[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r10545: Be clearer on the various roles for auth dir types. Bridge a (in tor/trunk: doc src/or)
Author: arma
Date: 2007-06-09 03:05:19 -0400 (Sat, 09 Jun 2007)
New Revision: 10545
Modified:
tor/trunk/doc/TODO
tor/trunk/src/or/config.c
tor/trunk/src/or/connection_or.c
tor/trunk/src/or/directory.c
tor/trunk/src/or/dirserv.c
tor/trunk/src/or/main.c
tor/trunk/src/or/or.h
tor/trunk/src/or/router.c
Log:
Be clearer on the various roles for auth dir types.
Bridge authorities no longer write bridge descriptors to their
cached-routers file -- this gets complex because of extrainfo documents.
Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/doc/TODO 2007-06-09 07:05:19 UTC (rev 10545)
@@ -87,7 +87,7 @@
- While we're at it, let v3 authorities have fqdns lines.
- Start caching consensus documents once authorities make them
- Start downloading and using consensus documents once caches serve them
- . 104: Long and Short Router Descriptors (by Jun 1)
+ . 104: Long and Short Router Descriptors
. Finalize proposal
o Implement parsing for extra-info documents
o Have routers generate extra-info documents.
@@ -102,7 +102,7 @@
o Implement option to download and cache extra-info documents.
o Improve the 'retry' logic on extra-info documents.
- Drop bandwidth history from router-descriptors
- - 105: Version negotiation for the Tor protocol (finalize by Jun 1)
+ - 105: Version negotiation for the Tor protocol
- 108: Base "Stable" Flag on Mean Time Between Failures
- 109: No more than one server per IP address
o 103: Splitting identity key from regularly used signing key
@@ -194,7 +194,7 @@
networkstatus generation; eliminate duplicate code.
- Include "v" line in getinfo values.
- Features:
- - Traffic priorities (by Jun 1)
+ - Traffic priorities
- Ability to prioritize own traffic over relayed traffic.
o Implement a DNS proxy
o Make a listener type.
@@ -208,13 +208,13 @@
- A better UI for authority ops.
- Follow weasel's proposal, crossed with mixminion dir config format
- Write a proposal
- - Bridges users (rudimentary version) (By Jun 1)
- - Ability to specify bridges manually
- D cache of bridges that we've learned about and use but aren't
+ - Bridges users (rudimentary version)
+ o Ability to specify bridges manually
+ - cache of bridges that we've learned about and use but aren't
manually listed in the torrc.
D and some mechanism for specifying that we want to stop using
a given bridge in this cache.
- - Config option 'UseBridges' that bridge users can turn on.
+ . Config option 'UseBridges' that bridge users can turn on.
- uses bridges as first hop rather than entry guards.
D Do we want to maintain our own set of entryguards that we use
after the bridge? Open research question; let's say no for 0.2.0
@@ -223,20 +223,22 @@
N - Design/implement the "local-status" or something like it, from the
"Descriptor purposes: how to tell them apart" section of
http://archives.seul.org/or/dev/May-2007/msg00008.html
- - Bridges operators (rudimentary version) (By Jun 1)
+ - Bridges operators (rudimentary version)
- Ability to act as dir cache without a dir port.
- - Bridges publish to bridge authorities
+ o Bridges publish to bridge authorities
- Fix BEGIN_DIR so that you connect to bridge of which you only
know IP (and optionally fingerprint), and then use BEGIN_DIR to learn
more about it.
- - Bridges authorities (rudimentary version) (By Jun 1)
- - Rudimentary "do not publish networkstatus" option for bridge
+ - Bridges authorities (rudimentary version)
+ o Rudimentary "do not publish networkstatus" option for bridge
authorities.
- Clients can ask bridge authorities for more bridges.
- - Bridges (not necessarily by Jun 1)
+ D Should do reachability testing but only on the purpose==bridge
+ descriptors we have.
+ - Bridges
- Clients can ask bridge authorities for updates on known bridges.
- More TLS normalization work: make Tor less easily
- fingerprinted. (Researched by Jun 1)
+ fingerprinted.
- Directory system improvements
- config option to publish what ports you listen on, beyond
ORPort/DirPort. It should support ranges and bit prefixes (?) too.
@@ -266,7 +268,7 @@
- can we deprecate 'getinfo network-status'?
- can we deprecate the FastFirstHopPK config option?
P - Packaging:
-P - Can we switch to polipo? (Jun 1)
+P - Can we switch to polipo?
P - If we haven't replaced privoxy, lock down its configuration in all
packages, as documented in tor-doc-unix.html
P - Figure out why dll's compiled in mingw don't work right in WinXP.
Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/config.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -3713,7 +3713,8 @@
fingerprint = smartlist_join_strings(items, "", 0, NULL);
if (strlen(fingerprint) != HEX_DIGEST_LEN) {
- log_warn(LD_CONFIG, "Key digest for DirServer is wrong length.");
+ log_warn(LD_CONFIG, "Key digest for DirServer is wrong length %d.",
+ (int)strlen(fingerprint));
goto err;
}
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
Modified: tor/trunk/src/or/connection_or.c
===================================================================
--- tor/trunk/src/or/connection_or.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/connection_or.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -676,7 +676,7 @@
END_OR_CONN_REASON_OR_IDENTITY);
as_advertised = 0;
}
- if (authdir_mode_handles_descs(options)) {
+ if (authdir_mode_tests_reachability(options)) {
/* We initiated this connection to address:port. Drop all routers
* with the same address:port and a different key.
*/
Modified: tor/trunk/src/or/directory.c
===================================================================
--- tor/trunk/src/or/directory.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/directory.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -1997,7 +1997,9 @@
if (authdir_mode_handles_descs(options) &&
!strcmp(url,"/tor/")) { /* server descriptor post */
const char *msg = NULL;
- int r = dirserv_add_multiple_descriptors(body, &msg);
+ uint8_t purpose = authdir_mode_bridge(options) ?
+ ROUTER_PURPOSE_CONTROLLER : ROUTER_PURPOSE_GENERAL;
+ int r = dirserv_add_multiple_descriptors(body, purpose, &msg);
tor_assert(msg);
if (r > 0)
dirserv_get_directory(); /* rebuild and write to disk */
Modified: tor/trunk/src/or/dirserv.c
===================================================================
--- tor/trunk/src/or/dirserv.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/dirserv.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -515,7 +515,8 @@
/** As for dirserv_add_descriptor, but accepts multiple documents, and
* returns the most severe error that occurred for any one of them. */
int
-dirserv_add_multiple_descriptors(const char *desc, const char **msg)
+dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose,
+ const char **msg)
{
int r=100; /* higher than any actual return value. */
int r_tmp;
@@ -530,6 +531,17 @@
if (!router_parse_list_from_string(&s, NULL, list, SAVED_NOWHERE, 0)) {
SMARTLIST_FOREACH(list, routerinfo_t *, ri, {
msg_out = NULL;
+
+ /* Assign the purpose.
+ * XXX020 Perhaps this should get pushed into
+ * router_parse_list_from_string()? Also, tie it somehow into
+ * router_load_single_router()? Lastly, does extrainfo_t want
+ * a purpose field too, or can we just piggyback off the one
+ * in routerinfo_t? */
+ ri->purpose = purpose;
+ if (purpose != ROUTER_PURPOSE_GENERAL)
+ ri->cache_info.do_not_cache = 1;
+
r_tmp = dirserv_add_descriptor(ri, &msg_out);
if (r_tmp < r) {
r = r_tmp;
@@ -544,6 +556,11 @@
if (!router_parse_list_from_string(&s, NULL, list, SAVED_NOWHERE, 1)) {
SMARTLIST_FOREACH(list, extrainfo_t *, ei, {
msg_out = NULL;
+
+ /* XXX020 see above note on purpose fields */
+ if (purpose != ROUTER_PURPOSE_GENERAL)
+ ei->cache_info.do_not_cache = 1;
+
r_tmp = dirserv_add_extrainfo(ei, &msg_out);
if (r_tmp < r) {
r = r_tmp;
@@ -842,7 +859,7 @@
or_options_t *options = get_options();
/* We include v2 dir auths here too, because they need to answer
* controllers. Eventually we'll deprecate this whole function. */
- int authdir = authdir_mode_handles_descs(options);
+ int authdir = authdir_mode_publishes_statuses(options);
tor_assert(router_status_out);
rs_entries = smartlist_create();
@@ -1260,8 +1277,9 @@
or_options_t *options = get_options();
int authority = (auth_type == V1_AUTHORITY && authdir_mode_v1(options)) ||
(auth_type == V2_AUTHORITY && authdir_mode_v2(options));
+ /* XXX020 eventually use authdir_mode_publishes_statuses() here */
- if (!authority || authdir_mode_bridge(options)) { /* XXX020 */
+ if (!authority || authdir_mode_bridge(options)) {
return cache_src;
} else {
/* We're authoritative. */
Modified: tor/trunk/src/or/main.c
===================================================================
--- tor/trunk/src/or/main.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/main.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -916,7 +916,7 @@
if (accounting_is_enabled(options))
accounting_run_housekeeping(now);
- if (now % 10 == 0 && (authdir_mode_handles_descs(options)) &&
+ if (now % 10 == 0 && (authdir_mode_tests_reachability(options)) &&
!we_are_hibernating()) {
/* try to determine reachability of the other Tor servers */
dirserv_test_reachability(0);
@@ -1329,7 +1329,7 @@
}
directory_info_has_arrived(time(NULL),1);
- if (authdir_mode_handles_descs(get_options())) {
+ if (authdir_mode_tests_reachability(get_options())) {
/* the directory is already here, run startup things */
dirserv_test_reachability(1);
}
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/or.h 2007-06-09 07:05:19 UTC (rev 10545)
@@ -2684,7 +2684,8 @@
int dirserv_load_fingerprint_file(void);
void dirserv_free_fingerprint_list(void);
const char *dirserv_get_nickname_by_digest(const char *digest);
-int dirserv_add_multiple_descriptors(const char *desc, const char **msg);
+int dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose,
+ const char **msg);
int dirserv_add_descriptor(routerinfo_t *ri, const char **msg);
int getinfo_helper_dirserv_unregistered(control_connection_t *conn,
const char *question, char **answer);
@@ -3127,6 +3128,8 @@
int authdir_mode_v1(or_options_t *options);
int authdir_mode_v2(or_options_t *options);
int authdir_mode_handles_descs(or_options_t *options);
+int authdir_mode_publishes_statuses(or_options_t *options);
+int authdir_mode_tests_reachability(or_options_t *options);
int authdir_mode_bridge(or_options_t *options);
int clique_mode(or_options_t *options);
int server_mode(or_options_t *options);
Modified: tor/trunk/src/or/router.c
===================================================================
--- tor/trunk/src/or/router.c 2007-06-09 05:28:11 UTC (rev 10544)
+++ tor/trunk/src/or/router.c 2007-06-09 07:05:19 UTC (rev 10545)
@@ -714,14 +714,32 @@
return authdir_mode(options) && options->V2AuthoritativeDir != 0;
}
/** Return true iff we are an authoritative directory server that
- * handles descriptors -- including receiving posts, creating directories,
- * and testing reachability.
+ * is willing to receive or serve descriptors on its dirport.
*/
int
authdir_mode_handles_descs(or_options_t *options)
{
+ return authdir_mode_v1(options) || authdir_mode_v2(options) ||
+ authdir_mode_bridge(options);
+}
+/** Return true iff we are an authoritative directory server that
+ * publishes its own network statuses.
+ */
+int
+authdir_mode_publishes_statuses(or_options_t *options)
+{
+ if (authdir_mode_bridge(options))
+ return 0;
return authdir_mode_v1(options) || authdir_mode_v2(options);
}
+/** Return true iff we are an authoritative directory server that
+ * tests reachability of the descriptors it learns about.
+ */
+int
+authdir_mode_tests_reachability(or_options_t *options)
+{
+ return authdir_mode_v1(options) || authdir_mode_v2(options);
+}
/** Return true iff we believe ourselves to be a bridge authoritative
* directory server.
*/
@@ -735,7 +753,7 @@
int
clique_mode(or_options_t *options)
{
- return authdir_mode_handles_descs(options);
+ return authdir_mode_tests_reachability(options);
}
/** Return true iff we are trying to be a server.