[tor-commits] [tor/master] rephist: Remove unused crypto_pk statistics.
nickm at torproject.org
nickm at torproject.org
Thu Jul 13 20:34:46 UTC 2017
commit c59ba015500aba040371a6d32134cb10d045e7bd
Author: Isis Lovecruft <isis at torproject.org>
Date: Thu Jul 13 19:31:13 2017 +0000
rephist: Remove unused crypto_pk statistics.
These statistics were largely ununsed, and kept track of statistical information
on things like how many time we had done TLS or how many signatures we had
verified. This information is largely not useful, and would only be logged
after receiving a SIGUSR1 signal (but only if the logging severity level was
less than LOG_INFO).
* FIXES #19871.
* REMOVES note_crypto_pk_op(), dump_pk_op(), and pk_op_counts from
src/or/rephist.c.
* REMOVES every external call to these functions.
---
changes/bug19871 | 4 ++
src/or/connection_or.c | 1 -
src/or/dirvote.c | 1 -
src/or/main.c | 1 -
src/or/onion_tap.c | 3 --
src/or/rendclient.c | 1 -
src/or/rendmid.c | 1 -
src/or/rendservice.c | 3 --
src/or/rephist.c | 99 --------------------------------------------------
src/or/rephist.h | 3 --
src/or/router.c | 1 -
src/or/routerparse.c | 3 --
12 files changed, 4 insertions(+), 117 deletions(-)
diff --git a/changes/bug19871 b/changes/bug19871
new file mode 100644
index 0000000..5f1c9dc
--- /dev/null
+++ b/changes/bug19871
@@ -0,0 +1,4 @@
+ o Code refactoring:
+ - Remove dead code for largely unused statistics on the number of
+ times we've attempted various public key operations. Fixes bug
+ 19871; fix by Isis Lovecruft. Bugfix on 0.1.2.4-alpha.
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 7531482..051bf9a 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1369,7 +1369,6 @@ connection_tls_start_handshake,(or_connection_t *conn, int receiving))
connection_start_reading(TO_CONN(conn));
log_debug(LD_HANDSHAKE,"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT,
conn->base_.s);
- note_crypto_pk_op(receiving ? TLS_HANDSHAKE_S : TLS_HANDSHAKE_C);
if (connection_tls_continue_handshake(conn) < 0)
return -1;
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 11cd020..c65945f 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -306,7 +306,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
signing_key_fingerprint);
}
- note_crypto_pk_op(SIGN_DIR);
{
char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
private_signing_key);
diff --git a/src/or/main.c b/src/or/main.c
index 5fa3869..7e2652c 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2877,7 +2877,6 @@ dumpstats(int severity)
rep_hist_dump_stats(now,severity);
rend_service_dump_stats(severity);
- dump_pk_ops(severity);
dump_distinct_digest_count(severity);
}
diff --git a/src/or/onion_tap.c b/src/or/onion_tap.c
index 294fc0d..928fcaa 100644
--- a/src/or/onion_tap.c
+++ b/src/or/onion_tap.c
@@ -72,8 +72,6 @@ onion_skin_TAP_create(crypto_pk_t *dest_router_key,
if (crypto_dh_get_public(dh, challenge, dhbytes))
goto err;
- note_crypto_pk_op(ENC_ONIONSKIN);
-
/* set meeting point, meeting cookie, etc here. Leave zero for now. */
if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
TAP_ONIONSKIN_CHALLENGE_LEN,
@@ -124,7 +122,6 @@ onion_skin_TAP_server_handshake(
k = i==0?private_key:prev_private_key;
if (!k)
break;
- note_crypto_pk_op(DEC_ONIONSKIN);
len = crypto_pk_private_hybrid_decrypt(k, challenge,
TAP_ONIONSKIN_CHALLENGE_LEN,
onion_skin,
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 3d160bd..441c371 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -286,7 +286,6 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
goto perm_err;
}
- note_crypto_pk_op(REND_CLIENT);
/*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
* to avoid buffer overflows? */
r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index 23c3ded..66d2f93 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -71,7 +71,6 @@ rend_mid_establish_intro_legacy(or_circuit_t *circ, const uint8_t *request,
goto err;
}
/* Rest of body: signature of previous data */
- note_crypto_pk_op(REND_MID);
if (crypto_pk_public_checksig_digest(pk,
(char*)request, 2+asn1len+DIGEST_LEN,
(char*)(request+2+DIGEST_LEN+asn1len),
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index b8e704e..4eef72c 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -2845,8 +2845,6 @@ rend_service_decrypt_intro(
}
/* Decrypt the encrypted part */
-
- note_crypto_pk_op(REND_SERVER);
result =
crypto_pk_private_hybrid_decrypt(
key, (char *)buf, sizeof(buf),
@@ -3260,7 +3258,6 @@ encode_establish_intro_cell_legacy(char *cell_body_out,
if (crypto_digest(cell_body_out+len, auth, DIGEST_LEN+9))
goto err;
len += 20;
- note_crypto_pk_op(REND_SERVER);
r = crypto_pk_private_sign_digest(intro_key, cell_body_out+len,
cell_body_out_len - len,
cell_body_out, len);
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 72a5cc5..e65b93f 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -2064,105 +2064,6 @@ rep_hist_circbuilding_dormant(time_t now)
return 1;
}
-/** Structure to track how many times we've done each public key operation. */
-static struct {
- /** How many directory objects have we signed? */
- unsigned long n_signed_dir_objs;
- /** How many routerdescs have we signed? */
- unsigned long n_signed_routerdescs;
- /** How many directory objects have we verified? */
- unsigned long n_verified_dir_objs;
- /** How many routerdescs have we verified */
- unsigned long n_verified_routerdescs;
- /** How many onionskins have we encrypted to build circuits? */
- unsigned long n_onionskins_encrypted;
- /** How many onionskins have we decrypted to do circuit build requests? */
- unsigned long n_onionskins_decrypted;
- /** How many times have we done the TLS handshake as a client? */
- unsigned long n_tls_client_handshakes;
- /** How many times have we done the TLS handshake as a server? */
- unsigned long n_tls_server_handshakes;
- /** How many PK operations have we done as a hidden service client? */
- unsigned long n_rend_client_ops;
- /** How many PK operations have we done as a hidden service midpoint? */
- unsigned long n_rend_mid_ops;
- /** How many PK operations have we done as a hidden service provider? */
- unsigned long n_rend_server_ops;
-} pk_op_counts = {0,0,0,0,0,0,0,0,0,0,0};
-
-/** Increment the count of the number of times we've done <b>operation</b>. */
-void
-note_crypto_pk_op(pk_op_t operation)
-{
- switch (operation)
- {
- case SIGN_DIR:
- pk_op_counts.n_signed_dir_objs++;
- break;
- case SIGN_RTR:
- pk_op_counts.n_signed_routerdescs++;
- break;
- case VERIFY_DIR:
- pk_op_counts.n_verified_dir_objs++;
- break;
- case VERIFY_RTR:
- pk_op_counts.n_verified_routerdescs++;
- break;
- case ENC_ONIONSKIN:
- pk_op_counts.n_onionskins_encrypted++;
- break;
- case DEC_ONIONSKIN:
- pk_op_counts.n_onionskins_decrypted++;
- break;
- case TLS_HANDSHAKE_C:
- pk_op_counts.n_tls_client_handshakes++;
- break;
- case TLS_HANDSHAKE_S:
- pk_op_counts.n_tls_server_handshakes++;
- break;
- case REND_CLIENT:
- pk_op_counts.n_rend_client_ops++;
- break;
- case REND_MID:
- pk_op_counts.n_rend_mid_ops++;
- break;
- case REND_SERVER:
- pk_op_counts.n_rend_server_ops++;
- break;
- default:
- log_warn(LD_BUG, "Unknown pk operation %d", operation);
- }
-}
-
-/** Log the number of times we've done each public/private-key operation. */
-void
-dump_pk_ops(int severity)
-{
- tor_log(severity, LD_HIST,
- "PK operations: %lu directory objects signed, "
- "%lu directory objects verified, "
- "%lu routerdescs signed, "
- "%lu routerdescs verified, "
- "%lu onionskins encrypted, "
- "%lu onionskins decrypted, "
- "%lu client-side TLS handshakes, "
- "%lu server-side TLS handshakes, "
- "%lu rendezvous client operations, "
- "%lu rendezvous middle operations, "
- "%lu rendezvous server operations.",
- pk_op_counts.n_signed_dir_objs,
- pk_op_counts.n_verified_dir_objs,
- pk_op_counts.n_signed_routerdescs,
- pk_op_counts.n_verified_routerdescs,
- pk_op_counts.n_onionskins_encrypted,
- pk_op_counts.n_onionskins_decrypted,
- pk_op_counts.n_tls_client_handshakes,
- pk_op_counts.n_tls_server_handshakes,
- pk_op_counts.n_rend_client_ops,
- pk_op_counts.n_rend_mid_ops,
- pk_op_counts.n_rend_server_ops);
-}
-
/*** Exit port statistics ***/
/* Some constants */
diff --git a/src/or/rephist.h b/src/or/rephist.h
index 2b1c2e7..8f6d466 100644
--- a/src/or/rephist.h
+++ b/src/or/rephist.h
@@ -62,9 +62,6 @@ int any_predicted_circuits(time_t now);
int rep_hist_circbuilding_dormant(time_t now);
int predicted_ports_prediction_time_remaining(time_t now);
-void note_crypto_pk_op(pk_op_t operation);
-void dump_pk_ops(int severity);
-
void rep_hist_exit_stats_init(time_t now);
void rep_hist_reset_exit_stats(time_t now);
void rep_hist_exit_stats_term(void);
diff --git a/src/or/router.c b/src/or/router.c
index 100c4cc..1b81a22 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -3009,7 +3009,6 @@ router_dump_router_to_string(routerinfo_t *router,
crypto_digest_smartlist(digest, DIGEST_LEN, chunks, "", DIGEST_SHA1);
- note_crypto_pk_op(SIGN_RTR);
{
char *sig;
if (!(sig = router_get_dirobj_signature(digest, DIGEST_LEN, ident_key))) {
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 6a03194..f4e87a0 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1996,7 +1996,6 @@ router_parse_entry_from_string(const char *s, const char *end,
}
tok = find_by_keyword(tokens, K_ROUTER_SIGNATURE);
- note_crypto_pk_op(VERIFY_RTR);
#ifdef COUNT_DISTINCT_DIGESTS
if (!verified_digests)
verified_digests = digestmap_new();
@@ -2231,7 +2230,6 @@ extrainfo_parse_entry_from_string(const char *s, const char *end,
}
if (key) {
- note_crypto_pk_op(VERIFY_RTR);
if (check_signature_token(digest, DIGEST_LEN, tok, key, 0,
"extra-info") < 0)
goto err;
@@ -5288,7 +5286,6 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
}
/* Parse and verify signature. */
tok = find_by_keyword(tokens, R_SIGNATURE);
- note_crypto_pk_op(VERIFY_RTR);
if (check_signature_token(desc_hash, DIGEST_LEN, tok, result->pk, 0,
"v2 rendezvous service descriptor") < 0)
goto err;
More information about the tor-commits
mailing list