June 2016 - tor-commits - lists.torproject.org

[tor/master] Fix a memory leak in test_dir_populate_dump_desc_fifo
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 7a7bd1f9ea2df2fc68d0ce4b59ebd413ba7f0ba6 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 14:30:26 2016 -0400 Fix a memory leak in test_dir_populate_dump_desc_fifo --- src/test/test_dir.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 873426c..8c708f0 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -4958,6 +4958,7 @@ test_dir_populate_dump_desc_fifo(void *data) tt_int_op(read_count, ==, 1); tt_int_op(read_call_count, ==, 2); tor_free(expected_filename); + tor_free(file_content); /* This one will match */ fname = @@ -4994,6 +4995,8 @@ test_dir_populate_dump_desc_fifo(void *data) UNMOCK(read_file_to_str); reset_read_file_to_str_mock(); + tor_free(file_content); + return; }

1 0

[tor/master] Try to fix warnings when size_t is smaller than st.st_size.
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit c3b720fb26cbe0ff5f53407ba4929b3bd75256b1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 14:20:04 2016 -0400 Try to fix warnings when size_t is smaller than st.st_size. --- src/or/routerparse.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 875bb60..13ffaf9 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -886,11 +886,28 @@ dump_desc_populate_one_file, (const char *dirname, const char *f)) goto done; } +#if SIZE_MAX > UINT64_MAX + if (BUG((uint64_t)st.st_size > (uint64_t)SIZE_MAX)) { + /* LCOV_EXCL_START + * Should be impossible since RFTS above should have failed to read the + * huge file into RAM. */ + goto done; + /* LCOV_EXCL_STOP */ + } +#endif + if (BUG(st.st_size < 0)) { + /* LCOV_EXCL_START + * Should be impossible, since the OS isn't supposed to be b0rken. */ + goto done; + /* LCOV_EXCL_STOP */ + } + /* (Now we can be sure that st.st_size is safe to cast to a size_t.) */ + /* * We got one; now compute its digest and check that it matches the * filename. */ - if (crypto_digest256((char *)content_digest, desc, st.st_size, + if (crypto_digest256((char *)content_digest, desc, (size_t) st.st_size, DIGEST_SHA256) != 0) { /* Weird, but okay */ log_info(LD_DIR, @@ -916,7 +933,7 @@ dump_desc_populate_one_file, (const char *dirname, const char *f)) ent = tor_malloc_zero(sizeof(dumped_desc_t)); ent->filename = path; memcpy(ent->digest_sha256, digest, DIGEST256_LEN); - ent->len = st.st_size; + ent->len = (size_t) st.st_size; ent->when = st.st_mtime; /* Null out path so we don't free it out from under ent */ path = NULL;

1 0

[tor/master] fix a syntax warning
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit b5beb2afa65fb63ada034e16bd825d5f3c5b1ebe Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 14:19:55 2016 -0400 fix a syntax warning --- src/or/routerlist.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/routerlist.h b/src/or/routerlist.h index e75c922..b671bdf 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -104,7 +104,7 @@ void routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, void routerlist_free_all(void); void routerlist_reset_warnings(void); -MOCK_DECL(smartlist_t *, list_authority_ids_with_downloads, (void);) +MOCK_DECL(smartlist_t *, list_authority_ids_with_downloads, (void)); MOCK_DECL(download_status_t *, id_only_download_status_for_authority_id, (const char *digest)); MOCK_DECL(smartlist_t *, list_sk_digests_for_authority_id,

1 0

[tor/master] Fix three -Wtautological-constant-out-of-range-compare warnings.
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit ded7e8093cad02c3acb53b4bb47083ae82b10b57 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 14:08:28 2016 -0400 Fix three -Wtautological-constant-out-of-range-compare warnings. --- src/or/networkstatus.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 9968047..5415c30 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1226,7 +1226,7 @@ networkstatus_get_dl_status_by_flavor,(consensus_flavor_t flavor)) const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(time(NULL)); - if (flavor <= N_CONSENSUS_FLAVORS) { + if ((int)flavor <= N_CONSENSUS_FLAVORS) { dl = &((we_are_bootstrapping ? consensus_bootstrap_dl_status : consensus_dl_status)[flavor]); } @@ -1241,7 +1241,7 @@ networkstatus_get_dl_status_by_flavor_bootstrap,(consensus_flavor_t flavor)) { download_status_t *dl = NULL; - if (flavor <= N_CONSENSUS_FLAVORS) { + if ((int)flavor <= N_CONSENSUS_FLAVORS) { dl = &(consensus_bootstrap_dl_status[flavor]); } @@ -1255,7 +1255,7 @@ networkstatus_get_dl_status_by_flavor_running,(consensus_flavor_t flavor)) { download_status_t *dl = NULL; - if (flavor <= N_CONSENSUS_FLAVORS) { + if ((int)flavor <= N_CONSENSUS_FLAVORS) { dl = &(consensus_dl_status[flavor]); }

1 0

[tor/master] Fix -Wextra-semi warning
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 3627718348decd5ec625d6182220d012d32afa33 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 13:50:16 2016 -0400 Fix -Wextra-semi warning --- src/or/routerparse.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/or/routerparse.h b/src/or/routerparse.h index f898ab1..81ef724 100644 --- a/src/or/routerparse.h +++ b/src/or/routerparse.h @@ -101,8 +101,8 @@ typedef struct { time_t when; } dumped_desc_t; -EXTERN(uint64_t, len_descs_dumped); -EXTERN(smartlist_t *, descs_dumped); +EXTERN(uint64_t, len_descs_dumped) +EXTERN(smartlist_t *, descs_dumped) STATIC int routerstatus_parse_guardfraction(const char *guardfraction_str, networkstatus_t *vote, vote_routerstatus_t *vote_rs,

1 0

[tor/master] Fix a 32-bit compilation failure
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 6d2f006bf471b12a599acf60e517b1cdbcb0e333 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 30 13:47:45 2016 -0400 Fix a 32-bit compilation failure --- src/or/routerparse.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/routerparse.h b/src/or/routerparse.h index 2eb9932..f898ab1 100644 --- a/src/or/routerparse.h +++ b/src/or/routerparse.h @@ -101,7 +101,7 @@ typedef struct { time_t when; } dumped_desc_t; -EXTERN(size_t, len_descs_dumped); +EXTERN(uint64_t, len_descs_dumped); EXTERN(smartlist_t *, descs_dumped); STATIC int routerstatus_parse_guardfraction(const char *guardfraction_str, networkstatus_t *vote,

1 0

[torspec/master] Specify download/ GETINFO queries for controller
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 12d462f192209ec99221795193322b4d95ccfff3 Author: Andrea Shepard <andrea(a)persephoneslair.org> Date: Wed Jun 29 21:31:28 2016 +0000 Specify download/ GETINFO queries for controller --- control-spec.txt | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/control-spec.txt b/control-spec.txt index 5c9d3ab..9529d35 100644 --- a/control-spec.txt +++ b/control-spec.txt @@ -245,6 +245,10 @@ ISOTime2 = IsoDatePart "T" IsoTimePart ISOTime2Frac = IsoTime2 [ "." 1*DIGIT ] + ; Numbers + LeadingDigit = "1" - "9" + UInt = LeadingDigit *Digit + 3. Commands All commands are case-insensitive, but most keywords are case-sensitive. @@ -892,6 +896,101 @@ The string "up" or "down", indicating whether we currently believe the network is reachable. + "download/" + The keys under download/ are used to query download statuses; they all + return either a sequence of newline-terminated hex encoded digests, or + a serialized download status as follows: + + "next-attempt-at" SP ISOTime CRLF + "n-download-failures" SP UInt CRLF + "n-download-attempts" SP UInt CRLF + "schedule" SP DownloadSchedule CRLF + "want-authority" SP DownloadWantAuthority CRLF + "increment-on" SP DownloadIncrementOn CRLF + "backoff" SP DownloadBackoff CRLF + [ "last-backoff-position" Uint CRLF + "last-delay-used UInt CRLF ] + + where + + DownloadSchedule = + "DL_SCHED_GENERIC" / "DL_SCHED_CONSENSUS" / "DL_SCHED_BRIDGE" + DownloadWantAuthority = + "DL_WANT_ANY_DIRSERVER" / "DL_WANT_AUTHORITY" + DownloadIncrementOn = + "DL_SCHED_INCREMENT_FAILURE" / "DL_SCHED_INCREMENT_ATTEMPT" + DownloadBackoff = + "DL_SCHED_DETERMINISTIC" / "DL_SCHED_RANDOM_EXPONENTIAL" + + The optional last two lines must be present if DownloadBackoff is + "DL_SCHED_RANDOM_EXPONENTIAL" and must be absent if DownloadBackoff + is "DL_SCHED_DETERMINISTIC". + + In detail, the keys supported are: + + "downloads/networkstatus/ns" + The serialized download status for the FLAV_NS consensus for whichever + bootstrap state Tor is currently in. + + "downloads/networkstatus/ns/bootstrap" + The serialized download status for the FLAV_NS consensus at bootstrap + time, regardless of whether we are currently bootstrapping. + + "downloads/networkstatus/ns/running" + The serialized download status for the FLAV_NS consensus when running, + regardless of whether we are currently bootstrapping. + + "downloads/networkstatus/microdesc" + The serialized download status for the FLAV_MICRODESC consensus for + whichever bootstrap state Tor is currently in. + + "downloads/networkstatus/microdesc/bootstrap" + The serialized download status for the FLAV_MICRODESC consensus at + bootstrap time, regardless of whether we are currently bootstrapping. + + "downloads/networkstatus/microdesc/running" + The serialized download status for the FLAV_MICRODESC consensus when + running, regardless of whether we are currently bootstrapping. + + "downloads/cert/fps" + A newline-separated list of hex-encoded digests for authority certificates + for which we have download status available. + + "downloads/cert/fp/<Fingerprint>" + A serialized download status for the default certificate for the + identity digest <Fingerprint> returned by the downloads/cert/fps key. + + "downloads/cert/fp/<Fingerprint>/sks" + A newline-separated list of hex-encoded signing key digests for the + authority identity digest <Fingerprint> returned by the + downloads/cert/fps key. + + "downloads/cert/fp/<Fingerprint>/<SKDigest>" + A serialized download status for the certificate for the identity + digest <Fingerprint> returned by the downloads/cert/fps key and signing + key digest <SKDigest> returned by the downloads/cert/fp/<Fingerprint>/ + sks key. + + "downloads/desc/descs" + A newline-separated list of hex-encoded router descriptor digests + [note, not identity digests - the Tor process may not have seen them + yet while downloading router descriptors]. If the Tor process is not + using a FLAV_NS consensus, a 551 error is returned. + + "downloads/desc/<Digest>" + A serialized download status for the router descriptor with digest + <Digest> as returned by the downloads/desc/descs key. If the Tor + process is not using a FLAV_NS consensus, a 551 error is returned. + + "downloads/bridge/bridges" + A newline-separated list of hex-encoded bridge identity digests. If + the Tor process is not using bridges, a 551 error is returned. + + "downloads/bridge/<Digest>" + A serialized download status for the bridge descriptor with identity + digest <Digest> as returned by the downloads/bridge/bridges key. If + the Tor process is not using bridges, a 551 error is returned. + Examples: C: GETINFO version desc/name/moria1 S: 250+desc/name/moria=

1 0

[tor/master] Expose authority certificate download statuses on the control port
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 18c6e139932630615bf3fee232dc5e08fac42449 Author: Andrea Shepard <andrea(a)torproject.org> Date: Tue Jun 28 00:09:45 2016 +0000 Expose authority certificate download statuses on the control port --- src/or/control.c | 206 ++++++++++++++++++++++++++++++++++++++++++++++------ src/or/routerlist.c | 106 +++++++++++++++++++++++++++ src/or/routerlist.h | 8 ++ 3 files changed, 297 insertions(+), 23 deletions(-) diff --git a/src/or/control.c b/src/or/control.c index 35a949f..a45b5f9 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -2053,6 +2053,29 @@ getinfo_helper_dir(control_connection_t *control_conn, return 0; } +/** Turn a smartlist of digests into a human-readable list of hex strings */ + +static char * +digest_list_to_string(smartlist_t *sl) +{ + int len; + char *result, *s; + + /* Allow for newlines, and a \0 at the end */ + len = smartlist_len(sl) * (HEX_DIGEST_LEN + 1) + 1; + result = tor_malloc_zero(len); + + s = result; + SMARTLIST_FOREACH_BEGIN(sl, char *, digest) { + base16_encode(s, HEX_DIGEST_LEN + 1, digest, DIGEST_LEN); + s[HEX_DIGEST_LEN] = '\n'; + s += HEX_DIGEST_LEN + 1; + } SMARTLIST_FOREACH_END(digest); + *s = '\0'; + + return result; +} + /** Turn a download_status_t into a human-readable description in a newly * allocated string. */ @@ -2155,6 +2178,135 @@ download_status_to_string(const download_status_t *dl) return rv; } +/** Handle the consensus download cases for getinfo_helper_downloads() */ +static void +getinfo_helper_downloads_networkstatus(const char *flavor, + download_status_t **dl_to_emit, + const char **errmsg) +{ + /* + * We get the one for the current bootstrapped status by default, or + * take an extra /bootstrap or /running suffix + */ + if (strcmp(flavor, "ns") == 0) { + *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS); + } else if (strcmp(flavor, "ns/bootstrap") == 0) { + *dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS); + } else if (strcmp(flavor, "ns/running") == 0 ) { + *dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS); + } else if (strcmp(flavor, "microdesc") == 0) { + *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC); + } else if (strcmp(flavor, "microdesc/bootstrap") == 0) { + *dl_to_emit = + networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC); + } else if (strcmp(flavor, "microdesc/running") == 0) { + *dl_to_emit = + networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC); + } else { + *errmsg = "Unknown flavor"; + } +} + +/** Handle the cert download cases for getinfo_helper_downloads() */ +static void +getinfo_helper_downloads_cert(const char *fp_sk_req, + download_status_t **dl_to_emit, + smartlist_t **digest_list, + const char **errmsg) +{ + const char *sk_req; + char id_digest[DIGEST_LEN]; + char sk_digest[DIGEST_LEN]; + + /* + * We have to handle four cases; fp_sk_req is the request with + * a prefix of "downloads/cert/" snipped off. + * + * Case 1: fp_sk_req = "fps" + * - We should emit a digest_list with a list of all the identity + * fingerprints that can be queried for certificate download status; + * get it by calling list_authority_ids_with_downloads(). + * + * Case 2: fp_sk_req = "fp/<fp>" for some fingerprint fp + * - We want the default certificate for this identity fingerprint's + * download status; this is the download we get from URLs starting + * in /fp/ on the directory server. We can get it with + * id_only_download_status_for_authority_id(). + * + * Case 3: fp_sk_req = "fp/<fp>/sks" for some fingerprint fp + * - We want a list of all signing key digests for this identity + * fingerprint which can be queried for certificate download status. + * Get it with list_sk_digests_for_authority_id(). + * + * Case 4: fp_sk_req = "fp/<fp>/<sk>" for some fingerprint fp and + * signing key digest sk + * - We want the download status for the certificate for this specific + * signing key and fingerprint. These correspond to the ones we get + * from URLs starting in /fp-sk/ on the directory server. Get it with + * list_sk_digests_for_authority_id(). + */ + + if (strcmp(fp_sk_req, "fps") == 0) { + *digest_list = list_authority_ids_with_downloads(); + if (!(*digest_list)) { + *errmsg = "Failed to get list of authority identity digests (!)"; + } + } else if (!strcmpstart(fp_sk_req, "fp/")) { + fp_sk_req += strlen("fp/"); + /* Okay, look for another / to tell the fp from fp-sk cases */ + sk_req = strchr(fp_sk_req, '/'); + if (sk_req) { + /* okay, split it here and try to parse <fp> */ + if (base16_decode(id_digest, DIGEST_LEN, + fp_sk_req, sk_req - fp_sk_req) == DIGEST_LEN) { + /* Skip past the '/' */ + ++sk_req; + if (strcmp(sk_req, "sks") == 0) { + /* We're asking for the list of signing key fingerprints */ + *digest_list = list_sk_digests_for_authority_id(id_digest); + if (!(*digest_list)) { + *errmsg = "Failed to get list of signing key digests for this " + "authority identity digest"; + } + } else { + /* We've got a signing key digest */ + if (base16_decode(sk_digest, DIGEST_LEN, + sk_req, strlen(sk_req)) == DIGEST_LEN) { + *dl_to_emit = + download_status_for_authority_id_and_sk(id_digest, sk_digest); + if (!(*dl_to_emit)) { + *errmsg = "Failed to get download status for this identity/" + "signing key digest pair"; + } + } else { + *errmsg = "That didn't look like a signing key digest"; + } + } + } else { + *errmsg = "That didn't look like an identity digest"; + } + } else { + /* We're either in downloads/certs/fp/<fp>, or we can't parse <fp> */ + if (strlen(fp_sk_req) == HEX_DIGEST_LEN) { + if (base16_decode(id_digest, DIGEST_LEN, + fp_sk_req, strlen(fp_sk_req)) == DIGEST_LEN) { + *dl_to_emit = id_only_download_status_for_authority_id(id_digest); + if (!(*dl_to_emit)) { + *errmsg = "Failed to get download status for this authority " + "identity digest"; + } + } else { + *errmsg = "That didn't look like a digest"; + } + } else { + *errmsg = "That didn't look like a digest"; + } + } + } else { + *errmsg = "Unknown certificate download status query"; + } +} + /** Implementation helper for GETINFO: knows the answers for questions about * download status information. */ static int @@ -2162,8 +2314,8 @@ getinfo_helper_downloads(control_connection_t *control_conn, const char *question, char **answer, const char **errmsg) { - const char *flavor; download_status_t *dl_to_emit = NULL; + smartlist_t *digest_list = NULL; /* Assert args are sane */ tor_assert(control_conn != NULL); @@ -2176,34 +2328,27 @@ getinfo_helper_downloads(control_connection_t *control_conn, /* Are we after networkstatus downloads? */ if (!strcmpstart(question, "downloads/networkstatus/")) { - flavor = question + strlen("downloads/networkstatus/"); - /* - * We get the one for the current bootstrapped status by default, or - * take an extra /bootstrap or /running suffix - */ - if (strcmp(flavor, "ns") == 0) { - dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS); - } else if (strcmp(flavor, "ns/bootstrap") == 0) { - dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS); - } else if (strcmp(flavor, "ns/running") == 0 ) { - dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS); - } else if (strcmp(flavor, "microdesc") == 0) { - dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC); - } else if (strcmp(flavor, "microdesc/bootstrap") == 0) { - dl_to_emit = - networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC); - } else if (strcmp(flavor, "microdesc/running") == 0) { - dl_to_emit = - networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC); - } else { - *errmsg = "Unknown flavor"; - } + getinfo_helper_downloads_networkstatus( + question + strlen("downloads/networkstatus/"), + &dl_to_emit, errmsg); + } else if (!strcmpstart(question, "downloads/cert/")) { + getinfo_helper_downloads_cert( + question + strlen("downloads/cert/"), + &dl_to_emit, &digest_list, errmsg); + } else { + *errmsg = "Unknown download status query"; } if (dl_to_emit) { *answer = download_status_to_string(dl_to_emit); return 0; + } else if (digest_list) { + *answer = digest_list_to_string(digest_list); + SMARTLIST_FOREACH(digest_list, void *, s, tor_free(s)); + smartlist_free(digest_list); + + return 0; } else { if (!(*errmsg)) { *errmsg = "Unknown error"; @@ -2666,6 +2811,21 @@ static const getinfo_item_t getinfo_items[] = { "Download status for bootstrap-time microdesc download"), DOC("downloads/networkstatus/microdesc/running", "Download status for run-time microdesc download"), + PREFIX("downloads/cert/", downloads, + "Download statuses for certificates, by id fingerprint and " + "signing key"), + DOC("downloads/cert/fps", + "List of authority fingerprints for which any download statuses " + "exist"), + DOC("downloads/cert/fp/<fp>", + "Download status for <fp> with the default signing key; corresponds " + "to /fp/ URLs on directory server."), + DOC("downloads/cert/fp/<fp>/sks", + "List of signing keys for which specific download statuses are " + "available for this id fingerprint"), + DOC("downloads/cert/fp/<fp>/<sk>", + "Download status for <fp> with signing key <sk>; corresponds " + "to /fp-sk/ URLs on directory server."), ITEM("info/names", misc, "List of GETINFO options, types, and documentation."), ITEM("events/names", misc, diff --git a/src/or/routerlist.c b/src/or/routerlist.c index b6dab1b..6bd494b 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -253,6 +253,112 @@ get_cert_list(const char *id_digest) return cl; } +/** Return a list of authority ID digests with potentially enumerable lists + * of download_status_t objects; used by controller GETINFO queries. + */ + +smartlist_t * +list_authority_ids_with_downloads(void) +{ + smartlist_t *ids = smartlist_new(); + digestmap_iter_t *i; + const char *digest; + char *tmp; + void *cl; + + if (trusted_dir_certs) { + for (i = digestmap_iter_init(trusted_dir_certs); + !(digestmap_iter_done(i)); + i = digestmap_iter_next(trusted_dir_certs, i)) { + /* + * We always have at least dl_status_by_id to query, so no need to + * probe deeper than the existence of a cert_list_t. + */ + digestmap_iter_get(i, &digest, &cl); + tmp = tor_malloc(DIGEST_LEN); + memcpy(tmp, digest, DIGEST_LEN); + smartlist_add(ids, tmp); + } + } + /* else definitely no downlaods going since nothing even has a cert list */ + + return ids; +} + +/** Given an authority ID digest, return a pointer to the default download + * status, or NULL if there is no such entry in trusted_dir_certs */ + +download_status_t * +id_only_download_status_for_authority_id(const char *digest) +{ + download_status_t *dl = NULL; + cert_list_t *cl; + + if (trusted_dir_certs) { + cl = digestmap_get(trusted_dir_certs, digest); + if (cl) { + dl = &(cl->dl_status_by_id); + } + } + + return dl; +} + +/** Given an authority ID digest, return a smartlist of signing key digests + * for which download_status_t is potentially queryable, or NULL if no such + * authority ID digest is known. */ + +smartlist_t * +list_sk_digests_for_authority_id(const char *digest) +{ + smartlist_t *sks = NULL; + cert_list_t *cl; + dsmap_iter_t *i; + const char *sk_digest; + char *tmp; + download_status_t *dl; + + if (trusted_dir_certs) { + cl = digestmap_get(trusted_dir_certs, digest); + if (cl) { + sks = smartlist_new(); + if (cl->dl_status_map) { + for (i = dsmap_iter_init(cl->dl_status_map); + !(dsmap_iter_done(i)); + i = dsmap_iter_next(cl->dl_status_map, i)) { + /* Pull the digest out and add it to the list */ + dsmap_iter_get(i, &sk_digest, &dl); + tmp = tor_malloc(DIGEST_LEN); + memcpy(tmp, sk_digest, DIGEST_LEN); + smartlist_add(sks, tmp); + } + } + } + } + + return sks; +} + +/** Given an authority ID digest and a signing key digest, return the + * download_status_t or NULL if none exists. */ + +download_status_t * +download_status_for_authority_id_and_sk(const char *id_digest, + const char *sk_digest) +{ + download_status_t *dl = NULL; + cert_list_t *cl = NULL; + + if (trusted_dir_certs) { + cl = digestmap_get(trusted_dir_certs, id_digest); + if (cl && cl->dl_status_map) { + dl = dsmap_get(cl->dl_status_map, sk_digest); + } + } + + return dl; +} + /** Release all space held by a cert_list_t */ static void cert_list_free(cert_list_t *cl) diff --git a/src/or/routerlist.h b/src/or/routerlist.h index be242d6..65ba88d 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -104,6 +104,14 @@ void routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, void routerlist_free_all(void); void routerlist_reset_warnings(void); +smartlist_t * list_authority_ids_with_downloads(void); +download_status_t * id_only_download_status_for_authority_id( + const char *digest); +smartlist_t * list_sk_digests_for_authority_id(const char *digest); +download_status_t * download_status_for_authority_id_and_sk( + const char *id_digest, + const char *sk_digest); + static int WRA_WAS_ADDED(was_router_added_t s); static int WRA_WAS_OUTDATED(was_router_added_t s); static int WRA_WAS_REJECTED(was_router_added_t s);

1 0

[tor/master] Expose consensus download statuses on the control port
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit 8cf9fe5ba63c1c2b711d852b61e734c48cf482b5 Author: Andrea Shepard <andrea(a)torproject.org> Date: Mon Jun 27 16:38:37 2016 +0000 Expose consensus download statuses on the control port --- src/or/control.c | 176 +++++++++++++++++++++++++++++++++++++++++++++++++ src/or/networkstatus.c | 46 +++++++++++++ src/or/networkstatus.h | 7 ++ 3 files changed, 229 insertions(+) diff --git a/src/or/control.c b/src/or/control.c index 6e5dcf6..35a949f 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -190,6 +190,8 @@ static void set_cached_network_liveness(int liveness); static void flush_queued_events_cb(evutil_socket_t fd, short what, void *arg); +static char * download_status_to_string(const download_status_t *dl); + /** Given a control event code for a message event, return the corresponding * log severity. */ static inline int @@ -2051,6 +2053,166 @@ getinfo_helper_dir(control_connection_t *control_conn, return 0; } +/** Turn a download_status_t into a human-readable description in a newly + * allocated string. */ + +static char * +download_status_to_string(const download_status_t *dl) +{ + char *rv = NULL, *tmp; + char tbuf[ISO_TIME_LEN+1]; + const char *schedule_str, *want_authority_str; + const char *increment_on_str, *backoff_str; + + if (dl) { + /* Get some substrings of the eventual output ready */ + format_iso_time(tbuf, dl->next_attempt_at); + + switch (dl->schedule) { + case DL_SCHED_GENERIC: + schedule_str = "DL_SCHED_GENERIC"; + break; + case DL_SCHED_CONSENSUS: + schedule_str = "DL_SCHED_CONSENSUS"; + break; + case DL_SCHED_BRIDGE: + schedule_str = "DL_SCHED_BRIDGE"; + break; + default: + schedule_str = "unknown"; + break; + } + + switch (dl->want_authority) { + case DL_WANT_ANY_DIRSERVER: + want_authority_str = "DL_WANT_ANY_DIRSERVER"; + break; + case DL_WANT_AUTHORITY: + want_authority_str = "DL_WANT_AUTHORITY"; + break; + default: + want_authority_str = "unknown"; + break; + } + + switch (dl->increment_on) { + case DL_SCHED_INCREMENT_FAILURE: + increment_on_str = "DL_SCHED_INCREMENT_FAILURE"; + break; + case DL_SCHED_INCREMENT_ATTEMPT: + increment_on_str = "DL_SCHED_INCREMENT_ATTEMPT"; + break; + default: + increment_on_str = "unknown"; + break; + } + + switch (dl->backoff) { + case DL_SCHED_DETERMINISTIC: + backoff_str = "DL_SCHED_DETERMINISTIC"; + break; + case DL_SCHED_RANDOM_EXPONENTIAL: + backoff_str = "DL_SCHED_RANDOM_EXPONENTIAL"; + break; + default: + backoff_str = "unknown"; + break; + } + + /* Now assemble them */ + tor_asprintf(&tmp, + "next-attempt-at %s\n" + "n-download-failures %u\n" + "n-download-attempts %u\n" + "schedule %s\n" + "want-authority %s\n" + "increment-on %s\n" + "backoff %s\n", + tbuf, + dl->n_download_failures, + dl->n_download_attempts, + schedule_str, + want_authority_str, + increment_on_str, + backoff_str); + + if (dl->backoff == DL_SCHED_RANDOM_EXPONENTIAL) { + /* Additional fields become relevant in random-exponential mode */ + tor_asprintf(&rv, + "%s" + "last-backoff-position %u\n" + "last-delay-used %d\n", + tmp, + dl->last_backoff_position, + dl->last_delay_used); + tor_free(tmp); + } else { + /* That was it */ + rv = tmp; + } + } + + return rv; +} + +/** Implementation helper for GETINFO: knows the answers for questions about + * download status information. */ +static int +getinfo_helper_downloads(control_connection_t *control_conn, + const char *question, char **answer, + const char **errmsg) +{ + const char *flavor; + download_status_t *dl_to_emit = NULL; + + /* Assert args are sane */ + tor_assert(control_conn != NULL); + tor_assert(question != NULL); + tor_assert(answer != NULL); + tor_assert(errmsg != NULL); + + /* We check for this later to see if we should supply a default */ + *errmsg = NULL; + + /* Are we after networkstatus downloads? */ + if (!strcmpstart(question, "downloads/networkstatus/")) { + flavor = question + strlen("downloads/networkstatus/"); + /* + * We get the one for the current bootstrapped status by default, or + * take an extra /bootstrap or /running suffix + */ + if (strcmp(flavor, "ns") == 0) { + dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS); + } else if (strcmp(flavor, "ns/bootstrap") == 0) { + dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS); + } else if (strcmp(flavor, "ns/running") == 0 ) { + dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS); + } else if (strcmp(flavor, "microdesc") == 0) { + dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC); + } else if (strcmp(flavor, "microdesc/bootstrap") == 0) { + dl_to_emit = + networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC); + } else if (strcmp(flavor, "microdesc/running") == 0) { + dl_to_emit = + networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC); + } else { + *errmsg = "Unknown flavor"; + } + } + + if (dl_to_emit) { + *answer = download_status_to_string(dl_to_emit); + + return 0; + } else { + if (!(*errmsg)) { + *errmsg = "Unknown error"; + } + + return -1; + } +} + /** Allocate and return a description of <b>circ</b>'s current status, * including its path (if any). */ static char * @@ -2490,6 +2652,20 @@ static const getinfo_item_t getinfo_items[] = { DOC("config/defaults", "List of default values for configuration options. " "See also config/names"), + PREFIX("downloads/networkstatus/", downloads, + "Download statuses for networkstatus objects"), + DOC("downloads/networkstatus/ns", + "Download status for current-mode networkstatus download"), + DOC("downloads/networkstatus/ns/bootstrap", + "Download status for bootstrap-time networkstatus download"), + DOC("downloads/networkstatus/ns/running", + "Download status for run-time networkstatus download"), + DOC("downloads/networkstatus/microdesc", + "Download status for current-mode microdesc download"), + DOC("downloads/networkstatus/microdesc/bootstrap", + "Download status for bootstrap-time microdesc download"), + DOC("downloads/networkstatus/microdesc/running", + "Download status for run-time microdesc download"), ITEM("info/names", misc, "List of GETINFO options, types, and documentation."), ITEM("events/names", misc, diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 3471288..45688b1 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1179,6 +1179,52 @@ consensus_is_waiting_for_certs(void) ? 1 : 0; } +/** Look up the currently active (depending on bootstrap status) download + * status for this consensus flavor and return a pointer to it. + */ +download_status_t * +networkstatus_get_dl_status_by_flavor(consensus_flavor_t flavor) +{ + download_status_t *dl = NULL; + const int we_are_bootstrapping = + networkstatus_consensus_is_bootstrapping(time(NULL)); + + if (flavor <= N_CONSENSUS_FLAVORS) { + dl = &((we_are_bootstrapping ? + consensus_bootstrap_dl_status : consensus_dl_status)[flavor]); + } + + return dl; +} + +/** Look up the bootstrap download status for this consensus flavor + * and return a pointer to it. */ +download_status_t * +networkstatus_get_dl_status_by_flavor_bootstrap(consensus_flavor_t flavor) +{ + download_status_t *dl = NULL; + + if (flavor <= N_CONSENSUS_FLAVORS) { + dl = &(consensus_bootstrap_dl_status[flavor]); + } + + return dl; +} + +/** Look up the running (non-bootstrap) download status for this consensus + * flavor and return a pointer to it. */ +download_status_t * +networkstatus_get_dl_status_by_flavor_running(consensus_flavor_t flavor) +{ + download_status_t *dl = NULL; + + if (flavor <= N_CONSENSUS_FLAVORS) { + dl = &(consensus_dl_status[flavor]); + } + + return dl; +} + /** Return the most recent consensus that we have downloaded, or NULL if we * don't have one. */ networkstatus_t * diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index aee6641..752ddf8 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -38,6 +38,13 @@ routerstatus_t *networkstatus_vote_find_mutable_entry(networkstatus_t *ns, int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out); +download_status_t * networkstatus_get_dl_status_by_flavor( + consensus_flavor_t flavor); +download_status_t * networkstatus_get_dl_status_by_flavor_bootstrap( + consensus_flavor_t flavor); +download_status_t * networkstatus_get_dl_status_by_flavor_running( + consensus_flavor_t flavor); + MOCK_DECL(download_status_t *,router_get_dl_status_by_descriptor_digest, (const char *d));

1 0

[tor/master] Add bridge descriptor download status queries to GETINFO
by nickm＠torproject.org 30 Jun '16

30 Jun '16

commit c69290072819d20e43bd0dd83fa8cefc1167b544 Author: Andrea Shepard <andrea(a)torproject.org> Date: Tue Jun 28 16:12:58 2016 +0000 Add bridge descriptor download status queries to GETINFO --- src/or/control.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++ src/or/entrynodes.c | 38 +++++++++++++++++++++++++++++++++++ src/or/entrynodes.h | 3 +++ 3 files changed, 98 insertions(+) diff --git a/src/or/control.c b/src/or/control.c index 7b8699d..77a09f0 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -2353,6 +2353,48 @@ getinfo_helper_downloads_desc(const char *desc_req, } } +/** Handle the bridge download cases for getinfo_helper_downloads() */ +static void +getinfo_helper_downloads_bridge(const char *bridge_req, + download_status_t **dl_to_emit, + smartlist_t **digest_list, + const char **errmsg) +{ + char bridge_digest[DIGEST_LEN]; + /* + * Two cases to handle here: + * + * Case 1: bridge_req = "bridges" + * - Emit a list of all bridge identity digests, which we get by + * calling list_bridge_identities(); this can return NULL if we are + * not using bridges. + * + * Case 2: bridge_req = <fp> + * - Check on the specified fingerprint and emit its download_status_t + * using get_bridge_dl_status_by_id(). + */ + + if (strcmp(bridge_req, "bridges") == 0) { + *digest_list = list_bridge_identities(); + if (!(*digest_list)) { + *errmsg = "We don't seem to be using bridges"; + } + } else if (strlen(bridge_req) == HEX_DIGEST_LEN) { + if (base16_decode(bridge_digest, DIGEST_LEN, + bridge_req, strlen(bridge_req)) == DIGEST_LEN) { + /* Okay we got a digest-shaped thing; try asking for it */ + *dl_to_emit = get_bridge_dl_status_by_id(bridge_digest); + if (!(*dl_to_emit)) { + *errmsg = "No such bridge identity digest found"; + } + } else { + *errmsg = "That didn't look like a digest"; + } + } else { + *errmsg = "Unknown bridge descriptor download status query"; + } +} + /** Implementation helper for GETINFO: knows the answers for questions about * download status information. */ static int @@ -2377,14 +2419,21 @@ getinfo_helper_downloads(control_connection_t *control_conn, getinfo_helper_downloads_networkstatus( question + strlen("downloads/networkstatus/"), &dl_to_emit, errmsg); + /* Certificates? */ } else if (!strcmpstart(question, "downloads/cert/")) { getinfo_helper_downloads_cert( question + strlen("downloads/cert/"), &dl_to_emit, &digest_list, errmsg); + /* Router descriptors? */ } else if (!strcmpstart(question, "downloads/desc/")) { getinfo_helper_downloads_desc( question + strlen("downloads/desc/"), &dl_to_emit, &digest_list, errmsg); + /* Bridge descriptors? */ + } else if (!strcmpstart(question, "downloads/bridge/")) { + getinfo_helper_downloads_bridge( + question + strlen("downloads/bridge/"), + &dl_to_emit, &digest_list, errmsg); } else { *errmsg = "Unknown download status query"; } @@ -2882,6 +2931,14 @@ static const getinfo_item_t getinfo_items[] = { "Return a list of known router descriptor digests"), DOC("downloads/desc/<desc>", "Return a download status for a given descriptor digest"), + PREFIX("downloads/bridge/", downloads, + "Download statuses for bridge descriptors, by bridge identity " + "digest"), + DOC("downloads/bridge/bridges", + "Return a list of configured bridge identity digests with download " + "statuses"), + DOC("downloads/bridge/<desc>", + "Return a download status for a given bridge identity digest"), ITEM("info/names", misc, "List of GETINFO options, types, and documentation."), ITEM("events/names", misc, diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 68241af..72ac6e7 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2424,6 +2424,44 @@ num_bridges_usable(void) return n_options; } +/** Return a smartlist containing all bridge identity digests */ +smartlist_t * +list_bridge_identities(void) +{ + smartlist_t *result = NULL; + char *digest_tmp; + + if (get_options()->UseBridges && bridge_list) { + result = smartlist_new(); + + SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, b) { + digest_tmp = tor_malloc(DIGEST_LEN); + memcpy(digest_tmp, b->identity, DIGEST_LEN); + smartlist_add(result, digest_tmp); + } SMARTLIST_FOREACH_END(b); + } + + return result; +} + +/** Get the download status for a bridge descriptor given its identity */ +download_status_t * +get_bridge_dl_status_by_id(const char *digest) +{ + download_status_t *dl = NULL; + + if (digest && get_options()->UseBridges && bridge_list) { + SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, b) { + if (memcmp(digest, b->identity, DIGEST_LEN) == 0) { + dl = &(b->fetch_status); + break; + } + } SMARTLIST_FOREACH_END(b); + } + + return dl; +} + /** Return 1 if we have at least one descriptor for an entry guard * (bridge or member of EntryNodes) and all descriptors we know are * down. Else return 0. If <b>act</b> is 1, then mark the down guards diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 247c809..285367d 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -179,5 +179,8 @@ guard_get_guardfraction_bandwidth(guardfraction_bandwidth_t *guardfraction_bw, int orig_bandwidth, uint32_t guardfraction_percentage); +smartlist_t * list_bridge_identities(void); +download_status_t * get_bridge_dl_status_by_id(const char *digest); + #endif

1 0