[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9729 [Tor]: Make bridges publish additional ORPort addresses in their descriptor
#9729: Make bridges publish additional ORPort addresses in their descriptor
----------------------------+----------------------------------------------
Reporter: sqrt2 | Owner:
Type: | Status: needs_revision
enhancement | Milestone:
Priority: normal | Version: Tor: 0.2.5.1-alpha
Component: Tor | Keywords: ORPort bridge multiple addresses
Resolution: | Parent ID:
Actual Points: |
Points: |
----------------------------+----------------------------------------------
Comment (by sqrt2):
I have updated the attached patch to a version that I believe to be
working properly. I've also written an explanation of the bigger changes
in this patch to hopefully make understanding what it does easier:
First, if we consider tor to possibly have multiple OR listener addresses,
when detecting addresses on an interface, we must be able to return
multiple addresses. Therefore, we modify get_interface_address6() to
return a smartlist_t. Now, during configuration, we must take into account
that not any routable IP address on an interface is in fact a good address
to use. For this,
we add find_good_addr_from_list(), that from the addresses returned from
get_interface_address6() will pick one, preferring addresses that the user
has explicitly configured for our puropse. (For this, resolve_my_address()
has gained a parameter "listener_type".)
We must now take care of the fact that get_interface_address6() is also
used by client_check_address_changed() to find if a client needs to rekey
because its address has changed. Because depending on the operating system
to always return interface addresses in the same order seems like asking
for trouble, we need a mechanism to return an interface address that only
changes if we can't use the previous one anymore (the interface isn't
configured with this address anymore). This mechanism is
get_stable_interface_address6().
We also modify test_addr.c to make it compile with the new
get_interface_address6().
The address found by resolve_my_address() ends up as our main IPv4
address. To maintain compatibility with existing IPv6 code, we also need
to find a main IPv6 address to put into routerinfo_t.ipv6_addr. This code
is now in router_get_main_ipv6_listener_address(). Together, these can be
queried in router_get_main_listener_address_by_af().
Sometimes, we need to find our OR listener port and don't have a
routerinfo_t to look it up. Previously, we would just iterate through open
connections in router_get_active_listener_port_by_type_af(). However in
the presence of multiple listeners per address family, we need to also
specify the exact listener address to do this in a stable manner. As the
old function only gets called in situations where we also know the
listener address, this function is now
router_get_active_listener_port_by_addr_type_af() and associated functions
have been changed accordingly.
Finally, we add a smartlist_t *more_or_listeners to routerinfo_t and, if
we are a bridge, populate it with all the additional addresses in
router_rebuild_descriptor(). We modify router_dump_router_to_string() and
router_parse_entry_from_string() to include these additional addresses. We
also adapt various other functions concerned with querying a router for
addresses or ports.
We want the bridge authorities to test the reachability of these
additional addresses. For this purpose, we modify
dirserv_single_reachability_test() to test at most 7 additional addresses
(in order not to overload the bridge authorities).
Because we're checking multiple addresses for reachability now, we need to
keep track of reachability for each address separately. For this, we add a
struct addr_reachability_t that contains a tor_addr_port_t and the time we
could reach this address/port last. The last_reachble and last_reachble6
fields of node_t are replaced by a smartlist_t *last_reachable. To manage
this new field, we add node_set_last_reachability() and
node_get_af_last_reachability(), and node_af_reachable_since() with helper
functions addr_replied(), all_listeners_replied(). Finally, we modify
various functions in dirserv.c to make use of this new API.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9729#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs