search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New, more flexible directory parsing backend. Uses a bit more RAM, but implements...
[tor.git] / src / or / dirserv.c
blob69446d6b74094d1abadee4b0c240f2bea39898f0
1 /* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
2 /* See LICENSE for licensing information */
3 /* $Id$ */
4
5 #include "or.h"
6
7 /* How far in the future do we allow a router to get? (seconds) */
8 #define ROUTER_ALLOW_SKEW (30*60)
9
10 extern or_options_t options; /* command-line and config-file options */
11
12 static int the_directory_is_dirty = 1;
13
14 static int list_running_servers(char **nicknames_out);
15
16 /************** Fingerprint handling code ************/
17
18 typedef struct fingerprint_entry_t {
19 char *nickname;
20 char *fingerprint;
21 } fingerprint_entry_t;
22
23 static fingerprint_entry_t fingerprint_list[MAX_ROUTERS_IN_DIR];
24 static int n_fingerprints = 0;
25
26 static void
27 add_fingerprint_to_dir(const char *nickname, const char *fp)
28 {
29 int i;
30 for (i = 0; i < n_fingerprints; ++i) {
31 if (!strcasecmp(fingerprint_list[i].nickname,nickname)) {
32 free(fingerprint_list[i].fingerprint);
33 fingerprint_list[i].fingerprint = tor_strdup(fp);
34 return;
35 }
36 }
37 fingerprint_list[n_fingerprints].nickname = tor_strdup(nickname);
38 fingerprint_list[n_fingerprints].fingerprint = tor_strdup(fp);
39 ++n_fingerprints;
40 }
41
42 int
43 dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk)
44 {
45 char fp[FINGERPRINT_LEN+1];
46 if (crypto_pk_get_fingerprint(pk, fp)<0) {
47 log_fn(LOG_ERR, "Error computing fingerprint");
48 return -1;
49 }
50 add_fingerprint_to_dir(nickname, fp);
51 return 0;
52 }
53
54 /* return 0 on success, -1 on failure */
55 int
56 dirserv_parse_fingerprint_file(const char *fname)
57 {
58 FILE *file;
59 char line[FINGERPRINT_LEN+MAX_NICKNAME_LEN+20+1];
60 char *nickname, *fingerprint;
61 fingerprint_entry_t fingerprint_list_tmp[MAX_ROUTERS_IN_DIR];
62 int n_fingerprints_tmp = 0;
63 int i, result;
64
65 if(!(file = fopen(fname, "r"))) {
66 log_fn(LOG_WARN, "Cannot open fingerprint file %s", fname);
67 return -1;
68 }
69 while( (result=parse_line_from_file(line, sizeof(line),file,&nickname,&fingerprint)) > 0) {
70 if (strlen(nickname) > MAX_NICKNAME_LEN) {
71 log(LOG_WARN, "Nickname %s too long in fingerprint file. Skipping.", nickname);
72 continue;
73 }
74 if(strlen(fingerprint) != FINGERPRINT_LEN ||
75 !crypto_pk_check_fingerprint_syntax(fingerprint)) {
76 log_fn(LOG_WARN, "Invalid fingerprint (nickname %s, fingerprint %s). Skipping.",
77 nickname, fingerprint);
78 continue;
79 }
80 for (i = 0; i < n_fingerprints_tmp; ++i) {
81 if (0==strcasecmp(fingerprint_list_tmp[i].nickname, nickname)) {
82 log(LOG_WARN, "Duplicate nickname %s. Skipping.",nickname);
83 break; /* out of the for. the 'if' below means skip to the next line. */
84 }
85 }
86 if(i == n_fingerprints_tmp) { /* not a duplicate */
87 fingerprint_list_tmp[n_fingerprints_tmp].nickname = tor_strdup(nickname);
88 fingerprint_list_tmp[n_fingerprints_tmp].fingerprint = tor_strdup(fingerprint);
89 ++n_fingerprints_tmp;
90 }
91 }
92 fclose(file);
93 if(result == 0) { /* eof; replace the global fingerprints list. */
94 dirserv_free_fingerprint_list();
95 memcpy(fingerprint_list, fingerprint_list_tmp,
96 sizeof(fingerprint_entry_t)*n_fingerprints_tmp);
97 n_fingerprints = n_fingerprints_tmp;
98 return 0;
99 }
100 /* error */
101 log_fn(LOG_WARN, "Error reading from fingerprint file");
102 for (i = 0; i < n_fingerprints_tmp; ++i) {
103 free(fingerprint_list_tmp[i].nickname);
104 free(fingerprint_list_tmp[i].fingerprint);
105 }
106 return -1;
107 }
108
109 /* return 1 if router's identity and nickname match,
110 * -1 if they don't match, 0 if the nickname is not known. */
111 int
112 dirserv_router_fingerprint_is_known(const routerinfo_t *router)
113 {
114 int i;
115 fingerprint_entry_t *ent =NULL;
116 char fp[FINGERPRINT_LEN+1];
117
118 log_fn(LOG_DEBUG, "%d fingerprints known.", n_fingerprints);
119 for (i=0;i<n_fingerprints;++i) {
120 log_fn(LOG_DEBUG,"%s vs %s", router->nickname, fingerprint_list[i].nickname);
121 if (!strcasecmp(router->nickname,fingerprint_list[i].nickname)) {
122 ent = &fingerprint_list[i];
123 break;
124 }
125 }
126
127 if (!ent) { /* No such server known */
128 log_fn(LOG_INFO,"no fingerprint found for %s",router->nickname);
129 return 0;
130 }
131 if (crypto_pk_get_fingerprint(router->identity_pkey, fp)) {
132 log_fn(LOG_WARN,"error computing fingerprint");
133 return -1;
134 }
135 if (0==strcasecmp(ent->fingerprint, fp)) {
136 log_fn(LOG_DEBUG,"good fingerprint for %s",router->nickname);
137 return 1; /* Right fingerprint. */
138 } else {
139 log_fn(LOG_WARN,"mismatched fingerprint for %s",router->nickname);
140 return -1; /* Wrong fingerprint. */
141 }
142 }
143
144 void
145 dirserv_free_fingerprint_list()
146 {
147 int i;
148 for (i = 0; i < n_fingerprints; ++i) {
149 free(fingerprint_list[i].nickname);
150 free(fingerprint_list[i].fingerprint);
151 }
152 n_fingerprints = 0;
153 }
154
155 /*
156 * Descriptor list
157 */
158 typedef struct descriptor_entry_t {
159 char *nickname;
160 time_t published;
161 size_t desc_len;
162 char *descriptor;
163 } descriptor_entry_t;
164
165 static descriptor_entry_t *descriptor_list[MAX_ROUTERS_IN_DIR];
166 static int n_descriptors = 0;
167
168 static void free_descriptor_entry(descriptor_entry_t *desc)
169 {
170 tor_free(desc->descriptor);
171 tor_free(desc->nickname);
172 free(desc);
173 }
174
175 void
176 dirserv_free_descriptors()
177 {
178 int i;
179 for (i = 0; i < n_descriptors; ++i) {
180 free_descriptor_entry(descriptor_list[i]);
181 }
182 n_descriptors = 0;
183 }
184
185 /* Return 0 if descriptor is well-formed; -1 if descriptor is not
186 * well-formed. Update *desc to point after the descriptor if the
187 * descriptor is well-formed.
188 */
189 /* XXX down the road perhaps we should return 1 for accepted, 0 for
190 * well-formed but rejected, -1 for not-well-formed. So remote servers
191 * can know if their submission was accepted and not just whether it
192 * was well-formed. ...Or maybe we shouldn't give them that info?
193 */
194 int
195 dirserv_add_descriptor(const char **desc)
196 {
197 descriptor_entry_t **desc_ent_ptr;
198 routerinfo_t *ri = NULL;
199 int i, r;
200 char *start, *end;
201 char *desc_tmp = NULL;
202 const char *cp;
203 size_t desc_len;
204
205 start = strstr(*desc, "router ");
206 if (!start) {
207 log(LOG_WARN, "no descriptor found.");
208 goto err;
209 }
210 if ((end = strstr(start+6, "\nrouter "))) {
211 ++end; /* Include NL. */
212 } else if ((end = strstr(start+6, "\ndirectory-signature"))) {
213 ++end;
214 } else {
215 end = start+strlen(start);
216 }
217 desc_len = end-start;
218 cp = desc_tmp = tor_strndup(start, desc_len);
219
220 /* Check: is the descriptor syntactically valid? */
221 ri = router_get_entry_from_string(cp, NULL);
222 if (!ri) {
223 log(LOG_WARN, "Couldn't parse descriptor");
224 goto err;
225 }
226 tor_free(desc_tmp);
227 /* Okay. Now check whether the fingerprint is recognized. */
228 r = dirserv_router_fingerprint_is_known(ri);
229 if(r<1) {
230 if(r==0) {
231 log_fn(LOG_WARN, "Unknown nickname %s. Not adding.", ri->nickname);
232 } else {
233 log_fn(LOG_WARN, "Known nickname %s, wrong fingerprint. Not adding.", ri->nickname);
234 }
235 routerinfo_free(ri);
236 *desc = end;
237 return 0;
238 }
239 /* Is there too much clock skew? */
240 if (ri->published_on > time(NULL)+ROUTER_ALLOW_SKEW) {
241 log_fn(LOG_WARN, "Publication time for nickname %s is too far in the future; possible clock skew. Not adding", ri->nickname);
242 routerinfo_free(ri);
243 *desc = end;
244 return 0;
245 }
246 /* Do we already have an entry for this router? */
247 desc_ent_ptr = NULL;
248 for (i = 0; i < n_descriptors; ++i) {
249 if (!strcasecmp(ri->nickname, descriptor_list[i]->nickname)) {
250 desc_ent_ptr = &descriptor_list[i];
251 break;
252 }
253 }
254 if (desc_ent_ptr) {
255 /* if so, decide whether to update it. */
256 if ((*desc_ent_ptr)->published > ri->published_on) {
257 /* We already have a newer descriptor */
258 log_fn(LOG_INFO,"We already have a newer desc for nickname %s. Not adding.",ri->nickname);
259 /* This isn't really an error; return. */
260 routerinfo_free(ri);
261 *desc = end;
262 return 0;
263 }
264 /* We don't have a newer one; we'll update this one. */
265 free_descriptor_entry(*desc_ent_ptr);
266 } else {
267 /* Add this at the end. */
268 desc_ent_ptr = &descriptor_list[n_descriptors++];
269 /* XXX check if n_descriptors is too big */
270 }
271
272 (*desc_ent_ptr) = tor_malloc(sizeof(descriptor_entry_t));
273 (*desc_ent_ptr)->nickname = tor_strdup(ri->nickname);
274 (*desc_ent_ptr)->published = ri->published_on;
275 (*desc_ent_ptr)->desc_len = desc_len;
276 (*desc_ent_ptr)->descriptor = tor_malloc(desc_len+1);
277 strncpy((*desc_ent_ptr)->descriptor, start, desc_len);
278 (*desc_ent_ptr)->descriptor[desc_len] = '\0';
279 *desc = end;
280 directory_set_dirty();
281
282 routerinfo_free(ri);
283 return 0;
284 err:
285 tor_free(desc_tmp);
286 if (ri)
287 routerinfo_free(ri);
288
289 return -1;
290 }
291
292 void
293 directory_set_dirty()
294 {
295 the_directory_is_dirty = 1;
296 }
297
298 int
299 dirserv_init_from_directory_string(const char *dir)
300 {
301 const char *cp = dir;
302 while(1) {
303 cp = strstr(cp, "\nrouter ");
304 if (!cp) break;
305 ++cp;
306 if (dirserv_add_descriptor(&cp)) {
307 return -1;
308 }
309 --cp; /*Back up to newline.*/
310 }
311 return 0;
312 }
313
314 static int
315 list_running_servers(char **nicknames_out)
316 {
317 char *nickname_lst[MAX_ROUTERS_IN_DIR];
318 connection_t **connection_array;
319 int n_conns;
320 connection_t *conn;
321 char *cp;
322 int n = 0, i;
323 int length;
324 *nicknames_out = NULL;
325 nickname_lst[n++] = options.Nickname;
326
327 get_connection_array(&connection_array, &n_conns);
328 for (i = 0; i<n_conns; ++i) {
329 conn = connection_array[i];
330 if (conn->type != CONN_TYPE_OR || conn->state != OR_CONN_STATE_OPEN)
331 continue; /* only list successfully handshaked OR's. */
332 if(!conn->nickname) /* it's an OP, don't list it */
333 continue;
334 nickname_lst[n++] = conn->nickname;
335 }
336 length = n + 1; /* spaces + EOS + 1. */
337 for (i = 0; i<n; ++i) {
338 length += strlen(nickname_lst[i]);
339 }
340 *nicknames_out = tor_malloc_zero(length);
341 cp = *nicknames_out;
342 for (i = 0; i<n; ++i) {
343 if (i)
344 strcat(cp, " ");
345 strcat(cp, nickname_lst[i]);
346 while (*cp)
347 ++cp;
348 }
349 return 0;
350 }
351
352 int
353 dirserv_dump_directory_to_string(char *s, int maxlen,
354 crypto_pk_env_t *private_key)
355 {
356 char *cp, *eos;
357 char digest[20];
358 char signature[128];
359 char published[33];
360 time_t published_on;
361 int i;
362 eos = s+maxlen;
363
364 if (list_running_servers(&cp))
365 return -1;
366 published_on = time(NULL);
367 strftime(published, 32, "%Y-%m-%d %H:%M:%S", gmtime(&published_on));
368 snprintf(s, maxlen,
369 "signed-directory\n"
370 "published %s\n"
371 "recommended-software %s\n"
372 "running-routers %s\n\n", published, options.RecommendedVersions, cp);
373 free(cp);
374 i = strlen(s);
375 cp = s+i;
376
377 for (i = 0; i < n_descriptors; ++i) {
378 strncat(cp, descriptor_list[i]->descriptor, descriptor_list[i]->desc_len);
379 /* XXX Nick: do strncat and friends null-terminate? man page is ambiguous. */
380 cp += descriptor_list[i]->desc_len;
381 assert(!*cp);
382 }
383 /* These multiple strlen calls are inefficient, but dwarfed by the RSA
384 signature.
385 */
386 i = strlen(s);
387 strncat(s, "directory-signature\n", maxlen-i);
388 i = strlen(s);
389 cp = s + i;
390
391 if (router_get_dir_hash(s,digest)) {
392 log_fn(LOG_WARN,"couldn't compute digest");
393 return -1;
394 }
395 if (crypto_pk_private_sign(private_key, digest, 20, signature) < 0) {
396 log_fn(LOG_WARN,"couldn't sign digest");
397 return -1;
398 }
399 log(LOG_DEBUG,"generated directory digest begins with %02x:%02x:%02x:%02x",
400 ((int)digest[0])&0xff,((int)digest[1])&0xff,
401 ((int)digest[2])&0xff,((int)digest[3])&0xff);
402
403 strncpy(cp, "-----BEGIN SIGNATURE-----\n", maxlen-i);
404 cp[maxlen-i-1] = 0;
405
406 i = strlen(s);
407 cp = s+i;
408 if (base64_encode(cp, maxlen-i, signature, 128) < 0) {
409 log_fn(LOG_WARN,"couldn't base64-encode signature");
410 return -1;
411 }
412
413 i = strlen(s);
414 cp = s+i;
415 strncat(cp, "-----END SIGNATURE-----\n", maxlen-i);
416 i = strlen(s);
417 if (i == maxlen) {
418 log_fn(LOG_WARN,"tried to exceed string length.");
419 return -1;
420 }
421
422 return 0;
423 }
424
425 static char *the_directory = NULL;
426 static int the_directory_len = -1;
427
428 size_t dirserv_get_directory(const char **directory)
429 {
430 char *new_directory;
431 char filename[512];
432 if (the_directory_is_dirty) {
433 new_directory = tor_malloc(MAX_DIR_SIZE);
434 if (dirserv_dump_directory_to_string(new_directory, MAX_DIR_SIZE,
435 get_identity_key())) {
436 log(LOG_WARN, "Error creating directory.");
437 free(new_directory);
438 return 0;
439 }
440 tor_free(the_directory);
441 the_directory = new_directory;
442 the_directory_len = strlen(the_directory);
443 log_fn(LOG_INFO,"New directory (size %d):\n%s",the_directory_len,
444 the_directory);
445 the_directory_is_dirty = 0;
446 /* Now read the directory we just made in order to update our own
447 * router lists. This does more signature checking than is strictly
448 * necessary, but safe is better than sorry. */
449 new_directory = tor_strdup(the_directory);
450 /* use a new copy of the dir, since get_dir_from_string scribbles on it */
451 if (router_set_routerlist_from_directory(new_directory, get_identity_key())) {
452 log_fn(LOG_ERR, "We just generated a directory we can't parse. Dying.");
453 exit(0);
454 }
455 free(new_directory);
456 sprintf(filename,"%s/cached-directory", options.DataDirectory);
457 if(write_str_to_file(filename,the_directory) < 0) {
458 log_fn(LOG_WARN, "Couldn't write cached directory to disk. Ignoring.");
459 }
460 } else {
461 log(LOG_INFO,"Directory still clean, reusing.");
462 }
463 *directory = the_directory;
464 return the_directory_len;
465 }
466
The Onion Router