Tor  0.4.4.0-alpha-dev
dirvote.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2020, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 #define DIRVOTE_PRIVATE
7 #include "core/or/or.h"
8 #include "app/config/config.h"
10 #include "core/or/policies.h"
11 #include "core/or/protover.h"
12 #include "core/or/tor_version_st.h"
13 #include "core/or/versions.h"
14 #include "feature/dirauth/bwauth.h"
35 #include "feature/relay/router.h"
37 #include "feature/stats/rephist.h"
38 #include "feature/client/entrynodes.h" /* needed for guardfraction methods */
41 
46 
62 
63 #include "lib/container/order.h"
64 #include "lib/encoding/confline.h"
66 
67 /* Algorithm to use for the bandwidth file digest. */
68 #define DIGEST_ALG_BW_FILE DIGEST_SHA256
69 
70 /**
71  * \file dirvote.c
72  * \brief Functions to compute directory consensus, and schedule voting.
73  *
74  * This module is the center of the consensus-voting based directory
75  * authority system. With this system, a set of authorities first
76  * publish vote based on their opinions of the network, and then compute
77  * a consensus from those votes. Each authority signs the consensus,
78  * and clients trust the consensus if enough known authorities have
79  * signed it.
80  *
81  * The code in this module is only invoked on directory authorities. It's
82  * responsible for:
83  *
84  * <ul>
85  * <li>Generating this authority's vote networkstatus, based on the
86  * authority's view of the network as represented in dirserv.c
87  * <li>Formatting the vote networkstatus objects.
88  * <li>Generating the microdescriptors that correspond to our own
89  * vote.
90  * <li>Sending votes to all the other authorities.
91  * <li>Trying to fetch missing votes from other authorities.
92  * <li>Computing the consensus from a set of votes, as well as
93  * a "detached signature" object for other authorities to fetch.
94  * <li>Collecting other authorities' signatures on the same consensus,
95  * until there are enough.
96  * <li>Publishing the consensus to the reset of the directory system.
97  * <li>Scheduling all of the above operations.
98  * </ul>
99  *
100  * The main entry points are in dirvote_act(), which handles scheduled
101  * actions; and dirvote_add_vote() and dirvote_add_signatures(), which
102  * handle uploaded and downloaded votes and signatures.
103  *
104  * (See dir-spec.txt from torspec.git for a complete specification of
105  * the directory protocol and voting algorithms.)
106  **/
107 
108 /** A consensus that we have built and are appending signatures to. Once it's
109  * time to publish it, it will become an active consensus if it accumulates
110  * enough signatures. */
111 typedef struct pending_consensus_t {
112  /** The body of the consensus that we're currently building. Once we
113  * have it built, it goes into dirserv.c */
114  char *body;
115  /** The parsed in-progress consensus document. */
118 
119 /* DOCDOC dirvote_add_signatures_to_all_pending_consensuses */
121  const char *detached_signatures_body,
122  const char *source,
123  const char **msg_out);
127  const char *source,
128  int severity,
129  const char **msg_out);
130 static char *list_v3_auth_ids(void);
131 static void dirvote_fetch_missing_votes(void);
132 static void dirvote_fetch_missing_signatures(void);
133 static int dirvote_perform_vote(void);
134 static void dirvote_clear_votes(int all_votes);
135 static int dirvote_compute_consensuses(void);
136 static int dirvote_publish_consensus(void);
137 
138 /* =====
139  * Certificate functions
140  * ===== */
141 
142 /** Allocate and return a new authority_cert_t with the same contents as
143  * <b>cert</b>. */
146 {
147  authority_cert_t *out = tor_malloc(sizeof(authority_cert_t));
148  tor_assert(cert);
149 
150  memcpy(out, cert, sizeof(authority_cert_t));
151  /* Now copy pointed-to things. */
153  tor_strndup(cert->cache_info.signed_descriptor_body,
158 
159  return out;
160 }
161 
162 /* =====
163  * Voting
164  * =====*/
165 
166 /* If <b>opt_value</b> is non-NULL, return "keyword opt_value\n" in a new
167  * string. Otherwise return a new empty string. */
168 static char *
169 format_line_if_present(const char *keyword, const char *opt_value)
170 {
171  if (opt_value) {
172  char *result = NULL;
173  tor_asprintf(&result, "%s %s\n", keyword, opt_value);
174  return result;
175  } else {
176  return tor_strdup("");
177  }
178 }
179 
180 /** Format the recommended/required-relay-client protocols lines for a vote in
181  * a newly allocated string, and return that string. */
182 static char *
184 {
185  char *recommended_relay_protocols_line = NULL;
186  char *recommended_client_protocols_line = NULL;
187  char *required_relay_protocols_line = NULL;
188  char *required_client_protocols_line = NULL;
189 
190  recommended_relay_protocols_line =
191  format_line_if_present("recommended-relay-protocols",
193  recommended_client_protocols_line =
194  format_line_if_present("recommended-client-protocols",
195  v3_ns->recommended_client_protocols);
196  required_relay_protocols_line =
197  format_line_if_present("required-relay-protocols",
198  v3_ns->required_relay_protocols);
199  required_client_protocols_line =
200  format_line_if_present("required-client-protocols",
201  v3_ns->required_client_protocols);
202 
203  char *result = NULL;
204  tor_asprintf(&result, "%s%s%s%s",
205  recommended_relay_protocols_line,
206  recommended_client_protocols_line,
207  required_relay_protocols_line,
208  required_client_protocols_line);
209 
210  tor_free(recommended_relay_protocols_line);
211  tor_free(recommended_client_protocols_line);
212  tor_free(required_relay_protocols_line);
213  tor_free(required_client_protocols_line);
214 
215  return result;
216 }
217 
218 /** Return a new string containing the string representation of the vote in
219  * <b>v3_ns</b>, signed with our v3 signing key <b>private_signing_key</b>.
220  * For v3 authorities. */
221 STATIC char *
223  networkstatus_t *v3_ns)
224 {
225  smartlist_t *chunks = smartlist_new();
226  char fingerprint[FINGERPRINT_LEN+1];
227  char digest[DIGEST_LEN];
228  uint32_t addr;
229  char *protocols_lines = NULL;
230  char *client_versions_line = NULL, *server_versions_line = NULL;
231  char *shared_random_vote_str = NULL;
233  char *status = NULL;
234 
235  tor_assert(private_signing_key);
236  tor_assert(v3_ns->type == NS_TYPE_VOTE || v3_ns->type == NS_TYPE_OPINION);
237 
238  voter = smartlist_get(v3_ns->voters, 0);
239 
240  addr = voter->addr;
241 
242  base16_encode(fingerprint, sizeof(fingerprint),
244 
245  client_versions_line = format_line_if_present("client-versions",
246  v3_ns->client_versions);
247  server_versions_line = format_line_if_present("server-versions",
248  v3_ns->server_versions);
249  protocols_lines = format_protocols_lines_for_vote(v3_ns);
250 
251  /* Get shared random commitments/reveals line(s). */
252  shared_random_vote_str = sr_get_string_for_vote();
253 
254  {
255  char published[ISO_TIME_LEN+1];
256  char va[ISO_TIME_LEN+1];
257  char fu[ISO_TIME_LEN+1];
258  char vu[ISO_TIME_LEN+1];
259  char *flags = smartlist_join_strings(v3_ns->known_flags, " ", 0, NULL);
260  /* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/
261  char *flag_thresholds = dirserv_get_flag_thresholds_line();
262  char *params;
263  char *bw_headers_line = NULL;
264  char *bw_file_digest = NULL;
265  authority_cert_t *cert = v3_ns->cert;
266  char *methods =
269  format_iso_time(published, v3_ns->published);
270  format_iso_time(va, v3_ns->valid_after);
271  format_iso_time(fu, v3_ns->fresh_until);
272  format_iso_time(vu, v3_ns->valid_until);
273 
274  if (v3_ns->net_params)
275  params = smartlist_join_strings(v3_ns->net_params, " ", 0, NULL);
276  else
277  params = tor_strdup("");
278  tor_assert(cert);
279 
280  /* v3_ns->bw_file_headers is only set when V3BandwidthsFile is
281  * configured */
282  if (v3_ns->bw_file_headers) {
283  char *bw_file_headers = NULL;
284  /* If there are too many headers, leave the header string NULL */
285  if (! BUG(smartlist_len(v3_ns->bw_file_headers)
287  bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ",
288  0, NULL);
289  if (BUG(strlen(bw_file_headers) > MAX_BW_FILE_HEADERS_LINE_LEN)) {
290  /* Free and set to NULL, because the line was too long */
291  tor_free(bw_file_headers);
292  }
293  }
294  if (!bw_file_headers) {
295  /* If parsing failed, add a bandwidth header line with no entries */
296  bw_file_headers = tor_strdup("");
297  }
298  /* At this point, the line will always be present */
299  bw_headers_line = format_line_if_present("bandwidth-file-headers",
300  bw_file_headers);
301  tor_free(bw_file_headers);
302  }
303 
304  /* Create bandwidth-file-digest if applicable.
305  * v3_ns->b64_digest_bw_file will contain the digest when V3BandwidthsFile
306  * is configured and the bandwidth file could be read, even if it was not
307  * parseable.
308  */
309  if (!tor_digest256_is_zero((const char *)v3_ns->bw_file_digest256)) {
310  /* Encode the digest. */
311  char b64_digest_bw_file[BASE64_DIGEST256_LEN+1] = {0};
312  digest256_to_base64(b64_digest_bw_file,
313  (const char *)v3_ns->bw_file_digest256);
314  /* "bandwidth-file-digest" 1*(SP algorithm "=" digest) NL */
315  char *digest_algo_b64_digest_bw_file = NULL;
316  tor_asprintf(&digest_algo_b64_digest_bw_file, "%s=%s",
317  crypto_digest_algorithm_get_name(DIGEST_ALG_BW_FILE),
318  b64_digest_bw_file);
319  /* No need for tor_strdup(""), format_line_if_present does it. */
320  bw_file_digest = format_line_if_present(
321  "bandwidth-file-digest", digest_algo_b64_digest_bw_file);
322  tor_free(digest_algo_b64_digest_bw_file);
323  }
324 
325  smartlist_add_asprintf(chunks,
326  "network-status-version 3\n"
327  "vote-status %s\n"
328  "consensus-methods %s\n"
329  "published %s\n"
330  "valid-after %s\n"
331  "fresh-until %s\n"
332  "valid-until %s\n"
333  "voting-delay %d %d\n"
334  "%s%s" /* versions */
335  "%s" /* protocols */
336  "known-flags %s\n"
337  "flag-thresholds %s\n"
338  "params %s\n"
339  "%s" /* bandwidth file headers */
340  "%s" /* bandwidth file digest */
341  "dir-source %s %s %s %s %d %d\n"
342  "contact %s\n"
343  "%s" /* shared randomness information */
344  ,
345  v3_ns->type == NS_TYPE_VOTE ? "vote" : "opinion",
346  methods,
347  published, va, fu, vu,
348  v3_ns->vote_seconds, v3_ns->dist_seconds,
349  client_versions_line,
350  server_versions_line,
351  protocols_lines,
352  flags,
353  flag_thresholds,
354  params,
355  bw_headers_line ? bw_headers_line : "",
356  bw_file_digest ? bw_file_digest: "",
357  voter->nickname, fingerprint, voter->address,
358  fmt_addr32(addr), voter->dir_port, voter->or_port,
359  voter->contact,
360  shared_random_vote_str ?
361  shared_random_vote_str : "");
362 
363  tor_free(params);
364  tor_free(flags);
365  tor_free(flag_thresholds);
366  tor_free(methods);
367  tor_free(shared_random_vote_str);
368  tor_free(bw_headers_line);
369  tor_free(bw_file_digest);
370 
371  if (!tor_digest_is_zero(voter->legacy_id_digest)) {
372  char fpbuf[HEX_DIGEST_LEN+1];
373  base16_encode(fpbuf, sizeof(fpbuf), voter->legacy_id_digest, DIGEST_LEN);
374  smartlist_add_asprintf(chunks, "legacy-dir-key %s\n", fpbuf);
375  }
376 
377  smartlist_add(chunks, tor_strndup(cert->cache_info.signed_descriptor_body,
379  }
380 
382  vrs) {
383  char *rsf;
385  rsf = routerstatus_format_entry(&vrs->status,
386  vrs->version, vrs->protocols,
387  NS_V3_VOTE,
388  vrs);
389  if (rsf)
390  smartlist_add(chunks, rsf);
391 
392  for (h = vrs->microdesc; h; h = h->next) {
394  }
395  } SMARTLIST_FOREACH_END(vrs);
396 
397  smartlist_add_strdup(chunks, "directory-footer\n");
398 
399  /* The digest includes everything up through the space after
400  * directory-signature. (Yuck.) */
401  crypto_digest_smartlist(digest, DIGEST_LEN, chunks,
402  "directory-signature ", DIGEST_SHA1);
403 
404  {
405  char signing_key_fingerprint[FINGERPRINT_LEN+1];
406  if (crypto_pk_get_fingerprint(private_signing_key,
407  signing_key_fingerprint, 0)<0) {
408  log_warn(LD_BUG, "Unable to get fingerprint for signing key");
409  goto err;
410  }
411 
412  smartlist_add_asprintf(chunks, "directory-signature %s %s\n", fingerprint,
413  signing_key_fingerprint);
414  }
415 
416  {
417  char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
418  private_signing_key);
419  if (!sig) {
420  log_warn(LD_BUG, "Unable to sign networkstatus vote.");
421  goto err;
422  }
423  smartlist_add(chunks, sig);
424  }
425 
426  status = smartlist_join_strings(chunks, "", 0, NULL);
427 
428  {
429  networkstatus_t *v;
430  if (!(v = networkstatus_parse_vote_from_string(status, strlen(status),
431  NULL,
432  v3_ns->type))) {
433  log_err(LD_BUG,"Generated a networkstatus %s we couldn't parse: "
434  "<<%s>>",
435  v3_ns->type == NS_TYPE_VOTE ? "vote" : "opinion", status);
436  goto err;
437  }
438  networkstatus_vote_free(v);
439  }
440 
441  goto done;
442 
443  err:
444  tor_free(status);
445  done:
446  tor_free(client_versions_line);
447  tor_free(server_versions_line);
448  tor_free(protocols_lines);
449 
450  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
451  smartlist_free(chunks);
452  return status;
453 }
454 
455 /** Set *<b>timing_out</b> to the intervals at which we would like to vote.
456  * Note that these aren't the intervals we'll use to vote; they're the ones
457  * that we'll vote to use. */
458 static void
460 {
461  const or_options_t *options = get_options();
462 
463  tor_assert(timing_out);
464 
465  timing_out->vote_interval = options->V3AuthVotingInterval;
466  timing_out->n_intervals_valid = options->V3AuthNIntervalsValid;
467  timing_out->vote_delay = options->V3AuthVoteDelay;
468  timing_out->dist_delay = options->V3AuthDistDelay;
469 }
470 
471 /* =====
472  * Consensus generation
473  * ===== */
474 
475 /** If <b>vrs</b> has a hash made for the consensus method <b>method</b> with
476  * the digest algorithm <b>alg</b>, decode it and copy it into
477  * <b>digest256_out</b> and return 0. Otherwise return -1. */
478 static int
480  const vote_routerstatus_t *vrs,
481  int method,
482  digest_algorithm_t alg)
483 {
484  /* XXXX only returns the sha256 method. */
485  const vote_microdesc_hash_t *h;
486  char mstr[64];
487  size_t mlen;
488  char dstr[64];
489 
490  tor_snprintf(mstr, sizeof(mstr), "%d", method);
491  mlen = strlen(mstr);
492  tor_snprintf(dstr, sizeof(dstr), " %s=",
494 
495  for (h = vrs->microdesc; h; h = h->next) {
496  const char *cp = h->microdesc_hash_line;
497  size_t num_len;
498  /* cp looks like \d+(,\d+)* (digesttype=val )+ . Let's hunt for mstr in
499  * the first part. */
500  while (1) {
501  num_len = strspn(cp, "1234567890");
502  if (num_len == mlen && fast_memeq(mstr, cp, mlen)) {
503  /* This is the line. */
504  char buf[BASE64_DIGEST256_LEN+1];
505  /* XXXX ignores extraneous stuff if the digest is too long. This
506  * seems harmless enough, right? */
507  cp = strstr(cp, dstr);
508  if (!cp)
509  return -1;
510  cp += strlen(dstr);
511  strlcpy(buf, cp, sizeof(buf));
512  return digest256_from_base64(digest256_out, buf);
513  }
514  if (num_len == 0 || cp[num_len] != ',')
515  break;
516  cp += num_len + 1;
517  }
518  }
519  return -1;
520 }
521 
522 /** Given a vote <b>vote</b> (not a consensus!), return its associated
523  * networkstatus_voter_info_t. */
526 {
527  tor_assert(vote);
528  tor_assert(vote->type == NS_TYPE_VOTE);
529  tor_assert(vote->voters);
530  tor_assert(smartlist_len(vote->voters) == 1);
531  return smartlist_get(vote->voters, 0);
532 }
533 
534 /** Temporary structure used in constructing a list of dir-source entries
535  * for a consensus. One of these is generated for every vote, and one more
536  * for every legacy key in each vote. */
537 typedef struct dir_src_ent_t {
538  networkstatus_t *v;
539  const char *digest;
540  int is_legacy;
541 } dir_src_ent_t;
542 
543 /** Helper for sorting networkstatus_t votes (not consensuses) by the
544  * hash of their voters' identity digests. */
545 static int
546 compare_votes_by_authority_id_(const void **_a, const void **_b)
547 {
548  const networkstatus_t *a = *_a, *b = *_b;
549  return fast_memcmp(get_voter(a)->identity_digest,
550  get_voter(b)->identity_digest, DIGEST_LEN);
551 }
552 
553 /** Helper: Compare the dir_src_ent_ts in *<b>_a</b> and *<b>_b</b> by
554  * their identity digests, and return -1, 0, or 1 depending on their
555  * ordering */
556 static int
557 compare_dir_src_ents_by_authority_id_(const void **_a, const void **_b)
558 {
559  const dir_src_ent_t *a = *_a, *b = *_b;
560  const networkstatus_voter_info_t *a_v = get_voter(a->v),
561  *b_v = get_voter(b->v);
562  const char *a_id, *b_id;
563  a_id = a->is_legacy ? a_v->legacy_id_digest : a_v->identity_digest;
564  b_id = b->is_legacy ? b_v->legacy_id_digest : b_v->identity_digest;
565 
566  return fast_memcmp(a_id, b_id, DIGEST_LEN);
567 }
568 
569 /** Given a sorted list of strings <b>in</b>, add every member to <b>out</b>
570  * that occurs more than <b>min</b> times. */
571 static void
573 {
574  char *cur = NULL;
575  int count = 0;
576  SMARTLIST_FOREACH_BEGIN(in, char *, cp) {
577  if (cur && !strcmp(cp, cur)) {
578  ++count;
579  } else {
580  if (count > min)
581  smartlist_add(out, cur);
582  cur = cp;
583  count = 1;
584  }
585  } SMARTLIST_FOREACH_END(cp);
586  if (count > min)
587  smartlist_add(out, cur);
588 }
589 
590 /** Given a sorted list of strings <b>lst</b>, return the member that appears
591  * most. Break ties in favor of later-occurring members. */
592 #define get_most_frequent_member(lst) \
593  smartlist_get_most_frequent_string(lst)
594 
595 /** Return 0 if and only if <b>a</b> and <b>b</b> are routerstatuses
596  * that come from the same routerinfo, with the same derived elements.
597  */
598 static int
600 {
601  int r;
602  tor_assert(a);
603  tor_assert(b);
604 
606  DIGEST_LEN)))
607  return r;
610  DIGEST_LEN)))
611  return r;
612  /* If we actually reached this point, then the identities and
613  * the descriptor digests matched, so somebody is making SHA1 collisions.
614  */
615 #define CMP_FIELD(utype, itype, field) do { \
616  utype aval = (utype) (itype) a->status.field; \
617  utype bval = (utype) (itype) b->status.field; \
618  utype u = bval - aval; \
619  itype r2 = (itype) u; \
620  if (r2 < 0) { \
621  return -1; \
622  } else if (r2 > 0) { \
623  return 1; \
624  } \
625  } while (0)
626 
627  CMP_FIELD(uint64_t, int64_t, published_on);
628 
629  if ((r = strcmp(b->status.nickname, a->status.nickname)))
630  return r;
631 
632  CMP_FIELD(unsigned, int, addr);
633  CMP_FIELD(unsigned, int, or_port);
634  CMP_FIELD(unsigned, int, dir_port);
635 
636  return 0;
637 }
638 
639 /** Helper for sorting routerlists based on compare_vote_rs. */
640 static int
641 compare_vote_rs_(const void **_a, const void **_b)
642 {
643  const vote_routerstatus_t *a = *_a, *b = *_b;
644  return compare_vote_rs(a,b);
645 }
646 
647 /** Helper for sorting OR ports. */
648 static int
649 compare_orports_(const void **_a, const void **_b)
650 {
651  const tor_addr_port_t *a = *_a, *b = *_b;
652  int r;
653 
654  if ((r = tor_addr_compare(&a->addr, &b->addr, CMP_EXACT)))
655  return r;
656  if ((r = (((int) b->port) - ((int) a->port))))
657  return r;
658 
659  return 0;
660 }
661 
662 /** Given a list of vote_routerstatus_t, all for the same router identity,
663  * return whichever is most frequent, breaking ties in favor of more
664  * recently published vote_routerstatus_t and in case of ties there,
665  * in favor of smaller descriptor digest.
666  */
667 static vote_routerstatus_t *
668 compute_routerstatus_consensus(smartlist_t *votes, int consensus_method,
669  char *microdesc_digest256_out,
670  tor_addr_port_t *best_alt_orport_out)
671 {
672  vote_routerstatus_t *most = NULL, *cur = NULL;
673  int most_n = 0, cur_n = 0;
674  time_t most_published = 0;
675 
676  /* compare_vote_rs_() sorts the items by identity digest (all the same),
677  * then by SD digest. That way, if we have a tie that the published_on
678  * date cannot break, we use the descriptor with the smaller digest.
679  */
682  if (cur && !compare_vote_rs(cur, rs)) {
683  ++cur_n;
684  } else {
685  if (cur && (cur_n > most_n ||
686  (cur_n == most_n &&
687  cur->status.published_on > most_published))) {
688  most = cur;
689  most_n = cur_n;
690  most_published = cur->status.published_on;
691  }
692  cur_n = 1;
693  cur = rs;
694  }
695  } SMARTLIST_FOREACH_END(rs);
696 
697  if (cur_n > most_n ||
698  (cur && cur_n == most_n && cur->status.published_on > most_published)) {
699  most = cur;
700  // most_n = cur_n; // unused after this point.
701  // most_published = cur->status.published_on; // unused after this point.
702  }
703 
704  tor_assert(most);
705 
706  /* Vote on potential alternative (sets of) OR port(s) in the winning
707  * routerstatuses.
708  *
709  * XXX prop186 There's at most one alternative OR port (_the_ IPv6
710  * port) for now. */
711  if (best_alt_orport_out) {
712  smartlist_t *alt_orports = smartlist_new();
713  const tor_addr_port_t *most_alt_orport = NULL;
714 
716  tor_assert(rs);
717  if (compare_vote_rs(most, rs) == 0 &&
718  !tor_addr_is_null(&rs->status.ipv6_addr)
719  && rs->status.ipv6_orport) {
720  smartlist_add(alt_orports, tor_addr_port_new(&rs->status.ipv6_addr,
721  rs->status.ipv6_orport));
722  }
723  } SMARTLIST_FOREACH_END(rs);
724 
725  smartlist_sort(alt_orports, compare_orports_);
726  most_alt_orport = smartlist_get_most_frequent(alt_orports,
728  if (most_alt_orport) {
729  memcpy(best_alt_orport_out, most_alt_orport, sizeof(tor_addr_port_t));
730  log_debug(LD_DIR, "\"a\" line winner for %s is %s",
731  most->status.nickname,
732  fmt_addrport(&most_alt_orport->addr, most_alt_orport->port));
733  }
734 
735  SMARTLIST_FOREACH(alt_orports, tor_addr_port_t *, ap, tor_free(ap));
736  smartlist_free(alt_orports);
737  }
738 
739  if (microdesc_digest256_out) {
740  smartlist_t *digests = smartlist_new();
741  const uint8_t *best_microdesc_digest;
743  char d[DIGEST256_LEN];
744  if (compare_vote_rs(rs, most))
745  continue;
746  if (!vote_routerstatus_find_microdesc_hash(d, rs, consensus_method,
747  DIGEST_SHA256))
748  smartlist_add(digests, tor_memdup(d, sizeof(d)));
749  } SMARTLIST_FOREACH_END(rs);
750  smartlist_sort_digests256(digests);
751  best_microdesc_digest = smartlist_get_most_frequent_digest256(digests);
752  if (best_microdesc_digest)
753  memcpy(microdesc_digest256_out, best_microdesc_digest, DIGEST256_LEN);
754  SMARTLIST_FOREACH(digests, char *, cp, tor_free(cp));
755  smartlist_free(digests);
756  }
757 
758  return most;
759 }
760 
761 /** Sorting helper: compare two strings based on their values as base-ten
762  * positive integers. (Non-integers are treated as prior to all integers, and
763  * compared lexically.) */
764 static int
765 cmp_int_strings_(const void **_a, const void **_b)
766 {
767  const char *a = *_a, *b = *_b;
768  int ai = (int)tor_parse_long(a, 10, 1, INT_MAX, NULL, NULL);
769  int bi = (int)tor_parse_long(b, 10, 1, INT_MAX, NULL, NULL);
770  if (ai<bi) {
771  return -1;
772  } else if (ai==bi) {
773  if (ai == 0) /* Parsing failed. */
774  return strcmp(a, b);
775  return 0;
776  } else {
777  return 1;
778  }
779 }
780 
781 /** Given a list of networkstatus_t votes, determine and return the number of
782  * the highest consensus method that is supported by 2/3 of the voters. */
783 static int
785 {
786  smartlist_t *all_methods = smartlist_new();
787  smartlist_t *acceptable_methods = smartlist_new();
788  smartlist_t *tmp = smartlist_new();
789  int min = (smartlist_len(votes) * 2) / 3;
790  int n_ok;
791  int result;
792  SMARTLIST_FOREACH(votes, networkstatus_t *, vote,
793  {
794  tor_assert(vote->supported_methods);
795  smartlist_add_all(tmp, vote->supported_methods);
797  smartlist_uniq(tmp, cmp_int_strings_, NULL);
798  smartlist_add_all(all_methods, tmp);
799  smartlist_clear(tmp);
800  });
801 
802  smartlist_sort(all_methods, cmp_int_strings_);
803  get_frequent_members(acceptable_methods, all_methods, min);
804  n_ok = smartlist_len(acceptable_methods);
805  if (n_ok) {
806  const char *best = smartlist_get(acceptable_methods, n_ok-1);
807  result = (int)tor_parse_long(best, 10, 1, INT_MAX, NULL, NULL);
808  } else {
809  result = 1;
810  }
811  smartlist_free(tmp);
812  smartlist_free(all_methods);
813  smartlist_free(acceptable_methods);
814  return result;
815 }
816 
817 /** Return true iff <b>method</b> is a consensus method that we support. */
818 static int
820 {
821  return (method >= MIN_SUPPORTED_CONSENSUS_METHOD) &&
822  (method <= MAX_SUPPORTED_CONSENSUS_METHOD);
823 }
824 
825 /** Return a newly allocated string holding the numbers between low and high
826  * (inclusive) that are supported consensus methods. */
827 STATIC char *
828 make_consensus_method_list(int low, int high, const char *separator)
829 {
830  char *list;
831 
832  int i;
833  smartlist_t *lst;
834  lst = smartlist_new();
835  for (i = low; i <= high; ++i) {
837  continue;
838  smartlist_add_asprintf(lst, "%d", i);
839  }
840  list = smartlist_join_strings(lst, separator, 0, NULL);
841  tor_assert(list);
842  SMARTLIST_FOREACH(lst, char *, cp, tor_free(cp));
843  smartlist_free(lst);
844  return list;
845 }
846 
847 /** Helper: given <b>lst</b>, a list of version strings such that every
848  * version appears once for every versioning voter who recommends it, return a
849  * newly allocated string holding the resulting client-versions or
850  * server-versions list. May change contents of <b>lst</b> */
851 static char *
853 {
854  int min = n_versioning / 2;
855  smartlist_t *good = smartlist_new();
856  char *result;
857  SMARTLIST_FOREACH_BEGIN(lst, const char *, v) {
858  if (strchr(v, ' ')) {
859  log_warn(LD_DIR, "At least one authority has voted for a version %s "
860  "that contains a space. This probably wasn't intentional, and "
861  "is likely to cause trouble. Please tell them to stop it.",
862  escaped(v));
863  }
864  } SMARTLIST_FOREACH_END(v);
865  sort_version_list(lst, 0);
866  get_frequent_members(good, lst, min);
867  result = smartlist_join_strings(good, ",", 0, NULL);
868  smartlist_free(good);
869  return result;
870 }
871 
872 /** Given a list of K=V values, return the int32_t value corresponding to
873  * KEYWORD=, or default_val if no such value exists, or if the value is
874  * corrupt.
875  */
876 STATIC int32_t
878  const char *keyword,
879  int32_t default_val)
880 {
881  unsigned int n_found = 0;
882  int32_t value = default_val;
883 
884  SMARTLIST_FOREACH_BEGIN(param_list, const char *, k_v_pair) {
885  if (!strcmpstart(k_v_pair, keyword) && k_v_pair[strlen(keyword)] == '=') {
886  const char *integer_str = &k_v_pair[strlen(keyword)+1];
887  int ok;
888  value = (int32_t)
889  tor_parse_long(integer_str, 10, INT32_MIN, INT32_MAX, &ok, NULL);
890  if (BUG(!ok))
891  return default_val;
892  ++n_found;
893  }
894  } SMARTLIST_FOREACH_END(k_v_pair);
895 
896  if (n_found == 1) {
897  return value;
898  } else {
899  tor_assert_nonfatal(n_found == 0);
900  return default_val;
901  }
902 }
903 
904 /** Minimum number of directory authorities voting for a parameter to
905  * include it in the consensus, if consensus method 12 or later is to be
906  * used. See proposal 178 for details. */
907 #define MIN_VOTES_FOR_PARAM 3
908 
909 /** Helper: given a list of valid networkstatus_t, return a new smartlist
910  * containing the contents of the consensus network parameter set.
911  */
913 dirvote_compute_params(smartlist_t *votes, int method, int total_authorities)
914 {
915  int i;
916  int32_t *vals;
917 
918  int cur_param_len;
919  const char *cur_param;
920  const char *eq;
921 
922  const int n_votes = smartlist_len(votes);
923  smartlist_t *output;
924  smartlist_t *param_list = smartlist_new();
925  (void) method;
926 
927  /* We require that the parameter lists in the votes are well-formed: that
928  is, that their keywords are unique and sorted, and that their values are
929  between INT32_MIN and INT32_MAX inclusive. This should be guaranteed by
930  the parsing code. */
931 
932  vals = tor_calloc(n_votes, sizeof(int));
933 
935  if (!v->net_params)
936  continue;
937  smartlist_add_all(param_list, v->net_params);
938  } SMARTLIST_FOREACH_END(v);
939 
940  if (smartlist_len(param_list) == 0) {
941  tor_free(vals);
942  return param_list;
943  }
944 
945  smartlist_sort_strings(param_list);
946  i = 0;
947  cur_param = smartlist_get(param_list, 0);
948  eq = strchr(cur_param, '=');
949  tor_assert(eq);
950  cur_param_len = (int)(eq+1 - cur_param);
951 
952  output = smartlist_new();
953 
954  SMARTLIST_FOREACH_BEGIN(param_list, const char *, param) {
955  /* resolve spurious clang shallow analysis null pointer errors */
956  tor_assert(param);
957 
958  const char *next_param;
959  int ok=0;
960  eq = strchr(param, '=');
961  tor_assert(i<n_votes); /* Make sure we prevented vote-stuffing. */
962  vals[i++] = (int32_t)
963  tor_parse_long(eq+1, 10, INT32_MIN, INT32_MAX, &ok, NULL);
964  tor_assert(ok); /* Already checked these when parsing. */
965 
966  if (param_sl_idx+1 == smartlist_len(param_list))
967  next_param = NULL;
968  else
969  next_param = smartlist_get(param_list, param_sl_idx+1);
970 
971  if (!next_param || strncmp(next_param, param, cur_param_len)) {
972  /* We've reached the end of a series. */
973  /* Make sure enough authorities voted on this param, unless the
974  * the consensus method we use is too old for that. */
975  if (i > total_authorities/2 ||
976  i >= MIN_VOTES_FOR_PARAM) {
977  int32_t median = median_int32(vals, i);
978  char *out_string = tor_malloc(64+cur_param_len);
979  memcpy(out_string, param, cur_param_len);
980  tor_snprintf(out_string+cur_param_len,64, "%ld", (long)median);
981  smartlist_add(output, out_string);
982  }
983 
984  i = 0;
985  if (next_param) {
986  eq = strchr(next_param, '=');
987  cur_param_len = (int)(eq+1 - next_param);
988  }
989  }
990  } SMARTLIST_FOREACH_END(param);
991 
992  smartlist_free(param_list);
993  tor_free(vals);
994  return output;
995 }
996 
997 #define RANGE_CHECK(a,b,c,d,e,f,g,mx) \
998  ((a) >= 0 && (a) <= (mx) && (b) >= 0 && (b) <= (mx) && \
999  (c) >= 0 && (c) <= (mx) && (d) >= 0 && (d) <= (mx) && \
1000  (e) >= 0 && (e) <= (mx) && (f) >= 0 && (f) <= (mx) && \
1001  (g) >= 0 && (g) <= (mx))
1002 
1003 #define CHECK_EQ(a, b, margin) \
1004  ((a)-(b) >= 0 ? (a)-(b) <= (margin) : (b)-(a) <= (margin))
1005 
1006 typedef enum {
1007  BW_WEIGHTS_NO_ERROR = 0,
1008  BW_WEIGHTS_RANGE_ERROR = 1,
1009  BW_WEIGHTS_SUMG_ERROR = 2,
1010  BW_WEIGHTS_SUME_ERROR = 3,
1011  BW_WEIGHTS_SUMD_ERROR = 4,
1012  BW_WEIGHTS_BALANCE_MID_ERROR = 5,
1013  BW_WEIGHTS_BALANCE_EG_ERROR = 6
1014 } bw_weights_error_t;
1015 
1016 /**
1017  * Verify that any weightings satisfy the balanced formulas.
1018  */
1019 static bw_weights_error_t
1020 networkstatus_check_weights(int64_t Wgg, int64_t Wgd, int64_t Wmg,
1021  int64_t Wme, int64_t Wmd, int64_t Wee,
1022  int64_t Wed, int64_t scale, int64_t G,
1023  int64_t M, int64_t E, int64_t D, int64_t T,
1024  int64_t margin, int do_balance) {
1025  bw_weights_error_t berr = BW_WEIGHTS_NO_ERROR;
1026 
1027  // Wed + Wmd + Wgd == 1
1028  if (!CHECK_EQ(Wed + Wmd + Wgd, scale, margin)) {
1029  berr = BW_WEIGHTS_SUMD_ERROR;
1030  goto out;
1031  }
1032 
1033  // Wmg + Wgg == 1
1034  if (!CHECK_EQ(Wmg + Wgg, scale, margin)) {
1035  berr = BW_WEIGHTS_SUMG_ERROR;
1036  goto out;
1037  }
1038 
1039  // Wme + Wee == 1
1040  if (!CHECK_EQ(Wme + Wee, scale, margin)) {
1041  berr = BW_WEIGHTS_SUME_ERROR;
1042  goto out;
1043  }
1044 
1045  // Verify weights within range 0->1
1046  if (!RANGE_CHECK(Wgg, Wgd, Wmg, Wme, Wmd, Wed, Wee, scale)) {
1047  berr = BW_WEIGHTS_RANGE_ERROR;
1048  goto out;
1049  }
1050 
1051  if (do_balance) {
1052  // Wgg*G + Wgd*D == Wee*E + Wed*D, already scaled
1053  if (!CHECK_EQ(Wgg*G + Wgd*D, Wee*E + Wed*D, (margin*T)/3)) {
1054  berr = BW_WEIGHTS_BALANCE_EG_ERROR;
1055  goto out;
1056  }
1057 
1058  // Wgg*G + Wgd*D == M*scale + Wmd*D + Wme*E + Wmg*G, already scaled
1059  if (!CHECK_EQ(Wgg*G + Wgd*D, M*scale + Wmd*D + Wme*E + Wmg*G,
1060  (margin*T)/3)) {
1061  berr = BW_WEIGHTS_BALANCE_MID_ERROR;
1062  goto out;
1063  }
1064  }
1065 
1066  out:
1067  if (berr) {
1068  log_info(LD_DIR,
1069  "Bw weight mismatch %d. G=%"PRId64" M=%"PRId64
1070  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1071  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1072  " Wgd=%d Wgg=%d Wme=%d Wmg=%d",
1073  berr,
1074  (G), (M), (E),
1075  (D), (T),
1076  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1077  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg);
1078  }
1079 
1080  return berr;
1081 }
1082 
1083 /**
1084  * This function computes the bandwidth weights for consensus method 10.
1085  *
1086  * It returns true if weights could be computed, false otherwise.
1087  */
1088 int
1090  int64_t M, int64_t E, int64_t D,
1091  int64_t T, int64_t weight_scale)
1092 {
1093  bw_weights_error_t berr = 0;
1094  int64_t Wgg = -1, Wgd = -1;
1095  int64_t Wmg = -1, Wme = -1, Wmd = -1;
1096  int64_t Wed = -1, Wee = -1;
1097  const char *casename;
1098 
1099  if (G <= 0 || M <= 0 || E <= 0 || D <= 0) {
1100  log_warn(LD_DIR, "Consensus with empty bandwidth: "
1101  "G=%"PRId64" M=%"PRId64" E=%"PRId64
1102  " D=%"PRId64" T=%"PRId64,
1103  (G), (M), (E),
1104  (D), (T));
1105  return 0;
1106  }
1107 
1108  /*
1109  * Computed from cases in 3.8.3 of dir-spec.txt
1110  *
1111  * 1. Neither are scarce
1112  * 2. Both Guard and Exit are scarce
1113  * a. R+D <= S
1114  * b. R+D > S
1115  * 3. One of Guard or Exit is scarce
1116  * a. S+D < T/3
1117  * b. S+D >= T/3
1118  */
1119  if (3*E >= T && 3*G >= T) { // E >= T/3 && G >= T/3
1120  /* Case 1: Neither are scarce. */
1121  casename = "Case 1 (Wgd=Wmd=Wed)";
1122  Wgd = weight_scale/3;
1123  Wed = weight_scale/3;
1124  Wmd = weight_scale/3;
1125  Wee = (weight_scale*(E+G+M))/(3*E);
1126  Wme = weight_scale - Wee;
1127  Wmg = (weight_scale*(2*G-E-M))/(3*G);
1128  Wgg = weight_scale - Wmg;
1129 
1130  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee, Wed,
1131  weight_scale, G, M, E, D, T, 10, 1);
1132 
1133  if (berr) {
1134  log_warn(LD_DIR,
1135  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1136  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1137  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1138  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1139  berr, casename,
1140  (G), (M), (E),
1141  (D), (T),
1142  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1143  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1144  return 0;
1145  }
1146  } else if (3*E < T && 3*G < T) { // E < T/3 && G < T/3
1147  int64_t R = MIN(E, G);
1148  int64_t S = MAX(E, G);
1149  /*
1150  * Case 2: Both Guards and Exits are scarce
1151  * Balance D between E and G, depending upon
1152  * D capacity and scarcity.
1153  */
1154  if (R+D < S) { // Subcase a
1155  Wgg = weight_scale;
1156  Wee = weight_scale;
1157  Wmg = 0;
1158  Wme = 0;
1159  Wmd = 0;
1160  if (E < G) {
1161  casename = "Case 2a (E scarce)";
1162  Wed = weight_scale;
1163  Wgd = 0;
1164  } else { /* E >= G */
1165  casename = "Case 2a (G scarce)";
1166  Wed = 0;
1167  Wgd = weight_scale;
1168  }
1169  } else { // Subcase b: R+D >= S
1170  casename = "Case 2b1 (Wgg=weight_scale, Wmd=Wgd)";
1171  Wee = (weight_scale*(E - G + M))/E;
1172  Wed = (weight_scale*(D - 2*E + 4*G - 2*M))/(3*D);
1173  Wme = (weight_scale*(G-M))/E;
1174  Wmg = 0;
1175  Wgg = weight_scale;
1176  Wmd = (weight_scale - Wed)/2;
1177  Wgd = (weight_scale - Wed)/2;
1178 
1179  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee, Wed,
1180  weight_scale, G, M, E, D, T, 10, 1);
1181 
1182  if (berr) {
1183  casename = "Case 2b2 (Wgg=weight_scale, Wee=weight_scale)";
1184  Wgg = weight_scale;
1185  Wee = weight_scale;
1186  Wed = (weight_scale*(D - 2*E + G + M))/(3*D);
1187  Wmd = (weight_scale*(D - 2*M + G + E))/(3*D);
1188  Wme = 0;
1189  Wmg = 0;
1190 
1191  if (Wmd < 0) { // Can happen if M > T/3
1192  casename = "Case 2b3 (Wmd=0)";
1193  Wmd = 0;
1194  log_warn(LD_DIR,
1195  "Too much Middle bandwidth on the network to calculate "
1196  "balanced bandwidth-weights. Consider increasing the "
1197  "number of Guard nodes by lowering the requirements.");
1198  }
1199  Wgd = weight_scale - Wed - Wmd;
1200  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1201  Wed, weight_scale, G, M, E, D, T, 10, 1);
1202  }
1203  if (berr != BW_WEIGHTS_NO_ERROR &&
1204  berr != BW_WEIGHTS_BALANCE_MID_ERROR) {
1205  log_warn(LD_DIR,
1206  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1207  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1208  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1209  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1210  berr, casename,
1211  (G), (M), (E),
1212  (D), (T),
1213  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1214  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1215  return 0;
1216  }
1217  }
1218  } else { // if (E < T/3 || G < T/3) {
1219  int64_t S = MIN(E, G);
1220  // Case 3: Exactly one of Guard or Exit is scarce
1221  if (!(3*E < T || 3*G < T) || !(3*G >= T || 3*E >= T)) {
1222  log_warn(LD_BUG,
1223  "Bw-Weights Case 3 v10 but with G=%"PRId64" M="
1224  "%"PRId64" E=%"PRId64" D=%"PRId64" T=%"PRId64,
1225  (G), (M), (E),
1226  (D), (T));
1227  }
1228 
1229  if (3*(S+D) < T) { // Subcase a: S+D < T/3
1230  if (G < E) {
1231  casename = "Case 3a (G scarce)";
1232  Wgg = Wgd = weight_scale;
1233  Wmd = Wed = Wmg = 0;
1234  // Minor subcase, if E is more scarce than M,
1235  // keep its bandwidth in place.
1236  if (E < M) Wme = 0;
1237  else Wme = (weight_scale*(E-M))/(2*E);
1238  Wee = weight_scale-Wme;
1239  } else { // G >= E
1240  casename = "Case 3a (E scarce)";
1241  Wee = Wed = weight_scale;
1242  Wmd = Wgd = Wme = 0;
1243  // Minor subcase, if G is more scarce than M,
1244  // keep its bandwidth in place.
1245  if (G < M) Wmg = 0;
1246  else Wmg = (weight_scale*(G-M))/(2*G);
1247  Wgg = weight_scale-Wmg;
1248  }
1249  } else { // Subcase b: S+D >= T/3
1250  // D != 0 because S+D >= T/3
1251  if (G < E) {
1252  casename = "Case 3bg (G scarce, Wgg=weight_scale, Wmd == Wed)";
1253  Wgg = weight_scale;
1254  Wgd = (weight_scale*(D - 2*G + E + M))/(3*D);
1255  Wmg = 0;
1256  Wee = (weight_scale*(E+M))/(2*E);
1257  Wme = weight_scale - Wee;
1258  Wmd = (weight_scale - Wgd)/2;
1259  Wed = (weight_scale - Wgd)/2;
1260 
1261  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1262  Wed, weight_scale, G, M, E, D, T, 10, 1);
1263  } else { // G >= E
1264  casename = "Case 3be (E scarce, Wee=weight_scale, Wmd == Wgd)";
1265  Wee = weight_scale;
1266  Wed = (weight_scale*(D - 2*E + G + M))/(3*D);
1267  Wme = 0;
1268  Wgg = (weight_scale*(G+M))/(2*G);
1269  Wmg = weight_scale - Wgg;
1270  Wmd = (weight_scale - Wed)/2;
1271  Wgd = (weight_scale - Wed)/2;
1272 
1273  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1274  Wed, weight_scale, G, M, E, D, T, 10, 1);
1275  }
1276  if (berr) {
1277  log_warn(LD_DIR,
1278  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1279  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1280  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1281  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1282  berr, casename,
1283  (G), (M), (E),
1284  (D), (T),
1285  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1286  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1287  return 0;
1288  }
1289  }
1290  }
1291 
1292  /* We cast down the weights to 32 bit ints on the assumption that
1293  * weight_scale is ~= 10000. We need to ensure a rogue authority
1294  * doesn't break this assumption to rig our weights */
1295  tor_assert(0 < weight_scale && weight_scale <= INT32_MAX);
1296 
1297  /*
1298  * Provide Wgm=Wgg, Wmm=weight_scale, Wem=Wee, Weg=Wed. May later determine
1299  * that middle nodes need different bandwidth weights for dirport traffic,
1300  * or that weird exit policies need special weight, or that bridges
1301  * need special weight.
1302  *
1303  * NOTE: This list is sorted.
1304  */
1305  smartlist_add_asprintf(chunks,
1306  "bandwidth-weights Wbd=%d Wbe=%d Wbg=%d Wbm=%d "
1307  "Wdb=%d "
1308  "Web=%d Wed=%d Wee=%d Weg=%d Wem=%d "
1309  "Wgb=%d Wgd=%d Wgg=%d Wgm=%d "
1310  "Wmb=%d Wmd=%d Wme=%d Wmg=%d Wmm=%d\n",
1311  (int)Wmd, (int)Wme, (int)Wmg, (int)weight_scale,
1312  (int)weight_scale,
1313  (int)weight_scale, (int)Wed, (int)Wee, (int)Wed, (int)Wee,
1314  (int)weight_scale, (int)Wgd, (int)Wgg, (int)Wgg,
1315  (int)weight_scale, (int)Wmd, (int)Wme, (int)Wmg, (int)weight_scale);
1316 
1317  log_notice(LD_CIRC, "Computed bandwidth weights for %s with v10: "
1318  "G=%"PRId64" M=%"PRId64" E=%"PRId64" D=%"PRId64
1319  " T=%"PRId64,
1320  casename,
1321  (G), (M), (E),
1322  (D), (T));
1323  return 1;
1324 }
1325 
1326 /** Update total bandwidth weights (G/M/E/D/T) with the bandwidth of
1327  * the router in <b>rs</b>. */
1328 static void
1330  int is_exit, int is_guard,
1331  int64_t *G, int64_t *M, int64_t *E, int64_t *D,
1332  int64_t *T)
1333 {
1334  int default_bandwidth = rs->bandwidth_kb;
1335  int guardfraction_bandwidth = 0;
1336 
1337  if (!rs->has_bandwidth) {
1338  log_info(LD_BUG, "Missing consensus bandwidth for router %s",
1339  rs->nickname);
1340  return;
1341  }
1342 
1343  /* If this routerstatus represents a guard that we have
1344  * guardfraction information on, use it to calculate its actual
1345  * bandwidth. From proposal236:
1346  *
1347  * Similarly, when calculating the bandwidth-weights line as in
1348  * section 3.8.3 of dir-spec.txt, directory authorities should treat N
1349  * as if fraction F of its bandwidth has the guard flag and (1-F) does
1350  * not. So when computing the totals G,M,E,D, each relay N with guard
1351  * visibility fraction F and bandwidth B should be added as follows:
1352  *
1353  * G' = G + F*B, if N does not have the exit flag
1354  * M' = M + (1-F)*B, if N does not have the exit flag
1355  *
1356  * or
1357  *
1358  * D' = D + F*B, if N has the exit flag
1359  * E' = E + (1-F)*B, if N has the exit flag
1360  *
1361  * In this block of code, we prepare the bandwidth values by setting
1362  * the default_bandwidth to F*B and guardfraction_bandwidth to (1-F)*B.
1363  */
1364  if (rs->has_guardfraction) {
1365  guardfraction_bandwidth_t guardfraction_bw;
1366 
1367  tor_assert(is_guard);
1368 
1369  guard_get_guardfraction_bandwidth(&guardfraction_bw,
1370  rs->bandwidth_kb,
1372 
1373  default_bandwidth = guardfraction_bw.guard_bw;
1374  guardfraction_bandwidth = guardfraction_bw.non_guard_bw;
1375  }
1376 
1377  /* Now calculate the total bandwidth weights with or without
1378  * guardfraction. Depending on the flags of the relay, add its
1379  * bandwidth to the appropriate weight pool. If it's a guard and
1380  * guardfraction is enabled, add its bandwidth to both pools as
1381  * indicated by the previous comment.
1382  */
1383  *T += default_bandwidth;
1384  if (is_exit && is_guard) {
1385 
1386  *D += default_bandwidth;
1387  if (rs->has_guardfraction) {
1388  *E += guardfraction_bandwidth;
1389  }
1390 
1391  } else if (is_exit) {
1392 
1393  *E += default_bandwidth;
1394 
1395  } else if (is_guard) {
1396 
1397  *G += default_bandwidth;
1398  if (rs->has_guardfraction) {
1399  *M += guardfraction_bandwidth;
1400  }
1401 
1402  } else {
1403 
1404  *M += default_bandwidth;
1405  }
1406 }
1407 
1408 /** Considering the different recommended/required protocols sets as a
1409  * 4-element array, return the element from <b>vote</b> for that protocol
1410  * set.
1411  */
1412 static const char *
1414 {
1415  switch (n) {
1416  case 0: return vote->recommended_client_protocols;
1417  case 1: return vote->recommended_relay_protocols;
1418  case 2: return vote->required_client_protocols;
1419  case 3: return vote->required_relay_protocols;
1420  default:
1421  tor_assert_unreached();
1422  return NULL;
1423  }
1424 }
1425 
1426 /** Considering the different recommended/required protocols sets as a
1427  * 4-element array, return a newly allocated string for the consensus value
1428  * for the n'th set.
1429  */
1430 static char *
1431 compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes)
1432 {
1433  const char *keyword;
1434  smartlist_t *proto_votes = smartlist_new();
1435  int threshold;
1436  switch (n) {
1437  case 0:
1438  keyword = "recommended-client-protocols";
1439  threshold = CEIL_DIV(n_voters, 2);
1440  break;
1441  case 1:
1442  keyword = "recommended-relay-protocols";
1443  threshold = CEIL_DIV(n_voters, 2);
1444  break;
1445  case 2:
1446  keyword = "required-client-protocols";
1447  threshold = CEIL_DIV(n_voters * 2, 3);
1448  break;
1449  case 3:
1450  keyword = "required-relay-protocols";
1451  threshold = CEIL_DIV(n_voters * 2, 3);
1452  break;
1453  default:
1454  tor_assert_unreached();
1455  return NULL;
1456  }
1457 
1458  SMARTLIST_FOREACH_BEGIN(votes, const networkstatus_t *, ns) {
1459  const char *v = get_nth_protocol_set_vote(n, ns);
1460  if (v)
1461  smartlist_add(proto_votes, (void*)v);
1462  } SMARTLIST_FOREACH_END(ns);
1463 
1464  char *protocols = protover_compute_vote(proto_votes, threshold);
1465  smartlist_free(proto_votes);
1466 
1467  char *result = NULL;
1468  tor_asprintf(&result, "%s %s\n", keyword, protocols);
1469  tor_free(protocols);
1470 
1471  return result;
1472 }
1473 
1474 /** Given a list of vote networkstatus_t in <b>votes</b>, our public
1475  * authority <b>identity_key</b>, our private authority <b>signing_key</b>,
1476  * and the number of <b>total_authorities</b> that we believe exist in our
1477  * voting quorum, generate the text of a new v3 consensus or microdescriptor
1478  * consensus (depending on <b>flavor</b>), and return the value in a newly
1479  * allocated string.
1480  *
1481  * Note: this function DOES NOT check whether the votes are from
1482  * recognized authorities. (dirvote_add_vote does that.)
1483  *
1484  * <strong>WATCH OUT</strong>: You need to think before you change the
1485  * behavior of this function, or of the functions it calls! If some
1486  * authorities compute the consensus with a different algorithm than
1487  * others, they will not reach the same result, and they will not all
1488  * sign the same thing! If you really need to change the algorithm
1489  * here, you should allocate a new "consensus_method" for the new
1490  * behavior, and make the new behavior conditional on a new-enough
1491  * consensus_method.
1492  **/
1493 STATIC char *
1495  int total_authorities,
1496  crypto_pk_t *identity_key,
1497  crypto_pk_t *signing_key,
1498  const char *legacy_id_key_digest,
1500  consensus_flavor_t flavor)
1501 {
1502  smartlist_t *chunks;
1503  char *result = NULL;
1504  int consensus_method;
1505  time_t valid_after, fresh_until, valid_until;
1506  int vote_seconds, dist_seconds;
1507  char *client_versions = NULL, *server_versions = NULL;
1508  smartlist_t *flags;
1509  const char *flavor_name;
1510  uint32_t max_unmeasured_bw_kb = DEFAULT_MAX_UNMEASURED_BW_KB;
1511  int64_t G, M, E, D, T; /* For bandwidth weights */
1512  const routerstatus_format_type_t rs_format =
1513  flavor == FLAV_NS ? NS_V3_CONSENSUS : NS_V3_CONSENSUS_MICRODESC;
1514  char *params = NULL;
1515  char *packages = NULL;
1516  int added_weights = 0;
1517  dircollator_t *collator = NULL;
1518  smartlist_t *param_list = NULL;
1519 
1520  tor_assert(flavor == FLAV_NS || flavor == FLAV_MICRODESC);
1521  tor_assert(total_authorities >= smartlist_len(votes));
1522  tor_assert(total_authorities > 0);
1523 
1524  flavor_name = networkstatus_get_flavor_name(flavor);
1525 
1526  if (!smartlist_len(votes)) {
1527  log_warn(LD_DIR, "Can't compute a consensus from no votes.");
1528  return NULL;
1529  }
1530  flags = smartlist_new();
1531 
1532  consensus_method = compute_consensus_method(votes);
1533  if (consensus_method_is_supported(consensus_method)) {
1534  log_info(LD_DIR, "Generating consensus using method %d.",
1535  consensus_method);
1536  } else {
1537  log_warn(LD_DIR, "The other authorities will use consensus method %d, "
1538  "which I don't support. Maybe I should upgrade!",
1539  consensus_method);
1540  consensus_method = MAX_SUPPORTED_CONSENSUS_METHOD;
1541  }
1542 
1543  {
1544  /* It's smarter to initialize these weights to 1, so that later on,
1545  * we can't accidentally divide by zero. */
1546  G = M = E = D = 1;
1547  T = 4;
1548  }
1549 
1550  /* Compute medians of time-related things, and figure out how many
1551  * routers we might need to talk about. */
1552  {
1553  int n_votes = smartlist_len(votes);
1554  time_t *va_times = tor_calloc(n_votes, sizeof(time_t));
1555  time_t *fu_times = tor_calloc(n_votes, sizeof(time_t));
1556  time_t *vu_times = tor_calloc(n_votes, sizeof(time_t));
1557  int *votesec_list = tor_calloc(n_votes, sizeof(int));
1558  int *distsec_list = tor_calloc(n_votes, sizeof(int));
1559  int n_versioning_clients = 0, n_versioning_servers = 0;
1560  smartlist_t *combined_client_versions = smartlist_new();
1561  smartlist_t *combined_server_versions = smartlist_new();
1562 
1564  tor_assert(v->type == NS_TYPE_VOTE);
1565  va_times[v_sl_idx] = v->valid_after;
1566  fu_times[v_sl_idx] = v->fresh_until;
1567  vu_times[v_sl_idx] = v->valid_until;
1568  votesec_list[v_sl_idx] = v->vote_seconds;
1569  distsec_list[v_sl_idx] = v->dist_seconds;
1570  if (v->client_versions) {
1571  smartlist_t *cv = smartlist_new();
1572  ++n_versioning_clients;
1573  smartlist_split_string(cv, v->client_versions, ",",
1574  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1575  sort_version_list(cv, 1);
1576  smartlist_add_all(combined_client_versions, cv);
1577  smartlist_free(cv); /* elements get freed later. */
1578  }
1579  if (v->server_versions) {
1580  smartlist_t *sv = smartlist_new();
1581  ++n_versioning_servers;
1582  smartlist_split_string(sv, v->server_versions, ",",
1583  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1584  sort_version_list(sv, 1);
1585  smartlist_add_all(combined_server_versions, sv);
1586  smartlist_free(sv); /* elements get freed later. */
1587  }
1588  SMARTLIST_FOREACH(v->known_flags, const char *, cp,
1589  smartlist_add_strdup(flags, cp));
1590  } SMARTLIST_FOREACH_END(v);
1591  valid_after = median_time(va_times, n_votes);
1592  fresh_until = median_time(fu_times, n_votes);
1593  valid_until = median_time(vu_times, n_votes);
1594  vote_seconds = median_int(votesec_list, n_votes);
1595  dist_seconds = median_int(distsec_list, n_votes);
1596 
1597  tor_assert(valid_after +
1598  (get_options()->TestingTorNetwork ?
1599  MIN_VOTE_INTERVAL_TESTING : MIN_VOTE_INTERVAL) <= fresh_until);
1600  tor_assert(fresh_until +
1601  (get_options()->TestingTorNetwork ?
1602  MIN_VOTE_INTERVAL_TESTING : MIN_VOTE_INTERVAL) <= valid_until);
1603  tor_assert(vote_seconds >= MIN_VOTE_SECONDS);
1604  tor_assert(dist_seconds >= MIN_DIST_SECONDS);
1605 
1606  server_versions = compute_consensus_versions_list(combined_server_versions,
1607  n_versioning_servers);
1608  client_versions = compute_consensus_versions_list(combined_client_versions,
1609  n_versioning_clients);
1610  packages = compute_consensus_package_lines(votes);
1611 
1612  SMARTLIST_FOREACH(combined_server_versions, char *, cp, tor_free(cp));
1613  SMARTLIST_FOREACH(combined_client_versions, char *, cp, tor_free(cp));
1614  smartlist_free(combined_server_versions);
1615  smartlist_free(combined_client_versions);
1616 
1617  smartlist_add_strdup(flags, "NoEdConsensus");
1618 
1619  smartlist_sort_strings(flags);
1620  smartlist_uniq_strings(flags);
1621 
1622  tor_free(va_times);
1623  tor_free(fu_times);
1624  tor_free(vu_times);
1625  tor_free(votesec_list);
1626  tor_free(distsec_list);
1627  }
1628 
1629  chunks = smartlist_new();
1630 
1631  {
1632  char va_buf[ISO_TIME_LEN+1], fu_buf[ISO_TIME_LEN+1],
1633  vu_buf[ISO_TIME_LEN+1];
1634  char *flaglist;
1635  format_iso_time(va_buf, valid_after);
1636  format_iso_time(fu_buf, fresh_until);
1637  format_iso_time(vu_buf, valid_until);
1638  flaglist = smartlist_join_strings(flags, " ", 0, NULL);
1639 
1640  smartlist_add_asprintf(chunks, "network-status-version 3%s%s\n"
1641  "vote-status consensus\n",
1642  flavor == FLAV_NS ? "" : " ",
1643  flavor == FLAV_NS ? "" : flavor_name);
1644 
1645  smartlist_add_asprintf(chunks, "consensus-method %d\n",
1646  consensus_method);
1647 
1648  smartlist_add_asprintf(chunks,
1649  "valid-after %s\n"
1650  "fresh-until %s\n"
1651  "valid-until %s\n"
1652  "voting-delay %d %d\n"
1653  "client-versions %s\n"
1654  "server-versions %s\n"
1655  "%s" /* packages */
1656  "known-flags %s\n",
1657  va_buf, fu_buf, vu_buf,
1658  vote_seconds, dist_seconds,
1659  client_versions, server_versions,
1660  packages,
1661  flaglist);
1662 
1663  tor_free(flaglist);
1664  }
1665 
1666  {
1667  int num_dirauth = get_n_authorities(V3_DIRINFO);
1668  int idx;
1669  for (idx = 0; idx < 4; ++idx) {
1670  char *proto_line = compute_nth_protocol_set(idx, num_dirauth, votes);
1671  if (BUG(!proto_line))
1672  continue;
1673  smartlist_add(chunks, proto_line);
1674  }
1675  }
1676 
1677  param_list = dirvote_compute_params(votes, consensus_method,
1678  total_authorities);
1679  if (smartlist_len(param_list)) {
1680  params = smartlist_join_strings(param_list, " ", 0, NULL);
1681  smartlist_add_strdup(chunks, "params ");
1682  smartlist_add(chunks, params);
1683  smartlist_add_strdup(chunks, "\n");
1684  }
1685 
1686  {
1687  int num_dirauth = get_n_authorities(V3_DIRINFO);
1688  /* Default value of this is 2/3 of the total number of authorities. For
1689  * instance, if we have 9 dirauth, the default value is 6. The following
1690  * calculation will round it down. */
1691  int32_t num_srv_agreements =
1693  "AuthDirNumSRVAgreements",
1694  (num_dirauth * 2) / 3);
1695  /* Add the shared random value. */
1696  char *srv_lines = sr_get_string_for_consensus(votes, num_srv_agreements);
1697  if (srv_lines != NULL) {
1698  smartlist_add(chunks, srv_lines);
1699  }
1700  }
1701 
1702  /* Sort the votes. */
1704  /* Add the authority sections. */
1705  {
1706  smartlist_t *dir_sources = smartlist_new();
1708  dir_src_ent_t *e = tor_malloc_zero(sizeof(dir_src_ent_t));
1709  e->v = v;
1710  e->digest = get_voter(v)->identity_digest;
1711  e->is_legacy = 0;
1712  smartlist_add(dir_sources, e);
1713  if (!tor_digest_is_zero(get_voter(v)->legacy_id_digest)) {
1714  dir_src_ent_t *e_legacy = tor_malloc_zero(sizeof(dir_src_ent_t));
1715  e_legacy->v = v;
1716  e_legacy->digest = get_voter(v)->legacy_id_digest;
1717  e_legacy->is_legacy = 1;
1718  smartlist_add(dir_sources, e_legacy);
1719  }
1720  } SMARTLIST_FOREACH_END(v);
1722 
1723  SMARTLIST_FOREACH_BEGIN(dir_sources, const dir_src_ent_t *, e) {
1724  char fingerprint[HEX_DIGEST_LEN+1];
1725  char votedigest[HEX_DIGEST_LEN+1];
1726  networkstatus_t *v = e->v;
1728 
1729  base16_encode(fingerprint, sizeof(fingerprint), e->digest, DIGEST_LEN);
1730  base16_encode(votedigest, sizeof(votedigest), voter->vote_digest,
1731  DIGEST_LEN);
1732 
1733  smartlist_add_asprintf(chunks,
1734  "dir-source %s%s %s %s %s %d %d\n",
1735  voter->nickname, e->is_legacy ? "-legacy" : "",
1736  fingerprint, voter->address, fmt_addr32(voter->addr),
1737  voter->dir_port,
1738  voter->or_port);
1739  if (! e->is_legacy) {
1740  smartlist_add_asprintf(chunks,
1741  "contact %s\n"
1742  "vote-digest %s\n",
1743  voter->contact,
1744  votedigest);
1745  }
1746  } SMARTLIST_FOREACH_END(e);
1747  SMARTLIST_FOREACH(dir_sources, dir_src_ent_t *, e, tor_free(e));
1748  smartlist_free(dir_sources);
1749  }
1750 
1751  {
1752  char *max_unmeasured_param = NULL;
1753  /* XXXX Extract this code into a common function. Or don't! see #19011 */
1754  if (params) {
1755  if (strcmpstart(params, "maxunmeasuredbw=") == 0)
1756  max_unmeasured_param = params;
1757  else
1758  max_unmeasured_param = strstr(params, " maxunmeasuredbw=");
1759  }
1760  if (max_unmeasured_param) {
1761  int ok = 0;
1762  char *eq = strchr(max_unmeasured_param, '=');
1763  if (eq) {
1764  max_unmeasured_bw_kb = (uint32_t)
1765  tor_parse_ulong(eq+1, 10, 1, UINT32_MAX, &ok, NULL);
1766  if (!ok) {
1767  log_warn(LD_DIR, "Bad element '%s' in max unmeasured bw param",
1768  escaped(max_unmeasured_param));
1769  max_unmeasured_bw_kb = DEFAULT_MAX_UNMEASURED_BW_KB;
1770  }
1771  }
1772  }
1773  }
1774 
1775  /* Add the actual router entries. */
1776  {
1777  int *size; /* size[j] is the number of routerstatuses in votes[j]. */
1778  int *flag_counts; /* The number of voters that list flag[j] for the
1779  * currently considered router. */
1780  int i;
1781  smartlist_t *matching_descs = smartlist_new();
1782  smartlist_t *chosen_flags = smartlist_new();
1783  smartlist_t *versions = smartlist_new();
1784  smartlist_t *protocols = smartlist_new();
1785  smartlist_t *exitsummaries = smartlist_new();
1786  uint32_t *bandwidths_kb = tor_calloc(smartlist_len(votes),
1787  sizeof(uint32_t));
1788  uint32_t *measured_bws_kb = tor_calloc(smartlist_len(votes),
1789  sizeof(uint32_t));
1790  uint32_t *measured_guardfraction = tor_calloc(smartlist_len(votes),
1791  sizeof(uint32_t));
1792  int num_bandwidths;
1793  int num_mbws;
1794  int num_guardfraction_inputs;
1795 
1796  int *n_voter_flags; /* n_voter_flags[j] is the number of flags that
1797  * votes[j] knows about. */
1798  int *n_flag_voters; /* n_flag_voters[f] is the number of votes that care
1799  * about flags[f]. */
1800  int **flag_map; /* flag_map[j][b] is an index f such that flag_map[f]
1801  * is the same flag as votes[j]->known_flags[b]. */
1802  int *named_flag; /* Index of the flag "Named" for votes[j] */
1803  int *unnamed_flag; /* Index of the flag "Unnamed" for votes[j] */
1804  int n_authorities_measuring_bandwidth;
1805 
1806  strmap_t *name_to_id_map = strmap_new();
1807  char conflict[DIGEST_LEN];
1808  char unknown[DIGEST_LEN];
1809  memset(conflict, 0, sizeof(conflict));
1810  memset(unknown, 0xff, sizeof(conflict));
1811 
1812  size = tor_calloc(smartlist_len(votes), sizeof(int));
1813  n_voter_flags = tor_calloc(smartlist_len(votes), sizeof(int));
1814  n_flag_voters = tor_calloc(smartlist_len(flags), sizeof(int));
1815  flag_map = tor_calloc(smartlist_len(votes), sizeof(int *));
1816  named_flag = tor_calloc(smartlist_len(votes), sizeof(int));
1817  unnamed_flag = tor_calloc(smartlist_len(votes), sizeof(int));
1818  for (i = 0; i < smartlist_len(votes); ++i)
1819  unnamed_flag[i] = named_flag[i] = -1;
1820 
1821  /* Build the flag indexes. Note that no vote can have more than 64 members
1822  * for known_flags, so no value will be greater than 63, so it's safe to
1823  * do UINT64_C(1) << index on these values. But note also that
1824  * named_flag and unnamed_flag are initialized to -1, so we need to check
1825  * that they're actually set before doing UINT64_C(1) << index with
1826  * them.*/
1828  flag_map[v_sl_idx] = tor_calloc(smartlist_len(v->known_flags),
1829  sizeof(int));
1830  if (smartlist_len(v->known_flags) > MAX_KNOWN_FLAGS_IN_VOTE) {
1831  log_warn(LD_BUG, "Somehow, a vote has %d entries in known_flags",
1832  smartlist_len(v->known_flags));
1833  }
1834  SMARTLIST_FOREACH_BEGIN(v->known_flags, const char *, fl) {
1835  int p = smartlist_string_pos(flags, fl);
1836  tor_assert(p >= 0);
1837  flag_map[v_sl_idx][fl_sl_idx] = p;
1838  ++n_flag_voters[p];
1839  if (!strcmp(fl, "Named"))
1840  named_flag[v_sl_idx] = fl_sl_idx;
1841  if (!strcmp(fl, "Unnamed"))
1842  unnamed_flag[v_sl_idx] = fl_sl_idx;
1843  } SMARTLIST_FOREACH_END(fl);
1844  n_voter_flags[v_sl_idx] = smartlist_len(v->known_flags);
1845  size[v_sl_idx] = smartlist_len(v->routerstatus_list);
1846  } SMARTLIST_FOREACH_END(v);
1847 
1848  /* Named and Unnamed get treated specially */
1849  {
1851  uint64_t nf;
1852  if (named_flag[v_sl_idx]<0)
1853  continue;
1854  nf = UINT64_C(1) << named_flag[v_sl_idx];
1855  SMARTLIST_FOREACH_BEGIN(v->routerstatus_list,
1856  vote_routerstatus_t *, rs) {
1857 
1858  if ((rs->flags & nf) != 0) {
1859  const char *d = strmap_get_lc(name_to_id_map, rs->status.nickname);
1860  if (!d) {
1861  /* We have no name officially mapped to this digest. */
1862  strmap_set_lc(name_to_id_map, rs->status.nickname,
1863  rs->status.identity_digest);
1864  } else if (d != conflict &&
1865  fast_memcmp(d, rs->status.identity_digest, DIGEST_LEN)) {
1866  /* Authorities disagree about this nickname. */
1867  strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
1868  } else {
1869  /* It's already a conflict, or it's already this ID. */
1870  }
1871  }
1872  } SMARTLIST_FOREACH_END(rs);
1873  } SMARTLIST_FOREACH_END(v);
1874 
1876  uint64_t uf;
1877  if (unnamed_flag[v_sl_idx]<0)
1878  continue;
1879  uf = UINT64_C(1) << unnamed_flag[v_sl_idx];
1880  SMARTLIST_FOREACH_BEGIN(v->routerstatus_list,
1881  vote_routerstatus_t *, rs) {
1882  if ((rs->flags & uf) != 0) {
1883  const char *d = strmap_get_lc(name_to_id_map, rs->status.nickname);
1884  if (d == conflict || d == unknown) {
1885  /* Leave it alone; we know what it is. */
1886  } else if (!d) {
1887  /* We have no name officially mapped to this digest. */
1888  strmap_set_lc(name_to_id_map, rs->status.nickname, unknown);
1889  } else if (fast_memeq(d, rs->status.identity_digest, DIGEST_LEN)) {
1890  /* Authorities disagree about this nickname. */
1891  strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
1892  } else {
1893  /* It's mapped to a different name. */
1894  }
1895  }
1896  } SMARTLIST_FOREACH_END(rs);
1897  } SMARTLIST_FOREACH_END(v);
1898  }
1899 
1900  /* We need to know how many votes measure bandwidth. */
1901  n_authorities_measuring_bandwidth = 0;
1902  SMARTLIST_FOREACH(votes, const networkstatus_t *, v,
1903  if (v->has_measured_bws) {
1904  ++n_authorities_measuring_bandwidth;
1905  }
1906  );
1907 
1908  /* Populate the collator */
1909  collator = dircollator_new(smartlist_len(votes), total_authorities);
1911  dircollator_add_vote(collator, v);
1912  } SMARTLIST_FOREACH_END(v);
1913 
1914  dircollator_collate(collator, consensus_method);
1915 
1916  /* Now go through all the votes */
1917  flag_counts = tor_calloc(smartlist_len(flags), sizeof(int));
1918  const int num_routers = dircollator_n_routers(collator);
1919  for (i = 0; i < num_routers; ++i) {
1920  vote_routerstatus_t **vrs_lst =
1921  dircollator_get_votes_for_router(collator, i);
1922 
1923  vote_routerstatus_t *rs;
1924  routerstatus_t rs_out;
1925  const char *current_rsa_id = NULL;
1926  const char *chosen_version;
1927  const char *chosen_protocol_list;
1928  const char *chosen_name = NULL;
1929  int exitsummary_disagreement = 0;
1930  int is_named = 0, is_unnamed = 0, is_running = 0, is_valid = 0;
1931  int is_guard = 0, is_exit = 0, is_bad_exit = 0;
1932  int naming_conflict = 0;
1933  int n_listing = 0;
1934  char microdesc_digest[DIGEST256_LEN];
1935  tor_addr_port_t alt_orport = {TOR_ADDR_NULL, 0};
1936 
1937  memset(flag_counts, 0, sizeof(int)*smartlist_len(flags));
1938  smartlist_clear(matching_descs);
1939  smartlist_clear(chosen_flags);
1940  smartlist_clear(versions);
1941  smartlist_clear(protocols);
1942  num_bandwidths = 0;
1943  num_mbws = 0;
1944  num_guardfraction_inputs = 0;
1945  int ed_consensus = 0;
1946  const uint8_t *ed_consensus_val = NULL;
1947 
1948  /* Okay, go through all the entries for this digest. */
1949  for (int voter_idx = 0; voter_idx < smartlist_len(votes); ++voter_idx) {
1950  if (vrs_lst[voter_idx] == NULL)
1951  continue; /* This voter had nothing to say about this entry. */
1952  rs = vrs_lst[voter_idx];
1953  ++n_listing;
1954 
1955  current_rsa_id = rs->status.identity_digest;
1956 
1957  smartlist_add(matching_descs, rs);
1958  if (rs->version && rs->version[0])
1959  smartlist_add(versions, rs->version);
1960 
1961  if (rs->protocols) {
1962  /* We include this one even if it's empty: voting for an
1963  * empty protocol list actually is meaningful. */
1964  smartlist_add(protocols, rs->protocols);
1965  }
1966 
1967  /* Tally up all the flags. */
1968  for (int flag = 0; flag < n_voter_flags[voter_idx]; ++flag) {
1969  if (rs->flags & (UINT64_C(1) << flag))
1970  ++flag_counts[flag_map[voter_idx][flag]];
1971  }
1972  if (named_flag[voter_idx] >= 0 &&
1973  (rs->flags & (UINT64_C(1) << named_flag[voter_idx]))) {
1974  if (chosen_name && strcmp(chosen_name, rs->status.nickname)) {
1975  log_notice(LD_DIR, "Conflict on naming for router: %s vs %s",
1976  chosen_name, rs->status.nickname);
1977  naming_conflict = 1;
1978  }
1979  chosen_name = rs->status.nickname;
1980  }
1981 
1982  /* Count guardfraction votes and note down the values. */
1983  if (rs->status.has_guardfraction) {
1984  measured_guardfraction[num_guardfraction_inputs++] =
1986  }
1987 
1988  /* count bandwidths */
1989  if (rs->has_measured_bw)
1990  measured_bws_kb[num_mbws++] = rs->measured_bw_kb;
1991 
1992  if (rs->status.has_bandwidth)
1993  bandwidths_kb[num_bandwidths++] = rs->status.bandwidth_kb;
1994 
1995  /* Count number for which ed25519 is canonical. */
1996  if (rs->ed25519_reflects_consensus) {
1997  ++ed_consensus;
1998  if (ed_consensus_val) {
1999  tor_assert(fast_memeq(ed_consensus_val, rs->ed25519_id,
2001  } else {
2002  ed_consensus_val = rs->ed25519_id;
2003  }
2004  }
2005  }
2006 
2007  /* We don't include this router at all unless more than half of
2008  * the authorities we believe in list it. */
2009  if (n_listing <= total_authorities/2)
2010  continue;
2011 
2012  if (ed_consensus > 0) {
2013  if (ed_consensus <= total_authorities / 2) {
2014  log_warn(LD_BUG, "Not enough entries had ed_consensus set; how "
2015  "can we have a consensus of %d?", ed_consensus);
2016  }
2017  }
2018 
2019  /* The clangalyzer can't figure out that this will never be NULL
2020  * if n_listing is at least 1 */
2021  tor_assert(current_rsa_id);
2022 
2023  /* Figure out the most popular opinion of what the most recent
2024  * routerinfo and its contents are. */
2025  memset(microdesc_digest, 0, sizeof(microdesc_digest));
2026  rs = compute_routerstatus_consensus(matching_descs, consensus_method,
2027  microdesc_digest, &alt_orport);
2028  /* Copy bits of that into rs_out. */
2029  memset(&rs_out, 0, sizeof(rs_out));
2030  tor_assert(fast_memeq(current_rsa_id,
2032  memcpy(rs_out.identity_digest, current_rsa_id, DIGEST_LEN);
2033  memcpy(rs_out.descriptor_digest, rs->status.descriptor_digest,
2034  DIGEST_LEN);
2035  rs_out.addr = rs->status.addr;
2036  rs_out.published_on = rs->status.published_on;
2037  rs_out.dir_port = rs->status.dir_port;
2038  rs_out.or_port = rs->status.or_port;
2039  tor_addr_copy(&rs_out.ipv6_addr, &alt_orport.addr);
2040  rs_out.ipv6_orport = alt_orport.port;
2041  rs_out.has_bandwidth = 0;
2042  rs_out.has_exitsummary = 0;
2043 
2044  if (chosen_name && !naming_conflict) {
2045  strlcpy(rs_out.nickname, chosen_name, sizeof(rs_out.nickname));
2046  } else {
2047  strlcpy(rs_out.nickname, rs->status.nickname, sizeof(rs_out.nickname));
2048  }
2049 
2050  {
2051  const char *d = strmap_get_lc(name_to_id_map, rs_out.nickname);
2052  if (!d) {
2053  is_named = is_unnamed = 0;
2054  } else if (fast_memeq(d, current_rsa_id, DIGEST_LEN)) {
2055  is_named = 1; is_unnamed = 0;
2056  } else {
2057  is_named = 0; is_unnamed = 1;
2058  }
2059  }
2060 
2061  /* Set the flags. */
2062  smartlist_add(chosen_flags, (char*)"s"); /* for the start of the line. */
2063  SMARTLIST_FOREACH_BEGIN(flags, const char *, fl) {
2064  if (!strcmp(fl, "Named")) {
2065  if (is_named)
2066  smartlist_add(chosen_flags, (char*)fl);
2067  } else if (!strcmp(fl, "Unnamed")) {
2068  if (is_unnamed)
2069  smartlist_add(chosen_flags, (char*)fl);
2070  } else if (!strcmp(fl, "NoEdConsensus")) {
2071  if (ed_consensus <= total_authorities/2)
2072  smartlist_add(chosen_flags, (char*)fl);
2073  } else {
2074  if (flag_counts[fl_sl_idx] > n_flag_voters[fl_sl_idx]/2) {
2075  smartlist_add(chosen_flags, (char*)fl);
2076  if (!strcmp(fl, "Exit"))
2077  is_exit = 1;
2078  else if (!strcmp(fl, "Guard"))
2079  is_guard = 1;
2080  else if (!strcmp(fl, "Running"))
2081  is_running = 1;
2082  else if (!strcmp(fl, "BadExit"))
2083  is_bad_exit = 1;
2084  else if (!strcmp(fl, "Valid"))
2085  is_valid = 1;
2086  }
2087  }
2088  } SMARTLIST_FOREACH_END(fl);
2089 
2090  /* Starting with consensus method 4 we do not list servers
2091  * that are not running in a consensus. See Proposal 138 */
2092  if (!is_running)
2093  continue;
2094 
2095  /* Starting with consensus method 24, we don't list servers
2096  * that are not valid in a consensus. See Proposal 272 */
2097  if (!is_valid)
2098  continue;
2099 
2100  /* Pick the version. */
2101  if (smartlist_len(versions)) {
2102  sort_version_list(versions, 0);
2103  chosen_version = get_most_frequent_member(versions);
2104  } else {
2105  chosen_version = NULL;
2106  }
2107 
2108  /* Pick the protocol list */
2109  if (smartlist_len(protocols)) {
2110  smartlist_sort_strings(protocols);
2111  chosen_protocol_list = get_most_frequent_member(protocols);
2112  } else {
2113  chosen_protocol_list = NULL;
2114  }
2115 
2116  /* If it's a guard and we have enough guardfraction votes,
2117  calculate its consensus guardfraction value. */
2118  if (is_guard && num_guardfraction_inputs > 2) {
2119  rs_out.has_guardfraction = 1;
2120  rs_out.guardfraction_percentage = median_uint32(measured_guardfraction,
2121  num_guardfraction_inputs);
2122  /* final value should be an integer percentage! */
2123  tor_assert(rs_out.guardfraction_percentage <= 100);
2124  }
2125 
2126  /* Pick a bandwidth */
2127  if (num_mbws > 2) {
2128  rs_out.has_bandwidth = 1;
2129  rs_out.bw_is_unmeasured = 0;
2130  rs_out.bandwidth_kb = median_uint32(measured_bws_kb, num_mbws);
2131  } else if (num_bandwidths > 0) {
2132  rs_out.has_bandwidth = 1;
2133  rs_out.bw_is_unmeasured = 1;
2134  rs_out.bandwidth_kb = median_uint32(bandwidths_kb, num_bandwidths);
2135  if (n_authorities_measuring_bandwidth > 2) {
2136  /* Cap non-measured bandwidths. */
2137  if (rs_out.bandwidth_kb > max_unmeasured_bw_kb) {
2138  rs_out.bandwidth_kb = max_unmeasured_bw_kb;
2139  }
2140  }
2141  }
2142 
2143  /* Fix bug 2203: Do not count BadExit nodes as Exits for bw weights */
2144  is_exit = is_exit && !is_bad_exit;
2145 
2146  /* Update total bandwidth weights with the bandwidths of this router. */
2147  {
2149  is_exit, is_guard,
2150  &G, &M, &E, &D, &T);
2151  }
2152 
2153  /* Ok, we already picked a descriptor digest we want to list
2154  * previously. Now we want to use the exit policy summary from
2155  * that descriptor. If everybody plays nice all the voters who
2156  * listed that descriptor will have the same summary. If not then
2157  * something is fishy and we'll use the most common one (breaking
2158  * ties in favor of lexicographically larger one (only because it
2159  * lets me reuse more existing code)).
2160  *
2161  * The other case that can happen is that no authority that voted
2162  * for that descriptor has an exit policy summary. That's
2163  * probably quite unlikely but can happen. In that case we use
2164  * the policy that was most often listed in votes, again breaking
2165  * ties like in the previous case.
2166  */
2167  {
2168  /* Okay, go through all the votes for this router. We prepared
2169  * that list previously */
2170  const char *chosen_exitsummary = NULL;
2171  smartlist_clear(exitsummaries);
2172  SMARTLIST_FOREACH_BEGIN(matching_descs, vote_routerstatus_t *, vsr) {
2173  /* Check if the vote where this status comes from had the
2174  * proper descriptor */
2176  vsr->status.identity_digest,
2177  DIGEST_LEN));
2178  if (vsr->status.has_exitsummary &&
2180  vsr->status.descriptor_digest,
2181  DIGEST_LEN)) {
2182  tor_assert(vsr->status.exitsummary);
2183  smartlist_add(exitsummaries, vsr->status.exitsummary);
2184  if (!chosen_exitsummary) {
2185  chosen_exitsummary = vsr->status.exitsummary;
2186  } else if (strcmp(chosen_exitsummary, vsr->status.exitsummary)) {
2187  /* Great. There's disagreement among the voters. That
2188  * really shouldn't be */
2189  exitsummary_disagreement = 1;
2190  }
2191  }
2192  } SMARTLIST_FOREACH_END(vsr);
2193 
2194  if (exitsummary_disagreement) {
2195  char id[HEX_DIGEST_LEN+1];
2196  char dd[HEX_DIGEST_LEN+1];
2197  base16_encode(id, sizeof(dd), rs_out.identity_digest, DIGEST_LEN);
2198  base16_encode(dd, sizeof(dd), rs_out.descriptor_digest, DIGEST_LEN);
2199  log_warn(LD_DIR, "The voters disagreed on the exit policy summary "
2200  " for router %s with descriptor %s. This really shouldn't"
2201  " have happened.", id, dd);
2202 
2203  smartlist_sort_strings(exitsummaries);
2204  chosen_exitsummary = get_most_frequent_member(exitsummaries);
2205  } else if (!chosen_exitsummary) {
2206  char id[HEX_DIGEST_LEN+1];
2207  char dd[HEX_DIGEST_LEN+1];
2208  base16_encode(id, sizeof(dd), rs_out.identity_digest, DIGEST_LEN);
2209  base16_encode(dd, sizeof(dd), rs_out.descriptor_digest, DIGEST_LEN);
2210  log_warn(LD_DIR, "Not one of the voters that made us select"
2211  "descriptor %s for router %s had an exit policy"
2212  "summary", dd, id);
2213 
2214  /* Ok, none of those voting for the digest we chose had an
2215  * exit policy for us. Well, that kinda sucks.
2216  */
2217  smartlist_clear(exitsummaries);
2218  SMARTLIST_FOREACH(matching_descs, vote_routerstatus_t *, vsr, {
2219  if (vsr->status.has_exitsummary)
2220  smartlist_add(exitsummaries, vsr->status.exitsummary);
2221  });
2222  smartlist_sort_strings(exitsummaries);
2223  chosen_exitsummary = get_most_frequent_member(exitsummaries);
2224 
2225  if (!chosen_exitsummary)
2226  log_warn(LD_DIR, "Wow, not one of the voters had an exit "
2227  "policy summary for %s. Wow.", id);
2228  }
2229 
2230  if (chosen_exitsummary) {
2231  rs_out.has_exitsummary = 1;
2232  /* yea, discards the const */
2233  rs_out.exitsummary = (char *)chosen_exitsummary;
2234  }
2235  }
2236 
2237  if (flavor == FLAV_MICRODESC &&
2238  tor_digest256_is_zero(microdesc_digest)) {
2239  /* With no microdescriptor digest, we omit the entry entirely. */
2240  continue;
2241  }
2242 
2243  {
2244  char *buf;
2245  /* Okay!! Now we can write the descriptor... */
2246  /* First line goes into "buf". */
2247  buf = routerstatus_format_entry(&rs_out, NULL, NULL,
2248  rs_format, NULL);
2249  if (buf)
2250  smartlist_add(chunks, buf);
2251  }
2252  /* Now an m line, if applicable. */
2253  if (flavor == FLAV_MICRODESC &&
2254  !tor_digest256_is_zero(microdesc_digest)) {
2255  char m[BASE64_DIGEST256_LEN+1];
2256  digest256_to_base64(m, microdesc_digest);
2257  smartlist_add_asprintf(chunks, "m %s\n", m);
2258  }
2259  /* Next line is all flags. The "\n" is missing. */
2260  smartlist_add(chunks,
2261  smartlist_join_strings(chosen_flags, " ", 0, NULL));
2262  /* Now the version line. */
2263  if (chosen_version) {
2264  smartlist_add_strdup(chunks, "\nv ");
2265  smartlist_add_strdup(chunks, chosen_version);
2266  }
2267  smartlist_add_strdup(chunks, "\n");
2268  if (chosen_protocol_list) {
2269  smartlist_add_asprintf(chunks, "pr %s\n", chosen_protocol_list);
2270  }
2271  /* Now the weight line. */
2272  if (rs_out.has_bandwidth) {
2273  char *guardfraction_str = NULL;
2274  int unmeasured = rs_out.bw_is_unmeasured;
2275 
2276  /* If we have guardfraction info, include it in the 'w' line. */
2277  if (rs_out.has_guardfraction) {
2278  tor_asprintf(&guardfraction_str,
2279  " GuardFraction=%u", rs_out.guardfraction_percentage);
2280  }
2281  smartlist_add_asprintf(chunks, "w Bandwidth=%d%s%s\n",
2282  rs_out.bandwidth_kb,
2283  unmeasured?" Unmeasured=1":"",
2284  guardfraction_str ? guardfraction_str : "");
2285 
2286  tor_free(guardfraction_str);
2287  }
2288 
2289  /* Now the exitpolicy summary line. */
2290  if (rs_out.has_exitsummary && flavor == FLAV_NS) {
2291  smartlist_add_asprintf(chunks, "p %s\n", rs_out.exitsummary);
2292  }
2293 
2294  /* And the loop is over and we move on to the next router */
2295  }
2296 
2297  tor_free(size);
2298  tor_free(n_voter_flags);
2299  tor_free(n_flag_voters);
2300  for (i = 0; i < smartlist_len(votes); ++i)
2301  tor_free(flag_map[i]);
2302  tor_free(flag_map);
2303  tor_free(flag_counts);
2304  tor_free(named_flag);
2305  tor_free(unnamed_flag);
2306  strmap_free(name_to_id_map, NULL);
2307  smartlist_free(matching_descs);
2308  smartlist_free(chosen_flags);
2309  smartlist_free(versions);
2310  smartlist_free(protocols);
2311  smartlist_free(exitsummaries);
2312  tor_free(bandwidths_kb);
2313  tor_free(measured_bws_kb);
2314  tor_free(measured_guardfraction);
2315  }
2316 
2317  /* Mark the directory footer region */
2318  smartlist_add_strdup(chunks, "directory-footer\n");
2319 
2320  {
2321  int64_t weight_scale = BW_WEIGHT_SCALE;
2322  char *bw_weight_param = NULL;
2323 
2324  // Parse params, extract BW_WEIGHT_SCALE if present
2325  // DO NOT use consensus_param_bw_weight_scale() in this code!
2326  // The consensus is not formed yet!
2327  /* XXXX Extract this code into a common function. Or not: #19011. */
2328  if (params) {
2329  if (strcmpstart(params, "bwweightscale=") == 0)
2330  bw_weight_param = params;
2331  else
2332  bw_weight_param = strstr(params, " bwweightscale=");
2333  }
2334 
2335  if (bw_weight_param) {
2336  int ok=0;
2337  char *eq = strchr(bw_weight_param, '=');
2338  if (eq) {
2339  weight_scale = tor_parse_long(eq+1, 10, 1, INT32_MAX, &ok,
2340  NULL);
2341  if (!ok) {
2342  log_warn(LD_DIR, "Bad element '%s' in bw weight param",
2343  escaped(bw_weight_param));
2344  weight_scale = BW_WEIGHT_SCALE;
2345  }
2346  } else {
2347  log_warn(LD_DIR, "Bad element '%s' in bw weight param",
2348  escaped(bw_weight_param));
2349  weight_scale = BW_WEIGHT_SCALE;
2350  }
2351  }
2352 
2353  added_weights = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D,
2354  T, weight_scale);
2355  }
2356 
2357  /* Add a signature. */
2358  {
2359  char digest[DIGEST256_LEN];
2360  char fingerprint[HEX_DIGEST_LEN+1];
2361  char signing_key_fingerprint[HEX_DIGEST_LEN+1];
2362  digest_algorithm_t digest_alg =
2363  flavor == FLAV_NS ? DIGEST_SHA1 : DIGEST_SHA256;
2364  size_t digest_len =
2365  flavor == FLAV_NS ? DIGEST_LEN : DIGEST256_LEN;
2366  const char *algname = crypto_digest_algorithm_get_name(digest_alg);
2367  char *signature;
2368 
2369  smartlist_add_strdup(chunks, "directory-signature ");
2370 
2371  /* Compute the hash of the chunks. */
2372  crypto_digest_smartlist(digest, digest_len, chunks, "", digest_alg);
2373 
2374  /* Get the fingerprints */
2375  crypto_pk_get_fingerprint(identity_key, fingerprint, 0);
2376  crypto_pk_get_fingerprint(signing_key, signing_key_fingerprint, 0);
2377 
2378  /* add the junk that will go at the end of the line. */
2379  if (flavor == FLAV_NS) {
2380  smartlist_add_asprintf(chunks, "%s %s\n", fingerprint,
2381  signing_key_fingerprint);
2382  } else {
2383  smartlist_add_asprintf(chunks, "%s %s %s\n",
2384  algname, fingerprint,
2385  signing_key_fingerprint);
2386  }
2387  /* And the signature. */
2388  if (!(signature = router_get_dirobj_signature(digest, digest_len,
2389  signing_key))) {
2390  log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
2391  goto done;
2392  }
2393  smartlist_add(chunks, signature);
2394 
2395  if (legacy_id_key_digest && legacy_signing_key) {
2396  smartlist_add_strdup(chunks, "directory-signature ");
2397  base16_encode(fingerprint, sizeof(fingerprint),
2398  legacy_id_key_digest, DIGEST_LEN);
2400  signing_key_fingerprint, 0);
2401  if (flavor == FLAV_NS) {
2402  smartlist_add_asprintf(chunks, "%s %s\n", fingerprint,
2403  signing_key_fingerprint);
2404  } else {
2405  smartlist_add_asprintf(chunks, "%s %s %s\n",
2406  algname, fingerprint,
2407  signing_key_fingerprint);
2408  }
2409 
2410  if (!(signature = router_get_dirobj_signature(digest, digest_len,
2411  legacy_signing_key))) {
2412  log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
2413  goto done;
2414  }
2415  smartlist_add(chunks, signature);
2416  }
2417  }
2418 
2419  result = smartlist_join_strings(chunks, "", 0, NULL);
2420 
2421  {
2422  networkstatus_t *c;
2423  if (!(c = networkstatus_parse_vote_from_string(result, strlen(result),
2424  NULL,
2425  NS_TYPE_CONSENSUS))) {
2426  log_err(LD_BUG, "Generated a networkstatus consensus we couldn't "
2427  "parse.");
2428  tor_free(result);
2429  goto done;
2430  }
2431  // Verify balancing parameters
2432  if (added_weights) {
2433  networkstatus_verify_bw_weights(c, consensus_method);
2434  }
2435  networkstatus_vote_free(c);
2436  }
2437 
2438  done:
2439 
2440  dircollator_free(collator);
2441  tor_free(client_versions);
2442  tor_free(server_versions);
2443  tor_free(packages);
2444  SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp));
2445  smartlist_free(flags);
2446  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
2447  smartlist_free(chunks);
2448  SMARTLIST_FOREACH(param_list, char *, cp, tor_free(cp));
2449  smartlist_free(param_list);
2450 
2451  return result;
2452 }
2453 
2454 /** Given a list of networkstatus_t for each vote, return a newly allocated
2455  * string containing the "package" lines for the vote. */
2456 STATIC char *
2458 {
2459  const int n_votes = smartlist_len(votes);
2460 
2461  /* This will be a map from "packagename version" strings to arrays
2462  * of const char *, with the i'th member of the array corresponding to the
2463  * package line from the i'th vote.
2464  */
2465  strmap_t *package_status = strmap_new();
2466 
2468  if (! v->package_lines)
2469  continue;
2470  SMARTLIST_FOREACH_BEGIN(v->package_lines, const char *, line) {
2472  continue;
2473 
2474  /* Skip 'cp' to the second space in the line. */
2475  const char *cp = strchr(line, ' ');
2476  if (!cp) continue;
2477  ++cp;
2478  cp = strchr(cp, ' ');
2479  if (!cp) continue;
2480 
2481  char *key = tor_strndup(line, cp - line);
2482 
2483  const char **status = strmap_get(package_status, key);
2484  if (!status) {
2485  status = tor_calloc(n_votes, sizeof(const char *));
2486  strmap_set(package_status, key, status);
2487  }
2488  status[v_sl_idx] = line; /* overwrite old value */
2489  tor_free(key);
2490  } SMARTLIST_FOREACH_END(line);
2491  } SMARTLIST_FOREACH_END(v);
2492 
2493  smartlist_t *entries = smartlist_new(); /* temporary */
2494  smartlist_t *result_list = smartlist_new(); /* output */
2495  STRMAP_FOREACH(package_status, key, const char **, values) {
2496  int i, count=-1;
2497  for (i = 0; i < n_votes; ++i) {
2498  if (values[i])
2499  smartlist_add(entries, (void*) values[i]);
2500  }
2501  smartlist_sort_strings(entries);
2502  int n_voting_for_entry = smartlist_len(entries);
2503  const char *most_frequent =
2504  smartlist_get_most_frequent_string_(entries, &count);
2505 
2506  if (n_voting_for_entry >= 3 && count > n_voting_for_entry / 2) {
2507  smartlist_add_asprintf(result_list, "package %s\n", most_frequent);
2508  }
2509 
2510  smartlist_clear(entries);
2511 
2512  } STRMAP_FOREACH_END;
2513 
2514  smartlist_sort_strings(result_list);
2515 
2516  char *result = smartlist_join_strings(result_list, "", 0, NULL);
2517 
2518  SMARTLIST_FOREACH(result_list, char *, cp, tor_free(cp));
2519  smartlist_free(result_list);
2520  smartlist_free(entries);
2521  strmap_free(package_status, tor_free_);
2522 
2523  return result;
2524 }
2525 
2526 /** Given a consensus vote <b>target</b> and a set of detached signatures in
2527  * <b>sigs</b> that correspond to the same consensus, check whether there are
2528  * any new signatures in <b>src_voter_list</b> that should be added to
2529  * <b>target</b>. (A signature should be added if we have no signature for that
2530  * voter in <b>target</b> yet, or if we have no verifiable signature and the
2531  * new signature is verifiable.)
2532  *
2533  * Return the number of signatures added or changed, or -1 if the document
2534  * signatures are invalid. Sets *<b>msg_out</b> to a string constant
2535  * describing the signature status.
2536  */
2537 STATIC int
2540  const char *source,
2541  int severity,
2542  const char **msg_out)
2543 {
2544  int r = 0;
2545  const char *flavor;
2546  smartlist_t *siglist;
2547  tor_assert(sigs);
2548  tor_assert(target);
2549  tor_assert(target->type == NS_TYPE_CONSENSUS);
2550 
2551  flavor = networkstatus_get_flavor_name(target->flavor);
2552 
2553  /* Do the times seem right? */
2554  if (target->valid_after != sigs->valid_after) {
2555  *msg_out = "Valid-After times do not match "
2556  "when adding detached signatures to consensus";
2557  return -1;
2558  }
2559  if (target->fresh_until != sigs->fresh_until) {
2560  *msg_out = "Fresh-until times do not match "
2561  "when adding detached signatures to consensus";
2562  return -1;
2563  }
2564  if (target->valid_until != sigs->valid_until) {
2565  *msg_out = "Valid-until times do not match "
2566  "when adding detached signatures to consensus";
2567  return -1;
2568  }
2569  siglist = strmap_get(sigs->signatures, flavor);
2570  if (!siglist) {
2571  *msg_out = "No signatures for given consensus flavor";
2572  return -1;
2573  }
2574 
2575  /** Make sure all the digests we know match, and at least one matches. */
2576  {
2577  common_digests_t *digests = strmap_get(sigs->digests, flavor);
2578  int n_matches = 0;
2579  int alg;
2580  if (!digests) {
2581  *msg_out = "No digests for given consensus flavor";
2582  return -1;
2583  }
2584  for (alg = DIGEST_SHA1; alg < N_COMMON_DIGEST_ALGORITHMS; ++alg) {
2585  if (!fast_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
2586  if (fast_memeq(target->digests.d[alg], digests->d[alg],
2587  DIGEST256_LEN)) {
2588  ++n_matches;
2589  } else {
2590  *msg_out = "Mismatched digest.";
2591  return -1;
2592  }
2593  }
2594  }
2595  if (!n_matches) {
2596  *msg_out = "No recognized digests for given consensus flavor";
2597  }
2598  }
2599 
2600  /* For each voter in src... */
2602  char voter_identity[HEX_DIGEST_LEN+1];
2603  networkstatus_voter_info_t *target_voter =
2604  networkstatus_get_voter_by_id(target, sig->identity_digest);
2605  authority_cert_t *cert = NULL;
2606  const char *algorithm;
2607  document_signature_t *old_sig = NULL;
2608 
2609  algorithm = crypto_digest_algorithm_get_name(sig->alg);
2610 
2611  base16_encode(voter_identity, sizeof(voter_identity),
2612  sig->identity_digest, DIGEST_LEN);
2613  log_info(LD_DIR, "Looking at signature from %s using %s", voter_identity,
2614  algorithm);
2615  /* If the target doesn't know about this voter, then forget it. */
2616  if (!target_voter) {
2617  log_info(LD_DIR, "We do not know any voter with ID %s", voter_identity);
2618  continue;
2619  }
2620 
2621  old_sig = networkstatus_get_voter_sig_by_alg(target_voter, sig->alg);
2622 
2623  /* If the target already has a good signature from this voter, then skip
2624  * this one. */
2625  if (old_sig && old_sig->good_signature) {
2626  log_info(LD_DIR, "We already have a good signature from %s using %s",
2627  voter_identity, algorithm);
2628  continue;
2629  }
2630 
2631  /* Try checking the signature if we haven't already. */
2632  if (!sig->good_signature && !sig->bad_signature) {
2633  cert = authority_cert_get_by_digests(sig->identity_digest,
2634  sig->signing_key_digest);
2635  if (cert) {
2636  /* Not checking the return value here, since we are going to look
2637  * at the status of sig->good_signature in a moment. */
2638  (void) networkstatus_check_document_signature(target, sig, cert);
2639  }
2640  }
2641 
2642  /* If this signature is good, or we don't have any signature yet,
2643  * then maybe add it. */
2644  if (sig->good_signature || !old_sig || old_sig->bad_signature) {
2645  log_info(LD_DIR, "Adding signature from %s with %s", voter_identity,
2646  algorithm);
2647  tor_log(severity, LD_DIR, "Added a signature for %s from %s.",
2648  target_voter->nickname, source);
2649  ++r;
2650  if (old_sig) {
2651  smartlist_remove(target_voter->sigs, old_sig);
2652  document_signature_free(old_sig);
2653  }
2654  smartlist_add(target_voter->sigs, document_signature_dup(sig));
2655  } else {
2656  log_info(LD_DIR, "Not adding signature from %s", voter_identity);
2657  }
2658  } SMARTLIST_FOREACH_END(sig);
2659 
2660  return r;
2661 }
2662 
2663 /** Return a newly allocated string containing all the signatures on
2664  * <b>consensus</b> by all voters. If <b>for_detached_signatures</b> is true,
2665  * then the signatures will be put in a detached signatures document, so
2666  * prefix any non-NS-flavored signatures with "additional-signature" rather
2667  * than "directory-signature". */
2668 static char *
2670  int for_detached_signatures)
2671 {
2672  smartlist_t *elements;
2673  char buf[4096];
2674  char *result = NULL;
2675  int n_sigs = 0;
2676  const consensus_flavor_t flavor = consensus->flavor;
2677  const char *flavor_name = networkstatus_get_flavor_name(flavor);
2678  const char *keyword;
2679 
2680  if (for_detached_signatures && flavor != FLAV_NS)
2681  keyword = "additional-signature";
2682  else
2683  keyword = "directory-signature";
2684 
2685  elements = smartlist_new();
2686 
2689  char sk[HEX_DIGEST_LEN+1];
2690  char id[HEX_DIGEST_LEN+1];
2691  if (!sig->signature || sig->bad_signature)
2692  continue;
2693  ++n_sigs;
2694  base16_encode(sk, sizeof(sk), sig->signing_key_digest, DIGEST_LEN);
2695  base16_encode(id, sizeof(id), sig->identity_digest, DIGEST_LEN);
2696  if (flavor == FLAV_NS) {
2697  smartlist_add_asprintf(elements,
2698  "%s %s %s\n-----BEGIN SIGNATURE-----\n",
2699  keyword, id, sk);
2700  } else {
2701  const char *digest_name =
2703  smartlist_add_asprintf(elements,
2704  "%s%s%s %s %s %s\n-----BEGIN SIGNATURE-----\n",
2705  keyword,
2706  for_detached_signatures ? " " : "",
2707  for_detached_signatures ? flavor_name : "",
2708  digest_name, id, sk);
2709  }
2710  base64_encode(buf, sizeof(buf), sig->signature, sig->signature_len,
2711  BASE64_ENCODE_MULTILINE);
2712  strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf));
2713  smartlist_add_strdup(elements, buf);
2714  } SMARTLIST_FOREACH_END(sig);
2715  } SMARTLIST_FOREACH_END(v);
2716 
2717  result = smartlist_join_strings(elements, "", 0, NULL);
2718  SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
2719  smartlist_free(elements);
2720  if (!n_sigs)
2721  tor_free(result);
2722  return result;
2723 }
2724 
2725 /** Return a newly allocated string holding the detached-signatures document
2726  * corresponding to the signatures on <b>consensuses</b>, which must contain
2727  * exactly one FLAV_NS consensus, and no more than one consensus for each
2728  * other flavor. */
2729 STATIC char *
2731 {
2732  smartlist_t *elements;
2733  char *result = NULL, *sigs = NULL;
2734  networkstatus_t *consensus_ns = NULL;
2735  tor_assert(consensuses);
2736 
2737  SMARTLIST_FOREACH(consensuses, networkstatus_t *, ns, {
2738  tor_assert(ns);
2739  tor_assert(ns->type == NS_TYPE_CONSENSUS);
2740  if (ns && ns->flavor == FLAV_NS)
2741  consensus_ns = ns;
2742  });
2743  if (!consensus_ns) {
2744  log_warn(LD_BUG, "No NS consensus given.");
2745  return NULL;
2746  }
2747 
2748  elements = smartlist_new();
2749 
2750  {
2751  char va_buf[ISO_TIME_LEN+1], fu_buf[ISO_TIME_LEN+1],
2752  vu_buf[ISO_TIME_LEN+1];
2753  char d[HEX_DIGEST_LEN+1];
2754 
2755  base16_encode(d, sizeof(d),
2756  consensus_ns->digests.d[DIGEST_SHA1], DIGEST_LEN);
2757  format_iso_time(va_buf, consensus_ns->valid_after);
2758  format_iso_time(fu_buf, consensus_ns->fresh_until);
2759  format_iso_time(vu_buf, consensus_ns->valid_until);
2760 
2761  smartlist_add_asprintf(elements,
2762  "consensus-digest %s\n"
2763  "valid-after %s\n"
2764  "fresh-until %s\n"
2765  "valid-until %s\n", d, va_buf, fu_buf, vu_buf);
2766  }
2767 
2768  /* Get all the digests for the non-FLAV_NS consensuses */
2769  SMARTLIST_FOREACH_BEGIN(consensuses, networkstatus_t *, ns) {
2770  const char *flavor_name = networkstatus_get_flavor_name(ns->flavor);
2771  int alg;
2772  if (ns->flavor == FLAV_NS)
2773  continue;
2774 
2775  /* start with SHA256; we don't include SHA1 for anything but the basic
2776  * consensus. */
2777  for (alg = DIGEST_SHA256; alg < N_COMMON_DIGEST_ALGORITHMS; ++alg) {
2778  char d[HEX_DIGEST256_LEN+1];
2779  const char *alg_name =
2781  if (fast_mem_is_zero(ns->digests.d[alg], DIGEST256_LEN))
2782  continue;
2783  base16_encode(d, sizeof(d), ns->digests.d[alg], DIGEST256_LEN);
2784  smartlist_add_asprintf(elements, "additional-digest %s %s %s\n",
2785  flavor_name, alg_name, d);
2786  }
2787  } SMARTLIST_FOREACH_END(ns);
2788 
2789  /* Now get all the sigs for non-FLAV_NS consensuses */
2790  SMARTLIST_FOREACH_BEGIN(consensuses, networkstatus_t *, ns) {
2791  char *sigs_on_this_consensus;
2792  if (ns->flavor == FLAV_NS)
2793  continue;
2794  sigs_on_this_consensus = networkstatus_format_signatures(ns, 1);
2795  if (!sigs_on_this_consensus) {
2796  log_warn(LD_DIR, "Couldn't format signatures");
2797  goto err;
2798  }
2799  smartlist_add(elements, sigs_on_this_consensus);
2800  } SMARTLIST_FOREACH_END(ns);
2801 
2802  /* Now add the FLAV_NS consensus signatrures. */
2803  sigs = networkstatus_format_signatures(consensus_ns, 1);
2804  if (!sigs)
2805  goto err;
2806  smartlist_add(elements, sigs);
2807 
2808  result = smartlist_join_strings(elements, "", 0, NULL);
2809  err:
2810  SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
2811  smartlist_free(elements);
2812  return result;
2813 }
2814 
2815 /** Return a newly allocated string holding a detached-signatures document for
2816  * all of the in-progress consensuses in the <b>n_flavors</b>-element array at
2817  * <b>pending</b>. */
2818 static char *
2820  int n_flavors)
2821 {
2822  int flav;
2823  char *signatures;
2824  smartlist_t *c = smartlist_new();
2825  for (flav = 0; flav < n_flavors; ++flav) {
2826  if (pending[flav].consensus)
2827  smartlist_add(c, pending[flav].consensus);
2828  }
2829  signatures = networkstatus_get_detached_signatures(c);
2830  smartlist_free(c);
2831  return signatures;
2832 }
2833 
2834 /**
2835  * Entry point: Take whatever voting actions are pending as of <b>now</b>.
2836  *
2837  * Return the time at which the next action should be taken.
2838  */
2839 time_t
2840 dirvote_act(const or_options_t *options, time_t now)
2841 {
2842  if (!authdir_mode_v3(options))
2843  return TIME_MAX;
2844  tor_assert_nonfatal(voting_schedule.voting_starts);
2845  /* If we haven't initialized this object through this codeflow, we need to
2846  * recalculate the timings to match our vote. The reason to do that is if we
2847  * have a voting schedule initialized 1 minute ago, the voting timings might
2848  * not be aligned to what we should expect with "now". This is especially
2849  * true for TestingTorNetwork using smaller timings. */
2850  if (voting_schedule.created_on_demand) {
2851  char *keys = list_v3_auth_ids();
2853  log_notice(LD_DIR, "Scheduling voting. Known authority IDs are %s. "
2854  "Mine is %s.",
2856  tor_free(keys);
2857  dirauth_sched_recalculate_timing(options, now);
2858  }
2859 
2860 #define IF_TIME_FOR_NEXT_ACTION(when_field, done_field) \
2861  if (! voting_schedule.done_field) { \
2862  if (voting_schedule.when_field > now) { \
2863  return voting_schedule.when_field; \
2864  } else {
2865 #define ENDIF \
2866  } \
2867  }
2868 
2869  IF_TIME_FOR_NEXT_ACTION(voting_starts, have_voted) {
2870  log_notice(LD_DIR, "Time to vote.");
2872  voting_schedule.have_voted = 1;
2873  } ENDIF
2874  IF_TIME_FOR_NEXT_ACTION(fetch_missing_votes, have_fetched_missing_votes) {
2875  log_notice(LD_DIR, "Time to fetch any votes that we're missing.");
2877  voting_schedule.have_fetched_missing_votes = 1;
2878  } ENDIF
2879  IF_TIME_FOR_NEXT_ACTION(voting_ends, have_built_consensus) {
2880  log_notice(LD_DIR, "Time to compute a consensus.");
2882  /* XXXX We will want to try again later if we haven't got enough
2883  * votes yet. Implement this if it turns out to ever happen. */
2884  voting_schedule.have_built_consensus = 1;
2885  } ENDIF
2886  IF_TIME_FOR_NEXT_ACTION(fetch_missing_signatures,
2887  have_fetched_missing_signatures) {
2888  log_notice(LD_DIR, "Time to fetch any signatures that we're missing.");
2890  voting_schedule.have_fetched_missing_signatures = 1;
2891  } ENDIF
2892  IF_TIME_FOR_NEXT_ACTION(interval_starts,
2893  have_published_consensus) {
2894  log_notice(LD_DIR, "Time to publish the consensus and discard old votes");
2897  voting_schedule.have_published_consensus = 1;
2898  /* Update our shared random state with the consensus just published. */
2901  /* XXXX We will want to try again later if we haven't got enough
2902  * signatures yet. Implement this if it turns out to ever happen. */
2903  dirauth_sched_recalculate_timing(options, now);
2904  return voting_schedule.voting_starts;
2905  } ENDIF
2906 
2908  return now + 1;
2909 
2910 #undef ENDIF
2911 #undef IF_TIME_FOR_NEXT_ACTION
2912 }
2913 
2914 /** A vote networkstatus_t and its unparsed body: held around so we can
2915  * use it to generate a consensus (at voting_ends) and so we can serve it to
2916  * other authorities that might want it. */
2917 typedef struct pending_vote_t {
2918  cached_dir_t *vote_body;
2919  networkstatus_t *vote;
2920 } pending_vote_t;
2921 
2922 /** List of pending_vote_t for the current vote. Before we've used them to
2923  * build a consensus, the votes go here. */
2925 /** List of pending_vote_t for the previous vote. After we've used them to
2926  * build a consensus, the votes go here for the next period. */
2928 
2929 /* DOCDOC pending_consensuses */
2930 static pending_consensus_t pending_consensuses[N_CONSENSUS_FLAVORS];
2931 
2932 /** The detached signatures for the consensus that we're currently
2933  * building. */
2934 static char *pending_consensus_signatures = NULL;
2935 
2936 /** List of ns_detached_signatures_t: hold signatures that get posted to us
2937  * before we have generated the consensus on our own. */
2939 
2940 /** Generate a networkstatus vote and post it to all the v3 authorities.
2941  * (V3 Authority only) */
2942 static int
2944 {
2947  networkstatus_t *ns;
2948  char *contents;
2949  pending_vote_t *pending_vote;
2950  time_t now = time(NULL);
2951 
2952  int status;
2953  const char *msg = "";
2954 
2955  if (!cert || !key) {
2956  log_warn(LD_NET, "Didn't find key/certificate to generate v3 vote");
2957  return -1;
2958  } else if (cert->expires < now) {
2959  log_warn(LD_NET, "Can't generate v3 vote with expired certificate");
2960  return -1;
2961  }
2962  if (!(ns = dirserv_generate_networkstatus_vote_obj(key, cert)))
2963  return -1;
2964 
2965  contents = format_networkstatus_vote(key, ns);
2966  networkstatus_vote_free(ns);
2967  if (!contents)
2968  return -1;
2969 
2970  pending_vote = dirvote_add_vote(contents, 0, &msg, &status);
2971  tor_free(contents);
2972  if (!pending_vote) {
2973  log_warn(LD_DIR, "Couldn't store my own vote! (I told myself, '%s'.)",
2974  msg);
2975  return -1;
2976  }
2977 
2980  V3_DIRINFO,
2981  pending_vote->vote_body->dir,
2982  pending_vote->vote_body->dir_len, 0);
2983  log_notice(LD_DIR, "Vote posted.");
2984  return 0;
2985 }
2986 
2987 /** Send an HTTP request to every other v3 authority, for the votes of every
2988  * authority for which we haven't received a vote yet in this period. (V3
2989  * authority only) */
2990 static void
2992 {
2993  smartlist_t *missing_fps = smartlist_new();
2994  char *resource;
2995 
2996  SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
2997  dir_server_t *, ds) {
2998  if (!(ds->type & V3_DIRINFO))
2999  continue;
3000  if (!dirvote_get_vote(ds->v3_identity_digest,
3001  DGV_BY_ID|DGV_INCLUDE_PENDING)) {
3002  char *cp = tor_malloc(HEX_DIGEST_LEN+1);
3003  base16_encode(cp, HEX_DIGEST_LEN+1, ds->v3_identity_digest,
3004  DIGEST_LEN);
3005  smartlist_add(missing_fps, cp);
3006  }
3007  } SMARTLIST_FOREACH_END(ds);
3008 
3009  if (!smartlist_len(missing_fps)) {
3010  smartlist_free(missing_fps);
3011  return;
3012  }
3013  {
3014  char *tmp = smartlist_join_strings(missing_fps, " ", 0, NULL);
3015  log_notice(LOG_NOTICE, "We're missing votes from %d authorities (%s). "
3016  "Asking every other authority for a copy.",
3017  smartlist_len(missing_fps), tmp);
3018  tor_free(tmp);
3019  }
3020  resource = smartlist_join_strings(missing_fps, "+", 0, NULL);
3022  0, resource);
3023  tor_free(resource);
3024  SMARTLIST_FOREACH(missing_fps, char *, cp, tor_free(cp));
3025  smartlist_free(missing_fps);
3026 }
3027 
3028 /** Send a request to every other authority for its detached signatures,
3029  * unless we have signatures from all other v3 authorities already. */
3030 static void
3032 {
3033  int need_any = 0;
3034  int i;
3035  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
3036  networkstatus_t *consensus = pending_consensuses[i].consensus;
3037  if (!consensus ||
3038  networkstatus_check_consensus_signature(consensus, -1) == 1) {
3039  /* We have no consensus, or we have one that's signed by everybody. */
3040  continue;
3041  }
3042  need_any = 1;
3043  }
3044  if (!need_any)
3045  return;
3046 
3048  0, NULL);
3049 }
3050 
3051 /** Release all storage held by pending consensuses (those waiting for
3052  * signatures). */
3053 static void
3055 {
3056  int i;
3057  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3058  pending_consensus_t *pc = &pending_consensuses[i];
3059  tor_free(pc->body);
3060 
3061  networkstatus_vote_free(pc->consensus);
3062  pc->consensus = NULL;
3063  }
3064 }
3065 
3066 /** Drop all currently pending votes, consensus, and detached signatures. */
3067 static void
3068 dirvote_clear_votes(int all_votes)
3069 {
3070  if (!previous_vote_list)
3072  if (!pending_vote_list)
3074 
3075  /* All "previous" votes are now junk. */
3077  cached_dir_decref(v->vote_body);
3078  v->vote_body = NULL;
3079  networkstatus_vote_free(v->vote);
3080  tor_free(v);
3081  });
3083 
3084  if (all_votes) {
3085  /* If we're dumping all the votes, we delete the pending ones. */
3087  cached_dir_decref(v->vote_body);
3088  v->vote_body = NULL;
3089  networkstatus_vote_free(v->vote);
3090  tor_free(v);
3091  });
3092  } else {
3093  /* Otherwise, we move them into "previous". */
3095  }
3097 
3100  tor_free(cp));
3102  }
3105 }
3106 
3107 /** Return a newly allocated string containing the hex-encoded v3 authority
3108  identity digest of every recognized v3 authority. */
3109 static char *
3111 {
3112  smartlist_t *known_v3_keys = smartlist_new();
3113  char *keys;
3114  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
3115  dir_server_t *, ds,
3116  if ((ds->type & V3_DIRINFO) &&
3117  !tor_digest_is_zero(ds->v3_identity_digest))
3118  smartlist_add(known_v3_keys,
3119  tor_strdup(hex_str(ds->v3_identity_digest, DIGEST_LEN))));
3120  keys = smartlist_join_strings(known_v3_keys, ", ", 0, NULL);
3121  SMARTLIST_FOREACH(known_v3_keys, char *, cp, tor_free(cp));
3122  smartlist_free(known_v3_keys);
3123  return keys;
3124 }
3125 
3126 /* Check the voter information <b>vi</b>, and assert that at least one
3127  * signature is good. Asserts on failure. */
3128 static void
3129 assert_any_sig_good(const networkstatus_voter_info_t *vi)
3130 {
3131  int any_sig_good = 0;
3133  if (sig->good_signature)
3134  any_sig_good = 1);
3135  tor_assert(any_sig_good);
3136 }
3137 
3138 /* Add <b>cert</b> to our list of known authority certificates. */
3139 static void
3140 add_new_cert_if_needed(const struct authority_cert_t *cert)
3141 {
3142  tor_assert(cert);
3144  cert->signing_key_digest)) {
3145  /* Hey, it's a new cert! */
3148  TRUSTED_DIRS_CERTS_SRC_FROM_VOTE, 1 /*flush*/,
3149  NULL);
3151  cert->signing_key_digest)) {
3152  log_warn(LD_BUG, "We added a cert, but still couldn't find it.");
3153  }
3154  }
3155 }
3156 
3157 /** Called when we have received a networkstatus vote in <b>vote_body</b>.
3158  * Parse and validate it, and on success store it as a pending vote (which we
3159  * then return). Return NULL on failure. Sets *<b>msg_out</b> and
3160  * *<b>status_out</b> to an HTTP response and status code. (V3 authority
3161  * only) */
3163 dirvote_add_vote(const char *vote_body, time_t time_posted,
3164  const char **msg_out, int *status_out)
3165 {
3166  networkstatus_t *vote;
3168  dir_server_t *ds;
3169  pending_vote_t *pending_vote = NULL;
3170  const char *end_of_vote = NULL;
3171  int any_failed = 0;
3172  tor_assert(vote_body);
3173  tor_assert(msg_out);
3174  tor_assert(status_out);
3175 
3176  if (!pending_vote_list)
3178  *status_out = 0;
3179  *msg_out = NULL;
3180 
3181  again:
3182  vote = networkstatus_parse_vote_from_string(vote_body, strlen(vote_body),
3183  &end_of_vote,
3184  NS_TYPE_VOTE);
3185  if (!end_of_vote)
3186  end_of_vote = vote_body + strlen(vote_body);
3187  if (!vote) {
3188  log_warn(LD_DIR, "Couldn't parse vote: length was %d",
3189  (int)strlen(vote_body));
3190  *msg_out = "Unable to parse vote";
3191  goto err;
3192  }
3193  tor_assert(smartlist_len(vote->voters) == 1);
3194  vi = get_voter(vote);
3195  assert_any_sig_good(vi);
3197  if (!ds) {
3198  char *keys = list_v3_auth_ids();
3199  log_warn(LD_DIR, "Got a vote from an authority (nickname %s, address %s) "
3200  "with authority key ID %s. "
3201  "This key ID is not recognized. Known v3 key IDs are: %s",
3202  vi->nickname, vi->address,
3203  hex_str(vi->identity_digest, DIGEST_LEN), keys);
3204  tor_free(keys);
3205  *msg_out = "Vote not from a recognized v3 authority";
3206  goto err;
3207  }
3208  add_new_cert_if_needed(vote->cert);
3209 
3210  /* Is it for the right period? */
3211  if (vote->valid_after != voting_schedule.interval_starts) {
3212  char tbuf1[ISO_TIME_LEN+1], tbuf2[ISO_TIME_LEN+1];
3213  format_iso_time(tbuf1, vote->valid_after);
3214  format_iso_time(tbuf2, voting_schedule.interval_starts);
3215  log_warn(LD_DIR, "Rejecting vote from %s with valid-after time of %s; "
3216  "we were expecting %s", vi->address, tbuf1, tbuf2);
3217  *msg_out = "Bad valid-after time";
3218  goto err;
3219  }
3220 
3221  /* Check if we received it, as a post, after the cutoff when we
3222  * start asking other dir auths for it. If we do, the best plan
3223  * is to discard it, because using it greatly increases the chances
3224  * of a split vote for this round (some dir auths got it in time,
3225  * some didn't). */
3226  if (time_posted && time_posted > voting_schedule.fetch_missing_votes) {
3227  char tbuf1[ISO_TIME_LEN+1], tbuf2[ISO_TIME_LEN+1];
3228  format_iso_time(tbuf1, time_posted);
3229  format_iso_time(tbuf2, voting_schedule.fetch_missing_votes);
3230  log_warn(LD_DIR, "Rejecting posted vote from %s received at %s; "
3231  "our cutoff for received votes is %s. Check your clock, "
3232  "CPU load, and network load. Also check the authority that "
3233  "posted the vote.", vi->address, tbuf1, tbuf2);
3234  *msg_out = "Posted vote received too late, would be dangerous to count it";
3235  goto err;
3236  }
3237 
3238  /* Fetch any new router descriptors we just learned about */
3239  update_consensus_router_descriptor_downloads(time(NULL), 1, vote);
3240 
3241  /* Now see whether we already have a vote from this authority. */
3243  if (fast_memeq(v->vote->cert->cache_info.identity_digest,
3245  DIGEST_LEN)) {
3246  networkstatus_voter_info_t *vi_old = get_voter(v->vote);
3247  if (fast_memeq(vi_old->vote_digest, vi->vote_digest, DIGEST_LEN)) {
3248  /* Ah, it's the same vote. Not a problem. */
3249  log_info(LD_DIR, "Discarding a vote we already have (from %s).",
3250  vi->address);
3251  if (*status_out < 200)
3252  *status_out = 200;
3253  goto discard;
3254  } else if (v->vote->published < vote->published) {
3255  log_notice(LD_DIR, "Replacing an older pending vote from this "
3256  "directory (%s)", vi->address);
3257  cached_dir_decref(v->vote_body);
3258  networkstatus_vote_free(v->vote);
3259  v->vote_body = new_cached_dir(tor_strndup(vote_body,
3260  end_of_vote-vote_body),
3261  vote->published);
3262  v->vote = vote;
3263  if (end_of_vote &&
3264  !strcmpstart(end_of_vote, "network-status-version"))
3265  goto again;
3266 
3267  if (*status_out < 200)
3268  *status_out = 200;
3269  if (!*msg_out)
3270  *msg_out = "OK";
3271  return v;
3272  } else {
3273  *msg_out = "Already have a newer pending vote";
3274  goto err;
3275  }
3276  }
3277  } SMARTLIST_FOREACH_END(v);
3278 
3279  /* This a valid vote, update our shared random state. */
3280  sr_handle_received_commits(vote->sr_info.commits,
3281  vote->cert->identity_key);
3282 
3283  pending_vote = tor_malloc_zero(sizeof(pending_vote_t));
3284  pending_vote->vote_body = new_cached_dir(tor_strndup(vote_body,
3285  end_of_vote-vote_body),
3286  vote->published);
3287  pending_vote->vote = vote;
3288  smartlist_add(pending_vote_list, pending_vote);
3289 
3290  if (!strcmpstart(end_of_vote, "network-status-version ")) {
3291  vote_body = end_of_vote;
3292  goto again;
3293  }
3294 
3295  goto done;
3296 
3297  err:
3298  any_failed = 1;
3299  if (!*msg_out)
3300  *msg_out = "Error adding vote";
3301  if (*status_out < 400)
3302  *status_out = 400;
3303 
3304  discard:
3305  networkstatus_vote_free(vote);
3306 
3307  if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version ")) {
3308  vote_body = end_of_vote;
3309  goto again;
3310  }
3311 
3312  done:
3313 
3314  if (*status_out < 200)
3315  *status_out = 200;
3316  if (!*msg_out) {
3317  if (!any_failed && !pending_vote) {
3318  *msg_out = "Duplicate discarded";
3319  } else {
3320  *msg_out = "ok";
3321  }
3322  }
3323 
3324  return any_failed ? NULL : pending_vote;
3325 }
3326 
3327 /* Write the votes in <b>pending_vote_list</b> to disk. */
3328 static void
3329 write_v3_votes_to_disk(const smartlist_t *pending_votes)
3330 {
3331  smartlist_t *votestrings = smartlist_new();
3332  char *votefile = NULL;
3333 
3334  SMARTLIST_FOREACH(pending_votes, pending_vote_t *, v,
3335  {
3336  sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
3337  c->bytes = v->vote_body->dir;
3338  c->len = v->vote_body->dir_len;
3339  smartlist_add(votestrings, c); /* collect strings to write to disk */
3340  });
3341 
3342  votefile = get_datadir_fname("v3-status-votes");
3343  write_chunks_to_file(votefile, votestrings, 0, 0);
3344  log_debug(LD_DIR, "Wrote votes to disk (%s)!", votefile);
3345 
3346  tor_free(votefile);
3347  SMARTLIST_FOREACH(votestrings, sized_chunk_t *, c, tor_free(c));
3348  smartlist_free(votestrings);
3349 }
3350 
3351 /** Try to compute a v3 networkstatus consensus from the currently pending
3352  * votes. Return 0 on success, -1 on failure. Store the consensus in
3353  * pending_consensus: it won't be ready to be published until we have
3354  * everybody else's signatures collected too. (V3 Authority only) */
3355 static int
3357 {
3358  /* Have we got enough votes to try? */
3359  int n_votes, n_voters, n_vote_running = 0;
3360  smartlist_t *votes = NULL;
3361  char *consensus_body = NULL, *signatures = NULL;
3362  networkstatus_t *consensus = NULL;
3363  authority_cert_t *my_cert;
3365  int flav;
3366 
3367  memset(pending, 0, sizeof(pending));
3368 
3369  if (!pending_vote_list)
3371 
3372  /* Write votes to disk */
3373  write_v3_votes_to_disk(pending_vote_list);
3374 
3375  /* Setup votes smartlist */
3376  votes = smartlist_new();
3378  {
3379  smartlist_add(votes, v->vote); /* collect votes to compute consensus */
3380  });
3381 
3382  /* See if consensus managed to achieve majority */
3383  n_voters = get_n_authorities(V3_DIRINFO);
3384  n_votes = smartlist_len(pending_vote_list);
3385  if (n_votes <= n_voters/2) {
3386  log_warn(LD_DIR, "We don't have enough votes to generate a consensus: "
3387  "%d of %d", n_votes, n_voters/2+1);
3388  goto err;
3389  }
3392  if (smartlist_contains_string(v->vote->known_flags, "Running"))
3393  n_vote_running++;
3394  });
3395  if (!n_vote_running) {
3396  /* See task 1066. */
3397  log_warn(LD_DIR, "Nobody has voted on the Running flag. Generating "
3398  "and publishing a consensus without Running nodes "
3399  "would make many clients stop working. Not "
3400  "generating a consensus!");
3401  goto err;
3402  }
3403 
3404  if (!(my_cert = get_my_v3_authority_cert())) {
3405  log_warn(LD_DIR, "Can't generate consensus without a certificate.");
3406  goto err;
3407  }
3408 
3409  {
3410  char legacy_dbuf[DIGEST_LEN];
3411  crypto_pk_t *legacy_sign=NULL;
3412  char *legacy_id_digest = NULL;
3413  int n_generated = 0;
3414  if (get_options()->V3AuthUseLegacyKey) {
3416  legacy_sign = get_my_v3_legacy_signing_key();
3417  if (cert) {
3418  if (crypto_pk_get_digest(cert->identity_key, legacy_dbuf)) {
3419  log_warn(LD_BUG,
3420  "Unable to compute digest of legacy v3 identity key");
3421  } else {
3422  legacy_id_digest = legacy_dbuf;
3423  }
3424  }
3425  }
3426 
3427  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
3428  const char *flavor_name = networkstatus_get_flavor_name(flav);
3429  consensus_body = networkstatus_compute_consensus(
3430  votes, n_voters,
3431  my_cert->identity_key,
3432  get_my_v3_authority_signing_key(), legacy_id_digest, legacy_sign,
3433  flav);
3434 
3435  if (!consensus_body) {
3436  log_warn(LD_DIR, "Couldn't generate a %s consensus at all!",
3437  flavor_name);
3438  continue;
3439  }
3440  consensus = networkstatus_parse_vote_from_string(consensus_body,
3441  strlen(consensus_body),
3442  NULL,
3443  NS_TYPE_CONSENSUS);
3444  if (!consensus) {
3445  log_warn(LD_DIR, "Couldn't parse %s consensus we generated!",
3446  flavor_name);
3447  tor_free(consensus_body);
3448  continue;
3449  }
3450 
3451  /* 'Check' our own signature, to mark it valid. */
3453 
3454  pending[flav].body = consensus_body;
3455  pending[flav].consensus = consensus;
3456  n_generated++;
3457  consensus_body = NULL;
3458  consensus = NULL;
3459  }
3460  if (!n_generated) {
3461  log_warn(LD_DIR, "Couldn't generate any consensus flavors at all.");
3462  goto err;
3463  }
3464  }
3465 
3467  pending, N_CONSENSUS_FLAVORS);
3468 
3469  if (!signatures) {
3470  log_warn(LD_DIR, "Couldn't extract signatures.");
3471  goto err;
3472  }
3473 
3475  memcpy(pending_consensuses, pending, sizeof(pending));
3476 
3478  pending_consensus_signatures = signatures;
3479 
3481  int n_sigs = 0;
3482  /* we may have gotten signatures for this consensus before we built
3483  * it ourself. Add them now. */
3485  const char *msg = NULL;
3487  "pending", &msg);
3488  if (r >= 0)
3489  n_sigs += r;
3490  else
3491  log_warn(LD_DIR,
3492  "Could not add queued signature to new consensus: %s",
3493  msg);
3494  tor_free(sig);
3495  } SMARTLIST_FOREACH_END(sig);
3496  if (n_sigs)
3497  log_notice(LD_DIR, "Added %d pending signatures while building "
3498  "consensus.", n_sigs);
3500  }
3501 
3502  log_notice(LD_DIR, "Consensus computed; uploading signature(s)");
3503 
3506  V3_DIRINFO,
3508  strlen(pending_consensus_signatures), 0);
3509  log_notice(LD_DIR, "Signature(s) posted.");
3510 
3511  smartlist_free(votes);
3512  return 0;
3513  err:
3514  smartlist_free(votes);
3515  tor_free(consensus_body);
3516  tor_free(signatures);
3517  networkstatus_vote_free(consensus);
3518 
3519  return -1;
3520 }
3521 
3522 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3523  * signatures on the currently pending consensus. Add them to <b>pc</b>
3524  * as appropriate. Return the number of signatures added. (?) */
3525 static int
3527  pending_consensus_t *pc,
3529  const char *source,
3530  int severity,
3531  const char **msg_out)
3532 {
3533  const char *flavor_name;
3534  int r = -1;
3535 
3536  /* Only call if we have a pending consensus right now. */
3537  tor_assert(pc->consensus);
3538  tor_assert(pc->body);
3540 
3541  flavor_name = networkstatus_get_flavor_name(pc->consensus->flavor);
3542  *msg_out = NULL;
3543 
3544  {
3545  smartlist_t *sig_list = strmap_get(sigs->signatures, flavor_name);
3546  log_info(LD_DIR, "Have %d signatures for adding to %s consensus.",
3547  sig_list ? smartlist_len(sig_list) : 0, flavor_name);
3548  }
3550  source, severity, msg_out);
3551  if (r >= 0) {
3552  log_info(LD_DIR,"Added %d signatures to consensus.", r);
3553  } else {
3554  log_fn(LOG_PROTOCOL_WARN, LD_DIR,
3555  "Unable to add signatures to consensus: %s",
3556  *msg_out ? *msg_out : "(unknown)");
3557  }
3558 
3559  if (r >= 1) {
3560  char *new_signatures =
3562  char *dst, *dst_end;
3563  size_t new_consensus_len;
3564  if (!new_signatures) {
3565  *msg_out = "No signatures to add";
3566  goto err;
3567  }
3568  new_consensus_len =
3569  strlen(pc->body) + strlen(new_signatures) + 1;
3570  pc->body = tor_realloc(pc->body, new_consensus_len);
3571  dst_end = pc->body + new_consensus_len;
3572  dst = strstr(pc->body, "directory-signature ");
3573  tor_assert(dst);
3574  strlcpy(dst, new_signatures, dst_end-dst);
3575 
3576  /* We remove this block once it has failed to crash for a while. But
3577  * unless it shows up in profiles, we're probably better leaving it in,
3578  * just in case we break detached signature processing at some point. */
3579  {
3581  pc->body, strlen(pc->body), NULL,
3582  NS_TYPE_CONSENSUS);
3583  tor_assert(v);
3584  networkstatus_vote_free(v);
3585  }
3586  *msg_out = "Signatures added";
3587  tor_free(new_signatures);
3588  } else if (r == 0) {
3589  *msg_out = "Signatures ignored";
3590  } else {
3591  goto err;
3592  }
3593 
3594  goto done;
3595  err:
3596  if (!*msg_out)
3597  *msg_out = "Unrecognized error while adding detached signatures.";
3598  done:
3599  return r;
3600 }
3601 
3602 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3603  * signatures on the currently pending consensus. Add them to the pending
3604  * consensus (if we have one).
3605  *
3606  * Set *<b>msg</b> to a string constant describing the status, regardless of
3607  * success or failure.
3608  *
3609  * Return negative on failure, nonnegative on success. */
3610 static int
3612  const char *detached_signatures_body,
3613  const char *source,
3614  const char **msg_out)
3615 {
3616  int r=0, i, n_added = 0, errors = 0;
3618  tor_assert(detached_signatures_body);
3619  tor_assert(msg_out);
3621 
3623  detached_signatures_body, NULL))) {
3624  *msg_out = "Couldn't parse detached signatures.";
3625  goto err;
3626  }
3627 
3628  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3629  int res;
3630  int severity = i == FLAV_NS ? LOG_NOTICE : LOG_INFO;
3631  pending_consensus_t *pc = &pending_consensuses[i];
3632  if (!pc->consensus)
3633  continue;
3634  res = dirvote_add_signatures_to_pending_consensus(pc, sigs, source,
3635  severity, msg_out);
3636  if (res < 0)
3637  errors++;
3638  else
3639  n_added += res;
3640  }
3641 
3642  if (errors && !n_added) {
3643  r = -1;
3644  goto err;
3645  }
3646 
3647  if (n_added && pending_consensuses[FLAV_NS].consensus) {
3648  char *new_detached =
3650  pending_consensuses, N_CONSENSUS_FLAVORS);
3651  if (new_detached) {
3653  pending_consensus_signatures = new_detached;
3654  }
3655  }
3656 
3657  r = n_added;
3658  goto done;
3659  err:
3660  if (!*msg_out)
3661  *msg_out = "Unrecognized error while adding detached signatures.";
3662  done:
3663  ns_detached_signatures_free(sigs);
3664  /* XXXX NM Check how return is used. We can now have an error *and*
3665  signatures added. */
3666  return r;
3667 }
3668 
3669 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3670  * signatures on the currently pending consensus. Add them to the pending
3671  * consensus (if we have one); otherwise queue them until we have a
3672  * consensus.
3673  *
3674  * Set *<b>msg</b> to a string constant describing the status, regardless of
3675  * success or failure.
3676  *
3677  * Return negative on failure, nonnegative on success. */
3678 int
3679 dirvote_add_signatures(const char *detached_signatures_body,
3680  const char *source,
3681  const char **msg)
3682 {
3683  if (pending_consensuses[FLAV_NS].consensus) {
3684  log_notice(LD_DIR, "Got a signature from %s. "
3685  "Adding it to the pending consensus.", source);
3687  detached_signatures_body, source, msg);
3688  } else {
3689  log_notice(LD_DIR, "Got a signature from %s. "
3690  "Queuing it for the next consensus.", source);
3694  detached_signatures_body);
3695  *msg = "Signature queued";
3696  return 0;
3697  }
3698 }
3699 
3700 /** Replace the consensus that we're currently serving with the one that we've
3701  * been building. (V3 Authority only) */
3702 static int
3704 {
3705  int i;
3706 
3707  /* Now remember all the other consensuses as if we were a directory cache. */
3708  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3709  pending_consensus_t *pending = &pending_consensuses[i];
3710  const char *name;
3712  tor_assert(name);
3713  if (!pending->consensus ||
3715  log_warn(LD_DIR, "Not enough info to publish pending %s consensus",name);
3716  continue;
3717  }
3718 
3720  strlen(pending->body),
3721  name, 0, NULL))
3722  log_warn(LD_DIR, "Error publishing %s consensus", name);
3723  else
3724  log_notice(LD_DIR, "Published %s consensus", name);
3725  }
3726 
3727  return 0;
3728 }
3729 
3730 /** Release all static storage held in dirvote.c */
3731 void
3733 {
3735  /* now empty as a result of dirvote_clear_votes(). */
3736  smartlist_free(pending_vote_list);
3737  pending_vote_list = NULL;
3738  smartlist_free(previous_vote_list);
3739  previous_vote_list = NULL;
3740 
3744  /* now empty as a result of dirvote_clear_votes(). */
3745  smartlist_free(pending_consensus_signature_list);
3747  }
3748 }
3749 
3750 /* ====
3751  * Access to pending items.
3752  * ==== */
3753 
3754 /** Return the body of the consensus that we're currently trying to build. */
3755 MOCK_IMPL(const char *,
3757 {
3758  tor_assert(((int)flav) >= 0 && (int)flav < N_CONSENSUS_FLAVORS);
3759  return pending_consensuses[flav].body;
3760 }
3761 
3762 /** Return the signatures that we know for the consensus that we're currently
3763  * trying to build. */
3764 MOCK_IMPL(const char *,
3766 {
3768 }
3769 
3770 /** Return a given vote specified by <b>fp</b>. If <b>by_id</b>, return the
3771  * vote for the authority with the v3 authority identity key digest <b>fp</b>;
3772  * if <b>by_id</b> is false, return the vote whose digest is <b>fp</b>. If
3773  * <b>fp</b> is NULL, return our own vote. If <b>include_previous</b> is
3774  * false, do not consider any votes for a consensus that's already been built.
3775  * If <b>include_pending</b> is false, do not consider any votes for the
3776  * consensus that's in progress. May return NULL if we have no vote for the
3777  * authority in question. */
3778 const cached_dir_t *
3779 dirvote_get_vote(const char *fp, int flags)
3780 {
3781  int by_id = flags & DGV_BY_ID;
3782  const int include_pending = flags & DGV_INCLUDE_PENDING;
3783  const int include_previous = flags & DGV_INCLUDE_PREVIOUS;
3784 
3786  return NULL;
3787  if (fp == NULL) {
3789  if (c) {
3790  fp = c->cache_info.identity_digest;
3791  by_id = 1;
3792  } else
3793  return NULL;
3794  }
3795  if (by_id) {
3796  if (pending_vote_list && include_pending) {
3798  if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
3799  return pv->vote_body);
3800  }
3801  if (previous_vote_list && include_previous) {
3803  if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
3804  return pv->vote_body);
3805  }
3806  } else {
3807  if (pending_vote_list && include_pending) {
3809  if (fast_memeq(pv->vote->digests.d[DIGEST_SHA1], fp, DIGEST_LEN))
3810  return pv->vote_body);
3811  }
3812  if (previous_vote_list && include_previous) {
3814  if (fast_memeq(pv->vote->digests.d[DIGEST_SHA1], fp, DIGEST_LEN))
3815  return pv->vote_body);
3816  }
3817  }
3818  return NULL;
3819 }
3820 
3821 /** Construct and return a new microdescriptor from a routerinfo <b>ri</b>
3822  * according to <b>consensus_method</b>.
3823  **/
3825 dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
3826 {
3827  microdesc_t *result = NULL;
3828  char *key = NULL, *summary = NULL, *family = NULL;
3829  size_t keylen;
3830  smartlist_t *chunks = smartlist_new();
3831  char *output = NULL;
3832  crypto_pk_t *rsa_pubkey = router_get_rsa_onion_pkey(ri->onion_pkey,
3833  ri->onion_pkey_len);
3834 
3835  if (crypto_pk_write_public_key_to_string(rsa_pubkey, &key, &keylen)<0)
3836  goto done;
3837  summary = policy_summarize(ri->exit_policy, AF_INET);
3838  if (ri->declared_family)
3839  family = smartlist_join_strings(ri->declared_family, " ", 0, NULL);
3840 
3841  smartlist_add_asprintf(chunks, "onion-key\n%s", key);
3842 
3843  if (ri->onion_curve25519_pkey) {
3844  char kbuf[128];
3845  base64_encode(kbuf, sizeof(kbuf),
3846  (const char*)ri->onion_curve25519_pkey->public_key,
3847  CURVE25519_PUBKEY_LEN, BASE64_ENCODE_MULTILINE);
3848  smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf);
3849  }
3850 
3851  if (family) {
3852  if (consensus_method < MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS) {
3853  smartlist_add_asprintf(chunks, "family %s\n", family);
3854  } else {
3855  const uint8_t *id = (const uint8_t *)ri->cache_info.identity_digest;
3856  char *canonical_family = nodefamily_canonicalize(family, id, 0);
3857  smartlist_add_asprintf(chunks, "family %s\n", canonical_family);
3858  tor_free(canonical_family);
3859  }
3860  }
3861 
3862  if (summary && strcmp(summary, "reject 1-65535"))
3863  smartlist_add_asprintf(chunks, "p %s\n", summary);
3864 
3865  if (ri->ipv6_exit_policy) {
3866  /* XXXX+++ This doesn't match proposal 208, which says these should
3867  * be taken unchanged from the routerinfo. That's bogosity, IMO:
3868  * the proposal should have said to do this instead.*/
3869  char *p6 = write_short_policy(ri->ipv6_exit_policy);
3870  if (p6 && strcmp(p6, "reject 1-65535"))
3871  smartlist_add_asprintf(chunks, "p6 %s\n", p6);
3872  tor_free(p6);
3873  }
3874 
3875  {
3876  char idbuf[ED25519_BASE64_LEN+1];
3877  const char *keytype;
3878  if (ri->cache_info.signing_key_cert &&
3879  ri->cache_info.signing_key_cert->signing_key_included) {
3880  keytype = "ed25519";
3882  &ri->cache_info.signing_key_cert->signing_key);
3883  } else {
3884  keytype = "rsa1024";
3885  digest_to_base64(idbuf, ri->cache_info.identity_digest);
3886  }
3887  smartlist_add_asprintf(chunks, "id %s %s\n", keytype, idbuf);
3888  }
3889 
3890  output = smartlist_join_strings(chunks, "", 0, NULL);
3891 
3892  {
3894  output+strlen(output), 0,
3895  SAVED_NOWHERE, NULL);
3896  if (smartlist_len(lst) != 1) {
3897  log_warn(LD_DIR, "We generated a microdescriptor we couldn't parse.");
3898  SMARTLIST_FOREACH(lst, microdesc_t *, md, microdesc_free(md));
3899  smartlist_free(lst);
3900  goto done;
3901  }
3902  result = smartlist_get(lst, 0);
3903  smartlist_free(lst);
3904  }
3905 
3906  done:
3907  crypto_pk_free(rsa_pubkey);
3908  tor_free(output);
3909  tor_free(key);
3910  tor_free(summary);
3911  tor_free(family);
3912  if (chunks) {
3913  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
3914  smartlist_free(chunks);
3915  }
3916  return result;
3917 }
3918 
3919 /** Format the appropriate vote line to describe the microdescriptor <b>md</b>
3920  * in a consensus vote document. Write it into the <b>out_len</b>-byte buffer
3921  * in <b>out</b>. Return -1 on failure and the number of characters written
3922  * on success. */
3923 static ssize_t
3924 dirvote_format_microdesc_vote_line(char *out_buf, size_t out_buf_len,
3925  const microdesc_t *md,
3926  int consensus_method_low,
3927  int consensus_method_high)
3928 {
3929  ssize_t ret = -1;
3930  char d64[BASE64_DIGEST256_LEN+1];
3931  char *microdesc_consensus_methods =
3932  make_consensus_method_list(consensus_method_low,
3933  consensus_method_high,
3934  ",");
3935  tor_assert(microdesc_consensus_methods);
3936 
3937  digest256_to_base64(d64, md->digest);
3938 
3939  if (tor_snprintf(out_buf, out_buf_len, "m %s sha256=%s\n",
3940  microdesc_consensus_methods, d64)<0)
3941  goto out;
3942 
3943  ret = strlen(out_buf);
3944 
3945  out:
3946  tor_free(microdesc_consensus_methods);
3947  return ret;
3948 }
3949 
3950 /** Array of start and end of consensus methods used for supported
3951  microdescriptor formats. */
3952 static const struct consensus_method_range_t {
3953  int low;
3954  int high;
3955 } microdesc_consensus_methods[] = {
3960  {-1, -1}
3961 };
3962 
3963 /** Helper type used when generating the microdescriptor lines in a directory
3964  * vote. */
3965 typedef struct microdesc_vote_line_t {
3966  int low;
3967  int high;
3968  microdesc_t *md;
3969  struct microdesc_vote_line_t *next;
3971 
3972 /** Generate and return a linked list of all the lines that should appear to
3973  * describe a router's microdescriptor versions in a directory vote.
3974  * Add the generated microdescriptors to <b>microdescriptors_out</b>. */
3977  smartlist_t *microdescriptors_out)
3978 {
3979  const struct consensus_method_range_t *cmr;
3980  microdesc_vote_line_t *entries = NULL, *ep;
3981  vote_microdesc_hash_t *result = NULL;
3982 
3983  /* Generate the microdescriptors. */
3984  for (cmr = microdesc_consensus_methods;
3985  cmr->low != -1 && cmr->high != -1;
3986  cmr++) {
3987  microdesc_t *md = dirvote_create_microdescriptor(ri, cmr->low);
3988  if (md) {
3990  tor_malloc_zero(sizeof(microdesc_vote_line_t));
3991  e->md = md;
3992  e->low = cmr->low;
3993  e->high = cmr->high;
3994  e->next = entries;
3995  entries = e;
3996  }
3997  }
3998 
3999  /* Compress adjacent identical ones */
4000  for (ep = entries; ep; ep = ep->next) {
4001  while (ep->next &&
4002  fast_memeq(ep->md->digest, ep->next->md->digest, DIGEST256_LEN) &&
4003  ep->low == ep->next->high + 1) {
4004  microdesc_vote_line_t *next = ep->next;
4005  ep->low = next->low;
4006  microdesc_free(next->md);
4007  ep->next = next->next;
4008  tor_free(next);
4009  }
4010  }
4011 
4012  /* Format them into vote_microdesc_hash_t, and add to microdescriptors_out.*/
4013  while ((ep = entries)) {
4014  char buf[128];
4016  if (dirvote_format_microdesc_vote_line(buf, sizeof(buf), ep->md,
4017  ep->low, ep->high) >= 0) {
4018  h = tor_malloc_zero(sizeof(vote_microdesc_hash_t));
4019  h->microdesc_hash_line = tor_strdup(buf);
4020  h->next = result;
4021  result = h;
4022  ep->md->last_listed = now;
4023  smartlist_add(microdescriptors_out, ep->md);
4024  }
4025  entries = ep->next;
4026  tor_free(ep);
4027  }
4028 
4029  return result;
4030 }
4031 
4032 /** Parse and extract all SR commits from <b>tokens</b> and place them in
4033  * <b>ns</b>. */
4034 static void
4036 {
4037  smartlist_t *chunks = NULL;
4038 
4039  tor_assert(ns);
4040  tor_assert(tokens);
4041  /* Commits are only present in a vote. */
4042  tor_assert(ns->type == NS_TYPE_VOTE);
4043 
4044  ns->sr_info.commits = smartlist_new();
4045 
4046  smartlist_t *commits = find_all_by_keyword(tokens, K_COMMIT);
4047  /* It's normal that a vote might contain no commits even if it participates
4048  * in the SR protocol. Don't treat it as an error. */
4049  if (commits == NULL) {
4050  goto end;
4051  }
4052 
4053  /* Parse the commit. We do NO validation of number of arguments or ordering
4054  * for forward compatibility, it's the parse commit job to inform us if it's
4055  * supported or not. */
4056  chunks = smartlist_new();
4057  SMARTLIST_FOREACH_BEGIN(commits, directory_token_t *, tok) {
4058  /* Extract all arguments and put them in the chunks list. */
4059  for (int i = 0; i < tok->n_args; i++) {
4060  smartlist_add(chunks, tok->args[i]);
4061  }
4062  sr_commit_t *commit = sr_parse_commit(chunks);
4063  smartlist_clear(chunks);
4064  if (commit == NULL) {
4065  /* Get voter identity so we can warn that this dirauth vote contains
4066  * commit we can't parse. */
4067  networkstatus_voter_info_t *voter = smartlist_get(ns->voters, 0);
4068  tor_assert(voter);
4069  log_warn(LD_DIR, "SR: Unable to parse commit %s from vote of voter %s.",
4070  escaped(tok->object_body),
4071  hex_str(voter->identity_digest,
4072  sizeof(voter->identity_digest)));
4073  /* Commitment couldn't be parsed. Continue onto the next commit because
4074  * this one could be unsupported for instance. */
4075  continue;
4076  }
4077  /* Add newly created commit object to the vote. */
4078  smartlist_add(ns->sr_info.commits, commit);
4079  } SMARTLIST_FOREACH_END(tok);
4080 
4081  end:
4082  smartlist_free(chunks);
4083  smartlist_free(commits);
4084 }
4085 
4086 /* Using the given directory tokens in tokens, parse the shared random commits
4087  * and put them in the given vote document ns.
4088  *
4089  * This also sets the SR participation flag if present in the vote. */
4090 void
4091 dirvote_parse_sr_commits(networkstatus_t *ns, const smartlist_t *tokens)
4092 {
4093  /* Does this authority participates in the SR protocol? */
4094  directory_token_t *tok = find_opt_by_keyword(tokens, K_SR_FLAG);
4095  if (tok) {
4096  ns->sr_info.participate = 1;
4097  /* Get the SR commitments and reveals from the vote. */
4098  extract_shared_random_commits(ns, tokens);
4099  }
4100 }
4101 
4102 /* For the given vote, free the shared random commits if any. */
4103 void
4104 dirvote_clear_commits(networkstatus_t *ns)
4105 {
4106  tor_assert(ns->type == NS_TYPE_VOTE);
4107 
4108  if (ns->sr_info.commits) {
4109  SMARTLIST_FOREACH(ns->sr_info.commits, sr_commit_t *, c,
4110  sr_commit_free(c));
4111  smartlist_free(ns->sr_info.commits);
4112  }
4113 }
4114 
4115 /* The given url is the /tor/status-vote GET directory request. Populates the
4116  * items list with strings that we can compress on the fly and dir_items with
4117  * cached_dir_t objects that have a precompressed deflated version. */
4118 void
4119 dirvote_dirreq_get_status_vote(const char *url, smartlist_t *items,
4120  smartlist_t *dir_items)
4121 {
4122  int current;
4123 
4124  url += strlen("/tor/status-vote/");
4125  current = !strcmpstart(url, "current/");
4126  url = strchr(url, '/');
4127  tor_assert(url);
4128  ++url;
4129  if (!strcmp(url, "consensus")) {
4130  const char *item;
4131  tor_assert(!current); /* we handle current consensus specially above,
4132  * since it wants to be spooled. */
4133  if ((item = dirvote_get_pending_consensus(FLAV_NS)))
4134  smartlist_add(items, (char*)item);
4135  } else if (!current && !strcmp(url, "consensus-signatures")) {
4136  /* XXXX the spec says that we should implement
4137  * current/consensus-signatures too. It doesn't seem to be needed,
4138  * though. */
4139  const char *item;
4141  smartlist_add(items, (char*)item);
4142  } else if (!strcmp(url, "authority")) {
4143  const cached_dir_t *d;
4144  int flags = DGV_BY_ID |
4145  (current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
4146  if ((d=dirvote_get_vote(NULL, flags)))
4147  smartlist_add(dir_items, (cached_dir_t*)d);
4148  } else {
4149  const cached_dir_t *d;
4150  smartlist_t *fps = smartlist_new();
4151  int flags;
4152  if (!strcmpstart(url, "d/")) {
4153  url += 2;
4154  flags = DGV_INCLUDE_PENDING | DGV_INCLUDE_PREVIOUS;
4155  } else {
4156  flags = DGV_BY_ID |
4157  (current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
4158  }
4159  dir_split_resource_into_fingerprints(url, fps, NULL,
4160  DSR_HEX|DSR_SORT_UNIQ);
4161  SMARTLIST_FOREACH(fps, char *, fp, {
4162  if ((d = dirvote_get_vote(fp, flags)))
4163  smartlist_add(dir_items, (cached_dir_t*)d);
4164  tor_free(fp);
4165  });
4166  smartlist_free(fps);
4167  }
4168 }
4169 
4170 /** Get the best estimate of a router's bandwidth for dirauth purposes,
4171  * preferring measured to advertised values if available. */
4172 static uint32_t
4174 {
4175  uint32_t bw_kb = 0;
4176  /*
4177  * Yeah, measured bandwidths in measured_bw_line_t are (implicitly
4178  * signed) longs and the ones router_get_advertised_bandwidth() returns
4179  * are uint32_t.
4180  */
4181  long mbw_kb = 0;
4182 
4183  if (ri) {
4184  /*
4185  * * First try to see if we have a measured bandwidth; don't bother with
4186  * as_of_out here, on the theory that a stale measured bandwidth is still
4187  * better to trust than an advertised one.
4188  */
4190  &mbw_kb, NULL)) {
4191  /* Got one! */
4192  bw_kb = (uint32_t)mbw_kb;
4193  } else {
4194  /* If not, fall back to advertised */
4195  bw_kb = router_get_advertised_bandwidth(ri) / 1000;
4196  }
4197  }
4198 
4199  return bw_kb;
4200 }
4201 
4202 /** Helper for sorting: compares two routerinfos first by address, and then by
4203  * descending order of "usefulness". (An authority is more useful than a
4204  * non-authority; a running router is more useful than a non-running router;
4205  * and a router with more bandwidth is more useful than one with less.)
4206  **/
4207 static int
4208 compare_routerinfo_by_ip_and_bw_(const void **a, const void **b)
4209 {
4210  routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
4211  int first_is_auth, second_is_auth;
4212  uint32_t bw_kb_first, bw_kb_second;
4213  const node_t *node_first, *node_second;
4214  int first_is_running, second_is_running;
4215 
4216  /* we return -1 if first should appear before second... that is,
4217  * if first is a better router. */
4218  if (first->addr < second->addr)
4219  return -1;
4220  else if (first->addr > second->addr)
4221  return 1;
4222 
4223  /* Potentially, this next bit could cause k n lg n memeq calls. But in
4224  * reality, we will almost never get here, since addresses will usually be
4225  * different. */
4226 
4227  first_is_auth =
4228  router_digest_is_trusted_dir(first->cache_info.identity_digest);
4229  second_is_auth =
4230  router_digest_is_trusted_dir(second->cache_info.identity_digest);
4231 
4232  if (first_is_auth && !second_is_auth)
4233  return -1;
4234  else if (!first_is_auth && second_is_auth)
4235  return 1;
4236 
4237  node_first = node_get_by_id(first->cache_info.identity_digest);
4238  node_second = node_get_by_id(second->cache_info.identity_digest);
4239  first_is_running = node_first && node_first->is_running;
4240  second_is_running = node_second && node_second->is_running;
4241 
4242  if (first_is_running && !second_is_running)
4243  return -1;
4244  else if (!first_is_running && second_is_running)
4245  return 1;
4246 
4247  bw_kb_first = dirserv_get_bandwidth_for_router_kb(first);
4248  bw_kb_second = dirserv_get_bandwidth_for_router_kb(second);
4249 
4250  if (bw_kb_first > bw_kb_second)
4251  return -1;
4252  else if (bw_kb_first < bw_kb_second)
4253  return 1;
4254 
4255  /* They're equal! Compare by identity digest, so there's a
4256  * deterministic order and we avoid flapping. */
4257  return fast_memcmp(first->cache_info.identity_digest,
4258  second->cache_info.identity_digest,
4259  DIGEST_LEN);
4260 }
4261 
4262 /** Given a list of routerinfo_t in <b>routers</b>, return a new digestmap_t
4263  * whose keys are the identity digests of those routers that we're going to
4264  * exclude for Sybil-like appearance. */
4265 static digestmap_t *
4267 {
4268  const dirauth_options_t *options = dirauth_get_options();
4269  digestmap_t *omit_as_sybil;
4270  smartlist_t *routers_by_ip = smartlist_new();
4271  uint32_t last_addr;
4272  int addr_count;
4273  /* Allow at most this number of Tor servers on a single IP address, ... */
4274  int max_with_same_addr = options->AuthDirMaxServersPerAddr;
4275  if (max_with_same_addr <= 0)
4276  max_with_same_addr = INT_MAX;
4277 
4278  smartlist_add_all(routers_by_ip, routers);
4280  omit_as_sybil = digestmap_new();
4281 
4282  last_addr = 0;
4283  addr_count = 0;
4284  SMARTLIST_FOREACH_BEGIN(routers_by_ip, routerinfo_t *, ri) {
4285  if (last_addr != ri->addr) {
4286  last_addr = ri->addr;
4287  addr_count = 1;
4288  } else if (++addr_count > max_with_same_addr) {
4289  digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
4290  }
4291  } SMARTLIST_FOREACH_END(ri);
4292 
4293  smartlist_free(routers_by_ip);
4294  return omit_as_sybil;
4295 }
4296 
4297 /** Given a platform string as in a routerinfo_t (possibly null), return a
4298  * newly allocated version string for a networkstatus document, or NULL if the
4299  * platform doesn't give a Tor version. */
4300 static char *
4301 version_from_platform(const char *platform)
4302 {
4303  if (platform && !strcmpstart(platform, "Tor ")) {
4304  const char *eos = find_whitespace(platform+4);
4305  if (eos && !strcmpstart(eos, " (r")) {
4306  /* XXXX Unify this logic with the other version extraction
4307  * logic in routerparse.c. */
4308  eos = find_whitespace(eos+1);
4309  }
4310  if (eos) {
4311  return tor_strndup(platform, eos-platform);
4312  }
4313  }
4314  return NULL;
4315 }
4316 
4317 /** Given a (possibly empty) list of config_line_t, each line of which contains
4318  * a list of comma-separated version numbers surrounded by optional space,
4319  * allocate and return a new string containing the version numbers, in order,
4320  * separated by commas. Used to generate Recommended(Client|Server)?Versions
4321  */
4322 char *
4324 {
4325  smartlist_t *versions;
4326  char *result;
4327  versions = smartlist_new();
4328  for ( ; ln; ln = ln->next) {
4329  smartlist_split_string(versions, ln->value, ",",
4330  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4331  }
4332 
4333  /* Handle the case where a dirauth operator has accidentally made some
4334  * versions space-separated instead of comma-separated. */
4335  smartlist_t *more_versions = smartlist_new();
4336  SMARTLIST_FOREACH_BEGIN(versions, char *, v) {
4337  if (strchr(v, ' ')) {
4338  if (warn)
4339  log_warn(LD_DIRSERV, "Unexpected space in versions list member %s. "
4340  "(These are supposed to be comma-separated; I'll pretend you "
4341  "used commas instead.)", escaped(v));
4342  SMARTLIST_DEL_CURRENT(versions, v);
4343  smartlist_split_string(more_versions, v, NULL,
4344  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4345  tor_free(v);
4346  }
4347  } SMARTLIST_FOREACH_END(v);
4348  smartlist_add_all(versions, more_versions);
4349  smartlist_free(more_versions);
4350 
4351  /* Check to make sure everything looks like a version. */
4352  if (warn) {
4353  SMARTLIST_FOREACH_BEGIN(versions, const char *, v) {
4354  tor_version_t ver;
4355  if (tor_version_parse(v, &ver) < 0) {
4356  log_warn(LD_DIRSERV, "Recommended version %s does not look valid. "
4357  " (I'll include it anyway, since you told me to.)",
4358  escaped(v));
4359  }
4360  } SMARTLIST_FOREACH_END(v);
4361  }
4362 
4363  sort_version_list(versions, 1);
4364  result = smartlist_join_strings(versions,",",0,NULL);
4365  SMARTLIST_FOREACH(versions,char *,s,tor_free(s));
4366  smartlist_free(versions);
4367  return result;
4368 }
4369 
4370 /** If there are entries in <b>routers</b> with exactly the same ed25519 keys,
4371  * remove the older one. If they are exactly the same age, remove the one
4372  * with the greater descriptor digest. May alter the order of the list. */
4373 static void
4375 {
4376  routerinfo_t *ri2;
4377  digest256map_t *by_ed_key = digest256map_new();
4378 
4379  SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
4380  ri->omit_from_vote = 0;
4381  if (ri->cache_info.signing_key_cert == NULL)
4382  continue; /* No ed key */
4383  const uint8_t *pk = ri->cache_info.signing_key_cert->signing_key.pubkey;
4384  if ((ri2 = digest256map_get(by_ed_key, pk))) {
4385  /* Duplicate; must omit one. Set the omit_from_vote flag in whichever
4386  * one has the earlier published_on. */
4387  const time_t ri_pub = ri->cache_info.published_on;
4388  const time_t ri2_pub = ri2->cache_info.published_on;
4389  if (ri2_pub < ri_pub ||
4390  (ri2_pub == ri_pub &&
4391  fast_memcmp(ri->cache_info.signed_descriptor_digest,
4392  ri2->cache_info.signed_descriptor_digest,DIGEST_LEN)<0)) {
4393  digest256map_set(by_ed_key, pk, ri);
4394  ri2->omit_from_vote = 1;
4395  } else {
4396  ri->omit_from_vote = 1;
4397  }
4398  } else {
4399  /* Add to map */
4400  digest256map_set(by_ed_key, pk, ri);
4401  }
4402  } SMARTLIST_FOREACH_END(ri);
4403 
4404  digest256map_free(by_ed_key, NULL);
4405 
4406  /* Now remove every router where the omit_from_vote flag got set. */
4407  SMARTLIST_FOREACH_BEGIN(routers, const routerinfo_t *, ri) {
4408  if (ri->omit_from_vote) {
4409  SMARTLIST_DEL_CURRENT(routers, ri);
4410  }
4411  } SMARTLIST_FOREACH_END(ri);
4412 }
4413 
4414 /** Routerstatus <b>rs</b> is part of a group of routers that are on
4415  * too narrow an IP-space. Clear out its flags since we don't want it be used
4416  * because of its Sybil-like appearance.
4417  *
4418  * Leave its BadExit flag alone though, since if we think it's a bad exit,
4419  * we want to vote that way in case all the other authorities are voting
4420  * Running and Exit.
4421  */
4422 static void
4424 {
4425  rs->is_authority = rs->is_exit = rs->is_stable = rs->is_fast =
4426  rs->is_flagged_running = rs->is_named = rs->is_valid =
4427  rs->is_hs_dir = rs->is_v2_dir = rs->is_possible_guard = 0;
4428  /* FFFF we might want some mechanism to check later on if we
4429  * missed zeroing any flags: it's easy to add a new flag but
4430  * forget to add it to this clause. */
4431 }
4432 
4433 /** Space-separated list of all the flags that we will always vote on. */
4435  "Authority "
4436  "Exit "
4437  "Fast "
4438  "Guard "
4439  "HSDir "
4440  "Stable "
4441  "StaleDesc "
4442  "V2Dir "
4443  "Valid";
4444 /** Space-separated list of all flags that we may or may not vote on,
4445  * depending on our configuration. */
4447  "BadExit "
4448  "Running";
4449 
4450 /** Return a new networkstatus_t* containing our current opinion. (For v3
4451  * authorities) */
4454  authority_cert_t *cert)
4455 {
4456  const or_options_t *options = get_options();
4457  const dirauth_options_t *d_options = dirauth_get_options();
4458  networkstatus_t *v3_out = NULL;
4459  uint32_t addr;
4460  char *hostname = NULL, *client_versions = NULL, *server_versions = NULL;
4461  const char *contact;
4462  smartlist_t *routers, *routerstatuses;
4463  char identity_digest[DIGEST_LEN];
4464  char signing_key_digest[DIGEST_LEN];
4465  const int listbadexits = d_options->AuthDirListBadExits;
4467  time_t now = time(NULL);
4468  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
4469  networkstatus_voter_info_t *voter = NULL;
4470  vote_timing_t timing;
4471  digestmap_t *omit_as_sybil = NULL;
4472  const int vote_on_reachability = running_long_enough_to_decide_unreachable();
4473  smartlist_t *microdescriptors = NULL;
4474  smartlist_t *bw_file_headers = NULL;
4475  uint8_t bw_file_digest256[DIGEST256_LEN] = {0};
4476 
4477  tor_assert(private_key);
4478  tor_assert(cert);
4479 
4480  if (crypto_pk_get_digest(private_key, signing_key_digest)<0) {
4481  log_err(LD_BUG, "Error computing signing key digest");
4482  return NULL;
4483  }
4484  if (crypto_pk_get_digest(cert->identity_key, identity_digest)<0) {
4485  log_err(LD_BUG, "Error computing identity key digest");
4486  return NULL;
4487  }
4488  if (resolve_my_address(LOG_WARN, options, &addr, NULL, &hostname)<0) {
4489  log_warn(LD_NET, "Couldn't resolve my hostname");
4490  return NULL;
4491  }
4492  if (!hostname || !strchr(hostname, '.')) {
4493  tor_free(hostname);
4494  hostname = tor_dup_ip(addr);
4495  }
4496 
4497  if (d_options->VersioningAuthoritativeDirectory) {
4498  client_versions =
4500  server_versions =
4502  }
4503 
4504  contact = get_options()->ContactInfo;
4505  if (!contact)
4506  contact = "(none)";
4507 
4508  /*
4509  * Do this so dirserv_compute_performance_thresholds() and
4510  * set_routerstatus_from_routerinfo() see up-to-date bandwidth info.
4511  */
4512  if (options->V3BandwidthsFile) {
4514  NULL);
4515  } else {
4516  /*
4517  * No bandwidths file; clear the measured bandwidth cache in case we had
4518  * one last time around.
4519  */
4522  }
4523  }
4524 
4525  /* precompute this part, since we need it to decide what "stable"
4526  * means. */
4527  SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
4528  dirserv_set_router_is_running(ri, now);
4529  });
4530 
4531  routers = smartlist_new();
4532  smartlist_add_all(routers, rl->routers);
4533  routers_make_ed_keys_unique(routers);
4534  /* After this point, don't use rl->routers; use 'routers' instead. */
4535  routers_sort_by_identity(routers);
4536  omit_as_sybil = get_possible_sybil_list(routers);
4537 
4538  DIGESTMAP_FOREACH(omit_as_sybil, sybil_id, void *, ignore) {
4539  (void) ignore;
4540  rep_hist_make_router_pessimal(sybil_id, now);
4542 
4543  /* Count how many have measured bandwidths so we know how to assign flags;
4544  * this must come before dirserv_compute_performance_thresholds() */
4545  dirserv_count_measured_bws(routers);
4546 
4548 
4549  routerstatuses = smartlist_new();
4550  microdescriptors = smartlist_new();
4551 
4552  SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
4553  /* If it has a protover list and contains a protocol name greater than
4554  * MAX_PROTOCOL_NAME_LENGTH, skip it. */
4555  if (ri->protocol_list &&
4556  protover_contains_long_protocol_names(ri->protocol_list)) {
4557  continue;
4558  }
4559  if (ri->cache_info.published_on >= cutoff) {
4560  routerstatus_t *rs;
4561  vote_routerstatus_t *vrs;
4562  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
4563  if (!node)
4564  continue;
4565 
4566  vrs = tor_malloc_zero(sizeof(vote_routerstatus_t));
4567  rs = &vrs->status;
4568  dirauth_set_routerstatus_from_routerinfo(rs, node, ri, now,
4569  listbadexits);
4570 
4571  if (ri->cache_info.signing_key_cert) {
4572  memcpy(vrs->ed25519_id,
4573  ri->cache_info.signing_key_cert->signing_key.pubkey,
4575  }
4576 
4577  if (digestmap_get(omit_as_sybil, ri->cache_info.identity_digest))
4579 
4580  if (!vote_on_reachability)
4581  rs->is_flagged_running = 0;
4582 
4583  vrs->version = version_from_platform(ri->platform);
4584  if (ri->protocol_list) {
4585  vrs->protocols = tor_strdup(ri->protocol_list);
4586  } else {
4587  vrs->protocols = tor_strdup(
4589  }
4591  microdescriptors);
4592 
4593  smartlist_add(routerstatuses, vrs);
4594  }
4595  } SMARTLIST_FOREACH_END(ri);
4596 
4597  {
4598  smartlist_t *added =
4600  microdescriptors, SAVED_NOWHERE, 0);
4601  smartlist_free(added);
4602  smartlist_free(microdescriptors);
4603  }
4604 
4605  smartlist_free(routers);
4606  digestmap_free(omit_as_sybil, NULL);
4607 
4608  /* Apply guardfraction information to routerstatuses. */
4609  if (options->GuardfractionFile) {
4611  routerstatuses);
4612  }
4613 
4614  /* This pass through applies the measured bw lines to the routerstatuses */
4615  if (options->V3BandwidthsFile) {
4616  /* Only set bw_file_headers when V3BandwidthsFile is configured */
4617  bw_file_headers = smartlist_new();
4619  routerstatuses, bw_file_headers,
4620  bw_file_digest256);
4621 
4622  } else {
4623  /*
4624  * No bandwidths file; clear the measured bandwidth cache in case we had
4625  * one last time around.
4626  */
4629  }
4630  }
4631 
4632  v3_out = tor_malloc_zero(sizeof(networkstatus_t));
4633 
4634  v3_out->type = NS_TYPE_VOTE;
4636  v3_out->published = now;
4637  {
4638  char tbuf[ISO_TIME_LEN+1];
4639  networkstatus_t *current_consensus =
4641  long last_consensus_interval; /* only used to pick a valid_after */
4642  if (current_consensus)
4643  last_consensus_interval = current_consensus->fresh_until -
4644  current_consensus->valid_after;
4645  else
4646  last_consensus_interval = options->TestingV3AuthInitialVotingInterval;
4647  v3_out->valid_after =
4649  (int)last_consensus_interval,
4651  format_iso_time(tbuf, v3_out->valid_after);
4652  log_notice(LD_DIR,"Choosing valid-after time in vote as %s: "
4653  "consensus_set=%d, last_interval=%d",
4654  tbuf, current_consensus?1:0, (int)last_consensus_interval);
4655  }
4656  v3_out->fresh_until = v3_out->valid_after + timing.vote_interval;
4657  v3_out->valid_until = v3_out->valid_after +
4658  (timing.vote_interval * timing.n_intervals_valid);
4659  v3_out->vote_seconds = timing.vote_delay;
4660  v3_out->dist_seconds = timing.dist_delay;
4661  tor_assert(v3_out->vote_seconds > 0);
4662  tor_assert(v3_out->dist_seconds > 0);
4663  tor_assert(timing.n_intervals_valid > 0);
4664 
4665  v3_out->client_versions = client_versions;
4666  v3_out->server_versions = server_versions;
4667 
4668  /* These are hardwired, to avoid disaster. */
4669  v3_out->recommended_relay_protocols =
4670  tor_strdup(DIRVOTE_RECCOMEND_RELAY_PROTO);
4671  v3_out->recommended_client_protocols =
4672  tor_strdup(DIRVOTE_RECCOMEND_CLIENT_PROTO);
4673 
4674  v3_out->required_relay_protocols =
4675  tor_strdup(DIRVOTE_REQUIRE_RELAY_PROTO);
4676  v3_out->required_client_protocols =
4677  tor_strdup(DIRVOTE_REQUIRE_CLIENT_PROTO);
4678 
4679  /* We are not allowed to vote to require anything we don't have. */
4680  tor_assert(protover_all_supported(v3_out->required_relay_protocols, NULL));
4681  tor_assert(protover_all_supported(v3_out->required_client_protocols, NULL));
4682 
4683  /* We should not recommend anything we don't have. */
4684  tor_assert_nonfatal(protover_all_supported(
4685  v3_out->recommended_relay_protocols, NULL));
4686  tor_assert_nonfatal(protover_all_supported(
4687  v3_out->recommended_client_protocols, NULL));
4688 
4689  v3_out->known_flags = smartlist_new();
4692  0, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4693  if (vote_on_reachability)
4694  smartlist_add_strdup(v3_out->known_flags, "Running");
4695  if (listbadexits)
4696  smartlist_add_strdup(v3_out->known_flags, "BadExit");
4698 
4699  if (d_options->ConsensusParams) {
4700  v3_out->net_params = smartlist_new();
4702  d_options->ConsensusParams, NULL, 0, 0);
4704  }
4705  v3_out->bw_file_headers = bw_file_headers;
4706  memcpy(v3_out->bw_file_digest256, bw_file_digest256, DIGEST256_LEN);
4707 
4708  voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
4709  voter->nickname = tor_strdup(options->Nickname);
4710  memcpy(voter->identity_digest, identity_digest, DIGEST_LEN);
4711  voter->sigs = smartlist_new();
4712  voter->address = hostname;
4713  voter->addr = addr;
4714  voter->dir_port = router_get_advertised_dir_port(options, 0);
4715  voter->or_port = router_get_advertised_or_port(options);
4716  voter->contact = tor_strdup(contact);
4717  if (options->V3AuthUseLegacyKey) {
4719  if (c) {
4721  log_warn(LD_BUG, "Unable to compute digest of legacy v3 identity key");
4722  memset(voter->legacy_id_digest, 0, DIGEST_LEN);
4723  }
4724  }
4725  }
4726 
4727  v3_out->voters = smartlist_new();
4728  smartlist_add(v3_out->voters, voter);
4729  v3_out->cert = authority_cert_dup(cert);
4730  v3_out->routerstatus_list = routerstatuses;
4731  /* Note: networkstatus_digest is unset; it won't get set until we actually
4732  * format the vote. */
4733 
4734  return v3_out;
4735 }
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:287
guardfraction_bandwidth_t::non_guard_bw
int non_guard_bw
Definition: entrynodes.h:629
microdesc_t
Definition: microdesc_st.h:27
networkstatus_get_flavor_name
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
Definition: networkstatus.c:2567
networkstatus_voter_info_t::addr
uint32_t addr
Definition: networkstatus_voter_info_st.h:24
authority_cert_t::identity_key
crypto_pk_t * identity_key
Definition: authority_cert_st.h:23
tor_addr_compare
int tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2, tor_addr_comparison_t how)
Definition: address.c:975
tor_free
#define tor_free(p)
Definition: malloc.h:52
MIN_DIST_SECONDS
#define MIN_DIST_SECONDS
Definition: dirvote.h:32
routerinfo_t
Definition: routerinfo_st.h:20
dirvote_fetch_missing_signatures
static void dirvote_fetch_missing_signatures(void)
Definition: dirvote.c:3031
dirauth_options_t::VersioningAuthoritativeDirectory
BOOL VersioningAuthoritativeDirectory
Definition: dirauth_options.inc:96
dir_server_st.h
Trusted/fallback directory server structure.
routerstatus_t::is_authority
unsigned int is_authority
Definition: routerstatus_st.h:37
CURVE25519_PUBKEY_LEN
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
or_options_t::TestingV3AuthVotingStartOffset
int TestingV3AuthVotingStartOffset
Definition: or_options_st.h:698
versions.h
Header file for versions.c.
networkstatus_t::valid_until
time_t valid_until
Definition: networkstatus_st.h:36
vote_routerstatus_t::microdesc
vote_microdesc_hash_t * microdesc
Definition: vote_routerstatus_st.h:40
tor_free_
void tor_free_(void *mem)
Definition: malloc.c:227
vote_timing_st.h
Directory voting schedule structure.
smartlist_split_string
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
Definition: smartlist_split.c:37
T
#define T(s, t, a, o)
Definition: parsecommon.h:246
hex_str
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
dirvote_fetch_missing_votes
static void dirvote_fetch_missing_votes(void)
Definition: dirvote.c:2991
MAX_BW_FILE_HEADER_COUNT_IN_VOTE
#define MAX_BW_FILE_HEADER_COUNT_IN_VOTE
Definition: bwauth.h:16
dirvote_get_pending_consensus
const char * dirvote_get_pending_consensus(consensus_flavor_t flav)
Definition: dirvote.c:3756
pending_vote_list
static smartlist_t * pending_vote_list
Definition: dirvote.c:2924
name
const char * name
Definition: config.c:2440
networkstatus_t::digests
common_digests_t digests
Definition: networkstatus_st.h:88
or_options_t::V3AuthDistDelay
int V3AuthDistDelay
Definition: or_options_st.h:670
sr_parse_commit
sr_commit_t * sr_parse_commit(const smartlist_t *args)
Definition: shared_random.c:1023
networkstatus_t::published
time_t published
Definition: networkstatus_st.h:32
microdesc_parse.h
Header file for microdesc_parse.c.
dirserv_query_measured_bw_cache_kb
int dirserv_query_measured_bw_cache_kb(const char *node_id, long *bw_kb_out, time_t *as_of_out)
Definition: bwauth.c:138
BW_WEIGHT_SCALE
#define BW_WEIGHT_SCALE
Definition: or.h:1010
networkstatus_check_document_signature
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
Definition: networkstatus.c:458
or_options_t::V3AuthVotingInterval
int V3AuthVotingInterval
Definition: or_options_st.h:666
vote_timing_t::dist_delay
int dist_delay
Definition: vote_timing_st.h:25
ED25519_BASE64_LEN
#define ED25519_BASE64_LEN
Definition: x25519_sizes.h:40
protover.h
Headers and type declarations for protover.c.
smartlist_add_strdup
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
Definition: smartlist_core.c:137
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
networkstatus_get_voter_sig_by_alg
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
Definition: networkstatus.c:442
vote_microdesc_hash_t
Definition: vote_microdesc_hash_st.h:18
dircollate.h
Header file for dircollate.c.
MIN_VOTE_INTERVAL
#define MIN_VOTE_INTERVAL
Definition: dirvote.h:37
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
networkstatus_t::bw_file_digest256
uint8_t bw_file_digest256[DIGEST256_LEN]
Definition: networkstatus_st.h:109
networkstatus_t::type
networkstatus_type_t type
Definition: networkstatus_st.h:27
pending_consensus_t
Definition: dirvote.c:111
get_voter
static networkstatus_voter_info_t * get_voter(const networkstatus_t *vote)
Definition: dirvote.c:525
BASE64_DIGEST256_LEN
#define BASE64_DIGEST256_LEN
Definition: crypto_digest.h:29
previous_vote_list
static smartlist_t * previous_vote_list
Definition: dirvote.c:2927
routers_sort_by_identity
void routers_sort_by_identity(smartlist_t *routers)
Definition: routerlist.c:3220
MIN_VOTE_INTERVAL_TESTING
#define MIN_VOTE_INTERVAL_TESTING
Definition: dirvote.h:46
compute_consensus_versions_list
static char * compute_consensus_versions_list(smartlist_t *lst, int n_versioning)
Definition: dirvote.c:852
microdesc_t::digest
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:62
networkstatus_voter_info_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: networkstatus_voter_info_st.h:18
routerstatus_t::is_flagged_running
unsigned int is_flagged_running
Definition: routerstatus_st.h:45
list_v3_auth_ids
static char * list_v3_auth_ids(void)
Definition: dirvote.c:3110
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
routerkeys.h
Header for routerkeys.c.
microdesc.h
Header file for microdesc.c.
LD_BUG
#define LD_BUG
Definition: log.h:86
router.h
Header file for router.c.
authcert.h
Header file for authcert.c.
dirserv_get_flag_thresholds_line
char * dirserv_get_flag_thresholds_line(void)
Definition: voteflags.c:433
routerinfo_t::ipv6_exit_policy
struct short_policy_t * ipv6_exit_policy
Definition: routerinfo_st.h:62
or_options_t::TestingV3AuthInitialVotingInterval
int TestingV3AuthInitialVotingInterval
Definition: or_options_st.h:686
format_iso_time
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
fast_mem_is_zero
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
dsigs_parse.h
Code to parse and validate detached-signature objects.
routerstatus_t::is_valid
unsigned int is_valid
Definition: routerstatus_st.h:49
pending_consensus_t::body
char * body
Definition: dirvote.c:114
format_protocols_lines_for_vote
static char * format_protocols_lines_for_vote(const networkstatus_t *v3_ns)
Definition: dirvote.c:183
dirauth_options_t::RecommendedServerVersions
LINELIST RecommendedServerVersions
Definition: dirauth_options.inc:66
routerstatus_t::exitsummary
char * exitsummary
Definition: routerstatus_st.h:78
base16_encode
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
tor_dup_ip
char * tor_dup_ip(uint32_t addr)
Definition: address.c:2001
DIGESTMAP_FOREACH_END
#define DIGESTMAP_FOREACH_END
Definition: map.h:168
networkstatus_t::voters
smartlist_t * voters
Definition: networkstatus_st.h:83
sized_chunk_t
Definition: files.h:82
crypto_pk_dup_key
crypto_pk_t * crypto_pk_dup_key(crypto_pk_t *orig)
Definition: crypto_rsa_nss.c:351
directory_token_t
Definition: parsecommon.h:201
get_my_v3_authority_cert
authority_cert_t * get_my_v3_authority_cert(void)
Definition: router.c:432
smartlist_add_all
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
Definition: smartlist_core.c:125
smartlist_sort_digests256
void smartlist_sort_digests256(smartlist_t *sl)
Definition: smartlist.c:846
compare_orports_
static int compare_orports_(const void **_a, const void **_b)
Definition: dirvote.c:649
tor_cert_st::signing_key_included
unsigned signing_key_included
Definition: torcert.h:45
dirvote_add_vote
pending_vote_t * dirvote_add_vote(const char *vote_body, time_t time_posted, const char **msg_out, int *status_out)
Definition: dirvote.c:3163
dirvote_get_pending_detached_signatures
const char * dirvote_get_pending_detached_signatures(void)
Definition: dirvote.c:3765
sr_act_post_consensus
void sr_act_post_consensus(const networkstatus_t *consensus)
Definition: shared_random.c:1232
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
networkstatus_get_live_consensus
networkstatus_t * networkstatus_get_live_consensus(time_t now)
Definition: networkstatus.c:1416
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
networkstatus_t::bw_file_headers
smartlist_t * bw_file_headers
Definition: networkstatus_st.h:106
authority_cert_get_by_digests
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Definition: authcert.c:650
tor_cert_st::signing_key
ed25519_public_key_t signing_key
Definition: torcert.h:33
routerstatus_t::has_guardfraction
unsigned int has_guardfraction
Definition: routerstatus_st.h:74
dirauth_options_t::ConsensusParams
STRING ConsensusParams
Definition: dirauth_options.inc:49
vote_timing_t::vote_delay
int vote_delay
Definition: vote_timing_st.h:23
sr_handle_received_commits
void sr_handle_received_commits(smartlist_t *commits, crypto_pk_t *voter_key)
Definition: shared_random.c:1093
routerstatus_t
Definition: routerstatus_st.h:19
dirvote_clear_votes
static void dirvote_clear_votes(int all_votes)
Definition: dirvote.c:3068
voting_sched_get_start_of_interval_after
time_t voting_sched_get_start_of_interval_after(time_t now, int interval, int offset)
Definition: networkstatus.c:2775
routerlist_t::routers
smartlist_t * routers
Definition: routerlist_st.h:32
get_nth_protocol_set_vote
static const char * get_nth_protocol_set_vote(int n, const networkstatus_t *vote)
Definition: dirvote.c:1413
authority_cert_t::expires
time_t expires
Definition: authority_cert_st.h:29
sr_get_string_for_consensus
char * sr_get_string_for_consensus(const smartlist_t *votes, int32_t num_srv_agreements)
Definition: shared_random.c:1196
networkstatus_voter_info_t::contact
char * contact
Definition: networkstatus_voter_info_st.h:27
routerstatus_t::nickname
char nickname[MAX_NICKNAME_LEN+1]
Definition: routerstatus_st.h:25
dirauth_sched_recalculate_timing
void dirauth_sched_recalculate_timing(const or_options_t *options, time_t now)
Definition: voting_schedule.c:177
pending_vote_t
Definition: dirvote.c:2917
tor_version_t
Definition: tor_version_st.h:21
ED25519_PUBKEY_LEN
#define ED25519_PUBKEY_LEN
Definition: x25519_sizes.h:27
document_signature_t::good_signature
unsigned int good_signature
Definition: document_signature_st.h:29
pending_consensus_t::consensus
networkstatus_t * consensus
Definition: dirvote.c:116
pending_consensus_signatures
static char * pending_consensus_signatures
Definition: dirvote.c:2934
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
dirvote_act
time_t dirvote_act(const or_options_t *options, time_t now)
Definition: dirvote.c:2840
base64_encode
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
Definition: binascii.c:215
routerinfo_t::onion_pkey_len
size_t onion_pkey_len
Definition: routerinfo_st.h:38
tor_snprintf
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
common_digests_t
Definition: crypto_digest.h:87
tor_parse_long
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:59
ed25519_public_to_base64
void ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey)
Definition: crypto_format.c:218
tor_version_parse
int tor_version_parse(const char *s, tor_version_t *out)
Definition: versions.c:206
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
dir_split_resource_into_fingerprints
int dir_split_resource_into_fingerprints(const char *resource, smartlist_t *fp_out, int *compressed_out, int flags)
Definition: directory.c:628
routerstatus_t::is_fast
unsigned int is_fast
Definition: routerstatus_st.h:40
routerstatus_t::has_bandwidth
unsigned int has_bandwidth
Definition: routerstatus_st.h:62
networkstatus.h
Header file for networkstatus.c.
fmt_routerstatus.h
Format routerstatus entries for controller, vote, or consensus.
dirvote_publish_consensus
static int dirvote_publish_consensus(void)
Definition: dirvote.c:3703
digest256_to_base64
void digest256_to_base64(char *d64, const char *digest)
Definition: crypto_format.c:295
signed_descriptor_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: signed_descriptor_st.h:31
version_from_platform
static char * version_from_platform(const char *platform)
Definition: dirvote.c:4301
dirlist.h
Header file for dirlist.c.
consensus_flavor_t
consensus_flavor_t
Definition: or.h:867
DIR_PURPOSE_UPLOAD_VOTE
#define DIR_PURPOSE_UPLOAD_VOTE
Definition: directory.h:45
LD_CIRC
#define LD_CIRC
Definition: log.h:82
dirauth_options_t::AuthDirListBadExits
BOOL AuthDirListBadExits
Definition: dirauth_options.inc:28
dirserv_generate_networkstatus_vote_obj
networkstatus_t * dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, authority_cert_t *cert)
Definition: dirvote.c:4453
get_n_authorities
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:87
find_all_by_keyword
smartlist_t * find_all_by_keyword(const smartlist_t *s, directory_keyword k)
Definition: parsecommon.c:468
vote_microdesc_hash_t::microdesc_hash_line
char * microdesc_hash_line
Definition: vote_microdesc_hash_st.h:23
ns_detached_signatures_t::digests
strmap_t * digests
Definition: ns_detached_signatures_st.h:21
MAX
#define MAX(a, b)
Definition: cmp.h:22
smartlist_string_pos
int smartlist_string_pos(const smartlist_t *sl, const char *element)
Definition: smartlist.c:106
routerstatus_format_entry
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, const vote_routerstatus_t *vrs)
Definition: fmt_routerstatus.c:43
networkstatus_check_consensus_signature
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
Definition: networkstatus.c:511
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
networkstatus_voter_info_t::or_port
uint16_t or_port
Definition: networkstatus_voter_info_st.h:26
dirvote_format_microdesc_vote_line
static ssize_t dirvote_format_microdesc_vote_line(char *out_buf, size_t out_buf_len, const microdesc_t *md, int consensus_method_low, int consensus_method_high)
Definition: dirvote.c:3924
smartlist_get_most_frequent_string_
const char * smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out)
Definition: smartlist.c:566
make_consensus_method_list
STATIC char * make_consensus_method_list(int low, int high, const char *separator)
Definition: dirvote.c:828
vote_routerstatus_t::version
char * version
Definition: vote_routerstatus_st.h:26
node_get_mutable_by_id
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:194
document_signature_t
Definition: document_signature_st.h:16
or_options_t::V3AuthNIntervalsValid
int V3AuthNIntervalsValid
Definition: or_options_st.h:672
routerstatus_t::is_possible_guard
unsigned int is_possible_guard
Definition: routerstatus_st.h:50
strmap_set_lc
void * strmap_set_lc(strmap_t *map, const char *key, void *val)
Definition: map.c:346
guardfraction_bandwidth_t
Definition: entrynodes.h:625
microdescs_parse_from_string
smartlist_t * microdescs_parse_from_string(const char *s, const char *eos, int allow_annotations, saved_location_t where, smartlist_t *invalid_digests_out)
Definition: microdesc_parse.c:293
crypto_format.h
Header for crypto_format.c.
router_get_advertised_dir_port
uint16_t router_get_advertised_dir_port(const or_options_t *options, uint16_t dirport)
Definition: router.c:1519
shared_random_state.h
Header for shared_random_state.c.
voteflags.h
Header file for voteflags.c.
signed_descriptor_t::saved_location
saved_location_t saved_location
Definition: signed_descriptor_st.h:44
DIR_PURPOSE_UPLOAD_SIGNATURES
#define DIR_PURPOSE_UPLOAD_SIGNATURES
Definition: directory.h:47
routerlist_t
Definition: routerlist_st.h:18
networkstatus_get_latest_consensus_by_flavor
networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
Definition: networkstatus.c:1401
vote_routerstatus_t::flags
uint64_t flags
Definition: vote_routerstatus_st.h:24
resolve_my_address
int resolve_my_address(int warn_severity, const or_options_t *options, uint32_t *addr_out, const char **method_out, char **hostname_out)
Definition: resolve_addr.c:87
tor_addr_port_t
Definition: address.h:80
entrynodes.h
Header file for circuitbuild.c.
dirvote.h
Header file for dirvote.c.
dircollator_n_routers
int dircollator_n_routers(dircollator_t *dc)
Definition: dircollate.c:305
dirserv_count_measured_bws
void dirserv_count_measured_bws(const smartlist_t *routers)
Definition: bwauth.c:39
get_my_v3_legacy_cert
authority_cert_t * get_my_v3_legacy_cert(void)
Definition: router.c:449
smartlist_get_most_frequent_digest256
const uint8_t * smartlist_get_most_frequent_digest256(smartlist_t *sl)
Definition: smartlist.c:854
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
authority_cert_dup
STATIC authority_cert_t * authority_cert_dup(authority_cert_t *cert)
Definition: dirvote.c:145
node_t
Definition: node_st.h:34
vote_routerstatus_st.h
Routerstatus (vote entry) structure.
extract_shared_random_commits
static void extract_shared_random_commits(networkstatus_t *ns, const smartlist_t *tokens)
Definition: dirvote.c:4035
dirauth_options_st.h
Structure dirauth_options_t to hold directory authority options.
get_my_v3_authority_signing_key
crypto_pk_t * get_my_v3_authority_signing_key(void)
Definition: router.c:440
routerstatus_t::addr
uint32_t addr
Definition: routerstatus_st.h:32
trusted_dirs_load_certs_from_string
int trusted_dirs_load_certs_from_string(const char *contents, int source, int flush, const char *source_dir)
Definition: authcert.c:373
MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS
#define MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS
Definition: dirvote.h:62
networkstatus_t::client_versions
char * client_versions
Definition: networkstatus_st.h:56
networkstatus_t::flavor
consensus_flavor_t flavor
Definition: networkstatus_st.h:28
torcert.h
Header for torcert.c.
vote_routerstatus_t::ed25519_id
uint8_t ed25519_id[ED25519_PUBKEY_LEN]
Definition: vote_routerstatus_st.h:42
crypto_digest_algorithm_get_name
const char * crypto_digest_algorithm_get_name(digest_algorithm_t alg)
Definition: crypto_digest.c:44
vote_routerstatus_t
Definition: vote_routerstatus_st.h:18
networkstatus_check_weights
static bw_weights_error_t networkstatus_check_weights(int64_t Wgg, int64_t Wgd, int64_t Wmg, int64_t Wme, int64_t Wmd, int64_t Wee, int64_t Wed, int64_t scale, int64_t G, int64_t M, int64_t E, int64_t D, int64_t T, int64_t margin, int do_balance)
Definition: dirvote.c:1020
directory.h
Header file for directory.c.
dircollator_add_vote
void dircollator_add_vote(dircollator_t *dc, networkstatus_t *v)
Definition: dircollate.c:194
crypto_pk_get_digest
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
routerstatus_t::or_port
uint16_t or_port
Definition: routerstatus_st.h:33
routerstatus_t::published_on
time_t published_on
Definition: routerstatus_st.h:24
tor_digest_is_zero
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96
cached_dir_st.h
Cached large directory object structure.
consensus_method_range_t
Definition: dirvote.c:3952
nodefamily_canonicalize
char * nodefamily_canonicalize(const char *s, const uint8_t *rsa_id_self, unsigned flags)
Definition: nodefamily.c:111
protover_compute_vote
char * protover_compute_vote(const smartlist_t *list_of_proto_strings, int threshold)
Definition: protover.c:671
authority_cert_st.h
Authority certificate structure.
legacy_signing_key
static crypto_pk_t * legacy_signing_key
Definition: router.c:129
signed_descriptor_t::signed_descriptor_digest
char signed_descriptor_digest[DIGEST_LEN]
Definition: signed_descriptor_st.h:29
routerstatus_t::bw_is_unmeasured
unsigned int bw_is_unmeasured
Definition: routerstatus_st.h:64
vote_timing_t
Definition: vote_timing_st.h:16
escaped
const char * escaped(const char *s)
Definition: escape.c:126
dirvote_clear_pending_consensuses
static void dirvote_clear_pending_consensuses(void)
Definition: dirvote.c:3054
routerinfo_t::addr
uint32_t addr
Definition: routerinfo_st.h:24
strcmpstart
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:206
networkstatus_t::sr_info
networkstatus_sr_info_t sr_info
Definition: networkstatus_st.h:103
networkstatus_voter_info_st.h
Single consensus voter structure.
DIR_PURPOSE_FETCH_STATUS_VOTE
#define DIR_PURPOSE_FETCH_STATUS_VOTE
Definition: directory.h:50
microdesc_st.h
Microdescriptor structure.
routerinfo_t::exit_policy
smartlist_t * exit_policy
Definition: routerinfo_st.h:58
routerlist_st.h
Router descriptor list structure.
get_possible_sybil_list
static digestmap_t * get_possible_sybil_list(const smartlist_t *routers)
Definition: dirvote.c:4266
authmode.h
Header file for directory authority mode.
sr_commit_t
Definition: shared_random.h:70
vote_routerstatus_find_microdesc_hash
static int vote_routerstatus_find_microdesc_hash(char *digest256_out, const vote_routerstatus_t *vrs, int method, digest_algorithm_t alg)
Definition: dirvote.c:479
nodelist.h
Header file for nodelist.c.
compute_routerstatus_consensus
static vote_routerstatus_t * compute_routerstatus_consensus(smartlist_t *votes, int consensus_method, char *microdesc_digest256_out, tor_addr_port_t *best_alt_orport_out)
Definition: dirvote.c:668
dirauth_options_t::RecommendedClientVersions
LINELIST RecommendedClientVersions
Definition: dirauth_options.inc:63
routerlist.h
Header file for routerlist.c.
vote_routerstatus_t::has_measured_bw
unsigned int has_measured_bw
Definition: vote_routerstatus_st.h:30
dircollator_new
dircollator_t * dircollator_new(int n_votes, int n_authorities)
Definition: dircollate.c:149
get_most_frequent_member
#define get_most_frequent_member(lst)
Definition: dirvote.c:592
networkstatus_voter_info_t
Definition: networkstatus_voter_info_st.h:16
routerstatus_t::has_exitsummary
unsigned int has_exitsummary
Definition: routerstatus_st.h:63
dirauth_options_t
Definition: dirauth_options.inc:13
microdesc_vote_line_t
Definition: dirvote.c:3965
N_COMMON_DIGEST_ALGORITHMS
#define N_COMMON_DIGEST_ALGORITHMS
Definition: crypto_digest.h:58
common_digests_t::d
char d[N_COMMON_DIGEST_ALGORITHMS][DIGEST256_LEN]
Definition: crypto_digest.h:89
networkstatus_voter_info_t::sigs
smartlist_t * sigs
Definition: networkstatus_voter_info_st.h:32
new_cached_dir
cached_dir_t * new_cached_dir(char *s, time_t published)
Definition: dirserv.c:135
routerinfo_t::declared_family
smartlist_t * declared_family
Definition: routerinfo_st.h:64
dirvote_add_signatures_to_all_pending_consensuses
static int dirvote_add_signatures_to_all_pending_consensuses(const char *detached_signatures_body, const char *source, const char **msg_out)
Definition: dirvote.c:3611
policy_summarize
char * policy_summarize(smartlist_t *policy, sa_family_t family)
Definition: policies.c:2623
smartlist_contains_string
int smartlist_contains_string(const smartlist_t *sl, const char *element)
Definition: smartlist.c:93
routerinfo_st.h
Router descriptor structure.
ROUTER_MAX_AGE_TO_PUBLISH
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:161
DIGEST256_LEN
#define DIGEST256_LEN
Definition: digest_sizes.h:23
dir_server_t
Definition: dir_server_st.h:21
MIN_SUPPORTED_CONSENSUS_METHOD
#define MIN_SUPPORTED_CONSENSUS_METHOD
Definition: dirvote.h:53
cached_dir_t
Definition: cached_dir_st.h:17
networkstatus_t::routerstatus_list
smartlist_t * routerstatus_list
Definition: networkstatus_st.h:96
document_signature_st.h
Authority signature structure.
networkstatus_t::cert
struct authority_cert_t * cert
Definition: networkstatus_st.h:85
authority_cert_t
Definition: authority_cert_st.h:19
ns_detached_signatures_st.h
Detached consensus signatures structure.
nodefamily.h
Header file for nodefamily.c.
guardfraction_bandwidth_t::guard_bw
int guard_bw
Definition: entrynodes.h:627
digest256_from_base64
int digest256_from_base64(char *digest, const char *d64)
Definition: crypto_format.c:311
vote_timing_t::vote_interval
int vote_interval
Definition: vote_timing_st.h:19
bwauth.h
Header file for bwauth.c.
routerstatus_t::is_stable
unsigned int is_stable
Definition: routerstatus_st.h:39
compare_vote_rs
static int compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b)
Definition: dirvote.c:599
or_options_t::GuardfractionFile
char * GuardfractionFile
Definition: or_options_st.h:682
dirserv_compute_performance_thresholds
void dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
Definition: voteflags.c:239
smartlist_uniq_strings
void smartlist_uniq_strings(smartlist_t *sl)
Definition: smartlist.c:574
LOG_INFO
#define LOG_INFO
Definition: log.h:45
compare_vote_rs_
static int compare_vote_rs_(const void **_a, const void **_b)
Definition: dirvote.c:641
HEX_DIGEST256_LEN
#define HEX_DIGEST256_LEN
Definition: crypto_digest.h:37
or_options_t::V3AuthUseLegacyKey
int V3AuthUseLegacyKey
Definition: or_options_st.h:676
cached_dir_decref
void cached_dir_decref(cached_dir_t *d)
Definition: dirserv.c:124
get_options
const or_options_t * get_options(void)
Definition: config.c:925
routerstatus_t::is_exit
unsigned int is_exit
Definition: routerstatus_st.h:38
ns_parse.h
Header file for ns_parse.c.
guardfraction.h
Header file for guardfraction.c.
protover_all_supported
int protover_all_supported(const char *s, char **missing_out)
Definition: protover.c:748
routerstatus_t::descriptor_digest
char descriptor_digest[DIGEST256_LEN]
Definition: routerstatus_st.h:31
tor_version_st.h
Parsed Tor version structure.
validate_recommended_package_line
int validate_recommended_package_line(const char *line)
Definition: recommend_pkg.c:38
router_get_advertised_bandwidth
uint32_t router_get_advertised_bandwidth(const routerinfo_t *router)
Definition: routerlist.c:558
rep_hist_make_router_pessimal
void rep_hist_make_router_pessimal(const char *id, time_t when)
Definition: rephist.c:368
recommend_pkg.h
Header file for recommend_pkg.c.
networkstatus_t::dist_seconds
int dist_seconds
Definition: networkstatus_st.h:52
fmt_addrport
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
Definition: address.c:1190
N_CONSENSUS_FLAVORS
#define N_CONSENSUS_FLAVORS
Definition: or.h:873
dirauth_set_routerstatus_from_routerinfo
void dirauth_set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits)
Definition: voteflags.c:564
MIN_VOTE_SECONDS
#define MIN_VOTE_SECONDS
Definition: dirvote.h:27
compare_votes_by_authority_id_
static int compare_votes_by_authority_id_(const void **_a, const void **_b)
Definition: dirvote.c:546
routerinfo_t::onion_pkey
char * onion_pkey
Definition: routerinfo_st.h:36
write_short_policy
char * write_short_policy(const short_policy_t *policy)
Definition: policies.c:2836
smartlist_clear
void smartlist_clear(smartlist_t *sl)
Definition: smartlist_core.c:50
cmp_int_strings_
static int cmp_int_strings_(const void **_a, const void **_b)
Definition: dirvote.c:765
dirserv_get_bandwidth_for_router_kb
static uint32_t dirserv_get_bandwidth_for_router_kb(const routerinfo_t *ri)
Definition: dirvote.c:4173
compare_routerinfo_by_ip_and_bw_
static int compare_routerinfo_by_ip_and_bw_(const void **a, const void **b)
Definition: dirvote.c:4208
networkstatus_parse_vote_from_string
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Definition: ns_parse.c:1069
resolve_addr.h
Header file for resolve_addr.c.
smartlist_sort_strings
void smartlist_sort_strings(smartlist_t *sl)
Definition: smartlist.c:549
routerstatus_t::guardfraction_percentage
uint32_t guardfraction_percentage
Definition: routerstatus_st.h:76
signing.h
Header file for signing.c.
authority_cert_t::cache_info
signed_descriptor_t cache_info
Definition: authority_cert_st.h:21
tor_digest256_is_zero
int tor_digest256_is_zero(const char *digest)
Definition: util_string.c:103
MAX_SUPPORTED_CONSENSUS_METHOD
#define MAX_SUPPORTED_CONSENSUS_METHOD
Definition: dirvote.h:56
clear_status_flags_on_sybil
static void clear_status_flags_on_sybil(routerstatus_t *rs)
Definition: dirvote.c:4423
signed_descriptor_t::signing_key_cert
struct tor_cert_st * signing_key_cert
Definition: signed_descriptor_st.h:39
networkstatus_compute_bw_weights_v10
int networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, int64_t M, int64_t E, int64_t D, int64_t T, int64_t weight_scale)
Definition: dirvote.c:1089
sort_version_list
void sort_version_list(smartlist_t *versions, int remove_duplicates)
Definition: versions.c:391
networkstatus_voter_info_t::nickname
char * nickname
Definition: networkstatus_voter_info_st.h:19
trusteddirserver_get_by_v3_auth_digest
dir_server_t * trusteddirserver_get_by_v3_auth_digest(const char *digest)
Definition: dirlist.c:199
cached_dir_t::dir_len
size_t dir_len
Definition: cached_dir_st.h:20
networkstatus_t::recommended_relay_protocols
char * recommended_relay_protocols
Definition: networkstatus_st.h:63
voting_schedule.h
Header file for voting_schedule.c.
tor_addr_port_new
tor_addr_port_t * tor_addr_port_new(const tor_addr_t *addr, uint16_t port)
Definition: address.c:2048
dirserv_clear_measured_bw_cache
void dirserv_clear_measured_bw_cache(void)
Definition: bwauth.c:103
networkstatus_voter_info_t::address
char * address
Definition: networkstatus_voter_info_st.h:23
get_microdesc_cache
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:250
dirserv_get_measured_bw_cache_size
int dirserv_get_measured_bw_cache_size(void)
Definition: bwauth.c:166
NS_V3_CONSENSUS
@ NS_V3_CONSENSUS
Definition: fmt_routerstatus.h:21
compute_nth_protocol_set
static char * compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes)
Definition: dirvote.c:1431
microdescs_add_list_to_cache
smartlist_t * microdescs_add_list_to_cache(microdesc_cache_t *cache, smartlist_t *descriptors, saved_location_t where, int no_save)
Definition: microdesc.c:382
confline.h
Header for confline.c.
get_detached_signatures_from_pending_consensuses
static char * get_detached_signatures_from_pending_consensuses(pending_consensus_t *pending, int n_flavors)
Definition: dirvote.c:2819
MAX_BW_FILE_HEADERS_LINE_LEN
#define MAX_BW_FILE_HEADERS_LINE_LEN
Definition: dirvote.h:75
V3_DIRINFO
@ V3_DIRINFO
Definition: or.h:894
networkstatus_t::valid_after
time_t valid_after
Definition: networkstatus_st.h:33
dirserv.h
Header file for dirserv.c.
parsecommon.h
Header file for parsecommon.c.
fmt_addr32
const char * fmt_addr32(uint32_t addr)
Definition: address.c:1201
tor_addr_is_null
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:771
crypto_pk_get_fingerprint
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
DEFAULT_MAX_UNMEASURED_BW_KB
#define DEFAULT_MAX_UNMEASURED_BW_KB
Definition: dirvote.h:67
document_signature_t::bad_signature
unsigned int bad_signature
Definition: document_signature_st.h:27
authority_cert_t::signing_key_digest
char signing_key_digest[DIGEST_LEN]
Definition: authority_cert_st.h:27
dirclient.h
Header file for dirclient.c.
strmap_get_lc
void * strmap_get_lc(const strmap_t *map, const char *key)
Definition: map.c:360
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
dirvote_create_microdescriptor
STATIC microdesc_t * dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
Definition: dirvote.c:3825
dirvote_free_all
void dirvote_free_all(void)
Definition: dirvote.c:3732
vote_routerstatus_t::protocols
char * protocols
Definition: vote_routerstatus_st.h:28
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
or_options_t::V3BandwidthsFile
char * V3BandwidthsFile
Definition: or_options_st.h:679
networkstatus_add_detached_signatures
STATIC int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out)
Definition: dirvote.c:2538
crypto_pk_t
Definition: crypto_rsa_nss.c:36
protover_compute_for_old_tor
const char * protover_compute_for_old_tor(const char *version)
C_RUST_COUPLED: src/rust/protover/protover.rs compute_for_old_tor
Definition: protover.c:902
routerstatus_t::bandwidth_kb
uint32_t bandwidth_kb
Definition: routerstatus_st.h:70
SMARTLIST_DEL_CURRENT
#define SMARTLIST_DEL_CURRENT(sl, var)
Definition: smartlist_foreach.h:120
get_frequent_members
static void get_frequent_members(smartlist_t *out, smartlist_t *in, int min)
Definition: dirvote.c:572
dirserv_read_measured_bandwidths
int dirserv_read_measured_bandwidths(const char *from_file, smartlist_t *routerstatuses, smartlist_t *bw_file_headers, uint8_t *digest_out)
Definition: bwauth.c:232
compare_dir_src_ents_by_authority_id_
static int compare_dir_src_ents_by_authority_id_(const void **_a, const void **_b)
Definition: dirvote.c:557
or_options_t::ContactInfo
char * ContactInfo
Definition: or_options_st.h:393
router_get_routerlist
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:810
fast_memcmp
#define fast_memcmp(a, b, c)
Definition: di_ops.h:28
dirvote_compute_params
STATIC smartlist_t * dirvote_compute_params(smartlist_t *votes, int method, int total_authorities)
Definition: dirvote.c:913
HEX_DIGEST_LEN
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
networkstatus_set_current_consensus
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
Definition: networkstatus.c:1889
LOG_WARN
#define LOG_WARN
Definition: log.h:53
node_st.h
Node information structure.
routerstatus_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerstatus_st.h:35
routers_make_ed_keys_unique
static void routers_make_ed_keys_unique(smartlist_t *routers)
Definition: dirvote.c:4374
networkstatus_voter_info_t::vote_digest
char vote_digest[DIGEST_LEN]
Definition: networkstatus_voter_info_st.h:28
or_options_t::Nickname
char * Nickname
Definition: or_options_st.h:73
DIRVOTE_UNIVERSAL_FLAGS
const char DIRVOTE_UNIVERSAL_FLAGS[]
Definition: dirvote.c:4434
crypto_pk_write_public_key_to_string
int crypto_pk_write_public_key_to_string(crypto_pk_t *env, char **dest, size_t *len)
Definition: crypto_rsa.c:466
vote_routerstatus_t::status
routerstatus_t status
Definition: vote_routerstatus_st.h:19
find_opt_by_keyword
directory_token_t * find_opt_by_keyword(const smartlist_t *s, directory_keyword keyword)
Definition: parsecommon.c:457
policies.h
Header file for policies.c.
order.h
Header for order.c.
update_consensus_router_descriptor_downloads
void update_consensus_router_descriptor_downloads(time_t now, int is_vote, networkstatus_t *consensus)
Definition: routerlist.c:2530
ns_detached_signatures_t::signatures
strmap_t * signatures
Definition: ns_detached_signatures_st.h:22
dirauth_options_t::AuthDirMaxServersPerAddr
POSINT AuthDirMaxServersPerAddr
Definition: dirauth_options.inc:31
consensus_method_is_supported
static int consensus_method_is_supported(int method)
Definition: dirvote.c:819
format_recommended_version_list
char * format_recommended_version_list(const config_line_t *ln, int warn)
Definition: dirvote.c:4323
NS_V3_CONSENSUS_MICRODESC
@ NS_V3_CONSENSUS_MICRODESC
Definition: fmt_routerstatus.h:27
dir_src_ent_t
Definition: dirvote.c:537
networkstatus_voter_info_t::legacy_id_digest
char legacy_id_digest[DIGEST_LEN]
Definition: networkstatus_voter_info_st.h:22
tor_parse_ulong
unsigned long tor_parse_ulong(const char *s, int base, unsigned long min, unsigned long max, int *ok, char **next)
Definition: parse_int.c:78
directory_get_from_all_authorities
void directory_get_from_all_authorities(uint8_t dir_purpose, uint8_t router_purpose, const char *resource)
Definition: dirclient.c:588
MIN_VOTES_FOR_PARAM
#define MIN_VOTES_FOR_PARAM
Definition: dirvote.c:907
config_line_t
Definition: confline.h:29
directory_post_to_dirservers
void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose, dirinfo_type_t type, const char *payload, size_t payload_len, size_t extrainfo_len)
Definition: dirclient.c:237
config.h
Header file for config.c.
vote_microdesc_hash_t::next
struct vote_microdesc_hash_t * next
Definition: vote_microdesc_hash_st.h:20
update_total_bandwidth_weights
static void update_total_bandwidth_weights(const routerstatus_t *rs, int is_exit, int is_guard, int64_t *G, int64_t *M, int64_t *E, int64_t *D, int64_t *T)
Definition: dirvote.c:1329
dirvote_add_signatures_to_pending_consensus
static int dirvote_add_signatures_to_pending_consensus(pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out)
Definition: dirvote.c:3526
LD_DIRSERV
#define LD_DIRSERV
Definition: log.h:90
routerstatus_t::dir_port
uint16_t dir_port
Definition: routerstatus_st.h:34
dirvote_format_all_microdesc_vote_lines
vote_microdesc_hash_t * dirvote_format_all_microdesc_vote_lines(const routerinfo_t *ri, time_t now, smartlist_t *microdescriptors_out)
Definition: dirvote.c:3976
get_my_v3_legacy_signing_key
crypto_pk_t * get_my_v3_legacy_signing_key(void)
Definition: router.c:457
router_get_dirobj_signature
char * router_get_dirobj_signature(const char *digest, size_t digest_len, const crypto_pk_t *private_key)
Definition: signing.c:22
dirvote_perform_vote
static int dirvote_perform_vote(void)
Definition: dirvote.c:2943
dircollator_collate
void dircollator_collate(dircollator_t *dc, int consensus_method)
Definition: dircollate.c:211
DIRVOTE_OPTIONAL_FLAGS
const char DIRVOTE_OPTIONAL_FLAGS[]
Definition: dirvote.c:4446
router_get_advertised_or_port
uint16_t router_get_advertised_or_port(const or_options_t *options)
Definition: router.c:1427
dirvote_get_intermediate_param_value
STATIC int32_t dirvote_get_intermediate_param_value(const smartlist_t *param_list, const char *keyword, int32_t default_val)
Definition: dirvote.c:877
or_options_t::V3AuthVoteDelay
int V3AuthVoteDelay
Definition: or_options_st.h:668
smartlist_add_asprintf
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
networkstatus_compute_consensus
STATIC char * networkstatus_compute_consensus(smartlist_t *votes, int total_authorities, crypto_pk_t *identity_key, crypto_pk_t *signing_key, const char *legacy_id_key_digest, crypto_pk_t *legacy_signing_key, consensus_flavor_t flavor)
Definition: dirvote.c:1494
dirauth_sys.h
Header for dirauth_sys.c.
LD_NET
#define LD_NET
Definition: log.h:66
networkstatus_verify_bw_weights
int networkstatus_verify_bw_weights(networkstatus_t *ns, int)
Definition: ns_parse.c:601
tor_log
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:628
smartlist_uniq
void smartlist_uniq(smartlist_t *sl, int(*compare)(const void **a, const void **b), void(*free_fn)(void *a))
Definition: smartlist.c:390
protover_contains_long_protocol_names
bool protover_contains_long_protocol_names(const char *s)
Definition: protover.c:305
format_networkstatus_vote
STATIC char * format_networkstatus_vote(crypto_pk_t *private_signing_key, networkstatus_t *v3_ns)
Definition: dirvote.c:222
signed_descriptor_t::published_on
time_t published_on
Definition: signed_descriptor_st.h:33
MAX_KNOWN_FLAGS_IN_VOTE
#define MAX_KNOWN_FLAGS_IN_VOTE
Definition: vote_routerstatus_st.h:23
vote_routerstatus_t::ed25519_reflects_consensus
unsigned int ed25519_reflects_consensus
Definition: vote_routerstatus_st.h:37
networkstatus_voter_info_t::dir_port
uint16_t dir_port
Definition: networkstatus_voter_info_st.h:25
ROUTER_PURPOSE_GENERAL
#define ROUTER_PURPOSE_GENERAL
Definition: routerinfo_st.h:97
or_options_t
Definition: or_options_st.h:39
authority_cert_t::signing_key
crypto_pk_t * signing_key
Definition: authority_cert_st.h:25
dirvote_get_preferred_voting_intervals
static void dirvote_get_preferred_voting_intervals(vote_timing_t *timing_out)
Definition: dirvote.c:459
dirvote_get_vote
const cached_dir_t * dirvote_get_vote(const char *fp, int flags)
Definition: dirvote.c:3779
pending_consensus_signature_list
static smartlist_t * pending_consensus_signature_list
Definition: dirvote.c:2938
STATIC
#define STATIC
Definition: testsupport.h:32
networkstatus_format_signatures
static char * networkstatus_format_signatures(networkstatus_t *consensus, int for_detached_signatures)
Definition: dirvote.c:2669
digest_to_base64
void digest_to_base64(char *d64, const char *digest)
Definition: crypto_format.c:266
routerstatus_t::is_hs_dir
unsigned int is_hs_dir
Definition: routerstatus_st.h:54
routerstatus_t::ipv6_orport
uint16_t ipv6_orport
Definition: routerstatus_st.h:36
dircollator_get_votes_for_router
vote_routerstatus_t ** dircollator_get_votes_for_router(dircollator_t *dc, int idx)
Definition: dircollate.c:320
routerstatus_format_type_t
routerstatus_format_type_t
Definition: fmt_routerstatus.h:17
signed_descriptor_t::signed_descriptor_body
char * signed_descriptor_body
Definition: signed_descriptor_st.h:22
signed_descriptor_t::signed_descriptor_len
size_t signed_descriptor_len
Definition: signed_descriptor_st.h:26
document_signature_dup
document_signature_t * document_signature_dup(const document_signature_t *sig)
Definition: networkstatus.c:337
networkstatus_t::fresh_until
time_t fresh_until
Definition: networkstatus_st.h:34
digest_algorithm_t
digest_algorithm_t
Definition: crypto_digest.h:44
dirserv_read_guardfraction_file
int dirserv_read_guardfraction_file(const char *fname, smartlist_t *vote_routerstatuses)
Definition: guardfraction.c:319
compute_consensus_package_lines
STATIC char * compute_consensus_package_lines(smartlist_t *votes)
Definition: dirvote.c:2457
LD_DIR
#define LD_DIR
Definition: log.h:88
ns_detached_signatures_t
Definition: ns_detached_signatures_st.h:17
networkstatus_st.h
Networkstatus consensus/vote structure.
smartlist_sort
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
Definition: smartlist.c:334
FINGERPRINT_LEN
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
vote_timing_t::n_intervals_valid
int n_intervals_valid
Definition: vote_timing_st.h:21
routerstatus_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: routerstatus_st.h:27
cached_dir_t::dir
char * dir
Definition: cached_dir_st.h:18
networkstatus_t
Definition: networkstatus_st.h:26
dirvote_compute_consensuses
static int dirvote_compute_consensuses(void)
Definition: dirvote.c:3356
SAVED_NOWHERE
@ SAVED_NOWHERE
Definition: or.h:749
node_t::is_running
unsigned int is_running
Definition: node_st.h:63
smartlist_t
Definition: smartlist_core.h:26
routerinfo_t::omit_from_vote
unsigned int omit_from_vote
Definition: routerinfo_st.h:89
smartlist_remove
void smartlist_remove(smartlist_t *sl, const void *element)
Definition: smartlist_core.c:151
smartlist_join_strings
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
fast_memeq
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
networkstatus_get_voter_by_id
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
Definition: networkstatus.c:428
vote_routerstatus_t::measured_bw_kb
uint32_t measured_bw_kb
Definition: vote_routerstatus_st.h:38
compute_consensus_method
static int compute_consensus_method(smartlist_t *votes)
Definition: dirvote.c:784
networkstatus_t::known_flags
smartlist_t * known_flags
Definition: networkstatus_st.h:70
rephist.h
Header file for rephist.c.
DIGESTMAP_FOREACH
#define DIGESTMAP_FOREACH(map, keyvar, valtype, valvar)
Definition: map.h:154
networkstatus_get_detached_signatures
STATIC char * networkstatus_get_detached_signatures(smartlist_t *consensuses)
Definition: dirvote.c:2730
networkstatus_t::net_params
smartlist_t * net_params
Definition: networkstatus_st.h:74
networkstatus_parse_detached_signatures
ns_detached_signatures_t * networkstatus_parse_detached_signatures(const char *s, const char *eos)
Definition: dsigs_parse.c:67
dirvote_add_signatures
int dirvote_add_signatures(const char *detached_signatures_body, const char *source, const char **msg)
Definition: dirvote.c:3679
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:924
networkstatus_t::vote_seconds
int vote_seconds
Definition: networkstatus_st.h:49
routerinfo_t::onion_curve25519_pkey
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:42
DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
Definition: directory.h:53
NS_V3_VOTE
@ NS_V3_VOTE
Definition: fmt_routerstatus.h:23
vote_microdesc_hash_st.h
Microdescriptor-hash voting strcture.
sr_get_string_for_vote
char * sr_get_string_for_vote(void)
Definition: shared_random.c:1130
routerstatus_t::is_named
unsigned int is_named
Definition: routerstatus_st.h:46
or.h
Master header file for Tor-specific functionality.
find_whitespace
const char * find_whitespace(const char *s)
Definition: util_string.c:344