Have reason string for serverdesc post requests contain actual serverdesc status. Also fix return values of dirserv_add_descriptor to work as advertised.

svn:r3391

src/or/directory.c

@@ -976,19 +976,20 @@ directory_handle_command_post(connection_t *conn, char *headers,
   log_fn(LOG_INFO,"rewritten url as '%s'.", url);
 
   if (!strcmp(url,"/tor/")) { /* server descriptor post */
+    const char *msg;
     cp = body;
-    switch (dirserv_add_descriptor(&cp)) {
+    switch (dirserv_add_descriptor(&cp, &msg)) {
       case -1:
         /* malformed descriptor, or something wrong */
-        write_http_status_line(conn, 400, "Malformed or unacceptable server descriptor");
+        write_http_status_line(conn, 400, msg?msg:"Malformed or unacceptable server descriptor");
         break;
       case 0:
         /* descriptor was well-formed but server has not been approved */
-        write_http_status_line(conn, 200, "Unverified server descriptor accepted. Have you mailed us your key fingerprint? Are you using the right key?");
+        write_http_status_line(conn, 200, msg?msg:"Unverified server descriptor accepted");
         break;
       case 1:
         dirserv_get_directory(&cp, 0); /* rebuild and write to disk */
-        write_http_status_line(conn, 200, "Verified server descriptor accepted");
+        write_http_status_line(conn, 200, msg?msg:"Verified server descriptor accepted");
         break;
     }
     tor_free(url);

src/or/dirserv.c

@@ -307,14 +307,16 @@ dirserv_router_has_valid_address(routerinfo_t *ri)
 
 /** Parse the server descriptor at *desc and maybe insert it into the
  * list of server descriptors, and (if the descriptor is well-formed)
- * advance *desc immediately past the descriptor's end.
+ * advance *desc immediately past the descriptor's end.  Set msg to a
+ * message that should be passed back to the origin of this descriptor, or
+ * to NULL.
  *
  * Return 1 if descriptor is well-formed and accepted;
  * 0 if well-formed and server is unapproved;
  * -1 if not well-formed or other error.
  */
 int
-dirserv_add_descriptor(const char **desc)
+dirserv_add_descriptor(const char **desc, const char **msg)
 {
   descriptor_entry_t *ent = NULL;
   routerinfo_t *ri = NULL;
@@ -325,7 +327,8 @@ dirserv_add_descriptor(const char **desc)
   size_t desc_len;
   time_t now;
   int verified=1; /* whether we knew its fingerprint already */
-
+  tor_assert(msg);
+  *msg = NULL;
   if (!descriptor_list)
     descriptor_list = smartlist_create();
 
@@ -349,15 +352,17 @@ dirserv_add_descriptor(const char **desc)
   tor_free(desc_tmp);
   if (!ri) {
     log(LOG_WARN, "Couldn't parse descriptor");
+    *msg = "Rejected: Couldn't parse server descriptor.";
     return -1;
   }
   /* Okay.  Now check whether the fingerprint is recognized. */
   r = dirserv_router_fingerprint_is_known(ri);
   if (r==-1) {
     log_fn(LOG_WARN, "Known nickname '%s', wrong fingerprint. Not adding.", ri->nickname);
+    *msg = "Rejected: There is already a verified server with this nickname and a different fingerprint.";
     routerinfo_free(ri);
     *desc = end;
-    return 0;
+    return -1;
   }
   if (r==0) {
     char fp[FINGERPRINT_LEN+1];
@@ -374,21 +379,24 @@ dirserv_add_descriptor(const char **desc)
   now = time(NULL);
   if (ri->published_on > now+ROUTER_ALLOW_SKEW) {
     log_fn(LOG_NOTICE, "Publication time for nickname '%s' is too far in the future; possible clock skew. Not adding.", ri->nickname);
+    *msg = "Rejected: Your clock is set too far in the future, or your timezone is not correct.";
     routerinfo_free(ri);
     *desc = end;
-    return 0;
+    return -1;
   }
   if (ri->published_on < now-ROUTER_MAX_AGE) {
     log_fn(LOG_NOTICE, "Publication time for router with nickname '%s' is too far in the past. Not adding.", ri->nickname);
+    *msg = "Rejected: Server is expired, or your clock is too far in the past, or your timezone is not correct.";
     routerinfo_free(ri);
     *desc = end;
-    return 0;
+    return -1;
   }
   if (dirserv_router_has_valid_address(ri) < 0) {
     log_fn(LOG_NOTICE, "Router with nickname '%s' has invalid address '%s'. Not adding.", ri->nickname, ri->address);
+    *msg = "Rejected: Address is not an IP, or IP is a private address.";
     routerinfo_free(ri);
     *desc = end;
-    return 0;
+    return -1;
   }
 
   /* Do we already have an entry for this router? */
@@ -404,6 +412,7 @@ dirserv_add_descriptor(const char **desc)
     if (ent->published >= ri->published_on) {
       /* We already have a newer or equal-time descriptor */
       log_fn(LOG_INFO,"We already have a new enough desc for nickname '%s'. Not adding.",ri->nickname);
+      *msg = "We already have a newer descriptor.";
       /* This isn't really an error; return success. */
       routerinfo_free(ri);
       *desc = end;
@@ -411,11 +420,13 @@ dirserv_add_descriptor(const char **desc)
     }
     /* We don't have a newer one; we'll update this one. */
     log_fn(LOG_INFO,"Dirserv updating desc for nickname '%s'",ri->nickname);
+    *msg = verified?"Verified server updated":"Unverified server updated (Have you sent us your key fingerprint?)";
     free_descriptor_entry(ent);
     smartlist_del_keeporder(descriptor_list, found);
   } else {
     /* Add at the end. */
     log_fn(LOG_INFO,"Dirserv adding desc for nickname '%s'",ri->nickname);
+    *msg = verified?"Verified server added":"Unverified server added (Have you sent us your key fingerprint?)";
   }
 
   ent = tor_malloc(sizeof(descriptor_entry_t));
@@ -477,12 +488,12 @@ directory_set_dirty()
 int
 dirserv_load_from_directory_string(const char *dir)
 {
-  const char *cp = dir;
+  const char *cp = dir, *m;
   while (1) {
     cp = strstr(cp, "\nrouter ");
     if (!cp) break;
     ++cp;
-    if (dirserv_add_descriptor(&cp) < 0) {
+    if (dirserv_add_descriptor(&cp,&m) < 0) {
       return -1;
     }
     --cp; /*Back up to newline.*/

src/or/or.h

@@ -1349,7 +1349,7 @@ int dirserv_parse_fingerprint_file(const char *fname);
 int dirserv_router_fingerprint_is_known(const routerinfo_t *router);
 void dirserv_free_fingerprint_list(void);
 const char *dirserv_get_nickname_by_digest(const char *digest);
-int dirserv_add_descriptor(const char **desc);
+int dirserv_add_descriptor(const char **desc, const char **msg);
 int dirserv_load_from_directory_string(const char *dir);
 void dirserv_free_descriptors(void);
 void dirserv_remove_old_servers(int age);

src/or/router.c

@@ -315,13 +315,15 @@ int init_keys(void) {
     return -1;
   }
   if (authdir_mode(options)) {
+    const char *m;
     /* We need to add our own fingerprint so it gets recognized. */
     if (dirserv_add_own_fingerprint(options->Nickname, get_identity_key())) {
       log_fn(LOG_ERR, "Error adding own fingerprint to approved set");
       return -1;
     }
-    if (dirserv_add_descriptor(&tmp) != 1) {
-      log(LOG_ERR, "Unable to add own descriptor to directory.");
+    if (dirserv_add_descriptor(&tmp, &m) != 1) {
+      log(LOG_ERR, "Unable to add own descriptor to directory: %s",
+          m?m:"<unknown error>");
       return -1;
     }
   }

src/or/test.c

@@ -998,6 +998,7 @@ test_dir_format(void)
   routerlist_t *dir1 = NULL, *dir2 = NULL;
   tor_version_t ver1;
   char *bw_lines = NULL;
+  const char *m;
 
   test_assert( (pk1 = crypto_new_pk_env()) );
   test_assert( (pk2 = crypto_new_pk_env()) );
@@ -1158,10 +1159,10 @@ test_dir_format(void)
   r2.published_on = time(NULL)-3*60*60;
   test_assert(router_dump_router_to_string(buf, 2048, &r1, pk2)>0);
   cp = buf;
-  test_eq(dirserv_add_descriptor((const char**)&cp), 1);
+  test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
   test_assert(router_dump_router_to_string(buf, 2048, &r2, pk1)>0);
   cp = buf;
-  test_eq(dirserv_add_descriptor((const char**)&cp), 1);
+  test_eq(dirserv_add_descriptor((const char**)&cp,&m), 1);
   get_options()->Nickname = tor_strdup("DirServer");
   test_assert(!dirserv_dump_directory_to_string(&cp,pk3));
   test_assert(!router_parse_routerlist_from_directory(cp, &dir1, pk3, 1, 0));