directory.c
上传用户:awang829
上传日期:2019-07-14
资源大小:2356k
文件大小:132k
- }
- if (conn->_base.purpose == DIR_PURPOSE_UPLOAD_DIR) {
- switch (status_code) {
- case 200: {
- trusted_dir_server_t *ds =
- router_get_trusteddirserver_by_digest(conn->identity_digest);
- char *rejected_hdr = http_get_header(headers,
- "X-Descriptor-Not-New: ");
- int rejected = 0;
- if (rejected_hdr) {
- if (!strcmp(rejected_hdr, "Yes")) {
- log_info(LD_GENERAL,
- "Authority '%s' declined our descriptor (not new)",
- ds->nickname);
- /* XXXX use this information; be sure to upload next one
- * sooner. -NM */
- /* XXXX021 On further thought, the task above implies that we're
- * basing our regenerate-descriptor time on when we uploaded the
- * last descriptor, not on the published time of the last
- * descriptor. If those are different, that's a bad thing to
- * do. -NM */
- rejected = 1;
- }
- tor_free(rejected_hdr);
- }
- log_info(LD_GENERAL,"eof (status 200) after uploading server "
- "descriptor: finished.");
- control_event_server_status(
- LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d",
- conn->_base.address, conn->_base.port);
- ds->has_accepted_serverdesc = 1;
- if (directories_have_accepted_server_descriptor())
- control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR");
- }
- break;
- case 400:
- log_warn(LD_GENERAL,"http status 400 (%s) response from "
- "dirserver '%s:%d'. Please correct.",
- escaped(reason), conn->_base.address, conn->_base.port);
- control_event_server_status(LOG_WARN,
- "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON="%s"",
- conn->_base.address, conn->_base.port, escaped(reason));
- break;
- default:
- log_warn(LD_GENERAL,
- "http status %d (%s) reason unexpected while uploading "
- "descriptor to server '%s:%d').",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- /* return 0 in all cases, since we don't want to mark any
- * dirservers down just because they don't like us. */
- }
- if (conn->_base.purpose == DIR_PURPOSE_UPLOAD_VOTE) {
- switch (status_code) {
- case 200: {
- log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d",
- conn->_base.address, conn->_base.port);
- }
- break;
- case 400:
- log_warn(LD_DIR,"http status 400 (%s) response after uploading "
- "vote to dirserver '%s:%d'. Please correct.",
- escaped(reason), conn->_base.address, conn->_base.port);
- break;
- default:
- log_warn(LD_GENERAL,
- "http status %d (%s) reason unexpected while uploading "
- "vote to server '%s:%d').",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- /* return 0 in all cases, since we don't want to mark any
- * dirservers down just because they don't like us. */
- }
- if (conn->_base.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES) {
- switch (status_code) {
- case 200: {
- log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d",
- conn->_base.address, conn->_base.port);
- }
- break;
- case 400:
- log_warn(LD_DIR,"http status 400 (%s) response after uploading "
- "signatures to dirserver '%s:%d'. Please correct.",
- escaped(reason), conn->_base.address, conn->_base.port);
- break;
- default:
- log_warn(LD_GENERAL,
- "http status %d (%s) reason unexpected while uploading "
- "signatures to server '%s:%d').",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- /* return 0 in all cases, since we don't want to mark any
- * dirservers down just because they don't like us. */
- }
- if (conn->_base.purpose == DIR_PURPOSE_FETCH_RENDDESC) {
- tor_assert(conn->rend_data);
- log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
- "(%s))",
- (int)body_len, status_code, escaped(reason));
- switch (status_code) {
- case 200:
- if (rend_cache_store(body, body_len, 0) < -1) {
- log_warn(LD_REND,"Failed to parse rendezvous descriptor.");
- /* Any pending rendezvous attempts will notice when
- * connection_about_to_close_connection()
- * cleans this dir conn up. */
- /* We could retry. But since v0 descriptors are going out of
- * style, it isn't worth the hassle. We'll do better in v2. */
- } else {
- /* Success, or at least there's a v2 descriptor already
- * present. Notify pending connections about this. */
- conn->_base.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
- rend_client_desc_trynow(conn->rend_data->onion_address, -1);
- }
- break;
- case 404:
- /* Not there. Pending connections will be notified when
- * connection_about_to_close_connection() cleans this conn up. */
- break;
- case 400:
- log_warn(LD_REND,
- "http status 400 (%s). Dirserver didn't like our "
- "rendezvous query?", escaped(reason));
- break;
- default:
- log_warn(LD_REND,"http status %d (%s) response unexpected while "
- "fetching hidden service descriptor (server '%s:%d').",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- }
- if (conn->_base.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2) {
- tor_assert(conn->rend_data);
- log_info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
- "(%s))",
- (int)body_len, status_code, escaped(reason));
- switch (status_code) {
- case 200:
- switch (rend_cache_store_v2_desc_as_client(body, conn->rend_data)) {
- case -2:
- log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. "
- "Retrying at another directory.");
- /* We'll retry when connection_about_to_close_connection()
- * cleans this dir conn up. */
- break;
- case -1:
- /* We already have a v0 descriptor here. Ignoring this one
- * and _not_ performing another request. */
- log_info(LD_REND, "Successfully fetched v2 rendezvous "
- "descriptor, but we already have a v0 descriptor.");
- conn->_base.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
- break;
- default:
- /* success. notify pending connections about this. */
- log_info(LD_REND, "Successfully fetched v2 rendezvous "
- "descriptor.");
- conn->_base.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
- rend_client_desc_trynow(conn->rend_data->onion_address, -1);
- break;
- }
- break;
- case 404:
- /* Not there. We'll retry when
- * connection_about_to_close_connection() cleans this conn up. */
- log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: "
- "Retrying at another directory.");
- break;
- case 400:
- log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
- "http status 400 (%s). Dirserver didn't like our "
- "v2 rendezvous query? Retrying at another directory.",
- escaped(reason));
- break;
- default:
- log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: "
- "http status %d (%s) response unexpected while "
- "fetching v2 hidden service descriptor (server '%s:%d'). "
- "Retrying at another directory.",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- }
- if (conn->_base.purpose == DIR_PURPOSE_UPLOAD_RENDDESC ||
- conn->_base.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) {
- log_info(LD_REND,"Uploaded rendezvous descriptor (status %d "
- "(%s))",
- status_code, escaped(reason));
- switch (status_code) {
- case 200:
- log_info(LD_REND,
- "Uploading rendezvous descriptor: finished with status "
- "200 (%s)", escaped(reason));
- break;
- case 400:
- log_warn(LD_REND,"http status 400 (%s) response from dirserver "
- "'%s:%d'. Malformed rendezvous descriptor?",
- escaped(reason), conn->_base.address, conn->_base.port);
- break;
- case 503:
- log_info(LD_REND,"http status 503 (%s) response from dirserver "
- "'%s:%d'. Node is (currently) not acting as v2 hidden "
- "service directory.",
- escaped(reason), conn->_base.address, conn->_base.port);
- break;
- default:
- log_warn(LD_REND,"http status %d (%s) response unexpected (server "
- "'%s:%d').",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- break;
- }
- }
- note_client_request(conn->_base.purpose, was_compressed, orig_len);
- tor_free(body); tor_free(headers); tor_free(reason);
- return 0;
- }
- /** Called when a directory connection reaches EOF. */
- int
- connection_dir_reached_eof(dir_connection_t *conn)
- {
- int retval;
- if (conn->_base.state != DIR_CONN_STATE_CLIENT_READING) {
- log_info(LD_HTTP,"conn reached eof, not reading. [state=%d] Closing.",
- conn->_base.state);
- connection_close_immediate(TO_CONN(conn)); /* error: give up on flushing */
- connection_mark_for_close(TO_CONN(conn));
- return -1;
- }
- retval = connection_dir_client_reached_eof(conn);
- if (retval == 0) /* success */
- conn->_base.state = DIR_CONN_STATE_CLIENT_FINISHED;
- connection_mark_for_close(TO_CONN(conn));
- return retval;
- }
- /** If any directory object is arriving, and it's over 10MB large, we're
- * getting DoS'd. (As of 0.1.2.x, raw directories are about 1MB, and we never
- * ask for more than 96 router descriptors at a time.)
- */
- #define MAX_DIRECTORY_OBJECT_SIZE (10*(1<<20))
- /** Read handler for directory connections. (That's connections <em>to</em>
- * directory servers and connections <em>at</em> directory servers.)
- */
- int
- connection_dir_process_inbuf(dir_connection_t *conn)
- {
- tor_assert(conn);
- tor_assert(conn->_base.type == CONN_TYPE_DIR);
- /* Directory clients write, then read data until they receive EOF;
- * directory servers read data until they get an HTTP command, then
- * write their response (when it's finished flushing, they mark for
- * close).
- */
- /* If we're on the dirserver side, look for a command. */
- if (conn->_base.state == DIR_CONN_STATE_SERVER_COMMAND_WAIT) {
- if (directory_handle_command(conn) < 0) {
- connection_mark_for_close(TO_CONN(conn));
- return -1;
- }
- return 0;
- }
- if (buf_datalen(conn->_base.inbuf) > MAX_DIRECTORY_OBJECT_SIZE) {
- log_warn(LD_HTTP, "Too much data received from directory connection: "
- "denial of service attempt, or you need to upgrade?");
- connection_mark_for_close(TO_CONN(conn));
- return -1;
- }
- if (!conn->_base.inbuf_reached_eof)
- log_debug(LD_HTTP,"Got data, not eof. Leaving on inbuf.");
- return 0;
- }
- /** Create an http response for the client <b>conn</b> out of
- * <b>status</b> and <b>reason_phrase</b>. Write it to <b>conn</b>.
- */
- static void
- write_http_status_line(dir_connection_t *conn, int status,
- const char *reason_phrase)
- {
- char buf[256];
- if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %srnrn",
- status, reason_phrase ? reason_phrase : "OK") < 0) {
- log_warn(LD_BUG,"status line too long.");
- return;
- }
- connection_write_to_buf(buf, strlen(buf), TO_CONN(conn));
- }
- /** Write the header for an HTTP/1.0 response onto <b>conn</b>->outbuf,
- * with <b>type</b> as the Content-Type.
- *
- * If <b>length</b> is nonnegative, it is the Content-Length.
- * If <b>encoding</b> is provided, it is the Content-Encoding.
- * If <b>cache_lifetime</b> is greater than 0, the content may be cached for
- * up to cache_lifetime seconds. Otherwise, the content may not be cached. */
- static void
- write_http_response_header_impl(dir_connection_t *conn, ssize_t length,
- const char *type, const char *encoding,
- const char *extra_headers,
- long cache_lifetime)
- {
- char date[RFC1123_TIME_LEN+1];
- char tmp[1024];
- char *cp;
- time_t now = time(NULL);
- tor_assert(conn);
- format_rfc1123_time(date, now);
- cp = tmp;
- tor_snprintf(cp, sizeof(tmp),
- "HTTP/1.0 200 OKrnDate: %srn",
- date);
- cp += strlen(tmp);
- if (type) {
- tor_snprintf(cp, sizeof(tmp)-(cp-tmp), "Content-Type: %srn", type);
- cp += strlen(cp);
- }
- if (!is_local_addr(&conn->_base.addr)) {
- /* Don't report the source address for a nearby/private connection.
- * Otherwise we tend to mis-report in cases where incoming ports are
- * being forwarded to a Tor server running behind the firewall. */
- tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
- X_ADDRESS_HEADER "%srn", conn->_base.address);
- cp += strlen(cp);
- }
- if (encoding) {
- tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
- "Content-Encoding: %srn", encoding);
- cp += strlen(cp);
- }
- if (length >= 0) {
- tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
- "Content-Length: %ldrn", (long)length);
- cp += strlen(cp);
- }
- if (cache_lifetime > 0) {
- char expbuf[RFC1123_TIME_LEN+1];
- format_rfc1123_time(expbuf, now + cache_lifetime);
- /* We could say 'Cache-control: max-age=%d' here if we start doing
- * http/1.1 */
- tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
- "Expires: %srn", expbuf);
- cp += strlen(cp);
- } else if (cache_lifetime == 0) {
- /* We could say 'Cache-control: no-cache' here if we start doing
- * http/1.1 */
- strlcpy(cp, "Pragma: no-cachern", sizeof(tmp)-(cp-tmp));
- cp += strlen(cp);
- }
- if (extra_headers) {
- strlcpy(cp, extra_headers, sizeof(tmp)-(cp-tmp));
- cp += strlen(cp);
- }
- if (sizeof(tmp)-(cp-tmp) > 3)
- memcpy(cp, "rn", 3);
- else
- tor_assert(0);
- connection_write_to_buf(tmp, strlen(tmp), TO_CONN(conn));
- }
- /** As write_http_response_header_impl, but sets encoding and content-typed
- * based on whether the response will be <b>compressed</b> or not. */
- static void
- write_http_response_header(dir_connection_t *conn, ssize_t length,
- int compressed, long cache_lifetime)
- {
- write_http_response_header_impl(conn, length,
- compressed?"application/octet-stream":"text/plain",
- compressed?"deflate":"identity",
- NULL,
- cache_lifetime);
- }
- #ifdef INSTRUMENT_DOWNLOADS
- typedef struct request_t {
- uint64_t bytes; /**< How many bytes have we transferred? */
- uint64_t count; /**< How many requests have we made? */
- } request_t;
- /** Map used to keep track of how much data we've up/downloaded in what kind
- * of request. Maps from request type to pointer to request_t. */
- static strmap_t *request_map = NULL;
- /** Record that a client request of <b>purpose</b> was made, and that
- * <b>bytes</b> bytes of possibly <b>compressed</b> data were sent/received.
- * Used to keep track of how much we've up/downloaded in what kind of
- * request. */
- static void
- note_client_request(int purpose, int compressed, size_t bytes)
- {
- char *key;
- const char *kind = NULL;
- switch (purpose) {
- case DIR_PURPOSE_FETCH_V2_NETWORKSTATUS: kind = "dl/status"; break;
- case DIR_PURPOSE_FETCH_CONSENSUS: kind = "dl/consensus"; break;
- case DIR_PURPOSE_FETCH_CERTIFICATE: kind = "dl/cert"; break;
- case DIR_PURPOSE_FETCH_STATUS_VOTE: kind = "dl/vote"; break;
- case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES: kind = "dl/detached_sig";
- break;
- case DIR_PURPOSE_FETCH_SERVERDESC: kind = "dl/server"; break;
- case DIR_PURPOSE_FETCH_EXTRAINFO: kind = "dl/extra"; break;
- case DIR_PURPOSE_UPLOAD_DIR: kind = "dl/ul-dir"; break;
- case DIR_PURPOSE_UPLOAD_VOTE: kind = "dl/ul-vote"; break;
- case DIR_PURPOSE_UPLOAD_SIGNATURES: kind = "dl/ul-sig"; break;
- case DIR_PURPOSE_FETCH_RENDDESC: kind = "dl/rend"; break;
- case DIR_PURPOSE_FETCH_RENDDESC_V2: kind = "dl/rend2"; break;
- case DIR_PURPOSE_UPLOAD_RENDDESC: kind = "dl/ul-rend"; break;
- case DIR_PURPOSE_UPLOAD_RENDDESC_V2: kind = "dl/ul-rend2"; break;
- }
- if (kind) {
- key = tor_malloc(256);
- tor_snprintf(key, 256, "%s%s", kind, compressed?".z":"");
- } else {
- key = tor_malloc(256);
- tor_snprintf(key, 256, "unknown purpose (%d)%s",
- purpose, compressed?".z":"");
- }
- note_request(key, bytes);
- tor_free(key);
- }
- /** Helper: initialize the request map to instrument downloads. */
- static void
- ensure_request_map_initialized(void)
- {
- if (!request_map)
- request_map = strmap_new();
- }
- /** Called when we just transmitted or received <b>bytes</b> worth of data
- * because of a request of type <b>key</b> (an arbitrary identifier): adds
- * <b>bytes</b> to the total associated with key. */
- void
- note_request(const char *key, size_t bytes)
- {
- request_t *r;
- ensure_request_map_initialized();
- r = strmap_get(request_map, key);
- if (!r) {
- r = tor_malloc_zero(sizeof(request_t));
- strmap_set(request_map, key, r);
- }
- r->bytes += bytes;
- r->count++;
- }
- /** Return a newly allocated string holding a summary of bytes used per
- * request type. */
- char *
- directory_dump_request_log(void)
- {
- smartlist_t *lines;
- char tmp[256];
- char *result;
- strmap_iter_t *iter;
- ensure_request_map_initialized();
- lines = smartlist_create();
- for (iter = strmap_iter_init(request_map);
- !strmap_iter_done(iter);
- iter = strmap_iter_next(request_map, iter)) {
- const char *key;
- void *val;
- request_t *r;
- strmap_iter_get(iter, &key, &val);
- r = val;
- tor_snprintf(tmp, sizeof(tmp), "%s "U64_FORMAT" "U64_FORMAT"n",
- key, U64_PRINTF_ARG(r->bytes), U64_PRINTF_ARG(r->count));
- smartlist_add(lines, tor_strdup(tmp));
- }
- smartlist_sort_strings(lines);
- result = smartlist_join_strings(lines, "", 0, NULL);
- SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
- smartlist_free(lines);
- return result;
- }
- #else
- static void
- note_client_request(int purpose, int compressed, size_t bytes)
- {
- (void)purpose;
- (void)compressed;
- (void)bytes;
- }
- void
- note_request(const char *key, size_t bytes)
- {
- (void)key;
- (void)bytes;
- }
- char *
- directory_dump_request_log(void)
- {
- return tor_strdup("Not supported.");
- }
- #endif
- /** Decide whether a client would accept the consensus we have
- *
- * Clients can say they only want a consensus if it's signed by more
- * than half the authorities in a list. They pass this list in
- * the url as "...consensus/<b>fpr</b>+<b>fpr</b>+<b>fpr</b>".
- *
- * <b>fpr</b> may be an abbreviated fingerprint, i.e. only a left substring
- * of the full authority identity digest. (Only strings of even length,
- * i.e. encodings of full bytes, are handled correctly. In the case
- * of an odd number of hex digits the last one is silently ignored.)
- *
- * Returns 1 if more than half of the requested authorities signed the
- * consensus, 0 otherwise.
- */
- int
- client_likes_consensus(networkstatus_t *v, const char *want_url)
- {
- smartlist_t *want_authorities = smartlist_create();
- int need_at_least;
- int have = 0;
- dir_split_resource_into_fingerprints(want_url, want_authorities, NULL, 0, 0);
- need_at_least = smartlist_len(want_authorities)/2+1;
- SMARTLIST_FOREACH(want_authorities, const char *, d, {
- char want_digest[DIGEST_LEN];
- size_t want_len = strlen(d)/2;
- if (want_len > DIGEST_LEN)
- want_len = DIGEST_LEN;
- if (base16_decode(want_digest, DIGEST_LEN, d, want_len*2) < 0) {
- log_warn(LD_DIR,"Failed to decode requested authority digest %s.", d);
- continue;
- };
- SMARTLIST_FOREACH(v->voters, networkstatus_voter_info_t *, vi, {
- if (vi->signature &&
- !memcmp(vi->identity_digest, want_digest, want_len)) {
- have++;
- break;
- };
- });
- /* early exit, if we already have enough */
- if (have >= need_at_least)
- break;
- });
- SMARTLIST_FOREACH(want_authorities, char *, d, tor_free(d));
- smartlist_free(want_authorities);
- return (have >= need_at_least);
- }
- /** Helper function: called when a dirserver gets a complete HTTP GET
- * request. Look for a request for a directory or for a rendezvous
- * service descriptor. On finding one, write a response into
- * conn->outbuf. If the request is unrecognized, send a 400.
- * Always return 0. */
- static int
- directory_handle_command_get(dir_connection_t *conn, const char *headers,
- const char *body, size_t body_len)
- {
- size_t dlen;
- char *url, *url_mem, *header;
- or_options_t *options = get_options();
- time_t if_modified_since = 0;
- int compressed;
- size_t url_len;
- /* We ignore the body of a GET request. */
- (void)body;
- (void)body_len;
- log_debug(LD_DIRSERV,"Received GET command.");
- conn->_base.state = DIR_CONN_STATE_SERVER_WRITING;
- if (parse_http_url(headers, &url) < 0) {
- write_http_status_line(conn, 400, "Bad request");
- return 0;
- }
- if ((header = http_get_header(headers, "If-Modified-Since: "))) {
- struct tm tm;
- if (parse_http_time(header, &tm) == 0) {
- if_modified_since = tor_timegm(&tm);
- }
- /* The correct behavior on a malformed If-Modified-Since header is to
- * act as if no If-Modified-Since header had been given. */
- tor_free(header);
- }
- log_debug(LD_DIRSERV,"rewritten url as '%s'.", url);
- url_mem = url;
- url_len = strlen(url);
- compressed = url_len > 2 && !strcmp(url+url_len-2, ".z");
- if (compressed) {
- url[url_len-2] = ' ';
- url_len -= 2;
- }
- if (!strcmp(url,"/tor/")) {
- const char *frontpage = get_dirportfrontpage();
- if (frontpage) {
- dlen = strlen(frontpage);
- /* Let's return a disclaimer page (users shouldn't use V1 anymore,
- and caches don't fetch '/', so this is safe). */
- /* [We don't check for write_bucket_low here, since we want to serve
- * this page no matter what.] */
- note_request(url, dlen);
- write_http_response_header_impl(conn, dlen, "text/html", "identity",
- NULL, DIRPORTFRONTPAGE_CACHE_LIFETIME);
- connection_write_to_buf(frontpage, dlen, TO_CONN(conn));
- goto done;
- }
- /* if no disclaimer file, fall through and continue */
- }
- if (!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir")) { /* v1 dir fetch */
- cached_dir_t *d = dirserv_get_directory();
- if (!d) {
- log_info(LD_DIRSERV,"Client asked for the mirrored directory, but we "
- "don't have a good one yet. Sending 503 Dir not available.");
- write_http_status_line(conn, 503, "Directory unavailable");
- goto done;
- }
- if (d->published < if_modified_since) {
- write_http_status_line(conn, 304, "Not modified");
- goto done;
- }
- dlen = compressed ? d->dir_z_len : d->dir_len;
- if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
- log_debug(LD_DIRSERV,
- "Client asked for the mirrored directory, but we've been "
- "writing too many bytes lately. Sending 503 Dir busy.");
- write_http_status_line(conn, 503, "Directory busy, try again later");
- goto done;
- }
- note_request(url, dlen);
- log_debug(LD_DIRSERV,"Dumping %sdirectory to client.",
- compressed?"compressed ":"");
- write_http_response_header(conn, dlen, compressed,
- FULL_DIR_CACHE_LIFETIME);
- conn->cached_dir = d;
- conn->cached_dir_offset = 0;
- if (!compressed)
- conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
- ++d->refcnt;
- /* Prime the connection with some data. */
- conn->dir_spool_src = DIR_SPOOL_CACHED_DIR;
- connection_dirserv_flushed_some(conn);
- goto done;
- }
- if (!strcmp(url,"/tor/running-routers")) { /* running-routers fetch */
- cached_dir_t *d = dirserv_get_runningrouters();
- if (!d) {
- write_http_status_line(conn, 503, "Directory unavailable");
- goto done;
- }
- if (d->published < if_modified_since) {
- write_http_status_line(conn, 304, "Not modified");
- goto done;
- }
- dlen = compressed ? d->dir_z_len : d->dir_len;
- if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
- log_info(LD_DIRSERV,
- "Client asked for running-routers, but we've been "
- "writing too many bytes lately. Sending 503 Dir busy.");
- write_http_status_line(conn, 503, "Directory busy, try again later");
- goto done;
- }
- note_request(url, dlen);
- write_http_response_header(conn, dlen, compressed,
- RUNNINGROUTERS_CACHE_LIFETIME);
- connection_write_to_buf(compressed ? d->dir_z : d->dir, dlen,
- TO_CONN(conn));
- goto done;
- }
- if (!strcmpstart(url,"/tor/status/")
- || !strcmpstart(url, "/tor/status-vote/current/consensus")) {
- /* v2 or v3 network status fetch. */
- smartlist_t *dir_fps = smartlist_create();
- int is_v3 = !strcmpstart(url, "/tor/status-vote");
- const char *request_type = NULL;
- const char *key = url + strlen("/tor/status/");
- long lifetime = NETWORKSTATUS_CACHE_LIFETIME;
- if (!is_v3) {
- dirserv_get_networkstatus_v2_fingerprints(dir_fps, key);
- if (!strcmpstart(key, "fp/"))
- request_type = compressed?"/tor/status/fp.z":"/tor/status/fp";
- else if (!strcmpstart(key, "authority"))
- request_type = compressed?"/tor/status/authority.z":
- "/tor/status/authority";
- else if (!strcmpstart(key, "all"))
- request_type = compressed?"/tor/status/all.z":"/tor/status/all";
- else
- request_type = "/tor/status/?";
- } else {
- networkstatus_t *v = networkstatus_get_latest_consensus();
- time_t now = time(NULL);
- #define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/"
- if (v &&
- !strcmpstart(url, CONSENSUS_URL_PREFIX) &&
- !client_likes_consensus(v, url + strlen(CONSENSUS_URL_PREFIX))) {
- write_http_status_line(conn, 404, "Consensus not signed by sufficient "
- "number of requested authorities");
- smartlist_free(dir_fps);
- goto done;
- }
- smartlist_add(dir_fps, tor_memdup("