Tor  0.4.7.0-alpha-dev
relay_periodic.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * @file relay_periodic.c
9  * @brief Periodic functions for the relay subsystem
10  **/
11 
12 #include "orconfig.h"
13 #include "core/or/or.h"
14 
16 
17 #include "core/mainloop/periodic.h"
18 #include "core/mainloop/cpuworker.h" // XXXX use a pubsub event.
19 #include "core/mainloop/mainloop.h"
21 #include "core/or/circuituse.h" // XXXX move have_performed_bandwidth_test
22 
23 #include "feature/relay/dns.h"
25 #include "feature/relay/router.h"
28 #include "feature/relay/selftest.h"
30 
32 
35 
36 #ifndef COCCI
37 #define DECLARE_EVENT(name, roles, flags) \
38  static periodic_event_item_t name ## _event = \
39  PERIODIC_EVENT(name, \
40  PERIODIC_EVENT_ROLE_##roles, \
41  flags)
42 #endif /* !defined(COCCI) */
43 
44 #define FL(name) (PERIODIC_EVENT_FLAG_##name)
45 
46 /**
47  * Periodic callback: If we're a server and initializing dns failed, retry.
48  */
49 static int
50 retry_dns_callback(time_t now, const or_options_t *options)
51 {
52  (void)now;
53 #define RETRY_DNS_INTERVAL (10*60)
54  if (server_mode(options) && has_dns_init_failed())
55  dns_init();
56  return RETRY_DNS_INTERVAL;
57 }
58 
59 DECLARE_EVENT(retry_dns, ROUTER, 0);
60 
61 static int dns_honesty_first_time = 1;
62 
63 /**
64  * Periodic event: if we're an exit, see if our DNS server is telling us
65  * obvious lies.
66  */
67 static int
68 check_dns_honesty_callback(time_t now, const or_options_t *options)
69 {
70  (void)now;
71  /* 9. and if we're an exit node, check whether our DNS is telling stories
72  * to us. */
73  if (net_is_disabled() ||
74  ! public_server_mode(options) ||
76  return PERIODIC_EVENT_NO_UPDATE;
77 
78  if (dns_honesty_first_time) {
79  /* Don't launch right when we start */
80  dns_honesty_first_time = 0;
81  return crypto_rand_int_range(60, 180);
82  }
83 
85  return 12*3600 + crypto_rand_int(12*3600);
86 }
87 
88 DECLARE_EVENT(check_dns_honesty, RELAY, FL(NEED_NET));
89 
90 /* Periodic callback: rotate the onion keys after the period defined by the
91  * "onion-key-rotation-days" consensus parameter, shut down and restart all
92  * cpuworkers, and update our descriptor if necessary.
93  */
94 static int
95 rotate_onion_key_callback(time_t now, const or_options_t *options)
96 {
97  if (server_mode(options)) {
98  int onion_key_lifetime = get_onion_key_lifetime();
99  time_t rotation_time = get_onion_key_set_at()+onion_key_lifetime;
100  if (rotation_time > now) {
102  }
103 
104  log_info(LD_GENERAL,"Rotating onion key.");
107  if (!router_rebuild_descriptor(1)) {
108  log_info(LD_CONFIG, "Couldn't rebuild router descriptor");
109  }
113  }
114  return PERIODIC_EVENT_NO_UPDATE;
115 }
116 
117 DECLARE_EVENT(rotate_onion_key, ROUTER, 0);
118 
119 /** Periodic callback: consider rebuilding or and re-uploading our descriptor
120  * (if we've passed our internal checks). */
121 static int
122 check_descriptor_callback(time_t now, const or_options_t *options)
123 {
124 /** How often do we check whether part of our router info has changed in a
125  * way that would require an upload? That includes checking whether our IP
126  * address has changed. */
127 #define CHECK_DESCRIPTOR_INTERVAL (60)
128 
129  (void)options;
130 
131  /* 2b. Once per minute, regenerate and upload the descriptor if the old
132  * one is inaccurate. */
133  if (!net_is_disabled()) {
138  }
139 
140  return CHECK_DESCRIPTOR_INTERVAL;
141 }
142 
143 DECLARE_EVENT(check_descriptor, ROUTER, FL(NEED_NET));
144 
145 static int dirport_reachability_count = 0;
146 
147 /**
148  * Periodic callback: check whether we're reachable (as a relay), and
149  * whether our bandwidth has changed enough that we need to
150  * publish a new descriptor.
151  */
152 static int
154 {
155  /* XXXX This whole thing was stuck in the middle of what is now
156  * XXXX check_descriptor_callback. I'm not sure it's right. */
157  /** How often should we consider launching reachability tests in our first
158  * TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT seconds? */
159 #define EARLY_CHECK_REACHABILITY_INTERVAL (60)
160 
161  /* also, check religiously for reachability, if it's within the first
162  * 20 minutes of our uptime. */
163  if (server_mode(options) &&
165  !net_is_disabled()) {
168  return EARLY_CHECK_REACHABILITY_INTERVAL;
169  } else {
170  /* If we haven't checked for 12 hours and our bandwidth estimate is
171  * low, do another bandwidth test. This is especially important for
172  * bridges, since they might go long periods without much use. */
174  static int first_time = 1;
175  if (!first_time && me &&
176  me->bandwidthcapacity < me->bandwidthrate &&
177  me->bandwidthcapacity < 51200) {
179  }
180  first_time = 0;
181 #define BANDWIDTH_RECHECK_INTERVAL (12*60*60)
182  return BANDWIDTH_RECHECK_INTERVAL;
183  }
184  }
185  return CHECK_DESCRIPTOR_INTERVAL;
186 }
187 
188 DECLARE_EVENT(check_for_reachability_bw, ROUTER, FL(NEED_NET));
189 
190 /**
191  * Callback: Send warnings if Tor doesn't find its ports reachable.
192  */
193 static int
194 reachability_warnings_callback(time_t now, const or_options_t *options)
195 {
196  (void) now;
197 
200  }
201 
202  if (server_mode(options) &&
203  !net_is_disabled() &&
205  /* every 20 minutes, check and complain if necessary */
207  bool v4_ok =
208  router_orport_seems_reachable(options,AF_INET);
209  bool v6_ok =
210  router_orport_seems_reachable(options,AF_INET6);
211  if (me && !(v4_ok && v6_ok)) {
212  /* We need to warn that one or more of our ORPorts isn't reachable.
213  * Determine which, and give a reasonable warning. */
214  char *address4 = tor_addr_to_str_dup(&me->ipv4_addr);
215  char *address6 = tor_addr_to_str_dup(&me->ipv6_addr);
216  if (address4 || address6) {
217  char *where4=NULL, *where6=NULL;
218  if (!v4_ok)
219  tor_asprintf(&where4, "%s:%d", address4, me->ipv4_orport);
220  if (!v6_ok)
221  tor_asprintf(&where6, "[%s]:%d", address6, me->ipv6_orport);
222  const char *opt_and = (!v4_ok && !v6_ok) ? "and" : "";
223 
224  /* IPv4 reachability test worked but not the IPv6. We will _not_
225  * publish the descriptor if our IPv6 was configured. We will if it
226  * was auto discovered. */
227  if (v4_ok && !v6_ok && !resolved_addr_is_configured(AF_INET6)) {
228  static ratelim_t rlim = RATELIM_INIT(3600);
230  "Auto-discovered IPv6 address %s has not been found "
231  "reachable. However, IPv4 address is reachable. "
232  "Publishing server descriptor without IPv6 address.",
233  where6 ? where6 : "");
234  /* Indicate we want to publish even if reachability test failed. */
235  mark_my_descriptor_if_omit_ipv6_changes("IPv4 is reachable. "
236  "IPv6 is not but was "
237  "auto-discovered", true);
238  } else {
239  log_warn(LD_CONFIG,
240  "Your server has not managed to confirm reachability for "
241  "its ORPort(s) at %s%s%s. Relays do not publish "
242  "descriptors until their ORPort and DirPort are "
243  "reachable. Please check your firewalls, ports, address, "
244  "/etc/hosts file, etc.",
245  where4?where4:"",
246  opt_and,
247  where6?where6:"");
248  }
249  tor_free(where4);
250  tor_free(where6);
251  if (!v4_ok) {
253  "REACHABILITY_FAILED ORADDRESS=%s:%d",
254  address4, me->ipv4_orport);
255  }
256  if (!v6_ok) {
258  "REACHABILITY_FAILED ORADDRESS=[%s]:%d",
259  address6, me->ipv6_orport);
260  }
261  }
262  tor_free(address4);
263  tor_free(address6);
264  }
265  }
266 
268 }
269 
270 DECLARE_EVENT(reachability_warnings, ROUTER, FL(NEED_NET));
271 
272 /* Periodic callback: Every 30 seconds, check whether it's time to make new
273  * Ed25519 subkeys.
274  */
275 static int
276 check_ed_keys_callback(time_t now, const or_options_t *options)
277 {
278  if (server_mode(options)) {
279  if (should_make_new_ed_keys(options, now)) {
280  int new_signing_key = load_ed_keys(options, now);
281  if (new_signing_key < 0 ||
282  generate_ed_link_cert(options, now, new_signing_key > 0)) {
283  log_err(LD_OR, "Unable to update Ed25519 keys! Exiting.");
285  }
286  }
287  return 30;
288  }
289  return PERIODIC_EVENT_NO_UPDATE;
290 }
291 
292 DECLARE_EVENT(check_ed_keys, ROUTER, 0);
293 
294 /* Period callback: Check if our old onion keys are still valid after the
295  * period of time defined by the consensus parameter
296  * "onion-key-grace-period-days", otherwise expire them by setting them to
297  * NULL.
298  */
299 static int
300 check_onion_keys_expiry_time_callback(time_t now, const or_options_t *options)
301 {
302  if (server_mode(options)) {
303  int onion_key_grace_period = get_onion_key_grace_period();
304  time_t expiry_time = get_onion_key_set_at()+onion_key_grace_period;
305  if (expiry_time > now) {
307  }
308 
309  log_info(LD_GENERAL, "Expiring old onion keys.");
313  }
314 
315  return PERIODIC_EVENT_NO_UPDATE;
316 }
317 
318 DECLARE_EVENT(check_onion_keys_expiry_time, ROUTER, 0);
319 
320 void
321 relay_register_periodic_events(void)
322 {
323  periodic_events_register(&retry_dns_event);
324  periodic_events_register(&check_dns_honesty_event);
325  periodic_events_register(&rotate_onion_key_event);
326  periodic_events_register(&check_descriptor_event);
327  periodic_events_register(&check_for_reachability_bw_event);
328  periodic_events_register(&reachability_warnings_event);
329  periodic_events_register(&check_ed_keys_event);
330  periodic_events_register(&check_onion_keys_expiry_time_event);
331 
332  dns_honesty_first_time = 1;
333  dirport_reachability_count = 0;
334 }
335 
336 /**
337  * Update our schedule so that we'll check whether we need to update our
338  * descriptor immediately, rather than after up to CHECK_DESCRIPTOR_INTERVAL
339  * seconds.
340  */
341 void
343 {
344  periodic_event_reschedule(&check_descriptor_event);
345 }
char * tor_addr_to_str_dup(const tor_addr_t *addr)
Definition: address.c:1164
void reset_bandwidth_test(void)
Definition: circuituse.c:1603
Header file for circuituse.c.
int control_event_server_status(int severity, const char *format,...)
Header file for control_events.c.
void cpuworkers_rotate_keyinfo(void)
Definition: cpuworker.c:188
Header file for cpuworker.c.
Common functions for using (pseudo-)random number generators.
int crypto_rand_int_range(unsigned int min, unsigned int max)
int crypto_rand_int(unsigned int max)
int dns_init(void)
Definition: dns.c:217
int has_dns_init_failed(void)
Definition: dns.c:258
void dns_launch_correctness_checks(void)
Definition: dns.c:2030
Header file for dns.c.
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
#define LD_OR
Definition: log.h:92
#define LD_GENERAL
Definition: log.h:62
#define LOG_NOTICE
Definition: log.h:50
#define LD_CONFIG
Definition: log.h:68
#define LOG_WARN
Definition: log.h:53
int have_completed_a_circuit(void)
Definition: mainloop.c:218
void tor_shutdown_event_loop_and_exit(int exitcode)
Definition: mainloop.c:764
long get_uptime(void)
Definition: mainloop.c:2528
Header file for mainloop.c.
#define tor_free(p)
Definition: malloc.h:52
int net_is_disabled(void)
Definition: netstatus.c:25
Header for netstatus.c.
Master header file for Tor-specific functionality.
#define ONION_KEY_CONSENSUS_CHECK_INTERVAL
Definition: or.h:151
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
Definition: or.h:430
void periodic_events_register(periodic_event_item_t *item)
Definition: periodic.c:219
void periodic_event_reschedule(periodic_event_item_t *event)
Definition: periodic.c:106
Header for periodic.c.
int any_predicted_circuits(time_t now)
Header file for predict_ports.c.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
void reschedule_descriptor_update_check(void)
static int reachability_warnings_callback(time_t now, const or_options_t *options)
static int check_dns_honesty_callback(time_t now, const or_options_t *options)
static int check_for_reachability_bw_callback(time_t now, const or_options_t *options)
static int check_descriptor_callback(time_t now, const or_options_t *options)
static int retry_dns_callback(time_t now, const or_options_t *options)
Header for feature/relay/relay_periodic.c.
bool resolved_addr_is_configured(int family)
Definition: resolve_addr.c:109
Header file for resolve_addr.c.
void consider_publishable_server(int force)
Definition: router.c:1461
void router_upload_dir_desc_to_dirservers(int force)
Definition: router.c:1646
int get_onion_key_grace_period(void)
Definition: router.c:799
void check_descriptor_ipaddress_changed(time_t now)
Definition: router.c:2675
void mark_my_descriptor_if_omit_ipv6_changes(const char *reason, bool omit_ipv6)
Definition: router.c:2506
time_t get_onion_key_set_at(void)
Definition: router.c:344
const routerinfo_t * router_get_my_routerinfo(void)
Definition: router.c:1801
void expire_old_onion_keys(void)
Definition: router.c:252
bool router_rebuild_descriptor(int force)
Definition: router.c:2451
void check_descriptor_bandwidth_changed(time_t now)
Definition: router.c:2600
int get_onion_key_lifetime(void)
Definition: router.c:789
void mark_my_descriptor_dirty_if_too_old(time_t now)
Definition: router.c:2528
void rotate_onion_key(void)
Definition: router.c:487
int router_my_exit_policy_is_reject_star(void)
Definition: router.c:1727
Header file for router.c.
Router descriptor structure.
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:55
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:419
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:365
Header for routerkeys.c.
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
int advertised_server_mode(void)
Definition: routermode.c:55
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for routermode.c.
int router_orport_seems_reachable(const or_options_t *options, int family)
Definition: selftest.c:101
void router_do_reachability_checks(void)
Definition: selftest.c:284
Header file for selftest.c.
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
uint32_t bandwidthrate
Definition: routerinfo_st.h:54
uint32_t bandwidthcapacity
Definition: routerinfo_st.h:58