summaryrefslogtreecommitdiff
path: root/src/or/circuitbuild.c
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2007-06-12 09:17:23 +0000
committerRoger Dingledine <arma@torproject.org>2007-06-12 09:17:23 +0000
commitaf658b7828e2ab814d70acbbb99f414dee239def (patch)
tree427b317c28c17c9cd2aa50f32f10b4bf56719afa /src/or/circuitbuild.c
parent622dd4927e1d3044fe34a1ec6c9785e044923953 (diff)
downloadtor-af658b7828e2ab814d70acbbb99f414dee239def.tar.gz
tor-af658b7828e2ab814d70acbbb99f414dee239def.zip
More work towards making bridge users able to connect via bridges:
- demand options->Bridges and options->TunnelDirConns if options->UseBridges is set. - after directory fetches, accept descriptors that aren't referenced by our networkstatuses, *if* they're for a configured bridge. - delay directory fetching until we have at least one bridge descriptor. - learn how to build a one-hop circuit when we have neither routerinfo nor routerstatus for our destination. - teach directory connections how to pick a bridge as the destination directory when doing non-anonymous fetches. - tolerate directory commands for which the dir_port is 0. - remember descriptors when the requested_resource was "authority", rather than just ignoring them. - put bridges on our entry_guards list once we have a descriptor for them. When UseBridges is set, only pick entry guards that are bridges. Else vice versa. svn:r10571
Diffstat (limited to 'src/or/circuitbuild.c')
-rw-r--r--src/or/circuitbuild.c153
1 files changed, 118 insertions, 35 deletions
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index ae25ac50ee..a58c68d190 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -55,7 +55,6 @@ static int onion_extend_cpath(origin_circuit_t *circ);
static int count_acceptable_routers(smartlist_t *routers);
static int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice);
-static routerinfo_t *choose_random_entry(cpath_build_state_t *state);
static void entry_guards_changed(void);
/** Iterate over values of circ_id, starting from conn-\>next_circ_id,
@@ -1581,10 +1580,10 @@ choose_good_middle_server(uint8_t purpose,
/** Pick a good entry server for the circuit to be built according to
* <b>state</b>. Don't reuse a chosen exit (if any), don't use this
* router (if we're an OR), and respect firewall settings; if we're
- * using entry_guards, return one.
+ * configured to use entry guards, return one.
*
- * If <b>state</b> is NULL, we're choosing routers to serve as entry
- * nodes, not for any particular circuit.
+ * If <b>state</b> is NULL, we're choosing a router to serve as an entry
+ * guard, not for any particular circuit.
*/
static routerinfo_t *
choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
@@ -1721,49 +1720,62 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice)
return 0;
}
+/** Allocate a new extend_info object based on the various arguments. */
+extend_info_t *
+extend_info_alloc(const char *nickname, const char *digest,
+ crypto_pk_env_t *onion_key,
+ uint32_t addr, uint16_t port)
+{
+ extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t));
+ memcpy(info->identity_digest, digest, DIGEST_LEN);
+ if (nickname)
+ strlcpy(info->nickname, nickname, sizeof(info->nickname));
+ else {
+ /* make one up */
+ }
+ if (onion_key)
+ info->onion_key = crypto_pk_dup_key(onion_key);
+ info->addr = addr;
+ info->port = port;
+ return info;
+}
+
/** Allocate and return a new extend_info_t that can be used to build a
* circuit to or through the router <b>r</b>. */
extend_info_t *
extend_info_from_router(routerinfo_t *r)
{
- extend_info_t *info;
tor_assert(r);
- info = tor_malloc_zero(sizeof(extend_info_t));
- strlcpy(info->nickname, r->nickname, sizeof(info->nickname));
- memcpy(info->identity_digest, r->cache_info.identity_digest, DIGEST_LEN);
- info->onion_key = crypto_pk_dup_key(r->onion_pkey);
- info->addr = r->addr;
- info->port = r->or_port;
- info->router_purpose = r->purpose;
- return info;
+ return extend_info_alloc(r->nickname, r->cache_info.identity_digest,
+ r->onion_pkey, r->addr, r->or_port);
}
+#if 0
/** What router purpose is <b>digest</b>?
* It's a general purpose router unless it's on our bridges list.
*/
static uint8_t
get_router_purpose_from_digest(char *digest)
{
- (void)digest;
- return ROUTER_PURPOSE_GENERAL; /* XXX020 */
+ if (digest_is_a_bridge(digest))
+ return ROUTER_PURPOSE_BRIDGE;
+ return ROUTER_PURPOSE_GENERAL;
}
+#endif
+#if 0
/** Allocate and return a new extend_info_t that can be used to build a
* circuit to or through the router <b>r</b>. */
extend_info_t *
extend_info_from_routerstatus(routerstatus_t *s)
{
- extend_info_t *info;
tor_assert(s);
- info = tor_malloc_zero(sizeof(extend_info_t));
- strlcpy(info->nickname, s->nickname, sizeof(info->nickname));
- memcpy(info->identity_digest, s->identity_digest, DIGEST_LEN);
- info->onion_key = NULL; /* routerstatus doesn't know this */
- info->addr = s->addr;
- info->port = s->or_port;
- info->router_purpose = get_router_purpose_from_digest(info->identity_digest);
- return info;
+ /* routerstatus doesn't know onion_key; leave it NULL */
+ return extend_info_alloc(s->nickname, s->identity_digest,
+ NULL, s->addr, s->or_port);
+// get_router_purpose_from_digest(s->identity_digest));
}
+#endif
/** Release storage held by an extend_info_t struct. */
void
@@ -1834,7 +1846,9 @@ entry_guard_set_status(entry_guard_t *e, routerinfo_t *ri,
reason = "unlisted";
else if (!ri->is_running)
reason = "down";
- else if (!ri->is_possible_guard &&
+ else if (options->UseBridges && ri->purpose != ROUTER_PURPOSE_BRIDGE)
+ reason = "not a bridge";
+ else if (!options->UseBridges && !ri->is_possible_guard &&
!router_nickname_is_in_list(ri, options->EntryNodes))
reason = "not recommended as a guard";
else if (router_nickname_is_in_list(ri, options->ExcludeNodes))
@@ -1909,6 +1923,10 @@ entry_is_live(entry_guard_t *e, int need_uptime, int need_capacity,
r = router_get_by_digest(e->identity);
if (!r)
return NULL;
+ if (get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_BRIDGE)
+ return NULL;
+ if (!get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_GENERAL)
+ return NULL;
if (router_is_unreliable(r, need_uptime, need_capacity, 0))
return NULL;
if (firewall_is_fascist_or() &&
@@ -2337,18 +2355,33 @@ entry_guards_prepend_from_config(void)
entry_guards_changed();
}
-/** Pick a live (up and listed) entry guard from entry_guards, and
- * make sure not to pick this circuit's exit. */
-static routerinfo_t *
+/** Return 1 if we're fine adding arbitrary routers out of the
+ * directory to our entry guard list. Else return 0. */
+static int
+can_grow_entry_list(or_options_t *options)
+{
+ if (options->StrictEntryNodes)
+ return 0;
+ if (options->UseBridges)
+ return 0;
+ return 1;
+}
+
+/** Pick a live (up and listed) entry guard from entry_guards. If
+ * <b>state</b> is non-NULL, this is for a specific circuit --
+ * make sure not to pick this circuit's exit or any node in the
+ * exit's family. If <b>state</b> is NULL, we're looking for a random
+ * guard (likely a bridge). */
+routerinfo_t *
choose_random_entry(cpath_build_state_t *state)
{
or_options_t *options = get_options();
smartlist_t *live_entry_guards = smartlist_create();
smartlist_t *exit_family = smartlist_create();
- routerinfo_t *chosen_exit = build_state_get_exit_router(state);
+ routerinfo_t *chosen_exit = state?build_state_get_exit_router(state) : NULL;
routerinfo_t *r = NULL;
- int need_uptime = state->need_uptime;
- int need_capacity = state->need_capacity;
+ int need_uptime = state ? state->need_uptime : 0;
+ int need_capacity = state ? state->need_capacity : 0;
if (chosen_exit) {
smartlist_add(exit_family, chosen_exit);
@@ -2361,7 +2394,7 @@ choose_random_entry(cpath_build_state_t *state)
if (should_add_entry_nodes)
entry_guards_prepend_from_config();
- if (!options->StrictEntryNodes &&
+ if (can_grow_entry_list(options) &&
(! entry_guards ||
smartlist_len(entry_guards) < options->NumEntryGuards))
pick_entry_guards();
@@ -2383,7 +2416,7 @@ choose_random_entry(cpath_build_state_t *state)
* using him.
* (We might get 2 live-but-crummy entry guards, but so be it.) */
if (smartlist_len(live_entry_guards) < 2) {
- if (!options->StrictEntryNodes) {
+ if (can_grow_entry_list(options)) {
/* still no? try adding a new entry then */
/* XXX if guard doesn't imply fast and stable, then we need
* to tell add_an_entry_guard below what we want, or it might
@@ -2403,7 +2436,7 @@ choose_random_entry(cpath_build_state_t *state)
need_capacity = 0;
goto retry;
}
- /* live_entry_guards will be empty below. Oh well, we tried. */
+ /* live_entry_guards may be empty below. Oh well, we tried. */
}
r = smartlist_choose(live_entry_guards);
@@ -2641,6 +2674,18 @@ clear_bridge_list(void)
smartlist_clear(bridge_list);
}
+/** Return 1 if <b>digest</b> is one of our known bridges. */
+int
+identity_digest_is_a_bridge(const char *digest)
+{
+ SMARTLIST_FOREACH(bridge_list, bridge_info_t *, bridge,
+ {
+ if (!memcmp(bridge->identity, digest, DIGEST_LEN))
+ return 1;
+ });
+ return 0;
+}
+
/** Remember a new bridge at <b>addr</b>:<b>port</b>. If <b>digest</b>
* is set, it tells us the identity key too. */
void
@@ -2660,7 +2705,7 @@ bridge_add_from_config(uint32_t addr, uint16_t port, char *digest)
* descriptor, fetch a new copy of its descriptor -- either directly
* from the bridge or via a bridge authority. */
void
-learn_bridge_descriptors(void)
+fetch_bridge_descriptors(void)
{
char address_buf[INET_NTOA_BUF_LEN+1];
struct in_addr in;
@@ -2698,3 +2743,41 @@ learn_bridge_descriptors(void)
});
}
+/** We just learned a descriptor for a bridge. See if that
+ * digest is in our entry guard list, and add it if not. */
+void
+learned_bridge_descriptor(routerinfo_t *ri)
+{
+ tor_assert(ri);
+ tor_assert(ri->purpose == ROUTER_PURPOSE_BRIDGE);
+ if (get_options()->UseBridges) {
+ ri->is_running = 1;
+ add_an_entry_guard(ri);
+ log_notice(LD_DIR, "new bridge descriptor '%s'", ri->nickname);
+ }
+}
+
+/** Return 1 if any of our entry guards have descriptors that
+ * are marked with purpose 'bridge'. Else return 0.
+ *
+ * We use this function to decide if we're ready to start building
+ * circuits through our bridges, or if we need to wait until the
+ * directory "server/authority" requests finish. */
+int
+any_bridge_descriptors_known(void)
+{
+ return choose_random_entry(NULL)!=NULL ? 1 : 0;
+#if 0
+ routerinfo_t *ri;
+ if (!entry_guards)
+ entry_guards = smartlist_create();
+ SMARTLIST_FOREACH(entry_guards, entry_guard_t *, e,
+ {
+ ri = router_get_by_digest(e->identity);
+ if (ri && ri->purpose == ROUTER_PURPOSE_BRIDGE)
+ return 1;
+ });
+ return 0;
+#endif
+}
+