From 433a1949e87190f1732ea426ed359c93f28cb578 Mon Sep 17 00:00:00 2001 From: David Goulet Date: Fri, 17 Jul 2020 10:34:30 -0400 Subject: [PATCH] relay: Handle dir address suggestion with new interface We now use relay_address_new_suggestion() when a suggested address is received from a directory. Signed-off-by: David Goulet --- src/feature/dirclient/dirclient.c | 8 ++- src/feature/relay/relay_find_addr.c | 84 +++-------------------------- src/feature/relay/relay_find_addr.h | 3 -- 3 files changed, 14 insertions(+), 81 deletions(-) diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c index bc4162cf52..7a026d3c52 100644 --- a/src/feature/dirclient/dirclient.c +++ b/src/feature/dirclient/dirclient.c @@ -2106,7 +2106,13 @@ connection_dir_client_reached_eof(dir_connection_t *conn) if (conn->dirconn_direct) { char *guess = http_get_header(headers, X_ADDRESS_HEADER); if (guess) { - router_new_address_suggestion(guess, conn); + tor_addr_t addr; + if (tor_addr_parse(&addr, guess) < 0) { + log_debug(LD_DIR, "Malformed X-Your-Address-Is header %s. Ignoring.", + escaped(guess)); + } else { + relay_address_new_suggestion(&addr, &TO_CONN(conn)->addr, NULL); + } tor_free(guess); } } diff --git a/src/feature/relay/relay_find_addr.c b/src/feature/relay/relay_find_addr.c index f6cafe5315..9a279d2277 100644 --- a/src/feature/relay/relay_find_addr.c +++ b/src/feature/relay/relay_find_addr.c @@ -20,15 +20,12 @@ #include "feature/relay/router.h" #include "feature/relay/routermode.h" -/** The most recently guessed value of our IP address, based on directory - * headers. */ -static tor_addr_t last_guessed_ip = TOR_ADDR_NULL; - /** Consider the address suggestion suggested_addr as a possible one to use as * our address. * - * This is called when a valid NETINFO cell is recevied containing a candidate - * for our address. + * This is called when a valid NETINFO cell is received containing a candidate + * for our address or when a directory sends us back the X-Your-Address-Is + * header. * * The suggested address is ignored if it does NOT come from a trusted source. * At the moment, we only look a trusted directory authorities. @@ -37,6 +34,9 @@ static tor_addr_t last_guessed_ip = TOR_ADDR_NULL; * given peer_addr which is the address from the endpoint that sent the * NETINFO cell. * + * The identity_digest is NULL if this is an address suggested by a directory + * since this is a plaintext connection. + * * The suggested address is set in our suggested address cache if everything * passes. */ void @@ -48,7 +48,6 @@ relay_address_new_suggestion(const tor_addr_t *suggested_addr, tor_assert(suggested_addr); tor_assert(peer_addr); - tor_assert(identity_digest); /* Non server should just ignore this suggestion. Clients don't need to * learn their address let alone cache it. */ @@ -59,7 +58,7 @@ relay_address_new_suggestion(const tor_addr_t *suggested_addr, /* Is the peer a trusted source? Ignore anything coming from non trusted * source. In this case, we only look at trusted directory authorities. */ if (!router_addr_is_trusted_dir(peer_addr) || - !router_digest_is_trusted_dir(identity_digest)) { + (identity_digest && !router_digest_is_trusted_dir(identity_digest))) { return; } @@ -81,75 +80,6 @@ relay_address_new_suggestion(const tor_addr_t *suggested_addr, resolved_addr_set_suggested(suggested_addr); } -/** A directory server d_conn told us our IP address is - * suggestion. - * If this address is different from the one we think we are now, and - * if our computer doesn't actually know its IP address, then switch. */ -void -router_new_address_suggestion(const char *suggestion, - const dir_connection_t *d_conn) -{ - tor_addr_t addr, my_addr, last_resolved_addr; - const or_options_t *options = get_options(); - - /* first, learn what the IP address actually is */ - if (tor_addr_parse(&addr, suggestion) == -1) { - log_debug(LD_DIR, "Malformed X-Your-Address-Is header %s. Ignoring.", - escaped(suggestion)); - return; - } - - log_debug(LD_DIR, "Got X-Your-Address-Is: %s.", suggestion); - - if (!server_mode(options)) { - tor_addr_copy(&last_guessed_ip, &addr); - return; - } - - /* XXXX ipv6 */ - resolved_addr_get_last(AF_INET, &last_resolved_addr); - if (!tor_addr_is_null(&last_resolved_addr)) { - /* Lets use this one. */ - tor_addr_copy(&last_guessed_ip, &last_resolved_addr); - return; - } - - /* Attempt to find our address. */ - if (find_my_address(options, AF_INET, LOG_INFO, &my_addr, NULL, NULL)) { - /* We're all set -- we already know our address. Great. */ - tor_addr_copy(&last_guessed_ip, &my_addr); /* store it in case we - need it later */ - return; - } - - /* Consider the suggestion from the directory. */ - if (tor_addr_is_internal(&addr, 0)) { - /* Don't believe anybody who says our IP is, say, 127.0.0.1. */ - return; - } - if (tor_addr_eq(&d_conn->base_.addr, &addr)) { - /* Don't believe anybody who says our IP is their IP. */ - log_debug(LD_DIR, "A directory server told us our IP address is %s, " - "but they are just reporting their own IP address. Ignoring.", - suggestion); - return; - } - - /* Okay. We can't resolve our own address, and X-Your-Address-Is is giving - * us an answer different from what we had the last time we managed to - * resolve it. */ - if (!tor_addr_eq(&last_guessed_ip, &addr)) { - control_event_server_status(LOG_NOTICE, - "EXTERNAL_ADDRESS ADDRESS=%s METHOD=DIRSERV", - suggestion); - log_addr_has_changed(LOG_NOTICE, &last_guessed_ip, &addr, - d_conn->base_.address); - ip_address_changed(0); - tor_addr_copy(&last_guessed_ip, &addr); /* router_rebuild_descriptor() - will fetch it */ - } -} - /** Find our address to be published in our descriptor. Three places are * looked at: * diff --git a/src/feature/relay/relay_find_addr.h b/src/feature/relay/relay_find_addr.h index 5ad9f0deb7..294ae4db57 100644 --- a/src/feature/relay/relay_find_addr.h +++ b/src/feature/relay/relay_find_addr.h @@ -9,9 +9,6 @@ #ifndef TOR_RELAY_FIND_ADDR_H #define TOR_RELAY_FIND_ADDR_H -void router_new_address_suggestion(const char *suggestion, - const dir_connection_t *d_conn); - void relay_address_new_suggestion(const tor_addr_t *suggested_addr, const tor_addr_t *peer_addr, const char *identity_digest);