tor

relay_find_addr.c (8957B)

---

/* Copyright (c) 2001-2021, The Tor Project, Inc. */
/* See LICENSE for licensing information */

/**
* \file relay_find_addr.c
* \brief Implement mechanism for a relay to find its address.
**/

#include "core/or/or.h"

#include "app/config/config.h"
#include "app/config/resolve_addr.h"

#include "core/mainloop/mainloop.h"
#include "core/or/circuitlist.h"
#include "core/or/circuituse.h"
#include "core/or/extendinfo.h"

#include "feature/control/control_events.h"
#include "feature/dircommon/dir_connection_st.h"
#include "feature/nodelist/dirlist.h"
#include "feature/nodelist/node_select.h"
#include "feature/nodelist/nodelist.h"
#include "feature/nodelist/routerstatus_st.h"
#include "feature/relay/relay_find_addr.h"
#include "feature/relay/router.h"
#include "feature/relay/routermode.h"

/** Consider the address suggestion suggested_addr as a possible one to use as
* our address.
*
* This is called when a valid NETINFO cell is received containing a candidate
* for our address or when a directory sends us back the X-Your-Address-Is
* header.
*
* The suggested address is ignored if it does NOT come from a trusted source.
* At the moment, we only look a trusted directory authorities.
*
* The suggested address is ignored if it is internal or it is the same as the
* given peer_addr which is the address from the endpoint that sent the
* NETINFO cell.
*
* The identity_digest is NULL if this is an address suggested by a directory
* since this is a plaintext connection.
*
* The suggested address is set in our suggested address cache if everything
* passes. */
void
relay_address_new_suggestion(const tor_addr_t *suggested_addr,
                            const tor_addr_t *peer_addr,
                            const char *identity_digest)
{
 const or_options_t *options = get_options();

 tor_assert(suggested_addr);
 tor_assert(peer_addr);

 /* Non server should just ignore this suggestion. Clients don't need to
  * learn their address let alone cache it. */
 if (!server_mode(options)) {
   return;
 }

 /* Is the peer a trusted source? Ignore anything coming from non trusted
  * source. In this case, we only look at trusted directory authorities. */
 if (!router_addr_is_trusted_dir(peer_addr) ||
     (identity_digest && !router_digest_is_trusted_dir(identity_digest))) {
   return;
 }

 /* Ignore a suggestion that is an internal address or the same as the one
  * the peer address. */
 if (tor_addr_is_internal(suggested_addr, 0)) {
   /* Do not believe anyone who says our address is internal. */
   return;
 }
 if (tor_addr_eq(suggested_addr, peer_addr)) {
   /* Do not believe anyone who says our address is their address. */
   log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
          "A relay endpoint %s is telling us that their address is ours.",
          safe_str(fmt_addr(peer_addr)));
   return;
 }

 /* Save the suggestion in our cache. */
 resolved_addr_set_suggested(suggested_addr);
}

/** Find our address to be published in our descriptor. Three places are
* looked at:
*
*    1. Resolved cache. Populated by find_my_address() during the relay
*       periodic event that attempts to learn if our address has changed.
*
*    2. If flags is set with RELAY_FIND_ADDR_CACHE_ONLY, only the resolved
*       and suggested cache are looked at. No address discovery will be done.
*
*    3. Finally, if all fails, use the suggested address cache which is
*       populated by the NETINFO cell content or HTTP header from a
*       directory.
*
* The AddressDisableIPv6 is checked here for IPv6 address discovery and if
* set, false is returned and addr_out is UNSPEC.
*
* Before doing any discovery, the configuration is checked for an ORPort of
* the given family. If none can be found, false is returned and addr_out is
* UNSPEC.
*
* Return true on success and addr_out contains the address to use for the
* given family. On failure to find the address, false is returned and
* addr_out is set to an AF_UNSPEC address. */
MOCK_IMPL(bool,
relay_find_addr_to_publish, (const or_options_t *options, int family,
                            int flags, tor_addr_t *addr_out))
{
 tor_assert(options);
 tor_assert(addr_out);

 tor_addr_make_unspec(addr_out);

 /* If an IPv6 is requested, check if IPv6 address discovery is disabled on
  * this instance. If so, we return a failure. It is done here so we don't
  * query the suggested cache that might be populated with an IPv6. */
 if (family == AF_INET6 && options->AddressDisableIPv6) {
   return false;
 }

 /* There is no point on attempting an address discovery to publish if we
  * don't have an ORPort for this family. */
 if (!routerconf_find_or_port(options, family)) {
   return false;
 }

 /* First, check our resolved address cache. It should contain the address
  * we've discovered from the periodic relay event. */
 resolved_addr_get_last(family, addr_out);
 if (!tor_addr_is_null(addr_out)) {
   goto found;
 }

 /* Second, attempt to find our address. The following can do a DNS resolve
  * thus only do it when the no cache only flag is flipped. */
 if (!(flags & RELAY_FIND_ADDR_CACHE_ONLY)) {
   if (find_my_address(options, family, LOG_INFO, addr_out, NULL, NULL)) {
     goto found;
   }
 }

 /* Third, consider address from our suggestion cache. */
 resolved_addr_get_suggested(family, addr_out);
 if (!tor_addr_is_null(addr_out)) {
   goto found;
 }

 /* No publishable address was found even though we have an ORPort thus
  * print a notice log so operator can notice. We'll do that every hour so
  * it is not too spammy but enough so operators address the issue. */
 static ratelim_t rlim = RATELIM_INIT(3600);
 log_fn_ratelim(&rlim, LOG_NOTICE, LD_CONFIG,
                "Unable to find %s address for ORPort %u. "
                "You might want to specify %sOnly to it or set an "
                "explicit address or set Address.",
                fmt_af_family(family),
                routerconf_find_or_port(options, family),
                (family == AF_INET) ? fmt_af_family(AF_INET6) :
                                      fmt_af_family(AF_INET));

 /* Not found. */
 return false;

found:
 return true;
}

/** How often should we launch a circuit to an authority to be sure of getting
* a guess for our IP? */
#define DUMMY_DOWNLOAD_INTERVAL (20*60)

void
relay_addr_learn_from_dirauth(void)
{
 static time_t last_dummy_circuit = 0;
 const or_options_t *options = get_options();
 time_t now = time(NULL);
 bool have_addr;
 tor_addr_t addr_out;

 /* This dummy circuit only matter for relays. */
 if (BUG(!server_mode(options))) {
   return;
 }

 /* Lookup the address cache to learn if we have a good usable address. We
  * still force relays to have an IPv4 so that alone is enough to learn if we
  * need a lookup. In case we don't have one, we might want to attempt a
  * dummy circuit to learn our address as a suggestion from an authority. */
 have_addr = relay_find_addr_to_publish(options, AF_INET,
                                        RELAY_FIND_ADDR_CACHE_ONLY,
                                        &addr_out);

 /* If we're a relay or bridge for which we were unable to discover our
  * public address, we rely on learning our address from a directory
  * authority from the NETINFO cell. */
 if (!have_addr && last_dummy_circuit + DUMMY_DOWNLOAD_INTERVAL < now) {
   last_dummy_circuit = now;

   const routerstatus_t *rs = router_pick_trusteddirserver(V3_DIRINFO, 0);
   if (BUG(!rs)) {
     /* We should really always have trusted directories configured at this
      * stage. They are loaded early either from default list or the one
      * given in the configuration file. */
     return;
   }
   const node_t *node = node_get_by_id(rs->identity_digest);
   extend_info_t *ei = NULL;
   if (node) {
     ei = extend_info_from_node(node, 1, false);
   }
   if (!node || !ei) {
     /* This can happen if we are still in the early starting stage where no
      * descriptors we actually fetched and thus we have the routerstatus_t
      * for the authority but not its descriptor which is needed to build a
      * circuit and thus learn our address. */
     log_info(LD_GENERAL,
              "Trying to learn our IP address by connecting to an "
              "authority, but can't build a circuit to one yet. Will try "
              "again soon.");
     return;
   }

   log_debug(LD_GENERAL, "Attempting dummy testing circuit to an authority "
                         "in order to learn our address.");

   /* Launch a one-hop testing circuit to a trusted authority so we can learn
    * our address through the NETINFO cell. */
   circuit_launch_by_extend_info(CIRCUIT_PURPOSE_TESTING, ei,
                                 CIRCLAUNCH_IS_INTERNAL |
                                 CIRCLAUNCH_ONEHOP_TUNNEL);
   extend_info_free(ei);
 }
}