[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Implement exit enclaves: if we know an IP address for the d...
Update of /home2/or/cvsroot/tor/src/or
In directory moria:/home/arma/work/onion/cvs/tor/src/or
Modified Files:
circuitbuild.c circuituse.c connection_edge.c control.c or.h
routerlist.c
Log Message:
Implement exit enclaves: if we know an IP address for the destination,
and there's a running Tor server at that address which allows exit to
the destination, then extend the circuit to that exit first.
Also, if the user asks for a .exit node, cannibalize general circs for it.
Index: circuitbuild.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/circuitbuild.c,v
retrieving revision 1.134
retrieving revision 1.135
diff -u -d -r1.134 -r1.135
--- circuitbuild.c 12 Aug 2005 17:24:53 -0000 1.134
+++ circuitbuild.c 15 Aug 2005 03:25:39 -0000 1.135
@@ -1168,7 +1168,7 @@
router = smartlist_get(dir->routers, i);
if (n_supported[i] != -1 &&
(try || router_handles_some_port(router, needed_ports))) {
- log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.", try, router->nickname);
+// log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.", try, router->nickname);
smartlist_add(sl, router);
}
}
Index: circuituse.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/circuituse.c,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -d -r1.79 -r1.80
--- circuituse.c 13 Aug 2005 00:22:06 -0000 1.79
+++ circuituse.c 15 Aug 2005 03:25:39 -0000 1.80
@@ -749,7 +749,7 @@
return NULL;
}
- if (purpose != CIRCUIT_PURPOSE_C_GENERAL &&
+ if ((info || purpose != CIRCUIT_PURPOSE_C_GENERAL) &&
purpose != CIRCUIT_PURPOSE_TESTING) {
/* see if there are appropriate circs available to cannibalize. */
if ((circ = circuit_get_clean_open(CIRCUIT_PURPOSE_C_GENERAL, need_uptime,
@@ -768,6 +768,7 @@
break;
case CIRCUIT_PURPOSE_C_INTRODUCING:
case CIRCUIT_PURPOSE_S_CONNECT_REND:
+ case CIRCUIT_PURPOSE_C_GENERAL:
/* need to add a new hop */
tor_assert(info);
if (circuit_extend_to_new_exit(circ, info) < 0)
Index: connection_edge.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/connection_edge.c,v
retrieving revision 1.339
retrieving revision 1.340
diff -u -d -r1.339 -r1.340
--- connection_edge.c 8 Aug 2005 21:58:48 -0000 1.339
+++ connection_edge.c 15 Aug 2005 03:25:39 -0000 1.340
@@ -1009,7 +1009,7 @@
return -1;
}
if (tor_inet_aton(socks->address, &in)) { /* see if it's an IP already */
- answer = in.s_addr;
+ answer = in.s_addr; /* leave it in network order */
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
(char*)&answer);
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
@@ -1023,20 +1023,34 @@
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
+
+ if (!conn->chosen_exit_name) {
+ /* see if we can find a suitable enclave exit */
+ routerinfo_t *r =
+ router_find_exact_exit_enclave(socks->address, socks->port);
+ if (r) {
+ log_fn(LOG_INFO,"Redirecting address %s to exit at enclave router %s",
+ safe_str(socks->address), r->nickname);
+ /* use the hex digest, not nickname, in case there are two
+ routers with this nickname */
+ conn->chosen_exit_name =
+ tor_strdup(hex_str(r->identity_digest, DIGEST_LEN));
+ }
+ }
+
rep_hist_note_used_port(socks->port, time(NULL)); /* help predict this next time */
control_event_stream_status(conn, STREAM_EVENT_NEW);
}
- if (! get_options()->LeaveStreamsUnattached) {
+ if (get_options()->LeaveStreamsUnattached) {
+ conn->state = AP_CONN_STATE_CONTROLLER_WAIT;
+ } else {
conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
if (connection_ap_handshake_attach_circuit(conn) < 0) {
connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH);
return -1;
}
- return 0;
- } else {
- conn->state = AP_CONN_STATE_CONTROLLER_WAIT;
- return 0;
}
+ return 0;
} else {
/* it's a hidden-service request */
rend_cache_entry_t *entry;
Index: control.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/control.c,v
retrieving revision 1.120
retrieving revision 1.121
diff -u -d -r1.120 -r1.121
--- control.c 13 Aug 2005 02:20:00 -0000 1.120
+++ control.c 15 Aug 2005 03:25:39 -0000 1.121
@@ -2300,6 +2300,7 @@
(unsigned long)conn->global_identifier, status,
circ?(unsigned long)circ->global_identifier : 0ul,
buf);
+ /* XXX need to specify its intended exit, etc? */
}
return 0;
}
Index: or.h
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.643
retrieving revision 1.644
diff -u -d -r1.643 -r1.644
--- or.h 13 Aug 2005 02:20:00 -0000 1.643
+++ or.h 15 Aug 2005 03:25:39 -0000 1.644
@@ -626,7 +626,7 @@
char identity_digest[DIGEST_LEN]; /**< Hash of identity_pkey */
char *nickname; /**< Nickname of OR on other side (if any). */
- /** Nickname of planned exit node -- to be used with .exit support. */
+ /** Nickname of planned exit node -- used with .exit support. */
char *chosen_exit_name;
/* Used only by OR connections: */
@@ -1952,6 +1952,7 @@
#define ROUTER_REQUIRED_MIN_UPTIME (24*3600) /* a day */
#define ROUTER_REQUIRED_MIN_BANDWIDTH 10000
+routerinfo_t *router_find_exact_exit_enclave(const char *address, uint16_t port);
int router_is_unreliable(routerinfo_t *router, int need_uptime, int need_capacity);
routerinfo_t *routerlist_sl_choose_by_bandwidth(smartlist_t *sl);
routerinfo_t *router_choose_random_node(const char *preferred,
Index: routerlist.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/routerlist.c,v
retrieving revision 1.248
retrieving revision 1.249
diff -u -d -r1.248 -r1.249
--- routerlist.c 12 Aug 2005 00:34:50 -0000 1.248
+++ routerlist.c 15 Aug 2005 03:25:40 -0000 1.249
@@ -433,6 +433,37 @@
return NULL;
}
+/** Find a router that's up, that has this IP address, and
+ * that allows exit to this address:port, or return NULL if there
+ * isn't a good one.
+ */
+routerinfo_t *
+router_find_exact_exit_enclave(const char *address, uint16_t port) {
+ int i;
+ routerinfo_t *router;
+ uint32_t addr;
+ struct in_addr in;
+
+ if (!tor_inet_aton(address, &in))
+ return NULL; /* it's not an IP already */
+ addr = ntohl(in.s_addr);
+
+ for (i=0;i < smartlist_len(routerlist->routers); i++) {
+ router = smartlist_get(routerlist->routers, i);
+ log_fn(LOG_DEBUG,"Considering %s: %d, %u==%u, %d.",
+ router->nickname,
+ router->is_running,
+ router->addr, addr,
+ router_compare_addr_to_addr_policy(addr, port, router->exit_policy));
+ if (router->is_running &&
+ router->addr == addr &&
+ router_compare_addr_to_addr_policy(addr, port, router->exit_policy) ==
+ ADDR_POLICY_ACCEPTED)
+ return router;
+ }
+ return NULL;
+}
+
/** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
* If <b>need_uptime</b> is non-zero, we require a minimum uptime.
* If <b>need_capacity</b> is non-zero, we require a minimum advertised