dirclient.c 116 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215
  1. /* Copyright (c) 2001-2004, Roger Dingledine.
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2019, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #define DIRCLIENT_PRIVATE
  6. #include "core/or/or.h"
  7. #include "app/config/config.h"
  8. #include "core/mainloop/connection.h"
  9. #include "core/mainloop/mainloop.h"
  10. #include "core/or/connection_edge.h"
  11. #include "core/or/policies.h"
  12. #include "feature/client/bridges.h"
  13. #include "feature/client/entrynodes.h"
  14. #include "feature/control/control.h"
  15. #include "feature/dirauth/authmode.h"
  16. #include "feature/dirauth/dirvote.h"
  17. #include "feature/dirauth/shared_random.h"
  18. #include "feature/dircache/dirserv.h"
  19. #include "feature/dirclient/dirclient.h"
  20. #include "feature/dirclient/dlstatus.h"
  21. #include "feature/dircommon/consdiff.h"
  22. #include "feature/dircommon/directory.h"
  23. #include "feature/dircommon/fp_pair.h"
  24. #include "feature/hs/hs_cache.h"
  25. #include "feature/hs/hs_client.h"
  26. #include "feature/hs/hs_control.h"
  27. #include "feature/nodelist/authcert.h"
  28. #include "feature/nodelist/describe.h"
  29. #include "feature/nodelist/dirlist.h"
  30. #include "feature/nodelist/microdesc.h"
  31. #include "feature/nodelist/networkstatus.h"
  32. #include "feature/nodelist/node_select.h"
  33. #include "feature/nodelist/nodelist.h"
  34. #include "feature/nodelist/routerinfo.h"
  35. #include "feature/nodelist/routerlist.h"
  36. #include "feature/nodelist/routerset.h"
  37. #include "feature/relay/routermode.h"
  38. #include "feature/relay/selftest.h"
  39. #include "feature/rend/rendcache.h"
  40. #include "feature/rend/rendclient.h"
  41. #include "feature/rend/rendcommon.h"
  42. #include "feature/rend/rendservice.h"
  43. #include "feature/stats/predict_ports.h"
  44. #include "lib/compress/compress.h"
  45. #include "lib/crypt_ops/crypto_format.h"
  46. #include "lib/crypt_ops/crypto_util.h"
  47. #include "lib/encoding/confline.h"
  48. #include "lib/err/backtrace.h"
  49. #include "core/or/entry_connection_st.h"
  50. #include "feature/dircache/cached_dir_st.h"
  51. #include "feature/dirclient/dir_server_st.h"
  52. #include "feature/dircommon/dir_connection_st.h"
  53. #include "feature/nodelist/networkstatus_st.h"
  54. #include "feature/nodelist/node_st.h"
  55. #include "feature/nodelist/routerinfo_st.h"
  56. #include "feature/rend/rend_service_descriptor_st.h"
  57. /** Maximum size, in bytes, for any directory object that we've downloaded. */
  58. #define MAX_DIR_DL_SIZE ((1<<24)-1) /* 16 MB - 1 */
  59. /** How far in the future do we allow a directory server to tell us it is
  60. * before deciding that one of us has the wrong time? */
  61. #define ALLOW_DIRECTORY_TIME_SKEW (30*60)
  62. static int body_is_plausible(const char *body, size_t body_len, int purpose);
  63. static void connection_dir_download_routerdesc_failed(dir_connection_t *conn);
  64. static void connection_dir_bridge_routerdesc_failed(dir_connection_t *conn);
  65. static void connection_dir_download_cert_failed(
  66. dir_connection_t *conn, int status_code);
  67. static void connection_dir_retry_bridges(smartlist_t *descs);
  68. static void dir_routerdesc_download_failed(smartlist_t *failed,
  69. int status_code,
  70. int router_purpose,
  71. int was_extrainfo,
  72. int was_descriptor_digests);
  73. static void dir_microdesc_download_failed(smartlist_t *failed,
  74. int status_code,
  75. const char *dir_id);
  76. static void directory_send_command(dir_connection_t *conn,
  77. const int direct,
  78. const directory_request_t *req);
  79. static void connection_dir_close_consensus_fetches(
  80. dir_connection_t *except_this_one, const char *resource);
  81. /** Return a string describing a given directory connection purpose. */
  82. STATIC const char *
  83. dir_conn_purpose_to_string(int purpose)
  84. {
  85. switch (purpose)
  86. {
  87. case DIR_PURPOSE_UPLOAD_DIR:
  88. return "server descriptor upload";
  89. case DIR_PURPOSE_UPLOAD_VOTE:
  90. return "server vote upload";
  91. case DIR_PURPOSE_UPLOAD_SIGNATURES:
  92. return "consensus signature upload";
  93. case DIR_PURPOSE_FETCH_SERVERDESC:
  94. return "server descriptor fetch";
  95. case DIR_PURPOSE_FETCH_EXTRAINFO:
  96. return "extra-info fetch";
  97. case DIR_PURPOSE_FETCH_CONSENSUS:
  98. return "consensus network-status fetch";
  99. case DIR_PURPOSE_FETCH_CERTIFICATE:
  100. return "authority cert fetch";
  101. case DIR_PURPOSE_FETCH_STATUS_VOTE:
  102. return "status vote fetch";
  103. case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
  104. return "consensus signature fetch";
  105. case DIR_PURPOSE_FETCH_RENDDESC_V2:
  106. return "hidden-service v2 descriptor fetch";
  107. case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
  108. return "hidden-service v2 descriptor upload";
  109. case DIR_PURPOSE_FETCH_HSDESC:
  110. return "hidden-service descriptor fetch";
  111. case DIR_PURPOSE_UPLOAD_HSDESC:
  112. return "hidden-service descriptor upload";
  113. case DIR_PURPOSE_FETCH_MICRODESC:
  114. return "microdescriptor fetch";
  115. }
  116. log_warn(LD_BUG, "Called with unknown purpose %d", purpose);
  117. return "(unknown)";
  118. }
  119. /** Return the requisite directory information types. */
  120. STATIC dirinfo_type_t
  121. dir_fetch_type(int dir_purpose, int router_purpose, const char *resource)
  122. {
  123. dirinfo_type_t type;
  124. switch (dir_purpose) {
  125. case DIR_PURPOSE_FETCH_EXTRAINFO:
  126. type = EXTRAINFO_DIRINFO;
  127. if (router_purpose == ROUTER_PURPOSE_BRIDGE)
  128. type |= BRIDGE_DIRINFO;
  129. else
  130. type |= V3_DIRINFO;
  131. break;
  132. case DIR_PURPOSE_FETCH_SERVERDESC:
  133. if (router_purpose == ROUTER_PURPOSE_BRIDGE)
  134. type = BRIDGE_DIRINFO;
  135. else
  136. type = V3_DIRINFO;
  137. break;
  138. case DIR_PURPOSE_FETCH_STATUS_VOTE:
  139. case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
  140. case DIR_PURPOSE_FETCH_CERTIFICATE:
  141. type = V3_DIRINFO;
  142. break;
  143. case DIR_PURPOSE_FETCH_CONSENSUS:
  144. type = V3_DIRINFO;
  145. if (resource && !strcmp(resource, "microdesc"))
  146. type |= MICRODESC_DIRINFO;
  147. break;
  148. case DIR_PURPOSE_FETCH_MICRODESC:
  149. type = MICRODESC_DIRINFO;
  150. break;
  151. default:
  152. log_warn(LD_BUG, "Unexpected purpose %d", (int)dir_purpose);
  153. type = NO_DIRINFO;
  154. break;
  155. }
  156. return type;
  157. }
  158. /** Return true iff <b>identity_digest</b> is the digest of a router which
  159. * says that it caches extrainfos. (If <b>is_authority</b> we always
  160. * believe that to be true.) */
  161. int
  162. router_supports_extrainfo(const char *identity_digest, int is_authority)
  163. {
  164. const node_t *node = node_get_by_id(identity_digest);
  165. if (node && node->ri) {
  166. if (node->ri->caches_extra_info)
  167. return 1;
  168. }
  169. if (is_authority) {
  170. return 1;
  171. }
  172. return 0;
  173. }
  174. /** Return true iff any trusted directory authority has accepted our
  175. * server descriptor.
  176. *
  177. * We consider any authority sufficient because waiting for all of
  178. * them means it never happens while any authority is down; we don't
  179. * go for something more complex in the middle (like \>1/3 or \>1/2 or
  180. * \>=1/2) because that doesn't seem necessary yet.
  181. */
  182. int
  183. directories_have_accepted_server_descriptor(void)
  184. {
  185. const smartlist_t *servers = router_get_trusted_dir_servers();
  186. const or_options_t *options = get_options();
  187. SMARTLIST_FOREACH(servers, dir_server_t *, d, {
  188. if ((d->type & options->PublishServerDescriptor_) &&
  189. d->has_accepted_serverdesc) {
  190. return 1;
  191. }
  192. });
  193. return 0;
  194. }
  195. /** Start a connection to every suitable directory authority, using
  196. * connection purpose <b>dir_purpose</b> and uploading <b>payload</b>
  197. * (of length <b>payload_len</b>). The dir_purpose should be one of
  198. * 'DIR_PURPOSE_UPLOAD_{DIR|VOTE|SIGNATURES}'.
  199. *
  200. * <b>router_purpose</b> describes the type of descriptor we're
  201. * publishing, if we're publishing a descriptor -- e.g. general or bridge.
  202. *
  203. * <b>type</b> specifies what sort of dir authorities (V3,
  204. * BRIDGE, etc) we should upload to.
  205. *
  206. * If <b>extrainfo_len</b> is nonzero, the first <b>payload_len</b> bytes of
  207. * <b>payload</b> hold a router descriptor, and the next <b>extrainfo_len</b>
  208. * bytes of <b>payload</b> hold an extra-info document. Upload the descriptor
  209. * to all authorities, and the extra-info document to all authorities that
  210. * support it.
  211. */
  212. void
  213. directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
  214. dirinfo_type_t type,
  215. const char *payload,
  216. size_t payload_len, size_t extrainfo_len)
  217. {
  218. const or_options_t *options = get_options();
  219. dir_indirection_t indirection;
  220. const smartlist_t *dirservers = router_get_trusted_dir_servers();
  221. int found = 0;
  222. const int exclude_self = (dir_purpose == DIR_PURPOSE_UPLOAD_VOTE ||
  223. dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES);
  224. tor_assert(dirservers);
  225. /* This tries dirservers which we believe to be down, but ultimately, that's
  226. * harmless, and we may as well err on the side of getting things uploaded.
  227. */
  228. SMARTLIST_FOREACH_BEGIN(dirservers, dir_server_t *, ds) {
  229. routerstatus_t *rs = &(ds->fake_status);
  230. size_t upload_len = payload_len;
  231. if ((type & ds->type) == 0)
  232. continue;
  233. if (exclude_self && router_digest_is_me(ds->digest)) {
  234. /* we don't upload to ourselves, but at least there's now at least
  235. * one authority of this type that has what we wanted to upload. */
  236. found = 1;
  237. continue;
  238. }
  239. if (options->StrictNodes &&
  240. routerset_contains_routerstatus(options->ExcludeNodes, rs, -1)) {
  241. log_warn(LD_DIR, "Wanted to contact authority '%s' for %s, but "
  242. "it's in our ExcludedNodes list and StrictNodes is set. "
  243. "Skipping.",
  244. ds->nickname,
  245. dir_conn_purpose_to_string(dir_purpose));
  246. continue;
  247. }
  248. found = 1; /* at least one authority of this type was listed */
  249. if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR)
  250. ds->has_accepted_serverdesc = 0;
  251. if (extrainfo_len && router_supports_extrainfo(ds->digest, 1)) {
  252. upload_len += extrainfo_len;
  253. log_info(LD_DIR, "Uploading an extrainfo too (length %d)",
  254. (int) extrainfo_len);
  255. }
  256. if (purpose_needs_anonymity(dir_purpose, router_purpose, NULL)) {
  257. indirection = DIRIND_ANONYMOUS;
  258. } else if (!fascist_firewall_allows_dir_server(ds,
  259. FIREWALL_DIR_CONNECTION,
  260. 0)) {
  261. if (fascist_firewall_allows_dir_server(ds, FIREWALL_OR_CONNECTION, 0))
  262. indirection = DIRIND_ONEHOP;
  263. else
  264. indirection = DIRIND_ANONYMOUS;
  265. } else {
  266. indirection = DIRIND_DIRECT_CONN;
  267. }
  268. directory_request_t *req = directory_request_new(dir_purpose);
  269. directory_request_set_routerstatus(req, rs);
  270. directory_request_set_router_purpose(req, router_purpose);
  271. directory_request_set_indirection(req, indirection);
  272. directory_request_set_payload(req, payload, upload_len);
  273. directory_initiate_request(req);
  274. directory_request_free(req);
  275. } SMARTLIST_FOREACH_END(ds);
  276. if (!found) {
  277. char *s = authdir_type_to_string(type);
  278. log_warn(LD_DIR, "Publishing server descriptor to directory authorities "
  279. "of type '%s', but no authorities of that type listed!", s);
  280. tor_free(s);
  281. }
  282. }
  283. /** Return true iff, according to the values in <b>options</b>, we should be
  284. * using directory guards for direct downloads of directory information. */
  285. STATIC int
  286. should_use_directory_guards(const or_options_t *options)
  287. {
  288. /* Public (non-bridge) servers never use directory guards. */
  289. if (public_server_mode(options))
  290. return 0;
  291. /* If guards are disabled, we can't use directory guards.
  292. */
  293. if (!options->UseEntryGuards)
  294. return 0;
  295. /* If we're configured to fetch directory info aggressively or of a
  296. * nonstandard type, don't use directory guards. */
  297. if (options->DownloadExtraInfo || options->FetchDirInfoEarly ||
  298. options->FetchDirInfoExtraEarly || options->FetchUselessDescriptors)
  299. return 0;
  300. return 1;
  301. }
  302. /** Pick an unconstrained directory server from among our guards, the latest
  303. * networkstatus, or the fallback dirservers, for use in downloading
  304. * information of type <b>type</b>, and return its routerstatus. */
  305. static const routerstatus_t *
  306. directory_pick_generic_dirserver(dirinfo_type_t type, int pds_flags,
  307. uint8_t dir_purpose,
  308. circuit_guard_state_t **guard_state_out)
  309. {
  310. const routerstatus_t *rs = NULL;
  311. const or_options_t *options = get_options();
  312. if (options->UseBridges)
  313. log_warn(LD_BUG, "Called when we have UseBridges set.");
  314. if (should_use_directory_guards(options)) {
  315. const node_t *node = guards_choose_dirguard(dir_purpose, guard_state_out);
  316. if (node)
  317. rs = node->rs;
  318. } else {
  319. /* anybody with a non-zero dirport will do */
  320. rs = router_pick_directory_server(type, pds_flags);
  321. }
  322. if (!rs) {
  323. log_info(LD_DIR, "No router found for %s; falling back to "
  324. "dirserver list.", dir_conn_purpose_to_string(dir_purpose));
  325. rs = router_pick_fallback_dirserver(type, pds_flags);
  326. }
  327. return rs;
  328. }
  329. /**
  330. * Set the extra fields in <b>req</b> that are used when requesting a
  331. * consensus of type <b>resource</b>.
  332. *
  333. * Right now, these fields are if-modified-since and x-or-diff-from-consensus.
  334. */
  335. static void
  336. dir_consensus_request_set_additional_headers(directory_request_t *req,
  337. const char *resource)
  338. {
  339. time_t if_modified_since = 0;
  340. uint8_t or_diff_from[DIGEST256_LEN];
  341. int or_diff_from_is_set = 0;
  342. /* DEFAULT_IF_MODIFIED_SINCE_DELAY is 1/20 of the default consensus
  343. * period of 1 hour.
  344. */
  345. const int DEFAULT_IF_MODIFIED_SINCE_DELAY = 180;
  346. const int32_t DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER = 72;
  347. const int32_t MIN_TRY_DIFF_FOR_CONSENSUS_NEWER = 0;
  348. const int32_t MAX_TRY_DIFF_FOR_CONSENSUS_NEWER = 8192;
  349. const char TRY_DIFF_FOR_CONSENSUS_NEWER_NAME[] =
  350. "try-diff-for-consensus-newer-than";
  351. int flav = FLAV_NS;
  352. if (resource)
  353. flav = networkstatus_parse_flavor_name(resource);
  354. int32_t max_age_for_diff = 3600 *
  355. networkstatus_get_param(NULL,
  356. TRY_DIFF_FOR_CONSENSUS_NEWER_NAME,
  357. DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER,
  358. MIN_TRY_DIFF_FOR_CONSENSUS_NEWER,
  359. MAX_TRY_DIFF_FOR_CONSENSUS_NEWER);
  360. if (flav != -1) {
  361. /* IF we have a parsed consensus of this type, we can do an
  362. * if-modified-time based on it. */
  363. networkstatus_t *v;
  364. v = networkstatus_get_latest_consensus_by_flavor(flav);
  365. if (v) {
  366. /* In networks with particularly short V3AuthVotingIntervals,
  367. * ask for the consensus if it's been modified since half the
  368. * V3AuthVotingInterval of the most recent consensus. */
  369. time_t ims_delay = DEFAULT_IF_MODIFIED_SINCE_DELAY;
  370. if (v->fresh_until > v->valid_after
  371. && ims_delay > (v->fresh_until - v->valid_after)/2) {
  372. ims_delay = (v->fresh_until - v->valid_after)/2;
  373. }
  374. if_modified_since = v->valid_after + ims_delay;
  375. if (v->valid_after >= approx_time() - max_age_for_diff) {
  376. memcpy(or_diff_from, v->digest_sha3_as_signed, DIGEST256_LEN);
  377. or_diff_from_is_set = 1;
  378. }
  379. }
  380. } else {
  381. /* Otherwise it might be a consensus we don't parse, but which we
  382. * do cache. Look at the cached copy, perhaps. */
  383. cached_dir_t *cd = dirserv_get_consensus(resource);
  384. /* We have no method of determining the voting interval from an
  385. * unparsed consensus, so we use the default. */
  386. if (cd) {
  387. if_modified_since = cd->published + DEFAULT_IF_MODIFIED_SINCE_DELAY;
  388. if (cd->published >= approx_time() - max_age_for_diff) {
  389. memcpy(or_diff_from, cd->digest_sha3_as_signed, DIGEST256_LEN);
  390. or_diff_from_is_set = 1;
  391. }
  392. }
  393. }
  394. if (if_modified_since > 0)
  395. directory_request_set_if_modified_since(req, if_modified_since);
  396. if (or_diff_from_is_set) {
  397. char hex[HEX_DIGEST256_LEN + 1];
  398. base16_encode(hex, sizeof(hex),
  399. (const char*)or_diff_from, sizeof(or_diff_from));
  400. directory_request_add_header(req, X_OR_DIFF_FROM_CONSENSUS_HEADER, hex);
  401. }
  402. }
  403. /** Start a connection to a random running directory server, using
  404. * connection purpose <b>dir_purpose</b>, intending to fetch descriptors
  405. * of purpose <b>router_purpose</b>, and requesting <b>resource</b>.
  406. * Use <b>pds_flags</b> as arguments to router_pick_directory_server()
  407. * or router_pick_trusteddirserver().
  408. */
  409. MOCK_IMPL(void,
  410. directory_get_from_dirserver,(
  411. uint8_t dir_purpose,
  412. uint8_t router_purpose,
  413. const char *resource,
  414. int pds_flags,
  415. download_want_authority_t want_authority))
  416. {
  417. const routerstatus_t *rs = NULL;
  418. const or_options_t *options = get_options();
  419. int prefer_authority = (directory_fetches_from_authorities(options)
  420. || want_authority == DL_WANT_AUTHORITY);
  421. int require_authority = 0;
  422. int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose,
  423. resource);
  424. dirinfo_type_t type = dir_fetch_type(dir_purpose, router_purpose, resource);
  425. if (type == NO_DIRINFO)
  426. return;
  427. if (!options->FetchServerDescriptors)
  428. return;
  429. circuit_guard_state_t *guard_state = NULL;
  430. if (!get_via_tor) {
  431. if (options->UseBridges && !(type & BRIDGE_DIRINFO)) {
  432. /* We want to ask a running bridge for which we have a descriptor.
  433. *
  434. * When we ask choose_random_entry() for a bridge, we specify what
  435. * sort of dir fetch we'll be doing, so it won't return a bridge
  436. * that can't answer our question.
  437. */
  438. const node_t *node = guards_choose_dirguard(dir_purpose, &guard_state);
  439. if (node && node->ri) {
  440. /* every bridge has a routerinfo. */
  441. routerinfo_t *ri = node->ri;
  442. /* clients always make OR connections to bridges */
  443. tor_addr_port_t or_ap;
  444. directory_request_t *req = directory_request_new(dir_purpose);
  445. /* we are willing to use a non-preferred address if we need to */
  446. fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0,
  447. &or_ap);
  448. directory_request_set_or_addr_port(req, &or_ap);
  449. directory_request_set_directory_id_digest(req,
  450. ri->cache_info.identity_digest);
  451. directory_request_set_router_purpose(req, router_purpose);
  452. directory_request_set_resource(req, resource);
  453. if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS)
  454. dir_consensus_request_set_additional_headers(req, resource);
  455. directory_request_set_guard_state(req, guard_state);
  456. directory_initiate_request(req);
  457. directory_request_free(req);
  458. } else {
  459. if (guard_state) {
  460. entry_guard_cancel(&guard_state);
  461. }
  462. log_notice(LD_DIR, "Ignoring directory request, since no bridge "
  463. "nodes are available yet.");
  464. }
  465. return;
  466. } else {
  467. if (prefer_authority || (type & BRIDGE_DIRINFO)) {
  468. /* only ask authdirservers, and don't ask myself */
  469. rs = router_pick_trusteddirserver(type, pds_flags);
  470. if (rs == NULL && (pds_flags & (PDS_NO_EXISTING_SERVERDESC_FETCH|
  471. PDS_NO_EXISTING_MICRODESC_FETCH))) {
  472. /* We don't want to fetch from any authorities that we're currently
  473. * fetching server descriptors from, and we got no match. Did we
  474. * get no match because all the authorities have connections
  475. * fetching server descriptors (in which case we should just
  476. * return,) or because all the authorities are down or on fire or
  477. * unreachable or something (in which case we should go on with
  478. * our fallback code)? */
  479. pds_flags &= ~(PDS_NO_EXISTING_SERVERDESC_FETCH|
  480. PDS_NO_EXISTING_MICRODESC_FETCH);
  481. rs = router_pick_trusteddirserver(type, pds_flags);
  482. if (rs) {
  483. log_debug(LD_DIR, "Deferring serverdesc fetch: all authorities "
  484. "are in use.");
  485. return;
  486. }
  487. }
  488. if (rs == NULL && require_authority) {
  489. log_info(LD_DIR, "No authorities were available for %s: will try "
  490. "later.", dir_conn_purpose_to_string(dir_purpose));
  491. return;
  492. }
  493. }
  494. if (!rs && !(type & BRIDGE_DIRINFO)) {
  495. rs = directory_pick_generic_dirserver(type, pds_flags,
  496. dir_purpose,
  497. &guard_state);
  498. if (!rs)
  499. get_via_tor = 1; /* last resort: try routing it via Tor */
  500. }
  501. }
  502. }
  503. if (get_via_tor) {
  504. /* Never use fascistfirewall; we're going via Tor. */
  505. pds_flags |= PDS_IGNORE_FASCISTFIREWALL;
  506. rs = router_pick_directory_server(type, pds_flags);
  507. }
  508. /* If we have any hope of building an indirect conn, we know some router
  509. * descriptors. If (rs==NULL), we can't build circuits anyway, so
  510. * there's no point in falling back to the authorities in this case. */
  511. if (rs) {
  512. const dir_indirection_t indirection =
  513. get_via_tor ? DIRIND_ANONYMOUS : DIRIND_ONEHOP;
  514. directory_request_t *req = directory_request_new(dir_purpose);
  515. directory_request_set_routerstatus(req, rs);
  516. directory_request_set_router_purpose(req, router_purpose);
  517. directory_request_set_indirection(req, indirection);
  518. directory_request_set_resource(req, resource);
  519. if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS)
  520. dir_consensus_request_set_additional_headers(req, resource);
  521. if (guard_state)
  522. directory_request_set_guard_state(req, guard_state);
  523. directory_initiate_request(req);
  524. directory_request_free(req);
  525. } else {
  526. log_notice(LD_DIR,
  527. "While fetching directory info, "
  528. "no running dirservers known. Will try again later. "
  529. "(purpose %d)", dir_purpose);
  530. if (!purpose_needs_anonymity(dir_purpose, router_purpose, resource)) {
  531. /* remember we tried them all and failed. */
  532. directory_all_unreachable(time(NULL));
  533. }
  534. }
  535. }
  536. /** As directory_get_from_dirserver, but initiates a request to <i>every</i>
  537. * directory authority other than ourself. Only for use by authorities when
  538. * searching for missing information while voting. */
  539. void
  540. directory_get_from_all_authorities(uint8_t dir_purpose,
  541. uint8_t router_purpose,
  542. const char *resource)
  543. {
  544. tor_assert(dir_purpose == DIR_PURPOSE_FETCH_STATUS_VOTE ||
  545. dir_purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES);
  546. SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
  547. dir_server_t *, ds) {
  548. if (router_digest_is_me(ds->digest))
  549. continue;
  550. if (!(ds->type & V3_DIRINFO))
  551. continue;
  552. const routerstatus_t *rs = &ds->fake_status;
  553. directory_request_t *req = directory_request_new(dir_purpose);
  554. directory_request_set_routerstatus(req, rs);
  555. directory_request_set_router_purpose(req, router_purpose);
  556. directory_request_set_resource(req, resource);
  557. directory_initiate_request(req);
  558. directory_request_free(req);
  559. } SMARTLIST_FOREACH_END(ds);
  560. }
  561. /** Return true iff <b>ind</b> requires a multihop circuit. */
  562. static int
  563. dirind_is_anon(dir_indirection_t ind)
  564. {
  565. return ind == DIRIND_ANON_DIRPORT || ind == DIRIND_ANONYMOUS;
  566. }
  567. /* Choose reachable OR and Dir addresses and ports from status, copying them
  568. * into use_or_ap and use_dir_ap. If indirection is anonymous, then we're
  569. * connecting via another relay, so choose the primary IPv4 address and ports.
  570. *
  571. * status should have at least one reachable address, if we can't choose a
  572. * reachable address, warn and return -1. Otherwise, return 0.
  573. */
  574. static int
  575. directory_choose_address_routerstatus(const routerstatus_t *status,
  576. dir_indirection_t indirection,
  577. tor_addr_port_t *use_or_ap,
  578. tor_addr_port_t *use_dir_ap)
  579. {
  580. tor_assert(status != NULL);
  581. tor_assert(use_or_ap != NULL);
  582. tor_assert(use_dir_ap != NULL);
  583. const or_options_t *options = get_options();
  584. int have_or = 0, have_dir = 0;
  585. /* We expect status to have at least one reachable address if we're
  586. * connecting to it directly.
  587. *
  588. * Therefore, we can simply use the other address if the one we want isn't
  589. * allowed by the firewall.
  590. *
  591. * (When Tor uploads and downloads a hidden service descriptor, it uses
  592. * DIRIND_ANONYMOUS. Even Single Onion Servers (NYI) use DIRIND_ANONYMOUS,
  593. * to avoid HSDirs denying service by rejecting descriptors.)
  594. */
  595. /* Initialise the OR / Dir addresses */
  596. tor_addr_make_null(&use_or_ap->addr, AF_UNSPEC);
  597. use_or_ap->port = 0;
  598. tor_addr_make_null(&use_dir_ap->addr, AF_UNSPEC);
  599. use_dir_ap->port = 0;
  600. /* ORPort connections */
  601. if (indirection == DIRIND_ANONYMOUS) {
  602. if (status->addr) {
  603. /* Since we're going to build a 3-hop circuit and ask the 2nd relay
  604. * to extend to this address, always use the primary (IPv4) OR address */
  605. tor_addr_from_ipv4h(&use_or_ap->addr, status->addr);
  606. use_or_ap->port = status->or_port;
  607. have_or = 1;
  608. }
  609. } else if (indirection == DIRIND_ONEHOP) {
  610. /* We use an IPv6 address if we have one and we prefer it.
  611. * Use the preferred address and port if they are reachable, otherwise,
  612. * use the alternate address and port (if any).
  613. */
  614. fascist_firewall_choose_address_rs(status, FIREWALL_OR_CONNECTION, 0,
  615. use_or_ap);
  616. have_or = tor_addr_port_is_valid_ap(use_or_ap, 0);
  617. }
  618. /* DirPort connections
  619. * DIRIND_ONEHOP uses ORPort, but may fall back to the DirPort on relays */
  620. if (indirection == DIRIND_DIRECT_CONN ||
  621. indirection == DIRIND_ANON_DIRPORT ||
  622. (indirection == DIRIND_ONEHOP
  623. && !directory_must_use_begindir(options))) {
  624. fascist_firewall_choose_address_rs(status, FIREWALL_DIR_CONNECTION, 0,
  625. use_dir_ap);
  626. have_dir = tor_addr_port_is_valid_ap(use_dir_ap, 0);
  627. }
  628. /* We rejected all addresses in the relay's status. This means we can't
  629. * connect to it. */
  630. if (!have_or && !have_dir) {
  631. static int logged_backtrace = 0;
  632. log_info(LD_BUG, "Rejected all OR and Dir addresses from %s when "
  633. "launching an outgoing directory connection to: IPv4 %s OR %d "
  634. "Dir %d IPv6 %s OR %d Dir %d", routerstatus_describe(status),
  635. fmt_addr32(status->addr), status->or_port,
  636. status->dir_port, fmt_addr(&status->ipv6_addr),
  637. status->ipv6_orport, status->dir_port);
  638. if (!logged_backtrace) {
  639. log_backtrace(LOG_INFO, LD_BUG, "Addresses came from");
  640. logged_backtrace = 1;
  641. }
  642. return -1;
  643. }
  644. return 0;
  645. }
  646. /** Return true iff <b>conn</b> is the client side of a directory connection
  647. * we launched to ourself in order to determine the reachability of our
  648. * dir_port. */
  649. static int
  650. directory_conn_is_self_reachability_test(dir_connection_t *conn)
  651. {
  652. if (conn->requested_resource &&
  653. !strcmpstart(conn->requested_resource,"authority")) {
  654. const routerinfo_t *me = router_get_my_routerinfo();
  655. if (me &&
  656. router_digest_is_me(conn->identity_digest) &&
  657. tor_addr_eq_ipv4h(&conn->base_.addr, me->addr) && /*XXXX prop 118*/
  658. me->dir_port == conn->base_.port)
  659. return 1;
  660. }
  661. return 0;
  662. }
  663. /** Called when we are unable to complete the client's request to a directory
  664. * server due to a network error: Mark the router as down and try again if
  665. * possible.
  666. */
  667. void
  668. connection_dir_client_request_failed(dir_connection_t *conn)
  669. {
  670. if (conn->guard_state) {
  671. /* We haven't seen a success on this guard state, so consider it to have
  672. * failed. */
  673. entry_guard_failed(&conn->guard_state);
  674. }
  675. if (directory_conn_is_self_reachability_test(conn)) {
  676. return; /* this was a test fetch. don't retry. */
  677. }
  678. if (!entry_list_is_constrained(get_options()))
  679. router_set_status(conn->identity_digest, 0); /* don't try this one again */
  680. if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
  681. conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) {
  682. log_info(LD_DIR, "Giving up on serverdesc/extrainfo fetch from "
  683. "directory server at '%s'; retrying",
  684. conn->base_.address);
  685. if (conn->router_purpose == ROUTER_PURPOSE_BRIDGE)
  686. connection_dir_bridge_routerdesc_failed(conn);
  687. connection_dir_download_routerdesc_failed(conn);
  688. } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
  689. if (conn->requested_resource)
  690. networkstatus_consensus_download_failed(0, conn->requested_resource);
  691. } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
  692. log_info(LD_DIR, "Giving up on certificate fetch from directory server "
  693. "at '%s'; retrying",
  694. conn->base_.address);
  695. connection_dir_download_cert_failed(conn, 0);
  696. } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) {
  697. log_info(LD_DIR, "Giving up downloading detached signatures from '%s'",
  698. conn->base_.address);
  699. } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) {
  700. log_info(LD_DIR, "Giving up downloading votes from '%s'",
  701. conn->base_.address);
  702. } else if (conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC) {
  703. log_info(LD_DIR, "Giving up on downloading microdescriptors from "
  704. "directory server at '%s'; will retry", conn->base_.address);
  705. connection_dir_download_routerdesc_failed(conn);
  706. }
  707. }
  708. /** Helper: Attempt to fetch directly the descriptors of each bridge
  709. * listed in <b>failed</b>.
  710. */
  711. static void
  712. connection_dir_retry_bridges(smartlist_t *descs)
  713. {
  714. char digest[DIGEST_LEN];
  715. SMARTLIST_FOREACH(descs, const char *, cp,
  716. {
  717. if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) != DIGEST_LEN) {
  718. log_warn(LD_BUG, "Malformed fingerprint in list: %s",
  719. escaped(cp));
  720. continue;
  721. }
  722. retry_bridge_descriptor_fetch_directly(digest);
  723. });
  724. }
  725. /** Called when an attempt to download one or more router descriptors
  726. * or extra-info documents on connection <b>conn</b> failed.
  727. */
  728. static void
  729. connection_dir_download_routerdesc_failed(dir_connection_t *conn)
  730. {
  731. /* No need to increment the failure count for routerdescs, since
  732. * it's not their fault. */
  733. /* No need to relaunch descriptor downloads here: we already do it
  734. * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
  735. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
  736. conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
  737. conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
  738. (void) conn;
  739. }
  740. /** Called when an attempt to download a bridge's routerdesc from
  741. * one of the authorities failed due to a network error. If
  742. * possible attempt to download descriptors from the bridge directly.
  743. */
  744. static void
  745. connection_dir_bridge_routerdesc_failed(dir_connection_t *conn)
  746. {
  747. smartlist_t *which = NULL;
  748. /* Requests for bridge descriptors are in the form 'fp/', so ignore
  749. anything else. */
  750. if (!conn->requested_resource || strcmpstart(conn->requested_resource,"fp/"))
  751. return;
  752. which = smartlist_new();
  753. dir_split_resource_into_fingerprints(conn->requested_resource
  754. + strlen("fp/"),
  755. which, NULL, 0);
  756. tor_assert(conn->base_.purpose != DIR_PURPOSE_FETCH_EXTRAINFO);
  757. if (smartlist_len(which)) {
  758. connection_dir_retry_bridges(which);
  759. SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
  760. }
  761. smartlist_free(which);
  762. }
  763. /** Called when an attempt to fetch a certificate fails. */
  764. static void
  765. connection_dir_download_cert_failed(dir_connection_t *conn, int status)
  766. {
  767. const char *fp_pfx = "fp/";
  768. const char *fpsk_pfx = "fp-sk/";
  769. smartlist_t *failed;
  770. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE);
  771. if (!conn->requested_resource)
  772. return;
  773. failed = smartlist_new();
  774. /*
  775. * We have two cases download by fingerprint (resource starts
  776. * with "fp/") or download by fingerprint/signing key pair
  777. * (resource starts with "fp-sk/").
  778. */
  779. if (!strcmpstart(conn->requested_resource, fp_pfx)) {
  780. /* Download by fingerprint case */
  781. dir_split_resource_into_fingerprints(conn->requested_resource +
  782. strlen(fp_pfx),
  783. failed, NULL, DSR_HEX);
  784. SMARTLIST_FOREACH_BEGIN(failed, char *, cp) {
  785. /* Null signing key digest indicates download by fp only */
  786. authority_cert_dl_failed(cp, NULL, status);
  787. tor_free(cp);
  788. } SMARTLIST_FOREACH_END(cp);
  789. } else if (!strcmpstart(conn->requested_resource, fpsk_pfx)) {
  790. /* Download by (fp,sk) pairs */
  791. dir_split_resource_into_fingerprint_pairs(conn->requested_resource +
  792. strlen(fpsk_pfx), failed);
  793. SMARTLIST_FOREACH_BEGIN(failed, fp_pair_t *, cp) {
  794. authority_cert_dl_failed(cp->first, cp->second, status);
  795. tor_free(cp);
  796. } SMARTLIST_FOREACH_END(cp);
  797. } else {
  798. log_warn(LD_DIR,
  799. "Don't know what to do with failure for cert fetch %s",
  800. conn->requested_resource);
  801. }
  802. smartlist_free(failed);
  803. update_certificate_downloads(time(NULL));
  804. }
  805. /* Should this tor instance only use begindir for all its directory requests?
  806. */
  807. int
  808. directory_must_use_begindir(const or_options_t *options)
  809. {
  810. /* Clients, onion services, and bridges must use begindir,
  811. * relays and authorities do not have to */
  812. return !public_server_mode(options);
  813. }
  814. /** Evaluate the situation and decide if we should use an encrypted
  815. * "begindir-style" connection for this directory request.
  816. * 0) If there is no DirPort, yes.
  817. * 1) If or_port is 0, or it's a direct conn and or_port is firewalled
  818. * or we're a dir mirror, no.
  819. * 2) If we prefer to avoid begindir conns, and we're not fetching or
  820. * publishing a bridge relay descriptor, no.
  821. * 3) Else yes.
  822. * If returning 0, return in *reason why we can't use begindir.
  823. * reason must not be NULL.
  824. */
  825. static int
  826. directory_command_should_use_begindir(const or_options_t *options,
  827. const directory_request_t *req,
  828. const char **reason)
  829. {
  830. const tor_addr_t *or_addr = &req->or_addr_port.addr;
  831. //const tor_addr_t *dir_addr = &req->dir_addr_port.addr;
  832. const int or_port = req->or_addr_port.port;
  833. const int dir_port = req->dir_addr_port.port;
  834. const dir_indirection_t indirection = req->indirection;
  835. tor_assert(reason);
  836. *reason = NULL;
  837. /* Reasons why we must use begindir */
  838. if (!dir_port) {
  839. *reason = "(using begindir - directory with no DirPort)";
  840. return 1; /* We don't know a DirPort -- must begindir. */
  841. }
  842. /* Reasons why we can't possibly use begindir */
  843. if (!or_port) {
  844. *reason = "directory with unknown ORPort";
  845. return 0; /* We don't know an ORPort -- no chance. */
  846. }
  847. if (indirection == DIRIND_DIRECT_CONN ||
  848. indirection == DIRIND_ANON_DIRPORT) {
  849. *reason = "DirPort connection";
  850. return 0;
  851. }
  852. if (indirection == DIRIND_ONEHOP) {
  853. /* We're firewalled and want a direct OR connection */
  854. if (!fascist_firewall_allows_address_addr(or_addr, or_port,
  855. FIREWALL_OR_CONNECTION, 0, 0)) {
  856. *reason = "ORPort not reachable";
  857. return 0;
  858. }
  859. }
  860. /* Reasons why we want to avoid using begindir */
  861. if (indirection == DIRIND_ONEHOP) {
  862. if (!directory_must_use_begindir(options)) {
  863. *reason = "in relay mode";
  864. return 0;
  865. }
  866. }
  867. /* DIRIND_ONEHOP on a client, or DIRIND_ANONYMOUS
  868. */
  869. *reason = "(using begindir)";
  870. return 1;
  871. }
  872. /**
  873. * Create and return a new directory_request_t with purpose
  874. * <b>dir_purpose</b>.
  875. */
  876. directory_request_t *
  877. directory_request_new(uint8_t dir_purpose)
  878. {
  879. tor_assert(dir_purpose >= DIR_PURPOSE_MIN_);
  880. tor_assert(dir_purpose <= DIR_PURPOSE_MAX_);
  881. tor_assert(dir_purpose != DIR_PURPOSE_SERVER);
  882. tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2);
  883. tor_assert(dir_purpose != DIR_PURPOSE_HAS_FETCHED_HSDESC);
  884. directory_request_t *result = tor_malloc_zero(sizeof(*result));
  885. tor_addr_make_null(&result->or_addr_port.addr, AF_INET);
  886. result->or_addr_port.port = 0;
  887. tor_addr_make_null(&result->dir_addr_port.addr, AF_INET);
  888. result->dir_addr_port.port = 0;
  889. result->dir_purpose = dir_purpose;
  890. result->router_purpose = ROUTER_PURPOSE_GENERAL;
  891. result->indirection = DIRIND_ONEHOP;
  892. return result;
  893. }
  894. /**
  895. * Release all resources held by <b>req</b>.
  896. */
  897. void
  898. directory_request_free_(directory_request_t *req)
  899. {
  900. if (req == NULL)
  901. return;
  902. config_free_lines(req->additional_headers);
  903. tor_free(req);
  904. }
  905. /**
  906. * Set the address and OR port to use for this directory request. If there is
  907. * no OR port, we'll have to connect over the dirport. (If there are both,
  908. * the indirection setting determines which to use.)
  909. */
  910. void
  911. directory_request_set_or_addr_port(directory_request_t *req,
  912. const tor_addr_port_t *p)
  913. {
  914. memcpy(&req->or_addr_port, p, sizeof(*p));
  915. }
  916. /**
  917. * Set the address and dirport to use for this directory request. If there
  918. * is no dirport, we'll have to connect over the OR port. (If there are both,
  919. * the indirection setting determines which to use.)
  920. */
  921. void
  922. directory_request_set_dir_addr_port(directory_request_t *req,
  923. const tor_addr_port_t *p)
  924. {
  925. memcpy(&req->dir_addr_port, p, sizeof(*p));
  926. }
  927. /**
  928. * Set the RSA identity digest of the directory to use for this directory
  929. * request.
  930. */
  931. void
  932. directory_request_set_directory_id_digest(directory_request_t *req,
  933. const char *digest)
  934. {
  935. memcpy(req->digest, digest, DIGEST_LEN);
  936. }
  937. /**
  938. * Set the router purpose associated with uploaded and downloaded router
  939. * descriptors and extrainfo documents in this directory request. The purpose
  940. * must be one of ROUTER_PURPOSE_GENERAL (the default) or
  941. * ROUTER_PURPOSE_BRIDGE.
  942. */
  943. void
  944. directory_request_set_router_purpose(directory_request_t *req,
  945. uint8_t router_purpose)
  946. {
  947. tor_assert(router_purpose == ROUTER_PURPOSE_GENERAL ||
  948. router_purpose == ROUTER_PURPOSE_BRIDGE);
  949. // assert that it actually makes sense to set this purpose, given
  950. // the dir_purpose.
  951. req->router_purpose = router_purpose;
  952. }
  953. /**
  954. * Set the indirection to be used for the directory request. The indirection
  955. * parameter configures whether to connect to a DirPort or ORPort, and whether
  956. * to anonymize the connection. DIRIND_ONEHOP (use ORPort, don't anonymize)
  957. * is the default. See dir_indirection_t for more information.
  958. */
  959. void
  960. directory_request_set_indirection(directory_request_t *req,
  961. dir_indirection_t indirection)
  962. {
  963. req->indirection = indirection;
  964. }
  965. /**
  966. * Set a pointer to the resource to request from a directory. Different
  967. * request types use resources to indicate different components of their URL.
  968. * Note that only an alias to <b>resource</b> is stored, so the
  969. * <b>resource</b> must outlive the request.
  970. */
  971. void
  972. directory_request_set_resource(directory_request_t *req,
  973. const char *resource)
  974. {
  975. req->resource = resource;
  976. }
  977. /**
  978. * Set a pointer to the payload to include with this directory request, along
  979. * with its length. Note that only an alias to <b>payload</b> is stored, so
  980. * the <b>payload</b> must outlive the request.
  981. */
  982. void
  983. directory_request_set_payload(directory_request_t *req,
  984. const char *payload,
  985. size_t payload_len)
  986. {
  987. tor_assert(DIR_PURPOSE_IS_UPLOAD(req->dir_purpose));
  988. req->payload = payload;
  989. req->payload_len = payload_len;
  990. }
  991. /**
  992. * Set an if-modified-since date to send along with the request. The
  993. * default is 0 (meaning, send no if-modified-since header).
  994. */
  995. void
  996. directory_request_set_if_modified_since(directory_request_t *req,
  997. time_t if_modified_since)
  998. {
  999. req->if_modified_since = if_modified_since;
  1000. }
  1001. /** Include a header of name <b>key</b> with content <b>val</b> in the
  1002. * request. Neither may include newlines or other odd characters. Their
  1003. * ordering is not currently guaranteed.
  1004. *
  1005. * Note that, as elsewhere in this module, header keys include a trailing
  1006. * colon and space.
  1007. */
  1008. void
  1009. directory_request_add_header(directory_request_t *req,
  1010. const char *key,
  1011. const char *val)
  1012. {
  1013. config_line_prepend(&req->additional_headers, key, val);
  1014. }
  1015. /**
  1016. * Set an object containing HS data to be associated with this request. Note
  1017. * that only an alias to <b>query</b> is stored, so the <b>query</b> object
  1018. * must outlive the request.
  1019. */
  1020. void
  1021. directory_request_set_rend_query(directory_request_t *req,
  1022. const rend_data_t *query)
  1023. {
  1024. if (query) {
  1025. tor_assert(req->dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 ||
  1026. req->dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
  1027. }
  1028. req->rend_query = query;
  1029. }
  1030. /**
  1031. * Set an object containing HS connection identifier to be associated with
  1032. * this request. Note that only an alias to <b>ident</b> is stored, so the
  1033. * <b>ident</b> object must outlive the request.
  1034. */
  1035. void
  1036. directory_request_upload_set_hs_ident(directory_request_t *req,
  1037. const hs_ident_dir_conn_t *ident)
  1038. {
  1039. if (ident) {
  1040. tor_assert(req->dir_purpose == DIR_PURPOSE_UPLOAD_HSDESC);
  1041. }
  1042. req->hs_ident = ident;
  1043. }
  1044. /**
  1045. * Set an object containing HS connection identifier to be associated with
  1046. * this fetch request. Note that only an alias to <b>ident</b> is stored, so
  1047. * the <b>ident</b> object must outlive the request.
  1048. */
  1049. void
  1050. directory_request_fetch_set_hs_ident(directory_request_t *req,
  1051. const hs_ident_dir_conn_t *ident)
  1052. {
  1053. if (ident) {
  1054. tor_assert(req->dir_purpose == DIR_PURPOSE_FETCH_HSDESC);
  1055. }
  1056. req->hs_ident = ident;
  1057. }
  1058. /** Set a static circuit_guard_state_t object to affliate with the request in
  1059. * <b>req</b>. This object will receive notification when the attempt to
  1060. * connect to the guard either succeeds or fails. */
  1061. void
  1062. directory_request_set_guard_state(directory_request_t *req,
  1063. circuit_guard_state_t *state)
  1064. {
  1065. req->guard_state = state;
  1066. }
  1067. /**
  1068. * Internal: Return true if any information for contacting the directory in
  1069. * <b>req</b> has been set, other than by the routerstatus. */
  1070. static int
  1071. directory_request_dir_contact_info_specified(const directory_request_t *req)
  1072. {
  1073. /* We only check for ports here, since we don't use an addr unless the port
  1074. * is set */
  1075. return (req->or_addr_port.port ||
  1076. req->dir_addr_port.port ||
  1077. ! tor_digest_is_zero(req->digest));
  1078. }
  1079. /**
  1080. * Set the routerstatus to use for the directory associated with this
  1081. * request. If this option is set, then no other function to set the
  1082. * directory's address or identity should be called.
  1083. */
  1084. void
  1085. directory_request_set_routerstatus(directory_request_t *req,
  1086. const routerstatus_t *status)
  1087. {
  1088. req->routerstatus = status;
  1089. }
  1090. /**
  1091. * Helper: update the addresses, ports, and identities in <b>req</b>
  1092. * from the routerstatus object in <b>req</b>. Return 0 on success.
  1093. * On failure, warn and return -1.
  1094. */
  1095. static int
  1096. directory_request_set_dir_from_routerstatus(directory_request_t *req)
  1097. {
  1098. const routerstatus_t *status = req->routerstatus;
  1099. if (BUG(status == NULL))
  1100. return -1;
  1101. const or_options_t *options = get_options();
  1102. const node_t *node;
  1103. tor_addr_port_t use_or_ap, use_dir_ap;
  1104. const int anonymized_connection = dirind_is_anon(req->indirection);
  1105. tor_assert(status != NULL);
  1106. node = node_get_by_id(status->identity_digest);
  1107. /* XXX The below check is wrong: !node means it's not in the consensus,
  1108. * but we haven't checked if we have a descriptor for it -- and also,
  1109. * we only care about the descriptor if it's a begindir-style anonymized
  1110. * connection. */
  1111. if (!node && anonymized_connection) {
  1112. log_info(LD_DIR, "Not sending anonymized request to directory '%s'; we "
  1113. "don't have its router descriptor.",
  1114. routerstatus_describe(status));
  1115. return -1;
  1116. }
  1117. if (options->ExcludeNodes && options->StrictNodes &&
  1118. routerset_contains_routerstatus(options->ExcludeNodes, status, -1)) {
  1119. log_warn(LD_DIR, "Wanted to contact directory mirror %s for %s, but "
  1120. "it's in our ExcludedNodes list and StrictNodes is set. "
  1121. "Skipping. This choice might make your Tor not work.",
  1122. routerstatus_describe(status),
  1123. dir_conn_purpose_to_string(req->dir_purpose));
  1124. return -1;
  1125. }
  1126. /* At this point, if we are a client making a direct connection to a
  1127. * directory server, we have selected a server that has at least one address
  1128. * allowed by ClientUseIPv4/6 and Reachable{"",OR,Dir}Addresses. This
  1129. * selection uses the preference in ClientPreferIPv6{OR,Dir}Port, if
  1130. * possible. (If UseBridges is set, clients always use IPv6, and prefer it
  1131. * by default.)
  1132. *
  1133. * Now choose an address that we can use to connect to the directory server.
  1134. */
  1135. if (directory_choose_address_routerstatus(status,
  1136. req->indirection, &use_or_ap,
  1137. &use_dir_ap) < 0) {
  1138. return -1;
  1139. }
  1140. directory_request_set_or_addr_port(req, &use_or_ap);
  1141. directory_request_set_dir_addr_port(req, &use_dir_ap);
  1142. directory_request_set_directory_id_digest(req, status->identity_digest);
  1143. return 0;
  1144. }
  1145. /**
  1146. * Launch the provided directory request, configured in <b>request</b>.
  1147. * After this function is called, you can free <b>request</b>.
  1148. */
  1149. MOCK_IMPL(void,
  1150. directory_initiate_request,(directory_request_t *request))
  1151. {
  1152. tor_assert(request);
  1153. if (request->routerstatus) {
  1154. tor_assert_nonfatal(
  1155. ! directory_request_dir_contact_info_specified(request));
  1156. if (directory_request_set_dir_from_routerstatus(request) < 0) {
  1157. return;
  1158. }
  1159. }
  1160. const tor_addr_port_t *or_addr_port = &request->or_addr_port;
  1161. const tor_addr_port_t *dir_addr_port = &request->dir_addr_port;
  1162. const char *digest = request->digest;
  1163. const uint8_t dir_purpose = request->dir_purpose;
  1164. const uint8_t router_purpose = request->router_purpose;
  1165. const dir_indirection_t indirection = request->indirection;
  1166. const char *resource = request->resource;
  1167. const rend_data_t *rend_query = request->rend_query;
  1168. const hs_ident_dir_conn_t *hs_ident = request->hs_ident;
  1169. circuit_guard_state_t *guard_state = request->guard_state;
  1170. tor_assert(or_addr_port->port || dir_addr_port->port);
  1171. tor_assert(digest);
  1172. dir_connection_t *conn;
  1173. const or_options_t *options = get_options();
  1174. int socket_error = 0;
  1175. const char *begindir_reason = NULL;
  1176. /* Should the connection be to a relay's OR port (and inside that we will
  1177. * send our directory request)? */
  1178. const int use_begindir =
  1179. directory_command_should_use_begindir(options, request, &begindir_reason);
  1180. /* Will the connection go via a three-hop Tor circuit? Note that this
  1181. * is separate from whether it will use_begindir. */
  1182. const int anonymized_connection = dirind_is_anon(indirection);
  1183. /* What is the address we want to make the directory request to? If
  1184. * we're making a begindir request this is the ORPort of the relay
  1185. * we're contacting; if not a begindir request, this is its DirPort.
  1186. * Note that if anonymized_connection is true, we won't be initiating
  1187. * a connection directly to this address. */
  1188. tor_addr_t addr;
  1189. tor_addr_copy(&addr, &(use_begindir ? or_addr_port : dir_addr_port)->addr);
  1190. uint16_t port = (use_begindir ? or_addr_port : dir_addr_port)->port;
  1191. log_debug(LD_DIR, "anonymized %d, use_begindir %d.",
  1192. anonymized_connection, use_begindir);
  1193. log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose));
  1194. if (purpose_needs_anonymity(dir_purpose, router_purpose, resource)) {
  1195. tor_assert(anonymized_connection ||
  1196. rend_non_anonymous_mode_enabled(options));
  1197. }
  1198. /* use encrypted begindir connections for everything except relays
  1199. * this provides better protection for directory fetches */
  1200. if (!use_begindir && directory_must_use_begindir(options)) {
  1201. log_warn(LD_BUG, "Client could not use begindir connection: %s",
  1202. begindir_reason ? begindir_reason : "(NULL)");
  1203. return;
  1204. }
  1205. /* ensure that we don't make direct connections when a SOCKS server is
  1206. * configured. */
  1207. if (!anonymized_connection && !use_begindir && !options->HTTPProxy &&
  1208. (options->Socks4Proxy || options->Socks5Proxy)) {
  1209. log_warn(LD_DIR, "Cannot connect to a directory server through a "
  1210. "SOCKS proxy!");
  1211. return;
  1212. }
  1213. /* Make sure that the destination addr and port we picked is viable. */
  1214. if (!port || tor_addr_is_null(&addr)) {
  1215. static int logged_backtrace = 0;
  1216. log_warn(LD_DIR,
  1217. "Cannot make an outgoing %sconnection without a remote %sPort.",
  1218. use_begindir ? "begindir " : "",
  1219. use_begindir ? "OR" : "Dir");
  1220. if (!logged_backtrace) {
  1221. log_backtrace(LOG_INFO, LD_BUG, "Address came from");
  1222. logged_backtrace = 1;
  1223. }
  1224. return;
  1225. }
  1226. conn = dir_connection_new(tor_addr_family(&addr));
  1227. /* set up conn so it's got all the data we need to remember */
  1228. tor_addr_copy(&conn->base_.addr, &addr);
  1229. conn->base_.port = port;
  1230. conn->base_.address = tor_addr_to_str_dup(&addr);
  1231. memcpy(conn->identity_digest, digest, DIGEST_LEN);
  1232. conn->base_.purpose = dir_purpose;
  1233. conn->router_purpose = router_purpose;
  1234. /* give it an initial state */
  1235. conn->base_.state = DIR_CONN_STATE_CONNECTING;
  1236. /* decide whether we can learn our IP address from this conn */
  1237. /* XXXX This is a bad name for this field now. */
  1238. conn->dirconn_direct = !anonymized_connection;
  1239. /* copy rendezvous data, if any */
  1240. if (rend_query) {
  1241. /* We can't have both v2 and v3+ identifier. */
  1242. tor_assert_nonfatal(!hs_ident);
  1243. conn->rend_data = rend_data_dup(rend_query);
  1244. }
  1245. if (hs_ident) {
  1246. /* We can't have both v2 and v3+ identifier. */
  1247. tor_assert_nonfatal(!rend_query);
  1248. conn->hs_ident = hs_ident_dir_conn_dup(hs_ident);
  1249. }
  1250. if (!anonymized_connection && !use_begindir) {
  1251. /* then we want to connect to dirport directly */
  1252. if (options->HTTPProxy) {
  1253. tor_addr_copy(&addr, &options->HTTPProxyAddr);
  1254. port = options->HTTPProxyPort;
  1255. }
  1256. // In this case we should not have picked a directory guard.
  1257. if (BUG(guard_state)) {
  1258. entry_guard_cancel(&guard_state);
  1259. }
  1260. switch (connection_connect(TO_CONN(conn), conn->base_.address, &addr,
  1261. port, &socket_error)) {
  1262. case -1:
  1263. connection_mark_for_close(TO_CONN(conn));
  1264. return;
  1265. case 1:
  1266. /* start flushing conn */
  1267. conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
  1268. /* fall through */
  1269. case 0:
  1270. /* queue the command on the outbuf */
  1271. directory_send_command(conn, 1, request);
  1272. connection_watch_events(TO_CONN(conn), READ_EVENT | WRITE_EVENT);
  1273. /* writable indicates finish, readable indicates broken link,
  1274. error indicates broken link in windowsland. */
  1275. }
  1276. } else {
  1277. /* We will use a Tor circuit (maybe 1-hop, maybe 3-hop, maybe with
  1278. * begindir, maybe not with begindir) */
  1279. entry_connection_t *linked_conn;
  1280. /* Anonymized tunneled connections can never share a circuit.
  1281. * One-hop directory connections can share circuits with each other
  1282. * but nothing else. */
  1283. int iso_flags = anonymized_connection ? ISO_STREAM : ISO_SESSIONGRP;
  1284. /* If it's an anonymized connection, remember the fact that we
  1285. * wanted it for later: maybe we'll want it again soon. */
  1286. if (anonymized_connection && use_begindir)
  1287. rep_hist_note_used_internal(time(NULL), 0, 1);
  1288. else if (anonymized_connection && !use_begindir)
  1289. rep_hist_note_used_port(time(NULL), conn->base_.port);
  1290. // In this case we should not have a directory guard; we'll
  1291. // get a regular guard later when we build the circuit.
  1292. if (BUG(anonymized_connection && guard_state)) {
  1293. entry_guard_cancel(&guard_state);
  1294. }
  1295. conn->guard_state = guard_state;
  1296. /* make an AP connection
  1297. * populate it and add it at the right state
  1298. * hook up both sides
  1299. */
  1300. linked_conn =
  1301. connection_ap_make_link(TO_CONN(conn),
  1302. conn->base_.address, conn->base_.port,
  1303. digest,
  1304. SESSION_GROUP_DIRCONN, iso_flags,
  1305. use_begindir, !anonymized_connection);
  1306. if (!linked_conn) {
  1307. log_warn(LD_NET,"Making tunnel to dirserver failed.");
  1308. connection_mark_for_close(TO_CONN(conn));
  1309. return;
  1310. }
  1311. if (connection_add(TO_CONN(conn)) < 0) {
  1312. log_warn(LD_NET,"Unable to add connection for link to dirserver.");
  1313. connection_mark_for_close(TO_CONN(conn));
  1314. return;
  1315. }
  1316. conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
  1317. /* queue the command on the outbuf */
  1318. directory_send_command(conn, 0, request);
  1319. connection_watch_events(TO_CONN(conn), READ_EVENT|WRITE_EVENT);
  1320. connection_start_reading(ENTRY_TO_CONN(linked_conn));
  1321. }
  1322. }
  1323. /** Helper for sorting
  1324. *
  1325. * sort strings alphabetically
  1326. *
  1327. * XXXX we have a smartlist_sort_strings() function, right?
  1328. */
  1329. static int
  1330. compare_strs_(const void **a, const void **b)
  1331. {
  1332. const char *s1 = *a, *s2 = *b;
  1333. return strcmp(s1, s2);
  1334. }
  1335. #define CONDITIONAL_CONSENSUS_FPR_LEN 3
  1336. #if (CONDITIONAL_CONSENSUS_FPR_LEN > DIGEST_LEN)
  1337. #error "conditional consensus fingerprint length is larger than digest length"
  1338. #endif
  1339. /** Return the URL we should use for a consensus download.
  1340. *
  1341. * Use the "conditional consensus downloading" feature described in
  1342. * dir-spec.txt, i.e.
  1343. * GET .../consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>
  1344. *
  1345. * If 'resource' is provided, it is the name of a consensus flavor to request.
  1346. */
  1347. static char *
  1348. directory_get_consensus_url(const char *resource)
  1349. {
  1350. char *url = NULL;
  1351. const char *hyphen, *flavor;
  1352. if (resource==NULL || strcmp(resource, "ns")==0) {
  1353. flavor = ""; /* Request ns consensuses as "", so older servers will work*/
  1354. hyphen = "";
  1355. } else {
  1356. flavor = resource;
  1357. hyphen = "-";
  1358. }
  1359. {
  1360. char *authority_id_list;
  1361. smartlist_t *authority_digests = smartlist_new();
  1362. SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
  1363. dir_server_t *, ds) {
  1364. char *hex;
  1365. if (!(ds->type & V3_DIRINFO))
  1366. continue;
  1367. hex = tor_malloc(2*CONDITIONAL_CONSENSUS_FPR_LEN+1);
  1368. base16_encode(hex, 2*CONDITIONAL_CONSENSUS_FPR_LEN+1,
  1369. ds->v3_identity_digest, CONDITIONAL_CONSENSUS_FPR_LEN);
  1370. smartlist_add(authority_digests, hex);
  1371. } SMARTLIST_FOREACH_END(ds);
  1372. smartlist_sort(authority_digests, compare_strs_);
  1373. authority_id_list = smartlist_join_strings(authority_digests,
  1374. "+", 0, NULL);
  1375. tor_asprintf(&url, "/tor/status-vote/current/consensus%s%s/%s.z",
  1376. hyphen, flavor, authority_id_list);
  1377. SMARTLIST_FOREACH(authority_digests, char *, cp, tor_free(cp));
  1378. smartlist_free(authority_digests);
  1379. tor_free(authority_id_list);
  1380. }
  1381. return url;
  1382. }
  1383. /**
  1384. * Copies the ipv6 from source to destination, subject to buffer size limit
  1385. * size. If decorate is true, makes sure the copied address is decorated.
  1386. */
  1387. static void
  1388. copy_ipv6_address(char* destination, const char* source, size_t len,
  1389. int decorate) {
  1390. tor_assert(destination);
  1391. tor_assert(source);
  1392. if (decorate && source[0] != '[') {
  1393. tor_snprintf(destination, len, "[%s]", source);
  1394. } else {
  1395. strlcpy(destination, source, len);
  1396. }
  1397. }
  1398. /** Queue an appropriate HTTP command for <b>request</b> on
  1399. * <b>conn</b>-\>outbuf. If <b>direct</b> is true, we're making a
  1400. * non-anonymized connection to the dirport.
  1401. */
  1402. static void
  1403. directory_send_command(dir_connection_t *conn,
  1404. const int direct,
  1405. const directory_request_t *req)
  1406. {
  1407. tor_assert(req);
  1408. const int purpose = req->dir_purpose;
  1409. const char *resource = req->resource;
  1410. const char *payload = req->payload;
  1411. const size_t payload_len = req->payload_len;
  1412. const time_t if_modified_since = req->if_modified_since;
  1413. const int anonymized_connection = dirind_is_anon(req->indirection);
  1414. char proxystring[256];
  1415. char hoststring[128];
  1416. /* NEEDS to be the same size hoststring.
  1417. Will be decorated with brackets around it if it is ipv6. */
  1418. char decorated_address[128];
  1419. smartlist_t *headers = smartlist_new();
  1420. char *url;
  1421. char *accept_encoding;
  1422. size_t url_len;
  1423. char request[8192];
  1424. size_t request_len, total_request_len = 0;
  1425. const char *httpcommand = NULL;
  1426. tor_assert(conn);
  1427. tor_assert(conn->base_.type == CONN_TYPE_DIR);
  1428. tor_free(conn->requested_resource);
  1429. if (resource)
  1430. conn->requested_resource = tor_strdup(resource);
  1431. /* decorate the ip address if it is ipv6 */
  1432. if (strchr(conn->base_.address, ':')) {
  1433. copy_ipv6_address(decorated_address, conn->base_.address,
  1434. sizeof(decorated_address), 1);
  1435. } else {
  1436. strlcpy(decorated_address, conn->base_.address, sizeof(decorated_address));
  1437. }
  1438. /* come up with a string for which Host: we want */
  1439. if (conn->base_.port == 80) {
  1440. strlcpy(hoststring, decorated_address, sizeof(hoststring));
  1441. } else {
  1442. tor_snprintf(hoststring, sizeof(hoststring), "%s:%d",
  1443. decorated_address, conn->base_.port);
  1444. }
  1445. /* Format if-modified-since */
  1446. if (if_modified_since) {
  1447. char b[RFC1123_TIME_LEN+1];
  1448. format_rfc1123_time(b, if_modified_since);
  1449. smartlist_add_asprintf(headers, "If-Modified-Since: %s\r\n", b);
  1450. }
  1451. /* come up with some proxy lines, if we're using one. */
  1452. if (direct && get_options()->HTTPProxy) {
  1453. char *base64_authenticator=NULL;
  1454. const char *authenticator = get_options()->HTTPProxyAuthenticator;
  1455. tor_snprintf(proxystring, sizeof(proxystring),"http://%s", hoststring);
  1456. if (authenticator) {
  1457. base64_authenticator = alloc_http_authenticator(authenticator);
  1458. if (!base64_authenticator)
  1459. log_warn(LD_BUG, "Encoding http authenticator failed");
  1460. }
  1461. if (base64_authenticator) {
  1462. smartlist_add_asprintf(headers,
  1463. "Proxy-Authorization: Basic %s\r\n",
  1464. base64_authenticator);
  1465. tor_free(base64_authenticator);
  1466. }
  1467. } else {
  1468. proxystring[0] = 0;
  1469. }
  1470. if (! anonymized_connection) {
  1471. /* Add Accept-Encoding. */
  1472. accept_encoding = accept_encoding_header();
  1473. smartlist_add_asprintf(headers, "Accept-Encoding: %s\r\n",
  1474. accept_encoding);
  1475. tor_free(accept_encoding);
  1476. }
  1477. /* Add additional headers, if any */
  1478. {
  1479. config_line_t *h;
  1480. for (h = req->additional_headers; h; h = h->next) {
  1481. smartlist_add_asprintf(headers, "%s%s\r\n", h->key, h->value);
  1482. }
  1483. }
  1484. switch (purpose) {
  1485. case DIR_PURPOSE_FETCH_CONSENSUS:
  1486. /* resource is optional. If present, it's a flavor name */
  1487. tor_assert(!payload);
  1488. httpcommand = "GET";
  1489. url = directory_get_consensus_url(resource);
  1490. log_info(LD_DIR, "Downloading consensus from %s using %s",
  1491. hoststring, url);
  1492. break;
  1493. case DIR_PURPOSE_FETCH_CERTIFICATE:
  1494. tor_assert(resource);
  1495. tor_assert(!payload);
  1496. httpcommand = "GET";
  1497. tor_asprintf(&url, "/tor/keys/%s", resource);
  1498. break;
  1499. case DIR_PURPOSE_FETCH_STATUS_VOTE:
  1500. tor_assert(resource);
  1501. tor_assert(!payload);
  1502. httpcommand = "GET";
  1503. tor_asprintf(&url, "/tor/status-vote/next/%s.z", resource);
  1504. break;
  1505. case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
  1506. tor_assert(!resource);
  1507. tor_assert(!payload);
  1508. httpcommand = "GET";
  1509. url = tor_strdup("/tor/status-vote/next/consensus-signatures.z");
  1510. break;
  1511. case DIR_PURPOSE_FETCH_SERVERDESC:
  1512. tor_assert(resource);
  1513. httpcommand = "GET";
  1514. tor_asprintf(&url, "/tor/server/%s", resource);
  1515. break;
  1516. case DIR_PURPOSE_FETCH_EXTRAINFO:
  1517. tor_assert(resource);
  1518. httpcommand = "GET";
  1519. tor_asprintf(&url, "/tor/extra/%s", resource);
  1520. break;
  1521. case DIR_PURPOSE_FETCH_MICRODESC:
  1522. tor_assert(resource);
  1523. httpcommand = "GET";
  1524. tor_asprintf(&url, "/tor/micro/%s", resource);
  1525. break;
  1526. case DIR_PURPOSE_UPLOAD_DIR: {
  1527. const char *why = router_get_descriptor_gen_reason();
  1528. tor_assert(!resource);
  1529. tor_assert(payload);
  1530. httpcommand = "POST";
  1531. url = tor_strdup("/tor/");
  1532. if (!why) {
  1533. why = "for no reason at all";
  1534. }
  1535. smartlist_add_asprintf(headers, "X-Desc-Gen-Reason: %s\r\n", why);
  1536. break;
  1537. }
  1538. case DIR_PURPOSE_UPLOAD_VOTE:
  1539. tor_assert(!resource);
  1540. tor_assert(payload);
  1541. httpcommand = "POST";
  1542. url = tor_strdup("/tor/post/vote");
  1543. break;
  1544. case DIR_PURPOSE_UPLOAD_SIGNATURES:
  1545. tor_assert(!resource);
  1546. tor_assert(payload);
  1547. httpcommand = "POST";
  1548. url = tor_strdup("/tor/post/consensus-signature");
  1549. break;
  1550. case DIR_PURPOSE_FETCH_RENDDESC_V2:
  1551. tor_assert(resource);
  1552. tor_assert(strlen(resource) <= REND_DESC_ID_V2_LEN_BASE32);
  1553. tor_assert(!payload);
  1554. httpcommand = "GET";
  1555. tor_asprintf(&url, "/tor/rendezvous2/%s", resource);
  1556. break;
  1557. case DIR_PURPOSE_FETCH_HSDESC:
  1558. tor_assert(resource);
  1559. tor_assert(strlen(resource) <= ED25519_BASE64_LEN);
  1560. tor_assert(!payload);
  1561. httpcommand = "GET";
  1562. tor_asprintf(&url, "/tor/hs/3/%s", resource);
  1563. break;
  1564. case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
  1565. tor_assert(!resource);
  1566. tor_assert(payload);
  1567. httpcommand = "POST";
  1568. url = tor_strdup("/tor/rendezvous2/publish");
  1569. break;
  1570. case DIR_PURPOSE_UPLOAD_HSDESC:
  1571. tor_assert(resource);
  1572. tor_assert(payload);
  1573. httpcommand = "POST";
  1574. tor_asprintf(&url, "/tor/hs/%s/publish", resource);
  1575. break;
  1576. default:
  1577. tor_assert(0);
  1578. return;
  1579. }
  1580. /* warn in the non-tunneled case */
  1581. if (direct && (strlen(proxystring) + strlen(url) >= 4096)) {
  1582. log_warn(LD_BUG,
  1583. "Squid does not like URLs longer than 4095 bytes, and this "
  1584. "one is %d bytes long: %s%s",
  1585. (int)(strlen(proxystring) + strlen(url)), proxystring, url);
  1586. }
  1587. tor_snprintf(request, sizeof(request), "%s %s", httpcommand, proxystring);
  1588. request_len = strlen(request);
  1589. total_request_len += request_len;
  1590. connection_buf_add(request, request_len, TO_CONN(conn));
  1591. url_len = strlen(url);
  1592. total_request_len += url_len;
  1593. connection_buf_add(url, url_len, TO_CONN(conn));
  1594. tor_free(url);
  1595. if (!strcmp(httpcommand, "POST") || payload) {
  1596. smartlist_add_asprintf(headers, "Content-Length: %lu\r\n",
  1597. payload ? (unsigned long)payload_len : 0);
  1598. }
  1599. {
  1600. char *header = smartlist_join_strings(headers, "", 0, NULL);
  1601. tor_snprintf(request, sizeof(request), " HTTP/1.0\r\nHost: %s\r\n%s\r\n",
  1602. hoststring, header);
  1603. tor_free(header);
  1604. }
  1605. request_len = strlen(request);
  1606. total_request_len += request_len;
  1607. connection_buf_add(request, request_len, TO_CONN(conn));
  1608. if (payload) {
  1609. /* then send the payload afterwards too */
  1610. connection_buf_add(payload, payload_len, TO_CONN(conn));
  1611. total_request_len += payload_len;
  1612. }
  1613. SMARTLIST_FOREACH(headers, char *, h, tor_free(h));
  1614. smartlist_free(headers);
  1615. log_debug(LD_DIR,
  1616. "Sent request to directory server '%s:%d': "
  1617. "(purpose: %d, request size: %"TOR_PRIuSZ", "
  1618. "payload size: %"TOR_PRIuSZ")",
  1619. conn->base_.address, conn->base_.port,
  1620. conn->base_.purpose,
  1621. (total_request_len),
  1622. (payload ? payload_len : 0));
  1623. }
  1624. /** Return true iff <b>body</b> doesn't start with a plausible router or
  1625. * network-status or microdescriptor opening. This is a sign of possible
  1626. * compression. */
  1627. static int
  1628. body_is_plausible(const char *body, size_t len, int purpose)
  1629. {
  1630. int i;
  1631. if (len == 0)
  1632. return 1; /* empty bodies don't need decompression */
  1633. if (len < 32)
  1634. return 0;
  1635. if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
  1636. return (!strcmpstart(body,"onion-key"));
  1637. }
  1638. if (!strcmpstart(body,"router") ||
  1639. !strcmpstart(body,"network-status"))
  1640. return 1;
  1641. for (i=0;i<32;++i) {
  1642. if (!TOR_ISPRINT(body[i]) && !TOR_ISSPACE(body[i]))
  1643. return 0;
  1644. }
  1645. return 1;
  1646. }
  1647. /** Called when we've just fetched a bunch of router descriptors in
  1648. * <b>body</b>. The list <b>which</b>, if present, holds digests for
  1649. * descriptors we requested: descriptor digests if <b>descriptor_digests</b>
  1650. * is true, or identity digests otherwise. Parse the descriptors, validate
  1651. * them, and annotate them as having purpose <b>purpose</b> and as having been
  1652. * downloaded from <b>source</b>.
  1653. *
  1654. * Return the number of routers actually added. */
  1655. static int
  1656. load_downloaded_routers(const char *body, smartlist_t *which,
  1657. int descriptor_digests,
  1658. int router_purpose,
  1659. const char *source)
  1660. {
  1661. char buf[256];
  1662. char time_buf[ISO_TIME_LEN+1];
  1663. int added = 0;
  1664. int general = router_purpose == ROUTER_PURPOSE_GENERAL;
  1665. format_iso_time(time_buf, time(NULL));
  1666. tor_assert(source);
  1667. if (tor_snprintf(buf, sizeof(buf),
  1668. "@downloaded-at %s\n"
  1669. "@source %s\n"
  1670. "%s%s%s", time_buf, escaped(source),
  1671. !general ? "@purpose " : "",
  1672. !general ? router_purpose_to_string(router_purpose) : "",
  1673. !general ? "\n" : "")<0)
  1674. return added;
  1675. added = router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
  1676. descriptor_digests, buf);
  1677. if (added && general)
  1678. control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
  1679. count_loading_descriptors_progress());
  1680. return added;
  1681. }
  1682. static int handle_response_fetch_certificate(dir_connection_t *,
  1683. const response_handler_args_t *);
  1684. static int handle_response_fetch_status_vote(dir_connection_t *,
  1685. const response_handler_args_t *);
  1686. static int handle_response_fetch_detached_signatures(dir_connection_t *,
  1687. const response_handler_args_t *);
  1688. static int handle_response_fetch_desc(dir_connection_t *,
  1689. const response_handler_args_t *);
  1690. static int handle_response_upload_dir(dir_connection_t *,
  1691. const response_handler_args_t *);
  1692. static int handle_response_upload_vote(dir_connection_t *,
  1693. const response_handler_args_t *);
  1694. static int handle_response_upload_signatures(dir_connection_t *,
  1695. const response_handler_args_t *);
  1696. static int handle_response_fetch_renddesc_v2(dir_connection_t *,
  1697. const response_handler_args_t *);
  1698. static int handle_response_upload_renddesc_v2(dir_connection_t *,
  1699. const response_handler_args_t *);
  1700. static int handle_response_upload_hsdesc(dir_connection_t *,
  1701. const response_handler_args_t *);
  1702. static int
  1703. dir_client_decompress_response_body(char **bodyp, size_t *bodylenp,
  1704. dir_connection_t *conn,
  1705. compress_method_t compression,
  1706. int anonymized_connection)
  1707. {
  1708. int rv = 0;
  1709. const char *body = *bodyp;
  1710. size_t body_len = *bodylenp;
  1711. int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
  1712. conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
  1713. conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
  1714. int plausible = body_is_plausible(body, body_len, conn->base_.purpose);
  1715. if (plausible && compression == NO_METHOD) {
  1716. return 0;
  1717. }
  1718. int severity = LOG_DEBUG;
  1719. char *new_body = NULL;
  1720. size_t new_len = 0;
  1721. const char *description1, *description2;
  1722. int want_to_try_both = 0;
  1723. int tried_both = 0;
  1724. compress_method_t guessed = detect_compression_method(body, body_len);
  1725. description1 = compression_method_get_human_name(compression);
  1726. if (BUG(description1 == NULL))
  1727. description1 = compression_method_get_human_name(UNKNOWN_METHOD);
  1728. if (guessed == UNKNOWN_METHOD && !plausible)
  1729. description2 = "confusing binary junk";
  1730. else
  1731. description2 = compression_method_get_human_name(guessed);
  1732. /* Tell the user if we don't believe what we're told about compression.*/
  1733. want_to_try_both = (compression == UNKNOWN_METHOD ||
  1734. guessed != compression);
  1735. if (want_to_try_both) {
  1736. severity = LOG_PROTOCOL_WARN;
  1737. }
  1738. tor_log(severity, LD_HTTP,
  1739. "HTTP body from server '%s:%d' was labeled as %s, "
  1740. "%s it seems to be %s.%s",
  1741. conn->base_.address, conn->base_.port, description1,
  1742. guessed != compression?"but":"and",
  1743. description2,
  1744. (compression>0 && guessed>0 && want_to_try_both)?
  1745. " Trying both.":"");
  1746. /* Try declared compression first if we can.
  1747. * tor_compress_supports_method() also returns true for NO_METHOD.
  1748. * Ensure that the server is not sending us data compressed using a
  1749. * compression method that is not allowed for anonymous connections. */
  1750. if (anonymized_connection &&
  1751. ! allowed_anonymous_connection_compression_method(compression)) {
  1752. warn_disallowed_anonymous_compression_method(compression);
  1753. rv = -1;
  1754. goto done;
  1755. }
  1756. if (tor_compress_supports_method(compression)) {
  1757. tor_uncompress(&new_body, &new_len, body, body_len, compression,
  1758. !allow_partial, LOG_PROTOCOL_WARN);
  1759. if (new_body) {
  1760. /* We succeeded with the declared compression method. Great! */
  1761. rv = 0;
  1762. goto done;
  1763. }
  1764. }
  1765. /* Okay, if that didn't work, and we think that it was compressed
  1766. * differently, try that. */
  1767. if (anonymized_connection &&
  1768. ! allowed_anonymous_connection_compression_method(guessed)) {
  1769. warn_disallowed_anonymous_compression_method(guessed);
  1770. rv = -1;
  1771. goto done;
  1772. }
  1773. if (tor_compress_supports_method(guessed) &&
  1774. compression != guessed) {
  1775. tor_uncompress(&new_body, &new_len, body, body_len, guessed,
  1776. !allow_partial, LOG_INFO);
  1777. tried_both = 1;
  1778. }
  1779. /* If we're pretty sure that we have a compressed directory, and
  1780. * we didn't manage to uncompress it, then warn and bail. */
  1781. if (!plausible && !new_body) {
  1782. log_fn(LOG_PROTOCOL_WARN, LD_HTTP,
  1783. "Unable to decompress HTTP body (tried %s%s%s, server '%s:%d').",
  1784. description1,
  1785. tried_both?" and ":"",
  1786. tried_both?description2:"",
  1787. conn->base_.address, conn->base_.port);
  1788. rv = -1;
  1789. goto done;
  1790. }
  1791. done:
  1792. if (new_body) {
  1793. if (rv == 0) {
  1794. /* success! */
  1795. tor_free(*bodyp);
  1796. *bodyp = new_body;
  1797. *bodylenp = new_len;
  1798. } else {
  1799. tor_free(new_body);
  1800. }
  1801. }
  1802. return rv;
  1803. }
  1804. /** We are a client, and we've finished reading the server's
  1805. * response. Parse it and act appropriately.
  1806. *
  1807. * If we're still happy with using this directory server in the future, return
  1808. * 0. Otherwise return -1; and the caller should consider trying the request
  1809. * again.
  1810. *
  1811. * The caller will take care of marking the connection for close.
  1812. */
  1813. static int
  1814. connection_dir_client_reached_eof(dir_connection_t *conn)
  1815. {
  1816. char *body = NULL;
  1817. char *headers = NULL;
  1818. char *reason = NULL;
  1819. size_t body_len = 0;
  1820. int status_code;
  1821. time_t date_header = 0;
  1822. long apparent_skew;
  1823. compress_method_t compression;
  1824. int skewed = 0;
  1825. int rv;
  1826. int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
  1827. conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO ||
  1828. conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
  1829. size_t received_bytes;
  1830. const int anonymized_connection =
  1831. purpose_needs_anonymity(conn->base_.purpose,
  1832. conn->router_purpose,
  1833. conn->requested_resource);
  1834. received_bytes = connection_get_inbuf_len(TO_CONN(conn));
  1835. switch (connection_fetch_from_buf_http(TO_CONN(conn),
  1836. &headers, MAX_HEADERS_SIZE,
  1837. &body, &body_len, MAX_DIR_DL_SIZE,
  1838. allow_partial)) {
  1839. case -1: /* overflow */
  1840. log_warn(LD_PROTOCOL,
  1841. "'fetch' response too large (server '%s:%d'). Closing.",
  1842. conn->base_.address, conn->base_.port);
  1843. return -1;
  1844. case 0:
  1845. log_info(LD_HTTP,
  1846. "'fetch' response not all here, but we're at eof. Closing.");
  1847. return -1;
  1848. /* case 1, fall through */
  1849. }
  1850. if (parse_http_response(headers, &status_code, &date_header,
  1851. &compression, &reason) < 0) {
  1852. log_warn(LD_HTTP,"Unparseable headers (server '%s:%d'). Closing.",
  1853. conn->base_.address, conn->base_.port);
  1854. rv = -1;
  1855. goto done;
  1856. }
  1857. if (!reason) reason = tor_strdup("[no reason given]");
  1858. tor_log(LOG_DEBUG, LD_DIR,
  1859. "Received response from directory server '%s:%d': %d %s "
  1860. "(purpose: %d, response size: %"TOR_PRIuSZ
  1861. #ifdef MEASUREMENTS_21206
  1862. ", data cells received: %d, data cells sent: %d"
  1863. #endif
  1864. ", compression: %d)",
  1865. conn->base_.address, conn->base_.port, status_code,
  1866. escaped(reason), conn->base_.purpose,
  1867. (received_bytes),
  1868. #ifdef MEASUREMENTS_21206
  1869. conn->data_cells_received, conn->data_cells_sent,
  1870. #endif
  1871. compression);
  1872. if (conn->guard_state) {
  1873. /* we count the connection as successful once we can read from it. We do
  1874. * not, however, delay use of the circuit here, since it's just for a
  1875. * one-hop directory request. */
  1876. /* XXXXprop271 note that this will not do the right thing for other
  1877. * waiting circuits that would be triggered by this circuit becoming
  1878. * complete/usable. But that's ok, I think.
  1879. */
  1880. entry_guard_succeeded(&conn->guard_state);
  1881. circuit_guard_state_free(conn->guard_state);
  1882. conn->guard_state = NULL;
  1883. }
  1884. /* now check if it's got any hints for us about our IP address. */
  1885. if (conn->dirconn_direct) {
  1886. char *guess = http_get_header(headers, X_ADDRESS_HEADER);
  1887. if (guess) {
  1888. router_new_address_suggestion(guess, conn);
  1889. tor_free(guess);
  1890. }
  1891. }
  1892. if (date_header > 0) {
  1893. /* The date header was written very soon after we sent our request,
  1894. * so compute the skew as the difference between sending the request
  1895. * and the date header. (We used to check now-date_header, but that's
  1896. * inaccurate if we spend a lot of time downloading.)
  1897. */
  1898. apparent_skew = conn->base_.timestamp_last_write_allowed - date_header;
  1899. if (labs(apparent_skew)>ALLOW_DIRECTORY_TIME_SKEW) {
  1900. int trusted = router_digest_is_trusted_dir(conn->identity_digest);
  1901. clock_skew_warning(TO_CONN(conn), apparent_skew, trusted, LD_HTTP,
  1902. "directory", "DIRSERV");
  1903. skewed = 1; /* don't check the recommended-versions line */
  1904. } else {
  1905. log_debug(LD_HTTP, "Time on received directory is within tolerance; "
  1906. "we are %ld seconds skewed. (That's okay.)", apparent_skew);
  1907. }
  1908. }
  1909. (void) skewed; /* skewed isn't used yet. */
  1910. if (status_code == 503) {
  1911. routerstatus_t *rs;
  1912. dir_server_t *ds;
  1913. const char *id_digest = conn->identity_digest;
  1914. log_info(LD_DIR,"Received http status code %d (%s) from server "
  1915. "'%s:%d'. I'll try again soon.",
  1916. status_code, escaped(reason), conn->base_.address,
  1917. conn->base_.port);
  1918. time_t now = approx_time();
  1919. if ((rs = router_get_mutable_consensus_status_by_id(id_digest)))
  1920. rs->last_dir_503_at = now;
  1921. if ((ds = router_get_fallback_dirserver_by_digest(id_digest)))
  1922. ds->fake_status.last_dir_503_at = now;
  1923. rv = -1;
  1924. goto done;
  1925. }
  1926. if (dir_client_decompress_response_body(&body, &body_len,
  1927. conn, compression, anonymized_connection) < 0) {
  1928. rv = -1;
  1929. goto done;
  1930. }
  1931. response_handler_args_t args;
  1932. memset(&args, 0, sizeof(args));
  1933. args.status_code = status_code;
  1934. args.reason = reason;
  1935. args.body = body;
  1936. args.body_len = body_len;
  1937. args.headers = headers;
  1938. switch (conn->base_.purpose) {
  1939. case DIR_PURPOSE_FETCH_CONSENSUS:
  1940. rv = handle_response_fetch_consensus(conn, &args);
  1941. break;
  1942. case DIR_PURPOSE_FETCH_CERTIFICATE:
  1943. rv = handle_response_fetch_certificate(conn, &args);
  1944. break;
  1945. case DIR_PURPOSE_FETCH_STATUS_VOTE:
  1946. rv = handle_response_fetch_status_vote(conn, &args);
  1947. break;
  1948. case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES:
  1949. rv = handle_response_fetch_detached_signatures(conn, &args);
  1950. break;
  1951. case DIR_PURPOSE_FETCH_SERVERDESC:
  1952. case DIR_PURPOSE_FETCH_EXTRAINFO:
  1953. rv = handle_response_fetch_desc(conn, &args);
  1954. break;
  1955. case DIR_PURPOSE_FETCH_MICRODESC:
  1956. rv = handle_response_fetch_microdesc(conn, &args);
  1957. break;
  1958. case DIR_PURPOSE_FETCH_RENDDESC_V2:
  1959. rv = handle_response_fetch_renddesc_v2(conn, &args);
  1960. break;
  1961. case DIR_PURPOSE_UPLOAD_DIR:
  1962. rv = handle_response_upload_dir(conn, &args);
  1963. break;
  1964. case DIR_PURPOSE_UPLOAD_SIGNATURES:
  1965. rv = handle_response_upload_signatures(conn, &args);
  1966. break;
  1967. case DIR_PURPOSE_UPLOAD_VOTE:
  1968. rv = handle_response_upload_vote(conn, &args);
  1969. break;
  1970. case DIR_PURPOSE_UPLOAD_RENDDESC_V2:
  1971. rv = handle_response_upload_renddesc_v2(conn, &args);
  1972. break;
  1973. case DIR_PURPOSE_UPLOAD_HSDESC:
  1974. rv = handle_response_upload_hsdesc(conn, &args);
  1975. break;
  1976. case DIR_PURPOSE_FETCH_HSDESC:
  1977. rv = handle_response_fetch_hsdesc_v3(conn, &args);
  1978. break;
  1979. default:
  1980. tor_assert_nonfatal_unreached();
  1981. rv = -1;
  1982. break;
  1983. }
  1984. done:
  1985. tor_free(body);
  1986. tor_free(headers);
  1987. tor_free(reason);
  1988. return rv;
  1989. }
  1990. /**
  1991. * Handler function: processes a response to a request for a networkstatus
  1992. * consensus document by checking the consensus, storing it, and marking
  1993. * router requests as reachable.
  1994. **/
  1995. STATIC int
  1996. handle_response_fetch_consensus(dir_connection_t *conn,
  1997. const response_handler_args_t *args)
  1998. {
  1999. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS);
  2000. const int status_code = args->status_code;
  2001. const char *body = args->body;
  2002. const size_t body_len = args->body_len;
  2003. const char *reason = args->reason;
  2004. const time_t now = approx_time();
  2005. const char *consensus;
  2006. char *new_consensus = NULL;
  2007. const char *sourcename;
  2008. int r;
  2009. const char *flavname = conn->requested_resource;
  2010. if (status_code != 200) {
  2011. int severity = (status_code == 304) ? LOG_INFO : LOG_WARN;
  2012. tor_log(severity, LD_DIR,
  2013. "Received http status code %d (%s) from server "
  2014. "'%s:%d' while fetching consensus directory.",
  2015. status_code, escaped(reason), conn->base_.address,
  2016. conn->base_.port);
  2017. networkstatus_consensus_download_failed(status_code, flavname);
  2018. return -1;
  2019. }
  2020. if (looks_like_a_consensus_diff(body, body_len)) {
  2021. /* First find our previous consensus. Maybe it's in ram, maybe not. */
  2022. cached_dir_t *cd = dirserv_get_consensus(flavname);
  2023. const char *consensus_body = NULL;
  2024. size_t consensus_body_len;
  2025. tor_mmap_t *mapped_consensus = NULL;
  2026. if (cd) {
  2027. consensus_body = cd->dir;
  2028. consensus_body_len = cd->dir_len;
  2029. } else {
  2030. mapped_consensus = networkstatus_map_cached_consensus(flavname);
  2031. if (mapped_consensus) {
  2032. consensus_body = mapped_consensus->data;
  2033. consensus_body_len = mapped_consensus->size;
  2034. }
  2035. }
  2036. if (!consensus_body) {
  2037. log_warn(LD_DIR, "Received a consensus diff, but we can't find "
  2038. "any %s-flavored consensus in our current cache.",flavname);
  2039. tor_munmap_file(mapped_consensus);
  2040. networkstatus_consensus_download_failed(0, flavname);
  2041. // XXXX if this happens too much, see below
  2042. return -1;
  2043. }
  2044. new_consensus = consensus_diff_apply(consensus_body, consensus_body_len,
  2045. body, body_len);
  2046. tor_munmap_file(mapped_consensus);
  2047. if (new_consensus == NULL) {
  2048. log_warn(LD_DIR, "Could not apply consensus diff received from server "
  2049. "'%s:%d'", conn->base_.address, conn->base_.port);
  2050. // XXXX If this happens too many times, we should maybe not use
  2051. // XXXX this directory for diffs any more?
  2052. networkstatus_consensus_download_failed(0, flavname);
  2053. return -1;
  2054. }
  2055. log_info(LD_DIR, "Applied consensus diff (size %d) from server "
  2056. "'%s:%d', resulting in a new consensus document (size %d).",
  2057. (int)body_len, conn->base_.address, conn->base_.port,
  2058. (int)strlen(new_consensus));
  2059. consensus = new_consensus;
  2060. sourcename = "generated based on a diff";
  2061. } else {
  2062. log_info(LD_DIR,"Received consensus directory (body size %d) from server "
  2063. "'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port);
  2064. consensus = body;
  2065. sourcename = "downloaded";
  2066. }
  2067. if ((r=networkstatus_set_current_consensus(consensus,
  2068. strlen(consensus),
  2069. flavname, 0,
  2070. conn->identity_digest))<0) {
  2071. log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
  2072. "Unable to load %s consensus directory %s from "
  2073. "server '%s:%d'. I'll try again soon.",
  2074. flavname, sourcename, conn->base_.address, conn->base_.port);
  2075. networkstatus_consensus_download_failed(0, flavname);
  2076. tor_free(new_consensus);
  2077. return -1;
  2078. }
  2079. /* If we launched other fetches for this consensus, cancel them. */
  2080. connection_dir_close_consensus_fetches(conn, flavname);
  2081. /* update the list of routers and directory guards */
  2082. routers_update_all_from_networkstatus(now, 3);
  2083. update_microdescs_from_networkstatus(now);
  2084. directory_info_has_arrived(now, 0, 0);
  2085. if (authdir_mode_v3(get_options())) {
  2086. sr_act_post_consensus(
  2087. networkstatus_get_latest_consensus_by_flavor(FLAV_NS));
  2088. }
  2089. log_info(LD_DIR, "Successfully loaded consensus.");
  2090. tor_free(new_consensus);
  2091. return 0;
  2092. }
  2093. /**
  2094. * Handler function: processes a response to a request for one or more
  2095. * authority certificates
  2096. **/
  2097. static int
  2098. handle_response_fetch_certificate(dir_connection_t *conn,
  2099. const response_handler_args_t *args)
  2100. {
  2101. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE);
  2102. const int status_code = args->status_code;
  2103. const char *reason = args->reason;
  2104. const char *body = args->body;
  2105. const size_t body_len = args->body_len;
  2106. if (status_code != 200) {
  2107. log_warn(LD_DIR,
  2108. "Received http status code %d (%s) from server "
  2109. "'%s:%d' while fetching \"/tor/keys/%s\".",
  2110. status_code, escaped(reason), conn->base_.address,
  2111. conn->base_.port, conn->requested_resource);
  2112. connection_dir_download_cert_failed(conn, status_code);
  2113. return -1;
  2114. }
  2115. log_info(LD_DIR,"Received authority certificates (body size %d) from "
  2116. "server '%s:%d'",
  2117. (int)body_len, conn->base_.address, conn->base_.port);
  2118. /*
  2119. * Tell trusted_dirs_load_certs_from_string() whether it was by fp
  2120. * or fp-sk pair.
  2121. */
  2122. int src_code = -1;
  2123. if (!strcmpstart(conn->requested_resource, "fp/")) {
  2124. src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST;
  2125. } else if (!strcmpstart(conn->requested_resource, "fp-sk/")) {
  2126. src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST;
  2127. }
  2128. if (src_code != -1) {
  2129. if (trusted_dirs_load_certs_from_string(body, src_code, 1,
  2130. conn->identity_digest)<0) {
  2131. log_warn(LD_DIR, "Unable to parse fetched certificates");
  2132. /* if we fetched more than one and only some failed, the successful
  2133. * ones got flushed to disk so it's safe to call this on them */
  2134. connection_dir_download_cert_failed(conn, status_code);
  2135. } else {
  2136. time_t now = approx_time();
  2137. directory_info_has_arrived(now, 0, 0);
  2138. log_info(LD_DIR, "Successfully loaded certificates from fetch.");
  2139. }
  2140. } else {
  2141. log_warn(LD_DIR,
  2142. "Couldn't figure out what to do with fetched certificates for "
  2143. "unknown resource %s",
  2144. conn->requested_resource);
  2145. connection_dir_download_cert_failed(conn, status_code);
  2146. }
  2147. return 0;
  2148. }
  2149. /**
  2150. * Handler function: processes a response to a request for an authority's
  2151. * current networkstatus vote.
  2152. **/
  2153. static int
  2154. handle_response_fetch_status_vote(dir_connection_t *conn,
  2155. const response_handler_args_t *args)
  2156. {
  2157. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE);
  2158. const int status_code = args->status_code;
  2159. const char *reason = args->reason;
  2160. const char *body = args->body;
  2161. const size_t body_len = args->body_len;
  2162. const char *msg;
  2163. int st;
  2164. log_info(LD_DIR,"Got votes (body size %d) from server %s:%d",
  2165. (int)body_len, conn->base_.address, conn->base_.port);
  2166. if (status_code != 200) {
  2167. log_warn(LD_DIR,
  2168. "Received http status code %d (%s) from server "
  2169. "'%s:%d' while fetching \"/tor/status-vote/next/%s.z\".",
  2170. status_code, escaped(reason), conn->base_.address,
  2171. conn->base_.port, conn->requested_resource);
  2172. return -1;
  2173. }
  2174. dirvote_add_vote(body, &msg, &st);
  2175. if (st > 299) {
  2176. log_warn(LD_DIR, "Error adding retrieved vote: %s", msg);
  2177. } else {
  2178. log_info(LD_DIR, "Added vote(s) successfully [msg: %s]", msg);
  2179. }
  2180. return 0;
  2181. }
  2182. /**
  2183. * Handler function: processes a response to a request for the signatures
  2184. * that an authority knows about on a given consensus.
  2185. **/
  2186. static int
  2187. handle_response_fetch_detached_signatures(dir_connection_t *conn,
  2188. const response_handler_args_t *args)
  2189. {
  2190. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES);
  2191. const int status_code = args->status_code;
  2192. const char *reason = args->reason;
  2193. const char *body = args->body;
  2194. const size_t body_len = args->body_len;
  2195. const char *msg = NULL;
  2196. log_info(LD_DIR,"Got detached signatures (body size %d) from server %s:%d",
  2197. (int)body_len, conn->base_.address, conn->base_.port);
  2198. if (status_code != 200) {
  2199. log_warn(LD_DIR,
  2200. "Received http status code %d (%s) from server '%s:%d' while fetching "
  2201. "\"/tor/status-vote/next/consensus-signatures.z\".",
  2202. status_code, escaped(reason), conn->base_.address,
  2203. conn->base_.port);
  2204. return -1;
  2205. }
  2206. if (dirvote_add_signatures(body, conn->base_.address, &msg)<0) {
  2207. log_warn(LD_DIR, "Problem adding detached signatures from %s:%d: %s",
  2208. conn->base_.address, conn->base_.port, msg?msg:"???");
  2209. }
  2210. return 0;
  2211. }
  2212. /**
  2213. * Handler function: processes a response to a request for a group of server
  2214. * descriptors or an extrainfo documents.
  2215. **/
  2216. static int
  2217. handle_response_fetch_desc(dir_connection_t *conn,
  2218. const response_handler_args_t *args)
  2219. {
  2220. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
  2221. conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO);
  2222. const int status_code = args->status_code;
  2223. const char *reason = args->reason;
  2224. const char *body = args->body;
  2225. const size_t body_len = args->body_len;
  2226. int was_ei = conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO;
  2227. smartlist_t *which = NULL;
  2228. int n_asked_for = 0;
  2229. int descriptor_digests = conn->requested_resource &&
  2230. !strcmpstart(conn->requested_resource,"d/");
  2231. log_info(LD_DIR,"Received %s (body size %d) from server '%s:%d'",
  2232. was_ei ? "extra server info" : "server info",
  2233. (int)body_len, conn->base_.address, conn->base_.port);
  2234. if (conn->requested_resource &&
  2235. (!strcmpstart(conn->requested_resource,"d/") ||
  2236. !strcmpstart(conn->requested_resource,"fp/"))) {
  2237. which = smartlist_new();
  2238. dir_split_resource_into_fingerprints(conn->requested_resource +
  2239. (descriptor_digests ? 2 : 3),
  2240. which, NULL, 0);
  2241. n_asked_for = smartlist_len(which);
  2242. }
  2243. if (status_code != 200) {
  2244. int dir_okay = status_code == 404 ||
  2245. (status_code == 400 && !strcmp(reason, "Servers unavailable."));
  2246. /* 404 means that it didn't have them; no big deal.
  2247. * Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */
  2248. log_fn(dir_okay ? LOG_INFO : LOG_WARN, LD_DIR,
  2249. "Received http status code %d (%s) from server '%s:%d' "
  2250. "while fetching \"/tor/server/%s\". I'll try again soon.",
  2251. status_code, escaped(reason), conn->base_.address,
  2252. conn->base_.port, conn->requested_resource);
  2253. if (!which) {
  2254. connection_dir_download_routerdesc_failed(conn);
  2255. } else {
  2256. dir_routerdesc_download_failed(which, status_code,
  2257. conn->router_purpose,
  2258. was_ei, descriptor_digests);
  2259. SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
  2260. smartlist_free(which);
  2261. }
  2262. return dir_okay ? 0 : -1;
  2263. }
  2264. /* Learn the routers, assuming we requested by fingerprint or "all"
  2265. * or "authority".
  2266. *
  2267. * We use "authority" to fetch our own descriptor for
  2268. * testing, and to fetch bridge descriptors for bootstrapping. Ignore
  2269. * the output of "authority" requests unless we are using bridges,
  2270. * since otherwise they'll be the response from reachability tests,
  2271. * and we don't really want to add that to our routerlist. */
  2272. if (which || (conn->requested_resource &&
  2273. (!strcmpstart(conn->requested_resource, "all") ||
  2274. (!strcmpstart(conn->requested_resource, "authority") &&
  2275. get_options()->UseBridges)))) {
  2276. /* as we learn from them, we remove them from 'which' */
  2277. if (was_ei) {
  2278. router_load_extrainfo_from_string(body, NULL, SAVED_NOWHERE, which,
  2279. descriptor_digests);
  2280. } else {
  2281. //router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which,
  2282. // descriptor_digests, conn->router_purpose);
  2283. if (load_downloaded_routers(body, which, descriptor_digests,
  2284. conn->router_purpose,
  2285. conn->base_.address)) {
  2286. time_t now = approx_time();
  2287. directory_info_has_arrived(now, 0, 1);
  2288. }
  2289. }
  2290. }
  2291. if (which) { /* mark remaining ones as failed */
  2292. log_info(LD_DIR, "Received %d/%d %s requested from %s:%d",
  2293. n_asked_for-smartlist_len(which), n_asked_for,
  2294. was_ei ? "extra-info documents" : "router descriptors",
  2295. conn->base_.address, (int)conn->base_.port);
  2296. if (smartlist_len(which)) {
  2297. dir_routerdesc_download_failed(which, status_code,
  2298. conn->router_purpose,
  2299. was_ei, descriptor_digests);
  2300. }
  2301. SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
  2302. smartlist_free(which);
  2303. }
  2304. if (directory_conn_is_self_reachability_test(conn))
  2305. router_dirport_found_reachable();
  2306. return 0;
  2307. }
  2308. /**
  2309. * Handler function: processes a response to a request for a group of
  2310. * microdescriptors
  2311. **/
  2312. STATIC int
  2313. handle_response_fetch_microdesc(dir_connection_t *conn,
  2314. const response_handler_args_t *args)
  2315. {
  2316. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC);
  2317. const int status_code = args->status_code;
  2318. const char *reason = args->reason;
  2319. const char *body = args->body;
  2320. const size_t body_len = args->body_len;
  2321. smartlist_t *which = NULL;
  2322. log_info(LD_DIR,"Received answer to microdescriptor request (status %d, "
  2323. "body size %d) from server '%s:%d'",
  2324. status_code, (int)body_len, conn->base_.address,
  2325. conn->base_.port);
  2326. tor_assert(conn->requested_resource &&
  2327. !strcmpstart(conn->requested_resource, "d/"));
  2328. tor_assert_nonfatal(!tor_mem_is_zero(conn->identity_digest, DIGEST_LEN));
  2329. which = smartlist_new();
  2330. dir_split_resource_into_fingerprints(conn->requested_resource+2,
  2331. which, NULL,
  2332. DSR_DIGEST256|DSR_BASE64);
  2333. if (status_code != 200) {
  2334. log_info(LD_DIR, "Received status code %d (%s) from server "
  2335. "'%s:%d' while fetching \"/tor/micro/%s\". I'll try again "
  2336. "soon.",
  2337. status_code, escaped(reason), conn->base_.address,
  2338. (int)conn->base_.port, conn->requested_resource);
  2339. dir_microdesc_download_failed(which, status_code, conn->identity_digest);
  2340. SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
  2341. smartlist_free(which);
  2342. return 0;
  2343. } else {
  2344. smartlist_t *mds;
  2345. time_t now = approx_time();
  2346. mds = microdescs_add_to_cache(get_microdesc_cache(),
  2347. body, body+body_len, SAVED_NOWHERE, 0,
  2348. now, which);
  2349. if (smartlist_len(which)) {
  2350. /* Mark remaining ones as failed. */
  2351. dir_microdesc_download_failed(which, status_code, conn->identity_digest);
  2352. }
  2353. if (mds && smartlist_len(mds)) {
  2354. control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
  2355. count_loading_descriptors_progress());
  2356. directory_info_has_arrived(now, 0, 1);
  2357. }
  2358. SMARTLIST_FOREACH(which, char *, cp, tor_free(cp));
  2359. smartlist_free(which);
  2360. smartlist_free(mds);
  2361. }
  2362. return 0;
  2363. }
  2364. /**
  2365. * Handler function: processes a response to a POST request to upload our
  2366. * router descriptor.
  2367. **/
  2368. static int
  2369. handle_response_upload_dir(dir_connection_t *conn,
  2370. const response_handler_args_t *args)
  2371. {
  2372. tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_DIR);
  2373. const int status_code = args->status_code;
  2374. const char *reason = args->reason;
  2375. const char *headers = args->headers;
  2376. switch (status_code) {
  2377. case 200: {
  2378. dir_server_t *ds =
  2379. router_get_trusteddirserver_by_digest(conn->identity_digest);
  2380. char *rejected_hdr = http_get_header(headers,
  2381. "X-Descriptor-Not-New: ");
  2382. if (rejected_hdr) {
  2383. if (!strcmp(rejected_hdr, "Yes")) {
  2384. log_info(LD_GENERAL,
  2385. "Authority '%s' declined our descriptor (not new)",
  2386. ds->nickname);
  2387. /* XXXX use this information; be sure to upload next one
  2388. * sooner. -NM */
  2389. /* XXXX++ On further thought, the task above implies that we're
  2390. * basing our regenerate-descriptor time on when we uploaded the
  2391. * last descriptor, not on the published time of the last
  2392. * descriptor. If those are different, that's a bad thing to
  2393. * do. -NM */
  2394. }
  2395. tor_free(rejected_hdr);
  2396. }
  2397. log_info(LD_GENERAL,"eof (status 200) after uploading server "
  2398. "descriptor: finished.");
  2399. control_event_server_status(
  2400. LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d",
  2401. conn->base_.address, conn->base_.port);
  2402. ds->has_accepted_serverdesc = 1;
  2403. if (directories_have_accepted_server_descriptor())
  2404. control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR");
  2405. }
  2406. break;
  2407. case 400:
  2408. log_warn(LD_GENERAL,"http status 400 (%s) response from "
  2409. "dirserver '%s:%d'. Please correct.",
  2410. escaped(reason), conn->base_.address, conn->base_.port);
  2411. control_event_server_status(LOG_WARN,
  2412. "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"",
  2413. conn->base_.address, conn->base_.port, escaped(reason));
  2414. break;
  2415. default:
  2416. log_warn(LD_GENERAL,
  2417. "HTTP status %d (%s) was unexpected while uploading "
  2418. "descriptor to server '%s:%d'. Possibly the server is "
  2419. "misconfigured?",
  2420. status_code, escaped(reason), conn->base_.address,
  2421. conn->base_.port);
  2422. break;
  2423. }
  2424. /* return 0 in all cases, since we don't want to mark any
  2425. * dirservers down just because they don't like us. */
  2426. return 0;
  2427. }
  2428. /**
  2429. * Handler function: processes a response to POST request to upload our
  2430. * own networkstatus vote.
  2431. **/
  2432. static int
  2433. handle_response_upload_vote(dir_connection_t *conn,
  2434. const response_handler_args_t *args)
  2435. {
  2436. tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_VOTE);
  2437. const int status_code = args->status_code;
  2438. const char *reason = args->reason;
  2439. switch (status_code) {
  2440. case 200: {
  2441. log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d",
  2442. conn->base_.address, conn->base_.port);
  2443. }
  2444. break;
  2445. case 400:
  2446. log_warn(LD_DIR,"http status 400 (%s) response after uploading "
  2447. "vote to dirserver '%s:%d'. Please correct.",
  2448. escaped(reason), conn->base_.address, conn->base_.port);
  2449. break;
  2450. default:
  2451. log_warn(LD_GENERAL,
  2452. "HTTP status %d (%s) was unexpected while uploading "
  2453. "vote to server '%s:%d'.",
  2454. status_code, escaped(reason), conn->base_.address,
  2455. conn->base_.port);
  2456. break;
  2457. }
  2458. /* return 0 in all cases, since we don't want to mark any
  2459. * dirservers down just because they don't like us. */
  2460. return 0;
  2461. }
  2462. /**
  2463. * Handler function: processes a response to POST request to upload our
  2464. * view of the signatures on the current consensus.
  2465. **/
  2466. static int
  2467. handle_response_upload_signatures(dir_connection_t *conn,
  2468. const response_handler_args_t *args)
  2469. {
  2470. tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES);
  2471. const int status_code = args->status_code;
  2472. const char *reason = args->reason;
  2473. switch (status_code) {
  2474. case 200: {
  2475. log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d",
  2476. conn->base_.address, conn->base_.port);
  2477. }
  2478. break;
  2479. case 400:
  2480. log_warn(LD_DIR,"http status 400 (%s) response after uploading "
  2481. "signatures to dirserver '%s:%d'. Please correct.",
  2482. escaped(reason), conn->base_.address, conn->base_.port);
  2483. break;
  2484. default:
  2485. log_warn(LD_GENERAL,
  2486. "HTTP status %d (%s) was unexpected while uploading "
  2487. "signatures to server '%s:%d'.",
  2488. status_code, escaped(reason), conn->base_.address,
  2489. conn->base_.port);
  2490. break;
  2491. }
  2492. /* return 0 in all cases, since we don't want to mark any
  2493. * dirservers down just because they don't like us. */
  2494. return 0;
  2495. }
  2496. /**
  2497. * Handler function: processes a response to a request for a v3 hidden service
  2498. * descriptor.
  2499. **/
  2500. STATIC int
  2501. handle_response_fetch_hsdesc_v3(dir_connection_t *conn,
  2502. const response_handler_args_t *args)
  2503. {
  2504. const int status_code = args->status_code;
  2505. const char *reason = args->reason;
  2506. const char *body = args->body;
  2507. const size_t body_len = args->body_len;
  2508. tor_assert(conn->hs_ident);
  2509. log_info(LD_REND,"Received v3 hsdesc (body size %d, status %d (%s))",
  2510. (int)body_len, status_code, escaped(reason));
  2511. switch (status_code) {
  2512. case 200:
  2513. /* We got something: Try storing it in the cache. */
  2514. if (hs_cache_store_as_client(body, &conn->hs_ident->identity_pk) < 0) {
  2515. log_info(LD_REND, "Failed to store hidden service descriptor");
  2516. /* Fire control port FAILED event. */
  2517. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2518. "BAD_DESC");
  2519. hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
  2520. NULL);
  2521. } else {
  2522. log_info(LD_REND, "Stored hidden service descriptor successfully.");
  2523. TO_CONN(conn)->purpose = DIR_PURPOSE_HAS_FETCHED_HSDESC;
  2524. hs_client_desc_has_arrived(conn->hs_ident);
  2525. /* Fire control port RECEIVED event. */
  2526. hs_control_desc_event_received(conn->hs_ident, conn->identity_digest);
  2527. hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
  2528. body);
  2529. }
  2530. break;
  2531. case 404:
  2532. /* Not there. We'll retry when connection_about_to_close_connection()
  2533. * tries to clean this conn up. */
  2534. log_info(LD_REND, "Fetching hidden service v3 descriptor not found: "
  2535. "Retrying at another directory.");
  2536. /* Fire control port FAILED event. */
  2537. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2538. "NOT_FOUND");
  2539. hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
  2540. NULL);
  2541. break;
  2542. case 400:
  2543. log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
  2544. "http status 400 (%s). Dirserver didn't like our "
  2545. "query? Retrying at another directory.",
  2546. escaped(reason));
  2547. /* Fire control port FAILED event. */
  2548. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2549. "QUERY_REJECTED");
  2550. hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
  2551. NULL);
  2552. break;
  2553. default:
  2554. log_warn(LD_REND, "Fetching v3 hidden service descriptor failed: "
  2555. "http status %d (%s) response unexpected from HSDir server "
  2556. "'%s:%d'. Retrying at another directory.",
  2557. status_code, escaped(reason), TO_CONN(conn)->address,
  2558. TO_CONN(conn)->port);
  2559. /* Fire control port FAILED event. */
  2560. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2561. "UNEXPECTED");
  2562. hs_control_desc_event_content(conn->hs_ident, conn->identity_digest,
  2563. NULL);
  2564. break;
  2565. }
  2566. return 0;
  2567. }
  2568. /**
  2569. * Handler function: processes a response to a request for a v2 hidden service
  2570. * descriptor.
  2571. **/
  2572. static int
  2573. handle_response_fetch_renddesc_v2(dir_connection_t *conn,
  2574. const response_handler_args_t *args)
  2575. {
  2576. tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2);
  2577. const int status_code = args->status_code;
  2578. const char *reason = args->reason;
  2579. const char *body = args->body;
  2580. const size_t body_len = args->body_len;
  2581. #define SEND_HS_DESC_FAILED_EVENT(reason) \
  2582. (control_event_hsv2_descriptor_failed(conn->rend_data, \
  2583. conn->identity_digest, \
  2584. reason))
  2585. #define SEND_HS_DESC_FAILED_CONTENT() \
  2586. (control_event_hs_descriptor_content( \
  2587. rend_data_get_address(conn->rend_data), \
  2588. conn->requested_resource, \
  2589. conn->identity_digest, \
  2590. NULL))
  2591. tor_assert(conn->rend_data);
  2592. log_info(LD_REND,"Received rendezvous descriptor (body size %d, status %d "
  2593. "(%s))",
  2594. (int)body_len, status_code, escaped(reason));
  2595. switch (status_code) {
  2596. case 200:
  2597. {
  2598. rend_cache_entry_t *entry = NULL;
  2599. if (rend_cache_store_v2_desc_as_client(body,
  2600. conn->requested_resource,
  2601. conn->rend_data, &entry) < 0) {
  2602. log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
  2603. "Retrying at another directory.");
  2604. /* We'll retry when connection_about_to_close_connection()
  2605. * cleans this dir conn up. */
  2606. SEND_HS_DESC_FAILED_EVENT("BAD_DESC");
  2607. SEND_HS_DESC_FAILED_CONTENT();
  2608. } else {
  2609. char service_id[REND_SERVICE_ID_LEN_BASE32 + 1];
  2610. /* Should never be NULL here if we found the descriptor. */
  2611. tor_assert(entry);
  2612. rend_get_service_id(entry->parsed->pk, service_id);
  2613. /* success. notify pending connections about this. */
  2614. log_info(LD_REND, "Successfully fetched v2 rendezvous "
  2615. "descriptor.");
  2616. control_event_hsv2_descriptor_received(service_id,
  2617. conn->rend_data,
  2618. conn->identity_digest);
  2619. control_event_hs_descriptor_content(service_id,
  2620. conn->requested_resource,
  2621. conn->identity_digest,
  2622. body);
  2623. conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2;
  2624. rend_client_desc_trynow(service_id);
  2625. memwipe(service_id, 0, sizeof(service_id));
  2626. }
  2627. break;
  2628. }
  2629. case 404:
  2630. /* Not there. We'll retry when
  2631. * connection_about_to_close_connection() cleans this conn up. */
  2632. log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
  2633. "Retrying at another directory.");
  2634. SEND_HS_DESC_FAILED_EVENT("NOT_FOUND");
  2635. SEND_HS_DESC_FAILED_CONTENT();
  2636. break;
  2637. case 400:
  2638. log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
  2639. "http status 400 (%s). Dirserver didn't like our "
  2640. "v2 rendezvous query? Retrying at another directory.",
  2641. escaped(reason));
  2642. SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED");
  2643. SEND_HS_DESC_FAILED_CONTENT();
  2644. break;
  2645. default:
  2646. log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
  2647. "http status %d (%s) response unexpected while "
  2648. "fetching v2 hidden service descriptor (server '%s:%d'). "
  2649. "Retrying at another directory.",
  2650. status_code, escaped(reason), conn->base_.address,
  2651. conn->base_.port);
  2652. SEND_HS_DESC_FAILED_EVENT("UNEXPECTED");
  2653. SEND_HS_DESC_FAILED_CONTENT();
  2654. break;
  2655. }
  2656. return 0;
  2657. }
  2658. /**
  2659. * Handler function: processes a response to a POST request to upload a v2
  2660. * hidden service descriptor.
  2661. **/
  2662. static int
  2663. handle_response_upload_renddesc_v2(dir_connection_t *conn,
  2664. const response_handler_args_t *args)
  2665. {
  2666. tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2);
  2667. const int status_code = args->status_code;
  2668. const char *reason = args->reason;
  2669. #define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) \
  2670. (control_event_hs_descriptor_upload_failed( \
  2671. conn->identity_digest, \
  2672. rend_data_get_address(conn->rend_data), \
  2673. reason))
  2674. log_info(LD_REND,"Uploaded rendezvous descriptor (status %d "
  2675. "(%s))",
  2676. status_code, escaped(reason));
  2677. /* Without the rend data, we'll have a problem identifying what has been
  2678. * uploaded for which service. */
  2679. tor_assert(conn->rend_data);
  2680. switch (status_code) {
  2681. case 200:
  2682. log_info(LD_REND,
  2683. "Uploading rendezvous descriptor: finished with status "
  2684. "200 (%s)", escaped(reason));
  2685. control_event_hs_descriptor_uploaded(conn->identity_digest,
  2686. rend_data_get_address(conn->rend_data));
  2687. rend_service_desc_has_uploaded(conn->rend_data);
  2688. break;
  2689. case 400:
  2690. log_warn(LD_REND,"http status 400 (%s) response from dirserver "
  2691. "'%s:%d'. Malformed rendezvous descriptor?",
  2692. escaped(reason), conn->base_.address, conn->base_.port);
  2693. SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED");
  2694. break;
  2695. default:
  2696. log_warn(LD_REND,"http status %d (%s) response unexpected (server "
  2697. "'%s:%d').",
  2698. status_code, escaped(reason), conn->base_.address,
  2699. conn->base_.port);
  2700. SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED");
  2701. break;
  2702. }
  2703. return 0;
  2704. }
  2705. /**
  2706. * Handler function: processes a response to a POST request to upload an
  2707. * hidden service descriptor.
  2708. **/
  2709. static int
  2710. handle_response_upload_hsdesc(dir_connection_t *conn,
  2711. const response_handler_args_t *args)
  2712. {
  2713. const int status_code = args->status_code;
  2714. const char *reason = args->reason;
  2715. tor_assert(conn);
  2716. tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_HSDESC);
  2717. log_info(LD_REND, "Uploaded hidden service descriptor (status %d "
  2718. "(%s))",
  2719. status_code, escaped(reason));
  2720. /* For this directory response, it MUST have an hidden service identifier on
  2721. * this connection. */
  2722. tor_assert(conn->hs_ident);
  2723. switch (status_code) {
  2724. case 200:
  2725. log_info(LD_REND, "Uploading hidden service descriptor: "
  2726. "finished with status 200 (%s)", escaped(reason));
  2727. hs_control_desc_event_uploaded(conn->hs_ident, conn->identity_digest);
  2728. break;
  2729. case 400:
  2730. log_fn(LOG_PROTOCOL_WARN, LD_REND,
  2731. "Uploading hidden service descriptor: http "
  2732. "status 400 (%s) response from dirserver "
  2733. "'%s:%d'. Malformed hidden service descriptor?",
  2734. escaped(reason), conn->base_.address, conn->base_.port);
  2735. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2736. "UPLOAD_REJECTED");
  2737. break;
  2738. default:
  2739. log_warn(LD_REND, "Uploading hidden service descriptor: http "
  2740. "status %d (%s) response unexpected (server "
  2741. "'%s:%d').",
  2742. status_code, escaped(reason), conn->base_.address,
  2743. conn->base_.port);
  2744. hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
  2745. "UNEXPECTED");
  2746. break;
  2747. }
  2748. return 0;
  2749. }
  2750. /** Called when a directory connection reaches EOF. */
  2751. int
  2752. connection_dir_reached_eof(dir_connection_t *conn)
  2753. {
  2754. int retval;
  2755. if (conn->base_.state != DIR_CONN_STATE_CLIENT_READING) {
  2756. log_info(LD_HTTP,"conn reached eof, not reading. [state=%d] Closing.",
  2757. conn->base_.state);
  2758. connection_close_immediate(TO_CONN(conn)); /* error: give up on flushing */
  2759. connection_mark_for_close(TO_CONN(conn));
  2760. return -1;
  2761. }
  2762. retval = connection_dir_client_reached_eof(conn);
  2763. if (retval == 0) /* success */
  2764. conn->base_.state = DIR_CONN_STATE_CLIENT_FINISHED;
  2765. connection_mark_for_close(TO_CONN(conn));
  2766. return retval;
  2767. }
  2768. /** We are closing a dir connection: If <b>dir_conn</b> is a dir connection
  2769. * that tried to fetch an HS descriptor, check if it successfully fetched it,
  2770. * or if we need to try again. */
  2771. void
  2772. connection_dir_client_refetch_hsdesc_if_needed(dir_connection_t *dir_conn)
  2773. {
  2774. connection_t *conn = TO_CONN(dir_conn);
  2775. /* If we were trying to fetch a v2 rend desc and did not succeed, retry as
  2776. * needed. (If a fetch is successful, the connection state is changed to
  2777. * DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 or DIR_PURPOSE_HAS_FETCHED_HSDESC to
  2778. * mark that refetching is unnecessary.) */
  2779. if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 &&
  2780. dir_conn->rend_data &&
  2781. rend_valid_v2_service_id(
  2782. rend_data_get_address(dir_conn->rend_data))) {
  2783. rend_client_refetch_v2_renddesc(dir_conn->rend_data);
  2784. }
  2785. /* Check for v3 rend desc fetch */
  2786. if (conn->purpose == DIR_PURPOSE_FETCH_HSDESC &&
  2787. dir_conn->hs_ident &&
  2788. !ed25519_public_key_is_zero(&dir_conn->hs_ident->identity_pk)) {
  2789. hs_client_refetch_hsdesc(&dir_conn->hs_ident->identity_pk);
  2790. }
  2791. }
  2792. /** Array of compression methods to use (if supported) for requesting
  2793. * compressed data, ordered from best to worst. */
  2794. static compress_method_t client_meth_pref[] = {
  2795. LZMA_METHOD,
  2796. ZSTD_METHOD,
  2797. ZLIB_METHOD,
  2798. GZIP_METHOD,
  2799. NO_METHOD
  2800. };
  2801. /** Array of allowed compression methods to use (if supported) when receiving a
  2802. * response from a request that was required to be anonymous. */
  2803. static compress_method_t client_meth_allowed_anonymous_compression[] = {
  2804. ZLIB_METHOD,
  2805. GZIP_METHOD,
  2806. NO_METHOD
  2807. };
  2808. /** Return a newly allocated string containing a comma separated list of
  2809. * supported encodings. */
  2810. STATIC char *
  2811. accept_encoding_header(void)
  2812. {
  2813. smartlist_t *methods = smartlist_new();
  2814. char *header = NULL;
  2815. compress_method_t method;
  2816. unsigned i;
  2817. for (i = 0; i < ARRAY_LENGTH(client_meth_pref); ++i) {
  2818. method = client_meth_pref[i];
  2819. if (tor_compress_supports_method(method))
  2820. smartlist_add(methods, (char *)compression_method_get_name(method));
  2821. }
  2822. header = smartlist_join_strings(methods, ", ", 0, NULL);
  2823. smartlist_free(methods);
  2824. return header;
  2825. }
  2826. /** Check if the given compression method is allowed for a connection that is
  2827. * supposed to be anonymous. Returns 1 if the compression method is allowed,
  2828. * otherwise 0. */
  2829. STATIC int
  2830. allowed_anonymous_connection_compression_method(compress_method_t method)
  2831. {
  2832. unsigned u;
  2833. for (u = 0; u < ARRAY_LENGTH(client_meth_allowed_anonymous_compression);
  2834. ++u) {
  2835. compress_method_t allowed_method =
  2836. client_meth_allowed_anonymous_compression[u];
  2837. if (! tor_compress_supports_method(allowed_method))
  2838. continue;
  2839. if (method == allowed_method)
  2840. return 1;
  2841. }
  2842. return 0;
  2843. }
  2844. /** Log a warning when a remote server has sent us a document using a
  2845. * compression method that is not allowed for anonymous directory requests. */
  2846. STATIC void
  2847. warn_disallowed_anonymous_compression_method(compress_method_t method)
  2848. {
  2849. log_fn(LOG_PROTOCOL_WARN, LD_HTTP,
  2850. "Received a %s HTTP response, which is not "
  2851. "allowed for anonymous directory requests.",
  2852. compression_method_get_human_name(method));
  2853. }
  2854. /* We just got a new consensus! If there are other in-progress requests
  2855. * for this consensus flavor (for example because we launched several in
  2856. * parallel), cancel them.
  2857. *
  2858. * We do this check here (not just in
  2859. * connection_ap_handshake_attach_circuit()) to handle the edge case where
  2860. * a consensus fetch begins and ends before some other one tries to attach to
  2861. * a circuit, in which case the other one won't know that we're all happy now.
  2862. *
  2863. * Don't mark the conn that just gave us the consensus -- otherwise we
  2864. * would end up double-marking it when it cleans itself up.
  2865. */
  2866. static void
  2867. connection_dir_close_consensus_fetches(dir_connection_t *except_this_one,
  2868. const char *resource)
  2869. {
  2870. smartlist_t *conns_to_close =
  2871. connection_dir_list_by_purpose_and_resource(DIR_PURPOSE_FETCH_CONSENSUS,
  2872. resource);
  2873. SMARTLIST_FOREACH_BEGIN(conns_to_close, dir_connection_t *, d) {
  2874. if (d == except_this_one)
  2875. continue;
  2876. log_info(LD_DIR, "Closing consensus fetch (to %s) since one "
  2877. "has just arrived.", TO_CONN(d)->address);
  2878. connection_mark_for_close(TO_CONN(d));
  2879. } SMARTLIST_FOREACH_END(d);
  2880. smartlist_free(conns_to_close);
  2881. }
  2882. /** Called when one or more routerdesc (or extrainfo, if <b>was_extrainfo</b>)
  2883. * fetches have failed (with uppercase fingerprints listed in <b>failed</b>,
  2884. * either as descriptor digests or as identity digests based on
  2885. * <b>was_descriptor_digests</b>).
  2886. */
  2887. static void
  2888. dir_routerdesc_download_failed(smartlist_t *failed, int status_code,
  2889. int router_purpose,
  2890. int was_extrainfo, int was_descriptor_digests)
  2891. {
  2892. char digest[DIGEST_LEN];
  2893. time_t now = time(NULL);
  2894. int server = directory_fetches_from_authorities(get_options());
  2895. if (!was_descriptor_digests) {
  2896. if (router_purpose == ROUTER_PURPOSE_BRIDGE) {
  2897. tor_assert(!was_extrainfo);
  2898. connection_dir_retry_bridges(failed);
  2899. }
  2900. return; /* FFFF should implement for other-than-router-purpose someday */
  2901. }
  2902. SMARTLIST_FOREACH_BEGIN(failed, const char *, cp) {
  2903. download_status_t *dls = NULL;
  2904. if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) != DIGEST_LEN) {
  2905. log_warn(LD_BUG, "Malformed fingerprint in list: %s", escaped(cp));
  2906. continue;
  2907. }
  2908. if (was_extrainfo) {
  2909. signed_descriptor_t *sd =
  2910. router_get_by_extrainfo_digest(digest);
  2911. if (sd)
  2912. dls = &sd->ei_dl_status;
  2913. } else {
  2914. dls = router_get_dl_status_by_descriptor_digest(digest);
  2915. }
  2916. if (!dls)
  2917. continue;
  2918. download_status_increment_failure(dls, status_code, cp, server, now);
  2919. } SMARTLIST_FOREACH_END(cp);
  2920. /* No need to relaunch descriptor downloads here: we already do it
  2921. * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */
  2922. }
  2923. /** Called when a connection to download microdescriptors from relay with
  2924. * <b>dir_id</b> has failed in whole or in part. <b>failed</b> is a list
  2925. * of every microdesc digest we didn't get. <b>status_code</b> is the http
  2926. * status code we received. Reschedule the microdesc downloads as
  2927. * appropriate. */
  2928. static void
  2929. dir_microdesc_download_failed(smartlist_t *failed,
  2930. int status_code, const char *dir_id)
  2931. {
  2932. networkstatus_t *consensus
  2933. = networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC);
  2934. routerstatus_t *rs;
  2935. download_status_t *dls;
  2936. time_t now = time(NULL);
  2937. int server = directory_fetches_from_authorities(get_options());
  2938. if (! consensus)
  2939. return;
  2940. /* We failed to fetch a microdescriptor from 'dir_id', note it down
  2941. * so that we don't try the same relay next time... */
  2942. microdesc_note_outdated_dirserver(dir_id);
  2943. SMARTLIST_FOREACH_BEGIN(failed, const char *, d) {
  2944. rs = router_get_mutable_consensus_status_by_descriptor_digest(consensus,d);
  2945. if (!rs)
  2946. continue;
  2947. dls = &rs->dl_status;
  2948. { /* Increment the failure count for this md fetch */
  2949. char buf[BASE64_DIGEST256_LEN+1];
  2950. digest256_to_base64(buf, d);
  2951. log_info(LD_DIR, "Failed to download md %s from %s",
  2952. buf, hex_str(dir_id, DIGEST_LEN));
  2953. download_status_increment_failure(dls, status_code, buf,
  2954. server, now);
  2955. }
  2956. } SMARTLIST_FOREACH_END(d);
  2957. }