网络

开发平台：

Unix_Linux

routerlist.c：源码内容

sd->extra_info_digest);
if (ei_tmp) {
rl->extrainfo_store.bytes_dropped +=
ei_tmp->cache_info.signed_descriptor_len;
extrainfo_free(ei_tmp);
}
if (!tor_digest_is_zero(sd->extra_info_digest))
sdmap_remove(rl->desc_by_eid_map, sd->extra_info_digest);
signed_descriptor_free(sd);
#ifdef DEBUG_ROUTERLIST
routerlist_assert_ok(rl);
#endif
}
/** Remove ri_old from the routerlist rl, and replace it with
* ri_new, updating all index info. If idx is nonnegative and
* smartlist_get(rl->routers, idx) == ri, we don't need to do a linear
* search over the list to decide which to remove. We put ri_new in the same
* index as ri_old, if possible. ri is freed as appropriate.
*
* If should_cache_descriptors() is true, instead of deleting the router,
* we add it to rl->old_routers. */
static void
routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
routerinfo_t *ri_new)
{
int idx;
routerinfo_t *ri_tmp;
extrainfo_t *ei_tmp;
{
/* XXXX Remove this if it turns out to slow us down. */
routerinfo_t *ri_generated = router_get_my_routerinfo();
tor_assert(ri_generated != ri_new);
}
tor_assert(ri_old != ri_new);
tor_assert(ri_new->cache_info.routerlist_index == -1);
idx = ri_old->cache_info.routerlist_index;
tor_assert(0 <= idx && idx < smartlist_len(rl->routers));
tor_assert(smartlist_get(rl->routers, idx) == ri_old);
router_dir_info_changed();
if (idx >= 0) {
smartlist_set(rl->routers, idx, ri_new);
ri_old->cache_info.routerlist_index = -1;
ri_new->cache_info.routerlist_index = idx;
/* Check that ri_old is not in rl->routers anymore: */
tor_assert( _routerlist_find_elt(rl->routers, ri_old, -1) == -1 );
} else {
log_warn(LD_BUG, "Appending entry from routerlist_replace.");
routerlist_insert(rl, ri_new);
return;
}
if (memcmp(ri_old->cache_info.identity_digest,
ri_new->cache_info.identity_digest, DIGEST_LEN)) {
/* digests don't match; digestmap_set won't replace */
rimap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
}
ri_tmp = rimap_set(rl->identity_map,
ri_new->cache_info.identity_digest, ri_new);
tor_assert(!ri_tmp || ri_tmp == ri_old);
sdmap_set(rl->desc_digest_map,
ri_new->cache_info.signed_descriptor_digest,
&(ri_new->cache_info));
if (!tor_digest_is_zero(ri_new->cache_info.extra_info_digest)) {
sdmap_set(rl->desc_by_eid_map, ri_new->cache_info.extra_info_digest,
&ri_new->cache_info);
}
if (should_cache_old_descriptors() &&
ri_old->purpose == ROUTER_PURPOSE_GENERAL) {
signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
smartlist_add(rl->old_routers, sd);
sd->routerlist_index = smartlist_len(rl->old_routers)-1;
sdmap_set(rl->desc_digest_map, sd->signed_descriptor_digest, sd);
if (!tor_digest_is_zero(sd->extra_info_digest))
sdmap_set(rl->desc_by_eid_map, sd->extra_info_digest, sd);
} else {
if (memcmp(ri_old->cache_info.signed_descriptor_digest,
ri_new->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
/* digests don't match; digestmap_set didn't replace */
sdmap_remove(rl->desc_digest_map,
ri_old->cache_info.signed_descriptor_digest);
}
ei_tmp = eimap_remove(rl->extra_info_map,
ri_old->cache_info.extra_info_digest);
if (ei_tmp) {
rl->extrainfo_store.bytes_dropped +=
ei_tmp->cache_info.signed_descriptor_len;
extrainfo_free(ei_tmp);
}
if (!tor_digest_is_zero(ri_old->cache_info.extra_info_digest)) {
sdmap_remove(rl->desc_by_eid_map,
ri_old->cache_info.extra_info_digest);
}
rl->desc_store.bytes_dropped += ri_old->cache_info.signed_descriptor_len;
routerinfo_free(ri_old);
}
#ifdef DEBUG_ROUTERLIST
routerlist_assert_ok(rl);
#endif
}
/** Extract the descriptor sd from old_routerlist, and re-parse
* it as a fresh routerinfo_t. */
static routerinfo_t *
routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
{
routerinfo_t *ri;
const char *body;
body = signed_descriptor_get_annotations(sd);
ri = router_parse_entry_from_string(body,
body+sd->signed_descriptor_len+sd->annotations_len,
0, 1, NULL);
if (!ri)
return NULL;
memcpy(&ri->cache_info, sd, sizeof(signed_descriptor_t));
sd->signed_descriptor_body = NULL; /* Steal reference. */
ri->cache_info.routerlist_index = -1;
routerlist_remove_old(rl, sd, -1);
return ri;
}
/** Free all memory held by the routerlist module. */
void
routerlist_free_all(void)
{
if (routerlist)
routerlist_free(routerlist);
routerlist = NULL;
if (warned_nicknames) {
SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
smartlist_free(warned_nicknames);
warned_nicknames = NULL;
}
if (trusted_dir_servers) {
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
trusted_dir_server_free(ds));
smartlist_free(trusted_dir_servers);
trusted_dir_servers = NULL;
}
if (trusted_dir_certs) {
DIGESTMAP_FOREACH(trusted_dir_certs, key, cert_list_t *, cl) {
SMARTLIST_FOREACH(cl->certs, authority_cert_t *, cert,
authority_cert_free(cert));
smartlist_free(cl->certs);
tor_free(cl);
} DIGESTMAP_FOREACH_END;
digestmap_free(trusted_dir_certs, NULL);
trusted_dir_certs = NULL;
}
}
/** Forget that we have issued any router-related warnings, so that we'll
* warn again if we see the same errors. */
void
routerlist_reset_warnings(void)
{
if (!warned_nicknames)
warned_nicknames = smartlist_create();
SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
smartlist_clear(warned_nicknames); /* now the list is empty. */
networkstatus_reset_warnings();
}
/** Mark the router with ID digest as running or non-running
* in our routerlist. */
void
router_set_status(const char *digest, int up)
{
routerinfo_t *router;
routerstatus_t *status;
tor_assert(digest);
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
if (!memcmp(d->digest, digest, DIGEST_LEN))
d->is_running = up);
router = router_get_by_digest(digest);
if (router) {
log_debug(LD_DIR,"Marking router '%s/%s' as %s.",
router->nickname, router->address, up ? "up" : "down");
if (!up && router_is_me(router) && !we_are_hibernating())
log_warn(LD_NET, "We just marked ourself as down. Are your external "
"addresses reachable?");
router->is_running = up;
}
status = router_get_consensus_status_by_id(digest);
if (status && status->is_running != up) {
status->is_running = up;
control_event_networkstatus_changed_single(status);
}
router_dir_info_changed();
}
/** Add router to the routerlist, if we don't already have it. Replace
* older entries (if any) with the same key. Note: Callers should not hold
* their pointers to router if this function fails; router
* will either be inserted into the routerlist or freed. Similarly, even
* if this call succeeds, they should not hold their pointers to
* router after subsequent calls with other routerinfo's -- they
* might cause the original routerinfo to get freed.
*
* Returns the status for the operation. Might set *msg if it wants
* the poster of the router to know something.
*
* If from_cache, this descriptor came from our disk cache. If
* from_fetch, we received it in response to a request we made.
* (If both are false, that means it was uploaded to us as an auth dir
* server or via the controller.)
*
* This function should be called *after*
* routers_update_status_from_consensus_networkstatus; subsequently, you
* should call router_rebuild_store and routerlist_descriptors_added.
*/
was_router_added_t
router_add_to_routerlist(routerinfo_t *router, const char **msg,
int from_cache, int from_fetch)
{
const char *id_digest;
int authdir = authdir_mode_handles_descs(get_options(), router->purpose);
int authdir_believes_valid = 0;
routerinfo_t *old_router;
networkstatus_t *consensus = networkstatus_get_latest_consensus();
const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
int in_consensus = 0;
tor_assert(msg);
if (!routerlist)
router_get_routerlist();
id_digest = router->cache_info.identity_digest;
/* Make sure that we haven't already got this exact descriptor. */
if (sdmap_get(routerlist->desc_digest_map,
router->cache_info.signed_descriptor_digest)) {
log_info(LD_DIR,
"Dropping descriptor that we already have for router '%s'",
router->nickname);
*msg = "Router descriptor was not new.";
routerinfo_free(router);
return ROUTER_WAS_NOT_NEW;
}
if (authdir) {
if (authdir_wants_to_reject_router(router, msg,
!from_cache && !from_fetch)) {
tor_assert(*msg);
routerinfo_free(router);
return ROUTER_AUTHDIR_REJECTS;
}
authdir_believes_valid = router->is_valid;
} else if (from_fetch) {
/* Only check the descriptor digest against the network statuses when
* we are receiving in response to a fetch. */
if (!signed_desc_digest_is_recognized(&router->cache_info) &&
!routerinfo_is_a_configured_bridge(router)) {
/* We asked for it, so some networkstatus must have listed it when we
* did. Save it if we're a cache in case somebody else asks for it. */
log_info(LD_DIR,
"Received a no-longer-recognized descriptor for router '%s'",
router->nickname);
*msg = "Router descriptor is not referenced by any network-status.";
/* Only journal this desc if we'll be serving it. */
if (!from_cache && should_cache_old_descriptors())
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
routerlist_insert_old(routerlist, router);
return ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS;
}
}
/* We no longer need a router with this descriptor digest. */
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
{
routerstatus_t *rs =
networkstatus_v2_find_entry(ns, router->cache_info.identity_digest);
if (rs && !memcmp(rs->descriptor_digest,
router->cache_info.signed_descriptor_digest,
DIGEST_LEN))
rs->need_to_mirror = 0;
});
if (consensus) {
routerstatus_t *rs = networkstatus_vote_find_entry(consensus,
router->cache_info.identity_digest);
if (rs && !memcmp(rs->descriptor_digest,
router->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
in_consensus = 1;
rs->need_to_mirror = 0;
}
}
if (router->purpose == ROUTER_PURPOSE_GENERAL &&
consensus && !in_consensus && !authdir) {
/* If it's a general router not listed in the consensus, then don't
* consider replacing the latest router with it. */
if (!from_cache && should_cache_old_descriptors())
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
routerlist_insert_old(routerlist, router);
*msg = "Skipping router descriptor: not in consensus.";
return ROUTER_NOT_IN_CONSENSUS;
}
/* If we have a router with the same identity key, choose the newer one. */
old_router = rimap_get(routerlist->identity_map,
router->cache_info.identity_digest);
if (old_router) {
if (!in_consensus && (router->cache_info.published_on <=
old_router->cache_info.published_on)) {
/* Same key, but old. This one is not listed in the consensus. */
log_debug(LD_DIR, "Skipping not-new descriptor for router '%s'",
router->nickname);
/* Only journal this desc if we'll be serving it. */
if (!from_cache && should_cache_old_descriptors())
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
routerlist_insert_old(routerlist, router);
*msg = "Router descriptor was not new.";
return ROUTER_WAS_NOT_NEW;
} else {
/* Same key, and either new, or listed in the consensus. */
log_debug(LD_DIR, "Replacing entry for router '%s/%s' [%s]",
router->nickname, old_router->nickname,
hex_str(id_digest,DIGEST_LEN));
if (router->addr == old_router->addr &&
router->or_port == old_router->or_port) {
/* these carry over when the address and orport are unchanged. */
router->last_reachable = old_router->last_reachable;
router->testing_since = old_router->testing_since;
}
routerlist_replace(routerlist, old_router, router);
if (!from_cache) {
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
}
directory_set_dirty();
*msg = authdir_believes_valid ? "Valid server updated" :
("Invalid server updated. (This dirserver is marking your "
"server as unapproved.)");
return ROUTER_ADDED_SUCCESSFULLY;
}
}
if (!in_consensus && from_cache &&
router->cache_info.published_on < time(NULL) - OLD_ROUTER_DESC_MAX_AGE) {
*msg = "Router descriptor was really old.";
routerinfo_free(router);
return ROUTER_WAS_NOT_NEW;
}
/* We haven't seen a router with this identity before. Add it to the end of
* the list. */
routerlist_insert(routerlist, router);
if (!from_cache)
signed_desc_append_to_journal(&router->cache_info,
&routerlist->desc_store);
directory_set_dirty();
return ROUTER_ADDED_SUCCESSFULLY;
}
/** Insert ei into the routerlist, or free it. Other arguments are
* as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff
* we actually inserted it, ROUTER_BAD_EI otherwise.
*/
was_router_added_t
router_add_extrainfo_to_routerlist(extrainfo_t *ei, const char **msg,
int from_cache, int from_fetch)
{
int inserted;
(void)from_fetch;
if (msg) *msg = NULL;
/*XXXX022 Do something with msg */
inserted = extrainfo_insert(router_get_routerlist(), ei);
if (inserted && !from_cache)
signed_desc_append_to_journal(&ei->cache_info,
&routerlist->extrainfo_store);
if (inserted)
return ROUTER_ADDED_SUCCESSFULLY;
else
return ROUTER_BAD_EI;
}
/** Sorting helper: return <0, 0, or >0 depending on whether the
* signed_descriptor_t* in *a has an identity digest preceding, equal
* to, or later than that of *b. */
static int
_compare_old_routers_by_identity(const void **_a, const void **_b)
{
int i;
const signed_descriptor_t *r1 = *_a, *r2 = *_b;
if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
return i;
return (int)(r1->published_on - r2->published_on);
}
/** Internal type used to represent how long an old descriptor was valid,
* where it appeared in the list of old descriptors, and whether it's extra
* old. Used only by routerlist_remove_old_cached_routers_with_id(). */
struct duration_idx_t {
int duration;
int idx;
int old;
};
/** Sorting helper: compare two duration_idx_t by their duration. */
static int
_compare_duration_idx(const void *_d1, const void *_d2)
{
const struct duration_idx_t *d1 = _d1;
const struct duration_idx_t *d2 = _d2;
return d1->duration - d2->duration;
}
/** The range lo through hi inclusive of routerlist->old_routers
* must contain routerinfo_t with the same identity and with publication time
* in ascending order. Remove members from this range until there are no more
* than max_descriptors_per_router() remaining. Start by removing the oldest
* members from before cutoff, then remove members which were current
* for the lowest amount of time. The order of members of old_routers at
* indices lo or higher may be changed.
*/
static void
routerlist_remove_old_cached_routers_with_id(time_t now,
time_t cutoff, int lo, int hi,
digestset_t *retain)
{
int i, n = hi-lo+1;
unsigned n_extra, n_rmv = 0;
struct duration_idx_t *lifespans;
uint8_t *rmv, *must_keep;
smartlist_t *lst = routerlist->old_routers;
#if 1
const char *ident;
tor_assert(hi < smartlist_len(lst));
tor_assert(lo <= hi);
ident = ((signed_descriptor_t*)smartlist_get(lst, lo))->identity_digest;
for (i = lo+1; i <= hi; ++i) {
signed_descriptor_t *r = smartlist_get(lst, i);
tor_assert(!memcmp(ident, r->identity_digest, DIGEST_LEN));
}
#endif
/* Check whether we need to do anything at all. */
{
int mdpr = directory_caches_dir_info(get_options()) ? 2 : 1;
if (n <= mdpr)
return;
n_extra = n - mdpr;
}
lifespans = tor_malloc_zero(sizeof(struct duration_idx_t)*n);
rmv = tor_malloc_zero(sizeof(uint8_t)*n);
must_keep = tor_malloc_zero(sizeof(uint8_t)*n);
/* Set lifespans to contain the lifespan and index of each server. */
/* Set rmv[i-lo]=1 if we're going to remove a server for being too old. */
for (i = lo; i <= hi; ++i) {
signed_descriptor_t *r = smartlist_get(lst, i);
signed_descriptor_t *r_next;
lifespans[i-lo].idx = i;
if (r->last_listed_as_valid_until >= now ||
(retain && digestset_isin(retain, r->signed_descriptor_digest))) {
must_keep[i-lo] = 1;
}
if (i < hi) {
r_next = smartlist_get(lst, i+1);
tor_assert(r->published_on <= r_next->published_on);
lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
} else {
r_next = NULL;
lifespans[i-lo].duration = INT_MAX;
}
if (!must_keep[i-lo] && r->published_on < cutoff && n_rmv < n_extra) {
++n_rmv;
lifespans[i-lo].old = 1;
rmv[i-lo] = 1;
}
}
if (n_rmv < n_extra) {
/**
* We aren't removing enough servers for being old. Sort lifespans by
* the duration of liveness, and remove the ones we're not already going to
* remove based on how long they were alive.
**/
qsort(lifespans, n, sizeof(struct duration_idx_t), _compare_duration_idx);
for (i = 0; i < n && n_rmv < n_extra; ++i) {
if (!must_keep[lifespans[i].idx-lo] && !lifespans[i].old) {
rmv[lifespans[i].idx-lo] = 1;
++n_rmv;
}
}
}
i = hi;
do {
if (rmv[i-lo])
routerlist_remove_old(routerlist, smartlist_get(lst, i), i);
} while (--i >= lo);
tor_free(must_keep);
tor_free(rmv);
tor_free(lifespans);
}
/** Deactivate any routers from the routerlist that are more than
* ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses;
* remove old routers from the list of cached routers if we have too many.
*/
void
routerlist_remove_old_routers(void)
{
int i, hi=-1;
const char *cur_id = NULL;
time_t now = time(NULL);
time_t cutoff;
routerinfo_t *router;
signed_descriptor_t *sd;
digestset_t *retain;
int caches = directory_caches_dir_info(get_options());
const networkstatus_t *consensus = networkstatus_get_latest_consensus();
const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
int have_enough_v2;
trusted_dirs_remove_old_certs();
if (!routerlist || !consensus)
return;
// routerlist_assert_ok(routerlist);
/* We need to guess how many router descriptors we will wind up wanting to
retain, so that we can be sure to allocate a large enough Bloom filter
to hold the digest set. Overestimating is fine; underestimating is bad.
*/
{
/* We'll probably retain everything in the consensus. */
int n_max_retain = smartlist_len(consensus->routerstatus_list);
if (caches && networkstatus_v2_list) {
/* If we care about v2 statuses, we'll retain at most as many as are
listed any of the v2 statues. This will be at least the length of
the largest v2 networkstatus, and in the worst case, this set will be
equal to the sum of the lengths of all v2 consensuses. Take the
worst case.
*/
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
n_max_retain += smartlist_len(ns->entries));
}
retain = digestset_new(n_max_retain);
}
cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
/* Build a list of all the descriptors that _anybody_ lists. */
if (caches && networkstatus_v2_list) {
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
{
/* XXXX The inner loop here gets pretty expensive, and actually shows up
* on some profiles. It may be the reason digestmap_set shows up in
* profiles too. If instead we kept a per-descriptor digest count of
* how many networkstatuses recommended each descriptor, and changed
* that only when the networkstatuses changed, that would be a speed
* improvement, possibly 1-4% if it also removes digestmap_set from the
* profile. Not worth it for 0.1.2.x, though. The new directory
* system will obsolete this whole thing in 0.2.0.x. */
SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
if (rs->published_on >= cutoff)
digestset_add(retain, rs->descriptor_digest));
});
}
/* Retain anything listed in the consensus. */
if (consensus) {
SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
if (rs->published_on >= cutoff)
digestset_add(retain, rs->descriptor_digest));
}
/* If we have a consensus, and nearly as many v2 networkstatuses as we want,
* we should consider pruning current routers that are too old and that
* nobody recommends. (If we don't have a consensus or enough v2
* networkstatuses, then we should get more before we decide to kill
* routers.) */
/* we set this to true iff we don't care about v2 info, or we have enough. */
have_enough_v2 = !caches ||
(networkstatus_v2_list &&
smartlist_len(networkstatus_v2_list) > get_n_v2_authorities() / 2);
if (have_enough_v2 && consensus) {
cutoff = now - ROUTER_MAX_AGE;
/* Remove too-old unrecommended members of routerlist->routers. */
for (i = 0; i < smartlist_len(routerlist->routers); ++i) {
router = smartlist_get(routerlist->routers, i);
if (router->cache_info.published_on <= cutoff &&
router->cache_info.last_listed_as_valid_until < now &&
!digestset_isin(retain,
router->cache_info.signed_descriptor_digest)) {
/* Too old: remove it. (If we're a cache, just move it into
* old_routers.) */
log_info(LD_DIR,
"Forgetting obsolete (too old) routerinfo for router '%s'",
router->nickname);
routerlist_remove(routerlist, router, 1, now);
i--;
}
}
}
//routerlist_assert_ok(routerlist);
/* Remove far-too-old members of routerlist->old_routers. */
cutoff = now - OLD_ROUTER_DESC_MAX_AGE;
for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
sd = smartlist_get(routerlist->old_routers, i);
if (sd->published_on <= cutoff &&
sd->last_listed_as_valid_until < now &&
!digestset_isin(retain, sd->signed_descriptor_digest)) {
/* Too old. Remove it. */
routerlist_remove_old(routerlist, sd, i--);
}
}
//routerlist_assert_ok(routerlist);
log_info(LD_DIR, "We have %d live routers and %d old router descriptors.",
smartlist_len(routerlist->routers),
smartlist_len(routerlist->old_routers));
/* Now we might have to look at routerlist->old_routers for extraneous
* members. (We'd keep all the members if we could, but we need to save
* space.) First, check whether we have too many router descriptors, total.
* We're okay with having too many for some given router, so long as the
* total number doesn't approach max_descriptors_per_router()*len(router).
*/
if (smartlist_len(routerlist->old_routers) <
smartlist_len(routerlist->routers))
goto done;
/* Sort by identity, then fix indices. */
smartlist_sort(routerlist->old_routers, _compare_old_routers_by_identity);
/* Fix indices. */
for (i = 0; i < smartlist_len(routerlist->old_routers); ++i) {
signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
r->routerlist_index = i;
}
/* Iterate through the list from back to front, so when we remove descriptors
* we don't mess up groups we haven't gotten to. */
for (i = smartlist_len(routerlist->old_routers)-1; i >= 0; --i) {
signed_descriptor_t *r = smartlist_get(routerlist->old_routers, i);
if (!cur_id) {
cur_id = r->identity_digest;
hi = i;
}
if (memcmp(cur_id, r->identity_digest, DIGEST_LEN)) {
routerlist_remove_old_cached_routers_with_id(now,
cutoff, i+1, hi, retain);
cur_id = r->identity_digest;
hi = i;
}
}
if (hi>=0)
routerlist_remove_old_cached_routers_with_id(now, cutoff, 0, hi, retain);
//routerlist_assert_ok(routerlist);
done:
digestset_free(retain);
router_rebuild_store(RRS_DONT_REMOVE_OLD, &routerlist->desc_store);
router_rebuild_store(RRS_DONT_REMOVE_OLD,&routerlist->extrainfo_store);
}
/** We just added a new set of descriptors. Take whatever extra steps
* we need. */
static void
routerlist_descriptors_added(smartlist_t *sl, int from_cache)
{
tor_assert(sl);
control_event_descriptors_changed(sl);
SMARTLIST_FOREACH(sl, routerinfo_t *, ri,
if (ri->purpose == ROUTER_PURPOSE_BRIDGE)
learned_bridge_descriptor(ri, from_cache);
);
}
/**
* Code to parse a single router descriptor and insert it into the
* routerlist. Return -1 if the descriptor was ill-formed; 0 if the
* descriptor was well-formed but could not be added; and 1 if the
* descriptor was added.
*
* If we don't add it and msg is not NULL, then assign to
* *msg a static string describing the reason for refusing the
* descriptor.
*
* This is used only by the controller.
*/
int
router_load_single_router(const char *s, uint8_t purpose, int cache,
const char **msg)
{
routerinfo_t *ri;
was_router_added_t r;
smartlist_t *lst;
char annotation_buf[ROUTER_ANNOTATION_BUF_LEN];
tor_assert(msg);
*msg = NULL;
tor_snprintf(annotation_buf, sizeof(annotation_buf),
"@source controllern"
"@purpose %sn", router_purpose_to_string(purpose));
if (!(ri = router_parse_entry_from_string(s, NULL, 1, 0, annotation_buf))) {
log_warn(LD_DIR, "Error parsing router descriptor; dropping.");
*msg = "Couldn't parse router descriptor.";
return -1;
}
tor_assert(ri->purpose == purpose);
if (router_is_me(ri)) {
log_warn(LD_DIR, "Router's identity key matches mine; dropping.");
*msg = "Router's identity key matches mine.";
routerinfo_free(ri);
return 0;
}
if (!cache) /* obey the preference of the controller */
ri->cache_info.do_not_cache = 1;
lst = smartlist_create();
smartlist_add(lst, ri);
routers_update_status_from_consensus_networkstatus(lst, 0);
r = router_add_to_routerlist(ri, msg, 0, 0);
if (!WRA_WAS_ADDED(r)) {
/* we've already assigned to *msg now, and ri is already freed */
tor_assert(*msg);
if (r == ROUTER_AUTHDIR_REJECTS)
log_warn(LD_DIR, "Couldn't add router to list: %s Dropping.", *msg);
smartlist_free(lst);
return 0;
} else {
routerlist_descriptors_added(lst, 0);
smartlist_free(lst);
log_debug(LD_DIR, "Added router to list");
return 1;
}
}
/** Given a string s containing some routerdescs, parse it and put the
* routers into our directory. If saved_location is SAVED_NOWHERE, the routers
* are in response to a query to the network: cache them by adding them to
* the journal.
*
* Return the number of routers actually added.
*
* If requested_fingerprints is provided, it must contain a list of
* uppercased fingerprints. Do not update any router whose
* fingerprint is not on the list; after updating a router, remove its
* fingerprint from the list.
*
* If descriptor_digests is non-zero, then the requested_fingerprints
* are descriptor digests. Otherwise they are identity digests.
*/
int
router_load_routers_from_string(const char *s, const char *eos,
saved_location_t saved_location,
smartlist_t *requested_fingerprints,
int descriptor_digests,
const char *prepend_annotations)
{
smartlist_t *routers = smartlist_create(), *changed = smartlist_create();
char fp[HEX_DIGEST_LEN+1];
const char *msg;
int from_cache = (saved_location != SAVED_NOWHERE);
int allow_annotations = (saved_location != SAVED_NOWHERE);
int any_changed = 0;
router_parse_list_from_string(&s, eos, routers, saved_location, 0,
allow_annotations, prepend_annotations);
routers_update_status_from_consensus_networkstatus(routers, !from_cache);
log_info(LD_DIR, "%d elements to add", smartlist_len(routers));
SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
was_router_added_t r;
char d[DIGEST_LEN];
if (requested_fingerprints) {
base16_encode(fp, sizeof(fp), descriptor_digests ?
ri->cache_info.signed_descriptor_digest :
ri->cache_info.identity_digest,
DIGEST_LEN);
if (smartlist_string_isin(requested_fingerprints, fp)) {
smartlist_string_remove(requested_fingerprints, fp);
} else {
char *requested =
smartlist_join_strings(requested_fingerprints," ",0,NULL);
log_warn(LD_DIR,
"We received a router descriptor with a fingerprint (%s) "
"that we never requested. (We asked for: %s.) Dropping.",
fp, requested);
tor_free(requested);
routerinfo_free(ri);
continue;
}
}
memcpy(d, ri->cache_info.signed_descriptor_digest, DIGEST_LEN);
r = router_add_to_routerlist(ri, &msg, from_cache, !from_cache);
if (WRA_WAS_ADDED(r)) {
any_changed++;
smartlist_add(changed, ri);
routerlist_descriptors_added(changed, from_cache);
smartlist_clear(changed);
} else if (WRA_WAS_REJECTED(r)) {
download_status_t *dl_status;
dl_status = router_get_dl_status_by_descriptor_digest(d);
if (dl_status) {
log_info(LD_GENERAL, "Marking router %s as never downloadable",
hex_str(d, DIGEST_LEN));
download_status_mark_impossible(dl_status);
}
}
} SMARTLIST_FOREACH_END(ri);
routerlist_assert_ok(routerlist);
if (any_changed)
router_rebuild_store(0, &routerlist->desc_store);
smartlist_free(routers);
smartlist_free(changed);
return any_changed;
}
/** Parse one or more extrainfos from s (ending immediately before
* eos if eos is present). Other arguments are as for
* router_load_routers_from_string(). */
void
router_load_extrainfo_from_string(const char *s, const char *eos,
saved_location_t saved_location,
smartlist_t *requested_fingerprints,
int descriptor_digests)
{
smartlist_t *extrainfo_list = smartlist_create();
const char *msg;
int from_cache = (saved_location != SAVED_NOWHERE);
router_parse_list_from_string(&s, eos, extrainfo_list, saved_location, 1, 0,
NULL);
log_info(LD_DIR, "%d elements to add", smartlist_len(extrainfo_list));
SMARTLIST_FOREACH(extrainfo_list, extrainfo_t *, ei, {
was_router_added_t added =
router_add_extrainfo_to_routerlist(ei, &msg, from_cache, !from_cache);
if (WRA_WAS_ADDED(added) && requested_fingerprints) {
char fp[HEX_DIGEST_LEN+1];
base16_encode(fp, sizeof(fp), descriptor_digests ?
ei->cache_info.signed_descriptor_digest :
ei->cache_info.identity_digest,
DIGEST_LEN);
smartlist_string_remove(requested_fingerprints, fp);
/* We silently let people stuff us with extrainfos we didn't ask for,
* so long as we would have wanted them anyway. Since we always fetch
* all the extrainfos we want, and we never actually act on them
* inside Tor, this should be harmless. */
}
});
routerlist_assert_ok(routerlist);
router_rebuild_store(0, &router_get_routerlist()->extrainfo_store);
smartlist_free(extrainfo_list);
}
/** Return true iff any networkstatus includes a descriptor whose digest
* is that of desc. */
static int
signed_desc_digest_is_recognized(signed_descriptor_t *desc)
{
routerstatus_t *rs;
networkstatus_t *consensus = networkstatus_get_latest_consensus();
int caches = directory_caches_dir_info(get_options());
const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
if (consensus) {
rs = networkstatus_vote_find_entry(consensus, desc->identity_digest);
if (rs && !memcmp(rs->descriptor_digest,
desc->signed_descriptor_digest, DIGEST_LEN))
return 1;
}
if (caches && networkstatus_v2_list) {
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
{
if (!(rs = networkstatus_v2_find_entry(ns, desc->identity_digest)))
continue;
if (!memcmp(rs->descriptor_digest,
desc->signed_descriptor_digest, DIGEST_LEN))
return 1;
});
}
return 0;
}
/** Clear all our timeouts for fetching v2 and v3 directory stuff, and then
* give it all a try again. */
void
routerlist_retry_directory_downloads(time_t now)
{
router_reset_status_download_failures();
router_reset_descriptor_download_failures();
update_networkstatus_downloads(now);
update_router_descriptor_downloads(now);
}
/** Return 1 if all running sufficiently-stable routers will reject
* addr:port, return 0 if any might accept it. */
int
router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port,
int need_uptime)
{
addr_policy_result_t r;
if (!routerlist) return 1;
SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, router,
{
if (router->is_running &&
!router_is_unreliable(router, need_uptime, 0, 0)) {
r = compare_addr_to_addr_policy(addr, port, router->exit_policy);
if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
return 0; /* this one could be ok. good enough. */
}
});
return 1; /* all will reject. */
}
/** Return true iff router does not permit exit streams.
*/
int
router_exit_policy_rejects_all(routerinfo_t *router)
{
return router->policy_is_reject_star;
}
/** Add to the list of authoritative directory servers one at
* address:port, with identity key digest. If
* address is NULL, add ourself. Return the new trusted directory
* server entry on success or NULL if we couldn't add it. */
trusted_dir_server_t *
add_trusted_dir_server(const char *nickname, const char *address,
uint16_t dir_port, uint16_t or_port,
const char *digest, const char *v3_auth_digest,
authority_type_t type)
{
trusted_dir_server_t *ent;
uint32_t a;
char *hostname = NULL;
size_t dlen;
if (!trusted_dir_servers)
trusted_dir_servers = smartlist_create();
if (!address) { /* The address is us; we should guess. */
if (resolve_my_address(LOG_WARN, get_options(), &a, &hostname) < 0) {
log_warn(LD_CONFIG,
"Couldn't find a suitable address when adding ourself as a "
"trusted directory server.");
return NULL;
}
} else {
if (tor_lookup_hostname(address, &a)) {
log_warn(LD_CONFIG,
"Unable to lookup address for directory server at '%s'",
address);
return NULL;
}
hostname = tor_strdup(address);
}
ent = tor_malloc_zero(sizeof(trusted_dir_server_t));
ent->nickname = nickname ? tor_strdup(nickname) : NULL;
ent->address = hostname;
ent->addr = a;
ent->dir_port = dir_port;
ent->or_port = or_port;
ent->is_running = 1;
ent->type = type;
memcpy(ent->digest, digest, DIGEST_LEN);
if (v3_auth_digest && (type & V3_AUTHORITY))
memcpy(ent->v3_identity_digest, v3_auth_digest, DIGEST_LEN);
dlen = 64 + strlen(hostname) + (nickname?strlen(nickname):0);
ent->description = tor_malloc(dlen);
if (nickname)
tor_snprintf(ent->description, dlen, "directory server "%s" at %s:%d",
nickname, hostname, (int)dir_port);
else
tor_snprintf(ent->description, dlen, "directory server at %s:%d",
hostname, (int)dir_port);
ent->fake_status.addr = ent->addr;
memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
if (nickname)
strlcpy(ent->fake_status.nickname, nickname,
sizeof(ent->fake_status.nickname));
else
ent->fake_status.nickname[0] = '';
ent->fake_status.dir_port = ent->dir_port;
ent->fake_status.or_port = ent->or_port;
if (ent->or_port)
ent->fake_status.version_supports_begindir = 1;
/* XX021 - wait until authorities are upgraded */
#if 0
ent->fake_status.version_supports_conditional_consensus = 1;
#else
ent->fake_status.version_supports_conditional_consensus = 0;
#endif
smartlist_add(trusted_dir_servers, ent);
router_dir_info_changed();
return ent;
}
/** Free storage held in cert. */
void
authority_cert_free(authority_cert_t *cert)
{
if (!cert)
return;
tor_free(cert->cache_info.signed_descriptor_body);
if (cert->signing_key)
crypto_free_pk_env(cert->signing_key);
if (cert->identity_key)
crypto_free_pk_env(cert->identity_key);
tor_free(cert);
}
/** Free storage held in ds. */
static void
trusted_dir_server_free(trusted_dir_server_t *ds)
{
tor_free(ds->nickname);
tor_free(ds->description);
tor_free(ds->address);
tor_free(ds);
}
/** Remove all members from the list of trusted dir servers. */
void
clear_trusted_dir_servers(void)
{
if (trusted_dir_servers) {
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
trusted_dir_server_free(ent));
smartlist_clear(trusted_dir_servers);
} else {
trusted_dir_servers = smartlist_create();
}
router_dir_info_changed();
}
/** Return 1 if any trusted dir server supports v1 directories,
* else return 0. */
int
any_trusted_dir_is_v1_authority(void)
{
if (trusted_dir_servers)
return get_n_authorities(V1_AUTHORITY) > 0;
return 0;
}
/** For every current directory connection whose purpose is purpose,
* and where the resource being downloaded begins with prefix, split
* rest of the resource into base16 fingerprints, decode them, and set the
* corresponding elements of result to a nonzero value. */
static void
list_pending_downloads(digestmap_t *result,
int purpose, const char *prefix)
{
const size_t p_len = strlen(prefix);
smartlist_t *tmp = smartlist_create();
smartlist_t *conns = get_connection_array();
tor_assert(result);
SMARTLIST_FOREACH(conns, connection_t *, conn,
{
if (conn->type == CONN_TYPE_DIR &&
conn->purpose == purpose &&
!conn->marked_for_close) {
const char *resource = TO_DIR_CONN(conn)->requested_resource;
if (!strcmpstart(resource, prefix))
dir_split_resource_into_fingerprints(resource + p_len,
tmp, NULL, 1, 0);
}
});
SMARTLIST_FOREACH(tmp, char *, d,
{
digestmap_set(result, d, (void*)1);
tor_free(d);
});
smartlist_free(tmp);
}
/** For every router descriptor (or extra-info document if extrainfo is
* true) we are currently downloading by descriptor digest, set result[d] to
* (void*)1. */
static void
list_pending_descriptor_downloads(digestmap_t *result, int extrainfo)
{
int purpose =
extrainfo ? DIR_PURPOSE_FETCH_EXTRAINFO : DIR_PURPOSE_FETCH_SERVERDESC;
list_pending_downloads(result, purpose, "d/");
}
/** Launch downloads for all the descriptors whose digests are listed
* as digests[i] for lo <= i < hi. (Lo and hi may be out of range.)
* If source is given, download from source; otherwise,
* download from an appropriate random directory server.
*/
static void
initiate_descriptor_downloads(routerstatus_t *source,
int purpose,
smartlist_t *digests,
int lo, int hi, int pds_flags)
{
int i, n = hi-lo;
char *resource, *cp;
size_t r_len;
if (n <= 0)
return;
if (lo < 0)
lo = 0;
if (hi > smartlist_len(digests))
hi = smartlist_len(digests);
r_len = 8 + (HEX_DIGEST_LEN+1)*n;
cp = resource = tor_malloc(r_len);
memcpy(cp, "d/", 2);
cp += 2;
for (i = lo; i < hi; ++i) {
base16_encode(cp, r_len-(cp-resource),
smartlist_get(digests,i), DIGEST_LEN);
cp += HEX_DIGEST_LEN;
*cp++ = '+';
}
memcpy(cp-1, ".z", 3);
if (source) {
/* We know which authority we want. */
directory_initiate_command_routerstatus(source, purpose,
ROUTER_PURPOSE_GENERAL,
0, /* not private */
resource, NULL, 0, 0);
} else {
directory_get_from_dirserver(purpose, ROUTER_PURPOSE_GENERAL, resource,
pds_flags);
}
tor_free(resource);
}
/** Return 0 if this routerstatus is obsolete, too new, isn't
* running, or otherwise not a descriptor that we would make any
* use of even if we had it. Else return 1. */
static INLINE int
client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
{
if (!rs->is_running && !options->FetchUselessDescriptors) {
/* If we had this router descriptor, we wouldn't even bother using it.
* But, if we want to have a complete list, fetch it anyway. */
return 0;
}
if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
> now) {
/* Most caches probably don't have this descriptor yet. */
return 0;
}
if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
/* We'd drop it immediately for being too old. */
return 0;
}
return 1;
}
/** Max amount of hashes to download per request.
* Since squid does not like URLs >= 4096 bytes we limit it to 96.
* 4096 - strlen(http://255.255.255.255/tor/server/d/.z) == 4058
* 4058/41 (40 for the hash and 1 for the + that separates them) => 98
* So use 96 because it's a nice number.
*/
#define MAX_DL_PER_REQUEST 96
/** Don't split our requests so finely that we are requesting fewer than
* this number per server. */
#define MIN_DL_PER_REQUEST 4
/** To prevent a single screwy cache from confusing us by selective reply,
* try to split our requests into at least this this many requests. */
#define MIN_REQUESTS 3
/** If we want fewer than this many descriptors, wait until we
* want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
* passed. */
#define MAX_DL_TO_DELAY 16
/** When directory clients have only a few servers to request, they batch
* them until they have more, or until this amount of time has passed. */
#define MAX_CLIENT_INTERVAL_WITHOUT_REQUEST (10*60)
/** Given a list of router descriptor digests in downloadable, decide
* whether to delay fetching until we have more. If we don't want to delay,
* launch one or more requests to the appropriate directory authorities. */
static void
launch_router_descriptor_downloads(smartlist_t *downloadable, time_t now)
{
int should_delay = 0, n_downloadable;
or_options_t *options = get_options();
n_downloadable = smartlist_len(downloadable);
if (!directory_fetches_dir_info_early(options)) {
if (n_downloadable >= MAX_DL_TO_DELAY) {
log_debug(LD_DIR,
"There are enough downloadable routerdescs to launch requests.");
should_delay = 0;
} else {
should_delay = (last_routerdesc_download_attempted +
MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
if (!should_delay && n_downloadable) {
if (last_routerdesc_download_attempted) {
log_info(LD_DIR,
"There are not many downloadable routerdescs, but we've "
"been waiting long enough (%d seconds). Downloading.",
(int)(now-last_routerdesc_download_attempted));
} else {
log_info(LD_DIR,
"There are not many downloadable routerdescs, but we haven't "
"tried downloading descriptors recently. Downloading.");
}
}
}
}
/* XXX should we consider having even the dir mirrors delay
* a little bit, so we don't load the authorities as much? -RD
* I don't think so. If we do, clients that want those descriptors may
* not actually find them if the caches haven't got them yet. -NM
*/
if (! should_delay && n_downloadable) {
int i, n_per_request;
const char *req_plural = "", *rtr_plural = "";
int pds_flags = PDS_RETRY_IF_NO_SERVERS;
if (! authdir_mode_any_nonhidserv(options)) {
/* If we wind up going to the authorities, we want to only open one
* connection to each authority at a time, so that we don't overload
* them. We do this by setting PDS_NO_EXISTING_SERVERDESC_FETCH
* regardless of whether we're a cache or not; it gets ignored if we're
* not calling router_pick_trusteddirserver.
*
* Setting this flag can make initiate_descriptor_downloads() ignore
* requests. We need to make sure that we do in fact call
* update_router_descriptor_downloads() later on, once the connections
* have succeeded or failed.
*/
pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH;
}
n_per_request = (n_downloadable+MIN_REQUESTS-1) / MIN_REQUESTS;
if (n_per_request > MAX_DL_PER_REQUEST)
n_per_request = MAX_DL_PER_REQUEST;
if (n_per_request < MIN_DL_PER_REQUEST)
n_per_request = MIN_DL_PER_REQUEST;
if (n_downloadable > n_per_request)
req_plural = rtr_plural = "s";
else if (n_downloadable > 1)
rtr_plural = "s";
log_info(LD_DIR,
"Launching %d request%s for %d router%s, %d at a time",
(n_downloadable+n_per_request-1)/n_per_request,
req_plural, n_downloadable, rtr_plural, n_per_request);
smartlist_sort_digests(downloadable);
for (i=0; i < n_downloadable; i += n_per_request) {
initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_SERVERDESC,
downloadable, i, i+n_per_request,
pds_flags);
}
last_routerdesc_download_attempted = now;
}
}
/** Launch downloads for router status as needed, using the strategy used by
* authorities and caches: based on the v2 networkstatuses we have, download
* every descriptor we don't have but would serve, from a random authority
* that lists it. */
static void
update_router_descriptor_cache_downloads_v2(time_t now)
{
smartlist_t **downloadable; /* For each authority, what can we dl from it? */
smartlist_t **download_from; /* ... and, what will we dl from it? */
digestmap_t *map; /* Which descs are in progress, or assigned? */
int i, j, n;
int n_download;
or_options_t *options = get_options();
const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
if (! directory_fetches_dir_info_early(options)) {
log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads_v2() "
"on a non-dir-mirror?");
}
if (!networkstatus_v2_list || !smartlist_len(networkstatus_v2_list))
return;
map = digestmap_new();
n = smartlist_len(networkstatus_v2_list);
downloadable = tor_malloc_zero(sizeof(smartlist_t*) * n);
download_from = tor_malloc_zero(sizeof(smartlist_t*) * n);
/* Set map[d]=1 for the digest of every descriptor that we are currently
* downloading. */
list_pending_descriptor_downloads(map, 0);
/* For the digest of every descriptor that we don't have, and that we aren't
* downloading, add d to downloadable[i] if the i'th networkstatus knows
* about that descriptor, and we haven't already failed to get that
* descriptor from the corresponding authority.
*/
n_download = 0;
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
{
trusted_dir_server_t *ds;
smartlist_t *dl;
dl = downloadable[ns_sl_idx] = smartlist_create();
download_from[ns_sl_idx] = smartlist_create();
if (ns->published_on + MAX_NETWORKSTATUS_AGE+10*60 < now) {
/* Don't download if the networkstatus is almost ancient. */
/* Actually, I suspect what's happening here is that we ask
* for the descriptor when we have a given networkstatus,
* and then we get a newer networkstatus, and then we receive
* the descriptor. Having a networkstatus actually expire is
* probably a rare event, and we'll probably be happiest if
* we take this clause out. -RD */
continue;
}
/* Don't try dirservers that we think are down -- we might have
* just tried them and just marked them as down. */
ds = router_get_trusteddirserver_by_digest(ns->identity_digest);
if (ds && !ds->is_running)
continue;
SMARTLIST_FOREACH(ns->entries, routerstatus_t * , rs,
{
if (!rs->need_to_mirror)
continue;
if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
log_warn(LD_BUG,
"We have a router descriptor, but need_to_mirror=1.");
rs->need_to_mirror = 0;
continue;
}
if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
rs->need_to_mirror = 0;
continue;
}
if (digestmap_get(map, rs->descriptor_digest)) {
/* We're downloading it already. */
continue;
} else {
/* We could download it from this guy. */
smartlist_add(dl, rs->descriptor_digest);
++n_download;
}
});
});
/* At random, assign descriptors to authorities such that:
* - if d is a member of some downloadable[x], d is a member of some
* download_from[y]. (Everything we want to download, we try to download
* from somebody.)
* - If d is a member of download_from[y], d is a member of downloadable[y].
* (We only try to download descriptors from authorities who claim to have
* them.)
* - No d is a member of download_from[x] and download_from[y] s.t. x != y.
* (We don't try to download anything from two authorities concurrently.)
*/
while (n_download) {
int which_ns = crypto_rand_int(n);
smartlist_t *dl = downloadable[which_ns];
int idx;
char *d;
if (!smartlist_len(dl))
continue;
idx = crypto_rand_int(smartlist_len(dl));
d = smartlist_get(dl, idx);
if (! digestmap_get(map, d)) {
smartlist_add(download_from[which_ns], d);
digestmap_set(map, d, (void*) 1);
}
smartlist_del(dl, idx);
--n_download;
}
/* Now, we can actually launch our requests. */
for (i=0; i<n; ++i) {
networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
trusted_dir_server_t *ds =
router_get_trusteddirserver_by_digest(ns->identity_digest);
smartlist_t *dl = download_from[i];
int pds_flags = PDS_RETRY_IF_NO_SERVERS;
if (! authdir_mode_any_nonhidserv(options))
pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
if (!ds) {
log_warn(LD_BUG, "Networkstatus with no corresponding authority!");
continue;
}
if (! smartlist_len(dl))
continue;
log_info(LD_DIR, "Requesting %d descriptors from authority "%s"",
smartlist_len(dl), ds->nickname);
for (j=0; j < smartlist_len(dl); j += MAX_DL_PER_REQUEST) {
initiate_descriptor_downloads(&(ds->fake_status),
DIR_PURPOSE_FETCH_SERVERDESC, dl, j,
j+MAX_DL_PER_REQUEST, pds_flags);
}
}
for (i=0; i<n; ++i) {
smartlist_free(download_from[i]);
smartlist_free(downloadable[i]);
}
tor_free(download_from);
tor_free(downloadable);
digestmap_free(map,NULL);
}
/** For any descriptor that we want that's currently listed in the live
* consensus, download it as appropriate. */
static void
update_consensus_router_descriptor_downloads(time_t now)
{
or_options_t *options = get_options();
digestmap_t *map = NULL;
smartlist_t *no_longer_old = smartlist_create();
smartlist_t *downloadable = smartlist_create();
int authdir = authdir_mode(options);
networkstatus_t *consensus =
networkstatus_get_reasonably_live_consensus(now);
int n_delayed=0, n_have=0, n_would_reject=0, n_wouldnt_use=0,
n_inprogress=0, n_in_oldrouters=0;
if (directory_too_idle_to_fetch_descriptors(options, now))
goto done;
if (!consensus)
goto done;
map = digestmap_new();
list_pending_descriptor_downloads(map, 0);
SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
{
signed_descriptor_t *sd;
if ((sd = router_get_by_descriptor_digest(rs->descriptor_digest))) {
routerinfo_t *ri;
++n_have;
if (!(ri = router_get_by_digest(rs->identity_digest)) ||
memcmp(ri->cache_info.signed_descriptor_digest,
sd->signed_descriptor_digest, DIGEST_LEN)) {
/* We have a descriptor with this digest, but either there is no
* entry in routerlist with the same ID (!ri), or there is one,
* but the identity digest differs (memcmp).
*/
smartlist_add(no_longer_old, sd);
++n_in_oldrouters; /* We have it in old_routers. */
}
continue; /* We have it already. */
}
if (digestmap_get(map, rs->descriptor_digest)) {
++n_inprogress;
continue; /* We have an in-progress download. */
}
if (!download_status_is_ready(&rs->dl_status, now,
MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
++n_delayed; /* Not ready for retry. */
continue;
}
if (authdir && dirserv_would_reject_router(rs)) {
++n_would_reject;
continue; /* We would throw it out immediately. */
}
if (!directory_caches_dir_info(options) &&
!client_would_use_router(rs, now, options)) {
++n_wouldnt_use;
continue; /* We would never use it ourself. */
}
smartlist_add(downloadable, rs->descriptor_digest);
});
if (!authdir_mode_handles_descs(options, ROUTER_PURPOSE_GENERAL)
&& smartlist_len(no_longer_old)) {
routerlist_t *rl = router_get_routerlist();
log_info(LD_DIR, "%d router descriptors listed in consensus are "
"currently in old_routers; making them current.",
smartlist_len(no_longer_old));
SMARTLIST_FOREACH(no_longer_old, signed_descriptor_t *, sd, {
const char *msg;
was_router_added_t r;
routerinfo_t *ri = routerlist_reparse_old(rl, sd);
if (!ri) {
log_warn(LD_BUG, "Failed to re-parse a router.");
continue;
}
r = router_add_to_routerlist(ri, &msg, 1, 0);
if (WRA_WAS_OUTDATED(r)) {
log_warn(LD_DIR, "Couldn't add re-parsed router: %s",
msg?msg:"???");
}
});
routerlist_assert_ok(rl);
}
log_info(LD_DIR,
"%d router descriptors downloadable. %d delayed; %d present "
"(%d of those were in old_routers); %d would_reject; "
"%d wouldnt_use; %d in progress.",
smartlist_len(downloadable), n_delayed, n_have, n_in_oldrouters,
n_would_reject, n_wouldnt_use, n_inprogress);
launch_router_descriptor_downloads(downloadable, now);
digestmap_free(map, NULL);
done:
smartlist_free(downloadable);
smartlist_free(no_longer_old);
}
/** How often should we launch a server/authority request to be sure of getting
* a guess for our IP? */
/*XXXX021 this info should come from netinfo cells or something, or we should
* do this only when we aren't seeing incoming data. see bug 652. */
#define DUMMY_DOWNLOAD_INTERVAL (20*60)
/** Launch downloads for router status as needed. */
void
update_router_descriptor_downloads(time_t now)
{
or_options_t *options = get_options();
static time_t last_dummy_download = 0;
if (should_delay_dir_fetches(options))
return;
if (directory_fetches_dir_info_early(options)) {
update_router_descriptor_cache_downloads_v2(now);
}
update_consensus_router_descriptor_downloads(now);
/* XXXX021 we could be smarter here; see notes on bug 652. */
/* If we're a server that doesn't have a configured address, we rely on
* directory fetches to learn when our address changes. So if we haven't
* tried to get any routerdescs in a long time, try a dummy fetch now. */
if (!options->Address &&
server_mode(options) &&
last_routerdesc_download_attempted + DUMMY_DOWNLOAD_INTERVAL < now &&
last_dummy_download + DUMMY_DOWNLOAD_INTERVAL < now) {
last_dummy_download = now;
directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
ROUTER_PURPOSE_GENERAL, "authority.z",
PDS_RETRY_IF_NO_SERVERS);
}
}
/** Launch extrainfo downloads as needed. */
void
update_extrainfo_downloads(time_t now)
{
or_options_t *options = get_options();
routerlist_t *rl;
smartlist_t *wanted;
digestmap_t *pending;
int old_routers, i;
int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
if (! options->DownloadExtraInfo)
return;
if (should_delay_dir_fetches(options))
return;
if (!router_have_minimum_dir_info())
return;
pending = digestmap_new();
list_pending_descriptor_downloads(pending, 1);
rl = router_get_routerlist();
wanted = smartlist_create();
for (old_routers = 0; old_routers < 2; ++old_routers) {
smartlist_t *lst = old_routers ? rl->old_routers : rl->routers;
for (i = 0; i < smartlist_len(lst); ++i) {
signed_descriptor_t *sd;
char *d;
if (old_routers)
sd = smartlist_get(lst, i);
else
sd = &((routerinfo_t*)smartlist_get(lst, i))->cache_info;
if (sd->is_extrainfo)
continue; /* This should never happen. */
if (old_routers && !router_get_by_digest(sd->identity_digest))
continue; /* Couldn't check the signature if we got it. */
if (sd->extrainfo_is_bogus)
continue;
d = sd->extra_info_digest;
if (tor_digest_is_zero(d)) {
++n_no_ei;
continue;
}
if (eimap_get(rl->extra_info_map, d)) {
++n_have;
continue;
}
if (!download_status_is_ready(&sd->ei_dl_status, now,
MAX_ROUTERDESC_DOWNLOAD_FAILURES)) {
++n_delay;
continue;
}
if (digestmap_get(pending, d)) {
++n_pending;
continue;
}
smartlist_add(wanted, d);
}
}
digestmap_free(pending, NULL);
log_info(LD_DIR, "Extrainfo download status: %d router with no ei, %d "
"with present ei, %d delaying, %d pending, %d downloadable.",
n_no_ei, n_have, n_delay, n_pending, smartlist_len(wanted));
smartlist_shuffle(wanted);
for (i = 0; i < smartlist_len(wanted); i += MAX_DL_PER_REQUEST) {
initiate_descriptor_downloads(NULL, DIR_PURPOSE_FETCH_EXTRAINFO,
wanted, i, i + MAX_DL_PER_REQUEST,
PDS_RETRY_IF_NO_SERVERS|PDS_NO_EXISTING_SERVERDESC_FETCH);
}
smartlist_free(wanted);
}
/** True iff, the last time we checked whether we had enough directory info
* to build circuits, the answer was "yes". */
static int have_min_dir_info = 0;
/** True iff enough has changed since the last time we checked whether we had
* enough directory info to build circuits that our old answer can no longer
* be trusted. */
static int need_to_update_have_min_dir_info = 1;
/** String describing what we're missing before we have enough directory
* info. */
static char dir_info_status[128] = "";
/** Return true iff we have enough networkstatus and router information to
* start building circuits. Right now, this means "more than half the
* networkstatus documents, and at least 1/4 of expected routers." */
//XXX should consider whether we have enough exiting nodes here.
int
router_have_minimum_dir_info(void)
{
if (PREDICT_UNLIKELY(need_to_update_have_min_dir_info)) {
update_router_have_minimum_dir_info();
need_to_update_have_min_dir_info = 0;
}
return have_min_dir_info;
}
/** Called when our internal view of the directory has changed. This can be
* when the authorities change, networkstatuses change, the list of routerdescs
* changes, or number of running routers changes.
*/
void
router_dir_info_changed(void)
{
need_to_update_have_min_dir_info = 1;
rend_hsdir_routers_changed();
}
/** Return a string describing what we're missing before we have enough
* directory info. */
const char *
get_dir_info_status_string(void)
{
return dir_info_status;
}
/** Iterate over the servers listed in consensus, and count how many of
* them seem like ones we'd use, and how many of those we have
* descriptors for. Store the former in *num_usable and the latter in
* *num_present. */
static void
count_usable_descriptors(int *num_present, int *num_usable,
const networkstatus_t *consensus,
or_options_t *options, time_t now)
{
*num_present = 0, *num_usable=0;
SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs,
{
if (client_would_use_router(rs, now, options)) {
++*num_usable; /* the consensus says we want it. */
if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
/* we have the descriptor listed in the consensus. */
++*num_present;
}
}
});
log_debug(LD_DIR, "%d usable, %d present.", *num_usable, *num_present);
}
/** We just fetched a new set of descriptors. Compute how far through
* the "loading descriptors" bootstrapping phase we are, so we can inform
* the controller of our progress. */
int
count_loading_descriptors_progress(void)
{
int num_present = 0, num_usable=0;
time_t now = time(NULL);
const networkstatus_t *consensus =
networkstatus_get_reasonably_live_consensus(now);
double fraction;
if (!consensus)
return 0; /* can't count descriptors if we have no list of them */
count_usable_descriptors(&num_present, &num_usable,
consensus, get_options(), now);
if (num_usable == 0)
return 0; /* don't div by 0 */
fraction = num_present / (num_usable/4.);
if (fraction > 1.0)
return 0; /* it's not the number of descriptors holding us back */
return BOOTSTRAP_STATUS_LOADING_DESCRIPTORS + (int)
(fraction*(BOOTSTRAP_STATUS_CONN_OR-1 -
BOOTSTRAP_STATUS_LOADING_DESCRIPTORS));
}
/** Change the value of have_min_dir_info, setting it true iff we have enough
* network and router information to build circuits. Clear the value of
* need_to_update_have_min_dir_info. */
static void
update_router_have_minimum_dir_info(void)
{
int num_present = 0, num_usable=0;
time_t now = time(NULL);
int res;
or_options_t *options = get_options();
const networkstatus_t *consensus =
networkstatus_get_reasonably_live_consensus(now);
if (!consensus) {
if (!networkstatus_get_latest_consensus())
strlcpy(dir_info_status, "We have no network-status consensus.",
sizeof(dir_info_status));
else
strlcpy(dir_info_status, "We have no recent network-status consensus.",
sizeof(dir_info_status));
res = 0;
goto done;
}
if (should_delay_dir_fetches(get_options())) {
log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
strlcpy(dir_info_status, "No live bridge descriptors.",
sizeof(dir_info_status));
res = 0;
goto done;
}
count_usable_descriptors(&num_present, &num_usable, consensus, options, now);
if (num_present < num_usable/4) {
tor_snprintf(dir_info_status, sizeof(dir_info_status),
"We have only %d/%d usable descriptors.", num_present, num_usable);
res = 0;
control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS, 0);
} else if (num_present < 2) {
tor_snprintf(dir_info_status, sizeof(dir_info_status),
"Only %d descriptor%s here and believed reachable!",
num_present, num_present ? "" : "s");
res = 0;
} else {
res = 1;
}
done:
if (res && !have_min_dir_info) {
log(LOG_NOTICE, LD_DIR,
"We now have enough directory information to build circuits.");
control_event_client_status(LOG_NOTICE, "ENOUGH_DIR_INFO");
control_event_bootstrap(BOOTSTRAP_STATUS_CONN_OR, 0);
}
if (!res && have_min_dir_info) {
int quiet = directory_too_idle_to_fetch_descriptors(options, now);
log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
"Our directory information is no longer up-to-date "
"enough to build circuits: %s", dir_info_status);
control_event_client_status(LOG_NOTICE, "NOT_ENOUGH_DIR_INFO");
}
have_min_dir_info = res;
need_to_update_have_min_dir_info = 0;
}
/** Reset the descriptor download failure count on all routers, so that we
* can retry any long-failed routers immediately.
*/
void
router_reset_descriptor_download_failures(void)
{
networkstatus_reset_download_failures();
last_routerdesc_download_attempted = 0;
if (!routerlist)
return;
SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
{
download_status_reset(&ri->cache_info.ei_dl_status);
});
SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd,
{
download_status_reset(&sd->ei_dl_status);
});
}
/** Any changes in a router descriptor's publication time larger than this are
* automatically non-cosmetic. */
#define ROUTER_MAX_COSMETIC_TIME_DIFFERENCE (12*60*60)
/** We allow uptime to vary from how much it ought to be by this much. */
#define ROUTER_ALLOW_UPTIME_DRIFT (6*60*60)
/** Return true iff the only differences between r1 and r2 are such that
* would not cause a recent (post 0.1.1.6) dirserver to republish.
*/
int
router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
{
time_t r1pub, r2pub;
long time_difference;
tor_assert(r1 && r2);
/* r1 should be the one that was published first. */
if (r1->cache_info.published_on > r2->cache_info.published_on) {
routerinfo_t *ri_tmp = r2;
r2 = r1;
r1 = ri_tmp;
}
/* If any key fields differ, they're different. */
if (strcasecmp(r1->address, r2->address) ||
strcasecmp(r1->nickname, r2->nickname) ||
r1->or_port != r2->or_port ||
r1->dir_port != r2->dir_port ||
r1->purpose != r2->purpose ||
crypto_pk_cmp_keys(r1->onion_pkey, r2->onion_pkey) ||
crypto_pk_cmp_keys(r1->identity_pkey, r2->identity_pkey) ||
strcasecmp(r1->platform, r2->platform) ||
(r1->contact_info && !r2->contact_info) || /* contact_info is optional */
(!r1->contact_info && r2->contact_info) ||
(r1->contact_info && r2->contact_info &&
strcasecmp(r1->contact_info, r2->contact_info)) ||
r1->is_hibernating != r2->is_hibernating ||
r1->has_old_dnsworkers != r2->has_old_dnsworkers ||
cmp_addr_policies(r1->exit_policy, r2->exit_policy))
return 0;
if ((r1->declared_family == NULL) != (r2->declared_family == NULL))
return 0;
if (r1->declared_family && r2->declared_family) {
int i, n;
if (smartlist_len(r1->declared_family)!=smartlist_len(r2->declared_family))
return 0;
n = smartlist_len(r1->declared_family);
for (i=0; i < n; ++i) {
if (strcasecmp(smartlist_get(r1->declared_family, i),
smartlist_get(r2->declared_family, i)))
return 0;
}
}
/* Did bandwidth change a lot? */
if ((r1->bandwidthcapacity < r2->bandwidthcapacity/2) ||
(r2->bandwidthcapacity < r1->bandwidthcapacity/2))
return 0;
/* Did the bandwidthrate or bandwidthburst change? */
if ((r1->bandwidthrate != r2->bandwidthrate) ||
(r1->bandwidthburst != r2->bandwidthburst))
return 0;
/* Did more than 12 hours pass? */
if (r1->cache_info.published_on + ROUTER_MAX_COSMETIC_TIME_DIFFERENCE
< r2->cache_info.published_on)
return 0;
/* Did uptime fail to increase by approximately the amount we would think,
* give or take some slop? */
r1pub = r1->cache_info.published_on;
r2pub = r2->cache_info.published_on;
time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
time_difference > r1->uptime * .05 &&
time_difference > r2->uptime * .05)
return 0;
/* Otherwise, the difference is cosmetic. */
return 1;
}
/** Check whether ri (a.k.a. sd) is a router compatible with the
* extrainfo document
* ei. If no router is compatible with ei, ei should be
* dropped. Return 0 for "compatible", return 1 for "reject, and inform
* whoever uploaded ei, and return -1 for "reject silently.". If
* msg is present, set *msg to a description of the
* incompatibility (if any).
**/
int
routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
signed_descriptor_t *sd,
const char **msg)
{
int digest_matches, r=1;
tor_assert(ri);
tor_assert(ei);
if (!sd)
sd = &ri->cache_info;
if (ei->bad_sig) {
if (msg) *msg = "Extrainfo signature was bad, or signed with wrong key.";
return 1;
}
digest_matches = !memcmp(ei->cache_info.signed_descriptor_digest,
sd->extra_info_digest, DIGEST_LEN);
/* The identity must match exactly to have been generated at the same time
* by the same router. */
if (memcmp(ri->cache_info.identity_digest, ei->cache_info.identity_digest,
DIGEST_LEN)) {
if (msg) *msg = "Extrainfo nickname or identity did not match routerinfo";
goto err; /* different servers */
}
if (ei->pending_sig) {
char signed_digest[128];
if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
ei->bad_sig = 1;
tor_free(ei->pending_sig);
if (msg) *msg = "Extrainfo signature bad, or signed with wrong key";
goto err; /* Bad signature, or no match. */
}
ei->cache_info.send_unencrypted = ri->cache_info.send_unencrypted;
tor_free(ei->pending_sig);
}
if (ei->cache_info.published_on < sd->published_on) {
if (msg) *msg = "Extrainfo published time did not match routerdesc";
goto err;
} else if (ei->cache_info.published_on > sd->published_on) {
if (msg) *msg = "Extrainfo published time did not match routerdesc";
r = -1;
goto err;
}
if (!digest_matches) {
if (msg) *msg = "Extrainfo digest did not match value from routerdesc";
goto err; /* Digest doesn't match declared value. */
}
return 0;
err:
if (digest_matches) {
/* This signature was okay, and the digest was right: This is indeed the
* corresponding extrainfo. But insanely, it doesn't match the routerinfo
* that lists it. Don't try to fetch this one again. */
sd->extrainfo_is_bogus = 1;
}
return r;
}
/** Assert that the internal representation of rl is
* self-consistent. */
void
routerlist_assert_ok(routerlist_t *rl)
{
routerinfo_t *r2;
signed_descriptor_t *sd2;
if (!rl)
return;
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
{
r2 = rimap_get(rl->identity_map, r->cache_info.identity_digest);
tor_assert(r == r2);
sd2 = sdmap_get(rl->desc_digest_map,
r->cache_info.signed_descriptor_digest);
tor_assert(&(r->cache_info) == sd2);
tor_assert(r->cache_info.routerlist_index == r_sl_idx);
/* XXXX
*
* Hoo boy. We need to fix this one, and the fix is a bit tricky, so
* commenting this out is just a band-aid.
*
* The problem is that, although well-behaved router descriptors
* should never have the same value for their extra_info_digest, it's
* possible for ill-behaved routers to claim whatever they like there.
*
* The real answer is to trash desc_by_eid_map and instead have
* something that indicates for a given extra-info digest we want,
* what its download status is. We'll do that as a part of routerlist
* refactoring once consensus directories are in. For now,
* this rep violation is probably harmless: an adversary can make us
* reset our retry count for an extrainfo, but that's not the end
* of the world. Changing the representation in 0.2.0.x would just
* destabilize the codebase.
if (!tor_digest_is_zero(r->cache_info.extra_info_digest)) {
signed_descriptor_t *sd3 =
sdmap_get(rl->desc_by_eid_map, r->cache_info.extra_info_digest);
tor_assert(sd3 == &(r->cache_info));
}
*/
});
SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,
{
r2 = rimap_get(rl->identity_map, sd->identity_digest);
tor_assert(sd != &(r2->cache_info));
sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
tor_assert(sd == sd2);
tor_assert(sd->routerlist_index == sd_sl_idx);
/* XXXX see above.
if (!tor_digest_is_zero(sd->extra_info_digest)) {
signed_descriptor_t *sd3 =
sdmap_get(rl->desc_by_eid_map, sd->extra_info_digest);
tor_assert(sd3 == sd);
}
*/
});
RIMAP_FOREACH(rl->identity_map, d, r) {
tor_assert(!memcmp(r->cache_info.identity_digest, d, DIGEST_LEN));
} DIGESTMAP_FOREACH_END;
SDMAP_FOREACH(rl->desc_digest_map, d, sd) {
tor_assert(!memcmp(sd->signed_descriptor_digest, d, DIGEST_LEN));
} DIGESTMAP_FOREACH_END;
SDMAP_FOREACH(rl->desc_by_eid_map, d, sd) {
tor_assert(!tor_digest_is_zero(d));
tor_assert(sd);
tor_assert(!memcmp(sd->extra_info_digest, d, DIGEST_LEN));
} DIGESTMAP_FOREACH_END;
EIMAP_FOREACH(rl->extra_info_map, d, ei) {
signed_descriptor_t *sd;
tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
d, DIGEST_LEN));
sd = sdmap_get(rl->desc_by_eid_map,
ei->cache_info.signed_descriptor_digest);
// tor_assert(sd); // XXXX see above
if (sd) {
tor_assert(!memcmp(ei->cache_info.signed_descriptor_digest,
sd->extra_info_digest, DIGEST_LEN));
}
} DIGESTMAP_FOREACH_END;
}
/** Allocate and return a new string representing the contact info
* and platform string for router,
* surrounded by quotes and using standard C escapes.
*
* THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main
* thread. Also, each call invalidates the last-returned value, so don't
* try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));
*
* If router is NULL, it just frees its internal memory and returns.
*/
const char *
esc_router_info(routerinfo_t *router)
{
static char *info=NULL;
char *esc_contact, *esc_platform;
size_t len;
if (info)
tor_free(info);
if (!router)
return NULL; /* we're exiting; just free the memory we use */
esc_contact = esc_for_log(router->contact_info);
esc_platform = esc_for_log(router->platform);
len = strlen(esc_contact)+strlen(esc_platform)+32;
info = tor_malloc(len);
tor_snprintf(info, len, "Contact %s, Platform %s", esc_contact,
esc_platform);
tor_free(esc_contact);
tor_free(esc_platform);
return info;
}
/** Helper for sorting: compare two routerinfos by their identity
* digest. */
static int
_compare_routerinfo_by_id_digest(const void **a, const void **b)
{
routerinfo_t *first = *(routerinfo_t **)a, *second = *(routerinfo_t **)b;
return memcmp(first->cache_info.identity_digest,
second->cache_info.identity_digest,
DIGEST_LEN);
}
/** Sort a list of routerinfo_t in ascending order of identity digest. */
void
routers_sort_by_identity(smartlist_t *routers)
{
smartlist_sort(routers, _compare_routerinfo_by_id_digest);
}
/** A routerset specifies constraints on a set of possible routerinfos, based
* on their names, identities, or addresses. It is optimized for determining
* whether a router is a member or not, in O(1+P) time, where P is the number
* of address policy constraints. */
struct routerset_t {
/** A list of strings for the elements of the policy. Each string is either
* a nickname, a hexadecimal identity fingerprint, or an address policy. A
* router belongs to the set if its nickname OR its identity OR its address
* matches an entry here. */
smartlist_t *list;
/** A map from lowercase nicknames of routers in the set to (void*)1 */
strmap_t *names;
/** A map from identity digests routers in the set to (void*)1 */
digestmap_t *digests;
/** An address policy for routers in the set. For implementation reasons,
* a router belongs to the set if it is _rejected_ by this policy. */
smartlist_t *policies;
/** A human-readable description of what this routerset is for. Used in
* log messages. */
char *description;
/** A list of the country codes in this set. */
smartlist_t *country_names;
/** Total number of countries we knew about when we built countries.*/
int n_countries;
/** Bit array mapping the return value of geoip_get_country() to 1 iff the
* country is a member of this routerset. Note that we MUST call
* routerset_refresh_countries() whenever the geoip country list is
* reloaded. */
bitarray_t *countries;
};
/** Return a new empty routerset. */
routerset_t *
routerset_new(void)
{
routerset_t *result = tor_malloc_zero(sizeof(routerset_t));
result->list = smartlist_create();
result->names = strmap_new();
result->digests = digestmap_new();
result->policies = smartlist_create();
result->country_names = smartlist_create();
return result;
}
/** If c is a country code in the form {cc}, return a newly allocated
* string holding the "cc" part. Else, return NULL. */
static char *
routerset_get_countryname(const char *c)
{
char *country;
if (strlen(c) < 4 || c[0] !='{' || c[3] !='}')
return NULL;
country = tor_strndup(c+1, 2);
tor_strlower(country);
return country;
}
#if 0
/** Add the GeoIP database's integer index (+1) of a valid two-character
* country code to the routerset's countries bitarray. Return the
* integer index if the country code is valid, -1 otherwise.*/
static int
routerset_add_country(const char *c)
{
char country[3];
country_t cc;
/* XXXX: Country codes must be of the form {[a-z?]{2}} but this accepts
{[.]{2}}. Do we need to be strict? -RH */
/* Nope; if the country code is bad, we'll get 0 when we look it up. */
if (!geoip_is_loaded()) {
log(LOG_WARN, LD_CONFIG, "GeoIP database not loaded: Cannot add country"
"entry %s, ignoring.", c);
return -1;
}
memcpy(country, c+1, 2);
country[2] = '';
tor_strlower(country);
if ((cc=geoip_get_country(country))==-1) {
log(LOG_WARN, LD_CONFIG, "Country code '%s' is not valid, ignoring.",
country);
}
return cc;
}
#endif
/** Update the routerset's countries bitarray_t. Called whenever
* the GeoIP database is reloaded.
*/
void
routerset_refresh_countries(routerset_t *target)
{
int cc;
if (target->countries) {
bitarray_free(target->countries);
}
if (!geoip_is_loaded()) {
target->countries = NULL;
target->n_countries = 0;
return;
}
target->n_countries = geoip_get_n_countries();
target->countries = bitarray_init_zero(target->n_countries);
SMARTLIST_FOREACH_BEGIN(target->country_names, const char *, country) {
cc = geoip_get_country(country);
if (cc >= 0) {
tor_assert(cc < target->n_countries);
bitarray_set(target->countries, cc);
} else {
log(LOG_WARN, LD_CONFIG, "Country code '%s' is not recognized.",
country);
}
} SMARTLIST_FOREACH_END(country);
}
/** Parse the string s to create a set of routerset entries, and add
* them to target. In log messages, refer to the string as
* description. Return 0 on success, -1 on failure.
*
* Three kinds of elements are allowed in routersets: nicknames, IP address
* patterns, and fingerprints. They may be surrounded by optional space, and
* must be separated by commas.
*/
int
routerset_parse(routerset_t *target, const char *s, const char *description)
{
int r = 0;
int added_countries = 0;
char *countryname;
smartlist_t *list = smartlist_create();
smartlist_split_string(list, s, ",",
SPLIT_SKIP_SPACE | SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH_BEGIN(list, char *, nick) {
addr_policy_t *p;
if (is_legal_hexdigest(nick)) {
char d[DIGEST_LEN];
if (*nick == '$')
++nick;
log_debug(LD_CONFIG, "Adding identity %s to %s", nick, description);
base16_decode(d, sizeof(d), nick, HEX_DIGEST_LEN);
digestmap_set(target->digests, d, (void*)1);
} else if (is_legal_nickname(nick)) {
log_debug(LD_CONFIG, "Adding nickname %s to %s", nick, description);
strmap_set_lc(target->names, nick, (void*)1);
} else if ((countryname = routerset_get_countryname(nick)) != NULL) {
log_debug(LD_CONFIG, "Adding country %s to %s", nick,
description);
smartlist_add(target->country_names, countryname);
added_countries = 1;
} else if ((strchr(nick,'.') || strchr(nick, '*')) &&
(p = router_parse_addr_policy_item_from_string(
nick, ADDR_POLICY_REJECT))) {
log_debug(LD_CONFIG, "Adding address %s to %s", nick, description);
smartlist_add(target->policies, p);
} else {
log_warn(LD_CONFIG, "Entry '%s' in %s is misformed.", nick,
description);
r = -1;
tor_free(nick);
SMARTLIST_DEL_CURRENT(list, nick);
}
} SMARTLIST_FOREACH_END(nick);
smartlist_add_all(target->list, list);
smartlist_free(list);
if (added_countries)
routerset_refresh_countries(target);
return r;
}
/** DOCDOC */
void
refresh_all_country_info(void)
{
or_options_t *options = get_options();
if (options->EntryNodes)
routerset_refresh_countries(options->EntryNodes);
if (options->ExitNodes)
routerset_refresh_countries(options->ExitNodes);
if (options->ExcludeNodes)
routerset_refresh_countries(options->ExcludeNodes);
if (options->ExcludeExitNodes)
routerset_refresh_countries(options->ExcludeExitNodes);
if (options->_ExcludeExitNodesUnion)
routerset_refresh_countries(options->_ExcludeExitNodesUnion);
routerlist_refresh_countries();
}
/** Add all members of the set source to target. */
void
routerset_union(routerset_t *target, const routerset_t *source)
{
char *s;
tor_assert(target);
if (!source || !source->list)
return;
s = routerset_to_string(source);
routerset_parse(target, s, "other routerset");
tor_free(s);
}
/** Return true iff set lists only nicknames and digests, and includes
* no IP ranges or countries. */
int
routerset_is_list(const routerset_t *set)
{
return smartlist_len(set->country_names) == 0 &&
smartlist_len(set->policies) == 0;
}
/** Return true iff we need a GeoIP IP-to-country database to make sense of
* set. */
int
routerset_needs_geoip(const routerset_t *set)
{
return set && smartlist_len(set->country_names);
}
/** Return true iff there are no entries in set. */
static int
routerset_is_empty(const routerset_t *set)
{
return !set || smartlist_len(set->list) == 0;
}
/** Helper. Return true iff set contains a router based on the other
* provided fields. Return higher values for more specific subentries: a
* single router is more specific than an address range of routers, which is
* more specific in turn than a country code.
*
* (If country is -1, then we take the country
* from addr.) */
static int
routerset_contains(const routerset_t *set, const tor_addr_t *addr,
uint16_t orport,
const char *nickname, const char *id_digest, int is_named,
country_t country)
{
if (!set || !set->list) return 0;
(void) is_named; /* not supported */
if (nickname && strmap_get_lc(set->names, nickname))
return 4;
if (id_digest && digestmap_get(set->digests, id_digest))
return 4;
if (addr && compare_tor_addr_to_addr_policy(addr, orport, set->policies)
== ADDR_POLICY_REJECTED)
return 3;
if (set->countries) {
if (country < 0 && addr)
country = geoip_get_country_by_ip(tor_addr_to_ipv4h(addr));
if (country >= 0 && country < set->n_countries &&
bitarray_is_set(set->countries, country))
return 2;
}
return 0;
}
/** Return true iff we can tell that ei is a member of set. */
int
routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
{
return routerset_contains(set,
&ei->addr,
ei->port,
ei->nickname,
ei->identity_digest,
-1, /*is_named*/
-1 /*country*/);
}
/** Return true iff ri is in set. */
int
routerset_contains_router(const routerset_t *set, routerinfo_t *ri)
{
tor_addr_t addr;
tor_addr_from_ipv4h(&addr, ri->addr);
return routerset_contains(set,
&addr,
ri->or_port,
ri->nickname,
ri->cache_info.identity_digest,
ri->is_named,
ri->country);
}
/** Return true iff rs is in set. */
int
routerset_contains_routerstatus(const routerset_t *set, routerstatus_t *rs)
{
tor_addr_t addr;
tor_addr_from_ipv4h(&addr, rs->addr);
return routerset_contains(set,
&addr,
rs->or_port,
rs->nickname,
rs->identity_digest,
rs->is_named,
-1);
}
/** Add every known routerinfo_t that is a member of routerset to
* out. If running_only, only add the running ones. */
void
routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
int running_only)
{
tor_assert(out);
if (!routerset || !routerset->list)
return;
if (!warned_nicknames)
warned_nicknames = smartlist_create();
if (routerset_is_list(routerset)) {
/* No routers are specified by type; all are given by name or digest.
* we can do a lookup in O(len(list)). */
SMARTLIST_FOREACH(routerset->list, const char *, name, {
routerinfo_t *router = router_get_by_nickname(name, 1);
if (router) {
if (!running_only || router->is_running)
smartlist_add(out, router);
}
});
} else {
/* We need to iterate over the routerlist to get all the ones of the
* right kind. */
routerlist_t *rl = router_get_routerlist();
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
if (running_only && !router->is_running)
continue;
if (routerset_contains_router(routerset, router))
smartlist_add(out, router);
});
}
}
/** Add to target every routerinfo_t from source that is in
* include, but not excluded in a more specific fashion by
* exclude. If running_only, only include running routers.
*/
void
routersets_get_disjunction(smartlist_t *target,
const smartlist_t *source,
const routerset_t *include,
const routerset_t *exclude, int running_only)
{
SMARTLIST_FOREACH(source, routerinfo_t *, router, {
int include_result;
if (running_only && !router->is_running)
continue;
if (!routerset_is_empty(include))
include_result = routerset_contains_router(include, router);
else
include_result = 1;
if (include_result) {
int exclude_result = routerset_contains_router(exclude, router);
if (include_result >= exclude_result)
smartlist_add(target, router);
}
});
}
/** Remove every routerinfo_t from lst that is in routerset. */
void
routerset_subtract_routers(smartlist_t *lst, const routerset_t *routerset)
{
tor_assert(lst);
if (!routerset)
return;
SMARTLIST_FOREACH(lst, routerinfo_t *, r, {
if (routerset_contains_router(routerset, r)) {
//log_debug(LD_DIR, "Subtracting %s",r->nickname);
SMARTLIST_DEL_CURRENT(lst, r);
}
});
}
/** Return a new string that when parsed by routerset_parse_string() will
* yield set. */
char *
routerset_to_string(const routerset_t *set)
{
if (!set || !set->list)
return tor_strdup("");
return smartlist_join_strings(set->list, ",", 0, NULL);
}
/** Helper: return true iff old and new are both NULL, or both non-NULL
* equal routersets. */
int
routerset_equal(const routerset_t *old, const routerset_t *new)
{
if (old == NULL && new == NULL)
return 1;
else if (old == NULL || new == NULL)
return 0;
if (smartlist_len(old->list) != smartlist_len(new->list))
return 0;
SMARTLIST_FOREACH(old->list, const char *, cp1, {
const char *cp2 = smartlist_get(new->list, cp1_sl_idx);
if (strcmp(cp1, cp2))
return 0;
});
return 1;
#if 0
/* XXXX: This won't work if the names/digests are identical but in a
different order. Checking for exact equality would be heavy going,
is it worth it? -RH*/
/* This code is totally bogus; sizeof doesn't work even remotely like this
* code seems to think. Let's revert to a string-based comparison for
* now. -NM*/
if (sizeof(old->names) != sizeof(new->names))
return 0;
if (memcmp(old->names,new->names,sizeof(new->names)))
return 0;
if (sizeof(old->digests) != sizeof(new->digests))
return 0;
if (memcmp(old->digests,new->digests,sizeof(new->digests)))
return 0;
if (sizeof(old->countries) != sizeof(new->countries))
return 0;
if (memcmp(old->countries,new->countries,sizeof(new->countries)))
return 0;
return 1;
#endif
}
/** Free all storage held in routerset. */
void
routerset_free(routerset_t *routerset)
{
SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
smartlist_free(routerset->list);
SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
addr_policy_free(p));
smartlist_free(routerset->policies);
SMARTLIST_FOREACH(routerset->country_names, char *, cp, tor_free(cp));
smartlist_free(routerset->country_names);
strmap_free(routerset->names, NULL);
digestmap_free(routerset->digests, NULL);
if (routerset->countries)
bitarray_free(routerset->countries);
tor_free(routerset);
}
/** Refresh the country code of ri. This function MUST be called on
* each router when the GeoIP database is reloaded, and on all new routers. */
void
routerinfo_set_country(routerinfo_t *ri)
{
ri->country = geoip_get_country_by_ip(ri->addr);
}
/** Set the country code of all routers in the routerlist. */
void
routerlist_refresh_countries(void)
{
routerlist_t *rl = router_get_routerlist();
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
routerinfo_set_country(ri));
}
/** Determine the routers that are responsible for id (binary) and
* add pointers to those routers' routerstatus_t to responsible_dirs.
* Return -1 if we're returning an empty smartlist, else return 0.
*/
int
hid_serv_get_responsible_directories(smartlist_t *responsible_dirs,
const char *id)
{
int start, found, n_added = 0, i;
networkstatus_t *c = networkstatus_get_latest_consensus();
int use_begindir = get_options()->TunnelDirConns;
if (!c || !smartlist_len(c->routerstatus_list)) {
log_warn(LD_REND, "We don't have a consensus, so we can't perform v2 "
"rendezvous operations.");
return -1;
}
tor_assert(id);
start = networkstatus_vote_find_entry_idx(c, id, &found);
if (start == smartlist_len(c->routerstatus_list)) start = 0;
i = start;
do {
routerstatus_t *r = smartlist_get(c->routerstatus_list, i);
if (r->is_hs_dir) {
if (r->dir_port || use_begindir)
smartlist_add(responsible_dirs, r);
else
log_info(LD_REND, "Not adding router '%s' to list of responsible "
"hidden service directories, because we have no way of "
"reaching it.", r->nickname);
if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
break;
}
if (++i == smartlist_len(c->routerstatus_list))
i = 0;
} while (i != start);
/* Even though we don't have the desired number of hidden service
* directories, be happy if we got any. */
return smartlist_len(responsible_dirs) ? 0 : -1;
}
/** Return true if this node is currently acting as hidden service
* directory, false otherwise. */
int
hid_serv_acting_as_directory(void)
{
routerinfo_t *me = router_get_my_routerinfo();
networkstatus_t *c;
routerstatus_t *rs;
if (!me)
return 0;
if (!get_options()->HidServDirectoryV2) {
log_info(LD_REND, "We are not acting as hidden service directory, "
"because we have not been configured as such.");
return 0;
}
if (!(c = networkstatus_get_latest_consensus())) {
log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden "
"service directory");
return 0;
}
rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest);
if (!rs) {
log_info(LD_REND, "We're not listed in the consensus, so we're not "
"being a hidden service directory.");
return 0;
}
if (!rs->is_hs_dir) {
log_info(LD_REND, "We're not listed as a hidden service directory in "
"the consensus, so we won't be one.");
return 0;
}
return 1;
}
/** Return true if this node is responsible for storing the descriptor ID
* in query and false otherwise. */
int
hid_serv_responsible_for_desc_id(const char *query)
{
routerinfo_t *me;
routerstatus_t *last_rs;
const char *my_id, *last_id;
int result;
smartlist_t *responsible;
if (!hid_serv_acting_as_directory())
return 0;
if (!(me = router_get_my_routerinfo()))
return 0; /* This is redundant, but let's be paranoid. */
my_id = me->cache_info.identity_digest;
responsible = smartlist_create();
if (hid_serv_get_responsible_directories(responsible, query) < 0) {
smartlist_free(responsible);
return 0;
}
last_rs = smartlist_get(responsible, smartlist_len(responsible)-1);
last_id = last_rs->identity_digest;
result = rend_id_is_in_interval(my_id, query, last_id);
smartlist_free(responsible);
return result;
}