sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'bug23826-23828_squashed'

This commit is contained in:
Nick Mathewson 2017-12-04 11:43:11 -05:00
parent cf3da63b90 a2c09f6751
commit f50d64b62e
7 changed files with 82 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
changes/bug23826-23828 Normal file
View File

@ -0,0 +1,14 @@
o Major features (IPv6, directory documents):
- Add consensus method 27, which adds IPv6 ORPorts to the microdesc
consensus. This makes it easier for IPv6 clients to bootstrap and
choose reachable entry guards.
Implements 23826.
- Add consensus method 28, which removes IPv6 ORPorts from
microdescriptors. Now that there are IPv6 ORPorts in the microdesc
consensus, they are redundant in microdescs. This change is compatible
with tor clients on 0.2.8.x and later. (0.2.8.x introduced client IPv6
bootstrap and guard support.)
Implements 23828.
- Expand the documentation for AuthDirHasIPv6Connectivity when it is set
by different numbers of authorities.
Fixes 23870 on 0.2.4.1-alpha.

26
doc/tor.1.txt
View File

@ -2473,9 +2473,29 @@ on the public Tor network.
[[AuthDirHasIPv6Connectivity]] **AuthDirHasIPv6Connectivity** **0**|**1**::
Authoritative directories only. When set to 0, OR ports with an
IPv6 address are being accepted without reachability testing.
When set to 1, IPv6 OR ports are being tested just like IPv4 OR
ports. (Default: 0)
IPv6 address are not included in the authority's votes. When set to 1,
IPv6 OR ports are tested for reachability like IPv4 OR ports. If the
reachability test succeeds, the authority votes for the IPv6 ORPort, and
votes Running for the relay. If the reachability test fails, the authority
does not vote for the IPv6 ORPort, and does not vote Running (Default: 0) +
+
The content of the consensus depends on the number of voting authorities
that set AuthDirHasIPv6Connectivity:
If no authorities set AuthDirHasIPv6Connectivity 1, there will be no
IPv6 ORPorts in the consensus.
If a minority of authorities set AuthDirHasIPv6Connectivity 1,
unreachable IPv6 ORPorts will be removed from the consensus. But the
majority of IPv4-only authorities will still vote the relay as Running.
Reachable IPv6 ORPort lines will be included in the consensus
If a majority of voting authorities set AuthDirHasIPv6Connectivity 1,
relays with unreachable IPv6 ORPorts will not be listed as Running.
Reachable IPv6 ORPort lines will be included in the consensus
(To ensure that any valid majority will vote relays with unreachable
IPv6 ORPorts not Running, 75% of authorities must set
AuthDirHasIPv6Connectivity 1.)
[[MinMeasuredBWsForAuthToIgnoreAdvertised]] **MinMeasuredBWsForAuthToIgnoreAdvertised** __N__::
A total value, in abstract bandwidth units, describing how much

19
src/or/dirserv.c
View File

@ -1903,21 +1903,28 @@ version_from_platform(const char *platform)
/** Helper: write the router-status information in <b>rs</b> into a newly
* allocated character buffer. Use the same format as in network-status
* documents. If <b>version</b> is non-NULL, add a "v" line for the platform.
*
* consensus_method is the current consensus method when format is
* NS_V3_CONSENSUS or NS_V3_CONSENSUS_MICRODESC. It is ignored for other
* formats: pass ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD.
*
* Return 0 on success, -1 on failure.
*
* The format argument has one of the following values:
* NS_V2 - Output an entry suitable for a V2 NS opinion document
* NS_V3_CONSENSUS - Output the first portion of a V3 NS consensus entry
* for consensus_method.
* NS_V3_CONSENSUS_MICRODESC - Output the first portion of a V3 microdesc
* consensus entry.
* consensus entry for consensus_method.
* NS_V3_VOTE - Output a complete V3 NS vote. If <b>vrs</b> is present,
* it contains additional information for the vote.
* NS_CONTROL_PORT - Output a NS document for the control port
* NS_CONTROL_PORT - Output a NS document for the control port.
*/
char *
routerstatus_format_entry(const routerstatus_t *rs, const char *version,
const char *protocols,
routerstatus_format_type_t format,
int consensus_method,
const vote_routerstatus_t *vrs)
{
char *summary;
@ -1948,8 +1955,10 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version,
* networkstatus_type_t values, with an additional control port value
* added -MP */
/* V3 microdesc consensuses don't have "a" lines. */
if (format == NS_V3_CONSENSUS_MICRODESC)
/* V3 microdesc consensuses only have "a" lines in later consensus methods
*/
if (format == NS_V3_CONSENSUS_MICRODESC &&
consensus_method < MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS)
goto done;
/* Possible "a" line. At most one for now. */
@ -1958,7 +1967,7 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version,
fmt_addrport(&rs->ipv6_addr, rs->ipv6_orport));
}
if (format == NS_V3_CONSENSUS)
if (format == NS_V3_CONSENSUS || format == NS_V3_CONSENSUS_MICRODESC)
goto done;
smartlist_add_asprintf(chunks,

1
src/or/dirserv.h
View File

@ -150,6 +150,7 @@ char *routerstatus_format_entry(
const char *version,
const char *protocols,
routerstatus_format_type_t format,
int consensus_method,
const vote_routerstatus_t *vrs);
void dirserv_free_all(void);
void cached_dir_decref(cached_dir_t *d);

19
src/or/dirvote.c
View File

@ -278,7 +278,9 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
vote_microdesc_hash_t *h;
rsf = routerstatus_format_entry(&vrs->status,
vrs->version, vrs->protocols,
NS_V3_VOTE, vrs);
NS_V3_VOTE,
ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
vrs);
if (rsf)
smartlist_add(chunks, rsf);
@ -1317,8 +1319,9 @@ compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes)
/** Given a list of vote networkstatus_t in <b>votes</b>, our public
* authority <b>identity_key</b>, our private authority <b>signing_key</b>,
* and the number of <b>total_authorities</b> that we believe exist in our
* voting quorum, generate the text of a new v3 consensus vote, and return the
* value in a newly allocated string.
* voting quorum, generate the text of a new v3 consensus or microdescriptor
* consensus (depending on <b>flavor</b>), and return the value in a newly
* allocated string.
*
* Note: this function DOES NOT check whether the votes are from
* recognized authorities. (dirvote_add_vote does that.)
@ -2101,7 +2104,8 @@ networkstatus_compute_consensus(smartlist_t *votes,
char *buf;
/* Okay!! Now we can write the descriptor... */
/* First line goes into "buf". */
buf = routerstatus_format_entry(&rs_out, NULL, NULL, rs_format, NULL);
buf = routerstatus_format_entry(&rs_out, NULL, NULL,
rs_format, consensus_method, NULL);
if (buf)
smartlist_add(chunks, buf);
}
@ -3831,7 +3835,10 @@ dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf);
}
/* We originally put a lines in the micrdescriptors, but then we worked out
* that we needed them in the microdesc consensus. See #20916. */
if (consensus_method >= MIN_METHOD_FOR_A_LINES &&
consensus_method < MIN_METHOD_FOR_NO_A_LINES_IN_MICRODESC &&
!tor_addr_is_null(&ri->ipv6_addr) && ri->ipv6_orport)
smartlist_add_asprintf(chunks, "a %s\n",
fmt_addrport(&ri->ipv6_addr, ri->ipv6_orport));
@ -3940,7 +3947,9 @@ static const struct consensus_method_range_t {
{MIN_METHOD_FOR_P6_LINES, MIN_METHOD_FOR_NTOR_KEY - 1},
{MIN_METHOD_FOR_NTOR_KEY, MIN_METHOD_FOR_ID_HASH_IN_MD - 1},
{MIN_METHOD_FOR_ID_HASH_IN_MD, MIN_METHOD_FOR_ED25519_ID_IN_MD - 1},
{MIN_METHOD_FOR_ED25519_ID_IN_MD, MAX_SUPPORTED_CONSENSUS_METHOD},
{MIN_METHOD_FOR_ED25519_ID_IN_MD,
MIN_METHOD_FOR_NO_A_LINES_IN_MICRODESC - 1},
{MIN_METHOD_FOR_NO_A_LINES_IN_MICRODESC, MAX_SUPPORTED_CONSENSUS_METHOD},
{-1, -1}
};

14
src/or/dirvote.h
View File

@ -51,11 +51,15 @@
#define MIN_VOTE_INTERVAL_TESTING_INITIAL \
((MIN_VOTE_SECONDS_TESTING)+(MIN_DIST_SECONDS_TESTING)+1)
/* A placeholder for routerstatus_format_entry() when the consensus method
* argument is not applicable. */
#define ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD 0
/** The lowest consensus method that we currently support. */
#define MIN_SUPPORTED_CONSENSUS_METHOD 13
/** The highest consensus method that we currently support. */
#define MAX_SUPPORTED_CONSENSUS_METHOD 26
#define MAX_SUPPORTED_CONSENSUS_METHOD 28
/** Lowest consensus method where microdesc consensuses omit any entry
* with no microdesc. */
@ -115,6 +119,14 @@
* instead of 0. See #14881 */
#define MIN_METHOD_FOR_INIT_BW_WEIGHTS_ONE 26
/** Lowest consensus method where the microdesc consensus contains relay IPv6
* addresses. See #23826 and #20916. */
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS 27
/** Lowest consensus method where microdescriptors do not contain relay IPv6
* addresses. See #23828 and #20916. */
#define MIN_METHOD_FOR_NO_A_LINES_IN_MICRODESC 28
/** Default bandwidth to clip unmeasured bandwidths to using method >=
* MIN_METHOD_TO_CLIP_UNMEASURED_BW. (This is not a consensus method; do not
* get confused with the above macros.) */

4
src/or/networkstatus.c
View File

@ -2209,7 +2209,9 @@ signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
char *
networkstatus_getinfo_helper_single(const routerstatus_t *rs)
{
return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT, NULL);
return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT,
ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
NULL);
}
/** Alloc and return a string describing routerstatuses for the most