search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'bug2081_followup_022' into maint-0.2.2
[tor/rransom.git] / src / or / dirserv.c
blob841c86624bf55a8f1fc4e5f20bb1e7e2666d5778
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2010, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5
6 #define DIRSERV_PRIVATE
7 #include "or.h"
8 #include "buffers.h"
9 #include "config.h"
10 #include "connection.h"
11 #include "connection_or.h"
12 #include "control.h"
13 #include "directory.h"
14 #include "dirserv.h"
15 #include "dirvote.h"
16 #include "hibernate.h"
17 #include "microdesc.h"
18 #include "networkstatus.h"
19 #include "policies.h"
20 #include "rephist.h"
21 #include "router.h"
22 #include "routerlist.h"
23 #include "routerparse.h"
24
25 /**
26 * \file dirserv.c
27 * \brief Directory server core implementation. Manages directory
28 * contents and generates directories.
29 */
30
31 /** How far in the future do we allow a router to get? (seconds) */
32 #define ROUTER_ALLOW_SKEW (60*60*12)
33 /** How many seconds do we wait before regenerating the directory? */
34 #define DIR_REGEN_SLACK_TIME 30
35 /** If we're a cache, keep this many networkstatuses around from non-trusted
36 * directory authorities. */
37 #define MAX_UNTRUSTED_NETWORKSTATUSES 16
38
39 /** If a v1 directory is older than this, discard it. */
40 #define MAX_V1_DIRECTORY_AGE (30*24*60*60)
41 /** If a v1 running-routers is older than this, discard it. */
42 #define MAX_V1_RR_AGE (7*24*60*60)
43
44 extern time_t time_of_process_start; /* from main.c */
45
46 /** Do we need to regenerate the v1 directory when someone asks for it? */
47 static time_t the_directory_is_dirty = 1;
48 /** Do we need to regenerate the v1 runningrouters document when somebody
49 * asks for it? */
50 static time_t runningrouters_is_dirty = 1;
51 /** Do we need to regenerate our v2 networkstatus document when somebody asks
52 * for it? */
53 static time_t the_v2_networkstatus_is_dirty = 1;
54
55 /** Most recently generated encoded signed v1 directory. (v1 auth dirservers
56 * only.) */
57 static cached_dir_t *the_directory = NULL;
58
59 /** For authoritative directories: the current (v1) network status. */
60 static cached_dir_t the_runningrouters;
61
62 static void directory_remove_invalid(void);
63 static cached_dir_t *dirserv_regenerate_directory(void);
64 static char *format_versions_list(config_line_t *ln);
65 struct authdir_config_t;
66 static int add_fingerprint_to_dir(const char *nickname, const char *fp,
67 struct authdir_config_t *list);
68 static uint32_t dirserv_router_get_status(const routerinfo_t *router,
69 const char **msg);
70 static uint32_t
71 dirserv_get_status_impl(const char *fp, const char *nickname,
72 const char *address,
73 uint32_t addr, uint16_t or_port,
74 const char *platform, const char *contact,
75 const char **msg, int should_log);
76 static void clear_cached_dir(cached_dir_t *d);
77 static signed_descriptor_t *get_signed_descriptor_by_fp(const char *fp,
78 int extrainfo,
79 time_t publish_cutoff);
80 static int dirserv_add_extrainfo(extrainfo_t *ei, const char **msg);
81
82 /************** Measured Bandwidth parsing code ******/
83 #define MAX_MEASUREMENT_AGE (3*24*60*60) /* 3 days */
84
85 /************** Fingerprint handling code ************/
86
87 #define FP_NAMED 1 /**< Listed in fingerprint file. */
88 #define FP_INVALID 2 /**< Believed invalid. */
89 #define FP_REJECT 4 /**< We will not publish this router. */
90 #define FP_BADDIR 8 /**< We'll tell clients to avoid using this as a dir. */
91 #define FP_BADEXIT 16 /**< We'll tell clients not to use this as an exit. */
92 #define FP_UNNAMED 32 /**< Another router has this name in fingerprint file. */
93
94 /** Encapsulate a nickname and an FP_* status; target of status_by_digest
95 * map. */
96 typedef struct router_status_t {
97 char nickname[MAX_NICKNAME_LEN+1];
98 uint32_t status;
99 } router_status_t;
100
101 /** List of nickname-\>identity fingerprint mappings for all the routers
102 * that we name. Used to prevent router impersonation. */
103 typedef struct authdir_config_t {
104 strmap_t *fp_by_name; /**< Map from lc nickname to fingerprint. */
105 digestmap_t *status_by_digest; /**< Map from digest to router_status_t. */
106 } authdir_config_t;
107
108 /** Should be static; exposed for testing. */
109 static authdir_config_t *fingerprint_list = NULL;
110
111 /** Allocate and return a new, empty, authdir_config_t. */
112 static authdir_config_t *
113 authdir_config_new(void)
114 {
115 authdir_config_t *list = tor_malloc_zero(sizeof(authdir_config_t));
116 list->fp_by_name = strmap_new();
117 list->status_by_digest = digestmap_new();
118 return list;
119 }
120
121 /** Add the fingerprint <b>fp</b> for <b>nickname</b> to
122 * the smartlist of fingerprint_entry_t's <b>list</b>. Return 0 if it's
123 * new, or 1 if we replaced the old value.
124 */
125 /* static */ int
126 add_fingerprint_to_dir(const char *nickname, const char *fp,
127 authdir_config_t *list)
128 {
129 char *fingerprint;
130 char d[DIGEST_LEN];
131 router_status_t *status;
132 tor_assert(nickname);
133 tor_assert(fp);
134 tor_assert(list);
135
136 fingerprint = tor_strdup(fp);
137 tor_strstrip(fingerprint, " ");
138 if (base16_decode(d, DIGEST_LEN, fingerprint, strlen(fingerprint))) {
139 log_warn(LD_DIRSERV, "Couldn't decode fingerprint \"%s\"",
140 escaped(fp));
141 tor_free(fingerprint);
142 return 0;
143 }
144
145 if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) {
146 log_warn(LD_DIRSERV, "Tried to add a mapping for reserved nickname %s",
147 UNNAMED_ROUTER_NICKNAME);
148 tor_free(fingerprint);
149 return 0;
150 }
151
152 status = digestmap_get(list->status_by_digest, d);
153 if (!status) {
154 status = tor_malloc_zero(sizeof(router_status_t));
155 digestmap_set(list->status_by_digest, d, status);
156 }
157
158 if (nickname[0] != '!') {
159 char *old_fp = strmap_get_lc(list->fp_by_name, nickname);
160 if (old_fp && !strcasecmp(fingerprint, old_fp)) {
161 tor_free(fingerprint);
162 } else {
163 tor_free(old_fp);
164 strmap_set_lc(list->fp_by_name, nickname, fingerprint);
165 }
166 status->status |= FP_NAMED;
167 strlcpy(status->nickname, nickname, sizeof(status->nickname));
168 } else {
169 tor_free(fingerprint);
170 if (!strcasecmp(nickname, "!reject")) {
171 status->status |= FP_REJECT;
172 } else if (!strcasecmp(nickname, "!invalid")) {
173 status->status |= FP_INVALID;
174 } else if (!strcasecmp(nickname, "!baddir")) {
175 status->status |= FP_BADDIR;
176 } else if (!strcasecmp(nickname, "!badexit")) {
177 status->status |= FP_BADEXIT;
178 }
179 }
180 return 0;
181 }
182
183 /** Add the nickname and fingerprint for this OR to the
184 * global list of recognized identity key fingerprints. */
185 int
186 dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk)
187 {
188 char fp[FINGERPRINT_LEN+1];
189 if (crypto_pk_get_fingerprint(pk, fp, 0)<0) {
190 log_err(LD_BUG, "Error computing fingerprint");
191 return -1;
192 }
193 if (!fingerprint_list)
194 fingerprint_list = authdir_config_new();
195 add_fingerprint_to_dir(nickname, fp, fingerprint_list);
196 return 0;
197 }
198
199 /** Load the nickname-\>fingerprint mappings stored in the approved-routers
200 * file. The file format is line-based, with each non-blank holding one
201 * nickname, some space, and a fingerprint for that nickname. On success,
202 * replace the current fingerprint list with the new list and return 0. On
203 * failure, leave the current fingerprint list untouched, and return -1. */
204 int
205 dirserv_load_fingerprint_file(void)
206 {
207 char *fname;
208 char *cf;
209 char *nickname, *fingerprint;
210 authdir_config_t *fingerprint_list_new;
211 int result;
212 config_line_t *front=NULL, *list;
213 or_options_t *options = get_options();
214
215 fname = get_datadir_fname("approved-routers");
216 log_info(LD_GENERAL,
217 "Reloading approved fingerprints from \"%s\"...", fname);
218
219 cf = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
220 if (!cf) {
221 if (options->NamingAuthoritativeDir) {
222 log_warn(LD_FS, "Cannot open fingerprint file '%s'. Failing.", fname);
223 tor_free(fname);
224 return -1;
225 } else {
226 log_info(LD_FS, "Cannot open fingerprint file '%s'. That's ok.", fname);
227 tor_free(fname);
228 return 0;
229 }
230 }
231 tor_free(fname);
232
233 result = config_get_lines(cf, &front);
234 tor_free(cf);
235 if (result < 0) {
236 log_warn(LD_CONFIG, "Error reading from fingerprint file");
237 return -1;
238 }
239
240 fingerprint_list_new = authdir_config_new();
241
242 for (list=front; list; list=list->next) {
243 char digest_tmp[DIGEST_LEN];
244 nickname = list->key; fingerprint = list->value;
245 if (strlen(nickname) > MAX_NICKNAME_LEN) {
246 log_notice(LD_CONFIG,
247 "Nickname '%s' too long in fingerprint file. Skipping.",
248 nickname);
249 continue;
250 }
251 if (!is_legal_nickname(nickname) &&
252 strcasecmp(nickname, "!reject") &&
253 strcasecmp(nickname, "!invalid") &&
254 strcasecmp(nickname, "!badexit")) {
255 log_notice(LD_CONFIG,
256 "Invalid nickname '%s' in fingerprint file. Skipping.",
257 nickname);
258 continue;
259 }
260 tor_strstrip(fingerprint, " "); /* remove spaces */
261 if (strlen(fingerprint) != HEX_DIGEST_LEN ||
262 base16_decode(digest_tmp, sizeof(digest_tmp),
263 fingerprint, HEX_DIGEST_LEN) < 0) {
264 log_notice(LD_CONFIG,
265 "Invalid fingerprint (nickname '%s', "
266 "fingerprint %s). Skipping.",
267 nickname, fingerprint);
268 continue;
269 }
270 if (0==strcasecmp(nickname, DEFAULT_CLIENT_NICKNAME)) {
271 /* If you approved an OR called "client", then clients who use
272 * the default nickname could all be rejected. That's no good. */
273 log_notice(LD_CONFIG,
274 "Authorizing nickname '%s' would break "
275 "many clients; skipping.",
276 DEFAULT_CLIENT_NICKNAME);
277 continue;
278 }
279 if (0==strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) {
280 /* If you approved an OR called "unnamed", then clients will be
281 * confused. */
282 log_notice(LD_CONFIG,
283 "Authorizing nickname '%s' is not allowed; skipping.",
284 UNNAMED_ROUTER_NICKNAME);
285 continue;
286 }
287 if (add_fingerprint_to_dir(nickname, fingerprint, fingerprint_list_new)
288 != 0)
289 log_notice(LD_CONFIG, "Duplicate nickname '%s'.", nickname);
290 }
291
292 config_free_lines(front);
293 dirserv_free_fingerprint_list();
294 fingerprint_list = fingerprint_list_new;
295 /* Delete any routers whose fingerprints we no longer recognize */
296 directory_remove_invalid();
297 return 0;
298 }
299
300 /** Check whether <b>router</b> has a nickname/identity key combination that
301 * we recognize from the fingerprint list, or an IP we automatically act on
302 * according to our configuration. Return the appropriate router status.
303 *
304 * If the status is 'FP_REJECT' and <b>msg</b> is provided, set
305 * *<b>msg</b> to an explanation of why. */
306 static uint32_t
307 dirserv_router_get_status(const routerinfo_t *router, const char **msg)
308 {
309 char d[DIGEST_LEN];
310
311 if (crypto_pk_get_digest(router->identity_pkey, d)) {
312 log_warn(LD_BUG,"Error computing fingerprint");
313 if (msg)
314 *msg = "Bug: Error computing fingerprint";
315 return FP_REJECT;
316 }
317
318 return dirserv_get_status_impl(d, router->nickname,
319 router->address,
320 router->addr, router->or_port,
321 router->platform, router->contact_info,
322 msg, 1);
323 }
324
325 /** Return true if there is no point in downloading the router described by
326 * <b>rs</b> because this directory would reject it. */
327 int
328 dirserv_would_reject_router(routerstatus_t *rs)
329 {
330 uint32_t res;
331
332 res = dirserv_get_status_impl(rs->identity_digest, rs->nickname,
333 "", /* address is only used in logs */
334 rs->addr, rs->or_port,
335 NULL, NULL,
336 NULL, 0);
337
338 return (res & FP_REJECT) != 0;
339 }
340
341 /** Helper: Based only on the ID/Nickname combination,
342 * return FP_UNNAMED (unnamed), FP_NAMED (named), or 0 (neither).
343 */
344 static uint32_t
345 dirserv_get_name_status(const char *id_digest, const char *nickname)
346 {
347 char fp[HEX_DIGEST_LEN+1];
348 char *fp_by_name;
349
350 base16_encode(fp, sizeof(fp), id_digest, DIGEST_LEN);
351
352 if ((fp_by_name =
353 strmap_get_lc(fingerprint_list->fp_by_name, nickname))) {
354 if (!strcasecmp(fp, fp_by_name)) {
355 return FP_NAMED;
356 } else {
357 return FP_UNNAMED; /* Wrong fingerprint. */
358 }
359 }
360 return 0;
361 }
362
363 /** Helper: As dirserv_get_router_status, but takes the router fingerprint
364 * (hex, no spaces), nickname, address (used for logging only), IP address, OR
365 * port, platform (logging only) and contact info (logging only) as arguments.
366 *
367 * If should_log is false, do not log messages. (There's not much point in
368 * logging that we're rejecting servers we'll not download.)
369 */
370 static uint32_t
371 dirserv_get_status_impl(const char *id_digest, const char *nickname,
372 const char *address,
373 uint32_t addr, uint16_t or_port,
374 const char *platform, const char *contact,
375 const char **msg, int should_log)
376 {
377 int reject_unlisted = get_options()->AuthDirRejectUnlisted;
378 uint32_t result = 0;
379 router_status_t *status_by_digest;
380
381 if (!fingerprint_list)
382 fingerprint_list = authdir_config_new();
383
384 if (should_log)
385 log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.",
386 strmap_size(fingerprint_list->fp_by_name),
387 digestmap_size(fingerprint_list->status_by_digest));
388
389 /* Tor 0.2.0.26-rc is the oldest version that currently caches the right
390 * directory information. Once more of them die off, we should raise this
391 * minimum. */
392 if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) {
393 if (msg)
394 *msg = "Tor version is far too old to work.";
395 return FP_REJECT;
396 } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha")
397 && !tor_version_as_new_as(platform, "0.2.1.19")) {
398 /* These versions mishandled RELAY_EARLY cells on rend circuits. */
399 if (msg)
400 *msg = "Tor version is too buggy to work.";
401 return FP_REJECT;
402 }
403
404 result = dirserv_get_name_status(id_digest, nickname);
405 if (result & FP_NAMED) {
406 if (should_log)
407 log_debug(LD_DIRSERV,"Good fingerprint for '%s'",nickname);
408 }
409 if (result & FP_UNNAMED) {
410 if (should_log) {
411 char *esc_contact = esc_for_log(contact);
412 log_info(LD_DIRSERV,
413 "Mismatched fingerprint for '%s'. "
414 "ContactInfo '%s', platform '%s'.)",
415 nickname,
416 esc_contact,
417 platform ? escaped(platform) : "");
418 tor_free(esc_contact);
419 }
420 if (msg)
421 *msg = "Rejected: There is already a named server with this nickname "
422 "and a different fingerprint.";
423 }
424
425 status_by_digest = digestmap_get(fingerprint_list->status_by_digest,
426 id_digest);
427 if (status_by_digest)
428 result |= (status_by_digest->status & ~FP_NAMED);
429
430 if (result & FP_REJECT) {
431 if (msg)
432 *msg = "Fingerprint is marked rejected";
433 return FP_REJECT;
434 } else if (result & FP_INVALID) {
435 if (msg)
436 *msg = "Fingerprint is marked invalid";
437 }
438
439 if (authdir_policy_baddir_address(addr, or_port)) {
440 if (should_log)
441 log_info(LD_DIRSERV,
442 "Marking '%s' as bad directory because of address '%s'",
443 nickname, address);
444 result |= FP_BADDIR;
445 }
446
447 if (authdir_policy_badexit_address(addr, or_port)) {
448 if (should_log)
449 log_info(LD_DIRSERV, "Marking '%s' as bad exit because of address '%s'",
450 nickname, address);
451 result |= FP_BADEXIT;
452 }
453
454 if (!(result & FP_NAMED)) {
455 if (!authdir_policy_permits_address(addr, or_port)) {
456 if (should_log)
457 log_info(LD_DIRSERV, "Rejecting '%s' because of address '%s'",
458 nickname, address);
459 if (msg)
460 *msg = "Authdir is rejecting routers in this range.";
461 return FP_REJECT;
462 }
463 if (!authdir_policy_valid_address(addr, or_port)) {
464 if (should_log)
465 log_info(LD_DIRSERV, "Not marking '%s' valid because of address '%s'",
466 nickname, address);
467 result |= FP_INVALID;
468 }
469 if (reject_unlisted) {
470 if (msg)
471 *msg = "Authdir rejects unknown routers.";
472 return FP_REJECT;
473 }
474 }
475
476 return result;
477 }
478
479 /** If we are an authoritative dirserver, and the list of approved
480 * servers contains one whose identity key digest is <b>digest</b>,
481 * return that router's nickname. Otherwise return NULL. */
482 const char *
483 dirserv_get_nickname_by_digest(const char *digest)
484 {
485 router_status_t *status;
486 if (!fingerprint_list)
487 return NULL;
488 tor_assert(digest);
489
490 status = digestmap_get(fingerprint_list->status_by_digest, digest);
491 return status ? status->nickname : NULL;
492 }
493
494 /** Clear the current fingerprint list. */
495 void
496 dirserv_free_fingerprint_list(void)
497 {
498 if (!fingerprint_list)
499 return;
500
501 strmap_free(fingerprint_list->fp_by_name, _tor_free);
502 digestmap_free(fingerprint_list->status_by_digest, _tor_free);
503 tor_free(fingerprint_list);
504 }
505
506 /*
507 * Descriptor list
508 */
509
510 /** Return -1 if <b>ri</b> has a private or otherwise bad address,
511 * unless we're configured to not care. Return 0 if all ok. */
512 static int
513 dirserv_router_has_valid_address(routerinfo_t *ri)
514 {
515 struct in_addr iaddr;
516 if (get_options()->DirAllowPrivateAddresses)
517 return 0; /* whatever it is, we're fine with it */
518 if (!tor_inet_aton(ri->address, &iaddr)) {
519 log_info(LD_DIRSERV,"Router '%s' published non-IP address '%s'. Refusing.",
520 ri->nickname, ri->address);
521 return -1;
522 }
523 if (is_internal_IP(ntohl(iaddr.s_addr), 0)) {
524 log_info(LD_DIRSERV,
525 "Router '%s' published internal IP address '%s'. Refusing.",
526 ri->nickname, ri->address);
527 return -1; /* it's a private IP, we should reject it */
528 }
529 return 0;
530 }
531
532 /** Check whether we, as a directory server, want to accept <b>ri</b>. If so,
533 * set its is_valid,named,running fields and return 0. Otherwise, return -1.
534 *
535 * If the router is rejected, set *<b>msg</b> to an explanation of why.
536 *
537 * If <b>complain</b> then explain at log-level 'notice' why we refused
538 * a descriptor; else explain at log-level 'info'.
539 */
540 int
541 authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
542 int complain)
543 {
544 /* Okay. Now check whether the fingerprint is recognized. */
545 uint32_t status = dirserv_router_get_status(ri, msg);
546 time_t now;
547 int severity = (complain && ri->contact_info) ? LOG_NOTICE : LOG_INFO;
548 tor_assert(msg);
549 if (status & FP_REJECT)
550 return -1; /* msg is already set. */
551
552 /* Is there too much clock skew? */
553 now = time(NULL);
554 if (ri->cache_info.published_on > now+ROUTER_ALLOW_SKEW) {
555 log_fn(severity, LD_DIRSERV, "Publication time for nickname '%s' is too "
556 "far (%d minutes) in the future; possible clock skew. Not adding "
557 "(%s)",
558 ri->nickname, (int)((ri->cache_info.published_on-now)/60),
559 esc_router_info(ri));
560 *msg = "Rejected: Your clock is set too far in the future, or your "
561 "timezone is not correct.";
562 return -1;
563 }
564 if (ri->cache_info.published_on < now-ROUTER_MAX_AGE_TO_PUBLISH) {
565 log_fn(severity, LD_DIRSERV,
566 "Publication time for router with nickname '%s' is too far "
567 "(%d minutes) in the past. Not adding (%s)",
568 ri->nickname, (int)((now-ri->cache_info.published_on)/60),
569 esc_router_info(ri));
570 *msg = "Rejected: Server is expired, or your clock is too far in the past,"
571 " or your timezone is not correct.";
572 return -1;
573 }
574 if (dirserv_router_has_valid_address(ri) < 0) {
575 log_fn(severity, LD_DIRSERV,
576 "Router with nickname '%s' has invalid address '%s'. "
577 "Not adding (%s).",
578 ri->nickname, ri->address,
579 esc_router_info(ri));
580 *msg = "Rejected: Address is not an IP, or IP is a private address.";
581 return -1;
582 }
583 /* Okay, looks like we're willing to accept this one. */
584 ri->is_named = (status & FP_NAMED) ? 1 : 0;
585 ri->is_valid = (status & FP_INVALID) ? 0 : 1;
586 ri->is_bad_directory = (status & FP_BADDIR) ? 1 : 0;
587 ri->is_bad_exit = (status & FP_BADEXIT) ? 1 : 0;
588
589 return 0;
590 }
591
592 /** True iff <b>a</b> is more severe than <b>b</b>. */
593 static int
594 WRA_MORE_SEVERE(was_router_added_t a, was_router_added_t b)
595 {
596 return a < b;
597 }
598
599 /** As for dirserv_add_descriptor(), but accepts multiple documents, and
600 * returns the most severe error that occurred for any one of them. */
601 was_router_added_t
602 dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose,
603 const char *source,
604 const char **msg)
605 {
606 was_router_added_t r, r_tmp;
607 const char *msg_out;
608 smartlist_t *list;
609 const char *s;
610 int n_parsed = 0;
611 time_t now = time(NULL);
612 char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
613 char time_buf[ISO_TIME_LEN+1];
614 int general = purpose == ROUTER_PURPOSE_GENERAL;
615 tor_assert(msg);
616
617 r=ROUTER_ADDED_SUCCESSFULLY; /*Least severe return value. */
618
619 format_iso_time(time_buf, now);
620 if (tor_snprintf(annotation_buf, sizeof(annotation_buf),
621 "@uploaded-at %s\n"
622 "@source %s\n"
623 "%s%s%s", time_buf, escaped(source),
624 !general ? "@purpose " : "",
625 !general ? router_purpose_to_string(purpose) : "",
626 !general ? "\n" : "")<0) {
627 *msg = "Couldn't format annotations";
628 return -1;
629 }
630
631 s = desc;
632 list = smartlist_create();
633 if (!router_parse_list_from_string(&s, NULL, list, SAVED_NOWHERE, 0, 0,
634 annotation_buf)) {
635 SMARTLIST_FOREACH(list, routerinfo_t *, ri, {
636 msg_out = NULL;
637 tor_assert(ri->purpose == purpose);
638 r_tmp = dirserv_add_descriptor(ri, &msg_out, source);
639 if (WRA_MORE_SEVERE(r_tmp, r)) {
640 r = r_tmp;
641 *msg = msg_out;
642 }
643 });
644 }
645 n_parsed += smartlist_len(list);
646 smartlist_clear(list);
647
648 s = desc;
649 if (!router_parse_list_from_string(&s, NULL, list, SAVED_NOWHERE, 1, 0,
650 NULL)) {
651 SMARTLIST_FOREACH(list, extrainfo_t *, ei, {
652 msg_out = NULL;
653
654 r_tmp = dirserv_add_extrainfo(ei, &msg_out);
655 if (WRA_MORE_SEVERE(r_tmp, r)) {
656 r = r_tmp;
657 *msg = msg_out;
658 }
659 });
660 }
661 n_parsed += smartlist_len(list);
662 smartlist_free(list);
663
664 if (! *msg) {
665 if (!n_parsed) {
666 *msg = "No descriptors found in your POST.";
667 if (WRA_WAS_ADDED(r))
668 r = ROUTER_WAS_NOT_NEW;
669 } else {
670 *msg = "(no message)";
671 }
672 }
673
674 return r;
675 }
676
677 /** Examine the parsed server descriptor in <b>ri</b> and maybe insert it into
678 * the list of server descriptors. Set *<b>msg</b> to a message that should be
679 * passed back to the origin of this descriptor, or NULL if there is no such
680 * message. Use <b>source</b> to produce better log messages.
681 *
682 * Return the status of the operation
683 *
684 * This function is only called when fresh descriptors are posted, not when
685 * we re-load the cache.
686 */
687 was_router_added_t
688 dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
689 {
690 was_router_added_t r;
691 routerinfo_t *ri_old;
692 char *desc, *nickname;
693 size_t desclen = 0;
694 *msg = NULL;
695
696 /* If it's too big, refuse it now. Otherwise we'll cache it all over the
697 * network and it'll clog everything up. */
698 if (ri->cache_info.signed_descriptor_len > MAX_DESCRIPTOR_UPLOAD_SIZE) {
699 log_notice(LD_DIR, "Somebody attempted to publish a router descriptor '%s'"
700 " (source: %s) with size %d. Either this is an attack, or the "
701 "MAX_DESCRIPTOR_UPLOAD_SIZE (%d) constant is too low.",
702 ri->nickname, source, (int)ri->cache_info.signed_descriptor_len,
703 MAX_DESCRIPTOR_UPLOAD_SIZE);
704 *msg = "Router descriptor was too large";
705 control_event_or_authdir_new_descriptor("REJECTED",
706 ri->cache_info.signed_descriptor_body,
707 ri->cache_info.signed_descriptor_len, *msg);
708 routerinfo_free(ri);
709 return ROUTER_AUTHDIR_REJECTS;
710 }
711
712 /* Check whether this descriptor is semantically identical to the last one
713 * from this server. (We do this here and not in router_add_to_routerlist
714 * because we want to be able to accept the newest router descriptor that
715 * another authority has, so we all converge on the same one.) */
716 ri_old = router_get_by_digest(ri->cache_info.identity_digest);
717 if (ri_old && ri_old->cache_info.published_on < ri->cache_info.published_on
718 && router_differences_are_cosmetic(ri_old, ri)
719 && !router_is_me(ri)) {
720 log_info(LD_DIRSERV,
721 "Not replacing descriptor from '%s' (source: %s); "
722 "differences are cosmetic.",
723 ri->nickname, source);
724 *msg = "Not replacing router descriptor; no information has changed since "
725 "the last one with this identity.";
726 control_event_or_authdir_new_descriptor("DROPPED",
727 ri->cache_info.signed_descriptor_body,
728 ri->cache_info.signed_descriptor_len, *msg);
729 routerinfo_free(ri);
730 return ROUTER_WAS_NOT_NEW;
731 }
732
733 /* Make a copy of desc, since router_add_to_routerlist might free
734 * ri and its associated signed_descriptor_t. */
735 desclen = ri->cache_info.signed_descriptor_len;
736 desc = tor_strndup(ri->cache_info.signed_descriptor_body, desclen);
737 nickname = tor_strdup(ri->nickname);
738
739 /* Tell if we're about to need to launch a test if we add this. */
740 ri->needs_retest_if_added =
741 dirserv_should_launch_reachability_test(ri, ri_old);
742
743 r = router_add_to_routerlist(ri, msg, 0, 0);
744 if (!WRA_WAS_ADDED(r)) {
745 /* unless the routerinfo was fine, just out-of-date */
746 if (WRA_WAS_REJECTED(r))
747 control_event_or_authdir_new_descriptor("REJECTED", desc, desclen, *msg);
748 log_info(LD_DIRSERV,
749 "Did not add descriptor from '%s' (source: %s): %s.",
750 nickname, source, *msg ? *msg : "(no message)");
751 } else {
752 smartlist_t *changed;
753 control_event_or_authdir_new_descriptor("ACCEPTED", desc, desclen, *msg);
754
755 changed = smartlist_create();
756 smartlist_add(changed, ri);
757 routerlist_descriptors_added(changed, 0);
758 smartlist_free(changed);
759 if (!*msg) {
760 *msg = ri->is_valid ? "Descriptor for valid server accepted" :
761 "Descriptor for invalid server accepted";
762 }
763 log_info(LD_DIRSERV,
764 "Added descriptor from '%s' (source: %s): %s.",
765 nickname, source, *msg);
766 }
767 tor_free(desc);
768 tor_free(nickname);
769 return r;
770 }
771
772 /** As dirserv_add_descriptor, but for an extrainfo_t <b>ei</b>. */
773 static was_router_added_t
774 dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
775 {
776 routerinfo_t *ri;
777 int r;
778 tor_assert(msg);
779 *msg = NULL;
780
781 ri = router_get_by_digest(ei->cache_info.identity_digest);
782 if (!ri) {
783 *msg = "No corresponding router descriptor for extra-info descriptor";
784 extrainfo_free(ei);
785 return ROUTER_BAD_EI;
786 }
787
788 /* If it's too big, refuse it now. Otherwise we'll cache it all over the
789 * network and it'll clog everything up. */
790 if (ei->cache_info.signed_descriptor_len > MAX_EXTRAINFO_UPLOAD_SIZE) {
791 log_notice(LD_DIR, "Somebody attempted to publish an extrainfo "
792 "with size %d. Either this is an attack, or the "
793 "MAX_EXTRAINFO_UPLOAD_SIZE (%d) constant is too low.",
794 (int)ei->cache_info.signed_descriptor_len,
795 MAX_EXTRAINFO_UPLOAD_SIZE);
796 *msg = "Extrainfo document was too large";
797 extrainfo_free(ei);
798 return ROUTER_BAD_EI;
799 }
800
801 if ((r = routerinfo_incompatible_with_extrainfo(ri, ei, NULL, msg))) {
802 extrainfo_free(ei);
803 return r < 0 ? ROUTER_WAS_NOT_NEW : ROUTER_BAD_EI;
804 }
805 router_add_extrainfo_to_routerlist(ei, msg, 0, 0);
806 return ROUTER_ADDED_SUCCESSFULLY;
807 }
808
809 /** Remove all descriptors whose nicknames or fingerprints no longer
810 * are allowed by our fingerprint list. (Descriptors that used to be
811 * good can become bad when we reload the fingerprint list.)
812 */
813 static void
814 directory_remove_invalid(void)
815 {
816 int i;
817 int changed = 0;
818 routerlist_t *rl = router_get_routerlist();
819
820 routerlist_assert_ok(rl);
821
822 for (i = 0; i < smartlist_len(rl->routers); ++i) {
823 const char *msg;
824 routerinfo_t *ent = smartlist_get(rl->routers, i);
825 uint32_t r = dirserv_router_get_status(ent, &msg);
826 if (r & FP_REJECT) {
827 log_info(LD_DIRSERV, "Router '%s' is now rejected: %s",
828 ent->nickname, msg?msg:"");
829 routerlist_remove(rl, ent, 0, time(NULL));
830 i--;
831 changed = 1;
832 continue;
833 }
834 if (bool_neq((r & FP_NAMED), ent->is_named)) {
835 log_info(LD_DIRSERV,
836 "Router '%s' is now %snamed.", ent->nickname,
837 (r&FP_NAMED)?"":"un");
838 ent->is_named = (r&FP_NAMED)?1:0;
839 changed = 1;
840 }
841 if (bool_neq((r & FP_INVALID), !ent->is_valid)) {
842 log_info(LD_DIRSERV, "Router '%s' is now %svalid.", ent->nickname,
843 (r&FP_INVALID) ? "in" : "");
844 ent->is_valid = (r&FP_INVALID)?0:1;
845 changed = 1;
846 }
847 if (bool_neq((r & FP_BADDIR), ent->is_bad_directory)) {
848 log_info(LD_DIRSERV, "Router '%s' is now a %s directory", ent->nickname,
849 (r & FP_BADDIR) ? "bad" : "good");
850 ent->is_bad_directory = (r&FP_BADDIR) ? 1: 0;
851 changed = 1;
852 }
853 if (bool_neq((r & FP_BADEXIT), ent->is_bad_exit)) {
854 log_info(LD_DIRSERV, "Router '%s' is now a %s exit", ent->nickname,
855 (r & FP_BADEXIT) ? "bad" : "good");
856 ent->is_bad_exit = (r&FP_BADEXIT) ? 1: 0;
857 changed = 1;
858 }
859 }
860 if (changed)
861 directory_set_dirty();
862
863 routerlist_assert_ok(rl);
864 }
865
866 /** Mark the directory as <b>dirty</b> -- when we're next asked for a
867 * directory, we will rebuild it instead of reusing the most recently
868 * generated one.
869 */
870 void
871 directory_set_dirty(void)
872 {
873 time_t now = time(NULL);
874 int set_v1_dirty=0;
875
876 /* Regenerate stubs only every 8 hours.
877 * XXXX It would be nice to generate less often, but these are just
878 * stubs: it doesn't matter. */
879 #define STUB_REGENERATE_INTERVAL (8*60*60)
880 if (!the_directory || !the_runningrouters.dir)
881 set_v1_dirty = 1;
882 else if (the_directory->published < now - STUB_REGENERATE_INTERVAL ||
883 the_runningrouters.published < now - STUB_REGENERATE_INTERVAL)
884 set_v1_dirty = 1;
885
886 if (set_v1_dirty) {
887 if (!the_directory_is_dirty)
888 the_directory_is_dirty = now;
889 if (!runningrouters_is_dirty)
890 runningrouters_is_dirty = now;
891 }
892 if (!the_v2_networkstatus_is_dirty)
893 the_v2_networkstatus_is_dirty = now;
894 }
895
896 /**
897 * Allocate and return a description of the status of the server <b>desc</b>,
898 * for use in a v1-style router-status line. The server is listed
899 * as running iff <b>is_live</b> is true.
900 */
901 static char *
902 list_single_server_status(routerinfo_t *desc, int is_live)
903 {
904 char buf[MAX_NICKNAME_LEN+HEX_DIGEST_LEN+4]; /* !nickname=$hexdigest\0 */
905 char *cp;
906
907 tor_assert(desc);
908
909 cp = buf;
910 if (!is_live) {
911 *cp++ = '!';
912 }
913 if (desc->is_valid) {
914 strlcpy(cp, desc->nickname, sizeof(buf)-(cp-buf));
915 cp += strlen(cp);
916 *cp++ = '=';
917 }
918 *cp++ = '$';
919 base16_encode(cp, HEX_DIGEST_LEN+1, desc->cache_info.identity_digest,
920 DIGEST_LEN);
921 return tor_strdup(buf);
922 }
923
924 static INLINE int
925 running_long_enough_to_decide_unreachable(void)
926 {
927 return time_of_process_start
928 + get_options()->TestingAuthDirTimeToLearnReachability < approx_time();
929 }
930
931 /** Each server needs to have passed a reachability test no more
932 * than this number of seconds ago, or he is listed as down in
933 * the directory. */
934 #define REACHABLE_TIMEOUT (45*60)
935
936 /** If we tested a router and found it reachable _at least this long_ after it
937 * declared itself hibernating, it is probably done hibernating and we just
938 * missed a descriptor from it. */
939 #define HIBERNATION_PUBLICATION_SKEW (60*60)
940
941 /** Treat a router as alive if
942 * - It's me, and I'm not hibernating.
943 * or - We've found it reachable recently. */
944 void
945 dirserv_set_router_is_running(routerinfo_t *router, time_t now)
946 {
947 /*XXXX022 This function is a mess. Separate out the part that calculates
948 whether it's reachable and the part that tells rephist that the router was
949 unreachable.
950 */
951 int answer;
952
953 if (router_is_me(router)) {
954 /* We always know if we are down ourselves. */
955 answer = ! we_are_hibernating();
956 } else if (router->is_hibernating &&
957 (router->cache_info.published_on +
958 HIBERNATION_PUBLICATION_SKEW) > router->last_reachable) {
959 /* A hibernating router is down unless we (somehow) had contact with it
960 * since it declared itself to be hibernating. */
961 answer = 0;
962 } else if (get_options()->AssumeReachable) {
963 /* If AssumeReachable, everybody is up unless they say they are down! */
964 answer = 1;
965 } else {
966 /* Otherwise, a router counts as up if we found it reachable in the last
967 REACHABLE_TIMEOUT seconds. */
968 answer = (now < router->last_reachable + REACHABLE_TIMEOUT);
969 }
970
971 if (!answer && running_long_enough_to_decide_unreachable()) {
972 /* not considered reachable. tell rephist. */
973 rep_hist_note_router_unreachable(router->cache_info.identity_digest, now);
974 }
975
976 router->is_running = answer;
977 }
978
979 /** Based on the routerinfo_ts in <b>routers</b>, allocate the
980 * contents of a v1-style router-status line, and store it in
981 * *<b>router_status_out</b>. Return 0 on success, -1 on failure.
982 *
983 * If for_controller is true, include the routers with very old descriptors.
984 */
985 int
986 list_server_status_v1(smartlist_t *routers, char **router_status_out,
987 int for_controller)
988 {
989 /* List of entries in a router-status style: An optional !, then an optional
990 * equals-suffixed nickname, then a dollar-prefixed hexdigest. */
991 smartlist_t *rs_entries;
992 time_t now = time(NULL);
993 time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
994 or_options_t *options = get_options();
995 /* We include v2 dir auths here too, because they need to answer
996 * controllers. Eventually we'll deprecate this whole function;
997 * see also networkstatus_getinfo_by_purpose(). */
998 int authdir = authdir_mode_publishes_statuses(options);
999 tor_assert(router_status_out);
1000
1001 rs_entries = smartlist_create();
1002
1003 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
1004 if (authdir) {
1005 /* Update router status in routerinfo_t. */
1006 dirserv_set_router_is_running(ri, now);
1007 }
1008 if (for_controller) {
1009 char name_buf[MAX_VERBOSE_NICKNAME_LEN+2];
1010 char *cp = name_buf;
1011 if (!ri->is_running)
1012 *cp++ = '!';
1013 router_get_verbose_nickname(cp, ri);
1014 smartlist_add(rs_entries, tor_strdup(name_buf));
1015 } else if (ri->cache_info.published_on >= cutoff) {
1016 smartlist_add(rs_entries, list_single_server_status(ri, ri->is_running));
1017 }
1018 } SMARTLIST_FOREACH_END(ri);
1019
1020 *router_status_out = smartlist_join_strings(rs_entries, " ", 0, NULL);
1021
1022 SMARTLIST_FOREACH(rs_entries, char *, cp, tor_free(cp));
1023 smartlist_free(rs_entries);
1024
1025 return 0;
1026 }
1027
1028 /** Given a (possibly empty) list of config_line_t, each line of which contains
1029 * a list of comma-separated version numbers surrounded by optional space,
1030 * allocate and return a new string containing the version numbers, in order,
1031 * separated by commas. Used to generate Recommended(Client|Server)?Versions
1032 */
1033 static char *
1034 format_versions_list(config_line_t *ln)
1035 {
1036 smartlist_t *versions;
1037 char *result;
1038 versions = smartlist_create();
1039 for ( ; ln; ln = ln->next) {
1040 smartlist_split_string(versions, ln->value, ",",
1041 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1042 }
1043 sort_version_list(versions, 1);
1044 result = smartlist_join_strings(versions,",",0,NULL);
1045 SMARTLIST_FOREACH(versions,char *,s,tor_free(s));
1046 smartlist_free(versions);
1047 return result;
1048 }
1049
1050 /** Return 1 if <b>ri</b>'s descriptor is "active" -- running, valid,
1051 * not hibernating, and not too old. Else return 0.
1052 */
1053 static int
1054 router_is_active(routerinfo_t *ri, time_t now)
1055 {
1056 time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
1057 if (ri->cache_info.published_on < cutoff)
1058 return 0;
1059 if (!ri->is_running || !ri->is_valid || ri->is_hibernating)
1060 return 0;
1061 return 1;
1062 }
1063
1064 /** Generate a new v1 directory and write it into a newly allocated string.
1065 * Point *<b>dir_out</b> to the allocated string. Sign the
1066 * directory with <b>private_key</b>. Return 0 on success, -1 on
1067 * failure. If <b>complete</b> is set, give us all the descriptors;
1068 * otherwise leave out non-running and non-valid ones.
1069 */
1070 int
1071 dirserv_dump_directory_to_string(char **dir_out,
1072 crypto_pk_env_t *private_key)
1073 {
1074 char *cp;
1075 char *identity_pkey; /* Identity key, DER64-encoded. */
1076 char *recommended_versions;
1077 char digest[DIGEST_LEN];
1078 char published[ISO_TIME_LEN+1];
1079 char *buf = NULL;
1080 size_t buf_len;
1081 size_t identity_pkey_len;
1082 time_t now = time(NULL);
1083
1084 tor_assert(dir_out);
1085 *dir_out = NULL;
1086
1087 if (crypto_pk_write_public_key_to_string(private_key,&identity_pkey,
1088 &identity_pkey_len)<0) {
1089 log_warn(LD_BUG,"write identity_pkey to string failed!");
1090 return -1;
1091 }
1092
1093 recommended_versions =
1094 format_versions_list(get_options()->RecommendedVersions);
1095
1096 format_iso_time(published, now);
1097
1098 buf_len = 2048+strlen(recommended_versions);
1099
1100 buf = tor_malloc(buf_len);
1101 /* We'll be comparing against buf_len throughout the rest of the
1102 function, though strictly speaking we shouldn't be able to exceed
1103 it. This is C, after all, so we may as well check for buffer
1104 overruns.*/
1105
1106 tor_snprintf(buf, buf_len,
1107 "signed-directory\n"
1108 "published %s\n"
1109 "recommended-software %s\n"
1110 "router-status %s\n"
1111 "dir-signing-key\n%s\n",
1112 published, recommended_versions, "",
1113 identity_pkey);
1114
1115 tor_free(recommended_versions);
1116 tor_free(identity_pkey);
1117
1118 cp = buf + strlen(buf);
1119 *cp = '\0';
1120
1121 /* These multiple strlcat calls are inefficient, but dwarfed by the RSA
1122 signature. */
1123 if (strlcat(buf, "directory-signature ", buf_len) >= buf_len)
1124 goto truncated;
1125 if (strlcat(buf, get_options()->Nickname, buf_len) >= buf_len)
1126 goto truncated;
1127 if (strlcat(buf, "\n", buf_len) >= buf_len)
1128 goto truncated;
1129
1130 if (router_get_dir_hash(buf,digest)) {
1131 log_warn(LD_BUG,"couldn't compute digest");
1132 tor_free(buf);
1133 return -1;
1134 }
1135 note_crypto_pk_op(SIGN_DIR);
1136 if (router_append_dirobj_signature(buf,buf_len,digest,DIGEST_LEN,
1137 private_key)<0) {
1138 tor_free(buf);
1139 return -1;
1140 }
1141
1142 *dir_out = buf;
1143 return 0;
1144 truncated:
1145 log_warn(LD_BUG,"tried to exceed string length.");
1146 tor_free(buf);
1147 return -1;
1148 }
1149
1150 /********************************************************************/
1151
1152 /* A set of functions to answer questions about how we'd like to behave
1153 * as a directory mirror/client. */
1154
1155 /** Return 1 if we fetch our directory material directly from the
1156 * authorities, rather than from a mirror. */
1157 int
1158 directory_fetches_from_authorities(or_options_t *options)
1159 {
1160 routerinfo_t *me;
1161 uint32_t addr;
1162 int refuseunknown;
1163 if (options->FetchDirInfoEarly)
1164 return 1;
1165 if (options->BridgeRelay == 1)
1166 return 0;
1167 if (server_mode(options) && router_pick_published_address(options, &addr)<0)
1168 return 1; /* we don't know our IP address; ask an authority. */
1169 refuseunknown = ! router_my_exit_policy_is_reject_star() &&
1170 should_refuse_unknown_exits(options);
1171 if (options->DirPort == 0 && !refuseunknown)
1172 return 0;
1173 if (!server_mode(options) || !advertised_server_mode())
1174 return 0;
1175 me = router_get_my_routerinfo();
1176 if (!me || (!me->dir_port && !refuseunknown))
1177 return 0; /* if dirport not advertised, return 0 too */
1178 return 1;
1179 }
1180
1181 /** Return 1 if we should fetch new networkstatuses, descriptors, etc
1182 * on the "mirror" schedule rather than the "client" schedule.
1183 */
1184 int
1185 directory_fetches_dir_info_early(or_options_t *options)
1186 {
1187 return directory_fetches_from_authorities(options);
1188 }
1189
1190 /** Return 1 if we should fetch new networkstatuses, descriptors, etc
1191 * on a very passive schedule -- waiting long enough for ordinary clients
1192 * to probably have the info we want. These would include bridge users,
1193 * and maybe others in the future e.g. if a Tor client uses another Tor
1194 * client as a directory guard.
1195 */
1196 int
1197 directory_fetches_dir_info_later(or_options_t *options)
1198 {
1199 return options->UseBridges != 0;
1200 }
1201
1202 /** Return 1 if we want to cache v2 dir info (each status file).
1203 */
1204 int
1205 directory_caches_v2_dir_info(or_options_t *options)
1206 {
1207 return options->DirPort != 0;
1208 }
1209
1210 /** Return 1 if we want to keep descriptors, networkstatuses, etc around
1211 * and we're willing to serve them to others. Else return 0.
1212 */
1213 int
1214 directory_caches_dir_info(or_options_t *options)
1215 {
1216 if (options->BridgeRelay || options->DirPort)
1217 return 1;
1218 if (!server_mode(options) || !advertised_server_mode())
1219 return 0;
1220 /* We need an up-to-date view of network info if we're going to try to
1221 * block exit attempts from unknown relays. */
1222 return ! router_my_exit_policy_is_reject_star() &&
1223 should_refuse_unknown_exits(options);
1224 }
1225
1226 /** Return 1 if we want to allow remote people to ask us directory
1227 * requests via the "begin_dir" interface, which doesn't require
1228 * having any separate port open. */
1229 int
1230 directory_permits_begindir_requests(or_options_t *options)
1231 {
1232 return options->BridgeRelay != 0 || options->DirPort != 0;
1233 }
1234
1235 /** Return 1 if we want to allow controllers to ask us directory
1236 * requests via the controller interface, which doesn't require
1237 * having any separate port open. */
1238 int
1239 directory_permits_controller_requests(or_options_t *options)
1240 {
1241 return options->DirPort != 0;
1242 }
1243
1244 /** Return 1 if we have no need to fetch new descriptors. This generally
1245 * happens when we're not a dir cache and we haven't built any circuits
1246 * lately.
1247 */
1248 int
1249 directory_too_idle_to_fetch_descriptors(or_options_t *options, time_t now)
1250 {
1251 return !directory_caches_dir_info(options) &&
1252 !options->FetchUselessDescriptors &&
1253 rep_hist_circbuilding_dormant(now);
1254 }
1255
1256 /********************************************************************/
1257
1258 /* Used only by non-v1-auth dirservers: The v1 directory and
1259 * runningrouters we'll serve when requested. */
1260
1261 /** The v1 directory we'll serve (as a cache or as an authority) if
1262 * requested. */
1263 static cached_dir_t *cached_directory = NULL;
1264 /** The v1 runningrouters document we'll serve (as a cache or as an authority)
1265 * if requested. */
1266 static cached_dir_t cached_runningrouters;
1267
1268 /** Used for other dirservers' v2 network statuses. Map from hexdigest to
1269 * cached_dir_t. */
1270 static digestmap_t *cached_v2_networkstatus = NULL;
1271
1272 /** Map from flavor name to the v3 consensuses that we're currently serving. */
1273 static strmap_t *cached_consensuses = NULL;
1274
1275 /** Possibly replace the contents of <b>d</b> with the value of
1276 * <b>directory</b> published on <b>when</b>, unless <b>when</b> is older than
1277 * the last value, or too far in the future.
1278 *
1279 * Does not copy <b>directory</b>; frees it if it isn't used.
1280 */
1281 static void
1282 set_cached_dir(cached_dir_t *d, char *directory, time_t when)
1283 {
1284 time_t now = time(NULL);
1285 if (when<=d->published) {
1286 log_info(LD_DIRSERV, "Ignoring old directory; not caching.");
1287 tor_free(directory);
1288 } else if (when>=now+ROUTER_MAX_AGE_TO_PUBLISH) {
1289 log_info(LD_DIRSERV, "Ignoring future directory; not caching.");
1290 tor_free(directory);
1291 } else {
1292 /* if (when>d->published && when<now+ROUTER_MAX_AGE) */
1293 log_debug(LD_DIRSERV, "Caching directory.");
1294 tor_free(d->dir);
1295 d->dir = directory;
1296 d->dir_len = strlen(directory);
1297 tor_free(d->dir_z);
1298 if (tor_gzip_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len,
1299 ZLIB_METHOD)) {
1300 log_warn(LD_BUG,"Error compressing cached directory");
1301 }
1302 d->published = when;
1303 }
1304 }
1305
1306 /** Decrement the reference count on <b>d</b>, and free it if it no longer has
1307 * any references. */
1308 void
1309 cached_dir_decref(cached_dir_t *d)
1310 {
1311 if (!d || --d->refcnt > 0)
1312 return;
1313 clear_cached_dir(d);
1314 tor_free(d);
1315 }
1316
1317 /** Allocate and return a new cached_dir_t containing the string <b>s</b>,
1318 * published at <b>published</b>. */
1319 cached_dir_t *
1320 new_cached_dir(char *s, time_t published)
1321 {
1322 cached_dir_t *d = tor_malloc_zero(sizeof(cached_dir_t));
1323 d->refcnt = 1;
1324 d->dir = s;
1325 d->dir_len = strlen(s);
1326 d->published = published;
1327 if (tor_gzip_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len,
1328 ZLIB_METHOD)) {
1329 log_warn(LD_BUG, "Error compressing directory");
1330 }
1331 return d;
1332 }
1333
1334 /** Remove all storage held in <b>d</b>, but do not free <b>d</b> itself. */
1335 static void
1336 clear_cached_dir(cached_dir_t *d)
1337 {
1338 tor_free(d->dir);
1339 tor_free(d->dir_z);
1340 memset(d, 0, sizeof(cached_dir_t));
1341 }
1342
1343 /** Free all storage held by the cached_dir_t in <b>d</b>. */
1344 static void
1345 _free_cached_dir(void *_d)
1346 {
1347 cached_dir_t *d;
1348 if (!_d)
1349 return;
1350
1351 d = (cached_dir_t *)_d;
1352 cached_dir_decref(d);
1353 }
1354
1355 /** If we have no cached v1 directory, or it is older than <b>published</b>,
1356 * then replace it with <b>directory</b>, published at <b>published</b>.
1357 *
1358 * If <b>published</b> is too old, do nothing.
1359 *
1360 * If <b>is_running_routers</b>, this is really a v1 running_routers
1361 * document rather than a v1 directory.
1362 */
1363 void
1364 dirserv_set_cached_directory(const char *directory, time_t published,
1365 int is_running_routers)
1366 {
1367 time_t now = time(NULL);
1368
1369 if (is_running_routers) {
1370 if (published >= now - MAX_V1_RR_AGE)
1371 set_cached_dir(&cached_runningrouters, tor_strdup(directory), published);
1372 } else {
1373 if (published >= now - MAX_V1_DIRECTORY_AGE) {
1374 cached_dir_decref(cached_directory);
1375 cached_directory = new_cached_dir(tor_strdup(directory), published);
1376 }
1377 }
1378 }
1379
1380 /** If <b>networkstatus</b> is non-NULL, we've just received a v2
1381 * network-status for an authoritative directory with identity digest
1382 * <b>identity</b> published at <b>published</b> -- store it so we can
1383 * serve it to others.
1384 *
1385 * If <b>networkstatus</b> is NULL, remove the entry with the given
1386 * identity fingerprint from the v2 cache.
1387 */
1388 void
1389 dirserv_set_cached_networkstatus_v2(const char *networkstatus,
1390 const char *identity,
1391 time_t published)
1392 {
1393 cached_dir_t *d, *old_d;
1394 smartlist_t *trusted_dirs;
1395 if (!cached_v2_networkstatus)
1396 cached_v2_networkstatus = digestmap_new();
1397
1398 old_d = digestmap_get(cached_v2_networkstatus, identity);
1399 if (!old_d && !networkstatus)
1400 return;
1401
1402 if (networkstatus) {
1403 if (!old_d || published > old_d->published) {
1404 d = new_cached_dir(tor_strdup(networkstatus), published);
1405 digestmap_set(cached_v2_networkstatus, identity, d);
1406 if (old_d)
1407 cached_dir_decref(old_d);
1408 }
1409 } else {
1410 if (old_d) {
1411 digestmap_remove(cached_v2_networkstatus, identity);
1412 cached_dir_decref(old_d);
1413 }
1414 }
1415
1416 /* Now purge old entries. */
1417 trusted_dirs = router_get_trusted_dir_servers();
1418 if (digestmap_size(cached_v2_networkstatus) >
1419 smartlist_len(trusted_dirs) + MAX_UNTRUSTED_NETWORKSTATUSES) {
1420 /* We need to remove the oldest untrusted networkstatus. */
1421 const char *oldest = NULL;
1422 time_t oldest_published = TIME_MAX;
1423 digestmap_iter_t *iter;
1424
1425 for (iter = digestmap_iter_init(cached_v2_networkstatus);
1426 !digestmap_iter_done(iter);
1427 iter = digestmap_iter_next(cached_v2_networkstatus, iter)) {
1428 const char *ident;
1429 void *val;
1430 digestmap_iter_get(iter, &ident, &val);
1431 d = val;
1432 if (d->published < oldest_published &&
1433 !router_digest_is_trusted_dir(ident)) {
1434 oldest = ident;
1435 oldest_published = d->published;
1436 }
1437 }
1438 tor_assert(oldest);
1439 d = digestmap_remove(cached_v2_networkstatus, oldest);
1440 if (d)
1441 cached_dir_decref(d);
1442 }
1443 }
1444
1445 /** Replace the v3 consensus networkstatus of type <b>flavor_name</b> that
1446 * we're serving with <b>networkstatus</b>, published at <b>published</b>. No
1447 * validation is performed. */
1448 void
1449 dirserv_set_cached_consensus_networkstatus(const char *networkstatus,
1450 const char *flavor_name,
1451 const digests_t *digests,
1452 time_t published)
1453 {
1454 cached_dir_t *new_networkstatus;
1455 cached_dir_t *old_networkstatus;
1456 if (!cached_consensuses)
1457 cached_consensuses = strmap_new();
1458
1459 new_networkstatus = new_cached_dir(tor_strdup(networkstatus), published);
1460 memcpy(&new_networkstatus->digests, digests, sizeof(digests_t));
1461 old_networkstatus = strmap_set(cached_consensuses, flavor_name,
1462 new_networkstatus);
1463 if (old_networkstatus)
1464 cached_dir_decref(old_networkstatus);
1465 }
1466
1467 /** Remove any v2 networkstatus from the directory cache that was published
1468 * before <b>cutoff</b>. */
1469 void
1470 dirserv_clear_old_networkstatuses(time_t cutoff)
1471 {
1472 if (!cached_v2_networkstatus)
1473 return;
1474
1475 DIGESTMAP_FOREACH_MODIFY(cached_v2_networkstatus, id, cached_dir_t *, dir) {
1476 if (dir->published < cutoff) {
1477 char *fname;
1478 fname = networkstatus_get_cache_filename(id);
1479 if (file_status(fname) == FN_FILE) {
1480 log_info(LD_DIR, "Removing too-old untrusted networkstatus in %s",
1481 fname);
1482 unlink(fname);
1483 }
1484 tor_free(fname);
1485 cached_dir_decref(dir);
1486 MAP_DEL_CURRENT(id);
1487 }
1488 } DIGESTMAP_FOREACH_END
1489 }
1490
1491 /** Remove any v1 info from the directory cache that was published
1492 * too long ago. */
1493 void
1494 dirserv_clear_old_v1_info(time_t now)
1495 {
1496 if (cached_directory &&
1497 cached_directory->published < (now - MAX_V1_DIRECTORY_AGE)) {
1498 cached_dir_decref(cached_directory);
1499 cached_directory = NULL;
1500 }
1501 if (cached_runningrouters.published < (now - MAX_V1_RR_AGE)) {
1502 clear_cached_dir(&cached_runningrouters);
1503 }
1504 }
1505
1506 /** Helper: If we're an authority for the right directory version (v1 or v2)
1507 * (based on <b>auth_type</b>), try to regenerate
1508 * auth_src as appropriate and return it, falling back to cache_src on
1509 * failure. If we're a cache, simply return cache_src.
1510 */
1511 static cached_dir_t *
1512 dirserv_pick_cached_dir_obj(cached_dir_t *cache_src,
1513 cached_dir_t *auth_src,
1514 time_t dirty, cached_dir_t *(*regenerate)(void),
1515 const char *name,
1516 authority_type_t auth_type)
1517 {
1518 or_options_t *options = get_options();
1519 int authority = (auth_type == V1_AUTHORITY && authdir_mode_v1(options)) ||
1520 (auth_type == V2_AUTHORITY && authdir_mode_v2(options));
1521
1522 if (!authority || authdir_mode_bridge(options)) {
1523 return cache_src;
1524 } else {
1525 /* We're authoritative. */
1526 if (regenerate != NULL) {
1527 if (dirty && dirty + DIR_REGEN_SLACK_TIME < time(NULL)) {
1528 if (!(auth_src = regenerate())) {
1529 log_err(LD_BUG, "Couldn't generate %s?", name);
1530 exit(1);
1531 }
1532 } else {
1533 log_info(LD_DIRSERV, "The %s is still clean; reusing.", name);
1534 }
1535 }
1536 return auth_src ? auth_src : cache_src;
1537 }
1538 }
1539
1540 /** Return the most recently generated encoded signed v1 directory,
1541 * generating a new one as necessary. If not a v1 authoritative directory
1542 * may return NULL if no directory is yet cached. */
1543 cached_dir_t *
1544 dirserv_get_directory(void)
1545 {
1546 return dirserv_pick_cached_dir_obj(cached_directory, the_directory,
1547 the_directory_is_dirty,
1548 dirserv_regenerate_directory,
1549 "v1 server directory", V1_AUTHORITY);
1550 }
1551
1552 /** Only called by v1 auth dirservers.
1553 * Generate a fresh v1 directory; set the_directory and return a pointer
1554 * to the new value.
1555 */
1556 static cached_dir_t *
1557 dirserv_regenerate_directory(void)
1558 {
1559 char *new_directory=NULL;
1560
1561 if (dirserv_dump_directory_to_string(&new_directory,
1562 get_server_identity_key())) {
1563 log_warn(LD_BUG, "Error creating directory.");
1564 tor_free(new_directory);
1565 return NULL;
1566 }
1567 cached_dir_decref(the_directory);
1568 the_directory = new_cached_dir(new_directory, time(NULL));
1569 log_info(LD_DIRSERV,"New directory (size %d) has been built.",
1570 (int)the_directory->dir_len);
1571 log_debug(LD_DIRSERV,"New directory (size %d):\n%s",
1572 (int)the_directory->dir_len, the_directory->dir);
1573
1574 the_directory_is_dirty = 0;
1575
1576 /* Save the directory to disk so we re-load it quickly on startup.
1577 */
1578 dirserv_set_cached_directory(the_directory->dir, time(NULL), 0);
1579
1580 return the_directory;
1581 }
1582
1583 /** Only called by v1 auth dirservers.
1584 * Replace the current running-routers list with a newly generated one. */
1585 static cached_dir_t *
1586 generate_runningrouters(void)
1587 {
1588 char *s=NULL;
1589 char digest[DIGEST_LEN];
1590 char published[ISO_TIME_LEN+1];
1591 size_t len;
1592 crypto_pk_env_t *private_key = get_server_identity_key();
1593 char *identity_pkey; /* Identity key, DER64-encoded. */
1594 size_t identity_pkey_len;
1595
1596 if (crypto_pk_write_public_key_to_string(private_key,&identity_pkey,
1597 &identity_pkey_len)<0) {
1598 log_warn(LD_BUG,"write identity_pkey to string failed!");
1599 goto err;
1600 }
1601 format_iso_time(published, time(NULL));
1602
1603 len = 2048;
1604 s = tor_malloc_zero(len);
1605 tor_snprintf(s, len,
1606 "network-status\n"
1607 "published %s\n"
1608 "router-status %s\n"
1609 "dir-signing-key\n%s"
1610 "directory-signature %s\n",
1611 published, "", identity_pkey,
1612 get_options()->Nickname);
1613 tor_free(identity_pkey);
1614 if (router_get_runningrouters_hash(s,digest)) {
1615 log_warn(LD_BUG,"couldn't compute digest");
1616 goto err;
1617 }
1618 note_crypto_pk_op(SIGN_DIR);
1619 if (router_append_dirobj_signature(s, len, digest, DIGEST_LEN,
1620 private_key)<0)
1621 goto err;
1622
1623 set_cached_dir(&the_runningrouters, s, time(NULL));
1624 runningrouters_is_dirty = 0;
1625
1626 return &the_runningrouters;
1627 err:
1628 tor_free(s);
1629 return NULL;
1630 }
1631
1632 /** Set *<b>rr</b> to the most recently generated encoded signed
1633 * running-routers list, generating a new one as necessary. Return the
1634 * size of the directory on success, and 0 on failure. */
1635 cached_dir_t *
1636 dirserv_get_runningrouters(void)
1637 {
1638 return dirserv_pick_cached_dir_obj(
1639 &cached_runningrouters, &the_runningrouters,
1640 runningrouters_is_dirty,
1641 generate_runningrouters,
1642 "v1 network status list", V1_AUTHORITY);
1643 }
1644
1645 /** Return the latest downloaded consensus networkstatus in encoded, signed,
1646 * optionally compressed format, suitable for sending to clients. */
1647 cached_dir_t *
1648 dirserv_get_consensus(const char *flavor_name)
1649 {
1650 if (!cached_consensuses)
1651 return NULL;
1652 return strmap_get(cached_consensuses, flavor_name);
1653 }
1654
1655 /** For authoritative directories: the current (v2) network status. */
1656 static cached_dir_t *the_v2_networkstatus = NULL;
1657
1658 /** Return true iff our opinion of the routers has been stale for long
1659 * enough that we should generate a new v2 network status doc. */
1660 static int
1661 should_generate_v2_networkstatus(void)
1662 {
1663 return authdir_mode_v2(get_options()) &&
1664 the_v2_networkstatus_is_dirty &&
1665 the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
1666 }
1667
1668 /** If a router's uptime is at least this value, then it is always
1669 * considered stable, regardless of the rest of the network. This
1670 * way we resist attacks where an attacker doubles the size of the
1671 * network using allegedly high-uptime nodes, displacing all the
1672 * current guards. */
1673 #define UPTIME_TO_GUARANTEE_STABLE (3600*24*30)
1674 /** If a router's MTBF is at least this value, then it is always stable.
1675 * See above. (Corresponds to about 7 days for current decay rates.) */
1676 #define MTBF_TO_GUARANTEE_STABLE (60*60*24*5)
1677 /** Similarly, we protect sufficiently fast nodes from being pushed
1678 * out of the set of Fast nodes. */
1679 #define BANDWIDTH_TO_GUARANTEE_FAST ROUTER_REQUIRED_MIN_BANDWIDTH
1680 /** Similarly, every node with sufficient bandwidth can be considered
1681 * for Guard status. */
1682 #define BANDWIDTH_TO_GUARANTEE_GUARD (250*1024)
1683 /** Similarly, every node with at least this much weighted time known can be
1684 * considered familiar enough to be a guard. Corresponds to about 20 days for
1685 * current decay rates.
1686 */
1687 #define TIME_KNOWN_TO_GUARANTEE_FAMILIAR (8*24*60*60)
1688 /** Similarly, every node with sufficient WFU is around enough to be a guard.
1689 */
1690 #define WFU_TO_GUARANTEE_GUARD (0.98)
1691
1692 /* Thresholds for server performance: set by
1693 * dirserv_compute_performance_thresholds, and used by
1694 * generate_v2_networkstatus */
1695
1696 /** Any router with an uptime of at least this value is stable. */
1697 static uint32_t stable_uptime = 0; /* start at a safe value */
1698 /** Any router with an mtbf of at least this value is stable. */
1699 static double stable_mtbf = 0.0;
1700 /** If true, we have measured enough mtbf info to look at stable_mtbf rather
1701 * than stable_uptime. */
1702 static int enough_mtbf_info = 0;
1703 /** Any router with a weighted fractional uptime of at least this much might
1704 * be good as a guard. */
1705 static double guard_wfu = 0.0;
1706 /** Don't call a router a guard unless we've known about it for at least this
1707 * many seconds. */
1708 static long guard_tk = 0;
1709 /** Any router with a bandwidth at least this high is "Fast" */
1710 static uint32_t fast_bandwidth = 0;
1711 /** If exits can be guards, then all guards must have a bandwidth this
1712 * high. */
1713 static uint32_t guard_bandwidth_including_exits = 0;
1714 /** If exits can't be guards, then all guards must have a bandwidth this
1715 * high. */
1716 static uint32_t guard_bandwidth_excluding_exits = 0;
1717 /** Total bandwidth of all the routers we're considering. */
1718 static uint64_t total_bandwidth = 0;
1719 /** Total bandwidth of all the exit routers we're considering. */
1720 static uint64_t total_exit_bandwidth = 0;
1721
1722 /** Helper: estimate the uptime of a router given its stated uptime and the
1723 * amount of time since it last stated its stated uptime. */
1724 static INLINE long
1725 real_uptime(routerinfo_t *router, time_t now)
1726 {
1727 if (now < router->cache_info.published_on)
1728 return router->uptime;
1729 else
1730 return router->uptime + (now - router->cache_info.published_on);
1731 }
1732
1733 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
1734 * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
1735 * If <b>need_capacity</b> is non-zero, we require a minimum advertised
1736 * bandwidth.
1737 */
1738 static int
1739 dirserv_thinks_router_is_unreliable(time_t now,
1740 routerinfo_t *router,
1741 int need_uptime, int need_capacity)
1742 {
1743 if (need_uptime) {
1744 if (!enough_mtbf_info) {
1745 /* XXX022 Once most authorities are on v3, we should change the rule from
1746 * "use uptime if we don't have mtbf data" to "don't advertise Stable on
1747 * v3 if we don't have enough mtbf data." */
1748 long uptime = real_uptime(router, now);
1749 if ((unsigned)uptime < stable_uptime &&
1750 (unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
1751 return 1;
1752 } else {
1753 double mtbf =
1754 rep_hist_get_stability(router->cache_info.identity_digest, now);
1755 if (mtbf < stable_mtbf &&
1756 mtbf < MTBF_TO_GUARANTEE_STABLE)
1757 return 1;
1758 }
1759 }
1760 if (need_capacity) {
1761 uint32_t bw = router_get_advertised_bandwidth(router);
1762 if (bw < fast_bandwidth)
1763 return 1;
1764 }
1765 return 0;
1766 }
1767
1768 /** Return true iff <b>router</b> should be assigned the "HSDir" flag.
1769 * Right now this means it advertises support for it, it has a high
1770 * uptime, it has a DirPort open, and it's currently considered Running.
1771 *
1772 * This function needs to be called after router-\>is_running has
1773 * been set.
1774 */
1775 static int
1776 dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now)
1777 {
1778 long uptime = real_uptime(router, now);
1779
1780 /* XXX We shouldn't need to check dir_port, but we do because of
1781 * bug 1693. In the future, once relays set wants_to_be_hs_dir
1782 * correctly, we can revert to only checking dir_port if router's
1783 * version is too old. */
1784 return (router->wants_to_be_hs_dir && router->dir_port &&
1785 uptime > get_options()->MinUptimeHidServDirectoryV2 &&
1786 router->is_running);
1787 }
1788
1789 /** Look through the routerlist, the Mean Time Between Failure history, and
1790 * the Weighted Fractional Uptime history, and use them to set thresholds for
1791 * the Stable, Fast, and Guard flags. Update the fields stable_uptime,
1792 * stable_mtbf, enough_mtbf_info, guard_wfu, guard_tk, fast_bandwidth,
1793 * guard_bandwidh_including_exits, guard_bandwidth_excluding_exits,
1794 * total_bandwidth, and total_exit_bandwidth.
1795 *
1796 * Also, set the is_exit flag of each router appropriately. */
1797 static void
1798 dirserv_compute_performance_thresholds(routerlist_t *rl)
1799 {
1800 int n_active, n_active_nonexit, n_familiar;
1801 uint32_t *uptimes, *bandwidths, *bandwidths_excluding_exits;
1802 long *tks;
1803 double *mtbfs, *wfus;
1804 time_t now = time(NULL);
1805
1806 /* initialize these all here, in case there are no routers */
1807 stable_uptime = 0;
1808 stable_mtbf = 0;
1809 fast_bandwidth = 0;
1810 guard_bandwidth_including_exits = 0;
1811 guard_bandwidth_excluding_exits = 0;
1812 guard_tk = 0;
1813 guard_wfu = 0;
1814 total_bandwidth = 0;
1815 total_exit_bandwidth = 0;
1816
1817 /* Initialize arrays that will hold values for each router. We'll
1818 * sort them and use that to compute thresholds. */
1819 n_active = n_active_nonexit = 0;
1820 /* Uptime for every active router. */
1821 uptimes = tor_malloc(sizeof(uint32_t)*smartlist_len(rl->routers));
1822 /* Bandwidth for every active router. */
1823 bandwidths = tor_malloc(sizeof(uint32_t)*smartlist_len(rl->routers));
1824 /* Bandwidth for every active non-exit router. */
1825 bandwidths_excluding_exits =
1826 tor_malloc(sizeof(uint32_t)*smartlist_len(rl->routers));
1827 /* Weighted mean time between failure for each active router. */
1828 mtbfs = tor_malloc(sizeof(double)*smartlist_len(rl->routers));
1829 /* Time-known for each active router. */
1830 tks = tor_malloc(sizeof(long)*smartlist_len(rl->routers));
1831 /* Weighted fractional uptime for each active router. */
1832 wfus = tor_malloc(sizeof(double)*smartlist_len(rl->routers));
1833
1834 /* Now, fill in the arrays. */
1835 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
1836 if (router_is_active(ri, now)) {
1837 const char *id = ri->cache_info.identity_digest;
1838 uint32_t bw;
1839 ri->is_exit = (!router_exit_policy_rejects_all(ri) &&
1840 exit_policy_is_general_exit(ri->exit_policy));
1841 uptimes[n_active] = (uint32_t)real_uptime(ri, now);
1842 mtbfs[n_active] = rep_hist_get_stability(id, now);
1843 tks [n_active] = rep_hist_get_weighted_time_known(id, now);
1844 bandwidths[n_active] = bw = router_get_advertised_bandwidth(ri);
1845 total_bandwidth += bw;
1846 if (ri->is_exit && !ri->is_bad_exit) {
1847 total_exit_bandwidth += bw;
1848 } else {
1849 bandwidths_excluding_exits[n_active_nonexit] = bw;
1850 ++n_active_nonexit;
1851 }
1852 ++n_active;
1853 }
1854 });
1855
1856 /* Now, compute thresholds. */
1857 if (n_active) {
1858 /* The median uptime is stable. */
1859 stable_uptime = median_uint32(uptimes, n_active);
1860 /* The median mtbf is stable, if we have enough mtbf info */
1861 stable_mtbf = median_double(mtbfs, n_active);
1862 /* The 12.5th percentile bandwidth is fast. */
1863 fast_bandwidth = find_nth_uint32(bandwidths, n_active, n_active/8);
1864 /* (Now bandwidths is sorted.) */
1865 if (fast_bandwidth < ROUTER_REQUIRED_MIN_BANDWIDTH/2)
1866 fast_bandwidth = bandwidths[n_active/4];
1867 guard_bandwidth_including_exits = bandwidths[(n_active-1)/2];
1868 guard_tk = find_nth_long(tks, n_active, n_active/8);
1869 }
1870
1871 if (guard_tk > TIME_KNOWN_TO_GUARANTEE_FAMILIAR)
1872 guard_tk = TIME_KNOWN_TO_GUARANTEE_FAMILIAR;
1873
1874 if (fast_bandwidth > BANDWIDTH_TO_GUARANTEE_FAST)
1875 fast_bandwidth = BANDWIDTH_TO_GUARANTEE_FAST;
1876
1877 /* Now that we have a time-known that 7/8 routers are known longer than,
1878 * fill wfus with the wfu of every such "familiar" router. */
1879 n_familiar = 0;
1880 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
1881 if (router_is_active(ri, now)) {
1882 const char *id = ri->cache_info.identity_digest;
1883 long tk = rep_hist_get_weighted_time_known(id, now);
1884 if (tk < guard_tk)
1885 continue;
1886 wfus[n_familiar++] = rep_hist_get_weighted_fractional_uptime(id, now);
1887 }
1888 });
1889 if (n_familiar)
1890 guard_wfu = median_double(wfus, n_familiar);
1891 if (guard_wfu > WFU_TO_GUARANTEE_GUARD)
1892 guard_wfu = WFU_TO_GUARANTEE_GUARD;
1893
1894 enough_mtbf_info = rep_hist_have_measured_enough_stability();
1895
1896 if (n_active_nonexit) {
1897 guard_bandwidth_excluding_exits =
1898 median_uint32(bandwidths_excluding_exits, n_active_nonexit);
1899 }
1900
1901 log(LOG_INFO, LD_DIRSERV,
1902 "Cutoffs: For Stable, %lu sec uptime, %lu sec MTBF. "
1903 "For Fast: %lu bytes/sec. "
1904 "For Guard: WFU %.03lf%%, time-known %lu sec, "
1905 "and bandwidth %lu or %lu bytes/sec. We%s have enough stability data.",
1906 (unsigned long)stable_uptime,
1907 (unsigned long)stable_mtbf,
1908 (unsigned long)fast_bandwidth,
1909 guard_wfu*100,
1910 (unsigned long)guard_tk,
1911 (unsigned long)guard_bandwidth_including_exits,
1912 (unsigned long)guard_bandwidth_excluding_exits,
1913 enough_mtbf_info ? "" : " don't ");
1914
1915 tor_free(uptimes);
1916 tor_free(mtbfs);
1917 tor_free(bandwidths);
1918 tor_free(bandwidths_excluding_exits);
1919 tor_free(tks);
1920 tor_free(wfus);
1921 }
1922
1923 /** Given a platform string as in a routerinfo_t (possibly null), return a
1924 * newly allocated version string for a networkstatus document, or NULL if the
1925 * platform doesn't give a Tor version. */
1926 static char *
1927 version_from_platform(const char *platform)
1928 {
1929 if (platform && !strcmpstart(platform, "Tor ")) {
1930 const char *eos = find_whitespace(platform+4);
1931 if (eos && !strcmpstart(eos, " (r")) {
1932 /* XXXX Unify this logic with the other version extraction
1933 * logic in routerparse.c. */
1934 eos = find_whitespace(eos+1);
1935 }
1936 if (eos) {
1937 return tor_strndup(platform, eos-platform);
1938 }
1939 }
1940 return NULL;
1941 }
1942
1943 /** Helper: write the router-status information in <b>rs</b> into <b>buf</b>,
1944 * which has at least <b>buf_len</b> free characters. Do NUL-termination.
1945 * Use the same format as in network-status documents. If <b>version</b> is
1946 * non-NULL, add a "v" line for the platform. Return 0 on success, -1 on
1947 * failure.
1948 *
1949 * The format argument has three possible values:
1950 * NS_V2 - Output an entry suitable for a V2 NS opinion document
1951 * NS_V3_CONSENSUS - Output the first portion of a V3 NS consensus entry
1952 * NS_V3_CONSENSUS_MICRODESC - Output the first portion of a V3 microdesc
1953 * consensus entry.
1954 * NS_V3_VOTE - Output a complete V3 NS vote
1955 * NS_CONTROL_PORT - Output a NS document for the control port
1956 */
1957 int
1958 routerstatus_format_entry(char *buf, size_t buf_len,
1959 routerstatus_t *rs, const char *version,
1960 routerstatus_format_type_t format)
1961 {
1962 int r;
1963 struct in_addr in;
1964 char *cp;
1965 char *summary;
1966
1967 char published[ISO_TIME_LEN+1];
1968 char ipaddr[INET_NTOA_BUF_LEN];
1969 char identity64[BASE64_DIGEST_LEN+1];
1970 char digest64[BASE64_DIGEST_LEN+1];
1971
1972 format_iso_time(published, rs->published_on);
1973 digest_to_base64(identity64, rs->identity_digest);
1974 digest_to_base64(digest64, rs->descriptor_digest);
1975 in.s_addr = htonl(rs->addr);
1976 tor_inet_ntoa(&in, ipaddr, sizeof(ipaddr));
1977
1978 r = tor_snprintf(buf, buf_len,
1979 "r %s %s %s%s%s %s %d %d\n",
1980 rs->nickname,
1981 identity64,
1982 (format==NS_V3_CONSENSUS_MICRODESC)?"":digest64,
1983 (format==NS_V3_CONSENSUS_MICRODESC)?"":" ",
1984 published,
1985 ipaddr,
1986 (int)rs->or_port,
1987 (int)rs->dir_port);
1988 if (r<0) {
1989 log_warn(LD_BUG, "Not enough space in buffer.");
1990 return -1;
1991 }
1992
1993 /* TODO: Maybe we want to pass in what we need to build the rest of
1994 * this here, instead of in the caller. Then we could use the
1995 * networkstatus_type_t values, with an additional control port value
1996 * added -MP */
1997 if (format == NS_V3_CONSENSUS || format == NS_V3_CONSENSUS_MICRODESC)
1998 return 0;
1999
2000 cp = buf + strlen(buf);
2001 /* NOTE: Whenever this list expands, be sure to increase MAX_FLAG_LINE_LEN*/
2002 r = tor_snprintf(cp, buf_len - (cp-buf),
2003 "s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
2004 /* These must stay in alphabetical order. */
2005 rs->is_authority?" Authority":"",
2006 rs->is_bad_directory?" BadDirectory":"",
2007 rs->is_bad_exit?" BadExit":"",
2008 rs->is_exit?" Exit":"",
2009 rs->is_fast?" Fast":"",
2010 rs->is_possible_guard?" Guard":"",
2011 rs->is_hs_dir?" HSDir":"",
2012 rs->is_named?" Named":"",
2013 rs->is_running?" Running":"",
2014 rs->is_stable?" Stable":"",
2015 rs->is_unnamed?" Unnamed":"",
2016 rs->is_v2_dir?" V2Dir":"",
2017 rs->is_valid?" Valid":"");
2018 if (r<0) {
2019 log_warn(LD_BUG, "Not enough space in buffer.");
2020 return -1;
2021 }
2022 cp += strlen(cp);
2023
2024 /* length of "opt v \n" */
2025 #define V_LINE_OVERHEAD 7
2026 if (version && strlen(version) < MAX_V_LINE_LEN - V_LINE_OVERHEAD) {
2027 if (tor_snprintf(cp, buf_len - (cp-buf), "opt v %s\n", version)<0) {
2028 log_warn(LD_BUG, "Unable to print router version.");
2029 return -1;
2030 }
2031 cp += strlen(cp);
2032 }
2033
2034 if (format != NS_V2) {
2035 routerinfo_t* desc = router_get_by_digest(rs->identity_digest);
2036 uint32_t bw;
2037
2038 if (format != NS_CONTROL_PORT) {
2039 /* Blow up more or less nicely if we didn't get anything or not the
2040 * thing we expected.
2041 */
2042 if (!desc) {
2043 char id[HEX_DIGEST_LEN+1];
2044 char dd[HEX_DIGEST_LEN+1];
2045
2046 base16_encode(id, sizeof(id), rs->identity_digest, DIGEST_LEN);
2047 base16_encode(dd, sizeof(dd), rs->descriptor_digest, DIGEST_LEN);
2048 log_warn(LD_BUG, "Cannot get any descriptor for %s "
2049 "(wanted descriptor %s).",
2050 id, dd);
2051 return -1;
2052 };
2053
2054 /* This assert can fire for the control port, because
2055 * it can request NS documents before all descriptors
2056 * have been fetched. */
2057 if (memcmp(desc->cache_info.signed_descriptor_digest,
2058 rs->descriptor_digest,
2059 DIGEST_LEN)) {
2060 char rl_d[HEX_DIGEST_LEN+1];
2061 char rs_d[HEX_DIGEST_LEN+1];
2062 char id[HEX_DIGEST_LEN+1];
2063
2064 base16_encode(rl_d, sizeof(rl_d),
2065 desc->cache_info.signed_descriptor_digest, DIGEST_LEN);
2066 base16_encode(rs_d, sizeof(rs_d), rs->descriptor_digest, DIGEST_LEN);
2067 base16_encode(id, sizeof(id), rs->identity_digest, DIGEST_LEN);
2068 log_err(LD_BUG, "descriptor digest in routerlist does not match "
2069 "the one in routerstatus: %s vs %s "
2070 "(router %s)\n",
2071 rl_d, rs_d, id);
2072
2073 tor_assert(!memcmp(desc->cache_info.signed_descriptor_digest,
2074 rs->descriptor_digest,
2075 DIGEST_LEN));
2076 };
2077 }
2078
2079 if (format == NS_CONTROL_PORT && rs->has_bandwidth) {
2080 bw = rs->bandwidth;
2081 } else {
2082 tor_assert(desc);
2083 bw = router_get_advertised_bandwidth_capped(desc) / 1000;
2084 }
2085 r = tor_snprintf(cp, buf_len - (cp-buf),
2086 "w Bandwidth=%d\n", bw);
2087
2088 if (r<0) {
2089 log_warn(LD_BUG, "Not enough space in buffer.");
2090 return -1;
2091 }
2092 cp += strlen(cp);
2093 if (format == NS_V3_VOTE && rs->has_measured_bw) {
2094 *--cp = '\0'; /* Kill "\n" */
2095 r = tor_snprintf(cp, buf_len - (cp-buf),
2096 " Measured=%d\n", rs->measured_bw);
2097 if (r<0) {
2098 log_warn(LD_BUG, "Not enough space in buffer for weight line.");
2099 return -1;
2100 }
2101 cp += strlen(cp);
2102 }
2103
2104 if (desc) {
2105 summary = policy_summarize(desc->exit_policy);
2106 r = tor_snprintf(cp, buf_len - (cp-buf), "p %s\n", summary);
2107 if (r<0) {
2108 log_warn(LD_BUG, "Not enough space in buffer.");
2109 tor_free(summary);
2110 return -1;
2111 }
2112 cp += strlen(cp);
2113 tor_free(summary);
2114 }
2115 }
2116
2117 return 0;
2118 }
2119
2120 /** Helper for sorting: compares two routerinfos first by address, and then by
2121 * descending order of "usefulness". (An authority is more useful than a
2122 * non-authority; a running router is more useful than a non-running router;
2123 * and a router with more bandwidth is more useful than one with less.)
2124 **/
2125 static int
2126 _compare_routerinfo_by_ip_and_bw(const void **a, const void **b)
2127 {
2128 routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
2129 int first_is_auth, second_is_auth;
2130 uint32_t bw_first, bw_second;
2131
2132 /* we return -1 if first should appear before second... that is,
2133 * if first is a better router. */
2134 if (first->addr < second->addr)
2135 return -1;
2136 else if (first->addr > second->addr)
2137 return 1;
2138
2139 /* Potentially, this next bit could cause k n lg n memcmp calls. But in
2140 * reality, we will almost never get here, since addresses will usually be
2141 * different. */
2142
2143 first_is_auth =
2144 router_digest_is_trusted_dir(first->cache_info.identity_digest);
2145 second_is_auth =
2146 router_digest_is_trusted_dir(second->cache_info.identity_digest);
2147
2148 if (first_is_auth && !second_is_auth)
2149 return -1;
2150 else if (!first_is_auth && second_is_auth)
2151 return 1;
2152
2153 else if (first->is_running && !second->is_running)
2154 return -1;
2155 else if (!first->is_running && second->is_running)
2156 return 1;
2157
2158 bw_first = router_get_advertised_bandwidth(first);
2159 bw_second = router_get_advertised_bandwidth(second);
2160
2161 if (bw_first > bw_second)
2162 return -1;
2163 else if (bw_first < bw_second)
2164 return 1;
2165
2166 /* They're equal! Compare by identity digest, so there's a
2167 * deterministic order and we avoid flapping. */
2168 return memcmp(first->cache_info.identity_digest,
2169 second->cache_info.identity_digest,
2170 DIGEST_LEN);
2171 }
2172
2173 /** Given a list of routerinfo_t in <b>routers</b>, return a new digestmap_t
2174 * whose keys are the identity digests of those routers that we're going to
2175 * exclude for Sybil-like appearance. */
2176 static digestmap_t *
2177 get_possible_sybil_list(const smartlist_t *routers)
2178 {
2179 or_options_t *options = get_options();
2180 digestmap_t *omit_as_sybil;
2181 smartlist_t *routers_by_ip = smartlist_create();
2182 uint32_t last_addr;
2183 int addr_count;
2184 /* Allow at most this number of Tor servers on a single IP address, ... */
2185 int max_with_same_addr = options->AuthDirMaxServersPerAddr;
2186 /* ... unless it's a directory authority, in which case allow more. */
2187 int max_with_same_addr_on_authority = options->AuthDirMaxServersPerAuthAddr;
2188 if (max_with_same_addr <= 0)
2189 max_with_same_addr = INT_MAX;
2190 if (max_with_same_addr_on_authority <= 0)
2191 max_with_same_addr_on_authority = INT_MAX;
2192
2193 smartlist_add_all(routers_by_ip, routers);
2194 smartlist_sort(routers_by_ip, _compare_routerinfo_by_ip_and_bw);
2195 omit_as_sybil = digestmap_new();
2196
2197 last_addr = 0;
2198 addr_count = 0;
2199 SMARTLIST_FOREACH(routers_by_ip, routerinfo_t *, ri,
2200 {
2201 if (last_addr != ri->addr) {
2202 last_addr = ri->addr;
2203 addr_count = 1;
2204 } else if (++addr_count > max_with_same_addr) {
2205 if (!router_addr_is_trusted_dir(ri->addr) ||
2206 addr_count > max_with_same_addr_on_authority)
2207 digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
2208 }
2209 });
2210
2211 smartlist_free(routers_by_ip);
2212 return omit_as_sybil;
2213 }
2214
2215 /** Extract status information from <b>ri</b> and from other authority
2216 * functions and store it in <b>rs</b>>. If <b>naming</b>, consider setting
2217 * the named flag in <b>rs</b>.
2218 *
2219 * We assume that ri-\>is_running has already been set, e.g. by
2220 * dirserv_set_router_is_running(ri, now);
2221 */
2222 void
2223 set_routerstatus_from_routerinfo(routerstatus_t *rs,
2224 routerinfo_t *ri, time_t now,
2225 int naming, int listbadexits,
2226 int listbaddirs)
2227 {
2228 int unstable_version =
2229 !tor_version_as_new_as(ri->platform,"0.1.1.16-rc-cvs");
2230 memset(rs, 0, sizeof(routerstatus_t));
2231
2232 rs->is_authority =
2233 router_digest_is_trusted_dir(ri->cache_info.identity_digest);
2234
2235 /* Already set by compute_performance_thresholds. */
2236 rs->is_exit = ri->is_exit;
2237 rs->is_stable = ri->is_stable =
2238 router_is_active(ri, now) &&
2239 !dirserv_thinks_router_is_unreliable(now, ri, 1, 0) &&
2240 !unstable_version;
2241 rs->is_fast = ri->is_fast =
2242 router_is_active(ri, now) &&
2243 !dirserv_thinks_router_is_unreliable(now, ri, 0, 1);
2244 rs->is_running = ri->is_running; /* computed above */
2245
2246 if (naming) {
2247 uint32_t name_status = dirserv_get_name_status(
2248 ri->cache_info.identity_digest, ri->nickname);
2249 rs->is_named = (naming && (name_status & FP_NAMED)) ? 1 : 0;
2250 rs->is_unnamed = (naming && (name_status & FP_UNNAMED)) ? 1 : 0;
2251 }
2252 rs->is_valid = ri->is_valid;
2253
2254 if (rs->is_fast &&
2255 (router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
2256 router_get_advertised_bandwidth(ri) >=
2257 MIN(guard_bandwidth_including_exits,
2258 guard_bandwidth_excluding_exits))) {
2259 long tk = rep_hist_get_weighted_time_known(
2260 ri->cache_info.identity_digest, now);
2261 double wfu = rep_hist_get_weighted_fractional_uptime(
2262 ri->cache_info.identity_digest, now);
2263 rs->is_possible_guard = (wfu >= guard_wfu && tk >= guard_tk) ? 1 : 0;
2264 } else {
2265 rs->is_possible_guard = 0;
2266 }
2267 rs->is_bad_directory = listbaddirs && ri->is_bad_directory;
2268 rs->is_bad_exit = listbadexits && ri->is_bad_exit;
2269 ri->is_hs_dir = dirserv_thinks_router_is_hs_dir(ri, now);
2270 rs->is_hs_dir = ri->is_hs_dir;
2271 rs->is_v2_dir = ri->dir_port != 0;
2272
2273 if (!strcasecmp(ri->nickname, UNNAMED_ROUTER_NICKNAME))
2274 rs->is_named = rs->is_unnamed = 0;
2275
2276 rs->published_on = ri->cache_info.published_on;
2277 memcpy(rs->identity_digest, ri->cache_info.identity_digest, DIGEST_LEN);
2278 memcpy(rs->descriptor_digest, ri->cache_info.signed_descriptor_digest,
2279 DIGEST_LEN);
2280 rs->addr = ri->addr;
2281 strlcpy(rs->nickname, ri->nickname, sizeof(rs->nickname));
2282 rs->or_port = ri->or_port;
2283 rs->dir_port = ri->dir_port;
2284 }
2285
2286 /** Routerstatus <b>rs</b> is part of a group of routers that are on
2287 * too narrow an IP-space. Clear out its flags: we don't want people
2288 * using it.
2289 */
2290 static void
2291 clear_status_flags_on_sybil(routerstatus_t *rs)
2292 {
2293 rs->is_authority = rs->is_exit = rs->is_stable = rs->is_fast =
2294 rs->is_running = rs->is_named = rs->is_valid = rs->is_v2_dir =
2295 rs->is_hs_dir = rs->is_possible_guard = rs->is_bad_exit =
2296 rs->is_bad_directory = 0;
2297 /* FFFF we might want some mechanism to check later on if we
2298 * missed zeroing any flags: it's easy to add a new flag but
2299 * forget to add it to this clause. */
2300 }
2301
2302 /** Clear all the status flags in routerinfo <b>router</b>. We put this
2303 * function here because it's eerily similar to
2304 * clear_status_flags_on_sybil() above. One day we should merge them. */
2305 void
2306 router_clear_status_flags(routerinfo_t *router)
2307 {
2308 router->is_valid = router->is_running = router->is_hs_dir =
2309 router->is_fast = router->is_stable =
2310 router->is_possible_guard = router->is_exit =
2311 router->is_bad_exit = router->is_bad_directory = 0;
2312 }
2313
2314 /**
2315 * Helper function to parse out a line in the measured bandwidth file
2316 * into a measured_bw_line_t output structure. Returns -1 on failure
2317 * or 0 on success.
2318 */
2319 int
2320 measured_bw_line_parse(measured_bw_line_t *out, const char *orig_line)
2321 {
2322 char *line = tor_strdup(orig_line);
2323 char *cp = line;
2324 int got_bw = 0;
2325 int got_node_id = 0;
2326 char *strtok_state; /* lame sauce d'jour */
2327 cp = tor_strtok_r(cp, " \t", &strtok_state);
2328
2329 if (!cp) {
2330 log_warn(LD_DIRSERV, "Invalid line in bandwidth file: %s",
2331 escaped(orig_line));
2332 tor_free(line);
2333 return -1;
2334 }
2335
2336 if (orig_line[strlen(orig_line)-1] != '\n') {
2337 log_warn(LD_DIRSERV, "Incomplete line in bandwidth file: %s",
2338 escaped(orig_line));
2339 tor_free(line);
2340 return -1;
2341 }
2342
2343 do {
2344 if (strcmpstart(cp, "bw=") == 0) {
2345 int parse_ok = 0;
2346 char *endptr;
2347 if (got_bw) {
2348 log_warn(LD_DIRSERV, "Double bw= in bandwidth file line: %s",
2349 escaped(orig_line));
2350 tor_free(line);
2351 return -1;
2352 }
2353 cp+=strlen("bw=");
2354
2355 out->bw = tor_parse_long(cp, 0, 0, LONG_MAX, &parse_ok, &endptr);
2356 if (!parse_ok || (*endptr && !TOR_ISSPACE(*endptr))) {
2357 log_warn(LD_DIRSERV, "Invalid bandwidth in bandwidth file line: %s",
2358 escaped(orig_line));
2359 tor_free(line);
2360 return -1;
2361 }
2362 got_bw=1;
2363 } else if (strcmpstart(cp, "node_id=$") == 0) {
2364 if (got_node_id) {
2365 log_warn(LD_DIRSERV, "Double node_id= in bandwidth file line: %s",
2366 escaped(orig_line));
2367 tor_free(line);
2368 return -1;
2369 }
2370 cp+=strlen("node_id=$");
2371
2372 if (strlen(cp) != HEX_DIGEST_LEN ||
2373 base16_decode(out->node_id, DIGEST_LEN, cp, HEX_DIGEST_LEN)) {
2374 log_warn(LD_DIRSERV, "Invalid node_id in bandwidth file line: %s",
2375 escaped(orig_line));
2376 tor_free(line);
2377 return -1;
2378 }
2379 strncpy(out->node_hex, cp, sizeof(out->node_hex));
2380 got_node_id=1;
2381 }
2382 } while ((cp = tor_strtok_r(NULL, " \t", &strtok_state)));
2383
2384 if (got_bw && got_node_id) {
2385 tor_free(line);
2386 return 0;
2387 } else {
2388 log_warn(LD_DIRSERV, "Incomplete line in bandwidth file: %s",
2389 escaped(orig_line));
2390 tor_free(line);
2391 return -1;
2392 }
2393 }
2394
2395 /**
2396 * Helper function to apply a parsed measurement line to a list
2397 * of bandwidth statuses. Returns true if a line is found,
2398 * false otherwise.
2399 */
2400 int
2401 measured_bw_line_apply(measured_bw_line_t *parsed_line,
2402 smartlist_t *routerstatuses)
2403 {
2404 routerstatus_t *rs = NULL;
2405 if (!routerstatuses)
2406 return 0;
2407
2408 rs = smartlist_bsearch(routerstatuses, parsed_line->node_id,
2409 compare_digest_to_routerstatus_entry);
2410
2411 if (rs) {
2412 rs->has_measured_bw = 1;
2413 rs->measured_bw = (uint32_t)parsed_line->bw;
2414 } else {
2415 log_info(LD_DIRSERV, "Node ID %s not found in routerstatus list",
2416 parsed_line->node_hex);
2417 }
2418
2419 return rs != NULL;
2420 }
2421
2422 /**
2423 * Read the measured bandwidth file and apply it to the list of
2424 * routerstatuses. Returns -1 on error, 0 otherwise.
2425 */
2426 int
2427 dirserv_read_measured_bandwidths(const char *from_file,
2428 smartlist_t *routerstatuses)
2429 {
2430 char line[256];
2431 FILE *fp = fopen(from_file, "r");
2432 int applied_lines = 0;
2433 time_t file_time;
2434 int ok;
2435 if (fp == NULL) {
2436 log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s",
2437 from_file);
2438 return -1;
2439 }
2440
2441 if (!fgets(line, sizeof(line), fp)
2442 || !strlen(line) || line[strlen(line)-1] != '\n') {
2443 log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s",
2444 escaped(line));
2445 fclose(fp);
2446 return -1;
2447 }
2448
2449 line[strlen(line)-1] = '\0';
2450 file_time = tor_parse_ulong(line, 10, 0, ULONG_MAX, &ok, NULL);
2451 if (!ok) {
2452 log_warn(LD_DIRSERV, "Non-integer time in bandwidth file: %s",
2453 escaped(line));
2454 fclose(fp);
2455 return -1;
2456 }
2457
2458 if ((time(NULL) - file_time) > MAX_MEASUREMENT_AGE) {
2459 log_warn(LD_DIRSERV, "Bandwidth measurement file stale. Age: %u",
2460 (unsigned)(time(NULL) - file_time));
2461 fclose(fp);
2462 return -1;
2463 }
2464
2465 if (routerstatuses)
2466 smartlist_sort(routerstatuses, compare_routerstatus_entries);
2467
2468 while (!feof(fp)) {
2469 measured_bw_line_t parsed_line;
2470 if (fgets(line, sizeof(line), fp) && strlen(line)) {
2471 if (measured_bw_line_parse(&parsed_line, line) != -1) {
2472 if (measured_bw_line_apply(&parsed_line, routerstatuses) > 0)
2473 applied_lines++;
2474 }
2475 }
2476 }
2477
2478 fclose(fp);
2479 log_info(LD_DIRSERV,
2480 "Bandwidth measurement file successfully read. "
2481 "Applied %d measurements.", applied_lines);
2482 return 0;
2483 }
2484
2485 /** Return a new networkstatus_t* containing our current opinion. (For v3
2486 * authorities) */
2487 networkstatus_t *
2488 dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
2489 authority_cert_t *cert)
2490 {
2491 or_options_t *options = get_options();
2492 networkstatus_t *v3_out = NULL;
2493 uint32_t addr;
2494 char *hostname = NULL, *client_versions = NULL, *server_versions = NULL;
2495 const char *contact;
2496 smartlist_t *routers, *routerstatuses;
2497 char identity_digest[DIGEST_LEN];
2498 char signing_key_digest[DIGEST_LEN];
2499 int naming = options->NamingAuthoritativeDir;
2500 int listbadexits = options->AuthDirListBadExits;
2501 int listbaddirs = options->AuthDirListBadDirs;
2502 routerlist_t *rl = router_get_routerlist();
2503 time_t now = time(NULL);
2504 time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
2505 networkstatus_voter_info_t *voter = NULL;
2506 vote_timing_t timing;
2507 digestmap_t *omit_as_sybil = NULL;
2508 const int vote_on_reachability = running_long_enough_to_decide_unreachable();
2509 smartlist_t *microdescriptors = NULL;
2510
2511 tor_assert(private_key);
2512 tor_assert(cert);
2513
2514 if (resolve_my_address(LOG_WARN, options, &addr, &hostname)<0) {
2515 log_warn(LD_NET, "Couldn't resolve my hostname");
2516 return NULL;
2517 }
2518 if (!strchr(hostname, '.')) {
2519 tor_free(hostname);
2520 hostname = tor_dup_ip(addr);
2521 }
2522 if (crypto_pk_get_digest(private_key, signing_key_digest)<0) {
2523 log_err(LD_BUG, "Error computing signing key digest");
2524 return NULL;
2525 }
2526 if (crypto_pk_get_digest(cert->identity_key, identity_digest)<0) {
2527 log_err(LD_BUG, "Error computing identity key digest");
2528 return NULL;
2529 }
2530
2531 if (options->VersioningAuthoritativeDir) {
2532 client_versions = format_versions_list(options->RecommendedClientVersions);
2533 server_versions = format_versions_list(options->RecommendedServerVersions);
2534 }
2535
2536 contact = get_options()->ContactInfo;
2537 if (!contact)
2538 contact = "(none)";
2539
2540 /* precompute this part, since we need it to decide what "stable"
2541 * means. */
2542 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
2543 dirserv_set_router_is_running(ri, now);
2544 });
2545
2546 dirserv_compute_performance_thresholds(rl);
2547
2548 routers = smartlist_create();
2549 smartlist_add_all(routers, rl->routers);
2550 routers_sort_by_identity(routers);
2551 omit_as_sybil = get_possible_sybil_list(routers);
2552
2553 routerstatuses = smartlist_create();
2554 microdescriptors = smartlist_create();
2555
2556 SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
2557 if (ri->cache_info.published_on >= cutoff) {
2558 routerstatus_t *rs;
2559 vote_routerstatus_t *vrs;
2560 microdesc_t *md;
2561
2562 vrs = tor_malloc_zero(sizeof(vote_routerstatus_t));
2563 rs = &vrs->status;
2564 set_routerstatus_from_routerinfo(rs, ri, now,
2565 naming, listbadexits, listbaddirs);
2566
2567 if (digestmap_get(omit_as_sybil, ri->cache_info.identity_digest))
2568 clear_status_flags_on_sybil(rs);
2569
2570 if (!vote_on_reachability)
2571 rs->is_running = 0;
2572
2573 vrs->version = version_from_platform(ri->platform);
2574 md = dirvote_create_microdescriptor(ri);
2575 if (md) {
2576 char buf[128];
2577 vote_microdesc_hash_t *h;
2578 dirvote_format_microdesc_vote_line(buf, sizeof(buf), md);
2579 h = tor_malloc(sizeof(vote_microdesc_hash_t));
2580 h->microdesc_hash_line = tor_strdup(buf);
2581 h->next = NULL;
2582 vrs->microdesc = h;
2583 md->last_listed = now;
2584 smartlist_add(microdescriptors, md);
2585 }
2586
2587 smartlist_add(routerstatuses, vrs);
2588 }
2589 } SMARTLIST_FOREACH_END(ri);
2590
2591 {
2592 smartlist_t *added =
2593 microdescs_add_list_to_cache(get_microdesc_cache(),
2594 microdescriptors, SAVED_NOWHERE, 0);
2595 smartlist_free(added);
2596 smartlist_free(microdescriptors);
2597 }
2598
2599 smartlist_free(routers);
2600 digestmap_free(omit_as_sybil, NULL);
2601
2602 if (options->V3BandwidthsFile) {
2603 dirserv_read_measured_bandwidths(options->V3BandwidthsFile,
2604 routerstatuses);
2605 }
2606
2607 v3_out = tor_malloc_zero(sizeof(networkstatus_t));
2608
2609 v3_out->type = NS_TYPE_VOTE;
2610 dirvote_get_preferred_voting_intervals(&timing);
2611 v3_out->published = now;
2612 {
2613 char tbuf[ISO_TIME_LEN+1];
2614 networkstatus_t *current_consensus =
2615 networkstatus_get_live_consensus(now);
2616 long last_consensus_interval; /* only used to pick a valid_after */
2617 if (current_consensus)
2618 last_consensus_interval = current_consensus->fresh_until -
2619 current_consensus->valid_after;
2620 else
2621 last_consensus_interval = options->TestingV3AuthInitialVotingInterval;
2622 v3_out->valid_after =
2623 dirvote_get_start_of_next_interval(now, (int)last_consensus_interval);
2624 format_iso_time(tbuf, v3_out->valid_after);
2625 log_notice(LD_DIR,"Choosing valid-after time in vote as %s: "
2626 "consensus_set=%d, last_interval=%d",
2627 tbuf, current_consensus?1:0, (int)last_consensus_interval);
2628 }
2629 v3_out->fresh_until = v3_out->valid_after + timing.vote_interval;
2630 v3_out->valid_until = v3_out->valid_after +
2631 (timing.vote_interval * timing.n_intervals_valid);
2632 v3_out->vote_seconds = timing.vote_delay;
2633 v3_out->dist_seconds = timing.dist_delay;
2634 tor_assert(v3_out->vote_seconds > 0);
2635 tor_assert(v3_out->dist_seconds > 0);
2636 tor_assert(timing.n_intervals_valid > 0);
2637
2638 v3_out->client_versions = client_versions;
2639 v3_out->server_versions = server_versions;
2640 v3_out->known_flags = smartlist_create();
2641 smartlist_split_string(v3_out->known_flags,
2642 "Authority Exit Fast Guard HSDir Stable V2Dir Valid",
2643 0, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
2644 if (vote_on_reachability)
2645 smartlist_add(v3_out->known_flags, tor_strdup("Running"));
2646 if (listbaddirs)
2647 smartlist_add(v3_out->known_flags, tor_strdup("BadDirectory"));
2648 if (listbadexits)
2649 smartlist_add(v3_out->known_flags, tor_strdup("BadExit"));
2650 if (naming) {
2651 smartlist_add(v3_out->known_flags, tor_strdup("Named"));
2652 smartlist_add(v3_out->known_flags, tor_strdup("Unnamed"));
2653 }
2654 smartlist_sort_strings(v3_out->known_flags);
2655
2656 if (options->ConsensusParams) {
2657 v3_out->net_params = smartlist_create();
2658 smartlist_split_string(v3_out->net_params,
2659 options->ConsensusParams, NULL, 0, 0);
2660 smartlist_sort_strings(v3_out->net_params);
2661 }
2662
2663 voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
2664 voter->nickname = tor_strdup(options->Nickname);
2665 memcpy(voter->identity_digest, identity_digest, DIGEST_LEN);
2666 voter->sigs = smartlist_create();
2667 voter->address = hostname;
2668 voter->addr = addr;
2669 voter->dir_port = options->DirPort;
2670 voter->or_port = options->ORPort;
2671 voter->contact = tor_strdup(contact);
2672 if (options->V3AuthUseLegacyKey) {
2673 authority_cert_t *c = get_my_v3_legacy_cert();
2674 if (c) {
2675 crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest);
2676 }
2677 }
2678
2679 v3_out->voters = smartlist_create();
2680 smartlist_add(v3_out->voters, voter);
2681 v3_out->cert = authority_cert_dup(cert);
2682 v3_out->routerstatus_list = routerstatuses;
2683 /* Note: networkstatus_digest is unset; it won't get set until we actually
2684 * format the vote. */
2685
2686 return v3_out;
2687 }
2688
2689 /** For v2 authoritative directories only: Replace the contents of
2690 * <b>the_v2_networkstatus</b> with a newly generated network status
2691 * object. */
2692 static cached_dir_t *
2693 generate_v2_networkstatus_opinion(void)
2694 {
2695 cached_dir_t *r = NULL;
2696 size_t len, identity_pkey_len;
2697 char *status = NULL, *client_versions = NULL, *server_versions = NULL,
2698 *identity_pkey = NULL, *hostname = NULL;
2699 char *outp, *endp;
2700 or_options_t *options = get_options();
2701 char fingerprint[FINGERPRINT_LEN+1];
2702 char ipaddr[INET_NTOA_BUF_LEN];
2703 char published[ISO_TIME_LEN+1];
2704 char digest[DIGEST_LEN];
2705 struct in_addr in;
2706 uint32_t addr;
2707 crypto_pk_env_t *private_key;
2708 routerlist_t *rl = router_get_routerlist();
2709 time_t now = time(NULL);
2710 time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
2711 int naming = options->NamingAuthoritativeDir;
2712 int versioning = options->VersioningAuthoritativeDir;
2713 int listbaddirs = options->AuthDirListBadDirs;
2714 int listbadexits = options->AuthDirListBadExits;
2715 const char *contact;
2716 char *version_lines = NULL;
2717 smartlist_t *routers = NULL;
2718 digestmap_t *omit_as_sybil = NULL;
2719
2720 private_key = get_server_identity_key();
2721
2722 if (resolve_my_address(LOG_WARN, options, &addr, &hostname)<0) {
2723 log_warn(LD_NET, "Couldn't resolve my hostname");
2724 goto done;
2725 }
2726 in.s_addr = htonl(addr);
2727 tor_inet_ntoa(&in, ipaddr, sizeof(ipaddr));
2728
2729 format_iso_time(published, now);
2730
2731 client_versions = format_versions_list(options->RecommendedClientVersions);
2732 server_versions = format_versions_list(options->RecommendedServerVersions);
2733
2734 if (crypto_pk_write_public_key_to_string(private_key, &identity_pkey,
2735 &identity_pkey_len)<0) {
2736 log_warn(LD_BUG,"Writing public key to string failed.");
2737 goto done;
2738 }
2739
2740 if (crypto_pk_get_fingerprint(private_key, fingerprint, 0)<0) {
2741 log_err(LD_BUG, "Error computing fingerprint");
2742 goto done;
2743 }
2744
2745 contact = get_options()->ContactInfo;
2746 if (!contact)
2747 contact = "(none)";
2748
2749 if (versioning) {
2750 size_t v_len = 64+strlen(client_versions)+strlen(server_versions);
2751 version_lines = tor_malloc(v_len);
2752 tor_snprintf(version_lines, v_len,
2753 "client-versions %s\nserver-versions %s\n",
2754 client_versions, server_versions);
2755 } else {
2756 version_lines = tor_strdup("");
2757 }
2758
2759 len = 4096+strlen(client_versions)+strlen(server_versions);
2760 len += identity_pkey_len*2;
2761 len += (RS_ENTRY_LEN)*smartlist_len(rl->routers);
2762
2763 status = tor_malloc(len);
2764 tor_snprintf(status, len,
2765 "network-status-version 2\n"
2766 "dir-source %s %s %d\n"
2767 "fingerprint %s\n"
2768 "contact %s\n"
2769 "published %s\n"
2770 "dir-options%s%s%s%s\n"
2771 "%s" /* client version line, server version line. */
2772 "dir-signing-key\n%s",
2773 hostname, ipaddr, (int)options->DirPort,
2774 fingerprint,
2775 contact,
2776 published,
2777 naming ? " Names" : "",
2778 listbaddirs ? " BadDirectories" : "",
2779 listbadexits ? " BadExits" : "",
2780 versioning ? " Versions" : "",
2781 version_lines,
2782 identity_pkey);
2783 outp = status + strlen(status);
2784 endp = status + len;
2785
2786 /* precompute this part, since we need it to decide what "stable"
2787 * means. */
2788 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
2789 dirserv_set_router_is_running(ri, now);
2790 });
2791
2792 dirserv_compute_performance_thresholds(rl);
2793
2794 routers = smartlist_create();
2795 smartlist_add_all(routers, rl->routers);
2796 routers_sort_by_identity(routers);
2797
2798 omit_as_sybil = get_possible_sybil_list(routers);
2799
2800 SMARTLIST_FOREACH(routers, routerinfo_t *, ri, {
2801 if (ri->cache_info.published_on >= cutoff) {
2802 routerstatus_t rs;
2803 char *version = version_from_platform(ri->platform);
2804
2805 set_routerstatus_from_routerinfo(&rs, ri, now,
2806 naming, listbadexits, listbaddirs);
2807
2808 if (digestmap_get(omit_as_sybil, ri->cache_info.identity_digest))
2809 clear_status_flags_on_sybil(&rs);
2810
2811 if (routerstatus_format_entry(outp, endp-outp, &rs, version, NS_V2)) {
2812 log_warn(LD_BUG, "Unable to print router status.");
2813 tor_free(version);
2814 goto done;
2815 }
2816 tor_free(version);
2817 outp += strlen(outp);
2818 }
2819 });
2820
2821 if (tor_snprintf(outp, endp-outp, "directory-signature %s\n",
2822 get_options()->Nickname)<0) {
2823 log_warn(LD_BUG, "Unable to write signature line.");
2824 goto done;
2825 }
2826 if (router_get_networkstatus_v2_hash(status, digest)<0) {
2827 log_warn(LD_BUG, "Unable to hash network status");
2828 goto done;
2829 }
2830 outp += strlen(outp);
2831
2832 note_crypto_pk_op(SIGN_DIR);
2833 if (router_append_dirobj_signature(outp,endp-outp,digest,DIGEST_LEN,
2834 private_key)<0) {
2835 log_warn(LD_BUG, "Unable to sign router status.");
2836 goto done;
2837 }
2838
2839 {
2840 networkstatus_v2_t *ns;
2841 if (!(ns = networkstatus_v2_parse_from_string(status))) {
2842 log_err(LD_BUG,"Generated a networkstatus we couldn't parse.");
2843 goto done;
2844 }
2845 networkstatus_v2_free(ns);
2846 }
2847
2848 {
2849 cached_dir_t **ns_ptr = &the_v2_networkstatus;
2850 if (*ns_ptr)
2851 cached_dir_decref(*ns_ptr);
2852 *ns_ptr = new_cached_dir(status, now);
2853 status = NULL; /* So it doesn't get double-freed. */
2854 the_v2_networkstatus_is_dirty = 0;
2855 router_set_networkstatus_v2((*ns_ptr)->dir, now, NS_GENERATED, NULL);
2856 r = *ns_ptr;
2857 }
2858
2859 done:
2860 tor_free(client_versions);
2861 tor_free(server_versions);
2862 tor_free(version_lines);
2863 tor_free(status);
2864 tor_free(hostname);
2865 tor_free(identity_pkey);
2866 smartlist_free(routers);
2867 digestmap_free(omit_as_sybil, NULL);
2868 return r;
2869 }
2870
2871 /** Given the portion of a networkstatus request URL after "tor/status/" in
2872 * <b>key</b>, append to <b>result</b> the digests of the identity keys of the
2873 * networkstatus objects that the client has requested. */
2874 void
2875 dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
2876 const char *key)
2877 {
2878 tor_assert(result);
2879
2880 if (!cached_v2_networkstatus)
2881 cached_v2_networkstatus = digestmap_new();
2882
2883 if (should_generate_v2_networkstatus())
2884 generate_v2_networkstatus_opinion();
2885
2886 if (!strcmp(key,"authority")) {
2887 if (authdir_mode_v2(get_options())) {
2888 routerinfo_t *me = router_get_my_routerinfo();
2889 if (me)
2890 smartlist_add(result,
2891 tor_memdup(me->cache_info.identity_digest, DIGEST_LEN));
2892 }
2893 } else if (!strcmp(key, "all")) {
2894 if (digestmap_size(cached_v2_networkstatus)) {
2895 digestmap_iter_t *iter;
2896 iter = digestmap_iter_init(cached_v2_networkstatus);
2897 while (!digestmap_iter_done(iter)) {
2898 const char *ident;
2899 void *val;
2900 digestmap_iter_get(iter, &ident, &val);
2901 smartlist_add(result, tor_memdup(ident, DIGEST_LEN));
2902 iter = digestmap_iter_next(cached_v2_networkstatus, iter);
2903 }
2904 } else {
2905 SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2906 trusted_dir_server_t *, ds,
2907 if (ds->type & V2_AUTHORITY)
2908 smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
2909 }
2910 smartlist_sort_digests(result);
2911 if (smartlist_len(result) == 0)
2912 log_info(LD_DIRSERV,
2913 "Client requested 'all' network status objects; we have none.");
2914 } else if (!strcmpstart(key, "fp/")) {
2915 dir_split_resource_into_fingerprints(key+3, result, NULL,
2916 DSR_HEX|DSR_SORT_UNIQ);
2917 }
2918 }
2919
2920 /** Look for a network status object as specified by <b>key</b>, which should
2921 * be either "authority" (to find a network status generated by us), a hex
2922 * identity digest (to find a network status generated by given directory), or
2923 * "all" (to return all the v2 network status objects we have).
2924 */
2925 void
2926 dirserv_get_networkstatus_v2(smartlist_t *result,
2927 const char *key)
2928 {
2929 cached_dir_t *cached;
2930 smartlist_t *fingerprints = smartlist_create();
2931 tor_assert(result);
2932
2933 if (!cached_v2_networkstatus)
2934 cached_v2_networkstatus = digestmap_new();
2935
2936 dirserv_get_networkstatus_v2_fingerprints(fingerprints, key);
2937 SMARTLIST_FOREACH(fingerprints, const char *, fp,
2938 {
2939 if (router_digest_is_me(fp) && should_generate_v2_networkstatus())
2940 generate_v2_networkstatus_opinion();
2941 cached = digestmap_get(cached_v2_networkstatus, fp);
2942 if (cached) {
2943 smartlist_add(result, cached);
2944 } else {
2945 char hexbuf[HEX_DIGEST_LEN+1];
2946 base16_encode(hexbuf, sizeof(hexbuf), fp, DIGEST_LEN);
2947 log_info(LD_DIRSERV, "Don't know about any network status with "
2948 "fingerprint '%s'", hexbuf);
2949 }
2950 });
2951 SMARTLIST_FOREACH(fingerprints, char *, cp, tor_free(cp));
2952 smartlist_free(fingerprints);
2953 }
2954
2955 /** As dirserv_get_routerdescs(), but instead of getting signed_descriptor_t
2956 * pointers, adds copies of digests to fps_out, and doesn't use the
2957 * /tor/server/ prefix. For a /d/ request, adds descriptor digests; for other
2958 * requests, adds identity digests.
2959 */
2960 int
2961 dirserv_get_routerdesc_fingerprints(smartlist_t *fps_out, const char *key,
2962 const char **msg, int for_unencrypted_conn,
2963 int is_extrainfo)
2964 {
2965 int by_id = 1;
2966 *msg = NULL;
2967
2968 if (!strcmp(key, "all")) {
2969 routerlist_t *rl = router_get_routerlist();
2970 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
2971 smartlist_add(fps_out,
2972 tor_memdup(r->cache_info.identity_digest, DIGEST_LEN)));
2973 } else if (!strcmp(key, "authority")) {
2974 routerinfo_t *ri = router_get_my_routerinfo();
2975 if (ri)
2976 smartlist_add(fps_out,
2977 tor_memdup(ri->cache_info.identity_digest, DIGEST_LEN));
2978 } else if (!strcmpstart(key, "d/")) {
2979 by_id = 0;
2980 key += strlen("d/");
2981 dir_split_resource_into_fingerprints(key, fps_out, NULL,
2982 DSR_HEX|DSR_SORT_UNIQ);
2983 } else if (!strcmpstart(key, "fp/")) {
2984 key += strlen("fp/");
2985 dir_split_resource_into_fingerprints(key, fps_out, NULL,
2986 DSR_HEX|DSR_SORT_UNIQ);
2987 } else {
2988 *msg = "Key not recognized";
2989 return -1;
2990 }
2991
2992 if (for_unencrypted_conn) {
2993 /* Remove anything that insists it not be sent unencrypted. */
2994 SMARTLIST_FOREACH(fps_out, char *, cp, {
2995 signed_descriptor_t *sd;
2996 if (by_id)
2997 sd = get_signed_descriptor_by_fp(cp,is_extrainfo,0);
2998 else if (is_extrainfo)
2999 sd = extrainfo_get_by_descriptor_digest(cp);
3000 else
3001 sd = router_get_by_descriptor_digest(cp);
3002 if (sd && !sd->send_unencrypted) {
3003 tor_free(cp);
3004 SMARTLIST_DEL_CURRENT(fps_out, cp);
3005 }
3006 });
3007 }
3008
3009 if (!smartlist_len(fps_out)) {
3010 *msg = "Servers unavailable";
3011 return -1;
3012 }
3013 return 0;
3014 }
3015
3016 /** Add a signed_descriptor_t to <b>descs_out</b> for each router matching
3017 * <b>key</b>. The key should be either
3018 * - "/tor/server/authority" for our own routerinfo;
3019 * - "/tor/server/all" for all the routerinfos we have, concatenated;
3020 * - "/tor/server/fp/FP" where FP is a plus-separated sequence of
3021 * hex identity digests; or
3022 * - "/tor/server/d/D" where D is a plus-separated sequence
3023 * of server descriptor digests, in hex.
3024 *
3025 * Return 0 if we found some matching descriptors, or -1 if we do not
3026 * have any descriptors, no matching descriptors, or if we did not
3027 * recognize the key (URL).
3028 * If -1 is returned *<b>msg</b> will be set to an appropriate error
3029 * message.
3030 *
3031 * XXXX rename this function. It's only called from the controller.
3032 * XXXX in fact, refactor this function, merging as much as possible.
3033 */
3034 int
3035 dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
3036 const char **msg)
3037 {
3038 *msg = NULL;
3039
3040 if (!strcmp(key, "/tor/server/all")) {
3041 routerlist_t *rl = router_get_routerlist();
3042 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
3043 smartlist_add(descs_out, &(r->cache_info)));
3044 } else if (!strcmp(key, "/tor/server/authority")) {
3045 routerinfo_t *ri = router_get_my_routerinfo();
3046 if (ri)
3047 smartlist_add(descs_out, &(ri->cache_info));
3048 } else if (!strcmpstart(key, "/tor/server/d/")) {
3049 smartlist_t *digests = smartlist_create();
3050 key += strlen("/tor/server/d/");
3051 dir_split_resource_into_fingerprints(key, digests, NULL,
3052 DSR_HEX|DSR_SORT_UNIQ);
3053 SMARTLIST_FOREACH(digests, const char *, d,
3054 {
3055 signed_descriptor_t *sd = router_get_by_descriptor_digest(d);
3056 if (sd)
3057 smartlist_add(descs_out,sd);
3058 });
3059 SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
3060 smartlist_free(digests);
3061 } else if (!strcmpstart(key, "/tor/server/fp/")) {
3062 smartlist_t *digests = smartlist_create();
3063 time_t cutoff = time(NULL) - ROUTER_MAX_AGE_TO_PUBLISH;
3064 key += strlen("/tor/server/fp/");
3065 dir_split_resource_into_fingerprints(key, digests, NULL,
3066 DSR_HEX|DSR_SORT_UNIQ);
3067 SMARTLIST_FOREACH(digests, const char *, d,
3068 {
3069 if (router_digest_is_me(d)) {
3070 /* make sure desc_routerinfo exists */
3071 routerinfo_t *ri = router_get_my_routerinfo();
3072 if (ri)
3073 smartlist_add(descs_out, &(ri->cache_info));
3074 } else {
3075 routerinfo_t *ri = router_get_by_digest(d);
3076 /* Don't actually serve a descriptor that everyone will think is
3077 * expired. This is an (ugly) workaround to keep buggy 0.1.1.10
3078 * Tors from downloading descriptors that they will throw away.
3079 */
3080 if (ri && ri->cache_info.published_on > cutoff)
3081 smartlist_add(descs_out, &(ri->cache_info));
3082 }
3083 });
3084 SMARTLIST_FOREACH(digests, char *, d, tor_free(d));
3085 smartlist_free(digests);
3086 } else {
3087 *msg = "Key not recognized";
3088 return -1;
3089 }
3090
3091 if (!smartlist_len(descs_out)) {
3092 *msg = "Servers unavailable";
3093 return -1;
3094 }
3095 return 0;
3096 }
3097
3098 /** Called when a TLS handshake has completed successfully with a
3099 * router listening at <b>address</b>:<b>or_port</b>, and has yielded
3100 * a certificate with digest <b>digest_rcvd</b>.
3101 *
3102 * Also, if as_advertised is 1, then inform the reachability checker
3103 * that we could get to this guy.
3104 */
3105 void
3106 dirserv_orconn_tls_done(const char *address,
3107 uint16_t or_port,
3108 const char *digest_rcvd,
3109 int as_advertised)
3110 {
3111 routerlist_t *rl = router_get_routerlist();
3112 time_t now = time(NULL);
3113 int bridge_auth = authdir_mode_bridge(get_options());
3114 tor_assert(address);
3115 tor_assert(digest_rcvd);
3116
3117 SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
3118 if (!strcasecmp(address, ri->address) && or_port == ri->or_port &&
3119 as_advertised &&
3120 !memcmp(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN)) {
3121 /* correct digest. mark this router reachable! */
3122 if (!bridge_auth || ri->purpose == ROUTER_PURPOSE_BRIDGE) {
3123 log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
3124 ri->nickname);
3125 rep_hist_note_router_reachable(digest_rcvd, now);
3126 ri->last_reachable = now;
3127 }
3128 }
3129 });
3130 /* FFFF Maybe we should reinstate the code that dumps routers with the same
3131 * addr/port but with nonmatching keys, but instead of dumping, we should
3132 * skip testing. */
3133 }
3134
3135 /** Called when we, as an authority, receive a new router descriptor either as
3136 * an upload or a download. Used to decide whether to relaunch reachability
3137 * testing for the server. */
3138 int
3139 dirserv_should_launch_reachability_test(routerinfo_t *ri, routerinfo_t *ri_old)
3140 {
3141 if (!authdir_mode_handles_descs(get_options(), ri->purpose))
3142 return 0;
3143 if (!ri_old) {
3144 /* New router: Launch an immediate reachability test, so we will have an
3145 * opinion soon in case we're generating a consensus soon */
3146 return 1;
3147 }
3148 if (ri_old->is_hibernating && !ri->is_hibernating) {
3149 /* It just came out of hibernation; launch a reachability test */
3150 return 1;
3151 }
3152 if (! routers_have_same_or_addr(ri, ri_old)) {
3153 /* Address or port changed; launch a reachability test */
3154 return 1;
3155 }
3156 return 0;
3157 }
3158
3159 /** Helper function for dirserv_test_reachability(). Start a TLS
3160 * connection to <b>router</b>, and annotate it with when we started
3161 * the test. */
3162 void
3163 dirserv_single_reachability_test(time_t now, routerinfo_t *router)
3164 {
3165 tor_addr_t router_addr;
3166 log_debug(LD_OR,"Testing reachability of %s at %s:%u.",
3167 router->nickname, router->address, router->or_port);
3168 /* Remember when we started trying to determine reachability */
3169 if (!router->testing_since)
3170 router->testing_since = now;
3171 tor_addr_from_ipv4h(&router_addr, router->addr);
3172 connection_or_connect(&router_addr, router->or_port,
3173 router->cache_info.identity_digest);
3174 }
3175
3176 /** Auth dir server only: load balance such that we only
3177 * try a few connections per call.
3178 *
3179 * The load balancing is such that if we get called once every ten
3180 * seconds, we will cycle through all the tests in 1280 seconds (a
3181 * bit over 20 minutes).
3182 */
3183 void
3184 dirserv_test_reachability(time_t now)
3185 {
3186 /* XXX decide what to do here; see or-talk thread "purging old router
3187 * information, revocation." -NM
3188 * We can't afford to mess with this in 0.1.2.x. The reason is that
3189 * if we stop doing reachability tests on some of routerlist, then
3190 * we'll for-sure think they're down, which may have unexpected
3191 * effects in other parts of the code. It doesn't hurt much to do
3192 * the testing, and directory authorities are easy to upgrade. Let's
3193 * wait til 0.2.0. -RD */
3194 // time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
3195 routerlist_t *rl = router_get_routerlist();
3196 static char ctr = 0;
3197 int bridge_auth = authdir_mode_bridge(get_options());
3198
3199 SMARTLIST_FOREACH_BEGIN(rl->routers, routerinfo_t *, router) {
3200 const char *id_digest = router->cache_info.identity_digest;
3201 if (router_is_me(router))
3202 continue;
3203 if (bridge_auth && router->purpose != ROUTER_PURPOSE_BRIDGE)
3204 continue; /* bridge authorities only test reachability on bridges */
3205 // if (router->cache_info.published_on > cutoff)
3206 // continue;
3207 if ((((uint8_t)id_digest[0]) % 128) == ctr) {
3208 dirserv_single_reachability_test(now, router);
3209 }
3210 } SMARTLIST_FOREACH_END(router);
3211 ctr = (ctr + 1) % 128; /* increment ctr */
3212 }
3213
3214 /** Given a fingerprint <b>fp</b> which is either set if we're looking for a
3215 * v2 status, or zeroes if we're looking for a v3 status, or a NUL-padded
3216 * flavor name if we want a flavored v3 status, return a pointer to the
3217 * appropriate cached dir object, or NULL if there isn't one available. */
3218 static cached_dir_t *
3219 lookup_cached_dir_by_fp(const char *fp)
3220 {
3221 cached_dir_t *d = NULL;
3222 if (tor_digest_is_zero(fp) && cached_consensuses)
3223 d = strmap_get(cached_consensuses, "ns");
3224 else if (memchr(fp, '\0', DIGEST_LEN) && cached_consensuses &&
3225 (d = strmap_get(cached_consensuses, fp))) {
3226 /* this here interface is a nasty hack XXXX022 */;
3227 } else if (router_digest_is_me(fp) && the_v2_networkstatus)
3228 d = the_v2_networkstatus;
3229 else if (cached_v2_networkstatus)
3230 d = digestmap_get(cached_v2_networkstatus, fp);
3231 return d;
3232 }
3233
3234 /** Remove from <b>fps</b> every networkstatus key where both
3235 * a) we have a networkstatus document and
3236 * b) it is not newer than <b>cutoff</b>.
3237 *
3238 * Return 1 if any items were present at all; else return 0.
3239 */
3240 int
3241 dirserv_remove_old_statuses(smartlist_t *fps, time_t cutoff)
3242 {
3243 int found_any = 0;
3244 SMARTLIST_FOREACH(fps, char *, digest,
3245 {
3246 cached_dir_t *d = lookup_cached_dir_by_fp(digest);
3247 if (!d)
3248 continue;
3249 found_any = 1;
3250 if (d->published <= cutoff) {
3251 tor_free(digest);
3252 SMARTLIST_DEL_CURRENT(fps, digest);
3253 }
3254 });
3255
3256 return found_any;
3257 }
3258
3259 /** Return the cache-info for identity fingerprint <b>fp</b>, or
3260 * its extra-info document if <b>extrainfo</b> is true. Return
3261 * NULL if not found or if the descriptor is older than
3262 * <b>publish_cutoff</b>. */
3263 static signed_descriptor_t *
3264 get_signed_descriptor_by_fp(const char *fp, int extrainfo,
3265 time_t publish_cutoff)
3266 {
3267 if (router_digest_is_me(fp)) {
3268 if (extrainfo)
3269 return &(router_get_my_extrainfo()->cache_info);
3270 else
3271 return &(router_get_my_routerinfo()->cache_info);
3272 } else {
3273 routerinfo_t *ri = router_get_by_digest(fp);
3274 if (ri &&
3275 ri->cache_info.published_on > publish_cutoff) {
3276 if (extrainfo)
3277 return extrainfo_get_by_descriptor_digest(
3278 ri->cache_info.extra_info_digest);
3279 else
3280 return &ri->cache_info;
3281 }
3282 }
3283 return NULL;
3284 }
3285
3286 /** Return true iff we have any of the documents (extrainfo or routerdesc)
3287 * specified by the fingerprints in <b>fps</b> and <b>spool_src</b>. Used to
3288 * decide whether to send a 404. */
3289 int
3290 dirserv_have_any_serverdesc(smartlist_t *fps, int spool_src)
3291 {
3292 time_t publish_cutoff = time(NULL)-ROUTER_MAX_AGE_TO_PUBLISH;
3293 SMARTLIST_FOREACH(fps, const char *, fp, {
3294 switch (spool_src)
3295 {
3296 case DIR_SPOOL_EXTRA_BY_DIGEST:
3297 if (extrainfo_get_by_descriptor_digest(fp)) return 1;
3298 break;
3299 case DIR_SPOOL_SERVER_BY_DIGEST:
3300 if (router_get_by_descriptor_digest(fp)) return 1;
3301 break;
3302 case DIR_SPOOL_EXTRA_BY_FP:
3303 case DIR_SPOOL_SERVER_BY_FP:
3304 if (get_signed_descriptor_by_fp(fp,
3305 spool_src == DIR_SPOOL_EXTRA_BY_FP, publish_cutoff))
3306 return 1;
3307 break;
3308 }
3309 });
3310 return 0;
3311 }
3312
3313 /** Return true iff any of the 256-bit elements in <b>fps</b> is the digest of
3314 * a microdescriptor we have. */
3315 int
3316 dirserv_have_any_microdesc(const smartlist_t *fps)
3317 {
3318 microdesc_cache_t *cache = get_microdesc_cache();
3319 SMARTLIST_FOREACH(fps, const char *, fp,
3320 if (microdesc_cache_lookup_by_digest256(cache, fp))
3321 return 1);
3322 return 0;
3323 }
3324
3325 /** Return an approximate estimate of the number of bytes that will
3326 * be needed to transmit the server descriptors (if is_serverdescs --
3327 * they can be either d/ or fp/ queries) or networkstatus objects (if
3328 * !is_serverdescs) listed in <b>fps</b>. If <b>compressed</b> is set,
3329 * we guess how large the data will be after compression.
3330 *
3331 * The return value is an estimate; it might be larger or smaller.
3332 **/
3333 size_t
3334 dirserv_estimate_data_size(smartlist_t *fps, int is_serverdescs,
3335 int compressed)
3336 {
3337 size_t result;
3338 tor_assert(fps);
3339 if (is_serverdescs) {
3340 int n = smartlist_len(fps);
3341 routerinfo_t *me = router_get_my_routerinfo();
3342 result = (me?me->cache_info.signed_descriptor_len:2048) * n;
3343 if (compressed)
3344 result /= 2; /* observed compressibility is between 35 and 55%. */
3345 } else {
3346 result = 0;
3347 SMARTLIST_FOREACH(fps, const char *, digest, {
3348 cached_dir_t *dir = lookup_cached_dir_by_fp(digest);
3349 if (dir)
3350 result += compressed ? dir->dir_z_len : dir->dir_len;
3351 });
3352 }
3353 return result;
3354 }
3355
3356 /** Given a list of microdescriptor hashes, guess how many bytes will be
3357 * needed to transmit them, and return the guess. */
3358 size_t
3359 dirserv_estimate_microdesc_size(const smartlist_t *fps, int compressed)
3360 {
3361 size_t result = smartlist_len(fps) * microdesc_average_size(NULL);
3362 if (compressed)
3363 result /= 2;
3364 return result;
3365 }
3366
3367 /** When we're spooling data onto our outbuf, add more whenever we dip
3368 * below this threshold. */
3369 #define DIRSERV_BUFFER_MIN 16384
3370
3371 /** Spooling helper: called when we have no more data to spool to <b>conn</b>.
3372 * Flushes any remaining data to be (un)compressed, and changes the spool
3373 * source to NONE. Returns 0 on success, negative on failure. */
3374 static int
3375 connection_dirserv_finish_spooling(dir_connection_t *conn)
3376 {
3377 if (conn->zlib_state) {
3378 connection_write_to_buf_zlib("", 0, conn, 1);
3379 tor_zlib_free(conn->zlib_state);
3380 conn->zlib_state = NULL;
3381 }
3382 conn->dir_spool_src = DIR_SPOOL_NONE;
3383 return 0;
3384 }
3385
3386 /** Spooling helper: called when we're sending a bunch of server descriptors,
3387 * and the outbuf has become too empty. Pulls some entries from
3388 * fingerprint_stack, and writes the corresponding servers onto outbuf. If we
3389 * run out of entries, flushes the zlib state and sets the spool source to
3390 * NONE. Returns 0 on success, negative on failure.
3391 */
3392 static int
3393 connection_dirserv_add_servers_to_outbuf(dir_connection_t *conn)
3394 {
3395 #ifdef TRACK_SERVED_TIME
3396 time_t now = time(NULL);
3397 #endif
3398 int by_fp = (conn->dir_spool_src == DIR_SPOOL_SERVER_BY_FP ||
3399 conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_FP);
3400 int extra = (conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_FP ||
3401 conn->dir_spool_src == DIR_SPOOL_EXTRA_BY_DIGEST);
3402 time_t publish_cutoff = time(NULL)-ROUTER_MAX_AGE_TO_PUBLISH;
3403
3404 while (smartlist_len(conn->fingerprint_stack) &&
3405 buf_datalen(conn->_base.outbuf) < DIRSERV_BUFFER_MIN) {
3406 const char *body;
3407 char *fp = smartlist_pop_last(conn->fingerprint_stack);
3408 signed_descriptor_t *sd = NULL;
3409 if (by_fp) {
3410 sd = get_signed_descriptor_by_fp(fp, extra, publish_cutoff);
3411 } else {
3412 sd = extra ? extrainfo_get_by_descriptor_digest(fp)
3413 : router_get_by_descriptor_digest(fp);
3414 }
3415 tor_free(fp);
3416 if (!sd)
3417 continue;
3418 if (!connection_dir_is_encrypted(conn) && !sd->send_unencrypted) {
3419 /* we did this check once before (so we could have an accurate size
3420 * estimate and maybe send a 404 if somebody asked for only bridges on a
3421 * connection), but we need to do it again in case a previously
3422 * unknown bridge descriptor has shown up between then and now. */
3423 continue;
3424 }
3425 #ifdef TRACK_SERVED_TIME
3426 sd->last_served_at = now;
3427 #endif
3428 body = signed_descriptor_get_body(sd);
3429 if (conn->zlib_state) {
3430 /* XXXX022 This 'last' business should actually happen on the last
3431 * routerinfo, not on the last fingerprint. */
3432 int last = ! smartlist_len(conn->fingerprint_stack);
3433 connection_write_to_buf_zlib(body, sd->signed_descriptor_len, conn,
3434 last);
3435 if (last) {
3436 tor_zlib_free(conn->zlib_state);
3437 conn->zlib_state = NULL;
3438 }
3439 } else {
3440 connection_write_to_buf(body,
3441 sd->signed_descriptor_len,
3442 TO_CONN(conn));
3443 }
3444 }
3445
3446 if (!smartlist_len(conn->fingerprint_stack)) {
3447 /* We just wrote the last one; finish up. */
3448 conn->dir_spool_src = DIR_SPOOL_NONE;
3449 smartlist_free(conn->fingerprint_stack);
3450 conn->fingerprint_stack = NULL;
3451 }
3452 return 0;
3453 }
3454
3455 /** Spooling helper: called when we're sending a bunch of microdescriptors,
3456 * and the outbuf has become too empty. Pulls some entries from
3457 * fingerprint_stack, and writes the corresponding microdescs onto outbuf. If
3458 * we run out of entries, flushes the zlib state and sets the spool source to
3459 * NONE. Returns 0 on success, negative on failure.
3460 */
3461 static int
3462 connection_dirserv_add_microdescs_to_outbuf(dir_connection_t *conn)
3463 {
3464 microdesc_cache_t *cache = get_microdesc_cache();
3465 while (smartlist_len(conn->fingerprint_stack) &&
3466 buf_datalen(conn->_base.outbuf) < DIRSERV_BUFFER_MIN) {
3467 char *fp256 = smartlist_pop_last(conn->fingerprint_stack);
3468 microdesc_t *md = microdesc_cache_lookup_by_digest256(cache, fp256);
3469 tor_free(fp256);
3470 if (!md)
3471 continue;
3472 if (conn->zlib_state) {
3473 /* XXXX022 This 'last' business should actually happen on the last
3474 * routerinfo, not on the last fingerprint. */
3475 int last = !smartlist_len(conn->fingerprint_stack);
3476 connection_write_to_buf_zlib(md->body, md->bodylen, conn, last);
3477 if (last) {
3478 tor_zlib_free(conn->zlib_state);
3479 conn->zlib_state = NULL;
3480 }
3481 } else {
3482 connection_write_to_buf(md->body, md->bodylen, TO_CONN(conn));
3483 }
3484 }
3485 if (!smartlist_len(conn->fingerprint_stack)) {
3486 conn->dir_spool_src = DIR_SPOOL_NONE;
3487 smartlist_free(conn->fingerprint_stack);
3488 conn->fingerprint_stack = NULL;
3489 }
3490 return 0;
3491 }
3492
3493 /** Spooling helper: Called when we're sending a directory or networkstatus,
3494 * and the outbuf has become too empty. Pulls some bytes from
3495 * <b>conn</b>-\>cached_dir-\>dir_z, uncompresses them if appropriate, and
3496 * puts them on the outbuf. If we run out of entries, flushes the zlib state
3497 * and sets the spool source to NONE. Returns 0 on success, negative on
3498 * failure. */
3499 static int
3500 connection_dirserv_add_dir_bytes_to_outbuf(dir_connection_t *conn)
3501 {
3502 ssize_t bytes;
3503 int64_t remaining;
3504
3505 bytes = DIRSERV_BUFFER_MIN - buf_datalen(conn->_base.outbuf);
3506 tor_assert(bytes > 0);
3507 tor_assert(conn->cached_dir);
3508 if (bytes < 8192)
3509 bytes = 8192;
3510 remaining = conn->cached_dir->dir_z_len - conn->cached_dir_offset;
3511 if (bytes > remaining)
3512 bytes = (ssize_t) remaining;
3513
3514 if (conn->zlib_state) {
3515 connection_write_to_buf_zlib(
3516 conn->cached_dir->dir_z + conn->cached_dir_offset,
3517 bytes, conn, bytes == remaining);
3518 } else {
3519 connection_write_to_buf(conn->cached_dir->dir_z + conn->cached_dir_offset,
3520 bytes, TO_CONN(conn));
3521 }
3522 conn->cached_dir_offset += bytes;
3523 if (conn->cached_dir_offset == (int)conn->cached_dir->dir_z_len) {
3524 /* We just wrote the last one; finish up. */
3525 connection_dirserv_finish_spooling(conn);
3526 cached_dir_decref(conn->cached_dir);
3527 conn->cached_dir = NULL;
3528 }
3529 return 0;
3530 }
3531
3532 /** Spooling helper: Called when we're spooling networkstatus objects on
3533 * <b>conn</b>, and the outbuf has become too empty. If the current
3534 * networkstatus object (in <b>conn</b>-\>cached_dir) has more data, pull data
3535 * from there. Otherwise, pop the next fingerprint from fingerprint_stack,
3536 * and start spooling the next networkstatus. (A digest of all 0 bytes is
3537 * treated as a request for the current consensus.) If we run out of entries,
3538 * flushes the zlib state and sets the spool source to NONE. Returns 0 on
3539 * success, negative on failure. */
3540 static int
3541 connection_dirserv_add_networkstatus_bytes_to_outbuf(dir_connection_t *conn)
3542 {
3543
3544 while (buf_datalen(conn->_base.outbuf) < DIRSERV_BUFFER_MIN) {
3545 if (conn->cached_dir) {
3546 int uncompressing = (conn->zlib_state != NULL);
3547 int r = connection_dirserv_add_dir_bytes_to_outbuf(conn);
3548 if (conn->dir_spool_src == DIR_SPOOL_NONE) {
3549 /* add_dir_bytes thinks we're done with the cached_dir. But we
3550 * may have more cached_dirs! */
3551 conn->dir_spool_src = DIR_SPOOL_NETWORKSTATUS;
3552 /* This bit is tricky. If we were uncompressing the last
3553 * networkstatus, we may need to make a new zlib object to
3554 * uncompress the next one. */
3555 if (uncompressing && ! conn->zlib_state &&
3556 conn->fingerprint_stack &&
3557 smartlist_len(conn->fingerprint_stack)) {
3558 conn->zlib_state = tor_zlib_new(0, ZLIB_METHOD);
3559 }
3560 }
3561 if (r) return r;
3562 } else if (conn->fingerprint_stack &&
3563 smartlist_len(conn->fingerprint_stack)) {
3564 /* Add another networkstatus; start serving it. */
3565 char *fp = smartlist_pop_last(conn->fingerprint_stack);
3566 cached_dir_t *d = lookup_cached_dir_by_fp(fp);
3567 tor_free(fp);
3568 if (d) {
3569 ++d->refcnt;
3570 conn->cached_dir = d;
3571 conn->cached_dir_offset = 0;
3572 }
3573 } else {
3574 connection_dirserv_finish_spooling(conn);
3575 smartlist_free(conn->fingerprint_stack);
3576 conn->fingerprint_stack = NULL;
3577 return 0;
3578 }
3579 }
3580 return 0;
3581 }
3582
3583 /** Called whenever we have flushed some directory data in state
3584 * SERVER_WRITING. */
3585 int
3586 connection_dirserv_flushed_some(dir_connection_t *conn)
3587 {
3588 tor_assert(conn->_base.state == DIR_CONN_STATE_SERVER_WRITING);
3589
3590 if (buf_datalen(conn->_base.outbuf) >= DIRSERV_BUFFER_MIN)
3591 return 0;
3592
3593 switch (conn->dir_spool_src) {
3594 case DIR_SPOOL_EXTRA_BY_DIGEST:
3595 case DIR_SPOOL_EXTRA_BY_FP:
3596 case DIR_SPOOL_SERVER_BY_DIGEST:
3597 case DIR_SPOOL_SERVER_BY_FP:
3598 return connection_dirserv_add_servers_to_outbuf(conn);
3599 case DIR_SPOOL_MICRODESC:
3600 return connection_dirserv_add_microdescs_to_outbuf(conn);
3601 case DIR_SPOOL_CACHED_DIR:
3602 return connection_dirserv_add_dir_bytes_to_outbuf(conn);
3603 case DIR_SPOOL_NETWORKSTATUS:
3604 return connection_dirserv_add_networkstatus_bytes_to_outbuf(conn);
3605 case DIR_SPOOL_NONE:
3606 default:
3607 return 0;
3608 }
3609 }
3610
3611 /** Release all storage used by the directory server. */
3612 void
3613 dirserv_free_all(void)
3614 {
3615 dirserv_free_fingerprint_list();
3616
3617 cached_dir_decref(the_directory);
3618 clear_cached_dir(&the_runningrouters);
3619 cached_dir_decref(the_v2_networkstatus);
3620 cached_dir_decref(cached_directory);
3621 clear_cached_dir(&cached_runningrouters);
3622
3623 digestmap_free(cached_v2_networkstatus, _free_cached_dir);
3624 cached_v2_networkstatus = NULL;
3625 strmap_free(cached_consensuses, _free_cached_dir);
3626 cached_consensuses = NULL;
3627 }
3628