39 #define NETWORKSTATUS_PRIVATE 44 #include "core/mainloop/netstatus.h" 46 #include "core/or/channelpadding.h" 53 #include "core/or/dos.h" 63 #include "feature/dircache/consdiffmgr.h" 80 #include "feature/nodelist/torcert.h" 87 #include "feature/dirauth/shared_random.h" 90 #include "feature/nodelist/authority_cert_st.h" 91 #include "feature/dircommon/dir_connection_st.h" 92 #include "feature/dirclient/dir_server_st.h" 93 #include "feature/nodelist/document_signature_st.h" 94 #include "feature/nodelist/networkstatus_st.h" 95 #include "feature/nodelist/networkstatus_voter_info_st.h" 96 #include "feature/dirauth/ns_detached_signatures_st.h" 97 #include "feature/nodelist/node_st.h" 98 #include "feature/nodelist/routerinfo_st.h" 99 #include "feature/nodelist/routerlist_st.h" 100 #include "feature/dirauth/vote_microdesc_hash_st.h" 101 #include "feature/nodelist/vote_routerstatus_st.h" 142 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
143 DL_SCHED_INCREMENT_FAILURE, 0, 0 },
144 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
145 DL_SCHED_INCREMENT_FAILURE, 0, 0 },
148 #define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2 149 #define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0 150 #define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1 159 consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
161 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
162 DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
164 { 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
165 DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
184 const char *source_dir);
207 "In networkstatus_reset_download_failures()");
212 for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
219 const char *flavorname,
220 int unverified_consensus)
224 if (unverified_consensus) {
225 prefix =
"unverified";
229 if (flav == FLAV_NS) {
232 tor_snprintf(buf,
sizeof(buf),
"%s-%s-consensus", prefix, flavorname);
235 return get_cachedir_fname(buf);
244 const char *flavorname,
245 int unverified_consensus)
249 unverified_consensus);
270 const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
282 flags | NSSET_WAS_WAITING_FOR_CERTS,
350 tor_free(ns->recommended_client_protocols);
352 tor_free(ns->required_client_protocols);
353 tor_free(ns->required_relay_protocols);
382 document_signature_free(sig));
383 smartlist_free(voter->sigs);
386 } SMARTLIST_FOREACH_END(voter);
387 smartlist_free(ns->
voters);
389 authority_cert_free(ns->
cert);
392 if (ns->
type == NS_TYPE_VOTE || ns->
type == NS_TYPE_OPINION) {
394 vote_routerstatus_free(rs));
397 routerstatus_free(rs));
411 dirvote_clear_commits(ns);
425 const char *identity)
427 if (!vote || !vote->
voters)
430 if (fast_memeq(voter->identity_digest, identity,
DIGEST_LEN))
439 digest_algorithm_t alg)
461 size_t signed_digest_len;
474 log_warn(
LD_DIR,
"Ignoring a consensus signature made with deprecated" 482 signed_digest = tor_malloc(signed_digest_len);
488 tor_memneq(signed_digest, consensus->
digests.d[sig->
alg], dlen)) {
489 log_warn(
LD_DIR,
"Got a bad signature on a networkstatus vote");
511 int n_missing_key = 0, n_dl_failed_key = 0;
514 int n_no_signature = 0;
516 int n_required = n_v3_authorities/2 + 1;
521 smartlist_t *missing_authorities = smartlist_new();
523 time_t now = time(NULL);
531 int unknown_here = 0;
532 int missing_key_here = 0, dl_failed_key_here = 0;
534 if (!sig->good_signature && !sig->bad_signature &&
537 int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
538 sig->identity_digest) != NULL;
541 sig->signing_key_digest);
549 }
else if (!cert || cert->
expires < now) {
553 ++dl_failed_key_here;
560 ++dl_failed_key_here;
564 if (sig->good_signature)
566 else if (sig->bad_signature)
568 } SMARTLIST_FOREACH_END(sig);
573 }
else if (bad_here) {
575 }
else if (missing_key_here) {
577 if (dl_failed_key_here)
579 }
else if (unknown_here) {
585 } SMARTLIST_FOREACH_END(voter);
596 if (warn > 1 || (warn >= 0 &&
597 (n_good + n_missing_key - n_dl_failed_key < n_required))) {
606 tor_log(severity,
LD_DIR,
"Consensus includes unrecognized authority " 607 "'%s' at %s:%d (contact %s; identity %s)",
608 voter->nickname, voter->address, (
int)voter->dir_port,
609 voter->contact?voter->contact:
"n/a",
614 tor_log(severity,
LD_DIR,
"Looks like we need to download a new " 615 "certificate from authority '%s' at %s:%d (contact %s; " 617 voter->nickname, voter->address, (
int)voter->dir_port,
618 voter->contact?voter->contact:
"n/a",
623 tor_log(severity,
LD_DIR,
"Consensus does not include configured " 624 "authority '%s' at %s:%d (identity %s)",
625 ds->nickname, ds->address, (
int)ds->dir_port,
633 "A consensus needs %d good signatures from recognized " 634 "authorities for us to accept it. " 635 "This %s one has %d (%s).",
640 if (n_no_signature) {
643 "%d (%s) of the authorities we know didn't sign it.",
644 n_no_signature, tmp);
649 "It has %d signatures from authorities we don't " 650 "recognize.", n_unknown);
654 "correctly.", n_bad);
658 "We were unable to check %d of the signatures, " 659 "because we were missing the keys.", n_missing_key);
669 smartlist_free(list_good);
670 smartlist_free(list_no_signature);
671 smartlist_free(unrecognized);
672 smartlist_free(need_certs_from);
673 smartlist_free(missing_authorities);
675 if (n_good == n_v3_authorities)
677 else if (n_good >= n_required)
679 else if (n_good + n_missing_key >= n_required)
687 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60) 694 const char *key = _key;
703 const void **_member)
705 const char *key = _key;
721 networkstatus_vote_find_entry,(
networkstatus_t *ns,
const char *digest))
732 const char *digest,
int *found_out)
742 router_get_mutable_consensus_status_by_descriptor_digest,(
747 consensus = networkstatus_get_latest_consensus();
755 digestmap_set(m, rs->descriptor_digest, rs);
768 return router_get_mutable_consensus_status_by_descriptor_digest(
783 !(digestmap_iter_done(i));
785 digestmap_iter_get(i, &digest, &rs);
797 router_get_descriptor_digests,(
void))
812 router_get_dl_status_by_descriptor_digest,(
const char *d))
817 if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
819 return &rs->dl_status;
846 #define AUTHORITY_NS_CACHE_INTERVAL (10*60) 850 #define NONAUTHORITY_NS_CACHE_INTERVAL (60*60) 876 return flavor == usable_consensus_flavor();
888 if (authdir_mode_v3(options) ||
904 #define DELAY_WHILE_FETCHING_CERTS (20*60) 908 #define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60) 916 check_consensus_waiting_for_certs(
int flavor, time_t now,
951 const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
953 const int use_multi_conn =
961 const char *resource;
963 int max_in_progress_conns = 1;
968 c = networkstatus_get_latest_consensus_by_flavor(i);
969 if (! (c && c->
valid_after <= now && now <= c->valid_until)) {
980 if (we_are_bootstrapping && use_multi_conn) {
981 max_in_progress_conns =
987 >= max_in_progress_conns) {
993 if (we_are_bootstrapping && use_multi_conn
994 && i == usable_consensus_flavor()) {
997 if (networkstatus_consensus_is_already_downloading(resource))
1020 log_info(
LD_DIR,
"Launching %s standard networkstatus consensus " 1023 ROUTER_PURPOSE_GENERAL, resource,
1042 usable_consensus_flavor());
1050 log_info(
LD_DIR,
"Launching %s bootstrap %s networkstatus consensus " 1051 "download.", resource, (want_authority == DL_WANT_AUTHORITY
1056 ROUTER_PURPOSE_GENERAL, resource,
1075 const int usable_flavor = usable_consensus_flavor();
1094 if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
1096 &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
1098 if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
1101 DL_WANT_ANY_DIRSERVER);
1107 &consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
1109 if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
1132 #define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120 1140 networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
1145 if (c && c->
valid_after <= now && now <= c->valid_until) {
1151 if (min_sec_before_caching > interval/16) {
1156 min_sec_before_caching = interval/16;
1158 if (min_sec_before_caching == 0) {
1159 min_sec_before_caching = 1;
1166 start = (time_t)(c->
fresh_until + min_sec_before_caching);
1170 if (min_sec_before_caching + dl_interval > interval)
1171 dl_interval = interval/2;
1174 dl_interval = interval/2;
1179 start = (time_t)(c->
fresh_until + (interval*3)/4);
1187 start = (time_t)(start + dl_interval + min_sec_before_caching);
1189 dl_interval = (c->
valid_until - start) - min_sec_before_caching;
1193 if (dl_interval < 1)
1199 "fresh_until: %ld start: %ld " 1200 "dl_interval: %ld valid_until: %ld ",
1206 tor_assert(start+dl_interval < c->valid_until);
1210 char tbuf1[ISO_TIME_LEN+1];
1211 char tbuf2[ISO_TIME_LEN+1];
1212 char tbuf3[ISO_TIME_LEN+1];
1216 log_info(
LD_DIR,
"Live %s consensus %s the most recent until %s and " 1217 "will expire at %s; fetching the next one at %s.",
1218 flavor, (c->
fresh_until > now) ?
"will be" :
"was",
1219 tbuf1, tbuf2, tbuf3);
1223 log_info(
LD_DIR,
"No live %s consensus; we should fetch one immediately.",
1257 *msg_out =
"DisableNetwork is set.";
1259 log_info(
LD_DIR,
"Delaying dir fetches (DisableNetwork is set)");
1263 if (we_are_hibernating()) {
1265 *msg_out =
"We are hibernating or shutting down.";
1267 log_info(
LD_DIR,
"Delaying dir fetches (Hibernating or shutting down)");
1274 if (num_bridges_usable(1) == 0) {
1276 *msg_out =
"No running bridges";
1278 log_info(
LD_DIR,
"Delaying dir fetches (no running bridges known)");
1284 *msg_out =
"Pluggable transport proxies still configuring";
1286 log_info(
LD_DIR,
"Delaying dir fetches (pt proxies still configuring)");
1344 const int we_are_bootstrapping =
1345 networkstatus_consensus_is_bootstrapping(time(NULL));
1348 dl = &((we_are_bootstrapping ?
1363 dl = &(consensus_bootstrap_dl_status[flavor]);
1386 networkstatus_get_latest_consensus,(
void))
1401 else if (f == FLAV_MICRODESC)
1412 networkstatus_get_live_consensus,(time_t now))
1426 return (ns->
valid_after <= now && now <= ns->valid_until);
1439 if (BUG(!consensus))
1448 #define REASONABLY_LIVE_TIME (24*60*60) 1457 return (now >= valid_after - REASONABLY_LIVE_TIME);
1467 return (now <= valid_until + REASONABLY_LIVE_TIME);
1473 networkstatus_get_reasonably_live_consensus,(time_t now,
int flavor))
1476 networkstatus_get_latest_consensus_by_flavor(flavor);
1493 networkstatus_consensus_is_bootstrapping,(time_t now))
1497 if (networkstatus_get_reasonably_live_consensus(
1499 usable_consensus_flavor())) {
1522 return !public_server_mode(options);
1529 networkstatus_consensus_can_use_extra_fallbacks,(
const or_options_t *options))
1534 tor_assert(smartlist_len(router_get_fallback_dir_servers())
1535 >= smartlist_len(router_get_trusted_dir_servers()));
1539 && (smartlist_len(router_get_fallback_dir_servers())
1540 > smartlist_len(router_get_trusted_dir_servers())));
1546 networkstatus_consensus_is_already_downloading(
const char *resource)
1572 } SMARTLIST_FOREACH_END(dirconn);
1573 smartlist_free(fetching_conns);
1584 networkstatus_consensus_has_ipv6(
const or_options_t* options)
1586 const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
1588 usable_consensus_flavor());
1652 changed = smartlist_new();
1654 SMARTLIST_FOREACH_JOIN(
1662 } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1665 smartlist_free(changed);
1674 dos_consensus_has_changed(new_c);
1675 relay_consensus_has_changed(new_c);
1681 notify_after_networkstatus_changes(
void)
1703 rs_new->last_dir_503_at = rs_old->last_dir_503_at;
1705 if (
tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
1710 } SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
1713 #ifdef TOR_UNIT_TESTS 1733 case FLAV_MICRODESC:
1754 const char *source_dir)
1761 flavor, flags, source_dir);
1763 if (rv < 0 && tor_memstr(map->
data, map->
size,
"\r\n")) {
1764 log_notice(
LD_GENERAL,
"Looks like the above failures are probably " 1765 "because of a CRLF in consensus file %s; falling back to " 1766 "read_file_to_string. Nothing to worry about: this file " 1767 "was probably saved by an earlier version of Tor.",
1771 flavor, flags, source_dir);
1776 log_warn(
LD_GENERAL,
"Couldn't set consensus from cache file %s",
1779 tor_munmap_file(map);
1791 char *protocol_warning = NULL;
1796 if (protocol_warning) {
1799 "%s", protocol_warning);
1802 tor_assert_nonfatal(protocol_warning);
1817 const int is_server = server_mode(options);
1847 char tbuf[ISO_TIME_LEN+1];
1850 char *flavormsg = NULL;
1855 #define EARLY_CONSENSUS_NOTICE_SKEW 60 1868 log_warn(
LD_GENERAL,
"Our clock is %s behind the time published in the " 1869 "consensus network status document (%s UTC). Tor needs an " 1870 "accurate clock to work correctly. Please check your time and " 1871 "date settings!", dbuf, tbuf);
1872 tor_asprintf(&flavormsg,
"%s flavor consensus", flavor);
1873 clock_skew_warning(NULL, delta, 1,
LD_GENERAL, flavormsg,
"CONSENSUS");
1900 size_t consensus_len,
1903 const char *source_dir)
1909 char *unverified_fname = NULL, *consensus_fname = NULL;
1911 const unsigned from_cache = flags & NSSET_FROM_CACHE;
1912 const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
1913 const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
1914 const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
1915 const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
1918 time_t current_valid_after = 0;
1919 int free_consensus = 1;
1920 int checked_protocols_already = 0;
1924 log_warn(
LD_BUG,
"Unrecognized consensus flavor %s", flavor);
1931 NULL, NS_TYPE_CONSENSUS);
1933 log_warn(
LD_DIR,
"Unable to parse networkstatus consensus");
1938 if (from_cache && !was_waiting_for_certs) {
1944 checked_protocols_already = 1;
1948 if ((
int)c->
flavor != flav) {
1950 if (require_flavor) {
1951 log_warn(
LD_DIR,
"Got consensus with unexpected flavor %s (wanted %s)",
1959 if (flav != usable_consensus_flavor() &&
1966 if (from_cache && !accept_obsolete &&
1968 log_info(
LD_DIR,
"Loaded an expired consensus. Discarding.");
1972 if (!strcmp(flavor,
"ns")) {
1973 consensus_fname = get_cachedir_fname(
"cached-consensus");
1974 unverified_fname = get_cachedir_fname(
"unverified-consensus");
1979 }
else if (!strcmp(flavor,
"microdesc")) {
1980 consensus_fname = get_cachedir_fname(
"cached-microdesc-consensus");
1981 unverified_fname = get_cachedir_fname(
"unverified-microdesc-consensus");
1987 tor_assert_nonfatal_unreached();
1992 if (current_digests &&
1995 log_info(
LD_DIR,
"Got a %s consensus we already have", flavor);
1999 if (current_valid_after && c->
valid_after <= current_valid_after) {
2002 log_info(
LD_DIR,
"Got a %s consensus at least as old as the one we have",
2011 if (!was_waiting_for_certs) {
2013 "Not enough certificates to check networkstatus consensus");
2015 if (!current_valid_after ||
2018 networkstatus_vote_free(waiting->
consensus);
2024 write_bytes_to_file(unverified_fname, consensus, consensus_len, 1);
2034 if (was_waiting_for_certs && from_cache)
2035 if (unlink(unverified_fname) != 0) {
2037 "Failed to unlink %s: %s",
2038 unverified_fname, strerror(errno));
2044 if (!was_waiting_for_certs) {
2045 log_warn(
LD_DIR,
"Not enough good signatures on networkstatus " 2049 if (was_waiting_for_certs && (r < -1) && from_cache) {
2050 if (unlink(unverified_fname) != 0) {
2052 "Failed to unlink %s: %s",
2053 unverified_fname, strerror(errno));
2061 if (from_cache && was_waiting_for_certs) {
2065 log_info(
LD_DIR,
"Unverified consensus signatures verified.");
2066 tor_rename(unverified_fname, consensus_fname);
2069 if (!from_cache && flav == usable_consensus_flavor())
2072 if (!checked_protocols_already) {
2077 if (r != 1 && dl_certs)
2080 const int is_usable_flavor = flav == usable_consensus_flavor();
2084 if (is_usable_flavor) {
2085 notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
2088 if (flav == FLAV_NS) {
2099 }
else if (flav == FLAV_MICRODESC) {
2113 networkstatus_vote_free(waiting->
consensus);
2117 if (unlink(unverified_fname) != 0) {
2119 "Failed to unlink %s: %s",
2120 unverified_fname, strerror(errno));
2124 if (is_usable_flavor) {
2127 notify_after_networkstatus_changes();
2149 channelpadding_new_consensus_params(c);
2154 if (c->
valid_after <= now && now <= c->valid_until) {
2170 consdiffmgr_add_consensus(consensus, consensus_len, c);
2175 write_bytes_to_file(consensus_fname, consensus, consensus_len, 1);
2188 networkstatus_vote_free(c);
2213 NSSET_WAS_WAITING_FOR_CERTS, source_dir);
2228 networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
2231 if (!consensus || dir_version < 3)
2245 int is_server = server_mode(get_options());
2247 const char *recommended = is_server ?
2252 log_info(
LD_GENERAL,
"The directory authorities say my version is ok.");
2255 "The directory authorities don't recommend any versions.");
2258 log_notice(
LD_GENERAL,
"This version of Tor (%s) is newer than any " 2259 "recommended version%s, according to the directory " 2260 "authorities. Recommended versions are: %s",
2266 "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2267 VERSION,
"NEW", recommended);
2271 "This version of Tor (%s) is %s, according to the directory " 2272 "authorities. Recommended versions are: %s",
2274 status ==
VS_OLD ?
"obsolete" :
"not recommended",
2278 "CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
2279 VERSION, status ==
VS_OLD ?
"OBSOLETE" :
"UNRECOMMENDED",
2293 int authdir = authdir_mode_v3(options);
2303 router->cache_info.identity_digest,
DIGEST_LEN),
2307 if (
tor_memeq(router->cache_info.signed_descriptor_digest,
2309 if (ns->
valid_until > router->cache_info.last_listed_as_valid_until)
2310 router->cache_info.last_listed_as_valid_until = ns->
valid_until;
2318 if (old_router != router) {
2319 router->needs_retest_if_added =
2323 if (reset_failures) {
2326 } SMARTLIST_FOREACH_JOIN_END(rs, router);
2343 memset(dummy, 0,
sizeof(dummy));
2349 d->signed_descriptor_digest);
2351 if (ns->
valid_until > d->last_listed_as_valid_until)
2364 ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
2386 if (purpose == ROUTER_PURPOSE_UNKNOWN) {
2387 log_info(
LD_DIR,
"Unrecognized purpose '%s' when listing router statuses.",
2392 statuses = smartlist_new();
2394 node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
2397 if (ri->cache_info.published_on < cutoff)
2399 if (ri->purpose != purpose)
2402 if (bridge_auth && ri->purpose == ROUTER_PURPOSE_BRIDGE)
2407 } SMARTLIST_FOREACH_END(ri);
2411 smartlist_free(statuses);
2421 char *thresholds = NULL;
2422 char *published_thresholds_and_status = NULL;
2423 char published[ISO_TIME_LEN+1];
2426 char *fingerprint_line = NULL;
2429 fingerprint, 0) >= 0) {
2430 tor_asprintf(&fingerprint_line,
"fingerprint %s\n", fingerprint);
2432 log_warn(
LD_BUG,
"Error computing fingerprint for bridge status.");
2435 dirserv_compute_bridge_flag_thresholds();
2438 "published %s\nflag-thresholds %s\n%s%s",
2439 published, thresholds, fingerprint_line ? fingerprint_line :
"",
2441 fname = get_datadir_fname(
"networkstatus-bridges");
2442 if (write_str_to_file(fname,published_thresholds_and_status,0)<0) {
2443 log_warn(
LD_DIRSERV,
"Unable to write networkstatus-bridges file.");
2446 tor_free(published_thresholds_and_status);
2454 get_net_param_from_list(
smartlist_t *net_params,
const char *param_name,
2455 int32_t default_val, int32_t min_val, int32_t max_val)
2457 int32_t res = default_val;
2458 size_t name_len = strlen(param_name);
2465 if (!
strcmpstart(p, param_name) && p[name_len] ==
'=') {
2468 INT32_MAX, &ok, NULL);
2474 } SMARTLIST_FOREACH_END(p);
2476 if (res < min_val) {
2477 log_warn(
LD_DIR,
"Consensus parameter %s is too small. Got %d, raising to " 2478 "%d.", param_name, res, min_val);
2480 }
else if (res > max_val) {
2481 log_warn(
LD_DIR,
"Consensus parameter %s is too large. Got %d, capping to " 2482 "%d.", param_name, res, max_val);
2499 networkstatus_get_param, (
const networkstatus_t *ns,
const char *param_name,
2500 int32_t default_val, int32_t min_val, int32_t max_val))
2503 ns = networkstatus_get_latest_consensus();
2508 return get_net_param_from_list(ns->
net_params, param_name,
2509 default_val, min_val, max_val);
2519 int32_t torrc_value,
2520 const char *param_name,
2521 int32_t default_val,
2522 int32_t min_val, int32_t max_val)
2524 if (torrc_value >= min_val && torrc_value <= max_val)
2527 return networkstatus_get_param(
2528 ns, param_name, default_val, min_val, max_val);
2540 return networkstatus_get_param(ns,
"bwweightscale",
2542 BW_MIN_WEIGHT_SCALE,
2543 BW_MAX_WEIGHT_SCALE);
2552 int32_t default_val)
2557 ns = networkstatus_get_latest_consensus();
2563 param = get_net_param_from_list(ns->
weight_params, weight_name,
2565 BW_MAX_WEIGHT_SCALE);
2567 log_warn(
LD_DIR,
"Value of consensus weight %s was too large, capping " 2568 "to %d", weight_name, max);
2582 case FLAV_MICRODESC:
2595 if (!strcmp(flavname,
"ns"))
2597 else if (!strcmp(flavname,
"microdesc"))
2598 return FLAV_MICRODESC;
2618 if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
2633 const char *question,
char **answer,
2634 const char **errmsg)
2639 if (!networkstatus_get_latest_consensus()) {
2640 *answer = tor_strdup(
"");
2644 if (!strcmp(question,
"ns/all")) {
2653 smartlist_free(statuses);
2657 const char *q = question + 6;
2662 *errmsg =
"Data not decodeable as hex";
2667 const node_t *n = node_get_by_nickname(question+8, 0);
2668 status = n ? n->rs : NULL;
2669 }
else if (!
strcmpstart(question,
"ns/purpose/")) {
2671 return *answer ? 0 : -1;
2672 }
else if (!strcmp(question,
"consensus/packages")) {
2677 *errmsg =
"No consensus available";
2678 return *answer ? 0 : -1;
2679 }
else if (!strcmp(question,
"consensus/valid-after") ||
2680 !strcmp(question,
"consensus/fresh-until") ||
2681 !strcmp(question,
"consensus/valid-until")) {
2685 if (!strcmp(question,
"consensus/valid-after"))
2687 else if (!strcmp(question,
"consensus/fresh-until"))
2692 char tbuf[ISO_TIME_LEN+1];
2694 *answer = tor_strdup(tbuf);
2696 *errmsg =
"No consensus available";
2698 return *answer ? 0 : -1;
2719 const char *func = client_mode ?
"client" :
"relay";
2720 const char *required, *recommended;
2721 char *missing = NULL;
2723 const bool consensus_postdates_this_release =
2729 required = ns->required_client_protocols;
2730 recommended = ns->recommended_client_protocols;
2732 required = ns->required_relay_protocols;
2737 tor_asprintf(warning_out,
"At least one protocol listed as required in " 2738 "the consensus is not supported by this version of Tor. " 2739 "You should upgrade. This version of Tor will not work as a " 2740 "%s on the Tor network. The missing protocols are: %s",
2743 return consensus_postdates_this_release ? 1 : 0;
2747 tor_asprintf(warning_out,
"At least one protocol listed as recommended in " 2748 "the consensus is not supported by this version of Tor. " 2749 "You should upgrade. This version of Tor will eventually " 2750 "stop working as a %s on the Tor network. The missing " 2751 "protocols are: %s",
2756 tor_assert_nonfatal(missing == NULL);
2773 networkstatus_vote_free(waiting->
consensus);
STATIC networkstatus_t * current_ns_consensus
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Header file for circuitstats.c.
int directory_fetches_dir_info_early(const or_options_t *options)
networkstatus_type_t type
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
routerstatus_t * router_get_mutable_consensus_status_by_id(const char *digest)
Header file for dirclient.c.
smartlist_t * old_routers
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
Format routerstatus entries for controller, vote, or consensus.
Header file for circuitbuild.c.
int we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
Common functions for using (pseudo-)random number generators.
Header file for voteflags.c.
version_status_t tor_version_is_obsolete(const char *myversion, const char *versionlist)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
networkstatus_sr_info_t sr_info
unsigned int name_lookup_warned
void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns)
download_want_authority_t
int dir_server_mode(const or_options_t *options)
Header file for node_select.c.
void format_local_iso_time(char *buf, time_t t)
void download_status_reset(download_status_t *dls)
void router_dir_info_changed(void)
int we_use_microdescriptors_for_circuits(const or_options_t *options)
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Header file for connection.c.
void networkstatus_note_certs_arrived(const char *source_dir)
int dirserv_should_launch_reachability_test(const routerinfo_t *ri, const routerinfo_t *ri_old)
char identity_digest[DIGEST_LEN]
int get_n_authorities(dirinfo_type_t type)
Header file for nodelist.c.
STATIC void warn_early_consensus(const networkstatus_t *c, const char *flavor, time_t now)
char * networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
void scheduler_notify_networkstatus_changed(void)
int we_want_to_fetch_flavor(const or_options_t *options, int flavor)
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
int networkstatus_consensus_can_use_multiple_directories(const or_options_t *options)
int directory_caches_unknown_auth_certs(const or_options_t *options)
void cmux_ewma_set_options(const or_options_t *options, const networkstatus_t *consensus)
static void update_consensus_bootstrap_attempt_downloads(time_t now, download_status_t *dls, download_want_authority_t want_authority)
int authdir_mode_bridge(const or_options_t *options)
MOCK_IMPL(const routerstatus_t *, networkstatus_vote_find_entry,(networkstatus_t *ns, const char *digest))
void voting_schedule_recalculate_timing(const or_options_t *options, time_t now)
Header file for config.c.
Header file for authcert.c.
char * networkstatus_getinfo_helper_single(const routerstatus_t *rs)
uint8_t digest_sha3_as_signed[DIGEST256_LEN]
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
#define DIR_CONN_STATE_CLIENT_READING
int format_time_interval(char *out, size_t out_len, long interval)
struct connection_t * linked_conn
#define OLD_ROUTER_DESC_MAX_AGE
Header file for microdesc.c.
void signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
routerinfo_t * router_get_mutable_by_digest(const char *digest)
void update_certificate_downloads(time_t now)
void routers_sort_by_identity(smartlist_t *routers)
void routers_update_all_from_networkstatus(time_t now, int dir_version)
int directory_fetches_from_authorities(const or_options_t *options)
void document_signature_free_(document_signature_t *sig)
void networkstatus_consensus_download_failed(int status_code, const char *flavname)
static void update_consensus_bootstrap_multiple_downloads(time_t now, const or_options_t *options)
Header file for reachability.c.
int strcmpstart(const char *s1, const char *s2)
void dirserv_set_router_is_running(routerinfo_t *router, time_t now)
#define tor_fragile_assert()
void circpad_new_consensus_params(const networkstatus_t *ns)
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, int consensus_method, const vote_routerstatus_t *vrs)
void update_microdescs_from_networkstatus(time_t now)
int networkstatus_valid_until_is_reasonably_live(time_t valid_until, time_t now)
#define DIR_PURPOSE_FETCH_CONSENSUS
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
Header file for mainloop.c.
void memwipe(void *mem, uint8_t byte, size_t sz)
unsigned int bad_signature
static smartlist_t * router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
#define DELAY_WHILE_FETCHING_CERTS
int download_status_is_ready(download_status_t *dls, time_t now)
Header file for versions.c.
Header file for scheduler*.c.
signed_descriptor_t cache_info
time_t download_status_increment_attempt(download_status_t *dls, const char *item, time_t now)
unsigned int is_authority
int control_event_newconsensus(const networkstatus_t *consensus)
static int routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
void networkstatus_dump_bridge_status_to_file(time_t now)
smartlist_t * weight_params
void update_consensus_networkstatus_fetch_time(time_t now)
Header file for directory authority mode.
void microdesc_reset_outdated_dirservers_list(void)
int networkstatus_parse_flavor_name(const char *flavname)
STATIC networkstatus_t * current_md_consensus
unsigned int good_signature
Header file for hibernate.c.
static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]
int directory_fetches_dir_info_later(const or_options_t *options)
int control_event_general_status(int severity, const char *format,...)
download_schedule_bitfield_t schedule
Common functions for cryptographic routines.
Header file for channel.c.
char signing_key_digest[DIGEST_LEN]
int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, int32_t default_val)
int networkstatus_valid_after_is_reasonably_live(time_t valid_after, time_t now)
struct vote_microdesc_hash_t * next
Header file for routermode.c.
int tor_memcmp(const void *a, const void *b, size_t len)
int tor_memeq(const void *a, const void *b, size_t sz)
int tor_asprintf(char **strp, const char *fmt,...)
void reschedule_dirvote(const or_options_t *options)
Header file for circuitpadding.c.
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
uint8_t router_purpose_from_string(const char *s)
Header file for circuitbuild.c.
void vote_routerstatus_free_(vote_routerstatus_t *rs)
Master header file for Tor-specific functionality.
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
void authority_certs_fetch_missing(networkstatus_t *status, time_t now, const char *dir_hint)
const char * hex_str(const char *from, size_t fromlen)
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS]
int options_any_client_port_set(const or_options_t *options)
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS]
int crypto_rand_int(unsigned int max)
static void update_consensus_networkstatus_downloads(time_t now)
smartlist_t * supported_methods
char * microdesc_hash_line
void networkstatus_reset_warnings(void)
char signing_key_digest[DIGEST_LEN]
crypto_pk_t * signing_key
void networkstatus_reset_download_failures(void)
#define PDS_RETRY_IF_NO_SERVERS
char nickname[MAX_NICKNAME_LEN+1]
int ClientBootstrapConsensusMaxInProgressTries
int pt_proxies_configuration_pending(void)
int router_reload_consensus_networkstatus(void)
Header file for circuitmux_ewma.c.
void routers_update_status_from_consensus_networkstatus(smartlist_t *routers, int reset_failures)
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE
#define RFTS_IGNORE_MISSING
int compare_digest_to_vote_routerstatus_entry(const void *_key, const void **_member)
smartlist_t * known_flags
Header file for voting_schedule.c.
int control_event_client_status(int severity, const char *format,...)
Headers for transports.c.
int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
void * smartlist_bsearch(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member))
static void handle_missing_protocol_warning_impl(const networkstatus_t *c, int is_client)
static int reload_consensus_from_file(const char *fname, const char *flavor, unsigned flags, const char *source_dir)
int authority_cert_dl_looks_uncertain(const char *id_digest)
static void handle_missing_protocol_warning(const networkstatus_t *c, const or_options_t *options)
#define MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS
Headers and type declarations for protover.c.
static int have_warned_about_old_version
void networkstatus_vote_free_(networkstatus_t *ns)
int FetchUselessDescriptors
smartlist_t * routerstatus_list
char descriptor_digest[DIGEST256_LEN]
unsigned int is_possible_guard
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
time_t tor_get_approx_release_date(void)
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Header file for connection_edge.c.
char identity_digest[DIGEST_LEN]
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Header file for ns_parse.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
int32_t networkstatus_get_overridable_param(const networkstatus_t *ns, int32_t torrc_value, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
#define ROUTER_MAX_AGE_TO_PUBLISH
void format_iso_time(char *buf, time_t t)
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
#define download_status_failed(dls, sc)
Header file for dirvote.c.
Header file for circuitmux.c.
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
static int networkstatus_check_required_protocols(const networkstatus_t *ns, int client_mode, char **warning_out)
const char * escaped(const char *s)
int networkstatus_vote_find_entry_idx(networkstatus_t *ns, const char *digest, int *found_out)
networkstatus_t * consensus
Header file for dlstatus.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
void update_networkstatus_downloads(time_t now)
int control_event_is_interesting(int event)
struct consensus_waiting_for_certs_t consensus_waiting_for_certs_t
routerstatus_t * networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int protover_all_supported(const char *s, char **missing_out)
int authority_cert_is_blacklisted(const authority_cert_t *cert)
vote_microdesc_hash_t * microdesc
char identity_digest[DIGEST_LEN]
int consensus_is_waiting_for_certs(void)
smartlist_t * package_lines
Header file for dirlist.c.
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
#define N_CONSENSUS_FLAVORS
int directory_caches_dir_info(const or_options_t *options)
static void networkstatus_copy_old_consensus_info(networkstatus_t *new_c, const networkstatus_t *old_c)
void networkstatus_free_all(void)
int networkstatus_get_weight_scale_param(networkstatus_t *ns)
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
static char * networkstatus_get_cache_fname(int flav, const char *flavorname, int unverified_consensus)
Header file for connection_or.c.
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING
unsigned int is_flagged_running
static tor_mmap_t * networkstatus_map_cached_consensus_impl(int flav, const char *flavorname, int unverified_consensus)
int tor_rename(const char *path_old, const char *path_new)
#define AP_CONN_STATE_IS_UNATTACHED(s)
static int have_warned_about_new_version
char * recommended_relay_protocols
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
digestmap_t * desc_digest_map
void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, size_t networkstatus_len, const char *flavor_name, const common_digests_t *digests, const uint8_t *sha3_as_signed, time_t published)
char * dirserv_get_flag_thresholds_line(void)
static void notify_control_networkstatus_changed(const networkstatus_t *old_c, const networkstatus_t *new_c)
Header file for routerinfo.c.
document_signature_t * document_signature_dup(const document_signature_t *sig)
int client_would_use_router(const routerstatus_t *rs, time_t now)
static int connection_dir_count_by_purpose_and_resource(int purpose, const char *resource)
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
Header file for control_events.c.
void set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits)
int FetchDirInfoExtraEarly
smartlist_t * bw_file_headers
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
routerlist_t * router_get_routerlist(void)
crypto_pk_t * identity_pkey
struct authority_cert_t * cert
void routerstatus_free_(routerstatus_t *rs)
Header file for networkstatus.c.
int control_event_networkstatus_changed(smartlist_t *statuses)
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key, int(*compare)(const void *key, const void **member), int *found_out)
Header file for routerlist.c.
int compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
tor_mmap_t * networkstatus_map_cached_consensus(const char *flavorname)
