tor  0.4.2.1-alpha-dev
reachability.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2019, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
12 #include "core/or/or.h"
14 
15 #include "app/config/config.h"
16 #include "core/or/channel.h"
17 #include "core/or/channeltls.h"
18 #include "core/or/command.h"
24 #include "feature/nodelist/torcert.h"
25 #include "feature/stats/rephist.h"
26 
27 #include "feature/nodelist/node_st.h"
28 #include "feature/nodelist/routerinfo_st.h"
29 #include "feature/nodelist/routerlist_st.h"
30 
37 void
39  uint16_t or_port,
40  const char *digest_rcvd,
41  const ed25519_public_key_t *ed_id_rcvd)
42 {
43  node_t *node = NULL;
44  tor_addr_port_t orport;
45  routerinfo_t *ri = NULL;
46  time_t now = time(NULL);
47  tor_assert(addr);
48  tor_assert(digest_rcvd);
49 
50  node = node_get_mutable_by_id(digest_rcvd);
51  if (node == NULL || node->ri == NULL)
52  return;
53 
54  ri = node->ri;
55 
56  if (get_options()->AuthDirTestEd25519LinkKeys &&
58  ri->cache_info.signing_key_cert) {
59  /* We allow the node to have an ed25519 key if we haven't been told one in
60  * the routerinfo, but if we *HAVE* been told one in the routerinfo, it
61  * needs to match. */
62  const ed25519_public_key_t *expected_id =
63  &ri->cache_info.signing_key_cert->signing_key;
65  if (! ed_id_rcvd || ! ed25519_pubkey_eq(ed_id_rcvd, expected_id)) {
66  log_info(LD_DIRSERV, "Router at %s:%d with RSA ID %s "
67  "did not present expected Ed25519 ID.",
68  fmt_addr(addr), or_port, hex_str(digest_rcvd, DIGEST_LEN));
69  return; /* Don't mark it as reachable. */
70  }
71  }
72 
73  tor_addr_copy(&orport.addr, addr);
74  orport.port = or_port;
75  if (router_has_orport(ri, &orport)) {
76  /* Found the right router. */
77  if (!authdir_mode_bridge(get_options()) ||
78  ri->purpose == ROUTER_PURPOSE_BRIDGE) {
79  char addrstr[TOR_ADDR_BUF_LEN];
80  /* This is a bridge or we're not a bridge authority --
81  mark it as reachable. */
82  log_info(LD_DIRSERV, "Found router %s to be reachable at %s:%d. Yay.",
83  router_describe(ri),
84  tor_addr_to_str(addrstr, addr, sizeof(addrstr), 1),
85  ri->or_port);
86  if (tor_addr_family(addr) == AF_INET) {
87  rep_hist_note_router_reachable(digest_rcvd, addr, or_port, now);
88  node->last_reachable = now;
89  } else if (tor_addr_family(addr) == AF_INET6) {
90  /* No rephist for IPv6. */
91  node->last_reachable6 = now;
92  }
93  }
94  }
95 }
96 
100 int
102  const routerinfo_t *ri_old)
103 {
104  if (!authdir_mode_handles_descs(get_options(), ri->purpose))
105  return 0;
106  if (!ri_old) {
107  /* New router: Launch an immediate reachability test, so we will have an
108  * opinion soon in case we're generating a consensus soon */
109  return 1;
110  }
111  if (ri_old->is_hibernating && !ri->is_hibernating) {
112  /* It just came out of hibernation; launch a reachability test */
113  return 1;
114  }
115  if (! routers_have_same_or_addrs(ri, ri_old)) {
116  /* Address or port changed; launch a reachability test */
117  return 1;
118  }
119  return 0;
120 }
121 
125 void
127 {
128  const or_options_t *options = get_options();
129  channel_t *chan = NULL;
130  const node_t *node = NULL;
131  tor_addr_t router_addr;
132  const ed25519_public_key_t *ed_id_key;
133  (void) now;
134 
135  tor_assert(router);
136  node = node_get_by_id(router->cache_info.identity_digest);
137  tor_assert(node);
138 
139  if (options->AuthDirTestEd25519LinkKeys &&
141  router->cache_info.signing_key_cert) {
142  ed_id_key = &router->cache_info.signing_key_cert->signing_key;
143  } else {
144  ed_id_key = NULL;
145  }
146 
147  /* IPv4. */
148  log_debug(LD_OR,"Testing reachability of %s at %s:%u.",
149  router->nickname, fmt_addr32(router->addr), router->or_port);
150  tor_addr_from_ipv4h(&router_addr, router->addr);
151  chan = channel_tls_connect(&router_addr, router->or_port,
152  router->cache_info.identity_digest,
153  ed_id_key);
154  if (chan) command_setup_channel(chan);
155 
156  /* Possible IPv6. */
157  if (get_options()->AuthDirHasIPv6Connectivity == 1 &&
158  !tor_addr_is_null(&router->ipv6_addr)) {
159  char addrstr[TOR_ADDR_BUF_LEN];
160  log_debug(LD_OR, "Testing reachability of %s at %s:%u.",
161  router->nickname,
162  tor_addr_to_str(addrstr, &router->ipv6_addr, sizeof(addrstr), 1),
163  router->ipv6_orport);
164  chan = channel_tls_connect(&router->ipv6_addr, router->ipv6_orport,
165  router->cache_info.identity_digest,
166  ed_id_key);
167  if (chan) command_setup_channel(chan);
168  }
169 }
170 
178 void
180 {
181  /* XXX decide what to do here; see or-talk thread "purging old router
182  * information, revocation." -NM
183  * We can't afford to mess with this in 0.1.2.x. The reason is that
184  * if we stop doing reachability tests on some of routerlist, then
185  * we'll for-sure think they're down, which may have unexpected
186  * effects in other parts of the code. It doesn't hurt much to do
187  * the testing, and directory authorities are easy to upgrade. Let's
188  * wait til 0.2.0. -RD */
189 // time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
191  static char ctr = 0;
192  int bridge_auth = authdir_mode_bridge(get_options());
193 
195  const char *id_digest = router->cache_info.identity_digest;
196  if (router_is_me(router))
197  continue;
198  if (bridge_auth && router->purpose != ROUTER_PURPOSE_BRIDGE)
199  continue; /* bridge authorities only test reachability on bridges */
200 // if (router->cache_info.published_on > cutoff)
201 // continue;
202  if ((((uint8_t)id_digest[0]) % REACHABILITY_MODULO_PER_TEST) == ctr) {
204  }
205  } SMARTLIST_FOREACH_END(router);
206  ctr = (ctr + 1) % REACHABILITY_MODULO_PER_TEST; /* increment ctr */
207 }
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
Header file for channeltls.c.
#define TOR_ADDR_BUF_LEN
Definition: address.h:205
Definition: node_st.h:28
int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us)
Definition: nodelist.c:1135
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
int router_is_me(const routerinfo_t *router)
Definition: router.c:1621
Header file for command.c.
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
Definition: reachability.c:101
Header file for describe.c.
Header file for nodelist.c.
int AuthDirTestEd25519LinkKeys
void rep_hist_note_router_reachable(const char *id, const tor_addr_t *at_addr, const uint16_t at_port, time_t when)
Definition: rephist.c:241
int authdir_mode_bridge(const or_options_t *options)
Definition: authmode.c:67
Header file for config.c.
ed25519_public_key_t signing_key
Definition: torcert.h:28
Header file for reachability.c.
channel_t * channel_tls_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id)
Definition: channeltls.c:189
struct tor_cert_st * signing_key_cert
void dirserv_test_reachability(time_t now)
Definition: reachability.c:179
Header file for directory authority mode.
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:493
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
Header file for channel.c.
tor_assert(buffer)
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
int authdir_mode_handles_descs(const or_options_t *options, int purpose)
Definition: authmode.c:34
#define DIGEST_LEN
Definition: digest_sizes.h:20
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
Master header file for Tor-specific functionality.
time_t last_reachable
Definition: node_st.h:93
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
#define LD_DIRSERV
Definition: log.h:88
Header file for rephist.c.
const char * fmt_addr32(uint32_t addr)
Definition: address.c:1181
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:770
#define LD_OR
Definition: log.h:90
char identity_digest[DIGEST_LEN]
char * nickname
Definition: routerinfo_st.h:17
#define REACHABILITY_MODULO_PER_TEST
Definition: reachability.h:18
#define fmt_addr(a)
Definition: address.h:211
void dirserv_single_reachability_test(time_t now, routerinfo_t *router)
Definition: reachability.c:126
uint32_t addr
Definition: routerinfo_st.h:19
void command_setup_channel(channel_t *chan)
Definition: command.c:683
uint8_t purpose
unsigned int is_hibernating
Definition: routerinfo_st.h:65
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:27
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:904
Header file for routerinfo.c.
const char * router_describe(const routerinfo_t *ri)
Definition: describe.c:123
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, const char *digest_rcvd, const ed25519_public_key_t *ed_id_rcvd)
Definition: reachability.c:38
smartlist_t * routers
Definition: routerlist_st.h:27
Header file for routerlist.c.
uint16_t or_port
Definition: routerinfo_st.h:20
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179