1 /* Copyright 2001 Matej Pfajfar.
2 * Copyright 2001-2004 Roger Dingledine.
3 * Copyright 2004 Roger Dingledine, Nick Mathewson. */
4 /* See LICENSE for licensing information */
10 * \brief Code to parse and validate router descriptors and directories.
15 /****************************************************************************/
17 /** Enumeration of possible token types. The ones starting with K_
18 * correspond to directory 'keywords'. _UNRECOGNIZED is for an
19 * unrecognized keyword; _ERR is an error in the tokenizing process,
20 * _EOF is an end-of-file marker, and _NIL is used to encode
25 K_DIRECTORY_SIGNATURE
,
26 K_RECOMMENDED_SOFTWARE
,
52 /** Structure to hold a single directory token.
54 * We parse a directory by breaking it into "tokens", each consisting
55 * of a keyword, a line full of arguments, and a binary object. The
56 * arguments and object are both optional, depending on the keyword
59 typedef struct directory_token_t
{
60 directory_keyword tp
; /**< Type of the token. */
61 int n_args
; /**< Number of elements in args */
62 char **args
; /**< Array of arguments from keyword line. */
63 char *object_type
; /**< -----BEGIN [object_type]-----*/
64 size_t object_size
; /**< Bytes in object_body */
65 char *object_body
; /**< Contents of object, base64-decoded. */
66 crypto_pk_env_t
*key
; /**< For public keys only. */
67 const char *error
; /**< For _ERR tokens only. */
70 /* ********************************************************************** */
72 /** We use a table of rules to decide how to parse each token type. */
74 /** Rules for how many arguments a keyword can take. */
76 NO_ARGS
, /**< (1) no arguments, ever */
77 ARGS
, /**< (2) a list of arguments separated by spaces */
78 CONCAT_ARGS
, /**< or (3) the rest of the line, treated as a single argument. */
81 /** Rules for whether the keyword needs an object. */
83 NO_OBJ
, /**< (1) no object, ever */
84 NEED_OBJ
, /**< (2) object is required */
85 NEED_KEY
, /**< (3) object is required, and must be a public key. */
86 OBJ_OK
, /**< or (4) object is optional. */
89 /** Rules for where a keyword can appear. */
91 ANY
= 0, /**< Appears in router descriptor or in directory sections. */
92 DIR_ONLY
, /**< Appears only in directory. */
93 RTR_ONLY
, /**< Appears only in router descriptor or runningrouters */
96 /** Table mapping keywords to token value and to argument rules. */
98 const char *t
; int v
; arg_syntax s
; obj_syntax os
; where_syntax ws
;
100 { "accept", K_ACCEPT
, ARGS
, NO_OBJ
, RTR_ONLY
},
101 { "directory-signature", K_DIRECTORY_SIGNATURE
, ARGS
, NEED_OBJ
,DIR_ONLY
},
102 { "reject", K_REJECT
, ARGS
, NO_OBJ
, RTR_ONLY
},
103 { "router", K_ROUTER
, ARGS
, NO_OBJ
, RTR_ONLY
},
104 { "recommended-software",K_RECOMMENDED_SOFTWARE
,ARGS
, NO_OBJ
, DIR_ONLY
},
105 { "signed-directory", K_SIGNED_DIRECTORY
, NO_ARGS
, NO_OBJ
, DIR_ONLY
},
106 { "signing-key", K_SIGNING_KEY
, NO_ARGS
, NEED_KEY
,RTR_ONLY
},
107 { "onion-key", K_ONION_KEY
, NO_ARGS
, NEED_KEY
,RTR_ONLY
},
108 { "router-signature", K_ROUTER_SIGNATURE
, NO_ARGS
, NEED_OBJ
,RTR_ONLY
},
109 { "running-routers", K_RUNNING_ROUTERS
, ARGS
, NO_OBJ
, DIR_ONLY
},
110 { "router-status", K_ROUTER_STATUS
, ARGS
, NO_OBJ
, DIR_ONLY
},
111 { "ports", K_PORTS
, ARGS
, NO_OBJ
, RTR_ONLY
},
112 { "bandwidth", K_BANDWIDTH
, ARGS
, NO_OBJ
, RTR_ONLY
},
113 { "platform", K_PLATFORM
, CONCAT_ARGS
, NO_OBJ
, RTR_ONLY
},
114 { "published", K_PUBLISHED
, CONCAT_ARGS
, NO_OBJ
, ANY
},
115 { "opt", K_OPT
, CONCAT_ARGS
, OBJ_OK
, ANY
},
116 { "dircacheport", K_DIRCACHEPORT
, ARGS
, NO_OBJ
, RTR_ONLY
},
117 { "contact", K_CONTACT
, CONCAT_ARGS
, NO_OBJ
, ANY
},
118 { "network-status", K_NETWORK_STATUS
, NO_ARGS
, NO_OBJ
, DIR_ONLY
},
119 { "uptime", K_UPTIME
, ARGS
, NO_OBJ
, RTR_ONLY
},
120 { "dir-signing-key", K_DIR_SIGNING_KEY
, ARGS
, OBJ_OK
, DIR_ONLY
},
121 { "family", K_FAMILY
, ARGS
, NO_OBJ
, RTR_ONLY
},
122 { NULL
, -1, NO_ARGS
, NO_OBJ
, ANY
}
125 /* static function prototypes */
126 static int router_add_exit_policy(routerinfo_t
*router
,directory_token_t
*tok
);
127 static struct addr_policy_t
*router_parse_addr_policy(directory_token_t
*tok
);
128 static int router_get_hash_impl(const char *s
, char *digest
,
129 const char *start_str
, const char *end_str
);
130 static void token_free(directory_token_t
*tok
);
131 static smartlist_t
*find_all_exitpolicy(smartlist_t
*s
);
132 static directory_token_t
*find_first_by_keyword(smartlist_t
*s
,
133 directory_keyword keyword
);
134 static int tokenize_string(const char *start
, const char *end
,
135 smartlist_t
*out
, int is_dir
);
136 static directory_token_t
*get_next_token(const char **s
, where_syntax where
);
137 static int check_directory_signature(const char *digest
,
138 directory_token_t
*tok
,
139 crypto_pk_env_t
*pkey
,
140 crypto_pk_env_t
*declared_key
);
141 static crypto_pk_env_t
*find_dir_signing_key(const char *str
);
142 /* static */ int is_obsolete_version(const char *myversion
,
143 const char *versionlist
);
145 /** Set <b>digest</b> to the SHA-1 digest of the hash of the directory in
146 * <b>s</b>. Return 0 on success, nonzero on failure.
148 int router_get_dir_hash(const char *s
, char *digest
)
150 return router_get_hash_impl(s
,digest
,
151 "signed-directory","\ndirectory-signature");
154 /** Set <b>digest</b> to the SHA-1 digest of the hash of the first router in
155 * <b>s</b>. Return 0 on success, nonzero on failure.
157 int router_get_router_hash(const char *s
, char *digest
)
159 return router_get_hash_impl(s
,digest
,
160 "router ","\nrouter-signature");
163 /** Set <b>digest</b> to the SHA-1 digest of the hash of the running-routers
164 * string in <b>s</b>. Return 0 on success, nonzero on failure.
166 int router_get_runningrouters_hash(const char *s
, char *digest
)
168 return router_get_hash_impl(s
,digest
,
169 "network-status","\ndirectory-signature");
173 * Find the first instance of "recommended-software ...\n" at the start of
174 * a line; return a newly allocated string containing the "..." portion.
175 * Return NULL if no such instance was found.
178 get_recommended_software_from_directory(const char *str
)
180 #define REC "recommended-software "
181 const char *cp
= str
, *eol
;
182 size_t len
= strlen(REC
);
184 if (strcmpstart(str
, REC
)==0) {
187 cp
= strstr(str
, "\n"REC
);
192 eol
= strchr(cp
, '\n');
195 return tor_strndup(cp
, eol
-cp
);
199 /** Return 1 if <b>myversion</b> is not in <b>versionlist</b>, and if at least
200 * one version of Tor on <b>versionlist</b> is newer than <b>myversion</b>.
201 * Otherwise return 0.
202 * (versionlist is a comma-separated list of version strings,
203 * optionally prefixed with "Tor". Versions that can't be parsed are
205 /* static */ int is_obsolete_version(const char *myversion
,
206 const char *versionlist
) {
208 tor_version_t mine
, other
;
209 int found_newer
= 0, r
, ret
;
210 static int warned_too_new
=0;
211 smartlist_t
*version_sl
;
215 log_fn(LOG_DEBUG
,"Checking whether version '%s' is in '%s'", myversion
, versionlist
);
217 if (tor_version_parse(myversion
, &mine
)) {
218 log_fn(LOG_ERR
, "I couldn't parse my own version (%s)", myversion
);
221 version_sl
= smartlist_create();
222 smartlist_split_string(version_sl
, versionlist
, ",", SPLIT_SKIP_SPACE
, 0);
224 SMARTLIST_FOREACH(version_sl
, const char *, cp
, {
225 if (!strcmpstart(cp
, "Tor "))
228 if (tor_version_parse(cp
, &other
)) {
229 /* Couldn't parse other; it can't be a match. */
231 r
= tor_version_compare(&mine
, &other
);
242 if (!warned_too_new
) {
243 log(LOG_WARN
, "This version of Tor (%s) is newer than any on the recommended list (%s)",
244 myversion
, versionlist
);
253 SMARTLIST_FOREACH(version_sl
, char *, version
, tor_free(version
));
254 smartlist_free(version_sl
);
258 /* Return 0 if myversion is supported; else log a message and return
259 * -1 (or exit if ignoreversions is false) */
260 int check_software_version_against_directory(const char *directory
,
264 v
= get_recommended_software_from_directory(directory
);
266 log_fn(LOG_WARN
, "No recommended-versions string found in directory");
269 if (!is_obsolete_version(VERSION
, v
)) {
273 log(ignoreversion
? LOG_WARN
: LOG_ERR
,
274 "You are running Tor version %s, which will not work with this network.\n"
276 VERSION
, strchr(v
,',') ? "one of " : "", v
);
280 log(LOG_WARN
, "IgnoreVersion is set. If it breaks, we told you so.");
286 return -1; /* never reached */
290 /** Parse a directory from <b>str</b> and, when done, store the
291 * resulting routerlist in *<b>dest</b>, freeing the old value if necessary.
292 * If <b>pkey</b> is provided, we check the directory signature with pkey.
294 int /* Should be static; exposed for unit tests */
295 router_parse_routerlist_from_directory(const char *str
,
297 crypto_pk_env_t
*pkey
,
300 directory_token_t
*tok
;
301 char digest
[DIGEST_LEN
];
302 routerlist_t
*new_dir
= NULL
;
303 char *versions
= NULL
;
304 smartlist_t
*good_nickname_list
= NULL
;
307 const char *end
, *cp
;
308 smartlist_t
*tokens
= NULL
;
309 char dirnickname
[MAX_NICKNAME_LEN
+1];
310 crypto_pk_env_t
*declared_key
= NULL
;
312 if (router_get_dir_hash(str
, digest
)) {
313 log_fn(LOG_WARN
, "Unable to compute digest of directory");
316 log_fn(LOG_DEBUG
,"Received directory hashes to %s",hex_str(digest
,4));
318 /* Check signature first, before we try to tokenize. */
320 while (cp
&& (end
= strstr(cp
+1, "\ndirectory-signature")))
322 if (cp
== str
|| !cp
) {
323 log_fn(LOG_WARN
, "No signature found on directory."); goto err
;
326 tokens
= smartlist_create();
327 if (tokenize_string(cp
,strchr(cp
,'\0'),tokens
,1)) {
328 log_fn(LOG_WARN
, "Error tokenizing directory signature"); goto err
;
330 if (smartlist_len(tokens
) != 1) {
331 log_fn(LOG_WARN
, "Unexpected number of tokens in signature"); goto err
;
333 tok
=smartlist_get(tokens
,0);
334 if (tok
->tp
!= K_DIRECTORY_SIGNATURE
) {
335 log_fn(LOG_WARN
,"Expected a single directory signature"); goto err
;
337 declared_key
= find_dir_signing_key(str
);
338 if (check_directory_signature(digest
, tok
, pkey
, declared_key
)<0)
341 /* now we know tok->n_args == 1, so it's safe to access tok->args[0] */
342 strlcpy(dirnickname
, tok
->args
[0], sizeof(dirnickname
));
344 SMARTLIST_FOREACH(tokens
, directory_token_t
*, tok
, token_free(tok
));
345 smartlist_free(tokens
);
348 /* Now that we know the signature is okay, check the version. */
350 check_software_version_against_directory(str
, get_options()->IgnoreVersion
);
352 /* Now try to parse the first part of the directory. */
353 if ((end
= strstr(str
,"\nrouter "))) {
355 } else if ((end
= strstr(str
, "\ndirectory-signature"))) {
358 end
= str
+ strlen(str
);
361 tokens
= smartlist_create();
362 if (tokenize_string(str
,end
,tokens
,1)) {
363 log_fn(LOG_WARN
, "Error tokenizing directory"); goto err
;
365 if (smartlist_len(tokens
) < 1) {
366 log_fn(LOG_WARN
, "Impossibly short directory header"); goto err
;
368 if ((tok
= find_first_by_keyword(tokens
, _UNRECOGNIZED
))) {
369 log_fn(LOG_WARN
, "Unrecognized keyword \"%s\" in directory header; can't parse directory.",
374 tok
= smartlist_get(tokens
,0);
375 if (tok
->tp
!= K_SIGNED_DIRECTORY
) {
376 log_fn(LOG_WARN
, "Directory doesn't start with signed-directory.");
380 if (!(tok
= find_first_by_keyword(tokens
, K_PUBLISHED
))) {
381 log_fn(LOG_WARN
, "Missing published time on directory.");
384 tor_assert(tok
->n_args
== 1);
386 if (parse_iso_time(tok
->args
[0], &published_on
) < 0) {
390 /* Now that we know the signature is okay, and we have a
391 * publication time, cache the directory. */
392 if (!get_options()->AuthoritativeDir
)
393 dirserv_set_cached_directory(str
, published_on
, 0);
395 if (!(tok
= find_first_by_keyword(tokens
, K_RECOMMENDED_SOFTWARE
))) {
396 log_fn(LOG_WARN
, "Missing recommended-software line from directory.");
399 if (tok
->n_args
> 1) {
400 log_fn(LOG_WARN
, "Invalid recommended-software line");
403 versions
= tok
->n_args
? tor_strdup(tok
->args
[0]) : tor_strdup("");
405 /* Prefer router-status, then running-routers. */
406 if (!(tok
= find_first_by_keyword(tokens
, K_ROUTER_STATUS
))) {
407 if (!(tok
= find_first_by_keyword(tokens
, K_RUNNING_ROUTERS
))) {
409 "Missing running-routers/router-status line from directory.");
414 good_nickname_list
= smartlist_create();
415 for (i
=0; i
<tok
->n_args
; ++i
) {
416 smartlist_add(good_nickname_list
, tok
->args
[i
]);
418 tok
->n_args
= 0; /* Don't free the strings in good_nickname_list yet. */
420 /* Read the router list from s, advancing s up past the end of the last
423 if (router_parse_list_from_string(&str
, &new_dir
,
425 tok
->tp
==K_RUNNING_ROUTERS
,
427 log_fn(LOG_WARN
, "Error reading routers from directory");
431 /* Determine if my routerinfo is considered verified. */
433 static int have_warned_about_unverified_status
= 0;
434 routerinfo_t
*me
= router_get_my_routerinfo();
436 if (router_update_status_from_smartlist(me
, published_on
,
438 tok
->tp
==K_RUNNING_ROUTERS
)==1 &&
439 me
->is_verified
== 0 && !have_warned_about_unverified_status
) {
440 log_fn(LOG_WARN
,"Dirserver '%s' lists your server as unverified. Please consider sending your identity fingerprint to the tor-ops.", dirnickname
);
441 have_warned_about_unverified_status
= 1;
446 new_dir
->software_versions
= versions
; versions
= NULL
;
447 new_dir
->published_on
= published_on
;
449 SMARTLIST_FOREACH(tokens
, directory_token_t
*, tok
, token_free(tok
));
450 smartlist_free(tokens
);
454 routerlist_free(*dest
);
462 routerlist_free(new_dir
);
465 if (declared_key
) crypto_free_pk_env(declared_key
);
467 SMARTLIST_FOREACH(tokens
, directory_token_t
*, tok
, token_free(tok
));
468 smartlist_free(tokens
);
470 if (good_nickname_list
) {
471 SMARTLIST_FOREACH(good_nickname_list
, char *, n
, tor_free(n
));
472 smartlist_free(good_nickname_list
);
479 router_parse_runningrouters(const char *str
)
481 char digest
[DIGEST_LEN
];
482 running_routers_t
*new_list
= NULL
;
483 directory_token_t
*tok
;
486 crypto_pk_env_t
*declared_key
= NULL
;
487 smartlist_t
*tokens
= NULL
;
489 if (router_get_runningrouters_hash(str
, digest
)) {
490 log_fn(LOG_WARN
, "Unable to compute digest of directory");
493 tokens
= smartlist_create();
494 if (tokenize_string(str
,str
+strlen(str
),tokens
,1)) {
495 log_fn(LOG_WARN
, "Error tokenizing directory"); goto err
;
497 if ((tok
= find_first_by_keyword(tokens
, _UNRECOGNIZED
))) {
498 log_fn(LOG_WARN
, "Unrecognized keyword '%s'; can't parse running-routers",
502 tok
= smartlist_get(tokens
,0);
503 if (tok
->tp
!= K_NETWORK_STATUS
) {
504 log_fn(LOG_WARN
, "Network-status starts with wrong token");
508 if (!(tok
= find_first_by_keyword(tokens
, K_PUBLISHED
))) {
509 log_fn(LOG_WARN
, "Missing published time on directory.");
512 tor_assert(tok
->n_args
== 1);
513 if (parse_iso_time(tok
->args
[0], &published_on
) < 0) {
517 /* Now that we know the signature is okay, and we have a
518 * publication time, cache the list. */
519 if (!get_options()->AuthoritativeDir
)
520 dirserv_set_cached_directory(str
, published_on
, 1);
522 if (!(tok
= find_first_by_keyword(tokens
, K_ROUTER_STATUS
))) {
523 if (!(tok
= find_first_by_keyword(tokens
, K_RUNNING_ROUTERS
))) {
525 "Missing running-routers/router-status line from directory.");
530 new_list
= tor_malloc_zero(sizeof(running_routers_t
));
531 new_list
->published_on
= published_on
;
532 new_list
->running_routers
= smartlist_create();
533 new_list
->is_running_routers_format
= (tok
->tp
== K_RUNNING_ROUTERS
);
534 for (i
=0;i
<tok
->n_args
;++i
) {
535 smartlist_add(new_list
->running_routers
, tok
->args
[i
]);
537 tok
->n_args
= 0; /* Don't free the elements of tok->args. */
539 if (!(tok
= find_first_by_keyword(tokens
, K_DIRECTORY_SIGNATURE
))) {
540 log_fn(LOG_WARN
, "Missing signature on running-routers");
543 declared_key
= find_dir_signing_key(str
);
544 if (check_directory_signature(digest
, tok
, NULL
, declared_key
) < 0)
549 running_routers_free(new_list
);
552 if (declared_key
) crypto_free_pk_env(declared_key
);
554 SMARTLIST_FOREACH(tokens
, directory_token_t
*, tok
, token_free(tok
));
555 smartlist_free(tokens
);
560 /** Given a directory or running-routers string in <b>str</b>, try to
561 * find the its dir-signing-key token (if any). If this token is
562 * present, extract and return the key. Return NULL on failure. */
563 static crypto_pk_env_t
*find_dir_signing_key(const char *str
)
566 directory_token_t
*tok
;
567 crypto_pk_env_t
*key
= NULL
;
569 /* Is there a dir-signing-key in the directory? */
570 cp
= strstr(str
, "\nopt dir-signing-key");
572 cp
= strstr(str
, "\ndir-signing-key");
575 ++cp
; /* Now cp points to the start of the token. */
577 tok
= get_next_token(&cp
, DIR_ONLY
);
579 log_fn(LOG_WARN
, "Unparseable dir-signing-key token");
582 if (tok
->tp
!= K_DIR_SIGNING_KEY
) {
583 log_fn(LOG_WARN
, "Dir-signing-key token did not parse as expected");
589 tok
->key
= NULL
; /* steal reference. */
590 } else if (tok
->n_args
>= 1) {
591 key
= crypto_pk_DER64_decode_public_key(tok
->args
[0]);
593 log_fn(LOG_WARN
, "Unparseable dir-signing-key argument");
597 log_fn(LOG_WARN
, "Dir-signing-key token contained no key");
605 /** Return true iff <b>key</b> is allowed to sign directories.
607 static int dir_signing_key_is_trusted(crypto_pk_env_t
*key
)
609 char digest
[DIGEST_LEN
];
611 if (crypto_pk_get_digest(key
, digest
) < 0) {
612 log_fn(LOG_WARN
, "Error computing dir-signing-key digest");
615 if (!router_digest_is_trusted_dir(digest
)) {
616 log_fn(LOG_WARN
, "Listed dir-signing-key is not trusted");
622 /** Check whether the K_DIRECTORY_SIGNATURE token in <b>tok</b> has a
623 * good signature for <b>digest</b>.
625 * If <b>declared_key</b> is set, the directory has declared what key
626 * was used to sign it, so we will use that key only if it is an
627 * authoritative directory signing key.
629 * Otherwise, if pkey is provided, try to use it.
631 * (New callers should always use <b>declared_key</b> when possible;
632 * <b>pkey is only for debugging.)
634 static int check_directory_signature(const char *digest
,
635 directory_token_t
*tok
,
636 crypto_pk_env_t
*pkey
,
637 crypto_pk_env_t
*declared_key
)
639 char signed_digest
[PK_BYTES
];
640 crypto_pk_env_t
*_pkey
= NULL
;
642 if (tok
->n_args
!= 1) {
643 log_fn(LOG_WARN
, "Too many or too few arguments to directory-signature");
648 if (dir_signing_key_is_trusted(declared_key
))
649 _pkey
= declared_key
;
651 if (!_pkey
&& pkey
) {
652 /* pkey provided for debugging purposes */
656 log_fn(LOG_WARN
, "Found directory in old (before 0.0.9pre3) format--rejecting.");
660 if (strcmp(tok
->object_type
, "SIGNATURE") || tok
->object_size
!= 128) {
661 log_fn(LOG_WARN
, "Bad object type or length on directory signature");
667 if (crypto_pk_public_checksig(_pkey
, signed_digest
, tok
->object_body
, 128)
669 log_fn(LOG_WARN
, "Error reading directory: invalid signature.");
672 log_fn(LOG_DEBUG
,"Signed directory hash starts %s", hex_str(signed_digest
,4));
673 if (memcmp(digest
, signed_digest
, 20)) {
674 log_fn(LOG_WARN
, "Error reading directory: signature does not match.");
680 /** Given a string *<b>s</b> containing a concatenated sequence of router
681 * descriptors, parses them and stores the result in *<b>dest</b>. If
682 * good_nickname_list is provided, then routers are marked as
683 * running/nonrunning and verified/unverified based on their status in the
684 * list. Otherwise, all routers are marked running and verified. Advances
685 * *s to a point immediately following the last router entry. Returns 0 on
686 * success and -1 on failure.
689 router_parse_list_from_string(const char **s
, routerlist_t
**dest
,
690 smartlist_t
*good_nickname_list
,
691 int rr_format
, time_t published_on
)
693 routerinfo_t
*router
;
694 smartlist_t
*routers
;
700 routers
= smartlist_create();
703 *s
= eat_whitespace(*s
);
704 /* Don't start parsing the rest of *s unless it contains a router. */
705 if (strcmpstart(*s
, "router ")!=0)
707 if ((end
= strstr(*s
+1, "\nrouter "))) {
709 } else if ((end
= strstr(*s
+1, "\ndirectory-signature"))) {
715 router
= router_parse_entry_from_string(*s
, end
);
718 log_fn(LOG_WARN
, "Error reading router; skipping");
722 if (!good_nickname_list
) {
723 router
->is_running
= 1; /* start out assuming all dirservers are up */
724 router
->is_verified
= 1;
725 router
->status_set_at
= time(NULL
);
727 smartlist_add(routers
, router
);
728 log_fn(LOG_DEBUG
,"just added router #%d.",smartlist_len(routers
));
731 if (good_nickname_list
) {
732 SMARTLIST_FOREACH(good_nickname_list
, const char *, cp
,
733 routers_update_status_from_entry(routers
, published_on
,
738 routerlist_free(*dest
);
739 *dest
= tor_malloc_zero(sizeof(routerlist_t
));
740 (*dest
)->routers
= routers
;
745 /** Helper function: reads a single router entry from *<b>s</b> ...
746 * *<b>end</b>. Mallocs a new router and returns it if all goes well, else
749 routerinfo_t
*router_parse_entry_from_string(const char *s
,
751 routerinfo_t
*router
= NULL
;
752 char signed_digest
[128];
754 smartlist_t
*tokens
= NULL
, *exit_policy_tokens
= NULL
;
755 directory_token_t
*tok
;
757 int ports_set
, bw_set
;
763 if (router_get_router_hash(s
, digest
) < 0) {
764 log_fn(LOG_WARN
, "Couldn't compute router hash.");
767 tokens
= smartlist_create();
768 if (tokenize_string(s
,end
,tokens
,0)) {
769 log_fn(LOG_WARN
, "Error tokeninzing router descriptor."); goto err
;
772 if (smartlist_len(tokens
) < 2) {
773 log_fn(LOG_WARN
, "Impossibly short router descriptor.");
776 if ((tok
= find_first_by_keyword(tokens
, _UNRECOGNIZED
))) {
777 log_fn(LOG_WARN
, "Unrecognized keyword '%s'; skipping descriptor.",
782 tok
= smartlist_get(tokens
,0);
783 if (tok
->tp
!= K_ROUTER
) {
784 log_fn(LOG_WARN
,"Entry does not start with \"router\"");
788 router
= tor_malloc_zero(sizeof(routerinfo_t
));
789 ports_set
= bw_set
= 0;
791 if (tok
->n_args
== 2 || tok
->n_args
== 5 || tok
->n_args
== 6) {
792 router
->nickname
= tor_strdup(tok
->args
[0]);
793 if (!is_legal_nickname(router
->nickname
)) {
794 log_fn(LOG_WARN
,"Router nickname is invalid");
797 router
->address
= tor_strdup(tok
->args
[1]);
800 if (tok
->n_args
>= 5) {
801 router
->or_port
= (uint16_t) tor_parse_long(tok
->args
[2],10,0,65535,NULL
,NULL
);
802 router
->socks_port
= (uint16_t) tor_parse_long(tok
->args
[3],10,0,65535,NULL
,NULL
);
803 router
->dir_port
= (uint16_t) tor_parse_long(tok
->args
[4],10,0,65535,NULL
,NULL
);
807 log_fn(LOG_WARN
,"Wrong # of arguments to \"router\" (%d)",tok
->n_args
);
811 tok
= find_first_by_keyword(tokens
, K_PORTS
);
812 if (tok
&& ports_set
) {
813 log_fn(LOG_WARN
,"Redundant ports line");
816 if (tok
->n_args
!= 3) {
817 log_fn(LOG_WARN
,"Wrong # of arguments to \"ports\"");
820 router
->or_port
= (uint16_t) tor_parse_long(tok
->args
[0],10,0,65535,NULL
,NULL
);
821 router
->socks_port
= (uint16_t) tor_parse_long(tok
->args
[1],10,0,65535,NULL
,NULL
);
822 router
->dir_port
= (uint16_t) tor_parse_long(tok
->args
[2],10,0,65535,NULL
,NULL
);
826 tok
= find_first_by_keyword(tokens
, K_DIRCACHEPORT
);
828 if (router
->dir_port
)
829 log_fn(LOG_WARN
,"Redundant dircacheport line");
830 if (tok
->n_args
!= 1) {
831 log_fn(LOG_WARN
,"Wrong # of arguments to \"dircacheport\"");
834 router
->dir_port
= (uint16_t) tor_parse_long(tok
->args
[0],10,1,65535,NULL
,NULL
);
837 tok
= find_first_by_keyword(tokens
, K_BANDWIDTH
);
839 log_fn(LOG_WARN
,"Redundant bandwidth line");
842 if (tok
->n_args
< 3) {
843 /* XXXX Once 0.0.7 is *really* dead, restore this warning to its old form*/
844 log_fn(LOG_WARN
,"Not enough arguments to \"bandwidth\": must be an obsolete server. Rejecting one server (nickname '%s').", router
->nickname
);
847 router
->bandwidthrate
= tor_parse_long(tok
->args
[0],10,0,INT_MAX
,NULL
,NULL
);
848 router
->bandwidthburst
= tor_parse_long(tok
->args
[1],10,0,INT_MAX
,NULL
,NULL
);
849 router
->bandwidthcapacity
= tor_parse_long(tok
->args
[2],10,0,INT_MAX
,NULL
,NULL
);
853 if ((tok
= find_first_by_keyword(tokens
, K_UPTIME
))) {
854 if (tok
->n_args
!= 1) {
855 log_fn(LOG_WARN
, "Unrecognized number of args on K_UPTIME; skipping.");
857 router
->uptime
= tor_parse_long(tok
->args
[0],10,0,LONG_MAX
,NULL
,NULL
);
861 if (!(tok
= find_first_by_keyword(tokens
, K_PUBLISHED
))) {
862 log_fn(LOG_WARN
, "Missing published time"); goto err
;
864 tor_assert(tok
->n_args
== 1);
865 if (parse_iso_time(tok
->args
[0], &router
->published_on
) < 0)
868 if (!(tok
= find_first_by_keyword(tokens
, K_ONION_KEY
))) {
869 log_fn(LOG_WARN
, "Missing onion key"); goto err
;
871 if (crypto_pk_keysize(tok
->key
) != PK_BYTES
) {
872 log_fn(LOG_WARN
, "Wrong size on onion key: %d bits!",
873 crypto_pk_keysize(tok
->key
)*8);
876 router
->onion_pkey
= tok
->key
;
877 tok
->key
= NULL
; /* Prevent free */
879 if (!(tok
= find_first_by_keyword(tokens
, K_SIGNING_KEY
))) {
880 log_fn(LOG_WARN
, "Missing identity key"); goto err
;
882 if (crypto_pk_keysize(tok
->key
) != PK_BYTES
) {
883 log_fn(LOG_WARN
, "Wrong size on identity key: %d bits!",
884 crypto_pk_keysize(tok
->key
)*8);
887 router
->identity_pkey
= tok
->key
;
888 tok
->key
= NULL
; /* Prevent free */
889 if (crypto_pk_get_digest(router
->identity_pkey
,router
->identity_digest
)) {
890 log_fn(LOG_WARN
, "Couldn't calculate key digest"); goto err
;
893 if ((tok
= find_first_by_keyword(tokens
, K_PLATFORM
))) {
894 router
->platform
= tor_strdup(tok
->args
[0]);
897 exit_policy_tokens
= find_all_exitpolicy(tokens
);
898 SMARTLIST_FOREACH(exit_policy_tokens
, directory_token_t
*, t
,
899 if (router_add_exit_policy(router
,t
)<0) {
900 log_fn(LOG_WARN
,"Error in exit policy"); goto err
;}
903 if ((tok
= find_first_by_keyword(tokens
, K_FAMILY
)) && tok
->n_args
) {
905 router
->declared_family
= smartlist_create();
906 for (i
=0;i
<tok
->n_args
;++i
) {
907 if (!is_legal_nickname_or_hexdigest(tok
->args
[i
])) {
908 log_fn(LOG_WARN
, "Illegal nickname '%s' in family line", tok
->args
[i
]);
911 smartlist_add(router
->declared_family
, tor_strdup(tok
->args
[i
]));
915 if (!(tok
= find_first_by_keyword(tokens
, K_ROUTER_SIGNATURE
))) {
916 log_fn(LOG_WARN
, "Missing router signature"); goto err
;
918 if (strcmp(tok
->object_type
, "SIGNATURE") || tok
->object_size
!= 128) {
919 log_fn(LOG_WARN
, "Bad object type or length on router signature");
922 if ((t
=crypto_pk_public_checksig(router
->identity_pkey
, signed_digest
,
923 tok
->object_body
, 128)) != 20) {
924 log_fn(LOG_WARN
, "Invalid signature %d",t
); goto err
;
926 if (memcmp(digest
, signed_digest
, 20)) {
927 log_fn(LOG_WARN
, "Mismatched signature"); goto err
;
931 log_fn(LOG_WARN
,"No ports declared; failing."); goto err
;
934 log_fn(LOG_WARN
,"No bandwidth declared; failing."); goto err
;
936 if (!router
->or_port
) {
937 log_fn(LOG_WARN
,"or_port unreadable or 0. Failing.");
940 if (!router
->bandwidthrate
) {
941 log_fn(LOG_WARN
,"bandwidthrate unreadable or 0. Failing.");
944 if (!router
->platform
) {
945 router
->platform
= tor_strdup("<unknown>");
948 log_fn(LOG_DEBUG
,"or_port %d, socks_port %d, dir_port %d, bandwidthrate %u, bandwidthburst %u.",
949 router
->or_port
, router
->socks_port
, router
->dir_port
,
950 (unsigned) router
->bandwidthrate
, (unsigned) router
->bandwidthburst
);
956 routerinfo_free(router
);
960 SMARTLIST_FOREACH(tokens
, directory_token_t
*, tok
, token_free(tok
));
961 smartlist_free(tokens
);
963 if (exit_policy_tokens
) {
964 smartlist_free(exit_policy_tokens
);
969 /** Parse the exit policy in the string <b>s</b> and return it.
971 struct addr_policy_t
*
972 router_parse_addr_policy_from_string(const char *s
)
974 directory_token_t
*tok
= NULL
;
977 struct addr_policy_t
*r
;
980 /* *s might not end with \n, so we need to extend it with one. */
982 cp
= tmp
= tor_malloc(len
+2);
983 for (idx
= 0; idx
< len
; ++idx
) {
984 tmp
[idx
] = tolower(s
[idx
]);
988 tok
= get_next_token(&cp
, RTR_ONLY
);
989 if (tok
->tp
== _ERR
) {
990 log_fn(LOG_WARN
, "Error reading exit policy: %s", tok
->error
);
993 if (tok
->tp
!= K_ACCEPT
&& tok
->tp
!= K_REJECT
) {
994 log_fn(LOG_WARN
, "Expected 'accept' or 'reject'.");
998 /* Now that we've gotten an exit policy, add it to the router. */
999 r
= router_parse_addr_policy(tok
);
1010 router_add_exit_policy_from_string(routerinfo_t
*router
, const char *s
)
1012 struct addr_policy_t
*newe
, *tmpe
;
1013 newe
= router_parse_addr_policy_from_string(s
);
1016 for (tmpe
= router
->exit_policy
; tmpe
; tmpe
=tmpe
->next
)
1024 router_add_exit_policy(routerinfo_t
*router
,directory_token_t
*tok
)
1026 struct addr_policy_t
*newe
, **tmpe
;
1027 newe
= router_parse_addr_policy(tok
);
1030 for (tmpe
= &router
->exit_policy
; *tmpe
; tmpe
=&((*tmpe
)->next
))
1037 /** Given a K_ACCEPT or K_REJECT token and a router, create and return
1038 * a new exit_policy_t corresponding to the token. */
1039 static struct addr_policy_t
*
1040 router_parse_addr_policy(directory_token_t
*tok
) {
1042 struct addr_policy_t
*newe
;
1044 char *arg
, *address
;
1046 tor_assert(tok
->tp
== K_REJECT
|| tok
->tp
== K_ACCEPT
);
1048 if (tok
->n_args
!= 1)
1052 newe
= tor_malloc_zero(sizeof(struct addr_policy_t
));
1054 newe
->string
= tor_malloc(8+strlen(arg
));
1055 tor_snprintf(newe
->string
, 8+strlen(arg
), "%s %s",
1056 (tok
->tp
== K_REJECT
) ? "reject" : "accept", arg
);
1057 newe
->policy_type
= (tok
->tp
== K_REJECT
) ? ADDR_POLICY_REJECT
1058 : ADDR_POLICY_ACCEPT
;
1060 if (parse_addr_and_port_range(arg
, &newe
->addr
, &newe
->msk
,
1061 &newe
->prt_min
, &newe
->prt_max
))
1062 goto policy_read_failed
;
1064 in
.s_addr
= htonl(newe
->addr
);
1065 address
= tor_strdup(inet_ntoa(in
));
1066 in
.s_addr
= htonl(newe
->msk
);
1067 log_fn(LOG_DEBUG
,"%s %s/%s:%d-%d",
1068 newe
->policy_type
== ADDR_POLICY_REJECT
? "reject" : "accept",
1069 address
, inet_ntoa(in
), newe
->prt_min
, newe
->prt_max
);
1075 tor_assert(newe
->string
);
1076 log_fn(LOG_WARN
,"Couldn't parse line '%s'. Dropping", newe
->string
);
1077 tor_free(newe
->string
);
1083 * Low-level tokenizer for router descriptors and directories.
1086 /** Free all resources allocated for <b>tok</b> */
1088 token_free(directory_token_t
*tok
)
1093 for (i
= 0; i
< tok
->n_args
; ++i
) {
1094 tor_free(tok
->args
[i
]);
1096 tor_free(tok
->args
);
1098 tor_free(tok
->object_type
);
1099 tor_free(tok
->object_body
);
1101 crypto_free_pk_env(tok
->key
);
1105 /** Helper function: read the next token from *s, advance *s to the end
1106 * of the token, and return the parsed token. If 'where' is DIR_ONLY
1107 * or RTR_ONLY, reject all tokens of the wrong type.
1109 static directory_token_t
*
1110 get_next_token(const char **s
, where_syntax where
) {
1111 const char *next
, *obstart
;
1112 int i
, done
, allocated
, is_opt
;
1113 directory_token_t
*tok
;
1115 obj_syntax o_syn
= NO_OBJ
;
1117 #define RET_ERR(msg) \
1118 do { if (tok) token_free(tok); \
1119 tok = tor_malloc_zero(sizeof(directory_token_t));\
1122 goto done_tokenizing; } while (0)
1124 tok
= tor_malloc_zero(sizeof(directory_token_t
));
1127 *s
= eat_whitespace(*s
);
1132 next
= find_whitespace(*s
);
1134 tok
->error
= "Unexpected EOF"; return tok
;
1136 /* It's a keyword... but which one? */
1137 is_opt
= !strncmp("opt", *s
, next
-*s
);
1139 *s
= eat_whitespace(next
);
1142 next
= find_whitespace(*s
);
1143 if (!**s
|| !next
) {
1144 RET_ERR("opt without keyword");
1147 for (i
= 0; token_table
[i
].t
; ++i
) {
1148 if (!strncmp(token_table
[i
].t
, *s
, next
-*s
)) {
1149 /* We've found the keyword. */
1150 tok
->tp
= token_table
[i
].v
;
1151 a_syn
= token_table
[i
].s
;
1152 o_syn
= token_table
[i
].os
;
1153 if (token_table
[i
].ws
!= ANY
&& token_table
[i
].ws
!= where
) {
1154 if (where
== DIR_ONLY
) {
1155 RET_ERR("Found a router-only token in a directory section");
1157 RET_ERR("Found a directory-only token in a router descriptor");
1160 if (a_syn
== ARGS
) {
1161 /* This keyword takes multiple arguments. */
1163 done
= (*next
== '\n');
1165 tok
->args
= tor_malloc(sizeof(char*)*32);
1166 *s
= eat_whitespace_no_nl(next
);
1167 while (**s
!= '\n' && !done
) {
1168 next
= find_whitespace(*s
);
1171 if (i
== allocated
) {
1173 tok
->args
= tor_realloc(tok
->args
,sizeof(char*)*allocated
);
1175 tok
->args
[i
++] = tor_strndup(*s
,next
-*s
);
1176 *s
= eat_whitespace_no_nl(next
+1);
1179 } else if (a_syn
== CONCAT_ARGS
) {
1180 /* The keyword takes the line as a single argument */
1181 *s
= eat_whitespace_no_nl(next
);
1182 next
= strchr(*s
, '\n');
1184 RET_ERR("Unexpected EOF");
1185 tok
->args
= tor_malloc(sizeof(char*));
1186 tok
->args
[0] = tor_strndup(*s
,next
-*s
);
1188 *s
= eat_whitespace_no_nl(next
+1);
1190 /* The keyword takes no arguments. */
1191 tor_assert(a_syn
== NO_ARGS
);
1192 *s
= eat_whitespace_no_nl(next
);
1194 RET_ERR("Unexpected arguments");
1197 *s
= eat_whitespace_no_nl(*s
+1);
1202 if (tok
->tp
== _ERR
) {
1205 *s
= eat_whitespace_no_nl(next
);
1206 next
= strchr(*s
,'\n');
1208 RET_ERR("Unexpected EOF");
1209 tok
->args
= tor_malloc(sizeof(char*));
1210 tok
->args
[0] = tor_strndup(*s
,next
-*s
);
1212 *s
= eat_whitespace_no_nl(next
+1);
1215 tok
->tp
= _UNRECOGNIZED
;
1216 next
= strchr(*s
, '\n');
1218 RET_ERR("Unexpected EOF");
1220 tok
->args
= tor_malloc(sizeof(char*));
1221 tok
->args
[0] = tor_strndup(*s
,next
-*s
);
1227 *s
= eat_whitespace(*s
);
1228 if (strcmpstart(*s
, "-----BEGIN ")) {
1229 goto done_tokenizing
;
1232 *s
+= 11; /* length of "-----BEGIN ". */
1233 next
= strchr(*s
, '\n');
1234 if (next
-*s
< 6 || strcmpstart(next
-5, "-----\n")) {
1235 RET_ERR("Malformed object: bad begin line");
1237 tok
->object_type
= tor_strndup(*s
, next
-*s
-5);
1239 next
= strstr(*s
, "-----END ");
1241 RET_ERR("Malformed object: missing end line");
1243 if (!strcmp(tok
->object_type
, "RSA PUBLIC KEY")) {
1244 if (strcmpstart(next
, "-----END RSA PUBLIC KEY-----\n"))
1245 RET_ERR("Malformed object: mismatched end line");
1246 next
= strchr(next
,'\n')+1;
1247 tok
->key
= crypto_new_pk_env();
1248 if (crypto_pk_read_public_key_from_string(tok
->key
, obstart
, next
-obstart
))
1249 RET_ERR("Couldn't parse public key.");
1252 tok
->object_body
= tor_malloc(next
-*s
); /* really, this is too much RAM. */
1253 i
= base64_decode(tok
->object_body
, 256, *s
, next
-*s
);
1255 RET_ERR("Malformed object: bad base64-encoded data");
1257 tok
->object_size
= i
;
1258 *s
= next
+ 9; /* length of "-----END ". */
1259 i
= strlen(tok
->object_type
);
1260 if (strncmp(*s
, tok
->object_type
, i
) || strcmpstart(*s
+i
, "-----\n")) {
1261 RET_ERR("Malformed object: mismatched end tag");
1268 if (tok
->object_body
)
1269 RET_ERR("Unexpected object for keyword");
1271 RET_ERR("Unexpected public key for keyword");
1274 if (!tok
->object_body
)
1275 RET_ERR("Missing object for keyword");
1279 RET_ERR("Missing public key for keyword");
1288 for (i
= 0; token_table
[i
].t
; ++i
) {
1289 if (token_table
[i
].v
== tok
->tp
) {
1290 fputs(token_table
[i
].t
, stdout
);
1296 if (tok
->tp
== _UNRECOGNIZED
) fputs("UNRECOGNIZED", stdout
);
1297 if (tok
->tp
== _ERR
) fputs("ERR",stdout
);
1298 if (tok
->tp
== _EOF
) fputs("EOF",stdout
);
1299 if (tok
->tp
== _NIL
) fputs("_NIL",stdout
);
1301 for (i
= 0; i
< tok
->n_args
; ++i
) {
1302 fprintf(stdout
," \"%s\"", tok
->args
[i
]);
1304 if (tok
->error
) { fprintf(stdout
," *%s*", tok
->error
); }
1312 /** Read all tokens from a string between <b>start</b> and <b>end</b>, and add
1313 * them to <b>out</b>. If <b>is_dir</b> is true, reject all non-directory
1314 * tokens; else reject all non-routerdescriptor tokens.
1317 tokenize_string(const char *start
, const char *end
, smartlist_t
*out
,
1321 directory_token_t
*tok
= NULL
;
1322 where_syntax where
= is_dir
? DIR_ONLY
: RTR_ONLY
;
1324 while (*s
< end
&& (!tok
|| tok
->tp
!= _EOF
)) {
1325 tok
= get_next_token(s
, where
);
1326 if (tok
->tp
== _ERR
) {
1327 log_fn(LOG_WARN
, "parse error: %s", tok
->error
);
1330 smartlist_add(out
, tok
);
1331 *s
= eat_whitespace(*s
);
1337 /** Find the first token in <b>s</b> whose keyword is <b>keyword</b>; return
1338 * NULL if no such keyword is found.
1340 static directory_token_t
*
1341 find_first_by_keyword(smartlist_t
*s
, directory_keyword keyword
)
1343 SMARTLIST_FOREACH(s
, directory_token_t
*, t
, if (t
->tp
== keyword
) return t
);
1347 /** Return a newly allocated smartlist of all accept or reject tokens in
1350 static smartlist_t
*
1351 find_all_exitpolicy(smartlist_t
*s
)
1353 smartlist_t
*out
= smartlist_create();
1354 SMARTLIST_FOREACH(s
, directory_token_t
*, t
,
1355 if (t
->tp
== K_ACCEPT
|| t
->tp
== K_REJECT
)
1356 smartlist_add(out
,t
));
1360 /** Compute the SHA digest of the substring of <b>s</b> taken from the first
1361 * occurrence of <b>start_str</b> through the first newline after the first
1362 * subsequent occurrence of <b>end_str</b>; store the 20-byte result in
1363 * <b>digest</b>; return 0 on success.
1365 * If no such substring exists, return -1.
1367 static int router_get_hash_impl(const char *s
, char *digest
,
1368 const char *start_str
,
1369 const char *end_str
)
1372 start
= strstr(s
, start_str
);
1374 log_fn(LOG_WARN
,"couldn't find \"%s\"",start_str
);
1377 if (start
!= s
&& *(start
-1) != '\n') {
1378 log_fn(LOG_WARN
, "first occurrence of \"%s\" is not at the start of a line",
1382 end
= strstr(start
+strlen(start_str
), end_str
);
1384 log_fn(LOG_WARN
,"couldn't find \"%s\"",end_str
);
1387 end
= strchr(end
+strlen(end_str
), '\n');
1389 log_fn(LOG_WARN
,"couldn't find EOL");
1394 if (crypto_digest(digest
, start
, end
-start
)) {
1395 log_fn(LOG_WARN
,"couldn't compute digest");
1402 /** Parse the Tor version of the platform string <b>platform</b>,
1403 * and compare it to the version in <b>cutoff</b>. Return 1 if
1404 * the router is at least as new as the cutoff, else return 0.
1406 int tor_version_as_new_as(const char *platform
, const char *cutoff
) {
1407 tor_version_t cutoff_version
, router_version
;
1411 if (tor_version_parse(cutoff
, &cutoff_version
)<0) {
1412 log_fn(LOG_WARN
,"Bug: cutoff version '%s' unparsable.",cutoff
);
1415 if (strcmpstart(platform
,"Tor ")) /* nonstandard Tor; be safe and say yes */
1418 start
= (char *)eat_whitespace(platform
+3);
1419 if (!*start
) return 0;
1420 s
= (char *)find_whitespace(start
); /* also finds '\0', which is fine */
1421 if ((size_t)(s
-start
+1) >= sizeof(tmp
)) /* too big, no */
1423 strlcpy(tmp
, start
, s
-start
+1);
1425 if (tor_version_parse(tmp
, &router_version
)<0) {
1426 log_fn(LOG_INFO
,"Router version '%s' unparsable.",tmp
);
1427 return 1; /* be safe and say yes */
1430 return tor_version_compare(&router_version
, &cutoff_version
) >= 0;
1433 /** Parse a tor version from <b>s</b>, and store the result in <b>out</b>.
1434 * Return 0 on success, -1 on failure. */
1435 int tor_version_parse(const char *s
, tor_version_t
*out
)
1437 char *eos
=NULL
, *cp
=NULL
;
1439 * NUM dot NUM dot NUM [ ( pre | rc | dot ) NUM [ -cvs ] ]
1443 memset(out
, 0, sizeof(tor_version_t
));
1446 out
->major
= strtol(s
,&eos
,10);
1447 if (!eos
|| eos
==s
|| *eos
!= '.') return -1;
1451 out
->minor
= strtol(cp
,&eos
,10);
1452 if (!eos
|| eos
==cp
|| *eos
!= '.') return -1;
1456 out
->micro
= strtol(cp
,&eos
,10);
1457 if (!eos
|| eos
==cp
) return -1;
1459 out
->status
= VER_RELEASE
;
1460 out
->patchlevel
= 0;
1461 out
->cvs
= IS_NOT_CVS
;
1468 out
->status
= VER_RELEASE
;
1470 } else if (0==strncmp(cp
, "pre", 3)) {
1471 out
->status
= VER_PRE
;
1473 } else if (0==strncmp(cp
, "rc", 2)) {
1474 out
->status
= VER_RC
;
1480 /* Get patchlevel */
1481 out
->patchlevel
= strtol(cp
,&eos
,10);
1482 if (!eos
|| eos
==cp
) return -1;
1485 /* Get cvs status. */
1487 out
->cvs
= IS_NOT_CVS
;
1488 } else if (0==strcmp(cp
, "-cvs")) {
1497 /** Compare two tor versions; Return <0 if a < b; 0 if a ==b, >0 if a >
1499 int tor_version_compare(tor_version_t
*a
, tor_version_t
*b
)
1504 if ((i
= a
->major
- b
->major
))
1506 else if ((i
= a
->minor
- b
->minor
))
1508 else if ((i
= a
->micro
- b
->micro
))
1510 else if ((i
= a
->status
- b
->status
))
1512 else if ((i
= a
->patchlevel
- b
->patchlevel
))
1514 else if ((i
= a
->cvs
- b
->cvs
))