nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 14:23:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Have reason string for serverdesc post requests contain actual serverdesc status. Also fix return values of dirserv_add_descriptor to work as advertised.

Browse Source 
svn:r3391
This commit is contained in:
Nick Mathewson 2005-01-20 20:18:32 +00:00
parent 362d89fb62
commit fd41cbcadf
5 changed files with 33 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/or/directory.c
View File

@ -976,19 +976,20 @@ directory_handle_command_post(connection_t *conn, char *headers,
log_fn(LOG_INFO,"rewritten url as '%s'.", url);
if (!strcmp(url,"/tor/")) { /* server descriptor post */
const char *msg;
cp = body;
switch (dirserv_add_descriptor(&cp)) {
switch (dirserv_add_descriptor(&cp, &msg)) {
case -1:
/* malformed descriptor, or something wrong */
write_http_status_line(conn, 400, "Malformed or unacceptable server descriptor");
write_http_status_line(conn, 400, msg?msg:"Malformed or unacceptable server descriptor");
break;
case 0:
/* descriptor was well-formed but server has not been approved */
write_http_status_line(conn, 200, "Unverified server descriptor accepted. Have you mailed us your key fingerprint? Are you using the right key?");
write_http_status_line(conn, 200, msg?msg:"Unverified server descriptor accepted");
break;
case 1:
dirserv_get_directory(&cp, 0); /* rebuild and write to disk */
write_http_status_line(conn, 200, "Verified server descriptor accepted");
write_http_status_line(conn, 200, msg?msg:"Verified server descriptor accepted");
break;
}
tor_free(url);

29
src/or/dirserv.c
View File

@ -307,14 +307,16 @@ dirserv_router_has_valid_address(routerinfo_t *ri)
/** Parse the server descriptor at *desc and maybe insert it into the
* list of server descriptors, and (if the descriptor is well-formed)
* advance *desc immediately past the descriptor's end.
* advance *desc immediately past the descriptor's end. Set msg to a
* message that should be passed back to the origin of this descriptor, or
* to NULL.
*
* Return 1 if descriptor is well-formed and accepted;
* 0 if well-formed and server is unapproved;
* -1 if not well-formed or other error.
*/
int
dirserv_add_descriptor(const char **desc)
dirserv_add_descriptor(const char **desc, const char **msg)
{
descriptor_entry_t *ent = NULL;
routerinfo_t *ri = NULL;
@ -325,7 +327,8 @@ dirserv_add_descriptor(const char **desc)
size_t desc_len;
time_t now;
int verified=1; /* whether we knew its fingerprint already */
tor_assert(msg);
*msg = NULL;
if (!descriptor_list)
descriptor_list = smartlist_create();
@ -349,15 +352,17 @@ dirserv_add_descriptor(const char **desc)
tor_free(desc_tmp);
if (!ri) {
log(LOG_WARN, "Couldn't parse descriptor");
*msg = "Rejected: Couldn't parse server descriptor.";
return -1;
}
/* Okay. Now check whether the fingerprint is recognized. */
r = dirserv_router_fingerprint_is_known(ri);
if (r==-1) {
log_fn(LOG_WARN, "Known nickname '%s', wrong fingerprint. Not adding.", ri->nickname);
*msg = "Rejected: There is already a verified server with this nickname and a different fingerprint.";
routerinfo_free(ri);
*desc = end;
return 0;
return -1;
}
if (r==0) {
char fp[FINGERPRINT_LEN+1];
@ -374,21 +379,24 @@ dirserv_add_descriptor(const char **desc)
now = time(NULL);
if (ri->published_on > now+ROUTER_ALLOW_SKEW) {
log_fn(LOG_NOTICE, "Publication time for nickname '%s' is too far in the future; possible clock skew. Not adding.", ri->nickname);
*msg = "Rejected: Your clock is set too far in the future, or your timezone is not correct.";
routerinfo_free(ri);
*desc = end;
return 0;
return -1;
}
if (ri->published_on < now-ROUTER_MAX_AGE) {
log_fn(LOG_NOTICE, "Publication time for router with nickname '%s' is too far in the past. Not adding.", ri->nickname);
*msg = "Rejected: Server is expired, or your clock is too far in the past, or your timezone is not correct.";
routerinfo_free(ri);
*desc = end;
return 0;
return -1;
}
if (dirserv_router_has_valid_address(ri) < 0) {
log_fn(LOG_NOTICE, "Router with nickname '%s' has invalid address '%s'. Not adding.", ri->nickname, ri->address);
*msg = "Rejected: Address is not an IP, or IP is a private address.";
routerinfo_free(ri);
*desc = end;
return 0;
return -1;
}
/* Do we already have an entry for this router? */
@ -404,6 +412,7 @@ dirserv_add_descriptor(const char **desc)
if (ent->published >= ri->published_on) {
/* We already have a newer or equal-time descriptor */
log_fn(LOG_INFO,"We already have a new enough desc for nickname '%s'. Not adding.",ri->nickname);
*msg = "We already have a newer descriptor.";
/* This isn't really an error; return success. */
routerinfo_free(ri);
*desc = end;
@ -411,11 +420,13 @@ dirserv_add_descriptor(const char **desc)
}
/* We don't have a newer one; we'll update this one. */
log_fn(LOG_INFO,"Dirserv updating desc for nickname '%s'",ri->nickname);
*msg = verified?"Verified server updated":"Unverified server updated (Have you sent us your key fingerprint?)";
free_descriptor_entry(ent);
smartlist_del_keeporder(descriptor_list, found);
} else {
/* Add at the end. */
log_fn(LOG_INFO,"Dirserv adding desc for nickname '%s'",ri->nickname);
*msg = verified?"Verified server added":"Unverified server added (Have you sent us your key fingerprint?)";
}
ent = tor_malloc(sizeof(descriptor_entry_t));
@ -477,12 +488,12 @@ directory_set_dirty()
int
dirserv_load_from_directory_string(const char *dir)
{
const char *cp = dir;
const char *cp = dir, *m;
while (1) {
cp = strstr(cp, "\nrouter ");
if (!cp) break;
++cp;
if (dirserv_add_descriptor(&cp) < 0) {
if (dirserv_add_descriptor(&cp,&m) < 0) {
return -1;
}
--cp; /*Back up to newline.*/

2
src/or/or.h
View File

@ -1349,7 +1349,7 @@ int dirserv_parse_fingerprint_file(const char *fname);
int dirserv_router_fingerprint_is_known(const routerinfo_t *router);
void dirserv_free_fingerprint_list(void);
const char *dirserv_get_nickname_by_digest(const char *digest);
int dirserv_add_descriptor(const char **desc);
int dirserv_add_descriptor(const char **desc, const char **msg);
int dirserv_load_from_directory_string(const char *dir);
void dirserv_free_descriptors(void);
void dirserv_remove_old_servers(int age);

6
src/or/router.c
View File

@ -315,13 +315,15 @@ int init_keys(void) {
return -1;
}
if (authdir_mode(options)) {
const char *m;
/* We need to add our own fingerprint so it gets recognized. */
if (dirserv_add_own_fingerprint(options->Nickname, get_identity_key())) {
log_fn(LOG_ERR, "Error adding own fingerprint to approved set");
return -1;
}
if (dirserv_add_descriptor(&tmp) != 1) {
log(LOG_ERR, "Unable to add own descriptor to directory.");
if (dirserv_add_descriptor(&tmp, &m) != 1) {
log(LOG_ERR, "Unable to add own descriptor to directory: %s",
m?m:"<unknown error>");
return -1;
}
}

5
src/or/test.c
View File

@ -998,6 +998,7 @@ test_dir_format(void)
routerlist_t *dir1 = NULL, *dir2 = NULL;
tor_version_t ver1;
char *bw_lines = NULL;
const char *m;
test_assert( (pk1 = crypto_new_pk_env()) );
test_assert( (pk2 = crypto_new_pk_env()) );
@ -1158,10 +1159,10 @@ test_dir_format(void)
r2.published_on = time(NULL)-3*60*60;
test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
cp = buf;
test_eq(dirserv_add_descriptor((const char**)&cp), 1);
test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
test_assert(router_dump_router_to_string(buf, 2048, &r2, pk1)>0);
cp = buf;
test_eq(dirserv_add_descriptor((const char**)&cp), 1);
test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
get_options()->Nickname = tor_strdup("DirServer");
test_assert(!dirserv_dump_directory_to_string(&cp,pk3));
test_assert(!router_parse_routerlist_from_directory(cp, &dir1, pk3, 1, 0));