search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Issues with router_get_by_nickname() (3)
[tor/rransom.git] / src / or / routerlist.c
blob962240669c839326008a575cb5d9ac6df577f9e4
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2010, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file routerlist.c
9 * \brief Code to
10 * maintain and access the global list of routerinfos for known
11 * servers.
12 **/
13
14 #include "or.h"
15
16 // #define DEBUG_ROUTERLIST
17
18 /****************************************************************************/
19
20 /* static function prototypes */
21 static routerstatus_t *router_pick_directory_server_impl(
22 authority_type_t auth, int flags);
23 static routerstatus_t *router_pick_trusteddirserver_impl(
24 authority_type_t auth, int flags, int *n_busy_out);
25 static void mark_all_trusteddirservers_up(void);
26 static int router_nickname_matches(routerinfo_t *router, const char *nickname);
27 static void trusted_dir_server_free(trusted_dir_server_t *ds);
28 static void launch_router_descriptor_downloads(smartlist_t *downloadable,
29 time_t now);
30 static void update_consensus_router_descriptor_downloads(time_t now);
31 static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
32 static void update_router_have_minimum_dir_info(void);
33 static const char *signed_descriptor_get_body_impl(signed_descriptor_t *desc,
34 int with_annotations);
35 static void list_pending_downloads(digestmap_t *result,
36 int purpose, const char *prefix);
37
38 DECLARE_TYPED_DIGESTMAP_FNS(sdmap_, digest_sd_map_t, signed_descriptor_t)
39 DECLARE_TYPED_DIGESTMAP_FNS(rimap_, digest_ri_map_t, routerinfo_t)
40 DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
41 #define SDMAP_FOREACH(map, keyvar, valvar) \
42 DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
43 valvar)
44 #define RIMAP_FOREACH(map, keyvar, valvar) \
45 DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
46 #define EIMAP_FOREACH(map, keyvar, valvar) \
47 DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
48
49 /****************************************************************************/
50
51 /** Global list of a trusted_dir_server_t object for each trusted directory
52 * server. */
53 static smartlist_t *trusted_dir_servers = NULL;
54
55 /** List of for a given authority, and download status for latest certificate.
56 */
57 typedef struct cert_list_t {
58 download_status_t dl_status;
59 smartlist_t *certs;
60 } cert_list_t;
61 /** Map from v3 identity key digest to cert_list_t. */
62 static digestmap_t *trusted_dir_certs = NULL;
63 /** True iff any key certificate in at least one member of
64 * <b>trusted_dir_certs</b> has changed since we last flushed the
65 * certificates to disk. */
66 static int trusted_dir_servers_certs_changed = 0;
67
68 /** Global list of all of the routers that we know about. */
69 static routerlist_t *routerlist = NULL;
70
71 /** List of strings for nicknames we've already warned about and that are
72 * still unknown / unavailable. */
73 static smartlist_t *warned_nicknames = NULL;
74
75 /** The last time we tried to download any routerdesc, or 0 for "never". We
76 * use this to rate-limit download attempts when the number of routerdescs to
77 * download is low. */
78 static time_t last_routerdesc_download_attempted = 0;
79
80 /** When we last computed the weights to use for bandwidths on directory
81 * requests, what were the total weighted bandwidth, and our share of that
82 * bandwidth? Used to determine what fraction of directory requests we should
83 * expect to see. */
84 static uint64_t sl_last_total_weighted_bw = 0,
85 sl_last_weighted_bw_of_me = 0;
86
87 /** Return the number of directory authorities whose type matches some bit set
88 * in <b>type</b> */
89 int
90 get_n_authorities(authority_type_t type)
91 {
92 int n = 0;
93 if (!trusted_dir_servers)
94 return 0;
95 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
96 if (ds->type & type)
97 ++n);
98 return n;
99 }
100
101 #define get_n_v2_authorities() get_n_authorities(V2_AUTHORITY)
102
103 /** Helper: Return the cert_list_t for an authority whose authority ID is
104 * <b>id_digest</b>, allocating a new list if necessary. */
105 static cert_list_t *
106 get_cert_list(const char *id_digest)
107 {
108 cert_list_t *cl;
109 if (!trusted_dir_certs)
110 trusted_dir_certs = digestmap_new();
111 cl = digestmap_get(trusted_dir_certs, id_digest);
112 if (!cl) {
113 cl = tor_malloc_zero(sizeof(cert_list_t));
114 cl->dl_status.schedule = DL_SCHED_CONSENSUS;
115 cl->certs = smartlist_create();
116 digestmap_set(trusted_dir_certs, id_digest, cl);
117 }
118 return cl;
119 }
120
121 /** Reload the cached v3 key certificates from the cached-certs file in
122 * the data directory. Return 0 on success, -1 on failure. */
123 int
124 trusted_dirs_reload_certs(void)
125 {
126 char *filename;
127 char *contents;
128 int r;
129
130 filename = get_datadir_fname("cached-certs");
131 contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
132 tor_free(filename);
133 if (!contents)
134 return 0;
135 r = trusted_dirs_load_certs_from_string(contents, 1, 1);
136 tor_free(contents);
137 return r;
138 }
139
140 /** Helper: return true iff we already have loaded the exact cert
141 * <b>cert</b>. */
142 static INLINE int
143 already_have_cert(authority_cert_t *cert)
144 {
145 cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
146
147 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
148 {
149 if (!memcmp(c->cache_info.signed_descriptor_digest,
150 cert->cache_info.signed_descriptor_digest,
151 DIGEST_LEN))
152 return 1;
153 });
154 return 0;
155 }
156
157 /** Load a bunch of new key certificates from the string <b>contents</b>. If
158 * <b>from_store</b> is true, the certificates are from the cache, and we
159 * don't need to flush them to disk. If <b>from_store</b> is false, we need
160 * to flush any changed certificates to disk. Return 0 on success, -1 on
161 * failure. */
162 int
163 trusted_dirs_load_certs_from_string(const char *contents, int from_store,
164 int flush)
165 {
166 trusted_dir_server_t *ds;
167 const char *s, *eos;
168
169 for (s = contents; *s; s = eos) {
170 authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
171 cert_list_t *cl;
172 if (!cert)
173 break;
174 ds = trusteddirserver_get_by_v3_auth_digest(
175 cert->cache_info.identity_digest);
176 log_debug(LD_DIR, "Parsed certificate for %s",
177 ds ? ds->nickname : "unknown authority");
178
179 if (already_have_cert(cert)) {
180 /* we already have this one. continue. */
181 log_info(LD_DIR, "Skipping %s certificate for %s that we "
182 "already have.",
183 from_store ? "cached" : "downloaded",
184 ds ? ds->nickname : "??");
185
186 /* a duplicate on a download should be treated as a failure, since it
187 * probably means we wanted a different secret key or we are trying to
188 * replace an expired cert that has not in fact been updated. */
189 if (!from_store) {
190 log_warn(LD_DIR, "Got a certificate for %s that we already have. "
191 "Maybe they haven't updated it. Waiting for a while.",
192 ds ? ds->nickname : "??");
193 authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
194 }
195
196 authority_cert_free(cert);
197 continue;
198 }
199
200 if (ds) {
201 log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
202 "signing key %s", from_store ? "cached" : "downloaded",
203 ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
204 } else {
205 int adding = directory_caches_dir_info(get_options());
206 log_info(LD_DIR, "%s %s certificate for unrecognized directory "
207 "authority with signing key %s",
208 adding ? "Adding" : "Not adding",
209 from_store ? "cached" : "downloaded",
210 hex_str(cert->signing_key_digest,DIGEST_LEN));
211 if (!adding) {
212 authority_cert_free(cert);
213 continue;
214 }
215 }
216
217 cl = get_cert_list(cert->cache_info.identity_digest);
218 smartlist_add(cl->certs, cert);
219 if (ds && cert->cache_info.published_on > ds->addr_current_at) {
220 /* Check to see whether we should update our view of the authority's
221 * address. */
222 if (cert->addr && cert->dir_port &&
223 (ds->addr != cert->addr ||
224 ds->dir_port != cert->dir_port)) {
225 char *a = tor_dup_ip(cert->addr);
226 log_notice(LD_DIR, "Updating address for directory authority %s "
227 "from %s:%d to %s:%d based on in certificate.",
228 ds->nickname, ds->address, (int)ds->dir_port,
229 a, cert->dir_port);
230 tor_free(a);
231 ds->addr = cert->addr;
232 ds->dir_port = cert->dir_port;
233 }
234 ds->addr_current_at = cert->cache_info.published_on;
235 }
236
237 if (!from_store)
238 trusted_dir_servers_certs_changed = 1;
239 }
240
241 if (flush)
242 trusted_dirs_flush_certs_to_disk();
243
244 networkstatus_note_certs_arrived();
245 return 0;
246 }
247
248 /** Save all v3 key certificates to the cached-certs file. */
249 void
250 trusted_dirs_flush_certs_to_disk(void)
251 {
252 char *filename;
253 smartlist_t *chunks;
254
255 if (!trusted_dir_servers_certs_changed || !trusted_dir_certs)
256 return;
257
258 chunks = smartlist_create();
259 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
260 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
261 {
262 sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
263 c->bytes = cert->cache_info.signed_descriptor_body;
264 c->len = cert->cache_info.signed_descriptor_len;
265 smartlist_add(chunks, c);
266 });
267 } DIGESTMAP_FOREACH_END;
268
269 filename = get_datadir_fname("cached-certs");
270 if (write_chunks_to_file(filename, chunks, 0)) {
271 log_warn(LD_FS, "Error writing certificates to disk.");
272 }
273 tor_free(filename);
274 SMARTLIST_FOREACH(chunks, sized_chunk_t *, c, tor_free(c));
275 smartlist_free(chunks);
276
277 trusted_dir_servers_certs_changed = 0;
278 }
279
280 /** Remove all v3 authority certificates that have been superseded for more
281 * than 48 hours. (If the most recent cert was published more than 48 hours
282 * ago, then we aren't going to get any consensuses signed with older
283 * keys.) */
284 static void
285 trusted_dirs_remove_old_certs(void)
286 {
287 time_t now = time(NULL);
288 #define DEAD_CERT_LIFETIME (2*24*60*60)
289 #define OLD_CERT_LIFETIME (7*24*60*60)
290 if (!trusted_dir_certs)
291 return;
292
293 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
294 authority_cert_t *newest = NULL;
295 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
296 if (!newest || (cert->cache_info.published_on >
297 newest->cache_info.published_on))
298 newest = cert);
299 if (newest) {
300 const time_t newest_published = newest->cache_info.published_on;
301 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
302 int expired;
303 time_t cert_published;
304 if (newest == cert)
305 continue;
306 expired = ftime_definitely_after(now, cert->expires);
307 cert_published = cert->cache_info.published_on;
308 /* Store expired certs for 48 hours after a newer arrives;
309 */
310 if (expired ?
311 (newest_published + DEAD_CERT_LIFETIME < now) :
312 (cert_published + OLD_CERT_LIFETIME < newest_published)) {
313 SMARTLIST_DEL_CURRENT(cl->certs, cert);
314 authority_cert_free(cert);
315 trusted_dir_servers_certs_changed = 1;
316 }
317 } SMARTLIST_FOREACH_END(cert);
318 }
319 } DIGESTMAP_FOREACH_END;
320 #undef OLD_CERT_LIFETIME
321
322 trusted_dirs_flush_certs_to_disk();
323 }
324
325 /** Return the newest v3 authority certificate whose v3 authority identity key
326 * has digest <b>id_digest</b>. Return NULL if no such authority is known,
327 * or it has no certificate. */
328 authority_cert_t *
329 authority_cert_get_newest_by_id(const char *id_digest)
330 {
331 cert_list_t *cl;
332 authority_cert_t *best = NULL;
333 if (!trusted_dir_certs ||
334 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
335 return NULL;
336
337 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
338 {
339 if (!best || cert->cache_info.published_on > best->cache_info.published_on)
340 best = cert;
341 });
342 return best;
343 }
344
345 /** Return the newest v3 authority certificate whose directory signing key has
346 * digest <b>sk_digest</b>. Return NULL if no such certificate is known.
347 */
348 authority_cert_t *
349 authority_cert_get_by_sk_digest(const char *sk_digest)
350 {
351 authority_cert_t *c;
352 if (!trusted_dir_certs)
353 return NULL;
354
355 if ((c = get_my_v3_authority_cert()) &&
356 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
357 return c;
358 if ((c = get_my_v3_legacy_cert()) &&
359 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
360 return c;
361
362 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
363 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
364 {
365 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
366 return cert;
367 });
368 } DIGESTMAP_FOREACH_END;
369 return NULL;
370 }
371
372 /** Return the v3 authority certificate with signing key matching
373 * <b>sk_digest</b>, for the authority with identity digest <b>id_digest</b>.
374 * Return NULL if no such authority is known. */
375 authority_cert_t *
376 authority_cert_get_by_digests(const char *id_digest,
377 const char *sk_digest)
378 {
379 cert_list_t *cl;
380 if (!trusted_dir_certs ||
381 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
382 return NULL;
383 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
384 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
385 return cert; );
386
387 return NULL;
388 }
389
390 /** Add every known authority_cert_t to <b>certs_out</b>. */
391 void
392 authority_cert_get_all(smartlist_t *certs_out)
393 {
394 tor_assert(certs_out);
395 if (!trusted_dir_certs)
396 return;
397
398 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
399 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
400 smartlist_add(certs_out, c));
401 } DIGESTMAP_FOREACH_END;
402 }
403
404 /** Called when an attempt to download a certificate with the authority with
405 * ID <b>id_digest</b> fails with HTTP response code <b>status</b>: remember
406 * the failure, so we don't try again immediately. */
407 void
408 authority_cert_dl_failed(const char *id_digest, int status)
409 {
410 cert_list_t *cl;
411 if (!trusted_dir_certs ||
412 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
413 return;
414
415 download_status_failed(&cl->dl_status, status);
416 }
417
418 /** How many times will we try to fetch a certificate before giving up? */
419 #define MAX_CERT_DL_FAILURES 8
420
421 /** Try to download any v3 authority certificates that we may be missing. If
422 * <b>status</b> is provided, try to get all the ones that were used to sign
423 * <b>status</b>. Additionally, try to have a non-expired certificate for
424 * every V3 authority in trusted_dir_servers. Don't fetch certificates we
425 * already have.
426 **/
427 void
428 authority_certs_fetch_missing(networkstatus_t *status, time_t now)
429 {
430 digestmap_t *pending;
431 authority_cert_t *cert;
432 smartlist_t *missing_digests;
433 char *resource = NULL;
434 cert_list_t *cl;
435 const int cache = directory_caches_dir_info(get_options());
436
437 if (should_delay_dir_fetches(get_options()))
438 return;
439
440 pending = digestmap_new();
441 missing_digests = smartlist_create();
442
443 list_pending_downloads(pending, DIR_PURPOSE_FETCH_CERTIFICATE, "fp/");
444 if (status) {
445 SMARTLIST_FOREACH(status->voters, networkstatus_voter_info_t *, voter,
446 {
447 if (tor_digest_is_zero(voter->signing_key_digest))
448 continue; /* This authority never signed this consensus, so don't
449 * go looking for a cert with key digest 0000000000. */
450 if (!cache &&
451 !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
452 continue; /* We are not a cache, and we don't know this authority.*/
453 cl = get_cert_list(voter->identity_digest);
454 cert = authority_cert_get_by_digests(voter->identity_digest,
455 voter->signing_key_digest);
456 if (cert) {
457 if (now < cert->expires)
458 download_status_reset(&cl->dl_status);
459 continue;
460 }
461 if (download_status_is_ready(&cl->dl_status, now,
462 MAX_CERT_DL_FAILURES) &&
463 !digestmap_get(pending, voter->identity_digest)) {
464 log_notice(LD_DIR, "We're missing a certificate from authority "
465 "with signing key %s: launching request.",
466 hex_str(voter->signing_key_digest, DIGEST_LEN));
467 smartlist_add(missing_digests, voter->identity_digest);
468 }
469 });
470 }
471 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
472 {
473 int found = 0;
474 if (!(ds->type & V3_AUTHORITY))
475 continue;
476 if (smartlist_digest_isin(missing_digests, ds->v3_identity_digest))
477 continue;
478 cl = get_cert_list(ds->v3_identity_digest);
479 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
480 {
481 if (!ftime_definitely_after(now, cert->expires)) {
482 /* It's not expired, and we weren't looking for something to
483 * verify a consensus with. Call it done. */
484 download_status_reset(&cl->dl_status);
485 found = 1;
486 break;
487 }
488 });
489 if (!found &&
490 download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
491 !digestmap_get(pending, ds->v3_identity_digest)) {
492 log_notice(LD_DIR, "No current certificate known for authority %s; "
493 "launching request.", ds->nickname);
494 smartlist_add(missing_digests, ds->v3_identity_digest);
495 }
496 });
497
498 if (!smartlist_len(missing_digests)) {
499 goto done;
500 } else {
501 smartlist_t *fps = smartlist_create();
502 smartlist_add(fps, tor_strdup("fp/"));
503 SMARTLIST_FOREACH(missing_digests, const char *, d, {
504 char *fp;
505 if (digestmap_get(pending, d))
506 continue;
507 fp = tor_malloc(HEX_DIGEST_LEN+2);
508 base16_encode(fp, HEX_DIGEST_LEN+1, d, DIGEST_LEN);
509 fp[HEX_DIGEST_LEN] = '+';
510 fp[HEX_DIGEST_LEN+1] = '\0';
511 smartlist_add(fps, fp);
512 });
513 if (smartlist_len(fps) == 1) {
514 /* we didn't add any: they were all pending */
515 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
516 smartlist_free(fps);
517 goto done;
518 }
519 resource = smartlist_join_strings(fps, "", 0, NULL);
520 resource[strlen(resource)-1] = '\0';
521 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
522 smartlist_free(fps);
523 }
524 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
525 resource, PDS_RETRY_IF_NO_SERVERS);
526
527 done:
528 tor_free(resource);
529 smartlist_free(missing_digests);
530 digestmap_free(pending, NULL);
531 }
532
533 /* Router descriptor storage.
534 *
535 * Routerdescs are stored in a big file, named "cached-descriptors". As new
536 * routerdescs arrive, we append them to a journal file named
537 * "cached-descriptors.new".
538 *
539 * From time to time, we replace "cached-descriptors" with a new file
540 * containing only the live, non-superseded descriptors, and clear
541 * cached-routers.new.
542 *
543 * On startup, we read both files.
544 */
545
546 /** Helper: return 1 iff the router log is so big we want to rebuild the
547 * store. */
548 static int
549 router_should_rebuild_store(desc_store_t *store)
550 {
551 if (store->store_len > (1<<16))
552 return (store->journal_len > store->store_len / 2 ||
553 store->bytes_dropped > store->store_len / 2);
554 else
555 return store->journal_len > (1<<15);
556 }
557
558 /** Return the desc_store_t in <b>rl</b> that should be used to store
559 * <b>sd</b>. */
560 static INLINE desc_store_t *
561 desc_get_store(routerlist_t *rl, signed_descriptor_t *sd)
562 {
563 if (sd->is_extrainfo)
564 return &rl->extrainfo_store;
565 else
566 return &rl->desc_store;
567 }
568
569 /** Add the signed_descriptor_t in <b>desc</b> to the router
570 * journal; change its saved_location to SAVED_IN_JOURNAL and set its
571 * offset appropriately. */
572 static int
573 signed_desc_append_to_journal(signed_descriptor_t *desc,
574 desc_store_t *store)
575 {
576 char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
577 const char *body = signed_descriptor_get_body_impl(desc,1);
578 size_t len = desc->signed_descriptor_len + desc->annotations_len;
579
580 if (append_bytes_to_file(fname, body, len, 1)) {
581 log_warn(LD_FS, "Unable to store router descriptor");
582 tor_free(fname);
583 return -1;
584 }
585 desc->saved_location = SAVED_IN_JOURNAL;
586 tor_free(fname);
587
588 desc->saved_offset = store->journal_len;
589 store->journal_len += len;
590
591 return 0;
592 }
593
594 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
595 * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
596 * the signed_descriptor_t* in *<b>b</b>. */
597 static int
598 _compare_signed_descriptors_by_age(const void **_a, const void **_b)
599 {
600 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
601 return (int)(r1->published_on - r2->published_on);
602 }
603
604 #define RRS_FORCE 1
605 #define RRS_DONT_REMOVE_OLD 2
606
607 /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
608 * <b>flags</b>, then atomically replace the saved router store with the
609 * routers currently in our routerlist, and clear the journal. Unless
610 * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
611 * rebuilding the store. Return 0 on success, -1 on failure.
612 */
613 static int
614 router_rebuild_store(int flags, desc_store_t *store)
615 {
616 smartlist_t *chunk_list = NULL;
617 char *fname = NULL, *fname_tmp = NULL;
618 int r = -1;
619 off_t offset = 0;
620 smartlist_t *signed_descriptors = NULL;
621 int nocache=0;
622 size_t total_expected_len = 0;
623 int had_any;
624 int force = flags & RRS_FORCE;
625
626 if (!force && !router_should_rebuild_store(store)) {
627 r = 0;
628 goto done;
629 }
630 if (!routerlist) {
631 r = 0;
632 goto done;
633 }
634
635 if (store->type == EXTRAINFO_STORE)
636 had_any = !eimap_isempty(routerlist->extra_info_map);
637 else
638 had_any = (smartlist_len(routerlist->routers)+
639 smartlist_len(routerlist->old_routers))>0;
640
641 /* Don't save deadweight. */
642 if (!(flags & RRS_DONT_REMOVE_OLD))
643 routerlist_remove_old_routers();
644
645 log_info(LD_DIR, "Rebuilding %s cache", store->description);
646
647 fname = get_datadir_fname(store->fname_base);
648 fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
649
650 chunk_list = smartlist_create();
651
652 /* We sort the routers by age to enhance locality on disk. */
653 signed_descriptors = smartlist_create();
654 if (store->type == EXTRAINFO_STORE) {
655 eimap_iter_t *iter;
656 for (iter = eimap_iter_init(routerlist->extra_info_map);
657 !eimap_iter_done(iter);
658 iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
659 const char *key;
660 extrainfo_t *ei;
661 eimap_iter_get(iter, &key, &ei);
662 smartlist_add(signed_descriptors, &ei->cache_info);
663 }
664 } else {
665 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
666 smartlist_add(signed_descriptors, sd));
667 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
668 smartlist_add(signed_descriptors, &ri->cache_info));
669 }
670
671 smartlist_sort(signed_descriptors, _compare_signed_descriptors_by_age);
672
673 /* Now, add the appropriate members to chunk_list */
674 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
675 {
676 sized_chunk_t *c;
677 const char *body = signed_descriptor_get_body_impl(sd, 1);
678 if (!body) {
679 log_warn(LD_BUG, "No descriptor available for router.");
680 goto done;
681 }
682 if (sd->do_not_cache) {
683 ++nocache;
684 continue;
685 }
686 c = tor_malloc(sizeof(sized_chunk_t));
687 c->bytes = body;
688 c->len = sd->signed_descriptor_len + sd->annotations_len;
689 total_expected_len += c->len;
690 smartlist_add(chunk_list, c);
691 });
692
693 if (write_chunks_to_file(fname_tmp, chunk_list, 1)<0) {
694 log_warn(LD_FS, "Error writing router store to disk.");
695 goto done;
696 }
697
698 /* Our mmap is now invalid. */
699 if (store->mmap) {
700 tor_munmap_file(store->mmap);
701 store->mmap = NULL;
702 }
703
704 if (replace_file(fname_tmp, fname)<0) {
705 log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
706 goto done;
707 }
708
709 errno = 0;
710 store->mmap = tor_mmap_file(fname);
711 if (! store->mmap) {
712 if (errno == ERANGE) {
713 /* empty store.*/
714 if (total_expected_len) {
715 log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
716 " but when we went to mmap it, it was empty!", fname);
717 } else if (had_any) {
718 log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
719 "okay if we're just starting up after a long time. "
720 "Otherwise, it's a bug.", fname);
721 }
722 } else {
723 log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
724 }
725 }
726
727 log_info(LD_DIR, "Reconstructing pointers into cache");
728
729 offset = 0;
730 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
731 {
732 if (sd->do_not_cache)
733 continue;
734 sd->saved_location = SAVED_IN_CACHE;
735 if (store->mmap) {
736 tor_free(sd->signed_descriptor_body); // sets it to null
737 sd->saved_offset = offset;
738 }
739 offset += sd->signed_descriptor_len + sd->annotations_len;
740 signed_descriptor_get_body(sd); /* reconstruct and assert */
741 });
742
743 tor_free(fname);
744 fname = get_datadir_fname_suffix(store->fname_base, ".new");
745 write_str_to_file(fname, "", 1);
746
747 r = 0;
748 store->store_len = (size_t) offset;
749 store->journal_len = 0;
750 store->bytes_dropped = 0;
751 done:
752 if (signed_descriptors)
753 smartlist_free(signed_descriptors);
754 tor_free(fname);
755 tor_free(fname_tmp);
756 if (chunk_list) {
757 SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
758 smartlist_free(chunk_list);
759 }
760
761 return r;
762 }
763
764 /** Helper: Reload a cache file and its associated journal, setting metadata
765 * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
766 * else reload the router descriptor store. */
767 static int
768 router_reload_router_list_impl(desc_store_t *store)
769 {
770 char *fname = NULL, *altname = NULL, *contents = NULL;
771 struct stat st;
772 int read_from_old_location = 0;
773 int extrainfo = (store->type == EXTRAINFO_STORE);
774 time_t now = time(NULL);
775 store->journal_len = store->store_len = 0;
776
777 fname = get_datadir_fname(store->fname_base);
778 if (store->fname_alt_base)
779 altname = get_datadir_fname(store->fname_alt_base);
780
781 if (store->mmap) /* get rid of it first */
782 tor_munmap_file(store->mmap);
783 store->mmap = NULL;
784
785 store->mmap = tor_mmap_file(fname);
786 if (!store->mmap && altname && file_status(altname) == FN_FILE) {
787 read_from_old_location = 1;
788 log_notice(LD_DIR, "Couldn't read %s; trying to load routers from old "
789 "location %s.", fname, altname);
790 if ((store->mmap = tor_mmap_file(altname)))
791 read_from_old_location = 1;
792 }
793 if (altname && !read_from_old_location) {
794 remove_file_if_very_old(altname, now);
795 }
796 if (store->mmap) {
797 store->store_len = store->mmap->size;
798 if (extrainfo)
799 router_load_extrainfo_from_string(store->mmap->data,
800 store->mmap->data+store->mmap->size,
801 SAVED_IN_CACHE, NULL, 0);
802 else
803 router_load_routers_from_string(store->mmap->data,
804 store->mmap->data+store->mmap->size,
805 SAVED_IN_CACHE, NULL, 0, NULL);
806 }
807
808 tor_free(fname);
809 fname = get_datadir_fname_suffix(store->fname_base, ".new");
810 if (file_status(fname) == FN_FILE)
811 contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
812 if (read_from_old_location) {
813 tor_free(altname);
814 altname = get_datadir_fname_suffix(store->fname_alt_base, ".new");
815 if (!contents)
816 contents = read_file_to_str(altname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
817 else
818 remove_file_if_very_old(altname, now);
819 }
820 if (contents) {
821 if (extrainfo)
822 router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
823 NULL, 0);
824 else
825 router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
826 NULL, 0, NULL);
827 store->journal_len = (size_t) st.st_size;
828 tor_free(contents);
829 }
830
831 tor_free(fname);
832 tor_free(altname);
833
834 if (store->journal_len || read_from_old_location) {
835 /* Always clear the journal on startup.*/
836 router_rebuild_store(RRS_FORCE, store);
837 } else if (!extrainfo) {
838 /* Don't cache expired routers. (This is in an else because
839 * router_rebuild_store() also calls remove_old_routers().) */
840 routerlist_remove_old_routers();
841 }
842
843 return 0;
844 }
845
846 /** Load all cached router descriptors and extra-info documents from the
847 * store. Return 0 on success and -1 on failure.
848 */
849 int
850 router_reload_router_list(void)
851 {
852 routerlist_t *rl = router_get_routerlist();
853 if (router_reload_router_list_impl(&rl->desc_store))
854 return -1;
855 if (router_reload_router_list_impl(&rl->extrainfo_store))
856 return -1;
857 return 0;
858 }
859
860 /** Return a smartlist containing a list of trusted_dir_server_t * for all
861 * known trusted dirservers. Callers must not modify the list or its
862 * contents.
863 */
864 smartlist_t *
865 router_get_trusted_dir_servers(void)
866 {
867 if (!trusted_dir_servers)
868 trusted_dir_servers = smartlist_create();
869
870 return trusted_dir_servers;
871 }
872
873 /** Try to find a running dirserver that supports operations of <b>type</b>.
874 *
875 * If there are no running dirservers in our routerlist and the
876 * <b>PDS_RETRY_IF_NO_SERVERS</b> flag is set, set all the authoritative ones
877 * as running again, and pick one.
878 *
879 * If the <b>PDS_IGNORE_FASCISTFIREWALL</b> flag is set, then include
880 * dirservers that we can't reach.
881 *
882 * If the <b>PDS_ALLOW_SELF</b> flag is not set, then don't include ourself
883 * (if we're a dirserver).
884 *
885 * Don't pick an authority if any non-authority is viable; try to avoid using
886 * servers that have returned 503 recently.
887 */
888 routerstatus_t *
889 router_pick_directory_server(authority_type_t type, int flags)
890 {
891 routerstatus_t *choice;
892 if (get_options()->PreferTunneledDirConns)
893 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
894
895 if (!routerlist)
896 return NULL;
897
898 choice = router_pick_directory_server_impl(type, flags);
899 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
900 return choice;
901
902 log_info(LD_DIR,
903 "No reachable router entries for dirservers. "
904 "Trying them all again.");
905 /* mark all authdirservers as up again */
906 mark_all_trusteddirservers_up();
907 /* try again */
908 choice = router_pick_directory_server_impl(type, flags);
909 return choice;
910 }
911
912 /** Try to determine which fraction of v2 and v3 directory requests aimed at
913 * caches will be sent to us. Set *<b>v2_share_out</b> and
914 * *<b>v3_share_out</b> to the fractions of v2 and v3 protocol shares we
915 * expect to see, respectively. Return 0 on success, negative on failure. */
916 int
917 router_get_my_share_of_directory_requests(double *v2_share_out,
918 double *v3_share_out)
919 {
920 routerinfo_t *me = router_get_my_routerinfo();
921 routerstatus_t *rs;
922 const int pds_flags = PDS_ALLOW_SELF|PDS_IGNORE_FASCISTFIREWALL;
923 *v2_share_out = *v3_share_out = 0.0;
924 if (!me)
925 return -1;
926 rs = router_get_consensus_status_by_id(me->cache_info.identity_digest);
927 if (!rs)
928 return -1;
929
930 /* Calling for side effect */
931 /* XXXX This is a bit of a kludge */
932 if (rs->is_v2_dir) {
933 sl_last_total_weighted_bw = 0;
934 router_pick_directory_server(V2_AUTHORITY, pds_flags);
935 if (sl_last_total_weighted_bw != 0) {
936 *v2_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
937 U64_TO_DBL(sl_last_total_weighted_bw);
938 }
939 }
940
941 if (rs->version_supports_v3_dir) {
942 sl_last_total_weighted_bw = 0;
943 router_pick_directory_server(V3_AUTHORITY, pds_flags);
944 if (sl_last_total_weighted_bw != 0) {
945 *v3_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
946 U64_TO_DBL(sl_last_total_weighted_bw);
947 }
948 }
949
950 return 0;
951 }
952
953 /** Return the trusted_dir_server_t for the directory authority whose identity
954 * key hashes to <b>digest</b>, or NULL if no such authority is known.
955 */
956 trusted_dir_server_t *
957 router_get_trusteddirserver_by_digest(const char *digest)
958 {
959 if (!trusted_dir_servers)
960 return NULL;
961
962 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
963 {
964 if (!memcmp(ds->digest, digest, DIGEST_LEN))
965 return ds;
966 });
967
968 return NULL;
969 }
970
971 /** Return the trusted_dir_server_t for the directory authority whose identity
972 * key hashes to <b>digest</b>, or NULL if no such authority is known.
973 */
974 trusted_dir_server_t *
975 trusteddirserver_get_by_v3_auth_digest(const char *digest)
976 {
977 if (!trusted_dir_servers)
978 return NULL;
979
980 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
981 {
982 if (!memcmp(ds->v3_identity_digest, digest, DIGEST_LEN) &&
983 (ds->type & V3_AUTHORITY))
984 return ds;
985 });
986
987 return NULL;
988 }
989
990 /** Try to find a running trusted dirserver. Flags are as for
991 * router_pick_directory_server.
992 */
993 routerstatus_t *
994 router_pick_trusteddirserver(authority_type_t type, int flags)
995 {
996 routerstatus_t *choice;
997 int busy = 0;
998 if (get_options()->PreferTunneledDirConns)
999 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
1000
1001 choice = router_pick_trusteddirserver_impl(type, flags, &busy);
1002 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1003 return choice;
1004 if (busy) {
1005 /* If the reason that we got no server is that servers are "busy",
1006 * we must be excluding good servers because we already have serverdesc
1007 * fetches with them. Do not mark down servers up because of this. */
1008 tor_assert((flags & PDS_NO_EXISTING_SERVERDESC_FETCH));
1009 return NULL;
1010 }
1011
1012 log_info(LD_DIR,
1013 "No trusted dirservers are reachable. Trying them all again.");
1014 mark_all_trusteddirservers_up();
1015 return router_pick_trusteddirserver_impl(type, flags, NULL);
1016 }
1017
1018 /** How long do we avoid using a directory server after it's given us a 503? */
1019 #define DIR_503_TIMEOUT (60*60)
1020
1021 /** Pick a random running valid directory server/mirror from our
1022 * routerlist. Arguments are as for router_pick_directory_server(), except
1023 * that RETRY_IF_NO_SERVERS is ignored, and:
1024 *
1025 * If the _PDS_PREFER_TUNNELED_DIR_CONNS flag is set, prefer directory servers
1026 * that we can use with BEGINDIR.
1027 */
1028 static routerstatus_t *
1029 router_pick_directory_server_impl(authority_type_t type, int flags)
1030 {
1031 routerstatus_t *result;
1032 smartlist_t *direct, *tunnel;
1033 smartlist_t *trusted_direct, *trusted_tunnel;
1034 smartlist_t *overloaded_direct, *overloaded_tunnel;
1035 time_t now = time(NULL);
1036 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1037 int requireother = ! (flags & PDS_ALLOW_SELF);
1038 int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1039 int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1040
1041 if (!consensus)
1042 return NULL;
1043
1044 direct = smartlist_create();
1045 tunnel = smartlist_create();
1046 trusted_direct = smartlist_create();
1047 trusted_tunnel = smartlist_create();
1048 overloaded_direct = smartlist_create();
1049 overloaded_tunnel = smartlist_create();
1050
1051 /* Find all the running dirservers we know about. */
1052 SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, routerstatus_t *,
1053 status) {
1054 int is_trusted;
1055 int is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now;
1056 tor_addr_t addr;
1057 if (!status->is_running || !status->dir_port || !status->is_valid)
1058 continue;
1059 if (status->is_bad_directory)
1060 continue;
1061 if (requireother && router_digest_is_me(status->identity_digest))
1062 continue;
1063 if (type & V3_AUTHORITY) {
1064 if (!(status->version_supports_v3_dir ||
1065 router_digest_is_trusted_dir_type(status->identity_digest,
1066 V3_AUTHORITY)))
1067 continue;
1068 }
1069 is_trusted = router_digest_is_trusted_dir(status->identity_digest);
1070 if ((type & V2_AUTHORITY) && !(status->is_v2_dir || is_trusted))
1071 continue;
1072 if ((type & EXTRAINFO_CACHE) &&
1073 !router_supports_extrainfo(status->identity_digest, 0))
1074 continue;
1075
1076 /* XXXX IP6 proposal 118 */
1077 tor_addr_from_ipv4h(&addr, status->addr);
1078
1079 if (prefer_tunnel &&
1080 status->version_supports_begindir &&
1081 (!fascistfirewall ||
1082 fascist_firewall_allows_address_or(&addr, status->or_port)))
1083 smartlist_add(is_trusted ? trusted_tunnel :
1084 is_overloaded ? overloaded_tunnel : tunnel, status);
1085 else if (!fascistfirewall ||
1086 fascist_firewall_allows_address_dir(&addr, status->dir_port))
1087 smartlist_add(is_trusted ? trusted_direct :
1088 is_overloaded ? overloaded_direct : direct, status);
1089 } SMARTLIST_FOREACH_END(status);
1090
1091 if (smartlist_len(tunnel)) {
1092 result = routerstatus_sl_choose_by_bandwidth(tunnel);
1093 } else if (smartlist_len(overloaded_tunnel)) {
1094 result = routerstatus_sl_choose_by_bandwidth(overloaded_tunnel);
1095 } else if (smartlist_len(trusted_tunnel)) {
1096 /* FFFF We don't distinguish between trusteds and overloaded trusteds
1097 * yet. Maybe one day we should. */
1098 /* FFFF We also don't load balance over authorities yet. I think this
1099 * is a feature, but it could easily be a bug. -RD */
1100 result = smartlist_choose(trusted_tunnel);
1101 } else if (smartlist_len(direct)) {
1102 result = routerstatus_sl_choose_by_bandwidth(direct);
1103 } else if (smartlist_len(overloaded_direct)) {
1104 result = routerstatus_sl_choose_by_bandwidth(overloaded_direct);
1105 } else {
1106 result = smartlist_choose(trusted_direct);
1107 }
1108 smartlist_free(direct);
1109 smartlist_free(tunnel);
1110 smartlist_free(trusted_direct);
1111 smartlist_free(trusted_tunnel);
1112 smartlist_free(overloaded_direct);
1113 smartlist_free(overloaded_tunnel);
1114 return result;
1115 }
1116
1117 /** Choose randomly from among the trusted dirservers that are up. Flags
1118 * are as for router_pick_directory_server_impl().
1119 */
1120 static routerstatus_t *
1121 router_pick_trusteddirserver_impl(authority_type_t type, int flags,
1122 int *n_busy_out)
1123 {
1124 smartlist_t *direct, *tunnel;
1125 smartlist_t *overloaded_direct, *overloaded_tunnel;
1126 routerinfo_t *me = router_get_my_routerinfo();
1127 routerstatus_t *result;
1128 time_t now = time(NULL);
1129 const int requireother = ! (flags & PDS_ALLOW_SELF);
1130 const int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1131 const int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1132 const int no_serverdesc_fetching =(flags & PDS_NO_EXISTING_SERVERDESC_FETCH);
1133 int n_busy = 0;
1134
1135 if (!trusted_dir_servers)
1136 return NULL;
1137
1138 direct = smartlist_create();
1139 tunnel = smartlist_create();
1140 overloaded_direct = smartlist_create();
1141 overloaded_tunnel = smartlist_create();
1142
1143 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, d)
1144 {
1145 int is_overloaded =
1146 d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now;
1147 tor_addr_t addr;
1148 if (!d->is_running) continue;
1149 if ((type & d->type) == 0)
1150 continue;
1151 if ((type & EXTRAINFO_CACHE) &&
1152 !router_supports_extrainfo(d->digest, 1))
1153 continue;
1154 if (requireother && me && router_digest_is_me(d->digest))
1155 continue;
1156
1157 /* XXXX IP6 proposal 118 */
1158 tor_addr_from_ipv4h(&addr, d->addr);
1159
1160 if (no_serverdesc_fetching) {
1161 if (connection_get_by_type_addr_port_purpose(
1162 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)
1163 || connection_get_by_type_addr_port_purpose(
1164 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_EXTRAINFO)) {
1165 //log_debug(LD_DIR, "We have an existing connection to fetch "
1166 // "descriptor from %s; delaying",d->description);
1167 ++n_busy;
1168 continue;
1169 }
1170 }
1171
1172 if (prefer_tunnel &&
1173 d->or_port &&
1174 (!fascistfirewall ||
1175 fascist_firewall_allows_address_or(&addr, d->or_port)))
1176 smartlist_add(is_overloaded ? overloaded_tunnel : tunnel,
1177 &d->fake_status);
1178 else if (!fascistfirewall ||
1179 fascist_firewall_allows_address_dir(&addr, d->dir_port))
1180 smartlist_add(is_overloaded ? overloaded_direct : direct,
1181 &d->fake_status);
1182 }
1183 SMARTLIST_FOREACH_END(d);
1184
1185 if (smartlist_len(tunnel)) {
1186 result = smartlist_choose(tunnel);
1187 } else if (smartlist_len(overloaded_tunnel)) {
1188 result = smartlist_choose(overloaded_tunnel);
1189 } else if (smartlist_len(direct)) {
1190 result = smartlist_choose(direct);
1191 } else {
1192 result = smartlist_choose(overloaded_direct);
1193 }
1194
1195 if (n_busy_out)
1196 *n_busy_out = n_busy;
1197
1198 smartlist_free(direct);
1199 smartlist_free(tunnel);
1200 smartlist_free(overloaded_direct);
1201 smartlist_free(overloaded_tunnel);
1202 return result;
1203 }
1204
1205 /** Go through and mark the authoritative dirservers as up. */
1206 static void
1207 mark_all_trusteddirservers_up(void)
1208 {
1209 if (routerlist) {
1210 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1211 if (router_digest_is_trusted_dir(router->cache_info.identity_digest) &&
1212 router->dir_port > 0) {
1213 router->is_running = 1;
1214 });
1215 }
1216 if (trusted_dir_servers) {
1217 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
1218 {
1219 routerstatus_t *rs;
1220 dir->is_running = 1;
1221 download_status_reset(&dir->v2_ns_dl_status);
1222 rs = router_get_consensus_status_by_id(dir->digest);
1223 if (rs && !rs->is_running) {
1224 rs->is_running = 1;
1225 rs->last_dir_503_at = 0;
1226 control_event_networkstatus_changed_single(rs);
1227 }
1228 });
1229 }
1230 router_dir_info_changed();
1231 }
1232
1233 /** Reset all internal variables used to count failed downloads of network
1234 * status objects. */
1235 void
1236 router_reset_status_download_failures(void)
1237 {
1238 mark_all_trusteddirservers_up();
1239 }
1240
1241 /** Return true iff router1 and router2 have the same /16 network. */
1242 static INLINE int
1243 routers_in_same_network_family(routerinfo_t *r1, routerinfo_t *r2)
1244 {
1245 return (r1->addr & 0xffff0000) == (r2->addr & 0xffff0000);
1246 }
1247
1248 /** Look through the routerlist and identify routers that
1249 * advertise the same /16 network address as <b>router</b>.
1250 * Add each of them to <b>sl</b>.
1251 */
1252 static void
1253 routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router)
1254 {
1255 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
1256 {
1257 if (router != r && routers_in_same_network_family(router, r))
1258 smartlist_add(sl, r);
1259 });
1260 }
1261
1262 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
1263 * This is used to make sure we don't pick siblings in a single path,
1264 * or pick more than one relay from a family for our entry guard list.
1265 */
1266 void
1267 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
1268 {
1269 routerinfo_t *r;
1270 config_line_t *cl;
1271 or_options_t *options = get_options();
1272
1273 /* First, add any routers with similar network addresses. */
1274 if (options->EnforceDistinctSubnets)
1275 routerlist_add_network_family(sl, router);
1276
1277 if (router->declared_family) {
1278 /* Add every r such that router declares familyness with r, and r
1279 * declares familyhood with router. */
1280 SMARTLIST_FOREACH(router->declared_family, const char *, n,
1281 {
1282 if (!(r = router_get_by_nickname(n, 0)))
1283 continue;
1284 if (!r->declared_family)
1285 continue;
1286 SMARTLIST_FOREACH(r->declared_family, const char *, n2,
1287 {
1288 if (router_nickname_matches(router, n2))
1289 smartlist_add(sl, r);
1290 });
1291 });
1292 }
1293
1294 /* If the user declared any families locally, honor those too. */
1295 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1296 if (router_nickname_is_in_list(router, cl->value)) {
1297 add_nickname_list_to_smartlist(sl, cl->value, 0);
1298 }
1299 }
1300 }
1301
1302 /** Return true iff r is named by some nickname in <b>lst</b>. */
1303 static INLINE int
1304 router_in_nickname_smartlist(smartlist_t *lst, routerinfo_t *r)
1305 {
1306 if (!lst) return 0;
1307 SMARTLIST_FOREACH(lst, const char *, name,
1308 if (router_nickname_matches(r, name))
1309 return 1;);
1310 return 0;
1311 }
1312
1313 /** Return true iff r1 and r2 are in the same family, but not the same
1314 * router. */
1315 int
1316 routers_in_same_family(routerinfo_t *r1, routerinfo_t *r2)
1317 {
1318 or_options_t *options = get_options();
1319 config_line_t *cl;
1320
1321 if (options->EnforceDistinctSubnets && routers_in_same_network_family(r1,r2))
1322 return 1;
1323
1324 if (router_in_nickname_smartlist(r1->declared_family, r2) &&
1325 router_in_nickname_smartlist(r2->declared_family, r1))
1326 return 1;
1327
1328 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1329 if (router_nickname_is_in_list(r1, cl->value) &&
1330 router_nickname_is_in_list(r2, cl->value))
1331 return 1;
1332 }
1333 return 0;
1334 }
1335
1336 /** Given a (possibly NULL) comma-and-whitespace separated list of nicknames,
1337 * see which nicknames in <b>list</b> name routers in our routerlist, and add
1338 * the routerinfos for those routers to <b>sl</b>. If <b>must_be_running</b>,
1339 * only include routers that we think are running.
1340 * Warn if any non-Named routers are specified by nickname.
1341 */
1342 void
1343 add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
1344 int must_be_running)
1345 {
1346 routerinfo_t *router;
1347 smartlist_t *nickname_list;
1348 int have_dir_info = router_have_minimum_dir_info();
1349
1350 if (!list)
1351 return; /* nothing to do */
1352 tor_assert(sl);
1353
1354 nickname_list = smartlist_create();
1355 if (!warned_nicknames)
1356 warned_nicknames = smartlist_create();
1357
1358 smartlist_split_string(nickname_list, list, ",",
1359 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1360
1361 SMARTLIST_FOREACH(nickname_list, const char *, nick, {
1362 int warned;
1363 if (!is_legal_nickname_or_hexdigest(nick)) {
1364 log_warn(LD_CONFIG, "Nickname '%s' is misformed; skipping", nick);
1365 continue;
1366 }
1367 router = router_get_by_nickname(nick, 1);
1368 warned = smartlist_string_isin(warned_nicknames, nick);
1369 if (router) {
1370 if (!must_be_running || router->is_running) {
1371 smartlist_add(sl,router);
1372 }
1373 } else if (!router_get_consensus_status_by_nickname(nick,1)) {
1374 if (!warned) {
1375 log_fn(have_dir_info ? LOG_WARN : LOG_INFO, LD_CONFIG,
1376 "Nickname list includes '%s' which isn't a known router.",nick);
1377 smartlist_add(warned_nicknames, tor_strdup(nick));
1378 }
1379 }
1380 });
1381 SMARTLIST_FOREACH(nickname_list, char *, nick, tor_free(nick));
1382 smartlist_free(nickname_list);
1383 }
1384
1385 /** Return 1 iff any member of the (possibly NULL) comma-separated list
1386 * <b>list</b> is an acceptable nickname or hexdigest for <b>router</b>. Else
1387 * return 0.
1388 */
1389 int
1390 router_nickname_is_in_list(routerinfo_t *router, const char *list)
1391 {
1392 smartlist_t *nickname_list;
1393 int v = 0;
1394
1395 if (!list)
1396 return 0; /* definitely not */
1397 tor_assert(router);
1398
1399 nickname_list = smartlist_create();
1400 smartlist_split_string(nickname_list, list, ",",
1401 SPLIT_SKIP_SPACE|SPLIT_STRIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1402 SMARTLIST_FOREACH(nickname_list, const char *, cp,
1403 if (router_nickname_matches(router, cp)) {v=1;break;});
1404 SMARTLIST_FOREACH(nickname_list, char *, cp, tor_free(cp));
1405 smartlist_free(nickname_list);
1406 return v;
1407 }
1408
1409 /** Add every suitable router from our routerlist to <b>sl</b>, so that
1410 * we can pick a node for a circuit.
1411 */
1412 static void
1413 router_add_running_routers_to_smartlist(smartlist_t *sl, int allow_invalid,
1414 int need_uptime, int need_capacity,
1415 int need_guard)
1416 {
1417 if (!routerlist)
1418 return;
1419
1420 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1421 {
1422 if (router->is_running &&
1423 router->purpose == ROUTER_PURPOSE_GENERAL &&
1424 (router->is_valid || allow_invalid) &&
1425 !router_is_unreliable(router, need_uptime,
1426 need_capacity, need_guard)) {
1427 /* If it's running, and it's suitable according to the
1428 * other flags we had in mind */
1429 smartlist_add(sl, router);
1430 }
1431 });
1432 }
1433
1434 /** Look through the routerlist until we find a router that has my key.
1435 Return it. */
1436 routerinfo_t *
1437 routerlist_find_my_routerinfo(void)
1438 {
1439 if (!routerlist)
1440 return NULL;
1441
1442 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1443 {
1444 if (router_is_me(router))
1445 return router;
1446 });
1447 return NULL;
1448 }
1449
1450 /** Find a router that's up, that has this IP address, and
1451 * that allows exit to this address:port, or return NULL if there
1452 * isn't a good one.
1453 */
1454 routerinfo_t *
1455 router_find_exact_exit_enclave(const char *address, uint16_t port)
1456 {
1457 uint32_t addr;
1458 struct in_addr in;
1459 tor_addr_t a;
1460
1461 if (!tor_inet_aton(address, &in))
1462 return NULL; /* it's not an IP already */
1463 addr = ntohl(in.s_addr);
1464
1465 tor_addr_from_ipv4h(&a, addr);
1466
1467 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1468 {
1469 if (router->addr == addr &&
1470 router->is_running &&
1471 compare_tor_addr_to_addr_policy(&a, port, router->exit_policy) ==
1472 ADDR_POLICY_ACCEPTED)
1473 return router;
1474 });
1475 return NULL;
1476 }
1477
1478 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
1479 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
1480 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
1481 * bandwidth.
1482 * If <b>need_guard</b>, we require that the router is a possible entry guard.
1483 */
1484 int
1485 router_is_unreliable(routerinfo_t *router, int need_uptime,
1486 int need_capacity, int need_guard)
1487 {
1488 if (need_uptime && !router->is_stable)
1489 return 1;
1490 if (need_capacity && !router->is_fast)
1491 return 1;
1492 if (need_guard && !router->is_possible_guard)
1493 return 1;
1494 return 0;
1495 }
1496
1497 /** Return the smaller of the router's configured BandwidthRate
1498 * and its advertised capacity. */
1499 uint32_t
1500 router_get_advertised_bandwidth(routerinfo_t *router)
1501 {
1502 if (router->bandwidthcapacity < router->bandwidthrate)
1503 return router->bandwidthcapacity;
1504 return router->bandwidthrate;
1505 }
1506
1507 /** Do not weight any declared bandwidth more than this much when picking
1508 * routers by bandwidth. */
1509 #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
1510
1511 /** Return the smaller of the router's configured BandwidthRate
1512 * and its advertised capacity, capped by max-believe-bw. */
1513 uint32_t
1514 router_get_advertised_bandwidth_capped(routerinfo_t *router)
1515 {
1516 uint32_t result = router->bandwidthcapacity;
1517 if (result > router->bandwidthrate)
1518 result = router->bandwidthrate;
1519 if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
1520 result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1521 return result;
1522 }
1523
1524 /** Return bw*1000, unless bw*1000 would overflow, in which case return
1525 * INT32_MAX. */
1526 static INLINE int32_t
1527 kb_to_bytes(uint32_t bw)
1528 {
1529 return (bw > (INT32_MAX/1000)) ? INT32_MAX : bw*1000;
1530 }
1531
1532 /** Helper function:
1533 * choose a random element of smartlist <b>sl</b>, weighted by
1534 * the advertised bandwidth of each element.
1535 *
1536 * If <b>statuses</b> is zero, then <b>sl</b> is a list of
1537 * routerinfo_t's. Otherwise it's a list of routerstatus_t's.
1538 *
1539 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
1540 * nodes' bandwidth equally regardless of their Exit status, since there may
1541 * be some in the list because they exit to obscure ports. If
1542 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
1543 * exit-node's bandwidth less depending on the smallness of the fraction of
1544 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
1545 * guard node: consider all guard's bandwidth equally. Otherwise, weight
1546 * guards proportionally less.
1547 */
1548 static void *
1549 smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
1550 int statuses)
1551 {
1552 unsigned int i;
1553 routerinfo_t *router;
1554 routerstatus_t *status=NULL;
1555 int32_t *bandwidths;
1556 int is_exit;
1557 int is_guard;
1558 uint64_t total_nonexit_bw = 0, total_exit_bw = 0, total_bw = 0;
1559 uint64_t total_nonguard_bw = 0, total_guard_bw = 0;
1560 uint64_t rand_bw, tmp;
1561 double exit_weight;
1562 double guard_weight;
1563 int n_unknown = 0;
1564 bitarray_t *exit_bits;
1565 bitarray_t *guard_bits;
1566 int me_idx = -1;
1567
1568 /* Can't choose exit and guard at same time */
1569 tor_assert(rule == NO_WEIGHTING ||
1570 rule == WEIGHT_FOR_EXIT ||
1571 rule == WEIGHT_FOR_GUARD);
1572
1573 /* First count the total bandwidth weight, and make a list
1574 * of each value. <0 means "unknown; no routerinfo." We use the
1575 * bits of negative values to remember whether the router was fast (-x)&1
1576 * and whether it was an exit (-x)&2 or guard (-x)&4. Yes, it's a hack. */
1577 bandwidths = tor_malloc(sizeof(int32_t)*smartlist_len(sl));
1578 exit_bits = bitarray_init_zero(smartlist_len(sl));
1579 guard_bits = bitarray_init_zero(smartlist_len(sl));
1580
1581 /* Iterate over all the routerinfo_t or routerstatus_t, and */
1582 for (i = 0; i < (unsigned)smartlist_len(sl); ++i) {
1583 /* first, learn what bandwidth we think i has */
1584 int is_known = 1;
1585 int32_t flags = 0;
1586 uint32_t this_bw = 0;
1587 if (statuses) {
1588 status = smartlist_get(sl, i);
1589 if (router_digest_is_me(status->identity_digest))
1590 me_idx = i;
1591 router = router_get_by_digest(status->identity_digest);
1592 is_exit = status->is_exit;
1593 is_guard = status->is_possible_guard;
1594 if (status->has_bandwidth) {
1595 this_bw = kb_to_bytes(status->bandwidth);
1596 } else { /* guess */
1597 /* XXX022 once consensuses always list bandwidths, we can take
1598 * this guessing business out. -RD */
1599 is_known = 0;
1600 flags = status->is_fast ? 1 : 0;
1601 flags |= is_exit ? 2 : 0;
1602 flags |= is_guard ? 4 : 0;
1603 }
1604 } else {
1605 routerstatus_t *rs;
1606 router = smartlist_get(sl, i);
1607 rs = router_get_consensus_status_by_id(
1608 router->cache_info.identity_digest);
1609 if (router_digest_is_me(router->cache_info.identity_digest))
1610 me_idx = i;
1611 is_exit = router->is_exit;
1612 is_guard = router->is_possible_guard;
1613 if (rs && rs->has_bandwidth) {
1614 this_bw = kb_to_bytes(rs->bandwidth);
1615 } else if (rs) { /* guess; don't trust the descriptor */
1616 /* XXX022 once consensuses always list bandwidths, we can take
1617 * this guessing business out. -RD */
1618 is_known = 0;
1619 flags = router->is_fast ? 1 : 0;
1620 flags |= is_exit ? 2 : 0;
1621 flags |= is_guard ? 4 : 0;
1622 } else /* bridge or other descriptor not in our consensus */
1623 this_bw = router_get_advertised_bandwidth_capped(router);
1624 }
1625 if (is_exit)
1626 bitarray_set(exit_bits, i);
1627 if (is_guard)
1628 bitarray_set(guard_bits, i);
1629 if (is_known) {
1630 bandwidths[i] = (int32_t) this_bw; // safe since MAX_BELIEVABLE<INT32_MAX
1631 tor_assert(bandwidths[i] >= 0);
1632 if (is_guard)
1633 total_guard_bw += this_bw;
1634 else
1635 total_nonguard_bw += this_bw;
1636 if (is_exit)
1637 total_exit_bw += this_bw;
1638 else
1639 total_nonexit_bw += this_bw;
1640 } else {
1641 ++n_unknown;
1642 bandwidths[i] = -flags;
1643 }
1644 }
1645
1646 /* Now, fill in the unknown values. */
1647 if (n_unknown) {
1648 int32_t avg_fast, avg_slow;
1649 if (total_exit_bw+total_nonexit_bw) {
1650 /* if there's some bandwidth, there's at least one known router,
1651 * so no worries about div by 0 here */
1652 int n_known = smartlist_len(sl)-n_unknown;
1653 avg_fast = avg_slow = (int32_t)
1654 ((total_exit_bw+total_nonexit_bw)/((uint64_t) n_known));
1655 } else {
1656 avg_fast = 40000;
1657 avg_slow = 20000;
1658 }
1659 for (i=0; i<(unsigned)smartlist_len(sl); ++i) {
1660 int32_t bw = bandwidths[i];
1661 if (bw>=0)
1662 continue;
1663 is_exit = ((-bw)&2);
1664 is_guard = ((-bw)&4);
1665 bandwidths[i] = ((-bw)&1) ? avg_fast : avg_slow;
1666 if (is_exit)
1667 total_exit_bw += bandwidths[i];
1668 else
1669 total_nonexit_bw += bandwidths[i];
1670 if (is_guard)
1671 total_guard_bw += bandwidths[i];
1672 else
1673 total_nonguard_bw += bandwidths[i];
1674 }
1675 }
1676
1677 /* If there's no bandwidth at all, pick at random. */
1678 if (!(total_exit_bw+total_nonexit_bw)) {
1679 tor_free(bandwidths);
1680 tor_free(exit_bits);
1681 tor_free(guard_bits);
1682 return smartlist_choose(sl);
1683 }
1684
1685 /* Figure out how to weight exits and guards */
1686 {
1687 double all_bw = U64_TO_DBL(total_exit_bw+total_nonexit_bw);
1688 double exit_bw = U64_TO_DBL(total_exit_bw);
1689 double guard_bw = U64_TO_DBL(total_guard_bw);
1690 /*
1691 * For detailed derivation of this formula, see
1692 * http://archives.seul.org/or/dev/Jul-2007/msg00056.html
1693 */
1694 if (rule == WEIGHT_FOR_EXIT)
1695 exit_weight = 1.0;
1696 else
1697 exit_weight = 1.0 - all_bw/(3.0*exit_bw);
1698
1699 if (rule == WEIGHT_FOR_GUARD)
1700 guard_weight = 1.0;
1701 else
1702 guard_weight = 1.0 - all_bw/(3.0*guard_bw);
1703
1704 if (exit_weight <= 0.0)
1705 exit_weight = 0.0;
1706
1707 if (guard_weight <= 0.0)
1708 guard_weight = 0.0;
1709
1710 total_bw = 0;
1711 sl_last_weighted_bw_of_me = 0;
1712 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1713 uint64_t bw;
1714 is_exit = bitarray_is_set(exit_bits, i);
1715 is_guard = bitarray_is_set(guard_bits, i);
1716 if (is_exit && is_guard)
1717 bw = ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1718 else if (is_guard)
1719 bw = ((uint64_t)(bandwidths[i] * guard_weight));
1720 else if (is_exit)
1721 bw = ((uint64_t)(bandwidths[i] * exit_weight));
1722 else
1723 bw = bandwidths[i];
1724 total_bw += bw;
1725 if (i == (unsigned) me_idx)
1726 sl_last_weighted_bw_of_me = bw;
1727 }
1728 }
1729
1730 /* XXXX022 this is a kludge to expose these values. */
1731 sl_last_total_weighted_bw = total_bw;
1732
1733 log_debug(LD_CIRC, "Total weighted bw = "U64_FORMAT
1734 ", exit bw = "U64_FORMAT
1735 ", nonexit bw = "U64_FORMAT", exit weight = %lf "
1736 "(for exit == %d)"
1737 ", guard bw = "U64_FORMAT
1738 ", nonguard bw = "U64_FORMAT", guard weight = %lf "
1739 "(for guard == %d)",
1740 U64_PRINTF_ARG(total_bw),
1741 U64_PRINTF_ARG(total_exit_bw), U64_PRINTF_ARG(total_nonexit_bw),
1742 exit_weight, (int)(rule == WEIGHT_FOR_EXIT),
1743 U64_PRINTF_ARG(total_guard_bw), U64_PRINTF_ARG(total_nonguard_bw),
1744 guard_weight, (int)(rule == WEIGHT_FOR_GUARD));
1745
1746 /* Almost done: choose a random value from the bandwidth weights. */
1747 rand_bw = crypto_rand_uint64(total_bw);
1748
1749 /* Last, count through sl until we get to the element we picked */
1750 tmp = 0;
1751 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1752 is_exit = bitarray_is_set(exit_bits, i);
1753 is_guard = bitarray_is_set(guard_bits, i);
1754
1755 /* Weights can be 0 if not counting guards/exits */
1756 if (is_exit && is_guard)
1757 tmp += ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1758 else if (is_guard)
1759 tmp += ((uint64_t)(bandwidths[i] * guard_weight));
1760 else if (is_exit)
1761 tmp += ((uint64_t)(bandwidths[i] * exit_weight));
1762 else
1763 tmp += bandwidths[i];
1764
1765 if (tmp >= rand_bw)
1766 break;
1767 }
1768 if (i == (unsigned)smartlist_len(sl)) {
1769 /* This was once possible due to round-off error, but shouldn't be able
1770 * to occur any longer. */
1771 tor_fragile_assert();
1772 --i;
1773 log_warn(LD_BUG, "Round-off error in computing bandwidth had an effect on "
1774 " which router we chose. Please tell the developers. "
1775 U64_FORMAT " " U64_FORMAT " " U64_FORMAT, U64_PRINTF_ARG(tmp),
1776 U64_PRINTF_ARG(rand_bw), U64_PRINTF_ARG(total_bw));
1777 }
1778 tor_free(bandwidths);
1779 tor_free(exit_bits);
1780 tor_free(guard_bits);
1781 return smartlist_get(sl, i);
1782 }
1783
1784 /** Choose a random element of router list <b>sl</b>, weighted by
1785 * the advertised bandwidth of each router.
1786 */
1787 routerinfo_t *
1788 routerlist_sl_choose_by_bandwidth(smartlist_t *sl,
1789 bandwidth_weight_rule_t rule)
1790 {
1791 return smartlist_choose_by_bandwidth(sl, rule, 0);
1792 }
1793
1794 /** Choose a random element of status list <b>sl</b>, weighted by
1795 * the advertised bandwidth of each status.
1796 */
1797 routerstatus_t *
1798 routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
1799 {
1800 /* We are choosing neither exit nor guard here. Weight accordingly. */
1801 return smartlist_choose_by_bandwidth(sl, NO_WEIGHTING, 1);
1802 }
1803
1804 /** Return a random running router from the routerlist. If any node
1805 * named in <b>preferred</b> is available, pick one of those. Never
1806 * pick a node whose routerinfo is in
1807 * <b>excludedsmartlist</b>, or whose routerinfo matches <b>excludedset</b>,
1808 * even if they are the only nodes
1809 * available. If <b>CRN_STRICT_PREFERRED</b> is set in flags, never pick
1810 * any node besides those in <b>preferred</b>.
1811 * If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
1812 * a minimum uptime, return one of those.
1813 * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
1814 * advertised capacity of each router.
1815 * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
1816 * routers.
1817 * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
1818 * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
1819 * picking an exit node, otherwise we weight bandwidths for picking a relay
1820 * node (that is, possibly discounting exit nodes).
1821 */
1822 routerinfo_t *
1823 router_choose_random_node(const char *preferred,
1824 smartlist_t *excludedsmartlist,
1825 routerset_t *excludedset,
1826 router_crn_flags_t flags)
1827 {
1828 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1829 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1830 const int need_guard = (flags & CRN_NEED_GUARD) != 0;
1831 const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
1832 const int strict = (flags & CRN_STRICT_PREFERRED) != 0;
1833 const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
1834
1835 smartlist_t *sl, *excludednodes;
1836 routerinfo_t *choice = NULL, *r;
1837 bandwidth_weight_rule_t rule;
1838
1839 tor_assert(!(weight_for_exit && need_guard));
1840 rule = weight_for_exit ? WEIGHT_FOR_EXIT :
1841 (need_guard ? WEIGHT_FOR_GUARD : NO_WEIGHTING);
1842
1843 excludednodes = smartlist_create();
1844
1845 /* Exclude relays that allow single hop exit circuits, if the user
1846 * wants to (such relays might be risky) */
1847 if (get_options()->ExcludeSingleHopRelays) {
1848 routerlist_t *rl = router_get_routerlist();
1849 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
1850 if (r->allow_single_hop_exits) {
1851 smartlist_add(excludednodes, r);
1852 });
1853 }
1854
1855 if ((r = routerlist_find_my_routerinfo())) {
1856 smartlist_add(excludednodes, r);
1857 routerlist_add_family(excludednodes, r);
1858 }
1859
1860 /* Try the preferred nodes first. Ignore need_uptime and need_capacity
1861 * and need_guard, since the user explicitly asked for these nodes. */
1862 if (preferred) {
1863 sl = smartlist_create();
1864 add_nickname_list_to_smartlist(sl,preferred,1);
1865 smartlist_subtract(sl,excludednodes);
1866 if (excludedsmartlist)
1867 smartlist_subtract(sl,excludedsmartlist);
1868 if (excludedset)
1869 routerset_subtract_routers(sl,excludedset);
1870 choice = smartlist_choose(sl);
1871 smartlist_free(sl);
1872 }
1873 if (!choice && !strict) {
1874 /* Then give up on our preferred choices: any node
1875 * will do that has the required attributes. */
1876 sl = smartlist_create();
1877 router_add_running_routers_to_smartlist(sl, allow_invalid,
1878 need_uptime, need_capacity,
1879 need_guard);
1880 smartlist_subtract(sl,excludednodes);
1881 if (excludedsmartlist)
1882 smartlist_subtract(sl,excludedsmartlist);
1883 if (excludedset)
1884 routerset_subtract_routers(sl,excludedset);
1885
1886 if (need_capacity || need_guard)
1887 choice = routerlist_sl_choose_by_bandwidth(sl, rule);
1888 else
1889 choice = smartlist_choose(sl);
1890
1891 smartlist_free(sl);
1892 if (!choice && (need_uptime || need_capacity || need_guard)) {
1893 /* try once more -- recurse but with fewer restrictions. */
1894 log_info(LD_CIRC,
1895 "We couldn't find any live%s%s%s routers; falling back "
1896 "to list of all routers.",
1897 need_capacity?", fast":"",
1898 need_uptime?", stable":"",
1899 need_guard?", guard":"");
1900 flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
1901 choice = router_choose_random_node(
1902 NULL, excludedsmartlist, excludedset, flags);
1903 }
1904 }
1905 smartlist_free(excludednodes);
1906 if (!choice) {
1907 if (strict) {
1908 log_warn(LD_CIRC, "All preferred nodes were down when trying to choose "
1909 "node, and the Strict[...]Nodes option is set. Failing.");
1910 } else {
1911 log_warn(LD_CIRC,
1912 "No available nodes when trying to choose node. Failing.");
1913 }
1914 }
1915 return choice;
1916 }
1917
1918 /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
1919 * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
1920 * (which is optionally prefixed with a single dollar sign). Return false if
1921 * <b>hexdigest</b> is malformed, or it doesn't match. */
1922 static INLINE int
1923 hex_digest_matches(const char *hexdigest, const char *identity_digest,
1924 const char *nickname, int is_named)
1925 {
1926 char digest[DIGEST_LEN];
1927 size_t len;
1928 tor_assert(hexdigest);
1929 if (hexdigest[0] == '$')
1930 ++hexdigest;
1931
1932 len = strlen(hexdigest);
1933 if (len < HEX_DIGEST_LEN)
1934 return 0;
1935 else if (len > HEX_DIGEST_LEN &&
1936 (hexdigest[HEX_DIGEST_LEN] == '=' ||
1937 hexdigest[HEX_DIGEST_LEN] == '~')) {
1938 if (strcasecmp(hexdigest+HEX_DIGEST_LEN+1, nickname))
1939 return 0;
1940 if (hexdigest[HEX_DIGEST_LEN] == '=' && !is_named)
1941 return 0;
1942 }
1943
1944 if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
1945 return 0;
1946 return (!memcmp(digest, identity_digest, DIGEST_LEN));
1947 }
1948
1949 /** Return true iff the digest of <b>router</b>'s identity key,
1950 * encoded in hexadecimal, matches <b>hexdigest</b> (which is
1951 * optionally prefixed with a single dollar sign). Return false if
1952 * <b>hexdigest</b> is malformed, or it doesn't match. */
1953 static INLINE int
1954 router_hex_digest_matches(routerinfo_t *router, const char *hexdigest)
1955 {
1956 return hex_digest_matches(hexdigest, router->cache_info.identity_digest,
1957 router->nickname, router->is_named);
1958 }
1959
1960 /** Return true if <b>router</b>'s nickname matches <b>nickname</b>
1961 * (case-insensitive), or if <b>router's</b> identity key digest
1962 * matches a hexadecimal value stored in <b>nickname</b>. Return
1963 * false otherwise. */
1964 static int
1965 router_nickname_matches(routerinfo_t *router, const char *nickname)
1966 {
1967 if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
1968 return 1;
1969 return router_hex_digest_matches(router, nickname);
1970 }
1971
1972 /** Return the router in our routerlist whose (case-insensitive)
1973 * nickname or (case-sensitive) hexadecimal key digest is
1974 * <b>nickname</b>. Return NULL if no such router is known.
1975 */
1976 routerinfo_t *
1977 router_get_by_nickname(const char *nickname, int warn_if_unnamed)
1978 {
1979 int maybedigest;
1980 char digest[DIGEST_LEN];
1981 routerinfo_t *best_match=NULL;
1982 int n_matches = 0;
1983 const char *named_digest = NULL;
1984
1985 tor_assert(nickname);
1986 if (!routerlist)
1987 return NULL;
1988 if (nickname[0] == '$')
1989 return router_get_by_hexdigest(nickname);
1990 if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1991 return NULL;
1992
1993 maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) &&
1994 (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
1995
1996 if ((named_digest = networkstatus_get_router_digest_by_nickname(nickname))) {
1997 return rimap_get(routerlist->identity_map, named_digest);
1998 }
1999 if (networkstatus_nickname_is_unnamed(nickname))
2000 return NULL;
2001
2002 /* If we reach this point, there's no canonical value for the nickname. */
2003
2004 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2005 {
2006 if (!strcasecmp(router->nickname, nickname)) {
2007 ++n_matches;
2008 if (n_matches <= 1 || router->is_running)
2009 best_match = router;
2010 } else if (maybedigest &&
2011 !memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)
2012 ) {
2013 if (router_hex_digest_matches(router, nickname))
2014 return router;
2015 /* If we reach this point, we have a ID=name syntax that matches the
2016 * identity but not the name. That isn't an acceptable match. */
2017 }
2018 });
2019
2020 if (best_match) {
2021 if (warn_if_unnamed && n_matches > 1) {
2022 smartlist_t *fps = smartlist_create();
2023 int any_unwarned = 0;
2024 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2025 {
2026 routerstatus_t *rs;
2027 char *desc;
2028 size_t dlen;
2029 char fp[HEX_DIGEST_LEN+1];
2030 if (strcasecmp(router->nickname, nickname))
2031 continue;
2032 rs = router_get_consensus_status_by_id(
2033 router->cache_info.identity_digest);
2034 if (rs && !rs->name_lookup_warned) {
2035 rs->name_lookup_warned = 1;
2036 any_unwarned = 1;
2037 }
2038 base16_encode(fp, sizeof(fp),
2039 router->cache_info.identity_digest, DIGEST_LEN);
2040 dlen = 32 + HEX_DIGEST_LEN + strlen(router->address);
2041 desc = tor_malloc(dlen);
2042 tor_snprintf(desc, dlen, "\"$%s\" for the one at %s:%d",
2043 fp, router->address, router->or_port);
2044 smartlist_add(fps, desc);
2045 });
2046 if (any_unwarned) {
2047 char *alternatives = smartlist_join_strings(fps, "; ",0,NULL);
2048 log_warn(LD_CONFIG,
2049 "There are multiple matches for the nickname \"%s\","
2050 " but none is listed as named by the directory authorities. "
2051 "Choosing one arbitrarily. If you meant one in particular, "
2052 "you should say %s.", nickname, alternatives);
2053 tor_free(alternatives);
2054 }
2055 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
2056 smartlist_free(fps);
2057 } else if (warn_if_unnamed) {
2058 routerstatus_t *rs = router_get_consensus_status_by_id(
2059 best_match->cache_info.identity_digest);
2060 if (rs && !rs->name_lookup_warned) {
2061 char fp[HEX_DIGEST_LEN+1];
2062 base16_encode(fp, sizeof(fp),
2063 best_match->cache_info.identity_digest, DIGEST_LEN);
2064 log_warn(LD_CONFIG, "You specified a server \"%s\" by name, but this "
2065 "name is not registered, so it could be used by any server, "
2066 "not just the one you meant. "
2067 "To make sure you get the same server in the future, refer to "
2068 "it by key, as \"$%s\".", nickname, fp);
2069 rs->name_lookup_warned = 1;
2070 }
2071 }
2072 return best_match;
2073 }
2074
2075 return NULL;
2076 }
2077
2078 /** Try to find a routerinfo for <b>digest</b>. If we don't have one,
2079 * return 1. If we do, ask tor_version_as_new_as() for the answer.
2080 */
2081 int
2082 router_digest_version_as_new_as(const char *digest, const char *cutoff)
2083 {
2084 routerinfo_t *router = router_get_by_digest(digest);
2085 if (!router)
2086 return 1;
2087 return tor_version_as_new_as(router->platform, cutoff);
2088 }
2089
2090 /** Return true iff <b>digest</b> is the digest of the identity key of a
2091 * trusted directory matching at least one bit of <b>type</b>. If <b>type</b>
2092 * is zero, any authority is okay. */
2093 int
2094 router_digest_is_trusted_dir_type(const char *digest, authority_type_t type)
2095 {
2096 if (!trusted_dir_servers)
2097 return 0;
2098 if (authdir_mode(get_options()) && router_digest_is_me(digest))
2099 return 1;
2100 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2101 if (!memcmp(digest, ent->digest, DIGEST_LEN)) {
2102 return (!type) || ((type & ent->type) != 0);
2103 });
2104 return 0;
2105 }
2106
2107 /** Return true iff <b>addr</b> is the address of one of our trusted
2108 * directory authorities. */
2109 int
2110 router_addr_is_trusted_dir(uint32_t addr)
2111 {
2112 if (!trusted_dir_servers)
2113 return 0;
2114 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2115 if (ent->addr == addr)
2116 return 1;
2117 );
2118 return 0;
2119 }
2120
2121 /** If hexdigest is correctly formed, base16_decode it into
2122 * digest, which must have DIGEST_LEN space in it.
2123 * Return 0 on success, -1 on failure.
2124 */
2125 int
2126 hexdigest_to_digest(const char *hexdigest, char *digest)
2127 {
2128 if (hexdigest[0]=='$')
2129 ++hexdigest;
2130 if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2131 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
2132 return -1;
2133 return 0;
2134 }
2135
2136 /** Return the router in our routerlist whose hexadecimal key digest
2137 * is <b>hexdigest</b>. Return NULL if no such router is known. */
2138 routerinfo_t *
2139 router_get_by_hexdigest(const char *hexdigest)
2140 {
2141 char digest[DIGEST_LEN];
2142 size_t len;
2143 routerinfo_t *ri;
2144
2145 tor_assert(hexdigest);
2146 if (!routerlist)
2147 return NULL;
2148 if (hexdigest[0]=='$')
2149 ++hexdigest;
2150 len = strlen(hexdigest);
2151 if (hexdigest_to_digest(hexdigest, digest) < 0)
2152 return NULL;
2153
2154 ri = router_get_by_digest(digest);
2155
2156 if (ri && len > HEX_DIGEST_LEN) {
2157 if (hexdigest[HEX_DIGEST_LEN] == '=') {
2158 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1) ||
2159 !ri->is_named)
2160 return NULL;
2161 } else if (hexdigest[HEX_DIGEST_LEN] == '~') {
2162 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1))
2163 return NULL;
2164 } else {
2165 return NULL;
2166 }
2167 }
2168
2169 return ri;
2170 }
2171
2172 /** Return the router in our routerlist whose 20-byte key digest
2173 * is <b>digest</b>. Return NULL if no such router is known. */
2174 routerinfo_t *
2175 router_get_by_digest(const char *digest)
2176 {
2177 tor_assert(digest);
2178
2179 if (!routerlist) return NULL;
2180
2181 // routerlist_assert_ok(routerlist);
2182
2183 return rimap_get(routerlist->identity_map, digest);
2184 }
2185
2186 /** Return the router in our routerlist whose 20-byte descriptor
2187 * is <b>digest</b>. Return NULL if no such router is known. */
2188 signed_descriptor_t *
2189 router_get_by_descriptor_digest(const char *digest)
2190 {
2191 tor_assert(digest);
2192
2193 if (!routerlist) return NULL;
2194
2195 return sdmap_get(routerlist->desc_digest_map, digest);
2196 }
2197
2198 /** Return the signed descriptor for the router in our routerlist whose
2199 * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
2200 * is known. */
2201 signed_descriptor_t *
2202 router_get_by_extrainfo_digest(const char *digest)
2203 {
2204 tor_assert(digest);
2205
2206 if (!routerlist) return NULL;
2207
2208 return sdmap_get(routerlist->desc_by_eid_map, digest);
2209 }
2210
2211 /** Return the signed descriptor for the extrainfo_t in our routerlist whose
2212 * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
2213 * document is known. */
2214 signed_descriptor_t *
2215 extrainfo_get_by_descriptor_digest(const char *digest)
2216 {
2217 extrainfo_t *ei;
2218 tor_assert(digest);
2219 if (!routerlist) return NULL;
2220 ei = eimap_get(routerlist->extra_info_map, digest);
2221 return ei ? &ei->cache_info : NULL;
2222 }
2223
2224 /** Return a pointer to the signed textual representation of a descriptor.
2225 * The returned string is not guaranteed to be NUL-terminated: the string's
2226 * length will be in desc-\>signed_descriptor_len.
2227 *
2228 * If <b>with_annotations</b> is set, the returned string will include
2229 * the annotations
2230 * (if any) preceding the descriptor. This will increase the length of the
2231 * string by desc-\>annotations_len.
2232 *
2233 * The caller must not free the string returned.
2234 */
2235 static const char *
2236 signed_descriptor_get_body_impl(signed_descriptor_t *desc,
2237 int with_annotations)
2238 {
2239 const char *r = NULL;
2240 size_t len = desc->signed_descriptor_len;
2241 off_t offset = desc->saved_offset;
2242 if (with_annotations)
2243 len += desc->annotations_len;
2244 else
2245 offset += desc->annotations_len;
2246
2247 tor_assert(len > 32);
2248 if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
2249 desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
2250 if (store && store->mmap) {
2251 tor_assert(desc->saved_offset + len <= store->mmap->size);
2252 r = store->mmap->data + offset;
2253 } else if (store) {
2254 log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
2255 "mmaped in our cache. Is another process running in our data "
2256 "directory? Exiting.");
2257 exit(1);
2258 }
2259 }
2260 if (!r) /* no mmap, or not in cache. */
2261 r = desc->signed_descriptor_body +
2262 (with_annotations ? 0 : desc->annotations_len);
2263
2264 tor_assert(r);
2265 if (!with_annotations) {
2266 if (memcmp("router ", r, 7) && memcmp("extra-info ", r, 11)) {
2267 char *cp = tor_strndup(r, 64);
2268 log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
2269 "Is another process running in our data directory? Exiting.",
2270 desc, escaped(cp));
2271 exit(1);
2272 }
2273 }
2274
2275 return r;
2276 }
2277
2278 /** Return a pointer to the signed textual representation of a descriptor.
2279 * The returned string is not guaranteed to be NUL-terminated: the string's
2280 * length will be in desc-\>signed_descriptor_len.
2281 *
2282 * The caller must not free the string returned.
2283 */
2284 const char *
2285 signed_descriptor_get_body(signed_descriptor_t *desc)
2286 {
2287 return signed_descriptor_get_body_impl(desc, 0);
2288 }
2289
2290 /** As signed_descriptor_get_body(), but points to the beginning of the
2291 * annotations section rather than the beginning of the descriptor. */
2292 const char *
2293 signed_descriptor_get_annotations(signed_descriptor_t *desc)
2294 {
2295 return signed_descriptor_get_body_impl(desc, 1);
2296 }
2297
2298 /** Return the current list of all known routers. */
2299 routerlist_t *
2300 router_get_routerlist(void)
2301 {
2302 if (PREDICT_UNLIKELY(!routerlist)) {
2303 routerlist = tor_malloc_zero(sizeof(routerlist_t));
2304 routerlist->routers = smartlist_create();
2305 routerlist->old_routers = smartlist_create();
2306 routerlist->identity_map = rimap_new();
2307 routerlist->desc_digest_map = sdmap_new();
2308 routerlist->desc_by_eid_map = sdmap_new();
2309 routerlist->extra_info_map = eimap_new();
2310
2311 routerlist->desc_store.fname_base = "cached-descriptors";
2312 routerlist->desc_store.fname_alt_base = "cached-routers";
2313 routerlist->extrainfo_store.fname_base = "cached-extrainfo";
2314
2315 routerlist->desc_store.type = ROUTER_STORE;
2316 routerlist->extrainfo_store.type = EXTRAINFO_STORE;
2317
2318 routerlist->desc_store.description = "router descriptors";
2319 routerlist->extrainfo_store.description = "extra-info documents";
2320 }
2321 return routerlist;
2322 }
2323
2324 /** Free all storage held by <b>router</b>. */
2325 void
2326 routerinfo_free(routerinfo_t *router)
2327 {
2328 if (!router)
2329 return;
2330
2331 tor_free(router->cache_info.signed_descriptor_body);
2332 tor_free(router->address);
2333 tor_free(router->nickname);
2334 tor_free(router->platform);
2335 tor_free(router->contact_info);
2336 if (router->onion_pkey)
2337 crypto_free_pk_env(router->onion_pkey);
2338 if (router->identity_pkey)
2339 crypto_free_pk_env(router->identity_pkey);
2340 if (router->declared_family) {
2341 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
2342 smartlist_free(router->declared_family);
2343 }
2344 addr_policy_list_free(router->exit_policy);
2345
2346 /* XXXX Remove if this turns out to affect performance. */
2347 memset(router, 77, sizeof(routerinfo_t));
2348
2349 tor_free(router);
2350 }
2351
2352 /** Release all storage held by <b>extrainfo</b> */
2353 void
2354 extrainfo_free(extrainfo_t *extrainfo)
2355 {
2356 if (!extrainfo)
2357 return;
2358 tor_free(extrainfo->cache_info.signed_descriptor_body);
2359 tor_free(extrainfo->pending_sig);
2360
2361 /* XXXX remove this if it turns out to slow us down. */
2362 memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
2363 tor_free(extrainfo);
2364 }
2365
2366 /** Release storage held by <b>sd</b>. */
2367 static void
2368 signed_descriptor_free(signed_descriptor_t *sd)
2369 {
2370 tor_free(sd->signed_descriptor_body);
2371
2372 /* XXXX remove this once more bugs go away. */
2373 memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
2374 tor_free(sd);
2375 }
2376
2377 /** Extract a signed_descriptor_t from a routerinfo, and free the routerinfo.
2378 */
2379 static signed_descriptor_t *
2380 signed_descriptor_from_routerinfo(routerinfo_t *ri)
2381 {
2382 signed_descriptor_t *sd = tor_malloc_zero(sizeof(signed_descriptor_t));
2383 memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t));
2384 sd->routerlist_index = -1;
2385 ri->cache_info.signed_descriptor_body = NULL;
2386 routerinfo_free(ri);
2387 return sd;
2388 }
2389
2390 /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
2391 static void
2392 _extrainfo_free(void *e)
2393 {
2394 extrainfo_free(e);
2395 }
2396
2397 /** Free all storage held by a routerlist <b>rl</b>. */
2398 void
2399 routerlist_free(routerlist_t *rl)
2400 {
2401 tor_assert(rl);
2402 rimap_free(rl->identity_map, NULL);
2403 sdmap_free(rl->desc_digest_map, NULL);
2404 sdmap_free(rl->desc_by_eid_map, NULL);
2405 eimap_free(rl->extra_info_map, _extrainfo_free);
2406 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2407 routerinfo_free(r));
2408 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
2409 signed_descriptor_free(sd));
2410 smartlist_free(rl->routers);
2411 smartlist_free(rl->old_routers);
2412 if (routerlist->desc_store.mmap)
2413 tor_munmap_file(routerlist->desc_store.mmap);
2414 if (routerlist->extrainfo_store.mmap)
2415 tor_munmap_file(routerlist->extrainfo_store.mmap);
2416 tor_free(rl);
2417
2418 router_dir_info_changed();
2419 }
2420
2421 /** Log information about how much memory is being used for routerlist,
2422 * at log level <b>severity</b>. */
2423 void
2424 dump_routerlist_mem_usage(int severity)
2425 {
2426 uint64_t livedescs = 0;
2427 uint64_t olddescs = 0;
2428 if (!routerlist)
2429 return;
2430 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
2431 livedescs += r->cache_info.signed_descriptor_len);
2432 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2433 olddescs += sd->signed_descriptor_len);
2434
2435 log(severity, LD_DIR,
2436 "In %d live descriptors: "U64_FORMAT" bytes. "
2437 "In %d old descriptors: "U64_FORMAT" bytes.",
2438 smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
2439 smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
2440
2441 #if 0
2442 {
2443 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2444 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2445 log(severity, LD_DIR, "Now let's look through old_descriptors!");
2446 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd, {
2447 int in_v2 = 0;
2448 int in_v3 = 0;
2449 char published[ISO_TIME_LEN+1];
2450 char last_valid_until[ISO_TIME_LEN+1];
2451 char last_served_at[ISO_TIME_LEN+1];
2452 char id[HEX_DIGEST_LEN+1];
2453 routerstatus_t *rs;
2454 format_iso_time(published, sd->published_on);
2455 format_iso_time(last_valid_until, sd->last_listed_as_valid_until);
2456 format_iso_time(last_served_at, sd->last_served_at);
2457 base16_encode(id, sizeof(id), sd->identity_digest, DIGEST_LEN);
2458 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
2459 {
2460 rs = networkstatus_v2_find_entry(ns, sd->identity_digest);
2461 if (rs && !memcmp(rs->descriptor_digest,
2462 sd->signed_descriptor_digest, DIGEST_LEN)) {
2463 in_v2 = 1; break;
2464 }
2465 });
2466 if (consensus) {
2467 rs = networkstatus_vote_find_entry(consensus, sd->identity_digest);
2468 if (rs && !memcmp(rs->descriptor_digest,
2469 sd->signed_descriptor_digest, DIGEST_LEN))
2470 in_v3 = 1;
2471 }
2472 log(severity, LD_DIR,
2473 "Old descriptor for %s (published %s) %sin v2 ns, %sin v3 "
2474 "consensus. Last valid until %s; last served at %s.",
2475 id, published, in_v2 ? "" : "not ", in_v3 ? "" : "not ",
2476 last_valid_until, last_served_at);
2477 });
2478 }
2479 #endif
2480 }
2481
2482 /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
2483 * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
2484 * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
2485 * is not in <b>sl</b>. */
2486 static INLINE int
2487 _routerlist_find_elt(smartlist_t *sl, void *ri, int idx)
2488 {
2489 if (idx < 0) {
2490 idx = -1;
2491 SMARTLIST_FOREACH(sl, routerinfo_t *, r,
2492 if (r == ri) {
2493 idx = r_sl_idx;
2494 break;
2495 });
2496 } else {
2497 tor_assert(idx < smartlist_len(sl));
2498 tor_assert(smartlist_get(sl, idx) == ri);
2499 };
2500 return idx;
2501 }
2502
2503 /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
2504 * as needed. There must be no previous member of <b>rl</b> with the same
2505 * identity digest as <b>ri</b>: If there is, call routerlist_replace
2506 * instead.
2507 */
2508 static void
2509 routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
2510 {
2511 routerinfo_t *ri_old;
2512 {
2513 /* XXXX Remove if this slows us down. */
2514 routerinfo_t *ri_generated = router_get_my_routerinfo();
2515 tor_assert(ri_generated != ri);
2516 }
2517 tor_assert(ri->cache_info.routerlist_index == -1);
2518
2519 ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
2520 tor_assert(!ri_old);
2521 sdmap_set(rl->desc_digest_map, ri->cache_info.signed_descriptor_digest,
2522 &(ri->cache_info));
2523 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2524 sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
2525 &ri->cache_info);
2526 smartlist_add(rl->routers, ri);
2527 ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
2528 router_dir_info_changed();
2529 #ifdef DEBUG_ROUTERLIST
2530 routerlist_assert_ok(rl);
2531 #endif
2532 }
2533
2534 /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
2535 * corresponding router in rl-\>routers or rl-\>old_routers. Return true iff
2536 * we actually inserted <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
2537 static int
2538 extrainfo_insert(routerlist_t *rl, extrainfo_t *ei)
2539 {
2540 int r = 0;
2541 routerinfo_t *ri = rimap_get(rl->identity_map,
2542 ei->cache_info.identity_digest);
2543 signed_descriptor_t *sd =
2544 sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
2545 extrainfo_t *ei_tmp;
2546
2547 {
2548 /* XXXX remove this code if it slows us down. */
2549 extrainfo_t *ei_generated = router_get_my_extrainfo();
2550 tor_assert(ei_generated != ei);
2551 }
2552
2553 if (!ri) {
2554 /* This router is unknown; we can't even verify the signature. Give up.*/
2555 goto done;
2556 }
2557 if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, NULL)) {
2558 goto done;
2559 }
2560
2561 /* Okay, if we make it here, we definitely have a router corresponding to
2562 * this extrainfo. */
2563
2564 ei_tmp = eimap_set(rl->extra_info_map,
2565 ei->cache_info.signed_descriptor_digest,
2566 ei);
2567 r = 1;
2568 if (ei_tmp) {
2569 rl->extrainfo_store.bytes_dropped +=
2570 ei_tmp->cache_info.signed_descriptor_len;
2571 extrainfo_free(ei_tmp);
2572 }
2573
2574 done:
2575 if (r == 0)
2576 extrainfo_free(ei);
2577
2578 #ifdef DEBUG_ROUTERLIST
2579 routerlist_assert_ok(rl);
2580 #endif
2581 return r;
2582 }
2583
2584 #define should_cache_old_descriptors() \
2585 directory_caches_dir_info(get_options())
2586
2587 /** If we're a directory cache and routerlist <b>rl</b> doesn't have
2588 * a copy of router <b>ri</b> yet, add it to the list of old (not
2589 * recommended but still served) descriptors. Else free it. */
2590 static void
2591 routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
2592 {
2593 {
2594 /* XXXX remove this code if it slows us down. */
2595 routerinfo_t *ri_generated = router_get_my_routerinfo();
2596 tor_assert(ri_generated != ri);
2597 }
2598 tor_assert(ri->cache_info.routerlist_index == -1);
2599
2600 if (should_cache_old_descriptors() &&
2601 ri->purpose == ROUTER_PURPOSE_GENERAL &&
2602 !sdmap_get(rl->desc_digest_map,
2603 ri->cache_info.signed_descriptor_digest)) {
2604 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
2605 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2606 smartlist_add(rl->old_routers, sd);
2607 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2608 if (!tor_digest_is_zero(sd->extra_info_digest))
2609 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2610 } else {
2611 routerinfo_free(ri);
2612 }
2613 #ifdef DEBUG_ROUTERLIST
2614 routerlist_assert_ok(rl);
2615 #endif
2616 }
2617
2618 /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
2619 * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl-&gt;routers,
2620 * idx) == ri, we don't need to do a linear search over the list to decide
2621 * which to remove. We fill the gap in rl-&gt;routers with a later element in
2622 * the list, if any exists. <b>ri</b> is freed.
2623 *
2624 * If <b>make_old</b> is true, instead of deleting the router, we try adding
2625 * it to rl-&gt;old_routers. */
2626 void
2627 routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
2628 {
2629 routerinfo_t *ri_tmp;
2630 extrainfo_t *ei_tmp;
2631 int idx = ri->cache_info.routerlist_index;
2632 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2633 tor_assert(smartlist_get(rl->routers, idx) == ri);
2634
2635 /* make sure the rephist module knows that it's not running */
2636 rep_hist_note_router_unreachable(ri->cache_info.identity_digest, now);
2637
2638 ri->cache_info.routerlist_index = -1;
2639 smartlist_del(rl->routers, idx);
2640 if (idx < smartlist_len(rl->routers)) {
2641 routerinfo_t *r = smartlist_get(rl->routers, idx);
2642 r->cache_info.routerlist_index = idx;
2643 }
2644
2645 ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
2646 router_dir_info_changed();
2647 tor_assert(ri_tmp == ri);
2648
2649 if (make_old && should_cache_old_descriptors() &&
2650 ri->purpose == ROUTER_PURPOSE_GENERAL) {
2651 signed_descriptor_t *sd;
2652 sd = signed_descriptor_from_routerinfo(ri);
2653 smartlist_add(rl->old_routers, sd);
2654 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2655 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2656 if (!tor_digest_is_zero(sd->extra_info_digest))
2657 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2658 } else {
2659 signed_descriptor_t *sd_tmp;
2660 sd_tmp = sdmap_remove(rl->desc_digest_map,
2661 ri->cache_info.signed_descriptor_digest);
2662 tor_assert(sd_tmp == &(ri->cache_info));
2663 rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
2664 ei_tmp = eimap_remove(rl->extra_info_map,
2665 ri->cache_info.extra_info_digest);
2666 if (ei_tmp) {
2667 rl->extrainfo_store.bytes_dropped +=
2668 ei_tmp->cache_info.signed_descriptor_len;
2669 extrainfo_free(ei_tmp);
2670 }
2671 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2672 sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
2673 routerinfo_free(ri);
2674 }
2675 #ifdef DEBUG_ROUTERLIST
2676 routerlist_assert_ok(rl);
2677 #endif
2678 }
2679
2680 /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
2681 * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
2682 * <b>sd</b>. */
2683 static void
2684 routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
2685 {
2686 signed_descriptor_t *sd_tmp;
2687 extrainfo_t *ei_tmp;
2688 desc_store_t *store;
2689 if (idx == -1) {
2690 idx = sd->routerlist_index;
2691 }
2692 tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
2693 /* XXXX edmanm's bridge relay triggered the following assert while
2694 * running 0.2.0.12-alpha. If anybody triggers this again, see if we
2695 * can get a backtrace. */
2696 tor_assert(smartlist_get(rl->old_routers, idx) == sd);
2697 tor_assert(idx == sd->routerlist_index);
2698
2699 sd->routerlist_index = -1;
2700 smartlist_del(rl->old_routers, idx);
2701 if (idx < smartlist_len(rl->old_routers)) {
2702 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
2703 d->routerlist_index = idx;
2704 }
2705 sd_tmp = sdmap_remove(rl->desc_digest_map,
2706 sd->signed_descriptor_digest);
2707 tor_assert(sd_tmp == sd);
2708 store = desc_get_store(rl, sd);
2709 if (store)
2710 store->bytes_dropped += sd->signed_descriptor_len;
2711
2712 ei_tmp = eimap_remove(rl->extra_info_map,
2713 sd->extra_info_digest);
2714 if (ei_tmp) {
2715 rl->extrainfo_store.bytes_dropped +=
2716 ei_tmp->cache_info.signed_descriptor_len;
2717 extrainfo_free(ei_tmp);
2718 }
2719 if (!tor_digest_is_zero(sd->extra_info_digest))
2720 sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
2721
2722 signed_descriptor_free(sd);
2723 #ifdef DEBUG_ROUTERLIST
2724 routerlist_assert_ok(rl);
2725 #endif
2726 }
2727
2728 /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
2729 * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
2730 * smartlist_get(rl-&gt;routers, idx) == ri, we don't need to do a linear
2731 * search over the list to decide which to remove. We put ri_new in the same
2732 * index as ri_old, if possible. ri is freed as appropriate.
2733 *
2734 * If should_cache_descriptors() is true, instead of deleting the router,
2735 * we add it to rl-&gt;old_routers. */
2736 static void
2737 routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
2738 routerinfo_t *ri_new)
2739 {
2740 int idx;
2741
2742 routerinfo_t *ri_tmp;
2743 extrainfo_t *ei_tmp;
2744 {
2745 /* XXXX Remove this if it turns out to slow us down. */
2746 routerinfo_t *ri_generated = router_get_my_routerinfo();
2747 tor_assert(ri_generated != ri_new);
2748 }
2749 tor_assert(ri_old != ri_new);
2750 tor_assert(ri_new->cache_info.routerlist_index == -1);
2751
2752 idx = ri_old->cache_info.routerlist_index;
2753 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2754 tor_assert(smartlist_get(rl->routers, idx) == ri_old);
2755
2756 router_dir_info_changed();
2757 if (idx >= 0) {
2758 smartlist_set(rl->routers, idx, ri_new);
2759 ri_old->cache_info.routerlist_index = -1;
2760 ri_new->cache_info.routerlist_index = idx;
2761 /* Check that ri_old is not in rl->routers anymore: */
2762 tor_assert( _routerlist_find_elt(rl->routers, ri_old, -1) == -1 );
2763 } else {
2764 log_warn(LD_BUG, "Appending entry from routerlist_replace.");
2765 routerlist_insert(rl, ri_new);
2766 return;
2767 }
2768 if (memcmp(ri_old->cache_info.identity_digest,
2769 ri_new->cache_info.identity_digest, DIGEST_LEN)) {
2770 /* digests don't match; digestmap_set won't replace */
2771 rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
2772 }
2773 ri_tmp = rimap_set(rl->identity_map,
2774 ri_new->cache_info.identity_digest, ri_new);
2775 tor_assert(!ri_tmp || ri_tmp == ri_old);
2776 sdmap_set(rl->desc_digest_map,
2777 ri_new->cache_info.signed_descriptor_digest,
2778 &(ri_new->cache_info));
2779
2780 if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
2781 sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
2782 &ri_new->cache_info);
2783 }
2784
2785 if (should_cache_old_descriptors() &&
2786 ri_old->purpose == ROUTER_PURPOSE_GENERAL) {
2787 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
2788 smartlist_add(rl->old_routers, sd);
2789 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2790 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2791 if (!tor_digest_is_zero(sd->extra_info_digest))
2792 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2793 } else {
2794 if (memcmp(ri_old->cache_info.signed_descriptor_digest,
2795 ri_new->cache_info.signed_descriptor_digest,
2796 DIGEST_LEN)) {
2797 /* digests don't match; digestmap_set didn't replace */
2798 sdmap_remove(rl->desc_digest_map,
2799 ri_old->cache_info.signed_descriptor_digest);
2800 }
2801
2802 ei_tmp = eimap_remove(rl->extra_info_map,
2803 ri_old->cache_info.extra_info_digest);
2804 if (ei_tmp) {
2805 rl->extrainfo_store.bytes_dropped +=
2806 ei_tmp->cache_info.signed_descriptor_len;
2807 extrainfo_free(ei_tmp);
2808 }
2809 if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
2810 sdmap_remove(rl->desc_by_eid_map,
2811 ri_old->cache_info.extra_info_digest);
2812 }
2813 rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
2814 routerinfo_free(ri_old);
2815 }
2816 #ifdef DEBUG_ROUTERLIST
2817 routerlist_assert_ok(rl);
2818 #endif
2819 }
2820
2821 /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
2822 * it as a fresh routerinfo_t. */
2823 static routerinfo_t *
2824 routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
2825 {
2826 routerinfo_t *ri;
2827 const char *body;
2828
2829 body = signed_descriptor_get_annotations(sd);
2830
2831 ri = router_parse_entry_from_string(body,
2832 body+sd->signed_descriptor_len+sd->annotations_len,
2833 0, 1, NULL);
2834 if (!ri)
2835 return NULL;
2836 memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
2837 sd->signed_descriptor_body = NULL; /* Steal reference. */
2838 ri->cache_info.routerlist_index = -1;
2839
2840 routerlist_remove_old(rl, sd, -1);
2841
2842 return ri;
2843 }
2844
2845 /** Free all memory held by the routerlist module. */
2846 void
2847 routerlist_free_all(void)
2848 {
2849 if (routerlist)
2850 routerlist_free(routerlist);
2851 routerlist = NULL;
2852 if (warned_nicknames) {
2853 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2854 smartlist_free(warned_nicknames);
2855 warned_nicknames = NULL;
2856 }
2857 if (trusted_dir_servers) {
2858 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
2859 trusted_dir_server_free(ds));
2860 smartlist_free(trusted_dir_servers);
2861 trusted_dir_servers = NULL;
2862 }
2863 if (trusted_dir_certs) {
2864 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
2865 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
2866 authority_cert_free(cert));
2867 smartlist_free(cl->certs);
2868 tor_free(cl);
2869 } DIGESTMAP_FOREACH_END;
2870 digestmap_free(trusted_dir_certs, NULL);
2871 trusted_dir_certs = NULL;
2872 }
2873 }
2874
2875 /** Forget that we have issued any router-related warnings, so that we'll
2876 * warn again if we see the same errors. */
2877 void
2878 routerlist_reset_warnings(void)
2879 {
2880 if (!warned_nicknames)
2881 warned_nicknames = smartlist_create();
2882 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2883 smartlist_clear(warned_nicknames); /* now the list is empty. */
2884
2885 networkstatus_reset_warnings();
2886 }
2887
2888 /** Mark the router with ID <b>digest</b> as running or non-running
2889 * in our routerlist. */
2890 void
2891 router_set_status(const char *digest, int up)
2892 {
2893 routerinfo_t *router;
2894 routerstatus_t *status;
2895 tor_assert(digest);
2896
2897 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
2898 if (!memcmp(d->digest, digest, DIGEST_LEN))
2899 d->is_running = up);
2900
2901 router = router_get_by_digest(digest);
2902 if (router) {
2903 log_debug(LD_DIR,"Marking router '%s/%s' as %s.",
2904 router->nickname, router->address, up ? "up" : "down");
2905 if (!up && router_is_me(router) && !we_are_hibernating())
2906 log_warn(LD_NET, "We just marked ourself as down. Are your external "
2907 "addresses reachable?");
2908 router->is_running = up;
2909 }
2910 status = router_get_consensus_status_by_id(digest);
2911 if (status && status->is_running != up) {
2912 status->is_running = up;
2913 control_event_networkstatus_changed_single(status);
2914 }
2915 router_dir_info_changed();
2916 }
2917
2918 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
2919 * older entries (if any) with the same key. Note: Callers should not hold
2920 * their pointers to <b>router</b> if this function fails; <b>router</b>
2921 * will either be inserted into the routerlist or freed. Similarly, even
2922 * if this call succeeds, they should not hold their pointers to
2923 * <b>router</b> after subsequent calls with other routerinfo's -- they
2924 * might cause the original routerinfo to get freed.
2925 *
2926 * Returns the status for the operation. Might set *<b>msg</b> if it wants
2927 * the poster of the router to know something.
2928 *
2929 * If <b>from_cache</b>, this descriptor came from our disk cache. If
2930 * <b>from_fetch</b>, we received it in response to a request we made.
2931 * (If both are false, that means it was uploaded to us as an auth dir
2932 * server or via the controller.)
2933 *
2934 * This function should be called *after*
2935 * routers_update_status_from_consensus_networkstatus; subsequently, you
2936 * should call router_rebuild_store and routerlist_descriptors_added.
2937 */
2938 was_router_added_t
2939 router_add_to_routerlist(routerinfo_t *router, const char **msg,
2940 int from_cache, int from_fetch)
2941 {
2942 const char *id_digest;
2943 int authdir = authdir_mode_handles_descs(get_options(), router->purpose);
2944 int authdir_believes_valid = 0;
2945 routerinfo_t *old_router;
2946 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2947 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2948 int in_consensus = 0;
2949
2950 tor_assert(msg);
2951
2952 if (!routerlist)
2953 router_get_routerlist();
2954
2955 id_digest = router->cache_info.identity_digest;
2956
2957 /* Make sure that we haven't already got this exact descriptor. */
2958 if (sdmap_get(routerlist->desc_digest_map,
2959 router->cache_info.signed_descriptor_digest)) {
2960 log_info(LD_DIR,
2961 "Dropping descriptor that we already have for router '%s'",
2962 router->nickname);
2963 *msg = "Router descriptor was not new.";
2964 routerinfo_free(router);
2965 return ROUTER_WAS_NOT_NEW;
2966 }
2967
2968 if (authdir) {
2969 if (authdir_wants_to_reject_router(router, msg,
2970 !from_cache && !from_fetch)) {
2971 tor_assert(*msg);
2972 routerinfo_free(router);
2973 return ROUTER_AUTHDIR_REJECTS;
2974 }
2975 authdir_believes_valid = router->is_valid;
2976 } else if (from_fetch) {
2977 /* Only check the descriptor digest against the network statuses when
2978 * we are receiving in response to a fetch. */
2979
2980 if (!signed_desc_digest_is_recognized(&router->cache_info) &&
2981 !routerinfo_is_a_configured_bridge(router)) {
2982 /* We asked for it, so some networkstatus must have listed it when we
2983 * did. Save it if we're a cache in case somebody else asks for it. */
2984 log_info(LD_DIR,
2985 "Received a no-longer-recognized descriptor for router '%s'",
2986 router->nickname);
2987 *msg = "Router descriptor is not referenced by any network-status.";
2988
2989 /* Only journal this desc if we'll be serving it. */
2990 if (!from_cache && should_cache_old_descriptors())
2991 signed_desc_append_to_journal(&router->cache_info,
2992 &routerlist->desc_store);
2993 routerlist_insert_old(routerlist, router);
2994 return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
2995 }
2996 }
2997
2998 /* We no longer need a router with this descriptor digest. */
2999 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3000 {
3001 routerstatus_t *rs =
3002 networkstatus_v2_find_entry(ns, router->cache_info.identity_digest);
3003 if (rs && !memcmp(rs->descriptor_digest,
3004 router->cache_info.signed_descriptor_digest,
3005 DIGEST_LEN))
3006 rs->need_to_mirror = 0;
3007 });
3008 if (consensus) {
3009 routerstatus_t *rs = networkstatus_vote_find_entry(consensus,
3010 router->cache_info.identity_digest);
3011 if (rs && !memcmp(rs->descriptor_digest,
3012 router->cache_info.signed_descriptor_digest,
3013 DIGEST_LEN)) {
3014 in_consensus = 1;
3015 rs->need_to_mirror = 0;
3016 }
3017 }
3018
3019 if (router->purpose == ROUTER_PURPOSE_GENERAL &&
3020 consensus && !in_consensus && !authdir) {
3021 /* If it's a general router not listed in the consensus, then don't
3022 * consider replacing the latest router with it. */
3023 if (!from_cache && should_cache_old_descriptors())
3024 signed_desc_append_to_journal(&router->cache_info,
3025 &routerlist->desc_store);
3026 routerlist_insert_old(routerlist, router);
3027 *msg = "Skipping router descriptor: not in consensus.";
3028 return ROUTER_NOT_IN_CONSENSUS;
3029 }
3030
3031 /* If we have a router with the same identity key, choose the newer one. */
3032 old_router = rimap_get(routerlist->identity_map,
3033 router->cache_info.identity_digest);
3034 if (old_router) {
3035 if (!in_consensus && (router->cache_info.published_on <=
3036 old_router->cache_info.published_on)) {
3037 /* Same key, but old. This one is not listed in the consensus. */
3038 log_debug(LD_DIR, "Skipping not-new descriptor for router '%s'",
3039 router->nickname);
3040 /* Only journal this desc if we'll be serving it. */
3041 if (!from_cache && should_cache_old_descriptors())
3042 signed_desc_append_to_journal(&router->cache_info,
3043 &routerlist->desc_store);
3044 routerlist_insert_old(routerlist, router);
3045 *msg = "Router descriptor was not new.";
3046 return ROUTER_WAS_NOT_NEW;
3047 } else {
3048 /* Same key, and either new, or listed in the consensus. */
3049 log_debug(LD_DIR, "Replacing entry for router '%s/%s' [%s]",
3050 router->nickname, old_router->nickname,
3051 hex_str(id_digest,DIGEST_LEN));
3052 if (router->addr == old_router->addr &&
3053 router->or_port == old_router->or_port) {
3054 /* these carry over when the address and orport are unchanged. */
3055 router->last_reachable = old_router->last_reachable;
3056 router->testing_since = old_router->testing_since;
3057 }
3058 routerlist_replace(routerlist, old_router, router);
3059 if (!from_cache) {
3060 signed_desc_append_to_journal(&router->cache_info,
3061 &routerlist->desc_store);
3062 }
3063 directory_set_dirty();
3064 *msg = authdir_believes_valid ? "Valid server updated" :
3065 ("Invalid server updated. (This dirserver is marking your "
3066 "server as unapproved.)");
3067 return ROUTER_ADDED_SUCCESSFULLY;
3068 }
3069 }
3070
3071 if (!in_consensus && from_cache &&
3072 router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
3073 *msg = "Router descriptor was really old.";
3074 routerinfo_free(router);
3075 return ROUTER_WAS_NOT_NEW;
3076 }
3077
3078 /* We haven't seen a router with this identity before. Add it to the end of
3079 * the list. */
3080 routerlist_insert(routerlist, router);
3081 if (!from_cache)
3082 signed_desc_append_to_journal(&router->cache_info,
3083 &routerlist->desc_store);
3084 directory_set_dirty();
3085 return ROUTER_ADDED_SUCCESSFULLY;
3086 }
3087
3088 /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
3089 * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
3090 * we actually inserted it, ROUTER_BAD_EI otherwise.
3091 */
3092 was_router_added_t
3093 router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
3094 int from_cache, int from_fetch)
3095 {
3096 int inserted;
3097 (void)from_fetch;
3098 if (msg) *msg = NULL;
3099 /*XXXX022 Do something with msg */
3100
3101 inserted = extrainfo_insert(router_get_routerlist(), ei);
3102
3103 if (inserted && !from_cache)
3104 signed_desc_append_to_journal(&ei->cache_info,
3105 &routerlist->extrainfo_store);
3106
3107 if (inserted)
3108 return ROUTER_ADDED_SUCCESSFULLY;
3109 else
3110 return ROUTER_BAD_EI;
3111 }
3112
3113 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
3114 * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
3115 * to, or later than that of *<b>b</b>. */
3116 static int
3117 _compare_old_routers_by_identity(const void **_a, const void **_b)
3118 {
3119 int i;
3120 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
3121 if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
3122 return i;
3123 return (int)(r1->published_on - r2->published_on);
3124 }
3125
3126 /** Internal type used to represent how long an old descriptor was valid,
3127 * where it appeared in the list of old descriptors, and whether it's extra
3128 * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
3129 struct duration_idx_t {
3130 int duration;
3131 int idx;
3132 int old;
3133 };
3134
3135 /** Sorting helper: compare two duration_idx_t by their duration. */
3136 static int
3137 _compare_duration_idx(const void *_d1, const void *_d2)
3138 {
3139 const struct duration_idx_t *d1 = _d1;
3140 const struct duration_idx_t *d2 = _d2;
3141 return d1->duration - d2->duration;
3142 }
3143
3144 /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
3145 * must contain routerinfo_t with the same identity and with publication time
3146 * in ascending order. Remove members from this range until there are no more
3147 * than max_descriptors_per_router() remaining. Start by removing the oldest
3148 * members from before <b>cutoff</b>, then remove members which were current
3149 * for the lowest amount of time. The order of members of old_routers at
3150 * indices <b>lo</b> or higher may be changed.
3151 */
3152 static void
3153 routerlist_remove_old_cached_routers_with_id(time_t now,
3154 time_t cutoff, int lo, int hi,
3155 digestset_t *retain)
3156 {
3157 int i, n = hi-lo+1;
3158 unsigned n_extra, n_rmv = 0;
3159 struct duration_idx_t *lifespans;
3160 uint8_t *rmv, *must_keep;
3161 smartlist_t *lst = routerlist->old_routers;
3162 #if 1
3163 const char *ident;
3164 tor_assert(hi < smartlist_len(lst));
3165 tor_assert(lo <= hi);
3166 ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
3167 for (i = lo+1; i <= hi; ++i) {
3168 signed_descriptor_t *r = smartlist_get(lst, i);
3169 tor_assert(!memcmp(ident, r->identity_digest, DIGEST_LEN));
3170 }
3171 #endif
3172 /* Check whether we need to do anything at all. */
3173 {
3174 int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
3175 if (n <= mdpr)
3176 return;
3177 n_extra = n - mdpr;
3178 }
3179
3180 lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
3181 rmv = tor_malloc_zero(sizeof(uint8_t)*n);
3182 must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
3183 /* Set lifespans to contain the lifespan and index of each server. */
3184 /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
3185 for (i = lo; i <= hi; ++i) {
3186 signed_descriptor_t *r = smartlist_get(lst, i);
3187 signed_descriptor_t *r_next;
3188 lifespans[i-lo].idx = i;
3189 if (r->last_listed_as_valid_until >= now ||
3190 (retain && digestset_isin(retain, r->signed_descriptor_digest))) {
3191 must_keep[i-lo] = 1;
3192 }
3193 if (i < hi) {
3194 r_next = smartlist_get(lst, i+1);
3195 tor_assert(r->published_on <= r_next->published_on);
3196 lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
3197 } else {
3198 r_next = NULL;
3199 lifespans[i-lo].duration = INT_MAX;
3200 }
3201 if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
3202 ++n_rmv;
3203 lifespans[i-lo].old = 1;
3204 rmv[i-lo] = 1;
3205 }
3206 }
3207
3208 if (n_rmv < n_extra) {
3209 /**
3210 * We aren't removing enough servers for being old. Sort lifespans by
3211 * the duration of liveness, and remove the ones we're not already going to
3212 * remove based on how long they were alive.
3213 **/
3214 qsort(lifespans, n, sizeof(struct duration_idx_t), _compare_duration_idx);
3215 for (i = 0; i < n && n_rmv < n_extra; ++i) {
3216 if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
3217 rmv[lifespans[i].idx-lo] = 1;
3218 ++n_rmv;
3219 }
3220 }
3221 }
3222
3223 i = hi;
3224 do {
3225 if (rmv[i-lo])
3226 routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
3227 } while (--i >= lo);
3228 tor_free(must_keep);
3229 tor_free(rmv);
3230 tor_free(lifespans);
3231 }
3232
3233 /** Deactivate any routers from the routerlist that are more than
3234 * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
3235 * remove old routers from the list of cached routers if we have too many.
3236 */
3237 void
3238 routerlist_remove_old_routers(void)
3239 {
3240 int i, hi=-1;
3241 const char *cur_id = NULL;
3242 time_t now = time(NULL);
3243 time_t cutoff;
3244 routerinfo_t *router;
3245 signed_descriptor_t *sd;
3246 digestset_t *retain;
3247 int caches = directory_caches_dir_info(get_options());
3248 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
3249 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3250 int have_enough_v2;
3251
3252 trusted_dirs_remove_old_certs();
3253
3254 if (!routerlist || !consensus)
3255 return;
3256
3257 // routerlist_assert_ok(routerlist);
3258
3259 /* We need to guess how many router descriptors we will wind up wanting to
3260 retain, so that we can be sure to allocate a large enough Bloom filter
3261 to hold the digest set. Overestimating is fine; underestimating is bad.
3262 */
3263 {
3264 /* We'll probably retain everything in the consensus. */
3265 int n_max_retain = smartlist_len(consensus->routerstatus_list);
3266 if (caches && networkstatus_v2_list) {
3267 /* If we care about v2 statuses, we'll retain at most as many as are
3268 listed any of the v2 statues. This will be at least the length of
3269 the largest v2 networkstatus, and in the worst case, this set will be
3270 equal to the sum of the lengths of all v2 consensuses. Take the
3271 worst case.
3272 */
3273 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3274 n_max_retain += smartlist_len(ns->entries));
3275 }
3276 retain = digestset_new(n_max_retain);
3277 }
3278
3279 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3280 /* Build a list of all the descriptors that _anybody_ lists. */
3281 if (caches && networkstatus_v2_list) {
3282 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3283 {
3284 /* XXXX The inner loop here gets pretty expensive, and actually shows up
3285 * on some profiles. It may be the reason digestmap_set shows up in
3286 * profiles too. If instead we kept a per-descriptor digest count of
3287 * how many networkstatuses recommended each descriptor, and changed
3288 * that only when the networkstatuses changed, that would be a speed
3289 * improvement, possibly 1-4% if it also removes digestmap_set from the
3290 * profile. Not worth it for 0.1.2.x, though. The new directory
3291 * system will obsolete this whole thing in 0.2.0.x. */
3292 SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
3293 if (rs->published_on >= cutoff)
3294 digestset_add(retain, rs->descriptor_digest));
3295 });
3296 }
3297
3298 /* Retain anything listed in the consensus. */
3299 if (consensus) {
3300 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
3301 if (rs->published_on >= cutoff)
3302 digestset_add(retain, rs->descriptor_digest));
3303 }
3304
3305 /* If we have a consensus, and nearly as many v2 networkstatuses as we want,
3306 * we should consider pruning current routers that are too old and that
3307 * nobody recommends. (If we don't have a consensus or enough v2
3308 * networkstatuses, then we should get more before we decide to kill
3309 * routers.) */
3310 /* we set this to true iff we don't care about v2 info, or we have enough. */
3311 have_enough_v2 = !caches ||
3312 (networkstatus_v2_list &&
3313 smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
3314
3315 if (have_enough_v2 && consensus) {
3316 cutoff = now - ROUTER_MAX_AGE;
3317 /* Remove too-old unrecommended members of routerlist->routers. */
3318 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
3319 router = smartlist_get(routerlist->routers, i);
3320 if (router->cache_info.published_on <= cutoff &&
3321 router->cache_info.last_listed_as_valid_until < now &&
3322 !digestset_isin(retain,
3323 router->cache_info.signed_descriptor_digest)) {
3324 /* Too old: remove it. (If we're a cache, just move it into
3325 * old_routers.) */
3326 log_info(LD_DIR,
3327 "Forgetting obsolete (too old) routerinfo for router '%s'",
3328 router->nickname);
3329 routerlist_remove(routerlist, router, 1, now);
3330 i--;
3331 }
3332 }
3333 }
3334
3335 //routerlist_assert_ok(routerlist);
3336
3337 /* Remove far-too-old members of routerlist->old_routers. */
3338 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3339 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3340 sd = smartlist_get(routerlist->old_routers, i);
3341 if (sd->published_on <= cutoff &&
3342 sd->last_listed_as_valid_until < now &&
3343 !digestset_isin(retain, sd->signed_descriptor_digest)) {
3344 /* Too old. Remove it. */
3345 routerlist_remove_old(routerlist, sd, i--);
3346 }
3347 }
3348
3349 //routerlist_assert_ok(routerlist);
3350
3351 log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
3352 smartlist_len(routerlist->routers),
3353 smartlist_len(routerlist->old_routers));
3354
3355 /* Now we might have to look at routerlist->old_routers for extraneous
3356 * members. (We'd keep all the members if we could, but we need to save
3357 * space.) First, check whether we have too many router descriptors, total.
3358 * We're okay with having too many for some given router, so long as the
3359 * total number doesn't approach max_descriptors_per_router()*len(router).
3360 */
3361 if (smartlist_len(routerlist->old_routers) <
3362 smartlist_len(routerlist->routers))
3363 goto done;
3364
3365 /* Sort by identity, then fix indices. */
3366 smartlist_sort(routerlist->old_routers, _compare_old_routers_by_identity);
3367 /* Fix indices. */
3368 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3369 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3370 r->routerlist_index = i;
3371 }
3372
3373 /* Iterate through the list from back to front, so when we remove descriptors
3374 * we don't mess up groups we haven't gotten to. */
3375 for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
3376 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3377 if (!cur_id) {
3378 cur_id = r->identity_digest;
3379 hi = i;
3380 }
3381 if (memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
3382 routerlist_remove_old_cached_routers_with_id(now,
3383 cutoff, i+1, hi, retain);
3384 cur_id = r->identity_digest;
3385 hi = i;
3386 }
3387 }
3388 if (hi>=0)
3389 routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
3390 //routerlist_assert_ok(routerlist);
3391
3392 done:
3393 digestset_free(retain);
3394 router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
3395 router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
3396 }
3397
3398 /** We just added a new set of descriptors. Take whatever extra steps
3399 * we need. */
3400 static void
3401 routerlist_descriptors_added(smartlist_t *sl, int from_cache)
3402 {
3403 tor_assert(sl);
3404 control_event_descriptors_changed(sl);
3405 SMARTLIST_FOREACH(sl, routerinfo_t *, ri,
3406 if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
3407 learned_bridge_descriptor(ri, from_cache);
3408 );
3409 }
3410
3411 /**
3412 * Code to parse a single router descriptor and insert it into the
3413 * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
3414 * descriptor was well-formed but could not be added; and 1 if the
3415 * descriptor was added.
3416 *
3417 * If we don't add it and <b>msg</b> is not NULL, then assign to
3418 * *<b>msg</b> a static string describing the reason for refusing the
3419 * descriptor.
3420 *
3421 * This is used only by the controller.
3422 */
3423 int
3424 router_load_single_router(const char *s, uint8_t purpose, int cache,
3425 const char **msg)
3426 {
3427 routerinfo_t *ri;
3428 was_router_added_t r;
3429 smartlist_t *lst;
3430 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
3431 tor_assert(msg);
3432 *msg = NULL;
3433
3434 tor_snprintf(annotation_buf, sizeof(annotation_buf),
3435 "@source controller\n"
3436 "@purpose %s\n", router_purpose_to_string(purpose));
3437
3438 if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
3439 log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
3440 *msg = "Couldn't parse router descriptor.";
3441 return -1;
3442 }
3443 tor_assert(ri->purpose == purpose);
3444 if (router_is_me(ri)) {
3445 log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
3446 *msg = "Router's identity key matches mine.";
3447 routerinfo_free(ri);
3448 return 0;
3449 }
3450
3451 if (!cache) /* obey the preference of the controller */
3452 ri->cache_info.do_not_cache = 1;
3453
3454 lst = smartlist_create();
3455 smartlist_add(lst, ri);
3456 routers_update_status_from_consensus_networkstatus(lst, 0);
3457
3458 r = router_add_to_routerlist(ri, msg, 0, 0);
3459 if (!WRA_WAS_ADDED(r)) {
3460 /* we've already assigned to *msg now, and ri is already freed */
3461 tor_assert(*msg);
3462 if (r == ROUTER_AUTHDIR_REJECTS)
3463 log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
3464 smartlist_free(lst);
3465 return 0;
3466 } else {
3467 routerlist_descriptors_added(lst, 0);
3468 smartlist_free(lst);
3469 log_debug(LD_DIR, "Added router to list");
3470 return 1;
3471 }
3472 }
3473
3474 /** Given a string <b>s</b> containing some routerdescs, parse it and put the
3475 * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
3476 * are in response to a query to the network: cache them by adding them to
3477 * the journal.
3478 *
3479 * Return the number of routers actually added.
3480 *
3481 * If <b>requested_fingerprints</b> is provided, it must contain a list of
3482 * uppercased fingerprints. Do not update any router whose
3483 * fingerprint is not on the list; after updating a router, remove its
3484 * fingerprint from the list.
3485 *
3486 * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
3487 * are descriptor digests. Otherwise they are identity digests.
3488 */
3489 int
3490 router_load_routers_from_string(const char *s, const char *eos,
3491 saved_location_t saved_location,
3492 smartlist_t *requested_fingerprints,
3493 int descriptor_digests,
3494 const char *prepend_annotations)
3495 {
3496 smartlist_t *routers = smartlist_create(), *changed = smartlist_create();
3497 char fp[HEX_DIGEST_LEN+1];
3498 const char *msg;
3499 int from_cache = (saved_location != SAVED_NOWHERE);
3500 int allow_annotations = (saved_location != SAVED_NOWHERE);
3501 int any_changed = 0;
3502
3503 router_parse_list_from_string(&s, eos, routers, saved_location, 0,
3504 allow_annotations, prepend_annotations);
3505
3506 routers_update_status_from_consensus_networkstatus(routers, !from_cache);
3507
3508 log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
3509
3510 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
3511 was_router_added_t r;
3512 char d[DIGEST_LEN];
3513 if (requested_fingerprints) {
3514 base16_encode(fp, sizeof(fp), descriptor_digests ?
3515 ri->cache_info.signed_descriptor_digest :
3516 ri->cache_info.identity_digest,
3517 DIGEST_LEN);
3518 if (smartlist_string_isin(requested_fingerprints, fp)) {
3519 smartlist_string_remove(requested_fingerprints, fp);
3520 } else {
3521 char *requested =
3522 smartlist_join_strings(requested_fingerprints," ",0,NULL);
3523 log_warn(LD_DIR,
3524 "We received a router descriptor with a fingerprint (%s) "
3525 "that we never requested. (We asked for: %s.) Dropping.",
3526 fp, requested);
3527 tor_free(requested);
3528 routerinfo_free(ri);
3529 continue;
3530 }
3531 }
3532
3533 memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
3534 r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
3535 if (WRA_WAS_ADDED(r)) {
3536 any_changed++;
3537 smartlist_add(changed, ri);
3538 routerlist_descriptors_added(changed, from_cache);
3539 smartlist_clear(changed);
3540 } else if (WRA_WAS_REJECTED(r)) {
3541 download_status_t *dl_status;
3542 dl_status = router_get_dl_status_by_descriptor_digest(d);
3543 if (dl_status) {
3544 log_info(LD_GENERAL, "Marking router %s as never downloadable",
3545 hex_str(d, DIGEST_LEN));
3546 download_status_mark_impossible(dl_status);
3547 }
3548 }
3549 } SMARTLIST_FOREACH_END(ri);
3550
3551 routerlist_assert_ok(routerlist);
3552
3553 if (any_changed)
3554 router_rebuild_store(0, &routerlist->desc_store);
3555
3556 smartlist_free(routers);
3557 smartlist_free(changed);
3558
3559 return any_changed;
3560 }
3561
3562 /** Parse one or more extrainfos from <b>s</b> (ending immediately before
3563 * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
3564 * router_load_routers_from_string(). */
3565 void
3566 router_load_extrainfo_from_string(const char *s, const char *eos,
3567 saved_location_t saved_location,
3568 smartlist_t *requested_fingerprints,
3569 int descriptor_digests)
3570 {
3571 smartlist_t *extrainfo_list = smartlist_create();
3572 const char *msg;
3573 int from_cache = (saved_location != SAVED_NOWHERE);
3574
3575 router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
3576 NULL);
3577
3578 log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
3579
3580 SMARTLIST_FOREACH(extrainfo_list, extrainfo_t *, ei, {
3581 was_router_added_t added =
3582 router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
3583 if (WRA_WAS_ADDED(added) && requested_fingerprints) {
3584 char fp[HEX_DIGEST_LEN+1];
3585 base16_encode(fp, sizeof(fp), descriptor_digests ?
3586 ei->cache_info.signed_descriptor_digest :
3587 ei->cache_info.identity_digest,
3588 DIGEST_LEN);
3589 smartlist_string_remove(requested_fingerprints, fp);
3590 /* We silently let people stuff us with extrainfos we didn't ask for,
3591 * so long as we would have wanted them anyway. Since we always fetch
3592 * all the extrainfos we want, and we never actually act on them
3593 * inside Tor, this should be harmless. */
3594 }
3595 });
3596
3597 routerlist_assert_ok(routerlist);
3598 router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
3599
3600 smartlist_free(extrainfo_list);
3601 }
3602
3603 /** Return true iff any networkstatus includes a descriptor whose digest
3604 * is that of <b>desc</b>. */
3605 static int
3606 signed_desc_digest_is_recognized(signed_descriptor_t *desc)
3607 {
3608 routerstatus_t *rs;
3609 networkstatus_t *consensus = networkstatus_get_latest_consensus();
3610 int caches = directory_caches_dir_info(get_options());
3611 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3612
3613 if (consensus) {
3614 rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
3615 if (rs && !memcmp(rs->descriptor_digest,
3616 desc->signed_descriptor_digest, DIGEST_LEN))
3617 return 1;
3618 }
3619 if (caches && networkstatus_v2_list) {
3620 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3621 {
3622 if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
3623 continue;
3624 if (!memcmp(rs->descriptor_digest,
3625 desc->signed_descriptor_digest, DIGEST_LEN))
3626 return 1;
3627 });
3628 }
3629 return 0;
3630 }
3631
3632 /** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
3633 * give it all a try again. */
3634 void
3635 routerlist_retry_directory_downloads(time_t now)
3636 {
3637 router_reset_status_download_failures();
3638 router_reset_descriptor_download_failures();
3639 update_networkstatus_downloads(now);
3640 update_router_descriptor_downloads(now);
3641 }
3642
3643 /** Return 1 if all running sufficiently-stable routers will reject
3644 * addr:port, return 0 if any might accept it. */
3645 int
3646 router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
3647 int need_uptime)
3648 {
3649 addr_policy_result_t r;
3650 if (!routerlist) return 1;
3651
3652 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
3653 {
3654 if (router->is_running &&
3655 !router_is_unreliable(router, need_uptime, 0, 0)) {
3656 r = compare_addr_to_addr_policy(addr, port, router->exit_policy);
3657 if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
3658 return 0; /* this one could be ok. good enough. */
3659 }
3660 });
3661 return 1; /* all will reject. */
3662 }
3663
3664 /** Return true iff <b>router</b> does not permit exit streams.
3665 */
3666 int
3667 router_exit_policy_rejects_all(routerinfo_t *router)
3668 {
3669 return router->policy_is_reject_star;
3670 }
3671
3672 /** Add to the list of authoritative directory servers one at
3673 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. If
3674 * <b>address</b> is NULL, add ourself. Return the new trusted directory
3675 * server entry on success or NULL if we couldn't add it. */
3676 trusted_dir_server_t *
3677 add_trusted_dir_server(const char *nickname, const char *address,
3678 uint16_t dir_port, uint16_t or_port,
3679 const char *digest, const char *v3_auth_digest,
3680 authority_type_t type)
3681 {
3682 trusted_dir_server_t *ent;
3683 uint32_t a;
3684 char *hostname = NULL;
3685 size_t dlen;
3686 if (!trusted_dir_servers)
3687 trusted_dir_servers = smartlist_create();
3688
3689 if (!address) { /* The address is us; we should guess. */
3690 if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) {
3691 log_warn(LD_CONFIG,
3692 "Couldn't find a suitable address when adding ourself as a "
3693 "trusted directory server.");
3694 return NULL;
3695 }
3696 } else {
3697 if (tor_lookup_hostname(address, &a)) {
3698 log_warn(LD_CONFIG,
3699 "Unable to lookup address for directory server at '%s'",
3700 address);
3701 return NULL;
3702 }
3703 hostname = tor_strdup(address);
3704 }
3705
3706 ent = tor_malloc_zero(sizeof(trusted_dir_server_t));
3707 ent->nickname = nickname ? tor_strdup(nickname) : NULL;
3708 ent->address = hostname;
3709 ent->addr = a;
3710 ent->dir_port = dir_port;
3711 ent->or_port = or_port;
3712 ent->is_running = 1;
3713 ent->type = type;
3714 memcpy(ent->digest, digest, DIGEST_LEN);
3715 if (v3_auth_digest && (type & V3_AUTHORITY))
3716 memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
3717
3718 dlen = 64 + strlen(hostname) + (nickname?strlen(nickname):0);
3719 ent->description = tor_malloc(dlen);
3720 if (nickname)
3721 tor_snprintf(ent->description, dlen, "directory server \"%s\" at %s:%d",
3722 nickname, hostname, (int)dir_port);
3723 else
3724 tor_snprintf(ent->description, dlen, "directory server at %s:%d",
3725 hostname, (int)dir_port);
3726
3727 ent->fake_status.addr = ent->addr;
3728 memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
3729 if (nickname)
3730 strlcpy(ent->fake_status.nickname, nickname,
3731 sizeof(ent->fake_status.nickname));
3732 else
3733 ent->fake_status.nickname[0] = '\0';
3734 ent->fake_status.dir_port = ent->dir_port;
3735 ent->fake_status.or_port = ent->or_port;
3736
3737 if (ent->or_port)
3738 ent->fake_status.version_supports_begindir = 1;
3739 /* XX021 - wait until authorities are upgraded */
3740 #if 0
3741 ent->fake_status.version_supports_conditional_consensus = 1;
3742 #else
3743 ent->fake_status.version_supports_conditional_consensus = 0;
3744 #endif
3745
3746 smartlist_add(trusted_dir_servers, ent);
3747 router_dir_info_changed();
3748 return ent;
3749 }
3750
3751 /** Free storage held in <b>cert</b>. */
3752 void
3753 authority_cert_free(authority_cert_t *cert)
3754 {
3755 if (!cert)
3756 return;
3757
3758 tor_free(cert->cache_info.signed_descriptor_body);
3759 if (cert->signing_key)
3760 crypto_free_pk_env(cert->signing_key);
3761 if (cert->identity_key)
3762 crypto_free_pk_env(cert->identity_key);
3763
3764 tor_free(cert);
3765 }
3766
3767 /** Free storage held in <b>ds</b>. */
3768 static void
3769 trusted_dir_server_free(trusted_dir_server_t *ds)
3770 {
3771 tor_free(ds->nickname);
3772 tor_free(ds->description);
3773 tor_free(ds->address);
3774 tor_free(ds);
3775 }
3776
3777 /** Remove all members from the list of trusted dir servers. */
3778 void
3779 clear_trusted_dir_servers(void)
3780 {
3781 if (trusted_dir_servers) {
3782 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
3783 trusted_dir_server_free(ent));
3784 smartlist_clear(trusted_dir_servers);
3785 } else {
3786 trusted_dir_servers = smartlist_create();
3787 }
3788 router_dir_info_changed();
3789 }
3790
3791 /** Return 1 if any trusted dir server supports v1 directories,
3792 * else return 0. */
3793 int
3794 any_trusted_dir_is_v1_authority(void)
3795 {
3796 if (trusted_dir_servers)
3797 return get_n_authorities(V1_AUTHORITY) > 0;
3798
3799 return 0;
3800 }
3801
3802 /** For every current directory connection whose purpose is <b>purpose</b>,
3803 * and where the resource being downloaded begins with <b>prefix</b>, split
3804 * rest of the resource into base16 fingerprints, decode them, and set the
3805 * corresponding elements of <b>result</b> to a nonzero value. */
3806 static void
3807 list_pending_downloads(digestmap_t *result,
3808 int purpose, const char *prefix)
3809 {
3810 const size_t p_len = strlen(prefix);
3811 smartlist_t *tmp = smartlist_create();
3812 smartlist_t *conns = get_connection_array();
3813
3814 tor_assert(result);
3815
3816 SMARTLIST_FOREACH(conns, connection_t *, conn,
3817 {
3818 if (conn->type == CONN_TYPE_DIR &&
3819 conn->purpose == purpose &&
3820 !conn->marked_for_close) {
3821 const char *resource = TO_DIR_CONN(conn)->requested_resource;
3822 if (!strcmpstart(resource, prefix))
3823 dir_split_resource_into_fingerprints(resource + p_len,
3824 tmp, NULL, 1, 0);
3825 }
3826 });
3827 SMARTLIST_FOREACH(tmp, char *, d,
3828 {
3829 digestmap_set(result, d, (void*)1);
3830 tor_free(d);
3831 });
3832 smartlist_free(tmp);
3833 }
3834
3835 /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
3836 * true) we are currently downloading by descriptor digest, set result[d] to
3837 * (void*)1. */
3838 static void
3839 list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
3840 {
3841 int purpose =
3842 extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
3843 list_pending_downloads(result, purpose, "d/");
3844 }
3845
3846 /** Launch downloads for all the descriptors whose digests are listed
3847 * as digests[i] for lo <= i < hi. (Lo and hi may be out of range.)
3848 * If <b>source</b> is given, download from <b>source</b>; otherwise,
3849 * download from an appropriate random directory server.
3850 */
3851 static void
3852 initiate_descriptor_downloads(routerstatus_t *source,
3853 int purpose,
3854 smartlist_t *digests,
3855 int lo, int hi, int pds_flags)
3856 {
3857 int i, n = hi-lo;
3858 char *resource, *cp;
3859 size_t r_len;
3860 if (n <= 0)
3861 return;
3862 if (lo < 0)
3863 lo = 0;
3864 if (hi > smartlist_len(digests))
3865 hi = smartlist_len(digests);
3866
3867 r_len = 8 + (HEX_DIGEST_LEN+1)*n;
3868 cp = resource = tor_malloc(r_len);
3869 memcpy(cp, "d/", 2);
3870 cp += 2;
3871 for (i = lo; i < hi; ++i) {
3872 base16_encode(cp, r_len-(cp-resource),
3873 smartlist_get(digests,i), DIGEST_LEN);
3874 cp += HEX_DIGEST_LEN;
3875 *cp++ = '+';
3876 }
3877 memcpy(cp-1, ".z", 3);
3878
3879 if (source) {
3880 /* We know which authority we want. */
3881 directory_initiate_command_routerstatus(source, purpose,
3882 ROUTER_PURPOSE_GENERAL,
3883 0, /* not private */
3884 resource, NULL, 0, 0);
3885 } else {
3886 directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
3887 pds_flags);
3888 }
3889 tor_free(resource);
3890 }
3891
3892 /** Return 0 if this routerstatus is obsolete, too new, isn't
3893 * running, or otherwise not a descriptor that we would make any
3894 * use of even if we had it. Else return 1. */
3895 static INLINE int
3896 client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
3897 {
3898 if (!rs->is_running && !options->FetchUselessDescriptors) {
3899 /* If we had this router descriptor, we wouldn't even bother using it.
3900 * But, if we want to have a complete list, fetch it anyway. */
3901 return 0;
3902 }
3903 if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
3904 > now) {
3905 /* Most caches probably don't have this descriptor yet. */
3906 return 0;
3907 }
3908 if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
3909 /* We'd drop it immediately for being too old. */
3910 return 0;
3911 }
3912 return 1;
3913 }
3914
3915 /** Max amount of hashes to download per request.
3916 * Since squid does not like URLs >= 4096 bytes we limit it to 96.
3917 * 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
3918 * 4058/41 (40 for the hash and 1 for the + that separates them) => 98
3919 * So use 96 because it's a nice number.
3920 */
3921 #define MAX_DL_PER_REQUEST 96
3922 /** Don't split our requests so finely that we are requesting fewer than
3923 * this number per server. */
3924 #define MIN_DL_PER_REQUEST 4
3925 /** To prevent a single screwy cache from confusing us by selective reply,
3926 * try to split our requests into at least this this many requests. */
3927 #define MIN_REQUESTS 3
3928 /** If we want fewer than this many descriptors, wait until we
3929 * want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
3930 * passed. */
3931 #define MAX_DL_TO_DELAY 16
3932 /** When directory clients have only a few servers to request, they batch
3933 * them until they have more, or until this amount of time has passed. */
3934 #define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
3935
3936 /** Given a list of router descriptor digests in <b>downloadable</b>, decide
3937 * whether to delay fetching until we have more. If we don't want to delay,
3938 * launch one or more requests to the appropriate directory authorities. */
3939 static void
3940 launch_router_descriptor_downloads(smartlist_t *downloadable, time_t now)
3941 {
3942 int should_delay = 0, n_downloadable;
3943 or_options_t *options = get_options();
3944
3945 n_downloadable = smartlist_len(downloadable);
3946 if (!directory_fetches_dir_info_early(options)) {
3947 if (n_downloadable >= MAX_DL_TO_DELAY) {
3948 log_debug(LD_DIR,
3949 "There are enough downloadable routerdescs to launch requests.");
3950 should_delay = 0;
3951 } else {
3952 should_delay = (last_routerdesc_download_attempted +
3953 MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
3954 if (!should_delay && n_downloadable) {
3955 if (last_routerdesc_download_attempted) {
3956 log_info(LD_DIR,
3957 "There are not many downloadable routerdescs, but we've "
3958 "been waiting long enough (%d seconds). Downloading.",
3959 (int)(now-last_routerdesc_download_attempted));
3960 } else {
3961 log_info(LD_DIR,
3962 "There are not many downloadable routerdescs, but we haven't "
3963 "tried downloading descriptors recently. Downloading.");
3964 }
3965 }
3966 }
3967 }
3968 /* XXX should we consider having even the dir mirrors delay
3969 * a little bit, so we don't load the authorities as much? -RD
3970 * I don't think so. If we do, clients that want those descriptors may
3971 * not actually find them if the caches haven't got them yet. -NM
3972 */
3973
3974 if (! should_delay && n_downloadable) {
3975 int i, n_per_request;
3976 const char *req_plural = "", *rtr_plural = "";
3977 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
3978 if (! authdir_mode_any_nonhidserv(options)) {
3979 /* If we wind up going to the authorities, we want to only open one
3980 * connection to each authority at a time, so that we don't overload
3981 * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
3982 * regardless of whether we're a cache or not; it gets ignored if we're
3983 * not calling router_pick_trusteddirserver.
3984 *
3985 * Setting this flag can make initiate_descriptor_downloads() ignore
3986 * requests. We need to make sure that we do in fact call
3987 * update_router_descriptor_downloads() later on, once the connections
3988 * have succeeded or failed.
3989 */
3990 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH;
3991 }
3992
3993 n_per_request = (n_downloadable+MIN_REQUESTS-1) / MIN_REQUESTS;
3994 if (n_per_request > MAX_DL_PER_REQUEST)
3995 n_per_request = MAX_DL_PER_REQUEST;
3996 if (n_per_request < MIN_DL_PER_REQUEST)
3997 n_per_request = MIN_DL_PER_REQUEST;
3998
3999 if (n_downloadable > n_per_request)
4000 req_plural = rtr_plural = "s";
4001 else if (n_downloadable > 1)
4002 rtr_plural = "s";
4003
4004 log_info(LD_DIR,
4005 "Launching %d request%s for %d router%s, %d at a time",
4006 (n_downloadable+n_per_request-1)/n_per_request,
4007 req_plural, n_downloadable, rtr_plural, n_per_request);
4008 smartlist_sort_digests(downloadable);
4009 for (i=0; i < n_downloadable; i += n_per_request) {
4010 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_SERVERDESC,
4011 downloadable, i, i+n_per_request,
4012 pds_flags);
4013 }
4014 last_routerdesc_download_attempted = now;
4015 }
4016 }
4017
4018 /** Launch downloads for router status as needed, using the strategy used by
4019 * authorities and caches: based on the v2 networkstatuses we have, download
4020 * every descriptor we don't have but would serve, from a random authority
4021 * that lists it. */
4022 static void
4023 update_router_descriptor_cache_downloads_v2(time_t now)
4024 {
4025 smartlist_t **downloadable; /* For each authority, what can we dl from it? */
4026 smartlist_t **download_from; /* ... and, what will we dl from it? */
4027 digestmap_t *map; /* Which descs are in progress, or assigned? */
4028 int i, j, n;
4029 int n_download;
4030 or_options_t *options = get_options();
4031 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4032
4033 if (! directory_fetches_dir_info_early(options)) {
4034 log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
4035 "on a non-dir-mirror?");
4036 }
4037
4038 if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
4039 return;
4040
4041 map = digestmap_new();
4042 n = smartlist_len(networkstatus_v2_list);
4043
4044 downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
4045 download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
4046
4047 /* Set map[d]=1 for the digest of every descriptor that we are currently
4048 * downloading. */
4049 list_pending_descriptor_downloads(map, 0);
4050
4051 /* For the digest of every descriptor that we don't have, and that we aren't
4052 * downloading, add d to downloadable[i] if the i'th networkstatus knows
4053 * about that descriptor, and we haven't already failed to get that
4054 * descriptor from the corresponding authority.
4055 */
4056 n_download = 0;
4057 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
4058 {
4059 trusted_dir_server_t *ds;
4060 smartlist_t *dl;
4061 dl = downloadable[ns_sl_idx] = smartlist_create();
4062 download_from[ns_sl_idx] = smartlist_create();
4063 if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
4064 /* Don't download if the networkstatus is almost ancient. */
4065 /* Actually, I suspect what's happening here is that we ask
4066 * for the descriptor when we have a given networkstatus,
4067 * and then we get a newer networkstatus, and then we receive
4068 * the descriptor. Having a networkstatus actually expire is
4069 * probably a rare event, and we'll probably be happiest if
4070 * we take this clause out. -RD */
4071 continue;
4072 }
4073
4074 /* Don't try dirservers that we think are down -- we might have
4075 * just tried them and just marked them as down. */
4076 ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
4077 if (ds && !ds->is_running)
4078 continue;
4079
4080 SMARTLIST_FOREACH(ns->entries, routerstatus_t * , rs,
4081 {
4082 if (!rs->need_to_mirror)
4083 continue;
4084 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4085 log_warn(LD_BUG,
4086 "We have a router descriptor, but need_to_mirror=1.");
4087 rs->need_to_mirror = 0;
4088 continue;
4089 }
4090 if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
4091 rs->need_to_mirror = 0;
4092 continue;
4093 }
4094 if (digestmap_get(map, rs->descriptor_digest)) {
4095 /* We're downloading it already. */
4096 continue;
4097 } else {
4098 /* We could download it from this guy. */
4099 smartlist_add(dl, rs->descriptor_digest);
4100 ++n_download;
4101 }
4102 });
4103 });
4104
4105 /* At random, assign descriptors to authorities such that:
4106 * - if d is a member of some downloadable[x], d is a member of some
4107 * download_from[y]. (Everything we want to download, we try to download
4108 * from somebody.)
4109 * - If d is a member of download_from[y], d is a member of downloadable[y].
4110 * (We only try to download descriptors from authorities who claim to have
4111 * them.)
4112 * - No d is a member of download_from[x] and download_from[y] s.t. x != y.
4113 * (We don't try to download anything from two authorities concurrently.)
4114 */
4115 while (n_download) {
4116 int which_ns = crypto_rand_int(n);
4117 smartlist_t *dl = downloadable[which_ns];
4118 int idx;
4119 char *d;
4120 if (!smartlist_len(dl))
4121 continue;
4122 idx = crypto_rand_int(smartlist_len(dl));
4123 d = smartlist_get(dl, idx);
4124 if (! digestmap_get(map, d)) {
4125 smartlist_add(download_from[which_ns], d);
4126 digestmap_set(map, d, (void*) 1);
4127 }
4128 smartlist_del(dl, idx);
4129 --n_download;
4130 }
4131
4132 /* Now, we can actually launch our requests. */
4133 for (i=0; i<n; ++i) {
4134 networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
4135 trusted_dir_server_t *ds =
4136 router_get_trusteddirserver_by_digest(ns->identity_digest);
4137 smartlist_t *dl = download_from[i];
4138 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4139 if (! authdir_mode_any_nonhidserv(options))
4140 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
4141
4142 if (!ds) {
4143 log_info(LD_DIR, "Networkstatus with no corresponding authority!");
4144 continue;
4145 }
4146 if (! smartlist_len(dl))
4147 continue;
4148 log_info(LD_DIR, "Requesting %d descriptors from authority \"%s\"",
4149 smartlist_len(dl), ds->nickname);
4150 for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
4151 initiate_descriptor_downloads(&(ds->fake_status),
4152 DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
4153 j+MAX_DL_PER_REQUEST, pds_flags);
4154 }
4155 }
4156
4157 for (i=0; i<n; ++i) {
4158 smartlist_free(download_from[i]);
4159 smartlist_free(downloadable[i]);
4160 }
4161 tor_free(download_from);
4162 tor_free(downloadable);
4163 digestmap_free(map,NULL);
4164 }
4165
4166 /** For any descriptor that we want that's currently listed in the live
4167 * consensus, download it as appropriate. */
4168 static void
4169 update_consensus_router_descriptor_downloads(time_t now)
4170 {
4171 or_options_t *options = get_options();
4172 digestmap_t *map = NULL;
4173 smartlist_t *no_longer_old = smartlist_create();
4174 smartlist_t *downloadable = smartlist_create();
4175 int authdir = authdir_mode(options);
4176 networkstatus_t *consensus =
4177 networkstatus_get_reasonably_live_consensus(now);
4178 int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
4179 n_inprogress=0, n_in_oldrouters=0;
4180
4181 if (directory_too_idle_to_fetch_descriptors(options, now))
4182 goto done;
4183 if (!consensus)
4184 goto done;
4185
4186 map = digestmap_new();
4187 list_pending_descriptor_downloads(map, 0);
4188 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4189 {
4190 signed_descriptor_t *sd;
4191 if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
4192 routerinfo_t *ri;
4193 ++n_have;
4194 if (!(ri = router_get_by_digest(rs->identity_digest)) ||
4195 memcmp(ri->cache_info.signed_descriptor_digest,
4196 sd->signed_descriptor_digest, DIGEST_LEN)) {
4197 /* We have a descriptor with this digest, but either there is no
4198 * entry in routerlist with the same ID (!ri), or there is one,
4199 * but the identity digest differs (memcmp).
4200 */
4201 smartlist_add(no_longer_old, sd);
4202 ++n_in_oldrouters; /* We have it in old_routers. */
4203 }
4204 continue; /* We have it already. */
4205 }
4206 if (digestmap_get(map, rs->descriptor_digest)) {
4207 ++n_inprogress;
4208 continue; /* We have an in-progress download. */
4209 }
4210 if (!download_status_is_ready(&rs->dl_status, now,
4211 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4212 ++n_delayed; /* Not ready for retry. */
4213 continue;
4214 }
4215 if (authdir && dirserv_would_reject_router(rs)) {
4216 ++n_would_reject;
4217 continue; /* We would throw it out immediately. */
4218 }
4219 if (!directory_caches_dir_info(options) &&
4220 !client_would_use_router(rs, now, options)) {
4221 ++n_wouldnt_use;
4222 continue; /* We would never use it ourself. */
4223 }
4224 smartlist_add(downloadable, rs->descriptor_digest);
4225 });
4226
4227 if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
4228 && smartlist_len(no_longer_old)) {
4229 routerlist_t *rl = router_get_routerlist();
4230 log_info(LD_DIR, "%d router descriptors listed in consensus are "
4231 "currently in old_routers; making them current.",
4232 smartlist_len(no_longer_old));
4233 SMARTLIST_FOREACH(no_longer_old, signed_descriptor_t *, sd, {
4234 const char *msg;
4235 was_router_added_t r;
4236 routerinfo_t *ri = routerlist_reparse_old(rl, sd);
4237 if (!ri) {
4238 log_warn(LD_BUG, "Failed to re-parse a router.");
4239 continue;
4240 }
4241 r = router_add_to_routerlist(ri, &msg, 1, 0);
4242 if (WRA_WAS_OUTDATED(r)) {
4243 log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
4244 msg?msg:"???");
4245 }
4246 });
4247 routerlist_assert_ok(rl);
4248 }
4249
4250 log_info(LD_DIR,
4251 "%d router descriptors downloadable. %d delayed; %d present "
4252 "(%d of those were in old_routers); %d would_reject; "
4253 "%d wouldnt_use; %d in progress.",
4254 smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
4255 n_would_reject, n_wouldnt_use, n_inprogress);
4256
4257 launch_router_descriptor_downloads(downloadable, now);
4258
4259 digestmap_free(map, NULL);
4260 done:
4261 smartlist_free(downloadable);
4262 smartlist_free(no_longer_old);
4263 }
4264
4265 /** How often should we launch a server/authority request to be sure of getting
4266 * a guess for our IP? */
4267 /*XXXX021 this info should come from netinfo cells or something, or we should
4268 * do this only when we aren't seeing incoming data. see bug 652. */
4269 #define DUMMY_DOWNLOAD_INTERVAL (20*60)
4270
4271 /** Launch downloads for router status as needed. */
4272 void
4273 update_router_descriptor_downloads(time_t now)
4274 {
4275 or_options_t *options = get_options();
4276 static time_t last_dummy_download = 0;
4277 if (should_delay_dir_fetches(options))
4278 return;
4279 if (directory_fetches_dir_info_early(options)) {
4280 update_router_descriptor_cache_downloads_v2(now);
4281 }
4282 update_consensus_router_descriptor_downloads(now);
4283
4284 /* XXXX021 we could be smarter here; see notes on bug 652. */
4285 /* If we're a server that doesn't have a configured address, we rely on
4286 * directory fetches to learn when our address changes. So if we haven't
4287 * tried to get any routerdescs in a long time, try a dummy fetch now. */
4288 if (!options->Address &&
4289 server_mode(options) &&
4290 last_routerdesc_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
4291 last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
4292 last_dummy_download = now;
4293 directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
4294 ROUTER_PURPOSE_GENERAL, "authority.z",
4295 PDS_RETRY_IF_NO_SERVERS);
4296 }
4297 }
4298
4299 /** Launch extrainfo downloads as needed. */
4300 void
4301 update_extrainfo_downloads(time_t now)
4302 {
4303 or_options_t *options = get_options();
4304 routerlist_t *rl;
4305 smartlist_t *wanted;
4306 digestmap_t *pending;
4307 int old_routers, i;
4308 int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
4309 if (! options->DownloadExtraInfo)
4310 return;
4311 if (should_delay_dir_fetches(options))
4312 return;
4313 if (!router_have_minimum_dir_info())
4314 return;
4315
4316 pending = digestmap_new();
4317 list_pending_descriptor_downloads(pending, 1);
4318 rl = router_get_routerlist();
4319 wanted = smartlist_create();
4320 for (old_routers = 0; old_routers < 2; ++old_routers) {
4321 smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
4322 for (i = 0; i < smartlist_len(lst); ++i) {
4323 signed_descriptor_t *sd;
4324 char *d;
4325 if (old_routers)
4326 sd = smartlist_get(lst, i);
4327 else
4328 sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
4329 if (sd->is_extrainfo)
4330 continue; /* This should never happen. */
4331 if (old_routers && !router_get_by_digest(sd->identity_digest))
4332 continue; /* Couldn't check the signature if we got it. */
4333 if (sd->extrainfo_is_bogus)
4334 continue;
4335 d = sd->extra_info_digest;
4336 if (tor_digest_is_zero(d)) {
4337 ++n_no_ei;
4338 continue;
4339 }
4340 if (eimap_get(rl->extra_info_map, d)) {
4341 ++n_have;
4342 continue;
4343 }
4344 if (!download_status_is_ready(&sd->ei_dl_status, now,
4345 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4346 ++n_delay;
4347 continue;
4348 }
4349 if (digestmap_get(pending, d)) {
4350 ++n_pending;
4351 continue;
4352 }
4353 smartlist_add(wanted, d);
4354 }
4355 }
4356 digestmap_free(pending, NULL);
4357
4358 log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
4359 "with present ei, %d delaying, %d pending, %d downloadable.",
4360 n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
4361
4362 smartlist_shuffle(wanted);
4363 for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
4364 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
4365 wanted, i, i + MAX_DL_PER_REQUEST,
4366 PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
4367 }
4368
4369 smartlist_free(wanted);
4370 }
4371
4372 /** True iff, the last time we checked whether we had enough directory info
4373 * to build circuits, the answer was "yes". */
4374 static int have_min_dir_info = 0;
4375 /** True iff enough has changed since the last time we checked whether we had
4376 * enough directory info to build circuits that our old answer can no longer
4377 * be trusted. */
4378 static int need_to_update_have_min_dir_info = 1;
4379 /** String describing what we're missing before we have enough directory
4380 * info. */
4381 static char dir_info_status[128] = "";
4382
4383 /** Return true iff we have enough networkstatus and router information to
4384 * start building circuits. Right now, this means "more than half the
4385 * networkstatus documents, and at least 1/4 of expected routers." */
4386 //XXX should consider whether we have enough exiting nodes here.
4387 int
4388 router_have_minimum_dir_info(void)
4389 {
4390 if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
4391 update_router_have_minimum_dir_info();
4392 need_to_update_have_min_dir_info = 0;
4393 }
4394 return have_min_dir_info;
4395 }
4396
4397 /** Called when our internal view of the directory has changed. This can be
4398 * when the authorities change, networkstatuses change, the list of routerdescs
4399 * changes, or number of running routers changes.
4400 */
4401 void
4402 router_dir_info_changed(void)
4403 {
4404 need_to_update_have_min_dir_info = 1;
4405 rend_hsdir_routers_changed();
4406 }
4407
4408 /** Return a string describing what we're missing before we have enough
4409 * directory info. */
4410 const char *
4411 get_dir_info_status_string(void)
4412 {
4413 return dir_info_status;
4414 }
4415
4416 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
4417 * them seem like ones we'd use, and how many of <em>those</em> we have
4418 * descriptors for. Store the former in *<b>num_usable</b> and the latter in
4419 * *<b>num_present</b>. */
4420 static void
4421 count_usable_descriptors(int *num_present, int *num_usable,
4422 const networkstatus_t *consensus,
4423 or_options_t *options, time_t now)
4424 {
4425 *num_present = 0, *num_usable=0;
4426
4427 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4428 {
4429 if (client_would_use_router(rs, now, options)) {
4430 ++*num_usable; /* the consensus says we want it. */
4431 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4432 /* we have the descriptor listed in the consensus. */
4433 ++*num_present;
4434 }
4435 }
4436 });
4437
4438 log_debug(LD_DIR, "%d usable, %d present.", *num_usable, *num_present);
4439 }
4440
4441 /** We just fetched a new set of descriptors. Compute how far through
4442 * the "loading descriptors" bootstrapping phase we are, so we can inform
4443 * the controller of our progress. */
4444 int
4445 count_loading_descriptors_progress(void)
4446 {
4447 int num_present = 0, num_usable=0;
4448 time_t now = time(NULL);
4449 const networkstatus_t *consensus =
4450 networkstatus_get_reasonably_live_consensus(now);
4451 double fraction;
4452
4453 if (!consensus)
4454 return 0; /* can't count descriptors if we have no list of them */
4455
4456 count_usable_descriptors(&num_present, &num_usable,
4457 consensus, get_options(), now);
4458
4459 if (num_usable == 0)
4460 return 0; /* don't div by 0 */
4461 fraction = num_present / (num_usable/4.);
4462 if (fraction > 1.0)
4463 return 0; /* it's not the number of descriptors holding us back */
4464 return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
4465 (fraction*(BOOTSTRAP_STATUS_CONN_OR-1 -
4466 BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
4467 }
4468
4469 /** Change the value of have_min_dir_info, setting it true iff we have enough
4470 * network and router information to build circuits. Clear the value of
4471 * need_to_update_have_min_dir_info. */
4472 static void
4473 update_router_have_minimum_dir_info(void)
4474 {
4475 int num_present = 0, num_usable=0;
4476 time_t now = time(NULL);
4477 int res;
4478 or_options_t *options = get_options();
4479 const networkstatus_t *consensus =
4480 networkstatus_get_reasonably_live_consensus(now);
4481
4482 if (!consensus) {
4483 if (!networkstatus_get_latest_consensus())
4484 strlcpy(dir_info_status, "We have no network-status consensus.",
4485 sizeof(dir_info_status));
4486 else
4487 strlcpy(dir_info_status, "We have no recent network-status consensus.",
4488 sizeof(dir_info_status));
4489 res = 0;
4490 goto done;
4491 }
4492
4493 if (should_delay_dir_fetches(get_options())) {
4494 log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
4495 strlcpy(dir_info_status, "No live bridge descriptors.",
4496 sizeof(dir_info_status));
4497 res = 0;
4498 goto done;
4499 }
4500
4501 count_usable_descriptors(&num_present, &num_usable, consensus, options, now);
4502
4503 if (num_present < num_usable/4) {
4504 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4505 "We have only %d/%d usable descriptors.", num_present, num_usable);
4506 res = 0;
4507 control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
4508 } else if (num_present < 2) {
4509 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4510 "Only %d descriptor%s here and believed reachable!",
4511 num_present, num_present ? "" : "s");
4512 res = 0;
4513 } else {
4514 res = 1;
4515 }
4516
4517 done:
4518 if (res && !have_min_dir_info) {
4519 log(LOG_NOTICE, LD_DIR,
4520 "We now have enough directory information to build circuits.");
4521 control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
4522 control_event_bootstrap(BOOTSTRAP_STATUS_CONN_OR, 0);
4523 }
4524 if (!res && have_min_dir_info) {
4525 int quiet = directory_too_idle_to_fetch_descriptors(options, now);
4526 log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
4527 "Our directory information is no longer up-to-date "
4528 "enough to build circuits: %s", dir_info_status);
4529 control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
4530 }
4531 have_min_dir_info = res;
4532 need_to_update_have_min_dir_info = 0;
4533 }
4534
4535 /** Reset the descriptor download failure count on all routers, so that we
4536 * can retry any long-failed routers immediately.
4537 */
4538 void
4539 router_reset_descriptor_download_failures(void)
4540 {
4541 networkstatus_reset_download_failures();
4542 last_routerdesc_download_attempted = 0;
4543 if (!routerlist)
4544 return;
4545 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
4546 {
4547 download_status_reset(&ri->cache_info.ei_dl_status);
4548 });
4549 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
4550 {
4551 download_status_reset(&sd->ei_dl_status);
4552 });
4553 }
4554
4555 /** Any changes in a router descriptor's publication time larger than this are
4556 * automatically non-cosmetic. */
4557 #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (12*60*60)
4558
4559 /** We allow uptime to vary from how much it ought to be by this much. */
4560 #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
4561
4562 /** Return true iff the only differences between r1 and r2 are such that
4563 * would not cause a recent (post 0.1.1.6) dirserver to republish.
4564 */
4565 int
4566 router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
4567 {
4568 time_t r1pub, r2pub;
4569 long time_difference;
4570 tor_assert(r1 && r2);
4571
4572 /* r1 should be the one that was published first. */
4573 if (r1->cache_info.published_on > r2->cache_info.published_on) {
4574 routerinfo_t *ri_tmp = r2;
4575 r2 = r1;
4576 r1 = ri_tmp;
4577 }
4578
4579 /* If any key fields differ, they're different. */
4580 if (strcasecmp(r1->address, r2->address) ||
4581 strcasecmp(r1->nickname, r2->nickname) ||
4582 r1->or_port != r2->or_port ||
4583 r1->dir_port != r2->dir_port ||
4584 r1->purpose != r2->purpose ||
4585 crypto_pk_cmp_keys(r1->onion_pkey, r2->onion_pkey) ||
4586 crypto_pk_cmp_keys(r1->identity_pkey, r2->identity_pkey) ||
4587 strcasecmp(r1->platform, r2->platform) ||
4588 (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
4589 (!r1->contact_info && r2->contact_info) ||
4590 (r1->contact_info && r2->contact_info &&
4591 strcasecmp(r1->contact_info, r2->contact_info)) ||
4592 r1->is_hibernating != r2->is_hibernating ||
4593 r1->has_old_dnsworkers != r2->has_old_dnsworkers ||
4594 cmp_addr_policies(r1->exit_policy, r2->exit_policy))
4595 return 0;
4596 if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
4597 return 0;
4598 if (r1->declared_family && r2->declared_family) {
4599 int i, n;
4600 if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
4601 return 0;
4602 n = smartlist_len(r1->declared_family);
4603 for (i=0; i < n; ++i) {
4604 if (strcasecmp(smartlist_get(r1->declared_family, i),
4605 smartlist_get(r2->declared_family, i)))
4606 return 0;
4607 }
4608 }
4609
4610 /* Did bandwidth change a lot? */
4611 if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
4612 (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
4613 return 0;
4614
4615 /* Did the bandwidthrate or bandwidthburst change? */
4616 if ((r1->bandwidthrate != r2->bandwidthrate) ||
4617 (r1->bandwidthburst != r2->bandwidthburst))
4618 return 0;
4619
4620 /* Did more than 12 hours pass? */
4621 if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
4622 < r2->cache_info.published_on)
4623 return 0;
4624
4625 /* Did uptime fail to increase by approximately the amount we would think,
4626 * give or take some slop? */
4627 r1pub = r1->cache_info.published_on;
4628 r2pub = r2->cache_info.published_on;
4629 time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
4630 if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
4631 time_difference > r1->uptime * .05 &&
4632 time_difference > r2->uptime * .05)
4633 return 0;
4634
4635 /* Otherwise, the difference is cosmetic. */
4636 return 1;
4637 }
4638
4639 /** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the
4640 * extrainfo document
4641 * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be
4642 * dropped. Return 0 for "compatible", return 1 for "reject, and inform
4643 * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
4644 * <b>msg</b> is present, set *<b>msg</b> to a description of the
4645 * incompatibility (if any).
4646 **/
4647 int
4648 routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
4649 signed_descriptor_t *sd,
4650 const char **msg)
4651 {
4652 int digest_matches, r=1;
4653 tor_assert(ri);
4654 tor_assert(ei);
4655 if (!sd)
4656 sd = &ri->cache_info;
4657
4658 if (ei->bad_sig) {
4659 if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
4660 return 1;
4661 }
4662
4663 digest_matches = !memcmp(ei->cache_info.signed_descriptor_digest,
4664 sd->extra_info_digest, DIGEST_LEN);
4665
4666 /* The identity must match exactly to have been generated at the same time
4667 * by the same router. */
4668 if (memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
4669 DIGEST_LEN)) {
4670 if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
4671 goto err; /* different servers */
4672 }
4673
4674 if (ei->pending_sig) {
4675 char signed_digest[128];
4676 if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
4677 ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
4678 memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
4679 DIGEST_LEN)) {
4680 ei->bad_sig = 1;
4681 tor_free(ei->pending_sig);
4682 if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
4683 goto err; /* Bad signature, or no match. */
4684 }
4685
4686 ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
4687 tor_free(ei->pending_sig);
4688 }
4689
4690 if (ei->cache_info.published_on < sd->published_on) {
4691 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4692 goto err;
4693 } else if (ei->cache_info.published_on > sd->published_on) {
4694 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4695 r = -1;
4696 goto err;
4697 }
4698
4699 if (!digest_matches) {
4700 if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
4701 goto err; /* Digest doesn't match declared value. */
4702 }
4703
4704 return 0;
4705 err:
4706 if (digest_matches) {
4707 /* This signature was okay, and the digest was right: This is indeed the
4708 * corresponding extrainfo. But insanely, it doesn't match the routerinfo
4709 * that lists it. Don't try to fetch this one again. */
4710 sd->extrainfo_is_bogus = 1;
4711 }
4712
4713 return r;
4714 }
4715
4716 /** Assert that the internal representation of <b>rl</b> is
4717 * self-consistent. */
4718 void
4719 routerlist_assert_ok(routerlist_t *rl)
4720 {
4721 routerinfo_t *r2;
4722 signed_descriptor_t *sd2;
4723 if (!rl)
4724 return;
4725 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
4726 {
4727 r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
4728 tor_assert(r == r2);
4729 sd2 = sdmap_get(rl->desc_digest_map,
4730 r->cache_info.signed_descriptor_digest);
4731 tor_assert(&(r->cache_info) == sd2);
4732 tor_assert(r->cache_info.routerlist_index == r_sl_idx);
4733 /* XXXX
4734 *
4735 * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
4736 * commenting this out is just a band-aid.
4737 *
4738 * The problem is that, although well-behaved router descriptors
4739 * should never have the same value for their extra_info_digest, it's
4740 * possible for ill-behaved routers to claim whatever they like there.
4741 *
4742 * The real answer is to trash desc_by_eid_map and instead have
4743 * something that indicates for a given extra-info digest we want,
4744 * what its download status is. We'll do that as a part of routerlist
4745 * refactoring once consensus directories are in. For now,
4746 * this rep violation is probably harmless: an adversary can make us
4747 * reset our retry count for an extrainfo, but that's not the end
4748 * of the world. Changing the representation in 0.2.0.x would just
4749 * destabilize the codebase.
4750 if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
4751 signed_descriptor_t *sd3 =
4752 sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
4753 tor_assert(sd3 == &(r->cache_info));
4754 }
4755 */
4756 });
4757 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
4758 {
4759 r2 = rimap_get(rl->identity_map, sd->identity_digest);
4760 tor_assert(sd != &(r2->cache_info));
4761 sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
4762 tor_assert(sd == sd2);
4763 tor_assert(sd->routerlist_index == sd_sl_idx);
4764 /* XXXX see above.
4765 if (!tor_digest_is_zero(sd->extra_info_digest)) {
4766 signed_descriptor_t *sd3 =
4767 sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
4768 tor_assert(sd3 == sd);
4769 }
4770 */
4771 });
4772
4773 RIMAP_FOREACH(rl->identity_map, d, r) {
4774 tor_assert(!memcmp(r->cache_info.identity_digest, d, DIGEST_LEN));
4775 } DIGESTMAP_FOREACH_END;
4776 SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
4777 tor_assert(!memcmp(sd->signed_descriptor_digest, d, DIGEST_LEN));
4778 } DIGESTMAP_FOREACH_END;
4779 SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
4780 tor_assert(!tor_digest_is_zero(d));
4781 tor_assert(sd);
4782 tor_assert(!memcmp(sd->extra_info_digest, d, DIGEST_LEN));
4783 } DIGESTMAP_FOREACH_END;
4784 EIMAP_FOREACH(rl->extra_info_map, d, ei) {
4785 signed_descriptor_t *sd;
4786 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4787 d, DIGEST_LEN));
4788 sd = sdmap_get(rl->desc_by_eid_map,
4789 ei->cache_info.signed_descriptor_digest);
4790 // tor_assert(sd); // XXXX see above
4791 if (sd) {
4792 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4793 sd->extra_info_digest, DIGEST_LEN));
4794 }
4795 } DIGESTMAP_FOREACH_END;
4796 }
4797
4798 /** Allocate and return a new string representing the contact info
4799 * and platform string for <b>router</b>,
4800 * surrounded by quotes and using standard C escapes.
4801 *
4802 * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
4803 * thread. Also, each call invalidates the last-returned value, so don't
4804 * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
4805 *
4806 * If <b>router</b> is NULL, it just frees its internal memory and returns.
4807 */
4808 const char *
4809 esc_router_info(routerinfo_t *router)
4810 {
4811 static char *info=NULL;
4812 char *esc_contact, *esc_platform;
4813 size_t len;
4814 if (info)
4815 tor_free(info);
4816 if (!router)
4817 return NULL; /* we're exiting; just free the memory we use */
4818
4819 esc_contact = esc_for_log(router->contact_info);
4820 esc_platform = esc_for_log(router->platform);
4821
4822 len = strlen(esc_contact)+strlen(esc_platform)+32;
4823 info = tor_malloc(len);
4824 tor_snprintf(info, len, "Contact %s, Platform %s", esc_contact,
4825 esc_platform);
4826 tor_free(esc_contact);
4827 tor_free(esc_platform);
4828
4829 return info;
4830 }
4831
4832 /** Helper for sorting: compare two routerinfos by their identity
4833 * digest. */
4834 static int
4835 _compare_routerinfo_by_id_digest(const void **a, const void **b)
4836 {
4837 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
4838 return memcmp(first->cache_info.identity_digest,
4839 second->cache_info.identity_digest,
4840 DIGEST_LEN);
4841 }
4842
4843 /** Sort a list of routerinfo_t in ascending order of identity digest. */
4844 void
4845 routers_sort_by_identity(smartlist_t *routers)
4846 {
4847 smartlist_sort(routers, _compare_routerinfo_by_id_digest);
4848 }
4849
4850 /** A routerset specifies constraints on a set of possible routerinfos, based
4851 * on their names, identities, or addresses. It is optimized for determining
4852 * whether a router is a member or not, in O(1+P) time, where P is the number
4853 * of address policy constraints. */
4854 struct routerset_t {
4855 /** A list of strings for the elements of the policy. Each string is either
4856 * a nickname, a hexadecimal identity fingerprint, or an address policy. A
4857 * router belongs to the set if its nickname OR its identity OR its address
4858 * matches an entry here. */
4859 smartlist_t *list;
4860 /** A map from lowercase nicknames of routers in the set to (void*)1 */
4861 strmap_t *names;
4862 /** A map from identity digests routers in the set to (void*)1 */
4863 digestmap_t *digests;
4864 /** An address policy for routers in the set. For implementation reasons,
4865 * a router belongs to the set if it is _rejected_ by this policy. */
4866 smartlist_t *policies;
4867
4868 /** A human-readable description of what this routerset is for. Used in
4869 * log messages. */
4870 char *description;
4871
4872 /** A list of the country codes in this set. */
4873 smartlist_t *country_names;
4874 /** Total number of countries we knew about when we built <b>countries</b>.*/
4875 int n_countries;
4876 /** Bit array mapping the return value of geoip_get_country() to 1 iff the
4877 * country is a member of this routerset. Note that we MUST call
4878 * routerset_refresh_countries() whenever the geoip country list is
4879 * reloaded. */
4880 bitarray_t *countries;
4881 };
4882
4883 /** Return a new empty routerset. */
4884 routerset_t *
4885 routerset_new(void)
4886 {
4887 routerset_t *result = tor_malloc_zero(sizeof(routerset_t));
4888 result->list = smartlist_create();
4889 result->names = strmap_new();
4890 result->digests = digestmap_new();
4891 result->policies = smartlist_create();
4892 result->country_names = smartlist_create();
4893 return result;
4894 }
4895
4896 /** If <b>c</b> is a country code in the form {cc}, return a newly allocated
4897 * string holding the "cc" part. Else, return NULL. */
4898 static char *
4899 routerset_get_countryname(const char *c)
4900 {
4901 char *country;
4902
4903 if (strlen(c) < 4 || c[0] !='{' || c[3] !='}')
4904 return NULL;
4905
4906 country = tor_strndup(c+1, 2);
4907 tor_strlower(country);
4908 return country;
4909 }
4910
4911 #if 0
4912 /** Add the GeoIP database's integer index (+1) of a valid two-character
4913 * country code to the routerset's <b>countries</b> bitarray. Return the
4914 * integer index if the country code is valid, -1 otherwise.*/
4915 static int
4916 routerset_add_country(const char *c)
4917 {
4918 char country[3];
4919 country_t cc;
4920
4921 /* XXXX: Country codes must be of the form \{[a-z\?]{2}\} but this accepts
4922 \{[.]{2}\}. Do we need to be strict? -RH */
4923 /* Nope; if the country code is bad, we'll get 0 when we look it up. */
4924
4925 if (!geoip_is_loaded()) {
4926 log(LOG_WARN, LD_CONFIG, "GeoIP database not loaded: Cannot add country"
4927 "entry %s, ignoring.", c);
4928 return -1;
4929 }
4930
4931 memcpy(country, c+1, 2);
4932 country[2] = '\0';
4933 tor_strlower(country);
4934
4935 if ((cc=geoip_get_country(country))==-1) {
4936 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not valid, ignoring.",
4937 country);
4938 }
4939 return cc;
4940 }
4941 #endif
4942
4943 /** Update the routerset's <b>countries</b> bitarray_t. Called whenever
4944 * the GeoIP database is reloaded.
4945 */
4946 void
4947 routerset_refresh_countries(routerset_t *target)
4948 {
4949 int cc;
4950 if (target->countries) {
4951 bitarray_free(target->countries);
4952 }
4953 if (!geoip_is_loaded()) {
4954 target->countries = NULL;
4955 target->n_countries = 0;
4956 return;
4957 }
4958 target->n_countries = geoip_get_n_countries();
4959 target->countries = bitarray_init_zero(target->n_countries);
4960 SMARTLIST_FOREACH_BEGIN(target->country_names, const char *, country) {
4961 cc = geoip_get_country(country);
4962 if (cc >= 0) {
4963 tor_assert(cc < target->n_countries);
4964 bitarray_set(target->countries, cc);
4965 } else {
4966 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not recognized.",
4967 country);
4968 }
4969 } SMARTLIST_FOREACH_END(country);
4970 }
4971
4972 /** Parse the string <b>s</b> to create a set of routerset entries, and add
4973 * them to <b>target</b>. In log messages, refer to the string as
4974 * <b>description</b>. Return 0 on success, -1 on failure.
4975 *
4976 * Three kinds of elements are allowed in routersets: nicknames, IP address
4977 * patterns, and fingerprints. They may be surrounded by optional space, and
4978 * must be separated by commas.
4979 */
4980 int
4981 routerset_parse(routerset_t *target, const char *s, const char *description)
4982 {
4983 int r = 0;
4984 int added_countries = 0;
4985 char *countryname;
4986 smartlist_t *list = smartlist_create();
4987 smartlist_split_string(list, s, ",",
4988 SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
4989 SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
4990 addr_policy_t *p;
4991 if (is_legal_hexdigest(nick)) {
4992 char d[DIGEST_LEN];
4993 if (*nick == '$')
4994 ++nick;
4995 log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
4996 base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
4997 digestmap_set(target->digests, d, (void*)1);
4998 } else if (is_legal_nickname(nick)) {
4999 log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
5000 strmap_set_lc(target->names, nick, (void*)1);
5001 } else if ((countryname = routerset_get_countryname(nick)) != NULL) {
5002 log_debug(LD_CONFIG, "Adding country %s to %s", nick,
5003 description);
5004 smartlist_add(target->country_names, countryname);
5005 added_countries = 1;
5006 } else if ((strchr(nick,'.') || strchr(nick, '*')) &&
5007 (p = router_parse_addr_policy_item_from_string(
5008 nick, ADDR_POLICY_REJECT))) {
5009 log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
5010 smartlist_add(target->policies, p);
5011 } else {
5012 log_warn(LD_CONFIG, "Entry '%s' in %s is misformed.", nick,
5013 description);
5014 r = -1;
5015 tor_free(nick);
5016 SMARTLIST_DEL_CURRENT(list, nick);
5017 }
5018 } SMARTLIST_FOREACH_END(nick);
5019 smartlist_add_all(target->list, list);
5020 smartlist_free(list);
5021 if (added_countries)
5022 routerset_refresh_countries(target);
5023 return r;
5024 }
5025
5026 /** DOCDOC */
5027 void
5028 refresh_all_country_info(void)
5029 {
5030 or_options_t *options = get_options();
5031
5032 if (options->EntryNodes)
5033 routerset_refresh_countries(options->EntryNodes);
5034 if (options->ExitNodes)
5035 routerset_refresh_countries(options->ExitNodes);
5036 if (options->ExcludeNodes)
5037 routerset_refresh_countries(options->ExcludeNodes);
5038 if (options->ExcludeExitNodes)
5039 routerset_refresh_countries(options->ExcludeExitNodes);
5040 if (options->_ExcludeExitNodesUnion)
5041 routerset_refresh_countries(options->_ExcludeExitNodesUnion);
5042
5043 routerlist_refresh_countries();
5044 }
5045
5046 /** Add all members of the set <b>source</b> to <b>target</b>. */
5047 void
5048 routerset_union(routerset_t *target, const routerset_t *source)
5049 {
5050 char *s;
5051 tor_assert(target);
5052 if (!source || !source->list)
5053 return;
5054 s = routerset_to_string(source);
5055 routerset_parse(target, s, "other routerset");
5056 tor_free(s);
5057 }
5058
5059 /** Return true iff <b>set</b> lists only nicknames and digests, and includes
5060 * no IP ranges or countries. */
5061 int
5062 routerset_is_list(const routerset_t *set)
5063 {
5064 return smartlist_len(set->country_names) == 0 &&
5065 smartlist_len(set->policies) == 0;
5066 }
5067
5068 /** Return true iff we need a GeoIP IP-to-country database to make sense of
5069 * <b>set</b>. */
5070 int
5071 routerset_needs_geoip(const routerset_t *set)
5072 {
5073 return set && smartlist_len(set->country_names);
5074 }
5075
5076 /** Return true iff there are no entries in <b>set</b>. */
5077 static int
5078 routerset_is_empty(const routerset_t *set)
5079 {
5080 return !set || smartlist_len(set->list) == 0;
5081 }
5082
5083 /** Helper. Return true iff <b>set</b> contains a router based on the other
5084 * provided fields. Return higher values for more specific subentries: a
5085 * single router is more specific than an address range of routers, which is
5086 * more specific in turn than a country code.
5087 *
5088 * (If country is -1, then we take the country
5089 * from addr.) */
5090 static int
5091 routerset_contains(const routerset_t *set, const tor_addr_t *addr,
5092 uint16_t orport,
5093 const char *nickname, const char *id_digest, int is_named,
5094 country_t country)
5095 {
5096 if (!set || !set->list) return 0;
5097 (void) is_named; /* not supported */
5098 if (nickname && strmap_get_lc(set->names, nickname))
5099 return 4;
5100 if (id_digest && digestmap_get(set->digests, id_digest))
5101 return 4;
5102 if (addr && compare_tor_addr_to_addr_policy(addr, orport, set->policies)
5103 == ADDR_POLICY_REJECTED)
5104 return 3;
5105 if (set->countries) {
5106 if (country < 0 && addr)
5107 country = geoip_get_country_by_ip(tor_addr_to_ipv4h(addr));
5108
5109 if (country >= 0 && country < set->n_countries &&
5110 bitarray_is_set(set->countries, country))
5111 return 2;
5112 }
5113 return 0;
5114 }
5115
5116 /** Return true iff we can tell that <b>ei</b> is a member of <b>set</b>. */
5117 int
5118 routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
5119 {
5120 return routerset_contains(set,
5121 &ei->addr,
5122 ei->port,
5123 ei->nickname,
5124 ei->identity_digest,
5125 -1, /*is_named*/
5126 -1 /*country*/);
5127 }
5128
5129 /** Return true iff <b>ri</b> is in <b>set</b>. */
5130 int
5131 routerset_contains_router(const routerset_t *set, routerinfo_t *ri)
5132 {
5133 tor_addr_t addr;
5134 tor_addr_from_ipv4h(&addr, ri->addr);
5135 return routerset_contains(set,
5136 &addr,
5137 ri->or_port,
5138 ri->nickname,
5139 ri->cache_info.identity_digest,
5140 ri->is_named,
5141 ri->country);
5142 }
5143
5144 /** Return true iff <b>rs</b> is in <b>set</b>. */
5145 int
5146 routerset_contains_routerstatus(const routerset_t *set, routerstatus_t *rs)
5147 {
5148 tor_addr_t addr;
5149 tor_addr_from_ipv4h(&addr, rs->addr);
5150 return routerset_contains(set,
5151 &addr,
5152 rs->or_port,
5153 rs->nickname,
5154 rs->identity_digest,
5155 rs->is_named,
5156 -1);
5157 }
5158
5159 /** Add every known routerinfo_t that is a member of <b>routerset</b> to
5160 * <b>out</b>. If <b>running_only</b>, only add the running ones. */
5161 void
5162 routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
5163 int running_only)
5164 {
5165 tor_assert(out);
5166 if (!routerset || !routerset->list)
5167 return;
5168 if (!warned_nicknames)
5169 warned_nicknames = smartlist_create();
5170 if (routerset_is_list(routerset)) {
5171
5172 /* No routers are specified by type; all are given by name or digest.
5173 * we can do a lookup in O(len(list)). */
5174 SMARTLIST_FOREACH(routerset->list, const char *, name, {
5175 routerinfo_t *router = router_get_by_nickname(name, 1);
5176 if (router) {
5177 if (!running_only || router->is_running)
5178 smartlist_add(out, router);
5179 }
5180 });
5181 } else {
5182 /* We need to iterate over the routerlist to get all the ones of the
5183 * right kind. */
5184 routerlist_t *rl = router_get_routerlist();
5185 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
5186 if (running_only && !router->is_running)
5187 continue;
5188 if (routerset_contains_router(routerset, router))
5189 smartlist_add(out, router);
5190 });
5191 }
5192 }
5193
5194 /** Add to <b>target</b> every routerinfo_t from <b>source</b> that is in
5195 * <b>include</b>, but not excluded in a more specific fashion by
5196 * <b>exclude</b>. If <b>running_only</b>, only include running routers.
5197 */
5198 void
5199 routersets_get_disjunction(smartlist_t *target,
5200 const smartlist_t *source,
5201 const routerset_t *include,
5202 const routerset_t *exclude, int running_only)
5203 {
5204 SMARTLIST_FOREACH(source, routerinfo_t *, router, {
5205 int include_result;
5206 if (running_only && !router->is_running)
5207 continue;
5208 if (!routerset_is_empty(include))
5209 include_result = routerset_contains_router(include, router);
5210 else
5211 include_result = 1;
5212
5213 if (include_result) {
5214 int exclude_result = routerset_contains_router(exclude, router);
5215 if (include_result >= exclude_result)
5216 smartlist_add(target, router);
5217 }
5218 });
5219 }
5220
5221 /** Remove every routerinfo_t from <b>lst</b> that is in <b>routerset</b>. */
5222 void
5223 routerset_subtract_routers(smartlist_t *lst, const routerset_t *routerset)
5224 {
5225 tor_assert(lst);
5226 if (!routerset)
5227 return;
5228 SMARTLIST_FOREACH(lst, routerinfo_t *, r, {
5229 if (routerset_contains_router(routerset, r)) {
5230 //log_debug(LD_DIR, "Subtracting %s",r->nickname);
5231 SMARTLIST_DEL_CURRENT(lst, r);
5232 }
5233 });
5234 }
5235
5236 /** Return a new string that when parsed by routerset_parse_string() will
5237 * yield <b>set</b>. */
5238 char *
5239 routerset_to_string(const routerset_t *set)
5240 {
5241 if (!set || !set->list)
5242 return tor_strdup("");
5243 return smartlist_join_strings(set->list, ",", 0, NULL);
5244 }
5245
5246 /** Helper: return true iff old and new are both NULL, or both non-NULL
5247 * equal routersets. */
5248 int
5249 routerset_equal(const routerset_t *old, const routerset_t *new)
5250 {
5251 if (old == NULL && new == NULL)
5252 return 1;
5253 else if (old == NULL || new == NULL)
5254 return 0;
5255
5256 if (smartlist_len(old->list) != smartlist_len(new->list))
5257 return 0;
5258
5259 SMARTLIST_FOREACH(old->list, const char *, cp1, {
5260 const char *cp2 = smartlist_get(new->list, cp1_sl_idx);
5261 if (strcmp(cp1, cp2))
5262 return 0;
5263 });
5264
5265 return 1;
5266
5267 #if 0
5268 /* XXXX: This won't work if the names/digests are identical but in a
5269 different order. Checking for exact equality would be heavy going,
5270 is it worth it? -RH*/
5271 /* This code is totally bogus; sizeof doesn't work even remotely like this
5272 * code seems to think. Let's revert to a string-based comparison for
5273 * now. -NM*/
5274 if (sizeof(old->names) != sizeof(new->names))
5275 return 0;
5276
5277 if (memcmp(old->names,new->names,sizeof(new->names)))
5278 return 0;
5279 if (sizeof(old->digests) != sizeof(new->digests))
5280 return 0;
5281 if (memcmp(old->digests,new->digests,sizeof(new->digests)))
5282 return 0;
5283 if (sizeof(old->countries) != sizeof(new->countries))
5284 return 0;
5285 if (memcmp(old->countries,new->countries,sizeof(new->countries)))
5286 return 0;
5287 return 1;
5288 #endif
5289 }
5290
5291 /** Free all storage held in <b>routerset</b>. */
5292 void
5293 routerset_free(routerset_t *routerset)
5294 {
5295 SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
5296 smartlist_free(routerset->list);
5297 SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
5298 addr_policy_free(p));
5299 smartlist_free(routerset->policies);
5300 SMARTLIST_FOREACH(routerset->country_names, char *, cp, tor_free(cp));
5301 smartlist_free(routerset->country_names);
5302
5303 strmap_free(routerset->names, NULL);
5304 digestmap_free(routerset->digests, NULL);
5305 if (routerset->countries)
5306 bitarray_free(routerset->countries);
5307 tor_free(routerset);
5308 }
5309
5310 /** Refresh the country code of <b>ri</b>. This function MUST be called on
5311 * each router when the GeoIP database is reloaded, and on all new routers. */
5312 void
5313 routerinfo_set_country(routerinfo_t *ri)
5314 {
5315 ri->country = geoip_get_country_by_ip(ri->addr);
5316 }
5317
5318 /** Set the country code of all routers in the routerlist. */
5319 void
5320 routerlist_refresh_countries(void)
5321 {
5322 routerlist_t *rl = router_get_routerlist();
5323 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
5324 routerinfo_set_country(ri));
5325 }
5326
5327 /** Determine the routers that are responsible for <b>id</b> (binary) and
5328 * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
5329 * Return -1 if we're returning an empty smartlist, else return 0.
5330 */
5331 int
5332 hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
5333 const char *id)
5334 {
5335 int start, found, n_added = 0, i;
5336 networkstatus_t *c = networkstatus_get_latest_consensus();
5337 int use_begindir = get_options()->TunnelDirConns;
5338 if (!c || !smartlist_len(c->routerstatus_list)) {
5339 log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
5340 "rendezvous operations.");
5341 return -1;
5342 }
5343 tor_assert(id);
5344 start = networkstatus_vote_find_entry_idx(c, id, &found);
5345 if (start == smartlist_len(c->routerstatus_list)) start = 0;
5346 i = start;
5347 do {
5348 routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
5349 if (r->is_hs_dir) {
5350 if (r->dir_port || use_begindir)
5351 smartlist_add(responsible_dirs, r);
5352 else
5353 log_info(LD_REND, "Not adding router '%s' to list of responsible "
5354 "hidden service directories, because we have no way of "
5355 "reaching it.", r->nickname);
5356 if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
5357 break;
5358 }
5359 if (++i == smartlist_len(c->routerstatus_list))
5360 i = 0;
5361 } while (i != start);
5362
5363 /* Even though we don't have the desired number of hidden service
5364 * directories, be happy if we got any. */
5365 return smartlist_len(responsible_dirs) ? 0 : -1;
5366 }
5367
5368 /** Return true if this node is currently acting as hidden service
5369 * directory, false otherwise. */
5370 int
5371 hid_serv_acting_as_directory(void)
5372 {
5373 routerinfo_t *me = router_get_my_routerinfo();
5374 networkstatus_t *c;
5375 routerstatus_t *rs;
5376 if (!me)
5377 return 0;
5378 if (!get_options()->HidServDirectoryV2) {
5379 log_info(LD_REND, "We are not acting as hidden service directory, "
5380 "because we have not been configured as such.");
5381 return 0;
5382 }
5383 if (!(c = networkstatus_get_latest_consensus())) {
5384 log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden "
5385 "service directory");
5386 return 0;
5387 }
5388 rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest);
5389 if (!rs) {
5390 log_info(LD_REND, "We're not listed in the consensus, so we're not "
5391 "being a hidden service directory.");
5392 return 0;
5393 }
5394 if (!rs->is_hs_dir) {
5395 log_info(LD_REND, "We're not listed as a hidden service directory in "
5396 "the consensus, so we won't be one.");
5397 return 0;
5398 }
5399 return 1;
5400 }
5401
5402 /** Return true if this node is responsible for storing the descriptor ID
5403 * in <b>query</b> and false otherwise. */
5404 int
5405 hid_serv_responsible_for_desc_id(const char *query)
5406 {
5407 routerinfo_t *me;
5408 routerstatus_t *last_rs;
5409 const char *my_id, *last_id;
5410 int result;
5411 smartlist_t *responsible;
5412 if (!hid_serv_acting_as_directory())
5413 return 0;
5414 if (!(me = router_get_my_routerinfo()))
5415 return 0; /* This is redundant, but let's be paranoid. */
5416 my_id = me->cache_info.identity_digest;
5417 responsible = smartlist_create();
5418 if (hid_serv_get_responsible_directories(responsible, query) < 0) {
5419 smartlist_free(responsible);
5420 return 0;
5421 }
5422 last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
5423 last_id = last_rs->identity_digest;
5424 result = rend_id_is_in_interval(my_id, query, last_id);
5425 smartlist_free(responsible);
5426 return result;
5427 }
5428