:29 +02:00
|
|
|
#define LONGEST_STATUS_FLAG_NAME_LEN 9
|
2007-02-16 21:39:37 +01:00
|
|
|
/** Maximum number of status flags we'll apply to one router. */
|
|
|
|
|
#define N_STATUS_FLAGS 10
|
|
|
|
|
/** Amount of space to allocate for each entry. (r line and s line.) */
|
2005-08-25 22:33:17 +02:00
|
|
|
#define RS_ENTRY_LEN \
|
|
|
|
|
( /* first line */ \
|
|
|
|
|
MAX_NICKNAME_LEN+BASE64_DIGEST_LEN*2+ISO_TIME_LEN+INET_NTOA_BUF_LEN+ \
|
|
|
|
|
5*2 /* ports */ + 10 /* punctuation */ + \
|
|
|
|
|
/* second line */ \
|
|
|
|
|
(LONGEST_STATUS_FLAG_NAME_LEN+1)*N_STATUS_FLAGS + 2)
|
|
|
|
|
|
2006-06-18 23:30:03 +02:00
|
|
|
cached_dir_t *r = NULL;
|
2005-08-25 22:33:17 +02:00
|
|
|
size_t len, identity_pkey_len;
|
|
|
|
|
char *status = NULL, *client_versions = NULL, *server_versions = NULL,
|
|
|
|
|
*identity_pkey = NULL, *hostname = NULL;
|
|
|
|
|
char *outp, *endp;
|
|
|
|
|
or_options_t *options = get_options();
|
|
|
|
|
char fingerprint[FINGERPRINT_LEN+1];
|
2006-03-15 00:40:37 +01:00
|
|
|
char ipaddr[INET_NTOA_BUF_LEN];
|
2006-03-14 23:43:52 +01:00
|
|
|
char published[ISO_TIME_LEN+1];
|
2005-08-25 22:33:17 +02:00
|
|
|
char digest[DIGEST_LEN];
|
|
|
|
|
struct in_addr in;
|
|
|
|
|
uint32_t addr;
|
|
|
|
|
crypto_pk_env_t *private_key = get_identity_key();
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2005-09-15 07:19:38 +02:00
|
|
|
time_t now = time(NULL);
|
2006-03-08 07:29:52 +01:00
|
|
|
time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
2005-09-15 16:39:05 +02:00
|
|
|
int naming = options->NamingAuthoritativeDir;
|
2005-09-21 02:41:06 +02:00
|
|
|
int versioning = options->VersioningAuthoritativeDir;
|
2006-10-23 05:48:42 +02:00
|
|
|
int listbadexits = options->AuthDirListBadExits;
|
2006-12-19 20:48:48 +01:00
|
|
|
int exits_can_be_guards;
|
2005-09-02 22:30:03 +02:00
|
|
|
const char *contact;
|
2005-08-26 22:59:04 +02:00
|
|
|
|
2006-07-15 22:26:05 +02:00
|
|
|
if (resolve_my_address(LOG_WARN, options, &addr, &hostname)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_NET, "Couldn't resolve my hostname");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
in.s_addr = htonl(addr);
|
|
|
|
|
tor_inet_ntoa(&in, ipaddr, sizeof(ipaddr));
|
|
|
|
|
|
|
|
|
|
format_iso_time(published, time(NULL));
|
|
|
|
|
|
|
|
|
|
client_versions = format_versions_list(options->RecommendedClientVersions);
|
|
|
|
|
server_versions = format_versions_list(options->RecommendedServerVersions);
|
|
|
|
|
|
|
|
|
|
if (crypto_pk_write_public_key_to_string(private_key, &identity_pkey,
|
|
|
|
|
&identity_pkey_len)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG,"Writing public key to string failed.");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (crypto_pk_get_fingerprint(private_key, fingerprint, 0)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_err(LD_BUG, "Error computing fingerprint");
|
2005-09-09 21:37:12 +02:00
|
|
|
goto done;
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
|
2005-09-02 22:30:03 +02:00
|
|
|
contact = get_options()->ContactInfo;
|
|
|
|
|
if (!contact)
|
|
|
|
|
contact = "(none)";
|
|
|
|
|
|
2005-12-14 21:40:40 +01:00
|
|
|
len = 2048+strlen(client_versions)+strlen(server_versions);
|
|
|
|
|
len += identity_pkey_len*2;
|
2005-10-18 19:43:54 +02:00
|
|
|
len += (RS_ENTRY_LEN)*smartlist_len(rl->routers);
|
2005-08-25 22:33:17 +02:00
|
|
|
|
|
|
|
|
status = tor_malloc(len);
|
|
|
|
|
tor_snprintf(status, len,
|
|
|
|
|
"network-status-version 2\n"
|
|
|
|
|
"dir-source %s %s %d\n"
|
2005-09-02 22:30:03 +02:00
|
|
|
"fingerprint %s\n"
|
|
|
|
|
"contact %s\n"
|
2005-08-25 22:33:17 +02:00
|
|
|
"published %s\n"
|
2006-10-23 05:48:42 +02:00
|
|
|
"dir-options%s%s%s\n"
|
2006-04-08 23:59:15 +02:00
|
|
|
"%s%s" /* client versions %s */
|
|
|
|
|
"%s%s%s" /* \nserver versions %s \n */
|
2005-08-25 22:33:17 +02:00
|
|
|
"dir-signing-key\n%s\n",
|
|
|
|
|
hostname, ipaddr, (int)options->DirPort,
|
|
|
|
|
fingerprint,
|
2005-09-02 22:30:03 +02:00
|
|
|
contact,
|
2005-09-03 04:38:39 +02:00
|
|
|
published,
|
2005-09-15 16:39:05 +02:00
|
|
|
naming ? " Names" : "",
|
2006-10-23 05:48:42 +02:00
|
|
|
listbadexits ? " BadExits" : "",
|
2005-09-21 02:41:06 +02:00
|
|
|
versioning ? " Versions" : "",
|
2006-04-08 23:59:15 +02:00
|
|
|
versioning ? "client-versions " : "",
|
2006-09-15 00:34:57 +02:00
|
|
|
versioning ? client_versions : "",
|
2006-04-08 23:59:15 +02:00
|
|
|
versioning ? "\nserver-versions " : "",
|
2006-09-15 00:34:57 +02:00
|
|
|
versioning ? server_versions : "",
|
2006-04-08 23:59:15 +02:00
|
|
|
versioning ? "\n" : "",
|
2005-08-25 22:33:17 +02:00
|
|
|
identity_pkey);
|
|
|
|
|
outp = status + strlen(status);
|
|
|
|
|
endp = status + len;
|
|
|
|
|
|
2006-01-02 04:32:55 +01:00
|
|
|
/* precompute this part, since we need it to decide what "stable"
|
|
|
|
|
* means. */
|
|
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
|
|
|
|
|
ri->is_running = dirserv_thinks_router_is_reachable(ri, now);
|
|
|
|
|
});
|
|
|
|
|
|
2006-03-20 22:41:12 +01:00
|
|
|
dirserv_compute_performance_thresholds(rl);
|
2006-01-02 04:32:55 +01:00
|
|
|
|
2007-01-30 00:09:22 +01:00
|
|
|
/* XXXX We should take steps to keep this from oscillating if
|
|
|
|
|
* total_exit_bandwidth is close to total_bandwidth/3. */
|
2007-01-03 11:30:26 +01:00
|
|
|
exits_can_be_guards = total_exit_bandwidth >= (total_bandwidth / 3);
|
2006-12-19 20:48:48 +01:00
|
|
|
|
2005-10-18 19:43:54 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
|
2006-02-05 03:33:40 +01:00
|
|
|
if (ri->cache_info.published_on >= cutoff) {
|
2007-01-06 07:26:53 +01:00
|
|
|
/* Already set by compute_performance_thresholds. */
|
|
|
|
|
int f_exit = ri->is_exit;
|
2006-04-03 01:01:01 +02:00
|
|
|
/* These versions dump connections with idle live circuits
|
|
|
|
|
sometimes. D'oh!*/
|
|
|
|
|
int unstable_version =
|
|
|
|
|
tor_version_as_new_as(ri->platform,"0.1.1.10-alpha") &&
|
|
|
|
|
!tor_version_as_new_as(ri->platform,"0.1.1.16-rc-cvs");
|
2006-01-02 04:32:55 +01:00
|
|
|
int f_stable = ri->is_stable =
|
2007-03-13 02:59:09 +01:00
|
|
|
router_is_active(ri, now) &&
|
2006-04-03 01:01:01 +02:00
|
|
|
!dirserv_thinks_router_is_unreliable(now, ri, 1, 0) &&
|
|
|
|
|
!unstable_version;
|
2006-01-02 04:32:55 +01:00
|
|
|
int f_fast = ri->is_fast =
|
2007-03-13 02:59:09 +01:00
|
|
|
router_is_active(ri, now) &&
|
2006-04-03 01:01:01 +02:00
|
|
|
!dirserv_thinks_router_is_unreliable(now, ri, 0, 1);
|
2006-01-02 04:32:55 +01:00
|
|
|
int f_running = ri->is_running; /* computed above */
|
2005-11-05 21:15:27 +01:00
|
|
|
int f_authority = router_digest_is_trusted_dir(
|
|
|
|
|
ri->cache_info.identity_digest);
|
2005-09-15 16:39:05 +02:00
|
|
|
int f_named = naming && ri->is_named;
|
2006-03-19 02:21:59 +01:00
|
|
|
int f_valid = ri->is_valid;
|
2006-03-20 22:49:55 +01:00
|
|
|
int f_guard = f_fast && f_stable &&
|
2007-01-26 10:03:20 +01:00
|
|
|
(!f_exit || exits_can_be_guards) &&
|
|
|
|
|
router_get_advertised_bandwidth(ri) >=
|
|
|
|
|
(exits_can_be_guards ? guard_bandwidth_including_exits :
|
|
|
|
|
guard_bandwidth_excluding_exits);
|
2006-10-23 05:48:42 +02:00
|
|
|
int f_bad_exit = listbadexits && ri->is_bad_exit;
|
2005-12-15 22:17:40 +01:00
|
|
|
/* 0.1.1.9-alpha is the first version to support fetch by descriptor
|
|
|
|
|
* hash. */
|
2005-12-12 02:03:28 +01:00
|
|
|
int f_v2_dir = ri->dir_port &&
|
|
|
|
|
tor_version_as_new_as(ri->platform,"0.1.1.9-alpha");
|
2005-09-18 04:22:21 +02:00
|
|
|
char identity64[BASE64_DIGEST_LEN+1];
|
|
|
|
|
char digest64[BASE64_DIGEST_LEN+1];
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2006-09-29 06:51:28 +02:00
|
|
|
if (!strcasecmp(ri->nickname, UNNAMED_ROUTER_NICKNAME))
|
|
|
|
|
f_named = 0;
|
|
|
|
|
|
2005-11-05 21:15:27 +01:00
|
|
|
format_iso_time(published, ri->cache_info.published_on);
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2005-11-05 21:15:27 +01:00
|
|
|
digest_to_base64(identity64, ri->cache_info.identity_digest);
|
|
|
|
|
digest_to_base64(digest64, ri->cache_info.signed_descriptor_digest);
|
2005-08-25 22:33:17 +02:00
|
|
|
|
|
|
|
|
in.s_addr = htonl(ri->addr);
|
|
|
|
|
tor_inet_ntoa(&in, ipaddr, sizeof(ipaddr));
|
|
|
|
|
|
|
|
|
|
if (tor_snprintf(outp, endp-outp,
|
|
|
|
|
"r %s %s %s %s %s %d %d\n"
|
2006-10-23 05:48:42 +02:00
|
|
|
"s%s%s%s%s%s%s%s%s%s%s\n",
|
2005-08-25 22:33:17 +02:00
|
|
|
ri->nickname,
|
|
|
|
|
identity64,
|
|
|
|
|
digest64,
|
|
|
|
|
published,
|
|
|
|
|
ipaddr,
|
|
|
|
|
ri->or_port,
|
|
|
|
|
ri->dir_port,
|
2005-09-22 08:34:29 +02:00
|
|
|
f_authority?" Authority":"",
|
2006-10-23 05:48:42 +02:00
|
|
|
f_bad_exit?" BadExit":"",
|
2005-08-25 22:33:17 +02:00
|
|
|
f_exit?" Exit":"",
|
|
|
|
|
f_fast?" Fast":"",
|
2006-01-24 01:31:16 +01:00
|
|
|
f_guard?" Guard":"",
|
2005-08-25 22:33:17 +02:00
|
|
|
f_named?" Named":"",
|
2005-09-22 08:34:29 +02:00
|
|
|
f_stable?" Stable":"",
|
|
|
|
|
f_running?" Running":"",
|
2005-12-12 02:03:28 +01:00
|
|
|
f_valid?" Valid":"",
|
|
|
|
|
f_v2_dir?" V2Dir":"")<0) {
|
2007-05-02 11:12:04 +02:00
|
|
|
/* when adding more flags, remember to change
|
|
|
|
|
* the #defines at the top of this function. */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Unable to print router status.");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
2005-10-25 19:52:14 +02:00
|
|
|
}
|
2005-08-25 22:33:17 +02:00
|
|
|
outp += strlen(outp);
|
2006-12-24 05:09:48 +01:00
|
|
|
if (ri->platform && !strcmpstart(ri->platform, "Tor ")) {
|
|
|
|
|
const char *eos = find_whitespace(ri->platform+4);
|
2007-05-01 22:29:32 +02:00
|
|
|
if (eos && !strcmpstart(eos, " (r")) {
|
|
|
|
|
/* XXXX020 Unify this logic with the other version extraction
|
|
|
|
|
* logic */
|
2007-05-01 22:29:26 +02:00
|
|
|
eos = find_whitespace(eos+1);
|
2007-05-01 22:29:32 +02:00
|
|
|
}
|
2007-01-02 07:13:10 +01:00
|
|
|
if (eos) {
|
|
|
|
|
char *platform = tor_strndup(ri->platform, eos-(ri->platform));
|
|
|
|
|
if (tor_snprintf(outp, endp-outp,
|
|
|
|
|
"opt v %s\n", platform)<0) {
|
|
|
|
|
log_warn(LD_BUG, "Unable to print router version.");
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
tor_free(platform);
|
|
|
|
|
outp += strlen(outp);
|
2006-12-24 05:09:48 +01:00
|
|
|
}
|
|
|
|
|
}
|
2006-02-05 03:33:40 +01:00
|
|
|
}
|
|
|
|
|
});
|
2005-08-25 22:33:17 +02:00
|
|
|
|
|
|
|
|
if (tor_snprintf(outp, endp-outp, "directory-signature %s\n",
|
|
|
|
|
get_options()->Nickname)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Unable to write signature line.");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (router_get_networkstatus_v2_hash(status, digest)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Unable to hash network status");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2006-10-31 20:17:07 +01:00
|
|
|
note_crypto_pk_op(SIGN_DIR);
|
2005-09-09 21:37:12 +02:00
|
|
|
if (router_append_dirobj_signature(outp,endp-outp,digest,private_key)<0) {
|
2006-02-13 10:37:53 +01:00
|
|
|
log_warn(LD_BUG, "Unable to sign router status.");
|
2005-08-25 22:33:17 +02:00
|
|
|
goto done;
|
2005-09-09 21:37:12 +02:00
|
|
|
}
|
2005-08-25 22:33:17 +02:00
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
if (the_v2_networkstatus)
|
|
|
|
|
cached_dir_decref(the_v2_networkstatus);
|
|
|
|
|
the_v2_networkstatus = new_cached_dir(status, time(NULL));
|
2005-08-28 06:20:37 +02:00
|
|
|
status = NULL; /* So it doesn't get double-freed. */
|
2005-08-27 00:08:24 +02:00
|
|
|
the_v2_networkstatus_is_dirty = 0;
|
2006-06-20 02:48:23 +02:00
|
|
|
router_set_networkstatus(the_v2_networkstatus->dir,
|
|
|
|
|
time(NULL), NS_GENERATED, NULL);
|
|
|
|
|
r = the_v2_networkstatus;
|
2005-08-25 22:33:17 +02:00
|
|
|
done:
|
|
|
|
|
tor_free(client_versions);
|
|
|
|
|
tor_free(server_versions);
|
|
|
|
|
tor_free(status);
|
|
|
|
|
tor_free(hostname);
|
|
|
|
|
tor_free(identity_pkey);
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
2006-12-30 03:41:14 +01:00
|
|
|
/** Given the portion of a networkstatus request URL after "tor/status/" in
|
|
|
|
|
* <b>key</b>, append to <b>result</b> the digests of the identity keys of the
|
|
|
|
|
* networkstatus objects that the client has requested. */
|
2006-06-20 02:48:23 +02:00
|
|
|
void
|
|
|
|
|
dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
|
|
|
|
|
const char *key)
|
|
|
|
|
{
|
|
|
|
|
tor_assert(result);
|
|
|
|
|
|
|
|
|
|
if (!cached_v2_networkstatus)
|
|
|
|
|
cached_v2_networkstatus = digestmap_new();
|
|
|
|
|
|
|
|
|
|
if (should_generate_v2_networkstatus())
|
|
|
|
|
generate_v2_networkstatus();
|
|
|
|
|
|
|
|
|
|
if (!strcmp(key,"authority")) {
|
2007-05-02 11:12:04 +02:00
|
|
|
if (authdir_mode_v2(get_options())) {
|
2006-06-20 02:48:23 +02:00
|
|
|
routerinfo_t *me = router_get_my_routerinfo();
|
|
|
|
|
if (me)
|
|
|
|
|
smartlist_add(result,
|
|
|
|
|
tor_memdup(me->cache_info.identity_digest, DIGEST_LEN));
|
|
|
|
|
}
|
|
|
|
|
} else if (!strcmp(key, "all")) {
|
2006-12-08 02:50:02 +01:00
|
|
|
if (digestmap_size(cached_v2_networkstatus)) {
|
|
|
|
|
digestmap_iter_t *iter;
|
|
|
|
|
iter = digestmap_iter_init(cached_v2_networkstatus);
|
|
|
|
|
while (!digestmap_iter_done(iter)) {
|
|
|
|
|
const char *ident;
|
|
|
|
|
void *val;
|
|
|
|
|
digestmap_iter_get(iter, &ident, &val);
|
|
|
|
|
smartlist_add(result, tor_memdup(ident, DIGEST_LEN));
|
|
|
|
|
iter = digestmap_iter_next(cached_v2_networkstatus, iter);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
|
|
|
|
|
trusted_dir_server_t *, ds,
|
2007-05-09 06:15:46 +02:00
|
|
|
if (ds->type & V2_AUTHORITY)
|
2007-05-02 11:12:04 +02:00
|
|
|
smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
|
2006-06-20 02:48:23 +02:00
|
|
|
}
|
2006-06-21 06:57:12 +02:00
|
|
|
smartlist_sort_digests(result);
|
2006-06-20 02:48:23 +02:00
|
|
|
if (smartlist_len(result) == 0)
|
|
|
|
|
log_warn(LD_DIRSERV,
|
|
|
|
|
"Client requested 'all' network status objects; we have none.");
|
|
|
|
|
} else if (!strcmpstart(key, "fp/")) {
|
2006-06-21 06:57:12 +02:00
|
|
|
dir_split_resource_into_fingerprints(key+3, result, NULL, 1, 1);
|
2006-06-20 02:48:23 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-08-26 20:02:49 +02:00
|
|
|
/** Look for a network status object as specified by <b>key</b>, which should
|
2005-08-30 08:01:13 +02:00
|
|
|
* be either "authority" (to find a network status generated by us), a hex
|
2005-08-26 20:02:49 +02:00
|
|
|
* identity digest (to find a network status generated by given directory), or
|
2006-04-02 00:00:49 +02:00
|
|
|
* "all" (to return all the v2 network status objects we have).
|
2005-08-26 20:02:49 +02:00
|
|
|
*/
|
2006-04-02 00:00:49 +02:00
|
|
|
void
|
2005-09-07 18:42:53 +02:00
|
|
|
dirserv_get_networkstatus_v2(smartlist_t *result,
|
|
|
|
|
const char *key)
|
2005-08-25 22:33:17 +02:00
|
|
|
{
|
2006-12-30 03:41:14 +01:00
|
|
|
cached_dir_t *cached;
|
|
|
|
|
smartlist_t *fingerprints = smartlist_create();
|
2005-09-07 18:42:53 +02:00
|
|
|
tor_assert(result);
|
|
|
|
|
|
2005-09-08 20:14:23 +02:00
|
|
|
if (!cached_v2_networkstatus)
|
2005-10-18 22:12:22 +02:00
|
|
|
cached_v2_networkstatus = digestmap_new();
|
2005-09-08 20:14:23 +02:00
|
|
|
|
2006-12-30 03:41:14 +01:00
|
|
|
dirserv_get_networkstatus_v2_fingerprints(fingerprints, key);
|
|
|
|
|
SMARTLIST_FOREACH(fingerprints, const char *, fp,
|
|
|
|
|
{
|
|
|
|
|
if (router_digest_is_me(fp) && should_generate_v2_networkstatus())
|
2007-01-05 07:03:10 +01:00
|
|
|
generate_v2_networkstatus();
|
2006-12-30 03:41:14 +01:00
|
|
|
cached = digestmap_get(cached_v2_networkstatus, fp);
|
|
|
|
|
if (cached) {
|
|
|
|
|
smartlist_add(result, cached);
|
|
|
|
|
} else {
|
|
|
|
|
char hexbuf[HEX_DIGEST_LEN+1];
|
|
|
|
|
base16_encode(hexbuf, sizeof(hexbuf), fp, DIGEST_LEN);
|
|
|
|
|
log_info(LD_DIRSERV, "Don't know about any network status with "
|
|
|
|
|
"fingerprint '%s'", hexbuf);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
SMARTLIST_FOREACH(fingerprints, char *, cp, tor_free(cp));
|
|
|
|
|
smartlist_free(fingerprints);
|
2005-08-25 22:33:17 +02:00
|
|
|
}
|
|
|
|
|
|
2006-06-18 09:38:55 +02:00
|
|
|
/** As dirserv_get_routerdescs(), but instead of getting signed_descriptor_t
|
2007-04-16 20:39:39 +02:00
|
|
|
* pointers, adds copies of digests to fps_out, and doesn't use the
|
|
|
|
|
* /tor/server/ prefix. For a /d/ request, adds descriptor digests; for other
|
|
|
|
|
* requests, adds identity digests.
|
2006-06-18 09:38:55 +02:00
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
dirserv_get_routerdesc_fingerprints(smartlist_t *fps_out, const char *key,
|
|
|
|
|
const char **msg)
|
|
|
|
|
{
|
|
|
|
|
*msg = NULL;
|
|
|
|
|
|
2007-04-16 20:39:39 +02:00
|
|
|
if (!strcmp(key, "all")) {
|
2006-06-18 09:38:55 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
|
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
|
|
|
|
|
smartlist_add(fps_out,
|
|
|
|
|
tor_memdup(r->cache_info.identity_digest, DIGEST_LEN)));
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmp(key, "authority")) {
|
2006-06-18 09:38:55 +02:00
|
|
|
routerinfo_t *ri = router_get_my_routerinfo();
|
|
|
|
|
if (ri)
|
|
|
|
|
smartlist_add(fps_out,
|
|
|
|
|
tor_memdup(ri->cache_info.identity_digest, DIGEST_LEN));
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmpstart(key, "d/")) {
|
|
|
|
|
key += strlen("d/");
|
2006-06-21 06:57:12 +02:00
|
|
|
dir_split_resource_into_fingerprints(key, fps_out, NULL, 1, 1);
|
2007-04-16 20:39:39 +02:00
|
|
|
} else if (!strcmpstart(key, "fp/")) {
|
|
|
|
|
key += strlen("fp/");
|
2006-06-21 06:57:12 +02:00
|
|
|
dir_split_resource_into_fingerprints(key, fps_out, NULL, 1, 1);
|
2006-06-18 09:38:55 +02:00
|
|
|
} else {
|
|
|
|
|
*msg = "Key not recognized";
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!smartlist_len(fps_out)) {
|
|
|
|
|
*msg = "Servers unavailable";
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2005-11-05 21:15:27 +01:00
|
|
|
/** Add a signed_descriptor_t to <b>descs_out</b> for each router matching
|
2005-10-18 16:33:19 +02:00
|
|
|
* <b>key</b>. The key should be either
|
|
|
|
|
* - "/tor/server/authority" for our own routerinfo;
|
|
|
|
|
* - "/tor/server/all" for all the routerinfos we have, concatenated;
|
|
|
|
|
* - "/tor/server/fp/FP" where FP is a plus-separated sequence of
|
|
|
|
|
* hex identity digests; or
|
2005-10-18 16:34:49 +02:00
|
|
|
* - "/tor/server/d/D" where D is a plus-separated sequence
|
2005-10-18 16:33:19 +02:00
|
|
|
* of server descriptor digests, in hex.
|
2005-10-18 19:09:57 +02:00
|
|
|
*
|
2005-11-01 04:48:51 +01:00
|
|
|
* Return 0 if we found some matching descriptors, or -1 if we do not
|
|
|
|
|
* have any descriptors, no matching descriptors, or if we did not
|
|
|
|
|
* recognize the key (URL).
|
|
|
|
|
* If -1 is returned *<b>msg</b> will be set to an appropriate error
|
|
|
|
|
* message.
|
2006-03-15 06:06:56 +01:00
|
|
|
*
|
|
|
|
|
* (Despite its name, this function is also called from the controller, which
|
|
|
|
|
* exposes a similar means to fetch descriptors.)
|
2005-08-26 20:02:49 +02:00
|
|
|
*/
|
2005-10-18 19:09:57 +02:00
|
|
|
int
|
|
|
|
|
dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
|
|
|
|
|
const char **msg)
|
2005-08-25 22:33:17 +02:00
|
|
|
{
|
2005-10-18 19:09:57 +02:00
|
|
|
*msg = NULL;
|
|
|
|
|
|
2005-08-25 22:33:17 +02:00
|
|
|
if (!strcmp(key, "/tor/server/all")) {
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2005-11-05 21:15:27 +01:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
|
|
|
|
|
smartlist_add(descs_out, &(r->cache_info)));
|
2005-08-25 22:33:17 +02:00
|
|
|
} else if (!strcmp(key, "/tor/server/authority")) {
|
|
|
|
|
routerinfo_t *ri = router_get_my_routerinfo();
|
|
|
|
|
if (ri)
|
2005-11-05 21:15:27 +01:00
|
|
|
smartlist_add(descs_out, &(ri->cache_info));
|
2005-10-14 06:56:20 +02:00
|
|
|
} else if (!strcmpstart(key, "/tor/server/d/")) {
|
|
|
|
|
smartlist_t *digests = smartlist_create();
|
|
|
|
|
key += strlen("/tor/server/d/");
|
2006-06-21 06:57:12 +02:00
|
|
|
dir_split_resource_into_fingerprints(key, digests, NULL, 1, 1);
|
2005-10-14 06:56:20 +02:00
|
|
|
SMARTLIST_FOREACH(digests, const char *, d,
|
|
|
|
|
{
|
2005-11-05 21:15:27 +01:00
|
|
|
signed_descriptor_t *sd = router_get_by_descriptor_digest(d);
|
|
|
|
|
if (sd)
|
|
|
|
|
smartlist_add(descs_out,sd);
|
2005-10-14 06:56:20 +02:00
|
|
|
});
|
|
|
|
|
SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
|
|
|
|
|
smartlist_free(digests);
|
2005-08-25 22:33:17 +02:00
|
|
|
} else if (!strcmpstart(key, "/tor/server/fp/")) {
|
|
|
|
|
smartlist_t *digests = smartlist_create();
|
2006-03-08 07:29:52 +01:00
|
|
|
time_t cutoff = time(NULL) - ROUTER_MAX_AGE_TO_PUBLISH;
|
2005-08-25 22:33:17 +02:00
|
|
|
key += strlen("/tor/server/fp/");
|
2006-06-21 06:57:12 +02:00
|
|
|
dir_split_resource_into_fingerprints(key, digests, NULL, 1, 1);
|
2005-09-08 23:01:24 +02:00
|
|
|
SMARTLIST_FOREACH(digests, const char *, d,
|
|
|
|
|
{
|
|
|
|
|
if (router_digest_is_me(d)) {
|
2005-11-05 21:15:27 +01:00
|
|
|
smartlist_add(descs_out, &(router_get_my_routerinfo()->cache_info));
|
2005-09-08 23:01:24 +02:00
|
|
|
} else {
|
|
|
|
|
routerinfo_t *ri = router_get_by_digest(d);
|
2006-01-10 05:57:12 +01:00
|
|
|
/* Don't actually serve a descriptor that everyone will think is
|
|
|
|
|
* expired. This is an (ugly) workaround to keep buggy 0.1.1.10
|
|
|
|
|
* Tors from downloading descriptors that they will throw away.
|
|
|
|
|
*/
|
|
|
|
|
if (ri && ri->cache_info.published_on > cutoff)
|
2005-11-05 21:15:27 +01:00
|
|
|
smartlist_add(descs_out, &(ri->cache_info));
|
2005-09-08 23:01:24 +02:00
|
|
|
}
|
|
|
|
|
});
|
2005-08-25 22:33:17 +02:00
|
|
|
SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
|
|
|
|
|
smartlist_free(digests);
|
2005-10-18 19:09:57 +02:00
|
|
|
} else {
|
|
|
|
|
*msg = "Key not recognized";
|
|
|
|
|
return -1;
|
2004-06-25 02:29:31 +02:00
|
|
|
}
|
2005-10-18 19:09:57 +02:00
|
|
|
|
|
|
|
|
if (!smartlist_len(descs_out)) {
|
|
|
|
|
*msg = "Servers unavailable";
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
2004-06-16 23:08:29 +02:00
|
|
|
}
|
|
|
|
|
|
2005-04-06 23:09:47 +02:00
|
|
|
/** Called when a TLS handshake has completed successfully with a
|
|
|
|
|
* router listening at <b>address</b>:<b>or_port</b>, and has yielded
|
2007-02-24 02:26:09 +01:00
|
|
|
* a certificate with digest <b>digest_rcvd</b>.
|
2005-06-21 01:04:13 +02:00
|
|
|
*
|
|
|
|
|
* Also, if as_advertised is 1, then inform the reachability checker
|
|
|
|
|
* that we could get to this guy.
|
2005-04-06 23:09:47 +02:00
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
dirserv_orconn_tls_done(const char *address,
|
|
|
|
|
uint16_t or_port,
|
|
|
|
|
const char *digest_rcvd,
|
2005-08-24 04:31:02 +02:00
|
|
|
int as_advertised)
|
2005-04-06 23:09:47 +02:00
|
|
|
{
|
2005-10-18 19:43:54 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2005-04-06 23:09:47 +02:00
|
|
|
tor_assert(address);
|
|
|
|
|
tor_assert(digest_rcvd);
|
|
|
|
|
|
2007-01-02 22:47:21 +01:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
|
|
|
|
|
if (!strcasecmp(address, ri->address) && or_port == ri->or_port &&
|
2007-01-05 07:03:10 +01:00
|
|
|
as_advertised &&
|
2007-02-24 02:26:09 +01:00
|
|
|
!memcmp(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
|
|
|
|
|
/* correct digest. mark this router reachable! */
|
2006-02-13 10:37:53 +01:00
|
|
|
log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
|
|
|
|
|
ri->nickname);
|
2005-08-24 04:31:02 +02:00
|
|
|
ri->last_reachable = time(NULL);
|
2005-09-01 10:13:40 +02:00
|
|
|
ri->num_unreachable_notifications = 0;
|
2005-04-06 23:09:47 +02:00
|
|
|
}
|
2007-01-02 22:47:21 +01:00
|
|
|
});
|
|
|
|
|
/* FFFF Maybe we should reinstate the code that dumps routers with the same
|
|
|
|
|
* addr/port but with nonmatching keys, but instead of dumping, we should
|
|
|
|
|
* skip testing. */
|
2005-04-06 23:09:47 +02:00
|
|
|
}
|
|
|
|
|
|
2006-07-04 05:31:27 +02:00
|
|
|
/** Auth dir server only: if <b>try_all</b> is 1, launch connections to
|
|
|
|
|
* all known routers; else we want to load balance such that we only
|
|
|
|
|
* try a few connections per call.
|
|
|
|
|
*
|
|
|
|
|
* The load balancing is such that if we get called once every ten
|
|
|
|
|
* seconds, we will cycle through all the tests in 1280 seconds (a
|
|
|
|
|
* bit over 20 minutes).
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
dirserv_test_reachability(int try_all)
|
|
|
|
|
{
|
|
|
|
|
time_t now = time(NULL);
|
2007-03-01 05:40:43 +01:00
|
|
|
/* XXX decide what to do here; see or-talk thread "purging old router
|
|
|
|
|
* information, revocation." -NM
|
|
|
|
|
* We can't afford to mess with this in 0.1.2.x. The reason is that
|
|
|
|
|
* if we stop doing reachability tests on some of routerlist, then
|
|
|
|
|
* we'll for-sure think they're down, which may have unexpected
|
|
|
|
|
* effects in other parts of the code. It doesn't hurt much to do
|
|
|
|
|
* the testing, and directory authorities are easy to upgrade. Let's
|
|
|
|
|
* wait til 0.2.0. -RD */
|
2007-02-28 22:06:05 +01:00
|
|
|
// time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
2006-07-04 05:31:27 +02:00
|
|
|
routerlist_t *rl = router_get_routerlist();
|
|
|
|
|
static char ctr = 0;
|
|
|
|
|
|
|
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
|
|
|
|
|
const char *id_digest = router->cache_info.identity_digest;
|
|
|
|
|
if (router_is_me(router))
|
|
|
|
|
continue;
|
2007-02-28 22:06:05 +01:00
|
|
|
// if (router->cache_info.published_on > cutoff)
|
|
|
|
|
// continue;
|
2006-07-04 05:31:27 +02:00
|
|
|
if (try_all || (((uint8_t)id_digest[0]) % 128) == ctr) {
|
|
|
|
|
log_debug(LD_OR,"Testing reachability of %s at %s:%u.",
|
|
|
|
|
router->nickname, router->address, router->or_port);
|
|
|
|
|
/* Remember when we started trying to determine reachability */
|
|
|
|
|
if (!router->testing_since)
|
|
|
|
|
router->testing_since = now;
|
|
|
|
|
connection_or_connect(router->addr, router->or_port,
|
|
|
|
|
id_digest);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
if (!try_all) /* increment ctr */
|
|
|
|
|
ctr = (ctr + 1) % 128;
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-05 07:03:10 +01:00
|
|
|
/** Return an approximate estimate of the number of bytes that will
|
|
|
|
|
* be needed to transmit the server descriptors (if is_serverdescs --
|
|
|
|
|
* they can be either d/ or fp/ queries) or networkstatus objects (if
|
|
|
|
|
* !is_serverdescs) listed in <b>fps</b>. If <b>compressed</b> is set,
|
|
|
|
|
* we guess how large the data will be after compression.
|
2007-01-03 20:58:00 +01:00
|
|
|
*
|
|
|
|
|
* The return value is an estimate; it might be larger or smaller.
|
|
|
|
|
**/
|
|
|
|
|
size_t
|
|
|
|
|
dirserv_estimate_data_size(smartlist_t *fps, int is_serverdescs,
|
|
|
|
|
int compressed)
|
|
|
|
|
{
|
|
|
|
|
size_t result;
|
2007-01-05 07:30:31 +01:00
|
|
|
tor_assert(fps);
|
2007-01-03 20:58:00 +01:00
|
|
|
if (is_serverdescs) {
|
|
|
|
|
int n = smartlist_len(fps);
|
|
|
|
|
routerinfo_t *me = router_get_my_routerinfo();
|
|
|
|
|
result = (me?me->cache_info.signed_descriptor_len:2048) * n;
|
|
|
|
|
if (compressed)
|
|
|
|
|
result /= 2; /* observed compressability is between 35 and 55%. */
|
|
|
|
|
} else {
|
|
|
|
|
result = 0;
|
|
|
|
|
SMARTLIST_FOREACH(fps, const char *, d, {
|
|
|
|
|
cached_dir_t *dir = digestmap_get(cached_v2_networkstatus, d);
|
|
|
|
|
if (dir)
|
|
|
|
|
result += compressed ? dir->dir_z_len : dir->dir_len;
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2006-06-18 09:38:55 +02:00
|
|
|
/** When we're spooling data onto our outbuf, add more whenever we dip
|
|
|
|
|
* below this threshold. */
|
|
|
|
|
#define DIRSERV_BUFFER_MIN 16384
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Spooling helper: called when we have no more data to spool to <b>conn</b>.
|
|
|
|
|
* Flushes any remaining data to be (un)compressed, and changes the spool
|
|
|
|
|
* source to NONE. Returns 0 on success, negative on failure. */
|
2006-06-20 02:48:23 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dirserv_finish_spooling(dir_connection_t *conn)
|
2006-06-20 02:48:23 +02:00
|
|
|
{
|
|
|
|
|
if (conn->zlib_state) {
|
2006-12-29 06:07:04 +01:00
|
|
|
connection_write_to_buf_zlib("", 0, conn, 1);
|
2006-06-20 02:48:23 +02:00
|
|
|
tor_zlib_free(conn->zlib_state);
|
|
|
|
|
conn->zlib_state = NULL;
|
|
|
|
|
}
|
|
|
|
|
conn->dir_spool_src = DIR_SPOOL_NONE;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Spooling helper: called when we're sending a bunch of server descriptors,
|
|
|
|
|
* and the outbuf has become too empty. Pulls some entries from
|
|
|
|
|
* fingerprint_stack, and writes the corresponding servers onto outbuf. If we
|
|
|
|
|
* run out of entries, flushes the zlib state and sets the spool source to
|
|
|
|
|
* NONE. Returns 0 on success, negative on failure.
|
|
|
|
|
*/
|
2006-06-18 09:38:55 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dirserv_add_servers_to_outbuf(dir_connection_t *conn)
|
2006-06-18 09:38:55 +02:00
|
|
|
{
|
2007-04-16 20:39:39 +02:00
|
|
|
int by_fp = (conn->dir_spool_src == DIR_SPOOL_SERVER_BY_FP ||
|
|
|
|
|
conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_FP);
|
|
|
|
|
int extra = (conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_FP ||
|
|
|
|
|
conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_DIGEST);
|
|
|
|
|
time_t publish_cutoff = time(NULL)-ROUTER_MAX_AGE_TO_PUBLISH;
|
2006-06-18 09:38:55 +02:00
|
|
|
|
|
|
|
|
while (smartlist_len(conn->fingerprint_stack) &&
|
2006-07-26 21:07:26 +02:00
|
|
|
buf_datalen(conn->_base.outbuf) < DIRSERV_BUFFER_MIN) {
|
2006-06-22 09:34:04 +02:00
|
|
|
const char *body;
|
2006-06-18 09:38:55 +02:00
|
|
|
char *fp = smartlist_pop_last(conn->fingerprint_stack);
|
|
|
|
|
signed_descriptor_t *sd = NULL;
|
2006-06-18 10:07:16 +02:00
|
|
|
if (by_fp) {
|
2006-06-18 09:38:55 +02:00
|
|
|
if (router_digest_is_me(fp)) {
|
2007-04-16 20:39:39 +02:00
|
|
|
if (extra)
|
|
|
|
|
sd = &(router_get_my_extrainfo()->cache_info);
|
|
|
|
|
else
|
|
|
|
|
sd = &(router_get_my_routerinfo()->cache_info);
|
2006-06-18 09:38:55 +02:00
|
|
|
} else {
|
|
|
|
|
routerinfo_t *ri = router_get_by_digest(fp);
|
|
|
|
|
if (ri &&
|
2007-04-16 20:39:39 +02:00
|
|
|
ri->cache_info.published_on > publish_cutoff) {
|
2007-04-16 23:37:21 +02:00
|
|
|
if (extra)
|
|
|
|
|
sd = extrainfo_get_by_descriptor_digest(
|
|
|
|
|
ri->cache_info.extra_info_digest);
|
|
|
|
|
else
|
2007-04-16 20:39:39 +02:00
|
|
|
sd = &ri->cache_info;
|
|
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
2007-04-16 20:39:39 +02:00
|
|
|
} else {
|
|
|
|
|
sd = extra ? extrainfo_get_by_descriptor_digest(fp)
|
|
|
|
|
: router_get_by_descriptor_digest(fp);
|
|
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
tor_free(fp);
|
|
|
|
|
if (!sd)
|
|
|
|
|
continue;
|
2006-06-22 09:01:54 +02:00
|
|
|
body = signed_descriptor_get_body(sd);
|
2006-06-18 09:38:55 +02:00
|
|
|
if (conn->zlib_state) {
|
2006-06-29 13:19:52 +02:00
|
|
|
int last = ! smartlist_len(conn->fingerprint_stack);
|
2006-12-29 06:07:04 +01:00
|
|
|
connection_write_to_buf_zlib(body, sd->signed_descriptor_len, conn,
|
|
|
|
|
last);
|
2006-06-29 13:19:52 +02:00
|
|
|
if (last) {
|
2006-07-06 04:45:46 +02:00
|
|
|
tor_zlib_free(conn->zlib_state);
|
|
|
|
|
conn->zlib_state = NULL;
|
2006-06-29 13:19:52 +02:00
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
} else {
|
2006-06-22 09:01:54 +02:00
|
|
|
connection_write_to_buf(body,
|
2006-06-18 10:46:55 +02:00
|
|
|
sd->signed_descriptor_len,
|
2006-07-26 21:07:26 +02:00
|
|
|
TO_CONN(conn));
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!smartlist_len(conn->fingerprint_stack)) {
|
|
|
|
|
/* We just wrote the last one; finish up. */
|
2006-06-29 13:19:52 +02:00
|
|
|
conn->dir_spool_src = DIR_SPOOL_NONE;
|
2006-06-18 09:38:55 +02:00
|
|
|
smartlist_free(conn->fingerprint_stack);
|
|
|
|
|
conn->fingerprint_stack = NULL;
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-23 20:22:52 +01:00
|
|
|
/** Spooling helper: Called when we're sending a directory or networkstatus,
|
|
|
|
|
* and the outbuf has become too empty. Pulls some bytes from
|
|
|
|
|
* <b>conn</b>-\>cached_dir-\>dir_z, uncompresses them if appropriate, and
|
|
|
|
|
* puts them on the outbuf. If we run out of entries, flushes the zlib state
|
|
|
|
|
* and sets the spool source to NONE. Returns 0 on success, negative on
|
|
|
|
|
* failure. */
|
2006-06-18 09:38:55 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dirserv_add_dir_bytes_to_outbuf(dir_connection_t *conn)
|
2006-06-18 09:38:55 +02:00
|
|
|
{
|
2006-11-14 02:07:52 +01:00
|
|
|
ssize_t bytes;
|
|
|
|
|
int64_t remaining;
|
2006-06-18 09:38:55 +02:00
|
|
|
|
2006-07-26 21:07:26 +02:00
|
|
|
bytes = DIRSERV_BUFFER_MIN - buf_datalen(conn->_base.outbuf);
|
2006-06-18 09:38:55 +02:00
|
|
|
tor_assert(bytes > 0);
|
2006-06-18 22:58:27 +02:00
|
|
|
tor_assert(conn->cached_dir);
|
2006-06-18 09:38:55 +02:00
|
|
|
if (bytes < 8192)
|
|
|
|
|
bytes = 8192;
|
|
|
|
|
remaining = conn->cached_dir->dir_z_len - conn->cached_dir_offset;
|
|
|
|
|
if (bytes > remaining)
|
2006-11-14 02:07:52 +01:00
|
|
|
bytes = (ssize_t) remaining;
|
2006-06-18 09:38:55 +02:00
|
|
|
|
|
|
|
|
if (conn->zlib_state) {
|
2006-12-29 06:07:04 +01:00
|
|
|
connection_write_to_buf_zlib(
|
2006-06-18 10:46:55 +02:00
|
|
|
conn->cached_dir->dir_z + conn->cached_dir_offset,
|
2006-12-29 06:07:04 +01:00
|
|
|
bytes, conn, bytes == remaining);
|
2006-06-18 09:38:55 +02:00
|
|
|
} else {
|
2006-06-18 10:46:55 +02:00
|
|
|
connection_write_to_buf(conn->cached_dir->dir_z + conn->cached_dir_offset,
|
2006-07-26 21:07:26 +02:00
|
|
|
bytes, TO_CONN(conn));
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
|
|
|
|
conn->cached_dir_offset += bytes;
|
2006-06-18 22:58:27 +02:00
|
|
|
if (conn->cached_dir_offset == (int)conn->cached_dir->dir_z_len) {
|
2006-06-18 09:38:55 +02:00
|
|
|
/* We just wrote the last one; finish up. */
|
2006-06-20 08:27:13 +02:00
|
|
|
connection_dirserv_finish_spooling(conn);
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_decref(conn->cached_dir);
|
|
|
|
|
conn->cached_dir = NULL;
|
2006-06-20 02:48:23 +02:00
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-02 21:06:43 +01:00
|
|
|
/** Spooling helper: Called when we're spooling networkstatus objects on
|
2007-01-23 20:22:52 +01:00
|
|
|
* <b>conn</b>, and the outbuf has become too empty. If the current
|
|
|
|
|
* networkstatus object (in <b>conn</b>-\>cached_dir) has more data, pull data
|
|
|
|
|
* from there. Otherwise, pop the next fingerprint from fingerprint_stack,
|
|
|
|
|
* and start spooling the next networkstatus. If we run out of entries,
|
|
|
|
|
* flushes the zlib state and sets the spool source to NONE. Returns 0 on
|
|
|
|
|
* success, negative on failure. */
|
2006-06-20 02:48:23 +02:00
|
|
|
static int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dirserv_add_networkstatus_bytes_to_outbuf(dir_connection_t *conn)
|
2006-06-20 02:48:23 +02:00
|
|
|
{
|
2006-06-20 08:27:13 +02:00
|
|
|
|
2006-07-26 21:07:26 +02:00
|
|
|
while (buf_datalen(conn->_base.outbuf) < DIRSERV_BUFFER_MIN) {
|
2006-06-20 02:48:23 +02:00
|
|
|
if (conn->cached_dir) {
|
2006-06-20 08:27:13 +02:00
|
|
|
int uncompressing = (conn->zlib_state != NULL);
|
|
|
|
|
int r = connection_dirserv_add_dir_bytes_to_outbuf(conn);
|
2006-06-21 01:06:52 +02:00
|
|
|
if (conn->dir_spool_src == DIR_SPOOL_NONE) {
|
2006-06-22 09:25:15 +02:00
|
|
|
/* add_dir_bytes thinks we're done with the cached_dir. But we
|
|
|
|
|
* may have more cached_dirs! */
|
|
|
|
|
conn->dir_spool_src = DIR_SPOOL_NETWORKSTATUS;
|
|
|
|
|
/* This bit is tricky. If we were uncompressing the last
|
|
|
|
|
* networkstatus, we may need to make a new zlib object to
|
|
|
|
|
* uncompress the next one. */
|
|
|
|
|
if (uncompressing && ! conn->zlib_state &&
|
|
|
|
|
conn->fingerprint_stack &&
|
|
|
|
|
smartlist_len(conn->fingerprint_stack)) {
|
|
|
|
|
conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
|
|
|
|
|
}
|
2006-06-21 01:06:52 +02:00
|
|
|
}
|
2006-06-20 08:27:13 +02:00
|
|
|
if (r) return r;
|
2006-06-20 02:48:23 +02:00
|
|
|
} else if (conn->fingerprint_stack &&
|
|
|
|
|
smartlist_len(conn->fingerprint_stack)) {
|
|
|
|
|
/* Add another networkstatus; start serving it. */
|
|
|
|
|
char *fp = smartlist_pop_last(conn->fingerprint_stack);
|
|
|
|
|
cached_dir_t *d;
|
|
|
|
|
if (router_digest_is_me(fp))
|
|
|
|
|
d = the_v2_networkstatus;
|
|
|
|
|
else
|
|
|
|
|
d = digestmap_get(cached_v2_networkstatus, fp);
|
|
|
|
|
tor_free(fp);
|
|
|
|
|
if (d) {
|
|
|
|
|
++d->refcnt;
|
|
|
|
|
conn->cached_dir = d;
|
|
|
|
|
conn->cached_dir_offset = 0;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
connection_dirserv_finish_spooling(conn);
|
|
|
|
|
if (conn->fingerprint_stack)
|
|
|
|
|
smartlist_free(conn->fingerprint_stack);
|
|
|
|
|
conn->fingerprint_stack = NULL;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** Called whenever we have flushed some directory data in state
|
|
|
|
|
* SERVER_WRITING. */
|
|
|
|
|
int
|
2006-07-26 21:07:26 +02:00
|
|
|
connection_dirserv_flushed_some(dir_connection_t *conn)
|
2006-06-18 09:38:55 +02:00
|
|
|
{
|
2006-07-26 21:07:26 +02:00
|
|
|
tor_assert(conn->_base.state == DIR_CONN_STATE_SERVER_WRITING);
|
2006-06-18 09:38:55 +02:00
|
|
|
|
2006-08-11 09:09:17 +02:00
|
|
|
if (buf_datalen(conn->_base.outbuf) >= DIRSERV_BUFFER_MIN)
|
2006-06-18 09:38:55 +02:00
|
|
|
return 0;
|
|
|
|
|
|
2006-06-20 02:48:23 +02:00
|
|
|
switch (conn->dir_spool_src) {
|
2007-04-16 20:39:39 +02:00
|
|
|
case DIR_SPOOL_EXTRA_BY_DIGEST:
|
|
|
|
|
case DIR_SPOOL_EXTRA_BY_FP:
|
2006-06-20 02:48:23 +02:00
|
|
|
case DIR_SPOOL_SERVER_BY_DIGEST:
|
|
|
|
|
case DIR_SPOOL_SERVER_BY_FP:
|
2006-06-18 09:55:04 +02:00
|
|
|
return connection_dirserv_add_servers_to_outbuf(conn);
|
2006-06-20 02:48:23 +02:00
|
|
|
case DIR_SPOOL_CACHED_DIR:
|
2006-06-18 09:55:04 +02:00
|
|
|
return connection_dirserv_add_dir_bytes_to_outbuf(conn);
|
2006-06-20 02:48:23 +02:00
|
|
|
case DIR_SPOOL_NETWORKSTATUS:
|
|
|
|
|
return connection_dirserv_add_networkstatus_bytes_to_outbuf(conn);
|
2006-08-11 09:09:17 +02:00
|
|
|
case DIR_SPOOL_NONE:
|
2006-06-18 09:57:47 +02:00
|
|
|
default:
|
|
|
|
|
return 0;
|
2006-06-18 09:38:55 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-06-11 20:52:12 +02:00
|
|
|
/** Release all storage used by the directory server. */
|
2005-02-11 00:18:39 +01:00
|
|
|
void
|
|
|
|
|
dirserv_free_all(void)
|
|
|
|
|
{
|
2006-10-23 05:48:42 +02:00
|
|
|
dirserv_free_fingerprint_list();
|
|
|
|
|
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_decref(the_directory);
|
2005-08-25 22:33:17 +02:00
|
|
|
clear_cached_dir(&the_runningrouters);
|
2006-06-20 02:48:23 +02:00
|
|
|
cached_dir_decref(the_v2_networkstatus);
|
2006-06-18 09:38:55 +02:00
|
|
|
cached_dir_decref(cached_directory);
|
2005-08-25 22:33:17 +02:00
|
|
|
clear_cached_dir(&cached_runningrouters);
|
2005-08-26 20:48:13 +02:00
|
|
|
if (cached_v2_networkstatus) {
|
2006-06-20 02:48:23 +02:00
|
|
|
digestmap_free(cached_v2_networkstatus, _free_cached_dir);
|
2005-08-26 20:48:13 +02:00
|
|
|
cached_v2_networkstatus = NULL;
|
|
|
|
|
}
|
2005-02-11 00:18:39 +01:00
|
|
|
}
|
2005-06-09 21:03:31 +02:00
|
|
|
|
