search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Appease verbose GCC warnings.
[tor.git] / src / or / routerlist.c
blob26d3168a2ee37362481297114e2e9eede5831fe8
1 /* Copyright 2001 Matej Pfajfar.
2 * Copyright 2001-2004 Roger Dingledine.
3 * Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
4 /* See LICENSE for licensing information */
5 /* $Id$ */
6 const char routerlist_c_id[] = "$Id$";
7
8 /**
9 * \file routerlist.c
10 * \brief Code to
11 * maintain and access the global list of routerinfos for known
12 * servers.
13 **/
14
15 #include "or.h"
16
17 /****************************************************************************/
18
19 static smartlist_t *trusted_dir_servers = NULL;
20
21 /* static function prototypes */
22 static routerinfo_t *
23 router_pick_directory_server_impl(int requireothers, int fascistfirewall,
24 int for_runningrouters);
25 static trusted_dir_server_t *
26 router_pick_trusteddirserver_impl(int requireother, int fascistfirewall);
27 static void mark_all_trusteddirservers_up(void);
28 static int router_resolve(routerinfo_t *router);
29 static int router_resolve_routerlist(routerlist_t *dir);
30
31 /****************************************************************************/
32
33 /****
34 * Functions to manage and access our list of known routers. (Note:
35 * dirservers maintain a separate, independent list of known router
36 * descriptors.)
37 *****/
38
39 /** Global list of all of the routers that we, as an OR or OP, know about. */
40 static routerlist_t *routerlist = NULL;
41
42 extern int has_fetched_directory; /**< from main.c */
43
44 /**
45 * Reload the original list of trusted dirservers, and the most recent
46 * cached directory (if present).
47 */
48 int
49 router_reload_router_list(void)
50 {
51 char filename[512];
52 int is_recent;
53 struct stat st;
54 char *s;
55 tor_assert(get_options()->DataDirectory);
56
57 tor_snprintf(filename,sizeof(filename),"%s/cached-directory",
58 get_options()->DataDirectory);
59 s = read_file_to_str(filename,0);
60 if (s) {
61 stat(filename, &st); /* if s is true, stat probably worked */
62 log_fn(LOG_INFO, "Loading cached directory from %s", filename);
63 is_recent = st.st_mtime > time(NULL) - 60*15;
64 if (router_load_routerlist_from_directory(s, NULL, is_recent, 1) < 0) {
65 log_fn(LOG_WARN, "Cached directory at '%s' was unparseable; ignoring.", filename);
66 }
67 if (routerlist &&
68 ((routerlist->published_on > time(NULL) - MIN_ONION_KEY_LIFETIME/2)
69 || is_recent)) {
70 directory_has_arrived(st.st_mtime, NULL); /* do things we've been waiting to do */
71 }
72 tor_free(s);
73 }
74 return 0;
75 }
76
77 /* Set *<b>outp</b> to a smartlist containing a list of
78 * trusted_dir_server_t * for all known trusted dirservers. Callers
79 * must not modify the list or its contents.
80 */
81 void
82 router_get_trusted_dir_servers(smartlist_t **outp)
83 {
84 if (!trusted_dir_servers)
85 trusted_dir_servers = smartlist_create();
86
87 *outp = trusted_dir_servers;
88 }
89
90 /** Try to find a running dirserver. If there are no running dirservers
91 * in our routerlist, set all the authoritative ones as running again,
92 * and pick one. If there are no dirservers at all in our routerlist,
93 * reload the routerlist and try one last time. If for_runningrouters is
94 * true, then only pick a dirserver that can answer runningrouters queries
95 * (that is, a trusted dirserver, or one running 0.0.9rc5-cvs or later).
96 */
97 routerinfo_t *
98 router_pick_directory_server(int requireothers,
99 int fascistfirewall,
100 int for_runningrouters,
101 int retry_if_no_servers)
102 {
103 routerinfo_t *choice;
104
105 if (!routerlist)
106 return NULL;
107
108 choice = router_pick_directory_server_impl(requireothers, fascistfirewall,
109 for_runningrouters);
110 if (choice || !retry_if_no_servers)
111 return choice;
112
113 log_fn(LOG_INFO,"No reachable router entries for dirservers. Trying them all again.");
114 /* mark all authdirservers as up again */
115 mark_all_trusteddirservers_up();
116 /* try again */
117 choice = router_pick_directory_server_impl(requireothers, fascistfirewall,
118 for_runningrouters);
119 if (choice)
120 return choice;
121
122 log_fn(LOG_INFO,"Still no %s router entries. Reloading and trying again.",
123 get_options()->FascistFirewall ? "reachable" : "known");
124 has_fetched_directory=0; /* reset it */
125 if (router_reload_router_list()) {
126 return NULL;
127 }
128 /* give it one last try */
129 choice = router_pick_directory_server_impl(requireothers, 0,
130 for_runningrouters);
131 return choice;
132 }
133
134 /** DOCDOC */
135 trusted_dir_server_t *
136 router_pick_trusteddirserver(int requireothers,
137 int fascistfirewall,
138 int retry_if_no_servers)
139 {
140 trusted_dir_server_t *choice;
141
142 choice = router_pick_trusteddirserver_impl(requireothers, fascistfirewall);
143 if (choice || !retry_if_no_servers)
144 return choice;
145
146 log_fn(LOG_INFO,"No trusted dirservers are reachable. Trying them all again.");
147 /* mark all authdirservers as up again */
148 mark_all_trusteddirservers_up();
149 /* try again */
150 choice = router_pick_trusteddirserver_impl(requireothers, fascistfirewall);
151 if (choice)
152 return choice;
153
154 log_fn(LOG_WARN,"Still no dirservers %s. Reloading and trying again.",
155 get_options()->FascistFirewall ? "reachable" : "known");
156 has_fetched_directory=0; /* reset it */
157 if (router_reload_router_list()) {
158 return NULL;
159 }
160 /* give it one last try */
161 choice = router_pick_trusteddirserver_impl(requireothers, 0);
162 return choice;
163 }
164
165 /** Pick a random running router from our routerlist. If requireauth,
166 * it has to be a trusted server. If requireothers, it cannot be us.
167 */
168 static routerinfo_t *
169 router_pick_directory_server_impl(int requireothers, int fascistfirewall,
170 int for_runningrouters)
171 {
172 int i;
173 routerinfo_t *router;
174 smartlist_t *sl;
175
176 if (!routerlist)
177 return NULL;
178
179 if (get_options()->HttpProxy)
180 fascistfirewall = 0;
181
182 /* Find all the running dirservers we know about. */
183 sl = smartlist_create();
184 for (i=0;i < smartlist_len(routerlist->routers); i++) {
185 router = smartlist_get(routerlist->routers, i);
186 if (!router->is_running || !router->dir_port || !router->is_verified)
187 continue;
188 if (requireothers && router_is_me(router))
189 continue;
190 if (fascistfirewall) {
191 if (!smartlist_string_num_isin(get_options()->FirewallPorts, router->dir_port))
192 continue;
193 }
194 /* before 0.0.9rc5-cvs, only trusted dirservers served status info. */
195 if (for_runningrouters &&
196 !(tor_version_as_new_as(router->platform,"0.0.9rc5-cvs") ||
197 router_digest_is_trusted_dir(router->identity_digest)))
198 continue;
199 smartlist_add(sl, router);
200 }
201
202 router = smartlist_choose(sl);
203 smartlist_free(sl);
204 return router;
205 }
206
207 /** DOCDOC */
208 static trusted_dir_server_t *
209 router_pick_trusteddirserver_impl(int requireother, int fascistfirewall)
210 {
211 smartlist_t *sl;
212 routerinfo_t *me;
213 trusted_dir_server_t *ds;
214 sl = smartlist_create();
215 me = router_get_my_routerinfo();
216
217 if (!trusted_dir_servers)
218 return NULL;
219
220 if (get_options()->HttpProxy)
221 fascistfirewall = 0;
222
223 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
224 {
225 if (!d->is_running) continue;
226 if (requireother && me &&
227 !memcmp(me->identity_digest, d->digest, DIGEST_LEN))
228 continue;
229 if (fascistfirewall) {
230 if (!smartlist_string_num_isin(get_options()->FirewallPorts, d->dir_port))
231 continue;
232 }
233 smartlist_add(sl, d);
234 });
235
236 ds = smartlist_choose(sl);
237 smartlist_free(sl);
238 return ds;
239 }
240
241 /** Go through and mark the auth dirservers as up */
242 static void
243 mark_all_trusteddirservers_up(void)
244 {
245 if (routerlist) {
246 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
247 if (router_digest_is_trusted_dir(router->identity_digest)) {
248 tor_assert(router->dir_port > 0);
249 router->is_running = 1;
250 router->status_set_at = time(NULL);
251 });
252 }
253 if (trusted_dir_servers) {
254 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
255 dir->is_running = 1);
256 }
257 }
258
259 /** Return 0 if \\exists an authoritative dirserver that's currently
260 * thought to be running, else return 1.
261 */
262 int
263 all_trusted_directory_servers_down(void)
264 {
265 if (!trusted_dir_servers)
266 return 1;
267 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
268 if (dir->is_running) return 0);
269 return 1;
270 }
271
272 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
273 */
274 void
275 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
276 {
277 routerinfo_t *r;
278 struct config_line_t *cl;
279
280 if (!router->declared_family)
281 return;
282
283 /* Add every r such that router declares familyness with r, and r
284 * declares familyhood with router. */
285 SMARTLIST_FOREACH(router->declared_family, const char *, n,
286 {
287 if (!(r = router_get_by_nickname(n)))
288 continue;
289 if (!r->declared_family)
290 continue;
291 SMARTLIST_FOREACH(r->declared_family, const char *, n2,
292 {
293 if (router_nickname_matches(router, n2))
294 smartlist_add(sl, r);
295 });
296 });
297
298 for (cl = get_options()->NodeFamilies; cl; cl = cl->next) {
299 if (router_nickname_is_in_list(router, cl->value)) {
300 add_nickname_list_to_smartlist(sl, cl->value, 0);
301 }
302 }
303 }
304
305 /** List of string for nicknames we've warned about and haven't yet succeeded.
306 */
307 static smartlist_t *warned_nicknames = NULL;
308
309 /** Given a comma-and-whitespace separated list of nicknames, see which
310 * nicknames in <b>list</b> name routers in our routerlist that are
311 * currently running. Add the routerinfos for those routers to <b>sl</b>.
312 */
313 void
314 add_nickname_list_to_smartlist(smartlist_t *sl, const char *list, int warn_if_down)
315 {
316 routerinfo_t *router;
317 smartlist_t *nickname_list;
318
319 if (!list)
320 return; /* nothing to do */
321 tor_assert(sl);
322
323 nickname_list = smartlist_create();
324 if (!warned_nicknames)
325 warned_nicknames = smartlist_create();
326
327 smartlist_split_string(nickname_list, list, ",",
328 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
329
330 SMARTLIST_FOREACH(nickname_list, const char *, nick, {
331 int warned;
332 if (!is_legal_nickname_or_hexdigest(nick)) {
333 log_fn(LOG_WARN,"Nickname %s is misformed; skipping", nick);
334 continue;
335 }
336 router = router_get_by_nickname(nick);
337 warned = smartlist_string_isin(warned_nicknames, nick);
338 if (router) {
339 if (router->is_running) {
340 smartlist_add(sl,router);
341 if (warned)
342 smartlist_string_remove(warned_nicknames, nick);
343 } else {
344 if (!warned) {
345 log_fn(warn_if_down ? LOG_WARN : LOG_DEBUG,
346 "Nickname list includes '%s' which is known but down.",nick);
347 smartlist_add(warned_nicknames, tor_strdup(nick));
348 }
349 }
350 } else {
351 if (!warned) {
352 log_fn(has_fetched_directory ? LOG_WARN : LOG_INFO,
353 "Nickname list includes '%s' which isn't a known router.",nick);
354 smartlist_add(warned_nicknames, tor_strdup(nick));
355 }
356 }
357 });
358 SMARTLIST_FOREACH(nickname_list, char *, nick, tor_free(nick));
359 smartlist_free(nickname_list);
360 }
361
362 /** Return 1 iff any member of the comma-separated list <b>list</b> is an
363 * acceptable nickname or hexdigest for <b>router</b>. Else return 0.
364 */
365 int
366 router_nickname_is_in_list(routerinfo_t *router, const char *list)
367 {
368 smartlist_t *nickname_list;
369 int v = 0;
370
371 if (!list)
372 return 0; /* definitely not */
373 tor_assert(router);
374
375 nickname_list = smartlist_create();
376 smartlist_split_string(nickname_list, list, ",",
377 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
378 SMARTLIST_FOREACH(nickname_list, const char *, cp,
379 if (router_nickname_matches(router, cp)) {v=1;break;});
380 SMARTLIST_FOREACH(nickname_list, char *, cp, tor_free(cp));
381 smartlist_free(nickname_list);
382 return v;
383 }
384
385 /** Add every router from our routerlist that is currently running to
386 * <b>sl</b>.
387 */
388 static void
389 router_add_running_routers_to_smartlist(smartlist_t *sl, int allow_unverified,
390 int need_uptime, int need_capacity)
391 {
392 routerinfo_t *router;
393 int i;
394
395 if (!routerlist)
396 return;
397
398 for (i=0;i<smartlist_len(routerlist->routers);i++) {
399 router = smartlist_get(routerlist->routers, i);
400 if (router->is_running &&
401 (router->is_verified ||
402 (allow_unverified &&
403 !router_is_unreliable(router, need_uptime, need_capacity)))) {
404 /* If it's running, and either it's verified or we're ok picking
405 * unverified routers and this one is suitable.
406 */
407 smartlist_add(sl, router);
408 }
409 }
410 }
411
412 /** DOCDOC */
413 routerinfo_t *
414 routerlist_find_my_routerinfo(void)
415 {
416 routerinfo_t *router;
417 int i;
418
419 if (!routerlist)
420 return NULL;
421
422 for (i=0;i<smartlist_len(routerlist->routers);i++) {
423 router = smartlist_get(routerlist->routers, i);
424 if (router_is_me(router))
425 return router;
426 }
427 return NULL;
428 }
429
430 /** DOCDOC */
431 int
432 router_is_unreliable(routerinfo_t *router, int need_uptime, int need_capacity)
433 {
434 if (need_uptime && router->uptime < ROUTER_REQUIRED_MIN_UPTIME)
435 return 1;
436 if (need_capacity && router->bandwidthcapacity < ROUTER_REQUIRED_MIN_BANDWIDTH)
437 return 1;
438 return 0;
439 }
440
441 /** DOCDOC */
442 static void
443 routerlist_sl_remove_unreliable_routers(smartlist_t *sl)
444 {
445 int i;
446 routerinfo_t *router;
447
448 for (i = 0; i < smartlist_len(sl); ++i) {
449 router = smartlist_get(sl, i);
450 if (router_is_unreliable(router, 1, 0)) {
451 log(LOG_DEBUG, "Router '%s' has insufficient uptime; deleting.",
452 router->nickname);
453 smartlist_del(sl, i--);
454 }
455 }
456 }
457
458 /** DOCDOC */
459 routerinfo_t *
460 routerlist_sl_choose_by_bandwidth(smartlist_t *sl)
461 {
462 int i;
463 routerinfo_t *router;
464 smartlist_t *bandwidths;
465 uint32_t this_bw, tmp, total_bw=0, rand_bw;
466 uint32_t *p;
467
468 bandwidths = smartlist_create();
469 for (i = 0; i < smartlist_len(sl); ++i) {
470 router = smartlist_get(sl, i);
471 this_bw = (router->bandwidthcapacity < router->bandwidthrate) ?
472 router->bandwidthcapacity : router->bandwidthrate;
473 if (this_bw > 2000000)
474 this_bw = 2000000; /* if they claim something huge, don't believe it */
475 p = tor_malloc(sizeof(uint32_t));
476 *p = this_bw;
477 smartlist_add(bandwidths, p);
478 total_bw += this_bw;
479 // log_fn(LOG_INFO,"Recording bw %d for node %s.", this_bw, router->nickname);
480 }
481 if (!total_bw) {
482 SMARTLIST_FOREACH(bandwidths, uint32_t*, p, tor_free(p));
483 smartlist_free(bandwidths);
484 return smartlist_choose(sl);
485 }
486 rand_bw = crypto_pseudo_rand_int(total_bw);
487 // log_fn(LOG_INFO,"Total bw %d. Randomly chose %d.", total_bw, rand_bw);
488 tmp = 0;
489 for (i=0; ; i++) {
490 tor_assert(i < smartlist_len(sl));
491 p = smartlist_get(bandwidths, i);
492 tmp += *p;
493 router = smartlist_get(sl, i);
494 // log_fn(LOG_INFO,"Considering %s. tmp = %d.", router->nickname, tmp);
495 if (tmp >= rand_bw)
496 break;
497 }
498 SMARTLIST_FOREACH(bandwidths, uint32_t*, p, tor_free(p));
499 smartlist_free(bandwidths);
500 router = smartlist_get(sl, i);
501 // log_fn(LOG_INFO,"Picked %s.", router->nickname);
502 return router;
503 }
504
505 /** Return a random running router from the routerlist. If any node
506 * named in <b>preferred</b> is available, pick one of those. Never
507 * pick a node named in <b>excluded</b>, or whose routerinfo is in
508 * <b>excludedsmartlist</b>, even if they are the only nodes
509 * available. If <b>strict</b> is true, never pick any node besides
510 * those in <b>preferred</b>.
511 */
512 routerinfo_t *
513 router_choose_random_node(const char *preferred,
514 const char *excluded,
515 smartlist_t *excludedsmartlist,
516 int need_uptime, int need_capacity,
517 int allow_unverified, int strict)
518 {
519 smartlist_t *sl, *excludednodes;
520 routerinfo_t *choice;
521
522 excludednodes = smartlist_create();
523 add_nickname_list_to_smartlist(excludednodes,excluded,0);
524
525 /* Try the preferred nodes first. Ignore need_uptime and need_capacity,
526 * since the user explicitly asked for these nodes. */
527 sl = smartlist_create();
528 add_nickname_list_to_smartlist(sl,preferred,1);
529 smartlist_subtract(sl,excludednodes);
530 if (excludedsmartlist)
531 smartlist_subtract(sl,excludedsmartlist);
532 #if 0
533 if (need_uptime)
534 routerlist_sl_remove_unreliable_routers(sl);
535 if (need_capacity)
536 choice = routerlist_sl_choose_by_bandwidth(sl);
537 else
538 #endif
539 choice = smartlist_choose(sl);
540 smartlist_free(sl);
541 if (!choice && !strict) {
542 /* Then give up on our preferred choices: any node
543 * will do that has the required attributes. */
544 sl = smartlist_create();
545 router_add_running_routers_to_smartlist(sl, allow_unverified,
546 need_uptime, need_capacity);
547 smartlist_subtract(sl,excludednodes);
548 if (excludedsmartlist)
549 smartlist_subtract(sl,excludedsmartlist);
550 if (need_uptime)
551 routerlist_sl_remove_unreliable_routers(sl);
552 if (need_capacity)
553 choice = routerlist_sl_choose_by_bandwidth(sl);
554 else
555 choice = smartlist_choose(sl);
556 smartlist_free(sl);
557 }
558 smartlist_free(excludednodes);
559 if (!choice)
560 log_fn(LOG_WARN,"No available nodes when trying to choose node. Failing.");
561 return choice;
562 }
563
564 /** Return the router in our routerlist whose address is <b>addr</b> and
565 * whose OR port is <b>port</b>. Return NULL if no such router is known.
566 */
567 routerinfo_t *
568 router_get_by_addr_port(uint32_t addr, uint16_t port)
569 {
570 int i;
571 routerinfo_t *router;
572
573 if (!routerlist)
574 return NULL;
575
576 for (i=0;i<smartlist_len(routerlist->routers);i++) {
577 router = smartlist_get(routerlist->routers, i);
578 if ((router->addr == addr) && (router->or_port == port))
579 return router;
580 }
581 return NULL;
582 }
583
584 /** Return true iff the digest of <b>router</b>'s identity key,
585 * encoded in hexadecimal, matches <b>hexdigest</b> (which is
586 * optionally prefixed with a single dollar sign). Return false if
587 * <b>hexdigest</b> is malformed, or it doesn't match. */
588 static INLINE int
589 router_hex_digest_matches(routerinfo_t *router, const char *hexdigest)
590 {
591 char digest[DIGEST_LEN];
592 tor_assert(hexdigest);
593 if (hexdigest[0] == '$')
594 ++hexdigest;
595
596 if (strlen(hexdigest) != HEX_DIGEST_LEN ||
597 base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
598 return 0;
599 else
600 return (!memcmp(digest, router->identity_digest, DIGEST_LEN));
601 }
602
603 /* Return true if <b>router</b>'s nickname matches <b>nickname</b>
604 * (case-insensitive), or if <b>router's</b> identity key digest
605 * matches a hexadecimal value stored in <b>nickname</b>. Return
606 * false otherwise.*/
607 int
608 router_nickname_matches(routerinfo_t *router, const char *nickname)
609 {
610 if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
611 return 1;
612 else
613 return router_hex_digest_matches(router, nickname);
614 }
615
616 /** Return the router in our routerlist whose (case-insensitive)
617 * nickname or (case-sensitive) hexadecimal key digest is
618 * <b>nickname</b>. Return NULL if no such router is known.
619 */
620 routerinfo_t *
621 router_get_by_nickname(const char *nickname)
622 {
623 int i, maybedigest;
624 routerinfo_t *router;
625 char digest[DIGEST_LEN];
626
627 tor_assert(nickname);
628 if (!routerlist)
629 return NULL;
630 if (nickname[0] == '$')
631 return router_get_by_hexdigest(nickname);
632 if (server_mode(get_options()) &&
633 !strcasecmp(nickname, get_options()->Nickname))
634 return router_get_my_routerinfo();
635
636 maybedigest = (strlen(nickname) == HEX_DIGEST_LEN) &&
637 (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
638
639 for (i=0;i<smartlist_len(routerlist->routers);i++) {
640 router = smartlist_get(routerlist->routers, i);
641 if (0 == strcasecmp(router->nickname, nickname) ||
642 (maybedigest && 0 == memcmp(digest, router->identity_digest,
643 DIGEST_LEN)))
644 return router;
645 }
646
647 return NULL;
648 }
649
650 /** Return true iff <b>digest</b> is the digest of the identity key of
651 * a trusted directory. */
652 int
653 router_digest_is_trusted_dir(const char *digest)
654 {
655 if (!trusted_dir_servers)
656 return 0;
657 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
658 if (!memcmp(digest, ent->digest, DIGEST_LEN)) return 1);
659 return 0;
660 }
661
662 /** Return the router in our routerlist whose hexadecimal key digest
663 * is <b>hexdigest</b>. Return NULL if no such router is known. */
664 routerinfo_t *
665 router_get_by_hexdigest(const char *hexdigest)
666 {
667 char digest[DIGEST_LEN];
668
669 tor_assert(hexdigest);
670 if (!routerlist)
671 return NULL;
672 if (hexdigest[0]=='$')
673 ++hexdigest;
674 if (strlen(hexdigest) != HEX_DIGEST_LEN ||
675 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
676 return NULL;
677
678 return router_get_by_digest(digest);
679 }
680
681 /** Return the router in our routerlist whose 20-byte key digest
682 * is <b>digest</b>. Return NULL if no such router is known. */
683 routerinfo_t *
684 router_get_by_digest(const char *digest)
685 {
686 int i;
687 routerinfo_t *router;
688
689 tor_assert(digest);
690 if (server_mode(get_options()) &&
691 (router = router_get_my_routerinfo()) &&
692 !memcmp(digest, router->identity_digest, DIGEST_LEN))
693 return router;
694 if (!routerlist) return NULL;
695
696 for (i=0;i<smartlist_len(routerlist->routers);i++) {
697 router = smartlist_get(routerlist->routers, i);
698 if (0 == memcmp(router->identity_digest, digest, DIGEST_LEN))
699 return router;
700 }
701
702 return NULL;
703 }
704
705 /** Set *<b>prouterlist</b> to the current list of all known routers. */
706 void
707 router_get_routerlist(routerlist_t **prouterlist)
708 {
709 *prouterlist = routerlist;
710 }
711
712 /** Return the publication time on the current routerlist, or 0 if we have no
713 * routerlist. */
714 time_t
715 routerlist_get_published_time(void)
716 {
717 return routerlist ? routerlist->published_on : 0;
718 }
719
720 /** Free all storage held by <b>router</b>. */
721 void
722 routerinfo_free(routerinfo_t *router)
723 {
724 if (!router)
725 return;
726
727 tor_free(router->signed_descriptor);
728 tor_free(router->address);
729 tor_free(router->nickname);
730 tor_free(router->platform);
731 tor_free(router->contact_info);
732 if (router->onion_pkey)
733 crypto_free_pk_env(router->onion_pkey);
734 if (router->identity_pkey)
735 crypto_free_pk_env(router->identity_pkey);
736 if (router->declared_family) {
737 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
738 smartlist_free(router->declared_family);
739 }
740 addr_policy_free(router->exit_policy);
741 tor_free(router);
742 }
743
744 /** Allocate a fresh copy of <b>router</b> */
745 routerinfo_t *
746 routerinfo_copy(const routerinfo_t *router)
747 {
748 routerinfo_t *r;
749 addr_policy_t **e, *tmp;
750
751 r = tor_malloc(sizeof(routerinfo_t));
752 memcpy(r, router, sizeof(routerinfo_t));
753
754 r->address = tor_strdup(r->address);
755 r->nickname = tor_strdup(r->nickname);
756 r->platform = tor_strdup(r->platform);
757 if (r->signed_descriptor)
758 r->signed_descriptor = tor_strdup(r->signed_descriptor);
759 if (r->onion_pkey)
760 r->onion_pkey = crypto_pk_dup_key(r->onion_pkey);
761 if (r->identity_pkey)
762 r->identity_pkey = crypto_pk_dup_key(r->identity_pkey);
763 e = &r->exit_policy;
764 while (*e) {
765 tmp = tor_malloc(sizeof(addr_policy_t));
766 memcpy(tmp,*e,sizeof(addr_policy_t));
767 *e = tmp;
768 (*e)->string = tor_strdup((*e)->string);
769 e = & ((*e)->next);
770 }
771 if (r->declared_family) {
772 r->declared_family = smartlist_create();
773 SMARTLIST_FOREACH(router->declared_family, const char *, s,
774 smartlist_add(r->declared_family, tor_strdup(s)));
775 }
776 return r;
777 }
778
779 /** Free all storage held by a routerlist <b>rl</b> */
780 void
781 routerlist_free(routerlist_t *rl)
782 {
783 tor_assert(rl);
784 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
785 routerinfo_free(r));
786 smartlist_free(rl->routers);
787 running_routers_free(rl->running_routers);
788 tor_free(rl->software_versions);
789 tor_free(rl);
790 }
791
792 /** Free all entries in the current router list. */
793 void
794 routerlist_free_current(void)
795 {
796 if (routerlist)
797 routerlist_free(routerlist);
798 routerlist = NULL;
799 if (warned_nicknames) {
800 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
801 smartlist_free(warned_nicknames);
802 warned_nicknames = NULL;
803 }
804 }
805
806 /** Free all entries in the list of trusted directory servers. */
807 void
808 free_trusted_dir_servers(void)
809 {
810 if (trusted_dir_servers) {
811 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
812 { tor_free(ds->address); tor_free(ds); });
813 smartlist_free(trusted_dir_servers);
814 trusted_dir_servers = NULL;
815 }
816 }
817
818 /** Mark the router with ID <b>digest</b> as non-running in our routerlist. */
819 void
820 router_mark_as_down(const char *digest)
821 {
822 routerinfo_t *router;
823 tor_assert(digest);
824
825 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
826 if (!memcmp(d->digest, digest, DIGEST_LEN))
827 d->is_running = 0);
828
829 router = router_get_by_digest(digest);
830 if (!router) /* we don't seem to know about him in the first place */
831 return;
832 log_fn(LOG_DEBUG,"Marking router '%s' as down.",router->nickname);
833 if (router_is_me(router))
834 log_fn(LOG_WARN, "We just marked ourself as down. Are your external addresses reachable?");
835 router->is_running = 0;
836 router->status_set_at = time(NULL);
837 }
838
839 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
840 * older entries (if any) with the same name. Note: Callers should not hold
841 * their pointers to <b>router</b> if this function fails; <b>router</b>
842 * will either be inserted into the routerlist or freed. Returns 0 if the
843 * router was added; -1 if it was not.
844 *
845 * DOCDOC msg
846 */
847 static int
848 router_add_to_routerlist(routerinfo_t *router, const char **msg)
849 {
850 int i;
851 routerinfo_t *r;
852 char id_digest[DIGEST_LEN];
853
854 tor_assert(routerlist);
855 crypto_pk_get_digest(router->identity_pkey, id_digest);
856
857 /* If we have a router with this name, and the identity key is the same,
858 * choose the newer one. If the identity key has changed, drop the router.
859 */
860 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
861 r = smartlist_get(routerlist->routers, i);
862
863 if (!crypto_pk_cmp_keys(router->identity_pkey, r->identity_pkey)) {
864 if (router->published_on > r->published_on) {
865 log_fn(LOG_DEBUG, "Replacing entry for router '%s/%s' [%s]",
866 router->nickname, r->nickname, hex_str(id_digest,DIGEST_LEN));
867 /* Remember whether we trust this router as a dirserver. */
868 /* If the address hasn't changed; no need to re-resolve. */
869 if (!strcasecmp(r->address, router->address))
870 router->addr = r->addr;
871 routerinfo_free(r);
872 smartlist_set(routerlist->routers, i, router);
873 return 0;
874 } else {
875 log_fn(LOG_DEBUG, "Skipping not-new descriptor for router '%s'",
876 router->nickname);
877 /* Update the is_running status to whatever we were told. */
878 r->is_running = router->is_running;
879 routerinfo_free(router);
880 if (msg) *msg = "Router descriptor was not new.";
881 return -1;
882 }
883 } else if (!strcasecmp(router->nickname, r->nickname)) {
884 /* nicknames match, keys don't. */
885 if (router->is_verified) {
886 /* The new verified router replaces the old one; remove the
887 * old one. And carry on to the end of the list, in case
888 * there are more old unverified routers with this nickname
889 */
890 /* mark-for-close connections using the old key, so we can
891 * make new ones with the new key.
892 */
893 connection_t *conn;
894 while ((conn = connection_get_by_identity_digest(r->identity_digest,
895 CONN_TYPE_OR))) {
896 log_fn(LOG_INFO,"Closing conn to obsolete router '%s'", r->nickname);
897 connection_mark_for_close(conn);
898 }
899 routerinfo_free(r);
900 smartlist_del_keeporder(routerlist->routers, i--);
901 } else if (r->is_verified) {
902 /* Can't replace a verified router with an unverified one. */
903 log_fn(LOG_DEBUG, "Skipping unverified entry for verified router '%s'",
904 router->nickname);
905 routerinfo_free(router);
906 if (msg) *msg = "Already have verified router with different key and same nickname";
907 return -1;
908 }
909 }
910 }
911 /* We haven't seen a router with this name before. Add it to the end of
912 * the list. */
913 smartlist_add(routerlist->routers, router);
914 return 0;
915 }
916
917 /** Remove any routers from the routerlist that are more than <b>age</b>
918 * seconds old.
919 *
920 * (This function is just like dirserv_remove_old_servers. One day we should
921 * merge them.)
922 */
923 void
924 routerlist_remove_old_routers(int age)
925 {
926 int i;
927 time_t cutoff;
928 routerinfo_t *router;
929 if (!routerlist)
930 return;
931
932 cutoff = time(NULL) - age;
933 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
934 router = smartlist_get(routerlist->routers, i);
935 if (router->published_on <= cutoff) {
936 /* Too old. Remove it. */
937 log_fn(LOG_INFO,"Forgetting obsolete routerinfo for router '%s'", router->nickname);
938 routerinfo_free(router);
939 smartlist_del(routerlist->routers, i--);
940 }
941 }
942 }
943
944 /*
945 * Code to parse a single router descriptors and insert it into the
946 * directory. Return -1 if the descriptor was ill-formed; 0 if the
947 * descriptor was well-formed but could not be added; and 1 if the
948 * descriptor was added.
949 */
950 int
951 router_load_single_router(const char *s, const char **msg)
952 {
953 routerinfo_t *ri;
954 tor_assert(msg);
955
956 if (!(ri = router_parse_entry_from_string(s, NULL))) {
957 log_fn(LOG_WARN, "Error parsing router descriptor; dropping.");
958 *msg = "Couldn't parse router descriptor";
959 return -1;
960 }
961 if (router_is_me(ri)) {
962 log_fn(LOG_WARN, "Router's identity key matches mine; dropping.");
963 *msg = "Router's identity key matches mine.";
964 routerinfo_free(ri);
965 return 0;
966 }
967 if (router_resolve(ri)<0) {
968 log_fn(LOG_WARN, "Couldn't resolve router address; dropping.");
969 *msg = "Couldn't resolve router address.";
970 routerinfo_free(ri);
971 return 0;
972 }
973 if (routerlist && routerlist->running_routers) {
974 running_routers_t *rr = routerlist->running_routers;
975 router_update_status_from_smartlist(ri,
976 rr->published_on,
977 rr->running_routers);
978 }
979 if (router_add_to_routerlist(ri, msg)<0) {
980 log_fn(LOG_WARN, "Couldn't add router to list; dropping.");
981 *msg = "Couldn't add router to list.";
982 /* ri is already freed */
983 return 0;
984 } else {
985 smartlist_t *changed = smartlist_create();
986 smartlist_add(changed, ri);
987 control_event_descriptors_changed(changed);
988 smartlist_free(changed);
989 }
990
991 log_fn(LOG_DEBUG, "Added router to list");
992 return 1;
993 }
994
995 /** Add to the current routerlist each router stored in the
996 * signed directory <b>s</b>. If pkey is provided, check the signature against
997 * pkey; else check against the pkey of the signing directory server.
998 *
999 * If <b>dir_is_recent</b> is non-zero, then examine the
1000 * Recommended-versions line and take appropriate action.
1001 *
1002 * If <b>dir_is_cached</b> is non-zero, then we're reading it
1003 * from the cache so don't bother to re-write it to the cache.
1004 */
1005 int
1006 router_load_routerlist_from_directory(const char *s,
1007 crypto_pk_env_t *pkey,
1008 int dir_is_recent,
1009 int dir_is_cached)
1010 {
1011 routerlist_t *new_list = NULL;
1012 if (router_parse_routerlist_from_directory(s, &new_list, pkey,
1013 dir_is_recent,
1014 !dir_is_cached)) {
1015 log_fn(LOG_WARN, "Couldn't parse directory.");
1016 return -1;
1017 }
1018 if (routerlist) {
1019 smartlist_t *changed = smartlist_create();
1020 SMARTLIST_FOREACH(new_list->routers, routerinfo_t *, r,
1021 {
1022 if (router_add_to_routerlist(r,NULL)==0)
1023 smartlist_add(changed, r);
1024 });
1025 smartlist_clear(new_list->routers);
1026 routerlist->published_on = new_list->published_on;
1027 tor_free(routerlist->software_versions);
1028 routerlist->software_versions = new_list->software_versions;
1029 new_list->software_versions = NULL;
1030 routerlist_free(new_list);
1031 control_event_descriptors_changed(changed);
1032 smartlist_free(changed);
1033 } else {
1034 routerlist = new_list;
1035 control_event_descriptors_changed(routerlist->routers);
1036 }
1037 if (router_resolve_routerlist(routerlist)) {
1038 log_fn(LOG_WARN, "Error resolving routerlist");
1039 return -1;
1040 }
1041 if (get_options()->AuthoritativeDir) {
1042 /* Learn about the descriptors in the directory. */
1043 dirserv_load_from_directory_string(s);
1044 }
1045 return 0;
1046 }
1047
1048 /** Helper function: resolve the hostname for <b>router</b>. */
1049 static int
1050 router_resolve(routerinfo_t *router)
1051 {
1052 if (tor_lookup_hostname(router->address, &router->addr) != 0
1053 || !router->addr) {
1054 log_fn(LOG_WARN,"Could not resolve address for router '%s' at %s",
1055 router->nickname, router->address);
1056 return -1;
1057 }
1058 router->addr = ntohl(router->addr); /* get it back into host order */
1059
1060 return 0;
1061 }
1062
1063 /** Helper function: resolve every router in rl, and ensure that our own
1064 * routerinfo is at the front.
1065 */
1066 static int
1067 router_resolve_routerlist(routerlist_t *rl)
1068 {
1069 int i, remove;
1070 routerinfo_t *r;
1071 if (!rl)
1072 rl = routerlist;
1073
1074 i = 0;
1075 if ((r = router_get_my_routerinfo())) {
1076 smartlist_insert(rl->routers, 0, routerinfo_copy(r));
1077 ++i;
1078 }
1079
1080 for ( ; i < smartlist_len(rl->routers); ++i) {
1081 remove = 0;
1082 r = smartlist_get(rl->routers,i);
1083 if (router_is_me(r)) {
1084 remove = 1;
1085 } else if (r->addr) {
1086 /* already resolved. */
1087 } else if (router_resolve(r)) {
1088 log_fn(LOG_WARN, "Couldn't resolve router '%s' at '%s'; not using",
1089 r->nickname, r->address);
1090 remove = 1;
1091 }
1092 if (remove) {
1093 routerinfo_free(r);
1094 smartlist_del_keeporder(rl->routers, i--);
1095 }
1096 }
1097
1098 return 0;
1099 }
1100
1101 /** Decide whether a given addr:port is definitely accepted,
1102 * definitely rejected, probably accepted, or probably rejected by a
1103 * given policy. If <b>addr</b> is 0, we don't know the IP of the
1104 * target address. If <b>port</b> is 0, we don't know the port of the
1105 * target address.
1106 *
1107 * For now, the algorithm is pretty simple: we look for definite and
1108 * uncertain matches. The first definite match is what we guess; if
1109 * it was proceded by no uncertain matches of the opposite policy,
1110 * then the guess is definite; otherwise it is probable. (If we
1111 * have a known addr and port, all matches are definite; if we have an
1112 * unknown addr/port, any address/port ranges other than "all" are
1113 * uncertain.)
1114 *
1115 * We could do better by assuming that some ranges never match typical
1116 * addresses (127.0.0.1, and so on). But we'll try this for now.
1117 */
1118 addr_policy_result_t
1119 router_compare_addr_to_addr_policy(uint32_t addr, uint16_t port,
1120 addr_policy_t *policy)
1121 {
1122 int maybe_reject = 0;
1123 int maybe_accept = 0;
1124 int match = 0;
1125 int maybe = 0;
1126 addr_policy_t *tmpe;
1127
1128 for (tmpe=policy; tmpe; tmpe=tmpe->next) {
1129 // log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string);
1130 maybe = 0;
1131 if (!addr) {
1132 /* Address is unknown. */
1133 if ((port >= tmpe->prt_min && port <= tmpe->prt_max) ||
1134 (!port && tmpe->prt_min<=1 && tmpe->prt_max>=65535)) {
1135 /* The port definitely matches. */
1136 if (tmpe->msk == 0) {
1137 match = 1;
1138 } else {
1139 maybe = 1;
1140 }
1141 } else if (!port) {
1142 /* The port maybe matches. */
1143 maybe = 1;
1144 }
1145 } else {
1146 /* Address is known */
1147 if ((addr & tmpe->msk) == (tmpe->addr & tmpe->msk)) {
1148 if (port >= tmpe->prt_min && port <= tmpe->prt_max) {
1149 /* Exact match for the policy */
1150 match = 1;
1151 } else if (!port) {
1152 maybe = 1;
1153 }
1154 }
1155 }
1156 if (maybe) {
1157 if (tmpe->policy_type == ADDR_POLICY_REJECT)
1158 maybe_reject = 1;
1159 else
1160 maybe_accept = 1;
1161 }
1162 if (match) {
1163 // struct in_addr in;
1164 // in.s_addr = htonl(addr);
1165 // log_fn(LOG_DEBUG,"Address %s:%d matches policy '%s'",
1166 // inet_ntoa(in), port, tmpe->string);
1167 if (tmpe->policy_type == ADDR_POLICY_ACCEPT) {
1168 /* If we already hit a clause that might trigger a 'reject', than we
1169 * can't be sure of this certain 'accept'.*/
1170 return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED : ADDR_POLICY_ACCEPTED;
1171 } else {
1172 return maybe_accept ? ADDR_POLICY_PROBABLY_REJECTED : ADDR_POLICY_REJECTED;
1173 }
1174 }
1175 }
1176 /* accept all by default. */
1177 return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED : ADDR_POLICY_ACCEPTED;
1178 }
1179
1180 /** Return 1 if all running sufficiently-stable routers will reject
1181 * addr:port, return 0 if any might accept it. */
1182 int
1183 router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
1184 int need_uptime)
1185 {
1186 int i;
1187 routerinfo_t *router;
1188 addr_policy_result_t r;
1189 if (!routerlist) return 1;
1190
1191 for (i=0;i<smartlist_len(routerlist->routers);i++) {
1192 router = smartlist_get(routerlist->routers, i);
1193 if (router->is_running &&
1194 !router_is_unreliable(router, need_uptime, 0)) {
1195 r = router_compare_addr_to_addr_policy(addr, port, router->exit_policy);
1196 if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
1197 return 0; /* this one could be ok. good enough. */
1198 }
1199 }
1200 return 1; /* all will reject. */
1201 }
1202
1203 /**
1204 * If <b>policy</b> implicitly allows connections to any port in the
1205 * IP set <b>addr</b>/<b>mask</b>, then set *<b>policy_out</b> to the
1206 * part of the policy that allows it, and return 1. Else return 0.
1207 *
1208 * A policy allows an IP:Port combination <em>implicitly</em> if
1209 * it is included in a *: pattern, or in a fallback pattern.
1210 */
1211 static int
1212 policy_includes_addr_mask_implicitly(addr_policy_t *policy,
1213 uint32_t addr, uint32_t mask,
1214 addr_policy_t **policy_out)
1215 {
1216 uint32_t addr2;
1217 tor_assert(policy_out);
1218 addr &= mask;
1219 addr2 = addr | ~mask;
1220 for (; policy; policy=policy->next) {
1221 /* Does this policy cover all of the address range we're looking at? */
1222 /* Boolean logic time: range X is contained in range Y if, for
1223 * each bit B, all possible values of B in X are values of B in Y.
1224 * In "addr", we have every fixed bit set to its value, and every
1225 * free bit set to 0. In "addr2", we have every fixed bit set to
1226 * its value, and every free bit set to 1. So if addr and addr2 are
1227 * both in the policy, the range is covered by the policy.
1228 */
1229 uint32_t p_addr = policy->addr & policy->msk;
1230 if (p_addr == (addr & policy->msk) &&
1231 p_addr == (addr2 & policy->msk) &&
1232 (policy->prt_min <= 1 && policy->prt_max == 65535)) {
1233 return 0;
1234 }
1235 /* Does this policy cover some of the address range we're looking at? */
1236 /* Boolean logic time: range X and range Y intersect if there is
1237 * some z such that z & Xmask == Xaddr and z & Ymask == Yaddr.
1238 * This is FALSE iff there is some bit b where Xmask == yMask == 1
1239 * and Xaddr != Yaddr. So if X intersects with Y iff at every
1240 * place where Xmask&Ymask==1, Xaddr == Yaddr, or equivalently,
1241 * Xaddr&Xmask&Ymask == Yaddr&Xmask&Ymask.
1242 */
1243 if ((policy->addr & policy->msk & mask) == (addr & policy->msk) &&
1244 policy->policy_type == ADDR_POLICY_ACCEPT) {
1245 *policy_out = policy;
1246 return 1;
1247 }
1248 }
1249 *policy_out = NULL;
1250 return 1;
1251 }
1252
1253 /** If <b>policy</b> implicitly allows connections to any port on
1254 * 127.*, 192.168.*, etc, then warn (if <b>warn</b> is set) and return
1255 * true. Else return false.
1256 **/
1257 int
1258 exit_policy_implicitly_allows_local_networks(addr_policy_t *policy,
1259 int warn)
1260 {
1261 addr_policy_t *p;
1262 int r=0,i;
1263 static struct {
1264 uint32_t addr; uint32_t mask; const char *network;
1265 } private_networks[] = {
1266 { 0x7f000000, 0xff000000, "localhost (127.x)" },
1267 { 0x0a000000, 0xff000000, "addresses in private network 10.x" },
1268 { 0xa9fe0000, 0xffff0000, "addresses in private network 169.254.x" },
1269 { 0xac100000, 0xfff00000, "addresses in private network 172.16.x" },
1270 { 0xc0a80000, 0xffff0000, "addresses in private network 192.168.x" },
1271 { 0,0,NULL},
1272 };
1273 for (i=0; private_networks[i].addr; ++i) {
1274 p = NULL;
1275 /* log_fn(LOG_INFO,"Checking network %s", private_networks[i].network); */
1276 if (policy_includes_addr_mask_implicitly(
1277 policy, private_networks[i].addr, private_networks[i].mask, &p)) {
1278 if (warn)
1279 log_fn(LOG_WARN, "Exit policy %s implicitly accepts %s",
1280 p?p->string:"(default)",
1281 private_networks[i].network);
1282 r = 1;
1283 }
1284 }
1285
1286 return r;
1287 }
1288
1289 /** Return true iff <b>router</b> does not permit exit streams.
1290 */
1291 int
1292 router_exit_policy_rejects_all(routerinfo_t *router)
1293 {
1294 return router_compare_addr_to_addr_policy(0, 0, router->exit_policy)
1295 == ADDR_POLICY_REJECTED;
1296 }
1297
1298 /** Release all space held in <b>rr</b>. */
1299 void
1300 running_routers_free(running_routers_t *rr)
1301 {
1302 if (!rr)
1303 return;
1304 if (rr->running_routers) {
1305 SMARTLIST_FOREACH(rr->running_routers, char *, s, tor_free(s));
1306 smartlist_free(rr->running_routers);
1307 }
1308 tor_free(rr);
1309 }
1310
1311 /** We've just got a running routers list in <b>rr</b>; update the
1312 * status of the routers in <b>list</b>, and cache <b>rr</b> */
1313 void
1314 routerlist_set_runningrouters(routerlist_t *list, running_routers_t *rr)
1315 {
1316 routerlist_update_from_runningrouters(list,rr);
1317 if (list->running_routers != rr) {
1318 running_routers_free(list->running_routers);
1319 list->running_routers = rr;
1320 }
1321 }
1322
1323 /** Update the running/not-running status of every router in <b>list</b>, based
1324 * on the contents of <b>rr</b>. */
1325 /* Note: this function is not yet used, since nobody publishes just
1326 * running-router lists yet. */
1327 void
1328 routerlist_update_from_runningrouters(routerlist_t *list,
1329 running_routers_t *rr)
1330 {
1331 routerinfo_t *me = router_get_my_routerinfo();
1332 smartlist_t *all_routers;
1333 if (!list)
1334 return;
1335 if (list->published_on >= rr->published_on)
1336 return;
1337 if (list->running_routers_updated_on >= rr->published_on)
1338 return;
1339
1340 all_routers = smartlist_create();
1341 if (me) /* learn if the dirservers think I'm verified */
1342 smartlist_add(all_routers, me);
1343
1344 smartlist_add_all(all_routers,list->routers);
1345 SMARTLIST_FOREACH(rr->running_routers, const char *, cp,
1346 routers_update_status_from_entry(all_routers, rr->published_on,
1347 cp));
1348 smartlist_free(all_routers);
1349 list->running_routers_updated_on = rr->published_on;
1350 }
1351
1352 /** Update the is_running and is_verified fields of the router <b>router</b>,
1353 * based in its status in the list of strings stored in <b>running_list</b>.
1354 * All entries in <b>running_list</b> follow one of these formats:
1355 * <ol><li> <b>nickname</b> -- router is running and verified.
1356 * (running-routers format)
1357 * <li> !<b>nickname</b> -- router is not-running and verified.
1358 * (running-routers format)
1359 * <li> <b>nickname</b>=$<b>hexdigest</b> -- router is running and
1360 * verified. (router-status format)
1361 * (router-status format)
1362 * <li> !<b>nickname</b>=$<b>hexdigest</b> -- router is running and
1363 * verified. (router-status format)
1364 * <li> !<b>nickname</b> -- router is not-running and verified.
1365 * <li> $<b>hexdigest</b> -- router is running and unverified.
1366 * <li> !$<b>hexdigest</b> -- router is not-running and unverified.
1367 * </ol>
1368 *
1369 * Return 1 if we found router in running_list, else return 0.
1370 */
1371 int
1372 routers_update_status_from_entry(smartlist_t *routers,
1373 time_t list_time,
1374 const char *s)
1375 {
1376 int is_running = 1;
1377 int is_verified = 0;
1378 int hex_digest_set = 0;
1379 char nickname[MAX_NICKNAME_LEN+1];
1380 char hexdigest[HEX_DIGEST_LEN+1];
1381 char digest[DIGEST_LEN];
1382 const char *cp, *end;
1383
1384 /* First, parse the entry. */
1385 cp = s;
1386 if (*cp == '!') {
1387 is_running = 0;
1388 ++cp;
1389 }
1390
1391 if (*cp != '$') {
1392 /* It starts with a non-dollar character; that's a nickname. The nickname
1393 * entry will either extend to a NUL (old running-routers format) or to an
1394 * equals sign (new router-status format). */
1395 is_verified = 1;
1396 end = strchr(cp, '=');
1397 if (!end)
1398 end = strchr(cp,'\0');
1399 tor_assert(end);
1400 /* 'end' now points on character beyond the end of the nickname */
1401 if (end == cp || end-cp > MAX_NICKNAME_LEN) {
1402 log_fn(LOG_WARN, "Bad nickname length (%d) in router status entry (%s)",
1403 (int)(end-cp), s);
1404 return -1;
1405 }
1406 memcpy(nickname, cp, end-cp);
1407 nickname[end-cp]='\0';
1408 if (!is_legal_nickname(nickname)) {
1409 log_fn(LOG_WARN, "Bad nickname (%s) in router status entry (%s)",
1410 nickname, s);
1411 return -1;
1412 }
1413 cp = end;
1414 if (*cp == '=')
1415 ++cp;
1416 }
1417 /* 'end' now points to the start of a hex digest, or EOS. */
1418
1419 /* Parse the hexdigest portion of the status. */
1420 if (*cp == '$') {
1421 hex_digest_set = 1;
1422 ++cp;
1423 if (strlen(cp) != HEX_DIGEST_LEN) {
1424 log_fn(LOG_WARN, "Bad length (%d) on digest in router status entry (%s)",
1425 (int)strlen(cp), s);
1426 return -1;
1427 }
1428 strlcpy(hexdigest, cp, sizeof(hexdigest));
1429 if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0) {
1430 log_fn(LOG_WARN, "Invalid digest in router status entry (%s)", s);
1431 return -1;
1432 }
1433 }
1434
1435 /* Make sure that the entry was in the right format. */
1436 if (!hex_digest_set) {
1437 log_fn(LOG_WARN, "Invalid syntax for router-status member (%s)", s);
1438 return -1;
1439 }
1440
1441 /* Okay, we're done parsing. For all routers that match, update their status.
1442 */
1443 SMARTLIST_FOREACH(routers, routerinfo_t *, r,
1444 {
1445 int nickname_matches = is_verified && !strcasecmp(r->nickname, nickname);
1446 int digest_matches = !memcmp(digest, r->identity_digest, DIGEST_LEN);
1447 if (nickname_matches && digest_matches)
1448 r->is_verified = 1;
1449 else if (digest_matches)
1450 r->is_verified = 0;
1451 if (digest_matches)
1452 if (r->status_set_at < list_time) {
1453 r->is_running = is_running;
1454 r->status_set_at = time(NULL);
1455 }
1456 });
1457
1458 return 0;
1459 }
1460
1461 /** As router_update_status_from_entry, but consider all entries in
1462 * running_list. */
1463 int
1464 router_update_status_from_smartlist(routerinfo_t *router,
1465 time_t list_time,
1466 smartlist_t *running_list)
1467 {
1468 smartlist_t *rl;
1469 rl = smartlist_create();
1470 smartlist_add(rl,router);
1471 SMARTLIST_FOREACH(running_list, const char *, cp,
1472 routers_update_status_from_entry(rl,list_time,cp));
1473 smartlist_free(rl);
1474 return 0;
1475 }
1476
1477 /** Add to the list of authorized directory servers one at
1478 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. */
1479 void
1480 add_trusted_dir_server(const char *address, uint16_t port, const char *digest)
1481 {
1482 trusted_dir_server_t *ent;
1483 uint32_t a;
1484 if (!trusted_dir_servers)
1485 trusted_dir_servers = smartlist_create();
1486
1487 if (tor_lookup_hostname(address, &a)) {
1488 log_fn(LOG_WARN, "Unable to lookup address for directory server at %s",
1489 address);
1490 return;
1491 }
1492
1493 ent = tor_malloc(sizeof(trusted_dir_server_t));
1494 ent->address = tor_strdup(address);
1495 ent->addr = ntohl(a);
1496 ent->dir_port = port;
1497 ent->is_running = 1;
1498 memcpy(ent->digest, digest, DIGEST_LEN);
1499 smartlist_add(trusted_dir_servers, ent);
1500 }
1501
1502 /** Remove all members from the list of trusted dir servers. */
1503 void
1504 clear_trusted_dir_servers(void)
1505 {
1506 if (trusted_dir_servers) {
1507 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
1508 { tor_free(ent->address); tor_free(ent); });
1509 smartlist_clear(trusted_dir_servers);
1510 } else {
1511 trusted_dir_servers = smartlist_create();
1512 }
1513 }
1514
The Onion Router