commit 5c51b3f1f0d4c394392aa6fce89bbe0960117771 Author: Nick Mathewson nickm@torproject.org Date: Mon Sep 10 15:23:39 2012 -0400
Start refactoring trusted_dir_servers into trusted and fallback lists
We use trusted_dir_server_t for two pieces of functionality: a list of all directory authorities, and a list of initial places to look for a directory. With this patch we start to separate those two roles.
There is as of now no actual way to be a fallback directory without being an authority. --- src/or/config.c | 5 +- src/or/directory.c | 6 +- src/or/networkstatus.c | 2 +- src/or/nodelist.c | 5 ++ src/or/or.h | 2 + src/or/routerlist.c | 133 +++++++++++++++++++++++++++++++++++------------- src/or/routerlist.h | 7 ++- 7 files changed, 117 insertions(+), 43 deletions(-)
diff --git a/src/or/config.c b/src/or/config.c index 75f6193..995d901 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -854,7 +854,8 @@ consider_adding_dir_authorities(const or_options_t *options, { config_line_t *cl; int need_to_update = - !smartlist_len(router_get_trusted_dir_servers()) || !old_options || + !smartlist_len(router_get_trusted_dir_servers()) || + !smartlist_len(router_get_fallback_dir_servers()) || !old_options || !config_lines_eq(options->DirServers, old_options->DirServers) || !config_lines_eq(options->AlternateBridgeAuthority, old_options->AlternateBridgeAuthority) || @@ -867,7 +868,7 @@ consider_adding_dir_authorities(const or_options_t *options, return 0; /* all done */
/* Start from a clean slate. */ - clear_trusted_dir_servers(); + clear_dir_servers();
if (!options->DirServers) { /* then we may want some of the defaults */ diff --git a/src/or/directory.c b/src/or/directory.c index c7fb0c4..14b67d8 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -474,7 +474,7 @@ directory_get_from_dirserver(uint8_t dir_purpose, uint8_t router_purpose, if (!rs) { log_info(LD_DIR, "No router found for %s; falling back to " "dirserver list.", dir_conn_purpose_to_string(dir_purpose)); - rs = router_pick_trusteddirserver(type, pds_flags); + rs = router_pick_fallback_dirserver(type, pds_flags); if (!rs) get_via_tor = 1; /* last resort: try routing it via Tor */ } @@ -1665,7 +1665,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) conn->base_.port); if ((rs = router_get_mutable_consensus_status_by_id(id_digest))) rs->last_dir_503_at = now; - if ((ds = router_get_trusteddirserver_by_digest(id_digest))) + if ((ds = router_get_fallback_dirserver_by_digest(id_digest))) ds->fake_status.last_dir_503_at = now;
tor_free(body); tor_free(headers); tor_free(reason); @@ -3603,7 +3603,7 @@ dir_networkstatus_download_failed(smartlist_t *failed, int status_code) escaped(fp)); continue; } - dir = router_get_trusteddirserver_by_digest(digest); + dir = router_get_fallback_dirserver_by_digest(digest);
if (dir) download_status_failed(&dir->v2_ns_dl_status, status_code); diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 63426e8..ea70027 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -2062,7 +2062,7 @@ routers_update_status_from_consensus_networkstatus(smartlist_t *routers, /* We have a routerstatus for this router. */ const char *digest = router->cache_info.identity_digest;
- ds = router_get_trusteddirserver_by_digest(digest); + ds = router_get_fallback_dirserver_by_digest(digest);
/* Is it the same descriptor, or only the same identity? */ if (tor_memeq(router->cache_info.signed_descriptor_digest, diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 95345fb..460a141 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -1167,6 +1167,11 @@ router_set_status(const char *digest, int up) node_t *node; tor_assert(digest);
+ SMARTLIST_FOREACH(router_get_fallback_dir_servers(), + trusted_dir_server_t *, d, + if (tor_memeq(d->digest, digest, DIGEST_LEN)) + d->is_running = up); + SMARTLIST_FOREACH(router_get_trusted_dir_servers(), trusted_dir_server_t *, d, if (tor_memeq(d->digest, digest, DIGEST_LEN)) diff --git a/src/or/or.h b/src/or/or.h index 2ac9f6b..837874f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4499,6 +4499,8 @@ typedef struct trusted_dir_server_t { * high-security) identity key. */
unsigned int is_running:1; /**< True iff we think this server is running. */ + unsigned int is_authority:1; /**< True iff this is a directory authority + * of some kind. */
/** True iff this server has accepted the most recent server descriptor * we tried to upload to it. */ diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 2a146ba..6c45881 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -45,8 +45,12 @@ static const routerstatus_t *router_pick_directory_server_impl( dirinfo_type_t auth, int flags); static const routerstatus_t *router_pick_trusteddirserver_impl( - dirinfo_type_t auth, int flags, int *n_busy_out); -static void mark_all_trusteddirservers_up(void); + const smartlist_t *sourcelist, dirinfo_type_t auth, + int flags, int *n_busy_out); +static const routerstatus_t *router_pick_dirserver_generic( + smartlist_t *sourcelist, + dirinfo_type_t type, int flags); +static void mark_all_dirservers_up(smartlist_t *server_list); static int router_nickname_matches(const routerinfo_t *router, const char *nickname); static void trusted_dir_server_free(trusted_dir_server_t *ds); @@ -72,9 +76,12 @@ DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
/****************************************************************************/
-/** Global list of a trusted_dir_server_t object for each trusted directory - * server. */ +/** Global list of a trusted_dir_server_t object for each directory + * authority. */ static smartlist_t *trusted_dir_servers = NULL; +/** Global list of trusted_dir_server_t objects for all directory authorities + * and all fallback directory servers. */ +static smartlist_t *fallback_dir_servers = NULL;
/** List of for a given authority, and download status for latest certificate. */ @@ -927,6 +934,15 @@ router_get_trusted_dir_servers(void) return trusted_dir_servers; }
+const smartlist_t * +router_get_fallback_dir_servers(void) +{ + if (!fallback_dir_servers) + fallback_dir_servers = smartlist_new(); + + return fallback_dir_servers; +} + /** Try to find a running dirserver that supports operations of <b>type</b>. * * If there are no running dirservers in our routerlist and the @@ -960,7 +976,7 @@ router_pick_directory_server(dirinfo_type_t type, int flags) "No reachable router entries for dirservers. " "Trying them all again."); /* mark all authdirservers as up again */ - mark_all_trusteddirservers_up(); + mark_all_dirservers_up(fallback_dir_servers); /* try again */ choice = router_pick_directory_server_impl(type, flags); return choice; @@ -1025,6 +1041,24 @@ router_get_trusteddirserver_by_digest(const char *digest) return NULL; }
+/** Return the trusted_dir_server_t for the fallback dirserver whose identity + * key hashes to <b>digest</b>, or NULL if no such authority is known. + */ +trusted_dir_server_t * +router_get_fallback_dirserver_by_digest(const char *digest) +{ + if (!trusted_dir_servers) + return NULL; + + SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds, + { + if (tor_memeq(ds->digest, digest, DIGEST_LEN)) + return ds; + }); + + return NULL; +} + /** Return the trusted_dir_server_t for the directory authority whose * v3 identity key hashes to <b>digest</b>, or NULL if no such authority * is known. @@ -1045,18 +1079,37 @@ trusteddirserver_get_by_v3_auth_digest(const char *digest) return NULL; }
-/** Try to find a running trusted dirserver. Flags are as for +/** Try to find a running directory authority. Flags are as for * router_pick_directory_server. */ const routerstatus_t * router_pick_trusteddirserver(dirinfo_type_t type, int flags) { + return router_pick_dirserver_generic(trusted_dir_servers, type, flags); +} + +/** Try to find a running fallback directory Flags are as for + * router_pick_directory_server. + */ +const routerstatus_t * +router_pick_fallback_dirserver(dirinfo_type_t type, int flags) +{ + return router_pick_dirserver_generic(fallback_dir_servers, type, flags); +} + +/** Try to find a running fallback directory Flags are as for + * router_pick_directory_server. + */ +static const routerstatus_t * +router_pick_dirserver_generic(smartlist_t *sourcelist, + dirinfo_type_t type, int flags) +{ const routerstatus_t *choice; int busy = 0; if (get_options()->PreferTunneledDirConns) flags |= PDS_PREFER_TUNNELED_DIR_CONNS_;
- choice = router_pick_trusteddirserver_impl(type, flags, &busy); + choice = router_pick_trusteddirserver_impl(sourcelist, type, flags, &busy); if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS)) return choice; if (busy) { @@ -1069,9 +1122,9 @@ router_pick_trusteddirserver(dirinfo_type_t type, int flags) }
log_info(LD_DIR, - "No trusted dirservers are reachable. Trying them all again."); - mark_all_trusteddirservers_up(); - return router_pick_trusteddirserver_impl(type, flags, NULL); + "No dirservers are reachable. Trying them all again."); + mark_all_dirservers_up(sourcelist); + return router_pick_trusteddirserver_impl(sourcelist, type, flags, NULL); }
/** How long do we avoid using a directory server after it's given us a 503? */ @@ -1196,11 +1249,12 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags) return result ? result->rs : NULL; }
-/** Choose randomly from among the trusted dirservers that are up. Flags - * are as for router_pick_directory_server_impl(). +/** Choose randomly from among the trusted_dir_server_ts in sourcelist that + * are up. Flags are as for router_pick_directory_server_impl(). */ static const routerstatus_t * -router_pick_trusteddirserver_impl(dirinfo_type_t type, int flags, +router_pick_trusteddirserver_impl(const smartlist_t *sourcelist, + dirinfo_type_t type, int flags, int *n_busy_out) { const or_options_t *options = get_options(); @@ -1217,7 +1271,7 @@ router_pick_trusteddirserver_impl(dirinfo_type_t type, int flags, int n_busy = 0; int try_excluding = 1, n_excluded = 0;
- if (!trusted_dir_servers) + if (!sourcelist) return NULL;
retry_without_exclude: @@ -1227,7 +1281,7 @@ router_pick_trusteddirserver_impl(dirinfo_type_t type, int flags, overloaded_direct = smartlist_new(); overloaded_tunnel = smartlist_new();
- SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, d) + SMARTLIST_FOREACH_BEGIN(sourcelist, const trusted_dir_server_t *, d) { int is_overloaded = d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now; @@ -1274,11 +1328,11 @@ router_pick_trusteddirserver_impl(dirinfo_type_t type, int flags, (!fascistfirewall || fascist_firewall_allows_address_or(&addr, d->or_port))) smartlist_add(is_overloaded ? overloaded_tunnel : tunnel, - &d->fake_status); + (routerstatus_t*)&d->fake_status); else if (!fascistfirewall || fascist_firewall_allows_address_dir(&addr, d->dir_port)) smartlist_add(is_overloaded ? overloaded_direct : direct, - &d->fake_status); + (routerstatus_t*)&d->fake_status); } SMARTLIST_FOREACH_END(d);
@@ -1311,19 +1365,19 @@ router_pick_trusteddirserver_impl(dirinfo_type_t type, int flags, return result; }
-/** Go through and mark the authoritative dirservers as up. */ +/** Mark as running every trusted_dir_server_t in <b>server_list</b>. */ static void -mark_all_trusteddirservers_up(void) +mark_all_dirservers_up(smartlist_t *server_list) { - SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node, { - if (router_digest_is_trusted_dir(node->identity)) - node->is_running = 1; - }); - if (trusted_dir_servers) { - SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, dir) { + if (server_list) { + SMARTLIST_FOREACH_BEGIN(server_list, trusted_dir_server_t *, dir) { routerstatus_t *rs; + node_t *node; dir->is_running = 1; download_status_reset(&dir->v2_ns_dl_status); + node = node_get_mutable_by_id(dir->digest); + if (node) + node->is_running = 1; rs = router_get_mutable_consensus_status_by_id(dir->digest); if (rs) { rs->last_dir_503_at = 0; @@ -1348,7 +1402,7 @@ routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2) void router_reset_status_download_failures(void) { - mark_all_trusteddirservers_up(); + mark_all_dirservers_up(fallback_dir_servers); }
/** Given a <b>router</b>, add every node_t in its family (including the @@ -2910,12 +2964,10 @@ routerlist_free_all(void) smartlist_free(warned_nicknames); warned_nicknames = NULL; } - if (trusted_dir_servers) { - SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds, - trusted_dir_server_free(ds)); - smartlist_free(trusted_dir_servers); - trusted_dir_servers = NULL; - } + clear_dir_servers(); + smartlist_free(trusted_dir_servers); + smartlist_free(fallback_dir_servers); + trusted_dir_servers = fallback_dir_servers = NULL; if (trusted_dir_certs) { DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) { SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert, @@ -3737,6 +3789,8 @@ add_trusted_dir_server(const char *nickname, const char *address, char *hostname = NULL; if (!trusted_dir_servers) trusted_dir_servers = smartlist_new(); + if (!fallback_dir_servers) + trusted_dir_servers = smartlist_new();
if (!address) { /* The address is us; we should guess. */ if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) { @@ -3762,6 +3816,7 @@ add_trusted_dir_server(const char *nickname, const char *address, ent->dir_port = dir_port; ent->or_port = or_port; ent->is_running = 1; + ent->is_authority = 1; ent->type = type; memcpy(ent->digest, digest, DIGEST_LEN); if (v3_auth_digest && (type & V3_DIRINFO)) @@ -3785,6 +3840,7 @@ add_trusted_dir_server(const char *nickname, const char *address, ent->fake_status.or_port = ent->or_port;
smartlist_add(trusted_dir_servers, ent); + smartlist_add(fallback_dir_servers, ent); router_dir_info_changed(); return ent; } @@ -3816,13 +3872,18 @@ trusted_dir_server_free(trusted_dir_server_t *ds) tor_free(ds); }
-/** Remove all members from the list of trusted dir servers. */ +/** Remove all members from the list of dir servers. */ void -clear_trusted_dir_servers(void) +clear_dir_servers(void) { - if (trusted_dir_servers) { - SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent, + if (fallback_dir_servers) { + SMARTLIST_FOREACH(fallback_dir_servers, trusted_dir_server_t *, ent, trusted_dir_server_free(ent)); + smartlist_clear(fallback_dir_servers); + } else { + fallback_dir_servers = smartlist_new(); + } + if (trusted_dir_servers) { smartlist_clear(trusted_dir_servers); } else { trusted_dir_servers = smartlist_new(); diff --git a/src/or/routerlist.h b/src/or/routerlist.h index 3c659e8..de722bc 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -26,13 +26,18 @@ void authority_certs_fetch_missing(networkstatus_t *status, time_t now); int router_reload_router_list(void); int authority_cert_dl_looks_uncertain(const char *id_digest); const smartlist_t *router_get_trusted_dir_servers(void); +const smartlist_t *router_get_fallback_dir_servers(void);
const routerstatus_t *router_pick_directory_server(dirinfo_type_t type, int flags); trusted_dir_server_t *router_get_trusteddirserver_by_digest(const char *d); +trusted_dir_server_t *router_get_fallback_dirserver_by_digest( + const char *digest); trusted_dir_server_t *trusteddirserver_get_by_v3_auth_digest(const char *d); const routerstatus_t *router_pick_trusteddirserver(dirinfo_type_t type, int flags); +const routerstatus_t *router_pick_fallback_dirserver(dirinfo_type_t type, + int flags); int router_get_my_share_of_directory_requests(double *v2_share_out, double *v3_share_out); void router_reset_status_download_failures(void); @@ -133,7 +138,7 @@ trusted_dir_server_t *add_trusted_dir_server(const char *nickname, const char *digest, const char *v3_auth_digest, dirinfo_type_t type); void authority_cert_free(authority_cert_t *cert); -void clear_trusted_dir_servers(void); +void clear_dir_servers(void); int any_trusted_dir_is_v1_authority(void); void update_consensus_router_descriptor_downloads(time_t now, int is_vote, networkstatus_t *consensus);