Tor  0.4.7.0-alpha-dev
shared_random_state.c
Go to the documentation of this file.
1 /* Copyright (c) 2016-2021, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 /**
5  * \file shared_random_state.c
6  *
7  * \brief Functions and data structures for the state of the random protocol
8  * as defined in proposal #250.
9  **/
10 
11 #define SHARED_RANDOM_STATE_PRIVATE
12 
13 #include "core/or/or.h"
14 #include "app/config/config.h"
15 #include "lib/confmgt/confmgt.h"
19 #include "feature/relay/router.h"
24 #include "lib/encoding/confline.h"
25 #include "lib/version/torversion.h"
26 
27 #include "app/config/or_state_st.h"
28 
29 /** Default filename of the shared random state on disk. */
30 static const char default_fname[] = "sr-state";
31 
32 /** String representation of a protocol phase. */
33 static const char *phase_str[] = { "unknown", "commit", "reveal" };
34 
35 /** Our shared random protocol state. There is only one possible state per
36  * protocol run so this is the global state which is reset at every run once
37  * the shared random value has been computed. */
38 static sr_state_t *sr_state = NULL;
39 
40 /** Representation of our persistent state on disk. The sr_state above
41  * contains the data parsed from this state. When we save to disk, we
42  * translate the sr_state to this sr_disk_state. */
44 
45 /* Disk state file keys. */
46 static const char dstate_commit_key[] = "Commit";
47 static const char dstate_prev_srv_key[] = "SharedRandPreviousValue";
48 static const char dstate_cur_srv_key[] = "SharedRandCurrentValue";
49 
50 /** dummy instance of sr_disk_state_t, used for type-checking its
51  * members with CONF_CHECK_VAR_TYPE. */
53 
54 #define VAR(varname,conftype,member,initvalue) \
55  CONFIG_VAR_ETYPE(sr_disk_state_t, varname, conftype, member, 0, initvalue)
56 #define V(member,conftype,initvalue) \
57  VAR(#member, conftype, member, initvalue)
58 
59 /** Our persistent state magic number. */
60 #define SR_DISK_STATE_MAGIC 0x98AB1254
61 
62 /** Array of variables that are saved to disk as a persistent state. */
63 // clang-format off
64 static const config_var_t state_vars[] = {
65  V(Version, POSINT, "0"),
66  V(TorVersion, STRING, NULL),
67  V(ValidAfter, ISOTIME, NULL),
68  V(ValidUntil, ISOTIME, NULL),
69 
70  V(Commit, LINELIST, NULL),
71 
72  V(SharedRandValues, LINELIST_V, NULL),
73  VAR("SharedRandPreviousValue",LINELIST_S, SharedRandValues, NULL),
74  VAR("SharedRandCurrentValue", LINELIST_S, SharedRandValues, NULL),
76 };
77 // clang-format on
78 
79 /** "Extra" variable in the state that receives lines we can't parse. This
80  * lets us preserve options from versions of Tor newer than us. */
82  .name = "__extra",
83  .type = CONFIG_TYPE_LINELIST,
84  .offset = offsetof(sr_disk_state_t, ExtraLines),
85 };
86 
87 /** Configuration format of sr_disk_state_t. */
88 static const config_format_t state_format = {
89  .size = sizeof(sr_disk_state_t),
90  .magic = {
91  "sr_disk_state_t",
93  offsetof(sr_disk_state_t, magic_),
94  },
95  .vars = state_vars,
96  .extra = &state_extra_var,
97 };
98 
99 /** Global configuration manager for the shared-random state file */
101 
102 /** Return the configuration manager for the shared-random state file. */
103 static const config_mgr_t *
105 {
106  if (PREDICT_UNLIKELY(shared_random_state_mgr == NULL)) {
109  }
111 }
112 
113 static void state_query_del_(sr_state_object_t obj_type, void *data);
114 
115 /** Return a string representation of a protocol phase. */
116 STATIC const char *
118 {
119  const char *the_string = NULL;
120 
121  switch (phase) {
122  case SR_PHASE_COMMIT:
123  case SR_PHASE_REVEAL:
124  the_string = phase_str[phase];
125  break;
126  default:
127  /* Unknown phase shouldn't be possible. */
128  tor_assert(0);
129  }
130 
131  return the_string;
132 }
133 /** Return the time we should expire the state file created at <b>now</b>.
134  * We expire the state file in the beginning of the next protocol run. */
135 STATIC time_t
137 {
138  int total_rounds = SHARED_RANDOM_N_ROUNDS * SHARED_RANDOM_N_PHASES;
139  int current_round, voting_interval, rounds_left;
140  time_t valid_until, beginning_of_current_round;
141 
142  voting_interval = get_voting_interval();
143  /* Find the time the current round started. */
144  beginning_of_current_round = dirauth_sched_get_cur_valid_after_time();
145 
146  /* Find how many rounds are left till the end of the protocol run */
147  current_round = (now / voting_interval) % total_rounds;
148  rounds_left = total_rounds - current_round;
149 
150  /* To find the valid-until time now, take the start time of the current
151  * round and add to it the time it takes for the leftover rounds to
152  * complete. */
153  valid_until = beginning_of_current_round + (rounds_left * voting_interval);
154 
155  { /* Logging */
156  char tbuf[ISO_TIME_LEN + 1];
157  format_iso_time(tbuf, valid_until);
158  log_debug(LD_DIR, "SR: Valid until time for state set to %s.", tbuf);
159  }
160 
161  return valid_until;
162 }
163 
164 /** Given the consensus 'valid-after' time, return the protocol phase we should
165  * be in. */
167 get_sr_protocol_phase(time_t valid_after)
168 {
169  /* Shared random protocol has two phases, commit and reveal. */
170  int total_periods = SHARED_RANDOM_N_ROUNDS * SHARED_RANDOM_N_PHASES;
171  int current_slot;
172 
173  /* Split time into slots of size 'voting_interval'. See which slot we are
174  * currently into, and find which phase it corresponds to. */
175  current_slot = (valid_after / get_voting_interval()) % total_periods;
176 
177  if (current_slot < SHARED_RANDOM_N_ROUNDS) {
178  return SR_PHASE_COMMIT;
179  } else {
180  return SR_PHASE_REVEAL;
181  }
182 }
183 
184 /** Add the given <b>commit</b> to <b>state</b>. It MUST be a valid commit
185  * and there shouldn't be a commit from the same authority in the state
186  * already else verification hasn't been done prior. This takes ownership of
187  * the commit once in our state. */
188 static void
190 {
191  sr_commit_t *saved_commit;
192 
193  tor_assert(commit);
194  tor_assert(state);
195 
196  saved_commit = digestmap_set(state->commits, commit->rsa_identity,
197  commit);
198  if (saved_commit != NULL) {
199  /* This means we already have that commit in our state so adding twice
200  * the same commit is either a code flow error, a corrupted disk state
201  * or some new unknown issue. */
202  log_warn(LD_DIR, "SR: Commit from %s exists in our state while "
203  "adding it: '%s'", sr_commit_get_rsa_fpr(commit),
204  commit->encoded_commit);
205  sr_commit_free(saved_commit);
206  }
207 }
208 
209 /** Helper: deallocate a commit object. (Used with digestmap_free(), which
210  * requires a function pointer whose argument is void *). */
211 static void
212 commit_free_(void *p)
213 {
214  sr_commit_free_(p);
215 }
216 
217 #define state_free(val) \
218  FREE_AND_NULL(sr_state_t, state_free_, (val))
219 
220 /** Free a state that was allocated with state_new(). */
221 static void
223 {
224  if (state == NULL) {
225  return;
226  }
227  tor_free(state->fname);
228  digestmap_free(state->commits, commit_free_);
229  tor_free(state->current_srv);
230  tor_free(state->previous_srv);
231  tor_free(state);
232 }
233 
234 /** Allocate an sr_state_t object and returns it. If no <b>fname</b>, the
235  * default file name is used. This function does NOT initialize the state
236  * timestamp, phase or shared random value. NULL is never returned. */
237 static sr_state_t *
238 state_new(const char *fname, time_t now)
239 {
240  sr_state_t *new_state = tor_malloc_zero(sizeof(*new_state));
241  /* If file name is not provided, use default. */
242  if (fname == NULL) {
243  fname = default_fname;
244  }
245  new_state->fname = tor_strdup(fname);
246  new_state->version = SR_PROTO_VERSION;
247  new_state->commits = digestmap_new();
248  new_state->phase = get_sr_protocol_phase(now);
249  new_state->valid_until = get_state_valid_until_time(now);
250  return new_state;
251 }
252 
253 /** Set our global state pointer with the one given. */
254 static void
256 {
257  tor_assert(state);
258  if (sr_state != NULL) {
259  state_free(sr_state);
260  }
261  sr_state = state;
262 }
263 
264 #define disk_state_free(val) \
265  FREE_AND_NULL(sr_disk_state_t, disk_state_free_, (val))
266 
267 /** Free an allocated disk state. */
268 static void
270 {
271  if (state == NULL) {
272  return;
273  }
274  config_free(get_srs_mgr(), state);
275 }
276 
277 /** Allocate a new disk state, initialize it and return it. */
278 static sr_disk_state_t *
279 disk_state_new(time_t now)
280 {
281  sr_disk_state_t *new_state = config_new(get_srs_mgr());
282 
283  new_state->Version = SR_PROTO_VERSION;
284  new_state->TorVersion = tor_strdup(get_version());
285  new_state->ValidUntil = get_state_valid_until_time(now);
286  new_state->ValidAfter = now;
287 
288  /* Init config format. */
289  config_init(get_srs_mgr(), new_state);
290  return new_state;
291 }
292 
293 /** Set our global disk state with the given state. */
294 static void
296 {
297  tor_assert(state);
298  if (sr_disk_state != NULL) {
299  disk_state_free(sr_disk_state);
300  }
301  sr_disk_state = state;
302 }
303 
304 /** Return -1 if the disk state is invalid (something in there that we can't or
305  * shouldn't use). Return 0 if everything checks out. */
306 static int
308 {
309  time_t now;
310 
311  tor_assert(state);
312 
313  /* Do we support the protocol version in the state or is it 0 meaning
314  * Version wasn't found in the state file or bad anyway ? */
315  if (state->Version == 0 || state->Version > SR_PROTO_VERSION) {
316  goto invalid;
317  }
318 
319  /* If the valid until time is before now, we shouldn't use that state. */
320  now = time(NULL);
321  if (state->ValidUntil < now) {
322  log_info(LD_DIR, "SR: Disk state has expired. Ignoring it.");
323  goto invalid;
324  }
325 
326  /* Make sure we don't have a valid after time that is earlier than a valid
327  * until time which would make things not work well. */
328  if (state->ValidAfter >= state->ValidUntil) {
329  log_info(LD_DIR, "SR: Disk state valid after/until times are invalid.");
330  goto invalid;
331  }
332 
333  return 0;
334 
335  invalid:
336  return -1;
337 }
338 
339 /** Parse the Commit line(s) in the disk state and translate them to the
340  * the memory state. Return 0 on success else -1 on error. */
341 static int
343  const sr_disk_state_t *disk_state)
344 {
345  config_line_t *line;
346  smartlist_t *args = NULL;
347 
348  tor_assert(state);
349  tor_assert(disk_state);
350 
351  for (line = disk_state->Commit; line; line = line->next) {
352  sr_commit_t *commit = NULL;
353 
354  /* Extra safety. */
355  if (strcasecmp(line->key, dstate_commit_key) ||
356  line->value == NULL) {
357  /* Ignore any lines that are not commits. */
359  continue;
360  }
361  args = smartlist_new();
362  smartlist_split_string(args, line->value, " ",
363  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
364  if (smartlist_len(args) < 3) {
365  log_warn(LD_BUG, "SR: Too few arguments in Commit Line: %s",
366  escaped(line->value));
367  goto error;
368  }
369  commit = sr_parse_commit(args);
370  if (commit == NULL) {
371  /* Ignore badly formed commit. It could also be a authority
372  * fingerprint that we don't know about so it shouldn't be used. */
373  smartlist_free(args);
374  continue;
375  }
376  /* We consider parseable commit from our disk state to be valid because
377  * they need to be in the first place to get in there. */
378  commit->valid = 1;
379  /* Add commit to our state pointer. */
380  commit_add_to_state(commit, state);
381 
382  SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
383  smartlist_free(args);
384  }
385 
386  return 0;
387 
388  error:
389  SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
390  smartlist_free(args);
391  return -1;
392 }
393 
394 /** Parse a share random value line from the disk state and save it to dst
395  * which is an allocated srv object. Return 0 on success else -1. */
396 static int
397 disk_state_parse_srv(const char *value, sr_srv_t *dst)
398 {
399  int ret = -1;
400  smartlist_t *args;
401  sr_srv_t *srv;
402 
403  tor_assert(value);
404  tor_assert(dst);
405 
406  args = smartlist_new();
407  smartlist_split_string(args, value, " ",
408  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
409  if (smartlist_len(args) < 2) {
410  log_warn(LD_BUG, "SR: Too few arguments in shared random value. "
411  "Line: %s", escaped(value));
412  goto error;
413  }
414  srv = sr_parse_srv(args);
415  if (srv == NULL) {
416  goto error;
417  }
418  dst->num_reveals = srv->num_reveals;
419  memcpy(dst->value, srv->value, sizeof(dst->value));
420  tor_free(srv);
421  ret = 0;
422 
423  error:
424  SMARTLIST_FOREACH(args, char *, s, tor_free(s));
425  smartlist_free(args);
426  return ret;
427 }
428 
429 /** Parse both SharedRandCurrentValue and SharedRandPreviousValue line from
430  * the state. Return 0 on success else -1. */
431 static int
433  const sr_disk_state_t *disk_state)
434 {
435  /* Only one value per type (current or previous) is allowed so we keep
436  * track of it with these flag. */
437  unsigned int seen_previous = 0, seen_current = 0;
438  config_line_t *line;
439  sr_srv_t *srv = NULL;
440 
441  tor_assert(state);
442  tor_assert(disk_state);
443 
444  for (line = disk_state->SharedRandValues; line; line = line->next) {
445  if (line->value == NULL) {
446  continue;
447  }
448  srv = tor_malloc_zero(sizeof(*srv));
449  if (disk_state_parse_srv(line->value, srv) < 0) {
450  log_warn(LD_BUG, "SR: Broken current SRV line in state %s",
451  escaped(line->value));
452  goto bad;
453  }
454  if (!strcasecmp(line->key, dstate_prev_srv_key)) {
455  if (seen_previous) {
456  log_warn(LD_DIR, "SR: Second previous SRV value seen. Bad state");
457  goto bad;
458  }
459  state->previous_srv = srv;
460  seen_previous = 1;
461  } else if (!strcasecmp(line->key, dstate_cur_srv_key)) {
462  if (seen_current) {
463  log_warn(LD_DIR, "SR: Second current SRV value seen. Bad state");
464  goto bad;
465  }
466  state->current_srv = srv;
467  seen_current = 1;
468  } else {
469  /* Unknown key. Ignoring. */
470  tor_free(srv);
471  }
472  }
473 
474  return 0;
475  bad:
476  tor_free(srv);
477  return -1;
478 }
479 
480 /** Parse the given disk state and set a newly allocated state. On success,
481  * return that state else NULL. */
482 static sr_state_t *
483 disk_state_parse(const sr_disk_state_t *new_disk_state)
484 {
485  sr_state_t *new_state = state_new(default_fname, time(NULL));
486 
487  tor_assert(new_disk_state);
488 
489  new_state->version = new_disk_state->Version;
490  new_state->valid_until = new_disk_state->ValidUntil;
491  new_state->valid_after = new_disk_state->ValidAfter;
492 
493  /* Set our current phase according to the valid-after time in our disk
494  * state. The disk state we are parsing contains everything for the phase
495  * starting at valid_after so make sure our phase reflects that. */
496  new_state->phase = get_sr_protocol_phase(new_state->valid_after);
497 
498  /* Parse the shared random values. */
499  if (disk_state_parse_sr_values(new_state, new_disk_state) < 0) {
500  goto error;
501  }
502  /* Parse the commits. */
503  if (disk_state_parse_commits(new_state, new_disk_state) < 0) {
504  goto error;
505  }
506  /* Great! This new state contains everything we had on disk. */
507  return new_state;
508 
509  error:
510  state_free(new_state);
511  return NULL;
512 }
513 
514 /** From a valid commit object and an allocated config line, set the line's
515  * value to the state string representation of a commit. */
516 static void
518 {
519  char *reveal_str = NULL;
520 
521  tor_assert(commit);
522  tor_assert(line);
523 
524  if (!fast_mem_is_zero(commit->encoded_reveal,
525  sizeof(commit->encoded_reveal))) {
526  /* Add extra whitespace so we can format the line correctly. */
527  tor_asprintf(&reveal_str, " %s", commit->encoded_reveal);
528  }
529  tor_asprintf(&line->value, "%u %s %s %s%s",
532  sr_commit_get_rsa_fpr(commit),
533  commit->encoded_commit,
534  reveal_str != NULL ? reveal_str : "");
535  if (reveal_str != NULL) {
536  memwipe(reveal_str, 0, strlen(reveal_str));
537  tor_free(reveal_str);
538  }
539 }
540 
541 /** From a valid srv object and an allocated config line, set the line's
542  * value to the state string representation of a shared random value. */
543 static void
545 {
546  char encoded[SR_SRV_VALUE_BASE64_LEN + 1];
547 
548  tor_assert(line);
549 
550  /* No SRV value thus don't add the line. This is possible since we might
551  * not have a current or previous SRV value in our state. */
552  if (srv == NULL) {
553  return;
554  }
555  sr_srv_encode(encoded, sizeof(encoded), srv);
556  tor_asprintf(&line->value, "%" PRIu64 " %s", srv->num_reveals, encoded);
557 }
558 
559 /** Reset disk state that is free allocated memory and zeroed the object. */
560 static void
562 {
563  /* Free allocated memory */
564  config_free_lines(sr_disk_state->Commit);
565  config_free_lines(sr_disk_state->SharedRandValues);
566  config_free_lines(sr_disk_state->ExtraLines);
568 
569  /* Clear other fields. */
572  sr_disk_state->Version = 0;
573 
574  /* Reset it with useful data */
575  sr_disk_state->TorVersion = tor_strdup(get_version());
576 }
577 
578 /** Update our disk state based on our global SR state. */
579 static void
581 {
582  config_line_t **next, *line;
583 
584  if (BUG(!sr_disk_state))
585  return;
586  if (BUG(!sr_state))
587  return;
588 
589  /* Reset current disk state. */
591 
592  /* First, update elements that we don't need to do a construction. */
596 
597  /* Shared random values. */
599  if (sr_state->previous_srv != NULL) {
600  *next = line = tor_malloc_zero(sizeof(config_line_t));
601  line->key = tor_strdup(dstate_prev_srv_key);
603  /* Go to the next shared random value. */
604  next = &(line->next);
605  }
606  if (sr_state->current_srv != NULL) {
607  *next = line = tor_malloc_zero(sizeof(*line));
608  line->key = tor_strdup(dstate_cur_srv_key);
610  }
611 
612  /* Parse the commits and construct config line(s). */
613  next = &sr_disk_state->Commit;
614  DIGESTMAP_FOREACH(sr_state->commits, key, sr_commit_t *, commit) {
615  *next = line = tor_malloc_zero(sizeof(*line));
616  line->key = tor_strdup(dstate_commit_key);
617  disk_state_put_commit_line(commit, line);
618  next = &(line->next);
620 }
621 
622 /** Load state from disk and put it into our disk state. If the state passes
623  * validation, our global state will be updated with it. Return 0 on
624  * success. On error, -EINVAL is returned if the state on disk did contained
625  * something malformed or is unreadable. -ENOENT is returned indicating that
626  * the state file is either empty of non existing. */
627 static int
629 {
630  int ret;
631  char *fname;
632 
633  fname = get_datadir_fname(default_fname);
634  ret = disk_state_load_from_disk_impl(fname);
635  tor_free(fname);
636 
637  return ret;
638 }
639 
640 /** Helper for disk_state_load_from_disk(). */
641 STATIC int
643 {
644  int ret;
645  char *content = NULL;
646  sr_state_t *parsed_state = NULL;
647  sr_disk_state_t *disk_state = NULL;
648 
649  /* Read content of file so we can parse it. */
650  if ((content = read_file_to_str(fname, 0, NULL)) == NULL) {
651  log_warn(LD_FS, "SR: Unable to read SR state file %s",
652  escaped(fname));
653  ret = -errno;
654  goto error;
655  }
656 
657  {
658  config_line_t *lines = NULL;
659  char *errmsg = NULL;
660 
661  /* Every error in this code path will return EINVAL. */
662  ret = -EINVAL;
663  if (config_get_lines(content, &lines, 0) < 0) {
664  config_free_lines(lines);
665  goto error;
666  }
667 
668  disk_state = disk_state_new(time(NULL));
669  config_assign(get_srs_mgr(), disk_state, lines, 0, &errmsg);
670  config_free_lines(lines);
671  if (errmsg) {
672  log_warn(LD_DIR, "SR: Reading state error: %s", errmsg);
673  tor_free(errmsg);
674  goto error;
675  }
676  }
677 
678  /* So far so good, we've loaded our state file into our disk state. Let's
679  * validate it and then parse it. */
680  if (disk_state_validate(disk_state) < 0) {
681  ret = -EINVAL;
682  goto error;
683  }
684 
685  parsed_state = disk_state_parse(disk_state);
686  if (parsed_state == NULL) {
687  ret = -EINVAL;
688  goto error;
689  }
690  state_set(parsed_state);
691  disk_state_set(disk_state);
692  tor_free(content);
693  log_info(LD_DIR, "SR: State loaded successfully from file %s", fname);
694  return 0;
695 
696  error:
697  disk_state_free(disk_state);
698  tor_free(content);
699  return ret;
700 }
701 
702 /** Save the disk state to disk but before that update it from the current
703  * state so we always have the latest. Return 0 on success else -1. */
704 static int
706 {
707  int ret;
708  char *state, *content = NULL, *fname = NULL;
709  char tbuf[ISO_TIME_LEN + 1];
710  time_t now = time(NULL);
711 
712  /* If we didn't have the opportunity to setup an internal disk state,
713  * don't bother saving something to disk. */
714  if (sr_disk_state == NULL) {
715  ret = 0;
716  goto done;
717  }
718 
719  /* Make sure that our disk state is up to date with our memory state
720  * before saving it to disk. */
722  state = config_dump(get_srs_mgr(), NULL, sr_disk_state, 0, 0);
723  format_local_iso_time(tbuf, now);
724  tor_asprintf(&content,
725  "# Tor shared random state file last generated on %s "
726  "local time\n"
727  "# Other times below are in UTC\n"
728  "# Please *do not* edit this file.\n\n%s",
729  tbuf, state);
730  tor_free(state);
731  fname = get_datadir_fname(default_fname);
732  if (write_str_to_file(fname, content, 0) < 0) {
733  log_warn(LD_FS, "SR: Unable to write SR state to file %s", fname);
734  ret = -1;
735  goto done;
736  }
737  ret = 0;
738  log_debug(LD_DIR, "SR: Saved state to file %s", fname);
739 
740  done:
741  tor_free(fname);
742  tor_free(content);
743  return ret;
744 }
745 
746 /** Reset our state to prepare for a new protocol run. Once this returns, all
747  * commits in the state will be removed and freed. */
748 STATIC void
750 {
751  if (BUG(!sr_state))
752  return;
753 
754  /* Keep counters in track */
758 
759  /* Reset valid-until */
761  sr_state->valid_after = valid_after;
762 
763  /* We are in a new protocol run so cleanup commits. */
765 }
766 
767 /** This is the first round of the new protocol run starting at
768  * <b>valid_after</b>. Do the necessary housekeeping. */
769 STATIC void
770 new_protocol_run(time_t valid_after)
771 {
772  sr_commit_t *our_commitment = NULL;
773 
774  /* Only compute the srv at the end of the reveal phase. */
775  if (sr_state->phase == SR_PHASE_REVEAL) {
776  /* We are about to compute a new shared random value that will be set in
777  * our state as the current value so rotate values. */
779  /* Compute the shared randomness value of the day. */
780  sr_compute_srv();
781  }
782 
783  /* Prepare for the new protocol run by resetting the state */
785 
786  /* Do some logging */
787  log_info(LD_DIR, "SR: Protocol run #%" PRIu64 " starting!",
789 
790  /* Generate fresh commitments for this protocol run */
791  our_commitment = sr_generate_our_commit(valid_after,
793  if (our_commitment) {
794  /* Add our commitment to our state. In case we are unable to create one
795  * (highly unlikely), we won't vote for this protocol run since our
796  * commitment won't be in our state. */
797  sr_state_add_commit(our_commitment);
798  }
799 }
800 
801 /** Return 1 iff the <b>next_phase</b> is a phase transition from the current
802  * phase that is it's different. */
803 STATIC int
805 {
806  return sr_state->phase != next_phase;
807 }
808 
809 /** Helper function: return a commit using the RSA fingerprint of the
810  * authority or NULL if no such commit is known. */
811 static sr_commit_t *
812 state_query_get_commit(const char *rsa_fpr)
813 {
814  tor_assert(rsa_fpr);
815  return digestmap_get(sr_state->commits, rsa_fpr);
816 }
817 
818 /** Helper function: This handles the GET state action using an
819  * <b>obj_type</b> and <b>data</b> needed for the action. */
820 static void *
821 state_query_get_(sr_state_object_t obj_type, const void *data)
822 {
823  if (BUG(!sr_state))
824  return NULL;
825 
826  void *obj = NULL;
827 
828  switch (obj_type) {
829  case SR_STATE_OBJ_COMMIT:
830  {
831  obj = state_query_get_commit(data);
832  break;
833  }
835  obj = sr_state->commits;
836  break;
837  case SR_STATE_OBJ_CURSRV:
838  obj = sr_state->current_srv;
839  break;
841  obj = sr_state->previous_srv;
842  break;
843  case SR_STATE_OBJ_PHASE:
844  obj = &sr_state->phase;
845  break;
847  default:
848  tor_assert(0);
849  }
850  return obj;
851 }
852 
853 /** Helper function: This handles the PUT state action using an
854  * <b>obj_type</b> and <b>data</b> needed for the action.
855  * PUT frees the previous data before replacing it, if needed. */
856 static void
857 state_query_put_(sr_state_object_t obj_type, void *data)
858 {
859  if (BUG(!sr_state))
860  return;
861 
862  switch (obj_type) {
863  case SR_STATE_OBJ_COMMIT:
864  {
865  sr_commit_t *commit = data;
866  tor_assert(commit);
867  /* commit_add_to_state() frees the old commit, if there is one */
868  commit_add_to_state(commit, sr_state);
869  break;
870  }
871  case SR_STATE_OBJ_CURSRV:
872  /* Check if the new pointer is the same as the old one: if it is, it's
873  * probably a bug. The caller may have confused current and previous,
874  * or they may have forgotten to sr_srv_dup().
875  * Putting NULL multiple times is allowed. */
876  if (!BUG(data && sr_state->current_srv == (sr_srv_t *) data)) {
877  /* We own the old SRV, so we need to free it. */
879  sr_state->current_srv = (sr_srv_t *) data;
880  }
881  break;
883  /* Check if the new pointer is the same as the old one: if it is, it's
884  * probably a bug. The caller may have confused current and previous,
885  * or they may have forgotten to sr_srv_dup().
886  * Putting NULL multiple times is allowed. */
887  if (!BUG(data && sr_state->previous_srv == (sr_srv_t *) data)) {
888  /* We own the old SRV, so we need to free it. */
890  sr_state->previous_srv = (sr_srv_t *) data;
891  }
892  break;
894  sr_state->valid_after = *((time_t *) data);
895  break;
896  /* It's not allowed to change the phase nor the full commitments map from
897  * the state. The phase is decided during a strict process post voting and
898  * the commits should be put individually. */
899  case SR_STATE_OBJ_PHASE:
901  default:
902  tor_assert(0);
903  }
904 }
905 
906 /** Helper function: This handles the DEL_ALL state action using an
907  * <b>obj_type</b> and <b>data</b> needed for the action. */
908 static void
910 {
911  if (BUG(!sr_state))
912  return;
913 
914  switch (obj_type) {
915  case SR_STATE_OBJ_COMMIT:
916  {
917  /* We are in a new protocol run so cleanup commitments. */
919  sr_commit_free(c);
920  MAP_DEL_CURRENT(key);
922  break;
923  }
924  /* The following objects are _NOT_ supposed to be removed. */
925  case SR_STATE_OBJ_CURSRV:
927  case SR_STATE_OBJ_PHASE:
930  default:
931  tor_assert(0);
932  }
933 }
934 
935 /** Helper function: This handles the DEL state action using an
936  * <b>obj_type</b> and <b>data</b> needed for the action. */
937 static void
938 state_query_del_(sr_state_object_t obj_type, void *data)
939 {
940  (void) data;
941 
942  if (BUG(!sr_state))
943  return;
944 
945  switch (obj_type) {
948  break;
949  case SR_STATE_OBJ_CURSRV:
951  break;
952  case SR_STATE_OBJ_COMMIT:
954  case SR_STATE_OBJ_PHASE:
956  default:
957  tor_assert(0);
958  }
959 }
960 
961 /** Query state using an <b>action</b> for an object type <b>obj_type</b>.
962  * The <b>data</b> pointer needs to point to an object that the action needs
963  * to use and if anything is required to be returned, it is stored in
964  * <b>out</b>.
965  *
966  * This mechanism exists so we have one single point where we synchronized
967  * our memory state with our disk state for every actions that changes it.
968  * We then trigger a write on disk immediately.
969  *
970  * This should be the only entry point to our memory state. It's used by all
971  * our state accessors and should be in the future. */
972 static void
974  void *data, void **out)
975 {
976  switch (action) {
977  case SR_STATE_ACTION_GET:
978  *out = state_query_get_(obj_type, data);
979  break;
980  case SR_STATE_ACTION_PUT:
981  state_query_put_(obj_type, data);
982  break;
983  case SR_STATE_ACTION_DEL:
984  state_query_del_(obj_type, data);
985  break;
986  case SR_STATE_ACTION_DEL_ALL:
987  state_query_del_all_(obj_type);
988  break;
989  case SR_STATE_ACTION_SAVE:
990  /* Only trigger a disk state save. */
991  break;
992  default:
993  tor_assert(0);
994  }
995 
996  /* If the action actually changes the state, immediately save it to disk.
997  * The following will sync the state -> disk state and then save it. */
998  if (action != SR_STATE_ACTION_GET) {
1000  }
1001 }
1002 
1003 /** Delete the current SRV value from the state freeing it and the value is set
1004  * to NULL meaning empty. */
1005 STATIC void
1007 {
1008  state_query(SR_STATE_ACTION_DEL, SR_STATE_OBJ_CURSRV, NULL, NULL);
1009 }
1010 
1011 /** Delete the previous SRV value from the state freeing it and the value is
1012  * set to NULL meaning empty. */
1013 STATIC void
1015 {
1016  state_query(SR_STATE_ACTION_DEL, SR_STATE_OBJ_PREVSRV, NULL, NULL);
1017 }
1018 
1019 /** Rotate SRV value by setting the previous SRV to the current SRV, and
1020  * clearing the current SRV. */
1021 STATIC void
1023 {
1024  /* First delete previous SRV from the state. Object will be freed. */
1026  /* Set previous SRV to a copy of the current one. */
1028  /* Free and NULL the current srv. */
1030 }
1031 
1032 /** Set valid after time in the our state. */
1033 void
1034 sr_state_set_valid_after(time_t valid_after)
1035 {
1036  state_query(SR_STATE_ACTION_PUT, SR_STATE_OBJ_VALID_AFTER,
1037  (void *) &valid_after, NULL);
1038 }
1039 
1040 /** Return the phase we are currently in according to our state. */
1041 sr_phase_t
1043 {
1044  void *ptr=NULL;
1045  state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_PHASE, NULL, &ptr);
1046  tor_assert(ptr);
1047  return *(sr_phase_t *) ptr;
1048 }
1049 
1050 /** Return the previous SRV value from our state. Value CAN be NULL.
1051  * The state object owns the SRV, so the calling code should not free the SRV.
1052  * Use sr_srv_dup() if you want to keep a copy of the SRV. */
1053 const sr_srv_t *
1055 {
1056  const sr_srv_t *srv;
1057  state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_PREVSRV, NULL,
1058  (void *) &srv);
1059  return srv;
1060 }
1061 
1062 /** Set the current SRV value from our state. Value CAN be NULL. The srv
1063  * object ownership is transferred to the state object. */
1064 void
1066 {
1067  state_query(SR_STATE_ACTION_PUT, SR_STATE_OBJ_PREVSRV, (void *) srv,
1068  NULL);
1069 }
1070 
1071 /** Return the current SRV value from our state. Value CAN be NULL.
1072  * The state object owns the SRV, so the calling code should not free the SRV.
1073  * Use sr_srv_dup() if you want to keep a copy of the SRV. */
1074 const sr_srv_t *
1076 {
1077  const sr_srv_t *srv;
1078  state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_CURSRV, NULL,
1079  (void *) &srv);
1080  return srv;
1081 }
1082 
1083 /** Set the current SRV value from our state. Value CAN be NULL. The srv
1084  * object ownership is transferred to the state object. */
1085 void
1087 {
1088  state_query(SR_STATE_ACTION_PUT, SR_STATE_OBJ_CURSRV, (void *) srv,
1089  NULL);
1090 }
1091 
1092 /** Clean all the SRVs in our state. */
1093 void
1095 {
1096  /* Remove SRVs from state. They will be set to NULL as "empty". */
1099 }
1100 
1101 /** Return a pointer to the commits map from our state. CANNOT be NULL. */
1102 digestmap_t *
1104 {
1105  digestmap_t *commits;
1106  state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_COMMITS,
1107  NULL, (void *) &commits);
1108  tor_assert(commits);
1109  return commits;
1110 }
1111 
1112 /** Update the current SR state as needed for the upcoming voting round at
1113  * <b>valid_after</b>. */
1114 void
1115 sr_state_update(time_t valid_after)
1116 {
1117  sr_phase_t next_phase;
1118 
1119  if (BUG(!sr_state))
1120  return;
1121 
1122  /* Don't call this function twice in the same voting period. */
1123  if (valid_after <= sr_state->valid_after) {
1124  log_info(LD_DIR, "SR: Asked to update state twice. Ignoring.");
1125  return;
1126  }
1127 
1128  /* Get phase of upcoming round. */
1129  next_phase = get_sr_protocol_phase(valid_after);
1130 
1131  /* If we are transitioning to a new protocol phase, prepare the stage. */
1132  if (is_phase_transition(next_phase)) {
1133  if (next_phase == SR_PHASE_COMMIT) {
1134  /* Going into commit phase means we are starting a new protocol run. */
1135  new_protocol_run(valid_after);
1136  }
1137  /* Set the new phase for this round */
1138  sr_state->phase = next_phase;
1139  } else if (sr_state->phase == SR_PHASE_COMMIT &&
1140  digestmap_size(sr_state->commits) == 0) {
1141  /* We are _NOT_ in a transition phase so if we are in the commit phase
1142  * and have no commit, generate one. Chances are that we are booting up
1143  * so let's have a commit in our state for the next voting period. */
1144  sr_commit_t *our_commit =
1146  if (our_commit) {
1147  /* Add our commitment to our state. In case we are unable to create one
1148  * (highly unlikely), we won't vote for this protocol run since our
1149  * commitment won't be in our state. */
1150  sr_state_add_commit(our_commit);
1151  }
1152  }
1153 
1154  sr_state_set_valid_after(valid_after);
1155 
1156  /* Count the current round */
1157  if (sr_state->phase == SR_PHASE_COMMIT) {
1158  /* invariant check: we've not entered reveal phase yet */
1159  if (BUG(sr_state->n_reveal_rounds != 0))
1160  return;
1162  } else {
1164  }
1165 
1166  { /* Debugging. */
1167  char tbuf[ISO_TIME_LEN + 1];
1168  format_iso_time(tbuf, valid_after);
1169  log_info(LD_DIR, "SR: State prepared for upcoming voting period (%s). "
1170  "Upcoming phase is %s (counters: %d commit & %d reveal rounds).",
1171  tbuf, get_phase_str(sr_state->phase),
1173  }
1174 }
1175 
1176 /** Return commit object from the given authority digest <b>rsa_identity</b>.
1177  * Return NULL if not found. */
1178 sr_commit_t *
1179 sr_state_get_commit(const char *rsa_identity)
1180 {
1181  sr_commit_t *commit;
1182 
1183  tor_assert(rsa_identity);
1184 
1185  state_query(SR_STATE_ACTION_GET, SR_STATE_OBJ_COMMIT,
1186  (void *) rsa_identity, (void *) &commit);
1187  return commit;
1188 }
1189 
1190 /** Add <b>commit</b> to the permanent state. The commit object ownership is
1191  * transferred to the state so the caller MUST not free it. */
1192 void
1194 {
1195  tor_assert(commit);
1196 
1197  /* Put the commit to the global state. */
1198  state_query(SR_STATE_ACTION_PUT, SR_STATE_OBJ_COMMIT,
1199  (void *) commit, NULL);
1200 
1201  log_debug(LD_DIR, "SR: Commit from %s has been added to our state.",
1202  sr_commit_get_rsa_fpr(commit));
1203 }
1204 
1205 /** Remove all commits from our state. */
1206 void
1208 {
1209  state_query(SR_STATE_ACTION_DEL_ALL, SR_STATE_OBJ_COMMIT, NULL, NULL);
1210 }
1211 
1212 /** Copy the reveal information from <b>commit</b> into <b>saved_commit</b>.
1213  * This <b>saved_commit</b> MUST come from our current SR state. Once modified,
1214  * the disk state is updated. */
1215 void
1217 {
1218  tor_assert(saved_commit);
1219  tor_assert(commit);
1220 
1221  saved_commit->reveal_ts = commit->reveal_ts;
1222  memcpy(saved_commit->random_number, commit->random_number,
1223  sizeof(saved_commit->random_number));
1224 
1225  strlcpy(saved_commit->encoded_reveal, commit->encoded_reveal,
1226  sizeof(saved_commit->encoded_reveal));
1227  state_query(SR_STATE_ACTION_SAVE, 0, NULL, NULL);
1228  log_debug(LD_DIR, "SR: Reveal value learned %s (for commit %s) from %s",
1229  saved_commit->encoded_reveal, saved_commit->encoded_commit,
1230  sr_commit_get_rsa_fpr(saved_commit));
1231 }
1232 
1233 /** Set the fresh SRV flag from our state. This doesn't need to trigger a
1234  * disk state synchronization so we directly change the state. */
1235 void
1237 {
1238  sr_state->is_srv_fresh = 1;
1239 }
1240 
1241 /** Unset the fresh SRV flag from our state. This doesn't need to trigger a
1242  * disk state synchronization so we directly change the state. */
1243 void
1245 {
1246  sr_state->is_srv_fresh = 0;
1247 }
1248 
1249 /** Return the value of the fresh SRV flag. */
1250 unsigned int
1252 {
1253  return sr_state->is_srv_fresh;
1254 }
1255 
1256 /** Cleanup and free our disk and memory state. */
1257 void
1259 {
1260  state_free(sr_state);
1261  disk_state_free(sr_disk_state);
1262  /* Nullify our global state. */
1263  sr_state = NULL;
1264  sr_disk_state = NULL;
1265  config_mgr_free(shared_random_state_mgr);
1266 }
1267 
1268 /** Save our current state in memory to disk. */
1269 void
1271 {
1272  /* Query a SAVE action on our current state so it's synced and saved. */
1273  state_query(SR_STATE_ACTION_SAVE, 0, NULL, NULL);
1274 }
1275 
1276 /** Return 1 iff the state has been initialized that is it exists in memory.
1277  * Return 0 otherwise. */
1278 int
1280 {
1281  return sr_state == NULL ? 0 : 1;
1282 }
1283 
1284 /** Initialize the disk and memory state.
1285  *
1286  * If save_to_disk is set to 1, the state is immediately saved to disk after
1287  * creation else it's not thus only kept in memory.
1288  * If read_from_disk is set to 1, we try to load the state from the disk and
1289  * if not found, a new state is created.
1290  *
1291  * Return 0 on success else a negative value on error. */
1292 int
1293 sr_state_init(int save_to_disk, int read_from_disk)
1294 {
1295  int ret = -ENOENT;
1296  time_t now = time(NULL);
1297 
1298  /* We shouldn't have those assigned. */
1299  tor_assert(sr_disk_state == NULL);
1300  tor_assert(sr_state == NULL);
1301 
1302  /* First, try to load the state from disk. */
1303  if (read_from_disk) {
1304  ret = disk_state_load_from_disk();
1305  }
1306 
1307  if (ret < 0) {
1308  switch (-ret) {
1309  case EINVAL:
1310  /* We have a state on disk but it contains something we couldn't parse
1311  * or an invalid entry in the state file. Let's remove it since it's
1312  * obviously unusable and replace it by an new fresh state below. */
1313  case ENOENT:
1314  {
1315  /* No state on disk so allocate our states for the first time. */
1316  sr_state_t *new_state = state_new(default_fname, now);
1317  sr_disk_state_t *new_disk_state = disk_state_new(now);
1318  state_set(new_state);
1319  /* It's important to set our disk state pointer since the save call
1320  * below uses it to synchronized it with our memory state. */
1321  disk_state_set(new_disk_state);
1322  /* No entry, let's save our new state to disk. */
1323  if (save_to_disk && disk_state_save_to_disk() < 0) {
1324  goto error;
1325  }
1326  break;
1327  }
1328  default:
1329  /* Big problem. Not possible. */
1330  tor_assert(0);
1331  }
1332  }
1333  /* We have a state in memory, let's make sure it's updated for the current
1334  * and next voting round. */
1335  {
1336  time_t valid_after = dirauth_sched_get_next_valid_after_time();
1337  sr_state_update(valid_after);
1338  }
1339  return 0;
1340 
1341  error:
1342  return -1;
1343 }
1344 
1345 #ifdef TOR_UNIT_TESTS
1346 
1347 /** Set the current phase of the protocol. Used only by unit tests. */
1348 void
1349 set_sr_phase(sr_phase_t phase)
1350 {
1351  if (BUG(!sr_state))
1352  return;
1353  sr_state->phase = phase;
1354 }
1355 
1356 /** Get the SR state. Used only by unit tests */
1357 sr_state_t *
1358 get_sr_state(void)
1359 {
1360  return sr_state;
1361 }
1362 
1363 #endif /* defined(TOR_UNIT_TESTS) */
#define VAR(varname, conftype, member, initvalue)
Definition: config.c:259
Header file for config.c.
int config_get_lines(const char *string, config_line_t **result, int extended)
Definition: confline.c:200
Header for confline.c.
#define END_OF_CONFIG_VARS
Definition: confmacros.h:22
void config_init(const config_mgr_t *mgr, void *options)
Definition: confmgt.c:1158
void config_mgr_freeze(config_mgr_t *mgr)
Definition: confmgt.c:285
char * config_dump(const config_mgr_t *mgr, const void *default_options, const void *options, int minimal, int comment_defaults)
Definition: confmgt.c:1314
void * config_new(const config_mgr_t *mgr)
Definition: confmgt.c:387
config_mgr_t * config_mgr_new(const config_format_t *toplevel_fmt)
Definition: confmgt.c:145
int config_assign(const config_mgr_t *mgr, void *options, config_line_t *list, unsigned config_assign_flags, char **msg)
Definition: confmgt.c:937
Header for confmgt.c.
@ CONFIG_TYPE_LINELIST
Definition: conftypes.h:61
const char * crypto_digest_algorithm_get_name(digest_algorithm_t alg)
Definition: crypto_digest.c:44
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:55
Common functions for cryptographic routines.
Header file for dirvote.c.
const char * escaped(const char *s)
Definition: escape.c:126
int write_str_to_file(const char *fname, const char *str, int bin)
Definition: files.c:274
#define LD_FS
Definition: log.h:70
#define LD_BUG
Definition: log.h:86
#define LD_DIR
Definition: log.h:88
#define tor_free(p)
Definition: malloc.h:52
#define MAP_DEL_CURRENT(keyvar)
Definition: map.h:140
#define DIGESTMAP_FOREACH_END
Definition: map.h:168
#define DIGESTMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar)
Definition: map.h:165
#define DIGESTMAP_FOREACH(map, keyvar, valtype, valvar)
Definition: map.h:154
Header file for networkstatus.c.
Master header file for Tor-specific functionality.
The or_state_t structure, which represents Tor's state file.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
authority_cert_t * get_my_v3_authority_cert(void)
Definition: router.c:449
Header file for router.c.
sr_commit_t * sr_generate_our_commit(time_t timestamp, const authority_cert_t *my_rsa_cert)
sr_commit_t * sr_parse_commit(const smartlist_t *args)
sr_srv_t * sr_srv_dup(const sr_srv_t *orig)
void sr_compute_srv(void)
void sr_commit_free_(sr_commit_t *commit)
This file contains ABI/API of the shared random protocol defined in proposal #250....
#define SR_SRV_VALUE_BASE64_LEN
Definition: shared_random.h:48
#define SR_PROTO_VERSION
Definition: shared_random.h:18
sr_phase_t
Definition: shared_random.h:54
@ SR_PHASE_COMMIT
Definition: shared_random.h:56
@ SR_PHASE_REVEAL
Definition: shared_random.h:58
sr_srv_t * sr_parse_srv(const smartlist_t *args)
int get_voting_interval(void)
void sr_srv_encode(char *dst, size_t dst_len, const sr_srv_t *srv)
Header file for shared_random_client.c.
static void state_query_del_(sr_state_object_t obj_type, void *data)
void sr_state_update(time_t valid_after)
void sr_state_set_fresh_srv(void)
void sr_state_save(void)
const sr_srv_t * sr_state_get_current_srv(void)
static int disk_state_validate(const sr_disk_state_t *state)
static const config_format_t state_format
static void disk_state_put_srv_line(const sr_srv_t *srv, config_line_t *line)
static sr_disk_state_t * disk_state_new(time_t now)
sr_commit_t * sr_state_get_commit(const char *rsa_identity)
static int disk_state_load_from_disk(void)
void sr_state_free_all(void)
void sr_state_copy_reveal_info(sr_commit_t *saved_commit, const sr_commit_t *commit)
STATIC sr_phase_t get_sr_protocol_phase(time_t valid_after)
void sr_state_set_previous_srv(const sr_srv_t *srv)
STATIC int disk_state_load_from_disk_impl(const char *fname)
const sr_srv_t * sr_state_get_previous_srv(void)
static void state_query_del_all_(sr_state_object_t obj_type)
void sr_state_set_valid_after(time_t valid_after)
STATIC void reset_state_for_new_protocol_run(time_t valid_after)
DUMMY_TYPECHECK_INSTANCE(sr_disk_state_t)
#define SR_DISK_STATE_MAGIC
static const config_var_t state_vars[]
STATIC void state_rotate_srv(void)
static void disk_state_free_(sr_disk_state_t *state)
static void commit_free_(void *p)
static void disk_state_reset(void)
static void state_query_put_(sr_state_object_t obj_type, void *data)
STATIC int is_phase_transition(sr_phase_t next_phase)
static void commit_add_to_state(sr_commit_t *commit, sr_state_t *state)
void sr_state_clean_srvs(void)
static int disk_state_save_to_disk(void)
void sr_state_set_current_srv(const sr_srv_t *srv)
digestmap_t * sr_state_get_commits(void)
int sr_state_init(int save_to_disk, int read_from_disk)
static sr_disk_state_t * sr_disk_state
void sr_state_unset_fresh_srv(void)
static sr_state_t * sr_state
static int disk_state_parse_srv(const char *value, sr_srv_t *dst)
static void state_free_(sr_state_t *state)
void sr_state_delete_commits(void)
static const char * phase_str[]
static void state_query(sr_state_action_t action, sr_state_object_t obj_type, void *data, void **out)
STATIC void state_del_previous_srv(void)
static void disk_state_update(void)
static sr_commit_t * state_query_get_commit(const char *rsa_fpr)
static const config_mgr_t * get_srs_mgr(void)
int sr_state_is_initialized(void)
static const char default_fname[]
STATIC void new_protocol_run(time_t valid_after)
static sr_state_t * disk_state_parse(const sr_disk_state_t *new_disk_state)
static void * state_query_get_(sr_state_object_t obj_type, const void *data)
STATIC void state_del_current_srv(void)
static void disk_state_set(sr_disk_state_t *state)
static const struct_member_t state_extra_var
STATIC const char * get_phase_str(sr_phase_t phase)
unsigned int sr_state_srv_is_fresh(void)
static void disk_state_put_commit_line(const sr_commit_t *commit, config_line_t *line)
STATIC time_t get_state_valid_until_time(time_t now)
static void state_set(sr_state_t *state)
static sr_state_t * state_new(const char *fname, time_t now)
static config_mgr_t * shared_random_state_mgr
static int disk_state_parse_sr_values(sr_state_t *state, const sr_disk_state_t *disk_state)
void sr_state_add_commit(sr_commit_t *commit)
static int disk_state_parse_commits(sr_state_t *state, const sr_disk_state_t *disk_state)
sr_phase_t sr_state_get_phase(void)
Header for shared_random_state.c.
sr_state_object_t
@ SR_STATE_OBJ_CURSRV
@ SR_STATE_OBJ_PREVSRV
@ SR_STATE_OBJ_PHASE
@ SR_STATE_OBJ_VALID_AFTER
@ SR_STATE_OBJ_COMMITS
@ SR_STATE_OBJ_COMMIT
sr_state_action_t
smartlist_t * smartlist_new(void)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
char rsa_identity[DIGEST_LEN]
Definition: shared_random.h:80
char encoded_reveal[SR_REVEAL_BASE64_LEN+1]
uint8_t random_number[SR_RANDOM_NUMBER_LEN]
Definition: shared_random.h:97
unsigned int valid
Definition: shared_random.h:74
uint64_t reveal_ts
Definition: shared_random.h:86
digest_algorithm_t alg
Definition: shared_random.h:72
struct config_line_t * Commit
struct config_line_t * SharedRandValues
struct config_line_t * ExtraLines
uint64_t num_reveals
Definition: shared_random.h:64
uint8_t value[DIGEST256_LEN]
Definition: shared_random.h:66
unsigned int n_reveal_rounds
uint64_t n_protocol_runs
unsigned int is_srv_fresh
sr_srv_t * previous_srv
digestmap_t * commits
sr_srv_t * current_srv
sr_phase_t phase
unsigned int n_commit_rounds
const char * name
Definition: conftypes.h:98
#define STATIC
Definition: testsupport.h:32
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
void format_local_iso_time(char *buf, time_t t)
Definition: time_fmt.c:285
Header for version.c.
const char * get_version(void)
Definition: version.c:38
#define tor_assert(expr)
Definition: util_bug.h:102
#define tor_fragile_assert()
Definition: util_bug.h:270
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
time_t dirauth_sched_get_cur_valid_after_time(void)
time_t dirauth_sched_get_next_valid_after_time(void)
Header file for voting_schedule.c.