search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Now that FOO_free(NULL) always works, remove checks before calling it.
[tor.git] / src / or / routerlist.c
blob7275e1d5ce44baba67fb34d673cc95b516702768
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2009, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file routerlist.c
9 * \brief Code to
10 * maintain and access the global list of routerinfos for known
11 * servers.
12 **/
13
14 #include "or.h"
15
16 // #define DEBUG_ROUTERLIST
17
18 /****************************************************************************/
19
20 /* static function prototypes */
21 static routerstatus_t *router_pick_directory_server_impl(
22 authority_type_t auth, int flags);
23 static routerstatus_t *router_pick_trusteddirserver_impl(
24 authority_type_t auth, int flags, int *n_busy_out);
25 static void mark_all_trusteddirservers_up(void);
26 static int router_nickname_matches(routerinfo_t *router, const char *nickname);
27 static void trusted_dir_server_free(trusted_dir_server_t *ds);
28 static void launch_router_descriptor_downloads(smartlist_t *downloadable,
29 time_t now);
30 static void update_consensus_router_descriptor_downloads(time_t now);
31 static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
32 static void update_router_have_minimum_dir_info(void);
33 static const char *signed_descriptor_get_body_impl(signed_descriptor_t *desc,
34 int with_annotations);
35 static void list_pending_downloads(digestmap_t *result,
36 int purpose, const char *prefix);
37
38 DECLARE_TYPED_DIGESTMAP_FNS(sdmap_, digest_sd_map_t, signed_descriptor_t)
39 DECLARE_TYPED_DIGESTMAP_FNS(rimap_, digest_ri_map_t, routerinfo_t)
40 DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
41 #define SDMAP_FOREACH(map, keyvar, valvar) \
42 DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
43 valvar)
44 #define RIMAP_FOREACH(map, keyvar, valvar) \
45 DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
46 #define EIMAP_FOREACH(map, keyvar, valvar) \
47 DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
48
49 /****************************************************************************/
50
51 /** Global list of a trusted_dir_server_t object for each trusted directory
52 * server. */
53 static smartlist_t *trusted_dir_servers = NULL;
54
55 /** List of for a given authority, and download status for latest certificate.
56 */
57 typedef struct cert_list_t {
58 download_status_t dl_status;
59 smartlist_t *certs;
60 } cert_list_t;
61 /** Map from v3 identity key digest to cert_list_t. */
62 static digestmap_t *trusted_dir_certs = NULL;
63 /** True iff any key certificate in at least one member of
64 * <b>trusted_dir_certs</b> has changed since we last flushed the
65 * certificates to disk. */
66 static int trusted_dir_servers_certs_changed = 0;
67
68 /** Global list of all of the routers that we know about. */
69 static routerlist_t *routerlist = NULL;
70
71 /** List of strings for nicknames we've already warned about and that are
72 * still unknown / unavailable. */
73 static smartlist_t *warned_nicknames = NULL;
74
75 /** The last time we tried to download any routerdesc, or 0 for "never". We
76 * use this to rate-limit download attempts when the number of routerdescs to
77 * download is low. */
78 static time_t last_routerdesc_download_attempted = 0;
79
80 /** When we last computed the weights to use for bandwidths on directory
81 * requests, what were the total weighted bandwidth, and our share of that
82 * bandwidth? Used to determine what fraction of directory requests we should
83 * expect to see. */
84 static uint64_t sl_last_total_weighted_bw = 0,
85 sl_last_weighted_bw_of_me = 0;
86
87 /** Return the number of directory authorities whose type matches some bit set
88 * in <b>type</b> */
89 int
90 get_n_authorities(authority_type_t type)
91 {
92 int n = 0;
93 if (!trusted_dir_servers)
94 return 0;
95 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
96 if (ds->type & type)
97 ++n);
98 return n;
99 }
100
101 #define get_n_v2_authorities() get_n_authorities(V2_AUTHORITY)
102
103 /** Helper: Return the cert_list_t for an authority whose authority ID is
104 * <b>id_digest</b>, allocating a new list if necessary. */
105 static cert_list_t *
106 get_cert_list(const char *id_digest)
107 {
108 cert_list_t *cl;
109 if (!trusted_dir_certs)
110 trusted_dir_certs = digestmap_new();
111 cl = digestmap_get(trusted_dir_certs, id_digest);
112 if (!cl) {
113 cl = tor_malloc_zero(sizeof(cert_list_t));
114 cl->dl_status.schedule = DL_SCHED_CONSENSUS;
115 cl->certs = smartlist_create();
116 digestmap_set(trusted_dir_certs, id_digest, cl);
117 }
118 return cl;
119 }
120
121 /** Reload the cached v3 key certificates from the cached-certs file in
122 * the data directory. Return 0 on success, -1 on failure. */
123 int
124 trusted_dirs_reload_certs(void)
125 {
126 char *filename;
127 char *contents;
128 int r;
129
130 filename = get_datadir_fname("cached-certs");
131 contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
132 tor_free(filename);
133 if (!contents)
134 return 0;
135 r = trusted_dirs_load_certs_from_string(contents, 1, 1);
136 tor_free(contents);
137 return r;
138 }
139
140 /** Helper: return true iff we already have loaded the exact cert
141 * <b>cert</b>. */
142 static INLINE int
143 already_have_cert(authority_cert_t *cert)
144 {
145 cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
146
147 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
148 {
149 if (!memcmp(c->cache_info.signed_descriptor_digest,
150 cert->cache_info.signed_descriptor_digest,
151 DIGEST_LEN))
152 return 1;
153 });
154 return 0;
155 }
156
157 /** Load a bunch of new key certificates from the string <b>contents</b>. If
158 * <b>from_store</b> is true, the certificates are from the cache, and we
159 * don't need to flush them to disk. If <b>flush</b> is true, we need
160 * to flush any changed certificates to disk now. Return 0 on success, -1
161 * if any certs fail to parse. */
162 int
163 trusted_dirs_load_certs_from_string(const char *contents, int from_store,
164 int flush)
165 {
166 trusted_dir_server_t *ds;
167 const char *s, *eos;
168 int failure_code = 0;
169
170 for (s = contents; *s; s = eos) {
171 authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
172 cert_list_t *cl;
173 if (!cert) {
174 failure_code = -1;
175 break;
176 }
177 ds = trusteddirserver_get_by_v3_auth_digest(
178 cert->cache_info.identity_digest);
179 log_debug(LD_DIR, "Parsed certificate for %s",
180 ds ? ds->nickname : "unknown authority");
181
182 if (already_have_cert(cert)) {
183 /* we already have this one. continue. */
184 log_info(LD_DIR, "Skipping %s certificate for %s that we "
185 "already have.",
186 from_store ? "cached" : "downloaded",
187 ds ? ds->nickname : "??");
188
189 /* a duplicate on a download should be treated as a failure, since it
190 * probably means we wanted a different secret key or we are trying to
191 * replace an expired cert that has not in fact been updated. */
192 if (!from_store) {
193 log_warn(LD_DIR, "Got a certificate for %s that we already have. "
194 "Maybe they haven't updated it. Waiting for a while.",
195 ds ? ds->nickname : "??");
196 authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
197 }
198
199 authority_cert_free(cert);
200 continue;
201 }
202
203 if (ds) {
204 log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
205 "signing key %s", from_store ? "cached" : "downloaded",
206 ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
207 } else {
208 int adding = directory_caches_dir_info(get_options());
209 log_info(LD_DIR, "%s %s certificate for unrecognized directory "
210 "authority with signing key %s",
211 adding ? "Adding" : "Not adding",
212 from_store ? "cached" : "downloaded",
213 hex_str(cert->signing_key_digest,DIGEST_LEN));
214 if (!adding) {
215 authority_cert_free(cert);
216 continue;
217 }
218 }
219
220 cl = get_cert_list(cert->cache_info.identity_digest);
221 smartlist_add(cl->certs, cert);
222 if (ds && cert->cache_info.published_on > ds->addr_current_at) {
223 /* Check to see whether we should update our view of the authority's
224 * address. */
225 if (cert->addr && cert->dir_port &&
226 (ds->addr != cert->addr ||
227 ds->dir_port != cert->dir_port)) {
228 char *a = tor_dup_ip(cert->addr);
229 log_notice(LD_DIR, "Updating address for directory authority %s "
230 "from %s:%d to %s:%d based on certificate.",
231 ds->nickname, ds->address, (int)ds->dir_port,
232 a, cert->dir_port);
233 tor_free(a);
234 ds->addr = cert->addr;
235 ds->dir_port = cert->dir_port;
236 }
237 ds->addr_current_at = cert->cache_info.published_on;
238 }
239
240 if (!from_store)
241 trusted_dir_servers_certs_changed = 1;
242 }
243
244 if (flush)
245 trusted_dirs_flush_certs_to_disk();
246
247 /* call this even if failure_code is <0, since some certs might have
248 * succeeded. */
249 networkstatus_note_certs_arrived();
250
251 return failure_code;
252 }
253
254 /** Save all v3 key certificates to the cached-certs file. */
255 void
256 trusted_dirs_flush_certs_to_disk(void)
257 {
258 char *filename;
259 smartlist_t *chunks;
260
261 if (!trusted_dir_servers_certs_changed || !trusted_dir_certs)
262 return;
263
264 chunks = smartlist_create();
265 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
266 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
267 {
268 sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
269 c->bytes = cert->cache_info.signed_descriptor_body;
270 c->len = cert->cache_info.signed_descriptor_len;
271 smartlist_add(chunks, c);
272 });
273 } DIGESTMAP_FOREACH_END;
274
275 filename = get_datadir_fname("cached-certs");
276 if (write_chunks_to_file(filename, chunks, 0)) {
277 log_warn(LD_FS, "Error writing certificates to disk.");
278 }
279 tor_free(filename);
280 SMARTLIST_FOREACH(chunks, sized_chunk_t *, c, tor_free(c));
281 smartlist_free(chunks);
282
283 trusted_dir_servers_certs_changed = 0;
284 }
285
286 /** Remove all v3 authority certificates that have been superseded for more
287 * than 48 hours. (If the most recent cert was published more than 48 hours
288 * ago, then we aren't going to get any consensuses signed with older
289 * keys.) */
290 static void
291 trusted_dirs_remove_old_certs(void)
292 {
293 time_t now = time(NULL);
294 #define DEAD_CERT_LIFETIME (2*24*60*60)
295 #define OLD_CERT_LIFETIME (7*24*60*60)
296 if (!trusted_dir_certs)
297 return;
298
299 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
300 authority_cert_t *newest = NULL;
301 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
302 if (!newest || (cert->cache_info.published_on >
303 newest->cache_info.published_on))
304 newest = cert);
305 if (newest) {
306 const time_t newest_published = newest->cache_info.published_on;
307 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
308 int expired;
309 time_t cert_published;
310 if (newest == cert)
311 continue;
312 expired = ftime_definitely_after(now, cert->expires);
313 cert_published = cert->cache_info.published_on;
314 /* Store expired certs for 48 hours after a newer arrives;
315 */
316 if (expired ?
317 (newest_published + DEAD_CERT_LIFETIME < now) :
318 (cert_published + OLD_CERT_LIFETIME < newest_published)) {
319 SMARTLIST_DEL_CURRENT(cl->certs, cert);
320 authority_cert_free(cert);
321 trusted_dir_servers_certs_changed = 1;
322 }
323 } SMARTLIST_FOREACH_END(cert);
324 }
325 } DIGESTMAP_FOREACH_END;
326 #undef OLD_CERT_LIFETIME
327
328 trusted_dirs_flush_certs_to_disk();
329 }
330
331 /** Return the newest v3 authority certificate whose v3 authority identity key
332 * has digest <b>id_digest</b>. Return NULL if no such authority is known,
333 * or it has no certificate. */
334 authority_cert_t *
335 authority_cert_get_newest_by_id(const char *id_digest)
336 {
337 cert_list_t *cl;
338 authority_cert_t *best = NULL;
339 if (!trusted_dir_certs ||
340 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
341 return NULL;
342
343 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
344 {
345 if (!best || cert->cache_info.published_on > best->cache_info.published_on)
346 best = cert;
347 });
348 return best;
349 }
350
351 /** Return the newest v3 authority certificate whose directory signing key has
352 * digest <b>sk_digest</b>. Return NULL if no such certificate is known.
353 */
354 authority_cert_t *
355 authority_cert_get_by_sk_digest(const char *sk_digest)
356 {
357 authority_cert_t *c;
358 if (!trusted_dir_certs)
359 return NULL;
360
361 if ((c = get_my_v3_authority_cert()) &&
362 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
363 return c;
364 if ((c = get_my_v3_legacy_cert()) &&
365 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
366 return c;
367
368 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
369 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
370 {
371 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
372 return cert;
373 });
374 } DIGESTMAP_FOREACH_END;
375 return NULL;
376 }
377
378 /** Return the v3 authority certificate with signing key matching
379 * <b>sk_digest</b>, for the authority with identity digest <b>id_digest</b>.
380 * Return NULL if no such authority is known. */
381 authority_cert_t *
382 authority_cert_get_by_digests(const char *id_digest,
383 const char *sk_digest)
384 {
385 cert_list_t *cl;
386 if (!trusted_dir_certs ||
387 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
388 return NULL;
389 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
390 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
391 return cert; );
392
393 return NULL;
394 }
395
396 /** Add every known authority_cert_t to <b>certs_out</b>. */
397 void
398 authority_cert_get_all(smartlist_t *certs_out)
399 {
400 tor_assert(certs_out);
401 if (!trusted_dir_certs)
402 return;
403
404 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
405 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
406 smartlist_add(certs_out, c));
407 } DIGESTMAP_FOREACH_END;
408 }
409
410 /** Called when an attempt to download a certificate with the authority with
411 * ID <b>id_digest</b> fails with HTTP response code <b>status</b>: remember
412 * the failure, so we don't try again immediately. */
413 void
414 authority_cert_dl_failed(const char *id_digest, int status)
415 {
416 cert_list_t *cl;
417 if (!trusted_dir_certs ||
418 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
419 return;
420
421 download_status_failed(&cl->dl_status, status);
422 }
423
424 /** How many times will we try to fetch a certificate before giving up? */
425 #define MAX_CERT_DL_FAILURES 8
426
427 /** Try to download any v3 authority certificates that we may be missing. If
428 * <b>status</b> is provided, try to get all the ones that were used to sign
429 * <b>status</b>. Additionally, try to have a non-expired certificate for
430 * every V3 authority in trusted_dir_servers. Don't fetch certificates we
431 * already have.
432 **/
433 void
434 authority_certs_fetch_missing(networkstatus_t *status, time_t now)
435 {
436 digestmap_t *pending;
437 authority_cert_t *cert;
438 smartlist_t *missing_digests;
439 char *resource = NULL;
440 cert_list_t *cl;
441 const int cache = directory_caches_dir_info(get_options());
442
443 if (should_delay_dir_fetches(get_options()))
444 return;
445
446 pending = digestmap_new();
447 missing_digests = smartlist_create();
448
449 list_pending_downloads(pending, DIR_PURPOSE_FETCH_CERTIFICATE, "fp/");
450 if (status) {
451 SMARTLIST_FOREACH_BEGIN(status->voters, networkstatus_voter_info_t *,
452 voter) {
453 if (!smartlist_len(voter->sigs))
454 continue; /* This authority never signed this consensus, so don't
455 * go looking for a cert with key digest 0000000000. */
456 if (!cache &&
457 !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
458 continue; /* We are not a cache, and we don't know this authority.*/
459 cl = get_cert_list(voter->identity_digest);
460 SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
461 cert = authority_cert_get_by_digests(voter->identity_digest,
462 sig->signing_key_digest);
463 if (cert) {
464 if (now < cert->expires)
465 download_status_reset(&cl->dl_status);
466 continue;
467 }
468 if (download_status_is_ready(&cl->dl_status, now,
469 MAX_CERT_DL_FAILURES) &&
470 !digestmap_get(pending, voter->identity_digest)) {
471 log_notice(LD_DIR, "We're missing a certificate from authority "
472 "with signing key %s: launching request.",
473 hex_str(sig->signing_key_digest, DIGEST_LEN));
474 smartlist_add(missing_digests, sig->identity_digest);
475 }
476 } SMARTLIST_FOREACH_END(sig);
477 } SMARTLIST_FOREACH_END(voter);
478 }
479 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, ds) {
480 int found = 0;
481 if (!(ds->type & V3_AUTHORITY))
482 continue;
483 if (smartlist_digest_isin(missing_digests, ds->v3_identity_digest))
484 continue;
485 cl = get_cert_list(ds->v3_identity_digest);
486 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert, {
487 if (!ftime_definitely_after(now, cert->expires)) {
488 /* It's not expired, and we weren't looking for something to
489 * verify a consensus with. Call it done. */
490 download_status_reset(&cl->dl_status);
491 found = 1;
492 break;
493 }
494 });
495 if (!found &&
496 download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
497 !digestmap_get(pending, ds->v3_identity_digest)) {
498 log_notice(LD_DIR, "No current certificate known for authority %s; "
499 "launching request.", ds->nickname);
500 smartlist_add(missing_digests, ds->v3_identity_digest);
501 }
502 } SMARTLIST_FOREACH_END(ds);
503
504 if (!smartlist_len(missing_digests)) {
505 goto done;
506 } else {
507 smartlist_t *fps = smartlist_create();
508 smartlist_add(fps, tor_strdup("fp/"));
509 SMARTLIST_FOREACH(missing_digests, const char *, d, {
510 char *fp;
511 if (digestmap_get(pending, d))
512 continue;
513 fp = tor_malloc(HEX_DIGEST_LEN+2);
514 base16_encode(fp, HEX_DIGEST_LEN+1, d, DIGEST_LEN);
515 fp[HEX_DIGEST_LEN] = '+';
516 fp[HEX_DIGEST_LEN+1] = '\0';
517 smartlist_add(fps, fp);
518 });
519 if (smartlist_len(fps) == 1) {
520 /* we didn't add any: they were all pending */
521 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
522 smartlist_free(fps);
523 goto done;
524 }
525 resource = smartlist_join_strings(fps, "", 0, NULL);
526 resource[strlen(resource)-1] = '\0';
527 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
528 smartlist_free(fps);
529 }
530 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
531 resource, PDS_RETRY_IF_NO_SERVERS);
532
533 done:
534 tor_free(resource);
535 smartlist_free(missing_digests);
536 digestmap_free(pending, NULL);
537 }
538
539 /* Router descriptor storage.
540 *
541 * Routerdescs are stored in a big file, named "cached-descriptors". As new
542 * routerdescs arrive, we append them to a journal file named
543 * "cached-descriptors.new".
544 *
545 * From time to time, we replace "cached-descriptors" with a new file
546 * containing only the live, non-superseded descriptors, and clear
547 * cached-routers.new.
548 *
549 * On startup, we read both files.
550 */
551
552 /** Helper: return 1 iff the router log is so big we want to rebuild the
553 * store. */
554 static int
555 router_should_rebuild_store(desc_store_t *store)
556 {
557 if (store->store_len > (1<<16))
558 return (store->journal_len > store->store_len / 2 ||
559 store->bytes_dropped > store->store_len / 2);
560 else
561 return store->journal_len > (1<<15);
562 }
563
564 /** Return the desc_store_t in <b>rl</b> that should be used to store
565 * <b>sd</b>. */
566 static INLINE desc_store_t *
567 desc_get_store(routerlist_t *rl, signed_descriptor_t *sd)
568 {
569 if (sd->is_extrainfo)
570 return &rl->extrainfo_store;
571 else
572 return &rl->desc_store;
573 }
574
575 /** Add the signed_descriptor_t in <b>desc</b> to the router
576 * journal; change its saved_location to SAVED_IN_JOURNAL and set its
577 * offset appropriately. */
578 static int
579 signed_desc_append_to_journal(signed_descriptor_t *desc,
580 desc_store_t *store)
581 {
582 char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
583 const char *body = signed_descriptor_get_body_impl(desc,1);
584 size_t len = desc->signed_descriptor_len + desc->annotations_len;
585
586 tor_assert(len == strlen(body));
587
588 if (append_bytes_to_file(fname, body, len, 1)) {
589 log_warn(LD_FS, "Unable to store router descriptor");
590 tor_free(fname);
591 return -1;
592 }
593 desc->saved_location = SAVED_IN_JOURNAL;
594 tor_free(fname);
595
596 desc->saved_offset = store->journal_len;
597 store->journal_len += len;
598
599 return 0;
600 }
601
602 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
603 * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
604 * the signed_descriptor_t* in *<b>b</b>. */
605 static int
606 _compare_signed_descriptors_by_age(const void **_a, const void **_b)
607 {
608 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
609 return (int)(r1->published_on - r2->published_on);
610 }
611
612 #define RRS_FORCE 1
613 #define RRS_DONT_REMOVE_OLD 2
614
615 /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
616 * <b>flags</b>, then atomically replace the saved router store with the
617 * routers currently in our routerlist, and clear the journal. Unless
618 * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
619 * rebuilding the store. Return 0 on success, -1 on failure.
620 */
621 static int
622 router_rebuild_store(int flags, desc_store_t *store)
623 {
624 smartlist_t *chunk_list = NULL;
625 char *fname = NULL, *fname_tmp = NULL;
626 int r = -1;
627 off_t offset = 0;
628 smartlist_t *signed_descriptors = NULL;
629 int nocache=0;
630 size_t total_expected_len = 0;
631 int had_any;
632 int force = flags & RRS_FORCE;
633
634 if (!force && !router_should_rebuild_store(store)) {
635 r = 0;
636 goto done;
637 }
638 if (!routerlist) {
639 r = 0;
640 goto done;
641 }
642
643 if (store->type == EXTRAINFO_STORE)
644 had_any = !eimap_isempty(routerlist->extra_info_map);
645 else
646 had_any = (smartlist_len(routerlist->routers)+
647 smartlist_len(routerlist->old_routers))>0;
648
649 /* Don't save deadweight. */
650 if (!(flags & RRS_DONT_REMOVE_OLD))
651 routerlist_remove_old_routers();
652
653 log_info(LD_DIR, "Rebuilding %s cache", store->description);
654
655 fname = get_datadir_fname(store->fname_base);
656 fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
657
658 chunk_list = smartlist_create();
659
660 /* We sort the routers by age to enhance locality on disk. */
661 signed_descriptors = smartlist_create();
662 if (store->type == EXTRAINFO_STORE) {
663 eimap_iter_t *iter;
664 for (iter = eimap_iter_init(routerlist->extra_info_map);
665 !eimap_iter_done(iter);
666 iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
667 const char *key;
668 extrainfo_t *ei;
669 eimap_iter_get(iter, &key, &ei);
670 smartlist_add(signed_descriptors, &ei->cache_info);
671 }
672 } else {
673 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
674 smartlist_add(signed_descriptors, sd));
675 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
676 smartlist_add(signed_descriptors, &ri->cache_info));
677 }
678
679 smartlist_sort(signed_descriptors, _compare_signed_descriptors_by_age);
680
681 /* Now, add the appropriate members to chunk_list */
682 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
683 {
684 sized_chunk_t *c;
685 const char *body = signed_descriptor_get_body_impl(sd, 1);
686 if (!body) {
687 log_warn(LD_BUG, "No descriptor available for router.");
688 goto done;
689 }
690 if (sd->do_not_cache) {
691 ++nocache;
692 continue;
693 }
694 c = tor_malloc(sizeof(sized_chunk_t));
695 c->bytes = body;
696 c->len = sd->signed_descriptor_len + sd->annotations_len;
697 total_expected_len += c->len;
698 smartlist_add(chunk_list, c);
699 });
700
701 if (write_chunks_to_file(fname_tmp, chunk_list, 1)<0) {
702 log_warn(LD_FS, "Error writing router store to disk.");
703 goto done;
704 }
705
706 /* Our mmap is now invalid. */
707 if (store->mmap) {
708 tor_munmap_file(store->mmap);
709 store->mmap = NULL;
710 }
711
712 if (replace_file(fname_tmp, fname)<0) {
713 log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
714 goto done;
715 }
716
717 errno = 0;
718 store->mmap = tor_mmap_file(fname);
719 if (! store->mmap) {
720 if (errno == ERANGE) {
721 /* empty store.*/
722 if (total_expected_len) {
723 log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
724 " but when we went to mmap it, it was empty!", fname);
725 } else if (had_any) {
726 log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
727 "okay if we're just starting up after a long time. "
728 "Otherwise, it's a bug.", fname);
729 }
730 } else {
731 log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
732 }
733 }
734
735 log_info(LD_DIR, "Reconstructing pointers into cache");
736
737 offset = 0;
738 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
739 {
740 if (sd->do_not_cache)
741 continue;
742 sd->saved_location = SAVED_IN_CACHE;
743 if (store->mmap) {
744 tor_free(sd->signed_descriptor_body); // sets it to null
745 sd->saved_offset = offset;
746 }
747 offset += sd->signed_descriptor_len + sd->annotations_len;
748 signed_descriptor_get_body(sd); /* reconstruct and assert */
749 });
750
751 tor_free(fname);
752 fname = get_datadir_fname_suffix(store->fname_base, ".new");
753 write_str_to_file(fname, "", 1);
754
755 r = 0;
756 store->store_len = (size_t) offset;
757 store->journal_len = 0;
758 store->bytes_dropped = 0;
759 done:
760 smartlist_free(signed_descriptors);
761 tor_free(fname);
762 tor_free(fname_tmp);
763 if (chunk_list) {
764 SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
765 smartlist_free(chunk_list);
766 }
767
768 return r;
769 }
770
771 /** Helper: Reload a cache file and its associated journal, setting metadata
772 * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
773 * else reload the router descriptor store. */
774 static int
775 router_reload_router_list_impl(desc_store_t *store)
776 {
777 char *fname = NULL, *altname = NULL, *contents = NULL;
778 struct stat st;
779 int read_from_old_location = 0;
780 int extrainfo = (store->type == EXTRAINFO_STORE);
781 time_t now = time(NULL);
782 store->journal_len = store->store_len = 0;
783
784 fname = get_datadir_fname(store->fname_base);
785 if (store->fname_alt_base)
786 altname = get_datadir_fname(store->fname_alt_base);
787
788 if (store->mmap) /* get rid of it first */
789 tor_munmap_file(store->mmap);
790 store->mmap = NULL;
791
792 store->mmap = tor_mmap_file(fname);
793 if (!store->mmap && altname && file_status(altname) == FN_FILE) {
794 read_from_old_location = 1;
795 log_notice(LD_DIR, "Couldn't read %s; trying to load routers from old "
796 "location %s.", fname, altname);
797 if ((store->mmap = tor_mmap_file(altname)))
798 read_from_old_location = 1;
799 }
800 if (altname && !read_from_old_location) {
801 remove_file_if_very_old(altname, now);
802 }
803 if (store->mmap) {
804 store->store_len = store->mmap->size;
805 if (extrainfo)
806 router_load_extrainfo_from_string(store->mmap->data,
807 store->mmap->data+store->mmap->size,
808 SAVED_IN_CACHE, NULL, 0);
809 else
810 router_load_routers_from_string(store->mmap->data,
811 store->mmap->data+store->mmap->size,
812 SAVED_IN_CACHE, NULL, 0, NULL);
813 }
814
815 tor_free(fname);
816 fname = get_datadir_fname_suffix(store->fname_base, ".new");
817 if (file_status(fname) == FN_FILE)
818 contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
819 if (read_from_old_location) {
820 tor_free(altname);
821 altname = get_datadir_fname_suffix(store->fname_alt_base, ".new");
822 if (!contents)
823 contents = read_file_to_str(altname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
824 else
825 remove_file_if_very_old(altname, now);
826 }
827 if (contents) {
828 if (extrainfo)
829 router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
830 NULL, 0);
831 else
832 router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
833 NULL, 0, NULL);
834 store->journal_len = (size_t) st.st_size;
835 tor_free(contents);
836 }
837
838 tor_free(fname);
839 tor_free(altname);
840
841 if (store->journal_len || read_from_old_location) {
842 /* Always clear the journal on startup.*/
843 router_rebuild_store(RRS_FORCE, store);
844 } else if (!extrainfo) {
845 /* Don't cache expired routers. (This is in an else because
846 * router_rebuild_store() also calls remove_old_routers().) */
847 routerlist_remove_old_routers();
848 }
849
850 return 0;
851 }
852
853 /** Load all cached router descriptors and extra-info documents from the
854 * store. Return 0 on success and -1 on failure.
855 */
856 int
857 router_reload_router_list(void)
858 {
859 routerlist_t *rl = router_get_routerlist();
860 if (router_reload_router_list_impl(&rl->desc_store))
861 return -1;
862 if (router_reload_router_list_impl(&rl->extrainfo_store))
863 return -1;
864 return 0;
865 }
866
867 /** Return a smartlist containing a list of trusted_dir_server_t * for all
868 * known trusted dirservers. Callers must not modify the list or its
869 * contents.
870 */
871 smartlist_t *
872 router_get_trusted_dir_servers(void)
873 {
874 if (!trusted_dir_servers)
875 trusted_dir_servers = smartlist_create();
876
877 return trusted_dir_servers;
878 }
879
880 /** Try to find a running dirserver that supports operations of <b>type</b>.
881 *
882 * If there are no running dirservers in our routerlist and the
883 * <b>PDS_RETRY_IF_NO_SERVERS</b> flag is set, set all the authoritative ones
884 * as running again, and pick one.
885 *
886 * If the <b>PDS_IGNORE_FASCISTFIREWALL</b> flag is set, then include
887 * dirservers that we can't reach.
888 *
889 * If the <b>PDS_ALLOW_SELF</b> flag is not set, then don't include ourself
890 * (if we're a dirserver).
891 *
892 * Don't pick an authority if any non-authority is viable; try to avoid using
893 * servers that have returned 503 recently.
894 */
895 routerstatus_t *
896 router_pick_directory_server(authority_type_t type, int flags)
897 {
898 routerstatus_t *choice;
899 if (get_options()->PreferTunneledDirConns)
900 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
901
902 if (!routerlist)
903 return NULL;
904
905 choice = router_pick_directory_server_impl(type, flags);
906 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
907 return choice;
908
909 log_info(LD_DIR,
910 "No reachable router entries for dirservers. "
911 "Trying them all again.");
912 /* mark all authdirservers as up again */
913 mark_all_trusteddirservers_up();
914 /* try again */
915 choice = router_pick_directory_server_impl(type, flags);
916 return choice;
917 }
918
919 /** Try to determine which fraction of v2 and v3 directory requests aimed at
920 * caches will be sent to us. Set *<b>v2_share_out</b> and
921 * *<b>v3_share_out</b> to the fractions of v2 and v3 protocol shares we
922 * expect to see, respectively. Return 0 on success, negative on failure. */
923 int
924 router_get_my_share_of_directory_requests(double *v2_share_out,
925 double *v3_share_out)
926 {
927 routerinfo_t *me = router_get_my_routerinfo();
928 routerstatus_t *rs;
929 const int pds_flags = PDS_ALLOW_SELF|PDS_IGNORE_FASCISTFIREWALL;
930 *v2_share_out = *v3_share_out = 0.0;
931 if (!me)
932 return -1;
933 rs = router_get_consensus_status_by_id(me->cache_info.identity_digest);
934 if (!rs)
935 return -1;
936
937 /* Calling for side effect */
938 /* XXXX This is a bit of a kludge */
939 if (rs->is_v2_dir) {
940 sl_last_total_weighted_bw = 0;
941 router_pick_directory_server(V2_AUTHORITY, pds_flags);
942 if (sl_last_total_weighted_bw != 0) {
943 *v2_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
944 U64_TO_DBL(sl_last_total_weighted_bw);
945 }
946 }
947
948 if (rs->version_supports_v3_dir) {
949 sl_last_total_weighted_bw = 0;
950 router_pick_directory_server(V3_AUTHORITY, pds_flags);
951 if (sl_last_total_weighted_bw != 0) {
952 *v3_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
953 U64_TO_DBL(sl_last_total_weighted_bw);
954 }
955 }
956
957 return 0;
958 }
959
960 /** Return the trusted_dir_server_t for the directory authority whose identity
961 * key hashes to <b>digest</b>, or NULL if no such authority is known.
962 */
963 trusted_dir_server_t *
964 router_get_trusteddirserver_by_digest(const char *digest)
965 {
966 if (!trusted_dir_servers)
967 return NULL;
968
969 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
970 {
971 if (!memcmp(ds->digest, digest, DIGEST_LEN))
972 return ds;
973 });
974
975 return NULL;
976 }
977
978 /** Return the trusted_dir_server_t for the directory authority whose identity
979 * key hashes to <b>digest</b>, or NULL if no such authority is known.
980 */
981 trusted_dir_server_t *
982 trusteddirserver_get_by_v3_auth_digest(const char *digest)
983 {
984 if (!trusted_dir_servers)
985 return NULL;
986
987 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
988 {
989 if (!memcmp(ds->v3_identity_digest, digest, DIGEST_LEN) &&
990 (ds->type & V3_AUTHORITY))
991 return ds;
992 });
993
994 return NULL;
995 }
996
997 /** Try to find a running trusted dirserver. Flags are as for
998 * router_pick_directory_server.
999 */
1000 routerstatus_t *
1001 router_pick_trusteddirserver(authority_type_t type, int flags)
1002 {
1003 routerstatus_t *choice;
1004 int busy = 0;
1005 if (get_options()->PreferTunneledDirConns)
1006 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
1007
1008 choice = router_pick_trusteddirserver_impl(type, flags, &busy);
1009 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1010 return choice;
1011 if (busy) {
1012 /* If the reason that we got no server is that servers are "busy",
1013 * we must be excluding good servers because we already have serverdesc
1014 * fetches with them. Do not mark down servers up because of this. */
1015 tor_assert((flags & PDS_NO_EXISTING_SERVERDESC_FETCH));
1016 return NULL;
1017 }
1018
1019 log_info(LD_DIR,
1020 "No trusted dirservers are reachable. Trying them all again.");
1021 mark_all_trusteddirservers_up();
1022 return router_pick_trusteddirserver_impl(type, flags, NULL);
1023 }
1024
1025 /** How long do we avoid using a directory server after it's given us a 503? */
1026 #define DIR_503_TIMEOUT (60*60)
1027
1028 /** Pick a random running valid directory server/mirror from our
1029 * routerlist. Arguments are as for router_pick_directory_server(), except
1030 * that RETRY_IF_NO_SERVERS is ignored, and:
1031 *
1032 * If the _PDS_PREFER_TUNNELED_DIR_CONNS flag is set, prefer directory servers
1033 * that we can use with BEGINDIR.
1034 */
1035 static routerstatus_t *
1036 router_pick_directory_server_impl(authority_type_t type, int flags)
1037 {
1038 routerstatus_t *result;
1039 smartlist_t *direct, *tunnel;
1040 smartlist_t *trusted_direct, *trusted_tunnel;
1041 smartlist_t *overloaded_direct, *overloaded_tunnel;
1042 time_t now = time(NULL);
1043 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1044 int requireother = ! (flags & PDS_ALLOW_SELF);
1045 int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1046 int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1047
1048 if (!consensus)
1049 return NULL;
1050
1051 direct = smartlist_create();
1052 tunnel = smartlist_create();
1053 trusted_direct = smartlist_create();
1054 trusted_tunnel = smartlist_create();
1055 overloaded_direct = smartlist_create();
1056 overloaded_tunnel = smartlist_create();
1057
1058 /* Find all the running dirservers we know about. */
1059 SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, routerstatus_t *,
1060 status) {
1061 int is_trusted;
1062 int is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now;
1063 tor_addr_t addr;
1064 if (!status->is_running || !status->dir_port || !status->is_valid)
1065 continue;
1066 if (status->is_bad_directory)
1067 continue;
1068 if (requireother && router_digest_is_me(status->identity_digest))
1069 continue;
1070 if (type & V3_AUTHORITY) {
1071 if (!(status->version_supports_v3_dir ||
1072 router_digest_is_trusted_dir_type(status->identity_digest,
1073 V3_AUTHORITY)))
1074 continue;
1075 }
1076 is_trusted = router_digest_is_trusted_dir(status->identity_digest);
1077 if ((type & V2_AUTHORITY) && !(status->is_v2_dir || is_trusted))
1078 continue;
1079 if ((type & EXTRAINFO_CACHE) &&
1080 !router_supports_extrainfo(status->identity_digest, 0))
1081 continue;
1082
1083 /* XXXX IP6 proposal 118 */
1084 tor_addr_from_ipv4h(&addr, status->addr);
1085
1086 if (prefer_tunnel &&
1087 status->version_supports_begindir &&
1088 (!fascistfirewall ||
1089 fascist_firewall_allows_address_or(&addr, status->or_port)))
1090 smartlist_add(is_trusted ? trusted_tunnel :
1091 is_overloaded ? overloaded_tunnel : tunnel, status);
1092 else if (!fascistfirewall ||
1093 fascist_firewall_allows_address_dir(&addr, status->dir_port))
1094 smartlist_add(is_trusted ? trusted_direct :
1095 is_overloaded ? overloaded_direct : direct, status);
1096 } SMARTLIST_FOREACH_END(status);
1097
1098 if (smartlist_len(tunnel)) {
1099 result = routerstatus_sl_choose_by_bandwidth(tunnel);
1100 } else if (smartlist_len(overloaded_tunnel)) {
1101 result = routerstatus_sl_choose_by_bandwidth(overloaded_tunnel);
1102 } else if (smartlist_len(trusted_tunnel)) {
1103 /* FFFF We don't distinguish between trusteds and overloaded trusteds
1104 * yet. Maybe one day we should. */
1105 /* FFFF We also don't load balance over authorities yet. I think this
1106 * is a feature, but it could easily be a bug. -RD */
1107 result = smartlist_choose(trusted_tunnel);
1108 } else if (smartlist_len(direct)) {
1109 result = routerstatus_sl_choose_by_bandwidth(direct);
1110 } else if (smartlist_len(overloaded_direct)) {
1111 result = routerstatus_sl_choose_by_bandwidth(overloaded_direct);
1112 } else {
1113 result = smartlist_choose(trusted_direct);
1114 }
1115 smartlist_free(direct);
1116 smartlist_free(tunnel);
1117 smartlist_free(trusted_direct);
1118 smartlist_free(trusted_tunnel);
1119 smartlist_free(overloaded_direct);
1120 smartlist_free(overloaded_tunnel);
1121 return result;
1122 }
1123
1124 /** Choose randomly from among the trusted dirservers that are up. Flags
1125 * are as for router_pick_directory_server_impl().
1126 */
1127 static routerstatus_t *
1128 router_pick_trusteddirserver_impl(authority_type_t type, int flags,
1129 int *n_busy_out)
1130 {
1131 smartlist_t *direct, *tunnel;
1132 smartlist_t *overloaded_direct, *overloaded_tunnel;
1133 routerinfo_t *me = router_get_my_routerinfo();
1134 routerstatus_t *result;
1135 time_t now = time(NULL);
1136 const int requireother = ! (flags & PDS_ALLOW_SELF);
1137 const int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1138 const int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1139 const int no_serverdesc_fetching =(flags & PDS_NO_EXISTING_SERVERDESC_FETCH);
1140 int n_busy = 0;
1141
1142 if (!trusted_dir_servers)
1143 return NULL;
1144
1145 direct = smartlist_create();
1146 tunnel = smartlist_create();
1147 overloaded_direct = smartlist_create();
1148 overloaded_tunnel = smartlist_create();
1149
1150 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, d)
1151 {
1152 int is_overloaded =
1153 d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now;
1154 tor_addr_t addr;
1155 if (!d->is_running) continue;
1156 if ((type & d->type) == 0)
1157 continue;
1158 if ((type & EXTRAINFO_CACHE) &&
1159 !router_supports_extrainfo(d->digest, 1))
1160 continue;
1161 if (requireother && me && router_digest_is_me(d->digest))
1162 continue;
1163
1164 /* XXXX IP6 proposal 118 */
1165 tor_addr_from_ipv4h(&addr, d->addr);
1166
1167 if (no_serverdesc_fetching) {
1168 if (connection_get_by_type_addr_port_purpose(
1169 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)
1170 || connection_get_by_type_addr_port_purpose(
1171 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_EXTRAINFO)) {
1172 //log_debug(LD_DIR, "We have an existing connection to fetch "
1173 // "descriptor from %s; delaying",d->description);
1174 ++n_busy;
1175 continue;
1176 }
1177 }
1178
1179 if (prefer_tunnel &&
1180 d->or_port &&
1181 (!fascistfirewall ||
1182 fascist_firewall_allows_address_or(&addr, d->or_port)))
1183 smartlist_add(is_overloaded ? overloaded_tunnel : tunnel,
1184 &d->fake_status);
1185 else if (!fascistfirewall ||
1186 fascist_firewall_allows_address_dir(&addr, d->dir_port))
1187 smartlist_add(is_overloaded ? overloaded_direct : direct,
1188 &d->fake_status);
1189 }
1190 SMARTLIST_FOREACH_END(d);
1191
1192 if (smartlist_len(tunnel)) {
1193 result = smartlist_choose(tunnel);
1194 } else if (smartlist_len(overloaded_tunnel)) {
1195 result = smartlist_choose(overloaded_tunnel);
1196 } else if (smartlist_len(direct)) {
1197 result = smartlist_choose(direct);
1198 } else {
1199 result = smartlist_choose(overloaded_direct);
1200 }
1201
1202 if (n_busy_out)
1203 *n_busy_out = n_busy;
1204
1205 smartlist_free(direct);
1206 smartlist_free(tunnel);
1207 smartlist_free(overloaded_direct);
1208 smartlist_free(overloaded_tunnel);
1209 return result;
1210 }
1211
1212 /** Go through and mark the authoritative dirservers as up. */
1213 static void
1214 mark_all_trusteddirservers_up(void)
1215 {
1216 if (routerlist) {
1217 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1218 if (router_digest_is_trusted_dir(router->cache_info.identity_digest) &&
1219 router->dir_port > 0) {
1220 router->is_running = 1;
1221 });
1222 }
1223 if (trusted_dir_servers) {
1224 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
1225 {
1226 routerstatus_t *rs;
1227 dir->is_running = 1;
1228 download_status_reset(&dir->v2_ns_dl_status);
1229 rs = router_get_consensus_status_by_id(dir->digest);
1230 if (rs && !rs->is_running) {
1231 rs->is_running = 1;
1232 rs->last_dir_503_at = 0;
1233 control_event_networkstatus_changed_single(rs);
1234 }
1235 });
1236 }
1237 router_dir_info_changed();
1238 }
1239
1240 /** Reset all internal variables used to count failed downloads of network
1241 * status objects. */
1242 void
1243 router_reset_status_download_failures(void)
1244 {
1245 mark_all_trusteddirservers_up();
1246 }
1247
1248 /** Return true iff router1 and router2 have the same /16 network. */
1249 static INLINE int
1250 routers_in_same_network_family(routerinfo_t *r1, routerinfo_t *r2)
1251 {
1252 return (r1->addr & 0xffff0000) == (r2->addr & 0xffff0000);
1253 }
1254
1255 /** Look through the routerlist and identify routers that
1256 * advertise the same /16 network address as <b>router</b>.
1257 * Add each of them to <b>sl</b>.
1258 */
1259 static void
1260 routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router)
1261 {
1262 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
1263 {
1264 if (router != r && routers_in_same_network_family(router, r))
1265 smartlist_add(sl, r);
1266 });
1267 }
1268
1269 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
1270 * This is used to make sure we don't pick siblings in a single path,
1271 * or pick more than one relay from a family for our entry guard list.
1272 */
1273 void
1274 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
1275 {
1276 routerinfo_t *r;
1277 config_line_t *cl;
1278 or_options_t *options = get_options();
1279
1280 /* First, add any routers with similar network addresses. */
1281 if (options->EnforceDistinctSubnets)
1282 routerlist_add_network_family(sl, router);
1283
1284 if (router->declared_family) {
1285 /* Add every r such that router declares familyness with r, and r
1286 * declares familyhood with router. */
1287 SMARTLIST_FOREACH(router->declared_family, const char *, n,
1288 {
1289 if (!(r = router_get_by_nickname(n, 0)))
1290 continue;
1291 if (!r->declared_family)
1292 continue;
1293 SMARTLIST_FOREACH(r->declared_family, const char *, n2,
1294 {
1295 if (router_nickname_matches(router, n2))
1296 smartlist_add(sl, r);
1297 });
1298 });
1299 }
1300
1301 /* If the user declared any families locally, honor those too. */
1302 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1303 if (router_nickname_is_in_list(router, cl->value)) {
1304 add_nickname_list_to_smartlist(sl, cl->value, 0);
1305 }
1306 }
1307 }
1308
1309 /** Return true iff r is named by some nickname in <b>lst</b>. */
1310 static INLINE int
1311 router_in_nickname_smartlist(smartlist_t *lst, routerinfo_t *r)
1312 {
1313 if (!lst) return 0;
1314 SMARTLIST_FOREACH(lst, const char *, name,
1315 if (router_nickname_matches(r, name))
1316 return 1;);
1317 return 0;
1318 }
1319
1320 /** Return true iff r1 and r2 are in the same family, but not the same
1321 * router. */
1322 int
1323 routers_in_same_family(routerinfo_t *r1, routerinfo_t *r2)
1324 {
1325 or_options_t *options = get_options();
1326 config_line_t *cl;
1327
1328 if (options->EnforceDistinctSubnets && routers_in_same_network_family(r1,r2))
1329 return 1;
1330
1331 if (router_in_nickname_smartlist(r1->declared_family, r2) &&
1332 router_in_nickname_smartlist(r2->declared_family, r1))
1333 return 1;
1334
1335 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1336 if (router_nickname_is_in_list(r1, cl->value) &&
1337 router_nickname_is_in_list(r2, cl->value))
1338 return 1;
1339 }
1340 return 0;
1341 }
1342
1343 /** Given a (possibly NULL) comma-and-whitespace separated list of nicknames,
1344 * see which nicknames in <b>list</b> name routers in our routerlist, and add
1345 * the routerinfos for those routers to <b>sl</b>. If <b>must_be_running</b>,
1346 * only include routers that we think are running.
1347 * Warn if any non-Named routers are specified by nickname.
1348 */
1349 void
1350 add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
1351 int must_be_running)
1352 {
1353 routerinfo_t *router;
1354 smartlist_t *nickname_list;
1355 int have_dir_info = router_have_minimum_dir_info();
1356
1357 if (!list)
1358 return; /* nothing to do */
1359 tor_assert(sl);
1360
1361 nickname_list = smartlist_create();
1362 if (!warned_nicknames)
1363 warned_nicknames = smartlist_create();
1364
1365 smartlist_split_string(nickname_list, list, ",",
1366 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1367
1368 SMARTLIST_FOREACH(nickname_list, const char *, nick, {
1369 int warned;
1370 if (!is_legal_nickname_or_hexdigest(nick)) {
1371 log_warn(LD_CONFIG, "Nickname '%s' is misformed; skipping", nick);
1372 continue;
1373 }
1374 router = router_get_by_nickname(nick, 1);
1375 warned = smartlist_string_isin(warned_nicknames, nick);
1376 if (router) {
1377 if (!must_be_running || router->is_running) {
1378 smartlist_add(sl,router);
1379 }
1380 } else if (!router_get_consensus_status_by_nickname(nick,1)) {
1381 if (!warned) {
1382 log_fn(have_dir_info ? LOG_WARN : LOG_INFO, LD_CONFIG,
1383 "Nickname list includes '%s' which isn't a known router.",nick);
1384 smartlist_add(warned_nicknames, tor_strdup(nick));
1385 }
1386 }
1387 });
1388 SMARTLIST_FOREACH(nickname_list, char *, nick, tor_free(nick));
1389 smartlist_free(nickname_list);
1390 }
1391
1392 /** Return 1 iff any member of the (possibly NULL) comma-separated list
1393 * <b>list</b> is an acceptable nickname or hexdigest for <b>router</b>. Else
1394 * return 0.
1395 */
1396 int
1397 router_nickname_is_in_list(routerinfo_t *router, const char *list)
1398 {
1399 smartlist_t *nickname_list;
1400 int v = 0;
1401
1402 if (!list)
1403 return 0; /* definitely not */
1404 tor_assert(router);
1405
1406 nickname_list = smartlist_create();
1407 smartlist_split_string(nickname_list, list, ",",
1408 SPLIT_SKIP_SPACE|SPLIT_STRIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1409 SMARTLIST_FOREACH(nickname_list, const char *, cp,
1410 if (router_nickname_matches(router, cp)) {v=1;break;});
1411 SMARTLIST_FOREACH(nickname_list, char *, cp, tor_free(cp));
1412 smartlist_free(nickname_list);
1413 return v;
1414 }
1415
1416 /** Add every suitable router from our routerlist to <b>sl</b>, so that
1417 * we can pick a node for a circuit.
1418 */
1419 static void
1420 router_add_running_routers_to_smartlist(smartlist_t *sl, int allow_invalid,
1421 int need_uptime, int need_capacity,
1422 int need_guard)
1423 {
1424 if (!routerlist)
1425 return;
1426
1427 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1428 {
1429 if (router->is_running &&
1430 router->purpose == ROUTER_PURPOSE_GENERAL &&
1431 (router->is_valid || allow_invalid) &&
1432 !router_is_unreliable(router, need_uptime,
1433 need_capacity, need_guard)) {
1434 /* If it's running, and it's suitable according to the
1435 * other flags we had in mind */
1436 smartlist_add(sl, router);
1437 }
1438 });
1439 }
1440
1441 /** Look through the routerlist until we find a router that has my key.
1442 Return it. */
1443 routerinfo_t *
1444 routerlist_find_my_routerinfo(void)
1445 {
1446 if (!routerlist)
1447 return NULL;
1448
1449 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1450 {
1451 if (router_is_me(router))
1452 return router;
1453 });
1454 return NULL;
1455 }
1456
1457 /** Find a router that's up, that has this IP address, and
1458 * that allows exit to this address:port, or return NULL if there
1459 * isn't a good one.
1460 */
1461 routerinfo_t *
1462 router_find_exact_exit_enclave(const char *address, uint16_t port)
1463 {
1464 uint32_t addr;
1465 struct in_addr in;
1466 tor_addr_t a;
1467
1468 if (!tor_inet_aton(address, &in))
1469 return NULL; /* it's not an IP already */
1470 addr = ntohl(in.s_addr);
1471
1472 tor_addr_from_ipv4h(&a, addr);
1473
1474 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1475 {
1476 if (router->addr == addr &&
1477 router->is_running &&
1478 compare_tor_addr_to_addr_policy(&a, port, router->exit_policy) ==
1479 ADDR_POLICY_ACCEPTED)
1480 return router;
1481 });
1482 return NULL;
1483 }
1484
1485 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
1486 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
1487 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
1488 * bandwidth.
1489 * If <b>need_guard</b>, we require that the router is a possible entry guard.
1490 */
1491 int
1492 router_is_unreliable(routerinfo_t *router, int need_uptime,
1493 int need_capacity, int need_guard)
1494 {
1495 if (need_uptime && !router->is_stable)
1496 return 1;
1497 if (need_capacity && !router->is_fast)
1498 return 1;
1499 if (need_guard && !router->is_possible_guard)
1500 return 1;
1501 return 0;
1502 }
1503
1504 /** Return the smaller of the router's configured BandwidthRate
1505 * and its advertised capacity. */
1506 uint32_t
1507 router_get_advertised_bandwidth(routerinfo_t *router)
1508 {
1509 if (router->bandwidthcapacity < router->bandwidthrate)
1510 return router->bandwidthcapacity;
1511 return router->bandwidthrate;
1512 }
1513
1514 /** Do not weight any declared bandwidth more than this much when picking
1515 * routers by bandwidth. */
1516 #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
1517
1518 /** Return the smaller of the router's configured BandwidthRate
1519 * and its advertised capacity, capped by max-believe-bw. */
1520 uint32_t
1521 router_get_advertised_bandwidth_capped(routerinfo_t *router)
1522 {
1523 uint32_t result = router->bandwidthcapacity;
1524 if (result > router->bandwidthrate)
1525 result = router->bandwidthrate;
1526 if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
1527 result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1528 return result;
1529 }
1530
1531 /** Return bw*1000, unless bw*1000 would overflow, in which case return
1532 * INT32_MAX. */
1533 static INLINE int32_t
1534 kb_to_bytes(uint32_t bw)
1535 {
1536 return (bw > (INT32_MAX/1000)) ? INT32_MAX : bw*1000;
1537 }
1538
1539 /** Helper function:
1540 * choose a random element of smartlist <b>sl</b>, weighted by
1541 * the advertised bandwidth of each element.
1542 *
1543 * If <b>statuses</b> is zero, then <b>sl</b> is a list of
1544 * routerinfo_t's. Otherwise it's a list of routerstatus_t's.
1545 *
1546 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
1547 * nodes' bandwidth equally regardless of their Exit status, since there may
1548 * be some in the list because they exit to obscure ports. If
1549 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
1550 * exit-node's bandwidth less depending on the smallness of the fraction of
1551 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
1552 * guard node: consider all guard's bandwidth equally. Otherwise, weight
1553 * guards proportionally less.
1554 */
1555 static void *
1556 smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
1557 int statuses)
1558 {
1559 unsigned int i;
1560 routerinfo_t *router;
1561 routerstatus_t *status=NULL;
1562 int32_t *bandwidths;
1563 int is_exit;
1564 int is_guard;
1565 uint64_t total_nonexit_bw = 0, total_exit_bw = 0, total_bw = 0;
1566 uint64_t total_nonguard_bw = 0, total_guard_bw = 0;
1567 uint64_t rand_bw, tmp;
1568 double exit_weight;
1569 double guard_weight;
1570 int n_unknown = 0;
1571 bitarray_t *exit_bits;
1572 bitarray_t *guard_bits;
1573 int me_idx = -1;
1574
1575 /* Can't choose exit and guard at same time */
1576 tor_assert(rule == NO_WEIGHTING ||
1577 rule == WEIGHT_FOR_EXIT ||
1578 rule == WEIGHT_FOR_GUARD);
1579
1580 /* First count the total bandwidth weight, and make a list
1581 * of each value. <0 means "unknown; no routerinfo." We use the
1582 * bits of negative values to remember whether the router was fast (-x)&1
1583 * and whether it was an exit (-x)&2 or guard (-x)&4. Yes, it's a hack. */
1584 bandwidths = tor_malloc(sizeof(int32_t)*smartlist_len(sl));
1585 exit_bits = bitarray_init_zero(smartlist_len(sl));
1586 guard_bits = bitarray_init_zero(smartlist_len(sl));
1587
1588 /* Iterate over all the routerinfo_t or routerstatus_t, and */
1589 for (i = 0; i < (unsigned)smartlist_len(sl); ++i) {
1590 /* first, learn what bandwidth we think i has */
1591 int is_known = 1;
1592 int32_t flags = 0;
1593 uint32_t this_bw = 0;
1594 if (statuses) {
1595 status = smartlist_get(sl, i);
1596 if (router_digest_is_me(status->identity_digest))
1597 me_idx = i;
1598 router = router_get_by_digest(status->identity_digest);
1599 is_exit = status->is_exit;
1600 is_guard = status->is_possible_guard;
1601 if (status->has_bandwidth) {
1602 this_bw = kb_to_bytes(status->bandwidth);
1603 } else { /* guess */
1604 /* XXX022 once consensuses always list bandwidths, we can take
1605 * this guessing business out. -RD */
1606 is_known = 0;
1607 flags = status->is_fast ? 1 : 0;
1608 flags |= is_exit ? 2 : 0;
1609 flags |= is_guard ? 4 : 0;
1610 }
1611 } else {
1612 routerstatus_t *rs;
1613 router = smartlist_get(sl, i);
1614 rs = router_get_consensus_status_by_id(
1615 router->cache_info.identity_digest);
1616 if (router_digest_is_me(router->cache_info.identity_digest))
1617 me_idx = i;
1618 is_exit = router->is_exit;
1619 is_guard = router->is_possible_guard;
1620 if (rs && rs->has_bandwidth) {
1621 this_bw = kb_to_bytes(rs->bandwidth);
1622 } else if (rs) { /* guess; don't trust the descriptor */
1623 /* XXX022 once consensuses always list bandwidths, we can take
1624 * this guessing business out. -RD */
1625 is_known = 0;
1626 flags = router->is_fast ? 1 : 0;
1627 flags |= is_exit ? 2 : 0;
1628 flags |= is_guard ? 4 : 0;
1629 } else /* bridge or other descriptor not in our consensus */
1630 this_bw = router_get_advertised_bandwidth_capped(router);
1631 }
1632 if (is_exit)
1633 bitarray_set(exit_bits, i);
1634 if (is_guard)
1635 bitarray_set(guard_bits, i);
1636 if (is_known) {
1637 bandwidths[i] = (int32_t) this_bw; // safe since MAX_BELIEVABLE<INT32_MAX
1638 tor_assert(bandwidths[i] >= 0);
1639 if (is_guard)
1640 total_guard_bw += this_bw;
1641 else
1642 total_nonguard_bw += this_bw;
1643 if (is_exit)
1644 total_exit_bw += this_bw;
1645 else
1646 total_nonexit_bw += this_bw;
1647 } else {
1648 ++n_unknown;
1649 bandwidths[i] = -flags;
1650 }
1651 }
1652
1653 /* Now, fill in the unknown values. */
1654 if (n_unknown) {
1655 int32_t avg_fast, avg_slow;
1656 if (total_exit_bw+total_nonexit_bw) {
1657 /* if there's some bandwidth, there's at least one known router,
1658 * so no worries about div by 0 here */
1659 int n_known = smartlist_len(sl)-n_unknown;
1660 avg_fast = avg_slow = (int32_t)
1661 ((total_exit_bw+total_nonexit_bw)/((uint64_t) n_known));
1662 } else {
1663 avg_fast = 40000;
1664 avg_slow = 20000;
1665 }
1666 for (i=0; i<(unsigned)smartlist_len(sl); ++i) {
1667 int32_t bw = bandwidths[i];
1668 if (bw>=0)
1669 continue;
1670 is_exit = ((-bw)&2);
1671 is_guard = ((-bw)&4);
1672 bandwidths[i] = ((-bw)&1) ? avg_fast : avg_slow;
1673 if (is_exit)
1674 total_exit_bw += bandwidths[i];
1675 else
1676 total_nonexit_bw += bandwidths[i];
1677 if (is_guard)
1678 total_guard_bw += bandwidths[i];
1679 else
1680 total_nonguard_bw += bandwidths[i];
1681 }
1682 }
1683
1684 /* If there's no bandwidth at all, pick at random. */
1685 if (!(total_exit_bw+total_nonexit_bw)) {
1686 tor_free(bandwidths);
1687 tor_free(exit_bits);
1688 tor_free(guard_bits);
1689 return smartlist_choose(sl);
1690 }
1691
1692 /* Figure out how to weight exits and guards */
1693 {
1694 double all_bw = U64_TO_DBL(total_exit_bw+total_nonexit_bw);
1695 double exit_bw = U64_TO_DBL(total_exit_bw);
1696 double guard_bw = U64_TO_DBL(total_guard_bw);
1697 /*
1698 * For detailed derivation of this formula, see
1699 * http://archives.seul.org/or/dev/Jul-2007/msg00056.html
1700 */
1701 if (rule == WEIGHT_FOR_EXIT)
1702 exit_weight = 1.0;
1703 else
1704 exit_weight = 1.0 - all_bw/(3.0*exit_bw);
1705
1706 if (rule == WEIGHT_FOR_GUARD)
1707 guard_weight = 1.0;
1708 else
1709 guard_weight = 1.0 - all_bw/(3.0*guard_bw);
1710
1711 if (exit_weight <= 0.0)
1712 exit_weight = 0.0;
1713
1714 if (guard_weight <= 0.0)
1715 guard_weight = 0.0;
1716
1717 total_bw = 0;
1718 sl_last_weighted_bw_of_me = 0;
1719 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1720 uint64_t bw;
1721 is_exit = bitarray_is_set(exit_bits, i);
1722 is_guard = bitarray_is_set(guard_bits, i);
1723 if (is_exit && is_guard)
1724 bw = ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1725 else if (is_guard)
1726 bw = ((uint64_t)(bandwidths[i] * guard_weight));
1727 else if (is_exit)
1728 bw = ((uint64_t)(bandwidths[i] * exit_weight));
1729 else
1730 bw = bandwidths[i];
1731 total_bw += bw;
1732 if (i == (unsigned) me_idx)
1733 sl_last_weighted_bw_of_me = bw;
1734 }
1735 }
1736
1737 /* XXXX022 this is a kludge to expose these values. */
1738 sl_last_total_weighted_bw = total_bw;
1739
1740 log_debug(LD_CIRC, "Total weighted bw = "U64_FORMAT
1741 ", exit bw = "U64_FORMAT
1742 ", nonexit bw = "U64_FORMAT", exit weight = %lf "
1743 "(for exit == %d)"
1744 ", guard bw = "U64_FORMAT
1745 ", nonguard bw = "U64_FORMAT", guard weight = %lf "
1746 "(for guard == %d)",
1747 U64_PRINTF_ARG(total_bw),
1748 U64_PRINTF_ARG(total_exit_bw), U64_PRINTF_ARG(total_nonexit_bw),
1749 exit_weight, (int)(rule == WEIGHT_FOR_EXIT),
1750 U64_PRINTF_ARG(total_guard_bw), U64_PRINTF_ARG(total_nonguard_bw),
1751 guard_weight, (int)(rule == WEIGHT_FOR_GUARD));
1752
1753 /* Almost done: choose a random value from the bandwidth weights. */
1754 rand_bw = crypto_rand_uint64(total_bw);
1755
1756 /* Last, count through sl until we get to the element we picked */
1757 tmp = 0;
1758 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1759 is_exit = bitarray_is_set(exit_bits, i);
1760 is_guard = bitarray_is_set(guard_bits, i);
1761
1762 /* Weights can be 0 if not counting guards/exits */
1763 if (is_exit && is_guard)
1764 tmp += ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1765 else if (is_guard)
1766 tmp += ((uint64_t)(bandwidths[i] * guard_weight));
1767 else if (is_exit)
1768 tmp += ((uint64_t)(bandwidths[i] * exit_weight));
1769 else
1770 tmp += bandwidths[i];
1771
1772 if (tmp >= rand_bw)
1773 break;
1774 }
1775 if (i == (unsigned)smartlist_len(sl)) {
1776 /* This was once possible due to round-off error, but shouldn't be able
1777 * to occur any longer. */
1778 tor_fragile_assert();
1779 --i;
1780 log_warn(LD_BUG, "Round-off error in computing bandwidth had an effect on "
1781 " which router we chose. Please tell the developers. "
1782 U64_FORMAT " " U64_FORMAT " " U64_FORMAT, U64_PRINTF_ARG(tmp),
1783 U64_PRINTF_ARG(rand_bw), U64_PRINTF_ARG(total_bw));
1784 }
1785 tor_free(bandwidths);
1786 tor_free(exit_bits);
1787 tor_free(guard_bits);
1788 return smartlist_get(sl, i);
1789 }
1790
1791 /** Choose a random element of router list <b>sl</b>, weighted by
1792 * the advertised bandwidth of each router.
1793 */
1794 routerinfo_t *
1795 routerlist_sl_choose_by_bandwidth(smartlist_t *sl,
1796 bandwidth_weight_rule_t rule)
1797 {
1798 return smartlist_choose_by_bandwidth(sl, rule, 0);
1799 }
1800
1801 /** Choose a random element of status list <b>sl</b>, weighted by
1802 * the advertised bandwidth of each status.
1803 */
1804 routerstatus_t *
1805 routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
1806 {
1807 /* We are choosing neither exit nor guard here. Weight accordingly. */
1808 return smartlist_choose_by_bandwidth(sl, NO_WEIGHTING, 1);
1809 }
1810
1811 /** Return a random running router from the routerlist. If any node
1812 * named in <b>preferred</b> is available, pick one of those. Never
1813 * pick a node whose routerinfo is in
1814 * <b>excludedsmartlist</b>, or whose routerinfo matches <b>excludedset</b>,
1815 * even if they are the only nodes
1816 * available. If <b>CRN_STRICT_PREFERRED</b> is set in flags, never pick
1817 * any node besides those in <b>preferred</b>.
1818 * If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
1819 * a minimum uptime, return one of those.
1820 * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
1821 * advertised capacity of each router.
1822 * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
1823 * routers.
1824 * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
1825 * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
1826 * picking an exit node, otherwise we weight bandwidths for picking a relay
1827 * node (that is, possibly discounting exit nodes).
1828 */
1829 routerinfo_t *
1830 router_choose_random_node(const char *preferred,
1831 smartlist_t *excludedsmartlist,
1832 routerset_t *excludedset,
1833 router_crn_flags_t flags)
1834 {
1835 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1836 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1837 const int need_guard = (flags & CRN_NEED_GUARD) != 0;
1838 const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
1839 const int strict = (flags & CRN_STRICT_PREFERRED) != 0;
1840 const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
1841
1842 smartlist_t *sl, *excludednodes;
1843 routerinfo_t *choice = NULL, *r;
1844 bandwidth_weight_rule_t rule;
1845
1846 tor_assert(!(weight_for_exit && need_guard));
1847 rule = weight_for_exit ? WEIGHT_FOR_EXIT :
1848 (need_guard ? WEIGHT_FOR_GUARD : NO_WEIGHTING);
1849
1850 excludednodes = smartlist_create();
1851
1852 /* Exclude relays that allow single hop exit circuits, if the user
1853 * wants to (such relays might be risky) */
1854 if (get_options()->ExcludeSingleHopRelays) {
1855 routerlist_t *rl = router_get_routerlist();
1856 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
1857 if (r->allow_single_hop_exits) {
1858 smartlist_add(excludednodes, r);
1859 });
1860 }
1861
1862 if ((r = routerlist_find_my_routerinfo())) {
1863 smartlist_add(excludednodes, r);
1864 routerlist_add_family(excludednodes, r);
1865 }
1866
1867 /* Try the preferred nodes first. Ignore need_uptime and need_capacity
1868 * and need_guard, since the user explicitly asked for these nodes. */
1869 if (preferred) {
1870 sl = smartlist_create();
1871 add_nickname_list_to_smartlist(sl,preferred,1);
1872 smartlist_subtract(sl,excludednodes);
1873 if (excludedsmartlist)
1874 smartlist_subtract(sl,excludedsmartlist);
1875 if (excludedset)
1876 routerset_subtract_routers(sl,excludedset);
1877 choice = smartlist_choose(sl);
1878 smartlist_free(sl);
1879 }
1880 if (!choice && !strict) {
1881 /* Then give up on our preferred choices: any node
1882 * will do that has the required attributes. */
1883 sl = smartlist_create();
1884 router_add_running_routers_to_smartlist(sl, allow_invalid,
1885 need_uptime, need_capacity,
1886 need_guard);
1887 smartlist_subtract(sl,excludednodes);
1888 if (excludedsmartlist)
1889 smartlist_subtract(sl,excludedsmartlist);
1890 if (excludedset)
1891 routerset_subtract_routers(sl,excludedset);
1892
1893 if (need_capacity || need_guard)
1894 choice = routerlist_sl_choose_by_bandwidth(sl, rule);
1895 else
1896 choice = smartlist_choose(sl);
1897
1898 smartlist_free(sl);
1899 if (!choice && (need_uptime || need_capacity || need_guard)) {
1900 /* try once more -- recurse but with fewer restrictions. */
1901 log_info(LD_CIRC,
1902 "We couldn't find any live%s%s%s routers; falling back "
1903 "to list of all routers.",
1904 need_capacity?", fast":"",
1905 need_uptime?", stable":"",
1906 need_guard?", guard":"");
1907 flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
1908 choice = router_choose_random_node(
1909 NULL, excludedsmartlist, excludedset, flags);
1910 }
1911 }
1912 smartlist_free(excludednodes);
1913 if (!choice) {
1914 if (strict) {
1915 log_warn(LD_CIRC, "All preferred nodes were down when trying to choose "
1916 "node, and the Strict[...]Nodes option is set. Failing.");
1917 } else {
1918 log_warn(LD_CIRC,
1919 "No available nodes when trying to choose node. Failing.");
1920 }
1921 }
1922 return choice;
1923 }
1924
1925 /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
1926 * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
1927 * (which is optionally prefixed with a single dollar sign). Return false if
1928 * <b>hexdigest</b> is malformed, or it doesn't match. */
1929 static INLINE int
1930 hex_digest_matches(const char *hexdigest, const char *identity_digest,
1931 const char *nickname, int is_named)
1932 {
1933 char digest[DIGEST_LEN];
1934 size_t len;
1935 tor_assert(hexdigest);
1936 if (hexdigest[0] == '$')
1937 ++hexdigest;
1938
1939 len = strlen(hexdigest);
1940 if (len < HEX_DIGEST_LEN)
1941 return 0;
1942 else if (len > HEX_DIGEST_LEN &&
1943 (hexdigest[HEX_DIGEST_LEN] == '=' ||
1944 hexdigest[HEX_DIGEST_LEN] == '~')) {
1945 if (strcasecmp(hexdigest+HEX_DIGEST_LEN+1, nickname))
1946 return 0;
1947 if (hexdigest[HEX_DIGEST_LEN] == '=' && !is_named)
1948 return 0;
1949 }
1950
1951 if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
1952 return 0;
1953 return (!memcmp(digest, identity_digest, DIGEST_LEN));
1954 }
1955
1956 /** Return true iff the digest of <b>router</b>'s identity key,
1957 * encoded in hexadecimal, matches <b>hexdigest</b> (which is
1958 * optionally prefixed with a single dollar sign). Return false if
1959 * <b>hexdigest</b> is malformed, or it doesn't match. */
1960 static INLINE int
1961 router_hex_digest_matches(routerinfo_t *router, const char *hexdigest)
1962 {
1963 return hex_digest_matches(hexdigest, router->cache_info.identity_digest,
1964 router->nickname, router->is_named);
1965 }
1966
1967 /** Return true if <b>router</b>'s nickname matches <b>nickname</b>
1968 * (case-insensitive), or if <b>router's</b> identity key digest
1969 * matches a hexadecimal value stored in <b>nickname</b>. Return
1970 * false otherwise. */
1971 static int
1972 router_nickname_matches(routerinfo_t *router, const char *nickname)
1973 {
1974 if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
1975 return 1;
1976 return router_hex_digest_matches(router, nickname);
1977 }
1978
1979 /** Return the router in our routerlist whose (case-insensitive)
1980 * nickname or (case-sensitive) hexadecimal key digest is
1981 * <b>nickname</b>. Return NULL if no such router is known.
1982 */
1983 routerinfo_t *
1984 router_get_by_nickname(const char *nickname, int warn_if_unnamed)
1985 {
1986 int maybedigest;
1987 char digest[DIGEST_LEN];
1988 routerinfo_t *best_match=NULL;
1989 int n_matches = 0;
1990 const char *named_digest = NULL;
1991
1992 tor_assert(nickname);
1993 if (!routerlist)
1994 return NULL;
1995 if (nickname[0] == '$')
1996 return router_get_by_hexdigest(nickname);
1997 if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1998 return NULL;
1999 if (server_mode(get_options()) &&
2000 !strcasecmp(nickname, get_options()->Nickname))
2001 return router_get_my_routerinfo();
2002
2003 maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) &&
2004 (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
2005
2006 if ((named_digest = networkstatus_get_router_digest_by_nickname(nickname))) {
2007 return rimap_get(routerlist->identity_map, named_digest);
2008 }
2009 if (networkstatus_nickname_is_unnamed(nickname))
2010 return NULL;
2011
2012 /* If we reach this point, there's no canonical value for the nickname. */
2013
2014 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2015 {
2016 if (!strcasecmp(router->nickname, nickname)) {
2017 ++n_matches;
2018 if (n_matches <= 1 || router->is_running)
2019 best_match = router;
2020 } else if (maybedigest &&
2021 !memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)
2022 ) {
2023 if (router_hex_digest_matches(router, nickname))
2024 return router;
2025 /* If we reach this point, we have a ID=name syntax that matches the
2026 * identity but not the name. That isn't an acceptable match. */
2027 }
2028 });
2029
2030 if (best_match) {
2031 if (warn_if_unnamed && n_matches > 1) {
2032 smartlist_t *fps = smartlist_create();
2033 int any_unwarned = 0;
2034 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2035 {
2036 routerstatus_t *rs;
2037 char *desc;
2038 size_t dlen;
2039 char fp[HEX_DIGEST_LEN+1];
2040 if (strcasecmp(router->nickname, nickname))
2041 continue;
2042 rs = router_get_consensus_status_by_id(
2043 router->cache_info.identity_digest);
2044 if (rs && !rs->name_lookup_warned) {
2045 rs->name_lookup_warned = 1;
2046 any_unwarned = 1;
2047 }
2048 base16_encode(fp, sizeof(fp),
2049 router->cache_info.identity_digest, DIGEST_LEN);
2050 dlen = 32 + HEX_DIGEST_LEN + strlen(router->address);
2051 desc = tor_malloc(dlen);
2052 tor_snprintf(desc, dlen, "\"$%s\" for the one at %s:%d",
2053 fp, router->address, router->or_port);
2054 smartlist_add(fps, desc);
2055 });
2056 if (any_unwarned) {
2057 char *alternatives = smartlist_join_strings(fps, "; ",0,NULL);
2058 log_warn(LD_CONFIG,
2059 "There are multiple matches for the nickname \"%s\","
2060 " but none is listed as named by the directory authorities. "
2061 "Choosing one arbitrarily. If you meant one in particular, "
2062 "you should say %s.", nickname, alternatives);
2063 tor_free(alternatives);
2064 }
2065 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
2066 smartlist_free(fps);
2067 } else if (warn_if_unnamed) {
2068 routerstatus_t *rs = router_get_consensus_status_by_id(
2069 best_match->cache_info.identity_digest);
2070 if (rs && !rs->name_lookup_warned) {
2071 char fp[HEX_DIGEST_LEN+1];
2072 base16_encode(fp, sizeof(fp),
2073 best_match->cache_info.identity_digest, DIGEST_LEN);
2074 log_warn(LD_CONFIG, "You specified a server \"%s\" by name, but this "
2075 "name is not registered, so it could be used by any server, "
2076 "not just the one you meant. "
2077 "To make sure you get the same server in the future, refer to "
2078 "it by key, as \"$%s\".", nickname, fp);
2079 rs->name_lookup_warned = 1;
2080 }
2081 }
2082 return best_match;
2083 }
2084
2085 return NULL;
2086 }
2087
2088 /** Try to find a routerinfo for <b>digest</b>. If we don't have one,
2089 * return 1. If we do, ask tor_version_as_new_as() for the answer.
2090 */
2091 int
2092 router_digest_version_as_new_as(const char *digest, const char *cutoff)
2093 {
2094 routerinfo_t *router = router_get_by_digest(digest);
2095 if (!router)
2096 return 1;
2097 return tor_version_as_new_as(router->platform, cutoff);
2098 }
2099
2100 /** Return true iff <b>digest</b> is the digest of the identity key of a
2101 * trusted directory matching at least one bit of <b>type</b>. If <b>type</b>
2102 * is zero, any authority is okay. */
2103 int
2104 router_digest_is_trusted_dir_type(const char *digest, authority_type_t type)
2105 {
2106 if (!trusted_dir_servers)
2107 return 0;
2108 if (authdir_mode(get_options()) && router_digest_is_me(digest))
2109 return 1;
2110 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2111 if (!memcmp(digest, ent->digest, DIGEST_LEN)) {
2112 return (!type) || ((type & ent->type) != 0);
2113 });
2114 return 0;
2115 }
2116
2117 /** Return true iff <b>addr</b> is the address of one of our trusted
2118 * directory authorities. */
2119 int
2120 router_addr_is_trusted_dir(uint32_t addr)
2121 {
2122 if (!trusted_dir_servers)
2123 return 0;
2124 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2125 if (ent->addr == addr)
2126 return 1;
2127 );
2128 return 0;
2129 }
2130
2131 /** If hexdigest is correctly formed, base16_decode it into
2132 * digest, which must have DIGEST_LEN space in it.
2133 * Return 0 on success, -1 on failure.
2134 */
2135 int
2136 hexdigest_to_digest(const char *hexdigest, char *digest)
2137 {
2138 if (hexdigest[0]=='$')
2139 ++hexdigest;
2140 if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2141 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
2142 return -1;
2143 return 0;
2144 }
2145
2146 /** Return the router in our routerlist whose hexadecimal key digest
2147 * is <b>hexdigest</b>. Return NULL if no such router is known. */
2148 routerinfo_t *
2149 router_get_by_hexdigest(const char *hexdigest)
2150 {
2151 char digest[DIGEST_LEN];
2152 size_t len;
2153 routerinfo_t *ri;
2154
2155 tor_assert(hexdigest);
2156 if (!routerlist)
2157 return NULL;
2158 if (hexdigest[0]=='$')
2159 ++hexdigest;
2160 len = strlen(hexdigest);
2161 if (hexdigest_to_digest(hexdigest, digest) < 0)
2162 return NULL;
2163
2164 ri = router_get_by_digest(digest);
2165
2166 if (ri && len > HEX_DIGEST_LEN) {
2167 if (hexdigest[HEX_DIGEST_LEN] == '=') {
2168 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1) ||
2169 !ri->is_named)
2170 return NULL;
2171 } else if (hexdigest[HEX_DIGEST_LEN] == '~') {
2172 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1))
2173 return NULL;
2174 } else {
2175 return NULL;
2176 }
2177 }
2178
2179 return ri;
2180 }
2181
2182 /** Return the router in our routerlist whose 20-byte key digest
2183 * is <b>digest</b>. Return NULL if no such router is known. */
2184 routerinfo_t *
2185 router_get_by_digest(const char *digest)
2186 {
2187 tor_assert(digest);
2188
2189 if (!routerlist) return NULL;
2190
2191 // routerlist_assert_ok(routerlist);
2192
2193 return rimap_get(routerlist->identity_map, digest);
2194 }
2195
2196 /** Return the router in our routerlist whose 20-byte descriptor
2197 * is <b>digest</b>. Return NULL if no such router is known. */
2198 signed_descriptor_t *
2199 router_get_by_descriptor_digest(const char *digest)
2200 {
2201 tor_assert(digest);
2202
2203 if (!routerlist) return NULL;
2204
2205 return sdmap_get(routerlist->desc_digest_map, digest);
2206 }
2207
2208 /** Return the signed descriptor for the router in our routerlist whose
2209 * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
2210 * is known. */
2211 signed_descriptor_t *
2212 router_get_by_extrainfo_digest(const char *digest)
2213 {
2214 tor_assert(digest);
2215
2216 if (!routerlist) return NULL;
2217
2218 return sdmap_get(routerlist->desc_by_eid_map, digest);
2219 }
2220
2221 /** Return the signed descriptor for the extrainfo_t in our routerlist whose
2222 * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
2223 * document is known. */
2224 signed_descriptor_t *
2225 extrainfo_get_by_descriptor_digest(const char *digest)
2226 {
2227 extrainfo_t *ei;
2228 tor_assert(digest);
2229 if (!routerlist) return NULL;
2230 ei = eimap_get(routerlist->extra_info_map, digest);
2231 return ei ? &ei->cache_info : NULL;
2232 }
2233
2234 /** Return a pointer to the signed textual representation of a descriptor.
2235 * The returned string is not guaranteed to be NUL-terminated: the string's
2236 * length will be in desc-\>signed_descriptor_len.
2237 *
2238 * If <b>with_annotations</b> is set, the returned string will include
2239 * the annotations
2240 * (if any) preceding the descriptor. This will increase the length of the
2241 * string by desc-\>annotations_len.
2242 *
2243 * The caller must not free the string returned.
2244 */
2245 static const char *
2246 signed_descriptor_get_body_impl(signed_descriptor_t *desc,
2247 int with_annotations)
2248 {
2249 const char *r = NULL;
2250 size_t len = desc->signed_descriptor_len;
2251 off_t offset = desc->saved_offset;
2252 if (with_annotations)
2253 len += desc->annotations_len;
2254 else
2255 offset += desc->annotations_len;
2256
2257 tor_assert(len > 32);
2258 if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
2259 desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
2260 if (store && store->mmap) {
2261 tor_assert(desc->saved_offset + len <= store->mmap->size);
2262 r = store->mmap->data + offset;
2263 } else if (store) {
2264 log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
2265 "mmaped in our cache. Is another process running in our data "
2266 "directory? Exiting.");
2267 exit(1);
2268 }
2269 }
2270 if (!r) /* no mmap, or not in cache. */
2271 r = desc->signed_descriptor_body +
2272 (with_annotations ? 0 : desc->annotations_len);
2273
2274 tor_assert(r);
2275 if (!with_annotations) {
2276 if (memcmp("router ", r, 7) && memcmp("extra-info ", r, 11)) {
2277 char *cp = tor_strndup(r, 64);
2278 log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
2279 "Is another process running in our data directory? Exiting.",
2280 desc, escaped(cp));
2281 exit(1);
2282 }
2283 }
2284
2285 return r;
2286 }
2287
2288 /** Return a pointer to the signed textual representation of a descriptor.
2289 * The returned string is not guaranteed to be NUL-terminated: the string's
2290 * length will be in desc-\>signed_descriptor_len.
2291 *
2292 * The caller must not free the string returned.
2293 */
2294 const char *
2295 signed_descriptor_get_body(signed_descriptor_t *desc)
2296 {
2297 return signed_descriptor_get_body_impl(desc, 0);
2298 }
2299
2300 /** As signed_descriptor_get_body(), but points to the beginning of the
2301 * annotations section rather than the beginning of the descriptor. */
2302 const char *
2303 signed_descriptor_get_annotations(signed_descriptor_t *desc)
2304 {
2305 return signed_descriptor_get_body_impl(desc, 1);
2306 }
2307
2308 /** Return the current list of all known routers. */
2309 routerlist_t *
2310 router_get_routerlist(void)
2311 {
2312 if (PREDICT_UNLIKELY(!routerlist)) {
2313 routerlist = tor_malloc_zero(sizeof(routerlist_t));
2314 routerlist->routers = smartlist_create();
2315 routerlist->old_routers = smartlist_create();
2316 routerlist->identity_map = rimap_new();
2317 routerlist->desc_digest_map = sdmap_new();
2318 routerlist->desc_by_eid_map = sdmap_new();
2319 routerlist->extra_info_map = eimap_new();
2320
2321 routerlist->desc_store.fname_base = "cached-descriptors";
2322 routerlist->desc_store.fname_alt_base = "cached-routers";
2323 routerlist->extrainfo_store.fname_base = "cached-extrainfo";
2324
2325 routerlist->desc_store.type = ROUTER_STORE;
2326 routerlist->extrainfo_store.type = EXTRAINFO_STORE;
2327
2328 routerlist->desc_store.description = "router descriptors";
2329 routerlist->extrainfo_store.description = "extra-info documents";
2330 }
2331 return routerlist;
2332 }
2333
2334 /** Free all storage held by <b>router</b>. */
2335 void
2336 routerinfo_free(routerinfo_t *router)
2337 {
2338 if (!router)
2339 return;
2340
2341 tor_free(router->cache_info.signed_descriptor_body);
2342 tor_free(router->address);
2343 tor_free(router->nickname);
2344 tor_free(router->platform);
2345 tor_free(router->contact_info);
2346 if (router->onion_pkey)
2347 crypto_free_pk_env(router->onion_pkey);
2348 if (router->identity_pkey)
2349 crypto_free_pk_env(router->identity_pkey);
2350 if (router->declared_family) {
2351 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
2352 smartlist_free(router->declared_family);
2353 }
2354 addr_policy_list_free(router->exit_policy);
2355
2356 /* XXXX Remove if this turns out to affect performance. */
2357 memset(router, 77, sizeof(routerinfo_t));
2358
2359 tor_free(router);
2360 }
2361
2362 /** Release all storage held by <b>extrainfo</b> */
2363 void
2364 extrainfo_free(extrainfo_t *extrainfo)
2365 {
2366 if (!extrainfo)
2367 return;
2368 tor_free(extrainfo->cache_info.signed_descriptor_body);
2369 tor_free(extrainfo->pending_sig);
2370
2371 /* XXXX remove this if it turns out to slow us down. */
2372 memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
2373 tor_free(extrainfo);
2374 }
2375
2376 /** Release storage held by <b>sd</b>. */
2377 static void
2378 signed_descriptor_free(signed_descriptor_t *sd)
2379 {
2380 if (!sd)
2381 return;
2382
2383 tor_free(sd->signed_descriptor_body);
2384
2385 /* XXXX remove this once more bugs go away. */
2386 memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
2387 tor_free(sd);
2388 }
2389
2390 /** Extract a signed_descriptor_t from a routerinfo, and free the routerinfo.
2391 */
2392 static signed_descriptor_t *
2393 signed_descriptor_from_routerinfo(routerinfo_t *ri)
2394 {
2395 signed_descriptor_t *sd = tor_malloc_zero(sizeof(signed_descriptor_t));
2396 memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t));
2397 sd->routerlist_index = -1;
2398 ri->cache_info.signed_descriptor_body = NULL;
2399 routerinfo_free(ri);
2400 return sd;
2401 }
2402
2403 /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
2404 static void
2405 _extrainfo_free(void *e)
2406 {
2407 extrainfo_free(e);
2408 }
2409
2410 /** Free all storage held by a routerlist <b>rl</b>. */
2411 void
2412 routerlist_free(routerlist_t *rl)
2413 {
2414 if (!rl)
2415 return;
2416 rimap_free(rl->identity_map, NULL);
2417 sdmap_free(rl->desc_digest_map, NULL);
2418 sdmap_free(rl->desc_by_eid_map, NULL);
2419 eimap_free(rl->extra_info_map, _extrainfo_free);
2420 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2421 routerinfo_free(r));
2422 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
2423 signed_descriptor_free(sd));
2424 smartlist_free(rl->routers);
2425 smartlist_free(rl->old_routers);
2426 if (routerlist->desc_store.mmap)
2427 tor_munmap_file(routerlist->desc_store.mmap);
2428 if (routerlist->extrainfo_store.mmap)
2429 tor_munmap_file(routerlist->extrainfo_store.mmap);
2430 tor_free(rl);
2431
2432 router_dir_info_changed();
2433 }
2434
2435 /** Log information about how much memory is being used for routerlist,
2436 * at log level <b>severity</b>. */
2437 void
2438 dump_routerlist_mem_usage(int severity)
2439 {
2440 uint64_t livedescs = 0;
2441 uint64_t olddescs = 0;
2442 if (!routerlist)
2443 return;
2444 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
2445 livedescs += r->cache_info.signed_descriptor_len);
2446 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2447 olddescs += sd->signed_descriptor_len);
2448
2449 log(severity, LD_DIR,
2450 "In %d live descriptors: "U64_FORMAT" bytes. "
2451 "In %d old descriptors: "U64_FORMAT" bytes.",
2452 smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
2453 smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
2454
2455 #if 0
2456 {
2457 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2458 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2459 log(severity, LD_DIR, "Now let's look through old_descriptors!");
2460 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd, {
2461 int in_v2 = 0;
2462 int in_v3 = 0;
2463 char published[ISO_TIME_LEN+1];
2464 char last_valid_until[ISO_TIME_LEN+1];
2465 char last_served_at[ISO_TIME_LEN+1];
2466 char id[HEX_DIGEST_LEN+1];
2467 routerstatus_t *rs;
2468 format_iso_time(published, sd->published_on);
2469 format_iso_time(last_valid_until, sd->last_listed_as_valid_until);
2470 format_iso_time(last_served_at, sd->last_served_at);
2471 base16_encode(id, sizeof(id), sd->identity_digest, DIGEST_LEN);
2472 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
2473 {
2474 rs = networkstatus_v2_find_entry(ns, sd->identity_digest);
2475 if (rs && !memcmp(rs->descriptor_digest,
2476 sd->signed_descriptor_digest, DIGEST_LEN)) {
2477 in_v2 = 1; break;
2478 }
2479 });
2480 if (consensus) {
2481 rs = networkstatus_vote_find_entry(consensus, sd->identity_digest);
2482 if (rs && !memcmp(rs->descriptor_digest,
2483 sd->signed_descriptor_digest, DIGEST_LEN))
2484 in_v3 = 1;
2485 }
2486 log(severity, LD_DIR,
2487 "Old descriptor for %s (published %s) %sin v2 ns, %sin v3 "
2488 "consensus. Last valid until %s; last served at %s.",
2489 id, published, in_v2 ? "" : "not ", in_v3 ? "" : "not ",
2490 last_valid_until, last_served_at);
2491 });
2492 }
2493 #endif
2494 }
2495
2496 /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
2497 * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
2498 * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
2499 * is not in <b>sl</b>. */
2500 static INLINE int
2501 _routerlist_find_elt(smartlist_t *sl, void *ri, int idx)
2502 {
2503 if (idx < 0) {
2504 idx = -1;
2505 SMARTLIST_FOREACH(sl, routerinfo_t *, r,
2506 if (r == ri) {
2507 idx = r_sl_idx;
2508 break;
2509 });
2510 } else {
2511 tor_assert(idx < smartlist_len(sl));
2512 tor_assert(smartlist_get(sl, idx) == ri);
2513 };
2514 return idx;
2515 }
2516
2517 /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
2518 * as needed. There must be no previous member of <b>rl</b> with the same
2519 * identity digest as <b>ri</b>: If there is, call routerlist_replace
2520 * instead.
2521 */
2522 static void
2523 routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
2524 {
2525 routerinfo_t *ri_old;
2526 {
2527 /* XXXX Remove if this slows us down. */
2528 routerinfo_t *ri_generated = router_get_my_routerinfo();
2529 tor_assert(ri_generated != ri);
2530 }
2531 tor_assert(ri->cache_info.routerlist_index == -1);
2532
2533 ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
2534 tor_assert(!ri_old);
2535 sdmap_set(rl->desc_digest_map, ri->cache_info.signed_descriptor_digest,
2536 &(ri->cache_info));
2537 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2538 sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
2539 &ri->cache_info);
2540 smartlist_add(rl->routers, ri);
2541 ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
2542 router_dir_info_changed();
2543 #ifdef DEBUG_ROUTERLIST
2544 routerlist_assert_ok(rl);
2545 #endif
2546 }
2547
2548 /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
2549 * corresponding router in rl-\>routers or rl-\>old_routers. Return true iff
2550 * we actually inserted <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
2551 static int
2552 extrainfo_insert(routerlist_t *rl, extrainfo_t *ei)
2553 {
2554 int r = 0;
2555 routerinfo_t *ri = rimap_get(rl->identity_map,
2556 ei->cache_info.identity_digest);
2557 signed_descriptor_t *sd =
2558 sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
2559 extrainfo_t *ei_tmp;
2560
2561 {
2562 /* XXXX remove this code if it slows us down. */
2563 extrainfo_t *ei_generated = router_get_my_extrainfo();
2564 tor_assert(ei_generated != ei);
2565 }
2566
2567 if (!ri) {
2568 /* This router is unknown; we can't even verify the signature. Give up.*/
2569 goto done;
2570 }
2571 if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, NULL)) {
2572 goto done;
2573 }
2574
2575 /* Okay, if we make it here, we definitely have a router corresponding to
2576 * this extrainfo. */
2577
2578 ei_tmp = eimap_set(rl->extra_info_map,
2579 ei->cache_info.signed_descriptor_digest,
2580 ei);
2581 r = 1;
2582 if (ei_tmp) {
2583 rl->extrainfo_store.bytes_dropped +=
2584 ei_tmp->cache_info.signed_descriptor_len;
2585 extrainfo_free(ei_tmp);
2586 }
2587
2588 done:
2589 if (r == 0)
2590 extrainfo_free(ei);
2591
2592 #ifdef DEBUG_ROUTERLIST
2593 routerlist_assert_ok(rl);
2594 #endif
2595 return r;
2596 }
2597
2598 #define should_cache_old_descriptors() \
2599 directory_caches_dir_info(get_options())
2600
2601 /** If we're a directory cache and routerlist <b>rl</b> doesn't have
2602 * a copy of router <b>ri</b> yet, add it to the list of old (not
2603 * recommended but still served) descriptors. Else free it. */
2604 static void
2605 routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
2606 {
2607 {
2608 /* XXXX remove this code if it slows us down. */
2609 routerinfo_t *ri_generated = router_get_my_routerinfo();
2610 tor_assert(ri_generated != ri);
2611 }
2612 tor_assert(ri->cache_info.routerlist_index == -1);
2613
2614 if (should_cache_old_descriptors() &&
2615 ri->purpose == ROUTER_PURPOSE_GENERAL &&
2616 !sdmap_get(rl->desc_digest_map,
2617 ri->cache_info.signed_descriptor_digest)) {
2618 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
2619 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2620 smartlist_add(rl->old_routers, sd);
2621 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2622 if (!tor_digest_is_zero(sd->extra_info_digest))
2623 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2624 } else {
2625 routerinfo_free(ri);
2626 }
2627 #ifdef DEBUG_ROUTERLIST
2628 routerlist_assert_ok(rl);
2629 #endif
2630 }
2631
2632 /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
2633 * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl-&gt;routers,
2634 * idx) == ri, we don't need to do a linear search over the list to decide
2635 * which to remove. We fill the gap in rl-&gt;routers with a later element in
2636 * the list, if any exists. <b>ri</b> is freed.
2637 *
2638 * If <b>make_old</b> is true, instead of deleting the router, we try adding
2639 * it to rl-&gt;old_routers. */
2640 void
2641 routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
2642 {
2643 routerinfo_t *ri_tmp;
2644 extrainfo_t *ei_tmp;
2645 int idx = ri->cache_info.routerlist_index;
2646 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2647 tor_assert(smartlist_get(rl->routers, idx) == ri);
2648
2649 /* make sure the rephist module knows that it's not running */
2650 rep_hist_note_router_unreachable(ri->cache_info.identity_digest, now);
2651
2652 ri->cache_info.routerlist_index = -1;
2653 smartlist_del(rl->routers, idx);
2654 if (idx < smartlist_len(rl->routers)) {
2655 routerinfo_t *r = smartlist_get(rl->routers, idx);
2656 r->cache_info.routerlist_index = idx;
2657 }
2658
2659 ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
2660 router_dir_info_changed();
2661 tor_assert(ri_tmp == ri);
2662
2663 if (make_old && should_cache_old_descriptors() &&
2664 ri->purpose == ROUTER_PURPOSE_GENERAL) {
2665 signed_descriptor_t *sd;
2666 sd = signed_descriptor_from_routerinfo(ri);
2667 smartlist_add(rl->old_routers, sd);
2668 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2669 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2670 if (!tor_digest_is_zero(sd->extra_info_digest))
2671 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2672 } else {
2673 signed_descriptor_t *sd_tmp;
2674 sd_tmp = sdmap_remove(rl->desc_digest_map,
2675 ri->cache_info.signed_descriptor_digest);
2676 tor_assert(sd_tmp == &(ri->cache_info));
2677 rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
2678 ei_tmp = eimap_remove(rl->extra_info_map,
2679 ri->cache_info.extra_info_digest);
2680 if (ei_tmp) {
2681 rl->extrainfo_store.bytes_dropped +=
2682 ei_tmp->cache_info.signed_descriptor_len;
2683 extrainfo_free(ei_tmp);
2684 }
2685 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2686 sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
2687 routerinfo_free(ri);
2688 }
2689 #ifdef DEBUG_ROUTERLIST
2690 routerlist_assert_ok(rl);
2691 #endif
2692 }
2693
2694 /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
2695 * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
2696 * <b>sd</b>. */
2697 static void
2698 routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
2699 {
2700 signed_descriptor_t *sd_tmp;
2701 extrainfo_t *ei_tmp;
2702 desc_store_t *store;
2703 if (idx == -1) {
2704 idx = sd->routerlist_index;
2705 }
2706 tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
2707 /* XXXX edmanm's bridge relay triggered the following assert while
2708 * running 0.2.0.12-alpha. If anybody triggers this again, see if we
2709 * can get a backtrace. */
2710 tor_assert(smartlist_get(rl->old_routers, idx) == sd);
2711 tor_assert(idx == sd->routerlist_index);
2712
2713 sd->routerlist_index = -1;
2714 smartlist_del(rl->old_routers, idx);
2715 if (idx < smartlist_len(rl->old_routers)) {
2716 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
2717 d->routerlist_index = idx;
2718 }
2719 sd_tmp = sdmap_remove(rl->desc_digest_map,
2720 sd->signed_descriptor_digest);
2721 tor_assert(sd_tmp == sd);
2722 store = desc_get_store(rl, sd);
2723 if (store)
2724 store->bytes_dropped += sd->signed_descriptor_len;
2725
2726 ei_tmp = eimap_remove(rl->extra_info_map,
2727 sd->extra_info_digest);
2728 if (ei_tmp) {
2729 rl->extrainfo_store.bytes_dropped +=
2730 ei_tmp->cache_info.signed_descriptor_len;
2731 extrainfo_free(ei_tmp);
2732 }
2733 if (!tor_digest_is_zero(sd->extra_info_digest))
2734 sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
2735
2736 signed_descriptor_free(sd);
2737 #ifdef DEBUG_ROUTERLIST
2738 routerlist_assert_ok(rl);
2739 #endif
2740 }
2741
2742 /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
2743 * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
2744 * smartlist_get(rl-&gt;routers, idx) == ri, we don't need to do a linear
2745 * search over the list to decide which to remove. We put ri_new in the same
2746 * index as ri_old, if possible. ri is freed as appropriate.
2747 *
2748 * If should_cache_descriptors() is true, instead of deleting the router,
2749 * we add it to rl-&gt;old_routers. */
2750 static void
2751 routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
2752 routerinfo_t *ri_new)
2753 {
2754 int idx;
2755
2756 routerinfo_t *ri_tmp;
2757 extrainfo_t *ei_tmp;
2758 {
2759 /* XXXX Remove this if it turns out to slow us down. */
2760 routerinfo_t *ri_generated = router_get_my_routerinfo();
2761 tor_assert(ri_generated != ri_new);
2762 }
2763 tor_assert(ri_old != ri_new);
2764 tor_assert(ri_new->cache_info.routerlist_index == -1);
2765
2766 idx = ri_old->cache_info.routerlist_index;
2767 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2768 tor_assert(smartlist_get(rl->routers, idx) == ri_old);
2769
2770 router_dir_info_changed();
2771 if (idx >= 0) {
2772 smartlist_set(rl->routers, idx, ri_new);
2773 ri_old->cache_info.routerlist_index = -1;
2774 ri_new->cache_info.routerlist_index = idx;
2775 /* Check that ri_old is not in rl->routers anymore: */
2776 tor_assert( _routerlist_find_elt(rl->routers, ri_old, -1) == -1 );
2777 } else {
2778 log_warn(LD_BUG, "Appending entry from routerlist_replace.");
2779 routerlist_insert(rl, ri_new);
2780 return;
2781 }
2782 if (memcmp(ri_old->cache_info.identity_digest,
2783 ri_new->cache_info.identity_digest, DIGEST_LEN)) {
2784 /* digests don't match; digestmap_set won't replace */
2785 rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
2786 }
2787 ri_tmp = rimap_set(rl->identity_map,
2788 ri_new->cache_info.identity_digest, ri_new);
2789 tor_assert(!ri_tmp || ri_tmp == ri_old);
2790 sdmap_set(rl->desc_digest_map,
2791 ri_new->cache_info.signed_descriptor_digest,
2792 &(ri_new->cache_info));
2793
2794 if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
2795 sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
2796 &ri_new->cache_info);
2797 }
2798
2799 if (should_cache_old_descriptors() &&
2800 ri_old->purpose == ROUTER_PURPOSE_GENERAL) {
2801 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
2802 smartlist_add(rl->old_routers, sd);
2803 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2804 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2805 if (!tor_digest_is_zero(sd->extra_info_digest))
2806 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2807 } else {
2808 if (memcmp(ri_old->cache_info.signed_descriptor_digest,
2809 ri_new->cache_info.signed_descriptor_digest,
2810 DIGEST_LEN)) {
2811 /* digests don't match; digestmap_set didn't replace */
2812 sdmap_remove(rl->desc_digest_map,
2813 ri_old->cache_info.signed_descriptor_digest);
2814 }
2815
2816 ei_tmp = eimap_remove(rl->extra_info_map,
2817 ri_old->cache_info.extra_info_digest);
2818 if (ei_tmp) {
2819 rl->extrainfo_store.bytes_dropped +=
2820 ei_tmp->cache_info.signed_descriptor_len;
2821 extrainfo_free(ei_tmp);
2822 }
2823 if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
2824 sdmap_remove(rl->desc_by_eid_map,
2825 ri_old->cache_info.extra_info_digest);
2826 }
2827 rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
2828 routerinfo_free(ri_old);
2829 }
2830 #ifdef DEBUG_ROUTERLIST
2831 routerlist_assert_ok(rl);
2832 #endif
2833 }
2834
2835 /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
2836 * it as a fresh routerinfo_t. */
2837 static routerinfo_t *
2838 routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
2839 {
2840 routerinfo_t *ri;
2841 const char *body;
2842
2843 body = signed_descriptor_get_annotations(sd);
2844
2845 ri = router_parse_entry_from_string(body,
2846 body+sd->signed_descriptor_len+sd->annotations_len,
2847 0, 1, NULL);
2848 if (!ri)
2849 return NULL;
2850 memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
2851 sd->signed_descriptor_body = NULL; /* Steal reference. */
2852 ri->cache_info.routerlist_index = -1;
2853
2854 routerlist_remove_old(rl, sd, -1);
2855
2856 return ri;
2857 }
2858
2859 /** Free all memory held by the routerlist module. */
2860 void
2861 routerlist_free_all(void)
2862 {
2863 routerlist_free(routerlist);
2864 routerlist = NULL;
2865 if (warned_nicknames) {
2866 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2867 smartlist_free(warned_nicknames);
2868 warned_nicknames = NULL;
2869 }
2870 if (trusted_dir_servers) {
2871 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
2872 trusted_dir_server_free(ds));
2873 smartlist_free(trusted_dir_servers);
2874 trusted_dir_servers = NULL;
2875 }
2876 if (trusted_dir_certs) {
2877 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
2878 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
2879 authority_cert_free(cert));
2880 smartlist_free(cl->certs);
2881 tor_free(cl);
2882 } DIGESTMAP_FOREACH_END;
2883 digestmap_free(trusted_dir_certs, NULL);
2884 trusted_dir_certs = NULL;
2885 }
2886 }
2887
2888 /** Forget that we have issued any router-related warnings, so that we'll
2889 * warn again if we see the same errors. */
2890 void
2891 routerlist_reset_warnings(void)
2892 {
2893 if (!warned_nicknames)
2894 warned_nicknames = smartlist_create();
2895 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2896 smartlist_clear(warned_nicknames); /* now the list is empty. */
2897
2898 networkstatus_reset_warnings();
2899 }
2900
2901 /** Mark the router with ID <b>digest</b> as running or non-running
2902 * in our routerlist. */
2903 void
2904 router_set_status(const char *digest, int up)
2905 {
2906 routerinfo_t *router;
2907 routerstatus_t *status;
2908 tor_assert(digest);
2909
2910 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
2911 if (!memcmp(d->digest, digest, DIGEST_LEN))
2912 d->is_running = up);
2913
2914 router = router_get_by_digest(digest);
2915 if (router) {
2916 log_debug(LD_DIR,"Marking router '%s/%s' as %s.",
2917 router->nickname, router->address, up ? "up" : "down");
2918 if (!up && router_is_me(router) && !we_are_hibernating())
2919 log_warn(LD_NET, "We just marked ourself as down. Are your external "
2920 "addresses reachable?");
2921 router->is_running = up;
2922 }
2923 status = router_get_consensus_status_by_id(digest);
2924 if (status && status->is_running != up) {
2925 status->is_running = up;
2926 control_event_networkstatus_changed_single(status);
2927 }
2928 router_dir_info_changed();
2929 }
2930
2931 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
2932 * older entries (if any) with the same key. Note: Callers should not hold
2933 * their pointers to <b>router</b> if this function fails; <b>router</b>
2934 * will either be inserted into the routerlist or freed. Similarly, even
2935 * if this call succeeds, they should not hold their pointers to
2936 * <b>router</b> after subsequent calls with other routerinfo's -- they
2937 * might cause the original routerinfo to get freed.
2938 *
2939 * Returns the status for the operation. Might set *<b>msg</b> if it wants
2940 * the poster of the router to know something.
2941 *
2942 * If <b>from_cache</b>, this descriptor came from our disk cache. If
2943 * <b>from_fetch</b>, we received it in response to a request we made.
2944 * (If both are false, that means it was uploaded to us as an auth dir
2945 * server or via the controller.)
2946 *
2947 * This function should be called *after*
2948 * routers_update_status_from_consensus_networkstatus; subsequently, you
2949 * should call router_rebuild_store and routerlist_descriptors_added.
2950 */
2951 was_router_added_t
2952 router_add_to_routerlist(routerinfo_t *router, const char **msg,
2953 int from_cache, int from_fetch)
2954 {
2955 const char *id_digest;
2956 int authdir = authdir_mode_handles_descs(get_options(), router->purpose);
2957 int authdir_believes_valid = 0;
2958 routerinfo_t *old_router;
2959 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2960 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2961 int in_consensus = 0;
2962
2963 tor_assert(msg);
2964
2965 if (!routerlist)
2966 router_get_routerlist();
2967
2968 id_digest = router->cache_info.identity_digest;
2969
2970 /* Make sure that we haven't already got this exact descriptor. */
2971 if (sdmap_get(routerlist->desc_digest_map,
2972 router->cache_info.signed_descriptor_digest)) {
2973 log_info(LD_DIR,
2974 "Dropping descriptor that we already have for router '%s'",
2975 router->nickname);
2976 *msg = "Router descriptor was not new.";
2977 routerinfo_free(router);
2978 return ROUTER_WAS_NOT_NEW;
2979 }
2980
2981 if (authdir) {
2982 if (authdir_wants_to_reject_router(router, msg,
2983 !from_cache && !from_fetch)) {
2984 tor_assert(*msg);
2985 routerinfo_free(router);
2986 return ROUTER_AUTHDIR_REJECTS;
2987 }
2988 authdir_believes_valid = router->is_valid;
2989 } else if (from_fetch) {
2990 /* Only check the descriptor digest against the network statuses when
2991 * we are receiving in response to a fetch. */
2992
2993 if (!signed_desc_digest_is_recognized(&router->cache_info) &&
2994 !routerinfo_is_a_configured_bridge(router)) {
2995 /* We asked for it, so some networkstatus must have listed it when we
2996 * did. Save it if we're a cache in case somebody else asks for it. */
2997 log_info(LD_DIR,
2998 "Received a no-longer-recognized descriptor for router '%s'",
2999 router->nickname);
3000 *msg = "Router descriptor is not referenced by any network-status.";
3001
3002 /* Only journal this desc if we'll be serving it. */
3003 if (!from_cache && should_cache_old_descriptors())
3004 signed_desc_append_to_journal(&router->cache_info,
3005 &routerlist->desc_store);
3006 routerlist_insert_old(routerlist, router);
3007 return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
3008 }
3009 }
3010
3011 /* We no longer need a router with this descriptor digest. */
3012 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3013 {
3014 routerstatus_t *rs =
3015 networkstatus_v2_find_entry(ns, router->cache_info.identity_digest);
3016 if (rs && !memcmp(rs->descriptor_digest,
3017 router->cache_info.signed_descriptor_digest,
3018 DIGEST_LEN))
3019 rs->need_to_mirror = 0;
3020 });
3021 if (consensus) {
3022 routerstatus_t *rs = networkstatus_vote_find_entry(consensus,
3023 router->cache_info.identity_digest);
3024 if (rs && !memcmp(rs->descriptor_digest,
3025 router->cache_info.signed_descriptor_digest,
3026 DIGEST_LEN)) {
3027 in_consensus = 1;
3028 rs->need_to_mirror = 0;
3029 }
3030 }
3031
3032 if (router->purpose == ROUTER_PURPOSE_GENERAL &&
3033 consensus && !in_consensus && !authdir) {
3034 /* If it's a general router not listed in the consensus, then don't
3035 * consider replacing the latest router with it. */
3036 if (!from_cache && should_cache_old_descriptors())
3037 signed_desc_append_to_journal(&router->cache_info,
3038 &routerlist->desc_store);
3039 routerlist_insert_old(routerlist, router);
3040 *msg = "Skipping router descriptor: not in consensus.";
3041 return ROUTER_NOT_IN_CONSENSUS;
3042 }
3043
3044 /* If we have a router with the same identity key, choose the newer one. */
3045 old_router = rimap_get(routerlist->identity_map,
3046 router->cache_info.identity_digest);
3047 if (old_router) {
3048 if (!in_consensus && (router->cache_info.published_on <=
3049 old_router->cache_info.published_on)) {
3050 /* Same key, but old. This one is not listed in the consensus. */
3051 log_debug(LD_DIR, "Skipping not-new descriptor for router '%s'",
3052 router->nickname);
3053 /* Only journal this desc if we'll be serving it. */
3054 if (!from_cache && should_cache_old_descriptors())
3055 signed_desc_append_to_journal(&router->cache_info,
3056 &routerlist->desc_store);
3057 routerlist_insert_old(routerlist, router);
3058 *msg = "Router descriptor was not new.";
3059 return ROUTER_WAS_NOT_NEW;
3060 } else {
3061 /* Same key, and either new, or listed in the consensus. */
3062 log_debug(LD_DIR, "Replacing entry for router '%s/%s' [%s]",
3063 router->nickname, old_router->nickname,
3064 hex_str(id_digest,DIGEST_LEN));
3065 if (router->addr == old_router->addr &&
3066 router->or_port == old_router->or_port) {
3067 /* these carry over when the address and orport are unchanged. */
3068 router->last_reachable = old_router->last_reachable;
3069 router->testing_since = old_router->testing_since;
3070 }
3071 routerlist_replace(routerlist, old_router, router);
3072 if (!from_cache) {
3073 signed_desc_append_to_journal(&router->cache_info,
3074 &routerlist->desc_store);
3075 }
3076 directory_set_dirty();
3077 *msg = authdir_believes_valid ? "Valid server updated" :
3078 ("Invalid server updated. (This dirserver is marking your "
3079 "server as unapproved.)");
3080 return ROUTER_ADDED_SUCCESSFULLY;
3081 }
3082 }
3083
3084 if (!in_consensus && from_cache &&
3085 router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
3086 *msg = "Router descriptor was really old.";
3087 routerinfo_free(router);
3088 return ROUTER_WAS_NOT_NEW;
3089 }
3090
3091 /* We haven't seen a router with this identity before. Add it to the end of
3092 * the list. */
3093 routerlist_insert(routerlist, router);
3094 if (!from_cache)
3095 signed_desc_append_to_journal(&router->cache_info,
3096 &routerlist->desc_store);
3097 directory_set_dirty();
3098 return ROUTER_ADDED_SUCCESSFULLY;
3099 }
3100
3101 /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
3102 * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
3103 * we actually inserted it, ROUTER_BAD_EI otherwise.
3104 */
3105 was_router_added_t
3106 router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
3107 int from_cache, int from_fetch)
3108 {
3109 int inserted;
3110 (void)from_fetch;
3111 if (msg) *msg = NULL;
3112 /*XXXX022 Do something with msg */
3113
3114 inserted = extrainfo_insert(router_get_routerlist(), ei);
3115
3116 if (inserted && !from_cache)
3117 signed_desc_append_to_journal(&ei->cache_info,
3118 &routerlist->extrainfo_store);
3119
3120 if (inserted)
3121 return ROUTER_ADDED_SUCCESSFULLY;
3122 else
3123 return ROUTER_BAD_EI;
3124 }
3125
3126 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
3127 * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
3128 * to, or later than that of *<b>b</b>. */
3129 static int
3130 _compare_old_routers_by_identity(const void **_a, const void **_b)
3131 {
3132 int i;
3133 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
3134 if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
3135 return i;
3136 return (int)(r1->published_on - r2->published_on);
3137 }
3138
3139 /** Internal type used to represent how long an old descriptor was valid,
3140 * where it appeared in the list of old descriptors, and whether it's extra
3141 * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
3142 struct duration_idx_t {
3143 int duration;
3144 int idx;
3145 int old;
3146 };
3147
3148 /** Sorting helper: compare two duration_idx_t by their duration. */
3149 static int
3150 _compare_duration_idx(const void *_d1, const void *_d2)
3151 {
3152 const struct duration_idx_t *d1 = _d1;
3153 const struct duration_idx_t *d2 = _d2;
3154 return d1->duration - d2->duration;
3155 }
3156
3157 /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
3158 * must contain routerinfo_t with the same identity and with publication time
3159 * in ascending order. Remove members from this range until there are no more
3160 * than max_descriptors_per_router() remaining. Start by removing the oldest
3161 * members from before <b>cutoff</b>, then remove members which were current
3162 * for the lowest amount of time. The order of members of old_routers at
3163 * indices <b>lo</b> or higher may be changed.
3164 */
3165 static void
3166 routerlist_remove_old_cached_routers_with_id(time_t now,
3167 time_t cutoff, int lo, int hi,
3168 digestset_t *retain)
3169 {
3170 int i, n = hi-lo+1;
3171 unsigned n_extra, n_rmv = 0;
3172 struct duration_idx_t *lifespans;
3173 uint8_t *rmv, *must_keep;
3174 smartlist_t *lst = routerlist->old_routers;
3175 #if 1
3176 const char *ident;
3177 tor_assert(hi < smartlist_len(lst));
3178 tor_assert(lo <= hi);
3179 ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
3180 for (i = lo+1; i <= hi; ++i) {
3181 signed_descriptor_t *r = smartlist_get(lst, i);
3182 tor_assert(!memcmp(ident, r->identity_digest, DIGEST_LEN));
3183 }
3184 #endif
3185 /* Check whether we need to do anything at all. */
3186 {
3187 int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
3188 if (n <= mdpr)
3189 return;
3190 n_extra = n - mdpr;
3191 }
3192
3193 lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
3194 rmv = tor_malloc_zero(sizeof(uint8_t)*n);
3195 must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
3196 /* Set lifespans to contain the lifespan and index of each server. */
3197 /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
3198 for (i = lo; i <= hi; ++i) {
3199 signed_descriptor_t *r = smartlist_get(lst, i);
3200 signed_descriptor_t *r_next;
3201 lifespans[i-lo].idx = i;
3202 if (r->last_listed_as_valid_until >= now ||
3203 (retain && digestset_isin(retain, r->signed_descriptor_digest))) {
3204 must_keep[i-lo] = 1;
3205 }
3206 if (i < hi) {
3207 r_next = smartlist_get(lst, i+1);
3208 tor_assert(r->published_on <= r_next->published_on);
3209 lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
3210 } else {
3211 r_next = NULL;
3212 lifespans[i-lo].duration = INT_MAX;
3213 }
3214 if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
3215 ++n_rmv;
3216 lifespans[i-lo].old = 1;
3217 rmv[i-lo] = 1;
3218 }
3219 }
3220
3221 if (n_rmv < n_extra) {
3222 /**
3223 * We aren't removing enough servers for being old. Sort lifespans by
3224 * the duration of liveness, and remove the ones we're not already going to
3225 * remove based on how long they were alive.
3226 **/
3227 qsort(lifespans, n, sizeof(struct duration_idx_t), _compare_duration_idx);
3228 for (i = 0; i < n && n_rmv < n_extra; ++i) {
3229 if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
3230 rmv[lifespans[i].idx-lo] = 1;
3231 ++n_rmv;
3232 }
3233 }
3234 }
3235
3236 i = hi;
3237 do {
3238 if (rmv[i-lo])
3239 routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
3240 } while (--i >= lo);
3241 tor_free(must_keep);
3242 tor_free(rmv);
3243 tor_free(lifespans);
3244 }
3245
3246 /** Deactivate any routers from the routerlist that are more than
3247 * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
3248 * remove old routers from the list of cached routers if we have too many.
3249 */
3250 void
3251 routerlist_remove_old_routers(void)
3252 {
3253 int i, hi=-1;
3254 const char *cur_id = NULL;
3255 time_t now = time(NULL);
3256 time_t cutoff;
3257 routerinfo_t *router;
3258 signed_descriptor_t *sd;
3259 digestset_t *retain;
3260 int caches = directory_caches_dir_info(get_options());
3261 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
3262 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3263 int have_enough_v2;
3264
3265 trusted_dirs_remove_old_certs();
3266
3267 if (!routerlist || !consensus)
3268 return;
3269
3270 // routerlist_assert_ok(routerlist);
3271
3272 /* We need to guess how many router descriptors we will wind up wanting to
3273 retain, so that we can be sure to allocate a large enough Bloom filter
3274 to hold the digest set. Overestimating is fine; underestimating is bad.
3275 */
3276 {
3277 /* We'll probably retain everything in the consensus. */
3278 int n_max_retain = smartlist_len(consensus->routerstatus_list);
3279 if (caches && networkstatus_v2_list) {
3280 /* If we care about v2 statuses, we'll retain at most as many as are
3281 listed any of the v2 statues. This will be at least the length of
3282 the largest v2 networkstatus, and in the worst case, this set will be
3283 equal to the sum of the lengths of all v2 consensuses. Take the
3284 worst case.
3285 */
3286 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3287 n_max_retain += smartlist_len(ns->entries));
3288 }
3289 retain = digestset_new(n_max_retain);
3290 }
3291
3292 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3293 /* Build a list of all the descriptors that _anybody_ lists. */
3294 if (caches && networkstatus_v2_list) {
3295 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3296 {
3297 /* XXXX The inner loop here gets pretty expensive, and actually shows up
3298 * on some profiles. It may be the reason digestmap_set shows up in
3299 * profiles too. If instead we kept a per-descriptor digest count of
3300 * how many networkstatuses recommended each descriptor, and changed
3301 * that only when the networkstatuses changed, that would be a speed
3302 * improvement, possibly 1-4% if it also removes digestmap_set from the
3303 * profile. Not worth it for 0.1.2.x, though. The new directory
3304 * system will obsolete this whole thing in 0.2.0.x. */
3305 SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
3306 if (rs->published_on >= cutoff)
3307 digestset_add(retain, rs->descriptor_digest));
3308 });
3309 }
3310
3311 /* Retain anything listed in the consensus. */
3312 if (consensus) {
3313 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
3314 if (rs->published_on >= cutoff)
3315 digestset_add(retain, rs->descriptor_digest));
3316 }
3317
3318 /* If we have a consensus, and nearly as many v2 networkstatuses as we want,
3319 * we should consider pruning current routers that are too old and that
3320 * nobody recommends. (If we don't have a consensus or enough v2
3321 * networkstatuses, then we should get more before we decide to kill
3322 * routers.) */
3323 /* we set this to true iff we don't care about v2 info, or we have enough. */
3324 have_enough_v2 = !caches ||
3325 (networkstatus_v2_list &&
3326 smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
3327
3328 if (have_enough_v2 && consensus) {
3329 cutoff = now - ROUTER_MAX_AGE;
3330 /* Remove too-old unrecommended members of routerlist->routers. */
3331 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
3332 router = smartlist_get(routerlist->routers, i);
3333 if (router->cache_info.published_on <= cutoff &&
3334 router->cache_info.last_listed_as_valid_until < now &&
3335 !digestset_isin(retain,
3336 router->cache_info.signed_descriptor_digest)) {
3337 /* Too old: remove it. (If we're a cache, just move it into
3338 * old_routers.) */
3339 log_info(LD_DIR,
3340 "Forgetting obsolete (too old) routerinfo for router '%s'",
3341 router->nickname);
3342 routerlist_remove(routerlist, router, 1, now);
3343 i--;
3344 }
3345 }
3346 }
3347
3348 //routerlist_assert_ok(routerlist);
3349
3350 /* Remove far-too-old members of routerlist->old_routers. */
3351 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3352 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3353 sd = smartlist_get(routerlist->old_routers, i);
3354 if (sd->published_on <= cutoff &&
3355 sd->last_listed_as_valid_until < now &&
3356 !digestset_isin(retain, sd->signed_descriptor_digest)) {
3357 /* Too old. Remove it. */
3358 routerlist_remove_old(routerlist, sd, i--);
3359 }
3360 }
3361
3362 //routerlist_assert_ok(routerlist);
3363
3364 log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
3365 smartlist_len(routerlist->routers),
3366 smartlist_len(routerlist->old_routers));
3367
3368 /* Now we might have to look at routerlist->old_routers for extraneous
3369 * members. (We'd keep all the members if we could, but we need to save
3370 * space.) First, check whether we have too many router descriptors, total.
3371 * We're okay with having too many for some given router, so long as the
3372 * total number doesn't approach max_descriptors_per_router()*len(router).
3373 */
3374 if (smartlist_len(routerlist->old_routers) <
3375 smartlist_len(routerlist->routers))
3376 goto done;
3377
3378 /* Sort by identity, then fix indices. */
3379 smartlist_sort(routerlist->old_routers, _compare_old_routers_by_identity);
3380 /* Fix indices. */
3381 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3382 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3383 r->routerlist_index = i;
3384 }
3385
3386 /* Iterate through the list from back to front, so when we remove descriptors
3387 * we don't mess up groups we haven't gotten to. */
3388 for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
3389 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3390 if (!cur_id) {
3391 cur_id = r->identity_digest;
3392 hi = i;
3393 }
3394 if (memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
3395 routerlist_remove_old_cached_routers_with_id(now,
3396 cutoff, i+1, hi, retain);
3397 cur_id = r->identity_digest;
3398 hi = i;
3399 }
3400 }
3401 if (hi>=0)
3402 routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
3403 //routerlist_assert_ok(routerlist);
3404
3405 done:
3406 digestset_free(retain);
3407 router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
3408 router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
3409 }
3410
3411 /** We just added a new set of descriptors. Take whatever extra steps
3412 * we need. */
3413 static void
3414 routerlist_descriptors_added(smartlist_t *sl, int from_cache)
3415 {
3416 tor_assert(sl);
3417 control_event_descriptors_changed(sl);
3418 SMARTLIST_FOREACH(sl, routerinfo_t *, ri,
3419 if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
3420 learned_bridge_descriptor(ri, from_cache);
3421 );
3422 }
3423
3424 /**
3425 * Code to parse a single router descriptor and insert it into the
3426 * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
3427 * descriptor was well-formed but could not be added; and 1 if the
3428 * descriptor was added.
3429 *
3430 * If we don't add it and <b>msg</b> is not NULL, then assign to
3431 * *<b>msg</b> a static string describing the reason for refusing the
3432 * descriptor.
3433 *
3434 * This is used only by the controller.
3435 */
3436 int
3437 router_load_single_router(const char *s, uint8_t purpose, int cache,
3438 const char **msg)
3439 {
3440 routerinfo_t *ri;
3441 was_router_added_t r;
3442 smartlist_t *lst;
3443 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
3444 tor_assert(msg);
3445 *msg = NULL;
3446
3447 tor_snprintf(annotation_buf, sizeof(annotation_buf),
3448 "@source controller\n"
3449 "@purpose %s\n", router_purpose_to_string(purpose));
3450
3451 if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
3452 log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
3453 *msg = "Couldn't parse router descriptor.";
3454 return -1;
3455 }
3456 tor_assert(ri->purpose == purpose);
3457 if (router_is_me(ri)) {
3458 log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
3459 *msg = "Router's identity key matches mine.";
3460 routerinfo_free(ri);
3461 return 0;
3462 }
3463
3464 if (!cache) /* obey the preference of the controller */
3465 ri->cache_info.do_not_cache = 1;
3466
3467 lst = smartlist_create();
3468 smartlist_add(lst, ri);
3469 routers_update_status_from_consensus_networkstatus(lst, 0);
3470
3471 r = router_add_to_routerlist(ri, msg, 0, 0);
3472 if (!WRA_WAS_ADDED(r)) {
3473 /* we've already assigned to *msg now, and ri is already freed */
3474 tor_assert(*msg);
3475 if (r == ROUTER_AUTHDIR_REJECTS)
3476 log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
3477 smartlist_free(lst);
3478 return 0;
3479 } else {
3480 routerlist_descriptors_added(lst, 0);
3481 smartlist_free(lst);
3482 log_debug(LD_DIR, "Added router to list");
3483 return 1;
3484 }
3485 }
3486
3487 /** Given a string <b>s</b> containing some routerdescs, parse it and put the
3488 * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
3489 * are in response to a query to the network: cache them by adding them to
3490 * the journal.
3491 *
3492 * Return the number of routers actually added.
3493 *
3494 * If <b>requested_fingerprints</b> is provided, it must contain a list of
3495 * uppercased fingerprints. Do not update any router whose
3496 * fingerprint is not on the list; after updating a router, remove its
3497 * fingerprint from the list.
3498 *
3499 * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
3500 * are descriptor digests. Otherwise they are identity digests.
3501 */
3502 int
3503 router_load_routers_from_string(const char *s, const char *eos,
3504 saved_location_t saved_location,
3505 smartlist_t *requested_fingerprints,
3506 int descriptor_digests,
3507 const char *prepend_annotations)
3508 {
3509 smartlist_t *routers = smartlist_create(), *changed = smartlist_create();
3510 char fp[HEX_DIGEST_LEN+1];
3511 const char *msg;
3512 int from_cache = (saved_location != SAVED_NOWHERE);
3513 int allow_annotations = (saved_location != SAVED_NOWHERE);
3514 int any_changed = 0;
3515
3516 router_parse_list_from_string(&s, eos, routers, saved_location, 0,
3517 allow_annotations, prepend_annotations);
3518
3519 routers_update_status_from_consensus_networkstatus(routers, !from_cache);
3520
3521 log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
3522
3523 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
3524 was_router_added_t r;
3525 char d[DIGEST_LEN];
3526 if (requested_fingerprints) {
3527 base16_encode(fp, sizeof(fp), descriptor_digests ?
3528 ri->cache_info.signed_descriptor_digest :
3529 ri->cache_info.identity_digest,
3530 DIGEST_LEN);
3531 if (smartlist_string_isin(requested_fingerprints, fp)) {
3532 smartlist_string_remove(requested_fingerprints, fp);
3533 } else {
3534 char *requested =
3535 smartlist_join_strings(requested_fingerprints," ",0,NULL);
3536 log_warn(LD_DIR,
3537 "We received a router descriptor with a fingerprint (%s) "
3538 "that we never requested. (We asked for: %s.) Dropping.",
3539 fp, requested);
3540 tor_free(requested);
3541 routerinfo_free(ri);
3542 continue;
3543 }
3544 }
3545
3546 memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
3547 r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
3548 if (WRA_WAS_ADDED(r)) {
3549 any_changed++;
3550 smartlist_add(changed, ri);
3551 routerlist_descriptors_added(changed, from_cache);
3552 smartlist_clear(changed);
3553 } else if (WRA_WAS_REJECTED(r)) {
3554 download_status_t *dl_status;
3555 dl_status = router_get_dl_status_by_descriptor_digest(d);
3556 if (dl_status) {
3557 log_info(LD_GENERAL, "Marking router %s as never downloadable",
3558 hex_str(d, DIGEST_LEN));
3559 download_status_mark_impossible(dl_status);
3560 }
3561 }
3562 } SMARTLIST_FOREACH_END(ri);
3563
3564 routerlist_assert_ok(routerlist);
3565
3566 if (any_changed)
3567 router_rebuild_store(0, &routerlist->desc_store);
3568
3569 smartlist_free(routers);
3570 smartlist_free(changed);
3571
3572 return any_changed;
3573 }
3574
3575 /** Parse one or more extrainfos from <b>s</b> (ending immediately before
3576 * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
3577 * router_load_routers_from_string(). */
3578 void
3579 router_load_extrainfo_from_string(const char *s, const char *eos,
3580 saved_location_t saved_location,
3581 smartlist_t *requested_fingerprints,
3582 int descriptor_digests)
3583 {
3584 smartlist_t *extrainfo_list = smartlist_create();
3585 const char *msg;
3586 int from_cache = (saved_location != SAVED_NOWHERE);
3587
3588 router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
3589 NULL);
3590
3591 log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
3592
3593 SMARTLIST_FOREACH(extrainfo_list, extrainfo_t *, ei, {
3594 was_router_added_t added =
3595 router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
3596 if (WRA_WAS_ADDED(added) && requested_fingerprints) {
3597 char fp[HEX_DIGEST_LEN+1];
3598 base16_encode(fp, sizeof(fp), descriptor_digests ?
3599 ei->cache_info.signed_descriptor_digest :
3600 ei->cache_info.identity_digest,
3601 DIGEST_LEN);
3602 smartlist_string_remove(requested_fingerprints, fp);
3603 /* We silently let people stuff us with extrainfos we didn't ask for,
3604 * so long as we would have wanted them anyway. Since we always fetch
3605 * all the extrainfos we want, and we never actually act on them
3606 * inside Tor, this should be harmless. */
3607 }
3608 });
3609
3610 routerlist_assert_ok(routerlist);
3611 router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
3612
3613 smartlist_free(extrainfo_list);
3614 }
3615
3616 /** Return true iff any networkstatus includes a descriptor whose digest
3617 * is that of <b>desc</b>. */
3618 static int
3619 signed_desc_digest_is_recognized(signed_descriptor_t *desc)
3620 {
3621 routerstatus_t *rs;
3622 networkstatus_t *consensus = networkstatus_get_latest_consensus();
3623 int caches = directory_caches_dir_info(get_options());
3624 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3625
3626 if (consensus) {
3627 rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
3628 if (rs && !memcmp(rs->descriptor_digest,
3629 desc->signed_descriptor_digest, DIGEST_LEN))
3630 return 1;
3631 }
3632 if (caches && networkstatus_v2_list) {
3633 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3634 {
3635 if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
3636 continue;
3637 if (!memcmp(rs->descriptor_digest,
3638 desc->signed_descriptor_digest, DIGEST_LEN))
3639 return 1;
3640 });
3641 }
3642 return 0;
3643 }
3644
3645 /** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
3646 * give it all a try again. */
3647 void
3648 routerlist_retry_directory_downloads(time_t now)
3649 {
3650 router_reset_status_download_failures();
3651 router_reset_descriptor_download_failures();
3652 update_networkstatus_downloads(now);
3653 update_router_descriptor_downloads(now);
3654 }
3655
3656 /** Return 1 if all running sufficiently-stable routers will reject
3657 * addr:port, return 0 if any might accept it. */
3658 int
3659 router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
3660 int need_uptime)
3661 {
3662 addr_policy_result_t r;
3663 if (!routerlist) return 1;
3664
3665 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
3666 {
3667 if (router->is_running &&
3668 !router_is_unreliable(router, need_uptime, 0, 0)) {
3669 r = compare_addr_to_addr_policy(addr, port, router->exit_policy);
3670 if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
3671 return 0; /* this one could be ok. good enough. */
3672 }
3673 });
3674 return 1; /* all will reject. */
3675 }
3676
3677 /** Return true iff <b>router</b> does not permit exit streams.
3678 */
3679 int
3680 router_exit_policy_rejects_all(routerinfo_t *router)
3681 {
3682 return router->policy_is_reject_star;
3683 }
3684
3685 /** Add to the list of authoritative directory servers one at
3686 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. If
3687 * <b>address</b> is NULL, add ourself. Return the new trusted directory
3688 * server entry on success or NULL if we couldn't add it. */
3689 trusted_dir_server_t *
3690 add_trusted_dir_server(const char *nickname, const char *address,
3691 uint16_t dir_port, uint16_t or_port,
3692 const char *digest, const char *v3_auth_digest,
3693 authority_type_t type)
3694 {
3695 trusted_dir_server_t *ent;
3696 uint32_t a;
3697 char *hostname = NULL;
3698 size_t dlen;
3699 if (!trusted_dir_servers)
3700 trusted_dir_servers = smartlist_create();
3701
3702 if (!address) { /* The address is us; we should guess. */
3703 if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) {
3704 log_warn(LD_CONFIG,
3705 "Couldn't find a suitable address when adding ourself as a "
3706 "trusted directory server.");
3707 return NULL;
3708 }
3709 } else {
3710 if (tor_lookup_hostname(address, &a)) {
3711 log_warn(LD_CONFIG,
3712 "Unable to lookup address for directory server at '%s'",
3713 address);
3714 return NULL;
3715 }
3716 hostname = tor_strdup(address);
3717 }
3718
3719 ent = tor_malloc_zero(sizeof(trusted_dir_server_t));
3720 ent->nickname = nickname ? tor_strdup(nickname) : NULL;
3721 ent->address = hostname;
3722 ent->addr = a;
3723 ent->dir_port = dir_port;
3724 ent->or_port = or_port;
3725 ent->is_running = 1;
3726 ent->type = type;
3727 memcpy(ent->digest, digest, DIGEST_LEN);
3728 if (v3_auth_digest && (type & V3_AUTHORITY))
3729 memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
3730
3731 dlen = 64 + strlen(hostname) + (nickname?strlen(nickname):0);
3732 ent->description = tor_malloc(dlen);
3733 if (nickname)
3734 tor_snprintf(ent->description, dlen, "directory server \"%s\" at %s:%d",
3735 nickname, hostname, (int)dir_port);
3736 else
3737 tor_snprintf(ent->description, dlen, "directory server at %s:%d",
3738 hostname, (int)dir_port);
3739
3740 ent->fake_status.addr = ent->addr;
3741 memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
3742 if (nickname)
3743 strlcpy(ent->fake_status.nickname, nickname,
3744 sizeof(ent->fake_status.nickname));
3745 else
3746 ent->fake_status.nickname[0] = '\0';
3747 ent->fake_status.dir_port = ent->dir_port;
3748 ent->fake_status.or_port = ent->or_port;
3749
3750 if (ent->or_port)
3751 ent->fake_status.version_supports_begindir = 1;
3752 /* XX021 - wait until authorities are upgraded */
3753 #if 0
3754 ent->fake_status.version_supports_conditional_consensus = 1;
3755 #else
3756 ent->fake_status.version_supports_conditional_consensus = 0;
3757 #endif
3758
3759 smartlist_add(trusted_dir_servers, ent);
3760 router_dir_info_changed();
3761 return ent;
3762 }
3763
3764 /** Free storage held in <b>cert</b>. */
3765 void
3766 authority_cert_free(authority_cert_t *cert)
3767 {
3768 if (!cert)
3769 return;
3770
3771 tor_free(cert->cache_info.signed_descriptor_body);
3772 crypto_free_pk_env(cert->signing_key);
3773 crypto_free_pk_env(cert->identity_key);
3774
3775 tor_free(cert);
3776 }
3777
3778 /** Free storage held in <b>ds</b>. */
3779 static void
3780 trusted_dir_server_free(trusted_dir_server_t *ds)
3781 {
3782 if (!ds)
3783 return;
3784
3785 tor_free(ds->nickname);
3786 tor_free(ds->description);
3787 tor_free(ds->address);
3788 tor_free(ds);
3789 }
3790
3791 /** Remove all members from the list of trusted dir servers. */
3792 void
3793 clear_trusted_dir_servers(void)
3794 {
3795 if (trusted_dir_servers) {
3796 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
3797 trusted_dir_server_free(ent));
3798 smartlist_clear(trusted_dir_servers);
3799 } else {
3800 trusted_dir_servers = smartlist_create();
3801 }
3802 router_dir_info_changed();
3803 }
3804
3805 /** Return 1 if any trusted dir server supports v1 directories,
3806 * else return 0. */
3807 int
3808 any_trusted_dir_is_v1_authority(void)
3809 {
3810 if (trusted_dir_servers)
3811 return get_n_authorities(V1_AUTHORITY) > 0;
3812
3813 return 0;
3814 }
3815
3816 /** For every current directory connection whose purpose is <b>purpose</b>,
3817 * and where the resource being downloaded begins with <b>prefix</b>, split
3818 * rest of the resource into base16 fingerprints, decode them, and set the
3819 * corresponding elements of <b>result</b> to a nonzero value. */
3820 static void
3821 list_pending_downloads(digestmap_t *result,
3822 int purpose, const char *prefix)
3823 {
3824 const size_t p_len = strlen(prefix);
3825 smartlist_t *tmp = smartlist_create();
3826 smartlist_t *conns = get_connection_array();
3827
3828 tor_assert(result);
3829
3830 SMARTLIST_FOREACH(conns, connection_t *, conn,
3831 {
3832 if (conn->type == CONN_TYPE_DIR &&
3833 conn->purpose == purpose &&
3834 !conn->marked_for_close) {
3835 const char *resource = TO_DIR_CONN(conn)->requested_resource;
3836 if (!strcmpstart(resource, prefix))
3837 dir_split_resource_into_fingerprints(resource + p_len,
3838 tmp, NULL, DSR_HEX);
3839 }
3840 });
3841 SMARTLIST_FOREACH(tmp, char *, d,
3842 {
3843 digestmap_set(result, d, (void*)1);
3844 tor_free(d);
3845 });
3846 smartlist_free(tmp);
3847 }
3848
3849 /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
3850 * true) we are currently downloading by descriptor digest, set result[d] to
3851 * (void*)1. */
3852 static void
3853 list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
3854 {
3855 int purpose =
3856 extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
3857 list_pending_downloads(result, purpose, "d/");
3858 }
3859
3860 /** Launch downloads for all the descriptors whose digests are listed
3861 * as digests[i] for lo <= i < hi. (Lo and hi may be out of range.)
3862 * If <b>source</b> is given, download from <b>source</b>; otherwise,
3863 * download from an appropriate random directory server.
3864 */
3865 static void
3866 initiate_descriptor_downloads(routerstatus_t *source,
3867 int purpose,
3868 smartlist_t *digests,
3869 int lo, int hi, int pds_flags)
3870 {
3871 int i, n = hi-lo;
3872 char *resource, *cp;
3873 size_t r_len;
3874 if (n <= 0)
3875 return;
3876 if (lo < 0)
3877 lo = 0;
3878 if (hi > smartlist_len(digests))
3879 hi = smartlist_len(digests);
3880
3881 r_len = 8 + (HEX_DIGEST_LEN+1)*n;
3882 cp = resource = tor_malloc(r_len);
3883 memcpy(cp, "d/", 2);
3884 cp += 2;
3885 for (i = lo; i < hi; ++i) {
3886 base16_encode(cp, r_len-(cp-resource),
3887 smartlist_get(digests,i), DIGEST_LEN);
3888 cp += HEX_DIGEST_LEN;
3889 *cp++ = '+';
3890 }
3891 memcpy(cp-1, ".z", 3);
3892
3893 if (source) {
3894 /* We know which authority we want. */
3895 directory_initiate_command_routerstatus(source, purpose,
3896 ROUTER_PURPOSE_GENERAL,
3897 0, /* not private */
3898 resource, NULL, 0, 0);
3899 } else {
3900 directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
3901 pds_flags);
3902 }
3903 tor_free(resource);
3904 }
3905
3906 /** Return 0 if this routerstatus is obsolete, too new, isn't
3907 * running, or otherwise not a descriptor that we would make any
3908 * use of even if we had it. Else return 1. */
3909 static INLINE int
3910 client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
3911 {
3912 if (!rs->is_running && !options->FetchUselessDescriptors) {
3913 /* If we had this router descriptor, we wouldn't even bother using it.
3914 * But, if we want to have a complete list, fetch it anyway. */
3915 return 0;
3916 }
3917 if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
3918 > now) {
3919 /* Most caches probably don't have this descriptor yet. */
3920 return 0;
3921 }
3922 if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
3923 /* We'd drop it immediately for being too old. */
3924 return 0;
3925 }
3926 return 1;
3927 }
3928
3929 /** Max amount of hashes to download per request.
3930 * Since squid does not like URLs >= 4096 bytes we limit it to 96.
3931 * 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
3932 * 4058/41 (40 for the hash and 1 for the + that separates them) => 98
3933 * So use 96 because it's a nice number.
3934 */
3935 #define MAX_DL_PER_REQUEST 96
3936 /** Don't split our requests so finely that we are requesting fewer than
3937 * this number per server. */
3938 #define MIN_DL_PER_REQUEST 4
3939 /** To prevent a single screwy cache from confusing us by selective reply,
3940 * try to split our requests into at least this this many requests. */
3941 #define MIN_REQUESTS 3
3942 /** If we want fewer than this many descriptors, wait until we
3943 * want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
3944 * passed. */
3945 #define MAX_DL_TO_DELAY 16
3946 /** When directory clients have only a few servers to request, they batch
3947 * them until they have more, or until this amount of time has passed. */
3948 #define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
3949
3950 /** Given a list of router descriptor digests in <b>downloadable</b>, decide
3951 * whether to delay fetching until we have more. If we don't want to delay,
3952 * launch one or more requests to the appropriate directory authorities. */
3953 static void
3954 launch_router_descriptor_downloads(smartlist_t *downloadable, time_t now)
3955 {
3956 int should_delay = 0, n_downloadable;
3957 or_options_t *options = get_options();
3958
3959 n_downloadable = smartlist_len(downloadable);
3960 if (!directory_fetches_dir_info_early(options)) {
3961 if (n_downloadable >= MAX_DL_TO_DELAY) {
3962 log_debug(LD_DIR,
3963 "There are enough downloadable routerdescs to launch requests.");
3964 should_delay = 0;
3965 } else {
3966 should_delay = (last_routerdesc_download_attempted +
3967 MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
3968 if (!should_delay && n_downloadable) {
3969 if (last_routerdesc_download_attempted) {
3970 log_info(LD_DIR,
3971 "There are not many downloadable routerdescs, but we've "
3972 "been waiting long enough (%d seconds). Downloading.",
3973 (int)(now-last_routerdesc_download_attempted));
3974 } else {
3975 log_info(LD_DIR,
3976 "There are not many downloadable routerdescs, but we haven't "
3977 "tried downloading descriptors recently. Downloading.");
3978 }
3979 }
3980 }
3981 }
3982 /* XXX should we consider having even the dir mirrors delay
3983 * a little bit, so we don't load the authorities as much? -RD
3984 * I don't think so. If we do, clients that want those descriptors may
3985 * not actually find them if the caches haven't got them yet. -NM
3986 */
3987
3988 if (! should_delay && n_downloadable) {
3989 int i, n_per_request;
3990 const char *req_plural = "", *rtr_plural = "";
3991 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
3992 if (! authdir_mode_any_nonhidserv(options)) {
3993 /* If we wind up going to the authorities, we want to only open one
3994 * connection to each authority at a time, so that we don't overload
3995 * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
3996 * regardless of whether we're a cache or not; it gets ignored if we're
3997 * not calling router_pick_trusteddirserver.
3998 *
3999 * Setting this flag can make initiate_descriptor_downloads() ignore
4000 * requests. We need to make sure that we do in fact call
4001 * update_router_descriptor_downloads() later on, once the connections
4002 * have succeeded or failed.
4003 */
4004 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH;
4005 }
4006
4007 n_per_request = (n_downloadable+MIN_REQUESTS-1) / MIN_REQUESTS;
4008 if (n_per_request > MAX_DL_PER_REQUEST)
4009 n_per_request = MAX_DL_PER_REQUEST;
4010 if (n_per_request < MIN_DL_PER_REQUEST)
4011 n_per_request = MIN_DL_PER_REQUEST;
4012
4013 if (n_downloadable > n_per_request)
4014 req_plural = rtr_plural = "s";
4015 else if (n_downloadable > 1)
4016 rtr_plural = "s";
4017
4018 log_info(LD_DIR,
4019 "Launching %d request%s for %d router%s, %d at a time",
4020 (n_downloadable+n_per_request-1)/n_per_request,
4021 req_plural, n_downloadable, rtr_plural, n_per_request);
4022 smartlist_sort_digests(downloadable);
4023 for (i=0; i < n_downloadable; i += n_per_request) {
4024 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_SERVERDESC,
4025 downloadable, i, i+n_per_request,
4026 pds_flags);
4027 }
4028 last_routerdesc_download_attempted = now;
4029 }
4030 }
4031
4032 /** Launch downloads for router status as needed, using the strategy used by
4033 * authorities and caches: based on the v2 networkstatuses we have, download
4034 * every descriptor we don't have but would serve, from a random authority
4035 * that lists it. */
4036 static void
4037 update_router_descriptor_cache_downloads_v2(time_t now)
4038 {
4039 smartlist_t **downloadable; /* For each authority, what can we dl from it? */
4040 smartlist_t **download_from; /* ... and, what will we dl from it? */
4041 digestmap_t *map; /* Which descs are in progress, or assigned? */
4042 int i, j, n;
4043 int n_download;
4044 or_options_t *options = get_options();
4045 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4046
4047 if (! directory_fetches_dir_info_early(options)) {
4048 log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
4049 "on a non-dir-mirror?");
4050 }
4051
4052 if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
4053 return;
4054
4055 map = digestmap_new();
4056 n = smartlist_len(networkstatus_v2_list);
4057
4058 downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
4059 download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
4060
4061 /* Set map[d]=1 for the digest of every descriptor that we are currently
4062 * downloading. */
4063 list_pending_descriptor_downloads(map, 0);
4064
4065 /* For the digest of every descriptor that we don't have, and that we aren't
4066 * downloading, add d to downloadable[i] if the i'th networkstatus knows
4067 * about that descriptor, and we haven't already failed to get that
4068 * descriptor from the corresponding authority.
4069 */
4070 n_download = 0;
4071 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
4072 {
4073 trusted_dir_server_t *ds;
4074 smartlist_t *dl;
4075 dl = downloadable[ns_sl_idx] = smartlist_create();
4076 download_from[ns_sl_idx] = smartlist_create();
4077 if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
4078 /* Don't download if the networkstatus is almost ancient. */
4079 /* Actually, I suspect what's happening here is that we ask
4080 * for the descriptor when we have a given networkstatus,
4081 * and then we get a newer networkstatus, and then we receive
4082 * the descriptor. Having a networkstatus actually expire is
4083 * probably a rare event, and we'll probably be happiest if
4084 * we take this clause out. -RD */
4085 continue;
4086 }
4087
4088 /* Don't try dirservers that we think are down -- we might have
4089 * just tried them and just marked them as down. */
4090 ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
4091 if (ds && !ds->is_running)
4092 continue;
4093
4094 SMARTLIST_FOREACH(ns->entries, routerstatus_t * , rs,
4095 {
4096 if (!rs->need_to_mirror)
4097 continue;
4098 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4099 log_warn(LD_BUG,
4100 "We have a router descriptor, but need_to_mirror=1.");
4101 rs->need_to_mirror = 0;
4102 continue;
4103 }
4104 if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
4105 rs->need_to_mirror = 0;
4106 continue;
4107 }
4108 if (digestmap_get(map, rs->descriptor_digest)) {
4109 /* We're downloading it already. */
4110 continue;
4111 } else {
4112 /* We could download it from this guy. */
4113 smartlist_add(dl, rs->descriptor_digest);
4114 ++n_download;
4115 }
4116 });
4117 });
4118
4119 /* At random, assign descriptors to authorities such that:
4120 * - if d is a member of some downloadable[x], d is a member of some
4121 * download_from[y]. (Everything we want to download, we try to download
4122 * from somebody.)
4123 * - If d is a member of download_from[y], d is a member of downloadable[y].
4124 * (We only try to download descriptors from authorities who claim to have
4125 * them.)
4126 * - No d is a member of download_from[x] and download_from[y] s.t. x != y.
4127 * (We don't try to download anything from two authorities concurrently.)
4128 */
4129 while (n_download) {
4130 int which_ns = crypto_rand_int(n);
4131 smartlist_t *dl = downloadable[which_ns];
4132 int idx;
4133 char *d;
4134 if (!smartlist_len(dl))
4135 continue;
4136 idx = crypto_rand_int(smartlist_len(dl));
4137 d = smartlist_get(dl, idx);
4138 if (! digestmap_get(map, d)) {
4139 smartlist_add(download_from[which_ns], d);
4140 digestmap_set(map, d, (void*) 1);
4141 }
4142 smartlist_del(dl, idx);
4143 --n_download;
4144 }
4145
4146 /* Now, we can actually launch our requests. */
4147 for (i=0; i<n; ++i) {
4148 networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
4149 trusted_dir_server_t *ds =
4150 router_get_trusteddirserver_by_digest(ns->identity_digest);
4151 smartlist_t *dl = download_from[i];
4152 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4153 if (! authdir_mode_any_nonhidserv(options))
4154 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
4155
4156 if (!ds) {
4157 log_warn(LD_BUG, "Networkstatus with no corresponding authority!");
4158 continue;
4159 }
4160 if (! smartlist_len(dl))
4161 continue;
4162 log_info(LD_DIR, "Requesting %d descriptors from authority \"%s\"",
4163 smartlist_len(dl), ds->nickname);
4164 for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
4165 initiate_descriptor_downloads(&(ds->fake_status),
4166 DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
4167 j+MAX_DL_PER_REQUEST, pds_flags);
4168 }
4169 }
4170
4171 for (i=0; i<n; ++i) {
4172 smartlist_free(download_from[i]);
4173 smartlist_free(downloadable[i]);
4174 }
4175 tor_free(download_from);
4176 tor_free(downloadable);
4177 digestmap_free(map,NULL);
4178 }
4179
4180 /** For any descriptor that we want that's currently listed in the live
4181 * consensus, download it as appropriate. */
4182 static void
4183 update_consensus_router_descriptor_downloads(time_t now)
4184 {
4185 or_options_t *options = get_options();
4186 digestmap_t *map = NULL;
4187 smartlist_t *no_longer_old = smartlist_create();
4188 smartlist_t *downloadable = smartlist_create();
4189 int authdir = authdir_mode(options);
4190 networkstatus_t *consensus =
4191 networkstatus_get_reasonably_live_consensus(now);
4192 int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
4193 n_inprogress=0, n_in_oldrouters=0;
4194
4195 if (directory_too_idle_to_fetch_descriptors(options, now))
4196 goto done;
4197 if (!consensus)
4198 goto done;
4199
4200 map = digestmap_new();
4201 list_pending_descriptor_downloads(map, 0);
4202 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4203 {
4204 signed_descriptor_t *sd;
4205 if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
4206 routerinfo_t *ri;
4207 ++n_have;
4208 if (!(ri = router_get_by_digest(rs->identity_digest)) ||
4209 memcmp(ri->cache_info.signed_descriptor_digest,
4210 sd->signed_descriptor_digest, DIGEST_LEN)) {
4211 /* We have a descriptor with this digest, but either there is no
4212 * entry in routerlist with the same ID (!ri), or there is one,
4213 * but the identity digest differs (memcmp).
4214 */
4215 smartlist_add(no_longer_old, sd);
4216 ++n_in_oldrouters; /* We have it in old_routers. */
4217 }
4218 continue; /* We have it already. */
4219 }
4220 if (digestmap_get(map, rs->descriptor_digest)) {
4221 ++n_inprogress;
4222 continue; /* We have an in-progress download. */
4223 }
4224 if (!download_status_is_ready(&rs->dl_status, now,
4225 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4226 ++n_delayed; /* Not ready for retry. */
4227 continue;
4228 }
4229 if (authdir && dirserv_would_reject_router(rs)) {
4230 ++n_would_reject;
4231 continue; /* We would throw it out immediately. */
4232 }
4233 if (!directory_caches_dir_info(options) &&
4234 !client_would_use_router(rs, now, options)) {
4235 ++n_wouldnt_use;
4236 continue; /* We would never use it ourself. */
4237 }
4238 smartlist_add(downloadable, rs->descriptor_digest);
4239 });
4240
4241 if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
4242 && smartlist_len(no_longer_old)) {
4243 routerlist_t *rl = router_get_routerlist();
4244 log_info(LD_DIR, "%d router descriptors listed in consensus are "
4245 "currently in old_routers; making them current.",
4246 smartlist_len(no_longer_old));
4247 SMARTLIST_FOREACH(no_longer_old, signed_descriptor_t *, sd, {
4248 const char *msg;
4249 was_router_added_t r;
4250 routerinfo_t *ri = routerlist_reparse_old(rl, sd);
4251 if (!ri) {
4252 log_warn(LD_BUG, "Failed to re-parse a router.");
4253 continue;
4254 }
4255 r = router_add_to_routerlist(ri, &msg, 1, 0);
4256 if (WRA_WAS_OUTDATED(r)) {
4257 log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
4258 msg?msg:"???");
4259 }
4260 });
4261 routerlist_assert_ok(rl);
4262 }
4263
4264 log_info(LD_DIR,
4265 "%d router descriptors downloadable. %d delayed; %d present "
4266 "(%d of those were in old_routers); %d would_reject; "
4267 "%d wouldnt_use; %d in progress.",
4268 smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
4269 n_would_reject, n_wouldnt_use, n_inprogress);
4270
4271 launch_router_descriptor_downloads(downloadable, now);
4272
4273 digestmap_free(map, NULL);
4274 done:
4275 smartlist_free(downloadable);
4276 smartlist_free(no_longer_old);
4277 }
4278
4279 /** How often should we launch a server/authority request to be sure of getting
4280 * a guess for our IP? */
4281 /*XXXX021 this info should come from netinfo cells or something, or we should
4282 * do this only when we aren't seeing incoming data. see bug 652. */
4283 #define DUMMY_DOWNLOAD_INTERVAL (20*60)
4284
4285 /** Launch downloads for router status as needed. */
4286 void
4287 update_router_descriptor_downloads(time_t now)
4288 {
4289 or_options_t *options = get_options();
4290 static time_t last_dummy_download = 0;
4291 if (should_delay_dir_fetches(options))
4292 return;
4293 if (directory_fetches_dir_info_early(options)) {
4294 update_router_descriptor_cache_downloads_v2(now);
4295 }
4296 update_consensus_router_descriptor_downloads(now);
4297
4298 /* XXXX021 we could be smarter here; see notes on bug 652. */
4299 /* If we're a server that doesn't have a configured address, we rely on
4300 * directory fetches to learn when our address changes. So if we haven't
4301 * tried to get any routerdescs in a long time, try a dummy fetch now. */
4302 if (!options->Address &&
4303 server_mode(options) &&
4304 last_routerdesc_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
4305 last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
4306 last_dummy_download = now;
4307 directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
4308 ROUTER_PURPOSE_GENERAL, "authority.z",
4309 PDS_RETRY_IF_NO_SERVERS);
4310 }
4311 }
4312
4313 /** Launch extrainfo downloads as needed. */
4314 void
4315 update_extrainfo_downloads(time_t now)
4316 {
4317 or_options_t *options = get_options();
4318 routerlist_t *rl;
4319 smartlist_t *wanted;
4320 digestmap_t *pending;
4321 int old_routers, i;
4322 int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
4323 if (! options->DownloadExtraInfo)
4324 return;
4325 if (should_delay_dir_fetches(options))
4326 return;
4327 if (!router_have_minimum_dir_info())
4328 return;
4329
4330 pending = digestmap_new();
4331 list_pending_descriptor_downloads(pending, 1);
4332 rl = router_get_routerlist();
4333 wanted = smartlist_create();
4334 for (old_routers = 0; old_routers < 2; ++old_routers) {
4335 smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
4336 for (i = 0; i < smartlist_len(lst); ++i) {
4337 signed_descriptor_t *sd;
4338 char *d;
4339 if (old_routers)
4340 sd = smartlist_get(lst, i);
4341 else
4342 sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
4343 if (sd->is_extrainfo)
4344 continue; /* This should never happen. */
4345 if (old_routers && !router_get_by_digest(sd->identity_digest))
4346 continue; /* Couldn't check the signature if we got it. */
4347 if (sd->extrainfo_is_bogus)
4348 continue;
4349 d = sd->extra_info_digest;
4350 if (tor_digest_is_zero(d)) {
4351 ++n_no_ei;
4352 continue;
4353 }
4354 if (eimap_get(rl->extra_info_map, d)) {
4355 ++n_have;
4356 continue;
4357 }
4358 if (!download_status_is_ready(&sd->ei_dl_status, now,
4359 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4360 ++n_delay;
4361 continue;
4362 }
4363 if (digestmap_get(pending, d)) {
4364 ++n_pending;
4365 continue;
4366 }
4367 smartlist_add(wanted, d);
4368 }
4369 }
4370 digestmap_free(pending, NULL);
4371
4372 log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
4373 "with present ei, %d delaying, %d pending, %d downloadable.",
4374 n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
4375
4376 smartlist_shuffle(wanted);
4377 for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
4378 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
4379 wanted, i, i + MAX_DL_PER_REQUEST,
4380 PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
4381 }
4382
4383 smartlist_free(wanted);
4384 }
4385
4386 /** True iff, the last time we checked whether we had enough directory info
4387 * to build circuits, the answer was "yes". */
4388 static int have_min_dir_info = 0;
4389 /** True iff enough has changed since the last time we checked whether we had
4390 * enough directory info to build circuits that our old answer can no longer
4391 * be trusted. */
4392 static int need_to_update_have_min_dir_info = 1;
4393 /** String describing what we're missing before we have enough directory
4394 * info. */
4395 static char dir_info_status[128] = "";
4396
4397 /** Return true iff we have enough networkstatus and router information to
4398 * start building circuits. Right now, this means "more than half the
4399 * networkstatus documents, and at least 1/4 of expected routers." */
4400 //XXX should consider whether we have enough exiting nodes here.
4401 int
4402 router_have_minimum_dir_info(void)
4403 {
4404 if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
4405 update_router_have_minimum_dir_info();
4406 need_to_update_have_min_dir_info = 0;
4407 }
4408 return have_min_dir_info;
4409 }
4410
4411 /** Called when our internal view of the directory has changed. This can be
4412 * when the authorities change, networkstatuses change, the list of routerdescs
4413 * changes, or number of running routers changes.
4414 */
4415 void
4416 router_dir_info_changed(void)
4417 {
4418 need_to_update_have_min_dir_info = 1;
4419 rend_hsdir_routers_changed();
4420 }
4421
4422 /** Return a string describing what we're missing before we have enough
4423 * directory info. */
4424 const char *
4425 get_dir_info_status_string(void)
4426 {
4427 return dir_info_status;
4428 }
4429
4430 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
4431 * them seem like ones we'd use, and how many of <em>those</em> we have
4432 * descriptors for. Store the former in *<b>num_usable</b> and the latter in
4433 * *<b>num_present</b>. */
4434 static void
4435 count_usable_descriptors(int *num_present, int *num_usable,
4436 const networkstatus_t *consensus,
4437 or_options_t *options, time_t now)
4438 {
4439 *num_present = 0, *num_usable=0;
4440
4441 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4442 {
4443 if (client_would_use_router(rs, now, options)) {
4444 ++*num_usable; /* the consensus says we want it. */
4445 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4446 /* we have the descriptor listed in the consensus. */
4447 ++*num_present;
4448 }
4449 }
4450 });
4451
4452 log_debug(LD_DIR, "%d usable, %d present.", *num_usable, *num_present);
4453 }
4454
4455 /** We just fetched a new set of descriptors. Compute how far through
4456 * the "loading descriptors" bootstrapping phase we are, so we can inform
4457 * the controller of our progress. */
4458 int
4459 count_loading_descriptors_progress(void)
4460 {
4461 int num_present = 0, num_usable=0;
4462 time_t now = time(NULL);
4463 const networkstatus_t *consensus =
4464 networkstatus_get_reasonably_live_consensus(now);
4465 double fraction;
4466
4467 if (!consensus)
4468 return 0; /* can't count descriptors if we have no list of them */
4469
4470 count_usable_descriptors(&num_present, &num_usable,
4471 consensus, get_options(), now);
4472
4473 if (num_usable == 0)
4474 return 0; /* don't div by 0 */
4475 fraction = num_present / (num_usable/4.);
4476 if (fraction > 1.0)
4477 return 0; /* it's not the number of descriptors holding us back */
4478 return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
4479 (fraction*(BOOTSTRAP_STATUS_CONN_OR-1 -
4480 BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
4481 }
4482
4483 /** Change the value of have_min_dir_info, setting it true iff we have enough
4484 * network and router information to build circuits. Clear the value of
4485 * need_to_update_have_min_dir_info. */
4486 static void
4487 update_router_have_minimum_dir_info(void)
4488 {
4489 int num_present = 0, num_usable=0;
4490 time_t now = time(NULL);
4491 int res;
4492 or_options_t *options = get_options();
4493 const networkstatus_t *consensus =
4494 networkstatus_get_reasonably_live_consensus(now);
4495
4496 if (!consensus) {
4497 if (!networkstatus_get_latest_consensus())
4498 strlcpy(dir_info_status, "We have no network-status consensus.",
4499 sizeof(dir_info_status));
4500 else
4501 strlcpy(dir_info_status, "We have no recent network-status consensus.",
4502 sizeof(dir_info_status));
4503 res = 0;
4504 goto done;
4505 }
4506
4507 if (should_delay_dir_fetches(get_options())) {
4508 log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
4509 strlcpy(dir_info_status, "No live bridge descriptors.",
4510 sizeof(dir_info_status));
4511 res = 0;
4512 goto done;
4513 }
4514
4515 count_usable_descriptors(&num_present, &num_usable, consensus, options, now);
4516
4517 if (num_present < num_usable/4) {
4518 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4519 "We have only %d/%d usable descriptors.", num_present, num_usable);
4520 res = 0;
4521 control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
4522 } else if (num_present < 2) {
4523 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4524 "Only %d descriptor%s here and believed reachable!",
4525 num_present, num_present ? "" : "s");
4526 res = 0;
4527 } else {
4528 res = 1;
4529 }
4530
4531 done:
4532 if (res && !have_min_dir_info) {
4533 log(LOG_NOTICE, LD_DIR,
4534 "We now have enough directory information to build circuits.");
4535 control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
4536 control_event_bootstrap(BOOTSTRAP_STATUS_CONN_OR, 0);
4537 }
4538 if (!res && have_min_dir_info) {
4539 int quiet = directory_too_idle_to_fetch_descriptors(options, now);
4540 log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
4541 "Our directory information is no longer up-to-date "
4542 "enough to build circuits: %s", dir_info_status);
4543 control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
4544 }
4545 have_min_dir_info = res;
4546 need_to_update_have_min_dir_info = 0;
4547 }
4548
4549 /** Reset the descriptor download failure count on all routers, so that we
4550 * can retry any long-failed routers immediately.
4551 */
4552 void
4553 router_reset_descriptor_download_failures(void)
4554 {
4555 networkstatus_reset_download_failures();
4556 last_routerdesc_download_attempted = 0;
4557 if (!routerlist)
4558 return;
4559 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
4560 {
4561 download_status_reset(&ri->cache_info.ei_dl_status);
4562 });
4563 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
4564 {
4565 download_status_reset(&sd->ei_dl_status);
4566 });
4567 }
4568
4569 /** Any changes in a router descriptor's publication time larger than this are
4570 * automatically non-cosmetic. */
4571 #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (12*60*60)
4572
4573 /** We allow uptime to vary from how much it ought to be by this much. */
4574 #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
4575
4576 /** Return true iff the only differences between r1 and r2 are such that
4577 * would not cause a recent (post 0.1.1.6) dirserver to republish.
4578 */
4579 int
4580 router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
4581 {
4582 time_t r1pub, r2pub;
4583 long time_difference;
4584 tor_assert(r1 && r2);
4585
4586 /* r1 should be the one that was published first. */
4587 if (r1->cache_info.published_on > r2->cache_info.published_on) {
4588 routerinfo_t *ri_tmp = r2;
4589 r2 = r1;
4590 r1 = ri_tmp;
4591 }
4592
4593 /* If any key fields differ, they're different. */
4594 if (strcasecmp(r1->address, r2->address) ||
4595 strcasecmp(r1->nickname, r2->nickname) ||
4596 r1->or_port != r2->or_port ||
4597 r1->dir_port != r2->dir_port ||
4598 r1->purpose != r2->purpose ||
4599 crypto_pk_cmp_keys(r1->onion_pkey, r2->onion_pkey) ||
4600 crypto_pk_cmp_keys(r1->identity_pkey, r2->identity_pkey) ||
4601 strcasecmp(r1->platform, r2->platform) ||
4602 (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
4603 (!r1->contact_info && r2->contact_info) ||
4604 (r1->contact_info && r2->contact_info &&
4605 strcasecmp(r1->contact_info, r2->contact_info)) ||
4606 r1->is_hibernating != r2->is_hibernating ||
4607 r1->has_old_dnsworkers != r2->has_old_dnsworkers ||
4608 cmp_addr_policies(r1->exit_policy, r2->exit_policy))
4609 return 0;
4610 if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
4611 return 0;
4612 if (r1->declared_family && r2->declared_family) {
4613 int i, n;
4614 if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
4615 return 0;
4616 n = smartlist_len(r1->declared_family);
4617 for (i=0; i < n; ++i) {
4618 if (strcasecmp(smartlist_get(r1->declared_family, i),
4619 smartlist_get(r2->declared_family, i)))
4620 return 0;
4621 }
4622 }
4623
4624 /* Did bandwidth change a lot? */
4625 if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
4626 (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
4627 return 0;
4628
4629 /* Did the bandwidthrate or bandwidthburst change? */
4630 if ((r1->bandwidthrate != r2->bandwidthrate) ||
4631 (r1->bandwidthburst != r2->bandwidthburst))
4632 return 0;
4633
4634 /* Did more than 12 hours pass? */
4635 if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
4636 < r2->cache_info.published_on)
4637 return 0;
4638
4639 /* Did uptime fail to increase by approximately the amount we would think,
4640 * give or take some slop? */
4641 r1pub = r1->cache_info.published_on;
4642 r2pub = r2->cache_info.published_on;
4643 time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
4644 if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
4645 time_difference > r1->uptime * .05 &&
4646 time_difference > r2->uptime * .05)
4647 return 0;
4648
4649 /* Otherwise, the difference is cosmetic. */
4650 return 1;
4651 }
4652
4653 /** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the
4654 * extrainfo document
4655 * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be
4656 * dropped. Return 0 for "compatible", return 1 for "reject, and inform
4657 * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
4658 * <b>msg</b> is present, set *<b>msg</b> to a description of the
4659 * incompatibility (if any).
4660 **/
4661 int
4662 routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
4663 signed_descriptor_t *sd,
4664 const char **msg)
4665 {
4666 int digest_matches, r=1;
4667 tor_assert(ri);
4668 tor_assert(ei);
4669 if (!sd)
4670 sd = &ri->cache_info;
4671
4672 if (ei->bad_sig) {
4673 if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
4674 return 1;
4675 }
4676
4677 digest_matches = !memcmp(ei->cache_info.signed_descriptor_digest,
4678 sd->extra_info_digest, DIGEST_LEN);
4679
4680 /* The identity must match exactly to have been generated at the same time
4681 * by the same router. */
4682 if (memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
4683 DIGEST_LEN)) {
4684 if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
4685 goto err; /* different servers */
4686 }
4687
4688 if (ei->pending_sig) {
4689 char signed_digest[128];
4690 if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
4691 ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
4692 memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
4693 DIGEST_LEN)) {
4694 ei->bad_sig = 1;
4695 tor_free(ei->pending_sig);
4696 if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
4697 goto err; /* Bad signature, or no match. */
4698 }
4699
4700 ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
4701 tor_free(ei->pending_sig);
4702 }
4703
4704 if (ei->cache_info.published_on < sd->published_on) {
4705 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4706 goto err;
4707 } else if (ei->cache_info.published_on > sd->published_on) {
4708 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4709 r = -1;
4710 goto err;
4711 }
4712
4713 if (!digest_matches) {
4714 if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
4715 goto err; /* Digest doesn't match declared value. */
4716 }
4717
4718 return 0;
4719 err:
4720 if (digest_matches) {
4721 /* This signature was okay, and the digest was right: This is indeed the
4722 * corresponding extrainfo. But insanely, it doesn't match the routerinfo
4723 * that lists it. Don't try to fetch this one again. */
4724 sd->extrainfo_is_bogus = 1;
4725 }
4726
4727 return r;
4728 }
4729
4730 /** Assert that the internal representation of <b>rl</b> is
4731 * self-consistent. */
4732 void
4733 routerlist_assert_ok(routerlist_t *rl)
4734 {
4735 routerinfo_t *r2;
4736 signed_descriptor_t *sd2;
4737 if (!rl)
4738 return;
4739 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
4740 {
4741 r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
4742 tor_assert(r == r2);
4743 sd2 = sdmap_get(rl->desc_digest_map,
4744 r->cache_info.signed_descriptor_digest);
4745 tor_assert(&(r->cache_info) == sd2);
4746 tor_assert(r->cache_info.routerlist_index == r_sl_idx);
4747 /* XXXX
4748 *
4749 * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
4750 * commenting this out is just a band-aid.
4751 *
4752 * The problem is that, although well-behaved router descriptors
4753 * should never have the same value for their extra_info_digest, it's
4754 * possible for ill-behaved routers to claim whatever they like there.
4755 *
4756 * The real answer is to trash desc_by_eid_map and instead have
4757 * something that indicates for a given extra-info digest we want,
4758 * what its download status is. We'll do that as a part of routerlist
4759 * refactoring once consensus directories are in. For now,
4760 * this rep violation is probably harmless: an adversary can make us
4761 * reset our retry count for an extrainfo, but that's not the end
4762 * of the world. Changing the representation in 0.2.0.x would just
4763 * destabilize the codebase.
4764 if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
4765 signed_descriptor_t *sd3 =
4766 sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
4767 tor_assert(sd3 == &(r->cache_info));
4768 }
4769 */
4770 });
4771 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
4772 {
4773 r2 = rimap_get(rl->identity_map, sd->identity_digest);
4774 tor_assert(sd != &(r2->cache_info));
4775 sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
4776 tor_assert(sd == sd2);
4777 tor_assert(sd->routerlist_index == sd_sl_idx);
4778 /* XXXX see above.
4779 if (!tor_digest_is_zero(sd->extra_info_digest)) {
4780 signed_descriptor_t *sd3 =
4781 sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
4782 tor_assert(sd3 == sd);
4783 }
4784 */
4785 });
4786
4787 RIMAP_FOREACH(rl->identity_map, d, r) {
4788 tor_assert(!memcmp(r->cache_info.identity_digest, d, DIGEST_LEN));
4789 } DIGESTMAP_FOREACH_END;
4790 SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
4791 tor_assert(!memcmp(sd->signed_descriptor_digest, d, DIGEST_LEN));
4792 } DIGESTMAP_FOREACH_END;
4793 SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
4794 tor_assert(!tor_digest_is_zero(d));
4795 tor_assert(sd);
4796 tor_assert(!memcmp(sd->extra_info_digest, d, DIGEST_LEN));
4797 } DIGESTMAP_FOREACH_END;
4798 EIMAP_FOREACH(rl->extra_info_map, d, ei) {
4799 signed_descriptor_t *sd;
4800 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4801 d, DIGEST_LEN));
4802 sd = sdmap_get(rl->desc_by_eid_map,
4803 ei->cache_info.signed_descriptor_digest);
4804 // tor_assert(sd); // XXXX see above
4805 if (sd) {
4806 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4807 sd->extra_info_digest, DIGEST_LEN));
4808 }
4809 } DIGESTMAP_FOREACH_END;
4810 }
4811
4812 /** Allocate and return a new string representing the contact info
4813 * and platform string for <b>router</b>,
4814 * surrounded by quotes and using standard C escapes.
4815 *
4816 * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
4817 * thread. Also, each call invalidates the last-returned value, so don't
4818 * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
4819 *
4820 * If <b>router</b> is NULL, it just frees its internal memory and returns.
4821 */
4822 const char *
4823 esc_router_info(routerinfo_t *router)
4824 {
4825 static char *info=NULL;
4826 char *esc_contact, *esc_platform;
4827 size_t len;
4828 tor_free(info);
4829
4830 if (!router)
4831 return NULL; /* we're exiting; just free the memory we use */
4832
4833 esc_contact = esc_for_log(router->contact_info);
4834 esc_platform = esc_for_log(router->platform);
4835
4836 len = strlen(esc_contact)+strlen(esc_platform)+32;
4837 info = tor_malloc(len);
4838 tor_snprintf(info, len, "Contact %s, Platform %s", esc_contact,
4839 esc_platform);
4840 tor_free(esc_contact);
4841 tor_free(esc_platform);
4842
4843 return info;
4844 }
4845
4846 /** Helper for sorting: compare two routerinfos by their identity
4847 * digest. */
4848 static int
4849 _compare_routerinfo_by_id_digest(const void **a, const void **b)
4850 {
4851 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
4852 return memcmp(first->cache_info.identity_digest,
4853 second->cache_info.identity_digest,
4854 DIGEST_LEN);
4855 }
4856
4857 /** Sort a list of routerinfo_t in ascending order of identity digest. */
4858 void
4859 routers_sort_by_identity(smartlist_t *routers)
4860 {
4861 smartlist_sort(routers, _compare_routerinfo_by_id_digest);
4862 }
4863
4864 /** A routerset specifies constraints on a set of possible routerinfos, based
4865 * on their names, identities, or addresses. It is optimized for determining
4866 * whether a router is a member or not, in O(1+P) time, where P is the number
4867 * of address policy constraints. */
4868 struct routerset_t {
4869 /** A list of strings for the elements of the policy. Each string is either
4870 * a nickname, a hexadecimal identity fingerprint, or an address policy. A
4871 * router belongs to the set if its nickname OR its identity OR its address
4872 * matches an entry here. */
4873 smartlist_t *list;
4874 /** A map from lowercase nicknames of routers in the set to (void*)1 */
4875 strmap_t *names;
4876 /** A map from identity digests routers in the set to (void*)1 */
4877 digestmap_t *digests;
4878 /** An address policy for routers in the set. For implementation reasons,
4879 * a router belongs to the set if it is _rejected_ by this policy. */
4880 smartlist_t *policies;
4881
4882 /** A human-readable description of what this routerset is for. Used in
4883 * log messages. */
4884 char *description;
4885
4886 /** A list of the country codes in this set. */
4887 smartlist_t *country_names;
4888 /** Total number of countries we knew about when we built <b>countries</b>.*/
4889 int n_countries;
4890 /** Bit array mapping the return value of geoip_get_country() to 1 iff the
4891 * country is a member of this routerset. Note that we MUST call
4892 * routerset_refresh_countries() whenever the geoip country list is
4893 * reloaded. */
4894 bitarray_t *countries;
4895 };
4896
4897 /** Return a new empty routerset. */
4898 routerset_t *
4899 routerset_new(void)
4900 {
4901 routerset_t *result = tor_malloc_zero(sizeof(routerset_t));
4902 result->list = smartlist_create();
4903 result->names = strmap_new();
4904 result->digests = digestmap_new();
4905 result->policies = smartlist_create();
4906 result->country_names = smartlist_create();
4907 return result;
4908 }
4909
4910 /** If <b>c</b> is a country code in the form {cc}, return a newly allocated
4911 * string holding the "cc" part. Else, return NULL. */
4912 static char *
4913 routerset_get_countryname(const char *c)
4914 {
4915 char *country;
4916
4917 if (strlen(c) < 4 || c[0] !='{' || c[3] !='}')
4918 return NULL;
4919
4920 country = tor_strndup(c+1, 2);
4921 tor_strlower(country);
4922 return country;
4923 }
4924
4925 #if 0
4926 /** Add the GeoIP database's integer index (+1) of a valid two-character
4927 * country code to the routerset's <b>countries</b> bitarray. Return the
4928 * integer index if the country code is valid, -1 otherwise.*/
4929 static int
4930 routerset_add_country(const char *c)
4931 {
4932 char country[3];
4933 country_t cc;
4934
4935 /* XXXX: Country codes must be of the form \{[a-z\?]{2}\} but this accepts
4936 \{[.]{2}\}. Do we need to be strict? -RH */
4937 /* Nope; if the country code is bad, we'll get 0 when we look it up. */
4938
4939 if (!geoip_is_loaded()) {
4940 log(LOG_WARN, LD_CONFIG, "GeoIP database not loaded: Cannot add country"
4941 "entry %s, ignoring.", c);
4942 return -1;
4943 }
4944
4945 memcpy(country, c+1, 2);
4946 country[2] = '\0';
4947 tor_strlower(country);
4948
4949 if ((cc=geoip_get_country(country))==-1) {
4950 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not valid, ignoring.",
4951 country);
4952 }
4953 return cc;
4954 }
4955 #endif
4956
4957 /** Update the routerset's <b>countries</b> bitarray_t. Called whenever
4958 * the GeoIP database is reloaded.
4959 */
4960 void
4961 routerset_refresh_countries(routerset_t *target)
4962 {
4963 int cc;
4964 bitarray_free(target->countries);
4965
4966 if (!geoip_is_loaded()) {
4967 target->countries = NULL;
4968 target->n_countries = 0;
4969 return;
4970 }
4971 target->n_countries = geoip_get_n_countries();
4972 target->countries = bitarray_init_zero(target->n_countries);
4973 SMARTLIST_FOREACH_BEGIN(target->country_names, const char *, country) {
4974 cc = geoip_get_country(country);
4975 if (cc >= 0) {
4976 tor_assert(cc < target->n_countries);
4977 bitarray_set(target->countries, cc);
4978 } else {
4979 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not recognized.",
4980 country);
4981 }
4982 } SMARTLIST_FOREACH_END(country);
4983 }
4984
4985 /** Parse the string <b>s</b> to create a set of routerset entries, and add
4986 * them to <b>target</b>. In log messages, refer to the string as
4987 * <b>description</b>. Return 0 on success, -1 on failure.
4988 *
4989 * Three kinds of elements are allowed in routersets: nicknames, IP address
4990 * patterns, and fingerprints. They may be surrounded by optional space, and
4991 * must be separated by commas.
4992 */
4993 int
4994 routerset_parse(routerset_t *target, const char *s, const char *description)
4995 {
4996 int r = 0;
4997 int added_countries = 0;
4998 char *countryname;
4999 smartlist_t *list = smartlist_create();
5000 smartlist_split_string(list, s, ",",
5001 SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
5002 SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
5003 addr_policy_t *p;
5004 if (is_legal_hexdigest(nick)) {
5005 char d[DIGEST_LEN];
5006 if (*nick == '$')
5007 ++nick;
5008 log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
5009 base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
5010 digestmap_set(target->digests, d, (void*)1);
5011 } else if (is_legal_nickname(nick)) {
5012 log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
5013 strmap_set_lc(target->names, nick, (void*)1);
5014 } else if ((countryname = routerset_get_countryname(nick)) != NULL) {
5015 log_debug(LD_CONFIG, "Adding country %s to %s", nick,
5016 description);
5017 smartlist_add(target->country_names, countryname);
5018 added_countries = 1;
5019 } else if ((strchr(nick,'.') || strchr(nick, '*')) &&
5020 (p = router_parse_addr_policy_item_from_string(
5021 nick, ADDR_POLICY_REJECT))) {
5022 log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
5023 smartlist_add(target->policies, p);
5024 } else {
5025 log_warn(LD_CONFIG, "Entry '%s' in %s is misformed.", nick,
5026 description);
5027 r = -1;
5028 tor_free(nick);
5029 SMARTLIST_DEL_CURRENT(list, nick);
5030 }
5031 } SMARTLIST_FOREACH_END(nick);
5032 smartlist_add_all(target->list, list);
5033 smartlist_free(list);
5034 if (added_countries)
5035 routerset_refresh_countries(target);
5036 return r;
5037 }
5038
5039 /** Called when we change a node set, or when we reload the geoip list:
5040 * recompute all country info in all configuration node sets and in the
5041 * routerlist. */
5042 void
5043 refresh_all_country_info(void)
5044 {
5045 or_options_t *options = get_options();
5046
5047 if (options->EntryNodes)
5048 routerset_refresh_countries(options->EntryNodes);
5049 if (options->ExitNodes)
5050 routerset_refresh_countries(options->ExitNodes);
5051 if (options->ExcludeNodes)
5052 routerset_refresh_countries(options->ExcludeNodes);
5053 if (options->ExcludeExitNodes)
5054 routerset_refresh_countries(options->ExcludeExitNodes);
5055 if (options->_ExcludeExitNodesUnion)
5056 routerset_refresh_countries(options->_ExcludeExitNodesUnion);
5057
5058 routerlist_refresh_countries();
5059 }
5060
5061 /** Add all members of the set <b>source</b> to <b>target</b>. */
5062 void
5063 routerset_union(routerset_t *target, const routerset_t *source)
5064 {
5065 char *s;
5066 tor_assert(target);
5067 if (!source || !source->list)
5068 return;
5069 s = routerset_to_string(source);
5070 routerset_parse(target, s, "other routerset");
5071 tor_free(s);
5072 }
5073
5074 /** Return true iff <b>set</b> lists only nicknames and digests, and includes
5075 * no IP ranges or countries. */
5076 int
5077 routerset_is_list(const routerset_t *set)
5078 {
5079 return smartlist_len(set->country_names) == 0 &&
5080 smartlist_len(set->policies) == 0;
5081 }
5082
5083 /** Return true iff we need a GeoIP IP-to-country database to make sense of
5084 * <b>set</b>. */
5085 int
5086 routerset_needs_geoip(const routerset_t *set)
5087 {
5088 return set && smartlist_len(set->country_names);
5089 }
5090
5091 /** Return true iff there are no entries in <b>set</b>. */
5092 static int
5093 routerset_is_empty(const routerset_t *set)
5094 {
5095 return !set || smartlist_len(set->list) == 0;
5096 }
5097
5098 /** Helper. Return true iff <b>set</b> contains a router based on the other
5099 * provided fields. Return higher values for more specific subentries: a
5100 * single router is more specific than an address range of routers, which is
5101 * more specific in turn than a country code.
5102 *
5103 * (If country is -1, then we take the country
5104 * from addr.) */
5105 static int
5106 routerset_contains(const routerset_t *set, const tor_addr_t *addr,
5107 uint16_t orport,
5108 const char *nickname, const char *id_digest, int is_named,
5109 country_t country)
5110 {
5111 if (!set || !set->list) return 0;
5112 (void) is_named; /* not supported */
5113 if (nickname && strmap_get_lc(set->names, nickname))
5114 return 4;
5115 if (id_digest && digestmap_get(set->digests, id_digest))
5116 return 4;
5117 if (addr && compare_tor_addr_to_addr_policy(addr, orport, set->policies)
5118 == ADDR_POLICY_REJECTED)
5119 return 3;
5120 if (set->countries) {
5121 if (country < 0 && addr)
5122 country = geoip_get_country_by_ip(tor_addr_to_ipv4h(addr));
5123
5124 if (country >= 0 && country < set->n_countries &&
5125 bitarray_is_set(set->countries, country))
5126 return 2;
5127 }
5128 return 0;
5129 }
5130
5131 /** Return true iff we can tell that <b>ei</b> is a member of <b>set</b>. */
5132 int
5133 routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
5134 {
5135 return routerset_contains(set,
5136 &ei->addr,
5137 ei->port,
5138 ei->nickname,
5139 ei->identity_digest,
5140 -1, /*is_named*/
5141 -1 /*country*/);
5142 }
5143
5144 /** Return true iff <b>ri</b> is in <b>set</b>. */
5145 int
5146 routerset_contains_router(const routerset_t *set, routerinfo_t *ri)
5147 {
5148 tor_addr_t addr;
5149 tor_addr_from_ipv4h(&addr, ri->addr);
5150 return routerset_contains(set,
5151 &addr,
5152 ri->or_port,
5153 ri->nickname,
5154 ri->cache_info.identity_digest,
5155 ri->is_named,
5156 ri->country);
5157 }
5158
5159 /** Return true iff <b>rs</b> is in <b>set</b>. */
5160 int
5161 routerset_contains_routerstatus(const routerset_t *set, routerstatus_t *rs)
5162 {
5163 tor_addr_t addr;
5164 tor_addr_from_ipv4h(&addr, rs->addr);
5165 return routerset_contains(set,
5166 &addr,
5167 rs->or_port,
5168 rs->nickname,
5169 rs->identity_digest,
5170 rs->is_named,
5171 -1);
5172 }
5173
5174 /** Add every known routerinfo_t that is a member of <b>routerset</b> to
5175 * <b>out</b>. If <b>running_only</b>, only add the running ones. */
5176 void
5177 routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
5178 int running_only)
5179 {
5180 tor_assert(out);
5181 if (!routerset || !routerset->list)
5182 return;
5183 if (!warned_nicknames)
5184 warned_nicknames = smartlist_create();
5185 if (routerset_is_list(routerset)) {
5186
5187 /* No routers are specified by type; all are given by name or digest.
5188 * we can do a lookup in O(len(list)). */
5189 SMARTLIST_FOREACH(routerset->list, const char *, name, {
5190 routerinfo_t *router = router_get_by_nickname(name, 1);
5191 if (router) {
5192 if (!running_only || router->is_running)
5193 smartlist_add(out, router);
5194 }
5195 });
5196 } else {
5197 /* We need to iterate over the routerlist to get all the ones of the
5198 * right kind. */
5199 routerlist_t *rl = router_get_routerlist();
5200 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
5201 if (running_only && !router->is_running)
5202 continue;
5203 if (routerset_contains_router(routerset, router))
5204 smartlist_add(out, router);
5205 });
5206 }
5207 }
5208
5209 /** Add to <b>target</b> every routerinfo_t from <b>source</b> that is in
5210 * <b>include</b>, but not excluded in a more specific fashion by
5211 * <b>exclude</b>. If <b>running_only</b>, only include running routers.
5212 */
5213 void
5214 routersets_get_disjunction(smartlist_t *target,
5215 const smartlist_t *source,
5216 const routerset_t *include,
5217 const routerset_t *exclude, int running_only)
5218 {
5219 SMARTLIST_FOREACH(source, routerinfo_t *, router, {
5220 int include_result;
5221 if (running_only && !router->is_running)
5222 continue;
5223 if (!routerset_is_empty(include))
5224 include_result = routerset_contains_router(include, router);
5225 else
5226 include_result = 1;
5227
5228 if (include_result) {
5229 int exclude_result = routerset_contains_router(exclude, router);
5230 if (include_result >= exclude_result)
5231 smartlist_add(target, router);
5232 }
5233 });
5234 }
5235
5236 /** Remove every routerinfo_t from <b>lst</b> that is in <b>routerset</b>. */
5237 void
5238 routerset_subtract_routers(smartlist_t *lst, const routerset_t *routerset)
5239 {
5240 tor_assert(lst);
5241 if (!routerset)
5242 return;
5243 SMARTLIST_FOREACH(lst, routerinfo_t *, r, {
5244 if (routerset_contains_router(routerset, r)) {
5245 //log_debug(LD_DIR, "Subtracting %s",r->nickname);
5246 SMARTLIST_DEL_CURRENT(lst, r);
5247 }
5248 });
5249 }
5250
5251 /** Return a new string that when parsed by routerset_parse_string() will
5252 * yield <b>set</b>. */
5253 char *
5254 routerset_to_string(const routerset_t *set)
5255 {
5256 if (!set || !set->list)
5257 return tor_strdup("");
5258 return smartlist_join_strings(set->list, ",", 0, NULL);
5259 }
5260
5261 /** Helper: return true iff old and new are both NULL, or both non-NULL
5262 * equal routersets. */
5263 int
5264 routerset_equal(const routerset_t *old, const routerset_t *new)
5265 {
5266 if (old == NULL && new == NULL)
5267 return 1;
5268 else if (old == NULL || new == NULL)
5269 return 0;
5270
5271 if (smartlist_len(old->list) != smartlist_len(new->list))
5272 return 0;
5273
5274 SMARTLIST_FOREACH(old->list, const char *, cp1, {
5275 const char *cp2 = smartlist_get(new->list, cp1_sl_idx);
5276 if (strcmp(cp1, cp2))
5277 return 0;
5278 });
5279
5280 return 1;
5281
5282 #if 0
5283 /* XXXX: This won't work if the names/digests are identical but in a
5284 different order. Checking for exact equality would be heavy going,
5285 is it worth it? -RH*/
5286 /* This code is totally bogus; sizeof doesn't work even remotely like this
5287 * code seems to think. Let's revert to a string-based comparison for
5288 * now. -NM*/
5289 if (sizeof(old->names) != sizeof(new->names))
5290 return 0;
5291
5292 if (memcmp(old->names,new->names,sizeof(new->names)))
5293 return 0;
5294 if (sizeof(old->digests) != sizeof(new->digests))
5295 return 0;
5296 if (memcmp(old->digests,new->digests,sizeof(new->digests)))
5297 return 0;
5298 if (sizeof(old->countries) != sizeof(new->countries))
5299 return 0;
5300 if (memcmp(old->countries,new->countries,sizeof(new->countries)))
5301 return 0;
5302 return 1;
5303 #endif
5304 }
5305
5306 /** Free all storage held in <b>routerset</b>. */
5307 void
5308 routerset_free(routerset_t *routerset)
5309 {
5310 if (!routerset)
5311 return;
5312
5313 SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
5314 smartlist_free(routerset->list);
5315 SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
5316 addr_policy_free(p));
5317 smartlist_free(routerset->policies);
5318 SMARTLIST_FOREACH(routerset->country_names, char *, cp, tor_free(cp));
5319 smartlist_free(routerset->country_names);
5320
5321 strmap_free(routerset->names, NULL);
5322 digestmap_free(routerset->digests, NULL);
5323 bitarray_free(routerset->countries);
5324 tor_free(routerset);
5325 }
5326
5327 /** Refresh the country code of <b>ri</b>. This function MUST be called on
5328 * each router when the GeoIP database is reloaded, and on all new routers. */
5329 void
5330 routerinfo_set_country(routerinfo_t *ri)
5331 {
5332 ri->country = geoip_get_country_by_ip(ri->addr);
5333 }
5334
5335 /** Set the country code of all routers in the routerlist. */
5336 void
5337 routerlist_refresh_countries(void)
5338 {
5339 routerlist_t *rl = router_get_routerlist();
5340 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
5341 routerinfo_set_country(ri));
5342 }
5343
5344 /** Determine the routers that are responsible for <b>id</b> (binary) and
5345 * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
5346 * Return -1 if we're returning an empty smartlist, else return 0.
5347 */
5348 int
5349 hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
5350 const char *id)
5351 {
5352 int start, found, n_added = 0, i;
5353 networkstatus_t *c = networkstatus_get_latest_consensus();
5354 int use_begindir = get_options()->TunnelDirConns;
5355 if (!c || !smartlist_len(c->routerstatus_list)) {
5356 log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
5357 "rendezvous operations.");
5358 return -1;
5359 }
5360 tor_assert(id);
5361 start = networkstatus_vote_find_entry_idx(c, id, &found);
5362 if (start == smartlist_len(c->routerstatus_list)) start = 0;
5363 i = start;
5364 do {
5365 routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
5366 if (r->is_hs_dir) {
5367 if (r->dir_port || use_begindir)
5368 smartlist_add(responsible_dirs, r);
5369 else
5370 log_info(LD_REND, "Not adding router '%s' to list of responsible "
5371 "hidden service directories, because we have no way of "
5372 "reaching it.", r->nickname);
5373 if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
5374 break;
5375 }
5376 if (++i == smartlist_len(c->routerstatus_list))
5377 i = 0;
5378 } while (i != start);
5379
5380 /* Even though we don't have the desired number of hidden service
5381 * directories, be happy if we got any. */
5382 return smartlist_len(responsible_dirs) ? 0 : -1;
5383 }
5384
5385 /** Return true if this node is currently acting as hidden service
5386 * directory, false otherwise. */
5387 int
5388 hid_serv_acting_as_directory(void)
5389 {
5390 routerinfo_t *me = router_get_my_routerinfo();
5391 networkstatus_t *c;
5392 routerstatus_t *rs;
5393 if (!me)
5394 return 0;
5395 if (!get_options()->HidServDirectoryV2) {
5396 log_info(LD_REND, "We are not acting as hidden service directory, "
5397 "because we have not been configured as such.");
5398 return 0;
5399 }
5400 if (!(c = networkstatus_get_latest_consensus())) {
5401 log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden "
5402 "service directory");
5403 return 0;
5404 }
5405 rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest);
5406 if (!rs) {
5407 log_info(LD_REND, "We're not listed in the consensus, so we're not "
5408 "being a hidden service directory.");
5409 return 0;
5410 }
5411 if (!rs->is_hs_dir) {
5412 log_info(LD_REND, "We're not listed as a hidden service directory in "
5413 "the consensus, so we won't be one.");
5414 return 0;
5415 }
5416 return 1;
5417 }
5418
5419 /** Return true if this node is responsible for storing the descriptor ID
5420 * in <b>query</b> and false otherwise. */
5421 int
5422 hid_serv_responsible_for_desc_id(const char *query)
5423 {
5424 routerinfo_t *me;
5425 routerstatus_t *last_rs;
5426 const char *my_id, *last_id;
5427 int result;
5428 smartlist_t *responsible;
5429 if (!hid_serv_acting_as_directory())
5430 return 0;
5431 if (!(me = router_get_my_routerinfo()))
5432 return 0; /* This is redundant, but let's be paranoid. */
5433 my_id = me->cache_info.identity_digest;
5434 responsible = smartlist_create();
5435 if (hid_serv_get_responsible_directories(responsible, query) < 0) {
5436 smartlist_free(responsible);
5437 return 0;
5438 }
5439 last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
5440 last_id = last_rs->identity_digest;
5441 result = rend_id_is_in_interval(my_id, query, last_id);
5442 smartlist_free(responsible);
5443 return result;
5444 }
5445
The Onion Router