Tor  0.4.3.0-alpha-dev
relay_periodic.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * @file relay_periodic.c
9  * @brief Periodic functions for the relay subsytem
10  **/
11 
12 #include "orconfig.h"
13 #include "core/or/or.h"
14 
15 #include "core/mainloop/periodic.h"
16 #include "core/mainloop/cpuworker.h" // XXXX use a pubsub event.
17 #include "core/mainloop/mainloop.h"
19 #include "core/or/circuituse.h" // XXXX move have_performed_bandwidth_test
20 
21 #include "feature/relay/dns.h"
23 #include "feature/relay/router.h"
26 #include "feature/relay/selftest.h"
28 
30 
33 
34 #ifndef COCCI
35 #define DECLARE_EVENT(name, roles, flags) \
36  static periodic_event_item_t name ## _event = \
37  PERIODIC_EVENT(name, \
38  PERIODIC_EVENT_ROLE_##roles, \
39  flags)
40 #endif /* !defined(COCCI) */
41 
42 #define FL(name) (PERIODIC_EVENT_FLAG_##name)
43 
44 /**
45  * Periodic callback: If we're a server and initializing dns failed, retry.
46  */
47 static int
48 retry_dns_callback(time_t now, const or_options_t *options)
49 {
50  (void)now;
51 #define RETRY_DNS_INTERVAL (10*60)
52  if (server_mode(options) && has_dns_init_failed())
53  dns_init();
54  return RETRY_DNS_INTERVAL;
55 }
56 
57 DECLARE_EVENT(retry_dns, ROUTER, 0);
58 
59 static int dns_honesty_first_time = 1;
60 
61 /**
62  * Periodic event: if we're an exit, see if our DNS server is telling us
63  * obvious lies.
64  */
65 static int
66 check_dns_honesty_callback(time_t now, const or_options_t *options)
67 {
68  (void)now;
69  /* 9. and if we're an exit node, check whether our DNS is telling stories
70  * to us. */
71  if (net_is_disabled() ||
72  ! public_server_mode(options) ||
74  return PERIODIC_EVENT_NO_UPDATE;
75 
76  if (dns_honesty_first_time) {
77  /* Don't launch right when we start */
78  dns_honesty_first_time = 0;
79  return crypto_rand_int_range(60, 180);
80  }
81 
83  return 12*3600 + crypto_rand_int(12*3600);
84 }
85 
86 DECLARE_EVENT(check_dns_honesty, RELAY, FL(NEED_NET));
87 
88 /* Periodic callback: rotate the onion keys after the period defined by the
89  * "onion-key-rotation-days" consensus parameter, shut down and restart all
90  * cpuworkers, and update our descriptor if necessary.
91  */
92 static int
93 rotate_onion_key_callback(time_t now, const or_options_t *options)
94 {
95  if (server_mode(options)) {
96  int onion_key_lifetime = get_onion_key_lifetime();
97  time_t rotation_time = get_onion_key_set_at()+onion_key_lifetime;
98  if (rotation_time > now) {
100  }
101 
102  log_info(LD_GENERAL,"Rotating onion key.");
105  if (router_rebuild_descriptor(1)<0) {
106  log_info(LD_CONFIG, "Couldn't rebuild router descriptor");
107  }
111  }
112  return PERIODIC_EVENT_NO_UPDATE;
113 }
114 
115 DECLARE_EVENT(rotate_onion_key, ROUTER, 0);
116 
117 /** Periodic callback: consider rebuilding or and re-uploading our descriptor
118  * (if we've passed our internal checks). */
119 static int
120 check_descriptor_callback(time_t now, const or_options_t *options)
121 {
122 /** How often do we check whether part of our router info has changed in a
123  * way that would require an upload? That includes checking whether our IP
124  * address has changed. */
125 #define CHECK_DESCRIPTOR_INTERVAL (60)
126 
127  (void)options;
128 
129  /* 2b. Once per minute, regenerate and upload the descriptor if the old
130  * one is inaccurate. */
131  if (!net_is_disabled()) {
136  }
137 
138  return CHECK_DESCRIPTOR_INTERVAL;
139 }
140 
141 DECLARE_EVENT(check_descriptor, ROUTER, FL(NEED_NET));
142 
143 static int dirport_reachability_count = 0;
144 
145 /**
146  * Periodic callback: check whether we're reachable (as a relay), and
147  * whether our bandwidth has changed enough that we need to
148  * publish a new descriptor.
149  */
150 static int
152 {
153  /* XXXX This whole thing was stuck in the middle of what is now
154  * XXXX check_descriptor_callback. I'm not sure it's right. */
155 
156  /* also, check religiously for reachability, if it's within the first
157  * 20 minutes of our uptime. */
158  if (server_mode(options) &&
160  !net_is_disabled()) {
162  router_do_reachability_checks(1, dirport_reachability_count==0);
163  if (++dirport_reachability_count > 5)
164  dirport_reachability_count = 0;
165  return 1;
166  } else {
167  /* If we haven't checked for 12 hours and our bandwidth estimate is
168  * low, do another bandwidth test. This is especially important for
169  * bridges, since they might go long periods without much use. */
171  static int first_time = 1;
172  if (!first_time && me &&
173  me->bandwidthcapacity < me->bandwidthrate &&
174  me->bandwidthcapacity < 51200) {
176  }
177  first_time = 0;
178 #define BANDWIDTH_RECHECK_INTERVAL (12*60*60)
179  return BANDWIDTH_RECHECK_INTERVAL;
180  }
181  }
182  return CHECK_DESCRIPTOR_INTERVAL;
183 }
184 
185 DECLARE_EVENT(check_for_reachability_bw, ROUTER, FL(NEED_NET));
186 
187 /**
188  * Callback: Send warnings if Tor doesn't find its ports reachable.
189  */
190 static int
191 reachability_warnings_callback(time_t now, const or_options_t *options)
192 {
193  (void) now;
194 
197  }
198 
199  if (server_mode(options) &&
200  !net_is_disabled() &&
202  /* every 20 minutes, check and complain if necessary */
204  if (me && !check_whether_orport_reachable(options)) {
205  char *address = tor_dup_ip(me->addr);
206  log_warn(LD_CONFIG,"Your server (%s:%d) has not managed to confirm that "
207  "its ORPort is reachable. Relays do not publish descriptors "
208  "until their ORPort and DirPort are reachable. Please check "
209  "your firewalls, ports, address, /etc/hosts file, etc.",
210  address, me->or_port);
212  "REACHABILITY_FAILED ORADDRESS=%s:%d",
213  address, me->or_port);
214  tor_free(address);
215  }
216 
217  if (me && !check_whether_dirport_reachable(options)) {
218  char *address = tor_dup_ip(me->addr);
219  log_warn(LD_CONFIG,
220  "Your server (%s:%d) has not managed to confirm that its "
221  "DirPort is reachable. Relays do not publish descriptors "
222  "until their ORPort and DirPort are reachable. Please check "
223  "your firewalls, ports, address, /etc/hosts file, etc.",
224  address, me->dir_port);
226  "REACHABILITY_FAILED DIRADDRESS=%s:%d",
227  address, me->dir_port);
228  tor_free(address);
229  }
230  }
231 
233 }
234 
235 DECLARE_EVENT(reachability_warnings, ROUTER, FL(NEED_NET));
236 
237 /* Periodic callback: Every 30 seconds, check whether it's time to make new
238  * Ed25519 subkeys.
239  */
240 static int
241 check_ed_keys_callback(time_t now, const or_options_t *options)
242 {
243  if (server_mode(options)) {
244  if (should_make_new_ed_keys(options, now)) {
245  int new_signing_key = load_ed_keys(options, now);
246  if (new_signing_key < 0 ||
247  generate_ed_link_cert(options, now, new_signing_key > 0)) {
248  log_err(LD_OR, "Unable to update Ed25519 keys! Exiting.");
250  }
251  }
252  return 30;
253  }
254  return PERIODIC_EVENT_NO_UPDATE;
255 }
256 
257 DECLARE_EVENT(check_ed_keys, ROUTER, 0);
258 
259 /* Period callback: Check if our old onion keys are still valid after the
260  * period of time defined by the consensus parameter
261  * "onion-key-grace-period-days", otherwise expire them by setting them to
262  * NULL.
263  */
264 static int
265 check_onion_keys_expiry_time_callback(time_t now, const or_options_t *options)
266 {
267  if (server_mode(options)) {
268  int onion_key_grace_period = get_onion_key_grace_period();
269  time_t expiry_time = get_onion_key_set_at()+onion_key_grace_period;
270  if (expiry_time > now) {
272  }
273 
274  log_info(LD_GENERAL, "Expiring old onion keys.");
278  }
279 
280  return PERIODIC_EVENT_NO_UPDATE;
281 }
282 
283 DECLARE_EVENT(check_onion_keys_expiry_time, ROUTER, 0);
284 
285 void
286 relay_register_periodic_events(void)
287 {
288  periodic_events_register(&retry_dns_event);
289  periodic_events_register(&check_dns_honesty_event);
290  periodic_events_register(&rotate_onion_key_event);
291  periodic_events_register(&check_descriptor_event);
292  periodic_events_register(&check_for_reachability_bw_event);
293  periodic_events_register(&reachability_warnings_event);
294  periodic_events_register(&check_ed_keys_event);
295  periodic_events_register(&check_onion_keys_expiry_time_event);
296 
297  dns_honesty_first_time = 1;
298  dirport_reachability_count = 0;
299 }
300 
301 /**
302  * Update our schedule so that we'll check whether we need to update our
303  * descriptor immediately, rather than after up to CHECK_DESCRIPTOR_INTERVAL
304  * seconds.
305  */
306 void
308 {
309  periodic_event_reschedule(&check_descriptor_event);
310 }
static int check_descriptor_callback(time_t now, const or_options_t *options)
Header for periodic.c.
uint16_t dir_port
Definition: routerinfo_st.h:26
int router_rebuild_descriptor(int force)
Definition: router.c:2326
Router descriptor structure.
Common functions for using (pseudo-)random number generators.
#define ONION_KEY_CONSENSUS_CHECK_INTERVAL
Definition: or.h:152
long get_uptime(void)
Definition: mainloop.c:2522
static int check_for_reachability_bw_callback(time_t now, const or_options_t *options)
#define LD_GENERAL
Definition: log.h:62
void reschedule_descriptor_update_check(void)
int dns_init(void)
Definition: dns.c:224
int any_predicted_circuits(time_t now)
static int retry_dns_callback(time_t now, const or_options_t *options)
void router_do_reachability_checks(int test_or, int test_dir)
Definition: selftest.c:172
Header file for cpuworker.c.
int crypto_rand_int_range(unsigned int min, unsigned int max)
time_t get_onion_key_set_at(void)
Definition: router.c:328
#define tor_free(p)
Definition: malloc.h:52
void tor_shutdown_event_loop_and_exit(int exitcode)
Definition: mainloop.c:765
Header file for mainloop.c.
uint32_t bandwidthrate
Definition: routerinfo_st.h:56
static int check_dns_honesty_callback(time_t now, const or_options_t *options)
void check_descriptor_ipaddress_changed(time_t now)
Definition: router.c:2518
void periodic_events_register(periodic_event_item_t *item)
Definition: periodic.c:220
Header for feature/relay/relay_periodic.c.
static int reachability_warnings_callback(time_t now, const or_options_t *options)
Header file for routermode.c.
int has_dns_init_failed(void)
Definition: dns.c:266
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:55
int net_is_disabled(void)
Definition: netstatus.c:25
void mark_my_descriptor_dirty_if_too_old(time_t now)
Definition: router.c:2380
Master header file for Tor-specific functionality.
int crypto_rand_int(unsigned int max)
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:421
void periodic_event_reschedule(periodic_event_item_t *event)
Definition: periodic.c:107
uint32_t bandwidthcapacity
Definition: routerinfo_st.h:60
#define LOG_WARN
Definition: log.h:53
Header for routerkeys.c.
Header for netstatus.c.
Header file for circuituse.c.
void cpuworkers_rotate_keyinfo(void)
Definition: cpuworker.c:188
#define LD_OR
Definition: log.h:92
int get_onion_key_grace_period(void)
Definition: router.c:780
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:365
void router_upload_dir_desc_to_dirservers(int force)
Definition: router.c:1493
void expire_old_onion_keys(void)
Definition: router.c:236
const routerinfo_t * router_get_my_routerinfo(void)
Definition: router.c:1623
void rotate_onion_key(void)
Definition: router.c:468
Header file for router.c.
void consider_publishable_server(int force)
Definition: router.c:1381
int router_my_exit_policy_is_reject_star(void)
Definition: router.c:1574
uint16_t or_port
Definition: routerinfo_st.h:25
int get_onion_key_lifetime(void)
Definition: router.c:770
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
Definition: or.h:549
Header file for selftest.c.
uint32_t addr
Definition: routerinfo_st.h:24
void reset_bandwidth_test(void)
Definition: circuituse.c:1607
int control_event_server_status(int severity, const char *format,...)
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for control_events.c.
void check_descriptor_bandwidth_changed(time_t now)
Definition: router.c:2450
int check_whether_orport_reachable(const or_options_t *options)
Definition: selftest.c:75
Header file for dns.c.
Header file for predict_ports.c.
#define LD_CONFIG
Definition: log.h:68
int advertised_server_mode(void)
Definition: routermode.c:55
void dns_launch_correctness_checks(void)
Definition: dns.c:2044
int check_whether_dirport_reachable(const or_options_t *options)
Definition: selftest.c:92
int have_completed_a_circuit(void)
Definition: mainloop.c:219
char * tor_dup_ip(uint32_t addr)
Definition: address.c:1948