search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove the unused router_hex_digest_matches
[tor.git] / src / or / routerlist.c
blobcb39729ff549107514482e45458272621cc3c0d3
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2013, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file routerlist.c
9 * \brief Code to
10 * maintain and access the global list of routerinfos for known
11 * servers.
12 **/
13
14 #define ROUTERLIST_PRIVATE
15 #include "or.h"
16 #include "circuitstats.h"
17 #include "config.h"
18 #include "connection.h"
19 #include "control.h"
20 #include "directory.h"
21 #include "dirserv.h"
22 #include "dirvote.h"
23 #include "entrynodes.h"
24 #include "fp_pair.h"
25 #include "geoip.h"
26 #include "hibernate.h"
27 #include "main.h"
28 #include "microdesc.h"
29 #include "networkstatus.h"
30 #include "nodelist.h"
31 #include "policies.h"
32 #include "reasons.h"
33 #include "rendcommon.h"
34 #include "rendservice.h"
35 #include "rephist.h"
36 #include "router.h"
37 #include "routerlist.h"
38 #include "routerparse.h"
39 #include "routerset.h"
40
41 // #define DEBUG_ROUTERLIST
42
43 /****************************************************************************/
44
45 DECLARE_TYPED_DIGESTMAP_FNS(sdmap_, digest_sd_map_t, signed_descriptor_t)
46 DECLARE_TYPED_DIGESTMAP_FNS(rimap_, digest_ri_map_t, routerinfo_t)
47 DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
48 DECLARE_TYPED_DIGESTMAP_FNS(dsmap_, digest_ds_map_t, download_status_t)
49 #define SDMAP_FOREACH(map, keyvar, valvar) \
50 DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
51 valvar)
52 #define RIMAP_FOREACH(map, keyvar, valvar) \
53 DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
54 #define EIMAP_FOREACH(map, keyvar, valvar) \
55 DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
56 #define DSMAP_FOREACH(map, keyvar, valvar) \
57 DIGESTMAP_FOREACH(dsmap_to_digestmap(map), keyvar, download_status_t *, \
58 valvar)
59
60 /* Forward declaration for cert_list_t */
61 typedef struct cert_list_t cert_list_t;
62
63 /* static function prototypes */
64 static int compute_weighted_bandwidths(const smartlist_t *sl,
65 bandwidth_weight_rule_t rule,
66 u64_dbl_t **bandwidths_out);
67 static const routerstatus_t *router_pick_directory_server_impl(
68 dirinfo_type_t auth, int flags);
69 static const routerstatus_t *router_pick_trusteddirserver_impl(
70 const smartlist_t *sourcelist, dirinfo_type_t auth,
71 int flags, int *n_busy_out);
72 static const routerstatus_t *router_pick_dirserver_generic(
73 smartlist_t *sourcelist,
74 dirinfo_type_t type, int flags);
75 static void mark_all_dirservers_up(smartlist_t *server_list);
76 static void dir_server_free(dir_server_t *ds);
77 static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
78 static const char *signed_descriptor_get_body_impl(
79 const signed_descriptor_t *desc,
80 int with_annotations);
81 static void list_pending_downloads(digestmap_t *result,
82 int purpose, const char *prefix);
83 static void list_pending_fpsk_downloads(fp_pair_map_t *result);
84 static void launch_dummy_descriptor_download_as_needed(time_t now,
85 const or_options_t *options);
86 static void download_status_reset_by_sk_in_cl(cert_list_t *cl,
87 const char *digest);
88 static int download_status_is_ready_by_sk_in_cl(cert_list_t *cl,
89 const char *digest,
90 time_t now, int max_failures);
91
92 /****************************************************************************/
93
94 /** Global list of a dir_server_t object for each directory
95 * authority. */
96 static smartlist_t *trusted_dir_servers = NULL;
97 /** Global list of dir_server_t objects for all directory authorities
98 * and all fallback directory servers. */
99 static smartlist_t *fallback_dir_servers = NULL;
100
101 /** List of for a given authority, and download status for latest certificate.
102 */
103 struct cert_list_t {
104 /*
105 * The keys of download status map are cert->signing_key_digest for pending
106 * downloads by (identity digest/signing key digest) pair; functions such
107 * as authority_cert_get_by_digest() already assume these are unique.
108 */
109 struct digest_ds_map_t *dl_status_map;
110 /* There is also a dlstatus for the download by identity key only */
111 download_status_t dl_status_by_id;
112 smartlist_t *certs;
113 };
114 /** Map from v3 identity key digest to cert_list_t. */
115 static digestmap_t *trusted_dir_certs = NULL;
116 /** True iff any key certificate in at least one member of
117 * <b>trusted_dir_certs</b> has changed since we last flushed the
118 * certificates to disk. */
119 static int trusted_dir_servers_certs_changed = 0;
120
121 /** Global list of all of the routers that we know about. */
122 static routerlist_t *routerlist = NULL;
123
124 /** List of strings for nicknames we've already warned about and that are
125 * still unknown / unavailable. */
126 static smartlist_t *warned_nicknames = NULL;
127
128 /** The last time we tried to download any routerdesc, or 0 for "never". We
129 * use this to rate-limit download attempts when the number of routerdescs to
130 * download is low. */
131 static time_t last_descriptor_download_attempted = 0;
132
133 /** When we last computed the weights to use for bandwidths on directory
134 * requests, what were the total weighted bandwidth, and our share of that
135 * bandwidth? Used to determine what fraction of directory requests we should
136 * expect to see.
137 *
138 * @{ */
139 static uint64_t sl_last_total_weighted_bw = 0,
140 sl_last_weighted_bw_of_me = 0;
141 /**@}*/
142
143 /** Return the number of directory authorities whose type matches some bit set
144 * in <b>type</b> */
145 int
146 get_n_authorities(dirinfo_type_t type)
147 {
148 int n = 0;
149 if (!trusted_dir_servers)
150 return 0;
151 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ds,
152 if (ds->type & type)
153 ++n);
154 return n;
155 }
156
157 /** Reset the download status of a specified element in a dsmap */
158 static void
159 download_status_reset_by_sk_in_cl(cert_list_t *cl, const char *digest)
160 {
161 download_status_t *dlstatus = NULL;
162
163 tor_assert(cl);
164 tor_assert(digest);
165
166 /* Make sure we have a dsmap */
167 if (!(cl->dl_status_map)) {
168 cl->dl_status_map = dsmap_new();
169 }
170 /* Look for a download_status_t in the map with this digest */
171 dlstatus = dsmap_get(cl->dl_status_map, digest);
172 /* Got one? */
173 if (!dlstatus) {
174 /* Insert before we reset */
175 dlstatus = tor_malloc_zero(sizeof(*dlstatus));
176 dsmap_set(cl->dl_status_map, digest, dlstatus);
177 }
178 tor_assert(dlstatus);
179 /* Go ahead and reset it */
180 download_status_reset(dlstatus);
181 }
182
183 /**
184 * Return true if the download for this signing key digest in cl is ready
185 * to be re-attempted.
186 */
187 static int
188 download_status_is_ready_by_sk_in_cl(cert_list_t *cl,
189 const char *digest,
190 time_t now, int max_failures)
191 {
192 int rv = 0;
193 download_status_t *dlstatus = NULL;
194
195 tor_assert(cl);
196 tor_assert(digest);
197
198 /* Make sure we have a dsmap */
199 if (!(cl->dl_status_map)) {
200 cl->dl_status_map = dsmap_new();
201 }
202 /* Look for a download_status_t in the map with this digest */
203 dlstatus = dsmap_get(cl->dl_status_map, digest);
204 /* Got one? */
205 if (dlstatus) {
206 /* Use download_status_is_ready() */
207 rv = download_status_is_ready(dlstatus, now, max_failures);
208 } else {
209 /*
210 * If we don't know anything about it, return 1, since we haven't
211 * tried this one before. We need to create a new entry here,
212 * too.
213 */
214 dlstatus = tor_malloc_zero(sizeof(*dlstatus));
215 download_status_reset(dlstatus);
216 dsmap_set(cl->dl_status_map, digest, dlstatus);
217 rv = 1;
218 }
219
220 return rv;
221 }
222
223 #define get_n_v2_authorities() get_n_authorities(V2_DIRINFO)
224
225 /** Helper: Return the cert_list_t for an authority whose authority ID is
226 * <b>id_digest</b>, allocating a new list if necessary. */
227 static cert_list_t *
228 get_cert_list(const char *id_digest)
229 {
230 cert_list_t *cl;
231 if (!trusted_dir_certs)
232 trusted_dir_certs = digestmap_new();
233 cl = digestmap_get(trusted_dir_certs, id_digest);
234 if (!cl) {
235 cl = tor_malloc_zero(sizeof(cert_list_t));
236 cl->dl_status_by_id.schedule = DL_SCHED_CONSENSUS;
237 cl->certs = smartlist_new();
238 cl->dl_status_map = dsmap_new();
239 digestmap_set(trusted_dir_certs, id_digest, cl);
240 }
241 return cl;
242 }
243
244 /** Release all space held by a cert_list_t */
245 static void
246 cert_list_free(cert_list_t *cl)
247 {
248 if (!cl)
249 return;
250
251 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
252 authority_cert_free(cert));
253 smartlist_free(cl->certs);
254 dsmap_free(cl->dl_status_map, tor_free_);
255 tor_free(cl);
256 }
257
258 /** Wrapper for cert_list_free so we can pass it to digestmap_free */
259 static void
260 cert_list_free_(void *cl)
261 {
262 cert_list_free(cl);
263 }
264
265 /** Reload the cached v3 key certificates from the cached-certs file in
266 * the data directory. Return 0 on success, -1 on failure. */
267 int
268 trusted_dirs_reload_certs(void)
269 {
270 char *filename;
271 char *contents;
272 int r;
273
274 filename = get_datadir_fname("cached-certs");
275 contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
276 tor_free(filename);
277 if (!contents)
278 return 0;
279 r = trusted_dirs_load_certs_from_string(
280 contents,
281 TRUSTED_DIRS_CERTS_SRC_FROM_STORE, 1);
282 tor_free(contents);
283 return r;
284 }
285
286 /** Helper: return true iff we already have loaded the exact cert
287 * <b>cert</b>. */
288 static INLINE int
289 already_have_cert(authority_cert_t *cert)
290 {
291 cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
292
293 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
294 {
295 if (tor_memeq(c->cache_info.signed_descriptor_digest,
296 cert->cache_info.signed_descriptor_digest,
297 DIGEST_LEN))
298 return 1;
299 });
300 return 0;
301 }
302
303 /** Load a bunch of new key certificates from the string <b>contents</b>. If
304 * <b>source</b> is TRUSTED_DIRS_CERTS_SRC_FROM_STORE, the certificates are
305 * from the cache, and we don't need to flush them to disk. If we are a
306 * dirauth loading our own cert, source is TRUSTED_DIRS_CERTS_SRC_SELF.
307 * Otherwise, source is download type: TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST
308 * or TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST. If <b>flush</b> is true, we
309 * need to flush any changed certificates to disk now. Return 0 on success,
310 * -1 if any certs fail to parse.
311 */
312
313 int
314 trusted_dirs_load_certs_from_string(const char *contents, int source,
315 int flush)
316 {
317 dir_server_t *ds;
318 const char *s, *eos;
319 int failure_code = 0;
320 int from_store = (source == TRUSTED_DIRS_CERTS_SRC_FROM_STORE);
321
322 for (s = contents; *s; s = eos) {
323 authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
324 cert_list_t *cl;
325 if (!cert) {
326 failure_code = -1;
327 break;
328 }
329 ds = trusteddirserver_get_by_v3_auth_digest(
330 cert->cache_info.identity_digest);
331 log_debug(LD_DIR, "Parsed certificate for %s",
332 ds ? ds->nickname : "unknown authority");
333
334 if (already_have_cert(cert)) {
335 /* we already have this one. continue. */
336 log_info(LD_DIR, "Skipping %s certificate for %s that we "
337 "already have.",
338 from_store ? "cached" : "downloaded",
339 ds ? ds->nickname : "an old or new authority");
340
341 /*
342 * A duplicate on download should be treated as a failure, so we call
343 * authority_cert_dl_failed() to reset the download status to make sure
344 * we can't try again. Since we've implemented the fp-sk mechanism
345 * to download certs by signing key, this should be much rarer than it
346 * was and is perhaps cause for concern.
347 */
348 if (!from_store) {
349 if (authdir_mode(get_options())) {
350 log_warn(LD_DIR,
351 "Got a certificate for %s, but we already have it. "
352 "Maybe they haven't updated it. Waiting for a while.",
353 ds ? ds->nickname : "an old or new authority");
354 } else {
355 log_info(LD_DIR,
356 "Got a certificate for %s, but we already have it. "
357 "Maybe they haven't updated it. Waiting for a while.",
358 ds ? ds->nickname : "an old or new authority");
359 }
360
361 /*
362 * This is where we care about the source; authority_cert_dl_failed()
363 * needs to know whether the download was by fp or (fp,sk) pair to
364 * twiddle the right bit in the download map.
365 */
366 if (source == TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST) {
367 authority_cert_dl_failed(cert->cache_info.identity_digest,
368 NULL, 404);
369 } else if (source == TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST) {
370 authority_cert_dl_failed(cert->cache_info.identity_digest,
371 cert->signing_key_digest, 404);
372 }
373 }
374
375 authority_cert_free(cert);
376 continue;
377 }
378
379 if (ds) {
380 log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
381 "signing key %s", from_store ? "cached" : "downloaded",
382 ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
383 } else {
384 int adding = directory_caches_unknown_auth_certs(get_options());
385 log_info(LD_DIR, "%s %s certificate for unrecognized directory "
386 "authority with signing key %s",
387 adding ? "Adding" : "Not adding",
388 from_store ? "cached" : "downloaded",
389 hex_str(cert->signing_key_digest,DIGEST_LEN));
390 if (!adding) {
391 authority_cert_free(cert);
392 continue;
393 }
394 }
395
396 cl = get_cert_list(cert->cache_info.identity_digest);
397 smartlist_add(cl->certs, cert);
398 if (ds && cert->cache_info.published_on > ds->addr_current_at) {
399 /* Check to see whether we should update our view of the authority's
400 * address. */
401 if (cert->addr && cert->dir_port &&
402 (ds->addr != cert->addr ||
403 ds->dir_port != cert->dir_port)) {
404 char *a = tor_dup_ip(cert->addr);
405 log_notice(LD_DIR, "Updating address for directory authority %s "
406 "from %s:%d to %s:%d based on certificate.",
407 ds->nickname, ds->address, (int)ds->dir_port,
408 a, cert->dir_port);
409 tor_free(a);
410 ds->addr = cert->addr;
411 ds->dir_port = cert->dir_port;
412 }
413 ds->addr_current_at = cert->cache_info.published_on;
414 }
415
416 if (!from_store)
417 trusted_dir_servers_certs_changed = 1;
418 }
419
420 if (flush)
421 trusted_dirs_flush_certs_to_disk();
422
423 /* call this even if failure_code is <0, since some certs might have
424 * succeeded. */
425 networkstatus_note_certs_arrived();
426
427 return failure_code;
428 }
429
430 /** Save all v3 key certificates to the cached-certs file. */
431 void
432 trusted_dirs_flush_certs_to_disk(void)
433 {
434 char *filename;
435 smartlist_t *chunks;
436
437 if (!trusted_dir_servers_certs_changed || !trusted_dir_certs)
438 return;
439
440 chunks = smartlist_new();
441 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
442 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
443 {
444 sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
445 c->bytes = cert->cache_info.signed_descriptor_body;
446 c->len = cert->cache_info.signed_descriptor_len;
447 smartlist_add(chunks, c);
448 });
449 } DIGESTMAP_FOREACH_END;
450
451 filename = get_datadir_fname("cached-certs");
452 if (write_chunks_to_file(filename, chunks, 0)) {
453 log_warn(LD_FS, "Error writing certificates to disk.");
454 }
455 tor_free(filename);
456 SMARTLIST_FOREACH(chunks, sized_chunk_t *, c, tor_free(c));
457 smartlist_free(chunks);
458
459 trusted_dir_servers_certs_changed = 0;
460 }
461
462 /** Remove all v3 authority certificates that have been superseded for more
463 * than 48 hours. (If the most recent cert was published more than 48 hours
464 * ago, then we aren't going to get any consensuses signed with older
465 * keys.) */
466 static void
467 trusted_dirs_remove_old_certs(void)
468 {
469 time_t now = time(NULL);
470 #define DEAD_CERT_LIFETIME (2*24*60*60)
471 #define OLD_CERT_LIFETIME (7*24*60*60)
472 if (!trusted_dir_certs)
473 return;
474
475 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
476 authority_cert_t *newest = NULL;
477 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
478 if (!newest || (cert->cache_info.published_on >
479 newest->cache_info.published_on))
480 newest = cert);
481 if (newest) {
482 const time_t newest_published = newest->cache_info.published_on;
483 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
484 int expired;
485 time_t cert_published;
486 if (newest == cert)
487 continue;
488 expired = now > cert->expires;
489 cert_published = cert->cache_info.published_on;
490 /* Store expired certs for 48 hours after a newer arrives;
491 */
492 if (expired ?
493 (newest_published + DEAD_CERT_LIFETIME < now) :
494 (cert_published + OLD_CERT_LIFETIME < newest_published)) {
495 SMARTLIST_DEL_CURRENT(cl->certs, cert);
496 authority_cert_free(cert);
497 trusted_dir_servers_certs_changed = 1;
498 }
499 } SMARTLIST_FOREACH_END(cert);
500 }
501 } DIGESTMAP_FOREACH_END;
502 #undef OLD_CERT_LIFETIME
503
504 trusted_dirs_flush_certs_to_disk();
505 }
506
507 /** Return the newest v3 authority certificate whose v3 authority identity key
508 * has digest <b>id_digest</b>. Return NULL if no such authority is known,
509 * or it has no certificate. */
510 authority_cert_t *
511 authority_cert_get_newest_by_id(const char *id_digest)
512 {
513 cert_list_t *cl;
514 authority_cert_t *best = NULL;
515 if (!trusted_dir_certs ||
516 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
517 return NULL;
518
519 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
520 {
521 if (!best || cert->cache_info.published_on > best->cache_info.published_on)
522 best = cert;
523 });
524 return best;
525 }
526
527 /** Return the newest v3 authority certificate whose directory signing key has
528 * digest <b>sk_digest</b>. Return NULL if no such certificate is known.
529 */
530 authority_cert_t *
531 authority_cert_get_by_sk_digest(const char *sk_digest)
532 {
533 authority_cert_t *c;
534 if (!trusted_dir_certs)
535 return NULL;
536
537 if ((c = get_my_v3_authority_cert()) &&
538 tor_memeq(c->signing_key_digest, sk_digest, DIGEST_LEN))
539 return c;
540 if ((c = get_my_v3_legacy_cert()) &&
541 tor_memeq(c->signing_key_digest, sk_digest, DIGEST_LEN))
542 return c;
543
544 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
545 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
546 {
547 if (tor_memeq(cert->signing_key_digest, sk_digest, DIGEST_LEN))
548 return cert;
549 });
550 } DIGESTMAP_FOREACH_END;
551 return NULL;
552 }
553
554 /** Return the v3 authority certificate with signing key matching
555 * <b>sk_digest</b>, for the authority with identity digest <b>id_digest</b>.
556 * Return NULL if no such authority is known. */
557 authority_cert_t *
558 authority_cert_get_by_digests(const char *id_digest,
559 const char *sk_digest)
560 {
561 cert_list_t *cl;
562 if (!trusted_dir_certs ||
563 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
564 return NULL;
565 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
566 if (tor_memeq(cert->signing_key_digest, sk_digest, DIGEST_LEN))
567 return cert; );
568
569 return NULL;
570 }
571
572 /** Add every known authority_cert_t to <b>certs_out</b>. */
573 void
574 authority_cert_get_all(smartlist_t *certs_out)
575 {
576 tor_assert(certs_out);
577 if (!trusted_dir_certs)
578 return;
579
580 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
581 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
582 smartlist_add(certs_out, c));
583 } DIGESTMAP_FOREACH_END;
584 }
585
586 /** Called when an attempt to download a certificate with the authority with
587 * ID <b>id_digest</b> and, if not NULL, signed with key signing_key_digest
588 * fails with HTTP response code <b>status</b>: remember the failure, so we
589 * don't try again immediately. */
590 void
591 authority_cert_dl_failed(const char *id_digest,
592 const char *signing_key_digest, int status)
593 {
594 cert_list_t *cl;
595 download_status_t *dlstatus = NULL;
596 char id_digest_str[2*DIGEST_LEN+1];
597 char sk_digest_str[2*DIGEST_LEN+1];
598
599 if (!trusted_dir_certs ||
600 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
601 return;
602
603 /*
604 * Are we noting a failed download of the latest cert for the id digest,
605 * or of a download by (id, signing key) digest pair?
606 */
607 if (!signing_key_digest) {
608 /* Just by id digest */
609 download_status_failed(&cl->dl_status_by_id, status);
610 } else {
611 /* Reset by (id, signing key) digest pair
612 *
613 * Look for a download_status_t in the map with this digest
614 */
615 dlstatus = dsmap_get(cl->dl_status_map, signing_key_digest);
616 /* Got one? */
617 if (dlstatus) {
618 download_status_failed(dlstatus, status);
619 } else {
620 /*
621 * Do this rather than hex_str(), since hex_str clobbers
622 * old results and we call twice in the param list.
623 */
624 base16_encode(id_digest_str, sizeof(id_digest_str),
625 id_digest, DIGEST_LEN);
626 base16_encode(sk_digest_str, sizeof(sk_digest_str),
627 signing_key_digest, DIGEST_LEN);
628 log_warn(LD_BUG,
629 "Got failure for cert fetch with (fp,sk) = (%s,%s), with "
630 "status %d, but knew nothing about the download.",
631 id_digest_str, sk_digest_str, status);
632 }
633 }
634 }
635
636 /** Return true iff when we've been getting enough failures when trying to
637 * download the certificate with ID digest <b>id_digest</b> that we're willing
638 * to start bugging the user about it. */
639 int
640 authority_cert_dl_looks_uncertain(const char *id_digest)
641 {
642 #define N_AUTH_CERT_DL_FAILURES_TO_BUG_USER 2
643 cert_list_t *cl;
644 int n_failures;
645 if (!trusted_dir_certs ||
646 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
647 return 0;
648
649 n_failures = download_status_get_n_failures(&cl->dl_status_by_id);
650 return n_failures >= N_AUTH_CERT_DL_FAILURES_TO_BUG_USER;
651 }
652
653 /** How many times will we try to fetch a certificate before giving up? */
654 #define MAX_CERT_DL_FAILURES 8
655
656 /** Try to download any v3 authority certificates that we may be missing. If
657 * <b>status</b> is provided, try to get all the ones that were used to sign
658 * <b>status</b>. Additionally, try to have a non-expired certificate for
659 * every V3 authority in trusted_dir_servers. Don't fetch certificates we
660 * already have.
661 **/
662 void
663 authority_certs_fetch_missing(networkstatus_t *status, time_t now)
664 {
665 /*
666 * The pending_id digestmap tracks pending certificate downloads by
667 * identity digest; the pending_cert digestmap tracks pending downloads
668 * by (identity digest, signing key digest) pairs.
669 */
670 digestmap_t *pending_id;
671 fp_pair_map_t *pending_cert;
672 authority_cert_t *cert;
673 /*
674 * The missing_id_digests smartlist will hold a list of id digests
675 * we want to fetch the newest cert for; the missing_cert_digests
676 * smartlist will hold a list of fp_pair_t with an identity and
677 * signing key digest.
678 */
679 smartlist_t *missing_cert_digests, *missing_id_digests;
680 char *resource = NULL;
681 cert_list_t *cl;
682 const int cache = directory_caches_unknown_auth_certs(get_options());
683 fp_pair_t *fp_tmp = NULL;
684 char id_digest_str[2*DIGEST_LEN+1];
685 char sk_digest_str[2*DIGEST_LEN+1];
686
687 if (should_delay_dir_fetches(get_options()))
688 return;
689
690 pending_cert = fp_pair_map_new();
691 pending_id = digestmap_new();
692 missing_cert_digests = smartlist_new();
693 missing_id_digests = smartlist_new();
694
695 /*
696 * First, we get the lists of already pending downloads so we don't
697 * duplicate effort.
698 */
699 list_pending_downloads(pending_id, DIR_PURPOSE_FETCH_CERTIFICATE, "fp/");
700 list_pending_fpsk_downloads(pending_cert);
701
702 /*
703 * Now, we download any trusted authority certs we don't have by
704 * identity digest only. This gets the latest cert for that authority.
705 */
706 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, dir_server_t *, ds) {
707 int found = 0;
708 if (!(ds->type & V3_DIRINFO))
709 continue;
710 if (smartlist_contains_digest(missing_id_digests,
711 ds->v3_identity_digest))
712 continue;
713 cl = get_cert_list(ds->v3_identity_digest);
714 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
715 if (now < cert->expires) {
716 /* It's not expired, and we weren't looking for something to
717 * verify a consensus with. Call it done. */
718 download_status_reset(&(cl->dl_status_by_id));
719 /* No sense trying to download it specifically by signing key hash */
720 download_status_reset_by_sk_in_cl(cl, cert->signing_key_digest);
721 found = 1;
722 break;
723 }
724 } SMARTLIST_FOREACH_END(cert);
725 if (!found &&
726 download_status_is_ready(&(cl->dl_status_by_id), now,
727 MAX_CERT_DL_FAILURES) &&
728 !digestmap_get(pending_id, ds->v3_identity_digest)) {
729 log_info(LD_DIR,
730 "No current certificate known for authority %s "
731 "(ID digest %s); launching request.",
732 ds->nickname, hex_str(ds->v3_identity_digest, DIGEST_LEN));
733 smartlist_add(missing_id_digests, ds->v3_identity_digest);
734 }
735 } SMARTLIST_FOREACH_END(ds);
736
737 /*
738 * Next, if we have a consensus, scan through it and look for anything
739 * signed with a key from a cert we don't have. Those get downloaded
740 * by (fp,sk) pair, but if we don't know any certs at all for the fp
741 * (identity digest), and it's one of the trusted dir server certs
742 * we started off above or a pending download in pending_id, don't
743 * try to get it yet. Most likely, the one we'll get for that will
744 * have the right signing key too, and we'd just be downloading
745 * redundantly.
746 */
747 if (status) {
748 SMARTLIST_FOREACH_BEGIN(status->voters, networkstatus_voter_info_t *,
749 voter) {
750 if (!smartlist_len(voter->sigs))
751 continue; /* This authority never signed this consensus, so don't
752 * go looking for a cert with key digest 0000000000. */
753 if (!cache &&
754 !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
755 continue; /* We are not a cache, and we don't know this authority.*/
756
757 /*
758 * If we don't know *any* cert for this authority, and a download by ID
759 * is pending or we added it to missing_id_digests above, skip this
760 * one for now to avoid duplicate downloads.
761 */
762 cl = get_cert_list(voter->identity_digest);
763 if (smartlist_len(cl->certs) == 0) {
764 /* We have no certs at all for this one */
765
766 /* Do we have a download of one pending? */
767 if (digestmap_get(pending_id, voter->identity_digest))
768 continue;
769
770 /*
771 * Are we about to launch a download of one due to the trusted
772 * dir server check above?
773 */
774 if (smartlist_contains_digest(missing_id_digests,
775 voter->identity_digest))
776 continue;
777 }
778
779 SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
780 cert = authority_cert_get_by_digests(voter->identity_digest,
781 sig->signing_key_digest);
782 if (cert) {
783 if (now < cert->expires)
784 download_status_reset_by_sk_in_cl(cl, sig->signing_key_digest);
785 continue;
786 }
787 if (download_status_is_ready_by_sk_in_cl(
788 cl, sig->signing_key_digest,
789 now, MAX_CERT_DL_FAILURES) &&
790 !fp_pair_map_get_by_digests(pending_cert,
791 voter->identity_digest,
792 sig->signing_key_digest)) {
793 /*
794 * Do this rather than hex_str(), since hex_str clobbers
795 * old results and we call twice in the param list.
796 */
797 base16_encode(id_digest_str, sizeof(id_digest_str),
798 voter->identity_digest, DIGEST_LEN);
799 base16_encode(sk_digest_str, sizeof(sk_digest_str),
800 sig->signing_key_digest, DIGEST_LEN);
801
802 if (voter->nickname) {
803 log_info(LD_DIR,
804 "We're missing a certificate from authority %s "
805 "(ID digest %s) with signing key %s: "
806 "launching request.",
807 voter->nickname, id_digest_str, sk_digest_str);
808 } else {
809 log_info(LD_DIR,
810 "We're missing a certificate from authority ID digest "
811 "%s with signing key %s: launching request.",
812 id_digest_str, sk_digest_str);
813 }
814
815 /* Allocate a new fp_pair_t to append */
816 fp_tmp = tor_malloc(sizeof(*fp_tmp));
817 memcpy(fp_tmp->first, voter->identity_digest, sizeof(fp_tmp->first));
818 memcpy(fp_tmp->second, sig->signing_key_digest,
819 sizeof(fp_tmp->second));
820 smartlist_add(missing_cert_digests, fp_tmp);
821 }
822 } SMARTLIST_FOREACH_END(sig);
823 } SMARTLIST_FOREACH_END(voter);
824 }
825
826 /* Do downloads by identity digest */
827 if (smartlist_len(missing_id_digests) > 0) {
828 int need_plus = 0;
829 smartlist_t *fps = smartlist_new();
830
831 smartlist_add(fps, tor_strdup("fp/"));
832
833 SMARTLIST_FOREACH_BEGIN(missing_id_digests, const char *, d) {
834 char *fp = NULL;
835
836 if (digestmap_get(pending_id, d))
837 continue;
838
839 base16_encode(id_digest_str, sizeof(id_digest_str),
840 d, DIGEST_LEN);
841
842 if (need_plus) {
843 tor_asprintf(&fp, "+%s", id_digest_str);
844 } else {
845 /* No need for tor_asprintf() in this case; first one gets no '+' */
846 fp = tor_strdup(id_digest_str);
847 need_plus = 1;
848 }
849
850 smartlist_add(fps, fp);
851 } SMARTLIST_FOREACH_END(d);
852
853 if (smartlist_len(fps) > 1) {
854 resource = smartlist_join_strings(fps, "", 0, NULL);
855 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
856 resource, PDS_RETRY_IF_NO_SERVERS);
857 tor_free(resource);
858 }
859 /* else we didn't add any: they were all pending */
860
861 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
862 smartlist_free(fps);
863 }
864
865 /* Do downloads by identity digest/signing key pair */
866 if (smartlist_len(missing_cert_digests) > 0) {
867 int need_plus = 0;
868 smartlist_t *fp_pairs = smartlist_new();
869
870 smartlist_add(fp_pairs, tor_strdup("fp-sk/"));
871
872 SMARTLIST_FOREACH_BEGIN(missing_cert_digests, const fp_pair_t *, d) {
873 char *fp_pair = NULL;
874
875 if (fp_pair_map_get(pending_cert, d))
876 continue;
877
878 /* Construct string encodings of the digests */
879 base16_encode(id_digest_str, sizeof(id_digest_str),
880 d->first, DIGEST_LEN);
881 base16_encode(sk_digest_str, sizeof(sk_digest_str),
882 d->second, DIGEST_LEN);
883
884 /* Now tor_asprintf() */
885 if (need_plus) {
886 tor_asprintf(&fp_pair, "+%s-%s", id_digest_str, sk_digest_str);
887 } else {
888 /* First one in the list doesn't get a '+' */
889 tor_asprintf(&fp_pair, "%s-%s", id_digest_str, sk_digest_str);
890 need_plus = 1;
891 }
892
893 /* Add it to the list of pairs to request */
894 smartlist_add(fp_pairs, fp_pair);
895 } SMARTLIST_FOREACH_END(d);
896
897 if (smartlist_len(fp_pairs) > 1) {
898 resource = smartlist_join_strings(fp_pairs, "", 0, NULL);
899 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
900 resource, PDS_RETRY_IF_NO_SERVERS);
901 tor_free(resource);
902 }
903 /* else they were all pending */
904
905 SMARTLIST_FOREACH(fp_pairs, char *, p, tor_free(p));
906 smartlist_free(fp_pairs);
907 }
908
909 smartlist_free(missing_id_digests);
910 SMARTLIST_FOREACH(missing_cert_digests, fp_pair_t *, p, tor_free(p));
911 smartlist_free(missing_cert_digests);
912 digestmap_free(pending_id, NULL);
913 fp_pair_map_free(pending_cert, NULL);
914 }
915
916 /* Router descriptor storage.
917 *
918 * Routerdescs are stored in a big file, named "cached-descriptors". As new
919 * routerdescs arrive, we append them to a journal file named
920 * "cached-descriptors.new".
921 *
922 * From time to time, we replace "cached-descriptors" with a new file
923 * containing only the live, non-superseded descriptors, and clear
924 * cached-routers.new.
925 *
926 * On startup, we read both files.
927 */
928
929 /** Helper: return 1 iff the router log is so big we want to rebuild the
930 * store. */
931 static int
932 router_should_rebuild_store(desc_store_t *store)
933 {
934 if (store->store_len > (1<<16))
935 return (store->journal_len > store->store_len / 2 ||
936 store->bytes_dropped > store->store_len / 2);
937 else
938 return store->journal_len > (1<<15);
939 }
940
941 /** Return the desc_store_t in <b>rl</b> that should be used to store
942 * <b>sd</b>. */
943 static INLINE desc_store_t *
944 desc_get_store(routerlist_t *rl, const signed_descriptor_t *sd)
945 {
946 if (sd->is_extrainfo)
947 return &rl->extrainfo_store;
948 else
949 return &rl->desc_store;
950 }
951
952 /** Add the signed_descriptor_t in <b>desc</b> to the router
953 * journal; change its saved_location to SAVED_IN_JOURNAL and set its
954 * offset appropriately. */
955 static int
956 signed_desc_append_to_journal(signed_descriptor_t *desc,
957 desc_store_t *store)
958 {
959 char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
960 const char *body = signed_descriptor_get_body_impl(desc,1);
961 size_t len = desc->signed_descriptor_len + desc->annotations_len;
962
963 if (append_bytes_to_file(fname, body, len, 1)) {
964 log_warn(LD_FS, "Unable to store router descriptor");
965 tor_free(fname);
966 return -1;
967 }
968 desc->saved_location = SAVED_IN_JOURNAL;
969 tor_free(fname);
970
971 desc->saved_offset = store->journal_len;
972 store->journal_len += len;
973
974 return 0;
975 }
976
977 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
978 * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
979 * the signed_descriptor_t* in *<b>b</b>. */
980 static int
981 compare_signed_descriptors_by_age_(const void **_a, const void **_b)
982 {
983 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
984 return (int)(r1->published_on - r2->published_on);
985 }
986
987 #define RRS_FORCE 1
988 #define RRS_DONT_REMOVE_OLD 2
989
990 /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
991 * <b>flags</b>, then atomically replace the saved router store with the
992 * routers currently in our routerlist, and clear the journal. Unless
993 * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
994 * rebuilding the store. Return 0 on success, -1 on failure.
995 */
996 static int
997 router_rebuild_store(int flags, desc_store_t *store)
998 {
999 smartlist_t *chunk_list = NULL;
1000 char *fname = NULL, *fname_tmp = NULL;
1001 int r = -1;
1002 off_t offset = 0;
1003 smartlist_t *signed_descriptors = NULL;
1004 int nocache=0;
1005 size_t total_expected_len = 0;
1006 int had_any;
1007 int force = flags & RRS_FORCE;
1008
1009 if (!force && !router_should_rebuild_store(store)) {
1010 r = 0;
1011 goto done;
1012 }
1013 if (!routerlist) {
1014 r = 0;
1015 goto done;
1016 }
1017
1018 if (store->type == EXTRAINFO_STORE)
1019 had_any = !eimap_isempty(routerlist->extra_info_map);
1020 else
1021 had_any = (smartlist_len(routerlist->routers)+
1022 smartlist_len(routerlist->old_routers))>0;
1023
1024 /* Don't save deadweight. */
1025 if (!(flags & RRS_DONT_REMOVE_OLD))
1026 routerlist_remove_old_routers();
1027
1028 log_info(LD_DIR, "Rebuilding %s cache", store->description);
1029
1030 fname = get_datadir_fname(store->fname_base);
1031 fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
1032
1033 chunk_list = smartlist_new();
1034
1035 /* We sort the routers by age to enhance locality on disk. */
1036 signed_descriptors = smartlist_new();
1037 if (store->type == EXTRAINFO_STORE) {
1038 eimap_iter_t *iter;
1039 for (iter = eimap_iter_init(routerlist->extra_info_map);
1040 !eimap_iter_done(iter);
1041 iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
1042 const char *key;
1043 extrainfo_t *ei;
1044 eimap_iter_get(iter, &key, &ei);
1045 smartlist_add(signed_descriptors, &ei->cache_info);
1046 }
1047 } else {
1048 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
1049 smartlist_add(signed_descriptors, sd));
1050 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
1051 smartlist_add(signed_descriptors, &ri->cache_info));
1052 }
1053
1054 smartlist_sort(signed_descriptors, compare_signed_descriptors_by_age_);
1055
1056 /* Now, add the appropriate members to chunk_list */
1057 SMARTLIST_FOREACH_BEGIN(signed_descriptors, signed_descriptor_t *, sd) {
1058 sized_chunk_t *c;
1059 const char *body = signed_descriptor_get_body_impl(sd, 1);
1060 if (!body) {
1061 log_warn(LD_BUG, "No descriptor available for router.");
1062 goto done;
1063 }
1064 if (sd->do_not_cache) {
1065 ++nocache;
1066 continue;
1067 }
1068 c = tor_malloc(sizeof(sized_chunk_t));
1069 c->bytes = body;
1070 c->len = sd->signed_descriptor_len + sd->annotations_len;
1071 total_expected_len += c->len;
1072 smartlist_add(chunk_list, c);
1073 } SMARTLIST_FOREACH_END(sd);
1074
1075 if (write_chunks_to_file(fname_tmp, chunk_list, 1)<0) {
1076 log_warn(LD_FS, "Error writing router store to disk.");
1077 goto done;
1078 }
1079
1080 /* Our mmap is now invalid. */
1081 if (store->mmap) {
1082 tor_munmap_file(store->mmap);
1083 store->mmap = NULL;
1084 }
1085
1086 if (replace_file(fname_tmp, fname)<0) {
1087 log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
1088 goto done;
1089 }
1090
1091 errno = 0;
1092 store->mmap = tor_mmap_file(fname);
1093 if (! store->mmap) {
1094 if (errno == ERANGE) {
1095 /* empty store.*/
1096 if (total_expected_len) {
1097 log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
1098 " but when we went to mmap it, it was empty!", fname);
1099 } else if (had_any) {
1100 log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
1101 "okay if we're just starting up after a long time. "
1102 "Otherwise, it's a bug.", fname);
1103 }
1104 } else {
1105 log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
1106 }
1107 }
1108
1109 log_info(LD_DIR, "Reconstructing pointers into cache");
1110
1111 offset = 0;
1112 SMARTLIST_FOREACH_BEGIN(signed_descriptors, signed_descriptor_t *, sd) {
1113 if (sd->do_not_cache)
1114 continue;
1115 sd->saved_location = SAVED_IN_CACHE;
1116 if (store->mmap) {
1117 tor_free(sd->signed_descriptor_body); // sets it to null
1118 sd->saved_offset = offset;
1119 }
1120 offset += sd->signed_descriptor_len + sd->annotations_len;
1121 signed_descriptor_get_body(sd); /* reconstruct and assert */
1122 } SMARTLIST_FOREACH_END(sd);
1123
1124 tor_free(fname);
1125 fname = get_datadir_fname_suffix(store->fname_base, ".new");
1126 write_str_to_file(fname, "", 1);
1127
1128 r = 0;
1129 store->store_len = (size_t) offset;
1130 store->journal_len = 0;
1131 store->bytes_dropped = 0;
1132 done:
1133 smartlist_free(signed_descriptors);
1134 tor_free(fname);
1135 tor_free(fname_tmp);
1136 if (chunk_list) {
1137 SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
1138 smartlist_free(chunk_list);
1139 }
1140
1141 return r;
1142 }
1143
1144 /** Helper: Reload a cache file and its associated journal, setting metadata
1145 * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
1146 * else reload the router descriptor store. */
1147 static int
1148 router_reload_router_list_impl(desc_store_t *store)
1149 {
1150 char *fname = NULL, *altname = NULL, *contents = NULL;
1151 struct stat st;
1152 int read_from_old_location = 0;
1153 int extrainfo = (store->type == EXTRAINFO_STORE);
1154 time_t now = time(NULL);
1155 store->journal_len = store->store_len = 0;
1156
1157 fname = get_datadir_fname(store->fname_base);
1158 if (store->fname_alt_base)
1159 altname = get_datadir_fname(store->fname_alt_base);
1160
1161 if (store->mmap) /* get rid of it first */
1162 tor_munmap_file(store->mmap);
1163 store->mmap = NULL;
1164
1165 store->mmap = tor_mmap_file(fname);
1166 if (!store->mmap && altname && file_status(altname) == FN_FILE) {
1167 read_from_old_location = 1;
1168 log_notice(LD_DIR, "Couldn't read %s; trying to load routers from old "
1169 "location %s.", fname, altname);
1170 if ((store->mmap = tor_mmap_file(altname)))
1171 read_from_old_location = 1;
1172 }
1173 if (altname && !read_from_old_location) {
1174 remove_file_if_very_old(altname, now);
1175 }
1176 if (store->mmap) {
1177 store->store_len = store->mmap->size;
1178 if (extrainfo)
1179 router_load_extrainfo_from_string(store->mmap->data,
1180 store->mmap->data+store->mmap->size,
1181 SAVED_IN_CACHE, NULL, 0);
1182 else
1183 router_load_routers_from_string(store->mmap->data,
1184 store->mmap->data+store->mmap->size,
1185 SAVED_IN_CACHE, NULL, 0, NULL);
1186 }
1187
1188 tor_free(fname);
1189 fname = get_datadir_fname_suffix(store->fname_base, ".new");
1190 if (file_status(fname) == FN_FILE)
1191 contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
1192 if (read_from_old_location) {
1193 tor_free(altname);
1194 altname = get_datadir_fname_suffix(store->fname_alt_base, ".new");
1195 if (!contents)
1196 contents = read_file_to_str(altname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
1197 else
1198 remove_file_if_very_old(altname, now);
1199 }
1200 if (contents) {
1201 if (extrainfo)
1202 router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
1203 NULL, 0);
1204 else
1205 router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
1206 NULL, 0, NULL);
1207 store->journal_len = (size_t) st.st_size;
1208 tor_free(contents);
1209 }
1210
1211 tor_free(fname);
1212 tor_free(altname);
1213
1214 if (store->journal_len || read_from_old_location) {
1215 /* Always clear the journal on startup.*/
1216 router_rebuild_store(RRS_FORCE, store);
1217 } else if (!extrainfo) {
1218 /* Don't cache expired routers. (This is in an else because
1219 * router_rebuild_store() also calls remove_old_routers().) */
1220 routerlist_remove_old_routers();
1221 }
1222
1223 return 0;
1224 }
1225
1226 /** Load all cached router descriptors and extra-info documents from the
1227 * store. Return 0 on success and -1 on failure.
1228 */
1229 int
1230 router_reload_router_list(void)
1231 {
1232 routerlist_t *rl = router_get_routerlist();
1233 if (router_reload_router_list_impl(&rl->desc_store))
1234 return -1;
1235 if (router_reload_router_list_impl(&rl->extrainfo_store))
1236 return -1;
1237 return 0;
1238 }
1239
1240 /** Return a smartlist containing a list of dir_server_t * for all
1241 * known trusted dirservers. Callers must not modify the list or its
1242 * contents.
1243 */
1244 const smartlist_t *
1245 router_get_trusted_dir_servers(void)
1246 {
1247 if (!trusted_dir_servers)
1248 trusted_dir_servers = smartlist_new();
1249
1250 return trusted_dir_servers;
1251 }
1252
1253 const smartlist_t *
1254 router_get_fallback_dir_servers(void)
1255 {
1256 if (!fallback_dir_servers)
1257 fallback_dir_servers = smartlist_new();
1258
1259 return fallback_dir_servers;
1260 }
1261
1262 /** Try to find a running dirserver that supports operations of <b>type</b>.
1263 *
1264 * If there are no running dirservers in our routerlist and the
1265 * <b>PDS_RETRY_IF_NO_SERVERS</b> flag is set, set all the authoritative ones
1266 * as running again, and pick one.
1267 *
1268 * If the <b>PDS_IGNORE_FASCISTFIREWALL</b> flag is set, then include
1269 * dirservers that we can't reach.
1270 *
1271 * If the <b>PDS_ALLOW_SELF</b> flag is not set, then don't include ourself
1272 * (if we're a dirserver).
1273 *
1274 * Don't pick an authority if any non-authority is viable; try to avoid using
1275 * servers that have returned 503 recently.
1276 */
1277 const routerstatus_t *
1278 router_pick_directory_server(dirinfo_type_t type, int flags)
1279 {
1280 const routerstatus_t *choice;
1281 if (get_options()->PreferTunneledDirConns)
1282 flags |= PDS_PREFER_TUNNELED_DIR_CONNS_;
1283
1284 if (!routerlist)
1285 return NULL;
1286
1287 choice = router_pick_directory_server_impl(type, flags);
1288 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1289 return choice;
1290
1291 log_info(LD_DIR,
1292 "No reachable router entries for dirservers. "
1293 "Trying them all again.");
1294 /* mark all authdirservers as up again */
1295 mark_all_dirservers_up(fallback_dir_servers);
1296 /* try again */
1297 choice = router_pick_directory_server_impl(type, flags);
1298 return choice;
1299 }
1300
1301 /** Try to determine which fraction of v2 and v3 directory requests aimed at
1302 * caches will be sent to us. Set *<b>v2_share_out</b> and
1303 * *<b>v3_share_out</b> to the fractions of v2 and v3 protocol shares we
1304 * expect to see, respectively. Return 0 on success, negative on failure. */
1305 int
1306 router_get_my_share_of_directory_requests(double *v2_share_out,
1307 double *v3_share_out)
1308 {
1309 const routerinfo_t *me = router_get_my_routerinfo();
1310 const routerstatus_t *rs;
1311 const int pds_flags = PDS_ALLOW_SELF|PDS_IGNORE_FASCISTFIREWALL;
1312 *v2_share_out = *v3_share_out = 0.0;
1313 if (!me)
1314 return -1;
1315 rs = router_get_consensus_status_by_id(me->cache_info.identity_digest);
1316 if (!rs)
1317 return -1;
1318
1319 /* Calling for side effect */
1320 /* XXXX This is a bit of a kludge */
1321 if (rs->is_v2_dir) {
1322 sl_last_total_weighted_bw = 0;
1323 router_pick_directory_server(V2_DIRINFO, pds_flags);
1324 if (sl_last_total_weighted_bw != 0) {
1325 *v2_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
1326 U64_TO_DBL(sl_last_total_weighted_bw);
1327 }
1328 }
1329
1330 {
1331 sl_last_total_weighted_bw = 0;
1332 router_pick_directory_server(V3_DIRINFO, pds_flags);
1333 if (sl_last_total_weighted_bw != 0) {
1334 *v3_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
1335 U64_TO_DBL(sl_last_total_weighted_bw);
1336 }
1337 }
1338
1339 return 0;
1340 }
1341
1342 /** Return the dir_server_t for the directory authority whose identity
1343 * key hashes to <b>digest</b>, or NULL if no such authority is known.
1344 */
1345 dir_server_t *
1346 router_get_trusteddirserver_by_digest(const char *digest)
1347 {
1348 if (!trusted_dir_servers)
1349 return NULL;
1350
1351 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ds,
1352 {
1353 if (tor_memeq(ds->digest, digest, DIGEST_LEN))
1354 return ds;
1355 });
1356
1357 return NULL;
1358 }
1359
1360 /** Return the dir_server_t for the fallback dirserver whose identity
1361 * key hashes to <b>digest</b>, or NULL if no such authority is known.
1362 */
1363 dir_server_t *
1364 router_get_fallback_dirserver_by_digest(const char *digest)
1365 {
1366 if (!trusted_dir_servers)
1367 return NULL;
1368
1369 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ds,
1370 {
1371 if (tor_memeq(ds->digest, digest, DIGEST_LEN))
1372 return ds;
1373 });
1374
1375 return NULL;
1376 }
1377
1378 /** Return the dir_server_t for the directory authority whose
1379 * v3 identity key hashes to <b>digest</b>, or NULL if no such authority
1380 * is known.
1381 */
1382 dir_server_t *
1383 trusteddirserver_get_by_v3_auth_digest(const char *digest)
1384 {
1385 if (!trusted_dir_servers)
1386 return NULL;
1387
1388 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ds,
1389 {
1390 if (tor_memeq(ds->v3_identity_digest, digest, DIGEST_LEN) &&
1391 (ds->type & V3_DIRINFO))
1392 return ds;
1393 });
1394
1395 return NULL;
1396 }
1397
1398 /** Try to find a running directory authority. Flags are as for
1399 * router_pick_directory_server.
1400 */
1401 const routerstatus_t *
1402 router_pick_trusteddirserver(dirinfo_type_t type, int flags)
1403 {
1404 return router_pick_dirserver_generic(trusted_dir_servers, type, flags);
1405 }
1406
1407 /** Try to find a running fallback directory Flags are as for
1408 * router_pick_directory_server.
1409 */
1410 const routerstatus_t *
1411 router_pick_fallback_dirserver(dirinfo_type_t type, int flags)
1412 {
1413 return router_pick_dirserver_generic(fallback_dir_servers, type, flags);
1414 }
1415
1416 /** Try to find a running fallback directory Flags are as for
1417 * router_pick_directory_server.
1418 */
1419 static const routerstatus_t *
1420 router_pick_dirserver_generic(smartlist_t *sourcelist,
1421 dirinfo_type_t type, int flags)
1422 {
1423 const routerstatus_t *choice;
1424 int busy = 0;
1425 if (get_options()->PreferTunneledDirConns)
1426 flags |= PDS_PREFER_TUNNELED_DIR_CONNS_;
1427
1428 choice = router_pick_trusteddirserver_impl(sourcelist, type, flags, &busy);
1429 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1430 return choice;
1431 if (busy) {
1432 /* If the reason that we got no server is that servers are "busy",
1433 * we must be excluding good servers because we already have serverdesc
1434 * fetches with them. Do not mark down servers up because of this. */
1435 tor_assert((flags & (PDS_NO_EXISTING_SERVERDESC_FETCH|
1436 PDS_NO_EXISTING_MICRODESC_FETCH)));
1437 return NULL;
1438 }
1439
1440 log_info(LD_DIR,
1441 "No dirservers are reachable. Trying them all again.");
1442 mark_all_dirservers_up(sourcelist);
1443 return router_pick_trusteddirserver_impl(sourcelist, type, flags, NULL);
1444 }
1445
1446 /** How long do we avoid using a directory server after it's given us a 503? */
1447 #define DIR_503_TIMEOUT (60*60)
1448
1449 /** Pick a random running valid directory server/mirror from our
1450 * routerlist. Arguments are as for router_pick_directory_server(), except
1451 * that RETRY_IF_NO_SERVERS is ignored, and:
1452 *
1453 * If the PDS_PREFER_TUNNELED_DIR_CONNS_ flag is set, prefer directory servers
1454 * that we can use with BEGINDIR.
1455 */
1456 static const routerstatus_t *
1457 router_pick_directory_server_impl(dirinfo_type_t type, int flags)
1458 {
1459 const or_options_t *options = get_options();
1460 const node_t *result;
1461 smartlist_t *direct, *tunnel;
1462 smartlist_t *trusted_direct, *trusted_tunnel;
1463 smartlist_t *overloaded_direct, *overloaded_tunnel;
1464 time_t now = time(NULL);
1465 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1466 int requireother = ! (flags & PDS_ALLOW_SELF);
1467 int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1468 int prefer_tunnel = (flags & PDS_PREFER_TUNNELED_DIR_CONNS_);
1469 int for_guard = (flags & PDS_FOR_GUARD);
1470 int try_excluding = 1, n_excluded = 0;
1471
1472 if (!consensus)
1473 return NULL;
1474
1475 retry_without_exclude:
1476
1477 direct = smartlist_new();
1478 tunnel = smartlist_new();
1479 trusted_direct = smartlist_new();
1480 trusted_tunnel = smartlist_new();
1481 overloaded_direct = smartlist_new();
1482 overloaded_tunnel = smartlist_new();
1483
1484 /* Find all the running dirservers we know about. */
1485 SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
1486 int is_trusted;
1487 int is_overloaded;
1488 tor_addr_t addr;
1489 const routerstatus_t *status = node->rs;
1490 const country_t country = node->country;
1491 if (!status)
1492 continue;
1493
1494 if (!node->is_running || !status->dir_port || !node->is_valid)
1495 continue;
1496 if (node->is_bad_directory)
1497 continue;
1498 if (requireother && router_digest_is_me(node->identity))
1499 continue;
1500 is_trusted = router_digest_is_trusted_dir(node->identity);
1501 if ((type & V2_DIRINFO) && !(node->rs->is_v2_dir || is_trusted))
1502 continue;
1503 if ((type & EXTRAINFO_DIRINFO) &&
1504 !router_supports_extrainfo(node->identity, 0))
1505 continue;
1506 if ((type & MICRODESC_DIRINFO) && !is_trusted &&
1507 !node->rs->version_supports_microdesc_cache)
1508 continue;
1509 if (for_guard && node->using_as_guard)
1510 continue; /* Don't make the same node a guard twice. */
1511 if (try_excluding &&
1512 routerset_contains_routerstatus(options->ExcludeNodes, status,
1513 country)) {
1514 ++n_excluded;
1515 continue;
1516 }
1517
1518 /* XXXX IP6 proposal 118 */
1519 tor_addr_from_ipv4h(&addr, node->rs->addr);
1520
1521 is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now;
1522
1523 if (prefer_tunnel &&
1524 (!fascistfirewall ||
1525 fascist_firewall_allows_address_or(&addr, status->or_port)))
1526 smartlist_add(is_trusted ? trusted_tunnel :
1527 is_overloaded ? overloaded_tunnel : tunnel, (void*)node);
1528 else if (!fascistfirewall ||
1529 fascist_firewall_allows_address_dir(&addr, status->dir_port))
1530 smartlist_add(is_trusted ? trusted_direct :
1531 is_overloaded ? overloaded_direct : direct, (void*)node);
1532 } SMARTLIST_FOREACH_END(node);
1533
1534 if (smartlist_len(tunnel)) {
1535 result = node_sl_choose_by_bandwidth(tunnel, WEIGHT_FOR_DIR);
1536 } else if (smartlist_len(overloaded_tunnel)) {
1537 result = node_sl_choose_by_bandwidth(overloaded_tunnel,
1538 WEIGHT_FOR_DIR);
1539 } else if (smartlist_len(trusted_tunnel)) {
1540 /* FFFF We don't distinguish between trusteds and overloaded trusteds
1541 * yet. Maybe one day we should. */
1542 /* FFFF We also don't load balance over authorities yet. I think this
1543 * is a feature, but it could easily be a bug. -RD */
1544 result = smartlist_choose(trusted_tunnel);
1545 } else if (smartlist_len(direct)) {
1546 result = node_sl_choose_by_bandwidth(direct, WEIGHT_FOR_DIR);
1547 } else if (smartlist_len(overloaded_direct)) {
1548 result = node_sl_choose_by_bandwidth(overloaded_direct,
1549 WEIGHT_FOR_DIR);
1550 } else {
1551 result = smartlist_choose(trusted_direct);
1552 }
1553 smartlist_free(direct);
1554 smartlist_free(tunnel);
1555 smartlist_free(trusted_direct);
1556 smartlist_free(trusted_tunnel);
1557 smartlist_free(overloaded_direct);
1558 smartlist_free(overloaded_tunnel);
1559
1560 if (result == NULL && try_excluding && !options->StrictNodes && n_excluded) {
1561 /* If we got no result, and we are excluding nodes, and StrictNodes is
1562 * not set, try again without excluding nodes. */
1563 try_excluding = 0;
1564 n_excluded = 0;
1565 goto retry_without_exclude;
1566 }
1567
1568 return result ? result->rs : NULL;
1569 }
1570
1571 /** Pick a random element from a list of dir_server_t, weighting by their
1572 * <b>weight</b> field. */
1573 static const dir_server_t *
1574 dirserver_choose_by_weight(const smartlist_t *servers, double authority_weight)
1575 {
1576 int n = smartlist_len(servers);
1577 int i;
1578 u64_dbl_t *weights;
1579 const dir_server_t *ds;
1580
1581 weights = tor_malloc(sizeof(u64_dbl_t) * n);
1582 for (i = 0; i < n; ++i) {
1583 ds = smartlist_get(servers, i);
1584 weights[i].dbl = ds->weight;
1585 if (ds->is_authority)
1586 weights[i].dbl *= authority_weight;
1587 }
1588
1589 scale_array_elements_to_u64(weights, n, NULL);
1590 i = choose_array_element_by_weight(weights, n);
1591 tor_free(weights);
1592 return (i < 0) ? NULL : smartlist_get(servers, i);
1593 }
1594
1595 /** Choose randomly from among the dir_server_ts in sourcelist that
1596 * are up. Flags are as for router_pick_directory_server_impl().
1597 */
1598 static const routerstatus_t *
1599 router_pick_trusteddirserver_impl(const smartlist_t *sourcelist,
1600 dirinfo_type_t type, int flags,
1601 int *n_busy_out)
1602 {
1603 const or_options_t *options = get_options();
1604 smartlist_t *direct, *tunnel;
1605 smartlist_t *overloaded_direct, *overloaded_tunnel;
1606 const routerinfo_t *me = router_get_my_routerinfo();
1607 const routerstatus_t *result = NULL;
1608 time_t now = time(NULL);
1609 const int requireother = ! (flags & PDS_ALLOW_SELF);
1610 const int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1611 const int prefer_tunnel = (flags & PDS_PREFER_TUNNELED_DIR_CONNS_);
1612 const int no_serverdesc_fetching =(flags & PDS_NO_EXISTING_SERVERDESC_FETCH);
1613 const int no_microdesc_fetching =(flags & PDS_NO_EXISTING_MICRODESC_FETCH);
1614 const double auth_weight = (sourcelist == fallback_dir_servers) ?
1615 options->DirAuthorityFallbackRate : 1.0;
1616 smartlist_t *pick_from;
1617 int n_busy = 0;
1618 int try_excluding = 1, n_excluded = 0;
1619
1620 if (!sourcelist)
1621 return NULL;
1622
1623 retry_without_exclude:
1624
1625 direct = smartlist_new();
1626 tunnel = smartlist_new();
1627 overloaded_direct = smartlist_new();
1628 overloaded_tunnel = smartlist_new();
1629
1630 SMARTLIST_FOREACH_BEGIN(sourcelist, const dir_server_t *, d)
1631 {
1632 int is_overloaded =
1633 d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now;
1634 tor_addr_t addr;
1635 if (!d->is_running) continue;
1636 if ((type & d->type) == 0)
1637 continue;
1638 if ((type & EXTRAINFO_DIRINFO) &&
1639 !router_supports_extrainfo(d->digest, 1))
1640 continue;
1641 if (requireother && me && router_digest_is_me(d->digest))
1642 continue;
1643 if (try_excluding &&
1644 routerset_contains_routerstatus(options->ExcludeNodes,
1645 &d->fake_status, -1)) {
1646 ++n_excluded;
1647 continue;
1648 }
1649
1650 /* XXXX IP6 proposal 118 */
1651 tor_addr_from_ipv4h(&addr, d->addr);
1652
1653 if (no_serverdesc_fetching) {
1654 if (connection_get_by_type_addr_port_purpose(
1655 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)
1656 || connection_get_by_type_addr_port_purpose(
1657 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_EXTRAINFO)) {
1658 //log_debug(LD_DIR, "We have an existing connection to fetch "
1659 // "descriptor from %s; delaying",d->description);
1660 ++n_busy;
1661 continue;
1662 }
1663 }
1664 if (no_microdesc_fetching) {
1665 if (connection_get_by_type_addr_port_purpose(
1666 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_MICRODESC)) {
1667 ++n_busy;
1668 continue;
1669 }
1670 }
1671
1672 if (prefer_tunnel &&
1673 d->or_port &&
1674 (!fascistfirewall ||
1675 fascist_firewall_allows_address_or(&addr, d->or_port)))
1676 smartlist_add(is_overloaded ? overloaded_tunnel : tunnel, (void*)d);
1677 else if (!fascistfirewall ||
1678 fascist_firewall_allows_address_dir(&addr, d->dir_port))
1679 smartlist_add(is_overloaded ? overloaded_direct : direct, (void*)d);
1680 }
1681 SMARTLIST_FOREACH_END(d);
1682
1683 if (smartlist_len(tunnel)) {
1684 pick_from = tunnel;
1685 } else if (smartlist_len(overloaded_tunnel)) {
1686 pick_from = overloaded_tunnel;
1687 } else if (smartlist_len(direct)) {
1688 pick_from = direct;
1689 } else {
1690 pick_from = overloaded_direct;
1691 }
1692
1693 {
1694 const dir_server_t *selection =
1695 dirserver_choose_by_weight(pick_from, auth_weight);
1696
1697 if (selection)
1698 result = &selection->fake_status;
1699 }
1700
1701 if (n_busy_out)
1702 *n_busy_out = n_busy;
1703
1704 smartlist_free(direct);
1705 smartlist_free(tunnel);
1706 smartlist_free(overloaded_direct);
1707 smartlist_free(overloaded_tunnel);
1708
1709 if (result == NULL && try_excluding && !options->StrictNodes && n_excluded) {
1710 /* If we got no result, and we are excluding nodes, and StrictNodes is
1711 * not set, try again without excluding nodes. */
1712 try_excluding = 0;
1713 n_excluded = 0;
1714 goto retry_without_exclude;
1715 }
1716
1717 return result;
1718 }
1719
1720 /** Mark as running every dir_server_t in <b>server_list</b>. */
1721 static void
1722 mark_all_dirservers_up(smartlist_t *server_list)
1723 {
1724 if (server_list) {
1725 SMARTLIST_FOREACH_BEGIN(server_list, dir_server_t *, dir) {
1726 routerstatus_t *rs;
1727 node_t *node;
1728 dir->is_running = 1;
1729 download_status_reset(&dir->v2_ns_dl_status);
1730 node = node_get_mutable_by_id(dir->digest);
1731 if (node)
1732 node->is_running = 1;
1733 rs = router_get_mutable_consensus_status_by_id(dir->digest);
1734 if (rs) {
1735 rs->last_dir_503_at = 0;
1736 control_event_networkstatus_changed_single(rs);
1737 }
1738 } SMARTLIST_FOREACH_END(dir);
1739 }
1740 router_dir_info_changed();
1741 }
1742
1743 /** Return true iff r1 and r2 have the same address and OR port. */
1744 int
1745 routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
1746 {
1747 return r1->addr == r2->addr && r1->or_port == r2->or_port &&
1748 tor_addr_eq(&r1->ipv6_addr, &r2->ipv6_addr) &&
1749 r1->ipv6_orport == r2->ipv6_orport;
1750 }
1751
1752 /** Reset all internal variables used to count failed downloads of network
1753 * status objects. */
1754 void
1755 router_reset_status_download_failures(void)
1756 {
1757 mark_all_dirservers_up(fallback_dir_servers);
1758 }
1759
1760 /** Given a <b>router</b>, add every node_t in its family (including the
1761 * node itself!) to <b>sl</b>.
1762 *
1763 * Note the type mismatch: This function takes a routerinfo, but adds nodes
1764 * to the smartlist!
1765 */
1766 static void
1767 routerlist_add_node_and_family(smartlist_t *sl, const routerinfo_t *router)
1768 {
1769 /* XXXX MOVE ? */
1770 node_t fake_node;
1771 const node_t *node = node_get_by_id(router->cache_info.identity_digest);;
1772 if (node == NULL) {
1773 memset(&fake_node, 0, sizeof(fake_node));
1774 fake_node.ri = (routerinfo_t *)router;
1775 memcpy(fake_node.identity, router->cache_info.identity_digest, DIGEST_LEN);
1776 node = &fake_node;
1777 }
1778 nodelist_add_node_and_family(sl, node);
1779 }
1780
1781 /** Add every suitable node from our nodelist to <b>sl</b>, so that
1782 * we can pick a node for a circuit.
1783 */
1784 static void
1785 router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid,
1786 int need_uptime, int need_capacity,
1787 int need_guard, int need_desc)
1788 { /* XXXX MOVE */
1789 SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
1790 if (!node->is_running ||
1791 (!node->is_valid && !allow_invalid))
1792 continue;
1793 if (need_desc && !(node->ri || (node->rs && node->md)))
1794 continue;
1795 if (node->ri && node->ri->purpose != ROUTER_PURPOSE_GENERAL)
1796 continue;
1797 if (node_is_unreliable(node, need_uptime, need_capacity, need_guard))
1798 continue;
1799
1800 smartlist_add(sl, (void *)node);
1801 } SMARTLIST_FOREACH_END(node);
1802 }
1803
1804 /** Look through the routerlist until we find a router that has my key.
1805 Return it. */
1806 const routerinfo_t *
1807 routerlist_find_my_routerinfo(void)
1808 {
1809 if (!routerlist)
1810 return NULL;
1811
1812 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1813 {
1814 if (router_is_me(router))
1815 return router;
1816 });
1817 return NULL;
1818 }
1819
1820 /** Return the smaller of the router's configured BandwidthRate
1821 * and its advertised capacity. */
1822 uint32_t
1823 router_get_advertised_bandwidth(const routerinfo_t *router)
1824 {
1825 if (router->bandwidthcapacity < router->bandwidthrate)
1826 return router->bandwidthcapacity;
1827 return router->bandwidthrate;
1828 }
1829
1830 /** Do not weight any declared bandwidth more than this much when picking
1831 * routers by bandwidth. */
1832 #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
1833
1834 /** Return the smaller of the router's configured BandwidthRate
1835 * and its advertised capacity, capped by max-believe-bw. */
1836 uint32_t
1837 router_get_advertised_bandwidth_capped(const routerinfo_t *router)
1838 {
1839 uint32_t result = router->bandwidthcapacity;
1840 if (result > router->bandwidthrate)
1841 result = router->bandwidthrate;
1842 if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
1843 result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1844 return result;
1845 }
1846
1847 /** Given an array of double/uint64_t unions that are currently being used as
1848 * doubles, convert them to uint64_t, and try to scale them linearly so as to
1849 * much of the range of uint64_t. If <b>total_out</b> is provided, set it to
1850 * the sum of all elements in the array _before_ scaling. */
1851 /* private */ void
1852 scale_array_elements_to_u64(u64_dbl_t *entries, int n_entries,
1853 uint64_t *total_out)
1854 {
1855 double total = 0.0;
1856 double scale_factor;
1857 int i;
1858 /* big, but far away from overflowing an int64_t */
1859 #define SCALE_TO_U64_MAX (INT64_MAX / 4)
1860
1861 for (i = 0; i < n_entries; ++i)
1862 total += entries[i].dbl;
1863
1864 scale_factor = SCALE_TO_U64_MAX / total;
1865
1866 for (i = 0; i < n_entries; ++i)
1867 entries[i].u64 = tor_llround(entries[i].dbl * scale_factor);
1868
1869 if (total_out)
1870 *total_out = (uint64_t) total;
1871
1872 #undef SCALE_TO_U64_MAX
1873 }
1874
1875 /** Time-invariant 64-bit greater-than; works on two integers in the range
1876 * (0,INT64_MAX). */
1877 #if SIZEOF_VOID_P == 8
1878 #define gt_i64_timei(a,b) ((a) > (b))
1879 #else
1880 static INLINE int
1881 gt_i64_timei(uint64_t a, uint64_t b)
1882 {
1883 int64_t diff = (int64_t) (b - a);
1884 int res = diff >> 63;
1885 return res & 1;
1886 }
1887 #endif
1888
1889 /** Pick a random element of <b>n_entries</b>-element array <b>entries</b>,
1890 * choosing each element with a probability proportional to its (uint64_t)
1891 * value, and return the index of that element. If all elements are 0, choose
1892 * an index at random. Return -1 on error.
1893 */
1894 /* private */ int
1895 choose_array_element_by_weight(const u64_dbl_t *entries, int n_entries)
1896 {
1897 int i, i_chosen=-1, n_chosen=0;
1898 uint64_t total_so_far = 0;
1899 uint64_t rand_val;
1900 uint64_t total = 0;
1901
1902 for (i = 0; i < n_entries; ++i)
1903 total += entries[i].u64;
1904
1905 if (n_entries < 1)
1906 return -1;
1907
1908 if (total == 0)
1909 return crypto_rand_int(n_entries);
1910
1911 tor_assert(total < INT64_MAX);
1912
1913 rand_val = crypto_rand_uint64(total);
1914
1915 for (i = 0; i < n_entries; ++i) {
1916 total_so_far += entries[i].u64;
1917 if (gt_i64_timei(total_so_far, rand_val)) {
1918 i_chosen = i;
1919 n_chosen++;
1920 /* Set rand_val to INT64_MAX rather than stopping the loop. This way,
1921 * the time we spend in the loop does not leak which element we chose. */
1922 rand_val = INT64_MAX;
1923 }
1924 }
1925 tor_assert(total_so_far == total);
1926 tor_assert(n_chosen == 1);
1927 tor_assert(i_chosen >= 0);
1928 tor_assert(i_chosen < n_entries);
1929
1930 return i_chosen;
1931 }
1932
1933 /** When weighting bridges, enforce these values as lower and upper
1934 * bound for believable bandwidth, because there is no way for us
1935 * to verify a bridge's bandwidth currently. */
1936 #define BRIDGE_MIN_BELIEVABLE_BANDWIDTH 20000 /* 20 kB/sec */
1937 #define BRIDGE_MAX_BELIEVABLE_BANDWIDTH 100000 /* 100 kB/sec */
1938
1939 /** Return the smaller of the router's configured BandwidthRate
1940 * and its advertised capacity, making sure to stay within the
1941 * interval between bridge-min-believe-bw and
1942 * bridge-max-believe-bw. */
1943 static uint32_t
1944 bridge_get_advertised_bandwidth_bounded(routerinfo_t *router)
1945 {
1946 uint32_t result = router->bandwidthcapacity;
1947 if (result > router->bandwidthrate)
1948 result = router->bandwidthrate;
1949 if (result > BRIDGE_MAX_BELIEVABLE_BANDWIDTH)
1950 result = BRIDGE_MAX_BELIEVABLE_BANDWIDTH;
1951 else if (result < BRIDGE_MIN_BELIEVABLE_BANDWIDTH)
1952 result = BRIDGE_MIN_BELIEVABLE_BANDWIDTH;
1953 return result;
1954 }
1955
1956 /** Return bw*1000, unless bw*1000 would overflow, in which case return
1957 * INT32_MAX. */
1958 static INLINE int32_t
1959 kb_to_bytes(uint32_t bw)
1960 {
1961 return (bw > (INT32_MAX/1000)) ? INT32_MAX : bw*1000;
1962 }
1963
1964 /** Helper function:
1965 * choose a random element of smartlist <b>sl</b> of nodes, weighted by
1966 * the advertised bandwidth of each element using the consensus
1967 * bandwidth weights.
1968 *
1969 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
1970 * nodes' bandwidth equally regardless of their Exit status, since there may
1971 * be some in the list because they exit to obscure ports. If
1972 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
1973 * exit-node's bandwidth less depending on the smallness of the fraction of
1974 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
1975 * guard node: consider all guard's bandwidth equally. Otherwise, weight
1976 * guards proportionally less.
1977 */
1978 static const node_t *
1979 smartlist_choose_node_by_bandwidth_weights(const smartlist_t *sl,
1980 bandwidth_weight_rule_t rule)
1981 {
1982 u64_dbl_t *bandwidths=NULL;
1983
1984 if (compute_weighted_bandwidths(sl, rule, &bandwidths) < 0)
1985 return NULL;
1986
1987 scale_array_elements_to_u64(bandwidths, smartlist_len(sl),
1988 &sl_last_total_weighted_bw);
1989
1990 {
1991 int idx = choose_array_element_by_weight(bandwidths,
1992 smartlist_len(sl));
1993 tor_free(bandwidths);
1994 return idx < 0 ? NULL : smartlist_get(sl, idx);
1995 }
1996 }
1997
1998 /** Given a list of routers and a weighting rule as in
1999 * smartlist_choose_node_by_bandwidth_weights, compute weighted bandwidth
2000 * values for each node and store them in a freshly allocated
2001 * *<b>bandwidths_out</b> of the same length as <b>sl</b>, and holding results
2002 * as doubles. Return 0 on success, -1 on failure. */
2003 static int
2004 compute_weighted_bandwidths(const smartlist_t *sl,
2005 bandwidth_weight_rule_t rule,
2006 u64_dbl_t **bandwidths_out)
2007 {
2008 int64_t weight_scale;
2009 double Wg = -1, Wm = -1, We = -1, Wd = -1;
2010 double Wgb = -1, Wmb = -1, Web = -1, Wdb = -1;
2011 uint64_t weighted_bw = 0;
2012 u64_dbl_t *bandwidths;
2013
2014 /* Can't choose exit and guard at same time */
2015 tor_assert(rule == NO_WEIGHTING ||
2016 rule == WEIGHT_FOR_EXIT ||
2017 rule == WEIGHT_FOR_GUARD ||
2018 rule == WEIGHT_FOR_MID ||
2019 rule == WEIGHT_FOR_DIR);
2020
2021 if (smartlist_len(sl) == 0) {
2022 log_info(LD_CIRC,
2023 "Empty routerlist passed in to consensus weight node "
2024 "selection for rule %s",
2025 bandwidth_weight_rule_to_string(rule));
2026 return -1;
2027 }
2028
2029 weight_scale = networkstatus_get_weight_scale_param(NULL);
2030
2031 if (rule == WEIGHT_FOR_GUARD) {
2032 Wg = networkstatus_get_bw_weight(NULL, "Wgg", -1);
2033 Wm = networkstatus_get_bw_weight(NULL, "Wgm", -1); /* Bridges */
2034 We = 0;
2035 Wd = networkstatus_get_bw_weight(NULL, "Wgd", -1);
2036
2037 Wgb = networkstatus_get_bw_weight(NULL, "Wgb", -1);
2038 Wmb = networkstatus_get_bw_weight(NULL, "Wmb", -1);
2039 Web = networkstatus_get_bw_weight(NULL, "Web", -1);
2040 Wdb = networkstatus_get_bw_weight(NULL, "Wdb", -1);
2041 } else if (rule == WEIGHT_FOR_MID) {
2042 Wg = networkstatus_get_bw_weight(NULL, "Wmg", -1);
2043 Wm = networkstatus_get_bw_weight(NULL, "Wmm", -1);
2044 We = networkstatus_get_bw_weight(NULL, "Wme", -1);
2045 Wd = networkstatus_get_bw_weight(NULL, "Wmd", -1);
2046
2047 Wgb = networkstatus_get_bw_weight(NULL, "Wgb", -1);
2048 Wmb = networkstatus_get_bw_weight(NULL, "Wmb", -1);
2049 Web = networkstatus_get_bw_weight(NULL, "Web", -1);
2050 Wdb = networkstatus_get_bw_weight(NULL, "Wdb", -1);
2051 } else if (rule == WEIGHT_FOR_EXIT) {
2052 // Guards CAN be exits if they have weird exit policies
2053 // They are d then I guess...
2054 We = networkstatus_get_bw_weight(NULL, "Wee", -1);
2055 Wm = networkstatus_get_bw_weight(NULL, "Wem", -1); /* Odd exit policies */
2056 Wd = networkstatus_get_bw_weight(NULL, "Wed", -1);
2057 Wg = networkstatus_get_bw_weight(NULL, "Weg", -1); /* Odd exit policies */
2058
2059 Wgb = networkstatus_get_bw_weight(NULL, "Wgb", -1);
2060 Wmb = networkstatus_get_bw_weight(NULL, "Wmb", -1);
2061 Web = networkstatus_get_bw_weight(NULL, "Web", -1);
2062 Wdb = networkstatus_get_bw_weight(NULL, "Wdb", -1);
2063 } else if (rule == WEIGHT_FOR_DIR) {
2064 We = networkstatus_get_bw_weight(NULL, "Wbe", -1);
2065 Wm = networkstatus_get_bw_weight(NULL, "Wbm", -1);
2066 Wd = networkstatus_get_bw_weight(NULL, "Wbd", -1);
2067 Wg = networkstatus_get_bw_weight(NULL, "Wbg", -1);
2068
2069 Wgb = Wmb = Web = Wdb = weight_scale;
2070 } else if (rule == NO_WEIGHTING) {
2071 Wg = Wm = We = Wd = weight_scale;
2072 Wgb = Wmb = Web = Wdb = weight_scale;
2073 }
2074
2075 if (Wg < 0 || Wm < 0 || We < 0 || Wd < 0 || Wgb < 0 || Wmb < 0 || Wdb < 0
2076 || Web < 0) {
2077 log_debug(LD_CIRC,
2078 "Got negative bandwidth weights. Defaulting to old selection"
2079 " algorithm.");
2080 return -1; // Use old algorithm.
2081 }
2082
2083 Wg /= weight_scale;
2084 Wm /= weight_scale;
2085 We /= weight_scale;
2086 Wd /= weight_scale;
2087
2088 Wgb /= weight_scale;
2089 Wmb /= weight_scale;
2090 Web /= weight_scale;
2091 Wdb /= weight_scale;
2092
2093 bandwidths = tor_malloc_zero(sizeof(u64_dbl_t)*smartlist_len(sl));
2094
2095 // Cycle through smartlist and total the bandwidth.
2096 SMARTLIST_FOREACH_BEGIN(sl, const node_t *, node) {
2097 int is_exit = 0, is_guard = 0, is_dir = 0, this_bw = 0, is_me = 0;
2098 double weight = 1;
2099 is_exit = node->is_exit && ! node->is_bad_exit;
2100 is_guard = node->is_possible_guard;
2101 is_dir = node_is_dir(node);
2102 if (node->rs) {
2103 if (!node->rs->has_bandwidth) {
2104 tor_free(bandwidths);
2105 /* This should never happen, unless all the authorites downgrade
2106 * to 0.2.0 or rogue routerstatuses get inserted into our consensus. */
2107 log_warn(LD_BUG,
2108 "Consensus is not listing bandwidths. Defaulting back to "
2109 "old router selection algorithm.");
2110 return -1;
2111 }
2112 this_bw = kb_to_bytes(node->rs->bandwidth_kb);
2113 } else if (node->ri) {
2114 /* bridge or other descriptor not in our consensus */
2115 this_bw = bridge_get_advertised_bandwidth_bounded(node->ri);
2116 } else {
2117 /* We can't use this one. */
2118 continue;
2119 }
2120 is_me = router_digest_is_me(node->identity);
2121
2122 if (is_guard && is_exit) {
2123 weight = (is_dir ? Wdb*Wd : Wd);
2124 } else if (is_guard) {
2125 weight = (is_dir ? Wgb*Wg : Wg);
2126 } else if (is_exit) {
2127 weight = (is_dir ? Web*We : We);
2128 } else { // middle
2129 weight = (is_dir ? Wmb*Wm : Wm);
2130 }
2131 /* These should be impossible; but overflows here would be bad, so let's
2132 * make sure. */
2133 if (this_bw < 0)
2134 this_bw = 0;
2135 if (weight < 0.0)
2136 weight = 0.0;
2137
2138 bandwidths[node_sl_idx].dbl = weight*this_bw + 0.5;
2139 if (is_me)
2140 sl_last_weighted_bw_of_me = (uint64_t) bandwidths[node_sl_idx].dbl;
2141 } SMARTLIST_FOREACH_END(node);
2142
2143 log_debug(LD_CIRC, "Generated weighted bandwidths for rule %s based "
2144 "on weights "
2145 "Wg=%f Wm=%f We=%f Wd=%f with total bw "U64_FORMAT,
2146 bandwidth_weight_rule_to_string(rule),
2147 Wg, Wm, We, Wd, U64_PRINTF_ARG(weighted_bw));
2148
2149 *bandwidths_out = bandwidths;
2150
2151 return 0;
2152 }
2153
2154 /** For all nodes in <b>sl</b>, return the fraction of those nodes, weighted
2155 * by their weighted bandwidths with rule <b>rule</b>, for which we have
2156 * descriptors. */
2157 double
2158 frac_nodes_with_descriptors(const smartlist_t *sl,
2159 bandwidth_weight_rule_t rule)
2160 {
2161 u64_dbl_t *bandwidths = NULL;
2162 double total, present;
2163
2164 if (smartlist_len(sl) == 0)
2165 return 0.0;
2166
2167 if (compute_weighted_bandwidths(sl, rule, &bandwidths) < 0) {
2168 int n_with_descs = 0;
2169 SMARTLIST_FOREACH(sl, const node_t *, node, {
2170 if (node_has_descriptor(node))
2171 n_with_descs++;
2172 });
2173 return ((double)n_with_descs) / (double)smartlist_len(sl);
2174 }
2175
2176 total = present = 0.0;
2177 SMARTLIST_FOREACH_BEGIN(sl, const node_t *, node) {
2178 const double bw = bandwidths[node_sl_idx].dbl;
2179 total += bw;
2180 if (node_has_descriptor(node))
2181 present += bw;
2182 } SMARTLIST_FOREACH_END(node);
2183
2184 tor_free(bandwidths);
2185
2186 if (total < 1.0)
2187 return 0;
2188
2189 return present / total;
2190 }
2191
2192 /** Helper function:
2193 * choose a random node_t element of smartlist <b>sl</b>, weighted by
2194 * the advertised bandwidth of each element.
2195 *
2196 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
2197 * nodes' bandwidth equally regardless of their Exit status, since there may
2198 * be some in the list because they exit to obscure ports. If
2199 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
2200 * exit-node's bandwidth less depending on the smallness of the fraction of
2201 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
2202 * guard node: consider all guard's bandwidth equally. Otherwise, weight
2203 * guards proportionally less.
2204 */
2205 static const node_t *
2206 smartlist_choose_node_by_bandwidth(const smartlist_t *sl,
2207 bandwidth_weight_rule_t rule)
2208 {
2209 unsigned int i;
2210 u64_dbl_t *bandwidths;
2211 int is_exit;
2212 int is_guard;
2213 int is_fast;
2214 double total_nonexit_bw = 0, total_exit_bw = 0;
2215 double total_nonguard_bw = 0, total_guard_bw = 0;
2216 double exit_weight;
2217 double guard_weight;
2218 int n_unknown = 0;
2219 bitarray_t *fast_bits;
2220 bitarray_t *exit_bits;
2221 bitarray_t *guard_bits;
2222 int me_idx = -1;
2223
2224 // This function does not support WEIGHT_FOR_DIR
2225 // or WEIGHT_FOR_MID
2226 if (rule == WEIGHT_FOR_DIR || rule == WEIGHT_FOR_MID) {
2227 rule = NO_WEIGHTING;
2228 }
2229
2230 /* Can't choose exit and guard at same time */
2231 tor_assert(rule == NO_WEIGHTING ||
2232 rule == WEIGHT_FOR_EXIT ||
2233 rule == WEIGHT_FOR_GUARD);
2234
2235 if (smartlist_len(sl) == 0) {
2236 log_info(LD_CIRC,
2237 "Empty routerlist passed in to old node selection for rule %s",
2238 bandwidth_weight_rule_to_string(rule));
2239 return NULL;
2240 }
2241
2242 /* First count the total bandwidth weight, and make a list
2243 * of each value. We use UINT64_MAX to indicate "unknown". */
2244 bandwidths = tor_malloc_zero(sizeof(u64_dbl_t)*smartlist_len(sl));
2245 fast_bits = bitarray_init_zero(smartlist_len(sl));
2246 exit_bits = bitarray_init_zero(smartlist_len(sl));
2247 guard_bits = bitarray_init_zero(smartlist_len(sl));
2248
2249 /* Iterate over all the routerinfo_t or routerstatus_t, and */
2250 SMARTLIST_FOREACH_BEGIN(sl, const node_t *, node) {
2251 /* first, learn what bandwidth we think i has */
2252 int is_known = 1;
2253 uint32_t this_bw = 0;
2254 i = node_sl_idx;
2255
2256 if (router_digest_is_me(node->identity))
2257 me_idx = node_sl_idx;
2258
2259 is_exit = node->is_exit;
2260 is_guard = node->is_possible_guard;
2261 if (node->rs) {
2262 if (node->rs->has_bandwidth) {
2263 this_bw = kb_to_bytes(node->rs->bandwidth_kb);
2264 } else { /* guess */
2265 is_known = 0;
2266 }
2267 } else if (node->ri) {
2268 /* Must be a bridge if we're willing to use it */
2269 this_bw = bridge_get_advertised_bandwidth_bounded(node->ri);
2270 }
2271
2272 if (is_exit)
2273 bitarray_set(exit_bits, i);
2274 if (is_guard)
2275 bitarray_set(guard_bits, i);
2276 if (node->is_fast)
2277 bitarray_set(fast_bits, i);
2278
2279 if (is_known) {
2280 bandwidths[i].dbl = this_bw;
2281 if (is_guard)
2282 total_guard_bw += this_bw;
2283 else
2284 total_nonguard_bw += this_bw;
2285 if (is_exit)
2286 total_exit_bw += this_bw;
2287 else
2288 total_nonexit_bw += this_bw;
2289 } else {
2290 ++n_unknown;
2291 bandwidths[i].dbl = -1.0;
2292 }
2293 } SMARTLIST_FOREACH_END(node);
2294
2295 #define EPSILON .1
2296
2297 /* Now, fill in the unknown values. */
2298 if (n_unknown) {
2299 int32_t avg_fast, avg_slow;
2300 if (total_exit_bw+total_nonexit_bw < EPSILON) {
2301 /* if there's some bandwidth, there's at least one known router,
2302 * so no worries about div by 0 here */
2303 int n_known = smartlist_len(sl)-n_unknown;
2304 avg_fast = avg_slow = (int32_t)
2305 ((total_exit_bw+total_nonexit_bw)/((uint64_t) n_known));
2306 } else {
2307 avg_fast = 40000;
2308 avg_slow = 20000;
2309 }
2310 for (i=0; i<(unsigned)smartlist_len(sl); ++i) {
2311 if (bandwidths[i].dbl >= 0.0)
2312 continue;
2313 is_fast = bitarray_is_set(fast_bits, i);
2314 is_exit = bitarray_is_set(exit_bits, i);
2315 is_guard = bitarray_is_set(guard_bits, i);
2316 bandwidths[i].dbl = is_fast ? avg_fast : avg_slow;
2317 if (is_exit)
2318 total_exit_bw += bandwidths[i].dbl;
2319 else
2320 total_nonexit_bw += bandwidths[i].dbl;
2321 if (is_guard)
2322 total_guard_bw += bandwidths[i].dbl;
2323 else
2324 total_nonguard_bw += bandwidths[i].dbl;
2325 }
2326 }
2327
2328 /* If there's no bandwidth at all, pick at random. */
2329 if (total_exit_bw+total_nonexit_bw < EPSILON) {
2330 tor_free(bandwidths);
2331 tor_free(fast_bits);
2332 tor_free(exit_bits);
2333 tor_free(guard_bits);
2334 return smartlist_choose(sl);
2335 }
2336
2337 /* Figure out how to weight exits and guards */
2338 {
2339 double all_bw = U64_TO_DBL(total_exit_bw+total_nonexit_bw);
2340 double exit_bw = U64_TO_DBL(total_exit_bw);
2341 double guard_bw = U64_TO_DBL(total_guard_bw);
2342 /*
2343 * For detailed derivation of this formula, see
2344 * http://archives.seul.org/or/dev/Jul-2007/msg00056.html
2345 */
2346 if (rule == WEIGHT_FOR_EXIT || total_exit_bw<EPSILON)
2347 exit_weight = 1.0;
2348 else
2349 exit_weight = 1.0 - all_bw/(3.0*exit_bw);
2350
2351 if (rule == WEIGHT_FOR_GUARD || total_guard_bw<EPSILON)
2352 guard_weight = 1.0;
2353 else
2354 guard_weight = 1.0 - all_bw/(3.0*guard_bw);
2355
2356 if (exit_weight <= 0.0)
2357 exit_weight = 0.0;
2358
2359 if (guard_weight <= 0.0)
2360 guard_weight = 0.0;
2361
2362 sl_last_weighted_bw_of_me = 0;
2363 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
2364 tor_assert(bandwidths[i].dbl >= 0.0);
2365
2366 is_exit = bitarray_is_set(exit_bits, i);
2367 is_guard = bitarray_is_set(guard_bits, i);
2368 if (is_exit && is_guard)
2369 bandwidths[i].dbl *= exit_weight * guard_weight;
2370 else if (is_guard)
2371 bandwidths[i].dbl *= guard_weight;
2372 else if (is_exit)
2373 bandwidths[i].dbl *= exit_weight;
2374
2375 if (i == (unsigned) me_idx)
2376 sl_last_weighted_bw_of_me = (uint64_t) bandwidths[i].dbl;
2377 }
2378 }
2379
2380 #if 0
2381 log_debug(LD_CIRC, "Total weighted bw = "U64_FORMAT
2382 ", exit bw = "U64_FORMAT
2383 ", nonexit bw = "U64_FORMAT", exit weight = %f "
2384 "(for exit == %d)"
2385 ", guard bw = "U64_FORMAT
2386 ", nonguard bw = "U64_FORMAT", guard weight = %f "
2387 "(for guard == %d)",
2388 U64_PRINTF_ARG(total_bw),
2389 U64_PRINTF_ARG(total_exit_bw), U64_PRINTF_ARG(total_nonexit_bw),
2390 exit_weight, (int)(rule == WEIGHT_FOR_EXIT),
2391 U64_PRINTF_ARG(total_guard_bw), U64_PRINTF_ARG(total_nonguard_bw),
2392 guard_weight, (int)(rule == WEIGHT_FOR_GUARD));
2393 #endif
2394
2395 scale_array_elements_to_u64(bandwidths, smartlist_len(sl),
2396 &sl_last_total_weighted_bw);
2397
2398 {
2399 int idx = choose_array_element_by_weight(bandwidths,
2400 smartlist_len(sl));
2401 tor_free(bandwidths);
2402 tor_free(fast_bits);
2403 tor_free(exit_bits);
2404 tor_free(guard_bits);
2405 return idx < 0 ? NULL : smartlist_get(sl, idx);
2406 }
2407 }
2408
2409 /** Choose a random element of status list <b>sl</b>, weighted by
2410 * the advertised bandwidth of each node */
2411 const node_t *
2412 node_sl_choose_by_bandwidth(const smartlist_t *sl,
2413 bandwidth_weight_rule_t rule)
2414 { /*XXXX MOVE */
2415 const node_t *ret;
2416 if ((ret = smartlist_choose_node_by_bandwidth_weights(sl, rule))) {
2417 return ret;
2418 } else {
2419 return smartlist_choose_node_by_bandwidth(sl, rule);
2420 }
2421 }
2422
2423 /** Return a random running node from the nodelist. Never
2424 * pick a node that is in
2425 * <b>excludedsmartlist</b>, or which matches <b>excludedset</b>,
2426 * even if they are the only nodes available.
2427 * If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
2428 * a minimum uptime, return one of those.
2429 * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
2430 * advertised capacity of each router.
2431 * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
2432 * routers.
2433 * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
2434 * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
2435 * picking an exit node, otherwise we weight bandwidths for picking a relay
2436 * node (that is, possibly discounting exit nodes).
2437 * If <b>CRN_NEED_DESC</b> is set in flags, we only consider nodes that
2438 * have a routerinfo or microdescriptor -- that is, enough info to be
2439 * used to build a circuit.
2440 */
2441 const node_t *
2442 router_choose_random_node(smartlist_t *excludedsmartlist,
2443 routerset_t *excludedset,
2444 router_crn_flags_t flags)
2445 { /* XXXX MOVE */
2446 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
2447 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
2448 const int need_guard = (flags & CRN_NEED_GUARD) != 0;
2449 const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
2450 const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
2451 const int need_desc = (flags & CRN_NEED_DESC) != 0;
2452
2453 smartlist_t *sl=smartlist_new(),
2454 *excludednodes=smartlist_new();
2455 const node_t *choice = NULL;
2456 const routerinfo_t *r;
2457 bandwidth_weight_rule_t rule;
2458
2459 tor_assert(!(weight_for_exit && need_guard));
2460 rule = weight_for_exit ? WEIGHT_FOR_EXIT :
2461 (need_guard ? WEIGHT_FOR_GUARD : WEIGHT_FOR_MID);
2462
2463 /* Exclude relays that allow single hop exit circuits, if the user
2464 * wants to (such relays might be risky) */
2465 if (get_options()->ExcludeSingleHopRelays) {
2466 SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
2467 if (node_allows_single_hop_exits(node)) {
2468 smartlist_add(excludednodes, node);
2469 });
2470 }
2471
2472 if ((r = routerlist_find_my_routerinfo()))
2473 routerlist_add_node_and_family(excludednodes, r);
2474
2475 router_add_running_nodes_to_smartlist(sl, allow_invalid,
2476 need_uptime, need_capacity,
2477 need_guard, need_desc);
2478 smartlist_subtract(sl,excludednodes);
2479 if (excludedsmartlist)
2480 smartlist_subtract(sl,excludedsmartlist);
2481 if (excludedset)
2482 routerset_subtract_nodes(sl,excludedset);
2483
2484 // Always weight by bandwidth
2485 choice = node_sl_choose_by_bandwidth(sl, rule);
2486
2487 smartlist_free(sl);
2488 if (!choice && (need_uptime || need_capacity || need_guard)) {
2489 /* try once more -- recurse but with fewer restrictions. */
2490 log_info(LD_CIRC,
2491 "We couldn't find any live%s%s%s routers; falling back "
2492 "to list of all routers.",
2493 need_capacity?", fast":"",
2494 need_uptime?", stable":"",
2495 need_guard?", guard":"");
2496 flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
2497 choice = router_choose_random_node(
2498 excludedsmartlist, excludedset, flags);
2499 }
2500 smartlist_free(excludednodes);
2501 if (!choice) {
2502 log_warn(LD_CIRC,
2503 "No available nodes when trying to choose node. Failing.");
2504 }
2505 return choice;
2506 }
2507
2508 /** Helper: given an extended nickname in <b>hexdigest</b> try to decode it.
2509 * Return 0 on success, -1 on failure. Store the result into the
2510 * DIGEST_LEN-byte buffer at <b>digest_out</b>, the single character at
2511 * <b>nickname_qualifier_char_out</b>, and the MAXNICKNAME_LEN+1-byte buffer
2512 * at <b>nickname_out</b>.
2513 *
2514 * The recognized format is:
2515 * HexName = Dollar? HexDigest NamePart?
2516 * Dollar = '?'
2517 * HexDigest = HexChar*20
2518 * HexChar = 'a'..'f' | 'A'..'F' | '0'..'9'
2519 * NamePart = QualChar Name
2520 * QualChar = '=' | '~'
2521 * Name = NameChar*(1..MAX_NICKNAME_LEN)
2522 * NameChar = Any ASCII alphanumeric character
2523 */
2524 int
2525 hex_digest_nickname_decode(const char *hexdigest,
2526 char *digest_out,
2527 char *nickname_qualifier_char_out,
2528 char *nickname_out)
2529 {
2530 size_t len;
2531
2532 tor_assert(hexdigest);
2533 if (hexdigest[0] == '$')
2534 ++hexdigest;
2535
2536 len = strlen(hexdigest);
2537 if (len < HEX_DIGEST_LEN) {
2538 return -1;
2539 } else if (len > HEX_DIGEST_LEN && (hexdigest[HEX_DIGEST_LEN] == '=' ||
2540 hexdigest[HEX_DIGEST_LEN] == '~') &&
2541 len <= HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN) {
2542 *nickname_qualifier_char_out = hexdigest[HEX_DIGEST_LEN];
2543 strlcpy(nickname_out, hexdigest+HEX_DIGEST_LEN+1 , MAX_NICKNAME_LEN+1);
2544 } else if (len == HEX_DIGEST_LEN) {
2545 ;
2546 } else {
2547 return -1;
2548 }
2549
2550 if (base16_decode(digest_out, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
2551 return -1;
2552 return 0;
2553 }
2554
2555 /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
2556 * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
2557 * (which is optionally prefixed with a single dollar sign). Return false if
2558 * <b>hexdigest</b> is malformed, or it doesn't match. */
2559 int
2560 hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest,
2561 const char *nickname, int is_named)
2562 {
2563 char digest[DIGEST_LEN];
2564 char nn_char='\0';
2565 char nn_buf[MAX_NICKNAME_LEN+1];
2566
2567 if (hex_digest_nickname_decode(hexdigest, digest, &nn_char, nn_buf) == -1)
2568 return 0;
2569
2570 if (nn_char == '=' || nn_char == '~') {
2571 if (!nickname)
2572 return 0;
2573 if (strcasecmp(nn_buf, nickname))
2574 return 0;
2575 if (nn_char == '=' && !is_named)
2576 return 0;
2577 }
2578
2579 return tor_memeq(digest, identity_digest, DIGEST_LEN);
2580 }
2581
2582 /** Return true iff <b>router</b> is listed as named in the current
2583 * consensus. */
2584 int
2585 router_is_named(const routerinfo_t *router)
2586 {
2587 const char *digest =
2588 networkstatus_get_router_digest_by_nickname(router->nickname);
2589
2590 return (digest &&
2591 tor_memeq(digest, router->cache_info.identity_digest, DIGEST_LEN));
2592 }
2593
2594 /** Return true iff <b>digest</b> is the digest of the identity key of a
2595 * trusted directory matching at least one bit of <b>type</b>. If <b>type</b>
2596 * is zero, any authority is okay. */
2597 int
2598 router_digest_is_trusted_dir_type(const char *digest, dirinfo_type_t type)
2599 {
2600 if (!trusted_dir_servers)
2601 return 0;
2602 if (authdir_mode(get_options()) && router_digest_is_me(digest))
2603 return 1;
2604 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ent,
2605 if (tor_memeq(digest, ent->digest, DIGEST_LEN)) {
2606 return (!type) || ((type & ent->type) != 0);
2607 });
2608 return 0;
2609 }
2610
2611 /** Return true iff <b>addr</b> is the address of one of our trusted
2612 * directory authorities. */
2613 int
2614 router_addr_is_trusted_dir(uint32_t addr)
2615 {
2616 if (!trusted_dir_servers)
2617 return 0;
2618 SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ent,
2619 if (ent->addr == addr)
2620 return 1;
2621 );
2622 return 0;
2623 }
2624
2625 /** If hexdigest is correctly formed, base16_decode it into
2626 * digest, which must have DIGEST_LEN space in it.
2627 * Return 0 on success, -1 on failure.
2628 */
2629 int
2630 hexdigest_to_digest(const char *hexdigest, char *digest)
2631 {
2632 if (hexdigest[0]=='$')
2633 ++hexdigest;
2634 if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2635 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
2636 return -1;
2637 return 0;
2638 }
2639
2640 /** As router_get_by_id_digest,but return a pointer that you're allowed to
2641 * modify */
2642 routerinfo_t *
2643 router_get_mutable_by_digest(const char *digest)
2644 {
2645 tor_assert(digest);
2646
2647 if (!routerlist) return NULL;
2648
2649 // routerlist_assert_ok(routerlist);
2650
2651 return rimap_get(routerlist->identity_map, digest);
2652 }
2653
2654 /** Return the router in our routerlist whose 20-byte key digest
2655 * is <b>digest</b>. Return NULL if no such router is known. */
2656 const routerinfo_t *
2657 router_get_by_id_digest(const char *digest)
2658 {
2659 return router_get_mutable_by_digest(digest);
2660 }
2661
2662 /** Return the router in our routerlist whose 20-byte descriptor
2663 * is <b>digest</b>. Return NULL if no such router is known. */
2664 signed_descriptor_t *
2665 router_get_by_descriptor_digest(const char *digest)
2666 {
2667 tor_assert(digest);
2668
2669 if (!routerlist) return NULL;
2670
2671 return sdmap_get(routerlist->desc_digest_map, digest);
2672 }
2673
2674 /** Return the signed descriptor for the router in our routerlist whose
2675 * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
2676 * is known. */
2677 signed_descriptor_t *
2678 router_get_by_extrainfo_digest(const char *digest)
2679 {
2680 tor_assert(digest);
2681
2682 if (!routerlist) return NULL;
2683
2684 return sdmap_get(routerlist->desc_by_eid_map, digest);
2685 }
2686
2687 /** Return the signed descriptor for the extrainfo_t in our routerlist whose
2688 * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
2689 * document is known. */
2690 signed_descriptor_t *
2691 extrainfo_get_by_descriptor_digest(const char *digest)
2692 {
2693 extrainfo_t *ei;
2694 tor_assert(digest);
2695 if (!routerlist) return NULL;
2696 ei = eimap_get(routerlist->extra_info_map, digest);
2697 return ei ? &ei->cache_info : NULL;
2698 }
2699
2700 /** Return a pointer to the signed textual representation of a descriptor.
2701 * The returned string is not guaranteed to be NUL-terminated: the string's
2702 * length will be in desc-\>signed_descriptor_len.
2703 *
2704 * If <b>with_annotations</b> is set, the returned string will include
2705 * the annotations
2706 * (if any) preceding the descriptor. This will increase the length of the
2707 * string by desc-\>annotations_len.
2708 *
2709 * The caller must not free the string returned.
2710 */
2711 static const char *
2712 signed_descriptor_get_body_impl(const signed_descriptor_t *desc,
2713 int with_annotations)
2714 {
2715 const char *r = NULL;
2716 size_t len = desc->signed_descriptor_len;
2717 off_t offset = desc->saved_offset;
2718 if (with_annotations)
2719 len += desc->annotations_len;
2720 else
2721 offset += desc->annotations_len;
2722
2723 tor_assert(len > 32);
2724 if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
2725 desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
2726 if (store && store->mmap) {
2727 tor_assert(desc->saved_offset + len <= store->mmap->size);
2728 r = store->mmap->data + offset;
2729 } else if (store) {
2730 log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
2731 "mmaped in our cache. Is another process running in our data "
2732 "directory? Exiting.");
2733 exit(1);
2734 }
2735 }
2736 if (!r) /* no mmap, or not in cache. */
2737 r = desc->signed_descriptor_body +
2738 (with_annotations ? 0 : desc->annotations_len);
2739
2740 tor_assert(r);
2741 if (!with_annotations) {
2742 if (fast_memcmp("router ", r, 7) && fast_memcmp("extra-info ", r, 11)) {
2743 char *cp = tor_strndup(r, 64);
2744 log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
2745 "Is another process running in our data directory? Exiting.",
2746 desc, escaped(cp));
2747 exit(1);
2748 }
2749 }
2750
2751 return r;
2752 }
2753
2754 /** Return a pointer to the signed textual representation of a descriptor.
2755 * The returned string is not guaranteed to be NUL-terminated: the string's
2756 * length will be in desc-\>signed_descriptor_len.
2757 *
2758 * The caller must not free the string returned.
2759 */
2760 const char *
2761 signed_descriptor_get_body(const signed_descriptor_t *desc)
2762 {
2763 return signed_descriptor_get_body_impl(desc, 0);
2764 }
2765
2766 /** As signed_descriptor_get_body(), but points to the beginning of the
2767 * annotations section rather than the beginning of the descriptor. */
2768 const char *
2769 signed_descriptor_get_annotations(const signed_descriptor_t *desc)
2770 {
2771 return signed_descriptor_get_body_impl(desc, 1);
2772 }
2773
2774 /** Return the current list of all known routers. */
2775 routerlist_t *
2776 router_get_routerlist(void)
2777 {
2778 if (PREDICT_UNLIKELY(!routerlist)) {
2779 routerlist = tor_malloc_zero(sizeof(routerlist_t));
2780 routerlist->routers = smartlist_new();
2781 routerlist->old_routers = smartlist_new();
2782 routerlist->identity_map = rimap_new();
2783 routerlist->desc_digest_map = sdmap_new();
2784 routerlist->desc_by_eid_map = sdmap_new();
2785 routerlist->extra_info_map = eimap_new();
2786
2787 routerlist->desc_store.fname_base = "cached-descriptors";
2788 routerlist->desc_store.fname_alt_base = "cached-routers";
2789 routerlist->extrainfo_store.fname_base = "cached-extrainfo";
2790
2791 routerlist->desc_store.type = ROUTER_STORE;
2792 routerlist->extrainfo_store.type = EXTRAINFO_STORE;
2793
2794 routerlist->desc_store.description = "router descriptors";
2795 routerlist->extrainfo_store.description = "extra-info documents";
2796 }
2797 return routerlist;
2798 }
2799
2800 /** Free all storage held by <b>router</b>. */
2801 void
2802 routerinfo_free(routerinfo_t *router)
2803 {
2804 if (!router)
2805 return;
2806
2807 tor_free(router->cache_info.signed_descriptor_body);
2808 tor_free(router->address);
2809 tor_free(router->nickname);
2810 tor_free(router->platform);
2811 tor_free(router->contact_info);
2812 if (router->onion_pkey)
2813 crypto_pk_free(router->onion_pkey);
2814 tor_free(router->onion_curve25519_pkey);
2815 if (router->identity_pkey)
2816 crypto_pk_free(router->identity_pkey);
2817 if (router->declared_family) {
2818 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
2819 smartlist_free(router->declared_family);
2820 }
2821 addr_policy_list_free(router->exit_policy);
2822 short_policy_free(router->ipv6_exit_policy);
2823
2824 memset(router, 77, sizeof(routerinfo_t));
2825
2826 tor_free(router);
2827 }
2828
2829 /** Release all storage held by <b>extrainfo</b> */
2830 void
2831 extrainfo_free(extrainfo_t *extrainfo)
2832 {
2833 if (!extrainfo)
2834 return;
2835 tor_free(extrainfo->cache_info.signed_descriptor_body);
2836 tor_free(extrainfo->pending_sig);
2837
2838 memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
2839 tor_free(extrainfo);
2840 }
2841
2842 /** Release storage held by <b>sd</b>. */
2843 static void
2844 signed_descriptor_free(signed_descriptor_t *sd)
2845 {
2846 if (!sd)
2847 return;
2848
2849 tor_free(sd->signed_descriptor_body);
2850
2851 memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
2852 tor_free(sd);
2853 }
2854
2855 /** Extract a signed_descriptor_t from a general routerinfo, and free the
2856 * routerinfo.
2857 */
2858 static signed_descriptor_t *
2859 signed_descriptor_from_routerinfo(routerinfo_t *ri)
2860 {
2861 signed_descriptor_t *sd;
2862 tor_assert(ri->purpose == ROUTER_PURPOSE_GENERAL);
2863 sd = tor_malloc_zero(sizeof(signed_descriptor_t));
2864 memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t));
2865 sd->routerlist_index = -1;
2866 ri->cache_info.signed_descriptor_body = NULL;
2867 routerinfo_free(ri);
2868 return sd;
2869 }
2870
2871 /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
2872 static void
2873 extrainfo_free_(void *e)
2874 {
2875 extrainfo_free(e);
2876 }
2877
2878 /** Free all storage held by a routerlist <b>rl</b>. */
2879 void
2880 routerlist_free(routerlist_t *rl)
2881 {
2882 if (!rl)
2883 return;
2884 rimap_free(rl->identity_map, NULL);
2885 sdmap_free(rl->desc_digest_map, NULL);
2886 sdmap_free(rl->desc_by_eid_map, NULL);
2887 eimap_free(rl->extra_info_map, extrainfo_free_);
2888 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2889 routerinfo_free(r));
2890 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
2891 signed_descriptor_free(sd));
2892 smartlist_free(rl->routers);
2893 smartlist_free(rl->old_routers);
2894 if (routerlist->desc_store.mmap)
2895 tor_munmap_file(routerlist->desc_store.mmap);
2896 if (routerlist->extrainfo_store.mmap)
2897 tor_munmap_file(routerlist->extrainfo_store.mmap);
2898 tor_free(rl);
2899
2900 router_dir_info_changed();
2901 }
2902
2903 /** Log information about how much memory is being used for routerlist,
2904 * at log level <b>severity</b>. */
2905 void
2906 dump_routerlist_mem_usage(int severity)
2907 {
2908 uint64_t livedescs = 0;
2909 uint64_t olddescs = 0;
2910 if (!routerlist)
2911 return;
2912 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
2913 livedescs += r->cache_info.signed_descriptor_len);
2914 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2915 olddescs += sd->signed_descriptor_len);
2916
2917 tor_log(severity, LD_DIR,
2918 "In %d live descriptors: "U64_FORMAT" bytes. "
2919 "In %d old descriptors: "U64_FORMAT" bytes.",
2920 smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
2921 smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
2922 }
2923
2924 /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
2925 * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
2926 * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
2927 * is not in <b>sl</b>. */
2928 static INLINE int
2929 routerlist_find_elt_(smartlist_t *sl, void *ri, int idx)
2930 {
2931 if (idx < 0) {
2932 idx = -1;
2933 SMARTLIST_FOREACH(sl, routerinfo_t *, r,
2934 if (r == ri) {
2935 idx = r_sl_idx;
2936 break;
2937 });
2938 } else {
2939 tor_assert(idx < smartlist_len(sl));
2940 tor_assert(smartlist_get(sl, idx) == ri);
2941 };
2942 return idx;
2943 }
2944
2945 /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
2946 * as needed. There must be no previous member of <b>rl</b> with the same
2947 * identity digest as <b>ri</b>: If there is, call routerlist_replace
2948 * instead.
2949 */
2950 static void
2951 routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
2952 {
2953 routerinfo_t *ri_old;
2954 signed_descriptor_t *sd_old;
2955 {
2956 const routerinfo_t *ri_generated = router_get_my_routerinfo();
2957 tor_assert(ri_generated != ri);
2958 }
2959 tor_assert(ri->cache_info.routerlist_index == -1);
2960
2961 ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
2962 tor_assert(!ri_old);
2963
2964 sd_old = sdmap_set(rl->desc_digest_map,
2965 ri->cache_info.signed_descriptor_digest,
2966 &(ri->cache_info));
2967 if (sd_old) {
2968 int idx = sd_old->routerlist_index;
2969 sd_old->routerlist_index = -1;
2970 smartlist_del(rl->old_routers, idx);
2971 if (idx < smartlist_len(rl->old_routers)) {
2972 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
2973 d->routerlist_index = idx;
2974 }
2975 rl->desc_store.bytes_dropped += sd_old->signed_descriptor_len;
2976 sdmap_remove(rl->desc_by_eid_map, sd_old->extra_info_digest);
2977 signed_descriptor_free(sd_old);
2978 }
2979
2980 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2981 sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
2982 &ri->cache_info);
2983 smartlist_add(rl->routers, ri);
2984 ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
2985 nodelist_set_routerinfo(ri, NULL);
2986 router_dir_info_changed();
2987 #ifdef DEBUG_ROUTERLIST
2988 routerlist_assert_ok(rl);
2989 #endif
2990 }
2991
2992 /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
2993 * corresponding router in rl-\>routers or rl-\>old_routers. Return true iff
2994 * we actually inserted <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
2995 static int
2996 extrainfo_insert(routerlist_t *rl, extrainfo_t *ei)
2997 {
2998 int r = 0;
2999 routerinfo_t *ri = rimap_get(rl->identity_map,
3000 ei->cache_info.identity_digest);
3001 signed_descriptor_t *sd =
3002 sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
3003 extrainfo_t *ei_tmp;
3004
3005 {
3006 extrainfo_t *ei_generated = router_get_my_extrainfo();
3007 tor_assert(ei_generated != ei);
3008 }
3009
3010 if (!ri) {
3011 /* This router is unknown; we can't even verify the signature. Give up.*/
3012 goto done;
3013 }
3014 if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, NULL)) {
3015 goto done;
3016 }
3017
3018 /* Okay, if we make it here, we definitely have a router corresponding to
3019 * this extrainfo. */
3020
3021 ei_tmp = eimap_set(rl->extra_info_map,
3022 ei->cache_info.signed_descriptor_digest,
3023 ei);
3024 r = 1;
3025 if (ei_tmp) {
3026 rl->extrainfo_store.bytes_dropped +=
3027 ei_tmp->cache_info.signed_descriptor_len;
3028 extrainfo_free(ei_tmp);
3029 }
3030
3031 done:
3032 if (r == 0)
3033 extrainfo_free(ei);
3034
3035 #ifdef DEBUG_ROUTERLIST
3036 routerlist_assert_ok(rl);
3037 #endif
3038 return r;
3039 }
3040
3041 #define should_cache_old_descriptors() \
3042 directory_caches_dir_info(get_options())
3043
3044 /** If we're a directory cache and routerlist <b>rl</b> doesn't have
3045 * a copy of router <b>ri</b> yet, add it to the list of old (not
3046 * recommended but still served) descriptors. Else free it. */
3047 static void
3048 routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
3049 {
3050 {
3051 const routerinfo_t *ri_generated = router_get_my_routerinfo();
3052 tor_assert(ri_generated != ri);
3053 }
3054 tor_assert(ri->cache_info.routerlist_index == -1);
3055
3056 if (should_cache_old_descriptors() &&
3057 ri->purpose == ROUTER_PURPOSE_GENERAL &&
3058 !sdmap_get(rl->desc_digest_map,
3059 ri->cache_info.signed_descriptor_digest)) {
3060 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
3061 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
3062 smartlist_add(rl->old_routers, sd);
3063 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
3064 if (!tor_digest_is_zero(sd->extra_info_digest))
3065 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
3066 } else {
3067 routerinfo_free(ri);
3068 }
3069 #ifdef DEBUG_ROUTERLIST
3070 routerlist_assert_ok(rl);
3071 #endif
3072 }
3073
3074 /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
3075 * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl-&gt;routers,
3076 * idx) == ri, we don't need to do a linear search over the list to decide
3077 * which to remove. We fill the gap in rl-&gt;routers with a later element in
3078 * the list, if any exists. <b>ri</b> is freed.
3079 *
3080 * If <b>make_old</b> is true, instead of deleting the router, we try adding
3081 * it to rl-&gt;old_routers. */
3082 void
3083 routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
3084 {
3085 routerinfo_t *ri_tmp;
3086 extrainfo_t *ei_tmp;
3087 int idx = ri->cache_info.routerlist_index;
3088 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
3089 tor_assert(smartlist_get(rl->routers, idx) == ri);
3090
3091 nodelist_remove_routerinfo(ri);
3092
3093 /* make sure the rephist module knows that it's not running */
3094 rep_hist_note_router_unreachable(ri->cache_info.identity_digest, now);
3095
3096 ri->cache_info.routerlist_index = -1;
3097 smartlist_del(rl->routers, idx);
3098 if (idx < smartlist_len(rl->routers)) {
3099 routerinfo_t *r = smartlist_get(rl->routers, idx);
3100 r->cache_info.routerlist_index = idx;
3101 }
3102
3103 ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
3104 router_dir_info_changed();
3105 tor_assert(ri_tmp == ri);
3106
3107 if (make_old && should_cache_old_descriptors() &&
3108 ri->purpose == ROUTER_PURPOSE_GENERAL) {
3109 signed_descriptor_t *sd;
3110 sd = signed_descriptor_from_routerinfo(ri);
3111 smartlist_add(rl->old_routers, sd);
3112 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
3113 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
3114 if (!tor_digest_is_zero(sd->extra_info_digest))
3115 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
3116 } else {
3117 signed_descriptor_t *sd_tmp;
3118 sd_tmp = sdmap_remove(rl->desc_digest_map,
3119 ri->cache_info.signed_descriptor_digest);
3120 tor_assert(sd_tmp == &(ri->cache_info));
3121 rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
3122 ei_tmp = eimap_remove(rl->extra_info_map,
3123 ri->cache_info.extra_info_digest);
3124 if (ei_tmp) {
3125 rl->extrainfo_store.bytes_dropped +=
3126 ei_tmp->cache_info.signed_descriptor_len;
3127 extrainfo_free(ei_tmp);
3128 }
3129 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
3130 sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
3131 routerinfo_free(ri);
3132 }
3133 #ifdef DEBUG_ROUTERLIST
3134 routerlist_assert_ok(rl);
3135 #endif
3136 }
3137
3138 /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
3139 * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
3140 * <b>sd</b>. */
3141 static void
3142 routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
3143 {
3144 signed_descriptor_t *sd_tmp;
3145 extrainfo_t *ei_tmp;
3146 desc_store_t *store;
3147 if (idx == -1) {
3148 idx = sd->routerlist_index;
3149 }
3150 tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
3151 /* XXXX edmanm's bridge relay triggered the following assert while
3152 * running 0.2.0.12-alpha. If anybody triggers this again, see if we
3153 * can get a backtrace. */
3154 tor_assert(smartlist_get(rl->old_routers, idx) == sd);
3155 tor_assert(idx == sd->routerlist_index);
3156
3157 sd->routerlist_index = -1;
3158 smartlist_del(rl->old_routers, idx);
3159 if (idx < smartlist_len(rl->old_routers)) {
3160 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
3161 d->routerlist_index = idx;
3162 }
3163 sd_tmp = sdmap_remove(rl->desc_digest_map,
3164 sd->signed_descriptor_digest);
3165 tor_assert(sd_tmp == sd);
3166 store = desc_get_store(rl, sd);
3167 if (store)
3168 store->bytes_dropped += sd->signed_descriptor_len;
3169
3170 ei_tmp = eimap_remove(rl->extra_info_map,
3171 sd->extra_info_digest);
3172 if (ei_tmp) {
3173 rl->extrainfo_store.bytes_dropped +=
3174 ei_tmp->cache_info.signed_descriptor_len;
3175 extrainfo_free(ei_tmp);
3176 }
3177 if (!tor_digest_is_zero(sd->extra_info_digest))
3178 sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
3179
3180 signed_descriptor_free(sd);
3181 #ifdef DEBUG_ROUTERLIST
3182 routerlist_assert_ok(rl);
3183 #endif
3184 }
3185
3186 /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
3187 * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
3188 * smartlist_get(rl-&gt;routers, idx) == ri, we don't need to do a linear
3189 * search over the list to decide which to remove. We put ri_new in the same
3190 * index as ri_old, if possible. ri is freed as appropriate.
3191 *
3192 * If should_cache_descriptors() is true, instead of deleting the router,
3193 * we add it to rl-&gt;old_routers. */
3194 static void
3195 routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
3196 routerinfo_t *ri_new)
3197 {
3198 int idx;
3199 int same_descriptors;
3200
3201 routerinfo_t *ri_tmp;
3202 extrainfo_t *ei_tmp;
3203 {
3204 const routerinfo_t *ri_generated = router_get_my_routerinfo();
3205 tor_assert(ri_generated != ri_new);
3206 }
3207 tor_assert(ri_old != ri_new);
3208 tor_assert(ri_new->cache_info.routerlist_index == -1);
3209
3210 idx = ri_old->cache_info.routerlist_index;
3211 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
3212 tor_assert(smartlist_get(rl->routers, idx) == ri_old);
3213
3214 {
3215 routerinfo_t *ri_old_tmp=NULL;
3216 nodelist_set_routerinfo(ri_new, &ri_old_tmp);
3217 tor_assert(ri_old == ri_old_tmp);
3218 }
3219
3220 router_dir_info_changed();
3221 if (idx >= 0) {
3222 smartlist_set(rl->routers, idx, ri_new);
3223 ri_old->cache_info.routerlist_index = -1;
3224 ri_new->cache_info.routerlist_index = idx;
3225 /* Check that ri_old is not in rl->routers anymore: */
3226 tor_assert( routerlist_find_elt_(rl->routers, ri_old, -1) == -1 );
3227 } else {
3228 log_warn(LD_BUG, "Appending entry from routerlist_replace.");
3229 routerlist_insert(rl, ri_new);
3230 return;
3231 }
3232 if (tor_memneq(ri_old->cache_info.identity_digest,
3233 ri_new->cache_info.identity_digest, DIGEST_LEN)) {
3234 /* digests don't match; digestmap_set won't replace */
3235 rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
3236 }
3237 ri_tmp = rimap_set(rl->identity_map,
3238 ri_new->cache_info.identity_digest, ri_new);
3239 tor_assert(!ri_tmp || ri_tmp == ri_old);
3240 sdmap_set(rl->desc_digest_map,
3241 ri_new->cache_info.signed_descriptor_digest,
3242 &(ri_new->cache_info));
3243
3244 if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
3245 sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
3246 &ri_new->cache_info);
3247 }
3248
3249 same_descriptors = tor_memeq(ri_old->cache_info.signed_descriptor_digest,
3250 ri_new->cache_info.signed_descriptor_digest,
3251 DIGEST_LEN);
3252
3253 if (should_cache_old_descriptors() &&
3254 ri_old->purpose == ROUTER_PURPOSE_GENERAL &&
3255 !same_descriptors) {
3256 /* ri_old is going to become a signed_descriptor_t and go into
3257 * old_routers */
3258 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
3259 smartlist_add(rl->old_routers, sd);
3260 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
3261 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
3262 if (!tor_digest_is_zero(sd->extra_info_digest))
3263 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
3264 } else {
3265 /* We're dropping ri_old. */
3266 if (!same_descriptors) {
3267 /* digests don't match; The sdmap_set above didn't replace */
3268 sdmap_remove(rl->desc_digest_map,
3269 ri_old->cache_info.signed_descriptor_digest);
3270
3271 if (tor_memneq(ri_old->cache_info.extra_info_digest,
3272 ri_new->cache_info.extra_info_digest, DIGEST_LEN)) {
3273 ei_tmp = eimap_remove(rl->extra_info_map,
3274 ri_old->cache_info.extra_info_digest);
3275 if (ei_tmp) {
3276 rl->extrainfo_store.bytes_dropped +=
3277 ei_tmp->cache_info.signed_descriptor_len;
3278 extrainfo_free(ei_tmp);
3279 }
3280 }
3281
3282 if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
3283 sdmap_remove(rl->desc_by_eid_map,
3284 ri_old->cache_info.extra_info_digest);
3285 }
3286 }
3287 rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
3288 routerinfo_free(ri_old);
3289 }
3290 #ifdef DEBUG_ROUTERLIST
3291 routerlist_assert_ok(rl);
3292 #endif
3293 }
3294
3295 /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
3296 * it as a fresh routerinfo_t. */
3297 static routerinfo_t *
3298 routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
3299 {
3300 routerinfo_t *ri;
3301 const char *body;
3302
3303 body = signed_descriptor_get_annotations(sd);
3304
3305 ri = router_parse_entry_from_string(body,
3306 body+sd->signed_descriptor_len+sd->annotations_len,
3307 0, 1, NULL);
3308 if (!ri)
3309 return NULL;
3310 memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
3311 sd->signed_descriptor_body = NULL; /* Steal reference. */
3312 ri->cache_info.routerlist_index = -1;
3313
3314 routerlist_remove_old(rl, sd, -1);
3315
3316 return ri;
3317 }
3318
3319 /** Free all memory held by the routerlist module. */
3320 void
3321 routerlist_free_all(void)
3322 {
3323 routerlist_free(routerlist);
3324 routerlist = NULL;
3325 if (warned_nicknames) {
3326 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
3327 smartlist_free(warned_nicknames);
3328 warned_nicknames = NULL;
3329 }
3330 clear_dir_servers();
3331 smartlist_free(trusted_dir_servers);
3332 smartlist_free(fallback_dir_servers);
3333 trusted_dir_servers = fallback_dir_servers = NULL;
3334 if (trusted_dir_certs) {
3335 digestmap_free(trusted_dir_certs, cert_list_free_);
3336 trusted_dir_certs = NULL;
3337 }
3338 }
3339
3340 /** Forget that we have issued any router-related warnings, so that we'll
3341 * warn again if we see the same errors. */
3342 void
3343 routerlist_reset_warnings(void)
3344 {
3345 if (!warned_nicknames)
3346 warned_nicknames = smartlist_new();
3347 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
3348 smartlist_clear(warned_nicknames); /* now the list is empty. */
3349
3350 networkstatus_reset_warnings();
3351 }
3352
3353 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
3354 * older entries (if any) with the same key. Note: Callers should not hold
3355 * their pointers to <b>router</b> if this function fails; <b>router</b>
3356 * will either be inserted into the routerlist or freed. Similarly, even
3357 * if this call succeeds, they should not hold their pointers to
3358 * <b>router</b> after subsequent calls with other routerinfo's -- they
3359 * might cause the original routerinfo to get freed.
3360 *
3361 * Returns the status for the operation. Might set *<b>msg</b> if it wants
3362 * the poster of the router to know something.
3363 *
3364 * If <b>from_cache</b>, this descriptor came from our disk cache. If
3365 * <b>from_fetch</b>, we received it in response to a request we made.
3366 * (If both are false, that means it was uploaded to us as an auth dir
3367 * server or via the controller.)
3368 *
3369 * This function should be called *after*
3370 * routers_update_status_from_consensus_networkstatus; subsequently, you
3371 * should call router_rebuild_store and routerlist_descriptors_added.
3372 */
3373 was_router_added_t
3374 router_add_to_routerlist(routerinfo_t *router, const char **msg,
3375 int from_cache, int from_fetch)
3376 {
3377 const char *id_digest;
3378 const or_options_t *options = get_options();
3379 int authdir = authdir_mode_handles_descs(options, router->purpose);
3380 int authdir_believes_valid = 0;
3381 routerinfo_t *old_router;
3382 networkstatus_t *consensus =
3383 networkstatus_get_latest_consensus_by_flavor(FLAV_NS);
3384 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3385 int in_consensus = 0;
3386
3387 tor_assert(msg);
3388
3389 if (!routerlist)
3390 router_get_routerlist();
3391
3392 id_digest = router->cache_info.identity_digest;
3393
3394 old_router = router_get_mutable_by_digest(id_digest);
3395
3396 /* Make sure that we haven't already got this exact descriptor. */
3397 if (sdmap_get(routerlist->desc_digest_map,
3398 router->cache_info.signed_descriptor_digest)) {
3399 /* If we have this descriptor already and the new descriptor is a bridge
3400 * descriptor, replace it. If we had a bridge descriptor before and the
3401 * new one is not a bridge descriptor, don't replace it. */
3402
3403 /* Only members of routerlist->identity_map can be bridges; we don't
3404 * put bridges in old_routers. */
3405 const int was_bridge = old_router &&
3406 old_router->purpose == ROUTER_PURPOSE_BRIDGE;
3407
3408 if (routerinfo_is_a_configured_bridge(router) &&
3409 router->purpose == ROUTER_PURPOSE_BRIDGE &&
3410 !was_bridge) {
3411 log_info(LD_DIR, "Replacing non-bridge descriptor with bridge "
3412 "descriptor for router %s",
3413 router_describe(router));
3414 } else {
3415 log_info(LD_DIR,
3416 "Dropping descriptor that we already have for router %s",
3417 router_describe(router));
3418 *msg = "Router descriptor was not new.";
3419 routerinfo_free(router);
3420 return ROUTER_WAS_NOT_NEW;
3421 }
3422 }
3423
3424 if (authdir) {
3425 if (authdir_wants_to_reject_router(router, msg,
3426 !from_cache && !from_fetch,
3427 &authdir_believes_valid)) {
3428 tor_assert(*msg);
3429 routerinfo_free(router);
3430 return ROUTER_AUTHDIR_REJECTS;
3431 }
3432 } else if (from_fetch) {
3433 /* Only check the descriptor digest against the network statuses when
3434 * we are receiving in response to a fetch. */
3435
3436 if (!signed_desc_digest_is_recognized(&router->cache_info) &&
3437 !routerinfo_is_a_configured_bridge(router)) {
3438 /* We asked for it, so some networkstatus must have listed it when we
3439 * did. Save it if we're a cache in case somebody else asks for it. */
3440 log_info(LD_DIR,
3441 "Received a no-longer-recognized descriptor for router %s",
3442 router_describe(router));
3443 *msg = "Router descriptor is not referenced by any network-status.";
3444
3445 /* Only journal this desc if we'll be serving it. */
3446 if (!from_cache && should_cache_old_descriptors())
3447 signed_desc_append_to_journal(&router->cache_info,
3448 &routerlist->desc_store);
3449 routerlist_insert_old(routerlist, router);
3450 return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
3451 }
3452 }
3453
3454 /* We no longer need a router with this descriptor digest. */
3455 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3456 {
3457 routerstatus_t *rs =
3458 networkstatus_v2_find_mutable_entry(ns, id_digest);
3459 if (rs && tor_memeq(rs->descriptor_digest,
3460 router->cache_info.signed_descriptor_digest,
3461 DIGEST_LEN))
3462 rs->need_to_mirror = 0;
3463 });
3464 if (consensus) {
3465 routerstatus_t *rs = networkstatus_vote_find_mutable_entry(
3466 consensus, id_digest);
3467 if (rs && tor_memeq(rs->descriptor_digest,
3468 router->cache_info.signed_descriptor_digest,
3469 DIGEST_LEN)) {
3470 in_consensus = 1;
3471 rs->need_to_mirror = 0;
3472 }
3473 }
3474
3475 if (router->purpose == ROUTER_PURPOSE_GENERAL &&
3476 consensus && !in_consensus && !authdir) {
3477 /* If it's a general router not listed in the consensus, then don't
3478 * consider replacing the latest router with it. */
3479 if (!from_cache && should_cache_old_descriptors())
3480 signed_desc_append_to_journal(&router->cache_info,
3481 &routerlist->desc_store);
3482 routerlist_insert_old(routerlist, router);
3483 *msg = "Skipping router descriptor: not in consensus.";
3484 return ROUTER_NOT_IN_CONSENSUS;
3485 }
3486
3487 /* If we're reading a bridge descriptor from our cache, and we don't
3488 * recognize it as one of our currently configured bridges, drop the
3489 * descriptor. Otherwise we could end up using it as one of our entry
3490 * guards even if it isn't in our Bridge config lines. */
3491 if (router->purpose == ROUTER_PURPOSE_BRIDGE && from_cache &&
3492 !authdir_mode_bridge(options) &&
3493 !routerinfo_is_a_configured_bridge(router)) {
3494 log_info(LD_DIR, "Dropping bridge descriptor for %s because we have "
3495 "no bridge configured at that address.",
3496 safe_str_client(router_describe(router)));
3497 *msg = "Router descriptor was not a configured bridge.";
3498 routerinfo_free(router);
3499 return ROUTER_WAS_NOT_WANTED;
3500 }
3501
3502 /* If we have a router with the same identity key, choose the newer one. */
3503 if (old_router) {
3504 if (!in_consensus && (router->cache_info.published_on <=
3505 old_router->cache_info.published_on)) {
3506 /* Same key, but old. This one is not listed in the consensus. */
3507 log_debug(LD_DIR, "Not-new descriptor for router %s",
3508 router_describe(router));
3509 /* Only journal this desc if we'll be serving it. */
3510 if (!from_cache && should_cache_old_descriptors())
3511 signed_desc_append_to_journal(&router->cache_info,
3512 &routerlist->desc_store);
3513 routerlist_insert_old(routerlist, router);
3514 *msg = "Router descriptor was not new.";
3515 return ROUTER_WAS_NOT_NEW;
3516 } else {
3517 /* Same key, and either new, or listed in the consensus. */
3518 log_debug(LD_DIR, "Replacing entry for router %s",
3519 router_describe(router));
3520 routerlist_replace(routerlist, old_router, router);
3521 if (!from_cache) {
3522 signed_desc_append_to_journal(&router->cache_info,
3523 &routerlist->desc_store);
3524 }
3525 directory_set_dirty();
3526 *msg = authdir_believes_valid ? "Valid server updated" :
3527 ("Invalid server updated. (This dirserver is marking your "
3528 "server as unapproved.)");
3529 return ROUTER_ADDED_SUCCESSFULLY;
3530 }
3531 }
3532
3533 if (!in_consensus && from_cache &&
3534 router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
3535 *msg = "Router descriptor was really old.";
3536 routerinfo_free(router);
3537 return ROUTER_WAS_NOT_NEW;
3538 }
3539
3540 /* We haven't seen a router with this identity before. Add it to the end of
3541 * the list. */
3542 routerlist_insert(routerlist, router);
3543 if (!from_cache) {
3544 signed_desc_append_to_journal(&router->cache_info,
3545 &routerlist->desc_store);
3546 }
3547 directory_set_dirty();
3548 return ROUTER_ADDED_SUCCESSFULLY;
3549 }
3550
3551 /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
3552 * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
3553 * we actually inserted it, ROUTER_BAD_EI otherwise.
3554 */
3555 was_router_added_t
3556 router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
3557 int from_cache, int from_fetch)
3558 {
3559 int inserted;
3560 (void)from_fetch;
3561 if (msg) *msg = NULL;
3562 /*XXXX023 Do something with msg */
3563
3564 inserted = extrainfo_insert(router_get_routerlist(), ei);
3565
3566 if (inserted && !from_cache)
3567 signed_desc_append_to_journal(&ei->cache_info,
3568 &routerlist->extrainfo_store);
3569
3570 if (inserted)
3571 return ROUTER_ADDED_SUCCESSFULLY;
3572 else
3573 return ROUTER_BAD_EI;
3574 }
3575
3576 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
3577 * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
3578 * to, or later than that of *<b>b</b>. */
3579 static int
3580 compare_old_routers_by_identity_(const void **_a, const void **_b)
3581 {
3582 int i;
3583 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
3584 if ((i = fast_memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
3585 return i;
3586 return (int)(r1->published_on - r2->published_on);
3587 }
3588
3589 /** Internal type used to represent how long an old descriptor was valid,
3590 * where it appeared in the list of old descriptors, and whether it's extra
3591 * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
3592 struct duration_idx_t {
3593 int duration;
3594 int idx;
3595 int old;
3596 };
3597
3598 /** Sorting helper: compare two duration_idx_t by their duration. */
3599 static int
3600 compare_duration_idx_(const void *_d1, const void *_d2)
3601 {
3602 const struct duration_idx_t *d1 = _d1;
3603 const struct duration_idx_t *d2 = _d2;
3604 return d1->duration - d2->duration;
3605 }
3606
3607 /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
3608 * must contain routerinfo_t with the same identity and with publication time
3609 * in ascending order. Remove members from this range until there are no more
3610 * than max_descriptors_per_router() remaining. Start by removing the oldest
3611 * members from before <b>cutoff</b>, then remove members which were current
3612 * for the lowest amount of time. The order of members of old_routers at
3613 * indices <b>lo</b> or higher may be changed.
3614 */
3615 static void
3616 routerlist_remove_old_cached_routers_with_id(time_t now,
3617 time_t cutoff, int lo, int hi,
3618 digestset_t *retain)
3619 {
3620 int i, n = hi-lo+1;
3621 unsigned n_extra, n_rmv = 0;
3622 struct duration_idx_t *lifespans;
3623 uint8_t *rmv, *must_keep;
3624 smartlist_t *lst = routerlist->old_routers;
3625 #if 1
3626 const char *ident;
3627 tor_assert(hi < smartlist_len(lst));
3628 tor_assert(lo <= hi);
3629 ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
3630 for (i = lo+1; i <= hi; ++i) {
3631 signed_descriptor_t *r = smartlist_get(lst, i);
3632 tor_assert(tor_memeq(ident, r->identity_digest, DIGEST_LEN));
3633 }
3634 #endif
3635 /* Check whether we need to do anything at all. */
3636 {
3637 int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
3638 if (n <= mdpr)
3639 return;
3640 n_extra = n - mdpr;
3641 }
3642
3643 lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
3644 rmv = tor_malloc_zero(sizeof(uint8_t)*n);
3645 must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
3646 /* Set lifespans to contain the lifespan and index of each server. */
3647 /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
3648 for (i = lo; i <= hi; ++i) {
3649 signed_descriptor_t *r = smartlist_get(lst, i);
3650 signed_descriptor_t *r_next;
3651 lifespans[i-lo].idx = i;
3652 if (r->last_listed_as_valid_until >= now ||
3653 (retain && digestset_contains(retain, r->signed_descriptor_digest))) {
3654 must_keep[i-lo] = 1;
3655 }
3656 if (i < hi) {
3657 r_next = smartlist_get(lst, i+1);
3658 tor_assert(r->published_on <= r_next->published_on);
3659 lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
3660 } else {
3661 r_next = NULL;
3662 lifespans[i-lo].duration = INT_MAX;
3663 }
3664 if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
3665 ++n_rmv;
3666 lifespans[i-lo].old = 1;
3667 rmv[i-lo] = 1;
3668 }
3669 }
3670
3671 if (n_rmv < n_extra) {
3672 /**
3673 * We aren't removing enough servers for being old. Sort lifespans by
3674 * the duration of liveness, and remove the ones we're not already going to
3675 * remove based on how long they were alive.
3676 **/
3677 qsort(lifespans, n, sizeof(struct duration_idx_t), compare_duration_idx_);
3678 for (i = 0; i < n && n_rmv < n_extra; ++i) {
3679 if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
3680 rmv[lifespans[i].idx-lo] = 1;
3681 ++n_rmv;
3682 }
3683 }
3684 }
3685
3686 i = hi;
3687 do {
3688 if (rmv[i-lo])
3689 routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
3690 } while (--i >= lo);
3691 tor_free(must_keep);
3692 tor_free(rmv);
3693 tor_free(lifespans);
3694 }
3695
3696 /** Deactivate any routers from the routerlist that are more than
3697 * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
3698 * remove old routers from the list of cached routers if we have too many.
3699 */
3700 void
3701 routerlist_remove_old_routers(void)
3702 {
3703 int i, hi=-1;
3704 const char *cur_id = NULL;
3705 time_t now = time(NULL);
3706 time_t cutoff;
3707 routerinfo_t *router;
3708 signed_descriptor_t *sd;
3709 digestset_t *retain;
3710 int caches = directory_caches_dir_info(get_options());
3711 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
3712 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3713 int have_enough_v2;
3714 const or_options_t *options = get_options();
3715
3716 trusted_dirs_remove_old_certs();
3717
3718 if (!routerlist || !consensus)
3719 return;
3720
3721 // routerlist_assert_ok(routerlist);
3722
3723 /* We need to guess how many router descriptors we will wind up wanting to
3724 retain, so that we can be sure to allocate a large enough Bloom filter
3725 to hold the digest set. Overestimating is fine; underestimating is bad.
3726 */
3727 {
3728 /* We'll probably retain everything in the consensus. */
3729 int n_max_retain = smartlist_len(consensus->routerstatus_list);
3730 if (caches && networkstatus_v2_list) {
3731 /* If we care about v2 statuses, we'll retain at most as many as are
3732 listed any of the v2 statues. This will be at least the length of
3733 the largest v2 networkstatus, and in the worst case, this set will be
3734 equal to the sum of the lengths of all v2 consensuses. Take the
3735 worst case.
3736 */
3737 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3738 n_max_retain += smartlist_len(ns->entries));
3739 }
3740 retain = digestset_new(n_max_retain);
3741 }
3742
3743 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3744 /* Build a list of all the descriptors that _anybody_ lists. */
3745 if (caches && networkstatus_v2_list) {
3746 SMARTLIST_FOREACH_BEGIN(networkstatus_v2_list, networkstatus_v2_t *, ns) {
3747 /* XXXX The inner loop here gets pretty expensive, and actually shows up
3748 * on some profiles. It may be the reason digestmap_set shows up in
3749 * profiles too. If instead we kept a per-descriptor digest count of
3750 * how many networkstatuses recommended each descriptor, and changed
3751 * that only when the networkstatuses changed, that would be a speed
3752 * improvement, possibly 1-4% if it also removes digestmap_set from the
3753 * profile. Not worth it for 0.1.2.x, though. The new directory
3754 * system will obsolete this whole thing in 0.2.0.x. */
3755 SMARTLIST_FOREACH_BEGIN(ns->entries, routerstatus_t *, rs) {
3756 if (rs->published_on >= cutoff)
3757 digestset_add(retain, rs->descriptor_digest);
3758 } SMARTLIST_FOREACH_END(rs);
3759 } SMARTLIST_FOREACH_END(ns);
3760 }
3761
3762 /* Retain anything listed in the consensus. */
3763 if (consensus) {
3764 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
3765 if (rs->published_on >= cutoff)
3766 digestset_add(retain, rs->descriptor_digest));
3767 }
3768
3769 /* If we have a consensus, and nearly as many v2 networkstatuses as we want,
3770 * we should consider pruning current routers that are too old and that
3771 * nobody recommends. (If we don't have a consensus or enough v2
3772 * networkstatuses, then we should get more before we decide to kill
3773 * routers.) */
3774 /* we set this to true iff we don't care about v2 info, or we have enough. */
3775 have_enough_v2 = !caches ||
3776 !(authdir_mode_any_main(options) || options->FetchV2Networkstatus) ||
3777 (networkstatus_v2_list &&
3778 smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
3779
3780 if (have_enough_v2 && consensus) {
3781 cutoff = now - ROUTER_MAX_AGE;
3782 /* Remove too-old unrecommended members of routerlist->routers. */
3783 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
3784 router = smartlist_get(routerlist->routers, i);
3785 if (router->cache_info.published_on <= cutoff &&
3786 router->cache_info.last_listed_as_valid_until < now &&
3787 !digestset_contains(retain,
3788 router->cache_info.signed_descriptor_digest)) {
3789 /* Too old: remove it. (If we're a cache, just move it into
3790 * old_routers.) */
3791 log_info(LD_DIR,
3792 "Forgetting obsolete (too old) routerinfo for router %s",
3793 router_describe(router));
3794 routerlist_remove(routerlist, router, 1, now);
3795 i--;
3796 }
3797 }
3798 }
3799
3800 //routerlist_assert_ok(routerlist);
3801
3802 /* Remove far-too-old members of routerlist->old_routers. */
3803 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3804 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3805 sd = smartlist_get(routerlist->old_routers, i);
3806 if (sd->published_on <= cutoff &&
3807 sd->last_listed_as_valid_until < now &&
3808 !digestset_contains(retain, sd->signed_descriptor_digest)) {
3809 /* Too old. Remove it. */
3810 routerlist_remove_old(routerlist, sd, i--);
3811 }
3812 }
3813
3814 //routerlist_assert_ok(routerlist);
3815
3816 log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
3817 smartlist_len(routerlist->routers),
3818 smartlist_len(routerlist->old_routers));
3819
3820 /* Now we might have to look at routerlist->old_routers for extraneous
3821 * members. (We'd keep all the members if we could, but we need to save
3822 * space.) First, check whether we have too many router descriptors, total.
3823 * We're okay with having too many for some given router, so long as the
3824 * total number doesn't approach max_descriptors_per_router()*len(router).
3825 */
3826 if (smartlist_len(routerlist->old_routers) <
3827 smartlist_len(routerlist->routers))
3828 goto done;
3829
3830 /* Sort by identity, then fix indices. */
3831 smartlist_sort(routerlist->old_routers, compare_old_routers_by_identity_);
3832 /* Fix indices. */
3833 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3834 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3835 r->routerlist_index = i;
3836 }
3837
3838 /* Iterate through the list from back to front, so when we remove descriptors
3839 * we don't mess up groups we haven't gotten to. */
3840 for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
3841 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3842 if (!cur_id) {
3843 cur_id = r->identity_digest;
3844 hi = i;
3845 }
3846 if (tor_memneq(cur_id, r->identity_digest, DIGEST_LEN)) {
3847 routerlist_remove_old_cached_routers_with_id(now,
3848 cutoff, i+1, hi, retain);
3849 cur_id = r->identity_digest;
3850 hi = i;
3851 }
3852 }
3853 if (hi>=0)
3854 routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
3855 //routerlist_assert_ok(routerlist);
3856
3857 done:
3858 digestset_free(retain);
3859 router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
3860 router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
3861 }
3862
3863 /** We just added a new set of descriptors. Take whatever extra steps
3864 * we need. */
3865 void
3866 routerlist_descriptors_added(smartlist_t *sl, int from_cache)
3867 {
3868 tor_assert(sl);
3869 control_event_descriptors_changed(sl);
3870 SMARTLIST_FOREACH_BEGIN(sl, routerinfo_t *, ri) {
3871 if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
3872 learned_bridge_descriptor(ri, from_cache);
3873 if (ri->needs_retest_if_added) {
3874 ri->needs_retest_if_added = 0;
3875 dirserv_single_reachability_test(approx_time(), ri);
3876 }
3877 } SMARTLIST_FOREACH_END(ri);
3878 }
3879
3880 /**
3881 * Code to parse a single router descriptor and insert it into the
3882 * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
3883 * descriptor was well-formed but could not be added; and 1 if the
3884 * descriptor was added.
3885 *
3886 * If we don't add it and <b>msg</b> is not NULL, then assign to
3887 * *<b>msg</b> a static string describing the reason for refusing the
3888 * descriptor.
3889 *
3890 * This is used only by the controller.
3891 */
3892 int
3893 router_load_single_router(const char *s, uint8_t purpose, int cache,
3894 const char **msg)
3895 {
3896 routerinfo_t *ri;
3897 was_router_added_t r;
3898 smartlist_t *lst;
3899 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
3900 tor_assert(msg);
3901 *msg = NULL;
3902
3903 tor_snprintf(annotation_buf, sizeof(annotation_buf),
3904 "@source controller\n"
3905 "@purpose %s\n", router_purpose_to_string(purpose));
3906
3907 if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
3908 log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
3909 *msg = "Couldn't parse router descriptor.";
3910 return -1;
3911 }
3912 tor_assert(ri->purpose == purpose);
3913 if (router_is_me(ri)) {
3914 log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
3915 *msg = "Router's identity key matches mine.";
3916 routerinfo_free(ri);
3917 return 0;
3918 }
3919
3920 if (!cache) /* obey the preference of the controller */
3921 ri->cache_info.do_not_cache = 1;
3922
3923 lst = smartlist_new();
3924 smartlist_add(lst, ri);
3925 routers_update_status_from_consensus_networkstatus(lst, 0);
3926
3927 r = router_add_to_routerlist(ri, msg, 0, 0);
3928 if (!WRA_WAS_ADDED(r)) {
3929 /* we've already assigned to *msg now, and ri is already freed */
3930 tor_assert(*msg);
3931 if (r == ROUTER_AUTHDIR_REJECTS)
3932 log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
3933 smartlist_free(lst);
3934 return 0;
3935 } else {
3936 routerlist_descriptors_added(lst, 0);
3937 smartlist_free(lst);
3938 log_debug(LD_DIR, "Added router to list");
3939 return 1;
3940 }
3941 }
3942
3943 /** Given a string <b>s</b> containing some routerdescs, parse it and put the
3944 * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
3945 * are in response to a query to the network: cache them by adding them to
3946 * the journal.
3947 *
3948 * Return the number of routers actually added.
3949 *
3950 * If <b>requested_fingerprints</b> is provided, it must contain a list of
3951 * uppercased fingerprints. Do not update any router whose
3952 * fingerprint is not on the list; after updating a router, remove its
3953 * fingerprint from the list.
3954 *
3955 * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
3956 * are descriptor digests. Otherwise they are identity digests.
3957 */
3958 int
3959 router_load_routers_from_string(const char *s, const char *eos,
3960 saved_location_t saved_location,
3961 smartlist_t *requested_fingerprints,
3962 int descriptor_digests,
3963 const char *prepend_annotations)
3964 {
3965 smartlist_t *routers = smartlist_new(), *changed = smartlist_new();
3966 char fp[HEX_DIGEST_LEN+1];
3967 const char *msg;
3968 int from_cache = (saved_location != SAVED_NOWHERE);
3969 int allow_annotations = (saved_location != SAVED_NOWHERE);
3970 int any_changed = 0;
3971
3972 router_parse_list_from_string(&s, eos, routers, saved_location, 0,
3973 allow_annotations, prepend_annotations);
3974
3975 routers_update_status_from_consensus_networkstatus(routers, !from_cache);
3976
3977 log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
3978
3979 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
3980 was_router_added_t r;
3981 char d[DIGEST_LEN];
3982 if (requested_fingerprints) {
3983 base16_encode(fp, sizeof(fp), descriptor_digests ?
3984 ri->cache_info.signed_descriptor_digest :
3985 ri->cache_info.identity_digest,
3986 DIGEST_LEN);
3987 if (smartlist_contains_string(requested_fingerprints, fp)) {
3988 smartlist_string_remove(requested_fingerprints, fp);
3989 } else {
3990 char *requested =
3991 smartlist_join_strings(requested_fingerprints," ",0,NULL);
3992 log_warn(LD_DIR,
3993 "We received a router descriptor with a fingerprint (%s) "
3994 "that we never requested. (We asked for: %s.) Dropping.",
3995 fp, requested);
3996 tor_free(requested);
3997 routerinfo_free(ri);
3998 continue;
3999 }
4000 }
4001
4002 memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
4003 r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
4004 if (WRA_WAS_ADDED(r)) {
4005 any_changed++;
4006 smartlist_add(changed, ri);
4007 routerlist_descriptors_added(changed, from_cache);
4008 smartlist_clear(changed);
4009 } else if (WRA_WAS_REJECTED(r)) {
4010 download_status_t *dl_status;
4011 dl_status = router_get_dl_status_by_descriptor_digest(d);
4012 if (dl_status) {
4013 log_info(LD_GENERAL, "Marking router %s as never downloadable",
4014 hex_str(d, DIGEST_LEN));
4015 download_status_mark_impossible(dl_status);
4016 }
4017 }
4018 } SMARTLIST_FOREACH_END(ri);
4019
4020 routerlist_assert_ok(routerlist);
4021
4022 if (any_changed)
4023 router_rebuild_store(0, &routerlist->desc_store);
4024
4025 smartlist_free(routers);
4026 smartlist_free(changed);
4027
4028 return any_changed;
4029 }
4030
4031 /** Parse one or more extrainfos from <b>s</b> (ending immediately before
4032 * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
4033 * router_load_routers_from_string(). */
4034 void
4035 router_load_extrainfo_from_string(const char *s, const char *eos,
4036 saved_location_t saved_location,
4037 smartlist_t *requested_fingerprints,
4038 int descriptor_digests)
4039 {
4040 smartlist_t *extrainfo_list = smartlist_new();
4041 const char *msg;
4042 int from_cache = (saved_location != SAVED_NOWHERE);
4043
4044 router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
4045 NULL);
4046
4047 log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
4048
4049 SMARTLIST_FOREACH_BEGIN(extrainfo_list, extrainfo_t *, ei) {
4050 was_router_added_t added =
4051 router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
4052 if (WRA_WAS_ADDED(added) && requested_fingerprints) {
4053 char fp[HEX_DIGEST_LEN+1];
4054 base16_encode(fp, sizeof(fp), descriptor_digests ?
4055 ei->cache_info.signed_descriptor_digest :
4056 ei->cache_info.identity_digest,
4057 DIGEST_LEN);
4058 smartlist_string_remove(requested_fingerprints, fp);
4059 /* We silently let people stuff us with extrainfos we didn't ask for,
4060 * so long as we would have wanted them anyway. Since we always fetch
4061 * all the extrainfos we want, and we never actually act on them
4062 * inside Tor, this should be harmless. */
4063 }
4064 } SMARTLIST_FOREACH_END(ei);
4065
4066 routerlist_assert_ok(routerlist);
4067 router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
4068
4069 smartlist_free(extrainfo_list);
4070 }
4071
4072 /** Return true iff any networkstatus includes a descriptor whose digest
4073 * is that of <b>desc</b>. */
4074 static int
4075 signed_desc_digest_is_recognized(signed_descriptor_t *desc)
4076 {
4077 const routerstatus_t *rs;
4078 networkstatus_t *consensus = networkstatus_get_latest_consensus();
4079 int caches = directory_caches_dir_info(get_options());
4080 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4081
4082 if (consensus) {
4083 rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
4084 if (rs && tor_memeq(rs->descriptor_digest,
4085 desc->signed_descriptor_digest, DIGEST_LEN))
4086 return 1;
4087 }
4088 if (caches && networkstatus_v2_list) {
4089 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
4090 {
4091 if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
4092 continue;
4093 if (tor_memeq(rs->descriptor_digest,
4094 desc->signed_descriptor_digest, DIGEST_LEN))
4095 return 1;
4096 });
4097 }
4098 return 0;
4099 }
4100
4101 /** Update downloads for router descriptors and/or microdescriptors as
4102 * appropriate. */
4103 void
4104 update_all_descriptor_downloads(time_t now)
4105 {
4106 if (get_options()->DisableNetwork)
4107 return;
4108 update_router_descriptor_downloads(now);
4109 update_microdesc_downloads(now);
4110 launch_dummy_descriptor_download_as_needed(now, get_options());
4111 }
4112
4113 /** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
4114 * give it all a try again. */
4115 void
4116 routerlist_retry_directory_downloads(time_t now)
4117 {
4118 router_reset_status_download_failures();
4119 router_reset_descriptor_download_failures();
4120 if (get_options()->DisableNetwork)
4121 return;
4122 update_networkstatus_downloads(now);
4123 update_all_descriptor_downloads(now);
4124 }
4125
4126 /** Return true iff <b>router</b> does not permit exit streams.
4127 */
4128 int
4129 router_exit_policy_rejects_all(const routerinfo_t *router)
4130 {
4131 return router->policy_is_reject_star;
4132 }
4133
4134 /** Create an directory server at <b>address</b>:<b>port</b>, with OR identity
4135 * key <b>digest</b>. If <b>address</b> is NULL, add ourself. If
4136 * <b>is_authority</b>, this is a directory authority. Return the new
4137 * directory server entry on success or NULL on failure. */
4138 static dir_server_t *
4139 dir_server_new(int is_authority,
4140 const char *nickname,
4141 const tor_addr_t *addr,
4142 const char *hostname,
4143 uint16_t dir_port, uint16_t or_port,
4144 const char *digest, const char *v3_auth_digest,
4145 dirinfo_type_t type,
4146 double weight)
4147 {
4148 dir_server_t *ent;
4149 uint32_t a;
4150 char *hostname_ = NULL;
4151
4152 if (weight < 0)
4153 return NULL;
4154
4155 if (tor_addr_family(addr) == AF_INET)
4156 a = tor_addr_to_ipv4h(addr);
4157 else
4158 return NULL; /*XXXX Support IPv6 */
4159
4160 if (!hostname)
4161 hostname_ = tor_dup_addr(addr);
4162 else
4163 hostname_ = tor_strdup(hostname);
4164
4165 ent = tor_malloc_zero(sizeof(dir_server_t));
4166 ent->nickname = nickname ? tor_strdup(nickname) : NULL;
4167 ent->address = hostname_;
4168 ent->addr = a;
4169 ent->dir_port = dir_port;
4170 ent->or_port = or_port;
4171 ent->is_running = 1;
4172 ent->is_authority = is_authority;
4173 ent->type = type;
4174 ent->weight = weight;
4175 memcpy(ent->digest, digest, DIGEST_LEN);
4176 if (v3_auth_digest && (type & V3_DIRINFO))
4177 memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
4178
4179 if (nickname)
4180 tor_asprintf(&ent->description, "directory server \"%s\" at %s:%d",
4181 nickname, hostname, (int)dir_port);
4182 else
4183 tor_asprintf(&ent->description, "directory server at %s:%d",
4184 hostname, (int)dir_port);
4185
4186 ent->fake_status.addr = ent->addr;
4187 memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
4188 if (nickname)
4189 strlcpy(ent->fake_status.nickname, nickname,
4190 sizeof(ent->fake_status.nickname));
4191 else
4192 ent->fake_status.nickname[0] = '\0';
4193 ent->fake_status.dir_port = ent->dir_port;
4194 ent->fake_status.or_port = ent->or_port;
4195
4196 return ent;
4197 }
4198
4199 /** Create an authoritative directory server at
4200 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. If
4201 * <b>address</b> is NULL, add ourself. Return the new trusted directory
4202 * server entry on success or NULL if we couldn't add it. */
4203 dir_server_t *
4204 trusted_dir_server_new(const char *nickname, const char *address,
4205 uint16_t dir_port, uint16_t or_port,
4206 const char *digest, const char *v3_auth_digest,
4207 dirinfo_type_t type, double weight)
4208 {
4209 uint32_t a;
4210 tor_addr_t addr;
4211 char *hostname=NULL;
4212 dir_server_t *result;
4213
4214 if (!address) { /* The address is us; we should guess. */
4215 if (resolve_my_address(LOG_WARN, get_options(),
4216 &a, NULL, &hostname) < 0) {
4217 log_warn(LD_CONFIG,
4218 "Couldn't find a suitable address when adding ourself as a "
4219 "trusted directory server.");
4220 return NULL;
4221 }
4222 if (!hostname)
4223 hostname = tor_dup_ip(a);
4224 } else {
4225 if (tor_lookup_hostname(address, &a)) {
4226 log_warn(LD_CONFIG,
4227 "Unable to lookup address for directory server at '%s'",
4228 address);
4229 return NULL;
4230 }
4231 hostname = tor_strdup(address);
4232 }
4233 tor_addr_from_ipv4h(&addr, a);
4234
4235 result = dir_server_new(1, nickname, &addr, hostname,
4236 dir_port, or_port, digest,
4237 v3_auth_digest, type, weight);
4238 tor_free(hostname);
4239 return result;
4240 }
4241
4242 /** Return a new dir_server_t for a fallback directory server at
4243 * <b>addr</b>:<b>or_port</b>/<b>dir_port</b>, with identity key digest
4244 * <b>id_digest</b> */
4245 dir_server_t *
4246 fallback_dir_server_new(const tor_addr_t *addr,
4247 uint16_t dir_port, uint16_t or_port,
4248 const char *id_digest, double weight)
4249 {
4250 return dir_server_new(0, NULL, addr, NULL, dir_port, or_port, id_digest,
4251 NULL, ALL_DIRINFO, weight);
4252 }
4253
4254 /** Add a directory server to the global list(s). */
4255 void
4256 dir_server_add(dir_server_t *ent)
4257 {
4258 if (!trusted_dir_servers)
4259 trusted_dir_servers = smartlist_new();
4260 if (!fallback_dir_servers)
4261 fallback_dir_servers = smartlist_new();
4262
4263 if (ent->is_authority)
4264 smartlist_add(trusted_dir_servers, ent);
4265
4266 smartlist_add(fallback_dir_servers, ent);
4267 router_dir_info_changed();
4268 }
4269
4270 /** Free storage held in <b>cert</b>. */
4271 void
4272 authority_cert_free(authority_cert_t *cert)
4273 {
4274 if (!cert)
4275 return;
4276
4277 tor_free(cert->cache_info.signed_descriptor_body);
4278 crypto_pk_free(cert->signing_key);
4279 crypto_pk_free(cert->identity_key);
4280
4281 tor_free(cert);
4282 }
4283
4284 /** Free storage held in <b>ds</b>. */
4285 static void
4286 dir_server_free(dir_server_t *ds)
4287 {
4288 if (!ds)
4289 return;
4290
4291 tor_free(ds->nickname);
4292 tor_free(ds->description);
4293 tor_free(ds->address);
4294 tor_free(ds);
4295 }
4296
4297 /** Remove all members from the list of dir servers. */
4298 void
4299 clear_dir_servers(void)
4300 {
4301 if (fallback_dir_servers) {
4302 SMARTLIST_FOREACH(fallback_dir_servers, dir_server_t *, ent,
4303 dir_server_free(ent));
4304 smartlist_clear(fallback_dir_servers);
4305 } else {
4306 fallback_dir_servers = smartlist_new();
4307 }
4308 if (trusted_dir_servers) {
4309 smartlist_clear(trusted_dir_servers);
4310 } else {
4311 trusted_dir_servers = smartlist_new();
4312 }
4313 router_dir_info_changed();
4314 }
4315
4316 /** For every current directory connection whose purpose is <b>purpose</b>,
4317 * and where the resource being downloaded begins with <b>prefix</b>, split
4318 * rest of the resource into base16 fingerprints (or base64 fingerprints if
4319 * purpose==DIR_PURPPOSE_FETCH_MICRODESC), decode them, and set the
4320 * corresponding elements of <b>result</b> to a nonzero value.
4321 */
4322 static void
4323 list_pending_downloads(digestmap_t *result,
4324 int purpose, const char *prefix)
4325 {
4326 const size_t p_len = strlen(prefix);
4327 smartlist_t *tmp = smartlist_new();
4328 smartlist_t *conns = get_connection_array();
4329 int flags = DSR_HEX;
4330 if (purpose == DIR_PURPOSE_FETCH_MICRODESC)
4331 flags = DSR_DIGEST256|DSR_BASE64;
4332
4333 tor_assert(result);
4334
4335 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
4336 if (conn->type == CONN_TYPE_DIR &&
4337 conn->purpose == purpose &&
4338 !conn->marked_for_close) {
4339 const char *resource = TO_DIR_CONN(conn)->requested_resource;
4340 if (!strcmpstart(resource, prefix))
4341 dir_split_resource_into_fingerprints(resource + p_len,
4342 tmp, NULL, flags);
4343 }
4344 } SMARTLIST_FOREACH_END(conn);
4345
4346 SMARTLIST_FOREACH(tmp, char *, d,
4347 {
4348 digestmap_set(result, d, (void*)1);
4349 tor_free(d);
4350 });
4351 smartlist_free(tmp);
4352 }
4353
4354 /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
4355 * true) we are currently downloading by descriptor digest, set result[d] to
4356 * (void*)1. */
4357 static void
4358 list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
4359 {
4360 int purpose =
4361 extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
4362 list_pending_downloads(result, purpose, "d/");
4363 }
4364
4365 /** For every microdescriptor we are currently downloading by descriptor
4366 * digest, set result[d] to (void*)1. (Note that microdescriptor digests
4367 * are 256-bit, and digestmap_t only holds 160-bit digests, so we're only
4368 * getting the first 20 bytes of each digest here.)
4369 *
4370 * XXXX Let there be a digestmap256_t, and use that instead.
4371 */
4372 void
4373 list_pending_microdesc_downloads(digestmap_t *result)
4374 {
4375 list_pending_downloads(result, DIR_PURPOSE_FETCH_MICRODESC, "d/");
4376 }
4377
4378 /** For every certificate we are currently downloading by (identity digest,
4379 * signing key digest) pair, set result[fp_pair] to (void *1).
4380 */
4381 static void
4382 list_pending_fpsk_downloads(fp_pair_map_t *result)
4383 {
4384 const char *pfx = "fp-sk/";
4385 smartlist_t *tmp;
4386 smartlist_t *conns;
4387 const char *resource;
4388
4389 tor_assert(result);
4390
4391 tmp = smartlist_new();
4392 conns = get_connection_array();
4393
4394 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
4395 if (conn->type == CONN_TYPE_DIR &&
4396 conn->purpose == DIR_PURPOSE_FETCH_CERTIFICATE &&
4397 !conn->marked_for_close) {
4398 resource = TO_DIR_CONN(conn)->requested_resource;
4399 if (!strcmpstart(resource, pfx))
4400 dir_split_resource_into_fingerprint_pairs(resource + strlen(pfx),
4401 tmp);
4402 }
4403 } SMARTLIST_FOREACH_END(conn);
4404
4405 SMARTLIST_FOREACH_BEGIN(tmp, fp_pair_t *, fp) {
4406 fp_pair_map_set(result, fp, (void*)1);
4407 tor_free(fp);
4408 } SMARTLIST_FOREACH_END(fp);
4409
4410 smartlist_free(tmp);
4411 }
4412
4413 /** Launch downloads for all the descriptors whose digests or digests256
4414 * are listed as digests[i] for lo <= i < hi. (Lo and hi may be out of
4415 * range.) If <b>source</b> is given, download from <b>source</b>;
4416 * otherwise, download from an appropriate random directory server.
4417 */
4418 static void
4419 initiate_descriptor_downloads(const routerstatus_t *source,
4420 int purpose,
4421 smartlist_t *digests,
4422 int lo, int hi, int pds_flags)
4423 {
4424 int i, n = hi-lo;
4425 char *resource, *cp;
4426 size_t r_len;
4427
4428 int digest_len = DIGEST_LEN, enc_digest_len = HEX_DIGEST_LEN;
4429 char sep = '+';
4430 int b64_256 = 0;
4431
4432 if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
4433 /* Microdescriptors are downloaded by "-"-separated base64-encoded
4434 * 256-bit digests. */
4435 digest_len = DIGEST256_LEN;
4436 enc_digest_len = BASE64_DIGEST256_LEN;
4437 sep = '-';
4438 b64_256 = 1;
4439 }
4440
4441 if (n <= 0)
4442 return;
4443 if (lo < 0)
4444 lo = 0;
4445 if (hi > smartlist_len(digests))
4446 hi = smartlist_len(digests);
4447
4448 r_len = 8 + (enc_digest_len+1)*n;
4449 cp = resource = tor_malloc(r_len);
4450 memcpy(cp, "d/", 2);
4451 cp += 2;
4452 for (i = lo; i < hi; ++i) {
4453 if (b64_256) {
4454 digest256_to_base64(cp, smartlist_get(digests, i));
4455 } else {
4456 base16_encode(cp, r_len-(cp-resource),
4457 smartlist_get(digests,i), digest_len);
4458 }
4459 cp += enc_digest_len;
4460 *cp++ = sep;
4461 }
4462 memcpy(cp-1, ".z", 3);
4463
4464 if (source) {
4465 /* We know which authority we want. */
4466 directory_initiate_command_routerstatus(source, purpose,
4467 ROUTER_PURPOSE_GENERAL,
4468 DIRIND_ONEHOP,
4469 resource, NULL, 0, 0);
4470 } else {
4471 directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
4472 pds_flags);
4473 }
4474 tor_free(resource);
4475 }
4476
4477 /** Max amount of hashes to download per request.
4478 * Since squid does not like URLs >= 4096 bytes we limit it to 96.
4479 * 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
4480 * 4058/41 (40 for the hash and 1 for the + that separates them) => 98
4481 * So use 96 because it's a nice number.
4482 */
4483 #define MAX_DL_PER_REQUEST 96
4484 #define MAX_MICRODESC_DL_PER_REQUEST 92
4485 /** Don't split our requests so finely that we are requesting fewer than
4486 * this number per server. */
4487 #define MIN_DL_PER_REQUEST 4
4488 /** To prevent a single screwy cache from confusing us by selective reply,
4489 * try to split our requests into at least this many requests. */
4490 #define MIN_REQUESTS 3
4491 /** If we want fewer than this many descriptors, wait until we
4492 * want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
4493 * passed. */
4494 #define MAX_DL_TO_DELAY 16
4495 /** When directory clients have only a few servers to request, they batch
4496 * them until they have more, or until this amount of time has passed. */
4497 #define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
4498
4499 /** Given a <b>purpose</b> (FETCH_MICRODESC or FETCH_SERVERDESC) and a list of
4500 * router descriptor digests or microdescriptor digest256s in
4501 * <b>downloadable</b>, decide whether to delay fetching until we have more.
4502 * If we don't want to delay, launch one or more requests to the appropriate
4503 * directory authorities.
4504 */
4505 void
4506 launch_descriptor_downloads(int purpose,
4507 smartlist_t *downloadable,
4508 const routerstatus_t *source, time_t now)
4509 {
4510 int should_delay = 0, n_downloadable;
4511 const or_options_t *options = get_options();
4512 const char *descname;
4513
4514 tor_assert(purpose == DIR_PURPOSE_FETCH_SERVERDESC ||
4515 purpose == DIR_PURPOSE_FETCH_MICRODESC);
4516
4517 descname = (purpose == DIR_PURPOSE_FETCH_SERVERDESC) ?
4518 "routerdesc" : "microdesc";
4519
4520 n_downloadable = smartlist_len(downloadable);
4521 if (!directory_fetches_dir_info_early(options)) {
4522 if (n_downloadable >= MAX_DL_TO_DELAY) {
4523 log_debug(LD_DIR,
4524 "There are enough downloadable %ss to launch requests.",
4525 descname);
4526 should_delay = 0;
4527 } else {
4528 should_delay = (last_descriptor_download_attempted +
4529 MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
4530 if (!should_delay && n_downloadable) {
4531 if (last_descriptor_download_attempted) {
4532 log_info(LD_DIR,
4533 "There are not many downloadable %ss, but we've "
4534 "been waiting long enough (%d seconds). Downloading.",
4535 descname,
4536 (int)(now-last_descriptor_download_attempted));
4537 } else {
4538 log_info(LD_DIR,
4539 "There are not many downloadable %ss, but we haven't "
4540 "tried downloading descriptors recently. Downloading.",
4541 descname);
4542 }
4543 }
4544 }
4545 }
4546
4547 if (! should_delay && n_downloadable) {
4548 int i, n_per_request;
4549 const char *req_plural = "", *rtr_plural = "";
4550 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4551 if (! authdir_mode_any_nonhidserv(options)) {
4552 /* If we wind up going to the authorities, we want to only open one
4553 * connection to each authority at a time, so that we don't overload
4554 * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
4555 * regardless of whether we're a cache or not; it gets ignored if we're
4556 * not calling router_pick_trusteddirserver.
4557 *
4558 * Setting this flag can make initiate_descriptor_downloads() ignore
4559 * requests. We need to make sure that we do in fact call
4560 * update_router_descriptor_downloads() later on, once the connections
4561 * have succeeded or failed.
4562 */
4563 pds_flags |= (purpose == DIR_PURPOSE_FETCH_MICRODESC) ?
4564 PDS_NO_EXISTING_MICRODESC_FETCH :
4565 PDS_NO_EXISTING_SERVERDESC_FETCH;
4566 }
4567
4568 n_per_request = CEIL_DIV(n_downloadable, MIN_REQUESTS);
4569 if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
4570 if (n_per_request > MAX_MICRODESC_DL_PER_REQUEST)
4571 n_per_request = MAX_MICRODESC_DL_PER_REQUEST;
4572 } else {
4573 if (n_per_request > MAX_DL_PER_REQUEST)
4574 n_per_request = MAX_DL_PER_REQUEST;
4575 }
4576 if (n_per_request < MIN_DL_PER_REQUEST)
4577 n_per_request = MIN_DL_PER_REQUEST;
4578
4579 if (n_downloadable > n_per_request)
4580 req_plural = rtr_plural = "s";
4581 else if (n_downloadable > 1)
4582 rtr_plural = "s";
4583
4584 log_info(LD_DIR,
4585 "Launching %d request%s for %d %s%s, %d at a time",
4586 CEIL_DIV(n_downloadable, n_per_request), req_plural,
4587 n_downloadable, descname, rtr_plural, n_per_request);
4588 smartlist_sort_digests(downloadable);
4589 for (i=0; i < n_downloadable; i += n_per_request) {
4590 initiate_descriptor_downloads(source, purpose,
4591 downloadable, i, i+n_per_request,
4592 pds_flags);
4593 }
4594 last_descriptor_download_attempted = now;
4595 }
4596 }
4597
4598 /** Launch downloads for router status as needed, using the strategy used by
4599 * authorities and caches: based on the v2 networkstatuses we have, download
4600 * every descriptor we don't have but would serve, from a random authority
4601 * that lists it. */
4602 static void
4603 update_router_descriptor_cache_downloads_v2(time_t now)
4604 {
4605 smartlist_t **downloadable; /* For each authority, what can we dl from it? */
4606 smartlist_t **download_from; /* ... and, what will we dl from it? */
4607 digestmap_t *map; /* Which descs are in progress, or assigned? */
4608 int i, j, n;
4609 int n_download;
4610 const or_options_t *options = get_options();
4611 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4612
4613 if (! directory_fetches_dir_info_early(options)) {
4614 log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
4615 "on a non-dir-mirror?");
4616 }
4617
4618 if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
4619 return;
4620
4621 map = digestmap_new();
4622 n = smartlist_len(networkstatus_v2_list);
4623
4624 downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
4625 download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
4626
4627 /* Set map[d]=1 for the digest of every descriptor that we are currently
4628 * downloading. */
4629 list_pending_descriptor_downloads(map, 0);
4630
4631 /* For the digest of every descriptor that we don't have, and that we aren't
4632 * downloading, add d to downloadable[i] if the i'th networkstatus knows
4633 * about that descriptor, and we haven't already failed to get that
4634 * descriptor from the corresponding authority.
4635 */
4636 n_download = 0;
4637 SMARTLIST_FOREACH_BEGIN(networkstatus_v2_list, networkstatus_v2_t *, ns) {
4638 dir_server_t *ds;
4639 smartlist_t *dl;
4640 dl = downloadable[ns_sl_idx] = smartlist_new();
4641 download_from[ns_sl_idx] = smartlist_new();
4642 if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
4643 /* Don't download if the networkstatus is almost ancient. */
4644 /* Actually, I suspect what's happening here is that we ask
4645 * for the descriptor when we have a given networkstatus,
4646 * and then we get a newer networkstatus, and then we receive
4647 * the descriptor. Having a networkstatus actually expire is
4648 * probably a rare event, and we'll probably be happiest if
4649 * we take this clause out. -RD */
4650 continue;
4651 }
4652
4653 /* Don't try dirservers that we think are down -- we might have
4654 * just tried them and just marked them as down. */
4655 ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
4656 if (ds && !ds->is_running)
4657 continue;
4658
4659 SMARTLIST_FOREACH_BEGIN(ns->entries, routerstatus_t * , rs) {
4660 if (!rs->need_to_mirror)
4661 continue;
4662 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4663 log_warn(LD_BUG,
4664 "We have a router descriptor, but need_to_mirror=1.");
4665 rs->need_to_mirror = 0;
4666 continue;
4667 }
4668 if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
4669 rs->need_to_mirror = 0;
4670 continue;
4671 }
4672 if (digestmap_get(map, rs->descriptor_digest)) {
4673 /* We're downloading it already. */
4674 continue;
4675 } else {
4676 /* We could download it from this guy. */
4677 smartlist_add(dl, rs->descriptor_digest);
4678 ++n_download;
4679 }
4680 } SMARTLIST_FOREACH_END(rs);
4681 } SMARTLIST_FOREACH_END(ns);
4682
4683 /* At random, assign descriptors to authorities such that:
4684 * - if d is a member of some downloadable[x], d is a member of some
4685 * download_from[y]. (Everything we want to download, we try to download
4686 * from somebody.)
4687 * - If d is a member of download_from[y], d is a member of downloadable[y].
4688 * (We only try to download descriptors from authorities who claim to have
4689 * them.)
4690 * - No d is a member of download_from[x] and download_from[y] s.t. x != y.
4691 * (We don't try to download anything from two authorities concurrently.)
4692 */
4693 while (n_download) {
4694 int which_ns = crypto_rand_int(n);
4695 smartlist_t *dl = downloadable[which_ns];
4696 int idx;
4697 char *d;
4698 if (!smartlist_len(dl))
4699 continue;
4700 idx = crypto_rand_int(smartlist_len(dl));
4701 d = smartlist_get(dl, idx);
4702 if (! digestmap_get(map, d)) {
4703 smartlist_add(download_from[which_ns], d);
4704 digestmap_set(map, d, (void*) 1);
4705 }
4706 smartlist_del(dl, idx);
4707 --n_download;
4708 }
4709
4710 /* Now, we can actually launch our requests. */
4711 for (i=0; i<n; ++i) {
4712 networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
4713 dir_server_t *ds =
4714 router_get_trusteddirserver_by_digest(ns->identity_digest);
4715 smartlist_t *dl = download_from[i];
4716 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4717 if (! authdir_mode_any_nonhidserv(options))
4718 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
4719
4720 if (!ds) {
4721 log_info(LD_DIR, "Networkstatus with no corresponding authority!");
4722 continue;
4723 }
4724 if (! smartlist_len(dl))
4725 continue;
4726 log_info(LD_DIR, "Requesting %d descriptors from authority \"%s\"",
4727 smartlist_len(dl), ds->nickname);
4728 for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
4729 initiate_descriptor_downloads(&(ds->fake_status),
4730 DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
4731 j+MAX_DL_PER_REQUEST, pds_flags);
4732 }
4733 }
4734
4735 for (i=0; i<n; ++i) {
4736 smartlist_free(download_from[i]);
4737 smartlist_free(downloadable[i]);
4738 }
4739 tor_free(download_from);
4740 tor_free(downloadable);
4741 digestmap_free(map,NULL);
4742 }
4743
4744 /** For any descriptor that we want that's currently listed in
4745 * <b>consensus</b>, download it as appropriate. */
4746 void
4747 update_consensus_router_descriptor_downloads(time_t now, int is_vote,
4748 networkstatus_t *consensus)
4749 {
4750 const or_options_t *options = get_options();
4751 digestmap_t *map = NULL;
4752 smartlist_t *no_longer_old = smartlist_new();
4753 smartlist_t *downloadable = smartlist_new();
4754 routerstatus_t *source = NULL;
4755 int authdir = authdir_mode(options);
4756 int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
4757 n_inprogress=0, n_in_oldrouters=0;
4758
4759 if (directory_too_idle_to_fetch_descriptors(options, now))
4760 goto done;
4761 if (!consensus)
4762 goto done;
4763
4764 if (is_vote) {
4765 /* where's it from, so we know whom to ask for descriptors */
4766 dir_server_t *ds;
4767 networkstatus_voter_info_t *voter = smartlist_get(consensus->voters, 0);
4768 tor_assert(voter);
4769 ds = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest);
4770 if (ds)
4771 source = &(ds->fake_status);
4772 else
4773 log_warn(LD_DIR, "couldn't lookup source from vote?");
4774 }
4775
4776 map = digestmap_new();
4777 list_pending_descriptor_downloads(map, 0);
4778 SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, void *, rsp) {
4779 routerstatus_t *rs =
4780 is_vote ? &(((vote_routerstatus_t *)rsp)->status) : rsp;
4781 signed_descriptor_t *sd;
4782 if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
4783 const routerinfo_t *ri;
4784 ++n_have;
4785 if (!(ri = router_get_by_id_digest(rs->identity_digest)) ||
4786 tor_memneq(ri->cache_info.signed_descriptor_digest,
4787 sd->signed_descriptor_digest, DIGEST_LEN)) {
4788 /* We have a descriptor with this digest, but either there is no
4789 * entry in routerlist with the same ID (!ri), or there is one,
4790 * but the identity digest differs (memneq).
4791 */
4792 smartlist_add(no_longer_old, sd);
4793 ++n_in_oldrouters; /* We have it in old_routers. */
4794 }
4795 continue; /* We have it already. */
4796 }
4797 if (digestmap_get(map, rs->descriptor_digest)) {
4798 ++n_inprogress;
4799 continue; /* We have an in-progress download. */
4800 }
4801 if (!download_status_is_ready(&rs->dl_status, now,
4802 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4803 ++n_delayed; /* Not ready for retry. */
4804 continue;
4805 }
4806 if (authdir && dirserv_would_reject_router(rs)) {
4807 ++n_would_reject;
4808 continue; /* We would throw it out immediately. */
4809 }
4810 if (!directory_caches_dir_info(options) &&
4811 !client_would_use_router(rs, now, options)) {
4812 ++n_wouldnt_use;
4813 continue; /* We would never use it ourself. */
4814 }
4815 if (is_vote && source) {
4816 char time_bufnew[ISO_TIME_LEN+1];
4817 char time_bufold[ISO_TIME_LEN+1];
4818 const routerinfo_t *oldrouter;
4819 oldrouter = router_get_by_id_digest(rs->identity_digest);
4820 format_iso_time(time_bufnew, rs->published_on);
4821 if (oldrouter)
4822 format_iso_time(time_bufold, oldrouter->cache_info.published_on);
4823 log_info(LD_DIR, "Learned about %s (%s vs %s) from %s's vote (%s)",
4824 routerstatus_describe(rs),
4825 time_bufnew,
4826 oldrouter ? time_bufold : "none",
4827 source->nickname, oldrouter ? "known" : "unknown");
4828 }
4829 smartlist_add(downloadable, rs->descriptor_digest);
4830 } SMARTLIST_FOREACH_END(rsp);
4831
4832 if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
4833 && smartlist_len(no_longer_old)) {
4834 routerlist_t *rl = router_get_routerlist();
4835 log_info(LD_DIR, "%d router descriptors listed in consensus are "
4836 "currently in old_routers; making them current.",
4837 smartlist_len(no_longer_old));
4838 SMARTLIST_FOREACH_BEGIN(no_longer_old, signed_descriptor_t *, sd) {
4839 const char *msg;
4840 was_router_added_t r;
4841 routerinfo_t *ri = routerlist_reparse_old(rl, sd);
4842 if (!ri) {
4843 log_warn(LD_BUG, "Failed to re-parse a router.");
4844 continue;
4845 }
4846 r = router_add_to_routerlist(ri, &msg, 1, 0);
4847 if (WRA_WAS_OUTDATED(r)) {
4848 log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
4849 msg?msg:"???");
4850 }
4851 } SMARTLIST_FOREACH_END(sd);
4852 routerlist_assert_ok(rl);
4853 }
4854
4855 log_info(LD_DIR,
4856 "%d router descriptors downloadable. %d delayed; %d present "
4857 "(%d of those were in old_routers); %d would_reject; "
4858 "%d wouldnt_use; %d in progress.",
4859 smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
4860 n_would_reject, n_wouldnt_use, n_inprogress);
4861
4862 launch_descriptor_downloads(DIR_PURPOSE_FETCH_SERVERDESC,
4863 downloadable, source, now);
4864
4865 digestmap_free(map, NULL);
4866 done:
4867 smartlist_free(downloadable);
4868 smartlist_free(no_longer_old);
4869 }
4870
4871 /** How often should we launch a server/authority request to be sure of getting
4872 * a guess for our IP? */
4873 /*XXXX024 this info should come from netinfo cells or something, or we should
4874 * do this only when we aren't seeing incoming data. see bug 652. */
4875 #define DUMMY_DOWNLOAD_INTERVAL (20*60)
4876
4877 /** As needed, launch a dummy router descriptor fetch to see if our
4878 * address has changed. */
4879 static void
4880 launch_dummy_descriptor_download_as_needed(time_t now,
4881 const or_options_t *options)
4882 {
4883 static time_t last_dummy_download = 0;
4884 /* XXXX024 we could be smarter here; see notes on bug 652. */
4885 /* If we're a server that doesn't have a configured address, we rely on
4886 * directory fetches to learn when our address changes. So if we haven't
4887 * tried to get any routerdescs in a long time, try a dummy fetch now. */
4888 if (!options->Address &&
4889 server_mode(options) &&
4890 last_descriptor_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
4891 last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
4892 last_dummy_download = now;
4893 directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
4894 ROUTER_PURPOSE_GENERAL, "authority.z",
4895 PDS_RETRY_IF_NO_SERVERS);
4896 }
4897 }
4898
4899 /** Launch downloads for router status as needed. */
4900 void
4901 update_router_descriptor_downloads(time_t now)
4902 {
4903 const or_options_t *options = get_options();
4904 if (should_delay_dir_fetches(options))
4905 return;
4906 if (!we_fetch_router_descriptors(options))
4907 return;
4908 if (directory_fetches_dir_info_early(options)) {
4909 update_router_descriptor_cache_downloads_v2(now);
4910 }
4911
4912 update_consensus_router_descriptor_downloads(now, 0,
4913 networkstatus_get_reasonably_live_consensus(now, FLAV_NS));
4914 }
4915
4916 /** Launch extrainfo downloads as needed. */
4917 void
4918 update_extrainfo_downloads(time_t now)
4919 {
4920 const or_options_t *options = get_options();
4921 routerlist_t *rl;
4922 smartlist_t *wanted;
4923 digestmap_t *pending;
4924 int old_routers, i;
4925 int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
4926 if (! options->DownloadExtraInfo)
4927 return;
4928 if (should_delay_dir_fetches(options))
4929 return;
4930 if (!router_have_minimum_dir_info())
4931 return;
4932
4933 pending = digestmap_new();
4934 list_pending_descriptor_downloads(pending, 1);
4935 rl = router_get_routerlist();
4936 wanted = smartlist_new();
4937 for (old_routers = 0; old_routers < 2; ++old_routers) {
4938 smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
4939 for (i = 0; i < smartlist_len(lst); ++i) {
4940 signed_descriptor_t *sd;
4941 char *d;
4942 if (old_routers)
4943 sd = smartlist_get(lst, i);
4944 else
4945 sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
4946 if (sd->is_extrainfo)
4947 continue; /* This should never happen. */
4948 if (old_routers && !router_get_by_id_digest(sd->identity_digest))
4949 continue; /* Couldn't check the signature if we got it. */
4950 if (sd->extrainfo_is_bogus)
4951 continue;
4952 d = sd->extra_info_digest;
4953 if (tor_digest_is_zero(d)) {
4954 ++n_no_ei;
4955 continue;
4956 }
4957 if (eimap_get(rl->extra_info_map, d)) {
4958 ++n_have;
4959 continue;
4960 }
4961 if (!download_status_is_ready(&sd->ei_dl_status, now,
4962 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4963 ++n_delay;
4964 continue;
4965 }
4966 if (digestmap_get(pending, d)) {
4967 ++n_pending;
4968 continue;
4969 }
4970 smartlist_add(wanted, d);
4971 }
4972 }
4973 digestmap_free(pending, NULL);
4974
4975 log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
4976 "with present ei, %d delaying, %d pending, %d downloadable.",
4977 n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
4978
4979 smartlist_shuffle(wanted);
4980 for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
4981 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
4982 wanted, i, i + MAX_DL_PER_REQUEST,
4983 PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
4984 }
4985
4986 smartlist_free(wanted);
4987 }
4988
4989 /** Reset the descriptor download failure count on all routers, so that we
4990 * can retry any long-failed routers immediately.
4991 */
4992 void
4993 router_reset_descriptor_download_failures(void)
4994 {
4995 networkstatus_reset_download_failures();
4996 last_descriptor_download_attempted = 0;
4997 if (!routerlist)
4998 return;
4999 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
5000 {
5001 download_status_reset(&ri->cache_info.ei_dl_status);
5002 });
5003 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
5004 {
5005 download_status_reset(&sd->ei_dl_status);
5006 });
5007 }
5008
5009 /** Any changes in a router descriptor's publication time larger than this are
5010 * automatically non-cosmetic. */
5011 #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (2*60*60)
5012
5013 /** We allow uptime to vary from how much it ought to be by this much. */
5014 #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
5015
5016 /** Return true iff the only differences between r1 and r2 are such that
5017 * would not cause a recent (post 0.1.1.6) dirserver to republish.
5018 */
5019 int
5020 router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2)
5021 {
5022 time_t r1pub, r2pub;
5023 long time_difference;
5024 tor_assert(r1 && r2);
5025
5026 /* r1 should be the one that was published first. */
5027 if (r1->cache_info.published_on > r2->cache_info.published_on) {
5028 const routerinfo_t *ri_tmp = r2;
5029 r2 = r1;
5030 r1 = ri_tmp;
5031 }
5032
5033 /* If any key fields differ, they're different. */
5034 if (strcasecmp(r1->address, r2->address) ||
5035 strcasecmp(r1->nickname, r2->nickname) ||
5036 r1->or_port != r2->or_port ||
5037 !tor_addr_eq(&r1->ipv6_addr, &r2->ipv6_addr) ||
5038 r1->ipv6_orport != r2->ipv6_orport ||
5039 r1->dir_port != r2->dir_port ||
5040 r1->purpose != r2->purpose ||
5041 !crypto_pk_eq_keys(r1->onion_pkey, r2->onion_pkey) ||
5042 !crypto_pk_eq_keys(r1->identity_pkey, r2->identity_pkey) ||
5043 strcasecmp(r1->platform, r2->platform) ||
5044 (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
5045 (!r1->contact_info && r2->contact_info) ||
5046 (r1->contact_info && r2->contact_info &&
5047 strcasecmp(r1->contact_info, r2->contact_info)) ||
5048 r1->is_hibernating != r2->is_hibernating ||
5049 cmp_addr_policies(r1->exit_policy, r2->exit_policy))
5050 return 0;
5051 if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
5052 return 0;
5053 if (r1->declared_family && r2->declared_family) {
5054 int i, n;
5055 if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
5056 return 0;
5057 n = smartlist_len(r1->declared_family);
5058 for (i=0; i < n; ++i) {
5059 if (strcasecmp(smartlist_get(r1->declared_family, i),
5060 smartlist_get(r2->declared_family, i)))
5061 return 0;
5062 }
5063 }
5064
5065 /* Did bandwidth change a lot? */
5066 if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
5067 (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
5068 return 0;
5069
5070 /* Did the bandwidthrate or bandwidthburst change? */
5071 if ((r1->bandwidthrate != r2->bandwidthrate) ||
5072 (r1->bandwidthburst != r2->bandwidthburst))
5073 return 0;
5074
5075 /* Did more than 12 hours pass? */
5076 if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
5077 < r2->cache_info.published_on)
5078 return 0;
5079
5080 /* Did uptime fail to increase by approximately the amount we would think,
5081 * give or take some slop? */
5082 r1pub = r1->cache_info.published_on;
5083 r2pub = r2->cache_info.published_on;
5084 time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
5085 if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
5086 time_difference > r1->uptime * .05 &&
5087 time_difference > r2->uptime * .05)
5088 return 0;
5089
5090 /* Otherwise, the difference is cosmetic. */
5091 return 1;
5092 }
5093
5094 /** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the
5095 * extrainfo document
5096 * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be
5097 * dropped. Return 0 for "compatible", return 1 for "reject, and inform
5098 * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
5099 * <b>msg</b> is present, set *<b>msg</b> to a description of the
5100 * incompatibility (if any).
5101 **/
5102 int
5103 routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri,
5104 extrainfo_t *ei,
5105 signed_descriptor_t *sd,
5106 const char **msg)
5107 {
5108 int digest_matches, r=1;
5109 tor_assert(ri);
5110 tor_assert(ei);
5111 if (!sd)
5112 sd = (signed_descriptor_t*)&ri->cache_info;
5113
5114 if (ei->bad_sig) {
5115 if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
5116 return 1;
5117 }
5118
5119 digest_matches = tor_memeq(ei->cache_info.signed_descriptor_digest,
5120 sd->extra_info_digest, DIGEST_LEN);
5121
5122 /* The identity must match exactly to have been generated at the same time
5123 * by the same router. */
5124 if (tor_memneq(ri->cache_info.identity_digest,
5125 ei->cache_info.identity_digest,
5126 DIGEST_LEN)) {
5127 if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
5128 goto err; /* different servers */
5129 }
5130
5131 if (ei->pending_sig) {
5132 char signed_digest[128];
5133 if (crypto_pk_public_checksig(ri->identity_pkey,
5134 signed_digest, sizeof(signed_digest),
5135 ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
5136 tor_memneq(signed_digest, ei->cache_info.signed_descriptor_digest,
5137 DIGEST_LEN)) {
5138 ei->bad_sig = 1;
5139 tor_free(ei->pending_sig);
5140 if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
5141 goto err; /* Bad signature, or no match. */
5142 }
5143
5144 ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
5145 tor_free(ei->pending_sig);
5146 }
5147
5148 if (ei->cache_info.published_on < sd->published_on) {
5149 if (msg) *msg = "Extrainfo published time did not match routerdesc";
5150 goto err;
5151 } else if (ei->cache_info.published_on > sd->published_on) {
5152 if (msg) *msg = "Extrainfo published time did not match routerdesc";
5153 r = -1;
5154 goto err;
5155 }
5156
5157 if (!digest_matches) {
5158 if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
5159 goto err; /* Digest doesn't match declared value. */
5160 }
5161
5162 return 0;
5163 err:
5164 if (digest_matches) {
5165 /* This signature was okay, and the digest was right: This is indeed the
5166 * corresponding extrainfo. But insanely, it doesn't match the routerinfo
5167 * that lists it. Don't try to fetch this one again. */
5168 sd->extrainfo_is_bogus = 1;
5169 }
5170
5171 return r;
5172 }
5173
5174 /** Assert that the internal representation of <b>rl</b> is
5175 * self-consistent. */
5176 void
5177 routerlist_assert_ok(const routerlist_t *rl)
5178 {
5179 routerinfo_t *r2;
5180 signed_descriptor_t *sd2;
5181 if (!rl)
5182 return;
5183 SMARTLIST_FOREACH_BEGIN(rl->routers, routerinfo_t *, r) {
5184 r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
5185 tor_assert(r == r2);
5186 sd2 = sdmap_get(rl->desc_digest_map,
5187 r->cache_info.signed_descriptor_digest);
5188 tor_assert(&(r->cache_info) == sd2);
5189 tor_assert(r->cache_info.routerlist_index == r_sl_idx);
5190 /* XXXX
5191 *
5192 * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
5193 * commenting this out is just a band-aid.
5194 *
5195 * The problem is that, although well-behaved router descriptors
5196 * should never have the same value for their extra_info_digest, it's
5197 * possible for ill-behaved routers to claim whatever they like there.
5198 *
5199 * The real answer is to trash desc_by_eid_map and instead have
5200 * something that indicates for a given extra-info digest we want,
5201 * what its download status is. We'll do that as a part of routerlist
5202 * refactoring once consensus directories are in. For now,
5203 * this rep violation is probably harmless: an adversary can make us
5204 * reset our retry count for an extrainfo, but that's not the end
5205 * of the world. Changing the representation in 0.2.0.x would just
5206 * destabilize the codebase.
5207 if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
5208 signed_descriptor_t *sd3 =
5209 sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
5210 tor_assert(sd3 == &(r->cache_info));
5211 }
5212 */
5213 } SMARTLIST_FOREACH_END(r);
5214 SMARTLIST_FOREACH_BEGIN(rl->old_routers, signed_descriptor_t *, sd) {
5215 r2 = rimap_get(rl->identity_map, sd->identity_digest);
5216 tor_assert(sd != &(r2->cache_info));
5217 sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
5218 tor_assert(sd == sd2);
5219 tor_assert(sd->routerlist_index == sd_sl_idx);
5220 /* XXXX see above.
5221 if (!tor_digest_is_zero(sd->extra_info_digest)) {
5222 signed_descriptor_t *sd3 =
5223 sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
5224 tor_assert(sd3 == sd);
5225 }
5226 */
5227 } SMARTLIST_FOREACH_END(sd);
5228
5229 RIMAP_FOREACH(rl->identity_map, d, r) {
5230 tor_assert(tor_memeq(r->cache_info.identity_digest, d, DIGEST_LEN));
5231 } DIGESTMAP_FOREACH_END;
5232 SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
5233 tor_assert(tor_memeq(sd->signed_descriptor_digest, d, DIGEST_LEN));
5234 } DIGESTMAP_FOREACH_END;
5235 SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
5236 tor_assert(!tor_digest_is_zero(d));
5237 tor_assert(sd);
5238 tor_assert(tor_memeq(sd->extra_info_digest, d, DIGEST_LEN));
5239 } DIGESTMAP_FOREACH_END;
5240 EIMAP_FOREACH(rl->extra_info_map, d, ei) {
5241 signed_descriptor_t *sd;
5242 tor_assert(tor_memeq(ei->cache_info.signed_descriptor_digest,
5243 d, DIGEST_LEN));
5244 sd = sdmap_get(rl->desc_by_eid_map,
5245 ei->cache_info.signed_descriptor_digest);
5246 // tor_assert(sd); // XXXX see above
5247 if (sd) {
5248 tor_assert(tor_memeq(ei->cache_info.signed_descriptor_digest,
5249 sd->extra_info_digest, DIGEST_LEN));
5250 }
5251 } DIGESTMAP_FOREACH_END;
5252 }
5253
5254 /** Allocate and return a new string representing the contact info
5255 * and platform string for <b>router</b>,
5256 * surrounded by quotes and using standard C escapes.
5257 *
5258 * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
5259 * thread. Also, each call invalidates the last-returned value, so don't
5260 * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
5261 *
5262 * If <b>router</b> is NULL, it just frees its internal memory and returns.
5263 */
5264 const char *
5265 esc_router_info(const routerinfo_t *router)
5266 {
5267 static char *info=NULL;
5268 char *esc_contact, *esc_platform;
5269 tor_free(info);
5270
5271 if (!router)
5272 return NULL; /* we're exiting; just free the memory we use */
5273
5274 esc_contact = esc_for_log(router->contact_info);
5275 esc_platform = esc_for_log(router->platform);
5276
5277 tor_asprintf(&info, "Contact %s, Platform %s", esc_contact, esc_platform);
5278 tor_free(esc_contact);
5279 tor_free(esc_platform);
5280
5281 return info;
5282 }
5283
5284 /** Helper for sorting: compare two routerinfos by their identity
5285 * digest. */
5286 static int
5287 compare_routerinfo_by_id_digest_(const void **a, const void **b)
5288 {
5289 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
5290 return fast_memcmp(first->cache_info.identity_digest,
5291 second->cache_info.identity_digest,
5292 DIGEST_LEN);
5293 }
5294
5295 /** Sort a list of routerinfo_t in ascending order of identity digest. */
5296 void
5297 routers_sort_by_identity(smartlist_t *routers)
5298 {
5299 smartlist_sort(routers, compare_routerinfo_by_id_digest_);
5300 }
5301
5302 /** Called when we change a node set, or when we reload the geoip IPv4 list:
5303 * recompute all country info in all configuration node sets and in the
5304 * routerlist. */
5305 void
5306 refresh_all_country_info(void)
5307 {
5308 const or_options_t *options = get_options();
5309
5310 if (options->EntryNodes)
5311 routerset_refresh_countries(options->EntryNodes);
5312 if (options->ExitNodes)
5313 routerset_refresh_countries(options->ExitNodes);
5314 if (options->ExcludeNodes)
5315 routerset_refresh_countries(options->ExcludeNodes);
5316 if (options->ExcludeExitNodes)
5317 routerset_refresh_countries(options->ExcludeExitNodes);
5318 if (options->ExcludeExitNodesUnion_)
5319 routerset_refresh_countries(options->ExcludeExitNodesUnion_);
5320
5321 nodelist_refresh_countries();
5322 }
5323
5324 /** Determine the routers that are responsible for <b>id</b> (binary) and
5325 * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
5326 * Return -1 if we're returning an empty smartlist, else return 0.
5327 */
5328 int
5329 hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
5330 const char *id)
5331 {
5332 int start, found, n_added = 0, i;
5333 networkstatus_t *c = networkstatus_get_latest_consensus();
5334 if (!c || !smartlist_len(c->routerstatus_list)) {
5335 log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
5336 "rendezvous operations.");
5337 return -1;
5338 }
5339 tor_assert(id);
5340 start = networkstatus_vote_find_entry_idx(c, id, &found);
5341 if (start == smartlist_len(c->routerstatus_list)) start = 0;
5342 i = start;
5343 do {
5344 routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
5345 if (r->is_hs_dir) {
5346 smartlist_add(responsible_dirs, r);
5347 if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
5348 return 0;
5349 }
5350 if (++i == smartlist_len(c->routerstatus_list))
5351 i = 0;
5352 } while (i != start);
5353
5354 /* Even though we don't have the desired number of hidden service
5355 * directories, be happy if we got any. */
5356 return smartlist_len(responsible_dirs) ? 0 : -1;
5357 }
5358
5359 /** Return true if this node is currently acting as hidden service
5360 * directory, false otherwise. */
5361 int
5362 hid_serv_acting_as_directory(void)
5363 {
5364 const routerinfo_t *me = router_get_my_routerinfo();
5365 if (!me)
5366 return 0;
5367 if (!get_options()->HidServDirectoryV2) {
5368 log_info(LD_REND, "We are not acting as hidden service directory, "
5369 "because we have not been configured as such.");
5370 return 0;
5371 }
5372 return 1;
5373 }
5374
5375 /** Return true if this node is responsible for storing the descriptor ID
5376 * in <b>query</b> and false otherwise. */
5377 int
5378 hid_serv_responsible_for_desc_id(const char *query)
5379 {
5380 const routerinfo_t *me;
5381 routerstatus_t *last_rs;
5382 const char *my_id, *last_id;
5383 int result;
5384 smartlist_t *responsible;
5385 if (!hid_serv_acting_as_directory())
5386 return 0;
5387 if (!(me = router_get_my_routerinfo()))
5388 return 0; /* This is redundant, but let's be paranoid. */
5389 my_id = me->cache_info.identity_digest;
5390 responsible = smartlist_new();
5391 if (hid_serv_get_responsible_directories(responsible, query) < 0) {
5392 smartlist_free(responsible);
5393 return 0;
5394 }
5395 last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
5396 last_id = last_rs->identity_digest;
5397 result = rend_id_is_in_interval(my_id, query, last_id);
5398 smartlist_free(responsible);
5399 return result;
5400 }
5401
The Onion Router