tor  0.4.2.0-alpha-dev
process_descs.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
15 #include "core/or/or.h"
17 
18 #include "app/config/config.h"
19 #include "core/or/policies.h"
20 #include "core/or/versions.h"
21 #include "feature/dirauth/keypin.h"
31 #include "feature/nodelist/torcert.h"
32 #include "feature/relay/router.h"
33 
34 #include "core/or/tor_version_st.h"
35 #include "feature/nodelist/extrainfo_st.h"
36 #include "feature/nodelist/node_st.h"
37 #include "feature/nodelist/routerinfo_st.h"
38 #include "feature/nodelist/routerstatus_st.h"
39 
40 #include "lib/encoding/confline.h"
41 
43 #define ROUTER_ALLOW_SKEW (60*60*12)
44 
45 static void directory_remove_invalid(void);
46 struct authdir_config_t;
48  const char **msg);
49 static uint32_t
50 dirserv_get_status_impl(const char *fp, const char *nickname,
51  uint32_t addr, uint16_t or_port,
52  const char *platform, const char **msg,
53  int severity);
54 
55 /* 1 Historically used to indicate Named */
56 #define FP_INVALID 2
57 #define FP_REJECT 4
58 /* 8 Historically used to avoid using this as a dir. */
59 #define FP_BADEXIT 16
60 /* 32 Historically used to indicade Unnamed */
61 
63 typedef uint32_t router_status_t;
64 
65 static void add_fingerprint_to_dir(const char *fp,
66  struct authdir_config_t *list,
67  router_status_t add_status);
68 
71 typedef struct authdir_config_t {
72  strmap_t *fp_by_name;
73  digestmap_t *status_by_digest;
75 
78 
80 static authdir_config_t *
82 {
83  authdir_config_t *list = tor_malloc_zero(sizeof(authdir_config_t));
84  list->fp_by_name = strmap_new();
85  list->status_by_digest = digestmap_new();
86  return list;
87 }
88 
93 /* static */ void
95  router_status_t add_status)
96 {
97  char *fingerprint;
98  char d[DIGEST_LEN];
99  router_status_t *status;
100  tor_assert(fp);
101  tor_assert(list);
102 
103  fingerprint = tor_strdup(fp);
104  tor_strstrip(fingerprint, " ");
105  if (base16_decode(d, DIGEST_LEN,
106  fingerprint, strlen(fingerprint)) != DIGEST_LEN) {
107  log_warn(LD_DIRSERV, "Couldn't decode fingerprint \"%s\"",
108  escaped(fp));
109  tor_free(fingerprint);
110  return;
111  }
112 
113  status = digestmap_get(list->status_by_digest, d);
114  if (!status) {
115  status = tor_malloc_zero(sizeof(router_status_t));
116  digestmap_set(list->status_by_digest, d, status);
117  }
118 
119  tor_free(fingerprint);
120  *status |= add_status;
121  return;
122 }
123 
126 int
128 {
129  char fp[FINGERPRINT_LEN+1];
130  if (crypto_pk_get_fingerprint(pk, fp, 0)<0) {
131  log_err(LD_BUG, "Error computing fingerprint");
132  return -1;
133  }
134  if (!fingerprint_list)
137  return 0;
138 }
139 
145 int
147 {
148  char *fname;
149  char *cf;
150  char *nickname, *fingerprint;
151  authdir_config_t *fingerprint_list_new;
152  int result;
153  config_line_t *front=NULL, *list;
154 
155  fname = get_datadir_fname("approved-routers");
156  log_info(LD_GENERAL,
157  "Reloading approved fingerprints from \"%s\"...", fname);
158 
159  cf = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
160  if (!cf) {
161  log_warn(LD_FS, "Cannot open fingerprint file '%s'. That's ok.", fname);
162  tor_free(fname);
163  return 0;
164  }
165  tor_free(fname);
166 
167  result = config_get_lines(cf, &front, 0);
168  tor_free(cf);
169  if (result < 0) {
170  log_warn(LD_CONFIG, "Error reading from fingerprint file");
171  return -1;
172  }
173 
174  fingerprint_list_new = authdir_config_new();
175 
176  for (list=front; list; list=list->next) {
177  char digest_tmp[DIGEST_LEN];
178  router_status_t add_status = 0;
179  nickname = list->key; fingerprint = list->value;
180  tor_strstrip(fingerprint, " "); /* remove spaces */
181  if (strlen(fingerprint) != HEX_DIGEST_LEN ||
182  base16_decode(digest_tmp, sizeof(digest_tmp),
183  fingerprint, HEX_DIGEST_LEN) != sizeof(digest_tmp)) {
184  log_notice(LD_CONFIG,
185  "Invalid fingerprint (nickname '%s', "
186  "fingerprint %s). Skipping.",
187  nickname, fingerprint);
188  continue;
189  }
190  if (!strcasecmp(nickname, "!reject")) {
191  add_status = FP_REJECT;
192  } else if (!strcasecmp(nickname, "!badexit")) {
193  add_status = FP_BADEXIT;
194  } else if (!strcasecmp(nickname, "!invalid")) {
195  add_status = FP_INVALID;
196  }
197  add_fingerprint_to_dir(fingerprint, fingerprint_list_new, add_status);
198  }
199 
200  config_free_lines(front);
202  fingerprint_list = fingerprint_list_new;
203  /* Delete any routers whose fingerprints we no longer recognize */
205  return 0;
206 }
207 
208 /* If this is set, then we don't allow routers that have advertised an Ed25519
209  * identity to stop doing so. This is going to be essential for good identity
210  * security: otherwise anybody who can attack RSA-1024 but not Ed25519 could
211  * just sign fake descriptors missing the Ed25519 key. But we won't actually
212  * be able to prevent that kind of thing until we're confident that there isn't
213  * actually a legit reason to downgrade to 0.2.5. Now we are not recommending
214  * 0.2.5 anymore so there is no reason to keep the #undef.
215  */
216 
217 #define DISABLE_DISABLING_ED25519
218 
230 uint32_t
231 dirserv_router_get_status(const routerinfo_t *router, const char **msg,
232  int severity)
233 {
234  char d[DIGEST_LEN];
235  const int key_pinning = get_options()->AuthDirPinKeys;
236 
237  if (crypto_pk_get_digest(router->identity_pkey, d)) {
238  log_warn(LD_BUG,"Error computing fingerprint");
239  if (msg)
240  *msg = "Bug: Error computing fingerprint";
241  return FP_REJECT;
242  }
243 
244  /* Check for the more common reasons to reject a router first. */
245  const uint32_t r = dirserv_get_status_impl(d, router->nickname,
246  router->addr, router->or_port,
247  router->platform, msg, severity);
248  if (r)
249  return r;
250 
251  /* dirserv_get_status_impl already rejects versions older than 0.2.4.18-rc,
252  * and onion_curve25519_pkey was introduced in 0.2.4.8-alpha.
253  * But just in case a relay doesn't provide or lies about its version, or
254  * doesn't include an ntor key in its descriptor, check that it exists,
255  * and is non-zero (clients check that it's non-zero before using it). */
256  if (!routerinfo_has_curve25519_onion_key(router)) {
257  log_fn(severity, LD_DIR,
258  "Descriptor from router %s is missing an ntor curve25519 onion "
259  "key.", router_describe(router));
260  if (msg)
261  *msg = "Missing ntor curve25519 onion key. Please upgrade!";
262  return FP_REJECT;
263  }
264 
265  if (router->cache_info.signing_key_cert) {
266  /* This has an ed25519 identity key. */
267  if (KEYPIN_MISMATCH ==
268  keypin_check((const uint8_t*)router->cache_info.identity_digest,
269  router->cache_info.signing_key_cert->signing_key.pubkey)) {
270  log_fn(severity, LD_DIR,
271  "Descriptor from router %s has an Ed25519 key, "
272  "but the <rsa,ed25519> keys don't match what they were before.",
273  router_describe(router));
274  if (key_pinning) {
275  if (msg) {
276  *msg = "Ed25519 identity key or RSA identity key has changed.";
277  }
278  return FP_REJECT;
279  }
280  }
281  } else {
282  /* No ed25519 key */
283  if (KEYPIN_MISMATCH == keypin_check_lone_rsa(
284  (const uint8_t*)router->cache_info.identity_digest)) {
285  log_fn(severity, LD_DIR,
286  "Descriptor from router %s has no Ed25519 key, "
287  "when we previously knew an Ed25519 for it. Ignoring for now, "
288  "since Ed25519 keys are fairly new.",
289  router_describe(router));
290 #ifdef DISABLE_DISABLING_ED25519
291  if (key_pinning) {
292  if (msg) {
293  *msg = "Ed25519 identity key has disappeared.";
294  }
295  return FP_REJECT;
296  }
297 #endif /* defined(DISABLE_DISABLING_ED25519) */
298  }
299  }
300 
301  return 0;
302 }
303 
306 int
308 {
309  uint32_t res;
310 
312  rs->addr, rs->or_port,
313  NULL, NULL, LOG_DEBUG);
314 
315  return (res & FP_REJECT) != 0;
316 }
317 
325 static uint32_t
326 dirserv_get_status_impl(const char *id_digest, const char *nickname,
327  uint32_t addr, uint16_t or_port,
328  const char *platform, const char **msg, int severity)
329 {
330  uint32_t result = 0;
331  router_status_t *status_by_digest;
332 
333  if (!fingerprint_list)
335 
336  log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.",
337  strmap_size(fingerprint_list->fp_by_name),
338  digestmap_size(fingerprint_list->status_by_digest));
339 
340  if (platform) {
341  tor_version_t ver_tmp;
342  if (tor_version_parse_platform(platform, &ver_tmp, 1) < 0) {
343  if (msg) {
344  *msg = "Malformed platform string.";
345  }
346  return FP_REJECT;
347  }
348  }
349 
350  /* Versions before Tor 0.2.4.18-rc are too old to support, and are
351  * missing some important security fixes too. Disable them. */
352  if (platform && !tor_version_as_new_as(platform,"0.2.4.18-rc")) {
353  if (msg)
354  *msg = "Tor version is insecure or unsupported. Please upgrade!";
355  return FP_REJECT;
356  }
357 
358  /* Tor 0.2.9.x where x<5 suffers from bug #20499, where relays don't
359  * keep their consensus up to date so they make bad guards.
360  * The simple fix is to just drop them from the network. */
361  if (platform &&
362  tor_version_as_new_as(platform,"0.2.9.0-alpha") &&
363  !tor_version_as_new_as(platform,"0.2.9.5-alpha")) {
364  if (msg)
365  *msg = "Tor version contains bug 20499. Please upgrade!";
366  return FP_REJECT;
367  }
368 
369  status_by_digest = digestmap_get(fingerprint_list->status_by_digest,
370  id_digest);
371  if (status_by_digest)
372  result |= *status_by_digest;
373 
374  if (result & FP_REJECT) {
375  if (msg)
376  *msg = "Fingerprint is marked rejected -- if you think this is a "
377  "mistake please set a valid email address in ContactInfo and "
378  "send an email to bad-relays@lists.torproject.org mentioning "
379  "your fingerprint(s)?";
380  return FP_REJECT;
381  } else if (result & FP_INVALID) {
382  if (msg)
383  *msg = "Fingerprint is marked invalid";
384  }
385 
386  if (authdir_policy_badexit_address(addr, or_port)) {
387  log_fn(severity, LD_DIRSERV,
388  "Marking '%s' as bad exit because of address '%s'",
389  nickname, fmt_addr32(addr));
390  result |= FP_BADEXIT;
391  }
392 
393  if (!authdir_policy_permits_address(addr, or_port)) {
394  log_fn(severity, LD_DIRSERV, "Rejecting '%s' because of address '%s'",
395  nickname, fmt_addr32(addr));
396  if (msg)
397  *msg = "Suspicious relay address range -- if you think this is a "
398  "mistake please set a valid email address in ContactInfo and "
399  "send an email to bad-relays@lists.torproject.org mentioning "
400  "your address(es) and fingerprint(s)?";
401  return FP_REJECT;
402  }
403  if (!authdir_policy_valid_address(addr, or_port)) {
404  log_fn(severity, LD_DIRSERV,
405  "Not marking '%s' valid because of address '%s'",
406  nickname, fmt_addr32(addr));
407  result |= FP_INVALID;
408  }
409 
410  return result;
411 }
412 
414 void
416 {
417  if (!fingerprint_list)
418  return;
419 
420  strmap_free(fingerprint_list->fp_by_name, tor_free_);
421  digestmap_free(fingerprint_list->status_by_digest, tor_free_);
423 }
424 
425 /*
426  * Descriptor list
427  */
428 
431 STATIC int
433 {
434  tor_addr_t addr;
435  if (get_options()->DirAllowPrivateAddresses)
436  return 0; /* whatever it is, we're fine with it */
437  tor_addr_from_ipv4h(&addr, ri->addr);
438 
439  if (tor_addr_is_internal(&addr, 0) || tor_addr_is_null(&addr)) {
440  log_info(LD_DIRSERV,
441  "Router %s published internal IPv4 address. Refusing.",
442  router_describe(ri));
443  return -1; /* it's a private IP, we should reject it */
444  }
445  /* We only check internal v6 on non-null addresses because we do not require
446  * IPv6 and null IPv6 is normal. */
447  if (tor_addr_is_internal(&ri->ipv6_addr, 0) &&
448  !tor_addr_is_null(&ri->ipv6_addr)) {
449  log_info(LD_DIRSERV,
450  "Router %s published internal IPv6 address. Refusing.",
451  router_describe(ri));
452  return -1; /* it's a private IP, we should reject it */
453  }
454 
455  return 0;
456 }
457 
466 int
468  int complain, int *valid_out)
469 {
470  /* Okay. Now check whether the fingerprint is recognized. */
471  time_t now;
472  int severity = (complain && ri->contact_info) ? LOG_NOTICE : LOG_INFO;
473  uint32_t status = dirserv_router_get_status(ri, msg, severity);
474  tor_assert(msg);
475  if (status & FP_REJECT)
476  return -1; /* msg is already set. */
477 
478  /* Is there too much clock skew? */
479  now = time(NULL);
480  if (ri->cache_info.published_on > now+ROUTER_ALLOW_SKEW) {
481  log_fn(severity, LD_DIRSERV, "Publication time for %s is too "
482  "far (%d minutes) in the future; possible clock skew. Not adding "
483  "(%s)",
484  router_describe(ri),
485  (int)((ri->cache_info.published_on-now)/60),
486  esc_router_info(ri));
487  *msg = "Rejected: Your clock is set too far in the future, or your "
488  "timezone is not correct.";
489  return -1;
490  }
491  if (ri->cache_info.published_on < now-ROUTER_MAX_AGE_TO_PUBLISH) {
492  log_fn(severity, LD_DIRSERV,
493  "Publication time for %s is too far "
494  "(%d minutes) in the past. Not adding (%s)",
495  router_describe(ri),
496  (int)((now-ri->cache_info.published_on)/60),
497  esc_router_info(ri));
498  *msg = "Rejected: Server is expired, or your clock is too far in the past,"
499  " or your timezone is not correct.";
500  return -1;
501  }
502  if (dirserv_router_has_valid_address(ri) < 0) {
503  log_fn(severity, LD_DIRSERV,
504  "Router %s has invalid address. Not adding (%s).",
505  router_describe(ri),
506  esc_router_info(ri));
507  *msg = "Rejected: Address is a private address.";
508  return -1;
509  }
510 
511  *valid_out = ! (status & FP_INVALID);
512 
513  return 0;
514 }
515 
519 void
521  uint32_t authstatus)
522 {
523  node->is_valid = (authstatus & FP_INVALID) ? 0 : 1;
524  node->is_bad_exit = (authstatus & FP_BADEXIT) ? 1 : 0;
525 }
526 
528 static int
530 {
531  return a < b;
532 }
533 
537 dirserv_add_multiple_descriptors(const char *desc, size_t desclen,
538  uint8_t purpose,
539  const char *source,
540  const char **msg)
541 {
542  was_router_added_t r, r_tmp;
543  const char *msg_out;
544  smartlist_t *list;
545  const char *s;
546  int n_parsed = 0;
547  time_t now = time(NULL);
548  char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
549  char time_buf[ISO_TIME_LEN+1];
550  int general = purpose == ROUTER_PURPOSE_GENERAL;
551  tor_assert(msg);
552 
553  r=ROUTER_ADDED_SUCCESSFULLY; /* Least severe return value. */
554 
555  if (!string_is_utf8_no_bom(desc, desclen)) {
556  *msg = "descriptor(s) or extrainfo(s) not valid UTF-8 or had BOM.";
557  return ROUTER_AUTHDIR_REJECTS;
558  }
559 
560  format_iso_time(time_buf, now);
561  if (tor_snprintf(annotation_buf, sizeof(annotation_buf),
562  "@uploaded-at %s\n"
563  "@source %s\n"
564  "%s%s%s", time_buf, escaped(source),
565  !general ? "@purpose " : "",
566  !general ? router_purpose_to_string(purpose) : "",
567  !general ? "\n" : "")<0) {
568  *msg = "Couldn't format annotations";
569  return ROUTER_AUTHDIR_BUG_ANNOTATIONS;
570  }
571 
572  s = desc;
573  list = smartlist_new();
574  if (!router_parse_list_from_string(&s, s+desclen, list, SAVED_NOWHERE, 0, 0,
575  annotation_buf, NULL)) {
576  SMARTLIST_FOREACH(list, routerinfo_t *, ri, {
577  msg_out = NULL;
578  tor_assert(ri->purpose == purpose);
579  r_tmp = dirserv_add_descriptor(ri, &msg_out, source);
580  if (WRA_MORE_SEVERE(r_tmp, r)) {
581  r = r_tmp;
582  *msg = msg_out;
583  }
584  });
585  }
586  n_parsed += smartlist_len(list);
587  smartlist_clear(list);
588 
589  s = desc;
590  if (!router_parse_list_from_string(&s, s+desclen, list, SAVED_NOWHERE, 1, 0,
591  NULL, NULL)) {
592  SMARTLIST_FOREACH(list, extrainfo_t *, ei, {
593  msg_out = NULL;
594 
595  r_tmp = dirserv_add_extrainfo(ei, &msg_out);
596  if (WRA_MORE_SEVERE(r_tmp, r)) {
597  r = r_tmp;
598  *msg = msg_out;
599  }
600  });
601  }
602  n_parsed += smartlist_len(list);
603  smartlist_free(list);
604 
605  if (! *msg) {
606  if (!n_parsed) {
607  *msg = "No descriptors found in your POST.";
608  if (WRA_WAS_ADDED(r))
609  r = ROUTER_IS_ALREADY_KNOWN;
610  } else {
611  *msg = "(no message)";
612  }
613  }
614 
615  return r;
616 }
617 
633 dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
634 {
636  routerinfo_t *ri_old;
637  char *desc, *nickname;
638  const size_t desclen = ri->cache_info.signed_descriptor_len +
639  ri->cache_info.annotations_len;
640  const int key_pinning = get_options()->AuthDirPinKeys;
641  *msg = NULL;
642 
643  /* If it's too big, refuse it now. Otherwise we'll cache it all over the
644  * network and it'll clog everything up. */
645  if (ri->cache_info.signed_descriptor_len > MAX_DESCRIPTOR_UPLOAD_SIZE) {
646  log_notice(LD_DIR, "Somebody attempted to publish a router descriptor '%s'"
647  " (source: %s) with size %d. Either this is an attack, or the "
648  "MAX_DESCRIPTOR_UPLOAD_SIZE (%d) constant is too low.",
649  ri->nickname, source, (int)ri->cache_info.signed_descriptor_len,
651  *msg = "Router descriptor was too large.";
652  r = ROUTER_AUTHDIR_REJECTS;
653  goto fail;
654  }
655 
656  /* Check whether this descriptor is semantically identical to the last one
657  * from this server. (We do this here and not in router_add_to_routerlist
658  * because we want to be able to accept the newest router descriptor that
659  * another authority has, so we all converge on the same one.) */
660  ri_old = router_get_mutable_by_digest(ri->cache_info.identity_digest);
661  if (ri_old && ri_old->cache_info.published_on < ri->cache_info.published_on
662  && router_differences_are_cosmetic(ri_old, ri)
663  && !router_is_me(ri)) {
664  log_info(LD_DIRSERV,
665  "Not replacing descriptor from %s (source: %s); "
666  "differences are cosmetic.",
667  router_describe(ri), source);
668  *msg = "Not replacing router descriptor; no information has changed since "
669  "the last one with this identity.";
670  r = ROUTER_IS_ALREADY_KNOWN;
671  goto fail;
672  }
673 
674  /* Do keypinning again ... this time, to add the pin if appropriate */
675  int keypin_status;
676  if (ri->cache_info.signing_key_cert) {
677  ed25519_public_key_t *pkey = &ri->cache_info.signing_key_cert->signing_key;
678  /* First let's validate this pubkey before pinning it */
679  if (ed25519_validate_pubkey(pkey) < 0) {
680  log_warn(LD_DIRSERV, "Received bad key from %s (source %s)",
681  router_describe(ri), source);
682  routerinfo_free(ri);
683  return ROUTER_AUTHDIR_REJECTS;
684  }
685 
686  /* Now pin it! */
687  keypin_status = keypin_check_and_add(
688  (const uint8_t*)ri->cache_info.identity_digest,
689  pkey->pubkey, ! key_pinning);
690  } else {
691  keypin_status = keypin_check_lone_rsa(
692  (const uint8_t*)ri->cache_info.identity_digest);
693 #ifndef DISABLE_DISABLING_ED25519
694  if (keypin_status == KEYPIN_MISMATCH)
695  keypin_status = KEYPIN_NOT_FOUND;
696 #endif
697  }
698  if (keypin_status == KEYPIN_MISMATCH && key_pinning) {
699  log_info(LD_DIRSERV, "Dropping descriptor from %s (source: %s) because "
700  "its key did not match an older RSA/Ed25519 keypair",
701  router_describe(ri), source);
702  *msg = "Looks like your keypair has changed? This authority previously "
703  "recorded a different RSA identity for this Ed25519 identity (or vice "
704  "versa.) Did you replace or copy some of your key files, but not "
705  "the others? You should either restore the expected keypair, or "
706  "delete your keys and restart Tor to start your relay with a new "
707  "identity.";
708  r = ROUTER_AUTHDIR_REJECTS;
709  goto fail;
710  }
711 
712  /* Make a copy of desc, since router_add_to_routerlist might free
713  * ri and its associated signed_descriptor_t. */
714  desc = tor_strndup(ri->cache_info.signed_descriptor_body, desclen);
715  nickname = tor_strdup(ri->nickname);
716 
717  /* Tell if we're about to need to launch a test if we add this. */
720 
721  r = router_add_to_routerlist(ri, msg, 0, 0);
722  if (!WRA_WAS_ADDED(r)) {
723  /* unless the routerinfo was fine, just out-of-date */
724  log_info(LD_DIRSERV,
725  "Did not add descriptor from '%s' (source: %s): %s.",
726  nickname, source, *msg ? *msg : "(no message)");
727  } else {
728  smartlist_t *changed;
729 
730  changed = smartlist_new();
731  smartlist_add(changed, ri);
732  routerlist_descriptors_added(changed, 0);
733  smartlist_free(changed);
734  if (!*msg) {
735  *msg = "Descriptor accepted";
736  }
737  log_info(LD_DIRSERV,
738  "Added descriptor from '%s' (source: %s): %s.",
739  nickname, source, *msg);
740  }
741  tor_free(desc);
742  tor_free(nickname);
743  return r;
744  fail:
745  {
746  const char *desc_digest = ri->cache_info.signed_descriptor_digest;
747  download_status_t *dls =
748  router_get_dl_status_by_descriptor_digest(desc_digest);
749  if (dls) {
750  log_info(LD_GENERAL, "Marking router with descriptor %s as rejected, "
751  "and therefore undownloadable",
752  hex_str(desc_digest, DIGEST_LEN));
754  }
755  routerinfo_free(ri);
756  }
757  return r;
758 }
759 
761 static was_router_added_t
762 dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
763 {
764  routerinfo_t *ri;
765  int r;
767  tor_assert(msg);
768  *msg = NULL;
769 
770  /* Needs to be mutable so routerinfo_incompatible_with_extrainfo
771  * can mess with some of the flags in ri->cache_info. */
772  ri = router_get_mutable_by_digest(ei->cache_info.identity_digest);
773  if (!ri) {
774  *msg = "No corresponding router descriptor for extra-info descriptor";
775  rv = ROUTER_BAD_EI;
776  goto fail;
777  }
778 
779  /* If it's too big, refuse it now. Otherwise we'll cache it all over the
780  * network and it'll clog everything up. */
781  if (ei->cache_info.signed_descriptor_len > MAX_EXTRAINFO_UPLOAD_SIZE) {
782  log_notice(LD_DIR, "Somebody attempted to publish an extrainfo "
783  "with size %d. Either this is an attack, or the "
784  "MAX_EXTRAINFO_UPLOAD_SIZE (%d) constant is too low.",
785  (int)ei->cache_info.signed_descriptor_len,
787  *msg = "Extrainfo document was too large";
788  rv = ROUTER_BAD_EI;
789  goto fail;
790  }
791 
793  &ri->cache_info, msg))) {
794  if (r<0) {
795  extrainfo_free(ei);
796  return ROUTER_IS_ALREADY_KNOWN;
797  }
798  rv = ROUTER_BAD_EI;
799  goto fail;
800  }
801  router_add_extrainfo_to_routerlist(ei, msg, 0, 0);
802  return ROUTER_ADDED_SUCCESSFULLY;
803  fail:
804  {
805  const char *d = ei->cache_info.signed_descriptor_digest;
806  signed_descriptor_t *sd = router_get_by_extrainfo_digest((char*)d);
807  if (sd) {
808  log_info(LD_GENERAL, "Marking extrainfo with descriptor %s as "
809  "rejected, and therefore undownloadable",
810  hex_str((char*)d,DIGEST_LEN));
812  }
813  extrainfo_free(ei);
814  }
815  return rv;
816 }
817 
822 static void
824 {
826  smartlist_t *nodes = smartlist_new();
827  smartlist_add_all(nodes, nodelist_get_list());
828 
829  SMARTLIST_FOREACH_BEGIN(nodes, node_t *, node) {
830  const char *msg = NULL;
831  const char *description;
832  routerinfo_t *ent = node->ri;
833  uint32_t r;
834  if (!ent)
835  continue;
836  r = dirserv_router_get_status(ent, &msg, LOG_INFO);
837  description = router_describe(ent);
838  if (r & FP_REJECT) {
839  log_info(LD_DIRSERV, "Router %s is now rejected: %s",
840  description, msg?msg:"");
841  routerlist_remove(rl, ent, 0, time(NULL));
842  continue;
843  }
844  if (bool_neq((r & FP_INVALID), !node->is_valid)) {
845  log_info(LD_DIRSERV, "Router '%s' is now %svalid.", description,
846  (r&FP_INVALID) ? "in" : "");
847  node->is_valid = (r&FP_INVALID)?0:1;
848  }
849  if (bool_neq((r & FP_BADEXIT), node->is_bad_exit)) {
850  log_info(LD_DIRSERV, "Router '%s' is now a %s exit", description,
851  (r & FP_BADEXIT) ? "bad" : "good");
852  node->is_bad_exit = (r&FP_BADEXIT) ? 1: 0;
853  }
854  } SMARTLIST_FOREACH_END(node);
855 
857  smartlist_free(nodes);
858 }
static authdir_config_t * authdir_config_new(void)
Definition: process_descs.c:81
#define MAX_DESCRIPTOR_UPLOAD_SIZE
Definition: or.h:128
void dirserv_free_fingerprint_list(void)
const char * router_purpose_to_string(uint8_t p)
Definition: routerinfo.c:54
Header for confline.c.
char * contact_info
Definition: routerinfo_st.h:64
Definition: node_st.h:28
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
int router_is_me(const routerinfo_t *router)
Definition: router.c:1621
int router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:2861
was_router_added_t
Definition: routerlist.h:17
int dirserv_would_reject_router(const routerstatus_t *rs)
unsigned int needs_retest_if_added
Definition: routerinfo_st.h:78
int authdir_policy_valid_address(uint32_t addr, uint16_t port)
Definition: policies.c:1224
#define LD_GENERAL
Definition: log.h:60
#define FP_REJECT
Definition: process_descs.c:57
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
Definition: reachability.c:101
int tor_version_as_new_as(const char *platform, const char *cutoff)
Definition: versions.c:171
strmap_t * fp_by_name
Definition: process_descs.c:72
int authdir_policy_permits_address(uint32_t addr, uint16_t port)
Definition: policies.c:1213
char identity_digest[DIGEST_LEN]
#define LOG_INFO
Definition: log.h:43
Header file for describe.c.
Header file for nodelist.c.
uint32_t router_status_t
Definition: process_descs.c:63
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
static int WRA_WAS_ADDED(was_router_added_t s)
Definition: routerlist.h:104
void tor_strstrip(char *s, const char *strip)
Definition: util_string.c:111
#define bool_neq(a, b)
Definition: logic.h:18
Header file for config.c.
ed25519_public_key_t signing_key
Definition: torcert.h:28
routerinfo_t * router_get_mutable_by_digest(const char *digest)
Definition: routerlist.c:676
static authdir_config_t * fingerprint_list
Definition: process_descs.c:77
char signed_descriptor_digest[DIGEST_LEN]
Header file for reachability.c.
int dirserv_add_own_fingerprint(crypto_pk_t *pk)
#define tor_free(p)
Definition: malloc.h:52
#define LOG_NOTICE
Definition: log.h:48
struct tor_cert_st * signing_key_cert
int authdir_policy_badexit_address(uint32_t addr, uint16_t port)
Definition: policies.c:1235
int keypin_check(const uint8_t *rsa_id_digest, const uint8_t *ed25519_id_key)
Definition: keypin.c:157
unsigned int is_valid
Definition: node_st.h:59
Header file for versions.c.
int config_get_lines(const char *string, config_line_t **result, int extended)
Definition: confline.c:201
void routerlist_assert_ok(const routerlist_t *rl)
Definition: routerlist.c:3094
#define FP_BADEXIT
Definition: process_descs.c:59
Header file for policies.c.
int dirserv_load_fingerprint_file(void)
tor_assert(buffer)
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
int router_parse_list_from_string(const char **s, const char *eos, smartlist_t *dest, saved_location_t saved_location, int want_extrainfo, int allow_annotations, const char *prepend_annotations, smartlist_t *invalid_digests_out)
Definition: routerparse.c:245
was_router_added_t dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
void download_status_mark_impossible(download_status_t *dl)
Definition: dlstatus.c:388
static int WRA_MORE_SEVERE(was_router_added_t a, was_router_added_t b)
#define DIGEST_LEN
Definition: digest_sizes.h:20
Master header file for Tor-specific functionality.
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
#define LD_DIRSERV
Definition: log.h:88
void routerlist_descriptors_added(smartlist_t *sl, int from_cache)
Definition: routerlist.c:1928
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
const char * fmt_addr32(uint32_t addr)
Definition: address.c:1181
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:770
int string_is_utf8_no_bom(const char *str, size_t len)
Definition: util_string.c:531
char nickname[MAX_NICKNAME_LEN+1]
void tor_free_(void *mem)
Definition: malloc.c:227
#define RFTS_IGNORE_MISSING
Definition: files.h:97
Header file for process_descs.c.
#define LD_FS
Definition: log.h:68
const char * esc_router_info(const routerinfo_t *router)
Definition: routerlist.c:3182
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
#define LD_DIR
Definition: log.h:86
char identity_digest[DIGEST_LEN]
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:162
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
int keypin_check_lone_rsa(const uint8_t *rsa_id_digest)
Definition: keypin.c:284
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
int authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg, int complain, int *valid_out)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
#define MAX_EXTRAINFO_UPLOAD_SIZE
Definition: or.h:131
Header file for router.c.
const char * escaped(const char *s)
Definition: escape.c:126
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
char * nickname
Definition: routerinfo_st.h:17
void routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
Definition: routerlist.c:1185
Header file for dlstatus.c.
#define log_fn(severity, domain, args,...)
Definition: log.h:274
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
struct authdir_config_t authdir_config_t
download_status_t ei_dl_status
#define LOG_DEBUG
Definition: log.h:40
#define ROUTER_ALLOW_SKEW
Definition: process_descs.c:43
static uint32_t dirserv_get_status_impl(const char *fp, const char *nickname, uint32_t addr, uint16_t or_port, const char *platform, const char **msg, int severity)
uint32_t addr
Definition: routerinfo_st.h:19
was_router_added_t router_add_to_routerlist(routerinfo_t *router, const char **msg, int from_cache, int from_fetch)
Definition: routerlist.c:1483
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:506
digestmap_t * status_by_digest
Definition: process_descs.c:73
char * platform
Definition: routerinfo_st.h:45
#define ROUTER_ANNOTATION_BUF_LEN
Definition: or.h:803
STATIC int dirserv_router_has_valid_address(routerinfo_t *ri)
unsigned int is_bad_exit
Definition: node_st.h:65
static void add_fingerprint_to_dir(const char *fp, struct authdir_config_t *list, router_status_t add_status)
Definition: process_descs.c:94
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:27
int routerinfo_incompatible_with_extrainfo(const crypto_pk_t *identity_pkey, extrainfo_t *ei, signed_descriptor_t *sd, const char **msg)
Definition: routerlist.c:2957
was_router_added_t dirserv_add_multiple_descriptors(const char *desc, size_t desclen, uint8_t purpose, const char *source, const char **msg)
Header file for routerinfo.c.
#define FP_INVALID
Definition: process_descs.c:56
void smartlist_clear(smartlist_t *sl)
const char * router_describe(const routerinfo_t *ri)
Definition: describe.c:123
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
was_router_added_t router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg, int from_cache, int from_fetch)
Definition: routerlist.c:1659
crypto_pk_t * identity_pkey
Definition: routerinfo_st.h:38
static void directory_remove_invalid(void)
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:84
static was_router_added_t dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
#define LD_CONFIG
Definition: log.h:66
Header file for routerlist.c.
int ed25519_validate_pubkey(const ed25519_public_key_t *pubkey)
Header file for routerparse.c.
uint16_t or_port
Definition: routerinfo_st.h:20
int tor_version_parse_platform(const char *platform, tor_version_t *router_version, int strict)
Definition: versions.c:127