tor  0.4.2.0-alpha-dev
nodelist.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
41 #define NODELIST_PRIVATE
42 
43 #include "core/or/or.h"
44 #include "app/config/config.h"
45 #include "core/mainloop/mainloop.h"
46 #include "core/mainloop/netstatus.h"
47 #include "core/or/address_set.h"
48 #include "core/or/policies.h"
49 #include "core/or/protover.h"
50 #include "feature/client/bridges.h"
55 #include "feature/hs/hs_client.h"
56 #include "feature/hs/hs_common.h"
65 #include "feature/nodelist/routerset.h"
66 #include "feature/nodelist/torcert.h"
68 #include "lib/encoding/binascii.h"
69 #include "lib/err/backtrace.h"
70 #include "lib/geoip/geoip.h"
71 #include "lib/net/address.h"
72 
73 #include <string.h>
74 
76 
77 #include "feature/dirclient/dir_server_st.h"
78 #include "feature/nodelist/microdesc_st.h"
79 #include "feature/nodelist/networkstatus_st.h"
80 #include "feature/nodelist/node_st.h"
81 #include "feature/nodelist/routerinfo_st.h"
82 #include "feature/nodelist/routerlist_st.h"
83 #include "feature/nodelist/routerstatus_st.h"
84 
85 static void nodelist_drop_node(node_t *node, int remove_from_ht);
86 #define node_free(val) \
87  FREE_AND_NULL(node_t, node_free_, (val))
88 static void node_free_(node_t *node);
89 
92 typedef enum {
93  /* All descriptors regardless of flags or exit policies */
94  USABLE_DESCRIPTOR_ALL = 0U,
95  /* Only count descriptors with an exit policy that allows at least one port
96  */
97  USABLE_DESCRIPTOR_EXIT_POLICY = 1U << 0,
98  /* Only count descriptors for relays that have the exit flag in the
99  * consensus */
100  USABLE_DESCRIPTOR_EXIT_FLAG = 1U << 1,
101  /* Only count descriptors for relays that have the policy and the flag */
102  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG = (USABLE_DESCRIPTOR_EXIT_POLICY |
103  USABLE_DESCRIPTOR_EXIT_FLAG)
105 static void count_usable_descriptors(int *num_present,
106  int *num_usable,
107  smartlist_t *descs_out,
108  const networkstatus_t *consensus,
109  time_t now,
110  routerset_t *in_set,
111  usable_descriptor_t exit_only);
112 static void update_router_have_minimum_dir_info(void);
113 static double get_frac_paths_needed_for_circs(const or_options_t *options,
114  const networkstatus_t *ns);
115 static void node_add_to_address_set(const node_t *node);
116 
121 typedef struct nodelist_t {
122  /* A list of all the nodes. */
123  smartlist_t *nodes;
124  /* Hash table to map from node ID digest to node. */
125  HT_HEAD(nodelist_map, node_t) nodes_by_id;
126  /* Hash table to map from node Ed25519 ID to node.
127  *
128  * Whenever a node's routerinfo or microdescriptor is about to change,
129  * you should remove it from this map with node_remove_from_ed25519_map().
130  * Whenever a node's routerinfo or microdescriptor has just chaned,
131  * you should add it to this map with node_add_to_ed25519_map().
132  */
133  HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
134 
135  /* Set of addresses that belong to nodes we believe in. */
136  address_set_t *node_addrs;
137 
138  /* The valid-after time of the last live consensus that initialized the
139  * nodelist. We use this to detect outdated nodelists that need to be
140  * rebuilt using a newer consensus. */
141  time_t live_consensus_valid_after;
142 } nodelist_t;
143 
144 static inline unsigned int
145 node_id_hash(const node_t *node)
146 {
147  return (unsigned) siphash24g(node->identity, DIGEST_LEN);
148 }
149 
150 static inline unsigned int
151 node_id_eq(const node_t *node1, const node_t *node2)
152 {
153  return tor_memeq(node1->identity, node2->identity, DIGEST_LEN);
154 }
155 
156 HT_PROTOTYPE(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq)
157 HT_GENERATE2(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq,
159 
160 static inline unsigned int
161 node_ed_id_hash(const node_t *node)
162 {
163  return (unsigned) siphash24g(node->ed25519_id.pubkey, ED25519_PUBKEY_LEN);
164 }
165 
166 static inline unsigned int
167 node_ed_id_eq(const node_t *node1, const node_t *node2)
168 {
169  return ed25519_pubkey_eq(&node1->ed25519_id, &node2->ed25519_id);
170 }
171 
172 HT_PROTOTYPE(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
173  node_ed_id_eq)
174 HT_GENERATE2(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
175  node_ed_id_eq, 0.6, tor_reallocarray_, tor_free_)
176 
177 
178 static nodelist_t *the_nodelist=NULL;
179 
181 static void
182 init_nodelist(void)
183 {
184  if (PREDICT_UNLIKELY(the_nodelist == NULL)) {
185  the_nodelist = tor_malloc_zero(sizeof(nodelist_t));
186  HT_INIT(nodelist_map, &the_nodelist->nodes_by_id);
187  HT_INIT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
188  the_nodelist->nodes = smartlist_new();
189  }
190 }
191 
194 node_get_mutable_by_id,(const char *identity_digest))
195 {
196  node_t search, *node;
197  if (PREDICT_UNLIKELY(the_nodelist == NULL))
198  return NULL;
199 
200  memcpy(&search.identity, identity_digest, DIGEST_LEN);
201  node = HT_FIND(nodelist_map, &the_nodelist->nodes_by_id, &search);
202  return node;
203 }
204 
206 node_t *
208 {
209  node_t search, *node;
210  if (PREDICT_UNLIKELY(the_nodelist == NULL))
211  return NULL;
212  if (BUG(ed_id == NULL) || BUG(ed25519_public_key_is_zero(ed_id)))
213  return NULL;
214 
215  memcpy(&search.ed25519_id, ed_id, sizeof(search.ed25519_id));
216  node = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, &search);
217  return node;
218 }
219 
223 node_get_by_id,(const char *identity_digest))
224 {
225  return node_get_mutable_by_id(identity_digest);
226 }
227 
231 node_get_by_ed25519_id,(const ed25519_public_key_t *ed_id))
232 {
233  return node_get_mutable_by_ed25519_id(ed_id);
234 }
235 
242 static node_t *
243 node_get_or_create(const char *identity_digest)
244 {
245  node_t *node;
246 
247  if ((node = node_get_mutable_by_id(identity_digest)))
248  return node;
249 
250  node = tor_malloc_zero(sizeof(node_t));
251  memcpy(node->identity, identity_digest, DIGEST_LEN);
252  HT_INSERT(nodelist_map, &the_nodelist->nodes_by_id, node);
253 
254  smartlist_add(the_nodelist->nodes, node);
255  node->nodelist_idx = smartlist_len(the_nodelist->nodes) - 1;
256 
257  node->country = -1;
258 
259  return node;
260 }
261 
264 static int
266 {
267  tor_assert(the_nodelist);
268  tor_assert(node);
269 
271  return 0;
272  }
273 
274  int rv = 0;
275  node_t *search =
276  HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
277  if (BUG(search != node)) {
278  goto clear_and_return;
279  }
280 
281  search = HT_REMOVE(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
282  tor_assert(search == node);
283  rv = 1;
284 
285  clear_and_return:
286  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
287  return rv;
288 }
289 
291 static void
292 node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
293 {
294  char *s;
295  char *olddesc = tor_strdup(node_describe(old));
296 
297  tor_asprintf(&s, "Reused ed25519_id %s: old %s new %s", ed_id,
298  olddesc, node_describe(node));
299  log_backtrace(LOG_NOTICE, LD_DIR, s);
300  tor_free(olddesc);
301  tor_free(s);
302 }
303 
307 static int
309 {
310  tor_assert(the_nodelist);
311  tor_assert(node);
312 
313  if (! ed25519_public_key_is_zero(&node->ed25519_id)) {
314  return 0;
315  }
316 
317  const ed25519_public_key_t *key = node_get_ed25519_id(node);
318  if (!key) {
319  return 0;
320  }
321 
322  node_t *old;
323  memcpy(&node->ed25519_id, key, sizeof(node->ed25519_id));
324  old = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
325  if (old) {
326  char ed_id[BASE32_BUFSIZE(sizeof(key->pubkey))];
327 
328  base32_encode(ed_id, sizeof(ed_id), (const char *)key->pubkey,
329  sizeof(key->pubkey));
330  if (BUG(old == node)) {
331  /* Actual bug: all callers of this function call
332  * node_remove_from_ed25519_map first. */
333  log_err(LD_BUG,
334  "Unexpectedly found deleted node with ed25519_id %s", ed_id);
335  } else {
336  /* Distinct nodes sharing a ed25519 id, possibly due to relay
337  * misconfiguration. The key pinning might not catch this,
338  * possibly due to downloading a missing descriptor during
339  * consensus voting. */
340  node_log_dup_ed_id(old, node, ed_id);
341  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
342  }
343  return 0;
344  }
345 
346  HT_INSERT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
347  return 1;
348 }
349 
350 /* For a given <b>node</b> for the consensus <b>ns</b>, set the hsdir index
351  * for the node, both current and next if possible. This can only fails if the
352  * node_t ed25519 identity key can't be found which would be a bug. */
353 STATIC void
354 node_set_hsdir_index(node_t *node, const networkstatus_t *ns)
355 {
356  time_t now = approx_time();
357  const ed25519_public_key_t *node_identity_pk;
358  uint8_t *fetch_srv = NULL, *store_first_srv = NULL, *store_second_srv = NULL;
359  uint64_t next_time_period_num, current_time_period_num;
360  uint64_t fetch_tp, store_first_tp, store_second_tp;
361 
362  tor_assert(node);
363  tor_assert(ns);
364 
365  if (!networkstatus_is_live(ns, now)) {
366  static struct ratelim_t live_consensus_ratelim = RATELIM_INIT(30 * 60);
367  log_fn_ratelim(&live_consensus_ratelim, LOG_INFO, LD_GENERAL,
368  "Not setting hsdir index with a non-live consensus.");
369  goto done;
370  }
371 
372  node_identity_pk = node_get_ed25519_id(node);
373  if (node_identity_pk == NULL) {
374  log_debug(LD_GENERAL, "ed25519 identity public key not found when "
375  "trying to build the hsdir indexes for node %s",
376  node_describe(node));
377  goto done;
378  }
379 
380  /* Get the current and next time period number. */
381  current_time_period_num = hs_get_time_period_num(0);
382  next_time_period_num = hs_get_next_time_period_num(0);
383 
384  /* We always use the current time period for fetching descs */
385  fetch_tp = current_time_period_num;
386 
387  /* Now extract the needed SRVs and time periods for building hsdir indices */
388  if (hs_in_period_between_tp_and_srv(ns, now)) {
389  fetch_srv = hs_get_current_srv(fetch_tp, ns);
390 
391  store_first_tp = hs_get_previous_time_period_num(0);
392  store_second_tp = current_time_period_num;
393  } else {
394  fetch_srv = hs_get_previous_srv(fetch_tp, ns);
395 
396  store_first_tp = current_time_period_num;
397  store_second_tp = next_time_period_num;
398  }
399 
400  /* We always use the old SRV for storing the first descriptor and the latest
401  * SRV for storing the second descriptor */
402  store_first_srv = hs_get_previous_srv(store_first_tp, ns);
403  store_second_srv = hs_get_current_srv(store_second_tp, ns);
404 
405  /* Build the fetch index. */
406  hs_build_hsdir_index(node_identity_pk, fetch_srv, fetch_tp,
407  node->hsdir_index.fetch);
408 
409  /* If we are in the time segment between SRV#N and TP#N, the fetch index is
410  the same as the first store index */
411  if (!hs_in_period_between_tp_and_srv(ns, now)) {
412  memcpy(node->hsdir_index.store_first, node->hsdir_index.fetch,
413  sizeof(node->hsdir_index.store_first));
414  } else {
415  hs_build_hsdir_index(node_identity_pk, store_first_srv, store_first_tp,
416  node->hsdir_index.store_first);
417  }
418 
419  /* If we are in the time segment between TP#N and SRV#N+1, the fetch index is
420  the same as the second store index */
421  if (hs_in_period_between_tp_and_srv(ns, now)) {
422  memcpy(node->hsdir_index.store_second, node->hsdir_index.fetch,
423  sizeof(node->hsdir_index.store_second));
424  } else {
425  hs_build_hsdir_index(node_identity_pk, store_second_srv, store_second_tp,
426  node->hsdir_index.store_second);
427  }
428 
429  done:
430  tor_free(fetch_srv);
431  tor_free(store_first_srv);
432  tor_free(store_second_srv);
433  return;
434 }
435 
437 static void
439 {
440  node->last_reachable = node->last_reachable6 = 0;
441  node->country = -1;
442 }
443 
447 static void
449 {
450  if (!the_nodelist || !the_nodelist->node_addrs)
451  return;
452 
453  /* These various address sources can be redundant, but it's likely faster
454  * to add them all than to compare them all for equality. */
455 
456  if (node->rs) {
457  if (node->rs->addr)
458  address_set_add_ipv4h(the_nodelist->node_addrs, node->rs->addr);
459  if (!tor_addr_is_null(&node->rs->ipv6_addr))
460  address_set_add(the_nodelist->node_addrs, &node->rs->ipv6_addr);
461  }
462  if (node->ri) {
463  if (node->ri->addr)
464  address_set_add_ipv4h(the_nodelist->node_addrs, node->ri->addr);
465  if (!tor_addr_is_null(&node->ri->ipv6_addr))
466  address_set_add(the_nodelist->node_addrs, &node->ri->ipv6_addr);
467  }
468  if (node->md) {
469  if (!tor_addr_is_null(&node->md->ipv6_addr))
470  address_set_add(the_nodelist->node_addrs, &node->md->ipv6_addr);
471  }
472 }
473 
476 int
478 {
479  if (BUG(!addr))
480  return 0;
481 
482  if (!the_nodelist || !the_nodelist->node_addrs)
483  return 0;
484 
485  return address_set_probably_contains(the_nodelist->node_addrs, addr);
486 }
487 
492 node_t *
494 {
495  node_t *node;
496  const char *id_digest;
497  int had_router = 0;
498  tor_assert(ri);
499 
500  init_nodelist();
501  id_digest = ri->cache_info.identity_digest;
502  node = node_get_or_create(id_digest);
503 
505 
506  if (node->ri) {
507  if (!routers_have_same_or_addrs(node->ri, ri)) {
508  node_addrs_changed(node);
509  }
510  had_router = 1;
511  if (ri_old_out)
512  *ri_old_out = node->ri;
513  } else {
514  if (ri_old_out)
515  *ri_old_out = NULL;
516  }
517  node->ri = ri;
518 
520 
521  if (node->country == -1)
522  node_set_country(node);
523 
524  if (authdir_mode(get_options()) && !had_router) {
525  const char *discard=NULL;
526  uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
528  }
529 
530  /* Setting the HSDir index requires the ed25519 identity key which can
531  * only be found either in the ri or md. This is why this is called here.
532  * Only nodes supporting HSDir=2 protocol version needs this index. */
533  if (node->rs && node->rs->pv.supports_v3_hsdir) {
534  node_set_hsdir_index(node,
535  networkstatus_get_latest_consensus());
536  }
537 
539 
540  return node;
541 }
542 
548 node_t *
550 {
551  networkstatus_t *ns =
552  networkstatus_get_latest_consensus_by_flavor(FLAV_MICRODESC);
553  const routerstatus_t *rs;
554  node_t *node;
555  if (ns == NULL)
556  return NULL;
557  init_nodelist();
558 
559  /* Microdescriptors don't carry an identity digest, so we need to figure
560  * it out by looking up the routerstatus. */
562  if (rs == NULL)
563  return NULL;
564  node = node_get_mutable_by_id(rs->identity_digest);
565  if (node == NULL)
566  return NULL;
567 
569  if (node->md)
570  node->md->held_by_nodes--;
571 
572  node->md = md;
573  md->held_by_nodes++;
574  /* Setting the HSDir index requires the ed25519 identity key which can
575  * only be found either in the ri or md. This is why this is called here.
576  * Only nodes supporting HSDir=2 protocol version needs this index. */
577  if (rs->pv.supports_v3_hsdir) {
578  node_set_hsdir_index(node, ns);
579  }
582 
583  return node;
584 }
585 
586 /* Default value. */
587 #define ESTIMATED_ADDRESS_PER_NODE 2
588 
589 /* Return the estimated number of address per node_t. This is used for the
590  * size of the bloom filter in the nodelist (node_addrs). */
591 MOCK_IMPL(int,
592 get_estimated_address_per_node, (void))
593 {
594  return ESTIMATED_ADDRESS_PER_NODE;
595 }
596 
602 void
604 {
605  const or_options_t *options = get_options();
606  int authdir = authdir_mode_v3(options);
607 
608  init_nodelist();
609  if (ns->flavor == FLAV_MICRODESC)
610  (void) get_microdesc_cache(); /* Make sure it exists first. */
611 
612  SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
613  node->rs = NULL);
614 
615  /* Conservatively estimate that every node will have 2 addresses. */
616  const int estimated_addresses = smartlist_len(ns->routerstatus_list) *
617  get_estimated_address_per_node();
618  address_set_free(the_nodelist->node_addrs);
619  the_nodelist->node_addrs = address_set_new(estimated_addresses);
620 
622  node_t *node = node_get_or_create(rs->identity_digest);
623  node->rs = rs;
624  if (ns->flavor == FLAV_MICRODESC) {
625  if (node->md == NULL ||
626  tor_memneq(node->md->digest,rs->descriptor_digest,DIGEST256_LEN)) {
628  if (node->md)
629  node->md->held_by_nodes--;
630  node->md = microdesc_cache_lookup_by_digest256(NULL,
631  rs->descriptor_digest);
632  if (node->md)
633  node->md->held_by_nodes++;
635  }
636  }
637 
638  if (rs->pv.supports_v3_hsdir) {
639  node_set_hsdir_index(node, ns);
640  }
641  node_set_country(node);
642 
643  /* If we're not an authdir, believe others. */
644  if (!authdir) {
645  node->is_valid = rs->is_valid;
646  node->is_running = rs->is_flagged_running;
647  node->is_fast = rs->is_fast;
648  node->is_stable = rs->is_stable;
649  node->is_possible_guard = rs->is_possible_guard;
650  node->is_exit = rs->is_exit;
651  node->is_bad_exit = rs->is_bad_exit;
652  node->is_hs_dir = rs->is_hs_dir;
653  node->ipv6_preferred = 0;
655  (tor_addr_is_null(&rs->ipv6_addr) == 0 ||
656  (node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
657  node->ipv6_preferred = 1;
658  }
659 
660  } SMARTLIST_FOREACH_END(rs);
661 
662  nodelist_purge();
663 
664  /* Now add all the nodes we have to the address set. */
665  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
667  } SMARTLIST_FOREACH_END(node);
668 
669  if (! authdir) {
670  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
671  /* We have no routerstatus for this router. Clear flags so we can skip
672  * it, maybe.*/
673  if (!node->rs) {
674  tor_assert(node->ri); /* if it had only an md, or nothing, purge
675  * would have removed it. */
676  if (node->ri->purpose == ROUTER_PURPOSE_GENERAL) {
677  /* Clear all flags. */
678  node->is_valid = node->is_running = node->is_hs_dir =
679  node->is_fast = node->is_stable =
680  node->is_possible_guard = node->is_exit =
681  node->is_bad_exit = node->ipv6_preferred = 0;
682  }
683  }
684  } SMARTLIST_FOREACH_END(node);
685  }
686 
687  /* If the consensus is live, note down the consensus valid-after that formed
688  * the nodelist. */
689  if (networkstatus_is_live(ns, approx_time())) {
690  the_nodelist->live_consensus_valid_after = ns->valid_after;
691  }
692 }
693 
697 int
699 {
700  return node->is_exit && ! node->is_bad_exit;
701 }
702 
704 static inline int
705 node_is_usable(const node_t *node)
706 {
707  return (node->rs) || (node->ri);
708 }
709 
712 void
713 nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
714 {
715  node_t *node = node_get_mutable_by_id(identity_digest);
716  if (node && node->md == md) {
717  node->md = NULL;
718  md->held_by_nodes--;
719  if (! node_get_ed25519_id(node)) {
721  }
722  }
723 }
724 
726 void
728 {
729  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
730  if (node && node->ri == ri) {
731  node->ri = NULL;
732  if (! node_is_usable(node)) {
733  nodelist_drop_node(node, 1);
734  node_free(node);
735  }
736  }
737 }
738 
741 static void
742 nodelist_drop_node(node_t *node, int remove_from_ht)
743 {
744  node_t *tmp;
745  int idx;
746  if (remove_from_ht) {
747  tmp = HT_REMOVE(nodelist_map, &the_nodelist->nodes_by_id, node);
748  tor_assert(tmp == node);
749  }
751 
752  idx = node->nodelist_idx;
753  tor_assert(idx >= 0);
754 
755  tor_assert(node == smartlist_get(the_nodelist->nodes, idx));
756  smartlist_del(the_nodelist->nodes, idx);
757  if (idx < smartlist_len(the_nodelist->nodes)) {
758  tmp = smartlist_get(the_nodelist->nodes, idx);
759  tmp->nodelist_idx = idx;
760  }
761  node->nodelist_idx = -1;
762 }
763 
766 smartlist_t *
768 {
769  smartlist_t *result = smartlist_new();
770 
771  if (the_nodelist == NULL)
772  return result;
773 
774  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
775  if (node->md == md) {
776  smartlist_add(result, node);
777  }
778  } SMARTLIST_FOREACH_END(node);
779 
780  return result;
781 }
782 
784 static void
786 {
787  if (!node)
788  return;
789  if (node->md)
790  node->md->held_by_nodes--;
791  tor_assert(node->nodelist_idx == -1);
792  tor_free(node);
793 }
794 
797 void
799 {
800  node_t **iter;
801  if (PREDICT_UNLIKELY(the_nodelist == NULL))
802  return;
803 
804  /* Remove the non-usable nodes. */
805  for (iter = HT_START(nodelist_map, &the_nodelist->nodes_by_id); iter; ) {
806  node_t *node = *iter;
807 
808  if (node->md && !node->rs) {
809  /* An md is only useful if there is an rs. */
810  node->md->held_by_nodes--;
811  node->md = NULL;
812  }
813 
814  if (node_is_usable(node)) {
815  iter = HT_NEXT(nodelist_map, &the_nodelist->nodes_by_id, iter);
816  } else {
817  iter = HT_NEXT_RMV(nodelist_map, &the_nodelist->nodes_by_id, iter);
818  nodelist_drop_node(node, 0);
819  node_free(node);
820  }
821  }
823 }
824 
826 void
828 {
829  if (PREDICT_UNLIKELY(the_nodelist == NULL))
830  return;
831 
832  HT_CLEAR(nodelist_map, &the_nodelist->nodes_by_id);
833  HT_CLEAR(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
834  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
835  node->nodelist_idx = -1;
836  node_free(node);
837  } SMARTLIST_FOREACH_END(node);
838 
839  smartlist_free(the_nodelist->nodes);
840 
841  address_set_free(the_nodelist->node_addrs);
842  the_nodelist->node_addrs = NULL;
843 
844  tor_free(the_nodelist);
845 }
846 
850 void
852 {
854  networkstatus_t *ns = networkstatus_get_latest_consensus();
855  digestmap_t *dm;
856 
857  if (!the_nodelist)
858  return;
859 
860  dm = digestmap_new();
861 
862  /* every routerinfo in rl->routers should be in the nodelist. */
863  if (rl) {
865  const node_t *node = node_get_by_id(ri->cache_info.identity_digest);
866  tor_assert(node && node->ri == ri);
867  tor_assert(fast_memeq(ri->cache_info.identity_digest,
868  node->identity, DIGEST_LEN));
869  tor_assert(! digestmap_get(dm, node->identity));
870  digestmap_set(dm, node->identity, (void*)node);
871  } SMARTLIST_FOREACH_END(ri);
872  }
873 
874  /* every routerstatus in ns should be in the nodelist */
875  if (ns) {
877  const node_t *node = node_get_by_id(rs->identity_digest);
878  tor_assert(node && node->rs == rs);
879  tor_assert(fast_memeq(rs->identity_digest, node->identity, DIGEST_LEN));
880  digestmap_set(dm, node->identity, (void*)node);
881  if (ns->flavor == FLAV_MICRODESC) {
882  /* If it's a microdesc consensus, every entry that has a
883  * microdescriptor should be in the nodelist.
884  */
885  microdesc_t *md =
886  microdesc_cache_lookup_by_digest256(NULL, rs->descriptor_digest);
887  tor_assert(md == node->md);
888  if (md)
889  tor_assert(md->held_by_nodes >= 1);
890  }
891  } SMARTLIST_FOREACH_END(rs);
892  }
893 
894  /* The nodelist should have no other entries, and its entries should be
895  * well-formed. */
896  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
897  tor_assert(digestmap_get(dm, node->identity) != NULL);
898  tor_assert(node_sl_idx == node->nodelist_idx);
899  } SMARTLIST_FOREACH_END(node);
900 
901  /* Every node listed with an ed25519 identity should be listed by that
902  * identity.
903  */
904  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
905  if (!ed25519_public_key_is_zero(&node->ed25519_id)) {
906  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
907  }
908  } SMARTLIST_FOREACH_END(node);
909 
910  node_t **idx;
911  HT_FOREACH(idx, nodelist_ed_map, &the_nodelist->nodes_by_ed_id) {
912  node_t *node = *idx;
913  tor_assert(node == node_get_by_ed25519_id(&node->ed25519_id));
914  }
915 
916  tor_assert((long)smartlist_len(the_nodelist->nodes) ==
917  (long)HT_SIZE(&the_nodelist->nodes_by_id));
918 
919  tor_assert((long)smartlist_len(the_nodelist->nodes) >=
920  (long)HT_SIZE(&the_nodelist->nodes_by_ed_id));
921 
922  digestmap_free(dm, NULL);
923 }
924 
927 void
929 {
930  tor_assert(ns);
931 
932  /* We don't even have a nodelist: this is a NOP. */
933  if (!the_nodelist) {
934  return;
935  }
936 
937  if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
938  log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
939  (int) the_nodelist->live_consensus_valid_after,
940  (int) ns->valid_after);
942  }
943 }
948 nodelist_get_list,(void))
949 {
950  init_nodelist();
951  return the_nodelist->nodes;
952 }
953 
958 const node_t *
959 node_get_by_hex_id(const char *hex_id, unsigned flags)
960 {
961  char digest_buf[DIGEST_LEN];
962  char nn_buf[MAX_NICKNAME_LEN+1];
963  char nn_char='\0';
964 
965  (void) flags; // XXXX
966 
967  if (hex_digest_nickname_decode(hex_id, digest_buf, &nn_char, nn_buf)==0) {
968  const node_t *node = node_get_by_id(digest_buf);
969  if (!node)
970  return NULL;
971  if (nn_char == '=') {
972  /* "=" indicates a Named relay, but there aren't any of those now. */
973  return NULL;
974  }
975  return node;
976  }
977 
978  return NULL;
979 }
980 
986 node_get_by_nickname,(const char *nickname, unsigned flags))
987 {
988  const int warn_if_unnamed = !(flags & NNF_NO_WARN_UNNAMED);
989 
990  if (!the_nodelist)
991  return NULL;
992 
993  /* Handle these cases: DIGEST, $DIGEST, $DIGEST=name, $DIGEST~name. */
994  {
995  const node_t *node;
996  if ((node = node_get_by_hex_id(nickname, flags)) != NULL)
997  return node;
998  }
999 
1000  if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1001  return NULL;
1002 
1003  /* Okay, so the name is not canonical for anybody. */
1004  {
1005  smartlist_t *matches = smartlist_new();
1006  const node_t *choice = NULL;
1007 
1008  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1009  if (!strcasecmp(node_get_nickname(node), nickname))
1010  smartlist_add(matches, node);
1011  } SMARTLIST_FOREACH_END(node);
1012 
1013  if (smartlist_len(matches)>1 && warn_if_unnamed) {
1014  int any_unwarned = 0;
1015  SMARTLIST_FOREACH_BEGIN(matches, node_t *, node) {
1016  if (!node->name_lookup_warned) {
1017  node->name_lookup_warned = 1;
1018  any_unwarned = 1;
1019  }
1020  } SMARTLIST_FOREACH_END(node);
1021 
1022  if (any_unwarned) {
1023  log_warn(LD_CONFIG, "There are multiple matches for the name %s. "
1024  "Choosing one arbitrarily.", nickname);
1025  }
1026  } else if (smartlist_len(matches)==1 && warn_if_unnamed) {
1027  char fp[HEX_DIGEST_LEN+1];
1028  node_t *node = smartlist_get(matches, 0);
1029  if (! node->name_lookup_warned) {
1030  base16_encode(fp, sizeof(fp), node->identity, DIGEST_LEN);
1031  log_warn(LD_CONFIG,
1032  "You specified a relay \"%s\" by name, but nicknames can be "
1033  "used by any relay, not just the one you meant. "
1034  "To make sure you get the same relay in the future, refer "
1035  "to it by key, as \"$%s\".", nickname, fp);
1036  node->name_lookup_warned = 1;
1037  }
1038  }
1039 
1040  if (smartlist_len(matches))
1041  choice = smartlist_get(matches, 0);
1042 
1043  smartlist_free(matches);
1044  return choice;
1045  }
1046 }
1047 
1050 const ed25519_public_key_t *
1052 {
1053  const ed25519_public_key_t *ri_pk = NULL;
1054  const ed25519_public_key_t *md_pk = NULL;
1055 
1056  if (node->ri) {
1057  if (node->ri->cache_info.signing_key_cert) {
1058  ri_pk = &node->ri->cache_info.signing_key_cert->signing_key;
1059  /* Checking whether routerinfo ed25519 is all zero.
1060  * Our descriptor parser should make sure this never happens. */
1061  if (BUG(ed25519_public_key_is_zero(ri_pk)))
1062  ri_pk = NULL;
1063  }
1064  }
1065 
1066  if (node->md) {
1067  if (node->md->ed25519_identity_pkey) {
1068  md_pk = node->md->ed25519_identity_pkey;
1069  /* Checking whether microdesc ed25519 is all zero.
1070  * Our descriptor parser should make sure this never happens. */
1071  if (BUG(ed25519_public_key_is_zero(md_pk)))
1072  md_pk = NULL;
1073  }
1074  }
1075 
1076  if (ri_pk && md_pk) {
1077  if (ed25519_pubkey_eq(ri_pk, md_pk)) {
1078  return ri_pk;
1079  } else {
1080  /* This can happen if the relay gets flagged NoEdConsensus which will be
1081  * triggered on all relays of the network. Thus a protocol warning. */
1082  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1083  "Inconsistent ed25519 identities in the nodelist");
1084  return NULL;
1085  }
1086  } else if (ri_pk) {
1087  return ri_pk;
1088  } else {
1089  return md_pk;
1090  }
1091 }
1092 
1095 int
1097 {
1098  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
1099  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
1100  return id == NULL || ed25519_public_key_is_zero(id);
1101  } else {
1102  return id && ed25519_pubkey_eq(node_id, id);
1103  }
1104 }
1105 
1109  0,0,0,0,0,0,0,0
1110 };
1111 
1113 static const protover_summary_flags_t *
1115 {
1116  if (node->rs) {
1117  return &node->rs->pv;
1118  } else if (node->ri) {
1119  return &node->ri->pv;
1120  } else {
1121  /* This should be impossible: every node should have a routerstatus or a
1122  * router descriptor or both. But just in case we've messed up somehow,
1123  * return a nice empty set of flags to indicate "this node supports
1124  * nothing." */
1125  tor_assert_nonfatal_unreached_once();
1126  return &zero_protover_flags;
1127  }
1128 }
1129 
1134 int
1136  int compatible_with_us)
1137 {
1138  if (! node_get_ed25519_id(node))
1139  return 0;
1140 
1142 
1143  if (compatible_with_us)
1145  else
1147 }
1148 
1151 int
1153 {
1154  tor_assert(node);
1155 
1157 }
1158 
1161 int
1163 {
1164  tor_assert(node);
1165 
1167 }
1168 
1171 int
1173 {
1174  tor_assert(node);
1175 
1176  /* We can't use a v3 rendezvous point without the curve25519 onion pk. */
1177  if (!node_get_curve25519_onion_key(node)) {
1178  return 0;
1179  }
1180 
1182 }
1183 
1185 const uint8_t *
1187 {
1188  tor_assert(node);
1189  return (const uint8_t*)node->identity;
1190 }
1191 
1192 /* Returns a new smartlist with all possible link specifiers from node:
1193  * - legacy ID is mandatory thus MUST be present in node;
1194  * - include ed25519 link specifier if present in the node, and the node
1195  * supports ed25519 link authentication, and:
1196  * - if direct_conn is true, its link versions are compatible with us,
1197  * - if direct_conn is false, regardless of its link versions;
1198  * - include IPv4 link specifier, if the primary address is not IPv4, log a
1199  * BUG() warning, and return an empty smartlist;
1200  * - include IPv6 link specifier if present in the node.
1201  *
1202  * If node is NULL, returns an empty smartlist.
1203  *
1204  * The smartlist must be freed using link_specifier_smartlist_free(). */
1205 smartlist_t *
1206 node_get_link_specifier_smartlist(const node_t *node, bool direct_conn)
1207 {
1208  link_specifier_t *ls;
1209  tor_addr_port_t ap;
1210  smartlist_t *lspecs = smartlist_new();
1211 
1212  if (!node)
1213  return lspecs;
1214 
1215  /* Get the relay's IPv4 address. */
1216  node_get_prim_orport(node, &ap);
1217 
1218  /* We expect the node's primary address to be a valid IPv4 address.
1219  * This conforms to the protocol, which requires either an IPv4 or IPv6
1220  * address (or both). */
1221  if (BUG(!tor_addr_is_v4(&ap.addr)) ||
1222  BUG(!tor_addr_port_is_valid_ap(&ap, 0))) {
1223  return lspecs;
1224  }
1225 
1226  ls = link_specifier_new();
1227  link_specifier_set_ls_type(ls, LS_IPV4);
1228  link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ap.addr));
1229  link_specifier_set_un_ipv4_port(ls, ap.port);
1230  /* Four bytes IPv4 and two bytes port. */
1231  link_specifier_set_ls_len(ls, sizeof(ap.addr.addr.in_addr) +
1232  sizeof(ap.port));
1233  smartlist_add(lspecs, ls);
1234 
1235  /* Legacy ID is mandatory and will always be present in node. */
1236  ls = link_specifier_new();
1237  link_specifier_set_ls_type(ls, LS_LEGACY_ID);
1238  memcpy(link_specifier_getarray_un_legacy_id(ls), node->identity,
1239  link_specifier_getlen_un_legacy_id(ls));
1240  link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
1241  smartlist_add(lspecs, ls);
1242 
1243  /* ed25519 ID is only included if the node has it, and the node declares a
1244  protocol version that supports ed25519 link authentication.
1245  If direct_conn is true, we also require that the node's link version is
1246  compatible with us. (Otherwise, we will be sending the ed25519 key
1247  to another tor, which may support different link versions.) */
1248  if (!ed25519_public_key_is_zero(&node->ed25519_id) &&
1249  node_supports_ed25519_link_authentication(node, direct_conn)) {
1250  ls = link_specifier_new();
1251  link_specifier_set_ls_type(ls, LS_ED25519_ID);
1252  memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id,
1253  link_specifier_getlen_un_ed25519_id(ls));
1254  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
1255  smartlist_add(lspecs, ls);
1256  }
1257 
1258  /* Check for IPv6. If so, include it as well. */
1259  if (node_has_ipv6_orport(node)) {
1260  ls = link_specifier_new();
1261  node_get_pref_ipv6_orport(node, &ap);
1262  link_specifier_set_ls_type(ls, LS_IPV6);
1263  size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls);
1264  const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ap.addr);
1265  uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls);
1266  memcpy(ipv6_array, in6_addr, addr_len);
1267  link_specifier_set_un_ipv6_port(ls, ap.port);
1268  /* Sixteen bytes IPv6 and two bytes port. */
1269  link_specifier_set_ls_len(ls, addr_len + sizeof(ap.port));
1270  smartlist_add(lspecs, ls);
1271  }
1272 
1273  return lspecs;
1274 }
1275 
1276 /* Free a link specifier list. */
1277 void
1278 link_specifier_smartlist_free_(smartlist_t *ls_list)
1279 {
1280  if (!ls_list)
1281  return;
1282 
1283  SMARTLIST_FOREACH(ls_list, link_specifier_t *, lspec,
1284  link_specifier_free(lspec));
1285  smartlist_free(ls_list);
1286 }
1287 
1289 const char *
1291 {
1292  tor_assert(node);
1293  if (node->rs)
1294  return node->rs->nickname;
1295  else if (node->ri)
1296  return node->ri->nickname;
1297  else
1298  return NULL;
1299 }
1300 
1303 int
1304 node_is_dir(const node_t *node)
1305 {
1306  if (node->rs) {
1307  routerstatus_t * rs = node->rs;
1308  /* This is true if supports_tunnelled_dir_requests is true which
1309  * indicates that we support directory request tunnelled or through the
1310  * DirPort. */
1311  return rs->is_v2_dir;
1312  } else if (node->ri) {
1313  routerinfo_t * ri = node->ri;
1314  /* Both tunnelled request is supported or DirPort is set. */
1316  } else {
1317  return 0;
1318  }
1319 }
1320 
1326 int
1328 {
1329  return (node->ri ||
1330  (node->rs && node->md));
1331 }
1332 
1339 int
1341  int for_direct_connect)
1342 {
1343  const int is_bridge = node_is_a_configured_bridge(node);
1344  const int we_use_mds = we_use_microdescriptors_for_circuits(get_options());
1345 
1346  if ((is_bridge && for_direct_connect) || !we_use_mds) {
1347  /* We need an ri in this case. */
1348  if (!node->ri)
1349  return 0;
1350  } else {
1351  /* Otherwise we need an rs and an md. */
1352  if (node->rs == NULL || node->md == NULL)
1353  return 0;
1354  }
1355 
1356  return 1;
1357 }
1358 
1360 int
1362 {
1363  if (node->ri)
1364  return node->ri->purpose;
1365  else
1366  return ROUTER_PURPOSE_GENERAL;
1367 }
1368 
1372 void
1374  char *verbose_name_out)
1375 {
1376  const char *nickname = node_get_nickname(node);
1377  verbose_name_out[0] = '$';
1378  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, node->identity,
1379  DIGEST_LEN);
1380  if (!nickname)
1381  return;
1382  verbose_name_out[1+HEX_DIGEST_LEN] = '~';
1383  strlcpy(verbose_name_out+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
1384 }
1385 
1392 void
1393 node_get_verbose_nickname_by_id(const char *id_digest,
1394  char *verbose_name_out)
1395 {
1396  const node_t *node = node_get_by_id(id_digest);
1397  if (!node) {
1398  verbose_name_out[0] = '$';
1399  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
1400  } else {
1401  node_get_verbose_nickname(node, verbose_name_out);
1402  }
1403 }
1404 
1407 int
1409 {
1410  if (node && node->ri)
1411  return node->ri->allow_single_hop_exits;
1412  else
1413  return 0;
1414 }
1415 
1418 int
1420 {
1421  if (node->rejects_all)
1422  return 1;
1423 
1424  if (node->ri)
1425  return node->ri->policy_is_reject_star;
1426  else if (node->md)
1427  return node->md->exit_policy == NULL ||
1429  else
1430  return 1;
1431 }
1432 
1436 int
1438 {
1439  if (family == AF_UNSPEC) {
1440  return 1; /* Rejecting an address but not telling us what address
1441  * is a bad sign. */
1442  } else if (family == AF_INET) {
1443  return node->ri != NULL;
1444  } else if (family == AF_INET6) {
1445  return 0;
1446  }
1448  return 1;
1449 }
1450 
1451 /* Check if the "addr" and port_field fields from r are a valid non-listening
1452  * address/port. If so, set valid to true and add a newly allocated
1453  * tor_addr_port_t containing "addr" and port_field to sl.
1454  * "addr" is an IPv4 host-order address and port_field is a uint16_t.
1455  * r is typically a routerinfo_t or routerstatus_t.
1456  */
1457 #define SL_ADD_NEW_IPV4_AP(r, port_field, sl, valid) \
1458  STMT_BEGIN \
1459  if (tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1460  valid = 1; \
1461  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1462  tor_addr_from_ipv4h(&ap->addr, (r)->addr); \
1463  ap->port = (r)->port_field; \
1464  smartlist_add((sl), ap); \
1465  } \
1466  STMT_END
1467 
1468 /* Check if the "addr" and port_field fields from r are a valid non-listening
1469  * address/port. If so, set valid to true and add a newly allocated
1470  * tor_addr_port_t containing "addr" and port_field to sl.
1471  * "addr" is a tor_addr_t and port_field is a uint16_t.
1472  * r is typically a routerinfo_t or routerstatus_t.
1473  */
1474 #define SL_ADD_NEW_IPV6_AP(r, port_field, sl, valid) \
1475  STMT_BEGIN \
1476  if (tor_addr_port_is_valid(&(r)->ipv6_addr, (r)->port_field, 0)) { \
1477  valid = 1; \
1478  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1479  tor_addr_copy(&ap->addr, &(r)->ipv6_addr); \
1480  ap->port = (r)->port_field; \
1481  smartlist_add((sl), ap); \
1482  } \
1483  STMT_END
1484 
1493 smartlist_t *
1495 {
1496  smartlist_t *sl = smartlist_new();
1497  int valid = 0;
1498 
1499  /* Find a valid IPv4 address and port */
1500  if (node->ri != NULL) {
1501  SL_ADD_NEW_IPV4_AP(node->ri, or_port, sl, valid);
1502  }
1503 
1504  /* If we didn't find a valid address/port in the ri, try the rs */
1505  if (!valid && node->rs != NULL) {
1506  SL_ADD_NEW_IPV4_AP(node->rs, or_port, sl, valid);
1507  }
1508 
1509  /* Find a valid IPv6 address and port */
1510  valid = 0;
1511  if (node->ri != NULL) {
1512  SL_ADD_NEW_IPV6_AP(node->ri, ipv6_orport, sl, valid);
1513  }
1514 
1515  if (!valid && node->rs != NULL) {
1516  SL_ADD_NEW_IPV6_AP(node->rs, ipv6_orport, sl, valid);
1517  }
1518 
1519  if (!valid && node->md != NULL) {
1520  SL_ADD_NEW_IPV6_AP(node->md, ipv6_orport, sl, valid);
1521  }
1522 
1523  return sl;
1524 }
1525 
1526 #undef SL_ADD_NEW_IPV4_AP
1527 #undef SL_ADD_NEW_IPV6_AP
1528 
1531 void
1532 node_get_addr(const node_t *node, tor_addr_t *addr_out)
1533 {
1534  tor_addr_port_t ap;
1535  node_get_prim_orport(node, &ap);
1536  tor_addr_copy(addr_out, &ap.addr);
1537 }
1538 
1541 uint32_t
1543 {
1544  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1545  * and the node might have a valid IPv4 address, yet have a zero
1546  * ORPort or DirPort.
1547  */
1548  if (node->ri && tor_addr_is_valid_ipv4h(node->ri->addr, 0)) {
1549  return node->ri->addr;
1550  } else if (node->rs && tor_addr_is_valid_ipv4h(node->rs->addr, 0)) {
1551  return node->rs->addr;
1552  }
1553  return 0;
1554 }
1555 
1558 void
1559 node_get_address_string(const node_t *node, char *buf, size_t len)
1560 {
1561  uint32_t ipv4_addr = node_get_prim_addr_ipv4h(node);
1562 
1563  if (tor_addr_is_valid_ipv4h(ipv4_addr, 0)) {
1564  tor_addr_t addr;
1565  tor_addr_from_ipv4h(&addr, ipv4_addr);
1566  tor_addr_to_str(buf, &addr, len, 0);
1567  } else if (len > 0) {
1568  buf[0] = '\0';
1569  }
1570 }
1571 
1574 long
1576 {
1577  if (node->ri)
1578  return node->ri->uptime;
1579  else
1580  return -1;
1581 }
1582 
1584 const char *
1586 {
1587  /* If we wanted, we could record the version in the routerstatus_t, since
1588  * the consensus lists it. We don't, though, so this function just won't
1589  * work with microdescriptors. */
1590  if (node->ri)
1591  return node->ri->platform;
1592  else
1593  return NULL;
1594 }
1595 
1597 int
1598 node_is_me(const node_t *node)
1599 {
1600  return router_digest_is_me(node->identity);
1601 }
1602 
1603 /* Does this node have a valid IPv6 address?
1604  * Prefer node_has_ipv6_orport() or node_has_ipv6_dirport() for
1605  * checking specific ports. */
1606 int
1607 node_has_ipv6_addr(const node_t *node)
1608 {
1609  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1610  * and the node might have a valid IPv6 address, yet have a zero
1611  * ORPort or DirPort.
1612  */
1613  if (node->ri && tor_addr_is_valid(&node->ri->ipv6_addr, 0))
1614  return 1;
1615  if (node->rs && tor_addr_is_valid(&node->rs->ipv6_addr, 0))
1616  return 1;
1617  if (node->md && tor_addr_is_valid(&node->md->ipv6_addr, 0))
1618  return 1;
1619 
1620  return 0;
1621 }
1622 
1623 /* Does this node have a valid IPv6 ORPort? */
1624 int
1625 node_has_ipv6_orport(const node_t *node)
1626 {
1627  tor_addr_port_t ipv6_orport;
1628  node_get_pref_ipv6_orport(node, &ipv6_orport);
1629  return tor_addr_port_is_valid_ap(&ipv6_orport, 0);
1630 }
1631 
1632 /* Does this node have a valid IPv6 DirPort? */
1633 int
1634 node_has_ipv6_dirport(const node_t *node)
1635 {
1636  tor_addr_port_t ipv6_dirport;
1637  node_get_pref_ipv6_dirport(node, &ipv6_dirport);
1638  return tor_addr_port_is_valid_ap(&ipv6_dirport, 0);
1639 }
1640 
1653 int
1655 {
1656  const or_options_t *options = get_options();
1657  tor_addr_port_t ipv4_addr;
1658  node_assert_ok(node);
1659 
1660  /* XX/teor - node->ipv6_preferred is set from
1661  * fascist_firewall_prefer_ipv6_orport() each time the consensus is loaded.
1662  */
1663  node_get_prim_orport(node, &ipv4_addr);
1664  if (!fascist_firewall_use_ipv6(options)) {
1665  return 0;
1666  } else if (node->ipv6_preferred ||
1667  !tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
1668  return node_has_ipv6_orport(node);
1669  }
1670  return 0;
1671 }
1672 
1673 #define RETURN_IPV4_AP(r, port_field, ap_out) \
1674  STMT_BEGIN \
1675  if (r && tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1676  tor_addr_from_ipv4h(&(ap_out)->addr, (r)->addr); \
1677  (ap_out)->port = (r)->port_field; \
1678  } \
1679  STMT_END
1680 
1683 void
1685 {
1686  node_assert_ok(node);
1687  tor_assert(ap_out);
1688 
1689  /* Clear the address, as a safety precaution if calling functions ignore the
1690  * return value */
1691  tor_addr_make_null(&ap_out->addr, AF_INET);
1692  ap_out->port = 0;
1693 
1694  /* Check ri first, because rewrite_node_address_for_bridge() updates
1695  * node->ri with the configured bridge address. */
1696 
1697  RETURN_IPV4_AP(node->ri, or_port, ap_out);
1698  RETURN_IPV4_AP(node->rs, or_port, ap_out);
1699  /* Microdescriptors only have an IPv6 address */
1700 }
1701 
1704 void
1706 {
1707  tor_assert(ap_out);
1708 
1709  if (node_ipv6_or_preferred(node)) {
1710  node_get_pref_ipv6_orport(node, ap_out);
1711  } else {
1712  /* the primary ORPort is always on IPv4 */
1713  node_get_prim_orport(node, ap_out);
1714  }
1715 }
1716 
1719 void
1721 {
1722  node_assert_ok(node);
1723  tor_assert(ap_out);
1724  memset(ap_out, 0, sizeof(*ap_out));
1725 
1726  /* Check ri first, because rewrite_node_address_for_bridge() updates
1727  * node->ri with the configured bridge address.
1728  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1729  * Check if the address or port are valid, and try another alternative
1730  * if they are not. */
1731 
1732  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1733  node->ri->ipv6_orport, 0)) {
1734  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1735  ap_out->port = node->ri->ipv6_orport;
1736  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1737  node->rs->ipv6_orport, 0)) {
1738  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1739  ap_out->port = node->rs->ipv6_orport;
1740  } else if (node->md && tor_addr_port_is_valid(&node->md->ipv6_addr,
1741  node->md->ipv6_orport, 0)) {
1742  tor_addr_copy(&ap_out->addr, &node->md->ipv6_addr);
1743  ap_out->port = node->md->ipv6_orport;
1744  } else {
1745  tor_addr_make_null(&ap_out->addr, AF_INET6);
1746  ap_out->port = 0;
1747  }
1748 }
1749 
1761 int
1763 {
1764  const or_options_t *options = get_options();
1765  tor_addr_port_t ipv4_addr;
1766  node_assert_ok(node);
1767 
1768  /* node->ipv6_preferred is set from fascist_firewall_prefer_ipv6_orport(),
1769  * so we can't use it to determine DirPort IPv6 preference.
1770  * This means that bridge clients will use IPv4 DirPorts by default.
1771  */
1772  node_get_prim_dirport(node, &ipv4_addr);
1773  if (!fascist_firewall_use_ipv6(options)) {
1774  return 0;
1775  } else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
1776  || fascist_firewall_prefer_ipv6_dirport(get_options())) {
1777  return node_has_ipv6_dirport(node);
1778  }
1779  return 0;
1780 }
1781 
1784 void
1786 {
1787  node_assert_ok(node);
1788  tor_assert(ap_out);
1789 
1790  /* Clear the address, as a safety precaution if calling functions ignore the
1791  * return value */
1792  tor_addr_make_null(&ap_out->addr, AF_INET);
1793  ap_out->port = 0;
1794 
1795  /* Check ri first, because rewrite_node_address_for_bridge() updates
1796  * node->ri with the configured bridge address. */
1797 
1798  RETURN_IPV4_AP(node->ri, dir_port, ap_out);
1799  RETURN_IPV4_AP(node->rs, dir_port, ap_out);
1800  /* Microdescriptors only have an IPv6 address */
1801 }
1802 
1803 #undef RETURN_IPV4_AP
1804 
1807 void
1809 {
1810  tor_assert(ap_out);
1811 
1812  if (node_ipv6_dir_preferred(node)) {
1813  node_get_pref_ipv6_dirport(node, ap_out);
1814  } else {
1815  /* the primary DirPort is always on IPv4 */
1816  node_get_prim_dirport(node, ap_out);
1817  }
1818 }
1819 
1822 void
1824 {
1825  node_assert_ok(node);
1826  tor_assert(ap_out);
1827 
1828  /* Check ri first, because rewrite_node_address_for_bridge() updates
1829  * node->ri with the configured bridge address.
1830  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1831  * Check if the address or port are valid, and try another alternative
1832  * if they are not. */
1833 
1834  /* Assume IPv4 and IPv6 dirports are the same */
1835  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1836  node->ri->dir_port, 0)) {
1837  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1838  ap_out->port = node->ri->dir_port;
1839  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1840  node->rs->dir_port, 0)) {
1841  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1842  ap_out->port = node->rs->dir_port;
1843  } else {
1844  tor_addr_make_null(&ap_out->addr, AF_INET6);
1845  ap_out->port = 0;
1846  }
1847 }
1848 
1851 static int
1853 {
1854  if (!md) {
1855  return 0;
1856  }
1857 
1858  if (!md->onion_curve25519_pkey) {
1859  return 0;
1860  }
1861 
1862  if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
1864  return 0;
1865  }
1866 
1867  return 1;
1868 }
1869 
1871 int
1873 {
1874  return node_get_curve25519_onion_key(node) != NULL;
1875 }
1876 
1880 {
1881  if (!node)
1882  return NULL;
1883  if (routerinfo_has_curve25519_onion_key(node->ri))
1884  return node->ri->onion_curve25519_pkey;
1885  else if (microdesc_has_curve25519_onion_key(node->md))
1886  return node->md->onion_curve25519_pkey;
1887  else
1888  return NULL;
1889 }
1890 
1891 /* Return a newly allocacted RSA onion public key taken from the given node.
1892  *
1893  * Return NULL if node is NULL or no RSA onion public key can be found. It is
1894  * the caller responsability to free the returned object. */
1895 crypto_pk_t *
1896 node_get_rsa_onion_key(const node_t *node)
1897 {
1898  crypto_pk_t *pk = NULL;
1899  const char *onion_pkey;
1900  size_t onion_pkey_len;
1901 
1902  if (!node) {
1903  goto end;
1904  }
1905 
1906  if (node->ri) {
1907  onion_pkey = node->ri->onion_pkey;
1908  onion_pkey_len = node->ri->onion_pkey_len;
1909  } else if (node->rs && node->md) {
1910  onion_pkey = node->md->onion_pkey;
1911  onion_pkey_len = node->md->onion_pkey_len;
1912  } else {
1913  /* No descriptor or microdescriptor. */
1914  goto end;
1915  }
1916  pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
1917 
1918  end:
1919  return pk;
1920 }
1921 
1924 void
1926 {
1927  tor_addr_t addr = TOR_ADDR_NULL;
1928 
1929  /* XXXXipv6 */
1930  if (node->rs)
1931  tor_addr_from_ipv4h(&addr, node->rs->addr);
1932  else if (node->ri)
1933  tor_addr_from_ipv4h(&addr, node->ri->addr);
1934 
1935  node->country = geoip_get_country_by_addr(&addr);
1936 }
1937 
1939 void
1941 {
1942  const smartlist_t *nodes = nodelist_get_list();
1943  SMARTLIST_FOREACH(nodes, node_t *, node,
1944  node_set_country(node));
1945 }
1946 
1949 int
1951  const tor_addr_t *a2)
1952 {
1953  if (tor_addr_is_null(a1) || tor_addr_is_null(a2))
1954  return 0;
1955 
1956  switch (tor_addr_family(a1)) {
1957  case AF_INET:
1958  return 0 == tor_addr_compare_masked(a1, a2, 16, CMP_SEMANTIC);
1959  case AF_INET6:
1960  return 0 == tor_addr_compare_masked(a1, a2, 32, CMP_SEMANTIC);
1961  default:
1962  /* If not IPv4 or IPv6, return 0. */
1963  return 0;
1964  }
1965 }
1966 
1971 STATIC int
1972 node_nickname_matches(const node_t *node, const char *nickname)
1973 {
1974  const char *n = node_get_nickname(node);
1975  if (n && nickname[0]!='$' && !strcasecmp(n, nickname))
1976  return 1;
1977  return hex_digest_nickname_matches(nickname,
1978  node->identity,
1979  n);
1980 }
1981 
1983 STATIC int
1985 {
1986  if (!lst) return 0;
1987  SMARTLIST_FOREACH(lst, const char *, name, {
1988  if (node_nickname_matches(node, name))
1989  return 1;
1990  });
1991  return 0;
1992 }
1993 
1995 STATIC int
1996 node_family_contains(const node_t *n1, const node_t *n2)
1997 {
1998  if (n1->ri && n1->ri->declared_family) {
1999  return node_in_nickname_smartlist(n1->ri->declared_family, n2);
2000  } else if (n1->md) {
2001  return nodefamily_contains_node(n1->md->family, n2);
2002  } else {
2003  return 0;
2004  }
2005 }
2006 
2010 STATIC bool
2012 {
2013  if (node->ri && node->ri->declared_family &&
2014  smartlist_len(node->ri->declared_family)) {
2015  return true;
2016  }
2017 
2018  if (node->md && node->md->family) {
2019  return true;
2020  }
2021 
2022  return false;
2023 }
2024 
2030 STATIC void
2032 {
2033  if (node->ri && node->ri->declared_family &&
2034  smartlist_len(node->ri->declared_family)) {
2035  SMARTLIST_FOREACH_BEGIN(node->ri->declared_family, const char *, name) {
2036  const node_t *n2 = node_get_by_nickname(name, NNF_NO_WARN_UNNAMED);
2037  if (n2) {
2038  smartlist_add(out, (node_t *)n2);
2039  }
2040  } SMARTLIST_FOREACH_END(name);
2041  return;
2042  }
2043 
2044  if (node->md && node->md->family) {
2045  nodefamily_add_nodes_to_smartlist(node->md->family, out);
2046  }
2047 }
2048 
2051 int
2052 nodes_in_same_family(const node_t *node1, const node_t *node2)
2053 {
2054  const or_options_t *options = get_options();
2055 
2056  /* Are they in the same family because of their addresses? */
2057  if (options->EnforceDistinctSubnets) {
2058  tor_addr_t a1, a2;
2059  node_get_addr(node1, &a1);
2060  node_get_addr(node2, &a2);
2061 
2062  tor_addr_port_t ap6_1, ap6_2;
2063  node_get_pref_ipv6_orport(node1, &ap6_1);
2064  node_get_pref_ipv6_orport(node2, &ap6_2);
2065 
2066  if (addrs_in_same_network_family(&a1, &a2) ||
2067  addrs_in_same_network_family(&ap6_1.addr, &ap6_2.addr))
2068  return 1;
2069  }
2070 
2071  /* Are they in the same family because the agree they are? */
2072  if (node_family_contains(node1, node2) &&
2073  node_family_contains(node2, node1)) {
2074  return 1;
2075  }
2076 
2077  /* Are they in the same family because the user says they are? */
2078  if (options->NodeFamilySets) {
2079  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2080  if (routerset_contains_node(rs, node1) &&
2081  routerset_contains_node(rs, node2))
2082  return 1;
2083  });
2084  }
2085 
2086  return 0;
2087 }
2088 
2098 void
2100 {
2101  const smartlist_t *all_nodes = nodelist_get_list();
2102  const or_options_t *options = get_options();
2103 
2104  tor_assert(node);
2105 
2106  /* Let's make sure that we have the node itself, if it's a real node. */
2107  {
2108  const node_t *real_node = node_get_by_id(node->identity);
2109  if (real_node)
2110  smartlist_add(sl, (node_t*)real_node);
2111  }
2112 
2113  /* First, add any nodes with similar network addresses. */
2114  if (options->EnforceDistinctSubnets) {
2115  tor_addr_t node_addr;
2116  tor_addr_port_t node_ap6;
2117  node_get_addr(node, &node_addr);
2118  node_get_pref_ipv6_orport(node, &node_ap6);
2119 
2120  SMARTLIST_FOREACH_BEGIN(all_nodes, const node_t *, node2) {
2121  tor_addr_t a;
2122  tor_addr_port_t ap6;
2123  node_get_addr(node2, &a);
2124  node_get_pref_ipv6_orport(node2, &ap6);
2125  if (addrs_in_same_network_family(&a, &node_addr) ||
2126  addrs_in_same_network_family(&ap6.addr, &node_ap6.addr))
2127  smartlist_add(sl, (void*)node2);
2128  } SMARTLIST_FOREACH_END(node2);
2129  }
2130 
2131  /* Now, add all nodes in the declared family of this node, if they
2132  * also declare this node to be in their family. */
2133  if (node_has_declared_family(node)) {
2134  smartlist_t *declared_family = smartlist_new();
2135  node_lookup_declared_family(declared_family, node);
2136 
2137  /* Add every r such that router declares familyness with node, and node
2138  * declares familyhood with router. */
2139  SMARTLIST_FOREACH_BEGIN(declared_family, const node_t *, node2) {
2140  if (node_family_contains(node2, node)) {
2141  smartlist_add(sl, (void*)node2);
2142  }
2143  } SMARTLIST_FOREACH_END(node2);
2144  smartlist_free(declared_family);
2145  }
2146 
2147  /* If the user declared any families locally, honor those too. */
2148  if (options->NodeFamilySets) {
2149  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2150  if (routerset_contains_node(rs, node)) {
2151  routerset_get_all_nodes(sl, rs, NULL, 0);
2152  }
2153  });
2154  }
2155 }
2156 
2163 const node_t *
2164 router_find_exact_exit_enclave(const char *address, uint16_t port)
2165 {/*XXXX MOVE*/
2166  uint32_t addr;
2167  struct in_addr in;
2168  tor_addr_t a;
2169  const or_options_t *options = get_options();
2170 
2171  if (!tor_inet_aton(address, &in))
2172  return NULL; /* it's not an IP already */
2173  addr = ntohl(in.s_addr);
2174 
2175  tor_addr_from_ipv4h(&a, addr);
2176 
2177  SMARTLIST_FOREACH(nodelist_get_list(), const node_t *, node, {
2178  if (node_get_addr_ipv4h(node) == addr &&
2179  node->is_running &&
2180  compare_tor_addr_to_node_policy(&a, port, node) ==
2183  return node;
2184  });
2185  return NULL;
2186 }
2187 
2194 int
2195 node_is_unreliable(const node_t *node, int need_uptime,
2196  int need_capacity, int need_guard)
2197 {
2198  if (need_uptime && !node->is_stable)
2199  return 1;
2200  if (need_capacity && !node->is_fast)
2201  return 1;
2202  if (need_guard && !node->is_possible_guard)
2203  return 1;
2204  return 0;
2205 }
2206 
2209 int
2211  int need_uptime)
2212 {
2214 
2215  SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
2216  if (node->is_running &&
2217  !node_is_unreliable(node, need_uptime, 0, 0)) {
2218 
2219  r = compare_tor_addr_to_node_policy(addr, port, node);
2220 
2222  return 0; /* this one could be ok. good enough. */
2223  }
2224  } SMARTLIST_FOREACH_END(node);
2225  return 1; /* all will reject. */
2226 }
2227 
2230 void
2231 router_set_status(const char *digest, int up)
2232 {
2233  node_t *node;
2234  tor_assert(digest);
2235 
2236  SMARTLIST_FOREACH(router_get_fallback_dir_servers(),
2237  dir_server_t *, d,
2238  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2239  d->is_running = up);
2240 
2241  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2242  dir_server_t *, d,
2243  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2244  d->is_running = up);
2245 
2246  node = node_get_mutable_by_id(digest);
2247  if (node) {
2248 #if 0
2249  log_debug(LD_DIR,"Marking router %s as %s.",
2250  node_describe(node), up ? "up" : "down");
2251 #endif
2252  if (!up && node_is_me(node) && !net_is_disabled())
2253  log_warn(LD_NET, "We just marked ourself as down. Are your external "
2254  "addresses reachable?");
2255 
2256  if (bool_neq(node->is_running, up))
2258 
2259  node->is_running = up;
2260  }
2261 }
2262 
2266 static int have_min_dir_info = 0;
2267 
2269 static consensus_path_type_t have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2270 
2277 static char dir_info_status[512] = "";
2278 
2287 router_have_minimum_dir_info,(void))
2288 {
2289  static int logged_delay=0;
2290  const char *delay_fetches_msg = NULL;
2291  if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
2292  if (!logged_delay)
2293  log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg);
2294  logged_delay=1;
2295  strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status));
2296  return 0;
2297  }
2298  logged_delay = 0; /* reset it if we get this far */
2299 
2300  if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
2302  }
2303 
2304  return have_min_dir_info;
2305 }
2306 
2320 router_have_consensus_path, (void))
2321 {
2322  return have_consensus_path;
2323 }
2324 
2329 void
2331 {
2334  hs_service_dir_info_changed();
2335  hs_client_dir_info_changed();
2336 }
2337 
2340 const char *
2342 {
2343  return dir_info_status;
2344 }
2345 
2360 static void
2361 count_usable_descriptors(int *num_present, int *num_usable,
2362  smartlist_t *descs_out,
2363  const networkstatus_t *consensus,
2364  time_t now,
2365  routerset_t *in_set,
2366  usable_descriptor_t exit_only)
2367 {
2368  const int md = (consensus->flavor == FLAV_MICRODESC);
2369  *num_present = 0, *num_usable = 0;
2370 
2372  {
2373  const node_t *node = node_get_by_id(rs->identity_digest);
2374  if (!node)
2375  continue; /* This would be a bug: every entry in the consensus is
2376  * supposed to have a node. */
2377  if ((exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) && ! rs->is_exit)
2378  continue;
2379  if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1))
2380  continue;
2381  if (client_would_use_router(rs, now)) {
2382  const char * const digest = rs->descriptor_digest;
2383  int present;
2384  ++*num_usable; /* the consensus says we want it. */
2385  if (md)
2386  present = NULL != microdesc_cache_lookup_by_digest256(NULL, digest);
2387  else
2388  present = NULL != router_get_by_descriptor_digest(digest);
2389  if (present) {
2390  /* Do the policy check last, because it requires a descriptor,
2391  * and is potentially expensive */
2392  if ((exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) &&
2394  continue;
2395  }
2396  /* we have the descriptor listed in the consensus, and it
2397  * satisfies our exit constraints (if any) */
2398  ++*num_present;
2399  }
2400  if (descs_out)
2401  smartlist_add(descs_out, (node_t*)node);
2402  }
2403  }
2404  SMARTLIST_FOREACH_END(rs);
2405 
2406  log_debug(LD_DIR, "%d usable, %d present (%s%s%s%s%s).",
2407  *num_usable, *num_present,
2408  md ? "microdesc" : "desc",
2409  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2410  " exit" : "s",
2411  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) ?
2412  " policies" : "" ,
2413  (exit_only == USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2414  " and" : "" ,
2415  (exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) ?
2416  " flags" : "" );
2417 }
2418 
2431 static double
2433  const or_options_t *options, time_t now,
2434  int *num_present_out, int *num_usable_out,
2435  char **status_out)
2436 {
2437  smartlist_t *guards = smartlist_new();
2438  smartlist_t *mid = smartlist_new();
2439  smartlist_t *exits = smartlist_new();
2440  double f_guard, f_mid, f_exit;
2441  double f_path = 0.0;
2442  /* Used to determine whether there are any exits in the consensus */
2443  int np = 0;
2444  /* Used to determine whether there are any exits with descriptors */
2445  int nu = 0;
2446  const int authdir = authdir_mode_v3(options);
2447 
2448  count_usable_descriptors(num_present_out, num_usable_out,
2449  mid, consensus, now, options->MiddleNodes,
2450  USABLE_DESCRIPTOR_ALL);
2451  log_debug(LD_NET,
2452  "%s: %d present, %d usable",
2453  "mid",
2454  np,
2455  nu);
2456 
2457  if (options->EntryNodes) {
2458  count_usable_descriptors(&np, &nu, guards, consensus, now,
2459  options->EntryNodes, USABLE_DESCRIPTOR_ALL);
2460  log_debug(LD_NET,
2461  "%s: %d present, %d usable",
2462  "guard",
2463  np,
2464  nu);
2465  } else {
2466  SMARTLIST_FOREACH(mid, const node_t *, node, {
2467  if (authdir) {
2468  if (node->rs && node->rs->is_possible_guard)
2469  smartlist_add(guards, (node_t*)node);
2470  } else {
2471  if (node->is_possible_guard)
2472  smartlist_add(guards, (node_t*)node);
2473  }
2474  });
2475  log_debug(LD_NET,
2476  "%s: %d possible",
2477  "guard",
2478  smartlist_len(guards));
2479  }
2480 
2481  /* All nodes with exit policy and flag */
2482  count_usable_descriptors(&np, &nu, exits, consensus, now,
2483  NULL, USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2484  log_debug(LD_NET,
2485  "%s: %d present, %d usable",
2486  "exits",
2487  np,
2488  nu);
2489 
2490  /* We need at least 1 exit (flag and policy) in the consensus to consider
2491  * building exit paths */
2492  /* Update our understanding of whether the consensus has exits */
2493  consensus_path_type_t old_have_consensus_path = have_consensus_path;
2494  have_consensus_path = ((np > 0) ?
2495  CONSENSUS_PATH_EXIT :
2496  CONSENSUS_PATH_INTERNAL);
2497 
2498  if (old_have_consensus_path != have_consensus_path) {
2499  if (have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2500  log_notice(LD_NET,
2501  "The current consensus has no exit nodes. "
2502  "Tor can only build internal paths, "
2503  "such as paths to onion services.");
2504 
2505  /* However, exit nodes can reachability self-test using this consensus,
2506  * join the network, and appear in a later consensus. This will allow
2507  * the network to build exit paths, such as paths for world wide web
2508  * browsing (as distinct from hidden service web browsing). */
2509  } else if (old_have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2510  log_notice(LD_NET,
2511  "The current consensus contains exit nodes. "
2512  "Tor can build exit and internal paths.");
2513  }
2514  }
2515 
2516  f_guard = frac_nodes_with_descriptors(guards, WEIGHT_FOR_GUARD, 1);
2517  f_mid = frac_nodes_with_descriptors(mid, WEIGHT_FOR_MID, 0);
2518  f_exit = frac_nodes_with_descriptors(exits, WEIGHT_FOR_EXIT, 0);
2519 
2520  /* If we are using bridges and have at least one bridge with a full
2521  * descriptor, assume f_guard is 1.0. */
2522  if (options->UseBridges && num_bridges_usable(0) > 0)
2523  f_guard = 1.0;
2524 
2525  log_debug(LD_NET,
2526  "f_guard: %.2f, f_mid: %.2f, f_exit: %.2f",
2527  f_guard,
2528  f_mid,
2529  f_exit);
2530 
2531  smartlist_free(guards);
2532  smartlist_free(mid);
2533  smartlist_free(exits);
2534 
2535  if (options->ExitNodes) {
2536  double f_myexit, f_myexit_unflagged;
2537  smartlist_t *myexits= smartlist_new();
2538  smartlist_t *myexits_unflagged = smartlist_new();
2539 
2540  /* All nodes with exit policy and flag in ExitNodes option */
2541  count_usable_descriptors(&np, &nu, myexits, consensus, now,
2542  options->ExitNodes,
2543  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2544  log_debug(LD_NET,
2545  "%s: %d present, %d usable",
2546  "myexits",
2547  np,
2548  nu);
2549 
2550  /* Now compute the nodes in the ExitNodes option where we know their exit
2551  * policy permits something. */
2552  count_usable_descriptors(&np, &nu, myexits_unflagged,
2553  consensus, now,
2554  options->ExitNodes,
2555  USABLE_DESCRIPTOR_EXIT_POLICY);
2556  log_debug(LD_NET,
2557  "%s: %d present, %d usable",
2558  "myexits_unflagged (initial)",
2559  np,
2560  nu);
2561 
2562  f_myexit= frac_nodes_with_descriptors(myexits,WEIGHT_FOR_EXIT, 0);
2563  f_myexit_unflagged=
2564  frac_nodes_with_descriptors(myexits_unflagged,
2565  WEIGHT_FOR_EXIT, 0);
2566 
2567  log_debug(LD_NET,
2568  "f_exit: %.2f, f_myexit: %.2f, f_myexit_unflagged: %.2f",
2569  f_exit,
2570  f_myexit,
2571  f_myexit_unflagged);
2572 
2573  /* If our ExitNodes list has eliminated every possible Exit node, and there
2574  * were some possible Exit nodes, then instead consider nodes that permit
2575  * exiting to some ports. */
2576  if (smartlist_len(myexits) == 0 &&
2577  smartlist_len(myexits_unflagged)) {
2578  f_myexit = f_myexit_unflagged;
2579  }
2580 
2581  smartlist_free(myexits);
2582  smartlist_free(myexits_unflagged);
2583 
2584  /* This is a tricky point here: we don't want to make it easy for a
2585  * directory to trickle exits to us until it learns which exits we have
2586  * configured, so require that we have a threshold both of total exits
2587  * and usable exits. */
2588  if (f_myexit < f_exit)
2589  f_exit = f_myexit;
2590  }
2591 
2592  /* If the consensus has no exits that pass flag, descriptor, and policy
2593  * checks, we can only build onion service paths, which are G - M - M. */
2594  if (router_have_consensus_path() != CONSENSUS_PATH_EXIT) {
2595  /* If the exit bandwidth weight fraction is not zero, we need to wait for
2596  * descriptors for those exits. (The bandwidth weight fraction does not
2597  * check for descriptors.)
2598  * If the exit bandwidth fraction is zero, there are no exits in the
2599  * consensus at all. So it is safe to replace f_exit with f_mid.
2600  *
2601  * f_exit is non-negative, but some compilers complain about float and ==
2602  */
2603  if (f_exit <= 0.0) {
2604  f_exit = f_mid;
2605  }
2606  }
2607 
2608  f_path = f_guard * f_mid * f_exit;
2609 
2610  if (status_out)
2611  tor_asprintf(status_out,
2612  "%d%% of guards bw, "
2613  "%d%% of midpoint bw, and "
2614  "%d%% of %s = "
2615  "%d%% of path bw",
2616  (int)(f_guard*100),
2617  (int)(f_mid*100),
2618  (int)(f_exit*100),
2619  (router_have_consensus_path() == CONSENSUS_PATH_EXIT ?
2620  "exit bw" :
2621  "end bw (no exits in consensus, using mid)"),
2622  (int)(f_path*100));
2623 
2624  return f_path;
2625 }
2626 
2630 int
2632 {
2633  int num_present = 0, num_usable=0;
2634  time_t now = time(NULL);
2635  const or_options_t *options = get_options();
2636  const networkstatus_t *consensus =
2637  networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor());
2638  double paths, fraction;
2639 
2640  if (!consensus)
2641  return 0; /* can't count descriptors if we have no list of them */
2642 
2643  paths = compute_frac_paths_available(consensus, options, now,
2644  &num_present, &num_usable,
2645  NULL);
2646 
2647  fraction = paths / get_frac_paths_needed_for_circs(options,consensus);
2648  if (fraction > 1.0)
2649  return 0; /* it's not the number of descriptors holding us back */
2650  return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
2651  (fraction*(BOOTSTRAP_STATUS_ENOUGH_DIRINFO-1 -
2652  BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
2653 }
2654 
2657 static double
2659  const networkstatus_t *ns)
2660 {
2661 #define DFLT_PCT_USABLE_NEEDED 60
2662  if (options->PathsNeededToBuildCircuits >= 0.0) {
2663  return options->PathsNeededToBuildCircuits;
2664  } else {
2665  return networkstatus_get_param(ns, "min_paths_for_circs_pct",
2666  DFLT_PCT_USABLE_NEEDED,
2667  25, 95)/100.0;
2668  }
2669 }
2670 
2674 static void
2676 {
2677  time_t now = time(NULL);
2678  int res;
2679  int num_present=0, num_usable=0;
2680  const or_options_t *options = get_options();
2681  const networkstatus_t *consensus =
2682  networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor());
2683  int using_md;
2684 
2685  if (!consensus) {
2686  if (!networkstatus_get_latest_consensus())
2687  strlcpy(dir_info_status, "We have no usable consensus.",
2688  sizeof(dir_info_status));
2689  else
2690  strlcpy(dir_info_status, "We have no recent usable consensus.",
2691  sizeof(dir_info_status));
2692  res = 0;
2693  goto done;
2694  }
2695 
2696  using_md = consensus->flavor == FLAV_MICRODESC;
2697 
2698  /* Check fraction of available paths */
2699  {
2700  char *status = NULL;
2701  double paths = compute_frac_paths_available(consensus, options, now,
2702  &num_present, &num_usable,
2703  &status);
2704 
2705  if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
2707  "We need more %sdescriptors: we have %d/%d, and "
2708  "can only build %d%% of likely paths. (We have %s.)",
2709  using_md?"micro":"", num_present, num_usable,
2710  (int)(paths*100), status);
2711  tor_free(status);
2712  res = 0;
2713  control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
2714  goto done;
2715  }
2716 
2717  tor_free(status);
2718  res = 1;
2719  }
2720 
2721  { /* Check entry guard dirinfo status */
2722  char *guard_error = entry_guards_get_err_str_if_dir_info_missing(using_md,
2723  num_present,
2724  num_usable);
2725  if (guard_error) {
2726  strlcpy(dir_info_status, guard_error, sizeof(dir_info_status));
2727  tor_free(guard_error);
2728  res = 0;
2729  goto done;
2730  }
2731  }
2732 
2733  done:
2734 
2735  /* If paths have just become available in this update. */
2736  if (res && !have_min_dir_info) {
2737  control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
2738  control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0);
2739  log_info(LD_DIR,
2740  "We now have enough directory information to build circuits.");
2741  }
2742 
2743  /* If paths have just become unavailable in this update. */
2744  if (!res && have_min_dir_info) {
2745  int quiet = directory_too_idle_to_fetch_descriptors(options, now);
2746  tor_log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
2747  "Our directory information is no longer up-to-date "
2748  "enough to build circuits: %s", dir_info_status);
2749 
2750  /* a) make us log when we next complete a circuit, so we know when Tor
2751  * is back up and usable, and b) disable some activities that Tor
2752  * should only do while circuits are working, like reachability tests
2753  * and fetching bridge descriptors only over circuits. */
2755  have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2756  control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
2757  }
2758  have_min_dir_info = res;
2760 }
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:40
Header file for dirserv.c.
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:603
int fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:508
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
struct short_policy_t * exit_policy
Definition: microdesc_st.h:76
smartlist_t * nodelist_find_nodes_with_microdesc(const microdesc_t *md)
Definition: nodelist.c:767
int node_allows_single_hop_exits(const node_t *node)
Definition: nodelist.c:1408
Header file containing common data for the whole HS subsytem.
Header file for circuitbuild.c.
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1720
Definition: node_st.h:28
uint16_t ipv6_orport
Definition: microdesc_st.h:72
Types to handle sets of addresses.
static void node_add_to_address_set(const node_t *node)
Definition: nodelist.c:448
int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us)
Definition: nodelist.c:1135
unsigned int policy_is_reject_star
Definition: routerinfo_st.h:74
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
Header for backtrace.c.
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:334
unsigned int name_lookup_warned
Definition: node_st.h:72
protover_summary_flags_t pv
Definition: routerinfo_st.h:90
protover_summary_flags_t pv
addr_policy_result_t
Definition: policies.h:38
Header file containing client data for the HS subsytem.
Header file for node_select.c.
Header file for nodefamily.c.
routerset_t * EntryNodes
Definition: or_options_st.h:78
void router_dir_info_changed(void)
Definition: nodelist.c:2330
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1053
int node_supports_ed25519_hs_intro(const node_t *node)
Definition: nodelist.c:1162
#define LD_GENERAL
Definition: log.h:59
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1823
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:3004
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
void control_event_boot_dir(bootstrap_status_t status, int progress)
char identity_digest[DIGEST_LEN]
static void node_free_(node_t *node)
Definition: nodelist.c:785
#define LOG_INFO
Definition: log.h:42
Header file for describe.c.
Header file for nodelist.c.
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1654
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:632
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
const ed25519_public_key_t * node_get_ed25519_id(const node_t *node)
Definition: nodelist.c:1051
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1684
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
struct smartlist_t * NodeFamilySets
void smartlist_add(smartlist_t *sl, void *element)
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:234
#define bool_neq(a, b)
Definition: logic.h:18
int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:533
#define MAX_NICKNAME_LEN
Definition: or.h:113
Header file for config.c.
void router_set_status(const char *digest, int up)
Definition: nodelist.c:2231
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
ed25519_public_key_t signing_key
Definition: torcert.h:28
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
Header file for microdesc.c.
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:152
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:38
static int node_add_to_ed25519_map(node_t *node)
Definition: nodelist.c:308
int short_policy_is_reject_star(const short_policy_t *policy)
Definition: policies.c:2987
MOCK_IMPL(node_t *, node_get_mutable_by_id,(const char *identity_digest))
Definition: nodelist.c:193
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:83
int directory_too_idle_to_fetch_descriptors(const or_options_t *options, time_t now)
Definition: dirserv.c:169
unsigned int supports_v3_hsdir
Definition: or.h:836
#define tor_free(p)
Definition: malloc.h:52
#define tor_fragile_assert()
Definition: util_bug.h:241
unsigned int is_possible_guard
Definition: node_st.h:63
static int have_min_dir_info
Definition: nodelist.c:2266
int node_supports_v3_hsdir(const node_t *node)
Definition: nodelist.c:1152
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1340
unsigned int supports_ed25519_hs_intro
Definition: or.h:831
#define LOG_NOTICE
Definition: log.h:47
struct tor_cert_st * signing_key_cert
unsigned int is_stable
Definition: node_st.h:62
Header file for mainloop.c.
unsigned int rejects_all
Definition: node_st.h:77
STATIC void node_lookup_declared_family(smartlist_t *out, const node_t *node)
Definition: nodelist.c:2031
consensus_path_type_t
Definition: nodelist.h:143
int node_is_me(const node_t *node)
Definition: nodelist.c:1598
void node_get_pref_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1705
const char * node_get_platform(const node_t *node)
Definition: nodelist.c:1585
smartlist_t * declared_family
Definition: routerinfo_st.h:62
unsigned int is_running
Definition: dir_server_st.h:32
unsigned int is_valid
Definition: node_st.h:59
int node_has_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1872
Header file for geoip.c.
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
size_t onion_pkey_len
Definition: microdesc_st.h:63
static double get_frac_paths_needed_for_circs(const or_options_t *options, const networkstatus_t *ns)
Definition: nodelist.c:2658
usable_descriptor_t
Definition: nodelist.c:92
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:748
int address_set_probably_contains(const address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:67
static const protover_summary_flags_t zero_protover_flags
Definition: nodelist.c:1108
unsigned int is_exit
Definition: node_st.h:64
STATIC int node_family_contains(const node_t *n1, const node_t *n2)
Definition: nodelist.c:1996
int node_is_unreliable(const node_t *node, int need_uptime, int need_capacity, int need_guard)
Definition: nodelist.c:2195
Header file for directory authority mode.
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:493
static double compute_frac_paths_available(const networkstatus_t *consensus, const or_options_t *options, time_t now, int *num_present_out, int *num_usable_out, char **status_out)
Definition: nodelist.c:2432
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for policies.c.
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2631
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2099
double frac_nodes_with_descriptors(const smartlist_t *sl, bandwidth_weight_rule_t rule, int for_direct_conn)
Definition: node_select.c:768
const node_t * node_get_by_hex_id(const char *hex_id, unsigned flags)
Definition: nodelist.c:959
const curve25519_public_key_t * node_get_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1879
int node_is_dir(const node_t *node)
Definition: nodelist.c:1304
tor_assert(buffer)
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1290
routerset_t * ExitNodes
Definition: or_options_st.h:72
unsigned int is_running
Definition: node_st.h:57
node_t * nodelist_add_microdesc(microdesc_t *md)
Definition: nodelist.c:549
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
void nodelist_purge(void)
Definition: nodelist.c:798
int node_get_purpose(const node_t *node)
Definition: nodelist.c:1361
static void node_addrs_changed(node_t *node)
Definition: nodelist.c:438
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
static char dir_info_status[512]
Definition: nodelist.c:2277
static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, time_t now, routerset_t *in_set, usable_descriptor_t exit_only)
Definition: nodelist.c:2361
void address_set_add(address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:48
unsigned int held_by_nodes
Definition: microdesc_st.h:37
static int microdesc_has_curve25519_onion_key(const microdesc_t *md)
Definition: nodelist.c:1852
unsigned int is_hs_dir
Definition: node_st.h:67
void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1808
#define DIGEST_LEN
Definition: digest_sizes.h:20
void rend_hsdir_routers_changed(void)
Definition: rendservice.c:4324
const char * node_describe(const node_t *node)
Definition: describe.c:101
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1785
char identity[DIGEST_LEN]
Definition: node_st.h:40
void nodefamily_add_nodes_to_smartlist(const nodefamily_t *family, smartlist_t *out)
Definition: nodefamily.c:342
Headers for address.h.
Header file for circuitbuild.c.
void node_get_verbose_nickname_by_id(const char *id_digest, char *verbose_name_out)
Definition: nodelist.c:1393
unsigned int allow_single_hop_exits
Definition: routerinfo_st.h:69
Master header file for Tor-specific functionality.
int addrs_in_same_network_family(const tor_addr_t *a1, const tor_addr_t *a2)
Definition: nodelist.c:1950
uint32_t node_get_prim_addr_ipv4h(const node_t *node)
Definition: nodelist.c:1542
time_t last_reachable
Definition: node_st.h:93
static void nodelist_drop_node(node_t *node, int remove_from_ht)
Definition: nodelist.c:742
size_t onion_pkey_len
Definition: routerinfo_st.h:36
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1373
int node_is_good_exit(const node_t *node)
Definition: nodelist.c:698
Header for binascii.c.
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:821
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
tor_addr_t ipv6_addr
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:769
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:277
char nickname[MAX_NICKNAME_LEN+1]
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
struct ed25519_public_key_t * ed25519_identity_pkey
Definition: microdesc_st.h:68
signed_descriptor_t * router_get_by_descriptor_digest(const char *digest)
Definition: routerlist.c:698
void tor_free_(void *mem)
Definition: malloc.c:227
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
Definition: nodelist.c:713
void smartlist_del(smartlist_t *sl, int idx)
static int need_to_update_have_min_dir_info
Definition: nodelist.c:2274
void node_set_country(node_t *node)
Definition: nodelist.c:1925
const node_t * router_find_exact_exit_enclave(const char *address, uint16_t port)
Definition: nodelist.c:2164
Header file for rendservice.c.
Header file for process_descs.c.
int control_event_client_status(int severity, const char *format,...)
char * onion_pkey
Definition: routerinfo_st.h:34
static node_t * node_get_or_create(const char *identity_digest)
Definition: nodelist.c:243
tor_addr_t ipv6_addr
Definition: microdesc_st.h:70
double PathsNeededToBuildCircuits
Headers and type declarations for protover.c.
char * onion_pkey
Definition: microdesc_st.h:61
microdesc_t * microdesc_cache_lookup_by_digest256(microdesc_cache_t *cache, const char *d)
Definition: microdesc.c:944
smartlist_t * routerstatus_list
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1437
static int node_remove_from_ed25519_map(node_t *node)
Definition: nodelist.c:265
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:560
country_t country
Definition: node_st.h:87
unsigned int is_possible_guard
const char * get_dir_info_status_string(void)
Definition: nodelist.c:2341
#define LD_DIR
Definition: log.h:85
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
consensus_flavor_t flavor
node_t * nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
Definition: nodelist.c:493
STATIC bool node_has_declared_family(const node_t *node)
Definition: nodelist.c:2011
int hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, const char *nickname)
Definition: routerlist.c:634
char identity_digest[DIGEST_LEN]
routerset_t * ExcludeExitNodesUnion_
Definition: or_options_st.h:93
int hex_digest_nickname_decode(const char *hexdigest, char *digest_out, char *nickname_qualifier_char_out, char *nickname_out)
Definition: routerlist.c:598
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
unsigned int ipv6_preferred
Definition: node_st.h:83
void nodelist_assert_ok(void)
Definition: nodelist.c:851
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:249
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: microdesc_st.h:66
int node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1172
#define SMARTLIST_FOREACH(sl, type, var, cmd)
void nodelist_free_all(void)
Definition: nodelist.c:827
char * nickname
Definition: routerinfo_st.h:17
uint16_t dir_port
Definition: routerinfo_st.h:21
#define log_fn(severity, domain, args,...)
Definition: log.h:272
struct nodelist_t nodelist_t
char * entry_guards_get_err_str_if_dir_info_missing(int using_mds, int num_present, int num_usable)
Definition: entrynodes.c:3774
smartlist_t * node_get_all_orports(const node_t *node)
Definition: nodelist.c:1494
int EnforceDistinctSubnets
int router_digest_is_me(const char *digest)
Definition: router.c:1592
static const protover_summary_flags_t * node_get_protover_summary_flags(const node_t *node)
Definition: nodelist.c:1114
HT_PROTOTYPE(HT_GENERATE2(nodelist_ed_map, HT_GENERATE2(node_t, HT_GENERATE2(ed_ht_ent, HT_GENERATE2(node_ed_id_hash, HT_GENERATE2(node_ed_id_eq)
Definition: nodelist.c:172
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:53
time_t approx_time(void)
Definition: approx_time.c:32
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1419
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2210
routerset_t * MiddleNodes
Definition: or_options_st.h:75
Header file for dirlist.c.
long node_get_declared_uptime(const node_t *node)
Definition: nodelist.c:1575
uint32_t addr
Definition: routerinfo_st.h:19
int node_is_a_configured_bridge(const node_t *node)
Definition: bridges.c:348
void nodelist_remove_routerinfo(routerinfo_t *ri)
Definition: nodelist.c:727
void node_get_address_string(const node_t *node, char *buf, size_t len)
Definition: nodelist.c:1559
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1096
char * platform
Definition: routerinfo_st.h:45
uint16_t ipv6_orport
uint8_t purpose
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:974
struct nodefamily_t * family
Definition: microdesc_st.h:74
bool nodefamily_contains_node(const nodefamily_t *family, const node_t *node)
Definition: nodefamily.c:328
STATIC int node_in_nickname_smartlist(const smartlist_t *lst, const node_t *node)
Definition: nodelist.c:1984
int nodelist_idx
Definition: node_st.h:36
#define LD_NET
Definition: log.h:63
#define tor_addr_to_in6_addr8(x)
Definition: address.h:129
unsigned int is_bad_exit
Definition: node_st.h:65
const uint8_t * node_get_rsa_id_digest(const node_t *node)
Definition: nodelist.c:1186
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:265
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:318
uint64_t hs_get_next_time_period_num(time_t now)
Definition: hs_common.c:300
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:27
static void node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
Definition: nodelist.c:292
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:903
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:826
void nodelist_refresh_countries(void)
Definition: nodelist.c:1940
address_set_t * address_set_new(int max_addresses_guess)
Definition: address_set.c:34
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
void address_set_add_ipv4h(address_set_t *set, uint32_t addr)
Definition: address_set.c:55
int client_would_use_router(const routerstatus_t *rs, time_t now)
Header file for control_events.c.
#define LD_PROTOCOL
Definition: log.h:69
ed25519_public_key_t ed25519_id
Definition: node_st.h:47
int node_has_any_descriptor(const node_t *node)
Definition: nodelist.c:1327
int nodes_in_same_family(const node_t *node1, const node_t *node2)
Definition: nodelist.c:2052
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
int nodelist_probably_contains_address(const tor_addr_t *addr)
Definition: nodelist.c:477
static void update_router_have_minimum_dir_info(void)
Definition: nodelist.c:2675
STATIC int node_nickname_matches(const node_t *node, const char *nickname)
Definition: nodelist.c:1972
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:809
void node_get_addr(const node_t *node, tor_addr_t *addr_out)
Definition: nodelist.c:1532
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:83
void nodelist_ensure_freshness(networkstatus_t *ns)
Definition: nodelist.c:928
#define LD_CONFIG
Definition: log.h:65
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
smartlist_t * routers
Definition: routerlist_st.h:27
unsigned int supports_v3_rendezvous_point
Definition: or.h:841
Header file for routerlist.c.
node_t * node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:207
static consensus_path_type_t have_consensus_path
Definition: nodelist.c:2269
static int node_is_usable(const node_t *node)
Definition: nodelist.c:705
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
int fascist_firewall_use_ipv6(const or_options_t *options)
Definition: policies.c:459
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1762