Line data Source code
1 : /* Copyright (c) 2001 Matej Pfajfar.
2 : * Copyright (c) 2001-2004, Roger Dingledine.
3 : * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 : * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 : /* See LICENSE for licensing information */
6 :
7 : /**
8 : * \file routerlist.c
9 : * \brief Code to
10 : * maintain and access the global list of routerinfos for known
11 : * servers.
12 : *
13 : * A "routerinfo_t" object represents a single self-signed router
14 : * descriptor, as generated by a Tor relay in order to tell the rest of
15 : * the world about its keys, address, and capabilities. An
16 : * "extrainfo_t" object represents an adjunct "extra-info" object,
17 : * certified by a corresponding router descriptor, reporting more
18 : * information about the relay that nearly all users will not need.
19 : *
20 : * Most users will not use router descriptors for most relays. Instead,
21 : * they use the information in microdescriptors and in the consensus
22 : * networkstatus.
23 : *
24 : * Right now, routerinfo_t objects are used in these ways:
25 : * <ul>
26 : * <li>By clients, in order to learn about bridge keys and capabilities.
27 : * (Bridges aren't listed in the consensus networkstatus, so they
28 : * can't have microdescriptors.)
29 : * <li>By relays, since relays want more information about other relays
30 : * than they can learn from microdescriptors. (TODO: Is this still true?)
31 : * <li>By authorities, which receive them and use them to generate the
32 : * consensus and the microdescriptors.
33 : * <li>By all directory caches, which download them in case somebody
34 : * else wants them.
35 : * </ul>
36 : *
37 : * Routerinfos are mostly created by parsing them from a string, in
38 : * routerparse.c. We store them to disk on receiving them, and
39 : * periodically discard the ones we don't need. On restarting, we
40 : * re-read them from disk. (This also applies to extrainfo documents, if
41 : * we are configured to fetch them.)
42 : *
43 : * In order to keep our list of routerinfos up-to-date, we periodically
44 : * check whether there are any listed in the latest consensus (or in the
45 : * votes from other authorities, if we are an authority) that we don't
46 : * have. (This also applies to extrainfo documents, if we are
47 : * configured to fetch them.)
48 : *
49 : * Almost nothing in Tor should use a routerinfo_t to refer directly to
50 : * a relay; instead, almost everything should use node_t (implemented in
51 : * nodelist.c), which provides a common interface to routerinfo_t,
52 : * routerstatus_t, and microdescriptor_t.
53 : *
54 : * <br>
55 : *
56 : * This module also has some of the functions used for choosing random
57 : * nodes according to different rules and weights. Historically, they
58 : * were all in this module. Now, they are spread across this module,
59 : * nodelist.c, and networkstatus.c. (TODO: Fix that.)
60 : **/
61 :
62 : #define ROUTERLIST_PRIVATE
63 : #include "core/or/or.h"
64 :
65 : #include "app/config/config.h"
66 : #include "core/mainloop/connection.h"
67 : #include "core/mainloop/mainloop.h"
68 : #include "core/or/circuitlist.h"
69 : #include "core/or/circuituse.h"
70 : #include "core/or/extendinfo.h"
71 : #include "core/or/policies.h"
72 : #include "feature/client/bridges.h"
73 : #include "feature/control/control_events.h"
74 : #include "feature/dirauth/authmode.h"
75 : #include "feature/dirauth/process_descs.h"
76 : #include "feature/dirauth/reachability.h"
77 : #include "feature/dircache/dirserv.h"
78 : #include "feature/dirclient/dirclient.h"
79 : #include "feature/dirclient/dirclient_modes.h"
80 : #include "feature/dirclient/dlstatus.h"
81 : #include "feature/dircommon/directory.h"
82 : #include "feature/nodelist/authcert.h"
83 : #include "feature/nodelist/describe.h"
84 : #include "feature/nodelist/dirlist.h"
85 : #include "feature/nodelist/microdesc.h"
86 : #include "feature/nodelist/networkstatus.h"
87 : #include "feature/nodelist/node_select.h"
88 : #include "feature/nodelist/nodelist.h"
89 : #include "feature/nodelist/routerinfo.h"
90 : #include "feature/nodelist/routerlist.h"
91 : #include "feature/dirparse/routerparse.h"
92 : #include "feature/nodelist/routerset.h"
93 : #include "feature/nodelist/torcert.h"
94 : #include "feature/relay/routermode.h"
95 : #include "feature/relay/relay_find_addr.h"
96 : #include "feature/stats/rephist.h"
97 : #include "lib/crypt_ops/crypto_format.h"
98 : #include "lib/crypt_ops/crypto_rand.h"
99 :
100 : #include "feature/dircommon/dir_connection_st.h"
101 : #include "feature/dirclient/dir_server_st.h"
102 : #include "feature/nodelist/document_signature_st.h"
103 : #include "feature/nodelist/extrainfo_st.h"
104 : #include "feature/nodelist/networkstatus_st.h"
105 : #include "feature/nodelist/networkstatus_voter_info_st.h"
106 : #include "feature/nodelist/node_st.h"
107 : #include "feature/nodelist/routerinfo_st.h"
108 : #include "feature/nodelist/routerlist_st.h"
109 : #include "feature/nodelist/vote_routerstatus_st.h"
110 :
111 : #include "lib/crypt_ops/digestset.h"
112 :
113 : #ifdef HAVE_SYS_STAT_H
114 : #include <sys/stat.h>
115 : #endif
116 :
117 : // #define DEBUG_ROUTERLIST
118 :
119 : /****************************************************************************/
120 :
121 : /* Typed wrappers for different digestmap types; used to avoid type
122 : * confusion. */
123 :
124 612 : DECLARE_TYPED_DIGESTMAP_FNS(sdmap, digest_sd_map_t, signed_descriptor_t)
125 571 : DECLARE_TYPED_DIGESTMAP_FNS(rimap, digest_ri_map_t, routerinfo_t)
126 81 : DECLARE_TYPED_DIGESTMAP_FNS(eimap, digest_ei_map_t, extrainfo_t)
127 : #define SDMAP_FOREACH(map, keyvar, valvar) \
128 : DIGESTMAP_FOREACH(sdmap_to_digestmap(map), keyvar, signed_descriptor_t *, \
129 : valvar)
130 : #define RIMAP_FOREACH(map, keyvar, valvar) \
131 : DIGESTMAP_FOREACH(rimap_to_digestmap(map), keyvar, routerinfo_t *, valvar)
132 : #define EIMAP_FOREACH(map, keyvar, valvar) \
133 : DIGESTMAP_FOREACH(eimap_to_digestmap(map), keyvar, extrainfo_t *, valvar)
134 : #define eimap_free(map, fn) MAP_FREE_AND_NULL(eimap, (map), (fn))
135 : #define rimap_free(map, fn) MAP_FREE_AND_NULL(rimap, (map), (fn))
136 : #define sdmap_free(map, fn) MAP_FREE_AND_NULL(sdmap, (map), (fn))
137 :
138 : /* static function prototypes */
139 : static int signed_desc_digest_is_recognized(signed_descriptor_t *desc);
140 : static const char *signed_descriptor_get_body_impl(
141 : const signed_descriptor_t *desc,
142 : int with_annotations);
143 :
144 : /****************************************************************************/
145 :
146 : /** Global list of all of the routers that we know about. */
147 : static routerlist_t *routerlist = NULL;
148 :
149 : /** List of strings for nicknames we've already warned about and that are
150 : * still unknown / unavailable. */
151 : static smartlist_t *warned_nicknames = NULL;
152 :
153 : /** The last time we tried to download any routerdesc, or 0 for "never". We
154 : * use this to rate-limit download attempts when the number of routerdescs to
155 : * download is low. */
156 : static time_t last_descriptor_download_attempted = 0;
157 :
158 : /* Router descriptor storage.
159 : *
160 : * Routerdescs are stored in a big file, named "cached-descriptors". As new
161 : * routerdescs arrive, we append them to a journal file named
162 : * "cached-descriptors.new".
163 : *
164 : * From time to time, we replace "cached-descriptors" with a new file
165 : * containing only the live, non-superseded descriptors, and clear
166 : * cached-descriptors.new.
167 : *
168 : * On startup, we read both files.
169 : */
170 :
171 : /** Helper: return 1 iff the router log is so big we want to rebuild the
172 : * store. */
173 : static int
174 5 : router_should_rebuild_store(desc_store_t *store)
175 : {
176 5 : if (store->store_len > (1<<16))
177 0 : return (store->journal_len > store->store_len / 2 ||
178 0 : store->bytes_dropped > store->store_len / 2);
179 : else
180 5 : return store->journal_len > (1<<15);
181 : }
182 :
183 : /** Return the desc_store_t in <b>rl</b> that should be used to store
184 : * <b>sd</b>. */
185 : static inline desc_store_t *
186 0 : desc_get_store(routerlist_t *rl, const signed_descriptor_t *sd)
187 : {
188 0 : if (sd->is_extrainfo)
189 0 : return &rl->extrainfo_store;
190 : else
191 0 : return &rl->desc_store;
192 : }
193 :
194 : /** Add the signed_descriptor_t in <b>desc</b> to the router
195 : * journal; change its saved_location to SAVED_IN_JOURNAL and set its
196 : * offset appropriately. */
197 : static int
198 109 : signed_desc_append_to_journal(signed_descriptor_t *desc,
199 : desc_store_t *store)
200 : {
201 109 : char *fname = get_cachedir_fname_suffix(store->fname_base, ".new");
202 109 : const char *body = signed_descriptor_get_body_impl(desc,1);
203 109 : size_t len = desc->signed_descriptor_len + desc->annotations_len;
204 :
205 109 : if (append_bytes_to_file(fname, body, len, 1)) {
206 0 : log_warn(LD_FS, "Unable to store router descriptor");
207 0 : tor_free(fname);
208 0 : return -1;
209 : }
210 109 : desc->saved_location = SAVED_IN_JOURNAL;
211 109 : tor_free(fname);
212 :
213 109 : desc->saved_offset = store->journal_len;
214 109 : store->journal_len += len;
215 :
216 109 : return 0;
217 : }
218 :
219 : /** Sorting helper: return <0, 0, or >0 depending on whether the
220 : * signed_descriptor_t* in *<b>a</b> is older, the same age as, or newer than
221 : * the signed_descriptor_t* in *<b>b</b>. */
222 : static int
223 0 : compare_signed_descriptors_by_age_(const void **_a, const void **_b)
224 : {
225 0 : const signed_descriptor_t *r1 = *_a, *r2 = *_b;
226 0 : return (int)(r1->published_on - r2->published_on);
227 : }
228 :
229 : #define RRS_FORCE 1
230 : #define RRS_DONT_REMOVE_OLD 2
231 :
232 : /** If the journal of <b>store</b> is too long, or if RRS_FORCE is set in
233 : * <b>flags</b>, then atomically replace the saved router store with the
234 : * routers currently in our routerlist, and clear the journal. Unless
235 : * RRS_DONT_REMOVE_OLD is set in <b>flags</b>, delete expired routers before
236 : * rebuilding the store. Return 0 on success, -1 on failure.
237 : */
238 : static int
239 5 : router_rebuild_store(int flags, desc_store_t *store)
240 : {
241 5 : smartlist_t *chunk_list = NULL;
242 5 : char *fname = NULL, *fname_tmp = NULL;
243 5 : int r = -1;
244 5 : off_t offset = 0;
245 5 : smartlist_t *signed_descriptors = NULL;
246 5 : int nocache=0;
247 5 : size_t total_expected_len = 0;
248 5 : int had_any;
249 5 : int force = flags & RRS_FORCE;
250 :
251 5 : if (!force && !router_should_rebuild_store(store)) {
252 5 : r = 0;
253 5 : goto done;
254 : }
255 0 : if (!routerlist) {
256 0 : r = 0;
257 0 : goto done;
258 : }
259 :
260 0 : if (store->type == EXTRAINFO_STORE)
261 0 : had_any = !eimap_isempty(routerlist->extra_info_map);
262 : else
263 0 : had_any = (smartlist_len(routerlist->routers)+
264 0 : smartlist_len(routerlist->old_routers))>0;
265 :
266 : /* Don't save deadweight. */
267 0 : if (!(flags & RRS_DONT_REMOVE_OLD))
268 0 : routerlist_remove_old_routers();
269 :
270 0 : log_info(LD_DIR, "Rebuilding %s cache", store->description);
271 :
272 0 : fname = get_cachedir_fname(store->fname_base);
273 0 : fname_tmp = get_cachedir_fname_suffix(store->fname_base, ".tmp");
274 :
275 0 : chunk_list = smartlist_new();
276 :
277 : /* We sort the routers by age to enhance locality on disk. */
278 0 : signed_descriptors = smartlist_new();
279 0 : if (store->type == EXTRAINFO_STORE) {
280 0 : eimap_iter_t *iter;
281 0 : for (iter = eimap_iter_init(routerlist->extra_info_map);
282 0 : !eimap_iter_done(iter);
283 0 : iter = eimap_iter_next(routerlist->extra_info_map, iter)) {
284 0 : const char *key;
285 0 : extrainfo_t *ei;
286 0 : eimap_iter_get(iter, &key, &ei);
287 0 : smartlist_add(signed_descriptors, &ei->cache_info);
288 : }
289 : } else {
290 0 : SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
291 : smartlist_add(signed_descriptors, sd));
292 0 : SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
293 : smartlist_add(signed_descriptors, &ri->cache_info));
294 : }
295 :
296 0 : smartlist_sort(signed_descriptors, compare_signed_descriptors_by_age_);
297 :
298 : /* Now, add the appropriate members to chunk_list */
299 0 : SMARTLIST_FOREACH_BEGIN(signed_descriptors, signed_descriptor_t *, sd) {
300 0 : sized_chunk_t *c;
301 0 : const char *body = signed_descriptor_get_body_impl(sd, 1);
302 0 : if (!body) {
303 0 : log_warn(LD_BUG, "No descriptor available for router.");
304 0 : goto done;
305 : }
306 0 : if (sd->do_not_cache) {
307 0 : ++nocache;
308 0 : continue;
309 : }
310 0 : c = tor_malloc(sizeof(sized_chunk_t));
311 0 : c->bytes = body;
312 0 : c->len = sd->signed_descriptor_len + sd->annotations_len;
313 0 : total_expected_len += c->len;
314 0 : smartlist_add(chunk_list, c);
315 0 : } SMARTLIST_FOREACH_END(sd);
316 :
317 0 : if (write_chunks_to_file(fname_tmp, chunk_list, 1, 1)<0) {
318 0 : log_warn(LD_FS, "Error writing router store to disk.");
319 0 : goto done;
320 : }
321 :
322 : /* Our mmap is now invalid. */
323 0 : if (store->mmap) {
324 0 : int res = tor_munmap_file(store->mmap);
325 0 : store->mmap = NULL;
326 0 : if (res != 0) {
327 0 : log_warn(LD_FS, "Unable to munmap route store in %s", fname);
328 : }
329 : }
330 :
331 0 : if (replace_file(fname_tmp, fname)<0) {
332 0 : log_warn(LD_FS, "Error replacing old router store: %s", strerror(errno));
333 0 : goto done;
334 : }
335 :
336 0 : errno = 0;
337 0 : store->mmap = tor_mmap_file(fname);
338 0 : if (! store->mmap) {
339 0 : if (errno == ERANGE) {
340 : /* empty store.*/
341 0 : if (total_expected_len) {
342 0 : log_warn(LD_FS, "We wrote some bytes to a new descriptor file at '%s',"
343 : " but when we went to mmap it, it was empty!", fname);
344 0 : } else if (had_any) {
345 0 : log_info(LD_FS, "We just removed every descriptor in '%s'. This is "
346 : "okay if we're just starting up after a long time. "
347 : "Otherwise, it's a bug.", fname);
348 : }
349 : } else {
350 0 : log_warn(LD_FS, "Unable to mmap new descriptor file at '%s'.",fname);
351 : }
352 : }
353 :
354 0 : log_info(LD_DIR, "Reconstructing pointers into cache");
355 :
356 0 : offset = 0;
357 0 : SMARTLIST_FOREACH_BEGIN(signed_descriptors, signed_descriptor_t *, sd) {
358 0 : if (sd->do_not_cache)
359 0 : continue;
360 0 : sd->saved_location = SAVED_IN_CACHE;
361 0 : if (store->mmap) {
362 0 : tor_free(sd->signed_descriptor_body); // sets it to null
363 0 : sd->saved_offset = offset;
364 : }
365 0 : offset += sd->signed_descriptor_len + sd->annotations_len;
366 0 : signed_descriptor_get_body(sd); /* reconstruct and assert */
367 0 : } SMARTLIST_FOREACH_END(sd);
368 :
369 0 : tor_free(fname);
370 0 : fname = get_cachedir_fname_suffix(store->fname_base, ".new");
371 0 : write_str_to_file(fname, "", 1);
372 :
373 0 : r = 0;
374 0 : store->store_len = (size_t) offset;
375 0 : store->journal_len = 0;
376 0 : store->bytes_dropped = 0;
377 5 : done:
378 5 : smartlist_free(signed_descriptors);
379 5 : tor_free(fname);
380 5 : tor_free(fname_tmp);
381 5 : if (chunk_list) {
382 0 : SMARTLIST_FOREACH(chunk_list, sized_chunk_t *, c, tor_free(c));
383 0 : smartlist_free(chunk_list);
384 : }
385 :
386 5 : return r;
387 : }
388 :
389 : /** Helper: Reload a cache file and its associated journal, setting metadata
390 : * appropriately. If <b>extrainfo</b> is true, reload the extrainfo store;
391 : * else reload the router descriptor store. */
392 : static int
393 0 : router_reload_router_list_impl(desc_store_t *store)
394 : {
395 0 : char *fname = NULL, *contents = NULL;
396 0 : struct stat st;
397 0 : int extrainfo = (store->type == EXTRAINFO_STORE);
398 0 : store->journal_len = store->store_len = 0;
399 :
400 0 : fname = get_cachedir_fname(store->fname_base);
401 :
402 0 : if (store->mmap) {
403 : /* get rid of it first */
404 0 : int res = tor_munmap_file(store->mmap);
405 0 : store->mmap = NULL;
406 0 : if (res != 0) {
407 0 : log_warn(LD_FS, "Failed to munmap %s", fname);
408 0 : tor_free(fname);
409 0 : return -1;
410 : }
411 : }
412 :
413 0 : store->mmap = tor_mmap_file(fname);
414 0 : if (store->mmap) {
415 0 : store->store_len = store->mmap->size;
416 0 : if (extrainfo)
417 0 : router_load_extrainfo_from_string(store->mmap->data,
418 0 : store->mmap->data+store->mmap->size,
419 : SAVED_IN_CACHE, NULL, 0);
420 : else
421 0 : router_load_routers_from_string(store->mmap->data,
422 0 : store->mmap->data+store->mmap->size,
423 : SAVED_IN_CACHE, NULL, 0, NULL);
424 : }
425 :
426 0 : tor_free(fname);
427 0 : fname = get_cachedir_fname_suffix(store->fname_base, ".new");
428 : /* don't load empty files - we wouldn't get any data, even if we tried */
429 0 : if (file_status(fname) == FN_FILE)
430 0 : contents = read_file_to_str(fname, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
431 0 : if (contents) {
432 0 : if (extrainfo)
433 0 : router_load_extrainfo_from_string(contents, NULL,SAVED_IN_JOURNAL,
434 : NULL, 0);
435 : else
436 0 : router_load_routers_from_string(contents, NULL, SAVED_IN_JOURNAL,
437 : NULL, 0, NULL);
438 0 : store->journal_len = (size_t) st.st_size;
439 0 : tor_free(contents);
440 : }
441 :
442 0 : tor_free(fname);
443 :
444 0 : if (store->journal_len) {
445 : /* Always clear the journal on startup.*/
446 0 : router_rebuild_store(RRS_FORCE, store);
447 0 : } else if (!extrainfo) {
448 : /* Don't cache expired routers. (This is in an else because
449 : * router_rebuild_store() also calls remove_old_routers().) */
450 0 : routerlist_remove_old_routers();
451 : }
452 :
453 : return 0;
454 : }
455 :
456 : /** Load all cached router descriptors and extra-info documents from the
457 : * store. Return 0 on success and -1 on failure.
458 : */
459 : int
460 0 : router_reload_router_list(void)
461 : {
462 0 : routerlist_t *rl = router_get_routerlist();
463 0 : if (router_reload_router_list_impl(&rl->desc_store))
464 : return -1;
465 0 : if (router_reload_router_list_impl(&rl->extrainfo_store))
466 0 : return -1;
467 : return 0;
468 : }
469 :
470 : /* When selecting a router for a direct connection, can OR address/port
471 : * preference and reachability checks be skipped?
472 : *
473 : * Servers never check ReachableAddresses or ClientPreferIPv6. Returns
474 : * true for servers.
475 : *
476 : * Otherwise, if <b>try_ip_pref</b> is true, returns false. Used to make
477 : * clients check ClientPreferIPv6, even if ReachableAddresses is not set.
478 : * Finally, return true if ReachableAddresses is set.
479 : */
480 : int
481 7332 : router_or_conn_should_skip_reachable_address_check(
482 : const or_options_t *options,
483 : int try_ip_pref)
484 : {
485 : /* Servers always have and prefer IPv4.
486 : * And if clients are checking against the firewall for reachability only,
487 : * but there's no firewall, don't bother checking */
488 7332 : return server_mode(options) || (!try_ip_pref && !firewall_is_fascist_or());
489 : }
490 :
491 : /* When selecting a router for a direct connection, can Dir address/port
492 : * and reachability checks be skipped?
493 : *
494 : * This function is obsolete, because clients only use ORPorts.
495 : */
496 : int
497 9 : router_dir_conn_should_skip_reachable_address_check(
498 : const or_options_t *options,
499 : int try_ip_pref)
500 : {
501 : /* Servers always have and prefer IPv4.
502 : * And if clients are checking against the firewall for reachability only,
503 : * but there's no firewall, don't bother checking */
504 9 : return server_mode(options) || (!try_ip_pref && !firewall_is_fascist_dir());
505 : }
506 :
507 : /** Return true iff r1 and r2 have the same address and OR port. */
508 : int
509 1 : routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
510 : {
511 1 : return tor_addr_eq(&r1->ipv4_addr, &r2->ipv4_addr) &&
512 2 : r1->ipv4_orport == r2->ipv4_orport &&
513 2 : tor_addr_eq(&r1->ipv6_addr, &r2->ipv6_addr) &&
514 1 : r1->ipv6_orport == r2->ipv6_orport;
515 : }
516 :
517 : /* Returns true if <b>node</b> can be chosen based on <b>flags</b>.
518 : *
519 : * The following conditions are applied to all nodes:
520 : * - is running;
521 : * - is valid;
522 : * - supports EXTEND2 cells;
523 : * - has an ntor circuit crypto key; and
524 : * - does not allow single-hop exits.
525 : *
526 : * If the node has a routerinfo, we're checking for a direct connection, and
527 : * we're using bridges, the following condition is applied:
528 : * - has a bridge-purpose routerinfo;
529 : * and for all other nodes:
530 : * - has a general-purpose routerinfo (or no routerinfo).
531 : *
532 : * Nodes that don't have a routerinfo must be general-purpose nodes, because
533 : * routerstatuses and microdescriptors only come via consensuses.
534 : *
535 : * The <b>flags</b> check that <b>node</b>:
536 : * - <b>CRN_NEED_UPTIME</b>: has more than a minimum uptime;
537 : * - <b>CRN_NEED_CAPACITY</b>: has more than a minimum capacity;
538 : * - <b>CRN_NEED_GUARD</b>: is a Guard;
539 : * - <b>CRN_NEED_DESC</b>: has a routerinfo or microdescriptor -- that is,
540 : * enough info to be used to build a circuit;
541 : * - <b>CRN_DIRECT_CONN</b>: is suitable for direct connections. Checks
542 : * for the relevant descriptors. Checks the address
543 : * against ReachableAddresses, ClientUseIPv4 0, and
544 : * reachable_addr_use_ipv6() == 0);
545 : * - <b>CRN_PREF_ADDR</b>: if we are connecting directly to the node, it has
546 : * an address that is preferred by the
547 : * ClientPreferIPv6ORPort setting;
548 : * - <b>CRN_RENDEZVOUS_V3</b>: can become a v3 onion service rendezvous point;
549 : * - <b>CRN_INITIATE_IPV6_EXTEND</b>: can initiate IPv6 extends.
550 : */
551 : bool
552 7323 : router_can_choose_node(const node_t *node, int flags)
553 : {
554 : /* The full set of flags used for node selection. */
555 7323 : const bool need_uptime = (flags & CRN_NEED_UPTIME) != 0;
556 7323 : const bool need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
557 7323 : const bool need_guard = (flags & CRN_NEED_GUARD) != 0;
558 7323 : const bool need_desc = (flags & CRN_NEED_DESC) != 0;
559 7323 : const bool pref_addr = (flags & CRN_PREF_ADDR) != 0;
560 7323 : const bool direct_conn = (flags & CRN_DIRECT_CONN) != 0;
561 7323 : const bool rendezvous_v3 = (flags & CRN_RENDEZVOUS_V3) != 0;
562 7323 : const bool initiate_ipv6_extend = (flags & CRN_INITIATE_IPV6_EXTEND) != 0;
563 :
564 7323 : const or_options_t *options = get_options();
565 14646 : const bool check_reach =
566 7323 : !router_or_conn_should_skip_reachable_address_check(options, pref_addr);
567 7323 : const bool direct_bridge = direct_conn && options->UseBridges;
568 :
569 7323 : if (!node->is_running || !node->is_valid)
570 : return false;
571 7323 : if (need_desc && !node_has_preferred_descriptor(node, direct_conn))
572 : return false;
573 7323 : if (node->ri) {
574 6 : if (direct_bridge && node->ri->purpose != ROUTER_PURPOSE_BRIDGE)
575 : return false;
576 6 : else if (node->ri->purpose != ROUTER_PURPOSE_GENERAL)
577 : return false;
578 : }
579 7323 : if (node_is_unreliable(node, need_uptime, need_capacity, need_guard))
580 : return false;
581 : /* Don't choose nodes if we are certain they can't do EXTEND2 cells */
582 7323 : if (node->rs && !routerstatus_version_supports_extend2_cells(node->rs, 1))
583 : return false;
584 : /* Don't choose nodes if we are certain they can't do ntor. */
585 7323 : if ((node->ri || node->md) && !node_has_curve25519_onion_key(node))
586 : return false;
587 : /* Exclude relays that allow single hop exit circuits. This is an
588 : * obsolete option since 0.2.9.2-alpha and done by default in
589 : * 0.3.1.0-alpha. */
590 7323 : if (node_allows_single_hop_exits(node))
591 : return false;
592 : /* Exclude relays that can not become a rendezvous for a hidden service
593 : * version 3. */
594 7323 : if (rendezvous_v3 &&
595 0 : !node_supports_v3_rendezvous_point(node))
596 : return false;
597 : /* Choose a node with an OR address that matches the firewall rules */
598 7323 : if (direct_conn && check_reach &&
599 0 : !reachable_addr_allows_node(node,
600 : FIREWALL_OR_CONNECTION,
601 : pref_addr))
602 : return false;
603 7323 : if (initiate_ipv6_extend && !node_supports_initiating_ipv6_extends(node))
604 0 : return false;
605 :
606 : return true;
607 : }
608 :
609 : /** Add every suitable node from our nodelist to <b>sl</b>, so that
610 : * we can pick a node for a circuit based on <b>flags</b>.
611 : *
612 : * See router_can_choose_node() for details of <b>flags</b>.
613 : */
614 : void
615 22 : router_add_running_nodes_to_smartlist(smartlist_t *sl, int flags)
616 : {
617 3280 : SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
618 3258 : if (!router_can_choose_node(node, flags))
619 0 : continue;
620 3258 : smartlist_add(sl, (void *)node);
621 3258 : } SMARTLIST_FOREACH_END(node);
622 22 : }
623 :
624 : /** Look through the routerlist until we find a router that has my key.
625 : Return it. */
626 : const routerinfo_t *
627 0 : routerlist_find_my_routerinfo(void)
628 : {
629 0 : if (!routerlist)
630 : return NULL;
631 :
632 0 : SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
633 : {
634 : if (router_is_me(router))
635 : return router;
636 : });
637 : return NULL;
638 : }
639 :
640 : /** Return the smaller of the router's configured BandwidthRate
641 : * and its advertised capacity. */
642 : uint32_t
643 0 : router_get_advertised_bandwidth(const routerinfo_t *router)
644 : {
645 0 : if (router->bandwidthcapacity < router->bandwidthrate)
646 : return router->bandwidthcapacity;
647 : return router->bandwidthrate;
648 : }
649 :
650 : /** Do not weight any declared bandwidth more than this much when picking
651 : * routers by bandwidth. */
652 : #define DEFAULT_MAX_BELIEVABLE_BANDWIDTH 10000000 /* 10 MB/sec */
653 :
654 : /** Return the smaller of the router's configured BandwidthRate
655 : * and its advertised capacity, capped by max-believe-bw. */
656 : uint32_t
657 120 : router_get_advertised_bandwidth_capped(const routerinfo_t *router)
658 : {
659 120 : uint32_t result = router->bandwidthcapacity;
660 120 : if (result > router->bandwidthrate)
661 : result = router->bandwidthrate;
662 120 : if (result > DEFAULT_MAX_BELIEVABLE_BANDWIDTH)
663 : result = DEFAULT_MAX_BELIEVABLE_BANDWIDTH;
664 120 : return result;
665 : }
666 :
667 : /** Helper: given an extended nickname in <b>hexdigest</b> try to decode it.
668 : * Return 0 on success, -1 on failure. Store the result into the
669 : * DIGEST_LEN-byte buffer at <b>digest_out</b>, the single character at
670 : * <b>nickname_qualifier_char_out</b>, and the MAXNICKNAME_LEN+1-byte buffer
671 : * at <b>nickname_out</b>.
672 : *
673 : * The recognized format is:
674 : * HexName = Dollar? HexDigest NamePart?
675 : * Dollar = '?'
676 : * HexDigest = HexChar*20
677 : * HexChar = 'a'..'f' | 'A'..'F' | '0'..'9'
678 : * NamePart = QualChar Name
679 : * QualChar = '=' | '~'
680 : * Name = NameChar*(1..MAX_NICKNAME_LEN)
681 : * NameChar = Any ASCII alphanumeric character
682 : */
683 : int
684 52 : hex_digest_nickname_decode(const char *hexdigest,
685 : char *digest_out,
686 : char *nickname_qualifier_char_out,
687 : char *nickname_out)
688 : {
689 52 : size_t len;
690 :
691 52 : tor_assert(hexdigest);
692 52 : if (hexdigest[0] == '$')
693 37 : ++hexdigest;
694 :
695 52 : len = strlen(hexdigest);
696 52 : if (len < HEX_DIGEST_LEN) {
697 : return -1;
698 46 : } else if (len > HEX_DIGEST_LEN && (hexdigest[HEX_DIGEST_LEN] == '=' ||
699 11 : hexdigest[HEX_DIGEST_LEN] == '~') &&
700 : len <= HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN) {
701 11 : *nickname_qualifier_char_out = hexdigest[HEX_DIGEST_LEN];
702 11 : strlcpy(nickname_out, hexdigest+HEX_DIGEST_LEN+1 , MAX_NICKNAME_LEN+1);
703 35 : } else if (len == HEX_DIGEST_LEN) {
704 : ;
705 : } else {
706 : return -1;
707 : }
708 :
709 46 : if (base16_decode(digest_out, DIGEST_LEN,
710 : hexdigest, HEX_DIGEST_LEN) != DIGEST_LEN)
711 0 : return -1;
712 : return 0;
713 : }
714 :
715 : /** Helper: Return true iff the <b>identity_digest</b> and <b>nickname</b>
716 : * combination of a router, encoded in hexadecimal, matches <b>hexdigest</b>
717 : * (which is optionally prefixed with a single dollar sign). Return false if
718 : * <b>hexdigest</b> is malformed, or it doesn't match. */
719 : int
720 18 : hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest,
721 : const char *nickname)
722 : {
723 18 : char digest[DIGEST_LEN];
724 18 : char nn_char='\0';
725 18 : char nn_buf[MAX_NICKNAME_LEN+1];
726 :
727 18 : if (hex_digest_nickname_decode(hexdigest, digest, &nn_char, nn_buf) == -1)
728 : return 0;
729 :
730 12 : if (nn_char == '=') {
731 : return 0;
732 : }
733 :
734 11 : if (nn_char == '~') {
735 3 : if (!nickname) // XXX This seems wrong. -NM
736 : return 0;
737 3 : if (strcasecmp(nn_buf, nickname))
738 : return 0;
739 : }
740 :
741 10 : return tor_memeq(digest, identity_digest, DIGEST_LEN);
742 : }
743 :
744 : /** If hexdigest is correctly formed, base16_decode it into
745 : * digest, which must have DIGEST_LEN space in it.
746 : * Return 0 on success, -1 on failure.
747 : */
748 : int
749 0 : hexdigest_to_digest(const char *hexdigest, char *digest)
750 : {
751 0 : if (hexdigest[0]=='$')
752 0 : ++hexdigest;
753 0 : if (strlen(hexdigest) < HEX_DIGEST_LEN ||
754 0 : base16_decode(digest,DIGEST_LEN,hexdigest,HEX_DIGEST_LEN) != DIGEST_LEN)
755 0 : return -1;
756 : return 0;
757 : }
758 :
759 : /** As router_get_by_id_digest,but return a pointer that you're allowed to
760 : * modify */
761 : routerinfo_t *
762 320 : router_get_mutable_by_digest(const char *digest)
763 : {
764 320 : tor_assert(digest);
765 :
766 320 : if (!routerlist) return NULL;
767 :
768 : // routerlist_assert_ok(routerlist);
769 :
770 258 : return rimap_get(routerlist->identity_map, digest);
771 : }
772 :
773 : /** Return the router in our routerlist whose 20-byte key digest
774 : * is <b>digest</b>. Return NULL if no such router is known. */
775 : const routerinfo_t *
776 186 : router_get_by_id_digest(const char *digest)
777 : {
778 186 : return router_get_mutable_by_digest(digest);
779 : }
780 :
781 : /** Return the router in our routerlist whose 20-byte descriptor
782 : * is <b>digest</b>. Return NULL if no such router is known. */
783 : signed_descriptor_t *
784 85 : router_get_by_descriptor_digest(const char *digest)
785 : {
786 85 : tor_assert(digest);
787 :
788 85 : if (!routerlist) return NULL;
789 :
790 9 : return sdmap_get(routerlist->desc_digest_map, digest);
791 : }
792 :
793 : /** Return the signed descriptor for the router in our routerlist whose
794 : * 20-byte extra-info digest is <b>digest</b>. Return NULL if no such router
795 : * is known. */
796 0 : MOCK_IMPL(signed_descriptor_t *,
797 : router_get_by_extrainfo_digest,(const char *digest))
798 : {
799 0 : tor_assert(digest);
800 :
801 0 : if (!routerlist) return NULL;
802 :
803 0 : return sdmap_get(routerlist->desc_by_eid_map, digest);
804 : }
805 :
806 : /** Return the signed descriptor for the extrainfo_t in our routerlist whose
807 : * extra-info-digest is <b>digest</b>. Return NULL if no such extra-info
808 : * document is known. */
809 0 : MOCK_IMPL(signed_descriptor_t *,
810 : extrainfo_get_by_descriptor_digest,(const char *digest))
811 : {
812 0 : extrainfo_t *ei;
813 0 : tor_assert(digest);
814 0 : if (!routerlist) return NULL;
815 0 : ei = eimap_get(routerlist->extra_info_map, digest);
816 0 : return ei ? &ei->cache_info : NULL;
817 : }
818 :
819 : /** Return a pointer to the signed textual representation of a descriptor.
820 : * The returned string is not guaranteed to be NUL-terminated: the string's
821 : * length will be in desc-\>signed_descriptor_len.
822 : *
823 : * If <b>with_annotations</b> is set, the returned string will include
824 : * the annotations
825 : * (if any) preceding the descriptor. This will increase the length of the
826 : * string by desc-\>annotations_len.
827 : *
828 : * The caller must not free the string returned.
829 : */
830 : static const char *
831 138 : signed_descriptor_get_body_impl(const signed_descriptor_t *desc,
832 : int with_annotations)
833 : {
834 138 : const char *r = NULL;
835 138 : size_t len = desc->signed_descriptor_len;
836 138 : off_t offset = desc->saved_offset;
837 138 : if (with_annotations)
838 109 : len += desc->annotations_len;
839 : else
840 29 : offset += desc->annotations_len;
841 :
842 138 : tor_assert(len > 32);
843 138 : if (desc->saved_location == SAVED_IN_CACHE && routerlist) {
844 0 : desc_store_t *store = desc_get_store(router_get_routerlist(), desc);
845 0 : if (store && store->mmap) {
846 0 : tor_assert(desc->saved_offset + len <= store->mmap->size);
847 0 : r = store->mmap->data + offset;
848 0 : } else if (store) {
849 0 : log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
850 : "mmaped in our cache. Is another process running in our data "
851 : "directory? Exiting.");
852 0 : exit(1); // XXXX bad exit: should recover.
853 : }
854 : }
855 0 : if (!r) /* no mmap, or not in cache. */
856 138 : r = desc->signed_descriptor_body +
857 138 : (with_annotations ? 0 : desc->annotations_len);
858 :
859 138 : tor_assert(r);
860 138 : if (!with_annotations) {
861 29 : if (fast_memcmp("router ", r, 7) && fast_memcmp("extra-info ", r, 11)) {
862 0 : char *cp = tor_strndup(r, 64);
863 0 : log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
864 : "Is another process running in our data directory? Exiting.",
865 : desc, escaped(cp));
866 0 : exit(1); // XXXX bad exit: should recover.
867 : }
868 : }
869 :
870 138 : return r;
871 : }
872 :
873 : /** Return a pointer to the signed textual representation of a descriptor.
874 : * The returned string is not guaranteed to be NUL-terminated: the string's
875 : * length will be in desc-\>signed_descriptor_len.
876 : *
877 : * The caller must not free the string returned.
878 : */
879 : const char *
880 29 : signed_descriptor_get_body(const signed_descriptor_t *desc)
881 : {
882 29 : return signed_descriptor_get_body_impl(desc, 0);
883 : }
884 :
885 : /** As signed_descriptor_get_body(), but points to the beginning of the
886 : * annotations section rather than the beginning of the descriptor. */
887 : const char *
888 0 : signed_descriptor_get_annotations(const signed_descriptor_t *desc)
889 : {
890 0 : return signed_descriptor_get_body_impl(desc, 1);
891 : }
892 :
893 : /** Return the current list of all known routers. */
894 : routerlist_t *
895 103 : router_get_routerlist(void)
896 : {
897 103 : if (PREDICT_UNLIKELY(!routerlist)) {
898 43 : routerlist = tor_malloc_zero(sizeof(routerlist_t));
899 43 : routerlist->routers = smartlist_new();
900 43 : routerlist->old_routers = smartlist_new();
901 43 : routerlist->identity_map = rimap_new();
902 43 : routerlist->desc_digest_map = sdmap_new();
903 43 : routerlist->desc_by_eid_map = sdmap_new();
904 43 : routerlist->extra_info_map = eimap_new();
905 :
906 43 : routerlist->desc_store.fname_base = "cached-descriptors";
907 43 : routerlist->extrainfo_store.fname_base = "cached-extrainfo";
908 :
909 43 : routerlist->desc_store.type = ROUTER_STORE;
910 43 : routerlist->extrainfo_store.type = EXTRAINFO_STORE;
911 :
912 43 : routerlist->desc_store.description = "router descriptors";
913 43 : routerlist->extrainfo_store.description = "extra-info documents";
914 : }
915 103 : return routerlist;
916 : }
917 :
918 : /** Free all storage held by <b>router</b>. */
919 : void
920 7698 : routerinfo_free_(routerinfo_t *router)
921 : {
922 7698 : if (!router)
923 : return;
924 :
925 6245 : tor_free(router->cache_info.signed_descriptor_body);
926 6245 : tor_free(router->nickname);
927 6245 : tor_free(router->platform);
928 6245 : tor_free(router->protocol_list);
929 6245 : tor_free(router->contact_info);
930 6245 : if (router->onion_pkey)
931 113 : tor_free(router->onion_pkey);
932 6245 : tor_free(router->onion_curve25519_pkey);
933 6245 : if (router->identity_pkey)
934 130 : crypto_pk_free(router->identity_pkey);
935 6245 : tor_cert_free(router->cache_info.signing_key_cert);
936 6245 : if (router->declared_family) {
937 24 : SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
938 7 : smartlist_free(router->declared_family);
939 : }
940 6245 : addr_policy_list_free(router->exit_policy);
941 6245 : short_policy_free(router->ipv6_exit_policy);
942 :
943 6245 : memset(router, 77, sizeof(routerinfo_t));
944 :
945 6245 : tor_free(router);
946 : }
947 :
948 : /** Release all storage held by <b>extrainfo</b> */
949 : void
950 737 : extrainfo_free_(extrainfo_t *extrainfo)
951 : {
952 737 : if (!extrainfo)
953 : return;
954 120 : tor_cert_free(extrainfo->cache_info.signing_key_cert);
955 120 : tor_free(extrainfo->cache_info.signed_descriptor_body);
956 120 : tor_free(extrainfo->pending_sig);
957 :
958 120 : memset(extrainfo, 88, sizeof(extrainfo_t)); /* debug bad memory usage */
959 120 : tor_free(extrainfo);
960 : }
961 :
962 : #define signed_descriptor_free(val) \
963 : FREE_AND_NULL(signed_descriptor_t, signed_descriptor_free_, (val))
964 :
965 : /** Release storage held by <b>sd</b>. */
966 : static void
967 0 : signed_descriptor_free_(signed_descriptor_t *sd)
968 : {
969 0 : if (!sd)
970 : return;
971 :
972 0 : tor_free(sd->signed_descriptor_body);
973 0 : tor_cert_free(sd->signing_key_cert);
974 :
975 0 : memset(sd, 99, sizeof(signed_descriptor_t)); /* Debug bad mem usage */
976 0 : tor_free(sd);
977 : }
978 :
979 : /** Reset the given signed descriptor <b>sd</b> by freeing the allocated
980 : * memory inside the object and by zeroing its content. */
981 : static void
982 0 : signed_descriptor_reset(signed_descriptor_t *sd)
983 : {
984 0 : tor_assert(sd);
985 0 : tor_free(sd->signed_descriptor_body);
986 0 : tor_cert_free(sd->signing_key_cert);
987 0 : memset(sd, 0, sizeof(*sd));
988 0 : }
989 :
990 : /** Copy src into dest, and steal all references inside src so that when
991 : * we free src, we don't mess up dest. */
992 : static void
993 0 : signed_descriptor_move(signed_descriptor_t *dest,
994 : signed_descriptor_t *src)
995 : {
996 0 : tor_assert(dest != src);
997 : /* Cleanup destination object before overwriting it.*/
998 0 : signed_descriptor_reset(dest);
999 0 : memcpy(dest, src, sizeof(signed_descriptor_t));
1000 0 : src->signed_descriptor_body = NULL;
1001 0 : src->signing_key_cert = NULL;
1002 0 : dest->routerlist_index = -1;
1003 0 : }
1004 :
1005 : /** Extract a signed_descriptor_t from a general routerinfo, and free the
1006 : * routerinfo.
1007 : */
1008 : static signed_descriptor_t *
1009 0 : signed_descriptor_from_routerinfo(routerinfo_t *ri)
1010 : {
1011 0 : signed_descriptor_t *sd;
1012 0 : tor_assert(ri->purpose == ROUTER_PURPOSE_GENERAL);
1013 0 : sd = tor_malloc_zero(sizeof(signed_descriptor_t));
1014 0 : signed_descriptor_move(sd, &ri->cache_info);
1015 0 : routerinfo_free(ri);
1016 0 : return sd;
1017 : }
1018 :
1019 : /** Helper: free the storage held by the extrainfo_t in <b>e</b>. */
1020 : static void
1021 0 : extrainfo_free_void(void *e)
1022 : {
1023 0 : extrainfo_free_(e);
1024 0 : }
1025 :
1026 : /** Free all storage held by a routerlist <b>rl</b>. */
1027 : void
1028 301 : routerlist_free_(routerlist_t *rl)
1029 : {
1030 301 : if (!rl)
1031 : return;
1032 23 : rimap_free(rl->identity_map, NULL);
1033 23 : sdmap_free(rl->desc_digest_map, NULL);
1034 23 : sdmap_free(rl->desc_by_eid_map, NULL);
1035 23 : eimap_free(rl->extra_info_map, extrainfo_free_void);
1036 119 : SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
1037 : routerinfo_free(r));
1038 23 : SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
1039 : signed_descriptor_free(sd));
1040 23 : smartlist_free(rl->routers);
1041 23 : smartlist_free(rl->old_routers);
1042 23 : if (rl->desc_store.mmap) {
1043 0 : int res = tor_munmap_file(rl->desc_store.mmap);
1044 0 : if (res != 0) {
1045 0 : log_warn(LD_FS, "Failed to munmap routerlist->desc_store.mmap");
1046 : }
1047 : }
1048 23 : if (rl->extrainfo_store.mmap) {
1049 0 : int res = tor_munmap_file(rl->extrainfo_store.mmap);
1050 0 : if (res != 0) {
1051 0 : log_warn(LD_FS, "Failed to munmap routerlist->extrainfo_store.mmap");
1052 : }
1053 : }
1054 23 : tor_free(rl);
1055 : }
1056 :
1057 : /** Log information about how much memory is being used for routerlist,
1058 : * at log level <b>severity</b>. */
1059 : void
1060 0 : dump_routerlist_mem_usage(int severity)
1061 : {
1062 0 : uint64_t livedescs = 0;
1063 0 : uint64_t olddescs = 0;
1064 0 : if (!routerlist)
1065 : return;
1066 0 : SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, r,
1067 : livedescs += r->cache_info.signed_descriptor_len);
1068 0 : SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
1069 : olddescs += sd->signed_descriptor_len);
1070 :
1071 0 : tor_log(severity, LD_DIR,
1072 : "In %d live descriptors: %"PRIu64" bytes. "
1073 : "In %d old descriptors: %"PRIu64" bytes.",
1074 : smartlist_len(routerlist->routers), (livedescs),
1075 : smartlist_len(routerlist->old_routers), (olddescs));
1076 : }
1077 :
1078 : /** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
1079 : * in <b>sl</b> at position <b>idx</b>. Otherwise, search <b>sl</b> for
1080 : * <b>ri</b>. Return the index of <b>ri</b> in <b>sl</b>, or -1 if <b>ri</b>
1081 : * is not in <b>sl</b>. */
1082 : static inline int
1083 1 : routerlist_find_elt_(smartlist_t *sl, void *ri, int idx)
1084 : {
1085 1 : if (idx < 0) {
1086 1 : idx = -1;
1087 5 : SMARTLIST_FOREACH(sl, routerinfo_t *, r,
1088 : if (r == ri) {
1089 : idx = r_sl_idx;
1090 : break;
1091 : });
1092 : } else {
1093 0 : tor_assert(idx < smartlist_len(sl));
1094 0 : tor_assert(smartlist_get(sl, idx) == ri);
1095 1 : };
1096 1 : return idx;
1097 : }
1098 :
1099 : /** Insert an item <b>ri</b> into the routerlist <b>rl</b>, updating indices
1100 : * as needed. There must be no previous member of <b>rl</b> with the same
1101 : * identity digest as <b>ri</b>: If there is, call routerlist_replace
1102 : * instead.
1103 : */
1104 : static void
1105 133 : routerlist_insert(routerlist_t *rl, routerinfo_t *ri)
1106 : {
1107 133 : routerinfo_t *ri_old;
1108 133 : signed_descriptor_t *sd_old;
1109 : {
1110 133 : const routerinfo_t *ri_generated = router_get_my_routerinfo();
1111 133 : tor_assert(ri_generated != ri);
1112 : }
1113 133 : tor_assert(ri->cache_info.routerlist_index == -1);
1114 :
1115 133 : ri_old = rimap_set(rl->identity_map, ri->cache_info.identity_digest, ri);
1116 133 : tor_assert(!ri_old);
1117 :
1118 266 : sd_old = sdmap_set(rl->desc_digest_map,
1119 133 : ri->cache_info.signed_descriptor_digest,
1120 : &(ri->cache_info));
1121 133 : if (sd_old) {
1122 0 : int idx = sd_old->routerlist_index;
1123 0 : sd_old->routerlist_index = -1;
1124 0 : smartlist_del(rl->old_routers, idx);
1125 0 : if (idx < smartlist_len(rl->old_routers)) {
1126 0 : signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
1127 0 : d->routerlist_index = idx;
1128 : }
1129 0 : rl->desc_store.bytes_dropped += sd_old->signed_descriptor_len;
1130 0 : sdmap_remove(rl->desc_by_eid_map, sd_old->extra_info_digest);
1131 0 : signed_descriptor_free(sd_old);
1132 : }
1133 :
1134 133 : if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
1135 25 : sdmap_set(rl->desc_by_eid_map, ri->cache_info.extra_info_digest,
1136 : &ri->cache_info);
1137 133 : smartlist_add(rl->routers, ri);
1138 133 : ri->cache_info.routerlist_index = smartlist_len(rl->routers) - 1;
1139 133 : nodelist_set_routerinfo(ri, NULL);
1140 133 : router_dir_info_changed();
1141 : #ifdef DEBUG_ROUTERLIST
1142 : routerlist_assert_ok(rl);
1143 : #endif
1144 133 : }
1145 :
1146 : /** Adds the extrainfo_t <b>ei</b> to the routerlist <b>rl</b>, if there is a
1147 : * corresponding router in rl-\>routers or rl-\>old_routers. Return the status
1148 : * of inserting <b>ei</b>. Free <b>ei</b> if it isn't inserted. */
1149 0 : MOCK_IMPL(STATIC was_router_added_t,
1150 : extrainfo_insert,(routerlist_t *rl, extrainfo_t *ei, int warn_if_incompatible))
1151 : {
1152 0 : was_router_added_t r;
1153 0 : const char *compatibility_error_msg;
1154 0 : routerinfo_t *ri = rimap_get(rl->identity_map,
1155 0 : ei->cache_info.identity_digest);
1156 0 : signed_descriptor_t *sd =
1157 0 : sdmap_get(rl->desc_by_eid_map, ei->cache_info.signed_descriptor_digest);
1158 0 : extrainfo_t *ei_tmp;
1159 0 : const int severity = warn_if_incompatible ? LOG_WARN : LOG_INFO;
1160 :
1161 : {
1162 0 : extrainfo_t *ei_generated = router_get_my_extrainfo();
1163 0 : tor_assert(ei_generated != ei);
1164 : }
1165 :
1166 0 : if (!ri) {
1167 : /* This router is unknown; we can't even verify the signature. Give up.*/
1168 0 : r = ROUTER_NOT_IN_CONSENSUS;
1169 0 : goto done;
1170 : }
1171 0 : if (! sd) {
1172 : /* The extrainfo router doesn't have a known routerdesc to attach it to.
1173 0 : * This just won't work. */;
1174 0 : static ratelim_t no_sd_ratelim = RATELIM_INIT(1800);
1175 0 : r = ROUTER_BAD_EI;
1176 : /* This is a DEBUG because it can happen naturally, if we tried
1177 : * to add an extrainfo for which we no longer have the
1178 : * corresponding routerinfo.
1179 : */
1180 0 : log_fn_ratelim(&no_sd_ratelim, LOG_DEBUG, LD_DIR,
1181 : "No entry found in extrainfo map.");
1182 0 : goto done;
1183 : }
1184 0 : if (tor_memneq(ei->cache_info.signed_descriptor_digest,
1185 : sd->extra_info_digest, DIGEST_LEN)) {
1186 0 : static ratelim_t digest_mismatch_ratelim = RATELIM_INIT(1800);
1187 : /* The sd we got from the map doesn't match the digest we used to look
1188 : * it up. This makes no sense. */
1189 0 : r = ROUTER_BAD_EI;
1190 0 : log_fn_ratelim(&digest_mismatch_ratelim, severity, LD_BUG,
1191 : "Mismatch in digest in extrainfo map.");
1192 0 : goto done;
1193 : }
1194 0 : if (routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei, sd,
1195 : &compatibility_error_msg)) {
1196 0 : char d1[HEX_DIGEST_LEN+1], d2[HEX_DIGEST_LEN+1];
1197 0 : r = (ri->cache_info.extrainfo_is_bogus) ?
1198 0 : ROUTER_BAD_EI : ROUTER_NOT_IN_CONSENSUS;
1199 :
1200 0 : base16_encode(d1, sizeof(d1), ri->cache_info.identity_digest, DIGEST_LEN);
1201 0 : base16_encode(d2, sizeof(d2), ei->cache_info.identity_digest, DIGEST_LEN);
1202 :
1203 0 : log_fn(severity,LD_DIR,
1204 : "router info incompatible with extra info (ri id: %s, ei id %s, "
1205 : "reason: %s)", d1, d2, compatibility_error_msg);
1206 :
1207 0 : goto done;
1208 : }
1209 :
1210 : /* Okay, if we make it here, we definitely have a router corresponding to
1211 : * this extrainfo. */
1212 :
1213 0 : ei_tmp = eimap_set(rl->extra_info_map,
1214 : ei->cache_info.signed_descriptor_digest,
1215 : ei);
1216 0 : r = ROUTER_ADDED_SUCCESSFULLY;
1217 0 : if (ei_tmp) {
1218 0 : rl->extrainfo_store.bytes_dropped +=
1219 0 : ei_tmp->cache_info.signed_descriptor_len;
1220 0 : extrainfo_free(ei_tmp);
1221 : }
1222 :
1223 0 : done:
1224 0 : if (r != ROUTER_ADDED_SUCCESSFULLY)
1225 0 : extrainfo_free(ei);
1226 :
1227 : #ifdef DEBUG_ROUTERLIST
1228 : routerlist_assert_ok(rl);
1229 : #endif
1230 0 : return r;
1231 : }
1232 :
1233 : #define should_cache_old_descriptors() \
1234 : directory_caches_dir_info(get_options())
1235 :
1236 : /** If we're a directory cache and routerlist <b>rl</b> doesn't have
1237 : * a copy of router <b>ri</b> yet, add it to the list of old (not
1238 : * recommended but still served) descriptors. Else free it. */
1239 : static void
1240 0 : routerlist_insert_old(routerlist_t *rl, routerinfo_t *ri)
1241 : {
1242 : {
1243 0 : const routerinfo_t *ri_generated = router_get_my_routerinfo();
1244 0 : tor_assert(ri_generated != ri);
1245 : }
1246 0 : tor_assert(ri->cache_info.routerlist_index == -1);
1247 :
1248 0 : if (should_cache_old_descriptors() &&
1249 0 : ri->purpose == ROUTER_PURPOSE_GENERAL &&
1250 0 : !sdmap_get(rl->desc_digest_map,
1251 0 : ri->cache_info.signed_descriptor_digest)) {
1252 0 : signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri);
1253 0 : sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
1254 0 : smartlist_add(rl->old_routers, sd);
1255 0 : sd->routerlist_index = smartlist_len(rl->old_routers)-1;
1256 0 : if (!tor_digest_is_zero(sd->extra_info_digest))
1257 0 : sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
1258 : } else {
1259 0 : routerinfo_free(ri);
1260 : }
1261 : #ifdef DEBUG_ROUTERLIST
1262 : routerlist_assert_ok(rl);
1263 : #endif
1264 0 : }
1265 :
1266 : /** Remove an item <b>ri</b> from the routerlist <b>rl</b>, updating indices
1267 : * as needed. If <b>idx</b> is nonnegative and smartlist_get(rl->routers,
1268 : * idx) == ri, we don't need to do a linear search over the list to decide
1269 : * which to remove. We fill the gap in rl->routers with a later element in
1270 : * the list, if any exists. <b>ri</b> is freed.
1271 : *
1272 : * If <b>make_old</b> is true, instead of deleting the router, we try adding
1273 : * it to rl->old_routers. */
1274 : void
1275 0 : routerlist_remove(routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
1276 : {
1277 0 : routerinfo_t *ri_tmp;
1278 0 : extrainfo_t *ei_tmp;
1279 0 : int idx = ri->cache_info.routerlist_index;
1280 0 : tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
1281 0 : tor_assert(smartlist_get(rl->routers, idx) == ri);
1282 :
1283 0 : nodelist_remove_routerinfo(ri);
1284 :
1285 : /* make sure the rephist module knows that it's not running */
1286 0 : rep_hist_note_router_unreachable(ri->cache_info.identity_digest, now);
1287 :
1288 0 : ri->cache_info.routerlist_index = -1;
1289 0 : smartlist_del(rl->routers, idx);
1290 0 : if (idx < smartlist_len(rl->routers)) {
1291 0 : routerinfo_t *r = smartlist_get(rl->routers, idx);
1292 0 : r->cache_info.routerlist_index = idx;
1293 : }
1294 :
1295 0 : ri_tmp = rimap_remove(rl->identity_map, ri->cache_info.identity_digest);
1296 0 : router_dir_info_changed();
1297 0 : tor_assert(ri_tmp == ri);
1298 :
1299 0 : if (make_old && should_cache_old_descriptors() &&
1300 0 : ri->purpose == ROUTER_PURPOSE_GENERAL) {
1301 0 : signed_descriptor_t *sd;
1302 0 : sd = signed_descriptor_from_routerinfo(ri);
1303 0 : smartlist_add(rl->old_routers, sd);
1304 0 : sd->routerlist_index = smartlist_len(rl->old_routers)-1;
1305 0 : sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
1306 0 : if (!tor_digest_is_zero(sd->extra_info_digest))
1307 0 : sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
1308 : } else {
1309 0 : signed_descriptor_t *sd_tmp;
1310 0 : sd_tmp = sdmap_remove(rl->desc_digest_map,
1311 0 : ri->cache_info.signed_descriptor_digest);
1312 0 : tor_assert(sd_tmp == &(ri->cache_info));
1313 0 : rl->desc_store.bytes_dropped += ri->cache_info.signed_descriptor_len;
1314 0 : ei_tmp = eimap_remove(rl->extra_info_map,
1315 0 : ri->cache_info.extra_info_digest);
1316 0 : if (ei_tmp) {
1317 0 : rl->extrainfo_store.bytes_dropped +=
1318 0 : ei_tmp->cache_info.signed_descriptor_len;
1319 0 : extrainfo_free(ei_tmp);
1320 : }
1321 0 : if (!tor_digest_is_zero(ri->cache_info.extra_info_digest))
1322 0 : sdmap_remove(rl->desc_by_eid_map, ri->cache_info.extra_info_digest);
1323 0 : routerinfo_free(ri);
1324 : }
1325 : #ifdef DEBUG_ROUTERLIST
1326 : routerlist_assert_ok(rl);
1327 : #endif
1328 0 : }
1329 :
1330 : /** Remove a signed_descriptor_t <b>sd</b> from <b>rl</b>-\>old_routers, and
1331 : * adjust <b>rl</b> as appropriate. <b>idx</b> is -1, or the index of
1332 : * <b>sd</b>. */
1333 : static void
1334 0 : routerlist_remove_old(routerlist_t *rl, signed_descriptor_t *sd, int idx)
1335 : {
1336 0 : signed_descriptor_t *sd_tmp;
1337 0 : extrainfo_t *ei_tmp;
1338 0 : desc_store_t *store;
1339 0 : if (idx == -1) {
1340 0 : idx = sd->routerlist_index;
1341 : }
1342 0 : tor_assert(0 <= idx && idx < smartlist_len(rl->old_routers));
1343 : /* XXXX edmanm's bridge relay triggered the following assert while
1344 : * running 0.2.0.12-alpha. If anybody triggers this again, see if we
1345 : * can get a backtrace. */
1346 0 : tor_assert(smartlist_get(rl->old_routers, idx) == sd);
1347 0 : tor_assert(idx == sd->routerlist_index);
1348 :
1349 0 : sd->routerlist_index = -1;
1350 0 : smartlist_del(rl->old_routers, idx);
1351 0 : if (idx < smartlist_len(rl->old_routers)) {
1352 0 : signed_descriptor_t *d = smartlist_get(rl->old_routers, idx);
1353 0 : d->routerlist_index = idx;
1354 : }
1355 0 : sd_tmp = sdmap_remove(rl->desc_digest_map,
1356 0 : sd->signed_descriptor_digest);
1357 0 : tor_assert(sd_tmp == sd);
1358 0 : store = desc_get_store(rl, sd);
1359 0 : if (store)
1360 0 : store->bytes_dropped += sd->signed_descriptor_len;
1361 :
1362 0 : ei_tmp = eimap_remove(rl->extra_info_map,
1363 0 : sd->extra_info_digest);
1364 0 : if (ei_tmp) {
1365 0 : rl->extrainfo_store.bytes_dropped +=
1366 0 : ei_tmp->cache_info.signed_descriptor_len;
1367 0 : extrainfo_free(ei_tmp);
1368 : }
1369 0 : if (!tor_digest_is_zero(sd->extra_info_digest))
1370 0 : sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
1371 :
1372 0 : signed_descriptor_free(sd);
1373 : #ifdef DEBUG_ROUTERLIST
1374 : routerlist_assert_ok(rl);
1375 : #endif
1376 0 : }
1377 :
1378 : /** Remove <b>ri_old</b> from the routerlist <b>rl</b>, and replace it with
1379 : * <b>ri_new</b>, updating all index info. If <b>idx</b> is nonnegative and
1380 : * smartlist_get(rl->routers, idx) == ri, we don't need to do a linear
1381 : * search over the list to decide which to remove. We put ri_new in the same
1382 : * index as ri_old, if possible. ri is freed as appropriate.
1383 : *
1384 : * If should_cache_descriptors() is true, instead of deleting the router,
1385 : * we add it to rl->old_routers. */
1386 : static void
1387 1 : routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
1388 : routerinfo_t *ri_new)
1389 : {
1390 1 : int idx;
1391 1 : int same_descriptors;
1392 :
1393 1 : routerinfo_t *ri_tmp;
1394 1 : extrainfo_t *ei_tmp;
1395 : {
1396 1 : const routerinfo_t *ri_generated = router_get_my_routerinfo();
1397 1 : tor_assert(ri_generated != ri_new);
1398 : }
1399 1 : tor_assert(ri_old != ri_new);
1400 1 : tor_assert(ri_new->cache_info.routerlist_index == -1);
1401 :
1402 1 : idx = ri_old->cache_info.routerlist_index;
1403 1 : tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
1404 1 : tor_assert(smartlist_get(rl->routers, idx) == ri_old);
1405 :
1406 : {
1407 1 : routerinfo_t *ri_old_tmp=NULL;
1408 1 : nodelist_set_routerinfo(ri_new, &ri_old_tmp);
1409 1 : tor_assert(ri_old == ri_old_tmp);
1410 : }
1411 :
1412 1 : router_dir_info_changed();
1413 1 : if (idx >= 0) {
1414 1 : smartlist_set(rl->routers, idx, ri_new);
1415 1 : ri_old->cache_info.routerlist_index = -1;
1416 1 : ri_new->cache_info.routerlist_index = idx;
1417 : /* Check that ri_old is not in rl->routers anymore: */
1418 1 : tor_assert( routerlist_find_elt_(rl->routers, ri_old, -1) == -1 );
1419 : } else {
1420 : log_warn(LD_BUG, "Appending entry from routerlist_replace.");
1421 : routerlist_insert(rl, ri_new);
1422 : return;
1423 : }
1424 1 : if (tor_memneq(ri_old->cache_info.identity_digest,
1425 : ri_new->cache_info.identity_digest, DIGEST_LEN)) {
1426 : /* digests don't match; digestmap_set won't replace */
1427 0 : rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
1428 : }
1429 1 : ri_tmp = rimap_set(rl->identity_map,
1430 : ri_new->cache_info.identity_digest, ri_new);
1431 1 : tor_assert(!ri_tmp || ri_tmp == ri_old);
1432 1 : sdmap_set(rl->desc_digest_map,
1433 1 : ri_new->cache_info.signed_descriptor_digest,
1434 : &(ri_new->cache_info));
1435 :
1436 1 : if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
1437 0 : sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
1438 : &ri_new->cache_info);
1439 : }
1440 :
1441 1 : same_descriptors = tor_memeq(ri_old->cache_info.signed_descriptor_digest,
1442 : ri_new->cache_info.signed_descriptor_digest,
1443 : DIGEST_LEN);
1444 :
1445 1 : if (should_cache_old_descriptors() &&
1446 0 : ri_old->purpose == ROUTER_PURPOSE_GENERAL &&
1447 : !same_descriptors) {
1448 : /* ri_old is going to become a signed_descriptor_t and go into
1449 : * old_routers */
1450 0 : signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
1451 0 : smartlist_add(rl->old_routers, sd);
1452 0 : sd->routerlist_index = smartlist_len(rl->old_routers)-1;
1453 0 : sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
1454 0 : if (!tor_digest_is_zero(sd->extra_info_digest))
1455 0 : sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
1456 : } else {
1457 : /* We're dropping ri_old. */
1458 1 : if (!same_descriptors) {
1459 : /* digests don't match; The sdmap_set above didn't replace */
1460 1 : sdmap_remove(rl->desc_digest_map,
1461 : ri_old->cache_info.signed_descriptor_digest);
1462 :
1463 1 : if (tor_memneq(ri_old->cache_info.extra_info_digest,
1464 : ri_new->cache_info.extra_info_digest, DIGEST_LEN)) {
1465 0 : ei_tmp = eimap_remove(rl->extra_info_map,
1466 : ri_old->cache_info.extra_info_digest);
1467 0 : if (ei_tmp) {
1468 0 : rl->extrainfo_store.bytes_dropped +=
1469 0 : ei_tmp->cache_info.signed_descriptor_len;
1470 0 : extrainfo_free(ei_tmp);
1471 : }
1472 : }
1473 :
1474 1 : if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
1475 0 : sdmap_remove(rl->desc_by_eid_map,
1476 : ri_old->cache_info.extra_info_digest);
1477 : }
1478 : }
1479 1 : rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
1480 1 : routerinfo_free(ri_old);
1481 : }
1482 : #ifdef DEBUG_ROUTERLIST
1483 : routerlist_assert_ok(rl);
1484 : #endif
1485 : }
1486 :
1487 : /** Extract the descriptor <b>sd</b> from old_routerlist, and re-parse
1488 : * it as a fresh routerinfo_t. */
1489 : static routerinfo_t *
1490 0 : routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
1491 : {
1492 0 : routerinfo_t *ri;
1493 0 : const char *body;
1494 :
1495 0 : body = signed_descriptor_get_annotations(sd);
1496 :
1497 0 : ri = router_parse_entry_from_string(body,
1498 0 : body+sd->signed_descriptor_len+sd->annotations_len,
1499 : 0, 1, NULL, NULL);
1500 0 : if (!ri)
1501 : return NULL;
1502 0 : signed_descriptor_move(&ri->cache_info, sd);
1503 :
1504 0 : routerlist_remove_old(rl, sd, -1);
1505 :
1506 0 : return ri;
1507 : }
1508 :
1509 : /** Free all memory held by the routerlist module.
1510 : * Note: Calling routerlist_free_all() should always be paired with
1511 : * a call to nodelist_free_all(). These should only be called during
1512 : * cleanup.
1513 : */
1514 : void
1515 301 : routerlist_free_all(void)
1516 : {
1517 301 : routerlist_t *rl = routerlist;
1518 301 : routerlist = NULL; // Prevent internals of routerlist_free() from using
1519 : // routerlist.
1520 301 : routerlist_free(rl);
1521 301 : dirlist_free_all();
1522 301 : if (warned_nicknames) {
1523 0 : SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
1524 0 : smartlist_free(warned_nicknames);
1525 0 : warned_nicknames = NULL;
1526 : }
1527 301 : authcert_free_all();
1528 301 : }
1529 :
1530 : /** Forget that we have issued any router-related warnings, so that we'll
1531 : * warn again if we see the same errors. */
1532 : void
1533 0 : routerlist_reset_warnings(void)
1534 : {
1535 0 : if (!warned_nicknames)
1536 0 : warned_nicknames = smartlist_new();
1537 0 : SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
1538 0 : smartlist_clear(warned_nicknames); /* now the list is empty. */
1539 :
1540 0 : networkstatus_reset_warnings();
1541 0 : }
1542 :
1543 : /** Return 1 if the signed descriptor of this router is older than
1544 : * <b>seconds</b> seconds. Otherwise return 0. */
1545 1 : MOCK_IMPL(int,
1546 : router_descriptor_is_older_than,(const routerinfo_t *router, int seconds))
1547 : {
1548 1 : return router->cache_info.published_on < approx_time() - seconds;
1549 : }
1550 :
1551 : /** Add <b>router</b> to the routerlist, if we don't already have it. Replace
1552 : * older entries (if any) with the same key.
1553 : *
1554 : * Note: Callers should not hold their pointers to <b>router</b> if this
1555 : * function fails; <b>router</b> will either be inserted into the routerlist or
1556 : * freed. Similarly, even if this call succeeds, they should not hold their
1557 : * pointers to <b>router</b> after subsequent calls with other routerinfo's --
1558 : * they might cause the original routerinfo to get freed.
1559 : *
1560 : * Returns the status for the operation. Might set *<b>msg</b> if it wants
1561 : * the poster of the router to know something.
1562 : *
1563 : * If <b>from_cache</b>, this descriptor came from our disk cache. If
1564 : * <b>from_fetch</b>, we received it in response to a request we made.
1565 : * (If both are false, that means it was uploaded to us as an auth dir
1566 : * server or via the controller.)
1567 : *
1568 : * This function should be called *after*
1569 : * routers_update_status_from_consensus_networkstatus; subsequently, you
1570 : * should call router_rebuild_store and routerlist_descriptors_added.
1571 : */
1572 : was_router_added_t
1573 134 : router_add_to_routerlist(routerinfo_t *router, const char **msg,
1574 : int from_cache, int from_fetch)
1575 : {
1576 134 : const char *id_digest;
1577 134 : const or_options_t *options = get_options();
1578 134 : int authdir = authdir_mode_handles_descs(options, router->purpose);
1579 134 : int authdir_believes_valid = 0;
1580 134 : routerinfo_t *old_router;
1581 134 : networkstatus_t *consensus =
1582 134 : networkstatus_get_latest_consensus_by_flavor(FLAV_NS);
1583 134 : int in_consensus = 0;
1584 :
1585 134 : tor_assert(msg);
1586 :
1587 134 : if (!routerlist)
1588 28 : router_get_routerlist();
1589 :
1590 134 : id_digest = router->cache_info.identity_digest;
1591 :
1592 134 : old_router = router_get_mutable_by_digest(id_digest);
1593 :
1594 : /* Make sure that it isn't expired. */
1595 134 : if (router->cert_expiration_time < approx_time()) {
1596 0 : routerinfo_free(router);
1597 0 : *msg = "Some certs on this router are expired.";
1598 0 : return ROUTER_CERTS_EXPIRED;
1599 : }
1600 :
1601 : /* Make sure that we haven't already got this exact descriptor. */
1602 134 : if (sdmap_get(routerlist->desc_digest_map,
1603 134 : router->cache_info.signed_descriptor_digest)) {
1604 : /* If we have this descriptor already and the new descriptor is a bridge
1605 : * descriptor, replace it. If we had a bridge descriptor before and the
1606 : * new one is not a bridge descriptor, don't replace it. */
1607 :
1608 : /* Only members of routerlist->identity_map can be bridges; we don't
1609 : * put bridges in old_routers. */
1610 0 : const int was_bridge = old_router &&
1611 0 : old_router->purpose == ROUTER_PURPOSE_BRIDGE;
1612 :
1613 0 : if (routerinfo_is_a_configured_bridge(router) &&
1614 0 : router->purpose == ROUTER_PURPOSE_BRIDGE &&
1615 : !was_bridge) {
1616 0 : log_info(LD_DIR, "Replacing non-bridge descriptor with bridge "
1617 : "descriptor for router %s",
1618 : router_describe(router));
1619 : } else {
1620 0 : log_info(LD_DIR,
1621 : "Dropping descriptor that we already have for router %s",
1622 : router_describe(router));
1623 0 : *msg = "Router descriptor was not new.";
1624 0 : routerinfo_free(router);
1625 0 : return ROUTER_IS_ALREADY_KNOWN;
1626 : }
1627 : }
1628 :
1629 134 : if (authdir) {
1630 0 : if (authdir_wants_to_reject_router(router, msg,
1631 : !from_cache && !from_fetch,
1632 : &authdir_believes_valid)) {
1633 0 : tor_assert(*msg);
1634 0 : routerinfo_free(router);
1635 0 : return ROUTER_AUTHDIR_REJECTS;
1636 : }
1637 134 : } else if (from_fetch) {
1638 : /* Only check the descriptor digest against the network statuses when
1639 : * we are receiving in response to a fetch. */
1640 :
1641 0 : if (!signed_desc_digest_is_recognized(&router->cache_info) &&
1642 0 : !routerinfo_is_a_configured_bridge(router)) {
1643 : /* We asked for it, so some networkstatus must have listed it when we
1644 : * did. Save it if we're a cache in case somebody else asks for it. */
1645 0 : log_info(LD_DIR,
1646 : "Received a no-longer-recognized descriptor for router %s",
1647 : router_describe(router));
1648 0 : *msg = "Router descriptor is not referenced by any network-status.";
1649 :
1650 : /* Only journal this desc if we want to keep old descriptors */
1651 0 : if (!from_cache && should_cache_old_descriptors())
1652 0 : signed_desc_append_to_journal(&router->cache_info,
1653 0 : &routerlist->desc_store);
1654 0 : routerlist_insert_old(routerlist, router);
1655 0 : return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
1656 : }
1657 : }
1658 :
1659 : /* We no longer need a router with this descriptor digest. */
1660 134 : if (consensus) {
1661 0 : routerstatus_t *rs = networkstatus_vote_find_mutable_entry(
1662 : consensus, id_digest);
1663 0 : if (rs && tor_memeq(rs->descriptor_digest,
1664 : router->cache_info.signed_descriptor_digest,
1665 : DIGEST_LEN)) {
1666 0 : in_consensus = 1;
1667 : }
1668 : }
1669 :
1670 134 : if (router->purpose == ROUTER_PURPOSE_GENERAL &&
1671 134 : consensus && !in_consensus && !authdir) {
1672 : /* If it's a general router not listed in the consensus, then don't
1673 : * consider replacing the latest router with it. */
1674 0 : if (!from_cache && should_cache_old_descriptors())
1675 0 : signed_desc_append_to_journal(&router->cache_info,
1676 0 : &routerlist->desc_store);
1677 0 : routerlist_insert_old(routerlist, router);
1678 0 : *msg = "Skipping router descriptor: not in consensus.";
1679 0 : return ROUTER_NOT_IN_CONSENSUS;
1680 : }
1681 :
1682 : /* If we're reading a bridge descriptor from our cache, and we don't
1683 : * recognize it as one of our currently configured bridges, drop the
1684 : * descriptor. Otherwise we could end up using it as one of our entry
1685 : * guards even if it isn't in our Bridge config lines. */
1686 134 : if (router->purpose == ROUTER_PURPOSE_BRIDGE && from_cache &&
1687 0 : !authdir_mode_bridge(options) &&
1688 0 : !routerinfo_is_a_configured_bridge(router)) {
1689 0 : log_info(LD_DIR, "Dropping bridge descriptor for %s because we have "
1690 : "no bridge configured at that address.",
1691 : safe_str_client(router_describe(router)));
1692 0 : *msg = "Router descriptor was not a configured bridge.";
1693 0 : routerinfo_free(router);
1694 0 : return ROUTER_WAS_NOT_WANTED;
1695 : }
1696 :
1697 : /* If we have a router with the same identity key, choose the newer one. */
1698 134 : if (old_router) {
1699 1 : if (!in_consensus && (router->cache_info.published_on <=
1700 1 : old_router->cache_info.published_on)) {
1701 : /* Same key, but old. This one is not listed in the consensus. */
1702 0 : log_debug(LD_DIR, "Not-new descriptor for router %s",
1703 : router_describe(router));
1704 : /* Only journal this desc if we'll be serving it. */
1705 0 : if (!from_cache && should_cache_old_descriptors())
1706 0 : signed_desc_append_to_journal(&router->cache_info,
1707 0 : &routerlist->desc_store);
1708 0 : routerlist_insert_old(routerlist, router);
1709 0 : *msg = "Router descriptor was not new.";
1710 0 : return ROUTER_IS_ALREADY_KNOWN;
1711 : } else {
1712 : /* Same key, and either new, or listed in the consensus. */
1713 1 : log_debug(LD_DIR, "Replacing entry for router %s",
1714 : router_describe(router));
1715 1 : routerlist_replace(routerlist, old_router, router);
1716 1 : if (!from_cache) {
1717 1 : signed_desc_append_to_journal(&router->cache_info,
1718 1 : &routerlist->desc_store);
1719 : }
1720 1 : *msg = authdir_believes_valid ? "Valid server updated" :
1721 : ("Invalid server updated. (This dirserver is marking your "
1722 : "server as unapproved.)");
1723 1 : return ROUTER_ADDED_SUCCESSFULLY;
1724 : }
1725 : }
1726 :
1727 158 : if (!in_consensus && from_cache &&
1728 25 : router_descriptor_is_older_than(router, OLD_ROUTER_DESC_MAX_AGE)) {
1729 0 : *msg = "Router descriptor was really old.";
1730 0 : routerinfo_free(router);
1731 0 : return ROUTER_WAS_TOO_OLD;
1732 : }
1733 :
1734 : /* We haven't seen a router with this identity before. Add it to the end of
1735 : * the list. */
1736 133 : routerlist_insert(routerlist, router);
1737 133 : if (!from_cache) {
1738 108 : signed_desc_append_to_journal(&router->cache_info,
1739 108 : &routerlist->desc_store);
1740 : }
1741 : return ROUTER_ADDED_SUCCESSFULLY;
1742 : }
1743 :
1744 : /** Insert <b>ei</b> into the routerlist, or free it. Other arguments are
1745 : * as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
1746 : * we actually inserted it, ROUTER_BAD_EI otherwise.
1747 : */
1748 : was_router_added_t
1749 2 : router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
1750 : int from_cache, int from_fetch)
1751 : {
1752 2 : was_router_added_t inserted;
1753 2 : (void)from_fetch;
1754 2 : if (msg) *msg = NULL;
1755 : /*XXXX Do something with msg */
1756 :
1757 2 : inserted = extrainfo_insert(router_get_routerlist(), ei, !from_cache);
1758 :
1759 2 : if (WRA_WAS_ADDED(inserted) && !from_cache)
1760 0 : signed_desc_append_to_journal(&ei->cache_info,
1761 0 : &routerlist->extrainfo_store);
1762 :
1763 2 : return inserted;
1764 : }
1765 :
1766 : /** Sorting helper: return <0, 0, or >0 depending on whether the
1767 : * signed_descriptor_t* in *<b>a</b> has an identity digest preceding, equal
1768 : * to, or later than that of *<b>b</b>. */
1769 : static int
1770 0 : compare_old_routers_by_identity_(const void **_a, const void **_b)
1771 : {
1772 0 : int i;
1773 0 : const signed_descriptor_t *r1 = *_a, *r2 = *_b;
1774 0 : if ((i = fast_memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
1775 : return i;
1776 0 : return (int)(r1->published_on - r2->published_on);
1777 : }
1778 :
1779 : /** Internal type used to represent how long an old descriptor was valid,
1780 : * where it appeared in the list of old descriptors, and whether it's extra
1781 : * old. Used only by routerlist_remove_old_cached_routers_with_id(). */
1782 : struct duration_idx_t {
1783 : int duration;
1784 : int idx;
1785 : int old;
1786 : };
1787 :
1788 : /** Sorting helper: compare two duration_idx_t by their duration. */
1789 : static int
1790 0 : compare_duration_idx_(const void *_d1, const void *_d2)
1791 : {
1792 0 : const struct duration_idx_t *d1 = _d1;
1793 0 : const struct duration_idx_t *d2 = _d2;
1794 0 : return d1->duration - d2->duration;
1795 : }
1796 :
1797 : /** The range <b>lo</b> through <b>hi</b> inclusive of routerlist->old_routers
1798 : * must contain routerinfo_t with the same identity and with publication time
1799 : * in ascending order. Remove members from this range until there are no more
1800 : * than max_descriptors_per_router() remaining. Start by removing the oldest
1801 : * members from before <b>cutoff</b>, then remove members which were current
1802 : * for the lowest amount of time. The order of members of old_routers at
1803 : * indices <b>lo</b> or higher may be changed.
1804 : */
1805 : static void
1806 0 : routerlist_remove_old_cached_routers_with_id(time_t now,
1807 : time_t cutoff, int lo, int hi,
1808 : digestset_t *retain)
1809 : {
1810 0 : int i, n = hi-lo+1;
1811 0 : unsigned n_extra, n_rmv = 0;
1812 0 : struct duration_idx_t *lifespans;
1813 0 : uint8_t *rmv, *must_keep;
1814 0 : smartlist_t *lst = routerlist->old_routers;
1815 : #if 1
1816 0 : const char *ident;
1817 0 : tor_assert(hi < smartlist_len(lst));
1818 0 : tor_assert(lo <= hi);
1819 0 : ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
1820 0 : for (i = lo+1; i <= hi; ++i) {
1821 0 : signed_descriptor_t *r = smartlist_get(lst, i);
1822 0 : tor_assert(tor_memeq(ident, r->identity_digest, DIGEST_LEN));
1823 : }
1824 : #endif /* 1 */
1825 : /* Check whether we need to do anything at all. */
1826 : {
1827 0 : int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
1828 0 : if (n <= mdpr)
1829 0 : return;
1830 0 : n_extra = n - mdpr;
1831 : }
1832 :
1833 0 : lifespans = tor_calloc(n, sizeof(struct duration_idx_t));
1834 0 : rmv = tor_calloc(n, sizeof(uint8_t));
1835 0 : must_keep = tor_calloc(n, sizeof(uint8_t));
1836 : /* Set lifespans to contain the lifespan and index of each server. */
1837 : /* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
1838 0 : for (i = lo; i <= hi; ++i) {
1839 0 : signed_descriptor_t *r = smartlist_get(lst, i);
1840 0 : signed_descriptor_t *r_next;
1841 0 : lifespans[i-lo].idx = i;
1842 0 : if (r->last_listed_as_valid_until >= now ||
1843 0 : (retain && digestset_probably_contains(retain,
1844 0 : r->signed_descriptor_digest))) {
1845 0 : must_keep[i-lo] = 1;
1846 : }
1847 0 : if (i < hi) {
1848 0 : r_next = smartlist_get(lst, i+1);
1849 0 : tor_assert(r->published_on <= r_next->published_on);
1850 0 : lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
1851 : } else {
1852 0 : r_next = NULL;
1853 0 : lifespans[i-lo].duration = INT_MAX;
1854 : }
1855 0 : if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
1856 0 : ++n_rmv;
1857 0 : lifespans[i-lo].old = 1;
1858 0 : rmv[i-lo] = 1;
1859 : }
1860 : }
1861 :
1862 0 : if (n_rmv < n_extra) {
1863 : /**
1864 : * We aren't removing enough servers for being old. Sort lifespans by
1865 : * the duration of liveness, and remove the ones we're not already going to
1866 : * remove based on how long they were alive.
1867 : **/
1868 0 : qsort(lifespans, n, sizeof(struct duration_idx_t), compare_duration_idx_);
1869 0 : for (i = 0; i < n && n_rmv < n_extra; ++i) {
1870 0 : if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
1871 0 : rmv[lifespans[i].idx-lo] = 1;
1872 0 : ++n_rmv;
1873 : }
1874 : }
1875 : }
1876 :
1877 : i = hi;
1878 0 : do {
1879 0 : if (rmv[i-lo])
1880 0 : routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
1881 0 : } while (--i >= lo);
1882 0 : tor_free(must_keep);
1883 0 : tor_free(rmv);
1884 0 : tor_free(lifespans);
1885 : }
1886 :
1887 : /** Deactivate any routers from the routerlist that are more than
1888 : * ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
1889 : * remove old routers from the list of cached routers if we have too many.
1890 : */
1891 : void
1892 0 : routerlist_remove_old_routers(void)
1893 : {
1894 0 : int i, hi=-1;
1895 0 : const char *cur_id = NULL;
1896 0 : time_t now = time(NULL);
1897 0 : time_t cutoff;
1898 0 : routerinfo_t *router;
1899 0 : signed_descriptor_t *sd;
1900 0 : digestset_t *retain;
1901 0 : const networkstatus_t *consensus = networkstatus_get_latest_consensus();
1902 :
1903 0 : trusted_dirs_remove_old_certs();
1904 :
1905 0 : if (!routerlist || !consensus)
1906 0 : return;
1907 :
1908 : // routerlist_assert_ok(routerlist);
1909 :
1910 : /* We need to guess how many router descriptors we will wind up wanting to
1911 : retain, so that we can be sure to allocate a large enough Bloom filter
1912 : to hold the digest set. Overestimating is fine; underestimating is bad.
1913 : */
1914 : {
1915 : /* We'll probably retain everything in the consensus. */
1916 0 : int n_max_retain = smartlist_len(consensus->routerstatus_list);
1917 0 : retain = digestset_new(n_max_retain);
1918 : }
1919 :
1920 0 : cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
1921 : /* Retain anything listed in the consensus. */
1922 0 : if (consensus) {
1923 0 : SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
1924 : if (rs->published_on >= cutoff)
1925 : digestset_add(retain, rs->descriptor_digest));
1926 : }
1927 :
1928 : /* If we have a consensus, we should consider pruning current routers that
1929 : * are too old and that nobody recommends. (If we don't have a consensus,
1930 : * then we should get one before we decide to kill routers.) */
1931 :
1932 0 : if (consensus) {
1933 0 : cutoff = now - ROUTER_MAX_AGE;
1934 : /* Remove too-old unrecommended members of routerlist->routers. */
1935 0 : for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
1936 0 : router = smartlist_get(routerlist->routers, i);
1937 0 : if (router->cache_info.published_on <= cutoff &&
1938 0 : router->cache_info.last_listed_as_valid_until < now &&
1939 0 : !digestset_probably_contains(retain,
1940 0 : router->cache_info.signed_descriptor_digest)) {
1941 : /* Too old: remove it. (If we're a cache, just move it into
1942 : * old_routers.) */
1943 0 : log_info(LD_DIR,
1944 : "Forgetting obsolete (too old) routerinfo for router %s",
1945 : router_describe(router));
1946 0 : routerlist_remove(routerlist, router, 1, now);
1947 0 : i--;
1948 : }
1949 : }
1950 : }
1951 :
1952 : //routerlist_assert_ok(routerlist);
1953 :
1954 : /* Remove far-too-old members of routerlist->old_routers. */
1955 0 : cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
1956 0 : for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
1957 0 : sd = smartlist_get(routerlist->old_routers, i);
1958 0 : if (sd->published_on <= cutoff &&
1959 0 : sd->last_listed_as_valid_until < now &&
1960 0 : !digestset_probably_contains(retain, sd->signed_descriptor_digest)) {
1961 : /* Too old. Remove it. */
1962 0 : routerlist_remove_old(routerlist, sd, i--);
1963 : }
1964 : }
1965 :
1966 : //routerlist_assert_ok(routerlist);
1967 :
1968 0 : log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
1969 : smartlist_len(routerlist->routers),
1970 : smartlist_len(routerlist->old_routers));
1971 :
1972 : /* Now we might have to look at routerlist->old_routers for extraneous
1973 : * members. (We'd keep all the members if we could, but we need to save
1974 : * space.) First, check whether we have too many router descriptors, total.
1975 : * We're okay with having too many for some given router, so long as the
1976 : * total number doesn't approach max_descriptors_per_router()*len(router).
1977 : */
1978 0 : if (smartlist_len(routerlist->old_routers) <
1979 0 : smartlist_len(routerlist->routers))
1980 0 : goto done;
1981 :
1982 : /* Sort by identity, then fix indices. */
1983 0 : smartlist_sort(routerlist->old_routers, compare_old_routers_by_identity_);
1984 : /* Fix indices. */
1985 0 : for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
1986 0 : signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
1987 0 : r->routerlist_index = i;
1988 : }
1989 :
1990 : /* Iterate through the list from back to front, so when we remove descriptors
1991 : * we don't mess up groups we haven't gotten to. */
1992 0 : for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
1993 0 : signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
1994 0 : if (!cur_id) {
1995 0 : cur_id = r->identity_digest;
1996 0 : hi = i;
1997 : }
1998 0 : if (tor_memneq(cur_id, r->identity_digest, DIGEST_LEN)) {
1999 0 : routerlist_remove_old_cached_routers_with_id(now,
2000 : cutoff, i+1, hi, retain);
2001 0 : cur_id = r->identity_digest;
2002 0 : hi = i;
2003 : }
2004 : }
2005 0 : if (hi>=0)
2006 0 : routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
2007 : //routerlist_assert_ok(routerlist);
2008 :
2009 0 : done:
2010 0 : digestset_free(retain);
2011 0 : router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
2012 0 : router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
2013 : }
2014 :
2015 : /** We just added a new set of descriptors. Take whatever extra steps
2016 : * we need. */
2017 : void
2018 25 : routerlist_descriptors_added(smartlist_t *sl, int from_cache)
2019 : {
2020 : // XXXX use pubsub mechanism here.
2021 :
2022 25 : tor_assert(sl);
2023 25 : control_event_descriptors_changed(sl);
2024 50 : SMARTLIST_FOREACH_BEGIN(sl, routerinfo_t *, ri) {
2025 25 : if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
2026 0 : learned_bridge_descriptor(ri, from_cache);
2027 25 : if (ri->needs_retest_if_added) {
2028 0 : ri->needs_retest_if_added = 0;
2029 0 : dirserv_single_reachability_test(approx_time(), ri);
2030 : }
2031 25 : } SMARTLIST_FOREACH_END(ri);
2032 25 : }
2033 :
2034 : /**
2035 : * Code to parse a single router descriptor and insert it into the
2036 : * routerlist. Return -1 if the descriptor was ill-formed; 0 if the
2037 : * descriptor was well-formed but could not be added; and 1 if the
2038 : * descriptor was added.
2039 : *
2040 : * If we don't add it and <b>msg</b> is not NULL, then assign to
2041 : * *<b>msg</b> a static string describing the reason for refusing the
2042 : * descriptor.
2043 : *
2044 : * This is used only by the controller.
2045 : */
2046 : int
2047 0 : router_load_single_router(const char *s, uint8_t purpose, int cache,
2048 : const char **msg)
2049 : {
2050 0 : routerinfo_t *ri;
2051 0 : was_router_added_t r;
2052 0 : smartlist_t *lst;
2053 0 : char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
2054 0 : tor_assert(msg);
2055 0 : *msg = NULL;
2056 :
2057 0 : tor_snprintf(annotation_buf, sizeof(annotation_buf),
2058 : "@source controller\n"
2059 : "@purpose %s\n", router_purpose_to_string(purpose));
2060 :
2061 0 : if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0,
2062 : annotation_buf, NULL))) {
2063 0 : log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
2064 0 : *msg = "Couldn't parse router descriptor.";
2065 0 : return -1;
2066 : }
2067 0 : tor_assert(ri->purpose == purpose);
2068 0 : if (router_is_me(ri)) {
2069 0 : log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
2070 0 : *msg = "Router's identity key matches mine.";
2071 0 : routerinfo_free(ri);
2072 0 : return 0;
2073 : }
2074 :
2075 0 : if (!cache) /* obey the preference of the controller */
2076 0 : ri->cache_info.do_not_cache = 1;
2077 :
2078 0 : lst = smartlist_new();
2079 0 : smartlist_add(lst, ri);
2080 0 : routers_update_status_from_consensus_networkstatus(lst, 0);
2081 :
2082 0 : r = router_add_to_routerlist(ri, msg, 0, 0);
2083 0 : if (!WRA_WAS_ADDED(r)) {
2084 : /* we've already assigned to *msg now, and ri is already freed */
2085 0 : tor_assert(*msg);
2086 0 : if (r == ROUTER_AUTHDIR_REJECTS)
2087 0 : log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
2088 0 : smartlist_free(lst);
2089 0 : return 0;
2090 : } else {
2091 0 : routerlist_descriptors_added(lst, 0);
2092 0 : smartlist_free(lst);
2093 0 : log_debug(LD_DIR, "Added router to list");
2094 0 : return 1;
2095 : }
2096 : }
2097 :
2098 : /** Given a string <b>s</b> containing some routerdescs, parse it and put the
2099 : * routers into our directory. If saved_location is SAVED_NOWHERE, the routers
2100 : * are in response to a query to the network: cache them by adding them to
2101 : * the journal.
2102 : *
2103 : * Return the number of routers actually added.
2104 : *
2105 : * If <b>requested_fingerprints</b> is provided, it must contain a list of
2106 : * uppercased fingerprints. Do not update any router whose
2107 : * fingerprint is not on the list; after updating a router, remove its
2108 : * fingerprint from the list.
2109 : *
2110 : * If <b>descriptor_digests</b> is non-zero, then the requested_fingerprints
2111 : * are descriptor digests. Otherwise they are identity digests.
2112 : */
2113 : int
2114 4 : router_load_routers_from_string(const char *s, const char *eos,
2115 : saved_location_t saved_location,
2116 : smartlist_t *requested_fingerprints,
2117 : int descriptor_digests,
2118 : const char *prepend_annotations)
2119 : {
2120 4 : smartlist_t *routers = smartlist_new(), *changed = smartlist_new();
2121 4 : char fp[HEX_DIGEST_LEN+1];
2122 4 : const char *msg;
2123 4 : int from_cache = (saved_location != SAVED_NOWHERE);
2124 4 : int allow_annotations = (saved_location != SAVED_NOWHERE);
2125 4 : int any_changed = 0;
2126 4 : smartlist_t *invalid_digests = smartlist_new();
2127 :
2128 4 : router_parse_list_from_string(&s, eos, routers, saved_location, 0,
2129 : allow_annotations, prepend_annotations,
2130 : invalid_digests);
2131 :
2132 4 : routers_update_status_from_consensus_networkstatus(routers, !from_cache);
2133 :
2134 4 : log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
2135 :
2136 30 : SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
2137 26 : was_router_added_t r;
2138 26 : char d[DIGEST_LEN];
2139 26 : if (requested_fingerprints) {
2140 2 : base16_encode(fp, sizeof(fp), descriptor_digests ?
2141 : ri->cache_info.signed_descriptor_digest :
2142 : ri->cache_info.identity_digest,
2143 : DIGEST_LEN);
2144 2 : if (smartlist_contains_string(requested_fingerprints, fp)) {
2145 1 : smartlist_string_remove(requested_fingerprints, fp);
2146 1 : } else {
2147 2 : char *requested =
2148 1 : smartlist_join_strings(requested_fingerprints," ",0,NULL);
2149 1 : log_warn(LD_DIR,
2150 : "We received a router descriptor with a fingerprint (%s) "
2151 : "that we never requested. (We asked for: %s.) Dropping.",
2152 : fp, requested);
2153 1 : tor_free(requested);
2154 1 : routerinfo_free(ri);
2155 1 : continue;
2156 : }
2157 : }
2158 :
2159 25 : memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
2160 25 : r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
2161 25 : if (WRA_WAS_ADDED(r)) {
2162 25 : any_changed++;
2163 25 : smartlist_add(changed, ri);
2164 25 : routerlist_descriptors_added(changed, from_cache);
2165 25 : smartlist_clear(changed);
2166 0 : } else if (WRA_NEVER_DOWNLOADABLE(r)) {
2167 0 : download_status_t *dl_status;
2168 0 : dl_status = router_get_dl_status_by_descriptor_digest(d);
2169 0 : if (dl_status) {
2170 0 : log_info(LD_GENERAL, "Marking router %s as never downloadable",
2171 : hex_str(d, DIGEST_LEN));
2172 0 : download_status_mark_impossible(dl_status);
2173 : }
2174 : }
2175 26 : } SMARTLIST_FOREACH_END(ri);
2176 :
2177 7 : SMARTLIST_FOREACH_BEGIN(invalid_digests, const uint8_t *, bad_digest) {
2178 : /* This digest is never going to be parseable. */
2179 3 : base16_encode(fp, sizeof(fp), (char*)bad_digest, DIGEST_LEN);
2180 3 : if (requested_fingerprints && descriptor_digests) {
2181 3 : if (! smartlist_contains_string(requested_fingerprints, fp)) {
2182 : /* But we didn't ask for it, so we should assume shennanegans. */
2183 1 : continue;
2184 : }
2185 2 : smartlist_string_remove(requested_fingerprints, fp);
2186 : }
2187 2 : download_status_t *dls;
2188 2 : dls = router_get_dl_status_by_descriptor_digest((char*)bad_digest);
2189 2 : if (dls) {
2190 2 : log_info(LD_GENERAL, "Marking router with descriptor %s as unparseable, "
2191 : "and therefore undownloadable", fp);
2192 2 : download_status_mark_impossible(dls);
2193 : }
2194 3 : } SMARTLIST_FOREACH_END(bad_digest);
2195 7 : SMARTLIST_FOREACH(invalid_digests, uint8_t *, d, tor_free(d));
2196 4 : smartlist_free(invalid_digests);
2197 :
2198 4 : routerlist_assert_ok(routerlist);
2199 :
2200 4 : if (any_changed)
2201 4 : router_rebuild_store(0, &routerlist->desc_store);
2202 :
2203 4 : smartlist_free(routers);
2204 4 : smartlist_free(changed);
2205 :
2206 4 : return any_changed;
2207 : }
2208 :
2209 : /** Parse one or more extrainfos from <b>s</b> (ending immediately before
2210 : * <b>eos</b> if <b>eos</b> is present). Other arguments are as for
2211 : * router_load_routers_from_string(). */
2212 : void
2213 1 : router_load_extrainfo_from_string(const char *s, const char *eos,
2214 : saved_location_t saved_location,
2215 : smartlist_t *requested_fingerprints,
2216 : int descriptor_digests)
2217 : {
2218 1 : smartlist_t *extrainfo_list = smartlist_new();
2219 1 : const char *msg;
2220 1 : int from_cache = (saved_location != SAVED_NOWHERE);
2221 1 : smartlist_t *invalid_digests = smartlist_new();
2222 :
2223 1 : router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
2224 : NULL, invalid_digests);
2225 :
2226 1 : log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
2227 :
2228 3 : SMARTLIST_FOREACH_BEGIN(extrainfo_list, extrainfo_t *, ei) {
2229 2 : uint8_t d[DIGEST_LEN];
2230 2 : memcpy(d, ei->cache_info.signed_descriptor_digest, DIGEST_LEN);
2231 2 : was_router_added_t added =
2232 2 : router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
2233 4 : if (WRA_WAS_ADDED(added) && requested_fingerprints) {
2234 2 : char fp[HEX_DIGEST_LEN+1];
2235 2 : base16_encode(fp, sizeof(fp), descriptor_digests ?
2236 : ei->cache_info.signed_descriptor_digest :
2237 : ei->cache_info.identity_digest,
2238 : DIGEST_LEN);
2239 2 : smartlist_string_remove(requested_fingerprints, fp);
2240 : /* We silently let relays stuff us with extrainfos we didn't ask for,
2241 : * so long as we would have wanted them anyway. Since we always fetch
2242 : * all the extrainfos we want, and we never actually act on them
2243 : * inside Tor, this should be harmless. */
2244 0 : } else if (WRA_NEVER_DOWNLOADABLE(added)) {
2245 0 : signed_descriptor_t *sd = router_get_by_extrainfo_digest((char*)d);
2246 0 : if (sd) {
2247 0 : log_info(LD_GENERAL, "Marking extrainfo with descriptor %s as "
2248 : "unparseable, and therefore undownloadable",
2249 : hex_str((char*)d,DIGEST_LEN));
2250 0 : download_status_mark_impossible(&sd->ei_dl_status);
2251 : }
2252 : }
2253 2 : } SMARTLIST_FOREACH_END(ei);
2254 :
2255 4 : SMARTLIST_FOREACH_BEGIN(invalid_digests, const uint8_t *, bad_digest) {
2256 : /* This digest is never going to be parseable. */
2257 3 : char fp[HEX_DIGEST_LEN+1];
2258 3 : base16_encode(fp, sizeof(fp), (char*)bad_digest, DIGEST_LEN);
2259 3 : if (requested_fingerprints) {
2260 3 : if (! smartlist_contains_string(requested_fingerprints, fp)) {
2261 : /* But we didn't ask for it, so we should assume shennanegans. */
2262 1 : continue;
2263 : }
2264 2 : smartlist_string_remove(requested_fingerprints, fp);
2265 : }
2266 2 : signed_descriptor_t *sd =
2267 2 : router_get_by_extrainfo_digest((char*)bad_digest);
2268 2 : if (sd) {
2269 2 : log_info(LD_GENERAL, "Marking extrainfo with descriptor %s as "
2270 : "unparseable, and therefore undownloadable", fp);
2271 2 : download_status_mark_impossible(&sd->ei_dl_status);
2272 : }
2273 3 : } SMARTLIST_FOREACH_END(bad_digest);
2274 4 : SMARTLIST_FOREACH(invalid_digests, uint8_t *, d, tor_free(d));
2275 1 : smartlist_free(invalid_digests);
2276 :
2277 1 : routerlist_assert_ok(routerlist);
2278 1 : router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
2279 :
2280 1 : smartlist_free(extrainfo_list);
2281 1 : }
2282 :
2283 : /** Return true iff the latest ns-flavored consensus includes a descriptor
2284 : * whose digest is that of <b>desc</b>. */
2285 : static int
2286 0 : signed_desc_digest_is_recognized(signed_descriptor_t *desc)
2287 : {
2288 0 : const routerstatus_t *rs;
2289 0 : networkstatus_t *consensus = networkstatus_get_latest_consensus_by_flavor(
2290 : FLAV_NS);
2291 :
2292 0 : if (consensus) {
2293 0 : rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
2294 0 : if (rs && tor_memeq(rs->descriptor_digest,
2295 0 : desc->signed_descriptor_digest, DIGEST_LEN))
2296 0 : return 1;
2297 : }
2298 : return 0;
2299 : }
2300 :
2301 : /** Update downloads for router descriptors and/or microdescriptors as
2302 : * appropriate. */
2303 : void
2304 1 : update_all_descriptor_downloads(time_t now)
2305 : {
2306 1 : if (should_delay_dir_fetches(get_options(), NULL))
2307 : return;
2308 1 : update_router_descriptor_downloads(now);
2309 1 : update_microdesc_downloads(now);
2310 : }
2311 :
2312 : /** Clear all our timeouts for fetching v3 directory stuff, and then
2313 : * give it all a try again. */
2314 : void
2315 0 : routerlist_retry_directory_downloads(time_t now)
2316 : {
2317 0 : (void)now;
2318 :
2319 0 : log_debug(LD_GENERAL,
2320 : "In routerlist_retry_directory_downloads()");
2321 :
2322 0 : router_reset_status_download_failures();
2323 0 : router_reset_descriptor_download_failures();
2324 0 : reschedule_directory_downloads();
2325 0 : }
2326 :
2327 : /** Return true iff <b>router</b> does not permit exit streams.
2328 : */
2329 : int
2330 0 : router_exit_policy_rejects_all(const routerinfo_t *router)
2331 : {
2332 0 : return router->policy_is_reject_star;
2333 : }
2334 :
2335 : /** For every current directory connection whose purpose is <b>purpose</b>,
2336 : * and where the resource being downloaded begins with <b>prefix</b>, split
2337 : * rest of the resource into base16 fingerprints (or base64 fingerprints if
2338 : * purpose==DIR_PURPOSE_FETCH_MICRODESC), decode them, and set the
2339 : * corresponding elements of <b>result</b> to a nonzero value.
2340 : */
2341 : void
2342 20 : list_pending_downloads(digestmap_t *result, digest256map_t *result256,
2343 : int purpose, const char *prefix)
2344 : {
2345 20 : const size_t p_len = strlen(prefix);
2346 20 : smartlist_t *tmp = smartlist_new();
2347 20 : smartlist_t *conns = get_connection_array();
2348 20 : int flags = DSR_HEX;
2349 20 : if (purpose == DIR_PURPOSE_FETCH_MICRODESC)
2350 1 : flags = DSR_DIGEST256|DSR_BASE64;
2351 :
2352 20 : tor_assert(result || result256);
2353 :
2354 20 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
2355 0 : if (conn->type == CONN_TYPE_DIR &&
2356 0 : conn->purpose == purpose &&
2357 0 : !conn->marked_for_close) {
2358 0 : const char *resource = TO_DIR_CONN(conn)->requested_resource;
2359 0 : if (!strcmpstart(resource, prefix))
2360 0 : dir_split_resource_into_fingerprints(resource + p_len,
2361 : tmp, NULL, flags);
2362 : }
2363 0 : } SMARTLIST_FOREACH_END(conn);
2364 :
2365 20 : if (result) {
2366 19 : SMARTLIST_FOREACH(tmp, char *, d,
2367 : {
2368 : digestmap_set(result, d, (void*)1);
2369 : tor_free(d);
2370 : });
2371 1 : } else if (result256) {
2372 1 : SMARTLIST_FOREACH(tmp, uint8_t *, d,
2373 : {
2374 : digest256map_set(result256, d, (void*)1);
2375 : tor_free(d);
2376 : });
2377 : }
2378 20 : smartlist_free(tmp);
2379 20 : }
2380 :
2381 : /** For every router descriptor (or extra-info document if <b>extrainfo</b> is
2382 : * true) we are currently downloading by descriptor digest, set result[d] to
2383 : * (void*)1. */
2384 : static void
2385 19 : list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
2386 : {
2387 38 : int purpose =
2388 19 : extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
2389 19 : list_pending_downloads(result, NULL, purpose, "d/");
2390 19 : }
2391 :
2392 : /** For every microdescriptor we are currently downloading by descriptor
2393 : * digest, set result[d] to (void*)1.
2394 : */
2395 : void
2396 1 : list_pending_microdesc_downloads(digest256map_t *result)
2397 : {
2398 1 : list_pending_downloads(NULL, result, DIR_PURPOSE_FETCH_MICRODESC, "d/");
2399 1 : }
2400 :
2401 : /** Launch downloads for all the descriptors whose digests or digests256
2402 : * are listed as digests[i] for lo <= i < hi. (Lo and hi may be out of
2403 : * range.) If <b>source</b> is given, download from <b>source</b>;
2404 : * otherwise, download from an appropriate random directory server.
2405 : */
2406 5 : MOCK_IMPL(STATIC void,
2407 : initiate_descriptor_downloads,(const routerstatus_t *source,
2408 : int purpose, smartlist_t *digests,
2409 : int lo, int hi, int pds_flags))
2410 : {
2411 5 : char *resource, *cp;
2412 5 : int digest_len, enc_digest_len;
2413 5 : const char *sep;
2414 5 : int b64_256;
2415 5 : smartlist_t *tmp;
2416 :
2417 5 : if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
2418 : /* Microdescriptors are downloaded by "-"-separated base64-encoded
2419 : * 256-bit digests. */
2420 : digest_len = DIGEST256_LEN;
2421 : enc_digest_len = BASE64_DIGEST256_LEN + 1;
2422 : sep = "-";
2423 : b64_256 = 1;
2424 : } else {
2425 0 : digest_len = DIGEST_LEN;
2426 0 : enc_digest_len = HEX_DIGEST_LEN + 1;
2427 0 : sep = "+";
2428 0 : b64_256 = 0;
2429 : }
2430 :
2431 5 : if (lo < 0)
2432 : lo = 0;
2433 5 : if (hi > smartlist_len(digests))
2434 : hi = smartlist_len(digests);
2435 :
2436 5 : if (hi-lo <= 0)
2437 0 : return;
2438 :
2439 5 : tmp = smartlist_new();
2440 :
2441 29 : for (; lo < hi; ++lo) {
2442 19 : cp = tor_malloc(enc_digest_len);
2443 19 : if (b64_256) {
2444 19 : digest256_to_base64(cp, smartlist_get(digests, lo));
2445 : } else {
2446 0 : base16_encode(cp, enc_digest_len, smartlist_get(digests, lo),
2447 : digest_len);
2448 : }
2449 19 : smartlist_add(tmp, cp);
2450 : }
2451 :
2452 5 : cp = smartlist_join_strings(tmp, sep, 0, NULL);
2453 5 : tor_asprintf(&resource, "d/%s.z", cp);
2454 :
2455 24 : SMARTLIST_FOREACH(tmp, char *, cp1, tor_free(cp1));
2456 5 : smartlist_free(tmp);
2457 5 : tor_free(cp);
2458 :
2459 5 : if (source) {
2460 : /* We know which authority or directory mirror we want. */
2461 0 : directory_request_t *req = directory_request_new(purpose);
2462 0 : directory_request_set_routerstatus(req, source);
2463 0 : directory_request_set_resource(req, resource);
2464 0 : directory_initiate_request(req);
2465 0 : directory_request_free(req);
2466 : } else {
2467 5 : directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
2468 : pds_flags, DL_WANT_ANY_DIRSERVER);
2469 : }
2470 5 : tor_free(resource);
2471 : }
2472 :
2473 : /** Return the max number of hashes to put in a URL for a given request.
2474 : */
2475 : static int
2476 2 : max_dl_per_request(const or_options_t *options, int purpose)
2477 : {
2478 : /* Since squid does not like URLs >= 4096 bytes we limit it to 96.
2479 : * 4096 - strlen(http://[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]:65535
2480 : * /tor/server/d/.z) == 4026
2481 : * 4026/41 (40 for the hash and 1 for the + that separates them) => 98
2482 : * So use 96 because it's a nice number.
2483 : *
2484 : * For microdescriptors, the calculation is
2485 : * 4096 - strlen(http://[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]:65535
2486 : * /tor/micro/d/.z) == 4027
2487 : * 4027/44 (43 for the hash and 1 for the - that separates them) => 91
2488 : * So use 90 because it's a nice number.
2489 : */
2490 2 : int max = 96;
2491 2 : if (purpose == DIR_PURPOSE_FETCH_MICRODESC) {
2492 2 : max = 90;
2493 : }
2494 : /* If we're going to tunnel our connections, we can ask for a lot more
2495 : * in a request. */
2496 2 : if (dirclient_must_use_begindir(options)) {
2497 2 : max = 500;
2498 : }
2499 2 : return max;
2500 : }
2501 :
2502 : /** Don't split our requests so finely that we are requesting fewer than
2503 : * this number per server. (Grouping more than this at once leads to
2504 : * diminishing returns.) */
2505 : #define MIN_DL_PER_REQUEST 32
2506 : /** To prevent a single screwy cache from confusing us by selective reply,
2507 : * try to split our requests into at least this many requests. */
2508 : #define MIN_REQUESTS 3
2509 : /** If we want fewer than this many descriptors, wait until we
2510 : * want more, or until TestingClientMaxIntervalWithoutRequest has passed. */
2511 : #define MAX_DL_TO_DELAY 16
2512 :
2513 : /** Given a <b>purpose</b> (FETCH_MICRODESC or FETCH_SERVERDESC) and a list of
2514 : * router descriptor digests or microdescriptor digest256s in
2515 : * <b>downloadable</b>, decide whether to delay fetching until we have more.
2516 : * If we don't want to delay, launch one or more requests to the appropriate
2517 : * directory authorities.
2518 : */
2519 : void
2520 21 : launch_descriptor_downloads(int purpose,
2521 : smartlist_t *downloadable,
2522 : const routerstatus_t *source, time_t now)
2523 : {
2524 21 : const or_options_t *options = get_options();
2525 21 : const char *descname;
2526 21 : const int fetch_microdesc = (purpose == DIR_PURPOSE_FETCH_MICRODESC);
2527 21 : int n_downloadable = smartlist_len(downloadable);
2528 :
2529 21 : int i, n_per_request, max_dl_per_req;
2530 21 : const char *req_plural = "", *rtr_plural = "";
2531 21 : int pds_flags = PDS_RETRY_IF_NO_SERVERS;
2532 :
2533 21 : tor_assert(fetch_microdesc || purpose == DIR_PURPOSE_FETCH_SERVERDESC);
2534 21 : descname = fetch_microdesc ? "microdesc" : "routerdesc";
2535 :
2536 21 : if (!n_downloadable)
2537 : return;
2538 :
2539 2 : if (!dirclient_fetches_dir_info_early(options)) {
2540 2 : if (n_downloadable >= MAX_DL_TO_DELAY) {
2541 1 : log_debug(LD_DIR,
2542 : "There are enough downloadable %ss to launch requests.",
2543 : descname);
2544 1 : } else if (! router_have_minimum_dir_info()) {
2545 1 : log_debug(LD_DIR,
2546 : "We are only missing %d %ss, but we'll fetch anyway, since "
2547 : "we don't yet have enough directory info.",
2548 : n_downloadable, descname);
2549 : } else {
2550 :
2551 : /* should delay */
2552 0 : if ((last_descriptor_download_attempted +
2553 0 : options->TestingClientMaxIntervalWithoutRequest) > now)
2554 : return;
2555 :
2556 0 : if (last_descriptor_download_attempted) {
2557 0 : log_info(LD_DIR,
2558 : "There are not many downloadable %ss, but we've "
2559 : "been waiting long enough (%d seconds). Downloading.",
2560 : descname,
2561 : (int)(now-last_descriptor_download_attempted));
2562 : } else {
2563 0 : log_info(LD_DIR,
2564 : "There are not many downloadable %ss, but we haven't "
2565 : "tried downloading descriptors recently. Downloading.",
2566 : descname);
2567 : }
2568 : }
2569 : }
2570 :
2571 2 : if (!authdir_mode(options)) {
2572 : /* If we wind up going to the authorities, we want to only open one
2573 : * connection to each authority at a time, so that we don't overload
2574 : * them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
2575 : * regardless of whether we're a cache or not.
2576 : *
2577 : * Setting this flag can make initiate_descriptor_downloads() ignore
2578 : * requests. We need to make sure that we do in fact call
2579 : * update_router_descriptor_downloads() later on, once the connections
2580 : * have succeeded or failed.
2581 : */
2582 2 : pds_flags |= fetch_microdesc ?
2583 2 : PDS_NO_EXISTING_MICRODESC_FETCH :
2584 : PDS_NO_EXISTING_SERVERDESC_FETCH;
2585 : }
2586 :
2587 2 : n_per_request = CEIL_DIV(n_downloadable, MIN_REQUESTS);
2588 2 : max_dl_per_req = max_dl_per_request(options, purpose);
2589 :
2590 2 : if (n_per_request > max_dl_per_req)
2591 : n_per_request = max_dl_per_req;
2592 :
2593 2 : if (n_per_request < MIN_DL_PER_REQUEST) {
2594 1 : n_per_request = MIN(MIN_DL_PER_REQUEST, n_downloadable);
2595 : }
2596 :
2597 2 : if (n_downloadable > n_per_request)
2598 : req_plural = rtr_plural = "s";
2599 1 : else if (n_downloadable > 1)
2600 1 : rtr_plural = "s";
2601 :
2602 2 : log_info(LD_DIR,
2603 : "Launching %d request%s for %d %s%s, %d at a time",
2604 : CEIL_DIV(n_downloadable, n_per_request), req_plural,
2605 : n_downloadable, descname, rtr_plural, n_per_request);
2606 2 : smartlist_sort_digests(downloadable);
2607 8 : for (i=0; i < n_downloadable; i += n_per_request) {
2608 4 : initiate_descriptor_downloads(source, purpose,
2609 : downloadable, i, i+n_per_request,
2610 : pds_flags);
2611 : }
2612 2 : last_descriptor_download_attempted = now;
2613 : }
2614 :
2615 : /** For any descriptor that we want that's currently listed in
2616 : * <b>consensus</b>, download it as appropriate. */
2617 : void
2618 19 : update_consensus_router_descriptor_downloads(time_t now, int is_vote,
2619 : networkstatus_t *consensus)
2620 : {
2621 19 : const or_options_t *options = get_options();
2622 19 : digestmap_t *map = NULL;
2623 19 : smartlist_t *no_longer_old = smartlist_new();
2624 19 : smartlist_t *downloadable = smartlist_new();
2625 19 : routerstatus_t *source = NULL;
2626 19 : int authdir = authdir_mode(options);
2627 19 : int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
2628 19 : n_inprogress=0, n_in_oldrouters=0;
2629 :
2630 19 : if (dirclient_too_idle_to_fetch_descriptors(options, now))
2631 0 : goto done;
2632 19 : if (!consensus)
2633 0 : goto done;
2634 :
2635 19 : if (is_vote) {
2636 : /* where's it from, so we know whom to ask for descriptors */
2637 19 : dir_server_t *ds;
2638 19 : networkstatus_voter_info_t *voter = smartlist_get(consensus->voters, 0);
2639 19 : tor_assert(voter);
2640 19 : ds = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest);
2641 19 : if (ds)
2642 19 : source = &(ds->fake_status);
2643 : else
2644 0 : log_warn(LD_DIR, "couldn't lookup source from vote?");
2645 : }
2646 :
2647 19 : map = digestmap_new();
2648 19 : list_pending_descriptor_downloads(map, 0);
2649 95 : SMARTLIST_FOREACH_BEGIN(consensus->routerstatus_list, void *, rsp) {
2650 76 : routerstatus_t *rs;
2651 76 : vote_routerstatus_t *vrs;
2652 76 : if (is_vote) {
2653 76 : rs = &(((vote_routerstatus_t *)rsp)->status);
2654 76 : vrs = rsp;
2655 : } else {
2656 : rs = rsp;
2657 : vrs = NULL;
2658 : }
2659 76 : signed_descriptor_t *sd;
2660 76 : if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
2661 0 : const routerinfo_t *ri;
2662 0 : ++n_have;
2663 0 : if (!(ri = router_get_by_id_digest(rs->identity_digest)) ||
2664 0 : tor_memneq(ri->cache_info.signed_descriptor_digest,
2665 : sd->signed_descriptor_digest, DIGEST_LEN)) {
2666 : /* We have a descriptor with this digest, but either there is no
2667 : * entry in routerlist with the same ID (!ri), or there is one,
2668 : * but the identity digest differs (memneq).
2669 : */
2670 0 : smartlist_add(no_longer_old, sd);
2671 0 : ++n_in_oldrouters; /* We have it in old_routers. */
2672 : }
2673 0 : continue; /* We have it already. */
2674 : }
2675 76 : if (digestmap_get(map, rs->descriptor_digest)) {
2676 0 : ++n_inprogress;
2677 0 : continue; /* We have an in-progress download. */
2678 : }
2679 76 : if (!download_status_is_ready(&rs->dl_status, now)) {
2680 0 : ++n_delayed; /* Not ready for retry. */
2681 0 : continue;
2682 : }
2683 76 : if (authdir && is_vote && dirserv_would_reject_router(rs, vrs)) {
2684 0 : ++n_would_reject;
2685 0 : continue; /* We would throw it out immediately. */
2686 : }
2687 152 : if (!we_want_to_fetch_flavor(options, consensus->flavor) &&
2688 76 : !client_would_use_router(rs, now)) {
2689 76 : ++n_wouldnt_use;
2690 76 : continue; /* We would never use it ourself. */
2691 : }
2692 0 : if (is_vote && source) {
2693 0 : char time_bufnew[ISO_TIME_LEN+1];
2694 0 : char time_bufold[ISO_TIME_LEN+1];
2695 0 : const routerinfo_t *oldrouter;
2696 0 : oldrouter = router_get_by_id_digest(rs->identity_digest);
2697 0 : format_iso_time(time_bufnew, rs->published_on);
2698 0 : if (oldrouter)
2699 0 : format_iso_time(time_bufold, oldrouter->cache_info.published_on);
2700 0 : log_info(LD_DIR, "Learned about %s (%s vs %s) from %s's vote (%s)",
2701 : routerstatus_describe(rs),
2702 : time_bufnew,
2703 : oldrouter ? time_bufold : "none",
2704 : source->nickname, oldrouter ? "known" : "unknown");
2705 : }
2706 0 : smartlist_add(downloadable, rs->descriptor_digest);
2707 76 : } SMARTLIST_FOREACH_END(rsp);
2708 :
2709 19 : if (!authdir_mode_v3(options)
2710 19 : && smartlist_len(no_longer_old)) {
2711 0 : routerlist_t *rl = router_get_routerlist();
2712 0 : log_info(LD_DIR, "%d router descriptors listed in consensus are "
2713 : "currently in old_routers; making them current.",
2714 : smartlist_len(no_longer_old));
2715 0 : SMARTLIST_FOREACH_BEGIN(no_longer_old, signed_descriptor_t *, sd) {
2716 0 : const char *msg;
2717 0 : was_router_added_t r;
2718 0 : time_t tmp_cert_expiration_time;
2719 0 : routerinfo_t *ri = routerlist_reparse_old(rl, sd);
2720 0 : if (!ri) {
2721 0 : log_warn(LD_BUG, "Failed to re-parse a router.");
2722 0 : continue;
2723 : }
2724 : /* need to remember for below, since add_to_routerlist may free. */
2725 0 : tmp_cert_expiration_time = ri->cert_expiration_time;
2726 :
2727 0 : r = router_add_to_routerlist(ri, &msg, 1, 0);
2728 0 : if (WRA_WAS_OUTDATED(r)) {
2729 0 : log_warn(LD_DIR, "Couldn't add re-parsed router: %s. This isn't "
2730 : "usually a big deal, but you should make sure that your "
2731 : "clock and timezone are set correctly.",
2732 : msg?msg:"???");
2733 0 : if (r == ROUTER_CERTS_EXPIRED) {
2734 0 : char time_cons[ISO_TIME_LEN+1];
2735 0 : char time_cert_expires[ISO_TIME_LEN+1];
2736 0 : format_iso_time(time_cons, consensus->valid_after);
2737 0 : format_iso_time(time_cert_expires, tmp_cert_expiration_time);
2738 0 : log_warn(LD_DIR, " (I'm looking at a consensus from %s; This "
2739 : "router's certificates began expiring at %s.)",
2740 : time_cons, time_cert_expires);
2741 : }
2742 : }
2743 0 : } SMARTLIST_FOREACH_END(sd);
2744 0 : routerlist_assert_ok(rl);
2745 : }
2746 :
2747 19 : log_info(LD_DIR,
2748 : "%d router descriptors downloadable. %d delayed; %d present "
2749 : "(%d of those were in old_routers); %d would_reject; "
2750 : "%d wouldnt_use; %d in progress.",
2751 : smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
2752 : n_would_reject, n_wouldnt_use, n_inprogress);
2753 :
2754 19 : launch_descriptor_downloads(DIR_PURPOSE_FETCH_SERVERDESC,
2755 : downloadable, source, now);
2756 :
2757 19 : digestmap_free(map, NULL);
2758 19 : done:
2759 19 : smartlist_free(downloadable);
2760 19 : smartlist_free(no_longer_old);
2761 19 : }
2762 :
2763 : /** Launch downloads for router status as needed. */
2764 : void
2765 1 : update_router_descriptor_downloads(time_t now)
2766 : {
2767 1 : const or_options_t *options = get_options();
2768 1 : if (should_delay_dir_fetches(options, NULL))
2769 : return;
2770 1 : if (!we_fetch_router_descriptors(options))
2771 : return;
2772 :
2773 0 : update_consensus_router_descriptor_downloads(now, 0,
2774 : networkstatus_get_reasonably_live_consensus(now, FLAV_NS));
2775 : }
2776 :
2777 : /** Launch extrainfo downloads as needed. */
2778 : void
2779 0 : update_extrainfo_downloads(time_t now)
2780 : {
2781 0 : const or_options_t *options = get_options();
2782 0 : routerlist_t *rl;
2783 0 : smartlist_t *wanted;
2784 0 : digestmap_t *pending;
2785 0 : int old_routers, i, max_dl_per_req;
2786 0 : int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0, n_bogus[2] = {0,0};
2787 0 : if (! options->DownloadExtraInfo)
2788 0 : return;
2789 0 : if (should_delay_dir_fetches(options, NULL))
2790 : return;
2791 0 : if (!router_have_minimum_dir_info())
2792 : return;
2793 :
2794 0 : pending = digestmap_new();
2795 0 : list_pending_descriptor_downloads(pending, 1);
2796 0 : rl = router_get_routerlist();
2797 0 : wanted = smartlist_new();
2798 0 : for (old_routers = 0; old_routers < 2; ++old_routers) {
2799 0 : smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
2800 0 : for (i = 0; i < smartlist_len(lst); ++i) {
2801 0 : signed_descriptor_t *sd;
2802 0 : char *d;
2803 0 : if (old_routers)
2804 0 : sd = smartlist_get(lst, i);
2805 : else
2806 0 : sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
2807 0 : if (sd->is_extrainfo)
2808 0 : continue; /* This should never happen. */
2809 0 : if (old_routers && !router_get_by_id_digest(sd->identity_digest))
2810 0 : continue; /* Couldn't check the signature if we got it. */
2811 0 : if (sd->extrainfo_is_bogus)
2812 0 : continue;
2813 0 : d = sd->extra_info_digest;
2814 0 : if (tor_digest_is_zero(d)) {
2815 0 : ++n_no_ei;
2816 0 : continue;
2817 : }
2818 0 : if (eimap_get(rl->extra_info_map, d)) {
2819 0 : ++n_have;
2820 0 : continue;
2821 : }
2822 0 : if (!download_status_is_ready(&sd->ei_dl_status, now)) {
2823 0 : ++n_delay;
2824 0 : continue;
2825 : }
2826 0 : if (digestmap_get(pending, d)) {
2827 0 : ++n_pending;
2828 0 : continue;
2829 : }
2830 :
2831 0 : const signed_descriptor_t *sd2 = router_get_by_extrainfo_digest(d);
2832 0 : if (sd2 != sd) {
2833 0 : if (sd2 != NULL) {
2834 0 : char d1[HEX_DIGEST_LEN+1], d2[HEX_DIGEST_LEN+1];
2835 0 : char d3[HEX_DIGEST_LEN+1], d4[HEX_DIGEST_LEN+1];
2836 0 : base16_encode(d1, sizeof(d1), sd->identity_digest, DIGEST_LEN);
2837 0 : base16_encode(d2, sizeof(d2), sd2->identity_digest, DIGEST_LEN);
2838 0 : base16_encode(d3, sizeof(d3), d, DIGEST_LEN);
2839 0 : base16_encode(d4, sizeof(d3), sd2->extra_info_digest, DIGEST_LEN);
2840 :
2841 0 : log_info(LD_DIR, "Found an entry in %s with mismatched "
2842 : "router_get_by_extrainfo_digest() value. This has ID %s "
2843 : "but the entry in the map has ID %s. This has EI digest "
2844 : "%s and the entry in the map has EI digest %s.",
2845 : old_routers?"old_routers":"routers",
2846 : d1, d2, d3, d4);
2847 : } else {
2848 0 : char d1[HEX_DIGEST_LEN+1], d2[HEX_DIGEST_LEN+1];
2849 0 : base16_encode(d1, sizeof(d1), sd->identity_digest, DIGEST_LEN);
2850 0 : base16_encode(d2, sizeof(d2), d, DIGEST_LEN);
2851 :
2852 0 : log_info(LD_DIR, "Found an entry in %s with NULL "
2853 : "router_get_by_extrainfo_digest() value. This has ID %s "
2854 : "and EI digest %s.",
2855 : old_routers?"old_routers":"routers",
2856 : d1, d2);
2857 : }
2858 0 : ++n_bogus[old_routers];
2859 0 : continue;
2860 : }
2861 0 : smartlist_add(wanted, d);
2862 : }
2863 : }
2864 0 : digestmap_free(pending, NULL);
2865 :
2866 0 : log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
2867 : "with present ei, %d delaying, %d pending, %d downloadable, %d "
2868 : "bogus in routers, %d bogus in old_routers",
2869 : n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted),
2870 : n_bogus[0], n_bogus[1]);
2871 :
2872 0 : smartlist_shuffle(wanted);
2873 :
2874 0 : max_dl_per_req = max_dl_per_request(options, DIR_PURPOSE_FETCH_EXTRAINFO);
2875 0 : for (i = 0; i < smartlist_len(wanted); i += max_dl_per_req) {
2876 0 : initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
2877 : wanted, i, i+max_dl_per_req,
2878 : PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
2879 : }
2880 :
2881 0 : smartlist_free(wanted);
2882 : }
2883 :
2884 : /** Reset the consensus and extra-info download failure count on all routers.
2885 : * When we get a new consensus,
2886 : * routers_update_status_from_consensus_networkstatus() will reset the
2887 : * download statuses on the descriptors in that consensus.
2888 : */
2889 : void
2890 0 : router_reset_descriptor_download_failures(void)
2891 : {
2892 0 : log_debug(LD_GENERAL,
2893 : "In router_reset_descriptor_download_failures()");
2894 :
2895 0 : networkstatus_reset_download_failures();
2896 0 : last_descriptor_download_attempted = 0;
2897 0 : if (!routerlist)
2898 : return;
2899 : /* We want to download *all* extra-info descriptors, not just those in
2900 : * the consensus we currently have (or are about to have) */
2901 0 : SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
2902 : {
2903 : download_status_reset(&ri->cache_info.ei_dl_status);
2904 : });
2905 0 : SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
2906 : {
2907 : download_status_reset(&sd->ei_dl_status);
2908 : });
2909 : }
2910 :
2911 : /** Any changes in a router descriptor's publication time larger than this are
2912 : * automatically non-cosmetic. */
2913 : #define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (2*60*60)
2914 :
2915 : /** We allow uptime to vary from how much it ought to be by this much. */
2916 : #define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
2917 :
2918 : /** Return true iff the only differences between r1 and r2 are such that
2919 : * would not cause a recent (post 0.1.1.6) dirserver to republish.
2920 : */
2921 : int
2922 0 : router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2)
2923 : {
2924 0 : time_t r1pub, r2pub;
2925 0 : time_t time_difference;
2926 0 : tor_assert(r1 && r2);
2927 :
2928 : /* r1 should be the one that was published first. */
2929 0 : if (r1->cache_info.published_on > r2->cache_info.published_on) {
2930 0 : const routerinfo_t *ri_tmp = r2;
2931 0 : r2 = r1;
2932 0 : r1 = ri_tmp;
2933 : }
2934 :
2935 : /* If any key fields differ, they're different. */
2936 0 : if (!tor_addr_eq(&r1->ipv4_addr, &r2->ipv4_addr) ||
2937 0 : strcasecmp(r1->nickname, r2->nickname) ||
2938 0 : r1->ipv4_orport != r2->ipv4_orport ||
2939 0 : !tor_addr_eq(&r1->ipv6_addr, &r2->ipv6_addr) ||
2940 0 : r1->ipv6_orport != r2->ipv6_orport ||
2941 0 : r1->ipv4_dirport != r2->ipv4_dirport ||
2942 0 : r1->purpose != r2->purpose ||
2943 0 : r1->onion_pkey_len != r2->onion_pkey_len ||
2944 0 : !tor_memeq(r1->onion_pkey, r2->onion_pkey, r1->onion_pkey_len) ||
2945 0 : !crypto_pk_eq_keys(r1->identity_pkey, r2->identity_pkey) ||
2946 0 : strcasecmp(r1->platform, r2->platform) ||
2947 0 : (r1->contact_info && !r2->contact_info) || /* contact_info is optional */
2948 0 : (!r1->contact_info && r2->contact_info) ||
2949 0 : (r1->contact_info && r2->contact_info &&
2950 0 : strcasecmp(r1->contact_info, r2->contact_info)) ||
2951 0 : r1->is_hibernating != r2->is_hibernating ||
2952 0 : ! addr_policies_eq(r1->exit_policy, r2->exit_policy) ||
2953 0 : (r1->supports_tunnelled_dir_requests !=
2954 : r2->supports_tunnelled_dir_requests))
2955 0 : return 0;
2956 0 : if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
2957 : return 0;
2958 0 : if (r1->declared_family && r2->declared_family) {
2959 0 : int i, n;
2960 0 : if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
2961 : return 0;
2962 : n = smartlist_len(r1->declared_family);
2963 0 : for (i=0; i < n; ++i) {
2964 0 : if (strcasecmp(smartlist_get(r1->declared_family, i),
2965 0 : smartlist_get(r2->declared_family, i)))
2966 : return 0;
2967 : }
2968 : }
2969 :
2970 : /* Did bandwidth change a lot? */
2971 0 : if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
2972 0 : (r2->bandwidthcapacity < r1->bandwidthcapacity/2))
2973 : return 0;
2974 :
2975 : /* Did the bandwidthrate or bandwidthburst change? */
2976 0 : if ((r1->bandwidthrate != r2->bandwidthrate) ||
2977 : (r1->bandwidthburst != r2->bandwidthburst))
2978 : return 0;
2979 :
2980 : /* Has enough time passed between the publication times? */
2981 0 : if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
2982 0 : < r2->cache_info.published_on)
2983 : return 0;
2984 :
2985 : /* Did uptime fail to increase by approximately the amount we would think,
2986 : * give or take some slop? */
2987 0 : r1pub = r1->cache_info.published_on;
2988 0 : r2pub = r2->cache_info.published_on;
2989 0 : time_difference = r2->uptime - (r1->uptime + (r2pub - r1pub));
2990 0 : if (time_difference < 0)
2991 0 : time_difference = - time_difference;
2992 0 : if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
2993 0 : time_difference > r1->uptime * .05 &&
2994 0 : time_difference > r2->uptime * .05)
2995 0 : return 0;
2996 :
2997 : /* Otherwise, the difference is cosmetic. */
2998 : return 1;
2999 : }
3000 :
3001 : /** Check whether <b>sd</b> describes a router descriptor compatible with the
3002 : * extrainfo document <b>ei</b>.
3003 : *
3004 : * <b>identity_pkey</b> (which must also be provided) is RSA1024 identity key
3005 : * for the router. We use it to check the signature of the extrainfo document,
3006 : * if it has not already been checked.
3007 : *
3008 : * If no router is compatible with <b>ei</b>, <b>ei</b> should be
3009 : * dropped. Return 0 for "compatible", return 1 for "reject, and inform
3010 : * whoever uploaded <b>ei</b>, and return -1 for "reject silently.". If
3011 : * <b>msg</b> is present, set *<b>msg</b> to a description of the
3012 : * incompatibility (if any).
3013 : *
3014 : * Set the extrainfo_is_bogus field in <b>sd</b> if the digests matched
3015 : * but the extrainfo was nonetheless incompatible.
3016 : **/
3017 : int
3018 6 : routerinfo_incompatible_with_extrainfo(const crypto_pk_t *identity_pkey,
3019 : extrainfo_t *ei,
3020 : signed_descriptor_t *sd,
3021 : const char **msg)
3022 : {
3023 6 : int digest_matches, digest256_matches, r=1;
3024 6 : tor_assert(identity_pkey);
3025 6 : tor_assert(sd);
3026 6 : tor_assert(ei);
3027 :
3028 6 : if (ei->bad_sig) {
3029 0 : if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
3030 0 : return 1;
3031 : }
3032 :
3033 12 : digest_matches = tor_memeq(ei->cache_info.signed_descriptor_digest,
3034 6 : sd->extra_info_digest, DIGEST_LEN);
3035 : /* Set digest256_matches to 1 if the digest is correct, or if no
3036 : * digest256 was in the ri. */
3037 12 : digest256_matches = tor_memeq(ei->digest256,
3038 6 : sd->extra_info_digest256, DIGEST256_LEN);
3039 12 : digest256_matches |=
3040 6 : fast_mem_is_zero(sd->extra_info_digest256, DIGEST256_LEN);
3041 :
3042 : /* The identity must match exactly to have been generated at the same time
3043 : * by the same router. */
3044 6 : if (tor_memneq(sd->identity_digest,
3045 : ei->cache_info.identity_digest,
3046 : DIGEST_LEN)) {
3047 0 : if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
3048 0 : goto err; /* different servers */
3049 : }
3050 :
3051 6 : if (! tor_cert_opt_eq(sd->signing_key_cert,
3052 6 : ei->cache_info.signing_key_cert)) {
3053 0 : if (msg) *msg = "Extrainfo signing key cert didn't match routerinfo";
3054 0 : goto err; /* different servers */
3055 : }
3056 :
3057 6 : if (ei->pending_sig) {
3058 0 : char signed_digest[128];
3059 0 : if (crypto_pk_public_checksig(identity_pkey,
3060 : signed_digest, sizeof(signed_digest),
3061 0 : ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
3062 0 : tor_memneq(signed_digest, ei->cache_info.signed_descriptor_digest,
3063 : DIGEST_LEN)) {
3064 0 : ei->bad_sig = 1;
3065 0 : tor_free(ei->pending_sig);
3066 0 : if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
3067 0 : goto err; /* Bad signature, or no match. */
3068 : }
3069 :
3070 0 : ei->cache_info.send_unencrypted = sd->send_unencrypted;
3071 0 : tor_free(ei->pending_sig);
3072 : }
3073 :
3074 6 : if (ei->cache_info.published_on < sd->published_on) {
3075 0 : if (msg) *msg = "Extrainfo published time did not match routerdesc";
3076 0 : goto err;
3077 6 : } else if (ei->cache_info.published_on > sd->published_on) {
3078 0 : if (msg) *msg = "Extrainfo published time did not match routerdesc";
3079 0 : r = -1;
3080 0 : goto err;
3081 : }
3082 :
3083 6 : if (!digest256_matches && !digest_matches) {
3084 0 : if (msg) *msg = "Neither digest256 or digest matched "
3085 : "digest from routerdesc";
3086 0 : goto err;
3087 : }
3088 :
3089 6 : if (!digest256_matches) {
3090 0 : if (msg) *msg = "Extrainfo digest did not match digest256 from routerdesc";
3091 0 : goto err; /* Digest doesn't match declared value. */
3092 : }
3093 :
3094 6 : if (!digest_matches) {
3095 0 : if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
3096 0 : goto err; /* Digest doesn't match declared value. */
3097 : }
3098 :
3099 : return 0;
3100 0 : err:
3101 0 : if (digest_matches) {
3102 : /* This signature was okay, and the digest was right: This is indeed the
3103 : * corresponding extrainfo. But insanely, it doesn't match the routerinfo
3104 : * that lists it. Don't try to fetch this one again. */
3105 0 : sd->extrainfo_is_bogus = 1;
3106 : }
3107 :
3108 : return r;
3109 : }
3110 :
3111 : /* Does ri have a valid ntor onion key?
3112 : * Valid ntor onion keys exist and have at least one non-zero byte. */
3113 : int
3114 7376 : routerinfo_has_curve25519_onion_key(const routerinfo_t *ri)
3115 : {
3116 7376 : if (!ri) {
3117 : return 0;
3118 : }
3119 :
3120 17 : if (!ri->onion_curve25519_pkey) {
3121 : return 0;
3122 : }
3123 :
3124 17 : if (fast_mem_is_zero((const char*)ri->onion_curve25519_pkey->public_key,
3125 : CURVE25519_PUBKEY_LEN)) {
3126 0 : return 0;
3127 : }
3128 :
3129 : return 1;
3130 : }
3131 :
3132 : /* Is rs running a tor version known to support EXTEND2 cells?
3133 : * If allow_unknown_versions is true, return true if we can't tell
3134 : * (from a versions line or a protocols line) whether it supports extend2
3135 : * cells.
3136 : * Otherwise, return false if the version is unknown. */
3137 : int
3138 7323 : routerstatus_version_supports_extend2_cells(const routerstatus_t *rs,
3139 : int allow_unknown_versions)
3140 : {
3141 7323 : if (!rs) {
3142 : return allow_unknown_versions;
3143 : }
3144 :
3145 7323 : if (!rs->pv.protocols_known) {
3146 : return allow_unknown_versions;
3147 : }
3148 :
3149 6 : return rs->pv.supports_extend2_cells;
3150 : }
3151 :
3152 : /** Assert that the internal representation of <b>rl</b> is
3153 : * self-consistent. */
3154 : void
3155 15 : routerlist_assert_ok(const routerlist_t *rl)
3156 : {
3157 15 : routerinfo_t *r2;
3158 15 : signed_descriptor_t *sd2;
3159 15 : if (!rl)
3160 : return;
3161 64 : SMARTLIST_FOREACH_BEGIN(rl->routers, routerinfo_t *, r) {
3162 49 : r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
3163 49 : tor_assert(r == r2);
3164 98 : sd2 = sdmap_get(rl->desc_digest_map,
3165 49 : r->cache_info.signed_descriptor_digest);
3166 49 : tor_assert(&(r->cache_info) == sd2);
3167 49 : tor_assert(r->cache_info.routerlist_index == r_sl_idx);
3168 : /* XXXX
3169 : *
3170 : * Hoo boy. We need to fix this one, and the fix is a bit tricky, so
3171 : * commenting this out is just a band-aid.
3172 : *
3173 : * The problem is that, although well-behaved router descriptors
3174 : * should never have the same value for their extra_info_digest, it's
3175 : * possible for ill-behaved routers to claim whatever they like there.
3176 : *
3177 : * The real answer is to trash desc_by_eid_map and instead have
3178 : * something that indicates for a given extra-info digest we want,
3179 : * what its download status is. We'll do that as a part of routerlist
3180 : * refactoring once consensus directories are in. For now,
3181 : * this rep violation is probably harmless: an adversary can make us
3182 : * reset our retry count for an extrainfo, but that's not the end
3183 : * of the world. Changing the representation in 0.2.0.x would just
3184 : * destabilize the codebase.
3185 : if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
3186 : signed_descriptor_t *sd3 =
3187 : sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
3188 : tor_assert(sd3 == &(r->cache_info));
3189 : }
3190 : */
3191 49 : } SMARTLIST_FOREACH_END(r);
3192 15 : SMARTLIST_FOREACH_BEGIN(rl->old_routers, signed_descriptor_t *, sd) {
3193 0 : r2 = rimap_get(rl->identity_map, sd->identity_digest);
3194 0 : tor_assert(!r2 || sd != &(r2->cache_info));
3195 0 : sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
3196 0 : tor_assert(sd == sd2);
3197 0 : tor_assert(sd->routerlist_index == sd_sl_idx);
3198 : /* XXXX see above.
3199 : if (!tor_digest_is_zero(sd->extra_info_digest)) {
3200 : signed_descriptor_t *sd3 =
3201 : sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
3202 : tor_assert(sd3 == sd);
3203 : }
3204 : */
3205 0 : } SMARTLIST_FOREACH_END(sd);
3206 :
3207 64 : RIMAP_FOREACH(rl->identity_map, d, r) {
3208 49 : tor_assert(tor_memeq(r->cache_info.identity_digest, d, DIGEST_LEN));
3209 15 : } DIGESTMAP_FOREACH_END;
3210 64 : SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
3211 49 : tor_assert(tor_memeq(sd->signed_descriptor_digest, d, DIGEST_LEN));
3212 15 : } DIGESTMAP_FOREACH_END;
3213 64 : SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
3214 49 : tor_assert(!tor_digest_is_zero(d));
3215 49 : tor_assert(sd);
3216 49 : tor_assert(tor_memeq(sd->extra_info_digest, d, DIGEST_LEN));
3217 15 : } DIGESTMAP_FOREACH_END;
3218 15 : EIMAP_FOREACH(rl->extra_info_map, d, ei) {
3219 0 : signed_descriptor_t *sd;
3220 0 : tor_assert(tor_memeq(ei->cache_info.signed_descriptor_digest,
3221 : d, DIGEST_LEN));
3222 0 : sd = sdmap_get(rl->desc_by_eid_map,
3223 : ei->cache_info.signed_descriptor_digest);
3224 : // tor_assert(sd); // XXXX see above
3225 0 : if (sd) {
3226 0 : tor_assert(tor_memeq(ei->cache_info.signed_descriptor_digest,
3227 : sd->extra_info_digest, DIGEST_LEN));
3228 : }
3229 15 : } DIGESTMAP_FOREACH_END;
3230 : }
3231 :
3232 : /** Allocate and return a new string representing the contact info
3233 : * and platform string for <b>router</b>,
3234 : * surrounded by quotes and using standard C escapes.
3235 : *
3236 : * THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
3237 : * thread. Also, each call invalidates the last-returned value, so don't
3238 : * try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
3239 : *
3240 : * If <b>router</b> is NULL, it just frees its internal memory and returns.
3241 : */
3242 : const char *
3243 235 : esc_router_info(const routerinfo_t *router)
3244 : {
3245 235 : static char *info=NULL;
3246 235 : char *esc_contact, *esc_platform;
3247 235 : tor_free(info);
3248 :
3249 235 : if (!router)
3250 : return NULL; /* we're exiting; just free the memory we use */
3251 :
3252 0 : esc_contact = esc_for_log(router->contact_info);
3253 0 : esc_platform = esc_for_log(router->platform);
3254 :
3255 0 : tor_asprintf(&info, "Contact %s, Platform %s", esc_contact, esc_platform);
3256 0 : tor_free(esc_contact);
3257 0 : tor_free(esc_platform);
3258 :
3259 0 : return info;
3260 : }
3261 :
3262 : /** Helper for sorting: compare two routerinfos by their identity
3263 : * digest. */
3264 : static int
3265 0 : compare_routerinfo_by_id_digest_(const void **a, const void **b)
3266 : {
3267 0 : routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
3268 0 : return fast_memcmp(first->cache_info.identity_digest,
3269 : second->cache_info.identity_digest,
3270 : DIGEST_LEN);
3271 : }
3272 :
3273 : /** Sort a list of routerinfo_t in ascending order of identity digest. */
3274 : void
3275 0 : routers_sort_by_identity(smartlist_t *routers)
3276 : {
3277 0 : smartlist_sort(routers, compare_routerinfo_by_id_digest_);
3278 0 : }
3279 :
3280 : /** Called when we change a node set, or when we reload the geoip IPv4 list:
3281 : * recompute all country info in all configuration node sets and in the
3282 : * routerlist. */
3283 : void
3284 4 : refresh_all_country_info(void)
3285 : {
3286 4 : const or_options_t *options = get_options();
3287 :
3288 4 : if (options->EntryNodes)
3289 0 : routerset_refresh_countries(options->EntryNodes);
3290 4 : if (options->ExitNodes)
3291 0 : routerset_refresh_countries(options->ExitNodes);
3292 4 : if (options->MiddleNodes)
3293 0 : routerset_refresh_countries(options->MiddleNodes);
3294 4 : if (options->ExcludeNodes)
3295 0 : routerset_refresh_countries(options->ExcludeNodes);
3296 4 : if (options->ExcludeExitNodes)
3297 0 : routerset_refresh_countries(options->ExcludeExitNodes);
3298 4 : if (options->ExcludeExitNodesUnion_)
3299 0 : routerset_refresh_countries(options->ExcludeExitNodesUnion_);
3300 :
3301 4 : nodelist_refresh_countries();
3302 4 : }
|
