nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

abstract ORPort/SocksPort checks into server_mode(), proxy_mode(), clique_mode(), etc. Dont change underlying comments.

Browse Source 
svn:r2054
This commit is contained in:
Nick Mathewson 2004-07-18 21:47:04 +00:00
parent 87d0948903
commit 54c129d8dc
9 changed files with 85 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/or/circuitbuild.c
View File

@ -113,7 +113,7 @@ void circuit_rep_hist_note_result(circuit_t *circ) {
*/
return;
}
if (options.ORPort) {
if (server_mode()) {
prev_digest = router_get_my_routerinfo()->identity_digest;
}
do {
@ -1014,7 +1014,7 @@ static int count_acceptable_routers(smartlist_t *routers) {
log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
goto next_i_loop;
}
if(options.ORPort) {
if(clique_mode()) {
conn = connection_get_by_identity_digest(r->identity_digest,
CONN_TYPE_OR);
if(!conn || conn->type != CONN_TYPE_OR || conn->state != OR_CONN_STATE_OPEN) {

2
src/or/circuituse.c
View File

@ -299,7 +299,7 @@ void circuit_build_needed_circs(time_t now) {
if(time_to_new_circuit < now) {
circuit_reset_failure_count();
time_to_new_circuit = now + options.NewCircuitPeriod;
if(options.SocksPort)
if(proxy_mode())
client_dns_clean();
circuit_expire_old_circuits();

4
src/or/config.c
View File

@ -679,7 +679,6 @@ int getconfig(int argc, char **argv, or_options_t *options) {
result = -1;
}
if (options->ORPort) {
if (options->Nickname == NULL) {
if (!(options->Nickname = get_default_nickname()))
return -1;
@ -696,7 +695,6 @@ int getconfig(int argc, char **argv, or_options_t *options) {
result = -1;
}
}
}
if(options->ORPort) { /* get an IP for ourselves */
if(resolve_my_address(options) < 0)
@ -732,7 +730,7 @@ int getconfig(int argc, char **argv, or_options_t *options) {
/* XXX008 if AuthDir and ClientOnly then fail */
if(options->SocksPort > 1 &&
if(options->SocksPort >= 1 &&
(options->PathlenCoinWeight < 0.0 || options->PathlenCoinWeight >= 1.0)) {
log(LOG_WARN,"PathlenCoinWeight option must be >=0.0 and <1.0.");
result = -1;

2
src/or/connection.c
View File

@ -545,7 +545,7 @@ static int retry_listeners(int type, struct config_line_t *cfg,
* - Relaunch listeners for each port you have open.
*/
int retry_all_connections(void) {
if(options.ORPort) {
if(clique_mode()) {
router_retry_connections();
}

4
src/or/connection_or.c
View File

@ -272,7 +272,7 @@ connection_tls_finish_handshake(connection_t *conn) {
connection_watch_events(conn, POLLIN);
log_fn(LOG_DEBUG,"tls handshake done. verifying.");
if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an OP. */
if (options.ORPort) { /* I'm an OR; good. */
if (server_mode()) { /* I'm an OR; good. */
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
return 0;
} else { /* Neither side sent a certificate: ouch. */
@ -323,7 +323,7 @@ connection_tls_finish_handshake(connection_t *conn) {
connection_or_init_conn_from_router(conn,router);
}
if (!options.ORPort) { /* If I'm an OP... */
if (!server_mode()) { /* If I'm an OP... */
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
}
directory_set_dirty();

52
src/or/main.c
View File

@ -345,7 +345,7 @@ void directory_has_arrived(void) {
has_fetched_directory=1;
if(options.ORPort) { /* connect to them all */
if(clique_mode()) { /* connect to them all */
router_retry_connections();
}
}
@ -370,7 +370,7 @@ static void run_connection_housekeeping(int i, time_t now) {
the connection or send a keepalive, depending. */
if(connection_speaks_cells(conn) &&
now >= conn->timestamp_lastwritten + options.KeepalivePeriod) {
if((!options.ORPort && !circuit_get_by_conn(conn)) ||
if((!clique_mode() && !circuit_get_by_conn(conn)) ||
(!connection_state_is_open(conn))) {
/* we're an onion proxy, with no circuits;
* or our handshake has expired. kill it. */
@ -380,7 +380,7 @@ static void run_connection_housekeeping(int i, time_t now) {
connection_mark_for_close(conn);
conn->hold_open_until_flushed = 1;
} else {
/* either a full router, or we've got a circuit. send a padding cell. */
/* either in clique mode, or we've got a circuit. send a padding cell. */
log_fn(LOG_DEBUG,"Sending keepalive to (%s:%d)",
conn->address, conn->port);
memset(&cell,0,sizeof(cell_t));
@ -393,7 +393,7 @@ static void run_connection_housekeeping(int i, time_t now) {
#define MIN_BW_TO_PUBLISH_DESC 5000 /* 5000 bytes/s sustained */
#define MIN_UPTIME_TO_PUBLISH_DESC (30*60) /* half an hour */
/** Decide if we're a server or just a client. We are a server if:
/** Decide if we're a publishable server or just a client. We are a server if:
* - We have the AuthoritativeDirectory option set.
* or
* - We don't have the ClientOnly option set; and
@ -402,7 +402,7 @@ static void run_connection_housekeeping(int i, time_t now) {
* - We have processed some suitable minimum bandwidth recently; and
* - We believe we are reachable from the outside.
*/
static int decide_if_server(time_t now) {
static int decide_if_publishable_server(time_t now) {
if(options.AuthoritativeDir)
return 1;
@ -420,6 +420,30 @@ static int decide_if_server(time_t now) {
return 1;
}
/** Return true iff we try to stay connected to all ORs at once. This
* option should go away as Tor becomes more P2P.
*/
int clique_mode(void) {
return (options.ORPort != 0);
}
/** Return true iff we are trying to be a server.
*/
int server_mode(void) {
return (options.ORPort != 0);
}
/** Return true iff we are trying to be an exit server.
*/
int exit_server_mode(void) {
return (options.ORPort != 0);
}
/** Return true iff we are trying to be a socks proxy. */
int proxy_mode(void) {
return (options.SocksPort != 0);
}
/** Perform regular maintenance tasks. This function gets run once per
* second by prepare_for_poll.
*/
@ -433,7 +457,7 @@ static void run_scheduled_events(time_t now) {
* shut down and restart all cpuworkers, and update the directory if
* necessary.
*/
if (options.ORPort && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
if (server_mode() && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
log_fn(LOG_INFO,"Rotating onion key.");
rotate_onion_key();
cpuworkers_rotate();
@ -446,7 +470,10 @@ static void run_scheduled_events(time_t now) {
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
if (!last_rotated_certificate)
last_rotated_certificate = now;
if (options.ORPort && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
/*XXXX008 we should remove the server_mode() check once OPs also use
* identity keys (which they can't do until the known-router check in
* connection_or.c is removed. */
if (server_mode() && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
log_fn(LOG_INFO,"Rotating tls context.");
if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
MAX_SSL_KEY_LIFETIME) < 0) {
@ -461,7 +488,7 @@ static void run_scheduled_events(time_t now) {
* our descriptor (if we've passed our internal checks). */
if(time_to_fetch_directory < now) {
if(decide_if_server(now)) {
if(decide_if_publishable_server(now)) {
router_rebuild_descriptor();
router_upload_dir_desc_to_dirservers();
}
@ -665,10 +692,11 @@ static int do_hup(void) {
/* fetch a new directory */
directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
}
if(options.ORPort) {
if(server_mode()) {
/* Restart cpuworker and dnsworker processes, so they get up-to-date
* configuration options. */
cpuworkers_rotate();
if (exit_server_mode())
dnsworkers_rotate();
/* Rebuild fresh descriptor as needed. */
router_rebuild_descriptor();
@ -713,7 +741,7 @@ static int do_main_loop(void) {
directory_has_arrived();
}
if(options.ORPort) {
if(server_mode()) {
cpu_init(); /* launch cpuworkers. Need to do this *after* we've read the onion key. */
}
@ -922,10 +950,10 @@ int tor_init(int argc, char *argv[]) {
log_fn(LOG_WARN,"You are running Tor as root. You don't need to, and you probably shouldn't.");
#endif
if(options.ORPort) { /* only spawn dns handlers if we're a router */
if(exit_server_mode()) { /* only spawn dns handlers if we're a router */
dns_init(); /* initialize the dns resolve tree, and spawn workers */
}
if(options.SocksPort) {
if(proxy_mode()) {
client_dns_init(); /* init the client dns cache */
}

4
src/or/or.h
View File

@ -1194,6 +1194,10 @@ void connection_stop_writing(connection_t *conn);
void connection_start_writing(connection_t *conn);
void directory_has_arrived(void);
int clique_mode(void);
int server_mode(void);
int exit_server_mode(void);
int proxy_mode(void);
int main(int argc, char *argv[]);

22
src/or/router.c
View File

@ -217,10 +217,24 @@ int init_keys(void) {
if (!key_lock)
key_lock = tor_mutex_new();
/* OP's don't need keys. Just initialize the TLS context.*/
if (!options.ORPort) {
/* OP's don't need persistant keys; just make up an identity and
* initialize the TLS context. */
if (!server_mode()) {
tor_assert(!options.DirPort);
if (tor_tls_context_new(NULL, 0, NULL, 0)<0) {
#if 0
/* XXXX008 enable this once we make ORs tolerate unknown routers. */
if (!(prkey = crypto_new_pk_env()))
return -1;
if (crypto_pk_generate_key(prkey))
return -1;
set_identity_key(prkey);
if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
MAX_SSL_KEY_LIFETIME) < 0) {
log_fn(LOG_ERR, "Error creating TLS context for OP.");
return -1;
}
#endif
if (tor_tls_context_new(NULL, 0, NULL, MAX_SSL_KEY_LIFETIME)<0) {
log_fn(LOG_ERR, "Error creating TLS context for OP.");
return -1;
}
@ -435,7 +449,7 @@ int router_is_me(routerinfo_t *router)
* necessary. Return NULL on error, or if called on an OP. */
routerinfo_t *router_get_my_routerinfo(void)
{
if (!options.ORPort)
if (!server_mode())
return NULL;
if (!desc_routerinfo) {

2
src/or/routerlist.c
View File

@ -168,7 +168,7 @@ void router_add_running_routers_to_smartlist(smartlist_t *sl) {
for(i=0;i<smartlist_len(routerlist->routers);i++) {
router = smartlist_get(routerlist->routers, i);
if(router->is_running &&
(!options.ORPort ||
(!clique_mode() ||
connection_get_by_identity_digest(router->identity_digest,
CONN_TYPE_OR)))
smartlist_add(sl, router);