tor  0.4.1.0-alpha-dev
networkstatus.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
39 #define NETWORKSTATUS_PRIVATE
40 #include "core/or/or.h"
41 #include "app/config/config.h"
43 #include "core/mainloop/mainloop.h"
44 #include "core/mainloop/netstatus.h"
45 #include "core/or/channel.h"
46 #include "core/or/channelpadding.h"
47 #include "core/or/circuitpadding.h"
48 #include "core/or/circuitmux.h"
50 #include "core/or/circuitstats.h"
52 #include "core/or/connection_or.h"
53 #include "core/or/dos.h"
54 #include "core/or/protover.h"
55 #include "core/or/relay.h"
56 #include "core/or/scheduler.h"
57 #include "core/or/versions.h"
58 #include "feature/client/bridges.h"
63 #include "feature/dircache/consdiffmgr.h"
80 #include "feature/nodelist/torcert.h"
84 
87 #include "feature/dirauth/shared_random.h"
89 
90 #include "feature/nodelist/authority_cert_st.h"
91 #include "feature/dircommon/dir_connection_st.h"
92 #include "feature/dirclient/dir_server_st.h"
93 #include "feature/nodelist/document_signature_st.h"
94 #include "feature/nodelist/networkstatus_st.h"
95 #include "feature/nodelist/networkstatus_voter_info_st.h"
96 #include "feature/dirauth/ns_detached_signatures_st.h"
97 #include "feature/nodelist/node_st.h"
98 #include "feature/nodelist/routerinfo_st.h"
99 #include "feature/nodelist/routerlist_st.h"
100 #include "feature/dirauth/vote_microdesc_hash_st.h"
101 #include "feature/nodelist/vote_routerstatus_st.h"
102 
103 #ifdef HAVE_UNISTD_H
104 #include <unistd.h>
105 #endif
106 
110 
114 
123  time_t set_at;
128 
134 
141  {
142  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
143  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
144  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
145  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
146  };
147 
148 #define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2
149 #define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0
150 #define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1
151 
152 /* Using DL_SCHED_INCREMENT_ATTEMPT on these schedules means that
153  * download_status_increment_failure won't increment these entries.
154  * However, any bootstrap connection failures that occur after we have
155  * a valid consensus will count against the failure counts on the non-bootstrap
156  * schedules. There should only be one of these, as all the others will have
157  * been cancelled. (This doesn't seem to be a significant issue.) */
158 static download_status_t
159  consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
160  {
161  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
162  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
163  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
164  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
165  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
166  };
167 
174 
176  time_t now,
177  const or_options_t *options);
179  int client_mode,
180  char **warning_out);
181 static int reload_consensus_from_file(const char *fname,
182  const char *flavor,
183  unsigned flags,
184  const char *source_dir);
185 
188 void
190 {
191  SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
192  node->name_lookup_warned = 0);
193 
196 }
197 
201 void
203 {
204  int i;
205 
206  log_debug(LD_GENERAL,
207  "In networkstatus_reset_download_failures()");
208 
209  for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
211 
212  for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
213  download_status_reset(&consensus_bootstrap_dl_status[i]);
214 }
215 
217 static char *
219  const char *flavorname,
220  int unverified_consensus)
221 {
222  char buf[128];
223  const char *prefix;
224  if (unverified_consensus) {
225  prefix = "unverified";
226  } else {
227  prefix = "cached";
228  }
229  if (flav == FLAV_NS) {
230  tor_snprintf(buf, sizeof(buf), "%s-consensus", prefix);
231  } else {
232  tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname);
233  }
234 
235  return get_cachedir_fname(buf);
236 }
237 
242 static tor_mmap_t *
244  const char *flavorname,
245  int unverified_consensus)
246 {
247  char *filename = networkstatus_get_cache_fname(flav,
248  flavorname,
249  unverified_consensus);
250  tor_mmap_t *result = tor_mmap_file(filename);
251  tor_free(filename);
252  return result;
253 }
254 
257 tor_mmap_t *
258 networkstatus_map_cached_consensus(const char *flavorname)
259 {
260  int flav = networkstatus_parse_flavor_name(flavorname);
261  if (flav < 0)
262  return NULL;
263  return networkstatus_map_cached_consensus_impl(flav, flavorname, 0);
264 }
265 
267 int
269 {
270  const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
271  int flav;
272 
273  /* FFFF Suppress warnings if cached consensus is bad? */
274  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
275  const char *flavor = networkstatus_get_flavor_name(flav);
276  char *fname = networkstatus_get_cache_fname(flav, flavor, 0);
277  reload_consensus_from_file(fname, flavor, flags, NULL);
278  tor_free(fname);
279 
280  fname = networkstatus_get_cache_fname(flav, flavor, 1);
281  reload_consensus_from_file(fname, flavor,
282  flags | NSSET_WAS_WAITING_FOR_CERTS,
283  NULL);
284  tor_free(fname);
285  }
286 
287  update_certificate_downloads(time(NULL));
288 
291 
292  return 0;
293 }
294 
296 void
298 {
299  vote_microdesc_hash_t *h, *next;
300  if (!rs)
301  return;
302  tor_free(rs->version);
303  tor_free(rs->protocols);
305  for (h = rs->microdesc; h; h = next) {
307  next = h->next;
308  tor_free(h);
309  }
310  tor_free(rs);
311 }
312 
314 void
316 {
317  if (!rs)
318  return;
319  tor_free(rs->exitsummary);
320  tor_free(rs);
321 }
322 
324 void
326 {
327  tor_free(sig->signature);
328  tor_free(sig);
329 }
330 
334 {
335  document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
336  if (r->signature)
337  r->signature = tor_memdup(sig->signature, sig->signature_len);
338  return r;
339 }
340 
342 void
344 {
345  if (!ns)
346  return;
347 
349  tor_free(ns->server_versions);
350  tor_free(ns->recommended_client_protocols);
352  tor_free(ns->required_client_protocols);
353  tor_free(ns->required_relay_protocols);
354 
355  if (ns->known_flags) {
356  SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
357  smartlist_free(ns->known_flags);
358  }
359  if (ns->weight_params) {
360  SMARTLIST_FOREACH(ns->weight_params, char *, c, tor_free(c));
361  smartlist_free(ns->weight_params);
362  }
363  if (ns->net_params) {
364  SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
365  smartlist_free(ns->net_params);
366  }
367  if (ns->supported_methods) {
368  SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
369  smartlist_free(ns->supported_methods);
370  }
371  if (ns->package_lines) {
372  SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c));
373  smartlist_free(ns->package_lines);
374  }
375  if (ns->voters) {
377  tor_free(voter->nickname);
378  tor_free(voter->address);
379  tor_free(voter->contact);
380  if (voter->sigs) {
381  SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
382  document_signature_free(sig));
383  smartlist_free(voter->sigs);
384  }
385  tor_free(voter);
386  } SMARTLIST_FOREACH_END(voter);
387  smartlist_free(ns->voters);
388  }
389  authority_cert_free(ns->cert);
390 
391  if (ns->routerstatus_list) {
392  if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
394  vote_routerstatus_free(rs));
395  } else {
397  routerstatus_free(rs));
398  }
399 
400  smartlist_free(ns->routerstatus_list);
401  }
402 
403  if (ns->bw_file_headers) {
404  SMARTLIST_FOREACH(ns->bw_file_headers, char *, c, tor_free(c));
405  smartlist_free(ns->bw_file_headers);
406  }
407 
408  digestmap_free(ns->desc_digest_map, NULL);
409 
410  if (ns->sr_info.commits) {
411  dirvote_clear_commits(ns);
412  }
413  tor_free(ns->sr_info.previous_srv);
414  tor_free(ns->sr_info.current_srv);
415 
416  memwipe(ns, 11, sizeof(*ns));
417  tor_free(ns);
418 }
419 
425  const char *identity)
426 {
427  if (!vote || !vote->voters)
428  return NULL;
430  if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
431  return voter);
432  return NULL;
433 }
434 
439  digest_algorithm_t alg)
440 {
441  if (!voter->sigs)
442  return NULL;
444  if (sig->alg == alg)
445  return sig);
446  return NULL;
447 }
448 
453 int
456  const authority_cert_t *cert)
457 {
458  char key_digest[DIGEST_LEN];
459  const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
460  char *signed_digest;
461  size_t signed_digest_len;
462 
463  if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
464  return -1;
465  if (tor_memneq(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
466  tor_memneq(sig->identity_digest, cert->cache_info.identity_digest,
467  DIGEST_LEN))
468  return -1;
469 
470  if (authority_cert_is_blacklisted(cert)) {
471  /* We implement blacklisting for authority signing keys by treating
472  * all their signatures as always bad. That way we don't get into
473  * crazy loops of dropping and re-fetching signatures. */
474  log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
475  " signing key %s",
477  sig->bad_signature = 1;
478  return 0;
479  }
480 
481  signed_digest_len = crypto_pk_keysize(cert->signing_key);
482  signed_digest = tor_malloc(signed_digest_len);
483  if (crypto_pk_public_checksig(cert->signing_key,
484  signed_digest,
485  signed_digest_len,
486  sig->signature,
487  sig->signature_len) < dlen ||
488  tor_memneq(signed_digest, consensus->digests.d[sig->alg], dlen)) {
489  log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
490  sig->bad_signature = 1;
491  } else {
492  sig->good_signature = 1;
493  }
494  tor_free(signed_digest);
495  return 0;
496 }
497 
506 int
508  int warn)
509 {
510  int n_good = 0;
511  int n_missing_key = 0, n_dl_failed_key = 0;
512  int n_bad = 0;
513  int n_unknown = 0;
514  int n_no_signature = 0;
515  int n_v3_authorities = get_n_authorities(V3_DIRINFO);
516  int n_required = n_v3_authorities/2 + 1;
517  smartlist_t *list_good = smartlist_new();
518  smartlist_t *list_no_signature = smartlist_new();
519  smartlist_t *need_certs_from = smartlist_new();
520  smartlist_t *unrecognized = smartlist_new();
521  smartlist_t *missing_authorities = smartlist_new();
522  int severity;
523  time_t now = time(NULL);
524 
525  tor_assert(consensus->type == NS_TYPE_CONSENSUS);
526 
528  voter) {
529  int good_here = 0;
530  int bad_here = 0;
531  int unknown_here = 0;
532  int missing_key_here = 0, dl_failed_key_here = 0;
533  SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
534  if (!sig->good_signature && !sig->bad_signature &&
535  sig->signature) {
536  /* we can try to check the signature. */
537  int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
538  sig->identity_digest) != NULL;
539  authority_cert_t *cert =
540  authority_cert_get_by_digests(sig->identity_digest,
541  sig->signing_key_digest);
542  tor_assert(tor_memeq(sig->identity_digest, voter->identity_digest,
543  DIGEST_LEN));
544 
545  if (!is_v3_auth) {
546  smartlist_add(unrecognized, voter);
547  ++unknown_here;
548  continue;
549  } else if (!cert || cert->expires < now) {
550  smartlist_add(need_certs_from, voter);
551  ++missing_key_here;
552  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
553  ++dl_failed_key_here;
554  continue;
555  }
556  if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
557  smartlist_add(need_certs_from, voter);
558  ++missing_key_here;
559  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
560  ++dl_failed_key_here;
561  continue;
562  }
563  }
564  if (sig->good_signature)
565  ++good_here;
566  else if (sig->bad_signature)
567  ++bad_here;
568  } SMARTLIST_FOREACH_END(sig);
569 
570  if (good_here) {
571  ++n_good;
572  smartlist_add(list_good, voter->nickname);
573  } else if (bad_here) {
574  ++n_bad;
575  } else if (missing_key_here) {
576  ++n_missing_key;
577  if (dl_failed_key_here)
578  ++n_dl_failed_key;
579  } else if (unknown_here) {
580  ++n_unknown;
581  } else {
582  ++n_no_signature;
583  smartlist_add(list_no_signature, voter->nickname);
584  }
585  } SMARTLIST_FOREACH_END(voter);
586 
587  /* Now see whether we're missing any voters entirely. */
588  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
589  dir_server_t *, ds,
590  {
591  if ((ds->type & V3_DIRINFO) &&
592  !networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
593  smartlist_add(missing_authorities, ds);
594  });
595 
596  if (warn > 1 || (warn >= 0 &&
597  (n_good + n_missing_key - n_dl_failed_key < n_required))) {
598  severity = LOG_WARN;
599  } else {
600  severity = LOG_INFO;
601  }
602 
603  if (warn >= 0) {
604  SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
605  {
606  tor_log(severity, LD_DIR, "Consensus includes unrecognized authority "
607  "'%s' at %s:%d (contact %s; identity %s)",
608  voter->nickname, voter->address, (int)voter->dir_port,
609  voter->contact?voter->contact:"n/a",
610  hex_str(voter->identity_digest, DIGEST_LEN));
611  });
612  SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
613  {
614  tor_log(severity, LD_DIR, "Looks like we need to download a new "
615  "certificate from authority '%s' at %s:%d (contact %s; "
616  "identity %s)",
617  voter->nickname, voter->address, (int)voter->dir_port,
618  voter->contact?voter->contact:"n/a",
619  hex_str(voter->identity_digest, DIGEST_LEN));
620  });
621  SMARTLIST_FOREACH(missing_authorities, dir_server_t *, ds,
622  {
623  tor_log(severity, LD_DIR, "Consensus does not include configured "
624  "authority '%s' at %s:%d (identity %s)",
625  ds->nickname, ds->address, (int)ds->dir_port,
626  hex_str(ds->v3_identity_digest, DIGEST_LEN));
627  });
628  {
629  char *joined;
630  smartlist_t *sl = smartlist_new();
631  char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
633  "A consensus needs %d good signatures from recognized "
634  "authorities for us to accept it. "
635  "This %s one has %d (%s).",
636  n_required,
638  n_good, tmp);
639  tor_free(tmp);
640  if (n_no_signature) {
641  tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
643  "%d (%s) of the authorities we know didn't sign it.",
644  n_no_signature, tmp);
645  tor_free(tmp);
646  }
647  if (n_unknown) {
649  "It has %d signatures from authorities we don't "
650  "recognize.", n_unknown);
651  }
652  if (n_bad) {
653  smartlist_add_asprintf(sl, "%d of the signatures on it didn't verify "
654  "correctly.", n_bad);
655  }
656  if (n_missing_key) {
658  "We were unable to check %d of the signatures, "
659  "because we were missing the keys.", n_missing_key);
660  }
661  joined = smartlist_join_strings(sl, " ", 0, NULL);
662  tor_log(severity, LD_DIR, "%s", joined);
663  tor_free(joined);
664  SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
665  smartlist_free(sl);
666  }
667  }
668 
669  smartlist_free(list_good);
670  smartlist_free(list_no_signature);
671  smartlist_free(unrecognized);
672  smartlist_free(need_certs_from);
673  smartlist_free(missing_authorities);
674 
675  if (n_good == n_v3_authorities)
676  return 1;
677  else if (n_good >= n_required)
678  return 0;
679  else if (n_good + n_missing_key >= n_required)
680  return -1;
681  else
682  return -2;
683 }
684 
687 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
688 
691 int
692 compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
693 {
694  const char *key = _key;
695  const routerstatus_t *rs = *_member;
696  return tor_memcmp(key, rs->identity_digest, DIGEST_LEN);
697 }
698 
701 int
703  const void **_member)
704 {
705  const char *key = _key;
706  const vote_routerstatus_t *vrs = *_member;
707  return tor_memcmp(key, vrs->status.identity_digest, DIGEST_LEN);
708 }
709 
713 {
714  return smartlist_bsearch(ns->routerstatus_list, digest,
716 }
717 
721 networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
722 {
723  return networkstatus_vote_find_mutable_entry(ns, digest);
724 }
725 
726 /*XXXX MOVE make this static once functions are moved into this file. */
730 int
732  const char *digest, int *found_out)
733 {
734  return smartlist_bsearch_idx(ns->routerstatus_list, digest,
736  found_out);
737 }
738 
742 router_get_mutable_consensus_status_by_descriptor_digest,(
743  networkstatus_t *consensus,
744  const char *digest))
745 {
746  if (!consensus)
747  consensus = networkstatus_get_latest_consensus();
748  if (!consensus)
749  return NULL;
750  if (!consensus->desc_digest_map) {
751  digestmap_t *m = consensus->desc_digest_map = digestmap_new();
753  routerstatus_t *, rs,
754  {
755  digestmap_set(m, rs->descriptor_digest, rs);
756  });
757  }
758  return digestmap_get(consensus->desc_digest_map, digest);
759 }
760 
764 const routerstatus_t *
766  const char *digest)
767 {
768  return router_get_mutable_consensus_status_by_descriptor_digest(
769  consensus, digest);
770 }
771 
773 static smartlist_t *
775 {
776  smartlist_t *result = smartlist_new();
777  digestmap_iter_t *i;
778  const char *digest;
779  void *rs;
780  char *digest_tmp;
781 
782  for (i = digestmap_iter_init(consensus->desc_digest_map);
783  !(digestmap_iter_done(i));
784  i = digestmap_iter_next(consensus->desc_digest_map, i)) {
785  digestmap_iter_get(i, &digest, &rs);
786  digest_tmp = tor_malloc(DIGEST_LEN);
787  memcpy(digest_tmp, digest, DIGEST_LEN);
788  smartlist_add(result, digest_tmp);
789  }
790 
791  return result;
792 }
793 
797 router_get_descriptor_digests,(void))
798 {
799  smartlist_t *result = NULL;
800 
801  if (current_ns_consensus) {
802  result =
804  }
805 
806  return result;
807 }
808 
812 router_get_dl_status_by_descriptor_digest,(const char *d))
813 {
814  routerstatus_t *rs;
816  return NULL;
817  if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
819  return &rs->dl_status;
820 
821  return NULL;
822 }
823 
827 {
828  const networkstatus_t *ns = networkstatus_get_latest_consensus();
829  if (!ns)
830  return NULL;
831  smartlist_t *rslist = ns->routerstatus_list;
832  return smartlist_bsearch(rslist, digest,
834 }
835 
838 const routerstatus_t *
840 {
842 }
843 
846 #define AUTHORITY_NS_CACHE_INTERVAL (10*60)
847 
850 #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60)
851 
857 int
858 we_want_to_fetch_flavor(const or_options_t *options, int flavor)
859 {
860  if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) {
861  /* This flavor is crazy; we don't want it */
862  /*XXXX handle unrecognized flavors later */
863  return 0;
864  }
865  if (authdir_mode_v3(options) || directory_caches_dir_info(options)) {
866  /* We want to serve all flavors to others, regardless if we would use
867  * it ourselves. */
868  return 1;
869  }
870  if (options->FetchUselessDescriptors) {
871  /* In order to get all descriptors, we need to fetch all consensuses. */
872  return 1;
873  }
874  /* Otherwise, we want the flavor only if we want to use it to build
875  * circuits. */
876  return flavor == usable_consensus_flavor();
877 }
878 
885 int
887 {
888  if (authdir_mode_v3(options) ||
890  /* We want to serve all certs to others, regardless if we would use
891  * them ourselves. */
892  return 1;
893  }
894  if (options->FetchUselessDescriptors) {
895  /* Unknown certificates are definitely useless. */
896  return 1;
897  }
898  /* Otherwise, don't fetch unknown certificates. */
899  return 0;
900 }
901 
904 #define DELAY_WHILE_FETCHING_CERTS (20*60)
905 
908 #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
909 
910 /* Check if a downloaded consensus flavor should still wait for certificates
911  * to download now. If we decide not to wait, check if enough time has passed
912  * to consider the certificate download failure a separate failure. If so,
913  * fail dls.
914  * If waiting for certificates to download, return 1. If not, return 0. */
915 static int
916 check_consensus_waiting_for_certs(int flavor, time_t now,
917  download_status_t *dls)
918 {
920 
921  /* We should always have a known flavor, because we_want_to_fetch_flavor()
922  * filters out unknown flavors. */
923  tor_assert(flavor >= 0 && flavor < N_CONSENSUS_FLAVORS);
924 
925  waiting = &consensus_waiting_for_certs[flavor];
926  if (waiting->consensus) {
927  /* XXXX make sure this doesn't delay sane downloads. */
928  if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
929  waiting->consensus->valid_until > now) {
930  return 1;
931  } else {
932  if (!waiting->dl_failed) {
933  if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
934  download_status_failed(dls, 0);
935  }
936  waiting->dl_failed=1;
937  }
938  }
939  }
940 
941  return 0;
942 }
943 
946 static void
948 {
949  int i;
950  const or_options_t *options = get_options();
951  const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
952  now);
953  const int use_multi_conn =
955 
956  if (should_delay_dir_fetches(options, NULL))
957  return;
958 
959  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
960  /* XXXX need some way to download unknown flavors if we are caching. */
961  const char *resource;
962  networkstatus_t *c;
963  int max_in_progress_conns = 1;
964 
965  if (! we_want_to_fetch_flavor(options, i))
966  continue;
967 
968  c = networkstatus_get_latest_consensus_by_flavor(i);
969  if (! (c && c->valid_after <= now && now <= c->valid_until)) {
970  /* No live consensus? Get one now!*/
972  }
973 
974  if (time_to_download_next_consensus[i] > now)
975  continue; /* Wait until the current consensus is older. */
976 
977  resource = networkstatus_get_flavor_name(i);
978 
979  /* Check if we already have enough connections in progress */
980  if (we_are_bootstrapping && use_multi_conn) {
981  max_in_progress_conns =
983  }
986  resource)
987  >= max_in_progress_conns) {
988  continue;
989  }
990 
991  /* Check if we want to launch another download for a usable consensus.
992  * Only used during bootstrap. */
993  if (we_are_bootstrapping && use_multi_conn
994  && i == usable_consensus_flavor()) {
995 
996  /* Check if we're already downloading a usable consensus */
997  if (networkstatus_consensus_is_already_downloading(resource))
998  continue;
999 
1000  /* Make multiple connections for a bootstrap consensus download. */
1002  } else {
1003  /* Check if we failed downloading a consensus too recently */
1004 
1005  /* Let's make sure we remembered to update consensus_dl_status */
1006  tor_assert(consensus_dl_status[i].schedule == DL_SCHED_CONSENSUS);
1007 
1009  continue;
1010  }
1011 
1014  if (check_consensus_waiting_for_certs(i, now, &consensus_dl_status[i])) {
1016  continue;
1017  }
1018 
1019  /* Try the requested attempt */
1020  log_info(LD_DIR, "Launching %s standard networkstatus consensus "
1021  "download.", networkstatus_get_flavor_name(i));
1022  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1023  ROUTER_PURPOSE_GENERAL, resource,
1025  consensus_dl_status[i].want_authority);
1026  }
1027  }
1028 }
1029 
1035 static void
1037  time_t now,
1038  download_status_t *dls,
1039  download_want_authority_t want_authority)
1040 {
1041  const char *resource = networkstatus_get_flavor_name(
1042  usable_consensus_flavor());
1043 
1044  /* Let's make sure we remembered to update schedule */
1045  tor_assert(dls->schedule == DL_SCHED_CONSENSUS);
1046 
1047  /* Allow for multiple connections in the same second, if the schedule value
1048  * is 0. */
1049  while (download_status_is_ready(dls, now)) {
1050  log_info(LD_DIR, "Launching %s bootstrap %s networkstatus consensus "
1051  "download.", resource, (want_authority == DL_WANT_AUTHORITY
1052  ? "authority"
1053  : "mirror"));
1054 
1055  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1056  ROUTER_PURPOSE_GENERAL, resource,
1057  PDS_RETRY_IF_NO_SERVERS, want_authority);
1058  /* schedule the next attempt */
1059  download_status_increment_attempt(dls, resource, now);
1060  }
1061 }
1062 
1071 static void
1073  const or_options_t *options)
1074 {
1075  const int usable_flavor = usable_consensus_flavor();
1076 
1077  /* make sure we can use multiple connections */
1079  return;
1080  }
1081 
1082  /* Launch concurrent consensus download attempt(s) based on the mirror and
1083  * authority schedules. Try the mirror first - this makes it slightly more
1084  * likely that we'll connect to the fallback first, and then end the
1085  * authority connection attempt. */
1086 
1087  /* If a consensus download fails because it's waiting for certificates,
1088  * we'll fail both the authority and fallback schedules. This is better than
1089  * failing only one of the schedules, and having the other continue
1090  * unchecked.
1091  */
1092 
1093  /* If we don't have or can't use extra fallbacks, don't try them. */
1094  if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
1095  download_status_t *dls_f =
1096  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
1097 
1098  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
1099  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
1101  DL_WANT_ANY_DIRSERVER);
1102  }
1103  }
1104 
1105  /* Now try an authority. */
1106  download_status_t *dls_a =
1107  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
1108 
1109  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
1111  DL_WANT_AUTHORITY);
1112  }
1113 }
1114 
1117 void
1118 networkstatus_consensus_download_failed(int status_code, const char *flavname)
1119 {
1120  int flav = networkstatus_parse_flavor_name(flavname);
1121  if (flav >= 0) {
1123  /* XXXX handle unrecognized flavors */
1124  download_status_failed(&consensus_dl_status[flav], status_code);
1125  /* Retry immediately, if appropriate. */
1127  }
1128 }
1129 
1132 #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120
1133 
1136 static void
1138 {
1139  const or_options_t *options = get_options();
1140  networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
1141  const char *flavor = networkstatus_get_flavor_name(flav);
1142  if (! we_want_to_fetch_flavor(get_options(), flav))
1143  return;
1144 
1145  if (c && c->valid_after <= now && now <= c->valid_until) {
1146  long dl_interval;
1147  long interval = c->fresh_until - c->valid_after;
1148  long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
1149  time_t start;
1150 
1151  if (min_sec_before_caching > interval/16) {
1152  /* Usually we allow 2-minutes slop factor in case clocks get
1153  desynchronized a little. If we're on a private network with
1154  a crazy-fast voting interval, though, 2 minutes may be too
1155  much. */
1156  min_sec_before_caching = interval/16;
1157  /* make sure we always delay by at least a second before caching */
1158  if (min_sec_before_caching == 0) {
1159  min_sec_before_caching = 1;
1160  }
1161  }
1162 
1163  if (directory_fetches_dir_info_early(options)) {
1164  /* We want to cache the next one at some point after this one
1165  * is no longer fresh... */
1166  start = (time_t)(c->fresh_until + min_sec_before_caching);
1167  /* Some clients may need the consensus sooner than others. */
1168  if (options->FetchDirInfoExtraEarly || authdir_mode_v3(options)) {
1169  dl_interval = 60;
1170  if (min_sec_before_caching + dl_interval > interval)
1171  dl_interval = interval/2;
1172  } else {
1173  /* But only in the first half-interval after that. */
1174  dl_interval = interval/2;
1175  }
1176  } else {
1177  /* We're an ordinary client, a bridge, or a hidden service.
1178  * Give all the caches enough time to download the consensus. */
1179  start = (time_t)(c->fresh_until + (interval*3)/4);
1180  /* But download the next one well before this one is expired. */
1181  dl_interval = ((c->valid_until - start) * 7 )/ 8;
1182 
1183  /* If we're a bridge user, make use of the numbers we just computed
1184  * to choose the rest of the interval *after* them. */
1185  if (directory_fetches_dir_info_later(options)) {
1186  /* Give all the *clients* enough time to download the consensus. */
1187  start = (time_t)(start + dl_interval + min_sec_before_caching);
1188  /* But try to get it before ours actually expires. */
1189  dl_interval = (c->valid_until - start) - min_sec_before_caching;
1190  }
1191  }
1192  /* catch low dl_interval in crazy-fast networks */
1193  if (dl_interval < 1)
1194  dl_interval = 1;
1195  /* catch late start in crazy-fast networks */
1196  if (start+dl_interval >= c->valid_until)
1197  start = c->valid_until - dl_interval - 1;
1198  log_debug(LD_DIR,
1199  "fresh_until: %ld start: %ld "
1200  "dl_interval: %ld valid_until: %ld ",
1201  (long)c->fresh_until, (long)start, dl_interval,
1202  (long)c->valid_until);
1203  /* We must not try to replace c while it's still fresh: */
1204  tor_assert(c->fresh_until < start);
1205  /* We must download the next one before c is invalid: */
1206  tor_assert(start+dl_interval < c->valid_until);
1208  start + crypto_rand_int((int)dl_interval);
1209  {
1210  char tbuf1[ISO_TIME_LEN+1];
1211  char tbuf2[ISO_TIME_LEN+1];
1212  char tbuf3[ISO_TIME_LEN+1];
1216  log_info(LD_DIR, "Live %s consensus %s the most recent until %s and "
1217  "will expire at %s; fetching the next one at %s.",
1218  flavor, (c->fresh_until > now) ? "will be" : "was",
1219  tbuf1, tbuf2, tbuf3);
1220  }
1221  } else {
1222  time_to_download_next_consensus[flav] = now;
1223  log_info(LD_DIR, "No live %s consensus; we should fetch one immediately.",
1224  flavor);
1225  }
1226 }
1227 
1230 void
1232 {
1233  int i;
1234  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1235  if (we_want_to_fetch_flavor(get_options(), i))
1237  }
1238 }
1239 
1248 int
1249 should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
1250 {
1251  if (msg_out) {
1252  *msg_out = NULL;
1253  }
1254 
1255  if (options->DisableNetwork) {
1256  if (msg_out) {
1257  *msg_out = "DisableNetwork is set.";
1258  }
1259  log_info(LD_DIR, "Delaying dir fetches (DisableNetwork is set)");
1260  return 1;
1261  }
1262 
1263  if (we_are_hibernating()) {
1264  if (msg_out) {
1265  *msg_out = "We are hibernating or shutting down.";
1266  }
1267  log_info(LD_DIR, "Delaying dir fetches (Hibernating or shutting down)");
1268  return 1;
1269  }
1270 
1271  if (options->UseBridges) {
1272  /* If we know that none of our bridges can possibly work, avoid fetching
1273  * directory documents. But if some of them might work, try again. */
1274  if (num_bridges_usable(1) == 0) {
1275  if (msg_out) {
1276  *msg_out = "No running bridges";
1277  }
1278  log_info(LD_DIR, "Delaying dir fetches (no running bridges known)");
1279  return 1;
1280  }
1281 
1283  if (msg_out) {
1284  *msg_out = "Pluggable transport proxies still configuring";
1285  }
1286  log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)");
1287  return 1;
1288  }
1289  }
1290 
1291  return 0;
1292 }
1293 
1298 void
1300 {
1301  const or_options_t *options = get_options();
1302  if (should_delay_dir_fetches(options, NULL))
1303  return;
1308 }
1309 
1312 void
1314 {
1315  int i;
1316  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1317  if (consensus_waiting_for_certs[i].consensus)
1319  now, NULL);
1320  }
1321 
1326 }
1327 
1330 int
1332 {
1333  return consensus_waiting_for_certs[usable_consensus_flavor()].consensus
1334  ? 1 : 0;
1335 }
1336 
1341 networkstatus_get_dl_status_by_flavor,(consensus_flavor_t flavor))
1342 {
1343  download_status_t *dl = NULL;
1344  const int we_are_bootstrapping =
1345  networkstatus_consensus_is_bootstrapping(time(NULL));
1346 
1347  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1348  dl = &((we_are_bootstrapping ?
1349  consensus_bootstrap_dl_status : consensus_dl_status)[flavor]);
1350  }
1351 
1352  return dl;
1353 }
1354 
1358 networkstatus_get_dl_status_by_flavor_bootstrap,(consensus_flavor_t flavor))
1359 {
1360  download_status_t *dl = NULL;
1361 
1362  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1363  dl = &(consensus_bootstrap_dl_status[flavor]);
1364  }
1365 
1366  return dl;
1367 }
1368 
1372 networkstatus_get_dl_status_by_flavor_running,(consensus_flavor_t flavor))
1373 {
1374  download_status_t *dl = NULL;
1375 
1376  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1377  dl = &(consensus_dl_status[flavor]);
1378  }
1379 
1380  return dl;
1381 }
1382 
1386 networkstatus_get_latest_consensus,(void))
1387 {
1388  if (we_use_microdescriptors_for_circuits(get_options()))
1389  return current_md_consensus;
1390  else
1391  return current_ns_consensus;
1392 }
1393 
1397 networkstatus_get_latest_consensus_by_flavor,(consensus_flavor_t f))
1398 {
1399  if (f == FLAV_NS)
1400  return current_ns_consensus;
1401  else if (f == FLAV_MICRODESC)
1402  return current_md_consensus;
1403  else {
1404  tor_assert(0);
1405  return NULL;
1406  }
1407 }
1408 
1412 networkstatus_get_live_consensus,(time_t now))
1413 {
1414  networkstatus_t *ns = networkstatus_get_latest_consensus();
1415  if (ns && networkstatus_is_live(ns, now))
1416  return ns;
1417  else
1418  return NULL;
1419 }
1420 
1423 int
1425 {
1426  return (ns->valid_after <= now && now <= ns->valid_until);
1427 }
1428 
1435 int
1437  time_t now)
1438 {
1439  if (BUG(!consensus))
1440  return 0;
1441 
1443  now) &&
1445  now);
1446 }
1447 
1448 #define REASONABLY_LIVE_TIME (24*60*60)
1449 
1453 int
1455  time_t now)
1456 {
1457  return (now >= valid_after - REASONABLY_LIVE_TIME);
1458 }
1459 
1463 int
1465  time_t now)
1466 {
1467  return (now <= valid_until + REASONABLY_LIVE_TIME);
1468 }
1469 
1473 networkstatus_get_reasonably_live_consensus,(time_t now, int flavor))
1474 {
1475  networkstatus_t *consensus =
1476  networkstatus_get_latest_consensus_by_flavor(flavor);
1477  if (consensus &&
1479  return consensus;
1480  else
1481  return NULL;
1482 }
1483 
1493 networkstatus_consensus_is_bootstrapping,(time_t now))
1494 {
1495  /* If we have a validated, reasonably live consensus, we're not
1496  * bootstrapping a consensus at all. */
1497  if (networkstatus_get_reasonably_live_consensus(
1498  now,
1499  usable_consensus_flavor())) {
1500  return 0;
1501  }
1502 
1503  /* If we have a consensus, but we're waiting for certificates,
1504  * we're not waiting for a consensus download while bootstrapping. */
1506  return 0;
1507  }
1508 
1509  /* If we have no consensus, or our consensus is very old, we are
1510  * bootstrapping, and we need to download a consensus. */
1511  return 1;
1512 }
1513 
1517 int
1519  const or_options_t *options)
1520 {
1521  /* If we are a client, bridge, bridge client, or hidden service */
1522  return !public_server_mode(options);
1523 }
1524 
1529 networkstatus_consensus_can_use_extra_fallbacks,(const or_options_t *options))
1530 {
1531  /* The list length comparisons are a quick way to check if we have any
1532  * non-authority fallback directories. If we ever have any authorities that
1533  * aren't fallback directories, we will need to change this code. */
1534  tor_assert(smartlist_len(router_get_fallback_dir_servers())
1535  >= smartlist_len(router_get_trusted_dir_servers()));
1536  /* If we don't fetch from the authorities, and we have additional mirrors,
1537  * we can use them. */
1538  return (!directory_fetches_from_authorities(options)
1539  && (smartlist_len(router_get_fallback_dir_servers())
1540  > smartlist_len(router_get_trusted_dir_servers())));
1541 }
1542 
1543 /* Is there a consensus fetch for flavor <b>resource</b> that's far
1544  * enough along to be attached to a circuit? */
1545 int
1546 networkstatus_consensus_is_already_downloading(const char *resource)
1547 {
1548  int answer = 0;
1549 
1550  /* First, get a list of all the dir conns that are fetching a consensus,
1551  * fetching *this* consensus, and are in state "reading" (meaning they
1552  * have already flushed their request onto the socks connection). */
1553  smartlist_t *fetching_conns =
1556 
1557  /* Then, walk through each conn, to see if its linked socks connection
1558  * is in an attached state. We have to check this separately, since with
1559  * the optimistic data feature, fetches can send their request to the
1560  * socks connection and go into state 'reading', even before they're
1561  * attached to any circuit. */
1562  SMARTLIST_FOREACH_BEGIN(fetching_conns, dir_connection_t *, dirconn) {
1563  /* Do any of these other dir conns have a linked socks conn that is
1564  * attached to a circuit already? */
1565  connection_t *base = TO_CONN(dirconn);
1566  if (base->linked_conn &&
1567  base->linked_conn->type == CONN_TYPE_AP &&
1569  answer = 1;
1570  break; /* stop looping, because we know the answer will be yes */
1571  }
1572  } SMARTLIST_FOREACH_END(dirconn);
1573  smartlist_free(fetching_conns);
1574 
1575  return answer;
1576 }
1577 
1578 /* Does the current, reasonably live consensus have IPv6 addresses?
1579  * Returns 1 if there is a reasonably live consensus and its consensus method
1580  * includes IPv6 addresses in the consensus.
1581  * Otherwise, if there is no consensus, or the method does not include IPv6
1582  * addresses, returns 0. */
1583 int
1584 networkstatus_consensus_has_ipv6(const or_options_t* options)
1585 {
1586  const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
1587  approx_time(),
1588  usable_consensus_flavor());
1589 
1590  /* If we have no consensus, we have no IPv6 in it */
1591  if (!cons) {
1592  return 0;
1593  }
1594 
1595  /* Different flavours of consensus gained IPv6 at different times */
1596  if (we_use_microdescriptors_for_circuits(options)) {
1597  return
1599  } else {
1600  return 1;
1601  }
1602 }
1603 
1606 static int
1608 {
1610 
1611  return strcmp(a->nickname, b->nickname) ||
1612  fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
1613  a->addr != b->addr ||
1614  a->or_port != b->or_port ||
1615  a->dir_port != b->dir_port ||
1616  a->is_authority != b->is_authority ||
1617  a->is_exit != b->is_exit ||
1618  a->is_stable != b->is_stable ||
1619  a->is_fast != b->is_fast ||
1621  a->is_named != b->is_named ||
1622  a->is_unnamed != b->is_unnamed ||
1623  a->is_valid != b->is_valid ||
1625  a->is_bad_exit != b->is_bad_exit ||
1626  a->is_hs_dir != b->is_hs_dir;
1627  // XXXX this function needs a huge refactoring; it has gotten out
1628  // XXXX of sync with routerstatus_t, and it will do so again.
1629 }
1630 
1633 static void
1635  const networkstatus_t *new_c)
1636 {
1637  smartlist_t *changed;
1638  if (old_c == new_c)
1639  return;
1640 
1641  /* tell the controller exactly which relays are still listed, as well
1642  * as what they're listed as */
1644 
1645  if (!control_event_is_interesting(EVENT_NS))
1646  return;
1647 
1648  if (!old_c) {
1650  return;
1651  }
1652  changed = smartlist_new();
1653 
1654  SMARTLIST_FOREACH_JOIN(
1655  old_c->routerstatus_list, const routerstatus_t *, rs_old,
1656  new_c->routerstatus_list, const routerstatus_t *, rs_new,
1657  tor_memcmp(rs_old->identity_digest,
1658  rs_new->identity_digest, DIGEST_LEN),
1659  smartlist_add(changed, (void*) rs_new)) {
1660  if (routerstatus_has_changed(rs_old, rs_new))
1661  smartlist_add(changed, (void*)rs_new);
1662  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1663 
1665  smartlist_free(changed);
1666 }
1667 
1668 /* Called before the consensus changes from old_c to new_c. */
1669 static void
1670 notify_before_networkstatus_changes(const networkstatus_t *old_c,
1671  const networkstatus_t *new_c)
1672 {
1674  dos_consensus_has_changed(new_c);
1675  relay_consensus_has_changed(new_c);
1676 }
1677 
1678 /* Called after a new consensus has been put in the global state. It is safe
1679  * to use the consensus getters in this function. */
1680 static void
1681 notify_after_networkstatus_changes(void)
1682 {
1684 }
1685 
1688 static void
1690  const networkstatus_t *old_c)
1691 {
1692  if (old_c == new_c)
1693  return;
1694  if (!old_c || !smartlist_len(old_c->routerstatus_list))
1695  return;
1696 
1697  SMARTLIST_FOREACH_JOIN(old_c->routerstatus_list, routerstatus_t *, rs_old,
1698  new_c->routerstatus_list, routerstatus_t *, rs_new,
1699  tor_memcmp(rs_old->identity_digest,
1700  rs_new->identity_digest, DIGEST_LEN),
1701  STMT_NIL) {
1702  /* Okay, so we're looking at the same identity. */
1703  rs_new->last_dir_503_at = rs_old->last_dir_503_at;
1704 
1705  if (tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
1706  DIGEST256_LEN)) {
1707  /* And the same descriptor too! */
1708  memcpy(&rs_new->dl_status, &rs_old->dl_status,sizeof(download_status_t));
1709  }
1710  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1711 }
1712 
1713 #ifdef TOR_UNIT_TESTS
1714 
1720 int
1721 networkstatus_set_current_consensus_from_ns(networkstatus_t *c,
1722  const char *flavor)
1723 {
1724  int flav = networkstatus_parse_flavor_name(flavor);
1725  switch (flav) {
1726  case FLAV_NS:
1727  if (current_ns_consensus) {
1729  networkstatus_vote_free(current_ns_consensus);
1730  }
1732  break;
1733  case FLAV_MICRODESC:
1734  if (current_md_consensus) {
1736  networkstatus_vote_free(current_md_consensus);
1737  }
1739  break;
1740  }
1741  return current_md_consensus ? 0 : -1;
1742 }
1743 #endif /* defined(TOR_UNIT_TESTS) */
1744 
1750 static int
1751 reload_consensus_from_file(const char *fname,
1752  const char *flavor,
1753  unsigned flags,
1754  const char *source_dir)
1755 {
1756  tor_mmap_t *map = tor_mmap_file(fname);
1757  if (!map)
1758  return 0;
1759 
1760  int rv = networkstatus_set_current_consensus(map->data, map->size,
1761  flavor, flags, source_dir);
1762 #ifdef _WIN32
1763  if (rv < 0 && tor_memstr(map->data, map->size, "\r\n")) {
1764  log_notice(LD_GENERAL, "Looks like the above failures are probably "
1765  "because of a CRLF in consensus file %s; falling back to "
1766  "read_file_to_string. Nothing to worry about: this file "
1767  "was probably saved by an earlier version of Tor.",
1768  escaped(fname));
1769  char *content = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
1770  rv = networkstatus_set_current_consensus(content, strlen(content),
1771  flavor, flags, source_dir);
1772  tor_free(content);
1773  }
1774 #endif
1775  if (rv < -1) {
1776  log_warn(LD_GENERAL, "Couldn't set consensus from cache file %s",
1777  escaped(fname));
1778  }
1779  tor_munmap_file(map);
1780  return rv;
1781 }
1782 
1787 static void
1789  int is_client)
1790 {
1791  char *protocol_warning = NULL;
1792 
1793  int should_exit = networkstatus_check_required_protocols(c,
1794  is_client,
1795  &protocol_warning);
1796  if (protocol_warning) {
1797  tor_log(should_exit ? LOG_ERR : LOG_WARN,
1798  LD_GENERAL,
1799  "%s", protocol_warning);
1800  }
1801  if (should_exit) {
1802  tor_assert_nonfatal(protocol_warning);
1803  }
1804  tor_free(protocol_warning);
1805  if (should_exit)
1806  exit(1); // XXXX bad exit: should return from main.
1807 }
1808 
1813 static void
1815  const or_options_t *options)
1816 {
1817  const int is_server = server_mode(options);
1818  const int is_client = options_any_client_port_set(options) || !is_server;
1819 
1820  if (is_server)
1822  if (is_client)
1824 }
1825 
1843 STATIC void
1844 warn_early_consensus(const networkstatus_t *c, const char *flavor,
1845  time_t now)
1846 {
1847  char tbuf[ISO_TIME_LEN+1];
1848  char dbuf[64];
1849  long delta = now - c->valid_after;
1850  char *flavormsg = NULL;
1851 
1855 #define EARLY_CONSENSUS_NOTICE_SKEW 60
1856 
1857  /* We assume that if a majority of dirauths have accurate clocks,
1858  * the earliest that a dirauth with a skewed clock could possibly
1859  * publish a sufficiently-signed consensus is (valid_after -
1860  * dist_seconds). Before that time, the skewed dirauth would be
1861  * unable to obtain enough authority signatures for the consensus to
1862  * be valid. */
1863  if (now >= c->valid_after - c->dist_seconds - EARLY_CONSENSUS_NOTICE_SKEW)
1864  return;
1865 
1866  format_iso_time(tbuf, c->valid_after);
1867  format_time_interval(dbuf, sizeof(dbuf), delta);
1868  log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
1869  "consensus network status document (%s UTC). Tor needs an "
1870  "accurate clock to work correctly. Please check your time and "
1871  "date settings!", dbuf, tbuf);
1872  tor_asprintf(&flavormsg, "%s flavor consensus", flavor);
1873  clock_skew_warning(NULL, delta, 1, LD_GENERAL, flavormsg, "CONSENSUS");
1874  tor_free(flavormsg);
1875 }
1876 
1898 int
1900  size_t consensus_len,
1901  const char *flavor,
1902  unsigned flags,
1903  const char *source_dir)
1904 {
1905  networkstatus_t *c=NULL;
1906  int r, result = -1;
1907  time_t now = approx_time();
1908  const or_options_t *options = get_options();
1909  char *unverified_fname = NULL, *consensus_fname = NULL;
1910  int flav = networkstatus_parse_flavor_name(flavor);
1911  const unsigned from_cache = flags & NSSET_FROM_CACHE;
1912  const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
1913  const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
1914  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
1915  const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
1916  const common_digests_t *current_digests = NULL;
1917  consensus_waiting_for_certs_t *waiting = NULL;
1918  time_t current_valid_after = 0;
1919  int free_consensus = 1; /* Free 'c' at the end of the function */
1920  int checked_protocols_already = 0;
1921 
1922  if (flav < 0) {
1923  /* XXXX we don't handle unrecognized flavors yet. */
1924  log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
1925  return -2;
1926  }
1927 
1928  /* Make sure it's parseable. */
1930  consensus_len,
1931  NULL, NS_TYPE_CONSENSUS);
1932  if (!c) {
1933  log_warn(LD_DIR, "Unable to parse networkstatus consensus");
1934  result = -2;
1935  goto done;
1936  }
1937 
1938  if (from_cache && !was_waiting_for_certs) {
1939  /* We previously stored this; check _now_ to make sure that version-kills
1940  * really work. This happens even before we check signatures: we did so
1941  * before when we stored this to disk. This does mean an attacker who can
1942  * write to the datadir can make us not start: such an attacker could
1943  * already harm us by replacing our guards, which would be worse. */
1944  checked_protocols_already = 1;
1945  handle_missing_protocol_warning(c, options);
1946  }
1947 
1948  if ((int)c->flavor != flav) {
1949  /* This wasn't the flavor we thought we were getting. */
1950  if (require_flavor) {
1951  log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
1953  goto done;
1954  }
1955  flav = c->flavor;
1956  flavor = networkstatus_get_flavor_name(flav);
1957  }
1958 
1959  if (flav != usable_consensus_flavor() &&
1960  !we_want_to_fetch_flavor(options, flav)) {
1961  /* This consensus is totally boring to us: we won't use it, we didn't want
1962  * it, and we won't serve it. Drop it. */
1963  goto done;
1964  }
1965 
1966  if (from_cache && !accept_obsolete &&
1968  log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
1969  goto done;
1970  }
1971 
1972  if (!strcmp(flavor, "ns")) {
1973  consensus_fname = get_cachedir_fname("cached-consensus");
1974  unverified_fname = get_cachedir_fname("unverified-consensus");
1975  if (current_ns_consensus) {
1976  current_digests = &current_ns_consensus->digests;
1977  current_valid_after = current_ns_consensus->valid_after;
1978  }
1979  } else if (!strcmp(flavor, "microdesc")) {
1980  consensus_fname = get_cachedir_fname("cached-microdesc-consensus");
1981  unverified_fname = get_cachedir_fname("unverified-microdesc-consensus");
1982  if (current_md_consensus) {
1983  current_digests = &current_md_consensus->digests;
1984  current_valid_after = current_md_consensus->valid_after;
1985  }
1986  } else {
1987  tor_assert_nonfatal_unreached();
1988  result = -2;
1989  goto done;
1990  }
1991 
1992  if (current_digests &&
1993  tor_memeq(&c->digests, current_digests, sizeof(c->digests))) {
1994  /* We already have this one. That's a failure. */
1995  log_info(LD_DIR, "Got a %s consensus we already have", flavor);
1996  goto done;
1997  }
1998 
1999  if (current_valid_after && c->valid_after <= current_valid_after) {
2000  /* We have a newer one. There's no point in accepting this one,
2001  * even if it's great. */
2002  log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
2003  flavor);
2004  goto done;
2005  }
2006 
2007  /* Make sure it's signed enough. */
2008  if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
2009  if (r == -1) {
2010  /* Okay, so it _might_ be signed enough if we get more certificates. */
2011  if (!was_waiting_for_certs) {
2012  log_info(LD_DIR,
2013  "Not enough certificates to check networkstatus consensus");
2014  }
2015  if (!current_valid_after ||
2016  c->valid_after > current_valid_after) {
2017  waiting = &consensus_waiting_for_certs[flav];
2018  networkstatus_vote_free(waiting->consensus);
2019  waiting->consensus = c;
2020  free_consensus = 0;
2021  waiting->set_at = now;
2022  waiting->dl_failed = 0;
2023  if (!from_cache) {
2024  write_bytes_to_file(unverified_fname, consensus, consensus_len, 1);
2025  }
2026  if (dl_certs)
2027  authority_certs_fetch_missing(c, now, source_dir);
2028  /* This case is not a success or a failure until we get the certs
2029  * or fail to get the certs. */
2030  result = 0;
2031  } else {
2032  /* Even if we had enough signatures, we'd never use this as the
2033  * latest consensus. */
2034  if (was_waiting_for_certs && from_cache)
2035  if (unlink(unverified_fname) != 0) {
2036  log_warn(LD_FS,
2037  "Failed to unlink %s: %s",
2038  unverified_fname, strerror(errno));
2039  }
2040  }
2041  goto done;
2042  } else {
2043  /* This can never be signed enough: Kill it. */
2044  if (!was_waiting_for_certs) {
2045  log_warn(LD_DIR, "Not enough good signatures on networkstatus "
2046  "consensus");
2047  result = -2;
2048  }
2049  if (was_waiting_for_certs && (r < -1) && from_cache) {
2050  if (unlink(unverified_fname) != 0) {
2051  log_warn(LD_FS,
2052  "Failed to unlink %s: %s",
2053  unverified_fname, strerror(errno));
2054  }
2055  }
2056  goto done;
2057  }
2058  }
2059 
2060  /* Signatures from the consensus are verified */
2061  if (from_cache && was_waiting_for_certs) {
2062  /* We check if the consensus is loaded from disk cache and that it
2063  * it is an unverified consensus. If it is unverified, rename it to
2064  * cached-*-consensus since it has been verified. */
2065  log_info(LD_DIR, "Unverified consensus signatures verified.");
2066  tor_rename(unverified_fname, consensus_fname);
2067  }
2068 
2069  if (!from_cache && flav == usable_consensus_flavor())
2070  control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
2071 
2072  if (!checked_protocols_already) {
2073  handle_missing_protocol_warning(c, options);
2074  }
2075 
2076  /* Are we missing any certificates at all? */
2077  if (r != 1 && dl_certs)
2078  authority_certs_fetch_missing(c, now, source_dir);
2079 
2080  const int is_usable_flavor = flav == usable_consensus_flavor();
2081 
2082  /* Before we switch to the new consensus, notify that we are about to change
2083  * it using the old consensus and the new one. */
2084  if (is_usable_flavor) {
2085  notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
2086  c);
2087  }
2088  if (flav == FLAV_NS) {
2089  if (current_ns_consensus) {
2091  networkstatus_vote_free(current_ns_consensus);
2092  /* Defensive programming : we should set current_ns_consensus very soon
2093  * but we're about to call some stuff in the meantime, and leaving this
2094  * dangling pointer around has proven to be trouble. */
2095  current_ns_consensus = NULL;
2096  }
2098  free_consensus = 0; /* avoid free */
2099  } else if (flav == FLAV_MICRODESC) {
2100  if (current_md_consensus) {
2102  networkstatus_vote_free(current_md_consensus);
2103  /* more defensive programming */
2104  current_md_consensus = NULL;
2105  }
2107  free_consensus = 0; /* avoid free */
2108  }
2109 
2110  waiting = &consensus_waiting_for_certs[flav];
2111  if (waiting->consensus &&
2112  waiting->consensus->valid_after <= c->valid_after) {
2113  networkstatus_vote_free(waiting->consensus);
2114  waiting->consensus = NULL;
2115  waiting->set_at = 0;
2116  waiting->dl_failed = 0;
2117  if (unlink(unverified_fname) != 0) {
2118  log_warn(LD_FS,
2119  "Failed to unlink %s: %s",
2120  unverified_fname, strerror(errno));
2121  }
2122  }
2123 
2124  if (is_usable_flavor) {
2125  /* Notify that we just changed the consensus so the current global value
2126  * can be looked at. */
2127  notify_after_networkstatus_changes();
2128 
2129  /* The "current" consensus has just been set and it is a usable flavor so
2130  * the first thing we need to do is recalculate the voting schedule static
2131  * object so we can use the timings in there needed by some subsystems
2132  * such as hidden service and shared random. */
2133  voting_schedule_recalculate_timing(options, now);
2134  reschedule_dirvote(options);
2135 
2137 
2139 
2140  /* Change the cell EWMA settings */
2141  cmux_ewma_set_options(options, c);
2142 
2143  /* XXXX this call might be unnecessary here: can changing the
2144  * current consensus really alter our view of any OR's rate limits? */
2145  connection_or_update_token_buckets(get_connection_array(), options);
2146 
2149  channelpadding_new_consensus_params(c);
2151  }
2152 
2153  /* Reset the failure count only if this consensus is actually valid. */
2154  if (c->valid_after <= now && now <= c->valid_until) {
2156  } else {
2157  if (!from_cache)
2159  }
2160 
2161  if (we_want_to_fetch_flavor(options, flav)) {
2162  if (dir_server_mode(get_options())) {
2164  consensus_len,
2165  flavor,
2166  &c->digests,
2168  c->valid_after);
2169 
2170  consdiffmgr_add_consensus(consensus, consensus_len, c);
2171  }
2172  }
2173 
2174  if (!from_cache) {
2175  write_bytes_to_file(consensus_fname, consensus, consensus_len, 1);
2176  }
2177 
2178  warn_early_consensus(c, flavor, now);
2179 
2180  /* We got a new consesus. Reset our md fetch fail cache */
2182 
2184 
2185  result = 0;
2186  done:
2187  if (free_consensus)
2188  networkstatus_vote_free(c);
2189  tor_free(consensus_fname);
2190  tor_free(unverified_fname);
2191  return result;
2192 }
2193 
2201 void
2202 networkstatus_note_certs_arrived(const char *source_dir)
2203 {
2204  int i;
2205  for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
2206  const char *flavor_name = networkstatus_get_flavor_name(i);
2208  if (!waiting->consensus)
2209  continue;
2210  if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
2211  char *fname = networkstatus_get_cache_fname(i, flavor_name, 1);
2212  reload_consensus_from_file(fname, flavor_name,
2213  NSSET_WAS_WAITING_FOR_CERTS, source_dir);
2214  tor_free(fname);
2215  }
2216  }
2217 }
2218 
2224 void
2225 routers_update_all_from_networkstatus(time_t now, int dir_version)
2226 {
2228  networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
2229  FLAV_NS);
2230 
2231  if (!consensus || dir_version < 3) /* nothing more we should do */
2232  return;
2233 
2234  /* calls router_dir_info_changed() when it's done -- more routers
2235  * might be up or down now, which might affect whether there's enough
2236  * directory info. */
2238 
2240  ri->cache_info.routerlist_index = ri_sl_idx);
2241  if (rl->old_routers)
2243 
2245  int is_server = server_mode(get_options());
2246  version_status_t status;
2247  const char *recommended = is_server ?
2248  consensus->server_versions : consensus->client_versions;
2249  status = tor_version_is_obsolete(VERSION, recommended);
2250 
2251  if (status == VS_RECOMMENDED) {
2252  log_info(LD_GENERAL, "The directory authorities say my version is ok.");
2253  } else if (status == VS_EMPTY) {
2254  log_info(LD_GENERAL,
2255  "The directory authorities don't recommend any versions.");
2256  } else if (status == VS_NEW || status == VS_NEW_IN_SERIES) {
2258  log_notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
2259  "recommended version%s, according to the directory "
2260  "authorities. Recommended versions are: %s",
2261  VERSION,
2262  status == VS_NEW_IN_SERIES ? " in its series" : "",
2263  recommended);
2265  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2266  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2267  VERSION, "NEW", recommended);
2268  }
2269  } else {
2270  log_warn(LD_GENERAL, "Please upgrade! "
2271  "This version of Tor (%s) is %s, according to the directory "
2272  "authorities. Recommended versions are: %s",
2273  VERSION,
2274  status == VS_OLD ? "obsolete" : "not recommended",
2275  recommended);
2277  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2278  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2279  VERSION, status == VS_OLD ? "OBSOLETE" : "UNRECOMMENDED",
2280  recommended);
2281  }
2282  }
2283 }
2284 
2288 void
2290  int reset_failures)
2291 {
2292  const or_options_t *options = get_options();
2293  int authdir = authdir_mode_v3(options);
2294  networkstatus_t *ns = networkstatus_get_latest_consensus();
2295  if (!ns || !smartlist_len(ns->routerstatus_list))
2296  return;
2297 
2298  routers_sort_by_identity(routers);
2299 
2300  SMARTLIST_FOREACH_JOIN(ns->routerstatus_list, routerstatus_t *, rs,
2301  routers, routerinfo_t *, router,
2302  tor_memcmp(rs->identity_digest,
2303  router->cache_info.identity_digest, DIGEST_LEN),
2304  {
2305  }) {
2306  /* Is it the same descriptor, or only the same identity? */
2307  if (tor_memeq(router->cache_info.signed_descriptor_digest,
2308  rs->descriptor_digest, DIGEST_LEN)) {
2309  if (ns->valid_until > router->cache_info.last_listed_as_valid_until)
2310  router->cache_info.last_listed_as_valid_until = ns->valid_until;
2311  }
2312 
2313  if (authdir) {
2314  /* If we _are_ an authority, we should check whether this router
2315  * is one that will cause us to need a reachability test. */
2316  routerinfo_t *old_router =
2317  router_get_mutable_by_digest(router->cache_info.identity_digest);
2318  if (old_router != router) {
2319  router->needs_retest_if_added =
2320  dirserv_should_launch_reachability_test(router, old_router);
2321  }
2322  }
2323  if (reset_failures) {
2324  download_status_reset(&rs->dl_status);
2325  }
2326  } SMARTLIST_FOREACH_JOIN_END(rs, router);
2327 
2329 }
2330 
2333 void
2335 {
2337  if (!ns)
2338  return;
2339 
2340  if (!ns->desc_digest_map) {
2341  char dummy[DIGEST_LEN];
2342  /* instantiates the digest map. */
2343  memset(dummy, 0, sizeof(dummy));
2345  }
2347  {
2348  const routerstatus_t *rs = digestmap_get(ns->desc_digest_map,
2349  d->signed_descriptor_digest);
2350  if (rs) {
2351  if (ns->valid_until > d->last_listed_as_valid_until)
2352  d->last_listed_as_valid_until = ns->valid_until;
2353  }
2354  });
2355 }
2356 
2360 char *
2362 {
2363  return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT,
2364  ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
2365  NULL);
2366 }
2367 
2375 char *
2376 networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
2377 {
2378  const time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
2379  char *answer;
2381  smartlist_t *statuses;
2382  const uint8_t purpose = router_purpose_from_string(purpose_string);
2383  routerstatus_t rs;
2384  const int bridge_auth = authdir_mode_bridge(get_options());
2385 
2386  if (purpose == ROUTER_PURPOSE_UNKNOWN) {
2387  log_info(LD_DIR, "Unrecognized purpose '%s' when listing router statuses.",
2388  purpose_string);
2389  return NULL;
2390  }
2391 
2392  statuses = smartlist_new();
2394  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
2395  if (!node)
2396  continue;
2397  if (ri->cache_info.published_on < cutoff)
2398  continue;
2399  if (ri->purpose != purpose)
2400  continue;
2401  /* TODO: modifying the running flag in a getinfo is a bad idea */
2402  if (bridge_auth && ri->purpose == ROUTER_PURPOSE_BRIDGE)
2404  /* then generate and write out status lines for each of them */
2405  set_routerstatus_from_routerinfo(&rs, node, ri, now, 0);
2407  } SMARTLIST_FOREACH_END(ri);
2408 
2409  answer = smartlist_join_strings(statuses, "", 0, NULL);
2410  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2411  smartlist_free(statuses);
2412  return answer;
2413 }
2414 
2416 void
2418 {
2419  char *status = networkstatus_getinfo_by_purpose("bridge", now);
2420  char *fname = NULL;
2421  char *thresholds = NULL;
2422  char *published_thresholds_and_status = NULL;
2423  char published[ISO_TIME_LEN+1];
2424  const routerinfo_t *me = router_get_my_routerinfo();
2425  char fingerprint[FINGERPRINT_LEN+1];
2426  char *fingerprint_line = NULL;
2427 
2429  fingerprint, 0) >= 0) {
2430  tor_asprintf(&fingerprint_line, "fingerprint %s\n", fingerprint);
2431  } else {
2432  log_warn(LD_BUG, "Error computing fingerprint for bridge status.");
2433  }
2434  format_iso_time(published, now);
2435  dirserv_compute_bridge_flag_thresholds();
2436  thresholds = dirserv_get_flag_thresholds_line();
2437  tor_asprintf(&published_thresholds_and_status,
2438  "published %s\nflag-thresholds %s\n%s%s",
2439  published, thresholds, fingerprint_line ? fingerprint_line : "",
2440  status);
2441  fname = get_datadir_fname("networkstatus-bridges");
2442  if (write_str_to_file(fname,published_thresholds_and_status,0)<0) {
2443  log_warn(LD_DIRSERV, "Unable to write networkstatus-bridges file.");
2444  }
2445  tor_free(thresholds);
2446  tor_free(published_thresholds_and_status);
2447  tor_free(fname);
2448  tor_free(status);
2449  tor_free(fingerprint_line);
2450 }
2451 
2452 /* DOCDOC get_net_param_from_list */
2453 static int32_t
2454 get_net_param_from_list(smartlist_t *net_params, const char *param_name,
2455  int32_t default_val, int32_t min_val, int32_t max_val)
2456 {
2457  int32_t res = default_val;
2458  size_t name_len = strlen(param_name);
2459 
2460  tor_assert(max_val > min_val);
2461  tor_assert(min_val <= default_val);
2462  tor_assert(max_val >= default_val);
2463 
2464  SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) {
2465  if (!strcmpstart(p, param_name) && p[name_len] == '=') {
2466  int ok=0;
2467  long v = tor_parse_long(p+name_len+1, 10, INT32_MIN,
2468  INT32_MAX, &ok, NULL);
2469  if (ok) {
2470  res = (int32_t) v;
2471  break;
2472  }
2473  }
2474  } SMARTLIST_FOREACH_END(p);
2475 
2476  if (res < min_val) {
2477  log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to "
2478  "%d.", param_name, res, min_val);
2479  res = min_val;
2480  } else if (res > max_val) {
2481  log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to "
2482  "%d.", param_name, res, max_val);
2483  res = max_val;
2484  }
2485 
2486  tor_assert(res >= min_val);
2487  tor_assert(res <= max_val);
2488  return res;
2489 }
2490 
2498 MOCK_IMPL(int32_t,
2499 networkstatus_get_param, (const networkstatus_t *ns, const char *param_name,
2500  int32_t default_val, int32_t min_val, int32_t max_val))
2501 {
2502  if (!ns) /* if they pass in null, go find it ourselves */
2503  ns = networkstatus_get_latest_consensus();
2504 
2505  if (!ns || !ns->net_params)
2506  return default_val;
2507 
2508  return get_net_param_from_list(ns->net_params, param_name,
2509  default_val, min_val, max_val);
2510 }
2511 
2517 int32_t
2519  int32_t torrc_value,
2520  const char *param_name,
2521  int32_t default_val,
2522  int32_t min_val, int32_t max_val)
2523 {
2524  if (torrc_value >= min_val && torrc_value <= max_val)
2525  return torrc_value;
2526  else
2527  return networkstatus_get_param(
2528  ns, param_name, default_val, min_val, max_val);
2529 }
2530 
2537 int
2539 {
2540  return networkstatus_get_param(ns, "bwweightscale",
2542  BW_MIN_WEIGHT_SCALE,
2543  BW_MAX_WEIGHT_SCALE);
2544 }
2545 
2550 int32_t
2551 networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name,
2552  int32_t default_val)
2553 {
2554  int32_t param;
2555  int max;
2556  if (!ns) /* if they pass in null, go find it ourselves */
2557  ns = networkstatus_get_latest_consensus();
2558 
2559  if (!ns || !ns->weight_params)
2560  return default_val;
2561 
2563  param = get_net_param_from_list(ns->weight_params, weight_name,
2564  default_val, -1,
2565  BW_MAX_WEIGHT_SCALE);
2566  if (param > max) {
2567  log_warn(LD_DIR, "Value of consensus weight %s was too large, capping "
2568  "to %d", weight_name, max);
2569  param = max;
2570  }
2571  return param;
2572 }
2573 
2576 const char *
2578 {
2579  switch (flav) {
2580  case FLAV_NS:
2581  return "ns";
2582  case FLAV_MICRODESC:
2583  return "microdesc";
2584  default:
2586  return "??";
2587  }
2588 }
2589 
2592 int
2593 networkstatus_parse_flavor_name(const char *flavname)
2594 {
2595  if (!strcmp(flavname, "ns"))
2596  return FLAV_NS;
2597  else if (!strcmp(flavname, "microdesc"))
2598  return FLAV_MICRODESC;
2599  else
2600  return -1;
2601 }
2602 
2606 int
2608 {
2609  if (!rs->is_flagged_running) {
2610  /* If we had this router descriptor, we wouldn't even bother using it.
2611  * (Fetching and storing depends on by we_want_to_fetch_flavor().) */
2612  return 0;
2613  }
2614  if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
2615  /* We'd drop it immediately for being too old. */
2616  return 0;
2617  }
2618  if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
2619  /* We'd ignore it because it doesn't support EXTEND2 cells.
2620  * If we don't know the version, download the descriptor so we can
2621  * check if it supports EXTEND2 cells and ntor. */
2622  return 0;
2623  }
2624  return 1;
2625 }
2626 
2631 int
2633  const char *question, char **answer,
2634  const char **errmsg)
2635 {
2636  const routerstatus_t *status;
2637  (void) conn;
2638 
2639  if (!networkstatus_get_latest_consensus()) {
2640  *answer = tor_strdup("");
2641  return 0;
2642  }
2643 
2644  if (!strcmp(question, "ns/all")) {
2645  smartlist_t *statuses = smartlist_new();
2646  SMARTLIST_FOREACH(networkstatus_get_latest_consensus()->routerstatus_list,
2647  const routerstatus_t *, rs,
2648  {
2650  });
2651  *answer = smartlist_join_strings(statuses, "", 0, NULL);
2652  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2653  smartlist_free(statuses);
2654  return 0;
2655  } else if (!strcmpstart(question, "ns/id/")) {
2656  char d[DIGEST_LEN];
2657  const char *q = question + 6;
2658  if (*q == '$')
2659  ++q;
2660 
2661  if (base16_decode(d, DIGEST_LEN, q, strlen(q)) != DIGEST_LEN) {
2662  *errmsg = "Data not decodeable as hex";
2663  return -1;
2664  }
2666  } else if (!strcmpstart(question, "ns/name/")) {
2667  const node_t *n = node_get_by_nickname(question+8, 0);
2668  status = n ? n->rs : NULL;
2669  } else if (!strcmpstart(question, "ns/purpose/")) {
2670  *answer = networkstatus_getinfo_by_purpose(question+11, time(NULL));
2671  return *answer ? 0 : -1;
2672  } else if (!strcmp(question, "consensus/packages")) {
2673  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2674  if (ns && ns->package_lines)
2675  *answer = smartlist_join_strings(ns->package_lines, "\n", 0, NULL);
2676  else
2677  *errmsg = "No consensus available";
2678  return *answer ? 0 : -1;
2679  } else if (!strcmp(question, "consensus/valid-after") ||
2680  !strcmp(question, "consensus/fresh-until") ||
2681  !strcmp(question, "consensus/valid-until")) {
2682  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2683  if (ns) {
2684  time_t t;
2685  if (!strcmp(question, "consensus/valid-after"))
2686  t = ns->valid_after;
2687  else if (!strcmp(question, "consensus/fresh-until"))
2688  t = ns->fresh_until;
2689  else
2690  t = ns->valid_until;
2691 
2692  char tbuf[ISO_TIME_LEN+1];
2693  format_iso_time(tbuf, t);
2694  *answer = tor_strdup(tbuf);
2695  } else {
2696  *errmsg = "No consensus available";
2697  }
2698  return *answer ? 0 : -1;
2699  } else {
2700  return 0;
2701  }
2702 
2703  if (status)
2704  *answer = networkstatus_getinfo_helper_single(status);
2705  return 0;
2706 }
2707 
2714 int
2716  int client_mode,
2717  char **warning_out)
2718 {
2719  const char *func = client_mode ? "client" : "relay";
2720  const char *required, *recommended;
2721  char *missing = NULL;
2722 
2723  const bool consensus_postdates_this_release =
2725 
2726  tor_assert(warning_out);
2727 
2728  if (client_mode) {
2729  required = ns->required_client_protocols;
2730  recommended = ns->recommended_client_protocols;
2731  } else {
2732  required = ns->required_relay_protocols;
2733  recommended = ns->recommended_relay_protocols;
2734  }
2735 
2736  if (!protover_all_supported(required, &missing)) {
2737  tor_asprintf(warning_out, "At least one protocol listed as required in "
2738  "the consensus is not supported by this version of Tor. "
2739  "You should upgrade. This version of Tor will not work as a "
2740  "%s on the Tor network. The missing protocols are: %s",
2741  func, missing);
2742  tor_free(missing);
2743  return consensus_postdates_this_release ? 1 : 0;
2744  }
2745 
2746  if (! protover_all_supported(recommended, &missing)) {
2747  tor_asprintf(warning_out, "At least one protocol listed as recommended in "
2748  "the consensus is not supported by this version of Tor. "
2749  "You should upgrade. This version of Tor will eventually "
2750  "stop working as a %s on the Tor network. The missing "
2751  "protocols are: %s",
2752  func, missing);
2753  tor_free(missing);
2754  }
2755 
2756  tor_assert_nonfatal(missing == NULL);
2757 
2758  return 0;
2759 }
2760 
2762 void
2764 {
2765  int i;
2766  networkstatus_vote_free(current_ns_consensus);
2767  networkstatus_vote_free(current_md_consensus);
2769 
2770  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
2772  if (waiting->consensus) {
2773  networkstatus_vote_free(waiting->consensus);
2774  waiting->consensus = NULL;
2775  }
2776  }
2777 }
STATIC networkstatus_t * current_ns_consensus
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:603
Header file for circuitstats.c.
int directory_fetches_dir_info_early(const or_options_t *options)
Definition: dirserv.c:105
networkstatus_type_t type
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
routerstatus_t * router_get_mutable_consensus_status_by_id(const char *digest)
Header file for dirclient.c.
smartlist_t * old_routers
Definition: routerlist_st.h:30
unsigned int is_fast
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
unsigned int is_valid
Format routerstatus entries for controller, vote, or consensus.
Header file for circuitbuild.c.
int we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
Common functions for using (pseudo-)random number generators.
digest_algorithm_t alg
Definition: node_st.h:28
Header file for voteflags.c.
version_status_t tor_version_is_obsolete(const char *myversion, const char *versionlist)
Definition: versions.c:53
unsigned int is_hs_dir
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define TO_CONN(c)
Definition: or.h:735
networkstatus_sr_info_t sr_info
unsigned int name_lookup_warned
Definition: node_st.h:72
void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns)
Definition: circuitstats.c:429
#define BW_WEIGHT_SCALE
Definition: or.h:1008
download_want_authority_t
Definition: or.h:778
int dir_server_mode(const or_options_t *options)
Definition: routermode.c:20
Header file for node_select.c.
void format_local_iso_time(char *buf, time_t t)
Definition: time_fmt.c:285
void download_status_reset(download_status_t *dls)
Definition: dlstatus.c:359
void router_dir_info_changed(void)
Definition: nodelist.c:2330
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1025
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Definition: ns_parse.c:1060
Header file for connection.c.
void networkstatus_note_certs_arrived(const char *source_dir)
#define LD_GENERAL
Definition: log.h:59
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
Definition: reachability.c:101
uint8_t state
Definition: connection_st.h:44
char identity_digest[DIGEST_LEN]
#define LOG_INFO
Definition: log.h:42
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:55
Header file for nodelist.c.
STATIC void warn_early_consensus(const networkstatus_t *c, const char *flavor, time_t now)
char * networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
void scheduler_notify_networkstatus_changed(void)
Definition: scheduler.c:468
int we_want_to_fetch_flavor(const or_options_t *options, int flavor)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:632
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
int networkstatus_consensus_can_use_multiple_directories(const or_options_t *options)
int directory_caches_unknown_auth_certs(const or_options_t *options)
Definition: dirserv.c:128
version_status_t
Definition: versions.h:17
void cmux_ewma_set_options(const or_options_t *options, const networkstatus_t *consensus)
static void update_consensus_bootstrap_attempt_downloads(time_t now, download_status_t *dls, download_want_authority_t want_authority)
int authdir_mode_bridge(const or_options_t *options)
Definition: authmode.c:67
MOCK_IMPL(const routerstatus_t *, networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
void voting_schedule_recalculate_timing(const or_options_t *options, time_t now)
Header file for config.c.
Header file for authcert.c.
smartlist_t * net_params
char * networkstatus_getinfo_helper_single(const routerstatus_t *rs)
uint8_t digest_sha3_as_signed[DIGEST256_LEN]
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
#define DIR_CONN_STATE_CLIENT_READING
Definition: directory.h:23
int format_time_interval(char *out, size_t out_len, long interval)
Definition: time_fmt.c:481
struct connection_t * linked_conn
#define OLD_ROUTER_DESC_MAX_AGE
Definition: or.h:164
Header file for microdesc.c.
void signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
routerinfo_t * router_get_mutable_by_digest(const char *digest)
Definition: routerlist.c:676
void update_certificate_downloads(time_t now)
void routers_sort_by_identity(smartlist_t *routers)
Definition: routerlist.c:3207
void routers_update_all_from_networkstatus(time_t now, int dir_version)
int directory_fetches_from_authorities(const or_options_t *options)
Definition: dirserv.c:77
void document_signature_free_(document_signature_t *sig)
void networkstatus_consensus_download_failed(int status_code, const char *flavname)
static void update_consensus_bootstrap_multiple_downloads(time_t now, const or_options_t *options)
Header file for reachability.c.
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:209
#define tor_free(p)
Definition: malloc.h:52
void dirserv_set_router_is_running(routerinfo_t *router, time_t now)
Definition: voteflags.c:475
#define tor_fragile_assert()
Definition: util_bug.h:240
void circpad_new_consensus_params(const networkstatus_t *ns)
common_digests_t digests
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, int consensus_method, const vote_routerstatus_t *vrs)
#define LOG_NOTICE
Definition: log.h:47
void update_microdescs_from_networkstatus(time_t now)
Definition: microdesc.c:1003
int networkstatus_valid_until_is_reasonably_live(time_t valid_until, time_t now)
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
Header file for mainloop.c.
size_t size
Definition: mmap.h:26
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:57
static smartlist_t * router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
#define DELAY_WHILE_FETCHING_CERTS
int download_status_is_ready(download_status_t *dls, time_t now)
Definition: dlstatus.c:376
Header file for versions.c.
Header file for scheduler*.c.
signed_descriptor_t cache_info
time_t download_status_increment_attempt(download_status_t *dls, const char *item, time_t now)
Definition: dlstatus.c:304
unsigned int is_authority
int control_event_newconsensus(const networkstatus_t *consensus)
static int routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
void networkstatus_dump_bridge_status_to_file(time_t now)
smartlist_t * weight_params
void update_consensus_networkstatus_fetch_time(time_t now)
Header file for directory authority mode.
void microdesc_reset_outdated_dirservers_list(void)
Definition: microdesc.c:182
int networkstatus_parse_flavor_name(const char *flavname)
STATIC networkstatus_t * current_md_consensus
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for hibernate.c.
static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]
int directory_fetches_dir_info_later(const or_options_t *options)
Definition: dirserv.c:117
int control_event_general_status(int severity, const char *format,...)
unsigned int is_named
download_schedule_bitfield_t schedule
Common functions for cryptographic routines.
Header file for channel.c.
tor_assert(buffer)
char signing_key_digest[DIGEST_LEN]
int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, int32_t default_val)
#define STMT_NIL
int networkstatus_valid_after_is_reasonably_live(time_t valid_after, time_t now)
struct vote_microdesc_hash_t * next
Header file for routermode.c.
int tor_memcmp(const void *a, const void *b, size_t len)
Definition: di_ops.c:31
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
unsigned int is_unnamed
void reschedule_dirvote(const or_options_t *options)
Definition: mainloop.c:2153
Header file for circuitpadding.c.
#define DIGEST_LEN
Definition: digest_sizes.h:20
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
uint8_t router_purpose_from_string(const char *s)
Definition: routerinfo.c:69
Header file for circuitbuild.c.
void vote_routerstatus_free_(vote_routerstatus_t *rs)
Master header file for Tor-specific functionality.
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
Definition: connection.c:4565
void authority_certs_fetch_missing(networkstatus_t *status, time_t now, const char *dir_hint)
Definition: authcert.c:855
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
const char * data
Definition: mmap.h:25
#define LD_DIRSERV
Definition: log.h:87
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS]
int options_any_client_port_set(const or_options_t *options)
Definition: config.c:8484
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS]
int crypto_rand_int(unsigned int max)
static void update_consensus_networkstatus_downloads(time_t now)
smartlist_t * supported_methods
void networkstatus_reset_warnings(void)
char signing_key_digest[DIGEST_LEN]
crypto_pk_t * signing_key
void networkstatus_reset_download_failures(void)
#define LOG_WARN
Definition: log.h:50
unsigned int type
Definition: connection_st.h:45
#define PDS_RETRY_IF_NO_SERVERS
Definition: node_select.h:48
char nickname[MAX_NICKNAME_LEN+1]
int ClientBootstrapConsensusMaxInProgressTries
int pt_proxies_configuration_pending(void)
Definition: transports.c:371
int router_reload_consensus_networkstatus(void)
Header file for circuitmux_ewma.c.
void routers_update_status_from_consensus_networkstatus(smartlist_t *routers, int reset_failures)
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE
unsigned int is_exit
#define RFTS_IGNORE_MISSING
Definition: files.h:97
int compare_digest_to_vote_routerstatus_entry(const void *_key, const void **_member)
smartlist_t * known_flags
Header file for voting_schedule.c.
int control_event_client_status(int severity, const char *format,...)
Headers for transports.c.
int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
void * smartlist_bsearch(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member))
Definition: smartlist.c:411
static void handle_missing_protocol_warning_impl(const networkstatus_t *c, int is_client)
static int reload_consensus_from_file(const char *fname, const char *flavor, unsigned flags, const char *source_dir)
int authority_cert_dl_looks_uncertain(const char *id_digest)
Definition: authcert.c:765
static void handle_missing_protocol_warning(const networkstatus_t *c, const or_options_t *options)
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS
Definition: dirvote.h:76
Headers and type declarations for protover.c.
smartlist_t * voters
static int have_warned_about_old_version
void networkstatus_vote_free_(networkstatus_t *ns)
#define LOG_ERR
Definition: log.h:53
int FetchUselessDescriptors
#define LD_FS
Definition: log.h:67
smartlist_t * routerstatus_list
char descriptor_digest[DIGEST256_LEN]
unsigned int is_possible_guard
#define LD_DIR
Definition: log.h:85
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
time_t tor_get_approx_release_date(void)
Definition: versions.c:25
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Definition: authcert.c:650
Header file for connection_edge.c.
char identity_digest[DIGEST_LEN]
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
Header file for ns_parse.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
int32_t networkstatus_get_overridable_param(const networkstatus_t *ns, int32_t torrc_value, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:162
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
#define download_status_failed(dls, sc)
Definition: dlstatus.h:22
Header file for dirvote.c.
Header file for relay.c.
Header file for circuitmux.c.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
static int networkstatus_check_required_protocols(const networkstatus_t *ns, int client_mode, char **warning_out)
const char * escaped(const char *s)
Definition: escape.c:126
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out)
consensus_flavor_t
Definition: or.h:863
Header file for dlstatus.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
Definition: circuitstats.c:88
void update_networkstatus_downloads(time_t now)
unsigned int is_stable
int control_event_is_interesting(int event)
struct consensus_waiting_for_certs_t consensus_waiting_for_certs_t
routerstatus_t * networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int protover_all_supported(const char *s, char **missing_out)
Definition: protover.c:746
Definition: or.h:890
int authority_cert_is_blacklisted(const authority_cert_t *cert)
Definition: authcert.c:746
vote_microdesc_hash_t * microdesc
char identity_digest[DIGEST_LEN]
time_t approx_time(void)
Definition: approx_time.c:32
int consensus_is_waiting_for_certs(void)
smartlist_t * package_lines
Header file for dirlist.c.
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:56
#define N_CONSENSUS_FLAVORS
Definition: or.h:869
int directory_caches_dir_info(const or_options_t *options)
Definition: dirserv.c:143
static void networkstatus_copy_old_consensus_info(networkstatus_t *new_c, const networkstatus_t *old_c)
void networkstatus_free_all(void)
int networkstatus_get_weight_scale_param(networkstatus_t *ns)
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:506
static char * networkstatus_get_cache_fname(int flav, const char *flavorname, int unverified_consensus)
Header file for connection_or.c.
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING
unsigned int is_flagged_running
static tor_mmap_t * networkstatus_map_cached_consensus_impl(int flav, const char *flavorname, int unverified_consensus)
int tor_rename(const char *path_old, const char *path_new)
Definition: files.c:103
#define AP_CONN_STATE_IS_UNATTACHED(s)
static int have_warned_about_new_version
char * recommended_relay_protocols
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
digestmap_t * desc_digest_map
#define CONN_TYPE_AP
Definition: connection.h:31
void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, size_t networkstatus_len, const char *flavor_name, const common_digests_t *digests, const uint8_t *sha3_as_signed, time_t published)
Definition: dirserv.c:236
char * dirserv_get_flag_thresholds_line(void)
Definition: voteflags.c:426
static void notify_control_networkstatus_changed(const networkstatus_t *old_c, const networkstatus_t *new_c)
Header file for routerinfo.c.
document_signature_t * document_signature_dup(const document_signature_t *sig)
int client_would_use_router(const routerstatus_t *rs, time_t now)
static int connection_dir_count_by_purpose_and_resource(int purpose, const char *resource)
Definition: connection.h:272
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
Header file for control_events.c.
void set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits)
Definition: voteflags.c:556
unsigned int is_bad_exit
int FetchDirInfoExtraEarly
smartlist_t * bw_file_headers
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
crypto_pk_t * identity_pkey
Definition: routerinfo_st.h:38
struct authority_cert_t * cert
void routerstatus_free_(routerstatus_t *rs)
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:83
int control_event_networkstatus_changed(smartlist_t *statuses)
smartlist_t * routers
Definition: routerlist_st.h:27
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member), int *found_out)
Definition: smartlist.c:428
Header file for routerlist.c.
int compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
tor_mmap_t * networkstatus_map_cached_consensus(const char *flavorname)