| blob | 2b5349923deae0d08edf1edbae7b19d5add1c2e1 |
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
29 /**
30 * \file dirserv.c
31 * \brief Directory server core implementation. Manages directory
32 * contents and generates directory documents.
33 *
34 * This module implements most of directory cache functionality, and some of
35 * the directory authority functionality. The directory.c module delegates
36 * here in order to handle incoming requests from clients, via
37 * connection_dirserv_flushed_some() and its kin. In order to save RAM, this
38 * module is responsible for spooling directory objects (in whole or in part)
39 * onto buf_t instances, and then closing the dir_connection_t once the
40 * objects are totally flushed.
41 *
42 * The directory.c module also delegates here for handling descriptor uploads
43 * via dirserv_add_multiple_descriptors().
44 *
45 * Additionally, this module handles some aspects of voting, including:
46 * deciding how to vote on individual flags (based on decisions reached in
47 * rephist.c), of formatting routerstatus lines, and deciding what relays to
48 * include in an authority's vote. (TODO: Those functions could profitably be
49 * split off. They only live in this file because historically they were
50 * shared among the v1, v2, and v3 directory code.)
51 */
68 /********************************************************************/
70 /* A set of functions to answer questions about how we'd like to behave
71 * as a directory mirror */
73 /** Return true iff we want to serve certificates for authorities
74 * that we don't acknowledge as authorities ourself.
75 * Use we_want_to_fetch_unknown_auth_certs to check if we want to fetch
76 * and keep these certificates.
77 */
78 int
80 {
82 }
84 /** Return 1 if we want to fetch and serve descriptors, networkstatuses, etc
85 * Else return 0.
86 * Check options->DirPort_set and directory_permits_begindir_requests()
87 * to see if we are willing to serve these directory documents to others via
88 * the DirPort and begindir-over-ORPort, respectively.
89 *
90 * To check if we should fetch documents, use we_want_to_fetch_flavor and
91 * we_want_to_fetch_unknown_auth_certs instead of this function.
92 */
93 int
95 {
100 /* We need an up-to-date view of network info if we're going to try to
101 * block exit attempts from unknown relays. */
104 }
106 /** Return 1 if we want to allow remote clients to ask us directory
107 * requests via the "begin_dir" interface, which doesn't require
108 * having any separate port open. */
109 int
111 {
113 }
115 /********************************************************************/
117 /** Map from flavor name to the cached_dir_t for the v3 consensuses that we're
118 * currently serving. */
121 /** Decrement the reference count on <b>d</b>, and free it if it no longer has
122 * any references. */
123 void
125 {
130 }
132 /** Allocate and return a new cached_dir_t containing the string <b>s</b>,
133 * published at <b>published</b>. */
134 cached_dir_t *
136 {
145 }
147 }
149 /** Remove all storage held in <b>d</b>, but do not free <b>d</b> itself. */
150 static void
152 {
156 }
158 /** Free all storage held by the cached_dir_t in <b>d</b>. */
159 static void
161 {
168 }
170 /** Replace the v3 consensus networkstatus of type <b>flavor_name</b> that
171 * we're serving with <b>networkstatus</b>, published at <b>published</b>. No
172 * validation is performed. */
173 void
180 {
186 new_networkstatus =
188 published);
191 DIGEST256_LEN);
193 new_networkstatus);
196 }
198 /** Return the latest downloaded consensus networkstatus in encoded, signed,
199 * optionally compressed format, suitable for sending to clients. */
202 {
206 }
208 /** As dir_split_resource_into_fingerprints, but instead fills
209 * <b>spool_out</b> with a list of spoolable_resource_t for the resource
210 * identified through <b>source</b>. */
211 int
213 dir_spool_source_t source,
217 {
226 /* This is not a very efficient implementation XXXX */
237 }
239 /** As dirserv_get_routerdescs(), but instead of getting signed_descriptor_t
240 * pointers, adds copies of digests to fps_out, and doesn't use the
241 * /tor/server/ prefix. For a /d/ request, adds descriptor digests; for other
242 * requests, adds identity digests.
243 */
244 int
247 dir_spool_source_t source,
250 {
259 DIGEST_LEN);
260 /* Treat "all" requests as if they were unencrypted */
270 DIGEST_LEN));
282 }
285 /* Remove anything that insists it not be sent unencrypted. */
294 }
296 }
301 }
303 }
305 /* ==========
306 * Spooling code.
307 * ========== */
309 spooled_resource_t *
312 {
330 }
335 }
337 /**
338 * Create a new spooled_resource_t to spool the contents of <b>entry</b> to
339 * the user. Return the spooled object on success, or NULL on failure (which
340 * is probably caused by a failure to map the body of the item from disk).
341 *
342 * Adds a reference to entry's reference counter.
343 */
344 spooled_resource_t *
346 {
361 }
362 }
364 /** Release all storage held by <b>spooled</b>. */
365 void
367 {
373 }
377 }
380 }
382 /** When spooling data from a cached_dir_t object, we always add
383 * at least this much. */
384 #define DIRSERV_CACHED_DIR_CHUNK_SIZE 8192
386 /** Return an compression ratio for compressing objects from <b>source</b>.
387 */
388 static double
390 {
391 /* We should put in better estimates here, depending on the number of
392 objects and their type */
395 }
397 /** Return an estimated number of bytes needed for transmitting the
398 * resource in <b>spooled</b> on <b>conn</b>
399 *
400 * As a convenient side-effect, set *<b>published_out</b> to the resource's
401 * publication time.
402 */
403 static size_t
408 {
415 published_out);
421 }
429 }
432 }
437 published_out);
438 }
441 }
444 }
445 }
447 /** Return code for spooled_resource_flush_some */
451 SRFS_DONE
454 /** Flush some or all of the bytes from <b>spooled</b> onto <b>conn</b>.
455 * Return SRFS_ERR on error, SRFS_MORE if there are more bytes to flush from
456 * this spooled resource, or SRFS_DONE if we are done flushing this spooled
457 * resource.
458 */
459 static spooled_resource_flush_status_t
462 {
464 /* Spool_eagerly resources are sent all-at-once. */
471 /* Absent objects count as "done". */
473 }
482 /* The cached_dir_t hasn't been materialized yet. So let's look it up. */
486 /* Absent objects count as done. */
488 }
491 }
504 }
505 /* How many bytes left to flush? */
520 }
521 }
522 }
524 /** Helper: find the cached_dir_t for a spooled_resource_t, for
525 * sending it to <b>conn</b>. Set *<b>published_out</b>, if provided,
526 * to the published time of the cached_dir_t.
527 *
528 * DOES NOT increase the reference count on the result. Callers must do that
529 * themselves if they mean to hang on to it.
530 */
534 {
540 }
542 }
544 /** Helper: Look up the body for an eagerly-served spooled_resource. If
545 * <b>conn_is_encrypted</b> is false, don't look up any resource that
546 * shouldn't be sent over an unencrypted connection. On success, set
547 * <b>body_out</b>, <b>size_out</b>, and <b>published_out</b> to refer
548 * to the resource's body, size, and publication date, and return 0.
549 * On failure return -1. */
550 static int
556 {
565 }
569 }
573 }
577 }
584 }
590 }
594 /* LCOV_EXCL_START */
597 /* LCOV_EXCL_STOP */
598 }
600 /* If we get here, then we tried to set "sd" to a signed_descriptor_t. */
604 }
606 /* we did this check once before (so we could have an accurate size
607 * estimate and maybe send a 404 if somebody asked for only bridges on
608 * a connection), but we need to do it again in case a previously
609 * unknown bridge descriptor has shown up between then and now. */
611 }
617 }
619 /** Given a fingerprint <b>fp</b> which is either set if we're looking for a
620 * v2 status, or zeroes if we're looking for a v3 status, or a NUL-padded
621 * flavor name if we want a flavored v3 status, return a pointer to the
622 * appropriate cached dir object, or NULL if there isn't one available. */
625 {
630 /* this here interface is a nasty hack: we're shoving a flavor into
631 * a digest field. */
633 }
635 }
637 /** Try to guess the number of bytes that will be needed to send the
638 * spooled objects for <b>conn</b>'s outgoing spool. In the process,
639 * remove every element of the spool that refers to an absent object, or
640 * which was published earlier than <b>cutoff</b>. Set *<b>size_out</b>
641 * to the number of bytes, and *<b>n_expired_out</b> to the number of
642 * objects removed for being too old. */
643 void
649 {
660 }
676 }
681 }
684 }
686 /** Helper: used to sort a connection's spool. */
687 static int
689 {
693 }
695 /** Sort all the entries in <b>conn</b> by digest. */
696 void
698 {
702 }
704 /** Return the cache-info for identity fingerprint <b>fp</b>, or
705 * its extra-info document if <b>extrainfo</b> is true. Return
706 * NULL if not found or if the descriptor is older than
707 * <b>publish_cutoff</b>. */
710 {
714 else
722 else
724 }
725 }
727 }
729 /** When we're spooling data onto our outbuf, add more whenever we dip
730 * below this threshold. */
731 #define DIRSERV_BUFFER_MIN 16384
733 /**
734 * Called whenever we have flushed some directory data in state
735 * SERVER_WRITING, or whenever we want to fill the buffer with initial
736 * directory data (so that subsequent writes will occur, and trigger this
737 * function again.)
738 *
739 * Return 0 on success, and -1 on failure.
740 */
741 int
743 {
752 spooled_resource_flush_status_t status;
758 }
761 /* If we're here, we're done flushing this resource. */
764 }
767 /* We're still spooling something. */
769 }
771 /* If we get here, we're done. */
775 /* Flush the compression state: there could be more bytes pending in there,
776 * and we don't want to omit bytes. */
780 }
782 }
784 /** Remove every element from <b>conn</b>'s outgoing spool, and delete
785 * the spool. */
786 void
788 {
795 }
797 /** Release all storage used by the directory server. */
798 void
800 {
803 }