diff options
| author | Nick Mathewson <nickm@torproject.org> | 2004-11-12 16:39:03 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2004-11-12 16:39:03 +0000 |
| commit | 60880cda84fb98f70e2a70ce073e4803eddd4a1c (patch) | |
| tree | 185db10e4093e2d98b335e55ba9c84a740065b4f | |
| parent | 2a5bcb29e65510a5161726fa2317997fe2fc615b (diff) | |
| download | tor-60880cda84fb98f70e2a70ce073e4803eddd4a1c.tar.gz tor-60880cda84fb98f70e2a70ce073e4803eddd4a1c.zip | |
Resolve a bunch of FIXME items; mark a lot more for attention; ask for clarification on some. Turn all XXXX008 ("showstopper for 0.0.8 release") items into XXXX009 or XXXX, since plainly they were not showstoppers for 0.0.8. Add/clean some docs.
svn:r2808
| -rw-r--r-- | src/common/util.c | 5 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 3 | ||||
| -rw-r--r-- | src/or/config.c | 11 | ||||
| -rw-r--r-- | src/or/connection.c | 2 | ||||
| -rw-r--r-- | src/or/connection_or.c | 2 | ||||
| -rw-r--r-- | src/or/control.c | 32 | ||||
| -rw-r--r-- | src/or/cpuworker.c | 4 | ||||
| -rw-r--r-- | src/or/directory.c | 94 | ||||
| -rw-r--r-- | src/or/dns.c | 42 | ||||
| -rw-r--r-- | src/or/hibernate.c | 5 | ||||
| -rw-r--r-- | src/or/main.c | 12 | ||||
| -rw-r--r-- | src/or/or.h | 7 | ||||
| -rw-r--r-- | src/or/rendclient.c | 3 | ||||
| -rw-r--r-- | src/or/rephist.c | 2 |
14 files changed, 133 insertions, 91 deletions
diff --git a/src/common/util.c b/src/common/util.c index 5d6b08cf96..16cc290a8e 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1028,8 +1028,9 @@ int is_internal_IP(uint32_t ip) { } /** Return true iff <b>ip</b> (in host order) is judged to be on the - * same network as us. For now, check if it's an internal IP. For XXX008, - * also check if it's on the same class C network as our public IP. + * same network as us. For now, check if it's an internal IP. + * + * XXX Also check if it's on the same class C network as our public IP. */ int is_local_IP(uint32_t ip) { return is_internal_IP(ip); diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 6ec3023567..2e7c66b74f 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -422,7 +422,8 @@ int circuit_send_next_onion_skin(circuit_t *circ) { if(!has_completed_circuit) { has_completed_circuit=1; log_fn(LOG_NOTICE,"Tor has successfully opened a circuit. Looks like it's working."); -// XXX008 put a count of known routers here + /* XXX009 put a count of known routers here */ + /* XXXX "Put?" Do you mean log, or something else? -NM */ } circuit_rep_hist_note_result(circ); circuit_has_opened(circ); /* do other actions as necessary */ diff --git a/src/or/config.c b/src/or/config.c index cbc102b96d..0e77d88e9b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -93,6 +93,7 @@ static config_var_t config_vars[] = { VAR("ClientOnly", BOOL, ClientOnly, "0"), VAR("ContactInfo", STRING, ContactInfo, NULL), VAR("ControlPort", UINT, ControlPort, "0"), + VAR("CookieAuthentication",BOOL, CookieAuthentication, "0"), VAR("DebugLogFile", STRING, DebugLogFile, NULL), VAR("DataDirectory", STRING, DataDirectory, NULL), VAR("DirPort", UINT, DirPort, "0"), @@ -294,6 +295,8 @@ options_act(void) { if(options->PidFile) write_pidfile(options->PidFile); + init_cookie_authentication(options->CookieAuthentication); + /* reload keys as needed for rendezvous services. */ if (rend_service_load_keys()<0) { log_fn(LOG_ERR,"Error reloading rendezvous service keys"); @@ -1173,6 +1176,14 @@ options_validate(or_options_t *options) } } + if (options->HashedControlPassword) { + char buf[S2K_SPECIFIER_LEN+DIGEST_LEN]; + if (base64_decode(buf,sizeof(buf),options->HashedControlPassword, + strlen(options->HashedControlPassword)!=sizeof(buf))) { + log_fn(LOG_WARN,"Bad HashedControlPassword: wrong length or bad base64"); + result = -1; + } + } if (check_nickname_list(options->ExitNodes, "ExitNodes")) result = -1; if (check_nickname_list(options->EntryNodes, "EntryNodes")) diff --git a/src/or/connection.c b/src/or/connection.c index ea766fb9f1..47b796eab2 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -833,7 +833,7 @@ int connection_handle_read(connection_t *conn) { if(conn->purpose == DIR_PURPOSE_FETCH_DIR && !all_trusted_directory_servers_down()) { log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->address); - directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0); + directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL); } } return -1; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 1b419e5570..1061410be7 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -211,7 +211,7 @@ connection_t *connection_or_connect(uint32_t addr, uint16_t port, /* this function should never be called if we're already connected to * id_digest, but check first to be sure */ -/*XXX008 this is getting called, at least by dirservers. */ + /*XXX this is getting called, at least by dirservers. */ conn = connection_get_by_identity_digest(id_digest, CONN_TYPE_OR); if(conn) { tor_assert(conn->nickname); diff --git a/src/or/control.c b/src/or/control.c index 6e558a3365..e935defa74 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -201,7 +201,7 @@ send_control_event(uint16_t event, uint16_t len, const char *body) } } - tor_free(buf); + tor_free(buf); } /** Called when we receive a SETCONF message: parse the body and try @@ -331,18 +331,17 @@ static int handle_control_authenticate(connection_t *conn, uint16_t len, const char *body) { or_options_t *options = get_options(); - if (len == AUTHENTICATION_COOKIE_LEN && - authentication_cookie_is_set && - !memcmp(authentication_cookie, body, len)) { - goto ok; - } - if (options->HashedControlPassword) { + if (options->CookieAuthentication) { + if (len == AUTHENTICATION_COOKIE_LEN && + !memcmp(authentication_cookie, body, len)) { + goto ok; + } + } else if (options->HashedControlPassword) { char expected[S2K_SPECIFIER_LEN+DIGEST_LEN]; char received[DIGEST_LEN]; if (base64_decode(expected,sizeof(expected), options->HashedControlPassword, strlen(options->HashedControlPassword))<0) { - /* XXXX009 NM we should warn sooner. */ log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64"); goto err; } @@ -350,11 +349,13 @@ handle_control_authenticate(connection_t *conn, uint16_t len, const char *body) if (!memcmp(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN)) goto ok; goto err; - } - if (len == 0) { - /* if Tor doesn't demand any stronger authentication, then - * the controller can get in with a blank auth line. */ - goto ok; + } else { + if (len == 0) { + /* if Tor doesn't demand any stronger authentication, then + * the controller can get in with a blank auth line. */ + goto ok; + } + goto err; } err: @@ -577,11 +578,12 @@ control_event_logmsg(int severity, const char *msg) * Anybody who can read the cookie from disk will be considered * authorized to use the control connection. */ int -init_cookie_authentication(void) +init_cookie_authentication(int enabled) { char fname[512]; - /* XXXX009 NM add config option to disable this. */ + if (!enabled) + authentication_cookie_is_set = 0; tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie", get_options()->DataDirectory); diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index dd99a98def..10072f4bf2 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -134,8 +134,8 @@ int connection_cpu_process_inbuf(connection_t *conn) { /* parse out the circ it was talking about */ tag_unpack(buf, &addr, &port, &circ_id); circ = NULL; - /* XXXX This is actually right: we want a specific port here in - * case there are multiple connections. */ + /* (This is actually right: we want a specific port here in + * case there are multiple connections.) */ p_conn = connection_exact_get_by_addr_port(addr,port); if(p_conn) circ = circuit_get_by_circ_id_conn(circ_id, p_conn); diff --git a/src/or/directory.c b/src/or/directory.c index 8d11cbf87a..7649d0fd0e 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -31,20 +31,23 @@ static void directory_initiate_command_router(routerinfo_t *router, uint8_t purpose, + const char *resource, const char *payload, size_t payload_len); static void directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv, - uint8_t purpose, const char *payload, size_t payload_len); - + uint8_t purpose, const char *resource, + const char *payload, size_t payload_len); static void directory_initiate_command(const char *address, uint32_t addr, uint16_t port, const char *platform, const char *digest, uint8_t purpose, + const char *resource, const char *payload, size_t payload_len); static void directory_send_command(connection_t *conn, const char *platform, - int purpose, const char *payload, size_t payload_len); + int purpose, const char *resource, + const char *payload, size_t payload_len); static int directory_handle_command(connection_t *conn); /********* START VARIABLES **********/ @@ -136,7 +139,8 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload, if (!smartlist_string_isin(get_options()->FirewallPorts, buf)) continue; } - directory_initiate_command_trusted_dir(ds, purpose, payload, payload_len); + directory_initiate_command_trusted_dir(ds, purpose, NULL, + payload, payload_len); }); } @@ -146,8 +150,7 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload, * 'DIR_PURPOSE_FETCH_DIR' or 'DIR_PURPOSE_FETCH_RENDDESC'. */ void -directory_get_from_dirserver(uint8_t purpose, const char *payload, - size_t payload_len) +directory_get_from_dirserver(uint8_t purpose, const char *resource) { routerinfo_t *r = NULL; trusted_dir_server_t *ds = NULL; @@ -171,9 +174,9 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload, } if (r) - directory_initiate_command_router(r, purpose, payload, payload_len); + directory_initiate_command_router(r, purpose, resource, NULL, 0); else if (ds) - directory_initiate_command_trusted_dir(ds, purpose, payload, payload_len); + directory_initiate_command_trusted_dir(ds, purpose, resource, NULL, 0); else log_fn(LOG_WARN,"No running dirservers known. Not trying. (purpose %d)", purpose); } @@ -184,30 +187,42 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload, * DIR_PURPOSE_{FETCH|UPLOAD}_{DIR|RENDDESC}. * * When uploading, <b>payload</b> and <b>payload_len</b> determine the content - * of the HTTP post. When fetching a rendezvous descriptor, <b>payload</b> - * and <b>payload_len</b> are the service ID we want to fetch. + * of the HTTP post. Otherwise, <b>payload</b> should be NULL. + * + * When fetching a rendezvous descriptor, <b>resource</b> is the service ID we + * want to fetch. */ static void directory_initiate_command_router(routerinfo_t *router, uint8_t purpose, + const char *resource, const char *payload, size_t payload_len) { directory_initiate_command(router->address, router->addr, router->dir_port, router->platform, router->identity_digest, - purpose, payload, payload_len); + purpose, resource, payload, payload_len); } +/** As directory_initiate_command_router, but send the command to a trusted + * directory server <b>dirserv</b>. **/ static void directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv, - uint8_t purpose, const char *payload, size_t payload_len) + uint8_t purpose, const char *resource, + const char *payload, size_t payload_len) { directory_initiate_command(dirserv->address, dirserv->addr,dirserv->dir_port, - NULL, dirserv->digest, purpose, payload, payload_len); + NULL, dirserv->digest, purpose, resource, payload, payload_len); } +/** Helper for directory_initiate_command(router|trusted_dir): send the + * command to a server whose address is <b>address</b>, whose IP is + * <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version is + * <b>platform</b>, and whose identity key digest is <b>digest</b>. The + * <b>platform</b> argument is optional; the others are required. */ static void directory_initiate_command(const char *address, uint32_t addr, uint16_t dir_port, const char *platform, const char *digest, uint8_t purpose, + const char *resource, const char *payload, size_t payload_len) { connection_t *conn; @@ -267,7 +282,7 @@ directory_initiate_command(const char *address, uint32_t addr, if(purpose == DIR_PURPOSE_FETCH_DIR && !all_trusted_directory_servers_down()) { log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->address); - directory_get_from_dirserver(purpose, payload, payload_len); + directory_get_from_dirserver(purpose, NULL); } connection_free(conn); return; @@ -276,8 +291,8 @@ directory_initiate_command(const char *address, uint32_t addr, /* fall through */ case 0: /* queue the command on the outbuf */ - directory_send_command(conn, platform, purpose, payload, payload_len); - + directory_send_command(conn, platform, purpose, resource, + payload, payload_len); connection_watch_events(conn, POLLIN | POLLOUT | POLLERR); /* writable indicates finish, readable indicates broken link, error indicates broken link in windowsland. */ @@ -297,18 +312,19 @@ directory_initiate_command(const char *address, uint32_t addr, conn->state = DIR_CONN_STATE_CLIENT_SENDING; connection_add(conn); /* queue the command on the outbuf */ - directory_send_command(conn, platform, purpose, payload, payload_len); + directory_send_command(conn, platform, purpose, resource, + payload, payload_len); connection_watch_events(conn, POLLIN | POLLOUT | POLLERR); } } -/** Queue an appropriate HTTP command on conn-\>outbuf. The args - * <b>purpose</b>, <b>payload</b>, and <b>payload_len</b> are as in +/** Queue an appropriate HTTP command on conn-\>outbuf. The other args as in * directory_initiate_command. */ static void directory_send_command(connection_t *conn, const char *platform, - int purpose, const char *payload, size_t payload_len) { + int purpose, const char *resource, + const char *payload, size_t payload_len) { char tmp[8192]; char proxystring[128]; char hoststring[128]; @@ -335,42 +351,40 @@ directory_send_command(connection_t *conn, const char *platform, switch(purpose) { case DIR_PURPOSE_FETCH_DIR: - tor_assert(payload == NULL); + tor_assert(!resource); + tor_assert(!payload); log_fn(LOG_DEBUG, "Asking for %scompressed directory from server running %s", use_newer?"":"un", platform?platform:"<unknown version>"); httpcommand = "GET"; strlcpy(url, use_newer ? "/tor/dir.z" : "/", sizeof(url)); break; case DIR_PURPOSE_FETCH_RUNNING_LIST: - tor_assert(payload == NULL); + tor_assert(!resource); + tor_assert(!payload); httpcommand = "GET"; strlcpy(url, use_newer ? "/tor/running-routers" : "/running-routers", sizeof(url)); break; case DIR_PURPOSE_UPLOAD_DIR: + tor_assert(!resource); tor_assert(payload); httpcommand = "POST"; strlcpy(url, use_newer ? "/tor/" : "/", sizeof(url)); break; case DIR_PURPOSE_FETCH_RENDDESC: - tor_assert(payload); + tor_assert(resource); + tor_assert(!payload); /* this must be true or we wouldn't be doing the lookup */ - tor_assert(payload_len <= REND_SERVICE_ID_LEN); + tor_assert(strlen(payload) <= REND_SERVICE_ID_LEN); /* This breaks the function abstraction. */ - memcpy(conn->rend_query, payload, payload_len); - conn->rend_query[payload_len] = 0; + strlcpy(conn->rend_query, resource, sizeof(conn->rend_query)); httpcommand = "GET"; - tor_snprintf(url, sizeof(url), "%s/rendezvous/%s", use_newer ? "/tor" : "", payload); - - /* XXX We're using payload here to mean something other than - * payload of the http post. This is probably bad, and should - * be fixed one day. Kludge for now to make sure we don't post more. */ - payload_len = 0; - payload = NULL; + tor_snprintf(url, sizeof(url), "%s/rendezvous/%s", use_newer ? "/tor" : "", resource); break; case DIR_PURPOSE_UPLOAD_RENDDESC: + tor_assert(!resource); tor_assert(payload); httpcommand = "POST"; tor_snprintf(url, sizeof(url), "%s/rendezvous/publish", use_newer ? "/tor" : ""); @@ -439,15 +453,13 @@ parse_http_url(char *headers, char **url) /** Parse an HTTP response string <b>headers</b> of the form * "HTTP/1.\%d \%d\%s\r\n...". - * If it's well-formed, assign *<b>code</b>, point *<b>message</b> to the first - * non-space character after code if there is one and message is non-NULL - * (else leave it alone), and return 0. + * If it's well-formed, assign *<b>code</b>, point and return 0. * If <b>date</b> is provided, set *date to the Date header in the * http headers, or 0 if no such header is found. * Otherwise, return -1. */ static int -parse_http_response(char *headers, int *code, char **message, time_t *date, +parse_http_response(const char *headers, int *code, time_t *date, int *compression) { int n1, n2; @@ -465,9 +477,7 @@ parse_http_response(char *headers, int *code, char **message, time_t *date, return -1; } *code = n2; - if(message) { - /* XXX should set *message correctly */ - } + parsed_headers = smartlist_create(); smartlist_split_string(parsed_headers, headers, "\n", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1); @@ -535,7 +545,7 @@ connection_dir_client_reached_eof(connection_t *conn) /* case 1, fall through */ } - if(parse_http_response(headers, &status_code, NULL, &date_header, + if(parse_http_response(headers, &status_code, &date_header, &compression) < 0) { log_fn(LOG_WARN,"Unparseable headers. Closing."); tor_free(body); tor_free(headers); @@ -769,7 +779,7 @@ directory_handle_command_get(connection_t *conn, char *headers, if(!strcmp(url,"/tor/running-routers")) { /* running-routers fetch */ tor_free(url); if(!authdir_mode(get_options())) { - /* XXX008 for now, we don't cache running-routers. Reject. */ + /* For now, we don't cache running-routers. Reject. */ connection_write_to_buf(answer400, strlen(answer400), conn); return 0; } diff --git a/src/or/dns.c b/src/or/dns.c index 7ec68846a3..8e6dfca5e1 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -169,6 +169,22 @@ static void send_resolved_cell(connection_t *conn, uint8_t answer_type) conn->cpath_layer); } +/** Link <b>r</b> into the tree of address-to-result mappings, and add it to + * the linked list of resolves-by-age. */ +static void +insert_resolve(struct cached_resolve *r) +{ + /* add us to the linked list of resolves */ + if (!oldest_cached_resolve) { + oldest_cached_resolve = r; + } else { + newest_cached_resolve->next = r; + } + newest_cached_resolve = r; + + SPLAY_INSERT(cache_tree, &cache_root, r); +} + /** See if we have a cache entry for <b>exitconn</b>-\>address. if so, * if resolve valid, put it into <b>exitconn</b>-\>addr and return 1. * If resolve failed, return -1. @@ -243,15 +259,7 @@ int dns_resolve(connection_t *exitconn) { resolve->pending_connections = pending_connection; exitconn->state = EXIT_CONN_STATE_RESOLVING; - /* add us to the linked list of resolves */ - if (!oldest_cached_resolve) { - oldest_cached_resolve = resolve; - } else { - newest_cached_resolve->next = resolve; - } - newest_cached_resolve = resolve; - - SPLAY_INSERT(cache_tree, &cache_root, resolve); + insert_resolve(resolve); return assign_to_dnsworker(exitconn); } @@ -453,9 +461,13 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) { resolve = SPLAY_FIND(cache_tree, &cache_root, &search); if(!resolve) { - log_fn(LOG_INFO,"Resolved unasked address '%s'? Dropping.", address); - /* XXX Why drop? Just because we don't care now doesn't mean we shouldn't - * XXX cache the result for later. */ + log_fn(LOG_INFO,"Resolved unasked address '%s'; caching anyway.", address); + resolve = tor_malloc_zero(sizeof(struct cached_resolve)); + resolve->state = (outcome == DNS_RESOLVE_SUCCEEDED) ? + CACHE_STATE_VALID : CACHE_STATE_FAILED; + resolve->addr = addr; + resolve->expire = time(NULL) + MAX_DNS_ENTRY_AGE; + insert_resolve(resolve); return; } @@ -473,7 +485,7 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) { * resolve X.Y.Z. */ /* tor_assert(resolve->state == CACHE_STATE_PENDING); */ - resolve->addr = ntohl(addr); + resolve->addr = addr; if(outcome == DNS_RESOLVE_SUCCEEDED) resolve->state = CACHE_STATE_VALID; else @@ -586,7 +598,7 @@ int connection_dns_process_inbuf(connection_t *conn) { tor_assert(success >= DNS_RESOLVE_FAILED_TRANSIENT); tor_assert(success <= DNS_RESOLVE_SUCCEEDED); - dns_found_answer(conn->address, addr, success); + dns_found_answer(conn->address, ntohl(addr), success); tor_free(conn->address); conn->address = tor_strdup("<idle>"); @@ -667,7 +679,7 @@ static int dnsworker_main(void *data) { result = -1; switch (result) { case 1: -/* XXX008 result can never be 1, because we set it to -1 above on error */ + /* XXX result can never be 1, because we set it to -1 above on error */ log_fn(LOG_INFO,"Could not resolve dest addr %s (transient).",address); answer[0] = DNS_RESOLVE_FAILED_TRANSIENT; break; diff --git a/src/or/hibernate.c b/src/or/hibernate.c index 0eebd74fe3..186ea314fa 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -35,6 +35,10 @@ static int hibernate_state = HIBERNATE_STATE_LIVE; * aren't hibernating. */ static time_t hibernate_end_time = 0; +typedef enum { + UNIT_MONTH, UNIT_WEEK, UNIT_DAY, +} time_unit_t; + /* Fields for accounting logic. Accounting overview: * * Accounting is designed to ensure that no more than N bytes are sent @@ -196,6 +200,7 @@ update_expected_bandwidth(void) uint32_t max_configured = (get_options()->BandwidthRateBytes * 60); /* XXX max_configured will be false if it exceeds * get_options()->AccountingMaxKB*1000, right? -RD + * XXX Huh? Why? How? -NM */ if (n_seconds_active_in_interval < 1800) { diff --git a/src/or/main.c b/src/or/main.c index 4af4c818a4..8402a68383 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -441,7 +441,7 @@ static int decide_if_publishable_server(time_t now) { if(!options->ORPort) return 0; - /* XXX008 for now, you're only a server if you're a server */ + /* XXX for now, you're only a server if you're a server */ return server_mode(options); /* here, determine if we're reachable */ @@ -568,7 +568,7 @@ static void run_scheduled_events(time_t now) { router_retry_connections(); } - directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0); + directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL); if(!we_are_hibernating()) { /* Force an upload of our rend descriptors every DirFetchPostPeriod seconds. */ @@ -710,7 +710,7 @@ static int do_hup(void) { } } /* Fetch a new directory. Even authdirservers do this. */ - directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0); + directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL); if(server_mode(options)) { /* Restart cpuworker and dnsworker processes, so they get up-to-date * configuration options. */ @@ -750,7 +750,7 @@ static int do_main_loop(void) { stats_prev_global_read_bucket = global_read_bucket; stats_prev_global_write_bucket = global_write_bucket; -/*XXX move to options_act? */ + /*XXX009 move to options_act? */ /* Set up accounting */ if (get_options()->AccountingMaxKB) configure_accounting(time(NULL)); @@ -958,7 +958,6 @@ static int network_init(void) log_fn(LOG_WARN,"Error initializing windows network layer: code was %d",r); return -1; } - /* XXXX We should call WSACleanup on exit, I think. */ #endif return 0; } @@ -967,7 +966,8 @@ static int network_init(void) */ static void exit_function(void) { -/* XXX if we ever daemonize, this gets called immediately */ + /* NOTE: If we ever daemonize, this gets called immediately. That's + * okay for now, because we only use this on Windows. */ #ifdef MS_WINDOWS WSACleanup(); #endif diff --git a/src/or/or.h b/src/or/or.h index b5cb1b639a..1008fd3499 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -965,6 +965,8 @@ typedef struct { * hibernate." */ char *HashedControlPassword; /**< Base64-encoded hash of a password for * the control system. */ + int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for + * the control system? */ } or_options_t; #define MAX_SOCKS_REPLY_LEN 1024 @@ -1265,7 +1267,7 @@ int control_event_or_conn_status(connection_t *conn, or_conn_status_event_t e); int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written); void control_event_logmsg(int severity, const char *msg); -int init_cookie_authentication(void); +int init_cookie_authentication(int enabled); /********************************* cpuworker.c *****************************/ @@ -1281,8 +1283,7 @@ int assign_to_cpuworker(connection_t *cpuworker, unsigned char question_type, int dir_policy_permits_address(uint32_t addr); void directory_post_to_dirservers(uint8_t purpose, const char *payload, size_t payload_len); -void directory_get_from_dirserver(uint8_t purpose, const char *payload, - size_t payload_len); +void directory_get_from_dirserver(uint8_t purpose, const char *resource); int connection_dir_process_inbuf(connection_t *conn); int connection_dir_finished_flushing(connection_t *conn); int connection_dir_finished_connecting(connection_t *conn); diff --git a/src/or/rendclient.c b/src/or/rendclient.c index b95d0cb794..d4bd9f6bfe 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -246,8 +246,7 @@ rend_client_refetch_renddesc(const char *query) log_fn(LOG_INFO,"Would fetch a new renddesc here (for %s), but one is already in progress.", query); } else { /* not one already; initiate a dir rend desc lookup */ - directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC, - query, strlen(query)); + directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC, query); } } diff --git a/src/or/rephist.c b/src/or/rephist.c index bd1adcf473..c42a78944c 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -176,7 +176,7 @@ void rep_hist_note_connection_died(const char* id, time_t when) { or_history_t *hist; if(!id) { - /* XXXX008 not so. */ + /* XXXX009 Well, everybody has an ID now. Hm. */ /* If conn has no nickname, it's either an OP, or it is an OR * which didn't complete its handshake (or did and was unapproved). * Ignore it. |