[or-cvs] abstract ORPort/SocksPort checks into server_mode(), proxy_...
Nick Mathewson
nickm at seul.org
Sun Jul 18 21:47:07 UTC 2004
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv9562/src/or
Modified Files:
circuitbuild.c circuituse.c config.c connection.c
connection_or.c main.c or.h router.c routerlist.c
Log Message:
abstract ORPort/SocksPort checks into server_mode(), proxy_mode(), clique_mode(), etc. Dont change underlying comments.
Index: circuitbuild.c
===================================================================
RCS file: /home/or/cvsroot/src/or/circuitbuild.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- circuitbuild.c 13 Jul 2004 18:23:40 -0000 1.11
+++ circuitbuild.c 18 Jul 2004 21:47:03 -0000 1.12
@@ -113,7 +113,7 @@
*/
return;
}
- if (options.ORPort) {
+ if (server_mode()) {
prev_digest = router_get_my_routerinfo()->identity_digest;
}
do {
@@ -1014,7 +1014,7 @@
log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
goto next_i_loop;
}
- if(options.ORPort) {
+ if(clique_mode()) {
conn = connection_get_by_identity_digest(r->identity_digest,
CONN_TYPE_OR);
if(!conn || conn->type != CONN_TYPE_OR || conn->state != OR_CONN_STATE_OPEN) {
Index: circuituse.c
===================================================================
RCS file: /home/or/cvsroot/src/or/circuituse.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- circuituse.c 13 Jul 2004 01:25:39 -0000 1.6
+++ circuituse.c 18 Jul 2004 21:47:03 -0000 1.7
@@ -299,7 +299,7 @@
if(time_to_new_circuit < now) {
circuit_reset_failure_count();
time_to_new_circuit = now + options.NewCircuitPeriod;
- if(options.SocksPort)
+ if(proxy_mode())
client_dns_clean();
circuit_expire_old_circuits();
Index: config.c
===================================================================
RCS file: /home/or/cvsroot/src/or/config.c,v
retrieving revision 1.126
retrieving revision 1.127
diff -u -d -r1.126 -r1.127
--- config.c 16 Jul 2004 19:43:58 -0000 1.126
+++ config.c 18 Jul 2004 21:47:04 -0000 1.127
@@ -679,22 +679,20 @@
result = -1;
}
- if (options->ORPort) {
- if (options->Nickname == NULL) {
- if (!(options->Nickname = get_default_nickname()))
- return -1;
- log_fn(LOG_INFO, "Choosing default nickname %s", options->Nickname);
- } else {
- if (strspn(options->Nickname, LEGAL_NICKNAME_CHARACTERS) !=
- strlen(options->Nickname)) {
- log_fn(LOG_WARN, "Nickname '%s' contains illegal characters.", options->Nickname);
- result = -1;
- }
- if (strlen(options->Nickname) > MAX_NICKNAME_LEN) {
- log_fn(LOG_WARN, "Nickname '%s' has more than %d characters.",
- options->Nickname, MAX_NICKNAME_LEN);
- result = -1;
- }
+ if (options->Nickname == NULL) {
+ if (!(options->Nickname = get_default_nickname()))
+ return -1;
+ log_fn(LOG_INFO, "Choosing default nickname %s", options->Nickname);
+ } else {
+ if (strspn(options->Nickname, LEGAL_NICKNAME_CHARACTERS) !=
+ strlen(options->Nickname)) {
+ log_fn(LOG_WARN, "Nickname '%s' contains illegal characters.", options->Nickname);
+ result = -1;
+ }
+ if (strlen(options->Nickname) > MAX_NICKNAME_LEN) {
+ log_fn(LOG_WARN, "Nickname '%s' has more than %d characters.",
+ options->Nickname, MAX_NICKNAME_LEN);
+ result = -1;
}
}
@@ -732,7 +730,7 @@
/* XXX008 if AuthDir and ClientOnly then fail */
- if(options->SocksPort > 1 &&
+ if(options->SocksPort >= 1 &&
(options->PathlenCoinWeight < 0.0 || options->PathlenCoinWeight >= 1.0)) {
log(LOG_WARN,"PathlenCoinWeight option must be >=0.0 and <1.0.");
result = -1;
Index: connection.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection.c,v
retrieving revision 1.240
retrieving revision 1.241
diff -u -d -r1.240 -r1.241
--- connection.c 13 Jul 2004 18:23:40 -0000 1.240
+++ connection.c 18 Jul 2004 21:47:04 -0000 1.241
@@ -545,7 +545,7 @@
* - Relaunch listeners for each port you have open.
*/
int retry_all_connections(void) {
- if(options.ORPort) {
+ if(clique_mode()) {
router_retry_connections();
}
Index: connection_or.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection_or.c,v
retrieving revision 1.115
retrieving revision 1.116
diff -u -d -r1.115 -r1.116
--- connection_or.c 13 Jul 2004 18:23:40 -0000 1.115
+++ connection_or.c 18 Jul 2004 21:47:04 -0000 1.116
@@ -272,7 +272,7 @@
connection_watch_events(conn, POLLIN);
log_fn(LOG_DEBUG,"tls handshake done. verifying.");
if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an OP. */
- if (options.ORPort) { /* I'm an OR; good. */
+ if (server_mode()) { /* I'm an OR; good. */
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
return 0;
} else { /* Neither side sent a certificate: ouch. */
@@ -323,7 +323,7 @@
connection_or_init_conn_from_router(conn,router);
}
- if (!options.ORPort) { /* If I'm an OP... */
+ if (!server_mode()) { /* If I'm an OP... */
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
}
directory_set_dirty();
Index: main.c
===================================================================
RCS file: /home/or/cvsroot/src/or/main.c,v
retrieving revision 1.292
retrieving revision 1.293
diff -u -d -r1.292 -r1.293
--- main.c 13 Jul 2004 18:07:57 -0000 1.292
+++ main.c 18 Jul 2004 21:47:04 -0000 1.293
@@ -345,7 +345,7 @@
has_fetched_directory=1;
- if(options.ORPort) { /* connect to them all */
+ if(clique_mode()) { /* connect to them all */
router_retry_connections();
}
}
@@ -370,7 +370,7 @@
the connection or send a keepalive, depending. */
if(connection_speaks_cells(conn) &&
now >= conn->timestamp_lastwritten + options.KeepalivePeriod) {
- if((!options.ORPort && !circuit_get_by_conn(conn)) ||
+ if((!clique_mode() && !circuit_get_by_conn(conn)) ||
(!connection_state_is_open(conn))) {
/* we're an onion proxy, with no circuits;
* or our handshake has expired. kill it. */
@@ -380,7 +380,7 @@
connection_mark_for_close(conn);
conn->hold_open_until_flushed = 1;
} else {
- /* either a full router, or we've got a circuit. send a padding cell. */
+ /* either in clique mode, or we've got a circuit. send a padding cell. */
log_fn(LOG_DEBUG,"Sending keepalive to (%s:%d)",
conn->address, conn->port);
memset(&cell,0,sizeof(cell_t));
@@ -393,7 +393,7 @@
#define MIN_BW_TO_PUBLISH_DESC 5000 /* 5000 bytes/s sustained */
#define MIN_UPTIME_TO_PUBLISH_DESC (30*60) /* half an hour */
-/** Decide if we're a server or just a client. We are a server if:
+/** Decide if we're a publishable server or just a client. We are a server if:
* - We have the AuthoritativeDirectory option set.
* or
* - We don't have the ClientOnly option set; and
@@ -402,7 +402,7 @@
* - We have processed some suitable minimum bandwidth recently; and
* - We believe we are reachable from the outside.
*/
-static int decide_if_server(time_t now) {
+static int decide_if_publishable_server(time_t now) {
if(options.AuthoritativeDir)
return 1;
@@ -420,6 +420,30 @@
return 1;
}
+/** Return true iff we try to stay connected to all ORs at once. This
+ * option should go away as Tor becomes more P2P.
+ */
+int clique_mode(void) {
+ return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be a server.
+ */
+int server_mode(void) {
+ return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be an exit server.
+ */
+int exit_server_mode(void) {
+ return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be a socks proxy. */
+int proxy_mode(void) {
+ return (options.SocksPort != 0);
+}
+
/** Perform regular maintenance tasks. This function gets run once per
* second by prepare_for_poll.
*/
@@ -433,7 +457,7 @@
* shut down and restart all cpuworkers, and update the directory if
* necessary.
*/
- if (options.ORPort && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
+ if (server_mode() && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
log_fn(LOG_INFO,"Rotating onion key.");
rotate_onion_key();
cpuworkers_rotate();
@@ -446,7 +470,10 @@
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
if (!last_rotated_certificate)
last_rotated_certificate = now;
- if (options.ORPort && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
+ /*XXXX008 we should remove the server_mode() check once OPs also use
+ * identity keys (which they can't do until the known-router check in
+ * connection_or.c is removed. */
+ if (server_mode() && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
log_fn(LOG_INFO,"Rotating tls context.");
if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
MAX_SSL_KEY_LIFETIME) < 0) {
@@ -461,7 +488,7 @@
* our descriptor (if we've passed our internal checks). */
if(time_to_fetch_directory < now) {
- if(decide_if_server(now)) {
+ if(decide_if_publishable_server(now)) {
router_rebuild_descriptor();
router_upload_dir_desc_to_dirservers();
}
@@ -665,11 +692,12 @@
/* fetch a new directory */
directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
}
- if(options.ORPort) {
+ if(server_mode()) {
/* Restart cpuworker and dnsworker processes, so they get up-to-date
* configuration options. */
cpuworkers_rotate();
- dnsworkers_rotate();
+ if (exit_server_mode())
+ dnsworkers_rotate();
/* Rebuild fresh descriptor as needed. */
router_rebuild_descriptor();
sprintf(keydir,"%s/router.desc", get_data_directory(&options));
@@ -713,7 +741,7 @@
directory_has_arrived();
}
- if(options.ORPort) {
+ if(server_mode()) {
cpu_init(); /* launch cpuworkers. Need to do this *after* we've read the onion key. */
}
@@ -922,10 +950,10 @@
log_fn(LOG_WARN,"You are running Tor as root. You don't need to, and you probably shouldn't.");
#endif
- if(options.ORPort) { /* only spawn dns handlers if we're a router */
+ if(exit_server_mode()) { /* only spawn dns handlers if we're a router */
dns_init(); /* initialize the dns resolve tree, and spawn workers */
}
- if(options.SocksPort) {
+ if(proxy_mode()) {
client_dns_init(); /* init the client dns cache */
}
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.381
retrieving revision 1.382
diff -u -d -r1.381 -r1.382
--- or.h 16 Jul 2004 23:05:40 -0000 1.381
+++ or.h 18 Jul 2004 21:47:04 -0000 1.382
@@ -1194,6 +1194,10 @@
void connection_start_writing(connection_t *conn);
void directory_has_arrived(void);
+int clique_mode(void);
+int server_mode(void);
+int exit_server_mode(void);
+int proxy_mode(void);
int main(int argc, char *argv[]);
Index: router.c
===================================================================
RCS file: /home/or/cvsroot/src/or/router.c,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -d -r1.63 -r1.64
--- router.c 13 Jul 2004 18:23:40 -0000 1.63
+++ router.c 18 Jul 2004 21:47:04 -0000 1.64
@@ -217,10 +217,24 @@
if (!key_lock)
key_lock = tor_mutex_new();
- /* OP's don't need keys. Just initialize the TLS context.*/
- if (!options.ORPort) {
+ /* OP's don't need persistant keys; just make up an identity and
+ * initialize the TLS context. */
+ if (!server_mode()) {
tor_assert(!options.DirPort);
- if (tor_tls_context_new(NULL, 0, NULL, 0)<0) {
+#if 0
+ /* XXXX008 enable this once we make ORs tolerate unknown routers. */
+ if (!(prkey = crypto_new_pk_env()))
+ return -1;
+ if (crypto_pk_generate_key(prkey))
+ return -1;
+ set_identity_key(prkey);
+ if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
+ MAX_SSL_KEY_LIFETIME) < 0) {
+ log_fn(LOG_ERR, "Error creating TLS context for OP.");
+ return -1;
+ }
+#endif
+ if (tor_tls_context_new(NULL, 0, NULL, MAX_SSL_KEY_LIFETIME)<0) {
log_fn(LOG_ERR, "Error creating TLS context for OP.");
return -1;
}
@@ -435,7 +449,7 @@
* necessary. Return NULL on error, or if called on an OP. */
routerinfo_t *router_get_my_routerinfo(void)
{
- if (!options.ORPort)
+ if (!server_mode())
return NULL;
if (!desc_routerinfo) {
Index: routerlist.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routerlist.c,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -d -r1.98 -r1.99
--- routerlist.c 16 Jul 2004 23:05:40 -0000 1.98
+++ routerlist.c 18 Jul 2004 21:47:04 -0000 1.99
@@ -168,7 +168,7 @@
for(i=0;i<smartlist_len(routerlist->routers);i++) {
router = smartlist_get(routerlist->routers, i);
if(router->is_running &&
- (!options.ORPort ||
+ (!clique_mode() ||
connection_get_by_identity_digest(router->identity_digest,
CONN_TYPE_OR)))
smartlist_add(sl, router);
More information about the tor-commits
mailing list