1 /* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
2 /* See LICENSE for licensing information */
7 /* How far in the future do we allow a router to get? (seconds) */
8 #define ROUTER_ALLOW_SKEW (30*60)
10 extern or_options_t options
; /* command-line and config-file options */
12 static int the_directory_is_dirty
= 1;
14 static int list_running_servers(char **nicknames_out
);
16 /************** Fingerprint handling code ************/
18 typedef struct fingerprint_entry_t
{
21 } fingerprint_entry_t
;
23 static fingerprint_entry_t fingerprint_list
[MAX_ROUTERS_IN_DIR
];
24 static int n_fingerprints
= 0;
27 add_fingerprint_to_dir(const char *nickname
, const char *fp
)
30 for (i
= 0; i
< n_fingerprints
; ++i
) {
31 if (!strcasecmp(fingerprint_list
[i
].nickname
,nickname
)) {
32 free(fingerprint_list
[i
].fingerprint
);
33 fingerprint_list
[i
].fingerprint
= tor_strdup(fp
);
37 fingerprint_list
[n_fingerprints
].nickname
= tor_strdup(nickname
);
38 fingerprint_list
[n_fingerprints
].fingerprint
= tor_strdup(fp
);
43 dirserv_add_own_fingerprint(const char *nickname
, crypto_pk_env_t
*pk
)
45 char fp
[FINGERPRINT_LEN
+1];
46 if (crypto_pk_get_fingerprint(pk
, fp
)<0) {
47 log_fn(LOG_ERR
, "Error computing fingerprint");
50 add_fingerprint_to_dir(nickname
, fp
);
54 /* return 0 on success, -1 on failure */
56 dirserv_parse_fingerprint_file(const char *fname
)
59 char line
[FINGERPRINT_LEN
+MAX_NICKNAME_LEN
+20+1];
60 char *nickname
, *fingerprint
;
61 fingerprint_entry_t fingerprint_list_tmp
[MAX_ROUTERS_IN_DIR
];
62 int n_fingerprints_tmp
= 0;
65 if(!(file
= fopen(fname
, "r"))) {
66 log_fn(LOG_WARN
, "Cannot open fingerprint file %s", fname
);
69 while( (result
=parse_line_from_file(line
, sizeof(line
),file
,&nickname
,&fingerprint
)) > 0) {
70 if (strlen(nickname
) > MAX_NICKNAME_LEN
) {
71 log(LOG_WARN
, "Nickname %s too long in fingerprint file. Skipping.", nickname
);
74 if(strlen(fingerprint
) != FINGERPRINT_LEN
||
75 !crypto_pk_check_fingerprint_syntax(fingerprint
)) {
76 log_fn(LOG_WARN
, "Invalid fingerprint (nickname %s, fingerprint %s). Skipping.",
77 nickname
, fingerprint
);
80 for (i
= 0; i
< n_fingerprints_tmp
; ++i
) {
81 if (0==strcasecmp(fingerprint_list_tmp
[i
].nickname
, nickname
)) {
82 log(LOG_WARN
, "Duplicate nickname %s. Skipping.",nickname
);
83 break; /* out of the for. the 'if' below means skip to the next line. */
86 if(i
== n_fingerprints_tmp
) { /* not a duplicate */
87 fingerprint_list_tmp
[n_fingerprints_tmp
].nickname
= tor_strdup(nickname
);
88 fingerprint_list_tmp
[n_fingerprints_tmp
].fingerprint
= tor_strdup(fingerprint
);
93 if(result
== 0) { /* eof; replace the global fingerprints list. */
94 dirserv_free_fingerprint_list();
95 memcpy(fingerprint_list
, fingerprint_list_tmp
,
96 sizeof(fingerprint_entry_t
)*n_fingerprints_tmp
);
97 n_fingerprints
= n_fingerprints_tmp
;
101 log_fn(LOG_WARN
, "Error reading from fingerprint file");
102 for (i
= 0; i
< n_fingerprints_tmp
; ++i
) {
103 free(fingerprint_list_tmp
[i
].nickname
);
104 free(fingerprint_list_tmp
[i
].fingerprint
);
109 /* return 1 if router's identity and nickname match,
110 * -1 if they don't match, 0 if the nickname is not known. */
112 dirserv_router_fingerprint_is_known(const routerinfo_t
*router
)
115 fingerprint_entry_t
*ent
=NULL
;
116 char fp
[FINGERPRINT_LEN
+1];
118 log_fn(LOG_DEBUG
, "%d fingerprints known.", n_fingerprints
);
119 for (i
=0;i
<n_fingerprints
;++i
) {
120 log_fn(LOG_DEBUG
,"%s vs %s", router
->nickname
, fingerprint_list
[i
].nickname
);
121 if (!strcasecmp(router
->nickname
,fingerprint_list
[i
].nickname
)) {
122 ent
= &fingerprint_list
[i
];
127 if (!ent
) { /* No such server known */
128 log_fn(LOG_INFO
,"no fingerprint found for %s",router
->nickname
);
131 if (crypto_pk_get_fingerprint(router
->identity_pkey
, fp
)) {
132 log_fn(LOG_WARN
,"error computing fingerprint");
135 if (0==strcasecmp(ent
->fingerprint
, fp
)) {
136 log_fn(LOG_DEBUG
,"good fingerprint for %s",router
->nickname
);
137 return 1; /* Right fingerprint. */
139 log_fn(LOG_WARN
,"mismatched fingerprint for %s",router
->nickname
);
140 return -1; /* Wrong fingerprint. */
145 dirserv_free_fingerprint_list()
148 for (i
= 0; i
< n_fingerprints
; ++i
) {
149 free(fingerprint_list
[i
].nickname
);
150 free(fingerprint_list
[i
].fingerprint
);
158 typedef struct descriptor_entry_t
{
163 } descriptor_entry_t
;
165 static descriptor_entry_t
*descriptor_list
[MAX_ROUTERS_IN_DIR
];
166 static int n_descriptors
= 0;
168 static void free_descriptor_entry(descriptor_entry_t
*desc
)
170 tor_free(desc
->descriptor
);
171 tor_free(desc
->nickname
);
176 dirserv_free_descriptors()
179 for (i
= 0; i
< n_descriptors
; ++i
) {
180 free_descriptor_entry(descriptor_list
[i
]);
185 /* Return 0 if descriptor is well-formed; -1 if descriptor is not
186 * well-formed. Update *desc to point after the descriptor if the
187 * descriptor is well-formed.
189 /* XXX down the road perhaps we should return 1 for accepted, 0 for
190 * well-formed but rejected, -1 for not-well-formed. So remote servers
191 * can know if their submission was accepted and not just whether it
192 * was well-formed. ...Or maybe we shouldn't give them that info?
195 dirserv_add_descriptor(const char **desc
)
197 descriptor_entry_t
**desc_ent_ptr
;
198 routerinfo_t
*ri
= NULL
;
201 char *desc_tmp
= NULL
;
205 start
= strstr(*desc
, "router ");
207 log(LOG_WARN
, "no descriptor found.");
210 if ((end
= strstr(start
+6, "\nrouter "))) {
211 ++end
; /* Include NL. */
212 } else if ((end
= strstr(start
+6, "\ndirectory-signature"))) {
215 end
= start
+strlen(start
);
217 desc_len
= end
-start
;
218 cp
= desc_tmp
= tor_strndup(start
, desc_len
);
220 /* Check: is the descriptor syntactically valid? */
221 ri
= router_get_entry_from_string(cp
, NULL
);
223 log(LOG_WARN
, "Couldn't parse descriptor");
227 /* Okay. Now check whether the fingerprint is recognized. */
228 r
= dirserv_router_fingerprint_is_known(ri
);
231 log_fn(LOG_WARN
, "Unknown nickname %s. Not adding.", ri
->nickname
);
233 log_fn(LOG_WARN
, "Known nickname %s, wrong fingerprint. Not adding.", ri
->nickname
);
239 /* Is there too much clock skew? */
240 if (ri
->published_on
> time(NULL
)+ROUTER_ALLOW_SKEW
) {
241 log_fn(LOG_WARN
, "Publication time for nickname %s is too far in the future; possible clock skew. Not adding", ri
->nickname
);
246 /* Do we already have an entry for this router? */
248 for (i
= 0; i
< n_descriptors
; ++i
) {
249 if (!strcasecmp(ri
->nickname
, descriptor_list
[i
]->nickname
)) {
250 desc_ent_ptr
= &descriptor_list
[i
];
255 /* if so, decide whether to update it. */
256 if ((*desc_ent_ptr
)->published
> ri
->published_on
) {
257 /* We already have a newer descriptor */
258 log_fn(LOG_INFO
,"We already have a newer desc for nickname %s. Not adding.",ri
->nickname
);
259 /* This isn't really an error; return. */
264 /* We don't have a newer one; we'll update this one. */
265 free_descriptor_entry(*desc_ent_ptr
);
267 /* Add this at the end. */
268 desc_ent_ptr
= &descriptor_list
[n_descriptors
++];
269 /* XXX check if n_descriptors is too big */
272 (*desc_ent_ptr
) = tor_malloc(sizeof(descriptor_entry_t
));
273 (*desc_ent_ptr
)->nickname
= tor_strdup(ri
->nickname
);
274 (*desc_ent_ptr
)->published
= ri
->published_on
;
275 (*desc_ent_ptr
)->desc_len
= desc_len
;
276 (*desc_ent_ptr
)->descriptor
= tor_malloc(desc_len
+1);
277 strncpy((*desc_ent_ptr
)->descriptor
, start
, desc_len
);
278 (*desc_ent_ptr
)->descriptor
[desc_len
] = '\0';
280 directory_set_dirty();
293 directory_set_dirty()
295 the_directory_is_dirty
= 1;
299 dirserv_init_from_directory_string(const char *dir
)
301 const char *cp
= dir
;
303 cp
= strstr(cp
, "\nrouter ");
306 if (dirserv_add_descriptor(&cp
)) {
309 --cp
; /*Back up to newline.*/
315 list_running_servers(char **nicknames_out
)
317 char *nickname_lst
[MAX_ROUTERS_IN_DIR
];
318 connection_t
**connection_array
;
324 *nicknames_out
= NULL
;
325 nickname_lst
[n
++] = options
.Nickname
;
327 get_connection_array(&connection_array
, &n_conns
);
328 for (i
= 0; i
<n_conns
; ++i
) {
329 conn
= connection_array
[i
];
330 if (conn
->type
!= CONN_TYPE_OR
|| conn
->state
!= OR_CONN_STATE_OPEN
)
331 continue; /* only list successfully handshaked OR's. */
332 if(!conn
->nickname
) /* it's an OP, don't list it */
334 nickname_lst
[n
++] = conn
->nickname
;
336 length
= n
+ 1; /* spaces + EOS + 1. */
337 for (i
= 0; i
<n
; ++i
) {
338 length
+= strlen(nickname_lst
[i
]);
340 *nicknames_out
= tor_malloc_zero(length
);
342 for (i
= 0; i
<n
; ++i
) {
345 strcat(cp
, nickname_lst
[i
]);
353 dirserv_dump_directory_to_string(char *s
, int maxlen
,
354 crypto_pk_env_t
*private_key
)
364 if (list_running_servers(&cp
))
366 published_on
= time(NULL
);
367 strftime(published
, 32, "%Y-%m-%d %H:%M:%S", gmtime(&published_on
));
371 "recommended-software %s\n"
372 "running-routers %s\n\n", published
, options
.RecommendedVersions
, cp
);
377 for (i
= 0; i
< n_descriptors
; ++i
) {
378 strncat(cp
, descriptor_list
[i
]->descriptor
, descriptor_list
[i
]->desc_len
);
379 /* XXX Nick: do strncat and friends null-terminate? man page is ambiguous. */
380 cp
+= descriptor_list
[i
]->desc_len
;
383 /* These multiple strlen calls are inefficient, but dwarfed by the RSA
387 strncat(s
, "directory-signature\n", maxlen
-i
);
391 if (router_get_dir_hash(s
,digest
)) {
392 log_fn(LOG_WARN
,"couldn't compute digest");
395 if (crypto_pk_private_sign(private_key
, digest
, 20, signature
) < 0) {
396 log_fn(LOG_WARN
,"couldn't sign digest");
399 log(LOG_DEBUG
,"generated directory digest begins with %02x:%02x:%02x:%02x",
400 ((int)digest
[0])&0xff,((int)digest
[1])&0xff,
401 ((int)digest
[2])&0xff,((int)digest
[3])&0xff);
403 strncpy(cp
, "-----BEGIN SIGNATURE-----\n", maxlen
-i
);
408 if (base64_encode(cp
, maxlen
-i
, signature
, 128) < 0) {
409 log_fn(LOG_WARN
,"couldn't base64-encode signature");
415 strncat(cp
, "-----END SIGNATURE-----\n", maxlen
-i
);
418 log_fn(LOG_WARN
,"tried to exceed string length.");
425 static char *the_directory
= NULL
;
426 static int the_directory_len
= -1;
428 size_t dirserv_get_directory(const char **directory
)
432 if (the_directory_is_dirty
) {
433 new_directory
= tor_malloc(MAX_DIR_SIZE
);
434 if (dirserv_dump_directory_to_string(new_directory
, MAX_DIR_SIZE
,
435 get_identity_key())) {
436 log(LOG_WARN
, "Error creating directory.");
440 tor_free(the_directory
);
441 the_directory
= new_directory
;
442 the_directory_len
= strlen(the_directory
);
443 log_fn(LOG_INFO
,"New directory (size %d):\n%s",the_directory_len
,
445 the_directory_is_dirty
= 0;
446 /* Now read the directory we just made in order to update our own
447 * router lists. This does more signature checking than is strictly
448 * necessary, but safe is better than sorry. */
449 new_directory
= tor_strdup(the_directory
);
450 /* use a new copy of the dir, since get_dir_from_string scribbles on it */
451 if (router_set_routerlist_from_directory(new_directory
, get_identity_key())) {
452 log_fn(LOG_ERR
, "We just generated a directory we can't parse. Dying.");
456 sprintf(filename
,"%s/cached-directory", options
.DataDirectory
);
457 if(write_str_to_file(filename
,the_directory
) < 0) {
458 log_fn(LOG_WARN
, "Couldn't write cached directory to disk. Ignoring.");
461 log(LOG_INFO
,"Directory still clean, reusing.");
463 *directory
= the_directory
;
464 return the_directory_len
;