Allow authorities to baddir/badexit/invalid/reject nodes by cc

Implements ticket #4207
2012-01-13 12:28:32 -05:00 · 2012-01-13 12:28:32 -05:00 · 938531773a
parent fbd243a165
commit 938531773a
5 changed files with 63 additions and 4 deletions
--- a/changes/badexitcc
+++ b/changes/badexitcc
@ -0,0 +1,3 @@
+  o Minor features (directory authority):
+    - Authority operators can now vote for all routers in a given
+      country to be BadDir/BadExit/Invali/Rejected.
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -1462,6 +1462,18 @@ DIRECTORY AUTHORITY SERVER OPTIONS
    authority publishes, or accepted as an OR address in any descriptor
    submitted for publication by this authority.

+**AuthDirBadDirCC** __CC__,... +
+
+**AuthDirBadExitCC** __CC__,... +
+
+**AuthDirInvalidCC** __CC__,... +
+
+**AuthDirRejectCC** __CC__,...::
+    Authoritative directories only. These options contain a comma-separated
+    list of country codes such that any server in one of those country codes
+    will be marked as a bad directory/bad exit/invalid for use, or rejected
+    entirely.
+
 **AuthDirListBadDirs** **0**|**1**::
    Authoritative directories only. If set to 1, this directory has some
    opinion about which nodes are unsuitable as directory caches. (Do not set
--- a/src/or/config.c
+++ b/src/or/config.c
@ -89,6 +89,10 @@ typedef struct config_abbrev_t {
 /** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
 static config_abbrev_t _option_abbrevs[] = {
+  PLURAL(AuthDirBadDirCC),
+  PLURAL(AuthDirBadExitCC),
+  PLURAL(AuthDirInvalidCC),
+  PLURAL(AuthDirRejectCC),
  PLURAL(ExitNode),
  PLURAL(EntryNode),
  PLURAL(ExcludeNode),
@ -182,11 +186,15 @@ static config_var_t _option_vars[] = {
  V(AlternateHSAuthority,        LINELIST, NULL),
  V(AssumeReachable,             BOOL,     "0"),
  V(AuthDirBadDir,               LINELIST, NULL),
+  V(AuthDirBadDirCC,             CSV,      ""),
  V(AuthDirBadExit,              LINELIST, NULL),
+  V(AuthDirBadExitCC,            CSV,      ""),
  V(AuthDirInvalid,              LINELIST, NULL),
+  V(AuthDirInvalidCC,            CSV,      ""),
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
  V(AuthDirReject,               LINELIST, NULL),
+  V(AuthDirRejectCC,             CSV,      ""),
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
  V(AuthDirListBadDirs,          BOOL,     "0"),
  V(AuthDirListBadExits,         BOOL,     "0"),
--- a/src/or/or.h
+++ b/src/or/or.h
@ -3237,6 +3237,19 @@ typedef struct {
                                 * reject. */
  config_line_t *AuthDirInvalid; /**< Address policy for descriptors to
                                  * never mark as valid. */
+  /** @name AuthDir...CC
+   *
+   * Lists of of country codes to mark as BadDir, BadExit, or Invalid, or to
+   * reject entirely.
+   *
+   * @{
+   */
+  smartlist_t *AuthDirBadDirCC;
+  smartlist_t *AuthDirBadExitCC;
+  smartlist_t *AuthDirRejectCC;
+  smartlist_t *AuthDirInvalidCC;
+  /**@}*/
+
  int AuthDirListBadDirs; /**< True iff we should list bad dirs,
                           * and vote for all other dir mirrors as good. */
  int AuthDirListBadExits; /**< True iff we should list bad exits,
--- a/src/or/policies.c
+++ b/src/or/policies.c
@ -14,6 +14,7 @@
 #include "nodelist.h"
 #include "policies.h"
 #include "routerparse.h"
+#include "geoip.h"
 #include "ht.h"

 /** Policy that addresses for incoming SOCKS connections must match. */
@ -313,13 +314,29 @@ socks_policy_permits_address(const tor_addr_t *addr)
  return addr_policy_permits_tor_addr(addr, 1, socks_policy);
 }

+/** Return true iff the address <b>addr</b> is in a country listed in the
+ * case-insentive list of country codes <b>cc_list</b>. */
+static int
+addr_is_in_cc_list(uint32_t addr, const smartlist_t *cc_list)
+{
+  country_t country;
+  const char *name;
+  if (!cc_list)
+    return 0;
+  country = geoip_get_country_by_ip(addr);
+  name = geoip_get_country_name(country);
+  return smartlist_string_isin_case(cc_list, name);
+}
+
 /** Return 1 if <b>addr</b>:<b>port</b> is permitted to publish to our
 * directory, based on <b>authdir_reject_policy</b>. Else return 0.
 */
 int
 authdir_policy_permits_address(uint32_t addr, uint16_t port)
 {
-  return addr_policy_permits_address(addr, port, authdir_reject_policy);
+  if (! addr_policy_permits_address(addr, port, authdir_reject_policy))
+    return 0;
+  return !addr_is_in_cc_list(addr, get_options()->AuthDirRejectCC);
 }

 /** Return 1 if <b>addr</b>:<b>port</b> is considered valid in our
@ -328,7 +345,9 @@ authdir_policy_permits_address(uint32_t addr, uint16_t port)
 int
 authdir_policy_valid_address(uint32_t addr, uint16_t port)
 {
-  return addr_policy_permits_address(addr, port, authdir_invalid_policy);
+  if (! addr_policy_permits_address(addr, port, authdir_invalid_policy))
+    return 0;
+  return !addr_is_in_cc_list(addr, get_options()->AuthDirInvalidCC);
 }

 /** Return 1 if <b>addr</b>:<b>port</b> should be marked as a bad dir,
@ -337,7 +356,9 @@ authdir_policy_valid_address(uint32_t addr, uint16_t port)
 int
 authdir_policy_baddir_address(uint32_t addr, uint16_t port)
 {
-  return ! addr_policy_permits_address(addr, port, authdir_baddir_policy);
+  if (! addr_policy_permits_address(addr, port, authdir_baddir_policy))
+    return 1;
+  return addr_is_in_cc_list(addr, get_options()->AuthDirBadDirCC);
 }

 /** Return 1 if <b>addr</b>:<b>port</b> should be marked as a bad exit,
@ -346,7 +367,9 @@ authdir_policy_baddir_address(uint32_t addr, uint16_t port)
 int
 authdir_policy_badexit_address(uint32_t addr, uint16_t port)
 {
-  return ! addr_policy_permits_address(addr, port, authdir_badexit_policy);
+  if (! addr_policy_permits_address(addr, port, authdir_badexit_policy))
+    return 1;
+  return addr_is_in_cc_list(addr, get_options()->AuthDirBadExitCC);
 }

 #define REJECT(arg) \