Explorar o código

rephist: Remove unused crypto_pk statistics.

These statistics were largely ununsed, and kept track of statistical information
on things like how many time we had done TLS or how many signatures we had
verified.  This information is largely not useful, and would only be logged
after receiving a SIGUSR1 signal (but only if the logging severity level was
less than LOG_INFO).

 * FIXES #19871.
 * REMOVES note_crypto_pk_op(), dump_pk_op(), and pk_op_counts from
   src/or/rephist.c.
 * REMOVES every external call to these functions.
Isis Lovecruft %!s(int64=7) %!d(string=hai) anos
pai
achega
c59ba01550

+ 4 - 0
changes/bug19871

@@ -0,0 +1,4 @@
+ o Code refactoring:
+   - Remove dead code for largely unused statistics on the number of
+     times we've attempted various public key operations. Fixes bug
+     19871; fix by Isis Lovecruft. Bugfix on 0.1.2.4-alpha.

+ 0 - 1
src/or/connection_or.c

@@ -1369,7 +1369,6 @@ connection_tls_start_handshake,(or_connection_t *conn, int receiving))
   connection_start_reading(TO_CONN(conn));
   log_debug(LD_HANDSHAKE,"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT,
             conn->base_.s);
-  note_crypto_pk_op(receiving ? TLS_HANDSHAKE_S : TLS_HANDSHAKE_C);
 
   if (connection_tls_continue_handshake(conn) < 0)
     return -1;

+ 0 - 1
src/or/dirvote.c

@@ -306,7 +306,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
                            signing_key_fingerprint);
   }
 
-  note_crypto_pk_op(SIGN_DIR);
   {
     char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
                                             private_signing_key);

+ 0 - 1
src/or/main.c

@@ -2877,7 +2877,6 @@ dumpstats(int severity)
 
   rep_hist_dump_stats(now,severity);
   rend_service_dump_stats(severity);
-  dump_pk_ops(severity);
   dump_distinct_digest_count(severity);
 }
 

+ 0 - 3
src/or/onion_tap.c

@@ -72,8 +72,6 @@ onion_skin_TAP_create(crypto_pk_t *dest_router_key,
   if (crypto_dh_get_public(dh, challenge, dhbytes))
     goto err;
 
-  note_crypto_pk_op(ENC_ONIONSKIN);
-
   /* set meeting point, meeting cookie, etc here. Leave zero for now. */
   if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
                                       TAP_ONIONSKIN_CHALLENGE_LEN,
@@ -124,7 +122,6 @@ onion_skin_TAP_server_handshake(
     k = i==0?private_key:prev_private_key;
     if (!k)
       break;
-    note_crypto_pk_op(DEC_ONIONSKIN);
     len = crypto_pk_private_hybrid_decrypt(k, challenge,
                                            TAP_ONIONSKIN_CHALLENGE_LEN,
                                            onion_skin,

+ 0 - 1
src/or/rendclient.c

@@ -286,7 +286,6 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
     goto perm_err;
   }
 
-  note_crypto_pk_op(REND_CLIENT);
   /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
    * to avoid buffer overflows? */
   r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,

+ 0 - 1
src/or/rendmid.c

@@ -71,7 +71,6 @@ rend_mid_establish_intro_legacy(or_circuit_t *circ, const uint8_t *request,
     goto err;
   }
   /* Rest of body: signature of previous data */
-  note_crypto_pk_op(REND_MID);
   if (crypto_pk_public_checksig_digest(pk,
                                        (char*)request, 2+asn1len+DIGEST_LEN,
                                        (char*)(request+2+DIGEST_LEN+asn1len),

+ 0 - 3
src/or/rendservice.c

@@ -2845,8 +2845,6 @@ rend_service_decrypt_intro(
   }
 
   /* Decrypt the encrypted part */
-
-  note_crypto_pk_op(REND_SERVER);
   result =
     crypto_pk_private_hybrid_decrypt(
        key, (char *)buf, sizeof(buf),
@@ -3260,7 +3258,6 @@ encode_establish_intro_cell_legacy(char *cell_body_out,
   if (crypto_digest(cell_body_out+len, auth, DIGEST_LEN+9))
     goto err;
   len += 20;
-  note_crypto_pk_op(REND_SERVER);
   r = crypto_pk_private_sign_digest(intro_key, cell_body_out+len,
                                     cell_body_out_len - len,
                                     cell_body_out, len);

+ 0 - 99
src/or/rephist.c

@@ -2064,105 +2064,6 @@ rep_hist_circbuilding_dormant(time_t now)
   return 1;
 }
 
-/** Structure to track how many times we've done each public key operation. */
-static struct {
-  /** How many directory objects have we signed? */
-  unsigned long n_signed_dir_objs;
-  /** How many routerdescs have we signed? */
-  unsigned long n_signed_routerdescs;
-  /** How many directory objects have we verified? */
-  unsigned long n_verified_dir_objs;
-  /** How many routerdescs have we verified */
-  unsigned long n_verified_routerdescs;
-  /** How many onionskins have we encrypted to build circuits? */
-  unsigned long n_onionskins_encrypted;
-  /** How many onionskins have we decrypted to do circuit build requests? */
-  unsigned long n_onionskins_decrypted;
-  /** How many times have we done the TLS handshake as a client? */
-  unsigned long n_tls_client_handshakes;
-  /** How many times have we done the TLS handshake as a server? */
-  unsigned long n_tls_server_handshakes;
-  /** How many PK operations have we done as a hidden service client? */
-  unsigned long n_rend_client_ops;
-  /** How many PK operations have we done as a hidden service midpoint? */
-  unsigned long n_rend_mid_ops;
-  /** How many PK operations have we done as a hidden service provider? */
-  unsigned long n_rend_server_ops;
-} pk_op_counts = {0,0,0,0,0,0,0,0,0,0,0};
-
-/** Increment the count of the number of times we've done <b>operation</b>. */
-void
-note_crypto_pk_op(pk_op_t operation)
-{
-  switch (operation)
-    {
-    case SIGN_DIR:
-      pk_op_counts.n_signed_dir_objs++;
-      break;
-    case SIGN_RTR:
-      pk_op_counts.n_signed_routerdescs++;
-      break;
-    case VERIFY_DIR:
-      pk_op_counts.n_verified_dir_objs++;
-      break;
-    case VERIFY_RTR:
-      pk_op_counts.n_verified_routerdescs++;
-      break;
-    case ENC_ONIONSKIN:
-      pk_op_counts.n_onionskins_encrypted++;
-      break;
-    case DEC_ONIONSKIN:
-      pk_op_counts.n_onionskins_decrypted++;
-      break;
-    case TLS_HANDSHAKE_C:
-      pk_op_counts.n_tls_client_handshakes++;
-      break;
-    case TLS_HANDSHAKE_S:
-      pk_op_counts.n_tls_server_handshakes++;
-      break;
-    case REND_CLIENT:
-      pk_op_counts.n_rend_client_ops++;
-      break;
-    case REND_MID:
-      pk_op_counts.n_rend_mid_ops++;
-      break;
-    case REND_SERVER:
-      pk_op_counts.n_rend_server_ops++;
-      break;
-    default:
-      log_warn(LD_BUG, "Unknown pk operation %d", operation);
-  }
-}
-
-/** Log the number of times we've done each public/private-key operation. */
-void
-dump_pk_ops(int severity)
-{
-  tor_log(severity, LD_HIST,
-      "PK operations: %lu directory objects signed, "
-      "%lu directory objects verified, "
-      "%lu routerdescs signed, "
-      "%lu routerdescs verified, "
-      "%lu onionskins encrypted, "
-      "%lu onionskins decrypted, "
-      "%lu client-side TLS handshakes, "
-      "%lu server-side TLS handshakes, "
-      "%lu rendezvous client operations, "
-      "%lu rendezvous middle operations, "
-      "%lu rendezvous server operations.",
-      pk_op_counts.n_signed_dir_objs,
-      pk_op_counts.n_verified_dir_objs,
-      pk_op_counts.n_signed_routerdescs,
-      pk_op_counts.n_verified_routerdescs,
-      pk_op_counts.n_onionskins_encrypted,
-      pk_op_counts.n_onionskins_decrypted,
-      pk_op_counts.n_tls_client_handshakes,
-      pk_op_counts.n_tls_server_handshakes,
-      pk_op_counts.n_rend_client_ops,
-      pk_op_counts.n_rend_mid_ops,
-      pk_op_counts.n_rend_server_ops);
-}
-
 /*** Exit port statistics ***/
 
 /* Some constants */

+ 0 - 3
src/or/rephist.h

@@ -62,9 +62,6 @@ int any_predicted_circuits(time_t now);
 int rep_hist_circbuilding_dormant(time_t now);
 int predicted_ports_prediction_time_remaining(time_t now);
 
-void note_crypto_pk_op(pk_op_t operation);
-void dump_pk_ops(int severity);
-
 void rep_hist_exit_stats_init(time_t now);
 void rep_hist_reset_exit_stats(time_t now);
 void rep_hist_exit_stats_term(void);

+ 0 - 1
src/or/router.c

@@ -3009,7 +3009,6 @@ router_dump_router_to_string(routerinfo_t *router,
 
   crypto_digest_smartlist(digest, DIGEST_LEN, chunks, "", DIGEST_SHA1);
 
-  note_crypto_pk_op(SIGN_RTR);
   {
     char *sig;
     if (!(sig = router_get_dirobj_signature(digest, DIGEST_LEN, ident_key))) {

+ 0 - 3
src/or/routerparse.c

@@ -1996,7 +1996,6 @@ router_parse_entry_from_string(const char *s, const char *end,
   }
 
   tok = find_by_keyword(tokens, K_ROUTER_SIGNATURE);
-  note_crypto_pk_op(VERIFY_RTR);
 #ifdef COUNT_DISTINCT_DIGESTS
   if (!verified_digests)
     verified_digests = digestmap_new();
@@ -2231,7 +2230,6 @@ extrainfo_parse_entry_from_string(const char *s, const char *end,
   }
 
   if (key) {
-    note_crypto_pk_op(VERIFY_RTR);
     if (check_signature_token(digest, DIGEST_LEN, tok, key, 0,
                               "extra-info") < 0)
       goto err;
@@ -5288,7 +5286,6 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
   }
   /* Parse and verify signature. */
   tok = find_by_keyword(tokens, R_SIGNATURE);
-  note_crypto_pk_op(VERIFY_RTR);
   if (check_signature_token(desc_hash, DIGEST_LEN, tok, result->pk, 0,
                             "v2 rendezvous service descriptor") < 0)
     goto err;