tor  0.4.2.0-alpha-dev
networkstatus.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
39 #define NETWORKSTATUS_PRIVATE
40 #include "core/or/or.h"
41 #include "app/config/config.h"
43 #include "core/mainloop/mainloop.h"
44 #include "core/mainloop/netstatus.h"
45 #include "core/or/channel.h"
46 #include "core/or/channelpadding.h"
47 #include "core/or/circuitpadding.h"
48 #include "core/or/circuitmux.h"
50 #include "core/or/circuitstats.h"
52 #include "core/or/connection_or.h"
53 #include "core/or/dos.h"
54 #include "core/or/protover.h"
55 #include "core/or/relay.h"
56 #include "core/or/scheduler.h"
57 #include "core/or/versions.h"
58 #include "feature/client/bridges.h"
63 #include "feature/dircache/consdiffmgr.h"
80 #include "feature/nodelist/torcert.h"
84 
85 #include "feature/dirauth/dirauth_periodic.h"
88 #include "feature/dirauth/shared_random.h"
90 
91 #include "feature/nodelist/authority_cert_st.h"
92 #include "feature/dircommon/dir_connection_st.h"
93 #include "feature/dirclient/dir_server_st.h"
94 #include "feature/nodelist/document_signature_st.h"
95 #include "feature/nodelist/networkstatus_st.h"
96 #include "feature/nodelist/networkstatus_voter_info_st.h"
97 #include "feature/dirauth/ns_detached_signatures_st.h"
98 #include "feature/nodelist/node_st.h"
99 #include "feature/nodelist/routerinfo_st.h"
100 #include "feature/nodelist/routerlist_st.h"
101 #include "feature/dirauth/vote_microdesc_hash_st.h"
102 #include "feature/nodelist/vote_routerstatus_st.h"
103 
104 #ifdef HAVE_UNISTD_H
105 #include <unistd.h>
106 #endif
107 
111 
115 
124  time_t set_at;
129 
135 
142  {
143  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
144  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
145  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
146  DL_SCHED_INCREMENT_FAILURE, 0, 0 },
147  };
148 
149 #define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2
150 #define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0
151 #define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1
152 
153 /* Using DL_SCHED_INCREMENT_ATTEMPT on these schedules means that
154  * download_status_increment_failure won't increment these entries.
155  * However, any bootstrap connection failures that occur after we have
156  * a valid consensus will count against the failure counts on the non-bootstrap
157  * schedules. There should only be one of these, as all the others will have
158  * been cancelled. (This doesn't seem to be a significant issue.) */
159 static download_status_t
160  consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
161  {
162  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
163  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
164  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
165  { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
166  DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
167  };
168 
175 
177  time_t now,
178  const or_options_t *options);
180  int client_mode,
181  char **warning_out);
182 static int reload_consensus_from_file(const char *fname,
183  const char *flavor,
184  unsigned flags,
185  const char *source_dir);
186 
189 void
191 {
192  SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
193  node->name_lookup_warned = 0);
194 
197 }
198 
202 void
204 {
205  int i;
206 
207  log_debug(LD_GENERAL,
208  "In networkstatus_reset_download_failures()");
209 
210  for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
212 
213  for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
214  download_status_reset(&consensus_bootstrap_dl_status[i]);
215 }
216 
218 static char *
220  const char *flavorname,
221  int unverified_consensus)
222 {
223  char buf[128];
224  const char *prefix;
225  if (unverified_consensus) {
226  prefix = "unverified";
227  } else {
228  prefix = "cached";
229  }
230  if (flav == FLAV_NS) {
231  tor_snprintf(buf, sizeof(buf), "%s-consensus", prefix);
232  } else {
233  tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname);
234  }
235 
236  return get_cachedir_fname(buf);
237 }
238 
243 static tor_mmap_t *
245  const char *flavorname,
246  int unverified_consensus)
247 {
248  char *filename = networkstatus_get_cache_fname(flav,
249  flavorname,
250  unverified_consensus);
251  tor_mmap_t *result = tor_mmap_file(filename);
252  tor_free(filename);
253  return result;
254 }
255 
258 tor_mmap_t *
259 networkstatus_map_cached_consensus(const char *flavorname)
260 {
261  int flav = networkstatus_parse_flavor_name(flavorname);
262  if (flav < 0)
263  return NULL;
264  return networkstatus_map_cached_consensus_impl(flav, flavorname, 0);
265 }
266 
268 int
270 {
271  const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
272  int flav;
273 
274  /* FFFF Suppress warnings if cached consensus is bad? */
275  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
276  const char *flavor = networkstatus_get_flavor_name(flav);
277  char *fname = networkstatus_get_cache_fname(flav, flavor, 0);
278  reload_consensus_from_file(fname, flavor, flags, NULL);
279  tor_free(fname);
280 
281  fname = networkstatus_get_cache_fname(flav, flavor, 1);
282  reload_consensus_from_file(fname, flavor,
283  flags | NSSET_WAS_WAITING_FOR_CERTS,
284  NULL);
285  tor_free(fname);
286  }
287 
288  update_certificate_downloads(time(NULL));
289 
292 
293  return 0;
294 }
295 
297 void
299 {
300  vote_microdesc_hash_t *h, *next;
301  if (!rs)
302  return;
303  tor_free(rs->version);
304  tor_free(rs->protocols);
306  for (h = rs->microdesc; h; h = next) {
308  next = h->next;
309  tor_free(h);
310  }
311  tor_free(rs);
312 }
313 
315 void
317 {
318  if (!rs)
319  return;
320  tor_free(rs->exitsummary);
321  tor_free(rs);
322 }
323 
325 void
327 {
328  tor_free(sig->signature);
329  tor_free(sig);
330 }
331 
335 {
336  document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
337  if (r->signature)
338  r->signature = tor_memdup(sig->signature, sig->signature_len);
339  return r;
340 }
341 
343 void
345 {
346  if (!ns)
347  return;
348 
350  tor_free(ns->server_versions);
351  tor_free(ns->recommended_client_protocols);
353  tor_free(ns->required_client_protocols);
354  tor_free(ns->required_relay_protocols);
355 
356  if (ns->known_flags) {
357  SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
358  smartlist_free(ns->known_flags);
359  }
360  if (ns->weight_params) {
361  SMARTLIST_FOREACH(ns->weight_params, char *, c, tor_free(c));
362  smartlist_free(ns->weight_params);
363  }
364  if (ns->net_params) {
365  SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
366  smartlist_free(ns->net_params);
367  }
368  if (ns->supported_methods) {
369  SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
370  smartlist_free(ns->supported_methods);
371  }
372  if (ns->package_lines) {
373  SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c));
374  smartlist_free(ns->package_lines);
375  }
376  if (ns->voters) {
378  tor_free(voter->nickname);
379  tor_free(voter->address);
380  tor_free(voter->contact);
381  if (voter->sigs) {
382  SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
383  document_signature_free(sig));
384  smartlist_free(voter->sigs);
385  }
386  tor_free(voter);
387  } SMARTLIST_FOREACH_END(voter);
388  smartlist_free(ns->voters);
389  }
390  authority_cert_free(ns->cert);
391 
392  if (ns->routerstatus_list) {
393  if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
395  vote_routerstatus_free(rs));
396  } else {
398  routerstatus_free(rs));
399  }
400 
401  smartlist_free(ns->routerstatus_list);
402  }
403 
404  if (ns->bw_file_headers) {
405  SMARTLIST_FOREACH(ns->bw_file_headers, char *, c, tor_free(c));
406  smartlist_free(ns->bw_file_headers);
407  }
408 
409  digestmap_free(ns->desc_digest_map, NULL);
410 
411  if (ns->sr_info.commits) {
412  dirvote_clear_commits(ns);
413  }
414  tor_free(ns->sr_info.previous_srv);
415  tor_free(ns->sr_info.current_srv);
416 
417  memwipe(ns, 11, sizeof(*ns));
418  tor_free(ns);
419 }
420 
426  const char *identity)
427 {
428  if (!vote || !vote->voters)
429  return NULL;
431  if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
432  return voter);
433  return NULL;
434 }
435 
440  digest_algorithm_t alg)
441 {
442  if (!voter->sigs)
443  return NULL;
445  if (sig->alg == alg)
446  return sig);
447  return NULL;
448 }
449 
454 int
457  const authority_cert_t *cert)
458 {
459  char key_digest[DIGEST_LEN];
460  const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
461  char *signed_digest;
462  size_t signed_digest_len;
463 
464  if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
465  return -1;
466  if (tor_memneq(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
467  tor_memneq(sig->identity_digest, cert->cache_info.identity_digest,
468  DIGEST_LEN))
469  return -1;
470 
471  if (authority_cert_is_blacklisted(cert)) {
472  /* We implement blacklisting for authority signing keys by treating
473  * all their signatures as always bad. That way we don't get into
474  * crazy loops of dropping and re-fetching signatures. */
475  log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
476  " signing key %s",
478  sig->bad_signature = 1;
479  return 0;
480  }
481 
482  signed_digest_len = crypto_pk_keysize(cert->signing_key);
483  signed_digest = tor_malloc(signed_digest_len);
484  if (crypto_pk_public_checksig(cert->signing_key,
485  signed_digest,
486  signed_digest_len,
487  sig->signature,
488  sig->signature_len) < dlen ||
489  tor_memneq(signed_digest, consensus->digests.d[sig->alg], dlen)) {
490  log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
491  sig->bad_signature = 1;
492  } else {
493  sig->good_signature = 1;
494  }
495  tor_free(signed_digest);
496  return 0;
497 }
498 
507 int
509  int warn)
510 {
511  int n_good = 0;
512  int n_missing_key = 0, n_dl_failed_key = 0;
513  int n_bad = 0;
514  int n_unknown = 0;
515  int n_no_signature = 0;
516  int n_v3_authorities = get_n_authorities(V3_DIRINFO);
517  int n_required = n_v3_authorities/2 + 1;
518  smartlist_t *list_good = smartlist_new();
519  smartlist_t *list_no_signature = smartlist_new();
520  smartlist_t *need_certs_from = smartlist_new();
521  smartlist_t *unrecognized = smartlist_new();
522  smartlist_t *missing_authorities = smartlist_new();
523  int severity;
524  time_t now = time(NULL);
525 
526  tor_assert(consensus->type == NS_TYPE_CONSENSUS);
527 
529  voter) {
530  int good_here = 0;
531  int bad_here = 0;
532  int unknown_here = 0;
533  int missing_key_here = 0, dl_failed_key_here = 0;
534  SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
535  if (!sig->good_signature && !sig->bad_signature &&
536  sig->signature) {
537  /* we can try to check the signature. */
538  int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
539  sig->identity_digest) != NULL;
540  authority_cert_t *cert =
541  authority_cert_get_by_digests(sig->identity_digest,
542  sig->signing_key_digest);
543  tor_assert(tor_memeq(sig->identity_digest, voter->identity_digest,
544  DIGEST_LEN));
545 
546  if (!is_v3_auth) {
547  smartlist_add(unrecognized, voter);
548  ++unknown_here;
549  continue;
550  } else if (!cert || cert->expires < now) {
551  smartlist_add(need_certs_from, voter);
552  ++missing_key_here;
553  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
554  ++dl_failed_key_here;
555  continue;
556  }
557  if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
558  smartlist_add(need_certs_from, voter);
559  ++missing_key_here;
560  if (authority_cert_dl_looks_uncertain(sig->identity_digest))
561  ++dl_failed_key_here;
562  continue;
563  }
564  }
565  if (sig->good_signature)
566  ++good_here;
567  else if (sig->bad_signature)
568  ++bad_here;
569  } SMARTLIST_FOREACH_END(sig);
570 
571  if (good_here) {
572  ++n_good;
573  smartlist_add(list_good, voter->nickname);
574  } else if (bad_here) {
575  ++n_bad;
576  } else if (missing_key_here) {
577  ++n_missing_key;
578  if (dl_failed_key_here)
579  ++n_dl_failed_key;
580  } else if (unknown_here) {
581  ++n_unknown;
582  } else {
583  ++n_no_signature;
584  smartlist_add(list_no_signature, voter->nickname);
585  }
586  } SMARTLIST_FOREACH_END(voter);
587 
588  /* Now see whether we're missing any voters entirely. */
589  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
590  dir_server_t *, ds,
591  {
592  if ((ds->type & V3_DIRINFO) &&
593  !networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
594  smartlist_add(missing_authorities, ds);
595  });
596 
597  if (warn > 1 || (warn >= 0 &&
598  (n_good + n_missing_key - n_dl_failed_key < n_required))) {
599  severity = LOG_WARN;
600  } else {
601  severity = LOG_INFO;
602  }
603 
604  if (warn >= 0) {
605  SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
606  {
607  tor_log(severity, LD_DIR, "Consensus includes unrecognized authority "
608  "'%s' at %s:%d (contact %s; identity %s)",
609  voter->nickname, voter->address, (int)voter->dir_port,
610  voter->contact?voter->contact:"n/a",
611  hex_str(voter->identity_digest, DIGEST_LEN));
612  });
613  SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
614  {
615  tor_log(severity, LD_DIR, "Looks like we need to download a new "
616  "certificate from authority '%s' at %s:%d (contact %s; "
617  "identity %s)",
618  voter->nickname, voter->address, (int)voter->dir_port,
619  voter->contact?voter->contact:"n/a",
620  hex_str(voter->identity_digest, DIGEST_LEN));
621  });
622  SMARTLIST_FOREACH(missing_authorities, dir_server_t *, ds,
623  {
624  tor_log(severity, LD_DIR, "Consensus does not include configured "
625  "authority '%s' at %s:%d (identity %s)",
626  ds->nickname, ds->address, (int)ds->dir_port,
627  hex_str(ds->v3_identity_digest, DIGEST_LEN));
628  });
629  {
630  char *joined;
631  smartlist_t *sl = smartlist_new();
632  char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
634  "A consensus needs %d good signatures from recognized "
635  "authorities for us to accept it. "
636  "This %s one has %d (%s).",
637  n_required,
639  n_good, tmp);
640  tor_free(tmp);
641  if (n_no_signature) {
642  tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
644  "%d (%s) of the authorities we know didn't sign it.",
645  n_no_signature, tmp);
646  tor_free(tmp);
647  }
648  if (n_unknown) {
650  "It has %d signatures from authorities we don't "
651  "recognize.", n_unknown);
652  }
653  if (n_bad) {
654  smartlist_add_asprintf(sl, "%d of the signatures on it didn't verify "
655  "correctly.", n_bad);
656  }
657  if (n_missing_key) {
659  "We were unable to check %d of the signatures, "
660  "because we were missing the keys.", n_missing_key);
661  }
662  joined = smartlist_join_strings(sl, " ", 0, NULL);
663  tor_log(severity, LD_DIR, "%s", joined);
664  tor_free(joined);
665  SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
666  smartlist_free(sl);
667  }
668  }
669 
670  smartlist_free(list_good);
671  smartlist_free(list_no_signature);
672  smartlist_free(unrecognized);
673  smartlist_free(need_certs_from);
674  smartlist_free(missing_authorities);
675 
676  if (n_good == n_v3_authorities)
677  return 1;
678  else if (n_good >= n_required)
679  return 0;
680  else if (n_good + n_missing_key >= n_required)
681  return -1;
682  else
683  return -2;
684 }
685 
688 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
689 
692 int
693 compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
694 {
695  const char *key = _key;
696  const routerstatus_t *rs = *_member;
697  return tor_memcmp(key, rs->identity_digest, DIGEST_LEN);
698 }
699 
702 int
704  const void **_member)
705 {
706  const char *key = _key;
707  const vote_routerstatus_t *vrs = *_member;
708  return tor_memcmp(key, vrs->status.identity_digest, DIGEST_LEN);
709 }
710 
714 {
715  return smartlist_bsearch(ns->routerstatus_list, digest,
717 }
718 
722 networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
723 {
724  return networkstatus_vote_find_mutable_entry(ns, digest);
725 }
726 
727 /*XXXX MOVE make this static once functions are moved into this file. */
731 int
733  const char *digest, int *found_out)
734 {
735  return smartlist_bsearch_idx(ns->routerstatus_list, digest,
737  found_out);
738 }
739 
743 router_get_mutable_consensus_status_by_descriptor_digest,(
744  networkstatus_t *consensus,
745  const char *digest))
746 {
747  if (!consensus)
748  consensus = networkstatus_get_latest_consensus();
749  if (!consensus)
750  return NULL;
751  if (!consensus->desc_digest_map) {
752  digestmap_t *m = consensus->desc_digest_map = digestmap_new();
754  routerstatus_t *, rs,
755  {
756  digestmap_set(m, rs->descriptor_digest, rs);
757  });
758  }
759  return digestmap_get(consensus->desc_digest_map, digest);
760 }
761 
765 const routerstatus_t *
767  const char *digest)
768 {
769  return router_get_mutable_consensus_status_by_descriptor_digest(
770  consensus, digest);
771 }
772 
774 static smartlist_t *
776 {
777  smartlist_t *result = smartlist_new();
778  digestmap_iter_t *i;
779  const char *digest;
780  void *rs;
781  char *digest_tmp;
782 
783  for (i = digestmap_iter_init(consensus->desc_digest_map);
784  !(digestmap_iter_done(i));
785  i = digestmap_iter_next(consensus->desc_digest_map, i)) {
786  digestmap_iter_get(i, &digest, &rs);
787  digest_tmp = tor_malloc(DIGEST_LEN);
788  memcpy(digest_tmp, digest, DIGEST_LEN);
789  smartlist_add(result, digest_tmp);
790  }
791 
792  return result;
793 }
794 
798 router_get_descriptor_digests,(void))
799 {
800  smartlist_t *result = NULL;
801 
802  if (current_ns_consensus) {
803  result =
805  }
806 
807  return result;
808 }
809 
813 router_get_dl_status_by_descriptor_digest,(const char *d))
814 {
815  routerstatus_t *rs;
817  return NULL;
818  if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
820  return &rs->dl_status;
821 
822  return NULL;
823 }
824 
828 {
829  const networkstatus_t *ns = networkstatus_get_latest_consensus();
830  if (!ns)
831  return NULL;
832  smartlist_t *rslist = ns->routerstatus_list;
833  return smartlist_bsearch(rslist, digest,
835 }
836 
839 const routerstatus_t *
841 {
843 }
844 
847 #define AUTHORITY_NS_CACHE_INTERVAL (10*60)
848 
851 #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60)
852 
858 int
859 we_want_to_fetch_flavor(const or_options_t *options, int flavor)
860 {
861  if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) {
862  /* This flavor is crazy; we don't want it */
863  /*XXXX handle unrecognized flavors later */
864  return 0;
865  }
866  if (authdir_mode_v3(options) || directory_caches_dir_info(options)) {
867  /* We want to serve all flavors to others, regardless if we would use
868  * it ourselves. */
869  return 1;
870  }
871  if (options->FetchUselessDescriptors) {
872  /* In order to get all descriptors, we need to fetch all consensuses. */
873  return 1;
874  }
875  /* Otherwise, we want the flavor only if we want to use it to build
876  * circuits. */
877  return flavor == usable_consensus_flavor();
878 }
879 
886 int
888 {
889  if (authdir_mode_v3(options) ||
891  /* We want to serve all certs to others, regardless if we would use
892  * them ourselves. */
893  return 1;
894  }
895  if (options->FetchUselessDescriptors) {
896  /* Unknown certificates are definitely useless. */
897  return 1;
898  }
899  /* Otherwise, don't fetch unknown certificates. */
900  return 0;
901 }
902 
905 #define DELAY_WHILE_FETCHING_CERTS (20*60)
906 
909 #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
910 
911 /* Check if a downloaded consensus flavor should still wait for certificates
912  * to download now. If we decide not to wait, check if enough time has passed
913  * to consider the certificate download failure a separate failure. If so,
914  * fail dls.
915  * If waiting for certificates to download, return 1. If not, return 0. */
916 static int
917 check_consensus_waiting_for_certs(int flavor, time_t now,
918  download_status_t *dls)
919 {
921 
922  /* We should always have a known flavor, because we_want_to_fetch_flavor()
923  * filters out unknown flavors. */
924  tor_assert(flavor >= 0 && flavor < N_CONSENSUS_FLAVORS);
925 
926  waiting = &consensus_waiting_for_certs[flavor];
927  if (waiting->consensus) {
928  /* XXXX make sure this doesn't delay sane downloads. */
929  if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
930  waiting->consensus->valid_until > now) {
931  return 1;
932  } else {
933  if (!waiting->dl_failed) {
934  if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
935  download_status_failed(dls, 0);
936  }
937  waiting->dl_failed=1;
938  }
939  }
940  }
941 
942  return 0;
943 }
944 
947 static void
949 {
950  int i;
951  const or_options_t *options = get_options();
952  const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
953  now);
954  const int use_multi_conn =
956 
957  if (should_delay_dir_fetches(options, NULL))
958  return;
959 
960  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
961  /* XXXX need some way to download unknown flavors if we are caching. */
962  const char *resource;
963  networkstatus_t *c;
964  int max_in_progress_conns = 1;
965 
966  if (! we_want_to_fetch_flavor(options, i))
967  continue;
968 
969  c = networkstatus_get_latest_consensus_by_flavor(i);
970  if (! (c && c->valid_after <= now && now <= c->valid_until)) {
971  /* No live consensus? Get one now!*/
973  }
974 
975  if (time_to_download_next_consensus[i] > now)
976  continue; /* Wait until the current consensus is older. */
977 
978  resource = networkstatus_get_flavor_name(i);
979 
980  /* Check if we already have enough connections in progress */
981  if (we_are_bootstrapping && use_multi_conn) {
982  max_in_progress_conns =
984  }
987  resource)
988  >= max_in_progress_conns) {
989  continue;
990  }
991 
992  /* Check if we want to launch another download for a usable consensus.
993  * Only used during bootstrap. */
994  if (we_are_bootstrapping && use_multi_conn
995  && i == usable_consensus_flavor()) {
996 
997  /* Check if we're already downloading a usable consensus */
998  if (networkstatus_consensus_is_already_downloading(resource))
999  continue;
1000 
1001  /* Make multiple connections for a bootstrap consensus download. */
1003  } else {
1004  /* Check if we failed downloading a consensus too recently */
1005 
1006  /* Let's make sure we remembered to update consensus_dl_status */
1007  tor_assert(consensus_dl_status[i].schedule == DL_SCHED_CONSENSUS);
1008 
1010  continue;
1011  }
1012 
1015  if (check_consensus_waiting_for_certs(i, now, &consensus_dl_status[i])) {
1017  continue;
1018  }
1019 
1020  /* Try the requested attempt */
1021  log_info(LD_DIR, "Launching %s standard networkstatus consensus "
1022  "download.", networkstatus_get_flavor_name(i));
1023  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1024  ROUTER_PURPOSE_GENERAL, resource,
1026  consensus_dl_status[i].want_authority);
1027  }
1028  }
1029 }
1030 
1036 static void
1038  time_t now,
1039  download_status_t *dls,
1040  download_want_authority_t want_authority)
1041 {
1042  const char *resource = networkstatus_get_flavor_name(
1043  usable_consensus_flavor());
1044 
1045  /* Let's make sure we remembered to update schedule */
1046  tor_assert(dls->schedule == DL_SCHED_CONSENSUS);
1047 
1048  /* Allow for multiple connections in the same second, if the schedule value
1049  * is 0. */
1050  while (download_status_is_ready(dls, now)) {
1051  log_info(LD_DIR, "Launching %s bootstrap %s networkstatus consensus "
1052  "download.", resource, (want_authority == DL_WANT_AUTHORITY
1053  ? "authority"
1054  : "mirror"));
1055 
1056  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
1057  ROUTER_PURPOSE_GENERAL, resource,
1058  PDS_RETRY_IF_NO_SERVERS, want_authority);
1059  /* schedule the next attempt */
1060  download_status_increment_attempt(dls, resource, now);
1061  }
1062 }
1063 
1072 static void
1074  const or_options_t *options)
1075 {
1076  const int usable_flavor = usable_consensus_flavor();
1077 
1078  /* make sure we can use multiple connections */
1080  return;
1081  }
1082 
1083  /* Launch concurrent consensus download attempt(s) based on the mirror and
1084  * authority schedules. Try the mirror first - this makes it slightly more
1085  * likely that we'll connect to the fallback first, and then end the
1086  * authority connection attempt. */
1087 
1088  /* If a consensus download fails because it's waiting for certificates,
1089  * we'll fail both the authority and fallback schedules. This is better than
1090  * failing only one of the schedules, and having the other continue
1091  * unchecked.
1092  */
1093 
1094  /* If we don't have or can't use extra fallbacks, don't try them. */
1095  if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
1096  download_status_t *dls_f =
1097  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
1098 
1099  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
1100  /* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
1102  DL_WANT_ANY_DIRSERVER);
1103  }
1104  }
1105 
1106  /* Now try an authority. */
1107  download_status_t *dls_a =
1108  &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
1109 
1110  if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
1112  DL_WANT_AUTHORITY);
1113  }
1114 }
1115 
1118 void
1119 networkstatus_consensus_download_failed(int status_code, const char *flavname)
1120 {
1121  int flav = networkstatus_parse_flavor_name(flavname);
1122  if (flav >= 0) {
1124  /* XXXX handle unrecognized flavors */
1125  download_status_failed(&consensus_dl_status[flav], status_code);
1126  /* Retry immediately, if appropriate. */
1128  }
1129 }
1130 
1133 #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120
1134 
1137 static void
1139 {
1140  const or_options_t *options = get_options();
1141  networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
1142  const char *flavor = networkstatus_get_flavor_name(flav);
1143  if (! we_want_to_fetch_flavor(get_options(), flav))
1144  return;
1145 
1146  if (c && c->valid_after <= now && now <= c->valid_until) {
1147  long dl_interval;
1148  long interval = c->fresh_until - c->valid_after;
1149  long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
1150  time_t start;
1151 
1152  if (min_sec_before_caching > interval/16) {
1153  /* Usually we allow 2-minutes slop factor in case clocks get
1154  desynchronized a little. If we're on a private network with
1155  a crazy-fast voting interval, though, 2 minutes may be too
1156  much. */
1157  min_sec_before_caching = interval/16;
1158  /* make sure we always delay by at least a second before caching */
1159  if (min_sec_before_caching == 0) {
1160  min_sec_before_caching = 1;
1161  }
1162  }
1163 
1164  if (directory_fetches_dir_info_early(options)) {
1165  /* We want to cache the next one at some point after this one
1166  * is no longer fresh... */
1167  start = (time_t)(c->fresh_until + min_sec_before_caching);
1168  /* Some clients may need the consensus sooner than others. */
1169  if (options->FetchDirInfoExtraEarly || authdir_mode_v3(options)) {
1170  dl_interval = 60;
1171  if (min_sec_before_caching + dl_interval > interval)
1172  dl_interval = interval/2;
1173  } else {
1174  /* But only in the first half-interval after that. */
1175  dl_interval = interval/2;
1176  }
1177  } else {
1178  /* We're an ordinary client, a bridge, or a hidden service.
1179  * Give all the caches enough time to download the consensus. */
1180  start = (time_t)(c->fresh_until + (interval*3)/4);
1181  /* But download the next one well before this one is expired. */
1182  dl_interval = ((c->valid_until - start) * 7 )/ 8;
1183 
1184  /* If we're a bridge user, make use of the numbers we just computed
1185  * to choose the rest of the interval *after* them. */
1186  if (directory_fetches_dir_info_later(options)) {
1187  /* Give all the *clients* enough time to download the consensus. */
1188  start = (time_t)(start + dl_interval + min_sec_before_caching);
1189  /* But try to get it before ours actually expires. */
1190  dl_interval = (c->valid_until - start) - min_sec_before_caching;
1191  }
1192  }
1193  /* catch low dl_interval in crazy-fast networks */
1194  if (dl_interval < 1)
1195  dl_interval = 1;
1196  /* catch late start in crazy-fast networks */
1197  if (start+dl_interval >= c->valid_until)
1198  start = c->valid_until - dl_interval - 1;
1199  log_debug(LD_DIR,
1200  "fresh_until: %ld start: %ld "
1201  "dl_interval: %ld valid_until: %ld ",
1202  (long)c->fresh_until, (long)start, dl_interval,
1203  (long)c->valid_until);
1204  /* We must not try to replace c while it's still fresh: */
1205  tor_assert(c->fresh_until < start);
1206  /* We must download the next one before c is invalid: */
1207  tor_assert(start+dl_interval < c->valid_until);
1209  start + crypto_rand_int((int)dl_interval);
1210  {
1211  char tbuf1[ISO_TIME_LEN+1];
1212  char tbuf2[ISO_TIME_LEN+1];
1213  char tbuf3[ISO_TIME_LEN+1];
1217  log_info(LD_DIR, "Live %s consensus %s the most recent until %s and "
1218  "will expire at %s; fetching the next one at %s.",
1219  flavor, (c->fresh_until > now) ? "will be" : "was",
1220  tbuf1, tbuf2, tbuf3);
1221  }
1222  } else {
1223  time_to_download_next_consensus[flav] = now;
1224  log_info(LD_DIR, "No live %s consensus; we should fetch one immediately.",
1225  flavor);
1226  }
1227 }
1228 
1231 void
1233 {
1234  int i;
1235  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1236  if (we_want_to_fetch_flavor(get_options(), i))
1238  }
1239 }
1240 
1249 int
1250 should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
1251 {
1252  if (msg_out) {
1253  *msg_out = NULL;
1254  }
1255 
1256  if (options->DisableNetwork) {
1257  if (msg_out) {
1258  *msg_out = "DisableNetwork is set.";
1259  }
1260  log_info(LD_DIR, "Delaying dir fetches (DisableNetwork is set)");
1261  return 1;
1262  }
1263 
1264  if (we_are_hibernating()) {
1265  if (msg_out) {
1266  *msg_out = "We are hibernating or shutting down.";
1267  }
1268  log_info(LD_DIR, "Delaying dir fetches (Hibernating or shutting down)");
1269  return 1;
1270  }
1271 
1272  if (options->UseBridges) {
1273  /* If we know that none of our bridges can possibly work, avoid fetching
1274  * directory documents. But if some of them might work, try again. */
1275  if (num_bridges_usable(1) == 0) {
1276  if (msg_out) {
1277  *msg_out = "No running bridges";
1278  }
1279  log_info(LD_DIR, "Delaying dir fetches (no running bridges known)");
1280  return 1;
1281  }
1282 
1284  if (msg_out) {
1285  *msg_out = "Pluggable transport proxies still configuring";
1286  }
1287  log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)");
1288  return 1;
1289  }
1290  }
1291 
1292  return 0;
1293 }
1294 
1299 void
1301 {
1302  const or_options_t *options = get_options();
1303  if (should_delay_dir_fetches(options, NULL))
1304  return;
1309 }
1310 
1313 void
1315 {
1316  int i;
1317  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
1318  if (consensus_waiting_for_certs[i].consensus)
1320  now, NULL);
1321  }
1322 
1327 }
1328 
1331 int
1333 {
1334  return consensus_waiting_for_certs[usable_consensus_flavor()].consensus
1335  ? 1 : 0;
1336 }
1337 
1342 networkstatus_get_dl_status_by_flavor,(consensus_flavor_t flavor))
1343 {
1344  download_status_t *dl = NULL;
1345  const int we_are_bootstrapping =
1346  networkstatus_consensus_is_bootstrapping(time(NULL));
1347 
1348  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1349  dl = &((we_are_bootstrapping ?
1350  consensus_bootstrap_dl_status : consensus_dl_status)[flavor]);
1351  }
1352 
1353  return dl;
1354 }
1355 
1359 networkstatus_get_dl_status_by_flavor_bootstrap,(consensus_flavor_t flavor))
1360 {
1361  download_status_t *dl = NULL;
1362 
1363  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1364  dl = &(consensus_bootstrap_dl_status[flavor]);
1365  }
1366 
1367  return dl;
1368 }
1369 
1373 networkstatus_get_dl_status_by_flavor_running,(consensus_flavor_t flavor))
1374 {
1375  download_status_t *dl = NULL;
1376 
1377  if ((int)flavor <= N_CONSENSUS_FLAVORS) {
1378  dl = &(consensus_dl_status[flavor]);
1379  }
1380 
1381  return dl;
1382 }
1383 
1387 networkstatus_get_latest_consensus,(void))
1388 {
1389  if (we_use_microdescriptors_for_circuits(get_options()))
1390  return current_md_consensus;
1391  else
1392  return current_ns_consensus;
1393 }
1394 
1398 networkstatus_get_latest_consensus_by_flavor,(consensus_flavor_t f))
1399 {
1400  if (f == FLAV_NS)
1401  return current_ns_consensus;
1402  else if (f == FLAV_MICRODESC)
1403  return current_md_consensus;
1404  else {
1405  tor_assert(0);
1406  return NULL;
1407  }
1408 }
1409 
1413 networkstatus_get_live_consensus,(time_t now))
1414 {
1415  networkstatus_t *ns = networkstatus_get_latest_consensus();
1416  if (ns && networkstatus_is_live(ns, now))
1417  return ns;
1418  else
1419  return NULL;
1420 }
1421 
1424 int
1426 {
1427  return (ns->valid_after <= now && now <= ns->valid_until);
1428 }
1429 
1436 int
1438  time_t now)
1439 {
1440  if (BUG(!consensus))
1441  return 0;
1442 
1444  now) &&
1446  now);
1447 }
1448 
1449 #define REASONABLY_LIVE_TIME (24*60*60)
1450 
1454 int
1456  time_t now)
1457 {
1458  return (now >= valid_after - REASONABLY_LIVE_TIME);
1459 }
1460 
1464 int
1466  time_t now)
1467 {
1468  return (now <= valid_until + REASONABLY_LIVE_TIME);
1469 }
1470 
1474 networkstatus_get_reasonably_live_consensus,(time_t now, int flavor))
1475 {
1476  networkstatus_t *consensus =
1477  networkstatus_get_latest_consensus_by_flavor(flavor);
1478  if (consensus &&
1480  return consensus;
1481  else
1482  return NULL;
1483 }
1484 
1494 networkstatus_consensus_is_bootstrapping,(time_t now))
1495 {
1496  /* If we have a validated, reasonably live consensus, we're not
1497  * bootstrapping a consensus at all. */
1498  if (networkstatus_get_reasonably_live_consensus(
1499  now,
1500  usable_consensus_flavor())) {
1501  return 0;
1502  }
1503 
1504  /* If we have a consensus, but we're waiting for certificates,
1505  * we're not waiting for a consensus download while bootstrapping. */
1507  return 0;
1508  }
1509 
1510  /* If we have no consensus, or our consensus is very old, we are
1511  * bootstrapping, and we need to download a consensus. */
1512  return 1;
1513 }
1514 
1518 int
1520  const or_options_t *options)
1521 {
1522  /* If we are a client, bridge, bridge client, or hidden service */
1523  return !public_server_mode(options);
1524 }
1525 
1530 networkstatus_consensus_can_use_extra_fallbacks,(const or_options_t *options))
1531 {
1532  /* The list length comparisons are a quick way to check if we have any
1533  * non-authority fallback directories. If we ever have any authorities that
1534  * aren't fallback directories, we will need to change this code. */
1535  tor_assert(smartlist_len(router_get_fallback_dir_servers())
1536  >= smartlist_len(router_get_trusted_dir_servers()));
1537  /* If we don't fetch from the authorities, and we have additional mirrors,
1538  * we can use them. */
1539  return (!directory_fetches_from_authorities(options)
1540  && (smartlist_len(router_get_fallback_dir_servers())
1541  > smartlist_len(router_get_trusted_dir_servers())));
1542 }
1543 
1544 /* Is there a consensus fetch for flavor <b>resource</b> that's far
1545  * enough along to be attached to a circuit? */
1546 int
1547 networkstatus_consensus_is_already_downloading(const char *resource)
1548 {
1549  int answer = 0;
1550 
1551  /* First, get a list of all the dir conns that are fetching a consensus,
1552  * fetching *this* consensus, and are in state "reading" (meaning they
1553  * have already flushed their request onto the socks connection). */
1554  smartlist_t *fetching_conns =
1557 
1558  /* Then, walk through each conn, to see if its linked socks connection
1559  * is in an attached state. We have to check this separately, since with
1560  * the optimistic data feature, fetches can send their request to the
1561  * socks connection and go into state 'reading', even before they're
1562  * attached to any circuit. */
1563  SMARTLIST_FOREACH_BEGIN(fetching_conns, dir_connection_t *, dirconn) {
1564  /* Do any of these other dir conns have a linked socks conn that is
1565  * attached to a circuit already? */
1566  connection_t *base = TO_CONN(dirconn);
1567  if (base->linked_conn &&
1568  base->linked_conn->type == CONN_TYPE_AP &&
1570  answer = 1;
1571  break; /* stop looping, because we know the answer will be yes */
1572  }
1573  } SMARTLIST_FOREACH_END(dirconn);
1574  smartlist_free(fetching_conns);
1575 
1576  return answer;
1577 }
1578 
1579 /* Does the current, reasonably live consensus have IPv6 addresses?
1580  * Returns 1 if there is a reasonably live consensus and its consensus method
1581  * includes IPv6 addresses in the consensus.
1582  * Otherwise, if there is no consensus, or the method does not include IPv6
1583  * addresses, returns 0. */
1584 int
1585 networkstatus_consensus_has_ipv6(const or_options_t* options)
1586 {
1587  const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
1588  approx_time(),
1589  usable_consensus_flavor());
1590 
1591  /* If we have no consensus, we have no IPv6 in it */
1592  if (!cons) {
1593  return 0;
1594  }
1595 
1596  /* Different flavours of consensus gained IPv6 at different times */
1597  if (we_use_microdescriptors_for_circuits(options)) {
1598  return
1600  } else {
1601  return 1;
1602  }
1603 }
1604 
1607 static int
1609 {
1611 
1612  return strcmp(a->nickname, b->nickname) ||
1613  fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
1614  a->addr != b->addr ||
1615  a->or_port != b->or_port ||
1616  a->dir_port != b->dir_port ||
1617  a->is_authority != b->is_authority ||
1618  a->is_exit != b->is_exit ||
1619  a->is_stable != b->is_stable ||
1620  a->is_fast != b->is_fast ||
1622  a->is_named != b->is_named ||
1623  a->is_unnamed != b->is_unnamed ||
1624  a->is_valid != b->is_valid ||
1626  a->is_bad_exit != b->is_bad_exit ||
1627  a->is_hs_dir != b->is_hs_dir;
1628  // XXXX this function needs a huge refactoring; it has gotten out
1629  // XXXX of sync with routerstatus_t, and it will do so again.
1630 }
1631 
1634 static void
1636  const networkstatus_t *new_c)
1637 {
1638  smartlist_t *changed;
1639  if (old_c == new_c)
1640  return;
1641 
1642  /* tell the controller exactly which relays are still listed, as well
1643  * as what they're listed as */
1645 
1646  if (!control_event_is_interesting(EVENT_NS))
1647  return;
1648 
1649  if (!old_c) {
1651  return;
1652  }
1653  changed = smartlist_new();
1654 
1655  SMARTLIST_FOREACH_JOIN(
1656  old_c->routerstatus_list, const routerstatus_t *, rs_old,
1657  new_c->routerstatus_list, const routerstatus_t *, rs_new,
1658  tor_memcmp(rs_old->identity_digest,
1659  rs_new->identity_digest, DIGEST_LEN),
1660  smartlist_add(changed, (void*) rs_new)) {
1661  if (routerstatus_has_changed(rs_old, rs_new))
1662  smartlist_add(changed, (void*)rs_new);
1663  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1664 
1666  smartlist_free(changed);
1667 }
1668 
1669 /* Called before the consensus changes from old_c to new_c. */
1670 static void
1671 notify_before_networkstatus_changes(const networkstatus_t *old_c,
1672  const networkstatus_t *new_c)
1673 {
1675  dos_consensus_has_changed(new_c);
1676  relay_consensus_has_changed(new_c);
1677 }
1678 
1679 /* Called after a new consensus has been put in the global state. It is safe
1680  * to use the consensus getters in this function. */
1681 static void
1682 notify_after_networkstatus_changes(void)
1683 {
1685 }
1686 
1689 static void
1691  const networkstatus_t *old_c)
1692 {
1693  if (old_c == new_c)
1694  return;
1695  if (!old_c || !smartlist_len(old_c->routerstatus_list))
1696  return;
1697 
1698  SMARTLIST_FOREACH_JOIN(old_c->routerstatus_list, routerstatus_t *, rs_old,
1699  new_c->routerstatus_list, routerstatus_t *, rs_new,
1700  tor_memcmp(rs_old->identity_digest,
1701  rs_new->identity_digest, DIGEST_LEN),
1702  STMT_NIL) {
1703  /* Okay, so we're looking at the same identity. */
1704  rs_new->last_dir_503_at = rs_old->last_dir_503_at;
1705 
1706  if (tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
1707  DIGEST256_LEN)) {
1708  /* And the same descriptor too! */
1709  memcpy(&rs_new->dl_status, &rs_old->dl_status,sizeof(download_status_t));
1710  }
1711  } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1712 }
1713 
1714 #ifdef TOR_UNIT_TESTS
1715 
1721 int
1722 networkstatus_set_current_consensus_from_ns(networkstatus_t *c,
1723  const char *flavor)
1724 {
1725  int flav = networkstatus_parse_flavor_name(flavor);
1726  switch (flav) {
1727  case FLAV_NS:
1728  if (current_ns_consensus) {
1730  networkstatus_vote_free(current_ns_consensus);
1731  }
1733  break;
1734  case FLAV_MICRODESC:
1735  if (current_md_consensus) {
1737  networkstatus_vote_free(current_md_consensus);
1738  }
1740  break;
1741  }
1742  return current_md_consensus ? 0 : -1;
1743 }
1744 #endif /* defined(TOR_UNIT_TESTS) */
1745 
1751 static int
1752 reload_consensus_from_file(const char *fname,
1753  const char *flavor,
1754  unsigned flags,
1755  const char *source_dir)
1756 {
1757  tor_mmap_t *map = tor_mmap_file(fname);
1758  if (!map)
1759  return 0;
1760 
1761  int rv = networkstatus_set_current_consensus(map->data, map->size,
1762  flavor, flags, source_dir);
1763 #ifdef _WIN32
1764  if (rv < 0 && tor_memstr(map->data, map->size, "\r\n")) {
1765  log_notice(LD_GENERAL, "Looks like the above failures are probably "
1766  "because of a CRLF in consensus file %s; falling back to "
1767  "read_file_to_string. Nothing to worry about: this file "
1768  "was probably saved by an earlier version of Tor.",
1769  escaped(fname));
1770  char *content = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
1771  rv = networkstatus_set_current_consensus(content, strlen(content),
1772  flavor, flags, source_dir);
1773  tor_free(content);
1774  }
1775 #endif /* defined(_WIN32) */
1776  if (rv < -1) {
1777  log_warn(LD_GENERAL, "Couldn't set consensus from cache file %s",
1778  escaped(fname));
1779  }
1780  tor_munmap_file(map);
1781  return rv;
1782 }
1783 
1788 static void
1790  int is_client)
1791 {
1792  char *protocol_warning = NULL;
1793 
1794  int should_exit = networkstatus_check_required_protocols(c,
1795  is_client,
1796  &protocol_warning);
1797  if (protocol_warning) {
1798  tor_log(should_exit ? LOG_ERR : LOG_WARN,
1799  LD_GENERAL,
1800  "%s", protocol_warning);
1801  }
1802  if (should_exit) {
1803  tor_assert_nonfatal(protocol_warning);
1804  }
1805  tor_free(protocol_warning);
1806  if (should_exit)
1807  exit(1); // XXXX bad exit: should return from main.
1808 }
1809 
1814 static void
1816  const or_options_t *options)
1817 {
1818  const int is_server = server_mode(options);
1819  const int is_client = options_any_client_port_set(options) || !is_server;
1820 
1821  if (is_server)
1823  if (is_client)
1825 }
1826 
1844 STATIC void
1845 warn_early_consensus(const networkstatus_t *c, const char *flavor,
1846  time_t now)
1847 {
1848  char tbuf[ISO_TIME_LEN+1];
1849  char dbuf[64];
1850  long delta = now - c->valid_after;
1851  char *flavormsg = NULL;
1852 
1856 #define EARLY_CONSENSUS_NOTICE_SKEW 60
1857 
1858  /* We assume that if a majority of dirauths have accurate clocks,
1859  * the earliest that a dirauth with a skewed clock could possibly
1860  * publish a sufficiently-signed consensus is (valid_after -
1861  * dist_seconds). Before that time, the skewed dirauth would be
1862  * unable to obtain enough authority signatures for the consensus to
1863  * be valid. */
1864  if (now >= c->valid_after - c->dist_seconds - EARLY_CONSENSUS_NOTICE_SKEW)
1865  return;
1866 
1867  format_iso_time(tbuf, c->valid_after);
1868  format_time_interval(dbuf, sizeof(dbuf), delta);
1869  log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
1870  "consensus network status document (%s UTC). Tor needs an "
1871  "accurate clock to work correctly. Please check your time and "
1872  "date settings!", dbuf, tbuf);
1873  tor_asprintf(&flavormsg, "%s flavor consensus", flavor);
1874  clock_skew_warning(NULL, delta, 1, LD_GENERAL, flavormsg, "CONSENSUS");
1875  tor_free(flavormsg);
1876 }
1877 
1899 int
1901  size_t consensus_len,
1902  const char *flavor,
1903  unsigned flags,
1904  const char *source_dir)
1905 {
1906  networkstatus_t *c=NULL;
1907  int r, result = -1;
1908  time_t now = approx_time();
1909  const or_options_t *options = get_options();
1910  char *unverified_fname = NULL, *consensus_fname = NULL;
1911  int flav = networkstatus_parse_flavor_name(flavor);
1912  const unsigned from_cache = flags & NSSET_FROM_CACHE;
1913  const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
1914  const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
1915  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
1916  const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
1917  const common_digests_t *current_digests = NULL;
1918  consensus_waiting_for_certs_t *waiting = NULL;
1919  time_t current_valid_after = 0;
1920  int free_consensus = 1; /* Free 'c' at the end of the function */
1921  int checked_protocols_already = 0;
1922 
1923  if (flav < 0) {
1924  /* XXXX we don't handle unrecognized flavors yet. */
1925  log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
1926  return -2;
1927  }
1928 
1929  /* Make sure it's parseable. */
1931  consensus_len,
1932  NULL, NS_TYPE_CONSENSUS);
1933  if (!c) {
1934  log_warn(LD_DIR, "Unable to parse networkstatus consensus");
1935  result = -2;
1936  goto done;
1937  }
1938 
1939  if (from_cache && !was_waiting_for_certs) {
1940  /* We previously stored this; check _now_ to make sure that version-kills
1941  * really work. This happens even before we check signatures: we did so
1942  * before when we stored this to disk. This does mean an attacker who can
1943  * write to the datadir can make us not start: such an attacker could
1944  * already harm us by replacing our guards, which would be worse. */
1945  checked_protocols_already = 1;
1946  handle_missing_protocol_warning(c, options);
1947  }
1948 
1949  if ((int)c->flavor != flav) {
1950  /* This wasn't the flavor we thought we were getting. */
1951  if (require_flavor) {
1952  log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
1954  goto done;
1955  }
1956  flav = c->flavor;
1957  flavor = networkstatus_get_flavor_name(flav);
1958  }
1959 
1960  if (flav != usable_consensus_flavor() &&
1961  !we_want_to_fetch_flavor(options, flav)) {
1962  /* This consensus is totally boring to us: we won't use it, we didn't want
1963  * it, and we won't serve it. Drop it. */
1964  goto done;
1965  }
1966 
1967  if (from_cache && !accept_obsolete &&
1969  log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
1970  goto done;
1971  }
1972 
1973  if (!strcmp(flavor, "ns")) {
1974  consensus_fname = get_cachedir_fname("cached-consensus");
1975  unverified_fname = get_cachedir_fname("unverified-consensus");
1976  if (current_ns_consensus) {
1977  current_digests = &current_ns_consensus->digests;
1978  current_valid_after = current_ns_consensus->valid_after;
1979  }
1980  } else if (!strcmp(flavor, "microdesc")) {
1981  consensus_fname = get_cachedir_fname("cached-microdesc-consensus");
1982  unverified_fname = get_cachedir_fname("unverified-microdesc-consensus");
1983  if (current_md_consensus) {
1984  current_digests = &current_md_consensus->digests;
1985  current_valid_after = current_md_consensus->valid_after;
1986  }
1987  } else {
1988  tor_assert_nonfatal_unreached();
1989  result = -2;
1990  goto done;
1991  }
1992 
1993  if (current_digests &&
1994  tor_memeq(&c->digests, current_digests, sizeof(c->digests))) {
1995  /* We already have this one. That's a failure. */
1996  log_info(LD_DIR, "Got a %s consensus we already have", flavor);
1997  goto done;
1998  }
1999 
2000  if (current_valid_after && c->valid_after <= current_valid_after) {
2001  /* We have a newer one. There's no point in accepting this one,
2002  * even if it's great. */
2003  log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
2004  flavor);
2005  goto done;
2006  }
2007 
2008  /* Make sure it's signed enough. */
2009  if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
2010  if (r == -1) {
2011  /* Okay, so it _might_ be signed enough if we get more certificates. */
2012  if (!was_waiting_for_certs) {
2013  log_info(LD_DIR,
2014  "Not enough certificates to check networkstatus consensus");
2015  }
2016  if (!current_valid_after ||
2017  c->valid_after > current_valid_after) {
2018  waiting = &consensus_waiting_for_certs[flav];
2019  networkstatus_vote_free(waiting->consensus);
2020  waiting->consensus = c;
2021  free_consensus = 0;
2022  waiting->set_at = now;
2023  waiting->dl_failed = 0;
2024  if (!from_cache) {
2025  write_bytes_to_file(unverified_fname, consensus, consensus_len, 1);
2026  }
2027  if (dl_certs)
2028  authority_certs_fetch_missing(c, now, source_dir);
2029  /* This case is not a success or a failure until we get the certs
2030  * or fail to get the certs. */
2031  result = 0;
2032  } else {
2033  /* Even if we had enough signatures, we'd never use this as the
2034  * latest consensus. */
2035  if (was_waiting_for_certs && from_cache)
2036  if (unlink(unverified_fname) != 0) {
2037  log_debug(LD_FS,
2038  "Failed to unlink %s: %s",
2039  unverified_fname, strerror(errno));
2040  }
2041  }
2042  goto done;
2043  } else {
2044  /* This can never be signed enough: Kill it. */
2045  if (!was_waiting_for_certs) {
2046  log_warn(LD_DIR, "Not enough good signatures on networkstatus "
2047  "consensus");
2048  result = -2;
2049  }
2050  if (was_waiting_for_certs && (r < -1) && from_cache) {
2051  if (unlink(unverified_fname) != 0) {
2052  log_debug(LD_FS,
2053  "Failed to unlink %s: %s",
2054  unverified_fname, strerror(errno));
2055  }
2056  }
2057  goto done;
2058  }
2059  }
2060 
2061  /* Signatures from the consensus are verified */
2062  if (from_cache && was_waiting_for_certs) {
2063  /* We check if the consensus is loaded from disk cache and that it
2064  * it is an unverified consensus. If it is unverified, rename it to
2065  * cached-*-consensus since it has been verified. */
2066  log_info(LD_DIR, "Unverified consensus signatures verified.");
2067  tor_rename(unverified_fname, consensus_fname);
2068  }
2069 
2070  if (!from_cache && flav == usable_consensus_flavor())
2071  control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
2072 
2073  if (!checked_protocols_already) {
2074  handle_missing_protocol_warning(c, options);
2075  }
2076 
2077  /* Are we missing any certificates at all? */
2078  if (r != 1 && dl_certs)
2079  authority_certs_fetch_missing(c, now, source_dir);
2080 
2081  const int is_usable_flavor = flav == usable_consensus_flavor();
2082 
2083  /* Before we switch to the new consensus, notify that we are about to change
2084  * it using the old consensus and the new one. */
2085  if (is_usable_flavor) {
2086  notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
2087  c);
2088  }
2089  if (flav == FLAV_NS) {
2090  if (current_ns_consensus) {
2092  networkstatus_vote_free(current_ns_consensus);
2093  /* Defensive programming : we should set current_ns_consensus very soon
2094  * but we're about to call some stuff in the meantime, and leaving this
2095  * dangling pointer around has proven to be trouble. */
2096  current_ns_consensus = NULL;
2097  }
2099  free_consensus = 0; /* avoid free */
2100  } else if (flav == FLAV_MICRODESC) {
2101  if (current_md_consensus) {
2103  networkstatus_vote_free(current_md_consensus);
2104  /* more defensive programming */
2105  current_md_consensus = NULL;
2106  }
2108  free_consensus = 0; /* avoid free */
2109  }
2110 
2111  waiting = &consensus_waiting_for_certs[flav];
2112  if (waiting->consensus &&
2113  waiting->consensus->valid_after <= c->valid_after) {
2114  networkstatus_vote_free(waiting->consensus);
2115  waiting->consensus = NULL;
2116  waiting->set_at = 0;
2117  waiting->dl_failed = 0;
2118  if (unlink(unverified_fname) != 0) {
2119  log_debug(LD_FS,
2120  "Failed to unlink %s: %s",
2121  unverified_fname, strerror(errno));
2122  }
2123  }
2124 
2125  if (is_usable_flavor) {
2126  /* Notify that we just changed the consensus so the current global value
2127  * can be looked at. */
2128  notify_after_networkstatus_changes();
2129 
2130  /* The "current" consensus has just been set and it is a usable flavor so
2131  * the first thing we need to do is recalculate the voting schedule static
2132  * object so we can use the timings in there needed by some subsystems
2133  * such as hidden service and shared random. */
2134  voting_schedule_recalculate_timing(options, now);
2135  reschedule_dirvote(options);
2136 
2138 
2140 
2141  /* Change the cell EWMA settings */
2142  cmux_ewma_set_options(options, c);
2143 
2144  /* XXXX this call might be unnecessary here: can changing the
2145  * current consensus really alter our view of any OR's rate limits? */
2146  connection_or_update_token_buckets(get_connection_array(), options);
2147 
2150  channelpadding_new_consensus_params(c);
2152  }
2153 
2154  /* Reset the failure count only if this consensus is actually valid. */
2155  if (c->valid_after <= now && now <= c->valid_until) {
2157  } else {
2158  if (!from_cache)
2160  }
2161 
2162  if (we_want_to_fetch_flavor(options, flav)) {
2163  if (dir_server_mode(get_options())) {
2165  consensus_len,
2166  flavor,
2167  &c->digests,
2169  c->valid_after);
2170 
2171  consdiffmgr_add_consensus(consensus, consensus_len, c);
2172  }
2173  }
2174 
2175  if (!from_cache) {
2176  write_bytes_to_file(consensus_fname, consensus, consensus_len, 1);
2177  }
2178 
2179  warn_early_consensus(c, flavor, now);
2180 
2181  /* We got a new consesus. Reset our md fetch fail cache */
2183 
2185 
2186  result = 0;
2187  done:
2188  if (free_consensus)
2189  networkstatus_vote_free(c);
2190  tor_free(consensus_fname);
2191  tor_free(unverified_fname);
2192  return result;
2193 }
2194 
2202 void
2203 networkstatus_note_certs_arrived(const char *source_dir)
2204 {
2205  int i;
2206  for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
2207  const char *flavor_name = networkstatus_get_flavor_name(i);
2209  if (!waiting->consensus)
2210  continue;
2211  if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
2212  char *fname = networkstatus_get_cache_fname(i, flavor_name, 1);
2213  reload_consensus_from_file(fname, flavor_name,
2214  NSSET_WAS_WAITING_FOR_CERTS, source_dir);
2215  tor_free(fname);
2216  }
2217  }
2218 }
2219 
2225 void
2226 routers_update_all_from_networkstatus(time_t now, int dir_version)
2227 {
2229  networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
2230  FLAV_NS);
2231 
2232  if (!consensus || dir_version < 3) /* nothing more we should do */
2233  return;
2234 
2235  /* calls router_dir_info_changed() when it's done -- more routers
2236  * might be up or down now, which might affect whether there's enough
2237  * directory info. */
2239 
2241  ri->cache_info.routerlist_index = ri_sl_idx);
2242  if (rl->old_routers)
2244 
2246  int is_server = server_mode(get_options());
2247  version_status_t status;
2248  const char *recommended = is_server ?
2249  consensus->server_versions : consensus->client_versions;
2250  status = tor_version_is_obsolete(VERSION, recommended);
2251 
2252  if (status == VS_RECOMMENDED) {
2253  log_info(LD_GENERAL, "The directory authorities say my version is ok.");
2254  } else if (status == VS_EMPTY) {
2255  log_info(LD_GENERAL,
2256  "The directory authorities don't recommend any versions.");
2257  } else if (status == VS_NEW || status == VS_NEW_IN_SERIES) {
2259  log_notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
2260  "recommended version%s, according to the directory "
2261  "authorities. Recommended versions are: %s",
2262  VERSION,
2263  status == VS_NEW_IN_SERIES ? " in its series" : "",
2264  recommended);
2266  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2267  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2268  VERSION, "NEW", recommended);
2269  }
2270  } else {
2271  log_warn(LD_GENERAL, "Please upgrade! "
2272  "This version of Tor (%s) is %s, according to the directory "
2273  "authorities. Recommended versions are: %s",
2274  VERSION,
2275  status == VS_OLD ? "obsolete" : "not recommended",
2276  recommended);
2278  control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
2279  "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2280  VERSION, status == VS_OLD ? "OBSOLETE" : "UNRECOMMENDED",
2281  recommended);
2282  }
2283  }
2284 }
2285 
2289 void
2291  int reset_failures)
2292 {
2293  const or_options_t *options = get_options();
2294  int authdir = authdir_mode_v3(options);
2295  networkstatus_t *ns = networkstatus_get_latest_consensus();
2296  if (!ns || !smartlist_len(ns->routerstatus_list))
2297  return;
2298 
2299  routers_sort_by_identity(routers);
2300 
2301  SMARTLIST_FOREACH_JOIN(ns->routerstatus_list, routerstatus_t *, rs,
2302  routers, routerinfo_t *, router,
2303  tor_memcmp(rs->identity_digest,
2304  router->cache_info.identity_digest, DIGEST_LEN),
2305  {
2306  }) {
2307  /* Is it the same descriptor, or only the same identity? */
2308  if (tor_memeq(router->cache_info.signed_descriptor_digest,
2309  rs->descriptor_digest, DIGEST_LEN)) {
2310  if (ns->valid_until > router->cache_info.last_listed_as_valid_until)
2311  router->cache_info.last_listed_as_valid_until = ns->valid_until;
2312  }
2313 
2314  if (authdir) {
2315  /* If we _are_ an authority, we should check whether this router
2316  * is one that will cause us to need a reachability test. */
2317  routerinfo_t *old_router =
2318  router_get_mutable_by_digest(router->cache_info.identity_digest);
2319  if (old_router != router) {
2320  router->needs_retest_if_added =
2321  dirserv_should_launch_reachability_test(router, old_router);
2322  }
2323  }
2324  if (reset_failures) {
2325  download_status_reset(&rs->dl_status);
2326  }
2327  } SMARTLIST_FOREACH_JOIN_END(rs, router);
2328 
2330 }
2331 
2334 void
2336 {
2338  if (!ns)
2339  return;
2340 
2341  if (!ns->desc_digest_map) {
2342  char dummy[DIGEST_LEN];
2343  /* instantiates the digest map. */
2344  memset(dummy, 0, sizeof(dummy));
2346  }
2348  {
2349  const routerstatus_t *rs = digestmap_get(ns->desc_digest_map,
2350  d->signed_descriptor_digest);
2351  if (rs) {
2352  if (ns->valid_until > d->last_listed_as_valid_until)
2353  d->last_listed_as_valid_until = ns->valid_until;
2354  }
2355  });
2356 }
2357 
2361 char *
2363 {
2364  return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT,
2365  ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
2366  NULL);
2367 }
2368 
2377 void
2379  const node_t *node,
2380  const routerinfo_t *ri)
2381 {
2382  memset(rs, 0, sizeof(routerstatus_t));
2383 
2384  rs->is_authority =
2385  router_digest_is_trusted_dir(ri->cache_info.identity_digest);
2386 
2387  /* Set by compute_performance_thresholds or from consensus */
2388  rs->is_exit = node->is_exit;
2389  rs->is_stable = node->is_stable;
2390  rs->is_fast = node->is_fast;
2391  rs->is_flagged_running = node->is_running;
2392  rs->is_valid = node->is_valid;
2394  rs->is_bad_exit = node->is_bad_exit;
2395  rs->is_hs_dir = node->is_hs_dir;
2396  rs->is_named = rs->is_unnamed = 0;
2397 
2398  rs->published_on = ri->cache_info.published_on;
2399  memcpy(rs->identity_digest, node->identity, DIGEST_LEN);
2400  memcpy(rs->descriptor_digest, ri->cache_info.signed_descriptor_digest,
2401  DIGEST_LEN);
2402  rs->addr = ri->addr;
2403  strlcpy(rs->nickname, ri->nickname, sizeof(rs->nickname));
2404  rs->or_port = ri->or_port;
2405  rs->dir_port = ri->dir_port;
2406  rs->is_v2_dir = ri->supports_tunnelled_dir_requests;
2407 
2408  tor_addr_copy(&rs->ipv6_addr, &ri->ipv6_addr);
2409  rs->ipv6_orport = ri->ipv6_orport;
2410 }
2411 
2419 char *
2420 networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
2421 {
2422  const time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
2423  char *answer;
2425  smartlist_t *statuses;
2426  const uint8_t purpose = router_purpose_from_string(purpose_string);
2427  routerstatus_t rs;
2428 
2429  if (purpose == ROUTER_PURPOSE_UNKNOWN) {
2430  log_info(LD_DIR, "Unrecognized purpose '%s' when listing router statuses.",
2431  purpose_string);
2432  return NULL;
2433  }
2434 
2435  statuses = smartlist_new();
2437  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
2438  if (!node)
2439  continue;
2440  if (ri->cache_info.published_on < cutoff)
2441  continue;
2442  if (ri->purpose != purpose)
2443  continue;
2444  set_routerstatus_from_routerinfo(&rs, node, ri);
2446  } SMARTLIST_FOREACH_END(ri);
2447 
2448  answer = smartlist_join_strings(statuses, "", 0, NULL);
2449  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2450  smartlist_free(statuses);
2451  return answer;
2452 }
2453 
2454 /* DOCDOC get_net_param_from_list */
2455 static int32_t
2456 get_net_param_from_list(smartlist_t *net_params, const char *param_name,
2457  int32_t default_val, int32_t min_val, int32_t max_val)
2458 {
2459  int32_t res = default_val;
2460  size_t name_len = strlen(param_name);
2461 
2462  tor_assert(max_val > min_val);
2463  tor_assert(min_val <= default_val);
2464  tor_assert(max_val >= default_val);
2465 
2466  SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) {
2467  if (!strcmpstart(p, param_name) && p[name_len] == '=') {
2468  int ok=0;
2469  long v = tor_parse_long(p+name_len+1, 10, INT32_MIN,
2470  INT32_MAX, &ok, NULL);
2471  if (ok) {
2472  res = (int32_t) v;
2473  break;
2474  }
2475  }
2476  } SMARTLIST_FOREACH_END(p);
2477 
2478  if (res < min_val) {
2479  log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to "
2480  "%d.", param_name, res, min_val);
2481  res = min_val;
2482  } else if (res > max_val) {
2483  log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to "
2484  "%d.", param_name, res, max_val);
2485  res = max_val;
2486  }
2487 
2488  tor_assert(res >= min_val);
2489  tor_assert(res <= max_val);
2490  return res;
2491 }
2492 
2500 MOCK_IMPL(int32_t,
2501 networkstatus_get_param, (const networkstatus_t *ns, const char *param_name,
2502  int32_t default_val, int32_t min_val, int32_t max_val))
2503 {
2504  if (!ns) /* if they pass in null, go find it ourselves */
2505  ns = networkstatus_get_latest_consensus();
2506 
2507  if (!ns || !ns->net_params)
2508  return default_val;
2509 
2510  return get_net_param_from_list(ns->net_params, param_name,
2511  default_val, min_val, max_val);
2512 }
2513 
2519 int32_t
2521  int32_t torrc_value,
2522  const char *param_name,
2523  int32_t default_val,
2524  int32_t min_val, int32_t max_val)
2525 {
2526  if (torrc_value >= min_val && torrc_value <= max_val)
2527  return torrc_value;
2528  else
2529  return networkstatus_get_param(
2530  ns, param_name, default_val, min_val, max_val);
2531 }
2532 
2539 int
2541 {
2542  return networkstatus_get_param(ns, "bwweightscale",
2544  BW_MIN_WEIGHT_SCALE,
2545  BW_MAX_WEIGHT_SCALE);
2546 }
2547 
2552 int32_t
2553 networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name,
2554  int32_t default_val)
2555 {
2556  int32_t param;
2557  int max;
2558  if (!ns) /* if they pass in null, go find it ourselves */
2559  ns = networkstatus_get_latest_consensus();
2560 
2561  if (!ns || !ns->weight_params)
2562  return default_val;
2563 
2565  param = get_net_param_from_list(ns->weight_params, weight_name,
2566  default_val, -1,
2567  BW_MAX_WEIGHT_SCALE);
2568  if (param > max) {
2569  log_warn(LD_DIR, "Value of consensus weight %s was too large, capping "
2570  "to %d", weight_name, max);
2571  param = max;
2572  }
2573  return param;
2574 }
2575 
2578 const char *
2580 {
2581  switch (flav) {
2582  case FLAV_NS:
2583  return "ns";
2584  case FLAV_MICRODESC:
2585  return "microdesc";
2586  default:
2588  return "??";
2589  }
2590 }
2591 
2594 int
2595 networkstatus_parse_flavor_name(const char *flavname)
2596 {
2597  if (!strcmp(flavname, "ns"))
2598  return FLAV_NS;
2599  else if (!strcmp(flavname, "microdesc"))
2600  return FLAV_MICRODESC;
2601  else
2602  return -1;
2603 }
2604 
2608 int
2610 {
2611  if (!rs->is_flagged_running) {
2612  /* If we had this router descriptor, we wouldn't even bother using it.
2613  * (Fetching and storing depends on by we_want_to_fetch_flavor().) */
2614  return 0;
2615  }
2616  if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
2617  /* We'd drop it immediately for being too old. */
2618  return 0;
2619  }
2620  if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
2621  /* We'd ignore it because it doesn't support EXTEND2 cells.
2622  * If we don't know the version, download the descriptor so we can
2623  * check if it supports EXTEND2 cells and ntor. */
2624  return 0;
2625  }
2626  return 1;
2627 }
2628 
2633 int
2635  const char *question, char **answer,
2636  const char **errmsg)
2637 {
2638  const routerstatus_t *status;
2639  (void) conn;
2640 
2641  if (!networkstatus_get_latest_consensus()) {
2642  *answer = tor_strdup("");
2643  return 0;
2644  }
2645 
2646  if (!strcmp(question, "ns/all")) {
2647  smartlist_t *statuses = smartlist_new();
2648  SMARTLIST_FOREACH(networkstatus_get_latest_consensus()->routerstatus_list,
2649  const routerstatus_t *, rs,
2650  {
2652  });
2653  *answer = smartlist_join_strings(statuses, "", 0, NULL);
2654  SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
2655  smartlist_free(statuses);
2656  return 0;
2657  } else if (!strcmpstart(question, "ns/id/")) {
2658  char d[DIGEST_LEN];
2659  const char *q = question + 6;
2660  if (*q == '$')
2661  ++q;
2662 
2663  if (base16_decode(d, DIGEST_LEN, q, strlen(q)) != DIGEST_LEN) {
2664  *errmsg = "Data not decodeable as hex";
2665  return -1;
2666  }
2668  } else if (!strcmpstart(question, "ns/name/")) {
2669  const node_t *n = node_get_by_nickname(question+8, 0);
2670  status = n ? n->rs : NULL;
2671  } else if (!strcmpstart(question, "ns/purpose/")) {
2672  *answer = networkstatus_getinfo_by_purpose(question+11, time(NULL));
2673  return *answer ? 0 : -1;
2674  } else if (!strcmp(question, "consensus/packages")) {
2675  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2676  if (ns && ns->package_lines)
2677  *answer = smartlist_join_strings(ns->package_lines, "\n", 0, NULL);
2678  else
2679  *errmsg = "No consensus available";
2680  return *answer ? 0 : -1;
2681  } else if (!strcmp(question, "consensus/valid-after") ||
2682  !strcmp(question, "consensus/fresh-until") ||
2683  !strcmp(question, "consensus/valid-until")) {
2684  const networkstatus_t *ns = networkstatus_get_latest_consensus();
2685  if (ns) {
2686  time_t t;
2687  if (!strcmp(question, "consensus/valid-after"))
2688  t = ns->valid_after;
2689  else if (!strcmp(question, "consensus/fresh-until"))
2690  t = ns->fresh_until;
2691  else
2692  t = ns->valid_until;
2693 
2694  char tbuf[ISO_TIME_LEN+1];
2695  format_iso_time(tbuf, t);
2696  *answer = tor_strdup(tbuf);
2697  } else {
2698  *errmsg = "No consensus available";
2699  }
2700  return *answer ? 0 : -1;
2701  } else {
2702  return 0;
2703  }
2704 
2705  if (status)
2706  *answer = networkstatus_getinfo_helper_single(status);
2707  return 0;
2708 }
2709 
2716 int
2718  int client_mode,
2719  char **warning_out)
2720 {
2721  const char *func = client_mode ? "client" : "relay";
2722  const char *required, *recommended;
2723  char *missing = NULL;
2724 
2725  const bool consensus_postdates_this_release =
2727 
2728  tor_assert(warning_out);
2729 
2730  if (client_mode) {
2731  required = ns->required_client_protocols;
2732  recommended = ns->recommended_client_protocols;
2733  } else {
2734  required = ns->required_relay_protocols;
2735  recommended = ns->recommended_relay_protocols;
2736  }
2737 
2738  if (!protover_all_supported(required, &missing)) {
2739  tor_asprintf(warning_out, "At least one protocol listed as required in "
2740  "the consensus is not supported by this version of Tor. "
2741  "You should upgrade. This version of Tor will not work as a "
2742  "%s on the Tor network. The missing protocols are: %s",
2743  func, missing);
2744  tor_free(missing);
2745  return consensus_postdates_this_release ? 1 : 0;
2746  }
2747 
2748  if (! protover_all_supported(recommended, &missing)) {
2749  tor_asprintf(warning_out, "At least one protocol listed as recommended in "
2750  "the consensus is not supported by this version of Tor. "
2751  "You should upgrade. This version of Tor will eventually "
2752  "stop working as a %s on the Tor network. The missing "
2753  "protocols are: %s",
2754  func, missing);
2755  tor_free(missing);
2756  }
2757 
2758  tor_assert_nonfatal(missing == NULL);
2759 
2760  return 0;
2761 }
2762 
2764 void
2766 {
2767  int i;
2768  networkstatus_vote_free(current_ns_consensus);
2769  networkstatus_vote_free(current_md_consensus);
2771 
2772  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
2774  if (waiting->consensus) {
2775  networkstatus_vote_free(waiting->consensus);
2776  waiting->consensus = NULL;
2777  }
2778  }
2779 }
STATIC networkstatus_t * current_ns_consensus
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:603
Header file for circuitstats.c.
int directory_fetches_dir_info_early(const or_options_t *options)
Definition: dirserv.c:105
networkstatus_type_t type
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
routerstatus_t * router_get_mutable_consensus_status_by_id(const char *digest)
Header file for dirclient.c.
smartlist_t * old_routers
Definition: routerlist_st.h:30
unsigned int is_fast
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
unsigned int is_valid
Format routerstatus entries for controller, vote, or consensus.
Header file for circuitbuild.c.
int we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
Common functions for using (pseudo-)random number generators.
digest_algorithm_t alg
Definition: node_st.h:28
Header file for voteflags.c.
version_status_t tor_version_is_obsolete(const char *myversion, const char *versionlist)
Definition: versions.c:53
unsigned int is_hs_dir
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define TO_CONN(c)
Definition: or.h:735
networkstatus_sr_info_t sr_info
unsigned int name_lookup_warned
Definition: node_st.h:72
void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns)
Definition: circuitstats.c:430
#define BW_WEIGHT_SCALE
Definition: or.h:1008
download_want_authority_t
Definition: or.h:778
int dir_server_mode(const or_options_t *options)
Definition: routermode.c:20
Header file for node_select.c.
void format_local_iso_time(char *buf, time_t t)
Definition: time_fmt.c:285
void download_status_reset(download_status_t *dls)
Definition: dlstatus.c:359
void router_dir_info_changed(void)
Definition: nodelist.c:2330
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1053
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Definition: ns_parse.c:1060
Header file for connection.c.
void networkstatus_note_certs_arrived(const char *source_dir)
#define LD_GENERAL
Definition: log.h:59
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
Definition: reachability.c:101
uint8_t state
Definition: connection_st.h:44
char identity_digest[DIGEST_LEN]
#define LOG_INFO
Definition: log.h:42
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:55
Header file for nodelist.c.
STATIC void warn_early_consensus(const networkstatus_t *c, const char *flavor, time_t now)
char * networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
void scheduler_notify_networkstatus_changed(void)
Definition: scheduler.c:468
int we_want_to_fetch_flavor(const or_options_t *options, int flavor)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:632
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
int networkstatus_consensus_can_use_multiple_directories(const or_options_t *options)
int directory_caches_unknown_auth_certs(const or_options_t *options)
Definition: dirserv.c:128
version_status_t
Definition: versions.h:17
void cmux_ewma_set_options(const or_options_t *options, const networkstatus_t *consensus)
static void update_consensus_bootstrap_attempt_downloads(time_t now, download_status_t *dls, download_want_authority_t want_authority)
MOCK_IMPL(const routerstatus_t *, networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
void voting_schedule_recalculate_timing(const or_options_t *options, time_t now)
Header file for config.c.
Header file for authcert.c.
smartlist_t * net_params
char * networkstatus_getinfo_helper_single(const routerstatus_t *rs)
uint8_t digest_sha3_as_signed[DIGEST256_LEN]
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
#define DIR_CONN_STATE_CLIENT_READING
Definition: directory.h:23
int format_time_interval(char *out, size_t out_len, long interval)
Definition: time_fmt.c:481
struct connection_t * linked_conn
#define OLD_ROUTER_DESC_MAX_AGE
Definition: or.h:164
Header file for microdesc.c.
void signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
routerinfo_t * router_get_mutable_by_digest(const char *digest)
Definition: routerlist.c:676
void update_certificate_downloads(time_t now)
void routers_sort_by_identity(smartlist_t *routers)
Definition: routerlist.c:3212
void routers_update_all_from_networkstatus(time_t now, int dir_version)
int directory_fetches_from_authorities(const or_options_t *options)
Definition: dirserv.c:77
char signed_descriptor_digest[DIGEST_LEN]
void document_signature_free_(document_signature_t *sig)
void networkstatus_consensus_download_failed(int status_code, const char *flavname)
static void update_consensus_bootstrap_multiple_downloads(time_t now, const or_options_t *options)
Header file for reachability.c.
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:206
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:83
#define tor_free(p)
Definition: malloc.h:52
#define tor_fragile_assert()
Definition: util_bug.h:241
unsigned int is_possible_guard
Definition: node_st.h:63
void circpad_new_consensus_params(const networkstatus_t *ns)
common_digests_t digests
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, int consensus_method, const vote_routerstatus_t *vrs)
#define LOG_NOTICE
Definition: log.h:47
void update_microdescs_from_networkstatus(time_t now)
Definition: microdesc.c:1031
int networkstatus_valid_until_is_reasonably_live(time_t valid_until, time_t now)
unsigned int is_stable
Definition: node_st.h:62
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
Header file for mainloop.c.
size_t size
Definition: mmap.h:26
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:57
static smartlist_t * router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
#define DELAY_WHILE_FETCHING_CERTS
int download_status_is_ready(download_status_t *dls, time_t now)
Definition: dlstatus.c:376
unsigned int is_valid
Definition: node_st.h:59
Header file for versions.c.
Header file for scheduler*.c.
signed_descriptor_t cache_info
time_t download_status_increment_attempt(download_status_t *dls, const char *item, time_t now)
Definition: dlstatus.c:304
unsigned int is_authority
int control_event_newconsensus(const networkstatus_t *consensus)
static int routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
unsigned int is_exit
Definition: node_st.h:64
smartlist_t * weight_params
void update_consensus_networkstatus_fetch_time(time_t now)
Header file for directory authority mode.
void microdesc_reset_outdated_dirservers_list(void)
Definition: microdesc.c:184
int networkstatus_parse_flavor_name(const char *flavname)
STATIC networkstatus_t * current_md_consensus
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for hibernate.c.
static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]
int directory_fetches_dir_info_later(const or_options_t *options)
Definition: dirserv.c:117
int control_event_general_status(int severity, const char *format,...)
unsigned int is_named
download_schedule_bitfield_t schedule
Common functions for cryptographic routines.
Header file for channel.c.
tor_assert(buffer)
char signing_key_digest[DIGEST_LEN]
unsigned int is_running
Definition: node_st.h:57
int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, int32_t default_val)
#define STMT_NIL
int networkstatus_valid_after_is_reasonably_live(time_t valid_after, time_t now)
struct vote_microdesc_hash_t * next
Header file for routermode.c.
int tor_memcmp(const void *a, const void *b, size_t len)
Definition: di_ops.c:31
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
unsigned int is_unnamed
Header file for circuitpadding.c.
unsigned int is_hs_dir
Definition: node_st.h:67
#define DIGEST_LEN
Definition: digest_sizes.h:20
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
char identity[DIGEST_LEN]
Definition: node_st.h:40
uint8_t router_purpose_from_string(const char *s)
Definition: routerinfo.c:69
Header file for circuitbuild.c.
void vote_routerstatus_free_(vote_routerstatus_t *rs)
Master header file for Tor-specific functionality.
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
Definition: connection.c:4576
void authority_certs_fetch_missing(networkstatus_t *status, time_t now, const char *dir_hint)
Definition: authcert.c:855
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
const char * data
Definition: mmap.h:25
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS]
int options_any_client_port_set(const or_options_t *options)
Definition: config.c:8504
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS]
int crypto_rand_int(unsigned int max)
static void update_consensus_networkstatus_downloads(time_t now)
smartlist_t * supported_methods
void networkstatus_reset_warnings(void)
char signing_key_digest[DIGEST_LEN]
crypto_pk_t * signing_key
void networkstatus_reset_download_failures(void)
tor_addr_t ipv6_addr
#define LOG_WARN
Definition: log.h:50
unsigned int type
Definition: connection_st.h:45
#define PDS_RETRY_IF_NO_SERVERS
Definition: node_select.h:48
char nickname[MAX_NICKNAME_LEN+1]
int ClientBootstrapConsensusMaxInProgressTries
int pt_proxies_configuration_pending(void)
Definition: transports.c:371
int router_reload_consensus_networkstatus(void)
Header file for circuitmux_ewma.c.
void routers_update_status_from_consensus_networkstatus(smartlist_t *routers, int reset_failures)
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE
unsigned int is_exit
#define RFTS_IGNORE_MISSING
Definition: files.h:97
int compare_digest_to_vote_routerstatus_entry(const void *_key, const void **_member)
smartlist_t * known_flags
Header file for voting_schedule.c.
int control_event_client_status(int severity, const char *format,...)
Headers for transports.c.
int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
void * smartlist_bsearch(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member))
Definition: smartlist.c:411
static void handle_missing_protocol_warning_impl(const networkstatus_t *c, int is_client)
static int reload_consensus_from_file(const char *fname, const char *flavor, unsigned flags, const char *source_dir)
int authority_cert_dl_looks_uncertain(const char *id_digest)
Definition: authcert.c:765
static void handle_missing_protocol_warning(const networkstatus_t *c, const or_options_t *options)
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS
Definition: dirvote.h:76
Headers and type declarations for protover.c.
smartlist_t * voters
static int have_warned_about_old_version
void networkstatus_vote_free_(networkstatus_t *ns)
#define LOG_ERR
Definition: log.h:53
int FetchUselessDescriptors
#define LD_FS
Definition: log.h:67
smartlist_t * routerstatus_list
char descriptor_digest[DIGEST256_LEN]
unsigned int is_possible_guard
#define LD_DIR
Definition: log.h:85
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
time_t tor_get_approx_release_date(void)
Definition: versions.c:25
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Definition: authcert.c:650
Header file for connection_edge.c.
char identity_digest[DIGEST_LEN]
Header file for ns_parse.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
int32_t networkstatus_get_overridable_param(const networkstatus_t *ns, int32_t torrc_value, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:162
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
#define download_status_failed(dls, sc)
Definition: dlstatus.h:22
Header file for dirvote.c.
Header file for relay.c.
Header file for circuitmux.c.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
static int networkstatus_check_required_protocols(const networkstatus_t *ns, int client_mode, char **warning_out)
const char * escaped(const char *s)
Definition: escape.c:126
int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out)
char * nickname
Definition: routerinfo_st.h:17
consensus_flavor_t
Definition: or.h:863
Header file for dlstatus.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
Definition: circuitstats.c:89
void update_networkstatus_downloads(time_t now)
unsigned int is_stable
uint16_t dir_port
Definition: routerinfo_st.h:21
int control_event_is_interesting(int event)
struct consensus_waiting_for_certs_t consensus_waiting_for_certs_t
routerstatus_t * networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int protover_all_supported(const char *s, char **missing_out)
Definition: protover.c:748
Definition: or.h:890
int authority_cert_is_blacklisted(const authority_cert_t *cert)
Definition: authcert.c:746
vote_microdesc_hash_t * microdesc
char identity_digest[DIGEST_LEN]
time_t approx_time(void)
Definition: approx_time.c:32
int consensus_is_waiting_for_certs(void)
smartlist_t * package_lines
Header file for dirlist.c.
void set_routerstatus_from_routerinfo(routerstatus_t *rs, const node_t *node, const routerinfo_t *ri)
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:56
#define N_CONSENSUS_FLAVORS
Definition: or.h:869
uint32_t addr
Definition: routerinfo_st.h:19
int directory_caches_dir_info(const or_options_t *options)
Definition: dirserv.c:143
static void networkstatus_copy_old_consensus_info(networkstatus_t *new_c, const networkstatus_t *old_c)
void networkstatus_free_all(void)
int networkstatus_get_weight_scale_param(networkstatus_t *ns)
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:506
static char * networkstatus_get_cache_fname(int flav, const char *flavorname, int unverified_consensus)
uint16_t ipv6_orport
Header file for connection_or.c.
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING
unsigned int is_flagged_running
static tor_mmap_t * networkstatus_map_cached_consensus_impl(int flav, const char *flavorname, int unverified_consensus)
unsigned int is_bad_exit
Definition: node_st.h:65
int tor_rename(const char *path_old, const char *path_new)
Definition: files.c:103
#define AP_CONN_STATE_IS_UNATTACHED(s)
static int have_warned_about_new_version
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:27
char * recommended_relay_protocols
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:903
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
digestmap_t * desc_digest_map
#define CONN_TYPE_AP
Definition: connection.h:31
void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, size_t networkstatus_len, const char *flavor_name, const common_digests_t *digests, const uint8_t *sha3_as_signed, time_t published)
Definition: dirserv.c:236
static void notify_control_networkstatus_changed(const networkstatus_t *old_c, const networkstatus_t *new_c)
Header file for routerinfo.c.
document_signature_t * document_signature_dup(const document_signature_t *sig)
int client_would_use_router(const routerstatus_t *rs, time_t now)
static int connection_dir_count_by_purpose_and_resource(int purpose, const char *resource)
Definition: connection.h:272
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
Header file for control_events.c.
unsigned int is_bad_exit
int FetchDirInfoExtraEarly
smartlist_t * bw_file_headers
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
struct authority_cert_t * cert
void routerstatus_free_(routerstatus_t *rs)
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:83
int control_event_networkstatus_changed(smartlist_t *statuses)
smartlist_t * routers
Definition: routerlist_st.h:27
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member), int *found_out)
Definition: smartlist.c:428
Header file for routerlist.c.
uint16_t or_port
Definition: routerinfo_st.h:20
int compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
tor_mmap_t * networkstatus_map_cached_consensus(const char *flavorname)