r11922@Kushana: nickm | 2007-01-10 15:43:18 -0500

Clear untrusted networkstatuses after 10 days too.  (This is not a terribly awful bug, since we would only ever retain 16 of them, but it still might be nice to backport.)  Resolves part A of bug 372.


svn:r9324

ChangeLog

@@ -5,6 +5,9 @@ Changes in version 0.1.2.7-alpha - 2007-??-??
       is now.
     - Add some defensive programming to eventdns.c in an attempt to catch
       possible memory-stomping bugs.
+    - Previously, we would cache up to 16 old networkstatus documents
+      indefinitely, if they came from nontrusted authorities.  Now we
+      discard them if they are more than 10 days old.
 
 
 Changes in version 0.1.2.6-alpha - 2007-01-09

src/or/dirserv.c

@@ -1098,6 +1098,39 @@ dirserv_set_cached_networkstatus_v2(const char *networkstatus,
   }
 }
 
+/** Remove any networkstatus from the directory cache that was published
+ * before <b>cutoff</b>. */
+void
+dirserv_clear_old_networkstatuses(time_t cutoff)
+{
+  digestmap_iter_t *iter;
+
+  for (iter = digestmap_iter_init(cached_v2_networkstatus);
+       !digestmap_iter_done(iter); ) {
+    const char *ident;
+    void *val;
+    cached_dir_t *dir;
+    digestmap_iter_get(iter, &ident, &val);
+    dir = val;
+    if (dir->published < cutoff) {
+      char *fname;
+      iter = digestmap_iter_next_rmv(cached_v2_networkstatus, iter);
+      fname = networkstatus_get_cache_filename(ident);
+      if (file_status(fname) == FN_FILE) {
+        log_info(LD_DIR, "Removing too-old untrusted networkstatus in %s",
+                 fname);
+        unlink(fname);
+      }
+      tor_free(fname);
+      cached_dir_decref(dir);
+    } else {
+      iter = digestmap_iter_next(cached_v2_networkstatus, iter);
+    }
+  }
+
+}
+
+
 /** Helper: If we're an authority for the right directory version (the
  * directory version is determined by <b>is_v1_object</b>), try to regenerate
  * auth_src as appropriate and return it, falling back to cache_src on

src/or/or.h

@@ -2307,6 +2307,7 @@ void dirserv_set_cached_directory(const char *directory, time_t when,
 void dirserv_set_cached_networkstatus_v2(const char *directory,
                                          const char *identity,
                                          time_t published);
+void dirserv_clear_old_networkstatuses(time_t cutoff);
 void dirserv_get_networkstatus_v2(smartlist_t *result, const char *key);
 void dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
                                                const char *key);
@@ -2803,6 +2804,7 @@ typedef enum {
 int router_set_networkstatus(const char *s, time_t arrived_at,
                              networkstatus_source_t source,
                              smartlist_t *requested_fingerprints);
+char *networkstatus_get_cache_filename(const char *identity_digest);
 
 int router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
                                           int need_uptime);

src/or/routerlist.c

@@ -2226,15 +2226,15 @@ router_load_routers_from_string(const char *s, saved_location_t saved_location,
 }
 
 /** Helper: return a newly allocated string containing the name of the filename
- * where we plan to cache <b>ns</b>. */
-static char *
-networkstatus_get_cache_filename(const networkstatus_t *ns)
+ * where we plan to cache the network status with the given identity digest. */
+char *
+networkstatus_get_cache_filename(const char *identity_digest)
 {
   const char *datadir = get_options()->DataDirectory;
   size_t len = strlen(datadir)+64;
   char fp[HEX_DIGEST_LEN+1];
   char *fn = tor_malloc(len+1);
-  base16_encode(fp, HEX_DIGEST_LEN+1, ns->identity_digest, DIGEST_LEN);
+  base16_encode(fp, HEX_DIGEST_LEN+1, identity_digest, DIGEST_LEN);
   tor_snprintf(fn, len, "%s/cached-status/%s",datadir,fp);
   return fn;
 }
@@ -2262,7 +2262,7 @@ add_networkstatus_to_cache(const char *s,
                            networkstatus_t *ns)
 {
   if (source != NS_FROM_CACHE) {
-    char *fn = networkstatus_get_cache_filename(ns);
+    char *fn = networkstatus_get_cache_filename(ns->identity_digest);
     if (write_str_to_file(fn, s, 0)<0) {
       log_notice(LD_FS, "Couldn't write cached network status to \"%s\"", fn);
     }
@@ -2411,7 +2411,8 @@ router_set_networkstatus(const char *s, time_t arrived_at,
                  trusted_dir->description, published);
         if (old_ns->received_on < arrived_at) {
           if (source != NS_FROM_CACHE) {
-            char *fn = networkstatus_get_cache_filename(old_ns);
+            char *fn;
+            fn = networkstatus_get_cache_filename(old_ns->identity_digest);
             /* We use mtime to tell when it arrived, so update that. */
             touch_file(fn);
             tor_free(fn);
@@ -2479,13 +2480,13 @@ networkstatus_list_clean(time_t now)
 
   for (i = 0; i < smartlist_len(networkstatus_list); ++i) {
     networkstatus_t *ns = smartlist_get(networkstatus_list, i);
-    char *fname = NULL;;
+    char *fname = NULL;
     if (ns->published_on + MAX_NETWORKSTATUS_AGE > now)
       continue;
     /* Okay, this one is too old.  Remove it from the list, and delete it
      * from the cache. */
     smartlist_del(networkstatus_list, i--);
-    fname = networkstatus_get_cache_filename(ns);
+    fname = networkstatus_get_cache_filename(ns->identity_digest);
     if (file_status(fname) == FN_FILE) {
       log_info(LD_DIR, "Removing too-old networkstatus in %s", fname);
       unlink(fname);
@@ -2497,6 +2498,10 @@ networkstatus_list_clean(time_t now)
     networkstatus_free(ns);
     router_dir_info_changed();
   }
+
+  /* And now go through the directory cache for any cached untrusted
+   * networkstatuses. */
+  dirserv_clear_old_networkstatuses(now - MAX_NETWORKSTATUS_AGE);
 }
 
 /** Helper for bsearching a list of routerstatus_t pointers.*/