tor  0.4.2.0-alpha-dev
nodelist.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
41 #define NODELIST_PRIVATE
42 
43 #include "core/or/or.h"
44 #include "app/config/config.h"
45 #include "core/mainloop/mainloop.h"
46 #include "core/mainloop/netstatus.h"
47 #include "core/or/address_set.h"
48 #include "core/or/policies.h"
49 #include "core/or/protover.h"
50 #include "feature/client/bridges.h"
55 #include "feature/hs/hs_client.h"
56 #include "feature/hs/hs_common.h"
65 #include "feature/nodelist/routerset.h"
66 #include "feature/nodelist/torcert.h"
68 #include "lib/encoding/binascii.h"
69 #include "lib/err/backtrace.h"
70 #include "lib/geoip/geoip.h"
71 #include "lib/net/address.h"
72 
73 #include <string.h>
74 
76 
77 #include "feature/dirclient/dir_server_st.h"
78 #include "feature/nodelist/microdesc_st.h"
79 #include "feature/nodelist/networkstatus_st.h"
80 #include "feature/nodelist/node_st.h"
81 #include "feature/nodelist/routerinfo_st.h"
82 #include "feature/nodelist/routerlist_st.h"
83 #include "feature/nodelist/routerstatus_st.h"
84 
85 static void nodelist_drop_node(node_t *node, int remove_from_ht);
86 #define node_free(val) \
87  FREE_AND_NULL(node_t, node_free_, (val))
88 static void node_free_(node_t *node);
89 
92 typedef enum {
93  /* All descriptors regardless of flags or exit policies */
94  USABLE_DESCRIPTOR_ALL = 0U,
95  /* Only count descriptors with an exit policy that allows at least one port
96  */
97  USABLE_DESCRIPTOR_EXIT_POLICY = 1U << 0,
98  /* Only count descriptors for relays that have the exit flag in the
99  * consensus */
100  USABLE_DESCRIPTOR_EXIT_FLAG = 1U << 1,
101  /* Only count descriptors for relays that have the policy and the flag */
102  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG = (USABLE_DESCRIPTOR_EXIT_POLICY |
103  USABLE_DESCRIPTOR_EXIT_FLAG)
105 static void count_usable_descriptors(int *num_present,
106  int *num_usable,
107  smartlist_t *descs_out,
108  const networkstatus_t *consensus,
109  time_t now,
110  routerset_t *in_set,
111  usable_descriptor_t exit_only);
112 static void update_router_have_minimum_dir_info(void);
113 static double get_frac_paths_needed_for_circs(const or_options_t *options,
114  const networkstatus_t *ns);
115 static void node_add_to_address_set(const node_t *node);
116 
121 typedef struct nodelist_t {
122  /* A list of all the nodes. */
123  smartlist_t *nodes;
124  /* Hash table to map from node ID digest to node. */
125  HT_HEAD(nodelist_map, node_t) nodes_by_id;
126  /* Hash table to map from node Ed25519 ID to node.
127  *
128  * Whenever a node's routerinfo or microdescriptor is about to change,
129  * you should remove it from this map with node_remove_from_ed25519_map().
130  * Whenever a node's routerinfo or microdescriptor has just chaned,
131  * you should add it to this map with node_add_to_ed25519_map().
132  */
133  HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
134 
135  /* Set of addresses that belong to nodes we believe in. */
136  address_set_t *node_addrs;
137 
138  /* The valid-after time of the last live consensus that initialized the
139  * nodelist. We use this to detect outdated nodelists that need to be
140  * rebuilt using a newer consensus. */
141  time_t live_consensus_valid_after;
142 } nodelist_t;
143 
144 static inline unsigned int
145 node_id_hash(const node_t *node)
146 {
147  return (unsigned) siphash24g(node->identity, DIGEST_LEN);
148 }
149 
150 static inline unsigned int
151 node_id_eq(const node_t *node1, const node_t *node2)
152 {
153  return tor_memeq(node1->identity, node2->identity, DIGEST_LEN);
154 }
155 
156 HT_PROTOTYPE(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq)
157 HT_GENERATE2(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq,
159 
160 static inline unsigned int
161 node_ed_id_hash(const node_t *node)
162 {
163  return (unsigned) siphash24g(node->ed25519_id.pubkey, ED25519_PUBKEY_LEN);
164 }
165 
166 static inline unsigned int
167 node_ed_id_eq(const node_t *node1, const node_t *node2)
168 {
169  return ed25519_pubkey_eq(&node1->ed25519_id, &node2->ed25519_id);
170 }
171 
172 HT_PROTOTYPE(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
173  node_ed_id_eq)
174 HT_GENERATE2(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
175  node_ed_id_eq, 0.6, tor_reallocarray_, tor_free_)
176 
177 
178 static nodelist_t *the_nodelist=NULL;
179 
181 static void
182 init_nodelist(void)
183 {
184  if (PREDICT_UNLIKELY(the_nodelist == NULL)) {
185  the_nodelist = tor_malloc_zero(sizeof(nodelist_t));
186  HT_INIT(nodelist_map, &the_nodelist->nodes_by_id);
187  HT_INIT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
188  the_nodelist->nodes = smartlist_new();
189  }
190 }
191 
194 node_get_mutable_by_id,(const char *identity_digest))
195 {
196  node_t search, *node;
197  if (PREDICT_UNLIKELY(the_nodelist == NULL))
198  return NULL;
199 
200  memcpy(&search.identity, identity_digest, DIGEST_LEN);
201  node = HT_FIND(nodelist_map, &the_nodelist->nodes_by_id, &search);
202  return node;
203 }
204 
206 node_t *
208 {
209  node_t search, *node;
210  if (PREDICT_UNLIKELY(the_nodelist == NULL))
211  return NULL;
212  if (BUG(ed_id == NULL) || BUG(ed25519_public_key_is_zero(ed_id)))
213  return NULL;
214 
215  memcpy(&search.ed25519_id, ed_id, sizeof(search.ed25519_id));
216  node = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, &search);
217  return node;
218 }
219 
223 node_get_by_id,(const char *identity_digest))
224 {
225  return node_get_mutable_by_id(identity_digest);
226 }
227 
231 node_get_by_ed25519_id,(const ed25519_public_key_t *ed_id))
232 {
233  return node_get_mutable_by_ed25519_id(ed_id);
234 }
235 
242 static node_t *
243 node_get_or_create(const char *identity_digest)
244 {
245  node_t *node;
246 
247  if ((node = node_get_mutable_by_id(identity_digest)))
248  return node;
249 
250  node = tor_malloc_zero(sizeof(node_t));
251  memcpy(node->identity, identity_digest, DIGEST_LEN);
252  HT_INSERT(nodelist_map, &the_nodelist->nodes_by_id, node);
253 
254  smartlist_add(the_nodelist->nodes, node);
255  node->nodelist_idx = smartlist_len(the_nodelist->nodes) - 1;
256 
257  node->country = -1;
258 
259  return node;
260 }
261 
264 static int
266 {
267  tor_assert(the_nodelist);
268  tor_assert(node);
269 
271  return 0;
272  }
273 
274  int rv = 0;
275  node_t *search =
276  HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
277  if (BUG(search != node)) {
278  goto clear_and_return;
279  }
280 
281  search = HT_REMOVE(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
282  tor_assert(search == node);
283  rv = 1;
284 
285  clear_and_return:
286  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
287  return rv;
288 }
289 
291 static void
292 node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
293 {
294  char *s;
295  char *olddesc = tor_strdup(node_describe(old));
296 
297  tor_asprintf(&s, "Reused ed25519_id %s: old %s new %s", ed_id,
298  olddesc, node_describe(node));
299  log_backtrace(LOG_NOTICE, LD_DIR, s);
300  tor_free(olddesc);
301  tor_free(s);
302 }
303 
307 static int
309 {
310  tor_assert(the_nodelist);
311  tor_assert(node);
312 
313  if (! ed25519_public_key_is_zero(&node->ed25519_id)) {
314  return 0;
315  }
316 
317  const ed25519_public_key_t *key = node_get_ed25519_id(node);
318  if (!key) {
319  return 0;
320  }
321 
322  node_t *old;
323  memcpy(&node->ed25519_id, key, sizeof(node->ed25519_id));
324  old = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
325  if (old) {
326  char ed_id[BASE32_BUFSIZE(sizeof(key->pubkey))];
327 
328  base32_encode(ed_id, sizeof(ed_id), (const char *)key->pubkey,
329  sizeof(key->pubkey));
330  if (BUG(old == node)) {
331  /* Actual bug: all callers of this function call
332  * node_remove_from_ed25519_map first. */
333  log_err(LD_BUG,
334  "Unexpectedly found deleted node with ed25519_id %s", ed_id);
335  } else {
336  /* Distinct nodes sharing a ed25519 id, possibly due to relay
337  * misconfiguration. The key pinning might not catch this,
338  * possibly due to downloading a missing descriptor during
339  * consensus voting. */
340  node_log_dup_ed_id(old, node, ed_id);
341  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
342  }
343  return 0;
344  }
345 
346  HT_INSERT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
347  return 1;
348 }
349 
350 /* For a given <b>node</b> for the consensus <b>ns</b>, set the hsdir index
351  * for the node, both current and next if possible. This can only fails if the
352  * node_t ed25519 identity key can't be found which would be a bug. */
353 STATIC void
354 node_set_hsdir_index(node_t *node, const networkstatus_t *ns)
355 {
356  time_t now = approx_time();
357  const ed25519_public_key_t *node_identity_pk;
358  uint8_t *fetch_srv = NULL, *store_first_srv = NULL, *store_second_srv = NULL;
359  uint64_t next_time_period_num, current_time_period_num;
360  uint64_t fetch_tp, store_first_tp, store_second_tp;
361 
362  tor_assert(node);
363  tor_assert(ns);
364 
365  if (!networkstatus_is_live(ns, now)) {
366  static struct ratelim_t live_consensus_ratelim = RATELIM_INIT(30 * 60);
367  log_fn_ratelim(&live_consensus_ratelim, LOG_INFO, LD_GENERAL,
368  "Not setting hsdir index with a non-live consensus.");
369  goto done;
370  }
371 
372  node_identity_pk = node_get_ed25519_id(node);
373  if (node_identity_pk == NULL) {
374  log_debug(LD_GENERAL, "ed25519 identity public key not found when "
375  "trying to build the hsdir indexes for node %s",
376  node_describe(node));
377  goto done;
378  }
379 
380  /* Get the current and next time period number. */
381  current_time_period_num = hs_get_time_period_num(0);
382  next_time_period_num = hs_get_next_time_period_num(0);
383 
384  /* We always use the current time period for fetching descs */
385  fetch_tp = current_time_period_num;
386 
387  /* Now extract the needed SRVs and time periods for building hsdir indices */
388  if (hs_in_period_between_tp_and_srv(ns, now)) {
389  fetch_srv = hs_get_current_srv(fetch_tp, ns);
390 
391  store_first_tp = hs_get_previous_time_period_num(0);
392  store_second_tp = current_time_period_num;
393  } else {
394  fetch_srv = hs_get_previous_srv(fetch_tp, ns);
395 
396  store_first_tp = current_time_period_num;
397  store_second_tp = next_time_period_num;
398  }
399 
400  /* We always use the old SRV for storing the first descriptor and the latest
401  * SRV for storing the second descriptor */
402  store_first_srv = hs_get_previous_srv(store_first_tp, ns);
403  store_second_srv = hs_get_current_srv(store_second_tp, ns);
404 
405  /* Build the fetch index. */
406  hs_build_hsdir_index(node_identity_pk, fetch_srv, fetch_tp,
407  node->hsdir_index.fetch);
408 
409  /* If we are in the time segment between SRV#N and TP#N, the fetch index is
410  the same as the first store index */
411  if (!hs_in_period_between_tp_and_srv(ns, now)) {
412  memcpy(node->hsdir_index.store_first, node->hsdir_index.fetch,
413  sizeof(node->hsdir_index.store_first));
414  } else {
415  hs_build_hsdir_index(node_identity_pk, store_first_srv, store_first_tp,
416  node->hsdir_index.store_first);
417  }
418 
419  /* If we are in the time segment between TP#N and SRV#N+1, the fetch index is
420  the same as the second store index */
421  if (hs_in_period_between_tp_and_srv(ns, now)) {
422  memcpy(node->hsdir_index.store_second, node->hsdir_index.fetch,
423  sizeof(node->hsdir_index.store_second));
424  } else {
425  hs_build_hsdir_index(node_identity_pk, store_second_srv, store_second_tp,
426  node->hsdir_index.store_second);
427  }
428 
429  done:
430  tor_free(fetch_srv);
431  tor_free(store_first_srv);
432  tor_free(store_second_srv);
433  return;
434 }
435 
437 static void
439 {
440  node->last_reachable = node->last_reachable6 = 0;
441  node->country = -1;
442 }
443 
447 static void
449 {
450  if (!the_nodelist || !the_nodelist->node_addrs)
451  return;
452 
453  /* These various address sources can be redundant, but it's likely faster
454  * to add them all than to compare them all for equality. */
455 
456  if (node->rs) {
457  if (node->rs->addr)
458  address_set_add_ipv4h(the_nodelist->node_addrs, node->rs->addr);
459  if (!tor_addr_is_null(&node->rs->ipv6_addr))
460  address_set_add(the_nodelist->node_addrs, &node->rs->ipv6_addr);
461  }
462  if (node->ri) {
463  if (node->ri->addr)
464  address_set_add_ipv4h(the_nodelist->node_addrs, node->ri->addr);
465  if (!tor_addr_is_null(&node->ri->ipv6_addr))
466  address_set_add(the_nodelist->node_addrs, &node->ri->ipv6_addr);
467  }
468  if (node->md) {
469  if (!tor_addr_is_null(&node->md->ipv6_addr))
470  address_set_add(the_nodelist->node_addrs, &node->md->ipv6_addr);
471  }
472 }
473 
476 int
478 {
479  if (BUG(!addr))
480  return 0;
481 
482  if (!the_nodelist || !the_nodelist->node_addrs)
483  return 0;
484 
485  return address_set_probably_contains(the_nodelist->node_addrs, addr);
486 }
487 
492 node_t *
494 {
495  node_t *node;
496  const char *id_digest;
497  int had_router = 0;
498  tor_assert(ri);
499 
500  init_nodelist();
501  id_digest = ri->cache_info.identity_digest;
502  node = node_get_or_create(id_digest);
503 
505 
506  if (node->ri) {
507  if (!routers_have_same_or_addrs(node->ri, ri)) {
508  node_addrs_changed(node);
509  }
510  had_router = 1;
511  if (ri_old_out)
512  *ri_old_out = node->ri;
513  } else {
514  if (ri_old_out)
515  *ri_old_out = NULL;
516  }
517  node->ri = ri;
518 
520 
521  if (node->country == -1)
522  node_set_country(node);
523 
524  if (authdir_mode(get_options()) && !had_router) {
525  const char *discard=NULL;
526  uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
528  }
529 
530  /* Setting the HSDir index requires the ed25519 identity key which can
531  * only be found either in the ri or md. This is why this is called here.
532  * Only nodes supporting HSDir=2 protocol version needs this index. */
533  if (node->rs && node->rs->pv.supports_v3_hsdir) {
534  node_set_hsdir_index(node,
535  networkstatus_get_latest_consensus());
536  }
537 
539 
540  return node;
541 }
542 
548 node_t *
550 {
551  networkstatus_t *ns =
552  networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC);
553  const routerstatus_t *rs;
554  node_t *node;
555  if (ns == NULL)
556  return NULL;
557  init_nodelist();
558 
559  /* Microdescriptors don't carry an identity digest, so we need to figure
560  * it out by looking up the routerstatus. */
562  if (rs == NULL)
563  return NULL;
564  node = node_get_mutable_by_id(rs->identity_digest);
565  if (node == NULL)
566  return NULL;
567 
569  if (node->md)
570  node->md->held_by_nodes--;
571 
572  node->md = md;
573  md->held_by_nodes++;
574  /* Setting the HSDir index requires the ed25519 identity key which can
575  * only be found either in the ri or md. This is why this is called here.
576  * Only nodes supporting HSDir=2 protocol version needs this index. */
577  if (rs->pv.supports_v3_hsdir) {
578  node_set_hsdir_index(node, ns);
579  }
582 
583  return node;
584 }
585 
586 /* Default value. */
587 #define ESTIMATED_ADDRESS_PER_NODE 2
588 
589 /* Return the estimated number of address per node_t. This is used for the
590  * size of the bloom filter in the nodelist (node_addrs). */
591 MOCK_IMPL(int,
592 get_estimated_address_per_node, (void))
593 {
594  return ESTIMATED_ADDRESS_PER_NODE;
595 }
596 
602 void
604 {
605  const or_options_t *options = get_options();
606  int authdir = authdir_mode_v3(options);
607 
608  init_nodelist();
609  if (ns->flavor == FLAV_MICRODESC)
610  (void) get_microdesc_cache(); /* Make sure it exists first. */
611 
612  SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
613  node->rs = NULL);
614 
615  /* Conservatively estimate that every node will have 2 addresses. */
616  const int estimated_addresses = smartlist_len(ns->routerstatus_list) *
617  get_estimated_address_per_node();
618  address_set_free(the_nodelist->node_addrs);
619  the_nodelist->node_addrs = address_set_new(estimated_addresses);
620 
622  node_t *node = node_get_or_create(rs->identity_digest);
623  node->rs = rs;
624  if (ns->flavor == FLAV_MICRODESC) {
625  if (node->md == NULL ||
626  tor_memneq(node->md->digest,rs->descriptor_digest,DIGEST256_LEN)) {
628  if (node->md)
629  node->md->held_by_nodes--;
630  node->md = microdesc_cache_lookup_by_digest256(NULL,
631  rs->descriptor_digest);
632  if (node->md)
633  node->md->held_by_nodes++;
635  }
636  }
637 
638  if (rs->pv.supports_v3_hsdir) {
639  node_set_hsdir_index(node, ns);
640  }
641  node_set_country(node);
642 
643  /* If we're not an authdir, believe others. */
644  if (!authdir) {
645  node->is_valid = rs->is_valid;
646  node->is_running = rs->is_flagged_running;
647  node->is_fast = rs->is_fast;
648  node->is_stable = rs->is_stable;
649  node->is_possible_guard = rs->is_possible_guard;
650  node->is_exit = rs->is_exit;
651  node->is_bad_exit = rs->is_bad_exit;
652  node->is_hs_dir = rs->is_hs_dir;
653  node->ipv6_preferred = 0;
655  (tor_addr_is_null(&rs->ipv6_addr) == 0 ||
656  (node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
657  node->ipv6_preferred = 1;
658  }
659 
660  } SMARTLIST_FOREACH_END(rs);
661 
662  nodelist_purge();
663 
664  /* Now add all the nodes we have to the address set. */
665  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
667  } SMARTLIST_FOREACH_END(node);
668 
669  if (! authdir) {
670  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
671  /* We have no routerstatus for this router. Clear flags so we can skip
672  * it, maybe.*/
673  if (!node->rs) {
674  tor_assert(node->ri); /* if it had only an md, or nothing, purge
675  * would have removed it. */
676  if (node->ri->purpose == ROUTER_PURPOSE_GENERAL) {
677  /* Clear all flags. */
678  node->is_valid = node->is_running = node->is_hs_dir =
679  node->is_fast = node->is_stable =
680  node->is_possible_guard = node->is_exit =
681  node->is_bad_exit = node->ipv6_preferred = 0;
682  }
683  }
684  } SMARTLIST_FOREACH_END(node);
685  }
686 
687  /* If the consensus is live, note down the consensus valid-after that formed
688  * the nodelist. */
689  if (networkstatus_is_live(ns, approx_time())) {
690  the_nodelist->live_consensus_valid_after = ns->valid_after;
691  }
692 }
693 
697 int
699 {
700  return node->is_exit && ! node->is_bad_exit;
701 }
702 
704 static inline int
705 node_is_usable(const node_t *node)
706 {
707  return (node->rs) || (node->ri);
708 }
709 
712 void
713 nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
714 {
715  node_t *node = node_get_mutable_by_id(identity_digest);
716  if (node && node->md == md) {
717  node->md = NULL;
718  md->held_by_nodes--;
719  if (! node_get_ed25519_id(node)) {
721  }
722  }
723 }
724 
726 void
728 {
729  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
730  if (node && node->ri == ri) {
731  node->ri = NULL;
732  if (! node_is_usable(node)) {
733  nodelist_drop_node(node, 1);
734  node_free(node);
735  }
736  }
737 }
738 
741 static void
742 nodelist_drop_node(node_t *node, int remove_from_ht)
743 {
744  node_t *tmp;
745  int idx;
746  if (remove_from_ht) {
747  tmp = HT_REMOVE(nodelist_map, &the_nodelist->nodes_by_id, node);
748  tor_assert(tmp == node);
749  }
751 
752  idx = node->nodelist_idx;
753  tor_assert(idx >= 0);
754 
755  tor_assert(node == smartlist_get(the_nodelist->nodes, idx));
756  smartlist_del(the_nodelist->nodes, idx);
757  if (idx < smartlist_len(the_nodelist->nodes)) {
758  tmp = smartlist_get(the_nodelist->nodes, idx);
759  tmp->nodelist_idx = idx;
760  }
761  node->nodelist_idx = -1;
762 }
763 
766 smartlist_t *
768 {
769  smartlist_t *result = smartlist_new();
770 
771  if (the_nodelist == NULL)
772  return result;
773 
774  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
775  if (node->md == md) {
776  smartlist_add(result, node);
777  }
778  } SMARTLIST_FOREACH_END(node);
779 
780  return result;
781 }
782 
784 static void
786 {
787  if (!node)
788  return;
789  if (node->md)
790  node->md->held_by_nodes--;
791  tor_assert(node->nodelist_idx == -1);
792  tor_free(node);
793 }
794 
797 void
799 {
800  node_t **iter;
801  if (PREDICT_UNLIKELY(the_nodelist == NULL))
802  return;
803 
804  /* Remove the non-usable nodes. */
805  for (iter = HT_START(nodelist_map, &the_nodelist->nodes_by_id); iter; ) {
806  node_t *node = *iter;
807 
808  if (node->md && !node->rs) {
809  /* An md is only useful if there is an rs. */
810  node->md->held_by_nodes--;
811  node->md = NULL;
812  }
813 
814  if (node_is_usable(node)) {
815  iter = HT_NEXT(nodelist_map, &the_nodelist->nodes_by_id, iter);
816  } else {
817  iter = HT_NEXT_RMV(nodelist_map, &the_nodelist->nodes_by_id, iter);
818  nodelist_drop_node(node, 0);
819  node_free(node);
820  }
821  }
823 }
824 
826 void
828 {
829  if (PREDICT_UNLIKELY(the_nodelist == NULL))
830  return;
831 
832  HT_CLEAR(nodelist_map, &the_nodelist->nodes_by_id);
833  HT_CLEAR(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
834  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
835  node->nodelist_idx = -1;
836  node_free(node);
837  } SMARTLIST_FOREACH_END(node);
838 
839  smartlist_free(the_nodelist->nodes);
840 
841  address_set_free(the_nodelist->node_addrs);
842  the_nodelist->node_addrs = NULL;
843 
844  tor_free(the_nodelist);
845 }
846 
850 void
852 {
854  networkstatus_t *ns = networkstatus_get_latest_consensus();
855  digestmap_t *dm;
856 
857  if (!the_nodelist)
858  return;
859 
860  dm = digestmap_new();
861 
862  /* every routerinfo in rl->routers should be in the nodelist. */
863  if (rl) {
865  const node_t *node = node_get_by_id(ri->cache_info.identity_digest);
866  tor_assert(node && node->ri == ri);
867  tor_assert(fast_memeq(ri->cache_info.identity_digest,
868  node->identity, DIGEST_LEN));
869  tor_assert(! digestmap_get(dm, node->identity));
870  digestmap_set(dm, node->identity, (void*)node);
871  } SMARTLIST_FOREACH_END(ri);
872  }
873 
874  /* every routerstatus in ns should be in the nodelist */
875  if (ns) {
877  const node_t *node = node_get_by_id(rs->identity_digest);
878  tor_assert(node && node->rs == rs);
879  tor_assert(fast_memeq(rs->identity_digest, node->identity, DIGEST_LEN));
880  digestmap_set(dm, node->identity, (void*)node);
881  if (ns->flavor == FLAV_MICRODESC) {
882  /* If it's a microdesc consensus, every entry that has a
883  * microdescriptor should be in the nodelist.
884  */
885  microdesc_t *md =
886  microdesc_cache_lookup_by_digest256(NULL, rs->descriptor_digest);
887  tor_assert(md == node->md);
888  if (md)
889  tor_assert(md->held_by_nodes >= 1);
890  }
891  } SMARTLIST_FOREACH_END(rs);
892  }
893 
894  /* The nodelist should have no other entries, and its entries should be
895  * well-formed. */
896  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
897  tor_assert(digestmap_get(dm, node->identity) != NULL);
898  tor_assert(node_sl_idx == node->nodelist_idx);
899  } SMARTLIST_FOREACH_END(node);
900 
901  /* Every node listed with an ed25519 identity should be listed by that
902  * identity.
903  */
904  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
905  if (!ed25519_public_key_is_zero(&node->ed25519_id)) {
906  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
907  }
908  } SMARTLIST_FOREACH_END(node);
909 
910  node_t **idx;
911  HT_FOREACH(idx, nodelist_ed_map, &the_nodelist->nodes_by_ed_id) {
912  node_t *node = *idx;
913  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
914  }
915 
916  tor_assert((long)smartlist_len(the_nodelist->nodes) ==
917  (long)HT_SIZE(&the_nodelist->nodes_by_id));
918 
919  tor_assert((long)smartlist_len(the_nodelist->nodes) >=
920  (long)HT_SIZE(&the_nodelist->nodes_by_ed_id));
921 
922  digestmap_free(dm, NULL);
923 }
924 
927 void
929 {
930  tor_assert(ns);
931 
932  /* We don't even have a nodelist: this is a NOP. */
933  if (!the_nodelist) {
934  return;
935  }
936 
937  if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
938  log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
939  (int) the_nodelist->live_consensus_valid_after,
940  (int) ns->valid_after);
942  }
943 }
948 nodelist_get_list,(void))
949 {
950  init_nodelist();
951  return the_nodelist->nodes;
952 }
953 
958 const node_t *
959 node_get_by_hex_id(const char *hex_id, unsigned flags)
960 {
961  char digest_buf[DIGEST_LEN];
962  char nn_buf[MAX_NICKNAME_LEN+1];
963  char nn_char='\0';
964 
965  (void) flags; // XXXX
966 
967  if (hex_digest_nickname_decode(hex_id, digest_buf, &nn_char, nn_buf)==0) {
968  const node_t *node = node_get_by_id(digest_buf);
969  if (!node)
970  return NULL;
971  if (nn_char == '=') {
972  /* "=" indicates a Named relay, but there aren't any of those now. */
973  return NULL;
974  }
975  return node;
976  }
977 
978  return NULL;
979 }
980 
986 node_get_by_nickname,(const char *nickname, unsigned flags))
987 {
988  const int warn_if_unnamed = !(flags & NNF_NO_WARN_UNNAMED);
989 
990  if (!the_nodelist)
991  return NULL;
992 
993  /* Handle these cases: DIGEST, $DIGEST, $DIGEST=name, $DIGEST~name. */
994  {
995  const node_t *node;
996  if ((node = node_get_by_hex_id(nickname, flags)) != NULL)
997  return node;
998  }
999 
1000  if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1001  return NULL;
1002 
1003  /* Okay, so the name is not canonical for anybody. */
1004  {
1005  smartlist_t *matches = smartlist_new();
1006  const node_t *choice = NULL;
1007 
1008  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1009  if (!strcasecmp(node_get_nickname(node), nickname))
1010  smartlist_add(matches, node);
1011  } SMARTLIST_FOREACH_END(node);
1012 
1013  if (smartlist_len(matches)>1 && warn_if_unnamed) {
1014  int any_unwarned = 0;
1015  SMARTLIST_FOREACH_BEGIN(matches, node_t *, node) {
1016  if (!node->name_lookup_warned) {
1017  node->name_lookup_warned = 1;
1018  any_unwarned = 1;
1019  }
1020  } SMARTLIST_FOREACH_END(node);
1021 
1022  if (any_unwarned) {
1023  log_warn(LD_CONFIG, "There are multiple matches for the name %s. "
1024  "Choosing one arbitrarily.", nickname);
1025  }
1026  } else if (smartlist_len(matches)==1 && warn_if_unnamed) {
1027  char fp[HEX_DIGEST_LEN+1];
1028  node_t *node = smartlist_get(matches, 0);
1029  if (! node->name_lookup_warned) {
1030  base16_encode(fp, sizeof(fp), node->identity, DIGEST_LEN);
1031  log_warn(LD_CONFIG,
1032  "You specified a relay \"%s\" by name, but nicknames can be "
1033  "used by any relay, not just the one you meant. "
1034  "To make sure you get the same relay in the future, refer "
1035  "to it by key, as \"$%s\".", nickname, fp);
1036  node->name_lookup_warned = 1;
1037  }
1038  }
1039 
1040  if (smartlist_len(matches))
1041  choice = smartlist_get(matches, 0);
1042 
1043  smartlist_free(matches);
1044  return choice;
1045  }
1046 }
1047 
1050 const ed25519_public_key_t *
1052 {
1053  const ed25519_public_key_t *ri_pk = NULL;
1054  const ed25519_public_key_t *md_pk = NULL;
1055 
1056  if (node->ri) {
1057  if (node->ri->cache_info.signing_key_cert) {
1058  ri_pk = &node->ri->cache_info.signing_key_cert->signing_key;
1059  /* Checking whether routerinfo ed25519 is all zero.
1060  * Our descriptor parser should make sure this never happens. */
1061  if (BUG(ed25519_public_key_is_zero(ri_pk)))
1062  ri_pk = NULL;
1063  }
1064  }
1065 
1066  if (node->md) {
1067  if (node->md->ed25519_identity_pkey) {
1068  md_pk = node->md->ed25519_identity_pkey;
1069  /* Checking whether microdesc ed25519 is all zero.
1070  * Our descriptor parser should make sure this never happens. */
1071  if (BUG(ed25519_public_key_is_zero(md_pk)))
1072  md_pk = NULL;
1073  }
1074  }
1075 
1076  if (ri_pk && md_pk) {
1077  if (ed25519_pubkey_eq(ri_pk, md_pk)) {
1078  return ri_pk;
1079  } else {
1080  /* This can happen if the relay gets flagged NoEdConsensus which will be
1081  * triggered on all relays of the network. Thus a protocol warning. */
1082  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1083  "Inconsistent ed25519 identities in the nodelist");
1084  return NULL;
1085  }
1086  } else if (ri_pk) {
1087  return ri_pk;
1088  } else {
1089  return md_pk;
1090  }
1091 }
1092 
1095 int
1097 {
1098  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
1099  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
1100  return id == NULL || ed25519_public_key_is_zero(id);
1101  } else {
1102  return id && ed25519_pubkey_eq(node_id, id);
1103  }
1104 }
1105 
1109  0,0,0,0,0,0,0,0,0
1110 };
1111 
1113 static const protover_summary_flags_t *
1115 {
1116  if (node->rs) {
1117  return &node->rs->pv;
1118  } else if (node->ri) {
1119  return &node->ri->pv;
1120  } else {
1121  /* This should be impossible: every node should have a routerstatus or a
1122  * router descriptor or both. But just in case we've messed up somehow,
1123  * return a nice empty set of flags to indicate "this node supports
1124  * nothing." */
1125  tor_assert_nonfatal_unreached_once();
1126  return &zero_protover_flags;
1127  }
1128 }
1129 
1134 int
1136  int compatible_with_us)
1137 {
1138  if (! node_get_ed25519_id(node))
1139  return 0;
1140 
1142 
1143  if (compatible_with_us)
1145  else
1147 }
1148 
1151 int
1153 {
1154  tor_assert(node);
1155 
1157 }
1158 
1161 int
1163 {
1164  tor_assert(node);
1165 
1167 }
1168 
1171 int
1173 {
1174  tor_assert(node);
1175 
1176  return node_get_protover_summary_flags(node)->
1177  supports_establish_intro_dos_extension;
1178 }
1179 
1182 int
1184 {
1185  tor_assert(node);
1186 
1187  /* We can't use a v3 rendezvous point without the curve25519 onion pk. */
1188  if (!node_get_curve25519_onion_key(node)) {
1189  return 0;
1190  }
1191 
1193 }
1194 
1196 const uint8_t *
1198 {
1199  tor_assert(node);
1200  return (const uint8_t*)node->identity;
1201 }
1202 
1203 /* Returns a new smartlist with all possible link specifiers from node:
1204  * - legacy ID is mandatory thus MUST be present in node;
1205  * - include ed25519 link specifier if present in the node, and the node
1206  * supports ed25519 link authentication, and:
1207  * - if direct_conn is true, its link versions are compatible with us,
1208  * - if direct_conn is false, regardless of its link versions;
1209  * - include IPv4 link specifier, if the primary address is not IPv4, log a
1210  * BUG() warning, and return an empty smartlist;
1211  * - include IPv6 link specifier if present in the node.
1212  *
1213  * If node is NULL, returns an empty smartlist.
1214  *
1215  * The smartlist must be freed using link_specifier_smartlist_free(). */
1216 smartlist_t *
1217 node_get_link_specifier_smartlist(const node_t *node, bool direct_conn)
1218 {
1219  link_specifier_t *ls;
1220  tor_addr_port_t ap;
1221  smartlist_t *lspecs = smartlist_new();
1222 
1223  if (!node)
1224  return lspecs;
1225 
1226  /* Get the relay's IPv4 address. */
1227  node_get_prim_orport(node, &ap);
1228 
1229  /* We expect the node's primary address to be a valid IPv4 address.
1230  * This conforms to the protocol, which requires either an IPv4 or IPv6
1231  * address (or both). */
1232  if (BUG(!tor_addr_is_v4(&ap.addr)) ||
1233  BUG(!tor_addr_port_is_valid_ap(&ap, 0))) {
1234  return lspecs;
1235  }
1236 
1237  ls = link_specifier_new();
1238  link_specifier_set_ls_type(ls, LS_IPV4);
1239  link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ap.addr));
1240  link_specifier_set_un_ipv4_port(ls, ap.port);
1241  /* Four bytes IPv4 and two bytes port. */
1242  link_specifier_set_ls_len(ls, sizeof(ap.addr.addr.in_addr) +
1243  sizeof(ap.port));
1244  smartlist_add(lspecs, ls);
1245 
1246  /* Legacy ID is mandatory and will always be present in node. */
1247  ls = link_specifier_new();
1248  link_specifier_set_ls_type(ls, LS_LEGACY_ID);
1249  memcpy(link_specifier_getarray_un_legacy_id(ls), node->identity,
1250  link_specifier_getlen_un_legacy_id(ls));
1251  link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
1252  smartlist_add(lspecs, ls);
1253 
1254  /* ed25519 ID is only included if the node has it, and the node declares a
1255  protocol version that supports ed25519 link authentication.
1256  If direct_conn is true, we also require that the node's link version is
1257  compatible with us. (Otherwise, we will be sending the ed25519 key
1258  to another tor, which may support different link versions.) */
1259  if (!ed25519_public_key_is_zero(&node->ed25519_id) &&
1260  node_supports_ed25519_link_authentication(node, direct_conn)) {
1261  ls = link_specifier_new();
1262  link_specifier_set_ls_type(ls, LS_ED25519_ID);
1263  memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id,
1264  link_specifier_getlen_un_ed25519_id(ls));
1265  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
1266  smartlist_add(lspecs, ls);
1267  }
1268 
1269  /* Check for IPv6. If so, include it as well. */
1270  if (node_has_ipv6_orport(node)) {
1271  ls = link_specifier_new();
1272  node_get_pref_ipv6_orport(node, &ap);
1273  link_specifier_set_ls_type(ls, LS_IPV6);
1274  size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls);
1275  const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ap.addr);
1276  uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls);
1277  memcpy(ipv6_array, in6_addr, addr_len);
1278  link_specifier_set_un_ipv6_port(ls, ap.port);
1279  /* Sixteen bytes IPv6 and two bytes port. */
1280  link_specifier_set_ls_len(ls, addr_len + sizeof(ap.port));
1281  smartlist_add(lspecs, ls);
1282  }
1283 
1284  return lspecs;
1285 }
1286 
1287 /* Free a link specifier list. */
1288 void
1289 link_specifier_smartlist_free_(smartlist_t *ls_list)
1290 {
1291  if (!ls_list)
1292  return;
1293 
1294  SMARTLIST_FOREACH(ls_list, link_specifier_t *, lspec,
1295  link_specifier_free(lspec));
1296  smartlist_free(ls_list);
1297 }
1298 
1300 const char *
1302 {
1303  tor_assert(node);
1304  if (node->rs)
1305  return node->rs->nickname;
1306  else if (node->ri)
1307  return node->ri->nickname;
1308  else
1309  return NULL;
1310 }
1311 
1314 int
1315 node_is_dir(const node_t *node)
1316 {
1317  if (node->rs) {
1318  routerstatus_t * rs = node->rs;
1319  /* This is true if supports_tunnelled_dir_requests is true which
1320  * indicates that we support directory request tunnelled or through the
1321  * DirPort. */
1322  return rs->is_v2_dir;
1323  } else if (node->ri) {
1324  routerinfo_t * ri = node->ri;
1325  /* Both tunnelled request is supported or DirPort is set. */
1327  } else {
1328  return 0;
1329  }
1330 }
1331 
1337 int
1339 {
1340  return (node->ri ||
1341  (node->rs && node->md));
1342 }
1343 
1350 int
1352  int for_direct_connect)
1353 {
1354  const int is_bridge = node_is_a_configured_bridge(node);
1355  const int we_use_mds = we_use_microdescriptors_for_circuits(get_options());
1356 
1357  if ((is_bridge && for_direct_connect) || !we_use_mds) {
1358  /* We need an ri in this case. */
1359  if (!node->ri)
1360  return 0;
1361  } else {
1362  /* Otherwise we need an rs and an md. */
1363  if (node->rs == NULL || node->md == NULL)
1364  return 0;
1365  }
1366 
1367  return 1;
1368 }
1369 
1371 int
1373 {
1374  if (node->ri)
1375  return node->ri->purpose;
1376  else
1377  return ROUTER_PURPOSE_GENERAL;
1378 }
1379 
1383 void
1385  char *verbose_name_out)
1386 {
1387  const char *nickname = node_get_nickname(node);
1388  verbose_name_out[0] = '$';
1389  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, node->identity,
1390  DIGEST_LEN);
1391  if (!nickname)
1392  return;
1393  verbose_name_out[1+HEX_DIGEST_LEN] = '~';
1394  strlcpy(verbose_name_out+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
1395 }
1396 
1403 void
1404 node_get_verbose_nickname_by_id(const char *id_digest,
1405  char *verbose_name_out)
1406 {
1407  const node_t *node = node_get_by_id(id_digest);
1408  if (!node) {
1409  verbose_name_out[0] = '$';
1410  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
1411  } else {
1412  node_get_verbose_nickname(node, verbose_name_out);
1413  }
1414 }
1415 
1418 int
1420 {
1421  if (node && node->ri)
1422  return node->ri->allow_single_hop_exits;
1423  else
1424  return 0;
1425 }
1426 
1429 int
1431 {
1432  if (node->rejects_all)
1433  return 1;
1434 
1435  if (node->ri)
1436  return node->ri->policy_is_reject_star;
1437  else if (node->md)
1438  return node->md->policy_is_reject_star;
1439  else
1440  return 1;
1441 }
1442 
1446 int
1448 {
1449  if (family == AF_UNSPEC) {
1450  return 1; /* Rejecting an address but not telling us what address
1451  * is a bad sign. */
1452  } else if (family == AF_INET) {
1453  return node->ri != NULL;
1454  } else if (family == AF_INET6) {
1455  return 0;
1456  }
1458  return 1;
1459 }
1460 
1461 /* Check if the "addr" and port_field fields from r are a valid non-listening
1462  * address/port. If so, set valid to true and add a newly allocated
1463  * tor_addr_port_t containing "addr" and port_field to sl.
1464  * "addr" is an IPv4 host-order address and port_field is a uint16_t.
1465  * r is typically a routerinfo_t or routerstatus_t.
1466  */
1467 #define SL_ADD_NEW_IPV4_AP(r, port_field, sl, valid) \
1468  STMT_BEGIN \
1469  if (tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1470  valid = 1; \
1471  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1472  tor_addr_from_ipv4h(&ap->addr, (r)->addr); \
1473  ap->port = (r)->port_field; \
1474  smartlist_add((sl), ap); \
1475  } \
1476  STMT_END
1477 
1478 /* Check if the "addr" and port_field fields from r are a valid non-listening
1479  * address/port. If so, set valid to true and add a newly allocated
1480  * tor_addr_port_t containing "addr" and port_field to sl.
1481  * "addr" is a tor_addr_t and port_field is a uint16_t.
1482  * r is typically a routerinfo_t or routerstatus_t.
1483  */
1484 #define SL_ADD_NEW_IPV6_AP(r, port_field, sl, valid) \
1485  STMT_BEGIN \
1486  if (tor_addr_port_is_valid(&(r)->ipv6_addr, (r)->port_field, 0)) { \
1487  valid = 1; \
1488  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1489  tor_addr_copy(&ap->addr, &(r)->ipv6_addr); \
1490  ap->port = (r)->port_field; \
1491  smartlist_add((sl), ap); \
1492  } \
1493  STMT_END
1494 
1503 smartlist_t *
1505 {
1506  smartlist_t *sl = smartlist_new();
1507  int valid = 0;
1508 
1509  /* Find a valid IPv4 address and port */
1510  if (node->ri != NULL) {
1511  SL_ADD_NEW_IPV4_AP(node->ri, or_port, sl, valid);
1512  }
1513 
1514  /* If we didn't find a valid address/port in the ri, try the rs */
1515  if (!valid && node->rs != NULL) {
1516  SL_ADD_NEW_IPV4_AP(node->rs, or_port, sl, valid);
1517  }
1518 
1519  /* Find a valid IPv6 address and port */
1520  valid = 0;
1521  if (node->ri != NULL) {
1522  SL_ADD_NEW_IPV6_AP(node->ri, ipv6_orport, sl, valid);
1523  }
1524 
1525  if (!valid && node->rs != NULL) {
1526  SL_ADD_NEW_IPV6_AP(node->rs, ipv6_orport, sl, valid);
1527  }
1528 
1529  if (!valid && node->md != NULL) {
1530  SL_ADD_NEW_IPV6_AP(node->md, ipv6_orport, sl, valid);
1531  }
1532 
1533  return sl;
1534 }
1535 
1536 #undef SL_ADD_NEW_IPV4_AP
1537 #undef SL_ADD_NEW_IPV6_AP
1538 
1541 void
1542 node_get_addr(const node_t *node, tor_addr_t *addr_out)
1543 {
1544  tor_addr_port_t ap;
1545  node_get_prim_orport(node, &ap);
1546  tor_addr_copy(addr_out, &ap.addr);
1547 }
1548 
1551 uint32_t
1553 {
1554  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1555  * and the node might have a valid IPv4 address, yet have a zero
1556  * ORPort or DirPort.
1557  */
1558  if (node->ri && tor_addr_is_valid_ipv4h(node->ri->addr, 0)) {
1559  return node->ri->addr;
1560  } else if (node->rs && tor_addr_is_valid_ipv4h(node->rs->addr, 0)) {
1561  return node->rs->addr;
1562  }
1563  return 0;
1564 }
1565 
1568 void
1569 node_get_address_string(const node_t *node, char *buf, size_t len)
1570 {
1571  uint32_t ipv4_addr = node_get_prim_addr_ipv4h(node);
1572 
1573  if (tor_addr_is_valid_ipv4h(ipv4_addr, 0)) {
1574  tor_addr_t addr;
1575  tor_addr_from_ipv4h(&addr, ipv4_addr);
1576  tor_addr_to_str(buf, &addr, len, 0);
1577  } else if (len > 0) {
1578  buf[0] = '\0';
1579  }
1580 }
1581 
1584 long
1586 {
1587  if (node->ri)
1588  return node->ri->uptime;
1589  else
1590  return -1;
1591 }
1592 
1594 const char *
1596 {
1597  /* If we wanted, we could record the version in the routerstatus_t, since
1598  * the consensus lists it. We don't, though, so this function just won't
1599  * work with microdescriptors. */
1600  if (node->ri)
1601  return node->ri->platform;
1602  else
1603  return NULL;
1604 }
1605 
1607 int
1608 node_is_me(const node_t *node)
1609 {
1610  return router_digest_is_me(node->identity);
1611 }
1612 
1613 /* Does this node have a valid IPv6 address?
1614  * Prefer node_has_ipv6_orport() or node_has_ipv6_dirport() for
1615  * checking specific ports. */
1616 int
1617 node_has_ipv6_addr(const node_t *node)
1618 {
1619  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1620  * and the node might have a valid IPv6 address, yet have a zero
1621  * ORPort or DirPort.
1622  */
1623  if (node->ri && tor_addr_is_valid(&node->ri->ipv6_addr, 0))
1624  return 1;
1625  if (node->rs && tor_addr_is_valid(&node->rs->ipv6_addr, 0))
1626  return 1;
1627  if (node->md && tor_addr_is_valid(&node->md->ipv6_addr, 0))
1628  return 1;
1629 
1630  return 0;
1631 }
1632 
1633 /* Does this node have a valid IPv6 ORPort? */
1634 int
1635 node_has_ipv6_orport(const node_t *node)
1636 {
1637  tor_addr_port_t ipv6_orport;
1638  node_get_pref_ipv6_orport(node, &ipv6_orport);
1639  return tor_addr_port_is_valid_ap(&ipv6_orport, 0);
1640 }
1641 
1642 /* Does this node have a valid IPv6 DirPort? */
1643 int
1644 node_has_ipv6_dirport(const node_t *node)
1645 {
1646  tor_addr_port_t ipv6_dirport;
1647  node_get_pref_ipv6_dirport(node, &ipv6_dirport);
1648  return tor_addr_port_is_valid_ap(&ipv6_dirport, 0);
1649 }
1650 
1663 int
1665 {
1666  const or_options_t *options = get_options();
1667  tor_addr_port_t ipv4_addr;
1668  node_assert_ok(node);
1669 
1670  /* XX/teor - node->ipv6_preferred is set from
1671  * fascist_firewall_prefer_ipv6_orport() each time the consensus is loaded.
1672  */
1673  node_get_prim_orport(node, &ipv4_addr);
1674  if (!fascist_firewall_use_ipv6(options)) {
1675  return 0;
1676  } else if (node->ipv6_preferred ||
1677  !tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
1678  return node_has_ipv6_orport(node);
1679  }
1680  return 0;
1681 }
1682 
1683 #define RETURN_IPV4_AP(r, port_field, ap_out) \
1684  STMT_BEGIN \
1685  if (r && tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1686  tor_addr_from_ipv4h(&(ap_out)->addr, (r)->addr); \
1687  (ap_out)->port = (r)->port_field; \
1688  } \
1689  STMT_END
1690 
1693 void
1695 {
1696  node_assert_ok(node);
1697  tor_assert(ap_out);
1698 
1699  /* Clear the address, as a safety precaution if calling functions ignore the
1700  * return value */
1701  tor_addr_make_null(&ap_out->addr, AF_INET);
1702  ap_out->port = 0;
1703 
1704  /* Check ri first, because rewrite_node_address_for_bridge() updates
1705  * node->ri with the configured bridge address. */
1706 
1707  RETURN_IPV4_AP(node->ri, or_port, ap_out);
1708  RETURN_IPV4_AP(node->rs, or_port, ap_out);
1709  /* Microdescriptors only have an IPv6 address */
1710 }
1711 
1714 void
1716 {
1717  tor_assert(ap_out);
1718 
1719  if (node_ipv6_or_preferred(node)) {
1720  node_get_pref_ipv6_orport(node, ap_out);
1721  } else {
1722  /* the primary ORPort is always on IPv4 */
1723  node_get_prim_orport(node, ap_out);
1724  }
1725 }
1726 
1729 void
1731 {
1732  node_assert_ok(node);
1733  tor_assert(ap_out);
1734  memset(ap_out, 0, sizeof(*ap_out));
1735 
1736  /* Check ri first, because rewrite_node_address_for_bridge() updates
1737  * node->ri with the configured bridge address.
1738  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1739  * Check if the address or port are valid, and try another alternative
1740  * if they are not. */
1741 
1742  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1743  node->ri->ipv6_orport, 0)) {
1744  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1745  ap_out->port = node->ri->ipv6_orport;
1746  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1747  node->rs->ipv6_orport, 0)) {
1748  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1749  ap_out->port = node->rs->ipv6_orport;
1750  } else if (node->md && tor_addr_port_is_valid(&node->md->ipv6_addr,
1751  node->md->ipv6_orport, 0)) {
1752  tor_addr_copy(&ap_out->addr, &node->md->ipv6_addr);
1753  ap_out->port = node->md->ipv6_orport;
1754  } else {
1755  tor_addr_make_null(&ap_out->addr, AF_INET6);
1756  ap_out->port = 0;
1757  }
1758 }
1759 
1771 int
1773 {
1774  const or_options_t *options = get_options();
1775  tor_addr_port_t ipv4_addr;
1776  node_assert_ok(node);
1777 
1778  /* node->ipv6_preferred is set from fascist_firewall_prefer_ipv6_orport(),
1779  * so we can't use it to determine DirPort IPv6 preference.
1780  * This means that bridge clients will use IPv4 DirPorts by default.
1781  */
1782  node_get_prim_dirport(node, &ipv4_addr);
1783  if (!fascist_firewall_use_ipv6(options)) {
1784  return 0;
1785  } else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
1786  || fascist_firewall_prefer_ipv6_dirport(get_options())) {
1787  return node_has_ipv6_dirport(node);
1788  }
1789  return 0;
1790 }
1791 
1794 void
1796 {
1797  node_assert_ok(node);
1798  tor_assert(ap_out);
1799 
1800  /* Clear the address, as a safety precaution if calling functions ignore the
1801  * return value */
1802  tor_addr_make_null(&ap_out->addr, AF_INET);
1803  ap_out->port = 0;
1804 
1805  /* Check ri first, because rewrite_node_address_for_bridge() updates
1806  * node->ri with the configured bridge address. */
1807 
1808  RETURN_IPV4_AP(node->ri, dir_port, ap_out);
1809  RETURN_IPV4_AP(node->rs, dir_port, ap_out);
1810  /* Microdescriptors only have an IPv6 address */
1811 }
1812 
1813 #undef RETURN_IPV4_AP
1814 
1817 void
1819 {
1820  tor_assert(ap_out);
1821 
1822  if (node_ipv6_dir_preferred(node)) {
1823  node_get_pref_ipv6_dirport(node, ap_out);
1824  } else {
1825  /* the primary DirPort is always on IPv4 */
1826  node_get_prim_dirport(node, ap_out);
1827  }
1828 }
1829 
1832 void
1834 {
1835  node_assert_ok(node);
1836  tor_assert(ap_out);
1837 
1838  /* Check ri first, because rewrite_node_address_for_bridge() updates
1839  * node->ri with the configured bridge address.
1840  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1841  * Check if the address or port are valid, and try another alternative
1842  * if they are not. */
1843 
1844  /* Assume IPv4 and IPv6 dirports are the same */
1845  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1846  node->ri->dir_port, 0)) {
1847  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1848  ap_out->port = node->ri->dir_port;
1849  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1850  node->rs->dir_port, 0)) {
1851  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1852  ap_out->port = node->rs->dir_port;
1853  } else {
1854  tor_addr_make_null(&ap_out->addr, AF_INET6);
1855  ap_out->port = 0;
1856  }
1857 }
1858 
1861 static int
1863 {
1864  if (!md) {
1865  return 0;
1866  }
1867 
1868  if (!md->onion_curve25519_pkey) {
1869  return 0;
1870  }
1871 
1872  if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
1874  return 0;
1875  }
1876 
1877  return 1;
1878 }
1879 
1881 int
1883 {
1884  return node_get_curve25519_onion_key(node) != NULL;
1885 }
1886 
1890 {
1891  if (!node)
1892  return NULL;
1893  if (routerinfo_has_curve25519_onion_key(node->ri))
1894  return node->ri->onion_curve25519_pkey;
1895  else if (microdesc_has_curve25519_onion_key(node->md))
1896  return node->md->onion_curve25519_pkey;
1897  else
1898  return NULL;
1899 }
1900 
1901 /* Return a newly allocacted RSA onion public key taken from the given node.
1902  *
1903  * Return NULL if node is NULL or no RSA onion public key can be found. It is
1904  * the caller responsability to free the returned object. */
1905 crypto_pk_t *
1906 node_get_rsa_onion_key(const node_t *node)
1907 {
1908  crypto_pk_t *pk = NULL;
1909  const char *onion_pkey;
1910  size_t onion_pkey_len;
1911 
1912  if (!node) {
1913  goto end;
1914  }
1915 
1916  if (node->ri) {
1917  onion_pkey = node->ri->onion_pkey;
1918  onion_pkey_len = node->ri->onion_pkey_len;
1919  } else if (node->rs && node->md) {
1920  onion_pkey = node->md->onion_pkey;
1921  onion_pkey_len = node->md->onion_pkey_len;
1922  } else {
1923  /* No descriptor or microdescriptor. */
1924  goto end;
1925  }
1926  pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
1927 
1928  end:
1929  return pk;
1930 }
1931 
1934 void
1936 {
1937  tor_addr_t addr = TOR_ADDR_NULL;
1938 
1939  /* XXXXipv6 */
1940  if (node->rs)
1941  tor_addr_from_ipv4h(&addr, node->rs->addr);
1942  else if (node->ri)
1943  tor_addr_from_ipv4h(&addr, node->ri->addr);
1944 
1945  node->country = geoip_get_country_by_addr(&addr);
1946 }
1947 
1949 void
1951 {
1952  const smartlist_t *nodes = nodelist_get_list();
1953  SMARTLIST_FOREACH(nodes, node_t *, node,
1954  node_set_country(node));
1955 }
1956 
1959 int
1961  const tor_addr_t *a2)
1962 {
1963  if (tor_addr_is_null(a1) || tor_addr_is_null(a2))
1964  return 0;
1965 
1966  switch (tor_addr_family(a1)) {
1967  case AF_INET:
1968  return 0 == tor_addr_compare_masked(a1, a2, 16, CMP_SEMANTIC);
1969  case AF_INET6:
1970  return 0 == tor_addr_compare_masked(a1, a2, 32, CMP_SEMANTIC);
1971  default:
1972  /* If not IPv4 or IPv6, return 0. */
1973  return 0;
1974  }
1975 }
1976 
1981 STATIC int
1982 node_nickname_matches(const node_t *node, const char *nickname)
1983 {
1984  const char *n = node_get_nickname(node);
1985  if (n && nickname[0]!='$' && !strcasecmp(n, nickname))
1986  return 1;
1987  return hex_digest_nickname_matches(nickname,
1988  node->identity,
1989  n);
1990 }
1991 
1993 STATIC int
1995 {
1996  if (!lst) return 0;
1997  SMARTLIST_FOREACH(lst, const char *, name, {
1998  if (node_nickname_matches(node, name))
1999  return 1;
2000  });
2001  return 0;
2002 }
2003 
2005 STATIC int
2006 node_family_contains(const node_t *n1, const node_t *n2)
2007 {
2008  if (n1->ri && n1->ri->declared_family) {
2009  return node_in_nickname_smartlist(n1->ri->declared_family, n2);
2010  } else if (n1->md) {
2011  return nodefamily_contains_node(n1->md->family, n2);
2012  } else {
2013  return 0;
2014  }
2015 }
2016 
2020 STATIC bool
2022 {
2023  if (node->ri && node->ri->declared_family &&
2024  smartlist_len(node->ri->declared_family)) {
2025  return true;
2026  }
2027 
2028  if (node->md && node->md->family) {
2029  return true;
2030  }
2031 
2032  return false;
2033 }
2034 
2040 STATIC void
2042 {
2043  if (node->ri && node->ri->declared_family &&
2044  smartlist_len(node->ri->declared_family)) {
2045  SMARTLIST_FOREACH_BEGIN(node->ri->declared_family, const char *, name) {
2046  const node_t *n2 = node_get_by_nickname(name, NNF_NO_WARN_UNNAMED);
2047  if (n2) {
2048  smartlist_add(out, (node_t *)n2);
2049  }
2050  } SMARTLIST_FOREACH_END(name);
2051  return;
2052  }
2053 
2054  if (node->md && node->md->family) {
2055  nodefamily_add_nodes_to_smartlist(node->md->family, out);
2056  }
2057 }
2058 
2061 int
2062 nodes_in_same_family(const node_t *node1, const node_t *node2)
2063 {
2064  const or_options_t *options = get_options();
2065 
2066  /* Are they in the same family because of their addresses? */
2067  if (options->EnforceDistinctSubnets) {
2068  tor_addr_t a1, a2;
2069  node_get_addr(node1, &a1);
2070  node_get_addr(node2, &a2);
2071 
2072  tor_addr_port_t ap6_1, ap6_2;
2073  node_get_pref_ipv6_orport(node1, &ap6_1);
2074  node_get_pref_ipv6_orport(node2, &ap6_2);
2075 
2076  if (addrs_in_same_network_family(&a1, &a2) ||
2077  addrs_in_same_network_family(&ap6_1.addr, &ap6_2.addr))
2078  return 1;
2079  }
2080 
2081  /* Are they in the same family because the agree they are? */
2082  if (node_family_contains(node1, node2) &&
2083  node_family_contains(node2, node1)) {
2084  return 1;
2085  }
2086 
2087  /* Are they in the same family because the user says they are? */
2088  if (options->NodeFamilySets) {
2089  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2090  if (routerset_contains_node(rs, node1) &&
2091  routerset_contains_node(rs, node2))
2092  return 1;
2093  });
2094  }
2095 
2096  return 0;
2097 }
2098 
2108 void
2110 {
2111  const smartlist_t *all_nodes = nodelist_get_list();
2112  const or_options_t *options = get_options();
2113 
2114  tor_assert(node);
2115 
2116  /* Let's make sure that we have the node itself, if it's a real node. */
2117  {
2118  const node_t *real_node = node_get_by_id(node->identity);
2119  if (real_node)
2120  smartlist_add(sl, (node_t*)real_node);
2121  }
2122 
2123  /* First, add any nodes with similar network addresses. */
2124  if (options->EnforceDistinctSubnets) {
2125  tor_addr_t node_addr;
2126  tor_addr_port_t node_ap6;
2127  node_get_addr(node, &node_addr);
2128  node_get_pref_ipv6_orport(node, &node_ap6);
2129 
2130  SMARTLIST_FOREACH_BEGIN(all_nodes, const node_t *, node2) {
2131  tor_addr_t a;
2132  tor_addr_port_t ap6;
2133  node_get_addr(node2, &a);
2134  node_get_pref_ipv6_orport(node2, &ap6);
2135  if (addrs_in_same_network_family(&a, &node_addr) ||
2136  addrs_in_same_network_family(&ap6.addr, &node_ap6.addr))
2137  smartlist_add(sl, (void*)node2);
2138  } SMARTLIST_FOREACH_END(node2);
2139  }
2140 
2141  /* Now, add all nodes in the declared family of this node, if they
2142  * also declare this node to be in their family. */
2143  if (node_has_declared_family(node)) {
2144  smartlist_t *declared_family = smartlist_new();
2145  node_lookup_declared_family(declared_family, node);
2146 
2147  /* Add every r such that router declares familyness with node, and node
2148  * declares familyhood with router. */
2149  SMARTLIST_FOREACH_BEGIN(declared_family, const node_t *, node2) {
2150  if (node_family_contains(node2, node)) {
2151  smartlist_add(sl, (void*)node2);
2152  }
2153  } SMARTLIST_FOREACH_END(node2);
2154  smartlist_free(declared_family);
2155  }
2156 
2157  /* If the user declared any families locally, honor those too. */
2158  if (options->NodeFamilySets) {
2159  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2160  if (routerset_contains_node(rs, node)) {
2161  routerset_get_all_nodes(sl, rs, NULL, 0);
2162  }
2163  });
2164  }
2165 }
2166 
2173 const node_t *
2174 router_find_exact_exit_enclave(const char *address, uint16_t port)
2175 {/*XXXX MOVE*/
2176  uint32_t addr;
2177  struct in_addr in;
2178  tor_addr_t a;
2179  const or_options_t *options = get_options();
2180 
2181  if (!tor_inet_aton(address, &in))
2182  return NULL; /* it's not an IP already */
2183  addr = ntohl(in.s_addr);
2184 
2185  tor_addr_from_ipv4h(&a, addr);
2186 
2187  SMARTLIST_FOREACH(nodelist_get_list(), const node_t *, node, {
2188  if (node_get_addr_ipv4h(node) == addr &&
2189  node->is_running &&
2190  compare_tor_addr_to_node_policy(&a, port, node) ==
2193  return node;
2194  });
2195  return NULL;
2196 }
2197 
2204 int
2205 node_is_unreliable(const node_t *node, int need_uptime,
2206  int need_capacity, int need_guard)
2207 {
2208  if (need_uptime && !node->is_stable)
2209  return 1;
2210  if (need_capacity && !node->is_fast)
2211  return 1;
2212  if (need_guard && !node->is_possible_guard)
2213  return 1;
2214  return 0;
2215 }
2216 
2219 int
2221  int need_uptime)
2222 {
2224 
2225  SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
2226  if (node->is_running &&
2227  !node_is_unreliable(node, need_uptime, 0, 0)) {
2228 
2229  r = compare_tor_addr_to_node_policy(addr, port, node);
2230 
2232  return 0; /* this one could be ok. good enough. */
2233  }
2234  } SMARTLIST_FOREACH_END(node);
2235  return 1; /* all will reject. */
2236 }
2237 
2240 void
2241 router_set_status(const char *digest, int up)
2242 {
2243  node_t *node;
2244  tor_assert(digest);
2245 
2246  SMARTLIST_FOREACH(router_get_fallback_dir_servers(),
2247  dir_server_t *, d,
2248  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2249  d->is_running = up);
2250 
2251  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2252  dir_server_t *, d,
2253  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2254  d->is_running = up);
2255 
2256  node = node_get_mutable_by_id(digest);
2257  if (node) {
2258 #if 0
2259  log_debug(LD_DIR,"Marking router %s as %s.",
2260  node_describe(node), up ? "up" : "down");
2261 #endif
2262  if (!up && node_is_me(node) && !net_is_disabled())
2263  log_warn(LD_NET, "We just marked ourself as down. Are your external "
2264  "addresses reachable?");
2265 
2266  if (bool_neq(node->is_running, up))
2268 
2269  node->is_running = up;
2270  }
2271 }
2272 
2276 static int have_min_dir_info = 0;
2277 
2279 static consensus_path_type_t have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2280 
2287 static char dir_info_status[512] = "";
2288 
2297 router_have_minimum_dir_info,(void))
2298 {
2299  static int logged_delay=0;
2300  const char *delay_fetches_msg = NULL;
2301  if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
2302  if (!logged_delay)
2303  log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg);
2304  logged_delay=1;
2305  strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status));
2306  return 0;
2307  }
2308  logged_delay = 0; /* reset it if we get this far */
2309 
2310  if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
2312  }
2313 
2314  return have_min_dir_info;
2315 }
2316 
2330 router_have_consensus_path, (void))
2331 {
2332  return have_consensus_path;
2333 }
2334 
2339 void
2341 {
2344  hs_service_dir_info_changed();
2345  hs_client_dir_info_changed();
2346 }
2347 
2350 const char *
2352 {
2353  return dir_info_status;
2354 }
2355 
2370 static void
2371 count_usable_descriptors(int *num_present, int *num_usable,
2372  smartlist_t *descs_out,
2373  const networkstatus_t *consensus,
2374  time_t now,
2375  routerset_t *in_set,
2376  usable_descriptor_t exit_only)
2377 {
2378  const int md = (consensus->flavor == FLAV_MICRODESC);
2379  *num_present = 0, *num_usable = 0;
2380 
2382  {
2383  const node_t *node = node_get_by_id(rs->identity_digest);
2384  if (!node)
2385  continue; /* This would be a bug: every entry in the consensus is
2386  * supposed to have a node. */
2387  if ((exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) && ! rs->is_exit)
2388  continue;
2389  if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1))
2390  continue;
2391  if (client_would_use_router(rs, now)) {
2392  const char * const digest = rs->descriptor_digest;
2393  int present;
2394  ++*num_usable; /* the consensus says we want it. */
2395  if (md)
2396  present = NULL != microdesc_cache_lookup_by_digest256(NULL, digest);
2397  else
2398  present = NULL != router_get_by_descriptor_digest(digest);
2399  if (present) {
2400  /* Do the policy check last, because it requires a descriptor,
2401  * and is potentially expensive */
2402  if ((exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) &&
2404  continue;
2405  }
2406  /* we have the descriptor listed in the consensus, and it
2407  * satisfies our exit constraints (if any) */
2408  ++*num_present;
2409  }
2410  if (descs_out)
2411  smartlist_add(descs_out, (node_t*)node);
2412  }
2413  }
2414  SMARTLIST_FOREACH_END(rs);
2415 
2416  log_debug(LD_DIR, "%d usable, %d present (%s%s%s%s%s).",
2417  *num_usable, *num_present,
2418  md ? "microdesc" : "desc",
2419  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2420  " exit" : "s",
2421  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) ?
2422  " policies" : "" ,
2423  (exit_only == USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2424  " and" : "" ,
2425  (exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) ?
2426  " flags" : "" );
2427 }
2428 
2441 static double
2443  const or_options_t *options, time_t now,
2444  int *num_present_out, int *num_usable_out,
2445  char **status_out)
2446 {
2447  smartlist_t *guards = smartlist_new();
2448  smartlist_t *mid = smartlist_new();
2449  smartlist_t *exits = smartlist_new();
2450  double f_guard, f_mid, f_exit;
2451  double f_path = 0.0;
2452  /* Used to determine whether there are any exits in the consensus */
2453  int np = 0;
2454  /* Used to determine whether there are any exits with descriptors */
2455  int nu = 0;
2456  const int authdir = authdir_mode_v3(options);
2457 
2458  count_usable_descriptors(num_present_out, num_usable_out,
2459  mid, consensus, now, options->MiddleNodes,
2460  USABLE_DESCRIPTOR_ALL);
2461  log_debug(LD_NET,
2462  "%s: %d present, %d usable",
2463  "mid",
2464  np,
2465  nu);
2466 
2467  if (options->EntryNodes) {
2468  count_usable_descriptors(&np, &nu, guards, consensus, now,
2469  options->EntryNodes, USABLE_DESCRIPTOR_ALL);
2470  log_debug(LD_NET,
2471  "%s: %d present, %d usable",
2472  "guard",
2473  np,
2474  nu);
2475  } else {
2476  SMARTLIST_FOREACH(mid, const node_t *, node, {
2477  if (authdir) {
2478  if (node->rs && node->rs->is_possible_guard)
2479  smartlist_add(guards, (node_t*)node);
2480  } else {
2481  if (node->is_possible_guard)
2482  smartlist_add(guards, (node_t*)node);
2483  }
2484  });
2485  log_debug(LD_NET,
2486  "%s: %d possible",
2487  "guard",
2488  smartlist_len(guards));
2489  }
2490 
2491  /* All nodes with exit policy and flag */
2492  count_usable_descriptors(&np, &nu, exits, consensus, now,
2493  NULL, USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2494  log_debug(LD_NET,
2495  "%s: %d present, %d usable",
2496  "exits",
2497  np,
2498  nu);
2499 
2500  /* We need at least 1 exit (flag and policy) in the consensus to consider
2501  * building exit paths */
2502  /* Update our understanding of whether the consensus has exits */
2503  consensus_path_type_t old_have_consensus_path = have_consensus_path;
2504  have_consensus_path = ((np > 0) ?
2505  CONSENSUS_PATH_EXIT :
2506  CONSENSUS_PATH_INTERNAL);
2507 
2508  if (old_have_consensus_path != have_consensus_path) {
2509  if (have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2510  log_notice(LD_NET,
2511  "The current consensus has no exit nodes. "
2512  "Tor can only build internal paths, "
2513  "such as paths to onion services.");
2514 
2515  /* However, exit nodes can reachability self-test using this consensus,
2516  * join the network, and appear in a later consensus. This will allow
2517  * the network to build exit paths, such as paths for world wide web
2518  * browsing (as distinct from hidden service web browsing). */
2519  } else if (old_have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2520  log_notice(LD_NET,
2521  "The current consensus contains exit nodes. "
2522  "Tor can build exit and internal paths.");
2523  }
2524  }
2525 
2526  f_guard = frac_nodes_with_descriptors(guards, WEIGHT_FOR_GUARD, 1);
2527  f_mid = frac_nodes_with_descriptors(mid, WEIGHT_FOR_MID, 0);
2528  f_exit = frac_nodes_with_descriptors(exits, WEIGHT_FOR_EXIT, 0);
2529 
2530  /* If we are using bridges and have at least one bridge with a full
2531  * descriptor, assume f_guard is 1.0. */
2532  if (options->UseBridges && num_bridges_usable(0) > 0)
2533  f_guard = 1.0;
2534 
2535  log_debug(LD_NET,
2536  "f_guard: %.2f, f_mid: %.2f, f_exit: %.2f",
2537  f_guard,
2538  f_mid,
2539  f_exit);
2540 
2541  smartlist_free(guards);
2542  smartlist_free(mid);
2543  smartlist_free(exits);
2544 
2545  if (options->ExitNodes) {
2546  double f_myexit, f_myexit_unflagged;
2547  smartlist_t *myexits= smartlist_new();
2548  smartlist_t *myexits_unflagged = smartlist_new();
2549 
2550  /* All nodes with exit policy and flag in ExitNodes option */
2551  count_usable_descriptors(&np, &nu, myexits, consensus, now,
2552  options->ExitNodes,
2553  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2554  log_debug(LD_NET,
2555  "%s: %d present, %d usable",
2556  "myexits",
2557  np,
2558  nu);
2559 
2560  /* Now compute the nodes in the ExitNodes option where we know their exit
2561  * policy permits something. */
2562  count_usable_descriptors(&np, &nu, myexits_unflagged,
2563  consensus, now,
2564  options->ExitNodes,
2565  USABLE_DESCRIPTOR_EXIT_POLICY);
2566  log_debug(LD_NET,
2567  "%s: %d present, %d usable",
2568  "myexits_unflagged (initial)",
2569  np,
2570  nu);
2571 
2572  f_myexit= frac_nodes_with_descriptors(myexits,WEIGHT_FOR_EXIT, 0);
2573  f_myexit_unflagged=
2574  frac_nodes_with_descriptors(myexits_unflagged,
2575  WEIGHT_FOR_EXIT, 0);
2576 
2577  log_debug(LD_NET,
2578  "f_exit: %.2f, f_myexit: %.2f, f_myexit_unflagged: %.2f",
2579  f_exit,
2580  f_myexit,
2581  f_myexit_unflagged);
2582 
2583  /* If our ExitNodes list has eliminated every possible Exit node, and there
2584  * were some possible Exit nodes, then instead consider nodes that permit
2585  * exiting to some ports. */
2586  if (smartlist_len(myexits) == 0 &&
2587  smartlist_len(myexits_unflagged)) {
2588  f_myexit = f_myexit_unflagged;
2589  }
2590 
2591  smartlist_free(myexits);
2592  smartlist_free(myexits_unflagged);
2593 
2594  /* This is a tricky point here: we don't want to make it easy for a
2595  * directory to trickle exits to us until it learns which exits we have
2596  * configured, so require that we have a threshold both of total exits
2597  * and usable exits. */
2598  if (f_myexit < f_exit)
2599  f_exit = f_myexit;
2600  }
2601 
2602  /* If the consensus has no exits that pass flag, descriptor, and policy
2603  * checks, we can only build onion service paths, which are G - M - M. */
2604  if (router_have_consensus_path() != CONSENSUS_PATH_EXIT) {
2605  /* If the exit bandwidth weight fraction is not zero, we need to wait for
2606  * descriptors for those exits. (The bandwidth weight fraction does not
2607  * check for descriptors.)
2608  * If the exit bandwidth fraction is zero, there are no exits in the
2609  * consensus at all. So it is safe to replace f_exit with f_mid.
2610  *
2611  * f_exit is non-negative, but some compilers complain about float and ==
2612  */
2613  if (f_exit <= 0.0) {
2614  f_exit = f_mid;
2615  }
2616  }
2617 
2618  f_path = f_guard * f_mid * f_exit;
2619 
2620  if (status_out)
2621  tor_asprintf(status_out,
2622  "%d%% of guards bw, "
2623  "%d%% of midpoint bw, and "
2624  "%d%% of %s = "
2625  "%d%% of path bw",
2626  (int)(f_guard*100),
2627  (int)(f_mid*100),
2628  (int)(f_exit*100),
2629  (router_have_consensus_path() == CONSENSUS_PATH_EXIT ?
2630  "exit bw" :
2631  "end bw (no exits in consensus, using mid)"),
2632  (int)(f_path*100));
2633 
2634  return f_path;
2635 }
2636 
2640 int
2642 {
2643  int num_present = 0, num_usable=0;
2644  time_t now = time(NULL);
2645  const or_options_t *options = get_options();
2646  const networkstatus_t *consensus =
2647  networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor());
2648  double paths, fraction;
2649 
2650  if (!consensus)
2651  return 0; /* can't count descriptors if we have no list of them */
2652 
2653  paths = compute_frac_paths_available(consensus, options, now,
2654  &num_present, &num_usable,
2655  NULL);
2656 
2657  fraction = paths / get_frac_paths_needed_for_circs(options,consensus);
2658  if (fraction > 1.0)
2659  return 0; /* it's not the number of descriptors holding us back */
2660  return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
2661  (fraction*(BOOTSTRAP_STATUS_ENOUGH_DIRINFO-1 -
2662  BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
2663 }
2664 
2667 static double
2669  const networkstatus_t *ns)
2670 {
2671 #define DFLT_PCT_USABLE_NEEDED 60
2672  if (options->PathsNeededToBuildCircuits >= 0.0) {
2673  return options->PathsNeededToBuildCircuits;
2674  } else {
2675  return networkstatus_get_param(ns, "min_paths_for_circs_pct",
2676  DFLT_PCT_USABLE_NEEDED,
2677  25, 95)/100.0;
2678  }
2679 }
2680 
2684 static void
2686 {
2687  time_t now = time(NULL);
2688  int res;
2689  int num_present=0, num_usable=0;
2690  const or_options_t *options = get_options();
2691  const networkstatus_t *consensus =
2692  networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor());
2693  int using_md;
2694 
2695  if (!consensus) {
2696  if (!networkstatus_get_latest_consensus())
2697  strlcpy(dir_info_status, "We have no usable consensus.",
2698  sizeof(dir_info_status));
2699  else
2700  strlcpy(dir_info_status, "We have no recent usable consensus.",
2701  sizeof(dir_info_status));
2702  res = 0;
2703  goto done;
2704  }
2705 
2706  using_md = consensus->flavor == FLAV_MICRODESC;
2707 
2708  /* Check fraction of available paths */
2709  {
2710  char *status = NULL;
2711  double paths = compute_frac_paths_available(consensus, options, now,
2712  &num_present, &num_usable,
2713  &status);
2714 
2715  if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
2717  "We need more %sdescriptors: we have %d/%d, and "
2718  "can only build %d%% of likely paths. (We have %s.)",
2719  using_md?"micro":"", num_present, num_usable,
2720  (int)(paths*100), status);
2721  tor_free(status);
2722  res = 0;
2723  control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
2724  goto done;
2725  }
2726 
2727  tor_free(status);
2728  res = 1;
2729  }
2730 
2731  { /* Check entry guard dirinfo status */
2732  char *guard_error = entry_guards_get_err_str_if_dir_info_missing(using_md,
2733  num_present,
2734  num_usable);
2735  if (guard_error) {
2736  strlcpy(dir_info_status, guard_error, sizeof(dir_info_status));
2737  tor_free(guard_error);
2738  res = 0;
2739  goto done;
2740  }
2741  }
2742 
2743  done:
2744 
2745  /* If paths have just become available in this update. */
2746  if (res && !have_min_dir_info) {
2747  control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
2748  control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0);
2749  log_info(LD_DIR,
2750  "We now have enough directory information to build circuits.");
2751  }
2752 
2753  /* If paths have just become unavailable in this update. */
2754  if (!res && have_min_dir_info) {
2755  int quiet = directory_too_idle_to_fetch_descriptors(options, now);
2756  tor_log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
2757  "Our directory information is no longer up-to-date "
2758  "enough to build circuits: %s", dir_info_status);
2759 
2760  /* a) make us log when we next complete a circuit, so we know when Tor
2761  * is back up and usable, and b) disable some activities that Tor
2762  * should only do while circuits are working, like reachability tests
2763  * and fetching bridge descriptors only over circuits. */
2765  have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2766  control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
2767  }
2768  have_min_dir_info = res;
2770 }
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:40
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:603
int fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:508
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
smartlist_t * nodelist_find_nodes_with_microdesc(const microdesc_t *md)
Definition: nodelist.c:767
int node_allows_single_hop_exits(const node_t *node)
Definition: nodelist.c:1419
Header file containing common data for the whole HS subsytem.
Header file for circuitbuild.c.
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1730
Definition: node_st.h:28
uint16_t ipv6_orport
Definition: microdesc_st.h:74
Types to handle sets of addresses.
static void node_add_to_address_set(const node_t *node)
Definition: nodelist.c:448
int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us)
Definition: nodelist.c:1135
unsigned int policy_is_reject_star
Definition: routerinfo_st.h:74
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
Header for backtrace.c.
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:338
unsigned int name_lookup_warned
Definition: node_st.h:72
protover_summary_flags_t pv
Definition: routerinfo_st.h:90
protover_summary_flags_t pv
addr_policy_result_t
Definition: policies.h:38
Header file containing client data for the HS subsytem.
Header file for node_select.c.
Header file for nodefamily.c.
routerset_t * EntryNodes
Definition: or_options_st.h:79
void router_dir_info_changed(void)
Definition: nodelist.c:2340
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1053
int node_supports_ed25519_hs_intro(const node_t *node)
Definition: nodelist.c:1162
#define LD_GENERAL
Definition: log.h:60
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1833
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:3004
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
void control_event_boot_dir(bootstrap_status_t status, int progress)
char identity_digest[DIGEST_LEN]
static void node_free_(node_t *node)
Definition: nodelist.c:785
#define LOG_INFO
Definition: log.h:43
Header file for describe.c.
Header file for nodelist.c.
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1664
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:633
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
const ed25519_public_key_t * node_get_ed25519_id(const node_t *node)
Definition: nodelist.c:1051
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1694
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
struct smartlist_t * NodeFamilySets
void smartlist_add(smartlist_t *sl, void *element)
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:234
#define bool_neq(a, b)
Definition: logic.h:18
int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:533
#define MAX_NICKNAME_LEN
Definition: or.h:113
Header file for config.c.
void router_set_status(const char *digest, int up)
Definition: nodelist.c:2241
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
ed25519_public_key_t signing_key
Definition: torcert.h:28
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
Header file for microdesc.c.
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:152
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:38
static int node_add_to_ed25519_map(node_t *node)
Definition: nodelist.c:308
MOCK_IMPL(node_t *, node_get_mutable_by_id,(const char *identity_digest))
Definition: nodelist.c:193
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:83
int directory_too_idle_to_fetch_descriptors(const or_options_t *options, time_t now)
Definition: dirserv.c:169
unsigned int supports_v3_hsdir
Definition: or.h:836
#define tor_free(p)
Definition: malloc.h:52
#define tor_fragile_assert()
Definition: util_bug.h:241
unsigned int is_possible_guard
Definition: node_st.h:63
static int have_min_dir_info
Definition: nodelist.c:2276
int node_supports_v3_hsdir(const node_t *node)
Definition: nodelist.c:1152
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1351
unsigned int supports_ed25519_hs_intro
Definition: or.h:831
#define LOG_NOTICE
Definition: log.h:48
struct tor_cert_st * signing_key_cert
unsigned int is_stable
Definition: node_st.h:62
Header file for mainloop.c.
unsigned int rejects_all
Definition: node_st.h:77
STATIC void node_lookup_declared_family(smartlist_t *out, const node_t *node)
Definition: nodelist.c:2041
consensus_path_type_t
Definition: nodelist.h:144
int node_is_me(const node_t *node)
Definition: nodelist.c:1608
void node_get_pref_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1715
const char * node_get_platform(const node_t *node)
Definition: nodelist.c:1595
smartlist_t * declared_family
Definition: routerinfo_st.h:62
unsigned int is_running
Definition: dir_server_st.h:32
unsigned int is_valid
Definition: node_st.h:59
int node_has_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1882
Header file for geoip.c.
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
size_t onion_pkey_len
Definition: microdesc_st.h:65
static double get_frac_paths_needed_for_circs(const or_options_t *options, const networkstatus_t *ns)
Definition: nodelist.c:2668
usable_descriptor_t
Definition: nodelist.c:92
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:749
int address_set_probably_contains(const address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:67
static const protover_summary_flags_t zero_protover_flags
Definition: nodelist.c:1108
unsigned int is_exit
Definition: node_st.h:64
STATIC int node_family_contains(const node_t *n1, const node_t *n2)
Definition: nodelist.c:2006
int node_is_unreliable(const node_t *node, int need_uptime, int need_capacity, int need_guard)
Definition: nodelist.c:2205
Header file for directory authority mode.
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:493
static double compute_frac_paths_available(const networkstatus_t *consensus, const or_options_t *options, time_t now, int *num_present_out, int *num_usable_out, char **status_out)
Definition: nodelist.c:2442
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for policies.c.
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2641
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2109
double frac_nodes_with_descriptors(const smartlist_t *sl, bandwidth_weight_rule_t rule, int for_direct_conn)
Definition: node_select.c:768
const node_t * node_get_by_hex_id(const char *hex_id, unsigned flags)
Definition: nodelist.c:959
const curve25519_public_key_t * node_get_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1889
int node_is_dir(const node_t *node)
Definition: nodelist.c:1315
tor_assert(buffer)
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1301
routerset_t * ExitNodes
Definition: or_options_st.h:73
unsigned int is_running
Definition: node_st.h:57
node_t * nodelist_add_microdesc(microdesc_t *md)
Definition: nodelist.c:549
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
void nodelist_purge(void)
Definition: nodelist.c:798
int node_get_purpose(const node_t *node)
Definition: nodelist.c:1372
static void node_addrs_changed(node_t *node)
Definition: nodelist.c:438
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
static char dir_info_status[512]
Definition: nodelist.c:2287
static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, time_t now, routerset_t *in_set, usable_descriptor_t exit_only)
Definition: nodelist.c:2371
void address_set_add(address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:48
unsigned int held_by_nodes
Definition: microdesc_st.h:39
static int microdesc_has_curve25519_onion_key(const microdesc_t *md)
Definition: nodelist.c:1862
unsigned int is_hs_dir
Definition: node_st.h:67
void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1818
#define DIGEST_LEN
Definition: digest_sizes.h:20
void rend_hsdir_routers_changed(void)
Definition: rendservice.c:4335
const char * node_describe(const node_t *node)
Definition: describe.c:143
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1795
char identity[DIGEST_LEN]
Definition: node_st.h:40
void nodefamily_add_nodes_to_smartlist(const nodefamily_t *family, smartlist_t *out)
Definition: nodefamily.c:342
Headers for address.h.
Header file for circuitbuild.c.
void node_get_verbose_nickname_by_id(const char *id_digest, char *verbose_name_out)
Definition: nodelist.c:1404
unsigned int allow_single_hop_exits
Definition: routerinfo_st.h:69
Master header file for Tor-specific functionality.
int addrs_in_same_network_family(const tor_addr_t *a1, const tor_addr_t *a2)
Definition: nodelist.c:1960
uint32_t node_get_prim_addr_ipv4h(const node_t *node)
Definition: nodelist.c:1552
time_t last_reachable
Definition: node_st.h:93
static void nodelist_drop_node(node_t *node, int remove_from_ht)
Definition: nodelist.c:742
size_t onion_pkey_len
Definition: routerinfo_st.h:36
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1384
int node_is_good_exit(const node_t *node)
Definition: nodelist.c:698
Header for binascii.c.
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:821
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
tor_addr_t ipv6_addr
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:770
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:279
char nickname[MAX_NICKNAME_LEN+1]
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
struct ed25519_public_key_t * ed25519_identity_pkey
Definition: microdesc_st.h:70
signed_descriptor_t * router_get_by_descriptor_digest(const char *digest)
Definition: routerlist.c:698
void tor_free_(void *mem)
Definition: malloc.c:227
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
Definition: nodelist.c:713
void smartlist_del(smartlist_t *sl, int idx)
static int need_to_update_have_min_dir_info
Definition: nodelist.c:2284
void node_set_country(node_t *node)
Definition: nodelist.c:1935
const node_t * router_find_exact_exit_enclave(const char *address, uint16_t port)
Definition: nodelist.c:2174
Header file for rendservice.c.
Header file for process_descs.c.
int control_event_client_status(int severity, const char *format,...)
char * onion_pkey
Definition: routerinfo_st.h:34
static node_t * node_get_or_create(const char *identity_digest)
Definition: nodelist.c:243
tor_addr_t ipv6_addr
Definition: microdesc_st.h:72
double PathsNeededToBuildCircuits
Headers and type declarations for protover.c.
char * onion_pkey
Definition: microdesc_st.h:63
microdesc_t * microdesc_cache_lookup_by_digest256(microdesc_cache_t *cache, const char *d)
Definition: microdesc.c:944
smartlist_t * routerstatus_list
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1447
static int node_remove_from_ed25519_map(node_t *node)
Definition: nodelist.c:265
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:560
country_t country
Definition: node_st.h:87
unsigned int is_possible_guard
const char * get_dir_info_status_string(void)
Definition: nodelist.c:2351
#define LD_DIR
Definition: log.h:86
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
node_t * nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
Definition: nodelist.c:493
STATIC bool node_has_declared_family(const node_t *node)
Definition: nodelist.c:2021
int hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, const char *nickname)
Definition: routerlist.c:634
char identity_digest[DIGEST_LEN]
routerset_t * ExcludeExitNodesUnion_
Definition: or_options_st.h:94
int hex_digest_nickname_decode(const char *hexdigest, char *digest_out, char *nickname_qualifier_char_out, char *nickname_out)
Definition: routerlist.c:598
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
unsigned int ipv6_preferred
Definition: node_st.h:83
void nodelist_assert_ok(void)
Definition: nodelist.c:851
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:249
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: microdesc_st.h:68
int node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1183
#define SMARTLIST_FOREACH(sl, type, var, cmd)
void nodelist_free_all(void)
Definition: nodelist.c:827
char * nickname
Definition: routerinfo_st.h:17
uint16_t dir_port
Definition: routerinfo_st.h:21
#define log_fn(severity, domain, args,...)
Definition: log.h:274
struct nodelist_t nodelist_t
char * entry_guards_get_err_str_if_dir_info_missing(int using_mds, int num_present, int num_usable)
Definition: entrynodes.c:3779
smartlist_t * node_get_all_orports(const node_t *node)
Definition: nodelist.c:1504
int EnforceDistinctSubnets
int router_digest_is_me(const char *digest)
Definition: router.c:1592
static const protover_summary_flags_t * node_get_protover_summary_flags(const node_t *node)
Definition: nodelist.c:1114
HT_PROTOTYPE(HT_GENERATE2(nodelist_ed_map, HT_GENERATE2(node_t, HT_GENERATE2(ed_ht_ent, HT_GENERATE2(node_ed_id_hash, HT_GENERATE2(node_ed_id_eq)
Definition: nodelist.c:172
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:55
time_t approx_time(void)
Definition: approx_time.c:32
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1430
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2220
routerset_t * MiddleNodes
Definition: or_options_st.h:76
Header file for dirlist.c.
long node_get_declared_uptime(const node_t *node)
Definition: nodelist.c:1585
uint32_t addr
Definition: routerinfo_st.h:19
int node_is_a_configured_bridge(const node_t *node)
Definition: bridges.c:348
void nodelist_remove_routerinfo(routerinfo_t *ri)
Definition: nodelist.c:727
void node_get_address_string(const node_t *node, char *buf, size_t len)
Definition: nodelist.c:1569
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1096
char * platform
Definition: routerinfo_st.h:45
uint16_t ipv6_orport
uint8_t purpose
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:975
struct nodefamily_t * family
Definition: microdesc_st.h:76
bool nodefamily_contains_node(const nodefamily_t *family, const node_t *node)
Definition: nodefamily.c:328
int node_supports_establish_intro_dos_extension(const node_t *node)
Definition: nodelist.c:1172
STATIC int node_in_nickname_smartlist(const smartlist_t *lst, const node_t *node)
Definition: nodelist.c:1994
int nodelist_idx
Definition: node_st.h:36
#define LD_NET
Definition: log.h:64
#define tor_addr_to_in6_addr8(x)
Definition: address.h:129
unsigned int is_bad_exit
Definition: node_st.h:65
const uint8_t * node_get_rsa_id_digest(const node_t *node)
Definition: nodelist.c:1197
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:267
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:322
uint64_t hs_get_next_time_period_num(time_t now)
Definition: hs_common.c:302
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:27
static void node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
Definition: nodelist.c:292
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:904
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:826
void nodelist_refresh_countries(void)
Definition: nodelist.c:1950
address_set_t * address_set_new(int max_addresses_guess)
Definition: address_set.c:34
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
void address_set_add_ipv4h(address_set_t *set, uint32_t addr)
Definition: address_set.c:55
int client_would_use_router(const routerstatus_t *rs, time_t now)
Header file for control_events.c.
#define LD_PROTOCOL
Definition: log.h:70
ed25519_public_key_t ed25519_id
Definition: node_st.h:47
int node_has_any_descriptor(const node_t *node)
Definition: nodelist.c:1338
int nodes_in_same_family(const node_t *node1, const node_t *node2)
Definition: nodelist.c:2062
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
int nodelist_probably_contains_address(const tor_addr_t *addr)
Definition: nodelist.c:477
static void update_router_have_minimum_dir_info(void)
Definition: nodelist.c:2685
STATIC int node_nickname_matches(const node_t *node, const char *nickname)
Definition: nodelist.c:1982
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
void node_get_addr(const node_t *node, tor_addr_t *addr_out)
Definition: nodelist.c:1542
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:84
void nodelist_ensure_freshness(networkstatus_t *ns)
Definition: nodelist.c:928
#define LD_CONFIG
Definition: log.h:66
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
smartlist_t * routers
Definition: routerlist_st.h:27
unsigned int supports_v3_rendezvous_point
Definition: or.h:841
Header file for routerlist.c.
node_t * node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:207
static consensus_path_type_t have_consensus_path
Definition: nodelist.c:2279
static int node_is_usable(const node_t *node)
Definition: nodelist.c:705
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
int fascist_firewall_use_ipv6(const or_options_t *options)
Definition: policies.c:459
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1772
unsigned int policy_is_reject_star
Definition: microdesc_st.h:37