mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Remove need for dirservers file: now, we note trusted dirservers in configuration options, and only need to remember addr:port and key digest for each one.
svn:r2479
This commit is contained in:
parent
55634e4eec
commit
0d5a847f12
4
doc/TODO
4
doc/TODO
@ -13,8 +13,8 @@ ARMA - arma claims
|
||||
|
||||
0.0.9pre2:
|
||||
R . bandwidth buckets for write as well as read.
|
||||
N - switch dirservers entries to config lines.
|
||||
N - add three default dirplaces if we parse the whole torrc and
|
||||
o switch dirservers entries to config lines.
|
||||
o add three default dirplaces if we parse the whole torrc and
|
||||
no dirplaces are specified.
|
||||
N - Handle rendezvousing with unverified nodes.
|
||||
- Specify: Stick rendezvous point's key in INTRODUCE cell.
|
||||
|
@ -1,5 +1,5 @@
|
||||
confdir = $(sysconfdir)/tor
|
||||
|
||||
EXTRA_DIST = dirservers
|
||||
EXTRA_DIST =
|
||||
|
||||
conf_DATA = dirservers torrc.sample
|
||||
conf_DATA = torrc.sample
|
||||
|
@ -1,9 +1,5 @@
|
||||
# Configuration file for a typical tor user
|
||||
|
||||
# List of routers. Tor nodes start out knowing about the directory
|
||||
# servers, and from them they get a list of currently up nodes.
|
||||
RouterFile @CONFDIR@/dirservers
|
||||
|
||||
# Replace this with "SocksPort 0" if you don't want clients to connect.
|
||||
SocksPort 9050
|
||||
SocksBindAddress 127.0.0.1 # accept connections only from localhost
|
||||
@ -37,6 +33,14 @@ AllowUnverifiedNodes middle,rendezvous
|
||||
# Uncomment this to start the process in the background
|
||||
#RunAsDaemon 1
|
||||
|
||||
# The three trusted directory servers on the current Tor network. The entries
|
||||
# below are for moria1, moria2, and tor26 respectively. Tor only trusts
|
||||
# directories signed with one of these three keys, and uses the given addresses
|
||||
# to conntect to the trusted directory servers.
|
||||
DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
|
||||
DirServer 18.244.0.188:9032 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
|
||||
DirServer 62.116.124.106:9030 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
|
||||
|
||||
##################### Below is just for servers #####################
|
||||
|
||||
## NOTE: If you enable these, you should consider mailing your
|
||||
|
119
src/or/config.c
119
src/or/config.c
@ -282,124 +282,6 @@ static int config_assign(or_options_t *options, struct config_line_t *list) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
const char default_dirservers_string[] =
|
||||
"router moria1 18.244.0.188 9001 9021 9031\n"
|
||||
"platform Tor 0.0.6rc1 on Linux moria.mit.edu i686\n"
|
||||
"published 2004-04-25 21:54:28\n"
|
||||
"bandwidth 800000 10000000\n"
|
||||
"onion-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBANoIvHieyHUTzIacbnWOnyTyzGrLOdXqbcjz2GGMxyHEd5K1bO1ZBNHP\n"
|
||||
"9i5qLQpN5viFk2K2rEGuG8tFgDEzSWZEtBqv3NVfUdiumdERWMBwlaQ0MVK4C+jf\n"
|
||||
"y5gZ8KI3o9ZictgPS1AQF+Kk932/vIHTuRIUKb4ILTnQilNvID0NAgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"signing-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBAMHa0ZC/jo2Q2DrwKYF/6ZbmZ27PFYG91u4gUzzmZ/VXLpZ8wNzEV3oW\n"
|
||||
"nt+I61048fBiC1frT1/DZ351n2bLSk9zJbB6jyGZJn0380FPRX3+cXyXS0Gq8Ril\n"
|
||||
"xkhMQf5XuNFUb8UmYPSOH4WErjvYjKvU+gfjbK/82Jo9SuHpYz+BAgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"reject 0.0.0.0/255.0.0.0:*\n"
|
||||
"reject 169.254.0.0/255.255.0.0:*\n"
|
||||
"reject 127.0.0.0/255.0.0.0:*\n"
|
||||
"reject 192.168.0.0/255.255.0.0:*\n"
|
||||
"reject 10.0.0.0/255.0.0.0:*\n"
|
||||
"reject 172.16.0.0/255.240.0.0:*\n"
|
||||
"accept *:20-22\n"
|
||||
"accept *:53\n"
|
||||
"accept *:79-80\n"
|
||||
"accept *:110\n"
|
||||
"accept *:143\n"
|
||||
"accept *:443\n"
|
||||
"accept *:873\n"
|
||||
"accept *:993\n"
|
||||
"accept *:995\n"
|
||||
"accept *:1024-65535\n"
|
||||
"reject *:*\n"
|
||||
"router-signature\n"
|
||||
"-----BEGIN SIGNATURE-----\n"
|
||||
"o1eAoRHDAEAXsnh5wN++vIwrupd+DbAJ2p3wxHDrmqxTpygzxxCnyQyhMfX03ua2\n"
|
||||
"4iplyNlwyFwzWcw0sk31otlO2HBYXT1V9G0YxGtKMOeOBMHjfGbUjGvEALHzWi4z\n"
|
||||
"8DXGJp13zgnUyP4ZA6xaGROwcT6oB5e7UlztvvpGxTg=\n"
|
||||
"-----END SIGNATURE-----\n"
|
||||
"\n"
|
||||
"router moria2 18.244.0.188 9002 9022 9032\n"
|
||||
"platform Tor 0.0.6rc1 on Linux moria.mit.edu i686\n"
|
||||
"published 2004-04-25 21:54:30\n"
|
||||
"bandwidth 800000 10000000\n"
|
||||
"onion-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBAM4Cc/npgYC54XrYLC+grVxJp7PDmNO2DRRJOxKttBBtvLpnR1UaueTi\n"
|
||||
"kyknT5kmlx+ihgZF/jmye//2dDUp2+kK/kSkpRV4xnDLXZmed+sNSQxqmm9TtZQ9\n"
|
||||
"/hjpxhp5J9HmUTYhntBs+4E4CUKokmrI6oRLoln4SA39AX9QLPcnAgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"signing-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBAOcrht/y5rkaahfX7sMe2qnpqoPibsjTSJaDvsUtaNP/Bq0MgNDGOR48\n"
|
||||
"rtwfqTRff275Edkp/UYw3G3vSgKCJr76/bqOHCmkiZrnPV1zxNfrK18gNw2Cxre0\n"
|
||||
"nTA+fD8JQqpPtb8b0SnG9kwy75eS//sRu7TErie2PzGMxrf9LH0LAgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"reject 0.0.0.0/255.0.0.0:*\n"
|
||||
"reject 169.254.0.0/255.255.0.0:*\n"
|
||||
"reject 127.0.0.0/255.0.0.0:*\n"
|
||||
"reject 192.168.0.0/255.255.0.0:*\n"
|
||||
"reject 10.0.0.0/255.0.0.0:*\n"
|
||||
"reject 172.16.0.0/255.240.0.0:*\n"
|
||||
"accept *:20-22\n"
|
||||
"accept *:53\n"
|
||||
"accept *:79-80\n"
|
||||
"accept *:110\n"
|
||||
"accept *:143\n"
|
||||
"accept *:443\n"
|
||||
"accept *:873\n"
|
||||
"accept *:993\n"
|
||||
"accept *:995\n"
|
||||
"accept *:1024-65535\n"
|
||||
"reject *:*\n"
|
||||
"router-signature\n"
|
||||
"-----BEGIN SIGNATURE-----\n"
|
||||
"RKROLwP1ExjTZeg6wuN0pzYqed9IJUd5lAe9hp4ritbnmJAgS6qfww6jgx61CfUR\n"
|
||||
"6SElhOLE7Q77jAdoL45Ji5pn/Y+Q+E+5lJm1E/ed9ha+YsOPaOc7z6GQ7E4mihCL\n"
|
||||
"gI1vsw92+P1Ty4RHj6fyD9DhbV19nh2Qs+pvGJOS2FY=\n"
|
||||
"-----END SIGNATURE-----\n"
|
||||
"\n"
|
||||
"router tor26 62.116.124.106 9001 9050 9030\n"
|
||||
"platform Tor 0.0.6 on Linux seppia i686\n"
|
||||
"published 2004-05-06 21:33:23\n"
|
||||
"bandwidth 500000 10000000\n"
|
||||
"onion-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBAMEHdDnpj3ik1AF1xe/VqjoguH2DbANifYqXXfempu0fS+tU9FGo6dU/\n"
|
||||
"fnVHAZwL9Ek9k2rMzumShi1RduK9p035R/Gk+PBBcLfvwYJ/Nat+ZO/L8jn/3bZe\n"
|
||||
"ieQd9CKj2LjNGKpRNry37vkwMGIOIlegwK+2us8aXJ7sIvlNts0TAgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"signing-key\n"
|
||||
"-----BEGIN RSA PUBLIC KEY-----\n"
|
||||
"MIGJAoGBAMQgV2gXLbXgesWgeAsj8P1Uvm/zibrFXqwDq27lLKNgWGYGX2ax3LyT\n"
|
||||
"3nzI1Y5oLs4kPKTsMM5ft9aokwf417lKoCRlZc9ptfRbgxDx90c9GtWVmkrmDvCK\n"
|
||||
"ae59TMoXIiGfZiwWT6KKq5Zm9/Fu2Il3B2vHGkKJYKixmiBJRKp/AgMBAAE=\n"
|
||||
"-----END RSA PUBLIC KEY-----\n"
|
||||
"accept 62.245.184.24:25\n"
|
||||
"accept 62.116.124.106:6666-6670\n"
|
||||
"accept *:48099\n"
|
||||
"reject *:*\n"
|
||||
"router-signature\n"
|
||||
"-----BEGIN SIGNATURE-----\n"
|
||||
"qh/xRoqfLNFzPaB8VdpbdMAwRyuk5qjx4LeLVQ2pDwTZ55PqmG99+VKUNte2WTTD\n"
|
||||
"7dZEA7um2rueohGe4nYmvbhJWr20/I0ZxmWDRDvFy0b5nwzDMGvLvDw95Zu/XJQ2\n"
|
||||
"md32NE3y9VZCfbCN+GlvETX3fdR3Svzcm8Kzesg2/s4=\n"
|
||||
"-----END SIGNATURE-----\n"
|
||||
;
|
||||
|
||||
int config_assign_default_dirservers(void) {
|
||||
if(router_load_routerlist_from_string(default_dirservers_string, 1) < 0) {
|
||||
log_fn(LOG_WARN,"Bug: the default dirservers internal string is corrupt.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void add_default_trusted_dirservers(void) {
|
||||
/* moria1 */
|
||||
parse_dir_server_line("18.244.0.188:9031 "
|
||||
@ -894,7 +776,6 @@ int getconfig(int argc, char **argv, or_options_t *options) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
clear_trusted_dir_servers();
|
||||
if (!options->DirServers) {
|
||||
add_default_trusted_dirservers();
|
||||
|
@ -738,7 +738,8 @@ int connection_handle_read(connection_t *conn) {
|
||||
/* it's a directory server and connecting failed: forget about this router */
|
||||
/* XXX I suspect pollerr may make Windows not get to this point. :( */
|
||||
router_mark_as_down(conn->identity_digest);
|
||||
if(conn->purpose == DIR_PURPOSE_FETCH_DIR && !all_directory_servers_down()) {
|
||||
if(conn->purpose == DIR_PURPOSE_FETCH_DIR &&
|
||||
!all_trusted_directory_servers_down()) {
|
||||
log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->address);
|
||||
directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
|
||||
}
|
||||
|
@ -105,20 +105,18 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload,
|
||||
if (purpose == DIR_PURPOSE_FETCH_DIR) {
|
||||
if (advertised_server_mode()) {
|
||||
/* only ask authdirservers, and don't ask myself */
|
||||
r = router_pick_directory_server(1, 1);
|
||||
/* XXXX NM Enable this once we actually set keys for dirservers.
|
||||
* ds = router_pick_trusteddirserver(1);
|
||||
*/
|
||||
ds = router_pick_trusteddirserver(1);
|
||||
} else {
|
||||
/* anybody with a non-zero dirport will do */
|
||||
r = router_pick_directory_server(0, 1);
|
||||
r = router_pick_directory_server(1);
|
||||
if (!r) {
|
||||
log_fn(LOG_INFO, "No router found for directory; falling back to dirserver list");
|
||||
ds = router_pick_trusteddirserver(1);
|
||||
}
|
||||
}
|
||||
} else { // (purpose == DIR_PURPOSE_FETCH_RENDDESC)
|
||||
/* only ask authdirservers, any of them will do */
|
||||
r = router_pick_directory_server(1, 0);
|
||||
/* XXXX NM Enable this once we actually set keys for dirservers.
|
||||
* ds = router_pick_trusteddirserver(0);
|
||||
*/
|
||||
ds = router_pick_trusteddirserver(0);
|
||||
}
|
||||
|
||||
if (r)
|
||||
@ -152,7 +150,7 @@ static void
|
||||
directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
|
||||
uint8_t purpose, const char *payload, int payload_len)
|
||||
{
|
||||
directory_initiate_command(dirserv->address, dirserv->addr, dirserv->dir_port,
|
||||
directory_initiate_command(dirserv->address, dirserv->addr,dirserv->dir_port,
|
||||
NULL, dirserv->digest, purpose, payload, payload_len);
|
||||
}
|
||||
|
||||
@ -212,7 +210,8 @@ directory_initiate_command(const char *address, uint32_t addr,
|
||||
switch(connection_connect(conn, conn->address, conn->addr, conn->port)) {
|
||||
case -1:
|
||||
router_mark_as_down(conn->identity_digest); /* don't try him again */
|
||||
if(purpose == DIR_PURPOSE_FETCH_DIR && !all_directory_servers_down()) {
|
||||
if(purpose == DIR_PURPOSE_FETCH_DIR &&
|
||||
!all_trusted_directory_servers_down()) {
|
||||
log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->nickname);
|
||||
directory_get_from_dirserver(purpose, payload, payload_len);
|
||||
}
|
||||
|
@ -1411,9 +1411,9 @@ typedef struct trusted_dir_server_t {
|
||||
} trusted_dir_server_t;
|
||||
|
||||
int router_reload_router_list(void);
|
||||
routerinfo_t *router_pick_directory_server(int requireauth, int requireothers);
|
||||
routerinfo_t *router_pick_directory_server(int requireothers);
|
||||
trusted_dir_server_t *router_pick_trusteddirserver(int requireothers);
|
||||
int all_directory_servers_down(void);
|
||||
int all_trusted_directory_servers_down(void);
|
||||
struct smartlist_t;
|
||||
void routerlist_add_friends(struct smartlist_t *sl, routerinfo_t *router);
|
||||
void add_nickname_list_to_smartlist(struct smartlist_t *sl, const char *list, int warn_if_down);
|
||||
|
@ -228,6 +228,7 @@ int init_keys(void) {
|
||||
char *cp;
|
||||
const char *tmp, *mydesc, *datadir;
|
||||
crypto_pk_env_t *prkey;
|
||||
char digest[20];
|
||||
|
||||
if (!key_lock)
|
||||
key_lock = tor_mutex_new();
|
||||
@ -345,6 +346,16 @@ int init_keys(void) {
|
||||
log_fn(LOG_ERR, "Error loading fingerprints");
|
||||
return -1;
|
||||
}
|
||||
/* 6b. [authdirserver only] add own key to approved directories. */
|
||||
crypto_pk_get_digest(get_identity_key(), digest);
|
||||
if (!router_digest_is_trusted_dir(digest)) {
|
||||
uint32_t addr;
|
||||
if(resolve_my_address(options.Address, &addr) < 0) {
|
||||
log_fn(LOG_WARN,"options.Address didn't resolve into an IP.");
|
||||
return -1;
|
||||
}
|
||||
add_trusted_dir_server(addr, options.DirPort, digest);
|
||||
}
|
||||
/* 7. [authdirserver only] load old directory, if it's there */
|
||||
sprintf(keydir,"%s/cached-directory", datadir);
|
||||
log_fn(LOG_INFO,"Loading cached directory from %s...",keydir);
|
||||
|
@ -22,7 +22,7 @@ static smartlist_t *trusted_dir_servers = NULL;
|
||||
|
||||
/* static function prototypes */
|
||||
static routerinfo_t *
|
||||
router_pick_directory_server_impl(int requireauth, int requireothers, int fascistfirewall);
|
||||
router_pick_directory_server_impl(int requireothers, int fascistfirewall);
|
||||
static trusted_dir_server_t *
|
||||
router_pick_trusteddirserver_impl(int requireother, int fascistfirewall);
|
||||
static void mark_all_trusteddirservers_up(void);
|
||||
@ -49,17 +49,6 @@ int router_reload_router_list(void)
|
||||
{
|
||||
char filename[512];
|
||||
routerlist_clear_trusted_directories();
|
||||
if (options.RouterFile) {
|
||||
log_fn(LOG_INFO, "Loading router list from %s", options.RouterFile);
|
||||
if (router_load_routerlist_from_file(options.RouterFile, 1) < 0) {
|
||||
log_fn(LOG_ERR,"Error loading router list '%s'.", options.RouterFile);
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
log_fn(LOG_INFO, "Loading internal default router list.");
|
||||
if (config_assign_default_dirservers() < 0)
|
||||
return -1;
|
||||
}
|
||||
if (get_data_directory(&options)) {
|
||||
char *s;
|
||||
snprintf(filename,sizeof(filename),"%s/cached-directory", get_data_directory(&options));
|
||||
@ -70,7 +59,7 @@ int router_reload_router_list(void)
|
||||
if (router_load_routerlist_from_directory(s, NULL, 0) < 0) {
|
||||
log_fn(LOG_WARN, "Cached directory '%s' was unparseable; ignoring.", filename);
|
||||
}
|
||||
if(routerlist->published_on > time(NULL) - OLD_MIN_ONION_KEY_LIFETIME/2) {
|
||||
if( routerlist && routerlist->published_on > time(NULL) - OLD_MIN_ONION_KEY_LIFETIME/2) {
|
||||
/* XXX use new onion key lifetime when 0.0.8 servers are obsolete */
|
||||
directory_has_arrived(); /* do things we've been waiting to do */
|
||||
}
|
||||
@ -84,22 +73,25 @@ int router_reload_router_list(void)
|
||||
* in our routerlist, set all the authoritative ones as running again,
|
||||
* and pick one. If there are no dirservers at all in our routerlist,
|
||||
* reload the routerlist and try one last time. */
|
||||
routerinfo_t *router_pick_directory_server(int requireauth, int requireothers) {
|
||||
routerinfo_t *router_pick_directory_server(int requireothers) {
|
||||
routerinfo_t *choice;
|
||||
|
||||
choice = router_pick_directory_server_impl(requireauth, requireothers, options.FascistFirewall);
|
||||
if (!routerlist)
|
||||
|
||||
|
||||
choice = router_pick_directory_server_impl(requireothers, options.FascistFirewall);
|
||||
if(choice)
|
||||
return choice;
|
||||
|
||||
log_fn(LOG_INFO,"No dirservers are reachable. Trying them all again.");
|
||||
log_fn(LOG_INFO,"No reachable router entries for dirservers. Trying them all again.");
|
||||
/* mark all authdirservers as up again */
|
||||
mark_all_trusteddirservers_up();
|
||||
/* try again */
|
||||
choice = router_pick_directory_server_impl(requireauth, requireothers, 0);
|
||||
choice = router_pick_directory_server_impl(requireothers, options.FascistFirewall);
|
||||
if(choice)
|
||||
return choice;
|
||||
|
||||
log_fn(LOG_WARN,"Still no dirservers %s. Reloading and trying again.",
|
||||
log_fn(LOG_INFO,"Still no %s router entries. Reloading and trying again.",
|
||||
options.FascistFirewall ? "reachable" : "known");
|
||||
has_fetched_directory=0; /* reset it */
|
||||
routerlist_clear_trusted_directories();
|
||||
@ -107,7 +99,7 @@ routerinfo_t *router_pick_directory_server(int requireauth, int requireothers) {
|
||||
return NULL;
|
||||
}
|
||||
/* give it one last try */
|
||||
choice = router_pick_directory_server_impl(requireauth, requireothers, 0);
|
||||
choice = router_pick_directory_server_impl(requireothers, 0);
|
||||
return choice;
|
||||
}
|
||||
|
||||
@ -143,7 +135,7 @@ trusted_dir_server_t *router_pick_trusteddirserver(int requireothers) {
|
||||
* it has to be a trusted server. If requireothers, it cannot be us.
|
||||
*/
|
||||
static routerinfo_t *
|
||||
router_pick_directory_server_impl(int requireauth, int requireothers, int fascistfirewall)
|
||||
router_pick_directory_server_impl(int requireothers, int fascistfirewall)
|
||||
{
|
||||
int i;
|
||||
routerinfo_t *router;
|
||||
@ -159,8 +151,6 @@ router_pick_directory_server_impl(int requireauth, int requireothers, int fascis
|
||||
router = smartlist_get(routerlist->routers, i);
|
||||
if(!router->is_running || !router->dir_port)
|
||||
continue;
|
||||
if(requireauth && !router->is_trusted_dir)
|
||||
continue;
|
||||
if(requireothers && router_is_me(router))
|
||||
continue;
|
||||
if(fascistfirewall) {
|
||||
@ -224,24 +214,11 @@ static void mark_all_trusteddirservers_up(void) {
|
||||
/** Return 0 if \exists an authoritative dirserver that's currently
|
||||
* thought to be running, else return 1.
|
||||
*/
|
||||
int all_directory_servers_down(void) {
|
||||
int i;
|
||||
routerinfo_t *router;
|
||||
if(!routerlist)
|
||||
return 1; /* if no dirservers, I guess they're all down */
|
||||
for(i=0;i< smartlist_len(routerlist->routers); i++) {
|
||||
router = smartlist_get(routerlist->routers, i);
|
||||
if(router->is_running && router->is_trusted_dir) {
|
||||
tor_assert(router->dir_port > 0);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
/* XXXX NM look at trusted_dir_servers instead.
|
||||
int all_trusted_directory_servers_down(void) {
|
||||
if (!trusted_dir_servers)
|
||||
return 1;
|
||||
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
|
||||
if (dir->is_running) return 0);
|
||||
*/
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -680,15 +657,14 @@ int router_add_to_routerlist(routerinfo_t *router) {
|
||||
*/
|
||||
for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
|
||||
r = smartlist_get(routerlist->routers, i);
|
||||
|
||||
r->is_trusted_dir = router_digest_is_trusted_dir(r->identity_digest);
|
||||
|
||||
if (!crypto_pk_cmp_keys(router->identity_pkey, r->identity_pkey)) {
|
||||
if (router->published_on > r->published_on) {
|
||||
log_fn(LOG_DEBUG, "Replacing entry for router '%s/%s' [%s]",
|
||||
router->nickname, r->nickname, hex_str(id_digest,DIGEST_LEN));
|
||||
/* Remember whether we trust this router as a dirserver. */
|
||||
/*XXXXNM first test is redundant; second should move elsewhere */
|
||||
if (r->is_trusted_dir ||
|
||||
router_digest_is_trusted_dir(router->identity_digest))
|
||||
router->is_trusted_dir = 1;
|
||||
/* If the address hasn't changed; no need to re-resolve. */
|
||||
if (!strcasecmp(r->address, router->address))
|
||||
router->addr = r->addr;
|
||||
@ -698,10 +674,6 @@ int router_add_to_routerlist(routerinfo_t *router) {
|
||||
} else {
|
||||
log_fn(LOG_DEBUG, "Skipping old entry for router '%s'",
|
||||
router->nickname);
|
||||
/* If we now trust 'router', then we trust the one in the routerlist
|
||||
* too. */
|
||||
if (router->is_trusted_dir)
|
||||
r->is_trusted_dir = 1;
|
||||
/* Update the is_running status to whatever we were told. */
|
||||
r->is_running = router->is_running;
|
||||
routerinfo_free(router);
|
||||
@ -803,7 +775,6 @@ void routerlist_clear_trusted_directories(void)
|
||||
SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
|
||||
r->is_trusted_dir = 0);
|
||||
}
|
||||
clear_trusted_dir_servers();
|
||||
}
|
||||
|
||||
/** Helper function: read routerinfo elements from s, and throw out the
|
||||
@ -1154,7 +1125,7 @@ void add_trusted_dir_server(const char *addr, uint16_t port, const char *digest)
|
||||
|
||||
ent = tor_malloc(sizeof(trusted_dir_server_t));
|
||||
ent->address = tor_strdup(addr);
|
||||
ent->addr = a;
|
||||
ent->addr = ntohl(a);
|
||||
ent->dir_port = port;
|
||||
ent->is_running = 1;
|
||||
memcpy(ent->digest, digest, DIGEST_LEN);
|
||||
|
Loading…
Reference in New Issue
Block a user