1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
8 * @file relay_periodic.c
9 * @brief Periodic functions for the relay subsystem
13 #include "core/or/or.h"
15 #include "app/config/resolve_addr.h"
17 #include "core/mainloop/periodic.h"
18 #include "core/mainloop/cpuworker.h" // XXXX use a pubsub event.
19 #include "core/mainloop/mainloop.h"
20 #include "core/mainloop/netstatus.h"
21 #include "core/or/circuituse.h" // XXXX move have_performed_bandwidth_test
23 #include "feature/relay/dns.h"
24 #include "feature/relay/relay_periodic.h"
25 #include "feature/relay/router.h"
26 #include "feature/relay/routerkeys.h"
27 #include "feature/relay/routermode.h"
28 #include "feature/relay/selftest.h"
29 #include "feature/stats/predict_ports.h"
31 #include "lib/crypt_ops/crypto_rand.h"
33 #include "feature/nodelist/routerinfo_st.h"
34 #include "feature/control/control_events.h"
37 #define DECLARE_EVENT(name, roles, flags) \
38 static periodic_event_item_t name ## _event = \
39 PERIODIC_EVENT(name, \
40 PERIODIC_EVENT_ROLE_##roles, \
42 #endif /* !defined(COCCI) */
44 #define FL(name) (PERIODIC_EVENT_FLAG_##name)
47 * Periodic callback: If we're a server and initializing dns failed, retry.
50 retry_dns_callback(time_t now
, const or_options_t
*options
)
53 #define RETRY_DNS_INTERVAL (10*60)
54 if (server_mode(options
) && has_dns_init_failed())
56 return RETRY_DNS_INTERVAL
;
59 DECLARE_EVENT(retry_dns
, ROUTER
, 0);
61 static int dns_honesty_first_time
= 1;
64 * Periodic event: if we're an exit, see if our DNS server is telling us
68 check_dns_honesty_callback(time_t now
, const or_options_t
*options
)
71 /* 9. and if we're an exit node, check whether our DNS is telling stories
73 if (net_is_disabled() ||
74 ! public_server_mode(options
) ||
75 router_my_exit_policy_is_reject_star())
76 return PERIODIC_EVENT_NO_UPDATE
;
78 if (dns_honesty_first_time
) {
79 /* Don't launch right when we start */
80 dns_honesty_first_time
= 0;
81 return crypto_rand_int_range(60, 180);
84 dns_launch_correctness_checks();
85 return 12*3600 + crypto_rand_int(12*3600);
88 DECLARE_EVENT(check_dns_honesty
, RELAY
, FL(NEED_NET
));
90 /* Periodic callback: rotate the onion keys after the period defined by the
91 * "onion-key-rotation-days" consensus parameter, shut down and restart all
92 * cpuworkers, and update our descriptor if necessary.
95 rotate_onion_key_callback(time_t now
, const or_options_t
*options
)
97 if (server_mode(options
)) {
98 int onion_key_lifetime
= get_onion_key_lifetime();
99 time_t rotation_time
= get_onion_key_set_at()+onion_key_lifetime
;
100 if (rotation_time
> now
) {
101 return ONION_KEY_CONSENSUS_CHECK_INTERVAL
;
104 log_info(LD_GENERAL
,"Rotating onion key.");
106 cpuworkers_rotate_keyinfo();
107 if (!router_rebuild_descriptor(1)) {
108 log_info(LD_CONFIG
, "Couldn't rebuild router descriptor");
110 if (advertised_server_mode() && !net_is_disabled())
111 router_upload_dir_desc_to_dirservers(0);
112 return ONION_KEY_CONSENSUS_CHECK_INTERVAL
;
114 return PERIODIC_EVENT_NO_UPDATE
;
117 DECLARE_EVENT(rotate_onion_key
, ROUTER
, 0);
119 /** Periodic callback: consider rebuilding or and re-uploading our descriptor
120 * (if we've passed our internal checks). */
122 check_descriptor_callback(time_t now
, const or_options_t
*options
)
124 /** How often do we check whether part of our router info has changed in a
125 * way that would require an upload? That includes checking whether our IP
126 * address has changed. */
127 #define CHECK_DESCRIPTOR_INTERVAL (60)
131 /* 2b. Once per minute, regenerate and upload the descriptor if the old
132 * one is inaccurate. */
133 if (!net_is_disabled()) {
134 check_descriptor_bandwidth_changed(now
);
135 check_descriptor_ipaddress_changed(now
);
136 mark_my_descriptor_dirty_if_too_old(now
);
137 consider_publishable_server(0);
140 return CHECK_DESCRIPTOR_INTERVAL
;
143 DECLARE_EVENT(check_descriptor
, ROUTER
, FL(NEED_NET
));
145 static int dirport_reachability_count
= 0;
148 * Periodic callback: check whether we're reachable (as a relay), and
149 * whether our bandwidth has changed enough that we need to
150 * publish a new descriptor.
153 check_for_reachability_bw_callback(time_t now
, const or_options_t
*options
)
155 /* XXXX This whole thing was stuck in the middle of what is now
156 * XXXX check_descriptor_callback. I'm not sure it's right. */
157 /** How often should we consider launching reachability tests in our first
158 * TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT seconds? */
159 #define EARLY_CHECK_REACHABILITY_INTERVAL (60)
161 /* also, check religiously for reachability, if it's within the first
162 * 20 minutes of our uptime. */
163 if (server_mode(options
) &&
164 (have_completed_a_circuit() || !any_predicted_circuits(now
)) &&
165 !net_is_disabled()) {
166 if (get_uptime() < TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
) {
167 router_do_reachability_checks();
168 return EARLY_CHECK_REACHABILITY_INTERVAL
;
170 /* If we haven't checked for 12 hours and our bandwidth estimate is
171 * low, do another bandwidth test. This is especially important for
172 * bridges, since they might go long periods without much use. */
173 const routerinfo_t
*me
= router_get_my_routerinfo();
174 static int first_time
= 1;
175 if (!first_time
&& me
&&
176 me
->bandwidthcapacity
< me
->bandwidthrate
&&
177 me
->bandwidthcapacity
< 51200) {
178 reset_bandwidth_test();
181 #define BANDWIDTH_RECHECK_INTERVAL (12*60*60)
182 return BANDWIDTH_RECHECK_INTERVAL
;
185 return CHECK_DESCRIPTOR_INTERVAL
;
188 DECLARE_EVENT(check_for_reachability_bw
, ROUTER
, FL(NEED_NET
));
191 * Callback: Send warnings if Tor doesn't find its ports reachable.
194 reachability_warnings_callback(time_t now
, const or_options_t
*options
)
198 if (get_uptime() < TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
) {
199 return (int)(TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
- get_uptime());
202 if (server_mode(options
) &&
203 !net_is_disabled() &&
204 have_completed_a_circuit()) {
205 /* every 20 minutes, check and complain if necessary */
206 const routerinfo_t
*me
= router_get_my_routerinfo();
208 router_orport_seems_reachable(options
,AF_INET
);
210 router_orport_seems_reachable(options
,AF_INET6
);
211 if (me
&& !(v4_ok
&& v6_ok
)) {
212 /* We need to warn that one or more of our ORPorts isn't reachable.
213 * Determine which, and give a reasonable warning. */
214 char *address4
= tor_addr_to_str_dup(&me
->ipv4_addr
);
215 char *address6
= tor_addr_to_str_dup(&me
->ipv6_addr
);
216 if (address4
|| address6
) {
217 char *where4
=NULL
, *where6
=NULL
;
219 tor_asprintf(&where4
, "%s:%d", address4
, me
->ipv4_orport
);
221 tor_asprintf(&where6
, "[%s]:%d", address6
, me
->ipv6_orport
);
222 const char *opt_and
= (!v4_ok
&& !v6_ok
) ? "and" : "";
224 /* IPv4 reachability test worked but not the IPv6. We will _not_
225 * publish the descriptor if our IPv6 was configured. We will if it
226 * was auto discovered. */
227 if (v4_ok
&& !v6_ok
&& !resolved_addr_is_configured(AF_INET6
)) {
228 static ratelim_t rlim
= RATELIM_INIT(3600);
229 log_fn_ratelim(&rlim
, LOG_NOTICE
, LD_CONFIG
,
230 "Auto-discovered IPv6 address %s has not been found "
231 "reachable. However, IPv4 address is reachable. "
232 "Publishing server descriptor without IPv6 address.",
233 where6
? where6
: "");
234 /* Indicate we want to publish even if reachability test failed. */
235 mark_my_descriptor_if_omit_ipv6_changes("IPv4 is reachable. "
236 "IPv6 is not but was "
237 "auto-discovered", true);
240 "Your server has not managed to confirm reachability for "
241 "its ORPort(s) at %s%s%s. Relays do not publish "
242 "descriptors until their ORPort and DirPort are "
243 "reachable. Please check your firewalls, ports, address, "
244 "/etc/hosts file, etc.",
252 control_event_server_status(LOG_WARN
,
253 "REACHABILITY_FAILED ORADDRESS=%s:%d",
254 address4
, me
->ipv4_orport
);
257 control_event_server_status(LOG_WARN
,
258 "REACHABILITY_FAILED ORADDRESS=[%s]:%d",
259 address6
, me
->ipv6_orport
);
267 return TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
;
270 DECLARE_EVENT(reachability_warnings
, ROUTER
, FL(NEED_NET
));
272 /* Periodic callback: Every 30 seconds, check whether it's time to make new
276 check_ed_keys_callback(time_t now
, const or_options_t
*options
)
278 if (server_mode(options
)) {
279 if (should_make_new_ed_keys(options
, now
)) {
280 int new_signing_key
= load_ed_keys(options
, now
);
281 if (new_signing_key
< 0 ||
282 generate_ed_link_cert(options
, now
, new_signing_key
> 0)) {
283 log_err(LD_OR
, "Unable to update Ed25519 keys! Exiting.");
284 tor_shutdown_event_loop_and_exit(1);
289 return PERIODIC_EVENT_NO_UPDATE
;
292 DECLARE_EVENT(check_ed_keys
, ROUTER
, 0);
294 /* Period callback: Check if our old onion keys are still valid after the
295 * period of time defined by the consensus parameter
296 * "onion-key-grace-period-days", otherwise expire them by setting them to
300 check_onion_keys_expiry_time_callback(time_t now
, const or_options_t
*options
)
302 if (server_mode(options
)) {
303 int onion_key_grace_period
= get_onion_key_grace_period();
304 time_t expiry_time
= get_onion_key_set_at()+onion_key_grace_period
;
305 if (expiry_time
> now
) {
306 return ONION_KEY_CONSENSUS_CHECK_INTERVAL
;
309 log_info(LD_GENERAL
, "Expiring old onion keys.");
310 expire_old_onion_keys();
311 cpuworkers_rotate_keyinfo();
312 return ONION_KEY_CONSENSUS_CHECK_INTERVAL
;
315 return PERIODIC_EVENT_NO_UPDATE
;
318 DECLARE_EVENT(check_onion_keys_expiry_time
, ROUTER
, 0);
321 relay_register_periodic_events(void)
323 periodic_events_register(&retry_dns_event
);
324 periodic_events_register(&check_dns_honesty_event
);
325 periodic_events_register(&rotate_onion_key_event
);
326 periodic_events_register(&check_descriptor_event
);
327 periodic_events_register(&check_for_reachability_bw_event
);
328 periodic_events_register(&reachability_warnings_event
);
329 periodic_events_register(&check_ed_keys_event
);
330 periodic_events_register(&check_onion_keys_expiry_time_event
);
332 dns_honesty_first_time
= 1;
333 dirport_reachability_count
= 0;
337 * Update our schedule so that we'll check whether we need to update our
338 * descriptor immediately, rather than after up to CHECK_DESCRIPTOR_INTERVAL
342 reschedule_descriptor_update_check(void)
344 periodic_event_reschedule(&check_descriptor_event
);