Tor  0.4.5.0-alpha-dev
nodelist.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2020, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file nodelist.c
9  *
10  * \brief Structures and functions for tracking what we know about the routers
11  * on the Tor network, and correlating information from networkstatus,
12  * routerinfo, and microdescs.
13  *
14  * The key structure here is node_t: that's the canonical way to refer
15  * to a Tor relay that we might want to build a circuit through. Every
16  * node_t has either a routerinfo_t, or a routerstatus_t from the current
17  * networkstatus consensus. If it has a routerstatus_t, it will also
18  * need to have a microdesc_t before you can use it for circuits.
19  *
20  * The nodelist_t is a global singleton that maps identities to node_t
21  * objects. Access them with the node_get_*() functions. The nodelist_t
22  * is maintained by calls throughout the codebase
23  *
24  * Generally, other code should not have to reach inside a node_t to
25  * see what information it has. Instead, you should call one of the
26  * many accessor functions that works on a generic node_t. If there
27  * isn't one that does what you need, it's better to make such a function,
28  * and then use it.
29  *
30  * For historical reasons, some of the functions that select a node_t
31  * from the list of all usable node_t objects are in the routerlist.c
32  * module, since they originally selected a routerinfo_t. (TODO: They
33  * should move!)
34  *
35  * (TODO: Perhaps someday we should abstract the remaining ways of
36  * talking about a relay to also be node_t instances. Those would be
37  * routerstatus_t as used for directory requests, and dir_server_t as
38  * used for authorities and fallback directories.)
39  */
40 
41 #define NODELIST_PRIVATE
42 
43 #include "core/or/or.h"
44 #include "app/config/config.h"
45 #include "core/mainloop/mainloop.h"
47 #include "core/or/address_set.h"
48 #include "core/or/policies.h"
49 #include "core/or/protover.h"
50 #include "feature/client/bridges.h"
55 #include "feature/hs/hs_client.h"
56 #include "feature/hs/hs_common.h"
68 #include "lib/encoding/binascii.h"
69 #include "lib/err/backtrace.h"
70 #include "lib/geoip/geoip.h"
71 #include "lib/net/address.h"
72 
73 #include <string.h>
74 
76 
84 
85 static void nodelist_drop_node(node_t *node, int remove_from_ht);
86 #define node_free(val) \
87  FREE_AND_NULL(node_t, node_free_, (val))
88 static void node_free_(node_t *node);
89 
90 /** count_usable_descriptors counts descriptors with these flag(s)
91  */
92 typedef enum {
93  /* All descriptors regardless of flags or exit policies */
94  USABLE_DESCRIPTOR_ALL = 0U,
95  /* Only count descriptors with an exit policy that allows at least one port
96  */
97  USABLE_DESCRIPTOR_EXIT_POLICY = 1U << 0,
98  /* Only count descriptors for relays that have the exit flag in the
99  * consensus */
100  USABLE_DESCRIPTOR_EXIT_FLAG = 1U << 1,
101  /* Only count descriptors for relays that have the policy and the flag */
102  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG = (USABLE_DESCRIPTOR_EXIT_POLICY |
103  USABLE_DESCRIPTOR_EXIT_FLAG)
105 static void count_usable_descriptors(int *num_present,
106  int *num_usable,
107  smartlist_t *descs_out,
108  const networkstatus_t *consensus,
109  time_t now,
110  routerset_t *in_set,
111  usable_descriptor_t exit_only);
112 static void update_router_have_minimum_dir_info(void);
113 static double get_frac_paths_needed_for_circs(const or_options_t *options,
114  const networkstatus_t *ns);
115 static void node_add_to_address_set(const node_t *node);
116 
117 /** A nodelist_t holds a node_t object for every router we're "willing to use
118  * for something". Specifically, it should hold a node_t for every node that
119  * is currently in the routerlist, or currently in the consensus we're using.
120  */
121 typedef struct nodelist_t {
122  /* A list of all the nodes. */
123  smartlist_t *nodes;
124  /* Hash table to map from node ID digest to node. */
125  HT_HEAD(nodelist_map, node_t) nodes_by_id;
126  /* Hash table to map from node Ed25519 ID to node.
127  *
128  * Whenever a node's routerinfo or microdescriptor is about to change,
129  * you should remove it from this map with node_remove_from_ed25519_map().
130  * Whenever a node's routerinfo or microdescriptor has just chaned,
131  * you should add it to this map with node_add_to_ed25519_map().
132  */
133  HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
134 
135  /* Set of addresses that belong to nodes we believe in. */
136  address_set_t *node_addrs;
137 
138  /* The valid-after time of the last live consensus that initialized the
139  * nodelist. We use this to detect outdated nodelists that need to be
140  * rebuilt using a newer consensus. */
141  time_t live_consensus_valid_after;
142 } nodelist_t;
143 
144 static inline unsigned int
145 node_id_hash(const node_t *node)
146 {
147  return (unsigned) siphash24g(node->identity, DIGEST_LEN);
148 }
149 
150 static inline unsigned int
151 node_id_eq(const node_t *node1, const node_t *node2)
152 {
153  return tor_memeq(node1->identity, node2->identity, DIGEST_LEN);
154 }
155 
156 HT_PROTOTYPE(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq);
157 HT_GENERATE2(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq,
159 
160 static inline unsigned int
161 node_ed_id_hash(const node_t *node)
162 {
163  return (unsigned) siphash24g(node->ed25519_id.pubkey, ED25519_PUBKEY_LEN);
164 }
165 
166 static inline unsigned int
167 node_ed_id_eq(const node_t *node1, const node_t *node2)
168 {
169  return ed25519_pubkey_eq(&node1->ed25519_id, &node2->ed25519_id);
170 }
171 
172 HT_PROTOTYPE(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
173  node_ed_id_eq);
174 HT_GENERATE2(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
175  node_ed_id_eq, 0.6, tor_reallocarray_, tor_free_);
176 
177 /** The global nodelist. */
179 
180 /** Create an empty nodelist if we haven't done so already. */
181 static void
183 {
184  if (PREDICT_UNLIKELY(the_nodelist == NULL)) {
185  the_nodelist = tor_malloc_zero(sizeof(nodelist_t));
186  HT_INIT(nodelist_map, &the_nodelist->nodes_by_id);
187  HT_INIT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
188  the_nodelist->nodes = smartlist_new();
189  }
190 }
191 
192 /** As node_get_by_id, but returns a non-const pointer */
193 MOCK_IMPL(node_t *,
194 node_get_mutable_by_id,(const char *identity_digest))
195 {
196  node_t search, *node;
197  if (PREDICT_UNLIKELY(the_nodelist == NULL))
198  return NULL;
199 
200  memcpy(&search.identity, identity_digest, DIGEST_LEN);
201  node = HT_FIND(nodelist_map, &the_nodelist->nodes_by_id, &search);
202  return node;
203 }
204 
205 /** As node_get_by_ed25519_id, but returns a non-const pointer */
206 node_t *
208 {
209  node_t search, *node;
210  if (PREDICT_UNLIKELY(the_nodelist == NULL))
211  return NULL;
212  if (BUG(ed_id == NULL) || BUG(ed25519_public_key_is_zero(ed_id)))
213  return NULL;
214 
215  memcpy(&search.ed25519_id, ed_id, sizeof(search.ed25519_id));
216  node = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, &search);
217  return node;
218 }
219 
220 /** Return the node_t whose identity is <b>identity_digest</b>, or NULL
221  * if no such node exists. */
222 MOCK_IMPL(const node_t *,
223 node_get_by_id,(const char *identity_digest))
224 {
225  return node_get_mutable_by_id(identity_digest);
226 }
227 
228 /** Return the node_t whose ed25519 identity is <b>ed_id</b>, or NULL
229  * if no such node exists. */
230 MOCK_IMPL(const node_t *,
232 {
233  return node_get_mutable_by_ed25519_id(ed_id);
234 }
235 
236 /** Internal: return the node_t whose identity_digest is
237  * <b>identity_digest</b>. If none exists, create a new one, add it to the
238  * nodelist, and return it.
239  *
240  * Requires that the nodelist be initialized.
241  */
242 static node_t *
243 node_get_or_create(const char *identity_digest)
244 {
245  node_t *node;
246 
247  if ((node = node_get_mutable_by_id(identity_digest)))
248  return node;
249 
250  node = tor_malloc_zero(sizeof(node_t));
251  memcpy(node->identity, identity_digest, DIGEST_LEN);
252  HT_INSERT(nodelist_map, &the_nodelist->nodes_by_id, node);
253 
254  smartlist_add(the_nodelist->nodes, node);
255  node->nodelist_idx = smartlist_len(the_nodelist->nodes) - 1;
256 
257  node->country = -1;
258 
259  return node;
260 }
261 
262 /** Remove <b>node</b> from the ed25519 map (if it present), and
263  * set its ed25519_id field to zero. */
264 static int
266 {
268  tor_assert(node);
269 
271  return 0;
272  }
273 
274  int rv = 0;
275  node_t *search =
276  HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
277  if (BUG(search != node)) {
278  goto clear_and_return;
279  }
280 
281  search = HT_REMOVE(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
282  tor_assert(search == node);
283  rv = 1;
284 
285  clear_and_return:
286  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
287  return rv;
288 }
289 
290 /** Helper function to log details of duplicated ed2559_ids */
291 static void
292 node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
293 {
294  char *s;
295  char *olddesc = tor_strdup(node_describe(old));
296 
297  tor_asprintf(&s, "Reused ed25519_id %s: old %s new %s", ed_id,
298  olddesc, node_describe(node));
299  log_backtrace(LOG_NOTICE, LD_DIR, s);
300  tor_free(olddesc);
301  tor_free(s);
302 }
303 
304 /** If <b>node</b> has an ed25519 id, and it is not already in the ed25519 id
305  * map, set its ed25519_id field, and add it to the ed25519 map.
306  */
307 static int
309 {
311  tor_assert(node);
312 
313  if (! ed25519_public_key_is_zero(&node->ed25519_id)) {
314  return 0;
315  }
316 
317  const ed25519_public_key_t *key = node_get_ed25519_id(node);
318  if (!key) {
319  return 0;
320  }
321 
322  node_t *old;
323  memcpy(&node->ed25519_id, key, sizeof(node->ed25519_id));
324  old = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
325  if (old) {
326  char ed_id[BASE32_BUFSIZE(sizeof(key->pubkey))];
327 
328  base32_encode(ed_id, sizeof(ed_id), (const char *)key->pubkey,
329  sizeof(key->pubkey));
330  if (BUG(old == node)) {
331  /* Actual bug: all callers of this function call
332  * node_remove_from_ed25519_map first. */
333  log_err(LD_BUG,
334  "Unexpectedly found deleted node with ed25519_id %s", ed_id);
335  } else {
336  /* Distinct nodes sharing a ed25519 id, possibly due to relay
337  * misconfiguration. The key pinning might not catch this,
338  * possibly due to downloading a missing descriptor during
339  * consensus voting. */
340  node_log_dup_ed_id(old, node, ed_id);
341  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
342  }
343  return 0;
344  }
345 
346  HT_INSERT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
347  return 1;
348 }
349 
350 /* For a given <b>node</b> for the consensus <b>ns</b>, set the hsdir index
351  * for the node, both current and next if possible. This can only fails if the
352  * node_t ed25519 identity key can't be found which would be a bug. */
353 STATIC void
354 node_set_hsdir_index(node_t *node, const networkstatus_t *ns)
355 {
356  time_t now = approx_time();
357  const ed25519_public_key_t *node_identity_pk;
358  uint8_t *fetch_srv = NULL, *store_first_srv = NULL, *store_second_srv = NULL;
359  uint64_t next_time_period_num, current_time_period_num;
360  uint64_t fetch_tp, store_first_tp, store_second_tp;
361 
362  tor_assert(node);
363  tor_assert(ns);
364 
365  if (!networkstatus_is_live(ns, now)) {
366  static struct ratelim_t live_consensus_ratelim = RATELIM_INIT(30 * 60);
367  log_fn_ratelim(&live_consensus_ratelim, LOG_INFO, LD_GENERAL,
368  "Not setting hsdir index with a non-live consensus.");
369  goto done;
370  }
371 
372  node_identity_pk = node_get_ed25519_id(node);
373  if (node_identity_pk == NULL) {
374  log_debug(LD_GENERAL, "ed25519 identity public key not found when "
375  "trying to build the hsdir indexes for node %s",
376  node_describe(node));
377  goto done;
378  }
379 
380  /* Get the current and next time period number. */
381  current_time_period_num = hs_get_time_period_num(0);
382  next_time_period_num = hs_get_next_time_period_num(0);
383 
384  /* We always use the current time period for fetching descs */
385  fetch_tp = current_time_period_num;
386 
387  /* Now extract the needed SRVs and time periods for building hsdir indices */
388  if (hs_in_period_between_tp_and_srv(ns, now)) {
389  fetch_srv = hs_get_current_srv(fetch_tp, ns);
390 
391  store_first_tp = hs_get_previous_time_period_num(0);
392  store_second_tp = current_time_period_num;
393  } else {
394  fetch_srv = hs_get_previous_srv(fetch_tp, ns);
395 
396  store_first_tp = current_time_period_num;
397  store_second_tp = next_time_period_num;
398  }
399 
400  /* We always use the old SRV for storing the first descriptor and the latest
401  * SRV for storing the second descriptor */
402  store_first_srv = hs_get_previous_srv(store_first_tp, ns);
403  store_second_srv = hs_get_current_srv(store_second_tp, ns);
404 
405  /* Build the fetch index. */
406  hs_build_hsdir_index(node_identity_pk, fetch_srv, fetch_tp,
407  node->hsdir_index.fetch);
408 
409  /* If we are in the time segment between SRV#N and TP#N, the fetch index is
410  the same as the first store index */
411  if (!hs_in_period_between_tp_and_srv(ns, now)) {
412  memcpy(node->hsdir_index.store_first, node->hsdir_index.fetch,
413  sizeof(node->hsdir_index.store_first));
414  } else {
415  hs_build_hsdir_index(node_identity_pk, store_first_srv, store_first_tp,
416  node->hsdir_index.store_first);
417  }
418 
419  /* If we are in the time segment between TP#N and SRV#N+1, the fetch index is
420  the same as the second store index */
421  if (hs_in_period_between_tp_and_srv(ns, now)) {
422  memcpy(node->hsdir_index.store_second, node->hsdir_index.fetch,
423  sizeof(node->hsdir_index.store_second));
424  } else {
425  hs_build_hsdir_index(node_identity_pk, store_second_srv, store_second_tp,
426  node->hsdir_index.store_second);
427  }
428 
429  done:
430  tor_free(fetch_srv);
431  tor_free(store_first_srv);
432  tor_free(store_second_srv);
433  return;
434 }
435 
436 /** Called when a node's address changes. */
437 static void
439 {
440  node->last_reachable = node->last_reachable6 = 0;
441  node->country = -1;
442 }
443 
444 /** Add all address information about <b>node</b> to the current address
445  * set (if there is one).
446  */
447 static void
449 {
450  if (!the_nodelist || !the_nodelist->node_addrs)
451  return;
452 
453  /* These various address sources can be redundant, but it's likely faster
454  * to add them all than to compare them all for equality. */
455 
456  if (node->rs) {
457  if (!tor_addr_is_null(&node->rs->ipv4_addr))
458  nodelist_add_addr_to_address_set(&node->rs->ipv4_addr);
459  if (!tor_addr_is_null(&node->rs->ipv6_addr))
461  }
462  if (node->ri) {
463  if (!tor_addr_is_null(&node->ri->ipv4_addr))
465  if (!tor_addr_is_null(&node->ri->ipv6_addr))
467  }
468  if (node->md) {
469  if (!tor_addr_is_null(&node->md->ipv6_addr))
471  }
472 }
473 
474 /** Add the given address into the nodelist address set. */
475 void
477 {
478  if (BUG(!addr) || tor_addr_is_null(addr) ||
479  (!tor_addr_is_v4(addr) && !tor_addr_is_v6(addr)) ||
480  !the_nodelist || !the_nodelist->node_addrs) {
481  return;
482  }
483  address_set_add(the_nodelist->node_addrs, addr);
484 }
485 
486 /** Return true if <b>addr</b> is the address of some node in the nodelist.
487  * If not, probably return false. */
488 int
490 {
491  if (BUG(!addr))
492  return 0;
493 
494  if (!the_nodelist || !the_nodelist->node_addrs)
495  return 0;
496 
497  return address_set_probably_contains(the_nodelist->node_addrs, addr);
498 }
499 
500 /** Add <b>ri</b> to an appropriate node in the nodelist. If we replace an
501  * old routerinfo, and <b>ri_old_out</b> is not NULL, set *<b>ri_old_out</b>
502  * to the previous routerinfo.
503  */
504 node_t *
506 {
507  node_t *node;
508  const char *id_digest;
509  int had_router = 0;
510  tor_assert(ri);
511 
512  init_nodelist();
513  id_digest = ri->cache_info.identity_digest;
514  node = node_get_or_create(id_digest);
515 
517 
518  if (node->ri) {
519  if (!routers_have_same_or_addrs(node->ri, ri)) {
520  node_addrs_changed(node);
521  }
522  had_router = 1;
523  if (ri_old_out)
524  *ri_old_out = node->ri;
525  } else {
526  if (ri_old_out)
527  *ri_old_out = NULL;
528  }
529  node->ri = ri;
530 
532 
533  if (node->country == -1)
534  node_set_country(node);
535 
536  if (authdir_mode(get_options()) && !had_router) {
537  const char *discard=NULL;
538  uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
540  }
541 
542  /* Setting the HSDir index requires the ed25519 identity key which can
543  * only be found either in the ri or md. This is why this is called here.
544  * Only nodes supporting HSDir=2 protocol version needs this index. */
545  if (node->rs && node->rs->pv.supports_v3_hsdir) {
546  node_set_hsdir_index(node,
548  }
549 
551 
552  return node;
553 }
554 
555 /** Set the appropriate node_t to use <b>md</b> as its microdescriptor.
556  *
557  * Called when a new microdesc has arrived and the usable consensus flavor
558  * is "microdesc".
559  **/
560 node_t *
562 {
563  networkstatus_t *ns =
565  const routerstatus_t *rs;
566  node_t *node;
567  if (ns == NULL)
568  return NULL;
569  init_nodelist();
570 
571  /* Microdescriptors don't carry an identity digest, so we need to figure
572  * it out by looking up the routerstatus. */
574  if (rs == NULL)
575  return NULL;
577  if (node == NULL)
578  return NULL;
579 
581  if (node->md)
582  node->md->held_by_nodes--;
583 
584  node->md = md;
585  md->held_by_nodes++;
586  /* Setting the HSDir index requires the ed25519 identity key which can
587  * only be found either in the ri or md. This is why this is called here.
588  * Only nodes supporting HSDir=2 protocol version needs this index. */
589  if (rs->pv.supports_v3_hsdir) {
590  node_set_hsdir_index(node, ns);
591  }
594 
595  return node;
596 }
597 
598 /* Default value. */
599 #define ESTIMATED_ADDRESS_PER_NODE 2
600 
601 /* Return the estimated number of address per node_t. This is used for the
602  * size of the bloom filter in the nodelist (node_addrs). */
603 MOCK_IMPL(int,
604 get_estimated_address_per_node, (void))
605 {
606  return ESTIMATED_ADDRESS_PER_NODE;
607 }
608 
609 /** Tell the nodelist that the current usable consensus is <b>ns</b>.
610  * This makes the nodelist change all of the routerstatus entries for
611  * the nodes, drop nodes that no longer have enough info to get used,
612  * and grab microdescriptors into nodes as appropriate.
613  */
614 void
616 {
617  const or_options_t *options = get_options();
618  int authdir = authdir_mode_v3(options);
619 
620  init_nodelist();
621  if (ns->flavor == FLAV_MICRODESC)
622  (void) get_microdesc_cache(); /* Make sure it exists first. */
623 
624  SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
625  node->rs = NULL);
626 
627  /* Conservatively estimate that every node will have 2 addresses (v4 and
628  * v6). Then we add the number of configured trusted authorities we have. */
629  int estimated_addresses = smartlist_len(ns->routerstatus_list) *
630  get_estimated_address_per_node();
631  estimated_addresses += (get_n_authorities(V3_DIRINFO & BRIDGE_DIRINFO) *
632  get_estimated_address_per_node());
633  address_set_free(the_nodelist->node_addrs);
634  the_nodelist->node_addrs = address_set_new(estimated_addresses);
635 
637  node_t *node = node_get_or_create(rs->identity_digest);
638  node->rs = rs;
639  if (ns->flavor == FLAV_MICRODESC) {
640  if (node->md == NULL ||
641  tor_memneq(node->md->digest,rs->descriptor_digest,DIGEST256_LEN)) {
643  if (node->md)
644  node->md->held_by_nodes--;
645  node->md = microdesc_cache_lookup_by_digest256(NULL,
646  rs->descriptor_digest);
647  if (node->md)
648  node->md->held_by_nodes++;
650  }
651  }
652 
653  if (rs->pv.supports_v3_hsdir) {
654  node_set_hsdir_index(node, ns);
655  }
656  node_set_country(node);
657 
658  /* If we're not an authdir, believe others. */
659  if (!authdir) {
660  node->is_valid = rs->is_valid;
661  node->is_running = rs->is_flagged_running;
662  node->is_fast = rs->is_fast;
663  node->is_stable = rs->is_stable;
664  node->is_possible_guard = rs->is_possible_guard;
665  node->is_exit = rs->is_exit;
666  node->is_bad_exit = rs->is_bad_exit;
667  node->is_hs_dir = rs->is_hs_dir;
668  node->ipv6_preferred = 0;
670  (tor_addr_is_null(&rs->ipv6_addr) == 0 ||
671  (node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
672  node->ipv6_preferred = 1;
673  }
674 
675  } SMARTLIST_FOREACH_END(rs);
676 
677  nodelist_purge();
678 
679  /* Now add all the nodes we have to the address set. */
680  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
682  } SMARTLIST_FOREACH_END(node);
683  /* Then, add all trusted configured directories. Some might not be in the
684  * consensus so make sure we know them. */
686 
687  if (! authdir) {
688  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
689  /* We have no routerstatus for this router. Clear flags so we can skip
690  * it, maybe.*/
691  if (!node->rs) {
692  tor_assert(node->ri); /* if it had only an md, or nothing, purge
693  * would have removed it. */
694  if (node->ri->purpose == ROUTER_PURPOSE_GENERAL) {
695  /* Clear all flags. */
696  node->is_valid = node->is_running = node->is_hs_dir =
697  node->is_fast = node->is_stable =
698  node->is_possible_guard = node->is_exit =
699  node->is_bad_exit = node->ipv6_preferred = 0;
700  }
701  }
702  } SMARTLIST_FOREACH_END(node);
703  }
704 
705  /* If the consensus is live, note down the consensus valid-after that formed
706  * the nodelist. */
707  if (networkstatus_is_live(ns, approx_time())) {
708  the_nodelist->live_consensus_valid_after = ns->valid_after;
709  }
710 }
711 
712 /** Return 1 iff <b>node</b> has Exit flag and no BadExit flag.
713  * Otherwise, return 0.
714  */
715 int
717 {
718  return node->is_exit && ! node->is_bad_exit;
719 }
720 
721 /** Helper: return true iff a node has a usable amount of information*/
722 static inline int
723 node_is_usable(const node_t *node)
724 {
725  return (node->rs) || (node->ri);
726 }
727 
728 /** Tell the nodelist that <b>md</b> is no longer a microdescriptor for the
729  * node with <b>identity_digest</b>. */
730 void
731 nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
732 {
733  node_t *node = node_get_mutable_by_id(identity_digest);
734  if (node && node->md == md) {
735  node->md = NULL;
736  md->held_by_nodes--;
737  if (! node_get_ed25519_id(node)) {
739  }
740  }
741 }
742 
743 /** Tell the nodelist that <b>ri</b> is no longer in the routerlist. */
744 void
746 {
747  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
748  if (node && node->ri == ri) {
749  node->ri = NULL;
750  if (! node_is_usable(node)) {
751  nodelist_drop_node(node, 1);
752  node_free(node);
753  }
754  }
755 }
756 
757 /** Remove <b>node</b> from the nodelist. (Asserts that it was there to begin
758  * with.) */
759 static void
760 nodelist_drop_node(node_t *node, int remove_from_ht)
761 {
762  node_t *tmp;
763  int idx;
764  if (remove_from_ht) {
765  tmp = HT_REMOVE(nodelist_map, &the_nodelist->nodes_by_id, node);
766  tor_assert(tmp == node);
767  }
769 
770  idx = node->nodelist_idx;
771  tor_assert(idx >= 0);
772 
773  tor_assert(node == smartlist_get(the_nodelist->nodes, idx));
774  smartlist_del(the_nodelist->nodes, idx);
775  if (idx < smartlist_len(the_nodelist->nodes)) {
776  tmp = smartlist_get(the_nodelist->nodes, idx);
777  tmp->nodelist_idx = idx;
778  }
779  node->nodelist_idx = -1;
780 }
781 
782 /** Return a newly allocated smartlist of the nodes that have <b>md</b> as
783  * their microdescriptor. */
784 smartlist_t *
786 {
787  smartlist_t *result = smartlist_new();
788 
789  if (the_nodelist == NULL)
790  return result;
791 
792  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
793  if (node->md == md) {
794  smartlist_add(result, node);
795  }
796  } SMARTLIST_FOREACH_END(node);
797 
798  return result;
799 }
800 
801 /** Release storage held by <b>node</b> */
802 static void
804 {
805  if (!node)
806  return;
807  if (node->md)
808  node->md->held_by_nodes--;
809  tor_assert(node->nodelist_idx == -1);
810  tor_free(node);
811 }
812 
813 /** Remove all entries from the nodelist that don't have enough info to be
814  * usable for anything. */
815 void
817 {
818  node_t **iter;
819  if (PREDICT_UNLIKELY(the_nodelist == NULL))
820  return;
821 
822  /* Remove the non-usable nodes. */
823  for (iter = HT_START(nodelist_map, &the_nodelist->nodes_by_id); iter; ) {
824  node_t *node = *iter;
825 
826  if (node->md && !node->rs) {
827  /* An md is only useful if there is an rs. */
828  node->md->held_by_nodes--;
829  node->md = NULL;
830  }
831 
832  if (node_is_usable(node)) {
833  iter = HT_NEXT(nodelist_map, &the_nodelist->nodes_by_id, iter);
834  } else {
835  iter = HT_NEXT_RMV(nodelist_map, &the_nodelist->nodes_by_id, iter);
836  nodelist_drop_node(node, 0);
837  node_free(node);
838  }
839  }
841 }
842 
843 /** Release all storage held by the nodelist. */
844 void
846 {
847  if (PREDICT_UNLIKELY(the_nodelist == NULL))
848  return;
849 
850  HT_CLEAR(nodelist_map, &the_nodelist->nodes_by_id);
851  HT_CLEAR(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
852  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
853  node->nodelist_idx = -1;
854  node_free(node);
855  } SMARTLIST_FOREACH_END(node);
856 
857  smartlist_free(the_nodelist->nodes);
858 
859  address_set_free(the_nodelist->node_addrs);
860  the_nodelist->node_addrs = NULL;
861 
863 }
864 
865 /** Check that the nodelist is internally consistent, and consistent with
866  * the directory info it's derived from.
867  */
868 void
870 {
873  digestmap_t *dm;
874 
875  if (!the_nodelist)
876  return;
877 
878  dm = digestmap_new();
879 
880  /* every routerinfo in rl->routers should be in the nodelist. */
881  if (rl) {
883  const node_t *node = node_get_by_id(ri->cache_info.identity_digest);
884  tor_assert(node && node->ri == ri);
885  tor_assert(fast_memeq(ri->cache_info.identity_digest,
886  node->identity, DIGEST_LEN));
887  tor_assert(! digestmap_get(dm, node->identity));
888  digestmap_set(dm, node->identity, (void*)node);
889  } SMARTLIST_FOREACH_END(ri);
890  }
891 
892  /* every routerstatus in ns should be in the nodelist */
893  if (ns) {
895  const node_t *node = node_get_by_id(rs->identity_digest);
896  tor_assert(node && node->rs == rs);
897  tor_assert(fast_memeq(rs->identity_digest, node->identity, DIGEST_LEN));
898  digestmap_set(dm, node->identity, (void*)node);
899  if (ns->flavor == FLAV_MICRODESC) {
900  /* If it's a microdesc consensus, every entry that has a
901  * microdescriptor should be in the nodelist.
902  */
903  microdesc_t *md =
904  microdesc_cache_lookup_by_digest256(NULL, rs->descriptor_digest);
905  tor_assert(md == node->md);
906  if (md)
907  tor_assert(md->held_by_nodes >= 1);
908  }
909  } SMARTLIST_FOREACH_END(rs);
910  }
911 
912  /* The nodelist should have no other entries, and its entries should be
913  * well-formed. */
914  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
915  tor_assert(digestmap_get(dm, node->identity) != NULL);
916  tor_assert(node_sl_idx == node->nodelist_idx);
917  } SMARTLIST_FOREACH_END(node);
918 
919  /* Every node listed with an ed25519 identity should be listed by that
920  * identity.
921  */
922  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
923  if (!ed25519_public_key_is_zero(&node->ed25519_id)) {
925  }
926  } SMARTLIST_FOREACH_END(node);
927 
928  node_t **idx;
929  HT_FOREACH(idx, nodelist_ed_map, &the_nodelist->nodes_by_ed_id) {
930  node_t *node = *idx;
932  }
933 
934  tor_assert((long)smartlist_len(the_nodelist->nodes) ==
935  (long)HT_SIZE(&the_nodelist->nodes_by_id));
936 
937  tor_assert((long)smartlist_len(the_nodelist->nodes) >=
938  (long)HT_SIZE(&the_nodelist->nodes_by_ed_id));
939 
940  digestmap_free(dm, NULL);
941 }
942 
943 /** Ensure that the nodelist has been created with the most recent consensus.
944  * If that's not the case, make it so. */
945 void
947 {
948  tor_assert(ns);
949 
950  /* We don't even have a nodelist: this is a NOP. */
951  if (!the_nodelist) {
952  return;
953  }
954 
955  if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
956  log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
957  (int) the_nodelist->live_consensus_valid_after,
958  (int) ns->valid_after);
960  }
961 }
962 /** Return a list of a node_t * for every node we know about. The caller
963  * MUST NOT modify the list. (You can set and clear flags in the nodes if
964  * you must, but you must not add or remove nodes.) */
965 MOCK_IMPL(const smartlist_t *,
967 {
968  init_nodelist();
969  return the_nodelist->nodes;
970 }
971 
972 /** Given a hex-encoded nickname of the format DIGEST, $DIGEST, $DIGEST=name,
973  * or $DIGEST~name, return the node with the matching identity digest and
974  * nickname (if any). Return NULL if no such node exists, or if <b>hex_id</b>
975  * is not well-formed. DOCDOC flags */
976 const node_t *
977 node_get_by_hex_id(const char *hex_id, unsigned flags)
978 {
979  char digest_buf[DIGEST_LEN];
980  char nn_buf[MAX_NICKNAME_LEN+1];
981  char nn_char='\0';
982 
983  (void) flags; // XXXX
984 
985  if (hex_digest_nickname_decode(hex_id, digest_buf, &nn_char, nn_buf)==0) {
986  const node_t *node = node_get_by_id(digest_buf);
987  if (!node)
988  return NULL;
989  if (nn_char == '=') {
990  /* "=" indicates a Named relay, but there aren't any of those now. */
991  return NULL;
992  }
993  return node;
994  }
995 
996  return NULL;
997 }
998 
999 /** Given a nickname (possibly verbose, possibly a hexadecimal digest), return
1000  * the corresponding node_t, or NULL if none exists. Warn the user if they
1001  * have specified a router by nickname, unless the NNF_NO_WARN_UNNAMED bit is
1002  * set in <b>flags</b>. */
1003 MOCK_IMPL(const node_t *,
1004 node_get_by_nickname,(const char *nickname, unsigned flags))
1005 {
1006  const int warn_if_unnamed = !(flags & NNF_NO_WARN_UNNAMED);
1007 
1008  if (!the_nodelist)
1009  return NULL;
1010 
1011  /* Handle these cases: DIGEST, $DIGEST, $DIGEST=name, $DIGEST~name. */
1012  {
1013  const node_t *node;
1014  if ((node = node_get_by_hex_id(nickname, flags)) != NULL)
1015  return node;
1016  }
1017 
1018  if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1019  return NULL;
1020 
1021  /* Okay, so the name is not canonical for anybody. */
1022  {
1023  smartlist_t *matches = smartlist_new();
1024  const node_t *choice = NULL;
1025 
1026  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1027  if (!strcasecmp(node_get_nickname(node), nickname))
1028  smartlist_add(matches, node);
1029  } SMARTLIST_FOREACH_END(node);
1030 
1031  if (smartlist_len(matches)>1 && warn_if_unnamed) {
1032  int any_unwarned = 0;
1033  SMARTLIST_FOREACH_BEGIN(matches, node_t *, node) {
1034  if (!node->name_lookup_warned) {
1035  node->name_lookup_warned = 1;
1036  any_unwarned = 1;
1037  }
1038  } SMARTLIST_FOREACH_END(node);
1039 
1040  if (any_unwarned) {
1041  log_warn(LD_CONFIG, "There are multiple matches for the name %s. "
1042  "Choosing one arbitrarily.", nickname);
1043  }
1044  } else if (smartlist_len(matches)==1 && warn_if_unnamed) {
1045  char fp[HEX_DIGEST_LEN+1];
1046  node_t *node = smartlist_get(matches, 0);
1047  if (! node->name_lookup_warned) {
1048  base16_encode(fp, sizeof(fp), node->identity, DIGEST_LEN);
1049  log_warn(LD_CONFIG,
1050  "You specified a relay \"%s\" by name, but nicknames can be "
1051  "used by any relay, not just the one you meant. "
1052  "To make sure you get the same relay in the future, refer "
1053  "to it by key, as \"$%s\".", nickname, fp);
1054  node->name_lookup_warned = 1;
1055  }
1056  }
1057 
1058  if (smartlist_len(matches))
1059  choice = smartlist_get(matches, 0);
1060 
1061  smartlist_free(matches);
1062  return choice;
1063  }
1064 }
1065 
1066 /** Return the Ed25519 identity key for the provided node, or NULL if it
1067  * doesn't have one. */
1070 {
1071  const ed25519_public_key_t *ri_pk = NULL;
1072  const ed25519_public_key_t *md_pk = NULL;
1073 
1074  if (node->ri) {
1075  if (node->ri->cache_info.signing_key_cert) {
1076  ri_pk = &node->ri->cache_info.signing_key_cert->signing_key;
1077  /* Checking whether routerinfo ed25519 is all zero.
1078  * Our descriptor parser should make sure this never happens. */
1079  if (BUG(ed25519_public_key_is_zero(ri_pk)))
1080  ri_pk = NULL;
1081  }
1082  }
1083 
1084  if (node->md) {
1085  if (node->md->ed25519_identity_pkey) {
1086  md_pk = node->md->ed25519_identity_pkey;
1087  /* Checking whether microdesc ed25519 is all zero.
1088  * Our descriptor parser should make sure this never happens. */
1089  if (BUG(ed25519_public_key_is_zero(md_pk)))
1090  md_pk = NULL;
1091  }
1092  }
1093 
1094  if (ri_pk && md_pk) {
1095  if (ed25519_pubkey_eq(ri_pk, md_pk)) {
1096  return ri_pk;
1097  } else {
1098  /* This can happen if the relay gets flagged NoEdConsensus which will be
1099  * triggered on all relays of the network. Thus a protocol warning. */
1100  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1101  "Inconsistent ed25519 identities in the nodelist");
1102  return NULL;
1103  }
1104  } else if (ri_pk) {
1105  return ri_pk;
1106  } else {
1107  return md_pk;
1108  }
1109 }
1110 
1111 /** Return true iff this node's Ed25519 identity matches <b>id</b>.
1112  * (An absent Ed25519 identity matches NULL or zero.) */
1113 int
1115 {
1116  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
1117  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
1118  return id == NULL || ed25519_public_key_is_zero(id);
1119  } else {
1120  return id && ed25519_pubkey_eq(node_id, id);
1121  }
1122 }
1123 
1124 /** Dummy object that should be unreturnable. Used to ensure that
1125  * node_get_protover_summary_flags() always returns non-NULL. */
1127  0,0,0,0,0,0,0,0,0,0,0,0
1128 };
1129 
1130 /** Return the protover_summary_flags for a given node. */
1131 static const protover_summary_flags_t *
1133 {
1134  if (node->rs) {
1135  return &node->rs->pv;
1136  } else if (node->ri) {
1137  return &node->ri->pv;
1138  } else {
1139  /* This should be impossible: every node should have a routerstatus or a
1140  * router descriptor or both. But just in case we've messed up somehow,
1141  * return a nice empty set of flags to indicate "this node supports
1142  * nothing." */
1143  tor_assert_nonfatal_unreached_once();
1144  return &zero_protover_flags;
1145  }
1146 }
1147 
1148 /** Return true iff <b>node</b> supports authenticating itself
1149  * by ed25519 ID during the link handshake. If <b>compatible_with_us</b>,
1150  * it needs to be using a link authentication method that we understand.
1151  * If not, any plausible link authentication method will do. */
1152 MOCK_IMPL(bool,
1154  bool compatible_with_us))
1155 {
1156  if (! node_get_ed25519_id(node))
1157  return 0;
1158 
1160 
1161  if (compatible_with_us)
1163  else
1165 }
1166 
1167 /** Return true iff <b>node</b> supports the hidden service directory version
1168  * 3 protocol (proposal 224). */
1169 bool
1171 {
1172  tor_assert(node);
1173 
1175 }
1176 
1177 /** Return true iff <b>node</b> supports ed25519 authentication as an hidden
1178  * service introduction point.*/
1179 bool
1181 {
1182  tor_assert(node);
1183 
1185 }
1186 
1187 /** Return true iff <b>node</b> can be a rendezvous point for hidden
1188  * service version 3 (HSRend=2). */
1189 bool
1191 {
1192  tor_assert(node);
1193 
1194  /* We can't use a v3 rendezvous point without the curve25519 onion pk. */
1195  if (!node_get_curve25519_onion_key(node)) {
1196  return 0;
1197  }
1198 
1200 }
1201 
1202 /** Return true iff <b>node</b> supports the DoS ESTABLISH_INTRO cell
1203  * extenstion. */
1204 bool
1206 {
1207  tor_assert(node);
1208 
1209  return node_get_protover_summary_flags(node)->
1210  supports_establish_intro_dos_extension;
1211 }
1212 
1213 /** Return true iff <b>node</b> can initiate IPv6 extends (Relay=3).
1214  *
1215  * This check should only be performed by client path selection code.
1216  *
1217  * Extending relays should check their own IPv6 support using
1218  * router_can_extend_over_ipv6(). Like other extends, they should not verify
1219  * the link specifiers in the extend cell against the consensus, because it
1220  * may be out of date. */
1221 bool
1223 {
1224  tor_assert(node);
1225 
1226  /* Relays can't initiate an IPv6 extend, unless they have an IPv6 ORPort. */
1227  if (!node_has_ipv6_orport(node)) {
1228  return 0;
1229  }
1230 
1231  /* Initiating relays also need to support the relevant protocol version. */
1232  return
1234 }
1235 
1236 /** Return true iff <b>node</b> can accept IPv6 extends (Relay=2 or Relay=3)
1237  * from other relays. If <b>need_canonical_ipv6_conn</b> is true, also check
1238  * if the relay supports canonical IPv6 connections (Relay=3 only).
1239  *
1240  * This check should only be performed by client path selection code.
1241  */
1242 bool
1244  bool need_canonical_ipv6_conn)
1245 {
1246  tor_assert(node);
1247 
1248  /* Relays can't accept an IPv6 extend, unless they have an IPv6 ORPort. */
1249  if (!node_has_ipv6_orport(node)) {
1250  return 0;
1251  }
1252 
1253  /* Accepting relays also need to support the relevant protocol version. */
1254  if (need_canonical_ipv6_conn) {
1255  return
1257  } else {
1258  return
1260  }
1261 }
1262 
1263 /** Return the RSA ID key's SHA1 digest for the provided node. */
1264 const uint8_t *
1266 {
1267  tor_assert(node);
1268  return (const uint8_t*)node->identity;
1269 }
1270 
1271 /* Returns a new smartlist with all possible link specifiers from node:
1272  * - legacy ID is mandatory thus MUST be present in node;
1273  * - include ed25519 link specifier if present in the node, and the node
1274  * supports ed25519 link authentication, and:
1275  * - if direct_conn is true, its link versions are compatible with us,
1276  * - if direct_conn is false, regardless of its link versions;
1277  * - include IPv4 link specifier, if the primary address is not IPv4, log a
1278  * BUG() warning, and return an empty smartlist;
1279  * - include IPv6 link specifier if present in the node.
1280  *
1281  * If node is NULL, returns an empty smartlist.
1282  *
1283  * The smartlist must be freed using link_specifier_smartlist_free(). */
1285 node_get_link_specifier_smartlist,(const node_t *node, bool direct_conn))
1286 {
1287  link_specifier_t *ls;
1288  tor_addr_port_t ap;
1289  smartlist_t *lspecs = smartlist_new();
1290 
1291  if (!node)
1292  return lspecs;
1293 
1294  /* Get the relay's IPv4 address. */
1295  node_get_prim_orport(node, &ap);
1296 
1297  /* We expect the node's primary address to be a valid IPv4 address.
1298  * This conforms to the protocol, which requires either an IPv4 or IPv6
1299  * address (or both). */
1300  if (BUG(!tor_addr_is_v4(&ap.addr)) ||
1301  BUG(!tor_addr_port_is_valid_ap(&ap, 0))) {
1302  return lspecs;
1303  }
1304 
1305  ls = link_specifier_new();
1306  link_specifier_set_ls_type(ls, LS_IPV4);
1307  link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ap.addr));
1308  link_specifier_set_un_ipv4_port(ls, ap.port);
1309  /* Four bytes IPv4 and two bytes port. */
1310  link_specifier_set_ls_len(ls, sizeof(ap.addr.addr.in_addr) +
1311  sizeof(ap.port));
1312  smartlist_add(lspecs, ls);
1313 
1314  /* Legacy ID is mandatory and will always be present in node. */
1315  ls = link_specifier_new();
1316  link_specifier_set_ls_type(ls, LS_LEGACY_ID);
1317  memcpy(link_specifier_getarray_un_legacy_id(ls), node->identity,
1318  link_specifier_getlen_un_legacy_id(ls));
1319  link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
1320  smartlist_add(lspecs, ls);
1321 
1322  /* ed25519 ID is only included if the node has it, and the node declares a
1323  protocol version that supports ed25519 link authentication.
1324  If direct_conn is true, we also require that the node's link version is
1325  compatible with us. (Otherwise, we will be sending the ed25519 key
1326  to another tor, which may support different link versions.) */
1327  if (!ed25519_public_key_is_zero(&node->ed25519_id) &&
1328  node_supports_ed25519_link_authentication(node, direct_conn)) {
1329  ls = link_specifier_new();
1330  link_specifier_set_ls_type(ls, LS_ED25519_ID);
1331  memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id,
1332  link_specifier_getlen_un_ed25519_id(ls));
1333  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
1334  smartlist_add(lspecs, ls);
1335  }
1336 
1337  /* Check for IPv6. If so, include it as well. */
1338  if (node_has_ipv6_orport(node)) {
1339  ls = link_specifier_new();
1340  node_get_pref_ipv6_orport(node, &ap);
1341  link_specifier_set_ls_type(ls, LS_IPV6);
1342  size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls);
1343  const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ap.addr);
1344  uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls);
1345  memcpy(ipv6_array, in6_addr, addr_len);
1346  link_specifier_set_un_ipv6_port(ls, ap.port);
1347  /* Sixteen bytes IPv6 and two bytes port. */
1348  link_specifier_set_ls_len(ls, addr_len + sizeof(ap.port));
1349  smartlist_add(lspecs, ls);
1350  }
1351 
1352  return lspecs;
1353 }
1354 
1355 /* Free a link specifier list. */
1356 void
1357 link_specifier_smartlist_free_(smartlist_t *ls_list)
1358 {
1359  if (!ls_list)
1360  return;
1361 
1362  SMARTLIST_FOREACH(ls_list, link_specifier_t *, lspec,
1363  link_specifier_free(lspec));
1364  smartlist_free(ls_list);
1365 }
1366 
1367 /** Return the nickname of <b>node</b>, or NULL if we can't find one. */
1368 const char *
1370 {
1371  tor_assert(node);
1372  if (node->rs)
1373  return node->rs->nickname;
1374  else if (node->ri)
1375  return node->ri->nickname;
1376  else
1377  return NULL;
1378 }
1379 
1380 /** Return true iff <b>node</b> appears to be a directory authority or
1381  * directory cache */
1382 int
1383 node_is_dir(const node_t *node)
1384 {
1385  if (node->rs) {
1386  routerstatus_t * rs = node->rs;
1387  /* This is true if supports_tunnelled_dir_requests is true which
1388  * indicates that we support directory request tunnelled or through the
1389  * DirPort. */
1390  return rs->is_v2_dir;
1391  } else if (node->ri) {
1392  routerinfo_t * ri = node->ri;
1393  /* Both tunnelled request is supported or DirPort is set. */
1395  } else {
1396  return 0;
1397  }
1398 }
1399 
1400 /** Return true iff <b>node</b> has either kind of descriptor -- that
1401  * is, a routerdescriptor or a microdescriptor.
1402  *
1403  * You should probably use node_has_preferred_descriptor() instead.
1404  **/
1405 int
1407 {
1408  return (node->ri ||
1409  (node->rs && node->md));
1410 }
1411 
1412 /** Return true iff <b>node</b> has the kind of descriptor we would prefer to
1413  * use for it, given our configuration and how we intend to use the node.
1414  *
1415  * If <b>for_direct_connect</b> is true, we intend to connect to the node
1416  * directly, as the first hop of a circuit; otherwise, we intend to connect to
1417  * it indirectly, or use it as if we were connecting to it indirectly. */
1418 int
1420  int for_direct_connect)
1421 {
1422  const int is_bridge = node_is_a_configured_bridge(node);
1423  const int we_use_mds = we_use_microdescriptors_for_circuits(get_options());
1424 
1425  if ((is_bridge && for_direct_connect) || !we_use_mds) {
1426  /* We need an ri in this case. */
1427  if (!node->ri)
1428  return 0;
1429  } else {
1430  /* Otherwise we need an rs and an md. */
1431  if (node->rs == NULL || node->md == NULL)
1432  return 0;
1433  }
1434 
1435  return 1;
1436 }
1437 
1438 /** Return the router_purpose of <b>node</b>. */
1439 int
1441 {
1442  if (node->ri)
1443  return node->ri->purpose;
1444  else
1445  return ROUTER_PURPOSE_GENERAL;
1446 }
1447 
1448 /** Compute the verbose ("extended") nickname of <b>node</b> and store it
1449  * into the MAX_VERBOSE_NICKNAME_LEN+1 character buffer at
1450  * <b>verbose_name_out</b> */
1451 void
1453  char *verbose_name_out)
1454 {
1455  const char *nickname = node_get_nickname(node);
1456  verbose_name_out[0] = '$';
1457  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, node->identity,
1458  DIGEST_LEN);
1459  if (!nickname)
1460  return;
1461  verbose_name_out[1+HEX_DIGEST_LEN] = '~';
1462  strlcpy(verbose_name_out+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
1463 }
1464 
1465 /** Compute the verbose ("extended") nickname of node with
1466  * given <b>id_digest</b> and store it into the MAX_VERBOSE_NICKNAME_LEN+1
1467  * character buffer at <b>verbose_name_out</b>
1468  *
1469  * If node_get_by_id() returns NULL, base 16 encoding of
1470  * <b>id_digest</b> is returned instead. */
1471 void
1472 node_get_verbose_nickname_by_id(const char *id_digest,
1473  char *verbose_name_out)
1474 {
1475  const node_t *node = node_get_by_id(id_digest);
1476  if (!node) {
1477  verbose_name_out[0] = '$';
1478  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
1479  } else {
1480  node_get_verbose_nickname(node, verbose_name_out);
1481  }
1482 }
1483 
1484 /** Return true iff it seems that <b>node</b> allows circuits to exit
1485  * through it directlry from the client. */
1486 int
1488 {
1489  if (node && node->ri)
1490  return node->ri->allow_single_hop_exits;
1491  else
1492  return 0;
1493 }
1494 
1495 /** Return true iff it seems that <b>node</b> has an exit policy that doesn't
1496  * actually permit anything to exit, or we don't know its exit policy */
1497 int
1499 {
1500  if (node->rejects_all)
1501  return 1;
1502 
1503  if (node->ri)
1504  return node->ri->policy_is_reject_star;
1505  else if (node->md)
1506  return node->md->policy_is_reject_star;
1507  else
1508  return 1;
1509 }
1510 
1511 /** Return true iff the exit policy for <b>node</b> is such that we can treat
1512  * rejecting an address of type <b>family</b> unexpectedly as a sign of that
1513  * node's failure. */
1514 int
1516 {
1517  if (family == AF_UNSPEC) {
1518  return 1; /* Rejecting an address but not telling us what address
1519  * is a bad sign. */
1520  } else if (family == AF_INET) {
1521  return node->ri != NULL;
1522  } else if (family == AF_INET6) {
1523  return 0;
1524  }
1526  return 1;
1527 }
1528 
1529 /* Check if the "addr" and port_field fields from r are a valid non-listening
1530  * address/port. If so, set valid to true and add a newly allocated
1531  * tor_addr_port_t containing "addr" and port_field to sl.
1532  * "addr" is an IPv4 host-order address and port_field is a uint16_t.
1533  * r is typically a routerinfo_t or routerstatus_t.
1534  */
1535 #define SL_ADD_NEW_AP(r, addr_field, port_field, sl, valid) \
1536  STMT_BEGIN \
1537  if (tor_addr_port_is_valid(&(r)->addr_field, (r)->port_field, 0)) { \
1538  valid = 1; \
1539  tor_addr_port_t *ap = tor_addr_port_new(&(r)->addr_field, \
1540  (r)->port_field); \
1541  smartlist_add((sl), ap); \
1542  } \
1543  STMT_END
1544 
1545 /** Return list of tor_addr_port_t with all OR ports (in the sense IP
1546  * addr + TCP port) for <b>node</b>. Caller must free all elements
1547  * using tor_free() and free the list using smartlist_free().
1548  *
1549  * XXX this is potentially a memory fragmentation hog -- if on
1550  * critical path consider the option of having the caller allocate the
1551  * memory
1552  */
1553 smartlist_t *
1555 {
1556  smartlist_t *sl = smartlist_new();
1557  int valid = 0;
1558 
1559  /* Find a valid IPv4 address and port */
1560  if (node->ri != NULL) {
1561  SL_ADD_NEW_AP(node->ri, ipv4_addr, ipv4_orport, sl, valid);
1562  }
1563 
1564  /* If we didn't find a valid address/port in the ri, try the rs */
1565  if (!valid && node->rs != NULL) {
1566  SL_ADD_NEW_AP(node->rs, ipv4_addr, ipv4_orport, sl, valid);
1567  }
1568 
1569  /* Find a valid IPv6 address and port */
1570  valid = 0;
1571  if (node->ri != NULL) {
1572  SL_ADD_NEW_AP(node->ri, ipv6_addr, ipv6_orport, sl, valid);
1573  }
1574 
1575  if (!valid && node->rs != NULL) {
1576  SL_ADD_NEW_AP(node->rs, ipv6_addr, ipv6_orport, sl, valid);
1577  }
1578 
1579  if (!valid && node->md != NULL) {
1580  SL_ADD_NEW_AP(node->md, ipv6_addr, ipv6_orport, sl, valid);
1581  }
1582 
1583  return sl;
1584 }
1585 
1586 #undef SL_ADD_NEW_AP
1587 
1588 /** Wrapper around node_get_prim_orport for backward
1589  compatibility. */
1590 void
1591 node_get_addr(const node_t *node, tor_addr_t *addr_out)
1592 {
1593  tor_addr_port_t ap;
1594  node_get_prim_orport(node, &ap);
1595  tor_addr_copy(addr_out, &ap.addr);
1596 }
1597 
1598 /** Return the IPv4 address for <b>node</b>, or NULL if none found. */
1599 static const tor_addr_t *
1601 {
1602  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1603  * and the node might have a valid IPv4 address, yet have a zero
1604  * ORPort or DirPort.
1605  */
1606  if (node->ri && tor_addr_is_valid(&node->ri->ipv4_addr, 0)) {
1607  return &node->ri->ipv4_addr;
1608  } else if (node->rs && tor_addr_is_valid(&node->rs->ipv4_addr, 0)) {
1609  return &node->rs->ipv4_addr;
1610  }
1611  return NULL;
1612 }
1613 
1614 /** Copy a string representation of an IP address for <b>node</b> into
1615  * the <b>len</b>-byte buffer at <b>buf</b>. */
1616 void
1617 node_get_address_string(const node_t *node, char *buf, size_t len)
1618 {
1619  const tor_addr_t *ipv4_addr = node_get_prim_addr_ipv4(node);
1620 
1621  if (ipv4_addr) {
1622  tor_addr_to_str(buf, ipv4_addr, len, 0);
1623  } else if (len > 0) {
1624  buf[0] = '\0';
1625  }
1626 }
1627 
1628 /** Return <b>node</b>'s declared uptime, or -1 if it doesn't seem to have
1629  * one. */
1630 long
1632 {
1633  if (node->ri)
1634  return node->ri->uptime;
1635  else
1636  return -1;
1637 }
1638 
1639 /** Return <b>node</b>'s platform string, or NULL if we don't know it. */
1640 const char *
1642 {
1643  /* If we wanted, we could record the version in the routerstatus_t, since
1644  * the consensus lists it. We don't, though, so this function just won't
1645  * work with microdescriptors. */
1646  if (node->ri)
1647  return node->ri->platform;
1648  else
1649  return NULL;
1650 }
1651 
1652 /** Return true iff <b>node</b> is one representing this router. */
1653 int
1654 node_is_me(const node_t *node)
1655 {
1656  return router_digest_is_me(node->identity);
1657 }
1658 
1659 /* Does this node have a valid IPv6 address?
1660  * Prefer node_has_ipv6_orport() or node_has_ipv6_dirport() for
1661  * checking specific ports. */
1662 int
1663 node_has_ipv6_addr(const node_t *node)
1664 {
1665  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1666  * and the node might have a valid IPv6 address, yet have a zero
1667  * ORPort or DirPort.
1668  */
1669  if (node->ri && tor_addr_is_valid(&node->ri->ipv6_addr, 0))
1670  return 1;
1671  if (node->rs && tor_addr_is_valid(&node->rs->ipv6_addr, 0))
1672  return 1;
1673  if (node->md && tor_addr_is_valid(&node->md->ipv6_addr, 0))
1674  return 1;
1675 
1676  return 0;
1677 }
1678 
1679 /* Does this node have a valid IPv6 ORPort? */
1680 int
1681 node_has_ipv6_orport(const node_t *node)
1682 {
1683  tor_addr_port_t ipv6_orport;
1684  node_get_pref_ipv6_orport(node, &ipv6_orport);
1685  return tor_addr_port_is_valid_ap(&ipv6_orport, 0);
1686 }
1687 
1688 /* Does this node have a valid IPv6 DirPort? */
1689 int
1690 node_has_ipv6_dirport(const node_t *node)
1691 {
1692  tor_addr_port_t ipv6_dirport;
1693  node_get_pref_ipv6_dirport(node, &ipv6_dirport);
1694  return tor_addr_port_is_valid_ap(&ipv6_dirport, 0);
1695 }
1696 
1697 /** Return 1 if we prefer the IPv6 address and OR TCP port of
1698  * <b>node</b>, else 0.
1699  *
1700  * We prefer the IPv6 address if the router has an IPv6 address,
1701  * and we can use IPv6 addresses, and:
1702  * i) the node_t says that it prefers IPv6
1703  * or
1704  * ii) the router has no IPv4 OR address.
1705  *
1706  * If you don't have a node, consider looking it up.
1707  * If there is no node, use fascist_firewall_prefer_ipv6_orport().
1708  */
1709 int
1711 {
1712  const or_options_t *options = get_options();
1713  tor_addr_port_t ipv4_addr;
1714  node_assert_ok(node);
1715 
1716  /* XX/teor - node->ipv6_preferred is set from
1717  * fascist_firewall_prefer_ipv6_orport() each time the consensus is loaded.
1718  */
1719  node_get_prim_orport(node, &ipv4_addr);
1720  if (!fascist_firewall_use_ipv6(options)) {
1721  return 0;
1722  } else if (node->ipv6_preferred ||
1723  !tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
1724  return node_has_ipv6_orport(node);
1725  }
1726  return 0;
1727 }
1728 
1729 #define RETURN_IPV4_AP(r, port_field, ap_out) \
1730  STMT_BEGIN \
1731  if (r && tor_addr_port_is_valid(&(r)->ipv4_addr, (r)->port_field, 0)) { \
1732  tor_addr_copy(&(ap_out)->addr, &(r)->ipv4_addr); \
1733  (ap_out)->port = (r)->port_field; \
1734  } \
1735  STMT_END
1736 
1737 /** Copy the primary (IPv4) OR port (IP address and TCP port) for <b>node</b>
1738  * into *<b>ap_out</b>. */
1739 void
1741 {
1742  node_assert_ok(node);
1743  tor_assert(ap_out);
1744 
1745  /* Clear the address, as a safety precaution if calling functions ignore the
1746  * return value */
1747  tor_addr_make_null(&ap_out->addr, AF_INET);
1748  ap_out->port = 0;
1749 
1750  /* Check ri first, because rewrite_node_address_for_bridge() updates
1751  * node->ri with the configured bridge address. */
1752 
1753  RETURN_IPV4_AP(node->ri, ipv4_orport, ap_out);
1754  RETURN_IPV4_AP(node->rs, ipv4_orport, ap_out);
1755  /* Microdescriptors only have an IPv6 address */
1756 }
1757 
1758 /** Copy the preferred OR port (IP address and TCP port) for
1759  * <b>node</b> into *<b>ap_out</b>. */
1760 void
1762 {
1763  tor_assert(ap_out);
1764 
1765  if (node_ipv6_or_preferred(node)) {
1766  node_get_pref_ipv6_orport(node, ap_out);
1767  } else {
1768  /* the primary ORPort is always on IPv4 */
1769  node_get_prim_orport(node, ap_out);
1770  }
1771 }
1772 
1773 /** Copy the preferred IPv6 OR port (IP address and TCP port) for
1774  * <b>node</b> into *<b>ap_out</b>. */
1775 void
1777 {
1778  node_assert_ok(node);
1779  tor_assert(ap_out);
1780  memset(ap_out, 0, sizeof(*ap_out));
1781 
1782  /* Check ri first, because rewrite_node_address_for_bridge() updates
1783  * node->ri with the configured bridge address.
1784  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1785  * Check if the address or port are valid, and try another alternative
1786  * if they are not. */
1787 
1788  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1789  node->ri->ipv6_orport, 0)) {
1790  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1791  ap_out->port = node->ri->ipv6_orport;
1792  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1793  node->rs->ipv6_orport, 0)) {
1794  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1795  ap_out->port = node->rs->ipv6_orport;
1796  } else if (node->md && tor_addr_port_is_valid(&node->md->ipv6_addr,
1797  node->md->ipv6_orport, 0)) {
1798  tor_addr_copy(&ap_out->addr, &node->md->ipv6_addr);
1799  ap_out->port = node->md->ipv6_orport;
1800  } else {
1801  tor_addr_make_null(&ap_out->addr, AF_INET6);
1802  ap_out->port = 0;
1803  }
1804 }
1805 
1806 /** Return 1 if we prefer the IPv6 address and Dir TCP port of
1807  * <b>node</b>, else 0.
1808  *
1809  * We prefer the IPv6 address if the router has an IPv6 address,
1810  * and we can use IPv6 addresses, and:
1811  * i) the router has no IPv4 Dir address.
1812  * or
1813  * ii) our preference is for IPv6 Dir addresses.
1814  *
1815  * If there is no node, use fascist_firewall_prefer_ipv6_dirport().
1816  */
1817 int
1819 {
1820  const or_options_t *options = get_options();
1821  tor_addr_port_t ipv4_addr;
1822  node_assert_ok(node);
1823 
1824  /* node->ipv6_preferred is set from fascist_firewall_prefer_ipv6_orport(),
1825  * so we can't use it to determine DirPort IPv6 preference.
1826  * This means that bridge clients will use IPv4 DirPorts by default.
1827  */
1828  node_get_prim_dirport(node, &ipv4_addr);
1829  if (!fascist_firewall_use_ipv6(options)) {
1830  return 0;
1831  } else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
1833  return node_has_ipv6_dirport(node);
1834  }
1835  return 0;
1836 }
1837 
1838 /** Copy the primary (IPv4) Dir port (IP address and TCP port) for <b>node</b>
1839  * into *<b>ap_out</b>. */
1840 void
1842 {
1843  node_assert_ok(node);
1844  tor_assert(ap_out);
1845 
1846  /* Clear the address, as a safety precaution if calling functions ignore the
1847  * return value */
1848  tor_addr_make_null(&ap_out->addr, AF_INET);
1849  ap_out->port = 0;
1850 
1851  /* Check ri first, because rewrite_node_address_for_bridge() updates
1852  * node->ri with the configured bridge address. */
1853 
1854  RETURN_IPV4_AP(node->ri, ipv4_dirport, ap_out);
1855  RETURN_IPV4_AP(node->rs, ipv4_dirport, ap_out);
1856  /* Microdescriptors only have an IPv6 address */
1857 }
1858 
1859 #undef RETURN_IPV4_AP
1860 
1861 /** Copy the preferred Dir port (IP address and TCP port) for
1862  * <b>node</b> into *<b>ap_out</b>. */
1863 void
1865 {
1866  tor_assert(ap_out);
1867 
1868  if (node_ipv6_dir_preferred(node)) {
1869  node_get_pref_ipv6_dirport(node, ap_out);
1870  } else {
1871  /* the primary DirPort is always on IPv4 */
1872  node_get_prim_dirport(node, ap_out);
1873  }
1874 }
1875 
1876 /** Copy the preferred IPv6 Dir port (IP address and TCP port) for
1877  * <b>node</b> into *<b>ap_out</b>. */
1878 void
1880 {
1881  node_assert_ok(node);
1882  tor_assert(ap_out);
1883 
1884  /* Check ri first, because rewrite_node_address_for_bridge() updates
1885  * node->ri with the configured bridge address.
1886  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1887  * Check if the address or port are valid, and try another alternative
1888  * if they are not. */
1889 
1890  /* Assume IPv4 and IPv6 dirports are the same */
1891  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1892  node->ri->ipv4_dirport, 0)) {
1893  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1894  ap_out->port = node->ri->ipv4_dirport;
1895  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1896  node->rs->ipv4_dirport, 0)) {
1897  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1898  ap_out->port = node->rs->ipv4_dirport;
1899  } else {
1900  tor_addr_make_null(&ap_out->addr, AF_INET6);
1901  ap_out->port = 0;
1902  }
1903 }
1904 
1905 /** Return true iff <b>md</b> has a curve25519 onion key.
1906  * Use node_has_curve25519_onion_key() instead of calling this directly. */
1907 static int
1909 {
1910  if (!md) {
1911  return 0;
1912  }
1913 
1914  if (!md->onion_curve25519_pkey) {
1915  return 0;
1916  }
1917 
1918  if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
1920  return 0;
1921  }
1922 
1923  return 1;
1924 }
1925 
1926 /** Return true iff <b>node</b> has a curve25519 onion key. */
1927 int
1929 {
1930  return node_get_curve25519_onion_key(node) != NULL;
1931 }
1932 
1933 /** Return the curve25519 key of <b>node</b>, or NULL if none. */
1936 {
1937  if (!node)
1938  return NULL;
1939  if (routerinfo_has_curve25519_onion_key(node->ri))
1940  return node->ri->onion_curve25519_pkey;
1941  else if (microdesc_has_curve25519_onion_key(node->md))
1942  return node->md->onion_curve25519_pkey;
1943  else
1944  return NULL;
1945 }
1946 
1947 /* Return a newly allocacted RSA onion public key taken from the given node.
1948  *
1949  * Return NULL if node is NULL or no RSA onion public key can be found. It is
1950  * the caller responsability to free the returned object. */
1951 crypto_pk_t *
1952 node_get_rsa_onion_key(const node_t *node)
1953 {
1954  crypto_pk_t *pk = NULL;
1955  const char *onion_pkey;
1956  size_t onion_pkey_len;
1957 
1958  if (!node) {
1959  goto end;
1960  }
1961 
1962  if (node->ri) {
1963  onion_pkey = node->ri->onion_pkey;
1964  onion_pkey_len = node->ri->onion_pkey_len;
1965  } else if (node->rs && node->md) {
1966  onion_pkey = node->md->onion_pkey;
1967  onion_pkey_len = node->md->onion_pkey_len;
1968  } else {
1969  /* No descriptor or microdescriptor. */
1970  goto end;
1971  }
1972  pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
1973 
1974  end:
1975  return pk;
1976 }
1977 
1978 /** Refresh the country code of <b>ri</b>. This function MUST be called on
1979  * each router when the GeoIP database is reloaded, and on all new routers. */
1980 void
1982 {
1983  const tor_addr_t *ipv4_addr = NULL;
1984 
1985  /* XXXXipv6 */
1986  if (node->rs)
1987  ipv4_addr = &node->rs->ipv4_addr;
1988  else if (node->ri)
1989  ipv4_addr = &node->ri->ipv4_addr;
1990 
1991  /* IPv4 is mandatory for a relay so this should not happen unless we are
1992  * attempting to set the country code on a node without a descriptor. */
1993  if (BUG(!ipv4_addr)) {
1994  node->country = -1;
1995  return;
1996  }
1997  node->country = geoip_get_country_by_addr(ipv4_addr);
1998 }
1999 
2000 /** Set the country code of all routers in the routerlist. */
2001 void
2003 {
2004  const smartlist_t *nodes = nodelist_get_list();
2005  SMARTLIST_FOREACH(nodes, node_t *, node,
2006  node_set_country(node));
2007 }
2008 
2009 /** Return true iff router1 and router2 have similar enough network addresses
2010  * that we should treat them as being in the same family */
2011 int
2013  const tor_addr_t *a2)
2014 {
2015  if (tor_addr_is_null(a1) || tor_addr_is_null(a2))
2016  return 0;
2017 
2018  switch (tor_addr_family(a1)) {
2019  case AF_INET:
2020  return 0 == tor_addr_compare_masked(a1, a2, 16, CMP_SEMANTIC);
2021  case AF_INET6:
2022  return 0 == tor_addr_compare_masked(a1, a2, 32, CMP_SEMANTIC);
2023  default:
2024  /* If not IPv4 or IPv6, return 0. */
2025  return 0;
2026  }
2027 }
2028 
2029 /** Return true if <b>node</b>'s nickname matches <b>nickname</b>
2030  * (case-insensitive), or if <b>node's</b> identity key digest
2031  * matches a hexadecimal value stored in <b>nickname</b>. Return
2032  * false otherwise. */
2033 STATIC int
2034 node_nickname_matches(const node_t *node, const char *nickname)
2035 {
2036  const char *n = node_get_nickname(node);
2037  if (n && nickname[0]!='$' && !strcasecmp(n, nickname))
2038  return 1;
2039  return hex_digest_nickname_matches(nickname,
2040  node->identity,
2041  n);
2042 }
2043 
2044 /** Return true iff <b>node</b> is named by some nickname in <b>lst</b>. */
2045 STATIC int
2047 {
2048  if (!lst) return 0;
2049  SMARTLIST_FOREACH(lst, const char *, name, {
2050  if (node_nickname_matches(node, name))
2051  return 1;
2052  });
2053  return 0;
2054 }
2055 
2056 /** Return true iff n1's declared family contains n2. */
2057 STATIC int
2058 node_family_contains(const node_t *n1, const node_t *n2)
2059 {
2060  if (n1->ri && n1->ri->declared_family) {
2061  return node_in_nickname_smartlist(n1->ri->declared_family, n2);
2062  } else if (n1->md) {
2063  return nodefamily_contains_node(n1->md->family, n2);
2064  } else {
2065  return 0;
2066  }
2067 }
2068 
2069 /**
2070  * Return true iff <b>node</b> has declared a nonempty family.
2071  **/
2072 STATIC bool
2074 {
2075  if (node->ri && node->ri->declared_family &&
2076  smartlist_len(node->ri->declared_family)) {
2077  return true;
2078  }
2079 
2080  if (node->md && node->md->family) {
2081  return true;
2082  }
2083 
2084  return false;
2085 }
2086 
2087 /**
2088  * Add to <b>out</b> every node_t that is listed by <b>node</b> as being in
2089  * its family. (Note that these nodes are not in node's family unless they
2090  * also agree that node is in their family.)
2091  **/
2092 STATIC void
2094 {
2095  if (node->ri && node->ri->declared_family &&
2096  smartlist_len(node->ri->declared_family)) {
2097  SMARTLIST_FOREACH_BEGIN(node->ri->declared_family, const char *, name) {
2098  const node_t *n2 = node_get_by_nickname(name, NNF_NO_WARN_UNNAMED);
2099  if (n2) {
2100  smartlist_add(out, (node_t *)n2);
2101  }
2102  } SMARTLIST_FOREACH_END(name);
2103  return;
2104  }
2105 
2106  if (node->md && node->md->family) {
2107  nodefamily_add_nodes_to_smartlist(node->md->family, out);
2108  }
2109 }
2110 
2111 /** Return true iff r1 and r2 are in the same family, but not the same
2112  * router. */
2113 int
2114 nodes_in_same_family(const node_t *node1, const node_t *node2)
2115 {
2116  const or_options_t *options = get_options();
2117 
2118  /* Are they in the same family because of their addresses? */
2119  if (options->EnforceDistinctSubnets) {
2120  tor_addr_t a1, a2;
2121  node_get_addr(node1, &a1);
2122  node_get_addr(node2, &a2);
2123 
2124  tor_addr_port_t ap6_1, ap6_2;
2125  node_get_pref_ipv6_orport(node1, &ap6_1);
2126  node_get_pref_ipv6_orport(node2, &ap6_2);
2127 
2128  if (router_addrs_in_same_network(&a1, &a2) ||
2129  router_addrs_in_same_network(&ap6_1.addr, &ap6_2.addr))
2130  return 1;
2131  }
2132 
2133  /* Are they in the same family because the agree they are? */
2134  if (node_family_contains(node1, node2) &&
2135  node_family_contains(node2, node1)) {
2136  return 1;
2137  }
2138 
2139  /* Are they in the same family because the user says they are? */
2140  if (options->NodeFamilySets) {
2141  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2142  if (routerset_contains_node(rs, node1) &&
2143  routerset_contains_node(rs, node2))
2144  return 1;
2145  });
2146  }
2147 
2148  return 0;
2149 }
2150 
2151 /**
2152  * Add all the family of <b>node</b>, including <b>node</b> itself, to
2153  * the smartlist <b>sl</b>.
2154  *
2155  * This is used to make sure we don't pick siblings in a single path, or
2156  * pick more than one relay from a family for our entry guard list.
2157  * Note that a node may be added to <b>sl</b> more than once if it is
2158  * part of <b>node</b>'s family for more than one reason.
2159  */
2160 void
2162 {
2163  const smartlist_t *all_nodes = nodelist_get_list();
2164  const or_options_t *options = get_options();
2165 
2166  tor_assert(node);
2167 
2168  /* Let's make sure that we have the node itself, if it's a real node. */
2169  {
2170  const node_t *real_node = node_get_by_id(node->identity);
2171  if (real_node)
2172  smartlist_add(sl, (node_t*)real_node);
2173  }
2174 
2175  /* First, add any nodes with similar network addresses. */
2176  if (options->EnforceDistinctSubnets) {
2177  tor_addr_t node_addr;
2178  tor_addr_port_t node_ap6;
2179  node_get_addr(node, &node_addr);
2180  node_get_pref_ipv6_orport(node, &node_ap6);
2181 
2182  SMARTLIST_FOREACH_BEGIN(all_nodes, const node_t *, node2) {
2183  tor_addr_t a;
2184  tor_addr_port_t ap6;
2185  node_get_addr(node2, &a);
2186  node_get_pref_ipv6_orport(node2, &ap6);
2187  if (router_addrs_in_same_network(&a, &node_addr) ||
2188  router_addrs_in_same_network(&ap6.addr, &node_ap6.addr))
2189  smartlist_add(sl, (void*)node2);
2190  } SMARTLIST_FOREACH_END(node2);
2191  }
2192 
2193  /* Now, add all nodes in the declared family of this node, if they
2194  * also declare this node to be in their family. */
2195  if (node_has_declared_family(node)) {
2196  smartlist_t *declared_family = smartlist_new();
2197  node_lookup_declared_family(declared_family, node);
2198 
2199  /* Add every r such that router declares familyness with node, and node
2200  * declares familyhood with router. */
2201  SMARTLIST_FOREACH_BEGIN(declared_family, const node_t *, node2) {
2202  if (node_family_contains(node2, node)) {
2203  smartlist_add(sl, (void*)node2);
2204  }
2205  } SMARTLIST_FOREACH_END(node2);
2206  smartlist_free(declared_family);
2207  }
2208 
2209  /* If the user declared any families locally, honor those too. */
2210  if (options->NodeFamilySets) {
2211  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2212  if (routerset_contains_node(rs, node)) {
2213  routerset_get_all_nodes(sl, rs, NULL, 0);
2214  }
2215  });
2216  }
2217 }
2218 
2219 /** Find a router that's up, that has this IP address, and
2220  * that allows exit to this address:port, or return NULL if there
2221  * isn't a good one.
2222  * Don't exit enclave to excluded relays -- it wouldn't actually
2223  * hurt anything, but this way there are fewer confused users.
2224  */
2225 const node_t *
2226 router_find_exact_exit_enclave(const char *address, uint16_t port)
2227 {/*XXXX MOVE*/
2228  struct in_addr in;
2229  tor_addr_t ipv4_addr;
2230  const or_options_t *options = get_options();
2231 
2232  if (!tor_inet_aton(address, &in))
2233  return NULL; /* it's not an IP already */
2234  tor_addr_from_in(&ipv4_addr, &in);
2235 
2236  SMARTLIST_FOREACH(nodelist_get_list(), const node_t *, node, {
2237  if (tor_addr_eq(node_get_prim_addr_ipv4(node), &ipv4_addr) &&
2238  node->is_running &&
2239  compare_tor_addr_to_node_policy(&ipv4_addr, port, node) ==
2242  return node;
2243  });
2244  return NULL;
2245 }
2246 
2247 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
2248  * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
2249  * If <b>need_capacity</b> is non-zero, we require a minimum advertised
2250  * bandwidth.
2251  * If <b>need_guard</b>, we require that the router is a possible entry guard.
2252  */
2253 int
2254 node_is_unreliable(const node_t *node, int need_uptime,
2255  int need_capacity, int need_guard)
2256 {
2257  if (need_uptime && !node->is_stable)
2258  return 1;
2259  if (need_capacity && !node->is_fast)
2260  return 1;
2261  if (need_guard && !node->is_possible_guard)
2262  return 1;
2263  return 0;
2264 }
2265 
2266 /** Return 1 if all running sufficiently-stable routers we can use will reject
2267  * addr:port. Return 0 if any might accept it. */
2268 int
2270  int need_uptime)
2271 {
2273 
2275  if (node->is_running &&
2276  !node_is_unreliable(node, need_uptime, 0, 0)) {
2277 
2278  r = compare_tor_addr_to_node_policy(addr, port, node);
2279 
2281  return 0; /* this one could be ok. good enough. */
2282  }
2283  } SMARTLIST_FOREACH_END(node);
2284  return 1; /* all will reject. */
2285 }
2286 
2287 /** Mark the router with ID <b>digest</b> as running or non-running
2288  * in our routerlist. */
2289 void
2290 router_set_status(const char *digest, int up)
2291 {
2292  node_t *node;
2293  tor_assert(digest);
2294 
2295  SMARTLIST_FOREACH(router_get_fallback_dir_servers(),
2296  dir_server_t *, d,
2297  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2298  d->is_running = up);
2299 
2300  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2301  dir_server_t *, d,
2302  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2303  d->is_running = up);
2304 
2305  node = node_get_mutable_by_id(digest);
2306  if (node) {
2307 #if 0
2308  log_debug(LD_DIR,"Marking router %s as %s.",
2309  node_describe(node), up ? "up" : "down");
2310 #endif
2311  if (!up && node_is_me(node) && !net_is_disabled())
2312  log_warn(LD_NET, "We just marked ourself as down. Are your external "
2313  "addresses reachable?");
2314 
2315  if (bool_neq(node->is_running, up))
2317 
2318  node->is_running = up;
2319  }
2320 }
2321 
2322 /** True iff, the last time we checked whether we had enough directory info
2323  * to build circuits, the answer was "yes". If there are no exits in the
2324  * consensus, we act as if we have 100% of the exit directory info. */
2325 static int have_min_dir_info = 0;
2326 
2327 /** Does the consensus contain nodes that can exit? */
2328 static consensus_path_type_t have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2329 
2330 /** True iff enough has changed since the last time we checked whether we had
2331  * enough directory info to build circuits that our old answer can no longer
2332  * be trusted. */
2334 /** String describing what we're missing before we have enough directory
2335  * info. */
2336 static char dir_info_status[512] = "";
2337 
2338 /** Return true iff we have enough consensus information to
2339  * start building circuits. Right now, this means "a consensus that's
2340  * less than a day old, and at least 60% of router descriptors (configurable),
2341  * weighted by bandwidth. Treat the exit fraction as 100% if there are
2342  * no exits in the consensus."
2343  * To obtain the final weighted bandwidth, we multiply the
2344  * weighted bandwidth fraction for each position (guard, middle, exit). */
2345 MOCK_IMPL(int,
2347 {
2348  static int logged_delay=0;
2349  const char *delay_fetches_msg = NULL;
2350  if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
2351  if (!logged_delay)
2352  log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg);
2353  logged_delay=1;
2354  strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status));
2355  return 0;
2356  }
2357  logged_delay = 0; /* reset it if we get this far */
2358 
2359  if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
2361  }
2362 
2363  return have_min_dir_info;
2364 }
2365 
2366 /** Set to CONSENSUS_PATH_EXIT if there is at least one exit node
2367  * in the consensus. We update this flag in compute_frac_paths_available if
2368  * there is at least one relay that has an Exit flag in the consensus.
2369  * Used to avoid building exit circuits when they will almost certainly fail.
2370  * Set to CONSENSUS_PATH_INTERNAL if there are no exits in the consensus.
2371  * (This situation typically occurs during bootstrap of a test network.)
2372  * Set to CONSENSUS_PATH_UNKNOWN if we have never checked, or have
2373  * reason to believe our last known value was invalid or has expired.
2374  * If we're in a network with TestingDirAuthVoteExit set,
2375  * this can cause router_have_consensus_path() to be set to
2376  * CONSENSUS_PATH_EXIT, even if there are no nodes with accept exit policies.
2377  */
2380 {
2381  return have_consensus_path;
2382 }
2383 
2384 /** Called when our internal view of the directory has changed. This can be
2385  * when the authorities change, networkstatuses change, the list of routerdescs
2386  * changes, or number of running routers changes.
2387  */
2388 void
2390 {
2395 }
2396 
2397 /** Return a string describing what we're missing before we have enough
2398  * directory info. */
2399 const char *
2401 {
2402  return dir_info_status;
2403 }
2404 
2405 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
2406  * them seem like ones we'd use (store this in *<b>num_usable</b>), and how
2407  * many of <em>those</em> we have descriptors for (store this in
2408  * *<b>num_present</b>).
2409  *
2410  * If <b>in_set</b> is non-NULL, only consider those routers in <b>in_set</b>.
2411  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_POLICY, only consider nodes
2412  * present if they have an exit policy that accepts at least one port.
2413  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_FLAG, only consider nodes
2414  * usable if they have the exit flag in the consensus.
2415  *
2416  * If *<b>descs_out</b> is present, add a node_t for each usable descriptor
2417  * to it.
2418  */
2419 static void
2420 count_usable_descriptors(int *num_present, int *num_usable,
2421  smartlist_t *descs_out,
2422  const networkstatus_t *consensus,
2423  time_t now,
2424  routerset_t *in_set,
2425  usable_descriptor_t exit_only)
2426 {
2427  const int md = (consensus->flavor == FLAV_MICRODESC);
2428  *num_present = 0, *num_usable = 0;
2429 
2431  {
2432  const node_t *node = node_get_by_id(rs->identity_digest);
2433  if (!node)
2434  continue; /* This would be a bug: every entry in the consensus is
2435  * supposed to have a node. */
2436  if ((exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) && ! rs->is_exit)
2437  continue;
2438  if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1))
2439  continue;
2440  if (client_would_use_router(rs, now)) {
2441  const char * const digest = rs->descriptor_digest;
2442  int present;
2443  ++*num_usable; /* the consensus says we want it. */
2444  if (md)
2445  present = NULL != microdesc_cache_lookup_by_digest256(NULL, digest);
2446  else
2447  present = NULL != router_get_by_descriptor_digest(digest);
2448  if (present) {
2449  /* Do the policy check last, because it requires a descriptor,
2450  * and is potentially expensive */
2451  if ((exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) &&
2453  continue;
2454  }
2455  /* we have the descriptor listed in the consensus, and it
2456  * satisfies our exit constraints (if any) */
2457  ++*num_present;
2458  }
2459  if (descs_out)
2460  smartlist_add(descs_out, (node_t*)node);
2461  }
2462  }
2463  SMARTLIST_FOREACH_END(rs);
2464 
2465  log_debug(LD_DIR, "%d usable, %d present (%s%s%s%s%s).",
2466  *num_usable, *num_present,
2467  md ? "microdesc" : "desc",
2468  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2469  " exit" : "s",
2470  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) ?
2471  " policies" : "" ,
2472  (exit_only == USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2473  " and" : "" ,
2474  (exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) ?
2475  " flags" : "" );
2476 }
2477 
2478 /** Return an estimate of which fraction of usable paths through the Tor
2479  * network we have available for use. Count how many routers seem like ones
2480  * we'd use (store this in *<b>num_usable_out</b>), and how many of
2481  * <em>those</em> we have descriptors for (store this in
2482  * *<b>num_present_out</b>.)
2483  *
2484  * If **<b>status_out</b> is present, allocate a new string and print the
2485  * available percentages of guard, middle, and exit nodes to it, noting
2486  * whether there are exits in the consensus.
2487  * If there are no exits in the consensus, we treat the exit fraction as 100%,
2488  * but set router_have_consensus_path() so that we can only build internal
2489  * paths. */
2490 static double
2492  const or_options_t *options, time_t now,
2493  int *num_present_out, int *num_usable_out,
2494  char **status_out)
2495 {
2496  smartlist_t *guards = smartlist_new();
2497  smartlist_t *mid = smartlist_new();
2498  smartlist_t *exits = smartlist_new();
2499  double f_guard, f_mid, f_exit;
2500  double f_path = 0.0;
2501  /* Used to determine whether there are any exits in the consensus */
2502  int np = 0;
2503  /* Used to determine whether there are any exits with descriptors */
2504  int nu = 0;
2505  const int authdir = authdir_mode_v3(options);
2506 
2507  count_usable_descriptors(num_present_out, num_usable_out,
2508  mid, consensus, now, options->MiddleNodes,
2509  USABLE_DESCRIPTOR_ALL);
2510  log_debug(LD_NET,
2511  "%s: %d present, %d usable",
2512  "mid",
2513  np,
2514  nu);
2515 
2516  if (options->EntryNodes) {
2517  count_usable_descriptors(&np, &nu, guards, consensus, now,
2518  options->EntryNodes, USABLE_DESCRIPTOR_ALL);
2519  log_debug(LD_NET,
2520  "%s: %d present, %d usable",
2521  "guard",
2522  np,
2523  nu);
2524  } else {
2525  SMARTLIST_FOREACH(mid, const node_t *, node, {
2526  if (authdir) {
2527  if (node->rs && node->rs->is_possible_guard)
2528  smartlist_add(guards, (node_t*)node);
2529  } else {
2530  if (node->is_possible_guard)
2531  smartlist_add(guards, (node_t*)node);
2532  }
2533  });
2534  log_debug(LD_NET,
2535  "%s: %d possible",
2536  "guard",
2537  smartlist_len(guards));
2538  }
2539 
2540  /* All nodes with exit policy and flag */
2541  count_usable_descriptors(&np, &nu, exits, consensus, now,
2542  NULL, USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2543  log_debug(LD_NET,
2544  "%s: %d present, %d usable",
2545  "exits",
2546  np,
2547  nu);
2548 
2549  /* We need at least 1 exit (flag and policy) in the consensus to consider
2550  * building exit paths */
2551  /* Update our understanding of whether the consensus has exits */
2552  consensus_path_type_t old_have_consensus_path = have_consensus_path;
2553  have_consensus_path = ((np > 0) ?
2554  CONSENSUS_PATH_EXIT :
2555  CONSENSUS_PATH_INTERNAL);
2556 
2557  if (old_have_consensus_path != have_consensus_path) {
2558  if (have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2559  log_notice(LD_NET,
2560  "The current consensus has no exit nodes. "
2561  "Tor can only build internal paths, "
2562  "such as paths to onion services.");
2563 
2564  /* However, exit nodes can reachability self-test using this consensus,
2565  * join the network, and appear in a later consensus. This will allow
2566  * the network to build exit paths, such as paths for world wide web
2567  * browsing (as distinct from hidden service web browsing). */
2568  } else if (old_have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2569  log_notice(LD_NET,
2570  "The current consensus contains exit nodes. "
2571  "Tor can build exit and internal paths.");
2572  }
2573  }
2574 
2575  f_guard = frac_nodes_with_descriptors(guards, WEIGHT_FOR_GUARD, 1);
2576  f_mid = frac_nodes_with_descriptors(mid, WEIGHT_FOR_MID, 0);
2577  f_exit = frac_nodes_with_descriptors(exits, WEIGHT_FOR_EXIT, 0);
2578 
2579  /* If we are using bridges and have at least one bridge with a full
2580  * descriptor, assume f_guard is 1.0. */
2581  if (options->UseBridges && num_bridges_usable(0) > 0)
2582  f_guard = 1.0;
2583 
2584  log_debug(LD_NET,
2585  "f_guard: %.2f, f_mid: %.2f, f_exit: %.2f",
2586  f_guard,
2587  f_mid,
2588  f_exit);
2589 
2590  smartlist_free(guards);
2591  smartlist_free(mid);
2592  smartlist_free(exits);
2593 
2594  if (options->ExitNodes) {
2595  double f_myexit, f_myexit_unflagged;
2596  smartlist_t *myexits= smartlist_new();
2597  smartlist_t *myexits_unflagged = smartlist_new();
2598 
2599  /* All nodes with exit policy and flag in ExitNodes option */
2600  count_usable_descriptors(&np, &nu, myexits, consensus, now,
2601  options->ExitNodes,
2602  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2603  log_debug(LD_NET,
2604  "%s: %d present, %d usable",
2605  "myexits",
2606  np,
2607  nu);
2608 
2609  /* Now compute the nodes in the ExitNodes option where we know their exit
2610  * policy permits something. */
2611  count_usable_descriptors(&np, &nu, myexits_unflagged,
2612  consensus, now,
2613  options->ExitNodes,
2614  USABLE_DESCRIPTOR_EXIT_POLICY);
2615  log_debug(LD_NET,
2616  "%s: %d present, %d usable",
2617  "myexits_unflagged (initial)",
2618  np,
2619  nu);
2620 
2621  f_myexit= frac_nodes_with_descriptors(myexits,WEIGHT_FOR_EXIT, 0);
2622  f_myexit_unflagged=
2623  frac_nodes_with_descriptors(myexits_unflagged,
2624  WEIGHT_FOR_EXIT, 0);
2625 
2626  log_debug(LD_NET,
2627  "f_exit: %.2f, f_myexit: %.2f, f_myexit_unflagged: %.2f",
2628  f_exit,
2629  f_myexit,
2630  f_myexit_unflagged);
2631 
2632  /* If our ExitNodes list has eliminated every possible Exit node, and there
2633  * were some possible Exit nodes, then instead consider nodes that permit
2634  * exiting to some ports. */
2635  if (smartlist_len(myexits) == 0 &&
2636  smartlist_len(myexits_unflagged)) {
2637  f_myexit = f_myexit_unflagged;
2638  }
2639 
2640  smartlist_free(myexits);
2641  smartlist_free(myexits_unflagged);
2642 
2643  /* This is a tricky point here: we don't want to make it easy for a
2644  * directory to trickle exits to us until it learns which exits we have
2645  * configured, so require that we have a threshold both of total exits
2646  * and usable exits. */
2647  if (f_myexit < f_exit)
2648  f_exit = f_myexit;
2649  }
2650 
2651  /* If the consensus has no exits that pass flag, descriptor, and policy
2652  * checks, we can only build onion service paths, which are G - M - M. */
2653  if (router_have_consensus_path() != CONSENSUS_PATH_EXIT) {
2654  /* If the exit bandwidth weight fraction is not zero, we need to wait for
2655  * descriptors for those exits. (The bandwidth weight fraction does not
2656  * check for descriptors.)
2657  * If the exit bandwidth fraction is zero, there are no exits in the
2658  * consensus at all. So it is safe to replace f_exit with f_mid.
2659  *
2660  * f_exit is non-negative, but some compilers complain about float and ==
2661  */
2662  if (f_exit <= 0.0) {
2663  f_exit = f_mid;
2664  }
2665  }
2666 
2667  f_path = f_guard * f_mid * f_exit;
2668 
2669  if (status_out)
2670  tor_asprintf(status_out,
2671  "%d%% of guards bw, "
2672  "%d%% of midpoint bw, and "
2673  "%d%% of %s = "
2674  "%d%% of path bw",
2675  (int)(f_guard*100),
2676  (int)(f_mid*100),
2677  (int)(f_exit*100),
2678  (router_have_consensus_path() == CONSENSUS_PATH_EXIT ?
2679  "exit bw" :
2680  "end bw (no exits in consensus, using mid)"),
2681  (int)(f_path*100));
2682 
2683  return f_path;
2684 }
2685 
2686 /** We just fetched a new set of descriptors. Compute how far through
2687  * the "loading descriptors" bootstrapping phase we are, so we can inform
2688  * the controller of our progress. */
2689 int
2691 {
2692  int num_present = 0, num_usable=0;
2693  time_t now = time(NULL);
2694  const or_options_t *options = get_options();
2695  const networkstatus_t *consensus =
2697  double paths, fraction;
2698 
2699  if (!consensus)
2700  return 0; /* can't count descriptors if we have no list of them */
2701 
2702  paths = compute_frac_paths_available(consensus, options, now,
2703  &num_present, &num_usable,
2704  NULL);
2705 
2706  fraction = paths / get_frac_paths_needed_for_circs(options,consensus);
2707  if (fraction > 1.0)
2708  return 0; /* it's not the number of descriptors holding us back */
2709  return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
2710  (fraction*(BOOTSTRAP_STATUS_ENOUGH_DIRINFO-1 -
2711  BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
2712 }
2713 
2714 /** Return the fraction of paths needed before we're willing to build
2715  * circuits, as configured in <b>options</b>, or in the consensus <b>ns</b>. */
2716 static double
2718  const networkstatus_t *ns)
2719 {
2720 #define DFLT_PCT_USABLE_NEEDED 60
2721  if (options->PathsNeededToBuildCircuits >= 0.0) {
2722  return options->PathsNeededToBuildCircuits;
2723  } else {
2724  return networkstatus_get_param(ns, "min_paths_for_circs_pct",
2725  DFLT_PCT_USABLE_NEEDED,
2726  25, 95)/100.0;
2727  }
2728 }
2729 
2730 /** Change the value of have_min_dir_info, setting it true iff we have enough
2731  * network and router information to build circuits. Clear the value of
2732  * need_to_update_have_min_dir_info. */
2733 static void
2735 {
2736  time_t now = time(NULL);
2737  int res;
2738  int num_present=0, num_usable=0;
2739  const or_options_t *options = get_options();
2740  const networkstatus_t *consensus =
2742  int using_md;
2743 
2744  if (!consensus) {
2746  strlcpy(dir_info_status, "We have no usable consensus.",
2747  sizeof(dir_info_status));
2748  else
2749  strlcpy(dir_info_status, "We have no recent usable consensus.",
2750  sizeof(dir_info_status));
2751  res = 0;
2752  goto done;
2753  }
2754 
2755  using_md = consensus->flavor == FLAV_MICRODESC;
2756 
2757  /* Check fraction of available paths */
2758  {
2759  char *status = NULL;
2760  double paths = compute_frac_paths_available(consensus, options, now,
2761  &num_present, &num_usable,
2762  &status);
2763 
2764  if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
2766  "We need more %sdescriptors: we have %d/%d, and "
2767  "can only build %d%% of likely paths. (We have %s.)",
2768  using_md?"micro":"", num_present, num_usable,
2769  (int)(paths*100), status);
2770  tor_free(status);
2771  res = 0;
2772  control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
2773  goto done;
2774  }
2775 
2776  tor_free(status);
2777  res = 1;
2778  }
2779 
2780  { /* Check entry guard dirinfo status */
2781  char *guard_error = entry_guards_get_err_str_if_dir_info_missing(using_md,
2782  num_present,
2783  num_usable);
2784  if (guard_error) {
2785  strlcpy(dir_info_status, guard_error, sizeof(dir_info_status));
2786  tor_free(guard_error);
2787  res = 0;
2788  goto done;
2789  }
2790  }
2791 
2792  done:
2793 
2794  /* If paths have just become available in this update. */
2795  if (res && !have_min_dir_info) {
2796  control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
2797  control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0);
2798  log_info(LD_DIR,
2799  "We now have enough directory information to build circuits.");
2800  }
2801 
2802  /* If paths have just become unavailable in this update. */
2803  if (!res && have_min_dir_info) {
2804  int quiet = dirclient_too_idle_to_fetch_descriptors(options, now);
2806  "Our directory information is no longer up-to-date "
2807  "enough to build circuits: %s", dir_info_status);
2808 
2809  /* a) make us log when we next complete a circuit, so we know when Tor
2810  * is back up and usable, and b) disable some activities that Tor
2811  * should only do while circuits are working, like reachability tests
2812  * and fetching bridge descriptors only over circuits. */
2814  have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2815  control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
2816  }
2817  have_min_dir_info = res;
2819 }
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:287
nodelist_probably_contains_address
int nodelist_probably_contains_address(const tor_addr_t *addr)
Definition: nodelist.c:489
routerstatus_t::ipv4_dirport
uint16_t ipv4_dirport
Definition: routerstatus_st.h:34
routerinfo_t::purpose
uint8_t purpose
Definition: routerinfo_st.h:115
microdesc_t
Definition: microdesc_st.h:27
hex_digest_nickname_decode
int hex_digest_nickname_decode(const char *hexdigest, char *digest_out, char *nickname_qualifier_char_out, char *nickname_out)
Definition: routerlist.c:682
net_is_disabled
int net_is_disabled(void)
Definition: netstatus.c:25
nodelist_refresh_countries
void nodelist_refresh_countries(void)
Definition: nodelist.c:2002
node_set_country
void node_set_country(node_t *node)
Definition: nodelist.c:1981
tor_free
#define tor_free(p)
Definition: malloc.h:52
routerinfo_t
Definition: routerinfo_st.h:20
dir_server_st.h
Trusted/fallback directory server structure.
CURVE25519_PUBKEY_LEN
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
protover_summary_flags_t::supports_accepting_ipv6_extends
unsigned int supports_accepting_ipv6_extends
Definition: or.h:821
the_nodelist
static nodelist_t * the_nodelist
Definition: nodelist.c:178
tor_free_
void tor_free_(void *mem)
Definition: malloc.c:227
tor_addr_family
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
node_get_declared_uptime
long node_get_declared_uptime(const node_t *node)
Definition: nodelist.c:1631
ADDR_POLICY_PROBABLY_REJECTED
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
fascist_firewall_prefer_ipv6_orport
int fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:485
tor_addr_make_null
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
protover_summary_flags_t
Definition: or.h:810
name
const char * name
Definition: config.c:2443
tor_addr_t
Definition: address.h:69
node_t::is_hs_dir
unsigned int is_hs_dir
Definition: node_st.h:73
protover.h
Headers and type declarations for protover.c.
approx_time
time_t approx_time(void)
Definition: approx_time.c:32
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
ADDR_POLICY_REJECTED
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
have_consensus_path
static consensus_path_type_t have_consensus_path
Definition: nodelist.c:2328
tor_addr_to_str
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
node_is_usable
static int node_is_usable(const node_t *node)
Definition: nodelist.c:723
routers_have_same_or_addrs
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:507
node_get_prim_dirport
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1841
microdesc_t::digest
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:62
protover_summary_flags_t::supports_initiating_ipv6_extends
unsigned int supports_initiating_ipv6_extends
Definition: or.h:825
netstatus.h
Header for netstatus.c.
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
bool_neq
#define bool_neq(a, b)
Definition: logic.h:18
microdesc.h
Header file for microdesc.c.
LD_BUG
#define LD_BUG
Definition: log.h:86
ed25519_pubkey_eq
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
Definition: crypto_ed25519.c:642
hs_get_next_time_period_num
uint64_t hs_get_next_time_period_num(time_t now)
Definition: hs_common.c:305
protover_summary_flags_t::supports_v3_hsdir
unsigned int supports_v3_hsdir
Definition: or.h:853
fast_mem_is_zero
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
router_digest_is_me
int router_digest_is_me(const char *digest)
Definition: router.c:1703
router_exit_policy_all_nodes_reject
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2269
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
router_find_exact_exit_enclave
const node_t * router_find_exact_exit_enclave(const char *address, uint16_t port)
Definition: nodelist.c:2226
node_has_any_descriptor
int node_has_any_descriptor(const node_t *node)
Definition: nodelist.c:1406
hs_in_period_between_tp_and_srv
int hs_in_period_between_tp_and_srv(const networkstatus_t *consensus, time_t now)
Definition: hs_common.c:1105
nodelist_assert_ok
void nodelist_assert_ok(void)
Definition: nodelist.c:869
routerset_contains_node
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:352
base16_encode
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
tor_fragile_assert
#define tor_fragile_assert()
Definition: util_bug.h:259
describe.h
Header file for describe.c.
node_get_address_string
void node_get_address_string(const node_t *node, char *buf, size_t len)
Definition: nodelist.c:1617
node_get_pref_orport
void node_get_pref_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1761
node_get_by_nickname
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
Definition: nodelist.c:1004
dirserv_set_node_flags_from_authoritative_status
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
Definition: process_descs.c:627
node_supports_initiating_ipv6_extends
bool node_supports_initiating_ipv6_extends(const node_t *node)
Definition: nodelist.c:1222
node_t::is_possible_guard
unsigned int is_possible_guard
Definition: node_st.h:69
tor_reallocarray_
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
get_dir_info_status_string
const char * get_dir_info_status_string(void)
Definition: nodelist.c:2400
process_descs.h
Header file for process_descs.c.
node_add_to_address_set
static void node_add_to_address_set(const node_t *node)
Definition: nodelist.c:448
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
node_ipv6_dir_preferred
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1818
ed25519_public_key_is_zero
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
Definition: crypto_ed25519.c:227
backtrace.h
Header for backtrace.c.
routerstatus_t
Definition: routerstatus_st.h:19
hsdir_index_t::fetch
uint8_t fetch[DIGEST256_LEN]
Definition: hsdir_index_st.h:19
nodelist_add_node_and_family
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2161
routerlist_t::routers
smartlist_t * routers
Definition: routerlist_st.h:32
usable_descriptor_t
usable_descriptor_t
Definition: nodelist.c:92
protover_summary_flags_t::supports_ed25519_link_handshake_any
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:839
num_bridges_usable
int num_bridges_usable(int use_maybe_reachable)
Definition: entrynodes.c:3412
routerstatus_t::nickname
char nickname[MAX_NICKNAME_LEN+1]
Definition: routerstatus_st.h:25
router_addrs_in_same_network
int router_addrs_in_same_network(const tor_addr_t *a1, const tor_addr_t *a2)
Definition: nodelist.c:2012
ED25519_PUBKEY_LEN
#define ED25519_PUBKEY_LEN
Definition: x25519_sizes.h:27
node_exit_policy_is_exact
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1515
quiet
int quiet
Definition: config.c:2449
node_remove_from_ed25519_map
static int node_remove_from_ed25519_map(node_t *node)
Definition: nodelist.c:265
tor_addr_is_v6
int tor_addr_is_v6(const tor_addr_t *addr)
Definition: address.c:770
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
nodelist_ensure_freshness
void nodelist_ensure_freshness(const networkstatus_t *ns)
Definition: nodelist.c:946
address_set_new
address_set_t * address_set_new(int max_addresses_guess)
Definition: address_set.c:34
nodelist_remove_routerinfo
void nodelist_remove_routerinfo(routerinfo_t *ri)
Definition: nodelist.c:745
node_addrs_changed
static void node_addrs_changed(node_t *node)
Definition: nodelist.c:438
routerinfo_t::onion_pkey_len
size_t onion_pkey_len
Definition: routerinfo_st.h:39
tor_snprintf
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
nodelist_set_routerinfo
node_t * nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
Definition: nodelist.c:505
routerinfo_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
node_supports_accepting_ipv6_extends
bool node_supports_accepting_ipv6_extends(const node_t *node, bool need_canonical_ipv6_conn)
Definition: nodelist.c:1243
node_is_good_exit
int node_is_good_exit(const node_t *node)
Definition: nodelist.c:716
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
routerinfo_t::platform
char * platform
Definition: routerinfo_st.h:48
have_min_dir_info
static int have_min_dir_info
Definition: nodelist.c:2325
address_set.h
Types to handle sets of addresses.
networkstatus.h
Header file for networkstatus.c.
nodelist_find_nodes_with_microdesc
smartlist_t * nodelist_find_nodes_with_microdesc(const microdesc_t *md)
Definition: nodelist.c:785
protover_summary_flags_t::supports_canonical_ipv6_conns
unsigned int supports_canonical_ipv6_conns
Definition: or.h:829
hsdir_index_t::store_first
uint8_t store_first[DIGEST256_LEN]
Definition: hsdir_index_st.h:24
node_ed25519_id_matches
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1114
hs_client.h
Header file containing client data for the HS subsytem.
protover_summary_flags_t::supports_ed25519_hs_intro
unsigned int supports_ed25519_hs_intro
Definition: or.h:844
signed_descriptor_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: signed_descriptor_st.h:31
tor_memeq
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
base32_encode
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
dirlist_add_trusted_dir_addresses
void dirlist_add_trusted_dir_addresses(void)
Definition: dirlist.c:71
in6_addr
Definition: inaddr_st.h:51
node_log_dup_ed_id
static void node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
Definition: nodelist.c:292
dirlist.h
Header file for dirlist.c.
get_n_authorities
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:87
node_t::name_lookup_warned
unsigned int name_lookup_warned
Definition: node_st.h:78
microdesc_has_curve25519_onion_key
static int microdesc_has_curve25519_onion_key(const microdesc_t *md)
Definition: nodelist.c:1908
nodelist_add_microdesc
node_t * nodelist_add_microdesc(microdesc_t *md)
Definition: nodelist.c:561
mainloop.h
Header file for mainloop.c.
node_get_verbose_nickname_by_id
void node_get_verbose_nickname_by_id(const char *id_digest, char *verbose_name_out)
Definition: nodelist.c:1472
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
or_options_t::ExcludeExitNodesUnion_
struct routerset_t * ExcludeExitNodesUnion_
Definition: or_options_st.h:112
node_t::rejects_all
unsigned int rejects_all
Definition: node_st.h:83
nodelist_add_addr_to_address_set
void nodelist_add_addr_to_address_set(const tor_addr_t *addr)
Definition: nodelist.c:476
node_get_mutable_by_id
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:194
dirserv_router_get_status
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
Definition: process_descs.c:291
node_has_declared_family
STATIC bool node_has_declared_family(const node_t *node)
Definition: nodelist.c:2073
zero_protover_flags
static const protover_summary_flags_t zero_protover_flags
Definition: nodelist.c:1126
routerstatus_t::is_possible_guard
unsigned int is_possible_guard
Definition: routerstatus_st.h:50
hs_get_previous_srv
uint8_t * hs_get_previous_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1252
microdesc_t::onion_pkey
char * onion_pkey
Definition: microdesc_st.h:70
node_get_rsa_id_digest
const uint8_t * node_get_rsa_id_digest(const node_t *node)
Definition: nodelist.c:1265
nodefamily_add_nodes_to_smartlist
void nodefamily_add_nodes_to_smartlist(const nodefamily_t *family, smartlist_t *out)
Definition: nodefamily.c:342
address.h
Headers for address.h.
bridges.h
Header file for circuitbuild.c.
geoip.h
Header file for geoip.c.
routerlist_t
Definition: routerlist_st.h:18
networkstatus_get_latest_consensus_by_flavor
networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
Definition: networkstatus.c:1401
tor_addr_from_in
#define tor_addr_from_in(dest, in)
Definition: address.h:331
control_event_client_status
int control_event_client_status(int severity, const char *format,...)
Definition: control_events.c:1759
routerinfo_t::ipv4_addr
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
count_loading_descriptors_progress
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2690
node_supports_v3_hsdir
bool node_supports_v3_hsdir(const node_t *node)
Definition: nodelist.c:1170
hs_get_previous_time_period_num
uint64_t hs_get_previous_time_period_num(time_t now)
Definition: hs_common.c:314
tor_addr_port_t
Definition: address.h:81
tor_memneq
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
tor_addr_to_ipv4h
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:160
entrynodes.h
Header file for circuitbuild.c.
tor_inet_aton
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:40
tor_addr_is_v4
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:750
networkstatus_get_latest_consensus
networkstatus_t * networkstatus_get_latest_consensus(void)
Definition: networkstatus.c:1390
node_get_platform
const char * node_get_platform(const node_t *node)
Definition: nodelist.c:1641
node_t
Definition: node_st.h:34
node_t::nodelist_idx
int nodelist_idx
Definition: node_st.h:42
microdesc_t::ed25519_identity_pkey
struct ed25519_public_key_t * ed25519_identity_pkey
Definition: microdesc_st.h:77
networkstatus_t::flavor
consensus_flavor_t flavor
Definition: networkstatus_st.h:28
torcert.h
Header for torcert.c.
node_get_pref_dirport
void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1864
microdesc_cache_lookup_by_digest256
microdesc_t * microdesc_cache_lookup_by_digest256(microdesc_cache_t *cache, const char *d)
Definition: microdesc.c:945
nodelist_purge
void nodelist_purge(void)
Definition: nodelist.c:816
nodefamily_contains_node
bool nodefamily_contains_node(const nodefamily_t *family, const node_t *node)
Definition: nodefamily.c:328
node_supports_ed25519_hs_intro
bool node_supports_ed25519_hs_intro(const node_t *node)
Definition: nodelist.c:1180
routerinfo_t::policy_is_reject_star
unsigned int policy_is_reject_star
Definition: routerinfo_st.h:77
ed25519_public_key_t
Definition: crypto_ed25519.h:23
node_supports_establish_intro_dos_extension
bool node_supports_establish_intro_dos_extension(const node_t *node)
Definition: nodelist.c:1205
or_options_t::EnforceDistinctSubnets
int EnforceDistinctSubnets
Definition: or_options_st.h:613
microdesc_t::ipv6_orport
uint16_t ipv6_orport
Definition: microdesc_st.h:81
node_get_prim_addr_ipv4
static const tor_addr_t * node_get_prim_addr_ipv4(const node_t *node)
Definition: nodelist.c:1600
networkstatus_get_reasonably_live_consensus
networkstatus_t * networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
Definition: networkstatus.c:1477
usable_consensus_flavor
int usable_consensus_flavor(void)
Definition: microdesc.c:1085
node_nickname_matches
STATIC int node_nickname_matches(const node_t *node, const char *nickname)
Definition: nodelist.c:2034
node_ipv6_or_preferred
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1710
smartlist_del
void smartlist_del(smartlist_t *sl, int idx)
Definition: smartlist_core.c:214
microdesc_st.h
Microdescriptor structure.
routerlist_st.h
Router descriptor list structure.
authmode.h
Header file for directory authority mode.
node_t::is_bad_exit
unsigned int is_bad_exit
Definition: node_st.h:71
nodes_in_same_family
int nodes_in_same_family(const node_t *node1, const node_t *node2)
Definition: nodelist.c:2114
fascist_firewall_use_ipv6
int fascist_firewall_use_ipv6(const or_options_t *options)
Definition: policies.c:446
nodelist.h
Header file for nodelist.c.
routerlist.h
Header file for routerlist.c.
binascii.h
Header for binascii.c.
routerset.h
Header file for routerset.c.
routerinfo_t::supports_tunnelled_dir_requests
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:86
count_usable_descriptors
static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, time_t now, routerset_t *in_set, usable_descriptor_t exit_only)
Definition: nodelist.c:2420
control_event_boot_dir
void control_event_boot_dir(bootstrap_status_t status, int progress)
Definition: control_bootstrap.c:234
node_get_verbose_nickname
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1452
microdesc_t::family
struct nodefamily_t * family
Definition: microdesc_st.h:83
routerinfo_t::declared_family
smartlist_t * declared_family
Definition: routerinfo_st.h:65
microdesc_t::onion_pkey_len
size_t onion_pkey_len
Definition: microdesc_st.h:72
node_has_curve25519_onion_key
int node_has_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1928
routerinfo_st.h
Router descriptor structure.
ADDR_POLICY_ACCEPTED
@ ADDR_POLICY_ACCEPTED
Definition: policies.h:40
rendservice.h
Header file for rendservice.c.
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
DIGEST256_LEN
#define DIGEST256_LEN
Definition: digest_sizes.h:23
dir_server_t
Definition: dir_server_st.h:21
node_select.h
Header file for node_select.c.
hsdir_index_t::store_second
uint8_t store_second[DIGEST256_LEN]
Definition: hsdir_index_st.h:26
geoip_get_country_by_addr
int geoip_get_country_by_addr(const tor_addr_t *addr)
Definition: geoip.c:424
networkstatus_t::routerstatus_list
smartlist_t * routerstatus_list
Definition: networkstatus_st.h:96
hex_digest_nickname_matches
int hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, const char *nickname)
Definition: routerlist.c:718
HT_HEAD
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
nodefamily.h
Header file for nodefamily.c.
node_allows_single_hop_exits
int node_allows_single_hop_exits(const node_t *node)
Definition: nodelist.c:1487
protover_summary_flags_t::supports_ed25519_link_handshake_compat
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:834
routerstatus_t::pv
protover_summary_flags_t pv
Definition: routerstatus_st.h:68
LOG_INFO
#define LOG_INFO
Definition: log.h:45
router_get_by_descriptor_digest
signed_descriptor_t * router_get_by_descriptor_digest(const char *digest)
Definition: routerlist.c:782
node_get_pref_ipv6_orport
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1776
hs_build_hsdir_index
void hs_build_hsdir_index(const ed25519_public_key_t *identity_pk, const uint8_t *srv_value, uint64_t period_num, uint8_t *hsdir_index_out)
Definition: hs_common.c:1195
control_events.h
Header file for control_events.c.
hs_service_dir_info_changed
void hs_service_dir_info_changed(void)
Definition: hs_service.c:3935
get_frac_paths_needed_for_circs
static double get_frac_paths_needed_for_circs(const or_options_t *options, const networkstatus_t *ns)
Definition: nodelist.c:2717
get_options
const or_options_t * get_options(void)
Definition: config.c:928
or_options_t::PathsNeededToBuildCircuits
double PathsNeededToBuildCircuits
Definition: or_options_st.h:919
nodelist_drop_node
static void nodelist_drop_node(node_t *node, int remove_from_ht)
Definition: nodelist.c:760
dir_info_status
static char dir_info_status[512]
Definition: nodelist.c:2336
or_options_t::ExitNodes
struct routerset_t * ExitNodes
Definition: or_options_st.h:90
protover_summary_flags_t::supports_v3_rendezvous_point
unsigned int supports_v3_rendezvous_point
Definition: or.h:858
routerinfo_t::onion_pkey
char * onion_pkey
Definition: routerinfo_st.h:37
router_get_consensus_status_by_descriptor_digest
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
Definition: networkstatus.c:769
node_is_unreliable
int node_is_unreliable(const node_t *node, int need_uptime, int need_capacity, int need_guard)
Definition: nodelist.c:2254
MAX_NICKNAME_LEN
#define MAX_NICKNAME_LEN
Definition: or.h:112
or_options_t::MiddleNodes
struct routerset_t * MiddleNodes
Definition: or_options_st.h:93
hs_client_dir_info_changed
void hs_client_dir_info_changed(void)
Definition: hs_client.c:2604
routerstatus_st.h
Routerstatus (consensus entry) structure.
node_describe
const char * node_describe(const node_t *node)
Definition: describe.c:142
hs_common.h
Header file containing common data for the whole HS subsytem.
curve25519_public_key_t
Definition: crypto_curve25519.h:24
dir_server_t::is_running
unsigned int is_running
Definition: dir_server_st.h:37
node_free_
static void node_free_(node_t *node)
Definition: nodelist.c:803
node_t::last_reachable
time_t last_reachable
Definition: node_st.h:98
signed_descriptor_t::signing_key_cert
struct tor_cert_st * signing_key_cert
Definition: signed_descriptor_st.h:39
routerinfo_t::allow_single_hop_exits
unsigned int allow_single_hop_exits
Definition: routerinfo_st.h:72
microdesc_t::onion_curve25519_pkey
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: microdesc_st.h:75
nodelist_get_list
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:966
init_nodelist
static void init_nodelist(void)
Definition: nodelist.c:182
node_is_me
int node_is_me(const node_t *node)
Definition: nodelist.c:1654
get_microdesc_cache
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:250
note_that_we_maybe_cant_complete_circuits
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:236
fascist_firewall_prefer_ipv6_dirport
int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:507
node_supports_ed25519_link_authentication
bool node_supports_ed25519_link_authentication(const node_t *node, bool compatible_with_us)
Definition: nodelist.c:1154
entry_guards_get_err_str_if_dir_info_missing
char * entry_guards_get_err_str_if_dir_info_missing(int using_mds, int num_present, int num_usable)
Definition: entrynodes.c:3903
node_get_addr
void node_get_addr(const node_t *node, tor_addr_t *addr_out)
Definition: nodelist.c:1591
V3_DIRINFO
@ V3_DIRINFO
Definition: or.h:908
routerinfo_t::pv
protover_summary_flags_t pv
Definition: routerinfo_st.h:93
networkstatus_t::valid_after
time_t valid_after
Definition: networkstatus_st.h:33
UNNAMED_ROUTER_NICKNAME
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:561
tor_addr_is_null
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
node_get_all_orports
smartlist_t * node_get_all_orports(const node_t *node)
Definition: nodelist.c:1554
node_get_or_create
static node_t * node_get_or_create(const char *identity_digest)
Definition: nodelist.c:243
node_supports_v3_rendezvous_point
bool node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1190
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
node_get_ed25519_id
const ed25519_public_key_t * node_get_ed25519_id(const node_t *node)
Definition: nodelist.c:1069
node_t::country
country_t country
Definition: node_st.h:92
hs_get_time_period_num
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:270
node_family_contains
STATIC int node_family_contains(const node_t *n1, const node_t *n2)
Definition: nodelist.c:2058
microdesc_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: microdesc_st.h:79
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
node_get_pref_ipv6_dirport
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1879
log_fn_ratelim
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:292
node_get_nickname
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1369
crypto_pk_t
Definition: crypto_rsa_nss.c:37
addr_policy_result_t
addr_policy_result_t
Definition: policies.h:38
compute_frac_paths_available
static double compute_frac_paths_available(const networkstatus_t *consensus, const or_options_t *options, time_t now, int *num_present_out, int *num_usable_out, char **status_out)
Definition: nodelist.c:2491
rend_hsdir_routers_changed
void rend_hsdir_routers_changed(void)
Definition: rendservice.c:4349
router_get_routerlist
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:893
node_get_prim_orport
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1740
HEX_DIGEST_LEN
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
or_options_t::UseBridges
int UseBridges
Definition: or_options_st.h:233
node_st.h
Node information structure.
or_options_t::NodeFamilySets
struct smartlist_t * NodeFamilySets
Definition: or_options_st.h:472
routerstatus_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerstatus_st.h:35
router_have_consensus_path
consensus_path_type_t router_have_consensus_path(void)
Definition: nodelist.c:2379
node_in_nickname_smartlist
STATIC int node_in_nickname_smartlist(const smartlist_t *lst, const node_t *node)
Definition: nodelist.c:2046
or_options_t::EntryNodes
struct routerset_t * EntryNodes
Definition: or_options_st.h:96
microdesc_t::held_by_nodes
unsigned int held_by_nodes
Definition: microdesc_st.h:46
networkstatus_is_live
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
Definition: networkstatus.c:1428
node_is_dir
int node_is_dir(const node_t *node)
Definition: nodelist.c:1383
node_t::is_stable
unsigned int is_stable
Definition: node_st.h:68
update_router_have_minimum_dir_info
static void update_router_have_minimum_dir_info(void)
Definition: nodelist.c:2734
policies.h
Header file for policies.c.
HT_PROTOTYPE
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
routerinfo_t::uptime
long uptime
Definition: routerinfo_st.h:64
nodelist_remove_microdesc
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
Definition: nodelist.c:731
node_add_to_ed25519_map
static int node_add_to_ed25519_map(node_t *node)
Definition: nodelist.c:308
nodelist_t
Definition: nodelist.c:121
dirclient_too_idle_to_fetch_descriptors
int dirclient_too_idle_to_fetch_descriptors(const or_options_t *options, time_t now)
Definition: dirclient_modes.c:94
config.h
Header file for config.c.
nodelist_set_consensus
void nodelist_set_consensus(const networkstatus_t *ns)
Definition: nodelist.c:615
compare_tor_addr_to_node_policy
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2857
node_get_curve25519_onion_key
const curve25519_public_key_t * node_get_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1935
BRIDGE_DIRINFO
@ BRIDGE_DIRINFO
Definition: or.h:910
node_get_by_ed25519_id
const node_t * node_get_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:231
routerset_contains_routerstatus
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:338
client_would_use_router
int client_would_use_router(const routerstatus_t *rs, time_t now)
Definition: networkstatus.c:2602
LD_NET
#define LD_NET
Definition: log.h:66
node_t::ipv6_preferred
unsigned int ipv6_preferred
Definition: node_st.h:88
node_get_by_hex_id
const node_t * node_get_by_hex_id(const char *hex_id, unsigned flags)
Definition: nodelist.c:977
node_t::is_valid
unsigned int is_valid
Definition: node_st.h:65
tor_log
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:628
sa_family_t
uint16_t sa_family_t
Definition: inaddr_st.h:77
frac_nodes_with_descriptors
double frac_nodes_with_descriptors(const smartlist_t *sl, bandwidth_weight_rule_t rule, int for_direct_conn)
Definition: node_select.c:821
should_delay_dir_fetches
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
Definition: networkstatus.c:1253
ROUTER_PURPOSE_GENERAL
#define ROUTER_PURPOSE_GENERAL
Definition: routerinfo_st.h:98
node_get_mutable_by_ed25519_id
node_t * node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:207
microdesc_t::policy_is_reject_star
unsigned int policy_is_reject_star
Definition: microdesc_st.h:44
or_options_t
Definition: or_options_st.h:45
we_use_microdescriptors_for_circuits
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1054
nodelist_free_all
void nodelist_free_all(void)
Definition: nodelist.c:845
STATIC
#define STATIC
Definition: testsupport.h:32
routerstatus_t::ipv6_orport
uint16_t ipv6_orport
Definition: routerstatus_st.h:36
node_lookup_declared_family
STATIC void node_lookup_declared_family(smartlist_t *out, const node_t *node)
Definition: nodelist.c:2093
router_have_minimum_dir_info
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2346
routerinfo_t::nickname
char * nickname
Definition: routerinfo_st.h:22
LD_DIR
#define LD_DIR
Definition: log.h:88
address_set_probably_contains
int address_set_probably_contains(const address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:67
networkstatus_get_param
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Definition: networkstatus.c:2495
networkstatus_st.h
Networkstatus consensus/vote structure.
tor_addr_compare_masked
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:1005
dirclient_modes.h
Header for feature/dirclient/dirclient_modes.c.
routerstatus_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: routerstatus_st.h:27
networkstatus_t
Definition: networkstatus_st.h:26
node_exit_policy_rejects_all
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1498
router_dir_info_changed
void router_dir_info_changed(void)
Definition: nodelist.c:2389
node_has_preferred_descriptor
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1419
tor_addr_to_in6_addr8
#define tor_addr_to_in6_addr8(x)
Definition: address.h:135
node_t::is_exit
unsigned int is_exit
Definition: node_st.h:70
node_t::is_running
unsigned int is_running
Definition: node_st.h:63
smartlist_t
Definition: smartlist_core.h:26
node_get_purpose
int node_get_purpose(const node_t *node)
Definition: nodelist.c:1440
fast_memeq
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
address_set_add
void address_set_add(address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:48
tor_addr_eq
#define tor_addr_eq(a, b)
Definition: address.h:280
consensus_path_type_t
consensus_path_type_t
Definition: nodelist.h:149
node_t::ed25519_id
ed25519_public_key_t ed25519_id
Definition: node_st.h:53
authdir_mode
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
need_to_update_have_min_dir_info
static int need_to_update_have_min_dir_info
Definition: nodelist.c:2333
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
routerinfo_t::onion_curve25519_pkey
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:43
node_t::identity
char identity[DIGEST_LEN]
Definition: node_st.h:46
ratelim_t
Definition: ratelim.h:42
or.h
Master header file for Tor-specific functionality.
router_set_status
void router_set_status(const char *digest, int up)
Definition: nodelist.c:2290
node_get_protover_summary_flags
static const protover_summary_flags_t * node_get_protover_summary_flags(const node_t *node)
Definition: nodelist.c:1132
node_is_a_configured_bridge
int node_is_a_configured_bridge(const node_t *node)
Definition: bridges.c:332
hs_get_current_srv
uint8_t * hs_get_current_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1234
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72