//!

//! # Overview

//!

//! The `tor-netdir` crate wraps objects from tor-netdoc, and combines

//! them to provide a unified view of the relays on the network.

//! It is responsible for representing a client's knowledge of the

//! network's state and who is on it.

//!

//! This crate is part of

//! [Arti](https://gitlab.torproject.org/tpo/core/arti/), a project to

//! implement [Tor](https://www.torproject.org/) in Rust.  Its purpose

//! is to expose an abstract view of a Tor network and the relays in

//! it, so that higher-level crates don't need to know about the

//! particular documents that describe the network and its properties.

//!

//! There are two intended users for this crate.  First, producers

//! like [`tor-dirmgr`] create [`NetDir`] objects fill them with

//! information from the Tor network directory.  Later, consumers

//! like [`tor-circmgr`] use [`NetDir`]s to select relays for random

//! paths through the Tor network.

//!

//! # Limitations

//!

//! Only modern consensus methods and microdescriptor consensuses are

//! supported.

#![deny(missing_docs)]

#![warn(noop_method_call)]

#![deny(unreachable_pub)]

#![warn(clippy::all)]

#![deny(clippy::await_holding_lock)]

#![deny(clippy::cargo_common_metadata)]

#![deny(clippy::cast_lossless)]

#![deny(clippy::checked_conversions)]

#![warn(clippy::cognitive_complexity)]

#![deny(clippy::debug_assert_with_mut_call)]

#![deny(clippy::exhaustive_enums)]

#![deny(clippy::exhaustive_structs)]

#![deny(clippy::expl_impl_clone_on_copy)]

#![deny(clippy::fallible_impl_from)]

#![deny(clippy::implicit_clone)]

#![deny(clippy::large_stack_arrays)]

#![warn(clippy::manual_ok_or)]

#![deny(clippy::missing_docs_in_private_items)]

#![deny(clippy::missing_panics_doc)]

#![warn(clippy::needless_borrow)]

#![warn(clippy::needless_pass_by_value)]

#![warn(clippy::option_option)]

#![warn(clippy::rc_buffer)]

#![deny(clippy::ref_option_ref)]

#![warn(clippy::semicolon_if_nothing_returned)]

#![warn(clippy::trait_duplication_in_bounds)]

#![deny(clippy::unnecessary_wraps)]

#![warn(clippy::unseparated_literal_suffix)]

#![deny(clippy::unwrap_used)]

mod err;

pub mod fallback;

pub mod params;

#[cfg(test)]

mod testing;

mod weight;

#[cfg(any(test, feature = "testing"))]

pub mod testnet;

use tor_linkspec::ChanTarget;

use tor_llcrypto as ll;

use tor_llcrypto::pk::{ed25519::Ed25519Identity, rsa::RsaIdentity};

use tor_netdoc::doc::microdesc::{MdDigest, Microdesc};

use tor_netdoc::doc::netstatus::{self, MdConsensus, RouterStatus};

use tor_netdoc::types::policy::PortPolicy;

use serde::Deserialize;

use std::collections::{HashMap, HashSet};

use std::net::IpAddr;

use std::sync::Arc;

use tracing::warn;

pub use err::Error;

pub use weight::WeightRole;

/// A Result using the Error type from the tor-netdir crate

pub type Result<T> = std::result::Result<T, Error>;

use params::NetParameters;

/// Configuration for determining when two relays have addresses "too close" in

/// the network.

///

/// Used by [`Relay::in_same_subnet()`].

#[derive(Deserialize, Debug, Clone, Copy)]

#[serde(deny_unknown_fields)]

pub struct SubnetConfig {

    /// Consider IPv4 nodes in the same /x to be the same family.

    ///

    /// If this value is 0, all nodes with IPv4 addresses will be in the

    /// same family.  If this value is above 32, then no nodes will be

    /// placed im the same family based on their IPv4 addresses.

    subnets_family_v4: u8,

    /// Consider IPv6 nodes in the same /x to be the same family.

    ///

    /// If this value is 0, all nodes with IPv6 addresses will be in the

    /// same family.  If this value is above 128, then no nodes will be

    /// placed im the same family based on their IPv6 addresses.

    subnets_family_v6: u8,

}

impl Default for SubnetConfig {

}

impl SubnetConfig {

    /// Construct a new SubnetConfig from a pair of bit prefix lengths.

    ///

    /// The values are clamped to the appropriate ranges if they are

    /// out-of-bounds.

    /// Are two addresses in the same subnet according to this configuration

    fn addrs_in_same_subnet(&self, a: &IpAddr, b: &IpAddr) -> bool {

            }

            }

        }

}

/// Internal type: either a microdescriptor, or the digest for a

/// microdescriptor that we want.

///

/// This is a separate type so we can use a HashSet instead of

/// HashMap.

enum MdEntry {

    /// A microdescriptor that is wanted but not present.

    Absent {

        /// Index of the routerstatus entry that wants this microdesc.

        rs_idx: usize,

        /// Content digest of the microdescriptor.

        // TODO: I wanted to make this a reference at first, but that's

        // nontrival.  At this point I'm not 100% sure it would be a good

        // idea.

        d: MdDigest,

    },

    /// A microdescriptor that we have.

    Present {

        /// The microdescriptor itself.

        md: Arc<Microdesc>,

    },

}

impl std::borrow::Borrow<MdDigest> for MdEntry {

}

impl MdEntry {

    /// Return the digest for this entry.

        }

}

impl PartialEq for MdEntry {

}

impl Eq for MdEntry {}

impl std::hash::Hash for MdEntry {

}

/// An opaque type representing the weight with which a relay or set of

/// relays will be selected for a given role.

///

/// Most users should ignore this type, and just use pick_relay instead.

#[derive(

    Copy,

    Eq,

)]

pub struct RelayWeight(u64);

impl RelayWeight {

    /// Try to divide this weight by `rhs`.

    ///

    /// Return a ratio on success, or None on division-by-zero.

        } else {

        }

    /// Compute a ratio `frac` of this weight.

    ///

    /// Return None if frac is less than zero, since negative weights

    /// are impossible.

        } else {

        }

}

impl From<u64> for RelayWeight {

}

/// A view of the Tor directory, suitable for use in building

/// circuits.

///

/// Abstractly, a [`NetDir`] is a set of usable public [`Relay`]s,

/// each of which has its own properties, identity, and correct weighted

/// probability for use under different circumstances.

///

/// A [`NetDir`] is constructed by making a [`PartialNetDir`] from a

/// consensus document, and then adding enough microdescriptors to

/// that `PartialNetDir` so that it can be used to build paths.

/// (Thus, if you have a NetDir, it is definitely adequate to build

/// paths.)

pub struct NetDir {

    /// A microdescriptor consensus that lists the members of the network,

    /// and maps each one to a 'microdescriptor' that has more information

    /// about it

    consensus: Arc<MdConsensus>,

    /// A map from keys to integer values, distributed in the consensus,

    /// and clamped to certain defaults.

    params: NetParameters,

    /// Map from SHA256 digest of microdescriptors to the

    /// microdescriptors themselves.

    mds: HashSet<MdEntry>,

    /// Map from ed25519 identity to index of the routerstatus within

    /// `self.consensus.relays()`.

    ///

    /// Note that we don't know the ed25519 identity of a relay until

    /// we get the microdescriptor for it, so this won't be filled in

    /// until we get the microdescriptors.

    ///

    /// # Implementation note

    ///

    /// For this field, and for `rs_idx_by_rsa`, and for

    /// `MdEntry::*::rsa_idx`, it might be cool to have references instead.

    /// But that would make this into a self-referential structure,

    /// which isn't possible in safe rust.

    rs_idx_by_ed: HashMap<Ed25519Identity, usize>,

    /// Map from RSA identity to index of the routerstatus within

    /// `self.consensus.relays()`.

    ///

    /// This is constructed at the same time as the NetDir object, so it

    /// can be immutable.

    rs_idx_by_rsa: Arc<HashMap<RsaIdentity, usize>>,

    /// Weight values to apply to a given relay when deciding how frequently

    /// to choose it for a given role.

    weights: weight::WeightSet,

}

/// A partially build NetDir -- it can't be unwrapped until it has

/// enough information to build safe paths.

pub struct PartialNetDir {

    /// The netdir that's under construction.

    netdir: NetDir,

}

/// A view of a relay on the Tor network, suitable for building circuits.

// TODO: This should probably be a more specific struct, with a trait

// that implements it.

pub struct Relay<'a> {

    /// A router descriptor for this relay.

    rs: &'a netstatus::MdConsensusRouterStatus,

    /// A microdescriptor for this relay.

    md: &'a Microdesc,

}

/// A relay that we haven't checked for validity or usability in

/// routing.

pub struct UncheckedRelay<'a> {

    /// A router descriptor for this relay.

    rs: &'a netstatus::MdConsensusRouterStatus,

    /// A microdescriptor for this relay, if there is one.

    md: Option<&'a Microdesc>,

}

/// A partial or full network directory that we can download

/// microdescriptors for.

pub trait MdReceiver {

    /// Return an iterator over the digests for all of the microdescriptors

    /// that this netdir is missing.

    fn missing_microdescs(&self) -> Box<dyn Iterator<Item = &MdDigest> + '_>;

    /// Add a microdescriptor to this netdir, if it was wanted.

    ///

    /// Return true if it was indeed wanted.

    fn add_microdesc(&mut self, md: Microdesc) -> bool;

}

impl PartialNetDir {

    /// Create a new PartialNetDir with a given consensus, and no

    /// microdescriptors loaded.

    ///

    /// If `replacement_params` is provided, override network parameters from

    /// the consensus with those from `replacement_params`.

        // Now see if the user has any parameters to override.

        // (We have to do this now, or else changes won't be reflected in our

        // weights.)

            }

        // Compute the weights we'll want to use for these relays.

    /// Return the declared lifetime of this PartialNetDir.

    /// Fill in as many missing microdescriptors as possible in this

    /// netdir, using the microdescriptors from the previous netdir.

        }

    /// Return true if this are enough information in this directory

    /// to build multihop paths.

    /// If this directory has enough information to build multihop

    /// circuits, return it.

        } else {

        }

    /// Return true if we are currently missing a microdescriptor for the

    /// given RSA identity.

    ///

    /// A descriptor is `missing` only if it is listed in the consensus,

    /// but we don't have it downloaded.

}

impl MdReceiver for PartialNetDir {

}

impl NetDir {

    /// Return the declared lifetime of this NetDir.

    /// Add `md` to this NetDir.

    ///

    /// Return true if we wanted it, and false otherwise.

    #[allow(clippy::missing_panics_doc)] // Can't panic on valid object.

                // There should never be two approved MDs in the same

                // consensus listing the same ID... but if there is,

                // we'll let the most recent one win.

        // Either we already had it, or we never wanted it at all.

    /// Construct a (possibly invalid) Relay object from a routerstatus and its

    /// microdescriptor (if any).

        };

    /// Replace the overridden parameters in this netdir with `new_replacement`.

    ///

    /// After this function is done, the netdir's parameters will be those in

    /// the consensus, overridden by settings from `new_replacement`.  Any

    /// settings in the old replacement parameters will be discarded.

        }

    /// Return an iterator over all Relay objects, including invalid ones

    /// that we can't use.

    /// Return an iterator over all usable Relays.

    /// Return a relay matching a given Ed25519 identity, if we have a

    /// _usable_ relay with that key.

    ///

    /// (Does not return unusable relays.)

    ///

    /// Note that if a microdescriptor is subsequently added for a relay

    /// with this ID, the ID may become usable.

    #[allow(clippy::missing_panics_doc)] // Can't panic on valid object.

    /// Return a relay matching a given Ed25519 identity and RSA identity,

    /// if we have a usable relay with _both_ keys.

    ///

    /// (Does not return unusable relays.)

    ///

    /// Note that if a microdescriptor is subsequently added for a relay

    /// with this ID, the ID may become usable.

    /// Return the usable relay matching a given [`ChanTarget`]'s

    /// identities, if any.

    ///

    /// (Does not return unusable relays.)

    /// Return a boolean if this consensus definitely has (or does not

    /// have) a relay matching both the given Ed25519 and RSA

    /// identity.

    ///

    /// If we can't yet tell for sure, return None.

    ///

    /// Once function has returned `Some(b)`, it will always return that

    /// value for the same `ed_id` and `rsa_id` on this `NetDir`.  A `None`

    /// answer may later become `Some(b)` if a microdescriptor arrives.

            }

            None => {

                // Definitely not listed.

            }

        }

    /// Return true if we are currently missing a micro descriptor for the

    /// given RSA identity.

    ///

    /// A descriptor is `missing` only if it is listed in the consensus,

    /// but we don't have it downloaded.

        }

    /// Return a (possibly unusable) relay with a given RSA identity.

    #[allow(clippy::missing_panics_doc)] // Can't panic on valid object.

    /// Return the relay with a given RSA identity, if we have one

    /// and it is usable.

    pub fn by_rsa_id(&self, rsa_id: &RsaIdentity) -> Option<Relay<'_>> {

    /// Return true if `rsa_id` is listed in this directory, even if it

    /// isn't currently usable.

    /// Return the parameters from the consensus, clamped to the

    /// correct ranges, with defaults filled in.

    ///

    /// NOTE: that unsupported parameters aren't returned here; only those

    /// values configured in the `params` module are available.

    /// Return weighted the fraction of relays we can use.  We only

    /// consider relays that match the predicate `usable`.  We weight

    /// this bandwidth according to the provided `role`.

    ///

    /// If _no_ matching relays in the consensus have a nonzero

    /// weighted bandwidth value, we fall back to looking at the

    /// unweighted fraction of matching relays.

    ///

    /// If there are no matching relays in the consensus, we return 0.0.

        }

            // The consensus lists some weighted bandwidth so return the

            // fraction of the weighted bandwidth for which we have

            // descriptors.

            // The consensus lists no weighted bandwidth for these relays,

            // but at least it does list relays. Return the fraction of

            // relays for which it we have descriptors.

        } else {

            // There are no relays of this kind in the consensus.  Return

            // 0.0, to avoid dividing by zero and giving NaN.

        }

    /// Return the estimated fraction of possible paths that we have

    /// enough microdescriptors to build.

        } else {

            // If there are no exits at all, we use f_m here.

        };

    /// Return true if there is enough information in this NetDir to build

    /// multihop circuits.

    /// Choose a relay at random.

    ///

    /// Each relay is chosen with probability proportional to its weight

    /// in the role `role`, and is only selected if the predicate `usable`

    /// returns true for it.

    ///

    /// This function returns None if (and only if) there are no relays

    /// with nonzero weight where `usable` returned true.

    /// Choose `n` relay at random.

    ///

    /// Each relay is chosen with probability proportional to its weight

    /// in the role `role`, and is only selected if the predicate `usable`

    /// returns true for it.

    ///

    /// Relays are chosen without replacement: no relay will be

    /// returned twice. Therefore, the resulting vector may be smaller

    /// than `n` if we happen to have fewer than `n` appropriate relays.

    ///

    /// This function returns an empty vector if (and only if) there

    /// are no relays with nonzero weight where `usable` returned

    /// true.

        // NOTE: See discussion in pick_relay().

        };

    /// Compute the weight with which `relay` will be selected for a given

    /// `role`.

    /// Compute the total weight with which any relay matching `usable`

    /// will be selected for a given `role`.

    ///

    /// Note: because this function is used to assess the total

    /// properties of the consensus, the `usable` predicate takes a

    /// [`RouterStatus`] rather than a [`Relay`].

                } else {

                }

    /// Compute the weight with which a relay with ID `rsa_id` would be

    /// selected for a given `role`.

    ///

    /// Note that weight returned by this function assumes that the

    /// relay with that ID is actually usable; if it isn't usable,

    /// then other weight-related functions will call its weight zero.

    /// Return all relays in this NetDir known to be in the same family as

    /// `relay`.

    ///

    /// This list of members will **not** necessarily include `relay` itself.

    ///

    /// # Limitations

    ///

    /// Two relays only belong to the same family if _each_ relay

    /// claims to share a family with the other.  But if we are

    /// missing a microdescriptor for one of the relays listed by this

    /// relay, we cannot know whether it acknowledges family

    /// membership with this relay or not.  Therefore, this function

    /// can omit family members for which there is not (as yet) any

    /// Relay object.

}

impl MdReceiver for NetDir {

            }

}

impl<'a> UncheckedRelay<'a> {

    /// Return true if this relay is valid and usable.

    ///

    /// This function should return `true` for every Relay we expose

    /// to the user.

    /// If this is usable, return a corresponding Relay object.

            Some(Relay {

            })

        } else {

        }

    /// Return true if this relay has the guard flag.

    /// Return true if this relay is a potential directory cache.

}

impl<'a> Relay<'a> {

    /// Return the Ed25519 ID for this relay.

    /// Return the RsaIdentity for this relay.

    /// Return true if this relay and `other` seem to be the same relay.

    ///

    /// (Two relays are the same if they have the same identity.)

    /// Return true if this relay allows exiting to `port` on IPv4.

    /// Return true if this relay allows exiting to `port` on IPv6.

    /// Return true if this relay is suitable for use as a directory

    /// cache.

    /// Return true if this relay is marked as usable as a new Guard node.

    /// Return true if both relays are in the same subnet, as configured by

    /// `subnet_config`.

    ///

    /// Two relays are considered to be in the same subnet if they

    /// have IPv4 addresses with the same `subnets_family_v4`-bit

    /// prefix, or if they have IPv6 addresses with the same

    /// `subnets_family_v6`-bit prefix.

    /// Return true if both relays are in the same family.

    ///

    /// (Every relay is considered to be in the same family as itself.)

    /// Return true if there are any ports for which this Relay can be

    /// used for exit traffic.

    ///

    /// (Returns false if this relay doesn't allow exit traffic, or if it

    /// has been flagged as a bad exit.)

    /// Return the IPv4 exit policy for this relay. If the relay has been marked BadExit, return an

    /// empty policy

        } else {

        }

    /// Return the IPv6 exit policy for this relay. If the relay has been marked BadExit, return an

    /// empty policy

        } else {

        }

    /// Return the IPv4 exit policy declared by this relay. Contrary to [`Relay::ipv4_policy`],

    /// this does not verify if the relay is marked BadExit.

    /// Return the IPv6 exit policy declared by this relay. Contrary to [`Relay::ipv6_policy`],

    /// this does not verify if the relay is marked BadExit.

    /// Return a reference to this relay's "router status" entry in

    /// the consensus.

    ///

    /// The router status entry contains information about the relay

    /// that the authorities voted on directly.  For most use cases,

    /// you shouldn't need them.

    ///

    /// This function is only available if the crate was built with

    /// its `experimental-api` feature.

    #[cfg(feature = "experimental-api")]

    /// Return a reference to this relay's "microdescriptor" entry in

    /// the consensus.

    ///

    /// A "microdescriptor" is a synopsis of the information about a relay,

    /// used to determine its capabilities and route traffic through it.

    /// For most use cases, you shouldn't need it.

    ///

    /// This function is only available if the crate was built with

    /// its `experimental-api` feature.

    #[cfg(feature = "experimental-api")]

}

impl<'a> ChanTarget for Relay<'a> {

}

impl<'a> tor_linkspec::CircTarget for Relay<'a> {

}

/// Return true if `rs` is usable as a directory cache.

#[cfg(test)]

mod test {

    #![allow(clippy::unwrap_used)]

    #![allow(clippy::cognitive_complexity)]

    use super::*;

    use crate::testnet::*;

    use std::collections::HashSet;

    use std::time::Duration;

    // Basic functionality for a partial netdir: Add microdescriptors,

    // then you have a netdir.

    #[test]

    fn partial_netdir() {

        let (consensus, microdescs) = construct_network().unwrap();

        let dir = PartialNetDir::new(consensus, None);

        // Check the lifetime

        let lifetime = dir.lifetime();

        assert_eq!(

            lifetime

                .valid_until()

                .duration_since(lifetime.valid_after())

                .unwrap(),

            Duration::new(86400, 0)

        );

        // No microdescriptors, so we don't have enough paths, and can't

        // advance.

        assert!(!dir.have_enough_paths());

        let mut dir = match dir.unwrap_if_sufficient() {

            Ok(_) => panic!(),

            Err(d) => d,

        };

        let missing: HashSet<_> = dir.missing_microdescs().collect();

        assert_eq!(missing.len(), 40);

        assert_eq!(missing.len(), dir.netdir.consensus.relays().len());

        for md in &microdescs {

            assert!(missing.contains(md.digest()));

        }

        // Now add all the mds and try again.

        for md in microdescs {

            let wanted = dir.add_microdesc(md);

            assert!(wanted);

        }

        let missing: HashSet<_> = dir.missing_microdescs().collect();

        assert!(missing.is_empty());

        assert!(dir.have_enough_paths());

        let _complete = match dir.unwrap_if_sufficient() {

            Ok(d) => d,

            Err(_) => panic!(),

        };

    }

    #[test]

    fn override_params() {

        let (consensus, _microdescs) = construct_network().unwrap();

        let override_p = "bwweightscale=2 doesnotexist=77 circwindow=500"

            .parse()

            .unwrap();

        let dir = PartialNetDir::new(consensus.clone(), Some(&override_p));

        let params = &dir.netdir.params;

        assert_eq!(params.bw_weight_scale.get(), 2);

        assert_eq!(params.circuit_window.get(), 500_i32);

        // try again without the override.

        let dir = PartialNetDir::new(consensus, None);

        let params = &dir.netdir.params;

        assert_eq!(params.bw_weight_scale.get(), 1_i32);

        assert_eq!(params.circuit_window.get(), 1000_i32);

    }

    #[test]

    fn fill_from_previous() {

        let (consensus, microdescs) = construct_network().unwrap();

        let mut dir = PartialNetDir::new(consensus.clone(), None);

        for md in microdescs.iter().skip(2) {

            let wanted = dir.add_microdesc(md.clone());

            assert!(wanted);

        }

        let dir1 = dir.unwrap_if_sufficient().unwrap();

        assert_eq!(dir1.missing_microdescs().count(), 2);

        let mut dir = PartialNetDir::new(consensus, None);

        assert_eq!(dir.missing_microdescs().count(), 40);

        dir.fill_from_previous_netdir(&dir1);

        assert_eq!(dir.missing_microdescs().count(), 2);

    }

    #[test]

    fn path_count() {

        let low_threshold = "min_paths_for_circs_pct=64".parse().unwrap();

        let high_threshold = "min_paths_for_circs_pct=65".parse().unwrap();

        let (consensus, microdescs) = construct_network().unwrap();

        let mut dir = PartialNetDir::new(consensus.clone(), Some(&low_threshold));

        for (idx, md) in microdescs.iter().enumerate() {

            if idx % 7 == 2 {

                continue; // skip a few relays.

            }

            dir.add_microdesc(md.clone());

        }

        let dir = dir.unwrap_if_sufficient().unwrap();

        // We  have 40 relays that we know about from the consensus.

        assert_eq!(dir.all_relays().count(), 40);

        // But only 34 are usable.

        assert_eq!(dir.relays().count(), 34);

        // For guards: mds 20..=39 correspond to Guard relays.

        // Their bandwidth is 2*(1000+2000+...10000) = 110_000.

        // We skipped 23, 30, and 37.  They have bandwidth

        // 4000 + 1000 + 8000 = 13_000.  So our fractional bandwidth

        // should be (110-13)/110.

        let f = dir.frac_for_role(WeightRole::Guard, |u| u.rs.is_flagged_guard());

        assert!(((97.0 / 110.0) - f).abs() < 0.000001);

        // For exits: mds 10..=19 and 30..=39 correspond to Exit relays.

        // We skipped 16, 30,  and 37. Per above our fractional bandwidth is

        // (110-16)/110.

        let f = dir.frac_for_role(WeightRole::Exit, |u| u.rs.is_flagged_exit());

        assert!(((94.0 / 110.0) - f).abs() < 0.000001);

        // For middles: all relays are middles. We skipped 2, 9, 16,

        // 23, 30, and 37. Per above our fractional bandwidth is

        // (220-33)/220

        let f = dir.frac_for_role(WeightRole::Middle, |_| true);

        assert!(((187.0 / 220.0) - f).abs() < 0.000001);

        // Multiplying those together, we get the fraction of paths we can

        // build at ~0.64052066, which is above the threshold we set above for

        // MinPathsForCircsPct.

        let f = dir.frac_usable_paths();

        assert!((f - 0.64052066).abs() < 0.000001);

        // But if we try again with a slightly higher threshold...

        let mut dir = PartialNetDir::new(consensus, Some(&high_threshold));

        for (idx, md) in microdescs.into_iter().enumerate() {

            if idx % 7 == 2 {

                continue; // skip a few relays.

            }

            dir.add_microdesc(md);

        }

        assert!(dir.unwrap_if_sufficient().is_err());

    }

    #[test]

    fn test_pick() {

        use crate::testing::*; // for stochastic testing

        let (consensus, microdescs) = construct_network().unwrap();

        let mut dir = PartialNetDir::new(consensus, None);

        for md in microdescs.into_iter() {

            let wanted = dir.add_microdesc(md.clone());

            assert!(wanted);

        }

        let dir = dir.unwrap_if_sufficient().unwrap();

        let total = get_iters() as isize;

        let mut picked = [0_isize; 40];

        let mut rng = get_rng();

        for _ in 0..get_iters() {

            let r = dir.pick_relay(&mut rng, WeightRole::Middle, |r| {

                r.supports_exit_port_ipv4(80)

            });

            let r = r.unwrap();

            let id_byte = r.rsa_identity().as_bytes()[0];

            picked[id_byte as usize] += 1;

        }

        // non-exits should never get picked.

        picked[0..10].iter().for_each(|x| assert_eq!(*x, 0));

        picked[20..30].iter().for_each(|x| assert_eq!(*x, 0));

        // We didn't we any non-default weights, so the other relays get

        // weighted proportional to their bandwidth.

        check_close(picked[19], (total * 10) / 110);

        check_close(picked[38], (total * 9) / 110);

        check_close(picked[39], (total * 10) / 110);

    }

    #[test]

    fn test_pick_multiple() {

        // This is mostly a copy of test_pick, except that it uses

        // pick_n_relays to pick several relays at once.

        use crate::testing::*; // for stochastic testing

        let dir = construct_netdir().unwrap().unwrap_if_sufficient().unwrap();

        let total = get_iters() as isize;

        let mut picked = [0_isize; 40];

        let mut rng = get_rng();

        for _ in 0..get_iters() / 4 {

            let relays = dir.pick_n_relays(&mut rng, 4, WeightRole::Middle, |r| {

                r.supports_exit_port_ipv4(80)

            });

            assert_eq!(relays.len(), 4);

            for r in relays {

                let id_byte = r.rsa_identity().as_bytes()[0];

                picked[id_byte as usize] += 1;

            }

        }

        // non-exits should never get picked.

        picked[0..10].iter().for_each(|x| assert_eq!(*x, 0));

        picked[20..30].iter().for_each(|x| assert_eq!(*x, 0));

        // We didn't we any non-default weights, so the other relays get

        // weighted proportional to their bandwidth.

        check_close(picked[19], (total * 10) / 110);

        check_close(picked[36], (total * 7) / 110);

        check_close(picked[39], (total * 10) / 110);

    }

    #[test]

    fn subnets() {

        let cfg = SubnetConfig::default();

        fn same_net(cfg: &SubnetConfig, a: &str, b: &str) -> bool {

            cfg.addrs_in_same_subnet(&a.parse().unwrap(), &b.parse().unwrap())

        }

        assert!(same_net(&cfg, "127.15.3.3", "127.15.9.9"));

        assert!(!same_net(&cfg, "127.15.3.3", "127.16.9.9"));

        assert!(!same_net(&cfg, "127.15.3.3", "127::"));

        assert!(same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:91:34::"));

        assert!(!same_net(&cfg, "ffff:ffff:90:33::", "ffff:fffe:91:34::"));

        let cfg = SubnetConfig {

            subnets_family_v4: 32,

            subnets_family_v6: 128,

        };

        assert!(!same_net(&cfg, "127.15.3.3", "127.15.9.9"));

        assert!(!same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:91:34::"));

        assert!(same_net(&cfg, "127.0.0.1", "127.0.0.1"));

        assert!(!same_net(&cfg, "127.0.0.1", "127.0.0.2"));

        assert!(same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:90:33::"));

        let cfg = SubnetConfig {

            subnets_family_v4: 33,

            subnets_family_v6: 129,

        };

        assert!(!same_net(&cfg, "127.0.0.1", "127.0.0.1"));

        assert!(!same_net(&cfg, "::", "::"));

    }

    #[test]

    fn relay_funcs() {

        let (consensus, microdescs) = construct_custom_network(|idx, nb| {

            if idx == 15 {

                nb.rs.add_or_port("[f0f0::30]:9001".parse().unwrap());

            } else if idx == 20 {

                nb.rs.add_or_port("[f0f0::3131]:9001".parse().unwrap());

            }

        })

        .unwrap();

        let subnet_config = SubnetConfig::default();

        let mut dir = PartialNetDir::new(consensus, None);

        for md in microdescs.into_iter() {

            let wanted = dir.add_microdesc(md.clone());

            assert!(wanted);

        }

        let dir = dir.unwrap_if_sufficient().unwrap();