summaryrefslogtreecommitdiff
path: root/src/feature/relay/selftest.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/feature/relay/selftest.c')
-rw-r--r--src/feature/relay/selftest.c192
1 files changed, 47 insertions, 145 deletions
diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c
index 46b4b20ffc..399b6bca6e 100644
--- a/src/feature/relay/selftest.c
+++ b/src/feature/relay/selftest.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2020, The Tor Project, Inc. */
+ * Copyright (c) 2007-2021, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -49,15 +49,12 @@
static bool have_orport_for_family(int family);
static void inform_testing_reachability(const tor_addr_t *addr,
- uint16_t port,
- bool is_dirport);
+ uint16_t port);
/** Whether we can reach our IPv4 ORPort from the outside. */
static bool can_reach_or_port_ipv4 = false;
/** Whether we can reach our IPv6 ORPort from the outside. */
static bool can_reach_or_port_ipv6 = false;
-/** Whether we can reach our DirPort from the outside. */
-static bool can_reach_dir_port = false;
/** Has informed_testing_reachable logged a message about testing our IPv4
* ORPort? */
@@ -65,18 +62,14 @@ static bool have_informed_testing_or_port_ipv4 = false;
/** Has informed_testing_reachable logged a message about testing our IPv6
* ORPort? */
static bool have_informed_testing_or_port_ipv6 = false;
-/** Has informed_testing_reachable logged a message about testing our
- * DirPort? */
-static bool have_informed_testing_dir_port = false;
/** Forget what we have learned about our reachability status. */
void
router_reset_reachability(void)
{
- can_reach_or_port_ipv4 = can_reach_or_port_ipv6 = can_reach_dir_port = false;
+ can_reach_or_port_ipv4 = can_reach_or_port_ipv6 = false;
have_informed_testing_or_port_ipv4 =
- have_informed_testing_or_port_ipv6 =
- have_informed_testing_dir_port = false;
+ have_informed_testing_or_port_ipv6 = false;
}
/** Return 1 if we won't do reachability checks, because:
@@ -137,31 +130,20 @@ router_orport_seems_reachable(const or_options_t *options,
return true;
}
-/** Return 0 if we need to do a DirPort reachability check, because:
- * - no reachability check has been done yet, or
- * - we've initiated reachability checks, but none have succeeded.
- * Return 1 if we don't need to do a DirPort reachability check, because:
- * - we've seen a successful reachability check, or
- * - there is no DirPort set, or
- * - AssumeReachable is set, or
- * - We're a dir auth (see ticket #40287), or
- * - the network is disabled.
- */
+/** Relay DirPorts are no longer used (though authorities are). In either case,
+ * reachability self test is done anymore, since network re-entry towards an
+ * authority DirPort is not allowed. Thus, consider it always reachable. */
int
router_dirport_seems_reachable(const or_options_t *options)
{
- int reach_checks_disabled = router_reachability_checks_disabled(options) ||
- authdir_mode(options) ||
- !options->DirPort_set;
- return reach_checks_disabled ||
- can_reach_dir_port;
+ (void) options;
+ return 1;
}
-/** See if we currently believe our ORPort or DirPort to be
- * unreachable. If so, return 1 else return 0.
- */
+/** See if we currently believe our ORPort to be unreachable. If so, return 1
+ * else return 0. */
static int
-router_should_check_reachability(int test_or, int test_dir)
+router_should_check_reachability(void)
{
const routerinfo_t *me = router_get_my_routerinfo();
const or_options_t *options = get_options();
@@ -174,15 +156,13 @@ router_should_check_reachability(int test_or, int test_dir)
options->StrictNodes) {
/* If we've excluded ourself, and StrictNodes is set, we can't test
* ourself. */
- if (test_or || test_dir) {
#define SELF_EXCLUDED_WARN_INTERVAL 3600
- static ratelim_t warning_limit=RATELIM_INIT(SELF_EXCLUDED_WARN_INTERVAL);
- log_fn_ratelim(&warning_limit, LOG_WARN, LD_CIRC,
- "Can't perform self-tests for this relay: we have "
- "listed ourself in ExcludeNodes, and StrictNodes is set. "
- "We cannot learn whether we are usable, and will not "
- "be able to advertise ourself.");
- }
+ static ratelim_t warning_limit=RATELIM_INIT(SELF_EXCLUDED_WARN_INTERVAL);
+ log_fn_ratelim(&warning_limit, LOG_WARN, LD_CIRC,
+ "Can't perform self-tests for this relay: we have "
+ "listed ourself in ExcludeNodes, and StrictNodes is set. "
+ "We cannot learn whether we are usable, and will not "
+ "be able to advertise ourself.");
return 0;
}
return 1;
@@ -248,7 +228,10 @@ extend_info_from_router(const routerinfo_t *r, int family)
info = extend_info_new(r->nickname, r->cache_info.identity_digest,
ed_id_key,
rsa_pubkey, r->onion_curve25519_pkey,
- &ap.addr, ap.port);
+ &ap.addr, ap.port,
+ /* TODO-324: Should self-test circuits use
+ * congestion control? */
+ NULL, false);
crypto_pk_free(rsa_pubkey);
return info;
}
@@ -274,6 +257,11 @@ router_do_orport_reachability_checks(const routerinfo_t *me,
if (ei) {
const char *family_name = fmt_af_family(family);
const tor_addr_port_t *ap = extend_info_get_orport(ei, family);
+ if (BUG(!ap)) {
+ /* Not much we can do here to recover apart from screaming loudly. */
+ extend_info_free(ei);
+ return;
+ }
log_info(LD_CIRC, "Testing %s of my %s ORPort: %s.",
!orport_reachable ? "reachability" : "bandwidth",
family_name, fmt_addrport_ap(ap));
@@ -281,8 +269,8 @@ router_do_orport_reachability_checks(const routerinfo_t *me,
if (!orport_reachable) {
/* Only log if we are actually doing a reachability test to learn if our
* ORPort is reachable. Else, this prints a log notice if we are simply
- * opening a bandwidth testing circuit even do we are reachable. */
- inform_testing_reachability(&ap->addr, ap->port, false);
+ * opening a bandwidth testing circuit even though we are reachable. */
+ inform_testing_reachability(&ap->addr, ap->port);
}
circuit_launch_by_extend_info(CIRCUIT_PURPOSE_TESTING, ei,
@@ -293,53 +281,15 @@ router_do_orport_reachability_checks(const routerinfo_t *me,
}
}
-/** Launch a self-testing circuit, and ask an exit to connect to our DirPort.
- * <b>me</b> is our own routerinfo.
+/** Some time has passed, or we just got new directory information. See if we
+ * currently believe our ORPort to be unreachable. If so, launch a new test
+ * for it.
*
- * Relays don't advertise IPv6 DirPorts, so this function only supports IPv4.
- *
- * See router_do_reachability_checks() for details. */
-static void
-router_do_dirport_reachability_checks(const routerinfo_t *me)
-{
- tor_addr_port_t my_dirport;
- tor_addr_copy(&my_dirport.addr, &me->ipv4_addr);
- my_dirport.port = me->ipv4_dirport;
-
- /* If there is already a pending connection, don't open another one. */
- if (!connection_get_by_type_addr_port_purpose(
- CONN_TYPE_DIR,
- &my_dirport.addr, my_dirport.port,
- DIR_PURPOSE_FETCH_SERVERDESC)) {
- /* ask myself, via tor, for my server descriptor. */
- directory_request_t *req =
- directory_request_new(DIR_PURPOSE_FETCH_SERVERDESC);
- directory_request_set_dir_addr_port(req, &my_dirport);
- directory_request_set_directory_id_digest(req,
- me->cache_info.identity_digest);
- /* ask via an anon circuit, connecting to our dirport. */
- directory_request_set_indirection(req, DIRIND_ANON_DIRPORT);
- directory_request_set_resource(req, "authority.z");
- directory_initiate_request(req);
- directory_request_free(req);
-
- inform_testing_reachability(&my_dirport.addr, my_dirport.port, true);
- }
-}
-
-/** Some time has passed, or we just got new directory information.
- * See if we currently believe our ORPort or DirPort to be
- * unreachable. If so, launch a new test for it.
- *
- * For ORPort, we simply try making a circuit that ends at ourselves.
- * Success is noticed in onionskin_answer().
- *
- * For DirPort, we make a connection via Tor to our DirPort and ask
- * for our own server descriptor.
- * Success is noticed in connection_dir_client_reached_eof().
+ * For ORPort, we simply try making a circuit that ends at ourselves. Success
+ * is noticed in onionskin_answer().
*/
void
-router_do_reachability_checks(int test_or, int test_dir)
+router_do_reachability_checks(void)
{
const routerinfo_t *me = router_get_my_routerinfo();
const or_options_t *options = get_options();
@@ -348,45 +298,34 @@ router_do_reachability_checks(int test_or, int test_dir)
int orport_reachable_v6 =
router_orport_seems_reachable(options, AF_INET6);
- if (router_should_check_reachability(test_or, test_dir)) {
+ if (router_should_check_reachability()) {
bool need_testing = !circuit_enough_testing_circs();
/* At the moment, tor relays believe that they are reachable when they
* receive any create cell on an inbound connection, if the address
* family is correct.
*/
- if (test_or && (!orport_reachable_v4 || need_testing)) {
+ if (!orport_reachable_v4 || need_testing) {
router_do_orport_reachability_checks(me, AF_INET, orport_reachable_v4);
}
- if (test_or && (!orport_reachable_v6 || need_testing)) {
+ if (!orport_reachable_v6 || need_testing) {
router_do_orport_reachability_checks(me, AF_INET6, orport_reachable_v6);
}
-
- if (test_dir && !router_dirport_seems_reachable(options)) {
- router_do_dirport_reachability_checks(me);
- }
}
}
/** Log a message informing the user that we are testing a port for
* reachability, if we have not already logged such a message.
*
- * If @a is_dirport is true, then the port is a DirPort; otherwise it is an
- * ORPort.
- *
* Calls to router_reset_reachability() will reset our view of whether we have
* logged this message for a given port. */
static void
-inform_testing_reachability(const tor_addr_t *addr,
- uint16_t port,
- bool is_dirport)
+inform_testing_reachability(const tor_addr_t *addr, uint16_t port)
{
if (!router_get_my_routerinfo())
return;
bool *have_informed_ptr;
- if (is_dirport) {
- have_informed_ptr = &have_informed_testing_dir_port;
- } else if (tor_addr_family(addr) == AF_INET) {
+ if (tor_addr_family(addr) == AF_INET) {
have_informed_ptr = &have_informed_testing_or_port_ipv4;
} else {
have_informed_ptr = &have_informed_testing_or_port_ipv6;
@@ -401,18 +340,16 @@ inform_testing_reachability(const tor_addr_t *addr,
char addr_buf[TOR_ADDRPORT_BUF_LEN];
strlcpy(addr_buf, fmt_addrport(addr, port), sizeof(addr_buf));
- const char *control_addr_type = is_dirport ? "DIRADDRESS" : "ORADDRESS";
- const char *port_type = is_dirport ? "DirPort" : "ORPort";
const char *afname = fmt_af_family(tor_addr_family(addr));
control_event_server_status(LOG_NOTICE,
- "CHECKING_REACHABILITY %s=%s",
- control_addr_type, addr_buf);
+ "CHECKING_REACHABILITY ORADDRESS=%s",
+ addr_buf);
- log_notice(LD_OR, "Now checking whether %s %s %s is reachable... "
+ log_notice(LD_OR, "Now checking whether %s ORPort %s is reachable... "
"(this may take up to %d minutes -- look for log "
"messages indicating success)",
- afname, port_type, addr_buf,
+ afname, addr_buf,
TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT/60);
*have_informed_ptr = true;
@@ -426,8 +363,7 @@ static bool
ready_to_publish(const or_options_t *options)
{
return options->PublishServerDescriptor_ != NO_DIRINFO &&
- router_dirport_seems_reachable(options) &&
- router_all_orports_seem_reachable(options);
+ router_all_orports_seem_reachable(options);
}
/** Annotate that we found our ORPort reachable with a given address
@@ -481,40 +417,6 @@ router_orport_found_reachable(int family)
}
}
-/** Annotate that we found our DirPort reachable. */
-void
-router_dirport_found_reachable(void)
-{
- const routerinfo_t *me = router_get_my_routerinfo();
- const or_options_t *options = get_options();
-
- if (!can_reach_dir_port && me) {
- char *address = tor_addr_to_str_dup(&me->ipv4_addr);
-
- if (!address)
- return;
-
- can_reach_dir_port = true;
- log_notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable "
- "from the outside. Excellent.%s",
- ready_to_publish(options) ?
- " Publishing server descriptor." : "");
-
- if (router_should_advertise_dirport(options, me->ipv4_dirport)) {
- mark_my_descriptor_dirty("DirPort found reachable");
- /* This is a significant enough change to upload immediately,
- * at least in a test network */
- if (options->TestingTorNetwork == 1) {
- reschedule_descriptor_update_check();
- }
- }
- control_event_server_status(LOG_NOTICE,
- "REACHABILITY_SUCCEEDED DIRADDRESS=%s:%d",
- address, me->ipv4_dirport);
- tor_free(address);
- }
-}
-
/** We have enough testing circuits open. Send a bunch of "drop"
* cells down each of them, to exercise our bandwidth.
*
@@ -530,8 +432,8 @@ router_perform_bandwidth_test(int num_circs, time_t now)
origin_circuit_t *circ = NULL;
log_notice(LD_OR,"Performing bandwidth self-test...done.");
- while ((circ = circuit_get_next_by_pk_and_purpose(circ, NULL,
- CIRCUIT_PURPOSE_TESTING))) {
+ while ((circ = circuit_get_next_by_purpose(circ,
+ CIRCUIT_PURPOSE_TESTING))) {
/* dump cells_per_circuit drop cells onto this circ */
int i = cells_per_circuit;
if (circ->base_.state != CIRCUIT_STATE_OPEN)