Remove onion_pkey from connection, since onion keys can change more often than connections. Also add more log messages

svn:r1693
2024-11-10 21:23:58 +01:00 · 2004-04-25 19:04:11 +00:00 · 2004-04-25 19:04:11 +00:00 · 0fca143ea1
commit 0fca143ea1
parent cb3897e5ab
8 changed files with 34 additions and 8 deletions
--- a/src/or/circuit.c
+++ b/src/or/circuit.c
@ -1485,7 +1485,14 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
    cell.command = CELL_CREATE;
    cell.circ_id = circ->n_circ_id;

-    if(onion_skin_create(circ->n_conn->onion_pkey,
+    router = router_get_by_nickname(circ->n_conn->nickname);
+    if (!router) {
+      log_fn(LOG_WARN,"Couldn't find routerinfo for %s",
+             circ->n_conn->nickname);
+      return -1;
+    }
+
+    if(onion_skin_create(router->onion_pkey,
                         &(circ->cpath->handshake_state),
                         cell.payload) < 0) {
      log_fn(LOG_WARN,"onion_skin_create (first hop) failed.");
--- a/src/or/connection.c
+++ b/src/or/connection.c
@ -114,8 +114,6 @@ void connection_free(connection_t *conn) {
      tor_tls_free(conn->tls);
  }

-  if (conn->onion_pkey)
-    crypto_free_pk_env(conn->onion_pkey);
  if (conn->identity_pkey)
    crypto_free_pk_env(conn->identity_pkey);
  tor_free(conn->nickname);
@ -819,7 +817,7 @@ connection_t *connection_twin_get_by_addr_port(uint32_t addr, uint16_t port) {
    conn = carray[i];
    assert(conn);
    if(connection_state_is_open(conn) &&
-       !crypto_pk_cmp_keys(conn->onion_pkey, router->onion_pkey)) {
+       !crypto_pk_cmp_keys(conn->identity_pkey, router->identity_pkey)) {
      log(LOG_DEBUG,"connection_twin_get_by_addr_port(): Found twin (%s).",conn->address);
      return conn;
    }
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@ -83,7 +83,6 @@ void connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *route
  conn->addr = router->addr;
  conn->port = router->or_port;
  conn->receiver_bucket = conn->bandwidth = router->bandwidthburst;
-  conn->onion_pkey = crypto_pk_dup_key(router->onion_pkey);
  conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey);
  conn->nickname = tor_strdup(router->nickname);
  tor_free(conn->address);
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -284,9 +284,11 @@ dirserv_add_descriptor(const char **desc)
      return 1;
    }
    /* We don't have a newer one; we'll update this one. */
+    log_fn(LOG_INFO,"Dirserv updating desc for nickname %s",ri->nickname);
    free_descriptor_entry(*desc_ent_ptr);
  } else {
    /* Add this at the end. */
+    log_fn(LOG_INFO,"Dirserv adding desc for nickname %s",ri->nickname);
    desc_ent_ptr = &descriptor_list[n_descriptors++];
    /* XXX check if n_descriptors is too big */
  }
--- a/src/or/onion.c
+++ b/src/or/onion.c
@ -402,8 +402,9 @@ static int count_acceptable_routers(smartlist_t *routers) {

  n = smartlist_len(routers);
  for(i=0;i<n;i++) {
-    log_fn(LOG_DEBUG,"Contemplating whether router %d is a new option...",i);
    r = smartlist_get(routers, i);
+    log_fn(LOG_DEBUG,"Contemplating whether router %d (%s) is a new option...",
+           i, r->nickname);
    if(r->is_running == 0) {
      log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
      goto next_i_loop;
@ -426,7 +427,7 @@ static int count_acceptable_routers(smartlist_t *routers) {
    num++;
    log_fn(LOG_DEBUG,"I like %d. num_acceptable_routers now %d.",i, num);
    next_i_loop:
-      ; /* our compiler may need an explicit statement after the label */
+      ; /* C requires an explicit statement after the label */
  }

  return num;
--- a/src/or/or.h
+++ b/src/or/or.h
@ -383,7 +383,6 @@ struct connection_t {
  char *address; /* FQDN (or IP) of the guy on the other end.
                  * strdup into this, because free_connection frees it
                  */
-  crypto_pk_env_t *onion_pkey; /* public RSA key for the other side's onions */
  crypto_pk_env_t *identity_pkey; /* public RSA key for the other side's signing */
  char *nickname;

--- a/src/or/router.c
+++ b/src/or/router.c
@ -73,6 +73,7 @@ void rotate_onion_key(void)
    crypto_free_pk_env(lastonionkey);
  /* XXXX WINDOWS on windows, we need to protect this next bit with a lock.
   */
+  log_fn(LOG_INFO, "Rotating onion key");
  lastonionkey = onionkey;
  set_onion_key(prkey);
  return;
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@ -395,6 +395,20 @@ void router_mark_as_down(char *nickname) {

 /* ------------------------------------------------------------ */

+static void dump_onion_keys(int severity)
+{
+  int i;
+  char buf[FINGERPRINT_LEN+1];
+  routerinfo_t *r;
+
+  log_fn(severity, "Parsed a directory.  Here are the onion keys:");
+  for (i = 0; i < smartlist_len(routerlist->routers); i++) {
+    r = smartlist_get(routerlist->routers, i);
+    crypto_pk_get_fingerprint(r->onion_pkey, buf);
+    log_fn(severity, "%10s: %s", r->nickname, buf);
+  }
+}
+
 /* Replace the current router list with the one stored in 'routerfile'. */
 int router_set_routerlist_from_file(char *routerfile)
 {
@ -411,6 +425,7 @@ int router_set_routerlist_from_file(char *routerfile)
    free(string);
    return -1;
  }
+  /* dump_onion_keys(LOG_NOTICE); */

  free(string);
  return 0;
@ -429,6 +444,8 @@ int router_set_routerlist_from_string(const char *s)
    log(LOG_WARN, "Error resolving routerlist");
    return -1;
  }
+  /* dump_onion_keys(LOG_NOTICE); */
+
  return 0;
 }

@ -496,6 +513,7 @@ int router_set_routerlist_from_directory(const char *s, crypto_pk_env_t *pkey)
      exit(0);
    }
  }
+  /* dump_onion_keys(LOG_NOTICE); */
  return 0;
 }

@ -879,6 +897,7 @@ router_get_list_from_string_impl(const char **s, routerlist_t **dest,
  *dest = tor_malloc(sizeof(routerlist_t));
  (*dest)->routers = routers;
  (*dest)->software_versions = NULL;
+
  return 0;
 }