Tor
0.4.7.0-alpha-dev
|
Header file for router.c. More...
#include "lib/testsupport/testsupport.h"
Go to the source code of this file.
Macros | |
#define | TOR_ROUTERINFO_ERROR_NO_EXT_ADDR (-1) |
#define | TOR_ROUTERINFO_ERROR_CANNOT_PARSE (-2) |
#define | TOR_ROUTERINFO_ERROR_NOT_A_SERVER (-3) |
#define | TOR_ROUTERINFO_ERROR_DIGEST_FAILED (-4) |
#define | TOR_ROUTERINFO_ERROR_CANNOT_GENERATE (-5) |
#define | TOR_ROUTERINFO_ERROR_DESC_REBUILDING (-6) |
#define | TOR_ROUTERINFO_ERROR_INTERNAL_BUG (-7) |
#define | get_server_identity_key() (tor_abort_(),NULL) |
#define | ntor_key_map_free(map) FREE_AND_NULL(di_digest256_map_t, ntor_key_map_free_, (map)) |
void check_descriptor_bandwidth_changed | ( | time_t | now | ) |
Check whether bandwidth has changed a lot since the last time we announced bandwidth while the uptime is smaller than MAX_UPTIME_BANDWIDTH_CHANGE. If so, mark our descriptor dirty.
Definition at line 2600 of file router.c.
Referenced by check_descriptor_callback().
void check_descriptor_ipaddress_changed | ( | time_t | now | ) |
Check whether our own address has changed versus the one we have in our current descriptor.
If our address has changed, call ip_address_changed() which takes appropriate actions.
Definition at line 2675 of file router.c.
Referenced by check_descriptor_callback().
int client_identity_key_is_set | ( | void | ) |
void consider_publishable_server | ( | int | force | ) |
Initiate server descriptor upload as reasonable (if server is publishable, etc). force is as for router_upload_dir_desc_to_dirservers.
We need to rebuild the descriptor if it's dirty even if we're not uploading, because our reachability testing uses our descriptor to determine what IP address and ports to test.
Definition at line 1461 of file router.c.
Referenced by check_descriptor_callback().
di_digest256_map_t* construct_ntor_key_map | ( | void | ) |
void dup_onion_keys | ( | crypto_pk_t ** | key, |
crypto_pk_t ** | last | ||
) |
void expire_old_onion_keys | ( | void | ) |
authority_cert_t* get_my_v3_authority_cert | ( | void | ) |
Return the key certificate for this v3 (voting) authority, or NULL if we have no such certificate.
Definition at line 449 of file router.c.
Referenced by authority_cert_get_by_sk_digest(), dirvote_perform_vote(), and handle_get_keys().
crypto_pk_t* get_my_v3_authority_signing_key | ( | void | ) |
Return the v3 signing key for this v3 (voting) authority, or NULL if we have no such key.
Definition at line 457 of file router.c.
Referenced by dirvote_perform_vote().
authority_cert_t* get_my_v3_legacy_cert | ( | void | ) |
If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return the certificate associated with that key.
Definition at line 466 of file router.c.
Referenced by authority_cert_get_by_sk_digest().
crypto_pk_t* get_my_v3_legacy_signing_key | ( | void | ) |
crypto_pk_t* get_onion_key | ( | void | ) |
int get_onion_key_grace_period | ( | void | ) |
int get_onion_key_lifetime | ( | void | ) |
time_t get_onion_key_set_at | ( | void | ) |
crypto_pk_t* get_tlsclient_identity_key | ( | void | ) |
Returns the current client identity key for use on outgoing TLS connections; requires that the key has been set.
Definition at line 432 of file router.c.
Referenced by channel_set_circid_type().
int init_keys | ( | void | ) |
Initialize all OR private keys, and the TLS context, as necessary. On OPs, this only initializes the tls context. Return 0 on success, or -1 if Tor should die.
Definition at line 962 of file router.c.
Referenced by accounting_set_wakeup_time().
void log_addr_has_changed | ( | int | severity, |
const tor_addr_t * | prev, | ||
const tor_addr_t * | cur, | ||
const char * | source | ||
) |
void mark_my_descriptor_dirty | ( | const char * | reason | ) |
Call when the current descriptor is out of date.
Definition at line 2569 of file router.c.
Referenced by mark_my_descriptor_dirty_if_too_old(), mark_my_descriptor_if_omit_ipv6_changes(), and options_act_relay_desc().
void mark_my_descriptor_dirty_if_too_old | ( | time_t | now | ) |
Mark descriptor out of date if it's been "too long" since we last tried to upload one.
Definition at line 2528 of file router.c.
Referenced by check_descriptor_callback().
void mark_my_descriptor_if_omit_ipv6_changes | ( | const char * | reason, |
bool | omit_ipv6 | ||
) |
void ntor_key_map_free_ | ( | di_digest256_map_t * | map | ) |
void rotate_onion_key | ( | void | ) |
Replace the previous onion key with the current onion key, and generate a new previous onion key. Immediately after calling this function, the OR should:
bool router_addr_is_my_published_addr | ( | const tor_addr_t * | addr | ) |
int router_build_fresh_descriptor | ( | routerinfo_t ** | r, |
extrainfo_t ** | e | ||
) |
Build a fresh routerinfo, signed server descriptor, and signed extrainfo document for this OR.
Set r to the generated routerinfo, e to the generated extrainfo document. Failure to generate an extra-info document is not an error and is indicated by setting e to NULL. Return 0 on success, and a negative value on temporary error. Caller is responsible for freeing generated documents on success.
bool router_can_extend_over_ipv6 | ( | const or_options_t * | options | ) |
Returns true if this router can extend over IPv6.
This check should only be performed by relay extend code.
Clients should check if relays can initiate and accept IPv6 extends using node_supports_initiating_ipv6_extends() and node_supports_accepting_ipv6_extends().
As with other extends, relays should assume the client has already performed the relevant checks for the next hop. (Otherwise, relays that have just added IPv6 ORPorts won't be able to self-test those ORPorts.)
Accepting relays don't need to perform any IPv6-specific checks before accepting a connection, because having an IPv6 ORPort implies support for the relevant protocol version.
Definition at line 1594 of file router.c.
Referenced by extend_info_pick_orport().
int router_compare_to_my_exit_policy | ( | const tor_addr_t * | addr, |
uint16_t | port | ||
) |
OR only: Check whether my exit policy says to allow connection to conn. Return 0 if we accept; non-0 if we reject.
Definition at line 1692 of file router.c.
Referenced by my_exit_policy_rejects().
int router_digest_is_me | ( | const char * | digest | ) |
Return true iff I'm a server and digest is equal to my server identity key digest.
Definition at line 1739 of file router.c.
Referenced by connection_or_connect(), get_signed_descriptor_by_fp(), node_is_me(), node_is_possible_guard(), and router_is_me().
char* router_dump_exit_policy_to_string | ( | const routerinfo_t * | router, |
int | include_ipv4, | ||
int | include_ipv6 | ||
) |
int router_extrainfo_digest_is_me | ( | const char * | digest | ) |
void router_free_all | ( | void | ) |
uint16_t router_get_active_listener_port_by_type_af | ( | int | listener_type, |
sa_family_t | family | ||
) |
Return the port of the first active listener of type listener_type. Returns 0 if no port is found. XXX not a very good interface. it's not reliable when there are multiple listeners.
Definition at line 1482 of file router.c.
Referenced by get_first_listener_addrport_string(), and routerconf_find_or_port().
const char* router_get_descriptor_gen_reason | ( | void | ) |
const char* router_get_my_descriptor | ( | void | ) |
extrainfo_t* router_get_my_extrainfo | ( | void | ) |
Return the extrainfo document for this OR, or NULL if we have none. Rebuilt it (and the server descriptor) if necessary.
Definition at line 1854 of file router.c.
Referenced by extrainfo_insert(), get_signed_descriptor_by_fp(), and router_extrainfo_digest_is_me().
const uint8_t* router_get_my_id_digest | ( | void | ) |
const routerinfo_t* router_get_my_routerinfo | ( | void | ) |
Return a routerinfo for this OR, rebuilding a fresh one if necessary. Return NULL on error, or if called on an OP.
Definition at line 1801 of file router.c.
Referenced by channel_tls_process_netinfo_cell(), check_descriptor_bandwidth_changed(), check_descriptor_ipaddress_changed(), controller_get_routerdescs(), dirclient_fetches_from_authorities(), get_signed_descriptor_by_fp(), have_orport_for_family(), inform_testing_reachability(), log_heartbeat(), reachability_warnings_callback(), router_addr_is_my_published_addr(), router_compare_to_my_exit_policy(), router_do_reachability_checks(), router_get_my_descriptor(), router_my_exit_policy_is_reject_star(), router_orport_found_reachable(), router_should_check_reachability(), router_upload_dir_desc_to_dirservers(), routerlist_insert(), routerlist_insert_old(), and routerlist_replace().
const routerinfo_t* router_get_my_routerinfo_with_err | ( | int * | err | ) |
Return routerinfo of this OR. Rebuild it from scratch if needed. Set *err to 0 on success or to appropriate TOR_ROUTERINFO_ERROR_* value on failure.
Definition at line 1811 of file router.c.
Referenced by router_get_my_routerinfo().
int router_has_bandwidth_to_be_dirserver | ( | const or_options_t * | options | ) |
Return true iff we have enough configured bandwidth to advertise or automatically provide directory services from cache directory information.
Definition at line 1238 of file router.c.
Referenced by dir_server_mode().
int router_initialize_tls_context | ( | void | ) |
int router_is_me | ( | const routerinfo_t * | router | ) |
A wrapper around router_digest_is_me().
int router_my_exit_policy_is_reject_star | ( | void | ) |
Return true iff my exit policy is reject *:*. Return -1 if we don't have a descriptor
Definition at line 1727 of file router.c.
Referenced by check_dns_honesty_callback(), dirclient_fetches_from_authorities(), and directory_caches_dir_info().
void router_new_consensus_params | ( | const networkstatus_t * | ns | ) |
bool router_rebuild_descriptor | ( | int | force | ) |
If force is true, or our descriptor is out-of-date, rebuild a fresh routerinfo, signed server descriptor, and extra-info document for this OR.
Return true on success, else false on temporary error.
Definition at line 2451 of file router.c.
Referenced by consider_publishable_server(), and router_get_my_extrainfo().
void router_reset_warnings | ( | void | ) |
int router_should_advertise_dirport | ( | const or_options_t * | options, |
uint16_t | dir_port | ||
) |
Front-end to decide_to_advertise_dir_impl(): return 0 if we don't want to advertise the fact that we have a DirPort open, else return the DirPort we want to advertise.
void router_upload_dir_desc_to_dirservers | ( | int | force | ) |
OR only: If force is true, or we haven't uploaded this descriptor successfully yet, try to upload our signed descriptor to all the directory servers we know about.
Definition at line 1646 of file router.c.
Referenced by consider_publishable_server().
uint16_t routerconf_find_dir_port | ( | const or_options_t * | options, |
uint16_t | dirport | ||
) |
Return the port that we should advertise as our DirPort; this is one of three possibilities: The one that is passed as dirport if the DirPort option is 0, or the one configured in the DirPort option, or the one we actually bound to if DirPort is "auto".
Definition at line 1607 of file router.c.
Referenced by decide_to_advertise_dir_impl(), and retry_all_listeners().
void routerconf_find_ipv6_or_ap | ( | const or_options_t * | options, |
tor_addr_port_t * | ipv6_ap_out | ||
) |
As routerconf_find_or_port(), but returns the IPv6 address and port in ipv6_ap_out, which must not be NULL. Returns a null address and zero port, if no ORPort is found.
uint16_t routerconf_find_or_port | ( | const or_options_t * | options, |
sa_family_t | family | ||
) |
Return the port that we should advertise as our ORPort in a given address family; this is either the one configured in the ORPort option, or the one we actually bound to if ORPort is "auto". Returns 0 if no port is found.
Definition at line 1502 of file router.c.
Referenced by decide_to_advertise_dir_impl(), relay_find_addr_to_publish(), retry_all_listeners(), routerconf_find_ipv6_or_ap(), and routerconf_has_ipv6_orport().
bool routerconf_has_ipv6_orport | ( | const or_options_t * | options | ) |
Returns true if this router has an advertised IPv6 ORPort.
Definition at line 1563 of file router.c.
Referenced by router_can_extend_over_ipv6().
int routerinfo_err_is_transient | ( | int | err | ) |
Return true if we expect given error to be transient. Return false otherwise.
For simplicity, we consider all errors other than "not a server" transient - see discussion on https://bugs.torproject.org/tpo/core/tor/27034.
const char* routerinfo_err_to_string | ( | int | err | ) |
int server_identity_key_is_set | ( | void | ) |
Return true iff we are a server and the server identity key has been set.
Definition at line 412 of file router.c.
Referenced by accounting_set_wakeup_time().
void set_client_identity_key | ( | crypto_pk_t * | k | ) |
void set_server_identity_key | ( | crypto_pk_t * | k | ) |
int should_refuse_unknown_exits | ( | const or_options_t * | options | ) |
Return true iff the combination of options in options and parameters in the consensus mean that we don't want to allow exits from circuits we got from addresses not known to be servers.
Definition at line 1380 of file router.c.
Referenced by dirclient_fetches_from_authorities(), and directory_caches_dir_info().
void v3_authority_check_key_expiry | ( | void | ) |
If we're a v3 authority, check whether we have a certificate that's likely to expire soon. Warn if we do, but not too often.
Definition at line 726 of file router.c.
Referenced by check_authority_cert_callback().