Macros | Functions
router.h File Reference
#include "lib/testsupport/testsupport.h"

Go to the source code of this file.


#define ntor_key_map_free(map)   FREE_AND_NULL(di_digest256_map_t, ntor_key_map_free_, (map))


 MOCK_DECL (crypto_pk_t *, get_onion_key,(void))
time_t get_onion_key_set_at (void)
void set_server_identity_key (crypto_pk_t *k)
 MOCK_DECL (crypto_pk_t *, get_server_identity_key,(void))
int server_identity_key_is_set (void)
void set_client_identity_key (crypto_pk_t *k)
crypto_pk_tget_tlsclient_identity_key (void)
int client_identity_key_is_set (void)
 MOCK_DECL (authority_cert_t *, get_my_v3_authority_cert,(void))
crypto_pk_tget_my_v3_authority_signing_key (void)
authority_cert_tget_my_v3_legacy_cert (void)
crypto_pk_tget_my_v3_legacy_signing_key (void)
void dup_onion_keys (crypto_pk_t **key, crypto_pk_t **last)
void expire_old_onion_keys (void)
void rotate_onion_key (void)
void v3_authority_check_key_expiry (void)
int get_onion_key_lifetime (void)
int get_onion_key_grace_period (void)
crypto_pk_trouter_get_rsa_onion_pkey (const char *pkey, size_t pkey_len)
void router_set_rsa_onion_pkey (const crypto_pk_t *pk, char **onion_pkey_out, size_t *onion_pkey_len)
di_digest256_map_tconstruct_ntor_key_map (void)
void ntor_key_map_free_ (di_digest256_map_t *map)
int router_initialize_tls_context (void)
int init_keys (void)
int init_keys_client (void)
uint16_t router_get_active_listener_port_by_type_af (int listener_type, sa_family_t family)
uint16_t router_get_advertised_or_port (const or_options_t *options)
uint16_t router_get_advertised_or_port_by_af (const or_options_t *options, sa_family_t family)
uint16_t router_get_advertised_dir_port (const or_options_t *options, uint16_t dirport)
int router_should_advertise_dirport (const or_options_t *options, uint16_t dir_port)
void consider_publishable_server (int force)
int should_refuse_unknown_exits (const or_options_t *options)
void router_upload_dir_desc_to_dirservers (int force)
void mark_my_descriptor_dirty_if_too_old (time_t now)
void mark_my_descriptor_dirty (const char *reason)
void check_descriptor_bandwidth_changed (time_t now)
void check_descriptor_ipaddress_changed (time_t now)
int router_has_bandwidth_to_be_dirserver (const or_options_t *options)
void router_new_address_suggestion (const char *suggestion, const dir_connection_t *d_conn)
int router_compare_to_my_exit_policy (const tor_addr_t *addr, uint16_t port)
 MOCK_DECL (int, router_my_exit_policy_is_reject_star,(void))
 MOCK_DECL (const routerinfo_t *, router_get_my_routerinfo,(void))
 MOCK_DECL (const routerinfo_t *, router_get_my_routerinfo_with_err,(int *err))
extrainfo_trouter_get_my_extrainfo (void)
const char * router_get_my_descriptor (void)
const char * router_get_descriptor_gen_reason (void)
int router_digest_is_me (const char *digest)
const uint8_t * router_get_my_id_digest (void)
int router_extrainfo_digest_is_me (const char *digest)
int router_is_me (const routerinfo_t *router)
 MOCK_DECL (int, router_pick_published_address,(const or_options_t *options, uint32_t *addr, int cache_only))
int router_build_fresh_descriptor (routerinfo_t **r, extrainfo_t **e)
int router_rebuild_descriptor (int force)
char * router_dump_router_to_string (routerinfo_t *router, const crypto_pk_t *ident_key, const crypto_pk_t *tap_key, const struct curve25519_keypair_t *ntor_keypair, const struct ed25519_keypair_t *signing_keypair)
char * router_dump_exit_policy_to_string (const routerinfo_t *router, int include_ipv4, int include_ipv6)
int extrainfo_dump_to_string (char **s, extrainfo_t *extrainfo, crypto_pk_t *ident_key, const struct ed25519_keypair_t *signing_keypair)
const char * routerinfo_err_to_string (int err)
int routerinfo_err_is_transient (int err)
void router_reset_warnings (void)
void router_reset_reachability (void)
void router_free_all (void)

Detailed Description

Header file for router.c.

Definition in file router.h.

Function Documentation

◆ check_descriptor_bandwidth_changed()

void check_descriptor_bandwidth_changed ( time_t  now)

Check whether bandwidth has changed a lot since the last time we announced bandwidth while the uptime is smaller than MAX_UPTIME_BANDWIDTH_CHANGE. If so, mark our descriptor dirty.

Definition at line 2456 of file router.c.


Referenced by check_descriptor_callback().

◆ check_descriptor_ipaddress_changed()

void check_descriptor_ipaddress_changed ( time_t  now)

Check whether our own address as defined by the Address configuration has changed. This is for routers that get their address from a service like dyndns. If our address has changed, mark our descriptor dirty.

Definition at line 2524 of file router.c.

Referenced by check_descriptor_callback().

◆ client_identity_key_is_set()

int client_identity_key_is_set ( void  )

Return true iff the client identity key has been set.

Definition at line 419 of file router.c.

References client_identitykey.

◆ consider_publishable_server()

void consider_publishable_server ( int  force)

Initiate server descriptor upload as reasonable (if server is publishable, etc). force is as for router_upload_dir_desc_to_dirservers.

We need to rebuild the descriptor if it's dirty even if we're not uploading, because our reachability testing uses our descriptor to determine what IP address and ports to test.

Definition at line 1387 of file router.c.

References decide_if_publishable_server(), router_rebuild_descriptor(), router_upload_dir_desc_to_dirservers(), and set_server_advertised().

Referenced by check_descriptor_callback().

◆ construct_ntor_key_map()

di_digest256_map_t* construct_ntor_key_map ( void  )

Return a map from KEYID (the key itself) to keypairs for use in the ntor handshake. Must only be called from the main thread.

Definition at line 283 of file router.c.

References curve25519_onion_key, CURVE25519_PUBKEY_LEN, dimap_add_entry(), and fast_mem_is_zero().

◆ dup_onion_keys()

void dup_onion_keys ( crypto_pk_t **  key,
crypto_pk_t **  last 

Store a full copy of the current onion key into *key, and a full copy of the most recent onion key into *last. Store NULL into a pointer if the corresponding key does not exist.

Definition at line 211 of file router.c.

References crypto_pk_copy_full(), key_lock, lastonionkey, onionkey, tor_assert(), tor_mutex_acquire(), and tor_mutex_release().

◆ expire_old_onion_keys()

void expire_old_onion_keys ( void  )

Expire our old set of onion keys. This is done by setting last_curve25519_onion_key and lastonionkey to all zero's and NULL respectively.

This function does not perform any grace period checks for the old onion keys.

Definition at line 235 of file router.c.

References key_lock, lastonionkey, and tor_mutex_acquire().

◆ get_my_v3_authority_signing_key()

crypto_pk_t* get_my_v3_authority_signing_key ( void  )

Return the v3 signing key for this v3 (voting) authority, or NULL if we have no such key.

Definition at line 435 of file router.c.

References authority_signing_key.

Referenced by dirvote_perform_vote().

◆ get_my_v3_legacy_cert()

authority_cert_t* get_my_v3_legacy_cert ( void  )

If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return the certificate associated with that key.

Definition at line 444 of file router.c.

References legacy_key_certificate.

Referenced by authority_cert_get_by_sk_digest().

◆ get_my_v3_legacy_signing_key()

crypto_pk_t* get_my_v3_legacy_signing_key ( void  )

If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return that key.

Definition at line 452 of file router.c.

References legacy_signing_key.

◆ get_onion_key_grace_period()

int get_onion_key_grace_period ( void  )

Get the grace period of an onion key in seconds. This value is defined by the network consesus parameter "onion-key-grace-period-days", but the value is converted to seconds.

Definition at line 777 of file router.c.

References DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS, get_onion_key_rotation_days_(), and MIN_ONION_KEY_GRACE_PERIOD_DAYS.

◆ get_onion_key_lifetime()

int get_onion_key_lifetime ( void  )

Get the current lifetime of an onion key in seconds. This value is defined by the network consesus parameter "onion-key-rotation-days", but the value is converted to seconds.

Definition at line 767 of file router.c.

References get_onion_key_rotation_days_().

◆ get_onion_key_set_at()

time_t get_onion_key_set_at ( void  )

Return the time when the onion key was last set. This is either the time when the process launched, or the time of the most recent key rotation since the process launched.

Definition at line 329 of file router.c.

References onionkey_set_at.

◆ get_tlsclient_identity_key()

crypto_pk_t* get_tlsclient_identity_key ( void  )

Returns the current client identity key for use on outgoing TLS connections; requires that the key has been set.

Definition at line 410 of file router.c.

References assert_identity_keys_ok(), client_identitykey, and tor_assert().

Referenced by MOCK_IMPL().

◆ init_keys()

int init_keys ( void  )

Initialize all OR private keys, and the TLS context, as necessary. On OPs, this only initializes the tls context. Return 0 on success, or -1 if Tor should die.

Definition at line 926 of file router.c.

References DIGEST_LEN.

Referenced by accounting_set_wakeup_time().

◆ mark_my_descriptor_dirty()

void mark_my_descriptor_dirty ( const char *  reason)

Call when the current descriptor is out of date.

Definition at line 2427 of file router.c.

Referenced by mark_my_descriptor_dirty_if_too_old().

◆ mark_my_descriptor_dirty_if_too_old()

void mark_my_descriptor_dirty_if_too_old ( time_t  now)

◆ ntor_key_map_free_()

void ntor_key_map_free_ ( di_digest256_map_t map)

Release all storage from a keymap returned by construct_ntor_key_map.

Definition at line 317 of file router.c.

◆ rotate_onion_key()

void rotate_onion_key ( void  )

Replace the previous onion key with the current onion key, and generate a new previous onion key. Immediately after calling this function, the OR should:

  • schedule all previous cpuworkers to shut down after processing pending work. (This will cause fresh cpuworkers to be generated.)
  • generate and upload a fresh routerinfo.

Definition at line 465 of file router.c.

◆ router_build_fresh_descriptor()

int router_build_fresh_descriptor ( routerinfo_t **  r,
extrainfo_t **  e 

Build a fresh routerinfo, signed server descriptor, and signed extrainfo document for this OR.

Set r to the generated routerinfo, e to the generated extrainfo document. Failure to generate an extra-info document is not an error and is indicated by setting e to NULL. Return 0 on success, and a negative value on temporary error. Caller is responsible for freeing generated documents on success.

Definition at line 2270 of file router.c.

◆ router_compare_to_my_exit_policy()

int router_compare_to_my_exit_policy ( const tor_addr_t addr,
uint16_t  port 

OR only: Check whether my exit policy says to allow connection to conn. Return 0 if we accept; non-0 if we reject.

Definition at line 1545 of file router.c.

References ADDR_POLICY_ACCEPTED, compare_tor_addr_to_short_policy(), desc_routerinfo, routerinfo_t::exit_policy, routerinfo_t::ipv6_exit_policy, tor_addr_family(), and tor_addr_is_null().

Referenced by my_exit_policy_rejects().

◆ router_digest_is_me()

int router_digest_is_me ( const char *  digest)

Return true iff I'm a server and digest is equal to my server identity key digest.

Definition at line 1592 of file router.c.

References DIGEST_LEN, server_identitykey, server_identitykey_digest, and tor_memeq().

Referenced by get_signed_descriptor_by_fp(), MOCK_IMPL(), node_is_me(), node_is_possible_guard(), and router_is_me().

◆ router_dump_exit_policy_to_string()

char* router_dump_exit_policy_to_string ( const routerinfo_t router,
int  include_ipv4,
int  include_ipv6 

OR only: Given router, produce a string with its exit policy. If include_ipv4 is true, include IPv4 entries. If include_ipv6 is true, include IPv6 entries.

Definition at line 3049 of file router.c.

References routerinfo_t::exit_policy, and routerinfo_t::policy_is_reject_star.

◆ router_extrainfo_digest_is_me()

int router_extrainfo_digest_is_me ( const char *  digest)

Return true iff I'm a server and digest is equal to my identity digest.

Definition at line 1608 of file router.c.

References DIGEST_LEN, router_get_my_extrainfo(), signed_descriptor_t::signed_descriptor_digest, and tor_memeq().

◆ router_free_all()

void router_free_all ( void  )

Release all static resources held in router.c

Definition at line 3461 of file router.c.

◆ router_get_active_listener_port_by_type_af()

uint16_t router_get_active_listener_port_by_type_af ( int  listener_type,
sa_family_t  family 

Return the port of the first active listener of type listener_type. XXX not a very good interface. it's not reliable when there are multiple listeners.

Definition at line 1409 of file router.c.


Referenced by get_first_listener_addrport_string(), and router_get_advertised_or_port_by_af().

◆ router_get_advertised_dir_port()

uint16_t router_get_advertised_dir_port ( const or_options_t options,
uint16_t  dirport 

Return the port that we should advertise as our DirPort; this is one of three possibilities: The one that is passed as dirport if the DirPort option is 0, or the one configured in the DirPort option, or the one we actually bound to if DirPort is "auto".

Definition at line 1460 of file router.c.

Referenced by decide_to_advertise_dir_impl(), get_list_of_ports_to_forward(), and retry_all_listeners().

◆ router_get_advertised_or_port()

uint16_t router_get_advertised_or_port ( const or_options_t options)

Return the port that we should advertise as our ORPort; this is either the one configured in the ORPort option, or the one we actually bound to if ORPort is "auto".

Definition at line 1430 of file router.c.

References router_get_advertised_or_port_by_af().

Referenced by decide_to_advertise_dir_impl(), get_list_of_ports_to_forward(), retry_all_listeners(), and router_rebuild_descriptor().

◆ router_get_advertised_or_port_by_af()

uint16_t router_get_advertised_or_port_by_af ( const or_options_t options,
sa_family_t  family 

◆ router_get_descriptor_gen_reason()

const char* router_get_descriptor_gen_reason ( void  )

Return a human-readable string describing what triggered us to generate our current descriptor, or NULL if we don't know.

Definition at line 1704 of file router.c.

References desc_gen_reason.

◆ router_get_my_descriptor()

const char* router_get_my_descriptor ( void  )

OR only: Return a signed server descriptor for this OR, rebuilding a fresh one if necessary. Return NULL on error.

Definition at line 1675 of file router.c.

References signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_get_body(), signed_descriptor_t::signed_descriptor_len, and tor_assert().

◆ router_get_my_extrainfo()

extrainfo_t* router_get_my_extrainfo ( void  )

Return the extrainfo document for this OR, or NULL if we have none. Rebuilt it (and the server descriptor) if necessary.

Definition at line 1692 of file router.c.

References desc_extrainfo, and router_rebuild_descriptor().

Referenced by get_signed_descriptor_by_fp(), and router_extrainfo_digest_is_me().

◆ router_get_my_id_digest()

const uint8_t* router_get_my_id_digest ( void  )

Return my identity digest.

Definition at line 1600 of file router.c.

References server_identitykey_digest.

◆ router_has_bandwidth_to_be_dirserver()

int router_has_bandwidth_to_be_dirserver ( const or_options_t options)

Return true iff we have enough configured bandwidth to advertise or automatically provide directory services from cache directory information.

Definition at line 1189 of file router.c.

References or_options_t::BandwidthRate, MIN_BW_TO_ADVERTISE_DIRSERVER, and or_options_t::RelayBandwidthRate.

Referenced by dir_server_mode().

◆ router_initialize_tls_context()

int router_initialize_tls_context ( void  )

Set up Tor's TLS contexts, based on our configuration and keys. Return 0 on success, and -1 on failure.

Definition at line 791 of file router.c.

References or_options_t::SSLKeyLifetime.

◆ router_is_me()

int router_is_me ( const routerinfo_t router)

◆ router_new_address_suggestion()

void router_new_address_suggestion ( const char *  suggestion,
const dir_connection_t d_conn 

A directory server d_conn told us our IP address is suggestion. If this address is different from the one we think we are now, and if our computer doesn't actually know its IP address, then switch.

Definition at line 2573 of file router.c.

References tor_addr_parse().

◆ router_rebuild_descriptor()

int router_rebuild_descriptor ( int  force)

If force is true, or our descriptor is out-of-date, rebuild a fresh routerinfo, signed server descriptor, and extra-info document for this OR. Return 0 on success, -1 on temporary error.

Definition at line 2332 of file router.c.

References desc_clean_since, and router_get_advertised_or_port().

Referenced by consider_publishable_server(), and router_get_my_extrainfo().

◆ router_reset_reachability()

void router_reset_reachability ( void  )

Forget what we have learned about our reachability status.

Definition at line 49 of file selftest.c.

References can_reach_dir_port, and can_reach_or_port.

◆ router_reset_warnings()

void router_reset_warnings ( void  )

Forget that we have issued any router-related warnings, so that we'll warn again if we see the same errors.

Definition at line 3451 of file router.c.

References smartlist_clear(), SMARTLIST_FOREACH, tor_free, and warned_family.

◆ router_should_advertise_dirport()

int router_should_advertise_dirport ( const or_options_t options,
uint16_t  dir_port 

Front-end to decide_to_advertise_dir_impl(): return 0 if we don't want to advertise the fact that we have a DirPort open, else return the DirPort we want to advertise.

Definition at line 1309 of file router.c.

References decide_to_advertise_dir_impl().

◆ router_upload_dir_desc_to_dirservers()

void router_upload_dir_desc_to_dirservers ( int  force)

OR only: If force is true, or we haven't uploaded this descriptor successfully yet, try to upload our signed descriptor to all the directory servers we know about.

Definition at line 1499 of file router.c.

Referenced by consider_publishable_server().

◆ routerinfo_err_is_transient()

int routerinfo_err_is_transient ( int  err)

Return true if we expect given error to be transient. Return false otherwise.

For simplicity, we consider all errors other than "not a server" transient - see discussion on

Definition at line 169 of file router.c.

◆ routerinfo_err_to_string()

const char* routerinfo_err_to_string ( int  err)

Return a readonly string with human readable description of err.

Definition at line 140 of file router.c.

◆ server_identity_key_is_set()

int server_identity_key_is_set ( void  )

Return true iff we are a server and the server identity key has been set.

Definition at line 392 of file router.c.

References server_identitykey.

Referenced by accounting_set_wakeup_time(), and log_master_signing_key_cert_expiration().

◆ set_client_identity_key()

void set_client_identity_key ( crypto_pk_t k)

Set the current client identity key to k.

Definition at line 400 of file router.c.

◆ set_server_identity_key()

void set_server_identity_key ( crypto_pk_t k)

Set the current server identity key to k.

Definition at line 337 of file router.c.

◆ should_refuse_unknown_exits()

int should_refuse_unknown_exits ( const or_options_t options)

Return true iff the combination of options in options and parameters in the consensus mean that we don't want to allow exits from circuits we got from addresses not known to be servers.

Definition at line 1331 of file router.c.

References or_options_t::RefuseUnknownExits.

Referenced by directory_caches_dir_info(), and directory_fetches_from_authorities().

◆ v3_authority_check_key_expiry()

void v3_authority_check_key_expiry ( void  )

If we're a v3 authority, check whether we have a certificate that's likely to expire soon. Warn if we do, but not too often.

Definition at line 704 of file router.c.