[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Remove descriptors that are older than 24 hours from the di...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] Remove descriptors that are older than 24 hours from the di...
- From: nickm@seul.org (Nick Mathewson)
- Date: Mon, 29 Mar 2004 14:28:18 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Mon, 29 Mar 2004 14:28:41 -0500
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv14894/src/or
Modified Files:
dirserv.c main.c or.h
Log Message:
Remove descriptors that are older than 24 hours from the directory. Use strlcat instead of strncat to generate directories.
Index: dirserv.c
===================================================================
RCS file: /home/or/cvsroot/src/or/dirserv.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -d -r1.29 -r1.30
--- dirserv.c 14 Mar 2004 22:47:11 -0000 1.29
+++ dirserv.c 29 Mar 2004 19:28:15 -0000 1.30
@@ -4,6 +4,9 @@
#include "or.h"
+/* How old do we allow a router to get before removing it? (seconds) */
+#define ROUTER_MAX_AGE (60*60*24)
+
/* How far in the future do we allow a router to get? (seconds) */
#define ROUTER_ALLOW_SKEW (30*60)
@@ -199,6 +202,7 @@
char *desc_tmp = NULL;
const char *cp;
size_t desc_len;
+ time_t now;
start = strstr(*desc, "router ");
if (!start) {
@@ -242,12 +246,20 @@
return 0;
}
/* Is there too much clock skew? */
- if (ri->published_on > time(NULL)+ROUTER_ALLOW_SKEW) {
+ now = time(NULL);
+ if (ri->published_on > now+ROUTER_ALLOW_SKEW) {
log_fn(LOG_WARN, "Publication time for nickname %s is too far in the future; possible clock skew. Not adding", ri->nickname);
routerinfo_free(ri);
*desc = end;
return -1;
}
+ if (ri->published_on < now-ROUTER_MAX_AGE) {
+ log_fn(LOG_WARN, "Publication time for router with nickanem %s is too far in the past. Not adding", ri->nickname);
+ routerinfo_free(ri);
+ *desc = end;
+ return -1;
+ }
+
/* Do we already have an entry for this router? */
desc_ent_ptr = NULL;
for (i = 0; i < n_descriptors; ++i) {
@@ -348,6 +360,31 @@
return 0;
}
+/* Remove any descriptors from the directory that are more than ROUTER_MAX_AGE
+ * seconds old.
+ */
+void
+dirserv_remove_old_servers(void)
+{
+ int i;
+ time_t cutoff;
+ cutoff = time(NULL) - ROUTER_MAX_AGE;
+ for (i = 0; i < n_descriptors; ++i) {
+ if (descriptor_list[i]->published < cutoff) {
+ /* descriptor_list[i] is too old. Remove it. */
+ free_descriptor_entry(descriptor_list[i]);
+ descriptor_list[i] = descriptor_list[n_descriptors-1];
+ --n_descriptors;
+ directory_set_dirty();
+ --i; /* Don't advance the index; consider the new value now at i. */
+ }
+ }
+}
+
+/* Dump all routers currently in the directory into the string <s>, using
+ * at most <maxlen> characters, and signing the directory with <private_key>.
+ * Return 0 on success, -1 on failure.
+ */
int
dirserv_dump_directory_to_string(char *s, int maxlen,
crypto_pk_env_t *private_key)
@@ -362,6 +399,7 @@
if (list_running_servers(&cp))
return -1;
+ dirserv_remove_old_servers();
published_on = time(NULL);
strftime(published, 32, "%Y-%m-%d %H:%M:%S", gmtime(&published_on));
snprintf(s, maxlen,
@@ -374,18 +412,14 @@
cp = s+i;
for (i = 0; i < n_descriptors; ++i) {
- strncat(cp, descriptor_list[i]->descriptor, descriptor_list[i]->desc_len);
- /* XXX Nick: do strncat and friends null-terminate? man page is ambiguous. */
- cp += descriptor_list[i]->desc_len;
- assert(!*cp);
+ if (strlcat(s, descriptor_list[i]->descriptor, maxlen) >= maxlen)
+ goto truncated;
}
- /* These multiple strlen calls are inefficient, but dwarfed by the RSA
+ /* These multiple strlcat calls are inefficient, but dwarfed by the RSA
signature.
*/
- i = strlen(s);
- strncat(s, "directory-signature\n", maxlen-i);
- i = strlen(s);
- cp = s + i;
+ if (strlcat(s, "directory-signature\n", maxlen) >= maxlen)
+ goto truncated;
if (router_get_dir_hash(s,digest)) {
log_fn(LOG_WARN,"couldn't compute digest");
@@ -399,8 +433,8 @@
((int)digest[0])&0xff,((int)digest[1])&0xff,
((int)digest[2])&0xff,((int)digest[3])&0xff);
- strncpy(cp, "-----BEGIN SIGNATURE-----\n", maxlen-i);
- cp[maxlen-i-1] = 0;
+ if (strlcat(cp, "-----BEGIN SIGNATURE-----\n", maxlen) >= maxlen)
+ goto truncated;
i = strlen(s);
cp = s+i;
@@ -409,16 +443,13 @@
return -1;
}
- i = strlen(s);
- cp = s+i;
- strncat(cp, "-----END SIGNATURE-----\n", maxlen-i);
- i = strlen(s);
- if (i == maxlen) {
- log_fn(LOG_WARN,"tried to exceed string length.");
- return -1;
- }
+ if (strlcat(s, "-----END SIGNATURE-----\n", maxlen) >= maxlen)
+ goto truncated;
return 0;
+ truncated:
+ log_fn(LOG_WARN,"tried to exceed string length.");
+ return -1;
}
static char *the_directory = NULL;
Index: main.c
===================================================================
RCS file: /home/or/cvsroot/src/or/main.c,v
retrieving revision 1.209
retrieving revision 1.210
diff -u -d -r1.209 -r1.210
--- main.c 28 Mar 2004 21:14:05 -0000 1.209
+++ main.c 29 Mar 2004 19:28:16 -0000 1.210
@@ -330,6 +330,9 @@
* Hope this doesn't bite us later. */
directory_initiate_command(router_pick_directory_server(),
DIR_CONN_STATE_CONNECTING_FETCH);
+ } else {
+ /* We're a directory; dump any old descriptors. */
+ dirserv_remove_old_servers();
}
time_to_fetch_directory = now + options.DirFetchPostPeriod;
}
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.258
retrieving revision 1.259
diff -u -d -r1.258 -r1.259
--- or.h 28 Mar 2004 04:54:36 -0000 1.258
+++ or.h 29 Mar 2004 19:28:16 -0000 1.259
@@ -905,8 +905,9 @@
void dirserv_free_descriptors();
int dirserv_dump_directory_to_string(char *s, int maxlen,
crypto_pk_env_t *private_key);
-void directory_set_dirty();
+void directory_set_dirty(void);
size_t dirserv_get_directory(const char **cp);
+void dirserv_remove_old_servers(void);
/********************************* rephist.c ***************************/