December 2015 - tor-commits - lists.torproject.org

[metrics-lib/master] Support (ntor-)onion-key crosscerts.
by karsten＠torproject.org 21 Dec '15

21 Dec '15

commit f4fca35135482979f85f7891b075b46a194ef37e Author: Karsten Loesing <karsten.loesing(a)gmx.net> Date: Wed Dec 16 16:09:17 2015 +0100 Support (ntor-)onion-key crosscerts. --- CHANGELOG.md | 2 + .../torproject/descriptor/ServerDescriptor.java | 17 +++++ .../descriptor/impl/ServerDescriptorImpl.java | 50 +++++++++++++- .../descriptor/impl/ServerDescriptorImplTest.java | 73 ++++++++++++++++++++ 4 files changed, 139 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bfda75e..73e9a1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,8 @@ - Include RSA-1024 signatures of SHA-1 digests of extra-info descriptors, which were parsed and discarded before. - Support hidden-service statistics in extra-info descriptors. + - Support onion-key and ntor-onion-key cross certificates in server + descriptors. # Changes in version 1.0.0 - 2015-12-05 diff --git a/src/org/torproject/descriptor/ServerDescriptor.java b/src/org/torproject/descriptor/ServerDescriptor.java index 3266e9d..49eaa92 100644 --- a/src/org/torproject/descriptor/ServerDescriptor.java +++ b/src/org/torproject/descriptor/ServerDescriptor.java @@ -174,5 +174,22 @@ public interface ServerDescriptor extends Descriptor { * the first space after the "router-sig-ed25519" string, prefixed with * the string "Tor router descriptor signature v1". */ public String getRouterSignatureEd25519(); + + /* Return an RSA signature, generated using the onion-key, that proves + * that the party creating the descriptor had control over the secret + * key corresponding to the onion-key, or null if the descriptor does + * not contain such a signature. */ + public String getOnionKeyCrosscert(); + + /* Return an Ed25519 signature, generated using the ntor-onion-key, that + * proves that the party creating the descriptor had control over the + * secret key corresponding to the ntor-onion-key, or null if the + * descriptor does not contain such a signature. */ + public String getNtorOnionKeyCrosscert(); + + /* Return the sign of the Ed25519 public key corresponding to the ntor + * onion key as 0 or 1, or -1 if the descriptor does not contain this + * information. */ + public int getNtorOnionKeyCrosscertSign(); } diff --git a/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java b/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java index 3dd6c40..1484866 100644 --- a/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java +++ b/src/org/torproject/descriptor/impl/ServerDescriptorImpl.java @@ -37,9 +37,9 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl + "hibernating,uptime,contact,family,read-history,write-history," + "eventdns,caches-extra-info,extra-info-digest," + "hidden-service-dir,protocols,allow-single-hop-exits,onion-key," - + "signing-key,ipv6-policy,ntor-onion-key,router-sig-ed25519," - + "router-signature,router-digest-sha256,router-digest"). - split(","))); + + "signing-key,ipv6-policy,ntor-onion-key,onion-key-crosscert," + + "ntor-onion-key-crosscert,router-sig-ed25519,router-signature," + + "router-digest-sha256,router-digest").split(","))); this.checkAtMostOnceKeywords(atMostOnceKeywords); this.checkFirstKeyword("router"); if (this.getKeywordCount("accept") == 0 && @@ -131,6 +131,12 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl this.parseMasterKeyEd25519Line(line, lineNoOpt, partsNoOpt); } else if (keyword.equals("router-sig-ed25519")) { this.parseRouterSigEd25519Line(line, lineNoOpt, partsNoOpt); + } else if (keyword.equals("onion-key-crosscert")) { + this.parseOnionKeyCrosscert(line, lineNoOpt, partsNoOpt); + nextCrypto = "onion-key-crosscert"; + } else if (keyword.equals("ntor-onion-key-crosscert")) { + this.parseNtorOnionKeyCrosscert(line, lineNoOpt, partsNoOpt); + nextCrypto = "ntor-onion-key-crosscert"; } else if (line.startsWith("-----BEGIN")) { cryptoLines = new ArrayList<String>(); cryptoLines.add(line); @@ -150,6 +156,10 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl } else if ("identity-ed25519".equals(nextCrypto)) { this.identityEd25519 = cryptoString; this.parseIdentityEd25519CryptoBlock(cryptoString); + } else if ("onion-key-crosscert".equals(nextCrypto)) { + this.onionKeyCrosscert = cryptoString; + } else if ("ntor-onion-key-crosscert".equals(nextCrypto)) { + this.ntorOnionKeyCrosscert = cryptoString; } else if (this.failUnrecognizedDescriptorLines) { throw new DescriptorParseException("Unrecognized crypto " + "block '" + cryptoString + "' in server descriptor."); @@ -534,6 +544,25 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl } } + private void parseOnionKeyCrosscert(String line, String lineNoOpt, + String[] partsNoOpt) throws DescriptorParseException { + if (partsNoOpt.length != 1) { + throw new DescriptorParseException("Illegal line '" + line + "'."); + } + } + + private void parseNtorOnionKeyCrosscert(String line, String lineNoOpt, + String[] partsNoOpt) throws DescriptorParseException { + if (partsNoOpt.length != 2) { + throw new DescriptorParseException("Illegal line '" + line + "'."); + } + try { + this.ntorOnionKeyCrosscertSign = Integer.parseInt(partsNoOpt[1]); + } catch (NumberFormatException e) { + throw new DescriptorParseException("Illegal line '" + line + "'."); + } + } + private void parseIdentityEd25519CryptoBlock(String cryptoString) throws DescriptorParseException { String masterKeyEd25519FromIdentityEd25519 = @@ -834,5 +863,20 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl public String getRouterSignatureEd25519() { return this.routerSignatureEd25519; } + + private String onionKeyCrosscert; + public String getOnionKeyCrosscert() { + return this.onionKeyCrosscert; + } + + private String ntorOnionKeyCrosscert; + public String getNtorOnionKeyCrosscert() { + return this.ntorOnionKeyCrosscert; + } + + private int ntorOnionKeyCrosscertSign = -1; + public int getNtorOnionKeyCrosscertSign() { + return ntorOnionKeyCrosscertSign; + } } diff --git a/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java index a98df9f..56f1419 100644 --- a/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java +++ b/test/org/torproject/descriptor/impl/ServerDescriptorImplTest.java @@ -104,6 +104,20 @@ public class ServerDescriptorImplTest { db.signingKeyLines = lines; return new RelayServerDescriptorImpl(db.buildDescriptor(), true); } + private String onionKeyCrosscertLines = null; + private static ServerDescriptor createWithOnionKeyCrosscertLines( + String lines) throws DescriptorParseException { + DescriptorBuilder db = new DescriptorBuilder(); + db.onionKeyCrosscertLines = lines; + return new RelayServerDescriptorImpl(db.buildDescriptor(), true); + } + private String ntorOnionKeyCrosscertLines = null; + private static ServerDescriptor createWithNtorOnionKeyCrosscertLines( + String lines) throws DescriptorParseException { + DescriptorBuilder db = new DescriptorBuilder(); + db.ntorOnionKeyCrosscertLines = lines; + return new RelayServerDescriptorImpl(db.buildDescriptor(), true); + } private String exitPolicyLines = "reject *:*"; private static ServerDescriptor createWithExitPolicyLines( String lines) throws DescriptorParseException { @@ -274,6 +288,12 @@ public class ServerDescriptorImplTest { if (this.signingKeyLines != null) { sb.append(this.signingKeyLines + "\n"); } + if (this.onionKeyCrosscertLines != null) { + sb.append(this.onionKeyCrosscertLines + "\n"); + } + if (this.ntorOnionKeyCrosscertLines != null) { + sb.append(this.ntorOnionKeyCrosscertLines + "\n"); + } if (this.exitPolicyLines != null) { sb.append(this.exitPolicyLines + "\n"); } @@ -1481,5 +1501,58 @@ public class ServerDescriptorImplTest { MASTER_KEY_ED25519_LINE, ROUTER_SIG_ED25519_LINE + "\n" + ROUTER_SIG_ED25519_LINE); } + + private static final String ONION_KEY_CROSSCERT_LINES = + "onion-key-crosscert\n" + + "-----BEGIN CROSSCERT-----\n" + + "gVWpiNgG2FekW1uonr4KKoqykjr4bqUBKGZfu6s9rvsV1TThnquZNP6ZhX2IPdQA" + + "\nlfKtzFggGu/4BiJ5oTSDj2sK2DMjY3rjrMQZ3I/wJ25yhc9gxjqYqUYO9MmJwA" + + "Lp\nfYkqp/t4WchJpyva/4hK8vITsI6eT2BfY/DWMy/suIE=\n" + + "-----END CROSSCERT-----"; + + private static final String NTOR_ONION_KEY_CROSSCERT_LINES = + "ntor-onion-key-crosscert 1\n" + + "-----BEGIN ED25519 CERT-----\n" + + "AQoABiUeAdauu1MxYGMmGLTCPaoes0RvW7udeLc1t8LZ4P3CDo5bAN4nrRfbCfOt" + + "\nz2Nwqn8tER1a+Ry6Vs+ilMZA55Rag4+f6Zdb1fmHWknCxbQlLHpqHACMtemPda" + + "Ka\nErPtMuiEqAc=\n" + + "-----END ED25519 CERT-----"; + + @Test() + public void testOnionKeyCrosscert() throws DescriptorParseException { + ServerDescriptor descriptor = + DescriptorBuilder.createWithOnionKeyCrosscertLines( + ONION_KEY_CROSSCERT_LINES); + assertEquals(ONION_KEY_CROSSCERT_LINES.substring( + ONION_KEY_CROSSCERT_LINES.indexOf("\n") + 1), + descriptor.getOnionKeyCrosscert()); + } + + @Test(expected = DescriptorParseException.class) + public void testOnionKeyCrosscertDuplicate() + throws DescriptorParseException { + DescriptorBuilder.createWithOnionKeyCrosscertLines( + ONION_KEY_CROSSCERT_LINES + "\n" + ONION_KEY_CROSSCERT_LINES); + } + + @Test() + public void testNtorOnionKeyCrosscert() + throws DescriptorParseException { + ServerDescriptor descriptor = + DescriptorBuilder.createWithNtorOnionKeyCrosscertLines( + NTOR_ONION_KEY_CROSSCERT_LINES); + assertEquals(NTOR_ONION_KEY_CROSSCERT_LINES.substring( + NTOR_ONION_KEY_CROSSCERT_LINES.indexOf("\n") + 1), + descriptor.getNtorOnionKeyCrosscert()); + assertEquals(1, descriptor.getNtorOnionKeyCrosscertSign()); + } + + @Test(expected = DescriptorParseException.class) + public void testNtorOnionKeyCrosscertDuplicate() + throws DescriptorParseException { + DescriptorBuilder.createWithOnionKeyCrosscertLines( + NTOR_ONION_KEY_CROSSCERT_LINES + "\n" + + NTOR_ONION_KEY_CROSSCERT_LINES); + } }

1 0

[tor-browser-bundle/hardened-builds] Bug 17875: Discourage editing of torrc-defaults.
by gk＠torproject.org 21 Dec '15

21 Dec '15

commit ac11a0c9cd84d0287ae85fb7357e55535e11f6a9 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Dec 21 12:03:13 2015 -0500 Bug 17875: Discourage editing of torrc-defaults. --- Bundle-Data/linux/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/windows/Data/Tor/torrc-defaults | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/Bundle-Data/linux/Data/Tor/torrc-defaults b/Bundle-Data/linux/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/linux/Data/Tor/torrc-defaults +++ b/Bundle-Data/linux/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults +++ b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/windows/Data/Tor/torrc-defaults b/Bundle-Data/windows/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/windows/Data/Tor/torrc-defaults +++ b/Bundle-Data/windows/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity]

1 0

[tor-browser-bundle/maint-5.0] Bug 17875: Discourage editing of torrc-defaults.
by gk＠torproject.org 21 Dec '15

21 Dec '15

commit 41b71527e0d64a3b14290a82c96014e663f8b93d Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Dec 21 12:03:13 2015 -0500 Bug 17875: Discourage editing of torrc-defaults. --- Bundle-Data/linux/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/windows/Data/Tor/torrc-defaults | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/Bundle-Data/linux/Data/Tor/torrc-defaults b/Bundle-Data/linux/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/linux/Data/Tor/torrc-defaults +++ b/Bundle-Data/linux/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults +++ b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/windows/Data/Tor/torrc-defaults b/Bundle-Data/windows/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/windows/Data/Tor/torrc-defaults +++ b/Bundle-Data/windows/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity]

1 0

[tor-browser-bundle/master] Bug 17875: Discourage editing of torrc-defaults.
by gk＠torproject.org 21 Dec '15

21 Dec '15

commit 940d6ea21668e99619185ef325be39223ffd93ac Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Dec 21 12:03:13 2015 -0500 Bug 17875: Discourage editing of torrc-defaults. --- Bundle-Data/linux/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults | 6 ++++++ Bundle-Data/windows/Data/Tor/torrc-defaults | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/Bundle-Data/linux/Data/Tor/torrc-defaults b/Bundle-Data/linux/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/linux/Data/Tor/torrc-defaults +++ b/Bundle-Data/linux/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults +++ b/Bundle-Data/mac/TorBrowser/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] diff --git a/Bundle-Data/windows/Data/Tor/torrc-defaults b/Bundle-Data/windows/Data/Tor/torrc-defaults index 4b91aae..0a87e5f 100644 --- a/Bundle-Data/windows/Data/Tor/torrc-defaults +++ b/Bundle-Data/windows/Data/Tor/torrc-defaults @@ -1,3 +1,9 @@ +# torrc-defaults for Tor Browser +# +# This file is distributed with Tor Browser and should not be modified (it +# may be overwritten during the next Tor Browser update). To customize your +# Tor configuration, shut down Tor Browser and edit the torrc file. +# # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity]

1 0

[tor/master] whoops; really fix the 32-bit builds
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit f2a5df252f3ba84f2bc98862fc35f9020ce78fd5 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Dec 21 13:10:10 2015 -0500 whoops; really fix the 32-bit builds --- src/or/config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/config.c b/src/or/config.c index 53f2c76..e3d6653 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -4102,7 +4102,7 @@ have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem, if (total_mem == 0) { if (get_total_system_memory(&total_mem) < 0) { total_mem = options->MaxMemInQueues >= SIZE_MAX ? - SIZE_MAX : options->MaxMemInQueues; + SIZE_MAX : (size_t)options->MaxMemInQueues; } } if (options->DirCache) {

1 0

[tor/master] Fix a couple of jenkins issues from 12538.
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit 8ede8d411a29450a746efdfb950c916b0058b497 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Dec 21 12:32:20 2015 -0500 Fix a couple of jenkins issues from 12538. --- src/or/config.c | 8 ++++++-- src/test/include.am | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index ce7adba..53f2c76 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -4097,9 +4097,13 @@ have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem, char **msg) { *msg = NULL; + /* XXX We should possibly be looking at MaxMemInQueues here + * unconditionally. Or we should believe total_mem unconditionally. */ if (total_mem == 0) { - if (get_total_system_memory(&total_mem) < 0) - total_mem = options->MaxMemInQueues; + if (get_total_system_memory(&total_mem) < 0) { + total_mem = options->MaxMemInQueues >= SIZE_MAX ? + SIZE_MAX : options->MaxMemInQueues; + } } if (options->DirCache) { if (total_mem < DIRCACHE_MIN_BANDWIDTH) { diff --git a/src/test/include.am b/src/test/include.am index 44a2d86..786fb77 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -193,6 +193,7 @@ noinst_HEADERS+= \ src/test/rend_test_helpers.h \ src/test/test.h \ src/test/test_helpers.h \ + src/test/test_dir_common.h \ src/test/test_descriptors.inc \ src/test/example_extrainfo.inc \ src/test/failing_routerdescs.inc \

1 0

[tor/master] Add new DirCache configuration option
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit 997f779a7f05540e5f564b4d121706c4a7069fb2 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Sun Feb 8 06:51:51 2015 +0000 Add new DirCache configuration option This will give relay operators the ability of disabling the caching of directory data. In general, this should not be necessary, but on some lower-resource systems it may beneficial. --- doc/tor.1.txt | 6 +++ src/or/config.c | 61 +++++++++++++++++++++++++ src/or/config.h | 2 + src/or/or.h | 4 ++ src/or/router.c | 4 +- src/test/test_options.c | 115 ++++++++++++++++++++++++++++++++++++++++++++--- 6 files changed, 186 insertions(+), 6 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index f173a97..021353d 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1987,6 +1987,12 @@ if DirPort is non-zero): except that port specifiers are ignored. Any address not matched by some entry in the policy is accepted. +[[DirCache]] **DirCache** **0**|**1**:: + When this option is set, Tor caches all current directory documents and + accepts client requests for them. Setting DirPort is not required for this, + because clients connect via the ORPort by default. Setting either DirPort + or BridgeRelay and setting DirCache to 0 is not supported. (Default: 1) + DIRECTORY AUTHORITY SERVER OPTIONS ---------------------------------- diff --git a/src/or/config.c b/src/or/config.c index 9ec47d2..f9cab9f 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -222,6 +222,7 @@ static config_var_t option_vars_[] = { V(DirPortFrontPage, FILENAME, NULL), VAR("DirReqStatistics", BOOL, DirReqStatistics_option, "1"), VAR("DirAuthority", LINELIST, DirAuthorities, NULL), + V(DirCache, BOOL, "1"), V(DirAuthorityFallbackRate, DOUBLE, "1.0"), V(DisableAllSwap, BOOL, "0"), V(DisableDebuggerAttachment, BOOL, "1"), @@ -3457,6 +3458,24 @@ options_validate(or_options_t *old_options, or_options_t *options, REJECT("AccountingRule must be 'sum' or 'max'"); } + if (options->DirPort_set && !options->DirCache) { + REJECT("DirPort configured but DirCache disabled. DirPort requires " + "DirCache."); + } + + if (options->BridgeRelay && !options->DirCache) { + REJECT("We're a bridge but DirCache is disabled. BridgeRelay requires " + "DirCache."); + } + + if (server_mode(options)) { + char *msg = NULL; + if (have_enough_mem_for_dircache(options, 0, &msg)) { + log_warn(LD_CONFIG, "%s", msg); + tor_free(msg); + } + } + if (options->HTTPProxy) { /* parse it now */ if (tor_addr_port_lookup(options->HTTPProxy, &options->HTTPProxyAddr, &options->HTTPProxyPort) < 0) @@ -4065,6 +4084,48 @@ compute_real_max_mem_in_queues(const uint64_t val, int log_guess) } } +/* If we have less than 300 MB suggest disabling dircache */ +#define DIRCACHE_MIN_MB_BANDWIDTH 300 +#define DIRCACHE_MIN_BANDWIDTH (DIRCACHE_MIN_MB_BANDWIDTH*ONE_MEGABYTE) +#define STRINGIFY(val) #val + +/** Create a warning message for emitting if we are a dircache but may not have + * enough system memory, or if we are not a dircache but probably should be. + * Return -1 when a message is returned in *msg*, else return 0. */ +STATIC int +have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem, + char **msg) +{ + *msg = NULL; + if (total_mem == 0) { + if (get_total_system_memory(&total_mem) < 0) + total_mem = options->MaxMemInQueues; + } + if (options->DirCache) { + if (total_mem < DIRCACHE_MIN_BANDWIDTH) { + if (options->BridgeRelay) { + *msg = strdup("Running a Bridge with less than " + STRINGIFY(DIRCACHE_MIN_MB_BANDWIDTH) " MB of memory is " + "not recommended."); + } else { + *msg = strdup("Being a directory cache (default) with less than " + STRINGIFY(DIRCACHE_MIN_MB_BANDWIDTH) " MB of memory is " + "not recommended and may consume most of the available " + "resources, consider disabling this functionality by " + "setting the DirCache option to 0."); + } + } + } else { + if (total_mem >= DIRCACHE_MIN_BANDWIDTH) { + *msg = strdup("DirCache is disabled and we are configured as a " + "relay. This may disqualify us from becoming a guard in the " + "future."); + } + } + return *msg == NULL ? 0 : -1; +} +#undef STRINGIFY + /** Helper: return true iff s1 and s2 are both NULL, or both non-NULL * equal strings. */ static int diff --git a/src/or/config.h b/src/or/config.h index bfdd169..6e08f9d 100644 --- a/src/or/config.h +++ b/src/or/config.h @@ -158,6 +158,8 @@ STATIC int parse_dir_authority_line(const char *line, dirinfo_type_t required_type, int validate_only); STATIC int parse_dir_fallback_line(const char *line, int validate_only); +STATIC int have_enough_mem_for_dircache(const or_options_t *options, + size_t total_mem, char **msg); #endif #endif diff --git a/src/or/or.h b/src/or/or.h index 3cb1e7d..89c5398 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3969,6 +3969,10 @@ typedef struct { /** Should we fetch our dir info at the start of the consensus period? */ int FetchDirInfoExtraEarly; + int DirCache; /**< Cache all directory documents and accept requests via + * tunnelled dir conns from clients. If 1, enabled (default); + * If 0, disabled. */ + char *VirtualAddrNetworkIPv4; /**< Address and mask to hand out for virtual * MAPADDRESS requests for IPv4 addresses */ char *VirtualAddrNetworkIPv6; /**< Address and mask to hand out for virtual diff --git a/src/or/router.c b/src/or/router.c index 1927cfd..5e4f855 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1176,7 +1176,9 @@ router_should_be_directory_server(const or_options_t *options, int dir_port) int dir_server_mode(const or_options_t *options) { - return (server_mode(options) || options->DirPort_set) && + if (!options->DirCache) + return 0; + return (server_mode(options) || options->DirPort_set) && router_should_be_directory_server(options, 0); } diff --git a/src/test/test_options.c b/src/test/test_options.c index a8ebadb..7e47f33 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -69,22 +69,29 @@ clear_log_messages(void) messages = NULL; } +#define setup_options(opt,dflt) \ + do { \ + opt = options_new(); \ + opt->command = CMD_RUN_TOR; \ + options_init(opt); \ + \ + dflt = config_dup(&options_format, opt); \ + clear_log_messages(); \ + } while (0) + static void test_options_validate_impl(const char *configuration, const char *expect_errmsg, int expect_log_severity, const char *expect_log) { - or_options_t *opt = options_new(); + or_options_t *opt=NULL; or_options_t *dflt; config_line_t *cl=NULL; char *msg=NULL; int r; - opt->command = CMD_RUN_TOR; - options_init(opt); - dflt = config_dup(&options_format, opt); - clear_log_messages(); + setup_options(opt, dflt); r = config_get_lines(configuration, &cl, 1); tt_int_op(r, OP_EQ, 0); @@ -159,12 +166,110 @@ test_options_validate(void *arg) "ServerTransportOptions did not parse", LOG_WARN, "\"slingsnappy\" is not a k=v"); + WANT_ERR("DirPort 8080\nDirCache 0", + "DirPort configured but DirCache disabled."); + WANT_ERR("BridgeRelay 1\nDirCache 0", + "We're a bridge but DirCache is disabled."); + clear_log_messages(); return; } +#define MEGABYTEIFY(mb) (U64_LITERAL(mb) << 20) +static void +test_have_enough_mem_for_dircache(void *arg) +{ + (void)arg; + or_options_t *opt=NULL; + or_options_t *dflt; + config_line_t *cl=NULL; + char *msg=NULL;; + int r; + const char *configuration = "ORPort 8080\nDirCache 1", *expect_errmsg; + + setup_options(opt, dflt); + setup_log_callback(); + (void)dflt; + + r = config_get_lines(configuration, &cl, 1); + tt_int_op(r, OP_EQ, 0); + + r = config_assign(&options_format, opt, cl, 0, 0, &msg); + tt_int_op(r, OP_EQ, 0); + + /* 300 MB RAM available, DirCache enabled */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg); + tt_int_op(r, OP_EQ, 0); + tt_assert(!msg); + + /* 200 MB RAM available, DirCache enabled */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg); + tt_int_op(r, OP_EQ, -1); + expect_errmsg = "Being a directory cache (default) with less than "; + if (!strstr(msg, expect_errmsg)) { + TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.", + expect_errmsg, configuration, msg)); + } + tor_free(msg); + + configuration = "ORPort 8080\nDirCache 1\nBridgeRelay 1"; + r = config_get_lines(configuration, &cl, 1); + tt_int_op(r, OP_EQ, 0); + + r = config_assign(&options_format, opt, cl, 0, 0, &msg); + tt_int_op(r, OP_EQ, 0); + + /* 300 MB RAM available, DirCache enabled, Bridge */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg); + tt_int_op(r, OP_EQ, 0); + tt_assert(!msg); + + /* 200 MB RAM available, DirCache enabled, Bridge */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg); + tt_int_op(r, OP_EQ, -1); + expect_errmsg = "Running a Bridge with less than "; + if (!strstr(msg, expect_errmsg)) { + TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.", + expect_errmsg, configuration, msg)); + } + tor_free(msg); + + configuration = "ORPort 8080\nDirCache 0"; + r = config_get_lines(configuration, &cl, 1); + tt_int_op(r, OP_EQ, 0); + + r = config_assign(&options_format, opt, cl, 0, 0, &msg); + tt_int_op(r, OP_EQ, 0); + + /* 200 MB RAM available, DirCache disabled */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(200), &msg); + tt_int_op(r, OP_EQ, 0); + tt_assert(!msg); + + /* 300 MB RAM available, DirCache disabled */ + r = have_enough_mem_for_dircache(opt, MEGABYTEIFY(300), &msg); + tt_int_op(r, OP_EQ, -1); + expect_errmsg = "DirCache is disabled and we are configured as a "; + if (!strstr(msg, expect_errmsg)) { + TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.", + expect_errmsg, configuration, msg)); + } + tor_free(msg); + + clear_log_messages(); + + done: + if (msg) + tor_free(msg); + tor_free(dflt); + tor_free(opt); + tor_free(cl); + return; +} + struct testcase_t options_tests[] = { { "validate", test_options_validate, TT_FORK, NULL, NULL }, + { "mem_dircache", test_have_enough_mem_for_dircache, TT_FORK, NULL, NULL }, END_OF_TESTCASES };

1 0

[tor/master] Authorities must set a router's V2Dir flag if it supports tunnelled reqs
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit 467d0919d26977322a9404a9f0c426ac67c475fb Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Tue Oct 28 17:12:52 2014 +0000 Authorities must set a router's V2Dir flag if it supports tunnelled reqs Partial implementation of prop 237, ticket 12538 --- src/or/dirserv.c | 3 ++- src/or/or.h | 8 ++++++++ src/or/routerparse.c | 15 +++++++++++++-- src/test/test_dir.c | 17 ++++++++++------- 4 files changed, 33 insertions(+), 10 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 39563c3..467c6e2 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1921,7 +1921,7 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version, rs->is_hs_dir?" HSDir":"", rs->is_flagged_running?" Running":"", rs->is_stable?" Stable":"", - (rs->dir_port!=0)?" V2Dir":"", + rs->is_v2_dir?" V2Dir":"", rs->is_valid?" Valid":""); /* length of "opt v \n" */ @@ -2185,6 +2185,7 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs, strlcpy(rs->nickname, ri->nickname, sizeof(rs->nickname)); rs->or_port = ri->or_port; rs->dir_port = ri->dir_port; + rs->is_v2_dir = ri->supports_tunnelled_dir_requests; if (options->AuthDirHasIPv6Connectivity == 1 && !tor_addr_is_null(&ri->ipv6_addr) && node->last_reachable6 >= now - REACHABLE_TIMEOUT) { diff --git a/src/or/or.h b/src/or/or.h index e621fe9..fe59124 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2147,6 +2147,11 @@ typedef struct { * tests for it. */ unsigned int needs_retest_if_added:1; + /** True iff this router included "tunnelled-dir-server" in its descriptor, + * implies it accepts tunnelled directory requests, or it advertised + * dir_port > 0. */ + unsigned int supports_tunnelled_dir_requests:1; + /** Tor can use this router for general positions in circuits; we got it * from a directory server as usual, or we're an authority and a server * uploaded it. */ @@ -2224,6 +2229,9 @@ typedef struct routerstatus_t { * an exit node. */ unsigned int is_hs_dir:1; /**< True iff this router is a v2-or-later hidden * service directory. */ + unsigned int is_v2_dir:1; /** True iff this router publishes an open DirPort + * or it claims to accept tunnelled dir requests. + */ /** True iff we know version info for this router. (i.e., a "v" entry was * included.) We'll replace all these with a big tor_version_t or a char[] * if the number of traits we care about ever becomes incredibly big. */ diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 3f794ad..fafba96 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -35,8 +35,9 @@ /****************************************************************************/ /** Enumeration of possible token types. The ones starting with K_ correspond - * to directory 'keywords'. ERR_ is an error in the tokenizing process, EOF_ - * is an end-of-file marker, and NIL_ is used to encode not-a-token. + * to directory 'keywords'. A_ is for an annotation, R or C is related to + * hidden services, ERR_ is an error in the tokenizing process, EOF_ is an + * end-of-file marker, and NIL_ is used to encode not-a-token. */ typedef enum { K_ACCEPT = 0, @@ -125,6 +126,7 @@ typedef enum { K_DIR_KEY_CERTIFICATION, K_DIR_KEY_CROSSCERT, K_DIR_ADDRESS, + K_DIR_TUNNELLED, K_VOTE_STATUS, K_VALID_AFTER, @@ -318,6 +320,7 @@ static token_rule_t routerdesc_token_table[] = { T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ), T1( "bandwidth", K_BANDWIDTH, GE(3), NO_OBJ ), A01("@purpose", A_PURPOSE, GE(1), NO_OBJ ), + T01("tunnelled-dir-server",K_DIR_TUNNELLED, NO_ARGS, NO_OBJ ), END_OF_TABLE }; @@ -1609,6 +1612,12 @@ router_parse_entry_from_string(const char *s, const char *end, router->wants_to_be_hs_dir = 1; } + /* This router accepts tunnelled directory requests via begindir if it has + * an open dirport or it included "tunnelled-dir-server". */ + if (find_opt_by_keyword(tokens, K_DIR_TUNNELLED) || router->dir_port > 0) { + router->supports_tunnelled_dir_requests = 1; + } + tok = find_by_keyword(tokens, K_ROUTER_SIGNATURE); note_crypto_pk_op(VERIFY_RTR); #ifdef COUNT_DISTINCT_DIGESTS @@ -2294,6 +2303,8 @@ routerstatus_parse_entry_from_string(memarea_t *area, rs->is_unnamed = 1; } else if (!strcmp(tok->args[i], "HSDir")) { rs->is_hs_dir = 1; + } else if (!strcmp(tok->args[i], "V2Dir")) { + rs->is_v2_dir = 1; } } } diff --git a/src/test/test_dir.c b/src/test/test_dir.c index ce639b6..ab802dc 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -1579,8 +1579,9 @@ gen_routerstatus_for_v3ns(int idx, time_t now) rs->addr = 0x99008801; rs->or_port = 443; rs->dir_port = 8000; - /* all flags but running cleared */ + /* all flags but running and v2dir cleared */ rs->is_flagged_running = 1; + rs->is_v2_dir = 1; break; case 1: /* Generate the second routerstatus. */ @@ -1598,7 +1599,7 @@ gen_routerstatus_for_v3ns(int idx, time_t now) tor_addr_copy(&rs->ipv6_addr, &addr_ipv6); rs->ipv6_orport = 4711; rs->is_exit = rs->is_stable = rs->is_fast = rs->is_flagged_running = - rs->is_valid = rs->is_possible_guard = 1; + rs->is_valid = rs->is_possible_guard = rs->is_v2_dir = 1; break; case 2: /* Generate the third routerstatus. */ @@ -1613,7 +1614,7 @@ gen_routerstatus_for_v3ns(int idx, time_t now) rs->or_port = 400; rs->dir_port = 9999; rs->is_authority = rs->is_exit = rs->is_stable = rs->is_fast = - rs->is_flagged_running = rs->is_valid = + rs->is_flagged_running = rs->is_valid = rs->is_v2_dir = rs->is_possible_guard = 1; break; case 3: @@ -1746,11 +1747,11 @@ test_vrs_for_v3ns(vote_routerstatus_t *vrs, int voter, time_t now) tt_assert(tor_addr_eq(&rs->ipv6_addr, &addr_ipv6)); tt_int_op(rs->ipv6_orport,OP_EQ, 4711); if (voter == 1) { - /* all except "authority" (1) and "v2dir" (64) */ - tt_u64_op(vrs->flags, OP_EQ, U64_LITERAL(190)); + /* all except "authority" (1) */ + tt_u64_op(vrs->flags, OP_EQ, U64_LITERAL(254)); } else { - /* 1023 - authority(1) - madeofcheese(16) - madeoftin(32) - v2dir(256) */ - tt_u64_op(vrs->flags, OP_EQ, U64_LITERAL(718)); + /* 1023 - authority(1) - madeofcheese(16) - madeoftin(32) */ + tt_u64_op(vrs->flags, OP_EQ, U64_LITERAL(974)); } } else if (tor_memeq(rs->identity_digest, "\x33\x33\x33\x33\x33\x33\x33\x33\x33\x33" @@ -1845,6 +1846,7 @@ test_routerstatus_for_v3ns(routerstatus_t *rs, time_t now) tt_assert(rs->is_stable); tt_assert(rs->is_flagged_running); tt_assert(rs->is_valid); + tt_assert(rs->is_v2_dir); tt_assert(!rs->is_named); /* XXXX check version */ } else { @@ -2965,6 +2967,7 @@ test_dir_fmt_control_ns(void *arg) rs.is_fast = 1; rs.is_flagged_running = 1; rs.has_bandwidth = 1; + rs.is_v2_dir = 1; rs.bandwidth_kb = 1000; s = networkstatus_getinfo_helper_single(&rs);

1 0

[tor/master] A relay now advertises "tunnelled-dir-server" in its descriptor
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit 1ceb7142a131bd8706663d2b3c27d66a2dcb2a46 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Tue Oct 28 22:01:06 2014 +0000 A relay now advertises "tunnelled-dir-server" in its descriptor When a relay does not have an open directory port but it has an orport configured and is accepting client connections then it can now service tunnelled directory requests, too. This was already true of relays with an dirport configured. We also conditionally stop advertising this functionality if the relay is nearing its bandwidth usage limit - same as how dirport advertisement is determined. Partial implementation of prop 237, ticket 12538 --- src/or/directory.c | 9 +++++ src/or/directory.h | 3 +- src/or/dirserv.c | 12 +++---- src/or/or.h | 2 +- src/or/router.c | 99 ++++++++++++++++++++++++++++++++++----------------- src/or/router.h | 1 + src/test/test_dir.c | 17 +++++++-- 7 files changed, 101 insertions(+), 42 deletions(-) diff --git a/src/or/directory.c b/src/or/directory.c index 8370095..31a7860 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -943,6 +943,15 @@ directory_initiate_command_rend(const tor_addr_t *_addr, log_debug(LD_DIR, "anonymized %d, use_begindir %d.", anonymized_connection, use_begindir); + if (!dir_port && !use_begindir) { + char ipaddr[TOR_ADDR_BUF_LEN]; + tor_addr_to_str(ipaddr, _addr, TOR_ADDR_BUF_LEN, 0); + log_warn(LD_BUG, "Cannot use directory server without dirport or " + "begindir! Address: %s, ORPort: %d, DirPort: %d", + escaped_safe_str_client(ipaddr), or_port, dir_port); + return; + } + log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose)); #ifndef NON_ANONYMOUS_MODE_ENABLED diff --git a/src/or/directory.h b/src/or/directory.h index 2644e57..28442b9 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -101,7 +101,8 @@ time_t download_status_increment_attempt(download_status_t *dls, * the optional status code <b>sc</b>. */ #define download_status_failed(dls, sc) \ download_status_increment_failure((dls), (sc), NULL, \ - get_options()->DirPort_set, time(NULL)) + dir_server_mode(get_options()), \ + time(NULL)) void download_status_reset(download_status_t *dls); static int download_status_is_ready(download_status_t *dls, time_t now, diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 467c6e2..fc6899b 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1091,13 +1091,13 @@ directory_fetches_from_authorities(const or_options_t *options) return 1; /* we don't know our IP address; ask an authority. */ refuseunknown = ! router_my_exit_policy_is_reject_star() && should_refuse_unknown_exits(options); - if (!options->DirPort_set && !refuseunknown) + if (!dir_server_mode(options) && !refuseunknown) return 0; if (!server_mode(options) || !advertised_server_mode()) return 0; me = router_get_my_routerinfo(); - if (!me || (!me->dir_port && !refuseunknown)) - return 0; /* if dirport not advertised, return 0 too */ + if (!me || (!me->supports_tunnelled_dir_requests && !refuseunknown)) + return 0; /* if we don't service directory requests, return 0 too */ return 1; } @@ -1128,7 +1128,7 @@ directory_fetches_dir_info_later(const or_options_t *options) int directory_caches_unknown_auth_certs(const or_options_t *options) { - return options->DirPort_set || options->BridgeRelay; + return dir_server_mode(options) || options->BridgeRelay; } /** Return 1 if we want to keep descriptors, networkstatuses, etc around @@ -1137,7 +1137,7 @@ directory_caches_unknown_auth_certs(const or_options_t *options) int directory_caches_dir_info(const or_options_t *options) { - if (options->BridgeRelay || options->DirPort_set) + if (options->BridgeRelay || dir_server_mode(options)) return 1; if (!server_mode(options) || !advertised_server_mode()) return 0; @@ -1153,7 +1153,7 @@ directory_caches_dir_info(const or_options_t *options) int directory_permits_begindir_requests(const or_options_t *options) { - return options->BridgeRelay != 0 || options->DirPort_set; + return options->BridgeRelay != 0 || dir_server_mode(options); } /** Return 1 if we have no need to fetch new descriptors. This generally diff --git a/src/or/or.h b/src/or/or.h index fe59124..3cb1e7d 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2148,7 +2148,7 @@ typedef struct { unsigned int needs_retest_if_added:1; /** True iff this router included "tunnelled-dir-server" in its descriptor, - * implies it accepts tunnelled directory requests, or it advertised + * implying it accepts tunnelled directory requests, or it advertised * dir_port > 0. */ unsigned int supports_tunnelled_dir_requests:1; diff --git a/src/or/router.c b/src/or/router.c index 49e2e31..1927cfd 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1099,39 +1099,25 @@ check_whether_dirport_reachable(void) can_reach_dir_port; } -/** Look at a variety of factors, and return 0 if we don't want to - * advertise the fact that we have a DirPort open. Else return the - * DirPort we want to advertise. - * - * Log a helpful message if we change our mind about whether to publish - * a DirPort. +/** The lower threshold of remaining bandwidth required to advertise directory + * services */ +/* XXX Should this be increased? */ +#define MIN_BW_TO_ADVERTISE_DIRSERVER 51200 + +/** Helper: Return 1 if we have sufficient resources for serving directory + * requests, return 0 otherwise. + * dir_port is either 0 or the configured DirPort number. + * If AccountingMax is set less than our advertised bandwidth, then don't + * serve requests. Likewise, if our advertised bandwidth is less than + * MIN_BW_TO_ADVERTISE_DIRSERVER, don't bother trying to serve requests. */ static int -decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) +router_should_be_directory_server(const or_options_t *options, int dir_port) { static int advertising=1; /* start out assuming we will advertise */ int new_choice=1; const char *reason = NULL; - /* Section one: reasons to publish or not publish that aren't - * worth mentioning to the user, either because they're obvious - * or because they're normal behavior. */ - - if (!dir_port) /* short circuit the rest of the function */ - return 0; - if (authdir_mode(options)) /* always publish */ - return dir_port; - if (net_is_disabled()) - return 0; - if (!check_whether_dirport_reachable()) - return 0; - if (!router_get_advertised_dir_port(options, dir_port)) - return 0; - - /* Section two: reasons to publish or not publish that the user - * might find surprising. These are generally config options that - * make us choose not to publish. */ - if (accounting_is_enabled(options)) { /* Don't spend bytes for directory traffic if we could end up hibernating, * but allow DirPort otherwise. Some people set AccountingMax because @@ -1158,10 +1144,9 @@ decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) new_choice = 0; reason = "AccountingMax enabled"; } -#define MIN_BW_TO_ADVERTISE_DIRPORT 51200 - } else if (options->BandwidthRate < MIN_BW_TO_ADVERTISE_DIRPORT || + } else if (options->BandwidthRate < MIN_BW_TO_ADVERTISE_DIRSERVER || (options->RelayBandwidthRate > 0 && - options->RelayBandwidthRate < MIN_BW_TO_ADVERTISE_DIRPORT)) { + options->RelayBandwidthRate < MIN_BW_TO_ADVERTISE_DIRSERVER)) { /* if we're advertising a small amount */ new_choice = 0; reason = "BandwidthRate under 50KB"; @@ -1169,15 +1154,61 @@ decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) if (advertising != new_choice) { if (new_choice == 1) { - log_notice(LD_DIR, "Advertising DirPort as %d", dir_port); + if (dir_port > 0) + log_notice(LD_DIR, "Advertising DirPort as %d", dir_port); + else + log_notice(LD_DIR, "Advertising directory service support"); } else { tor_assert(reason); - log_notice(LD_DIR, "Not advertising DirPort (Reason: %s)", reason); + log_notice(LD_DIR, "Not advertising Dir%s (Reason: %s)", + dir_port ? "Port" : "ectory Service support", reason); } advertising = new_choice; } - return advertising ? dir_port : 0; + return advertising; +} + +/** Return 1 if we are configured to accept either relay or directory requests + * from clients and we aren't at risk of exceeding our bandwidth limits, thus + * we should be a directory server. If not, return 0. + */ +int +dir_server_mode(const or_options_t *options) +{ + return (server_mode(options) || options->DirPort_set) && + router_should_be_directory_server(options, 0); +} + +/** Look at a variety of factors, and return 0 if we don't want to + * advertise the fact that we have a DirPort open, else return the + * DirPort we want to advertise. + * + * Log a helpful message if we change our mind about whether to publish + * a DirPort. + */ +static int +decide_to_advertise_dirport(const or_options_t *options, uint16_t dir_port) +{ + /* Part one: reasons to publish or not publish that aren't + * worth mentioning to the user, either because they're obvious + * or because they're normal behavior. */ + + if (!dir_port) /* short circuit the rest of the function */ + return 0; + if (authdir_mode(options)) /* always publish */ + return dir_port; + if (net_is_disabled()) + return 0; + if (!check_whether_dirport_reachable()) + return 0; + if (!router_get_advertised_dir_port(options, dir_port)) + return 0; + + /* Part two: reasons to publish or not publish that the user + * might find surprising. router_should_be_directory_server() + * considers config options that make us choose not to publish. */ + return router_should_be_directory_server(options, dir_port) ? dir_port : 0; } /** Allocate and return a new extend_info_t that can be used to build @@ -2642,6 +2673,10 @@ router_dump_router_to_string(routerinfo_t *router, tor_free(p6); } + if (dir_server_mode(options)) { + smartlist_add(chunks, tor_strdup("tunnelled-dir-server\n")); + } + /* Sign the descriptor with Ed25519 */ if (emit_ed_sigs) { smartlist_add(chunks, tor_strdup("router-sig-ed25519 ")); diff --git a/src/or/router.h b/src/or/router.h index 85f43d8..f176477 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -41,6 +41,7 @@ int init_keys_client(void); int check_whether_orport_reachable(void); int check_whether_dirport_reachable(void); +int dir_server_mode(const or_options_t *options); void consider_testing_reachability(int test_or, int test_dir); void router_orport_found_reachable(void); void router_dirport_found_reachable(void); diff --git a/src/test/test_dir.c b/src/test/test_dir.c index ab802dc..28ec90c 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -174,8 +174,13 @@ test_dir_formats(void *arg) /* XXXX025 router_dump_to_string should really take this from ri.*/ options->ContactInfo = tor_strdup("Magri White " "<magri(a)elsewhere.example.com>"); + + options->ORPort_set = options->DirPort_set = options->AssumeReachable = 1; buf = router_dump_router_to_string(r1, pk2, NULL, NULL, NULL); + tor_free(options->ContactInfo); + /* Reset for later */ + options->ORPort_set = options->DirPort_set = options->AssumeReachable = 0; tt_assert(buf); strlcpy(buf2, "router Magri 192.168.0.1 9000 0 9003\n" @@ -200,7 +205,8 @@ test_dir_formats(void *arg) strlcat(buf2, "hidden-service-dir\n", sizeof(buf2)); strlcat(buf2, "contact Magri White <magri(a)elsewhere.example.com>\n", sizeof(buf2)); - strlcat(buf2, "reject *:*\nrouter-signature\n", sizeof(buf2)); + strlcat(buf2, "reject *:*\n", sizeof(buf2)); + strlcat(buf2, "tunnelled-dir-server\nrouter-signature\n", sizeof(buf2)); buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same * twice */ @@ -214,12 +220,13 @@ test_dir_formats(void *arg) tt_assert(rp1); tt_int_op(rp1->addr,OP_EQ, r1->addr); tt_int_op(rp1->or_port,OP_EQ, r1->or_port); - //test_eq(rp1->dir_port, r1->dir_port); + tt_int_op(rp1->dir_port,OP_EQ, r1->dir_port); tt_int_op(rp1->bandwidthrate,OP_EQ, r1->bandwidthrate); tt_int_op(rp1->bandwidthburst,OP_EQ, r1->bandwidthburst); tt_int_op(rp1->bandwidthcapacity,OP_EQ, r1->bandwidthcapacity); tt_assert(crypto_pk_cmp_keys(rp1->onion_pkey, pk1) == 0); tt_assert(crypto_pk_cmp_keys(rp1->identity_pkey, pk2) == 0); + tt_assert(rp1->supports_tunnelled_dir_requests); //tt_assert(rp1->exit_policy == NULL); tor_free(buf); @@ -290,6 +297,7 @@ test_dir_formats(void *arg) BASE64_ENCODE_MULTILINE); strlcat(buf2, cert_buf, sizeof(buf2)); strlcat(buf2, "accept *:80\nreject 18.0.0.0/8:24\n", sizeof(buf2)); + strlcat(buf2, "tunnelled-dir-server\n", sizeof(buf2)); strlcat(buf2, "router-sig-ed25519 ", sizeof(buf2)); buf = router_dump_router_to_string(r2, pk1, pk2, &r2_onion_keypair, &kp2); @@ -301,6 +309,9 @@ test_dir_formats(void *arg) tor_free(buf); buf = router_dump_router_to_string(r2, pk1, NULL, NULL, NULL); + + /* Reset for later */ + options->ORPort_set = 0; cp = buf; rp2 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL,NULL); tt_assert(rp2); @@ -315,6 +326,7 @@ test_dir_formats(void *arg) CURVE25519_PUBKEY_LEN); tt_assert(crypto_pk_cmp_keys(rp2->onion_pkey, pk2) == 0); tt_assert(crypto_pk_cmp_keys(rp2->identity_pkey, pk1) == 0); + tt_assert(rp2->supports_tunnelled_dir_requests); tt_int_op(smartlist_len(rp2->exit_policy),OP_EQ, 2); @@ -1821,6 +1833,7 @@ test_routerstatus_for_v3ns(routerstatus_t *rs, time_t now) tt_assert(rs->is_flagged_running); tt_assert(!rs->is_valid); tt_assert(!rs->is_named); + tt_assert(rs->is_v2_dir); /* XXXX check version */ } else if (tor_memeq(rs->identity_digest, "\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5"

1 0

[tor/master] Client should check if dir server has open dir port or handles tunnelled requests
by nickm＠torproject.org 21 Dec '15

21 Dec '15

commit 0a7d22a664505c5235031fc2d3d792b83254b5ad Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Wed Oct 29 00:29:48 2014 +0000 Client should check if dir server has open dir port or handles tunnelled requests Final piece of prop 237. Closes 12538. --- changes/feature12538 | 6 ++++++ src/or/nodelist.c | 17 ++++++++++++----- src/or/routerlist.c | 2 +- src/test/test_nodelist.c | 39 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 6 deletions(-) diff --git a/changes/feature12538 b/changes/feature12538 new file mode 100644 index 0000000..4e7ea9f --- /dev/null +++ b/changes/feature12538 @@ -0,0 +1,6 @@ + o Minor features (directory system): + Previously only relays who explicitly opened a directory port (DirPort) + accepted directory requests from clients. Now all relays, with and without + a DirPort, who do not disable the DirCache option accept and serve + directory requests sent (tunnelled) through their ORPort. + Closes ticket 12538. diff --git a/src/or/nodelist.c b/src/or/nodelist.c index fc27207..056d5e8 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -644,12 +644,19 @@ node_is_named(const node_t *node) int node_is_dir(const node_t *node) { - if (node->rs) - return node->rs->dir_port != 0; - else if (node->ri) - return node->ri->dir_port != 0; - else + if (node->rs) { + routerstatus_t * rs = node->rs; + /* This is true if supports_tunnelled_dir_requests is true which + * indicates that we support directory request tunnelled or through the + * DirPort. */ + return rs->is_v2_dir; + } else if (node->ri) { + routerinfo_t * ri = node->ri; + /* Both tunnelled request is supported or DirPort is set. */ + return ri->supports_tunnelled_dir_requests; + } else { return 0; + } } /** Return true iff <b>node</b> has either kind of usable descriptor -- that diff --git a/src/or/routerlist.c b/src/or/routerlist.c index c45854c..df6d797 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1512,7 +1512,7 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags, if (!status) continue; - if (!node->is_running || !status->dir_port || !node->is_valid) + if (!node->is_running || !node_is_dir(node) || !node->is_valid) continue; if (requireother && router_digest_is_me(node->identity)) continue; diff --git a/src/test/test_nodelist.c b/src/test/test_nodelist.c index a8693ec..262f105 100644 --- a/src/test/test_nodelist.c +++ b/src/test/test_nodelist.c @@ -60,12 +60,51 @@ test_nodelist_node_get_verbose_nickname_not_named(void *arg) return; } +/** A node should be considered a directory server if it has an open dirport + * of it accepts tunnelled directory requests. + */ +static void +test_nodelist_node_is_dir(void *arg) +{ + routerstatus_t rs; + routerinfo_t ri; + node_t node; + memset(&node, 0, sizeof(node_t)); + memset(&rs, 0, sizeof(routerstatus_t)); + memset(&ri, 0, sizeof(routerinfo_t)); + + tt_assert(!node_is_dir(&node)); + + node.rs = &rs; + tt_assert(!node_is_dir(&node)); + + rs.is_v2_dir = 1; + tt_assert(node_is_dir(&node)); + + rs.is_v2_dir = 0; + rs.dir_port = 1; + tt_assert(node_is_dir(&node)); + + node.rs = NULL; + tt_assert(!node_is_dir(&node)); + node.ri = &ri; + ri.supports_tunnelled_dir_requests = 1; + tt_assert(node_is_dir(&node)); + ri.supports_tunnelled_dir_requests = 0; + ri.dir_port = 1; + tt_assert(node_is_dir(&node)); + + done: + return; +} + #define NODE(name, flags) \ { #name, test_nodelist_##name, (flags), NULL, NULL } struct testcase_t nodelist_tests[] = { NODE(node_get_verbose_nickname_by_id_null_node, TT_FORK), NODE(node_get_verbose_nickname_not_named, TT_FORK), + NODE(node_is_dir, TT_FORK), END_OF_TESTCASES };

1 0