summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2004-07-02 23:40:03 +0000
committerNick Mathewson <nickm@torproject.org>2004-07-02 23:40:03 +0000
commit7d8de8cd1041ed84f1073c55aa588de88bcd23c3 (patch)
treef043895ee9396a6b93dd382a23f6ae1137f61192
parentd58d4c0db685da2d6575c4bc0a0136a231c29cf9 (diff)
downloadtor-7d8de8cd1041ed84f1073c55aa588de88bcd23c3.tar.gz
tor-7d8de8cd1041ed84f1073c55aa588de88bcd23c3.zip
More digest/nickname fixes
svn:r2000
-rw-r--r--doc/TODO3
-rw-r--r--src/common/crypto.c3
-rw-r--r--src/or/circuitbuild.c52
-rw-r--r--src/or/circuitlist.c6
-rw-r--r--src/or/circuituse.c41
-rw-r--r--src/or/connection.c7
-rw-r--r--src/or/connection_or.c2
-rw-r--r--src/or/directory.c2
-rw-r--r--src/or/or.h12
-rw-r--r--src/or/rendclient.c16
-rw-r--r--src/or/rendservice.c22
-rw-r--r--src/or/router.c1
-rw-r--r--src/or/routerlist.c57
-rw-r--r--src/or/routerparse.c4
-rw-r--r--src/or/test.c11
15 files changed, 162 insertions, 77 deletions
diff --git a/doc/TODO b/doc/TODO
index 47a1b0bffc..d98b1bf414 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -54,8 +54,9 @@ NICK pre1:
o extend cells need ip:port:identitykeyhash.
. Lookup routers and connections by key digest; accept hex
key digest in place of nicknames.
- - Audit all uses of lookup-by-hostname and lookup-by-addr-port
+ . Audit all uses of lookup-by-hostname and lookup-by-addr-port
to search by digest when appropriate.
+ - Rep-hist functions
- also use this in intro points and rendezvous points, and
hidserv descs. [XXXX This isn't enough.]
- figure out what to do about ip:port:differentkey
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 93a4738cff..b8882cf21f 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1448,7 +1448,7 @@ int base16_encode(char *dest, int destlen, const char *src, int srclen)
++src;
cp += 2;
}
- *dest = '\0';
+ *cp = '\0';
return 0;
}
@@ -1484,6 +1484,7 @@ int base16_decode(char *dest, int destlen, const char *src, int srclen)
return -1;
*(uint8_t*)dest = (v1<<4)|v2;
++dest;
+ src+=2;
}
*dest = '\0';
return 0;
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index bb31deb79a..c063a6f61b 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -21,7 +21,7 @@ extern circuit_t *global_circuitlist;
static int
circuit_deliver_create_cell(circuit_t *circ, char *payload);
static cpath_build_state_t *
-onion_new_cpath_build_state(uint8_t purpose, const char *exit_nickname);
+onion_new_cpath_build_state(uint8_t purpose, const char *exit_digest);
static int
onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
*state, routerinfo_t **router_out);
@@ -75,7 +75,7 @@ void circuit_log_path(int severity, circuit_t *circ) {
tor_assert(CIRCUIT_IS_ORIGIN(circ) && circ->cpath);
snprintf(s, sizeof(buf)-1, "circ (length %d, exit %s): ",
- circ->build_state->desired_path_len, circ->build_state->chosen_exit);
+ circ->build_state->desired_path_len, circ->build_state->chosen_exit_name);
hop=circ->cpath;
do {
s = buf + strlen(buf);
@@ -148,7 +148,7 @@ circuit_dump_details(int severity, circuit_t *circ, int poll_index,
if(CIRCUIT_IS_ORIGIN(circ)) { /* circ starts at this node */
if(circ->state == CIRCUIT_STATE_BUILDING)
log(severity,"Building: desired len %d, planned exit node %s.",
- circ->build_state->desired_path_len, circ->build_state->chosen_exit);
+ circ->build_state->desired_path_len, circ->build_state->chosen_exit_name);
for(hop=circ->cpath;hop->next != circ->cpath; hop=hop->next)
log(severity,"hop: state %d, addr 0x%.8x, port %d", hop->state,
(unsigned int)hop->addr,
@@ -185,7 +185,7 @@ void circuit_dump_by_conn(connection_t *conn, int severity) {
}
}
-/** Build a new circuit for <b>purpose</b>. If <b>exit_nickname</b>
+/** Build a new circuit for <b>purpose</b>. If <b>exit_digest</b>
* is defined, then use that as your exit router, else choose a suitable
* exit node.
*
@@ -193,14 +193,14 @@ void circuit_dump_by_conn(connection_t *conn, int severity) {
* it's not open already.
*/
circuit_t *circuit_establish_circuit(uint8_t purpose,
- const char *exit_nickname) {
+ const char *exit_digest) {
routerinfo_t *firsthop;
connection_t *n_conn;
circuit_t *circ;
circ = circuit_new(0, NULL); /* sets circ->p_circ_id and circ->p_conn */
circ->state = CIRCUIT_STATE_OR_WAIT;
- circ->build_state = onion_new_cpath_build_state(purpose, exit_nickname);
+ circ->build_state = onion_new_cpath_build_state(purpose, exit_digest);
circ->purpose = purpose;
if (! circ->build_state) {
@@ -302,6 +302,10 @@ circuit_deliver_create_cell(circuit_t *circ, char *payload) {
tor_assert(circ && circ->n_conn && circ->n_conn->type == CONN_TYPE_OR);
tor_assert(payload);
+ /* XXXX008 How can we keep a good upgrade path here? We should
+ * compare keys, not nicknames...but older servers will compare nicknames.
+ * Should we check server version from the most recent directory? Hm.
+ */
circ_id_type = decide_circ_id_type(options.Nickname,
circ->n_conn->nickname);
circ->n_circ_id = get_unique_circ_id_by_conn(circ->n_conn, circ_id_type);
@@ -345,7 +349,7 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
if(circ->cpath->state == CPATH_STATE_CLOSED) {
log_fn(LOG_DEBUG,"First skin; sending create cell.");
- router = router_get_by_nickname(circ->n_conn->nickname);
+ router = router_get_by_digest(circ->n_conn->identity_digest);
if (!router) {
log_fn(LOG_WARN,"Couldn't find routerinfo for %s",
circ->n_conn->nickname);
@@ -945,22 +949,29 @@ static routerinfo_t *choose_good_exit_server(uint8_t purpose, routerlist_t *dir)
* return it.
*/
static cpath_build_state_t *
-onion_new_cpath_build_state(uint8_t purpose, const char *exit_nickname)
+onion_new_cpath_build_state(uint8_t purpose, const char *exit_digest)
{
routerlist_t *rl;
int r;
cpath_build_state_t *info;
routerinfo_t *exit;
-
router_get_routerlist(&rl);
r = new_route_len(options.PathlenCoinWeight, purpose, rl->routers);
if (r < 0)
return NULL;
info = tor_malloc_zero(sizeof(cpath_build_state_t));
info->desired_path_len = r;
- if(exit_nickname) { /* the circuit-builder pre-requested one */
- log_fn(LOG_INFO,"Using requested exit node '%s'", exit_nickname);
- info->chosen_exit = tor_strdup(exit_nickname);
+ if(exit_digest) { /* the circuit-builder pre-requested one */
+ memcpy(info->chosen_exit_digest, exit_digest, DIGEST_LEN);
+ exit = router_get_by_digest(exit_digest);
+ if (exit) {
+ info->chosen_exit_name = tor_strdup(exit->nickname);
+ } else {
+ info->chosen_exit_name = tor_malloc(HEX_DIGEST_LEN+1);
+ base16_encode(info->chosen_exit_name, HEX_DIGEST_LEN+1,
+ exit_digest, DIGEST_LEN);
+ }
+ log_fn(LOG_INFO,"Using requested exit node '%s'", info->chosen_exit_name);
} else { /* we have to decide one */
exit = choose_good_exit_server(purpose, rl);
if(!exit) {
@@ -968,7 +979,8 @@ onion_new_cpath_build_state(uint8_t purpose, const char *exit_nickname)
tor_free(info);
return NULL;
}
- info->chosen_exit = tor_strdup(exit->nickname);
+ memcpy(info->chosen_exit_digest, exit->identity_digest, DIGEST_LEN);
+ info->chosen_exit_name = tor_strdup(exit->nickname);
}
return info;
}
@@ -1091,12 +1103,12 @@ onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
if(cur_len == state->desired_path_len - 1) { /* Picking last node */
log_fn(LOG_DEBUG, "Contemplating last hop: choice already made: %s",
- state->chosen_exit);
- choice = router_get_by_nickname(state->chosen_exit);
+ state->chosen_exit_name);
+ choice = router_get_by_digest(state->chosen_exit_digest);
smartlist_free(excludednodes);
if(!choice) {
log_fn(LOG_WARN,"Our chosen exit %s is no longer in the directory? Discarding this circuit.",
- state->chosen_exit);
+ state->chosen_exit_name);
return -1;
}
} else if(cur_len == 0) { /* picking first node */
@@ -1104,7 +1116,7 @@ onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
sl = smartlist_create();
add_nickname_list_to_smartlist(sl,options.EntryNodes);
/* XXX one day, consider picking chosen_exit knowing what's in EntryNodes */
- remove_twins_from_smartlist(sl,router_get_by_nickname(state->chosen_exit));
+ remove_twins_from_smartlist(sl,router_get_by_digest(state->chosen_exit_digest));
remove_twins_from_smartlist(sl,router_get_my_routerinfo());
smartlist_subtract(sl,excludednodes);
choice = smartlist_choose(sl);
@@ -1112,7 +1124,7 @@ onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
if(!choice) {
sl = smartlist_create();
router_add_running_routers_to_smartlist(sl);
- remove_twins_from_smartlist(sl,router_get_by_nickname(state->chosen_exit));
+ remove_twins_from_smartlist(sl,router_get_by_digest(state->chosen_exit_digest));
remove_twins_from_smartlist(sl,router_get_my_routerinfo());
smartlist_subtract(sl,excludednodes);
choice = smartlist_choose(sl);
@@ -1127,7 +1139,7 @@ onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
log_fn(LOG_DEBUG, "Contemplating intermediate hop: random choice.");
sl = smartlist_create();
router_add_running_routers_to_smartlist(sl);
- remove_twins_from_smartlist(sl,router_get_by_nickname(state->chosen_exit));
+ remove_twins_from_smartlist(sl,router_get_by_digest(state->chosen_exit_digest));
remove_twins_from_smartlist(sl,router_get_my_routerinfo());
for (i = 0, cpath = *head_ptr; i < cur_len; ++i, cpath=cpath->next) {
r = router_get_by_digest(cpath->identity_digest);
@@ -1145,7 +1157,7 @@ onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t
}
log_fn(LOG_DEBUG,"Chose router %s for hop %d (exit is %s)",
- choice->nickname, cur_len, state->chosen_exit);
+ choice->nickname, cur_len, state->chosen_exit_name);
hop = tor_malloc_zero(sizeof(crypt_path_t));
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index f1280c4d71..3090e78b37 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -113,7 +113,7 @@ static void circuit_free(circuit_t *circ) {
if (circ->p_digest)
crypto_free_digest_env(circ->p_digest);
if(circ->build_state) {
- tor_free(circ->build_state->chosen_exit);
+ tor_free(circ->build_state->chosen_exit_name);
if (circ->build_state->pending_final_cpath)
circuit_free_cpath_node(circ->build_state->pending_final_cpath);
}
@@ -361,8 +361,8 @@ int _circuit_mark_for_close(circuit_t *circ) {
tor_assert(circ->state == CIRCUIT_STATE_OPEN);
/* treat this like getting a nack from it */
log_fn(LOG_INFO,"Failed intro circ %s to %s (awaiting ack). Removing from descriptor.",
- circ->rend_query, circ->build_state->chosen_exit);
- rend_client_remove_intro_point(circ->build_state->chosen_exit, circ->rend_query);
+ circ->rend_query, circ->build_state->chosen_exit_name);
+ rend_client_remove_intro_point(circ->build_state->chosen_exit_name, circ->rend_query);
}
if(circ->n_conn)
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 3b9e2e9645..9b971f599e 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -66,7 +66,7 @@ static int circuit_is_acceptable(circuit_t *circ,
* circuit, it's the magical extra bob hop. so just check the nickname
* of the one we meant to finish at.
*/
- exitrouter = router_get_by_nickname(circ->build_state->chosen_exit);
+ exitrouter = router_get_by_digest(circ->build_state->chosen_exit_digest);
if(!exitrouter) {
log_fn(LOG_INFO,"Skipping broken circ (exit router vanished)");
@@ -201,12 +201,12 @@ void circuit_expire_building(time_t now) {
if(!victim->timestamp_dirty)
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d). (clean).",
victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
- victim->purpose, victim->build_state->chosen_exit,
+ victim->purpose, victim->build_state->chosen_exit_name,
victim->n_circ_id);
else
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d). %d secs since dirty.",
victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
- victim->purpose, victim->build_state->chosen_exit,
+ victim->purpose, victim->build_state->chosen_exit_name,
victim->n_circ_id,
(int)(now - victim->timestamp_dirty));
}
@@ -266,7 +266,7 @@ int circuit_stream_is_being_handled(connection_t *conn) {
!circ->marked_for_close && circ->purpose == CIRCUIT_PURPOSE_C_GENERAL &&
(!circ->timestamp_dirty ||
circ->timestamp_dirty + options.NewCircuitPeriod < now)) {
- exitrouter = router_get_by_nickname(circ->build_state->chosen_exit);
+ exitrouter = router_get_by_digest(circ->build_state->chosen_exit_digest);
if(exitrouter && connection_ap_can_use_exit(conn, exitrouter) != ADDR_POLICY_REJECTED)
if(++num >= MIN_CIRCUITS_HANDLING_STREAM)
return 1;
@@ -305,7 +305,7 @@ void circuit_build_needed_circs(time_t now) {
if(options.RunTesting && circ &&
circ->timestamp_created + TESTING_CIRCUIT_INTERVAL < now) {
log_fn(LOG_INFO,"Creating a new testing circuit.");
- circuit_launch_new(CIRCUIT_PURPOSE_C_GENERAL, NULL);
+ circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL);
}
}
@@ -318,7 +318,7 @@ void circuit_build_needed_circs(time_t now) {
* go ahead and try another. */
if(!circ && circuit_count_building(CIRCUIT_PURPOSE_C_GENERAL)
< CIRCUIT_MIN_BUILDING_GENERAL) {
- circuit_launch_new(CIRCUIT_PURPOSE_C_GENERAL, NULL);
+ circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL);
}
/* XXX count idle rendezvous circs and build more */
@@ -565,10 +565,10 @@ void circuit_build_failed(circuit_t *circ) {
/* Don't increment failure count, since Alice may have picked
* the rendezvous point maliciously */
if (failed_at_last_hop) {
- log_fn(LOG_INFO,"Couldn't connect to Alice's chosen rend point %s. Sucks to be Alice.", circ->build_state->chosen_exit);
+ log_fn(LOG_INFO,"Couldn't connect to Alice's chosen rend point %s. Sucks to be Alice.", circ->build_state->chosen_exit_name);
} else {
log_fn(LOG_INFO,"Couldn't connect to Alice's chosen rend point %s, because an earlier node failed.",
- circ->build_state->chosen_exit);
+ circ->build_state->chosen_exit_name);
rend_service_relaunch_rendezvous(circ);
}
break;
@@ -588,9 +588,8 @@ static int n_circuit_failures = 0;
* success. */
#define MAX_CIRCUIT_FAILURES 5
-/** Launch a new circuit and return a pointer to it. Return NULL if you failed. */
-circuit_t *circuit_launch_new(uint8_t purpose, const char *exit_nickname) {
-
+circuit_t *circuit_launch_by_identity(uint8_t purpose, const char *exit_digest)
+{
if (n_circuit_failures > MAX_CIRCUIT_FAILURES) {
/* too many failed circs in a row. don't try. */
// log_fn(LOG_INFO,"%d failures so far, not trying.",n_circuit_failures);
@@ -598,7 +597,23 @@ circuit_t *circuit_launch_new(uint8_t purpose, const char *exit_nickname) {
}
/* try a circ. if it fails, circuit_mark_for_close will increment n_circuit_failures */
- return circuit_establish_circuit(purpose, exit_nickname);
+ return circuit_establish_circuit(purpose, exit_digest);
+}
+
+/** Launch a new circuit and return a pointer to it. Return NULL if you failed. */
+circuit_t *circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname)
+{
+ const char *digest = NULL;
+
+ if (exit_nickname) {
+ routerinfo_t *r = router_get_by_nickname(exit_nickname);
+ if (!r) {
+ log_fn(LOG_WARN, "No such OR as '%s'", exit_nickname);
+ return NULL;
+ }
+ digest = r->identity_digest;
+ }
+ return circuit_launch_by_identity(purpose, digest);
}
/** Record another failure at opening a general circuit. When we have
@@ -682,7 +697,7 @@ circuit_get_open_circ_or_launch(connection_t *conn,
else
new_circ_purpose = desired_circuit_purpose;
- circ = circuit_launch_new(new_circ_purpose, exitname);
+ circ = circuit_launch_by_nickname(new_circ_purpose, exitname);
tor_free(exitname);
if(circ &&
diff --git a/src/or/connection.c b/src/or/connection.c
index 9b7b284954..00ef5ab95f 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -712,7 +712,7 @@ int connection_handle_read(connection_t *conn) {
conn->state == DIR_CONN_STATE_CONNECTING) {
/* it's a directory server and connecting failed: forget about this router */
/* XXX I suspect pollerr may make Windows not get to this point. :( */
- router_mark_as_down(conn->nickname);
+ router_mark_as_down(conn->identity_digest);
}
/* There's a read error; kill the connection.*/
connection_close_immediate(conn); /* Don't flush; connection is dead. */
@@ -828,8 +828,9 @@ int connection_handle_write(connection_t *conn) {
log_fn(LOG_DEBUG,"in-progress connect failed. Removing.");
connection_close_immediate(conn);
connection_mark_for_close(conn);
- if (conn->nickname)
- router_mark_as_down(conn->nickname);
+ /* Previously we tested conn->nickname; is this right? */
+ if (conn->type == CONN_TYPE_OR)
+ router_mark_as_down(conn->identity_digest);
return -1;
} else {
return 0; /* no change, see if next time is better */
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index bc5cd70c45..667a82d92b 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -304,6 +304,8 @@ connection_tls_finish_handshake(connection_t *conn) {
}
log_fn(LOG_DEBUG,"The router's cert is valid.");
+ /* XXXX008 This isn't right; fix this one we launch by identity digest
+ * XXXX008 rather than by nickname */
if (conn->nickname) {
/* I initiated this connection. */
if (strcasecmp(conn->nickname, nickname)) {
diff --git a/src/or/directory.c b/src/or/directory.c
index 0d3ffa072f..432c704f73 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -149,7 +149,7 @@ directory_initiate_command(routerinfo_t *router, uint8_t purpose,
/* then we want to connect directly */
switch(connection_connect(conn, conn->address, conn->addr, conn->port)) {
case -1:
- router_mark_as_down(conn->nickname); /* don't try him again */
+ router_mark_as_down(conn->identity_digest); /* don't try him again */
connection_free(conn);
return;
case 1:
diff --git a/src/or/or.h b/src/or/or.h
index 6011b1bd73..b13a0af2c6 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -674,7 +674,9 @@ typedef struct {
/** Intended length of the final circuit. */
int desired_path_len;
/** Nickname of planned exit node. */
- char *chosen_exit;
+ char *chosen_exit_name;
+ /** Identity of planned exit node. */
+ char chosen_exit_digest[DIGEST_LEN];
/** The crypt_path_t to append after rendezvous: used for rendezvous. */
struct crypt_path_t *pending_final_cpath;
/** How many times has building a circuit for this task failed? */
@@ -919,7 +921,7 @@ void circuit_log_path(int severity, circuit_t *circ);
void circuit_rep_hist_note_result(circuit_t *circ);
void circuit_dump_by_conn(connection_t *conn, int severity);
circuit_t *circuit_establish_circuit(uint8_t purpose,
- const char *exit_nickname);
+ const char *exit_digest);
void circuit_n_conn_done(connection_t *or_conn, int success);
int circuit_send_next_onion_skin(circuit_t *circ);
int circuit_extend(cell_t *cell, circuit_t *circ);
@@ -968,7 +970,8 @@ void circuit_detach_stream(circuit_t *circ, connection_t *conn);
void circuit_about_to_close_connection(connection_t *conn);
void circuit_has_opened(circuit_t *circ);
void circuit_build_failed(circuit_t *circ);
-circuit_t *circuit_launch_new(uint8_t purpose, const char *exit_nickname);
+circuit_t *circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname);
+circuit_t *circuit_launch_by_identity(uint8_t purpose, const char *exit_digest);
void circuit_reset_failure_count(void);
int connection_ap_handshake_attach_circuit(connection_t *conn);
@@ -1346,6 +1349,7 @@ routerinfo_t *router_pick_directory_server(void);
struct smartlist_t;
void add_nickname_list_to_smartlist(struct smartlist_t *sl, const char *list);
void router_add_running_routers_to_smartlist(struct smartlist_t *sl);
+int router_nickname_matches(routerinfo_t *router, const char *nickname);
routerinfo_t *router_choose_random_node(char *preferred, char *excluded,
struct smartlist_t *excludedsmartlist);
routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
@@ -1357,7 +1361,7 @@ void routerlist_free(routerlist_t *routerlist);
void routerlist_clear_trusted_directories(void);
void routerinfo_free(routerinfo_t *router);
routerinfo_t *routerinfo_copy(const routerinfo_t *router);
-void router_mark_as_down(char *nickname);
+void router_mark_as_down(const char *digest);
void routerlist_remove_old_routers(void);
int router_load_routerlist_from_file(char *routerfile, int trusted);
int router_load_routerlist_from_string(const char *s, int trusted);
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 0813849951..aaaf865037 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -90,7 +90,7 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
}
/* write the remaining items into tmp */
- strncpy(tmp, rendcirc->build_state->chosen_exit, (MAX_NICKNAME_LEN+1)); /* nul pads */
+ strncpy(tmp, rendcirc->build_state->chosen_exit_name, (MAX_NICKNAME_LEN+1)); /* nul pads */
memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_cookie, REND_COOKIE_LEN);
if (crypto_dh_get_public(cpath->handshake_state,
tmp+MAX_NICKNAME_LEN+1+REND_COOKIE_LEN,
@@ -164,7 +164,7 @@ rend_client_introduction_acked(circuit_t *circ,
return -1;
}
- tor_assert(circ->build_state->chosen_exit);
+ tor_assert(circ->build_state->chosen_exit_name);
if (request_len == 0) {
/* It's an ACK; the introduction point relayed our introduction request. */
@@ -187,14 +187,15 @@ rend_client_introduction_acked(circuit_t *circ,
* points. If any remain, extend to a new one and try again.
* If none remain, refetch the service descriptor.
*/
- if(rend_client_remove_intro_point(circ->build_state->chosen_exit,
+ if(rend_client_remove_intro_point(circ->build_state->chosen_exit_name,
circ->rend_query) > 0) {
/* There are introduction points left. re-extend the circuit to
* another intro point and try again. */
+ routerinfo_t *r;
nickname = rend_client_get_random_intro(circ->rend_query);
tor_assert(nickname);
- log_fn(LOG_INFO,"Got nack for %s from %s, extending to %s.", circ->rend_query, circ->build_state->chosen_exit, nickname);
- if (!router_get_by_nickname(nickname)) {
+ log_fn(LOG_INFO,"Got nack for %s from %s, extending to %s.", circ->rend_query, circ->build_state->chosen_exit_name, nickname);
+ if (!(r = router_get_by_nickname(nickname))) {
log_fn(LOG_WARN, "Advertised intro point '%s' for %s is not known. Closing.",
nickname, circ->rend_query);
circuit_mark_for_close(circ);
@@ -203,8 +204,9 @@ rend_client_introduction_acked(circuit_t *circ,
log_fn(LOG_INFO, "Chose new intro point %s for %s (circ %d)",
nickname, circ->rend_query, circ->n_circ_id);
circ->state = CIRCUIT_STATE_BUILDING;
- tor_free(circ->build_state->chosen_exit);
- circ->build_state->chosen_exit = tor_strdup(nickname);
+ tor_free(circ->build_state->chosen_exit_name);
+ circ->build_state->chosen_exit_name = tor_strdup(nickname);
+ memcpy(circ->build_state->chosen_exit_digest, r->identity_digest, DIGEST_LEN);
++circ->build_state->desired_path_len;
if (circuit_send_next_onion_skin(circ)<0) {
log_fn(LOG_WARN, "Couldn't extend circuit to new intro point.");
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index d10d47c82e..4e3323e903 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -437,7 +437,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
/* Launch a circuit to alice's chosen rendezvous point.
*/
- launched = circuit_launch_new(CIRCUIT_PURPOSE_S_CONNECT_REND, rp_nickname);
+ launched = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_CONNECT_REND, rp_nickname);
log_fn(LOG_INFO,
"Accepted intro; launching circuit to '%s' (cookie %s) for service %s",
rp_nickname, hexcookie, serviceid);
@@ -487,18 +487,18 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
if (!oldcirc->build_state ||
oldcirc->build_state->failure_count > MAX_REND_FAILURES) {
log_fn(LOG_INFO,"Attempt to build circuit to %s for rendezvous has failed too many times; giving up.",
- oldcirc->build_state->chosen_exit);
+ oldcirc->build_state->chosen_exit_name);
return;
}
log_fn(LOG_INFO,"Reattempting rendezvous circuit to %s",
- oldcirc->build_state->chosen_exit);
+ oldcirc->build_state->chosen_exit_name);
- newcirc = circuit_launch_new(CIRCUIT_PURPOSE_S_CONNECT_REND,
- oldcirc->build_state->chosen_exit);
+ newcirc = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_CONNECT_REND,
+ oldcirc->build_state->chosen_exit_name);
if (!newcirc) {
log_fn(LOG_WARN,"Couldn't relaunch rendezvous circuit to %s",
- oldcirc->build_state->chosen_exit);
+ oldcirc->build_state->chosen_exit_name);
return;
}
oldstate = oldcirc->build_state;
@@ -525,7 +525,7 @@ rend_service_launch_establish_intro(rend_service_t *service, const char *nicknam
nickname, service->service_id);
++service->n_intro_circuits_launched;
- launched = circuit_launch_new(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, nickname);
+ launched = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, nickname);
if (!launched) {
log_fn(LOG_WARN, "Can't launch circuit to establish introduction at '%s'",
nickname);
@@ -715,8 +715,8 @@ find_intro_circuit(routerinfo_t *router, const char *pk_digest)
while ((circ = circuit_get_next_by_pk_and_purpose(circ,pk_digest,
CIRCUIT_PURPOSE_S_INTRO))) {
tor_assert(circ->cpath);
- if (circ->build_state->chosen_exit &&
- !strcasecmp(circ->build_state->chosen_exit, router->nickname)) {
+ if (circ->build_state->chosen_exit_name &&
+ !strcasecmp(circ->build_state->chosen_exit_name, router->nickname)) {
return circ;
}
}
@@ -725,8 +725,8 @@ find_intro_circuit(routerinfo_t *router, const char *pk_digest)
while ((circ = circuit_get_next_by_pk_and_purpose(circ,pk_digest,
CIRCUIT_PURPOSE_S_ESTABLISH_INTRO))) {
tor_assert(circ->cpath);
- if (circ->build_state->chosen_exit &&
- !strcasecmp(circ->build_state->chosen_exit, router->nickname)) {
+ if (circ->build_state->chosen_exit_name &&
+ !strcasecmp(circ->build_state->chosen_exit_name, router->nickname)) {
return circ;
}
}
diff --git a/src/or/router.c b/src/or/router.c
index 3a9ee99de5..1786873098 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -394,6 +394,7 @@ int router_compare_to_my_exit_policy(connection_t *conn)
int router_is_me(routerinfo_t *router)
{
tor_assert(router);
+ /* XXXX008 should compare identity instead? */
return options.Nickname && !strcasecmp(router->nickname, options.Nickname);
}
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 9416aafd2a..1c9d83756f 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -207,19 +207,46 @@ routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port) {
return NULL;
}
+/* DOCDOC */
+static INLINE int router_hex_digest_matches(routerinfo_t *router,
+ const char *hexdigest)
+{
+ char digest[DIGEST_LEN];
+ tor_assert(hexdigest);
+ if (hexdigest[0] == '$')
+ ++hexdigest;
+
+ if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
+ return 0;
+ else
+ return (!memcmp(digest, router->identity_digest, DIGEST_LEN));
+}
+
+/* DOCDOC */
+int router_nickname_matches(routerinfo_t *router, const char *nickname)
+{
+ if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
+ return 1;
+ else
+ return router_hex_digest_matches(router, nickname);
+}
+
/** Return the router in our routerlist whose (case-insensitive)
* nickname or (case-sensitive) hexadecimal key digest is
* <b>nickname</b>. Return NULL if no such router is known.
*/
routerinfo_t *router_get_by_nickname(const char *nickname)
{
- int i, maybedigest;
+ int i, maybedigest, mustbedigest;
routerinfo_t *router;
char digest[DIGEST_LEN];
tor_assert(nickname);
if (!routerlist)
return NULL;
+ if (nickname[0] == '$')
+ return router_get_by_hexdigest(nickname);
+
maybedigest = (strlen(nickname) == HEX_DIGEST_LEN) &&
(base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
@@ -242,6 +269,8 @@ routerinfo_t *router_get_by_hexdigest(const char *hexdigest) {
tor_assert(hexdigest);
if (!routerlist)
return NULL;
+ if (hexdigest[0]=='$')
+ ++hexdigest;
if (strlen(hexdigest) != HEX_DIGEST_LEN ||
base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
return NULL;
@@ -326,10 +355,10 @@ void routerlist_free(routerlist_t *rl)
}
/** Mark the router named <b>nickname</b> as non-running in our routerlist. */
-void router_mark_as_down(char *nickname) {
+void router_mark_as_down(const char *digest) {
routerinfo_t *router;
- tor_assert(nickname);
- router = router_get_by_nickname(nickname);
+ tor_assert(digest);
+ router = router_get_by_digest(digest);
if(!router) /* we don't seem to know about him in the first place */
return;
log_fn(LOG_DEBUG,"Marking %s as down.",router->nickname);
@@ -350,6 +379,7 @@ int router_add_to_routerlist(routerinfo_t *router) {
*/
for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
r = smartlist_get(routerlist->routers, i);
+ /* XXXX008 should just compare digests instead. */
if (!strcasecmp(router->nickname, r->nickname)) {
if (!crypto_pk_cmp_keys(router->identity_pkey, r->identity_pkey)) {
if (router->published_on > r->published_on) {
@@ -377,6 +407,8 @@ int router_add_to_routerlist(routerinfo_t *router) {
return -1;
}
} else {
+ /* XXXX008 It's okay to have two keys for a nickname as soon as
+ * all the 007 clients are dead. */
log_fn(LOG_WARN, "Identity key mismatch for router '%s'",
router->nickname);
routerinfo_free(router);
@@ -698,13 +730,16 @@ void routerlist_update_from_runningrouters(routerlist_t *list,
router = smartlist_get(list->routers, i);
for (j=0; j<n_names; ++j) {
name = smartlist_get(rr->running_routers, j);
- if (!strcasecmp(name, router->nickname)) {
- router->is_running = 1;
- break;
- }
- if (*name == '!' && strcasecmp(name+1, router->nickname)) {
- router->is_running = 0;
- break;
+ if (*name != '!') {
+ if (router_nickname_matches(router, name)) {
+ router->is_running = 1;
+ break;
+ }
+ } else { /* *name == '!' */
+ if (router_nickname_matches(router, name)) {
+ router->is_running = 0;
+ break;
+ }
}
}
}
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 90657e6fae..ccf77c9f79 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -539,7 +539,7 @@ static int check_directory_signature(const char *digest,
int
router_parse_list_from_string(const char **s, routerlist_t **dest,
int n_good_nicknames,
- const char **good_nickname_lst)
+ const char **good_nickname_list)
{
routerinfo_t *router;
smartlist_t *routers;
@@ -574,7 +574,7 @@ router_parse_list_from_string(const char **s, routerlist_t **dest,
if (n_good_nicknames>=0) {
router->is_running = 0;
for (i = 0; i < n_good_nicknames; ++i) {
- if (0==strcasecmp(good_nickname_lst[i], router->nickname)) {
+ if (router_nickname_matches(router, good_nickname_list[i])) {
router->is_running = 1;
break;
}
diff --git a/src/or/test.c b/src/or/test.c
index 5ee5866112..4dc9145892 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -420,6 +420,17 @@ test_crypto()
test_eq(i,0);
test_streq(data2, "772w2rfobvomsywe");
+ /* Base16 tests */
+ strcpy(data1, "6chrs\xff");
+ i = base16_encode(data2, 13, data1, 6);
+ test_eq(i,0);
+ test_streq(data2, "3663687273FF");
+
+ strcpy(data1, "f0d678affc000100");
+ i = base16_decode(data2, 8, data1, 16);
+ test_eq(i,0);
+ test_memeq(data2, "\xf0\xd6\x78\xaf\xfc\x00\x01\x00",8);
+
free(data1);
free(data2);
free(data3);