r8776@totoro: nickm | 2006-09-29 00:50:46 -0400

Reserve the nickname "Unnamed" for routers that can't pick a hostname; any
 router can call itself Unnamed; directory servers will never allocate Unnamed
 to any particular router; clients won't believe that any router is the
 canonical Unnamed.
 


svn:r8529
This commit is contained in:
Nick Mathewson 2006-09-29 04:51:28 +00:00
parent 4feccecfe8
commit 8992bf6204
8 changed files with 56 additions and 14 deletions

View File

@ -36,6 +36,10 @@ Changes in version 0.1.2.2-alpha - 2006-??-??
the v1 directory protocol, the v2 directory protocol, and as hidden
service directories. This should make it easier to migrate trust away
from one of the two authorities currently running on Moria.
- Reserve the nickname "Unnamed" for routers that can't pick a hostname;
any router can call itself Unnamed; directory servers will never
allocate Unnamed to any particular router; clients won't believe that
any router is the canonical Unnamed.
o Security Fixes, minor:
- If a client asked for a server by name, and we didn't have a

View File

@ -79,8 +79,8 @@ N - Simplify authority operation
- Servers are easy to setup and run: being a relay is about as easy as
being a client.
- Reduce resource load
N - Come up with good 'nicknames' automatically, or make no-nickname
. Reduce resource load
o Come up with good 'nicknames' automatically, or make no-nickname
routers workable. [Make a magic nickname "Unnamed" that can't be
registered and can't be looked up by nickname.]
d - Tolerate clock skew on bridge relays.

View File

@ -759,6 +759,12 @@ $Id$
(XXXX The last-bound thing above isn't implemented)
Not every router needs a nickname. When a router doesn't configure a
nickname, it publishes with the default nickname "Unnamed". Authorities
SHOULD NOT ever mark a router with this nickname as Named; client software
SHOULD NOT ever use a router in response to a user request for a router
called "Unnamed".
6.2. Software versions
An implementation of Tor SHOULD warn when it has fetched (or has

View File

@ -1731,20 +1731,21 @@ resolve_my_address(int warn_severity, or_options_t *options,
static char *
get_default_nickname(void)
{
static const char * const bad_default_nicknames[] = {
"localhost",
NULL,
};
char localhostname[256];
char *cp, *out, *outp;
int i;
if (gethostname(localhostname, sizeof(localhostname)) < 0)
return NULL;
/* Put it in lowercase; stop at the first dot. */
for (cp = localhostname; *cp; ++cp) {
if (*cp == '.') {
if ((cp = strchr(localhostname, '.')))
*cp = '\0';
break;
}
*cp = TOR_TOLOWER(*cp);
}
tor_strlower(localhostname);
/* Strip invalid characters. */
cp = localhostname;
@ -1761,6 +1762,14 @@ get_default_nickname(void)
if (strlen(out) > MAX_NICKNAME_LEN)
out[MAX_NICKNAME_LEN]='\0';
/* Check for dumb names. */
for (i = 0; bad_default_nicknames[i]; ++i) {
if (!strcmp(out, bad_default_nicknames[i])) {
tor_free(out);
return NULL;
}
}
return out;
}
@ -2122,11 +2131,15 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->Nickname == NULL) {
if (server_mode(options)) {
if (!(options->Nickname = get_default_nickname()))
REJECT("Error obtaining local hostname");
if (!(options->Nickname = get_default_nickname())) {
log_notice(LD_CONFIG, "Couldn't pick a nickname hostname based on "
"our hostname; using %s instead.", UNNAMED_ROUTER_NICKNAME);
options->Nickname = tor_strdup(UNNAMED_ROUTER_NICKNAME);
} else {
log_notice(LD_CONFIG, "Choosing default nickname '%s'",
options->Nickname);
}
}
} else {
if (!is_legal_nickname(options->Nickname)) {
r = tor_snprintf(buf, sizeof(buf),

View File

@ -89,6 +89,12 @@ add_fingerprint_to_dir(const char *nickname, const char *fp, smartlist_t *list)
fingerprint = tor_strdup(fp);
tor_strstrip(fingerprint, " ");
if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) {
log_warn(LD_DIRSERV, "Tried to add a mapping for reserved nickname %s",
UNNAMED_ROUTER_NICKNAME);
return 0;
}
if (nickname[0] != '!') {
for (i = 0; i < smartlist_len(list); ++i) {
ent = smartlist_get(list, i);
@ -317,6 +323,9 @@ dirserv_get_status_impl(const char *fp, const char *nickname,
if (0==strcasecmp(nn_ent->fingerprint, fp)) {
if (should_log)
log_debug(LD_DIRSERV,"Good fingerprint for '%s'",nickname);
if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
return FP_VALID;
else
return FP_NAMED; /* Right fingerprint. */
} else {
if (should_log) {
@ -1448,6 +1457,9 @@ generate_v2_networkstatus(void)
char identity64[BASE64_DIGEST_LEN+1];
char digest64[BASE64_DIGEST_LEN+1];
if (!strcasecmp(ri->nickname, UNNAMED_ROUTER_NICKNAME))
f_named = 0;
format_iso_time(published, ri->cache_info.published_on);
digest_to_base64(identity64, ri->cache_info.identity_digest);

View File

@ -2112,6 +2112,8 @@ char *directory_dump_request_log(void);
/********************************* dirserv.c ***************************/
#define UNNAMED_ROUTER_NICKNAME "Unnamed"
int connection_dirserv_flushed_some(dir_connection_t *conn);
int dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk);
int dirserv_load_fingerprint_file(void);

View File

@ -1047,6 +1047,8 @@ router_get_by_nickname(const char *nickname, int warn_if_unnamed)
return NULL;
if (nickname[0] == '$')
return router_get_by_hexdigest(nickname);
if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
return NULL;
if (server_mode(get_options()) &&
!strcasecmp(nickname, get_options()->Nickname))
return router_get_my_routerinfo();

View File

@ -1064,6 +1064,9 @@ routerstatus_parse_entry_from_string(const char **s, smartlist_t *tokens)
}
}
if (!strcasecmp(rs->nickname, UNNAMED_ROUTER_NICKNAME))
rs->is_named = 0;
goto done;
err:
if (rs)