Tor  0.4.7.0-alpha-dev
nodelist.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file nodelist.c
9  *
10  * \brief Structures and functions for tracking what we know about the routers
11  * on the Tor network, and correlating information from networkstatus,
12  * routerinfo, and microdescs.
13  *
14  * The key structure here is node_t: that's the canonical way to refer
15  * to a Tor relay that we might want to build a circuit through. Every
16  * node_t has either a routerinfo_t, or a routerstatus_t from the current
17  * networkstatus consensus. If it has a routerstatus_t, it will also
18  * need to have a microdesc_t before you can use it for circuits.
19  *
20  * The nodelist_t is a global singleton that maps identities to node_t
21  * objects. Access them with the node_get_*() functions. The nodelist_t
22  * is maintained by calls throughout the codebase
23  *
24  * Generally, other code should not have to reach inside a node_t to
25  * see what information it has. Instead, you should call one of the
26  * many accessor functions that works on a generic node_t. If there
27  * isn't one that does what you need, it's better to make such a function,
28  * and then use it.
29  *
30  * For historical reasons, some of the functions that select a node_t
31  * from the list of all usable node_t objects are in the routerlist.c
32  * module, since they originally selected a routerinfo_t. (TODO: They
33  * should move!)
34  *
35  * (TODO: Perhaps someday we should abstract the remaining ways of
36  * talking about a relay to also be node_t instances. Those would be
37  * routerstatus_t as used for directory requests, and dir_server_t as
38  * used for authorities and fallback directories.)
39  */
40 
41 #define NODELIST_PRIVATE
42 
43 #include "core/or/or.h"
44 #include "app/config/config.h"
45 #include "core/mainloop/mainloop.h"
47 #include "core/or/address_set.h"
48 #include "core/or/policies.h"
49 #include "core/or/protover.h"
50 #include "feature/client/bridges.h"
55 #include "feature/hs/hs_client.h"
56 #include "feature/hs/hs_common.h"
67 #include "lib/encoding/binascii.h"
68 #include "lib/err/backtrace.h"
69 #include "lib/geoip/geoip.h"
70 #include "lib/net/address.h"
71 
72 #include <string.h>
73 
75 
83 
84 static void nodelist_drop_node(node_t *node, int remove_from_ht);
85 #define node_free(val) \
86  FREE_AND_NULL(node_t, node_free_, (val))
87 static void node_free_(node_t *node);
88 
89 /** count_usable_descriptors counts descriptors with these flag(s)
90  */
91 typedef enum {
92  /* All descriptors regardless of flags or exit policies */
93  USABLE_DESCRIPTOR_ALL = 0U,
94  /* Only count descriptors with an exit policy that allows at least one port
95  */
96  USABLE_DESCRIPTOR_EXIT_POLICY = 1U << 0,
97  /* Only count descriptors for relays that have the exit flag in the
98  * consensus */
99  USABLE_DESCRIPTOR_EXIT_FLAG = 1U << 1,
100  /* Only count descriptors for relays that have the policy and the flag */
101  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG = (USABLE_DESCRIPTOR_EXIT_POLICY |
102  USABLE_DESCRIPTOR_EXIT_FLAG)
104 static void count_usable_descriptors(int *num_present,
105  int *num_usable,
106  smartlist_t *descs_out,
107  const networkstatus_t *consensus,
108  time_t now,
109  routerset_t *in_set,
110  usable_descriptor_t exit_only);
111 static void update_router_have_minimum_dir_info(void);
112 static double get_frac_paths_needed_for_circs(const or_options_t *options,
113  const networkstatus_t *ns);
114 static void node_add_to_address_set(const node_t *node);
115 
116 /** A nodelist_t holds a node_t object for every router we're "willing to use
117  * for something". Specifically, it should hold a node_t for every node that
118  * is currently in the routerlist, or currently in the consensus we're using.
119  */
120 typedef struct nodelist_t {
121  /* A list of all the nodes. */
122  smartlist_t *nodes;
123  /* Hash table to map from node ID digest to node. */
124  HT_HEAD(nodelist_map, node_t) nodes_by_id;
125  /* Hash table to map from node Ed25519 ID to node.
126  *
127  * Whenever a node's routerinfo or microdescriptor is about to change,
128  * you should remove it from this map with node_remove_from_ed25519_map().
129  * Whenever a node's routerinfo or microdescriptor has just changed,
130  * you should add it to this map with node_add_to_ed25519_map().
131  */
132  HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
133 
134  /* Set of addresses that belong to nodes we believe in. */
135  address_set_t *node_addrs;
136 
137  /* Set of addresses + port that belong to nodes we know and that we don't
138  * allow network re-entry towards them. */
139  digestmap_t *reentry_set;
140 
141  /* The valid-after time of the last live consensus that initialized the
142  * nodelist. We use this to detect outdated nodelists that need to be
143  * rebuilt using a newer consensus. */
144  time_t live_consensus_valid_after;
145 } nodelist_t;
146 
147 static inline unsigned int
148 node_id_hash(const node_t *node)
149 {
150  return (unsigned) siphash24g(node->identity, DIGEST_LEN);
151 }
152 
153 static inline unsigned int
154 node_id_eq(const node_t *node1, const node_t *node2)
155 {
156  return tor_memeq(node1->identity, node2->identity, DIGEST_LEN);
157 }
158 
159 HT_PROTOTYPE(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq);
160 HT_GENERATE2(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq,
162 
163 static inline unsigned int
164 node_ed_id_hash(const node_t *node)
165 {
166  return (unsigned) siphash24g(node->ed25519_id.pubkey, ED25519_PUBKEY_LEN);
167 }
168 
169 static inline unsigned int
170 node_ed_id_eq(const node_t *node1, const node_t *node2)
171 {
172  return ed25519_pubkey_eq(&node1->ed25519_id, &node2->ed25519_id);
173 }
174 
175 HT_PROTOTYPE(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
176  node_ed_id_eq);
177 HT_GENERATE2(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
178  node_ed_id_eq, 0.6, tor_reallocarray_, tor_free_);
179 
180 /** The global nodelist. */
182 
183 /** Create an empty nodelist if we haven't done so already. */
184 static void
186 {
187  if (PREDICT_UNLIKELY(the_nodelist == NULL)) {
188  the_nodelist = tor_malloc_zero(sizeof(nodelist_t));
189  HT_INIT(nodelist_map, &the_nodelist->nodes_by_id);
190  HT_INIT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
191  the_nodelist->nodes = smartlist_new();
192  }
193 }
194 
195 /** As node_get_by_id, but returns a non-const pointer */
196 MOCK_IMPL(node_t *,
197 node_get_mutable_by_id,(const char *identity_digest))
198 {
199  node_t search, *node;
200  if (PREDICT_UNLIKELY(the_nodelist == NULL))
201  return NULL;
202 
203  memcpy(&search.identity, identity_digest, DIGEST_LEN);
204  node = HT_FIND(nodelist_map, &the_nodelist->nodes_by_id, &search);
205  return node;
206 }
207 
208 /** As node_get_by_ed25519_id, but returns a non-const pointer */
209 node_t *
211 {
212  node_t search, *node;
213  if (PREDICT_UNLIKELY(the_nodelist == NULL))
214  return NULL;
215  if (BUG(ed_id == NULL) || BUG(ed25519_public_key_is_zero(ed_id)))
216  return NULL;
217 
218  memcpy(&search.ed25519_id, ed_id, sizeof(search.ed25519_id));
219  node = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, &search);
220  return node;
221 }
222 
223 /** Return the node_t whose identity is <b>identity_digest</b>, or NULL
224  * if no such node exists. */
225 MOCK_IMPL(const node_t *,
226 node_get_by_id,(const char *identity_digest))
227 {
228  return node_get_mutable_by_id(identity_digest);
229 }
230 
231 /** Return the node_t whose ed25519 identity is <b>ed_id</b>, or NULL
232  * if no such node exists. */
233 MOCK_IMPL(const node_t *,
235 {
236  return node_get_mutable_by_ed25519_id(ed_id);
237 }
238 
239 /** Internal: return the node_t whose identity_digest is
240  * <b>identity_digest</b>. If none exists, create a new one, add it to the
241  * nodelist, and return it.
242  *
243  * Requires that the nodelist be initialized.
244  */
245 static node_t *
246 node_get_or_create(const char *identity_digest)
247 {
248  node_t *node;
249 
250  if ((node = node_get_mutable_by_id(identity_digest)))
251  return node;
252 
253  node = tor_malloc_zero(sizeof(node_t));
254  memcpy(node->identity, identity_digest, DIGEST_LEN);
255  HT_INSERT(nodelist_map, &the_nodelist->nodes_by_id, node);
256 
257  smartlist_add(the_nodelist->nodes, node);
258  node->nodelist_idx = smartlist_len(the_nodelist->nodes) - 1;
259 
260  node->country = -1;
261 
262  return node;
263 }
264 
265 /** Remove <b>node</b> from the ed25519 map (if it present), and
266  * set its ed25519_id field to zero. */
267 static int
269 {
271  tor_assert(node);
272 
274  return 0;
275  }
276 
277  int rv = 0;
278  node_t *search =
279  HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
280  if (BUG(search != node)) {
281  goto clear_and_return;
282  }
283 
284  search = HT_REMOVE(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
285  tor_assert(search == node);
286  rv = 1;
287 
288  clear_and_return:
289  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
290  return rv;
291 }
292 
293 /** Helper function to log details of duplicated ed2559_ids */
294 static void
295 node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
296 {
297  char *s;
298  char *olddesc = tor_strdup(node_describe(old));
299 
300  tor_asprintf(&s, "Reused ed25519_id %s: old %s new %s", ed_id,
301  olddesc, node_describe(node));
302  log_backtrace(LOG_NOTICE, LD_DIR, s);
303  tor_free(olddesc);
304  tor_free(s);
305 }
306 
307 /** If <b>node</b> has an ed25519 id, and it is not already in the ed25519 id
308  * map, set its ed25519_id field, and add it to the ed25519 map.
309  */
310 static int
312 {
314  tor_assert(node);
315 
316  if (! ed25519_public_key_is_zero(&node->ed25519_id)) {
317  return 0;
318  }
319 
320  const ed25519_public_key_t *key = node_get_ed25519_id(node);
321  if (!key) {
322  return 0;
323  }
324 
325  node_t *old;
326  memcpy(&node->ed25519_id, key, sizeof(node->ed25519_id));
327  old = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
328  if (old) {
329  char ed_id[BASE32_BUFSIZE(sizeof(key->pubkey))];
330 
331  base32_encode(ed_id, sizeof(ed_id), (const char *)key->pubkey,
332  sizeof(key->pubkey));
333  if (BUG(old == node)) {
334  /* Actual bug: all callers of this function call
335  * node_remove_from_ed25519_map first. */
336  log_err(LD_BUG,
337  "Unexpectedly found deleted node with ed25519_id %s", ed_id);
338  } else {
339  /* Distinct nodes sharing a ed25519 id, possibly due to relay
340  * misconfiguration. The key pinning might not catch this,
341  * possibly due to downloading a missing descriptor during
342  * consensus voting. */
343  node_log_dup_ed_id(old, node, ed_id);
344  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
345  }
346  return 0;
347  }
348 
349  HT_INSERT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
350  return 1;
351 }
352 
353 /* For a given <b>node</b> for the consensus <b>ns</b>, set the hsdir index
354  * for the node, both current and next if possible. This can only fails if the
355  * node_t ed25519 identity key can't be found which would be a bug. */
356 STATIC void
357 node_set_hsdir_index(node_t *node, const networkstatus_t *ns)
358 {
359  time_t now = approx_time();
360  const ed25519_public_key_t *node_identity_pk;
361  uint8_t *fetch_srv = NULL, *store_first_srv = NULL, *store_second_srv = NULL;
362  uint64_t next_time_period_num, current_time_period_num;
363  uint64_t fetch_tp, store_first_tp, store_second_tp;
364 
365  tor_assert(node);
366  tor_assert(ns);
367 
369  static struct ratelim_t live_consensus_ratelim = RATELIM_INIT(30 * 60);
370  log_fn_ratelim(&live_consensus_ratelim, LOG_INFO, LD_GENERAL,
371  "Not setting hsdir index with a non-live consensus.");
372  goto done;
373  }
374 
375  node_identity_pk = node_get_ed25519_id(node);
376  if (node_identity_pk == NULL) {
377  log_debug(LD_GENERAL, "ed25519 identity public key not found when "
378  "trying to build the hsdir indexes for node %s",
379  node_describe(node));
380  goto done;
381  }
382 
383  /* Get the current and next time period number. */
384  current_time_period_num = hs_get_time_period_num(0);
385  next_time_period_num = hs_get_next_time_period_num(0);
386 
387  /* We always use the current time period for fetching descs */
388  fetch_tp = current_time_period_num;
389 
390  /* Now extract the needed SRVs and time periods for building hsdir indices */
391  if (hs_in_period_between_tp_and_srv(ns, now)) {
392  fetch_srv = hs_get_current_srv(fetch_tp, ns);
393 
394  store_first_tp = hs_get_previous_time_period_num(0);
395  store_second_tp = current_time_period_num;
396  } else {
397  fetch_srv = hs_get_previous_srv(fetch_tp, ns);
398 
399  store_first_tp = current_time_period_num;
400  store_second_tp = next_time_period_num;
401  }
402 
403  /* We always use the old SRV for storing the first descriptor and the latest
404  * SRV for storing the second descriptor */
405  store_first_srv = hs_get_previous_srv(store_first_tp, ns);
406  store_second_srv = hs_get_current_srv(store_second_tp, ns);
407 
408  /* Build the fetch index. */
409  hs_build_hsdir_index(node_identity_pk, fetch_srv, fetch_tp,
410  node->hsdir_index.fetch);
411 
412  /* If we are in the time segment between SRV#N and TP#N, the fetch index is
413  the same as the first store index */
414  if (!hs_in_period_between_tp_and_srv(ns, now)) {
415  memcpy(node->hsdir_index.store_first, node->hsdir_index.fetch,
416  sizeof(node->hsdir_index.store_first));
417  } else {
418  hs_build_hsdir_index(node_identity_pk, store_first_srv, store_first_tp,
419  node->hsdir_index.store_first);
420  }
421 
422  /* If we are in the time segment between TP#N and SRV#N+1, the fetch index is
423  the same as the second store index */
424  if (hs_in_period_between_tp_and_srv(ns, now)) {
425  memcpy(node->hsdir_index.store_second, node->hsdir_index.fetch,
426  sizeof(node->hsdir_index.store_second));
427  } else {
428  hs_build_hsdir_index(node_identity_pk, store_second_srv, store_second_tp,
429  node->hsdir_index.store_second);
430  }
431 
432  done:
433  tor_free(fetch_srv);
434  tor_free(store_first_srv);
435  tor_free(store_second_srv);
436  return;
437 }
438 
439 /** Called when a node's address changes. */
440 static void
442 {
443  node->last_reachable = node->last_reachable6 = 0;
444  node->country = -1;
445 }
446 
447 /** Add all address information about <b>node</b> to the current address
448  * set (if there is one).
449  */
450 static void
452 {
453  if (!the_nodelist ||
454  !the_nodelist->node_addrs || !the_nodelist->reentry_set)
455  return;
456 
457  /* These various address sources can be redundant, but it's likely faster to
458  * add them all than to compare them all for equality.
459  *
460  * For relays, we only add the ORPort in the addr+port set since we want to
461  * allow re-entry into the network to the DirPort so the self reachability
462  * test succeeds and thus the 0 value for the DirPort. */
463 
464  if (node->rs) {
465  if (!tor_addr_is_null(&node->rs->ipv4_addr))
466  nodelist_add_addr_to_address_set(&node->rs->ipv4_addr,
467  node->rs->ipv4_orport, 0);
468  if (!tor_addr_is_null(&node->rs->ipv6_addr))
470  node->rs->ipv6_orport, 0);
471  }
472  if (node->ri) {
473  if (!tor_addr_is_null(&node->ri->ipv4_addr))
475  node->ri->ipv4_orport, 0);
476  if (!tor_addr_is_null(&node->ri->ipv6_addr))
478  node->ri->ipv6_orport, 0);
479  }
480  if (node->md) {
481  if (!tor_addr_is_null(&node->md->ipv6_addr))
483  node->md->ipv6_orport, 0);
484  }
485 }
486 
487 /** Build a construction for the reentry set consisting of an address and port
488  * pair.
489  *
490  * If the given address is _not_ AF_INET or AF_INET6, then the item is an
491  * array of 0s.
492  *
493  * Return a pointer to a static buffer containing the item. Next call to this
494  * function invalidates its previous content. */
495 static char *
496 build_addr_port_item(const tor_addr_t *addr, const uint16_t port)
497 {
498  /* At most 16 bytes are put in this (IPv6) and then 2 bytes for the port
499  * which is within the maximum of 20 bytes (DIGEST_LEN). */
500  static char data[DIGEST_LEN];
501 
502  memset(data, 0, sizeof(data));
503  switch (tor_addr_family(addr)) {
504  case AF_INET:
505  memcpy(data, &addr->addr.in_addr.s_addr, 4);
506  break;
507  case AF_INET6:
508  memcpy(data, &addr->addr.in6_addr.s6_addr, 16);
509  break;
510  case AF_UNSPEC:
511  /* Leave the 0. */
512  break;
513  default:
514  /* LCOV_EXCL_START */
516  /* LCOV_EXCL_STOP */
517  }
518 
519  memcpy(data + 16, &port, sizeof(port));
520  return data;
521 }
522 
523 /** Add the given address into the nodelist address set. */
524 void
526  uint16_t or_port, uint16_t dir_port)
527 {
528  if (BUG(!addr) || tor_addr_is_null(addr) ||
529  (!tor_addr_is_v4(addr) && !tor_addr_is_v6(addr)) ||
530  !the_nodelist || !the_nodelist->node_addrs ||
531  !the_nodelist->reentry_set) {
532  return;
533  }
534  address_set_add(the_nodelist->node_addrs, addr);
535  if (or_port != 0) {
536  digestmap_set(the_nodelist->reentry_set,
537  build_addr_port_item(addr, or_port), (void*) 1);
538  }
539  if (dir_port != 0) {
540  digestmap_set(the_nodelist->reentry_set,
541  build_addr_port_item(addr, dir_port), (void*) 1);
542  }
543 }
544 
545 /** Return true if <b>addr</b> is the address of some node in the nodelist.
546  * If not, probably return false. */
547 int
549 {
550  if (BUG(!addr))
551  return 0;
552 
553  if (!the_nodelist || !the_nodelist->node_addrs)
554  return 0;
555 
556  return address_set_probably_contains(the_nodelist->node_addrs, addr);
557 }
558 
559 /** Return true if <b>addr</b> is the address of some node in the nodelist and
560  * corresponds also to the given port. If not, probably return false. */
561 bool
562 nodelist_reentry_contains(const tor_addr_t *addr, uint16_t port)
563 {
564  if (BUG(!addr) || BUG(!port))
565  return false;
566 
567  if (!the_nodelist || !the_nodelist->reentry_set)
568  return false;
569 
570  return digestmap_get(the_nodelist->reentry_set,
571  build_addr_port_item(addr, port)) != NULL;
572 }
573 
574 /** Add <b>ri</b> to an appropriate node in the nodelist. If we replace an
575  * old routerinfo, and <b>ri_old_out</b> is not NULL, set *<b>ri_old_out</b>
576  * to the previous routerinfo.
577  */
578 node_t *
580 {
581  node_t *node;
582  const char *id_digest;
583  int had_router = 0;
584  tor_assert(ri);
585 
586  init_nodelist();
587  id_digest = ri->cache_info.identity_digest;
588  node = node_get_or_create(id_digest);
589 
591 
592  if (node->ri) {
593  if (!routers_have_same_or_addrs(node->ri, ri)) {
594  node_addrs_changed(node);
595  }
596  had_router = 1;
597  if (ri_old_out)
598  *ri_old_out = node->ri;
599  } else {
600  if (ri_old_out)
601  *ri_old_out = NULL;
602  }
603  node->ri = ri;
604 
606 
607  if (node->country == -1)
608  node_set_country(node);
609 
610  if (authdir_mode(get_options()) && !had_router) {
611  const char *discard=NULL;
612  uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
614  }
615 
616  /* Setting the HSDir index requires the ed25519 identity key which can
617  * only be found either in the ri or md. This is why this is called here.
618  * Only nodes supporting HSDir=2 protocol version needs this index. */
619  if (node->rs && node->rs->pv.supports_v3_hsdir) {
620  node_set_hsdir_index(node,
622  }
623 
625 
626  return node;
627 }
628 
629 /** Set the appropriate node_t to use <b>md</b> as its microdescriptor.
630  *
631  * Called when a new microdesc has arrived and the usable consensus flavor
632  * is "microdesc".
633  **/
634 node_t *
636 {
637  networkstatus_t *ns =
639  const routerstatus_t *rs;
640  node_t *node;
641  if (ns == NULL)
642  return NULL;
643  init_nodelist();
644 
645  /* Microdescriptors don't carry an identity digest, so we need to figure
646  * it out by looking up the routerstatus. */
648  if (rs == NULL)
649  return NULL;
651  if (node == NULL)
652  return NULL;
653 
655  if (node->md)
656  node->md->held_by_nodes--;
657 
658  node->md = md;
659  md->held_by_nodes++;
660  /* Setting the HSDir index requires the ed25519 identity key which can
661  * only be found either in the ri or md. This is why this is called here.
662  * Only nodes supporting HSDir=2 protocol version needs this index. */
663  if (rs->pv.supports_v3_hsdir) {
664  node_set_hsdir_index(node, ns);
665  }
668 
669  return node;
670 }
671 
672 /* Default value. */
673 #define ESTIMATED_ADDRESS_PER_NODE 2
674 
675 /* Return the estimated number of address per node_t. This is used for the
676  * size of the bloom filter in the nodelist (node_addrs). */
677 MOCK_IMPL(int,
678 get_estimated_address_per_node, (void))
679 {
680  return ESTIMATED_ADDRESS_PER_NODE;
681 }
682 
683 /** Tell the nodelist that the current usable consensus is <b>ns</b>.
684  * This makes the nodelist change all of the routerstatus entries for
685  * the nodes, drop nodes that no longer have enough info to get used,
686  * and grab microdescriptors into nodes as appropriate.
687  */
688 void
690 {
691  const or_options_t *options = get_options();
692  int authdir = authdir_mode_v3(options);
693 
694  init_nodelist();
695  if (ns->flavor == FLAV_MICRODESC)
696  (void) get_microdesc_cache(); /* Make sure it exists first. */
697 
698  SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
699  node->rs = NULL);
700 
701  /* Conservatively estimate that every node will have 2 addresses (v4 and
702  * v6). Then we add the number of configured trusted authorities we have. */
703  int estimated_addresses = smartlist_len(ns->routerstatus_list) *
704  get_estimated_address_per_node();
705  estimated_addresses += (get_n_authorities(V3_DIRINFO | BRIDGE_DIRINFO) *
706  get_estimated_address_per_node());
707  /* Clear our sets because we will repopulate them with what this new
708  * consensus contains. */
709  address_set_free(the_nodelist->node_addrs);
710  the_nodelist->node_addrs = address_set_new(estimated_addresses);
711  digestmap_free(the_nodelist->reentry_set, NULL);
712  the_nodelist->reentry_set = digestmap_new();
713 
715  node_t *node = node_get_or_create(rs->identity_digest);
716  node->rs = rs;
717  if (ns->flavor == FLAV_MICRODESC) {
718  if (node->md == NULL ||
719  tor_memneq(node->md->digest,rs->descriptor_digest,DIGEST256_LEN)) {
721  if (node->md)
722  node->md->held_by_nodes--;
723  node->md = microdesc_cache_lookup_by_digest256(NULL,
724  rs->descriptor_digest);
725  if (node->md)
726  node->md->held_by_nodes++;
728  }
729  }
730 
731  if (rs->pv.supports_v3_hsdir) {
732  node_set_hsdir_index(node, ns);
733  }
734  node_set_country(node);
735 
736  /* If we're not an authdir, believe others. */
737  if (!authdir) {
738  node->is_valid = rs->is_valid;
739  node->is_running = rs->is_flagged_running;
740  node->is_fast = rs->is_fast;
741  node->is_stable = rs->is_stable;
742  node->is_possible_guard = rs->is_possible_guard;
743  node->is_exit = rs->is_exit;
744  node->is_bad_exit = rs->is_bad_exit;
745  node->is_hs_dir = rs->is_hs_dir;
746  node->ipv6_preferred = 0;
747  if (reachable_addr_prefer_ipv6_orport(options) &&
748  (tor_addr_is_null(&rs->ipv6_addr) == 0 ||
749  (node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
750  node->ipv6_preferred = 1;
751  }
752 
753  } SMARTLIST_FOREACH_END(rs);
754 
755  nodelist_purge();
756 
757  /* Now add all the nodes we have to the address set. */
758  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
760  } SMARTLIST_FOREACH_END(node);
761  /* Then, add all trusted configured directories. Some might not be in the
762  * consensus so make sure we know them. */
764 
765  if (! authdir) {
766  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
767  /* We have no routerstatus for this router. Clear flags so we can skip
768  * it, maybe.*/
769  if (!node->rs) {
770  tor_assert(node->ri); /* if it had only an md, or nothing, purge
771  * would have removed it. */
772  if (node->ri->purpose == ROUTER_PURPOSE_GENERAL) {
773  /* Clear all flags. */
774  node->is_valid = node->is_running = node->is_hs_dir =
775  node->is_fast = node->is_stable =
776  node->is_possible_guard = node->is_exit =
777  node->is_bad_exit = node->ipv6_preferred = 0;
778  }
779  }
780  } SMARTLIST_FOREACH_END(node);
781  }
782 
783  /* If the consensus is live, note down the consensus valid-after that formed
784  * the nodelist. */
785  if (networkstatus_is_live(ns, approx_time())) {
786  the_nodelist->live_consensus_valid_after = ns->valid_after;
787  }
788 }
789 
790 /** Return 1 iff <b>node</b> has Exit flag and no BadExit flag.
791  * Otherwise, return 0.
792  */
793 int
795 {
796  return node->is_exit && ! node->is_bad_exit;
797 }
798 
799 /** Helper: return true iff a node has a usable amount of information*/
800 static inline int
801 node_is_usable(const node_t *node)
802 {
803  return (node->rs) || (node->ri);
804 }
805 
806 /** Tell the nodelist that <b>md</b> is no longer a microdescriptor for the
807  * node with <b>identity_digest</b>. */
808 void
809 nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
810 {
811  node_t *node = node_get_mutable_by_id(identity_digest);
812  if (node && node->md == md) {
813  node->md = NULL;
814  md->held_by_nodes--;
815  if (! node_get_ed25519_id(node)) {
817  }
818  }
819 }
820 
821 /** Tell the nodelist that <b>ri</b> is no longer in the routerlist. */
822 void
824 {
825  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
826  if (node && node->ri == ri) {
827  node->ri = NULL;
828  if (! node_is_usable(node)) {
829  nodelist_drop_node(node, 1);
830  node_free(node);
831  }
832  }
833 }
834 
835 /** Remove <b>node</b> from the nodelist. (Asserts that it was there to begin
836  * with.) */
837 static void
838 nodelist_drop_node(node_t *node, int remove_from_ht)
839 {
840  node_t *tmp;
841  int idx;
842  if (remove_from_ht) {
843  tmp = HT_REMOVE(nodelist_map, &the_nodelist->nodes_by_id, node);
844  tor_assert(tmp == node);
845  }
847 
848  idx = node->nodelist_idx;
849  tor_assert(idx >= 0);
850 
851  tor_assert(node == smartlist_get(the_nodelist->nodes, idx));
852  smartlist_del(the_nodelist->nodes, idx);
853  if (idx < smartlist_len(the_nodelist->nodes)) {
854  tmp = smartlist_get(the_nodelist->nodes, idx);
855  tmp->nodelist_idx = idx;
856  }
857  node->nodelist_idx = -1;
858 }
859 
860 /** Return a newly allocated smartlist of the nodes that have <b>md</b> as
861  * their microdescriptor. */
862 smartlist_t *
864 {
865  smartlist_t *result = smartlist_new();
866 
867  if (the_nodelist == NULL)
868  return result;
869 
870  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
871  if (node->md == md) {
872  smartlist_add(result, node);
873  }
874  } SMARTLIST_FOREACH_END(node);
875 
876  return result;
877 }
878 
879 /** Release storage held by <b>node</b> */
880 static void
882 {
883  if (!node)
884  return;
885  if (node->md)
886  node->md->held_by_nodes--;
887  tor_assert(node->nodelist_idx == -1);
888  tor_free(node);
889 }
890 
891 /** Remove all entries from the nodelist that don't have enough info to be
892  * usable for anything. */
893 void
895 {
896  node_t **iter;
897  if (PREDICT_UNLIKELY(the_nodelist == NULL))
898  return;
899 
900  /* Remove the non-usable nodes. */
901  for (iter = HT_START(nodelist_map, &the_nodelist->nodes_by_id); iter; ) {
902  node_t *node = *iter;
903 
904  if (node->md && !node->rs) {
905  /* An md is only useful if there is an rs. */
906  node->md->held_by_nodes--;
907  node->md = NULL;
908  }
909 
910  if (node_is_usable(node)) {
911  iter = HT_NEXT(nodelist_map, &the_nodelist->nodes_by_id, iter);
912  } else {
913  iter = HT_NEXT_RMV(nodelist_map, &the_nodelist->nodes_by_id, iter);
914  nodelist_drop_node(node, 0);
915  node_free(node);
916  }
917  }
919 }
920 
921 /** Release all storage held by the nodelist. */
922 void
924 {
925  if (PREDICT_UNLIKELY(the_nodelist == NULL))
926  return;
927 
928  HT_CLEAR(nodelist_map, &the_nodelist->nodes_by_id);
929  HT_CLEAR(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
930  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
931  node->nodelist_idx = -1;
932  node_free(node);
933  } SMARTLIST_FOREACH_END(node);
934 
935  smartlist_free(the_nodelist->nodes);
936 
937  address_set_free(the_nodelist->node_addrs);
938  the_nodelist->node_addrs = NULL;
939  digestmap_free(the_nodelist->reentry_set, NULL);
940  the_nodelist->reentry_set = NULL;
941 
943 }
944 
945 /** Check that the nodelist is internally consistent, and consistent with
946  * the directory info it's derived from.
947  */
948 void
950 {
953  digestmap_t *dm;
954 
955  if (!the_nodelist)
956  return;
957 
958  dm = digestmap_new();
959 
960  /* every routerinfo in rl->routers should be in the nodelist. */
961  if (rl) {
963  const node_t *node = node_get_by_id(ri->cache_info.identity_digest);
964  tor_assert(node && node->ri == ri);
965  tor_assert(fast_memeq(ri->cache_info.identity_digest,
966  node->identity, DIGEST_LEN));
967  tor_assert(! digestmap_get(dm, node->identity));
968  digestmap_set(dm, node->identity, (void*)node);
969  } SMARTLIST_FOREACH_END(ri);
970  }
971 
972  /* every routerstatus in ns should be in the nodelist */
973  if (ns) {
975  const node_t *node = node_get_by_id(rs->identity_digest);
976  tor_assert(node && node->rs == rs);
977  tor_assert(fast_memeq(rs->identity_digest, node->identity, DIGEST_LEN));
978  digestmap_set(dm, node->identity, (void*)node);
979  if (ns->flavor == FLAV_MICRODESC) {
980  /* If it's a microdesc consensus, every entry that has a
981  * microdescriptor should be in the nodelist.
982  */
983  microdesc_t *md =
984  microdesc_cache_lookup_by_digest256(NULL, rs->descriptor_digest);
985  tor_assert(md == node->md);
986  if (md)
987  tor_assert(md->held_by_nodes >= 1);
988  }
989  } SMARTLIST_FOREACH_END(rs);
990  }
991 
992  /* The nodelist should have no other entries, and its entries should be
993  * well-formed. */
994  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
995  tor_assert(digestmap_get(dm, node->identity) != NULL);
996  tor_assert(node_sl_idx == node->nodelist_idx);
997  } SMARTLIST_FOREACH_END(node);
998 
999  /* Every node listed with an ed25519 identity should be listed by that
1000  * identity.
1001  */
1002  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1003  if (!ed25519_public_key_is_zero(&node->ed25519_id)) {
1004  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
1005  }
1006  } SMARTLIST_FOREACH_END(node);
1007 
1008  node_t **idx;
1009  HT_FOREACH(idx, nodelist_ed_map, &the_nodelist->nodes_by_ed_id) {
1010  node_t *node = *idx;
1011  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
1012  }
1013 
1014  tor_assert((long)smartlist_len(the_nodelist->nodes) ==
1015  (long)HT_SIZE(&the_nodelist->nodes_by_id));
1016 
1017  tor_assert((long)smartlist_len(the_nodelist->nodes) >=
1018  (long)HT_SIZE(&the_nodelist->nodes_by_ed_id));
1019 
1020  digestmap_free(dm, NULL);
1021 }
1022 
1023 /** Ensure that the nodelist has been created with the most recent consensus.
1024  * If that's not the case, make it so. */
1025 void
1027 {
1028  tor_assert(ns);
1029 
1030  /* We don't even have a nodelist: this is a NOP. */
1031  if (!the_nodelist) {
1032  return;
1033  }
1034 
1035  if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
1036  log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
1037  (int) the_nodelist->live_consensus_valid_after,
1038  (int) ns->valid_after);
1040  }
1041 }
1042 
1043 /** Return a list of a node_t * for every node we know about. The caller
1044  * MUST NOT modify the list. (You can set and clear flags in the nodes if
1045  * you must, but you must not add or remove nodes.) */
1046 MOCK_IMPL(const smartlist_t *,
1048 {
1049  init_nodelist();
1050  return the_nodelist->nodes;
1051 }
1052 
1053 /** Given a hex-encoded nickname of the format DIGEST, $DIGEST, $DIGEST=name,
1054  * or $DIGEST~name, return the node with the matching identity digest and
1055  * nickname (if any). Return NULL if no such node exists, or if <b>hex_id</b>
1056  * is not well-formed. DOCDOC flags */
1057 const node_t *
1058 node_get_by_hex_id(const char *hex_id, unsigned flags)
1059 {
1060  char digest_buf[DIGEST_LEN];
1061  char nn_buf[MAX_NICKNAME_LEN+1];
1062  char nn_char='\0';
1063 
1064  (void) flags; // XXXX
1065 
1066  if (hex_digest_nickname_decode(hex_id, digest_buf, &nn_char, nn_buf)==0) {
1067  const node_t *node = node_get_by_id(digest_buf);
1068  if (!node)
1069  return NULL;
1070  if (nn_char == '=') {
1071  /* "=" indicates a Named relay, but there aren't any of those now. */
1072  return NULL;
1073  }
1074  return node;
1075  }
1076 
1077  return NULL;
1078 }
1079 
1080 /** Given a nickname (possibly verbose, possibly a hexadecimal digest), return
1081  * the corresponding node_t, or NULL if none exists. Warn the user if they
1082  * have specified a router by nickname, unless the NNF_NO_WARN_UNNAMED bit is
1083  * set in <b>flags</b>. */
1084 MOCK_IMPL(const node_t *,
1085 node_get_by_nickname,(const char *nickname, unsigned flags))
1086 {
1087  const int warn_if_unnamed = !(flags & NNF_NO_WARN_UNNAMED);
1088 
1089  if (!the_nodelist)
1090  return NULL;
1091 
1092  /* Handle these cases: DIGEST, $DIGEST, $DIGEST=name, $DIGEST~name. */
1093  {
1094  const node_t *node;
1095  if ((node = node_get_by_hex_id(nickname, flags)) != NULL)
1096  return node;
1097  }
1098 
1099  if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1100  return NULL;
1101 
1102  /* Okay, so the name is not canonical for anybody. */
1103  {
1104  smartlist_t *matches = smartlist_new();
1105  const node_t *choice = NULL;
1106 
1107  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1108  if (!strcasecmp(node_get_nickname(node), nickname))
1109  smartlist_add(matches, node);
1110  } SMARTLIST_FOREACH_END(node);
1111 
1112  if (smartlist_len(matches)>1 && warn_if_unnamed) {
1113  int any_unwarned = 0;
1114  SMARTLIST_FOREACH_BEGIN(matches, node_t *, node) {
1115  if (!node->name_lookup_warned) {
1116  node->name_lookup_warned = 1;
1117  any_unwarned = 1;
1118  }
1119  } SMARTLIST_FOREACH_END(node);
1120 
1121  if (any_unwarned) {
1122  log_warn(LD_CONFIG, "There are multiple matches for the name %s. "
1123  "Choosing one arbitrarily.", nickname);
1124  }
1125  } else if (smartlist_len(matches)==1 && warn_if_unnamed) {
1126  char fp[HEX_DIGEST_LEN+1];
1127  node_t *node = smartlist_get(matches, 0);
1128  if (! node->name_lookup_warned) {
1129  base16_encode(fp, sizeof(fp), node->identity, DIGEST_LEN);
1130  log_warn(LD_CONFIG,
1131  "You specified a relay \"%s\" by name, but nicknames can be "
1132  "used by any relay, not just the one you meant. "
1133  "To make sure you get the same relay in the future, refer "
1134  "to it by key, as \"$%s\".", nickname, fp);
1135  node->name_lookup_warned = 1;
1136  }
1137  }
1138 
1139  if (smartlist_len(matches))
1140  choice = smartlist_get(matches, 0);
1141 
1142  smartlist_free(matches);
1143  return choice;
1144  }
1145 }
1146 
1147 /** Return the Ed25519 identity key for the provided node, or NULL if it
1148  * doesn't have one. */
1151 {
1152  const ed25519_public_key_t *ri_pk = NULL;
1153  const ed25519_public_key_t *md_pk = NULL;
1154 
1155  if (node->ri) {
1156  if (node->ri->cache_info.signing_key_cert) {
1157  ri_pk = &node->ri->cache_info.signing_key_cert->signing_key;
1158  /* Checking whether routerinfo ed25519 is all zero.
1159  * Our descriptor parser should make sure this never happens. */
1160  if (BUG(ed25519_public_key_is_zero(ri_pk)))
1161  ri_pk = NULL;
1162  }
1163  }
1164 
1165  if (node->md) {
1166  if (node->md->ed25519_identity_pkey) {
1167  md_pk = node->md->ed25519_identity_pkey;
1168  /* Checking whether microdesc ed25519 is all zero.
1169  * Our descriptor parser should make sure this never happens. */
1170  if (BUG(ed25519_public_key_is_zero(md_pk)))
1171  md_pk = NULL;
1172  }
1173  }
1174 
1175  if (ri_pk && md_pk) {
1176  if (ed25519_pubkey_eq(ri_pk, md_pk)) {
1177  return ri_pk;
1178  } else {
1179  /* This can happen if the relay gets flagged NoEdConsensus which will be
1180  * triggered on all relays of the network. Thus a protocol warning. */
1181  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1182  "Inconsistent ed25519 identities in the nodelist");
1183  return NULL;
1184  }
1185  } else if (ri_pk) {
1186  return ri_pk;
1187  } else {
1188  return md_pk;
1189  }
1190 }
1191 
1192 /** Return true iff this node's Ed25519 identity matches <b>id</b>.
1193  * (An absent Ed25519 identity matches NULL or zero.) */
1194 int
1196 {
1197  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
1198  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
1199  return id == NULL || ed25519_public_key_is_zero(id);
1200  } else {
1201  return id && ed25519_pubkey_eq(node_id, id);
1202  }
1203 }
1204 
1205 /** Dummy object that should be unreturnable. Used to ensure that
1206  * node_get_protover_summary_flags() always returns non-NULL. */
1208  0,0,0,0,0,0,0,0,0,0,0,0
1209 };
1210 
1211 /** Return the protover_summary_flags for a given node. */
1212 static const protover_summary_flags_t *
1214 {
1215  if (node->rs) {
1216  return &node->rs->pv;
1217  } else if (node->ri) {
1218  return &node->ri->pv;
1219  } else {
1220  /* This should be impossible: every node should have a routerstatus or a
1221  * router descriptor or both. But just in case we've messed up somehow,
1222  * return a nice empty set of flags to indicate "this node supports
1223  * nothing." */
1224  tor_assert_nonfatal_unreached_once();
1225  return &zero_protover_flags;
1226  }
1227 }
1228 
1229 /** Return true iff <b>node</b> supports authenticating itself
1230  * by ed25519 ID during the link handshake. If <b>compatible_with_us</b>,
1231  * it needs to be using a link authentication method that we understand.
1232  * If not, any plausible link authentication method will do. */
1233 MOCK_IMPL(bool,
1235  bool compatible_with_us))
1236 {
1237  if (! node_get_ed25519_id(node))
1238  return 0;
1239 
1241 
1242  if (compatible_with_us)
1244  else
1246 }
1247 
1248 /** Return true iff <b>node</b> supports the hidden service directory version
1249  * 3 protocol (proposal 224). */
1250 bool
1252 {
1253  tor_assert(node);
1254 
1256 }
1257 
1258 /** Return true iff <b>node</b> supports ed25519 authentication as an hidden
1259  * service introduction point.*/
1260 bool
1262 {
1263  tor_assert(node);
1264 
1266 }
1267 
1268 /** Return true iff <b>node</b> can be a rendezvous point for hidden
1269  * service version 3 (HSRend=2). */
1270 bool
1272 {
1273  tor_assert(node);
1274 
1275  /* We can't use a v3 rendezvous point without the curve25519 onion pk. */
1276  if (!node_get_curve25519_onion_key(node)) {
1277  return 0;
1278  }
1279 
1281 }
1282 
1283 /** Return true iff <b>node</b> supports the DoS ESTABLISH_INTRO cell
1284  * extension. */
1285 bool
1287 {
1288  tor_assert(node);
1289 
1290  return node_get_protover_summary_flags(node)->
1291  supports_establish_intro_dos_extension;
1292 }
1293 
1294 /** Return true iff <b>node</b> can initiate IPv6 extends (Relay=3).
1295  *
1296  * This check should only be performed by client path selection code.
1297  *
1298  * Extending relays should check their own IPv6 support using
1299  * router_can_extend_over_ipv6(). Like other extends, they should not verify
1300  * the link specifiers in the extend cell against the consensus, because it
1301  * may be out of date. */
1302 bool
1304 {
1305  tor_assert(node);
1306 
1307  /* Relays can't initiate an IPv6 extend, unless they have an IPv6 ORPort. */
1308  if (!node_has_ipv6_orport(node)) {
1309  return 0;
1310  }
1311 
1312  /* Initiating relays also need to support the relevant protocol version. */
1313  return
1315 }
1316 
1317 /** Return true iff <b>node</b> can accept IPv6 extends (Relay=2 or Relay=3)
1318  * from other relays. If <b>need_canonical_ipv6_conn</b> is true, also check
1319  * if the relay supports canonical IPv6 connections (Relay=3 only).
1320  *
1321  * This check should only be performed by client path selection code.
1322  */
1323 bool
1325  bool need_canonical_ipv6_conn)
1326 {
1327  tor_assert(node);
1328 
1329  /* Relays can't accept an IPv6 extend, unless they have an IPv6 ORPort. */
1330  if (!node_has_ipv6_orport(node)) {
1331  return 0;
1332  }
1333 
1334  /* Accepting relays also need to support the relevant protocol version. */
1335  if (need_canonical_ipv6_conn) {
1336  return
1338  } else {
1339  return
1341  }
1342 }
1343 
1344 /** Return the RSA ID key's SHA1 digest for the provided node. */
1345 const uint8_t *
1347 {
1348  tor_assert(node);
1349  return (const uint8_t*)node->identity;
1350 }
1351 
1352 /* Returns a new smartlist with all possible link specifiers from node:
1353  * - legacy ID is mandatory thus MUST be present in node;
1354  * - include ed25519 link specifier if present in the node, and the node
1355  * supports ed25519 link authentication, and:
1356  * - if direct_conn is true, its link versions are compatible with us,
1357  * - if direct_conn is false, regardless of its link versions;
1358  * - include IPv4 link specifier, if the primary address is not IPv4, log a
1359  * BUG() warning, and return an empty smartlist;
1360  * - include IPv6 link specifier if present in the node.
1361  *
1362  * If node is NULL, returns an empty smartlist.
1363  *
1364  * The smartlist must be freed using link_specifier_smartlist_free(). */
1366 node_get_link_specifier_smartlist,(const node_t *node, bool direct_conn))
1367 {
1368  link_specifier_t *ls;
1369  tor_addr_port_t ap;
1370  smartlist_t *lspecs = smartlist_new();
1371 
1372  if (!node)
1373  return lspecs;
1374 
1375  /* Get the relay's IPv4 address. */
1376  node_get_prim_orport(node, &ap);
1377 
1378  /* We expect the node's primary address to be a valid IPv4 address.
1379  * This conforms to the protocol, which requires either an IPv4 or IPv6
1380  * address (or both). */
1381  if (BUG(!tor_addr_is_v4(&ap.addr)) ||
1382  BUG(!tor_addr_port_is_valid_ap(&ap, 0))) {
1383  return lspecs;
1384  }
1385 
1386  ls = link_specifier_new();
1387  link_specifier_set_ls_type(ls, LS_IPV4);
1388  link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ap.addr));
1389  link_specifier_set_un_ipv4_port(ls, ap.port);
1390  /* Four bytes IPv4 and two bytes port. */
1391  link_specifier_set_ls_len(ls, sizeof(ap.addr.addr.in_addr) +
1392  sizeof(ap.port));
1393  smartlist_add(lspecs, ls);
1394 
1395  /* Legacy ID is mandatory and will always be present in node. */
1396  ls = link_specifier_new();
1397  link_specifier_set_ls_type(ls, LS_LEGACY_ID);
1398  memcpy(link_specifier_getarray_un_legacy_id(ls), node->identity,
1399  link_specifier_getlen_un_legacy_id(ls));
1400  link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
1401  smartlist_add(lspecs, ls);
1402 
1403  /* ed25519 ID is only included if the node has it, and the node declares a
1404  protocol version that supports ed25519 link authentication.
1405  If direct_conn is true, we also require that the node's link version is
1406  compatible with us. (Otherwise, we will be sending the ed25519 key
1407  to another tor, which may support different link versions.) */
1408  if (!ed25519_public_key_is_zero(&node->ed25519_id) &&
1409  node_supports_ed25519_link_authentication(node, direct_conn)) {
1410  ls = link_specifier_new();
1411  link_specifier_set_ls_type(ls, LS_ED25519_ID);
1412  memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id,
1413  link_specifier_getlen_un_ed25519_id(ls));
1414  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
1415  smartlist_add(lspecs, ls);
1416  }
1417 
1418  /* Check for IPv6. If so, include it as well. */
1419  if (node_has_ipv6_orport(node)) {
1420  ls = link_specifier_new();
1421  node_get_pref_ipv6_orport(node, &ap);
1422  link_specifier_set_ls_type(ls, LS_IPV6);
1423  size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls);
1424  const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ap.addr);
1425  uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls);
1426  memcpy(ipv6_array, in6_addr, addr_len);
1427  link_specifier_set_un_ipv6_port(ls, ap.port);
1428  /* Sixteen bytes IPv6 and two bytes port. */
1429  link_specifier_set_ls_len(ls, addr_len + sizeof(ap.port));
1430  smartlist_add(lspecs, ls);
1431  }
1432 
1433  return lspecs;
1434 }
1435 
1436 /* Free a link specifier list. */
1437 void
1438 link_specifier_smartlist_free_(smartlist_t *ls_list)
1439 {
1440  if (!ls_list)
1441  return;
1442 
1443  SMARTLIST_FOREACH(ls_list, link_specifier_t *, lspec,
1444  link_specifier_free(lspec));
1445  smartlist_free(ls_list);
1446 }
1447 
1448 /** Return the nickname of <b>node</b>, or NULL if we can't find one. */
1449 const char *
1451 {
1452  tor_assert(node);
1453  if (node->rs)
1454  return node->rs->nickname;
1455  else if (node->ri)
1456  return node->ri->nickname;
1457  else
1458  return NULL;
1459 }
1460 
1461 /** Return true iff <b>node</b> appears to be a directory authority or
1462  * directory cache */
1463 int
1464 node_is_dir(const node_t *node)
1465 {
1466  if (node->rs) {
1467  routerstatus_t * rs = node->rs;
1468  /* This is true if supports_tunnelled_dir_requests is true which
1469  * indicates that we support directory request tunnelled or through the
1470  * DirPort. */
1471  return rs->is_v2_dir;
1472  } else if (node->ri) {
1473  routerinfo_t * ri = node->ri;
1474  /* Both tunnelled request is supported or DirPort is set. */
1476  } else {
1477  return 0;
1478  }
1479 }
1480 
1481 /** Return true iff <b>node</b> has either kind of descriptor -- that
1482  * is, a routerdescriptor or a microdescriptor.
1483  *
1484  * You should probably use node_has_preferred_descriptor() instead.
1485  **/
1486 int
1488 {
1489  return (node->ri ||
1490  (node->rs && node->md));
1491 }
1492 
1493 /** Return true iff <b>node</b> has the kind of descriptor we would prefer to
1494  * use for it, given our configuration and how we intend to use the node.
1495  *
1496  * If <b>for_direct_connect</b> is true, we intend to connect to the node
1497  * directly, as the first hop of a circuit; otherwise, we intend to connect to
1498  * it indirectly, or use it as if we were connecting to it indirectly. */
1499 int
1501  int for_direct_connect)
1502 {
1503  const int is_bridge = node_is_a_configured_bridge(node);
1504  const int we_use_mds = we_use_microdescriptors_for_circuits(get_options());
1505 
1506  if ((is_bridge && for_direct_connect) || !we_use_mds) {
1507  /* We need an ri in this case. */
1508  if (!node->ri)
1509  return 0;
1510  } else {
1511  /* Otherwise we need an rs and an md. */
1512  if (node->rs == NULL || node->md == NULL)
1513  return 0;
1514  }
1515 
1516  return 1;
1517 }
1518 
1519 /** Return the router_purpose of <b>node</b>. */
1520 int
1522 {
1523  if (node->ri)
1524  return node->ri->purpose;
1525  else
1526  return ROUTER_PURPOSE_GENERAL;
1527 }
1528 
1529 /** Compute the verbose ("extended") nickname of <b>node</b> and store it
1530  * into the MAX_VERBOSE_NICKNAME_LEN+1 character buffer at
1531  * <b>verbose_name_out</b> */
1532 void
1534  char *verbose_name_out)
1535 {
1536  const char *nickname = node_get_nickname(node);
1537  verbose_name_out[0] = '$';
1538  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, node->identity,
1539  DIGEST_LEN);
1540  if (!nickname)
1541  return;
1542  verbose_name_out[1+HEX_DIGEST_LEN] = '~';
1543  strlcpy(verbose_name_out+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
1544 }
1545 
1546 /** Compute the verbose ("extended") nickname of node with
1547  * given <b>id_digest</b> and store it into the MAX_VERBOSE_NICKNAME_LEN+1
1548  * character buffer at <b>verbose_name_out</b>
1549  *
1550  * If node_get_by_id() returns NULL, base 16 encoding of
1551  * <b>id_digest</b> is returned instead. */
1552 void
1553 node_get_verbose_nickname_by_id(const char *id_digest,
1554  char *verbose_name_out)
1555 {
1556  const node_t *node = node_get_by_id(id_digest);
1557  if (!node) {
1558  verbose_name_out[0] = '$';
1559  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
1560  } else {
1561  node_get_verbose_nickname(node, verbose_name_out);
1562  }
1563 }
1564 
1565 /** Return true iff it seems that <b>node</b> allows circuits to exit
1566  * through it directlry from the client. */
1567 int
1569 {
1570  if (node && node->ri)
1571  return node->ri->allow_single_hop_exits;
1572  else
1573  return 0;
1574 }
1575 
1576 /** Return true iff it seems that <b>node</b> has an exit policy that doesn't
1577  * actually permit anything to exit, or we don't know its exit policy */
1578 int
1580 {
1581  if (node->rejects_all)
1582  return 1;
1583 
1584  if (node->ri)
1585  return node->ri->policy_is_reject_star;
1586  else if (node->md)
1587  return node->md->policy_is_reject_star;
1588  else
1589  return 1;
1590 }
1591 
1592 /** Return true iff the exit policy for <b>node</b> is such that we can treat
1593  * rejecting an address of type <b>family</b> unexpectedly as a sign of that
1594  * node's failure. */
1595 int
1597 {
1598  if (family == AF_UNSPEC) {
1599  return 1; /* Rejecting an address but not telling us what address
1600  * is a bad sign. */
1601  } else if (family == AF_INET) {
1602  return node->ri != NULL;
1603  } else if (family == AF_INET6) {
1604  return 0;
1605  }
1607  return 1;
1608 }
1609 
1610 /* Check if the "addr" and port_field fields from r are a valid non-listening
1611  * address/port. If so, set valid to true and add a newly allocated
1612  * tor_addr_port_t containing "addr" and port_field to sl.
1613  * "addr" is an IPv4 host-order address and port_field is a uint16_t.
1614  * r is typically a routerinfo_t or routerstatus_t.
1615  */
1616 #define SL_ADD_NEW_AP(r, addr_field, port_field, sl, valid) \
1617  STMT_BEGIN \
1618  if (tor_addr_port_is_valid(&(r)->addr_field, (r)->port_field, 0)) { \
1619  valid = 1; \
1620  tor_addr_port_t *ap = tor_addr_port_new(&(r)->addr_field, \
1621  (r)->port_field); \
1622  smartlist_add((sl), ap); \
1623  } \
1624  STMT_END
1625 
1626 /** Return list of tor_addr_port_t with all OR ports (in the sense IP
1627  * addr + TCP port) for <b>node</b>. Caller must free all elements
1628  * using tor_free() and free the list using smartlist_free().
1629  *
1630  * XXX this is potentially a memory fragmentation hog -- if on
1631  * critical path consider the option of having the caller allocate the
1632  * memory
1633  */
1634 smartlist_t *
1636 {
1637  smartlist_t *sl = smartlist_new();
1638  int valid = 0;
1639 
1640  /* Find a valid IPv4 address and port */
1641  if (node->ri != NULL) {
1642  SL_ADD_NEW_AP(node->ri, ipv4_addr, ipv4_orport, sl, valid);
1643  }
1644 
1645  /* If we didn't find a valid address/port in the ri, try the rs */
1646  if (!valid && node->rs != NULL) {
1647  SL_ADD_NEW_AP(node->rs, ipv4_addr, ipv4_orport, sl, valid);
1648  }
1649 
1650  /* Find a valid IPv6 address and port */
1651  valid = 0;
1652  if (node->ri != NULL) {
1653  SL_ADD_NEW_AP(node->ri, ipv6_addr, ipv6_orport, sl, valid);
1654  }
1655 
1656  if (!valid && node->rs != NULL) {
1657  SL_ADD_NEW_AP(node->rs, ipv6_addr, ipv6_orport, sl, valid);
1658  }
1659 
1660  if (!valid && node->md != NULL) {
1661  SL_ADD_NEW_AP(node->md, ipv6_addr, ipv6_orport, sl, valid);
1662  }
1663 
1664  return sl;
1665 }
1666 
1667 #undef SL_ADD_NEW_AP
1668 
1669 /** Wrapper around node_get_prim_orport for backward
1670  compatibility. */
1671 void
1672 node_get_addr(const node_t *node, tor_addr_t *addr_out)
1673 {
1674  tor_addr_port_t ap;
1675  node_get_prim_orport(node, &ap);
1676  tor_addr_copy(addr_out, &ap.addr);
1677 }
1678 
1679 /** Return the IPv4 address for <b>node</b>, or NULL if none found. */
1680 static const tor_addr_t *
1682 {
1683  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1684  * and the node might have a valid IPv4 address, yet have a zero
1685  * ORPort or DirPort.
1686  */
1687  if (node->ri && tor_addr_is_valid(&node->ri->ipv4_addr, 0)) {
1688  return &node->ri->ipv4_addr;
1689  } else if (node->rs && tor_addr_is_valid(&node->rs->ipv4_addr, 0)) {
1690  return &node->rs->ipv4_addr;
1691  }
1692  return NULL;
1693 }
1694 
1695 /** Copy a string representation of an IP address for <b>node</b> into
1696  * the <b>len</b>-byte buffer at <b>buf</b>. */
1697 void
1698 node_get_address_string(const node_t *node, char *buf, size_t len)
1699 {
1700  const tor_addr_t *ipv4_addr = node_get_prim_addr_ipv4(node);
1701 
1702  if (ipv4_addr) {
1703  tor_addr_to_str(buf, ipv4_addr, len, 0);
1704  } else if (len > 0) {
1705  buf[0] = '\0';
1706  }
1707 }
1708 
1709 /** Return <b>node</b>'s declared uptime, or -1 if it doesn't seem to have
1710  * one. */
1711 long
1713 {
1714  if (node->ri)
1715  return node->ri->uptime;
1716  else
1717  return -1;
1718 }
1719 
1720 /** Return <b>node</b>'s platform string, or NULL if we don't know it. */
1721 const char *
1723 {
1724  /* If we wanted, we could record the version in the routerstatus_t, since
1725  * the consensus lists it. We don't, though, so this function just won't
1726  * work with microdescriptors. */
1727  if (node->ri)
1728  return node->ri->platform;
1729  else
1730  return NULL;
1731 }
1732 
1733 /** Return true iff <b>node</b> is one representing this router. */
1734 int
1735 node_is_me(const node_t *node)
1736 {
1737  return router_digest_is_me(node->identity);
1738 }
1739 
1740 /* Does this node have a valid IPv6 address?
1741  * Prefer node_has_ipv6_orport() or node_has_ipv6_dirport() for
1742  * checking specific ports. */
1743 int
1744 node_has_ipv6_addr(const node_t *node)
1745 {
1746  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1747  * and the node might have a valid IPv6 address, yet have a zero
1748  * ORPort or DirPort.
1749  */
1750  if (node->ri && tor_addr_is_valid(&node->ri->ipv6_addr, 0))
1751  return 1;
1752  if (node->rs && tor_addr_is_valid(&node->rs->ipv6_addr, 0))
1753  return 1;
1754  if (node->md && tor_addr_is_valid(&node->md->ipv6_addr, 0))
1755  return 1;
1756 
1757  return 0;
1758 }
1759 
1760 /* Does this node have a valid IPv6 ORPort? */
1761 int
1762 node_has_ipv6_orport(const node_t *node)
1763 {
1764  tor_addr_port_t ipv6_orport;
1765  node_get_pref_ipv6_orport(node, &ipv6_orport);
1766  return tor_addr_port_is_valid_ap(&ipv6_orport, 0);
1767 }
1768 
1769 /* Does this node have a valid IPv6 DirPort? */
1770 int
1771 node_has_ipv6_dirport(const node_t *node)
1772 {
1773  tor_addr_port_t ipv6_dirport;
1774  node_get_pref_ipv6_dirport(node, &ipv6_dirport);
1775  return tor_addr_port_is_valid_ap(&ipv6_dirport, 0);
1776 }
1777 
1778 /** Return 1 if we prefer the IPv6 address and OR TCP port of
1779  * <b>node</b>, else 0.
1780  *
1781  * We prefer the IPv6 address if the router has an IPv6 address,
1782  * and we can use IPv6 addresses, and:
1783  * i) the node_t says that it prefers IPv6
1784  * or
1785  * ii) the router has no IPv4 OR address.
1786  *
1787  * If you don't have a node, consider looking it up.
1788  * If there is no node, use reachable_addr_prefer_ipv6_orport().
1789  */
1790 int
1792 {
1793  const or_options_t *options = get_options();
1794  tor_addr_port_t ipv4_addr;
1795  node_assert_ok(node);
1796 
1797  /* XX/teor - node->ipv6_preferred is set from
1798  * reachable_addr_prefer_ipv6_orport() each time the consensus is loaded.
1799  */
1800  node_get_prim_orport(node, &ipv4_addr);
1801  if (!reachable_addr_use_ipv6(options)) {
1802  return 0;
1803  } else if (node->ipv6_preferred ||
1804  !tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
1805  return node_has_ipv6_orport(node);
1806  }
1807  return 0;
1808 }
1809 
1810 #define RETURN_IPV4_AP(r, port_field, ap_out) \
1811  STMT_BEGIN \
1812  if (r && tor_addr_port_is_valid(&(r)->ipv4_addr, (r)->port_field, 0)) { \
1813  tor_addr_copy(&(ap_out)->addr, &(r)->ipv4_addr); \
1814  (ap_out)->port = (r)->port_field; \
1815  } \
1816  STMT_END
1817 
1818 /** Copy the primary (IPv4) OR port (IP address and TCP port) for <b>node</b>
1819  * into *<b>ap_out</b>. */
1820 void
1822 {
1823  node_assert_ok(node);
1824  tor_assert(ap_out);
1825 
1826  /* Clear the address, as a safety precaution if calling functions ignore the
1827  * return value */
1828  tor_addr_make_null(&ap_out->addr, AF_INET);
1829  ap_out->port = 0;
1830 
1831  /* Check ri first, because rewrite_node_address_for_bridge() updates
1832  * node->ri with the configured bridge address. */
1833 
1834  RETURN_IPV4_AP(node->ri, ipv4_orport, ap_out);
1835  RETURN_IPV4_AP(node->rs, ipv4_orport, ap_out);
1836  /* Microdescriptors only have an IPv6 address */
1837 }
1838 
1839 /** Copy the preferred OR port (IP address and TCP port) for
1840  * <b>node</b> into *<b>ap_out</b>. */
1841 void
1843 {
1844  tor_assert(ap_out);
1845 
1846  if (node_ipv6_or_preferred(node)) {
1847  node_get_pref_ipv6_orport(node, ap_out);
1848  } else {
1849  /* the primary ORPort is always on IPv4 */
1850  node_get_prim_orport(node, ap_out);
1851  }
1852 }
1853 
1854 /** Copy the preferred IPv6 OR port (IP address and TCP port) for
1855  * <b>node</b> into *<b>ap_out</b>. */
1856 void
1858 {
1859  node_assert_ok(node);
1860  tor_assert(ap_out);
1861  memset(ap_out, 0, sizeof(*ap_out));
1862 
1863  /* Check ri first, because rewrite_node_address_for_bridge() updates
1864  * node->ri with the configured bridge address.
1865  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1866  * Check if the address or port are valid, and try another alternative
1867  * if they are not. */
1868 
1869  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1870  node->ri->ipv6_orport, 0)) {
1871  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1872  ap_out->port = node->ri->ipv6_orport;
1873  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1874  node->rs->ipv6_orport, 0)) {
1875  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1876  ap_out->port = node->rs->ipv6_orport;
1877  } else if (node->md && tor_addr_port_is_valid(&node->md->ipv6_addr,
1878  node->md->ipv6_orport, 0)) {
1879  tor_addr_copy(&ap_out->addr, &node->md->ipv6_addr);
1880  ap_out->port = node->md->ipv6_orport;
1881  } else {
1882  tor_addr_make_null(&ap_out->addr, AF_INET6);
1883  ap_out->port = 0;
1884  }
1885 }
1886 
1887 /** Return 1 if we prefer the IPv6 address and Dir TCP port of
1888  * <b>node</b>, else 0.
1889  *
1890  * We prefer the IPv6 address if the router has an IPv6 address,
1891  * and we can use IPv6 addresses, and:
1892  * i) the router has no IPv4 Dir address.
1893  * or
1894  * ii) our preference is for IPv6 Dir addresses.
1895  *
1896  * If there is no node, use reachable_addr_prefer_ipv6_dirport().
1897  */
1898 int
1900 {
1901  const or_options_t *options = get_options();
1902  tor_addr_port_t ipv4_addr;
1903  node_assert_ok(node);
1904 
1905  /* node->ipv6_preferred is set from reachable_addr_prefer_ipv6_orport(),
1906  * so we can't use it to determine DirPort IPv6 preference.
1907  * This means that bridge clients will use IPv4 DirPorts by default.
1908  */
1909  node_get_prim_dirport(node, &ipv4_addr);
1910  if (!reachable_addr_use_ipv6(options)) {
1911  return 0;
1912  } else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
1914  return node_has_ipv6_dirport(node);
1915  }
1916  return 0;
1917 }
1918 
1919 /** Copy the primary (IPv4) Dir port (IP address and TCP port) for <b>node</b>
1920  * into *<b>ap_out</b>. */
1921 void
1923 {
1924  node_assert_ok(node);
1925  tor_assert(ap_out);
1926 
1927  /* Clear the address, as a safety precaution if calling functions ignore the
1928  * return value */
1929  tor_addr_make_null(&ap_out->addr, AF_INET);
1930  ap_out->port = 0;
1931 
1932  /* Check ri first, because rewrite_node_address_for_bridge() updates
1933  * node->ri with the configured bridge address. */
1934 
1935  RETURN_IPV4_AP(node->ri, ipv4_dirport, ap_out);
1936  RETURN_IPV4_AP(node->rs, ipv4_dirport, ap_out);
1937  /* Microdescriptors only have an IPv6 address */
1938 }
1939 
1940 #undef RETURN_IPV4_AP
1941 
1942 /** Copy the preferred Dir port (IP address and TCP port) for
1943  * <b>node</b> into *<b>ap_out</b>. */
1944 void
1946 {
1947  tor_assert(ap_out);
1948 
1949  if (node_ipv6_dir_preferred(node)) {
1950  node_get_pref_ipv6_dirport(node, ap_out);
1951  } else {
1952  /* the primary DirPort is always on IPv4 */
1953  node_get_prim_dirport(node, ap_out);
1954  }
1955 }
1956 
1957 /** Copy the preferred IPv6 Dir port (IP address and TCP port) for
1958  * <b>node</b> into *<b>ap_out</b>. */
1959 void
1961 {
1962  node_assert_ok(node);
1963  tor_assert(ap_out);
1964 
1965  /* Check ri first, because rewrite_node_address_for_bridge() updates
1966  * node->ri with the configured bridge address.
1967  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1968  * Check if the address or port are valid, and try another alternative
1969  * if they are not. */
1970 
1971  /* Assume IPv4 and IPv6 dirports are the same */
1972  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1973  node->ri->ipv4_dirport, 0)) {
1974  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1975  ap_out->port = node->ri->ipv4_dirport;
1976  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1977  node->rs->ipv4_dirport, 0)) {
1978  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1979  ap_out->port = node->rs->ipv4_dirport;
1980  } else {
1981  tor_addr_make_null(&ap_out->addr, AF_INET6);
1982  ap_out->port = 0;
1983  }
1984 }
1985 
1986 /** Return true iff <b>md</b> has a curve25519 onion key.
1987  * Use node_has_curve25519_onion_key() instead of calling this directly. */
1988 static int
1990 {
1991  if (!md) {
1992  return 0;
1993  }
1994 
1995  if (!md->onion_curve25519_pkey) {
1996  return 0;
1997  }
1998 
1999  if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
2001  return 0;
2002  }
2003 
2004  return 1;
2005 }
2006 
2007 /** Return true iff <b>node</b> has a curve25519 onion key. */
2008 int
2010 {
2011  return node_get_curve25519_onion_key(node) != NULL;
2012 }
2013 
2014 /** Return the curve25519 key of <b>node</b>, or NULL if none. */
2017 {
2018  if (!node)
2019  return NULL;
2020  if (routerinfo_has_curve25519_onion_key(node->ri))
2021  return node->ri->onion_curve25519_pkey;
2022  else if (microdesc_has_curve25519_onion_key(node->md))
2023  return node->md->onion_curve25519_pkey;
2024  else
2025  return NULL;
2026 }
2027 
2028 /* Return a newly allocacted RSA onion public key taken from the given node.
2029  *
2030  * Return NULL if node is NULL or no RSA onion public key can be found. It is
2031  * the caller responsibility to free the returned object. */
2032 crypto_pk_t *
2033 node_get_rsa_onion_key(const node_t *node)
2034 {
2035  crypto_pk_t *pk = NULL;
2036  const char *onion_pkey;
2037  size_t onion_pkey_len;
2038 
2039  if (!node) {
2040  goto end;
2041  }
2042 
2043  if (node->ri) {
2044  onion_pkey = node->ri->onion_pkey;
2045  onion_pkey_len = node->ri->onion_pkey_len;
2046  } else if (node->rs && node->md) {
2047  onion_pkey = node->md->onion_pkey;
2048  onion_pkey_len = node->md->onion_pkey_len;
2049  } else {
2050  /* No descriptor or microdescriptor. */
2051  goto end;
2052  }
2053  pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
2054 
2055  end:
2056  return pk;
2057 }
2058 
2059 /** Refresh the country code of <b>ri</b>. This function MUST be called on
2060  * each router when the GeoIP database is reloaded, and on all new routers. */
2061 void
2063 {
2064  const tor_addr_t *ipv4_addr = NULL;
2065 
2066  /* XXXXipv6 */
2067  if (node->rs)
2068  ipv4_addr = &node->rs->ipv4_addr;
2069  else if (node->ri)
2070  ipv4_addr = &node->ri->ipv4_addr;
2071 
2072  /* IPv4 is mandatory for a relay so this should not happen unless we are
2073  * attempting to set the country code on a node without a descriptor. */
2074  if (BUG(!ipv4_addr)) {
2075  node->country = -1;
2076  return;
2077  }
2078  node->country = geoip_get_country_by_addr(ipv4_addr);
2079 }
2080 
2081 /** Set the country code of all routers in the routerlist. */
2082 void
2084 {
2085  const smartlist_t *nodes = nodelist_get_list();
2086  SMARTLIST_FOREACH(nodes, node_t *, node,
2087  node_set_country(node));
2088 }
2089 
2090 /** Return true iff router1 and router2 have similar enough network addresses
2091  * that we should treat them as being in the same family */
2092 int
2094  const tor_addr_t *a2)
2095 {
2096  if (tor_addr_is_null(a1) || tor_addr_is_null(a2))
2097  return 0;
2098 
2099  switch (tor_addr_family(a1)) {
2100  case AF_INET:
2101  return 0 == tor_addr_compare_masked(a1, a2, 16, CMP_SEMANTIC);
2102  case AF_INET6:
2103  return 0 == tor_addr_compare_masked(a1, a2, 32, CMP_SEMANTIC);
2104  default:
2105  /* If not IPv4 or IPv6, return 0. */
2106  return 0;
2107  }
2108 }
2109 
2110 /** Return true if <b>node</b>'s nickname matches <b>nickname</b>
2111  * (case-insensitive), or if <b>node's</b> identity key digest
2112  * matches a hexadecimal value stored in <b>nickname</b>. Return
2113  * false otherwise. */
2114 STATIC int
2115 node_nickname_matches(const node_t *node, const char *nickname)
2116 {
2117  const char *n = node_get_nickname(node);
2118  if (n && nickname[0]!='$' && !strcasecmp(n, nickname))
2119  return 1;
2120  return hex_digest_nickname_matches(nickname,
2121  node->identity,
2122  n);
2123 }
2124 
2125 /** Return true iff <b>node</b> is named by some nickname in <b>lst</b>. */
2126 STATIC int
2128 {
2129  if (!lst) return 0;
2130  SMARTLIST_FOREACH(lst, const char *, name, {
2131  if (node_nickname_matches(node, name))
2132  return 1;
2133  });
2134  return 0;
2135 }
2136 
2137 /** Return true iff n1's declared family contains n2. */
2138 STATIC int
2139 node_family_contains(const node_t *n1, const node_t *n2)
2140 {
2141  if (n1->ri && n1->ri->declared_family) {
2142  return node_in_nickname_smartlist(n1->ri->declared_family, n2);
2143  } else if (n1->md) {
2144  return nodefamily_contains_node(n1->md->family, n2);
2145  } else {
2146  return 0;
2147  }
2148 }
2149 
2150 /**
2151  * Return true iff <b>node</b> has declared a nonempty family.
2152  **/
2153 STATIC bool
2155 {
2156  if (node->ri && node->ri->declared_family &&
2157  smartlist_len(node->ri->declared_family)) {
2158  return true;
2159  }
2160 
2161  if (node->md && node->md->family) {
2162  return true;
2163  }
2164 
2165  return false;
2166 }
2167 
2168 /**
2169  * Add to <b>out</b> every node_t that is listed by <b>node</b> as being in
2170  * its family. (Note that these nodes are not in node's family unless they
2171  * also agree that node is in their family.)
2172  **/
2173 STATIC void
2175 {
2176  if (node->ri && node->ri->declared_family &&
2177  smartlist_len(node->ri->declared_family)) {
2178  SMARTLIST_FOREACH_BEGIN(node->ri->declared_family, const char *, name) {
2179  const node_t *n2 = node_get_by_nickname(name, NNF_NO_WARN_UNNAMED);
2180  if (n2) {
2181  smartlist_add(out, (node_t *)n2);
2182  }
2183  } SMARTLIST_FOREACH_END(name);
2184  return;
2185  }
2186 
2187  if (node->md && node->md->family) {
2188  nodefamily_add_nodes_to_smartlist(node->md->family, out);
2189  }
2190 }
2191 
2192 /** Return true iff r1 and r2 are in the same family, but not the same
2193  * router. */
2194 int
2195 nodes_in_same_family(const node_t *node1, const node_t *node2)
2196 {
2197  const or_options_t *options = get_options();
2198 
2199  /* Are they in the same family because of their addresses? */
2200  if (options->EnforceDistinctSubnets) {
2201  tor_addr_t a1, a2;
2202  node_get_addr(node1, &a1);
2203  node_get_addr(node2, &a2);
2204 
2205  tor_addr_port_t ap6_1, ap6_2;
2206  node_get_pref_ipv6_orport(node1, &ap6_1);
2207  node_get_pref_ipv6_orport(node2, &ap6_2);
2208 
2209  if (router_addrs_in_same_network(&a1, &a2) ||
2210  router_addrs_in_same_network(&ap6_1.addr, &ap6_2.addr))
2211  return 1;
2212  }
2213 
2214  /* Are they in the same family because the agree they are? */
2215  if (node_family_contains(node1, node2) &&
2216  node_family_contains(node2, node1)) {
2217  return 1;
2218  }
2219 
2220  /* Are they in the same family because the user says they are? */
2221  if (options->NodeFamilySets) {
2222  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2223  if (routerset_contains_node(rs, node1) &&
2224  routerset_contains_node(rs, node2))
2225  return 1;
2226  });
2227  }
2228 
2229  return 0;
2230 }
2231 
2232 /**
2233  * Add all the family of <b>node</b>, including <b>node</b> itself, to
2234  * the smartlist <b>sl</b>.
2235  *
2236  * This is used to make sure we don't pick siblings in a single path, or
2237  * pick more than one relay from a family for our entry guard list.
2238  * Note that a node may be added to <b>sl</b> more than once if it is
2239  * part of <b>node</b>'s family for more than one reason.
2240  */
2241 void
2243 {
2244  const smartlist_t *all_nodes = nodelist_get_list();
2245  const or_options_t *options = get_options();
2246 
2247  tor_assert(node);
2248 
2249  /* Let's make sure that we have the node itself, if it's a real node. */
2250  {
2251  const node_t *real_node = node_get_by_id(node->identity);
2252  if (real_node)
2253  smartlist_add(sl, (node_t*)real_node);
2254  }
2255 
2256  /* First, add any nodes with similar network addresses. */
2257  if (options->EnforceDistinctSubnets) {
2258  tor_addr_t node_addr;
2259  tor_addr_port_t node_ap6;
2260  node_get_addr(node, &node_addr);
2261  node_get_pref_ipv6_orport(node, &node_ap6);
2262 
2263  SMARTLIST_FOREACH_BEGIN(all_nodes, const node_t *, node2) {
2264  tor_addr_t a;
2265  tor_addr_port_t ap6;
2266  node_get_addr(node2, &a);
2267  node_get_pref_ipv6_orport(node2, &ap6);
2268  if (router_addrs_in_same_network(&a, &node_addr) ||
2269  router_addrs_in_same_network(&ap6.addr, &node_ap6.addr))
2270  smartlist_add(sl, (void*)node2);
2271  } SMARTLIST_FOREACH_END(node2);
2272  }
2273 
2274  /* Now, add all nodes in the declared family of this node, if they
2275  * also declare this node to be in their family. */
2276  if (node_has_declared_family(node)) {
2277  smartlist_t *declared_family = smartlist_new();
2278  node_lookup_declared_family(declared_family, node);
2279 
2280  /* Add every r such that router declares familyness with node, and node
2281  * declares familyhood with router. */
2282  SMARTLIST_FOREACH_BEGIN(declared_family, const node_t *, node2) {
2283  if (node_family_contains(node2, node)) {
2284  smartlist_add(sl, (void*)node2);
2285  }
2286  } SMARTLIST_FOREACH_END(node2);
2287  smartlist_free(declared_family);
2288  }
2289 
2290  /* If the user declared any families locally, honor those too. */
2291  if (options->NodeFamilySets) {
2292  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2293  if (routerset_contains_node(rs, node)) {
2294  routerset_get_all_nodes(sl, rs, NULL, 0);
2295  }
2296  });
2297  }
2298 }
2299 
2300 /** Find a router that's up, that has this IP address, and
2301  * that allows exit to this address:port, or return NULL if there
2302  * isn't a good one.
2303  * Don't exit enclave to excluded relays -- it wouldn't actually
2304  * hurt anything, but this way there are fewer confused users.
2305  */
2306 const node_t *
2307 router_find_exact_exit_enclave(const char *address, uint16_t port)
2308 {/*XXXX MOVE*/
2309  struct in_addr in;
2310  tor_addr_t ipv4_addr;
2311  const or_options_t *options = get_options();
2312 
2313  if (!tor_inet_aton(address, &in))
2314  return NULL; /* it's not an IP already */
2315  tor_addr_from_in(&ipv4_addr, &in);
2316 
2317  SMARTLIST_FOREACH(nodelist_get_list(), const node_t *, node, {
2318  if (tor_addr_eq(node_get_prim_addr_ipv4(node), &ipv4_addr) &&
2319  node->is_running &&
2320  compare_tor_addr_to_node_policy(&ipv4_addr, port, node) ==
2323  return node;
2324  });
2325  return NULL;
2326 }
2327 
2328 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
2329  * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
2330  * If <b>need_capacity</b> is non-zero, we require a minimum advertised
2331  * bandwidth.
2332  * If <b>need_guard</b>, we require that the router is a possible entry guard.
2333  */
2334 int
2335 node_is_unreliable(const node_t *node, int need_uptime,
2336  int need_capacity, int need_guard)
2337 {
2338  if (need_uptime && !node->is_stable)
2339  return 1;
2340  if (need_capacity && !node->is_fast)
2341  return 1;
2342  if (need_guard && !node->is_possible_guard)
2343  return 1;
2344  return 0;
2345 }
2346 
2347 /** Return 1 if all running sufficiently-stable routers we can use will reject
2348  * addr:port. Return 0 if any might accept it. */
2349 int
2351  int need_uptime)
2352 {
2354 
2356  if (node->is_running &&
2357  !node_is_unreliable(node, need_uptime, 0, 0)) {
2358 
2359  r = compare_tor_addr_to_node_policy(addr, port, node);
2360 
2362  return 0; /* this one could be ok. good enough. */
2363  }
2364  } SMARTLIST_FOREACH_END(node);
2365  return 1; /* all will reject. */
2366 }
2367 
2368 /** Mark the router with ID <b>digest</b> as running or non-running
2369  * in our routerlist. */
2370 void
2371 router_set_status(const char *digest, int up)
2372 {
2373  node_t *node;
2374  tor_assert(digest);
2375 
2376  SMARTLIST_FOREACH(router_get_fallback_dir_servers(),
2377  dir_server_t *, d,
2378  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2379  d->is_running = up);
2380 
2381  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2382  dir_server_t *, d,
2383  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2384  d->is_running = up);
2385 
2386  node = node_get_mutable_by_id(digest);
2387  if (node) {
2388 #if 0
2389  log_debug(LD_DIR,"Marking router %s as %s.",
2390  node_describe(node), up ? "up" : "down");
2391 #endif
2392  if (!up && node_is_me(node) && !net_is_disabled())
2393  log_warn(LD_NET, "We just marked ourself as down. Are your external "
2394  "addresses reachable?");
2395 
2396  if (bool_neq(node->is_running, up))
2398 
2399  node->is_running = up;
2400  }
2401 }
2402 
2403 /** True iff, the last time we checked whether we had enough directory info
2404  * to build circuits, the answer was "yes". If there are no exits in the
2405  * consensus, we act as if we have 100% of the exit directory info. */
2406 static int have_min_dir_info = 0;
2407 
2408 /** Does the consensus contain nodes that can exit? */
2409 static consensus_path_type_t have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2410 
2411 /** True iff enough has changed since the last time we checked whether we had
2412  * enough directory info to build circuits that our old answer can no longer
2413  * be trusted. */
2415 /** String describing what we're missing before we have enough directory
2416  * info. */
2417 static char dir_info_status[512] = "";
2418 
2419 /** Return true iff we have enough consensus information to
2420  * start building circuits. Right now, this means "a consensus that's
2421  * less than a day old, and at least 60% of router descriptors (configurable),
2422  * weighted by bandwidth. Treat the exit fraction as 100% if there are
2423  * no exits in the consensus."
2424  * To obtain the final weighted bandwidth, we multiply the
2425  * weighted bandwidth fraction for each position (guard, middle, exit). */
2426 MOCK_IMPL(int,
2428 {
2429  static int logged_delay=0;
2430  const char *delay_fetches_msg = NULL;
2431  if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
2432  if (!logged_delay)
2433  log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg);
2434  logged_delay=1;
2435  strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status));
2436  return 0;
2437  }
2438  logged_delay = 0; /* reset it if we get this far */
2439 
2440  if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
2442  }
2443 
2444  return have_min_dir_info;
2445 }
2446 
2447 /** Set to CONSENSUS_PATH_EXIT if there is at least one exit node
2448  * in the consensus. We update this flag in compute_frac_paths_available if
2449  * there is at least one relay that has an Exit flag in the consensus.
2450  * Used to avoid building exit circuits when they will almost certainly fail.
2451  * Set to CONSENSUS_PATH_INTERNAL if there are no exits in the consensus.
2452  * (This situation typically occurs during bootstrap of a test network.)
2453  * Set to CONSENSUS_PATH_UNKNOWN if we have never checked, or have
2454  * reason to believe our last known value was invalid or has expired.
2455  * If we're in a network with TestingDirAuthVoteExit set,
2456  * this can cause router_have_consensus_path() to be set to
2457  * CONSENSUS_PATH_EXIT, even if there are no nodes with accept exit policies.
2458  */
2461 {
2462  return have_consensus_path;
2463 }
2464 
2465 /** Called when our internal view of the directory has changed. This can be
2466  * when the authorities change, networkstatuses change, the list of routerdescs
2467  * changes, or number of running routers changes.
2468  */
2469 void
2471 {
2475 }
2476 
2477 /** Return a string describing what we're missing before we have enough
2478  * directory info. */
2479 const char *
2481 {
2482  return dir_info_status;
2483 }
2484 
2485 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
2486  * them seem like ones we'd use (store this in *<b>num_usable</b>), and how
2487  * many of <em>those</em> we have descriptors for (store this in
2488  * *<b>num_present</b>).
2489  *
2490  * If <b>in_set</b> is non-NULL, only consider those routers in <b>in_set</b>.
2491  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_POLICY, only consider nodes
2492  * present if they have an exit policy that accepts at least one port.
2493  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_FLAG, only consider nodes
2494  * usable if they have the exit flag in the consensus.
2495  *
2496  * If *<b>descs_out</b> is present, add a node_t for each usable descriptor
2497  * to it.
2498  */
2499 static void
2500 count_usable_descriptors(int *num_present, int *num_usable,
2501  smartlist_t *descs_out,
2502  const networkstatus_t *consensus,
2503  time_t now,
2504  routerset_t *in_set,
2505  usable_descriptor_t exit_only)
2506 {
2507  const int md = (consensus->flavor == FLAV_MICRODESC);
2508  *num_present = 0, *num_usable = 0;
2509 
2511  {
2512  const node_t *node = node_get_by_id(rs->identity_digest);
2513  if (!node)
2514  continue; /* This would be a bug: every entry in the consensus is
2515  * supposed to have a node. */
2516  if ((exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) && ! rs->is_exit)
2517  continue;
2518  if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1))
2519  continue;
2520  if (client_would_use_router(rs, now)) {
2521  const char * const digest = rs->descriptor_digest;
2522  int present;
2523  ++*num_usable; /* the consensus says we want it. */
2524  if (md)
2525  present = NULL != microdesc_cache_lookup_by_digest256(NULL, digest);
2526  else
2527  present = NULL != router_get_by_descriptor_digest(digest);
2528  if (present) {
2529  /* Do the policy check last, because it requires a descriptor,
2530  * and is potentially expensive */
2531  if ((exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) &&
2533  continue;
2534  }
2535  /* we have the descriptor listed in the consensus, and it
2536  * satisfies our exit constraints (if any) */
2537  ++*num_present;
2538  }
2539  if (descs_out)
2540  smartlist_add(descs_out, (node_t*)node);
2541  }
2542  }
2543  SMARTLIST_FOREACH_END(rs);
2544 
2545  log_debug(LD_DIR, "%d usable, %d present (%s%s%s%s%s).",
2546  *num_usable, *num_present,
2547  md ? "microdesc" : "desc",
2548  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2549  " exit" : "s",
2550  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) ?
2551  " policies" : "" ,
2552  (exit_only == USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2553  " and" : "" ,
2554  (exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) ?
2555  " flags" : "" );
2556 }
2557 
2558 /** Return an estimate of which fraction of usable paths through the Tor
2559  * network we have available for use. Count how many routers seem like ones
2560  * we'd use (store this in *<b>num_usable_out</b>), and how many of
2561  * <em>those</em> we have descriptors for (store this in
2562  * *<b>num_present_out</b>.)
2563  *
2564  * If **<b>status_out</b> is present, allocate a new string and print the
2565  * available percentages of guard, middle, and exit nodes to it, noting
2566  * whether there are exits in the consensus.
2567  * If there are no exits in the consensus, we treat the exit fraction as 100%,
2568  * but set router_have_consensus_path() so that we can only build internal
2569  * paths. */
2570 static double
2572  const or_options_t *options, time_t now,
2573  int *num_present_out, int *num_usable_out,
2574  char **status_out)
2575 {
2576  smartlist_t *guards = smartlist_new();
2577  smartlist_t *mid = smartlist_new();
2578  smartlist_t *exits = smartlist_new();
2579  double f_guard, f_mid, f_exit;
2580  double f_path = 0.0;
2581  /* Used to determine whether there are any exits in the consensus */
2582  int np = 0;
2583  /* Used to determine whether there are any exits with descriptors */
2584  int nu = 0;
2585  const int authdir = authdir_mode_v3(options);
2586 
2587  count_usable_descriptors(num_present_out, num_usable_out,
2588  mid, consensus, now, options->MiddleNodes,
2589  USABLE_DESCRIPTOR_ALL);
2590  log_debug(LD_NET,
2591  "%s: %d present, %d usable",
2592  "mid",
2593  np,
2594  nu);
2595 
2596  if (options->EntryNodes) {
2597  count_usable_descriptors(&np, &nu, guards, consensus, now,
2598  options->EntryNodes, USABLE_DESCRIPTOR_ALL);
2599  log_debug(LD_NET,
2600  "%s: %d present, %d usable",
2601  "guard",
2602  np,
2603  nu);
2604  } else {
2605  SMARTLIST_FOREACH(mid, const node_t *, node, {
2606  if (authdir) {
2607  if (node->rs && node->rs->is_possible_guard)
2608  smartlist_add(guards, (node_t*)node);
2609  } else {
2610  if (node->is_possible_guard)
2611  smartlist_add(guards, (node_t*)node);
2612  }
2613  });
2614  log_debug(LD_NET,
2615  "%s: %d possible",
2616  "guard",
2617  smartlist_len(guards));
2618  }
2619 
2620  /* All nodes with exit policy and flag */
2621  count_usable_descriptors(&np, &nu, exits, consensus, now,
2622  NULL, USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2623  log_debug(LD_NET,
2624  "%s: %d present, %d usable",
2625  "exits",
2626  np,
2627  nu);
2628 
2629  /* We need at least 1 exit (flag and policy) in the consensus to consider
2630  * building exit paths */
2631  /* Update our understanding of whether the consensus has exits */
2632  consensus_path_type_t old_have_consensus_path = have_consensus_path;
2633  have_consensus_path = ((np > 0) ?
2634  CONSENSUS_PATH_EXIT :
2635  CONSENSUS_PATH_INTERNAL);
2636 
2637  if (old_have_consensus_path != have_consensus_path) {
2638  if (have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2639  log_notice(LD_NET,
2640  "The current consensus has no exit nodes. "
2641  "Tor can only build internal paths, "
2642  "such as paths to onion services.");
2643 
2644  /* However, exit nodes can reachability self-test using this consensus,
2645  * join the network, and appear in a later consensus. This will allow
2646  * the network to build exit paths, such as paths for world wide web
2647  * browsing (as distinct from hidden service web browsing). */
2648  } else if (old_have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2649  log_notice(LD_NET,
2650  "The current consensus contains exit nodes. "
2651  "Tor can build exit and internal paths.");
2652  }
2653  }
2654 
2655  f_guard = frac_nodes_with_descriptors(guards, WEIGHT_FOR_GUARD, 1);
2656  f_mid = frac_nodes_with_descriptors(mid, WEIGHT_FOR_MID, 0);
2657  f_exit = frac_nodes_with_descriptors(exits, WEIGHT_FOR_EXIT, 0);
2658 
2659  /* If we are using bridges and have at least one bridge with a full
2660  * descriptor, assume f_guard is 1.0. */
2661  if (options->UseBridges && num_bridges_usable(0) > 0)
2662  f_guard = 1.0;
2663 
2664  log_debug(LD_NET,
2665  "f_guard: %.2f, f_mid: %.2f, f_exit: %.2f",
2666  f_guard,
2667  f_mid,
2668  f_exit);
2669 
2670  smartlist_free(guards);
2671  smartlist_free(mid);
2672  smartlist_free(exits);
2673 
2674  if (options->ExitNodes) {
2675  double f_myexit, f_myexit_unflagged;
2676  smartlist_t *myexits= smartlist_new();
2677  smartlist_t *myexits_unflagged = smartlist_new();
2678 
2679  /* All nodes with exit policy and flag in ExitNodes option */
2680  count_usable_descriptors(&np, &nu, myexits, consensus, now,
2681  options->ExitNodes,
2682  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2683  log_debug(LD_NET,
2684  "%s: %d present, %d usable",
2685  "myexits",
2686  np,
2687  nu);
2688 
2689  /* Now compute the nodes in the ExitNodes option where we know their exit
2690  * policy permits something. */
2691  count_usable_descriptors(&np, &nu, myexits_unflagged,
2692  consensus, now,
2693  options->ExitNodes,
2694  USABLE_DESCRIPTOR_EXIT_POLICY);
2695  log_debug(LD_NET,
2696  "%s: %d present, %d usable",
2697  "myexits_unflagged (initial)",
2698  np,
2699  nu);
2700 
2701  f_myexit= frac_nodes_with_descriptors(myexits,WEIGHT_FOR_EXIT, 0);
2702  f_myexit_unflagged=
2703  frac_nodes_with_descriptors(myexits_unflagged,
2704  WEIGHT_FOR_EXIT, 0);
2705 
2706  log_debug(LD_NET,
2707  "f_exit: %.2f, f_myexit: %.2f, f_myexit_unflagged: %.2f",
2708  f_exit,
2709  f_myexit,
2710  f_myexit_unflagged);
2711 
2712  /* If our ExitNodes list has eliminated every possible Exit node, and there
2713  * were some possible Exit nodes, then instead consider nodes that permit
2714  * exiting to some ports. */
2715  if (smartlist_len(myexits) == 0 &&
2716  smartlist_len(myexits_unflagged)) {
2717  f_myexit = f_myexit_unflagged;
2718  }
2719 
2720  smartlist_free(myexits);
2721  smartlist_free(myexits_unflagged);
2722 
2723  /* This is a tricky point here: we don't want to make it easy for a
2724  * directory to trickle exits to us until it learns which exits we have
2725  * configured, so require that we have a threshold both of total exits
2726  * and usable exits. */
2727  if (f_myexit < f_exit)
2728  f_exit = f_myexit;
2729  }
2730 
2731  /* If the consensus has no exits that pass flag, descriptor, and policy
2732  * checks, we can only build onion service paths, which are G - M - M. */
2733  if (router_have_consensus_path() != CONSENSUS_PATH_EXIT) {
2734  /* If the exit bandwidth weight fraction is not zero, we need to wait for
2735  * descriptors for those exits. (The bandwidth weight fraction does not
2736  * check for descriptors.)
2737  * If the exit bandwidth fraction is zero, there are no exits in the
2738  * consensus at all. So it is safe to replace f_exit with f_mid.
2739  *
2740  * f_exit is non-negative, but some compilers complain about float and ==
2741  */
2742  if (f_exit <= 0.0) {
2743  f_exit = f_mid;
2744  }
2745  }
2746 
2747  f_path = f_guard * f_mid * f_exit;
2748 
2749  if (status_out)
2750  tor_asprintf(status_out,
2751  "%d%% of guards bw, "
2752  "%d%% of midpoint bw, and "
2753  "%d%% of %s = "
2754  "%d%% of path bw",
2755  (int)(f_guard*100),
2756  (int)(f_mid*100),
2757  (int)(f_exit*100),
2758  (router_have_consensus_path() == CONSENSUS_PATH_EXIT ?
2759  "exit bw" :
2760  "end bw (no exits in consensus, using mid)"),
2761  (int)(f_path*100));
2762 
2763  return f_path;
2764 }
2765 
2766 /** We just fetched a new set of descriptors. Compute how far through
2767  * the "loading descriptors" bootstrapping phase we are, so we can inform
2768  * the controller of our progress. */
2769 int
2771 {
2772  int num_present = 0, num_usable=0;
2773  time_t now = time(NULL);
2774  const or_options_t *options = get_options();
2775  const networkstatus_t *consensus =
2777  double paths, fraction;
2778 
2779  if (!consensus)
2780  return 0; /* can't count descriptors if we have no list of them */
2781 
2782  paths = compute_frac_paths_available(consensus, options, now,
2783  &num_present, &num_usable,
2784  NULL);
2785 
2786  fraction = paths / get_frac_paths_needed_for_circs(options,consensus);
2787  if (fraction > 1.0)
2788  return 0; /* it's not the number of descriptors holding us back */
2789  return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
2790  (fraction*(BOOTSTRAP_STATUS_ENOUGH_DIRINFO-1 -
2791  BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
2792 }
2793 
2794 /** Return the fraction of paths needed before we're willing to build
2795  * circuits, as configured in <b>options</b>, or in the consensus <b>ns</b>. */
2796 static double
2798  const networkstatus_t *ns)
2799 {
2800 #define DFLT_PCT_USABLE_NEEDED 60
2801  if (options->PathsNeededToBuildCircuits >= 0.0) {
2802  return options->PathsNeededToBuildCircuits;
2803  } else {
2804  return networkstatus_get_param(ns, "min_paths_for_circs_pct",
2805  DFLT_PCT_USABLE_NEEDED,
2806  25, 95)/100.0;
2807  }
2808 }
2809 
2810 /** Change the value of have_min_dir_info, setting it true iff we have enough
2811  * network and router information to build circuits. Clear the value of
2812  * need_to_update_have_min_dir_info. */
2813 static void
2815 {
2816  time_t now = time(NULL);
2817  int res;
2818  int num_present=0, num_usable=0;
2819  const or_options_t *options = get_options();
2820  const networkstatus_t *consensus =
2822  int using_md;
2823 
2824  if (!consensus) {
2826  strlcpy(dir_info_status, "We have no usable consensus.",
2827  sizeof(dir_info_status));
2828  else
2829  strlcpy(dir_info_status, "We have no recent usable consensus.",
2830  sizeof(dir_info_status));
2831  res = 0;
2832  goto done;
2833  }
2834 
2835  using_md = consensus->flavor == FLAV_MICRODESC;
2836 
2837  /* Check fraction of available paths */
2838  {
2839  char *status = NULL;
2840  double paths = compute_frac_paths_available(consensus, options, now,
2841  &num_present, &num_usable,
2842  &status);
2843 
2844  if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
2846  "We need more %sdescriptors: we have %d/%d, and "
2847  "can only build %d%% of likely paths. (We have %s.)",
2848  using_md?"micro":"", num_present, num_usable,
2849  (int)(paths*100), status);
2850  tor_free(status);
2851  res = 0;
2852  control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
2853  goto done;
2854  }
2855 
2856  tor_free(status);
2857  res = 1;
2858  }
2859 
2860  { /* Check entry guard dirinfo status */
2861  char *guard_error = entry_guards_get_err_str_if_dir_info_missing(using_md,
2862  num_present,
2863  num_usable);
2864  if (guard_error) {
2865  strlcpy(dir_info_status, guard_error, sizeof(dir_info_status));
2866  tor_free(guard_error);
2867  res = 0;
2868  goto done;
2869  }
2870  }
2871 
2872  done:
2873 
2874  /* If paths have just become available in this update. */
2875  if (res && !have_min_dir_info) {
2876  control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
2877  control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0);
2878  log_info(LD_DIR,
2879  "We now have enough directory information to build circuits.");
2880  }
2881 
2882  /* If paths have just become unavailable in this update. */
2883  if (!res && have_min_dir_info) {
2884  int quiet = dirclient_too_idle_to_fetch_descriptors(options, now);
2886  "Our directory information is no longer up-to-date "
2887  "enough to build circuits: %s", dir_info_status);
2888 
2889  /* a) make us log when we next complete a circuit, so we know when Tor
2890  * is back up and usable, and b) disable some activities that Tor
2891  * should only do while circuits are working, like reachability tests
2892  * and fetching bridge descriptors only over circuits. */
2894  have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2895  control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
2896  }
2897  have_min_dir_info = res;
2899 }
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:1005
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:750
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
int tor_addr_is_v6(const tor_addr_t *addr)
Definition: address.c:770
Headers for address.h.
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:160
#define tor_addr_to_in6_addr8(x)
Definition: address.h:135
#define tor_addr_from_in(dest, in)
Definition: address.h:331
#define tor_addr_eq(a, b)
Definition: address.h:280
address_set_t * address_set_new(int max_addresses_guess)
Definition: address_set.c:33
void address_set_add(address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:47
int address_set_probably_contains(const address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:66
Types to handle sets of addresses.
time_t approx_time(void)
Definition: approx_time.c:32
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
Header file for directory authority mode.
Header for backtrace.c.
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
Header for binascii.c.
int node_is_a_configured_bridge(const node_t *node)
Definition: bridges.c:354
Header file for circuitbuild.c.
int quiet
Definition: config.c:2442
const or_options_t * get_options(void)
Definition: config.c:919
const char * name
Definition: config.c:2434
Header file for config.c.
void control_event_boot_dir(bootstrap_status_t status, int progress)
int control_event_client_status(int severity, const char *format,...)
Header file for control_events.c.
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
const char * node_describe(const node_t *node)
Definition: describe.c:160
Header file for describe.c.
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
#define DIGEST_LEN
Definition: digest_sizes.h:20
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Trusted/fallback directory server structure.
int dirclient_too_idle_to_fetch_descriptors(const or_options_t *options, time_t now)
Header for feature/dirclient/dirclient_modes.c.
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:103
void dirlist_add_trusted_dir_addresses(void)
Definition: dirlist.c:87
Header file for dirlist.c.
char * entry_guards_get_err_str_if_dir_info_missing(int using_mds, int num_present, int num_usable)
Definition: entrynodes.c:3903
int num_bridges_usable(int use_maybe_reachable)
Definition: entrynodes.c:3412
Header file for circuitbuild.c.
int geoip_get_country_by_addr(const tor_addr_t *addr)
Definition: geoip.c:424
Header file for geoip.c.
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
void hs_client_dir_info_changed(void)
Definition: hs_client.c:2577
Header file containing client data for the HS subsystem.
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:269
uint64_t hs_get_next_time_period_num(time_t now)
Definition: hs_common.c:306
uint64_t hs_get_previous_time_period_num(time_t now)
Definition: hs_common.c:315
uint8_t * hs_get_current_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1117
void hs_build_hsdir_index(const ed25519_public_key_t *identity_pk, const uint8_t *srv_value, uint64_t period_num, uint8_t *hsdir_index_out)
Definition: hs_common.c:1078
uint8_t * hs_get_previous_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1135
int hs_in_period_between_tp_and_srv(const networkstatus_t *consensus, time_t now)
Definition: hs_common.c:987
Header file containing common data for the whole HS subsystem.
void hs_service_dir_info_changed(void)
Definition: hs_service.c:4051
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:40
uint16_t sa_family_t
Definition: inaddr_st.h:77
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:590
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
#define LD_PROTOCOL
Definition: log.h:72
#define LD_BUG
Definition: log.h:86
#define LD_NET
Definition: log.h:66
#define LD_GENERAL
Definition: log.h:62
#define LD_DIR
Definition: log.h:88
#define LOG_NOTICE
Definition: log.h:50
#define LD_CONFIG
Definition: log.h:68
#define LOG_INFO
Definition: log.h:45
#define bool_neq(a, b)
Definition: logic.h:18
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:234
Header file for mainloop.c.
void tor_free_(void *mem)
Definition: malloc.c:227
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
#define tor_free(p)
Definition: malloc.h:52
int usable_consensus_flavor(void)
Definition: microdesc.c:1086
microdesc_t * microdesc_cache_lookup_by_digest256(microdesc_cache_t *cache, const char *d)
Definition: microdesc.c:946
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:251
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1055
Header file for microdesc.c.
Microdescriptor structure.
int net_is_disabled(void)
Definition: netstatus.c:25
Header for netstatus.c.
networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now)
int client_would_use_router(const routerstatus_t *rs, time_t now)
networkstatus_t * networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
networkstatus_t * networkstatus_get_latest_consensus(void)
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
Header file for networkstatus.c.
Networkstatus consensus/vote structure.
double frac_nodes_with_descriptors(const smartlist_t *sl, bandwidth_weight_rule_t rule, int for_direct_conn)
Definition: node_select.c:821
Header file for node_select.c.
Node information structure.
bool nodefamily_contains_node(const nodefamily_t *family, const node_t *node)
Definition: nodefamily.c:328
void nodefamily_add_nodes_to_smartlist(const nodefamily_t *family, smartlist_t *out)
Definition: nodefamily.c:342
Header file for nodefamily.c.
static void node_free_(node_t *node)
Definition: nodelist.c:881
static int node_add_to_ed25519_map(node_t *node)
Definition: nodelist.c:311
const node_t * node_get_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:234
void node_get_pref_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1842
bool node_supports_establish_intro_dos_extension(const node_t *node)
Definition: nodelist.c:1286
static nodelist_t * the_nodelist
Definition: nodelist.c:181
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1821
int nodelist_probably_contains_address(const tor_addr_t *addr)
Definition: nodelist.c:548
void node_get_verbose_nickname_by_id(const char *id_digest, char *verbose_name_out)
Definition: nodelist.c:1553
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:197
static double get_frac_paths_needed_for_circs(const or_options_t *options, const networkstatus_t *ns)
Definition: nodelist.c:2797
static double compute_frac_paths_available(const networkstatus_t *consensus, const or_options_t *options, time_t now, int *num_present_out, int *num_usable_out, char **status_out)
Definition: nodelist.c:2571
static char dir_info_status[512]
Definition: nodelist.c:2417
const char * node_get_platform(const node_t *node)
Definition: nodelist.c:1722
void nodelist_free_all(void)
Definition: nodelist.c:923
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2242
static const protover_summary_flags_t * node_get_protover_summary_flags(const node_t *node)
Definition: nodelist.c:1213
void nodelist_refresh_countries(void)
Definition: nodelist.c:2083
STATIC void node_lookup_declared_family(smartlist_t *out, const node_t *node)
Definition: nodelist.c:2174
void router_dir_info_changed(void)
Definition: nodelist.c:2470
int node_is_good_exit(const node_t *node)
Definition: nodelist.c:794
static void node_add_to_address_set(const node_t *node)
Definition: nodelist.c:451
void node_get_address_string(const node_t *node, char *buf, size_t len)
Definition: nodelist.c:1698
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:1047
static void init_nodelist(void)
Definition: nodelist.c:185
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1596
int router_addrs_in_same_network(const tor_addr_t *a1, const tor_addr_t *a2)
Definition: nodelist.c:2093
bool node_supports_accepting_ipv6_extends(const node_t *node, bool need_canonical_ipv6_conn)
Definition: nodelist.c:1324
smartlist_t * node_get_all_orports(const node_t *node)
Definition: nodelist.c:1635
static void update_router_have_minimum_dir_info(void)
Definition: nodelist.c:2814
usable_descriptor_t
Definition: nodelist.c:91
static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, time_t now, routerset_t *in_set, usable_descriptor_t exit_only)
Definition: nodelist.c:2500
static int microdesc_has_curve25519_onion_key(const microdesc_t *md)
Definition: nodelist.c:1989
void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1945
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1500
static int node_is_usable(const node_t *node)
Definition: nodelist.c:801
STATIC int node_in_nickname_smartlist(const smartlist_t *lst, const node_t *node)
Definition: nodelist.c:2127
smartlist_t * nodelist_find_nodes_with_microdesc(const microdesc_t *md)
Definition: nodelist.c:863
int node_is_me(const node_t *node)
Definition: nodelist.c:1735
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1450
static const protover_summary_flags_t zero_protover_flags
Definition: nodelist.c:1207
int node_has_any_descriptor(const node_t *node)
Definition: nodelist.c:1487
void nodelist_purge(void)
Definition: nodelist.c:894
int node_is_dir(const node_t *node)
Definition: nodelist.c:1464
int node_is_unreliable(const node_t *node, int need_uptime, int need_capacity, int need_guard)
Definition: nodelist.c:2335
bool node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1271
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1922
bool node_supports_ed25519_link_authentication(const node_t *node, bool compatible_with_us)
Definition: nodelist.c:1235
bool node_supports_v3_hsdir(const node_t *node)
Definition: nodelist.c:1251
static consensus_path_type_t have_consensus_path
Definition: nodelist.c:2409
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1899
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2350
long node_get_declared_uptime(const node_t *node)
Definition: nodelist.c:1712
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
Definition: nodelist.c:1085
node_t * nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
Definition: nodelist.c:579
static void node_addrs_changed(node_t *node)
Definition: nodelist.c:441
node_t * node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:210
consensus_path_type_t router_have_consensus_path(void)
Definition: nodelist.c:2460
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1195
static int need_to_update_have_min_dir_info
Definition: nodelist.c:2414
static int have_min_dir_info
Definition: nodelist.c:2406
static int node_remove_from_ed25519_map(node_t *node)
Definition: nodelist.c:268
void nodelist_add_addr_to_address_set(const tor_addr_t *addr, uint16_t or_port, uint16_t dir_port)
Definition: nodelist.c:525
static node_t * node_get_or_create(const char *identity_digest)
Definition: nodelist.c:246
const node_t * router_find_exact_exit_enclave(const char *address, uint16_t port)
Definition: nodelist.c:2307
int node_allows_single_hop_exits(const node_t *node)
Definition: nodelist.c:1568
int node_get_purpose(const node_t *node)
Definition: nodelist.c:1521
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1960
const node_t * node_get_by_hex_id(const char *hex_id, unsigned flags)
Definition: nodelist.c:1058
void nodelist_set_consensus(const networkstatus_t *ns)
Definition: nodelist.c:689
bool nodelist_reentry_contains(const tor_addr_t *addr, uint16_t port)
Definition: nodelist.c:562
static const tor_addr_t * node_get_prim_addr_ipv4(const node_t *node)
Definition: nodelist.c:1681
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
Definition: nodelist.c:809
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:226
void node_set_country(node_t *node)
Definition: nodelist.c:2062
const uint8_t * node_get_rsa_id_digest(const node_t *node)
Definition: nodelist.c:1346
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1791
void nodelist_remove_routerinfo(routerinfo_t *ri)
Definition: nodelist.c:823
void nodelist_ensure_freshness(const networkstatus_t *ns)
Definition: nodelist.c:1026
const ed25519_public_key_t * node_get_ed25519_id(const node_t *node)
Definition: nodelist.c:1150
STATIC bool node_has_declared_family(const node_t *node)
Definition: nodelist.c:2154
STATIC int node_nickname_matches(const node_t *node, const char *nickname)
Definition: nodelist.c:2115
void node_get_addr(const node_t *node, tor_addr_t *addr_out)
Definition: nodelist.c:1672
const char * get_dir_info_status_string(void)
Definition: nodelist.c:2480
node_t * nodelist_add_microdesc(microdesc_t *md)
Definition: nodelist.c:635
static char * build_addr_port_item(const tor_addr_t *addr, const uint16_t port)
Definition: nodelist.c:496
const curve25519_public_key_t * node_get_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:2016
static void node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
Definition: nodelist.c:295
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2770
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1533
bool node_supports_initiating_ipv6_extends(const node_t *node)
Definition: nodelist.c:1303
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1857
STATIC int node_family_contains(const node_t *n1, const node_t *n2)
Definition: nodelist.c:2139
int nodes_in_same_family(const node_t *node1, const node_t *node2)
Definition: nodelist.c:2195
static void nodelist_drop_node(node_t *node, int remove_from_ht)
Definition: nodelist.c:838
int node_has_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:2009
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2427
void nodelist_assert_ok(void)
Definition: nodelist.c:949
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1579
bool node_supports_ed25519_hs_intro(const node_t *node)
Definition: nodelist.c:1261
void router_set_status(const char *digest, int up)
Definition: nodelist.c:2371
Header file for nodelist.c.
consensus_path_type_t
Definition: nodelist.h:151
Master header file for Tor-specific functionality.
#define MAX_NICKNAME_LEN
Definition: or.h:112
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:441
@ V3_DIRINFO
Definition: or.h:788
@ BRIDGE_DIRINFO
Definition: or.h:790
int reachable_addr_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:509
int reachable_addr_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:487
int reachable_addr_use_ipv6(const or_options_t *options)
Definition: policies.c:448
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2887
Header file for policies.c.
addr_policy_result_t
Definition: policies.h:38
@ ADDR_POLICY_ACCEPTED
Definition: policies.h:40
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
Header file for process_descs.c.
Headers and type declarations for protover.c.
int router_digest_is_me(const char *digest)
Definition: router.c:1739
Router descriptor structure.
#define ROUTER_PURPOSE_GENERAL
Definition: routerinfo_st.h:98
int hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, const char *nickname)
Definition: routerlist.c:720
int hex_digest_nickname_decode(const char *hexdigest, char *digest_out, char *nickname_qualifier_char_out, char *nickname_out)
Definition: routerlist.c:684
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:895
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:509
signed_descriptor_t * router_get_by_descriptor_digest(const char *digest)
Definition: routerlist.c:784
Header file for routerlist.c.
Router descriptor list structure.
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:339
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:353
Header file for routerset.c.
Routerstatus (consensus entry) structure.
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_del(smartlist_t *sl, int idx)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
unsigned int is_running
Definition: dir_server_st.h:39
uint8_t fetch[DIGEST256_LEN]
uint8_t store_first[DIGEST256_LEN]
uint8_t store_second[DIGEST256_LEN]
unsigned int held_by_nodes
Definition: microdesc_st.h:46
uint16_t ipv6_orport
Definition: microdesc_st.h:81
char * onion_pkey
Definition: microdesc_st.h:70
tor_addr_t ipv6_addr
Definition: microdesc_st.h:79
size_t onion_pkey_len
Definition: microdesc_st.h:72
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: microdesc_st.h:75
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:62
unsigned int policy_is_reject_star
Definition: microdesc_st.h:44
struct nodefamily_t * family
Definition: microdesc_st.h:83
struct ed25519_public_key_t * ed25519_identity_pkey
Definition: microdesc_st.h:77
smartlist_t * routerstatus_list
consensus_flavor_t flavor
Definition: node_st.h:34
unsigned int is_bad_exit
Definition: node_st.h:71
country_t country
Definition: node_st.h:92
unsigned int is_running
Definition: node_st.h:63
int nodelist_idx
Definition: node_st.h:42
unsigned int rejects_all
Definition: node_st.h:83
unsigned int is_hs_dir
Definition: node_st.h:73
unsigned int is_valid
Definition: node_st.h:65
ed25519_public_key_t ed25519_id
Definition: node_st.h:53
char identity[DIGEST_LEN]
Definition: node_st.h:46
unsigned int is_possible_guard
Definition: node_st.h:69
unsigned int is_stable
Definition: node_st.h:68
unsigned int is_exit
Definition: node_st.h:70
time_t last_reachable
Definition: node_st.h:98
unsigned int ipv6_preferred
Definition: node_st.h:88
unsigned int name_lookup_warned
Definition: node_st.h:78
struct routerset_t * ExcludeExitNodesUnion_
struct smartlist_t * NodeFamilySets
int EnforceDistinctSubnets
struct routerset_t * EntryNodes
struct routerset_t * ExitNodes
double PathsNeededToBuildCircuits
struct routerset_t * MiddleNodes
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:714
unsigned int supports_v3_rendezvous_point
Definition: or.h:738
unsigned int supports_initiating_ipv6_extends
Definition: or.h:705
unsigned int supports_v3_hsdir
Definition: or.h:733
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:719
unsigned int supports_canonical_ipv6_conns
Definition: or.h:709
unsigned int supports_accepting_ipv6_extends
Definition: or.h:701
unsigned int supports_ed25519_hs_intro
Definition: or.h:724
char * onion_pkey
Definition: routerinfo_st.h:37
unsigned int allow_single_hop_exits
Definition: routerinfo_st.h:72
char * platform
Definition: routerinfo_st.h:48
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
protover_summary_flags_t pv
Definition: routerinfo_st.h:93
size_t onion_pkey_len
Definition: routerinfo_st.h:39
smartlist_t * declared_family
Definition: routerinfo_st.h:65
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:43
unsigned int policy_is_reject_star
Definition: routerinfo_st.h:77
uint8_t purpose
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:86
char * nickname
Definition: routerinfo_st.h:22
smartlist_t * routers
Definition: routerlist_st.h:32
uint16_t ipv6_orport
tor_addr_t ipv6_addr
protover_summary_flags_t pv
char identity_digest[DIGEST_LEN]
char nickname[MAX_NICKNAME_LEN+1]
uint16_t ipv4_dirport
unsigned int is_possible_guard
uint16_t ipv4_orport
char identity_digest[DIGEST_LEN]
struct tor_cert_st * signing_key_cert
#define STATIC
Definition: testsupport.h:32
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
Header for torcert.c.
#define tor_assert(expr)
Definition: util_bug.h:102
#define tor_fragile_assert()
Definition: util_bug.h:270
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
#define ED25519_PUBKEY_LEN
Definition: x25519_sizes.h:27
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20