[or-cvs] Have reason string for serverdesc post requests contain act...
Nick Mathewson
nickm at seul.org
Thu Jan 20 20:18:35 UTC 2005
Update of /home/or/cvsroot/tor/src/or
In directory moria.mit.edu:/tmp/cvs-serv4894/src/or
Modified Files:
directory.c dirserv.c or.h router.c test.c
Log Message:
Have reason string for serverdesc post requests contain actual serverdesc status. Also fix return values of dirserv_add_descriptor to work as advertised.
Index: directory.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/directory.c,v
retrieving revision 1.198
retrieving revision 1.199
diff -u -d -r1.198 -r1.199
--- directory.c 20 Jan 2005 20:07:36 -0000 1.198
+++ directory.c 20 Jan 2005 20:18:32 -0000 1.199
@@ -976,19 +976,20 @@
log_fn(LOG_INFO,"rewritten url as '%s'.", url);
if (!strcmp(url,"/tor/")) { /* server descriptor post */
+ const char *msg;
cp = body;
- switch (dirserv_add_descriptor(&cp)) {
+ switch (dirserv_add_descriptor(&cp, &msg)) {
case -1:
/* malformed descriptor, or something wrong */
- write_http_status_line(conn, 400, "Malformed or unacceptable server descriptor");
+ write_http_status_line(conn, 400, msg?msg:"Malformed or unacceptable server descriptor");
break;
case 0:
/* descriptor was well-formed but server has not been approved */
- write_http_status_line(conn, 200, "Unverified server descriptor accepted. Have you mailed us your key fingerprint? Are you using the right key?");
+ write_http_status_line(conn, 200, msg?msg:"Unverified server descriptor accepted");
break;
case 1:
dirserv_get_directory(&cp, 0); /* rebuild and write to disk */
- write_http_status_line(conn, 200, "Verified server descriptor accepted");
+ write_http_status_line(conn, 200, msg?msg:"Verified server descriptor accepted");
break;
}
tor_free(url);
Index: dirserv.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/dirserv.c,v
retrieving revision 1.135
retrieving revision 1.136
diff -u -d -r1.135 -r1.136
--- dirserv.c 6 Jan 2005 21:03:27 -0000 1.135
+++ dirserv.c 20 Jan 2005 20:18:32 -0000 1.136
@@ -307,14 +307,16 @@
/** Parse the server descriptor at *desc and maybe insert it into the
* list of server descriptors, and (if the descriptor is well-formed)
- * advance *desc immediately past the descriptor's end.
+ * advance *desc immediately past the descriptor's end. Set msg to a
+ * message that should be passed back to the origin of this descriptor, or
+ * to NULL.
*
* Return 1 if descriptor is well-formed and accepted;
* 0 if well-formed and server is unapproved;
* -1 if not well-formed or other error.
*/
int
-dirserv_add_descriptor(const char **desc)
+dirserv_add_descriptor(const char **desc, const char **msg)
{
descriptor_entry_t *ent = NULL;
routerinfo_t *ri = NULL;
@@ -325,7 +327,8 @@
size_t desc_len;
time_t now;
int verified=1; /* whether we knew its fingerprint already */
-
+ tor_assert(msg);
+ *msg = NULL;
if (!descriptor_list)
descriptor_list = smartlist_create();
@@ -349,15 +352,17 @@
tor_free(desc_tmp);
if (!ri) {
log(LOG_WARN, "Couldn't parse descriptor");
+ *msg = "Rejected: Couldn't parse server descriptor.";
return -1;
}
/* Okay. Now check whether the fingerprint is recognized. */
r = dirserv_router_fingerprint_is_known(ri);
if (r==-1) {
log_fn(LOG_WARN, "Known nickname '%s', wrong fingerprint. Not adding.", ri->nickname);
+ *msg = "Rejected: There is already a verified server with this nickname and a different fingerprint.";
routerinfo_free(ri);
*desc = end;
- return 0;
+ return -1;
}
if (r==0) {
char fp[FINGERPRINT_LEN+1];
@@ -374,21 +379,24 @@
now = time(NULL);
if (ri->published_on > now+ROUTER_ALLOW_SKEW) {
log_fn(LOG_NOTICE, "Publication time for nickname '%s' is too far in the future; possible clock skew. Not adding.", ri->nickname);
+ *msg = "Rejected: Your clock is set too far in the future, or your timezone is not correct.";
routerinfo_free(ri);
*desc = end;
- return 0;
+ return -1;
}
if (ri->published_on < now-ROUTER_MAX_AGE) {
log_fn(LOG_NOTICE, "Publication time for router with nickname '%s' is too far in the past. Not adding.", ri->nickname);
+ *msg = "Rejected: Server is expired, or your clock is too far in the past, or your timezone is not correct.";
routerinfo_free(ri);
*desc = end;
- return 0;
+ return -1;
}
if (dirserv_router_has_valid_address(ri) < 0) {
log_fn(LOG_NOTICE, "Router with nickname '%s' has invalid address '%s'. Not adding.", ri->nickname, ri->address);
+ *msg = "Rejected: Address is not an IP, or IP is a private address.";
routerinfo_free(ri);
*desc = end;
- return 0;
+ return -1;
}
/* Do we already have an entry for this router? */
@@ -404,6 +412,7 @@
if (ent->published >= ri->published_on) {
/* We already have a newer or equal-time descriptor */
log_fn(LOG_INFO,"We already have a new enough desc for nickname '%s'. Not adding.",ri->nickname);
+ *msg = "We already have a newer descriptor.";
/* This isn't really an error; return success. */
routerinfo_free(ri);
*desc = end;
@@ -411,11 +420,13 @@
}
/* We don't have a newer one; we'll update this one. */
log_fn(LOG_INFO,"Dirserv updating desc for nickname '%s'",ri->nickname);
+ *msg = verified?"Verified server updated":"Unverified server updated (Have you sent us your key fingerprint?)";
free_descriptor_entry(ent);
smartlist_del_keeporder(descriptor_list, found);
} else {
/* Add at the end. */
log_fn(LOG_INFO,"Dirserv adding desc for nickname '%s'",ri->nickname);
+ *msg = verified?"Verified server added":"Unverified server added (Have you sent us your key fingerprint?)";
}
ent = tor_malloc(sizeof(descriptor_entry_t));
@@ -477,12 +488,12 @@
int
dirserv_load_from_directory_string(const char *dir)
{
- const char *cp = dir;
+ const char *cp = dir, *m;
while (1) {
cp = strstr(cp, "\nrouter ");
if (!cp) break;
++cp;
- if (dirserv_add_descriptor(&cp) < 0) {
+ if (dirserv_add_descriptor(&cp,&m) < 0) {
return -1;
}
--cp; /*Back up to newline.*/
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.528
retrieving revision 1.529
diff -u -d -r1.528 -r1.529
--- or.h 20 Jan 2005 18:39:48 -0000 1.528
+++ or.h 20 Jan 2005 20:18:32 -0000 1.529
@@ -1349,7 +1349,7 @@
int dirserv_router_fingerprint_is_known(const routerinfo_t *router);
void dirserv_free_fingerprint_list(void);
const char *dirserv_get_nickname_by_digest(const char *digest);
-int dirserv_add_descriptor(const char **desc);
+int dirserv_add_descriptor(const char **desc, const char **msg);
int dirserv_load_from_directory_string(const char *dir);
void dirserv_free_descriptors(void);
void dirserv_remove_old_servers(int age);
Index: router.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/router.c,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -d -r1.140 -r1.141
--- router.c 10 Jan 2005 05:10:22 -0000 1.140
+++ router.c 20 Jan 2005 20:18:32 -0000 1.141
@@ -315,13 +315,15 @@
return -1;
}
if (authdir_mode(options)) {
+ const char *m;
/* We need to add our own fingerprint so it gets recognized. */
if (dirserv_add_own_fingerprint(options->Nickname, get_identity_key())) {
log_fn(LOG_ERR, "Error adding own fingerprint to approved set");
return -1;
}
- if (dirserv_add_descriptor(&tmp) != 1) {
- log(LOG_ERR, "Unable to add own descriptor to directory.");
+ if (dirserv_add_descriptor(&tmp, &m) != 1) {
+ log(LOG_ERR, "Unable to add own descriptor to directory: %s",
+ m?m:"<unknown error>");
return -1;
}
}
Index: test.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/test.c,v
retrieving revision 1.165
retrieving revision 1.166
diff -u -d -r1.165 -r1.166
--- test.c 19 Jan 2005 22:47:48 -0000 1.165
+++ test.c 20 Jan 2005 20:18:32 -0000 1.166
@@ -998,6 +998,7 @@
routerlist_t *dir1 = NULL, *dir2 = NULL;
tor_version_t ver1;
char *bw_lines = NULL;
+ const char *m;
test_assert( (pk1 = crypto_new_pk_env()) );
test_assert( (pk2 = crypto_new_pk_env()) );
@@ -1158,10 +1159,10 @@
r2.published_on = time(NULL)-3*60*60;
test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
cp = buf;
- test_eq(dirserv_add_descriptor((const char**)&cp), 1);
+ test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
test_assert(router_dump_router_to_string(buf, 2048, &r2, pk1)>0);
cp = buf;
- test_eq(dirserv_add_descriptor((const char**)&cp), 1);
+ test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
get_options()->Nickname = tor_strdup("DirServer");
test_assert(!dirserv_dump_directory_to_string(&cp,pk3));
test_assert(!router_parse_routerlist_from_directory(cp, &dir1, pk3, 1, 0));
More information about the tor-commits
mailing list