Tor  0.4.6.0-alpha-dev
relay_periodic.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2020, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * @file relay_periodic.c
9  * @brief Periodic functions for the relay subsystem
10  **/
11 
12 #include "orconfig.h"
13 #include "core/or/or.h"
14 
16 
17 #include "core/mainloop/periodic.h"
18 #include "core/mainloop/cpuworker.h" // XXXX use a pubsub event.
19 #include "core/mainloop/mainloop.h"
21 #include "core/or/circuituse.h" // XXXX move have_performed_bandwidth_test
22 
23 #include "feature/relay/dns.h"
25 #include "feature/relay/router.h"
28 #include "feature/relay/selftest.h"
30 
32 
35 
36 #ifndef COCCI
37 #define DECLARE_EVENT(name, roles, flags) \
38  static periodic_event_item_t name ## _event = \
39  PERIODIC_EVENT(name, \
40  PERIODIC_EVENT_ROLE_##roles, \
41  flags)
42 #endif /* !defined(COCCI) */
43 
44 #define FL(name) (PERIODIC_EVENT_FLAG_##name)
45 
46 /**
47  * Periodic callback: If we're a server and initializing dns failed, retry.
48  */
49 static int
50 retry_dns_callback(time_t now, const or_options_t *options)
51 {
52  (void)now;
53 #define RETRY_DNS_INTERVAL (10*60)
54  if (server_mode(options) && has_dns_init_failed())
55  dns_init();
56  return RETRY_DNS_INTERVAL;
57 }
58 
59 DECLARE_EVENT(retry_dns, ROUTER, 0);
60 
61 static int dns_honesty_first_time = 1;
62 
63 /**
64  * Periodic event: if we're an exit, see if our DNS server is telling us
65  * obvious lies.
66  */
67 static int
68 check_dns_honesty_callback(time_t now, const or_options_t *options)
69 {
70  (void)now;
71  /* 9. and if we're an exit node, check whether our DNS is telling stories
72  * to us. */
73  if (net_is_disabled() ||
74  ! public_server_mode(options) ||
76  return PERIODIC_EVENT_NO_UPDATE;
77 
78  if (dns_honesty_first_time) {
79  /* Don't launch right when we start */
80  dns_honesty_first_time = 0;
81  return crypto_rand_int_range(60, 180);
82  }
83 
85  return 12*3600 + crypto_rand_int(12*3600);
86 }
87 
88 DECLARE_EVENT(check_dns_honesty, RELAY, FL(NEED_NET));
89 
90 /* Periodic callback: rotate the onion keys after the period defined by the
91  * "onion-key-rotation-days" consensus parameter, shut down and restart all
92  * cpuworkers, and update our descriptor if necessary.
93  */
94 static int
95 rotate_onion_key_callback(time_t now, const or_options_t *options)
96 {
97  if (server_mode(options)) {
98  int onion_key_lifetime = get_onion_key_lifetime();
99  time_t rotation_time = get_onion_key_set_at()+onion_key_lifetime;
100  if (rotation_time > now) {
102  }
103 
104  log_info(LD_GENERAL,"Rotating onion key.");
107  if (router_rebuild_descriptor(1)<0) {
108  log_info(LD_CONFIG, "Couldn't rebuild router descriptor");
109  }
113  }
114  return PERIODIC_EVENT_NO_UPDATE;
115 }
116 
117 DECLARE_EVENT(rotate_onion_key, ROUTER, 0);
118 
119 /** Periodic callback: consider rebuilding or and re-uploading our descriptor
120  * (if we've passed our internal checks). */
121 static int
122 check_descriptor_callback(time_t now, const or_options_t *options)
123 {
124 /** How often do we check whether part of our router info has changed in a
125  * way that would require an upload? That includes checking whether our IP
126  * address has changed. */
127 #define CHECK_DESCRIPTOR_INTERVAL (60)
128 
129  (void)options;
130 
131  /* 2b. Once per minute, regenerate and upload the descriptor if the old
132  * one is inaccurate. */
133  if (!net_is_disabled()) {
138  }
139 
140  return CHECK_DESCRIPTOR_INTERVAL;
141 }
142 
143 DECLARE_EVENT(check_descriptor, ROUTER, FL(NEED_NET));
144 
145 static int dirport_reachability_count = 0;
146 
147 /**
148  * Periodic callback: check whether we're reachable (as a relay), and
149  * whether our bandwidth has changed enough that we need to
150  * publish a new descriptor.
151  */
152 static int
154 {
155  /* XXXX This whole thing was stuck in the middle of what is now
156  * XXXX check_descriptor_callback. I'm not sure it's right. */
157  /** How often should we consider launching reachability tests in our first
158  * TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT seconds? */
159 #define EARLY_CHECK_REACHABILITY_INTERVAL (60)
160 
161  /* also, check religiously for reachability, if it's within the first
162  * 20 minutes of our uptime. */
163  if (server_mode(options) &&
165  !net_is_disabled()) {
167  router_do_reachability_checks(1, dirport_reachability_count==0);
168  if (++dirport_reachability_count > 5)
169  dirport_reachability_count = 0;
170  return EARLY_CHECK_REACHABILITY_INTERVAL;
171  } else {
172  /* If we haven't checked for 12 hours and our bandwidth estimate is
173  * low, do another bandwidth test. This is especially important for
174  * bridges, since they might go long periods without much use. */
176  static int first_time = 1;
177  if (!first_time && me &&
178  me->bandwidthcapacity < me->bandwidthrate &&
179  me->bandwidthcapacity < 51200) {
181  }
182  first_time = 0;
183 #define BANDWIDTH_RECHECK_INTERVAL (12*60*60)
184  return BANDWIDTH_RECHECK_INTERVAL;
185  }
186  }
187  return CHECK_DESCRIPTOR_INTERVAL;
188 }
189 
190 DECLARE_EVENT(check_for_reachability_bw, ROUTER, FL(NEED_NET));
191 
192 /**
193  * Callback: Send warnings if Tor doesn't find its ports reachable.
194  */
195 static int
196 reachability_warnings_callback(time_t now, const or_options_t *options)
197 {
198  (void) now;
199 
202  }
203 
204  if (server_mode(options) &&
205  !net_is_disabled() &&
207  /* every 20 minutes, check and complain if necessary */
209  bool v4_ok =
210  router_orport_seems_reachable(options,AF_INET);
211  bool v6_ok =
212  router_orport_seems_reachable(options,AF_INET6);
213  if (me && !(v4_ok && v6_ok)) {
214  /* We need to warn that one or more of our ORPorts isn't reachable.
215  * Determine which, and give a reasonable warning. */
216  char *address4 = tor_addr_to_str_dup(&me->ipv4_addr);
217  char *address6 = tor_addr_to_str_dup(&me->ipv6_addr);
218  if (address4 || address6) {
219  char *where4=NULL, *where6=NULL;
220  if (!v4_ok)
221  tor_asprintf(&where4, "%s:%d", address4, me->ipv4_orport);
222  if (!v6_ok)
223  tor_asprintf(&where6, "[%s]:%d", address6, me->ipv6_orport);
224  const char *opt_and = (!v4_ok && !v6_ok) ? "and" : "";
225 
226  /* IPv4 reachability test worked but not the IPv6. We will _not_
227  * publish the descriptor if our IPv6 was configured. We will if it
228  * was auto discovered. */
229  if (v4_ok && !v6_ok && !resolved_addr_is_configured(AF_INET6)) {
230  static ratelim_t rlim = RATELIM_INIT(3600);
232  "Auto-discovered IPv6 address %s has not been found "
233  "reachable. However, IPv4 address is reachable. "
234  "Publishing server descriptor without IPv6 address.",
235  where6 ? where6 : "");
236  /* Indicate we want to publish even if reachability test failed. */
237  mark_my_descriptor_if_omit_ipv6_changes("IPv4 is reachable. "
238  "IPv6 is not but was "
239  "auto-discovered", true);
240  } else {
241  log_warn(LD_CONFIG,
242  "Your server has not managed to confirm reachability for "
243  "its ORPort(s) at %s%s%s. Relays do not publish "
244  "descriptors until their ORPort and DirPort are "
245  "reachable. Please check your firewalls, ports, address, "
246  "/etc/hosts file, etc.",
247  where4?where4:"",
248  opt_and,
249  where6?where6:"");
250  }
251  tor_free(where4);
252  tor_free(where6);
253  if (!v4_ok) {
255  "REACHABILITY_FAILED ORADDRESS=%s:%d",
256  address4, me->ipv4_orport);
257  }
258  if (!v6_ok) {
260  "REACHABILITY_FAILED ORADDRESS=[%s]:%d",
261  address6, me->ipv6_orport);
262  }
263  }
264  tor_free(address4);
265  tor_free(address6);
266  }
267 
268  if (me && !router_dirport_seems_reachable(options)) {
269  char *address4 = tor_addr_to_str_dup(&me->ipv4_addr);
270  log_warn(LD_CONFIG,
271  "Your server (%s:%d) has not managed to confirm that its "
272  "DirPort is reachable. Relays do not publish descriptors "
273  "until their ORPort and DirPort are reachable. Please check "
274  "your firewalls, ports, address, /etc/hosts file, etc.",
275  address4, me->ipv4_dirport);
277  "REACHABILITY_FAILED DIRADDRESS=%s:%d",
278  address4, me->ipv4_dirport);
279  tor_free(address4);
280  }
281  }
282 
284 }
285 
286 DECLARE_EVENT(reachability_warnings, ROUTER, FL(NEED_NET));
287 
288 /* Periodic callback: Every 30 seconds, check whether it's time to make new
289  * Ed25519 subkeys.
290  */
291 static int
292 check_ed_keys_callback(time_t now, const or_options_t *options)
293 {
294  if (server_mode(options)) {
295  if (should_make_new_ed_keys(options, now)) {
296  int new_signing_key = load_ed_keys(options, now);
297  if (new_signing_key < 0 ||
298  generate_ed_link_cert(options, now, new_signing_key > 0)) {
299  log_err(LD_OR, "Unable to update Ed25519 keys! Exiting.");
301  }
302  }
303  return 30;
304  }
305  return PERIODIC_EVENT_NO_UPDATE;
306 }
307 
308 DECLARE_EVENT(check_ed_keys, ROUTER, 0);
309 
310 /* Period callback: Check if our old onion keys are still valid after the
311  * period of time defined by the consensus parameter
312  * "onion-key-grace-period-days", otherwise expire them by setting them to
313  * NULL.
314  */
315 static int
316 check_onion_keys_expiry_time_callback(time_t now, const or_options_t *options)
317 {
318  if (server_mode(options)) {
319  int onion_key_grace_period = get_onion_key_grace_period();
320  time_t expiry_time = get_onion_key_set_at()+onion_key_grace_period;
321  if (expiry_time > now) {
323  }
324 
325  log_info(LD_GENERAL, "Expiring old onion keys.");
329  }
330 
331  return PERIODIC_EVENT_NO_UPDATE;
332 }
333 
334 DECLARE_EVENT(check_onion_keys_expiry_time, ROUTER, 0);
335 
336 void
337 relay_register_periodic_events(void)
338 {
339  periodic_events_register(&retry_dns_event);
340  periodic_events_register(&check_dns_honesty_event);
341  periodic_events_register(&rotate_onion_key_event);
342  periodic_events_register(&check_descriptor_event);
343  periodic_events_register(&check_for_reachability_bw_event);
344  periodic_events_register(&reachability_warnings_event);
345  periodic_events_register(&check_ed_keys_event);
346  periodic_events_register(&check_onion_keys_expiry_time_event);
347 
348  dns_honesty_first_time = 1;
349  dirport_reachability_count = 0;
350 }
351 
352 /**
353  * Update our schedule so that we'll check whether we need to update our
354  * descriptor immediately, rather than after up to CHECK_DESCRIPTOR_INTERVAL
355  * seconds.
356  */
357 void
359 {
360  periodic_event_reschedule(&check_descriptor_event);
361 }
TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
Definition: or.h:550
crypto_rand_int_range
int crypto_rand_int_range(unsigned int min, unsigned int max)
Definition: crypto_rand_numeric.c:71
selftest.h
Header file for selftest.c.
routermode.h
Header file for routermode.c.
net_is_disabled
int net_is_disabled(void)
Definition: netstatus.c:25
tor_free
#define tor_free(p)
Definition: malloc.h:52
routerinfo_t
Definition: routerinfo_st.h:20
should_make_new_ed_keys
int should_make_new_ed_keys(const or_options_t *options, const time_t now)
Definition: routerkeys.c:419
periodic_event_reschedule
void periodic_event_reschedule(periodic_event_item_t *event)
Definition: periodic.c:106
check_descriptor_callback
static int check_descriptor_callback(time_t now, const or_options_t *options)
Definition: relay_periodic.c:122
routerinfo_t::bandwidthcapacity
uint32_t bandwidthcapacity
Definition: routerinfo_st.h:58
get_onion_key_grace_period
int get_onion_key_grace_period(void)
Definition: router.c:787
retry_dns_callback
static int retry_dns_callback(time_t now, const or_options_t *options)
Definition: relay_periodic.c:50
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
netstatus.h
Header for netstatus.c.
mark_my_descriptor_if_omit_ipv6_changes
void mark_my_descriptor_if_omit_ipv6_changes(const char *reason, bool omit_ipv6)
Definition: router.c:2487
routerkeys.h
Header for routerkeys.c.
router.h
Header file for router.c.
circuituse.h
Header file for circuituse.c.
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
router_get_my_routerinfo
const routerinfo_t * router_get_my_routerinfo(void)
Definition: router.c:1763
reschedule_descriptor_update_check
void reschedule_descriptor_update_check(void)
Definition: relay_periodic.c:358
periodic.h
Header for periodic.c.
check_for_reachability_bw_callback
static int check_for_reachability_bw_callback(time_t now, const or_options_t *options)
Definition: relay_periodic.c:153
reachability_warnings_callback
static int reachability_warnings_callback(time_t now, const or_options_t *options)
Definition: relay_periodic.c:196
get_onion_key_lifetime
int get_onion_key_lifetime(void)
Definition: router.c:777
router_rebuild_descriptor
int router_rebuild_descriptor(int force)
Definition: router.c:2420
routerinfo_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
cpuworkers_rotate_keyinfo
void cpuworkers_rotate_keyinfo(void)
Definition: cpuworker.c:188
crypto_rand_int
int crypto_rand_int(unsigned int max)
Definition: crypto_rand_numeric.c:52
resolved_addr_is_configured
bool resolved_addr_is_configured(int family)
Definition: resolve_addr.c:109
router_upload_dir_desc_to_dirservers
void router_upload_dir_desc_to_dirservers(int force)
Definition: router.c:1608
mainloop.h
Header file for mainloop.c.
router_my_exit_policy_is_reject_star
int router_my_exit_policy_is_reject_star(void)
Definition: router.c:1689
generate_ed_link_cert
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
Definition: routerkeys.c:365
check_descriptor_bandwidth_changed
void check_descriptor_bandwidth_changed(time_t now)
Definition: router.c:2581
advertised_server_mode
int advertised_server_mode(void)
Definition: routermode.c:55
routerinfo_t::ipv4_addr
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
LD_OR
#define LD_OR
Definition: log.h:92
control_event_server_status
int control_event_server_status(int severity, const char *format,...)
Definition: control_events.c:1796
get_onion_key_set_at
time_t get_onion_key_set_at(void)
Definition: router.c:332
router_do_reachability_checks
void router_do_reachability_checks(int test_or, int test_dir)
Definition: selftest.c:333
dns_init
int dns_init(void)
Definition: dns.c:224
ONION_KEY_CONSENSUS_CHECK_INTERVAL
#define ONION_KEY_CONSENSUS_CHECK_INTERVAL
Definition: or.h:151
have_completed_a_circuit
int have_completed_a_circuit(void)
Definition: mainloop.c:220
predict_ports.h
Header file for predict_ports.c.
routerinfo_st.h
Router descriptor structure.
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
tor_addr_to_str_dup
char * tor_addr_to_str_dup(const tor_addr_t *addr)
Definition: address.c:1164
crypto_rand.h
Common functions for using (pseudo-)random number generators.
control_events.h
Header file for control_events.c.
has_dns_init_failed
int has_dns_init_failed(void)
Definition: dns.c:266
relay_periodic.h
Header for feature/relay/relay_periodic.c.
resolve_addr.h
Header file for resolve_addr.c.
any_predicted_circuits
int any_predicted_circuits(time_t now)
Definition: predict_ports.c:253
server_mode
int server_mode(const or_options_t *options)
Definition: routermode.c:34
cpuworker.h
Header file for cpuworker.c.
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
log_fn_ratelim
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
router_dirport_seems_reachable
int router_dirport_seems_reachable(const or_options_t *options)
Definition: selftest.c:148
public_server_mode
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
LOG_WARN
#define LOG_WARN
Definition: log.h:53
tor_shutdown_event_loop_and_exit
void tor_shutdown_event_loop_and_exit(int exitcode)
Definition: mainloop.c:766
periodic_events_register
void periodic_events_register(periodic_event_item_t *item)
Definition: periodic.c:219
mark_my_descriptor_dirty_if_too_old
void mark_my_descriptor_dirty_if_too_old(time_t now)
Definition: router.c:2509
or_options_t
Definition: or_options_st.h:64
get_uptime
long get_uptime(void)
Definition: mainloop.c:2526
reset_bandwidth_test
void reset_bandwidth_test(void)
Definition: circuituse.c:1617
rotate_onion_key
void rotate_onion_key(void)
Definition: router.c:475
dns.h
Header file for dns.c.
check_dns_honesty_callback
static int check_dns_honesty_callback(time_t now, const or_options_t *options)
Definition: relay_periodic.c:68
consider_publishable_server
void consider_publishable_server(int force)
Definition: router.c:1422
load_ed_keys
int load_ed_keys(const or_options_t *options, time_t now)
Definition: routerkeys.c:55
check_descriptor_ipaddress_changed
void check_descriptor_ipaddress_changed(time_t now)
Definition: router.c:2656
dns_launch_correctness_checks
void dns_launch_correctness_checks(void)
Definition: dns.c:2021
routerinfo_t::bandwidthrate
uint32_t bandwidthrate
Definition: routerinfo_st.h:54
expire_old_onion_keys
void expire_old_onion_keys(void)
Definition: router.c:240
router_orport_seems_reachable
int router_orport_seems_reachable(const or_options_t *options, int family)
Definition: selftest.c:106
ratelim_t
Definition: ratelim.h:42
or.h
Master header file for Tor-specific functionality.