39 #define NETWORKSTATUS_PRIVATE 44 #include "core/mainloop/netstatus.h" 46 #include "core/or/channelpadding.h" 53 #include "core/or/dos.h" 63 #include "feature/dircache/consdiffmgr.h" 81 #include "feature/nodelist/torcert.h" 86 #include "feature/dirauth/dirauth_periodic.h" 89 #include "feature/dirauth/shared_random.h" 92 #include "feature/nodelist/authority_cert_st.h" 93 #include "feature/dircommon/dir_connection_st.h" 94 #include "feature/dirclient/dir_server_st.h" 95 #include "feature/nodelist/document_signature_st.h" 96 #include "feature/nodelist/networkstatus_st.h" 97 #include "feature/nodelist/networkstatus_voter_info_st.h" 98 #include "feature/dirauth/ns_detached_signatures_st.h" 99 #include "feature/nodelist/node_st.h" 100 #include "feature/nodelist/routerinfo_st.h" 101 #include "feature/nodelist/routerlist_st.h" 102 #include "feature/dirauth/vote_microdesc_hash_st.h" 103 #include "feature/nodelist/vote_routerstatus_st.h" 144 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
145 DL_SCHED_INCREMENT_FAILURE, 0, 0 },
146 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
147 DL_SCHED_INCREMENT_FAILURE, 0, 0 },
150 #define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2 151 #define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0 152 #define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1 161 consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
163 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
164 DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
166 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
167 DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
186 const char *source_dir);
209 "In networkstatus_reset_download_failures()");
214 for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
221 const char *flavorname,
222 int unverified_consensus)
226 if (unverified_consensus) {
227 prefix =
"unverified";
231 if (flav == FLAV_NS) {
234 tor_snprintf(buf,
sizeof(buf),
"%s-%s-consensus", prefix, flavorname);
237 return get_cachedir_fname(buf);
246 const char *flavorname,
247 int unverified_consensus)
251 unverified_consensus);
272 const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
284 flags | NSSET_WAS_WAITING_FOR_CERTS,
352 tor_free(ns->recommended_client_protocols);
354 tor_free(ns->required_client_protocols);
355 tor_free(ns->required_relay_protocols);
384 document_signature_free(sig));
385 smartlist_free(voter->sigs);
388 } SMARTLIST_FOREACH_END(voter);
389 smartlist_free(ns->
voters);
391 authority_cert_free(ns->
cert);
394 if (ns->
type == NS_TYPE_VOTE || ns->
type == NS_TYPE_OPINION) {
396 vote_routerstatus_free(rs));
399 routerstatus_free(rs));
413 dirvote_clear_commits(ns);
427 const char *identity)
429 if (!vote || !vote->
voters)
432 if (fast_memeq(voter->identity_digest, identity,
DIGEST_LEN))
441 digest_algorithm_t alg)
463 size_t signed_digest_len;
476 log_warn(
LD_DIR,
"Ignoring a consensus signature made with deprecated" 484 signed_digest = tor_malloc(signed_digest_len);
490 tor_memneq(signed_digest, consensus->
digests.d[sig->
alg], dlen)) {
491 log_warn(
LD_DIR,
"Got a bad signature on a networkstatus vote");
513 int n_missing_key = 0, n_dl_failed_key = 0;
516 int n_no_signature = 0;
518 int n_required = n_v3_authorities/2 + 1;
523 smartlist_t *missing_authorities = smartlist_new();
525 time_t now = time(NULL);
533 int unknown_here = 0;
534 int missing_key_here = 0, dl_failed_key_here = 0;
536 if (!sig->good_signature && !sig->bad_signature &&
539 int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
540 sig->identity_digest) != NULL;
543 sig->signing_key_digest);
551 }
else if (!cert || cert->
expires < now) {
555 ++dl_failed_key_here;
562 ++dl_failed_key_here;
566 if (sig->good_signature)
568 else if (sig->bad_signature)
570 } SMARTLIST_FOREACH_END(sig);
575 }
else if (bad_here) {
577 }
else if (missing_key_here) {
579 if (dl_failed_key_here)
581 }
else if (unknown_here) {
587 } SMARTLIST_FOREACH_END(voter);
598 if (warn > 1 || (warn >= 0 &&
599 (n_good + n_missing_key - n_dl_failed_key < n_required))) {
608 tor_log(severity,
LD_DIR,
"Consensus includes unrecognized authority " 609 "'%s' at %s:%d (contact %s; identity %s)",
610 voter->nickname, voter->address, (
int)voter->dir_port,
611 voter->contact?voter->contact:
"n/a",
616 tor_log(severity,
LD_DIR,
"Looks like we need to download a new " 617 "certificate from authority '%s' at %s:%d (contact %s; " 619 voter->nickname, voter->address, (
int)voter->dir_port,
620 voter->contact?voter->contact:
"n/a",
625 tor_log(severity,
LD_DIR,
"Consensus does not include configured " 626 "authority '%s' at %s:%d (identity %s)",
627 ds->nickname, ds->address, (
int)ds->dir_port,
635 "A consensus needs %d good signatures from recognized " 636 "authorities for us to accept it. " 637 "This %s one has %d (%s).",
642 if (n_no_signature) {
645 "%d (%s) of the authorities we know didn't sign it.",
646 n_no_signature, tmp);
651 "It has %d signatures from authorities we don't " 652 "recognize.", n_unknown);
656 "correctly.", n_bad);
660 "We were unable to check %d of the signatures, " 661 "because we were missing the keys.", n_missing_key);
671 smartlist_free(list_good);
672 smartlist_free(list_no_signature);
673 smartlist_free(unrecognized);
674 smartlist_free(need_certs_from);
675 smartlist_free(missing_authorities);
677 if (n_good == n_v3_authorities)
679 else if (n_good >= n_required)
681 else if (n_good + n_missing_key >= n_required)
689 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60) 696 const char *key = _key;
705 const void **_member)
707 const char *key = _key;
723 networkstatus_vote_find_entry,(
networkstatus_t *ns,
const char *digest))
734 const char *digest,
int *found_out)
744 router_get_mutable_consensus_status_by_descriptor_digest,(
749 consensus = networkstatus_get_latest_consensus();
757 digestmap_set(m, rs->descriptor_digest, rs);
770 return router_get_mutable_consensus_status_by_descriptor_digest(
785 !(digestmap_iter_done(i));
787 digestmap_iter_get(i, &digest, &rs);
799 router_get_descriptor_digests,(
void))
814 router_get_dl_status_by_descriptor_digest,(
const char *d))
819 if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
821 return &rs->dl_status;
848 #define AUTHORITY_NS_CACHE_INTERVAL (10*60) 852 #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60) 878 return flavor == usable_consensus_flavor();
890 if (authdir_mode_v3(options) ||
906 #define DELAY_WHILE_FETCHING_CERTS (20*60) 910 #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60) 918 check_consensus_waiting_for_certs(
int flavor, time_t now,
953 const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
955 const int use_multi_conn =
963 const char *resource;
965 int max_in_progress_conns = 1;
970 c = networkstatus_get_latest_consensus_by_flavor(i);
971 if (! (c && c->
valid_after <= now && now <= c->valid_until)) {
982 if (we_are_bootstrapping && use_multi_conn) {
983 max_in_progress_conns =
989 >= max_in_progress_conns) {
995 if (we_are_bootstrapping && use_multi_conn
996 && i == usable_consensus_flavor()) {
999 if (networkstatus_consensus_is_already_downloading(resource))
1022 log_info(
LD_DIR,
"Launching %s standard networkstatus consensus " 1025 ROUTER_PURPOSE_GENERAL, resource,
1044 usable_consensus_flavor());
1052 log_info(
LD_DIR,
"Launching %s bootstrap %s networkstatus consensus " 1053 "download.", resource, (want_authority == DL_WANT_AUTHORITY
1058 ROUTER_PURPOSE_GENERAL, resource,
1077 const int usable_flavor = usable_consensus_flavor();
1096 if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
1098 &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
1100 if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
1103 DL_WANT_ANY_DIRSERVER);
1109 &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
1111 if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
1134 #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120 1142 networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
1147 if (c && c->
valid_after <= now && now <= c->valid_until) {
1153 if (min_sec_before_caching > interval/16) {
1158 min_sec_before_caching = interval/16;
1160 if (min_sec_before_caching == 0) {
1161 min_sec_before_caching = 1;
1168 start = (time_t)(c->
fresh_until + min_sec_before_caching);
1172 if (min_sec_before_caching + dl_interval > interval)
1173 dl_interval = interval/2;
1176 dl_interval = interval/2;
1181 start = (time_t)(c->
fresh_until + (interval*3)/4);
1189 start = (time_t)(start + dl_interval + min_sec_before_caching);
1191 dl_interval = (c->
valid_until - start) - min_sec_before_caching;
1195 if (dl_interval < 1)
1201 "fresh_until: %ld start: %ld " 1202 "dl_interval: %ld valid_until: %ld ",
1208 tor_assert(start+dl_interval < c->valid_until);
1212 char tbuf1[ISO_TIME_LEN+1];
1213 char tbuf2[ISO_TIME_LEN+1];
1214 char tbuf3[ISO_TIME_LEN+1];
1218 log_info(
LD_DIR,
"Live %s consensus %s the most recent until %s and " 1219 "will expire at %s; fetching the next one at %s.",
1220 flavor, (c->
fresh_until > now) ?
"will be" :
"was",
1221 tbuf1, tbuf2, tbuf3);
1225 log_info(
LD_DIR,
"No live %s consensus; we should fetch one immediately.",
1259 *msg_out =
"DisableNetwork is set.";
1261 log_info(
LD_DIR,
"Delaying dir fetches (DisableNetwork is set)");
1265 if (we_are_hibernating()) {
1267 *msg_out =
"We are hibernating or shutting down.";
1269 log_info(
LD_DIR,
"Delaying dir fetches (Hibernating or shutting down)");
1276 if (num_bridges_usable(1) == 0) {
1278 *msg_out =
"No running bridges";
1280 log_info(
LD_DIR,
"Delaying dir fetches (no running bridges known)");
1286 *msg_out =
"Pluggable transport proxies still configuring";
1288 log_info(
LD_DIR,
"Delaying dir fetches (pt proxies still configuring)");
1346 const int we_are_bootstrapping =
1347 networkstatus_consensus_is_bootstrapping(time(NULL));
1350 dl = &((we_are_bootstrapping ?
1365 dl = &(consensus_bootstrap_dl_status[flavor]);
1388 networkstatus_get_latest_consensus,(
void))
1403 else if (f == FLAV_MICRODESC)
1414 networkstatus_get_live_consensus,(time_t now))
1428 return (ns->
valid_after <= now && now <= ns->valid_until);
1441 if (BUG(!consensus))
1450 #define REASONABLY_LIVE_TIME (24*60*60) 1459 return (now >= valid_after - REASONABLY_LIVE_TIME);
1469 return (now <= valid_until + REASONABLY_LIVE_TIME);
1475 networkstatus_get_reasonably_live_consensus,(time_t now,
int flavor))
1478 networkstatus_get_latest_consensus_by_flavor(flavor);
1495 networkstatus_consensus_is_bootstrapping,(time_t now))
1499 if (networkstatus_get_reasonably_live_consensus(
1501 usable_consensus_flavor())) {
1524 return !public_server_mode(options);
1531 networkstatus_consensus_can_use_extra_fallbacks,(
const or_options_t *options))
1536 tor_assert(smartlist_len(router_get_fallback_dir_servers())
1537 >= smartlist_len(router_get_trusted_dir_servers()));
1541 && (smartlist_len(router_get_fallback_dir_servers())
1542 > smartlist_len(router_get_trusted_dir_servers())));
1548 networkstatus_consensus_is_already_downloading(
const char *resource)
1574 } SMARTLIST_FOREACH_END(dirconn);
1575 smartlist_free(fetching_conns);
1586 networkstatus_consensus_has_ipv6(
const or_options_t* options)
1588 const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
1590 usable_consensus_flavor());
1654 changed = smartlist_new();
1656 SMARTLIST_FOREACH_JOIN(
1664 } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1667 smartlist_free(changed);
1676 dos_consensus_has_changed(new_c);
1677 relay_consensus_has_changed(new_c);
1678 hs_dos_consensus_has_changed(new_c);
1684 notify_after_networkstatus_changes(
void)
1706 rs_new->last_dir_503_at = rs_old->last_dir_503_at;
1708 if (
tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
1713 } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1716 #ifdef TOR_UNIT_TESTS 1736 case FLAV_MICRODESC:
1757 const char *source_dir)
1764 flavor, flags, source_dir);
1766 if (rv < 0 && tor_memstr(map->
data, map->
size,
"\r\n")) {
1767 log_notice(
LD_GENERAL,
"Looks like the above failures are probably " 1768 "because of a CRLF in consensus file %s; falling back to " 1769 "read_file_to_string. Nothing to worry about: this file " 1770 "was probably saved by an earlier version of Tor.",
1774 flavor, flags, source_dir);
1779 log_warn(
LD_GENERAL,
"Couldn't set consensus from cache file %s",
1782 tor_munmap_file(map);
1794 char *protocol_warning = NULL;
1799 if (protocol_warning) {
1802 "%s", protocol_warning);
1805 tor_assert_nonfatal(protocol_warning);
1820 const int is_server = server_mode(options);
1850 char tbuf[ISO_TIME_LEN+1];
1853 char *flavormsg = NULL;
1858 #define EARLY_CONSENSUS_NOTICE_SKEW 60 1871 log_warn(
LD_GENERAL,
"Our clock is %s behind the time published in the " 1872 "consensus network status document (%s UTC). Tor needs an " 1873 "accurate clock to work correctly. Please check your time and " 1874 "date settings!", dbuf, tbuf);
1875 tor_asprintf(&flavormsg,
"%s flavor consensus", flavor);
1876 clock_skew_warning(NULL, delta, 1,
LD_GENERAL, flavormsg,
"CONSENSUS");
1903 size_t consensus_len,
1906 const char *source_dir)
1912 char *unverified_fname = NULL, *consensus_fname = NULL;
1914 const unsigned from_cache = flags & NSSET_FROM_CACHE;
1915 const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
1916 const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
1917 const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
1918 const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
1921 time_t current_valid_after = 0;
1922 int free_consensus = 1;
1923 int checked_protocols_already = 0;
1927 log_warn(
LD_BUG,
"Unrecognized consensus flavor %s", flavor);
1934 NULL, NS_TYPE_CONSENSUS);
1936 log_warn(
LD_DIR,
"Unable to parse networkstatus consensus");
1941 if (from_cache && !was_waiting_for_certs) {
1947 checked_protocols_already = 1;
1951 if ((
int)c->
flavor != flav) {
1953 if (require_flavor) {
1954 log_warn(
LD_DIR,
"Got consensus with unexpected flavor %s (wanted %s)",
1962 if (flav != usable_consensus_flavor() &&
1969 if (from_cache && !accept_obsolete &&
1971 log_info(
LD_DIR,
"Loaded an expired consensus. Discarding.");
1975 if (!strcmp(flavor,
"ns")) {
1976 consensus_fname = get_cachedir_fname(
"cached-consensus");
1977 unverified_fname = get_cachedir_fname(
"unverified-consensus");
1982 }
else if (!strcmp(flavor,
"microdesc")) {
1983 consensus_fname = get_cachedir_fname(
"cached-microdesc-consensus");
1984 unverified_fname = get_cachedir_fname(
"unverified-microdesc-consensus");
1990 tor_assert_nonfatal_unreached();
1995 if (current_digests &&
1998 log_info(
LD_DIR,
"Got a %s consensus we already have", flavor);
2002 if (current_valid_after && c->
valid_after <= current_valid_after) {
2005 log_info(
LD_DIR,
"Got a %s consensus at least as old as the one we have",
2014 if (!was_waiting_for_certs) {
2016 "Not enough certificates to check networkstatus consensus");
2018 if (!current_valid_after ||
2021 networkstatus_vote_free(waiting->
consensus);
2027 write_bytes_to_file(unverified_fname, consensus, consensus_len, 1);
2037 if (was_waiting_for_certs && from_cache)
2038 if (unlink(unverified_fname) != 0) {
2040 "Failed to unlink %s: %s",
2041 unverified_fname, strerror(errno));
2047 if (!was_waiting_for_certs) {
2048 log_warn(
LD_DIR,
"Not enough good signatures on networkstatus " 2052 if (was_waiting_for_certs && (r < -1) && from_cache) {
2053 if (unlink(unverified_fname) != 0) {
2055 "Failed to unlink %s: %s",
2056 unverified_fname, strerror(errno));
2064 if (from_cache && was_waiting_for_certs) {
2068 log_info(
LD_DIR,
"Unverified consensus signatures verified.");
2069 tor_rename(unverified_fname, consensus_fname);
2072 if (!from_cache && flav == usable_consensus_flavor())
2075 if (!checked_protocols_already) {
2080 if (r != 1 && dl_certs)
2083 const int is_usable_flavor = flav == usable_consensus_flavor();
2087 if (is_usable_flavor) {
2088 notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
2091 if (flav == FLAV_NS) {
2102 }
else if (flav == FLAV_MICRODESC) {
2116 networkstatus_vote_free(waiting->
consensus);
2120 if (unlink(unverified_fname) != 0) {
2122 "Failed to unlink %s: %s",
2123 unverified_fname, strerror(errno));
2127 if (is_usable_flavor) {
2130 notify_after_networkstatus_changes();
2137 reschedule_dirvote(options);
2152 channelpadding_new_consensus_params(c);
2157 if (c->
valid_after <= now && now <= c->valid_until) {
2173 consdiffmgr_add_consensus(consensus, consensus_len, c);
2178 write_bytes_to_file(consensus_fname, consensus, consensus_len, 1);
2191 networkstatus_vote_free(c);
2216 NSSET_WAS_WAITING_FOR_CERTS, source_dir);
2231 networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
2234 if (!consensus || dir_version < 3)
2248 int is_server = server_mode(get_options());
2250 const char *recommended = is_server ?
2255 log_info(
LD_GENERAL,
"The directory authorities say my version is ok.");
2258 "The directory authorities don't recommend any versions.");
2261 log_notice(
LD_GENERAL,
"This version of Tor (%s) is newer than any " 2262 "recommended version%s, according to the directory " 2263 "authorities. Recommended versions are: %s",
2269 "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2270 VERSION,
"NEW", recommended);
2274 "This version of Tor (%s) is %s, according to the directory " 2275 "authorities. Recommended versions are: %s",
2277 status ==
VS_OLD ?
"obsolete" :
"not recommended",
2281 "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2282 VERSION, status ==
VS_OLD ?
"OBSOLETE" :
"UNRECOMMENDED",
2296 int authdir = authdir_mode_v3(options);
2306 router->cache_info.identity_digest,
DIGEST_LEN),
2310 if (
tor_memeq(router->cache_info.signed_descriptor_digest,
2312 if (ns->
valid_until > router->cache_info.last_listed_as_valid_until)
2313 router->cache_info.last_listed_as_valid_until = ns->
valid_until;
2321 if (old_router != router) {
2322 router->needs_retest_if_added =
2326 if (reset_failures) {
2329 } SMARTLIST_FOREACH_JOIN_END(rs, router);
2346 memset(dummy, 0,
sizeof(dummy));
2352 d->signed_descriptor_digest);
2354 if (ns->
valid_until > d->last_listed_as_valid_until)
2367 ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
2431 if (purpose == ROUTER_PURPOSE_UNKNOWN) {
2432 log_info(
LD_DIR,
"Unrecognized purpose '%s' when listing router statuses.",
2437 statuses = smartlist_new();
2439 node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
2442 if (ri->cache_info.published_on < cutoff)
2444 if (ri->purpose != purpose)
2448 } SMARTLIST_FOREACH_END(ri);
2452 smartlist_free(statuses);
2458 get_net_param_from_list(
smartlist_t *net_params,
const char *param_name,
2459 int32_t default_val, int32_t min_val, int32_t max_val)
2461 int32_t res = default_val;
2462 size_t name_len = strlen(param_name);
2469 if (!
strcmpstart(p, param_name) && p[name_len] ==
'=') {
2472 INT32_MAX, &ok, NULL);
2478 } SMARTLIST_FOREACH_END(p);
2480 if (res < min_val) {
2481 log_warn(
LD_DIR,
"Consensus parameter %s is too small. Got %d, raising to " 2482 "%d.", param_name, res, min_val);
2484 }
else if (res > max_val) {
2485 log_warn(
LD_DIR,
"Consensus parameter %s is too large. Got %d, capping to " 2486 "%d.", param_name, res, max_val);
2503 networkstatus_get_param, (
const networkstatus_t *ns,
const char *param_name,
2504 int32_t default_val, int32_t min_val, int32_t max_val))
2507 ns = networkstatus_get_latest_consensus();
2512 return get_net_param_from_list(ns->
net_params, param_name,
2513 default_val, min_val, max_val);
2523 int32_t torrc_value,
2524 const char *param_name,
2525 int32_t default_val,
2526 int32_t min_val, int32_t max_val)
2528 if (torrc_value >= min_val && torrc_value <= max_val)
2531 return networkstatus_get_param(
2532 ns, param_name, default_val, min_val, max_val);
2544 return networkstatus_get_param(ns,
"bwweightscale",
2546 BW_MIN_WEIGHT_SCALE,
2547 BW_MAX_WEIGHT_SCALE);
2556 int32_t default_val)
2561 ns = networkstatus_get_latest_consensus();
2567 param = get_net_param_from_list(ns->
weight_params, weight_name,
2569 BW_MAX_WEIGHT_SCALE);
2571 log_warn(
LD_DIR,
"Value of consensus weight %s was too large, capping " 2572 "to %d", weight_name, max);
2586 case FLAV_MICRODESC:
2599 if (!strcmp(flavname,
"ns"))
2601 else if (!strcmp(flavname,
"microdesc"))
2602 return FLAV_MICRODESC;
2622 if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
2637 const char *question,
char **answer,
2638 const char **errmsg)
2643 if (!networkstatus_get_latest_consensus()) {
2644 *answer = tor_strdup(
"");
2648 if (!strcmp(question,
"ns/all")) {
2657 smartlist_free(statuses);
2661 const char *q = question + 6;
2666 *errmsg =
"Data not decodeable as hex";
2671 const node_t *n = node_get_by_nickname(question+8, 0);
2672 status = n ? n->rs : NULL;
2673 }
else if (!
strcmpstart(question,
"ns/purpose/")) {
2675 return *answer ? 0 : -1;
2676 }
else if (!strcmp(question,
"consensus/packages")) {
2681 *errmsg =
"No consensus available";
2682 return *answer ? 0 : -1;
2683 }
else if (!strcmp(question,
"consensus/valid-after") ||
2684 !strcmp(question,
"consensus/fresh-until") ||
2685 !strcmp(question,
"consensus/valid-until")) {
2689 if (!strcmp(question,
"consensus/valid-after"))
2691 else if (!strcmp(question,
"consensus/fresh-until"))
2696 char tbuf[ISO_TIME_LEN+1];
2698 *answer = tor_strdup(tbuf);
2700 *errmsg =
"No consensus available";
2702 return *answer ? 0 : -1;
2723 const char *func = client_mode ?
"client" :
"relay";
2724 const char *required, *recommended;
2725 char *missing = NULL;
2727 const bool consensus_postdates_this_release =
2733 required = ns->required_client_protocols;
2734 recommended = ns->recommended_client_protocols;
2736 required = ns->required_relay_protocols;
2741 tor_asprintf(warning_out,
"At least one protocol listed as required in " 2742 "the consensus is not supported by this version of Tor. " 2743 "You should upgrade. This version of Tor will not work as a " 2744 "%s on the Tor network. The missing protocols are: %s",
2747 return consensus_postdates_this_release ? 1 : 0;
2751 tor_asprintf(warning_out,
"At least one protocol listed as recommended in " 2752 "the consensus is not supported by this version of Tor. " 2753 "You should upgrade. This version of Tor will eventually " 2754 "stop working as a %s on the Tor network. The missing " 2755 "protocols are: %s",
2760 tor_assert_nonfatal(missing == NULL);
2777 networkstatus_vote_free(waiting->
consensus);
Header file containing denial of service defenses for the HS subsystem for all versions.
STATIC networkstatus_t * current_ns_consensus
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Header file for circuitstats.c.
int directory_fetches_dir_info_early(const or_options_t *options)
networkstatus_type_t type
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
routerstatus_t * router_get_mutable_consensus_status_by_id(const char *digest)
Header file for dirclient.c.
smartlist_t * old_routers
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
Format routerstatus entries for controller, vote, or consensus.
Header file for circuitbuild.c.
int we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
Common functions for using (pseudo-)random number generators.
Header file for voteflags.c.
version_status_t tor_version_is_obsolete(const char *myversion, const char *versionlist)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
networkstatus_sr_info_t sr_info
unsigned int name_lookup_warned
void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns)
download_want_authority_t
int dir_server_mode(const or_options_t *options)
Header file for node_select.c.
void format_local_iso_time(char *buf, time_t t)
void download_status_reset(download_status_t *dls)
void router_dir_info_changed(void)
int we_use_microdescriptors_for_circuits(const or_options_t *options)
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Header file for connection.c.
void networkstatus_note_certs_arrived(const char *source_dir)
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
char identity_digest[DIGEST_LEN]
int get_n_authorities(dirinfo_type_t type)
Header file for nodelist.c.
STATIC void warn_early_consensus(const networkstatus_t *c, const char *flavor, time_t now)
char * networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
void scheduler_notify_networkstatus_changed(void)
int we_want_to_fetch_flavor(const or_options_t *options, int flavor)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
int networkstatus_consensus_can_use_multiple_directories(const or_options_t *options)
int directory_caches_unknown_auth_certs(const or_options_t *options)
void cmux_ewma_set_options(const or_options_t *options, const networkstatus_t *consensus)
static void update_consensus_bootstrap_attempt_downloads(time_t now, download_status_t *dls, download_want_authority_t want_authority)
MOCK_IMPL(const routerstatus_t *, networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
void voting_schedule_recalculate_timing(const or_options_t *options, time_t now)
Header file for config.c.
Header file for authcert.c.
char * networkstatus_getinfo_helper_single(const routerstatus_t *rs)
uint8_t digest_sha3_as_signed[DIGEST256_LEN]
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
#define DIR_CONN_STATE_CLIENT_READING
int format_time_interval(char *out, size_t out_len, long interval)
struct connection_t * linked_conn
#define OLD_ROUTER_DESC_MAX_AGE
Header file for microdesc.c.
void signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
routerinfo_t * router_get_mutable_by_digest(const char *digest)
void update_certificate_downloads(time_t now)
void routers_sort_by_identity(smartlist_t *routers)
void routers_update_all_from_networkstatus(time_t now, int dir_version)
int directory_fetches_from_authorities(const or_options_t *options)
char signed_descriptor_digest[DIGEST_LEN]
void document_signature_free_(document_signature_t *sig)
void networkstatus_consensus_download_failed(int status_code, const char *flavname)
static void update_consensus_bootstrap_multiple_downloads(time_t now, const or_options_t *options)
Header file for reachability.c.
int strcmpstart(const char *s1, const char *s2)
unsigned int supports_tunnelled_dir_requests
#define tor_fragile_assert()
unsigned int is_possible_guard
void circpad_new_consensus_params(const networkstatus_t *ns)
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, int consensus_method, const vote_routerstatus_t *vrs)
void update_microdescs_from_networkstatus(time_t now)
int networkstatus_valid_until_is_reasonably_live(time_t valid_until, time_t now)
#define DIR_PURPOSE_FETCH_CONSENSUS
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
Header file for mainloop.c.
void memwipe(void *mem, uint8_t byte, size_t sz)
unsigned int bad_signature
static smartlist_t * router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
#define DELAY_WHILE_FETCHING_CERTS
int download_status_is_ready(download_status_t *dls, time_t now)
Header file for versions.c.
Header file for scheduler*.c.
signed_descriptor_t cache_info
time_t download_status_increment_attempt(download_status_t *dls, const char *item, time_t now)
unsigned int is_authority
int control_event_newconsensus(const networkstatus_t *consensus)
static int routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
smartlist_t * weight_params
void update_consensus_networkstatus_fetch_time(time_t now)
Header file for directory authority mode.
void microdesc_reset_outdated_dirservers_list(void)
int networkstatus_parse_flavor_name(const char *flavname)
STATIC networkstatus_t * current_md_consensus
unsigned int good_signature
Header file for hibernate.c.
static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]
int directory_fetches_dir_info_later(const or_options_t *options)
int control_event_general_status(int severity, const char *format,...)
download_schedule_bitfield_t schedule
Common functions for cryptographic routines.
Header file for channel.c.
char signing_key_digest[DIGEST_LEN]
int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, int32_t default_val)
int networkstatus_valid_after_is_reasonably_live(time_t valid_after, time_t now)
struct vote_microdesc_hash_t * next
Header file for routermode.c.
int tor_memcmp(const void *a, const void *b, size_t len)
int tor_memeq(const void *a, const void *b, size_t sz)
int tor_asprintf(char **strp, const char *fmt,...)
Header file for circuitpadding.c.
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
char identity[DIGEST_LEN]
uint8_t router_purpose_from_string(const char *s)
Header file for circuitbuild.c.
void vote_routerstatus_free_(vote_routerstatus_t *rs)
Master header file for Tor-specific functionality.
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
void authority_certs_fetch_missing(networkstatus_t *status, time_t now, const char *dir_hint)
const char * hex_str(const char *from, size_t fromlen)
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS]
int options_any_client_port_set(const or_options_t *options)
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS]
int crypto_rand_int(unsigned int max)
static void update_consensus_networkstatus_downloads(time_t now)
smartlist_t * supported_methods
char * microdesc_hash_line
void networkstatus_reset_warnings(void)
char signing_key_digest[DIGEST_LEN]
crypto_pk_t * signing_key
void networkstatus_reset_download_failures(void)
#define PDS_RETRY_IF_NO_SERVERS
char nickname[MAX_NICKNAME_LEN+1]
int ClientBootstrapConsensusMaxInProgressTries
int pt_proxies_configuration_pending(void)
int router_reload_consensus_networkstatus(void)
Header file for circuitmux_ewma.c.
void routers_update_status_from_consensus_networkstatus(smartlist_t *routers, int reset_failures)
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE
#define RFTS_IGNORE_MISSING
int compare_digest_to_vote_routerstatus_entry(const void *_key, const void **_member)
smartlist_t * known_flags
Header file for voting_schedule.c.
int control_event_client_status(int severity, const char *format,...)
Headers for transports.c.
int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
void * smartlist_bsearch(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member))
static void handle_missing_protocol_warning_impl(const networkstatus_t *c, int is_client)
static int reload_consensus_from_file(const char *fname, const char *flavor, unsigned flags, const char *source_dir)
int authority_cert_dl_looks_uncertain(const char *id_digest)
static void handle_missing_protocol_warning(const networkstatus_t *c, const or_options_t *options)
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS
Headers and type declarations for protover.c.
static int have_warned_about_old_version
void networkstatus_vote_free_(networkstatus_t *ns)
int FetchUselessDescriptors
smartlist_t * routerstatus_list
char descriptor_digest[DIGEST256_LEN]
unsigned int is_possible_guard
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
time_t tor_get_approx_release_date(void)
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Header file for connection_edge.c.
char identity_digest[DIGEST_LEN]
Header file for ns_parse.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
int32_t networkstatus_get_overridable_param(const networkstatus_t *ns, int32_t torrc_value, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
#define ROUTER_MAX_AGE_TO_PUBLISH
void format_iso_time(char *buf, time_t t)
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
#define download_status_failed(dls, sc)
Header file for dirvote.c.
Header file for circuitmux.c.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
static int networkstatus_check_required_protocols(const networkstatus_t *ns, int client_mode, char **warning_out)
const char * escaped(const char *s)
int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out)
networkstatus_t * consensus
Header file for dlstatus.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
void update_networkstatus_downloads(time_t now)
int control_event_is_interesting(int event)
struct consensus_waiting_for_certs_t consensus_waiting_for_certs_t
routerstatus_t * networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int protover_all_supported(const char *s, char **missing_out)
int authority_cert_is_blacklisted(const authority_cert_t *cert)
vote_microdesc_hash_t * microdesc
char identity_digest[DIGEST_LEN]
int consensus_is_waiting_for_certs(void)
smartlist_t * package_lines
Header file for dirlist.c.
void set_routerstatus_from_routerinfo(routerstatus_t *rs, const node_t *node, const routerinfo_t *ri)
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
#define N_CONSENSUS_FLAVORS
int directory_caches_dir_info(const or_options_t *options)
static void networkstatus_copy_old_consensus_info(networkstatus_t *new_c, const networkstatus_t *old_c)
void networkstatus_free_all(void)
int networkstatus_get_weight_scale_param(networkstatus_t *ns)
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
static char * networkstatus_get_cache_fname(int flav, const char *flavorname, int unverified_consensus)
Header file for connection_or.c.
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING
unsigned int is_flagged_running
static tor_mmap_t * networkstatus_map_cached_consensus_impl(int flav, const char *flavorname, int unverified_consensus)
int tor_rename(const char *path_old, const char *path_new)
#define AP_CONN_STATE_IS_UNATTACHED(s)
static int have_warned_about_new_version
char * recommended_relay_protocols
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
digestmap_t * desc_digest_map
void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, size_t networkstatus_len, const char *flavor_name, const common_digests_t *digests, const uint8_t *sha3_as_signed, time_t published)
static void notify_control_networkstatus_changed(const networkstatus_t *old_c, const networkstatus_t *new_c)
Header file for routerinfo.c.
document_signature_t * document_signature_dup(const document_signature_t *sig)
int client_would_use_router(const routerstatus_t *rs, time_t now)
static int connection_dir_count_by_purpose_and_resource(int purpose, const char *resource)
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
Header file for control_events.c.
int FetchDirInfoExtraEarly
smartlist_t * bw_file_headers
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
routerlist_t * router_get_routerlist(void)
struct authority_cert_t * cert
void routerstatus_free_(routerstatus_t *rs)
Header file for networkstatus.c.
int control_event_networkstatus_changed(smartlist_t *statuses)
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member), int *found_out)
Header file for routerlist.c.
int compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
tor_mmap_t * networkstatus_map_cached_consensus(const char *flavorname)
