search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix valgrind error when marking a descriptor as never-downloadable.
[tor/rransom.git] / src / or / routerlist.c
blobde38e354e0d4c52a6edb1c7011cc2a85fe1a0c96
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2009, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file routerlist.c
9 * \brief Code to
10 * maintain and access the global list of routerinfos for known
11 * servers.
12 **/
13
14 #include "or.h"
15
16 // #define DEBUG_ROUTERLIST
17
18 /****************************************************************************/
19
20 /* static function prototypes */
21 static routerstatus_t *router_pick_directory_server_impl(
22 authority_type_t auth, int flags);
23 static routerstatus_t *router_pick_trusteddirserver_impl(
24 authority_type_t auth, int flags, int *n_busy_out);
25 static void mark_all_trusteddirservers_up(void);
26 static int router_nickname_matches(routerinfo_t *router, const char *nickname);
27 static void trusted_dir_server_free(trusted_dir_server_t *ds);
28 static void launch_router_descriptor_downloads(smartlist_t *downloadable,
29 time_t now);
30 static void update_consensus_router_descriptor_downloads(time_t now);
31 static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
32 static void update_router_have_minimum_dir_info(void);
33 static const char *signed_descriptor_get_body_impl(signed_descriptor_t *desc,
34 int with_annotations);
35 static void list_pending_downloads(digestmap_t *result,
36 int purpose, const char *prefix);
37
38 DECLARE_TYPED_DIGESTMAP_FNS(sdmap_, digest_sd_map_t, signed_descriptor_t)
39 DECLARE_TYPED_DIGESTMAP_FNS(rimap_, digest_ri_map_t, routerinfo_t)
40 DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
41 #define SDMAP_FOREACH(map, keyvar, valvar) \
42 DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
43 valvar)
44 #define RIMAP_FOREACH(map, keyvar, valvar) \
45 DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
46 #define EIMAP_FOREACH(map, keyvar, valvar) \
47 DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
48
49 /****************************************************************************/
50
51 /** Global list of a trusted_dir_server_t object for each trusted directory
52 * server. */
53 static smartlist_t *trusted_dir_servers = NULL;
54
55 /** List of for a given authority, and download status for latest certificate.
56 */
57 typedef struct cert_list_t {
58 download_status_t dl_status;
59 smartlist_t *certs;
60 } cert_list_t;
61 /** Map from v3 identity key digest to cert_list_t. */
62 static digestmap_t *trusted_dir_certs = NULL;
63 /** True iff any key certificate in at least one member of
64 * <b>trusted_dir_certs</b> has changed since we last flushed the
65 * certificates to disk. */
66 static int trusted_dir_servers_certs_changed = 0;
67
68 /** Global list of all of the routers that we know about. */
69 static routerlist_t *routerlist = NULL;
70
71 /** List of strings for nicknames we've already warned about and that are
72 * still unknown / unavailable. */
73 static smartlist_t *warned_nicknames = NULL;
74
75 /** The last time we tried to download any routerdesc, or 0 for "never". We
76 * use this to rate-limit download attempts when the number of routerdescs to
77 * download is low. */
78 static time_t last_routerdesc_download_attempted = 0;
79
80 /** When we last computed the weights to use for bandwidths on directory
81 * requests, what were the total weighted bandwidth, and our share of that
82 * bandwidth? Used to determine what fraction of directory requests we should
83 * expect to see. */
84 static uint64_t sl_last_total_weighted_bw = 0,
85 sl_last_weighted_bw_of_me = 0;
86
87 /** Return the number of directory authorities whose type matches some bit set
88 * in <b>type</b> */
89 int
90 get_n_authorities(authority_type_t type)
91 {
92 int n = 0;
93 if (!trusted_dir_servers)
94 return 0;
95 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
96 if (ds->type & type)
97 ++n);
98 return n;
99 }
100
101 #define get_n_v2_authorities() get_n_authorities(V2_AUTHORITY)
102
103 /** Helper: Return the cert_list_t for an authority whose authority ID is
104 * <b>id_digest</b>, allocating a new list if necessary. */
105 static cert_list_t *
106 get_cert_list(const char *id_digest)
107 {
108 cert_list_t *cl;
109 if (!trusted_dir_certs)
110 trusted_dir_certs = digestmap_new();
111 cl = digestmap_get(trusted_dir_certs, id_digest);
112 if (!cl) {
113 cl = tor_malloc_zero(sizeof(cert_list_t));
114 cl->dl_status.schedule = DL_SCHED_CONSENSUS;
115 cl->certs = smartlist_create();
116 digestmap_set(trusted_dir_certs, id_digest, cl);
117 }
118 return cl;
119 }
120
121 /** Reload the cached v3 key certificates from the cached-certs file in
122 * the data directory. Return 0 on success, -1 on failure. */
123 int
124 trusted_dirs_reload_certs(void)
125 {
126 char *filename;
127 char *contents;
128 int r;
129
130 filename = get_datadir_fname("cached-certs");
131 contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
132 tor_free(filename);
133 if (!contents)
134 return 0;
135 r = trusted_dirs_load_certs_from_string(contents, 1, 1);
136 tor_free(contents);
137 return r;
138 }
139
140 /** Helper: return true iff we already have loaded the exact cert
141 * <b>cert</b>. */
142 static INLINE int
143 already_have_cert(authority_cert_t *cert)
144 {
145 cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
146
147 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
148 {
149 if (!memcmp(c->cache_info.signed_descriptor_digest,
150 cert->cache_info.signed_descriptor_digest,
151 DIGEST_LEN))
152 return 1;
153 });
154 return 0;
155 }
156
157 /** Load a bunch of new key certificates from the string <b>contents</b>. If
158 * <b>from_store</b> is true, the certificates are from the cache, and we
159 * don't need to flush them to disk. If <b>from_store</b> is false, we need
160 * to flush any changed certificates to disk. Return 0 on success, -1 on
161 * failure. */
162 int
163 trusted_dirs_load_certs_from_string(const char *contents, int from_store,
164 int flush)
165 {
166 trusted_dir_server_t *ds;
167 const char *s, *eos;
168
169 for (s = contents; *s; s = eos) {
170 authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
171 cert_list_t *cl;
172 if (!cert)
173 break;
174 ds = trusteddirserver_get_by_v3_auth_digest(
175 cert->cache_info.identity_digest);
176 log_debug(LD_DIR, "Parsed certificate for %s",
177 ds ? ds->nickname : "unknown authority");
178
179 if (already_have_cert(cert)) {
180 /* we already have this one. continue. */
181 log_info(LD_DIR, "Skipping %s certificate for %s that we "
182 "already have.",
183 from_store ? "cached" : "downloaded",
184 ds ? ds->nickname : "??");
185
186 /* a duplicate on a download should be treated as a failure, since it
187 * probably means we wanted a different secret key or we are trying to
188 * replace an expired cert that has not in fact been updated. */
189 if (!from_store) {
190 log_warn(LD_DIR, "Got a certificate for %s that we already have. "
191 "Maybe they haven't updated it. Waiting for a while.",
192 ds ? ds->nickname : "??");
193 authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
194 }
195
196 authority_cert_free(cert);
197 continue;
198 }
199
200 if (ds) {
201 log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
202 "signing key %s", from_store ? "cached" : "downloaded",
203 ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
204 } else {
205 int adding = directory_caches_dir_info(get_options());
206 log_info(LD_DIR, "%s %s certificate for unrecognized directory "
207 "authority with signing key %s",
208 adding ? "Adding" : "Not adding",
209 from_store ? "cached" : "downloaded",
210 hex_str(cert->signing_key_digest,DIGEST_LEN));
211 if (!adding) {
212 authority_cert_free(cert);
213 continue;
214 }
215 }
216
217 cl = get_cert_list(cert->cache_info.identity_digest);
218 smartlist_add(cl->certs, cert);
219 if (ds && cert->cache_info.published_on > ds->addr_current_at) {
220 /* Check to see whether we should update our view of the authority's
221 * address. */
222 if (cert->addr && cert->dir_port &&
223 (ds->addr != cert->addr ||
224 ds->dir_port != cert->dir_port)) {
225 char *a = tor_dup_ip(cert->addr);
226 log_notice(LD_DIR, "Updating address for directory authority %s "
227 "from %s:%d to %s:%d based on in certificate.",
228 ds->nickname, ds->address, (int)ds->dir_port,
229 a, cert->dir_port);
230 tor_free(a);
231 ds->addr = cert->addr;
232 ds->dir_port = cert->dir_port;
233 }
234 ds->addr_current_at = cert->cache_info.published_on;
235 }
236
237 if (!from_store)
238 trusted_dir_servers_certs_changed = 1;
239 }
240
241 if (flush)
242 trusted_dirs_flush_certs_to_disk();
243
244 networkstatus_note_certs_arrived();
245 return 0;
246 }
247
248 /** Save all v3 key certificates to the cached-certs file. */
249 void
250 trusted_dirs_flush_certs_to_disk(void)
251 {
252 char *filename;
253 smartlist_t *chunks;
254
255 if (!trusted_dir_servers_certs_changed || !trusted_dir_certs)
256 return;
257
258 chunks = smartlist_create();
259 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
260 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
261 {
262 sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
263 c->bytes = cert->cache_info.signed_descriptor_body;
264 c->len = cert->cache_info.signed_descriptor_len;
265 smartlist_add(chunks, c);
266 });
267 } DIGESTMAP_FOREACH_END;
268
269 filename = get_datadir_fname("cached-certs");
270 if (write_chunks_to_file(filename, chunks, 0)) {
271 log_warn(LD_FS, "Error writing certificates to disk.");
272 }
273 tor_free(filename);
274 SMARTLIST_FOREACH(chunks, sized_chunk_t *, c, tor_free(c));
275 smartlist_free(chunks);
276
277 trusted_dir_servers_certs_changed = 0;
278 }
279
280 /** Remove all v3 authority certificates that have been superseded for more
281 * than 48 hours. (If the most recent cert was published more than 48 hours
282 * ago, then we aren't going to get any consensuses signed with older
283 * keys.) */
284 static void
285 trusted_dirs_remove_old_certs(void)
286 {
287 time_t now = time(NULL);
288 #define DEAD_CERT_LIFETIME (2*24*60*60)
289 #define OLD_CERT_LIFETIME (7*24*60*60)
290 if (!trusted_dir_certs)
291 return;
292
293 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
294 authority_cert_t *newest = NULL;
295 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
296 if (!newest || (cert->cache_info.published_on >
297 newest->cache_info.published_on))
298 newest = cert);
299 if (newest) {
300 const time_t newest_published = newest->cache_info.published_on;
301 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
302 int expired;
303 time_t cert_published;
304 if (newest == cert)
305 continue;
306 expired = ftime_definitely_after(now, cert->expires);
307 cert_published = cert->cache_info.published_on;
308 /* Store expired certs for 48 hours after a newer arrives;
309 */
310 if (expired ?
311 (newest_published + DEAD_CERT_LIFETIME < now) :
312 (cert_published + OLD_CERT_LIFETIME < newest_published)) {
313 SMARTLIST_DEL_CURRENT(cl->certs, cert);
314 authority_cert_free(cert);
315 trusted_dir_servers_certs_changed = 1;
316 }
317 } SMARTLIST_FOREACH_END(cert);
318 }
319 } DIGESTMAP_FOREACH_END;
320 #undef OLD_CERT_LIFETIME
321
322 trusted_dirs_flush_certs_to_disk();
323 }
324
325 /** Return the newest v3 authority certificate whose v3 authority identity key
326 * has digest <b>id_digest</b>. Return NULL if no such authority is known,
327 * or it has no certificate. */
328 authority_cert_t *
329 authority_cert_get_newest_by_id(const char *id_digest)
330 {
331 cert_list_t *cl;
332 authority_cert_t *best = NULL;
333 if (!trusted_dir_certs ||
334 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
335 return NULL;
336
337 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
338 {
339 if (!best || cert->cache_info.published_on > best->cache_info.published_on)
340 best = cert;
341 });
342 return best;
343 }
344
345 /** Return the newest v3 authority certificate whose directory signing key has
346 * digest <b>sk_digest</b>. Return NULL if no such certificate is known.
347 */
348 authority_cert_t *
349 authority_cert_get_by_sk_digest(const char *sk_digest)
350 {
351 authority_cert_t *c;
352 if (!trusted_dir_certs)
353 return NULL;
354
355 if ((c = get_my_v3_authority_cert()) &&
356 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
357 return c;
358 if ((c = get_my_v3_legacy_cert()) &&
359 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
360 return c;
361
362 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
363 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
364 {
365 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
366 return cert;
367 });
368 } DIGESTMAP_FOREACH_END;
369 return NULL;
370 }
371
372 /** Return the v3 authority certificate with signing key matching
373 * <b>sk_digest</b>, for the authority with identity digest <b>id_digest</b>.
374 * Return NULL if no such authority is known. */
375 authority_cert_t *
376 authority_cert_get_by_digests(const char *id_digest,
377 const char *sk_digest)
378 {
379 cert_list_t *cl;
380 if (!trusted_dir_certs ||
381 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
382 return NULL;
383 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
384 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
385 return cert; );
386
387 return NULL;
388 }
389
390 /** Add every known authority_cert_t to <b>certs_out</b>. */
391 void
392 authority_cert_get_all(smartlist_t *certs_out)
393 {
394 tor_assert(certs_out);
395 if (!trusted_dir_certs)
396 return;
397
398 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
399 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
400 smartlist_add(certs_out, c));
401 } DIGESTMAP_FOREACH_END;
402 }
403
404 /** Called when an attempt to download a certificate with the authority with
405 * ID <b>id_digest</b> fails with HTTP response code <b>status</b>: remember
406 * the failure, so we don't try again immediately. */
407 void
408 authority_cert_dl_failed(const char *id_digest, int status)
409 {
410 cert_list_t *cl;
411 if (!trusted_dir_certs ||
412 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
413 return;
414
415 download_status_failed(&cl->dl_status, status);
416 }
417
418 /** How many times will we try to fetch a certificate before giving up? */
419 #define MAX_CERT_DL_FAILURES 8
420
421 /** Try to download any v3 authority certificates that we may be missing. If
422 * <b>status</b> is provided, try to get all the ones that were used to sign
423 * <b>status</b>. Additionally, try to have a non-expired certificate for
424 * every V3 authority in trusted_dir_servers. Don't fetch certificates we
425 * already have.
426 **/
427 void
428 authority_certs_fetch_missing(networkstatus_t *status, time_t now)
429 {
430 digestmap_t *pending;
431 authority_cert_t *cert;
432 smartlist_t *missing_digests;
433 char *resource = NULL;
434 cert_list_t *cl;
435 const int cache = directory_caches_dir_info(get_options());
436
437 if (should_delay_dir_fetches(get_options()))
438 return;
439
440 pending = digestmap_new();
441 missing_digests = smartlist_create();
442
443 list_pending_downloads(pending, DIR_PURPOSE_FETCH_CERTIFICATE, "fp/");
444 if (status) {
445 SMARTLIST_FOREACH(status->voters, networkstatus_voter_info_t *, voter,
446 {
447 if (tor_digest_is_zero(voter->signing_key_digest))
448 continue; /* This authority never signed this consensus, so don't
449 * go looking for a cert with key digest 0000000000. */
450 if (!cache &&
451 !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
452 continue; /* We are not a cache, and we don't know this authority.*/
453 cl = get_cert_list(voter->identity_digest);
454 cert = authority_cert_get_by_digests(voter->identity_digest,
455 voter->signing_key_digest);
456 if (cert) {
457 if (now < cert->expires)
458 download_status_reset(&cl->dl_status);
459 continue;
460 }
461 if (download_status_is_ready(&cl->dl_status, now,
462 MAX_CERT_DL_FAILURES) &&
463 !digestmap_get(pending, voter->identity_digest)) {
464 log_notice(LD_DIR, "We're missing a certificate from authority "
465 "with signing key %s: launching request.",
466 hex_str(voter->signing_key_digest, DIGEST_LEN));
467 smartlist_add(missing_digests, voter->identity_digest);
468 }
469 });
470 }
471 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
472 {
473 int found = 0;
474 if (!(ds->type & V3_AUTHORITY))
475 continue;
476 if (smartlist_digest_isin(missing_digests, ds->v3_identity_digest))
477 continue;
478 cl = get_cert_list(ds->v3_identity_digest);
479 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
480 {
481 if (!ftime_definitely_after(now, cert->expires)) {
482 /* It's not expired, and we weren't looking for something to
483 * verify a consensus with. Call it done. */
484 download_status_reset(&cl->dl_status);
485 found = 1;
486 break;
487 }
488 });
489 if (!found &&
490 download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
491 !digestmap_get(pending, ds->v3_identity_digest)) {
492 log_notice(LD_DIR, "No current certificate known for authority %s; "
493 "launching request.", ds->nickname);
494 smartlist_add(missing_digests, ds->v3_identity_digest);
495 }
496 });
497
498 if (!smartlist_len(missing_digests)) {
499 goto done;
500 } else {
501 smartlist_t *fps = smartlist_create();
502 smartlist_add(fps, tor_strdup("fp/"));
503 SMARTLIST_FOREACH(missing_digests, const char *, d, {
504 char *fp;
505 if (digestmap_get(pending, d))
506 continue;
507 fp = tor_malloc(HEX_DIGEST_LEN+2);
508 base16_encode(fp, HEX_DIGEST_LEN+1, d, DIGEST_LEN);
509 fp[HEX_DIGEST_LEN] = '+';
510 fp[HEX_DIGEST_LEN+1] = '\0';
511 smartlist_add(fps, fp);
512 });
513 if (smartlist_len(fps) == 1) {
514 /* we didn't add any: they were all pending */
515 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
516 smartlist_free(fps);
517 goto done;
518 }
519 resource = smartlist_join_strings(fps, "", 0, NULL);
520 resource[strlen(resource)-1] = '\0';
521 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
522 smartlist_free(fps);
523 }
524 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
525 resource, PDS_RETRY_IF_NO_SERVERS);
526
527 done:
528 tor_free(resource);
529 smartlist_free(missing_digests);
530 digestmap_free(pending, NULL);
531 }
532
533 /* Router descriptor storage.
534 *
535 * Routerdescs are stored in a big file, named "cached-descriptors". As new
536 * routerdescs arrive, we append them to a journal file named
537 * "cached-descriptors.new".
538 *
539 * From time to time, we replace "cached-descriptors" with a new file
540 * containing only the live, non-superseded descriptors, and clear
541 * cached-routers.new.
542 *
543 * On startup, we read both files.
544 */
545
546 /** Helper: return 1 iff the router log is so big we want to rebuild the
547 * store. */
548 static int
549 router_should_rebuild_store(desc_store_t *store)
550 {
551 if (store->store_len > (1<<16))
552 return (store->journal_len > store->store_len / 2 ||
553 store->bytes_dropped > store->store_len / 2);
554 else
555 return store->journal_len > (1<<15);
556 }
557
558 /** Return the desc_store_t in <b>rl</b> that should be used to store
559 * <b>sd</b>. */
560 static INLINE desc_store_t *
561 desc_get_store(routerlist_t *rl, signed_descriptor_t *sd)
562 {
563 if (sd->is_extrainfo)
564 return &rl->extrainfo_store;
565 else
566 return &rl->desc_store;
567 }
568
569 /** Add the signed_descriptor_t in <b>desc</b> to the router
570 * journal; change its saved_location to SAVED_IN_JOURNAL and set its
571 * offset appropriately. */
572 static int
573 signed_desc_append_to_journal(signed_descriptor_t *desc,
574 desc_store_t *store)
575 {
576 char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
577 const char *body = signed_descriptor_get_body_impl(desc,1);
578 size_t len = desc->signed_descriptor_len + desc->annotations_len;
579
580 tor_assert(len == strlen(body));
581
582 if (append_bytes_to_file(fname, body, len, 1)) {
583 log_warn(LD_FS, "Unable to store router descriptor");
584 tor_free(fname);
585 return -1;
586 }
587 desc->saved_location = SAVED_IN_JOURNAL;
588 tor_free(fname);
589
590 desc->saved_offset = store->journal_len;
591 store->journal_len += len;
592
593 return 0;
594 }
595
596 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
597 * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
598 * the signed_descriptor_t* in *<b>b</b>. */
599 static int
600 _compare_signed_descriptors_by_age(const void **_a, const void **_b)
601 {
602 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
603 return (int)(r1->published_on - r2->published_on);
604 }
605
606 #define RRS_FORCE 1
607 #define RRS_DONT_REMOVE_OLD 2
608
609 /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
610 * <b>flags</b>, then atomically replace the saved router store with the
611 * routers currently in our routerlist, and clear the journal. Unless
612 * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
613 * rebuilding the store. Return 0 on success, -1 on failure.
614 */
615 static int
616 router_rebuild_store(int flags, desc_store_t *store)
617 {
618 smartlist_t *chunk_list = NULL;
619 char *fname = NULL, *fname_tmp = NULL;
620 int r = -1;
621 off_t offset = 0;
622 smartlist_t *signed_descriptors = NULL;
623 int nocache=0;
624 size_t total_expected_len = 0;
625 int had_any;
626 int force = flags & RRS_FORCE;
627
628 if (!force && !router_should_rebuild_store(store)) {
629 r = 0;
630 goto done;
631 }
632 if (!routerlist) {
633 r = 0;
634 goto done;
635 }
636
637 if (store->type == EXTRAINFO_STORE)
638 had_any = !eimap_isempty(routerlist->extra_info_map);
639 else
640 had_any = (smartlist_len(routerlist->routers)+
641 smartlist_len(routerlist->old_routers))>0;
642
643 /* Don't save deadweight. */
644 if (!(flags & RRS_DONT_REMOVE_OLD))
645 routerlist_remove_old_routers();
646
647 log_info(LD_DIR, "Rebuilding %s cache", store->description);
648
649 fname = get_datadir_fname(store->fname_base);
650 fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
651
652 chunk_list = smartlist_create();
653
654 /* We sort the routers by age to enhance locality on disk. */
655 signed_descriptors = smartlist_create();
656 if (store->type == EXTRAINFO_STORE) {
657 eimap_iter_t *iter;
658 for (iter = eimap_iter_init(routerlist->extra_info_map);
659 !eimap_iter_done(iter);
660 iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
661 const char *key;
662 extrainfo_t *ei;
663 eimap_iter_get(iter, &key, &ei);
664 smartlist_add(signed_descriptors, &ei->cache_info);
665 }
666 } else {
667 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
668 smartlist_add(signed_descriptors, sd));
669 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
670 smartlist_add(signed_descriptors, &ri->cache_info));
671 }
672
673 smartlist_sort(signed_descriptors, _compare_signed_descriptors_by_age);
674
675 /* Now, add the appropriate members to chunk_list */
676 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
677 {
678 sized_chunk_t *c;
679 const char *body = signed_descriptor_get_body_impl(sd, 1);
680 if (!body) {
681 log_warn(LD_BUG, "No descriptor available for router.");
682 goto done;
683 }
684 if (sd->do_not_cache) {
685 ++nocache;
686 continue;
687 }
688 c = tor_malloc(sizeof(sized_chunk_t));
689 c->bytes = body;
690 c->len = sd->signed_descriptor_len + sd->annotations_len;
691 total_expected_len += c->len;
692 smartlist_add(chunk_list, c);
693 });
694
695 if (write_chunks_to_file(fname_tmp, chunk_list, 1)<0) {
696 log_warn(LD_FS, "Error writing router store to disk.");
697 goto done;
698 }
699
700 /* Our mmap is now invalid. */
701 if (store->mmap) {
702 tor_munmap_file(store->mmap);
703 store->mmap = NULL;
704 }
705
706 if (replace_file(fname_tmp, fname)<0) {
707 log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
708 goto done;
709 }
710
711 errno = 0;
712 store->mmap = tor_mmap_file(fname);
713 if (! store->mmap) {
714 if (errno == ERANGE) {
715 /* empty store.*/
716 if (total_expected_len) {
717 log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
718 " but when we went to mmap it, it was empty!", fname);
719 } else if (had_any) {
720 log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
721 "okay if we're just starting up after a long time. "
722 "Otherwise, it's a bug.", fname);
723 }
724 } else {
725 log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
726 }
727 }
728
729 log_info(LD_DIR, "Reconstructing pointers into cache");
730
731 offset = 0;
732 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
733 {
734 if (sd->do_not_cache)
735 continue;
736 sd->saved_location = SAVED_IN_CACHE;
737 if (store->mmap) {
738 tor_free(sd->signed_descriptor_body); // sets it to null
739 sd->saved_offset = offset;
740 }
741 offset += sd->signed_descriptor_len + sd->annotations_len;
742 signed_descriptor_get_body(sd); /* reconstruct and assert */
743 });
744
745 tor_free(fname);
746 fname = get_datadir_fname_suffix(store->fname_base, ".new");
747 write_str_to_file(fname, "", 1);
748
749 r = 0;
750 store->store_len = (size_t) offset;
751 store->journal_len = 0;
752 store->bytes_dropped = 0;
753 done:
754 if (signed_descriptors)
755 smartlist_free(signed_descriptors);
756 tor_free(fname);
757 tor_free(fname_tmp);
758 if (chunk_list) {
759 SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
760 smartlist_free(chunk_list);
761 }
762
763 return r;
764 }
765
766 /** Helper: Reload a cache file and its associated journal, setting metadata
767 * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
768 * else reload the router descriptor store. */
769 static int
770 router_reload_router_list_impl(desc_store_t *store)
771 {
772 char *fname = NULL, *altname = NULL, *contents = NULL;
773 struct stat st;
774 int read_from_old_location = 0;
775 int extrainfo = (store->type == EXTRAINFO_STORE);
776 time_t now = time(NULL);
777 store->journal_len = store->store_len = 0;
778
779 fname = get_datadir_fname(store->fname_base);
780 if (store->fname_alt_base)
781 altname = get_datadir_fname(store->fname_alt_base);
782
783 if (store->mmap) /* get rid of it first */
784 tor_munmap_file(store->mmap);
785 store->mmap = NULL;
786
787 store->mmap = tor_mmap_file(fname);
788 if (!store->mmap && altname && file_status(altname) == FN_FILE) {
789 read_from_old_location = 1;
790 log_notice(LD_DIR, "Couldn't read %s; trying to load routers from old "
791 "location %s.", fname, altname);
792 if ((store->mmap = tor_mmap_file(altname)))
793 read_from_old_location = 1;
794 }
795 if (altname && !read_from_old_location) {
796 remove_file_if_very_old(altname, now);
797 }
798 if (store->mmap) {
799 store->store_len = store->mmap->size;
800 if (extrainfo)
801 router_load_extrainfo_from_string(store->mmap->data,
802 store->mmap->data+store->mmap->size,
803 SAVED_IN_CACHE, NULL, 0);
804 else
805 router_load_routers_from_string(store->mmap->data,
806 store->mmap->data+store->mmap->size,
807 SAVED_IN_CACHE, NULL, 0, NULL);
808 }
809
810 tor_free(fname);
811 fname = get_datadir_fname_suffix(store->fname_base, ".new");
812 if (file_status(fname) == FN_FILE)
813 contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
814 if (read_from_old_location) {
815 tor_free(altname);
816 altname = get_datadir_fname_suffix(store->fname_alt_base, ".new");
817 if (!contents)
818 contents = read_file_to_str(altname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
819 else
820 remove_file_if_very_old(altname, now);
821 }
822 if (contents) {
823 if (extrainfo)
824 router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
825 NULL, 0);
826 else
827 router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
828 NULL, 0, NULL);
829 store->journal_len = (size_t) st.st_size;
830 tor_free(contents);
831 }
832
833 tor_free(fname);
834 tor_free(altname);
835
836 if (store->journal_len || read_from_old_location) {
837 /* Always clear the journal on startup.*/
838 router_rebuild_store(RRS_FORCE, store);
839 } else if (!extrainfo) {
840 /* Don't cache expired routers. (This is in an else because
841 * router_rebuild_store() also calls remove_old_routers().) */
842 routerlist_remove_old_routers();
843 }
844
845 return 0;
846 }
847
848 /** Load all cached router descriptors and extra-info documents from the
849 * store. Return 0 on success and -1 on failure.
850 */
851 int
852 router_reload_router_list(void)
853 {
854 routerlist_t *rl = router_get_routerlist();
855 if (router_reload_router_list_impl(&rl->desc_store))
856 return -1;
857 if (router_reload_router_list_impl(&rl->extrainfo_store))
858 return -1;
859 return 0;
860 }
861
862 /** Return a smartlist containing a list of trusted_dir_server_t * for all
863 * known trusted dirservers. Callers must not modify the list or its
864 * contents.
865 */
866 smartlist_t *
867 router_get_trusted_dir_servers(void)
868 {
869 if (!trusted_dir_servers)
870 trusted_dir_servers = smartlist_create();
871
872 return trusted_dir_servers;
873 }
874
875 /** Try to find a running dirserver that supports operations of <b>type</b>.
876 *
877 * If there are no running dirservers in our routerlist and the
878 * <b>PDS_RETRY_IF_NO_SERVERS</b> flag is set, set all the authoritative ones
879 * as running again, and pick one.
880 *
881 * If the <b>PDS_IGNORE_FASCISTFIREWALL</b> flag is set, then include
882 * dirservers that we can't reach.
883 *
884 * If the <b>PDS_ALLOW_SELF</b> flag is not set, then don't include ourself
885 * (if we're a dirserver).
886 *
887 * Don't pick an authority if any non-authority is viable; try to avoid using
888 * servers that have returned 503 recently.
889 */
890 routerstatus_t *
891 router_pick_directory_server(authority_type_t type, int flags)
892 {
893 routerstatus_t *choice;
894 if (get_options()->PreferTunneledDirConns)
895 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
896
897 if (!routerlist)
898 return NULL;
899
900 choice = router_pick_directory_server_impl(type, flags);
901 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
902 return choice;
903
904 log_info(LD_DIR,
905 "No reachable router entries for dirservers. "
906 "Trying them all again.");
907 /* mark all authdirservers as up again */
908 mark_all_trusteddirservers_up();
909 /* try again */
910 choice = router_pick_directory_server_impl(type, flags);
911 return choice;
912 }
913
914 /** Try to determine which fraction of v2 and v3 directory requsts aimed at
915 * caches will be sent to us. Set *<b>v2_share_out</b> and
916 * *<b>v3_share_out</b> to the fractions of v2 and v3 protocol shares we
917 * expect to see, respectively. Return 0 on success, negative on failue. */
918 int
919 router_get_my_share_of_directory_requests(double *v2_share_out,
920 double *v3_share_out)
921 {
922 routerinfo_t *me = router_get_my_routerinfo();
923 routerstatus_t *rs;
924 const int pds_flags = PDS_ALLOW_SELF|PDS_IGNORE_FASCISTFIREWALL;
925 *v2_share_out = *v3_share_out = 0.0;
926 if (!me)
927 return -1;
928 rs = router_get_consensus_status_by_id(me->cache_info.identity_digest);
929 if (!rs)
930 return -1;
931
932 /* Calling for side effect */
933 /* XXXX This is a bit of a kludge */
934 if (rs->is_v2_dir) {
935 sl_last_total_weighted_bw = 0;
936 router_pick_directory_server(V2_AUTHORITY, pds_flags);
937 if (sl_last_total_weighted_bw != 0) {
938 *v2_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
939 U64_TO_DBL(sl_last_total_weighted_bw);
940 }
941 }
942
943 if (rs->version_supports_v3_dir) {
944 sl_last_total_weighted_bw = 0;
945 router_pick_directory_server(V3_AUTHORITY, pds_flags);
946 if (sl_last_total_weighted_bw != 0) {
947 *v3_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
948 U64_TO_DBL(sl_last_total_weighted_bw);
949 }
950 }
951
952 return 0;
953 }
954
955 /** Return the trusted_dir_server_t for the directory authority whose identity
956 * key hashes to <b>digest</b>, or NULL if no such authority is known.
957 */
958 trusted_dir_server_t *
959 router_get_trusteddirserver_by_digest(const char *digest)
960 {
961 if (!trusted_dir_servers)
962 return NULL;
963
964 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
965 {
966 if (!memcmp(ds->digest, digest, DIGEST_LEN))
967 return ds;
968 });
969
970 return NULL;
971 }
972
973 /** Return the trusted_dir_server_t for the directory authority whose identity
974 * key hashes to <b>digest</b>, or NULL if no such authority is known.
975 */
976 trusted_dir_server_t *
977 trusteddirserver_get_by_v3_auth_digest(const char *digest)
978 {
979 if (!trusted_dir_servers)
980 return NULL;
981
982 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
983 {
984 if (!memcmp(ds->v3_identity_digest, digest, DIGEST_LEN) &&
985 (ds->type & V3_AUTHORITY))
986 return ds;
987 });
988
989 return NULL;
990 }
991
992 /** Try to find a running trusted dirserver. Flags are as for
993 * router_pick_directory_server.
994 */
995 routerstatus_t *
996 router_pick_trusteddirserver(authority_type_t type, int flags)
997 {
998 routerstatus_t *choice;
999 int busy = 0;
1000 if (get_options()->PreferTunneledDirConns)
1001 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
1002
1003 choice = router_pick_trusteddirserver_impl(type, flags, &busy);
1004 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1005 return choice;
1006 if (busy) {
1007 /* If the reason that we got no server is that servers are "busy",
1008 * we must be excluding good servers because we already have serverdesc
1009 * fetches with them. Do not mark down servers up because of this. */
1010 tor_assert((flags & PDS_NO_EXISTING_SERVERDESC_FETCH));
1011 return NULL;
1012 }
1013
1014 log_info(LD_DIR,
1015 "No trusted dirservers are reachable. Trying them all again.");
1016 mark_all_trusteddirservers_up();
1017 return router_pick_trusteddirserver_impl(type, flags, NULL);
1018 }
1019
1020 /** How long do we avoid using a directory server after it's given us a 503? */
1021 #define DIR_503_TIMEOUT (60*60)
1022
1023 /** Pick a random running valid directory server/mirror from our
1024 * routerlist. Arguments are as for router_pick_directory_server(), except
1025 * that RETRY_IF_NO_SERVERS is ignored, and:
1026 *
1027 * If the _PDS_PREFER_TUNNELED_DIR_CONNS flag is set, prefer directory servers
1028 * that we can use with BEGINDIR.
1029 */
1030 static routerstatus_t *
1031 router_pick_directory_server_impl(authority_type_t type, int flags)
1032 {
1033 routerstatus_t *result;
1034 smartlist_t *direct, *tunnel;
1035 smartlist_t *trusted_direct, *trusted_tunnel;
1036 smartlist_t *overloaded_direct, *overloaded_tunnel;
1037 time_t now = time(NULL);
1038 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1039 int requireother = ! (flags & PDS_ALLOW_SELF);
1040 int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1041 int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1042
1043 if (!consensus)
1044 return NULL;
1045
1046 direct = smartlist_create();
1047 tunnel = smartlist_create();
1048 trusted_direct = smartlist_create();
1049 trusted_tunnel = smartlist_create();
1050 overloaded_direct = smartlist_create();
1051 overloaded_tunnel = smartlist_create();
1052
1053 /* Find all the running dirservers we know about. */
1054 SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, routerstatus_t *,
1055 status) {
1056 int is_trusted;
1057 int is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now;
1058 tor_addr_t addr;
1059 if (!status->is_running || !status->dir_port || !status->is_valid)
1060 continue;
1061 if (status->is_bad_directory)
1062 continue;
1063 if (requireother && router_digest_is_me(status->identity_digest))
1064 continue;
1065 if (type & V3_AUTHORITY) {
1066 if (!(status->version_supports_v3_dir ||
1067 router_digest_is_trusted_dir_type(status->identity_digest,
1068 V3_AUTHORITY)))
1069 continue;
1070 }
1071 is_trusted = router_digest_is_trusted_dir(status->identity_digest);
1072 if ((type & V2_AUTHORITY) && !(status->is_v2_dir || is_trusted))
1073 continue;
1074 if ((type & EXTRAINFO_CACHE) &&
1075 !router_supports_extrainfo(status->identity_digest, 0))
1076 continue;
1077
1078 /* XXXX IP6 proposal 118 */
1079 tor_addr_from_ipv4h(&addr, status->addr);
1080
1081 if (prefer_tunnel &&
1082 status->version_supports_begindir &&
1083 (!fascistfirewall ||
1084 fascist_firewall_allows_address_or(&addr, status->or_port)))
1085 smartlist_add(is_trusted ? trusted_tunnel :
1086 is_overloaded ? overloaded_tunnel : tunnel, status);
1087 else if (!fascistfirewall ||
1088 fascist_firewall_allows_address_dir(&addr, status->dir_port))
1089 smartlist_add(is_trusted ? trusted_direct :
1090 is_overloaded ? overloaded_direct : direct, status);
1091 } SMARTLIST_FOREACH_END(status);
1092
1093 if (smartlist_len(tunnel)) {
1094 result = routerstatus_sl_choose_by_bandwidth(tunnel);
1095 } else if (smartlist_len(overloaded_tunnel)) {
1096 result = routerstatus_sl_choose_by_bandwidth(overloaded_tunnel);
1097 } else if (smartlist_len(trusted_tunnel)) {
1098 /* FFFF We don't distinguish between trusteds and overloaded trusteds
1099 * yet. Maybe one day we should. */
1100 /* FFFF We also don't load balance over authorities yet. I think this
1101 * is a feature, but it could easily be a bug. -RD */
1102 result = smartlist_choose(trusted_tunnel);
1103 } else if (smartlist_len(direct)) {
1104 result = routerstatus_sl_choose_by_bandwidth(direct);
1105 } else if (smartlist_len(overloaded_direct)) {
1106 result = routerstatus_sl_choose_by_bandwidth(overloaded_direct);
1107 } else {
1108 result = smartlist_choose(trusted_direct);
1109 }
1110 smartlist_free(direct);
1111 smartlist_free(tunnel);
1112 smartlist_free(trusted_direct);
1113 smartlist_free(trusted_tunnel);
1114 smartlist_free(overloaded_direct);
1115 smartlist_free(overloaded_tunnel);
1116 return result;
1117 }
1118
1119 /** Choose randomly from among the trusted dirservers that are up. Flags
1120 * are as for router_pick_directory_server_impl().
1121 */
1122 static routerstatus_t *
1123 router_pick_trusteddirserver_impl(authority_type_t type, int flags,
1124 int *n_busy_out)
1125 {
1126 smartlist_t *direct, *tunnel;
1127 smartlist_t *overloaded_direct, *overloaded_tunnel;
1128 routerinfo_t *me = router_get_my_routerinfo();
1129 routerstatus_t *result;
1130 time_t now = time(NULL);
1131 const int requireother = ! (flags & PDS_ALLOW_SELF);
1132 const int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1133 const int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1134 const int no_serverdesc_fetching =(flags & PDS_NO_EXISTING_SERVERDESC_FETCH);
1135 int n_busy = 0;
1136
1137 if (!trusted_dir_servers)
1138 return NULL;
1139
1140 direct = smartlist_create();
1141 tunnel = smartlist_create();
1142 overloaded_direct = smartlist_create();
1143 overloaded_tunnel = smartlist_create();
1144
1145 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, d)
1146 {
1147 int is_overloaded =
1148 d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now;
1149 tor_addr_t addr;
1150 if (!d->is_running) continue;
1151 if ((type & d->type) == 0)
1152 continue;
1153 if ((type & EXTRAINFO_CACHE) &&
1154 !router_supports_extrainfo(d->digest, 1))
1155 continue;
1156 if (requireother && me && router_digest_is_me(d->digest))
1157 continue;
1158
1159 /* XXXX IP6 proposal 118 */
1160 tor_addr_from_ipv4h(&addr, d->addr);
1161
1162 if (no_serverdesc_fetching) {
1163 if (connection_get_by_type_addr_port_purpose(
1164 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)
1165 || connection_get_by_type_addr_port_purpose(
1166 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_EXTRAINFO)) {
1167 //log_debug(LD_DIR, "We have an existing connection to fetch "
1168 // "descriptor from %s; delaying",d->description);
1169 ++n_busy;
1170 continue;
1171 }
1172 }
1173
1174 if (prefer_tunnel &&
1175 d->or_port &&
1176 (!fascistfirewall ||
1177 fascist_firewall_allows_address_or(&addr, d->or_port)))
1178 smartlist_add(is_overloaded ? overloaded_tunnel : tunnel,
1179 &d->fake_status);
1180 else if (!fascistfirewall ||
1181 fascist_firewall_allows_address_dir(&addr, d->dir_port))
1182 smartlist_add(is_overloaded ? overloaded_direct : direct,
1183 &d->fake_status);
1184 }
1185 SMARTLIST_FOREACH_END(d);
1186
1187 if (smartlist_len(tunnel)) {
1188 result = smartlist_choose(tunnel);
1189 } else if (smartlist_len(overloaded_tunnel)) {
1190 result = smartlist_choose(overloaded_tunnel);
1191 } else if (smartlist_len(direct)) {
1192 result = smartlist_choose(direct);
1193 } else {
1194 result = smartlist_choose(overloaded_direct);
1195 }
1196
1197 if (n_busy_out)
1198 *n_busy_out = n_busy;
1199
1200 smartlist_free(direct);
1201 smartlist_free(tunnel);
1202 smartlist_free(overloaded_direct);
1203 smartlist_free(overloaded_tunnel);
1204 return result;
1205 }
1206
1207 /** Go through and mark the authoritative dirservers as up. */
1208 static void
1209 mark_all_trusteddirservers_up(void)
1210 {
1211 if (routerlist) {
1212 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1213 if (router_digest_is_trusted_dir(router->cache_info.identity_digest) &&
1214 router->dir_port > 0) {
1215 router->is_running = 1;
1216 });
1217 }
1218 if (trusted_dir_servers) {
1219 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
1220 {
1221 routerstatus_t *rs;
1222 dir->is_running = 1;
1223 download_status_reset(&dir->v2_ns_dl_status);
1224 rs = router_get_consensus_status_by_id(dir->digest);
1225 if (rs && !rs->is_running) {
1226 rs->is_running = 1;
1227 rs->last_dir_503_at = 0;
1228 control_event_networkstatus_changed_single(rs);
1229 }
1230 });
1231 }
1232 router_dir_info_changed();
1233 }
1234
1235 /** Reset all internal variables used to count failed downloads of network
1236 * status objects. */
1237 void
1238 router_reset_status_download_failures(void)
1239 {
1240 mark_all_trusteddirservers_up();
1241 }
1242
1243 /** Return true iff router1 and router2 have the same /16 network. */
1244 static INLINE int
1245 routers_in_same_network_family(routerinfo_t *r1, routerinfo_t *r2)
1246 {
1247 return (r1->addr & 0xffff0000) == (r2->addr & 0xffff0000);
1248 }
1249
1250 /** Look through the routerlist and identify routers that
1251 * advertise the same /16 network address as <b>router</b>.
1252 * Add each of them to <b>sl</b>.
1253 */
1254 static void
1255 routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router)
1256 {
1257 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
1258 {
1259 if (router != r && routers_in_same_network_family(router, r))
1260 smartlist_add(sl, r);
1261 });
1262 }
1263
1264 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
1265 * This is used to make sure we don't pick siblings in a single path,
1266 * or pick more than one relay from a family for our entry guard list.
1267 */
1268 void
1269 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
1270 {
1271 routerinfo_t *r;
1272 config_line_t *cl;
1273 or_options_t *options = get_options();
1274
1275 /* First, add any routers with similar network addresses. */
1276 if (options->EnforceDistinctSubnets)
1277 routerlist_add_network_family(sl, router);
1278
1279 if (router->declared_family) {
1280 /* Add every r such that router declares familyness with r, and r
1281 * declares familyhood with router. */
1282 SMARTLIST_FOREACH(router->declared_family, const char *, n,
1283 {
1284 if (!(r = router_get_by_nickname(n, 0)))
1285 continue;
1286 if (!r->declared_family)
1287 continue;
1288 SMARTLIST_FOREACH(r->declared_family, const char *, n2,
1289 {
1290 if (router_nickname_matches(router, n2))
1291 smartlist_add(sl, r);
1292 });
1293 });
1294 }
1295
1296 /* If the user declared any families locally, honor those too. */
1297 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1298 if (router_nickname_is_in_list(router, cl->value)) {
1299 add_nickname_list_to_smartlist(sl, cl->value, 0);
1300 }
1301 }
1302 }
1303
1304 /** Return true iff r is named by some nickname in <b>lst</b>. */
1305 static INLINE int
1306 router_in_nickname_smartlist(smartlist_t *lst, routerinfo_t *r)
1307 {
1308 if (!lst) return 0;
1309 SMARTLIST_FOREACH(lst, const char *, name,
1310 if (router_nickname_matches(r, name))
1311 return 1;);
1312 return 0;
1313 }
1314
1315 /** Return true iff r1 and r2 are in the same family, but not the same
1316 * router. */
1317 int
1318 routers_in_same_family(routerinfo_t *r1, routerinfo_t *r2)
1319 {
1320 or_options_t *options = get_options();
1321 config_line_t *cl;
1322
1323 if (options->EnforceDistinctSubnets && routers_in_same_network_family(r1,r2))
1324 return 1;
1325
1326 if (router_in_nickname_smartlist(r1->declared_family, r2) &&
1327 router_in_nickname_smartlist(r2->declared_family, r1))
1328 return 1;
1329
1330 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1331 if (router_nickname_is_in_list(r1, cl->value) &&
1332 router_nickname_is_in_list(r2, cl->value))
1333 return 1;
1334 }
1335 return 0;
1336 }
1337
1338 /** Given a (possibly NULL) comma-and-whitespace separated list of nicknames,
1339 * see which nicknames in <b>list</b> name routers in our routerlist, and add
1340 * the routerinfos for those routers to <b>sl</b>. If <b>must_be_running</b>,
1341 * only include routers that we think are running.
1342 * Warn if any non-Named routers are specified by nickname.
1343 */
1344 void
1345 add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
1346 int must_be_running)
1347 {
1348 routerinfo_t *router;
1349 smartlist_t *nickname_list;
1350 int have_dir_info = router_have_minimum_dir_info();
1351
1352 if (!list)
1353 return; /* nothing to do */
1354 tor_assert(sl);
1355
1356 nickname_list = smartlist_create();
1357 if (!warned_nicknames)
1358 warned_nicknames = smartlist_create();
1359
1360 smartlist_split_string(nickname_list, list, ",",
1361 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1362
1363 SMARTLIST_FOREACH(nickname_list, const char *, nick, {
1364 int warned;
1365 if (!is_legal_nickname_or_hexdigest(nick)) {
1366 log_warn(LD_CONFIG, "Nickname '%s' is misformed; skipping", nick);
1367 continue;
1368 }
1369 router = router_get_by_nickname(nick, 1);
1370 warned = smartlist_string_isin(warned_nicknames, nick);
1371 if (router) {
1372 if (!must_be_running || router->is_running) {
1373 smartlist_add(sl,router);
1374 }
1375 } else if (!router_get_consensus_status_by_nickname(nick,1)) {
1376 if (!warned) {
1377 log_fn(have_dir_info ? LOG_WARN : LOG_INFO, LD_CONFIG,
1378 "Nickname list includes '%s' which isn't a known router.",nick);
1379 smartlist_add(warned_nicknames, tor_strdup(nick));
1380 }
1381 }
1382 });
1383 SMARTLIST_FOREACH(nickname_list, char *, nick, tor_free(nick));
1384 smartlist_free(nickname_list);
1385 }
1386
1387 /** Return 1 iff any member of the (possibly NULL) comma-separated list
1388 * <b>list</b> is an acceptable nickname or hexdigest for <b>router</b>. Else
1389 * return 0.
1390 */
1391 int
1392 router_nickname_is_in_list(routerinfo_t *router, const char *list)
1393 {
1394 smartlist_t *nickname_list;
1395 int v = 0;
1396
1397 if (!list)
1398 return 0; /* definitely not */
1399 tor_assert(router);
1400
1401 nickname_list = smartlist_create();
1402 smartlist_split_string(nickname_list, list, ",",
1403 SPLIT_SKIP_SPACE|SPLIT_STRIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1404 SMARTLIST_FOREACH(nickname_list, const char *, cp,
1405 if (router_nickname_matches(router, cp)) {v=1;break;});
1406 SMARTLIST_FOREACH(nickname_list, char *, cp, tor_free(cp));
1407 smartlist_free(nickname_list);
1408 return v;
1409 }
1410
1411 /** Add every suitable router from our routerlist to <b>sl</b>, so that
1412 * we can pick a node for a circuit.
1413 */
1414 static void
1415 router_add_running_routers_to_smartlist(smartlist_t *sl, int allow_invalid,
1416 int need_uptime, int need_capacity,
1417 int need_guard)
1418 {
1419 if (!routerlist)
1420 return;
1421
1422 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1423 {
1424 if (router->is_running &&
1425 router->purpose == ROUTER_PURPOSE_GENERAL &&
1426 (router->is_valid || allow_invalid) &&
1427 !router_is_unreliable(router, need_uptime,
1428 need_capacity, need_guard)) {
1429 /* If it's running, and it's suitable according to the
1430 * other flags we had in mind */
1431 smartlist_add(sl, router);
1432 }
1433 });
1434 }
1435
1436 /** Look through the routerlist until we find a router that has my key.
1437 Return it. */
1438 routerinfo_t *
1439 routerlist_find_my_routerinfo(void)
1440 {
1441 if (!routerlist)
1442 return NULL;
1443
1444 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1445 {
1446 if (router_is_me(router))
1447 return router;
1448 });
1449 return NULL;
1450 }
1451
1452 /** Find a router that's up, that has this IP address, and
1453 * that allows exit to this address:port, or return NULL if there
1454 * isn't a good one.
1455 */
1456 routerinfo_t *
1457 router_find_exact_exit_enclave(const char *address, uint16_t port)
1458 {
1459 uint32_t addr;
1460 struct in_addr in;
1461 tor_addr_t a;
1462
1463 if (!tor_inet_aton(address, &in))
1464 return NULL; /* it's not an IP already */
1465 addr = ntohl(in.s_addr);
1466
1467 tor_addr_from_ipv4h(&a, addr);
1468
1469 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1470 {
1471 if (router->addr == addr &&
1472 router->is_running &&
1473 compare_tor_addr_to_addr_policy(&a, port, router->exit_policy) ==
1474 ADDR_POLICY_ACCEPTED)
1475 return router;
1476 });
1477 return NULL;
1478 }
1479
1480 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
1481 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
1482 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
1483 * bandwidth.
1484 * If <b>need_guard</b>, we require that the router is a possible entry guard.
1485 */
1486 int
1487 router_is_unreliable(routerinfo_t *router, int need_uptime,
1488 int need_capacity, int need_guard)
1489 {
1490 if (need_uptime && !router->is_stable)
1491 return 1;
1492 if (need_capacity && !router->is_fast)
1493 return 1;
1494 if (need_guard && !router->is_possible_guard)
1495 return 1;
1496 return 0;
1497 }
1498
1499 /** Return the smaller of the router's configured BandwidthRate
1500 * and its advertised capacity. */
1501 uint32_t
1502 router_get_advertised_bandwidth(routerinfo_t *router)
1503 {
1504 if (router->bandwidthcapacity < router->bandwidthrate)
1505 return router->bandwidthcapacity;
1506 return router->bandwidthrate;
1507 }
1508
1509 /** Do not weight any declared bandwidth more than this much when picking
1510 * routers by bandwidth. */
1511 #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
1512
1513 /** Return the smaller of the router's configured BandwidthRate
1514 * and its advertised capacity, capped by max-believe-bw. */
1515 uint32_t
1516 router_get_advertised_bandwidth_capped(routerinfo_t *router)
1517 {
1518 uint32_t result = router->bandwidthcapacity;
1519 if (result > router->bandwidthrate)
1520 result = router->bandwidthrate;
1521 if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
1522 result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1523 return result;
1524 }
1525
1526 /** Eventually, the number we return will come from the directory
1527 * consensus, so clients can dynamically update to better numbers.
1528 *
1529 * But for now, or in case there is no consensus available, just return
1530 * a sufficient default. */
1531 static uint32_t
1532 get_max_believable_bandwidth(void)
1533 {
1534 return DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1535 }
1536
1537 /** Helper function:
1538 * choose a random element of smartlist <b>sl</b>, weighted by
1539 * the advertised bandwidth of each element.
1540 *
1541 * If <b>statuses</b> is zero, then <b>sl</b> is a list of
1542 * routerinfo_t's. Otherwise it's a list of routerstatus_t's.
1543 *
1544 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
1545 * nodes' bandwidth equally regardless of their Exit status, since there may
1546 * be some in the list because they exit to obscure ports. If
1547 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
1548 * exit-node's bandwidth less depending on the smallness of the fraction of
1549 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
1550 * guard node: consider all guard's bandwidth equally. Otherwise, weight
1551 * guards proportionally less.
1552 */
1553 static void *
1554 smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
1555 int statuses)
1556 {
1557 unsigned int i;
1558 routerinfo_t *router;
1559 routerstatus_t *status=NULL;
1560 int32_t *bandwidths;
1561 int is_exit;
1562 int is_guard;
1563 uint64_t total_nonexit_bw = 0, total_exit_bw = 0, total_bw = 0;
1564 uint64_t total_nonguard_bw = 0, total_guard_bw = 0;
1565 uint64_t rand_bw, tmp;
1566 double exit_weight;
1567 double guard_weight;
1568 int n_unknown = 0;
1569 bitarray_t *exit_bits;
1570 bitarray_t *guard_bits;
1571 uint32_t max_believable_bw = get_max_believable_bandwidth();
1572 int me_idx = -1;
1573
1574 /* Can't choose exit and guard at same time */
1575 tor_assert(rule == NO_WEIGHTING ||
1576 rule == WEIGHT_FOR_EXIT ||
1577 rule == WEIGHT_FOR_GUARD);
1578
1579 /* First count the total bandwidth weight, and make a list
1580 * of each value. <0 means "unknown; no routerinfo." We use the
1581 * bits of negative values to remember whether the router was fast (-x)&1
1582 * and whether it was an exit (-x)&2 or guard (-x)&4. Yes, it's a hack. */
1583 bandwidths = tor_malloc(sizeof(int32_t)*smartlist_len(sl));
1584 exit_bits = bitarray_init_zero(smartlist_len(sl));
1585 guard_bits = bitarray_init_zero(smartlist_len(sl));
1586
1587 /* Iterate over all the routerinfo_t or routerstatus_t, and */
1588 for (i = 0; i < (unsigned)smartlist_len(sl); ++i) {
1589 /* first, learn what bandwidth we think i has */
1590 int is_known = 1;
1591 int32_t flags = 0;
1592 uint32_t this_bw = 0;
1593 if (statuses) {
1594 /* need to extract router info */
1595 status = smartlist_get(sl, i);
1596 if (router_digest_is_me(status->identity_digest))
1597 me_idx = i;
1598 router = router_get_by_digest(status->identity_digest);
1599 is_exit = status->is_exit;
1600 is_guard = status->is_possible_guard;
1601 if (router) {
1602 this_bw = router_get_advertised_bandwidth(router);
1603 } else { /* guess */
1604 is_known = 0;
1605 flags = status->is_fast ? 1 : 0;
1606 flags |= is_exit ? 2 : 0;
1607 flags |= is_guard ? 4 : 0;
1608 }
1609 } else {
1610 router = smartlist_get(sl, i);
1611 if (router_digest_is_me(router->cache_info.identity_digest))
1612 me_idx = i;
1613 is_exit = router->is_exit;
1614 is_guard = router->is_possible_guard;
1615 this_bw = router_get_advertised_bandwidth(router);
1616 }
1617 if (is_exit)
1618 bitarray_set(exit_bits, i);
1619 if (is_guard)
1620 bitarray_set(guard_bits, i);
1621 /* if they claim something huge, don't believe it */
1622 if (this_bw > max_believable_bw) {
1623 char fp[HEX_DIGEST_LEN+1];
1624 base16_encode(fp, sizeof(fp), statuses ?
1625 status->identity_digest :
1626 router->cache_info.identity_digest,
1627 DIGEST_LEN);
1628 log_fn(LOG_PROTOCOL_WARN, LD_DIR,
1629 "Bandwidth %d for router %s (%s) exceeds allowed max %d, capping",
1630 this_bw, router ? router->nickname : "(null)",
1631 fp, max_believable_bw);
1632 this_bw = max_believable_bw;
1633 }
1634 if (is_known) {
1635 bandwidths[i] = (int32_t) this_bw; // safe since MAX_BELIEVABLE<INT32_MAX
1636 if (is_guard)
1637 total_guard_bw += this_bw;
1638 else
1639 total_nonguard_bw += this_bw;
1640 if (is_exit)
1641 total_exit_bw += this_bw;
1642 else
1643 total_nonexit_bw += this_bw;
1644 } else {
1645 ++n_unknown;
1646 bandwidths[i] = -flags;
1647 }
1648 }
1649
1650 /* Now, fill in the unknown values. */
1651 if (n_unknown) {
1652 int32_t avg_fast, avg_slow;
1653 if (total_exit_bw+total_nonexit_bw) {
1654 /* if there's some bandwidth, there's at least one known router,
1655 * so no worries about div by 0 here */
1656 int n_known = smartlist_len(sl)-n_unknown;
1657 avg_fast = avg_slow = (int32_t)
1658 ((total_exit_bw+total_nonexit_bw)/((uint64_t) n_known));
1659 } else {
1660 avg_fast = 40000;
1661 avg_slow = 20000;
1662 }
1663 for (i=0; i<(unsigned)smartlist_len(sl); ++i) {
1664 int32_t bw = bandwidths[i];
1665 if (bw>=0)
1666 continue;
1667 is_exit = ((-bw)&2);
1668 is_guard = ((-bw)&4);
1669 bandwidths[i] = ((-bw)&1) ? avg_fast : avg_slow;
1670 if (is_exit)
1671 total_exit_bw += bandwidths[i];
1672 else
1673 total_nonexit_bw += bandwidths[i];
1674 if (is_guard)
1675 total_guard_bw += bandwidths[i];
1676 else
1677 total_nonguard_bw += bandwidths[i];
1678 }
1679 }
1680
1681 /* If there's no bandwidth at all, pick at random. */
1682 if (!(total_exit_bw+total_nonexit_bw)) {
1683 tor_free(bandwidths);
1684 tor_free(exit_bits);
1685 tor_free(guard_bits);
1686 return smartlist_choose(sl);
1687 }
1688
1689 /* Figure out how to weight exits and guards */
1690 {
1691 double all_bw = U64_TO_DBL(total_exit_bw+total_nonexit_bw);
1692 double exit_bw = U64_TO_DBL(total_exit_bw);
1693 double guard_bw = U64_TO_DBL(total_guard_bw);
1694 /*
1695 * For detailed derivation of this formula, see
1696 * http://archives.seul.org/or/dev/Jul-2007/msg00056.html
1697 */
1698 if (rule == WEIGHT_FOR_EXIT)
1699 exit_weight = 1.0;
1700 else
1701 exit_weight = 1.0 - all_bw/(3.0*exit_bw);
1702
1703 if (rule == WEIGHT_FOR_GUARD)
1704 guard_weight = 1.0;
1705 else
1706 guard_weight = 1.0 - all_bw/(3.0*guard_bw);
1707
1708 if (exit_weight <= 0.0)
1709 exit_weight = 0.0;
1710
1711 if (guard_weight <= 0.0)
1712 guard_weight = 0.0;
1713
1714 total_bw = 0;
1715 sl_last_weighted_bw_of_me = 0;
1716 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1717 uint64_t bw;
1718 is_exit = bitarray_is_set(exit_bits, i);
1719 is_guard = bitarray_is_set(guard_bits, i);
1720 if (is_exit && is_guard)
1721 bw = ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1722 else if (is_guard)
1723 bw = ((uint64_t)(bandwidths[i] * guard_weight));
1724 else if (is_exit)
1725 bw = ((uint64_t)(bandwidths[i] * exit_weight));
1726 else
1727 bw = bandwidths[i];
1728 total_bw += bw;
1729 if (i == (unsigned) me_idx)
1730 sl_last_weighted_bw_of_me = bw;
1731 }
1732 }
1733
1734 /* XXXX022 this is a kludge to expose these values. */
1735 sl_last_total_weighted_bw = total_bw;
1736
1737 log_debug(LD_CIRC, "Total weighted bw = "U64_FORMAT
1738 ", exit bw = "U64_FORMAT
1739 ", nonexit bw = "U64_FORMAT", exit weight = %lf "
1740 "(for exit == %d)"
1741 ", guard bw = "U64_FORMAT
1742 ", nonguard bw = "U64_FORMAT", guard weight = %lf "
1743 "(for guard == %d)",
1744 U64_PRINTF_ARG(total_bw),
1745 U64_PRINTF_ARG(total_exit_bw), U64_PRINTF_ARG(total_nonexit_bw),
1746 exit_weight, (int)(rule == WEIGHT_FOR_EXIT),
1747 U64_PRINTF_ARG(total_guard_bw), U64_PRINTF_ARG(total_nonguard_bw),
1748 guard_weight, (int)(rule == WEIGHT_FOR_GUARD));
1749
1750 /* Almost done: choose a random value from the bandwidth weights. */
1751 rand_bw = crypto_rand_uint64(total_bw);
1752
1753 /* Last, count through sl until we get to the element we picked */
1754 tmp = 0;
1755 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1756 is_exit = bitarray_is_set(exit_bits, i);
1757 is_guard = bitarray_is_set(guard_bits, i);
1758
1759 /* Weights can be 0 if not counting guards/exits */
1760 if (is_exit && is_guard)
1761 tmp += ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1762 else if (is_guard)
1763 tmp += ((uint64_t)(bandwidths[i] * guard_weight));
1764 else if (is_exit)
1765 tmp += ((uint64_t)(bandwidths[i] * exit_weight));
1766 else
1767 tmp += bandwidths[i];
1768
1769 if (tmp >= rand_bw)
1770 break;
1771 }
1772 if (i == (unsigned)smartlist_len(sl)) {
1773 /* This was once possible due to round-off error, but shouldn't be able
1774 * to occur any longer. */
1775 tor_fragile_assert();
1776 --i;
1777 log_warn(LD_BUG, "Round-off error in computing bandwidth had an effect on "
1778 " which router we chose. Please tell the developers. "
1779 U64_FORMAT " " U64_FORMAT " " U64_FORMAT, U64_PRINTF_ARG(tmp),
1780 U64_PRINTF_ARG(rand_bw), U64_PRINTF_ARG(total_bw));
1781 }
1782 tor_free(bandwidths);
1783 tor_free(exit_bits);
1784 tor_free(guard_bits);
1785 return smartlist_get(sl, i);
1786 }
1787
1788 /** Choose a random element of router list <b>sl</b>, weighted by
1789 * the advertised bandwidth of each router.
1790 */
1791 routerinfo_t *
1792 routerlist_sl_choose_by_bandwidth(smartlist_t *sl,
1793 bandwidth_weight_rule_t rule)
1794 {
1795 return smartlist_choose_by_bandwidth(sl, rule, 0);
1796 }
1797
1798 /** Choose a random element of status list <b>sl</b>, weighted by
1799 * the advertised bandwidth of each status.
1800 */
1801 routerstatus_t *
1802 routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
1803 {
1804 /* We are choosing neither exit nor guard here. Weight accordingly. */
1805 return smartlist_choose_by_bandwidth(sl, NO_WEIGHTING, 1);
1806 }
1807
1808 /** Return a random running router from the routerlist. If any node
1809 * named in <b>preferred</b> is available, pick one of those. Never
1810 * pick a node whose routerinfo is in
1811 * <b>excludedsmartlist</b>, or whose routerinfo matches <b>excludedset</b>,
1812 * even if they are the only nodes
1813 * available. If <b>CRN_STRICT_PREFERRED</b> is set in flags, never pick
1814 * any node besides those in <b>preferred</b>.
1815 * If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
1816 * a minimum uptime, return one of those.
1817 * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
1818 * advertised capacity of each router.
1819 * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
1820 * routers.
1821 * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
1822 * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
1823 * picking an exit node, otherwise we weight bandwidths for picking a relay
1824 * node (that is, possibly discounting exit nodes).
1825 */
1826 routerinfo_t *
1827 router_choose_random_node(const char *preferred,
1828 smartlist_t *excludedsmartlist,
1829 routerset_t *excludedset,
1830 router_crn_flags_t flags)
1831 {
1832 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1833 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1834 const int need_guard = (flags & CRN_NEED_GUARD) != 0;
1835 const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
1836 const int strict = (flags & CRN_STRICT_PREFERRED) != 0;
1837 const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
1838
1839 smartlist_t *sl, *excludednodes;
1840 routerinfo_t *choice = NULL, *r;
1841 bandwidth_weight_rule_t rule;
1842
1843 tor_assert(!(weight_for_exit && need_guard));
1844 rule = weight_for_exit ? WEIGHT_FOR_EXIT :
1845 (need_guard ? WEIGHT_FOR_GUARD : NO_WEIGHTING);
1846
1847 excludednodes = smartlist_create();
1848
1849 /* Exclude relays that allow single hop exit circuits, if the user
1850 * wants to (such relays might be risky) */
1851 if (get_options()->ExcludeSingleHopRelays) {
1852 routerlist_t *rl = router_get_routerlist();
1853 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
1854 if (r->allow_single_hop_exits) {
1855 smartlist_add(excludednodes, r);
1856 });
1857 }
1858
1859 if ((r = routerlist_find_my_routerinfo())) {
1860 smartlist_add(excludednodes, r);
1861 routerlist_add_family(excludednodes, r);
1862 }
1863
1864 /* Try the preferred nodes first. Ignore need_uptime and need_capacity
1865 * and need_guard, since the user explicitly asked for these nodes. */
1866 if (preferred) {
1867 sl = smartlist_create();
1868 add_nickname_list_to_smartlist(sl,preferred,1);
1869 smartlist_subtract(sl,excludednodes);
1870 if (excludedsmartlist)
1871 smartlist_subtract(sl,excludedsmartlist);
1872 if (excludedset)
1873 routerset_subtract_routers(sl,excludedset);
1874 choice = smartlist_choose(sl);
1875 smartlist_free(sl);
1876 }
1877 if (!choice && !strict) {
1878 /* Then give up on our preferred choices: any node
1879 * will do that has the required attributes. */
1880 sl = smartlist_create();
1881 router_add_running_routers_to_smartlist(sl, allow_invalid,
1882 need_uptime, need_capacity,
1883 need_guard);
1884 smartlist_subtract(sl,excludednodes);
1885 if (excludedsmartlist)
1886 smartlist_subtract(sl,excludedsmartlist);
1887 if (excludedset)
1888 routerset_subtract_routers(sl,excludedset);
1889
1890 if (need_capacity || need_guard)
1891 choice = routerlist_sl_choose_by_bandwidth(sl, rule);
1892 else
1893 choice = smartlist_choose(sl);
1894
1895 smartlist_free(sl);
1896 if (!choice && (need_uptime || need_capacity || need_guard)) {
1897 /* try once more -- recurse but with fewer restrictions. */
1898 log_info(LD_CIRC,
1899 "We couldn't find any live%s%s%s routers; falling back "
1900 "to list of all routers.",
1901 need_capacity?", fast":"",
1902 need_uptime?", stable":"",
1903 need_guard?", guard":"");
1904 flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
1905 choice = router_choose_random_node(
1906 NULL, excludedsmartlist, excludedset, flags);
1907 }
1908 }
1909 smartlist_free(excludednodes);
1910 if (!choice) {
1911 if (strict) {
1912 log_warn(LD_CIRC, "All preferred nodes were down when trying to choose "
1913 "node, and the Strict[...]Nodes option is set. Failing.");
1914 } else {
1915 log_warn(LD_CIRC,
1916 "No available nodes when trying to choose node. Failing.");
1917 }
1918 }
1919 return choice;
1920 }
1921
1922 /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
1923 * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
1924 * (which is optionally prefixed with a single dollar sign). Return false if
1925 * <b>hexdigest</b> is malformed, or it doesn't match. */
1926 static INLINE int
1927 hex_digest_matches(const char *hexdigest, const char *identity_digest,
1928 const char *nickname, int is_named)
1929 {
1930 char digest[DIGEST_LEN];
1931 size_t len;
1932 tor_assert(hexdigest);
1933 if (hexdigest[0] == '$')
1934 ++hexdigest;
1935
1936 len = strlen(hexdigest);
1937 if (len < HEX_DIGEST_LEN)
1938 return 0;
1939 else if (len > HEX_DIGEST_LEN &&
1940 (hexdigest[HEX_DIGEST_LEN] == '=' ||
1941 hexdigest[HEX_DIGEST_LEN] == '~')) {
1942 if (strcasecmp(hexdigest+HEX_DIGEST_LEN+1, nickname))
1943 return 0;
1944 if (hexdigest[HEX_DIGEST_LEN] == '=' && !is_named)
1945 return 0;
1946 }
1947
1948 if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
1949 return 0;
1950 return (!memcmp(digest, identity_digest, DIGEST_LEN));
1951 }
1952
1953 /** Return true iff the digest of <b>router</b>'s identity key,
1954 * encoded in hexadecimal, matches <b>hexdigest</b> (which is
1955 * optionally prefixed with a single dollar sign). Return false if
1956 * <b>hexdigest</b> is malformed, or it doesn't match. */
1957 static INLINE int
1958 router_hex_digest_matches(routerinfo_t *router, const char *hexdigest)
1959 {
1960 return hex_digest_matches(hexdigest, router->cache_info.identity_digest,
1961 router->nickname, router->is_named);
1962 }
1963
1964 /** Return true if <b>router</b>'s nickname matches <b>nickname</b>
1965 * (case-insensitive), or if <b>router's</b> identity key digest
1966 * matches a hexadecimal value stored in <b>nickname</b>. Return
1967 * false otherwise. */
1968 static int
1969 router_nickname_matches(routerinfo_t *router, const char *nickname)
1970 {
1971 if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
1972 return 1;
1973 return router_hex_digest_matches(router, nickname);
1974 }
1975
1976 /** Return the router in our routerlist whose (case-insensitive)
1977 * nickname or (case-sensitive) hexadecimal key digest is
1978 * <b>nickname</b>. Return NULL if no such router is known.
1979 */
1980 routerinfo_t *
1981 router_get_by_nickname(const char *nickname, int warn_if_unnamed)
1982 {
1983 int maybedigest;
1984 char digest[DIGEST_LEN];
1985 routerinfo_t *best_match=NULL;
1986 int n_matches = 0;
1987 const char *named_digest = NULL;
1988
1989 tor_assert(nickname);
1990 if (!routerlist)
1991 return NULL;
1992 if (nickname[0] == '$')
1993 return router_get_by_hexdigest(nickname);
1994 if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1995 return NULL;
1996 if (server_mode(get_options()) &&
1997 !strcasecmp(nickname, get_options()->Nickname))
1998 return router_get_my_routerinfo();
1999
2000 maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) &&
2001 (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
2002
2003 if ((named_digest = networkstatus_get_router_digest_by_nickname(nickname))) {
2004 return rimap_get(routerlist->identity_map, named_digest);
2005 }
2006 if (networkstatus_nickname_is_unnamed(nickname))
2007 return NULL;
2008
2009 /* If we reach this point, there's no canonical value for the nickname. */
2010
2011 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2012 {
2013 if (!strcasecmp(router->nickname, nickname)) {
2014 ++n_matches;
2015 if (n_matches <= 1 || router->is_running)
2016 best_match = router;
2017 } else if (maybedigest &&
2018 !memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)
2019 ) {
2020 if (router_hex_digest_matches(router, nickname))
2021 return router;
2022 /* If we reach this point, we have a ID=name syntax that matches the
2023 * identity but not the name. That isn't an acceptable match. */
2024 }
2025 });
2026
2027 if (best_match) {
2028 if (warn_if_unnamed && n_matches > 1) {
2029 smartlist_t *fps = smartlist_create();
2030 int any_unwarned = 0;
2031 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2032 {
2033 routerstatus_t *rs;
2034 char *desc;
2035 size_t dlen;
2036 char fp[HEX_DIGEST_LEN+1];
2037 if (strcasecmp(router->nickname, nickname))
2038 continue;
2039 rs = router_get_consensus_status_by_id(
2040 router->cache_info.identity_digest);
2041 if (rs && !rs->name_lookup_warned) {
2042 rs->name_lookup_warned = 1;
2043 any_unwarned = 1;
2044 }
2045 base16_encode(fp, sizeof(fp),
2046 router->cache_info.identity_digest, DIGEST_LEN);
2047 dlen = 32 + HEX_DIGEST_LEN + strlen(router->address);
2048 desc = tor_malloc(dlen);
2049 tor_snprintf(desc, dlen, "\"$%s\" for the one at %s:%d",
2050 fp, router->address, router->or_port);
2051 smartlist_add(fps, desc);
2052 });
2053 if (any_unwarned) {
2054 char *alternatives = smartlist_join_strings(fps, "; ",0,NULL);
2055 log_warn(LD_CONFIG,
2056 "There are multiple matches for the nickname \"%s\","
2057 " but none is listed as named by the directory authorities. "
2058 "Choosing one arbitrarily. If you meant one in particular, "
2059 "you should say %s.", nickname, alternatives);
2060 tor_free(alternatives);
2061 }
2062 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
2063 smartlist_free(fps);
2064 } else if (warn_if_unnamed) {
2065 routerstatus_t *rs = router_get_consensus_status_by_id(
2066 best_match->cache_info.identity_digest);
2067 if (rs && !rs->name_lookup_warned) {
2068 char fp[HEX_DIGEST_LEN+1];
2069 base16_encode(fp, sizeof(fp),
2070 best_match->cache_info.identity_digest, DIGEST_LEN);
2071 log_warn(LD_CONFIG, "You specified a server \"%s\" by name, but this "
2072 "name is not registered, so it could be used by any server, "
2073 "not just the one you meant. "
2074 "To make sure you get the same server in the future, refer to "
2075 "it by key, as \"$%s\".", nickname, fp);
2076 rs->name_lookup_warned = 1;
2077 }
2078 }
2079 return best_match;
2080 }
2081
2082 return NULL;
2083 }
2084
2085 /** Try to find a routerinfo for <b>digest</b>. If we don't have one,
2086 * return 1. If we do, ask tor_version_as_new_as() for the answer.
2087 */
2088 int
2089 router_digest_version_as_new_as(const char *digest, const char *cutoff)
2090 {
2091 routerinfo_t *router = router_get_by_digest(digest);
2092 if (!router)
2093 return 1;
2094 return tor_version_as_new_as(router->platform, cutoff);
2095 }
2096
2097 /** Return true iff <b>digest</b> is the digest of the identity key of a
2098 * trusted directory matching at least one bit of <b>type</b>. If <b>type</b>
2099 * is zero, any authority is okay. */
2100 int
2101 router_digest_is_trusted_dir_type(const char *digest, authority_type_t type)
2102 {
2103 if (!trusted_dir_servers)
2104 return 0;
2105 if (authdir_mode(get_options()) && router_digest_is_me(digest))
2106 return 1;
2107 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2108 if (!memcmp(digest, ent->digest, DIGEST_LEN)) {
2109 return (!type) || ((type & ent->type) != 0);
2110 });
2111 return 0;
2112 }
2113
2114 /** Return true iff <b>addr</b> is the address of one of our trusted
2115 * directory authorities. */
2116 int
2117 router_addr_is_trusted_dir(uint32_t addr)
2118 {
2119 if (!trusted_dir_servers)
2120 return 0;
2121 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2122 if (ent->addr == addr)
2123 return 1;
2124 );
2125 return 0;
2126 }
2127
2128 /** If hexdigest is correctly formed, base16_decode it into
2129 * digest, which must have DIGEST_LEN space in it.
2130 * Return 0 on success, -1 on failure.
2131 */
2132 int
2133 hexdigest_to_digest(const char *hexdigest, char *digest)
2134 {
2135 if (hexdigest[0]=='$')
2136 ++hexdigest;
2137 if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2138 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
2139 return -1;
2140 return 0;
2141 }
2142
2143 /** Return the router in our routerlist whose hexadecimal key digest
2144 * is <b>hexdigest</b>. Return NULL if no such router is known. */
2145 routerinfo_t *
2146 router_get_by_hexdigest(const char *hexdigest)
2147 {
2148 char digest[DIGEST_LEN];
2149 size_t len;
2150 routerinfo_t *ri;
2151
2152 tor_assert(hexdigest);
2153 if (!routerlist)
2154 return NULL;
2155 if (hexdigest[0]=='$')
2156 ++hexdigest;
2157 len = strlen(hexdigest);
2158 if (hexdigest_to_digest(hexdigest, digest) < 0)
2159 return NULL;
2160
2161 ri = router_get_by_digest(digest);
2162
2163 if (ri && len > HEX_DIGEST_LEN) {
2164 if (hexdigest[HEX_DIGEST_LEN] == '=') {
2165 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1) ||
2166 !ri->is_named)
2167 return NULL;
2168 } else if (hexdigest[HEX_DIGEST_LEN] == '~') {
2169 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1))
2170 return NULL;
2171 } else {
2172 return NULL;
2173 }
2174 }
2175
2176 return ri;
2177 }
2178
2179 /** Return the router in our routerlist whose 20-byte key digest
2180 * is <b>digest</b>. Return NULL if no such router is known. */
2181 routerinfo_t *
2182 router_get_by_digest(const char *digest)
2183 {
2184 tor_assert(digest);
2185
2186 if (!routerlist) return NULL;
2187
2188 // routerlist_assert_ok(routerlist);
2189
2190 return rimap_get(routerlist->identity_map, digest);
2191 }
2192
2193 /** Return the router in our routerlist whose 20-byte descriptor
2194 * is <b>digest</b>. Return NULL if no such router is known. */
2195 signed_descriptor_t *
2196 router_get_by_descriptor_digest(const char *digest)
2197 {
2198 tor_assert(digest);
2199
2200 if (!routerlist) return NULL;
2201
2202 return sdmap_get(routerlist->desc_digest_map, digest);
2203 }
2204
2205 /** Return the signed descriptor for the router in our routerlist whose
2206 * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
2207 * is known. */
2208 signed_descriptor_t *
2209 router_get_by_extrainfo_digest(const char *digest)
2210 {
2211 tor_assert(digest);
2212
2213 if (!routerlist) return NULL;
2214
2215 return sdmap_get(routerlist->desc_by_eid_map, digest);
2216 }
2217
2218 /** Return the signed descriptor for the extrainfo_t in our routerlist whose
2219 * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
2220 * document is known. */
2221 signed_descriptor_t *
2222 extrainfo_get_by_descriptor_digest(const char *digest)
2223 {
2224 extrainfo_t *ei;
2225 tor_assert(digest);
2226 if (!routerlist) return NULL;
2227 ei = eimap_get(routerlist->extra_info_map, digest);
2228 return ei ? &ei->cache_info : NULL;
2229 }
2230
2231 /** Return a pointer to the signed textual representation of a descriptor.
2232 * The returned string is not guaranteed to be NUL-terminated: the string's
2233 * length will be in desc-\>signed_descriptor_len.
2234 *
2235 * If <b>with_annotations</b> is set, the returned string will include
2236 * the annotations
2237 * (if any) preceding the descriptor. This will increase the length of the
2238 * string by desc-\>annotations_len.
2239 *
2240 * The caller must not free the string returned.
2241 */
2242 static const char *
2243 signed_descriptor_get_body_impl(signed_descriptor_t *desc,
2244 int with_annotations)
2245 {
2246 const char *r = NULL;
2247 size_t len = desc->signed_descriptor_len;
2248 off_t offset = desc->saved_offset;
2249 if (with_annotations)
2250 len += desc->annotations_len;
2251 else
2252 offset += desc->annotations_len;
2253
2254 tor_assert(len > 32);
2255 if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
2256 desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
2257 if (store && store->mmap) {
2258 tor_assert(desc->saved_offset + len <= store->mmap->size);
2259 r = store->mmap->data + offset;
2260 } else if (store) {
2261 log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
2262 "mmaped in our cache. Is another process running in our data "
2263 "directory? Exiting.");
2264 exit(1);
2265 }
2266 }
2267 if (!r) /* no mmap, or not in cache. */
2268 r = desc->signed_descriptor_body +
2269 (with_annotations ? 0 : desc->annotations_len);
2270
2271 tor_assert(r);
2272 if (!with_annotations) {
2273 if (memcmp("router ", r, 7) && memcmp("extra-info ", r, 11)) {
2274 char *cp = tor_strndup(r, 64);
2275 log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
2276 "Is another process running in our data directory? Exiting.",
2277 desc, escaped(cp));
2278 exit(1);
2279 }
2280 }
2281
2282 return r;
2283 }
2284
2285 /** Return a pointer to the signed textual representation of a descriptor.
2286 * The returned string is not guaranteed to be NUL-terminated: the string's
2287 * length will be in desc-\>signed_descriptor_len.
2288 *
2289 * The caller must not free the string returned.
2290 */
2291 const char *
2292 signed_descriptor_get_body(signed_descriptor_t *desc)
2293 {
2294 return signed_descriptor_get_body_impl(desc, 0);
2295 }
2296
2297 /** As signed_descriptor_get_body(), but points to the beginning of the
2298 * annotations section rather than the beginning of the descriptor. */
2299 const char *
2300 signed_descriptor_get_annotations(signed_descriptor_t *desc)
2301 {
2302 return signed_descriptor_get_body_impl(desc, 1);
2303 }
2304
2305 /** Return the current list of all known routers. */
2306 routerlist_t *
2307 router_get_routerlist(void)
2308 {
2309 if (PREDICT_UNLIKELY(!routerlist)) {
2310 routerlist = tor_malloc_zero(sizeof(routerlist_t));
2311 routerlist->routers = smartlist_create();
2312 routerlist->old_routers = smartlist_create();
2313 routerlist->identity_map = rimap_new();
2314 routerlist->desc_digest_map = sdmap_new();
2315 routerlist->desc_by_eid_map = sdmap_new();
2316 routerlist->extra_info_map = eimap_new();
2317
2318 routerlist->desc_store.fname_base = "cached-descriptors";
2319 routerlist->desc_store.fname_alt_base = "cached-routers";
2320 routerlist->extrainfo_store.fname_base = "cached-extrainfo";
2321
2322 routerlist->desc_store.type = ROUTER_STORE;
2323 routerlist->extrainfo_store.type = EXTRAINFO_STORE;
2324
2325 routerlist->desc_store.description = "router descriptors";
2326 routerlist->extrainfo_store.description = "extra-info documents";
2327 }
2328 return routerlist;
2329 }
2330
2331 /** Free all storage held by <b>router</b>. */
2332 void
2333 routerinfo_free(routerinfo_t *router)
2334 {
2335 if (!router)
2336 return;
2337
2338 tor_free(router->cache_info.signed_descriptor_body);
2339 tor_free(router->address);
2340 tor_free(router->nickname);
2341 tor_free(router->platform);
2342 tor_free(router->contact_info);
2343 if (router->onion_pkey)
2344 crypto_free_pk_env(router->onion_pkey);
2345 if (router->identity_pkey)
2346 crypto_free_pk_env(router->identity_pkey);
2347 if (router->declared_family) {
2348 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
2349 smartlist_free(router->declared_family);
2350 }
2351 addr_policy_list_free(router->exit_policy);
2352
2353 /* XXXX Remove if this turns out to affect performance. */
2354 memset(router, 77, sizeof(routerinfo_t));
2355
2356 tor_free(router);
2357 }
2358
2359 /** Release all storage held by <b>extrainfo</b> */
2360 void
2361 extrainfo_free(extrainfo_t *extrainfo)
2362 {
2363 if (!extrainfo)
2364 return;
2365 tor_free(extrainfo->cache_info.signed_descriptor_body);
2366 tor_free(extrainfo->pending_sig);
2367
2368 /* XXXX remove this if it turns out to slow us down. */
2369 memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
2370 tor_free(extrainfo);
2371 }
2372
2373 /** Release storage held by <b>sd</b>. */
2374 static void
2375 signed_descriptor_free(signed_descriptor_t *sd)
2376 {
2377 tor_free(sd->signed_descriptor_body);
2378
2379 /* XXXX remove this once more bugs go away. */
2380 memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
2381 tor_free(sd);
2382 }
2383
2384 /** Extract a signed_descriptor_t from a routerinfo, and free the routerinfo.
2385 */
2386 static signed_descriptor_t *
2387 signed_descriptor_from_routerinfo(routerinfo_t *ri)
2388 {
2389 signed_descriptor_t *sd = tor_malloc_zero(sizeof(signed_descriptor_t));
2390 memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t));
2391 sd->routerlist_index = -1;
2392 ri->cache_info.signed_descriptor_body = NULL;
2393 routerinfo_free(ri);
2394 return sd;
2395 }
2396
2397 /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
2398 static void
2399 _extrainfo_free(void *e)
2400 {
2401 extrainfo_free(e);
2402 }
2403
2404 /** Free all storage held by a routerlist <b>rl</b>. */
2405 void
2406 routerlist_free(routerlist_t *rl)
2407 {
2408 tor_assert(rl);
2409 rimap_free(rl->identity_map, NULL);
2410 sdmap_free(rl->desc_digest_map, NULL);
2411 sdmap_free(rl->desc_by_eid_map, NULL);
2412 eimap_free(rl->extra_info_map, _extrainfo_free);
2413 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2414 routerinfo_free(r));
2415 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
2416 signed_descriptor_free(sd));
2417 smartlist_free(rl->routers);
2418 smartlist_free(rl->old_routers);
2419 if (routerlist->desc_store.mmap)
2420 tor_munmap_file(routerlist->desc_store.mmap);
2421 if (routerlist->extrainfo_store.mmap)
2422 tor_munmap_file(routerlist->extrainfo_store.mmap);
2423 tor_free(rl);
2424
2425 router_dir_info_changed();
2426 }
2427
2428 /** Log information about how much memory is being used for routerlist,
2429 * at log level <b>severity</b>. */
2430 void
2431 dump_routerlist_mem_usage(int severity)
2432 {
2433 uint64_t livedescs = 0;
2434 uint64_t olddescs = 0;
2435 if (!routerlist)
2436 return;
2437 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
2438 livedescs += r->cache_info.signed_descriptor_len);
2439 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2440 olddescs += sd->signed_descriptor_len);
2441
2442 log(severity, LD_DIR,
2443 "In %d live descriptors: "U64_FORMAT" bytes. "
2444 "In %d old descriptors: "U64_FORMAT" bytes.",
2445 smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
2446 smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
2447
2448 #if 0
2449 {
2450 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2451 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2452 log(severity, LD_DIR, "Now let's look through old_descriptors!");
2453 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd, {
2454 int in_v2 = 0;
2455 int in_v3 = 0;
2456 char published[ISO_TIME_LEN+1];
2457 char last_valid_until[ISO_TIME_LEN+1];
2458 char last_served_at[ISO_TIME_LEN+1];
2459 char id[HEX_DIGEST_LEN+1];
2460 routerstatus_t *rs;
2461 format_iso_time(published, sd->published_on);
2462 format_iso_time(last_valid_until, sd->last_listed_as_valid_until);
2463 format_iso_time(last_served_at, sd->last_served_at);
2464 base16_encode(id, sizeof(id), sd->identity_digest, DIGEST_LEN);
2465 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
2466 {
2467 rs = networkstatus_v2_find_entry(ns, sd->identity_digest);
2468 if (rs && !memcmp(rs->descriptor_digest,
2469 sd->signed_descriptor_digest, DIGEST_LEN)) {
2470 in_v2 = 1; break;
2471 }
2472 });
2473 if (consensus) {
2474 rs = networkstatus_vote_find_entry(consensus, sd->identity_digest);
2475 if (rs && !memcmp(rs->descriptor_digest,
2476 sd->signed_descriptor_digest, DIGEST_LEN))
2477 in_v3 = 1;
2478 }
2479 log(severity, LD_DIR,
2480 "Old descriptor for %s (published %s) %sin v2 ns, %sin v3 "
2481 "consensus. Last valid until %s; last served at %s.",
2482 id, published, in_v2 ? "" : "not ", in_v3 ? "" : "not ",
2483 last_valid_until, last_served_at);
2484 });
2485 }
2486 #endif
2487 }
2488
2489 /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
2490 * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
2491 * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
2492 * is not in <b>sl</b>. */
2493 static INLINE int
2494 _routerlist_find_elt(smartlist_t *sl, void *ri, int idx)
2495 {
2496 if (idx < 0) {
2497 idx = -1;
2498 SMARTLIST_FOREACH(sl, routerinfo_t *, r,
2499 if (r == ri) {
2500 idx = r_sl_idx;
2501 break;
2502 });
2503 } else {
2504 tor_assert(idx < smartlist_len(sl));
2505 tor_assert(smartlist_get(sl, idx) == ri);
2506 };
2507 return idx;
2508 }
2509
2510 /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
2511 * as needed. There must be no previous member of <b>rl</b> with the same
2512 * identity digest as <b>ri</b>: If there is, call routerlist_replace
2513 * instead.
2514 */
2515 static void
2516 routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
2517 {
2518 routerinfo_t *ri_old;
2519 {
2520 /* XXXX Remove if this slows us down. */
2521 routerinfo_t *ri_generated = router_get_my_routerinfo();
2522 tor_assert(ri_generated != ri);
2523 }
2524 tor_assert(ri->cache_info.routerlist_index == -1);
2525
2526 ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
2527 tor_assert(!ri_old);
2528 sdmap_set(rl->desc_digest_map, ri->cache_info.signed_descriptor_digest,
2529 &(ri->cache_info));
2530 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2531 sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
2532 &ri->cache_info);
2533 smartlist_add(rl->routers, ri);
2534 ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
2535 router_dir_info_changed();
2536 #ifdef DEBUG_ROUTERLIST
2537 routerlist_assert_ok(rl);
2538 #endif
2539 }
2540
2541 /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
2542 * corresponding router in rl-\>routers or rl-\>old_routers. Return true iff
2543 * we actually inserted <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
2544 static int
2545 extrainfo_insert(routerlist_t *rl, extrainfo_t *ei)
2546 {
2547 int r = 0;
2548 routerinfo_t *ri = rimap_get(rl->identity_map,
2549 ei->cache_info.identity_digest);
2550 signed_descriptor_t *sd =
2551 sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
2552 extrainfo_t *ei_tmp;
2553
2554 {
2555 /* XXXX remove this code if it slows us down. */
2556 extrainfo_t *ei_generated = router_get_my_extrainfo();
2557 tor_assert(ei_generated != ei);
2558 }
2559
2560 if (!ri) {
2561 /* This router is unknown; we can't even verify the signature. Give up.*/
2562 goto done;
2563 }
2564 if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, NULL)) {
2565 goto done;
2566 }
2567
2568 /* Okay, if we make it here, we definitely have a router corresponding to
2569 * this extrainfo. */
2570
2571 ei_tmp = eimap_set(rl->extra_info_map,
2572 ei->cache_info.signed_descriptor_digest,
2573 ei);
2574 r = 1;
2575 if (ei_tmp) {
2576 rl->extrainfo_store.bytes_dropped +=
2577 ei_tmp->cache_info.signed_descriptor_len;
2578 extrainfo_free(ei_tmp);
2579 }
2580
2581 done:
2582 if (r == 0)
2583 extrainfo_free(ei);
2584
2585 #ifdef DEBUG_ROUTERLIST
2586 routerlist_assert_ok(rl);
2587 #endif
2588 return r;
2589 }
2590
2591 #define should_cache_old_descriptors() \
2592 directory_caches_dir_info(get_options())
2593
2594 /** If we're a directory cache and routerlist <b>rl</b> doesn't have
2595 * a copy of router <b>ri</b> yet, add it to the list of old (not
2596 * recommended but still served) descriptors. Else free it. */
2597 static void
2598 routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
2599 {
2600 {
2601 /* XXXX remove this code if it slows us down. */
2602 routerinfo_t *ri_generated = router_get_my_routerinfo();
2603 tor_assert(ri_generated != ri);
2604 }
2605 tor_assert(ri->cache_info.routerlist_index == -1);
2606
2607 if (should_cache_old_descriptors() &&
2608 ri->purpose == ROUTER_PURPOSE_GENERAL &&
2609 !sdmap_get(rl->desc_digest_map,
2610 ri->cache_info.signed_descriptor_digest)) {
2611 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
2612 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2613 smartlist_add(rl->old_routers, sd);
2614 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2615 if (!tor_digest_is_zero(sd->extra_info_digest))
2616 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2617 } else {
2618 routerinfo_free(ri);
2619 }
2620 #ifdef DEBUG_ROUTERLIST
2621 routerlist_assert_ok(rl);
2622 #endif
2623 }
2624
2625 /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
2626 * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl-&gt;routers,
2627 * idx) == ri, we don't need to do a linear search over the list to decide
2628 * which to remove. We fill the gap in rl-&gt;routers with a later element in
2629 * the list, if any exists. <b>ri</b> is freed.
2630 *
2631 * If <b>make_old</b> is true, instead of deleting the router, we try adding
2632 * it to rl-&gt;old_routers. */
2633 void
2634 routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old)
2635 {
2636 routerinfo_t *ri_tmp;
2637 extrainfo_t *ei_tmp;
2638 int idx = ri->cache_info.routerlist_index;
2639 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2640 tor_assert(smartlist_get(rl->routers, idx) == ri);
2641
2642 ri->cache_info.routerlist_index = -1;
2643 smartlist_del(rl->routers, idx);
2644 if (idx < smartlist_len(rl->routers)) {
2645 routerinfo_t *r = smartlist_get(rl->routers, idx);
2646 r->cache_info.routerlist_index = idx;
2647 }
2648
2649 ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
2650 router_dir_info_changed();
2651 tor_assert(ri_tmp == ri);
2652
2653 if (make_old && should_cache_old_descriptors() &&
2654 ri->purpose == ROUTER_PURPOSE_GENERAL) {
2655 signed_descriptor_t *sd;
2656 sd = signed_descriptor_from_routerinfo(ri);
2657 smartlist_add(rl->old_routers, sd);
2658 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2659 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2660 if (!tor_digest_is_zero(sd->extra_info_digest))
2661 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2662 } else {
2663 signed_descriptor_t *sd_tmp;
2664 sd_tmp = sdmap_remove(rl->desc_digest_map,
2665 ri->cache_info.signed_descriptor_digest);
2666 tor_assert(sd_tmp == &(ri->cache_info));
2667 rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
2668 ei_tmp = eimap_remove(rl->extra_info_map,
2669 ri->cache_info.extra_info_digest);
2670 if (ei_tmp) {
2671 rl->extrainfo_store.bytes_dropped +=
2672 ei_tmp->cache_info.signed_descriptor_len;
2673 extrainfo_free(ei_tmp);
2674 }
2675 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2676 sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
2677 routerinfo_free(ri);
2678 }
2679 #ifdef DEBUG_ROUTERLIST
2680 routerlist_assert_ok(rl);
2681 #endif
2682 }
2683
2684 /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
2685 * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
2686 * <b>sd</b>. */
2687 static void
2688 routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
2689 {
2690 signed_descriptor_t *sd_tmp;
2691 extrainfo_t *ei_tmp;
2692 desc_store_t *store;
2693 if (idx == -1) {
2694 idx = sd->routerlist_index;
2695 }
2696 tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
2697 /* XXXX edmanm's bridge relay triggered the following assert while
2698 * running 0.2.0.12-alpha. If anybody triggers this again, see if we
2699 * can get a backtrace. */
2700 tor_assert(smartlist_get(rl->old_routers, idx) == sd);
2701 tor_assert(idx == sd->routerlist_index);
2702
2703 sd->routerlist_index = -1;
2704 smartlist_del(rl->old_routers, idx);
2705 if (idx < smartlist_len(rl->old_routers)) {
2706 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
2707 d->routerlist_index = idx;
2708 }
2709 sd_tmp = sdmap_remove(rl->desc_digest_map,
2710 sd->signed_descriptor_digest);
2711 tor_assert(sd_tmp == sd);
2712 store = desc_get_store(rl, sd);
2713 if (store)
2714 store->bytes_dropped += sd->signed_descriptor_len;
2715
2716 ei_tmp = eimap_remove(rl->extra_info_map,
2717 sd->extra_info_digest);
2718 if (ei_tmp) {
2719 rl->extrainfo_store.bytes_dropped +=
2720 ei_tmp->cache_info.signed_descriptor_len;
2721 extrainfo_free(ei_tmp);
2722 }
2723 if (!tor_digest_is_zero(sd->extra_info_digest))
2724 sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
2725
2726 signed_descriptor_free(sd);
2727 #ifdef DEBUG_ROUTERLIST
2728 routerlist_assert_ok(rl);
2729 #endif
2730 }
2731
2732 /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
2733 * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
2734 * smartlist_get(rl-&gt;routers, idx) == ri, we don't need to do a linear
2735 * search over the list to decide which to remove. We put ri_new in the same
2736 * index as ri_old, if possible. ri is freed as appropriate.
2737 *
2738 * If should_cache_descriptors() is true, instead of deleting the router,
2739 * we add it to rl-&gt;old_routers. */
2740 static void
2741 routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
2742 routerinfo_t *ri_new)
2743 {
2744 int idx;
2745
2746 routerinfo_t *ri_tmp;
2747 extrainfo_t *ei_tmp;
2748 {
2749 /* XXXX Remove this if it turns out to slow us down. */
2750 routerinfo_t *ri_generated = router_get_my_routerinfo();
2751 tor_assert(ri_generated != ri_new);
2752 }
2753 tor_assert(ri_old != ri_new);
2754 tor_assert(ri_new->cache_info.routerlist_index == -1);
2755
2756 idx = ri_old->cache_info.routerlist_index;
2757 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2758 tor_assert(smartlist_get(rl->routers, idx) == ri_old);
2759
2760 router_dir_info_changed();
2761 if (idx >= 0) {
2762 smartlist_set(rl->routers, idx, ri_new);
2763 ri_old->cache_info.routerlist_index = -1;
2764 ri_new->cache_info.routerlist_index = idx;
2765 /* Check that ri_old is not in rl->routers anymore: */
2766 tor_assert( _routerlist_find_elt(rl->routers, ri_old, -1) == -1 );
2767 } else {
2768 log_warn(LD_BUG, "Appending entry from routerlist_replace.");
2769 routerlist_insert(rl, ri_new);
2770 return;
2771 }
2772 if (memcmp(ri_old->cache_info.identity_digest,
2773 ri_new->cache_info.identity_digest, DIGEST_LEN)) {
2774 /* digests don't match; digestmap_set won't replace */
2775 rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
2776 }
2777 ri_tmp = rimap_set(rl->identity_map,
2778 ri_new->cache_info.identity_digest, ri_new);
2779 tor_assert(!ri_tmp || ri_tmp == ri_old);
2780 sdmap_set(rl->desc_digest_map,
2781 ri_new->cache_info.signed_descriptor_digest,
2782 &(ri_new->cache_info));
2783
2784 if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
2785 sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
2786 &ri_new->cache_info);
2787 }
2788
2789 if (should_cache_old_descriptors() &&
2790 ri_old->purpose == ROUTER_PURPOSE_GENERAL) {
2791 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
2792 smartlist_add(rl->old_routers, sd);
2793 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2794 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2795 if (!tor_digest_is_zero(sd->extra_info_digest))
2796 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2797 } else {
2798 if (memcmp(ri_old->cache_info.signed_descriptor_digest,
2799 ri_new->cache_info.signed_descriptor_digest,
2800 DIGEST_LEN)) {
2801 /* digests don't match; digestmap_set didn't replace */
2802 sdmap_remove(rl->desc_digest_map,
2803 ri_old->cache_info.signed_descriptor_digest);
2804 }
2805
2806 ei_tmp = eimap_remove(rl->extra_info_map,
2807 ri_old->cache_info.extra_info_digest);
2808 if (ei_tmp) {
2809 rl->extrainfo_store.bytes_dropped +=
2810 ei_tmp->cache_info.signed_descriptor_len;
2811 extrainfo_free(ei_tmp);
2812 }
2813 if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
2814 sdmap_remove(rl->desc_by_eid_map,
2815 ri_old->cache_info.extra_info_digest);
2816 }
2817 rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
2818 routerinfo_free(ri_old);
2819 }
2820 #ifdef DEBUG_ROUTERLIST
2821 routerlist_assert_ok(rl);
2822 #endif
2823 }
2824
2825 /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
2826 * it as a fresh routerinfo_t. */
2827 static routerinfo_t *
2828 routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
2829 {
2830 routerinfo_t *ri;
2831 const char *body;
2832
2833 body = signed_descriptor_get_annotations(sd);
2834
2835 ri = router_parse_entry_from_string(body,
2836 body+sd->signed_descriptor_len+sd->annotations_len,
2837 0, 1, NULL);
2838 if (!ri)
2839 return NULL;
2840 memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
2841 sd->signed_descriptor_body = NULL; /* Steal reference. */
2842 ri->cache_info.routerlist_index = -1;
2843
2844 routerlist_remove_old(rl, sd, -1);
2845
2846 return ri;
2847 }
2848
2849 /** Free all memory held by the routerlist module. */
2850 void
2851 routerlist_free_all(void)
2852 {
2853 if (routerlist)
2854 routerlist_free(routerlist);
2855 routerlist = NULL;
2856 if (warned_nicknames) {
2857 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2858 smartlist_free(warned_nicknames);
2859 warned_nicknames = NULL;
2860 }
2861 if (trusted_dir_servers) {
2862 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
2863 trusted_dir_server_free(ds));
2864 smartlist_free(trusted_dir_servers);
2865 trusted_dir_servers = NULL;
2866 }
2867 if (trusted_dir_certs) {
2868 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
2869 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
2870 authority_cert_free(cert));
2871 smartlist_free(cl->certs);
2872 tor_free(cl);
2873 } DIGESTMAP_FOREACH_END;
2874 digestmap_free(trusted_dir_certs, NULL);
2875 trusted_dir_certs = NULL;
2876 }
2877 }
2878
2879 /** Forget that we have issued any router-related warnings, so that we'll
2880 * warn again if we see the same errors. */
2881 void
2882 routerlist_reset_warnings(void)
2883 {
2884 if (!warned_nicknames)
2885 warned_nicknames = smartlist_create();
2886 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2887 smartlist_clear(warned_nicknames); /* now the list is empty. */
2888
2889 networkstatus_reset_warnings();
2890 }
2891
2892 /** Mark the router with ID <b>digest</b> as running or non-running
2893 * in our routerlist. */
2894 void
2895 router_set_status(const char *digest, int up)
2896 {
2897 routerinfo_t *router;
2898 routerstatus_t *status;
2899 tor_assert(digest);
2900
2901 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
2902 if (!memcmp(d->digest, digest, DIGEST_LEN))
2903 d->is_running = up);
2904
2905 router = router_get_by_digest(digest);
2906 if (router) {
2907 log_debug(LD_DIR,"Marking router '%s/%s' as %s.",
2908 router->nickname, router->address, up ? "up" : "down");
2909 if (!up && router_is_me(router) && !we_are_hibernating())
2910 log_warn(LD_NET, "We just marked ourself as down. Are your external "
2911 "addresses reachable?");
2912 router->is_running = up;
2913 }
2914 status = router_get_consensus_status_by_id(digest);
2915 if (status && status->is_running != up) {
2916 status->is_running = up;
2917 control_event_networkstatus_changed_single(status);
2918 }
2919 router_dir_info_changed();
2920 }
2921
2922 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
2923 * older entries (if any) with the same key. Note: Callers should not hold
2924 * their pointers to <b>router</b> if this function fails; <b>router</b>
2925 * will either be inserted into the routerlist or freed. Similarly, even
2926 * if this call succeeds, they should not hold their pointers to
2927 * <b>router</b> after subsequent calls with other routerinfo's -- they
2928 * might cause the original routerinfo to get freed.
2929 *
2930 * Returns the status for the operation. Might set *<b>msg</b> if it wants
2931 * the poster of the router to know something.
2932 *
2933 * If <b>from_cache</b>, this descriptor came from our disk cache. If
2934 * <b>from_fetch</b>, we received it in response to a request we made.
2935 * (If both are false, that means it was uploaded to us as an auth dir
2936 * server or via the controller.)
2937 *
2938 * This function should be called *after*
2939 * routers_update_status_from_consensus_networkstatus; subsequently, you
2940 * should call router_rebuild_store and routerlist_descriptors_added.
2941 */
2942 was_router_added_t
2943 router_add_to_routerlist(routerinfo_t *router, const char **msg,
2944 int from_cache, int from_fetch)
2945 {
2946 const char *id_digest;
2947 int authdir = authdir_mode_handles_descs(get_options(), router->purpose);
2948 int authdir_believes_valid = 0;
2949 routerinfo_t *old_router;
2950 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2951 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2952 int in_consensus = 0;
2953
2954 tor_assert(msg);
2955
2956 if (!routerlist)
2957 router_get_routerlist();
2958
2959 id_digest = router->cache_info.identity_digest;
2960
2961 /* Make sure that we haven't already got this exact descriptor. */
2962 if (sdmap_get(routerlist->desc_digest_map,
2963 router->cache_info.signed_descriptor_digest)) {
2964 log_info(LD_DIR,
2965 "Dropping descriptor that we already have for router '%s'",
2966 router->nickname);
2967 *msg = "Router descriptor was not new.";
2968 routerinfo_free(router);
2969 return ROUTER_WAS_NOT_NEW;
2970 }
2971
2972 if (authdir) {
2973 if (authdir_wants_to_reject_router(router, msg,
2974 !from_cache && !from_fetch)) {
2975 tor_assert(*msg);
2976 routerinfo_free(router);
2977 return ROUTER_AUTHDIR_REJECTS;
2978 }
2979 authdir_believes_valid = router->is_valid;
2980 } else if (from_fetch) {
2981 /* Only check the descriptor digest against the network statuses when
2982 * we are receiving in response to a fetch. */
2983
2984 if (!signed_desc_digest_is_recognized(&router->cache_info) &&
2985 !routerinfo_is_a_configured_bridge(router)) {
2986 /* We asked for it, so some networkstatus must have listed it when we
2987 * did. Save it if we're a cache in case somebody else asks for it. */
2988 log_info(LD_DIR,
2989 "Received a no-longer-recognized descriptor for router '%s'",
2990 router->nickname);
2991 *msg = "Router descriptor is not referenced by any network-status.";
2992
2993 /* Only journal this desc if we'll be serving it. */
2994 if (!from_cache && should_cache_old_descriptors())
2995 signed_desc_append_to_journal(&router->cache_info,
2996 &routerlist->desc_store);
2997 routerlist_insert_old(routerlist, router);
2998 return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
2999 }
3000 }
3001
3002 /* We no longer need a router with this descriptor digest. */
3003 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3004 {
3005 routerstatus_t *rs =
3006 networkstatus_v2_find_entry(ns, router->cache_info.identity_digest);
3007 if (rs && !memcmp(rs->descriptor_digest,
3008 router->cache_info.signed_descriptor_digest,
3009 DIGEST_LEN))
3010 rs->need_to_mirror = 0;
3011 });
3012 if (consensus) {
3013 routerstatus_t *rs = networkstatus_vote_find_entry(consensus,
3014 router->cache_info.identity_digest);
3015 if (rs && !memcmp(rs->descriptor_digest,
3016 router->cache_info.signed_descriptor_digest,
3017 DIGEST_LEN)) {
3018 in_consensus = 1;
3019 rs->need_to_mirror = 0;
3020 }
3021 }
3022
3023 if (router->purpose == ROUTER_PURPOSE_GENERAL &&
3024 consensus && !in_consensus && !authdir) {
3025 /* If it's a general router not listed in the consensus, then don't
3026 * consider replacing the latest router with it. */
3027 if (!from_cache && should_cache_old_descriptors())
3028 signed_desc_append_to_journal(&router->cache_info,
3029 &routerlist->desc_store);
3030 routerlist_insert_old(routerlist, router);
3031 *msg = "Skipping router descriptor: not in consensus.";
3032 return ROUTER_NOT_IN_CONSENSUS;
3033 }
3034
3035 /* If we have a router with the same identity key, choose the newer one. */
3036 old_router = rimap_get(routerlist->identity_map,
3037 router->cache_info.identity_digest);
3038 if (old_router) {
3039 if (!in_consensus && (router->cache_info.published_on <=
3040 old_router->cache_info.published_on)) {
3041 /* Same key, but old. This one is not listed in the consensus. */
3042 log_debug(LD_DIR, "Skipping not-new descriptor for router '%s'",
3043 router->nickname);
3044 /* Only journal this desc if we'll be serving it. */
3045 if (!from_cache && should_cache_old_descriptors())
3046 signed_desc_append_to_journal(&router->cache_info,
3047 &routerlist->desc_store);
3048 routerlist_insert_old(routerlist, router);
3049 *msg = "Router descriptor was not new.";
3050 return ROUTER_WAS_NOT_NEW;
3051 } else {
3052 /* Same key, and either new, or listed in the consensus. */
3053 log_debug(LD_DIR, "Replacing entry for router '%s/%s' [%s]",
3054 router->nickname, old_router->nickname,
3055 hex_str(id_digest,DIGEST_LEN));
3056 if (router->addr == old_router->addr &&
3057 router->or_port == old_router->or_port) {
3058 /* these carry over when the address and orport are unchanged. */
3059 router->last_reachable = old_router->last_reachable;
3060 router->testing_since = old_router->testing_since;
3061 }
3062 routerlist_replace(routerlist, old_router, router);
3063 if (!from_cache) {
3064 signed_desc_append_to_journal(&router->cache_info,
3065 &routerlist->desc_store);
3066 }
3067 directory_set_dirty();
3068 *msg = authdir_believes_valid ? "Valid server updated" :
3069 ("Invalid server updated. (This dirserver is marking your "
3070 "server as unapproved.)");
3071 return ROUTER_ADDED_SUCCESSFULLY;
3072 }
3073 }
3074
3075 if (!in_consensus && from_cache &&
3076 router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
3077 *msg = "Router descriptor was really old.";
3078 routerinfo_free(router);
3079 return ROUTER_WAS_NOT_NEW;
3080 }
3081
3082 /* We haven't seen a router with this identity before. Add it to the end of
3083 * the list. */
3084 routerlist_insert(routerlist, router);
3085 if (!from_cache)
3086 signed_desc_append_to_journal(&router->cache_info,
3087 &routerlist->desc_store);
3088 directory_set_dirty();
3089 return ROUTER_ADDED_SUCCESSFULLY;
3090 }
3091
3092 /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
3093 * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
3094 * we actually inserted it, ROUTER_BAD_EI otherwise.
3095 */
3096 was_router_added_t
3097 router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
3098 int from_cache, int from_fetch)
3099 {
3100 int inserted;
3101 (void)from_fetch;
3102 if (msg) *msg = NULL;
3103 /*XXXX022 Do something with msg */
3104
3105 inserted = extrainfo_insert(router_get_routerlist(), ei);
3106
3107 if (inserted && !from_cache)
3108 signed_desc_append_to_journal(&ei->cache_info,
3109 &routerlist->extrainfo_store);
3110
3111 if (inserted)
3112 return ROUTER_ADDED_SUCCESSFULLY;
3113 else
3114 return ROUTER_BAD_EI;
3115 }
3116
3117 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
3118 * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
3119 * to, or later than that of *<b>b</b>. */
3120 static int
3121 _compare_old_routers_by_identity(const void **_a, const void **_b)
3122 {
3123 int i;
3124 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
3125 if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
3126 return i;
3127 return (int)(r1->published_on - r2->published_on);
3128 }
3129
3130 /** Internal type used to represent how long an old descriptor was valid,
3131 * where it appeared in the list of old descriptors, and whether it's extra
3132 * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
3133 struct duration_idx_t {
3134 int duration;
3135 int idx;
3136 int old;
3137 };
3138
3139 /** Sorting helper: compare two duration_idx_t by their duration. */
3140 static int
3141 _compare_duration_idx(const void *_d1, const void *_d2)
3142 {
3143 const struct duration_idx_t *d1 = _d1;
3144 const struct duration_idx_t *d2 = _d2;
3145 return d1->duration - d2->duration;
3146 }
3147
3148 /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
3149 * must contain routerinfo_t with the same identity and with publication time
3150 * in ascending order. Remove members from this range until there are no more
3151 * than max_descriptors_per_router() remaining. Start by removing the oldest
3152 * members from before <b>cutoff</b>, then remove members which were current
3153 * for the lowest amount of time. The order of members of old_routers at
3154 * indices <b>lo</b> or higher may be changed.
3155 */
3156 static void
3157 routerlist_remove_old_cached_routers_with_id(time_t now,
3158 time_t cutoff, int lo, int hi,
3159 digestset_t *retain)
3160 {
3161 int i, n = hi-lo+1;
3162 unsigned n_extra, n_rmv = 0;
3163 struct duration_idx_t *lifespans;
3164 uint8_t *rmv, *must_keep;
3165 smartlist_t *lst = routerlist->old_routers;
3166 #if 1
3167 const char *ident;
3168 tor_assert(hi < smartlist_len(lst));
3169 tor_assert(lo <= hi);
3170 ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
3171 for (i = lo+1; i <= hi; ++i) {
3172 signed_descriptor_t *r = smartlist_get(lst, i);
3173 tor_assert(!memcmp(ident, r->identity_digest, DIGEST_LEN));
3174 }
3175 #endif
3176 /* Check whether we need to do anything at all. */
3177 {
3178 int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
3179 if (n <= mdpr)
3180 return;
3181 n_extra = n - mdpr;
3182 }
3183
3184 lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
3185 rmv = tor_malloc_zero(sizeof(uint8_t)*n);
3186 must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
3187 /* Set lifespans to contain the lifespan and index of each server. */
3188 /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
3189 for (i = lo; i <= hi; ++i) {
3190 signed_descriptor_t *r = smartlist_get(lst, i);
3191 signed_descriptor_t *r_next;
3192 lifespans[i-lo].idx = i;
3193 if (r->last_listed_as_valid_until >= now ||
3194 (retain && digestset_isin(retain, r->signed_descriptor_digest))) {
3195 must_keep[i-lo] = 1;
3196 }
3197 if (i < hi) {
3198 r_next = smartlist_get(lst, i+1);
3199 tor_assert(r->published_on <= r_next->published_on);
3200 lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
3201 } else {
3202 r_next = NULL;
3203 lifespans[i-lo].duration = INT_MAX;
3204 }
3205 if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
3206 ++n_rmv;
3207 lifespans[i-lo].old = 1;
3208 rmv[i-lo] = 1;
3209 }
3210 }
3211
3212 if (n_rmv < n_extra) {
3213 /**
3214 * We aren't removing enough servers for being old. Sort lifespans by
3215 * the duration of liveness, and remove the ones we're not already going to
3216 * remove based on how long they were alive.
3217 **/
3218 qsort(lifespans, n, sizeof(struct duration_idx_t), _compare_duration_idx);
3219 for (i = 0; i < n && n_rmv < n_extra; ++i) {
3220 if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
3221 rmv[lifespans[i].idx-lo] = 1;
3222 ++n_rmv;
3223 }
3224 }
3225 }
3226
3227 i = hi;
3228 do {
3229 if (rmv[i-lo])
3230 routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
3231 } while (--i >= lo);
3232 tor_free(must_keep);
3233 tor_free(rmv);
3234 tor_free(lifespans);
3235 }
3236
3237 /** Deactivate any routers from the routerlist that are more than
3238 * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
3239 * remove old routers from the list of cached routers if we have too many.
3240 */
3241 void
3242 routerlist_remove_old_routers(void)
3243 {
3244 int i, hi=-1;
3245 const char *cur_id = NULL;
3246 time_t now = time(NULL);
3247 time_t cutoff;
3248 routerinfo_t *router;
3249 signed_descriptor_t *sd;
3250 digestset_t *retain;
3251 int caches = directory_caches_dir_info(get_options());
3252 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
3253 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3254 int have_enough_v2;
3255
3256 trusted_dirs_remove_old_certs();
3257
3258 if (!routerlist || !consensus)
3259 return;
3260
3261 // routerlist_assert_ok(routerlist);
3262
3263 /* We need to guess how many router descriptors we will wind up wanting to
3264 retain, so that we can be sure to allocate a large enough Bloom filter
3265 to hold the digest set. Overestimating is fine; underestimating is bad.
3266 */
3267 {
3268 /* We'll probably retain everything in the consensus. */
3269 int n_max_retain = smartlist_len(consensus->routerstatus_list);
3270 if (caches && networkstatus_v2_list) {
3271 /* If we care about v2 statuses, we'll retain at most as many as are
3272 listed any of the v2 statues. This will be at least the length of
3273 the largest v2 networstatus, and in the worst case, this set will be
3274 equal to the sum of the lengths of all v2 consensuses. Take the
3275 worst case.
3276 */
3277 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3278 n_max_retain += smartlist_len(ns->entries));
3279 }
3280 retain = digestset_new(n_max_retain);
3281 }
3282
3283 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3284 /* Build a list of all the descriptors that _anybody_ lists. */
3285 if (caches && networkstatus_v2_list) {
3286 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3287 {
3288 /* XXXX The inner loop here gets pretty expensive, and actually shows up
3289 * on some profiles. It may be the reason digestmap_set shows up in
3290 * profiles too. If instead we kept a per-descriptor digest count of
3291 * how many networkstatuses recommended each descriptor, and changed
3292 * that only when the networkstatuses changed, that would be a speed
3293 * improvement, possibly 1-4% if it also removes digestmap_set from the
3294 * profile. Not worth it for 0.1.2.x, though. The new directory
3295 * system will obsolete this whole thing in 0.2.0.x. */
3296 SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
3297 if (rs->published_on >= cutoff)
3298 digestset_add(retain, rs->descriptor_digest));
3299 });
3300 }
3301
3302 /* Retain anything listed in the consensus. */
3303 if (consensus) {
3304 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
3305 if (rs->published_on >= cutoff)
3306 digestset_add(retain, rs->descriptor_digest));
3307 }
3308
3309 /* If we have a consensus, and nearly as many v2 networkstatuses as we want,
3310 * we should consider pruning current routers that are too old and that
3311 * nobody recommends. (If we don't have a consensus or enough v2
3312 * networkstatuses, then we should get more before we decide to kill
3313 * routers.) */
3314 /* we set this to true iff we don't care about v2 info, or we have enough. */
3315 have_enough_v2 = !caches ||
3316 (networkstatus_v2_list &&
3317 smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
3318
3319 if (have_enough_v2 && consensus) {
3320 cutoff = now - ROUTER_MAX_AGE;
3321 /* Remove too-old unrecommended members of routerlist->routers. */
3322 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
3323 router = smartlist_get(routerlist->routers, i);
3324 if (router->cache_info.published_on <= cutoff &&
3325 router->cache_info.last_listed_as_valid_until < now &&
3326 !digestset_isin(retain,
3327 router->cache_info.signed_descriptor_digest)) {
3328 /* Too old: remove it. (If we're a cache, just move it into
3329 * old_routers.) */
3330 log_info(LD_DIR,
3331 "Forgetting obsolete (too old) routerinfo for router '%s'",
3332 router->nickname);
3333 routerlist_remove(routerlist, router, 1);
3334 i--;
3335 }
3336 }
3337 }
3338
3339 //routerlist_assert_ok(routerlist);
3340
3341 /* Remove far-too-old members of routerlist->old_routers. */
3342 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3343 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3344 sd = smartlist_get(routerlist->old_routers, i);
3345 if (sd->published_on <= cutoff &&
3346 sd->last_listed_as_valid_until < now &&
3347 !digestset_isin(retain, sd->signed_descriptor_digest)) {
3348 /* Too old. Remove it. */
3349 routerlist_remove_old(routerlist, sd, i--);
3350 }
3351 }
3352
3353 //routerlist_assert_ok(routerlist);
3354
3355 log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
3356 smartlist_len(routerlist->routers),
3357 smartlist_len(routerlist->old_routers));
3358
3359 /* Now we might have to look at routerlist->old_routers for extraneous
3360 * members. (We'd keep all the members if we could, but we need to save
3361 * space.) First, check whether we have too many router descriptors, total.
3362 * We're okay with having too many for some given router, so long as the
3363 * total number doesn't approach max_descriptors_per_router()*len(router).
3364 */
3365 if (smartlist_len(routerlist->old_routers) <
3366 smartlist_len(routerlist->routers))
3367 goto done;
3368
3369 /* Sort by identity, then fix indices. */
3370 smartlist_sort(routerlist->old_routers, _compare_old_routers_by_identity);
3371 /* Fix indices. */
3372 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3373 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3374 r->routerlist_index = i;
3375 }
3376
3377 /* Iterate through the list from back to front, so when we remove descriptors
3378 * we don't mess up groups we haven't gotten to. */
3379 for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
3380 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3381 if (!cur_id) {
3382 cur_id = r->identity_digest;
3383 hi = i;
3384 }
3385 if (memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
3386 routerlist_remove_old_cached_routers_with_id(now,
3387 cutoff, i+1, hi, retain);
3388 cur_id = r->identity_digest;
3389 hi = i;
3390 }
3391 }
3392 if (hi>=0)
3393 routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
3394 //routerlist_assert_ok(routerlist);
3395
3396 done:
3397 digestset_free(retain);
3398 router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
3399 router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
3400 }
3401
3402 /** We just added a new set of descriptors. Take whatever extra steps
3403 * we need. */
3404 static void
3405 routerlist_descriptors_added(smartlist_t *sl, int from_cache)
3406 {
3407 tor_assert(sl);
3408 control_event_descriptors_changed(sl);
3409 SMARTLIST_FOREACH(sl, routerinfo_t *, ri,
3410 if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
3411 learned_bridge_descriptor(ri, from_cache);
3412 );
3413 }
3414
3415 /**
3416 * Code to parse a single router descriptor and insert it into the
3417 * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
3418 * descriptor was well-formed but could not be added; and 1 if the
3419 * descriptor was added.
3420 *
3421 * If we don't add it and <b>msg</b> is not NULL, then assign to
3422 * *<b>msg</b> a static string describing the reason for refusing the
3423 * descriptor.
3424 *
3425 * This is used only by the controller.
3426 */
3427 int
3428 router_load_single_router(const char *s, uint8_t purpose, int cache,
3429 const char **msg)
3430 {
3431 routerinfo_t *ri;
3432 was_router_added_t r;
3433 smartlist_t *lst;
3434 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
3435 tor_assert(msg);
3436 *msg = NULL;
3437
3438 tor_snprintf(annotation_buf, sizeof(annotation_buf),
3439 "@source controller\n"
3440 "@purpose %s\n", router_purpose_to_string(purpose));
3441
3442 if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
3443 log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
3444 *msg = "Couldn't parse router descriptor.";
3445 return -1;
3446 }
3447 tor_assert(ri->purpose == purpose);
3448 if (router_is_me(ri)) {
3449 log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
3450 *msg = "Router's identity key matches mine.";
3451 routerinfo_free(ri);
3452 return 0;
3453 }
3454
3455 if (!cache) /* obey the preference of the controller */
3456 ri->cache_info.do_not_cache = 1;
3457
3458 lst = smartlist_create();
3459 smartlist_add(lst, ri);
3460 routers_update_status_from_consensus_networkstatus(lst, 0);
3461
3462 r = router_add_to_routerlist(ri, msg, 0, 0);
3463 if (!WRA_WAS_ADDED(r)) {
3464 /* we've already assigned to *msg now, and ri is already freed */
3465 tor_assert(*msg);
3466 if (r == ROUTER_AUTHDIR_REJECTS)
3467 log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
3468 smartlist_free(lst);
3469 return 0;
3470 } else {
3471 routerlist_descriptors_added(lst, 0);
3472 smartlist_free(lst);
3473 log_debug(LD_DIR, "Added router to list");
3474 return 1;
3475 }
3476 }
3477
3478 /** Given a string <b>s</b> containing some routerdescs, parse it and put the
3479 * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
3480 * are in response to a query to the network: cache them by adding them to
3481 * the journal.
3482 *
3483 * Return the number of routers actually added.
3484 *
3485 * If <b>requested_fingerprints</b> is provided, it must contain a list of
3486 * uppercased fingerprints. Do not update any router whose
3487 * fingerprint is not on the list; after updating a router, remove its
3488 * fingerprint from the list.
3489 *
3490 * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
3491 * are descriptor digests. Otherwise they are identity digests.
3492 */
3493 int
3494 router_load_routers_from_string(const char *s, const char *eos,
3495 saved_location_t saved_location,
3496 smartlist_t *requested_fingerprints,
3497 int descriptor_digests,
3498 const char *prepend_annotations)
3499 {
3500 smartlist_t *routers = smartlist_create(), *changed = smartlist_create();
3501 char fp[HEX_DIGEST_LEN+1];
3502 const char *msg;
3503 int from_cache = (saved_location != SAVED_NOWHERE);
3504 int allow_annotations = (saved_location != SAVED_NOWHERE);
3505 int any_changed = 0;
3506
3507 router_parse_list_from_string(&s, eos, routers, saved_location, 0,
3508 allow_annotations, prepend_annotations);
3509
3510 routers_update_status_from_consensus_networkstatus(routers, !from_cache);
3511
3512 log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
3513
3514 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
3515 was_router_added_t r;
3516 char d[DIGEST_LEN];
3517 if (requested_fingerprints) {
3518 base16_encode(fp, sizeof(fp), descriptor_digests ?
3519 ri->cache_info.signed_descriptor_digest :
3520 ri->cache_info.identity_digest,
3521 DIGEST_LEN);
3522 if (smartlist_string_isin(requested_fingerprints, fp)) {
3523 smartlist_string_remove(requested_fingerprints, fp);
3524 } else {
3525 char *requested =
3526 smartlist_join_strings(requested_fingerprints," ",0,NULL);
3527 log_warn(LD_DIR,
3528 "We received a router descriptor with a fingerprint (%s) "
3529 "that we never requested. (We asked for: %s.) Dropping.",
3530 fp, requested);
3531 tor_free(requested);
3532 routerinfo_free(ri);
3533 continue;
3534 }
3535 }
3536
3537 memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
3538 r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
3539 if (WRA_WAS_ADDED(r)) {
3540 any_changed++;
3541 smartlist_add(changed, ri);
3542 routerlist_descriptors_added(changed, from_cache);
3543 smartlist_clear(changed);
3544 } else if (WRA_WAS_REJECTED(r)) {
3545 download_status_t *dl_status;
3546 dl_status = router_get_dl_status_by_descriptor_digest(d);
3547 if (dl_status) {
3548 log_info(LD_GENERAL, "Marking router %s as never downloadable",
3549 hex_str(d, DIGEST_LEN));
3550 download_status_mark_impossible(dl_status);
3551 }
3552 }
3553 } SMARTLIST_FOREACH_END(ri);
3554
3555 routerlist_assert_ok(routerlist);
3556
3557 if (any_changed)
3558 router_rebuild_store(0, &routerlist->desc_store);
3559
3560 smartlist_free(routers);
3561 smartlist_free(changed);
3562
3563 return any_changed;
3564 }
3565
3566 /** Parse one or more extrainfos from <b>s</b> (ending immediately before
3567 * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
3568 * router_load_routers_from_string(). */
3569 void
3570 router_load_extrainfo_from_string(const char *s, const char *eos,
3571 saved_location_t saved_location,
3572 smartlist_t *requested_fingerprints,
3573 int descriptor_digests)
3574 {
3575 smartlist_t *extrainfo_list = smartlist_create();
3576 const char *msg;
3577 int from_cache = (saved_location != SAVED_NOWHERE);
3578
3579 router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
3580 NULL);
3581
3582 log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
3583
3584 SMARTLIST_FOREACH(extrainfo_list, extrainfo_t *, ei, {
3585 was_router_added_t added =
3586 router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
3587 if (WRA_WAS_ADDED(added) && requested_fingerprints) {
3588 char fp[HEX_DIGEST_LEN+1];
3589 base16_encode(fp, sizeof(fp), descriptor_digests ?
3590 ei->cache_info.signed_descriptor_digest :
3591 ei->cache_info.identity_digest,
3592 DIGEST_LEN);
3593 smartlist_string_remove(requested_fingerprints, fp);
3594 /* We silently let people stuff us with extrainfos we didn't ask for,
3595 * so long as we would have wanted them anyway. Since we always fetch
3596 * all the extrainfos we want, and we never actually act on them
3597 * inside Tor, this should be harmless. */
3598 }
3599 });
3600
3601 routerlist_assert_ok(routerlist);
3602 router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
3603
3604 smartlist_free(extrainfo_list);
3605 }
3606
3607 /** Return true iff any networkstatus includes a descriptor whose digest
3608 * is that of <b>desc</b>. */
3609 static int
3610 signed_desc_digest_is_recognized(signed_descriptor_t *desc)
3611 {
3612 routerstatus_t *rs;
3613 networkstatus_t *consensus = networkstatus_get_latest_consensus();
3614 int caches = directory_caches_dir_info(get_options());
3615 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3616
3617 if (consensus) {
3618 rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
3619 if (rs && !memcmp(rs->descriptor_digest,
3620 desc->signed_descriptor_digest, DIGEST_LEN))
3621 return 1;
3622 }
3623 if (caches && networkstatus_v2_list) {
3624 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3625 {
3626 if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
3627 continue;
3628 if (!memcmp(rs->descriptor_digest,
3629 desc->signed_descriptor_digest, DIGEST_LEN))
3630 return 1;
3631 });
3632 }
3633 return 0;
3634 }
3635
3636 /** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
3637 * give it all a try again. */
3638 void
3639 routerlist_retry_directory_downloads(time_t now)
3640 {
3641 router_reset_status_download_failures();
3642 router_reset_descriptor_download_failures();
3643 update_networkstatus_downloads(now);
3644 update_router_descriptor_downloads(now);
3645 }
3646
3647 /** Return 1 if all running sufficiently-stable routers will reject
3648 * addr:port, return 0 if any might accept it. */
3649 int
3650 router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
3651 int need_uptime)
3652 {
3653 addr_policy_result_t r;
3654 if (!routerlist) return 1;
3655
3656 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
3657 {
3658 if (router->is_running &&
3659 !router_is_unreliable(router, need_uptime, 0, 0)) {
3660 r = compare_addr_to_addr_policy(addr, port, router->exit_policy);
3661 if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
3662 return 0; /* this one could be ok. good enough. */
3663 }
3664 });
3665 return 1; /* all will reject. */
3666 }
3667
3668 /** Return true iff <b>router</b> does not permit exit streams.
3669 */
3670 int
3671 router_exit_policy_rejects_all(routerinfo_t *router)
3672 {
3673 return router->policy_is_reject_star;
3674 }
3675
3676 /** Add to the list of authoritative directory servers one at
3677 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. If
3678 * <b>address</b> is NULL, add ourself. Return the new trusted directory
3679 * server entry on success or NULL if we couldn't add it. */
3680 trusted_dir_server_t *
3681 add_trusted_dir_server(const char *nickname, const char *address,
3682 uint16_t dir_port, uint16_t or_port,
3683 const char *digest, const char *v3_auth_digest,
3684 authority_type_t type)
3685 {
3686 trusted_dir_server_t *ent;
3687 uint32_t a;
3688 char *hostname = NULL;
3689 size_t dlen;
3690 if (!trusted_dir_servers)
3691 trusted_dir_servers = smartlist_create();
3692
3693 if (!address) { /* The address is us; we should guess. */
3694 if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) {
3695 log_warn(LD_CONFIG,
3696 "Couldn't find a suitable address when adding ourself as a "
3697 "trusted directory server.");
3698 return NULL;
3699 }
3700 } else {
3701 if (tor_lookup_hostname(address, &a)) {
3702 log_warn(LD_CONFIG,
3703 "Unable to lookup address for directory server at '%s'",
3704 address);
3705 return NULL;
3706 }
3707 hostname = tor_strdup(address);
3708 }
3709
3710 ent = tor_malloc_zero(sizeof(trusted_dir_server_t));
3711 ent->nickname = nickname ? tor_strdup(nickname) : NULL;
3712 ent->address = hostname;
3713 ent->addr = a;
3714 ent->dir_port = dir_port;
3715 ent->or_port = or_port;
3716 ent->is_running = 1;
3717 ent->type = type;
3718 memcpy(ent->digest, digest, DIGEST_LEN);
3719 if (v3_auth_digest && (type & V3_AUTHORITY))
3720 memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
3721
3722 dlen = 64 + strlen(hostname) + (nickname?strlen(nickname):0);
3723 ent->description = tor_malloc(dlen);
3724 if (nickname)
3725 tor_snprintf(ent->description, dlen, "directory server \"%s\" at %s:%d",
3726 nickname, hostname, (int)dir_port);
3727 else
3728 tor_snprintf(ent->description, dlen, "directory server at %s:%d",
3729 hostname, (int)dir_port);
3730
3731 ent->fake_status.addr = ent->addr;
3732 memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
3733 if (nickname)
3734 strlcpy(ent->fake_status.nickname, nickname,
3735 sizeof(ent->fake_status.nickname));
3736 else
3737 ent->fake_status.nickname[0] = '\0';
3738 ent->fake_status.dir_port = ent->dir_port;
3739 ent->fake_status.or_port = ent->or_port;
3740
3741 if (ent->or_port)
3742 ent->fake_status.version_supports_begindir = 1;
3743 /* XX021 - wait until authorities are upgraded */
3744 #if 0
3745 ent->fake_status.version_supports_conditional_consensus = 1;
3746 #else
3747 ent->fake_status.version_supports_conditional_consensus = 0;
3748 #endif
3749
3750 smartlist_add(trusted_dir_servers, ent);
3751 router_dir_info_changed();
3752 return ent;
3753 }
3754
3755 /** Free storage held in <b>cert</b>. */
3756 void
3757 authority_cert_free(authority_cert_t *cert)
3758 {
3759 if (!cert)
3760 return;
3761
3762 tor_free(cert->cache_info.signed_descriptor_body);
3763 if (cert->signing_key)
3764 crypto_free_pk_env(cert->signing_key);
3765 if (cert->identity_key)
3766 crypto_free_pk_env(cert->identity_key);
3767
3768 tor_free(cert);
3769 }
3770
3771 /** Free storage held in <b>ds</b>. */
3772 static void
3773 trusted_dir_server_free(trusted_dir_server_t *ds)
3774 {
3775 tor_free(ds->nickname);
3776 tor_free(ds->description);
3777 tor_free(ds->address);
3778 tor_free(ds);
3779 }
3780
3781 /** Remove all members from the list of trusted dir servers. */
3782 void
3783 clear_trusted_dir_servers(void)
3784 {
3785 if (trusted_dir_servers) {
3786 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
3787 trusted_dir_server_free(ent));
3788 smartlist_clear(trusted_dir_servers);
3789 } else {
3790 trusted_dir_servers = smartlist_create();
3791 }
3792 router_dir_info_changed();
3793 }
3794
3795 /** Return 1 if any trusted dir server supports v1 directories,
3796 * else return 0. */
3797 int
3798 any_trusted_dir_is_v1_authority(void)
3799 {
3800 if (trusted_dir_servers)
3801 return get_n_authorities(V1_AUTHORITY) > 0;
3802
3803 return 0;
3804 }
3805
3806 /** For every current directory connection whose purpose is <b>purpose</b>,
3807 * and where the resource being downloaded begins with <b>prefix</b>, split
3808 * rest of the resource into base16 fingerprints, decode them, and set the
3809 * corresponding elements of <b>result</b> to a nonzero value. */
3810 static void
3811 list_pending_downloads(digestmap_t *result,
3812 int purpose, const char *prefix)
3813 {
3814 const size_t p_len = strlen(prefix);
3815 smartlist_t *tmp = smartlist_create();
3816 smartlist_t *conns = get_connection_array();
3817
3818 tor_assert(result);
3819
3820 SMARTLIST_FOREACH(conns, connection_t *, conn,
3821 {
3822 if (conn->type == CONN_TYPE_DIR &&
3823 conn->purpose == purpose &&
3824 !conn->marked_for_close) {
3825 const char *resource = TO_DIR_CONN(conn)->requested_resource;
3826 if (!strcmpstart(resource, prefix))
3827 dir_split_resource_into_fingerprints(resource + p_len,
3828 tmp, NULL, 1, 0);
3829 }
3830 });
3831 SMARTLIST_FOREACH(tmp, char *, d,
3832 {
3833 digestmap_set(result, d, (void*)1);
3834 tor_free(d);
3835 });
3836 smartlist_free(tmp);
3837 }
3838
3839 /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
3840 * true) we are currently downloading by descriptor digest, set result[d] to
3841 * (void*)1. */
3842 static void
3843 list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
3844 {
3845 int purpose =
3846 extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
3847 list_pending_downloads(result, purpose, "d/");
3848 }
3849
3850 /** Launch downloads for all the descriptors whose digests are listed
3851 * as digests[i] for lo <= i < hi. (Lo and hi may be out of range.)
3852 * If <b>source</b> is given, download from <b>source</b>; otherwise,
3853 * download from an appropriate random directory server.
3854 */
3855 static void
3856 initiate_descriptor_downloads(routerstatus_t *source,
3857 int purpose,
3858 smartlist_t *digests,
3859 int lo, int hi, int pds_flags)
3860 {
3861 int i, n = hi-lo;
3862 char *resource, *cp;
3863 size_t r_len;
3864 if (n <= 0)
3865 return;
3866 if (lo < 0)
3867 lo = 0;
3868 if (hi > smartlist_len(digests))
3869 hi = smartlist_len(digests);
3870
3871 r_len = 8 + (HEX_DIGEST_LEN+1)*n;
3872 cp = resource = tor_malloc(r_len);
3873 memcpy(cp, "d/", 2);
3874 cp += 2;
3875 for (i = lo; i < hi; ++i) {
3876 base16_encode(cp, r_len-(cp-resource),
3877 smartlist_get(digests,i), DIGEST_LEN);
3878 cp += HEX_DIGEST_LEN;
3879 *cp++ = '+';
3880 }
3881 memcpy(cp-1, ".z", 3);
3882
3883 if (source) {
3884 /* We know which authority we want. */
3885 directory_initiate_command_routerstatus(source, purpose,
3886 ROUTER_PURPOSE_GENERAL,
3887 0, /* not private */
3888 resource, NULL, 0, 0);
3889 } else {
3890 directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
3891 pds_flags);
3892 }
3893 tor_free(resource);
3894 }
3895
3896 /** Return 0 if this routerstatus is obsolete, too new, isn't
3897 * running, or otherwise not a descriptor that we would make any
3898 * use of even if we had it. Else return 1. */
3899 static INLINE int
3900 client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
3901 {
3902 if (!rs->is_running && !options->FetchUselessDescriptors) {
3903 /* If we had this router descriptor, we wouldn't even bother using it.
3904 * But, if we want to have a complete list, fetch it anyway. */
3905 return 0;
3906 }
3907 if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
3908 > now) {
3909 /* Most caches probably don't have this descriptor yet. */
3910 return 0;
3911 }
3912 if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
3913 /* We'd drop it immediately for being too old. */
3914 return 0;
3915 }
3916 return 1;
3917 }
3918
3919 /** Max amount of hashes to download per request.
3920 * Since squid does not like URLs >= 4096 bytes we limit it to 96.
3921 * 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
3922 * 4058/41 (40 for the hash and 1 for the + that separates them) => 98
3923 * So use 96 because it's a nice number.
3924 */
3925 #define MAX_DL_PER_REQUEST 96
3926 /** Don't split our requests so finely that we are requesting fewer than
3927 * this number per server. */
3928 #define MIN_DL_PER_REQUEST 4
3929 /** To prevent a single screwy cache from confusing us by selective reply,
3930 * try to split our requests into at least this this many requests. */
3931 #define MIN_REQUESTS 3
3932 /** If we want fewer than this many descriptors, wait until we
3933 * want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
3934 * passed. */
3935 #define MAX_DL_TO_DELAY 16
3936 /** When directory clients have only a few servers to request, they batch
3937 * them until they have more, or until this amount of time has passed. */
3938 #define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
3939
3940 /** Given a list of router descriptor digests in <b>downloadable</b>, decide
3941 * whether to delay fetching until we have more. If we don't want to delay,
3942 * launch one or more requests to the appropriate directory authorities. */
3943 static void
3944 launch_router_descriptor_downloads(smartlist_t *downloadable, time_t now)
3945 {
3946 int should_delay = 0, n_downloadable;
3947 or_options_t *options = get_options();
3948
3949 n_downloadable = smartlist_len(downloadable);
3950 if (!directory_fetches_dir_info_early(options)) {
3951 if (n_downloadable >= MAX_DL_TO_DELAY) {
3952 log_debug(LD_DIR,
3953 "There are enough downloadable routerdescs to launch requests.");
3954 should_delay = 0;
3955 } else {
3956 should_delay = (last_routerdesc_download_attempted +
3957 MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
3958 if (!should_delay && n_downloadable) {
3959 if (last_routerdesc_download_attempted) {
3960 log_info(LD_DIR,
3961 "There are not many downloadable routerdescs, but we've "
3962 "been waiting long enough (%d seconds). Downloading.",
3963 (int)(now-last_routerdesc_download_attempted));
3964 } else {
3965 log_info(LD_DIR,
3966 "There are not many downloadable routerdescs, but we haven't "
3967 "tried downloading descriptors recently. Downloading.");
3968 }
3969 }
3970 }
3971 }
3972 /* XXX should we consider having even the dir mirrors delay
3973 * a little bit, so we don't load the authorities as much? -RD
3974 * I don't think so. If we do, clients that want those descriptors may
3975 * not actually find them if the caches haven't got them yet. -NM
3976 */
3977
3978 if (! should_delay && n_downloadable) {
3979 int i, n_per_request;
3980 const char *req_plural = "", *rtr_plural = "";
3981 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
3982 if (! authdir_mode_any_nonhidserv(options)) {
3983 /* If we wind up going to the authorities, we want to only open one
3984 * connection to each authority at a time, so that we don't overload
3985 * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
3986 * regardless of whether we're a cache or not; it gets ignored if we're
3987 * not calling router_pick_trusteddirserver.
3988 *
3989 * Setting this flag can make initiate_descriptor_downloads() ignore
3990 * requests. We need to make sure that we do in fact call
3991 * update_router_descriptor_downloads() later on, once the connections
3992 * have succeeded or failed.
3993 */
3994 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH;
3995 }
3996
3997 n_per_request = (n_downloadable+MIN_REQUESTS-1) / MIN_REQUESTS;
3998 if (n_per_request > MAX_DL_PER_REQUEST)
3999 n_per_request = MAX_DL_PER_REQUEST;
4000 if (n_per_request < MIN_DL_PER_REQUEST)
4001 n_per_request = MIN_DL_PER_REQUEST;
4002
4003 if (n_downloadable > n_per_request)
4004 req_plural = rtr_plural = "s";
4005 else if (n_downloadable > 1)
4006 rtr_plural = "s";
4007
4008 log_info(LD_DIR,
4009 "Launching %d request%s for %d router%s, %d at a time",
4010 (n_downloadable+n_per_request-1)/n_per_request,
4011 req_plural, n_downloadable, rtr_plural, n_per_request);
4012 smartlist_sort_digests(downloadable);
4013 for (i=0; i < n_downloadable; i += n_per_request) {
4014 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_SERVERDESC,
4015 downloadable, i, i+n_per_request,
4016 pds_flags);
4017 }
4018 last_routerdesc_download_attempted = now;
4019 }
4020 }
4021
4022 /** Launch downloads for router status as needed, using the strategy used by
4023 * authorities and caches: based on the v2 networkstatuses we have, download
4024 * every descriptor we don't have but would serve, from a random authority
4025 * that lists it. */
4026 static void
4027 update_router_descriptor_cache_downloads_v2(time_t now)
4028 {
4029 smartlist_t **downloadable; /* For each authority, what can we dl from it? */
4030 smartlist_t **download_from; /* ... and, what will we dl from it? */
4031 digestmap_t *map; /* Which descs are in progress, or assigned? */
4032 int i, j, n;
4033 int n_download;
4034 or_options_t *options = get_options();
4035 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4036
4037 if (! directory_fetches_dir_info_early(options)) {
4038 log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
4039 "on a non-dir-mirror?");
4040 }
4041
4042 if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
4043 return;
4044
4045 map = digestmap_new();
4046 n = smartlist_len(networkstatus_v2_list);
4047
4048 downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
4049 download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
4050
4051 /* Set map[d]=1 for the digest of every descriptor that we are currently
4052 * downloading. */
4053 list_pending_descriptor_downloads(map, 0);
4054
4055 /* For the digest of every descriptor that we don't have, and that we aren't
4056 * downloading, add d to downloadable[i] if the i'th networkstatus knows
4057 * about that descriptor, and we haven't already failed to get that
4058 * descriptor from the corresponding authority.
4059 */
4060 n_download = 0;
4061 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
4062 {
4063 trusted_dir_server_t *ds;
4064 smartlist_t *dl;
4065 dl = downloadable[ns_sl_idx] = smartlist_create();
4066 download_from[ns_sl_idx] = smartlist_create();
4067 if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
4068 /* Don't download if the networkstatus is almost ancient. */
4069 /* Actually, I suspect what's happening here is that we ask
4070 * for the descriptor when we have a given networkstatus,
4071 * and then we get a newer networkstatus, and then we receive
4072 * the descriptor. Having a networkstatus actually expire is
4073 * probably a rare event, and we'll probably be happiest if
4074 * we take this clause out. -RD */
4075 continue;
4076 }
4077
4078 /* Don't try dirservers that we think are down -- we might have
4079 * just tried them and just marked them as down. */
4080 ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
4081 if (ds && !ds->is_running)
4082 continue;
4083
4084 SMARTLIST_FOREACH(ns->entries, routerstatus_t * , rs,
4085 {
4086 if (!rs->need_to_mirror)
4087 continue;
4088 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4089 log_warn(LD_BUG,
4090 "We have a router descriptor, but need_to_mirror=1.");
4091 rs->need_to_mirror = 0;
4092 continue;
4093 }
4094 if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
4095 rs->need_to_mirror = 0;
4096 continue;
4097 }
4098 if (digestmap_get(map, rs->descriptor_digest)) {
4099 /* We're downloading it already. */
4100 continue;
4101 } else {
4102 /* We could download it from this guy. */
4103 smartlist_add(dl, rs->descriptor_digest);
4104 ++n_download;
4105 }
4106 });
4107 });
4108
4109 /* At random, assign descriptors to authorities such that:
4110 * - if d is a member of some downloadable[x], d is a member of some
4111 * download_from[y]. (Everything we want to download, we try to download
4112 * from somebody.)
4113 * - If d is a member of download_from[y], d is a member of downloadable[y].
4114 * (We only try to download descriptors from authorities who claim to have
4115 * them.)
4116 * - No d is a member of download_from[x] and download_from[y] s.t. x != y.
4117 * (We don't try to download anything from two authorities concurrently.)
4118 */
4119 while (n_download) {
4120 int which_ns = crypto_rand_int(n);
4121 smartlist_t *dl = downloadable[which_ns];
4122 int idx;
4123 char *d;
4124 if (!smartlist_len(dl))
4125 continue;
4126 idx = crypto_rand_int(smartlist_len(dl));
4127 d = smartlist_get(dl, idx);
4128 if (! digestmap_get(map, d)) {
4129 smartlist_add(download_from[which_ns], d);
4130 digestmap_set(map, d, (void*) 1);
4131 }
4132 smartlist_del(dl, idx);
4133 --n_download;
4134 }
4135
4136 /* Now, we can actually launch our requests. */
4137 for (i=0; i<n; ++i) {
4138 networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
4139 trusted_dir_server_t *ds =
4140 router_get_trusteddirserver_by_digest(ns->identity_digest);
4141 smartlist_t *dl = download_from[i];
4142 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4143 if (! authdir_mode_any_nonhidserv(options))
4144 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
4145
4146 if (!ds) {
4147 log_warn(LD_BUG, "Networkstatus with no corresponding authority!");
4148 continue;
4149 }
4150 if (! smartlist_len(dl))
4151 continue;
4152 log_info(LD_DIR, "Requesting %d descriptors from authority \"%s\"",
4153 smartlist_len(dl), ds->nickname);
4154 for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
4155 initiate_descriptor_downloads(&(ds->fake_status),
4156 DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
4157 j+MAX_DL_PER_REQUEST, pds_flags);
4158 }
4159 }
4160
4161 for (i=0; i<n; ++i) {
4162 smartlist_free(download_from[i]);
4163 smartlist_free(downloadable[i]);
4164 }
4165 tor_free(download_from);
4166 tor_free(downloadable);
4167 digestmap_free(map,NULL);
4168 }
4169
4170 /** For any descriptor that we want that's currently listed in the live
4171 * consensus, download it as appropriate. */
4172 static void
4173 update_consensus_router_descriptor_downloads(time_t now)
4174 {
4175 or_options_t *options = get_options();
4176 digestmap_t *map = NULL;
4177 smartlist_t *no_longer_old = smartlist_create();
4178 smartlist_t *downloadable = smartlist_create();
4179 int authdir = authdir_mode(options);
4180 networkstatus_t *consensus =
4181 networkstatus_get_reasonably_live_consensus(now);
4182 int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
4183 n_inprogress=0, n_in_oldrouters=0;
4184
4185 if (directory_too_idle_to_fetch_descriptors(options, now))
4186 goto done;
4187 if (!consensus)
4188 goto done;
4189
4190 map = digestmap_new();
4191 list_pending_descriptor_downloads(map, 0);
4192 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4193 {
4194 signed_descriptor_t *sd;
4195 if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
4196 routerinfo_t *ri;
4197 ++n_have;
4198 if (!(ri = router_get_by_digest(rs->identity_digest)) ||
4199 memcmp(ri->cache_info.signed_descriptor_digest,
4200 sd->signed_descriptor_digest, DIGEST_LEN)) {
4201 /* We have a descriptor with this digest, but either there is no
4202 * entry in routerlist with the same ID (!ri), or there is one,
4203 * but the identity digest differs (memcmp).
4204 */
4205 smartlist_add(no_longer_old, sd);
4206 ++n_in_oldrouters; /* We have it in old_routers. */
4207 }
4208 continue; /* We have it already. */
4209 }
4210 if (digestmap_get(map, rs->descriptor_digest)) {
4211 ++n_inprogress;
4212 continue; /* We have an in-progress download. */
4213 }
4214 if (!download_status_is_ready(&rs->dl_status, now,
4215 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4216 ++n_delayed; /* Not ready for retry. */
4217 continue;
4218 }
4219 if (authdir && dirserv_would_reject_router(rs)) {
4220 ++n_would_reject;
4221 continue; /* We would throw it out immediately. */
4222 }
4223 if (!directory_caches_dir_info(options) &&
4224 !client_would_use_router(rs, now, options)) {
4225 ++n_wouldnt_use;
4226 continue; /* We would never use it ourself. */
4227 }
4228 smartlist_add(downloadable, rs->descriptor_digest);
4229 });
4230
4231 if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
4232 && smartlist_len(no_longer_old)) {
4233 routerlist_t *rl = router_get_routerlist();
4234 log_info(LD_DIR, "%d router descriptors listed in consensus are "
4235 "currently in old_routers; making them current.",
4236 smartlist_len(no_longer_old));
4237 SMARTLIST_FOREACH(no_longer_old, signed_descriptor_t *, sd, {
4238 const char *msg;
4239 was_router_added_t r;
4240 routerinfo_t *ri = routerlist_reparse_old(rl, sd);
4241 if (!ri) {
4242 log_warn(LD_BUG, "Failed to re-parse a router.");
4243 continue;
4244 }
4245 r = router_add_to_routerlist(ri, &msg, 1, 0);
4246 if (WRA_WAS_OUTDATED(r)) {
4247 log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
4248 msg?msg:"???");
4249 }
4250 });
4251 routerlist_assert_ok(rl);
4252 }
4253
4254 log_info(LD_DIR,
4255 "%d router descriptors downloadable. %d delayed; %d present "
4256 "(%d of those were in old_routers); %d would_reject; "
4257 "%d wouldnt_use; %d in progress.",
4258 smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
4259 n_would_reject, n_wouldnt_use, n_inprogress);
4260
4261 launch_router_descriptor_downloads(downloadable, now);
4262
4263 digestmap_free(map, NULL);
4264 done:
4265 smartlist_free(downloadable);
4266 smartlist_free(no_longer_old);
4267 }
4268
4269 /** How often should we launch a server/authority request to be sure of getting
4270 * a guess for our IP? */
4271 /*XXXX021 this info should come from netinfo cells or something, or we should
4272 * do this only when we aren't seeing incoming data. see bug 652. */
4273 #define DUMMY_DOWNLOAD_INTERVAL (20*60)
4274
4275 /** Launch downloads for router status as needed. */
4276 void
4277 update_router_descriptor_downloads(time_t now)
4278 {
4279 or_options_t *options = get_options();
4280 static time_t last_dummy_download = 0;
4281 if (should_delay_dir_fetches(options))
4282 return;
4283 if (directory_fetches_dir_info_early(options)) {
4284 update_router_descriptor_cache_downloads_v2(now);
4285 }
4286 update_consensus_router_descriptor_downloads(now);
4287
4288 /* XXXX021 we could be smarter here; see notes on bug 652. */
4289 /* If we're a server that doesn't have a configured address, we rely on
4290 * directory fetches to learn when our address changes. So if we haven't
4291 * tried to get any routerdescs in a long time, try a dummy fetch now. */
4292 if (!options->Address &&
4293 server_mode(options) &&
4294 last_routerdesc_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
4295 last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
4296 last_dummy_download = now;
4297 directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
4298 ROUTER_PURPOSE_GENERAL, "authority.z",
4299 PDS_RETRY_IF_NO_SERVERS);
4300 }
4301 }
4302
4303 /** Launch extrainfo downloads as needed. */
4304 void
4305 update_extrainfo_downloads(time_t now)
4306 {
4307 or_options_t *options = get_options();
4308 routerlist_t *rl;
4309 smartlist_t *wanted;
4310 digestmap_t *pending;
4311 int old_routers, i;
4312 int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
4313 if (! options->DownloadExtraInfo)
4314 return;
4315 if (should_delay_dir_fetches(options))
4316 return;
4317 if (!router_have_minimum_dir_info())
4318 return;
4319
4320 pending = digestmap_new();
4321 list_pending_descriptor_downloads(pending, 1);
4322 rl = router_get_routerlist();
4323 wanted = smartlist_create();
4324 for (old_routers = 0; old_routers < 2; ++old_routers) {
4325 smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
4326 for (i = 0; i < smartlist_len(lst); ++i) {
4327 signed_descriptor_t *sd;
4328 char *d;
4329 if (old_routers)
4330 sd = smartlist_get(lst, i);
4331 else
4332 sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
4333 if (sd->is_extrainfo)
4334 continue; /* This should never happen. */
4335 if (old_routers && !router_get_by_digest(sd->identity_digest))
4336 continue; /* Couldn't check the signature if we got it. */
4337 if (sd->extrainfo_is_bogus)
4338 continue;
4339 d = sd->extra_info_digest;
4340 if (tor_digest_is_zero(d)) {
4341 ++n_no_ei;
4342 continue;
4343 }
4344 if (eimap_get(rl->extra_info_map, d)) {
4345 ++n_have;
4346 continue;
4347 }
4348 if (!download_status_is_ready(&sd->ei_dl_status, now,
4349 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4350 ++n_delay;
4351 continue;
4352 }
4353 if (digestmap_get(pending, d)) {
4354 ++n_pending;
4355 continue;
4356 }
4357 smartlist_add(wanted, d);
4358 }
4359 }
4360 digestmap_free(pending, NULL);
4361
4362 log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
4363 "with present ei, %d delaying, %d pending, %d downloadable.",
4364 n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
4365
4366 smartlist_shuffle(wanted);
4367 for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
4368 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
4369 wanted, i, i + MAX_DL_PER_REQUEST,
4370 PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
4371 }
4372
4373 smartlist_free(wanted);
4374 }
4375
4376 /** True iff, the last time we checked whether we had enough directory info
4377 * to build circuits, the answer was "yes". */
4378 static int have_min_dir_info = 0;
4379 /** True iff enough has changed since the last time we checked whether we had
4380 * enough directory info to build circuits that our old answer can no longer
4381 * be trusted. */
4382 static int need_to_update_have_min_dir_info = 1;
4383 /** String describing what we're missing before we have enough directory
4384 * info. */
4385 static char dir_info_status[128] = "";
4386
4387 /** Return true iff we have enough networkstatus and router information to
4388 * start building circuits. Right now, this means "more than half the
4389 * networkstatus documents, and at least 1/4 of expected routers." */
4390 //XXX should consider whether we have enough exiting nodes here.
4391 int
4392 router_have_minimum_dir_info(void)
4393 {
4394 if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
4395 update_router_have_minimum_dir_info();
4396 need_to_update_have_min_dir_info = 0;
4397 }
4398 return have_min_dir_info;
4399 }
4400
4401 /** Called when our internal view of the directory has changed. This can be
4402 * when the authorities change, networkstatuses change, the list of routerdescs
4403 * changes, or number of running routers changes.
4404 */
4405 void
4406 router_dir_info_changed(void)
4407 {
4408 need_to_update_have_min_dir_info = 1;
4409 rend_hsdir_routers_changed();
4410 }
4411
4412 /** Return a string describing what we're missing before we have enough
4413 * directory info. */
4414 const char *
4415 get_dir_info_status_string(void)
4416 {
4417 return dir_info_status;
4418 }
4419
4420 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
4421 * them seem like ones we'd use, and how many of <em>those</em> we have
4422 * descriptors for. Store the former in *<b>num_usable</b> and the latter in
4423 * *<b>num_present</b>. */
4424 static void
4425 count_usable_descriptors(int *num_present, int *num_usable,
4426 const networkstatus_t *consensus,
4427 or_options_t *options, time_t now)
4428 {
4429 *num_present = 0, *num_usable=0;
4430
4431 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4432 {
4433 if (client_would_use_router(rs, now, options)) {
4434 ++*num_usable; /* the consensus says we want it. */
4435 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4436 /* we have the descriptor listed in the consensus. */
4437 ++*num_present;
4438 }
4439 }
4440 });
4441
4442 log_debug(LD_DIR, "%d usable, %d present.", *num_usable, *num_present);
4443 }
4444
4445 /** We just fetched a new set of descriptors. Compute how far through
4446 * the "loading descriptors" bootstrapping phase we are, so we can inform
4447 * the controller of our progress. */
4448 int
4449 count_loading_descriptors_progress(void)
4450 {
4451 int num_present = 0, num_usable=0;
4452 time_t now = time(NULL);
4453 const networkstatus_t *consensus =
4454 networkstatus_get_reasonably_live_consensus(now);
4455 double fraction;
4456
4457 if (!consensus)
4458 return 0; /* can't count descriptors if we have no list of them */
4459
4460 count_usable_descriptors(&num_present, &num_usable,
4461 consensus, get_options(), now);
4462
4463 if (num_usable == 0)
4464 return 0; /* don't div by 0 */
4465 fraction = num_present / (num_usable/4.);
4466 if (fraction > 1.0)
4467 return 0; /* it's not the number of descriptors holding us back */
4468 return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
4469 (fraction*(BOOTSTRAP_STATUS_CONN_OR-1 -
4470 BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
4471 }
4472
4473 /** Change the value of have_min_dir_info, setting it true iff we have enough
4474 * network and router information to build circuits. Clear the value of
4475 * need_to_update_have_min_dir_info. */
4476 static void
4477 update_router_have_minimum_dir_info(void)
4478 {
4479 int num_present = 0, num_usable=0;
4480 time_t now = time(NULL);
4481 int res;
4482 or_options_t *options = get_options();
4483 const networkstatus_t *consensus =
4484 networkstatus_get_reasonably_live_consensus(now);
4485
4486 if (!consensus) {
4487 if (!networkstatus_get_latest_consensus())
4488 strlcpy(dir_info_status, "We have no network-status consensus.",
4489 sizeof(dir_info_status));
4490 else
4491 strlcpy(dir_info_status, "We have no recent network-status consensus.",
4492 sizeof(dir_info_status));
4493 res = 0;
4494 goto done;
4495 }
4496
4497 if (should_delay_dir_fetches(get_options())) {
4498 log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
4499 strlcpy(dir_info_status, "No live bridge descriptors.",
4500 sizeof(dir_info_status));
4501 res = 0;
4502 goto done;
4503 }
4504
4505 count_usable_descriptors(&num_present, &num_usable, consensus, options, now);
4506
4507 if (num_present < num_usable/4) {
4508 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4509 "We have only %d/%d usable descriptors.", num_present, num_usable);
4510 res = 0;
4511 control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
4512 } else if (num_present < 2) {
4513 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4514 "Only %d descriptor%s here and believed reachable!",
4515 num_present, num_present ? "" : "s");
4516 res = 0;
4517 } else {
4518 res = 1;
4519 }
4520
4521 done:
4522 if (res && !have_min_dir_info) {
4523 log(LOG_NOTICE, LD_DIR,
4524 "We now have enough directory information to build circuits.");
4525 control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
4526 control_event_bootstrap(BOOTSTRAP_STATUS_CONN_OR, 0);
4527 }
4528 if (!res && have_min_dir_info) {
4529 int quiet = directory_too_idle_to_fetch_descriptors(options, now);
4530 log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
4531 "Our directory information is no longer up-to-date "
4532 "enough to build circuits: %s", dir_info_status);
4533 control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
4534 }
4535 have_min_dir_info = res;
4536 need_to_update_have_min_dir_info = 0;
4537 }
4538
4539 /** Reset the descriptor download failure count on all routers, so that we
4540 * can retry any long-failed routers immediately.
4541 */
4542 void
4543 router_reset_descriptor_download_failures(void)
4544 {
4545 networkstatus_reset_download_failures();
4546 last_routerdesc_download_attempted = 0;
4547 if (!routerlist)
4548 return;
4549 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
4550 {
4551 download_status_reset(&ri->cache_info.ei_dl_status);
4552 });
4553 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
4554 {
4555 download_status_reset(&sd->ei_dl_status);
4556 });
4557 }
4558
4559 /** Any changes in a router descriptor's publication time larger than this are
4560 * automatically non-cosmetic. */
4561 #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (12*60*60)
4562
4563 /** We allow uptime to vary from how much it ought to be by this much. */
4564 #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
4565
4566 /** Return true iff the only differences between r1 and r2 are such that
4567 * would not cause a recent (post 0.1.1.6) dirserver to republish.
4568 */
4569 int
4570 router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
4571 {
4572 time_t r1pub, r2pub;
4573 long time_difference;
4574 tor_assert(r1 && r2);
4575
4576 /* r1 should be the one that was published first. */
4577 if (r1->cache_info.published_on > r2->cache_info.published_on) {
4578 routerinfo_t *ri_tmp = r2;
4579 r2 = r1;
4580 r1 = ri_tmp;
4581 }
4582
4583 /* If any key fields differ, they're different. */
4584 if (strcasecmp(r1->address, r2->address) ||
4585 strcasecmp(r1->nickname, r2->nickname) ||
4586 r1->or_port != r2->or_port ||
4587 r1->dir_port != r2->dir_port ||
4588 r1->purpose != r2->purpose ||
4589 crypto_pk_cmp_keys(r1->onion_pkey, r2->onion_pkey) ||
4590 crypto_pk_cmp_keys(r1->identity_pkey, r2->identity_pkey) ||
4591 strcasecmp(r1->platform, r2->platform) ||
4592 (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
4593 (!r1->contact_info && r2->contact_info) ||
4594 (r1->contact_info && r2->contact_info &&
4595 strcasecmp(r1->contact_info, r2->contact_info)) ||
4596 r1->is_hibernating != r2->is_hibernating ||
4597 r1->has_old_dnsworkers != r2->has_old_dnsworkers ||
4598 cmp_addr_policies(r1->exit_policy, r2->exit_policy))
4599 return 0;
4600 if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
4601 return 0;
4602 if (r1->declared_family && r2->declared_family) {
4603 int i, n;
4604 if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
4605 return 0;
4606 n = smartlist_len(r1->declared_family);
4607 for (i=0; i < n; ++i) {
4608 if (strcasecmp(smartlist_get(r1->declared_family, i),
4609 smartlist_get(r2->declared_family, i)))
4610 return 0;
4611 }
4612 }
4613
4614 /* Did bandwidth change a lot? */
4615 if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
4616 (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
4617 return 0;
4618
4619 /* Did the bandwithrate or bandwithburst change? */
4620 if ((r1->bandwidthrate != r2->bandwidthrate) ||
4621 (r1->bandwidthburst != r2->bandwidthburst))
4622 return 0;
4623
4624 /* Did more than 12 hours pass? */
4625 if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
4626 < r2->cache_info.published_on)
4627 return 0;
4628
4629 /* Did uptime fail to increase by approximately the amount we would think,
4630 * give or take some slop? */
4631 r1pub = r1->cache_info.published_on;
4632 r2pub = r2->cache_info.published_on;
4633 time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
4634 if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
4635 time_difference > r1->uptime * .05 &&
4636 time_difference > r2->uptime * .05)
4637 return 0;
4638
4639 /* Otherwise, the difference is cosmetic. */
4640 return 1;
4641 }
4642
4643 /** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the
4644 * extrainfo document
4645 * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be
4646 * dropped. Return 0 for "compatible", return 1 for "reject, and inform
4647 * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
4648 * <b>msg</b> is present, set *<b>msg</b> to a description of the
4649 * incompatibility (if any).
4650 **/
4651 int
4652 routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
4653 signed_descriptor_t *sd,
4654 const char **msg)
4655 {
4656 int digest_matches, r=1;
4657 tor_assert(ri);
4658 tor_assert(ei);
4659 if (!sd)
4660 sd = &ri->cache_info;
4661
4662 if (ei->bad_sig) {
4663 if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
4664 return 1;
4665 }
4666
4667 digest_matches = !memcmp(ei->cache_info.signed_descriptor_digest,
4668 sd->extra_info_digest, DIGEST_LEN);
4669
4670 /* The identity must match exactly to have been generated at the same time
4671 * by the same router. */
4672 if (memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
4673 DIGEST_LEN)) {
4674 if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
4675 goto err; /* different servers */
4676 }
4677
4678 if (ei->pending_sig) {
4679 char signed_digest[128];
4680 if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
4681 ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
4682 memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
4683 DIGEST_LEN)) {
4684 ei->bad_sig = 1;
4685 tor_free(ei->pending_sig);
4686 if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
4687 goto err; /* Bad signature, or no match. */
4688 }
4689
4690 ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
4691 tor_free(ei->pending_sig);
4692 }
4693
4694 if (ei->cache_info.published_on < sd->published_on) {
4695 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4696 goto err;
4697 } else if (ei->cache_info.published_on > sd->published_on) {
4698 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4699 r = -1;
4700 goto err;
4701 }
4702
4703 if (!digest_matches) {
4704 if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
4705 goto err; /* Digest doesn't match declared value. */
4706 }
4707
4708 return 0;
4709 err:
4710 if (digest_matches) {
4711 /* This signature was okay, and the digest was right: This is indeed the
4712 * corresponding extrainfo. But insanely, it doesn't match the routerinfo
4713 * that lists it. Don't try to fetch this one again. */
4714 sd->extrainfo_is_bogus = 1;
4715 }
4716
4717 return r;
4718 }
4719
4720 /** Assert that the internal representation of <b>rl</b> is
4721 * self-consistent. */
4722 void
4723 routerlist_assert_ok(routerlist_t *rl)
4724 {
4725 routerinfo_t *r2;
4726 signed_descriptor_t *sd2;
4727 if (!rl)
4728 return;
4729 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
4730 {
4731 r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
4732 tor_assert(r == r2);
4733 sd2 = sdmap_get(rl->desc_digest_map,
4734 r->cache_info.signed_descriptor_digest);
4735 tor_assert(&(r->cache_info) == sd2);
4736 tor_assert(r->cache_info.routerlist_index == r_sl_idx);
4737 /* XXXX
4738 *
4739 * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
4740 * commenting this out is just a band-aid.
4741 *
4742 * The problem is that, although well-behaved router descriptors
4743 * should never have the same value for their extra_info_digest, it's
4744 * possible for ill-behaved routers to claim whatever they like there.
4745 *
4746 * The real answer is to trash desc_by_eid_map and instead have
4747 * something that indicates for a given extra-info digest we want,
4748 * what its download status is. We'll do that as a part of routerlist
4749 * refactoring once consensus directories are in. For now,
4750 * this rep violation is probably harmless: an adversary can make us
4751 * reset our retry count for an extrainfo, but that's not the end
4752 * of the world. Changing the representation in 0.2.0.x would just
4753 * destabilize the codebase.
4754 if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
4755 signed_descriptor_t *sd3 =
4756 sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
4757 tor_assert(sd3 == &(r->cache_info));
4758 }
4759 */
4760 });
4761 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
4762 {
4763 r2 = rimap_get(rl->identity_map, sd->identity_digest);
4764 tor_assert(sd != &(r2->cache_info));
4765 sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
4766 tor_assert(sd == sd2);
4767 tor_assert(sd->routerlist_index == sd_sl_idx);
4768 /* XXXX see above.
4769 if (!tor_digest_is_zero(sd->extra_info_digest)) {
4770 signed_descriptor_t *sd3 =
4771 sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
4772 tor_assert(sd3 == sd);
4773 }
4774 */
4775 });
4776
4777 RIMAP_FOREACH(rl->identity_map, d, r) {
4778 tor_assert(!memcmp(r->cache_info.identity_digest, d, DIGEST_LEN));
4779 } DIGESTMAP_FOREACH_END;
4780 SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
4781 tor_assert(!memcmp(sd->signed_descriptor_digest, d, DIGEST_LEN));
4782 } DIGESTMAP_FOREACH_END;
4783 SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
4784 tor_assert(!tor_digest_is_zero(d));
4785 tor_assert(sd);
4786 tor_assert(!memcmp(sd->extra_info_digest, d, DIGEST_LEN));
4787 } DIGESTMAP_FOREACH_END;
4788 EIMAP_FOREACH(rl->extra_info_map, d, ei) {
4789 signed_descriptor_t *sd;
4790 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4791 d, DIGEST_LEN));
4792 sd = sdmap_get(rl->desc_by_eid_map,
4793 ei->cache_info.signed_descriptor_digest);
4794 // tor_assert(sd); // XXXX see above
4795 if (sd) {
4796 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4797 sd->extra_info_digest, DIGEST_LEN));
4798 }
4799 } DIGESTMAP_FOREACH_END;
4800 }
4801
4802 /** Allocate and return a new string representing the contact info
4803 * and platform string for <b>router</b>,
4804 * surrounded by quotes and using standard C escapes.
4805 *
4806 * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
4807 * thread. Also, each call invalidates the last-returned value, so don't
4808 * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
4809 *
4810 * If <b>router</b> is NULL, it just frees its internal memory and returns.
4811 */
4812 const char *
4813 esc_router_info(routerinfo_t *router)
4814 {
4815 static char *info=NULL;
4816 char *esc_contact, *esc_platform;
4817 size_t len;
4818 if (info)
4819 tor_free(info);
4820 if (!router)
4821 return NULL; /* we're exiting; just free the memory we use */
4822
4823 esc_contact = esc_for_log(router->contact_info);
4824 esc_platform = esc_for_log(router->platform);
4825
4826 len = strlen(esc_contact)+strlen(esc_platform)+32;
4827 info = tor_malloc(len);
4828 tor_snprintf(info, len, "Contact %s, Platform %s", esc_contact,
4829 esc_platform);
4830 tor_free(esc_contact);
4831 tor_free(esc_platform);
4832
4833 return info;
4834 }
4835
4836 /** Helper for sorting: compare two routerinfos by their identity
4837 * digest. */
4838 static int
4839 _compare_routerinfo_by_id_digest(const void **a, const void **b)
4840 {
4841 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
4842 return memcmp(first->cache_info.identity_digest,
4843 second->cache_info.identity_digest,
4844 DIGEST_LEN);
4845 }
4846
4847 /** Sort a list of routerinfo_t in ascending order of identity digest. */
4848 void
4849 routers_sort_by_identity(smartlist_t *routers)
4850 {
4851 smartlist_sort(routers, _compare_routerinfo_by_id_digest);
4852 }
4853
4854 /** A routerset specifies constraints on a set of possible routerinfos, based
4855 * on their names, identities, or addresses. It is optimized for determining
4856 * whether a router is a member or not, in O(1+P) time, where P is the number
4857 * of address policy constraints. */
4858 struct routerset_t {
4859 /** A list of strings for the elements of the policy. Each string is either
4860 * a nickname, a hexadecimal identity fingerprint, or an address policy. A
4861 * router belongs to the set if its nickname OR its identity OR its address
4862 * matches an entry here. */
4863 smartlist_t *list;
4864 /** A map from lowercase nicknames of routers in the set to (void*)1 */
4865 strmap_t *names;
4866 /** A map from identity digests routers in the set to (void*)1 */
4867 digestmap_t *digests;
4868 /** An address policy for routers in the set. For implementation reasons,
4869 * a router belongs to the set if it is _rejected_ by this policy. */
4870 smartlist_t *policies;
4871
4872 /** A human-readable description of what this routerset is for. Used in
4873 * log messages. */
4874 char *description;
4875
4876 /** A list of the country codes in this set. */
4877 smartlist_t *country_names;
4878 /** Total number of countries we knew about when we built <b>countries</b>.*/
4879 int n_countries;
4880 /** Bit array mapping the return value of geoip_get_country() to 1 iff the
4881 * country is a member of this routerset. Note that we MUST call
4882 * routerset_refresh_countries() whenever the geoip country list is
4883 * reloaded. */
4884 bitarray_t *countries;
4885 };
4886
4887 /** Return a new empty routerset. */
4888 routerset_t *
4889 routerset_new(void)
4890 {
4891 routerset_t *result = tor_malloc_zero(sizeof(routerset_t));
4892 result->list = smartlist_create();
4893 result->names = strmap_new();
4894 result->digests = digestmap_new();
4895 result->policies = smartlist_create();
4896 result->country_names = smartlist_create();
4897 return result;
4898 }
4899
4900 /** If <b>c</b> is a country code in the form {cc}, return a newly allocated
4901 * string holding the "cc" part. Else, return NULL. */
4902 static char *
4903 routerset_get_countryname(const char *c)
4904 {
4905 char *country;
4906
4907 if (strlen(c) < 4 || c[0] !='{' || c[3] !='}')
4908 return NULL;
4909
4910 country = tor_strndup(c+1, 2);
4911 tor_strlower(country);
4912 return country;
4913 }
4914
4915 #if 0
4916 /** Add the GeoIP database's integer index (+1) of a valid two-character
4917 * country code to the routerset's <b>countries</b> bitarray. Return the
4918 * integer index if the country code is valid, -1 otherwise.*/
4919 static int
4920 routerset_add_country(const char *c)
4921 {
4922 char country[3];
4923 country_t cc;
4924
4925 /* XXXX: Country codes must be of the form \{[a-z\?]{2}\} but this accepts
4926 \{[.]{2}\}. Do we need to be strict? -RH */
4927 /* Nope; if the country code is bad, we'll get 0 when we look it up. */
4928
4929 if (!geoip_is_loaded()) {
4930 log(LOG_WARN, LD_CONFIG, "GeoIP database not loaded: Cannot add country"
4931 "entry %s, ignoring.", c);
4932 return -1;
4933 }
4934
4935 memcpy(country, c+1, 2);
4936 country[2] = '\0';
4937 tor_strlower(country);
4938
4939 if ((cc=geoip_get_country(country))==-1) {
4940 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not valid, ignoring.",
4941 country);
4942 }
4943 return cc;
4944 }
4945 #endif
4946
4947 /** Update the routerset's <b>countries</b> bitarray_t. Called whenever
4948 * the GeoIP database is reloaded.
4949 */
4950 void
4951 routerset_refresh_countries(routerset_t *target)
4952 {
4953 int cc;
4954 if (target->countries) {
4955 bitarray_free(target->countries);
4956 }
4957 if (!geoip_is_loaded()) {
4958 target->countries = NULL;
4959 target->n_countries = 0;
4960 return;
4961 }
4962 target->n_countries = geoip_get_n_countries();
4963 target->countries = bitarray_init_zero(target->n_countries);
4964 SMARTLIST_FOREACH_BEGIN(target->country_names, const char *, country) {
4965 cc = geoip_get_country(country);
4966 if (cc >= 0) {
4967 tor_assert(cc < target->n_countries);
4968 bitarray_set(target->countries, cc);
4969 } else {
4970 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not recognized.",
4971 country);
4972 }
4973 } SMARTLIST_FOREACH_END(country);
4974 }
4975
4976 /** Parse the string <b>s</b> to create a set of routerset entries, and add
4977 * them to <b>target</b>. In log messages, refer to the string as
4978 * <b>description</b>. Return 0 on success, -1 on failure.
4979 *
4980 * Three kinds of elements are allowed in routersets: nicknames, IP address
4981 * patterns, and fingerprints. They may be surrounded by optional space, and
4982 * mst be separated by commas.
4983 */
4984 int
4985 routerset_parse(routerset_t *target, const char *s, const char *description)
4986 {
4987 int r = 0;
4988 int added_countries = 0;
4989 char *countryname;
4990 smartlist_t *list = smartlist_create();
4991 smartlist_split_string(list, s, ",",
4992 SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
4993 SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
4994 addr_policy_t *p;
4995 if (is_legal_hexdigest(nick)) {
4996 char d[DIGEST_LEN];
4997 if (*nick == '$')
4998 ++nick;
4999 log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
5000 base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
5001 digestmap_set(target->digests, d, (void*)1);
5002 } else if (is_legal_nickname(nick)) {
5003 log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
5004 strmap_set_lc(target->names, nick, (void*)1);
5005 } else if ((countryname = routerset_get_countryname(nick)) != NULL) {
5006 log_debug(LD_CONFIG, "Adding country %s to %s", nick,
5007 description);
5008 smartlist_add(target->country_names, countryname);
5009 added_countries = 1;
5010 } else if ((strchr(nick,'.') || strchr(nick, '*')) &&
5011 (p = router_parse_addr_policy_item_from_string(
5012 nick, ADDR_POLICY_REJECT))) {
5013 log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
5014 smartlist_add(target->policies, p);
5015 } else {
5016 log_warn(LD_CONFIG, "Entry '%s' in %s is misformed.", nick,
5017 description);
5018 r = -1;
5019 tor_free(nick);
5020 SMARTLIST_DEL_CURRENT(list, nick);
5021 }
5022 } SMARTLIST_FOREACH_END(nick);
5023 smartlist_add_all(target->list, list);
5024 smartlist_free(list);
5025 if (added_countries)
5026 routerset_refresh_countries(target);
5027 return r;
5028 }
5029
5030 /** DOCDOC */
5031 void
5032 refresh_all_country_info(void)
5033 {
5034 or_options_t *options = get_options();
5035
5036 if (options->EntryNodes)
5037 routerset_refresh_countries(options->EntryNodes);
5038 if (options->ExitNodes)
5039 routerset_refresh_countries(options->ExitNodes);
5040 if (options->ExcludeNodes)
5041 routerset_refresh_countries(options->ExcludeNodes);
5042 if (options->ExcludeExitNodes)
5043 routerset_refresh_countries(options->ExcludeExitNodes);
5044 if (options->_ExcludeExitNodesUnion)
5045 routerset_refresh_countries(options->_ExcludeExitNodesUnion);
5046
5047 routerlist_refresh_countries();
5048 }
5049
5050 /** Add all members of the set <b>source</b> to <b>target</b>. */
5051 void
5052 routerset_union(routerset_t *target, const routerset_t *source)
5053 {
5054 char *s;
5055 tor_assert(target);
5056 if (!source || !source->list)
5057 return;
5058 s = routerset_to_string(source);
5059 routerset_parse(target, s, "other routerset");
5060 tor_free(s);
5061 }
5062
5063 /** Return true iff <b>set</b> lists only nicknames and digests, and includes
5064 * no IP ranges or countries. */
5065 int
5066 routerset_is_list(const routerset_t *set)
5067 {
5068 return smartlist_len(set->country_names) == 0 &&
5069 smartlist_len(set->policies) == 0;
5070 }
5071
5072 /** Return true iff we need a GeoIP IP-to-country database to make sense of
5073 * <b>set</b>. */
5074 int
5075 routerset_needs_geoip(const routerset_t *set)
5076 {
5077 return set && smartlist_len(set->country_names);
5078 }
5079
5080 /** Return true iff there are no entries in <b>set</b>. */
5081 static int
5082 routerset_is_empty(const routerset_t *set)
5083 {
5084 return !set || smartlist_len(set->list) == 0;
5085 }
5086
5087 /** Helper. Return true iff <b>set</b> contains a router based on the other
5088 * provided fields. Return higher values for more specific subentries: a
5089 * single router is more specific than an address range of routers, which is
5090 * more specific in turn than a country code.
5091 *
5092 * (If country is -1, then we take the country
5093 * from addr.) */
5094 static int
5095 routerset_contains(const routerset_t *set, const tor_addr_t *addr,
5096 uint16_t orport,
5097 const char *nickname, const char *id_digest, int is_named,
5098 country_t country)
5099 {
5100 if (!set || !set->list) return 0;
5101 (void) is_named; /* not supported */
5102 if (nickname && strmap_get_lc(set->names, nickname))
5103 return 4;
5104 if (id_digest && digestmap_get(set->digests, id_digest))
5105 return 4;
5106 if (addr && compare_tor_addr_to_addr_policy(addr, orport, set->policies)
5107 == ADDR_POLICY_REJECTED)
5108 return 3;
5109 if (set->countries) {
5110 if (country < 0 && addr)
5111 country = geoip_get_country_by_ip(tor_addr_to_ipv4h(addr));
5112
5113 if (country >= 0 && country < set->n_countries &&
5114 bitarray_is_set(set->countries, country))
5115 return 2;
5116 }
5117 return 0;
5118 }
5119
5120 /** Return true iff we can tell that <b>ei</b> is a member of <b>set</b>. */
5121 int
5122 routerset_contains_extendinfo(const routerset_t *set, extend_info_t *ei)
5123 {
5124 return routerset_contains(set,
5125 &ei->addr,
5126 ei->port,
5127 ei->nickname,
5128 ei->identity_digest,
5129 -1, /*is_named*/
5130 -1 /*country*/);
5131 }
5132
5133 /** Return true iff <b>ri</b> is in <b>set</b>. */
5134 int
5135 routerset_contains_router(const routerset_t *set, routerinfo_t *ri)
5136 {
5137 tor_addr_t addr;
5138 tor_addr_from_ipv4h(&addr, ri->addr);
5139 return routerset_contains(set,
5140 &addr,
5141 ri->or_port,
5142 ri->nickname,
5143 ri->cache_info.identity_digest,
5144 ri->is_named,
5145 ri->country);
5146 }
5147
5148 /** Return true iff <b>rs</b> is in <b>set</b>. */
5149 int
5150 routerset_contains_routerstatus(const routerset_t *set, routerstatus_t *rs)
5151 {
5152 tor_addr_t addr;
5153 tor_addr_from_ipv4h(&addr, rs->addr);
5154 return routerset_contains(set,
5155 &addr,
5156 rs->or_port,
5157 rs->nickname,
5158 rs->identity_digest,
5159 rs->is_named,
5160 -1);
5161 }
5162
5163 /** Add every known routerinfo_t that is a member of <b>routerset</b> to
5164 * <b>out</b>. If <b>running_only</b>, only add the running ones. */
5165 void
5166 routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
5167 int running_only)
5168 {
5169 tor_assert(out);
5170 if (!routerset || !routerset->list)
5171 return;
5172 if (!warned_nicknames)
5173 warned_nicknames = smartlist_create();
5174 if (routerset_is_list(routerset)) {
5175
5176 /* No routers are specified by type; all are given by name or digest.
5177 * we can do a lookup in O(len(list)). */
5178 SMARTLIST_FOREACH(routerset->list, const char *, name, {
5179 routerinfo_t *router = router_get_by_nickname(name, 1);
5180 if (router) {
5181 if (!running_only || router->is_running)
5182 smartlist_add(out, router);
5183 }
5184 });
5185 } else {
5186 /* We need to iterate over the routerlist to get all the ones of the
5187 * right kind. */
5188 routerlist_t *rl = router_get_routerlist();
5189 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
5190 if (running_only && !router->is_running)
5191 continue;
5192 if (routerset_contains_router(routerset, router))
5193 smartlist_add(out, router);
5194 });
5195 }
5196 }
5197
5198 /** Add to <b>target</b> every routerinfo_t from <b>source</b> that is in
5199 * <b>include</b>, but not excluded in a more specific fashion by
5200 * <b>exclude</b>. If <b>running_only</b>, only include running routers.
5201 */
5202 void
5203 routersets_get_disjunction(smartlist_t *target,
5204 const smartlist_t *source,
5205 const routerset_t *include,
5206 const routerset_t *exclude, int running_only)
5207 {
5208 SMARTLIST_FOREACH(source, routerinfo_t *, router, {
5209 int include_result;
5210 if (running_only && !router->is_running)
5211 continue;
5212 if (!routerset_is_empty(include))
5213 include_result = routerset_contains_router(include, router);
5214 else
5215 include_result = 1;
5216
5217 if (include_result) {
5218 int exclude_result = routerset_contains_router(exclude, router);
5219 if (include_result >= exclude_result)
5220 smartlist_add(target, router);
5221 }
5222 });
5223 }
5224
5225 /** Remove every routerinfo_t from <b>lst</b> that is in <b>routerset</b>. */
5226 void
5227 routerset_subtract_routers(smartlist_t *lst, const routerset_t *routerset)
5228 {
5229 tor_assert(lst);
5230 if (!routerset)
5231 return;
5232 SMARTLIST_FOREACH(lst, routerinfo_t *, r, {
5233 if (routerset_contains_router(routerset, r)) {
5234 //log_debug(LD_DIR, "Subtracting %s",r->nickname);
5235 SMARTLIST_DEL_CURRENT(lst, r);
5236 }
5237 });
5238 }
5239
5240 /** Return a new string that when parsed by routerset_parse_string() will
5241 * yield <b>set</b>. */
5242 char *
5243 routerset_to_string(const routerset_t *set)
5244 {
5245 if (!set || !set->list)
5246 return tor_strdup("");
5247 return smartlist_join_strings(set->list, ",", 0, NULL);
5248 }
5249
5250 /** Helper: return true iff old and new are both NULL, or both non-NULL
5251 * equal routersets. */
5252 int
5253 routerset_equal(const routerset_t *old, const routerset_t *new)
5254 {
5255 if (old == NULL && new == NULL)
5256 return 1;
5257 else if (old == NULL || new == NULL)
5258 return 0;
5259
5260 if (smartlist_len(old->list) != smartlist_len(new->list))
5261 return 0;
5262
5263 SMARTLIST_FOREACH(old->list, const char *, cp1, {
5264 const char *cp2 = smartlist_get(new->list, cp1_sl_idx);
5265 if (strcmp(cp1, cp2))
5266 return 0;
5267 });
5268
5269 return 1;
5270
5271 #if 0
5272 /* XXXX: This won't work if the names/digests are identical but in a
5273 different order. Checking for exact equality would be heavy going,
5274 is it worth it? -RH*/
5275 /* This code is totally bogus; sizeof doesn't work even remotely like this
5276 * code seems to think. Let's revert to a string-based comparison for
5277 * now. -NM*/
5278 if (sizeof(old->names) != sizeof(new->names))
5279 return 0;
5280
5281 if (memcmp(old->names,new->names,sizeof(new->names)))
5282 return 0;
5283 if (sizeof(old->digests) != sizeof(new->digests))
5284 return 0;
5285 if (memcmp(old->digests,new->digests,sizeof(new->digests)))
5286 return 0;
5287 if (sizeof(old->countries) != sizeof(new->countries))
5288 return 0;
5289 if (memcmp(old->countries,new->countries,sizeof(new->countries)))
5290 return 0;
5291 return 1;
5292 #endif
5293 }
5294
5295 /** Free all storage held in <b>routerset</b>. */
5296 void
5297 routerset_free(routerset_t *routerset)
5298 {
5299 SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
5300 smartlist_free(routerset->list);
5301 SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
5302 addr_policy_free(p));
5303 smartlist_free(routerset->policies);
5304 SMARTLIST_FOREACH(routerset->country_names, char *, cp, tor_free(cp));
5305 smartlist_free(routerset->country_names);
5306
5307 strmap_free(routerset->names, NULL);
5308 digestmap_free(routerset->digests, NULL);
5309 if (routerset->countries)
5310 bitarray_free(routerset->countries);
5311 tor_free(routerset);
5312 }
5313
5314 /** Refresh the country code of <b>ri</b>. This function MUST be called on
5315 * each router when the GeoIP database is reloaded, and on all new routers. */
5316 void
5317 routerinfo_set_country(routerinfo_t *ri)
5318 {
5319 ri->country = geoip_get_country_by_ip(ri->addr);
5320 }
5321
5322 /** Set the country code of all routers in the routerlist. */
5323 void
5324 routerlist_refresh_countries(void)
5325 {
5326 routerlist_t *rl = router_get_routerlist();
5327 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
5328 routerinfo_set_country(ri));
5329 }
5330
5331 /** Determine the routers that are responsible for <b>id</b> (binary) and
5332 * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
5333 * Return -1 if we're returning an empty smartlist, else return 0.
5334 */
5335 int
5336 hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
5337 const char *id)
5338 {
5339 int start, found, n_added = 0, i;
5340 networkstatus_t *c = networkstatus_get_latest_consensus();
5341 int use_begindir = get_options()->TunnelDirConns;
5342 if (!c || !smartlist_len(c->routerstatus_list)) {
5343 log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
5344 "rendezvous operations.");
5345 return -1;
5346 }
5347 tor_assert(id);
5348 start = networkstatus_vote_find_entry_idx(c, id, &found);
5349 if (start == smartlist_len(c->routerstatus_list)) start = 0;
5350 i = start;
5351 do {
5352 routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
5353 if (r->is_hs_dir) {
5354 if (r->dir_port || use_begindir)
5355 smartlist_add(responsible_dirs, r);
5356 else
5357 log_info(LD_REND, "Not adding router '%s' to list of responsible "
5358 "hidden service directories, because we have no way of "
5359 "reaching it.", r->nickname);
5360 if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
5361 break;
5362 }
5363 if (++i == smartlist_len(c->routerstatus_list))
5364 i = 0;
5365 } while (i != start);
5366
5367 /* Even though we don't have the desired number of hidden service
5368 * directories, be happy if we got any. */
5369 return smartlist_len(responsible_dirs) ? 0 : -1;
5370 }
5371
5372 /** Return true if this node is currently acting as hidden service
5373 * directory, false otherwise. */
5374 int
5375 hid_serv_acting_as_directory(void)
5376 {
5377 routerinfo_t *me = router_get_my_routerinfo();
5378 networkstatus_t *c;
5379 routerstatus_t *rs;
5380 if (!me)
5381 return 0;
5382 if (!get_options()->HidServDirectoryV2) {
5383 log_info(LD_REND, "We are not acting as hidden service directory, "
5384 "because we have not been configured as such.");
5385 return 0;
5386 }
5387 if (!(c = networkstatus_get_latest_consensus())) {
5388 log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden "
5389 "service directory");
5390 return 0;
5391 }
5392 rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest);
5393 if (!rs) {
5394 log_info(LD_REND, "We're not listed in the consensus, so we're not "
5395 "being a hidden service directory.");
5396 return 0;
5397 }
5398 if (!rs->is_hs_dir) {
5399 log_info(LD_REND, "We're not listed as a hidden service directory in "
5400 "the consensus, so we won't be one.");
5401 return 0;
5402 }
5403 return 1;
5404 }
5405
5406 /** Return true if this node is responsible for storing the descriptor ID
5407 * in <b>query</b> and false otherwise. */
5408 int
5409 hid_serv_responsible_for_desc_id(const char *query)
5410 {
5411 routerinfo_t *me;
5412 routerstatus_t *last_rs;
5413 const char *my_id, *last_id;
5414 int result;
5415 smartlist_t *responsible;
5416 if (!hid_serv_acting_as_directory())
5417 return 0;
5418 if (!(me = router_get_my_routerinfo()))
5419 return 0; /* This is redundant, but let's be paranoid. */
5420 my_id = me->cache_info.identity_digest;
5421 responsible = smartlist_create();
5422 if (hid_serv_get_responsible_directories(responsible, query) < 0) {
5423 smartlist_free(responsible);
5424 return 0;
5425 }
5426 last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
5427 last_id = last_rs->identity_digest;
5428 result = rend_id_is_in_interval(my_id, query, last_id);
5429 smartlist_free(responsible);
5430 return result;
5431 }
5432