/* Copyright 2001-2003 Roger Dingledine, Matej Pfajfar. */ /* See LICENSE for licensing information */ /* $Id$ */ #define OR_PUBLICKEY_BEGIN_TAG "-----BEGIN RSA PUBLIC KEY-----\n" #define OR_PUBLICKEY_END_TAG "-----END RSA PUBLIC KEY-----\n" #define OR_SIGNATURE_BEGIN_TAG "-----BEGIN SIGNATURE-----\n" #define OR_SIGNATURE_END_TAG "-----END SIGNATURE-----\n" #define _GNU_SOURCE /* XXX this is required on rh7 to make strptime not complain. how bad * is this for portability? */ #include "or.h" /****************************************************************************/ static routerlist_t *routerlist = NULL; /* router array */ extern or_options_t options; /* command-line and config-file options */ /****************************************************************************/ /* Enumeration of possible token types. The ones starting with K_ correspond * to directory 'keywords'. _SIGNATURE and _PUBLIC_KEY are self-explanatory. * _ERR is an error in the tokenizing process, _EOF is an end-of-file marker, * and _NIL is used to encode not-a-token. */ typedef enum { K_ACCEPT, K_DIRECTORY_SIGNATURE, K_RECOMMENDED_SOFTWARE, K_REJECT, K_ROUTER, K_SIGNED_DIRECTORY, K_SIGNING_KEY, K_ONION_KEY, K_LINK_KEY, K_ROUTER_SIGNATURE, K_PUBLISHED, K_RUNNING_ROUTERS, K_PLATFORM, _SIGNATURE, _PUBLIC_KEY, _ERR, _EOF, _NIL } directory_keyword; /* Struct containing a directory token. */ #define MAX_ARGS 1024 typedef struct directory_token_t { directory_keyword tp; /* Type of the token. */ union { struct { char *args[MAX_ARGS+1]; /* For K_xxx tokens only: an array and count */ int n_args; /* of arguments provided on the same line */ } cmd; char *signature; /* For _SIGNATURE tokens only. */ char *error; /* For _ERR tokens only. */ crypto_pk_env_t *public_key; /* For _PUBLIC_KEY tokens only. */ } val; } directory_token_t; /****************************************************************************/ /* static function prototypes */ static routerinfo_t * router_pick_directory_server_impl(void); static int router_get_list_from_string_impl(const char **s, routerlist_t **dest, int n_good_nicknames, const char **good_nickname_lst); static int router_get_routerlist_from_directory_impl(const char *s, routerlist_t **dest, crypto_pk_env_t *pkey); static int router_add_exit_policy(routerinfo_t *router, directory_token_t *tok); static int router_resolve_routerlist(routerlist_t *dir); static int _router_get_next_token(const char **s, directory_token_t *tok); #ifdef DEBUG_ROUTER_TOKENS static int router_get_next_token(const char **s, directory_token_t *tok); #else #define router_get_next_token _router_get_next_token #endif static int router_get_hash_impl(const char *s, char *digest, const char *start_str, const char *end_str); static void router_release_token(directory_token_t *tok); /****************************************************************************/ /* try to find a running dirserver. if there are no dirservers * in our routerlist, reload the routerlist and try again. */ routerinfo_t *router_pick_directory_server(void) { routerinfo_t *choice; choice = router_pick_directory_server_impl(); if(!choice) { log_fn(LOG_WARN,"No dirservers known. Reloading and trying again."); if(options.RouterFile) { if(router_set_routerlist_from_file(options.RouterFile) < 0) return NULL; } else { if(config_assign_default_dirservers() < 0) return NULL; } /* give it another try */ choice = router_pick_directory_server_impl(); } return choice; } /* pick a random running router with a positive dir_port */ static routerinfo_t *router_pick_directory_server_impl(void) { int i; routerinfo_t *router, *dirserver=NULL; smartlist_t *sl; if(!routerlist) return NULL; sl = smartlist_create(MAX_ROUTERS_IN_DIR); for(i=0;in_routers;i++) { router = routerlist->routers[i]; if(router->dir_port > 0 && router->is_running) smartlist_add(sl, router); } router = smartlist_choose(sl); smartlist_free(sl); if(router) return router; log_fn(LOG_INFO,"No dirservers are reachable. Trying them all again."); /* no running dir servers found? go through and mark them all as up, * and we'll cycle through the list again. */ for(i=0;in_routers;i++) { router = routerlist->routers[i]; if(router->dir_port > 0) { router->is_running = 1; dirserver = router; } } if(!dirserver) log_fn(LOG_WARN,"No dirservers in directory! Returning NULL."); return dirserver; } void router_add_running_routers_to_smartlist(smartlist_t *sl) { routerinfo_t *router; int i; if(!routerlist) return; for(i=0;in_routers;i++) { router = routerlist->routers[i]; if(router->is_running && (!options.ORPort || connection_twin_get_by_addr_port(router->addr, router->or_port) )) smartlist_add(sl, router); } } routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port) { int i; routerinfo_t *router; assert(routerlist); for(i=0;in_routers;i++) { router = routerlist->routers[i]; if ((router->addr == addr) && (router->or_port == port)) return router; } return NULL; } routerinfo_t *router_get_by_link_pk(crypto_pk_env_t *pk) { int i; routerinfo_t *router; assert(routerlist); for(i=0;in_routers;i++) { router = routerlist->routers[i]; if (0 == crypto_pk_cmp_keys(router->link_pkey, pk)) return router; } return NULL; } routerinfo_t *router_get_by_nickname(char *nickname) { int i; routerinfo_t *router; assert(routerlist); for(i=0;in_routers;i++) { router = routerlist->routers[i]; if (0 == strcmp(router->nickname, nickname)) return router; } return NULL; } /* a way to access routerlist outside this file */ void router_get_routerlist(routerlist_t **prouterlist) { *prouterlist = routerlist; } /* delete a router from memory */ void routerinfo_free(routerinfo_t *router) { struct exit_policy_t *e; if (!router) return; tor_free(router->address); tor_free(router->nickname); if (router->onion_pkey) crypto_free_pk_env(router->onion_pkey); if (router->link_pkey) crypto_free_pk_env(router->link_pkey); if (router->identity_pkey) crypto_free_pk_env(router->identity_pkey); while (router->exit_policy) { e = router->exit_policy; router->exit_policy = e->next; tor_free(e->string); free(e); } free(router); } static void routerlist_free(routerlist_t *rl) { int i; for (i = 0; i < rl->n_routers; ++i) routerinfo_free(rl->routers[i]); tor_free(rl->routers); tor_free(rl->software_versions); free(rl); } void router_mark_as_down(char *nickname) { routerinfo_t *router = router_get_by_nickname(nickname); if(!router) /* we don't seem to know about him in the first place */ return; log_fn(LOG_DEBUG,"Marking %s as down.",router->nickname); router->is_running = 0; } /* ------------------------------------------------------------ */ /* Replace the current router list with the one stored in 'routerfile'. */ int router_set_routerlist_from_file(char *routerfile) { char *string; string = read_file_to_str(routerfile); if(!string) { log_fn(LOG_WARN,"Failed to load routerfile %s.",routerfile); return -1; } if(router_set_routerlist_from_string(string) < 0) { log_fn(LOG_WARN,"The routerfile itself was corrupt."); free(string); return -1; } free(string); return 0; } /* Helper function: read routerinfo elements from s, and throw out the * ones that don't parse and resolve. Replace the current * routerlist. */ int router_set_routerlist_from_string(const char *s) { if (router_get_list_from_string_impl(&s, &routerlist, -1, NULL)) { log(LOG_WARN, "Error parsing router file"); return -1; } if (router_resolve_routerlist(routerlist)) { log(LOG_WARN, "Error resolving routerlist"); return -1; } return 0; } /* Set 'digest' to the SHA-1 digest of the hash of the directory in 's'. * Return 0 on success, nonzero on failure. */ int router_get_dir_hash(const char *s, char *digest) { return router_get_hash_impl(s,digest, "signed-directory","directory-signature"); } /* Set 'digest' to the SHA-1 digest of the hash of the first router in 's'. * Return 0 on success, nonzero on failure. */ int router_get_router_hash(const char *s, char *digest) { return router_get_hash_impl(s,digest, "router ","router-signature"); } /* return 0 if myversion is in versionlist. Else return -1. * (versionlist contains a comma-separated list of versions.) */ int compare_recommended_versions(const char *myversion, const char *versionlist) { int len_myversion = strlen(myversion); char *comma; const char *end = versionlist + strlen(versionlist); log_fn(LOG_DEBUG,"checking '%s' in '%s'.", myversion, versionlist); for(;;) { comma = strchr(versionlist, ','); if( ((comma ? comma : end) - versionlist == len_myversion) && !strncmp(versionlist, myversion, len_myversion)) /* only do strncmp if the length matches */ return 0; /* success, it's there */ if(!comma) return -1; /* nope */ versionlist = comma+1; } } /* Replace the current routerlist with the routers stored in the directory * 's'. If pkey is provided, make sure that 's' is signed with pkey. */ int router_set_routerlist_from_directory(const char *s, crypto_pk_env_t *pkey) { if (router_get_routerlist_from_directory_impl(s, &routerlist, pkey)) { log_fn(LOG_WARN, "Couldn't parse directory."); return -1; } if (router_resolve_routerlist(routerlist)) { log_fn(LOG_WARN, "Error resolving routerlist"); return -1; } if (compare_recommended_versions(VERSION, routerlist->software_versions) < 0) { log(options.IgnoreVersion ? LOG_WARN : LOG_ERR, "You are running Tor version %s, which will not work with this network.\n" "Please use %s%s.", VERSION, strchr(routerlist->software_versions,',') ? "one of " : "", routerlist->software_versions); if(options.IgnoreVersion) { log(LOG_WARN, "IgnoreVersion is set. If it breaks, we told you so."); } else { fflush(0); exit(0); } } return 0; } /* Helper function: resolve the hostname for 'router' */ static int router_resolve(routerinfo_t *router) { struct hostent *rent; rent = (struct hostent *)gethostbyname(router->address); if (!rent) { log_fn(LOG_WARN,"Could not get address for router %s.",router->address); return -1; } assert(rent->h_length == 4); memcpy(&router->addr, rent->h_addr,rent->h_length); router->addr = ntohl(router->addr); /* get it back into host order */ return 0; } /* Helper function: resolve every router in rl. */ static int router_resolve_routerlist(routerlist_t *rl) { int i, max, remove; if (!rl) rl = routerlist; max = rl->n_routers; for (i = 0; i < max; ++i) { remove = 0; if (router_resolve(rl->routers[i])) { log_fn(LOG_WARN, "Couldn't resolve router %s; not using", rl->routers[i]->address); remove = 1; } else if (options.Nickname && !strcmp(rl->routers[i]->nickname, options.Nickname)) { remove = 1; } if (remove) { routerinfo_free(rl->routers[i]); rl->routers[i] = rl->routers[--max]; --rl->n_routers; --i; } } return 0; } /* Addr is 0 for "IP unknown". * * Returns -1 for 'rejected', 0 for accepted, 1 for 'maybe' (since IP is * unknown. */ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, struct exit_policy_t *policy) { int maybe_reject = 0; int maybe_accept = 0; int match = 0; int maybe = 0; struct in_addr in; struct exit_policy_t *tmpe; for(tmpe=policy; tmpe; tmpe=tmpe->next) { log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string); maybe = 0; if (!addr) { /* Address is unknown. */ if (port >= tmpe->prt_min && port <= tmpe->prt_max) { /* The port definitely matches. */ if (tmpe->msk == 0) { match = 1; } else { maybe = 1; } } else if (!port) { /* The port maybe matches. */ maybe = 1; } } else { /* Address is known */ if ((addr & tmpe->msk) == (tmpe->addr & tmpe->msk)) { if (port >= tmpe->prt_min && port <= tmpe->prt_max) { /* Exact match for the policy */ match = 1; } else if (!port) { maybe = 1; } } } if (maybe) { if (tmpe->policy_type == EXIT_POLICY_REJECT) maybe_reject = 1; else maybe_accept = 1; } if (match) { in.s_addr = htonl(addr); log_fn(LOG_INFO,"Address %s:%d matches exit policy '%s'", inet_ntoa(in), port, tmpe->string); if(tmpe->policy_type == EXIT_POLICY_ACCEPT) { /* If we already hit a clause that might trigger a 'reject', than we * can't be sure of this certain 'accept'.*/ return maybe_reject ? ADDR_POLICY_UNKNOWN : ADDR_POLICY_ACCEPTED; } else { return maybe_accept ? ADDR_POLICY_UNKNOWN : ADDR_POLICY_REJECTED; } } } /* accept all by default. */ return maybe_reject ? ADDR_POLICY_UNKNOWN : ADDR_POLICY_ACCEPTED; } /* return 1 if all running routers will reject addr:port, return 0 if any might accept it. */ int router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port) { int i; routerinfo_t *router; for (i=0;in_routers;i++) { router = routerlist->routers[i]; if (router->is_running && router_compare_addr_to_exit_policy( addr, port, router->exit_policy) != ADDR_POLICY_REJECTED) return 0; /* this one could be ok. good enough. */ } return 1; /* all will reject. */ } int router_exit_policy_rejects_all(routerinfo_t *router) { return router_compare_addr_to_exit_policy(0, 0, router->exit_policy) == ADDR_POLICY_REJECTED; } /* Helper function: parse a directory from 's' and, when done, store the * resulting routerlist in *dest, freeing the old value if necessary. * If pkey is provided, we check the directory signature with pkey. */ static int router_get_routerlist_from_directory_impl(const char *s, routerlist_t **dest, crypto_pk_env_t *pkey) { directory_token_t tok; char digest[20]; char signed_digest[128]; routerlist_t *new_dir = NULL; char *versions = NULL; struct tm published; time_t published_on; char *good_nickname_lst[1024]; int n_good_nicknames = 0; int i; /* Local helper macro: get the next token from s (advancing s) and * bail on failure. */ #define NEXT_TOK() \ do { \ if (router_get_next_token(&s, &tok)) { \ log_fn(LOG_WARN, "Error reading directory: %s", tok.val.error); \ goto err; \ } } while (0) /* Local helper macro: bail if the most recently read token is not of * the given type. */ #define TOK_IS(type,name) \ do { \ if (tok.tp != type) { \ router_release_token(&tok); \ log_fn(LOG_WARN, "Error reading directory: expected %s", name); \ goto err; \ } } while(0) /* Local helper macro: Number of args in most recent token. */ #define N_ARGS tok.val.cmd.n_args /* Local helper macro: Array of args to most recent token. */ #define ARGS tok.val.cmd.args tok.tp = _NIL; if (router_get_dir_hash(s, digest)) { log_fn(LOG_WARN, "Unable to compute digest of directory"); goto err; } log(LOG_DEBUG,"Received directory hashes to %02x:%02x:%02x:%02x", ((int)digest[0])&0xff,((int)digest[1])&0xff, ((int)digest[2])&0xff,((int)digest[3])&0xff); NEXT_TOK(); TOK_IS(K_SIGNED_DIRECTORY, "signed-directory"); NEXT_TOK(); TOK_IS(K_PUBLISHED, "published"); assert(N_ARGS == 1); if (!strptime(ARGS[0], "%Y-%m-%d %H:%M:%S", &published)) { log_fn(LOG_WARN, "Published time was unparseable"); goto err; } published_on = tor_timegm(&published); NEXT_TOK(); TOK_IS(K_RECOMMENDED_SOFTWARE, "recommended-software"); if (N_ARGS != 1) { log_fn(LOG_WARN, "Invalid recommended-software line"); goto err; } versions = ARGS[0]; tok.val.cmd.n_args = 0; /* Don't let the versions string get freed. */ NEXT_TOK(); TOK_IS(K_RUNNING_ROUTERS, "running-routers"); n_good_nicknames = N_ARGS; memcpy(good_nickname_lst, ARGS, n_good_nicknames*sizeof(char *)); N_ARGS = 0; /* Don't free the strings in good_nickname_lst yet. */ /* Read the router list from s, advancing s up past the end of the last * router. */ if (router_get_list_from_string_impl(&s, &new_dir, n_good_nicknames, (const char**)good_nickname_lst)) { log_fn(LOG_WARN, "Error reading routers from directory"); goto err; } for (i = 0; i < n_good_nicknames; ++i) { tor_free(good_nickname_lst[i]); /* now free them */ } new_dir->software_versions = versions; versions = NULL; new_dir->published_on = published_on; NEXT_TOK(); TOK_IS(K_DIRECTORY_SIGNATURE, "directory-signature"); NEXT_TOK(); TOK_IS(_SIGNATURE, "signature"); if (pkey) { if (crypto_pk_public_checksig(pkey, tok.val.signature, 128, signed_digest) != 20) { log_fn(LOG_WARN, "Error reading directory: invalid signature."); goto err; } log(LOG_DEBUG,"Signed directory hash starts %02x:%02x:%02x:%02x", ((int)signed_digest[0])&0xff,((int)signed_digest[1])&0xff, ((int)signed_digest[2])&0xff,((int)signed_digest[3])&0xff); if (memcmp(digest, signed_digest, 20)) { log_fn(LOG_WARN, "Error reading directory: signature does not match."); goto err; } } NEXT_TOK(); TOK_IS(_EOF, "end of directory"); if (*dest) routerlist_free(*dest); *dest = new_dir; return 0; err: router_release_token(&tok); if (new_dir) routerlist_free(new_dir); tor_free(versions); for (i = 0; i < n_good_nicknames; ++i) { tor_free(good_nickname_lst[i]); } return -1; #undef NEXT_TOK #undef TOK_IS #undef ARGS #undef N_ARGS } /* Helper function: Given a string *s containing a concatenated * sequence of router descriptors, parses them and stores the result * in *dest. If good_nickname_lst is provided, then routers whose * nicknames are not listed are marked as nonrunning. Advances *s to * a point immediately following the last router entry. Returns 0 on * success and -1 on failure. */ static int router_get_list_from_string_impl(const char **s, routerlist_t **dest, int n_good_nicknames, const char **good_nickname_lst) { routerinfo_t *router; routerinfo_t **rarray; int rarray_len = 0; int i; assert(s && *s); rarray = (routerinfo_t **) tor_malloc((sizeof(routerinfo_t *))*MAX_ROUTERS_IN_DIR); while (1) { *s = eat_whitespace(*s); /* Don't start parsing the rest of *s unless it contains a router. */ if (strncmp(*s, "router ", 7)!=0) break; router = router_get_entry_from_string(s); if (!router) { log_fn(LOG_WARN, "Error reading router"); for(i=0;i= MAX_ROUTERS_IN_DIR) { log_fn(LOG_WARN, "too many routers"); routerinfo_free(router); continue; } if (n_good_nicknames>=0) { router->is_running = 0; for (i = 0; i < n_good_nicknames; ++i) { if (0==strcasecmp(good_nickname_lst[i], router->nickname)) { router->is_running = 1; break; } } } else { router->is_running = 1; /* start out assuming all dirservers are up */ } rarray[rarray_len++] = router; log_fn(LOG_DEBUG,"just added router #%d.",rarray_len); } if (*dest) routerlist_free(*dest); *dest = (routerlist_t *)tor_malloc(sizeof(routerlist_t)); (*dest)->routers = rarray; (*dest)->n_routers = rarray_len; (*dest)->software_versions = NULL; return 0; } /* Helper function: reads a single router entry from *s, and advances * *s so it points to just after the router it just read. * mallocs a new router and returns it if all goes well, else returns * NULL. */ routerinfo_t *router_get_entry_from_string(const char**s) { routerinfo_t *router = NULL; char signed_digest[128]; char digest[128]; directory_token_t _tok; directory_token_t *tok = &_tok; struct tm published; int t; /* Helper macro: read the next token from *s, advance *s, and bail if there's an error */ #define NEXT_TOKEN() \ do { if (router_get_next_token(s, tok)) { \ log_fn(LOG_WARN, "Error reading directory: %s", tok->val.error);\ goto err; \ } } while(0) #define ARGS tok->val.cmd.args #define N_ARGS tok->val.cmd.n_args _tok.tp = _NIL; if (router_get_router_hash(*s, digest) < 0) { log_fn(LOG_WARN, "Couldn't compute router hash."); return NULL; } NEXT_TOKEN(); /* XXX This leaks some arguments. */ if (tok->tp != K_ROUTER) { log_fn(LOG_WARN,"Entry does not start with \"router\""); goto err; } router = tor_malloc_zero(sizeof(routerinfo_t)); router->onion_pkey = router->identity_pkey = router->link_pkey = NULL; /* XXXBC move to <7 once we require bandwidthburst */ if (N_ARGS < 6) { log_fn(LOG_WARN,"Wrong # of arguments to \"router\""); goto err; } router->nickname = tor_strdup(ARGS[0]); if (strlen(router->nickname) > MAX_NICKNAME_LEN) { log_fn(LOG_WARN,"Router nickname too long."); goto err; } if (strspn(router->nickname, LEGAL_NICKNAME_CHARACTERS) != strlen(router->nickname)) { log_fn(LOG_WARN, "Router nickname contains illegal characters."); goto err; } /* read router.address */ router->address = tor_strdup(ARGS[1]); router->addr = 0; /* Read router->or_port */ router->or_port = atoi(ARGS[2]); if(!router->or_port) { log_fn(LOG_WARN,"or_port unreadable or 0. Failing."); goto err; } /* Router->socks_port */ router->socks_port = atoi(ARGS[3]); /* Router->dir_port */ router->dir_port = atoi(ARGS[4]); /* Router->bandwidth */ router->bandwidthrate = atoi(ARGS[5]); if (!router->bandwidthrate) { log_fn(LOG_WARN,"bandwidthrate unreadable or 0. Failing."); goto err; } #if XXXBC router->bandwidthburst = atoi(ARGS[6]); if (!router->bandwidthburst) { log_fn(LOG_WARN,"bandwidthburst unreadable or 0. Failing."); goto err; } #else router->bandwidthburst = 10*router->bandwidthrate; #endif log_fn(LOG_DEBUG,"or_port %d, socks_port %d, dir_port %d, bandwidthrate %u, bandwidthburst %u.", router->or_port, router->socks_port, router->dir_port, (unsigned) router->bandwidthrate, (unsigned) router->bandwidthburst); /* XXX Later, require platform before published. */ NEXT_TOKEN(); if (tok->tp == K_PLATFORM) { NEXT_TOKEN(); } if (tok->tp != K_PUBLISHED) { log_fn(LOG_WARN, "Missing published time"); goto err; } assert(N_ARGS == 1); if (!strptime(ARGS[0], "%Y-%m-%d %H:%M:%S", &published)) { log_fn(LOG_WARN, "Published time was unparseable"); goto err; } router->published_on = tor_timegm(&published); NEXT_TOKEN(); if (tok->tp != K_ONION_KEY) { log_fn(LOG_WARN, "Missing onion-key"); goto err; } NEXT_TOKEN(); if (tok->tp != _PUBLIC_KEY) { log_fn(LOG_WARN, "Missing onion key"); goto err; } /* XXX Check key length */ router->onion_pkey = tok->val.public_key; tok->val.public_key = NULL; /* Prevent free */ NEXT_TOKEN(); if (tok->tp != K_LINK_KEY) { log_fn(LOG_WARN, "Missing link-key"); goto err; } NEXT_TOKEN(); if (tok->tp != _PUBLIC_KEY) { log_fn(LOG_WARN, "Missing link key"); goto err; } /* XXX Check key length */ router->link_pkey = tok->val.public_key; tok->val.public_key = NULL; /* Prevent free */ NEXT_TOKEN(); if (tok->tp != K_SIGNING_KEY) { log_fn(LOG_WARN, "Missing signing-key"); goto err; } NEXT_TOKEN(); if (tok->tp != _PUBLIC_KEY) { log_fn(LOG_WARN, "Missing signing key"); goto err; } router->identity_pkey = tok->val.public_key; tok->val.public_key = NULL; /* Prevent free */ NEXT_TOKEN(); while (tok->tp == K_ACCEPT || tok->tp == K_REJECT) { router_add_exit_policy(router, tok); NEXT_TOKEN(); /* This also leaks some args. XXX */ } if (tok->tp != K_ROUTER_SIGNATURE) { log_fn(LOG_WARN,"Missing router signature"); goto err; } NEXT_TOKEN(); if (tok->tp != _SIGNATURE) { log_fn(LOG_WARN,"Missing router signature"); goto err; } assert (router->identity_pkey); if ((t=crypto_pk_public_checksig(router->identity_pkey, tok->val.signature, 128, signed_digest)) != 20) { log_fn(LOG_WARN, "Invalid signature %d",t); goto err; } if (memcmp(digest, signed_digest, 20)) { log_fn(LOG_WARN, "Mismatched signature"); goto err; } router_release_token(tok); /* free the signature */ return router; err: router_release_token(tok); routerinfo_free(router); return NULL; #undef ARGS #undef N_ARGS #undef NEXT_TOKEN } /* Parse the exit policy in the string 's' and add it to 'router'. */ int router_add_exit_policy_from_string(routerinfo_t *router, const char *s) { directory_token_t tok; const char *cp; char *tmp; int r; int len, idx; tok.tp = _NIL; /* *s might not end with \n, so we need to extend it with one. */ len = strlen(s); cp = tmp = tor_malloc(len+2); for (idx = 0; idx < len; ++idx) { tmp[idx] = tolower(s[idx]); } tmp[len]='\n'; tmp[len+1]='\0'; if (router_get_next_token(&cp, &tok)) { log_fn(LOG_WARN, "Error reading exit policy: %s", tok.val.error); goto err; } if (tok.tp != K_ACCEPT && tok.tp != K_REJECT) { log_fn(LOG_WARN, "Expected 'accept' or 'reject'."); goto err; } /* Now that we've gotten an exit policy, add it to the router. */ r = router_add_exit_policy(router, &tok); goto done; err: r = -1; done: free(tmp); router_release_token(&tok); return r; } /* Given a K_ACCEPT or K_REJECT token and a router, create a new exit_policy_t * corresponding to the token, and add it to 'router' */ static int router_add_exit_policy(routerinfo_t *router, directory_token_t *tok) { struct exit_policy_t *tmpe, *newe; struct in_addr in; char *arg, *address, *mask, *port, *endptr; int bits; assert(tok->tp == K_REJECT || tok->tp == K_ACCEPT); if (tok->val.cmd.n_args != 1) return -1; arg = tok->val.cmd.args[0]; newe = tor_malloc_zero(sizeof(struct exit_policy_t)); newe->string = tor_malloc(8+strlen(arg)); if (tok->tp == K_REJECT) { strcpy(newe->string, "reject "); newe->policy_type = EXIT_POLICY_REJECT; } else { strcpy(newe->string, "accept "); newe->policy_type = EXIT_POLICY_ACCEPT; } strcat(newe->string, arg); address = arg; mask = strchr(arg,'/'); port = strchr(mask?mask:arg,':'); /* Break 'arg' into separate strings. 'arg' was already strdup'd by * _router_get_next_token, so it's safe to modify. */ if (mask) *mask++ = 0; if (port) *port++ = 0; if (strcmp(address, "*") == 0) { newe->addr = 0; } else if (inet_aton(address, &in) != 0) { newe->addr = ntohl(in.s_addr); } else { log_fn(LOG_WARN, "Malformed IP %s in exit policy; rejecting.", address); goto policy_read_failed; } if (!mask) { if (strcmp(address, "*") == 0) newe->msk = 0; else newe->msk = 0xFFFFFFFFu; } else { endptr = NULL; bits = (int) strtol(mask, &endptr, 10); if (!*endptr) { /* strtol handled the whole mask. */ newe->msk = ~((1<<(32-bits))-1); } else if (inet_aton(mask, &in) != 0) { newe->msk = ntohl(in.s_addr); } else { log_fn(LOG_WARN, "Malformed mask %s on exit policy; rejecting.", mask); goto policy_read_failed; } } if (!port || strcmp(port, "*") == 0) { newe->prt_min = 0; newe->prt_max = 65535; } else { endptr = NULL; newe->prt_min = strtol(port, &endptr, 10); if (*endptr == '-') { port = endptr+1; endptr = NULL; newe->prt_max = strtol(port, &endptr, 10); if (*endptr) { log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.", port); } } else if (*endptr) { log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.", port); goto policy_read_failed; } else { newe->prt_max = newe->prt_min; } } in.s_addr = htonl(newe->addr); address = tor_strdup(inet_ntoa(in)); in.s_addr = htonl(newe->msk); log_fn(LOG_DEBUG,"%s %s/%s:%d-%d", newe->policy_type == EXIT_POLICY_REJECT ? "reject" : "accept", address, inet_ntoa(in), newe->prt_min, newe->prt_max); tor_free(address); /* now link newe onto the end of exit_policy */ if(!router->exit_policy) { router->exit_policy = newe; return 0; } for(tmpe=router->exit_policy; tmpe->next; tmpe=tmpe->next) ; tmpe->next = newe; return 0; policy_read_failed: assert(newe->string); log_fn(LOG_WARN,"Couldn't parse line '%s'. Dropping", newe->string); tor_free(newe->string); free(newe); return -1; } /* ------------------------------------------------------------ */ /* Tokenizer for router descriptors and directories. */ /* Every keyword takes either... */ typedef enum { NO_ARGS, /* (1) no arguments, ever */ ARGS, /* (2) a list of arguments separated by spaces */ CONCAT_ARGS, /* or (3) the rest of the line, treated as a single argument. */ } arg_syntax; /* Table mapping keywods to token value and to argument rules. */ static struct { char *t; int v; arg_syntax s; } token_table[] = { { "accept", K_ACCEPT, ARGS }, { "directory-signature", K_DIRECTORY_SIGNATURE, NO_ARGS }, { "reject", K_REJECT, ARGS }, { "router", K_ROUTER, ARGS }, { "recommended-software", K_RECOMMENDED_SOFTWARE, ARGS }, { "signed-directory", K_SIGNED_DIRECTORY, NO_ARGS }, { "signing-key", K_SIGNING_KEY, NO_ARGS }, { "onion-key", K_ONION_KEY, NO_ARGS }, { "link-key", K_LINK_KEY, NO_ARGS }, { "router-signature", K_ROUTER_SIGNATURE, NO_ARGS }, { "published", K_PUBLISHED, CONCAT_ARGS }, { "running-routers", K_RUNNING_ROUTERS, ARGS }, { "platform", K_PLATFORM, ARGS }, { NULL, -1 } }; /* Free any malloced resources allocated for a token. Does not free * the token itself. */ static void router_release_token(directory_token_t *tok) { int i; switch (tok->tp) { case _SIGNATURE: if (tok->val.signature) free(tok->val.signature); break; case _PUBLIC_KEY: if (tok->val.public_key) crypto_free_pk_env(tok->val.public_key); break; case _ERR: case _EOF: case _NIL: break; default: for (i = 0; i < tok->val.cmd.n_args; ++i) { tor_free(tok->val.cmd.args[i]); } } tok->tp = _NIL; } /* Helper function: read the next token from *s, and stores it into *tok. * If *tok already contains a token (tok->tp != _NIL), free the resources * held by *tok. Advance *s to a point immediately after the token. * * */ static int _router_get_next_token(const char **s, directory_token_t *tok) { const char *next; crypto_pk_env_t *pkey = NULL; char *signature = NULL; int i, done; /* Clear the token _first_, so that we can clear it safely. */ router_release_token(tok); tok->tp = _ERR; tok->val.error = ""; *s = eat_whitespace(*s); if (!**s) { tok->tp = _EOF; return 0; } else if (**s == '-') { next = strchr(*s, '\n'); if (! next) { tok->val.error = "No newline at EOF"; return -1; } ++next; if (! strncmp(*s, OR_PUBLICKEY_BEGIN_TAG, next-*s)) { /* We have a ----BEGIN PUBLIC KEY----- */ next = strstr(*s, OR_PUBLICKEY_END_TAG); if (!next) { tok->val.error = "No public key end tag found"; return -1; } next = strchr(next, '\n'); /* Part of OR_PUBLICKEY_END_TAG; can't fail.*/ ++next; if (!(pkey = crypto_new_pk_env(CRYPTO_PK_RSA))) return -1; if (crypto_pk_read_public_key_from_string(pkey, *s, next-*s)) { crypto_free_pk_env(pkey); tok->val.error = "Couldn't parse public key."; return -1; } tok->tp = _PUBLIC_KEY; tok->val.public_key = pkey; *s = next; return 0; } else if (! strncmp(*s, OR_SIGNATURE_BEGIN_TAG, next-*s)) { /* We have a -----BEGIN SIGNATURE----- */ /* Advance past newline; can't fail. */ *s = strchr(*s, '\n'); ++*s; /* Find end of base64'd data */ next = strstr(*s, OR_SIGNATURE_END_TAG); if (!next) { tok->val.error = "No signature end tag found"; return -1; } signature = tor_malloc(256); i = base64_decode(signature, 256, *s, next-*s); if (i<0) { free(signature); tok->val.error = "Error decoding signature."; return -1; } else if (i != 128) { free(signature); tok->val.error = "Bad length on decoded signature."; return -1; } tok->tp = _SIGNATURE; tok->val.signature = signature; next = strchr(next, '\n'); /* Part of OR_SIGNATURE_END_TAG; can't fail.*/ *s = next+1; return 0; } else { tok->val.error = "Unrecognized begin line"; return -1; } } else { next = find_whitespace(*s); if (!next) { tok->val.error = "Unexpected EOF"; return -1; } /* It's a keyword... but which one? */ for (i = 0 ; token_table[i].t ; ++i) { if (!strncmp(token_table[i].t, *s, next-*s)) { /* We've found the keyword. */ tok->tp = token_table[i].v; if (token_table[i].s == ARGS) { /* This keyword takes multiple arguments. */ i = 0; done = (*next == '\n'); *s = eat_whitespace_no_nl(next); while (**s != '\n' && i < MAX_ARGS && !done) { next = find_whitespace(*s); if (*next == '\n') done = 1; tok->val.cmd.args[i++] = tor_strndup(*s,next-*s); /* XXX this line (the strndup) is the memory leak. */ *s = eat_whitespace_no_nl(next+1); } tok->val.cmd.n_args = i; if (i >= MAX_ARGS) { router_release_token(tok); tok->tp = _ERR; tok->val.error = "Too many arguments"; return -1; } } else if (token_table[i].s == CONCAT_ARGS) { /* The keyword takes the line as a single argument */ *s = eat_whitespace_no_nl(next); next = strchr(*s, '\n'); if (!next) { tok->tp = _ERR; tok->val.error = "Unexpected EOF"; return -1; } tok->val.cmd.args[0] = tor_strndup(*s,next-*s); tok->val.cmd.n_args = 1; *s = eat_whitespace_no_nl(next+1); } else { /* The keyword takes no arguments. */ *s = eat_whitespace_no_nl(next); if (**s != '\n') { tok->tp = _ERR; tok->val.error = "Unexpected arguments"; return -1; } tok->val.cmd.n_args = 0; *s = eat_whitespace_no_nl(*s+1); } return 0; } } tok->val.error = "Unrecognized command"; return -1; } } #ifdef DEBUG_ROUTER_TOKENS static void router_dump_token(directory_token_t *tok) { int i; switch(tok->tp) { case _SIGNATURE: puts("(signature)"); return; case _PUBLIC_KEY: puts("(public key)"); return; case _ERR: printf("(Error: %s\n)", tok->val.error); return; case _EOF: puts("EOF"); return; case K_ACCEPT: printf("Accept"); break; case K_DIRECTORY_SIGNATURE: printf("Directory-Signature"); break; case K_REJECT: printf("Reject"); break; case K_RECOMMENDED_SOFTWARE: printf("Server-Software"); break; case K_ROUTER: printf("Router"); break; case K_SIGNED_DIRECTORY: printf("Signed-Directory"); break; case K_SIGNING_KEY: printf("Signing-Key"); break; case K_ONION_KEY: printf("Onion-key"); break; case K_LINK_KEY: printf("Link-key"); break; case K_ROUTER_SIGNATURE: printf("Router-signature"); break; case K_PUBLISHED: printf("Published"); break; case K_RUNNING_ROUTERS: printf("Running-routers"); break; case K_PLATFORM: printf("Platform"); break; default: printf("?????? %d\n", tok->tp); return; } for (i = 0; i < tok->val.cmd.n_args; ++i) { printf(" \"%s\"", tok->val.cmd.args[i]); } printf("\n"); return; } static int router_get_next_token(const char **s, directory_token_t *tok) { int i; i = _router_get_next_token(s, tok); router_dump_token(tok); return i; } #else #define router_get_next_token _router_get_next_token #endif /* Compute the SHA digest of the substring of s taken from the first * occurrence of start_str through the first newline after the first * subsequent occurrence of end_str; store the 20-byte result in 'digest'; * return 0 on success. * * If no such substring exists, return -1. */ static int router_get_hash_impl(const char *s, char *digest, const char *start_str, const char *end_str) { char *start, *end; start = strstr(s, start_str); if (!start) { log_fn(LOG_WARN,"couldn't find \"%s\"",start_str); return -1; } end = strstr(start+strlen(start_str), end_str); if (!end) { log_fn(LOG_WARN,"couldn't find \"%s\"",end_str); return -1; } end = strchr(end, '\n'); if (!end) { log_fn(LOG_WARN,"couldn't find EOL"); return -1; } ++end; if (crypto_SHA_digest(start, end-start, digest)) { log_fn(LOG_WARN,"couldn't compute digest"); return -1; } return 0; } /* Local Variables: mode:c indent-tabs-mode:nil c-basic-offset:2 End: */