mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Make bridge authorities test reachability of bridges.
Added two XXX020's that we need to think harder about. svn:r12859
This commit is contained in:
parent
bbbf25db4d
commit
b63a247c68
@ -1581,7 +1581,6 @@ static int
|
||||
should_generate_v2_networkstatus(void)
|
||||
{
|
||||
return authdir_mode_v2(get_options()) &&
|
||||
!authdir_mode_bridge(get_options()) && /* XXX020 RD */
|
||||
the_v2_networkstatus_is_dirty &&
|
||||
the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
|
||||
}
|
||||
@ -1673,7 +1672,7 @@ dirserv_thinks_router_is_unreliable(time_t now,
|
||||
* Right now this means it advertises support for it, it has a high
|
||||
* uptime, and it's currently considered Running.
|
||||
*
|
||||
* This function needs to be called after router->is_running has
|
||||
* This function needs to be called after router-\>is_running has
|
||||
* been set.
|
||||
*/
|
||||
static int
|
||||
@ -1992,7 +1991,11 @@ get_possible_sybil_list(const smartlist_t *routers)
|
||||
* functions and store it in <b>rs</b>>. If <b>naming</b>, consider setting
|
||||
* the named flag in <b>rs</b>. If not <b>exits_can_be_guards</b>, never mark
|
||||
* an exit as a guard. If <b>listbadexits</b>, consider setting the badexit
|
||||
* flag. */
|
||||
* flag.
|
||||
*
|
||||
* We assume that ri-\>is_running has already been set, e.g. by
|
||||
* dirserv_set_router_is_running(ri, now);
|
||||
*/
|
||||
static void
|
||||
set_routerstatus_from_routerinfo(routerstatus_t *rs,
|
||||
routerinfo_t *ri, time_t now,
|
||||
@ -2678,6 +2681,7 @@ dirserv_orconn_tls_done(const char *address,
|
||||
{
|
||||
routerlist_t *rl = router_get_routerlist();
|
||||
time_t now = time(NULL);
|
||||
int bridge_auth = authdir_mode_bridge(get_options());
|
||||
tor_assert(address);
|
||||
tor_assert(digest_rcvd);
|
||||
|
||||
@ -2686,11 +2690,13 @@ dirserv_orconn_tls_done(const char *address,
|
||||
as_advertised &&
|
||||
!memcmp(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
|
||||
/* correct digest. mark this router reachable! */
|
||||
if (!bridge_auth || ri->purpose == ROUTER_PURPOSE_BRIDGE) {
|
||||
log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
|
||||
ri->nickname);
|
||||
rep_hist_note_router_reachable(digest_rcvd, now);
|
||||
ri->last_reachable = now;
|
||||
}
|
||||
}
|
||||
});
|
||||
/* FFFF Maybe we should reinstate the code that dumps routers with the same
|
||||
* addr/port but with nonmatching keys, but instead of dumping, we should
|
||||
@ -2719,11 +2725,14 @@ dirserv_test_reachability(time_t now, int try_all)
|
||||
// time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
||||
routerlist_t *rl = router_get_routerlist();
|
||||
static char ctr = 0;
|
||||
int bridge_auth = authdir_mode_bridge(get_options());
|
||||
|
||||
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
|
||||
const char *id_digest = router->cache_info.identity_digest;
|
||||
if (router_is_me(router))
|
||||
continue;
|
||||
if (bridge_auth && router->purpose != ROUTER_PURPOSE_BRIDGE)
|
||||
continue; /* bridge authorities only test reachability on bridges */
|
||||
// if (router->cache_info.published_on > cutoff)
|
||||
// continue;
|
||||
if (try_all || (((uint8_t)id_digest[0]) % 128) == ctr) {
|
||||
|
@ -40,13 +40,14 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
|
||||
#define LONGEST_STATUS_FLAG_NAME_LEN 9
|
||||
/** Maximum number of status flags we'll apply to one router. */
|
||||
#define N_STATUS_FLAGS 10
|
||||
/** Amount of space to allocate for each entry. (r line and s line.) */
|
||||
/** Amount of space to allocate for each entry: r, s, and v lines. */
|
||||
#define RS_ENTRY_LEN \
|
||||
( /* first line */ \
|
||||
MAX_NICKNAME_LEN+BASE64_DIGEST_LEN*2+ISO_TIME_LEN+INET_NTOA_BUF_LEN+ \
|
||||
5*2 /* ports */ + 10 /* punctuation */ + \
|
||||
/* second line */ \
|
||||
(LONGEST_STATUS_FLAG_NAME_LEN+1)*N_STATUS_FLAGS + 2)
|
||||
/* XXX020 RS_ENTRY_LEN should probably include space for v lines */
|
||||
|
||||
size_t len;
|
||||
char *status = NULL;
|
||||
@ -208,7 +209,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
|
||||
* ===== */
|
||||
|
||||
/** Given a vote <b>vote</b> (not a consensus!), return its associated
|
||||
* networkstatus_voter_info_t.*/
|
||||
* networkstatus_voter_info_t. */
|
||||
static networkstatus_voter_info_t *
|
||||
get_voter(const networkstatus_vote_t *vote)
|
||||
{
|
||||
|
@ -920,7 +920,7 @@ run_scheduled_events(time_t now)
|
||||
|
||||
if (now % 10 == 0 && (authdir_mode_tests_reachability(options)) &&
|
||||
!we_are_hibernating()) {
|
||||
/* try to determine reachability of the other Tor servers */
|
||||
/* try to determine reachability of the other Tor relays */
|
||||
dirserv_test_reachability(now, 0);
|
||||
}
|
||||
|
||||
|
@ -472,7 +472,7 @@ _compare_networkstatus_v2_published_on(const void **_a, const void **_b)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Add the parsed neworkstatus in <b>ns</b> (with original document in
|
||||
/** Add the parsed v2 networkstatus in <b>ns</b> (with original document in
|
||||
* <b>s</b>) to the disk cache (and the in-memory directory server cache) as
|
||||
* appropriate. */
|
||||
static int
|
||||
@ -1672,6 +1672,7 @@ char *
|
||||
networkstatus_getinfo_helper_single(routerstatus_t *rs)
|
||||
{
|
||||
char buf[256];
|
||||
/* XXX020 that 256 above sounds a lot like RS_ENTRY_LEN in dirvote.c */
|
||||
routerstatus_format_entry(buf, sizeof(buf), rs, NULL, 0);
|
||||
return tor_strdup(buf);
|
||||
}
|
||||
|
@ -3716,7 +3716,7 @@ int authdir_mode_handles_descs(or_options_t *options);
|
||||
int authdir_mode_publishes_statuses(or_options_t *options);
|
||||
int authdir_mode_tests_reachability(or_options_t *options);
|
||||
int authdir_mode_bridge(or_options_t *options);
|
||||
int authdir_mode_any_nonbridge(or_options_t *options);
|
||||
int authdir_mode_any_nonhidserv(or_options_t *options);
|
||||
int clique_mode(or_options_t *options);
|
||||
int server_mode(or_options_t *options);
|
||||
int advertised_server_mode(void);
|
||||
|
@ -676,6 +676,8 @@ rep_hist_record_mtbf_data(void)
|
||||
|
||||
PUT("data\n");
|
||||
|
||||
/* XXX020 Nick: now bridge auths record this for all routers too.
|
||||
* Should we make them record it only for bridge routers? */
|
||||
for (orhist_it = digestmap_iter_init(history_map);
|
||||
!digestmap_iter_done(orhist_it);
|
||||
orhist_it = digestmap_iter_next(history_map,orhist_it)) {
|
||||
|
@ -823,13 +823,14 @@ authdir_mode_v3(or_options_t *options)
|
||||
{
|
||||
return authdir_mode(options) && options->V3AuthoritativeDir != 0;
|
||||
}
|
||||
/** Return true if we belive ourselves to be any kind of non-bridge
|
||||
* authoritative directory */
|
||||
/** Return true if we believe ourselves to be any kind of
|
||||
* authoritative directory beyond just a hidserv authority. */
|
||||
int
|
||||
authdir_mode_any_nonbridge(or_options_t *options)
|
||||
authdir_mode_any_nonhidserv(or_options_t *options)
|
||||
{
|
||||
return authdir_mode(options) &&
|
||||
(options->V1AuthoritativeDir ||
|
||||
(options->BridgeAuthoritativeDir ||
|
||||
options->V1AuthoritativeDir ||
|
||||
options->V2AuthoritativeDir ||
|
||||
options->V3AuthoritativeDir);
|
||||
}
|
||||
@ -839,8 +840,7 @@ authdir_mode_any_nonbridge(or_options_t *options)
|
||||
int
|
||||
authdir_mode_handles_descs(or_options_t *options)
|
||||
{
|
||||
return authdir_mode_any_nonbridge(options) ||
|
||||
authdir_mode_bridge(options);
|
||||
return authdir_mode_any_nonhidserv(options);
|
||||
}
|
||||
/** Return true iff we are an authoritative directory server that
|
||||
* publishes its own network statuses.
|
||||
@ -850,7 +850,7 @@ authdir_mode_publishes_statuses(or_options_t *options)
|
||||
{
|
||||
if (authdir_mode_bridge(options))
|
||||
return 0;
|
||||
return authdir_mode_any_nonbridge(options);
|
||||
return authdir_mode_any_nonhidserv(options);
|
||||
}
|
||||
/** Return true iff we are an authoritative directory server that
|
||||
* tests reachability of the descriptors it learns about.
|
||||
@ -858,7 +858,7 @@ authdir_mode_publishes_statuses(or_options_t *options)
|
||||
int
|
||||
authdir_mode_tests_reachability(or_options_t *options)
|
||||
{
|
||||
return authdir_mode_any_nonbridge(options);
|
||||
return authdir_mode_handles_descs(options);
|
||||
}
|
||||
/** Return true iff we believe ourselves to be a bridge authoritative
|
||||
* directory server.
|
||||
@ -868,7 +868,10 @@ authdir_mode_bridge(or_options_t *options)
|
||||
{
|
||||
return authdir_mode(options) && options->BridgeAuthoritativeDir != 0;
|
||||
}
|
||||
/** Return true iff we try to stay connected to all ORs at once.
|
||||
/** Return true iff we once tried to stay connected to all ORs at once.
|
||||
* FFFF this function, and the notion of staying connected to ORs, is
|
||||
* nearly obsolete. One day there will be a proposal for getting rid of
|
||||
* it.
|
||||
*/
|
||||
int
|
||||
clique_mode(or_options_t *options)
|
||||
|
@ -2419,8 +2419,8 @@ routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
|
||||
* search over the list to decide which to remove. We put ri_new in the same
|
||||
* index as ri_old, if possible. ri is freed as appropriate.
|
||||
*
|
||||
* If <b>make_old</b> is true, instead of deleting the router, we try adding
|
||||
* it to rl->old_routers. */
|
||||
* If should_cache_descriptors() is true, instead of deleting the router,
|
||||
* we add it to rl->old_routers. */
|
||||
static void
|
||||
routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
|
||||
routerinfo_t *ri_new)
|
||||
@ -3830,7 +3830,9 @@ update_consensus_router_descriptor_downloads(time_t now)
|
||||
smartlist_add(downloadable, rs->descriptor_digest);
|
||||
});
|
||||
|
||||
if (!authdir_mode_any_nonbridge(options) && smartlist_len(no_longer_old)) {
|
||||
if (!authdir_mode_handles_descs(options) && smartlist_len(no_longer_old)) {
|
||||
/* XXX020 Nick: where do authorities decide never to put stuff in old?
|
||||
* We should make sure bridge descriptors do that too. */
|
||||
routerlist_t *rl = router_get_routerlist();
|
||||
log_info(LD_DIR, "%d router descriptors listed in consensus are "
|
||||
"currently in old_routers; making them current.",
|
||||
|
Loading…
Reference in New Issue
Block a user