[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [tor/master] Clients do not request version 0 hidserv descs anymore.



Author: Karsten Loesing <karsten.loesing@xxxxxxx>
Date: Sun, 3 May 2009 00:09:18 +0200
Subject: Clients do not request version 0 hidserv descs anymore.
Commit: f79688ddef0e4d4abd5e92afbb11c5ee9864056d

---
 src/or/circuituse.c      |    5 ---
 src/or/connection.c      |   14 ++------
 src/or/connection_edge.c |   10 -----
 src/or/directory.c       |   21 -----------
 src/or/or.h              |   11 ------
 src/or/rendclient.c      |   87 ++++++++++++---------------------------------
 src/or/rendservice.c     |   41 +++++++++-------------
 7 files changed, 43 insertions(+), 146 deletions(-)

diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 4ee9914..1dd15d6 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1110,12 +1110,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
         log_info(LD_REND,
                  "No intro points for '%s': refetching service descriptor.",
                  safe_str(conn->rend_data->onion_address));
-        /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
-         * arrives first. Exception: When using client authorization, only
-         * fetch v2 descriptors.*/
         rend_client_refetch_v2_renddesc(conn->rend_data);
-        if (conn->rend_data->auth_type == REND_NO_AUTH)
-          rend_client_refetch_renddesc(conn->rend_data->onion_address);
         conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
         return 0;
       }
diff --git a/src/or/connection.c b/src/or/connection.c
index 3a01c28..812d021 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -544,13 +544,6 @@ connection_about_to_close_connection(connection_t *conn)
          * failed: forget about this router, and maybe try again. */
         connection_dir_request_failed(dir_conn);
       }
-      if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC && dir_conn->rend_data) {
-        /* Give it a try. However, there is no re-fetching for v0 rend
-         * descriptors; if the response is empty or the descriptor is
-         * unusable, close pending connections (unless a v2 request is
-         * still in progress). */
-        rend_client_desc_trynow(dir_conn->rend_data->onion_address, 0);
-      }
       /* If we were trying to fetch a v2 rend desc and did not succeed,
        * retry as needed. (If a fetch is successful, the connection state
        * is changed to DIR_PURPOSE_HAS_FETCHED_RENDDESC to mark that
@@ -2576,8 +2569,8 @@ connection_get_by_type_state(int type, int state)
 
 /** Return a connection of type <b>type</b> that has rendquery equal
  * to <b>rendquery</b>, and that is not marked for close. If state
- * is non-zero, conn must be of that state too. If rendversion is
- * nonnegative, conn must be fetching that rendversion, too.
+ * is non-zero, conn must be of that state too. (rendversion is
+ * ignored.)
  */
 connection_t *
 connection_get_by_type_state_rendquery(int type, int state,
@@ -2585,6 +2578,7 @@ connection_get_by_type_state_rendquery(int type, int state,
                                        int rendversion)
 {
   smartlist_t *conns = get_connection_array();
+  (void) rendversion;
 
   tor_assert(type == CONN_TYPE_DIR ||
              type == CONN_TYPE_AP || type == CONN_TYPE_EXIT);
@@ -2597,8 +2591,6 @@ connection_get_by_type_state_rendquery(int type, int state,
         (!state || state == conn->state)) {
       if (type == CONN_TYPE_DIR &&
           TO_DIR_CONN(conn)->rend_data &&
-          (rendversion < 0 ||
-           rendversion == TO_DIR_CONN(conn)->rend_data->rend_desc_version) &&
           !rend_cmp_service_ids(rendquery,
                                 TO_DIR_CONN(conn)->rend_data->onion_address))
         return conn;
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index b350c08..f4585d8 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1675,12 +1675,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
       conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
       log_info(LD_REND, "Unknown descriptor %s. Fetching.",
                safe_str(conn->rend_data->onion_address));
-      /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
-       * arrives first. Exception: When using client authorization, only
-       * fetch v2 descriptors.*/
       rend_client_refetch_v2_renddesc(conn->rend_data);
-      if (conn->rend_data->auth_type == REND_NO_AUTH)
-        rend_client_refetch_renddesc(conn->rend_data->onion_address);
     } else { /* r > 0 */
 /** How long after we receive a hidden service descriptor do we consider
  * it valid? */
@@ -1697,12 +1692,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
         conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
         log_info(LD_REND, "Stale descriptor %s. Refetching.",
                  safe_str(conn->rend_data->onion_address));
-        /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
-         * arrives first. Exception: When using client authorization, only
-         * fetch v2 descriptors.*/
         rend_client_refetch_v2_renddesc(conn->rend_data);
-        if (conn->rend_data->auth_type == REND_NO_AUTH)
-          rend_client_refetch_renddesc(conn->rend_data->onion_address);
       }
     }
     return 0;
diff --git a/src/or/directory.c b/src/or/directory.c
index 082eca2..f20efc1 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1050,31 +1050,10 @@ directory_send_command(dir_connection_t *conn,
       httpcommand = "POST";
       url = tor_strdup("/tor/post/consensus-signature");
       break;
-    case DIR_PURPOSE_FETCH_RENDDESC:
-      tor_assert(resource);
-      tor_assert(!payload);
-
-      /* this must be true or we wouldn't be doing the lookup */
-      tor_assert(strlen(resource) <= REND_SERVICE_ID_LEN_BASE32);
-      /* This breaks the function abstraction. */
-      conn->rend_data = tor_malloc_zero(sizeof(rend_data_t));
-      strlcpy(conn->rend_data->onion_address, resource,
-              sizeof(conn->rend_data->onion_address));
-      conn->rend_data->rend_desc_version = 0;
-
-      httpcommand = "GET";
-      /* Request the most recent versioned descriptor. */
-      // (XXXX We were going to switch this to fetch rendezvous1 descriptors,
-      // but that never got testing, and it wasn't a good design.)
-      len = strlen(resource)+32;
-      url = tor_malloc(len);
-      tor_snprintf(url, len, "/tor/rendezvous/%s", resource);
-      break;
     case DIR_PURPOSE_FETCH_RENDDESC_V2:
       tor_assert(resource);
       tor_assert(strlen(resource) <= REND_DESC_ID_V2_LEN_BASE32);
       tor_assert(!payload);
-      conn->rend_data->rend_desc_version = 2;
       httpcommand = "GET";
       len = strlen(resource) + 32;
       url = tor_malloc(len);
diff --git a/src/or/or.h b/src/or/or.h
index 731cf5e..496165f 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -730,12 +730,6 @@ typedef struct rend_data_t {
 
   /** Rendezvous cookie used by both, client and service. */
   char rend_cookie[REND_COOKIE_LEN];
-
-  /** Rendezvous descriptor version that is used by a service. Used to
-   * distinguish introduction and rendezvous points belonging to the same
-   * rendezvous service ID, but different descriptor versions.
-   */
-  uint8_t rend_desc_version;
 } rend_data_t;
 
 /** Time interval for tracking possible replays of INTRODUCE2 cells.
@@ -4014,7 +4008,6 @@ void rend_client_introcirc_has_opened(origin_circuit_t *circ);
 void rend_client_rendcirc_has_opened(origin_circuit_t *circ);
 int rend_client_introduction_acked(origin_circuit_t *circ, const char *request,
                                    size_t request_len);
-void rend_client_refetch_renddesc(const char *query);
 void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query);
 int rend_client_remove_intro_point(extend_info_t *failed_intro,
                                    const rend_data_t *rend_query);
@@ -4089,10 +4082,6 @@ void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
                              int command, size_t length, const char *payload);
 
 void rend_service_descriptor_free(rend_service_descriptor_t *desc);
-int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
-                                   crypto_pk_env_t *key,
-                                   char **str_out,
-                                   size_t *len_out);
 rend_service_descriptor_t *rend_parse_service_descriptor(const char *str,
                                                          size_t len);
 int rend_get_service_id(crypto_pk_env_t *pk, char *out);
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index fb50e8d..2f41beb 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -63,7 +63,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
   rend_cache_entry_t *entry;
   crypt_path_t *cpath;
   off_t dh_offset;
-  crypto_pk_env_t *intro_key; /* either Bob's public key or an intro key. */
+  crypto_pk_env_t *intro_key = NULL;
 
   tor_assert(introcirc->_base.purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
   tor_assert(rendcirc->_base.purpose == CIRCUIT_PURPOSE_C_REND_READY);
@@ -80,23 +80,19 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
     goto err;
   }
 
-  /* first 20 bytes of payload are the hash of bob's pk */
-  if (entry->parsed->version == 0) { /* unversioned descriptor */
-    intro_key = entry->parsed->pk;
-  } else { /* versioned descriptor */
-    intro_key = NULL;
-    SMARTLIST_FOREACH(entry->parsed->intro_nodes, rend_intro_point_t *,
-                      intro, {
-      if (!memcmp(introcirc->build_state->chosen_exit->identity_digest,
-                  intro->extend_info->identity_digest, DIGEST_LEN)) {
-        intro_key = intro->intro_key;
-        break;
-      }
-    });
-    if (!intro_key) {
-      log_warn(LD_BUG, "Internal error: could not find intro key.");
-      goto err;
+  /* first 20 bytes of payload are the hash of the intro key */
+  intro_key = NULL;
+  SMARTLIST_FOREACH(entry->parsed->intro_nodes, rend_intro_point_t *,
+                    intro, {
+    if (!memcmp(introcirc->build_state->chosen_exit->identity_digest,
+                intro->extend_info->identity_digest, DIGEST_LEN)) {
+      intro_key = intro->intro_key;
+      break;
     }
+  });
+  if (!intro_key) {
+    log_warn(LD_BUG, "Internal error: could not find intro key.");
+    goto err;
   }
   if (crypto_pk_get_digest(intro_key, payload)<0) {
     log_warn(LD_BUG, "Internal error: couldn't hash public key.");
@@ -451,28 +447,6 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
   return 1;
 }
 
-/** If we are not currently fetching a rendezvous service descriptor
- * for the service ID <b>query</b>, start a directory connection to fetch a
- * new one.
- */
-void
-rend_client_refetch_renddesc(const char *query)
-{
-  if (!get_options()->FetchHidServDescriptors)
-    return;
-  log_info(LD_REND, "Fetching rendezvous descriptor for service %s",
-           escaped_safe_str(query));
-  if (connection_get_by_type_state_rendquery(CONN_TYPE_DIR, 0, query, 0)) {
-    log_info(LD_REND,"Would fetch a new renddesc here (for %s), but one is "
-             "already in progress.", escaped_safe_str(query));
-  } else {
-    /* not one already; initiate a dir rend desc lookup */
-    directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC,
-                                 ROUTER_PURPOSE_GENERAL, query,
-                                 PDS_RETRY_IF_NO_SERVERS);
-  }
-}
-
 /** Start a connection to a hidden service directory to fetch a v2
  * rendezvous service descriptor for the base32-encoded service ID
  * <b>query</b>.
@@ -552,12 +526,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
   if (r==0) {
     log_info(LD_REND, "Unknown service %s. Re-fetching descriptor.",
              escaped_safe_str(rend_query->onion_address));
-    /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
-     * arrives first. Exception: When using client authorization, only
-     * fetch v2 descriptors.*/
     rend_client_refetch_v2_renddesc(rend_query);
-    if (rend_query->auth_type == REND_NO_AUTH)
-      rend_client_refetch_renddesc(rend_query->onion_address);
     return 0;
   }
 
@@ -575,12 +544,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
     log_info(LD_REND,
              "No more intro points remain for %s. Re-fetching descriptor.",
              escaped_safe_str(rend_query->onion_address));
-    /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever
-     * arrives first. Exception: When using client authorization, only
-     * fetch v2 descriptors.*/
     rend_client_refetch_v2_renddesc(rend_query);
-    if (rend_query->auth_type == REND_NO_AUTH)
-      rend_client_refetch_renddesc(rend_query->onion_address);
 
     /* move all pending streams back to renddesc_wait */
     while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP,
@@ -696,11 +660,11 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
 
 /** Find all the apconns in state AP_CONN_STATE_RENDDESC_WAIT that
  * are waiting on query. If there's a working cache entry here
- * with at least one intro point, move them to the next state. If
- * <b>rend_version</b> is non-negative, fail connections that have
- * requested <b>query</b> unless there are still descriptor fetch
- * requests in progress for other descriptor versions than
- * <b>rend_version</b>.
+ * with at least one intro point, move them to the next state.
+ * (<b>rend_version</b> was used to keep the connection open when
+ * there were still descriptor fetch requests in progress for other
+ * descriptor versions than <b>rend_version</b>, but this is obsolete
+ * now that we support only version 2.)
  */
 void
 rend_client_desc_trynow(const char *query, int rend_version)
@@ -708,8 +672,9 @@ rend_client_desc_trynow(const char *query, int rend_version)
   edge_connection_t *conn;
   rend_cache_entry_t *entry;
   time_t now = time(NULL);
-
   smartlist_t *conns = get_connection_array();
+  (void) rend_version;
+
   SMARTLIST_FOREACH(conns, connection_t *, _conn,
   {
     if (_conn->type != CONN_TYPE_AP ||
@@ -743,15 +708,9 @@ rend_client_desc_trynow(const char *query, int rend_version)
           connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH);
       }
     } else { /* 404, or fetch didn't get that far */
-      /* Unless there are requests for another descriptor version pending,
-       * close the connection. */
-      if (rend_version >= 0 &&
-          !connection_get_by_type_state_rendquery(CONN_TYPE_DIR, 0, query,
-                                                  rend_version == 0 ? 2 : 0)) {
-        log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
-                   "unavailable (try again later).", safe_str(query));
-        connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED);
-      }
+      log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
+                 "unavailable (try again later).", safe_str(query));
+      connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED);
     }
   });
 }
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index b30e708..d0bed23 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -458,10 +458,9 @@ rend_config_services(or_options_t *options, int validate_only)
         });
         if (keep_it)
           continue;
-        log_info(LD_REND, "Closing intro point %s for service %s version %d.",
+        log_info(LD_REND, "Closing intro point %s for service %s.",
                  safe_str(oc->build_state->chosen_exit->nickname),
-                 oc->rend_data->onion_address,
-                 oc->rend_data->rend_desc_version);
+                 oc->rend_data->onion_address);
         circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
         /* XXXX Is there another reason we should use here? */
       }
@@ -889,8 +888,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
 
   /* look up service depending on circuit. */
   service = rend_service_get_by_pk_digest_and_version(
-              circuit->rend_data->rend_pk_digest,
-              circuit->rend_data->rend_desc_version);
+              circuit->rend_data->rend_pk_digest, -1);
   if (!service) {
     log_warn(LD_REND, "Got an INTRODUCE2 cell for an unrecognized service %s.",
              escaped(serviceid));
@@ -1269,12 +1267,14 @@ rend_service_launch_establish_intro(rend_service_t *service,
 }
 
 /** Return the number of introduction points that are or have been
- * established for the given service address and rendezvous version. */
+ * established for the given service address in <b>query</b>.
+ * (<b>rend_version</b> is ignored.) */
 static int
 count_established_intro_points(const char *query, int rend_version)
 {
   int num_ipos = 0;
   circuit_t *circ;
+  (void) rend_version;
   for (circ = _circuit_get_global_list(); circ; circ = circ->next) {
     if (!circ->marked_for_close &&
         circ->state == CIRCUIT_STATE_OPEN &&
@@ -1282,7 +1282,6 @@ count_established_intro_points(const char *query, int rend_version)
          circ->purpose == CIRCUIT_PURPOSE_S_INTRO)) {
       origin_circuit_t *oc = TO_ORIGIN_CIRCUIT(circ);
       if (oc->rend_data &&
-          oc->rend_data->rend_desc_version == rend_version &&
           !rend_cmp_service_ids(query, oc->rend_data->onion_address))
         num_ipos++;
     }
@@ -1313,8 +1312,7 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
                 circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN);
 
   service = rend_service_get_by_pk_digest_and_version(
-              circuit->rend_data->rend_pk_digest,
-              circuit->rend_data->rend_desc_version);
+              circuit->rend_data->rend_pk_digest, -1);
   if (!service) {
     log_warn(LD_REND, "Unrecognized service ID %s on introduction circuit %d.",
              serviceid, circuit->_base.n_circ_id);
@@ -1324,8 +1322,7 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
 
   /* If we already have enough introduction circuits for this service,
    * redefine this one as a general circuit. */
-  if (count_established_intro_points(serviceid,
-          circuit->rend_data->rend_desc_version) > NUM_INTRO_POINTS) {
+  if (count_established_intro_points(serviceid, -1) > NUM_INTRO_POINTS) {
     log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
              "circuit, but we already have enough. Redefining purpose to "
              "general.");
@@ -1399,8 +1396,7 @@ rend_service_intro_established(origin_circuit_t *circuit, const char *request,
   }
   tor_assert(circuit->rend_data);
   service = rend_service_get_by_pk_digest_and_version(
-              circuit->rend_data->rend_pk_digest,
-              circuit->rend_data->rend_desc_version);
+              circuit->rend_data->rend_pk_digest, -1);
   if (!service) {
     log_warn(LD_REND, "Unknown service on introduction circuit %d.",
              circuit->_base.n_circ_id);
@@ -1451,8 +1447,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit)
            circuit->_base.n_circ_id, hexcookie, serviceid);
 
   service = rend_service_get_by_pk_digest_and_version(
-              circuit->rend_data->rend_pk_digest,
-              circuit->rend_data->rend_desc_version);
+              circuit->rend_data->rend_pk_digest, -1);
   if (!service) {
     log_warn(LD_GENERAL, "Internal error: unrecognized service ID on "
              "introduction circuit.");
@@ -1508,23 +1503,23 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit)
  */
 
 /** Return the (possibly non-open) introduction circuit ending at
- * <b>intro</b> for the service whose public key is <b>pk_digest</b> and
- * which publishes descriptor of version <b>desc_version</b>.  Return
- * NULL if no such service is found.
+ * <b>intro</b> for the service whose public key is <b>pk_digest</b>.
+ * (<b>desc_version</b> is ignored). Return NULL if no such service is
+ * found.
  */
 static origin_circuit_t *
 find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest,
                    int desc_version)
 {
   origin_circuit_t *circ = NULL;
+  (void) desc_version;
 
   tor_assert(intro);
   while ((circ = circuit_get_next_by_pk_and_purpose(circ,pk_digest,
                                                   CIRCUIT_PURPOSE_S_INTRO))) {
     if (!memcmp(circ->build_state->chosen_exit->identity_digest,
                 intro->extend_info->identity_digest, DIGEST_LEN) &&
-        circ->rend_data &&
-        circ->rend_data->rend_desc_version == desc_version) {
+        circ->rend_data) {
       return circ;
     }
   }
@@ -1534,8 +1529,7 @@ find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest,
                                         CIRCUIT_PURPOSE_S_ESTABLISH_INTRO))) {
     if (!memcmp(circ->build_state->chosen_exit->identity_digest,
                 intro->extend_info->identity_digest, DIGEST_LEN) &&
-        circ->rend_data &&
-        circ->rend_data->rend_desc_version == desc_version) {
+        circ->rend_data) {
       return circ;
     }
   }
@@ -1998,8 +1992,7 @@ rend_service_set_connection_addr_port(edge_connection_t *conn,
   base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
                 circ->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN);
   service = rend_service_get_by_pk_digest_and_version(
-                circ->rend_data->rend_pk_digest,
-                circ->rend_data->rend_desc_version);
+                circ->rend_data->rend_pk_digest, -1);
   if (!service) {
     log_warn(LD_REND, "Couldn't find any service associated with pk %s on "
              "rendezvous circuit %d; closing.",
-- 
1.5.6.5