1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
8 * \brief Authority code for deciding the performance thresholds for flags,
9 * and assigning flags to routers.
12 #define VOTEFLAGS_PRIVATE
13 #include "core/or/or.h"
14 #include "feature/dirauth/voteflags.h"
16 #include "app/config/config.h"
17 #include "core/mainloop/mainloop.h"
18 #include "core/or/policies.h"
19 #include "feature/dirauth/bwauth.h"
20 #include "feature/dirauth/reachability.h"
21 #include "feature/dirauth/dirauth_sys.h"
22 #include "feature/hibernate/hibernate.h"
23 #include "feature/nodelist/dirlist.h"
24 #include "feature/nodelist/networkstatus.h"
25 #include "feature/nodelist/nodelist.h"
26 #include "feature/nodelist/routerlist.h"
27 #include "feature/nodelist/routerset.h"
28 #include "feature/relay/router.h"
29 #include "feature/stats/rephist.h"
31 #include "feature/dirauth/dirauth_options_st.h"
32 #include "feature/nodelist/node_st.h"
33 #include "feature/nodelist/routerinfo_st.h"
34 #include "feature/nodelist/routerlist_st.h"
35 #include "feature/nodelist/vote_routerstatus_st.h"
37 #include "lib/container/order.h"
39 /* Thresholds for server performance: set by
40 * dirserv_compute_performance_thresholds, and used by
41 * generate_v2_networkstatus */
43 /** Any router with an uptime of at least this value is stable. */
44 static uint32_t stable_uptime
= 0; /* start at a safe value */
45 /** Any router with an mtbf of at least this value is stable. */
46 static double stable_mtbf
= 0.0;
47 /** If true, we have measured enough mtbf info to look at stable_mtbf rather
48 * than stable_uptime. */
49 static int enough_mtbf_info
= 0;
50 /** Any router with a weighted fractional uptime of at least this much might
51 * be good as a guard. */
52 static double guard_wfu
= 0.0;
53 /** Don't call a router a guard unless we've known about it for at least this
55 static long guard_tk
= 0;
56 /** Any router with a bandwidth at least this high is "Fast" */
57 static uint32_t fast_bandwidth_kb
= 0;
58 /** If exits can be guards, then all guards must have a bandwidth this
60 static uint32_t guard_bandwidth_including_exits_kb
= 0;
61 /** If exits can't be guards, then all guards must have a bandwidth this
63 static uint32_t guard_bandwidth_excluding_exits_kb
= 0;
65 /** Helper: estimate the uptime of a router given its stated uptime and the
66 * amount of time since it last stated its stated uptime. */
68 real_uptime(const routerinfo_t
*router
, time_t now
)
70 if (now
< router
->cache_info
.published_on
)
71 return router
->uptime
;
73 return router
->uptime
+ (now
- router
->cache_info
.published_on
);
76 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
77 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
78 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
82 dirserv_thinks_router_is_unreliable(time_t now
,
83 const routerinfo_t
*router
,
84 int need_uptime
, int need_capacity
)
87 if (!enough_mtbf_info
) {
88 /* XXXX We should change the rule from
89 * "use uptime if we don't have mtbf data" to "don't advertise Stable on
90 * v3 if we don't have enough mtbf data." Or maybe not, since if we ever
91 * hit a point where we need to reset a lot of authorities at once,
92 * none of them would be in a position to declare Stable.
94 long uptime
= real_uptime(router
, now
);
95 if ((unsigned)uptime
< stable_uptime
&&
96 uptime
< dirauth_get_options()->AuthDirVoteStableGuaranteeMinUptime
)
100 rep_hist_get_stability(router
->cache_info
.identity_digest
, now
);
101 if (mtbf
< stable_mtbf
&&
102 mtbf
< dirauth_get_options()->AuthDirVoteStableGuaranteeMTBF
)
107 uint32_t bw_kb
= dirserv_get_credible_bandwidth_kb(router
);
108 if (bw_kb
< fast_bandwidth_kb
)
114 /** Return 1 if <b>ri</b>'s descriptor is "active" -- running, valid,
115 * not hibernating, and not too old. Else return 0.
118 router_is_active(const routerinfo_t
*ri
, const node_t
*node
, time_t now
)
120 time_t cutoff
= now
- ROUTER_MAX_AGE_TO_PUBLISH
;
121 if (ri
->cache_info
.published_on
< cutoff
) {
124 if (!node
->is_running
|| !node
->is_valid
|| ri
->is_hibernating
) {
130 /** Return true iff <b>router</b> should be assigned the "HSDir" flag.
132 * Right now this means it advertises support for it, it has a high uptime,
133 * it's a directory cache, it has the Stable and Fast flags, and it's currently
134 * considered Running.
136 * This function needs to be called after router-\>is_running has
140 dirserv_thinks_router_is_hs_dir(const routerinfo_t
*router
,
141 const node_t
*node
, time_t now
)
146 /* If we haven't been running for at least
147 * MinUptimeHidServDirectoryV2 seconds, we can't
148 * have accurate data telling us a relay has been up for at least
149 * that long. We also want to allow a bit of slack: Reachability
150 * tests aren't instant. If we haven't been running long enough,
151 * trust the relay. */
154 dirauth_get_options()->MinUptimeHidServDirectoryV2
* 1.1)
155 uptime
= MIN(rep_hist_get_uptime(router
->cache_info
.identity_digest
, now
),
156 real_uptime(router
, now
));
158 uptime
= real_uptime(router
, now
);
160 return (router
->wants_to_be_hs_dir
&&
161 router
->supports_tunnelled_dir_requests
&&
162 node
->is_stable
&& node
->is_fast
&&
163 uptime
>= dirauth_get_options()->MinUptimeHidServDirectoryV2
&&
164 router_is_active(router
, node
, now
));
167 /** Don't consider routers with less bandwidth than this when computing
169 #define ABSOLUTE_MIN_BW_VALUE_TO_CONSIDER_KB 4
171 /** Helper for dirserv_compute_performance_thresholds(): Decide whether to
172 * include a router in our calculations, and return true iff we should; the
173 * require_mbw parameter is passed in by
174 * dirserv_compute_performance_thresholds() and controls whether we ever
175 * count routers with only advertised bandwidths */
177 router_counts_toward_thresholds(const node_t
*node
, time_t now
,
178 const digestmap_t
*omit_as_sybil
,
181 /* Have measured bw? */
183 dirserv_has_measured_bw(node
->identity
);
184 uint64_t min_bw_kb
= ABSOLUTE_MIN_BW_VALUE_TO_CONSIDER_KB
;
185 const or_options_t
*options
= get_options();
186 const dirauth_options_t
*dirauth_options
= dirauth_get_options();
188 if (options
->TestingTorNetwork
) {
189 min_bw_kb
= (int64_t)dirauth_options
->TestingMinExitFlagThreshold
/ 1000;
192 return node
->ri
&& router_is_active(node
->ri
, node
, now
) &&
193 !digestmap_get(omit_as_sybil
, node
->identity
) &&
194 (dirserv_get_credible_bandwidth_kb(node
->ri
) >= min_bw_kb
) &&
195 (have_mbw
|| !require_mbw
);
198 /** Look through the routerlist, the Mean Time Between Failure history, and
199 * the Weighted Fractional Uptime history, and use them to set thresholds for
200 * the Stable, Fast, and Guard flags. Update the fields stable_uptime,
201 * stable_mtbf, enough_mtbf_info, guard_wfu, guard_tk, fast_bandwidth,
202 * guard_bandwidth_including_exits, and guard_bandwidth_excluding_exits.
204 * Also, set the is_exit flag of each router appropriately. */
206 dirserv_compute_performance_thresholds(digestmap_t
*omit_as_sybil
)
208 int n_active
, n_active_nonexit
, n_familiar
;
209 uint32_t *uptimes
, *bandwidths_kb
, *bandwidths_excluding_exits_kb
;
211 double *mtbfs
, *wfus
;
212 const smartlist_t
*nodelist
;
213 time_t now
= time(NULL
);
214 const or_options_t
*options
= get_options();
215 const dirauth_options_t
*dirauth_options
= dirauth_get_options();
219 (dirserv_get_last_n_measured_bws() >
220 dirauth_options
->MinMeasuredBWsForAuthToIgnoreAdvertised
) ? 1 : 0;
222 /* initialize these all here, in case there are no routers */
225 fast_bandwidth_kb
= 0;
226 guard_bandwidth_including_exits_kb
= 0;
227 guard_bandwidth_excluding_exits_kb
= 0;
231 nodelist_assert_ok();
232 nodelist
= nodelist_get_list();
234 /* Initialize arrays that will hold values for each router. We'll
235 * sort them and use that to compute thresholds. */
236 n_active
= n_active_nonexit
= 0;
237 /* Uptime for every active router. */
238 uptimes
= tor_calloc(smartlist_len(nodelist
), sizeof(uint32_t));
239 /* Bandwidth for every active router. */
240 bandwidths_kb
= tor_calloc(smartlist_len(nodelist
), sizeof(uint32_t));
241 /* Bandwidth for every active non-exit router. */
242 bandwidths_excluding_exits_kb
=
243 tor_calloc(smartlist_len(nodelist
), sizeof(uint32_t));
244 /* Weighted mean time between failure for each active router. */
245 mtbfs
= tor_calloc(smartlist_len(nodelist
), sizeof(double));
246 /* Time-known for each active router. */
247 tks
= tor_calloc(smartlist_len(nodelist
), sizeof(long));
248 /* Weighted fractional uptime for each active router. */
249 wfus
= tor_calloc(smartlist_len(nodelist
), sizeof(double));
251 /* Now, fill in the arrays. */
252 SMARTLIST_FOREACH_BEGIN(nodelist
, node_t
*, node
) {
253 if (options
->BridgeAuthoritativeDir
&&
255 node
->ri
->purpose
!= ROUTER_PURPOSE_BRIDGE
)
258 routerinfo_t
*ri
= node
->ri
;
260 node
->is_exit
= (!router_exit_policy_rejects_all(ri
) &&
261 exit_policy_is_general_exit(ri
->exit_policy
));
264 if (router_counts_toward_thresholds(node
, now
, omit_as_sybil
,
266 const char *id
= node
->identity
;
269 /* resolve spurious clang shallow analysis null pointer errors */
272 uptimes
[n_active
] = (uint32_t)real_uptime(ri
, now
);
273 mtbfs
[n_active
] = rep_hist_get_stability(id
, now
);
274 tks
[n_active
] = rep_hist_get_weighted_time_known(id
, now
);
275 bandwidths_kb
[n_active
] = bw_kb
= dirserv_get_credible_bandwidth_kb(ri
);
276 if (!node
->is_exit
|| node
->is_bad_exit
) {
277 bandwidths_excluding_exits_kb
[n_active_nonexit
] = bw_kb
;
282 } SMARTLIST_FOREACH_END(node
);
284 /* Now, compute thresholds. */
286 /* The median uptime is stable. */
287 stable_uptime
= median_uint32(uptimes
, n_active
);
288 /* The median mtbf is stable, if we have enough mtbf info */
289 stable_mtbf
= median_double(mtbfs
, n_active
);
290 /* The 12.5th percentile bandwidth is fast. */
291 fast_bandwidth_kb
= find_nth_uint32(bandwidths_kb
, n_active
, n_active
/8);
292 /* (Now bandwidths is sorted.) */
293 if (fast_bandwidth_kb
< RELAY_REQUIRED_MIN_BANDWIDTH
/(2 * 1000))
294 fast_bandwidth_kb
= bandwidths_kb
[n_active
/4];
295 int nth
= (int)(n_active
*
296 dirauth_options
->AuthDirVoteGuardBwThresholdFraction
);
297 guard_bandwidth_including_exits_kb
=
298 find_nth_uint32(bandwidths_kb
, n_active
, nth
);
299 guard_tk
= find_nth_long(tks
, n_active
, n_active
/8);
302 if (guard_tk
> dirauth_options
->AuthDirVoteGuardGuaranteeTimeKnown
)
303 guard_tk
= dirauth_options
->AuthDirVoteGuardGuaranteeTimeKnown
;
306 /* We can vote on a parameter for the minimum and maximum. */
307 #define ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG 4
308 int32_t min_fast_kb
, max_fast_kb
, min_fast
, max_fast
;
309 min_fast
= networkstatus_get_param(NULL
, "FastFlagMinThreshold",
310 ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG
,
311 ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG
,
313 if (options
->TestingTorNetwork
) {
314 min_fast
= (int32_t)dirauth_options
->TestingMinFastFlagThreshold
;
316 max_fast
= networkstatus_get_param(NULL
, "FastFlagMaxThreshold",
317 INT32_MAX
, min_fast
, INT32_MAX
);
318 min_fast_kb
= min_fast
/ 1000;
319 max_fast_kb
= max_fast
/ 1000;
321 if (fast_bandwidth_kb
< (uint32_t)min_fast_kb
)
322 fast_bandwidth_kb
= min_fast_kb
;
323 if (fast_bandwidth_kb
> (uint32_t)max_fast_kb
)
324 fast_bandwidth_kb
= max_fast_kb
;
326 /* Protect sufficiently fast nodes from being pushed out of the set
329 const uint64_t fast_opt
= dirauth_get_options()->AuthDirFastGuarantee
;
330 if (fast_opt
&& fast_bandwidth_kb
> fast_opt
/ 1000)
331 fast_bandwidth_kb
= (uint32_t)(fast_opt
/ 1000);
334 /* Now that we have a time-known that 7/8 routers are known longer than,
335 * fill wfus with the wfu of every such "familiar" router. */
338 SMARTLIST_FOREACH_BEGIN(nodelist
, node_t
*, node
) {
339 if (router_counts_toward_thresholds(node
, now
,
340 omit_as_sybil
, require_mbw
)) {
341 routerinfo_t
*ri
= node
->ri
;
342 const char *id
= ri
->cache_info
.identity_digest
;
343 long tk
= rep_hist_get_weighted_time_known(id
, now
);
346 wfus
[n_familiar
++] = rep_hist_get_weighted_fractional_uptime(id
, now
);
348 } SMARTLIST_FOREACH_END(node
);
350 guard_wfu
= median_double(wfus
, n_familiar
);
351 if (guard_wfu
> dirauth_options
->AuthDirVoteGuardGuaranteeWFU
)
352 guard_wfu
= dirauth_options
->AuthDirVoteGuardGuaranteeWFU
;
354 enough_mtbf_info
= rep_hist_have_measured_enough_stability();
356 if (n_active_nonexit
) {
357 int nth
= (int)(n_active_nonexit
*
358 dirauth_options
->AuthDirVoteGuardBwThresholdFraction
);
359 guard_bandwidth_excluding_exits_kb
=
360 find_nth_uint32(bandwidths_excluding_exits_kb
, n_active_nonexit
, nth
);
364 "Cutoffs: For Stable, %lu sec uptime, %lu sec MTBF. "
365 "For Fast: %lu kilobytes/sec. "
366 "For Guard: WFU %.03f%%, time-known %lu sec, "
367 "and bandwidth %lu or %lu kilobytes/sec. "
368 "We%s have enough stability data.",
369 (unsigned long)stable_uptime
,
370 (unsigned long)stable_mtbf
,
371 (unsigned long)fast_bandwidth_kb
,
373 (unsigned long)guard_tk
,
374 (unsigned long)guard_bandwidth_including_exits_kb
,
375 (unsigned long)guard_bandwidth_excluding_exits_kb
,
376 enough_mtbf_info
? "" : " don't");
380 tor_free(bandwidths_kb
);
381 tor_free(bandwidths_excluding_exits_kb
);
386 /* Use dirserv_compute_performance_thresholds() to compute the thresholds
387 * for the status flags, specifically for bridges.
389 * This is only called by a Bridge Authority from
390 * networkstatus_getinfo_by_purpose().
393 dirserv_compute_bridge_flag_thresholds(void)
395 digestmap_t
*omit_as_sybil
= digestmap_new();
396 dirserv_compute_performance_thresholds(omit_as_sybil
);
397 digestmap_free(omit_as_sybil
, NULL
);
400 /** Give a statement of our current performance thresholds for inclusion
401 * in a vote document. */
403 dirserv_get_flag_thresholds_line(void)
406 const int measured_threshold
=
407 dirauth_get_options()->MinMeasuredBWsForAuthToIgnoreAdvertised
;
408 const int enough_measured_bw
=
409 dirserv_get_last_n_measured_bws() > measured_threshold
;
411 tor_asprintf(&result
,
412 "stable-uptime=%lu stable-mtbf=%lu "
414 "guard-wfu=%.03f%% guard-tk=%lu "
415 "guard-bw-inc-exits=%lu guard-bw-exc-exits=%lu "
416 "enough-mtbf=%d ignoring-advertised-bws=%d",
417 (unsigned long)stable_uptime
,
418 (unsigned long)stable_mtbf
,
419 (unsigned long)fast_bandwidth_kb
*1000,
421 (unsigned long)guard_tk
,
422 (unsigned long)guard_bandwidth_including_exits_kb
*1000,
423 (unsigned long)guard_bandwidth_excluding_exits_kb
*1000,
424 enough_mtbf_info
? 1 : 0,
425 enough_measured_bw
? 1 : 0);
430 /** Directory authorities should avoid expressing an opinion on the
431 * Running flag if their own uptime is too low for the opinion to be
432 * accurate. They implement this step by not listing Running on the
433 * "known-flags" line in their vote.
435 * The default threshold is 30 minutes, because authorities do a full
436 * reachability sweep of the ID space every 10*128=1280 seconds
437 * (see REACHABILITY_TEST_CYCLE_PERIOD).
439 * For v3 dir auths, as long as some authorities express an opinion about
440 * Running, it's fine if a few authorities don't. There's an explicit
441 * check, when making the consensus, to abort if *no* authorities list
442 * Running as a known-flag.
444 * For the bridge authority, if it doesn't vote about Running, the
445 * resulting networkstatus file simply won't list any bridges as Running.
446 * That means the supporting tools, like bridgedb/rdsys and onionoo, need
447 * to be able to handle getting a bridge networkstatus document with no
448 * Running flags. For more details, see
449 * https://bugs.torproject.org/tpo/anti-censorship/rdsys/102 */
451 running_long_enough_to_decide_unreachable(void)
453 const dirauth_options_t
*opts
= dirauth_get_options();
454 return time_of_process_start
+
455 opts
->TestingAuthDirTimeToLearnReachability
< approx_time();
458 /** Each server needs to have passed a reachability test no more
459 * than this number of seconds ago, or it is listed as down in
461 #define REACHABLE_TIMEOUT (45*60)
463 /** If we tested a router and found it reachable _at least this long_ after it
464 * declared itself hibernating, it is probably done hibernating and we just
465 * missed a descriptor from it. */
466 #define HIBERNATION_PUBLICATION_SKEW (60*60)
468 /** Treat a router as alive if
469 * - It's me, and I'm not hibernating.
470 * or - We've found it reachable recently. */
472 dirserv_set_router_is_running(routerinfo_t
*router
, time_t now
)
474 /*XXXX This function is a mess. Separate out the part that calculates
475 whether it's reachable and the part that tells rephist that the router was
479 const dirauth_options_t
*dirauth_options
= dirauth_get_options();
480 node_t
*node
= node_get_mutable_by_id(router
->cache_info
.identity_digest
);
483 if (router_is_me(router
)) {
484 /* We always know if we are shutting down or hibernating ourselves. */
485 answer
= ! we_are_hibernating();
486 } else if (router
->is_hibernating
&&
487 (router
->cache_info
.published_on
+
488 HIBERNATION_PUBLICATION_SKEW
) > node
->last_reachable
) {
489 /* A hibernating router is down unless we (somehow) had contact with it
490 * since it declared itself to be hibernating. */
492 } else if (! dirauth_options
->AuthDirTestReachability
) {
493 /* If we aren't testing reachability, then everybody is up unless they say
497 /* Otherwise, a router counts as up if we found all announced OR
498 ports reachable in the last REACHABLE_TIMEOUT seconds.
500 XXX prop186 For now there's always one IPv4 and at most one
503 If we're not on IPv6, don't consider reachability of potential
504 IPv6 OR port since that'd kill all dual stack relays until a
505 majority of the dir auths have IPv6 connectivity. */
506 answer
= (now
< node
->last_reachable
+ REACHABLE_TIMEOUT
&&
507 (dirauth_options
->AuthDirHasIPv6Connectivity
!= 1 ||
508 tor_addr_is_null(&router
->ipv6_addr
) ||
509 now
< node
->last_reachable6
+ REACHABLE_TIMEOUT
));
512 if (!answer
&& running_long_enough_to_decide_unreachable()) {
513 /* Not considered reachable. tell rephist about that.
515 Because we launch a reachability test for each router every
516 REACHABILITY_TEST_CYCLE_PERIOD seconds, then the router has probably
517 been down since at least that time after we last successfully reached
523 if (node
->last_reachable
&&
524 node
->last_reachable
+ REACHABILITY_TEST_CYCLE_PERIOD
< now
)
525 when
= node
->last_reachable
+ REACHABILITY_TEST_CYCLE_PERIOD
;
526 rep_hist_note_router_unreachable(router
->cache_info
.identity_digest
, when
);
529 node
->is_running
= answer
;
532 /* Check <b>node</b> and <b>ri</b> on whether or not we should publish a
533 * relay's IPv6 addresses. */
535 should_publish_node_ipv6(const node_t
*node
, const routerinfo_t
*ri
,
538 const dirauth_options_t
*options
= dirauth_get_options();
540 return options
->AuthDirHasIPv6Connectivity
== 1 &&
541 !tor_addr_is_null(&ri
->ipv6_addr
) &&
542 ((node
->last_reachable6
>= now
- REACHABLE_TIMEOUT
) ||
546 /** Set routerstatus flags based on the authority options. Same as the testing
547 * function but for the main network. */
549 dirserv_set_routerstatus_flags(routerstatus_t
*rs
)
551 const dirauth_options_t
*options
= dirauth_get_options();
555 /* Assign Guard flag to relays that can get it unconditionnaly. */
556 if (routerset_contains_routerstatus(options
->AuthDirVoteGuard
, rs
, 0)) {
557 rs
->is_possible_guard
= 1;
562 * Extract status information from <b>ri</b> and from other authority
563 * functions and store it in <b>rs</b>, as per
564 * <b>set_routerstatus_from_routerinfo</b>. Additionally, sets information
565 * in from the authority subsystem.
568 dirauth_set_routerstatus_from_routerinfo(routerstatus_t
*rs
,
570 const routerinfo_t
*ri
,
575 const or_options_t
*options
= get_options();
576 uint32_t routerbw_kb
= dirserv_get_credible_bandwidth_kb(ri
);
578 /* Set these flags so that set_routerstatus_from_routerinfo can copy them.
580 node
->is_stable
= !dirserv_thinks_router_is_unreliable(now
, ri
, 1, 0);
581 node
->is_fast
= !dirserv_thinks_router_is_unreliable(now
, ri
, 0, 1);
582 node
->is_hs_dir
= dirserv_thinks_router_is_hs_dir(ri
, node
, now
);
584 set_routerstatus_from_routerinfo(rs
, node
, ri
);
586 /* Override rs->is_possible_guard. */
587 const uint64_t bw_opt
= dirauth_get_options()->AuthDirGuardBWGuarantee
;
588 if (node
->is_fast
&& node
->is_stable
&&
589 ri
->supports_tunnelled_dir_requests
&&
590 ((bw_opt
&& routerbw_kb
>= bw_opt
/ 1000) ||
591 routerbw_kb
>= MIN(guard_bandwidth_including_exits_kb
,
592 guard_bandwidth_excluding_exits_kb
))) {
593 long tk
= rep_hist_get_weighted_time_known(
594 node
->identity
, now
);
595 double wfu
= rep_hist_get_weighted_fractional_uptime(
596 node
->identity
, now
);
597 rs
->is_possible_guard
= (wfu
>= guard_wfu
&& tk
>= guard_tk
) ? 1 : 0;
599 rs
->is_possible_guard
= 0;
602 /* Override rs->is_bad_exit */
603 rs
->is_bad_exit
= listbadexits
&& node
->is_bad_exit
;
605 /* Override rs->is_middle_only and related flags. */
606 rs
->is_middle_only
= listmiddleonly
&& node
->is_middle_only
;
607 if (rs
->is_middle_only
) {
610 rs
->is_exit
= rs
->is_possible_guard
= rs
->is_hs_dir
= rs
->is_v2_dir
= 0;
613 /* Set rs->is_staledesc. */
615 (ri
->cache_info
.published_on
+ DESC_IS_STALE_INTERVAL
) < now
;
617 if (! should_publish_node_ipv6(node
, ri
, now
)) {
618 /* We're not configured as having IPv6 connectivity or the node isn't:
619 * zero its IPv6 information. */
620 tor_addr_make_null(&rs
->ipv6_addr
, AF_INET6
);
624 if (options
->TestingTorNetwork
) {
625 dirserv_set_routerstatus_testing(rs
);
627 dirserv_set_routerstatus_flags(rs
);
631 /** Use TestingDirAuthVoteExit, TestingDirAuthVoteGuard, and
632 * TestingDirAuthVoteHSDir to give out the Exit, Guard, and HSDir flags,
633 * respectively. But don't set the corresponding node flags.
634 * Should only be called if TestingTorNetwork is set. */
636 dirserv_set_routerstatus_testing(routerstatus_t
*rs
)
638 const dirauth_options_t
*options
= dirauth_get_options();
640 tor_assert(get_options()->TestingTorNetwork
);
642 if (routerset_contains_routerstatus(options
->TestingDirAuthVoteExit
,
645 } else if (options
->TestingDirAuthVoteExitIsStrict
) {
649 if (routerset_contains_routerstatus(options
->TestingDirAuthVoteGuard
,
651 rs
->is_possible_guard
= 1;
652 } else if (options
->TestingDirAuthVoteGuardIsStrict
) {
653 rs
->is_possible_guard
= 0;
656 if (routerset_contains_routerstatus(options
->TestingDirAuthVoteHSDir
,
659 } else if (options
->TestingDirAuthVoteHSDirIsStrict
) {
664 /** Use dirserv_set_router_is_running() to set bridges as running if they're
667 * This function is called from set_bridge_running_callback() when running as
668 * a bridge authority.
671 dirserv_set_bridges_running(time_t now
)
673 routerlist_t
*rl
= router_get_routerlist();
675 SMARTLIST_FOREACH_BEGIN(rl
->routers
, routerinfo_t
*, ri
) {
676 if (ri
->purpose
== ROUTER_PURPOSE_BRIDGE
)
677 dirserv_set_router_is_running(ri
, now
);
678 } SMARTLIST_FOREACH_END(ri
);