[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #9729 [Tor]: Make bridges publish additional ORPort addresses in their descriptor



#9729: Make bridges publish additional ORPort addresses in their descriptor
----------------------------+----------------------------------------------
     Reporter:  sqrt2       |      Owner:
         Type:              |     Status:  needs_revision
  enhancement               |  Milestone:
     Priority:  normal      |    Version:  Tor: 0.2.5.1-alpha
    Component:  Tor         |   Keywords:  ORPort bridge multiple addresses
   Resolution:              |  Parent ID:
Actual Points:              |
       Points:              |
----------------------------+----------------------------------------------

Comment (by sqrt2):

 I have updated the attached patch to a version that I believe to be
 working properly. I've also written an explanation of the bigger changes
 in this patch to hopefully make understanding what it does easier:

 First, if we consider tor to possibly have multiple OR listener addresses,
 when detecting addresses on an interface, we must be able to return
 multiple addresses. Therefore, we modify get_interface_address6() to
 return a smartlist_t. Now, during configuration, we must take into account
 that not any routable IP address on an interface is in fact a good address
 to use. For this,
 we add find_good_addr_from_list(), that from the addresses returned from
 get_interface_address6() will pick one, preferring addresses that the user
 has explicitly configured for our puropse. (For this, resolve_my_address()
 has gained a parameter "listener_type".)

 We must now take care of the fact that get_interface_address6() is also
 used by client_check_address_changed() to find if a client needs to rekey
 because its address has changed. Because depending on the operating system
 to always return interface addresses in the same order seems like asking
 for trouble, we need a mechanism to return an interface address that only
 changes if we can't use the previous one anymore (the interface isn't
 configured with this address anymore). This mechanism is
 get_stable_interface_address6().

 We also modify test_addr.c to make it compile with the new
 get_interface_address6().

 The address found by resolve_my_address() ends up as our main IPv4
 address. To maintain compatibility with existing IPv6 code, we also need
 to find a main IPv6 address to put into routerinfo_t.ipv6_addr. This code
 is now in router_get_main_ipv6_listener_address(). Together, these can be
 queried in router_get_main_listener_address_by_af().

 Sometimes, we need to find our OR listener port and don't have a
 routerinfo_t to look it up. Previously, we would just iterate through open
 connections in router_get_active_listener_port_by_type_af(). However in
 the presence of multiple listeners per address family, we need to also
 specify the exact listener address to do this in a stable manner. As the
 old function only gets called in situations where we also know the
 listener address, this function is now
 router_get_active_listener_port_by_addr_type_af() and associated functions
 have been changed accordingly.

 Finally, we add a smartlist_t *more_or_listeners to routerinfo_t and, if
 we are a bridge, populate it with all the additional addresses in
 router_rebuild_descriptor(). We modify router_dump_router_to_string() and
 router_parse_entry_from_string() to include these additional addresses. We
 also adapt various other functions concerned with querying a router for
 addresses or ports.

 We want the bridge authorities to test the reachability of these
 additional addresses. For this purpose, we modify
 dirserv_single_reachability_test() to test at most 7 additional addresses
 (in order not to overload the bridge authorities).

 Because we're checking multiple addresses for reachability now, we need to
 keep track of reachability for each address separately. For this, we add a
 struct addr_reachability_t that contains a tor_addr_port_t and the time we
 could reach this address/port last. The last_reachble and last_reachble6
 fields of node_t are replaced by a smartlist_t *last_reachable. To manage
 this new field, we add node_set_last_reachability() and
 node_get_af_last_reachability(), and node_af_reachable_since() with helper
 functions addr_replied(), all_listeners_replied(). Finally, we modify
 various functions in dirserv.c to make use of this new API.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9729#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs