/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRSERV_PRIVATE
#include "core/or/or.h"
#include "app/config/config.h"
#include "core/mainloop/connection.h"
#include "feature/dircache/conscache.h"
#include "feature/dircache/consdiffmgr.h"
#include "feature/dircommon/directory.h"
#include "feature/dircache/dirserv.h"
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/routerlist.h"
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"
#include "feature/stats/predict_ports.h"
#include "feature/dircache/cached_dir_st.h"
#include "feature/dircommon/dir_connection_st.h"
#include "feature/nodelist/extrainfo_st.h"
#include "feature/nodelist/microdesc_st.h"
#include "feature/nodelist/routerinfo_st.h"
#include "feature/nodelist/routerlist_st.h"
#include "lib/compress/compress.h"
/**
* \file dirserv.c
* \brief Directory server core implementation. Manages directory
* contents and generates directory documents.
*
* This module implements most of directory cache functionality, and some of
* the directory authority functionality. The directory.c module delegates
* here in order to handle incoming requests from clients, via
* connection_dirserv_flushed_some() and its kin. In order to save RAM, this
* module is responsible for spooling directory objects (in whole or in part)
* onto buf_t instances, and then closing the dir_connection_t once the
* objects are totally flushed.
*
* The directory.c module also delegates here for handling descriptor uploads
* via dirserv_add_multiple_descriptors().
*
* Additionally, this module handles some aspects of voting, including:
* deciding how to vote on individual flags (based on decisions reached in
* rephist.c), of formatting routerstatus lines, and deciding what relays to
* include in an authority's vote. (TODO: Those functions could profitably be
* split off. They only live in this file because historically they were
* shared among the v1, v2, and v3 directory code.)
*/
static void clear_cached_dir(cached_dir_t *d);
static const signed_descriptor_t *get_signed_descriptor_by_fp(
const uint8_t *fp,
int extrainfo);
static int spooled_resource_lookup_body(const spooled_resource_t *spooled,
int conn_is_encrypted,
const uint8_t **body_out,
size_t *size_out,
time_t *published_out);
static cached_dir_t *spooled_resource_lookup_cached_dir(
const spooled_resource_t *spooled,
time_t *published_out);
static cached_dir_t *lookup_cached_dir_by_fp(const uint8_t *fp);
/********************************************************************/
/* A set of functions to answer questions about how we'd like to behave
* as a directory mirror/client. */
/** Return 1 if we fetch our directory material directly from the
* authorities, rather than from a mirror. */
int
directory_fetches_from_authorities(const or_options_t *options)
{
const routerinfo_t *me;
uint32_t addr;
int refuseunknown;
if (options->FetchDirInfoEarly)
return 1;
if (options->BridgeRelay == 1)
return 0;
if (server_mode(options) &&
router_pick_published_address(options, &addr, 1) < 0)
return 1; /* we don't know our IP address; ask an authority. */
refuseunknown = ! router_my_exit_policy_is_reject_star() &&
should_refuse_unknown_exits(options);
if (!dir_server_mode(options) && !refuseunknown)
return 0;
if (!server_mode(options) || !advertised_server_mode())
return 0;
me = router_get_my_routerinfo();
if (!me || (!me->supports_tunnelled_dir_requests && !refuseunknown))
return 0; /* if we don't service directory requests, return 0 too */
return 1;
}
/** Return 1 if we should fetch new networkstatuses, descriptors, etc
* on the "mirror" schedule rather than the "client" schedule.
*/
int
directory_fetches_dir_info_early(const or_options_t *options)
{
return directory_fetches_from_authorities(options);
}
/** Return 1 if we should fetch new networkstatuses, descriptors, etc
* on a very passive schedule -- waiting long enough for ordinary clients
* to probably have the info we want. These would include bridge users,
* and maybe others in the future e.g. if a Tor client uses another Tor
* client as a directory guard.
*/
int
directory_fetches_dir_info_later(const or_options_t *options)
{
return options->UseBridges != 0;
}
/** Return true iff we want to serve certificates for authorities
* that we don't acknowledge as authorities ourself.
* Use we_want_to_fetch_unknown_auth_certs to check if we want to fetch
* and keep these certificates.
*/
int
directory_caches_unknown_auth_certs(const or_options_t *options)
{
return dir_server_mode(options) || options->BridgeRelay;
}
/** Return 1 if we want to fetch and serve descriptors, networkstatuses, etc
* Else return 0.
* Check options->DirPort_set and directory_permits_begindir_requests()
* to see if we are willing to serve these directory documents to others via
* the DirPort and begindir-over-ORPort, respectively.
*
* To check if we should fetch documents, use we_want_to_fetch_flavor and
* we_want_to_fetch_unknown_auth_certs instead of this function.
*/
int
directory_caches_dir_info(const or_options_t *options)
{
if (options->BridgeRelay || dir_server_mode(options))
return 1;
if (!server_mode(options) || !advertised_server_mode())
return 0;
/* We need an up-to-date view of network info if we're going to try to
* block exit attempts from unknown relays. */
return ! router_my_exit_policy_is_reject_star() &&
should_refuse_unknown_exits(options);
}
/** Return 1 if we want to allow remote clients to ask us directory
* requests via the "begin_dir" interface, which doesn't require
* having any separate port open. */
int
directory_permits_begindir_requests(const or_options_t *options)
{
return options->BridgeRelay != 0 || dir_server_mode(options);
}
/** Return 1 if we have no need to fetch new descriptors. This generally
* happens when we're not a dir cache and we haven't built any circuits
* lately.
*/
int
directory_too_idle_to_fetch_descriptors(const or_options_t *options,
time_t now)
{
return !directory_caches_dir_info(options) &&
!options->FetchUselessDescriptors &&
rep_hist_circbuilding_dormant(now);
}
/********************************************************************/
/** Map from flavor name to the cached_dir_t for the v3 consensuses that we're
* currently serving. */
static strmap_t *cached_consensuses = NULL;
/** Decrement the reference count on d, and free it if it no longer has
* any references. */
void
cached_dir_decref(cached_dir_t *d)
{
if (!d || --d->refcnt > 0)
return;
clear_cached_dir(d);
tor_free(d);
}
/** Allocate and return a new cached_dir_t containing the string s,
* published at published. */
cached_dir_t *
new_cached_dir(char *s, time_t published)
{
cached_dir_t *d = tor_malloc_zero(sizeof(cached_dir_t));
d->refcnt = 1;
d->dir = s;
d->dir_len = strlen(s);
d->published = published;
if (tor_compress(&(d->dir_compressed), &(d->dir_compressed_len),
d->dir, d->dir_len, ZLIB_METHOD)) {
log_warn(LD_BUG, "Error compressing directory");
}
return d;
}
/** Remove all storage held in d, but do not free d itself. */
static void
clear_cached_dir(cached_dir_t *d)
{
tor_free(d->dir);
tor_free(d->dir_compressed);
memset(d, 0, sizeof(cached_dir_t));
}
/** Free all storage held by the cached_dir_t in d. */
static void
free_cached_dir_(void *_d)
{
cached_dir_t *d;
if (!_d)
return;
d = (cached_dir_t *)_d;
cached_dir_decref(d);
}
/** Replace the v3 consensus networkstatus of type flavor_name that
* we're serving with networkstatus, published at published. No
* validation is performed. */
void
dirserv_set_cached_consensus_networkstatus(const char *networkstatus,
size_t networkstatus_len,
const char *flavor_name,
const common_digests_t *digests,
const uint8_t *sha3_as_signed,
time_t published)
{
cached_dir_t *new_networkstatus;
cached_dir_t *old_networkstatus;
if (!cached_consensuses)
cached_consensuses = strmap_new();
new_networkstatus =
new_cached_dir(tor_memdup_nulterm(networkstatus, networkstatus_len),
published);
memcpy(&new_networkstatus->digests, digests, sizeof(common_digests_t));
memcpy(&new_networkstatus->digest_sha3_as_signed, sha3_as_signed,
DIGEST256_LEN);
old_networkstatus = strmap_set(cached_consensuses, flavor_name,
new_networkstatus);
if (old_networkstatus)
cached_dir_decref(old_networkstatus);
}
/** Return the latest downloaded consensus networkstatus in encoded, signed,
* optionally compressed format, suitable for sending to clients. */
cached_dir_t *
dirserv_get_consensus(const char *flavor_name)
{
if (!cached_consensuses)
return NULL;
return strmap_get(cached_consensuses, flavor_name);
}
/** As dirserv_get_routerdescs(), but instead of getting signed_descriptor_t
* pointers, adds copies of digests to fps_out, and doesn't use the
* /tor/server/ prefix. For a /d/ request, adds descriptor digests; for other
* requests, adds identity digests.
*/
int
dirserv_get_routerdesc_spool(smartlist_t *spool_out,
const char *key,
dir_spool_source_t source,
int conn_is_encrypted,
const char **msg_out)
{
*msg_out = NULL;
if (!strcmp(key, "all")) {
const routerlist_t *rl = router_get_routerlist();
SMARTLIST_FOREACH_BEGIN(rl->routers, const routerinfo_t *, r) {
spooled_resource_t *spooled;
spooled = spooled_resource_new(source,
(const uint8_t *)r->cache_info.identity_digest,
DIGEST_LEN);
/* Treat "all" requests as if they were unencrypted */
conn_is_encrypted = 0;
smartlist_add(spool_out, spooled);
} SMARTLIST_FOREACH_END(r);
} else if (!strcmp(key, "authority")) {
const routerinfo_t *ri = router_get_my_routerinfo();
if (ri)
smartlist_add(spool_out,
spooled_resource_new(source,
(const uint8_t *)ri->cache_info.identity_digest,
DIGEST_LEN));
} else if (!strcmpstart(key, "d/")) {
key += strlen("d/");
dir_split_resource_into_spoolable(key, source, spool_out, NULL,
DSR_HEX|DSR_SORT_UNIQ);
} else if (!strcmpstart(key, "fp/")) {
key += strlen("fp/");
dir_split_resource_into_spoolable(key, source, spool_out, NULL,
DSR_HEX|DSR_SORT_UNIQ);
} else {
*msg_out = "Not found";
return -1;
}
if (! conn_is_encrypted) {
/* Remove anything that insists it not be sent unencrypted. */
SMARTLIST_FOREACH_BEGIN(spool_out, spooled_resource_t *, spooled) {
const uint8_t *body = NULL;
size_t bodylen = 0;
int r = spooled_resource_lookup_body(spooled, conn_is_encrypted,
&body, &bodylen, NULL);
if (r < 0 || body == NULL || bodylen == 0) {
SMARTLIST_DEL_CURRENT(spool_out, spooled);
spooled_resource_free(spooled);
}
} SMARTLIST_FOREACH_END(spooled);
}
if (!smartlist_len(spool_out)) {
*msg_out = "Servers unavailable";
return -1;
}
return 0;
}
/** Add a signed_descriptor_t to descs_out for each router matching
* key. The key should be either
* - "/tor/server/authority" for our own routerinfo;
* - "/tor/server/all" for all the routerinfos we have, concatenated;
* - "/tor/server/fp/FP" where FP is a plus-separated sequence of
* hex identity digests; or
* - "/tor/server/d/D" where D is a plus-separated sequence
* of server descriptor digests, in hex.
*
* Return 0 if we found some matching descriptors, or -1 if we do not
* have any descriptors, no matching descriptors, or if we did not
* recognize the key (URL).
* If -1 is returned *msg will be set to an appropriate error
* message.
*
* XXXX rename this function. It's only called from the controller.
* XXXX in fact, refactor this function, merging as much as possible.
*/
int
dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
const char **msg)
{
*msg = NULL;
if (!strcmp(key, "/tor/server/all")) {
routerlist_t *rl = router_get_routerlist();
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
smartlist_add(descs_out, &(r->cache_info)));
} else if (!strcmp(key, "/tor/server/authority")) {
const routerinfo_t *ri = router_get_my_routerinfo();
if (ri)
smartlist_add(descs_out, (void*) &(ri->cache_info));
} else if (!strcmpstart(key, "/tor/server/d/")) {
smartlist_t *digests = smartlist_new();
key += strlen("/tor/server/d/");
dir_split_resource_into_fingerprints(key, digests, NULL,
DSR_HEX|DSR_SORT_UNIQ);
SMARTLIST_FOREACH(digests, const char *, d,
{
signed_descriptor_t *sd = router_get_by_descriptor_digest(d);
if (sd)
smartlist_add(descs_out,sd);
});
SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
smartlist_free(digests);
} else if (!strcmpstart(key, "/tor/server/fp/")) {
smartlist_t *digests = smartlist_new();
time_t cutoff = time(NULL) - ROUTER_MAX_AGE_TO_PUBLISH;
key += strlen("/tor/server/fp/");
dir_split_resource_into_fingerprints(key, digests, NULL,
DSR_HEX|DSR_SORT_UNIQ);
SMARTLIST_FOREACH_BEGIN(digests, const char *, d) {
if (router_digest_is_me(d)) {
/* calling router_get_my_routerinfo() to make sure it exists */
const routerinfo_t *ri = router_get_my_routerinfo();
if (ri)
smartlist_add(descs_out, (void*) &(ri->cache_info));
} else {
const routerinfo_t *ri = router_get_by_id_digest(d);
/* Don't actually serve a descriptor that everyone will think is
* expired. This is an (ugly) workaround to keep buggy 0.1.1.10
* Tors from downloading descriptors that they will throw away.
*/
if (ri && ri->cache_info.published_on > cutoff)
smartlist_add(descs_out, (void*) &(ri->cache_info));
}
} SMARTLIST_FOREACH_END(d);
SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
smartlist_free(digests);
} else {
*msg = "Key not recognized";
return -1;
}
if (!smartlist_len(descs_out)) {
*msg = "Servers unavailable";
return -1;
}
return 0;
}
/* ==========
* Spooling code.
* ========== */
spooled_resource_t *
spooled_resource_new(dir_spool_source_t source,
const uint8_t *digest, size_t digestlen)
{
spooled_resource_t *spooled = tor_malloc_zero(sizeof(spooled_resource_t));
spooled->spool_source = source;
switch (source) {
case DIR_SPOOL_NETWORKSTATUS:
spooled->spool_eagerly = 0;
break;
case DIR_SPOOL_SERVER_BY_DIGEST:
case DIR_SPOOL_SERVER_BY_FP:
case DIR_SPOOL_EXTRA_BY_DIGEST:
case DIR_SPOOL_EXTRA_BY_FP:
case DIR_SPOOL_MICRODESC:
default:
spooled->spool_eagerly = 1;
break;
case DIR_SPOOL_CONSENSUS_CACHE_ENTRY:
tor_assert_unreached();
break;
}
tor_assert(digestlen <= sizeof(spooled->digest));
if (digest)
memcpy(spooled->digest, digest, digestlen);
return spooled;
}
/**
* Create a new spooled_resource_t to spool the contents of entry to
* the user. Return the spooled object on success, or NULL on failure (which
* is probably caused by a failure to map the body of the item from disk).
*
* Adds a reference to entry's reference counter.
*/
spooled_resource_t *
spooled_resource_new_from_cache_entry(consensus_cache_entry_t *entry)
{
spooled_resource_t *spooled = tor_malloc_zero(sizeof(spooled_resource_t));
spooled->spool_source = DIR_SPOOL_CONSENSUS_CACHE_ENTRY;
spooled->spool_eagerly = 0;
consensus_cache_entry_incref(entry);
spooled->consensus_cache_entry = entry;
int r = consensus_cache_entry_get_body(entry,
&spooled->cce_body,
&spooled->cce_len);
if (r == 0) {
return spooled;
} else {
spooled_resource_free(spooled);
return NULL;
}
}
/** Release all storage held by spooled. */
void
spooled_resource_free_(spooled_resource_t *spooled)
{
if (spooled == NULL)
return;
if (spooled->cached_dir_ref) {
cached_dir_decref(spooled->cached_dir_ref);
}
if (spooled->consensus_cache_entry) {
consensus_cache_entry_decref(spooled->consensus_cache_entry);
}
tor_free(spooled);
}
/** When spooling data from a cached_dir_t object, we always add
* at least this much. */
#define DIRSERV_CACHED_DIR_CHUNK_SIZE 8192
/** Return an compression ratio for compressing objects from source.
*/
static double
estimate_compression_ratio(dir_spool_source_t source)
{
/* We should put in better estimates here, depending on the number of
objects and their type */
(void) source;
return 0.5;
}
/** Return an estimated number of bytes needed for transmitting the
* resource in spooled on conn
*
* As a convenient side-effect, set *published_out to the resource's
* publication time.
*/
static size_t
spooled_resource_estimate_size(const spooled_resource_t *spooled,
dir_connection_t *conn,
int compressed,
time_t *published_out)
{
if (spooled->spool_eagerly) {
const uint8_t *body = NULL;
size_t bodylen = 0;
int r = spooled_resource_lookup_body(spooled,
connection_dir_is_encrypted(conn),
&body, &bodylen,
published_out);
if (r == -1 || body == NULL || bodylen == 0)
return 0;
if (compressed) {
double ratio = estimate_compression_ratio(spooled->spool_source);
bodylen = (size_t)(bodylen * ratio);
}
return bodylen;
} else {
cached_dir_t *cached;
if (spooled->consensus_cache_entry) {
if (published_out) {
consensus_cache_entry_get_valid_after(
spooled->consensus_cache_entry, published_out);
}
return spooled->cce_len;
}
if (spooled->cached_dir_ref) {
cached = spooled->cached_dir_ref;
} else {
cached = spooled_resource_lookup_cached_dir(spooled,
published_out);
}
if (cached == NULL) {
return 0;
}
size_t result = compressed ? cached->dir_compressed_len : cached->dir_len;
return result;
}
}
/** Return code for spooled_resource_flush_some */
typedef enum {
SRFS_ERR = -1,
SRFS_MORE = 0,
SRFS_DONE
} spooled_resource_flush_status_t;
/** Flush some or all of the bytes from spooled onto conn.
* Return SRFS_ERR on error, SRFS_MORE if there are more bytes to flush from
* this spooled resource, or SRFS_DONE if we are done flushing this spooled
* resource.
*/
static spooled_resource_flush_status_t
spooled_resource_flush_some(spooled_resource_t *spooled,
dir_connection_t *conn)
{
if (spooled->spool_eagerly) {
/* Spool_eagerly resources are sent all-at-once. */
const uint8_t *body = NULL;
size_t bodylen = 0;
int r = spooled_resource_lookup_body(spooled,
connection_dir_is_encrypted(conn),
&body, &bodylen, NULL);
if (r == -1 || body == NULL || bodylen == 0) {
/* Absent objects count as "done". */
return SRFS_DONE;
}
if (conn->compress_state) {
connection_buf_add_compress((const char*)body, bodylen, conn, 0);
} else {
connection_buf_add((const char*)body, bodylen, TO_CONN(conn));
}
return SRFS_DONE;
} else {
cached_dir_t *cached = spooled->cached_dir_ref;
consensus_cache_entry_t *cce = spooled->consensus_cache_entry;
if (cached == NULL && cce == NULL) {
/* The cached_dir_t hasn't been materialized yet. So let's look it up. */
cached = spooled->cached_dir_ref =
spooled_resource_lookup_cached_dir(spooled, NULL);
if (!cached) {
/* Absent objects count as done. */
return SRFS_DONE;
}
++cached->refcnt;
tor_assert_nonfatal(spooled->cached_dir_offset == 0);
}
if (BUG(!cached && !cce))
return SRFS_DONE;
int64_t total_len;
const char *ptr;
if (cached) {
total_len = cached->dir_compressed_len;
ptr = cached->dir_compressed;
} else {
total_len = spooled->cce_len;
ptr = (const char *)spooled->cce_body;
}
/* How many bytes left to flush? */
int64_t remaining;
remaining = total_len - spooled->cached_dir_offset;
if (BUG(remaining < 0))
return SRFS_ERR;
ssize_t bytes = (ssize_t) MIN(DIRSERV_CACHED_DIR_CHUNK_SIZE, remaining);
if (conn->compress_state) {
connection_buf_add_compress(
ptr + spooled->cached_dir_offset,
bytes, conn, 0);
} else {
connection_buf_add(ptr + spooled->cached_dir_offset,
bytes, TO_CONN(conn));
}
spooled->cached_dir_offset += bytes;
if (spooled->cached_dir_offset >= (off_t)total_len) {
return SRFS_DONE;
} else {
return SRFS_MORE;
}
}
}
/** Helper: find the cached_dir_t for a spooled_resource_t, for
* sending it to conn. Set *published_out, if provided,
* to the published time of the cached_dir_t.
*
* DOES NOT increase the reference count on the result. Callers must do that
* themselves if they mean to hang on to it.
*/
static cached_dir_t *
spooled_resource_lookup_cached_dir(const spooled_resource_t *spooled,
time_t *published_out)
{
tor_assert(spooled->spool_eagerly == 0);
cached_dir_t *d = lookup_cached_dir_by_fp(spooled->digest);
if (d != NULL) {
if (published_out)
*published_out = d->published;
}
return d;
}
/** Helper: Look up the body for an eagerly-served spooled_resource. If
* conn_is_encrypted is false, don't look up any resource that
* shouldn't be sent over an unencrypted connection. On success, set
* body_out, size_out, and published_out to refer
* to the resource's body, size, and publication date, and return 0.
* On failure return -1. */
static int
spooled_resource_lookup_body(const spooled_resource_t *spooled,
int conn_is_encrypted,
const uint8_t **body_out,
size_t *size_out,
time_t *published_out)
{
tor_assert(spooled->spool_eagerly == 1);
const signed_descriptor_t *sd = NULL;
switch (spooled->spool_source) {
case DIR_SPOOL_EXTRA_BY_FP: {
sd = get_signed_descriptor_by_fp(spooled->digest, 1);
break;
}
case DIR_SPOOL_SERVER_BY_FP: {
sd = get_signed_descriptor_by_fp(spooled->digest, 0);
break;
}
case DIR_SPOOL_SERVER_BY_DIGEST: {
sd = router_get_by_descriptor_digest((const char *)spooled->digest);
break;
}
case DIR_SPOOL_EXTRA_BY_DIGEST: {
sd = extrainfo_get_by_descriptor_digest((const char *)spooled->digest);
break;
}
case DIR_SPOOL_MICRODESC: {
microdesc_t *md = microdesc_cache_lookup_by_digest256(
get_microdesc_cache(),
(const char *)spooled->digest);
if (! md || ! md->body) {
return -1;
}
*body_out = (const uint8_t *)md->body;
*size_out = md->bodylen;
if (published_out)
*published_out = TIME_MAX;
return 0;
}
case DIR_SPOOL_NETWORKSTATUS:
case DIR_SPOOL_CONSENSUS_CACHE_ENTRY:
default:
/* LCOV_EXCL_START */
tor_assert_nonfatal_unreached();
return -1;
/* LCOV_EXCL_STOP */
}
/* If we get here, then we tried to set "sd" to a signed_descriptor_t. */
if (sd == NULL) {
return -1;
}
if (sd->send_unencrypted == 0 && ! conn_is_encrypted) {
/* we did this check once before (so we could have an accurate size
* estimate and maybe send a 404 if somebody asked for only bridges on
* a connection), but we need to do it again in case a previously
* unknown bridge descriptor has shown up between then and now. */
return -1;
}
*body_out = (const uint8_t *) signed_descriptor_get_body(sd);
*size_out = sd->signed_descriptor_len;
if (published_out)
*published_out = sd->published_on;
return 0;
}
/** Given a fingerprint fp which is either set if we're looking for a
* v2 status, or zeroes if we're looking for a v3 status, or a NUL-padded
* flavor name if we want a flavored v3 status, return a pointer to the
* appropriate cached dir object, or NULL if there isn't one available. */
static cached_dir_t *
lookup_cached_dir_by_fp(const uint8_t *fp)
{
cached_dir_t *d = NULL;
if (tor_digest_is_zero((const char *)fp) && cached_consensuses) {
d = strmap_get(cached_consensuses, "ns");
} else if (memchr(fp, '\0', DIGEST_LEN) && cached_consensuses) {
/* this here interface is a nasty hack: we're shoving a flavor into
* a digest field. */
d = strmap_get(cached_consensuses, (const char *)fp);
}
return d;
}
/** Try to guess the number of bytes that will be needed to send the
* spooled objects for conn's outgoing spool. In the process,
* remove every element of the spool that refers to an absent object, or
* which was published earlier than cutoff. Set *size_out
* to the number of bytes, and *n_expired_out to the number of
* objects removed for being too old. */
void
dirserv_spool_remove_missing_and_guess_size(dir_connection_t *conn,
time_t cutoff,
int compression,
size_t *size_out,
int *n_expired_out)
{
if (BUG(!conn))
return;
smartlist_t *spool = conn->spool;
if (!spool) {
if (size_out)
*size_out = 0;
if (n_expired_out)
*n_expired_out = 0;
return;
}
int n_expired = 0;
uint64_t total = 0;
SMARTLIST_FOREACH_BEGIN(spool, spooled_resource_t *, spooled) {
time_t published = TIME_MAX;
size_t sz = spooled_resource_estimate_size(spooled, conn,
compression, &published);
if (published < cutoff) {
++n_expired;
SMARTLIST_DEL_CURRENT(spool, spooled);
spooled_resource_free(spooled);
} else if (sz == 0) {
SMARTLIST_DEL_CURRENT(spool, spooled);
spooled_resource_free(spooled);
} else {
total += sz;
}
} SMARTLIST_FOREACH_END(spooled);
if (size_out) {
*size_out = (total > SIZE_MAX) ? SIZE_MAX : (size_t)total;
}
if (n_expired_out)
*n_expired_out = n_expired;
}
/** Helper: used to sort a connection's spool. */
static int
dirserv_spool_sort_comparison_(const void **a_, const void **b_)
{
const spooled_resource_t *a = *a_;
const spooled_resource_t *b = *b_;
return fast_memcmp(a->digest, b->digest, sizeof(a->digest));
}
/** Sort all the entries in conn by digest. */
void
dirserv_spool_sort(dir_connection_t *conn)
{
if (conn->spool == NULL)
return;
smartlist_sort(conn->spool, dirserv_spool_sort_comparison_);
}
/** Return the cache-info for identity fingerprint fp, or
* its extra-info document if extrainfo is true. Return
* NULL if not found or if the descriptor is older than
* publish_cutoff. */
static const signed_descriptor_t *
get_signed_descriptor_by_fp(const uint8_t *fp, int extrainfo)
{
if (router_digest_is_me((const char *)fp)) {
if (extrainfo)
return &(router_get_my_extrainfo()->cache_info);
else
return &(router_get_my_routerinfo()->cache_info);
} else {
const routerinfo_t *ri = router_get_by_id_digest((const char *)fp);
if (ri) {
if (extrainfo)
return extrainfo_get_by_descriptor_digest(
ri->cache_info.extra_info_digest);
else
return &ri->cache_info;
}
}
return NULL;
}
/** When we're spooling data onto our outbuf, add more whenever we dip
* below this threshold. */
#define DIRSERV_BUFFER_MIN 16384
/**
* Called whenever we have flushed some directory data in state
* SERVER_WRITING, or whenever we want to fill the buffer with initial
* directory data (so that subsequent writes will occur, and trigger this
* function again.)
*
* Return 0 on success, and -1 on failure.
*/
int
connection_dirserv_flushed_some(dir_connection_t *conn)
{
tor_assert(conn->base_.state == DIR_CONN_STATE_SERVER_WRITING);
if (conn->spool == NULL)
return 0;
while (connection_get_outbuf_len(TO_CONN(conn)) < DIRSERV_BUFFER_MIN &&
smartlist_len(conn->spool)) {
spooled_resource_t *spooled =
smartlist_get(conn->spool, smartlist_len(conn->spool)-1);
spooled_resource_flush_status_t status;
status = spooled_resource_flush_some(spooled, conn);
if (status == SRFS_ERR) {
return -1;
} else if (status == SRFS_MORE) {
return 0;
}
tor_assert(status == SRFS_DONE);
/* If we're here, we're done flushing this resource. */
tor_assert(smartlist_pop_last(conn->spool) == spooled);
spooled_resource_free(spooled);
}
if (smartlist_len(conn->spool) > 0) {
/* We're still spooling something. */
return 0;
}
/* If we get here, we're done. */
smartlist_free(conn->spool);
conn->spool = NULL;
if (conn->compress_state) {
/* Flush the compression state: there could be more bytes pending in there,
* and we don't want to omit bytes. */
connection_buf_add_compress("", 0, conn, 1);
tor_compress_free(conn->compress_state);
conn->compress_state = NULL;
}
return 0;
}
/** Remove every element from conn's outgoing spool, and delete
* the spool. */
void
dir_conn_clear_spool(dir_connection_t *conn)
{
if (!conn || ! conn->spool)
return;
SMARTLIST_FOREACH(conn->spool, spooled_resource_t *, s,
spooled_resource_free(s));
smartlist_free(conn->spool);
conn->spool = NULL;
}
/** Release all storage used by the directory server. */
void
dirserv_free_all(void)
{
strmap_free(cached_consensuses, free_cached_dir_);
cached_consensuses = NULL;
}