Tor  0.4.7.0-alpha-dev
voteflags.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 /**
7  * \file voteflags.c
8  * \brief Authority code for deciding the performance thresholds for flags,
9  * and assigning flags to routers.
10  **/
11 
12 #define VOTEFLAGS_PRIVATE
13 #include "core/or/or.h"
15 
16 #include "app/config/config.h"
17 #include "core/mainloop/mainloop.h"
18 #include "core/or/policies.h"
19 #include "feature/dirauth/bwauth.h"
28 #include "feature/relay/router.h"
29 #include "feature/stats/rephist.h"
30 
36 
37 #include "lib/container/order.h"
38 
39 /** If a router's uptime is at least this value, then it is always
40  * considered stable, regardless of the rest of the network. This
41  * way we resist attacks where an attacker doubles the size of the
42  * network using allegedly high-uptime nodes, displacing all the
43  * current guards. */
44 #define UPTIME_TO_GUARANTEE_STABLE (3600*24*30)
45 /** If a router's MTBF is at least this value, then it is always stable.
46  * See above. (Corresponds to about 7 days for current decay rates.) */
47 #define MTBF_TO_GUARANTEE_STABLE (60*60*24*5)
48 /** Similarly, every node with at least this much weighted time known can be
49  * considered familiar enough to be a guard. Corresponds to about 20 days for
50  * current decay rates.
51  */
52 #define TIME_KNOWN_TO_GUARANTEE_FAMILIAR (8*24*60*60)
53 /** Similarly, every node with sufficient WFU is around enough to be a guard.
54  */
55 #define WFU_TO_GUARANTEE_GUARD (0.98)
56 
57 /* Thresholds for server performance: set by
58  * dirserv_compute_performance_thresholds, and used by
59  * generate_v2_networkstatus */
60 
61 /** Any router with an uptime of at least this value is stable. */
62 static uint32_t stable_uptime = 0; /* start at a safe value */
63 /** Any router with an mtbf of at least this value is stable. */
64 static double stable_mtbf = 0.0;
65 /** If true, we have measured enough mtbf info to look at stable_mtbf rather
66  * than stable_uptime. */
67 static int enough_mtbf_info = 0;
68 /** Any router with a weighted fractional uptime of at least this much might
69  * be good as a guard. */
70 static double guard_wfu = 0.0;
71 /** Don't call a router a guard unless we've known about it for at least this
72  * many seconds. */
73 static long guard_tk = 0;
74 /** Any router with a bandwidth at least this high is "Fast" */
75 static uint32_t fast_bandwidth_kb = 0;
76 /** If exits can be guards, then all guards must have a bandwidth this
77  * high. */
79 /** If exits can't be guards, then all guards must have a bandwidth this
80  * high. */
82 
83 /** Helper: estimate the uptime of a router given its stated uptime and the
84  * amount of time since it last stated its stated uptime. */
85 static inline long
86 real_uptime(const routerinfo_t *router, time_t now)
87 {
88  if (now < router->cache_info.published_on)
89  return router->uptime;
90  else
91  return router->uptime + (now - router->cache_info.published_on);
92 }
93 
94 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
95  * If <b>need_uptime</b> is non-zero, we require a minimum uptime.
96  * If <b>need_capacity</b> is non-zero, we require a minimum advertised
97  * bandwidth.
98  */
99 static int
101  const routerinfo_t *router,
102  int need_uptime, int need_capacity)
103 {
104  if (need_uptime) {
105  if (!enough_mtbf_info) {
106  /* XXXX We should change the rule from
107  * "use uptime if we don't have mtbf data" to "don't advertise Stable on
108  * v3 if we don't have enough mtbf data." Or maybe not, since if we ever
109  * hit a point where we need to reset a lot of authorities at once,
110  * none of them would be in a position to declare Stable.
111  */
112  long uptime = real_uptime(router, now);
113  if ((unsigned)uptime < stable_uptime &&
114  (unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
115  return 1;
116  } else {
117  double mtbf =
118  rep_hist_get_stability(router->cache_info.identity_digest, now);
119  if (mtbf < stable_mtbf &&
121  return 1;
122  }
123  }
124  if (need_capacity) {
125  uint32_t bw_kb = dirserv_get_credible_bandwidth_kb(router);
126  if (bw_kb < fast_bandwidth_kb)
127  return 1;
128  }
129  return 0;
130 }
131 
132 /** Return 1 if <b>ri</b>'s descriptor is "active" -- running, valid,
133  * not hibernating, having observed bw greater 0, and not too old. Else
134  * return 0.
135  */
136 static int
137 router_is_active(const routerinfo_t *ri, const node_t *node, time_t now)
138 {
139  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
140  if (ri->cache_info.published_on < cutoff) {
141  return 0;
142  }
143  if (!node->is_running || !node->is_valid || ri->is_hibernating) {
144  return 0;
145  }
146  /* Only require bandwidth capacity in non-test networks, or
147  * if TestingTorNetwork, and TestingMinExitFlagThreshold is non-zero */
148  if (!ri->bandwidthcapacity) {
149  if (get_options()->TestingTorNetwork) {
150  if (dirauth_get_options()->TestingMinExitFlagThreshold > 0) {
151  /* If we're in a TestingTorNetwork, and TestingMinExitFlagThreshold is,
152  * then require bandwidthcapacity */
153  return 0;
154  }
155  } else {
156  /* If we're not in a TestingTorNetwork, then require bandwidthcapacity */
157  return 0;
158  }
159  }
160  return 1;
161 }
162 
163 /** Return true iff <b>router</b> should be assigned the "HSDir" flag.
164  *
165  * Right now this means it advertises support for it, it has a high uptime,
166  * it's a directory cache, it has the Stable and Fast flags, and it's currently
167  * considered Running.
168  *
169  * This function needs to be called after router->is_running has
170  * been set.
171  */
172 static int
174  const node_t *node, time_t now)
175 {
176 
177  long uptime;
178 
179  /* If we haven't been running for at least
180  * MinUptimeHidServDirectoryV2 seconds, we can't
181  * have accurate data telling us a relay has been up for at least
182  * that long. We also want to allow a bit of slack: Reachability
183  * tests aren't instant. If we haven't been running long enough,
184  * trust the relay. */
185 
186  if (get_uptime() >
187  dirauth_get_options()->MinUptimeHidServDirectoryV2 * 1.1)
188  uptime = MIN(rep_hist_get_uptime(router->cache_info.identity_digest, now),
189  real_uptime(router, now));
190  else
191  uptime = real_uptime(router, now);
192 
193  return (router->wants_to_be_hs_dir &&
195  node->is_stable && node->is_fast &&
196  uptime >= dirauth_get_options()->MinUptimeHidServDirectoryV2 &&
197  router_is_active(router, node, now));
198 }
199 
200 /** Don't consider routers with less bandwidth than this when computing
201  * thresholds. */
202 #define ABSOLUTE_MIN_BW_VALUE_TO_CONSIDER_KB 4
203 
204 /** Helper for dirserv_compute_performance_thresholds(): Decide whether to
205  * include a router in our calculations, and return true iff we should; the
206  * require_mbw parameter is passed in by
207  * dirserv_compute_performance_thresholds() and controls whether we ever
208  * count routers with only advertised bandwidths */
209 static int
210 router_counts_toward_thresholds(const node_t *node, time_t now,
211  const digestmap_t *omit_as_sybil,
212  int require_mbw)
213 {
214  /* Have measured bw? */
215  int have_mbw =
217  uint64_t min_bw_kb = ABSOLUTE_MIN_BW_VALUE_TO_CONSIDER_KB;
218  const or_options_t *options = get_options();
219  const dirauth_options_t *dirauth_options = dirauth_get_options();
220 
221  if (options->TestingTorNetwork) {
222  min_bw_kb = (int64_t)dirauth_options->TestingMinExitFlagThreshold / 1000;
223  }
224 
225  return node->ri && router_is_active(node->ri, node, now) &&
226  !digestmap_get(omit_as_sybil, node->identity) &&
227  (dirserv_get_credible_bandwidth_kb(node->ri) >= min_bw_kb) &&
228  (have_mbw || !require_mbw);
229 }
230 
231 /** Look through the routerlist, the Mean Time Between Failure history, and
232  * the Weighted Fractional Uptime history, and use them to set thresholds for
233  * the Stable, Fast, and Guard flags. Update the fields stable_uptime,
234  * stable_mtbf, enough_mtbf_info, guard_wfu, guard_tk, fast_bandwidth,
235  * guard_bandwidth_including_exits, and guard_bandwidth_excluding_exits.
236  *
237  * Also, set the is_exit flag of each router appropriately. */
238 void
239 dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
240 {
241  int n_active, n_active_nonexit, n_familiar;
242  uint32_t *uptimes, *bandwidths_kb, *bandwidths_excluding_exits_kb;
243  long *tks;
244  double *mtbfs, *wfus;
245  const smartlist_t *nodelist;
246  time_t now = time(NULL);
247  const or_options_t *options = get_options();
248  const dirauth_options_t *dirauth_options = dirauth_get_options();
249 
250  /* Require mbw? */
251  int require_mbw =
253  dirauth_options->MinMeasuredBWsForAuthToIgnoreAdvertised) ? 1 : 0;
254 
255  /* initialize these all here, in case there are no routers */
256  stable_uptime = 0;
257  stable_mtbf = 0;
258  fast_bandwidth_kb = 0;
261  guard_tk = 0;
262  guard_wfu = 0;
263 
265  nodelist = nodelist_get_list();
266 
267  /* Initialize arrays that will hold values for each router. We'll
268  * sort them and use that to compute thresholds. */
269  n_active = n_active_nonexit = 0;
270  /* Uptime for every active router. */
271  uptimes = tor_calloc(smartlist_len(nodelist), sizeof(uint32_t));
272  /* Bandwidth for every active router. */
273  bandwidths_kb = tor_calloc(smartlist_len(nodelist), sizeof(uint32_t));
274  /* Bandwidth for every active non-exit router. */
275  bandwidths_excluding_exits_kb =
276  tor_calloc(smartlist_len(nodelist), sizeof(uint32_t));
277  /* Weighted mean time between failure for each active router. */
278  mtbfs = tor_calloc(smartlist_len(nodelist), sizeof(double));
279  /* Time-known for each active router. */
280  tks = tor_calloc(smartlist_len(nodelist), sizeof(long));
281  /* Weighted fractional uptime for each active router. */
282  wfus = tor_calloc(smartlist_len(nodelist), sizeof(double));
283 
284  /* Now, fill in the arrays. */
285  SMARTLIST_FOREACH_BEGIN(nodelist, node_t *, node) {
286  if (options->BridgeAuthoritativeDir &&
287  node->ri &&
288  node->ri->purpose != ROUTER_PURPOSE_BRIDGE)
289  continue;
290 
291  routerinfo_t *ri = node->ri;
292  if (ri) {
293  node->is_exit = (!router_exit_policy_rejects_all(ri) &&
295  }
296 
297  if (router_counts_toward_thresholds(node, now, omit_as_sybil,
298  require_mbw)) {
299  const char *id = node->identity;
300  uint32_t bw_kb;
301 
302  /* resolve spurious clang shallow analysis null pointer errors */
303  tor_assert(ri);
304 
305  uptimes[n_active] = (uint32_t)real_uptime(ri, now);
306  mtbfs[n_active] = rep_hist_get_stability(id, now);
307  tks [n_active] = rep_hist_get_weighted_time_known(id, now);
308  bandwidths_kb[n_active] = bw_kb = dirserv_get_credible_bandwidth_kb(ri);
309  if (!node->is_exit || node->is_bad_exit) {
310  bandwidths_excluding_exits_kb[n_active_nonexit] = bw_kb;
311  ++n_active_nonexit;
312  }
313  ++n_active;
314  }
315  } SMARTLIST_FOREACH_END(node);
316 
317  /* Now, compute thresholds. */
318  if (n_active) {
319  /* The median uptime is stable. */
320  stable_uptime = median_uint32(uptimes, n_active);
321  /* The median mtbf is stable, if we have enough mtbf info */
322  stable_mtbf = median_double(mtbfs, n_active);
323  /* The 12.5th percentile bandwidth is fast. */
324  fast_bandwidth_kb = find_nth_uint32(bandwidths_kb, n_active, n_active/8);
325  /* (Now bandwidths is sorted.) */
326  if (fast_bandwidth_kb < RELAY_REQUIRED_MIN_BANDWIDTH/(2 * 1000))
327  fast_bandwidth_kb = bandwidths_kb[n_active/4];
329  third_quartile_uint32(bandwidths_kb, n_active);
330  guard_tk = find_nth_long(tks, n_active, n_active/8);
331  }
332 
335 
336  {
337  /* We can vote on a parameter for the minimum and maximum. */
338 #define ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG 4
339  int32_t min_fast_kb, max_fast_kb, min_fast, max_fast;
340  min_fast = networkstatus_get_param(NULL, "FastFlagMinThreshold",
341  ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG,
342  ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG,
343  INT32_MAX);
344  if (options->TestingTorNetwork) {
345  min_fast = (int32_t)dirauth_options->TestingMinFastFlagThreshold;
346  }
347  max_fast = networkstatus_get_param(NULL, "FastFlagMaxThreshold",
348  INT32_MAX, min_fast, INT32_MAX);
349  min_fast_kb = min_fast / 1000;
350  max_fast_kb = max_fast / 1000;
351 
352  if (fast_bandwidth_kb < (uint32_t)min_fast_kb)
353  fast_bandwidth_kb = min_fast_kb;
354  if (fast_bandwidth_kb > (uint32_t)max_fast_kb)
355  fast_bandwidth_kb = max_fast_kb;
356  }
357  /* Protect sufficiently fast nodes from being pushed out of the set
358  * of Fast nodes. */
359  {
360  const uint64_t fast_opt = dirauth_get_options()->AuthDirFastGuarantee;
361  if (fast_opt && fast_bandwidth_kb > fast_opt / 1000)
362  fast_bandwidth_kb = (uint32_t)(fast_opt / 1000);
363  }
364 
365  /* Now that we have a time-known that 7/8 routers are known longer than,
366  * fill wfus with the wfu of every such "familiar" router. */
367  n_familiar = 0;
368 
369  SMARTLIST_FOREACH_BEGIN(nodelist, node_t *, node) {
370  if (router_counts_toward_thresholds(node, now,
371  omit_as_sybil, require_mbw)) {
372  routerinfo_t *ri = node->ri;
373  const char *id = ri->cache_info.identity_digest;
374  long tk = rep_hist_get_weighted_time_known(id, now);
375  if (tk < guard_tk)
376  continue;
377  wfus[n_familiar++] = rep_hist_get_weighted_fractional_uptime(id, now);
378  }
379  } SMARTLIST_FOREACH_END(node);
380  if (n_familiar)
381  guard_wfu = median_double(wfus, n_familiar);
384 
386 
387  if (n_active_nonexit) {
389  find_nth_uint32(bandwidths_excluding_exits_kb,
390  n_active_nonexit, n_active_nonexit*3/4);
391  }
392 
393  log_info(LD_DIRSERV,
394  "Cutoffs: For Stable, %lu sec uptime, %lu sec MTBF. "
395  "For Fast: %lu kilobytes/sec. "
396  "For Guard: WFU %.03f%%, time-known %lu sec, "
397  "and bandwidth %lu or %lu kilobytes/sec. "
398  "We%s have enough stability data.",
399  (unsigned long)stable_uptime,
400  (unsigned long)stable_mtbf,
401  (unsigned long)fast_bandwidth_kb,
402  guard_wfu*100,
403  (unsigned long)guard_tk,
404  (unsigned long)guard_bandwidth_including_exits_kb,
405  (unsigned long)guard_bandwidth_excluding_exits_kb,
406  enough_mtbf_info ? "" : " don't");
407 
408  tor_free(uptimes);
409  tor_free(mtbfs);
410  tor_free(bandwidths_kb);
411  tor_free(bandwidths_excluding_exits_kb);
412  tor_free(tks);
413  tor_free(wfus);
414 }
415 
416 /* Use dirserv_compute_performance_thresholds() to compute the thresholds
417  * for the status flags, specifically for bridges.
418  *
419  * This is only called by a Bridge Authority from
420  * networkstatus_getinfo_by_purpose().
421  */
422 void
423 dirserv_compute_bridge_flag_thresholds(void)
424 {
425  digestmap_t *omit_as_sybil = digestmap_new();
427  digestmap_free(omit_as_sybil, NULL);
428 }
429 
430 /** Give a statement of our current performance thresholds for inclusion
431  * in a vote document. */
432 char *
434 {
435  char *result=NULL;
436  const int measured_threshold =
437  dirauth_get_options()->MinMeasuredBWsForAuthToIgnoreAdvertised;
438  const int enough_measured_bw =
439  dirserv_get_last_n_measured_bws() > measured_threshold;
440 
441  tor_asprintf(&result,
442  "stable-uptime=%lu stable-mtbf=%lu "
443  "fast-speed=%lu "
444  "guard-wfu=%.03f%% guard-tk=%lu "
445  "guard-bw-inc-exits=%lu guard-bw-exc-exits=%lu "
446  "enough-mtbf=%d ignoring-advertised-bws=%d",
447  (unsigned long)stable_uptime,
448  (unsigned long)stable_mtbf,
449  (unsigned long)fast_bandwidth_kb*1000,
450  guard_wfu*100,
451  (unsigned long)guard_tk,
452  (unsigned long)guard_bandwidth_including_exits_kb*1000,
453  (unsigned long)guard_bandwidth_excluding_exits_kb*1000,
454  enough_mtbf_info ? 1 : 0,
455  enough_measured_bw ? 1 : 0);
456 
457  return result;
458 }
459 
460 /* DOCDOC running_long_enough_to_decide_unreachable */
461 int
462 running_long_enough_to_decide_unreachable(void)
463 {
464  const dirauth_options_t *opts = dirauth_get_options();
465  return time_of_process_start +
467 }
468 
469 /** Each server needs to have passed a reachability test no more
470  * than this number of seconds ago, or it is listed as down in
471  * the directory. */
472 #define REACHABLE_TIMEOUT (45*60)
473 
474 /** If we tested a router and found it reachable _at least this long_ after it
475  * declared itself hibernating, it is probably done hibernating and we just
476  * missed a descriptor from it. */
477 #define HIBERNATION_PUBLICATION_SKEW (60*60)
478 
479 /** Treat a router as alive if
480  * - It's me, and I'm not hibernating.
481  * or - We've found it reachable recently. */
482 void
484 {
485  /*XXXX This function is a mess. Separate out the part that calculates
486  whether it's reachable and the part that tells rephist that the router was
487  unreachable.
488  */
489  int answer;
490  const dirauth_options_t *dirauth_options = dirauth_get_options();
491  node_t *node = node_get_mutable_by_id(router->cache_info.identity_digest);
492  tor_assert(node);
493 
494  if (router_is_me(router)) {
495  /* We always know if we are shutting down or hibernating ourselves. */
496  answer = ! we_are_hibernating();
497  } else if (router->is_hibernating &&
498  (router->cache_info.published_on +
500  /* A hibernating router is down unless we (somehow) had contact with it
501  * since it declared itself to be hibernating. */
502  answer = 0;
503  } else if (! dirauth_options->AuthDirTestReachability) {
504  /* If we aren't testing reachability, then everybody is up unless they say
505  * they are down. */
506  answer = 1;
507  } else {
508  /* Otherwise, a router counts as up if we found all announced OR
509  ports reachable in the last REACHABLE_TIMEOUT seconds.
510 
511  XXX prop186 For now there's always one IPv4 and at most one
512  IPv6 OR port.
513 
514  If we're not on IPv6, don't consider reachability of potential
515  IPv6 OR port since that'd kill all dual stack relays until a
516  majority of the dir auths have IPv6 connectivity. */
517  answer = (now < node->last_reachable + REACHABLE_TIMEOUT &&
518  (dirauth_options->AuthDirHasIPv6Connectivity != 1 ||
519  tor_addr_is_null(&router->ipv6_addr) ||
520  now < node->last_reachable6 + REACHABLE_TIMEOUT));
521  }
522 
523  if (!answer && running_long_enough_to_decide_unreachable()) {
524  /* Not considered reachable. tell rephist about that.
525 
526  Because we launch a reachability test for each router every
527  REACHABILITY_TEST_CYCLE_PERIOD seconds, then the router has probably
528  been down since at least that time after we last successfully reached
529  it.
530 
531  XXX ipv6
532  */
533  time_t when = now;
534  if (node->last_reachable &&
537  rep_hist_note_router_unreachable(router->cache_info.identity_digest, when);
538  }
539 
540  node->is_running = answer;
541 }
542 
543 /* Check <b>node</b> and <b>ri</b> on whether or not we should publish a
544  * relay's IPv6 addresses. */
545 static int
546 should_publish_node_ipv6(const node_t *node, const routerinfo_t *ri,
547  time_t now)
548 {
549  const dirauth_options_t *options = dirauth_get_options();
550 
551  return options->AuthDirHasIPv6Connectivity == 1 &&
552  !tor_addr_is_null(&ri->ipv6_addr) &&
553  ((node->last_reachable6 >= now - REACHABLE_TIMEOUT) ||
554  router_is_me(ri));
555 }
556 
557 /**
558  * Extract status information from <b>ri</b> and from other authority
559  * functions and store it in <b>rs</b>, as per
560  * <b>set_routerstatus_from_routerinfo</b>. Additionally, sets information
561  * in from the authority subsystem.
562  */
563 void
565  node_t *node,
566  const routerinfo_t *ri,
567  time_t now,
568  int listbadexits)
569 {
570  const or_options_t *options = get_options();
571  uint32_t routerbw_kb = dirserv_get_credible_bandwidth_kb(ri);
572 
573  /* Set these flags so that set_routerstatus_from_routerinfo can copy them.
574  */
575  node->is_stable = !dirserv_thinks_router_is_unreliable(now, ri, 1, 0);
576  node->is_fast = !dirserv_thinks_router_is_unreliable(now, ri, 0, 1);
577  node->is_hs_dir = dirserv_thinks_router_is_hs_dir(ri, node, now);
578 
579  set_routerstatus_from_routerinfo(rs, node, ri);
580 
581  /* Override rs->is_possible_guard. */
582  const uint64_t bw_opt = dirauth_get_options()->AuthDirGuardBWGuarantee;
583  if (node->is_fast && node->is_stable &&
585  ((bw_opt && routerbw_kb >= bw_opt / 1000) ||
586  routerbw_kb >= MIN(guard_bandwidth_including_exits_kb,
589  node->identity, now);
591  node->identity, now);
592  rs->is_possible_guard = (wfu >= guard_wfu && tk >= guard_tk) ? 1 : 0;
593  } else {
594  rs->is_possible_guard = 0;
595  }
596 
597  /* Override rs->is_bad_exit */
598  rs->is_bad_exit = listbadexits && node->is_bad_exit;
599 
600  /* Set rs->is_staledesc. */
601  rs->is_staledesc =
602  (ri->cache_info.published_on + DESC_IS_STALE_INTERVAL) < now;
603 
604  if (! should_publish_node_ipv6(node, ri, now)) {
605  /* We're not configured as having IPv6 connectivity or the node isn't:
606  * zero its IPv6 information. */
607  tor_addr_make_null(&rs->ipv6_addr, AF_INET6);
608  rs->ipv6_orport = 0;
609  }
610 
611  if (options->TestingTorNetwork) {
613  }
614 }
615 
616 /** Use TestingDirAuthVoteExit, TestingDirAuthVoteGuard, and
617  * TestingDirAuthVoteHSDir to give out the Exit, Guard, and HSDir flags,
618  * respectively. But don't set the corresponding node flags.
619  * Should only be called if TestingTorNetwork is set. */
620 STATIC void
622 {
623  const dirauth_options_t *options = dirauth_get_options();
624 
625  tor_assert(get_options()->TestingTorNetwork);
626 
628  rs, 0)) {
629  rs->is_exit = 1;
630  } else if (options->TestingDirAuthVoteExitIsStrict) {
631  rs->is_exit = 0;
632  }
633 
635  rs, 0)) {
636  rs->is_possible_guard = 1;
637  } else if (options->TestingDirAuthVoteGuardIsStrict) {
638  rs->is_possible_guard = 0;
639  }
640 
642  rs, 0)) {
643  rs->is_hs_dir = 1;
644  } else if (options->TestingDirAuthVoteHSDirIsStrict) {
645  rs->is_hs_dir = 0;
646  }
647 }
648 
649 /** Use dirserv_set_router_is_running() to set bridges as running if they're
650  * reachable.
651  *
652  * This function is called from set_bridge_running_callback() when running as
653  * a bridge authority.
654  */
655 void
657 {
659 
661  if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
663  } SMARTLIST_FOREACH_END(ri);
664 }
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
time_t approx_time(void)
Definition: approx_time.c:32
uint32_t dirserv_get_credible_bandwidth_kb(const routerinfo_t *ri)
Definition: bwauth.c:177
int dirserv_get_last_n_measured_bws(void)
Definition: bwauth.c:55
int dirserv_has_measured_bw(const char *node_id)
Definition: bwauth.c:159
Header file for bwauth.c.
const or_options_t * get_options(void)
Definition: config.c:919
Header file for config.c.
Structure dirauth_options_t to hold directory authority options.
Header for dirauth_sys.c.
Header file for dirlist.c.
int we_are_hibernating(void)
Definition: hibernate.c:937
Header file for hibernate.c.
#define LD_DIRSERV
Definition: log.h:90
long get_uptime(void)
Definition: mainloop.c:2528
time_t time_of_process_start
Definition: mainloop.c:142
Header file for mainloop.c.
#define tor_free(p)
Definition: malloc.h:52
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
void set_routerstatus_from_routerinfo(routerstatus_t *rs, const node_t *node, const routerinfo_t *ri)
Header file for networkstatus.c.
Node information structure.
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:197
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:1047
void nodelist_assert_ok(void)
Definition: nodelist.c:949
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:161
Header for order.c.
int exit_policy_is_general_exit(smartlist_t *policy)
Definition: policies.c:2230
Header file for policies.c.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
Header file for reachability.c.
#define REACHABILITY_TEST_CYCLE_PERIOD
Definition: reachability.h:24
double rep_hist_get_stability(const char *id, time_t when)
Definition: rephist.c:839
double rep_hist_get_weighted_fractional_uptime(const char *id, time_t when)
Definition: rephist.c:851
long rep_hist_get_uptime(const char *id, time_t when)
Definition: rephist.c:826
long rep_hist_get_weighted_time_known(const char *id, time_t when)
Definition: rephist.c:867
void rep_hist_note_router_unreachable(const char *id, time_t when)
Definition: rephist.c:650
int rep_hist_have_measured_enough_stability(void)
Definition: rephist.c:879
Header file for rephist.c.
int router_is_me(const routerinfo_t *router)
Definition: router.c:1768
Header file for router.c.
Router descriptor structure.
#define ROUTER_PURPOSE_BRIDGE
int router_exit_policy_rejects_all(const routerinfo_t *router)
Definition: routerlist.c:2330
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:895
Header file for routerlist.c.
Router descriptor list structure.
int routerset_contains_routerstatus(const routerset_t *set, const routerstatus_t *rs, country_t country)
Definition: routerset.c:339
Header file for routerset.c.
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
MEMUNIT AuthDirGuardBWGuarantee
ROUTERSET TestingDirAuthVoteGuard
INTERVAL TestingAuthDirTimeToLearnReachability
MEMUNIT TestingMinExitFlagThreshold
ROUTERSET TestingDirAuthVoteExit
ROUTERSET TestingDirAuthVoteHSDir
MEMUNIT TestingMinFastFlagThreshold
INT MinMeasuredBWsForAuthToIgnoreAdvertised
Definition: node_st.h:34
unsigned int is_bad_exit
Definition: node_st.h:71
unsigned int is_running
Definition: node_st.h:63
unsigned int is_hs_dir
Definition: node_st.h:73
unsigned int is_valid
Definition: node_st.h:65
char identity[DIGEST_LEN]
Definition: node_st.h:46
unsigned int is_stable
Definition: node_st.h:68
time_t last_reachable
Definition: node_st.h:98
int BridgeAuthoritativeDir
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
smartlist_t * exit_policy
Definition: routerinfo_st.h:59
unsigned int wants_to_be_hs_dir
Definition: routerinfo_st.h:75
unsigned int is_hibernating
Definition: routerinfo_st.h:68
uint8_t purpose
unsigned int supports_tunnelled_dir_requests
Definition: routerinfo_st.h:86
uint32_t bandwidthcapacity
Definition: routerinfo_st.h:58
smartlist_t * routers
Definition: routerlist_st.h:32
unsigned int is_bad_exit
uint16_t ipv6_orport
tor_addr_t ipv6_addr
unsigned int is_staledesc
unsigned int is_hs_dir
unsigned int is_possible_guard
unsigned int is_exit
char identity_digest[DIGEST_LEN]
#define STATIC
Definition: testsupport.h:32
#define tor_assert(expr)
Definition: util_bug.h:102
Routerstatus (vote entry) structure.
#define MTBF_TO_GUARANTEE_STABLE
Definition: voteflags.c:47
STATIC void dirserv_set_routerstatus_testing(routerstatus_t *rs)
Definition: voteflags.c:621
#define HIBERNATION_PUBLICATION_SKEW
Definition: voteflags.c:477
#define ABSOLUTE_MIN_BW_VALUE_TO_CONSIDER_KB
Definition: voteflags.c:202
void dirauth_set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits)
Definition: voteflags.c:564
static int router_counts_toward_thresholds(const node_t *node, time_t now, const digestmap_t *omit_as_sybil, int require_mbw)
Definition: voteflags.c:210
static uint32_t stable_uptime
Definition: voteflags.c:62
static long real_uptime(const routerinfo_t *router, time_t now)
Definition: voteflags.c:86
#define REACHABLE_TIMEOUT
Definition: voteflags.c:472
#define WFU_TO_GUARANTEE_GUARD
Definition: voteflags.c:55
static double stable_mtbf
Definition: voteflags.c:64
char * dirserv_get_flag_thresholds_line(void)
Definition: voteflags.c:433
void dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
Definition: voteflags.c:239
static int dirserv_thinks_router_is_hs_dir(const routerinfo_t *router, const node_t *node, time_t now)
Definition: voteflags.c:173
static int dirserv_thinks_router_is_unreliable(time_t now, const routerinfo_t *router, int need_uptime, int need_capacity)
Definition: voteflags.c:100
#define UPTIME_TO_GUARANTEE_STABLE
Definition: voteflags.c:44
static int router_is_active(const routerinfo_t *ri, const node_t *node, time_t now)
Definition: voteflags.c:137
static double guard_wfu
Definition: voteflags.c:70
static uint32_t fast_bandwidth_kb
Definition: voteflags.c:75
#define TIME_KNOWN_TO_GUARANTEE_FAMILIAR
Definition: voteflags.c:52
void dirserv_set_router_is_running(routerinfo_t *router, time_t now)
Definition: voteflags.c:483
void dirserv_set_bridges_running(time_t now)
Definition: voteflags.c:656
static long guard_tk
Definition: voteflags.c:73
static int enough_mtbf_info
Definition: voteflags.c:67
static uint32_t guard_bandwidth_excluding_exits_kb
Definition: voteflags.c:81
static uint32_t guard_bandwidth_including_exits_kb
Definition: voteflags.c:78
Header file for voteflags.c.