search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update Tor Project copyright years
[tor/rransom.git] / src / or / routerlist.c
blob2fc80738f88856bf0e817ebe75bff3c680d65a18
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2010, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file routerlist.c
9 * \brief Code to
10 * maintain and access the global list of routerinfos for known
11 * servers.
12 **/
13
14 #include "or.h"
15
16 // #define DEBUG_ROUTERLIST
17
18 /****************************************************************************/
19
20 /* static function prototypes */
21 static routerstatus_t *router_pick_directory_server_impl(
22 authority_type_t auth, int flags);
23 static routerstatus_t *router_pick_trusteddirserver_impl(
24 authority_type_t auth, int flags, int *n_busy_out);
25 static void mark_all_trusteddirservers_up(void);
26 static int router_nickname_matches(routerinfo_t *router, const char *nickname);
27 static void trusted_dir_server_free(trusted_dir_server_t *ds);
28 static void launch_router_descriptor_downloads(smartlist_t *downloadable,
29 time_t now);
30 static void update_consensus_router_descriptor_downloads(time_t now);
31 static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
32 static void update_router_have_minimum_dir_info(void);
33 static const char *signed_descriptor_get_body_impl(signed_descriptor_t *desc,
34 int with_annotations);
35 static void list_pending_downloads(digestmap_t *result,
36 int purpose, const char *prefix);
37
38 DECLARE_TYPED_DIGESTMAP_FNS(sdmap_, digest_sd_map_t, signed_descriptor_t)
39 DECLARE_TYPED_DIGESTMAP_FNS(rimap_, digest_ri_map_t, routerinfo_t)
40 DECLARE_TYPED_DIGESTMAP_FNS(eimap_, digest_ei_map_t, extrainfo_t)
41 #define SDMAP_FOREACH(map, keyvar, valvar) \
42 DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
43 valvar)
44 #define RIMAP_FOREACH(map, keyvar, valvar) \
45 DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
46 #define EIMAP_FOREACH(map, keyvar, valvar) \
47 DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
48
49 /****************************************************************************/
50
51 /** Global list of a trusted_dir_server_t object for each trusted directory
52 * server. */
53 static smartlist_t *trusted_dir_servers = NULL;
54
55 /** List of for a given authority, and download status for latest certificate.
56 */
57 typedef struct cert_list_t {
58 download_status_t dl_status;
59 smartlist_t *certs;
60 } cert_list_t;
61 /** Map from v3 identity key digest to cert_list_t. */
62 static digestmap_t *trusted_dir_certs = NULL;
63 /** True iff any key certificate in at least one member of
64 * <b>trusted_dir_certs</b> has changed since we last flushed the
65 * certificates to disk. */
66 static int trusted_dir_servers_certs_changed = 0;
67
68 /** Global list of all of the routers that we know about. */
69 static routerlist_t *routerlist = NULL;
70
71 /** List of strings for nicknames we've already warned about and that are
72 * still unknown / unavailable. */
73 static smartlist_t *warned_nicknames = NULL;
74
75 /** The last time we tried to download any routerdesc, or 0 for "never". We
76 * use this to rate-limit download attempts when the number of routerdescs to
77 * download is low. */
78 static time_t last_routerdesc_download_attempted = 0;
79
80 /** When we last computed the weights to use for bandwidths on directory
81 * requests, what were the total weighted bandwidth, and our share of that
82 * bandwidth? Used to determine what fraction of directory requests we should
83 * expect to see. */
84 static uint64_t sl_last_total_weighted_bw = 0,
85 sl_last_weighted_bw_of_me = 0;
86
87 /** Return the number of directory authorities whose type matches some bit set
88 * in <b>type</b> */
89 int
90 get_n_authorities(authority_type_t type)
91 {
92 int n = 0;
93 if (!trusted_dir_servers)
94 return 0;
95 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
96 if (ds->type & type)
97 ++n);
98 return n;
99 }
100
101 #define get_n_v2_authorities() get_n_authorities(V2_AUTHORITY)
102
103 /** Helper: Return the cert_list_t for an authority whose authority ID is
104 * <b>id_digest</b>, allocating a new list if necessary. */
105 static cert_list_t *
106 get_cert_list(const char *id_digest)
107 {
108 cert_list_t *cl;
109 if (!trusted_dir_certs)
110 trusted_dir_certs = digestmap_new();
111 cl = digestmap_get(trusted_dir_certs, id_digest);
112 if (!cl) {
113 cl = tor_malloc_zero(sizeof(cert_list_t));
114 cl->dl_status.schedule = DL_SCHED_CONSENSUS;
115 cl->certs = smartlist_create();
116 digestmap_set(trusted_dir_certs, id_digest, cl);
117 }
118 return cl;
119 }
120
121 /** Reload the cached v3 key certificates from the cached-certs file in
122 * the data directory. Return 0 on success, -1 on failure. */
123 int
124 trusted_dirs_reload_certs(void)
125 {
126 char *filename;
127 char *contents;
128 int r;
129
130 filename = get_datadir_fname("cached-certs");
131 contents = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
132 tor_free(filename);
133 if (!contents)
134 return 0;
135 r = trusted_dirs_load_certs_from_string(contents, 1, 1);
136 tor_free(contents);
137 return r;
138 }
139
140 /** Helper: return true iff we already have loaded the exact cert
141 * <b>cert</b>. */
142 static INLINE int
143 already_have_cert(authority_cert_t *cert)
144 {
145 cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
146
147 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
148 {
149 if (!memcmp(c->cache_info.signed_descriptor_digest,
150 cert->cache_info.signed_descriptor_digest,
151 DIGEST_LEN))
152 return 1;
153 });
154 return 0;
155 }
156
157 /** Load a bunch of new key certificates from the string <b>contents</b>. If
158 * <b>from_store</b> is true, the certificates are from the cache, and we
159 * don't need to flush them to disk. If <b>from_store</b> is false, we need
160 * to flush any changed certificates to disk. Return 0 on success, -1 on
161 * failure. */
162 int
163 trusted_dirs_load_certs_from_string(const char *contents, int from_store,
164 int flush)
165 {
166 trusted_dir_server_t *ds;
167 const char *s, *eos;
168
169 for (s = contents; *s; s = eos) {
170 authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
171 cert_list_t *cl;
172 if (!cert)
173 break;
174 ds = trusteddirserver_get_by_v3_auth_digest(
175 cert->cache_info.identity_digest);
176 log_debug(LD_DIR, "Parsed certificate for %s",
177 ds ? ds->nickname : "unknown authority");
178
179 if (already_have_cert(cert)) {
180 /* we already have this one. continue. */
181 log_info(LD_DIR, "Skipping %s certificate for %s that we "
182 "already have.",
183 from_store ? "cached" : "downloaded",
184 ds ? ds->nickname : "??");
185
186 /* a duplicate on a download should be treated as a failure, since it
187 * probably means we wanted a different secret key or we are trying to
188 * replace an expired cert that has not in fact been updated. */
189 if (!from_store) {
190 log_warn(LD_DIR, "Got a certificate for %s that we already have. "
191 "Maybe they haven't updated it. Waiting for a while.",
192 ds ? ds->nickname : "??");
193 authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
194 }
195
196 authority_cert_free(cert);
197 continue;
198 }
199
200 if (ds) {
201 log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
202 "signing key %s", from_store ? "cached" : "downloaded",
203 ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
204 } else {
205 int adding = directory_caches_dir_info(get_options());
206 log_info(LD_DIR, "%s %s certificate for unrecognized directory "
207 "authority with signing key %s",
208 adding ? "Adding" : "Not adding",
209 from_store ? "cached" : "downloaded",
210 hex_str(cert->signing_key_digest,DIGEST_LEN));
211 if (!adding) {
212 authority_cert_free(cert);
213 continue;
214 }
215 }
216
217 cl = get_cert_list(cert->cache_info.identity_digest);
218 smartlist_add(cl->certs, cert);
219 if (ds && cert->cache_info.published_on > ds->addr_current_at) {
220 /* Check to see whether we should update our view of the authority's
221 * address. */
222 if (cert->addr && cert->dir_port &&
223 (ds->addr != cert->addr ||
224 ds->dir_port != cert->dir_port)) {
225 char *a = tor_dup_ip(cert->addr);
226 log_notice(LD_DIR, "Updating address for directory authority %s "
227 "from %s:%d to %s:%d based on in certificate.",
228 ds->nickname, ds->address, (int)ds->dir_port,
229 a, cert->dir_port);
230 tor_free(a);
231 ds->addr = cert->addr;
232 ds->dir_port = cert->dir_port;
233 }
234 ds->addr_current_at = cert->cache_info.published_on;
235 }
236
237 if (!from_store)
238 trusted_dir_servers_certs_changed = 1;
239 }
240
241 if (flush)
242 trusted_dirs_flush_certs_to_disk();
243
244 networkstatus_note_certs_arrived();
245 return 0;
246 }
247
248 /** Save all v3 key certificates to the cached-certs file. */
249 void
250 trusted_dirs_flush_certs_to_disk(void)
251 {
252 char *filename;
253 smartlist_t *chunks;
254
255 if (!trusted_dir_servers_certs_changed || !trusted_dir_certs)
256 return;
257
258 chunks = smartlist_create();
259 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
260 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
261 {
262 sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
263 c->bytes = cert->cache_info.signed_descriptor_body;
264 c->len = cert->cache_info.signed_descriptor_len;
265 smartlist_add(chunks, c);
266 });
267 } DIGESTMAP_FOREACH_END;
268
269 filename = get_datadir_fname("cached-certs");
270 if (write_chunks_to_file(filename, chunks, 0)) {
271 log_warn(LD_FS, "Error writing certificates to disk.");
272 }
273 tor_free(filename);
274 SMARTLIST_FOREACH(chunks, sized_chunk_t *, c, tor_free(c));
275 smartlist_free(chunks);
276
277 trusted_dir_servers_certs_changed = 0;
278 }
279
280 /** Remove all v3 authority certificates that have been superseded for more
281 * than 48 hours. (If the most recent cert was published more than 48 hours
282 * ago, then we aren't going to get any consensuses signed with older
283 * keys.) */
284 static void
285 trusted_dirs_remove_old_certs(void)
286 {
287 time_t now = time(NULL);
288 #define DEAD_CERT_LIFETIME (2*24*60*60)
289 #define OLD_CERT_LIFETIME (7*24*60*60)
290 if (!trusted_dir_certs)
291 return;
292
293 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
294 authority_cert_t *newest = NULL;
295 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
296 if (!newest || (cert->cache_info.published_on >
297 newest->cache_info.published_on))
298 newest = cert);
299 if (newest) {
300 const time_t newest_published = newest->cache_info.published_on;
301 SMARTLIST_FOREACH_BEGIN(cl->certs, authority_cert_t *, cert) {
302 int expired;
303 time_t cert_published;
304 if (newest == cert)
305 continue;
306 expired = ftime_definitely_after(now, cert->expires);
307 cert_published = cert->cache_info.published_on;
308 /* Store expired certs for 48 hours after a newer arrives;
309 */
310 if (expired ?
311 (newest_published + DEAD_CERT_LIFETIME < now) :
312 (cert_published + OLD_CERT_LIFETIME < newest_published)) {
313 SMARTLIST_DEL_CURRENT(cl->certs, cert);
314 authority_cert_free(cert);
315 trusted_dir_servers_certs_changed = 1;
316 }
317 } SMARTLIST_FOREACH_END(cert);
318 }
319 } DIGESTMAP_FOREACH_END;
320 #undef OLD_CERT_LIFETIME
321
322 trusted_dirs_flush_certs_to_disk();
323 }
324
325 /** Return the newest v3 authority certificate whose v3 authority identity key
326 * has digest <b>id_digest</b>. Return NULL if no such authority is known,
327 * or it has no certificate. */
328 authority_cert_t *
329 authority_cert_get_newest_by_id(const char *id_digest)
330 {
331 cert_list_t *cl;
332 authority_cert_t *best = NULL;
333 if (!trusted_dir_certs ||
334 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
335 return NULL;
336
337 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
338 {
339 if (!best || cert->cache_info.published_on > best->cache_info.published_on)
340 best = cert;
341 });
342 return best;
343 }
344
345 /** Return the newest v3 authority certificate whose directory signing key has
346 * digest <b>sk_digest</b>. Return NULL if no such certificate is known.
347 */
348 authority_cert_t *
349 authority_cert_get_by_sk_digest(const char *sk_digest)
350 {
351 authority_cert_t *c;
352 if (!trusted_dir_certs)
353 return NULL;
354
355 if ((c = get_my_v3_authority_cert()) &&
356 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
357 return c;
358 if ((c = get_my_v3_legacy_cert()) &&
359 !memcmp(c->signing_key_digest, sk_digest, DIGEST_LEN))
360 return c;
361
362 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
363 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
364 {
365 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
366 return cert;
367 });
368 } DIGESTMAP_FOREACH_END;
369 return NULL;
370 }
371
372 /** Return the v3 authority certificate with signing key matching
373 * <b>sk_digest</b>, for the authority with identity digest <b>id_digest</b>.
374 * Return NULL if no such authority is known. */
375 authority_cert_t *
376 authority_cert_get_by_digests(const char *id_digest,
377 const char *sk_digest)
378 {
379 cert_list_t *cl;
380 if (!trusted_dir_certs ||
381 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
382 return NULL;
383 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
384 if (!memcmp(cert->signing_key_digest, sk_digest, DIGEST_LEN))
385 return cert; );
386
387 return NULL;
388 }
389
390 /** Add every known authority_cert_t to <b>certs_out</b>. */
391 void
392 authority_cert_get_all(smartlist_t *certs_out)
393 {
394 tor_assert(certs_out);
395 if (!trusted_dir_certs)
396 return;
397
398 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
399 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
400 smartlist_add(certs_out, c));
401 } DIGESTMAP_FOREACH_END;
402 }
403
404 /** Called when an attempt to download a certificate with the authority with
405 * ID <b>id_digest</b> fails with HTTP response code <b>status</b>: remember
406 * the failure, so we don't try again immediately. */
407 void
408 authority_cert_dl_failed(const char *id_digest, int status)
409 {
410 cert_list_t *cl;
411 if (!trusted_dir_certs ||
412 !(cl = digestmap_get(trusted_dir_certs, id_digest)))
413 return;
414
415 download_status_failed(&cl->dl_status, status);
416 }
417
418 /** How many times will we try to fetch a certificate before giving up? */
419 #define MAX_CERT_DL_FAILURES 8
420
421 /** Try to download any v3 authority certificates that we may be missing. If
422 * <b>status</b> is provided, try to get all the ones that were used to sign
423 * <b>status</b>. Additionally, try to have a non-expired certificate for
424 * every V3 authority in trusted_dir_servers. Don't fetch certificates we
425 * already have.
426 **/
427 void
428 authority_certs_fetch_missing(networkstatus_t *status, time_t now)
429 {
430 digestmap_t *pending;
431 authority_cert_t *cert;
432 smartlist_t *missing_digests;
433 char *resource = NULL;
434 cert_list_t *cl;
435 const int cache = directory_caches_dir_info(get_options());
436
437 if (should_delay_dir_fetches(get_options()))
438 return;
439
440 pending = digestmap_new();
441 missing_digests = smartlist_create();
442
443 list_pending_downloads(pending, DIR_PURPOSE_FETCH_CERTIFICATE, "fp/");
444 if (status) {
445 SMARTLIST_FOREACH(status->voters, networkstatus_voter_info_t *, voter,
446 {
447 if (tor_digest_is_zero(voter->signing_key_digest))
448 continue; /* This authority never signed this consensus, so don't
449 * go looking for a cert with key digest 0000000000. */
450 if (!cache &&
451 !trusteddirserver_get_by_v3_auth_digest(voter->identity_digest))
452 continue; /* We are not a cache, and we don't know this authority.*/
453 cl = get_cert_list(voter->identity_digest);
454 cert = authority_cert_get_by_digests(voter->identity_digest,
455 voter->signing_key_digest);
456 if (cert) {
457 if (now < cert->expires)
458 download_status_reset(&cl->dl_status);
459 continue;
460 }
461 if (download_status_is_ready(&cl->dl_status, now,
462 MAX_CERT_DL_FAILURES) &&
463 !digestmap_get(pending, voter->identity_digest)) {
464 log_notice(LD_DIR, "We're missing a certificate from authority "
465 "with signing key %s: launching request.",
466 hex_str(voter->signing_key_digest, DIGEST_LEN));
467 smartlist_add(missing_digests, voter->identity_digest);
468 }
469 });
470 }
471 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
472 {
473 int found = 0;
474 if (!(ds->type & V3_AUTHORITY))
475 continue;
476 if (smartlist_digest_isin(missing_digests, ds->v3_identity_digest))
477 continue;
478 cl = get_cert_list(ds->v3_identity_digest);
479 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
480 {
481 if (!ftime_definitely_after(now, cert->expires)) {
482 /* It's not expired, and we weren't looking for something to
483 * verify a consensus with. Call it done. */
484 download_status_reset(&cl->dl_status);
485 found = 1;
486 break;
487 }
488 });
489 if (!found &&
490 download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
491 !digestmap_get(pending, ds->v3_identity_digest)) {
492 log_notice(LD_DIR, "No current certificate known for authority %s; "
493 "launching request.", ds->nickname);
494 smartlist_add(missing_digests, ds->v3_identity_digest);
495 }
496 });
497
498 if (!smartlist_len(missing_digests)) {
499 goto done;
500 } else {
501 smartlist_t *fps = smartlist_create();
502 smartlist_add(fps, tor_strdup("fp/"));
503 SMARTLIST_FOREACH(missing_digests, const char *, d, {
504 char *fp;
505 if (digestmap_get(pending, d))
506 continue;
507 fp = tor_malloc(HEX_DIGEST_LEN+2);
508 base16_encode(fp, HEX_DIGEST_LEN+1, d, DIGEST_LEN);
509 fp[HEX_DIGEST_LEN] = '+';
510 fp[HEX_DIGEST_LEN+1] = '\0';
511 smartlist_add(fps, fp);
512 });
513 if (smartlist_len(fps) == 1) {
514 /* we didn't add any: they were all pending */
515 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
516 smartlist_free(fps);
517 goto done;
518 }
519 resource = smartlist_join_strings(fps, "", 0, NULL);
520 resource[strlen(resource)-1] = '\0';
521 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
522 smartlist_free(fps);
523 }
524 directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
525 resource, PDS_RETRY_IF_NO_SERVERS);
526
527 done:
528 tor_free(resource);
529 smartlist_free(missing_digests);
530 digestmap_free(pending, NULL);
531 }
532
533 /* Router descriptor storage.
534 *
535 * Routerdescs are stored in a big file, named "cached-descriptors". As new
536 * routerdescs arrive, we append them to a journal file named
537 * "cached-descriptors.new".
538 *
539 * From time to time, we replace "cached-descriptors" with a new file
540 * containing only the live, non-superseded descriptors, and clear
541 * cached-routers.new.
542 *
543 * On startup, we read both files.
544 */
545
546 /** Helper: return 1 iff the router log is so big we want to rebuild the
547 * store. */
548 static int
549 router_should_rebuild_store(desc_store_t *store)
550 {
551 if (store->store_len > (1<<16))
552 return (store->journal_len > store->store_len / 2 ||
553 store->bytes_dropped > store->store_len / 2);
554 else
555 return store->journal_len > (1<<15);
556 }
557
558 /** Return the desc_store_t in <b>rl</b> that should be used to store
559 * <b>sd</b>. */
560 static INLINE desc_store_t *
561 desc_get_store(routerlist_t *rl, signed_descriptor_t *sd)
562 {
563 if (sd->is_extrainfo)
564 return &rl->extrainfo_store;
565 else
566 return &rl->desc_store;
567 }
568
569 /** Add the signed_descriptor_t in <b>desc</b> to the router
570 * journal; change its saved_location to SAVED_IN_JOURNAL and set its
571 * offset appropriately. */
572 static int
573 signed_desc_append_to_journal(signed_descriptor_t *desc,
574 desc_store_t *store)
575 {
576 char *fname = get_datadir_fname_suffix(store->fname_base, ".new");
577 const char *body = signed_descriptor_get_body_impl(desc,1);
578 size_t len = desc->signed_descriptor_len + desc->annotations_len;
579
580 if (append_bytes_to_file(fname, body, len, 1)) {
581 log_warn(LD_FS, "Unable to store router descriptor");
582 tor_free(fname);
583 return -1;
584 }
585 desc->saved_location = SAVED_IN_JOURNAL;
586 tor_free(fname);
587
588 desc->saved_offset = store->journal_len;
589 store->journal_len += len;
590
591 return 0;
592 }
593
594 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
595 * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
596 * the signed_descriptor_t* in *<b>b</b>. */
597 static int
598 _compare_signed_descriptors_by_age(const void **_a, const void **_b)
599 {
600 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
601 return (int)(r1->published_on - r2->published_on);
602 }
603
604 #define RRS_FORCE 1
605 #define RRS_DONT_REMOVE_OLD 2
606
607 /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
608 * <b>flags</b>, then atomically replace the saved router store with the
609 * routers currently in our routerlist, and clear the journal. Unless
610 * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
611 * rebuilding the store. Return 0 on success, -1 on failure.
612 */
613 static int
614 router_rebuild_store(int flags, desc_store_t *store)
615 {
616 smartlist_t *chunk_list = NULL;
617 char *fname = NULL, *fname_tmp = NULL;
618 int r = -1;
619 off_t offset = 0;
620 smartlist_t *signed_descriptors = NULL;
621 int nocache=0;
622 size_t total_expected_len = 0;
623 int had_any;
624 int force = flags & RRS_FORCE;
625
626 if (!force && !router_should_rebuild_store(store)) {
627 r = 0;
628 goto done;
629 }
630 if (!routerlist) {
631 r = 0;
632 goto done;
633 }
634
635 if (store->type == EXTRAINFO_STORE)
636 had_any = !eimap_isempty(routerlist->extra_info_map);
637 else
638 had_any = (smartlist_len(routerlist->routers)+
639 smartlist_len(routerlist->old_routers))>0;
640
641 /* Don't save deadweight. */
642 if (!(flags & RRS_DONT_REMOVE_OLD))
643 routerlist_remove_old_routers();
644
645 log_info(LD_DIR, "Rebuilding %s cache", store->description);
646
647 fname = get_datadir_fname(store->fname_base);
648 fname_tmp = get_datadir_fname_suffix(store->fname_base, ".tmp");
649
650 chunk_list = smartlist_create();
651
652 /* We sort the routers by age to enhance locality on disk. */
653 signed_descriptors = smartlist_create();
654 if (store->type == EXTRAINFO_STORE) {
655 eimap_iter_t *iter;
656 for (iter = eimap_iter_init(routerlist->extra_info_map);
657 !eimap_iter_done(iter);
658 iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
659 const char *key;
660 extrainfo_t *ei;
661 eimap_iter_get(iter, &key, &ei);
662 smartlist_add(signed_descriptors, &ei->cache_info);
663 }
664 } else {
665 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
666 smartlist_add(signed_descriptors, sd));
667 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
668 smartlist_add(signed_descriptors, &ri->cache_info));
669 }
670
671 smartlist_sort(signed_descriptors, _compare_signed_descriptors_by_age);
672
673 /* Now, add the appropriate members to chunk_list */
674 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
675 {
676 sized_chunk_t *c;
677 const char *body = signed_descriptor_get_body_impl(sd, 1);
678 if (!body) {
679 log_warn(LD_BUG, "No descriptor available for router.");
680 goto done;
681 }
682 if (sd->do_not_cache) {
683 ++nocache;
684 continue;
685 }
686 c = tor_malloc(sizeof(sized_chunk_t));
687 c->bytes = body;
688 c->len = sd->signed_descriptor_len + sd->annotations_len;
689 total_expected_len += c->len;
690 smartlist_add(chunk_list, c);
691 });
692
693 if (write_chunks_to_file(fname_tmp, chunk_list, 1)<0) {
694 log_warn(LD_FS, "Error writing router store to disk.");
695 goto done;
696 }
697
698 /* Our mmap is now invalid. */
699 if (store->mmap) {
700 tor_munmap_file(store->mmap);
701 store->mmap = NULL;
702 }
703
704 if (replace_file(fname_tmp, fname)<0) {
705 log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
706 goto done;
707 }
708
709 errno = 0;
710 store->mmap = tor_mmap_file(fname);
711 if (! store->mmap) {
712 if (errno == ERANGE) {
713 /* empty store.*/
714 if (total_expected_len) {
715 log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
716 " but when we went to mmap it, it was empty!", fname);
717 } else if (had_any) {
718 log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
719 "okay if we're just starting up after a long time. "
720 "Otherwise, it's a bug.", fname);
721 }
722 } else {
723 log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
724 }
725 }
726
727 log_info(LD_DIR, "Reconstructing pointers into cache");
728
729 offset = 0;
730 SMARTLIST_FOREACH(signed_descriptors, signed_descriptor_t *, sd,
731 {
732 if (sd->do_not_cache)
733 continue;
734 sd->saved_location = SAVED_IN_CACHE;
735 if (store->mmap) {
736 tor_free(sd->signed_descriptor_body); // sets it to null
737 sd->saved_offset = offset;
738 }
739 offset += sd->signed_descriptor_len + sd->annotations_len;
740 signed_descriptor_get_body(sd); /* reconstruct and assert */
741 });
742
743 tor_free(fname);
744 fname = get_datadir_fname_suffix(store->fname_base, ".new");
745 write_str_to_file(fname, "", 1);
746
747 r = 0;
748 store->store_len = (size_t) offset;
749 store->journal_len = 0;
750 store->bytes_dropped = 0;
751 done:
752 if (signed_descriptors)
753 smartlist_free(signed_descriptors);
754 tor_free(fname);
755 tor_free(fname_tmp);
756 if (chunk_list) {
757 SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
758 smartlist_free(chunk_list);
759 }
760
761 return r;
762 }
763
764 /** Helper: Reload a cache file and its associated journal, setting metadata
765 * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
766 * else reload the router descriptor store. */
767 static int
768 router_reload_router_list_impl(desc_store_t *store)
769 {
770 char *fname = NULL, *altname = NULL, *contents = NULL;
771 struct stat st;
772 int read_from_old_location = 0;
773 int extrainfo = (store->type == EXTRAINFO_STORE);
774 time_t now = time(NULL);
775 store->journal_len = store->store_len = 0;
776
777 fname = get_datadir_fname(store->fname_base);
778 if (store->fname_alt_base)
779 altname = get_datadir_fname(store->fname_alt_base);
780
781 if (store->mmap) /* get rid of it first */
782 tor_munmap_file(store->mmap);
783 store->mmap = NULL;
784
785 store->mmap = tor_mmap_file(fname);
786 if (!store->mmap && altname && file_status(altname) == FN_FILE) {
787 read_from_old_location = 1;
788 log_notice(LD_DIR, "Couldn't read %s; trying to load routers from old "
789 "location %s.", fname, altname);
790 if ((store->mmap = tor_mmap_file(altname)))
791 read_from_old_location = 1;
792 }
793 if (altname && !read_from_old_location) {
794 remove_file_if_very_old(altname, now);
795 }
796 if (store->mmap) {
797 store->store_len = store->mmap->size;
798 if (extrainfo)
799 router_load_extrainfo_from_string(store->mmap->data,
800 store->mmap->data+store->mmap->size,
801 SAVED_IN_CACHE, NULL, 0);
802 else
803 router_load_routers_from_string(store->mmap->data,
804 store->mmap->data+store->mmap->size,
805 SAVED_IN_CACHE, NULL, 0, NULL);
806 }
807
808 tor_free(fname);
809 fname = get_datadir_fname_suffix(store->fname_base, ".new");
810 if (file_status(fname) == FN_FILE)
811 contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
812 if (read_from_old_location) {
813 tor_free(altname);
814 altname = get_datadir_fname_suffix(store->fname_alt_base, ".new");
815 if (!contents)
816 contents = read_file_to_str(altname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
817 else
818 remove_file_if_very_old(altname, now);
819 }
820 if (contents) {
821 if (extrainfo)
822 router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
823 NULL, 0);
824 else
825 router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
826 NULL, 0, NULL);
827 store->journal_len = (size_t) st.st_size;
828 tor_free(contents);
829 }
830
831 tor_free(fname);
832 tor_free(altname);
833
834 if (store->journal_len || read_from_old_location) {
835 /* Always clear the journal on startup.*/
836 router_rebuild_store(RRS_FORCE, store);
837 } else if (!extrainfo) {
838 /* Don't cache expired routers. (This is in an else because
839 * router_rebuild_store() also calls remove_old_routers().) */
840 routerlist_remove_old_routers();
841 }
842
843 return 0;
844 }
845
846 /** Load all cached router descriptors and extra-info documents from the
847 * store. Return 0 on success and -1 on failure.
848 */
849 int
850 router_reload_router_list(void)
851 {
852 routerlist_t *rl = router_get_routerlist();
853 if (router_reload_router_list_impl(&rl->desc_store))
854 return -1;
855 if (router_reload_router_list_impl(&rl->extrainfo_store))
856 return -1;
857 return 0;
858 }
859
860 /** Return a smartlist containing a list of trusted_dir_server_t * for all
861 * known trusted dirservers. Callers must not modify the list or its
862 * contents.
863 */
864 smartlist_t *
865 router_get_trusted_dir_servers(void)
866 {
867 if (!trusted_dir_servers)
868 trusted_dir_servers = smartlist_create();
869
870 return trusted_dir_servers;
871 }
872
873 /** Try to find a running dirserver that supports operations of <b>type</b>.
874 *
875 * If there are no running dirservers in our routerlist and the
876 * <b>PDS_RETRY_IF_NO_SERVERS</b> flag is set, set all the authoritative ones
877 * as running again, and pick one.
878 *
879 * If the <b>PDS_IGNORE_FASCISTFIREWALL</b> flag is set, then include
880 * dirservers that we can't reach.
881 *
882 * If the <b>PDS_ALLOW_SELF</b> flag is not set, then don't include ourself
883 * (if we're a dirserver).
884 *
885 * Don't pick an authority if any non-authority is viable; try to avoid using
886 * servers that have returned 503 recently.
887 */
888 routerstatus_t *
889 router_pick_directory_server(authority_type_t type, int flags)
890 {
891 routerstatus_t *choice;
892 if (get_options()->PreferTunneledDirConns)
893 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
894
895 if (!routerlist)
896 return NULL;
897
898 choice = router_pick_directory_server_impl(type, flags);
899 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
900 return choice;
901
902 log_info(LD_DIR,
903 "No reachable router entries for dirservers. "
904 "Trying them all again.");
905 /* mark all authdirservers as up again */
906 mark_all_trusteddirservers_up();
907 /* try again */
908 choice = router_pick_directory_server_impl(type, flags);
909 return choice;
910 }
911
912 /** Try to determine which fraction of v2 and v3 directory requests aimed at
913 * caches will be sent to us. Set *<b>v2_share_out</b> and
914 * *<b>v3_share_out</b> to the fractions of v2 and v3 protocol shares we
915 * expect to see, respectively. Return 0 on success, negative on failure. */
916 int
917 router_get_my_share_of_directory_requests(double *v2_share_out,
918 double *v3_share_out)
919 {
920 routerinfo_t *me = router_get_my_routerinfo();
921 routerstatus_t *rs;
922 const int pds_flags = PDS_ALLOW_SELF|PDS_IGNORE_FASCISTFIREWALL;
923 *v2_share_out = *v3_share_out = 0.0;
924 if (!me)
925 return -1;
926 rs = router_get_consensus_status_by_id(me->cache_info.identity_digest);
927 if (!rs)
928 return -1;
929
930 /* Calling for side effect */
931 /* XXXX This is a bit of a kludge */
932 if (rs->is_v2_dir) {
933 sl_last_total_weighted_bw = 0;
934 router_pick_directory_server(V2_AUTHORITY, pds_flags);
935 if (sl_last_total_weighted_bw != 0) {
936 *v2_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
937 U64_TO_DBL(sl_last_total_weighted_bw);
938 }
939 }
940
941 if (rs->version_supports_v3_dir) {
942 sl_last_total_weighted_bw = 0;
943 router_pick_directory_server(V3_AUTHORITY, pds_flags);
944 if (sl_last_total_weighted_bw != 0) {
945 *v3_share_out = U64_TO_DBL(sl_last_weighted_bw_of_me) /
946 U64_TO_DBL(sl_last_total_weighted_bw);
947 }
948 }
949
950 return 0;
951 }
952
953 /** Return the trusted_dir_server_t for the directory authority whose identity
954 * key hashes to <b>digest</b>, or NULL if no such authority is known.
955 */
956 trusted_dir_server_t *
957 router_get_trusteddirserver_by_digest(const char *digest)
958 {
959 if (!trusted_dir_servers)
960 return NULL;
961
962 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
963 {
964 if (!memcmp(ds->digest, digest, DIGEST_LEN))
965 return ds;
966 });
967
968 return NULL;
969 }
970
971 /** Return the trusted_dir_server_t for the directory authority whose identity
972 * key hashes to <b>digest</b>, or NULL if no such authority is known.
973 */
974 trusted_dir_server_t *
975 trusteddirserver_get_by_v3_auth_digest(const char *digest)
976 {
977 if (!trusted_dir_servers)
978 return NULL;
979
980 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
981 {
982 if (!memcmp(ds->v3_identity_digest, digest, DIGEST_LEN) &&
983 (ds->type & V3_AUTHORITY))
984 return ds;
985 });
986
987 return NULL;
988 }
989
990 /** Try to find a running trusted dirserver. Flags are as for
991 * router_pick_directory_server.
992 */
993 routerstatus_t *
994 router_pick_trusteddirserver(authority_type_t type, int flags)
995 {
996 routerstatus_t *choice;
997 int busy = 0;
998 if (get_options()->PreferTunneledDirConns)
999 flags |= _PDS_PREFER_TUNNELED_DIR_CONNS;
1000
1001 choice = router_pick_trusteddirserver_impl(type, flags, &busy);
1002 if (choice || !(flags & PDS_RETRY_IF_NO_SERVERS))
1003 return choice;
1004 if (busy) {
1005 /* If the reason that we got no server is that servers are "busy",
1006 * we must be excluding good servers because we already have serverdesc
1007 * fetches with them. Do not mark down servers up because of this. */
1008 tor_assert((flags & PDS_NO_EXISTING_SERVERDESC_FETCH));
1009 return NULL;
1010 }
1011
1012 log_info(LD_DIR,
1013 "No trusted dirservers are reachable. Trying them all again.");
1014 mark_all_trusteddirservers_up();
1015 return router_pick_trusteddirserver_impl(type, flags, NULL);
1016 }
1017
1018 /** How long do we avoid using a directory server after it's given us a 503? */
1019 #define DIR_503_TIMEOUT (60*60)
1020
1021 /** Pick a random running valid directory server/mirror from our
1022 * routerlist. Arguments are as for router_pick_directory_server(), except
1023 * that RETRY_IF_NO_SERVERS is ignored, and:
1024 *
1025 * If the _PDS_PREFER_TUNNELED_DIR_CONNS flag is set, prefer directory servers
1026 * that we can use with BEGINDIR.
1027 */
1028 static routerstatus_t *
1029 router_pick_directory_server_impl(authority_type_t type, int flags)
1030 {
1031 routerstatus_t *result;
1032 smartlist_t *direct, *tunnel;
1033 smartlist_t *trusted_direct, *trusted_tunnel;
1034 smartlist_t *overloaded_direct, *overloaded_tunnel;
1035 time_t now = time(NULL);
1036 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1037 int requireother = ! (flags & PDS_ALLOW_SELF);
1038 int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1039 int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1040
1041 if (!consensus)
1042 return NULL;
1043
1044 direct = smartlist_create();
1045 tunnel = smartlist_create();
1046 trusted_direct = smartlist_create();
1047 trusted_tunnel = smartlist_create();
1048 overloaded_direct = smartlist_create();
1049 overloaded_tunnel = smartlist_create();
1050
1051 /* Find all the running dirservers we know about. */
1052 SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, routerstatus_t *,
1053 status) {
1054 int is_trusted;
1055 int is_overloaded = status->last_dir_503_at + DIR_503_TIMEOUT > now;
1056 tor_addr_t addr;
1057 if (!status->is_running || !status->dir_port || !status->is_valid)
1058 continue;
1059 if (status->is_bad_directory)
1060 continue;
1061 if (requireother && router_digest_is_me(status->identity_digest))
1062 continue;
1063 if (type & V3_AUTHORITY) {
1064 if (!(status->version_supports_v3_dir ||
1065 router_digest_is_trusted_dir_type(status->identity_digest,
1066 V3_AUTHORITY)))
1067 continue;
1068 }
1069 is_trusted = router_digest_is_trusted_dir(status->identity_digest);
1070 if ((type & V2_AUTHORITY) && !(status->is_v2_dir || is_trusted))
1071 continue;
1072 if ((type & EXTRAINFO_CACHE) &&
1073 !router_supports_extrainfo(status->identity_digest, 0))
1074 continue;
1075
1076 /* XXXX IP6 proposal 118 */
1077 tor_addr_from_ipv4h(&addr, status->addr);
1078
1079 if (prefer_tunnel &&
1080 status->version_supports_begindir &&
1081 (!fascistfirewall ||
1082 fascist_firewall_allows_address_or(&addr, status->or_port)))
1083 smartlist_add(is_trusted ? trusted_tunnel :
1084 is_overloaded ? overloaded_tunnel : tunnel, status);
1085 else if (!fascistfirewall ||
1086 fascist_firewall_allows_address_dir(&addr, status->dir_port))
1087 smartlist_add(is_trusted ? trusted_direct :
1088 is_overloaded ? overloaded_direct : direct, status);
1089 } SMARTLIST_FOREACH_END(status);
1090
1091 if (smartlist_len(tunnel)) {
1092 result = routerstatus_sl_choose_by_bandwidth(tunnel);
1093 } else if (smartlist_len(overloaded_tunnel)) {
1094 result = routerstatus_sl_choose_by_bandwidth(overloaded_tunnel);
1095 } else if (smartlist_len(trusted_tunnel)) {
1096 /* FFFF We don't distinguish between trusteds and overloaded trusteds
1097 * yet. Maybe one day we should. */
1098 /* FFFF We also don't load balance over authorities yet. I think this
1099 * is a feature, but it could easily be a bug. -RD */
1100 result = smartlist_choose(trusted_tunnel);
1101 } else if (smartlist_len(direct)) {
1102 result = routerstatus_sl_choose_by_bandwidth(direct);
1103 } else if (smartlist_len(overloaded_direct)) {
1104 result = routerstatus_sl_choose_by_bandwidth(overloaded_direct);
1105 } else {
1106 result = smartlist_choose(trusted_direct);
1107 }
1108 smartlist_free(direct);
1109 smartlist_free(tunnel);
1110 smartlist_free(trusted_direct);
1111 smartlist_free(trusted_tunnel);
1112 smartlist_free(overloaded_direct);
1113 smartlist_free(overloaded_tunnel);
1114 return result;
1115 }
1116
1117 /** Choose randomly from among the trusted dirservers that are up. Flags
1118 * are as for router_pick_directory_server_impl().
1119 */
1120 static routerstatus_t *
1121 router_pick_trusteddirserver_impl(authority_type_t type, int flags,
1122 int *n_busy_out)
1123 {
1124 smartlist_t *direct, *tunnel;
1125 smartlist_t *overloaded_direct, *overloaded_tunnel;
1126 routerinfo_t *me = router_get_my_routerinfo();
1127 routerstatus_t *result;
1128 time_t now = time(NULL);
1129 const int requireother = ! (flags & PDS_ALLOW_SELF);
1130 const int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
1131 const int prefer_tunnel = (flags & _PDS_PREFER_TUNNELED_DIR_CONNS);
1132 const int no_serverdesc_fetching =(flags & PDS_NO_EXISTING_SERVERDESC_FETCH);
1133 int n_busy = 0;
1134
1135 if (!trusted_dir_servers)
1136 return NULL;
1137
1138 direct = smartlist_create();
1139 tunnel = smartlist_create();
1140 overloaded_direct = smartlist_create();
1141 overloaded_tunnel = smartlist_create();
1142
1143 SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, d)
1144 {
1145 int is_overloaded =
1146 d->fake_status.last_dir_503_at + DIR_503_TIMEOUT > now;
1147 tor_addr_t addr;
1148 if (!d->is_running) continue;
1149 if ((type & d->type) == 0)
1150 continue;
1151 if ((type & EXTRAINFO_CACHE) &&
1152 !router_supports_extrainfo(d->digest, 1))
1153 continue;
1154 if (requireother && me && router_digest_is_me(d->digest))
1155 continue;
1156
1157 /* XXXX IP6 proposal 118 */
1158 tor_addr_from_ipv4h(&addr, d->addr);
1159
1160 if (no_serverdesc_fetching) {
1161 if (connection_get_by_type_addr_port_purpose(
1162 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_SERVERDESC)
1163 || connection_get_by_type_addr_port_purpose(
1164 CONN_TYPE_DIR, &addr, d->dir_port, DIR_PURPOSE_FETCH_EXTRAINFO)) {
1165 //log_debug(LD_DIR, "We have an existing connection to fetch "
1166 // "descriptor from %s; delaying",d->description);
1167 ++n_busy;
1168 continue;
1169 }
1170 }
1171
1172 if (prefer_tunnel &&
1173 d->or_port &&
1174 (!fascistfirewall ||
1175 fascist_firewall_allows_address_or(&addr, d->or_port)))
1176 smartlist_add(is_overloaded ? overloaded_tunnel : tunnel,
1177 &d->fake_status);
1178 else if (!fascistfirewall ||
1179 fascist_firewall_allows_address_dir(&addr, d->dir_port))
1180 smartlist_add(is_overloaded ? overloaded_direct : direct,
1181 &d->fake_status);
1182 }
1183 SMARTLIST_FOREACH_END(d);
1184
1185 if (smartlist_len(tunnel)) {
1186 result = smartlist_choose(tunnel);
1187 } else if (smartlist_len(overloaded_tunnel)) {
1188 result = smartlist_choose(overloaded_tunnel);
1189 } else if (smartlist_len(direct)) {
1190 result = smartlist_choose(direct);
1191 } else {
1192 result = smartlist_choose(overloaded_direct);
1193 }
1194
1195 if (n_busy_out)
1196 *n_busy_out = n_busy;
1197
1198 smartlist_free(direct);
1199 smartlist_free(tunnel);
1200 smartlist_free(overloaded_direct);
1201 smartlist_free(overloaded_tunnel);
1202 return result;
1203 }
1204
1205 /** Go through and mark the authoritative dirservers as up. */
1206 static void
1207 mark_all_trusteddirservers_up(void)
1208 {
1209 if (routerlist) {
1210 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1211 if (router_digest_is_trusted_dir(router->cache_info.identity_digest) &&
1212 router->dir_port > 0) {
1213 router->is_running = 1;
1214 });
1215 }
1216 if (trusted_dir_servers) {
1217 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, dir,
1218 {
1219 routerstatus_t *rs;
1220 dir->is_running = 1;
1221 download_status_reset(&dir->v2_ns_dl_status);
1222 rs = router_get_consensus_status_by_id(dir->digest);
1223 if (rs && !rs->is_running) {
1224 rs->is_running = 1;
1225 rs->last_dir_503_at = 0;
1226 control_event_networkstatus_changed_single(rs);
1227 }
1228 });
1229 }
1230 router_dir_info_changed();
1231 }
1232
1233 /** Reset all internal variables used to count failed downloads of network
1234 * status objects. */
1235 void
1236 router_reset_status_download_failures(void)
1237 {
1238 mark_all_trusteddirservers_up();
1239 }
1240
1241 /** Return true iff router1 and router2 have the same /16 network. */
1242 static INLINE int
1243 routers_in_same_network_family(routerinfo_t *r1, routerinfo_t *r2)
1244 {
1245 return (r1->addr & 0xffff0000) == (r2->addr & 0xffff0000);
1246 }
1247
1248 /** Look through the routerlist and identify routers that
1249 * advertise the same /16 network address as <b>router</b>.
1250 * Add each of them to <b>sl</b>.
1251 */
1252 static void
1253 routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router)
1254 {
1255 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
1256 {
1257 if (router != r && routers_in_same_network_family(router, r))
1258 smartlist_add(sl, r);
1259 });
1260 }
1261
1262 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
1263 * This is used to make sure we don't pick siblings in a single path,
1264 * or pick more than one relay from a family for our entry guard list.
1265 */
1266 void
1267 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
1268 {
1269 routerinfo_t *r;
1270 config_line_t *cl;
1271 or_options_t *options = get_options();
1272
1273 /* First, add any routers with similar network addresses. */
1274 if (options->EnforceDistinctSubnets)
1275 routerlist_add_network_family(sl, router);
1276
1277 if (router->declared_family) {
1278 /* Add every r such that router declares familyness with r, and r
1279 * declares familyhood with router. */
1280 SMARTLIST_FOREACH(router->declared_family, const char *, n,
1281 {
1282 if (!(r = router_get_by_nickname(n, 0)))
1283 continue;
1284 if (!r->declared_family)
1285 continue;
1286 SMARTLIST_FOREACH(r->declared_family, const char *, n2,
1287 {
1288 if (router_nickname_matches(router, n2))
1289 smartlist_add(sl, r);
1290 });
1291 });
1292 }
1293
1294 /* If the user declared any families locally, honor those too. */
1295 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1296 if (router_nickname_is_in_list(router, cl->value)) {
1297 add_nickname_list_to_smartlist(sl, cl->value, 0);
1298 }
1299 }
1300 }
1301
1302 /** Return true iff r is named by some nickname in <b>lst</b>. */
1303 static INLINE int
1304 router_in_nickname_smartlist(smartlist_t *lst, routerinfo_t *r)
1305 {
1306 if (!lst) return 0;
1307 SMARTLIST_FOREACH(lst, const char *, name,
1308 if (router_nickname_matches(r, name))
1309 return 1;);
1310 return 0;
1311 }
1312
1313 /** Return true iff r1 and r2 are in the same family, but not the same
1314 * router. */
1315 int
1316 routers_in_same_family(routerinfo_t *r1, routerinfo_t *r2)
1317 {
1318 or_options_t *options = get_options();
1319 config_line_t *cl;
1320
1321 if (options->EnforceDistinctSubnets && routers_in_same_network_family(r1,r2))
1322 return 1;
1323
1324 if (router_in_nickname_smartlist(r1->declared_family, r2) &&
1325 router_in_nickname_smartlist(r2->declared_family, r1))
1326 return 1;
1327
1328 for (cl = options->NodeFamilies; cl; cl = cl->next) {
1329 if (router_nickname_is_in_list(r1, cl->value) &&
1330 router_nickname_is_in_list(r2, cl->value))
1331 return 1;
1332 }
1333 return 0;
1334 }
1335
1336 /** Given a (possibly NULL) comma-and-whitespace separated list of nicknames,
1337 * see which nicknames in <b>list</b> name routers in our routerlist, and add
1338 * the routerinfos for those routers to <b>sl</b>. If <b>must_be_running</b>,
1339 * only include routers that we think are running.
1340 * Warn if any non-Named routers are specified by nickname.
1341 */
1342 void
1343 add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
1344 int must_be_running)
1345 {
1346 routerinfo_t *router;
1347 smartlist_t *nickname_list;
1348 int have_dir_info = router_have_minimum_dir_info();
1349
1350 if (!list)
1351 return; /* nothing to do */
1352 tor_assert(sl);
1353
1354 nickname_list = smartlist_create();
1355 if (!warned_nicknames)
1356 warned_nicknames = smartlist_create();
1357
1358 smartlist_split_string(nickname_list, list, ",",
1359 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1360
1361 SMARTLIST_FOREACH(nickname_list, const char *, nick, {
1362 int warned;
1363 if (!is_legal_nickname_or_hexdigest(nick)) {
1364 log_warn(LD_CONFIG, "Nickname '%s' is misformed; skipping", nick);
1365 continue;
1366 }
1367 router = router_get_by_nickname(nick, 1);
1368 warned = smartlist_string_isin(warned_nicknames, nick);
1369 if (router) {
1370 if (!must_be_running || router->is_running) {
1371 smartlist_add(sl,router);
1372 }
1373 } else if (!router_get_consensus_status_by_nickname(nick,1)) {
1374 if (!warned) {
1375 log_fn(have_dir_info ? LOG_WARN : LOG_INFO, LD_CONFIG,
1376 "Nickname list includes '%s' which isn't a known router.",nick);
1377 smartlist_add(warned_nicknames, tor_strdup(nick));
1378 }
1379 }
1380 });
1381 SMARTLIST_FOREACH(nickname_list, char *, nick, tor_free(nick));
1382 smartlist_free(nickname_list);
1383 }
1384
1385 /** Return 1 iff any member of the (possibly NULL) comma-separated list
1386 * <b>list</b> is an acceptable nickname or hexdigest for <b>router</b>. Else
1387 * return 0.
1388 */
1389 int
1390 router_nickname_is_in_list(routerinfo_t *router, const char *list)
1391 {
1392 smartlist_t *nickname_list;
1393 int v = 0;
1394
1395 if (!list)
1396 return 0; /* definitely not */
1397 tor_assert(router);
1398
1399 nickname_list = smartlist_create();
1400 smartlist_split_string(nickname_list, list, ",",
1401 SPLIT_SKIP_SPACE|SPLIT_STRIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1402 SMARTLIST_FOREACH(nickname_list, const char *, cp,
1403 if (router_nickname_matches(router, cp)) {v=1;break;});
1404 SMARTLIST_FOREACH(nickname_list, char *, cp, tor_free(cp));
1405 smartlist_free(nickname_list);
1406 return v;
1407 }
1408
1409 /** Add every suitable router from our routerlist to <b>sl</b>, so that
1410 * we can pick a node for a circuit.
1411 */
1412 static void
1413 router_add_running_routers_to_smartlist(smartlist_t *sl, int allow_invalid,
1414 int need_uptime, int need_capacity,
1415 int need_guard)
1416 {
1417 if (!routerlist)
1418 return;
1419
1420 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1421 {
1422 if (router->is_running &&
1423 router->purpose == ROUTER_PURPOSE_GENERAL &&
1424 (router->is_valid || allow_invalid) &&
1425 !router_is_unreliable(router, need_uptime,
1426 need_capacity, need_guard)) {
1427 /* If it's running, and it's suitable according to the
1428 * other flags we had in mind */
1429 smartlist_add(sl, router);
1430 }
1431 });
1432 }
1433
1434 /** Look through the routerlist until we find a router that has my key.
1435 Return it. */
1436 routerinfo_t *
1437 routerlist_find_my_routerinfo(void)
1438 {
1439 if (!routerlist)
1440 return NULL;
1441
1442 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1443 {
1444 if (router_is_me(router))
1445 return router;
1446 });
1447 return NULL;
1448 }
1449
1450 /** Find a router that's up, that has this IP address, and
1451 * that allows exit to this address:port, or return NULL if there
1452 * isn't a good one.
1453 */
1454 routerinfo_t *
1455 router_find_exact_exit_enclave(const char *address, uint16_t port)
1456 {
1457 uint32_t addr;
1458 struct in_addr in;
1459 tor_addr_t a;
1460
1461 if (!tor_inet_aton(address, &in))
1462 return NULL; /* it's not an IP already */
1463 addr = ntohl(in.s_addr);
1464
1465 tor_addr_from_ipv4h(&a, addr);
1466
1467 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
1468 {
1469 if (router->addr == addr &&
1470 router->is_running &&
1471 compare_tor_addr_to_addr_policy(&a, port, router->exit_policy) ==
1472 ADDR_POLICY_ACCEPTED)
1473 return router;
1474 });
1475 return NULL;
1476 }
1477
1478 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
1479 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
1480 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
1481 * bandwidth.
1482 * If <b>need_guard</b>, we require that the router is a possible entry guard.
1483 */
1484 int
1485 router_is_unreliable(routerinfo_t *router, int need_uptime,
1486 int need_capacity, int need_guard)
1487 {
1488 if (need_uptime && !router->is_stable)
1489 return 1;
1490 if (need_capacity && !router->is_fast)
1491 return 1;
1492 if (need_guard && !router->is_possible_guard)
1493 return 1;
1494 return 0;
1495 }
1496
1497 /** Return the smaller of the router's configured BandwidthRate
1498 * and its advertised capacity. */
1499 uint32_t
1500 router_get_advertised_bandwidth(routerinfo_t *router)
1501 {
1502 if (router->bandwidthcapacity < router->bandwidthrate)
1503 return router->bandwidthcapacity;
1504 return router->bandwidthrate;
1505 }
1506
1507 /** Do not weight any declared bandwidth more than this much when picking
1508 * routers by bandwidth. */
1509 #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
1510
1511 /** Return the smaller of the router's configured BandwidthRate
1512 * and its advertised capacity, capped by max-believe-bw. */
1513 uint32_t
1514 router_get_advertised_bandwidth_capped(routerinfo_t *router)
1515 {
1516 uint32_t result = router->bandwidthcapacity;
1517 if (result > router->bandwidthrate)
1518 result = router->bandwidthrate;
1519 if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
1520 result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
1521 return result;
1522 }
1523
1524 /** Return bw*1000, unless bw*1000 would overflow, in which case return
1525 * INT32_MAX. */
1526 static INLINE int32_t
1527 kb_to_bytes(uint32_t bw)
1528 {
1529 return (bw > (INT32_MAX/1000)) ? INT32_MAX : bw*1000;
1530 }
1531
1532 /** Helper function:
1533 * choose a random element of smartlist <b>sl</b>, weighted by
1534 * the advertised bandwidth of each element.
1535 *
1536 * If <b>statuses</b> is zero, then <b>sl</b> is a list of
1537 * routerinfo_t's. Otherwise it's a list of routerstatus_t's.
1538 *
1539 * If <b>rule</b>==WEIGHT_FOR_EXIT. we're picking an exit node: consider all
1540 * nodes' bandwidth equally regardless of their Exit status, since there may
1541 * be some in the list because they exit to obscure ports. If
1542 * <b>rule</b>==NO_WEIGHTING, we're picking a non-exit node: weight
1543 * exit-node's bandwidth less depending on the smallness of the fraction of
1544 * Exit-to-total bandwidth. If <b>rule</b>==WEIGHT_FOR_GUARD, we're picking a
1545 * guard node: consider all guard's bandwidth equally. Otherwise, weight
1546 * guards proportionally less.
1547 */
1548 static void *
1549 smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
1550 int statuses)
1551 {
1552 unsigned int i;
1553 routerinfo_t *router;
1554 routerstatus_t *status=NULL;
1555 int32_t *bandwidths;
1556 int is_exit;
1557 int is_guard;
1558 uint64_t total_nonexit_bw = 0, total_exit_bw = 0, total_bw = 0;
1559 uint64_t total_nonguard_bw = 0, total_guard_bw = 0;
1560 uint64_t rand_bw, tmp;
1561 double exit_weight;
1562 double guard_weight;
1563 int n_unknown = 0;
1564 bitarray_t *exit_bits;
1565 bitarray_t *guard_bits;
1566 int me_idx = -1;
1567
1568 /* Can't choose exit and guard at same time */
1569 tor_assert(rule == NO_WEIGHTING ||
1570 rule == WEIGHT_FOR_EXIT ||
1571 rule == WEIGHT_FOR_GUARD);
1572
1573 /* First count the total bandwidth weight, and make a list
1574 * of each value. <0 means "unknown; no routerinfo." We use the
1575 * bits of negative values to remember whether the router was fast (-x)&1
1576 * and whether it was an exit (-x)&2 or guard (-x)&4. Yes, it's a hack. */
1577 bandwidths = tor_malloc(sizeof(int32_t)*smartlist_len(sl));
1578 exit_bits = bitarray_init_zero(smartlist_len(sl));
1579 guard_bits = bitarray_init_zero(smartlist_len(sl));
1580
1581 /* Iterate over all the routerinfo_t or routerstatus_t, and */
1582 for (i = 0; i < (unsigned)smartlist_len(sl); ++i) {
1583 /* first, learn what bandwidth we think i has */
1584 int is_known = 1;
1585 int32_t flags = 0;
1586 uint32_t this_bw = 0;
1587 if (statuses) {
1588 status = smartlist_get(sl, i);
1589 if (router_digest_is_me(status->identity_digest))
1590 me_idx = i;
1591 router = router_get_by_digest(status->identity_digest);
1592 is_exit = status->is_exit;
1593 is_guard = status->is_possible_guard;
1594 if (status->has_bandwidth) {
1595 this_bw = kb_to_bytes(status->bandwidth);
1596 } else { /* guess */
1597 /* XXX022 once consensuses always list bandwidths, we can take
1598 * this guessing business out. -RD */
1599 is_known = 0;
1600 flags = status->is_fast ? 1 : 0;
1601 flags |= is_exit ? 2 : 0;
1602 flags |= is_guard ? 4 : 0;
1603 }
1604 } else {
1605 routerstatus_t *rs;
1606 router = smartlist_get(sl, i);
1607 rs = router_get_consensus_status_by_id(
1608 router->cache_info.identity_digest);
1609 if (router_digest_is_me(router->cache_info.identity_digest))
1610 me_idx = i;
1611 is_exit = router->is_exit;
1612 is_guard = router->is_possible_guard;
1613 if (rs && rs->has_bandwidth) {
1614 this_bw = kb_to_bytes(rs->bandwidth);
1615 } else if (rs) { /* guess; don't trust the descriptor */
1616 /* XXX022 once consensuses always list bandwidths, we can take
1617 * this guessing business out. -RD */
1618 is_known = 0;
1619 flags = router->is_fast ? 1 : 0;
1620 flags |= is_exit ? 2 : 0;
1621 flags |= is_guard ? 4 : 0;
1622 } else /* bridge or other descriptor not in our consensus */
1623 this_bw = router_get_advertised_bandwidth_capped(router);
1624 }
1625 if (is_exit)
1626 bitarray_set(exit_bits, i);
1627 if (is_guard)
1628 bitarray_set(guard_bits, i);
1629 if (is_known) {
1630 bandwidths[i] = (int32_t) this_bw; // safe since MAX_BELIEVABLE<INT32_MAX
1631 tor_assert(bandwidths[i] >= 0);
1632 if (is_guard)
1633 total_guard_bw += this_bw;
1634 else
1635 total_nonguard_bw += this_bw;
1636 if (is_exit)
1637 total_exit_bw += this_bw;
1638 else
1639 total_nonexit_bw += this_bw;
1640 } else {
1641 ++n_unknown;
1642 bandwidths[i] = -flags;
1643 }
1644 }
1645
1646 /* Now, fill in the unknown values. */
1647 if (n_unknown) {
1648 int32_t avg_fast, avg_slow;
1649 if (total_exit_bw+total_nonexit_bw) {
1650 /* if there's some bandwidth, there's at least one known router,
1651 * so no worries about div by 0 here */
1652 int n_known = smartlist_len(sl)-n_unknown;
1653 avg_fast = avg_slow = (int32_t)
1654 ((total_exit_bw+total_nonexit_bw)/((uint64_t) n_known));
1655 } else {
1656 avg_fast = 40000;
1657 avg_slow = 20000;
1658 }
1659 for (i=0; i<(unsigned)smartlist_len(sl); ++i) {
1660 int32_t bw = bandwidths[i];
1661 if (bw>=0)
1662 continue;
1663 is_exit = ((-bw)&2);
1664 is_guard = ((-bw)&4);
1665 bandwidths[i] = ((-bw)&1) ? avg_fast : avg_slow;
1666 if (is_exit)
1667 total_exit_bw += bandwidths[i];
1668 else
1669 total_nonexit_bw += bandwidths[i];
1670 if (is_guard)
1671 total_guard_bw += bandwidths[i];
1672 else
1673 total_nonguard_bw += bandwidths[i];
1674 }
1675 }
1676
1677 /* If there's no bandwidth at all, pick at random. */
1678 if (!(total_exit_bw+total_nonexit_bw)) {
1679 tor_free(bandwidths);
1680 tor_free(exit_bits);
1681 tor_free(guard_bits);
1682 return smartlist_choose(sl);
1683 }
1684
1685 /* Figure out how to weight exits and guards */
1686 {
1687 double all_bw = U64_TO_DBL(total_exit_bw+total_nonexit_bw);
1688 double exit_bw = U64_TO_DBL(total_exit_bw);
1689 double guard_bw = U64_TO_DBL(total_guard_bw);
1690 /*
1691 * For detailed derivation of this formula, see
1692 * http://archives.seul.org/or/dev/Jul-2007/msg00056.html
1693 */
1694 if (rule == WEIGHT_FOR_EXIT)
1695 exit_weight = 1.0;
1696 else
1697 exit_weight = 1.0 - all_bw/(3.0*exit_bw);
1698
1699 if (rule == WEIGHT_FOR_GUARD)
1700 guard_weight = 1.0;
1701 else
1702 guard_weight = 1.0 - all_bw/(3.0*guard_bw);
1703
1704 if (exit_weight <= 0.0)
1705 exit_weight = 0.0;
1706
1707 if (guard_weight <= 0.0)
1708 guard_weight = 0.0;
1709
1710 total_bw = 0;
1711 sl_last_weighted_bw_of_me = 0;
1712 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1713 uint64_t bw;
1714 is_exit = bitarray_is_set(exit_bits, i);
1715 is_guard = bitarray_is_set(guard_bits, i);
1716 if (is_exit && is_guard)
1717 bw = ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1718 else if (is_guard)
1719 bw = ((uint64_t)(bandwidths[i] * guard_weight));
1720 else if (is_exit)
1721 bw = ((uint64_t)(bandwidths[i] * exit_weight));
1722 else
1723 bw = bandwidths[i];
1724 total_bw += bw;
1725 if (i == (unsigned) me_idx)
1726 sl_last_weighted_bw_of_me = bw;
1727 }
1728 }
1729
1730 /* XXXX022 this is a kludge to expose these values. */
1731 sl_last_total_weighted_bw = total_bw;
1732
1733 log_debug(LD_CIRC, "Total weighted bw = "U64_FORMAT
1734 ", exit bw = "U64_FORMAT
1735 ", nonexit bw = "U64_FORMAT", exit weight = %lf "
1736 "(for exit == %d)"
1737 ", guard bw = "U64_FORMAT
1738 ", nonguard bw = "U64_FORMAT", guard weight = %lf "
1739 "(for guard == %d)",
1740 U64_PRINTF_ARG(total_bw),
1741 U64_PRINTF_ARG(total_exit_bw), U64_PRINTF_ARG(total_nonexit_bw),
1742 exit_weight, (int)(rule == WEIGHT_FOR_EXIT),
1743 U64_PRINTF_ARG(total_guard_bw), U64_PRINTF_ARG(total_nonguard_bw),
1744 guard_weight, (int)(rule == WEIGHT_FOR_GUARD));
1745
1746 /* Almost done: choose a random value from the bandwidth weights. */
1747 rand_bw = crypto_rand_uint64(total_bw);
1748
1749 /* Last, count through sl until we get to the element we picked */
1750 tmp = 0;
1751 for (i=0; i < (unsigned)smartlist_len(sl); i++) {
1752 is_exit = bitarray_is_set(exit_bits, i);
1753 is_guard = bitarray_is_set(guard_bits, i);
1754
1755 /* Weights can be 0 if not counting guards/exits */
1756 if (is_exit && is_guard)
1757 tmp += ((uint64_t)(bandwidths[i] * exit_weight * guard_weight));
1758 else if (is_guard)
1759 tmp += ((uint64_t)(bandwidths[i] * guard_weight));
1760 else if (is_exit)
1761 tmp += ((uint64_t)(bandwidths[i] * exit_weight));
1762 else
1763 tmp += bandwidths[i];
1764
1765 if (tmp >= rand_bw)
1766 break;
1767 }
1768 if (i == (unsigned)smartlist_len(sl)) {
1769 /* This was once possible due to round-off error, but shouldn't be able
1770 * to occur any longer. */
1771 tor_fragile_assert();
1772 --i;
1773 log_warn(LD_BUG, "Round-off error in computing bandwidth had an effect on "
1774 " which router we chose. Please tell the developers. "
1775 U64_FORMAT " " U64_FORMAT " " U64_FORMAT, U64_PRINTF_ARG(tmp),
1776 U64_PRINTF_ARG(rand_bw), U64_PRINTF_ARG(total_bw));
1777 }
1778 tor_free(bandwidths);
1779 tor_free(exit_bits);
1780 tor_free(guard_bits);
1781 return smartlist_get(sl, i);
1782 }
1783
1784 /** Choose a random element of router list <b>sl</b>, weighted by
1785 * the advertised bandwidth of each router.
1786 */
1787 routerinfo_t *
1788 routerlist_sl_choose_by_bandwidth(smartlist_t *sl,
1789 bandwidth_weight_rule_t rule)
1790 {
1791 return smartlist_choose_by_bandwidth(sl, rule, 0);
1792 }
1793
1794 /** Choose a random element of status list <b>sl</b>, weighted by
1795 * the advertised bandwidth of each status.
1796 */
1797 routerstatus_t *
1798 routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
1799 {
1800 /* We are choosing neither exit nor guard here. Weight accordingly. */
1801 return smartlist_choose_by_bandwidth(sl, NO_WEIGHTING, 1);
1802 }
1803
1804 /** Return a random running router from the routerlist. If any node
1805 * named in <b>preferred</b> is available, pick one of those. Never
1806 * pick a node whose routerinfo is in
1807 * <b>excludedsmartlist</b>, or whose routerinfo matches <b>excludedset</b>,
1808 * even if they are the only nodes
1809 * available. If <b>CRN_STRICT_PREFERRED</b> is set in flags, never pick
1810 * any node besides those in <b>preferred</b>.
1811 * If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
1812 * a minimum uptime, return one of those.
1813 * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
1814 * advertised capacity of each router.
1815 * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
1816 * routers.
1817 * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
1818 * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
1819 * picking an exit node, otherwise we weight bandwidths for picking a relay
1820 * node (that is, possibly discounting exit nodes).
1821 */
1822 routerinfo_t *
1823 router_choose_random_node(const char *preferred,
1824 smartlist_t *excludedsmartlist,
1825 routerset_t *excludedset,
1826 router_crn_flags_t flags)
1827 {
1828 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1829 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1830 const int need_guard = (flags & CRN_NEED_GUARD) != 0;
1831 const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
1832 const int strict = (flags & CRN_STRICT_PREFERRED) != 0;
1833 const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
1834
1835 smartlist_t *sl, *excludednodes;
1836 routerinfo_t *choice = NULL, *r;
1837 bandwidth_weight_rule_t rule;
1838
1839 tor_assert(!(weight_for_exit && need_guard));
1840 rule = weight_for_exit ? WEIGHT_FOR_EXIT :
1841 (need_guard ? WEIGHT_FOR_GUARD : NO_WEIGHTING);
1842
1843 excludednodes = smartlist_create();
1844
1845 /* Exclude relays that allow single hop exit circuits, if the user
1846 * wants to (such relays might be risky) */
1847 if (get_options()->ExcludeSingleHopRelays) {
1848 routerlist_t *rl = router_get_routerlist();
1849 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
1850 if (r->allow_single_hop_exits) {
1851 smartlist_add(excludednodes, r);
1852 });
1853 }
1854
1855 if ((r = routerlist_find_my_routerinfo())) {
1856 smartlist_add(excludednodes, r);
1857 routerlist_add_family(excludednodes, r);
1858 }
1859
1860 /* Try the preferred nodes first. Ignore need_uptime and need_capacity
1861 * and need_guard, since the user explicitly asked for these nodes. */
1862 if (preferred) {
1863 sl = smartlist_create();
1864 add_nickname_list_to_smartlist(sl,preferred,1);
1865 smartlist_subtract(sl,excludednodes);
1866 if (excludedsmartlist)
1867 smartlist_subtract(sl,excludedsmartlist);
1868 if (excludedset)
1869 routerset_subtract_routers(sl,excludedset);
1870 choice = smartlist_choose(sl);
1871 smartlist_free(sl);
1872 }
1873 if (!choice && !strict) {
1874 /* Then give up on our preferred choices: any node
1875 * will do that has the required attributes. */
1876 sl = smartlist_create();
1877 router_add_running_routers_to_smartlist(sl, allow_invalid,
1878 need_uptime, need_capacity,
1879 need_guard);
1880 smartlist_subtract(sl,excludednodes);
1881 if (excludedsmartlist)
1882 smartlist_subtract(sl,excludedsmartlist);
1883 if (excludedset)
1884 routerset_subtract_routers(sl,excludedset);
1885
1886 if (need_capacity || need_guard)
1887 choice = routerlist_sl_choose_by_bandwidth(sl, rule);
1888 else
1889 choice = smartlist_choose(sl);
1890
1891 smartlist_free(sl);
1892 if (!choice && (need_uptime || need_capacity || need_guard)) {
1893 /* try once more -- recurse but with fewer restrictions. */
1894 log_info(LD_CIRC,
1895 "We couldn't find any live%s%s%s routers; falling back "
1896 "to list of all routers.",
1897 need_capacity?", fast":"",
1898 need_uptime?", stable":"",
1899 need_guard?", guard":"");
1900 flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
1901 choice = router_choose_random_node(
1902 NULL, excludedsmartlist, excludedset, flags);
1903 }
1904 }
1905 smartlist_free(excludednodes);
1906 if (!choice) {
1907 if (strict) {
1908 log_warn(LD_CIRC, "All preferred nodes were down when trying to choose "
1909 "node, and the Strict[...]Nodes option is set. Failing.");
1910 } else {
1911 log_warn(LD_CIRC,
1912 "No available nodes when trying to choose node. Failing.");
1913 }
1914 }
1915 return choice;
1916 }
1917
1918 /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
1919 * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
1920 * (which is optionally prefixed with a single dollar sign). Return false if
1921 * <b>hexdigest</b> is malformed, or it doesn't match. */
1922 static INLINE int
1923 hex_digest_matches(const char *hexdigest, const char *identity_digest,
1924 const char *nickname, int is_named)
1925 {
1926 char digest[DIGEST_LEN];
1927 size_t len;
1928 tor_assert(hexdigest);
1929 if (hexdigest[0] == '$')
1930 ++hexdigest;
1931
1932 len = strlen(hexdigest);
1933 if (len < HEX_DIGEST_LEN)
1934 return 0;
1935 else if (len > HEX_DIGEST_LEN &&
1936 (hexdigest[HEX_DIGEST_LEN] == '=' ||
1937 hexdigest[HEX_DIGEST_LEN] == '~')) {
1938 if (strcasecmp(hexdigest+HEX_DIGEST_LEN+1, nickname))
1939 return 0;
1940 if (hexdigest[HEX_DIGEST_LEN] == '=' && !is_named)
1941 return 0;
1942 }
1943
1944 if (base16_decode(digest, DIGEST_LEN, hexdigest, HEX_DIGEST_LEN)<0)
1945 return 0;
1946 return (!memcmp(digest, identity_digest, DIGEST_LEN));
1947 }
1948
1949 /** Return true iff the digest of <b>router</b>'s identity key,
1950 * encoded in hexadecimal, matches <b>hexdigest</b> (which is
1951 * optionally prefixed with a single dollar sign). Return false if
1952 * <b>hexdigest</b> is malformed, or it doesn't match. */
1953 static INLINE int
1954 router_hex_digest_matches(routerinfo_t *router, const char *hexdigest)
1955 {
1956 return hex_digest_matches(hexdigest, router->cache_info.identity_digest,
1957 router->nickname, router->is_named);
1958 }
1959
1960 /** Return true if <b>router</b>'s nickname matches <b>nickname</b>
1961 * (case-insensitive), or if <b>router's</b> identity key digest
1962 * matches a hexadecimal value stored in <b>nickname</b>. Return
1963 * false otherwise. */
1964 static int
1965 router_nickname_matches(routerinfo_t *router, const char *nickname)
1966 {
1967 if (nickname[0]!='$' && !strcasecmp(router->nickname, nickname))
1968 return 1;
1969 return router_hex_digest_matches(router, nickname);
1970 }
1971
1972 /** Return the router in our routerlist whose (case-insensitive)
1973 * nickname or (case-sensitive) hexadecimal key digest is
1974 * <b>nickname</b>. Return NULL if no such router is known.
1975 */
1976 routerinfo_t *
1977 router_get_by_nickname(const char *nickname, int warn_if_unnamed)
1978 {
1979 int maybedigest;
1980 char digest[DIGEST_LEN];
1981 routerinfo_t *best_match=NULL;
1982 int n_matches = 0;
1983 const char *named_digest = NULL;
1984
1985 tor_assert(nickname);
1986 if (!routerlist)
1987 return NULL;
1988 if (nickname[0] == '$')
1989 return router_get_by_hexdigest(nickname);
1990 if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1991 return NULL;
1992 if (server_mode(get_options()) &&
1993 !strcasecmp(nickname, get_options()->Nickname))
1994 return router_get_my_routerinfo();
1995
1996 maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) &&
1997 (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
1998
1999 if ((named_digest = networkstatus_get_router_digest_by_nickname(nickname))) {
2000 return rimap_get(routerlist->identity_map, named_digest);
2001 }
2002 if (networkstatus_nickname_is_unnamed(nickname))
2003 return NULL;
2004
2005 /* If we reach this point, there's no canonical value for the nickname. */
2006
2007 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2008 {
2009 if (!strcasecmp(router->nickname, nickname)) {
2010 ++n_matches;
2011 if (n_matches <= 1 || router->is_running)
2012 best_match = router;
2013 } else if (maybedigest &&
2014 !memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)
2015 ) {
2016 if (router_hex_digest_matches(router, nickname))
2017 return router;
2018 /* If we reach this point, we have a ID=name syntax that matches the
2019 * identity but not the name. That isn't an acceptable match. */
2020 }
2021 });
2022
2023 if (best_match) {
2024 if (warn_if_unnamed && n_matches > 1) {
2025 smartlist_t *fps = smartlist_create();
2026 int any_unwarned = 0;
2027 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
2028 {
2029 routerstatus_t *rs;
2030 char *desc;
2031 size_t dlen;
2032 char fp[HEX_DIGEST_LEN+1];
2033 if (strcasecmp(router->nickname, nickname))
2034 continue;
2035 rs = router_get_consensus_status_by_id(
2036 router->cache_info.identity_digest);
2037 if (rs && !rs->name_lookup_warned) {
2038 rs->name_lookup_warned = 1;
2039 any_unwarned = 1;
2040 }
2041 base16_encode(fp, sizeof(fp),
2042 router->cache_info.identity_digest, DIGEST_LEN);
2043 dlen = 32 + HEX_DIGEST_LEN + strlen(router->address);
2044 desc = tor_malloc(dlen);
2045 tor_snprintf(desc, dlen, "\"$%s\" for the one at %s:%d",
2046 fp, router->address, router->or_port);
2047 smartlist_add(fps, desc);
2048 });
2049 if (any_unwarned) {
2050 char *alternatives = smartlist_join_strings(fps, "; ",0,NULL);
2051 log_warn(LD_CONFIG,
2052 "There are multiple matches for the nickname \"%s\","
2053 " but none is listed as named by the directory authorities. "
2054 "Choosing one arbitrarily. If you meant one in particular, "
2055 "you should say %s.", nickname, alternatives);
2056 tor_free(alternatives);
2057 }
2058 SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
2059 smartlist_free(fps);
2060 } else if (warn_if_unnamed) {
2061 routerstatus_t *rs = router_get_consensus_status_by_id(
2062 best_match->cache_info.identity_digest);
2063 if (rs && !rs->name_lookup_warned) {
2064 char fp[HEX_DIGEST_LEN+1];
2065 base16_encode(fp, sizeof(fp),
2066 best_match->cache_info.identity_digest, DIGEST_LEN);
2067 log_warn(LD_CONFIG, "You specified a server \"%s\" by name, but this "
2068 "name is not registered, so it could be used by any server, "
2069 "not just the one you meant. "
2070 "To make sure you get the same server in the future, refer to "
2071 "it by key, as \"$%s\".", nickname, fp);
2072 rs->name_lookup_warned = 1;
2073 }
2074 }
2075 return best_match;
2076 }
2077
2078 return NULL;
2079 }
2080
2081 /** Try to find a routerinfo for <b>digest</b>. If we don't have one,
2082 * return 1. If we do, ask tor_version_as_new_as() for the answer.
2083 */
2084 int
2085 router_digest_version_as_new_as(const char *digest, const char *cutoff)
2086 {
2087 routerinfo_t *router = router_get_by_digest(digest);
2088 if (!router)
2089 return 1;
2090 return tor_version_as_new_as(router->platform, cutoff);
2091 }
2092
2093 /** Return true iff <b>digest</b> is the digest of the identity key of a
2094 * trusted directory matching at least one bit of <b>type</b>. If <b>type</b>
2095 * is zero, any authority is okay. */
2096 int
2097 router_digest_is_trusted_dir_type(const char *digest, authority_type_t type)
2098 {
2099 if (!trusted_dir_servers)
2100 return 0;
2101 if (authdir_mode(get_options()) && router_digest_is_me(digest))
2102 return 1;
2103 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2104 if (!memcmp(digest, ent->digest, DIGEST_LEN)) {
2105 return (!type) || ((type & ent->type) != 0);
2106 });
2107 return 0;
2108 }
2109
2110 /** Return true iff <b>addr</b> is the address of one of our trusted
2111 * directory authorities. */
2112 int
2113 router_addr_is_trusted_dir(uint32_t addr)
2114 {
2115 if (!trusted_dir_servers)
2116 return 0;
2117 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
2118 if (ent->addr == addr)
2119 return 1;
2120 );
2121 return 0;
2122 }
2123
2124 /** If hexdigest is correctly formed, base16_decode it into
2125 * digest, which must have DIGEST_LEN space in it.
2126 * Return 0 on success, -1 on failure.
2127 */
2128 int
2129 hexdigest_to_digest(const char *hexdigest, char *digest)
2130 {
2131 if (hexdigest[0]=='$')
2132 ++hexdigest;
2133 if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2134 base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) < 0)
2135 return -1;
2136 return 0;
2137 }
2138
2139 /** Return the router in our routerlist whose hexadecimal key digest
2140 * is <b>hexdigest</b>. Return NULL if no such router is known. */
2141 routerinfo_t *
2142 router_get_by_hexdigest(const char *hexdigest)
2143 {
2144 char digest[DIGEST_LEN];
2145 size_t len;
2146 routerinfo_t *ri;
2147
2148 tor_assert(hexdigest);
2149 if (!routerlist)
2150 return NULL;
2151 if (hexdigest[0]=='$')
2152 ++hexdigest;
2153 len = strlen(hexdigest);
2154 if (hexdigest_to_digest(hexdigest, digest) < 0)
2155 return NULL;
2156
2157 ri = router_get_by_digest(digest);
2158
2159 if (ri && len > HEX_DIGEST_LEN) {
2160 if (hexdigest[HEX_DIGEST_LEN] == '=') {
2161 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1) ||
2162 !ri->is_named)
2163 return NULL;
2164 } else if (hexdigest[HEX_DIGEST_LEN] == '~') {
2165 if (strcasecmp(ri->nickname, hexdigest+HEX_DIGEST_LEN+1))
2166 return NULL;
2167 } else {
2168 return NULL;
2169 }
2170 }
2171
2172 return ri;
2173 }
2174
2175 /** Return the router in our routerlist whose 20-byte key digest
2176 * is <b>digest</b>. Return NULL if no such router is known. */
2177 routerinfo_t *
2178 router_get_by_digest(const char *digest)
2179 {
2180 tor_assert(digest);
2181
2182 if (!routerlist) return NULL;
2183
2184 // routerlist_assert_ok(routerlist);
2185
2186 return rimap_get(routerlist->identity_map, digest);
2187 }
2188
2189 /** Return the router in our routerlist whose 20-byte descriptor
2190 * is <b>digest</b>. Return NULL if no such router is known. */
2191 signed_descriptor_t *
2192 router_get_by_descriptor_digest(const char *digest)
2193 {
2194 tor_assert(digest);
2195
2196 if (!routerlist) return NULL;
2197
2198 return sdmap_get(routerlist->desc_digest_map, digest);
2199 }
2200
2201 /** Return the signed descriptor for the router in our routerlist whose
2202 * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
2203 * is known. */
2204 signed_descriptor_t *
2205 router_get_by_extrainfo_digest(const char *digest)
2206 {
2207 tor_assert(digest);
2208
2209 if (!routerlist) return NULL;
2210
2211 return sdmap_get(routerlist->desc_by_eid_map, digest);
2212 }
2213
2214 /** Return the signed descriptor for the extrainfo_t in our routerlist whose
2215 * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
2216 * document is known. */
2217 signed_descriptor_t *
2218 extrainfo_get_by_descriptor_digest(const char *digest)
2219 {
2220 extrainfo_t *ei;
2221 tor_assert(digest);
2222 if (!routerlist) return NULL;
2223 ei = eimap_get(routerlist->extra_info_map, digest);
2224 return ei ? &ei->cache_info : NULL;
2225 }
2226
2227 /** Return a pointer to the signed textual representation of a descriptor.
2228 * The returned string is not guaranteed to be NUL-terminated: the string's
2229 * length will be in desc-\>signed_descriptor_len.
2230 *
2231 * If <b>with_annotations</b> is set, the returned string will include
2232 * the annotations
2233 * (if any) preceding the descriptor. This will increase the length of the
2234 * string by desc-\>annotations_len.
2235 *
2236 * The caller must not free the string returned.
2237 */
2238 static const char *
2239 signed_descriptor_get_body_impl(signed_descriptor_t *desc,
2240 int with_annotations)
2241 {
2242 const char *r = NULL;
2243 size_t len = desc->signed_descriptor_len;
2244 off_t offset = desc->saved_offset;
2245 if (with_annotations)
2246 len += desc->annotations_len;
2247 else
2248 offset += desc->annotations_len;
2249
2250 tor_assert(len > 32);
2251 if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
2252 desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
2253 if (store && store->mmap) {
2254 tor_assert(desc->saved_offset + len <= store->mmap->size);
2255 r = store->mmap->data + offset;
2256 } else if (store) {
2257 log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
2258 "mmaped in our cache. Is another process running in our data "
2259 "directory? Exiting.");
2260 exit(1);
2261 }
2262 }
2263 if (!r) /* no mmap, or not in cache. */
2264 r = desc->signed_descriptor_body +
2265 (with_annotations ? 0 : desc->annotations_len);
2266
2267 tor_assert(r);
2268 if (!with_annotations) {
2269 if (memcmp("router ", r, 7) && memcmp("extra-info ", r, 11)) {
2270 char *cp = tor_strndup(r, 64);
2271 log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
2272 "Is another process running in our data directory? Exiting.",
2273 desc, escaped(cp));
2274 exit(1);
2275 }
2276 }
2277
2278 return r;
2279 }
2280
2281 /** Return a pointer to the signed textual representation of a descriptor.
2282 * The returned string is not guaranteed to be NUL-terminated: the string's
2283 * length will be in desc-\>signed_descriptor_len.
2284 *
2285 * The caller must not free the string returned.
2286 */
2287 const char *
2288 signed_descriptor_get_body(signed_descriptor_t *desc)
2289 {
2290 return signed_descriptor_get_body_impl(desc, 0);
2291 }
2292
2293 /** As signed_descriptor_get_body(), but points to the beginning of the
2294 * annotations section rather than the beginning of the descriptor. */
2295 const char *
2296 signed_descriptor_get_annotations(signed_descriptor_t *desc)
2297 {
2298 return signed_descriptor_get_body_impl(desc, 1);
2299 }
2300
2301 /** Return the current list of all known routers. */
2302 routerlist_t *
2303 router_get_routerlist(void)
2304 {
2305 if (PREDICT_UNLIKELY(!routerlist)) {
2306 routerlist = tor_malloc_zero(sizeof(routerlist_t));
2307 routerlist->routers = smartlist_create();
2308 routerlist->old_routers = smartlist_create();
2309 routerlist->identity_map = rimap_new();
2310 routerlist->desc_digest_map = sdmap_new();
2311 routerlist->desc_by_eid_map = sdmap_new();
2312 routerlist->extra_info_map = eimap_new();
2313
2314 routerlist->desc_store.fname_base = "cached-descriptors";
2315 routerlist->desc_store.fname_alt_base = "cached-routers";
2316 routerlist->extrainfo_store.fname_base = "cached-extrainfo";
2317
2318 routerlist->desc_store.type = ROUTER_STORE;
2319 routerlist->extrainfo_store.type = EXTRAINFO_STORE;
2320
2321 routerlist->desc_store.description = "router descriptors";
2322 routerlist->extrainfo_store.description = "extra-info documents";
2323 }
2324 return routerlist;
2325 }
2326
2327 /** Free all storage held by <b>router</b>. */
2328 void
2329 routerinfo_free(routerinfo_t *router)
2330 {
2331 if (!router)
2332 return;
2333
2334 tor_free(router->cache_info.signed_descriptor_body);
2335 tor_free(router->address);
2336 tor_free(router->nickname);
2337 tor_free(router->platform);
2338 tor_free(router->contact_info);
2339 if (router->onion_pkey)
2340 crypto_free_pk_env(router->onion_pkey);
2341 if (router->identity_pkey)
2342 crypto_free_pk_env(router->identity_pkey);
2343 if (router->declared_family) {
2344 SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
2345 smartlist_free(router->declared_family);
2346 }
2347 addr_policy_list_free(router->exit_policy);
2348
2349 /* XXXX Remove if this turns out to affect performance. */
2350 memset(router, 77, sizeof(routerinfo_t));
2351
2352 tor_free(router);
2353 }
2354
2355 /** Release all storage held by <b>extrainfo</b> */
2356 void
2357 extrainfo_free(extrainfo_t *extrainfo)
2358 {
2359 if (!extrainfo)
2360 return;
2361 tor_free(extrainfo->cache_info.signed_descriptor_body);
2362 tor_free(extrainfo->pending_sig);
2363
2364 /* XXXX remove this if it turns out to slow us down. */
2365 memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
2366 tor_free(extrainfo);
2367 }
2368
2369 /** Release storage held by <b>sd</b>. */
2370 static void
2371 signed_descriptor_free(signed_descriptor_t *sd)
2372 {
2373 tor_free(sd->signed_descriptor_body);
2374
2375 /* XXXX remove this once more bugs go away. */
2376 memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
2377 tor_free(sd);
2378 }
2379
2380 /** Extract a signed_descriptor_t from a routerinfo, and free the routerinfo.
2381 */
2382 static signed_descriptor_t *
2383 signed_descriptor_from_routerinfo(routerinfo_t *ri)
2384 {
2385 signed_descriptor_t *sd = tor_malloc_zero(sizeof(signed_descriptor_t));
2386 memcpy(sd, &(ri->cache_info), sizeof(signed_descriptor_t));
2387 sd->routerlist_index = -1;
2388 ri->cache_info.signed_descriptor_body = NULL;
2389 routerinfo_free(ri);
2390 return sd;
2391 }
2392
2393 /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
2394 static void
2395 _extrainfo_free(void *e)
2396 {
2397 extrainfo_free(e);
2398 }
2399
2400 /** Free all storage held by a routerlist <b>rl</b>. */
2401 void
2402 routerlist_free(routerlist_t *rl)
2403 {
2404 tor_assert(rl);
2405 rimap_free(rl->identity_map, NULL);
2406 sdmap_free(rl->desc_digest_map, NULL);
2407 sdmap_free(rl->desc_by_eid_map, NULL);
2408 eimap_free(rl->extra_info_map, _extrainfo_free);
2409 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2410 routerinfo_free(r));
2411 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
2412 signed_descriptor_free(sd));
2413 smartlist_free(rl->routers);
2414 smartlist_free(rl->old_routers);
2415 if (routerlist->desc_store.mmap)
2416 tor_munmap_file(routerlist->desc_store.mmap);
2417 if (routerlist->extrainfo_store.mmap)
2418 tor_munmap_file(routerlist->extrainfo_store.mmap);
2419 tor_free(rl);
2420
2421 router_dir_info_changed();
2422 }
2423
2424 /** Log information about how much memory is being used for routerlist,
2425 * at log level <b>severity</b>. */
2426 void
2427 dump_routerlist_mem_usage(int severity)
2428 {
2429 uint64_t livedescs = 0;
2430 uint64_t olddescs = 0;
2431 if (!routerlist)
2432 return;
2433 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
2434 livedescs += r->cache_info.signed_descriptor_len);
2435 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2436 olddescs += sd->signed_descriptor_len);
2437
2438 log(severity, LD_DIR,
2439 "In %d live descriptors: "U64_FORMAT" bytes. "
2440 "In %d old descriptors: "U64_FORMAT" bytes.",
2441 smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
2442 smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
2443
2444 #if 0
2445 {
2446 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2447 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2448 log(severity, LD_DIR, "Now let's look through old_descriptors!");
2449 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd, {
2450 int in_v2 = 0;
2451 int in_v3 = 0;
2452 char published[ISO_TIME_LEN+1];
2453 char last_valid_until[ISO_TIME_LEN+1];
2454 char last_served_at[ISO_TIME_LEN+1];
2455 char id[HEX_DIGEST_LEN+1];
2456 routerstatus_t *rs;
2457 format_iso_time(published, sd->published_on);
2458 format_iso_time(last_valid_until, sd->last_listed_as_valid_until);
2459 format_iso_time(last_served_at, sd->last_served_at);
2460 base16_encode(id, sizeof(id), sd->identity_digest, DIGEST_LEN);
2461 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
2462 {
2463 rs = networkstatus_v2_find_entry(ns, sd->identity_digest);
2464 if (rs && !memcmp(rs->descriptor_digest,
2465 sd->signed_descriptor_digest, DIGEST_LEN)) {
2466 in_v2 = 1; break;
2467 }
2468 });
2469 if (consensus) {
2470 rs = networkstatus_vote_find_entry(consensus, sd->identity_digest);
2471 if (rs && !memcmp(rs->descriptor_digest,
2472 sd->signed_descriptor_digest, DIGEST_LEN))
2473 in_v3 = 1;
2474 }
2475 log(severity, LD_DIR,
2476 "Old descriptor for %s (published %s) %sin v2 ns, %sin v3 "
2477 "consensus. Last valid until %s; last served at %s.",
2478 id, published, in_v2 ? "" : "not ", in_v3 ? "" : "not ",
2479 last_valid_until, last_served_at);
2480 });
2481 }
2482 #endif
2483 }
2484
2485 /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
2486 * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
2487 * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
2488 * is not in <b>sl</b>. */
2489 static INLINE int
2490 _routerlist_find_elt(smartlist_t *sl, void *ri, int idx)
2491 {
2492 if (idx < 0) {
2493 idx = -1;
2494 SMARTLIST_FOREACH(sl, routerinfo_t *, r,
2495 if (r == ri) {
2496 idx = r_sl_idx;
2497 break;
2498 });
2499 } else {
2500 tor_assert(idx < smartlist_len(sl));
2501 tor_assert(smartlist_get(sl, idx) == ri);
2502 };
2503 return idx;
2504 }
2505
2506 /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
2507 * as needed. There must be no previous member of <b>rl</b> with the same
2508 * identity digest as <b>ri</b>: If there is, call routerlist_replace
2509 * instead.
2510 */
2511 static void
2512 routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
2513 {
2514 routerinfo_t *ri_old;
2515 {
2516 /* XXXX Remove if this slows us down. */
2517 routerinfo_t *ri_generated = router_get_my_routerinfo();
2518 tor_assert(ri_generated != ri);
2519 }
2520 tor_assert(ri->cache_info.routerlist_index == -1);
2521
2522 ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
2523 tor_assert(!ri_old);
2524 sdmap_set(rl->desc_digest_map, ri->cache_info.signed_descriptor_digest,
2525 &(ri->cache_info));
2526 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2527 sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
2528 &ri->cache_info);
2529 smartlist_add(rl->routers, ri);
2530 ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
2531 router_dir_info_changed();
2532 #ifdef DEBUG_ROUTERLIST
2533 routerlist_assert_ok(rl);
2534 #endif
2535 }
2536
2537 /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
2538 * corresponding router in rl-\>routers or rl-\>old_routers. Return true iff
2539 * we actually inserted <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
2540 static int
2541 extrainfo_insert(routerlist_t *rl, extrainfo_t *ei)
2542 {
2543 int r = 0;
2544 routerinfo_t *ri = rimap_get(rl->identity_map,
2545 ei->cache_info.identity_digest);
2546 signed_descriptor_t *sd =
2547 sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
2548 extrainfo_t *ei_tmp;
2549
2550 {
2551 /* XXXX remove this code if it slows us down. */
2552 extrainfo_t *ei_generated = router_get_my_extrainfo();
2553 tor_assert(ei_generated != ei);
2554 }
2555
2556 if (!ri) {
2557 /* This router is unknown; we can't even verify the signature. Give up.*/
2558 goto done;
2559 }
2560 if (routerinfo_incompatible_with_extrainfo(ri, ei, sd, NULL)) {
2561 goto done;
2562 }
2563
2564 /* Okay, if we make it here, we definitely have a router corresponding to
2565 * this extrainfo. */
2566
2567 ei_tmp = eimap_set(rl->extra_info_map,
2568 ei->cache_info.signed_descriptor_digest,
2569 ei);
2570 r = 1;
2571 if (ei_tmp) {
2572 rl->extrainfo_store.bytes_dropped +=
2573 ei_tmp->cache_info.signed_descriptor_len;
2574 extrainfo_free(ei_tmp);
2575 }
2576
2577 done:
2578 if (r == 0)
2579 extrainfo_free(ei);
2580
2581 #ifdef DEBUG_ROUTERLIST
2582 routerlist_assert_ok(rl);
2583 #endif
2584 return r;
2585 }
2586
2587 #define should_cache_old_descriptors() \
2588 directory_caches_dir_info(get_options())
2589
2590 /** If we're a directory cache and routerlist <b>rl</b> doesn't have
2591 * a copy of router <b>ri</b> yet, add it to the list of old (not
2592 * recommended but still served) descriptors. Else free it. */
2593 static void
2594 routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
2595 {
2596 {
2597 /* XXXX remove this code if it slows us down. */
2598 routerinfo_t *ri_generated = router_get_my_routerinfo();
2599 tor_assert(ri_generated != ri);
2600 }
2601 tor_assert(ri->cache_info.routerlist_index == -1);
2602
2603 if (should_cache_old_descriptors() &&
2604 ri->purpose == ROUTER_PURPOSE_GENERAL &&
2605 !sdmap_get(rl->desc_digest_map,
2606 ri->cache_info.signed_descriptor_digest)) {
2607 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
2608 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2609 smartlist_add(rl->old_routers, sd);
2610 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2611 if (!tor_digest_is_zero(sd->extra_info_digest))
2612 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2613 } else {
2614 routerinfo_free(ri);
2615 }
2616 #ifdef DEBUG_ROUTERLIST
2617 routerlist_assert_ok(rl);
2618 #endif
2619 }
2620
2621 /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
2622 * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl-&gt;routers,
2623 * idx) == ri, we don't need to do a linear search over the list to decide
2624 * which to remove. We fill the gap in rl-&gt;routers with a later element in
2625 * the list, if any exists. <b>ri</b> is freed.
2626 *
2627 * If <b>make_old</b> is true, instead of deleting the router, we try adding
2628 * it to rl-&gt;old_routers. */
2629 void
2630 routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
2631 {
2632 routerinfo_t *ri_tmp;
2633 extrainfo_t *ei_tmp;
2634 int idx = ri->cache_info.routerlist_index;
2635 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2636 tor_assert(smartlist_get(rl->routers, idx) == ri);
2637
2638 /* make sure the rephist module knows that it's not running */
2639 rep_hist_note_router_unreachable(ri->cache_info.identity_digest, now);
2640
2641 ri->cache_info.routerlist_index = -1;
2642 smartlist_del(rl->routers, idx);
2643 if (idx < smartlist_len(rl->routers)) {
2644 routerinfo_t *r = smartlist_get(rl->routers, idx);
2645 r->cache_info.routerlist_index = idx;
2646 }
2647
2648 ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
2649 router_dir_info_changed();
2650 tor_assert(ri_tmp == ri);
2651
2652 if (make_old && should_cache_old_descriptors() &&
2653 ri->purpose == ROUTER_PURPOSE_GENERAL) {
2654 signed_descriptor_t *sd;
2655 sd = signed_descriptor_from_routerinfo(ri);
2656 smartlist_add(rl->old_routers, sd);
2657 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2658 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2659 if (!tor_digest_is_zero(sd->extra_info_digest))
2660 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2661 } else {
2662 signed_descriptor_t *sd_tmp;
2663 sd_tmp = sdmap_remove(rl->desc_digest_map,
2664 ri->cache_info.signed_descriptor_digest);
2665 tor_assert(sd_tmp == &(ri->cache_info));
2666 rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
2667 ei_tmp = eimap_remove(rl->extra_info_map,
2668 ri->cache_info.extra_info_digest);
2669 if (ei_tmp) {
2670 rl->extrainfo_store.bytes_dropped +=
2671 ei_tmp->cache_info.signed_descriptor_len;
2672 extrainfo_free(ei_tmp);
2673 }
2674 if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
2675 sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
2676 routerinfo_free(ri);
2677 }
2678 #ifdef DEBUG_ROUTERLIST
2679 routerlist_assert_ok(rl);
2680 #endif
2681 }
2682
2683 /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
2684 * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
2685 * <b>sd</b>. */
2686 static void
2687 routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
2688 {
2689 signed_descriptor_t *sd_tmp;
2690 extrainfo_t *ei_tmp;
2691 desc_store_t *store;
2692 if (idx == -1) {
2693 idx = sd->routerlist_index;
2694 }
2695 tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
2696 /* XXXX edmanm's bridge relay triggered the following assert while
2697 * running 0.2.0.12-alpha. If anybody triggers this again, see if we
2698 * can get a backtrace. */
2699 tor_assert(smartlist_get(rl->old_routers, idx) == sd);
2700 tor_assert(idx == sd->routerlist_index);
2701
2702 sd->routerlist_index = -1;
2703 smartlist_del(rl->old_routers, idx);
2704 if (idx < smartlist_len(rl->old_routers)) {
2705 signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
2706 d->routerlist_index = idx;
2707 }
2708 sd_tmp = sdmap_remove(rl->desc_digest_map,
2709 sd->signed_descriptor_digest);
2710 tor_assert(sd_tmp == sd);
2711 store = desc_get_store(rl, sd);
2712 if (store)
2713 store->bytes_dropped += sd->signed_descriptor_len;
2714
2715 ei_tmp = eimap_remove(rl->extra_info_map,
2716 sd->extra_info_digest);
2717 if (ei_tmp) {
2718 rl->extrainfo_store.bytes_dropped +=
2719 ei_tmp->cache_info.signed_descriptor_len;
2720 extrainfo_free(ei_tmp);
2721 }
2722 if (!tor_digest_is_zero(sd->extra_info_digest))
2723 sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
2724
2725 signed_descriptor_free(sd);
2726 #ifdef DEBUG_ROUTERLIST
2727 routerlist_assert_ok(rl);
2728 #endif
2729 }
2730
2731 /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
2732 * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
2733 * smartlist_get(rl-&gt;routers, idx) == ri, we don't need to do a linear
2734 * search over the list to decide which to remove. We put ri_new in the same
2735 * index as ri_old, if possible. ri is freed as appropriate.
2736 *
2737 * If should_cache_descriptors() is true, instead of deleting the router,
2738 * we add it to rl-&gt;old_routers. */
2739 static void
2740 routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
2741 routerinfo_t *ri_new)
2742 {
2743 int idx;
2744
2745 routerinfo_t *ri_tmp;
2746 extrainfo_t *ei_tmp;
2747 {
2748 /* XXXX Remove this if it turns out to slow us down. */
2749 routerinfo_t *ri_generated = router_get_my_routerinfo();
2750 tor_assert(ri_generated != ri_new);
2751 }
2752 tor_assert(ri_old != ri_new);
2753 tor_assert(ri_new->cache_info.routerlist_index == -1);
2754
2755 idx = ri_old->cache_info.routerlist_index;
2756 tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
2757 tor_assert(smartlist_get(rl->routers, idx) == ri_old);
2758
2759 router_dir_info_changed();
2760 if (idx >= 0) {
2761 smartlist_set(rl->routers, idx, ri_new);
2762 ri_old->cache_info.routerlist_index = -1;
2763 ri_new->cache_info.routerlist_index = idx;
2764 /* Check that ri_old is not in rl->routers anymore: */
2765 tor_assert( _routerlist_find_elt(rl->routers, ri_old, -1) == -1 );
2766 } else {
2767 log_warn(LD_BUG, "Appending entry from routerlist_replace.");
2768 routerlist_insert(rl, ri_new);
2769 return;
2770 }
2771 if (memcmp(ri_old->cache_info.identity_digest,
2772 ri_new->cache_info.identity_digest, DIGEST_LEN)) {
2773 /* digests don't match; digestmap_set won't replace */
2774 rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
2775 }
2776 ri_tmp = rimap_set(rl->identity_map,
2777 ri_new->cache_info.identity_digest, ri_new);
2778 tor_assert(!ri_tmp || ri_tmp == ri_old);
2779 sdmap_set(rl->desc_digest_map,
2780 ri_new->cache_info.signed_descriptor_digest,
2781 &(ri_new->cache_info));
2782
2783 if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
2784 sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
2785 &ri_new->cache_info);
2786 }
2787
2788 if (should_cache_old_descriptors() &&
2789 ri_old->purpose == ROUTER_PURPOSE_GENERAL) {
2790 signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
2791 smartlist_add(rl->old_routers, sd);
2792 sd->routerlist_index = smartlist_len(rl->old_routers)-1;
2793 sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
2794 if (!tor_digest_is_zero(sd->extra_info_digest))
2795 sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
2796 } else {
2797 if (memcmp(ri_old->cache_info.signed_descriptor_digest,
2798 ri_new->cache_info.signed_descriptor_digest,
2799 DIGEST_LEN)) {
2800 /* digests don't match; digestmap_set didn't replace */
2801 sdmap_remove(rl->desc_digest_map,
2802 ri_old->cache_info.signed_descriptor_digest);
2803 }
2804
2805 ei_tmp = eimap_remove(rl->extra_info_map,
2806 ri_old->cache_info.extra_info_digest);
2807 if (ei_tmp) {
2808 rl->extrainfo_store.bytes_dropped +=
2809 ei_tmp->cache_info.signed_descriptor_len;
2810 extrainfo_free(ei_tmp);
2811 }
2812 if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
2813 sdmap_remove(rl->desc_by_eid_map,
2814 ri_old->cache_info.extra_info_digest);
2815 }
2816 rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
2817 routerinfo_free(ri_old);
2818 }
2819 #ifdef DEBUG_ROUTERLIST
2820 routerlist_assert_ok(rl);
2821 #endif
2822 }
2823
2824 /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
2825 * it as a fresh routerinfo_t. */
2826 static routerinfo_t *
2827 routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
2828 {
2829 routerinfo_t *ri;
2830 const char *body;
2831
2832 body = signed_descriptor_get_annotations(sd);
2833
2834 ri = router_parse_entry_from_string(body,
2835 body+sd->signed_descriptor_len+sd->annotations_len,
2836 0, 1, NULL);
2837 if (!ri)
2838 return NULL;
2839 memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
2840 sd->signed_descriptor_body = NULL; /* Steal reference. */
2841 ri->cache_info.routerlist_index = -1;
2842
2843 routerlist_remove_old(rl, sd, -1);
2844
2845 return ri;
2846 }
2847
2848 /** Free all memory held by the routerlist module. */
2849 void
2850 routerlist_free_all(void)
2851 {
2852 if (routerlist)
2853 routerlist_free(routerlist);
2854 routerlist = NULL;
2855 if (warned_nicknames) {
2856 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2857 smartlist_free(warned_nicknames);
2858 warned_nicknames = NULL;
2859 }
2860 if (trusted_dir_servers) {
2861 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
2862 trusted_dir_server_free(ds));
2863 smartlist_free(trusted_dir_servers);
2864 trusted_dir_servers = NULL;
2865 }
2866 if (trusted_dir_certs) {
2867 DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
2868 SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
2869 authority_cert_free(cert));
2870 smartlist_free(cl->certs);
2871 tor_free(cl);
2872 } DIGESTMAP_FOREACH_END;
2873 digestmap_free(trusted_dir_certs, NULL);
2874 trusted_dir_certs = NULL;
2875 }
2876 }
2877
2878 /** Forget that we have issued any router-related warnings, so that we'll
2879 * warn again if we see the same errors. */
2880 void
2881 routerlist_reset_warnings(void)
2882 {
2883 if (!warned_nicknames)
2884 warned_nicknames = smartlist_create();
2885 SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
2886 smartlist_clear(warned_nicknames); /* now the list is empty. */
2887
2888 networkstatus_reset_warnings();
2889 }
2890
2891 /** Mark the router with ID <b>digest</b> as running or non-running
2892 * in our routerlist. */
2893 void
2894 router_set_status(const char *digest, int up)
2895 {
2896 routerinfo_t *router;
2897 routerstatus_t *status;
2898 tor_assert(digest);
2899
2900 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
2901 if (!memcmp(d->digest, digest, DIGEST_LEN))
2902 d->is_running = up);
2903
2904 router = router_get_by_digest(digest);
2905 if (router) {
2906 log_debug(LD_DIR,"Marking router '%s/%s' as %s.",
2907 router->nickname, router->address, up ? "up" : "down");
2908 if (!up && router_is_me(router) && !we_are_hibernating())
2909 log_warn(LD_NET, "We just marked ourself as down. Are your external "
2910 "addresses reachable?");
2911 router->is_running = up;
2912 }
2913 status = router_get_consensus_status_by_id(digest);
2914 if (status && status->is_running != up) {
2915 status->is_running = up;
2916 control_event_networkstatus_changed_single(status);
2917 }
2918 router_dir_info_changed();
2919 }
2920
2921 /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
2922 * older entries (if any) with the same key. Note: Callers should not hold
2923 * their pointers to <b>router</b> if this function fails; <b>router</b>
2924 * will either be inserted into the routerlist or freed. Similarly, even
2925 * if this call succeeds, they should not hold their pointers to
2926 * <b>router</b> after subsequent calls with other routerinfo's -- they
2927 * might cause the original routerinfo to get freed.
2928 *
2929 * Returns the status for the operation. Might set *<b>msg</b> if it wants
2930 * the poster of the router to know something.
2931 *
2932 * If <b>from_cache</b>, this descriptor came from our disk cache. If
2933 * <b>from_fetch</b>, we received it in response to a request we made.
2934 * (If both are false, that means it was uploaded to us as an auth dir
2935 * server or via the controller.)
2936 *
2937 * This function should be called *after*
2938 * routers_update_status_from_consensus_networkstatus; subsequently, you
2939 * should call router_rebuild_store and routerlist_descriptors_added.
2940 */
2941 was_router_added_t
2942 router_add_to_routerlist(routerinfo_t *router, const char **msg,
2943 int from_cache, int from_fetch)
2944 {
2945 const char *id_digest;
2946 int authdir = authdir_mode_handles_descs(get_options(), router->purpose);
2947 int authdir_believes_valid = 0;
2948 routerinfo_t *old_router;
2949 networkstatus_t *consensus = networkstatus_get_latest_consensus();
2950 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
2951 int in_consensus = 0;
2952
2953 tor_assert(msg);
2954
2955 if (!routerlist)
2956 router_get_routerlist();
2957
2958 id_digest = router->cache_info.identity_digest;
2959
2960 /* Make sure that we haven't already got this exact descriptor. */
2961 if (sdmap_get(routerlist->desc_digest_map,
2962 router->cache_info.signed_descriptor_digest)) {
2963 log_info(LD_DIR,
2964 "Dropping descriptor that we already have for router '%s'",
2965 router->nickname);
2966 *msg = "Router descriptor was not new.";
2967 routerinfo_free(router);
2968 return ROUTER_WAS_NOT_NEW;
2969 }
2970
2971 if (authdir) {
2972 if (authdir_wants_to_reject_router(router, msg,
2973 !from_cache && !from_fetch)) {
2974 tor_assert(*msg);
2975 routerinfo_free(router);
2976 return ROUTER_AUTHDIR_REJECTS;
2977 }
2978 authdir_believes_valid = router->is_valid;
2979 } else if (from_fetch) {
2980 /* Only check the descriptor digest against the network statuses when
2981 * we are receiving in response to a fetch. */
2982
2983 if (!signed_desc_digest_is_recognized(&router->cache_info) &&
2984 !routerinfo_is_a_configured_bridge(router)) {
2985 /* We asked for it, so some networkstatus must have listed it when we
2986 * did. Save it if we're a cache in case somebody else asks for it. */
2987 log_info(LD_DIR,
2988 "Received a no-longer-recognized descriptor for router '%s'",
2989 router->nickname);
2990 *msg = "Router descriptor is not referenced by any network-status.";
2991
2992 /* Only journal this desc if we'll be serving it. */
2993 if (!from_cache && should_cache_old_descriptors())
2994 signed_desc_append_to_journal(&router->cache_info,
2995 &routerlist->desc_store);
2996 routerlist_insert_old(routerlist, router);
2997 return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
2998 }
2999 }
3000
3001 /* We no longer need a router with this descriptor digest. */
3002 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3003 {
3004 routerstatus_t *rs =
3005 networkstatus_v2_find_entry(ns, router->cache_info.identity_digest);
3006 if (rs && !memcmp(rs->descriptor_digest,
3007 router->cache_info.signed_descriptor_digest,
3008 DIGEST_LEN))
3009 rs->need_to_mirror = 0;
3010 });
3011 if (consensus) {
3012 routerstatus_t *rs = networkstatus_vote_find_entry(consensus,
3013 router->cache_info.identity_digest);
3014 if (rs && !memcmp(rs->descriptor_digest,
3015 router->cache_info.signed_descriptor_digest,
3016 DIGEST_LEN)) {
3017 in_consensus = 1;
3018 rs->need_to_mirror = 0;
3019 }
3020 }
3021
3022 if (router->purpose == ROUTER_PURPOSE_GENERAL &&
3023 consensus && !in_consensus && !authdir) {
3024 /* If it's a general router not listed in the consensus, then don't
3025 * consider replacing the latest router with it. */
3026 if (!from_cache && should_cache_old_descriptors())
3027 signed_desc_append_to_journal(&router->cache_info,
3028 &routerlist->desc_store);
3029 routerlist_insert_old(routerlist, router);
3030 *msg = "Skipping router descriptor: not in consensus.";
3031 return ROUTER_NOT_IN_CONSENSUS;
3032 }
3033
3034 /* If we have a router with the same identity key, choose the newer one. */
3035 old_router = rimap_get(routerlist->identity_map,
3036 router->cache_info.identity_digest);
3037 if (old_router) {
3038 if (!in_consensus && (router->cache_info.published_on <=
3039 old_router->cache_info.published_on)) {
3040 /* Same key, but old. This one is not listed in the consensus. */
3041 log_debug(LD_DIR, "Skipping not-new descriptor for router '%s'",
3042 router->nickname);
3043 /* Only journal this desc if we'll be serving it. */
3044 if (!from_cache && should_cache_old_descriptors())
3045 signed_desc_append_to_journal(&router->cache_info,
3046 &routerlist->desc_store);
3047 routerlist_insert_old(routerlist, router);
3048 *msg = "Router descriptor was not new.";
3049 return ROUTER_WAS_NOT_NEW;
3050 } else {
3051 /* Same key, and either new, or listed in the consensus. */
3052 log_debug(LD_DIR, "Replacing entry for router '%s/%s' [%s]",
3053 router->nickname, old_router->nickname,
3054 hex_str(id_digest,DIGEST_LEN));
3055 if (router->addr == old_router->addr &&
3056 router->or_port == old_router->or_port) {
3057 /* these carry over when the address and orport are unchanged. */
3058 router->last_reachable = old_router->last_reachable;
3059 router->testing_since = old_router->testing_since;
3060 }
3061 routerlist_replace(routerlist, old_router, router);
3062 if (!from_cache) {
3063 signed_desc_append_to_journal(&router->cache_info,
3064 &routerlist->desc_store);
3065 }
3066 directory_set_dirty();
3067 *msg = authdir_believes_valid ? "Valid server updated" :
3068 ("Invalid server updated. (This dirserver is marking your "
3069 "server as unapproved.)");
3070 return ROUTER_ADDED_SUCCESSFULLY;
3071 }
3072 }
3073
3074 if (!in_consensus && from_cache &&
3075 router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
3076 *msg = "Router descriptor was really old.";
3077 routerinfo_free(router);
3078 return ROUTER_WAS_NOT_NEW;
3079 }
3080
3081 /* We haven't seen a router with this identity before. Add it to the end of
3082 * the list. */
3083 routerlist_insert(routerlist, router);
3084 if (!from_cache)
3085 signed_desc_append_to_journal(&router->cache_info,
3086 &routerlist->desc_store);
3087 directory_set_dirty();
3088 return ROUTER_ADDED_SUCCESSFULLY;
3089 }
3090
3091 /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
3092 * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
3093 * we actually inserted it, ROUTER_BAD_EI otherwise.
3094 */
3095 was_router_added_t
3096 router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
3097 int from_cache, int from_fetch)
3098 {
3099 int inserted;
3100 (void)from_fetch;
3101 if (msg) *msg = NULL;
3102 /*XXXX022 Do something with msg */
3103
3104 inserted = extrainfo_insert(router_get_routerlist(), ei);
3105
3106 if (inserted && !from_cache)
3107 signed_desc_append_to_journal(&ei->cache_info,
3108 &routerlist->extrainfo_store);
3109
3110 if (inserted)
3111 return ROUTER_ADDED_SUCCESSFULLY;
3112 else
3113 return ROUTER_BAD_EI;
3114 }
3115
3116 /** Sorting helper: return &lt;0, 0, or &gt;0 depending on whether the
3117 * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
3118 * to, or later than that of *<b>b</b>. */
3119 static int
3120 _compare_old_routers_by_identity(const void **_a, const void **_b)
3121 {
3122 int i;
3123 const signed_descriptor_t *r1 = *_a, *r2 = *_b;
3124 if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
3125 return i;
3126 return (int)(r1->published_on - r2->published_on);
3127 }
3128
3129 /** Internal type used to represent how long an old descriptor was valid,
3130 * where it appeared in the list of old descriptors, and whether it's extra
3131 * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
3132 struct duration_idx_t {
3133 int duration;
3134 int idx;
3135 int old;
3136 };
3137
3138 /** Sorting helper: compare two duration_idx_t by their duration. */
3139 static int
3140 _compare_duration_idx(const void *_d1, const void *_d2)
3141 {
3142 const struct duration_idx_t *d1 = _d1;
3143 const struct duration_idx_t *d2 = _d2;
3144 return d1->duration - d2->duration;
3145 }
3146
3147 /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
3148 * must contain routerinfo_t with the same identity and with publication time
3149 * in ascending order. Remove members from this range until there are no more
3150 * than max_descriptors_per_router() remaining. Start by removing the oldest
3151 * members from before <b>cutoff</b>, then remove members which were current
3152 * for the lowest amount of time. The order of members of old_routers at
3153 * indices <b>lo</b> or higher may be changed.
3154 */
3155 static void
3156 routerlist_remove_old_cached_routers_with_id(time_t now,
3157 time_t cutoff, int lo, int hi,
3158 digestset_t *retain)
3159 {
3160 int i, n = hi-lo+1;
3161 unsigned n_extra, n_rmv = 0;
3162 struct duration_idx_t *lifespans;
3163 uint8_t *rmv, *must_keep;
3164 smartlist_t *lst = routerlist->old_routers;
3165 #if 1
3166 const char *ident;
3167 tor_assert(hi < smartlist_len(lst));
3168 tor_assert(lo <= hi);
3169 ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
3170 for (i = lo+1; i <= hi; ++i) {
3171 signed_descriptor_t *r = smartlist_get(lst, i);
3172 tor_assert(!memcmp(ident, r->identity_digest, DIGEST_LEN));
3173 }
3174 #endif
3175 /* Check whether we need to do anything at all. */
3176 {
3177 int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
3178 if (n <= mdpr)
3179 return;
3180 n_extra = n - mdpr;
3181 }
3182
3183 lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
3184 rmv = tor_malloc_zero(sizeof(uint8_t)*n);
3185 must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
3186 /* Set lifespans to contain the lifespan and index of each server. */
3187 /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
3188 for (i = lo; i <= hi; ++i) {
3189 signed_descriptor_t *r = smartlist_get(lst, i);
3190 signed_descriptor_t *r_next;
3191 lifespans[i-lo].idx = i;
3192 if (r->last_listed_as_valid_until >= now ||
3193 (retain && digestset_isin(retain, r->signed_descriptor_digest))) {
3194 must_keep[i-lo] = 1;
3195 }
3196 if (i < hi) {
3197 r_next = smartlist_get(lst, i+1);
3198 tor_assert(r->published_on <= r_next->published_on);
3199 lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
3200 } else {
3201 r_next = NULL;
3202 lifespans[i-lo].duration = INT_MAX;
3203 }
3204 if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
3205 ++n_rmv;
3206 lifespans[i-lo].old = 1;
3207 rmv[i-lo] = 1;
3208 }
3209 }
3210
3211 if (n_rmv < n_extra) {
3212 /**
3213 * We aren't removing enough servers for being old. Sort lifespans by
3214 * the duration of liveness, and remove the ones we're not already going to
3215 * remove based on how long they were alive.
3216 **/
3217 qsort(lifespans, n, sizeof(struct duration_idx_t), _compare_duration_idx);
3218 for (i = 0; i < n && n_rmv < n_extra; ++i) {
3219 if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
3220 rmv[lifespans[i].idx-lo] = 1;
3221 ++n_rmv;
3222 }
3223 }
3224 }
3225
3226 i = hi;
3227 do {
3228 if (rmv[i-lo])
3229 routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
3230 } while (--i >= lo);
3231 tor_free(must_keep);
3232 tor_free(rmv);
3233 tor_free(lifespans);
3234 }
3235
3236 /** Deactivate any routers from the routerlist that are more than
3237 * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
3238 * remove old routers from the list of cached routers if we have too many.
3239 */
3240 void
3241 routerlist_remove_old_routers(void)
3242 {
3243 int i, hi=-1;
3244 const char *cur_id = NULL;
3245 time_t now = time(NULL);
3246 time_t cutoff;
3247 routerinfo_t *router;
3248 signed_descriptor_t *sd;
3249 digestset_t *retain;
3250 int caches = directory_caches_dir_info(get_options());
3251 const networkstatus_t *consensus = networkstatus_get_latest_consensus();
3252 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3253 int have_enough_v2;
3254
3255 trusted_dirs_remove_old_certs();
3256
3257 if (!routerlist || !consensus)
3258 return;
3259
3260 // routerlist_assert_ok(routerlist);
3261
3262 /* We need to guess how many router descriptors we will wind up wanting to
3263 retain, so that we can be sure to allocate a large enough Bloom filter
3264 to hold the digest set. Overestimating is fine; underestimating is bad.
3265 */
3266 {
3267 /* We'll probably retain everything in the consensus. */
3268 int n_max_retain = smartlist_len(consensus->routerstatus_list);
3269 if (caches && networkstatus_v2_list) {
3270 /* If we care about v2 statuses, we'll retain at most as many as are
3271 listed any of the v2 statues. This will be at least the length of
3272 the largest v2 networkstatus, and in the worst case, this set will be
3273 equal to the sum of the lengths of all v2 consensuses. Take the
3274 worst case.
3275 */
3276 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3277 n_max_retain += smartlist_len(ns->entries));
3278 }
3279 retain = digestset_new(n_max_retain);
3280 }
3281
3282 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3283 /* Build a list of all the descriptors that _anybody_ lists. */
3284 if (caches && networkstatus_v2_list) {
3285 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3286 {
3287 /* XXXX The inner loop here gets pretty expensive, and actually shows up
3288 * on some profiles. It may be the reason digestmap_set shows up in
3289 * profiles too. If instead we kept a per-descriptor digest count of
3290 * how many networkstatuses recommended each descriptor, and changed
3291 * that only when the networkstatuses changed, that would be a speed
3292 * improvement, possibly 1-4% if it also removes digestmap_set from the
3293 * profile. Not worth it for 0.1.2.x, though. The new directory
3294 * system will obsolete this whole thing in 0.2.0.x. */
3295 SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
3296 if (rs->published_on >= cutoff)
3297 digestset_add(retain, rs->descriptor_digest));
3298 });
3299 }
3300
3301 /* Retain anything listed in the consensus. */
3302 if (consensus) {
3303 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
3304 if (rs->published_on >= cutoff)
3305 digestset_add(retain, rs->descriptor_digest));
3306 }
3307
3308 /* If we have a consensus, and nearly as many v2 networkstatuses as we want,
3309 * we should consider pruning current routers that are too old and that
3310 * nobody recommends. (If we don't have a consensus or enough v2
3311 * networkstatuses, then we should get more before we decide to kill
3312 * routers.) */
3313 /* we set this to true iff we don't care about v2 info, or we have enough. */
3314 have_enough_v2 = !caches ||
3315 (networkstatus_v2_list &&
3316 smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
3317
3318 if (have_enough_v2 && consensus) {
3319 cutoff = now - ROUTER_MAX_AGE;
3320 /* Remove too-old unrecommended members of routerlist->routers. */
3321 for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
3322 router = smartlist_get(routerlist->routers, i);
3323 if (router->cache_info.published_on <= cutoff &&
3324 router->cache_info.last_listed_as_valid_until < now &&
3325 !digestset_isin(retain,
3326 router->cache_info.signed_descriptor_digest)) {
3327 /* Too old: remove it. (If we're a cache, just move it into
3328 * old_routers.) */
3329 log_info(LD_DIR,
3330 "Forgetting obsolete (too old) routerinfo for router '%s'",
3331 router->nickname);
3332 routerlist_remove(routerlist, router, 1, now);
3333 i--;
3334 }
3335 }
3336 }
3337
3338 //routerlist_assert_ok(routerlist);
3339
3340 /* Remove far-too-old members of routerlist->old_routers. */
3341 cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
3342 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3343 sd = smartlist_get(routerlist->old_routers, i);
3344 if (sd->published_on <= cutoff &&
3345 sd->last_listed_as_valid_until < now &&
3346 !digestset_isin(retain, sd->signed_descriptor_digest)) {
3347 /* Too old. Remove it. */
3348 routerlist_remove_old(routerlist, sd, i--);
3349 }
3350 }
3351
3352 //routerlist_assert_ok(routerlist);
3353
3354 log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
3355 smartlist_len(routerlist->routers),
3356 smartlist_len(routerlist->old_routers));
3357
3358 /* Now we might have to look at routerlist->old_routers for extraneous
3359 * members. (We'd keep all the members if we could, but we need to save
3360 * space.) First, check whether we have too many router descriptors, total.
3361 * We're okay with having too many for some given router, so long as the
3362 * total number doesn't approach max_descriptors_per_router()*len(router).
3363 */
3364 if (smartlist_len(routerlist->old_routers) <
3365 smartlist_len(routerlist->routers))
3366 goto done;
3367
3368 /* Sort by identity, then fix indices. */
3369 smartlist_sort(routerlist->old_routers, _compare_old_routers_by_identity);
3370 /* Fix indices. */
3371 for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
3372 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3373 r->routerlist_index = i;
3374 }
3375
3376 /* Iterate through the list from back to front, so when we remove descriptors
3377 * we don't mess up groups we haven't gotten to. */
3378 for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
3379 signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
3380 if (!cur_id) {
3381 cur_id = r->identity_digest;
3382 hi = i;
3383 }
3384 if (memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
3385 routerlist_remove_old_cached_routers_with_id(now,
3386 cutoff, i+1, hi, retain);
3387 cur_id = r->identity_digest;
3388 hi = i;
3389 }
3390 }
3391 if (hi>=0)
3392 routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
3393 //routerlist_assert_ok(routerlist);
3394
3395 done:
3396 digestset_free(retain);
3397 router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
3398 router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
3399 }
3400
3401 /** We just added a new set of descriptors. Take whatever extra steps
3402 * we need. */
3403 static void
3404 routerlist_descriptors_added(smartlist_t *sl, int from_cache)
3405 {
3406 tor_assert(sl);
3407 control_event_descriptors_changed(sl);
3408 SMARTLIST_FOREACH(sl, routerinfo_t *, ri,
3409 if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
3410 learned_bridge_descriptor(ri, from_cache);
3411 );
3412 }
3413
3414 /**
3415 * Code to parse a single router descriptor and insert it into the
3416 * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
3417 * descriptor was well-formed but could not be added; and 1 if the
3418 * descriptor was added.
3419 *
3420 * If we don't add it and <b>msg</b> is not NULL, then assign to
3421 * *<b>msg</b> a static string describing the reason for refusing the
3422 * descriptor.
3423 *
3424 * This is used only by the controller.
3425 */
3426 int
3427 router_load_single_router(const char *s, uint8_t purpose, int cache,
3428 const char **msg)
3429 {
3430 routerinfo_t *ri;
3431 was_router_added_t r;
3432 smartlist_t *lst;
3433 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
3434 tor_assert(msg);
3435 *msg = NULL;
3436
3437 tor_snprintf(annotation_buf, sizeof(annotation_buf),
3438 "@source controller\n"
3439 "@purpose %s\n", router_purpose_to_string(purpose));
3440
3441 if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
3442 log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
3443 *msg = "Couldn't parse router descriptor.";
3444 return -1;
3445 }
3446 tor_assert(ri->purpose == purpose);
3447 if (router_is_me(ri)) {
3448 log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
3449 *msg = "Router's identity key matches mine.";
3450 routerinfo_free(ri);
3451 return 0;
3452 }
3453
3454 if (!cache) /* obey the preference of the controller */
3455 ri->cache_info.do_not_cache = 1;
3456
3457 lst = smartlist_create();
3458 smartlist_add(lst, ri);
3459 routers_update_status_from_consensus_networkstatus(lst, 0);
3460
3461 r = router_add_to_routerlist(ri, msg, 0, 0);
3462 if (!WRA_WAS_ADDED(r)) {
3463 /* we've already assigned to *msg now, and ri is already freed */
3464 tor_assert(*msg);
3465 if (r == ROUTER_AUTHDIR_REJECTS)
3466 log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
3467 smartlist_free(lst);
3468 return 0;
3469 } else {
3470 routerlist_descriptors_added(lst, 0);
3471 smartlist_free(lst);
3472 log_debug(LD_DIR, "Added router to list");
3473 return 1;
3474 }
3475 }
3476
3477 /** Given a string <b>s</b> containing some routerdescs, parse it and put the
3478 * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
3479 * are in response to a query to the network: cache them by adding them to
3480 * the journal.
3481 *
3482 * Return the number of routers actually added.
3483 *
3484 * If <b>requested_fingerprints</b> is provided, it must contain a list of
3485 * uppercased fingerprints. Do not update any router whose
3486 * fingerprint is not on the list; after updating a router, remove its
3487 * fingerprint from the list.
3488 *
3489 * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
3490 * are descriptor digests. Otherwise they are identity digests.
3491 */
3492 int
3493 router_load_routers_from_string(const char *s, const char *eos,
3494 saved_location_t saved_location,
3495 smartlist_t *requested_fingerprints,
3496 int descriptor_digests,
3497 const char *prepend_annotations)
3498 {
3499 smartlist_t *routers = smartlist_create(), *changed = smartlist_create();
3500 char fp[HEX_DIGEST_LEN+1];
3501 const char *msg;
3502 int from_cache = (saved_location != SAVED_NOWHERE);
3503 int allow_annotations = (saved_location != SAVED_NOWHERE);
3504 int any_changed = 0;
3505
3506 router_parse_list_from_string(&s, eos, routers, saved_location, 0,
3507 allow_annotations, prepend_annotations);
3508
3509 routers_update_status_from_consensus_networkstatus(routers, !from_cache);
3510
3511 log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
3512
3513 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
3514 was_router_added_t r;
3515 char d[DIGEST_LEN];
3516 if (requested_fingerprints) {
3517 base16_encode(fp, sizeof(fp), descriptor_digests ?
3518 ri->cache_info.signed_descriptor_digest :
3519 ri->cache_info.identity_digest,
3520 DIGEST_LEN);
3521 if (smartlist_string_isin(requested_fingerprints, fp)) {
3522 smartlist_string_remove(requested_fingerprints, fp);
3523 } else {
3524 char *requested =
3525 smartlist_join_strings(requested_fingerprints," ",0,NULL);
3526 log_warn(LD_DIR,
3527 "We received a router descriptor with a fingerprint (%s) "
3528 "that we never requested. (We asked for: %s.) Dropping.",
3529 fp, requested);
3530 tor_free(requested);
3531 routerinfo_free(ri);
3532 continue;
3533 }
3534 }
3535
3536 memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
3537 r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
3538 if (WRA_WAS_ADDED(r)) {
3539 any_changed++;
3540 smartlist_add(changed, ri);
3541 routerlist_descriptors_added(changed, from_cache);
3542 smartlist_clear(changed);
3543 } else if (WRA_WAS_REJECTED(r)) {
3544 download_status_t *dl_status;
3545 dl_status = router_get_dl_status_by_descriptor_digest(d);
3546 if (dl_status) {
3547 log_info(LD_GENERAL, "Marking router %s as never downloadable",
3548 hex_str(d, DIGEST_LEN));
3549 download_status_mark_impossible(dl_status);
3550 }
3551 }
3552 } SMARTLIST_FOREACH_END(ri);
3553
3554 routerlist_assert_ok(routerlist);
3555
3556 if (any_changed)
3557 router_rebuild_store(0, &routerlist->desc_store);
3558
3559 smartlist_free(routers);
3560 smartlist_free(changed);
3561
3562 return any_changed;
3563 }
3564
3565 /** Parse one or more extrainfos from <b>s</b> (ending immediately before
3566 * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
3567 * router_load_routers_from_string(). */
3568 void
3569 router_load_extrainfo_from_string(const char *s, const char *eos,
3570 saved_location_t saved_location,
3571 smartlist_t *requested_fingerprints,
3572 int descriptor_digests)
3573 {
3574 smartlist_t *extrainfo_list = smartlist_create();
3575 const char *msg;
3576 int from_cache = (saved_location != SAVED_NOWHERE);
3577
3578 router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
3579 NULL);
3580
3581 log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
3582
3583 SMARTLIST_FOREACH(extrainfo_list, extrainfo_t *, ei, {
3584 was_router_added_t added =
3585 router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
3586 if (WRA_WAS_ADDED(added) && requested_fingerprints) {
3587 char fp[HEX_DIGEST_LEN+1];
3588 base16_encode(fp, sizeof(fp), descriptor_digests ?
3589 ei->cache_info.signed_descriptor_digest :
3590 ei->cache_info.identity_digest,
3591 DIGEST_LEN);
3592 smartlist_string_remove(requested_fingerprints, fp);
3593 /* We silently let people stuff us with extrainfos we didn't ask for,
3594 * so long as we would have wanted them anyway. Since we always fetch
3595 * all the extrainfos we want, and we never actually act on them
3596 * inside Tor, this should be harmless. */
3597 }
3598 });
3599
3600 routerlist_assert_ok(routerlist);
3601 router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
3602
3603 smartlist_free(extrainfo_list);
3604 }
3605
3606 /** Return true iff any networkstatus includes a descriptor whose digest
3607 * is that of <b>desc</b>. */
3608 static int
3609 signed_desc_digest_is_recognized(signed_descriptor_t *desc)
3610 {
3611 routerstatus_t *rs;
3612 networkstatus_t *consensus = networkstatus_get_latest_consensus();
3613 int caches = directory_caches_dir_info(get_options());
3614 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
3615
3616 if (consensus) {
3617 rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
3618 if (rs && !memcmp(rs->descriptor_digest,
3619 desc->signed_descriptor_digest, DIGEST_LEN))
3620 return 1;
3621 }
3622 if (caches && networkstatus_v2_list) {
3623 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
3624 {
3625 if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
3626 continue;
3627 if (!memcmp(rs->descriptor_digest,
3628 desc->signed_descriptor_digest, DIGEST_LEN))
3629 return 1;
3630 });
3631 }
3632 return 0;
3633 }
3634
3635 /** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
3636 * give it all a try again. */
3637 void
3638 routerlist_retry_directory_downloads(time_t now)
3639 {
3640 router_reset_status_download_failures();
3641 router_reset_descriptor_download_failures();
3642 update_networkstatus_downloads(now);
3643 update_router_descriptor_downloads(now);
3644 }
3645
3646 /** Return 1 if all running sufficiently-stable routers will reject
3647 * addr:port, return 0 if any might accept it. */
3648 int
3649 router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
3650 int need_uptime)
3651 {
3652 addr_policy_result_t r;
3653 if (!routerlist) return 1;
3654
3655 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
3656 {
3657 if (router->is_running &&
3658 !router_is_unreliable(router, need_uptime, 0, 0)) {
3659 r = compare_addr_to_addr_policy(addr, port, router->exit_policy);
3660 if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
3661 return 0; /* this one could be ok. good enough. */
3662 }
3663 });
3664 return 1; /* all will reject. */
3665 }
3666
3667 /** Return true iff <b>router</b> does not permit exit streams.
3668 */
3669 int
3670 router_exit_policy_rejects_all(routerinfo_t *router)
3671 {
3672 return router->policy_is_reject_star;
3673 }
3674
3675 /** Add to the list of authoritative directory servers one at
3676 * <b>address</b>:<b>port</b>, with identity key <b>digest</b>. If
3677 * <b>address</b> is NULL, add ourself. Return the new trusted directory
3678 * server entry on success or NULL if we couldn't add it. */
3679 trusted_dir_server_t *
3680 add_trusted_dir_server(const char *nickname, const char *address,
3681 uint16_t dir_port, uint16_t or_port,
3682 const char *digest, const char *v3_auth_digest,
3683 authority_type_t type)
3684 {
3685 trusted_dir_server_t *ent;
3686 uint32_t a;
3687 char *hostname = NULL;
3688 size_t dlen;
3689 if (!trusted_dir_servers)
3690 trusted_dir_servers = smartlist_create();
3691
3692 if (!address) { /* The address is us; we should guess. */
3693 if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) {
3694 log_warn(LD_CONFIG,
3695 "Couldn't find a suitable address when adding ourself as a "
3696 "trusted directory server.");
3697 return NULL;
3698 }
3699 } else {
3700 if (tor_lookup_hostname(address, &a)) {
3701 log_warn(LD_CONFIG,
3702 "Unable to lookup address for directory server at '%s'",
3703 address);
3704 return NULL;
3705 }
3706 hostname = tor_strdup(address);
3707 }
3708
3709 ent = tor_malloc_zero(sizeof(trusted_dir_server_t));
3710 ent->nickname = nickname ? tor_strdup(nickname) : NULL;
3711 ent->address = hostname;
3712 ent->addr = a;
3713 ent->dir_port = dir_port;
3714 ent->or_port = or_port;
3715 ent->is_running = 1;
3716 ent->type = type;
3717 memcpy(ent->digest, digest, DIGEST_LEN);
3718 if (v3_auth_digest && (type & V3_AUTHORITY))
3719 memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
3720
3721 dlen = 64 + strlen(hostname) + (nickname?strlen(nickname):0);
3722 ent->description = tor_malloc(dlen);
3723 if (nickname)
3724 tor_snprintf(ent->description, dlen, "directory server \"%s\" at %s:%d",
3725 nickname, hostname, (int)dir_port);
3726 else
3727 tor_snprintf(ent->description, dlen, "directory server at %s:%d",
3728 hostname, (int)dir_port);
3729
3730 ent->fake_status.addr = ent->addr;
3731 memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
3732 if (nickname)
3733 strlcpy(ent->fake_status.nickname, nickname,
3734 sizeof(ent->fake_status.nickname));
3735 else
3736 ent->fake_status.nickname[0] = '\0';
3737 ent->fake_status.dir_port = ent->dir_port;
3738 ent->fake_status.or_port = ent->or_port;
3739
3740 if (ent->or_port)
3741 ent->fake_status.version_supports_begindir = 1;
3742 /* XX021 - wait until authorities are upgraded */
3743 #if 0
3744 ent->fake_status.version_supports_conditional_consensus = 1;
3745 #else
3746 ent->fake_status.version_supports_conditional_consensus = 0;
3747 #endif
3748
3749 smartlist_add(trusted_dir_servers, ent);
3750 router_dir_info_changed();
3751 return ent;
3752 }
3753
3754 /** Free storage held in <b>cert</b>. */
3755 void
3756 authority_cert_free(authority_cert_t *cert)
3757 {
3758 if (!cert)
3759 return;
3760
3761 tor_free(cert->cache_info.signed_descriptor_body);
3762 if (cert->signing_key)
3763 crypto_free_pk_env(cert->signing_key);
3764 if (cert->identity_key)
3765 crypto_free_pk_env(cert->identity_key);
3766
3767 tor_free(cert);
3768 }
3769
3770 /** Free storage held in <b>ds</b>. */
3771 static void
3772 trusted_dir_server_free(trusted_dir_server_t *ds)
3773 {
3774 tor_free(ds->nickname);
3775 tor_free(ds->description);
3776 tor_free(ds->address);
3777 tor_free(ds);
3778 }
3779
3780 /** Remove all members from the list of trusted dir servers. */
3781 void
3782 clear_trusted_dir_servers(void)
3783 {
3784 if (trusted_dir_servers) {
3785 SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
3786 trusted_dir_server_free(ent));
3787 smartlist_clear(trusted_dir_servers);
3788 } else {
3789 trusted_dir_servers = smartlist_create();
3790 }
3791 router_dir_info_changed();
3792 }
3793
3794 /** Return 1 if any trusted dir server supports v1 directories,
3795 * else return 0. */
3796 int
3797 any_trusted_dir_is_v1_authority(void)
3798 {
3799 if (trusted_dir_servers)
3800 return get_n_authorities(V1_AUTHORITY) > 0;
3801
3802 return 0;
3803 }
3804
3805 /** For every current directory connection whose purpose is <b>purpose</b>,
3806 * and where the resource being downloaded begins with <b>prefix</b>, split
3807 * rest of the resource into base16 fingerprints, decode them, and set the
3808 * corresponding elements of <b>result</b> to a nonzero value. */
3809 static void
3810 list_pending_downloads(digestmap_t *result,
3811 int purpose, const char *prefix)
3812 {
3813 const size_t p_len = strlen(prefix);
3814 smartlist_t *tmp = smartlist_create();
3815 smartlist_t *conns = get_connection_array();
3816
3817 tor_assert(result);
3818
3819 SMARTLIST_FOREACH(conns, connection_t *, conn,
3820 {
3821 if (conn->type == CONN_TYPE_DIR &&
3822 conn->purpose == purpose &&
3823 !conn->marked_for_close) {
3824 const char *resource = TO_DIR_CONN(conn)->requested_resource;
3825 if (!strcmpstart(resource, prefix))
3826 dir_split_resource_into_fingerprints(resource + p_len,
3827 tmp, NULL, 1, 0);
3828 }
3829 });
3830 SMARTLIST_FOREACH(tmp, char *, d,
3831 {
3832 digestmap_set(result, d, (void*)1);
3833 tor_free(d);
3834 });
3835 smartlist_free(tmp);
3836 }
3837
3838 /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
3839 * true) we are currently downloading by descriptor digest, set result[d] to
3840 * (void*)1. */
3841 static void
3842 list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
3843 {
3844 int purpose =
3845 extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
3846 list_pending_downloads(result, purpose, "d/");
3847 }
3848
3849 /** Launch downloads for all the descriptors whose digests are listed
3850 * as digests[i] for lo <= i < hi. (Lo and hi may be out of range.)
3851 * If <b>source</b> is given, download from <b>source</b>; otherwise,
3852 * download from an appropriate random directory server.
3853 */
3854 static void
3855 initiate_descriptor_downloads(routerstatus_t *source,
3856 int purpose,
3857 smartlist_t *digests,
3858 int lo, int hi, int pds_flags)
3859 {
3860 int i, n = hi-lo;
3861 char *resource, *cp;
3862 size_t r_len;
3863 if (n <= 0)
3864 return;
3865 if (lo < 0)
3866 lo = 0;
3867 if (hi > smartlist_len(digests))
3868 hi = smartlist_len(digests);
3869
3870 r_len = 8 + (HEX_DIGEST_LEN+1)*n;
3871 cp = resource = tor_malloc(r_len);
3872 memcpy(cp, "d/", 2);
3873 cp += 2;
3874 for (i = lo; i < hi; ++i) {
3875 base16_encode(cp, r_len-(cp-resource),
3876 smartlist_get(digests,i), DIGEST_LEN);
3877 cp += HEX_DIGEST_LEN;
3878 *cp++ = '+';
3879 }
3880 memcpy(cp-1, ".z", 3);
3881
3882 if (source) {
3883 /* We know which authority we want. */
3884 directory_initiate_command_routerstatus(source, purpose,
3885 ROUTER_PURPOSE_GENERAL,
3886 0, /* not private */
3887 resource, NULL, 0, 0);
3888 } else {
3889 directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
3890 pds_flags);
3891 }
3892 tor_free(resource);
3893 }
3894
3895 /** Return 0 if this routerstatus is obsolete, too new, isn't
3896 * running, or otherwise not a descriptor that we would make any
3897 * use of even if we had it. Else return 1. */
3898 static INLINE int
3899 client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
3900 {
3901 if (!rs->is_running && !options->FetchUselessDescriptors) {
3902 /* If we had this router descriptor, we wouldn't even bother using it.
3903 * But, if we want to have a complete list, fetch it anyway. */
3904 return 0;
3905 }
3906 if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
3907 > now) {
3908 /* Most caches probably don't have this descriptor yet. */
3909 return 0;
3910 }
3911 if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
3912 /* We'd drop it immediately for being too old. */
3913 return 0;
3914 }
3915 return 1;
3916 }
3917
3918 /** Max amount of hashes to download per request.
3919 * Since squid does not like URLs >= 4096 bytes we limit it to 96.
3920 * 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
3921 * 4058/41 (40 for the hash and 1 for the + that separates them) => 98
3922 * So use 96 because it's a nice number.
3923 */
3924 #define MAX_DL_PER_REQUEST 96
3925 /** Don't split our requests so finely that we are requesting fewer than
3926 * this number per server. */
3927 #define MIN_DL_PER_REQUEST 4
3928 /** To prevent a single screwy cache from confusing us by selective reply,
3929 * try to split our requests into at least this this many requests. */
3930 #define MIN_REQUESTS 3
3931 /** If we want fewer than this many descriptors, wait until we
3932 * want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
3933 * passed. */
3934 #define MAX_DL_TO_DELAY 16
3935 /** When directory clients have only a few servers to request, they batch
3936 * them until they have more, or until this amount of time has passed. */
3937 #define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
3938
3939 /** Given a list of router descriptor digests in <b>downloadable</b>, decide
3940 * whether to delay fetching until we have more. If we don't want to delay,
3941 * launch one or more requests to the appropriate directory authorities. */
3942 static void
3943 launch_router_descriptor_downloads(smartlist_t *downloadable, time_t now)
3944 {
3945 int should_delay = 0, n_downloadable;
3946 or_options_t *options = get_options();
3947
3948 n_downloadable = smartlist_len(downloadable);
3949 if (!directory_fetches_dir_info_early(options)) {
3950 if (n_downloadable >= MAX_DL_TO_DELAY) {
3951 log_debug(LD_DIR,
3952 "There are enough downloadable routerdescs to launch requests.");
3953 should_delay = 0;
3954 } else {
3955 should_delay = (last_routerdesc_download_attempted +
3956 MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
3957 if (!should_delay && n_downloadable) {
3958 if (last_routerdesc_download_attempted) {
3959 log_info(LD_DIR,
3960 "There are not many downloadable routerdescs, but we've "
3961 "been waiting long enough (%d seconds). Downloading.",
3962 (int)(now-last_routerdesc_download_attempted));
3963 } else {
3964 log_info(LD_DIR,
3965 "There are not many downloadable routerdescs, but we haven't "
3966 "tried downloading descriptors recently. Downloading.");
3967 }
3968 }
3969 }
3970 }
3971 /* XXX should we consider having even the dir mirrors delay
3972 * a little bit, so we don't load the authorities as much? -RD
3973 * I don't think so. If we do, clients that want those descriptors may
3974 * not actually find them if the caches haven't got them yet. -NM
3975 */
3976
3977 if (! should_delay && n_downloadable) {
3978 int i, n_per_request;
3979 const char *req_plural = "", *rtr_plural = "";
3980 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
3981 if (! authdir_mode_any_nonhidserv(options)) {
3982 /* If we wind up going to the authorities, we want to only open one
3983 * connection to each authority at a time, so that we don't overload
3984 * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
3985 * regardless of whether we're a cache or not; it gets ignored if we're
3986 * not calling router_pick_trusteddirserver.
3987 *
3988 * Setting this flag can make initiate_descriptor_downloads() ignore
3989 * requests. We need to make sure that we do in fact call
3990 * update_router_descriptor_downloads() later on, once the connections
3991 * have succeeded or failed.
3992 */
3993 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH;
3994 }
3995
3996 n_per_request = (n_downloadable+MIN_REQUESTS-1) / MIN_REQUESTS;
3997 if (n_per_request > MAX_DL_PER_REQUEST)
3998 n_per_request = MAX_DL_PER_REQUEST;
3999 if (n_per_request < MIN_DL_PER_REQUEST)
4000 n_per_request = MIN_DL_PER_REQUEST;
4001
4002 if (n_downloadable > n_per_request)
4003 req_plural = rtr_plural = "s";
4004 else if (n_downloadable > 1)
4005 rtr_plural = "s";
4006
4007 log_info(LD_DIR,
4008 "Launching %d request%s for %d router%s, %d at a time",
4009 (n_downloadable+n_per_request-1)/n_per_request,
4010 req_plural, n_downloadable, rtr_plural, n_per_request);
4011 smartlist_sort_digests(downloadable);
4012 for (i=0; i < n_downloadable; i += n_per_request) {
4013 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_SERVERDESC,
4014 downloadable, i, i+n_per_request,
4015 pds_flags);
4016 }
4017 last_routerdesc_download_attempted = now;
4018 }
4019 }
4020
4021 /** Launch downloads for router status as needed, using the strategy used by
4022 * authorities and caches: based on the v2 networkstatuses we have, download
4023 * every descriptor we don't have but would serve, from a random authority
4024 * that lists it. */
4025 static void
4026 update_router_descriptor_cache_downloads_v2(time_t now)
4027 {
4028 smartlist_t **downloadable; /* For each authority, what can we dl from it? */
4029 smartlist_t **download_from; /* ... and, what will we dl from it? */
4030 digestmap_t *map; /* Which descs are in progress, or assigned? */
4031 int i, j, n;
4032 int n_download;
4033 or_options_t *options = get_options();
4034 const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
4035
4036 if (! directory_fetches_dir_info_early(options)) {
4037 log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
4038 "on a non-dir-mirror?");
4039 }
4040
4041 if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
4042 return;
4043
4044 map = digestmap_new();
4045 n = smartlist_len(networkstatus_v2_list);
4046
4047 downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
4048 download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
4049
4050 /* Set map[d]=1 for the digest of every descriptor that we are currently
4051 * downloading. */
4052 list_pending_descriptor_downloads(map, 0);
4053
4054 /* For the digest of every descriptor that we don't have, and that we aren't
4055 * downloading, add d to downloadable[i] if the i'th networkstatus knows
4056 * about that descriptor, and we haven't already failed to get that
4057 * descriptor from the corresponding authority.
4058 */
4059 n_download = 0;
4060 SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
4061 {
4062 trusted_dir_server_t *ds;
4063 smartlist_t *dl;
4064 dl = downloadable[ns_sl_idx] = smartlist_create();
4065 download_from[ns_sl_idx] = smartlist_create();
4066 if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
4067 /* Don't download if the networkstatus is almost ancient. */
4068 /* Actually, I suspect what's happening here is that we ask
4069 * for the descriptor when we have a given networkstatus,
4070 * and then we get a newer networkstatus, and then we receive
4071 * the descriptor. Having a networkstatus actually expire is
4072 * probably a rare event, and we'll probably be happiest if
4073 * we take this clause out. -RD */
4074 continue;
4075 }
4076
4077 /* Don't try dirservers that we think are down -- we might have
4078 * just tried them and just marked them as down. */
4079 ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
4080 if (ds && !ds->is_running)
4081 continue;
4082
4083 SMARTLIST_FOREACH(ns->entries, routerstatus_t * , rs,
4084 {
4085 if (!rs->need_to_mirror)
4086 continue;
4087 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4088 log_warn(LD_BUG,
4089 "We have a router descriptor, but need_to_mirror=1.");
4090 rs->need_to_mirror = 0;
4091 continue;
4092 }
4093 if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
4094 rs->need_to_mirror = 0;
4095 continue;
4096 }
4097 if (digestmap_get(map, rs->descriptor_digest)) {
4098 /* We're downloading it already. */
4099 continue;
4100 } else {
4101 /* We could download it from this guy. */
4102 smartlist_add(dl, rs->descriptor_digest);
4103 ++n_download;
4104 }
4105 });
4106 });
4107
4108 /* At random, assign descriptors to authorities such that:
4109 * - if d is a member of some downloadable[x], d is a member of some
4110 * download_from[y]. (Everything we want to download, we try to download
4111 * from somebody.)
4112 * - If d is a member of download_from[y], d is a member of downloadable[y].
4113 * (We only try to download descriptors from authorities who claim to have
4114 * them.)
4115 * - No d is a member of download_from[x] and download_from[y] s.t. x != y.
4116 * (We don't try to download anything from two authorities concurrently.)
4117 */
4118 while (n_download) {
4119 int which_ns = crypto_rand_int(n);
4120 smartlist_t *dl = downloadable[which_ns];
4121 int idx;
4122 char *d;
4123 if (!smartlist_len(dl))
4124 continue;
4125 idx = crypto_rand_int(smartlist_len(dl));
4126 d = smartlist_get(dl, idx);
4127 if (! digestmap_get(map, d)) {
4128 smartlist_add(download_from[which_ns], d);
4129 digestmap_set(map, d, (void*) 1);
4130 }
4131 smartlist_del(dl, idx);
4132 --n_download;
4133 }
4134
4135 /* Now, we can actually launch our requests. */
4136 for (i=0; i<n; ++i) {
4137 networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
4138 trusted_dir_server_t *ds =
4139 router_get_trusteddirserver_by_digest(ns->identity_digest);
4140 smartlist_t *dl = download_from[i];
4141 int pds_flags = PDS_RETRY_IF_NO_SERVERS;
4142 if (! authdir_mode_any_nonhidserv(options))
4143 pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
4144
4145 if (!ds) {
4146 log_info(LD_DIR, "Networkstatus with no corresponding authority!");
4147 continue;
4148 }
4149 if (! smartlist_len(dl))
4150 continue;
4151 log_info(LD_DIR, "Requesting %d descriptors from authority \"%s\"",
4152 smartlist_len(dl), ds->nickname);
4153 for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
4154 initiate_descriptor_downloads(&(ds->fake_status),
4155 DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
4156 j+MAX_DL_PER_REQUEST, pds_flags);
4157 }
4158 }
4159
4160 for (i=0; i<n; ++i) {
4161 smartlist_free(download_from[i]);
4162 smartlist_free(downloadable[i]);
4163 }
4164 tor_free(download_from);
4165 tor_free(downloadable);
4166 digestmap_free(map,NULL);
4167 }
4168
4169 /** For any descriptor that we want that's currently listed in the live
4170 * consensus, download it as appropriate. */
4171 static void
4172 update_consensus_router_descriptor_downloads(time_t now)
4173 {
4174 or_options_t *options = get_options();
4175 digestmap_t *map = NULL;
4176 smartlist_t *no_longer_old = smartlist_create();
4177 smartlist_t *downloadable = smartlist_create();
4178 int authdir = authdir_mode(options);
4179 networkstatus_t *consensus =
4180 networkstatus_get_reasonably_live_consensus(now);
4181 int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
4182 n_inprogress=0, n_in_oldrouters=0;
4183
4184 if (directory_too_idle_to_fetch_descriptors(options, now))
4185 goto done;
4186 if (!consensus)
4187 goto done;
4188
4189 map = digestmap_new();
4190 list_pending_descriptor_downloads(map, 0);
4191 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4192 {
4193 signed_descriptor_t *sd;
4194 if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
4195 routerinfo_t *ri;
4196 ++n_have;
4197 if (!(ri = router_get_by_digest(rs->identity_digest)) ||
4198 memcmp(ri->cache_info.signed_descriptor_digest,
4199 sd->signed_descriptor_digest, DIGEST_LEN)) {
4200 /* We have a descriptor with this digest, but either there is no
4201 * entry in routerlist with the same ID (!ri), or there is one,
4202 * but the identity digest differs (memcmp).
4203 */
4204 smartlist_add(no_longer_old, sd);
4205 ++n_in_oldrouters; /* We have it in old_routers. */
4206 }
4207 continue; /* We have it already. */
4208 }
4209 if (digestmap_get(map, rs->descriptor_digest)) {
4210 ++n_inprogress;
4211 continue; /* We have an in-progress download. */
4212 }
4213 if (!download_status_is_ready(&rs->dl_status, now,
4214 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4215 ++n_delayed; /* Not ready for retry. */
4216 continue;
4217 }
4218 if (authdir && dirserv_would_reject_router(rs)) {
4219 ++n_would_reject;
4220 continue; /* We would throw it out immediately. */
4221 }
4222 if (!directory_caches_dir_info(options) &&
4223 !client_would_use_router(rs, now, options)) {
4224 ++n_wouldnt_use;
4225 continue; /* We would never use it ourself. */
4226 }
4227 smartlist_add(downloadable, rs->descriptor_digest);
4228 });
4229
4230 if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
4231 && smartlist_len(no_longer_old)) {
4232 routerlist_t *rl = router_get_routerlist();
4233 log_info(LD_DIR, "%d router descriptors listed in consensus are "
4234 "currently in old_routers; making them current.",
4235 smartlist_len(no_longer_old));
4236 SMARTLIST_FOREACH(no_longer_old, signed_descriptor_t *, sd, {
4237 const char *msg;
4238 was_router_added_t r;
4239 routerinfo_t *ri = routerlist_reparse_old(rl, sd);
4240 if (!ri) {
4241 log_warn(LD_BUG, "Failed to re-parse a router.");
4242 continue;
4243 }
4244 r = router_add_to_routerlist(ri, &msg, 1, 0);
4245 if (WRA_WAS_OUTDATED(r)) {
4246 log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
4247 msg?msg:"???");
4248 }
4249 });
4250 routerlist_assert_ok(rl);
4251 }
4252
4253 log_info(LD_DIR,
4254 "%d router descriptors downloadable. %d delayed; %d present "
4255 "(%d of those were in old_routers); %d would_reject; "
4256 "%d wouldnt_use; %d in progress.",
4257 smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
4258 n_would_reject, n_wouldnt_use, n_inprogress);
4259
4260 launch_router_descriptor_downloads(downloadable, now);
4261
4262 digestmap_free(map, NULL);
4263 done:
4264 smartlist_free(downloadable);
4265 smartlist_free(no_longer_old);
4266 }
4267
4268 /** How often should we launch a server/authority request to be sure of getting
4269 * a guess for our IP? */
4270 /*XXXX021 this info should come from netinfo cells or something, or we should
4271 * do this only when we aren't seeing incoming data. see bug 652. */
4272 #define DUMMY_DOWNLOAD_INTERVAL (20*60)
4273
4274 /** Launch downloads for router status as needed. */
4275 void
4276 update_router_descriptor_downloads(time_t now)
4277 {
4278 or_options_t *options = get_options();
4279 static time_t last_dummy_download = 0;
4280 if (should_delay_dir_fetches(options))
4281 return;
4282 if (directory_fetches_dir_info_early(options)) {
4283 update_router_descriptor_cache_downloads_v2(now);
4284 }
4285 update_consensus_router_descriptor_downloads(now);
4286
4287 /* XXXX021 we could be smarter here; see notes on bug 652. */
4288 /* If we're a server that doesn't have a configured address, we rely on
4289 * directory fetches to learn when our address changes. So if we haven't
4290 * tried to get any routerdescs in a long time, try a dummy fetch now. */
4291 if (!options->Address &&
4292 server_mode(options) &&
4293 last_routerdesc_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
4294 last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
4295 last_dummy_download = now;
4296 directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
4297 ROUTER_PURPOSE_GENERAL, "authority.z",
4298 PDS_RETRY_IF_NO_SERVERS);
4299 }
4300 }
4301
4302 /** Launch extrainfo downloads as needed. */
4303 void
4304 update_extrainfo_downloads(time_t now)
4305 {
4306 or_options_t *options = get_options();
4307 routerlist_t *rl;
4308 smartlist_t *wanted;
4309 digestmap_t *pending;
4310 int old_routers, i;
4311 int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
4312 if (! options->DownloadExtraInfo)
4313 return;
4314 if (should_delay_dir_fetches(options))
4315 return;
4316 if (!router_have_minimum_dir_info())
4317 return;
4318
4319 pending = digestmap_new();
4320 list_pending_descriptor_downloads(pending, 1);
4321 rl = router_get_routerlist();
4322 wanted = smartlist_create();
4323 for (old_routers = 0; old_routers < 2; ++old_routers) {
4324 smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
4325 for (i = 0; i < smartlist_len(lst); ++i) {
4326 signed_descriptor_t *sd;
4327 char *d;
4328 if (old_routers)
4329 sd = smartlist_get(lst, i);
4330 else
4331 sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
4332 if (sd->is_extrainfo)
4333 continue; /* This should never happen. */
4334 if (old_routers && !router_get_by_digest(sd->identity_digest))
4335 continue; /* Couldn't check the signature if we got it. */
4336 if (sd->extrainfo_is_bogus)
4337 continue;
4338 d = sd->extra_info_digest;
4339 if (tor_digest_is_zero(d)) {
4340 ++n_no_ei;
4341 continue;
4342 }
4343 if (eimap_get(rl->extra_info_map, d)) {
4344 ++n_have;
4345 continue;
4346 }
4347 if (!download_status_is_ready(&sd->ei_dl_status, now,
4348 MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
4349 ++n_delay;
4350 continue;
4351 }
4352 if (digestmap_get(pending, d)) {
4353 ++n_pending;
4354 continue;
4355 }
4356 smartlist_add(wanted, d);
4357 }
4358 }
4359 digestmap_free(pending, NULL);
4360
4361 log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
4362 "with present ei, %d delaying, %d pending, %d downloadable.",
4363 n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
4364
4365 smartlist_shuffle(wanted);
4366 for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
4367 initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
4368 wanted, i, i + MAX_DL_PER_REQUEST,
4369 PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
4370 }
4371
4372 smartlist_free(wanted);
4373 }
4374
4375 /** True iff, the last time we checked whether we had enough directory info
4376 * to build circuits, the answer was "yes". */
4377 static int have_min_dir_info = 0;
4378 /** True iff enough has changed since the last time we checked whether we had
4379 * enough directory info to build circuits that our old answer can no longer
4380 * be trusted. */
4381 static int need_to_update_have_min_dir_info = 1;
4382 /** String describing what we're missing before we have enough directory
4383 * info. */
4384 static char dir_info_status[128] = "";
4385
4386 /** Return true iff we have enough networkstatus and router information to
4387 * start building circuits. Right now, this means "more than half the
4388 * networkstatus documents, and at least 1/4 of expected routers." */
4389 //XXX should consider whether we have enough exiting nodes here.
4390 int
4391 router_have_minimum_dir_info(void)
4392 {
4393 if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
4394 update_router_have_minimum_dir_info();
4395 need_to_update_have_min_dir_info = 0;
4396 }
4397 return have_min_dir_info;
4398 }
4399
4400 /** Called when our internal view of the directory has changed. This can be
4401 * when the authorities change, networkstatuses change, the list of routerdescs
4402 * changes, or number of running routers changes.
4403 */
4404 void
4405 router_dir_info_changed(void)
4406 {
4407 need_to_update_have_min_dir_info = 1;
4408 rend_hsdir_routers_changed();
4409 }
4410
4411 /** Return a string describing what we're missing before we have enough
4412 * directory info. */
4413 const char *
4414 get_dir_info_status_string(void)
4415 {
4416 return dir_info_status;
4417 }
4418
4419 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
4420 * them seem like ones we'd use, and how many of <em>those</em> we have
4421 * descriptors for. Store the former in *<b>num_usable</b> and the latter in
4422 * *<b>num_present</b>. */
4423 static void
4424 count_usable_descriptors(int *num_present, int *num_usable,
4425 const networkstatus_t *consensus,
4426 or_options_t *options, time_t now)
4427 {
4428 *num_present = 0, *num_usable=0;
4429
4430 SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
4431 {
4432 if (client_would_use_router(rs, now, options)) {
4433 ++*num_usable; /* the consensus says we want it. */
4434 if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
4435 /* we have the descriptor listed in the consensus. */
4436 ++*num_present;
4437 }
4438 }
4439 });
4440
4441 log_debug(LD_DIR, "%d usable, %d present.", *num_usable, *num_present);
4442 }
4443
4444 /** We just fetched a new set of descriptors. Compute how far through
4445 * the "loading descriptors" bootstrapping phase we are, so we can inform
4446 * the controller of our progress. */
4447 int
4448 count_loading_descriptors_progress(void)
4449 {
4450 int num_present = 0, num_usable=0;
4451 time_t now = time(NULL);
4452 const networkstatus_t *consensus =
4453 networkstatus_get_reasonably_live_consensus(now);
4454 double fraction;
4455
4456 if (!consensus)
4457 return 0; /* can't count descriptors if we have no list of them */
4458
4459 count_usable_descriptors(&num_present, &num_usable,
4460 consensus, get_options(), now);
4461
4462 if (num_usable == 0)
4463 return 0; /* don't div by 0 */
4464 fraction = num_present / (num_usable/4.);
4465 if (fraction > 1.0)
4466 return 0; /* it's not the number of descriptors holding us back */
4467 return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
4468 (fraction*(BOOTSTRAP_STATUS_CONN_OR-1 -
4469 BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
4470 }
4471
4472 /** Change the value of have_min_dir_info, setting it true iff we have enough
4473 * network and router information to build circuits. Clear the value of
4474 * need_to_update_have_min_dir_info. */
4475 static void
4476 update_router_have_minimum_dir_info(void)
4477 {
4478 int num_present = 0, num_usable=0;
4479 time_t now = time(NULL);
4480 int res;
4481 or_options_t *options = get_options();
4482 const networkstatus_t *consensus =
4483 networkstatus_get_reasonably_live_consensus(now);
4484
4485 if (!consensus) {
4486 if (!networkstatus_get_latest_consensus())
4487 strlcpy(dir_info_status, "We have no network-status consensus.",
4488 sizeof(dir_info_status));
4489 else
4490 strlcpy(dir_info_status, "We have no recent network-status consensus.",
4491 sizeof(dir_info_status));
4492 res = 0;
4493 goto done;
4494 }
4495
4496 if (should_delay_dir_fetches(get_options())) {
4497 log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
4498 strlcpy(dir_info_status, "No live bridge descriptors.",
4499 sizeof(dir_info_status));
4500 res = 0;
4501 goto done;
4502 }
4503
4504 count_usable_descriptors(&num_present, &num_usable, consensus, options, now);
4505
4506 if (num_present < num_usable/4) {
4507 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4508 "We have only %d/%d usable descriptors.", num_present, num_usable);
4509 res = 0;
4510 control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
4511 } else if (num_present < 2) {
4512 tor_snprintf(dir_info_status, sizeof(dir_info_status),
4513 "Only %d descriptor%s here and believed reachable!",
4514 num_present, num_present ? "" : "s");
4515 res = 0;
4516 } else {
4517 res = 1;
4518 }
4519
4520 done:
4521 if (res && !have_min_dir_info) {
4522 log(LOG_NOTICE, LD_DIR,
4523 "We now have enough directory information to build circuits.");
4524 control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
4525 control_event_bootstrap(BOOTSTRAP_STATUS_CONN_OR, 0);
4526 }
4527 if (!res && have_min_dir_info) {
4528 int quiet = directory_too_idle_to_fetch_descriptors(options, now);
4529 log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
4530 "Our directory information is no longer up-to-date "
4531 "enough to build circuits: %s", dir_info_status);
4532 control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
4533 }
4534 have_min_dir_info = res;
4535 need_to_update_have_min_dir_info = 0;
4536 }
4537
4538 /** Reset the descriptor download failure count on all routers, so that we
4539 * can retry any long-failed routers immediately.
4540 */
4541 void
4542 router_reset_descriptor_download_failures(void)
4543 {
4544 networkstatus_reset_download_failures();
4545 last_routerdesc_download_attempted = 0;
4546 if (!routerlist)
4547 return;
4548 SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
4549 {
4550 download_status_reset(&ri->cache_info.ei_dl_status);
4551 });
4552 SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
4553 {
4554 download_status_reset(&sd->ei_dl_status);
4555 });
4556 }
4557
4558 /** Any changes in a router descriptor's publication time larger than this are
4559 * automatically non-cosmetic. */
4560 #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (12*60*60)
4561
4562 /** We allow uptime to vary from how much it ought to be by this much. */
4563 #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
4564
4565 /** Return true iff the only differences between r1 and r2 are such that
4566 * would not cause a recent (post 0.1.1.6) dirserver to republish.
4567 */
4568 int
4569 router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
4570 {
4571 time_t r1pub, r2pub;
4572 long time_difference;
4573 tor_assert(r1 && r2);
4574
4575 /* r1 should be the one that was published first. */
4576 if (r1->cache_info.published_on > r2->cache_info.published_on) {
4577 routerinfo_t *ri_tmp = r2;
4578 r2 = r1;
4579 r1 = ri_tmp;
4580 }
4581
4582 /* If any key fields differ, they're different. */
4583 if (strcasecmp(r1->address, r2->address) ||
4584 strcasecmp(r1->nickname, r2->nickname) ||
4585 r1->or_port != r2->or_port ||
4586 r1->dir_port != r2->dir_port ||
4587 r1->purpose != r2->purpose ||
4588 crypto_pk_cmp_keys(r1->onion_pkey, r2->onion_pkey) ||
4589 crypto_pk_cmp_keys(r1->identity_pkey, r2->identity_pkey) ||
4590 strcasecmp(r1->platform, r2->platform) ||
4591 (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
4592 (!r1->contact_info && r2->contact_info) ||
4593 (r1->contact_info && r2->contact_info &&
4594 strcasecmp(r1->contact_info, r2->contact_info)) ||
4595 r1->is_hibernating != r2->is_hibernating ||
4596 r1->has_old_dnsworkers != r2->has_old_dnsworkers ||
4597 cmp_addr_policies(r1->exit_policy, r2->exit_policy))
4598 return 0;
4599 if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
4600 return 0;
4601 if (r1->declared_family && r2->declared_family) {
4602 int i, n;
4603 if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
4604 return 0;
4605 n = smartlist_len(r1->declared_family);
4606 for (i=0; i < n; ++i) {
4607 if (strcasecmp(smartlist_get(r1->declared_family, i),
4608 smartlist_get(r2->declared_family, i)))
4609 return 0;
4610 }
4611 }
4612
4613 /* Did bandwidth change a lot? */
4614 if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
4615 (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
4616 return 0;
4617
4618 /* Did the bandwidthrate or bandwidthburst change? */
4619 if ((r1->bandwidthrate != r2->bandwidthrate) ||
4620 (r1->bandwidthburst != r2->bandwidthburst))
4621 return 0;
4622
4623 /* Did more than 12 hours pass? */
4624 if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
4625 < r2->cache_info.published_on)
4626 return 0;
4627
4628 /* Did uptime fail to increase by approximately the amount we would think,
4629 * give or take some slop? */
4630 r1pub = r1->cache_info.published_on;
4631 r2pub = r2->cache_info.published_on;
4632 time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
4633 if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
4634 time_difference > r1->uptime * .05 &&
4635 time_difference > r2->uptime * .05)
4636 return 0;
4637
4638 /* Otherwise, the difference is cosmetic. */
4639 return 1;
4640 }
4641
4642 /** Check whether <b>ri</b> (a.k.a. sd) is a router compatible with the
4643 * extrainfo document
4644 * <b>ei</b>. If no router is compatible with <b>ei</b>, <b>ei</b> should be
4645 * dropped. Return 0 for "compatible", return 1 for "reject, and inform
4646 * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
4647 * <b>msg</b> is present, set *<b>msg</b> to a description of the
4648 * incompatibility (if any).
4649 **/
4650 int
4651 routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
4652 signed_descriptor_t *sd,
4653 const char **msg)
4654 {
4655 int digest_matches, r=1;
4656 tor_assert(ri);
4657 tor_assert(ei);
4658 if (!sd)
4659 sd = &ri->cache_info;
4660
4661 if (ei->bad_sig) {
4662 if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
4663 return 1;
4664 }
4665
4666 digest_matches = !memcmp(ei->cache_info.signed_descriptor_digest,
4667 sd->extra_info_digest, DIGEST_LEN);
4668
4669 /* The identity must match exactly to have been generated at the same time
4670 * by the same router. */
4671 if (memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
4672 DIGEST_LEN)) {
4673 if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
4674 goto err; /* different servers */
4675 }
4676
4677 if (ei->pending_sig) {
4678 char signed_digest[128];
4679 if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
4680 ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
4681 memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
4682 DIGEST_LEN)) {
4683 ei->bad_sig = 1;
4684 tor_free(ei->pending_sig);
4685 if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
4686 goto err; /* Bad signature, or no match. */
4687 }
4688
4689 ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
4690 tor_free(ei->pending_sig);
4691 }
4692
4693 if (ei->cache_info.published_on < sd->published_on) {
4694 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4695 goto err;
4696 } else if (ei->cache_info.published_on > sd->published_on) {
4697 if (msg) *msg = "Extrainfo published time did not match routerdesc";
4698 r = -1;
4699 goto err;
4700 }
4701
4702 if (!digest_matches) {
4703 if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
4704 goto err; /* Digest doesn't match declared value. */
4705 }
4706
4707 return 0;
4708 err:
4709 if (digest_matches) {
4710 /* This signature was okay, and the digest was right: This is indeed the
4711 * corresponding extrainfo. But insanely, it doesn't match the routerinfo
4712 * that lists it. Don't try to fetch this one again. */
4713 sd->extrainfo_is_bogus = 1;
4714 }
4715
4716 return r;
4717 }
4718
4719 /** Assert that the internal representation of <b>rl</b> is
4720 * self-consistent. */
4721 void
4722 routerlist_assert_ok(routerlist_t *rl)
4723 {
4724 routerinfo_t *r2;
4725 signed_descriptor_t *sd2;
4726 if (!rl)
4727 return;
4728 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
4729 {
4730 r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
4731 tor_assert(r == r2);
4732 sd2 = sdmap_get(rl->desc_digest_map,
4733 r->cache_info.signed_descriptor_digest);
4734 tor_assert(&(r->cache_info) == sd2);
4735 tor_assert(r->cache_info.routerlist_index == r_sl_idx);
4736 /* XXXX
4737 *
4738 * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
4739 * commenting this out is just a band-aid.
4740 *
4741 * The problem is that, although well-behaved router descriptors
4742 * should never have the same value for their extra_info_digest, it's
4743 * possible for ill-behaved routers to claim whatever they like there.
4744 *
4745 * The real answer is to trash desc_by_eid_map and instead have
4746 * something that indicates for a given extra-info digest we want,
4747 * what its download status is. We'll do that as a part of routerlist
4748 * refactoring once consensus directories are in. For now,
4749 * this rep violation is probably harmless: an adversary can make us
4750 * reset our retry count for an extrainfo, but that's not the end
4751 * of the world. Changing the representation in 0.2.0.x would just
4752 * destabilize the codebase.
4753 if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
4754 signed_descriptor_t *sd3 =
4755 sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
4756 tor_assert(sd3 == &(r->cache_info));
4757 }
4758 */
4759 });
4760 SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
4761 {
4762 r2 = rimap_get(rl->identity_map, sd->identity_digest);
4763 tor_assert(sd != &(r2->cache_info));
4764 sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
4765 tor_assert(sd == sd2);
4766 tor_assert(sd->routerlist_index == sd_sl_idx);
4767 /* XXXX see above.
4768 if (!tor_digest_is_zero(sd->extra_info_digest)) {
4769 signed_descriptor_t *sd3 =
4770 sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
4771 tor_assert(sd3 == sd);
4772 }
4773 */
4774 });
4775
4776 RIMAP_FOREACH(rl->identity_map, d, r) {
4777 tor_assert(!memcmp(r->cache_info.identity_digest, d, DIGEST_LEN));
4778 } DIGESTMAP_FOREACH_END;
4779 SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
4780 tor_assert(!memcmp(sd->signed_descriptor_digest, d, DIGEST_LEN));
4781 } DIGESTMAP_FOREACH_END;
4782 SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
4783 tor_assert(!tor_digest_is_zero(d));
4784 tor_assert(sd);
4785 tor_assert(!memcmp(sd->extra_info_digest, d, DIGEST_LEN));
4786 } DIGESTMAP_FOREACH_END;
4787 EIMAP_FOREACH(rl->extra_info_map, d, ei) {
4788 signed_descriptor_t *sd;
4789 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4790 d, DIGEST_LEN));
4791 sd = sdmap_get(rl->desc_by_eid_map,
4792 ei->cache_info.signed_descriptor_digest);
4793 // tor_assert(sd); // XXXX see above
4794 if (sd) {
4795 tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
4796 sd->extra_info_digest, DIGEST_LEN));
4797 }
4798 } DIGESTMAP_FOREACH_END;
4799 }
4800
4801 /** Allocate and return a new string representing the contact info
4802 * and platform string for <b>router</b>,
4803 * surrounded by quotes and using standard C escapes.
4804 *
4805 * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
4806 * thread. Also, each call invalidates the last-returned value, so don't
4807 * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
4808 *
4809 * If <b>router</b> is NULL, it just frees its internal memory and returns.
4810 */
4811 const char *
4812 esc_router_info(routerinfo_t *router)
4813 {
4814 static char *info=NULL;
4815 char *esc_contact, *esc_platform;
4816 size_t len;
4817 if (info)
4818 tor_free(info);
4819 if (!router)
4820 return NULL; /* we're exiting; just free the memory we use */
4821
4822 esc_contact = esc_for_log(router->contact_info);
4823 esc_platform = esc_for_log(router->platform);
4824
4825 len = strlen(esc_contact)+strlen(esc_platform)+32;
4826 info = tor_malloc(len);
4827 tor_snprintf(info, len, "Contact %s, Platform %s", esc_contact,
4828 esc_platform);
4829 tor_free(esc_contact);
4830 tor_free(esc_platform);
4831
4832 return info;
4833 }
4834
4835 /** Helper for sorting: compare two routerinfos by their identity
4836 * digest. */
4837 static int
4838 _compare_routerinfo_by_id_digest(const void **a, const void **b)
4839 {
4840 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
4841 return memcmp(first->cache_info.identity_digest,
4842 second->cache_info.identity_digest,
4843 DIGEST_LEN);
4844 }
4845
4846 /** Sort a list of routerinfo_t in ascending order of identity digest. */
4847 void
4848 routers_sort_by_identity(smartlist_t *routers)
4849 {
4850 smartlist_sort(routers, _compare_routerinfo_by_id_digest);
4851 }
4852
4853 /** A routerset specifies constraints on a set of possible routerinfos, based
4854 * on their names, identities, or addresses. It is optimized for determining
4855 * whether a router is a member or not, in O(1+P) time, where P is the number
4856 * of address policy constraints. */
4857 struct routerset_t {
4858 /** A list of strings for the elements of the policy. Each string is either
4859 * a nickname, a hexadecimal identity fingerprint, or an address policy. A
4860 * router belongs to the set if its nickname OR its identity OR its address
4861 * matches an entry here. */
4862 smartlist_t *list;
4863 /** A map from lowercase nicknames of routers in the set to (void*)1 */
4864 strmap_t *names;
4865 /** A map from identity digests routers in the set to (void*)1 */
4866 digestmap_t *digests;
4867 /** An address policy for routers in the set. For implementation reasons,
4868 * a router belongs to the set if it is _rejected_ by this policy. */
4869 smartlist_t *policies;
4870
4871 /** A human-readable description of what this routerset is for. Used in
4872 * log messages. */
4873 char *description;
4874
4875 /** A list of the country codes in this set. */
4876 smartlist_t *country_names;
4877 /** Total number of countries we knew about when we built <b>countries</b>.*/
4878 int n_countries;
4879 /** Bit array mapping the return value of geoip_get_country() to 1 iff the
4880 * country is a member of this routerset. Note that we MUST call
4881 * routerset_refresh_countries() whenever the geoip country list is
4882 * reloaded. */
4883 bitarray_t *countries;
4884 };
4885
4886 /** Return a new empty routerset. */
4887 routerset_t *
4888 routerset_new(void)
4889 {
4890 routerset_t *result = tor_malloc_zero(sizeof(routerset_t));
4891 result->list = smartlist_create();
4892 result->names = strmap_new();
4893 result->digests = digestmap_new();
4894 result->policies = smartlist_create();
4895 result->country_names = smartlist_create();
4896 return result;
4897 }
4898
4899 /** If <b>c</b> is a country code in the form {cc}, return a newly allocated
4900 * string holding the "cc" part. Else, return NULL. */
4901 static char *
4902 routerset_get_countryname(const char *c)
4903 {
4904 char *country;
4905
4906 if (strlen(c) < 4 || c[0] !='{' || c[3] !='}')
4907 return NULL;
4908
4909 country = tor_strndup(c+1, 2);
4910 tor_strlower(country);
4911 return country;
4912 }
4913
4914 #if 0
4915 /** Add the GeoIP database's integer index (+1) of a valid two-character
4916 * country code to the routerset's <b>countries</b> bitarray. Return the
4917 * integer index if the country code is valid, -1 otherwise.*/
4918 static int
4919 routerset_add_country(const char *c)
4920 {
4921 char country[3];
4922 country_t cc;
4923
4924 /* XXXX: Country codes must be of the form \{[a-z\?]{2}\} but this accepts
4925 \{[.]{2}\}. Do we need to be strict? -RH */
4926 /* Nope; if the country code is bad, we'll get 0 when we look it up. */
4927
4928 if (!geoip_is_loaded()) {
4929 log(LOG_WARN, LD_CONFIG, "GeoIP database not loaded: Cannot add country"
4930 "entry %s, ignoring.", c);
4931 return -1;
4932 }
4933
4934 memcpy(country, c+1, 2);
4935 country[2] = '\0';
4936 tor_strlower(country);
4937
4938 if ((cc=geoip_get_country(country))==-1) {
4939 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not valid, ignoring.",
4940 country);
4941 }
4942 return cc;
4943 }
4944 #endif
4945
4946 /** Update the routerset's <b>countries</b> bitarray_t. Called whenever
4947 * the GeoIP database is reloaded.
4948 */
4949 void
4950 routerset_refresh_countries(routerset_t *target)
4951 {
4952 int cc;
4953 if (target->countries) {
4954 bitarray_free(target->countries);
4955 }
4956 if (!geoip_is_loaded()) {
4957 target->countries = NULL;
4958 target->n_countries = 0;
4959 return;
4960 }
4961 target->n_countries = geoip_get_n_countries();
4962 target->countries = bitarray_init_zero(target->n_countries);
4963 SMARTLIST_FOREACH_BEGIN(target->country_names, const char *, country) {
4964 cc = geoip_get_country(country);
4965 if (cc >= 0) {
4966 tor_assert(cc < target->n_countries);
4967 bitarray_set(target->countries, cc);
4968 } else {
4969 log(LOG_WARN, LD_CONFIG, "Country code '%s' is not recognized.",
4970 country);
4971 }
4972 } SMARTLIST_FOREACH_END(country);
4973 }
4974
4975 /** Parse the string <b>s</b> to create a set of routerset entries, and add
4976 * them to <b>target</b>. In log messages, refer to the string as
4977 * <b>description</b>. Return 0 on success, -1 on failure.
4978 *
4979 * Three kinds of elements are allowed in routersets: nicknames, IP address
4980 * patterns, and fingerprints. They may be surrounded by optional space, and
4981 * must be separated by commas.
4982 */
4983 int
4984 routerset_parse(routerset_t *target, const char *s, const char *description)
4985 {
4986 int r = 0;
4987 int added_countries = 0;
4988 char *countryname;
4989 smartlist_t *list = smartlist_create();
4990 smartlist_split_string(list, s, ",",
4991 SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
4992 SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
4993 addr_policy_t *p;
4994 if (is_legal_hexdigest(nick)) {
4995 char d[DIGEST_LEN];
4996 if (*nick == '$')
4997 ++nick;
4998 log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
4999 base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
5000 digestmap_set(target->digests, d, (void*)1);
5001 } else if (is_legal_nickname(nick)) {
5002 log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
5003 strmap_set_lc(target->names, nick, (void*)1);
5004 } else if ((countryname = routerset_get_countryname(nick)) != NULL) {
5005 log_debug(LD_CONFIG, "Adding country %s to %s", nick,
5006 description);
5007 smartlist_add(target->country_names, countryname);
5008 added_countries = 1;
5009 } else if ((strchr(nick,'.') || strchr(nick, '*')) &&
5010 (p = router_parse_addr_policy_item_from_string(
5011 nick, ADDR_POLICY_REJECT))) {
5012 log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
5013 smartlist_add(target->policies, p);
5014 } else {
5015 log_warn(LD_CONFIG, "Entry '%s' in %s is misformed.", nick,
5016 description);
5017 r = -1;
5018 tor_free(nick);
5019 SMARTLIST_DEL_CURRENT(list, nick);
5020 }
5021 } SMARTLIST_FOREACH_END(nick);
5022 smartlist_add_all(target->list, list);
5023 smartlist_free(list);
5024 if (added_countries)
5025 routerset_refresh_countries(target);
5026 return r;
5027 }
5028
5029 /** DOCDOC */
5030 void
5031 refresh_all_country_info(void)
5032 {
5033 or_options_t *options = get_options();
5034
5035 if (options->EntryNodes)
5036 routerset_refresh_countries(options->EntryNodes);
5037 if (options->ExitNodes)
5038 routerset_refresh_countries(options->ExitNodes);
5039 if (options->ExcludeNodes)
5040 routerset_refresh_countries(options->ExcludeNodes);
5041 if (options->ExcludeExitNodes)
5042 routerset_refresh_countries(options->ExcludeExitNodes);
5043 if (options->_ExcludeExitNodesUnion)
5044 routerset_refresh_countries(options->_ExcludeExitNodesUnion);
5045
5046 routerlist_refresh_countries();
5047 }
5048
5049 /** Add all members of the set <b>source</b> to <b>target</b>. */
5050 void
5051 routerset_union(routerset_t *target, const routerset_t *source)
5052 {
5053 char *s;
5054 tor_assert(target);
5055 if (!source || !source->list)
5056 return;
5057 s = routerset_to_string(source);
5058 routerset_parse(target, s, "other routerset");
5059 tor_free(s);
5060 }
5061
5062 /** Return true iff <b>set</b> lists only nicknames and digests, and includes
5063 * no IP ranges or countries. */
5064 int
5065 routerset_is_list(const routerset_t *set)
5066 {
5067 return smartlist_len(set->country_names) == 0 &&
5068 smartlist_len(set->policies) == 0;
5069 }
5070
5071 /** Return true iff we need a GeoIP IP-to-country database to make sense of
5072 * <b>set</b>. */
5073 int
5074 routerset_needs_geoip(const routerset_t *set)
5075 {
5076 return set && smartlist_len(set->country_names);
5077 }
5078
5079 /** Return true iff there are no entries in <b>set</b>. */
5080 static int
5081 routerset_is_empty(const routerset_t *set)
5082 {
5083 return !set || smartlist_len(set->list) == 0;
5084 }
5085
5086 /** Helper. Return true iff <b>set</b> contains a router based on the other
5087 * provided fields. Return higher values for more specific subentries: a
5088 * single router is more specific than an address range of routers, which is
5089 * more specific in turn than a country code.
5090 *
5091 * (If country is -1, then we take the country
5092 * from addr.) */
5093 static int
5094 routerset_contains(const routerset_t *set, const tor_addr_t *addr,
5095 uint16_t orport,
5096 const char *nickname, const char *id_digest, int is_named,
5097 country_t country)
5098 {
5099 if (!set || !set->list) return 0;
5100 (void) is_named; /* not supported */
5101 if (nickname && strmap_get_lc(set->names, nickname))
5102 return 4;
5103 if (id_digest && digestmap_get(set->digests, id_digest))
5104 return 4;
5105 if (addr && compare_tor_addr_to_addr_policy(addr, orport, set->policies)
5106 == ADDR_POLICY_REJECTED)
5107 return 3;
5108 if (set->countries) {
5109 if (country < 0 && addr)
5110 country = geoip_get_country_by_ip(tor_addr_to_ipv4h(addr));
5111
5112 if (country >= 0 && country < set->n_countries &&
5113 bitarray_is_set(set->countries, country))
5114 return 2;
5115 }
5116 return 0;
5117 }
5118
5119 /** Return true iff we can tell that <b>ei</b> is a member of <b>set</b>. */
5120 int
5121 routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
5122 {
5123 return routerset_contains(set,
5124 &ei->addr,
5125 ei->port,
5126 ei->nickname,
5127 ei->identity_digest,
5128 -1, /*is_named*/
5129 -1 /*country*/);
5130 }
5131
5132 /** Return true iff <b>ri</b> is in <b>set</b>. */
5133 int
5134 routerset_contains_router(const routerset_t *set, routerinfo_t *ri)
5135 {
5136 tor_addr_t addr;
5137 tor_addr_from_ipv4h(&addr, ri->addr);
5138 return routerset_contains(set,
5139 &addr,
5140 ri->or_port,
5141 ri->nickname,
5142 ri->cache_info.identity_digest,
5143 ri->is_named,
5144 ri->country);
5145 }
5146
5147 /** Return true iff <b>rs</b> is in <b>set</b>. */
5148 int
5149 routerset_contains_routerstatus(const routerset_t *set, routerstatus_t *rs)
5150 {
5151 tor_addr_t addr;
5152 tor_addr_from_ipv4h(&addr, rs->addr);
5153 return routerset_contains(set,
5154 &addr,
5155 rs->or_port,
5156 rs->nickname,
5157 rs->identity_digest,
5158 rs->is_named,
5159 -1);
5160 }
5161
5162 /** Add every known routerinfo_t that is a member of <b>routerset</b> to
5163 * <b>out</b>. If <b>running_only</b>, only add the running ones. */
5164 void
5165 routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
5166 int running_only)
5167 {
5168 tor_assert(out);
5169 if (!routerset || !routerset->list)
5170 return;
5171 if (!warned_nicknames)
5172 warned_nicknames = smartlist_create();
5173 if (routerset_is_list(routerset)) {
5174
5175 /* No routers are specified by type; all are given by name or digest.
5176 * we can do a lookup in O(len(list)). */
5177 SMARTLIST_FOREACH(routerset->list, const char *, name, {
5178 routerinfo_t *router = router_get_by_nickname(name, 1);
5179 if (router) {
5180 if (!running_only || router->is_running)
5181 smartlist_add(out, router);
5182 }
5183 });
5184 } else {
5185 /* We need to iterate over the routerlist to get all the ones of the
5186 * right kind. */
5187 routerlist_t *rl = router_get_routerlist();
5188 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
5189 if (running_only && !router->is_running)
5190 continue;
5191 if (routerset_contains_router(routerset, router))
5192 smartlist_add(out, router);
5193 });
5194 }
5195 }
5196
5197 /** Add to <b>target</b> every routerinfo_t from <b>source</b> that is in
5198 * <b>include</b>, but not excluded in a more specific fashion by
5199 * <b>exclude</b>. If <b>running_only</b>, only include running routers.
5200 */
5201 void
5202 routersets_get_disjunction(smartlist_t *target,
5203 const smartlist_t *source,
5204 const routerset_t *include,
5205 const routerset_t *exclude, int running_only)
5206 {
5207 SMARTLIST_FOREACH(source, routerinfo_t *, router, {
5208 int include_result;
5209 if (running_only && !router->is_running)
5210 continue;
5211 if (!routerset_is_empty(include))
5212 include_result = routerset_contains_router(include, router);
5213 else
5214 include_result = 1;
5215
5216 if (include_result) {
5217 int exclude_result = routerset_contains_router(exclude, router);
5218 if (include_result >= exclude_result)
5219 smartlist_add(target, router);
5220 }
5221 });
5222 }
5223
5224 /** Remove every routerinfo_t from <b>lst</b> that is in <b>routerset</b>. */
5225 void
5226 routerset_subtract_routers(smartlist_t *lst, const routerset_t *routerset)
5227 {
5228 tor_assert(lst);
5229 if (!routerset)
5230 return;
5231 SMARTLIST_FOREACH(lst, routerinfo_t *, r, {
5232 if (routerset_contains_router(routerset, r)) {
5233 //log_debug(LD_DIR, "Subtracting %s",r->nickname);
5234 SMARTLIST_DEL_CURRENT(lst, r);
5235 }
5236 });
5237 }
5238
5239 /** Return a new string that when parsed by routerset_parse_string() will
5240 * yield <b>set</b>. */
5241 char *
5242 routerset_to_string(const routerset_t *set)
5243 {
5244 if (!set || !set->list)
5245 return tor_strdup("");
5246 return smartlist_join_strings(set->list, ",", 0, NULL);
5247 }
5248
5249 /** Helper: return true iff old and new are both NULL, or both non-NULL
5250 * equal routersets. */
5251 int
5252 routerset_equal(const routerset_t *old, const routerset_t *new)
5253 {
5254 if (old == NULL && new == NULL)
5255 return 1;
5256 else if (old == NULL || new == NULL)
5257 return 0;
5258
5259 if (smartlist_len(old->list) != smartlist_len(new->list))
5260 return 0;
5261
5262 SMARTLIST_FOREACH(old->list, const char *, cp1, {
5263 const char *cp2 = smartlist_get(new->list, cp1_sl_idx);
5264 if (strcmp(cp1, cp2))
5265 return 0;
5266 });
5267
5268 return 1;
5269
5270 #if 0
5271 /* XXXX: This won't work if the names/digests are identical but in a
5272 different order. Checking for exact equality would be heavy going,
5273 is it worth it? -RH*/
5274 /* This code is totally bogus; sizeof doesn't work even remotely like this
5275 * code seems to think. Let's revert to a string-based comparison for
5276 * now. -NM*/
5277 if (sizeof(old->names) != sizeof(new->names))
5278 return 0;
5279
5280 if (memcmp(old->names,new->names,sizeof(new->names)))
5281 return 0;
5282 if (sizeof(old->digests) != sizeof(new->digests))
5283 return 0;
5284 if (memcmp(old->digests,new->digests,sizeof(new->digests)))
5285 return 0;
5286 if (sizeof(old->countries) != sizeof(new->countries))
5287 return 0;
5288 if (memcmp(old->countries,new->countries,sizeof(new->countries)))
5289 return 0;
5290 return 1;
5291 #endif
5292 }
5293
5294 /** Free all storage held in <b>routerset</b>. */
5295 void
5296 routerset_free(routerset_t *routerset)
5297 {
5298 SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
5299 smartlist_free(routerset->list);
5300 SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
5301 addr_policy_free(p));
5302 smartlist_free(routerset->policies);
5303 SMARTLIST_FOREACH(routerset->country_names, char *, cp, tor_free(cp));
5304 smartlist_free(routerset->country_names);
5305
5306 strmap_free(routerset->names, NULL);
5307 digestmap_free(routerset->digests, NULL);
5308 if (routerset->countries)
5309 bitarray_free(routerset->countries);
5310 tor_free(routerset);
5311 }
5312
5313 /** Refresh the country code of <b>ri</b>. This function MUST be called on
5314 * each router when the GeoIP database is reloaded, and on all new routers. */
5315 void
5316 routerinfo_set_country(routerinfo_t *ri)
5317 {
5318 ri->country = geoip_get_country_by_ip(ri->addr);
5319 }
5320
5321 /** Set the country code of all routers in the routerlist. */
5322 void
5323 routerlist_refresh_countries(void)
5324 {
5325 routerlist_t *rl = router_get_routerlist();
5326 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
5327 routerinfo_set_country(ri));
5328 }
5329
5330 /** Determine the routers that are responsible for <b>id</b> (binary) and
5331 * add pointers to those routers' routerstatus_t to <b>responsible_dirs</b>.
5332 * Return -1 if we're returning an empty smartlist, else return 0.
5333 */
5334 int
5335 hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
5336 const char *id)
5337 {
5338 int start, found, n_added = 0, i;
5339 networkstatus_t *c = networkstatus_get_latest_consensus();
5340 int use_begindir = get_options()->TunnelDirConns;
5341 if (!c || !smartlist_len(c->routerstatus_list)) {
5342 log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
5343 "rendezvous operations.");
5344 return -1;
5345 }
5346 tor_assert(id);
5347 start = networkstatus_vote_find_entry_idx(c, id, &found);
5348 if (start == smartlist_len(c->routerstatus_list)) start = 0;
5349 i = start;
5350 do {
5351 routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
5352 if (r->is_hs_dir) {
5353 if (r->dir_port || use_begindir)
5354 smartlist_add(responsible_dirs, r);
5355 else
5356 log_info(LD_REND, "Not adding router '%s' to list of responsible "
5357 "hidden service directories, because we have no way of "
5358 "reaching it.", r->nickname);
5359 if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
5360 break;
5361 }
5362 if (++i == smartlist_len(c->routerstatus_list))
5363 i = 0;
5364 } while (i != start);
5365
5366 /* Even though we don't have the desired number of hidden service
5367 * directories, be happy if we got any. */
5368 return smartlist_len(responsible_dirs) ? 0 : -1;
5369 }
5370
5371 /** Return true if this node is currently acting as hidden service
5372 * directory, false otherwise. */
5373 int
5374 hid_serv_acting_as_directory(void)
5375 {
5376 routerinfo_t *me = router_get_my_routerinfo();
5377 networkstatus_t *c;
5378 routerstatus_t *rs;
5379 if (!me)
5380 return 0;
5381 if (!get_options()->HidServDirectoryV2) {
5382 log_info(LD_REND, "We are not acting as hidden service directory, "
5383 "because we have not been configured as such.");
5384 return 0;
5385 }
5386 if (!(c = networkstatus_get_latest_consensus())) {
5387 log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden "
5388 "service directory");
5389 return 0;
5390 }
5391 rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest);
5392 if (!rs) {
5393 log_info(LD_REND, "We're not listed in the consensus, so we're not "
5394 "being a hidden service directory.");
5395 return 0;
5396 }
5397 if (!rs->is_hs_dir) {
5398 log_info(LD_REND, "We're not listed as a hidden service directory in "
5399 "the consensus, so we won't be one.");
5400 return 0;
5401 }
5402 return 1;
5403 }
5404
5405 /** Return true if this node is responsible for storing the descriptor ID
5406 * in <b>query</b> and false otherwise. */
5407 int
5408 hid_serv_responsible_for_desc_id(const char *query)
5409 {
5410 routerinfo_t *me;
5411 routerstatus_t *last_rs;
5412 const char *my_id, *last_id;
5413 int result;
5414 smartlist_t *responsible;
5415 if (!hid_serv_acting_as_directory())
5416 return 0;
5417 if (!(me = router_get_my_routerinfo()))
5418 return 0; /* This is redundant, but let's be paranoid. */
5419 my_id = me->cache_info.identity_digest;
5420 responsible = smartlist_create();
5421 if (hid_serv_get_responsible_directories(responsible, query) < 0) {
5422 smartlist_free(responsible);
5423 return 0;
5424 }
5425 last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
5426 last_id = last_rs->identity_digest;
5427 result = rend_id_is_in_interval(my_id, query, last_id);
5428 smartlist_free(responsible);
5429 return result;
5430 }
5431