nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'karsten/task-11070'

Browse Source
This commit is contained in:
Nick Mathewson 2014-03-23 00:18:48 -04:00
commit f4e2c72bee
14 changed files with 25 additions and 408 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
changes/bug11070 Normal file
View File

@ -0,0 +1,4 @@
o Removed code:
- Remove all code for the long unused v1 directory protocol. Resolves
ticket 11070.

17
doc/tor.1.txt
View File

@ -342,9 +342,7 @@ GENERAL OPTIONS
many times, for multiple authoritative directory servers. Flags are
separated by spaces, and determine what kind of an authority this directory
is. By default, an authority is not authoritative for any directory style
or version unless an appropriate flag is given. If the "v1" flag is
provided, Tor will use this server as an authority for old-style (v1)
directories as well. (Only directory mirrors care about this.)
or version unless an appropriate flag is given.
Tor will use this authority as a bridge authoritative directory if the
"bridge" flag is set. If a flag "orport=**port**" is given, Tor will use the
given port when opening encrypted tunnels to the dirserver. If a flag
@ -1584,7 +1582,7 @@ is non-zero):
If set to a path, only the specified path will be executed.
(Default: tor-fw-helper)
[[PublishServerDescriptor]] **PublishServerDescriptor** **0**|**1**|**v1**|**v2**|**v3**|**bridge**,**...**::
[[PublishServerDescriptor]] **PublishServerDescriptor** **0**|**1**|**v3**|**bridge**,**...**::
This option specifies which descriptors Tor will publish when acting as
a relay. You can
choose multiple arguments, separated by commas.
@ -1774,17 +1772,6 @@ if DirPort is non-zero):
to set up a separate webserver. There's a sample disclaimer in
contrib/tor-exit-notice.html.
[[V1AuthoritativeDirectory]] **V1AuthoritativeDirectory** **0**|**1**::
When this option is set in addition to **AuthoritativeDirectory**, Tor
generates version 1 directory and running-routers documents (for legacy
Tor clients up to 0.1.0.x).
[[V2AuthoritativeDirectory]] **V2AuthoritativeDirectory** **0**|**1**::
When this option is set in addition to **AuthoritativeDirectory**, Tor
generates version 2 network statuses and serves descriptors, etc as
described in doc/spec/dir-spec-v2.txt (for Tor clients and servers running
0.1.1.x and 0.1.2.x).
[[V3AuthoritativeDirectory]] **V3AuthoritativeDirectory** **0**|**1**::
When this option is set in addition to **AuthoritativeDirectory**, Tor
generates version 3 network statuses and serves descriptors, etc as

25
src/or/config.c
View File

@ -420,7 +420,7 @@ static config_var_t option_vars_[] = {
V(UseNTorHandshake, AUTOBOOL, "1"),
V(User, STRING, NULL),
V(UserspaceIOCPBuffers, BOOL, "0"),
VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir, "0"),
OBSOLETE("V1AuthoritativeDirectory"),
OBSOLETE("V2AuthoritativeDirectory"),
VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir, "0"),
V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
@ -846,7 +846,7 @@ add_default_trusted_dir_authorities(dirinfo_type_t type)
"moria1 orport=9101 "
"v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 "
"128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31",
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
"tor26 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
"dizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 "
"194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755",
@ -978,8 +978,7 @@ consider_adding_dir_servers(const or_options_t *options,
if (!options->AlternateBridgeAuthority)
type |= BRIDGE_DIRINFO;
if (!options->AlternateDirAuthority)
type |= V1_DIRINFO | V3_DIRINFO | EXTRAINFO_DIRINFO |
MICRODESC_DIRINFO;
type |= V3_DIRINFO | EXTRAINFO_DIRINFO | MICRODESC_DIRINFO;
add_default_trusted_dir_authorities(type);
}
if (!options->FallbackDir)
@ -2367,14 +2366,16 @@ compute_publishserverdescriptor(or_options_t *options)
return 0;
SMARTLIST_FOREACH_BEGIN(list, const char *, string) {
if (!strcasecmp(string, "v1"))
*auth |= V1_DIRINFO;
log_warn(LD_CONFIG, "PublishServerDescriptor v1 has no effect, because "
"there are no v1 directory authorities anymore.");
else if (!strcmp(string, "1"))
if (options->BridgeRelay)
*auth |= BRIDGE_DIRINFO;
else
*auth |= V3_DIRINFO;
else if (!strcasecmp(string, "v2"))
/* obsolete */;
log_warn(LD_CONFIG, "PublishServerDescriptor v2 has no effect, because "
"there are no v2 directory authorities anymore.");
else if (!strcasecmp(string, "v3"))
*auth |= V3_DIRINFO;
else if (!strcasecmp(string, "bridge"))
@ -2595,8 +2596,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->AuthoritativeDir) {
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
if (options->V1AuthoritativeDir && !options->RecommendedVersions)
REJECT("V1 authoritative dir servers must set RecommendedVersions.");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
@ -2619,10 +2618,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
options->DownloadExtraInfo = 1;
}
if (!(options->BridgeAuthoritativeDir ||
options->V1AuthoritativeDir ||
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/V1/V3)AuthoritativeDir is set.");
"(Bridge/V3)AuthoritativeDir is set.");
/* If we have a v3bandwidthsfile and it's broken, complain on startup */
if (options->V3BandwidthsFile && !old_options) {
dirserv_read_measured_bandwidths(options->V3BandwidthsFile, NULL);
@ -2827,8 +2825,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
if ((options->BridgeRelay
|| options->PublishServerDescriptor_ & BRIDGE_DIRINFO)
&& (options->PublishServerDescriptor_
& (V1_DIRINFO|V3_DIRINFO))) {
&& (options->PublishServerDescriptor_ & V3_DIRINFO)) {
REJECT("Bridges are not supposed to publish router descriptors to the "
"directory authorities. Please correct your "
"PublishServerDescriptor line.");
@ -5055,9 +5052,7 @@ parse_dir_authority_line(const char *line, dirinfo_type_t required_type,
char *flag = smartlist_get(items, 0);
if (TOR_ISDIGIT(flag[0]))
break;
if (!strcasecmp(flag, "v1")) {
type |= V1_DIRINFO;
} else if (!strcasecmp(flag, "hs") ||
if (!strcasecmp(flag, "hs") ||
!strcasecmp(flag, "no-hs")) {
log_warn(LD_CONFIG, "The DirAuthority options 'hs' and 'no-hs' are "
"obsolete; you don't need them any more.");

5
src/or/connection.c
View File

@ -2513,9 +2513,8 @@ connection_bucket_write_limit(connection_t *conn, time_t now)
* shouldn't send <b>attempt</b> bytes of low-priority directory stuff
* out to <b>conn</b>. Else return 0.
* Priority is 1 for v1 requests (directories and running-routers),
* and 2 for v2 requests (statuses and descriptors). But see FFFF in
* directory_handle_command_get() for why we don't use priority 2 yet.
* Priority was 1 for v1 requests (directories and running-routers),
* and 2 for v2 requests and later (statuses and descriptors).
*
* There are a lot of parameters we could use here:
* - global_relayed_write_bucket. Low is bad.

2
src/or/connection_or.c
View File

@ -1760,8 +1760,6 @@ connection_tls_finish_handshake(or_connection_t *conn)
safe_str_client(conn->base_.address),
tor_tls_get_ciphersuite_name(conn->tls));
directory_set_dirty();
if (connection_or_check_valid_tls_handshake(conn, started_here,
digest_rcvd) < 0)
return -1;

83
src/or/directory.c
View File

@ -148,8 +148,6 @@ authdir_type_to_string(dirinfo_type_t auth)
{
char *result;
smartlist_t *lst = smartlist_new();
if (auth & V1_DIRINFO)
smartlist_add(lst, (void*)"V1");
if (auth & V3_DIRINFO)
smartlist_add(lst, (void*)"V3");
if (auth & BRIDGE_DIRINFO)
@ -247,7 +245,7 @@ directories_have_accepted_server_descriptor(void)
* <b>router_purpose</b> describes the type of descriptor we're
* publishing, if we're publishing a descriptor -- e.g. general or bridge.
*
* <b>type</b> specifies what sort of dir authorities (V1, V3,
* <b>type</b> specifies what sort of dir authorities (V3,
* BRIDGE, etc) we should upload to.
*
* If <b>extrainfo_len</b> is nonzero, the first <b>payload_len</b> bytes of
@ -1488,8 +1486,8 @@ parse_http_response(const char *headers, int *code, time_t *date,
}
/** Return true iff <b>body</b> doesn't start with a plausible router or
* running-list or directory opening. This is a sign of possible compression.
**/
* network-status or microdescriptor opening. This is a sign of possible
* compression. */
static int
body_is_plausible(const char *body, size_t len, int purpose)
{
@ -1503,9 +1501,7 @@ body_is_plausible(const char *body, size_t len, int purpose)
}
if (1) {
if (!strcmpstart(body,"router") ||
!strcmpstart(body,"signed-directory") ||
!strcmpstart(body,"network-status") ||
!strcmpstart(body,"running-routers"))
!strcmpstart(body,"network-status"))
return 1;
for (i=0;i<32;++i) {
if (!TOR_ISPRINT(body[i]) && !TOR_ISSPACE(body[i]))
@ -2585,75 +2581,6 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
/* if no disclaimer file, fall through and continue */
}
if (!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir")) { /* v1 dir fetch */
cached_dir_t *d = dirserv_get_directory();
if (!d) {
log_info(LD_DIRSERV,"Client asked for the mirrored directory, but we "
"don't have a good one yet. Sending 503 Dir not available.");
write_http_status_line(conn, 503, "Directory unavailable");
goto done;
}
if (d->published < if_modified_since) {
write_http_status_line(conn, 304, "Not modified");
goto done;
}
dlen = compressed ? d->dir_z_len : d->dir_len;
if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
log_debug(LD_DIRSERV,
"Client asked for the mirrored directory, but we've been "
"writing too many bytes lately. Sending 503 Dir busy.");
write_http_status_line(conn, 503, "Directory busy, try again later");
goto done;
}
note_request(url, dlen);
log_debug(LD_DIRSERV,"Dumping %sdirectory to client.",
compressed?"compressed ":"");
write_http_response_header(conn, dlen, compressed,
FULL_DIR_CACHE_LIFETIME);
conn->cached_dir = d;
conn->cached_dir_offset = 0;
if (!compressed)
conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
++d->refcnt;
/* Prime the connection with some data. */
conn->dir_spool_src = DIR_SPOOL_CACHED_DIR;
connection_dirserv_flushed_some(conn);
goto done;
}
if (!strcmp(url,"/tor/running-routers")) { /* running-routers fetch */
cached_dir_t *d = dirserv_get_runningrouters();
if (!d) {
write_http_status_line(conn, 503, "Directory unavailable");
goto done;
}
if (d->published < if_modified_since) {
write_http_status_line(conn, 304, "Not modified");
goto done;
}
dlen = compressed ? d->dir_z_len : d->dir_len;
if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
log_info(LD_DIRSERV,
"Client asked for running-routers, but we've been "
"writing too many bytes lately. Sending 503 Dir busy.");
write_http_status_line(conn, 503, "Directory busy, try again later");
goto done;
}
note_request(url, dlen);
write_http_response_header(conn, dlen, compressed,
RUNNINGROUTERS_CACHE_LIFETIME);
connection_write_to_buf(compressed ? d->dir_z : d->dir, dlen,
TO_CONN(conn));
goto done;
}
if (!strcmpstart(url, "/tor/status-vote/current/consensus")) {
/* v3 network status fetch. */
smartlist_t *dir_fps = smartlist_new();
@ -3268,8 +3195,6 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,
was_router_added_t r = dirserv_add_multiple_descriptors(body, purpose,
conn->base_.address, &msg);
tor_assert(msg);
if (WRA_WAS_ADDED(r))
dirserv_get_directory(); /* rebuild and write to disk */
if (r == ROUTER_ADDED_NOTIFY_GENERATOR) {
/* Accepted with a message. */

258
src/or/dirserv.c
View File

@ -42,28 +42,10 @@
* directory authorities. */
#define MAX_UNTRUSTED_NETWORKSTATUSES 16
/** If a v1 directory is older than this, discard it. */
#define MAX_V1_DIRECTORY_AGE (30*24*60*60)
/** If a v1 running-routers is older than this, discard it. */
#define MAX_V1_RR_AGE (7*24*60*60)
extern time_t time_of_process_start; /* from main.c */
extern long stats_n_seconds_working; /* from main.c */
/** Do we need to regenerate the v1 directory when someone asks for it? */
static time_t the_directory_is_dirty = 1;
/** Do we need to regenerate the v1 runningrouters document when somebody
* asks for it? */
static time_t runningrouters_is_dirty = 1;
/** Most recently generated encoded signed v1 directory. (v1 auth dirservers
* only.) */
static cached_dir_t *the_directory = NULL;
/** For authoritative directories: the current (v1) network status. */
static cached_dir_t the_runningrouters;
/** Total number of routers with measured bandwidth; this is set by
* dirserv_count_measured_bws() before the loop in
* dirserv_generate_networkstatus_vote_obj() and checked by
@ -72,7 +54,6 @@ static cached_dir_t the_runningrouters;
static int routers_with_measured_bw = 0;
static void directory_remove_invalid(void);
static cached_dir_t *dirserv_regenerate_directory(void);
static char *format_versions_list(config_line_t *ln);
struct authdir_config_t;
static int add_fingerprint_to_dir(const char *nickname, const char *fp,
@ -827,7 +808,6 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
static void
directory_remove_invalid(void)
{
int changed = 0;
routerlist_t *rl = router_get_routerlist();
smartlist_t *nodes = smartlist_new();
smartlist_add_all(nodes, nodelist_get_list());
@ -845,7 +825,6 @@ directory_remove_invalid(void)
log_info(LD_DIRSERV, "Router %s is now rejected: %s",
description, msg?msg:"");
routerlist_remove(rl, ent, 0, time(NULL));
changed = 1;
continue;
}
#if 0
@ -854,70 +833,35 @@ directory_remove_invalid(void)
"Router %s is now %snamed.", description,
(r&FP_NAMED)?"":"un");
ent->is_named = (r&FP_NAMED)?1:0;
changed = 1;
}
if (bool_neq((r & FP_UNNAMED), ent->auth_says_is_unnamed)) {
log_info(LD_DIRSERV,
"Router '%s' is now %snamed. (FP_UNNAMED)", description,
(r&FP_NAMED)?"":"un");
ent->is_named = (r&FP_NUNAMED)?0:1;
changed = 1;
}
#endif
if (bool_neq((r & FP_INVALID), !node->is_valid)) {
log_info(LD_DIRSERV, "Router '%s' is now %svalid.", description,
(r&FP_INVALID) ? "in" : "");
node->is_valid = (r&FP_INVALID)?0:1;
changed = 1;
}
if (bool_neq((r & FP_BADDIR), node->is_bad_directory)) {
log_info(LD_DIRSERV, "Router '%s' is now a %s directory", description,
(r & FP_BADDIR) ? "bad" : "good");
node->is_bad_directory = (r&FP_BADDIR) ? 1: 0;
changed = 1;
}
if (bool_neq((r & FP_BADEXIT), node->is_bad_exit)) {
log_info(LD_DIRSERV, "Router '%s' is now a %s exit", description,
(r & FP_BADEXIT) ? "bad" : "good");
node->is_bad_exit = (r&FP_BADEXIT) ? 1: 0;
changed = 1;
}
} SMARTLIST_FOREACH_END(node);
if (changed)
directory_set_dirty();
routerlist_assert_ok(rl);
smartlist_free(nodes);
}
/** Mark the directory as <b>dirty</b> -- when we're next asked for a
* directory, we will rebuild it instead of reusing the most recently
* generated one.
*/
void
directory_set_dirty(void)
{
time_t now = time(NULL);
int set_v1_dirty=0;
/* Regenerate stubs only every 8 hours.
* XXXX It would be nice to generate less often, but these are just
* stubs: it doesn't matter. */
#define STUB_REGENERATE_INTERVAL (8*60*60)
if (!the_directory || !the_runningrouters.dir)
set_v1_dirty = 1;
else if (the_directory->published < now - STUB_REGENERATE_INTERVAL ||
the_runningrouters.published < now - STUB_REGENERATE_INTERVAL)
set_v1_dirty = 1;
if (set_v1_dirty) {
if (!the_directory_is_dirty)
the_directory_is_dirty = now;
if (!runningrouters_is_dirty)
runningrouters_is_dirty = now;
}
}
/**
* Allocate and return a description of the status of the server <b>desc</b>,
* for use in a v1-style router-status line. The server is listed
@ -1306,51 +1250,10 @@ directory_too_idle_to_fetch_descriptors(const or_options_t *options,
/********************************************************************/
/* Used only by non-v1-auth dirservers: The v1 directory and
* runningrouters we'll serve when requested. */
/** The v1 directory we'll serve (as a cache or as an authority) if
* requested. */
static cached_dir_t *cached_directory = NULL;
/** The v1 runningrouters document we'll serve (as a cache or as an authority)
* if requested. */
static cached_dir_t cached_runningrouters;
/** Map from flavor name to the cached_dir_t for the v3 consensuses that we're
* currently serving. */
static strmap_t *cached_consensuses = NULL;
/** Possibly replace the contents of <b>d</b> with the value of
* <b>directory</b> published on <b>when</b>, unless <b>when</b> is older than
* the last value, or too far in the future.
*
* Does not copy <b>directory</b>; frees it if it isn't used.
*/
static void
set_cached_dir(cached_dir_t *d, char *directory, time_t when)
{
time_t now = time(NULL);
if (when<=d->published) {
log_info(LD_DIRSERV, "Ignoring old directory; not caching.");
tor_free(directory);
} else if (when>=now+ROUTER_MAX_AGE_TO_PUBLISH) {
log_info(LD_DIRSERV, "Ignoring future directory; not caching.");
tor_free(directory);
} else {
/* if (when>d->published && when<now+ROUTER_MAX_AGE) */
log_debug(LD_DIRSERV, "Caching directory.");
tor_free(d->dir);
d->dir = directory;
d->dir_len = strlen(directory);
tor_free(d->dir_z);
if (tor_gzip_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len,
ZLIB_METHOD)) {
log_warn(LD_BUG,"Error compressing cached directory");
}
d->published = when;
}
}
/** Decrement the reference count on <b>d</b>, and free it if it no longer has
* any references. */
void
@ -1400,22 +1303,6 @@ free_cached_dir_(void *_d)
cached_dir_decref(d);
}
/** If we have no cached v1 directory, or it is older than <b>published</b>,
* then replace it with <b>directory</b>, published at <b>published</b>.
*
* If <b>published</b> is too old, do nothing.
*
* If <b>is_running_routers</b>, this is really a v1 running_routers
* document rather than a v1 directory.
*/
static void
dirserv_set_cached_directory(const char *directory, time_t published)
{
cached_dir_decref(cached_directory);
cached_directory = new_cached_dir(tor_strdup(directory), published);
}
/** Replace the v3 consensus networkstatus of type <b>flavor_name</b> that
* we're serving with <b>networkstatus</b>, published at <b>published</b>. No
* validation is performed. */
@ -1438,146 +1325,6 @@ dirserv_set_cached_consensus_networkstatus(const char *networkstatus,
cached_dir_decref(old_networkstatus);
}
/** Helper: If we're an authority for the right directory version (v1)
* (based on <b>auth_type</b>), try to regenerate
* auth_src as appropriate and return it, falling back to cache_src on
* failure. If we're a cache, simply return cache_src.
*/
static cached_dir_t *
dirserv_pick_cached_dir_obj(cached_dir_t *cache_src,
cached_dir_t *auth_src,
time_t dirty, cached_dir_t *(*regenerate)(void),
const char *name,
dirinfo_type_t auth_type)
{
const or_options_t *options = get_options();
int authority = (auth_type == V1_DIRINFO && authdir_mode_v1(options));
if (!authority || authdir_mode_bridge(options)) {
return cache_src;
} else {
/* We're authoritative. */
if (regenerate != NULL) {
if (dirty && dirty + DIR_REGEN_SLACK_TIME < time(NULL)) {
if (!(auth_src = regenerate())) {
log_err(LD_BUG, "Couldn't generate %s?", name);
exit(1);
}
} else {
log_info(LD_DIRSERV, "The %s is still clean; reusing.", name);
}
}
return auth_src ? auth_src : cache_src;
}
}
/** Return the most recently generated encoded signed v1 directory,
* generating a new one as necessary. If not a v1 authoritative directory
* may return NULL if no directory is yet cached. */
cached_dir_t *
dirserv_get_directory(void)
{
return dirserv_pick_cached_dir_obj(cached_directory, the_directory,
the_directory_is_dirty,
dirserv_regenerate_directory,
"v1 server directory", V1_DIRINFO);
}
/** Only called by v1 auth dirservers.
* Generate a fresh v1 directory; set the_directory and return a pointer
* to the new value.
*/
static cached_dir_t *
dirserv_regenerate_directory(void)
{
/* XXXX 024 Get rid of this function if we can confirm that nobody's
* fetching these any longer */
char *new_directory=NULL;
if (dirserv_dump_directory_to_string(&new_directory,
get_server_identity_key())) {
log_warn(LD_BUG, "Error creating directory.");
tor_free(new_directory);
return NULL;
}
cached_dir_decref(the_directory);
the_directory = new_cached_dir(new_directory, time(NULL));
log_info(LD_DIRSERV,"New directory (size %d) has been built.",
(int)the_directory->dir_len);
log_debug(LD_DIRSERV,"New directory (size %d):\n%s",
(int)the_directory->dir_len, the_directory->dir);
the_directory_is_dirty = 0;
/* Save the directory to disk so we re-load it quickly on startup.
*/
dirserv_set_cached_directory(the_directory->dir, time(NULL));
return the_directory;
}
/** Only called by v1 auth dirservers.
* Replace the current running-routers list with a newly generated one. */
static cached_dir_t *
generate_runningrouters(void)
{
char *s=NULL;
char digest[DIGEST_LEN];
char published[ISO_TIME_LEN+1];
size_t len;
crypto_pk_t *private_key = get_server_identity_key();
char *identity_pkey; /* Identity key, DER64-encoded. */
size_t identity_pkey_len;
if (crypto_pk_write_public_key_to_string(private_key,&identity_pkey,
&identity_pkey_len)<0) {
log_warn(LD_BUG,"write identity_pkey to string failed!");
goto err;
}
format_iso_time(published, time(NULL));
len = 2048;
s = tor_malloc_zero(len);
tor_snprintf(s, len,
"network-status\n"
"published %s\n"
"router-status %s\n"
"dir-signing-key\n%s"
"directory-signature %s\n",
published, "", identity_pkey,
get_options()->Nickname);
tor_free(identity_pkey);
if (router_get_runningrouters_hash(s,digest)) {
log_warn(LD_BUG,"couldn't compute digest");
goto err;
}
note_crypto_pk_op(SIGN_DIR);
if (router_append_dirobj_signature(s, len, digest, DIGEST_LEN,
private_key)<0)
goto err;
set_cached_dir(&the_runningrouters, s, time(NULL));
runningrouters_is_dirty = 0;
return &the_runningrouters;
err:
tor_free(s);
return NULL;
}
/** Set *<b>rr</b> to the most recently generated encoded signed
* running-routers list, generating a new one as necessary. Return the
* size of the directory on success, and 0 on failure. */
cached_dir_t *
dirserv_get_runningrouters(void)
{
return dirserv_pick_cached_dir_obj(
&cached_runningrouters, &the_runningrouters,
runningrouters_is_dirty,
generate_runningrouters,
"v1 network status list", V1_DIRINFO);
}
/** Return the latest downloaded consensus networkstatus in encoded, signed,
* optionally compressed format, suitable for sending to clients. */
cached_dir_t *
@ -3733,11 +3480,6 @@ dirserv_free_all(void)
{
dirserv_free_fingerprint_list();
cached_dir_decref(the_directory);
clear_cached_dir(&the_runningrouters);
cached_dir_decref(cached_directory);
clear_cached_dir(&cached_runningrouters);
strmap_free(cached_consensuses, free_cached_dir_);
cached_consensuses = NULL;

3
src/or/dirserv.h
View File

@ -62,9 +62,6 @@ int directory_permits_begindir_requests(const or_options_t *options);
int directory_too_idle_to_fetch_descriptors(const or_options_t *options,
time_t now);
void directory_set_dirty(void);
cached_dir_t *dirserv_get_directory(void);
cached_dir_t *dirserv_get_runningrouters(void);
cached_dir_t *dirserv_get_consensus(const char *flavor_name);
void dirserv_set_cached_consensus_networkstatus(const char *consensus,
const char *flavor_name,

5
src/or/or.h
View File

@ -2586,9 +2586,6 @@ typedef struct authority_cert_t {
*/
typedef enum {
NO_DIRINFO = 0,
/** Serves/signs v1 directory information: Big lists of routers, and short
* routerstatus documents. */
V1_DIRINFO = 1 << 0,
/** Serves/signs v3 directory information: votes, consensuses, certs */
V3_DIRINFO = 1 << 2,
/** Serves bridge descriptors. */
@ -3494,8 +3491,6 @@ typedef struct {
int AssumeReachable; /**< Whether to publish our descriptor regardless. */
int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
int V1AuthoritativeDir; /**< Boolean: is this an authoritative directory
* for version 1 directories? */
int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory
* for version 3 directories? */
int NamingAuthoritativeDir; /**< Boolean: is this an authoritative directory

16
src/or/router.c
View File

@ -961,8 +961,7 @@ init_keys(void)
}
/* 6b. [authdirserver only] add own key to approved directories. */
crypto_pk_get_digest(get_server_identity_key(), digest);
type = ((options->V1AuthoritativeDir ? V1_DIRINFO : NO_DIRINFO) |
(options->V3AuthoritativeDir ?
type = ((options->V3AuthoritativeDir ?
(V3_DIRINFO|MICRODESC_DIRINFO|EXTRAINFO_DIRINFO) : NO_DIRINFO) |
(options->BridgeAuthoritativeDir ? BRIDGE_DIRINFO : NO_DIRINFO));
@ -1283,14 +1282,6 @@ authdir_mode(const or_options_t *options)
{
return options->AuthoritativeDir != 0;
}
/** Return true iff we believe ourselves to be a v1 authoritative
* directory server.
*/
int
authdir_mode_v1(const or_options_t *options)
{
return authdir_mode(options) && options->V1AuthoritativeDir != 0;
}
/** Return true iff we believe ourselves to be a v3 authoritative
* directory server.
*/
@ -1299,12 +1290,11 @@ authdir_mode_v3(const or_options_t *options)
{
return authdir_mode(options) && options->V3AuthoritativeDir != 0;
}
/** Return true iff we are a v1 or v3 directory authority. */
/** Return true iff we are a v3 directory authority. */
int
authdir_mode_any_main(const or_options_t *options)
{
return options->V1AuthoritativeDir ||
options->V3AuthoritativeDir;
return options->V3AuthoritativeDir;
}
/** Return true if we believe ourselves to be any kind of
* authoritative directory beyond just a hidserv authority. */

1
src/or/router.h
View File

@ -50,7 +50,6 @@ void router_perform_bandwidth_test(int num_circs, time_t now);
int net_is_disabled(void);
int authdir_mode(const or_options_t *options);
int authdir_mode_v1(const or_options_t *options);
int authdir_mode_v3(const or_options_t *options);
int authdir_mode_any_main(const or_options_t *options);
int authdir_mode_any_nonhidserv(const or_options_t *options);

2
src/or/routerlist.c
View File

@ -3414,7 +3414,6 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
}
directory_set_dirty();
*msg = authdir_believes_valid ? "Valid server updated" :
("Invalid server updated. (This dirserver is marking your "
"server as unapproved.)");
@ -3436,7 +3435,6 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
}
directory_set_dirty();
return ROUTER_ADDED_SUCCESSFULLY;
}

11
src/or/routerparse.c
View File

@ -603,17 +603,6 @@ router_get_router_hash(const char *s, size_t s_len, char *digest)
DIGEST_SHA1);
}
/** Set <b>digest</b> to the SHA-1 digest of the hash of the running-routers
* string in <b>s</b>. Return 0 on success, -1 on failure.
*/
int
router_get_runningrouters_hash(const char *s, char *digest)
{
return router_get_hash_impl(s, strlen(s), digest,
"network-status","\ndirectory-signature", '\n',
DIGEST_SHA1);
}
/** Set <b>digests</b> to all the digests of the consensus document in
* <b>s</b> */
int

1
src/or/routerparse.h
View File

@ -14,7 +14,6 @@
int router_get_router_hash(const char *s, size_t s_len, char *digest);
int router_get_dir_hash(const char *s, char *digest);
int router_get_runningrouters_hash(const char *s, char *digest);
int router_get_networkstatus_v3_hashes(const char *s, digests_t *digests);
int router_get_extrainfo_hash(const char *s, size_t s_len, char *digest);
#define DIROBJ_MAX_SIG_LEN 256