tor  0.4.1.0-alpha-dev
networkstatus.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
39 #define NETWORKSTATUS_PRIVATE
40 #include "core/or/or.h"
41 #include "app/config/config.h"
43 #include "core/mainloop/mainloop.h"
44 #include "core/mainloop/netstatus.h"
45 #include "core/or/channel.h"
46 #include "core/or/channelpadding.h"
47 #include "core/or/circuitpadding.h"
48 #include "core/or/circuitmux.h"
50 #include "core/or/circuitstats.h"
52 #include "core/or/connection_or.h"
53 #include "core/or/dos.h"
54 #include "core/or/protover.h"
55 #include "core/or/relay.h"
56 #include "core/or/scheduler.h"
57 #include "core/or/versions.h"
58 #include "feature/client/bridges.h"
63 #include "feature/dircache/consdiffmgr.h"
80 #include "feature/nodelist/torcert.h"
84 
87 #include "feature/dirauth/shared_random.h"
89 
90 #include "feature/nodelist/authority_cert_st.h"
91 #include "feature/dircommon/dir_connection_st.h"
92 #include "feature/dirclient/dir_server_st.h"
93 #include "feature/nodelist/document_signature_st.h"
94 #include "feature/nodelist/networkstatus_st.h"
95 #include "feature/nodelist/networkstatus_voter_info_st.h"
96 #include "feature/dirauth/ns_detached_signatures_st.h"
97 #include "feature/nodelist/node_st.h"
98 #include "feature/nodelist/routerinfo_st.h"
99 #include "feature/nodelist/routerlist_st.h"
100 #include "feature/dirauth/vote_microdesc_hash_st.h"
101 #include "feature/nodelist/vote_routerstatus_st.h"
102 
103 #ifdef HAVE_UNISTD_H
104 #include <unistd.h>
105 #endif
106 
110 
114 
123  time_t set_at;
128 
134 
141  {
142  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
143  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
144  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
145  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
146  };
147 
148 #define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2
149 #define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0
150 #define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1
151 
152 /* Using DL_SCHED_INCREMENT_ATTEMPT on these schedules means that
153  * download_status_increment_failure won't increment these entries.
154  * However, any bootstrap connection failures that occur after we have
155  * a valid consensus will count against the failure counts on the non-bootstrap
156  * schedules. There should only be one of these, as all the others will have
157  * been cancelled. (This doesn't seem to be a significant issue.) */
158 static download_status_t
159  consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
160  {
161  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
162  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
163  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
164  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
165  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
166  };
167 
174 
176  time_t now,
177  const or_options_t *options);
179  int client_mode,
180  char **warning_out);
181 static int reload_consensus_from_file(const char *fname,
182  const char *flavor,
183  unsigned flags,
184  const char *source_dir);
185 
188 void
190 {
191  SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
192  node->name_lookup_warned = 0);
193 
196 }
197 
201 void
203 {
204  int i;
205 
206  log_debug(LD_GENERAL,
207  "In networkstatus_reset_download_failures()");
208 
209  for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
211 
212  for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
213  download_status_reset(&consensus_bootstrap_dl_status[i]);
214 }
215 
217 static char *
219  const char *flavorname,
220  int unverified_consensus)
221 {
222  char buf[128];
223  const char *prefix;
224  if (unverified_consensus) {
225  prefix = "unverified";
226  } else {
227  prefix = "cached";
228  }
229  if (flav == FLAV_NS) {
230  tor_snprintf(buf, sizeof(buf), "%s-consensus", prefix);
231  } else {
232  tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname);
233  }
234 
235  return get_cachedir_fname(buf);
236 }
237 
242 static tor_mmap_t *
244  const char *flavorname,
245  int unverified_consensus)
246 {
247  char *filename = networkstatus_get_cache_fname(flav,
248  flavorname,
249  unverified_consensus);
250  tor_mmap_t *result = tor_mmap_file(filename);
251  tor_free(filename);
252  return result;
253 }
254 
257 tor_mmap_t *
258 networkstatus_map_cached_consensus(const char *flavorname)
259 {
260  int flav = networkstatus_parse_flavor_name(flavorname);
261  if (flav < 0)
262  return NULL;
263  return networkstatus_map_cached_consensus_impl(flav, flavorname, 0);
264 }
265 
267 int
269 {
270  const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
271  int flav;
272 
273  /* FFFF Suppress warnings if cached consensus is bad? */
274  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
275  const char *flavor = networkstatus_get_flavor_name(flav);
276  char *fname = networkstatus_get_cache_fname(flav, flavor, 0);
277  reload_consensus_from_file(fname, flavor, flags, NULL);
278  tor_free(fname);
279 
280  fname = networkstatus_get_cache_fname(flav, flavor, 1);
281  reload_consensus_from_file(fname, flavor,
282  flags | NSSET_WAS_WAITING_FOR_CERTS,
283  NULL);
284  tor_free(fname);
285  }
286 
287  update_certificate_downloads(time(NULL));
288 
291 
292  return 0;
293 }
294 
296 void
298 {
299  vote_microdesc_hash_t *h, *next;
300  if (!rs)
301  return;
302  tor_free(rs->version);
303  tor_free(rs->protocols);
305  for (h = rs->microdesc; h; h = next) {
307  next = h->next;
308  tor_free(h);
309  }
310  tor_free(rs);
311 }
312 
314 void
316 {
317  if (!rs)
318  return;
319  tor_free(rs->exitsummary);
320  tor_free(rs);
321 }
322 
324 void
326 {
327  tor_free(sig->signature);
328  tor_free(sig);
329 }
330 
334 {
335  document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
336  if (r->signature)
337  r->signature = tor_memdup(sig->signature, sig->signature_len);
338  return r;
339 }
340 
342 void
344 {
345  if (!ns)
346  return;
347 
349  tor_free(ns->server_versions);
350  tor_free(ns->recommended_client_protocols);
352  tor_free(ns->required_client_protocols);
353  tor_free(ns->required_relay_protocols);
354 
355  if (ns->known_flags) {
356  SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
357  smartlist_free(ns->known_flags);
358  }
359  if (ns->weight_params) {
360  SMARTLIST_FOREACH(ns->weight_params, char *, c, tor_free(c));
361  smartlist_free(ns->weight_params);
362  }
363  if (ns->net_params) {
364  SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
365  smartlist_free(ns->net_params);
366  }
367  if (ns->supported_methods) {
368  SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
369  smartlist_free(ns->supported_methods);
370  }
371  if (ns->package_lines) {
372  SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c));
373  smartlist_free(ns->package_lines);
374  }
375  if (ns->voters) {
377  tor_free(voter->nickname);
378  tor_free(voter->address);
379  tor_free(voter->contact);
380  if (voter->sigs) {
381  SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
382  document_signature_free(sig));
383  smartlist_free(voter->sigs);
384  }
385  tor_free(voter);
386  } SMARTLIST_FOREACH_END(voter);
387  smartlist_free(ns->voters);
388  }
389  authority_cert_free(ns->cert);
390 
391  if (ns->routerstatus_list) {
392  if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
394  vote_routerstatus_free(rs));
395  } else {
397  routerstatus_free(rs));
398  }
399 
400  smartlist_free(ns->routerstatus_list);
401  }
402 
403  if (ns->bw_file_headers) {
404  SMARTLIST_FOREACH(ns->bw_file_headers, char *, c, tor_free(c));
405  smartlist_free(ns->bw_file_headers);
406  }
407 
408  digestmap_free(ns->desc_digest_map, NULL);
409 
410  if (ns->sr_info.commits) {
411  dirvote_clear_commits(ns);
412  }
413  tor_free(ns->sr_info.previous_srv);
414  tor_free(ns->sr_info.current_srv);
415 
416  memwipe(ns, 11, sizeof(*ns));
417  tor_free(ns);
418 }
419 
425  const char *identity)
426 {
427  if (!vote || !vote->voters)
428  return NULL;
430  if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
431  return voter);
432  return NULL;
433 }
434 
439  digest_algorithm_t alg)
440 {
441  if (!voter->sigs)
442  return NULL;
444  if (sig->alg == alg)
445  return sig);
446  return NULL;
447 }
448 
453 int
456  const authority_cert_t *cert)
457 {
458  char key_digest[DIGEST_LEN];
459  const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
460  char *signed_digest;
461  size_t signed_digest_len;
462 
463  if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
464  return -1;
465  if (tor_memneq(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
466  tor_memneq(sig->identity_digest, cert->cache_info.identity_digest,
467  DIGEST_LEN))
468  return -1;
469 
470  if (authority_cert_is_blacklisted(cert)) {
471  /* We implement blacklisting for authority signing keys by treating
472  * all their signatures as always bad. That way we don't get into
473  * crazy loops of dropping and re-fetching signatures. */
474  log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
475  " signing key %s",
477  sig->bad_signature = 1;
478  return 0;
479  }
480 
481  signed_digest_len = crypto_pk_keysize(cert->signing_key);
482  signed_digest = tor_malloc(signed_digest_len);
483  if (crypto_pk_public_checksig(cert->signing_key,
484  signed_digest,
485  signed_digest_len,
486  sig->signature,
487  sig->signature_len) < dlen ||
488  tor_memneq(signed_digest, consensus->digests.d[sig->alg], dlen)) {
489  log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
490  sig->bad_signature = 1;
491  } else {
492  sig->good_signature = 1;
493  }
494  tor_free(signed_digest);
495  return 0;
496 }
497 
506 int
508  int warn)
509 {
510  int n_good = 0;
511  int n_missing_key = 0, n_dl_failed_key = 0;
512  int n_bad = 0;
513  int n_unknown = 0;
514  int n_no_signature = 0;
515  int n_v3_authorities = get_n_authorities(V3_DIRINFO);
516  int n_required = n_v3_authorities/2 + 1;
517  smartlist_t *list_good = smartlist_new();
518  smartlist_t *list_no_signature = smartlist_new();
519  smartlist_t *need_certs_from = smartlist_new();
520  smartlist_t *unrecognized = smartlist_new();
521  smartlist_t *missing_authorities = smartlist_new();
522  int severity;
523  time_t now = time(NULL);
524 
525  tor_assert(consensus->type == NS_TYPE_CONSENSUS);
526 
528  voter) {
529  int good_here = 0;
530  int bad_here = 0;
531  int unknown_here = 0;
532  int missing_key_here = 0, dl_failed_key_here = 0;
533  SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
534  if (!sig->good_signature && !sig->bad_signature &&
535  sig->signature) {
536  /* we can try to check the signature. */
537  int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
538  sig->identity_digest) != NULL;
539  authority_cert_t *cert =
540  authority_cert_get_by_digests(sig->identity_digest,
541  sig->signing_key_digest);
542  tor_assert(tor_memeq(sig->identity_digest, voter->identity_digest,
543  DIGEST_LEN));
544 
545  if (!is_v3_auth) {
546  smartlist_add(unrecognized, voter);
547  ++unknown_here;
548  continue;
549  } else if (!cert || cert->expires < now) {
550  smartlist_add(need_certs_from, voter);
551  ++missing_key_here;
552  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
553  ++dl_failed_key_here;
554  continue;
555  }
556  if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
557  smartlist_add(need_certs_from, voter);
558  ++missing_key_here;
559  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
560  ++dl_failed_key_here;
561  continue;
562  }
563  }
564  if (sig->good_signature)
565  ++good_here;
566  else if (sig->bad_signature)
567  ++bad_here;
568  } SMARTLIST_FOREACH_END(sig);
569 
570  if (good_here) {
571  ++n_good;
572  smartlist_add(list_good, voter->nickname);
573  } else if (bad_here) {
574  ++n_bad;
575  } else if (missing_key_here) {
576  ++n_missing_key;
577  if (dl_failed_key_here)
578  ++n_dl_failed_key;
579  } else if (unknown_here) {
580  ++n_unknown;
581  } else {
582  ++n_no_signature;
583  smartlist_add(list_no_signature, voter->nickname);
584  }
585  } SMARTLIST_FOREACH_END(voter);
586 
587  /* Now see whether we're missing any voters entirely. */
588  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
589  dir_server_t *, ds,
590  {
591  if ((ds->type & V3_DIRINFO) &&
592  !networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
593  smartlist_add(missing_authorities, ds);
594  });
595 
596  if (warn > 1 || (warn >= 0 &&
597  (n_good + n_missing_key - n_dl_failed_key < n_required))) {
598  severity = LOG_WARN;
599  } else {
600  severity = LOG_INFO;
601  }
602 
603  if (warn >= 0) {
604  SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
605  {
606  tor_log(severity, LD_DIR, "Consensus includes unrecognized authority "
607  "'%s' at %s:%d (contact %s; identity %s)",
608  voter->nickname, voter->address, (int)voter->dir_port,
609  voter->contact?voter->contact:"n/a",
610  hex_str(voter->identity_digest, DIGEST_LEN));
611  });
612  SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
613  {
614  tor_log(severity, LD_DIR, "Looks like we need to download a new "
615  "certificate from authority '%s' at %s:%d (contact %s; "
616  "identity %s)",
617  voter->nickname, voter->address, (int)voter->dir_port,
618  voter->contact?voter->contact:"n/a",
619  hex_str(voter->identity_digest, DIGEST_LEN));
620  });
621  SMARTLIST_FOREACH(missing_authorities, dir_server_t *, ds,
622  {
623  tor_log(severity, LD_DIR, "Consensus does not include configured "
624  "authority '%s' at %s:%d (identity %s)",
625  ds->nickname, ds->address, (int)ds->dir_port,
626  hex_str(ds->v3_identity_digest, DIGEST_LEN));
627  });
628  {
629  char *joined;
630  smartlist_t *sl = smartlist_new();
631  char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
633  "A consensus needs %d good signatures from recognized "
634  "authorities for us to accept it. "
635  "This %s one has %d (%s).",
636  n_required,
638  n_good, tmp);
639  tor_free(tmp);
640  if (n_no_signature) {
641  tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
643  "%d (%s) of the authorities we know didn't sign it.",
644  n_no_signature, tmp);
645  tor_free(tmp);
646  }
647  if (n_unknown) {
649  "It has %d signatures from authorities we don't "
650  "recognize.", n_unknown);
651  }
652  if (n_bad) {
653  smartlist_add_asprintf(sl, "%d of the signatures on it didn't verify "
654  "correctly.", n_bad);
655  }
656  if (n_missing_key) {
658  "We were unable to check %d of the signatures, "
659  "because we were missing the keys.", n_missing_key);
660  }
661  joined = smartlist_join_strings(sl, " ", 0, NULL);
662  tor_log(severity, LD_DIR, "%s", joined);
663  tor_free(joined);
664  SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
665  smartlist_free(sl);
666  }
667  }
668 
669  smartlist_free(list_good);
670  smartlist_free(list_no_signature);
671  smartlist_free(unrecognized);
672  smartlist_free(need_certs_from);
673  smartlist_free(missing_authorities);
674 
675  if (n_good == n_v3_authorities)
676  return 1;
677  else if (n_good >= n_required)
678  return 0;
679  else if (n_good + n_missing_key >= n_required)
680  return -1;
681  else
682  return -2;
683 }
684 
687 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
688 
691 int
692 compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
693 {
694  const char *key = _key;
695  const routerstatus_t *rs = *_member;
696  return tor_memcmp(key, rs->identity_digest, DIGEST_LEN);
697 }
698 
701 int
703  const void **_member)
704 {
705  const char *key = _key;
706  const vote_routerstatus_t *vrs = *_member;
707  return tor_memcmp(key, vrs->status.identity_digest, DIGEST_LEN);
708 }
709 
713 {
714  return smartlist_bsearch(ns->routerstatus_list, digest,
716 }
717 
721 networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
722 {
723  return networkstatus_vote_find_mutable_entry(ns, digest);
724 }
725 
726 /*XXXX MOVE make this static once functions are moved into this file. */
730 int
732  const char *digest, int *found_out)
733 {
734  return smartlist_bsearch_idx(ns->routerstatus_list, digest,
736  found_out);
737 }
738 
742 router_get_mutable_consensus_status_by_descriptor_digest,(
743  networkstatus_t *consensus,
744  const char *digest))
745 {
746  if (!consensus)
747  consensus = networkstatus_get_latest_consensus();
748  if (!consensus)
749  return NULL;
750  if (!consensus->desc_digest_map) {
751  digestmap_t *m = consensus->desc_digest_map = digestmap_new();
753  routerstatus_t *, rs,
754  {
755  digestmap_set(m, rs->descriptor_digest, rs);
756  });
757  }
758  return digestmap_get(consensus->desc_digest_map, digest);
759 }
760 
764 const routerstatus_t *
766  const char *digest)
767 {
768  return router_get_mutable_consensus_status_by_descriptor_digest(
769  consensus, digest);
770 }
771 
773 static smartlist_t *
775 {
776  smartlist_t *result = smartlist_new();
777  digestmap_iter_t *i;
778  const char *digest;
779  void *rs;
780  char *digest_tmp;
781 
782  for (i = digestmap_iter_init(consensus->desc_digest_map);
783  !(digestmap_iter_done(i));
784  i = digestmap_iter_next(consensus->desc_digest_map, i)) {
785  digestmap_iter_get(i, &digest, &rs);
786  digest_tmp = tor_malloc(DIGEST_LEN);
787  memcpy(digest_tmp, digest, DIGEST_LEN);
788  smartlist_add(result, digest_tmp);
789  }
790 
791  return result;
792 }
793 
797 router_get_descriptor_digests,(void))
798 {
799  smartlist_t *result = NULL;
800 
801  if (current_ns_consensus) {
802  result =
804  }
805 
806  return result;
807 }
808 
812 router_get_dl_status_by_descriptor_digest,(const char *d))
813 {
814  routerstatus_t *rs;
816  return NULL;
817  if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
819  return &rs->dl_status;
820 
821  return NULL;
822 }
823 
827 {
828  const networkstatus_t *ns = networkstatus_get_latest_consensus();
829  if (!ns)
830  return NULL;
831  smartlist_t *rslist = ns->routerstatus_list;
832  return smartlist_bsearch(rslist, digest,
834 }
835 
838 const routerstatus_t *
840 {
842 }
843 
846 #define AUTHORITY_NS_CACHE_INTERVAL (10*60)
847 
850 #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60)
851 
857 int
858 we_want_to_fetch_flavor(const or_options_t *options, int flavor)
859 {
860  if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) {
861  /* This flavor is crazy; we don't want it */
862  /*XXXX handle unrecognized flavors later */
863  return 0;
864  }
865  if (authdir_mode_v3(options) || directory_caches_dir_info(options)) {
866  /* We want to serve all flavors to others, regardless if we would use
867  * it ourselves. */
868  return 1;
869  }
870  if (options->FetchUselessDescriptors) {
871  /* In order to get all descriptors, we need to fetch all consensuses. */
872  return 1;
873  }
874  /* Otherwise, we want the flavor only if we want to use it to build
875  * circuits. */
876  return flavor == usable_consensus_flavor();
877 }
878 
885 int
887 {
888  if (authdir_mode_v3(options) ||
890  /* We want to serve all certs to others, regardless if we would use
891  * them ourselves. */
892  return 1;
893  }
894  if (options->FetchUselessDescriptors) {
895  /* Unknown certificates are definitely useless. */
896  return 1;
897  }
898  /* Otherwise, don't fetch unknown certificates. */
899  return 0;
900 }
901 
904 #define DELAY_WHILE_FETCHING_CERTS (20*60)
905 
908 #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
909 
910 /* Check if a downloaded consensus flavor should still wait for certificates
911  * to download now. If we decide not to wait, check if enough time has passed
912  * to consider the certificate download failure a separate failure. If so,
913  * fail dls.
914  * If waiting for certificates to download, return 1. If not, return 0. */
915 static int
916 check_consensus_waiting_for_certs(int flavor, time_t now,
917  download_status_t *dls)
918 {
920 
921  /* We should always have a known flavor, because we_want_to_fetch_flavor()
922  * filters out unknown flavors. */
923  tor_assert(flavor >= 0 && flavor < N_CONSENSUS_FLAVORS);
924 
925  waiting = &consensus_waiting_for_certs[flavor];
926  if (waiting->consensus) {
927  /* XXXX make sure this doesn't delay sane downloads. */
928  if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
929  waiting->consensus->valid_until > now) {
930  return 1;
931  } else {
932  if (!waiting->dl_failed) {
933  if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
934  download_status_failed(dls, 0);
935  }
936  waiting->dl_failed=1;
937  }
938  }
939  }
940 
941  return 0;
942 }
943 
946 static void
948 {
949  int i;
950  const or_options_t *options = get_options();
951  const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
952  now);
953  const int use_multi_conn =
955 
956  if (should_delay_dir_fetches(options, NULL))
957  return;
958 
959  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
960  /* XXXX need some way to download unknown flavors if we are caching. */
961  const char *resource;
962  networkstatus_t *c;
963  int max_in_progress_conns = 1;
964 
965  if (! we_want_to_fetch_flavor(options, i))
966  continue;
967 
968  c = networkstatus_get_latest_consensus_by_flavor(i);
969  if (! (c && c->valid_after <= now && now <= c->valid_until)) {
970  /* No live consensus? Get one now!*/
972  }
973 
974  if (time_to_download_next_consensus[i] > now)
975  continue; /* Wait until the current consensus is older. */
976 
977  resource = networkstatus_get_flavor_name(i);
978 
979  /* Check if we already have enough connections in progress */
980  if (we_are_bootstrapping && use_multi_conn) {
981  max_in_progress_conns =
983  }
986  resource)
987  >= max_in_progress_conns) {
988  continue;
989  }
990 
991  /* Check if we want to launch another download for a usable consensus.
992  * Only used during bootstrap. */
993  if (we_are_bootstrapping && use_multi_conn
994  && i == usable_consensus_flavor()) {
995 
996  /* Check if we're already downloading a usable consensus */
997  if (networkstatus_consensus_is_already_downloading(resource))
998  continue;
999 
1000  /* Make multiple connections for a bootstrap consensus download. */
1002  } else {
1003  /* Check if we failed downloading a consensus too recently */
1004 
1005  /* Let's make sure we remembered to update consensus_dl_status */
1006  tor_assert(consensus_dl_status[i].schedule == DL_SCHED_CONSENSUS);
1007 
1009  continue;
1010  }
1011 
1014  if (check_consensus_waiting_for_certs(i, now, &consensus_dl_status[i])) {
1016  continue;
1017  }
1018 
1019  /* Try the requested attempt */
1020  log_info(LD_DIR, "Launching %s standard networkstatus consensus "
1021  "download.", networkstatus_get_flavor_name(i));
1022  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1023  ROUTER_PURPOSE_GENERAL, resource,
1025  consensus_dl_status[i].want_authority);
1026  }
1027  }
1028 }
1029 
1035 static void
1037  time_t now,
1038  download_status_t *dls,
1039  download_want_authority_t want_authority)
1040 {
1041  const char *resource = networkstatus_get_flavor_name(
1042  usable_consensus_flavor());
1043 
1044  /* Let's make sure we remembered to update schedule */
1045  tor_assert(dls->schedule == DL_SCHED_CONSENSUS);
1046 
1047  /* Allow for multiple connections in the same second, if the schedule value
1048  * is 0. */
1049  while (download_status_is_ready(dls, now)) {
1050  log_info(LD_DIR, "Launching %s bootstrap %s networkstatus consensus "
1051  "download.", resource, (want_authority == DL_WANT_AUTHORITY
1052  ? "authority"
1053  : "mirror"));
1054 
1055  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1056  ROUTER_PURPOSE_GENERAL, resource,
1057  PDS_RETRY_IF_NO_SERVERS, want_authority);
1058  /* schedule the next attempt */
1059  download_status_increment_attempt(dls, resource, now);
1060  }
1061 }
1062 
1071 static void
1073  const or_options_t *options)
1074 {
1075  const int usable_flavor = usable_consensus_flavor();
1076 
1077  /* make sure we can use multiple connections */
1079  return;
1080  }
1081 
1082  /* Launch concurrent consensus download attempt(s) based on the mirror and
1083  * authority schedules. Try the mirror first - this makes it slightly more
1084  * likely that we'll connect to the fallback first, and then end the
1085  * authority connection attempt. */
1086 
1087  /* If a consensus download fails because it's waiting for certificates,
1088  * we'll fail both the authority and fallback schedules. This is better than
1089  * failing only one of the schedules, and having the other continue
1090  * unchecked.
1091  */
1092 
1093  /* If we don't have or can't use extra fallbacks, don't try them. */
1094  if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
1095  download_status_t *dls_f =
1096  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
1097 
1098  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
1099  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
1101  DL_WANT_ANY_DIRSERVER);
1102  }
1103  }
1104 
1105  /* Now try an authority. */
1106  download_status_t *dls_a =
1107  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
1108 
1109  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
1111  DL_WANT_AUTHORITY);
1112  }
1113 }
1114 
1117 void
1118 networkstatus_consensus_download_failed(int status_code, const char *flavname)
1119 {
1120  int flav = networkstatus_parse_flavor_name(flavname);
1121  if (flav >= 0) {
1123  /* XXXX handle unrecognized flavors */
1124  download_status_failed(&consensus_dl_status[flav], status_code);
1125  /* Retry immediately, if appropriate. */
1127  }
1128 }
1129 
1132 #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120
1133 
1136 static void
1138 {
1139  const or_options_t *options = get_options();
1140  networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
1141  const char *flavor = networkstatus_get_flavor_name(flav);
1142  if (! we_want_to_fetch_flavor(get_options(), flav))
1143  return;
1144 
1145  if (c && c->valid_after <= now && now <= c->valid_until) {
1146  long dl_interval;
1147  long interval = c->fresh_until - c->valid_after;
1148  long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
1149  time_t start;
1150 
1151  if (min_sec_before_caching > interval/16) {
1152  /* Usually we allow 2-minutes slop factor in case clocks get
1153  desynchronized a little. If we're on a private network with
1154  a crazy-fast voting interval, though, 2 minutes may be too
1155  much. */
1156  min_sec_before_caching = interval/16;
1157  /* make sure we always delay by at least a second before caching */
1158  if (min_sec_before_caching == 0) {
1159  min_sec_before_caching = 1;
1160  }
1161  }
1162 
1163  if (directory_fetches_dir_info_early(options)) {
1164  /* We want to cache the next one at some point after this one
1165  * is no longer fresh... */
1166  start = (time_t)(c->fresh_until + min_sec_before_caching);
1167  /* Some clients may need the consensus sooner than others. */
1168  if (options->FetchDirInfoExtraEarly || authdir_mode_v3(options)) {
1169  dl_interval = 60;
1170  if (min_sec_before_caching + dl_interval > interval)
1171  dl_interval = interval/2;
1172  } else {
1173  /* But only in the first half-interval after that. */
1174  dl_interval = interval/2;
1175  }
1176  } else {
1177  /* We're an ordinary client, a bridge, or a hidden service.
1178  * Give all the caches enough time to download the consensus. */
1179  start = (time_t)(c->fresh_until + (interval*3)/4);
1180  /* But download the next one well before this one is expired. */
1181  dl_interval = ((c->valid_until - start) * 7 )/ 8;
1182 
1183  /* If we're a bridge user, make use of the numbers we just computed
1184  * to choose the rest of the interval *after* them. */
1185  if (directory_fetches_dir_info_later(options)) {
1186  /* Give all the *clients* enough time to download the consensus. */
1187  start = (time_t)(start + dl_interval + min_sec_before_caching);
1188  /* But try to get it before ours actually expires. */
1189  dl_interval = (c->valid_until - start) - min_sec_before_caching;
1190  }
1191  }
1192  /* catch low dl_interval in crazy-fast networks */
1193  if (dl_interval < 1)
1194  dl_interval = 1;
1195  /* catch late start in crazy-fast networks */
1196  if (start+dl_interval >= c->valid_until)
1197  start = c->valid_until - dl_interval - 1;
1198  log_debug(LD_DIR,
1199  "fresh_until: %ld start: %ld "
1200  "dl_interval: %ld valid_until: %ld ",
1201  (long)c->fresh_until, (long)start, dl_interval,
1202  (long)c->valid_until);
1203  /* We must not try to replace c while it's still fresh: */
1204  tor_assert(c->fresh_until < start);
1205  /* We must download the next one before c is invalid: */
1206  tor_assert(start+dl_interval < c->valid_until);
1208  start + crypto_rand_int((int)dl_interval);
1209  {
1210  char tbuf1[ISO_TIME_LEN+1];
1211  char tbuf2[ISO_TIME_LEN+1];
1212  char tbuf3[ISO_TIME_LEN+1];
1216  log_info(LD_DIR, "Live %s consensus %s the most recent until %s and "
1217  "will expire at %s; fetching the next one at %s.",
1218  flavor, (c->fresh_until > now) ? "will be" : "was",
1219  tbuf1, tbuf2, tbuf3);
1220  }
1221  } else {
1222  time_to_download_next_consensus[flav] = now;
1223  log_info(LD_DIR, "No live %s consensus; we should fetch one immediately.",
1224  flavor);
1225  }
1226 }
1227 
1230 void
1232 {
1233  int i;
1234  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1235  if (we_want_to_fetch_flavor(get_options(), i))
1237  }
1238 }
1239 
1248 int
1249 should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
1250 {
1251  if (msg_out) {
1252  *msg_out = NULL;
1253  }
1254 
1255  if (options->DisableNetwork) {
1256  if (msg_out) {
1257  *msg_out = "DisableNetwork is set.";
1258  }
1259  log_info(LD_DIR, "Delaying dir fetches (DisableNetwork is set)");
1260  return 1;
1261  }
1262 
1263  if (we_are_hibernating()) {
1264  if (msg_out) {
1265  *msg_out = "We are hibernating or shutting down.";
1266  }
1267  log_info(LD_DIR, "Delaying dir fetches (Hibernating or shutting down)");
1268  return 1;
1269  }
1270 
1271  if (options->UseBridges) {
1272  /* If we know that none of our bridges can possibly work, avoid fetching
1273  * directory documents. But if some of them might work, try again. */
1274  if (num_bridges_usable(1) == 0) {
1275  if (msg_out) {
1276  *msg_out = "No running bridges";
1277  }
1278  log_info(LD_DIR, "Delaying dir fetches (no running bridges known)");
1279  return 1;
1280  }
1281 
1283  if (msg_out) {
1284  *msg_out = "Pluggable transport proxies still configuring";
1285  }
1286  log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)");
1287  return 1;
1288  }
1289  }
1290 
1291  return 0;
1292 }
1293 
1298 void
1300 {
1301  const or_options_t *options = get_options();
1302  if (should_delay_dir_fetches(options, NULL))
1303  return;
1308 }
1309 
1312 void
1314 {
1315  int i;
1316  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1317  if (consensus_waiting_for_certs[i].consensus)
1319  now, NULL);
1320  }
1321 
1326 }
1327 
1330 int
1332 {
1333  return consensus_waiting_for_certs[usable_consensus_flavor()].consensus
1334  ? 1 : 0;
1335 }
1336 
1341 networkstatus_get_dl_status_by_flavor,(consensus_flavor_t flavor))
1342 {
1343  download_status_t *dl = NULL;
1344  const int we_are_bootstrapping =
1345  networkstatus_consensus_is_bootstrapping(time(NULL));
1346 
1347  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1348  dl = &((we_are_bootstrapping ?
1349  consensus_bootstrap_dl_status : consensus_dl_status)[flavor]);
1350  }
1351 
1352  return dl;
1353 }
1354 
1358 networkstatus_get_dl_status_by_flavor_bootstrap,(consensus_flavor_t flavor))
1359 {
1360  download_status_t *dl = NULL;
1361 
1362  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1363  dl = &(consensus_bootstrap_dl_status[flavor]);
1364  }
1365 
1366  return dl;
1367 }
1368 
1372 networkstatus_get_dl_status_by_flavor_running,(consensus_flavor_t flavor))
1373 {
1374  download_status_t *dl = NULL;
1375 
1376  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1377  dl = &(consensus_dl_status[flavor]);
1378  }
1379 
1380  return dl;
1381 }
1382 
1386 networkstatus_get_latest_consensus,(void))
1387 {
1388  if (we_use_microdescriptors_for_circuits(get_options()))
1389  return current_md_consensus;
1390  else
1391  return current_ns_consensus;
1392 }
1393 
1397 networkstatus_get_latest_consensus_by_flavor,(consensus_flavor_t f))
1398 {
1399  if (f == FLAV_NS)
1400  return current_ns_consensus;
1401  else if (f == FLAV_MICRODESC)
1402  return current_md_consensus;
1403  else {
1404  tor_assert(0);
1405  return NULL;
1406  }
1407 }
1408 
1412 networkstatus_get_live_consensus,(time_t now))
1413 {
1414  networkstatus_t *ns = networkstatus_get_latest_consensus();
1415  if (ns && networkstatus_is_live(ns, now))
1416  return ns;
1417  else
1418  return NULL;
1419 }
1420 
1423 int
1425 {
1426  return (ns->valid_after <= now && now <= ns->valid_until);
1427 }
1428 
1435 int
1437  time_t now)
1438 {
1439  if (BUG(!consensus))
1440  return 0;
1441 
1443  now) &&
1445  now);
1446 }
1447 
1448 #define REASONABLY_LIVE_TIME (24*60*60)
1449 
1453 int
1455  time_t now)
1456 {
1457  return (now >= valid_after - REASONABLY_LIVE_TIME);
1458 }
1459 
1463 int
1465  time_t now)
1466 {
1467  return (now <= valid_until + REASONABLY_LIVE_TIME);
1468 }
1469 
1473 networkstatus_get_reasonably_live_consensus,(time_t now, int flavor))
1474 {
1475  networkstatus_t *consensus =
1476  networkstatus_get_latest_consensus_by_flavor(flavor);
1477  if (consensus &&
1479  return consensus;
1480  else
1481  return NULL;
1482 }
1483 
1493 networkstatus_consensus_is_bootstrapping,(time_t now))
1494 {
1495  /* If we have a validated, reasonably live consensus, we're not
1496  * bootstrapping a consensus at all. */
1497  if (networkstatus_get_reasonably_live_consensus(
1498  now,
1499  usable_consensus_flavor())) {
1500  return 0;
1501  }
1502 
1503  /* If we have a consensus, but we're waiting for certificates,
1504  * we're not waiting for a consensus download while bootstrapping. */
1506  return 0;
1507  }
1508 
1509  /* If we have no consensus, or our consensus is very old, we are
1510  * bootstrapping, and we need to download a consensus. */
1511  return 1;
1512 }
1513 
1517 int
1519  const or_options_t *options)
1520 {
1521  /* If we are a client, bridge, bridge client, or hidden service */
1522  return !public_server_mode(options);
1523 }
1524 
1529 networkstatus_consensus_can_use_extra_fallbacks,(const or_options_t *options))
1530 {
1531  /* The list length comparisons are a quick way to check if we have any
1532  * non-authority fallback directories. If we ever have any authorities that
1533  * aren't fallback directories, we will need to change this code. */
1534  tor_assert(smartlist_len(router_get_fallback_dir_servers())
1535  >= smartlist_len(router_get_trusted_dir_servers()));
1536  /* If we don't fetch from the authorities, and we have additional mirrors,
1537  * we can use them. */
1538  return (!directory_fetches_from_authorities(options)
1539  && (smartlist_len(router_get_fallback_dir_servers())
1540  > smartlist_len(router_get_trusted_dir_servers())));
1541 }
1542 
1543 /* Is there a consensus fetch for flavor <b>resource</b> that's far
1544  * enough along to be attached to a circuit? */
1545 int
1546 networkstatus_consensus_is_already_downloading(const char *resource)
1547 {
1548  int answer = 0;
1549 
1550  /* First, get a list of all the dir conns that are fetching a consensus,
1551  * fetching *this* consensus, and are in state "reading" (meaning they
1552  * have already flushed their request onto the socks connection). */
1553  smartlist_t *fetching_conns =
1556 
1557  /* Then, walk through each conn, to see if its linked socks connection
1558  * is in an attached state. We have to check this separately, since with
1559  * the optimistic data feature, fetches can send their request to the
1560  * socks connection and go into state 'reading', even before they're
1561  * attached to any circuit. */
1562  SMARTLIST_FOREACH_BEGIN(fetching_conns, dir_connection_t *, dirconn) {
1563  /* Do any of these other dir conns have a linked socks conn that is
1564  * attached to a circuit already? */
1565  connection_t *base = TO_CONN(dirconn);
1566  if (base->linked_conn &&
1567  base->linked_conn->type == CONN_TYPE_AP &&
1569  answer = 1;
1570  break; /* stop looping, because we know the answer will be yes */
1571  }
1572  } SMARTLIST_FOREACH_END(dirconn);
1573  smartlist_free(fetching_conns);
1574 
1575  return answer;
1576 }
1577 
1578 /* Does the current, reasonably live consensus have IPv6 addresses?
1579  * Returns 1 if there is a reasonably live consensus and its consensus method
1580  * includes IPv6 addresses in the consensus.
1581  * Otherwise, if there is no consensus, or the method does not include IPv6
1582  * addresses, returns 0. */
1583 int
1584 networkstatus_consensus_has_ipv6(const or_options_t* options)
1585 {
1586  const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
1587  approx_time(),
1588  usable_consensus_flavor());
1589 
1590  /* If we have no consensus, we have no IPv6 in it */
1591  if (!cons) {
1592  return 0;
1593  }
1594 
1595  /* Different flavours of consensus gained IPv6 at different times */
1596  if (we_use_microdescriptors_for_circuits(options)) {
1597  return
1599  } else {
1600  return 1;
1601  }
1602 }
1603 
1606 static int
1608 {
1610 
1611  return strcmp(a->nickname, b->nickname) ||
1612  fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
1613  a->addr != b->addr ||
1614  a->or_port != b->or_port ||
1615  a->dir_port != b->dir_port ||
1616  a->is_authority != b->is_authority ||
1617  a->is_exit != b->is_exit ||
1618  a->is_stable != b->is_stable ||
1619  a->is_fast != b->is_fast ||
1621  a->is_named != b->is_named ||
1622  a->is_unnamed != b->is_unnamed ||
1623  a->is_valid != b->is_valid ||
1625  a->is_bad_exit != b->is_bad_exit ||
1626  a->is_hs_dir != b->is_hs_dir;
1627  // XXXX this function needs a huge refactoring; it has gotten out
1628  // XXXX of sync with routerstatus_t, and it will do so again.
1629 }
1630 
1633 static void
1635  const networkstatus_t *new_c)
1636 {
1637  smartlist_t *changed;
1638  if (old_c == new_c)
1639  return;
1640 
1641  /* tell the controller exactly which relays are still listed, as well
1642  * as what they're listed as */
1644 
1645  if (!control_event_is_interesting(EVENT_NS))
1646  return;
1647 
1648  if (!old_c) {
1650  return;
1651  }
1652  changed = smartlist_new();
1653 
1654  SMARTLIST_FOREACH_JOIN(
1655  old_c->routerstatus_list, const routerstatus_t *, rs_old,
1656  new_c->routerstatus_list, const routerstatus_t *, rs_new,
1657  tor_memcmp(rs_old->identity_digest,
1658  rs_new->identity_digest, DIGEST_LEN),
1659  smartlist_add(changed, (void*) rs_new)) {
1660  if (routerstatus_has_changed(rs_old, rs_new))
1661  smartlist_add(changed, (void*)rs_new);
1662  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1663 
1665  smartlist_free(changed);
1666 }
1667 
1668 /* Called before the consensus changes from old_c to new_c. */
1669 static void
1670 notify_before_networkstatus_changes(const networkstatus_t *old_c,
1671  const networkstatus_t *new_c)
1672 {
1674  dos_consensus_has_changed(new_c);
1675  relay_consensus_has_changed(new_c);
1676 }
1677 
1678 /* Called after a new consensus has been put in the global state. It is safe
1679  * to use the consensus getters in this function. */
1680 static void
1681 notify_after_networkstatus_changes(void)
1682 {
1684 }
1685 
1688 static void
1690  const networkstatus_t *old_c)
1691 {
1692  if (old_c == new_c)
1693  return;
1694  if (!old_c || !smartlist_len(old_c->routerstatus_list))
1695  return;
1696 
1697  SMARTLIST_FOREACH_JOIN(old_c->routerstatus_list, routerstatus_t *, rs_old,
1698  new_c->routerstatus_list, routerstatus_t *, rs_new,
1699  tor_memcmp(rs_old->identity_digest,
1700  rs_new->identity_digest, DIGEST_LEN),
1701  STMT_NIL) {
1702  /* Okay, so we're looking at the same identity. */
1703  rs_new->last_dir_503_at = rs_old->last_dir_503_at;
1704 
1705  if (tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
1706  DIGEST256_LEN)) {
1707  /* And the same descriptor too! */
1708  memcpy(&rs_new->dl_status, &rs_old->dl_status,sizeof(download_status_t));
1709  }
1710  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1711 }
1712 
1713 #ifdef TOR_UNIT_TESTS
1714 
1720 int
1721 networkstatus_set_current_consensus_from_ns(networkstatus_t *c,
1722  const char *flavor)
1723 {
1724  int flav = networkstatus_parse_flavor_name(flavor);
1725  switch (flav) {
1726  case FLAV_NS:
1727  if (current_ns_consensus) {
1729  networkstatus_vote_free(current_ns_consensus);
1730  }
1732  break;
1733  case FLAV_MICRODESC:
1734  if (current_md_consensus) {
1736  networkstatus_vote_free(current_md_consensus);
1737  }
1739  break;
1740  }
1741  return current_md_consensus ? 0 : -1;
1742 }
1743 #endif /* defined(TOR_UNIT_TESTS) */
1744 
1750 static int
1751 reload_consensus_from_file(const char *fname,
1752  const char *flavor,
1753  unsigned flags,
1754  const char *source_dir)
1755 {
1756  tor_mmap_t *map = tor_mmap_file(fname);
1757  if (!map)
1758  return 0;
1759 
1760  int rv = networkstatus_set_current_consensus(map->data, map->size,
1761  flavor, flags, source_dir);
1762 #ifdef _WIN32
1763  if (rv < 0 && tor_memstr(map->data, map->size, "\r\n")) {
1764  log_info(LD_GENERAL, "Found CRLF in consensus file %s; falling back to "
1765  "read_file_to_string.", escaped(fname));
1766  char *content = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
1767  rv = networkstatus_set_current_consensus(content, strlen(content),
1768  flavor, flags, source_dir);
1769  tor_free(content);
1770  }
1771 #endif
1772  if (rv < -1) {
1773  log_warn(LD_GENERAL, "Couldn't set consensus from cache file %s",
1774  escaped(fname));
1775  }
1776  tor_munmap_file(map);
1777  return rv;
1778 }
1779 
1784 static void
1786  int is_client)
1787 {
1788  char *protocol_warning = NULL;
1789 
1790  int should_exit = networkstatus_check_required_protocols(c,
1791  is_client,
1792  &protocol_warning);
1793  if (protocol_warning) {
1794  tor_log(should_exit ? LOG_ERR : LOG_WARN,
1795  LD_GENERAL,
1796  "%s", protocol_warning);
1797  }
1798  if (should_exit) {
1799  tor_assert_nonfatal(protocol_warning);
1800  }
1801  tor_free(protocol_warning);
1802  if (should_exit)
1803  exit(1); // XXXX bad exit: should return from main.
1804 }
1805 
1810 static void
1812  const or_options_t *options)
1813 {
1814  const int is_server = server_mode(options);
1815  const int is_client = options_any_client_port_set(options) || !is_server;
1816 
1817  if (is_server)
1819  if (is_client)
1821 }
1822 
1840 STATIC void
1841 warn_early_consensus(const networkstatus_t *c, const char *flavor,
1842  time_t now)
1843 {
1844  char tbuf[ISO_TIME_LEN+1];
1845  char dbuf[64];
1846  long delta = now - c->valid_after;
1847  char *flavormsg = NULL;
1848 
1852 #define EARLY_CONSENSUS_NOTICE_SKEW 60
1853 
1854  /* We assume that if a majority of dirauths have accurate clocks,
1855  * the earliest that a dirauth with a skewed clock could possibly
1856  * publish a sufficiently-signed consensus is (valid_after -
1857  * dist_seconds). Before that time, the skewed dirauth would be
1858  * unable to obtain enough authority signatures for the consensus to
1859  * be valid. */
1860  if (now >= c->valid_after - c->dist_seconds - EARLY_CONSENSUS_NOTICE_SKEW)
1861  return;
1862 
1863  format_iso_time(tbuf, c->valid_after);
1864  format_time_interval(dbuf, sizeof(dbuf), delta);
1865  log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
1866  "consensus network status document (%s UTC). Tor needs an "
1867  "accurate clock to work correctly. Please check your time and "
1868  "date settings!", dbuf, tbuf);
1869  tor_asprintf(&flavormsg, "%s flavor consensus", flavor);
1870  clock_skew_warning(NULL, delta, 1, LD_GENERAL, flavormsg, "CONSENSUS");
1871  tor_free(flavormsg);
1872 }
1873 
1895 int
1897  size_t consensus_len,
1898  const char *flavor,
1899  unsigned flags,
1900  const char *source_dir)
1901 {
1902  networkstatus_t *c=NULL;
1903  int r, result = -1;
1904  time_t now = approx_time();
1905  const or_options_t *options = get_options();
1906  char *unverified_fname = NULL, *consensus_fname = NULL;
1907  int flav = networkstatus_parse_flavor_name(flavor);
1908  const unsigned from_cache = flags & NSSET_FROM_CACHE;
1909  const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
1910  const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
1911  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
1912  const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
1913  const common_digests_t *current_digests = NULL;
1914  consensus_waiting_for_certs_t *waiting = NULL;
1915  time_t current_valid_after = 0;
1916  int free_consensus = 1; /* Free 'c' at the end of the function */
1917  int checked_protocols_already = 0;
1918 
1919  if (flav < 0) {
1920  /* XXXX we don't handle unrecognized flavors yet. */
1921  log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
1922  return -2;
1923  }
1924 
1925  /* Make sure it's parseable. */
1927  consensus_len,
1928  NULL, NS_TYPE_CONSENSUS);
1929  if (!c) {
1930  log_warn(LD_DIR, "Unable to parse networkstatus consensus");
1931  result = -2;
1932  goto done;
1933  }
1934 
1935  if (from_cache && !was_waiting_for_certs) {
1936  /* We previously stored this; check _now_ to make sure that version-kills
1937  * really work. This happens even before we check signatures: we did so
1938  * before when we stored this to disk. This does mean an attacker who can
1939  * write to the datadir can make us not start: such an attacker could
1940  * already harm us by replacing our guards, which would be worse. */
1941  checked_protocols_already = 1;
1942  handle_missing_protocol_warning(c, options);
1943  }
1944 
1945  if ((int)c->flavor != flav) {
1946  /* This wasn't the flavor we thought we were getting. */
1947  if (require_flavor) {
1948  log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
1950  goto done;
1951  }
1952  flav = c->flavor;
1953  flavor = networkstatus_get_flavor_name(flav);
1954  }
1955 
1956  if (flav != usable_consensus_flavor() &&
1957  !we_want_to_fetch_flavor(options, flav)) {
1958  /* This consensus is totally boring to us: we won't use it, we didn't want
1959  * it, and we won't serve it. Drop it. */
1960  goto done;
1961  }
1962 
1963  if (from_cache && !accept_obsolete &&
1965  log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
1966  goto done;
1967  }
1968 
1969  if (!strcmp(flavor, "ns")) {
1970  consensus_fname = get_cachedir_fname("cached-consensus");
1971  unverified_fname = get_cachedir_fname("unverified-consensus");
1972  if (current_ns_consensus) {
1973  current_digests = &current_ns_consensus->digests;
1974  current_valid_after = current_ns_consensus->valid_after;
1975  }
1976  } else if (!strcmp(flavor, "microdesc")) {
1977  consensus_fname = get_cachedir_fname("cached-microdesc-consensus");
1978  unverified_fname = get_cachedir_fname("unverified-microdesc-consensus");
1979  if (current_md_consensus) {
1980  current_digests = &current_md_consensus->digests;
1981  current_valid_after = current_md_consensus->valid_after;
1982  }
1983  } else {
1984  tor_assert_nonfatal_unreached();
1985  result = -2;
1986  goto done;
1987  }
1988 
1989  if (current_digests &&
1990  tor_memeq(&c->digests, current_digests, sizeof(c->digests))) {
1991  /* We already have this one. That's a failure. */
1992  log_info(LD_DIR, "Got a %s consensus we already have", flavor);
1993  goto done;
1994  }
1995 
1996  if (current_valid_after && c->valid_after <= current_valid_after) {
1997  /* We have a newer one. There's no point in accepting this one,
1998  * even if it's great. */
1999  log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
2000  flavor);
2001  goto done;
2002  }
2003 
2004  /* Make sure it's signed enough. */
2005  if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
2006  if (r == -1) {
2007  /* Okay, so it _might_ be signed enough if we get more certificates. */
2008  if (!was_waiting_for_certs) {
2009  log_info(LD_DIR,
2010  "Not enough certificates to check networkstatus consensus");
2011  }
2012  if (!current_valid_after ||
2013  c->valid_after > current_valid_after) {
2014  waiting = &consensus_waiting_for_certs[flav];
2015  networkstatus_vote_free(waiting->consensus);
2016  waiting->consensus = c;
2017  free_consensus = 0;
2018  waiting->set_at = now;
2019  waiting->dl_failed = 0;
2020  if (!from_cache) {
2021  write_bytes_to_file(unverified_fname, consensus, consensus_len, 1);
2022  }
2023  if (dl_certs)
2024  authority_certs_fetch_missing(c, now, source_dir);
2025  /* This case is not a success or a failure until we get the certs
2026  * or fail to get the certs. */
2027  result = 0;
2028  } else {
2029  /* Even if we had enough signatures, we'd never use this as the
2030  * latest consensus. */
2031  if (was_waiting_for_certs && from_cache)
2032  if (unlink(unverified_fname) != 0) {
2033  log_warn(LD_FS,
2034  "Failed to unlink %s: %s",
2035  unverified_fname, strerror(errno));
2036  }
2037  }
2038  goto done;
2039  } else {
2040  /* This can never be signed enough: Kill it. */
2041  if (!was_waiting_for_certs) {
2042  log_warn(LD_DIR, "Not enough good signatures on networkstatus "
2043  "consensus");
2044  result = -2;
2045  }
2046  if (was_waiting_for_certs && (r < -1) && from_cache) {
2047  if (unlink(unverified_fname) != 0) {
2048  log_warn(LD_FS,
2049  "Failed to unlink %s: %s",
2050  unverified_fname, strerror(errno));
2051  }
2052  }
2053  goto done;
2054  }
2055  }
2056 
2057  /* Signatures from the consensus are verified */
2058  if (from_cache && was_waiting_for_certs) {
2059  /* We check if the consensus is loaded from disk cache and that it
2060  * it is an unverified consensus. If it is unverified, rename it to
2061  * cached-*-consensus since it has been verified. */
2062  log_info(LD_DIR, "Unverified consensus signatures verified.");
2063  tor_rename(unverified_fname, consensus_fname);
2064  }
2065 
2066  if (!from_cache && flav == usable_consensus_flavor())
2067  control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
2068 
2069  if (!checked_protocols_already) {
2070  handle_missing_protocol_warning(c, options);
2071  }
2072 
2073  /* Are we missing any certificates at all? */
2074  if (r != 1 && dl_certs)
2075  authority_certs_fetch_missing(c, now, source_dir);
2076 
2077  const int is_usable_flavor = flav == usable_consensus_flavor();
2078 
2079  /* Before we switch to the new consensus, notify that we are about to change
2080  * it using the old consensus and the new one. */
2081  if (is_usable_flavor) {
2082  notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
2083  c);
2084  }
2085  if (flav == FLAV_NS) {
2086  if (current_ns_consensus) {
2088  networkstatus_vote_free(current_ns_consensus);
2089  /* Defensive programming : we should set current_ns_consensus very soon
2090  * but we're about to call some stuff in the meantime, and leaving this
2091  * dangling pointer around has proven to be trouble. */
2092  current_ns_consensus = NULL;
2093  }
2095  free_consensus = 0; /* avoid free */
2096  } else if (flav == FLAV_MICRODESC) {
2097  if (current_md_consensus) {
2099  networkstatus_vote_free(current_md_consensus);
2100  /* more defensive programming */
2101  current_md_consensus = NULL;
2102  }
2104  free_consensus = 0; /* avoid free */
2105  }
2106 
2107  waiting = &consensus_waiting_for_certs[flav];
2108  if (waiting->consensus &&
2109  waiting->consensus->valid_after <= c->valid_after) {
2110  networkstatus_vote_free(waiting->consensus);
2111  waiting->consensus = NULL;
2112  waiting->set_at = 0;
2113  waiting->dl_failed = 0;
2114  if (unlink(unverified_fname) != 0) {
2115  log_warn(LD_FS,
2116  "Failed to unlink %s: %s",
2117  unverified_fname, strerror(errno));
2118  }
2119  }
2120 
2121  if (is_usable_flavor) {
2122  /* Notify that we just changed the consensus so the current global value
2123  * can be looked at. */
2124  notify_after_networkstatus_changes();
2125 
2126  /* The "current" consensus has just been set and it is a usable flavor so
2127  * the first thing we need to do is recalculate the voting schedule static
2128  * object so we can use the timings in there needed by some subsystems
2129  * such as hidden service and shared random. */
2130  voting_schedule_recalculate_timing(options, now);
2131  reschedule_dirvote(options);
2132 
2134 
2136 
2137  /* Change the cell EWMA settings */
2138  cmux_ewma_set_options(options, c);
2139 
2140  /* XXXX this call might be unnecessary here: can changing the
2141  * current consensus really alter our view of any OR's rate limits? */
2142  connection_or_update_token_buckets(get_connection_array(), options);
2143 
2146  channelpadding_new_consensus_params(c);
2148  }
2149 
2150  /* Reset the failure count only if this consensus is actually valid. */
2151  if (c->valid_after <= now && now <= c->valid_until) {
2153  } else {
2154  if (!from_cache)
2156  }
2157 
2158  if (we_want_to_fetch_flavor(options, flav)) {
2159  if (dir_server_mode(get_options())) {
2161  consensus_len,
2162  flavor,
2163  &c->digests,
2165  c->valid_after);
2166 
2167  consdiffmgr_add_consensus(consensus, consensus_len, c);
2168  }
2169  }
2170 
2171  if (!from_cache) {
2172  write_bytes_to_file(consensus_fname, consensus, consensus_len, 1);
2173  }
2174 
2175  warn_early_consensus(c, flavor, now);
2176 
2177  /* We got a new consesus. Reset our md fetch fail cache */
2179 
2181 
2182  result = 0;
2183  done:
2184  if (free_consensus)
2185  networkstatus_vote_free(c);
2186  tor_free(consensus_fname);
2187  tor_free(unverified_fname);
2188  return result;
2189 }
2190 
2198 void
2199 networkstatus_note_certs_arrived(const char *source_dir)
2200 {
2201  int i;
2202  for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
2203  const char *flavor_name = networkstatus_get_flavor_name(i);
2205  if (!waiting->consensus)
2206  continue;
2207  if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
2208  char *fname = networkstatus_get_cache_fname(i, flavor_name, 1);
2209  reload_consensus_from_file(fname, flavor_name,
2210  NSSET_WAS_WAITING_FOR_CERTS, source_dir);
2211  tor_free(fname);
2212  }
2213  }
2214 }
2215 
2221 void
2222 routers_update_all_from_networkstatus(time_t now, int dir_version)
2223 {
2225  networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
2226  FLAV_NS);
2227 
2228  if (!consensus || dir_version < 3) /* nothing more we should do */
2229  return;
2230 
2231  /* calls router_dir_info_changed() when it's done -- more routers
2232  * might be up or down now, which might affect whether there's enough
2233  * directory info. */
2235 
2237  ri->cache_info.routerlist_index = ri_sl_idx);
2238  if (rl->old_routers)
2240 
2242  int is_server = server_mode(get_options());
2243  version_status_t status;
2244  const char *recommended = is_server ?
2245  consensus->server_versions : consensus->client_versions;
2246  status = tor_version_is_obsolete(VERSION, recommended);
2247 
2248  if (status == VS_RECOMMENDED) {
2249  log_info(LD_GENERAL, "The directory authorities say my version is ok.");
2250  } else if (status == VS_EMPTY) {
2251  log_info(LD_GENERAL,
2252  "The directory authorities don't recommend any versions.");
2253  } else if (status == VS_NEW || status == VS_NEW_IN_SERIES) {
2255  log_notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
2256  "recommended version%s, according to the directory "
2257  "authorities. Recommended versions are: %s",
2258  VERSION,
2259  status == VS_NEW_IN_SERIES ? " in its series" : "",
2260  recommended);
2262  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2263  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2264  VERSION, "NEW", recommended);
2265  }
2266  } else {
2267  log_warn(LD_GENERAL, "Please upgrade! "
2268  "This version of Tor (%s) is %s, according to the directory "
2269  "authorities. Recommended versions are: %s",
2270  VERSION,
2271  status == VS_OLD ? "obsolete" : "not recommended",
2272  recommended);
2274  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2275  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2276  VERSION, status == VS_OLD ? "OBSOLETE" : "UNRECOMMENDED",
2277  recommended);
2278  }
2279  }
2280 }
2281 
2285 void
2287  int reset_failures)
2288 {
2289  const or_options_t *options = get_options();
2290  int authdir = authdir_mode_v3(options);
2291  networkstatus_t *ns = networkstatus_get_latest_consensus();
2292  if (!ns || !smartlist_len(ns->routerstatus_list))
2293  return;
2294 
2295  routers_sort_by_identity(routers);
2296 
2297  SMARTLIST_FOREACH_JOIN(ns->routerstatus_list, routerstatus_t *, rs,
2298  routers, routerinfo_t *, router,
2299  tor_memcmp(rs->identity_digest,
2300  router->cache_info.identity_digest, DIGEST_LEN),
2301  {
2302  }) {
2303  /* Is it the same descriptor, or only the same identity? */
2304  if (tor_memeq(router->cache_info.signed_descriptor_digest,
2305  rs->descriptor_digest, DIGEST_LEN)) {
2306  if (ns->valid_until > router->cache_info.last_listed_as_valid_until)
2307  router->cache_info.last_listed_as_valid_until = ns->valid_until;
2308  }
2309 
2310  if (authdir) {
2311  /* If we _are_ an authority, we should check whether this router
2312  * is one that will cause us to need a reachability test. */
2313  routerinfo_t *old_router =
2314  router_get_mutable_by_digest(router->cache_info.identity_digest);
2315  if (old_router != router) {
2316  router->needs_retest_if_added =
2317  dirserv_should_launch_reachability_test(router, old_router);
2318  }
2319  }
2320  if (reset_failures) {
2321  download_status_reset(&rs->dl_status);
2322  }
2323  } SMARTLIST_FOREACH_JOIN_END(rs, router);
2324 
2326 }
2327 
2330 void
2332 {
2334  if (!ns)
2335  return;
2336 
2337  if (!ns->desc_digest_map) {
2338  char dummy[DIGEST_LEN];
2339  /* instantiates the digest map. */
2340  memset(dummy, 0, sizeof(dummy));
2342  }
2344  {
2345  const routerstatus_t *rs = digestmap_get(ns->desc_digest_map,
2346  d->signed_descriptor_digest);
2347  if (rs) {
2348  if (ns->valid_until > d->last_listed_as_valid_until)
2349  d->last_listed_as_valid_until = ns->valid_until;
2350  }
2351  });
2352 }
2353 
2357 char *
2359 {
2360  return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT,
2361  ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
2362  NULL);
2363 }
2364 
2372 char *
2373 networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
2374 {
2375  const time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
2376  char *answer;
2378  smartlist_t *statuses;
2379  const uint8_t purpose = router_purpose_from_string(purpose_string);
2380  routerstatus_t rs;
2381  const int bridge_auth = authdir_mode_bridge(get_options());
2382 
2383  if (purpose == ROUTER_PURPOSE_UNKNOWN) {
2384  log_info(LD_DIR, "Unrecognized purpose '%s' when listing router statuses.",
2385  purpose_string);
2386  return NULL;
2387  }
2388 
2389  statuses = smartlist_new();
2391  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
2392  if (!node)
2393  continue;
2394  if (ri->cache_info.published_on < cutoff)
2395  continue;
2396  if (ri->purpose != purpose)
2397  continue;
2398  /* TODO: modifying the running flag in a getinfo is a bad idea */
2399  if (bridge_auth && ri->purpose == ROUTER_PURPOSE_BRIDGE)
2401  /* then generate and write out status lines for each of them */
2402  set_routerstatus_from_routerinfo(&rs, node, ri, now, 0);
2404  } SMARTLIST_FOREACH_END(ri);
2405 
2406  answer = smartlist_join_strings(statuses, "", 0, NULL);
2407  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2408  smartlist_free(statuses);
2409  return answer;
2410 }
2411 
2413 void
2415 {
2416  char *status = networkstatus_getinfo_by_purpose("bridge", now);
2417  char *fname = NULL;
2418  char *thresholds = NULL;
2419  char *published_thresholds_and_status = NULL;
2420  char published[ISO_TIME_LEN+1];
2421  const routerinfo_t *me = router_get_my_routerinfo();
2422  char fingerprint[FINGERPRINT_LEN+1];
2423  char *fingerprint_line = NULL;
2424 
2426  fingerprint, 0) >= 0) {
2427  tor_asprintf(&fingerprint_line, "fingerprint %s\n", fingerprint);
2428  } else {
2429  log_warn(LD_BUG, "Error computing fingerprint for bridge status.");
2430  }
2431  format_iso_time(published, now);
2432  dirserv_compute_bridge_flag_thresholds();
2433  thresholds = dirserv_get_flag_thresholds_line();
2434  tor_asprintf(&published_thresholds_and_status,
2435  "published %s\nflag-thresholds %s\n%s%s",
2436  published, thresholds, fingerprint_line ? fingerprint_line : "",
2437  status);
2438  fname = get_datadir_fname("networkstatus-bridges");
2439  if (write_str_to_file(fname,published_thresholds_and_status,0)<0) {
2440  log_warn(LD_DIRSERV, "Unable to write networkstatus-bridges file.");
2441  }
2442  tor_free(thresholds);
2443  tor_free(published_thresholds_and_status);
2444  tor_free(fname);
2445  tor_free(status);
2446  tor_free(fingerprint_line);
2447 }
2448 
2449 /* DOCDOC get_net_param_from_list */
2450 static int32_t
2451 get_net_param_from_list(smartlist_t *net_params, const char *param_name,
2452  int32_t default_val, int32_t min_val, int32_t max_val)
2453 {
2454  int32_t res = default_val;
2455  size_t name_len = strlen(param_name);
2456 
2457  tor_assert(max_val > min_val);
2458  tor_assert(min_val <= default_val);
2459  tor_assert(max_val >= default_val);
2460 
2461  SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) {
2462  if (!strcmpstart(p, param_name) && p[name_len] == '=') {
2463  int ok=0;
2464  long v = tor_parse_long(p+name_len+1, 10, INT32_MIN,
2465  INT32_MAX, &ok, NULL);
2466  if (ok) {
2467  res = (int32_t) v;
2468  break;
2469  }
2470  }
2471  } SMARTLIST_FOREACH_END(p);
2472 
2473  if (res < min_val) {
2474  log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to "
2475  "%d.", param_name, res, min_val);
2476  res = min_val;
2477  } else if (res > max_val) {
2478  log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to "
2479  "%d.", param_name, res, max_val);
2480  res = max_val;
2481  }
2482 
2483  tor_assert(res >= min_val);
2484  tor_assert(res <= max_val);
2485  return res;
2486 }
2487 
2495 MOCK_IMPL(int32_t,
2496 networkstatus_get_param, (const networkstatus_t *ns, const char *param_name,
2497  int32_t default_val, int32_t min_val, int32_t max_val))
2498 {
2499  if (!ns) /* if they pass in null, go find it ourselves */
2500  ns = networkstatus_get_latest_consensus();
2501 
2502  if (!ns || !ns->net_params)
2503  return default_val;
2504 
2505  return get_net_param_from_list(ns->net_params, param_name,
2506  default_val, min_val, max_val);
2507 }
2508 
2514 int32_t
2516  int32_t torrc_value,
2517  const char *param_name,
2518  int32_t default_val,
2519  int32_t min_val, int32_t max_val)
2520 {
2521  if (torrc_value >= min_val && torrc_value <= max_val)
2522  return torrc_value;
2523  else
2524  return networkstatus_get_param(
2525  ns, param_name, default_val, min_val, max_val);
2526 }
2527 
2534 int
2536 {
2537  return networkstatus_get_param(ns, "bwweightscale",
2539  BW_MIN_WEIGHT_SCALE,
2540  BW_MAX_WEIGHT_SCALE);
2541 }
2542 
2547 int32_t
2548 networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name,
2549  int32_t default_val)
2550 {
2551  int32_t param;
2552  int max;
2553  if (!ns) /* if they pass in null, go find it ourselves */
2554  ns = networkstatus_get_latest_consensus();
2555 
2556  if (!ns || !ns->weight_params)
2557  return default_val;
2558 
2560  param = get_net_param_from_list(ns->weight_params, weight_name,
2561  default_val, -1,
2562  BW_MAX_WEIGHT_SCALE);
2563  if (param > max) {
2564  log_warn(LD_DIR, "Value of consensus weight %s was too large, capping "
2565  "to %d", weight_name, max);
2566  param = max;
2567  }
2568  return param;
2569 }
2570 
2573 const char *
2575 {
2576  switch (flav) {
2577  case FLAV_NS:
2578  return "ns";
2579  case FLAV_MICRODESC:
2580  return "microdesc";
2581  default:
2583  return "??";
2584  }
2585 }
2586 
2589 int
2590 networkstatus_parse_flavor_name(const char *flavname)
2591 {
2592  if (!strcmp(flavname, "ns"))
2593  return FLAV_NS;
2594  else if (!strcmp(flavname, "microdesc"))
2595  return FLAV_MICRODESC;
2596  else
2597  return -1;
2598 }
2599 
2603 int
2605 {
2606  if (!rs->is_flagged_running) {
2607  /* If we had this router descriptor, we wouldn't even bother using it.
2608  * (Fetching and storing depends on by we_want_to_fetch_flavor().) */
2609  return 0;
2610  }
2611  if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
2612  /* We'd drop it immediately for being too old. */
2613  return 0;
2614  }
2615  if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
2616  /* We'd ignore it because it doesn't support EXTEND2 cells.
2617  * If we don't know the version, download the descriptor so we can
2618  * check if it supports EXTEND2 cells and ntor. */
2619  return 0;
2620  }
2621  return 1;
2622 }
2623 
2628 int
2630  const char *question, char **answer,
2631  const char **errmsg)
2632 {
2633  const routerstatus_t *status;
2634  (void) conn;
2635 
2636  if (!networkstatus_get_latest_consensus()) {
2637  *answer = tor_strdup("");
2638  return 0;
2639  }
2640 
2641  if (!strcmp(question, "ns/all")) {
2642  smartlist_t *statuses = smartlist_new();
2643  SMARTLIST_FOREACH(networkstatus_get_latest_consensus()->routerstatus_list,
2644  const routerstatus_t *, rs,
2645  {
2647  });
2648  *answer = smartlist_join_strings(statuses, "", 0, NULL);
2649  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2650  smartlist_free(statuses);
2651  return 0;
2652  } else if (!strcmpstart(question, "ns/id/")) {
2653  char d[DIGEST_LEN];
2654  const char *q = question + 6;
2655  if (*q == '$')
2656  ++q;
2657 
2658  if (base16_decode(d, DIGEST_LEN, q, strlen(q)) != DIGEST_LEN) {
2659  *errmsg = "Data not decodeable as hex";
2660  return -1;
2661  }
2663  } else if (!strcmpstart(question, "ns/name/")) {
2664  const node_t *n = node_get_by_nickname(question+8, 0);
2665  status = n ? n->rs : NULL;
2666  } else if (!strcmpstart(question, "ns/purpose/")) {
2667  *answer = networkstatus_getinfo_by_purpose(question+11, time(NULL));
2668  return *answer ? 0 : -1;
2669  } else if (!strcmp(question, "consensus/packages")) {
2670  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2671  if (ns && ns->package_lines)
2672  *answer = smartlist_join_strings(ns->package_lines, "\n", 0, NULL);
2673  else
2674  *errmsg = "No consensus available";
2675  return *answer ? 0 : -1;
2676  } else if (!strcmp(question, "consensus/valid-after") ||
2677  !strcmp(question, "consensus/fresh-until") ||
2678  !strcmp(question, "consensus/valid-until")) {
2679  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2680  if (ns) {
2681  time_t t;
2682  if (!strcmp(question, "consensus/valid-after"))
2683  t = ns->valid_after;
2684  else if (!strcmp(question, "consensus/fresh-until"))
2685  t = ns->fresh_until;
2686  else
2687  t = ns->valid_until;
2688 
2689  char tbuf[ISO_TIME_LEN+1];
2690  format_iso_time(tbuf, t);
2691  *answer = tor_strdup(tbuf);
2692  } else {
2693  *errmsg = "No consensus available";
2694  }
2695  return *answer ? 0 : -1;
2696  } else {
2697  return 0;
2698  }
2699 
2700  if (status)
2701  *answer = networkstatus_getinfo_helper_single(status);
2702  return 0;
2703 }
2704 
2711 int
2713  int client_mode,
2714  char **warning_out)
2715 {
2716  const char *func = client_mode ? "client" : "relay";
2717  const char *required, *recommended;
2718  char *missing = NULL;
2719 
2720  const bool consensus_postdates_this_release =
2722 
2723  tor_assert(warning_out);
2724 
2725  if (client_mode) {
2726  required = ns->required_client_protocols;
2727  recommended = ns->recommended_client_protocols;
2728  } else {
2729  required = ns->required_relay_protocols;
2730  recommended = ns->recommended_relay_protocols;
2731  }
2732 
2733  if (!protover_all_supported(required, &missing)) {
2734  tor_asprintf(warning_out, "At least one protocol listed as required in "
2735  "the consensus is not supported by this version of Tor. "
2736  "You should upgrade. This version of Tor will not work as a "
2737  "%s on the Tor network. The missing protocols are: %s",
2738  func, missing);
2739  tor_free(missing);
2740  return consensus_postdates_this_release ? 1 : 0;
2741  }
2742 
2743  if (! protover_all_supported(recommended, &missing)) {
2744  tor_asprintf(warning_out, "At least one protocol listed as recommended in "
2745  "the consensus is not supported by this version of Tor. "
2746  "You should upgrade. This version of Tor will eventually "
2747  "stop working as a %s on the Tor network. The missing "
2748  "protocols are: %s",
2749  func, missing);
2750  tor_free(missing);
2751  }
2752 
2753  tor_assert_nonfatal(missing == NULL);
2754 
2755  return 0;
2756 }
2757 
2759 void
2761 {
2762  int i;
2763  networkstatus_vote_free(current_ns_consensus);
2764  networkstatus_vote_free(current_md_consensus);
2766 
2767  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
2769  if (waiting->consensus) {
2770  networkstatus_vote_free(waiting->consensus);
2771  waiting->consensus = NULL;
2772  }
2773  }
2774 }
STATIC networkstatus_t * current_ns_consensus
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:603
Header file for circuitstats.c.
int directory_fetches_dir_info_early(const or_options_t *options)
Definition: dirserv.c:105
networkstatus_type_t type
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
routerstatus_t * router_get_mutable_consensus_status_by_id(const char *digest)
Header file for dirclient.c.
smartlist_t * old_routers
Definition: routerlist_st.h:30
unsigned int is_fast
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
unsigned int is_valid
Format routerstatus entries for controller, vote, or consensus.
Header file for circuitbuild.c.
int we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
Common functions for using (pseudo-)random number generators.
digest_algorithm_t alg
Definition: node_st.h:28
Header file for voteflags.c.
version_status_t tor_version_is_obsolete(const char *myversion, const char *versionlist)
Definition: versions.c:53
unsigned int is_hs_dir
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define TO_CONN(c)
Definition: or.h:735
networkstatus_sr_info_t sr_info
unsigned int name_lookup_warned
Definition: node_st.h:72
void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns)
Definition: circuitstats.c:429
#define BW_WEIGHT_SCALE
Definition: or.h:1008
download_want_authority_t
Definition: or.h:778
int dir_server_mode(const or_options_t *options)
Definition: routermode.c:20
int control_event_is_interesting(int event)
Definition: control.c:413
Header file for node_select.c.
void format_local_iso_time(char *buf, time_t t)
Definition: time_fmt.c:285
void download_status_reset(download_status_t *dls)
Definition: dlstatus.c:359
void router_dir_info_changed(void)
Definition: nodelist.c:2234
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1025
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Definition: ns_parse.c:1060
Header file for connection.c.
void networkstatus_note_certs_arrived(const char *source_dir)
#define LD_GENERAL
Definition: log.h:58
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
Definition: reachability.c:101
uint8_t state
Definition: connection_st.h:44
char identity_digest[DIGEST_LEN]
#define LOG_INFO
Definition: log.h:41
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:55
Header file for nodelist.c.
STATIC void warn_early_consensus(const networkstatus_t *c, const char *flavor, time_t now)
char * networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
void scheduler_notify_networkstatus_changed(void)
Definition: scheduler.c:468
int we_want_to_fetch_flavor(const or_options_t *options, int flavor)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:631
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
int networkstatus_consensus_can_use_multiple_directories(const or_options_t *options)
int directory_caches_unknown_auth_certs(const or_options_t *options)
Definition: dirserv.c:128
version_status_t
Definition: versions.h:17
void cmux_ewma_set_options(const or_options_t *options, const networkstatus_t *consensus)
static void update_consensus_bootstrap_attempt_downloads(time_t now, download_status_t *dls, download_want_authority_t want_authority)
int authdir_mode_bridge(const or_options_t *options)
Definition: authmode.c:67
MOCK_IMPL(const routerstatus_t *, networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
void voting_schedule_recalculate_timing(const or_options_t *options, time_t now)
Header file for config.c.
Header file for authcert.c.
smartlist_t * net_params
char * networkstatus_getinfo_helper_single(const routerstatus_t *rs)
uint8_t digest_sha3_as_signed[DIGEST256_LEN]
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
#define DIR_CONN_STATE_CLIENT_READING
Definition: directory.h:23
int format_time_interval(char *out, size_t out_len, long interval)
Definition: time_fmt.c:481
struct connection_t * linked_conn
#define OLD_ROUTER_DESC_MAX_AGE
Definition: or.h:164
Header file for microdesc.c.
void signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
routerinfo_t * router_get_mutable_by_digest(const char *digest)
Definition: routerlist.c:676
void update_certificate_downloads(time_t now)
void routers_sort_by_identity(smartlist_t *routers)
Definition: routerlist.c:3207
void routers_update_all_from_networkstatus(time_t now, int dir_version)
int directory_fetches_from_authorities(const or_options_t *options)
Definition: dirserv.c:77
void document_signature_free_(document_signature_t *sig)
void networkstatus_consensus_download_failed(int status_code, const char *flavname)
static void update_consensus_bootstrap_multiple_downloads(time_t now, const or_options_t *options)
Header file for reachability.c.
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:209
#define tor_free(p)
Definition: malloc.h:52
void dirserv_set_router_is_running(routerinfo_t *router, time_t now)
Definition: voteflags.c:475
#define tor_fragile_assert()
Definition: util_bug.h:221
void circpad_new_consensus_params(const networkstatus_t *ns)
common_digests_t digests
int control_event_newconsensus(const networkstatus_t *consensus)
Definition: control.c:6629
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, int consensus_method, const vote_routerstatus_t *vrs)
#define LOG_NOTICE
Definition: log.h:46
void update_microdescs_from_networkstatus(time_t now)
Definition: microdesc.c:1003
int networkstatus_valid_until_is_reasonably_live(time_t valid_until, time_t now)
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
Header file for mainloop.c.
size_t size
Definition: mmap.h:26
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:57
static smartlist_t * router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
#define DELAY_WHILE_FETCHING_CERTS
int download_status_is_ready(download_status_t *dls, time_t now)
Definition: dlstatus.c:376
Header file for versions.c.
Header file for scheduler*.c.
signed_descriptor_t cache_info
time_t download_status_increment_attempt(download_status_t *dls, const char *item, time_t now)
Definition: dlstatus.c:304
unsigned int is_authority
static int routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
void networkstatus_dump_bridge_status_to_file(time_t now)
smartlist_t * weight_params
void update_consensus_networkstatus_fetch_time(time_t now)
Header file for directory authority mode.
void microdesc_reset_outdated_dirservers_list(void)
Definition: microdesc.c:182
int networkstatus_parse_flavor_name(const char *flavname)
STATIC networkstatus_t * current_md_consensus
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for hibernate.c.
static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]
int directory_fetches_dir_info_later(const or_options_t *options)
Definition: dirserv.c:117
unsigned int is_named
int control_event_general_status(int severity, const char *format,...)
Definition: control.c:6807
download_schedule_bitfield_t schedule
Common functions for cryptographic routines.
Header file for channel.c.
tor_assert(buffer)
char signing_key_digest[DIGEST_LEN]
int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, int32_t default_val)
int control_event_networkstatus_changed(smartlist_t *statuses)
Definition: control.c:6621
#define STMT_NIL
int networkstatus_valid_after_is_reasonably_live(time_t valid_after, time_t now)
struct vote_microdesc_hash_t * next
Header file for routermode.c.
int tor_memcmp(const void *a, const void *b, size_t len)
Definition: di_ops.c:31
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
unsigned int is_unnamed
void reschedule_dirvote(const or_options_t *options)
Definition: mainloop.c:2152
Header file for circuitpadding.c.
#define DIGEST_LEN
Definition: digest_sizes.h:20
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
uint8_t router_purpose_from_string(const char *s)
Definition: routerinfo.c:69
Header file for circuitbuild.c.
void vote_routerstatus_free_(vote_routerstatus_t *rs)
Master header file for Tor-specific functionality.
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
Definition: connection.c:4560
void authority_certs_fetch_missing(networkstatus_t *status, time_t now, const char *dir_hint)
Definition: authcert.c:855
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
const char * data
Definition: mmap.h:25
#define LD_DIRSERV
Definition: log.h:86
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS]
int options_any_client_port_set(const or_options_t *options)
Definition: config.c:8481
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS]
int crypto_rand_int(unsigned int max)
static void update_consensus_networkstatus_downloads(time_t now)
smartlist_t * supported_methods
void networkstatus_reset_warnings(void)
char signing_key_digest[DIGEST_LEN]
crypto_pk_t * signing_key
void networkstatus_reset_download_failures(void)
#define LOG_WARN
Definition: log.h:49
unsigned int type
Definition: connection_st.h:45
#define PDS_RETRY_IF_NO_SERVERS
Definition: node_select.h:48
char nickname[MAX_NICKNAME_LEN+1]
int ClientBootstrapConsensusMaxInProgressTries
int pt_proxies_configuration_pending(void)
Definition: transports.c:371
int router_reload_consensus_networkstatus(void)
Header file for circuitmux_ewma.c.
void routers_update_status_from_consensus_networkstatus(smartlist_t *routers, int reset_failures)
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE
unsigned int is_exit
#define RFTS_IGNORE_MISSING
Definition: files.h:97
int compare_digest_to_vote_routerstatus_entry(const void *_key, const void **_member)
smartlist_t * known_flags
Header file for voting_schedule.c.
Headers for transports.c.
int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
void * smartlist_bsearch(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member))
Definition: smartlist.c:411
static void handle_missing_protocol_warning_impl(const networkstatus_t *c, int is_client)
static int reload_consensus_from_file(const char *fname, const char *flavor, unsigned flags, const char *source_dir)
int authority_cert_dl_looks_uncertain(const char *id_digest)
Definition: authcert.c:765
static void handle_missing_protocol_warning(const networkstatus_t *c, const or_options_t *options)
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS
Definition: dirvote.h:76
Headers and type declarations for protover.c.
smartlist_t * voters
static int have_warned_about_old_version
void networkstatus_vote_free_(networkstatus_t *ns)
#define LOG_ERR
Definition: log.h:52
int FetchUselessDescriptors
#define LD_FS
Definition: log.h:66
smartlist_t * routerstatus_list
char descriptor_digest[DIGEST256_LEN]
unsigned int is_possible_guard
#define LD_DIR
Definition: log.h:84
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
time_t tor_get_approx_release_date(void)
Definition: versions.c:25
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Definition: authcert.c:650
Header file for connection_edge.c.
char identity_digest[DIGEST_LEN]
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
Header file for ns_parse.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
int32_t networkstatus_get_overridable_param(const networkstatus_t *ns, int32_t torrc_value, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:162
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
#define download_status_failed(dls, sc)
Definition: dlstatus.h:22
Header file for dirvote.c.
Header file for relay.c.
Header file for circuitmux.c.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
static int networkstatus_check_required_protocols(const networkstatus_t *ns, int client_mode, char **warning_out)
const char * escaped(const char *s)
Definition: escape.c:126
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out)
consensus_flavor_t
Definition: or.h:863
Header file for dlstatus.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
Definition: circuitstats.c:88
void update_networkstatus_downloads(time_t now)
unsigned int is_stable
struct consensus_waiting_for_certs_t consensus_waiting_for_certs_t
routerstatus_t * networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int protover_all_supported(const char *s, char **missing_out)
Definition: protover.c:746
Header file for control.c.
Definition: or.h:890
int authority_cert_is_blacklisted(const authority_cert_t *cert)
Definition: authcert.c:746
vote_microdesc_hash_t * microdesc
char identity_digest[DIGEST_LEN]
time_t approx_time(void)
Definition: approx_time.c:32
int consensus_is_waiting_for_certs(void)
smartlist_t * package_lines
Header file for dirlist.c.
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:56
#define N_CONSENSUS_FLAVORS
Definition: or.h:869
int directory_caches_dir_info(const or_options_t *options)
Definition: dirserv.c:143
static void networkstatus_copy_old_consensus_info(networkstatus_t *new_c, const networkstatus_t *old_c)
void networkstatus_free_all(void)
int networkstatus_get_weight_scale_param(networkstatus_t *ns)
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:504
static char * networkstatus_get_cache_fname(int flav, const char *flavorname, int unverified_consensus)
Header file for connection_or.c.
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING
int control_event_client_status(int severity, const char *format,...)
Definition: control.c:6827
unsigned int is_flagged_running
static tor_mmap_t * networkstatus_map_cached_consensus_impl(int flav, const char *flavorname, int unverified_consensus)
int tor_rename(const char *path_old, const char *path_new)
Definition: files.c:103
#define AP_CONN_STATE_IS_UNATTACHED(s)
static int have_warned_about_new_version
char * recommended_relay_protocols
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
digestmap_t * desc_digest_map
#define CONN_TYPE_AP
Definition: connection.h:31
void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, size_t networkstatus_len, const char *flavor_name, const common_digests_t *digests, const uint8_t *sha3_as_signed, time_t published)
Definition: dirserv.c:236
char * dirserv_get_flag_thresholds_line(void)
Definition: voteflags.c:426
static void notify_control_networkstatus_changed(const networkstatus_t *old_c, const networkstatus_t *new_c)
Header file for routerinfo.c.
document_signature_t * document_signature_dup(const document_signature_t *sig)
int client_would_use_router(const routerstatus_t *rs, time_t now)
static int connection_dir_count_by_purpose_and_resource(int purpose, const char *resource)
Definition: connection.h:272
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
void set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits)
Definition: voteflags.c:542
unsigned int is_bad_exit
int FetchDirInfoExtraEarly
smartlist_t * bw_file_headers
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
crypto_pk_t * identity_pkey
Definition: routerinfo_st.h:38
struct authority_cert_t * cert
void routerstatus_free_(routerstatus_t *rs)
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:82
smartlist_t * routers
Definition: routerlist_st.h:27
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member), int *found_out)
Definition: smartlist.c:428
Header file for routerlist.c.
int compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
tor_mmap_t * networkstatus_map_cached_consensus(const char *flavorname)