Make bridge authorities test reachability of bridges.

Added two XXX020's that we need to think harder about.


svn:r12859
This commit is contained in:
Roger Dingledine 2007-12-18 21:37:58 +00:00
parent bbbf25db4d
commit b63a247c68
8 changed files with 42 additions and 24 deletions

View File

@ -1581,7 +1581,6 @@ static int
should_generate_v2_networkstatus(void)
{
return authdir_mode_v2(get_options()) &&
!authdir_mode_bridge(get_options()) && /* XXX020 RD */
the_v2_networkstatus_is_dirty &&
the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
}
@ -1673,7 +1672,7 @@ dirserv_thinks_router_is_unreliable(time_t now,
* Right now this means it advertises support for it, it has a high
* uptime, and it's currently considered Running.
*
* This function needs to be called after router->is_running has
* This function needs to be called after router-\>is_running has
* been set.
*/
static int
@ -1992,7 +1991,11 @@ get_possible_sybil_list(const smartlist_t *routers)
* functions and store it in <b>rs</b>>. If <b>naming</b>, consider setting
* the named flag in <b>rs</b>. If not <b>exits_can_be_guards</b>, never mark
* an exit as a guard. If <b>listbadexits</b>, consider setting the badexit
* flag. */
* flag.
*
* We assume that ri-\>is_running has already been set, e.g. by
* dirserv_set_router_is_running(ri, now);
*/
static void
set_routerstatus_from_routerinfo(routerstatus_t *rs,
routerinfo_t *ri, time_t now,
@ -2678,6 +2681,7 @@ dirserv_orconn_tls_done(const char *address,
{
routerlist_t *rl = router_get_routerlist();
time_t now = time(NULL);
int bridge_auth = authdir_mode_bridge(get_options());
tor_assert(address);
tor_assert(digest_rcvd);
@ -2686,11 +2690,13 @@ dirserv_orconn_tls_done(const char *address,
as_advertised &&
!memcmp(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
/* correct digest. mark this router reachable! */
if (!bridge_auth || ri->purpose == ROUTER_PURPOSE_BRIDGE) {
log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
ri->nickname);
rep_hist_note_router_reachable(digest_rcvd, now);
ri->last_reachable = now;
}
}
});
/* FFFF Maybe we should reinstate the code that dumps routers with the same
* addr/port but with nonmatching keys, but instead of dumping, we should
@ -2719,11 +2725,14 @@ dirserv_test_reachability(time_t now, int try_all)
// time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
routerlist_t *rl = router_get_routerlist();
static char ctr = 0;
int bridge_auth = authdir_mode_bridge(get_options());
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
const char *id_digest = router->cache_info.identity_digest;
if (router_is_me(router))
continue;
if (bridge_auth && router->purpose != ROUTER_PURPOSE_BRIDGE)
continue; /* bridge authorities only test reachability on bridges */
// if (router->cache_info.published_on > cutoff)
// continue;
if (try_all || (((uint8_t)id_digest[0]) % 128) == ctr) {

View File

@ -40,13 +40,14 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
#define LONGEST_STATUS_FLAG_NAME_LEN 9
/** Maximum number of status flags we'll apply to one router. */
#define N_STATUS_FLAGS 10
/** Amount of space to allocate for each entry. (r line and s line.) */
/** Amount of space to allocate for each entry: r, s, and v lines. */
#define RS_ENTRY_LEN \
( /* first line */ \
MAX_NICKNAME_LEN+BASE64_DIGEST_LEN*2+ISO_TIME_LEN+INET_NTOA_BUF_LEN+ \
5*2 /* ports */ + 10 /* punctuation */ + \
/* second line */ \
(LONGEST_STATUS_FLAG_NAME_LEN+1)*N_STATUS_FLAGS + 2)
/* XXX020 RS_ENTRY_LEN should probably include space for v lines */
size_t len;
char *status = NULL;
@ -208,7 +209,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
* ===== */
/** Given a vote <b>vote</b> (not a consensus!), return its associated
* networkstatus_voter_info_t.*/
* networkstatus_voter_info_t. */
static networkstatus_voter_info_t *
get_voter(const networkstatus_vote_t *vote)
{

View File

@ -920,7 +920,7 @@ run_scheduled_events(time_t now)
if (now % 10 == 0 && (authdir_mode_tests_reachability(options)) &&
!we_are_hibernating()) {
/* try to determine reachability of the other Tor servers */
/* try to determine reachability of the other Tor relays */
dirserv_test_reachability(now, 0);
}

View File

@ -472,7 +472,7 @@ _compare_networkstatus_v2_published_on(const void **_a, const void **_b)
return 0;
}
/** Add the parsed neworkstatus in <b>ns</b> (with original document in
/** Add the parsed v2 networkstatus in <b>ns</b> (with original document in
* <b>s</b>) to the disk cache (and the in-memory directory server cache) as
* appropriate. */
static int
@ -1672,6 +1672,7 @@ char *
networkstatus_getinfo_helper_single(routerstatus_t *rs)
{
char buf[256];
/* XXX020 that 256 above sounds a lot like RS_ENTRY_LEN in dirvote.c */
routerstatus_format_entry(buf, sizeof(buf), rs, NULL, 0);
return tor_strdup(buf);
}

View File

@ -3716,7 +3716,7 @@ int authdir_mode_handles_descs(or_options_t *options);
int authdir_mode_publishes_statuses(or_options_t *options);
int authdir_mode_tests_reachability(or_options_t *options);
int authdir_mode_bridge(or_options_t *options);
int authdir_mode_any_nonbridge(or_options_t *options);
int authdir_mode_any_nonhidserv(or_options_t *options);
int clique_mode(or_options_t *options);
int server_mode(or_options_t *options);
int advertised_server_mode(void);

View File

@ -676,6 +676,8 @@ rep_hist_record_mtbf_data(void)
PUT("data\n");
/* XXX020 Nick: now bridge auths record this for all routers too.
* Should we make them record it only for bridge routers? */
for (orhist_it = digestmap_iter_init(history_map);
!digestmap_iter_done(orhist_it);
orhist_it = digestmap_iter_next(history_map,orhist_it)) {

View File

@ -823,13 +823,14 @@ authdir_mode_v3(or_options_t *options)
{
return authdir_mode(options) && options->V3AuthoritativeDir != 0;
}
/** Return true if we belive ourselves to be any kind of non-bridge
* authoritative directory */
/** Return true if we believe ourselves to be any kind of
* authoritative directory beyond just a hidserv authority. */
int
authdir_mode_any_nonbridge(or_options_t *options)
authdir_mode_any_nonhidserv(or_options_t *options)
{
return authdir_mode(options) &&
(options->V1AuthoritativeDir ||
(options->BridgeAuthoritativeDir ||
options->V1AuthoritativeDir ||
options->V2AuthoritativeDir ||
options->V3AuthoritativeDir);
}
@ -839,8 +840,7 @@ authdir_mode_any_nonbridge(or_options_t *options)
int
authdir_mode_handles_descs(or_options_t *options)
{
return authdir_mode_any_nonbridge(options) ||
authdir_mode_bridge(options);
return authdir_mode_any_nonhidserv(options);
}
/** Return true iff we are an authoritative directory server that
* publishes its own network statuses.
@ -850,7 +850,7 @@ authdir_mode_publishes_statuses(or_options_t *options)
{
if (authdir_mode_bridge(options))
return 0;
return authdir_mode_any_nonbridge(options);
return authdir_mode_any_nonhidserv(options);
}
/** Return true iff we are an authoritative directory server that
* tests reachability of the descriptors it learns about.
@ -858,7 +858,7 @@ authdir_mode_publishes_statuses(or_options_t *options)
int
authdir_mode_tests_reachability(or_options_t *options)
{
return authdir_mode_any_nonbridge(options);
return authdir_mode_handles_descs(options);
}
/** Return true iff we believe ourselves to be a bridge authoritative
* directory server.
@ -868,7 +868,10 @@ authdir_mode_bridge(or_options_t *options)
{
return authdir_mode(options) && options->BridgeAuthoritativeDir != 0;
}
/** Return true iff we try to stay connected to all ORs at once.
/** Return true iff we once tried to stay connected to all ORs at once.
* FFFF this function, and the notion of staying connected to ORs, is
* nearly obsolete. One day there will be a proposal for getting rid of
* it.
*/
int
clique_mode(or_options_t *options)

View File

@ -2419,8 +2419,8 @@ routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
* search over the list to decide which to remove. We put ri_new in the same
* index as ri_old, if possible. ri is freed as appropriate.
*
* If <b>make_old</b> is true, instead of deleting the router, we try adding
* it to rl-&gt;old_routers. */
* If should_cache_descriptors() is true, instead of deleting the router,
* we add it to rl-&gt;old_routers. */
static void
routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
routerinfo_t *ri_new)
@ -3830,7 +3830,9 @@ update_consensus_router_descriptor_downloads(time_t now)
smartlist_add(downloadable, rs->descriptor_digest);
});
if (!authdir_mode_any_nonbridge(options) && smartlist_len(no_longer_old)) {
if (!authdir_mode_handles_descs(options) && smartlist_len(no_longer_old)) {
/* XXX020 Nick: where do authorities decide never to put stuff in old?
* We should make sure bridge descriptors do that too. */
routerlist_t *rl = router_get_routerlist();
log_info(LD_DIR, "%d router descriptors listed in consensus are "
"currently in old_routers; making them current.",