This implementation includes tests and a little documentation.
--- /dev/null
+ o Minor features (directory system):
+ - Authorities can now vote on the correct digests and latest versions for
+ different software packages. This allows packages that include Tor to use
+ the Tor authority system as a way to get notified of updates and their
+ correct digests. Implements proposal 227. Closes ticket 10395.
/** Given a smartlist <b>sl</b> sorted with the function <b>compare</b>,
* return the most frequent member in the list. Break ties in favor of
- * later elements. If the list is empty, return NULL.
+ * later elements. If the list is empty, return NULL. If count_out is
+ * non-null, set it to the most frequent member.
*/
void *
-smartlist_get_most_frequent(const smartlist_t *sl,
- int (*compare)(const void **a, const void **b))
+smartlist_get_most_frequent_(const smartlist_t *sl,
+ int (*compare)(const void **a, const void **b),
+ int *count_out)
{
const void *most_frequent = NULL;
int most_frequent_count = 0;
const void *cur = NULL;
int i, count=0;
- if (!sl->num_used)
+ if (!sl->num_used) {
+ if (count_out)
+ *count_out = 0;
return NULL;
+ }
for (i = 0; i < sl->num_used; ++i) {
const void *item = sl->list[i];
if (cur && 0 == compare(&cur, &item)) {
most_frequent = cur;
most_frequent_count = count;
}
+ if (count_out)
+ *count_out = most_frequent_count;
return (void*)most_frequent;
}
return smartlist_get_most_frequent(sl, compare_string_ptrs_);
}
+/** Return the most frequent string in the sorted list <b>sl</b> */
+char *
+smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out)
+{
+ return smartlist_get_most_frequent_(sl, compare_string_ptrs_, count_out);
+}
+
/** Remove duplicate strings from a sorted list, and free them with tor_free().
*/
void
void smartlist_insert(smartlist_t *sl, int idx, void *val);
void smartlist_sort(smartlist_t *sl,
int (*compare)(const void **a, const void **b));
-void *smartlist_get_most_frequent(const smartlist_t *sl,
- int (*compare)(const void **a, const void **b));
+void *smartlist_get_most_frequent_(const smartlist_t *sl,
+ int (*compare)(const void **a, const void **b),
+ int *count_out);
+#define smartlist_get_most_frequent(sl, compare) \
+ smartlist_get_most_frequent_((sl), (compare), NULL)
void smartlist_uniq(smartlist_t *sl,
int (*compare)(const void **a, const void **b),
void (*free_fn)(void *elt));
void smartlist_sort_pointers(smartlist_t *sl);
char *smartlist_get_most_frequent_string(smartlist_t *sl);
+char *smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out);
char *smartlist_get_most_frequent_digest256(smartlist_t *sl);
void smartlist_uniq_strings(smartlist_t *sl);
PLURAL(HiddenServiceExcludeNode),
PLURAL(NumCPU),
PLURAL(RendNode),
+ PLURAL(RecommendedPackage),
PLURAL(RendExcludeNode),
PLURAL(StrictEntryNode),
PLURAL(StrictExitNode),
V(RecommendedVersions, LINELIST, NULL),
V(RecommendedClientVersions, LINELIST, NULL),
V(RecommendedServerVersions, LINELIST, NULL),
+ V(RecommendedPackages, LINELIST, NULL),
V(RefuseUnknownExits, AUTOBOOL, "auto"),
V(RejectPlaintextPorts, CSV, ""),
V(RelayBandwidthBurst, MEMUNIT, "0"),
"features to be broken in unpredictable ways.");
}
+ for (cl = options->RecommendedPackages; cl; cl = cl->next) {
+ if (! validate_recommended_package_line(cl->value)) {
+ log_warn(LD_CONFIG, "Invalid RecommendedPackage line %s will be ignored",
+ escaped(cl->value));
+ }
+ }
+
if (options->AuthoritativeDir) {
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
v3_out->client_versions = client_versions;
v3_out->server_versions = server_versions;
+ v3_out->package_lines = smartlist_new();
+ {
+ config_line_t *cl;
+ for (cl = get_options()->RecommendedPackages; cl; cl = cl->next) {
+ if (validate_recommended_package_line(cl->value))
+ smartlist_add(v3_out->package_lines, tor_strdup(cl->value));
+ }
+ }
+
v3_out->known_flags = smartlist_new();
smartlist_split_string(v3_out->known_flags,
"Authority Exit Fast Guard Stable V2Dir Valid",
}
}
+/** Return true iff <b>line</b> is a valid recommened_packages line.
+ */
+int
+validate_recommended_package_line(const char *line)
+{
+ const char *cp = line;
+
+#define WORD() \
+ do { \
+ if (*cp == ' ') \
+ return 0; \
+ cp = strchr(cp, ' '); \
+ if (!cp) \
+ return 0; \
+ } while (0)
+
+ WORD(); /* skip packagename */
+ ++cp;
+ WORD(); /* skip version */
+ ++cp;
+ WORD(); /* Skip URL */
+ ++cp;
+
+ /* Skip digestname=digestval + */
+ int foundeq = 0;
+ while (*cp) {
+ if (*cp == ' ') {
+ if (!foundeq)
+ return 0;
+ foundeq = 0;
+ } else if (*cp == '=') {
+ if (++foundeq > 1)
+ return 0;
+ }
+ ++cp;
+ }
+
+ if (!foundeq)
+ return 0;
+ return 1;
+}
+
/** Release all storage used by the directory server. */
void
dirserv_free_all(void)
void cached_dir_decref(cached_dir_t *d);
cached_dir_t *new_cached_dir(char *s, time_t published);
+int validate_recommended_package_line(const char *line);
+
#ifdef DIRSERV_PRIVATE
/* Put the MAX_MEASUREMENT_AGE #define here so unit tests can see it */
{
smartlist_t *chunks = smartlist_new();
const char *client_versions = NULL, *server_versions = NULL;
+ char *packages = NULL;
char fingerprint[FINGERPRINT_LEN+1];
char digest[DIGEST_LEN];
uint32_t addr;
server_versions_line = tor_strdup("");
}
+ if (v3_ns->package_lines) {
+ smartlist_t *tmp = smartlist_new();
+ SMARTLIST_FOREACH(v3_ns->package_lines, const char *, p,
+ if (validate_recommended_package_line(p))
+ smartlist_add_asprintf(tmp, "package %s\n", p));
+ packages = smartlist_join_strings(tmp, "", 0, NULL);
+ SMARTLIST_FOREACH(tmp, char *, cp, tor_free(cp));
+ smartlist_free(tmp);
+ } else {
+ packages = tor_strdup("");
+ }
+
{
char published[ISO_TIME_LEN+1];
char va[ISO_TIME_LEN+1];
"valid-until %s\n"
"voting-delay %d %d\n"
"%s%s" /* versions */
+ "%s" /* packages */
"known-flags %s\n"
"flag-thresholds %s\n"
"params %s\n"
v3_ns->vote_seconds, v3_ns->dist_seconds,
client_versions_line,
server_versions_line,
+ packages,
flags,
flag_thresholds,
params,
done:
tor_free(client_versions_line);
tor_free(server_versions_line);
+ tor_free(packages);
SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
smartlist_free(chunks);
const routerstatus_format_type_t rs_format =
flavor == FLAV_NS ? NS_V3_CONSENSUS : NS_V3_CONSENSUS_MICRODESC;
char *params = NULL;
+ char *packages = NULL;
int added_weights = 0;
tor_assert(flavor == FLAV_NS || flavor == FLAV_MICRODESC);
tor_assert(total_authorities >= smartlist_len(votes));
n_versioning_servers);
client_versions = compute_consensus_versions_list(combined_client_versions,
n_versioning_clients);
+ if (consensus_method >= MIN_METHOD_FOR_PACKAGE_LINES) {
+ packages = compute_consensus_package_lines(votes);
+ } else {
+ packages = tor_strdup("");
+ }
SMARTLIST_FOREACH(combined_server_versions, char *, cp, tor_free(cp));
SMARTLIST_FOREACH(combined_client_versions, char *, cp, tor_free(cp));
"voting-delay %d %d\n"
"client-versions %s\n"
"server-versions %s\n"
+ "%s" /* packages */
"known-flags %s\n",
va_buf, fu_buf, vu_buf,
vote_seconds, dist_seconds,
- client_versions, server_versions, flaglist);
+ client_versions, server_versions,
+ packages,
+ flaglist);
tor_free(flaglist);
}
tor_free(client_versions);
tor_free(server_versions);
+ tor_free(packages);
SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp));
smartlist_free(flags);
SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
return result;
}
+/** DOCDOC */
+STATIC char *
+compute_consensus_package_lines(smartlist_t *votes)
+{
+ const int n_votes = smartlist_len(votes);
+ strmap_t *package_status = strmap_new();
+ smartlist_t *result_list = smartlist_new();
+
+ SMARTLIST_FOREACH_BEGIN(votes, networkstatus_t *, v) {
+ if (! v->package_lines)
+ continue;
+ SMARTLIST_FOREACH_BEGIN(v->package_lines, const char *, line) {
+ if (! validate_recommended_package_line(line))
+ continue;
+
+ const char *cp = strchr(line, ' ');
+ if (!cp) continue;
+ ++cp;
+ cp = strchr(cp, ' ');
+ if (!cp) continue;
+
+ char *key = tor_strndup(line, cp - line);
+
+ const char **status = strmap_get(package_status, key);
+ if (!status) {
+ status = tor_calloc(n_votes, sizeof(const char *));
+ strmap_set(package_status, key, status);
+ }
+ status[v_sl_idx] = line; /* overwrite old value */
+ tor_free(key);
+ } SMARTLIST_FOREACH_END(line);
+ } SMARTLIST_FOREACH_END(v);
+
+ smartlist_t *entries = smartlist_new();
+ STRMAP_FOREACH(package_status, key, const char **, values) {
+ int i, count=-1;
+ for (i = 0; i < n_votes; ++i) {
+ if (values[i])
+ smartlist_add(entries, (void*) values[i]);
+ }
+ smartlist_sort_strings(entries);
+ int n_voting_for_entry = smartlist_len(entries);
+ const char *most_frequent =
+ smartlist_get_most_frequent_string_(entries, &count);
+
+ if (n_voting_for_entry >= 3 && count > n_voting_for_entry / 2) {
+ smartlist_add_asprintf(result_list, "package %s\n", most_frequent);
+ }
+
+ smartlist_clear(entries);
+
+ } STRMAP_FOREACH_END;
+
+ smartlist_sort_strings(result_list);
+
+ char *result = smartlist_join_strings(result_list, "", 0, NULL);
+
+ SMARTLIST_FOREACH(result_list, char *, cp, tor_free(cp));
+ smartlist_free(result_list);
+ smartlist_free(entries);
+ strmap_free(package_status, tor_free_);
+
+ return result;
+}
+
/** Given a consensus vote <b>target</b> and a set of detached signatures in
* <b>sigs</b> that correspond to the same consensus, check whether there are
* any new signatures in <b>src_voter_list</b> that should be added to
#define MIN_SUPPORTED_CONSENSUS_METHOD 13
/** The highest consensus method that we currently support. */
-#define MAX_SUPPORTED_CONSENSUS_METHOD 18
+#define MAX_SUPPORTED_CONSENSUS_METHOD 19
/** Lowest consensus method where microdesc consensuses omit any entry
* with no microdesc. */
* microdescriptors. */
#define MIN_METHOD_FOR_ID_HASH_IN_MD 18
+/** Lowest consensus method where we include "package" lines*/
+#define MIN_METHOD_FOR_PACKAGE_LINES 19
+
/** Default bandwidth to clip unmeasured bandwidths to using method >=
* MIN_METHOD_TO_CLIP_UNMEASURED_BW */
#define DEFAULT_MAX_UNMEASURED_BW_KB 20
networkstatus_t *v3_ns);
STATIC char *dirvote_compute_params(smartlist_t *votes, int method,
int total_authorities);
+STATIC char *compute_consensus_package_lines(smartlist_t *votes);
#endif
#endif
SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
smartlist_free(ns->supported_methods);
}
+ if (ns->package_lines) {
+ SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c));
+ smartlist_free(ns->package_lines);
+ }
if (ns->voters) {
SMARTLIST_FOREACH_BEGIN(ns->voters, networkstatus_voter_info_t *, voter) {
tor_free(voter->nickname);
/** Vote only: what methods is this voter willing to use? */
smartlist_t *supported_methods;
+ /** List of 'package' lines describing hashes of downloadable pacakges */
+ smartlist_t *package_lines;
+
/** How long does this vote/consensus claim that authorities take to
* distribute their votes to one another? */
int vote_seconds;
config_line_t *RecommendedVersions;
config_line_t *RecommendedClientVersions;
config_line_t *RecommendedServerVersions;
+ config_line_t *RecommendedPackages;
/** Whether dirservers allow router descriptors with private IPs. */
int DirAllowPrivateAddresses;
/** Whether routers accept EXTEND cells to routers with private IPs. */
K_CONSENSUS_METHOD,
K_LEGACY_DIR_KEY,
K_DIRECTORY_FOOTER,
+ K_PACKAGE,
A_PURPOSE,
A_LAST_LISTED,
T1("known-flags", K_KNOWN_FLAGS, ARGS, NO_OBJ ),
T01("params", K_PARAMS, ARGS, NO_OBJ ),
T( "fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ),
+ T0N("package", K_PACKAGE, CONCAT_ARGS, NO_OBJ ),
CERTIFICATE_MEMBERS
ns->server_versions = tor_strdup(tok->args[0]);
}
+ {
+ smartlist_t *package_lst = find_all_by_keyword(tokens, K_PACKAGE);
+ if (package_lst) {
+ ns->package_lines = smartlist_new();
+ SMARTLIST_FOREACH(package_lst, directory_token_t *, t,
+ smartlist_add(ns->package_lines, tor_strdup(t->args[0])));
+ }
+ smartlist_free(package_lst);
+ }
+
tok = find_by_keyword(tokens, K_KNOWN_FLAGS);
ns->known_flags = smartlist_new();
inorder = 1;
tor_free(url);
}
+static void
+test_dir_packages(void *arg)
+{
+ smartlist_t *votes = smartlist_new();
+ char *res = NULL;
+ (void)arg;
+
+#define BAD(s) \
+ tt_int_op(0, ==, validate_recommended_package_line(s));
+#define GOOD(s) \
+ tt_int_op(1, ==, validate_recommended_package_line(s));
+ GOOD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz "
+ "sha256=sssdlkfjdsklfjdskfljasdklfj");
+ GOOD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz "
+ "sha256=sssdlkfjdsklfjdskfljasdklfj blake2b=fred");
+ BAD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz "
+ "sha256=sssdlkfjdsklfjdskfljasdklfj=");
+ BAD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz "
+ "sha256=sssdlkfjdsklfjdskfljasdklfj blake2b");
+ BAD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz ");
+ BAD("tor 0.2.6.3-alpha "
+ "http://torproject.example.com/dist/tor-0.2.6.3-alpha.tar.gz");
+ BAD("tor 0.2.6.3-alpha ");
+ BAD("tor 0.2.6.3-alpha");
+ BAD("tor ");
+ BAD("tor");
+ BAD("");
+
+ votes = smartlist_new();
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
+ SMARTLIST_FOREACH(votes, networkstatus_t *, ns,
+ ns->package_lines = smartlist_new());
+
+#define ADD(i, s) \
+ smartlist_add(((networkstatus_t*)smartlist_get(votes, (i)))->package_lines, \
+ (void*)(s));
+
+ /* Only one vote for this one. */
+ ADD(4, "cisco 99z http://foobar.example.com/ sha256=blahblah");
+
+ /* Only two matching entries for this one, but 3 voters */
+ ADD(1, "mystic 99y http://barfoo.example.com/ sha256=blahblah");
+ ADD(3, "mystic 99y http://foobar.example.com/ sha256=blahblah");
+ ADD(4, "mystic 99y http://foobar.example.com/ sha256=blahblah");
+
+ /* Only two matching entries for this one, but at least 4 voters */
+ ADD(1, "mystic 99p http://barfoo.example.com/ sha256=ggggggg");
+ ADD(3, "mystic 99p http://foobar.example.com/ sha256=blahblah");
+ ADD(4, "mystic 99p http://foobar.example.com/ sha256=blahblah");
+ ADD(5, "mystic 99p http://foobar.example.com/ sha256=ggggggg");
+
+ /* This one has only invalid votes. */
+ ADD(0, "haffenreffer 1.2 http://foobar.example.com/ sha256");
+ ADD(1, "haffenreffer 1.2 http://foobar.example.com/ ");
+ ADD(2, "haffenreffer 1.2 ");
+ ADD(3, "haffenreffer ");
+ ADD(4, "haffenreffer");
+
+ /* Three matching votes for this; it should actually go in! */
+ ADD(2, "element 0.66.1 http://quux.example.com/ sha256=abcdef");
+ ADD(3, "element 0.66.1 http://quux.example.com/ sha256=abcdef");
+ ADD(4, "element 0.66.1 http://quux.example.com/ sha256=abcdef");
+ ADD(1, "element 0.66.1 http://quum.example.com/ sha256=abcdef");
+ ADD(0, "element 0.66.1 http://quux.example.com/ sha256=abcde");
+
+ /* Three votes for A, three votes for B */
+ ADD(0, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob");
+ ADD(1, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob");
+ ADD(2, "clownshoes 22alpha1 http://quumble.example.com/ blake2=foob");
+ ADD(3, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz");
+ ADD(4, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz");
+ ADD(5, "clownshoes 22alpha1 http://quumble.example.com/ blake2=fooz");
+
+ /* Three votes for A, two votes for B */
+ ADD(1, "clownshoes 22alpha3 http://quumble.example.com/ blake2=foob");
+ ADD(2, "clownshoes 22alpha3 http://quumble.example.com/ blake2=foob");
+ ADD(3, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz");
+ ADD(4, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz");
+ ADD(5, "clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz");
+
+ /* Four votes for A, two for B. */
+ ADD(0, "clownshoes 22alpha4 http://quumble.example.com/ blake2=foob");
+ ADD(1, "clownshoes 22alpha4 http://quumble.example.com/ blake2=foob");
+ ADD(2, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa");
+ ADD(3, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa");
+ ADD(4, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa");
+ ADD(5, "clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa");
+
+ /* Five votes for A ... all from the same guy. Three for B. */
+ ADD(0, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(1, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(3, "cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.1 http://example.com/ cubehash=ahooy");
+
+ /* As above but new replaces old: no two match. */
+ ADD(0, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(1, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(1, "cbc 99.1.11.1.2 http://example.com/cbc/x cubehash=ahooy sha512=m");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/cbc/ cubehash=ahooy sha512=m");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy");
+ ADD(2, "cbc 99.1.11.1.2 http://example.com/ cubehash=ahooy");
+
+
+ res = compute_consensus_package_lines(votes);
+ tt_assert(res);
+ tt_str_op(res, ==,
+ "package cbc 99.1.11.1.1 http://example.com/cbc/ cubehash=ahooy sha512=m\n"
+ "package clownshoes 22alpha3 http://quumble.example.com/ blake2=fooz\n"
+ "package clownshoes 22alpha4 http://quumble.example.cam/ blake2=fooa\n"
+ "package element 0.66.1 http://quux.example.com/ sha256=abcdef\n"
+ "package mystic 99y http://foobar.example.com/ sha256=blahblah\n"
+ );
+
+#undef ADD
+#undef BAD
+#undef GOOD
+ done:
+ SMARTLIST_FOREACH(votes, networkstatus_t *, ns,
+ { smartlist_free(ns->package_lines); tor_free(ns); });
+ tor_free(res);
+}
+
#define DIR_LEGACY(name) \
{ #name, test_dir_ ## name , TT_FORK, NULL, NULL }
DIR_LEGACY(clip_unmeasured_bw_kb_alt),
DIR(fmt_control_ns, 0),
DIR(http_handling, 0),
+ DIR(packages, 0),
END_OF_TESTCASES
};
projects / thirdparty / tor.git / commitdiff
