From 0fca143ea1699ffa68fab34ba329c7b2db2c7bca Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sun, 25 Apr 2004 19:04:11 +0000 Subject: [PATCH] Remove onion_pkey from connection, since onion keys can change more often than connections. Also add more log messages svn:r1693 --- src/or/circuit.c | 9 ++++++++- src/or/connection.c | 4 +--- src/or/connection_or.c | 1 - src/or/dirserv.c | 2 ++ src/or/onion.c | 5 +++-- src/or/or.h | 1 - src/or/router.c | 1 + src/or/routerlist.c | 19 +++++++++++++++++++ 8 files changed, 34 insertions(+), 8 deletions(-) diff --git a/src/or/circuit.c b/src/or/circuit.c index bf410c8a1b..5a5aa1efe1 100644 --- a/src/or/circuit.c +++ b/src/or/circuit.c @@ -1485,7 +1485,14 @@ int circuit_send_next_onion_skin(circuit_t *circ) { cell.command = CELL_CREATE; cell.circ_id = circ->n_circ_id; - if(onion_skin_create(circ->n_conn->onion_pkey, + router = router_get_by_nickname(circ->n_conn->nickname); + if (!router) { + log_fn(LOG_WARN,"Couldn't find routerinfo for %s", + circ->n_conn->nickname); + return -1; + } + + if(onion_skin_create(router->onion_pkey, &(circ->cpath->handshake_state), cell.payload) < 0) { log_fn(LOG_WARN,"onion_skin_create (first hop) failed."); diff --git a/src/or/connection.c b/src/or/connection.c index 66046a5a89..2c427396b8 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -114,8 +114,6 @@ void connection_free(connection_t *conn) { tor_tls_free(conn->tls); } - if (conn->onion_pkey) - crypto_free_pk_env(conn->onion_pkey); if (conn->identity_pkey) crypto_free_pk_env(conn->identity_pkey); tor_free(conn->nickname); @@ -819,7 +817,7 @@ connection_t *connection_twin_get_by_addr_port(uint32_t addr, uint16_t port) { conn = carray[i]; assert(conn); if(connection_state_is_open(conn) && - !crypto_pk_cmp_keys(conn->onion_pkey, router->onion_pkey)) { + !crypto_pk_cmp_keys(conn->identity_pkey, router->identity_pkey)) { log(LOG_DEBUG,"connection_twin_get_by_addr_port(): Found twin (%s).",conn->address); return conn; } diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 1762d03fba..3fe3a98652 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -83,7 +83,6 @@ void connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *route conn->addr = router->addr; conn->port = router->or_port; conn->receiver_bucket = conn->bandwidth = router->bandwidthburst; - conn->onion_pkey = crypto_pk_dup_key(router->onion_pkey); conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey); conn->nickname = tor_strdup(router->nickname); tor_free(conn->address); diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 10b43c77b1..0888039d62 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -284,9 +284,11 @@ dirserv_add_descriptor(const char **desc) return 1; } /* We don't have a newer one; we'll update this one. */ + log_fn(LOG_INFO,"Dirserv updating desc for nickname %s",ri->nickname); free_descriptor_entry(*desc_ent_ptr); } else { /* Add this at the end. */ + log_fn(LOG_INFO,"Dirserv adding desc for nickname %s",ri->nickname); desc_ent_ptr = &descriptor_list[n_descriptors++]; /* XXX check if n_descriptors is too big */ } diff --git a/src/or/onion.c b/src/or/onion.c index 7ad736e954..ac44c0035f 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -402,8 +402,9 @@ static int count_acceptable_routers(smartlist_t *routers) { n = smartlist_len(routers); for(i=0;inickname); if(r->is_running == 0) { log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i); goto next_i_loop; @@ -426,7 +427,7 @@ static int count_acceptable_routers(smartlist_t *routers) { num++; log_fn(LOG_DEBUG,"I like %d. num_acceptable_routers now %d.",i, num); next_i_loop: - ; /* our compiler may need an explicit statement after the label */ + ; /* C requires an explicit statement after the label */ } return num; diff --git a/src/or/or.h b/src/or/or.h index 0b3110f76c..a48fa044f8 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -383,7 +383,6 @@ struct connection_t { char *address; /* FQDN (or IP) of the guy on the other end. * strdup into this, because free_connection frees it */ - crypto_pk_env_t *onion_pkey; /* public RSA key for the other side's onions */ crypto_pk_env_t *identity_pkey; /* public RSA key for the other side's signing */ char *nickname; diff --git a/src/or/router.c b/src/or/router.c index 8297f36495..98ef38dfc5 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -73,6 +73,7 @@ void rotate_onion_key(void) crypto_free_pk_env(lastonionkey); /* XXXX WINDOWS on windows, we need to protect this next bit with a lock. */ + log_fn(LOG_INFO, "Rotating onion key"); lastonionkey = onionkey; set_onion_key(prkey); return; diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 84212c60c0..e2ab006da6 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -395,6 +395,20 @@ void router_mark_as_down(char *nickname) { /* ------------------------------------------------------------ */ +static void dump_onion_keys(int severity) +{ + int i; + char buf[FINGERPRINT_LEN+1]; + routerinfo_t *r; + + log_fn(severity, "Parsed a directory. Here are the onion keys:"); + for (i = 0; i < smartlist_len(routerlist->routers); i++) { + r = smartlist_get(routerlist->routers, i); + crypto_pk_get_fingerprint(r->onion_pkey, buf); + log_fn(severity, "%10s: %s", r->nickname, buf); + } +} + /* Replace the current router list with the one stored in 'routerfile'. */ int router_set_routerlist_from_file(char *routerfile) { @@ -411,6 +425,7 @@ int router_set_routerlist_from_file(char *routerfile) free(string); return -1; } + /* dump_onion_keys(LOG_NOTICE); */ free(string); return 0; @@ -429,6 +444,8 @@ int router_set_routerlist_from_string(const char *s) log(LOG_WARN, "Error resolving routerlist"); return -1; } + /* dump_onion_keys(LOG_NOTICE); */ + return 0; } @@ -496,6 +513,7 @@ int router_set_routerlist_from_directory(const char *s, crypto_pk_env_t *pkey) exit(0); } } + /* dump_onion_keys(LOG_NOTICE); */ return 0; } @@ -879,6 +897,7 @@ router_get_list_from_string_impl(const char **s, routerlist_t **dest, *dest = tor_malloc(sizeof(routerlist_t)); (*dest)->routers = routers; (*dest)->software_versions = NULL; + return 0; }