Commit Graph

990 Commits

Author SHA1 Message Date
rl1987
a6520ed537 Renaming ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN. 2014-11-11 20:56:40 +02:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates.
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
2014-10-28 15:30:16 -04:00
Nick Mathewson
d950e24332 Merge remote-tracking branch 'public/bug11243_squashed' 2014-10-13 14:32:43 -04:00
Nick Mathewson
a30594605e Treat unparseable (micro)descriptors and extrainfos as undownloadable
One pain point in evolving the Tor design and implementing has been
adding code that makes clients reject directory documents that they
previously would have accepted, if those descriptors actually exist.
When this happened, the clients would get the document, reject it,
and then decide to try downloading it again, ad infinitum.  This
problem becomes particularly obnoxious with authorities, since if
some authorities accept a descriptor that others don't, the ones
that don't accept it would go crazy trying to re-fetch it over and
over. (See for example ticket #9286.)

This patch tries to solve this problem by tracking, if a descriptor
isn't parseable, what its digest was, and whether it is invalid
because of some flaw that applies to the portion containing the
digest.  (This excludes RSA signature problems: RSA signatures
aren't included in the digest.  This means that a directory
authority can still put another directory authority into a loop by
mentioning a descriptor, and then serving that descriptor with an
invalid RSA signatures.  But that would also make the misbehaving
directory authority get DoSed by the server it's attacking, so it's
not much of an issue.)

We already have a mechanism to mark something undownloadable with
downloadstatus_mark_impossible(); we use that here for
microdescriptors, extrainfos, and router descriptors.

Unit tests to follow in another patch.

Closes ticket #11243.
2014-10-13 14:30:02 -04:00
Nick Mathewson
cd678ae790 Remove is_router_version_good_for_possible_guard()
The versions which this function would keep from getting the guard
flag are already blocked by the minimum version check.

Closes 13152.
2014-10-09 15:12:36 -04:00
teor
27f30040f6 Add TestingDirAuthVoteExit option (like TestingDirAuthVoteGuard)
Add the TestingDirAuthVoteExit option, a list of nodes to vote Exit for,
regardless of their uptime, bandwidth, or exit policy.

TestingTorNetwork must be set for this option to have any effect.

Works around an issue where authorities would take up to 35 minutes to
give nodes the Exit flag in a test network, despite short consensus
intervals. Partially implements ticket 13161.
2014-10-01 17:44:21 +10:00
teor
ff8fe38a2f Stop spurious clang shallow analysis null pointer errors
Avoid 4 null pointer errors under clang shallow analysis (the default when
building under Xcode) by using tor_assert() to prove that the pointers
aren't null. Resolves issue 13284 via minor code refactoring.
2014-09-28 20:51:23 -04:00
Nick Mathewson
1dc0d26b50 Clean up a clangalyzer warning in directory_remove_invalid
"At this point in the code, msg has been set to a string
constant. But the tor code checks that msg is not NULL, and the
redundant NULL check confuses the analyser[...] To avoid this
spurious warning, the patch initialises msg to NULL."

Patch from teor. another part of 13157.
2014-09-15 13:52:56 -04:00
George Kadianakis
01800ea1e4 Add unittests for finding the third quartile of a set. 2014-09-09 12:28:15 -04:00
Nick Mathewson
8e39395199 Merge remote-tracking branch 'asn/bug13064' 2014-09-09 12:26:16 -04:00
Sebastian Hahn
409a56281e Remove client-side bad directory logic
Implements the second half of #13060.
2014-09-09 11:54:20 -04:00
Sebastian Hahn
8099dee992 Remove dirauth support for the BadDirectory flag
Implements the first half of #13060. The second half will be to remove
client support, too.
2014-09-09 11:54:15 -04:00
Sebastian Hahn
607724c696 Remove support for naming directory authorities
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
2014-09-09 11:50:21 -04:00
George Kadianakis
0f50f5f373 Evaluate TestingDirAuthVoteGuard only after filling all rs elements. 2014-09-06 14:37:41 +03:00
Sebastian Hahn
8356721662 Fix add_fingerprint_to_dir() doc and signature
This function never returns non-null, but its usage doesn't reflect
that. Let's make it explicit. This will be mostly overridden by later
commits, so no changes file here.
2014-09-04 22:22:56 +02:00
Sebastian Hahn
10fe5bad9a Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
2014-09-04 06:25:38 +02:00
Sebastian Hahn
962765a35d Don't list relays w/ bw estimate of 0 in the consensus
This implements a feature from bug 13000. Instead of starting a bwauth
run with this wrong idea about their bw, relays should do the self-test
and then get measured.
2014-09-02 18:55:01 -04:00
Nick Mathewson
059e33de59 remove meaningless checks for chunks==NULL in dirserv stuff
Also, make it clearer that chunks cannot be NULL

[CID 1031750, 1031751]
2014-08-21 11:22:42 -04:00
Nick Mathewson
2bfd92d0d1 Apply coccinelle script to replace malloc(a*b)->calloc(a,b) 2014-08-13 10:39:56 -04:00
Roger Dingledine
eb3e0e3da3 Merge branch 'maint-0.2.5' 2014-07-24 16:30:50 -04:00
Roger Dingledine
a57c07b210 Raise guard threshold to top 25% or 2000 kilounits
Authorities now assign the Guard flag to the fastest 25% of the
network (it used to be the fastest 50%). Also raise the consensus
weight that guarantees the Guard flag from 250 to 2000. For the
current network, this results in about 1100 guards, down from 2500.
This step paves the way for moving the number of entry guards
down to 1 (proposal 236) while still providing reasonable expected
performance for most users.

Implements ticket 12690.
2014-07-24 16:24:17 -04:00
Matthew Finkel
43bba9541a Only active relays should be given HSDir
We should only assign a relay the HSDir flag if it is currently
considered valid. We can accomplish this by only considering active
relays, and as a consequence of this we also exclude relays that are
currently hibernating. Fixes #12573
2014-07-09 00:48:00 +00:00
dana koch
d6e6c63baf Quench clang's complaints with -Wshorten-64-to-32 when time_t is not long.
On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.
2014-05-11 23:36:00 -04:00
Nick Mathewson
6d39c8d156 Always finalize a zlib stream of server descriptors.
Possible fix for bug 11648.
2014-05-07 10:23:08 -04:00
Nick Mathewson
f0bce2dc35 Fix some harmless/untriggerable memory leaks found by coverity 2014-04-07 23:20:13 -04:00
Nick Mathewson
fc9e84062b Merge remote-tracking branch 'public/bug4645'
Conflicts:
	src/or/dirserv.c
2014-04-01 21:49:01 -04:00
Roger Dingledine
ddaeb4deee Be more lenient in our fix for bug 11149
There are still quite a few 0.2.3.2x relays running for x<5, and while I
agree they should upgrade, I don't think cutting them out of the network
is a net win on either side.
2014-03-23 02:53:08 -04:00
Nick Mathewson
f4e2c72bee Merge remote-tracking branch 'karsten/task-11070' 2014-03-23 00:18:48 -04:00
Karsten Loesing
7450403410 Take out remaining V1 directory code. 2014-03-18 10:40:10 +01:00
Nick Mathewson
a4b447604a Stop accepting 0.2.2 relay uploads for the consensus.
Resolves ticket 11149.
2014-03-06 09:38:35 -05:00
Nick Mathewson
f0b2dc83b6 Merge remote-tracking branch 'arma/ticket5528'
Conflicts:
	src/or/router.c
	src/test/test_dir.c
2014-03-05 12:44:40 -05:00
Nick Mathewson
b3a6907493 Remove a bunch of functions that were never called. 2014-02-15 15:33:34 -05:00
Nick Mathewson
dafed84dab Fixes for bug4645 fix. 2014-02-03 14:31:31 -05:00
rl1987
e82e772f2b Using proper functions to create tor_addr_t. 2014-02-03 14:20:24 -05:00
rl1987
3a4b24c3ab Removing is_internal_IP() function. Resolves ticket 4645. 2014-02-03 14:20:17 -05:00
Karsten Loesing
00ec6e6af0 More fixes to rip out all of the v2 directory code.
(This was a squash commit, but I forgot to squash it. Sorry! --Nick)
2014-02-03 13:34:30 -05:00
Nick Mathewson
3193cbe2ba Rip out all of the v2 directory code.
The remaining vestige is that we continue to publish the V2dir flag,
and that, for the controller, we continue to emit v2 directory
formats when requested.
2014-01-29 15:17:05 -05:00
Matthew Finkel
b36f93a671 A Bridge Authority should compute flag thresholds
As a bridge authority, before we create our networkstatus document, we
should compute the thresholds needed for the various status flags
assigned to each bridge based on the status of all other bridges. We
then add these thresholds to the networkstatus document for easy access.
Fixes for #1117 and #9859.
2013-10-21 17:49:33 +00:00
Linus Nordberg
fab8fd2c18 Add TestingDirAuthVoteGuard option for specifying relays to vote Guard on.
Addresses ticket 9206.
2013-10-07 13:33:42 +02:00
Nick Mathewson
a3e0a87d95 Completely refactor how FILENAME_PRIVATE works
We previously used FILENAME_PRIVATE identifiers mostly for
identifiers exposed only to the unit tests... but also for
identifiers exposed to the benchmarker, and sometimes for
identifiers exposed to a similar module, and occasionally for no
really good reason at all.

Now, we use FILENAME_PRIVATE identifiers for identifiers shared by
Tor and the unit tests.  They should be defined static when we
aren't building the unit test, and globally visible otherwise. (The
STATIC macro will keep us honest here.)

For identifiers used only by the unit tests and never by Tor at all,
on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS.

This is not the motivating use case for the split test/non-test
build system; it's just a test example to see how it works, and to
take a chance to clean up the code a little.
2013-07-10 15:20:10 -04:00
Nick Mathewson
45424b2ca1 Merge remote-tracking branch 'linus/bug8532' 2013-06-13 12:42:49 -04:00
Nick Mathewson
2949849143 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 09:43:53 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL
This is another fix to try to mitigate recurrences of 8031/8822.
2013-06-12 12:12:11 -04:00
Linus Nordberg
4d54b9774d Add support for offsetting the voting interval in order to bootstrap faster.
A new option TestingV3AuthVotingStartOffset is added which offsets the
starting time of the voting interval. This is possible only when
TestingTorNetwork is set.

This patch makes run_scheduled_events() check for new consensus
downloads every second when TestingTorNetwork, instead of every
minute. This should be fine, see #8532 for reasoning.

This patch also brings MIN_VOTE_SECONDS and MIN_DIST_SECONDS down from
20 to 2 seconds, unconditionally. This makes sanity checking of
misconfiguration slightly less sane.

Addresses #8532.
2013-06-08 15:25:32 +02:00
Andrea Shepard
9c58905a2b Merge branch 'maint-0.2.4' into master 2013-05-07 02:24:08 -07:00
Nick Mathewson
a1d7f7ea50 Use a clearer idiom for node identity in router_counts_toward_thresholds 2013-05-05 18:55:19 -04:00
Nick Mathewson
139d367f29 Fix 8833: crash bug from using NULL node->ri in dirserv.c
It appears that moria1 crashed because of one instance of this (the
one in router_counts_toward_thresholds).  The other instance I fixed
won't actually have broken anything, but I think it's more clear this
way.

Fixes bug 8833; bugfix on 0.2.4.12-alpha.
2013-05-05 18:52:53 -04:00
Nick Mathewson
6defb10d72 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-18 22:45:12 -04:00
Nick Mathewson
b933360ee8 Add a boolean to flag-thresholds for "we have enough measured bandwidth"
Implements #8711.
2013-04-18 22:43:52 -04:00
Nick Mathewson
da30adcf0f Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/common/crypto.c
2013-04-18 11:16:05 -04:00
Nick Mathewson
8362f8854a Merge branch 'less_charbuf_rebased' into maint-0.2.4
Conflicts:
	src/or/dirserv.c
	src/or/dirserv.h
	src/test/test_dir.c
2013-04-18 11:13:36 -04:00
Nick Mathewson
0f83fcc5c2 Add a quick-and-dirty-test for generate_v2_networkstatus.
It sure is a good thing we can run each test in its own process, or
else the amount of setup I needed to do to make this thing work
would have broken all the other tests.

Test mocking would have made this easier to write too.
2013-04-18 11:04:58 -04:00
Nick Mathewson
cb75519bbf Refactor dirobj signature generation
Now we can compute the hash and signature of a dirobj before
concatenating the smartlist, and we don't need to play silly games
with sigbuf and realloc any more.
2013-04-18 11:04:57 -04:00
Nick Mathewson
1186628fa9 Refactor v2 networkstatus generation to avoid buffer-style 2013-04-18 11:04:56 -04:00
Nick Mathewson
9246a7ca58 Refactor routerstatus_format_entry to avoid character-buffers 2013-04-18 11:04:56 -04:00
Nick Mathewson
d34d0b4dc5 Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/or/dirserv.c
2013-04-14 21:57:56 -04:00
Nick Mathewson
f3ae628517 Remove a now-empty if body; invert the sense of its condition 2013-04-14 21:47:29 -04:00
Nick Mathewson
c4de828923 Remvoe total_bandwidth and total_exit_bandwidth as unused. 2013-04-14 21:47:29 -04:00
Nick Mathewson
52cadff0d6 Rename all fields which measure bw in kb to end with _kb 2013-04-14 21:45:05 -04:00
Nick Mathewson
49696786fb Fix some KB/B confusion in flag threshold minima. 2013-04-14 21:43:50 -04:00
Roger Dingledine
9a4e9b4a80 fix trivial typo 2013-04-12 04:27:10 -04:00
Nick Mathewson
265a7ebca6 Use credible_bandwidth uniformly in setting/using fast_bandwidth
We were using credible_bandwidth to build the fast_bandwidth
threshold, but comparing it to bandwidth_for_router.
2013-04-11 10:36:46 -04:00
Nick Mathewson
ec4ee3197f Use correct units for dirserv_get_{credible_bandwidth,bandwidth_for_router}
We were mixing bandwidth file entries (which are in kilobytes) with
router_get_advertised_bw() entries, which were in bytes.

Also, use router_get_advertised_bandwidth_capped() for credible_bandwidth.
2013-04-11 10:26:17 -04:00
Andrea Shepard
5c5198e713 Set default minimum bandwidth for exit flag to zero for TestingTorNetwork 2013-03-20 11:16:41 -07:00
Nick Mathewson
a660fe6fd5 Let testing networks override ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG
This adds a new option to fix bug 8508 which broke chutney
networks. The bug was introduced by 317d16de.
2013-03-20 13:34:57 -04:00
Nick Mathewson
aa4fcc4f13 Merge remote-tracking branch 'public/bug6164' into maint-0.2.4 2013-03-18 15:45:49 -04:00
Andrea Shepard
0164f16f70 Improve comment for routers_with_measured_bw static var in dirserv.c 2013-03-18 12:04:41 -07:00
Andrea Shepard
e9bdb695e8 Improve comment on router_counts_toward_thresholds() 2013-03-18 11:58:30 -07:00
Andrea Shepard
d64e5969f4 Add dirserv_has_measured_bw() predicate wrapper for dirserv_query_measured_bw_cache() 2013-03-18 11:56:42 -07:00
Andrea Shepard
f93f7e331b Ignore advertised bandwidths if we have enough measured bandwidths available 2013-03-18 11:15:21 -07:00
Andrea Shepard
8027ebb5fd Better comment for dirserv_query_measured_bw_cache() 2013-03-07 15:59:30 -08:00
Andrea Shepard
b522434834 Use DIGESTMAP_FOREACH_MODIFY in dirserv_expire_measured_bw_cache() for concision 2013-03-07 15:55:01 -08:00
Andrea Shepard
6e978ab829 Add unit test for dirserv measured bandwidth cache 2013-03-07 15:41:22 -08:00
Andrea Shepard
302d1dae6c Make sure expiry check in dirserv_expire_measured_bw_cache() works if time_t is unsigned 2013-03-07 05:10:54 -08:00
Andrea Shepard
c7947619df More constness in dirserv.c 2013-03-07 05:05:56 -08:00
Andrea Shepard
75eb79a6aa Make dirserv_cache_measured_bw() use a const measured_bw_line_t * 2013-03-07 03:42:14 -08:00
Andrea Shepard
0efe96cae8 Call dirserv_clear_measured_bw_cache() from dirserv_free_all() 2013-03-05 13:11:43 -08:00
Andrea Shepard
b5a164bde4 Prefer measured bandwidths over advertised when computing things for votes on a dirauth 2013-02-27 19:43:50 -08:00
Nick Mathewson
5d2b2b9ede Clear up a comment about when an assertion could fire
Resolves ticket 6164
2013-02-19 16:23:58 -05:00
Nick Mathewson
b0b0d6af63 Merge branch 'bug2286_unit_test_squashed' 2013-02-19 14:54:05 -05:00
Nick Mathewson
6170bc5a93 Refactor storing of measured_bw versus Unmeasured=1.
This patch moves the measured_bw field and the has_measured_bw field
into vote_routerstatus_t, since only votes have 'Measured=XX' set on
their weight line.

I also added a new bw_is_unmeasured flag to routerstatus_t to
represent the Unmeasured=1 flag on a w line.  Previously, I was using
has_measured_bw for this, which was quite incorrect: has_measured_bw
means that the measured_bw field is set, and it's probably a mistake
to have it serve double duty as meaning that 'baandwidth' represents a
measured value.

While making this change,I also found a harmless but stupid bug in
dirserv_read_measured_bandwidths: It assumes that it's getting a
smartlist of routerstatus_t, when really it's getting a smartlist of
vote_routerstatus_t.  C's struct layout rules mean that we could never
actually get an error because of that, but it's still quite incorrect.
I fixed that, and in the process needed to add two more sorting and
searching helpers.

Finally, I made the Unmeasured=1 flag get parsed.  We don't use it for
anything yet, but someday we might.

This isn't complete yet -- the new 2286 unit test doesn't build.
2013-02-19 11:06:24 -05:00
Nick Mathewson
01184f164f Merge remote-tracking branch 'public/bug8158' 2013-02-11 13:32:38 -05:00
Roger Dingledine
92ea0b86de Refactor resolve_my_address() so logs are more accurate / helpful
It returns the method by which we decided our public IP address
(explicitly configured, resolved from explicit hostname, guessed from
interfaces, learned by gethostname).

Now we can provide more helpful log messages when a relay guesses its IP
address incorrectly (e.g. due to unexpected lines in /etc/hosts). Resolves
ticket 2267.

While we're at it, stop sending a stray "(null)" in some cases for the
server status "EXTERNAL_ADDRESS" controller event. Resolves bug 8200.
2013-02-11 13:29:56 -05:00
Roger Dingledine
e1ec03f819 use router->addr for log messages and controller events
(rather than router->address)
2013-02-09 21:10:07 -05:00
Roger Dingledine
99185397de Stop checking if ri->address is an IP
since router_parse_entry_from_string() already checks whether
!tor_inet_aton(router->address, &in)

(And no need to print address, since router_describe does that.)
2013-02-09 20:49:11 -05:00
Nick Mathewson
194bd56c8a Refactor generating the m lines in a vote into its own function 2013-02-08 11:52:51 -05:00
Nick Mathewson
cd4ad45ba3 Include a flag-thresholds line in each vote to describe flag cutoffs
Implements ticket 8151.
2013-02-04 13:44:05 -05:00
Nick Mathewson
4eff8b6530 When we mark a node as a sybil, mark it down and reset its uptime to 0
This prevents bug 8147, where such nodes would accrue points towards
Guard, Fast, HSDir, and so on.

Fixes bug 8147.
2013-02-04 11:11:54 -05:00
Nick Mathewson
61995d3e2c Ignore tiny bandwidths entirely when computing thresholds
Another bug 8145 fix.
2013-02-04 10:47:08 -05:00
Nick Mathewson
317d16de04 Increase the minimum value for the Fast flag to 4096.
Fix for 8145.
2013-02-04 10:41:25 -05:00
Nick Mathewson
8be7f69f8d Refactor should-count-towards-thresholds test into new function 2013-02-04 10:22:45 -05:00
Nick Mathewson
40c13240c0 When computing performance thresholds, ignore omitted-as-sybil nodes.
Fixes bug 8146.
2013-02-04 10:19:26 -05:00
Nick Mathewson
a141430ec3 Rename log() to tor_log() for logging
This is meant to avoid conflict with the built-in log() function in
math.h.  It resolves ticket 7599.  First reported by dhill.

This was generated with the following perl script:

 #!/usr/bin/perl -w -i -p

 s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g;

 s/\blog\(/tor_log\(/g;
2013-02-01 15:43:37 -05:00
Nick Mathewson
e4821fa14d Remove two extrneous semicolons in dirserv.c
In 6fbdf635 we added a couple of statements like:
    if (test) {
       ...
    };

The extraneous semicolons there get flagged as worrisome empty
statements by the cparser library, so let's fix them.

Patch by Christian Grothoff; fixes bug 7115.
2013-01-16 16:49:39 -05:00
Nick Mathewson
4da083db3b Update the copyright date to 201. 2013-01-16 01:54:56 -05:00
Nick Mathewson
b1bdecd703 Merge branch 'ntor-resquashed'
Conflicts:
	src/or/cpuworker.c
	src/or/or.h
	src/test/bench.c
2013-01-03 11:52:41 -05:00
Nick Mathewson
5b3dd1610c Wrangle curve25519 onion keys: generate, store, load, publish, republish
Here we try to handle curve25519 onion keys from generating them,
loading and storing them, publishing them in our descriptors, putting
them in microdescriptors, and so on.

This commit is untested and probably buggy like whoa
2013-01-02 14:11:14 -05:00
Nick Mathewson
b1ff8daeb5 Nuke uses of memcmp outside of unit tests
We want to be saying fast_mem{cmp,eq,neq} when we're doing a
comparison that's allowed to exit early, or tor_mem{cmp,eq,neq} when
we need a data-invariant timing.  Direct use of memcmp tends to imply
that we haven't thought about the issue.
2012-12-13 17:34:05 -05:00
Nick Mathewson
01ac961ca1 Merge branch 'fallback_dirsource_v3' 2012-12-13 12:42:29 -05:00