Tor  0.4.4.0-alpha-dev
nodelist.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2020, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file nodelist.c
9  *
10  * \brief Structures and functions for tracking what we know about the routers
11  * on the Tor network, and correlating information from networkstatus,
12  * routerinfo, and microdescs.
13  *
14  * The key structure here is node_t: that's the canonical way to refer
15  * to a Tor relay that we might want to build a circuit through. Every
16  * node_t has either a routerinfo_t, or a routerstatus_t from the current
17  * networkstatus consensus. If it has a routerstatus_t, it will also
18  * need to have a microdesc_t before you can use it for circuits.
19  *
20  * The nodelist_t is a global singleton that maps identities to node_t
21  * objects. Access them with the node_get_*() functions. The nodelist_t
22  * is maintained by calls throughout the codebase
23  *
24  * Generally, other code should not have to reach inside a node_t to
25  * see what information it has. Instead, you should call one of the
26  * many accessor functions that works on a generic node_t. If there
27  * isn't one that does what you need, it's better to make such a function,
28  * and then use it.
29  *
30  * For historical reasons, some of the functions that select a node_t
31  * from the list of all usable node_t objects are in the routerlist.c
32  * module, since they originally selected a routerinfo_t. (TODO: They
33  * should move!)
34  *
35  * (TODO: Perhaps someday we should abstract the remaining ways of
36  * talking about a relay to also be node_t instances. Those would be
37  * routerstatus_t as used for directory requests, and dir_server_t as
38  * used for authorities and fallback directories.)
39  */
40 
41 #define NODELIST_PRIVATE
42 
43 #include "core/or/or.h"
44 #include "app/config/config.h"
45 #include "core/mainloop/mainloop.h"
47 #include "core/or/address_set.h"
48 #include "core/or/policies.h"
49 #include "core/or/protover.h"
50 #include "feature/client/bridges.h"
55 #include "feature/hs/hs_client.h"
56 #include "feature/hs/hs_common.h"
68 #include "lib/encoding/binascii.h"
69 #include "lib/err/backtrace.h"
70 #include "lib/geoip/geoip.h"
71 #include "lib/net/address.h"
72 
73 #include <string.h>
74 
76 
84 
85 static void nodelist_drop_node(node_t *node, int remove_from_ht);
86 #define node_free(val) \
87  FREE_AND_NULL(node_t, node_free_, (val))
88 static void node_free_(node_t *node);
89 
90 /** count_usable_descriptors counts descriptors with these flag(s)
91  */
92 typedef enum {
93  /* All descriptors regardless of flags or exit policies */
94  USABLE_DESCRIPTOR_ALL = 0U,
95  /* Only count descriptors with an exit policy that allows at least one port
96  */
97  USABLE_DESCRIPTOR_EXIT_POLICY = 1U << 0,
98  /* Only count descriptors for relays that have the exit flag in the
99  * consensus */
100  USABLE_DESCRIPTOR_EXIT_FLAG = 1U << 1,
101  /* Only count descriptors for relays that have the policy and the flag */
102  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG = (USABLE_DESCRIPTOR_EXIT_POLICY |
103  USABLE_DESCRIPTOR_EXIT_FLAG)
105 static void count_usable_descriptors(int *num_present,
106  int *num_usable,
107  smartlist_t *descs_out,
108  const networkstatus_t *consensus,
109  time_t now,
110  routerset_t *in_set,
111  usable_descriptor_t exit_only);
112 static void update_router_have_minimum_dir_info(void);
113 static double get_frac_paths_needed_for_circs(const or_options_t *options,
114  const networkstatus_t *ns);
115 static void node_add_to_address_set(const node_t *node);
116 
117 /** A nodelist_t holds a node_t object for every router we're "willing to use
118  * for something". Specifically, it should hold a node_t for every node that
119  * is currently in the routerlist, or currently in the consensus we're using.
120  */
121 typedef struct nodelist_t {
122  /* A list of all the nodes. */
123  smartlist_t *nodes;
124  /* Hash table to map from node ID digest to node. */
125  HT_HEAD(nodelist_map, node_t) nodes_by_id;
126  /* Hash table to map from node Ed25519 ID to node.
127  *
128  * Whenever a node's routerinfo or microdescriptor is about to change,
129  * you should remove it from this map with node_remove_from_ed25519_map().
130  * Whenever a node's routerinfo or microdescriptor has just chaned,
131  * you should add it to this map with node_add_to_ed25519_map().
132  */
133  HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
134 
135  /* Set of addresses that belong to nodes we believe in. */
136  address_set_t *node_addrs;
137 
138  /* The valid-after time of the last live consensus that initialized the
139  * nodelist. We use this to detect outdated nodelists that need to be
140  * rebuilt using a newer consensus. */
141  time_t live_consensus_valid_after;
142 } nodelist_t;
143 
144 static inline unsigned int
145 node_id_hash(const node_t *node)
146 {
147  return (unsigned) siphash24g(node->identity, DIGEST_LEN);
148 }
149 
150 static inline unsigned int
151 node_id_eq(const node_t *node1, const node_t *node2)
152 {
153  return tor_memeq(node1->identity, node2->identity, DIGEST_LEN);
154 }
155 
156 HT_PROTOTYPE(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq);
157 HT_GENERATE2(nodelist_map, node_t, ht_ent, node_id_hash, node_id_eq,
159 
160 static inline unsigned int
161 node_ed_id_hash(const node_t *node)
162 {
163  return (unsigned) siphash24g(node->ed25519_id.pubkey, ED25519_PUBKEY_LEN);
164 }
165 
166 static inline unsigned int
167 node_ed_id_eq(const node_t *node1, const node_t *node2)
168 {
169  return ed25519_pubkey_eq(&node1->ed25519_id, &node2->ed25519_id);
170 }
171 
172 HT_PROTOTYPE(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
173  node_ed_id_eq);
174 HT_GENERATE2(nodelist_ed_map, node_t, ed_ht_ent, node_ed_id_hash,
175  node_ed_id_eq, 0.6, tor_reallocarray_, tor_free_);
176 
177 /** The global nodelist. */
179 
180 /** Create an empty nodelist if we haven't done so already. */
181 static void
183 {
184  if (PREDICT_UNLIKELY(the_nodelist == NULL)) {
185  the_nodelist = tor_malloc_zero(sizeof(nodelist_t));
186  HT_INIT(nodelist_map, &the_nodelist->nodes_by_id);
187  HT_INIT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
188  the_nodelist->nodes = smartlist_new();
189  }
190 }
191 
192 /** As node_get_by_id, but returns a non-const pointer */
193 MOCK_IMPL(node_t *,
194 node_get_mutable_by_id,(const char *identity_digest))
195 {
196  node_t search, *node;
197  if (PREDICT_UNLIKELY(the_nodelist == NULL))
198  return NULL;
199 
200  memcpy(&search.identity, identity_digest, DIGEST_LEN);
201  node = HT_FIND(nodelist_map, &the_nodelist->nodes_by_id, &search);
202  return node;
203 }
204 
205 /** As node_get_by_ed25519_id, but returns a non-const pointer */
206 node_t *
208 {
209  node_t search, *node;
210  if (PREDICT_UNLIKELY(the_nodelist == NULL))
211  return NULL;
212  if (BUG(ed_id == NULL) || BUG(ed25519_public_key_is_zero(ed_id)))
213  return NULL;
214 
215  memcpy(&search.ed25519_id, ed_id, sizeof(search.ed25519_id));
216  node = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, &search);
217  return node;
218 }
219 
220 /** Return the node_t whose identity is <b>identity_digest</b>, or NULL
221  * if no such node exists. */
222 MOCK_IMPL(const node_t *,
223 node_get_by_id,(const char *identity_digest))
224 {
225  return node_get_mutable_by_id(identity_digest);
226 }
227 
228 /** Return the node_t whose ed25519 identity is <b>ed_id</b>, or NULL
229  * if no such node exists. */
230 MOCK_IMPL(const node_t *,
232 {
233  return node_get_mutable_by_ed25519_id(ed_id);
234 }
235 
236 /** Internal: return the node_t whose identity_digest is
237  * <b>identity_digest</b>. If none exists, create a new one, add it to the
238  * nodelist, and return it.
239  *
240  * Requires that the nodelist be initialized.
241  */
242 static node_t *
243 node_get_or_create(const char *identity_digest)
244 {
245  node_t *node;
246 
247  if ((node = node_get_mutable_by_id(identity_digest)))
248  return node;
249 
250  node = tor_malloc_zero(sizeof(node_t));
251  memcpy(node->identity, identity_digest, DIGEST_LEN);
252  HT_INSERT(nodelist_map, &the_nodelist->nodes_by_id, node);
253 
254  smartlist_add(the_nodelist->nodes, node);
255  node->nodelist_idx = smartlist_len(the_nodelist->nodes) - 1;
256 
257  node->country = -1;
258 
259  return node;
260 }
261 
262 /** Remove <b>node</b> from the ed25519 map (if it present), and
263  * set its ed25519_id field to zero. */
264 static int
266 {
268  tor_assert(node);
269 
271  return 0;
272  }
273 
274  int rv = 0;
275  node_t *search =
276  HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
277  if (BUG(search != node)) {
278  goto clear_and_return;
279  }
280 
281  search = HT_REMOVE(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
282  tor_assert(search == node);
283  rv = 1;
284 
285  clear_and_return:
286  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
287  return rv;
288 }
289 
290 /** Helper function to log details of duplicated ed2559_ids */
291 static void
292 node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
293 {
294  char *s;
295  char *olddesc = tor_strdup(node_describe(old));
296 
297  tor_asprintf(&s, "Reused ed25519_id %s: old %s new %s", ed_id,
298  olddesc, node_describe(node));
299  log_backtrace(LOG_NOTICE, LD_DIR, s);
300  tor_free(olddesc);
301  tor_free(s);
302 }
303 
304 /** If <b>node</b> has an ed25519 id, and it is not already in the ed25519 id
305  * map, set its ed25519_id field, and add it to the ed25519 map.
306  */
307 static int
309 {
311  tor_assert(node);
312 
313  if (! ed25519_public_key_is_zero(&node->ed25519_id)) {
314  return 0;
315  }
316 
317  const ed25519_public_key_t *key = node_get_ed25519_id(node);
318  if (!key) {
319  return 0;
320  }
321 
322  node_t *old;
323  memcpy(&node->ed25519_id, key, sizeof(node->ed25519_id));
324  old = HT_FIND(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
325  if (old) {
326  char ed_id[BASE32_BUFSIZE(sizeof(key->pubkey))];
327 
328  base32_encode(ed_id, sizeof(ed_id), (const char *)key->pubkey,
329  sizeof(key->pubkey));
330  if (BUG(old == node)) {
331  /* Actual bug: all callers of this function call
332  * node_remove_from_ed25519_map first. */
333  log_err(LD_BUG,
334  "Unexpectedly found deleted node with ed25519_id %s", ed_id);
335  } else {
336  /* Distinct nodes sharing a ed25519 id, possibly due to relay
337  * misconfiguration. The key pinning might not catch this,
338  * possibly due to downloading a missing descriptor during
339  * consensus voting. */
340  node_log_dup_ed_id(old, node, ed_id);
341  memset(&node->ed25519_id, 0, sizeof(node->ed25519_id));
342  }
343  return 0;
344  }
345 
346  HT_INSERT(nodelist_ed_map, &the_nodelist->nodes_by_ed_id, node);
347  return 1;
348 }
349 
350 /* For a given <b>node</b> for the consensus <b>ns</b>, set the hsdir index
351  * for the node, both current and next if possible. This can only fails if the
352  * node_t ed25519 identity key can't be found which would be a bug. */
353 STATIC void
354 node_set_hsdir_index(node_t *node, const networkstatus_t *ns)
355 {
356  time_t now = approx_time();
357  const ed25519_public_key_t *node_identity_pk;
358  uint8_t *fetch_srv = NULL, *store_first_srv = NULL, *store_second_srv = NULL;
359  uint64_t next_time_period_num, current_time_period_num;
360  uint64_t fetch_tp, store_first_tp, store_second_tp;
361 
362  tor_assert(node);
363  tor_assert(ns);
364 
365  if (!networkstatus_is_live(ns, now)) {
366  static struct ratelim_t live_consensus_ratelim = RATELIM_INIT(30 * 60);
367  log_fn_ratelim(&live_consensus_ratelim, LOG_INFO, LD_GENERAL,
368  "Not setting hsdir index with a non-live consensus.");
369  goto done;
370  }
371 
372  node_identity_pk = node_get_ed25519_id(node);
373  if (node_identity_pk == NULL) {
374  log_debug(LD_GENERAL, "ed25519 identity public key not found when "
375  "trying to build the hsdir indexes for node %s",
376  node_describe(node));
377  goto done;
378  }
379 
380  /* Get the current and next time period number. */
381  current_time_period_num = hs_get_time_period_num(0);
382  next_time_period_num = hs_get_next_time_period_num(0);
383 
384  /* We always use the current time period for fetching descs */
385  fetch_tp = current_time_period_num;
386 
387  /* Now extract the needed SRVs and time periods for building hsdir indices */
388  if (hs_in_period_between_tp_and_srv(ns, now)) {
389  fetch_srv = hs_get_current_srv(fetch_tp, ns);
390 
391  store_first_tp = hs_get_previous_time_period_num(0);
392  store_second_tp = current_time_period_num;
393  } else {
394  fetch_srv = hs_get_previous_srv(fetch_tp, ns);
395 
396  store_first_tp = current_time_period_num;
397  store_second_tp = next_time_period_num;
398  }
399 
400  /* We always use the old SRV for storing the first descriptor and the latest
401  * SRV for storing the second descriptor */
402  store_first_srv = hs_get_previous_srv(store_first_tp, ns);
403  store_second_srv = hs_get_current_srv(store_second_tp, ns);
404 
405  /* Build the fetch index. */
406  hs_build_hsdir_index(node_identity_pk, fetch_srv, fetch_tp,
407  node->hsdir_index.fetch);
408 
409  /* If we are in the time segment between SRV#N and TP#N, the fetch index is
410  the same as the first store index */
411  if (!hs_in_period_between_tp_and_srv(ns, now)) {
412  memcpy(node->hsdir_index.store_first, node->hsdir_index.fetch,
413  sizeof(node->hsdir_index.store_first));
414  } else {
415  hs_build_hsdir_index(node_identity_pk, store_first_srv, store_first_tp,
416  node->hsdir_index.store_first);
417  }
418 
419  /* If we are in the time segment between TP#N and SRV#N+1, the fetch index is
420  the same as the second store index */
421  if (hs_in_period_between_tp_and_srv(ns, now)) {
422  memcpy(node->hsdir_index.store_second, node->hsdir_index.fetch,
423  sizeof(node->hsdir_index.store_second));
424  } else {
425  hs_build_hsdir_index(node_identity_pk, store_second_srv, store_second_tp,
426  node->hsdir_index.store_second);
427  }
428 
429  done:
430  tor_free(fetch_srv);
431  tor_free(store_first_srv);
432  tor_free(store_second_srv);
433  return;
434 }
435 
436 /** Called when a node's address changes. */
437 static void
439 {
440  node->last_reachable = node->last_reachable6 = 0;
441  node->country = -1;
442 }
443 
444 /** Add all address information about <b>node</b> to the current address
445  * set (if there is one).
446  */
447 static void
449 {
450  if (!the_nodelist || !the_nodelist->node_addrs)
451  return;
452 
453  /* These various address sources can be redundant, but it's likely faster
454  * to add them all than to compare them all for equality. */
455 
456  if (node->rs) {
457  if (node->rs->addr)
459  if (!tor_addr_is_null(&node->rs->ipv6_addr))
461  }
462  if (node->ri) {
463  if (node->ri->addr)
465  if (!tor_addr_is_null(&node->ri->ipv6_addr))
467  }
468  if (node->md) {
469  if (!tor_addr_is_null(&node->md->ipv6_addr))
471  }
472 }
473 
474 /** Add the given v4 address into the nodelist address set. */
475 void
477 {
478  if (!the_nodelist || !the_nodelist->node_addrs || addr == 0) {
479  return;
480  }
481  address_set_add_ipv4h(the_nodelist->node_addrs, addr);
482 }
483 
484 /** Add the given v6 address into the nodelist address set. */
485 void
487 {
488  if (BUG(!addr) || tor_addr_is_null(addr) || tor_addr_is_v4(addr) ||
489  !the_nodelist || !the_nodelist->node_addrs) {
490  return;
491  }
492  address_set_add(the_nodelist->node_addrs, addr);
493 }
494 
495 /** Return true if <b>addr</b> is the address of some node in the nodelist.
496  * If not, probably return false. */
497 int
499 {
500  if (BUG(!addr))
501  return 0;
502 
503  if (!the_nodelist || !the_nodelist->node_addrs)
504  return 0;
505 
506  return address_set_probably_contains(the_nodelist->node_addrs, addr);
507 }
508 
509 /** Add <b>ri</b> to an appropriate node in the nodelist. If we replace an
510  * old routerinfo, and <b>ri_old_out</b> is not NULL, set *<b>ri_old_out</b>
511  * to the previous routerinfo.
512  */
513 node_t *
515 {
516  node_t *node;
517  const char *id_digest;
518  int had_router = 0;
519  tor_assert(ri);
520 
521  init_nodelist();
522  id_digest = ri->cache_info.identity_digest;
523  node = node_get_or_create(id_digest);
524 
526 
527  if (node->ri) {
528  if (!routers_have_same_or_addrs(node->ri, ri)) {
529  node_addrs_changed(node);
530  }
531  had_router = 1;
532  if (ri_old_out)
533  *ri_old_out = node->ri;
534  } else {
535  if (ri_old_out)
536  *ri_old_out = NULL;
537  }
538  node->ri = ri;
539 
541 
542  if (node->country == -1)
543  node_set_country(node);
544 
545  if (authdir_mode(get_options()) && !had_router) {
546  const char *discard=NULL;
547  uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO);
549  }
550 
551  /* Setting the HSDir index requires the ed25519 identity key which can
552  * only be found either in the ri or md. This is why this is called here.
553  * Only nodes supporting HSDir=2 protocol version needs this index. */
554  if (node->rs && node->rs->pv.supports_v3_hsdir) {
555  node_set_hsdir_index(node,
557  }
558 
560 
561  return node;
562 }
563 
564 /** Set the appropriate node_t to use <b>md</b> as its microdescriptor.
565  *
566  * Called when a new microdesc has arrived and the usable consensus flavor
567  * is "microdesc".
568  **/
569 node_t *
571 {
572  networkstatus_t *ns =
574  const routerstatus_t *rs;
575  node_t *node;
576  if (ns == NULL)
577  return NULL;
578  init_nodelist();
579 
580  /* Microdescriptors don't carry an identity digest, so we need to figure
581  * it out by looking up the routerstatus. */
583  if (rs == NULL)
584  return NULL;
586  if (node == NULL)
587  return NULL;
588 
590  if (node->md)
591  node->md->held_by_nodes--;
592 
593  node->md = md;
594  md->held_by_nodes++;
595  /* Setting the HSDir index requires the ed25519 identity key which can
596  * only be found either in the ri or md. This is why this is called here.
597  * Only nodes supporting HSDir=2 protocol version needs this index. */
598  if (rs->pv.supports_v3_hsdir) {
599  node_set_hsdir_index(node, ns);
600  }
603 
604  return node;
605 }
606 
607 /* Default value. */
608 #define ESTIMATED_ADDRESS_PER_NODE 2
609 
610 /* Return the estimated number of address per node_t. This is used for the
611  * size of the bloom filter in the nodelist (node_addrs). */
612 MOCK_IMPL(int,
613 get_estimated_address_per_node, (void))
614 {
615  return ESTIMATED_ADDRESS_PER_NODE;
616 }
617 
618 /** Tell the nodelist that the current usable consensus is <b>ns</b>.
619  * This makes the nodelist change all of the routerstatus entries for
620  * the nodes, drop nodes that no longer have enough info to get used,
621  * and grab microdescriptors into nodes as appropriate.
622  */
623 void
625 {
626  const or_options_t *options = get_options();
627  int authdir = authdir_mode_v3(options);
628 
629  init_nodelist();
630  if (ns->flavor == FLAV_MICRODESC)
631  (void) get_microdesc_cache(); /* Make sure it exists first. */
632 
633  SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
634  node->rs = NULL);
635 
636  /* Conservatively estimate that every node will have 2 addresses (v4 and
637  * v6). Then we add the number of configured trusted authorities we have. */
638  int estimated_addresses = smartlist_len(ns->routerstatus_list) *
639  get_estimated_address_per_node();
640  estimated_addresses += (get_n_authorities(V3_DIRINFO & BRIDGE_DIRINFO) *
641  get_estimated_address_per_node());
642  address_set_free(the_nodelist->node_addrs);
643  the_nodelist->node_addrs = address_set_new(estimated_addresses);
644 
646  node_t *node = node_get_or_create(rs->identity_digest);
647  node->rs = rs;
648  if (ns->flavor == FLAV_MICRODESC) {
649  if (node->md == NULL ||
650  tor_memneq(node->md->digest,rs->descriptor_digest,DIGEST256_LEN)) {
652  if (node->md)
653  node->md->held_by_nodes--;
654  node->md = microdesc_cache_lookup_by_digest256(NULL,
655  rs->descriptor_digest);
656  if (node->md)
657  node->md->held_by_nodes++;
659  }
660  }
661 
662  if (rs->pv.supports_v3_hsdir) {
663  node_set_hsdir_index(node, ns);
664  }
665  node_set_country(node);
666 
667  /* If we're not an authdir, believe others. */
668  if (!authdir) {
669  node->is_valid = rs->is_valid;
670  node->is_running = rs->is_flagged_running;
671  node->is_fast = rs->is_fast;
672  node->is_stable = rs->is_stable;
673  node->is_possible_guard = rs->is_possible_guard;
674  node->is_exit = rs->is_exit;
675  node->is_bad_exit = rs->is_bad_exit;
676  node->is_hs_dir = rs->is_hs_dir;
677  node->ipv6_preferred = 0;
679  (tor_addr_is_null(&rs->ipv6_addr) == 0 ||
680  (node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
681  node->ipv6_preferred = 1;
682  }
683 
684  } SMARTLIST_FOREACH_END(rs);
685 
686  nodelist_purge();
687 
688  /* Now add all the nodes we have to the address set. */
689  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
691  } SMARTLIST_FOREACH_END(node);
692  /* Then, add all trusted configured directories. Some might not be in the
693  * consensus so make sure we know them. */
695 
696  if (! authdir) {
697  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
698  /* We have no routerstatus for this router. Clear flags so we can skip
699  * it, maybe.*/
700  if (!node->rs) {
701  tor_assert(node->ri); /* if it had only an md, or nothing, purge
702  * would have removed it. */
703  if (node->ri->purpose == ROUTER_PURPOSE_GENERAL) {
704  /* Clear all flags. */
705  node->is_valid = node->is_running = node->is_hs_dir =
706  node->is_fast = node->is_stable =
707  node->is_possible_guard = node->is_exit =
708  node->is_bad_exit = node->ipv6_preferred = 0;
709  }
710  }
711  } SMARTLIST_FOREACH_END(node);
712  }
713 
714  /* If the consensus is live, note down the consensus valid-after that formed
715  * the nodelist. */
716  if (networkstatus_is_live(ns, approx_time())) {
717  the_nodelist->live_consensus_valid_after = ns->valid_after;
718  }
719 }
720 
721 /** Return 1 iff <b>node</b> has Exit flag and no BadExit flag.
722  * Otherwise, return 0.
723  */
724 int
726 {
727  return node->is_exit && ! node->is_bad_exit;
728 }
729 
730 /** Helper: return true iff a node has a usable amount of information*/
731 static inline int
732 node_is_usable(const node_t *node)
733 {
734  return (node->rs) || (node->ri);
735 }
736 
737 /** Tell the nodelist that <b>md</b> is no longer a microdescriptor for the
738  * node with <b>identity_digest</b>. */
739 void
740 nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
741 {
742  node_t *node = node_get_mutable_by_id(identity_digest);
743  if (node && node->md == md) {
744  node->md = NULL;
745  md->held_by_nodes--;
746  if (! node_get_ed25519_id(node)) {
748  }
749  }
750 }
751 
752 /** Tell the nodelist that <b>ri</b> is no longer in the routerlist. */
753 void
755 {
756  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
757  if (node && node->ri == ri) {
758  node->ri = NULL;
759  if (! node_is_usable(node)) {
760  nodelist_drop_node(node, 1);
761  node_free(node);
762  }
763  }
764 }
765 
766 /** Remove <b>node</b> from the nodelist. (Asserts that it was there to begin
767  * with.) */
768 static void
769 nodelist_drop_node(node_t *node, int remove_from_ht)
770 {
771  node_t *tmp;
772  int idx;
773  if (remove_from_ht) {
774  tmp = HT_REMOVE(nodelist_map, &the_nodelist->nodes_by_id, node);
775  tor_assert(tmp == node);
776  }
778 
779  idx = node->nodelist_idx;
780  tor_assert(idx >= 0);
781 
782  tor_assert(node == smartlist_get(the_nodelist->nodes, idx));
783  smartlist_del(the_nodelist->nodes, idx);
784  if (idx < smartlist_len(the_nodelist->nodes)) {
785  tmp = smartlist_get(the_nodelist->nodes, idx);
786  tmp->nodelist_idx = idx;
787  }
788  node->nodelist_idx = -1;
789 }
790 
791 /** Return a newly allocated smartlist of the nodes that have <b>md</b> as
792  * their microdescriptor. */
793 smartlist_t *
795 {
796  smartlist_t *result = smartlist_new();
797 
798  if (the_nodelist == NULL)
799  return result;
800 
801  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
802  if (node->md == md) {
803  smartlist_add(result, node);
804  }
805  } SMARTLIST_FOREACH_END(node);
806 
807  return result;
808 }
809 
810 /** Release storage held by <b>node</b> */
811 static void
813 {
814  if (!node)
815  return;
816  if (node->md)
817  node->md->held_by_nodes--;
818  tor_assert(node->nodelist_idx == -1);
819  tor_free(node);
820 }
821 
822 /** Remove all entries from the nodelist that don't have enough info to be
823  * usable for anything. */
824 void
826 {
827  node_t **iter;
828  if (PREDICT_UNLIKELY(the_nodelist == NULL))
829  return;
830 
831  /* Remove the non-usable nodes. */
832  for (iter = HT_START(nodelist_map, &the_nodelist->nodes_by_id); iter; ) {
833  node_t *node = *iter;
834 
835  if (node->md && !node->rs) {
836  /* An md is only useful if there is an rs. */
837  node->md->held_by_nodes--;
838  node->md = NULL;
839  }
840 
841  if (node_is_usable(node)) {
842  iter = HT_NEXT(nodelist_map, &the_nodelist->nodes_by_id, iter);
843  } else {
844  iter = HT_NEXT_RMV(nodelist_map, &the_nodelist->nodes_by_id, iter);
845  nodelist_drop_node(node, 0);
846  node_free(node);
847  }
848  }
850 }
851 
852 /** Release all storage held by the nodelist. */
853 void
855 {
856  if (PREDICT_UNLIKELY(the_nodelist == NULL))
857  return;
858 
859  HT_CLEAR(nodelist_map, &the_nodelist->nodes_by_id);
860  HT_CLEAR(nodelist_ed_map, &the_nodelist->nodes_by_ed_id);
861  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
862  node->nodelist_idx = -1;
863  node_free(node);
864  } SMARTLIST_FOREACH_END(node);
865 
866  smartlist_free(the_nodelist->nodes);
867 
868  address_set_free(the_nodelist->node_addrs);
869  the_nodelist->node_addrs = NULL;
870 
872 }
873 
874 /** Check that the nodelist is internally consistent, and consistent with
875  * the directory info it's derived from.
876  */
877 void
879 {
882  digestmap_t *dm;
883 
884  if (!the_nodelist)
885  return;
886 
887  dm = digestmap_new();
888 
889  /* every routerinfo in rl->routers should be in the nodelist. */
890  if (rl) {
892  const node_t *node = node_get_by_id(ri->cache_info.identity_digest);
893  tor_assert(node && node->ri == ri);
894  tor_assert(fast_memeq(ri->cache_info.identity_digest,
895  node->identity, DIGEST_LEN));
896  tor_assert(! digestmap_get(dm, node->identity));
897  digestmap_set(dm, node->identity, (void*)node);
898  } SMARTLIST_FOREACH_END(ri);
899  }
900 
901  /* every routerstatus in ns should be in the nodelist */
902  if (ns) {
904  const node_t *node = node_get_by_id(rs->identity_digest);
905  tor_assert(node && node->rs == rs);
906  tor_assert(fast_memeq(rs->identity_digest, node->identity, DIGEST_LEN));
907  digestmap_set(dm, node->identity, (void*)node);
908  if (ns->flavor == FLAV_MICRODESC) {
909  /* If it's a microdesc consensus, every entry that has a
910  * microdescriptor should be in the nodelist.
911  */
912  microdesc_t *md =
913  microdesc_cache_lookup_by_digest256(NULL, rs->descriptor_digest);
914  tor_assert(md == node->md);
915  if (md)
916  tor_assert(md->held_by_nodes >= 1);
917  }
918  } SMARTLIST_FOREACH_END(rs);
919  }
920 
921  /* The nodelist should have no other entries, and its entries should be
922  * well-formed. */
923  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
924  tor_assert(digestmap_get(dm, node->identity) != NULL);
925  tor_assert(node_sl_idx == node->nodelist_idx);
926  } SMARTLIST_FOREACH_END(node);
927 
928  /* Every node listed with an ed25519 identity should be listed by that
929  * identity.
930  */
931  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
932  if (!ed25519_public_key_is_zero(&node->ed25519_id)) {
934  }
935  } SMARTLIST_FOREACH_END(node);
936 
937  node_t **idx;
938  HT_FOREACH(idx, nodelist_ed_map, &the_nodelist->nodes_by_ed_id) {
939  node_t *node = *idx;
941  }
942 
943  tor_assert((long)smartlist_len(the_nodelist->nodes) ==
944  (long)HT_SIZE(&the_nodelist->nodes_by_id));
945 
946  tor_assert((long)smartlist_len(the_nodelist->nodes) >=
947  (long)HT_SIZE(&the_nodelist->nodes_by_ed_id));
948 
949  digestmap_free(dm, NULL);
950 }
951 
952 /** Ensure that the nodelist has been created with the most recent consensus.
953  * If that's not the case, make it so. */
954 void
956 {
957  tor_assert(ns);
958 
959  /* We don't even have a nodelist: this is a NOP. */
960  if (!the_nodelist) {
961  return;
962  }
963 
964  if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
965  log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
966  (int) the_nodelist->live_consensus_valid_after,
967  (int) ns->valid_after);
969  }
970 }
971 /** Return a list of a node_t * for every node we know about. The caller
972  * MUST NOT modify the list. (You can set and clear flags in the nodes if
973  * you must, but you must not add or remove nodes.) */
974 MOCK_IMPL(const smartlist_t *,
976 {
977  init_nodelist();
978  return the_nodelist->nodes;
979 }
980 
981 /** Given a hex-encoded nickname of the format DIGEST, $DIGEST, $DIGEST=name,
982  * or $DIGEST~name, return the node with the matching identity digest and
983  * nickname (if any). Return NULL if no such node exists, or if <b>hex_id</b>
984  * is not well-formed. DOCDOC flags */
985 const node_t *
986 node_get_by_hex_id(const char *hex_id, unsigned flags)
987 {
988  char digest_buf[DIGEST_LEN];
989  char nn_buf[MAX_NICKNAME_LEN+1];
990  char nn_char='\0';
991 
992  (void) flags; // XXXX
993 
994  if (hex_digest_nickname_decode(hex_id, digest_buf, &nn_char, nn_buf)==0) {
995  const node_t *node = node_get_by_id(digest_buf);
996  if (!node)
997  return NULL;
998  if (nn_char == '=') {
999  /* "=" indicates a Named relay, but there aren't any of those now. */
1000  return NULL;
1001  }
1002  return node;
1003  }
1004 
1005  return NULL;
1006 }
1007 
1008 /** Given a nickname (possibly verbose, possibly a hexadecimal digest), return
1009  * the corresponding node_t, or NULL if none exists. Warn the user if they
1010  * have specified a router by nickname, unless the NNF_NO_WARN_UNNAMED bit is
1011  * set in <b>flags</b>. */
1012 MOCK_IMPL(const node_t *,
1013 node_get_by_nickname,(const char *nickname, unsigned flags))
1014 {
1015  const int warn_if_unnamed = !(flags & NNF_NO_WARN_UNNAMED);
1016 
1017  if (!the_nodelist)
1018  return NULL;
1019 
1020  /* Handle these cases: DIGEST, $DIGEST, $DIGEST=name, $DIGEST~name. */
1021  {
1022  const node_t *node;
1023  if ((node = node_get_by_hex_id(nickname, flags)) != NULL)
1024  return node;
1025  }
1026 
1027  if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
1028  return NULL;
1029 
1030  /* Okay, so the name is not canonical for anybody. */
1031  {
1032  smartlist_t *matches = smartlist_new();
1033  const node_t *choice = NULL;
1034 
1035  SMARTLIST_FOREACH_BEGIN(the_nodelist->nodes, node_t *, node) {
1036  if (!strcasecmp(node_get_nickname(node), nickname))
1037  smartlist_add(matches, node);
1038  } SMARTLIST_FOREACH_END(node);
1039 
1040  if (smartlist_len(matches)>1 && warn_if_unnamed) {
1041  int any_unwarned = 0;
1042  SMARTLIST_FOREACH_BEGIN(matches, node_t *, node) {
1043  if (!node->name_lookup_warned) {
1044  node->name_lookup_warned = 1;
1045  any_unwarned = 1;
1046  }
1047  } SMARTLIST_FOREACH_END(node);
1048 
1049  if (any_unwarned) {
1050  log_warn(LD_CONFIG, "There are multiple matches for the name %s. "
1051  "Choosing one arbitrarily.", nickname);
1052  }
1053  } else if (smartlist_len(matches)==1 && warn_if_unnamed) {
1054  char fp[HEX_DIGEST_LEN+1];
1055  node_t *node = smartlist_get(matches, 0);
1056  if (! node->name_lookup_warned) {
1057  base16_encode(fp, sizeof(fp), node->identity, DIGEST_LEN);
1058  log_warn(LD_CONFIG,
1059  "You specified a relay \"%s\" by name, but nicknames can be "
1060  "used by any relay, not just the one you meant. "
1061  "To make sure you get the same relay in the future, refer "
1062  "to it by key, as \"$%s\".", nickname, fp);
1063  node->name_lookup_warned = 1;
1064  }
1065  }
1066 
1067  if (smartlist_len(matches))
1068  choice = smartlist_get(matches, 0);
1069 
1070  smartlist_free(matches);
1071  return choice;
1072  }
1073 }
1074 
1075 /** Return the Ed25519 identity key for the provided node, or NULL if it
1076  * doesn't have one. */
1079 {
1080  const ed25519_public_key_t *ri_pk = NULL;
1081  const ed25519_public_key_t *md_pk = NULL;
1082 
1083  if (node->ri) {
1084  if (node->ri->cache_info.signing_key_cert) {
1085  ri_pk = &node->ri->cache_info.signing_key_cert->signing_key;
1086  /* Checking whether routerinfo ed25519 is all zero.
1087  * Our descriptor parser should make sure this never happens. */
1088  if (BUG(ed25519_public_key_is_zero(ri_pk)))
1089  ri_pk = NULL;
1090  }
1091  }
1092 
1093  if (node->md) {
1094  if (node->md->ed25519_identity_pkey) {
1095  md_pk = node->md->ed25519_identity_pkey;
1096  /* Checking whether microdesc ed25519 is all zero.
1097  * Our descriptor parser should make sure this never happens. */
1098  if (BUG(ed25519_public_key_is_zero(md_pk)))
1099  md_pk = NULL;
1100  }
1101  }
1102 
1103  if (ri_pk && md_pk) {
1104  if (ed25519_pubkey_eq(ri_pk, md_pk)) {
1105  return ri_pk;
1106  } else {
1107  /* This can happen if the relay gets flagged NoEdConsensus which will be
1108  * triggered on all relays of the network. Thus a protocol warning. */
1109  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1110  "Inconsistent ed25519 identities in the nodelist");
1111  return NULL;
1112  }
1113  } else if (ri_pk) {
1114  return ri_pk;
1115  } else {
1116  return md_pk;
1117  }
1118 }
1119 
1120 /** Return true iff this node's Ed25519 identity matches <b>id</b>.
1121  * (An absent Ed25519 identity matches NULL or zero.) */
1122 int
1124 {
1125  const ed25519_public_key_t *node_id = node_get_ed25519_id(node);
1126  if (node_id == NULL || ed25519_public_key_is_zero(node_id)) {
1127  return id == NULL || ed25519_public_key_is_zero(id);
1128  } else {
1129  return id && ed25519_pubkey_eq(node_id, id);
1130  }
1131 }
1132 
1133 /** Dummy object that should be unreturnable. Used to ensure that
1134  * node_get_protover_summary_flags() always returns non-NULL. */
1136  0,0,0,0,0,0,0,0,0
1137 };
1138 
1139 /** Return the protover_summary_flags for a given node. */
1140 static const protover_summary_flags_t *
1142 {
1143  if (node->rs) {
1144  return &node->rs->pv;
1145  } else if (node->ri) {
1146  return &node->ri->pv;
1147  } else {
1148  /* This should be impossible: every node should have a routerstatus or a
1149  * router descriptor or both. But just in case we've messed up somehow,
1150  * return a nice empty set of flags to indicate "this node supports
1151  * nothing." */
1152  tor_assert_nonfatal_unreached_once();
1153  return &zero_protover_flags;
1154  }
1155 }
1156 
1157 /** Return true iff <b>node</b> supports authenticating itself
1158  * by ed25519 ID during the link handshake. If <b>compatible_with_us</b>,
1159  * it needs to be using a link authentication method that we understand.
1160  * If not, any plausible link authentication method will do. */
1161 MOCK_IMPL(int,
1163  int compatible_with_us))
1164 {
1165  if (! node_get_ed25519_id(node))
1166  return 0;
1167 
1169 
1170  if (compatible_with_us)
1172  else
1174 }
1175 
1176 /** Return true iff <b>node</b> supports the hidden service directory version
1177  * 3 protocol (proposal 224). */
1178 int
1180 {
1181  tor_assert(node);
1182 
1184 }
1185 
1186 /** Return true iff <b>node</b> supports ed25519 authentication as an hidden
1187  * service introduction point.*/
1188 int
1190 {
1191  tor_assert(node);
1192 
1194 }
1195 
1196 /** Return true iff <b>node</b> supports the DoS ESTABLISH_INTRO cell
1197  * extenstion. */
1198 int
1200 {
1201  tor_assert(node);
1202 
1203  return node_get_protover_summary_flags(node)->
1204  supports_establish_intro_dos_extension;
1205 }
1206 
1207 /** Return true iff <b>node</b> supports to be a rendezvous point for hidden
1208  * service version 3 (HSRend=2). */
1209 int
1211 {
1212  tor_assert(node);
1213 
1214  /* We can't use a v3 rendezvous point without the curve25519 onion pk. */
1215  if (!node_get_curve25519_onion_key(node)) {
1216  return 0;
1217  }
1218 
1220 }
1221 
1222 /** Return the RSA ID key's SHA1 digest for the provided node. */
1223 const uint8_t *
1225 {
1226  tor_assert(node);
1227  return (const uint8_t*)node->identity;
1228 }
1229 
1230 /* Returns a new smartlist with all possible link specifiers from node:
1231  * - legacy ID is mandatory thus MUST be present in node;
1232  * - include ed25519 link specifier if present in the node, and the node
1233  * supports ed25519 link authentication, and:
1234  * - if direct_conn is true, its link versions are compatible with us,
1235  * - if direct_conn is false, regardless of its link versions;
1236  * - include IPv4 link specifier, if the primary address is not IPv4, log a
1237  * BUG() warning, and return an empty smartlist;
1238  * - include IPv6 link specifier if present in the node.
1239  *
1240  * If node is NULL, returns an empty smartlist.
1241  *
1242  * The smartlist must be freed using link_specifier_smartlist_free(). */
1244 node_get_link_specifier_smartlist,(const node_t *node, bool direct_conn))
1245 {
1246  link_specifier_t *ls;
1247  tor_addr_port_t ap;
1248  smartlist_t *lspecs = smartlist_new();
1249 
1250  if (!node)
1251  return lspecs;
1252 
1253  /* Get the relay's IPv4 address. */
1254  node_get_prim_orport(node, &ap);
1255 
1256  /* We expect the node's primary address to be a valid IPv4 address.
1257  * This conforms to the protocol, which requires either an IPv4 or IPv6
1258  * address (or both). */
1259  if (BUG(!tor_addr_is_v4(&ap.addr)) ||
1260  BUG(!tor_addr_port_is_valid_ap(&ap, 0))) {
1261  return lspecs;
1262  }
1263 
1264  ls = link_specifier_new();
1265  link_specifier_set_ls_type(ls, LS_IPV4);
1266  link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ap.addr));
1267  link_specifier_set_un_ipv4_port(ls, ap.port);
1268  /* Four bytes IPv4 and two bytes port. */
1269  link_specifier_set_ls_len(ls, sizeof(ap.addr.addr.in_addr) +
1270  sizeof(ap.port));
1271  smartlist_add(lspecs, ls);
1272 
1273  /* Legacy ID is mandatory and will always be present in node. */
1274  ls = link_specifier_new();
1275  link_specifier_set_ls_type(ls, LS_LEGACY_ID);
1276  memcpy(link_specifier_getarray_un_legacy_id(ls), node->identity,
1277  link_specifier_getlen_un_legacy_id(ls));
1278  link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
1279  smartlist_add(lspecs, ls);
1280 
1281  /* ed25519 ID is only included if the node has it, and the node declares a
1282  protocol version that supports ed25519 link authentication.
1283  If direct_conn is true, we also require that the node's link version is
1284  compatible with us. (Otherwise, we will be sending the ed25519 key
1285  to another tor, which may support different link versions.) */
1286  if (!ed25519_public_key_is_zero(&node->ed25519_id) &&
1287  node_supports_ed25519_link_authentication(node, direct_conn)) {
1288  ls = link_specifier_new();
1289  link_specifier_set_ls_type(ls, LS_ED25519_ID);
1290  memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id,
1291  link_specifier_getlen_un_ed25519_id(ls));
1292  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
1293  smartlist_add(lspecs, ls);
1294  }
1295 
1296  /* Check for IPv6. If so, include it as well. */
1297  if (node_has_ipv6_orport(node)) {
1298  ls = link_specifier_new();
1299  node_get_pref_ipv6_orport(node, &ap);
1300  link_specifier_set_ls_type(ls, LS_IPV6);
1301  size_t addr_len = link_specifier_getlen_un_ipv6_addr(ls);
1302  const uint8_t *in6_addr = tor_addr_to_in6_addr8(&ap.addr);
1303  uint8_t *ipv6_array = link_specifier_getarray_un_ipv6_addr(ls);
1304  memcpy(ipv6_array, in6_addr, addr_len);
1305  link_specifier_set_un_ipv6_port(ls, ap.port);
1306  /* Sixteen bytes IPv6 and two bytes port. */
1307  link_specifier_set_ls_len(ls, addr_len + sizeof(ap.port));
1308  smartlist_add(lspecs, ls);
1309  }
1310 
1311  return lspecs;
1312 }
1313 
1314 /* Free a link specifier list. */
1315 void
1316 link_specifier_smartlist_free_(smartlist_t *ls_list)
1317 {
1318  if (!ls_list)
1319  return;
1320 
1321  SMARTLIST_FOREACH(ls_list, link_specifier_t *, lspec,
1322  link_specifier_free(lspec));
1323  smartlist_free(ls_list);
1324 }
1325 
1326 /** Return the nickname of <b>node</b>, or NULL if we can't find one. */
1327 const char *
1329 {
1330  tor_assert(node);
1331  if (node->rs)
1332  return node->rs->nickname;
1333  else if (node->ri)
1334  return node->ri->nickname;
1335  else
1336  return NULL;
1337 }
1338 
1339 /** Return true iff <b>node</b> appears to be a directory authority or
1340  * directory cache */
1341 int
1342 node_is_dir(const node_t *node)
1343 {
1344  if (node->rs) {
1345  routerstatus_t * rs = node->rs;
1346  /* This is true if supports_tunnelled_dir_requests is true which
1347  * indicates that we support directory request tunnelled or through the
1348  * DirPort. */
1349  return rs->is_v2_dir;
1350  } else if (node->ri) {
1351  routerinfo_t * ri = node->ri;
1352  /* Both tunnelled request is supported or DirPort is set. */
1354  } else {
1355  return 0;
1356  }
1357 }
1358 
1359 /** Return true iff <b>node</b> has either kind of descriptor -- that
1360  * is, a routerdescriptor or a microdescriptor.
1361  *
1362  * You should probably use node_has_preferred_descriptor() instead.
1363  **/
1364 int
1366 {
1367  return (node->ri ||
1368  (node->rs && node->md));
1369 }
1370 
1371 /** Return true iff <b>node</b> has the kind of descriptor we would prefer to
1372  * use for it, given our configuration and how we intend to use the node.
1373  *
1374  * If <b>for_direct_connect</b> is true, we intend to connect to the node
1375  * directly, as the first hop of a circuit; otherwise, we intend to connect to
1376  * it indirectly, or use it as if we were connecting to it indirectly. */
1377 int
1379  int for_direct_connect)
1380 {
1381  const int is_bridge = node_is_a_configured_bridge(node);
1382  const int we_use_mds = we_use_microdescriptors_for_circuits(get_options());
1383 
1384  if ((is_bridge && for_direct_connect) || !we_use_mds) {
1385  /* We need an ri in this case. */
1386  if (!node->ri)
1387  return 0;
1388  } else {
1389  /* Otherwise we need an rs and an md. */
1390  if (node->rs == NULL || node->md == NULL)
1391  return 0;
1392  }
1393 
1394  return 1;
1395 }
1396 
1397 /** Return the router_purpose of <b>node</b>. */
1398 int
1400 {
1401  if (node->ri)
1402  return node->ri->purpose;
1403  else
1404  return ROUTER_PURPOSE_GENERAL;
1405 }
1406 
1407 /** Compute the verbose ("extended") nickname of <b>node</b> and store it
1408  * into the MAX_VERBOSE_NICKNAME_LEN+1 character buffer at
1409  * <b>verbose_name_out</b> */
1410 void
1412  char *verbose_name_out)
1413 {
1414  const char *nickname = node_get_nickname(node);
1415  verbose_name_out[0] = '$';
1416  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, node->identity,
1417  DIGEST_LEN);
1418  if (!nickname)
1419  return;
1420  verbose_name_out[1+HEX_DIGEST_LEN] = '~';
1421  strlcpy(verbose_name_out+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
1422 }
1423 
1424 /** Compute the verbose ("extended") nickname of node with
1425  * given <b>id_digest</b> and store it into the MAX_VERBOSE_NICKNAME_LEN+1
1426  * character buffer at <b>verbose_name_out</b>
1427  *
1428  * If node_get_by_id() returns NULL, base 16 encoding of
1429  * <b>id_digest</b> is returned instead. */
1430 void
1431 node_get_verbose_nickname_by_id(const char *id_digest,
1432  char *verbose_name_out)
1433 {
1434  const node_t *node = node_get_by_id(id_digest);
1435  if (!node) {
1436  verbose_name_out[0] = '$';
1437  base16_encode(verbose_name_out+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
1438  } else {
1439  node_get_verbose_nickname(node, verbose_name_out);
1440  }
1441 }
1442 
1443 /** Return true iff it seems that <b>node</b> allows circuits to exit
1444  * through it directlry from the client. */
1445 int
1447 {
1448  if (node && node->ri)
1449  return node->ri->allow_single_hop_exits;
1450  else
1451  return 0;
1452 }
1453 
1454 /** Return true iff it seems that <b>node</b> has an exit policy that doesn't
1455  * actually permit anything to exit, or we don't know its exit policy */
1456 int
1458 {
1459  if (node->rejects_all)
1460  return 1;
1461 
1462  if (node->ri)
1463  return node->ri->policy_is_reject_star;
1464  else if (node->md)
1465  return node->md->policy_is_reject_star;
1466  else
1467  return 1;
1468 }
1469 
1470 /** Return true iff the exit policy for <b>node</b> is such that we can treat
1471  * rejecting an address of type <b>family</b> unexpectedly as a sign of that
1472  * node's failure. */
1473 int
1475 {
1476  if (family == AF_UNSPEC) {
1477  return 1; /* Rejecting an address but not telling us what address
1478  * is a bad sign. */
1479  } else if (family == AF_INET) {
1480  return node->ri != NULL;
1481  } else if (family == AF_INET6) {
1482  return 0;
1483  }
1485  return 1;
1486 }
1487 
1488 /* Check if the "addr" and port_field fields from r are a valid non-listening
1489  * address/port. If so, set valid to true and add a newly allocated
1490  * tor_addr_port_t containing "addr" and port_field to sl.
1491  * "addr" is an IPv4 host-order address and port_field is a uint16_t.
1492  * r is typically a routerinfo_t or routerstatus_t.
1493  */
1494 #define SL_ADD_NEW_IPV4_AP(r, port_field, sl, valid) \
1495  STMT_BEGIN \
1496  if (tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1497  valid = 1; \
1498  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1499  tor_addr_from_ipv4h(&ap->addr, (r)->addr); \
1500  ap->port = (r)->port_field; \
1501  smartlist_add((sl), ap); \
1502  } \
1503  STMT_END
1504 
1505 /* Check if the "addr" and port_field fields from r are a valid non-listening
1506  * address/port. If so, set valid to true and add a newly allocated
1507  * tor_addr_port_t containing "addr" and port_field to sl.
1508  * "addr" is a tor_addr_t and port_field is a uint16_t.
1509  * r is typically a routerinfo_t or routerstatus_t.
1510  */
1511 #define SL_ADD_NEW_IPV6_AP(r, port_field, sl, valid) \
1512  STMT_BEGIN \
1513  if (tor_addr_port_is_valid(&(r)->ipv6_addr, (r)->port_field, 0)) { \
1514  valid = 1; \
1515  tor_addr_port_t *ap = tor_malloc(sizeof(tor_addr_port_t)); \
1516  tor_addr_copy(&ap->addr, &(r)->ipv6_addr); \
1517  ap->port = (r)->port_field; \
1518  smartlist_add((sl), ap); \
1519  } \
1520  STMT_END
1521 
1522 /** Return list of tor_addr_port_t with all OR ports (in the sense IP
1523  * addr + TCP port) for <b>node</b>. Caller must free all elements
1524  * using tor_free() and free the list using smartlist_free().
1525  *
1526  * XXX this is potentially a memory fragmentation hog -- if on
1527  * critical path consider the option of having the caller allocate the
1528  * memory
1529  */
1530 smartlist_t *
1532 {
1533  smartlist_t *sl = smartlist_new();
1534  int valid = 0;
1535 
1536  /* Find a valid IPv4 address and port */
1537  if (node->ri != NULL) {
1538  SL_ADD_NEW_IPV4_AP(node->ri, or_port, sl, valid);
1539  }
1540 
1541  /* If we didn't find a valid address/port in the ri, try the rs */
1542  if (!valid && node->rs != NULL) {
1543  SL_ADD_NEW_IPV4_AP(node->rs, or_port, sl, valid);
1544  }
1545 
1546  /* Find a valid IPv6 address and port */
1547  valid = 0;
1548  if (node->ri != NULL) {
1549  SL_ADD_NEW_IPV6_AP(node->ri, ipv6_orport, sl, valid);
1550  }
1551 
1552  if (!valid && node->rs != NULL) {
1553  SL_ADD_NEW_IPV6_AP(node->rs, ipv6_orport, sl, valid);
1554  }
1555 
1556  if (!valid && node->md != NULL) {
1557  SL_ADD_NEW_IPV6_AP(node->md, ipv6_orport, sl, valid);
1558  }
1559 
1560  return sl;
1561 }
1562 
1563 #undef SL_ADD_NEW_IPV4_AP
1564 #undef SL_ADD_NEW_IPV6_AP
1565 
1566 /** Wrapper around node_get_prim_orport for backward
1567  compatibility. */
1568 void
1569 node_get_addr(const node_t *node, tor_addr_t *addr_out)
1570 {
1571  tor_addr_port_t ap;
1572  node_get_prim_orport(node, &ap);
1573  tor_addr_copy(addr_out, &ap.addr);
1574 }
1575 
1576 /** Return the host-order IPv4 address for <b>node</b>, or 0 if it doesn't
1577  * seem to have one. */
1578 uint32_t
1580 {
1581  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1582  * and the node might have a valid IPv4 address, yet have a zero
1583  * ORPort or DirPort.
1584  */
1585  if (node->ri && tor_addr_is_valid_ipv4h(node->ri->addr, 0)) {
1586  return node->ri->addr;
1587  } else if (node->rs && tor_addr_is_valid_ipv4h(node->rs->addr, 0)) {
1588  return node->rs->addr;
1589  }
1590  return 0;
1591 }
1592 
1593 /** Copy a string representation of an IP address for <b>node</b> into
1594  * the <b>len</b>-byte buffer at <b>buf</b>. */
1595 void
1596 node_get_address_string(const node_t *node, char *buf, size_t len)
1597 {
1598  uint32_t ipv4_addr = node_get_prim_addr_ipv4h(node);
1599 
1600  if (tor_addr_is_valid_ipv4h(ipv4_addr, 0)) {
1601  tor_addr_t addr;
1602  tor_addr_from_ipv4h(&addr, ipv4_addr);
1603  tor_addr_to_str(buf, &addr, len, 0);
1604  } else if (len > 0) {
1605  buf[0] = '\0';
1606  }
1607 }
1608 
1609 /** Return <b>node</b>'s declared uptime, or -1 if it doesn't seem to have
1610  * one. */
1611 long
1613 {
1614  if (node->ri)
1615  return node->ri->uptime;
1616  else
1617  return -1;
1618 }
1619 
1620 /** Return <b>node</b>'s platform string, or NULL if we don't know it. */
1621 const char *
1623 {
1624  /* If we wanted, we could record the version in the routerstatus_t, since
1625  * the consensus lists it. We don't, though, so this function just won't
1626  * work with microdescriptors. */
1627  if (node->ri)
1628  return node->ri->platform;
1629  else
1630  return NULL;
1631 }
1632 
1633 /** Return true iff <b>node</b> is one representing this router. */
1634 int
1635 node_is_me(const node_t *node)
1636 {
1637  return router_digest_is_me(node->identity);
1638 }
1639 
1640 /* Does this node have a valid IPv6 address?
1641  * Prefer node_has_ipv6_orport() or node_has_ipv6_dirport() for
1642  * checking specific ports. */
1643 int
1644 node_has_ipv6_addr(const node_t *node)
1645 {
1646  /* Don't check the ORPort or DirPort, as this function isn't port-specific,
1647  * and the node might have a valid IPv6 address, yet have a zero
1648  * ORPort or DirPort.
1649  */
1650  if (node->ri && tor_addr_is_valid(&node->ri->ipv6_addr, 0))
1651  return 1;
1652  if (node->rs && tor_addr_is_valid(&node->rs->ipv6_addr, 0))
1653  return 1;
1654  if (node->md && tor_addr_is_valid(&node->md->ipv6_addr, 0))
1655  return 1;
1656 
1657  return 0;
1658 }
1659 
1660 /* Does this node have a valid IPv6 ORPort? */
1661 int
1662 node_has_ipv6_orport(const node_t *node)
1663 {
1664  tor_addr_port_t ipv6_orport;
1665  node_get_pref_ipv6_orport(node, &ipv6_orport);
1666  return tor_addr_port_is_valid_ap(&ipv6_orport, 0);
1667 }
1668 
1669 /* Does this node have a valid IPv6 DirPort? */
1670 int
1671 node_has_ipv6_dirport(const node_t *node)
1672 {
1673  tor_addr_port_t ipv6_dirport;
1674  node_get_pref_ipv6_dirport(node, &ipv6_dirport);
1675  return tor_addr_port_is_valid_ap(&ipv6_dirport, 0);
1676 }
1677 
1678 /** Return 1 if we prefer the IPv6 address and OR TCP port of
1679  * <b>node</b>, else 0.
1680  *
1681  * We prefer the IPv6 address if the router has an IPv6 address,
1682  * and we can use IPv6 addresses, and:
1683  * i) the node_t says that it prefers IPv6
1684  * or
1685  * ii) the router has no IPv4 OR address.
1686  *
1687  * If you don't have a node, consider looking it up.
1688  * If there is no node, use fascist_firewall_prefer_ipv6_orport().
1689  */
1690 int
1692 {
1693  const or_options_t *options = get_options();
1694  tor_addr_port_t ipv4_addr;
1695  node_assert_ok(node);
1696 
1697  /* XX/teor - node->ipv6_preferred is set from
1698  * fascist_firewall_prefer_ipv6_orport() each time the consensus is loaded.
1699  */
1700  node_get_prim_orport(node, &ipv4_addr);
1701  if (!fascist_firewall_use_ipv6(options)) {
1702  return 0;
1703  } else if (node->ipv6_preferred ||
1704  !tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
1705  return node_has_ipv6_orport(node);
1706  }
1707  return 0;
1708 }
1709 
1710 #define RETURN_IPV4_AP(r, port_field, ap_out) \
1711  STMT_BEGIN \
1712  if (r && tor_addr_port_is_valid_ipv4h((r)->addr, (r)->port_field, 0)) { \
1713  tor_addr_from_ipv4h(&(ap_out)->addr, (r)->addr); \
1714  (ap_out)->port = (r)->port_field; \
1715  } \
1716  STMT_END
1717 
1718 /** Copy the primary (IPv4) OR port (IP address and TCP port) for <b>node</b>
1719  * into *<b>ap_out</b>. */
1720 void
1722 {
1723  node_assert_ok(node);
1724  tor_assert(ap_out);
1725 
1726  /* Clear the address, as a safety precaution if calling functions ignore the
1727  * return value */
1728  tor_addr_make_null(&ap_out->addr, AF_INET);
1729  ap_out->port = 0;
1730 
1731  /* Check ri first, because rewrite_node_address_for_bridge() updates
1732  * node->ri with the configured bridge address. */
1733 
1734  RETURN_IPV4_AP(node->ri, or_port, ap_out);
1735  RETURN_IPV4_AP(node->rs, or_port, ap_out);
1736  /* Microdescriptors only have an IPv6 address */
1737 }
1738 
1739 /** Copy the preferred OR port (IP address and TCP port) for
1740  * <b>node</b> into *<b>ap_out</b>. */
1741 void
1743 {
1744  tor_assert(ap_out);
1745 
1746  if (node_ipv6_or_preferred(node)) {
1747  node_get_pref_ipv6_orport(node, ap_out);
1748  } else {
1749  /* the primary ORPort is always on IPv4 */
1750  node_get_prim_orport(node, ap_out);
1751  }
1752 }
1753 
1754 /** Copy the preferred IPv6 OR port (IP address and TCP port) for
1755  * <b>node</b> into *<b>ap_out</b>. */
1756 void
1758 {
1759  node_assert_ok(node);
1760  tor_assert(ap_out);
1761  memset(ap_out, 0, sizeof(*ap_out));
1762 
1763  /* Check ri first, because rewrite_node_address_for_bridge() updates
1764  * node->ri with the configured bridge address.
1765  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1766  * Check if the address or port are valid, and try another alternative
1767  * if they are not. */
1768 
1769  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1770  node->ri->ipv6_orport, 0)) {
1771  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1772  ap_out->port = node->ri->ipv6_orport;
1773  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1774  node->rs->ipv6_orport, 0)) {
1775  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1776  ap_out->port = node->rs->ipv6_orport;
1777  } else if (node->md && tor_addr_port_is_valid(&node->md->ipv6_addr,
1778  node->md->ipv6_orport, 0)) {
1779  tor_addr_copy(&ap_out->addr, &node->md->ipv6_addr);
1780  ap_out->port = node->md->ipv6_orport;
1781  } else {
1782  tor_addr_make_null(&ap_out->addr, AF_INET6);
1783  ap_out->port = 0;
1784  }
1785 }
1786 
1787 /** Return 1 if we prefer the IPv6 address and Dir TCP port of
1788  * <b>node</b>, else 0.
1789  *
1790  * We prefer the IPv6 address if the router has an IPv6 address,
1791  * and we can use IPv6 addresses, and:
1792  * i) the router has no IPv4 Dir address.
1793  * or
1794  * ii) our preference is for IPv6 Dir addresses.
1795  *
1796  * If there is no node, use fascist_firewall_prefer_ipv6_dirport().
1797  */
1798 int
1800 {
1801  const or_options_t *options = get_options();
1802  tor_addr_port_t ipv4_addr;
1803  node_assert_ok(node);
1804 
1805  /* node->ipv6_preferred is set from fascist_firewall_prefer_ipv6_orport(),
1806  * so we can't use it to determine DirPort IPv6 preference.
1807  * This means that bridge clients will use IPv4 DirPorts by default.
1808  */
1809  node_get_prim_dirport(node, &ipv4_addr);
1810  if (!fascist_firewall_use_ipv6(options)) {
1811  return 0;
1812  } else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
1814  return node_has_ipv6_dirport(node);
1815  }
1816  return 0;
1817 }
1818 
1819 /** Copy the primary (IPv4) Dir port (IP address and TCP port) for <b>node</b>
1820  * into *<b>ap_out</b>. */
1821 void
1823 {
1824  node_assert_ok(node);
1825  tor_assert(ap_out);
1826 
1827  /* Clear the address, as a safety precaution if calling functions ignore the
1828  * return value */
1829  tor_addr_make_null(&ap_out->addr, AF_INET);
1830  ap_out->port = 0;
1831 
1832  /* Check ri first, because rewrite_node_address_for_bridge() updates
1833  * node->ri with the configured bridge address. */
1834 
1835  RETURN_IPV4_AP(node->ri, dir_port, ap_out);
1836  RETURN_IPV4_AP(node->rs, dir_port, ap_out);
1837  /* Microdescriptors only have an IPv6 address */
1838 }
1839 
1840 #undef RETURN_IPV4_AP
1841 
1842 /** Copy the preferred Dir port (IP address and TCP port) for
1843  * <b>node</b> into *<b>ap_out</b>. */
1844 void
1846 {
1847  tor_assert(ap_out);
1848 
1849  if (node_ipv6_dir_preferred(node)) {
1850  node_get_pref_ipv6_dirport(node, ap_out);
1851  } else {
1852  /* the primary DirPort is always on IPv4 */
1853  node_get_prim_dirport(node, ap_out);
1854  }
1855 }
1856 
1857 /** Copy the preferred IPv6 Dir port (IP address and TCP port) for
1858  * <b>node</b> into *<b>ap_out</b>. */
1859 void
1861 {
1862  node_assert_ok(node);
1863  tor_assert(ap_out);
1864 
1865  /* Check ri first, because rewrite_node_address_for_bridge() updates
1866  * node->ri with the configured bridge address.
1867  * Prefer rs over md for consistency with the fascist_firewall_* functions.
1868  * Check if the address or port are valid, and try another alternative
1869  * if they are not. */
1870 
1871  /* Assume IPv4 and IPv6 dirports are the same */
1872  if (node->ri && tor_addr_port_is_valid(&node->ri->ipv6_addr,
1873  node->ri->dir_port, 0)) {
1874  tor_addr_copy(&ap_out->addr, &node->ri->ipv6_addr);
1875  ap_out->port = node->ri->dir_port;
1876  } else if (node->rs && tor_addr_port_is_valid(&node->rs->ipv6_addr,
1877  node->rs->dir_port, 0)) {
1878  tor_addr_copy(&ap_out->addr, &node->rs->ipv6_addr);
1879  ap_out->port = node->rs->dir_port;
1880  } else {
1881  tor_addr_make_null(&ap_out->addr, AF_INET6);
1882  ap_out->port = 0;
1883  }
1884 }
1885 
1886 /** Return true iff <b>md</b> has a curve25519 onion key.
1887  * Use node_has_curve25519_onion_key() instead of calling this directly. */
1888 static int
1890 {
1891  if (!md) {
1892  return 0;
1893  }
1894 
1895  if (!md->onion_curve25519_pkey) {
1896  return 0;
1897  }
1898 
1899  if (fast_mem_is_zero((const char*)md->onion_curve25519_pkey->public_key,
1901  return 0;
1902  }
1903 
1904  return 1;
1905 }
1906 
1907 /** Return true iff <b>node</b> has a curve25519 onion key. */
1908 int
1910 {
1911  return node_get_curve25519_onion_key(node) != NULL;
1912 }
1913 
1914 /** Return the curve25519 key of <b>node</b>, or NULL if none. */
1917 {
1918  if (!node)
1919  return NULL;
1920  if (routerinfo_has_curve25519_onion_key(node->ri))
1921  return node->ri->onion_curve25519_pkey;
1922  else if (microdesc_has_curve25519_onion_key(node->md))
1923  return node->md->onion_curve25519_pkey;
1924  else
1925  return NULL;
1926 }
1927 
1928 /* Return a newly allocacted RSA onion public key taken from the given node.
1929  *
1930  * Return NULL if node is NULL or no RSA onion public key can be found. It is
1931  * the caller responsability to free the returned object. */
1932 crypto_pk_t *
1933 node_get_rsa_onion_key(const node_t *node)
1934 {
1935  crypto_pk_t *pk = NULL;
1936  const char *onion_pkey;
1937  size_t onion_pkey_len;
1938 
1939  if (!node) {
1940  goto end;
1941  }
1942 
1943  if (node->ri) {
1944  onion_pkey = node->ri->onion_pkey;
1945  onion_pkey_len = node->ri->onion_pkey_len;
1946  } else if (node->rs && node->md) {
1947  onion_pkey = node->md->onion_pkey;
1948  onion_pkey_len = node->md->onion_pkey_len;
1949  } else {
1950  /* No descriptor or microdescriptor. */
1951  goto end;
1952  }
1953  pk = router_get_rsa_onion_pkey(onion_pkey, onion_pkey_len);
1954 
1955  end:
1956  return pk;
1957 }
1958 
1959 /** Refresh the country code of <b>ri</b>. This function MUST be called on
1960  * each router when the GeoIP database is reloaded, and on all new routers. */
1961 void
1963 {
1964  tor_addr_t addr = TOR_ADDR_NULL;
1965 
1966  /* XXXXipv6 */
1967  if (node->rs)
1968  tor_addr_from_ipv4h(&addr, node->rs->addr);
1969  else if (node->ri)
1970  tor_addr_from_ipv4h(&addr, node->ri->addr);
1971 
1972  node->country = geoip_get_country_by_addr(&addr);
1973 }
1974 
1975 /** Set the country code of all routers in the routerlist. */
1976 void
1978 {
1979  const smartlist_t *nodes = nodelist_get_list();
1980  SMARTLIST_FOREACH(nodes, node_t *, node,
1981  node_set_country(node));
1982 }
1983 
1984 /** Return true iff router1 and router2 have similar enough network addresses
1985  * that we should treat them as being in the same family */
1986 int
1988  const tor_addr_t *a2)
1989 {
1990  if (tor_addr_is_null(a1) || tor_addr_is_null(a2))
1991  return 0;
1992 
1993  switch (tor_addr_family(a1)) {
1994  case AF_INET:
1995  return 0 == tor_addr_compare_masked(a1, a2, 16, CMP_SEMANTIC);
1996  case AF_INET6:
1997  return 0 == tor_addr_compare_masked(a1, a2, 32, CMP_SEMANTIC);
1998  default:
1999  /* If not IPv4 or IPv6, return 0. */
2000  return 0;
2001  }
2002 }
2003 
2004 /** Return true if <b>node</b>'s nickname matches <b>nickname</b>
2005  * (case-insensitive), or if <b>node's</b> identity key digest
2006  * matches a hexadecimal value stored in <b>nickname</b>. Return
2007  * false otherwise. */
2008 STATIC int
2009 node_nickname_matches(const node_t *node, const char *nickname)
2010 {
2011  const char *n = node_get_nickname(node);
2012  if (n && nickname[0]!='$' && !strcasecmp(n, nickname))
2013  return 1;
2014  return hex_digest_nickname_matches(nickname,
2015  node->identity,
2016  n);
2017 }
2018 
2019 /** Return true iff <b>node</b> is named by some nickname in <b>lst</b>. */
2020 STATIC int
2022 {
2023  if (!lst) return 0;
2024  SMARTLIST_FOREACH(lst, const char *, name, {
2025  if (node_nickname_matches(node, name))
2026  return 1;
2027  });
2028  return 0;
2029 }
2030 
2031 /** Return true iff n1's declared family contains n2. */
2032 STATIC int
2033 node_family_contains(const node_t *n1, const node_t *n2)
2034 {
2035  if (n1->ri && n1->ri->declared_family) {
2036  return node_in_nickname_smartlist(n1->ri->declared_family, n2);
2037  } else if (n1->md) {
2038  return nodefamily_contains_node(n1->md->family, n2);
2039  } else {
2040  return 0;
2041  }
2042 }
2043 
2044 /**
2045  * Return true iff <b>node</b> has declared a nonempty family.
2046  **/
2047 STATIC bool
2049 {
2050  if (node->ri && node->ri->declared_family &&
2051  smartlist_len(node->ri->declared_family)) {
2052  return true;
2053  }
2054 
2055  if (node->md && node->md->family) {
2056  return true;
2057  }
2058 
2059  return false;
2060 }
2061 
2062 /**
2063  * Add to <b>out</b> every node_t that is listed by <b>node</b> as being in
2064  * its family. (Note that these nodes are not in node's family unless they
2065  * also agree that node is in their family.)
2066  **/
2067 STATIC void
2069 {
2070  if (node->ri && node->ri->declared_family &&
2071  smartlist_len(node->ri->declared_family)) {
2072  SMARTLIST_FOREACH_BEGIN(node->ri->declared_family, const char *, name) {
2073  const node_t *n2 = node_get_by_nickname(name, NNF_NO_WARN_UNNAMED);
2074  if (n2) {
2075  smartlist_add(out, (node_t *)n2);
2076  }
2077  } SMARTLIST_FOREACH_END(name);
2078  return;
2079  }
2080 
2081  if (node->md && node->md->family) {
2082  nodefamily_add_nodes_to_smartlist(node->md->family, out);
2083  }
2084 }
2085 
2086 /** Return true iff r1 and r2 are in the same family, but not the same
2087  * router. */
2088 int
2089 nodes_in_same_family(const node_t *node1, const node_t *node2)
2090 {
2091  const or_options_t *options = get_options();
2092 
2093  /* Are they in the same family because of their addresses? */
2094  if (options->EnforceDistinctSubnets) {
2095  tor_addr_t a1, a2;
2096  node_get_addr(node1, &a1);
2097  node_get_addr(node2, &a2);
2098 
2099  tor_addr_port_t ap6_1, ap6_2;
2100  node_get_pref_ipv6_orport(node1, &ap6_1);
2101  node_get_pref_ipv6_orport(node2, &ap6_2);
2102 
2103  if (addrs_in_same_network_family(&a1, &a2) ||
2104  addrs_in_same_network_family(&ap6_1.addr, &ap6_2.addr))
2105  return 1;
2106  }
2107 
2108  /* Are they in the same family because the agree they are? */
2109  if (node_family_contains(node1, node2) &&
2110  node_family_contains(node2, node1)) {
2111  return 1;
2112  }
2113 
2114  /* Are they in the same family because the user says they are? */
2115  if (options->NodeFamilySets) {
2116  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2117  if (routerset_contains_node(rs, node1) &&
2118  routerset_contains_node(rs, node2))
2119  return 1;
2120  });
2121  }
2122 
2123  return 0;
2124 }
2125 
2126 /**
2127  * Add all the family of <b>node</b>, including <b>node</b> itself, to
2128  * the smartlist <b>sl</b>.
2129  *
2130  * This is used to make sure we don't pick siblings in a single path, or
2131  * pick more than one relay from a family for our entry guard list.
2132  * Note that a node may be added to <b>sl</b> more than once if it is
2133  * part of <b>node</b>'s family for more than one reason.
2134  */
2135 void
2137 {
2138  const smartlist_t *all_nodes = nodelist_get_list();
2139  const or_options_t *options = get_options();
2140 
2141  tor_assert(node);
2142 
2143  /* Let's make sure that we have the node itself, if it's a real node. */
2144  {
2145  const node_t *real_node = node_get_by_id(node->identity);
2146  if (real_node)
2147  smartlist_add(sl, (node_t*)real_node);
2148  }
2149 
2150  /* First, add any nodes with similar network addresses. */
2151  if (options->EnforceDistinctSubnets) {
2152  tor_addr_t node_addr;
2153  tor_addr_port_t node_ap6;
2154  node_get_addr(node, &node_addr);
2155  node_get_pref_ipv6_orport(node, &node_ap6);
2156 
2157  SMARTLIST_FOREACH_BEGIN(all_nodes, const node_t *, node2) {
2158  tor_addr_t a;
2159  tor_addr_port_t ap6;
2160  node_get_addr(node2, &a);
2161  node_get_pref_ipv6_orport(node2, &ap6);
2162  if (addrs_in_same_network_family(&a, &node_addr) ||
2163  addrs_in_same_network_family(&ap6.addr, &node_ap6.addr))
2164  smartlist_add(sl, (void*)node2);
2165  } SMARTLIST_FOREACH_END(node2);
2166  }
2167 
2168  /* Now, add all nodes in the declared family of this node, if they
2169  * also declare this node to be in their family. */
2170  if (node_has_declared_family(node)) {
2171  smartlist_t *declared_family = smartlist_new();
2172  node_lookup_declared_family(declared_family, node);
2173 
2174  /* Add every r such that router declares familyness with node, and node
2175  * declares familyhood with router. */
2176  SMARTLIST_FOREACH_BEGIN(declared_family, const node_t *, node2) {
2177  if (node_family_contains(node2, node)) {
2178  smartlist_add(sl, (void*)node2);
2179  }
2180  } SMARTLIST_FOREACH_END(node2);
2181  smartlist_free(declared_family);
2182  }
2183 
2184  /* If the user declared any families locally, honor those too. */
2185  if (options->NodeFamilySets) {
2186  SMARTLIST_FOREACH(options->NodeFamilySets, const routerset_t *, rs, {
2187  if (routerset_contains_node(rs, node)) {
2188  routerset_get_all_nodes(sl, rs, NULL, 0);
2189  }
2190  });
2191  }
2192 }
2193 
2194 /** Find a router that's up, that has this IP address, and
2195  * that allows exit to this address:port, or return NULL if there
2196  * isn't a good one.
2197  * Don't exit enclave to excluded relays -- it wouldn't actually
2198  * hurt anything, but this way there are fewer confused users.
2199  */
2200 const node_t *
2201 router_find_exact_exit_enclave(const char *address, uint16_t port)
2202 {/*XXXX MOVE*/
2203  uint32_t addr;
2204  struct in_addr in;
2205  tor_addr_t a;
2206  const or_options_t *options = get_options();
2207 
2208  if (!tor_inet_aton(address, &in))
2209  return NULL; /* it's not an IP already */
2210  addr = ntohl(in.s_addr);
2211 
2212  tor_addr_from_ipv4h(&a, addr);
2213 
2214  SMARTLIST_FOREACH(nodelist_get_list(), const node_t *, node, {
2215  if (node_get_addr_ipv4h(node) == addr &&
2216  node->is_running &&
2217  compare_tor_addr_to_node_policy(&a, port, node) ==
2220  return node;
2221  });
2222  return NULL;
2223 }
2224 
2225 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
2226  * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
2227  * If <b>need_capacity</b> is non-zero, we require a minimum advertised
2228  * bandwidth.
2229  * If <b>need_guard</b>, we require that the router is a possible entry guard.
2230  */
2231 int
2232 node_is_unreliable(const node_t *node, int need_uptime,
2233  int need_capacity, int need_guard)
2234 {
2235  if (need_uptime && !node->is_stable)
2236  return 1;
2237  if (need_capacity && !node->is_fast)
2238  return 1;
2239  if (need_guard && !node->is_possible_guard)
2240  return 1;
2241  return 0;
2242 }
2243 
2244 /** Return 1 if all running sufficiently-stable routers we can use will reject
2245  * addr:port. Return 0 if any might accept it. */
2246 int
2248  int need_uptime)
2249 {
2251 
2253  if (node->is_running &&
2254  !node_is_unreliable(node, need_uptime, 0, 0)) {
2255 
2256  r = compare_tor_addr_to_node_policy(addr, port, node);
2257 
2259  return 0; /* this one could be ok. good enough. */
2260  }
2261  } SMARTLIST_FOREACH_END(node);
2262  return 1; /* all will reject. */
2263 }
2264 
2265 /** Mark the router with ID <b>digest</b> as running or non-running
2266  * in our routerlist. */
2267 void
2268 router_set_status(const char *digest, int up)
2269 {
2270  node_t *node;
2271  tor_assert(digest);
2272 
2273  SMARTLIST_FOREACH(router_get_fallback_dir_servers(),
2274  dir_server_t *, d,
2275  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2276  d->is_running = up);
2277 
2278  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
2279  dir_server_t *, d,
2280  if (tor_memeq(d->digest, digest, DIGEST_LEN))
2281  d->is_running = up);
2282 
2283  node = node_get_mutable_by_id(digest);
2284  if (node) {
2285 #if 0
2286  log_debug(LD_DIR,"Marking router %s as %s.",
2287  node_describe(node), up ? "up" : "down");
2288 #endif
2289  if (!up && node_is_me(node) && !net_is_disabled())
2290  log_warn(LD_NET, "We just marked ourself as down. Are your external "
2291  "addresses reachable?");
2292 
2293  if (bool_neq(node->is_running, up))
2295 
2296  node->is_running = up;
2297  }
2298 }
2299 
2300 /** True iff, the last time we checked whether we had enough directory info
2301  * to build circuits, the answer was "yes". If there are no exits in the
2302  * consensus, we act as if we have 100% of the exit directory info. */
2303 static int have_min_dir_info = 0;
2304 
2305 /** Does the consensus contain nodes that can exit? */
2306 static consensus_path_type_t have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2307 
2308 /** True iff enough has changed since the last time we checked whether we had
2309  * enough directory info to build circuits that our old answer can no longer
2310  * be trusted. */
2312 /** String describing what we're missing before we have enough directory
2313  * info. */
2314 static char dir_info_status[512] = "";
2315 
2316 /** Return true iff we have enough consensus information to
2317  * start building circuits. Right now, this means "a consensus that's
2318  * less than a day old, and at least 60% of router descriptors (configurable),
2319  * weighted by bandwidth. Treat the exit fraction as 100% if there are
2320  * no exits in the consensus."
2321  * To obtain the final weighted bandwidth, we multiply the
2322  * weighted bandwidth fraction for each position (guard, middle, exit). */
2323 MOCK_IMPL(int,
2325 {
2326  static int logged_delay=0;
2327  const char *delay_fetches_msg = NULL;
2328  if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
2329  if (!logged_delay)
2330  log_notice(LD_DIR, "Delaying directory fetches: %s", delay_fetches_msg);
2331  logged_delay=1;
2332  strlcpy(dir_info_status, delay_fetches_msg, sizeof(dir_info_status));
2333  return 0;
2334  }
2335  logged_delay = 0; /* reset it if we get this far */
2336 
2337  if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
2339  }
2340 
2341  return have_min_dir_info;
2342 }
2343 
2344 /** Set to CONSENSUS_PATH_EXIT if there is at least one exit node
2345  * in the consensus. We update this flag in compute_frac_paths_available if
2346  * there is at least one relay that has an Exit flag in the consensus.
2347  * Used to avoid building exit circuits when they will almost certainly fail.
2348  * Set to CONSENSUS_PATH_INTERNAL if there are no exits in the consensus.
2349  * (This situation typically occurs during bootstrap of a test network.)
2350  * Set to CONSENSUS_PATH_UNKNOWN if we have never checked, or have
2351  * reason to believe our last known value was invalid or has expired.
2352  * If we're in a network with TestingDirAuthVoteExit set,
2353  * this can cause router_have_consensus_path() to be set to
2354  * CONSENSUS_PATH_EXIT, even if there are no nodes with accept exit policies.
2355  */
2358 {
2359  return have_consensus_path;
2360 }
2361 
2362 /** Called when our internal view of the directory has changed. This can be
2363  * when the authorities change, networkstatuses change, the list of routerdescs
2364  * changes, or number of running routers changes.
2365  */
2366 void
2368 {
2373 }
2374 
2375 /** Return a string describing what we're missing before we have enough
2376  * directory info. */
2377 const char *
2379 {
2380  return dir_info_status;
2381 }
2382 
2383 /** Iterate over the servers listed in <b>consensus</b>, and count how many of
2384  * them seem like ones we'd use (store this in *<b>num_usable</b>), and how
2385  * many of <em>those</em> we have descriptors for (store this in
2386  * *<b>num_present</b>).
2387  *
2388  * If <b>in_set</b> is non-NULL, only consider those routers in <b>in_set</b>.
2389  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_POLICY, only consider nodes
2390  * present if they have an exit policy that accepts at least one port.
2391  * If <b>exit_only</b> & USABLE_DESCRIPTOR_EXIT_FLAG, only consider nodes
2392  * usable if they have the exit flag in the consensus.
2393  *
2394  * If *<b>descs_out</b> is present, add a node_t for each usable descriptor
2395  * to it.
2396  */
2397 static void
2398 count_usable_descriptors(int *num_present, int *num_usable,
2399  smartlist_t *descs_out,
2400  const networkstatus_t *consensus,
2401  time_t now,
2402  routerset_t *in_set,
2403  usable_descriptor_t exit_only)
2404 {
2405  const int md = (consensus->flavor == FLAV_MICRODESC);
2406  *num_present = 0, *num_usable = 0;
2407 
2409  {
2410  const node_t *node = node_get_by_id(rs->identity_digest);
2411  if (!node)
2412  continue; /* This would be a bug: every entry in the consensus is
2413  * supposed to have a node. */
2414  if ((exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) && ! rs->is_exit)
2415  continue;
2416  if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1))
2417  continue;
2418  if (client_would_use_router(rs, now)) {
2419  const char * const digest = rs->descriptor_digest;
2420  int present;
2421  ++*num_usable; /* the consensus says we want it. */
2422  if (md)
2423  present = NULL != microdesc_cache_lookup_by_digest256(NULL, digest);
2424  else
2425  present = NULL != router_get_by_descriptor_digest(digest);
2426  if (present) {
2427  /* Do the policy check last, because it requires a descriptor,
2428  * and is potentially expensive */
2429  if ((exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) &&
2431  continue;
2432  }
2433  /* we have the descriptor listed in the consensus, and it
2434  * satisfies our exit constraints (if any) */
2435  ++*num_present;
2436  }
2437  if (descs_out)
2438  smartlist_add(descs_out, (node_t*)node);
2439  }
2440  }
2441  SMARTLIST_FOREACH_END(rs);
2442 
2443  log_debug(LD_DIR, "%d usable, %d present (%s%s%s%s%s).",
2444  *num_usable, *num_present,
2445  md ? "microdesc" : "desc",
2446  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2447  " exit" : "s",
2448  (exit_only & USABLE_DESCRIPTOR_EXIT_POLICY) ?
2449  " policies" : "" ,
2450  (exit_only == USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG) ?
2451  " and" : "" ,
2452  (exit_only & USABLE_DESCRIPTOR_EXIT_FLAG) ?
2453  " flags" : "" );
2454 }
2455 
2456 /** Return an estimate of which fraction of usable paths through the Tor
2457  * network we have available for use. Count how many routers seem like ones
2458  * we'd use (store this in *<b>num_usable_out</b>), and how many of
2459  * <em>those</em> we have descriptors for (store this in
2460  * *<b>num_present_out</b>.)
2461  *
2462  * If **<b>status_out</b> is present, allocate a new string and print the
2463  * available percentages of guard, middle, and exit nodes to it, noting
2464  * whether there are exits in the consensus.
2465  * If there are no exits in the consensus, we treat the exit fraction as 100%,
2466  * but set router_have_consensus_path() so that we can only build internal
2467  * paths. */
2468 static double
2470  const or_options_t *options, time_t now,
2471  int *num_present_out, int *num_usable_out,
2472  char **status_out)
2473 {
2474  smartlist_t *guards = smartlist_new();
2475  smartlist_t *mid = smartlist_new();
2476  smartlist_t *exits = smartlist_new();
2477  double f_guard, f_mid, f_exit;
2478  double f_path = 0.0;
2479  /* Used to determine whether there are any exits in the consensus */
2480  int np = 0;
2481  /* Used to determine whether there are any exits with descriptors */
2482  int nu = 0;
2483  const int authdir = authdir_mode_v3(options);
2484 
2485  count_usable_descriptors(num_present_out, num_usable_out,
2486  mid, consensus, now, options->MiddleNodes,
2487  USABLE_DESCRIPTOR_ALL);
2488  log_debug(LD_NET,
2489  "%s: %d present, %d usable",
2490  "mid",
2491  np,
2492  nu);
2493 
2494  if (options->EntryNodes) {
2495  count_usable_descriptors(&np, &nu, guards, consensus, now,
2496  options->EntryNodes, USABLE_DESCRIPTOR_ALL);
2497  log_debug(LD_NET,
2498  "%s: %d present, %d usable",
2499  "guard",
2500  np,
2501  nu);
2502  } else {
2503  SMARTLIST_FOREACH(mid, const node_t *, node, {
2504  if (authdir) {
2505  if (node->rs && node->rs->is_possible_guard)
2506  smartlist_add(guards, (node_t*)node);
2507  } else {
2508  if (node->is_possible_guard)
2509  smartlist_add(guards, (node_t*)node);
2510  }
2511  });
2512  log_debug(LD_NET,
2513  "%s: %d possible",
2514  "guard",
2515  smartlist_len(guards));
2516  }
2517 
2518  /* All nodes with exit policy and flag */
2519  count_usable_descriptors(&np, &nu, exits, consensus, now,
2520  NULL, USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2521  log_debug(LD_NET,
2522  "%s: %d present, %d usable",
2523  "exits",
2524  np,
2525  nu);
2526 
2527  /* We need at least 1 exit (flag and policy) in the consensus to consider
2528  * building exit paths */
2529  /* Update our understanding of whether the consensus has exits */
2530  consensus_path_type_t old_have_consensus_path = have_consensus_path;
2531  have_consensus_path = ((np > 0) ?
2532  CONSENSUS_PATH_EXIT :
2533  CONSENSUS_PATH_INTERNAL);
2534 
2535  if (old_have_consensus_path != have_consensus_path) {
2536  if (have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2537  log_notice(LD_NET,
2538  "The current consensus has no exit nodes. "
2539  "Tor can only build internal paths, "
2540  "such as paths to onion services.");
2541 
2542  /* However, exit nodes can reachability self-test using this consensus,
2543  * join the network, and appear in a later consensus. This will allow
2544  * the network to build exit paths, such as paths for world wide web
2545  * browsing (as distinct from hidden service web browsing). */
2546  } else if (old_have_consensus_path == CONSENSUS_PATH_INTERNAL) {
2547  log_notice(LD_NET,
2548  "The current consensus contains exit nodes. "
2549  "Tor can build exit and internal paths.");
2550  }
2551  }
2552 
2553  f_guard = frac_nodes_with_descriptors(guards, WEIGHT_FOR_GUARD, 1);
2554  f_mid = frac_nodes_with_descriptors(mid, WEIGHT_FOR_MID, 0);
2555  f_exit = frac_nodes_with_descriptors(exits, WEIGHT_FOR_EXIT, 0);
2556 
2557  /* If we are using bridges and have at least one bridge with a full
2558  * descriptor, assume f_guard is 1.0. */
2559  if (options->UseBridges && num_bridges_usable(0) > 0)
2560  f_guard = 1.0;
2561 
2562  log_debug(LD_NET,
2563  "f_guard: %.2f, f_mid: %.2f, f_exit: %.2f",
2564  f_guard,
2565  f_mid,
2566  f_exit);
2567 
2568  smartlist_free(guards);
2569  smartlist_free(mid);
2570  smartlist_free(exits);
2571 
2572  if (options->ExitNodes) {
2573  double f_myexit, f_myexit_unflagged;
2574  smartlist_t *myexits= smartlist_new();
2575  smartlist_t *myexits_unflagged = smartlist_new();
2576 
2577  /* All nodes with exit policy and flag in ExitNodes option */
2578  count_usable_descriptors(&np, &nu, myexits, consensus, now,
2579  options->ExitNodes,
2580  USABLE_DESCRIPTOR_EXIT_POLICY_AND_FLAG);
2581  log_debug(LD_NET,
2582  "%s: %d present, %d usable",
2583  "myexits",
2584  np,
2585  nu);
2586 
2587  /* Now compute the nodes in the ExitNodes option where we know their exit
2588  * policy permits something. */
2589  count_usable_descriptors(&np, &nu, myexits_unflagged,
2590  consensus, now,
2591  options->ExitNodes,
2592  USABLE_DESCRIPTOR_EXIT_POLICY);
2593  log_debug(LD_NET,
2594  "%s: %d present, %d usable",
2595  "myexits_unflagged (initial)",
2596  np,
2597  nu);
2598 
2599  f_myexit= frac_nodes_with_descriptors(myexits,WEIGHT_FOR_EXIT, 0);
2600  f_myexit_unflagged=
2601  frac_nodes_with_descriptors(myexits_unflagged,
2602  WEIGHT_FOR_EXIT, 0);
2603 
2604  log_debug(LD_NET,
2605  "f_exit: %.2f, f_myexit: %.2f, f_myexit_unflagged: %.2f",
2606  f_exit,
2607  f_myexit,
2608  f_myexit_unflagged);
2609 
2610  /* If our ExitNodes list has eliminated every possible Exit node, and there
2611  * were some possible Exit nodes, then instead consider nodes that permit
2612  * exiting to some ports. */
2613  if (smartlist_len(myexits) == 0 &&
2614  smartlist_len(myexits_unflagged)) {
2615  f_myexit = f_myexit_unflagged;
2616  }
2617 
2618  smartlist_free(myexits);
2619  smartlist_free(myexits_unflagged);
2620 
2621  /* This is a tricky point here: we don't want to make it easy for a
2622  * directory to trickle exits to us until it learns which exits we have
2623  * configured, so require that we have a threshold both of total exits
2624  * and usable exits. */
2625  if (f_myexit < f_exit)
2626  f_exit = f_myexit;
2627  }
2628 
2629  /* If the consensus has no exits that pass flag, descriptor, and policy
2630  * checks, we can only build onion service paths, which are G - M - M. */
2631  if (router_have_consensus_path() != CONSENSUS_PATH_EXIT) {
2632  /* If the exit bandwidth weight fraction is not zero, we need to wait for
2633  * descriptors for those exits. (The bandwidth weight fraction does not
2634  * check for descriptors.)
2635  * If the exit bandwidth fraction is zero, there are no exits in the
2636  * consensus at all. So it is safe to replace f_exit with f_mid.
2637  *
2638  * f_exit is non-negative, but some compilers complain about float and ==
2639  */
2640  if (f_exit <= 0.0) {
2641  f_exit = f_mid;
2642  }
2643  }
2644 
2645  f_path = f_guard * f_mid * f_exit;
2646 
2647  if (status_out)
2648  tor_asprintf(status_out,
2649  "%d%% of guards bw, "
2650  "%d%% of midpoint bw, and "
2651  "%d%% of %s = "
2652  "%d%% of path bw",
2653  (int)(f_guard*100),
2654  (int)(f_mid*100),
2655  (int)(f_exit*100),
2656  (router_have_consensus_path() == CONSENSUS_PATH_EXIT ?
2657  "exit bw" :
2658  "end bw (no exits in consensus, using mid)"),
2659  (int)(f_path*100));
2660 
2661  return f_path;
2662 }
2663 
2664 /** We just fetched a new set of descriptors. Compute how far through
2665  * the "loading descriptors" bootstrapping phase we are, so we can inform
2666  * the controller of our progress. */
2667 int
2669 {
2670  int num_present = 0, num_usable=0;
2671  time_t now = time(NULL);
2672  const or_options_t *options = get_options();
2673  const networkstatus_t *consensus =
2675  double paths, fraction;
2676 
2677  if (!consensus)
2678  return 0; /* can't count descriptors if we have no list of them */
2679 
2680  paths = compute_frac_paths_available(consensus, options, now,
2681  &num_present, &num_usable,
2682  NULL);
2683 
2684  fraction = paths / get_frac_paths_needed_for_circs(options,consensus);
2685  if (fraction > 1.0)
2686  return 0; /* it's not the number of descriptors holding us back */
2687  return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
2688  (fraction*(BOOTSTRAP_STATUS_ENOUGH_DIRINFO-1 -
2689  BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
2690 }
2691 
2692 /** Return the fraction of paths needed before we're willing to build
2693  * circuits, as configured in <b>options</b>, or in the consensus <b>ns</b>. */
2694 static double
2696  const networkstatus_t *ns)
2697 {
2698 #define DFLT_PCT_USABLE_NEEDED 60
2699  if (options->PathsNeededToBuildCircuits >= 0.0) {
2700  return options->PathsNeededToBuildCircuits;
2701  } else {
2702  return networkstatus_get_param(ns, "min_paths_for_circs_pct",
2703  DFLT_PCT_USABLE_NEEDED,
2704  25, 95)/100.0;
2705  }
2706 }
2707 
2708 /** Change the value of have_min_dir_info, setting it true iff we have enough
2709  * network and router information to build circuits. Clear the value of
2710  * need_to_update_have_min_dir_info. */
2711 static void
2713 {
2714  time_t now = time(NULL);
2715  int res;
2716  int num_present=0, num_usable=0;
2717  const or_options_t *options = get_options();
2718  const networkstatus_t *consensus =
2720  int using_md;
2721 
2722  if (!consensus) {
2724  strlcpy(dir_info_status, "We have no usable consensus.",
2725  sizeof(dir_info_status));
2726  else
2727  strlcpy(dir_info_status, "We have no recent usable consensus.",
2728  sizeof(dir_info_status));
2729  res = 0;
2730  goto done;
2731  }
2732 
2733  using_md = consensus->flavor == FLAV_MICRODESC;
2734 
2735  /* Check fraction of available paths */
2736  {
2737  char *status = NULL;
2738  double paths = compute_frac_paths_available(consensus, options, now,
2739  &num_present, &num_usable,
2740  &status);
2741 
2742  if (paths < get_frac_paths_needed_for_circs(options,consensus)) {
2744  "We need more %sdescriptors: we have %d/%d, and "
2745  "can only build %d%% of likely paths. (We have %s.)",
2746  using_md?"micro":"", num_present, num_usable,
2747  (int)(paths*100), status);
2748  tor_free(status);
2749  res = 0;
2750  control_event_boot_dir(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
2751  goto done;
2752  }
2753 
2754  tor_free(status);
2755  res = 1;
2756  }
2757 
2758  { /* Check entry guard dirinfo status */
2759  char *guard_error = entry_guards_get_err_str_if_dir_info_missing(using_md,
2760  num_present,
2761  num_usable);
2762  if (guard_error) {
2763  strlcpy(dir_info_status, guard_error, sizeof(dir_info_status));
2764  tor_free(guard_error);
2765  res = 0;
2766  goto done;
2767  }
2768  }
2769 
2770  done:
2771 
2772  /* If paths have just become available in this update. */
2773  if (res && !have_min_dir_info) {
2774  control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
2775  control_event_boot_dir(BOOTSTRAP_STATUS_ENOUGH_DIRINFO, 0);
2776  log_info(LD_DIR,
2777  "We now have enough directory information to build circuits.");
2778  }
2779 
2780  /* If paths have just become unavailable in this update. */
2781  if (!res && have_min_dir_info) {
2782  int quiet = dirclient_too_idle_to_fetch_descriptors(options, now);
2784  "Our directory information is no longer up-to-date "
2785  "enough to build circuits: %s", dir_info_status);
2786 
2787  /* a) make us log when we next complete a circuit, so we know when Tor
2788  * is back up and usable, and b) disable some activities that Tor
2789  * should only do while circuits are working, like reachability tests
2790  * and fetching bridge descriptors only over circuits. */
2792  have_consensus_path = CONSENSUS_PATH_UNKNOWN;
2793  control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
2794  }
2795  have_min_dir_info = res;
2797 }
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:287
nodelist_probably_contains_address
int nodelist_probably_contains_address(const tor_addr_t *addr)
Definition: nodelist.c:498
routerinfo_t::purpose
uint8_t purpose
Definition: routerinfo_st.h:114
microdesc_t
Definition: microdesc_st.h:27
hex_digest_nickname_decode
int hex_digest_nickname_decode(const char *hexdigest, char *digest_out, char *nickname_qualifier_char_out, char *nickname_out)
Definition: routerlist.c:599
net_is_disabled
int net_is_disabled(void)
Definition: netstatus.c:25
nodelist_refresh_countries
void nodelist_refresh_countries(void)
Definition: nodelist.c:1977
node_set_country
void node_set_country(node_t *node)
Definition: nodelist.c:1962
tor_free
#define tor_free(p)
Definition: malloc.h:52
routerinfo_t
Definition: routerinfo_st.h:20
dir_server_st.h
Trusted/fallback directory server structure.
CURVE25519_PUBKEY_LEN
#define CURVE25519_PUBKEY_LEN
Definition: x25519_sizes.h:20
the_nodelist
static nodelist_t * the_nodelist
Definition: nodelist.c:178
tor_free_
void tor_free_(void *mem)
Definition: malloc.c:227
tor_addr_family
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:186
node_get_declared_uptime
long node_get_declared_uptime(const node_t *node)
Definition: nodelist.c:1612
ADDR_POLICY_PROBABLY_REJECTED
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
fascist_firewall_prefer_ipv6_orport
int fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:498
tor_addr_make_null
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
protover_summary_flags_t
Definition: or.h:809
name
const char * name
Definition: config.c:2440
tor_addr_t
Definition: address.h:68
node_t::is_hs_dir
unsigned int is_hs_dir
Definition: node_st.h:73
protover.h
Headers and type declarations for protover.c.
approx_time
time_t approx_time(void)
Definition: approx_time.c:32
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
ADDR_POLICY_REJECTED
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
have_consensus_path
static consensus_path_type_t have_consensus_path
Definition: nodelist.c:2306
tor_addr_to_str
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
node_is_usable
static int node_is_usable(const node_t *node)
Definition: nodelist.c:732
node_supports_ed25519_hs_intro
int node_supports_ed25519_hs_intro(const node_t *node)
Definition: nodelist.c:1189
routers_have_same_or_addrs
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
Definition: routerlist.c:494
node_get_prim_dirport
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1822
microdesc_t::digest
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:62
netstatus.h
Header for netstatus.c.
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
bool_neq
#define bool_neq(a, b)
Definition: logic.h:18
microdesc.h
Header file for microdesc.c.
LD_BUG
#define LD_BUG
Definition: log.h:86
ed25519_pubkey_eq
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
Definition: crypto_ed25519.c:642
hs_get_next_time_period_num
uint64_t hs_get_next_time_period_num(time_t now)
Definition: hs_common.c:304
protover_summary_flags_t::supports_v3_hsdir
unsigned int supports_v3_hsdir
Definition: or.h:836
fast_mem_is_zero
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
router_digest_is_me
int router_digest_is_me(const char *digest)
Definition: router.c:1651
router_exit_policy_all_nodes_reject
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2247
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
router_find_exact_exit_enclave
const node_t * router_find_exact_exit_enclave(const char *address, uint16_t port)
Definition: nodelist.c:2201
node_has_any_descriptor
int node_has_any_descriptor(const node_t *node)
Definition: nodelist.c:1365
hs_in_period_between_tp_and_srv
int hs_in_period_between_tp_and_srv(const networkstatus_t *consensus, time_t now)
Definition: hs_common.c:1104
nodelist_assert_ok
void nodelist_assert_ok(void)
Definition: nodelist.c:878
routerset_contains_node
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:338
base16_encode
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
tor_fragile_assert
#define tor_fragile_assert()
Definition: util_bug.h:259
describe.h
Header file for describe.c.
node_get_address_string
void node_get_address_string(const node_t *node, char *buf, size_t len)
Definition: nodelist.c:1596
node_get_pref_orport
void node_get_pref_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1742
node_get_by_nickname
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
Definition: nodelist.c:1013
dirserv_set_node_flags_from_authoritative_status
void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus)
Definition: process_descs.c:626
node_t::is_possible_guard
unsigned int is_possible_guard
Definition: node_st.h:69
tor_reallocarray_
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
get_dir_info_status_string
const char * get_dir_info_status_string(void)
Definition: nodelist.c:2378
process_descs.h
Header file for process_descs.c.
node_add_to_address_set
static void node_add_to_address_set(const node_t *node)
Definition: nodelist.c:448
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
node_ipv6_dir_preferred
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1799
tor_cert_st::signing_key
ed25519_public_key_t signing_key
Definition: torcert.h:33
nodelist_add_addr6_to_address_set
void nodelist_add_addr6_to_address_set(const tor_addr_t *addr)
Definition: nodelist.c:486
ed25519_public_key_is_zero
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
Definition: crypto_ed25519.c:227
backtrace.h
Header for backtrace.c.
routerstatus_t
Definition: routerstatus_st.h:19
hsdir_index_t::fetch
uint8_t fetch[DIGEST256_LEN]
Definition: hsdir_index_st.h:19
nodelist_add_node_and_family
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2136
routerlist_t::routers
smartlist_t * routers
Definition: routerlist_st.h:32
usable_descriptor_t
usable_descriptor_t
Definition: nodelist.c:92
protover_summary_flags_t::supports_ed25519_link_handshake_any
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:826
num_bridges_usable
int num_bridges_usable(int use_maybe_reachable)
Definition: entrynodes.c:3296
routerstatus_t::nickname
char nickname[MAX_NICKNAME_LEN+1]
Definition: routerstatus_st.h:25
ED25519_PUBKEY_LEN
#define ED25519_PUBKEY_LEN
Definition: x25519_sizes.h:27
node_exit_policy_is_exact
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1474
quiet
int quiet
Definition: config.c:2446
node_remove_from_ed25519_map
static int node_remove_from_ed25519_map(node_t *node)
Definition: nodelist.c:265
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
address_set_new
address_set_t * address_set_new(int max_addresses_guess)
Definition: address_set.c:34
nodelist_remove_routerinfo
void nodelist_remove_routerinfo(routerinfo_t *ri)
Definition: nodelist.c:754
node_addrs_changed
static void node_addrs_changed(node_t *node)
Definition: nodelist.c:438
routerinfo_t::onion_pkey_len
size_t onion_pkey_len
Definition: routerinfo_st.h:38
tor_snprintf
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
nodelist_set_routerinfo
node_t * nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out)
Definition: nodelist.c:514
routerinfo_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:29
node_is_good_exit
int node_is_good_exit(const node_t *node)
Definition: nodelist.c:725
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
routerinfo_t::platform
char * platform
Definition: routerinfo_st.h:47
have_min_dir_info
static int have_min_dir_info
Definition: nodelist.c:2303
address_set.h
Types to handle sets of addresses.
networkstatus.h
Header file for networkstatus.c.
nodelist_find_nodes_with_microdesc
smartlist_t * nodelist_find_nodes_with_microdesc(const microdesc_t *md)
Definition: nodelist.c:794
hsdir_index_t::store_first
uint8_t store_first[DIGEST256_LEN]
Definition: hsdir_index_st.h:24
node_ed25519_id_matches
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1123
hs_client.h
Header file containing client data for the HS subsytem.
protover_summary_flags_t::supports_ed25519_hs_intro
unsigned int supports_ed25519_hs_intro
Definition: or.h:831
signed_descriptor_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: signed_descriptor_st.h:31
tor_memeq
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
base32_encode
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:60
dirlist_add_trusted_dir_addresses
void dirlist_add_trusted_dir_addresses(void)
Definition: dirlist.c:71
in6_addr
Definition: inaddr_st.h:50
node_log_dup_ed_id
static void node_log_dup_ed_id(const node_t *old, const node_t *node, const char *ed_id)
Definition: nodelist.c:292
dirlist.h
Header file for dirlist.c.
get_n_authorities
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:87
node_t::name_lookup_warned
unsigned int name_lookup_warned
Definition: node_st.h:78
microdesc_has_curve25519_onion_key
static int microdesc_has_curve25519_onion_key(const microdesc_t *md)
Definition: nodelist.c:1889
nodelist_add_microdesc
node_t * nodelist_add_microdesc(microdesc_t *md)
Definition: nodelist.c:570
mainloop.h
Header file for mainloop.c.
node_get_verbose_nickname_by_id
void node_get_verbose_nickname_by_id(const char *id_digest, char *verbose_name_out)
Definition: nodelist.c:1431
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
or_options_t::ExcludeExitNodesUnion_
struct routerset_t * ExcludeExitNodesUnion_
Definition: or_options_st.h:99
node_t::rejects_all
unsigned int rejects_all
Definition: node_st.h:83
node_get_mutable_by_id
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:194
dirserv_router_get_status
uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity)
Definition: process_descs.c:290
node_has_declared_family
STATIC bool node_has_declared_family(const node_t *node)
Definition: nodelist.c:2048
zero_protover_flags
static const protover_summary_flags_t zero_protover_flags
Definition: nodelist.c:1135
routerstatus_t::is_possible_guard
unsigned int is_possible_guard
Definition: routerstatus_st.h:50
hs_get_previous_srv
uint8_t * hs_get_previous_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1251
microdesc_t::onion_pkey
char * onion_pkey
Definition: microdesc_st.h:70
node_get_rsa_id_digest
const uint8_t * node_get_rsa_id_digest(const node_t *node)
Definition: nodelist.c:1224
nodefamily_add_nodes_to_smartlist
void nodefamily_add_nodes_to_smartlist(const nodefamily_t *family, smartlist_t *out)
Definition: nodefamily.c:342
address.h
Headers for address.h.
bridges.h
Header file for circuitbuild.c.
geoip.h
Header file for geoip.c.
routerlist_t
Definition: routerlist_st.h:18
networkstatus_get_latest_consensus_by_flavor
networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
Definition: networkstatus.c:1401
tor_addr_from_ipv4h
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:314
control_event_client_status
int control_event_client_status(int severity, const char *format,...)
Definition: control_events.c:1698
count_loading_descriptors_progress
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2668
hs_get_previous_time_period_num
uint64_t hs_get_previous_time_period_num(time_t now)
Definition: hs_common.c:313
tor_addr_port_t
Definition: address.h:80
tor_memneq
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
tor_addr_to_ipv4h
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:159
entrynodes.h
Header file for circuitbuild.c.
tor_inet_aton
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:40
tor_addr_is_v4
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:750
networkstatus_get_latest_consensus
networkstatus_t * networkstatus_get_latest_consensus(void)
Definition: networkstatus.c:1390
node_get_platform
const char * node_get_platform(const node_t *node)
Definition: nodelist.c:1622
node_t
Definition: node_st.h:34
node_t::nodelist_idx
int nodelist_idx
Definition: node_st.h:42
routerstatus_t::addr
uint32_t addr
Definition: routerstatus_st.h:32
microdesc_t::ed25519_identity_pkey
struct ed25519_public_key_t * ed25519_identity_pkey
Definition: microdesc_st.h:77
networkstatus_t::flavor
consensus_flavor_t flavor
Definition: networkstatus_st.h:28
torcert.h
Header for torcert.c.
node_get_pref_dirport
void node_get_pref_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1845
microdesc_cache_lookup_by_digest256
microdesc_t * microdesc_cache_lookup_by_digest256(microdesc_cache_t *cache, const char *d)
Definition: microdesc.c:945
nodelist_purge
void nodelist_purge(void)
Definition: nodelist.c:825
nodefamily_contains_node
bool nodefamily_contains_node(const nodefamily_t *family, const node_t *node)
Definition: nodefamily.c:328
routerinfo_t::policy_is_reject_star
unsigned int policy_is_reject_star
Definition: routerinfo_st.h:76
ed25519_public_key_t
Definition: crypto_ed25519.h:23
or_options_t::EnforceDistinctSubnets
int EnforceDistinctSubnets
Definition: or_options_st.h:593
microdesc_t::ipv6_orport
uint16_t ipv6_orport
Definition: microdesc_st.h:81
networkstatus_get_reasonably_live_consensus
networkstatus_t * networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
Definition: networkstatus.c:1477
usable_consensus_flavor
int usable_consensus_flavor(void)
Definition: microdesc.c:1085
routerinfo_t::addr
uint32_t addr
Definition: routerinfo_st.h:24
node_nickname_matches
STATIC int node_nickname_matches(const node_t *node, const char *nickname)
Definition: nodelist.c:2009
node_ipv6_or_preferred
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1691
smartlist_del
void smartlist_del(smartlist_t *sl, int idx)
Definition: smartlist_core.c:214
microdesc_st.h
Microdescriptor structure.
routerlist_st.h
Router descriptor list structure.
authmode.h
Header file for directory authority mode.
node_t::is_bad_exit
unsigned int is_bad_exit
Definition: node_st.h:71
address_set_add_ipv4h
void address_set_add_ipv4h(address_set_t *set, uint32_t addr)
Definition: address_set.c:55
nodes_in_same_family
int nodes_in_same_family(const node_t *node1, const node_t *node2)
Definition: nodelist.c:2089
fascist_firewall_use_ipv6
int fascist_firewall_use_ipv6(const or_options_t *options)
Definition: policies.c:459
nodelist.h
Header file for nodelist.c.
routerlist.h
Header file for routerlist.c.
binascii.h
Header for binascii.c.
routerset.h
Header file for routerset.c.
routerinfo_t::supports_tunnelled_dir_requests
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:85
nodelist_ensure_freshness
void nodelist_ensure_freshness(networkstatus_t *ns)
Definition: nodelist.c:955
count_usable_descriptors
static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, time_t now, routerset_t *in_set, usable_descriptor_t exit_only)
Definition: nodelist.c:2398
control_event_boot_dir
void control_event_boot_dir(bootstrap_status_t status, int progress)
Definition: control_bootstrap.c:234
node_get_verbose_nickname
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1411
microdesc_t::family
struct nodefamily_t * family
Definition: microdesc_st.h:83
routerinfo_t::declared_family
smartlist_t * declared_family
Definition: routerinfo_st.h:64
microdesc_t::onion_pkey_len
size_t onion_pkey_len
Definition: microdesc_st.h:72
node_has_curve25519_onion_key
int node_has_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1909
routerinfo_st.h
Router descriptor structure.
ADDR_POLICY_ACCEPTED
@ ADDR_POLICY_ACCEPTED
Definition: policies.h:40
rendservice.h
Header file for rendservice.c.
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
DIGEST256_LEN
#define DIGEST256_LEN
Definition: digest_sizes.h:23
dir_server_t
Definition: dir_server_st.h:21
node_select.h
Header file for node_select.c.
hsdir_index_t::store_second
uint8_t store_second[DIGEST256_LEN]
Definition: hsdir_index_st.h:26
geoip_get_country_by_addr
int geoip_get_country_by_addr(const tor_addr_t *addr)
Definition: geoip.c:424
networkstatus_t::routerstatus_list
smartlist_t * routerstatus_list
Definition: networkstatus_st.h:96
hex_digest_nickname_matches
int hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, const char *nickname)
Definition: routerlist.c:635
HT_HEAD
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
nodefamily.h
Header file for nodefamily.c.
node_allows_single_hop_exits
int node_allows_single_hop_exits(const node_t *node)
Definition: nodelist.c:1446
protover_summary_flags_t::supports_ed25519_link_handshake_compat
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:821
routerstatus_t::pv
protover_summary_flags_t pv
Definition: routerstatus_st.h:68
LOG_INFO
#define LOG_INFO
Definition: log.h:45
router_get_by_descriptor_digest
signed_descriptor_t * router_get_by_descriptor_digest(const char *digest)
Definition: routerlist.c:699
node_get_pref_ipv6_orport
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1757
hs_build_hsdir_index
void hs_build_hsdir_index(const ed25519_public_key_t *identity_pk, const uint8_t *srv_value, uint64_t period_num, uint8_t *hsdir_index_out)
Definition: hs_common.c:1194
control_events.h
Header file for control_events.c.
hs_service_dir_info_changed
void hs_service_dir_info_changed(void)
Definition: hs_service.c:3931
get_frac_paths_needed_for_circs
static double get_frac_paths_needed_for_circs(const or_options_t *options, const networkstatus_t *ns)
Definition: nodelist.c:2695
get_options
const or_options_t * get_options(void)
Definition: config.c:925
or_options_t::PathsNeededToBuildCircuits
double PathsNeededToBuildCircuits
Definition: or_options_st.h:899
nodelist_drop_node
static void nodelist_drop_node(node_t *node, int remove_from_ht)
Definition: nodelist.c:769
routerinfo_t::dir_port
uint16_t dir_port
Definition: routerinfo_st.h:26
dir_info_status
static char dir_info_status[512]
Definition: nodelist.c:2314
or_options_t::ExitNodes
struct routerset_t * ExitNodes
Definition: or_options_st.h:77
protover_summary_flags_t::supports_v3_rendezvous_point
unsigned int supports_v3_rendezvous_point
Definition: or.h:841
routerinfo_t::onion_pkey
char * onion_pkey
Definition: routerinfo_st.h:36
router_get_consensus_status_by_descriptor_digest
const routerstatus_t * router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus, const char *digest)
Definition: networkstatus.c:769
node_is_unreliable
int node_is_unreliable(const node_t *node, int need_uptime, int need_capacity, int need_guard)
Definition: nodelist.c:2232
MAX_NICKNAME_LEN
#define MAX_NICKNAME_LEN
Definition: or.h:112
or_options_t::MiddleNodes
struct routerset_t * MiddleNodes
Definition: or_options_st.h:80
nodelist_set_consensus
void nodelist_set_consensus(networkstatus_t *ns)
Definition: nodelist.c:624
hs_client_dir_info_changed
void hs_client_dir_info_changed(void)
Definition: hs_client.c:2595
routerstatus_st.h
Routerstatus (consensus entry) structure.
node_describe
const char * node_describe(const node_t *node)
Definition: describe.c:143
hs_common.h
Header file containing common data for the whole HS subsytem.
curve25519_public_key_t
Definition: crypto_curve25519.h:23
dir_server_t::is_running
unsigned int is_running
Definition: dir_server_st.h:37
node_free_
static void node_free_(node_t *node)
Definition: nodelist.c:812
node_t::last_reachable
time_t last_reachable
Definition: node_st.h:99
signed_descriptor_t::signing_key_cert
struct tor_cert_st * signing_key_cert
Definition: signed_descriptor_st.h:39
routerinfo_t::allow_single_hop_exits
unsigned int allow_single_hop_exits
Definition: routerinfo_st.h:71
node_supports_v3_rendezvous_point
int node_supports_v3_rendezvous_point(const node_t *node)
Definition: nodelist.c:1210
microdesc_t::onion_curve25519_pkey
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: microdesc_st.h:75
nodelist_get_list
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:975
init_nodelist
static void init_nodelist(void)
Definition: nodelist.c:182
node_is_me
int node_is_me(const node_t *node)
Definition: nodelist.c:1635
get_microdesc_cache
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:250
note_that_we_maybe_cant_complete_circuits
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:235
fascist_firewall_prefer_ipv6_dirport
int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:520
entry_guards_get_err_str_if_dir_info_missing
char * entry_guards_get_err_str_if_dir_info_missing(int using_mds, int num_present, int num_usable)
Definition: entrynodes.c:3787
node_get_addr
void node_get_addr(const node_t *node, tor_addr_t *addr_out)
Definition: nodelist.c:1569
V3_DIRINFO
@ V3_DIRINFO
Definition: or.h:894
nodelist_add_addr4_to_address_set
void nodelist_add_addr4_to_address_set(const uint32_t addr)
Definition: nodelist.c:476
routerinfo_t::pv
protover_summary_flags_t pv
Definition: routerinfo_st.h:92
networkstatus_t::valid_after
time_t valid_after
Definition: networkstatus_st.h:33
UNNAMED_ROUTER_NICKNAME
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:560
tor_addr_is_null
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:771
node_get_all_orports
smartlist_t * node_get_all_orports(const node_t *node)
Definition: nodelist.c:1531
node_get_or_create
static node_t * node_get_or_create(const char *identity_digest)
Definition: nodelist.c:243
node_supports_v3_hsdir
int node_supports_v3_hsdir(const node_t *node)
Definition: nodelist.c:1179
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
node_get_ed25519_id
const ed25519_public_key_t * node_get_ed25519_id(const node_t *node)
Definition: nodelist.c:1078
node_t::country
country_t country
Definition: node_st.h:93
hs_get_time_period_num
uint64_t hs_get_time_period_num(time_t now)
Definition: hs_common.c:269
node_family_contains
STATIC int node_family_contains(const node_t *n1, const node_t *n2)
Definition: nodelist.c:2033
microdesc_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: microdesc_st.h:79
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
node_get_pref_ipv6_dirport
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1860
log_fn_ratelim
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:292
node_get_nickname
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1328
crypto_pk_t
Definition: crypto_rsa_nss.c:36
addr_policy_result_t
addr_policy_result_t
Definition: policies.h:38
compute_frac_paths_available
static double compute_frac_paths_available(const networkstatus_t *consensus, const or_options_t *options, time_t now, int *num_present_out, int *num_usable_out, char **status_out)
Definition: nodelist.c:2469
rend_hsdir_routers_changed
void rend_hsdir_routers_changed(void)
Definition: rendservice.c:4317
router_get_routerlist
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:810
node_get_prim_orport
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1721
HEX_DIGEST_LEN
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
or_options_t::UseBridges
int UseBridges
Definition: or_options_st.h:213
node_st.h
Node information structure.
or_options_t::NodeFamilySets
struct smartlist_t * NodeFamilySets
Definition: or_options_st.h:452
routerstatus_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerstatus_st.h:35
router_have_consensus_path
consensus_path_type_t router_have_consensus_path(void)
Definition: nodelist.c:2357
node_in_nickname_smartlist
STATIC int node_in_nickname_smartlist(const smartlist_t *lst, const node_t *node)
Definition: nodelist.c:2021
or_options_t::EntryNodes
struct routerset_t * EntryNodes
Definition: or_options_st.h:83
microdesc_t::held_by_nodes
unsigned int held_by_nodes
Definition: microdesc_st.h:46
networkstatus_is_live
int networkstatus_is_live(const networkstatus_t *ns, time_t now)
Definition: networkstatus.c:1428
node_is_dir
int node_is_dir(const node_t *node)
Definition: nodelist.c:1342
node_t::is_stable
unsigned int is_stable
Definition: node_st.h:68
update_router_have_minimum_dir_info
static void update_router_have_minimum_dir_info(void)
Definition: nodelist.c:2712
policies.h
Header file for policies.c.
HT_PROTOTYPE
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
routerinfo_t::uptime
long uptime
Definition: routerinfo_st.h:63
nodelist_remove_microdesc
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md)
Definition: nodelist.c:740
node_add_to_ed25519_map
static int node_add_to_ed25519_map(node_t *node)
Definition: nodelist.c:308
nodelist_t
Definition: nodelist.c:121
dirclient_too_idle_to_fetch_descriptors
int dirclient_too_idle_to_fetch_descriptors(const or_options_t *options, time_t now)
Definition: dirclient_modes.c:90
config.h
Header file for config.c.
node_supports_ed25519_link_authentication
int node_supports_ed25519_link_authentication(const node_t *node, int compatible_with_us)
Definition: nodelist.c:1163
routerstatus_t::dir_port
uint16_t dir_port
Definition: routerstatus_st.h:34
compare_tor_addr_to_node_policy
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2937
node_get_curve25519_onion_key
const curve25519_public_key_t * node_get_curve25519_onion_key(const node_t *node)
Definition: nodelist.c:1916
BRIDGE_DIRINFO
@ BRIDGE_DIRINFO
Definition: or.h:896
node_get_by_ed25519_id
const node_t * node_get_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:231
routerset_contains_routerstatus
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:322
client_would_use_router
int client_would_use_router(const routerstatus_t *rs, time_t now)
Definition: networkstatus.c:2597
LD_NET
#define LD_NET
Definition: log.h:66
node_t::ipv6_preferred
unsigned int ipv6_preferred
Definition: node_st.h:89
node_get_by_hex_id
const node_t * node_get_by_hex_id(const char *hex_id, unsigned flags)
Definition: nodelist.c:986
node_t::is_valid
unsigned int is_valid
Definition: node_st.h:65
tor_log
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:628
sa_family_t
uint16_t sa_family_t
Definition: inaddr_st.h:77
frac_nodes_with_descriptors
double frac_nodes_with_descriptors(const smartlist_t *sl, bandwidth_weight_rule_t rule, int for_direct_conn)
Definition: node_select.c:815
should_delay_dir_fetches
int should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
Definition: networkstatus.c:1253
ROUTER_PURPOSE_GENERAL
#define ROUTER_PURPOSE_GENERAL
Definition: routerinfo_st.h:97
node_get_mutable_by_ed25519_id
node_t * node_get_mutable_by_ed25519_id(const ed25519_public_key_t *ed_id)
Definition: nodelist.c:207
node_supports_establish_intro_dos_extension
int node_supports_establish_intro_dos_extension(const node_t *node)
Definition: nodelist.c:1199
microdesc_t::policy_is_reject_star
unsigned int policy_is_reject_star
Definition: microdesc_st.h:44
addrs_in_same_network_family
int addrs_in_same_network_family(const tor_addr_t *a1, const tor_addr_t *a2)
Definition: nodelist.c:1987
or_options_t
Definition: or_options_st.h:39
we_use_microdescriptors_for_circuits
int we_use_microdescriptors_for_circuits(const or_options_t *options)
Definition: microdesc.c:1054
nodelist_free_all
void nodelist_free_all(void)
Definition: nodelist.c:854
STATIC
#define STATIC
Definition: testsupport.h:32
routerstatus_t::ipv6_orport
uint16_t ipv6_orport
Definition: routerstatus_st.h:36
node_lookup_declared_family
STATIC void node_lookup_declared_family(smartlist_t *out, const node_t *node)
Definition: nodelist.c:2068
router_have_minimum_dir_info
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2324
routerinfo_t::nickname
char * nickname
Definition: routerinfo_st.h:22
LD_DIR
#define LD_DIR
Definition: log.h:88
address_set_probably_contains
int address_set_probably_contains(const address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:67
networkstatus_get_param
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Definition: networkstatus.c:2490
networkstatus_st.h
Networkstatus consensus/vote structure.
tor_addr_compare_masked
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:996
dirclient_modes.h
Header for feature/dirclient/dirclient_modes.c.
routerstatus_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: routerstatus_st.h:27
networkstatus_t
Definition: networkstatus_st.h:26
node_exit_policy_rejects_all
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1457
router_dir_info_changed
void router_dir_info_changed(void)
Definition: nodelist.c:2367
node_has_preferred_descriptor
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1378
tor_addr_to_in6_addr8
#define tor_addr_to_in6_addr8(x)
Definition: address.h:134
node_t::is_exit
unsigned int is_exit
Definition: node_st.h:70
node_t::is_running
unsigned int is_running
Definition: node_st.h:63
smartlist_t
Definition: smartlist_core.h:26
node_get_purpose
int node_get_purpose(const node_t *node)
Definition: nodelist.c:1399
fast_memeq
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
address_set_add
void address_set_add(address_set_t *set, const struct tor_addr_t *addr)
Definition: address_set.c:48
consensus_path_type_t
consensus_path_type_t
Definition: nodelist.h:148
node_t::ed25519_id
ed25519_public_key_t ed25519_id
Definition: node_st.h:53
authdir_mode
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
need_to_update_have_min_dir_info
static int need_to_update_have_min_dir_info
Definition: nodelist.c:2311
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:924
routerinfo_t::onion_curve25519_pkey
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:42
node_t::identity
char identity[DIGEST_LEN]
Definition: node_st.h:46
node_get_prim_addr_ipv4h
uint32_t node_get_prim_addr_ipv4h(const node_t *node)
Definition: nodelist.c:1579
ratelim_t
Definition: ratelim.h:42
or.h
Master header file for Tor-specific functionality.
router_set_status
void router_set_status(const char *digest, int up)
Definition: nodelist.c:2268
node_get_protover_summary_flags
static const protover_summary_flags_t * node_get_protover_summary_flags(const node_t *node)
Definition: nodelist.c:1141
node_is_a_configured_bridge
int node_is_a_configured_bridge(const node_t *node)
Definition: bridges.c:348
hs_get_current_srv
uint8_t * hs_get_current_srv(uint64_t time_period_num, const networkstatus_t *ns)
Definition: hs_common.c:1233
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72