|
Tor
0.4.7.0-alpha-dev
|
Functions and structures for handling networkstatus documents as a client or as a directory cache. More...
#include "core/or/or.h"#include "app/config/config.h"#include "core/mainloop/connection.h"#include "core/mainloop/mainloop.h"#include "core/mainloop/netstatus.h"#include "core/or/channel.h"#include "core/or/channelpadding.h"#include "core/or/circuitpadding.h"#include "core/or/circuitmux.h"#include "core/or/circuitmux_ewma.h"#include "core/or/circuitstats.h"#include "core/or/connection_edge.h"#include "core/or/connection_or.h"#include "core/or/dos.h"#include "core/or/protover.h"#include "core/or/relay.h"#include "core/or/scheduler.h"#include "core/or/versions.h"#include "feature/client/bridges.h"#include "feature/client/entrynodes.h"#include "feature/client/transports.h"#include "feature/control/control_events.h"#include "feature/dirauth/reachability.h"#include "feature/dircache/consdiffmgr.h"#include "feature/dircache/dirserv.h"#include "feature/dirclient/dirclient.h"#include "feature/dirclient/dirclient_modes.h"#include "feature/dirclient/dlstatus.h"#include "feature/dircommon/directory.h"#include "feature/dirauth/voting_schedule.h"#include "feature/dirparse/ns_parse.h"#include "feature/hibernate/hibernate.h"#include "feature/hs/hs_dos.h"#include "feature/nodelist/authcert.h"#include "feature/nodelist/dirlist.h"#include "feature/nodelist/fmt_routerstatus.h"#include "feature/nodelist/microdesc.h"#include "feature/nodelist/networkstatus.h"#include "feature/nodelist/node_select.h"#include "feature/nodelist/nodelist.h"#include "feature/nodelist/routerinfo.h"#include "feature/nodelist/routerlist.h"#include "feature/nodelist/torcert.h"#include "feature/relay/routermode.h"#include "lib/crypt_ops/crypto_rand.h"#include "lib/crypt_ops/crypto_util.h"#include "feature/dirauth/dirauth_periodic.h"#include "feature/dirauth/dirvote.h"#include "feature/dirauth/authmode.h"#include "feature/dirauth/shared_random.h"#include "feature/dirauth/voteflags.h"#include "feature/nodelist/authority_cert_st.h"#include "feature/dircommon/dir_connection_st.h"#include "feature/dirclient/dir_server_st.h"#include "feature/nodelist/document_signature_st.h"#include "feature/nodelist/networkstatus_st.h"#include "feature/nodelist/networkstatus_voter_info_st.h"#include "feature/dirauth/ns_detached_signatures_st.h"#include "feature/nodelist/node_st.h"#include "feature/nodelist/routerinfo_st.h"#include "feature/nodelist/routerlist_st.h"#include "feature/dirauth/vote_microdesc_hash_st.h"#include "feature/nodelist/vote_routerstatus_st.h"#include "feature/nodelist/routerstatus_st.h"Go to the source code of this file.
Data Structures | |
| struct | consensus_waiting_for_certs_t |
Macros | |
| #define | NETWORKSTATUS_PRIVATE |
| #define | N_CONSENSUS_BOOTSTRAP_SCHEDULES 2 |
| #define | CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0 |
| #define | CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1 |
| #define | NETWORKSTATUS_ALLOW_SKEW (24*60*60) |
| #define | AUTHORITY_NS_CACHE_INTERVAL (10*60) |
| #define | NONAUTHORITY_NS_CACHE_INTERVAL (60*60) |
| #define | DELAY_WHILE_FETCHING_CERTS (20*60) |
| #define | MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60) |
| #define | CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120 |
| #define | REASONABLY_LIVE_TIME (24*60*60) |
| #define | EARLY_CONSENSUS_NOTICE_SKEW 60 |
Variables | |
| STATIC networkstatus_t * | current_ns_consensus = NULL |
| STATIC networkstatus_t * | current_md_consensus = NULL |
| static consensus_waiting_for_certs_t | consensus_waiting_for_certs [N_CONSENSUS_FLAVORS] |
| static time_t | time_to_download_next_consensus [N_CONSENSUS_FLAVORS] |
| static download_status_t | consensus_dl_status [N_CONSENSUS_FLAVORS] |
| static download_status_t | consensus_bootstrap_dl_status [N_CONSENSUS_BOOTSTRAP_SCHEDULES] |
| static int | have_warned_about_old_version = 0 |
| static int | have_warned_about_new_version = 0 |
Functions and structures for handling networkstatus documents as a client or as a directory cache.
A consensus networkstatus object is created by the directory authorities. It authenticates a set of network parameters–most importantly, the list of all the relays in the network. This list of relays is represented as an array of routerstatus_t objects.
There are currently two flavors of consensus. With the older "NS" flavor, each relay is associated with a digest of its router descriptor. Tor instances that use this consensus keep the list of router descriptors as routerinfo_t objects stored and managed in routerlist.c. With the newer "microdesc" flavor, each relay is associated with a digest of the microdescriptor that the authorities made for it. These are stored and managed in microdesc.c. Information about the router is divided between the the networkstatus and the microdescriptor according to the general rule that microdescriptors should hold information that changes much less frequently than the information in the networkstatus.
Modern clients use microdescriptor networkstatuses. Directory caches need to keep both kinds of networkstatus document, so they can serve them.
This module manages fetching, holding, storing, updating, and validating networkstatus objects. The download-and-validate process is slightly complicated by the fact that the keys you need to validate a consensus are stored in the authority certificates, which you might not have yet when you download the consensus.
Definition in file networkstatus.c.
| #define AUTHORITY_NS_CACHE_INTERVAL (10*60) |
How frequently do directory authorities re-download fresh networkstatus documents?
Definition at line 850 of file networkstatus.c.
| #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120 |
How long do we (as a cache) wait after a consensus becomes non-fresh before trying to fetch another?
Definition at line 1136 of file networkstatus.c.
| #define DELAY_WHILE_FETCHING_CERTS (20*60) |
How long will we hang onto a possibly live consensus for which we're fetching certs before we check whether there is a better one?
Definition at line 908 of file networkstatus.c.
| #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60) |
What is the minimum time we need to have waited fetching certs, before we increment the consensus download schedule on failure?
Definition at line 912 of file networkstatus.c.
| #define NETWORKSTATUS_ALLOW_SKEW (24*60*60) |
How far in the future do we allow a network-status to get before removing it? (seconds)
Definition at line 691 of file networkstatus.c.
| #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60) |
How frequently do non-authority directory caches re-download fresh networkstatus documents?
Definition at line 854 of file networkstatus.c.
| int client_would_use_router | ( | const routerstatus_t * | rs, |
| time_t | now | ||
| ) |
Return 0 if this routerstatus is obsolete, too new, isn't running, or otherwise not a descriptor that we would make any use of even if we had it. Else return 1.
Definition at line 2607 of file networkstatus.c.
| int compare_digest_to_routerstatus_entry | ( | const void * | _key, |
| const void ** | _member | ||
| ) |
Helper for bsearching a list of routerstatus_t pointers: compare a digest in the key to the identity digest of a routerstatus_t.
Definition at line 696 of file networkstatus.c.
Referenced by networkstatus_vote_find_entry_idx(), networkstatus_vote_find_mutable_entry(), and router_get_mutable_consensus_status_by_id().
| int compare_digest_to_vote_routerstatus_entry | ( | const void * | _key, |
| const void ** | _member | ||
| ) |
Helper for bsearching a list of routerstatus_t pointers: compare a digest in the key to the identity digest of a routerstatus_t.
Definition at line 706 of file networkstatus.c.
Referenced by measured_bw_line_apply().
| int consensus_is_waiting_for_certs | ( | void | ) |
Return 1 if we have a consensus but we don't have enough certificates to start using it yet.
Definition at line 1335 of file networkstatus.c.
Referenced by networkstatus_consensus_is_bootstrapping().
| document_signature_t* document_signature_dup | ( | const document_signature_t * | sig | ) |
Return a newly allocated copy of sig
Definition at line 337 of file networkstatus.c.
| void document_signature_free_ | ( | document_signature_t * | sig | ) |
Free all storage held in sig
Definition at line 329 of file networkstatus.c.
|
static |
Search through a smartlist of "key=int32" strings for a value beginning with "param_name=". If one is found, clip it to be between min_val and max_val inclusive and return it. If one is not found, return default_val.
Definition at line 2454 of file networkstatus.c.
Referenced by networkstatus_get_bw_weight(), and networkstatus_get_param().
| int getinfo_helper_networkstatus | ( | control_connection_t * | conn, |
| const char * | question, | ||
| char ** | answer, | ||
| const char ** | errmsg | ||
| ) |
If question is a string beginning with "ns/" in a format the control interface expects for a GETINFO question, set *answer to a newly-allocated string containing networkstatus lines for the appropriate ORs. Return 0 on success, -1 on unrecognized question format.
Definition at line 2632 of file networkstatus.c.
|
static |
Called when we have received a networkstatus c. If there are any required protocols we are missing, log an error and exit immediately. If there are any recommended protocols we are missing, warn.
Definition at line 1832 of file networkstatus.c.
|
static |
Helper for handle_missing_protocol_warning: handles either the client case (if is_client is set) or the server case otherwise.
Definition at line 1806 of file networkstatus.c.
Referenced by handle_missing_protocol_warning().
| int networkstatus_check_consensus_signature | ( | networkstatus_t * | consensus, |
| int | warn | ||
| ) |
Given a v3 networkstatus consensus in consensus, check every as-yet-unchecked signature on consensus. Return 1 if there is a signature from every recognized authority on it, 0 if there are enough good signatures from recognized authorities on it, -1 if we might get enough good signatures by fetching missing certificates, and -2 otherwise. Log messages at INFO or WARN: if warn is over 1, warn about every problem; if warn is at least 1, warn only if we can't get enough signatures; if warn is negative, log nothing at all.
Definition at line 511 of file networkstatus.c.
Referenced by networkstatus_note_certs_arrived().
| int networkstatus_check_document_signature | ( | const networkstatus_t * | consensus, |
| document_signature_t * | sig, | ||
| const authority_cert_t * | cert | ||
| ) |
Check whether the signature sig is correctly signed with the signing key in cert. Return -1 if cert doesn't match the signing key; otherwise set the good_signature or bad_signature flag on voter, and return 0.
Definition at line 458 of file networkstatus.c.
|
static |
Check whether the networkstatus ns lists any protocol versions as "required" or "recommended" that we do not support. If so, set *warning_out to a newly allocated string describing the problem.
Return 1 if we should exit, 0 if we should not.
Definition at line 2715 of file networkstatus.c.
Referenced by handle_missing_protocol_warning_impl().
| int networkstatus_consensus_can_use_extra_fallbacks | ( | const or_options_t * | options | ) |
Check if we can use fallback directory mirrors for a consensus download. If we have fallbacks and don't want to fetch from the authorities, we can use them.
Definition at line 1533 of file networkstatus.c.
Referenced by update_consensus_bootstrap_multiple_downloads().
| int networkstatus_consensus_can_use_multiple_directories | ( | const or_options_t * | options | ) |
Check if we can use multiple directories for a consensus download. Only clients (including bridge relays, which act like clients) benefit from multiple simultaneous consensus downloads.
Definition at line 1522 of file networkstatus.c.
Referenced by update_consensus_bootstrap_multiple_downloads(), and update_consensus_networkstatus_downloads().
| void networkstatus_consensus_download_failed | ( | int | status_code, |
| const char * | flavname | ||
| ) |
Called when an attempt to download a consensus fails: note that the failure occurred, and possibly retry.
Definition at line 1122 of file networkstatus.c.
Referenced by handle_response_fetch_consensus().
| int networkstatus_consensus_is_bootstrapping | ( | time_t | now | ) |
Check if we need to download a consensus during tor's bootstrap phase. If we have no consensus, or our consensus is unusably old, return 1. As soon as we have received a consensus, return 0, even if we don't have enough certificates to validate it. If a fallback directory gives us a consensus we can never get certs for, check_consensus_waiting_for_certs() will wait 20 minutes before failing the cert downloads. After that, a new consensus will be fetched from a randomly chosen fallback.
Definition at line 1497 of file networkstatus.c.
Referenced by fetch_networkstatus_callback(), networkstatus_get_dl_status_by_flavor(), and update_consensus_networkstatus_downloads().
| int networkstatus_consensus_reasonably_live | ( | const networkstatus_t * | consensus, |
| time_t | now | ||
| ) |
Determine if consensus is valid, or expired recently enough, or not too far in the future, so that we can still use it.
Return 1 if the consensus is reasonably live, or 0 if it is too old or too new.
Definition at line 1440 of file networkstatus.c.
Referenced by check_expired_networkstatus_callback(), and networkstatus_get_reasonably_live_consensus().
|
static |
Copy all the ancillary information (like router download status and so on) from old_c to new_c.
Definition at line 1707 of file networkstatus.c.
| void networkstatus_free_all | ( | void | ) |
Free all storage held locally in this module.
Definition at line 2770 of file networkstatus.c.
| int32_t networkstatus_get_bw_weight | ( | networkstatus_t * | ns, |
| const char * | weight_name, | ||
| int32_t | default_val | ||
| ) |
Return the value of a integer bw weight parameter from the networkstatus ns whose name is weight_name. If ns is NULL, try loading the latest consensus ourselves. Return default_val if no latest consensus, or if it has no parameter called weight_name.
Definition at line 2551 of file networkstatus.c.
Referenced by networkstatus_verify_bw_weights().
| char* networkstatus_get_cache_fname | ( | int | flav, |
| const char * | flavorname, | ||
| int | unverified_consensus | ||
| ) |
Return the filename used to cache the consensus of a given flavor
Definition at line 224 of file networkstatus.c.
Referenced by networkstatus_map_cached_consensus_impl(), and networkstatus_note_certs_arrived().
| download_status_t* networkstatus_get_dl_status_by_flavor | ( | consensus_flavor_t | flavor | ) |
Look up the currently active (depending on bootstrap status) download status for this consensus flavor and return a pointer to it.
Definition at line 1345 of file networkstatus.c.
Referenced by getinfo_helper_downloads_networkstatus().
| download_status_t* networkstatus_get_dl_status_by_flavor_bootstrap | ( | consensus_flavor_t | flavor | ) |
Look up the bootstrap download status for this consensus flavor and return a pointer to it.
Definition at line 1362 of file networkstatus.c.
| download_status_t* networkstatus_get_dl_status_by_flavor_running | ( | consensus_flavor_t | flavor | ) |
Look up the running (non-bootstrap) download status for this consensus flavor and return a pointer to it.
Definition at line 1376 of file networkstatus.c.
| const char* networkstatus_get_flavor_name | ( | consensus_flavor_t | flav | ) |
Return the name of the consensus flavor flav as used to identify the flavor in directory documents.
Definition at line 2577 of file networkstatus.c.
Referenced by consdiffmgr_consensus_load(), consdiffmgr_rescan_flavor_(), consensus_compress_worker_threadfn(), dirvote_add_signatures_to_pending_consensus(), getinfo_helper_current_consensus(), networkstatus_format_signatures(), networkstatus_note_certs_arrived(), update_consensus_bootstrap_attempt_downloads(), update_consensus_networkstatus_downloads(), and update_consensus_networkstatus_fetch_time_impl().
| networkstatus_t* networkstatus_get_latest_consensus | ( | void | ) |
Return the most recent consensus that we have downloaded, or NULL if we don't have one. May return future or expired consensuses.
Definition at line 1390 of file networkstatus.c.
Referenced by check_expired_networkstatus_callback(), networkstatus_get_bw_weight(), networkstatus_get_live_consensus(), networkstatus_get_param(), nodelist_assert_ok(), router_get_mutable_consensus_status_by_descriptor_digest(), router_get_mutable_consensus_status_by_id(), routerlist_remove_old_routers(), sr_get_current_for_control(), sr_get_previous_for_control(), and update_router_have_minimum_dir_info().
| networkstatus_t* networkstatus_get_latest_consensus_by_flavor | ( | consensus_flavor_t | f | ) |
Return the latest consensus we have whose flavor matches f, or NULL if we don't have one. May return future or expired consensuses.
Definition at line 1401 of file networkstatus.c.
Referenced by digest_list_contains_best_consensus(), dir_microdesc_download_failed(), networkstatus_get_reasonably_live_consensus(), nodelist_add_microdesc(), router_add_to_routerlist(), signed_desc_digest_is_recognized(), update_consensus_networkstatus_downloads(), and update_consensus_networkstatus_fetch_time_impl().
| networkstatus_t* networkstatus_get_live_consensus | ( | time_t | now | ) |
Return the most recent consensus that we have downloaded, or NULL if it is no longer live.
Definition at line 1416 of file networkstatus.c.
Referenced by mark_my_descriptor_dirty_if_too_old().
| int32_t networkstatus_get_overridable_param | ( | const networkstatus_t * | ns, |
| int32_t | torrc_value, | ||
| const char * | param_name, | ||
| int32_t | default_val, | ||
| int32_t | min_val, | ||
| int32_t | max_val | ||
| ) |
As networkstatus_get_param(), but check torrc_value before checking the consensus. If torrc_value is in-range, then return it instead of the value from the consensus.
Definition at line 2518 of file networkstatus.c.
| int32_t networkstatus_get_param | ( | const networkstatus_t * | ns, |
| const char * | param_name, | ||
| int32_t | default_val, | ||
| int32_t | min_val, | ||
| int32_t | max_val | ||
| ) |
Return the value of a integer parameter from the networkstatus ns whose name is param_name. If ns is NULL, try loading the latest consensus ourselves. Return default_val if no latest consensus, or if it has no parameter called param_name. Make sure the value parsed from the consensus is at least min_val and at most max_val and raise/cap the parsed value if necessary.
Definition at line 2500 of file networkstatus.c.
Referenced by channelpadding_new_consensus_params(), circpad_new_consensus_params(), circuit_build_times_close_quantile(), circuit_build_times_default_num_xm_modes(), circuit_build_times_initial_timeout(), circuit_build_times_max_timeouts(), circuit_build_times_min_circs_to_observe(), circuit_build_times_min_timeout(), circuit_build_times_quantile_cutoff(), circuit_build_times_recent_circuit_count(), circuit_build_times_test_frequency(), circuit_initial_package_window(), connection_or_update_token_buckets_helper(), get_extreme_restriction_threshold(), get_frac_paths_needed_for_circs(), get_guard_confirmed_min_lifetime(), get_guard_lifetime(), get_internet_likely_down_interval(), get_intro2_burst_consensus_param(), get_intro2_rate_consensus_param(), get_intro_point_max_introduce2(), get_intro_point_min_introduce2(), get_intro_point_num_extra(), get_max_sample_size_absolute(), get_max_sample_threshold(), get_meaningful_restriction_threshold(), get_min_filtered_sample_size(), get_n_primary_guards(), get_nonprimary_guard_connect_timeout(), get_nonprimary_guard_idle_timeout(), get_onion_key_grace_period(), get_onion_key_rotation_days_(), get_remove_unlisted_guards_after_days(), hs_cache_get_max_descriptor_size(), hs_get_hsdir_n_replicas(), hs_get_hsdir_spread_fetch(), hs_get_hsdir_spread_store(), hs_get_service_max_rend_failures(), network_reentry_is_allowed(), networkstatus_get_overridable_param(), networkstatus_get_weight_scale_param(), num_ntors_per_tap(), pathbias_get_dropguards(), pathbias_get_extreme_rate(), pathbias_get_extreme_use_rate(), pathbias_get_min_circs(), pathbias_get_min_use(), pathbias_get_notice_rate(), pathbias_get_notice_use_rate(), pathbias_get_scale_ratio(), pathbias_get_scale_threshold(), pathbias_get_scale_use_threshold(), pathbias_get_warn_rate(), router_new_consensus_params(), should_apply_guardfraction(), should_include_ed25519_id_extend_cells(), and should_refuse_unknown_exits().
| networkstatus_t* networkstatus_get_reasonably_live_consensus | ( | time_t | now, |
| int | flavor | ||
| ) |
As networkstatus_get_live_consensus(), but is way more tolerant of expired and future consensuses.
Definition at line 1477 of file networkstatus.c.
Referenced by cached_client_descriptor_has_expired(), count_loading_descriptors_progress(), get_voting_interval(), hs_get_responsible_hsdirs(), hs_get_time_period_num(), hs_in_period_between_tp_and_srv(), microdesc_cache_clean(), microdesc_note_outdated_dirserver(), networkstatus_consensus_is_bootstrapping(), reasonably_live_consensus_is_missing(), routers_update_all_from_networkstatus(), should_rotate_descriptors(), sr_get_current(), sr_get_previous(), update_microdesc_downloads(), update_microdescs_from_networkstatus(), update_router_descriptor_downloads(), and update_router_have_minimum_dir_info().
| networkstatus_voter_info_t* networkstatus_get_voter_by_id | ( | networkstatus_t * | vote, |
| const char * | identity | ||
| ) |
Return the voter info from vote for the voter whose identity digest is identity, or NULL if no such voter is associated with vote.
Definition at line 428 of file networkstatus.c.
| document_signature_t* networkstatus_get_voter_sig_by_alg | ( | const networkstatus_voter_info_t * | voter, |
| digest_algorithm_t | alg | ||
| ) |
Return the signature made by voter using the algorithm alg, or NULL if none is found.
Definition at line 442 of file networkstatus.c.
| int networkstatus_get_weight_scale_param | ( | networkstatus_t * | ns | ) |
Retrieve the consensus parameter that governs the fixed-point precision of our network balancing 'bandwidth-weights' (which are themselves integer consensus values). We divide them by this value and ensure they never exceed this value.
Definition at line 2538 of file networkstatus.c.
Referenced by networkstatus_get_bw_weight(), and networkstatus_verify_bw_weights().
| char* networkstatus_getinfo_by_purpose | ( | const char * | purpose_string, |
| time_t | now | ||
| ) |
Alloc and return a string describing routerstatuses for the most recent info of each router we know about that is of purpose purpose_string. Return NULL if unrecognized purpose.
Right now this function is oriented toward listing bridges (you shouldn't use this for general-purpose routers, since those should be listed from the consensus, not from the routers list).
Definition at line 2413 of file networkstatus.c.
| char* networkstatus_getinfo_helper_single | ( | const routerstatus_t * | rs | ) |
Generate networkstatus lines for a single routerstatus_t object, and return the result in a newly allocated string. Used only by controller interface (for now.)
Definition at line 2356 of file networkstatus.c.
| int networkstatus_is_live | ( | const networkstatus_t * | ns, |
| time_t | now | ||
| ) |
Given a consensus in ns, return true iff currently live and unexpired.
Definition at line 1428 of file networkstatus.c.
Referenced by networkstatus_get_live_consensus().
| tor_mmap_t* networkstatus_map_cached_consensus | ( | const char * | flavorname | ) |
Map the file containing the current cached consensus of flavor flavorname
Definition at line 262 of file networkstatus.c.
Referenced by handle_response_fetch_consensus().
|
static |
Read and return the cached consensus of type flavorname. If unverified is false, get the one we haven't verified. Return NULL if the file isn't there.
Definition at line 247 of file networkstatus.c.
Referenced by networkstatus_map_cached_consensus().
| void networkstatus_note_certs_arrived | ( | const char * | source_dir | ) |
Called when we have gotten more certificates: see whether we can now verify a pending consensus.
If source_dir is non-NULL, it's the identity digest for a directory that we've just successfully retrieved certificates from, so try it first to fetch any missing certificates.
Definition at line 2197 of file networkstatus.c.
| int networkstatus_parse_flavor_name | ( | const char * | flavname | ) |
Return the consensus_flavor_t value for the flavor called flavname, or -1 if the flavor is not recognized.
Definition at line 2593 of file networkstatus.c.
Referenced by networkstatus_consensus_download_failed(), networkstatus_map_cached_consensus(), and networkstatus_set_current_consensus().
| void networkstatus_reset_download_failures | ( | void | ) |
Reset the descriptor download failure count on all networkstatus docs, so that we can retry any long-failed documents immediately.
Definition at line 206 of file networkstatus.c.
| void networkstatus_reset_warnings | ( | void | ) |
Forget that we've warned about anything networkstatus-related, so we will give fresh warnings if the same behavior happens again.
Definition at line 193 of file networkstatus.c.
Referenced by routerlist_reset_warnings().
| int networkstatus_set_current_consensus | ( | const char * | consensus, |
| size_t | consensus_len, | ||
| const char * | flavor, | ||
| unsigned | flags, | ||
| const char * | source_dir | ||
| ) |
Try to replace the current cached v3 networkstatus with the one in consensus. If we don't have enough certificates to validate it, store it in consensus_waiting_for_certs and launch a certificate fetch.
If flags & NSSET_FROM_CACHE, this networkstatus has come from the disk cache. If flags & NSSET_WAS_WAITING_FOR_CERTS, this networkstatus was already received, but we were waiting for certificates on it. If flags & NSSET_DONT_DOWNLOAD_CERTS, do not launch certificate downloads as needed. If flags & NSSET_ACCEPT_OBSOLETE, then we should be willing to take this consensus, even if it comes from many days in the past.
If source_dir is non-NULL, it's the identity digest for a directory that we've just successfully retrieved a consensus or certificates from, so try it first to fetch any missing certificates.
Return 0 on success, <0 on failure. On failure, caller should increment the failure count as appropriate.
We return -1 for mild failures that don't need to be reported to the user, and -2 for more serious problems.
Definition at line 1917 of file networkstatus.c.
| int networkstatus_valid_after_is_reasonably_live | ( | time_t | valid_after, |
| time_t | now | ||
| ) |
As networkstatus_consensus_reasonably_live, but takes a valid_after time, and checks to see if it is in the past, or not too far in the future.
Definition at line 1458 of file networkstatus.c.
| int networkstatus_valid_until_is_reasonably_live | ( | time_t | valid_until, |
| time_t | now | ||
| ) |
As networkstatus_consensus_reasonably_live, but takes a valid_until time, and checks to see if it is in the future, or not too far in the past.
Definition at line 1468 of file networkstatus.c.
| const routerstatus_t* networkstatus_vote_find_entry | ( | networkstatus_t * | ns, |
| const char * | digest | ||
| ) |
Return the entry in ns for the identity digest digest, or NULL if none was found.
Definition at line 725 of file networkstatus.c.
Referenced by mark_my_descriptor_dirty_if_too_old().
| int networkstatus_vote_find_entry_idx | ( | networkstatus_t * | ns, |
| const char * | digest, | ||
| int * | found_out | ||
| ) |
Search the routerstatuses in ns for one whose identity digest is digest. Return value and set *found_out as for smartlist_bsearch_idx().
Definition at line 735 of file networkstatus.c.
| routerstatus_t* networkstatus_vote_find_mutable_entry | ( | networkstatus_t * | ns, |
| const char * | digest | ||
| ) |
As networkstatus_find_entry, but do not return a const pointer
Definition at line 716 of file networkstatus.c.
Referenced by networkstatus_vote_find_entry().
| void networkstatus_vote_free_ | ( | networkstatus_t * | ns | ) |
Free all storage held in ns.
Definition at line 347 of file networkstatus.c.
|
static |
Notify controllers of any router status entries that changed between old_c and new_c.
Definition at line 1623 of file networkstatus.c.
|
static |
Helper: Read the current consensus of type flavor from fname. Flags and return values are as for networkstatus_set_current_consensus().
Definition at line 1769 of file networkstatus.c.
Referenced by networkstatus_note_certs_arrived().
| const routerstatus_t* router_get_consensus_status_by_descriptor_digest | ( | networkstatus_t * | consensus, |
| const char * | digest | ||
| ) |
Return the consensus view of the status of the router whose current descriptor digest in consensus is digest, or NULL if no such router is known.
Definition at line 769 of file networkstatus.c.
Referenced by signed_descs_update_status_from_consensus_networkstatus().
| const routerstatus_t* router_get_consensus_status_by_id | ( | const char * | digest | ) |
Return the consensus view of the status of the router whose identity digest is digest, or NULL if we don't know about any such router.
Definition at line 843 of file networkstatus.c.
Referenced by connection_or_digest_is_known_relay().
| smartlist_t* router_get_descriptor_digests | ( | void | ) |
Return a smartlist of all router descriptor digests in the current consensus
Definition at line 801 of file networkstatus.c.
Referenced by getinfo_helper_downloads_desc().
|
static |
Return a smartlist of all router descriptor digests in a consensus
Definition at line 778 of file networkstatus.c.
Referenced by router_get_descriptor_digests().
| download_status_t* router_get_dl_status_by_descriptor_digest | ( | const char * | d | ) |
Given the digest of a router descriptor, return its current download status, or NULL if the digest is unrecognized.
Definition at line 816 of file networkstatus.c.
Referenced by getinfo_helper_downloads_desc().
| routerstatus_t* router_get_mutable_consensus_status_by_descriptor_digest | ( | networkstatus_t * | consensus, |
| const char * | digest | ||
| ) |
As router_get_consensus_status_by_descriptor_digest, but does not return a const pointer.
Definition at line 748 of file networkstatus.c.
Referenced by router_get_consensus_status_by_descriptor_digest(), and router_get_dl_status_by_descriptor_digest().
| routerstatus_t* router_get_mutable_consensus_status_by_id | ( | const char * | digest | ) |
As router_get_consensus_status_by_id, but do not return a const pointer
Definition at line 830 of file networkstatus.c.
Referenced by mark_all_dirservers_up(), and router_get_consensus_status_by_id().
| int router_reload_consensus_networkstatus | ( | void | ) |
Read every cached v3 consensus networkstatus from the disk.
Definition at line 272 of file networkstatus.c.
| void routers_update_all_from_networkstatus | ( | time_t | now, |
| int | dir_version | ||
| ) |
If the network-status list has changed since the last time we called this function, update the status of every routerinfo from the network-status list. If dir_version is 2, it's a v2 networkstatus that changed. If dir_version is 3, it's a v3 consensus that changed.
Definition at line 2220 of file networkstatus.c.
| void routers_update_status_from_consensus_networkstatus | ( | smartlist_t * | routers, |
| int | reset_failures | ||
| ) |
Given a list routers of routerinfo_t *, update each status field according to our current consensus networkstatus. May re-order routers.
Definition at line 2284 of file networkstatus.c.
Referenced by router_load_routers_from_string().
| void routerstatus_free_ | ( | routerstatus_t * | rs | ) |
Free all storage held by the routerstatus object rs.
Definition at line 319 of file networkstatus.c.
| STATIC int routerstatus_has_visibly_changed | ( | const routerstatus_t * | a, |
| const routerstatus_t * | b | ||
| ) |
Given two router status entries for the same router identity, return 1 if the contents have changed between them. Otherwise, return 0. It only checks for fields that are output by control port. This should be kept in sync with the struct routerstatus_t and the printing function routerstatus_format_entry in NS_CONTROL_PORT mode.
Definition at line 1590 of file networkstatus.c.
| void set_routerstatus_from_routerinfo | ( | routerstatus_t * | rs, |
| const node_t * | node, | ||
| const routerinfo_t * | ri | ||
| ) |
Extract status information from ri and from other authority functions and store it in rs. rs is zeroed out before it is set.
We assume that node->is_running has already been set, e.g. by dirserv_set_router_is_running(ri, now);
Definition at line 2371 of file networkstatus.c.
Referenced by dirauth_set_routerstatus_from_routerinfo().
| int should_delay_dir_fetches | ( | const or_options_t * | options, |
| const char ** | msg_out | ||
| ) |
Return 1 if there's a reason we shouldn't try any directory fetches yet (e.g. we demand bridges and none are yet known). Else return 0.
If we return 1 and msg_out is provided, set msg_out to an explanation of why directory fetches are delayed. (If we return 0, we set msg_out to NULL.)
Definition at line 1253 of file networkstatus.c.
Referenced by fetch_networkstatus_callback(), launch_descriptor_fetches_callback(), router_have_minimum_dir_info(), update_all_descriptor_downloads(), update_consensus_networkstatus_downloads(), update_extrainfo_downloads(), update_microdesc_downloads(), update_networkstatus_downloads(), and update_router_descriptor_downloads().
| void signed_descs_update_status_from_consensus_networkstatus | ( | smartlist_t * | descs | ) |
Given a list of signed_descriptor_t, update their fields (mainly, when they were last listed) from the most recent consensus.
Definition at line 2329 of file networkstatus.c.
| void update_certificate_downloads | ( | time_t | now | ) |
Launch requests as appropriate for missing directory authority certificates.
Definition at line 1317 of file networkstatus.c.
|
static |
When we're bootstrapping, launch one or more consensus download connections, if schedule indicates connection(s) should be made after now. If is_authority, connect to an authority, otherwise, use a fallback directory mirror.
Definition at line 1040 of file networkstatus.c.
|
static |
If we're bootstrapping, check the connection schedules and see if we want to make additional, potentially concurrent, consensus download connections. Only call when bootstrapping, and when we want to make additional connections. Only nodes that satisfy networkstatus_consensus_can_use_multiple_directories make additional connections.
Definition at line 1076 of file networkstatus.c.
|
static |
If we want to download a fresh consensus, launch a new download as appropriate.
Check if we're waiting for certificates to download. If we are, launch download for missing directory authority certificates.
Definition at line 951 of file networkstatus.c.
Referenced by networkstatus_consensus_download_failed(), and update_networkstatus_downloads().
| void update_consensus_networkstatus_fetch_time | ( | time_t | now | ) |
Update the time at which we'll consider replacing the current consensus of flavor 'flavor'
Definition at line 1235 of file networkstatus.c.
|
static |
Update the time at which we'll consider replacing the current consensus of flavor flav
Definition at line 1141 of file networkstatus.c.
Referenced by update_consensus_networkstatus_fetch_time().
| void update_networkstatus_downloads | ( | time_t | now | ) |
Launch requests for networkstatus documents as appropriate. This is called when we retry all the connections on a SIGHUP and periodically by a Periodic event which checks whether we want to download any networkstatus documents.
Launch a consensus download request, we will wait for the consensus to download and when it completes we will launch a certificate download request.
Definition at line 1303 of file networkstatus.c.
| void vote_routerstatus_free_ | ( | vote_routerstatus_t * | rs | ) |
Free all storage held by the vote_routerstatus object rs.
Definition at line 301 of file networkstatus.c.
| time_t voting_sched_get_start_of_interval_after | ( | time_t | now, |
| int | interval, | ||
| int | offset | ||
| ) |
Return the start of the next interval of size interval (in seconds) after now, plus offset. Midnight always starts a fresh interval, and if the last interval of a day would be truncated to less than half its size, it is rolled into the previous interval.
Definition at line 2792 of file networkstatus.c.
Referenced by dirauth_sched_get_cur_valid_after_time().
| STATIC void warn_early_consensus | ( | const networkstatus_t * | c, |
| const char * | flavor, | ||
| time_t | now | ||
| ) |
Check whether we received a consensus that appears to be coming from the future. Because we implicitly trust the directory authorities' idea of the current time, we produce a warning if we get an early consensus.
If we got a consensus that is time stamped far in the past, that could simply have come from a stale cache. Possible ways to get a consensus from the future can include:
We neglect highly improbable scenarios that involve actual time travel.
If a consensus appears more than this many seconds before it could possibly be a sufficiently-signed consensus, declare that our clock is skewed.
Definition at line 1862 of file networkstatus.c.
| int we_want_to_fetch_flavor | ( | const or_options_t * | options, |
| int | flavor | ||
| ) |
Return true iff, given the options listed in options, flavor is the flavor of a consensus networkstatus that we would like to fetch.
For certificate fetches, use we_want_to_fetch_unknown_auth_certs, and for serving fetched documents, use directory_caches_dir_info.
Definition at line 862 of file networkstatus.c.
Referenced by update_consensus_networkstatus_downloads(), update_consensus_networkstatus_fetch_time(), and update_consensus_networkstatus_fetch_time_impl().
| int we_want_to_fetch_unknown_auth_certs | ( | const or_options_t * | options | ) |
Return true iff, given the options listed in options, we would like to fetch and store unknown authority certificates.
For consensus and descriptor fetches, use we_want_to_fetch_flavor, and for serving fetched certificates, use directory_caches_unknown_auth_certs.
Definition at line 890 of file networkstatus.c.
|
static |
Definition at line 163 of file networkstatus.c.
|
static |
Download status for the current consensus networkstatus.
Definition at line 144 of file networkstatus.c.
Referenced by networkstatus_consensus_download_failed(), and networkstatus_get_dl_status_by_flavor_running().
|
static |
An array, for each flavor of consensus we might want, of consensuses that we have downloaded, but which we cannot verify due to having insufficient authority certificates.
Definition at line 137 of file networkstatus.c.
Referenced by consensus_is_waiting_for_certs(), networkstatus_note_certs_arrived(), and update_certificate_downloads().
| STATIC networkstatus_t* current_md_consensus = NULL |
Most recently received and validated v3 "microdesc"-flavored consensus network status.
Definition at line 117 of file networkstatus.c.
Referenced by networkstatus_get_latest_consensus(), and update_certificate_downloads().
| STATIC networkstatus_t* current_ns_consensus = NULL |
Most recently received and validated v3 "ns"-flavored consensus network status.
Definition at line 113 of file networkstatus.c.
Referenced by networkstatus_get_latest_consensus(), router_get_descriptor_digests(), router_get_dl_status_by_descriptor_digest(), signed_descs_update_status_from_consensus_networkstatus(), and update_certificate_downloads().
|
static |
True iff we have logged a warning about this OR's version being newer than listed by the authorities.
Definition at line 177 of file networkstatus.c.
Referenced by networkstatus_reset_warnings().
|
static |
True iff we have logged a warning about this OR's version being older than listed by the authorities.
Definition at line 174 of file networkstatus.c.
Referenced by networkstatus_reset_warnings().
|
static |
A time before which we shouldn't try to replace the current consensus: this will be at some point after the next consensus becomes valid, but before the current consensus becomes invalid.
Definition at line 142 of file networkstatus.c.
Referenced by update_consensus_networkstatus_downloads().
1.9.1