directory.c 34 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995
  1. /* Copyright 2001-2004 Roger Dingledine.
  2. * Copyright 2004 Roger Dingledine, Nick Mathewson. */
  3. /* See LICENSE for licensing information */
  4. /* See LICENSE for licensing information */
  5. /* $Id$ */
  6. #include "or.h"
  7. /**
  8. * \file directory.c
  9. * \brief Implement directory HTTP protocol.
  10. **/
  11. /* In-points to directory.c:
  12. *
  13. * - directory_post_to_dirservers(), called from
  14. * router_upload_dir_desc_to_dirservers() in router.c
  15. * upload_service_descriptor() in rendservice.c
  16. * - directory_get_from_dirserver(), called from
  17. * rend_client_refetch_renddesc() in rendclient.c
  18. * run_scheduled_events() in main.c
  19. * do_hup() in main.c
  20. * - connection_dir_process_inbuf(), called from
  21. * connection_process_inbuf() in connection.c
  22. * - connection_dir_finished_flushing(), called from
  23. * connection_finished_flushing() in connection.c
  24. * - connection_dir_finished_connecting(), called from
  25. * connection_finished_connecting() in connection.c
  26. */
  27. static void
  28. directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
  29. const char *resource,
  30. const char *payload, size_t payload_len);
  31. static void
  32. directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
  33. uint8_t purpose, const char *resource,
  34. const char *payload, size_t payload_len);
  35. static void
  36. directory_initiate_command(const char *address, uint32_t addr, uint16_t port,
  37. const char *platform,
  38. const char *digest, uint8_t purpose,
  39. const char *resource,
  40. const char *payload, size_t payload_len);
  41. static void
  42. directory_send_command(connection_t *conn, const char *platform,
  43. int purpose, const char *resource,
  44. const char *payload, size_t payload_len);
  45. static int directory_handle_command(connection_t *conn);
  46. /********* START VARIABLES **********/
  47. static struct addr_policy_t *dir_policy = NULL;
  48. #if 0 /* commented out for now, since for now what clients send is
  49. different from what servers want to receive */
  50. /** URL for publishing rendezvous descriptors. */
  51. char rend_publish_string[] = "/tor/rendezvous/publish";
  52. /** Prefix for downloading rendezvous descriptors. */
  53. char rend_fetch_url[] = "/tor/rendezvous/";
  54. #endif
  55. #define MAX_HEADERS_SIZE 50000
  56. #define MAX_BODY_SIZE 500000
  57. #define ALLOW_DIRECTORY_TIME_SKEW 30*60
  58. /********* END VARIABLES ************/
  59. /** Parse get_options()->DirPolicy, and put the processed version in
  60. * &dir_policy. Ignore port specifiers.
  61. */
  62. void
  63. parse_dir_policy(void)
  64. {
  65. struct addr_policy_t *n;
  66. if (dir_policy) {
  67. addr_policy_free(dir_policy);
  68. dir_policy = NULL;
  69. }
  70. config_parse_addr_policy(get_options()->DirPolicy, &dir_policy);
  71. /* ports aren't used. */
  72. for (n=dir_policy; n; n = n->next) {
  73. n->prt_min = 1;
  74. n->prt_max = 65535;
  75. }
  76. }
  77. /** Return 1 if <b>addr</b> is permitted to connect to our dir port,
  78. * based on <b>dir_policy</b>. Else return 0.
  79. */
  80. int dir_policy_permits_address(uint32_t addr)
  81. {
  82. int a;
  83. if(!dir_policy) /* 'no dir policy' means 'accept' */
  84. return 1;
  85. a = router_compare_addr_to_addr_policy(addr, 1, dir_policy);
  86. if (a==-1)
  87. return 0;
  88. else if (a==0)
  89. return 1;
  90. tor_assert(a==1);
  91. log_fn(LOG_WARN, "Got unexpected 'maybe' answer from dir policy");
  92. return 0;
  93. }
  94. /** Start a connection to every known directory server, using
  95. * connection purpose 'purpose' and uploading the payload 'payload'
  96. * (length 'payload_len'). The purpose should be one of
  97. * 'DIR_PURPOSE_UPLOAD_DIR' or 'DIR_PURPOSE_UPLOAD_RENDDESC'.
  98. */
  99. void
  100. directory_post_to_dirservers(uint8_t purpose, const char *payload,
  101. size_t payload_len)
  102. {
  103. smartlist_t *dirservers;
  104. char buf[16];
  105. router_get_trusted_dir_servers(&dirservers);
  106. tor_assert(dirservers);
  107. /* This tries dirservers which we believe to be down, but ultimately, that's
  108. * harmless, and we may as well err on the side of getting things uploaded.
  109. */
  110. SMARTLIST_FOREACH(dirservers, trusted_dir_server_t *, ds,
  111. {
  112. /* Pay attention to fascistfirewall when we're uploading a
  113. * router descriptor, but not when uploading a service
  114. * descriptor -- those use Tor. */
  115. if (get_options()->FascistFirewall && purpose == DIR_PURPOSE_UPLOAD_DIR &&
  116. !get_options()->HttpProxy) {
  117. tor_snprintf(buf,sizeof(buf),"%d",ds->dir_port);
  118. if (!smartlist_string_isin(get_options()->FirewallPorts, buf))
  119. continue;
  120. }
  121. directory_initiate_command_trusted_dir(ds, purpose, NULL,
  122. payload, payload_len);
  123. });
  124. }
  125. /** Start a connection to a random running directory server, using
  126. * connection purpose 'purpose' requesting 'resource'. The purpose
  127. * should be one of 'DIR_PURPOSE_FETCH_DIR',
  128. * 'DIR_PURPOSE_FETCH_RENDDESC', 'DIR_PURPOSE_FETCH_RUNNING_LIST.'
  129. */
  130. void
  131. directory_get_from_dirserver(uint8_t purpose, const char *resource)
  132. {
  133. routerinfo_t *r = NULL;
  134. trusted_dir_server_t *ds = NULL;
  135. int fascistfirewall = get_options()->FascistFirewall;
  136. if (purpose == DIR_PURPOSE_FETCH_DIR) {
  137. if (advertised_server_mode()) {
  138. /* only ask authdirservers, and don't ask myself */
  139. ds = router_pick_trusteddirserver(1, fascistfirewall);
  140. } else {
  141. /* anybody with a non-zero dirport will do */
  142. r = router_pick_directory_server(1, fascistfirewall);
  143. if (!r) {
  144. log_fn(LOG_INFO, "No router found for directory; falling back to dirserver list");
  145. ds = router_pick_trusteddirserver(1, fascistfirewall);
  146. }
  147. }
  148. } else if (purpose == DIR_PURPOSE_FETCH_RUNNING_LIST) {
  149. /* right now, running-routers isn't cached, so ask a trusted directory */
  150. ds = router_pick_trusteddirserver(0, fascistfirewall);
  151. } else { // (purpose == DIR_PURPOSE_FETCH_RENDDESC)
  152. /* only ask authdirservers, any of them will do */
  153. /* Never use fascistfirewall; we're going via Tor. */
  154. ds = router_pick_trusteddirserver(0, 0);
  155. }
  156. if (r)
  157. directory_initiate_command_router(r, purpose, resource, NULL, 0);
  158. else if (ds)
  159. directory_initiate_command_trusted_dir(ds, purpose, resource, NULL, 0);
  160. else
  161. log_fn(LOG_WARN,"No running dirservers known. Not trying. (purpose %d)", purpose);
  162. }
  163. /** Launch a new connection to the directory server <b>router</b> to upload or
  164. * download a service or rendezvous descriptor. <b>purpose</b> determines what
  165. * kind of directory connection we're launching, and must be one of
  166. * DIR_PURPOSE_{FETCH|UPLOAD}_{DIR|RENDDESC}.
  167. *
  168. * When uploading, <b>payload</b> and <b>payload_len</b> determine the content
  169. * of the HTTP post. Otherwise, <b>payload</b> should be NULL.
  170. *
  171. * When fetching a rendezvous descriptor, <b>resource</b> is the service ID we
  172. * want to fetch.
  173. */
  174. static void
  175. directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
  176. const char *resource,
  177. const char *payload, size_t payload_len)
  178. {
  179. directory_initiate_command(router->address, router->addr, router->dir_port,
  180. router->platform, router->identity_digest,
  181. purpose, resource, payload, payload_len);
  182. }
  183. /** As directory_initiate_command_router, but send the command to a trusted
  184. * directory server <b>dirserv</b>. **/
  185. static void
  186. directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
  187. uint8_t purpose, const char *resource,
  188. const char *payload, size_t payload_len)
  189. {
  190. directory_initiate_command(dirserv->address, dirserv->addr,dirserv->dir_port,
  191. NULL, dirserv->digest, purpose, resource, payload, payload_len);
  192. }
  193. /** Helper for directory_initiate_command(router|trusted_dir): send the
  194. * command to a server whose address is <b>address</b>, whose IP is
  195. * <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version is
  196. * <b>platform</b>, and whose identity key digest is <b>digest</b>. The
  197. * <b>platform</b> argument is optional; the others are required. */
  198. static void
  199. directory_initiate_command(const char *address, uint32_t addr,
  200. uint16_t dir_port, const char *platform,
  201. const char *digest, uint8_t purpose,
  202. const char *resource,
  203. const char *payload, size_t payload_len)
  204. {
  205. connection_t *conn;
  206. tor_assert(address);
  207. tor_assert(addr);
  208. tor_assert(dir_port);
  209. tor_assert(digest);
  210. switch (purpose) {
  211. case DIR_PURPOSE_FETCH_DIR:
  212. log_fn(LOG_DEBUG,"initiating directory fetch");
  213. break;
  214. case DIR_PURPOSE_FETCH_RENDDESC:
  215. log_fn(LOG_DEBUG,"initiating hidden-service descriptor fetch");
  216. break;
  217. case DIR_PURPOSE_UPLOAD_DIR:
  218. log_fn(LOG_DEBUG,"initiating server descriptor upload");
  219. break;
  220. case DIR_PURPOSE_UPLOAD_RENDDESC:
  221. log_fn(LOG_DEBUG,"initiating hidden-service descriptor upload");
  222. break;
  223. case DIR_PURPOSE_FETCH_RUNNING_LIST:
  224. log_fn(LOG_DEBUG,"initiating running-routers fetch");
  225. break;
  226. default:
  227. log_fn(LOG_ERR, "Unrecognized directory connection purpose.");
  228. tor_assert(0);
  229. }
  230. conn = connection_new(CONN_TYPE_DIR);
  231. /* set up conn so it's got all the data we need to remember */
  232. conn->addr = addr;
  233. conn->port = dir_port;
  234. if(get_options()->HttpProxy) {
  235. addr = get_options()->HttpProxyAddr;
  236. dir_port = get_options()->HttpProxyPort;
  237. }
  238. conn->address = tor_strdup(address);
  239. /* conn->nickname = tor_strdup(router->nickname); */
  240. /* tor_assert(router->identity_pkey); */
  241. /* conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey); */
  242. /* crypto_pk_get_digest(conn->identity_pkey, conn->identity_digest); */
  243. memcpy(conn->identity_digest, digest, DIGEST_LEN);
  244. conn->purpose = purpose;
  245. /* give it an initial state */
  246. conn->state = DIR_CONN_STATE_CONNECTING;
  247. if(purpose == DIR_PURPOSE_FETCH_DIR ||
  248. purpose == DIR_PURPOSE_UPLOAD_DIR ||
  249. purpose == DIR_PURPOSE_FETCH_RUNNING_LIST) {
  250. /* then we want to connect directly */
  251. switch(connection_connect(conn, conn->address, addr, dir_port)) {
  252. case -1:
  253. router_mark_as_down(conn->identity_digest); /* don't try him again */
  254. if(purpose == DIR_PURPOSE_FETCH_DIR &&
  255. !all_trusted_directory_servers_down()) {
  256. log_fn(LOG_INFO,"Giving up on dirserver '%s'; trying another.", conn->address);
  257. directory_get_from_dirserver(purpose, NULL);
  258. }
  259. connection_free(conn);
  260. return;
  261. case 1:
  262. conn->state = DIR_CONN_STATE_CLIENT_SENDING; /* start flushing conn */
  263. /* fall through */
  264. case 0:
  265. /* queue the command on the outbuf */
  266. directory_send_command(conn, platform, purpose, resource,
  267. payload, payload_len);
  268. connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
  269. /* writable indicates finish, readable indicates broken link,
  270. error indicates broken link in windowsland. */
  271. }
  272. } else { /* we want to connect via tor */
  273. /* make an AP connection
  274. * populate it and add it at the right state
  275. * socketpair and hook up both sides
  276. */
  277. conn->s = connection_ap_make_bridge(conn->address, conn->port);
  278. if(conn->s < 0) {
  279. log_fn(LOG_WARN,"Making AP bridge to dirserver failed.");
  280. connection_mark_for_close(conn);
  281. return;
  282. }
  283. conn->state = DIR_CONN_STATE_CLIENT_SENDING;
  284. connection_add(conn);
  285. /* queue the command on the outbuf */
  286. directory_send_command(conn, platform, purpose, resource,
  287. payload, payload_len);
  288. connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
  289. }
  290. }
  291. /** Queue an appropriate HTTP command on conn-\>outbuf. The other args
  292. * are as in directory_initiate_command.
  293. */
  294. static void
  295. directory_send_command(connection_t *conn, const char *platform,
  296. int purpose, const char *resource,
  297. const char *payload, size_t payload_len) {
  298. char tmp[8192];
  299. char proxystring[128];
  300. char hoststring[128];
  301. char url[128];
  302. int use_newer = 0;
  303. const char *httpcommand = NULL;
  304. tor_assert(conn);
  305. tor_assert(conn->type == CONN_TYPE_DIR);
  306. /* If we don't know the platform, assume it's up-to-date. */
  307. use_newer = platform ? tor_version_as_new_as(platform, "0.0.9pre1"):1;
  308. if(conn->port == 80) {
  309. strlcpy(hoststring, conn->address, sizeof(hoststring));
  310. } else {
  311. tor_snprintf(hoststring, sizeof(hoststring),"%s:%d",conn->address, conn->port);
  312. }
  313. if(get_options()->HttpProxy) {
  314. tor_snprintf(proxystring, sizeof(proxystring),"http://%s", hoststring);
  315. } else {
  316. proxystring[0] = 0;
  317. }
  318. switch(purpose) {
  319. case DIR_PURPOSE_FETCH_DIR:
  320. tor_assert(!resource);
  321. tor_assert(!payload);
  322. log_fn(LOG_DEBUG, "Asking for %scompressed directory from server running %s",
  323. use_newer?"":"un", platform?platform:"<unknown version>");
  324. httpcommand = "GET";
  325. strlcpy(url, use_newer ? "/tor/dir.z" : "/", sizeof(url));
  326. break;
  327. case DIR_PURPOSE_FETCH_RUNNING_LIST:
  328. tor_assert(!resource);
  329. tor_assert(!payload);
  330. httpcommand = "GET";
  331. strlcpy(url, use_newer ? "/tor/running-routers" : "/running-routers", sizeof(url));
  332. break;
  333. case DIR_PURPOSE_UPLOAD_DIR:
  334. tor_assert(!resource);
  335. tor_assert(payload);
  336. httpcommand = "POST";
  337. strlcpy(url, use_newer ? "/tor/" : "/", sizeof(url));
  338. break;
  339. case DIR_PURPOSE_FETCH_RENDDESC:
  340. tor_assert(resource);
  341. tor_assert(!payload);
  342. /* this must be true or we wouldn't be doing the lookup */
  343. tor_assert(strlen(resource) <= REND_SERVICE_ID_LEN);
  344. /* This breaks the function abstraction. */
  345. strlcpy(conn->rend_query, resource, sizeof(conn->rend_query));
  346. httpcommand = "GET";
  347. tor_snprintf(url, sizeof(url), "%s/rendezvous/%s", use_newer ? "/tor" : "", resource);
  348. break;
  349. case DIR_PURPOSE_UPLOAD_RENDDESC:
  350. tor_assert(!resource);
  351. tor_assert(payload);
  352. httpcommand = "POST";
  353. tor_snprintf(url, sizeof(url), "%s/rendezvous/publish", use_newer ? "/tor" : "");
  354. break;
  355. }
  356. tor_snprintf(tmp, sizeof(tmp), "%s %s%s HTTP/1.0\r\nContent-Length: %lu\r\nHost: %s\r\n\r\n",
  357. httpcommand,
  358. proxystring,
  359. url,
  360. payload ? (unsigned long)payload_len : 0,
  361. hoststring);
  362. connection_write_to_buf(tmp, strlen(tmp), conn);
  363. if(payload) {
  364. /* then send the payload afterwards too */
  365. connection_write_to_buf(payload, payload_len, conn);
  366. }
  367. }
  368. /** Parse an HTTP request string <b>headers</b> of the form
  369. * "\%s [http[s]://]\%s HTTP/1..."
  370. * If it's well-formed, strdup the second \%s into *<b>url</b>, and
  371. * null-terminate it. If the url doesn't start with "/tor/", rewrite it
  372. * so it does. Return 0.
  373. * Otherwise, return -1.
  374. */
  375. static int
  376. parse_http_url(char *headers, char **url)
  377. {
  378. char *s, *start, *tmp;
  379. s = (char *)eat_whitespace_no_nl(headers);
  380. if (!*s) return -1;
  381. s = (char *)find_whitespace(s); /* get past GET/POST */
  382. if (!*s) return -1;
  383. s = (char *)eat_whitespace_no_nl(s);
  384. if (!*s) return -1;
  385. start = s; /* this is it, assuming it's valid */
  386. s = (char *)find_whitespace(start);
  387. if (!*s) return -1;
  388. /* tolerate the http[s] proxy style of putting the hostname in the url */
  389. if(s-start >= 4 && !strcmpstart(start,"http")) {
  390. tmp = start + 4;
  391. if(*tmp == 's')
  392. tmp++;
  393. if(s-tmp >= 3 && !strcmpstart(tmp,"://")) {
  394. tmp = strchr(tmp+3, '/');
  395. if(tmp && tmp < s) {
  396. log_fn(LOG_DEBUG,"Skipping over 'http[s]://hostname' string");
  397. start = tmp;
  398. }
  399. }
  400. }
  401. if(s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */
  402. *url = tor_malloc(s - start + 5);
  403. strlcpy(*url,"/tor", s-start+5);
  404. strlcat((*url)+4, start, s-start+1);
  405. } else {
  406. *url = tor_strndup(start, s-start);
  407. }
  408. return 0;
  409. }
  410. /** Parse an HTTP response string <b>headers</b> of the form
  411. * "HTTP/1.\%d \%d\%s\r\n...".
  412. * If it's well-formed, assign *<b>code</b>, point and return 0.
  413. * If <b>date</b> is provided, set *date to the Date header in the
  414. * http headers, or 0 if no such header is found.
  415. * Otherwise, return -1.
  416. */
  417. static int
  418. parse_http_response(const char *headers, int *code, time_t *date,
  419. int *compression)
  420. {
  421. int n1, n2;
  422. char datestr[RFC1123_TIME_LEN+1];
  423. smartlist_t *parsed_headers;
  424. tor_assert(headers);
  425. tor_assert(code);
  426. while(isspace((int)*headers)) headers++; /* tolerate leading whitespace */
  427. if(sscanf(headers, "HTTP/1.%d %d", &n1, &n2) < 2 ||
  428. (n1 != 0 && n1 != 1) ||
  429. (n2 < 100 || n2 >= 600)) {
  430. log_fn(LOG_WARN,"Failed to parse header '%s'",headers);
  431. return -1;
  432. }
  433. *code = n2;
  434. parsed_headers = smartlist_create();
  435. smartlist_split_string(parsed_headers, headers, "\n",
  436. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
  437. if (date) {
  438. *date = 0;
  439. SMARTLIST_FOREACH(parsed_headers, const char *, s,
  440. if (!strcmpstart(s, "Date: ")) {
  441. strlcpy(datestr, s+6, sizeof(datestr));
  442. /* This will do nothing on failure, so we don't need to check
  443. the result. We shouldn't warn, since there are many other valid
  444. date formats besides the one we use. */
  445. parse_rfc1123_time(datestr, date);
  446. break;
  447. });
  448. }
  449. if (compression) {
  450. const char *enc = NULL;
  451. SMARTLIST_FOREACH(parsed_headers, const char *, s,
  452. if (!strcmpstart(s, "Content-Encoding: ")) {
  453. enc = s+18; break;
  454. });
  455. if (!enc || !strcmp(enc, "identity")) {
  456. *compression = 0;
  457. } else if (!strcmp(enc, "deflate") || !strcmp(enc, "x-deflate")) {
  458. *compression = ZLIB_METHOD;
  459. } else if (!strcmp(enc, "gzip") || !strcmp(enc, "x-gzip")) {
  460. *compression = GZIP_METHOD;
  461. } else {
  462. log_fn(LOG_WARN, "Unrecognized content encoding: '%s'", enc);
  463. *compression = 0;
  464. }
  465. }
  466. SMARTLIST_FOREACH(parsed_headers, char *, s, tor_free(s));
  467. smartlist_free(parsed_headers);
  468. return 0;
  469. }
  470. /** We are a client, and we've finished reading the server's
  471. * response. Parse and it and act appropriately.
  472. *
  473. * Return -1 if an error has occurred, or 0 normally. The caller
  474. * will take care of marking the connection for close.
  475. */
  476. static int
  477. connection_dir_client_reached_eof(connection_t *conn)
  478. {
  479. char *body;
  480. char *headers;
  481. size_t body_len=0;
  482. int status_code;
  483. time_t now, date_header=0;
  484. int delta;
  485. int compression;
  486. switch(fetch_from_buf_http(conn->inbuf,
  487. &headers, MAX_HEADERS_SIZE,
  488. &body, &body_len, MAX_DIR_SIZE)) {
  489. case -1: /* overflow */
  490. log_fn(LOG_WARN,"'fetch' response too large. Failing.");
  491. return -1;
  492. case 0:
  493. log_fn(LOG_INFO,"'fetch' response not all here, but we're at eof. Closing.");
  494. return -1;
  495. /* case 1, fall through */
  496. }
  497. if(parse_http_response(headers, &status_code, &date_header,
  498. &compression) < 0) {
  499. log_fn(LOG_WARN,"Unparseable headers. Closing.");
  500. tor_free(body); tor_free(headers);
  501. return -1;
  502. }
  503. if (date_header > 0) {
  504. now = time(NULL);
  505. delta = now-date_header;
  506. if (abs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
  507. log_fn(LOG_WARN, "Received directory with skewed time: we are %d minutes %s, or the directory is %d minutes %s.",
  508. abs(delta)/60, delta>0 ? "ahead" : "behind",
  509. abs(delta)/60, delta>0 ? "behind" : "ahead");
  510. } else {
  511. log_fn(LOG_INFO, "Time on received directory is within tolerance; we are %d seconds skewed. (That's okay.)", delta);
  512. }
  513. }
  514. if (compression != 0) {
  515. char *new_body;
  516. size_t new_len;
  517. if (tor_gzip_uncompress(&new_body, &new_len, body, body_len, compression)) {
  518. log_fn(LOG_WARN, "Unable to decompress HTTP body.");
  519. tor_free(body); tor_free(headers);
  520. return -1;
  521. }
  522. tor_free(body);
  523. body = new_body;
  524. body_len = new_len;
  525. }
  526. if(conn->purpose == DIR_PURPOSE_FETCH_DIR) {
  527. /* fetch/process the directory to learn about new routers. */
  528. log_fn(LOG_INFO,"Received directory (size %d):\n%s", (int)body_len, body);
  529. if(status_code == 503 || body_len == 0) {
  530. log_fn(LOG_INFO,"Empty directory. Ignoring.");
  531. tor_free(body); tor_free(headers);
  532. return 0;
  533. }
  534. if(status_code != 200) {
  535. log_fn(LOG_WARN,"Received http status code %d from dirserver. Failing.",
  536. status_code);
  537. tor_free(body); tor_free(headers);
  538. return -1;
  539. }
  540. if(router_load_routerlist_from_directory(body, NULL, 1) < 0) {
  541. log_fn(LOG_WARN,"I failed to parse the directory I fetched from %s:%d. Ignoring.", conn->address, conn->port);
  542. } else {
  543. log_fn(LOG_INFO,"updated routers.");
  544. }
  545. directory_has_arrived(time(NULL)); /* do things we've been waiting to do */
  546. }
  547. if(conn->purpose == DIR_PURPOSE_FETCH_RUNNING_LIST) {
  548. running_routers_t *rrs;
  549. routerlist_t *rl;
  550. /* just update our list of running routers, if this list is new info */
  551. log_fn(LOG_INFO,"Received running-routers list (size %d):\n%s", (int)body_len, body);
  552. if(status_code != 200) {
  553. log_fn(LOG_WARN,"Received http status code %d from dirserver. Failing.",
  554. status_code);
  555. tor_free(body); tor_free(headers);
  556. return -1;
  557. }
  558. if (!(rrs = router_parse_runningrouters(body))) {
  559. log_fn(LOG_WARN, "Can't parse runningrouters list");
  560. tor_free(body); tor_free(headers);
  561. return -1;
  562. }
  563. router_get_routerlist(&rl);
  564. if (rl)
  565. routerlist_update_from_runningrouters(rl,rrs);
  566. running_routers_free(rrs);
  567. }
  568. if(conn->purpose == DIR_PURPOSE_UPLOAD_DIR) {
  569. switch(status_code) {
  570. case 200:
  571. log_fn(LOG_INFO,"eof (status 200) after uploading server descriptor: finished.");
  572. break;
  573. case 400:
  574. log_fn(LOG_WARN,"http status 400 (bad request) response from dirserver. Malformed server descriptor?");
  575. break;
  576. case 403:
  577. log_fn(LOG_WARN,"http status 403 (unapproved server) response from dirserver. Is your clock skewed? Have you mailed us your identity fingerprint? Are you using the right key? See README.");
  578. break;
  579. default:
  580. log_fn(LOG_WARN,"http status %d response unrecognized.", status_code);
  581. break;
  582. }
  583. }
  584. if(conn->purpose == DIR_PURPOSE_FETCH_RENDDESC) {
  585. log_fn(LOG_INFO,"Received rendezvous descriptor (size %d, status code %d)",
  586. (int)body_len, status_code);
  587. switch(status_code) {
  588. case 200:
  589. if(rend_cache_store(body, body_len) < 0) {
  590. log_fn(LOG_WARN,"Failed to store rendezvous descriptor.");
  591. /* alice's ap_stream will notice when connection_mark_for_close
  592. * cleans it up */
  593. } else {
  594. /* success. notify pending connections about this. */
  595. rend_client_desc_fetched(conn->rend_query, 1);
  596. conn->purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
  597. }
  598. break;
  599. case 404:
  600. /* not there. pending connections will be notified when
  601. * connection_mark_for_close cleans it up. */
  602. break;
  603. case 400:
  604. log_fn(LOG_WARN,"http status 400 (bad request). Dirserver didn't like our rendezvous query?");
  605. break;
  606. }
  607. }
  608. if(conn->purpose == DIR_PURPOSE_UPLOAD_RENDDESC) {
  609. switch(status_code) {
  610. case 200:
  611. log_fn(LOG_INFO,"eof (status 200) after uploading rendezvous descriptor: finished.");
  612. break;
  613. case 400:
  614. log_fn(LOG_WARN,"http status 400 (bad request) response from dirserver. Malformed rendezvous descriptor?");
  615. break;
  616. default:
  617. log_fn(LOG_WARN,"http status %d response unrecognized.", status_code);
  618. break;
  619. }
  620. }
  621. tor_free(body); tor_free(headers);
  622. return 0;
  623. }
  624. int connection_dir_reached_eof(connection_t *conn) {
  625. int retval;
  626. if(conn->state != DIR_CONN_STATE_CLIENT_READING) {
  627. log_fn(LOG_INFO,"conn reached eof, not reading. Closing.");
  628. connection_close_immediate(conn); /* it was an error; give up on flushing */
  629. connection_mark_for_close(conn);
  630. return -1;
  631. }
  632. retval = connection_dir_client_reached_eof(conn);
  633. connection_mark_for_close(conn);
  634. return retval;
  635. }
  636. /** Read handler for directory connections. (That's connections <em>to</em>
  637. * directory servers and connections <em>at</em> directory servers.)
  638. */
  639. int connection_dir_process_inbuf(connection_t *conn) {
  640. tor_assert(conn);
  641. tor_assert(conn->type == CONN_TYPE_DIR);
  642. /* Directory clients write, then read data until they receive EOF;
  643. * directory servers read data until they get an HTTP command, then
  644. * write their response (when it's finished flushing, they mark for
  645. * close).
  646. */
  647. /* If we're on the dirserver side, look for a command. */
  648. if(conn->state == DIR_CONN_STATE_SERVER_COMMAND_WAIT) {
  649. if (directory_handle_command(conn) < 0) {
  650. connection_mark_for_close(conn);
  651. return -1;
  652. }
  653. return 0;
  654. }
  655. /* XXX for READ states, might want to make sure inbuf isn't too big */
  656. log_fn(LOG_DEBUG,"Got data, not eof. Leaving on inbuf.");
  657. return 0;
  658. }
  659. static char answer200[] = "HTTP/1.0 200 OK\r\n\r\n";
  660. static char answer400[] = "HTTP/1.0 400 Bad request\r\n\r\n";
  661. static char answer403[] = "HTTP/1.0 403 Unapproved server\r\n\r\n";
  662. static char answer404[] = "HTTP/1.0 404 Not found\r\n\r\n";
  663. static char answer503[] = "HTTP/1.0 503 Directory unavailable\r\n\r\n";
  664. /** Helper function: called when a dirserver gets a complete HTTP GET
  665. * request. Look for a request for a directory or for a rendezvous
  666. * service descriptor. On finding one, write a response into
  667. * conn-\>outbuf. If the request is unrecognized, send a 400.
  668. * Always return 0. */
  669. static int
  670. directory_handle_command_get(connection_t *conn, char *headers,
  671. char *body, size_t body_len)
  672. {
  673. size_t dlen;
  674. const char *cp;
  675. char *url;
  676. char tmp[8192];
  677. char date[RFC1123_TIME_LEN+1];
  678. log_fn(LOG_DEBUG,"Received GET command.");
  679. conn->state = DIR_CONN_STATE_SERVER_WRITING;
  680. if (parse_http_url(headers, &url) < 0) {
  681. connection_write_to_buf(answer400, strlen(answer400), conn);
  682. return 0;
  683. }
  684. log_fn(LOG_INFO,"rewritten url as '%s'.", url);
  685. if(!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir.z")) { /* directory fetch */
  686. int deflated = !strcmp(url,"/tor/dir.z");
  687. dlen = dirserv_get_directory(&cp, deflated);
  688. tor_free(url);
  689. if(dlen == 0) {
  690. log_fn(LOG_WARN,"My directory is empty. Closing.");
  691. connection_write_to_buf(answer503, strlen(answer503), conn);
  692. return 0;
  693. }
  694. log_fn(LOG_DEBUG,"Dumping %sdirectory to client.",
  695. deflated?"deflated ":"");
  696. format_rfc1123_time(date, time(NULL));
  697. tor_snprintf(tmp, sizeof(tmp), "HTTP/1.0 200 OK\r\nDate: %s\r\nContent-Length: %d\r\nContent-Type: text/plain\r\nContent-Encoding: %s\r\n\r\n",
  698. date,
  699. (int)dlen,
  700. deflated?"deflate":"identity");
  701. connection_write_to_buf(tmp, strlen(tmp), conn);
  702. connection_write_to_buf(cp, dlen, conn);
  703. return 0;
  704. }
  705. if(!strcmp(url,"/tor/running-routers") ||
  706. !strcmp(url,"/tor/running-routers.z")) { /* running-routers fetch */
  707. int deflated = !strcmp(url,"/tor/dir.z");
  708. tor_free(url);
  709. if(!authdir_mode(get_options())) {
  710. /* For now, we don't cache running-routers. Reject. */
  711. connection_write_to_buf(answer400, strlen(answer400), conn);
  712. return 0;
  713. }
  714. dlen = dirserv_get_runningrouters(&cp, deflated);
  715. if(!dlen) { /* we failed to create/cache cp */
  716. connection_write_to_buf(answer503, strlen(answer503), conn);
  717. return 0;
  718. }
  719. format_rfc1123_time(date, time(NULL));
  720. tor_snprintf(tmp, sizeof(tmp), "HTTP/1.0 200 OK\r\nDate: %s\r\nContent-Length: %d\r\nContent-Type: text/plain\r\nContent-Encoding: %s\r\n\r\n",
  721. date,
  722. (int)dlen,
  723. deflated?"deflate":"identity");
  724. connection_write_to_buf(tmp, strlen(tmp), conn);
  725. connection_write_to_buf(cp, strlen(cp), conn);
  726. return 0;
  727. }
  728. if(!strcmpstart(url,"/tor/rendezvous/")) {
  729. /* rendezvous descriptor fetch */
  730. const char *descp;
  731. size_t desc_len;
  732. if(!authdir_mode(get_options())) {
  733. /* We don't hand out rend descs. In fact, it could be a security
  734. * risk, since rend_cache_lookup_desc() below would provide it
  735. * if we're gone to the site recently, and 404 if we haven't.
  736. *
  737. * Reject. */
  738. connection_write_to_buf(answer400, strlen(answer400), conn);
  739. tor_free(url);
  740. return 0;
  741. }
  742. switch(rend_cache_lookup_desc(url+strlen("/tor/rendezvous/"), &descp, &desc_len)) {
  743. case 1: /* valid */
  744. format_rfc1123_time(date, time(NULL));
  745. tor_snprintf(tmp, sizeof(tmp), "HTTP/1.0 200 OK\r\nDate: %s\r\nContent-Length: %d\r\nContent-Type: application/octet-stream\r\n\r\n",
  746. date,
  747. (int)desc_len); /* can't include descp here, because it's got nuls */
  748. connection_write_to_buf(tmp, strlen(tmp), conn);
  749. connection_write_to_buf(descp, desc_len, conn);
  750. break;
  751. case 0: /* well-formed but not present */
  752. connection_write_to_buf(answer404, strlen(answer404), conn);
  753. break;
  754. case -1: /* not well-formed */
  755. connection_write_to_buf(answer400, strlen(answer400), conn);
  756. break;
  757. }
  758. tor_free(url);
  759. return 0;
  760. }
  761. /* we didn't recognize the url */
  762. connection_write_to_buf(answer404, strlen(answer404), conn);
  763. tor_free(url);
  764. return 0;
  765. }
  766. /** Helper function: called when a dirserver gets a complete HTTP POST
  767. * request. Look for an uploaded server descriptor or rendezvous
  768. * service descriptor. On finding one, process it and write a
  769. * response into conn-\>outbuf. If the request is unrecognized, send a
  770. * 400. Always return 0. */
  771. static int
  772. directory_handle_command_post(connection_t *conn, char *headers,
  773. char *body, size_t body_len)
  774. {
  775. const char *cp;
  776. char *url;
  777. log_fn(LOG_DEBUG,"Received POST command.");
  778. conn->state = DIR_CONN_STATE_SERVER_WRITING;
  779. if(!authdir_mode(get_options())) {
  780. /* we just provide cached directories; we don't want to
  781. * receive anything. */
  782. connection_write_to_buf(answer400, strlen(answer400), conn);
  783. return 0;
  784. }
  785. if (parse_http_url(headers, &url) < 0) {
  786. connection_write_to_buf(answer400, strlen(answer400), conn);
  787. return 0;
  788. }
  789. log_fn(LOG_INFO,"rewritten url as '%s'.", url);
  790. if(!strcmp(url,"/tor/")) { /* server descriptor post */
  791. cp = body;
  792. switch(dirserv_add_descriptor(&cp)) {
  793. case -1:
  794. /* malformed descriptor, or something wrong */
  795. connection_write_to_buf(answer400, strlen(answer400), conn);
  796. break;
  797. case 0:
  798. /* descriptor was well-formed but server has not been approved */
  799. connection_write_to_buf(answer403, strlen(answer403), conn);
  800. break;
  801. case 1:
  802. dirserv_get_directory(&cp, 0); /* rebuild and write to disk */
  803. connection_write_to_buf(answer200, strlen(answer200), conn);
  804. break;
  805. }
  806. tor_free(url);
  807. return 0;
  808. }
  809. if(!strcmpstart(url,"/tor/rendezvous/publish")) {
  810. /* rendezvous descriptor post */
  811. if(rend_cache_store(body, body_len) < 0)
  812. connection_write_to_buf(answer400, strlen(answer400), conn);
  813. else
  814. connection_write_to_buf(answer200, strlen(answer200), conn);
  815. tor_free(url);
  816. return 0;
  817. }
  818. /* we didn't recognize the url */
  819. connection_write_to_buf(answer404, strlen(answer404), conn);
  820. tor_free(url);
  821. return 0;
  822. }
  823. /** Called when a dirserver receives data on a directory connection;
  824. * looks for an HTTP request. If the request is complete, remove it
  825. * from the inbuf, try to process it; otherwise, leave it on the
  826. * buffer. Return a 0 on success, or -1 on error.
  827. */
  828. static int directory_handle_command(connection_t *conn) {
  829. char *headers=NULL, *body=NULL;
  830. size_t body_len=0;
  831. int r;
  832. tor_assert(conn);
  833. tor_assert(conn->type == CONN_TYPE_DIR);
  834. switch(fetch_from_buf_http(conn->inbuf,
  835. &headers, MAX_HEADERS_SIZE,
  836. &body, &body_len, MAX_BODY_SIZE)) {
  837. case -1: /* overflow */
  838. log_fn(LOG_WARN,"Invalid input. Closing.");
  839. return -1;
  840. case 0:
  841. log_fn(LOG_DEBUG,"command not all here yet.");
  842. return 0;
  843. /* case 1, fall through */
  844. }
  845. log_fn(LOG_DEBUG,"headers '%s', body '%s'.", headers, body);
  846. if(!strncasecmp(headers,"GET",3))
  847. r = directory_handle_command_get(conn, headers, body, body_len);
  848. else if (!strncasecmp(headers,"POST",4))
  849. r = directory_handle_command_post(conn, headers, body, body_len);
  850. else {
  851. log_fn(LOG_WARN,"Got headers '%s' with unknown command. Closing.", headers);
  852. r = -1;
  853. }
  854. tor_free(headers); tor_free(body);
  855. return r;
  856. }
  857. /** Write handler for directory connections; called when all data has
  858. * been flushed. Close the connection or wait for a response as
  859. * appropriate.
  860. */
  861. int connection_dir_finished_flushing(connection_t *conn) {
  862. tor_assert(conn);
  863. tor_assert(conn->type == CONN_TYPE_DIR);
  864. switch(conn->state) {
  865. case DIR_CONN_STATE_CLIENT_SENDING:
  866. log_fn(LOG_DEBUG,"client finished sending command.");
  867. conn->state = DIR_CONN_STATE_CLIENT_READING;
  868. connection_stop_writing(conn);
  869. return 0;
  870. case DIR_CONN_STATE_SERVER_WRITING:
  871. log_fn(LOG_INFO,"Finished writing server response. Closing.");
  872. connection_mark_for_close(conn);
  873. return 0;
  874. default:
  875. log_fn(LOG_WARN,"BUG: called in unexpected state %d.", conn->state);
  876. return -1;
  877. }
  878. return 0;
  879. }
  880. /** Connected handler for directory connections: begin sending data to the
  881. * server */
  882. int connection_dir_finished_connecting(connection_t *conn)
  883. {
  884. tor_assert(conn);
  885. tor_assert(conn->type == CONN_TYPE_DIR);
  886. tor_assert(conn->state == DIR_CONN_STATE_CONNECTING);
  887. log_fn(LOG_INFO,"Dir connection to router %s:%u established.",
  888. conn->address,conn->port);
  889. conn->state = DIR_CONN_STATE_CLIENT_SENDING; /* start flushing conn */
  890. return 0;
  891. }