2007-10-08 23:21:50 +02:00
|
|
|
/* Copyright (c) 2001 Matej Pfajfar.
|
|
|
|
* Copyright (c) 2001-2004, Roger Dingledine.
|
2007-12-12 22:09:01 +01:00
|
|
|
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
2012-06-05 02:58:17 +02:00
|
|
|
* Copyright (c) 2007-2012, The Tor Project, Inc. */
|
2007-10-08 23:21:50 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
|
|
|
/**
|
2008-02-12 21:20:52 +01:00
|
|
|
* \file networkstatus.c
|
|
|
|
* \brief Functions and structures for handling network status documents as a
|
2007-10-18 16:19:51 +02:00
|
|
|
* client or cache.
|
2007-10-08 23:21:50 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include "or.h"
|
2012-10-02 05:27:51 +02:00
|
|
|
#include "channel.h"
|
2010-07-22 01:21:00 +02:00
|
|
|
#include "circuitbuild.h"
|
2012-10-01 10:53:59 +02:00
|
|
|
#include "circuitmux.h"
|
|
|
|
#include "circuitmux_ewma.h"
|
2010-07-22 10:22:51 +02:00
|
|
|
#include "config.h"
|
2010-07-22 10:32:52 +02:00
|
|
|
#include "connection.h"
|
2010-08-15 10:01:42 +02:00
|
|
|
#include "connection_or.h"
|
2010-07-22 11:35:09 +02:00
|
|
|
#include "control.h"
|
2010-07-22 11:54:50 +02:00
|
|
|
#include "directory.h"
|
2010-07-22 12:09:49 +02:00
|
|
|
#include "dirserv.h"
|
2010-07-22 12:19:28 +02:00
|
|
|
#include "dirvote.h"
|
2010-08-15 10:01:42 +02:00
|
|
|
#include "main.h"
|
2010-09-21 22:16:56 +02:00
|
|
|
#include "microdesc.h"
|
2010-07-23 20:18:55 +02:00
|
|
|
#include "networkstatus.h"
|
2010-09-28 19:29:31 +02:00
|
|
|
#include "nodelist.h"
|
2010-07-23 21:53:11 +02:00
|
|
|
#include "relay.h"
|
2010-07-21 16:17:10 +02:00
|
|
|
#include "router.h"
|
2010-07-21 17:08:11 +02:00
|
|
|
#include "routerlist.h"
|
2010-07-23 23:23:43 +02:00
|
|
|
#include "routerparse.h"
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/* For tracking v2 networkstatus documents. Only caches do this now. */
|
2007-10-16 01:15:24 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Map from descriptor digest of routers listed in the v2 networkstatus
|
|
|
|
* documents to download_status_t* */
|
2007-10-16 01:15:24 +02:00
|
|
|
static digestmap_t *v2_download_status_map = NULL;
|
|
|
|
/** Global list of all of the current v2 network_status documents that we know
|
2007-10-08 23:21:50 +02:00
|
|
|
* about. This list is kept sorted by published_on. */
|
2007-10-16 01:15:24 +02:00
|
|
|
static smartlist_t *networkstatus_v2_list = NULL;
|
2007-10-18 16:19:51 +02:00
|
|
|
/** True iff any member of networkstatus_v2_list has changed since the last
|
|
|
|
* time we called download_status_map_update_from_v2_networkstatus() */
|
|
|
|
static int networkstatus_v2_list_has_changed = 0;
|
|
|
|
|
2007-10-19 20:56:24 +02:00
|
|
|
/** Map from lowercase nickname to identity digest of named server, if any. */
|
2007-10-18 16:19:51 +02:00
|
|
|
static strmap_t *named_server_map = NULL;
|
2007-10-19 20:56:24 +02:00
|
|
|
/** Map from lowercase nickname to (void*)1 for all names that are listed
|
|
|
|
* as unnamed for some server in the consensus. */
|
|
|
|
static strmap_t *unnamed_server_map = NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
/** Most recently received and validated v3 consensus network status,
|
|
|
|
* of whichever type we are using for our own circuits. This will be the same
|
|
|
|
* as one of current_ns_consensus or current_md_consensus.
|
|
|
|
*/
|
2010-11-08 20:21:32 +01:00
|
|
|
#define current_consensus \
|
|
|
|
(we_use_microdescriptors_for_circuits(get_options()) ? \
|
|
|
|
current_md_consensus : current_ns_consensus)
|
2010-09-17 04:12:03 +02:00
|
|
|
|
|
|
|
/** Most recently received and validated v3 "ns"-flavored consensus network
|
|
|
|
* status. */
|
|
|
|
static networkstatus_t *current_ns_consensus = NULL;
|
|
|
|
|
|
|
|
/** Most recently received and validated v3 "microdec"-flavored consensus
|
|
|
|
* network status. */
|
|
|
|
static networkstatus_t *current_md_consensus = NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** A v3 consensus networkstatus that we've received, but which we don't
|
|
|
|
* have enough certificates to be happy about. */
|
2009-10-13 23:06:01 +02:00
|
|
|
typedef struct consensus_waiting_for_certs_t {
|
|
|
|
/** The consensus itself. */
|
|
|
|
networkstatus_t *consensus;
|
|
|
|
/** The encoded version of the consensus, nul-terminated. */
|
|
|
|
char *body;
|
|
|
|
/** When did we set the current value of consensus_waiting_for_certs? If
|
|
|
|
* this is too recent, we shouldn't try to fetch a new consensus for a
|
|
|
|
* little while, to give ourselves time to get certificates for this one. */
|
|
|
|
time_t set_at;
|
|
|
|
/** Set to 1 if we've been holding on to it for so long we should maybe
|
|
|
|
* treat it as being bad. */
|
|
|
|
int dl_failed;
|
|
|
|
} consensus_waiting_for_certs_t;
|
|
|
|
|
2012-06-05 06:17:54 +02:00
|
|
|
/** An array, for each flavor of consensus we might want, of consensuses that
|
|
|
|
* we have downloaded, but which we cannot verify due to having insufficient
|
|
|
|
* authority certificates. */
|
2009-10-13 23:06:01 +02:00
|
|
|
static consensus_waiting_for_certs_t
|
|
|
|
consensus_waiting_for_certs[N_CONSENSUS_FLAVORS];
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** The last time we tried to download a networkstatus, or 0 for "never". We
|
|
|
|
* use this to rate-limit download attempts for directory caches (including
|
|
|
|
* mirrors). Clients don't use this now. */
|
|
|
|
static time_t last_networkstatus_download_attempted = 0;
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** A time before which we shouldn't try to replace the current consensus:
|
|
|
|
* this will be at some point after the next consensus becomes valid, but
|
|
|
|
* before the current consensus becomes invalid. */
|
2012-03-28 08:55:33 +02:00
|
|
|
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS];
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Download status for the current consensus networkstatus. */
|
2009-10-13 23:06:01 +02:00
|
|
|
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS];
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** True iff we have logged a warning about this OR's version being older than
|
2007-11-29 16:23:41 +01:00
|
|
|
* listed by the authorities. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static int have_warned_about_old_version = 0;
|
|
|
|
/** True iff we have logged a warning about this OR's version being newer than
|
2007-11-29 16:23:41 +01:00
|
|
|
* listed by the authorities. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static int have_warned_about_new_version = 0;
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
static void download_status_map_update_from_v2_networkstatus(void);
|
2007-10-16 01:15:24 +02:00
|
|
|
static void routerstatus_list_update_named_server_map(void);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Forget that we've warned about anything networkstatus-related, so we will
|
|
|
|
* give fresh warnings if the same behavior happens again. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
networkstatus_reset_warnings(void)
|
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
if (current_consensus) {
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
|
|
|
|
node->name_lookup_warned = 0);
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
have_warned_about_old_version = 0;
|
|
|
|
have_warned_about_new_version = 0;
|
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
/** Reset the descriptor download failure count on all networkstatus docs, so
|
|
|
|
* that we can retry any long-failed documents immediately.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
networkstatus_reset_download_failures(void)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2007-10-16 01:15:24 +02:00
|
|
|
const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
|
2012-07-17 16:41:24 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(networkstatus_v2_list, networkstatus_v2_t *, ns) {
|
|
|
|
SMARTLIST_FOREACH_BEGIN(ns->entries, routerstatus_t *, rs) {
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!router_get_by_descriptor_digest(rs->descriptor_digest))
|
|
|
|
rs->need_to_mirror = 1;
|
2012-07-17 16:41:24 +02:00
|
|
|
} SMARTLIST_FOREACH_END(rs);
|
|
|
|
} SMARTLIST_FOREACH_END(ns);
|
2007-10-16 01:15:24 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
|
|
|
|
download_status_reset(&consensus_dl_status[i]);
|
2007-10-16 01:15:24 +02:00
|
|
|
if (v2_download_status_map) {
|
|
|
|
digestmap_iter_t *iter;
|
|
|
|
digestmap_t *map = v2_download_status_map;
|
|
|
|
const char *key;
|
|
|
|
void *val;
|
|
|
|
download_status_t *dls;
|
2007-10-16 19:21:03 +02:00
|
|
|
for (iter = digestmap_iter_init(map); !digestmap_iter_done(iter);
|
|
|
|
iter = digestmap_iter_next(map, iter) ) {
|
2007-10-16 01:15:24 +02:00
|
|
|
digestmap_iter_get(iter, &key, &val);
|
|
|
|
dls = val;
|
|
|
|
download_status_reset(dls);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Repopulate our list of network_status_t objects from the list cached on
|
|
|
|
* disk. Return 0 on success, -1 on failure. */
|
|
|
|
int
|
2007-10-16 01:15:24 +02:00
|
|
|
router_reload_v2_networkstatus(void)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
smartlist_t *entries;
|
|
|
|
struct stat st;
|
|
|
|
char *s;
|
2007-10-17 18:55:44 +02:00
|
|
|
char *filename = get_datadir_fname("cached-status");
|
2008-01-10 19:08:42 +01:00
|
|
|
int maybe_delete = !directory_caches_v2_dir_info(get_options());
|
|
|
|
time_t now = time(NULL);
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!networkstatus_v2_list)
|
2012-01-18 21:53:30 +01:00
|
|
|
networkstatus_v2_list = smartlist_new();
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
entries = tor_listdir(filename);
|
2008-01-10 19:08:42 +01:00
|
|
|
if (!entries) { /* dir doesn't exist */
|
|
|
|
tor_free(filename);
|
|
|
|
return 0;
|
|
|
|
} else if (!smartlist_len(entries) && maybe_delete) {
|
|
|
|
rmdir(filename);
|
|
|
|
tor_free(filename);
|
2008-12-18 06:15:11 +01:00
|
|
|
smartlist_free(entries);
|
2007-12-22 12:42:12 +01:00
|
|
|
return 0;
|
2008-01-10 19:08:42 +01:00
|
|
|
}
|
|
|
|
tor_free(filename);
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(entries, const char *, fn) {
|
2007-10-08 23:21:50 +02:00
|
|
|
char buf[DIGEST_LEN];
|
2008-01-10 19:08:42 +01:00
|
|
|
if (maybe_delete) {
|
|
|
|
filename = get_datadir_fname2("cached-status", fn);
|
|
|
|
remove_file_if_very_old(filename, now);
|
|
|
|
tor_free(filename);
|
|
|
|
continue;
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
if (strlen(fn) != HEX_DIGEST_LEN ||
|
|
|
|
base16_decode(buf, sizeof(buf), fn, strlen(fn))) {
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"Skipping cached-status file with unexpected name \"%s\"",fn);
|
|
|
|
continue;
|
|
|
|
}
|
2007-10-17 18:55:44 +02:00
|
|
|
filename = get_datadir_fname2("cached-status", fn);
|
2007-10-08 23:21:50 +02:00
|
|
|
s = read_file_to_str(filename, 0, &st);
|
|
|
|
if (s) {
|
2007-10-16 01:15:24 +02:00
|
|
|
if (router_set_networkstatus_v2(s, st.st_mtime, NS_FROM_CACHE,
|
|
|
|
NULL)<0) {
|
2007-10-08 23:21:50 +02:00
|
|
|
log_warn(LD_FS, "Couldn't load networkstatus from \"%s\"",filename);
|
|
|
|
}
|
|
|
|
tor_free(s);
|
|
|
|
}
|
2007-10-17 18:55:44 +02:00
|
|
|
tor_free(filename);
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(fn);
|
2007-10-08 23:21:50 +02:00
|
|
|
SMARTLIST_FOREACH(entries, char *, fn, tor_free(fn));
|
|
|
|
smartlist_free(entries);
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_list_clean(time(NULL));
|
2007-11-11 18:37:59 +01:00
|
|
|
routers_update_all_from_networkstatus(time(NULL), 2);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
/** Read every cached v3 consensus networkstatus from the disk. */
|
2007-10-08 23:21:50 +02:00
|
|
|
int
|
|
|
|
router_reload_consensus_networkstatus(void)
|
|
|
|
{
|
2007-10-17 18:55:44 +02:00
|
|
|
char *filename;
|
2007-10-08 23:21:50 +02:00
|
|
|
char *s;
|
2007-10-29 00:44:53 +01:00
|
|
|
struct stat st;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2008-01-07 20:15:34 +01:00
|
|
|
const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
|
2009-10-13 23:06:01 +02:00
|
|
|
int flav;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2008-12-18 17:11:03 +01:00
|
|
|
/* FFFF Suppress warnings if cached consensus is bad? */
|
2009-10-13 23:06:01 +02:00
|
|
|
for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
|
|
|
|
char buf[128];
|
|
|
|
const char *flavor = networkstatus_get_flavor_name(flav);
|
|
|
|
if (flav == FLAV_NS) {
|
|
|
|
filename = get_datadir_fname("cached-consensus");
|
|
|
|
} else {
|
|
|
|
tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
|
|
|
|
filename = get_datadir_fname(buf);
|
|
|
|
}
|
|
|
|
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
|
|
|
|
if (s) {
|
|
|
|
if (networkstatus_set_current_consensus(s, flavor, flags) < -1) {
|
|
|
|
log_warn(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
|
|
|
|
flavor, filename);
|
|
|
|
}
|
|
|
|
tor_free(s);
|
|
|
|
}
|
|
|
|
tor_free(filename);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
if (flav == FLAV_NS) {
|
|
|
|
filename = get_datadir_fname("unverified-consensus");
|
|
|
|
} else {
|
|
|
|
tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
|
|
|
|
filename = get_datadir_fname(buf);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
|
|
|
|
if (s) {
|
|
|
|
if (networkstatus_set_current_consensus(s, flavor,
|
2008-01-07 20:15:34 +01:00
|
|
|
flags|NSSET_WAS_WAITING_FOR_CERTS)) {
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
|
|
|
|
flavor, filename);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_free(s);
|
|
|
|
}
|
|
|
|
tor_free(filename);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-29 00:44:53 +01:00
|
|
|
|
|
|
|
if (!current_consensus ||
|
|
|
|
(stat(options->FallbackNetworkstatusFile, &st)==0 &&
|
|
|
|
st.st_mtime > current_consensus->valid_after)) {
|
|
|
|
s = read_file_to_str(options->FallbackNetworkstatusFile,
|
|
|
|
RFTS_IGNORE_MISSING, NULL);
|
|
|
|
if (s) {
|
2009-10-13 23:06:01 +02:00
|
|
|
if (networkstatus_set_current_consensus(s, "ns",
|
2009-01-05 17:56:11 +01:00
|
|
|
flags|NSSET_ACCEPT_OBSOLETE)) {
|
2007-10-29 00:44:53 +01:00
|
|
|
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
|
|
|
|
options->FallbackNetworkstatusFile);
|
|
|
|
} else {
|
2008-01-10 18:54:24 +01:00
|
|
|
log_notice(LD_FS,
|
|
|
|
"Loaded fallback consensus networkstatus from \"%s\"",
|
2007-10-29 00:44:53 +01:00
|
|
|
options->FallbackNetworkstatusFile);
|
|
|
|
}
|
|
|
|
tor_free(s);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-12-20 05:54:06 +01:00
|
|
|
if (!current_consensus) {
|
|
|
|
if (!named_server_map)
|
|
|
|
named_server_map = strmap_new();
|
|
|
|
if (!unnamed_server_map)
|
|
|
|
unnamed_server_map = strmap_new();
|
|
|
|
}
|
|
|
|
|
2008-01-07 20:15:34 +01:00
|
|
|
update_certificate_downloads(time(NULL));
|
|
|
|
|
2007-11-11 18:37:59 +01:00
|
|
|
routers_update_all_from_networkstatus(time(NULL), 3);
|
2010-09-21 22:16:56 +02:00
|
|
|
update_microdescs_from_networkstatus(time(NULL));
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-12-22 15:56:28 +01:00
|
|
|
/** Free all storage held by the vote_routerstatus object <b>rs</b>. */
|
2008-08-26 01:19:58 +02:00
|
|
|
static void
|
|
|
|
vote_routerstatus_free(vote_routerstatus_t *rs)
|
|
|
|
{
|
2009-08-24 18:51:33 +02:00
|
|
|
vote_microdesc_hash_t *h, *next;
|
2009-09-28 16:37:01 +02:00
|
|
|
if (!rs)
|
|
|
|
return;
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs->version);
|
|
|
|
tor_free(rs->status.exitsummary);
|
2009-08-24 18:51:33 +02:00
|
|
|
for (h = rs->microdesc; h; h = next) {
|
|
|
|
tor_free(h->microdesc_hash_line);
|
|
|
|
next = h->next;
|
|
|
|
tor_free(h);
|
|
|
|
}
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Free all storage held by the routerstatus object <b>rs</b>. */
|
|
|
|
void
|
|
|
|
routerstatus_free(routerstatus_t *rs)
|
|
|
|
{
|
2009-09-28 16:37:01 +02:00
|
|
|
if (!rs)
|
|
|
|
return;
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs->exitsummary);
|
2007-10-08 23:21:50 +02:00
|
|
|
tor_free(rs);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Free all storage held by the networkstatus object <b>ns</b>. */
|
|
|
|
void
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(networkstatus_v2_t *ns)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2009-09-28 16:37:01 +02:00
|
|
|
if (!ns)
|
|
|
|
return;
|
2007-10-08 23:21:50 +02:00
|
|
|
tor_free(ns->source_address);
|
|
|
|
tor_free(ns->contact);
|
|
|
|
if (ns->signing_key)
|
2012-01-18 21:53:30 +01:00
|
|
|
crypto_pk_free(ns->signing_key);
|
2007-10-08 23:21:50 +02:00
|
|
|
tor_free(ns->client_versions);
|
|
|
|
tor_free(ns->server_versions);
|
|
|
|
if (ns->entries) {
|
|
|
|
SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
|
|
|
|
routerstatus_free(rs));
|
|
|
|
smartlist_free(ns->entries);
|
|
|
|
}
|
|
|
|
tor_free(ns);
|
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Free all storage held in <b>sig</b> */
|
|
|
|
void
|
|
|
|
document_signature_free(document_signature_t *sig)
|
|
|
|
{
|
|
|
|
tor_free(sig->signature);
|
|
|
|
tor_free(sig);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return a newly allocated copy of <b>sig</b> */
|
|
|
|
document_signature_t *
|
|
|
|
document_signature_dup(const document_signature_t *sig)
|
|
|
|
{
|
|
|
|
document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
|
|
|
|
if (r->signature)
|
|
|
|
r->signature = tor_memdup(sig->signature, sig->signature_len);
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Free all storage held in <b>ns</b>. */
|
2007-10-22 19:31:26 +02:00
|
|
|
void
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_vote_free(networkstatus_t *ns)
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
|
|
|
if (!ns)
|
|
|
|
return;
|
|
|
|
|
|
|
|
tor_free(ns->client_versions);
|
|
|
|
tor_free(ns->server_versions);
|
|
|
|
if (ns->known_flags) {
|
|
|
|
SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->known_flags);
|
|
|
|
}
|
2010-08-13 23:30:50 +02:00
|
|
|
if (ns->weight_params) {
|
|
|
|
SMARTLIST_FOREACH(ns->weight_params, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->weight_params);
|
|
|
|
}
|
2009-09-15 04:15:57 +02:00
|
|
|
if (ns->net_params) {
|
|
|
|
SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->net_params);
|
|
|
|
}
|
2007-12-16 09:20:10 +01:00
|
|
|
if (ns->supported_methods) {
|
|
|
|
SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->supported_methods);
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
if (ns->voters) {
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(ns->voters, networkstatus_voter_info_t *, voter) {
|
2007-10-22 19:31:26 +02:00
|
|
|
tor_free(voter->nickname);
|
|
|
|
tor_free(voter->address);
|
|
|
|
tor_free(voter->contact);
|
2009-09-16 23:01:01 +02:00
|
|
|
if (voter->sigs) {
|
|
|
|
SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
|
|
|
|
document_signature_free(sig));
|
|
|
|
smartlist_free(voter->sigs);
|
|
|
|
}
|
2007-10-25 16:31:15 +02:00
|
|
|
tor_free(voter);
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(voter);
|
2007-10-22 19:31:26 +02:00
|
|
|
smartlist_free(ns->voters);
|
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
authority_cert_free(ns->cert);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
if (ns->routerstatus_list) {
|
2008-07-24 11:22:27 +02:00
|
|
|
if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
|
2007-10-22 19:31:26 +02:00
|
|
|
SMARTLIST_FOREACH(ns->routerstatus_list, vote_routerstatus_t *, rs,
|
2008-08-26 01:19:58 +02:00
|
|
|
vote_routerstatus_free(rs));
|
2007-10-22 19:31:26 +02:00
|
|
|
} else {
|
|
|
|
SMARTLIST_FOREACH(ns->routerstatus_list, routerstatus_t *, rs,
|
2008-08-26 01:19:58 +02:00
|
|
|
routerstatus_free(rs));
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
smartlist_free(ns->routerstatus_list);
|
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
|
|
|
|
digestmap_free(ns->desc_digest_map, NULL);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
memset(ns, 11, sizeof(*ns));
|
|
|
|
tor_free(ns);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return the voter info from <b>vote</b> for the voter whose identity digest
|
|
|
|
* is <b>identity</b>, or NULL if no such voter is associated with
|
|
|
|
* <b>vote</b>. */
|
|
|
|
networkstatus_voter_info_t *
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_get_voter_by_id(networkstatus_t *vote,
|
2007-10-22 19:31:26 +02:00
|
|
|
const char *identity)
|
|
|
|
{
|
|
|
|
if (!vote || !vote->voters)
|
|
|
|
return NULL;
|
|
|
|
SMARTLIST_FOREACH(vote->voters, networkstatus_voter_info_t *, voter,
|
2011-05-10 22:58:38 +02:00
|
|
|
if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
|
2007-10-22 19:31:26 +02:00
|
|
|
return voter);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Check whether the signature <b>sig</b> is correctly signed with the
|
|
|
|
* signing key in <b>cert</b>. Return -1 if <b>cert</b> doesn't match the
|
2007-10-22 19:31:26 +02:00
|
|
|
* signing key; otherwise set the good_signature or bad_signature flag on
|
|
|
|
* <b>voter</b>, and return 0. */
|
|
|
|
int
|
2009-09-16 23:01:01 +02:00
|
|
|
networkstatus_check_document_signature(const networkstatus_t *consensus,
|
|
|
|
document_signature_t *sig,
|
|
|
|
const authority_cert_t *cert)
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
2009-09-16 23:01:01 +02:00
|
|
|
char key_digest[DIGEST_LEN];
|
|
|
|
const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
|
2007-10-22 19:31:26 +02:00
|
|
|
char *signed_digest;
|
|
|
|
size_t signed_digest_len;
|
2009-09-16 23:01:01 +02:00
|
|
|
|
|
|
|
if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
|
2007-10-22 19:31:26 +02:00
|
|
|
return -1;
|
2011-05-11 22:23:42 +02:00
|
|
|
if (tor_memneq(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
|
|
|
|
tor_memneq(sig->identity_digest, cert->cache_info.identity_digest,
|
|
|
|
DIGEST_LEN))
|
2007-10-22 19:31:26 +02:00
|
|
|
return -1;
|
2009-09-16 23:01:01 +02:00
|
|
|
|
2007-10-22 19:31:26 +02:00
|
|
|
signed_digest_len = crypto_pk_keysize(cert->signing_key);
|
|
|
|
signed_digest = tor_malloc(signed_digest_len);
|
|
|
|
if (crypto_pk_public_checksig(cert->signing_key,
|
|
|
|
signed_digest,
|
2011-01-13 20:36:41 +01:00
|
|
|
signed_digest_len,
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->signature,
|
|
|
|
sig->signature_len) < dlen ||
|
2011-05-11 22:23:42 +02:00
|
|
|
tor_memneq(signed_digest, consensus->digests.d[sig->alg], dlen)) {
|
2007-10-22 19:31:26 +02:00
|
|
|
log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->bad_signature = 1;
|
2007-10-22 19:31:26 +02:00
|
|
|
} else {
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->good_signature = 1;
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
2007-10-25 16:31:15 +02:00
|
|
|
tor_free(signed_digest);
|
2007-10-22 19:31:26 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Given a v3 networkstatus consensus in <b>consensus</b>, check every
|
|
|
|
* as-yet-unchecked signature on <b>consensus</b>. Return 1 if there is a
|
|
|
|
* signature from every recognized authority on it, 0 if there are
|
|
|
|
* enough good signatures from recognized authorities on it, -1 if we might
|
|
|
|
* get enough good signatures by fetching missing certificates, and -2
|
|
|
|
* otherwise. Log messages at INFO or WARN: if <b>warn</b> is over 1, warn
|
|
|
|
* about every problem; if warn is at least 1, warn only if we can't get
|
|
|
|
* enough signatures; if warn is negative, log nothing at all. */
|
|
|
|
int
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_check_consensus_signature(networkstatus_t *consensus,
|
2007-10-22 19:31:26 +02:00
|
|
|
int warn)
|
|
|
|
{
|
|
|
|
int n_good = 0;
|
2010-09-02 22:42:18 +02:00
|
|
|
int n_missing_key = 0, n_dl_failed_key = 0;
|
2007-10-22 19:31:26 +02:00
|
|
|
int n_bad = 0;
|
|
|
|
int n_unknown = 0;
|
|
|
|
int n_no_signature = 0;
|
2010-11-08 20:35:02 +01:00
|
|
|
int n_v3_authorities = get_n_authorities(V3_DIRINFO);
|
2007-10-22 19:31:26 +02:00
|
|
|
int n_required = n_v3_authorities/2 + 1;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *list_good = smartlist_new();
|
|
|
|
smartlist_t *list_no_signature = smartlist_new();
|
|
|
|
smartlist_t *need_certs_from = smartlist_new();
|
|
|
|
smartlist_t *unrecognized = smartlist_new();
|
|
|
|
smartlist_t *missing_authorities = smartlist_new();
|
2007-10-22 19:31:26 +02:00
|
|
|
int severity;
|
2008-11-07 14:38:49 +01:00
|
|
|
time_t now = time(NULL);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
2008-07-24 11:22:27 +02:00
|
|
|
tor_assert(consensus->type == NS_TYPE_CONSENSUS);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(consensus->voters, networkstatus_voter_info_t *,
|
|
|
|
voter) {
|
|
|
|
int good_here = 0;
|
|
|
|
int bad_here = 0;
|
2010-09-20 19:33:57 +02:00
|
|
|
int unknown_here = 0;
|
2010-09-02 22:42:18 +02:00
|
|
|
int missing_key_here = 0, dl_failed_key_here = 0;
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
|
|
|
|
if (!sig->good_signature && !sig->bad_signature &&
|
|
|
|
sig->signature) {
|
|
|
|
/* we can try to check the signature. */
|
|
|
|
int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
|
|
|
|
sig->identity_digest) != NULL;
|
|
|
|
authority_cert_t *cert =
|
|
|
|
authority_cert_get_by_digests(sig->identity_digest,
|
|
|
|
sig->signing_key_digest);
|
2011-05-11 22:27:27 +02:00
|
|
|
tor_assert(tor_memeq(sig->identity_digest, voter->identity_digest,
|
2009-09-16 23:01:01 +02:00
|
|
|
DIGEST_LEN));
|
|
|
|
|
|
|
|
if (!is_v3_auth) {
|
|
|
|
smartlist_add(unrecognized, voter);
|
2010-09-20 19:33:57 +02:00
|
|
|
++unknown_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
} else if (!cert || cert->expires < now) {
|
|
|
|
smartlist_add(need_certs_from, voter);
|
|
|
|
++missing_key_here;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (authority_cert_dl_looks_uncertain(sig->identity_digest))
|
|
|
|
++dl_failed_key_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
|
|
|
|
smartlist_add(need_certs_from, voter);
|
|
|
|
++missing_key_here;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (authority_cert_dl_looks_uncertain(sig->identity_digest))
|
|
|
|
++dl_failed_key_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
2009-09-16 23:01:01 +02:00
|
|
|
if (sig->good_signature)
|
|
|
|
++good_here;
|
|
|
|
else if (sig->bad_signature)
|
|
|
|
++bad_here;
|
|
|
|
} SMARTLIST_FOREACH_END(sig);
|
2012-01-08 18:14:44 +01:00
|
|
|
|
|
|
|
if (good_here) {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_good;
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_add(list_good, voter->nickname);
|
|
|
|
} else if (bad_here) {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_bad;
|
2012-01-08 18:14:44 +01:00
|
|
|
} else if (missing_key_here) {
|
2009-09-16 23:01:01 +02:00
|
|
|
++n_missing_key;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (dl_failed_key_here)
|
|
|
|
++n_dl_failed_key;
|
2010-09-20 19:33:57 +02:00
|
|
|
} else if (unknown_here) {
|
|
|
|
++n_unknown;
|
|
|
|
} else {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_no_signature;
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_add(list_no_signature, voter->nickname);
|
2010-09-20 19:33:57 +02:00
|
|
|
}
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(voter);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
/* Now see whether we're missing any voters entirely. */
|
|
|
|
SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
|
|
|
|
trusted_dir_server_t *, ds,
|
|
|
|
{
|
2010-11-08 20:35:02 +01:00
|
|
|
if ((ds->type & V3_DIRINFO) &&
|
2007-10-22 19:31:26 +02:00
|
|
|
!networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
|
|
|
|
smartlist_add(missing_authorities, ds);
|
|
|
|
});
|
|
|
|
|
2010-09-02 22:42:18 +02:00
|
|
|
if (warn > 1 || (warn >= 0 &&
|
|
|
|
(n_good + n_missing_key - n_dl_failed_key < n_required))) {
|
2007-10-22 19:31:26 +02:00
|
|
|
severity = LOG_WARN;
|
2010-09-02 22:42:18 +02:00
|
|
|
} else {
|
2007-10-22 19:31:26 +02:00
|
|
|
severity = LOG_INFO;
|
2010-09-02 22:42:18 +02:00
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
if (warn >= 0) {
|
|
|
|
SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
|
|
|
|
{
|
2010-08-19 17:13:35 +02:00
|
|
|
log(severity, LD_DIR, "Consensus includes unrecognized authority "
|
|
|
|
"'%s' at %s:%d (contact %s; identity %s)",
|
2008-01-24 03:31:37 +01:00
|
|
|
voter->nickname, voter->address, (int)voter->dir_port,
|
|
|
|
voter->contact?voter->contact:"n/a",
|
|
|
|
hex_str(voter->identity_digest, DIGEST_LEN));
|
2007-10-22 19:31:26 +02:00
|
|
|
});
|
|
|
|
SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
|
|
|
|
{
|
2010-08-19 17:13:35 +02:00
|
|
|
log(severity, LD_DIR, "Looks like we need to download a new "
|
|
|
|
"certificate from authority '%s' at %s:%d (contact %s; "
|
|
|
|
"identity %s)",
|
2007-10-22 19:31:26 +02:00
|
|
|
voter->nickname, voter->address, (int)voter->dir_port,
|
|
|
|
voter->contact?voter->contact:"n/a",
|
|
|
|
hex_str(voter->identity_digest, DIGEST_LEN));
|
|
|
|
});
|
|
|
|
SMARTLIST_FOREACH(missing_authorities, trusted_dir_server_t *, ds,
|
|
|
|
{
|
2010-08-19 17:13:35 +02:00
|
|
|
log(severity, LD_DIR, "Consensus does not include configured "
|
2008-04-24 07:32:55 +02:00
|
|
|
"authority '%s' at %s:%d (identity %s)",
|
|
|
|
ds->nickname, ds->address, (int)ds->dir_port,
|
|
|
|
hex_str(ds->v3_identity_digest, DIGEST_LEN));
|
2007-10-22 19:31:26 +02:00
|
|
|
});
|
2010-08-19 17:13:35 +02:00
|
|
|
{
|
2012-01-11 19:44:10 +01:00
|
|
|
char *joined;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *sl = smartlist_new();
|
2012-01-08 18:14:44 +01:00
|
|
|
char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"A consensus needs %d good signatures from recognized "
|
2012-01-08 18:14:44 +01:00
|
|
|
"authorities for us to accept it. This one has %d (%s).",
|
|
|
|
n_required, n_good, tmp);
|
|
|
|
tor_free(tmp);
|
2010-08-19 17:13:35 +02:00
|
|
|
if (n_no_signature) {
|
2012-01-08 18:14:44 +01:00
|
|
|
tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"%d (%s) of the authorities we know didn't sign it.",
|
2012-01-08 18:14:44 +01:00
|
|
|
n_no_signature, tmp);
|
|
|
|
tor_free(tmp);
|
2010-08-19 17:13:35 +02:00
|
|
|
}
|
|
|
|
if (n_unknown) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"It has %d signatures from authorities we don't "
|
2010-08-19 17:13:35 +02:00
|
|
|
"recognize.", n_unknown);
|
|
|
|
}
|
|
|
|
if (n_bad) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl, "%d of the signatures on it didn't verify "
|
2010-08-19 17:13:35 +02:00
|
|
|
"correctly.", n_bad);
|
|
|
|
}
|
|
|
|
if (n_missing_key) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"We were unable to check %d of the signatures, "
|
2010-08-19 17:13:35 +02:00
|
|
|
"because we were missing the keys.", n_missing_key);
|
|
|
|
}
|
2012-01-11 19:44:10 +01:00
|
|
|
joined = smartlist_join_strings(sl, " ", 0, NULL);
|
|
|
|
log(severity, LD_DIR, "%s", joined);
|
|
|
|
tor_free(joined);
|
2010-08-19 17:13:35 +02:00
|
|
|
SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
|
|
|
|
smartlist_free(sl);
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
|
|
|
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_free(list_good);
|
|
|
|
smartlist_free(list_no_signature);
|
2007-10-22 19:31:26 +02:00
|
|
|
smartlist_free(unrecognized);
|
|
|
|
smartlist_free(need_certs_from);
|
|
|
|
smartlist_free(missing_authorities);
|
|
|
|
|
|
|
|
if (n_good == n_v3_authorities)
|
|
|
|
return 1;
|
|
|
|
else if (n_good >= n_required)
|
|
|
|
return 0;
|
|
|
|
else if (n_good + n_missing_key >= n_required)
|
|
|
|
return -1;
|
|
|
|
else
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Helper: return a newly allocated string containing the name of the filename
|
|
|
|
* where we plan to cache the network status with the given identity digest. */
|
|
|
|
char *
|
|
|
|
networkstatus_get_cache_filename(const char *identity_digest)
|
|
|
|
{
|
|
|
|
char fp[HEX_DIGEST_LEN+1];
|
|
|
|
base16_encode(fp, HEX_DIGEST_LEN+1, identity_digest, DIGEST_LEN);
|
2007-10-17 18:55:44 +02:00
|
|
|
return get_datadir_fname2("cached-status", fp);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/** Helper for smartlist_sort: Compare two networkstatus objects by
|
|
|
|
* publication date. */
|
|
|
|
static int
|
2007-10-16 01:15:24 +02:00
|
|
|
_compare_networkstatus_v2_published_on(const void **_a, const void **_b)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
const networkstatus_v2_t *a = *_a, *b = *_b;
|
2007-10-08 23:21:50 +02:00
|
|
|
if (a->published_on < b->published_on)
|
|
|
|
return -1;
|
|
|
|
else if (a->published_on > b->published_on)
|
|
|
|
return 1;
|
|
|
|
else
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-12-18 22:37:58 +01:00
|
|
|
/** Add the parsed v2 networkstatus in <b>ns</b> (with original document in
|
2007-10-09 23:11:16 +02:00
|
|
|
* <b>s</b>) to the disk cache (and the in-memory directory server cache) as
|
2007-10-08 23:21:50 +02:00
|
|
|
* appropriate. */
|
|
|
|
static int
|
|
|
|
add_networkstatus_to_cache(const char *s,
|
2008-12-17 18:20:48 +01:00
|
|
|
v2_networkstatus_source_t source,
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_t *ns)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
if (source != NS_FROM_CACHE) {
|
|
|
|
char *fn = networkstatus_get_cache_filename(ns->identity_digest);
|
|
|
|
if (write_str_to_file(fn, s, 0)<0) {
|
|
|
|
log_notice(LD_FS, "Couldn't write cached network status to \"%s\"", fn);
|
|
|
|
}
|
|
|
|
tor_free(fn);
|
|
|
|
}
|
|
|
|
|
2007-12-20 07:47:59 +01:00
|
|
|
if (directory_caches_v2_dir_info(get_options()))
|
2007-10-08 23:21:50 +02:00
|
|
|
dirserv_set_cached_networkstatus_v2(s,
|
|
|
|
ns->identity_digest,
|
|
|
|
ns->published_on);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** How far in the future do we allow a network-status to get before removing
|
|
|
|
* it? (seconds) */
|
|
|
|
#define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
|
|
|
|
|
|
|
|
/** Given a string <b>s</b> containing a network status that we received at
|
|
|
|
* <b>arrived_at</b> from <b>source</b>, try to parse it, see if we want to
|
|
|
|
* store it, and put it into our cache as necessary.
|
|
|
|
*
|
|
|
|
* If <b>source</b> is NS_FROM_DIR or NS_FROM_CACHE, do not replace our
|
|
|
|
* own networkstatus_t (if we're an authoritative directory server).
|
|
|
|
*
|
|
|
|
* If <b>source</b> is NS_FROM_CACHE, do not write our networkstatus_t to the
|
|
|
|
* cache.
|
|
|
|
*
|
|
|
|
* If <b>requested_fingerprints</b> is provided, it must contain a list of
|
|
|
|
* uppercased identity fingerprints. Do not update any networkstatus whose
|
|
|
|
* fingerprint is not on the list; after updating a networkstatus, remove its
|
|
|
|
* fingerprint from the list.
|
|
|
|
*
|
|
|
|
* Return 0 on success, -1 on failure.
|
|
|
|
*
|
|
|
|
* Callers should make sure that routers_update_all_from_networkstatus() is
|
|
|
|
* invoked after this function succeeds.
|
|
|
|
*/
|
|
|
|
int
|
2007-10-16 01:15:24 +02:00
|
|
|
router_set_networkstatus_v2(const char *s, time_t arrived_at,
|
2008-12-17 18:20:48 +01:00
|
|
|
v2_networkstatus_source_t source,
|
|
|
|
smartlist_t *requested_fingerprints)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_t *ns;
|
2007-10-08 23:21:50 +02:00
|
|
|
int i, found;
|
|
|
|
time_t now;
|
|
|
|
int skewed = 0;
|
|
|
|
trusted_dir_server_t *trusted_dir = NULL;
|
|
|
|
const char *source_desc = NULL;
|
|
|
|
char fp[HEX_DIGEST_LEN+1];
|
|
|
|
char published[ISO_TIME_LEN+1];
|
|
|
|
|
2007-12-20 07:47:59 +01:00
|
|
|
if (!directory_caches_v2_dir_info(get_options()))
|
2007-10-16 01:15:24 +02:00
|
|
|
return 0; /* Don't bother storing it. */
|
|
|
|
|
|
|
|
ns = networkstatus_v2_parse_from_string(s);
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!ns) {
|
|
|
|
log_warn(LD_DIR, "Couldn't parse network status.");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
base16_encode(fp, HEX_DIGEST_LEN+1, ns->identity_digest, DIGEST_LEN);
|
|
|
|
if (!(trusted_dir =
|
|
|
|
router_get_trusteddirserver_by_digest(ns->identity_digest)) ||
|
2010-11-08 20:35:02 +01:00
|
|
|
!(trusted_dir->type & V2_DIRINFO)) {
|
2007-10-08 23:21:50 +02:00
|
|
|
log_info(LD_DIR, "Network status was signed, but not by an authoritative "
|
|
|
|
"directory we recognize.");
|
|
|
|
source_desc = fp;
|
|
|
|
} else {
|
|
|
|
source_desc = trusted_dir->description;
|
|
|
|
}
|
|
|
|
now = time(NULL);
|
|
|
|
if (arrived_at > now)
|
|
|
|
arrived_at = now;
|
|
|
|
|
|
|
|
ns->received_on = arrived_at;
|
|
|
|
|
|
|
|
format_iso_time(published, ns->published_on);
|
|
|
|
|
|
|
|
if (ns->published_on > now + NETWORKSTATUS_ALLOW_SKEW) {
|
2007-10-30 16:17:07 +01:00
|
|
|
char dbuf[64];
|
|
|
|
long delta = now - ns->published_on;
|
|
|
|
format_time_interval(dbuf, sizeof(dbuf), delta);
|
|
|
|
log_warn(LD_GENERAL, "Network status from %s was published %s in the "
|
|
|
|
"future (%s GMT). Check your time and date settings! "
|
2007-10-08 23:21:50 +02:00
|
|
|
"Not caching.",
|
2007-10-30 16:17:07 +01:00
|
|
|
source_desc, dbuf, published);
|
2007-10-08 23:21:50 +02:00
|
|
|
control_event_general_status(LOG_WARN,
|
2007-10-30 16:17:07 +01:00
|
|
|
"CLOCK_SKEW MIN_SKEW=%ld SOURCE=NETWORKSTATUS:%s:%d",
|
|
|
|
delta, ns->source_address, ns->source_dirport);
|
2007-10-08 23:21:50 +02:00
|
|
|
skewed = 1;
|
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!networkstatus_v2_list)
|
2012-01-18 21:53:30 +01:00
|
|
|
networkstatus_v2_list = smartlist_new();
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
if ( (source == NS_FROM_DIR_BY_FP || source == NS_FROM_DIR_ALL) &&
|
|
|
|
router_digest_is_me(ns->identity_digest)) {
|
|
|
|
/* Don't replace our own networkstatus when we get it from somebody else.*/
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (requested_fingerprints) {
|
|
|
|
if (smartlist_string_isin(requested_fingerprints, fp)) {
|
|
|
|
smartlist_string_remove(requested_fingerprints, fp);
|
|
|
|
} else {
|
|
|
|
if (source != NS_FROM_DIR_ALL) {
|
|
|
|
char *requested =
|
|
|
|
smartlist_join_strings(requested_fingerprints," ",0,NULL);
|
|
|
|
log_warn(LD_DIR,
|
|
|
|
"We received a network status with a fingerprint (%s) that we "
|
|
|
|
"never requested. (We asked for: %s.) Dropping.",
|
|
|
|
fp, requested);
|
|
|
|
tor_free(requested);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!trusted_dir) {
|
2007-12-01 05:58:53 +01:00
|
|
|
if (!skewed) {
|
2007-10-08 23:21:50 +02:00
|
|
|
/* We got a non-trusted networkstatus, and we're a directory cache.
|
|
|
|
* This means that we asked an authority, and it told us about another
|
|
|
|
* authority we didn't recognize. */
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"We do not recognize authority (%s) but we are willing "
|
|
|
|
"to cache it.", fp);
|
|
|
|
add_networkstatus_to_cache(s, source, ns);
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
found = 0;
|
2007-10-16 01:15:24 +02:00
|
|
|
for (i=0; i < smartlist_len(networkstatus_v2_list); ++i) {
|
|
|
|
networkstatus_v2_t *old_ns = smartlist_get(networkstatus_v2_list, i);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(old_ns->identity_digest, ns->identity_digest, DIGEST_LEN)) {
|
|
|
|
if (tor_memeq(old_ns->networkstatus_digest,
|
2007-10-08 23:21:50 +02:00
|
|
|
ns->networkstatus_digest, DIGEST_LEN)) {
|
|
|
|
/* Same one we had before. */
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
tor_assert(trusted_dir);
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"Not replacing network-status from %s (published %s); "
|
|
|
|
"we already have it.",
|
|
|
|
trusted_dir->description, published);
|
|
|
|
if (old_ns->received_on < arrived_at) {
|
|
|
|
if (source != NS_FROM_CACHE) {
|
|
|
|
char *fn;
|
|
|
|
fn = networkstatus_get_cache_filename(old_ns->identity_digest);
|
|
|
|
/* We use mtime to tell when it arrived, so update that. */
|
|
|
|
touch_file(fn);
|
|
|
|
tor_free(fn);
|
|
|
|
}
|
|
|
|
old_ns->received_on = arrived_at;
|
|
|
|
}
|
2007-10-09 17:27:45 +02:00
|
|
|
download_status_failed(&trusted_dir->v2_ns_dl_status, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
} else if (old_ns->published_on >= ns->published_on) {
|
|
|
|
char old_published[ISO_TIME_LEN+1];
|
|
|
|
format_iso_time(old_published, old_ns->published_on);
|
|
|
|
tor_assert(trusted_dir);
|
|
|
|
log_info(LD_DIR,
|
|
|
|
"Not replacing network-status from %s (published %s);"
|
|
|
|
" we have a newer one (published %s) for this authority.",
|
|
|
|
trusted_dir->description, published,
|
|
|
|
old_published);
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(ns);
|
2007-10-09 17:27:45 +02:00
|
|
|
download_status_failed(&trusted_dir->v2_ns_dl_status, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
} else {
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(old_ns);
|
|
|
|
smartlist_set(networkstatus_v2_list, i, ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
found = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-09 17:27:45 +02:00
|
|
|
if (source != NS_FROM_CACHE && trusted_dir) {
|
|
|
|
download_status_reset(&trusted_dir->v2_ns_dl_status);
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
if (!found)
|
2007-10-16 01:15:24 +02:00
|
|
|
smartlist_add(networkstatus_v2_list, ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2008-12-26 18:35:08 +01:00
|
|
|
/** Retain any routerinfo mentioned in a V2 networkstatus for at least this
|
|
|
|
* long. */
|
|
|
|
#define V2_NETWORKSTATUS_ROUTER_LIFETIME (3*60*60)
|
2008-04-04 23:18:56 +02:00
|
|
|
|
|
|
|
{
|
2008-12-26 18:35:08 +01:00
|
|
|
time_t live_until = ns->published_on + V2_NETWORKSTATUS_ROUTER_LIFETIME;
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(ns->entries, routerstatus_t *, rs) {
|
2008-04-04 23:18:56 +02:00
|
|
|
signed_descriptor_t *sd =
|
|
|
|
router_get_by_descriptor_digest(rs->descriptor_digest);
|
|
|
|
if (sd) {
|
|
|
|
if (sd->last_listed_as_valid_until < live_until)
|
|
|
|
sd->last_listed_as_valid_until = live_until;
|
|
|
|
} else {
|
2007-10-08 23:21:50 +02:00
|
|
|
rs->need_to_mirror = 1;
|
2008-04-04 23:18:56 +02:00
|
|
|
}
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(rs);
|
2008-04-04 23:18:56 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
log_info(LD_DIR, "Setting networkstatus %s %s (published %s)",
|
|
|
|
source == NS_FROM_CACHE?"cached from":
|
|
|
|
((source == NS_FROM_DIR_BY_FP || source == NS_FROM_DIR_ALL) ?
|
|
|
|
"downloaded from":"generated for"),
|
|
|
|
trusted_dir->description, published);
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_list_has_changed = 1;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
smartlist_sort(networkstatus_v2_list,
|
|
|
|
_compare_networkstatus_v2_published_on);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
if (!skewed)
|
|
|
|
add_networkstatus_to_cache(s, source, ns);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Remove all very-old network_status_t objects from memory and from the
|
|
|
|
* disk cache. */
|
|
|
|
void
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_list_clean(time_t now)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
int i;
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!networkstatus_v2_list)
|
2007-10-08 23:21:50 +02:00
|
|
|
return;
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
for (i = 0; i < smartlist_len(networkstatus_v2_list); ++i) {
|
|
|
|
networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
|
2007-10-08 23:21:50 +02:00
|
|
|
char *fname = NULL;
|
|
|
|
if (ns->published_on + MAX_NETWORKSTATUS_AGE > now)
|
|
|
|
continue;
|
|
|
|
/* Okay, this one is too old. Remove it from the list, and delete it
|
|
|
|
* from the cache. */
|
2007-10-16 01:15:24 +02:00
|
|
|
smartlist_del(networkstatus_v2_list, i--);
|
2007-10-08 23:21:50 +02:00
|
|
|
fname = networkstatus_get_cache_filename(ns->identity_digest);
|
|
|
|
if (file_status(fname) == FN_FILE) {
|
|
|
|
log_info(LD_DIR, "Removing too-old networkstatus in %s", fname);
|
|
|
|
unlink(fname);
|
|
|
|
}
|
|
|
|
tor_free(fname);
|
2007-12-20 07:47:59 +01:00
|
|
|
if (directory_caches_v2_dir_info(get_options())) {
|
2007-10-08 23:21:50 +02:00
|
|
|
dirserv_set_cached_networkstatus_v2(NULL, ns->identity_digest, 0);
|
|
|
|
}
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_free(ns);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/* And now go through the directory cache for any cached untrusted
|
|
|
|
* networkstatuses and other network info. */
|
|
|
|
dirserv_clear_old_networkstatuses(now - MAX_NETWORKSTATUS_AGE);
|
|
|
|
dirserv_clear_old_v1_info(now);
|
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
/** Helper for bsearching a list of routerstatus_t pointers: compare a
|
|
|
|
* digest in the key to the identity digest of a routerstatus_t. */
|
2009-07-31 06:33:53 +02:00
|
|
|
int
|
|
|
|
compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
const char *key = _key;
|
|
|
|
const routerstatus_t *rs = *_member;
|
2011-05-10 22:23:43 +02:00
|
|
|
return tor_memcmp(key, rs->identity_digest, DIGEST_LEN);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** As networkstatus_v2_find_entry, but do not return a const pointer */
|
2007-10-08 23:21:50 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_v2_find_mutable_entry(networkstatus_v2_t *ns, const char *digest)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
return smartlist_bsearch(ns->entries, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
/** Return the entry in <b>ns</b> for the identity digest <b>digest</b>, or
|
|
|
|
* NULL if none was found. */
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *
|
|
|
|
networkstatus_v2_find_entry(networkstatus_v2_t *ns, const char *digest)
|
|
|
|
{
|
|
|
|
return networkstatus_v2_find_mutable_entry(ns, digest);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** As networkstatus_find_entry, but do not return a const pointer */
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
|
2007-10-16 01:15:24 +02:00
|
|
|
{
|
|
|
|
return smartlist_bsearch(ns->routerstatus_list, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry);
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the entry in <b>ns</b> for the identity digest <b>digest</b>, or
|
|
|
|
* NULL if none was found. */
|
|
|
|
const routerstatus_t *
|
|
|
|
networkstatus_vote_find_entry(networkstatus_t *ns, const char *digest)
|
|
|
|
{
|
|
|
|
return networkstatus_vote_find_mutable_entry(ns, digest);
|
|
|
|
}
|
|
|
|
|
2010-10-15 17:21:33 +02:00
|
|
|
/*XXXX MOVE make this static once functions are moved into this file. */
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Search the routerstatuses in <b>ns</b> for one whose identity digest is
|
|
|
|
* <b>digest</b>. Return value and set *<b>found_out</b> as for
|
2008-02-09 04:11:10 +01:00
|
|
|
* smartlist_bsearch_idx(). */
|
2007-11-03 21:12:41 +01:00
|
|
|
int
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_vote_find_entry_idx(networkstatus_t *ns,
|
2007-11-03 21:12:41 +01:00
|
|
|
const char *digest, int *found_out)
|
|
|
|
{
|
|
|
|
return smartlist_bsearch_idx(ns->routerstatus_list, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry,
|
2007-11-03 21:12:41 +01:00
|
|
|
found_out);
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Return a list of the v2 networkstatus documents. */
|
2007-10-08 23:21:50 +02:00
|
|
|
const smartlist_t *
|
|
|
|
networkstatus_get_v2_list(void)
|
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!networkstatus_v2_list)
|
2012-01-18 21:53:30 +01:00
|
|
|
networkstatus_v2_list = smartlist_new();
|
2007-10-16 01:15:24 +02:00
|
|
|
return networkstatus_v2_list;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2012-06-05 01:51:00 +02:00
|
|
|
/** As router_get_consensus_status_by_descriptor_digest, but does not return
|
|
|
|
* a const pointer. */
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
router_get_mutable_consensus_status_by_descriptor_digest(
|
|
|
|
networkstatus_t *consensus,
|
2010-05-11 23:20:33 +02:00
|
|
|
const char *digest)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!consensus)
|
|
|
|
consensus = current_consensus;
|
|
|
|
if (!consensus)
|
|
|
|
return NULL;
|
|
|
|
if (!consensus->desc_digest_map) {
|
|
|
|
digestmap_t *m = consensus->desc_digest_map = digestmap_new();
|
|
|
|
SMARTLIST_FOREACH(consensus->routerstatus_list,
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *, rs,
|
|
|
|
{
|
|
|
|
digestmap_set(m, rs->descriptor_digest, rs);
|
|
|
|
});
|
|
|
|
}
|
2010-05-11 23:20:33 +02:00
|
|
|
return digestmap_get(consensus->desc_digest_map, digest);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the consensus view of the status of the router whose current
|
|
|
|
* <i>descriptor</i> digest in <b>consensus</b> is <b>digest</b>, or NULL if
|
|
|
|
* no such router is known. */
|
|
|
|
const routerstatus_t *
|
|
|
|
router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus,
|
|
|
|
const char *digest)
|
|
|
|
{
|
|
|
|
return router_get_mutable_consensus_status_by_descriptor_digest(
|
|
|
|
consensus, digest);
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Given the digest of a router descriptor, return its current download
|
|
|
|
* status, or NULL if the digest is unrecognized. */
|
2007-10-16 01:15:24 +02:00
|
|
|
download_status_t *
|
|
|
|
router_get_dl_status_by_descriptor_digest(const char *d)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *rs;
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!current_ns_consensus)
|
|
|
|
return NULL;
|
2010-09-29 07:35:08 +02:00
|
|
|
if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
|
|
|
|
current_ns_consensus, d)))
|
2007-10-16 01:15:24 +02:00
|
|
|
return &rs->dl_status;
|
|
|
|
if (v2_download_status_map)
|
|
|
|
return digestmap_get(v2_download_status_map, d);
|
|
|
|
|
|
|
|
return NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** As router_get_consensus_status_by_id, but do not return a const pointer */
|
2007-10-09 17:27:15 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
router_get_mutable_consensus_status_by_id(const char *digest)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!current_consensus)
|
2007-10-08 23:21:50 +02:00
|
|
|
return NULL;
|
2007-10-16 01:15:24 +02:00
|
|
|
return smartlist_bsearch(current_consensus->routerstatus_list, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the consensus view of the status of the router whose identity
|
|
|
|
* digest is <b>digest</b>, or NULL if we don't know about any such router. */
|
|
|
|
const routerstatus_t *
|
|
|
|
router_get_consensus_status_by_id(const char *digest)
|
|
|
|
{
|
|
|
|
return router_get_mutable_consensus_status_by_id(digest);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Given a nickname (possibly verbose, possibly a hexadecimal digest), return
|
2007-10-09 17:27:15 +02:00
|
|
|
* the corresponding routerstatus_t, or NULL if none exists. Warn the
|
2007-10-08 23:21:50 +02:00
|
|
|
* user if <b>warn_if_unnamed</b> is set, and they have specified a router by
|
|
|
|
* nickname, but the Named flag isn't set for that router. */
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *
|
2007-10-16 01:15:24 +02:00
|
|
|
router_get_consensus_status_by_nickname(const char *nickname,
|
2007-12-12 22:09:01 +01:00
|
|
|
int warn_if_unnamed)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
const node_t *node = node_get_by_nickname(nickname, warn_if_unnamed);
|
|
|
|
if (node)
|
|
|
|
return node->rs;
|
|
|
|
else
|
2008-02-15 20:20:53 +01:00
|
|
|
return NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Return the identity digest that's mapped to officially by
|
|
|
|
* <b>nickname</b>. */
|
2007-10-08 23:21:50 +02:00
|
|
|
const char *
|
|
|
|
networkstatus_get_router_digest_by_nickname(const char *nickname)
|
|
|
|
{
|
|
|
|
if (!named_server_map)
|
|
|
|
return NULL;
|
|
|
|
return strmap_get_lc(named_server_map, nickname);
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Return true iff <b>nickname</b> is disallowed from being the nickname
|
|
|
|
* of any server. */
|
2007-10-19 20:56:24 +02:00
|
|
|
int
|
|
|
|
networkstatus_nickname_is_unnamed(const char *nickname)
|
|
|
|
{
|
2007-10-27 23:40:32 +02:00
|
|
|
if (!unnamed_server_map)
|
|
|
|
return 0;
|
|
|
|
return strmap_get_lc(unnamed_server_map, nickname) != NULL;
|
2007-10-19 20:56:24 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** How frequently do directory authorities re-download fresh networkstatus
|
|
|
|
* documents? */
|
2007-12-01 21:04:36 +01:00
|
|
|
#define AUTHORITY_NS_CACHE_INTERVAL (10*60)
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** How frequently do non-authority directory caches re-download fresh
|
|
|
|
* networkstatus documents? */
|
2007-12-01 21:04:36 +01:00
|
|
|
#define NONAUTHORITY_NS_CACHE_INTERVAL (60*60)
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** We are a directory server, and so cache network_status documents.
|
|
|
|
* Initiate downloads as needed to update them. For v2 authorities,
|
|
|
|
* this means asking each trusted directory for its network-status.
|
|
|
|
* For caches, this means asking a random v2 authority for all
|
|
|
|
* network-statuses.
|
|
|
|
*/
|
|
|
|
static void
|
2007-10-10 21:33:19 +02:00
|
|
|
update_v2_networkstatus_cache_downloads(time_t now)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
int authority = authdir_mode_v2(get_options());
|
|
|
|
int interval =
|
|
|
|
authority ? AUTHORITY_NS_CACHE_INTERVAL : NONAUTHORITY_NS_CACHE_INTERVAL;
|
|
|
|
const smartlist_t *trusted_dir_servers = router_get_trusted_dir_servers();
|
|
|
|
|
|
|
|
if (last_networkstatus_download_attempted + interval >= now)
|
|
|
|
return;
|
|
|
|
|
|
|
|
last_networkstatus_download_attempted = now;
|
|
|
|
|
|
|
|
if (authority) {
|
|
|
|
/* An authority launches a separate connection for everybody. */
|
2008-08-05 22:08:19 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, ds)
|
|
|
|
{
|
2007-10-08 23:21:50 +02:00
|
|
|
char resource[HEX_DIGEST_LEN+6]; /* fp/hexdigit.z\0 */
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_t addr;
|
2010-11-08 20:35:02 +01:00
|
|
|
if (!(ds->type & V2_DIRINFO))
|
2007-10-08 23:21:50 +02:00
|
|
|
continue;
|
|
|
|
if (router_digest_is_me(ds->digest))
|
|
|
|
continue;
|
2008-08-05 22:08:19 +02:00
|
|
|
tor_addr_from_ipv4h(&addr, ds->addr);
|
|
|
|
/* Is this quite sensible with IPv6 or multiple addresses? */
|
2007-10-08 23:21:50 +02:00
|
|
|
if (connection_get_by_type_addr_port_purpose(
|
2008-08-05 22:08:19 +02:00
|
|
|
CONN_TYPE_DIR, &addr, ds->dir_port,
|
2008-12-17 18:20:48 +01:00
|
|
|
DIR_PURPOSE_FETCH_V2_NETWORKSTATUS)) {
|
2008-12-18 17:11:03 +01:00
|
|
|
/* XXX the above dir_port won't be accurate if we're
|
2007-10-08 23:21:50 +02:00
|
|
|
* doing a tunneled conn. In that case it should be or_port.
|
|
|
|
* How to guess from here? Maybe make the function less general
|
|
|
|
* and have it know that it's looking for dir conns. -RD */
|
2008-02-15 20:20:53 +01:00
|
|
|
/* Only directory caches download v2 networkstatuses, and they
|
|
|
|
* don't use tunneled connections. I think it's okay to ignore
|
|
|
|
* this. */
|
2007-10-08 23:21:50 +02:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
strlcpy(resource, "fp/", sizeof(resource));
|
|
|
|
base16_encode(resource+3, sizeof(resource)-3, ds->digest, DIGEST_LEN);
|
|
|
|
strlcat(resource, ".z", sizeof(resource));
|
|
|
|
directory_initiate_command_routerstatus(
|
2008-12-17 18:20:48 +01:00
|
|
|
&ds->fake_status, DIR_PURPOSE_FETCH_V2_NETWORKSTATUS,
|
2007-10-08 23:21:50 +02:00
|
|
|
ROUTER_PURPOSE_GENERAL,
|
2012-09-12 16:15:58 +02:00
|
|
|
DIRIND_ONEHOP,
|
2007-10-08 23:21:50 +02:00
|
|
|
resource,
|
2007-10-28 21:30:21 +01:00
|
|
|
NULL, 0 /* No payload. */,
|
|
|
|
0 /* No I-M-S. */);
|
2008-08-05 22:08:19 +02:00
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH_END(ds);
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
|
|
|
/* A non-authority cache launches one connection to a random authority. */
|
|
|
|
/* (Check whether we're currently fetching network-status objects.) */
|
|
|
|
if (!connection_get_by_type_purpose(CONN_TYPE_DIR,
|
2008-12-17 18:20:48 +01:00
|
|
|
DIR_PURPOSE_FETCH_V2_NETWORKSTATUS))
|
|
|
|
directory_get_from_dirserver(DIR_PURPOSE_FETCH_V2_NETWORKSTATUS,
|
2008-12-11 20:12:45 +01:00
|
|
|
ROUTER_PURPOSE_GENERAL, "all.z",
|
|
|
|
PDS_RETRY_IF_NO_SERVERS);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-06-05 00:50:13 +02:00
|
|
|
/** Return true iff, given the options listed in <b>options</b>, <b>flavor</b>
|
|
|
|
* is the flavor of a consensus networkstatus that we would like to fetch. */
|
2010-09-17 04:12:03 +02:00
|
|
|
static int
|
2011-06-14 19:01:38 +02:00
|
|
|
we_want_to_fetch_flavor(const or_options_t *options, int flavor)
|
2010-09-17 04:12:03 +02:00
|
|
|
{
|
|
|
|
if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) {
|
|
|
|
/* This flavor is crazy; we don't want it */
|
|
|
|
/*XXXX handle unrecognized flavors later */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (authdir_mode_v3(options) || directory_caches_dir_info(options)) {
|
|
|
|
/* We want to serve all flavors to others, regardless if we would use
|
|
|
|
* it ourselves. */
|
|
|
|
return 1;
|
|
|
|
}
|
2011-08-29 17:18:06 +02:00
|
|
|
if (options->FetchUselessDescriptors) {
|
|
|
|
/* In order to get all descriptors, we need to fetch all consensuses. */
|
|
|
|
return 1;
|
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
/* Otherwise, we want the flavor only if we want to use it to build
|
|
|
|
* circuits. */
|
2010-11-08 20:21:32 +01:00
|
|
|
return flavor == usable_consensus_flavor();
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** How many times will we try to fetch a consensus before we give up? */
|
2007-10-22 21:31:50 +02:00
|
|
|
#define CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES 8
|
2008-02-08 22:13:15 +01:00
|
|
|
/** How long will we hang onto a possibly live consensus for which we're
|
|
|
|
* fetching certs before we check whether there is a better one? */
|
2007-10-24 21:53:11 +02:00
|
|
|
#define DELAY_WHILE_FETCHING_CERTS (20*60)
|
2007-10-22 20:21:22 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** If we want to download a fresh consensus, launch a new download as
|
2007-11-29 16:23:41 +01:00
|
|
|
* appropriate. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static void
|
|
|
|
update_consensus_networkstatus_downloads(time_t now)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
|
2010-09-17 04:12:03 +02:00
|
|
|
/* XXXX need some way to download unknown flavors if we are caching. */
|
|
|
|
const char *resource;
|
|
|
|
consensus_waiting_for_certs_t *waiting;
|
2012-03-28 08:55:33 +02:00
|
|
|
networkstatus_t *c;
|
2010-09-17 04:12:03 +02:00
|
|
|
|
|
|
|
if (! we_want_to_fetch_flavor(options, i))
|
|
|
|
continue;
|
|
|
|
|
2012-03-28 08:55:33 +02:00
|
|
|
c = networkstatus_get_latest_consensus_by_flavor(i);
|
|
|
|
if (! (c && c->valid_after <= now && now <= c->valid_until)) {
|
|
|
|
/* No live consensus? Get one now!*/
|
|
|
|
time_to_download_next_consensus[i] = now;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (time_to_download_next_consensus[i] > now)
|
|
|
|
return; /* Wait until the current consensus is older. */
|
|
|
|
|
2011-02-23 18:32:15 +01:00
|
|
|
resource = networkstatus_get_flavor_name(i);
|
2010-09-17 04:12:03 +02:00
|
|
|
|
|
|
|
if (!download_status_is_ready(&consensus_dl_status[i], now,
|
|
|
|
CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES))
|
|
|
|
continue; /* We failed downloading a consensus too recently. */
|
|
|
|
if (connection_dir_get_by_purpose_and_resource(
|
|
|
|
DIR_PURPOSE_FETCH_CONSENSUS, resource))
|
|
|
|
continue; /* There's an in-progress download.*/
|
|
|
|
|
|
|
|
waiting = &consensus_waiting_for_certs[i];
|
2009-10-13 23:06:01 +02:00
|
|
|
if (waiting->consensus) {
|
|
|
|
/* XXXX make sure this doesn't delay sane downloads. */
|
2010-09-17 04:12:03 +02:00
|
|
|
if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now) {
|
|
|
|
continue; /* We're still getting certs for this one. */
|
|
|
|
} else {
|
2009-10-13 23:06:01 +02:00
|
|
|
if (!waiting->dl_failed) {
|
2010-09-17 04:12:03 +02:00
|
|
|
download_status_failed(&consensus_dl_status[i], 0);
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->dl_failed=1;
|
|
|
|
}
|
2007-10-24 21:53:11 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
log_info(LD_DIR, "Launching %s networkstatus consensus download.",
|
|
|
|
networkstatus_get_flavor_name(i));
|
|
|
|
|
|
|
|
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
|
|
|
|
ROUTER_PURPOSE_GENERAL, resource,
|
|
|
|
PDS_RETRY_IF_NO_SERVERS);
|
|
|
|
}
|
2007-10-10 21:33:19 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Called when an attempt to download a consensus fails: note that the
|
|
|
|
* failure occurred, and possibly retry. */
|
2007-10-10 21:33:19 +02:00
|
|
|
void
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_consensus_download_failed(int status_code, const char *flavname)
|
2007-10-10 21:33:19 +02:00
|
|
|
{
|
2010-09-17 04:12:03 +02:00
|
|
|
int flav = networkstatus_parse_flavor_name(flavname);
|
|
|
|
if (flav >= 0) {
|
|
|
|
tor_assert(flav < N_CONSENSUS_FLAVORS);
|
|
|
|
/* XXXX handle unrecognized flavors */
|
|
|
|
download_status_failed(&consensus_dl_status[flav], status_code);
|
|
|
|
/* Retry immediately, if appropriate. */
|
|
|
|
update_consensus_networkstatus_downloads(time(NULL));
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** How long do we (as a cache) wait after a consensus becomes non-fresh
|
|
|
|
* before trying to fetch another? */
|
2007-10-22 20:21:22 +02:00
|
|
|
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Update the time at which we'll consider replacing the current
|
2012-03-28 08:55:33 +02:00
|
|
|
* consensus of flavor <b>flav</b> */
|
|
|
|
static void
|
|
|
|
update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2012-03-28 08:55:33 +02:00
|
|
|
networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
|
|
|
|
const char *flavor = networkstatus_get_flavor_name(flav);
|
|
|
|
if (! we_want_to_fetch_flavor(get_options(), flav))
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (c && c->valid_after <= now && now <= c->valid_until) {
|
2007-10-18 16:19:56 +02:00
|
|
|
long dl_interval;
|
|
|
|
long interval = c->fresh_until - c->valid_after;
|
2010-07-31 19:48:41 +02:00
|
|
|
long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
2007-10-08 23:21:50 +02:00
|
|
|
time_t start;
|
2010-07-31 19:48:41 +02:00
|
|
|
|
|
|
|
if (min_sec_before_caching > interval/16) {
|
|
|
|
/* Usually we allow 2-minutes slop factor in case clocks get
|
|
|
|
desynchronized a little. If we're on a private network with
|
|
|
|
a crazy-fast voting interval, though, 2 minutes may be too
|
|
|
|
much. */
|
|
|
|
min_sec_before_caching = interval/16;
|
|
|
|
}
|
|
|
|
|
2007-12-21 07:08:00 +01:00
|
|
|
if (directory_fetches_dir_info_early(options)) {
|
2007-10-22 20:21:22 +02:00
|
|
|
/* We want to cache the next one at some point after this one
|
|
|
|
* is no longer fresh... */
|
2010-07-31 19:48:41 +02:00
|
|
|
start = c->fresh_until + min_sec_before_caching;
|
2009-07-12 03:43:33 +02:00
|
|
|
/* Some clients may need the consensus sooner than others. */
|
2010-09-13 03:28:49 +02:00
|
|
|
if (options->FetchDirInfoExtraEarly || authdir_mode_v3(options)) {
|
2009-07-12 03:43:33 +02:00
|
|
|
dl_interval = 60;
|
2010-08-17 18:07:19 +02:00
|
|
|
if (min_sec_before_caching + dl_interval > interval)
|
|
|
|
dl_interval = interval/2;
|
2009-07-12 03:43:33 +02:00
|
|
|
} else {
|
|
|
|
/* But only in the first half-interval after that. */
|
|
|
|
dl_interval = interval/2;
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2007-12-06 18:01:16 +01:00
|
|
|
/* We're an ordinary client or a bridge. Give all the caches enough
|
|
|
|
* time to download the consensus. */
|
2007-10-18 16:19:56 +02:00
|
|
|
start = c->fresh_until + (interval*3)/4;
|
2007-12-06 18:01:16 +01:00
|
|
|
/* But download the next one well before this one is expired. */
|
2007-10-22 20:21:22 +02:00
|
|
|
dl_interval = ((c->valid_until - start) * 7 )/ 8;
|
2007-12-06 18:01:16 +01:00
|
|
|
|
|
|
|
/* If we're a bridge user, make use of the numbers we just computed
|
|
|
|
* to choose the rest of the interval *after* them. */
|
2007-12-21 07:08:00 +01:00
|
|
|
if (directory_fetches_dir_info_later(options)) {
|
2007-12-06 18:01:16 +01:00
|
|
|
/* Give all the *clients* enough time to download the consensus. */
|
2010-07-31 19:48:41 +02:00
|
|
|
start = start + dl_interval + min_sec_before_caching;
|
2007-12-06 18:01:16 +01:00
|
|
|
/* But try to get it before ours actually expires. */
|
2010-07-31 19:48:41 +02:00
|
|
|
dl_interval = (c->valid_until - start) - min_sec_before_caching;
|
2007-12-06 18:01:16 +01:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-18 16:19:56 +02:00
|
|
|
if (dl_interval < 1)
|
|
|
|
dl_interval = 1;
|
2009-06-20 09:21:52 +02:00
|
|
|
/* We must not try to replace c while it's still fresh: */
|
2007-10-18 16:19:56 +02:00
|
|
|
tor_assert(c->fresh_until < start);
|
|
|
|
/* We must download the next one before c is invalid: */
|
|
|
|
tor_assert(start+dl_interval < c->valid_until);
|
2012-03-28 08:55:33 +02:00
|
|
|
time_to_download_next_consensus[flav] =
|
|
|
|
start + crypto_rand_int((int)dl_interval);
|
2007-10-17 23:26:22 +02:00
|
|
|
{
|
2007-10-18 16:50:59 +02:00
|
|
|
char tbuf1[ISO_TIME_LEN+1];
|
|
|
|
char tbuf2[ISO_TIME_LEN+1];
|
|
|
|
char tbuf3[ISO_TIME_LEN+1];
|
|
|
|
format_local_iso_time(tbuf1, c->fresh_until);
|
|
|
|
format_local_iso_time(tbuf2, c->valid_until);
|
2012-03-28 08:55:33 +02:00
|
|
|
format_local_iso_time(tbuf3, time_to_download_next_consensus[flav]);
|
2012-03-28 15:02:15 +02:00
|
|
|
log_info(LD_DIR, "Live %s consensus %s the most recent until %s and "
|
|
|
|
"will expire at %s; fetching the next one at %s.",
|
2012-03-28 08:55:33 +02:00
|
|
|
flavor, (c->fresh_until > now) ? "will be" : "was",
|
2007-10-18 16:50:59 +02:00
|
|
|
tbuf1, tbuf2, tbuf3);
|
2007-10-17 23:26:22 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2012-03-28 08:55:33 +02:00
|
|
|
time_to_download_next_consensus[flav] = now;
|
|
|
|
log_info(LD_DIR, "No live %s consensus; we should fetch one immediately.",
|
|
|
|
flavor);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Update the time at which we'll consider replacing the current
|
|
|
|
* consensus of flavor 'flavor' */
|
|
|
|
void
|
|
|
|
update_consensus_networkstatus_fetch_time(time_t now)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
if (we_want_to_fetch_flavor(get_options(), i))
|
|
|
|
update_consensus_networkstatus_fetch_time_impl(now, i);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return 1 if there's a reason we shouldn't try any directory
|
|
|
|
* fetches yet (e.g. we demand bridges and none are yet known).
|
|
|
|
* Else return 0. */
|
|
|
|
int
|
2011-06-14 19:01:38 +02:00
|
|
|
should_delay_dir_fetches(const or_options_t *options)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
if (options->UseBridges && !any_bridge_descriptors_known()) {
|
2007-12-25 00:51:22 +01:00
|
|
|
log_info(LD_DIR, "delaying dir fetches (no running bridges known)");
|
2007-10-08 23:21:50 +02:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-10 21:33:19 +02:00
|
|
|
/** Launch requests for networkstatus documents and authority certificates as
|
|
|
|
* appropriate. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
update_networkstatus_downloads(time_t now)
|
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-10-08 23:21:50 +02:00
|
|
|
if (should_delay_dir_fetches(options))
|
|
|
|
return;
|
2011-04-28 16:05:32 +02:00
|
|
|
if (authdir_mode_any_main(options) || options->FetchV2Networkstatus)
|
2007-10-10 21:33:19 +02:00
|
|
|
update_v2_networkstatus_cache_downloads(now);
|
2007-10-08 23:21:50 +02:00
|
|
|
update_consensus_networkstatus_downloads(now);
|
2007-10-22 19:31:22 +02:00
|
|
|
update_certificate_downloads(now);
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Launch requests as appropriate for missing directory authority
|
|
|
|
* certificates. */
|
2007-10-22 19:31:22 +02:00
|
|
|
void
|
|
|
|
update_certificate_downloads(time_t now)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
|
|
|
for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
if (consensus_waiting_for_certs[i].consensus)
|
|
|
|
authority_certs_fetch_missing(consensus_waiting_for_certs[i].consensus,
|
|
|
|
now);
|
|
|
|
}
|
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
if (current_ns_consensus)
|
|
|
|
authority_certs_fetch_missing(current_ns_consensus, now);
|
2010-12-06 17:26:45 +01:00
|
|
|
if (current_md_consensus)
|
2010-09-17 04:12:03 +02:00
|
|
|
authority_certs_fetch_missing(current_md_consensus, now);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2008-06-07 07:27:34 +02:00
|
|
|
/** Return 1 if we have a consensus but we don't have enough certificates
|
|
|
|
* to start using it yet. */
|
|
|
|
int
|
|
|
|
consensus_is_waiting_for_certs(void)
|
|
|
|
{
|
2010-11-08 20:21:32 +01:00
|
|
|
return consensus_waiting_for_certs[usable_consensus_flavor()].consensus
|
2009-10-13 23:06:01 +02:00
|
|
|
? 1 : 0;
|
2008-06-07 07:27:34 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Return the network status with a given identity digest. */
|
2007-10-16 01:15:24 +02:00
|
|
|
networkstatus_v2_t *
|
|
|
|
networkstatus_v2_get_by_digest(const char *digest)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(ns->identity_digest, digest, DIGEST_LEN))
|
2007-10-08 23:21:50 +02:00
|
|
|
return ns;
|
|
|
|
});
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return the most recent consensus that we have downloaded, or NULL if we
|
|
|
|
* don't have one. */
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_t *
|
2007-10-08 23:21:50 +02:00
|
|
|
networkstatus_get_latest_consensus(void)
|
|
|
|
{
|
|
|
|
return current_consensus;
|
|
|
|
}
|
|
|
|
|
2012-06-05 00:50:13 +02:00
|
|
|
/** Return the latest consensus we have whose flavor matches <b>f</b>, or NULL
|
|
|
|
* if we don't have one. */
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_t *
|
|
|
|
networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
|
|
|
|
{
|
|
|
|
if (f == FLAV_NS)
|
|
|
|
return current_ns_consensus;
|
|
|
|
else if (f == FLAV_MICRODESC)
|
|
|
|
return current_md_consensus;
|
2012-05-14 19:07:27 +02:00
|
|
|
else {
|
2010-09-17 04:12:03 +02:00
|
|
|
tor_assert(0);
|
2012-05-14 19:07:27 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Return the most recent consensus that we have downloaded, or NULL if it is
|
|
|
|
* no longer live. */
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_t *
|
2007-10-08 23:21:50 +02:00
|
|
|
networkstatus_get_live_consensus(time_t now)
|
|
|
|
{
|
|
|
|
if (current_consensus &&
|
|
|
|
current_consensus->valid_after <= now &&
|
|
|
|
now <= current_consensus->valid_until)
|
|
|
|
return current_consensus;
|
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2008-12-18 17:11:03 +01:00
|
|
|
/* XXXX remove this in favor of get_live_consensus. But actually,
|
2007-12-05 20:23:03 +01:00
|
|
|
* leave something like it for bridge users, who need to not totally
|
|
|
|
* lose if they spend a while fetching a new consensus. */
|
2008-02-08 22:13:15 +01:00
|
|
|
/** As networkstatus_get_live_consensus(), but is way more tolerant of expired
|
|
|
|
* consensuses. */
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_t *
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
|
2007-10-25 03:53:49 +02:00
|
|
|
{
|
|
|
|
#define REASONABLY_LIVE_TIME (24*60*60)
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_t *consensus =
|
|
|
|
networkstatus_get_latest_consensus_by_flavor(flavor);
|
|
|
|
if (consensus &&
|
|
|
|
consensus->valid_after <= now &&
|
|
|
|
now <= consensus->valid_until+REASONABLY_LIVE_TIME)
|
|
|
|
return consensus;
|
2007-10-25 03:53:49 +02:00
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2007-12-31 22:12:16 +01:00
|
|
|
/** Given two router status entries for the same router identity, return 1 if
|
|
|
|
* if the contents have changed between them. Otherwise, return 0. */
|
|
|
|
static int
|
|
|
|
routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
|
|
|
|
{
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_assert(tor_memeq(a->identity_digest, b->identity_digest, DIGEST_LEN));
|
2007-12-31 22:12:16 +01:00
|
|
|
|
|
|
|
return strcmp(a->nickname, b->nickname) ||
|
2011-05-10 22:58:38 +02:00
|
|
|
fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
|
2007-12-31 22:12:16 +01:00
|
|
|
a->addr != b->addr ||
|
|
|
|
a->or_port != b->or_port ||
|
|
|
|
a->dir_port != b->dir_port ||
|
|
|
|
a->is_authority != b->is_authority ||
|
|
|
|
a->is_exit != b->is_exit ||
|
|
|
|
a->is_stable != b->is_stable ||
|
|
|
|
a->is_fast != b->is_fast ||
|
2010-09-30 20:58:27 +02:00
|
|
|
a->is_flagged_running != b->is_flagged_running ||
|
2007-12-31 22:12:16 +01:00
|
|
|
a->is_named != b->is_named ||
|
|
|
|
a->is_unnamed != b->is_unnamed ||
|
|
|
|
a->is_valid != b->is_valid ||
|
|
|
|
a->is_v2_dir != b->is_v2_dir ||
|
|
|
|
a->is_possible_guard != b->is_possible_guard ||
|
|
|
|
a->is_bad_exit != b->is_bad_exit ||
|
|
|
|
a->is_bad_directory != b->is_bad_directory ||
|
|
|
|
a->is_hs_dir != b->is_hs_dir ||
|
2012-09-08 05:21:18 +02:00
|
|
|
a->version_known != b->version_known;
|
2007-12-31 22:12:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/** Notify controllers of any router status entries that changed between
|
|
|
|
* <b>old_c</b> and <b>new_c</b>. */
|
|
|
|
static void
|
2008-02-05 22:39:29 +01:00
|
|
|
notify_control_networkstatus_changed(const networkstatus_t *old_c,
|
|
|
|
const networkstatus_t *new_c)
|
2007-12-31 22:12:16 +01:00
|
|
|
{
|
|
|
|
smartlist_t *changed;
|
|
|
|
if (old_c == new_c)
|
|
|
|
return;
|
2009-02-16 07:18:03 +01:00
|
|
|
|
2009-02-16 11:39:10 +01:00
|
|
|
/* tell the controller exactly which relays are still listed, as well
|
|
|
|
* as what they're listed as */
|
2009-02-16 07:18:03 +01:00
|
|
|
control_event_newconsensus(new_c);
|
|
|
|
|
2009-02-20 11:25:08 +01:00
|
|
|
if (!control_event_is_interesting(EVENT_NS))
|
|
|
|
return;
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
if (!old_c) {
|
|
|
|
control_event_networkstatus_changed(new_c->routerstatus_list);
|
|
|
|
return;
|
|
|
|
}
|
2012-01-18 21:53:30 +01:00
|
|
|
changed = smartlist_new();
|
2007-12-31 22:12:16 +01:00
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(
|
|
|
|
old_c->routerstatus_list, const routerstatus_t *, rs_old,
|
|
|
|
new_c->routerstatus_list, const routerstatus_t *, rs_new,
|
2011-05-11 22:39:45 +02:00
|
|
|
tor_memcmp(rs_old->identity_digest,
|
2010-09-29 07:35:08 +02:00
|
|
|
rs_new->identity_digest, DIGEST_LEN),
|
|
|
|
smartlist_add(changed, (void*) rs_new)) {
|
2008-04-07 18:28:34 +02:00
|
|
|
if (routerstatus_has_changed(rs_old, rs_new))
|
2010-09-29 07:35:08 +02:00
|
|
|
smartlist_add(changed, (void*)rs_new);
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
|
2007-12-31 22:12:16 +01:00
|
|
|
|
|
|
|
control_event_networkstatus_changed(changed);
|
|
|
|
smartlist_free(changed);
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Copy all the ancillary information (like router download status and so on)
|
2007-10-19 01:14:58 +02:00
|
|
|
* from <b>old_c</b> to <b>new_c</b>. */
|
2007-10-16 01:15:24 +02:00
|
|
|
static void
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_copy_old_consensus_info(networkstatus_t *new_c,
|
|
|
|
const networkstatus_t *old_c)
|
2007-10-16 01:15:24 +02:00
|
|
|
{
|
|
|
|
if (old_c == new_c)
|
|
|
|
return;
|
2008-04-07 18:28:34 +02:00
|
|
|
if (!old_c || !smartlist_len(old_c->routerstatus_list))
|
2007-10-16 01:15:24 +02:00
|
|
|
return;
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(old_c->routerstatus_list, routerstatus_t *, rs_old,
|
|
|
|
new_c->routerstatus_list, routerstatus_t *, rs_new,
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_memcmp(rs_old->identity_digest,
|
2008-04-07 18:28:34 +02:00
|
|
|
rs_new->identity_digest, DIGEST_LEN),
|
|
|
|
STMT_NIL) {
|
2007-10-16 01:15:24 +02:00
|
|
|
/* Okay, so we're looking at the same identity. */
|
|
|
|
rs_new->last_dir_503_at = rs_old->last_dir_503_at;
|
|
|
|
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
|
2007-10-16 01:15:24 +02:00
|
|
|
DIGEST_LEN)) {
|
|
|
|
/* And the same descriptor too! */
|
|
|
|
memcpy(&rs_new->dl_status, &rs_old->dl_status,sizeof(download_status_t));
|
|
|
|
}
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Try to replace the current cached v3 networkstatus with the one in
|
|
|
|
* <b>consensus</b>. If we don't have enough certificates to validate it,
|
|
|
|
* store it in consensus_waiting_for_certs and launch a certificate fetch.
|
|
|
|
*
|
2008-12-09 19:16:41 +01:00
|
|
|
* If flags & NSSET_FROM_CACHE, this networkstatus has come from the disk
|
|
|
|
* cache. If flags & NSSET_WAS_WAITING_FOR_CERTS, this networkstatus was
|
|
|
|
* already received, but we were waiting for certificates on it. If flags &
|
|
|
|
* NSSET_DONT_DOWNLOAD_CERTS, do not launch certificate downloads as needed.
|
2009-01-05 17:56:11 +01:00
|
|
|
* If flags & NSSET_ACCEPT_OBSOLETE, then we should be willing to take this
|
|
|
|
* consensus, even if it comes from many days in the past.
|
2008-12-09 19:16:41 +01:00
|
|
|
*
|
2007-11-03 16:55:15 +01:00
|
|
|
* Return 0 on success, <0 on failure. On failure, caller should increment
|
2007-10-24 21:53:11 +02:00
|
|
|
* the failure count as appropriate.
|
2007-11-03 16:55:15 +01:00
|
|
|
*
|
|
|
|
* We return -1 for mild failures that don't need to be reported to the
|
|
|
|
* user, and -2 for more serious problems.
|
2007-10-24 21:53:11 +02:00
|
|
|
*/
|
2007-10-08 23:21:50 +02:00
|
|
|
int
|
2009-10-13 23:06:01 +02:00
|
|
|
networkstatus_set_current_consensus(const char *consensus,
|
|
|
|
const char *flavor,
|
|
|
|
unsigned flags)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
networkstatus_t *c=NULL;
|
2007-11-03 16:55:15 +01:00
|
|
|
int r, result = -1;
|
2007-10-08 23:21:50 +02:00
|
|
|
time_t now = time(NULL);
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-10-17 18:55:44 +02:00
|
|
|
char *unverified_fname = NULL, *consensus_fname = NULL;
|
2009-10-13 23:06:01 +02:00
|
|
|
int flav = networkstatus_parse_flavor_name(flavor);
|
2008-01-07 20:15:34 +01:00
|
|
|
const unsigned from_cache = flags & NSSET_FROM_CACHE;
|
|
|
|
const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
|
|
|
|
const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
|
2009-01-05 17:56:11 +01:00
|
|
|
const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
|
2009-10-13 23:06:01 +02:00
|
|
|
const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
|
|
|
|
const digests_t *current_digests = NULL;
|
|
|
|
consensus_waiting_for_certs_t *waiting = NULL;
|
|
|
|
time_t current_valid_after = 0;
|
2010-10-20 20:40:09 +02:00
|
|
|
int free_consensus = 1; /* Free 'c' at the end of the function */
|
2012-10-02 05:27:51 +02:00
|
|
|
int old_ewma_enabled;
|
2009-10-13 23:06:01 +02:00
|
|
|
|
|
|
|
if (flav < 0) {
|
|
|
|
/* XXXX we don't handle unrecognized flavors yet. */
|
|
|
|
log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
|
|
|
|
return -2;
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/* Make sure it's parseable. */
|
2008-07-24 11:22:27 +02:00
|
|
|
c = networkstatus_parse_vote_from_string(consensus, NULL, NS_TYPE_CONSENSUS);
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!c) {
|
|
|
|
log_warn(LD_DIR, "Unable to parse networkstatus consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
result = -2;
|
2007-10-17 18:55:44 +02:00
|
|
|
goto done;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2009-12-14 10:07:20 +01:00
|
|
|
if ((int)c->flavor != flav) {
|
2009-10-13 23:06:01 +02:00
|
|
|
/* This wasn't the flavor we thought we were getting. */
|
|
|
|
if (require_flavor) {
|
|
|
|
log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
|
|
|
|
networkstatus_get_flavor_name(c->flavor), flavor);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
flav = c->flavor;
|
|
|
|
flavor = networkstatus_get_flavor_name(flav);
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (flav != usable_consensus_flavor() &&
|
2010-08-15 10:01:42 +02:00
|
|
|
!directory_caches_dir_info(options)) {
|
2009-10-13 23:06:01 +02:00
|
|
|
/* This consensus is totally boring to us: we won't use it, and we won't
|
|
|
|
* serve it. Drop it. */
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-01-05 17:56:11 +01:00
|
|
|
if (from_cache && !accept_obsolete &&
|
|
|
|
c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
|
2011-03-25 21:01:16 +01:00
|
|
|
/* XXXX If we try to make fallbackconsensus work again, we should
|
2009-01-05 17:56:11 +01:00
|
|
|
* consider taking this out. Until then, believing obsolete consensuses
|
|
|
|
* is causing more harm than good. See also bug 887. */
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
|
2009-01-05 17:56:11 +01:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
if (!strcmp(flavor, "ns")) {
|
|
|
|
consensus_fname = get_datadir_fname("cached-consensus");
|
|
|
|
unverified_fname = get_datadir_fname("unverified-consensus");
|
2010-09-17 04:12:03 +02:00
|
|
|
if (current_ns_consensus) {
|
|
|
|
current_digests = ¤t_ns_consensus->digests;
|
|
|
|
current_valid_after = current_ns_consensus->valid_after;
|
|
|
|
}
|
|
|
|
} else if (!strcmp(flavor, "microdesc")) {
|
|
|
|
consensus_fname = get_datadir_fname("cached-microdesc-consensus");
|
|
|
|
unverified_fname = get_datadir_fname("unverified-microdesc-consensus");
|
|
|
|
if (current_md_consensus) {
|
|
|
|
current_digests = ¤t_md_consensus->digests;
|
|
|
|
current_valid_after = current_md_consensus->valid_after;
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
cached_dir_t *cur;
|
|
|
|
char buf[128];
|
|
|
|
tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
|
|
|
|
consensus_fname = get_datadir_fname(buf);
|
|
|
|
tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
|
|
|
|
unverified_fname = get_datadir_fname(buf);
|
|
|
|
cur = dirserv_get_consensus(flavor);
|
|
|
|
if (cur) {
|
|
|
|
current_digests = &cur->digests;
|
|
|
|
current_valid_after = cur->published;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (current_digests &&
|
2011-05-11 22:23:42 +02:00
|
|
|
tor_memeq(&c->digests, current_digests, sizeof(c->digests))) {
|
2007-10-24 21:53:11 +02:00
|
|
|
/* We already have this one. That's a failure. */
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Got a %s consensus we already have", flavor);
|
2007-10-24 21:53:11 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
if (current_valid_after && c->valid_after <= current_valid_after) {
|
2007-10-30 16:17:01 +01:00
|
|
|
/* We have a newer one. There's no point in accepting this one,
|
|
|
|
* even if it's great. */
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
|
|
|
|
flavor);
|
2007-10-24 21:53:11 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Make sure it's signed enough. */
|
|
|
|
if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
|
2008-01-07 16:41:47 +01:00
|
|
|
if (r == -1) {
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Okay, so it _might_ be signed enough if we get more certificates. */
|
2007-11-03 16:55:15 +01:00
|
|
|
if (!was_waiting_for_certs) {
|
2008-04-24 07:32:55 +02:00
|
|
|
log_info(LD_DIR,
|
|
|
|
"Not enough certificates to check networkstatus consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
}
|
2009-10-13 23:06:01 +02:00
|
|
|
if (!current_valid_after ||
|
|
|
|
c->valid_after > current_valid_after) {
|
|
|
|
waiting = &consensus_waiting_for_certs[flav];
|
2009-12-12 08:07:59 +01:00
|
|
|
networkstatus_vote_free(waiting->consensus);
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_free(waiting->body);
|
|
|
|
waiting->consensus = c;
|
2010-10-20 20:40:09 +02:00
|
|
|
free_consensus = 0;
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->body = tor_strdup(consensus);
|
|
|
|
waiting->set_at = now;
|
|
|
|
waiting->dl_failed = 0;
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!from_cache) {
|
2007-10-17 18:55:44 +02:00
|
|
|
write_str_to_file(unverified_fname, consensus, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2008-01-07 20:15:34 +01:00
|
|
|
if (dl_certs)
|
|
|
|
authority_certs_fetch_missing(c, now);
|
2007-10-24 21:53:11 +02:00
|
|
|
/* This case is not a success or a failure until we get the certs
|
|
|
|
* or fail to get the certs. */
|
|
|
|
result = 0;
|
2007-10-17 18:55:44 +02:00
|
|
|
} else {
|
|
|
|
/* Even if we had enough signatures, we'd never use this as the
|
|
|
|
* latest consensus. */
|
|
|
|
if (was_waiting_for_certs && from_cache)
|
|
|
|
unlink(unverified_fname);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-17 18:55:44 +02:00
|
|
|
goto done;
|
2007-11-03 16:55:15 +01:00
|
|
|
} else {
|
2007-10-24 21:53:11 +02:00
|
|
|
/* This can never be signed enough: Kill it. */
|
2007-11-03 16:55:15 +01:00
|
|
|
if (!was_waiting_for_certs) {
|
2007-10-08 23:21:50 +02:00
|
|
|
log_warn(LD_DIR, "Not enough good signatures on networkstatus "
|
|
|
|
"consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
result = -2;
|
|
|
|
}
|
2007-10-24 21:53:11 +02:00
|
|
|
if (was_waiting_for_certs && (r < -1) && from_cache)
|
2007-10-17 18:55:44 +02:00
|
|
|
unlink(unverified_fname);
|
|
|
|
goto done;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (!from_cache && flav == usable_consensus_flavor())
|
2008-12-09 19:16:41 +01:00
|
|
|
control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Are we missing any certificates at all? */
|
2008-01-07 20:15:34 +01:00
|
|
|
if (r != 1 && dl_certs)
|
2007-10-10 21:33:19 +02:00
|
|
|
authority_certs_fetch_missing(c, now);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (flav == usable_consensus_flavor()) {
|
2009-10-13 23:06:01 +02:00
|
|
|
notify_control_networkstatus_changed(current_consensus, c);
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
if (flav == FLAV_NS) {
|
|
|
|
if (current_ns_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_ns_consensus);
|
|
|
|
networkstatus_vote_free(current_ns_consensus);
|
2010-10-20 18:34:02 +02:00
|
|
|
/* Defensive programming : we should set current_consensus very soon,
|
|
|
|
* but we're about to call some stuff in the meantime, and leaving this
|
|
|
|
* dangling pointer around has proven to be trouble. */
|
2010-10-20 19:53:11 +02:00
|
|
|
current_ns_consensus = NULL;
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
current_ns_consensus = c;
|
|
|
|
free_consensus = 0; /* avoid free */
|
|
|
|
} else if (flav == FLAV_MICRODESC) {
|
|
|
|
if (current_md_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_md_consensus);
|
|
|
|
networkstatus_vote_free(current_md_consensus);
|
2010-10-20 19:53:11 +02:00
|
|
|
/* more defensive programming */
|
|
|
|
current_md_consensus = NULL;
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
current_md_consensus = c;
|
|
|
|
free_consensus = 0; /* avoid free */
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting = &consensus_waiting_for_certs[flav];
|
|
|
|
if (waiting->consensus &&
|
|
|
|
waiting->consensus->valid_after <= c->valid_after) {
|
|
|
|
networkstatus_vote_free(waiting->consensus);
|
|
|
|
waiting->consensus = NULL;
|
|
|
|
if (consensus != waiting->body)
|
|
|
|
tor_free(waiting->body);
|
2007-11-06 19:00:09 +01:00
|
|
|
else
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->body = NULL;
|
|
|
|
waiting->set_at = 0;
|
|
|
|
waiting->dl_failed = 0;
|
2007-10-17 18:55:44 +02:00
|
|
|
unlink(unverified_fname);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-24 21:53:11 +02:00
|
|
|
/* Reset the failure count only if this consensus is actually valid. */
|
|
|
|
if (c->valid_after <= now && now <= c->valid_until) {
|
2009-10-13 23:06:01 +02:00
|
|
|
download_status_reset(&consensus_dl_status[flav]);
|
2007-10-24 21:53:11 +02:00
|
|
|
} else {
|
|
|
|
if (!from_cache)
|
2009-10-13 23:06:01 +02:00
|
|
|
download_status_failed(&consensus_dl_status[flav], 0);
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (flav == usable_consensus_flavor()) {
|
|
|
|
/* XXXXNM Microdescs: needs a non-ns variant. ???? NM*/
|
2009-10-13 23:06:01 +02:00
|
|
|
update_consensus_networkstatus_fetch_time(now);
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2010-09-28 19:29:31 +02:00
|
|
|
nodelist_set_consensus(current_consensus);
|
|
|
|
|
2010-08-15 10:01:42 +02:00
|
|
|
dirvote_recalculate_timing(options, now);
|
2009-10-13 23:06:01 +02:00
|
|
|
routerstatus_list_update_named_server_map();
|
2012-10-02 05:27:51 +02:00
|
|
|
|
|
|
|
/* Update ewma and adjust policy if needed; first cache the old value */
|
|
|
|
old_ewma_enabled = cell_ewma_enabled();
|
|
|
|
/* Change the cell EWMA settings */
|
|
|
|
cell_ewma_set_scale_factor(options, networkstatus_get_latest_consensus());
|
|
|
|
/* If we just enabled ewma, set the cmux policy on all active channels */
|
|
|
|
if (cell_ewma_enabled() && !old_ewma_enabled) {
|
|
|
|
channel_set_cmux_policy_everywhere(&ewma_policy);
|
|
|
|
} else if (!cell_ewma_enabled() && old_ewma_enabled) {
|
|
|
|
/* Turn it off everywhere */
|
|
|
|
channel_set_cmux_policy_everywhere(NULL);
|
|
|
|
}
|
|
|
|
|
2012-06-15 15:37:40 +02:00
|
|
|
/* XXXX024 this call might be unnecessary here: can changing the
|
2011-03-25 22:21:16 +01:00
|
|
|
* current consensus really alter our view of any OR's rate limits? */
|
2010-08-15 10:01:42 +02:00
|
|
|
connection_or_update_token_buckets(get_connection_array(), options);
|
|
|
|
|
2010-01-22 01:10:02 +01:00
|
|
|
circuit_build_times_new_consensus_params(&circ_times, current_consensus);
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2010-10-20 18:34:02 +02:00
|
|
|
if (directory_caches_dir_info(options)) {
|
|
|
|
dirserv_set_cached_consensus_networkstatus(consensus,
|
|
|
|
flavor,
|
|
|
|
&c->digests,
|
|
|
|
c->valid_after);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!from_cache) {
|
2007-10-17 18:55:44 +02:00
|
|
|
write_str_to_file(consensus_fname, consensus, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2011-03-25 20:27:06 +01:00
|
|
|
/** If a consensus appears more than this many seconds before its declared
|
|
|
|
* valid-after time, declare that our clock is skewed. */
|
|
|
|
#define EARLY_CONSENSUS_NOTICE_SKEW 60
|
|
|
|
|
2011-06-07 20:46:28 +02:00
|
|
|
if (now < c->valid_after - EARLY_CONSENSUS_NOTICE_SKEW) {
|
2007-10-30 16:17:07 +01:00
|
|
|
char tbuf[ISO_TIME_LEN+1];
|
|
|
|
char dbuf[64];
|
2010-09-17 04:12:03 +02:00
|
|
|
long delta = now - c->valid_after;
|
|
|
|
format_iso_time(tbuf, c->valid_after);
|
2007-10-30 16:17:07 +01:00
|
|
|
format_time_interval(dbuf, sizeof(dbuf), delta);
|
|
|
|
log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
|
|
|
|
"consensus network status document (%s GMT). Tor needs an "
|
|
|
|
"accurate clock to work correctly. Please check your time and "
|
|
|
|
"date settings!", dbuf, tbuf);
|
|
|
|
control_event_general_status(LOG_WARN,
|
|
|
|
"CLOCK_SKEW MIN_SKEW=%ld SOURCE=CONSENSUS", delta);
|
2007-10-30 16:17:01 +01:00
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
router_dir_info_changed();
|
|
|
|
|
2007-10-17 18:55:44 +02:00
|
|
|
result = 0;
|
|
|
|
done:
|
2010-09-17 04:12:03 +02:00
|
|
|
if (free_consensus)
|
|
|
|
networkstatus_vote_free(c);
|
2007-10-17 18:55:44 +02:00
|
|
|
tor_free(consensus_fname);
|
|
|
|
tor_free(unverified_fname);
|
|
|
|
return result;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Called when we have gotten more certificates: see whether we can
|
|
|
|
* now verify a pending consensus. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
networkstatus_note_certs_arrived(void)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
|
|
|
for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
|
|
|
|
if (!waiting->consensus)
|
|
|
|
continue;
|
|
|
|
if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!networkstatus_set_current_consensus(
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->body,
|
|
|
|
networkstatus_get_flavor_name(i),
|
2008-01-07 20:15:34 +01:00
|
|
|
NSSET_WAS_WAITING_FOR_CERTS)) {
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_free(waiting->body);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** If the network-status list has changed since the last time we called this
|
|
|
|
* function, update the status of every routerinfo from the network-status
|
2007-11-11 18:37:59 +01:00
|
|
|
* list. If <b>dir_version</b> is 2, it's a v2 networkstatus that changed.
|
|
|
|
* If <b>dir_version</b> is 3, it's a v3 consensus that changed.
|
2007-10-08 23:21:50 +02:00
|
|
|
*/
|
|
|
|
void
|
2007-11-11 18:37:59 +01:00
|
|
|
routers_update_all_from_networkstatus(time_t now, int dir_version)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
|
|
|
|
FLAV_NS);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
if (networkstatus_v2_list_has_changed)
|
|
|
|
download_status_map_update_from_v2_networkstatus();
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-11-11 18:37:59 +01:00
|
|
|
if (!consensus || dir_version < 3) /* nothing more we should do */
|
2007-10-16 01:44:32 +02:00
|
|
|
return;
|
|
|
|
|
2008-06-05 11:01:18 +02:00
|
|
|
/* calls router_dir_info_changed() when it's done -- more routers
|
|
|
|
* might be up or down now, which might affect whether there's enough
|
|
|
|
* directory info. */
|
2007-10-16 01:15:24 +02:00
|
|
|
routers_update_status_from_consensus_networkstatus(rl->routers, 0);
|
2008-06-05 11:01:18 +02:00
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
|
2007-11-07 18:11:23 +01:00
|
|
|
ri->cache_info.routerlist_index = ri_sl_idx);
|
2007-10-19 04:15:47 +02:00
|
|
|
if (rl->old_routers)
|
|
|
|
signed_descs_update_status_from_consensus_networkstatus(rl->old_routers);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-16 01:44:32 +02:00
|
|
|
if (!have_warned_about_old_version) {
|
2007-10-08 23:21:50 +02:00
|
|
|
int is_server = server_mode(get_options());
|
2007-10-16 01:15:24 +02:00
|
|
|
version_status_t status;
|
|
|
|
const char *recommended = is_server ?
|
|
|
|
consensus->server_versions : consensus->client_versions;
|
|
|
|
status = tor_version_is_obsolete(VERSION, recommended);
|
|
|
|
|
|
|
|
if (status == VS_RECOMMENDED) {
|
|
|
|
log_info(LD_GENERAL, "The directory authorities say my version is ok.");
|
2008-02-06 13:45:04 +01:00
|
|
|
} else if (status == VS_EMPTY) {
|
|
|
|
log_info(LD_GENERAL,
|
|
|
|
"The directory authorities don't recommend any versions.");
|
2007-10-16 01:15:24 +02:00
|
|
|
} else if (status == VS_NEW || status == VS_NEW_IN_SERIES) {
|
|
|
|
if (!have_warned_about_new_version) {
|
|
|
|
log_notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
|
|
|
|
"recommended version%s, according to the directory "
|
|
|
|
"authorities. Recommended versions are: %s",
|
|
|
|
VERSION,
|
|
|
|
status == VS_NEW_IN_SERIES ? " in its series" : "",
|
|
|
|
recommended);
|
|
|
|
have_warned_about_new_version = 1;
|
2007-10-08 23:21:50 +02:00
|
|
|
control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
|
2007-10-16 01:15:24 +02:00
|
|
|
"CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
|
|
|
|
VERSION, "NEW", recommended);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
} else {
|
2007-10-16 01:15:24 +02:00
|
|
|
log_warn(LD_GENERAL, "Please upgrade! "
|
|
|
|
"This version of Tor (%s) is %s, according to the directory "
|
|
|
|
"authorities. Recommended versions are: %s",
|
|
|
|
VERSION,
|
|
|
|
status == VS_OLD ? "obsolete" : "not recommended",
|
|
|
|
recommended);
|
|
|
|
have_warned_about_old_version = 1;
|
|
|
|
control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
|
|
|
|
"CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
|
2007-12-05 20:32:58 +01:00
|
|
|
VERSION, status == VS_OLD ? "OBSOLETE" : "UNRECOMMENDED",
|
2007-10-16 01:15:24 +02:00
|
|
|
recommended);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Update v2_download_status_map to contain an entry for every router
|
|
|
|
* descriptor listed in the v2 networkstatuses. */
|
2007-10-16 01:15:24 +02:00
|
|
|
static void
|
2007-10-18 16:19:51 +02:00
|
|
|
download_status_map_update_from_v2_networkstatus(void)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
digestmap_t *dl_status;
|
|
|
|
if (!networkstatus_v2_list)
|
2007-10-08 23:21:50 +02:00
|
|
|
return;
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!v2_download_status_map)
|
|
|
|
v2_download_status_map = digestmap_new();
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
dl_status = digestmap_new();
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(networkstatus_v2_list, networkstatus_v2_t *, ns) {
|
2010-09-29 07:35:08 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(ns->entries, const routerstatus_t *, rs) {
|
2007-10-16 01:15:24 +02:00
|
|
|
const char *d = rs->descriptor_digest;
|
|
|
|
download_status_t *s;
|
|
|
|
if (digestmap_get(dl_status, d))
|
2007-10-08 23:21:50 +02:00
|
|
|
continue;
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!(s = digestmap_remove(v2_download_status_map, d))) {
|
|
|
|
s = tor_malloc_zero(sizeof(download_status_t));
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-16 01:15:24 +02:00
|
|
|
digestmap_set(dl_status, d, s);
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(rs);
|
|
|
|
} SMARTLIST_FOREACH_END(ns);
|
2007-10-16 01:15:24 +02:00
|
|
|
digestmap_free(v2_download_status_map, _tor_free);
|
|
|
|
v2_download_status_map = dl_status;
|
2007-10-18 16:19:51 +02:00
|
|
|
networkstatus_v2_list_has_changed = 0;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Update our view of the list of named servers from the most recently
|
2007-10-19 01:14:58 +02:00
|
|
|
* retrieved networkstatus consensus. */
|
2007-10-16 01:15:24 +02:00
|
|
|
static void
|
|
|
|
routerstatus_list_update_named_server_map(void)
|
2007-10-12 23:33:39 +02:00
|
|
|
{
|
|
|
|
if (!current_consensus)
|
|
|
|
return;
|
|
|
|
|
2009-12-12 08:07:59 +01:00
|
|
|
strmap_free(named_server_map, _tor_free);
|
2007-10-12 23:33:39 +02:00
|
|
|
named_server_map = strmap_new();
|
2009-12-12 08:07:59 +01:00
|
|
|
strmap_free(unnamed_server_map, NULL);
|
2007-10-23 06:09:18 +02:00
|
|
|
unnamed_server_map = strmap_new();
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(current_consensus->routerstatus_list,
|
|
|
|
const routerstatus_t *, rs) {
|
2007-10-12 23:33:39 +02:00
|
|
|
if (rs->is_named) {
|
2007-10-19 20:56:24 +02:00
|
|
|
strmap_set_lc(named_server_map, rs->nickname,
|
|
|
|
tor_memdup(rs->identity_digest, DIGEST_LEN));
|
|
|
|
}
|
|
|
|
if (rs->is_unnamed) {
|
|
|
|
strmap_set_lc(unnamed_server_map, rs->nickname, (void*)1);
|
2007-10-12 23:33:39 +02:00
|
|
|
}
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(rs);
|
2007-10-12 23:33:39 +02:00
|
|
|
}
|
|
|
|
|
2007-10-19 01:14:58 +02:00
|
|
|
/** Given a list <b>routers</b> of routerinfo_t *, update each status field
|
2007-10-18 16:19:51 +02:00
|
|
|
* according to our current consensus networkstatus. May re-order
|
2007-10-19 01:14:58 +02:00
|
|
|
* <b>routers</b>. */
|
2007-10-12 23:33:39 +02:00
|
|
|
void
|
|
|
|
routers_update_status_from_consensus_networkstatus(smartlist_t *routers,
|
|
|
|
int reset_failures)
|
|
|
|
{
|
|
|
|
trusted_dir_server_t *ds;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-10-12 23:33:39 +02:00
|
|
|
int authdir = authdir_mode_v2(options) || authdir_mode_v3(options);
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_t *ns = current_consensus;
|
2007-10-12 23:33:39 +02:00
|
|
|
if (!ns || !smartlist_len(ns->routerstatus_list))
|
|
|
|
return;
|
2008-04-08 19:06:38 +02:00
|
|
|
if (!networkstatus_v2_list)
|
2012-01-18 21:53:30 +01:00
|
|
|
networkstatus_v2_list = smartlist_new();
|
2007-10-12 23:33:39 +02:00
|
|
|
|
|
|
|
routers_sort_by_identity(routers);
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(ns->routerstatus_list, routerstatus_t *, rs,
|
|
|
|
routers, routerinfo_t *, router,
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_memcmp(rs->identity_digest,
|
2008-04-07 18:28:34 +02:00
|
|
|
router->cache_info.identity_digest, DIGEST_LEN),
|
2007-10-12 23:33:39 +02:00
|
|
|
{
|
2008-04-07 18:28:34 +02:00
|
|
|
}) {
|
2008-04-16 02:12:44 +02:00
|
|
|
/* We have a routerstatus for this router. */
|
2008-04-07 18:28:34 +02:00
|
|
|
const char *digest = router->cache_info.identity_digest;
|
2007-10-12 23:33:39 +02:00
|
|
|
|
|
|
|
ds = router_get_trusteddirserver_by_digest(digest);
|
|
|
|
|
2008-04-08 19:06:38 +02:00
|
|
|
/* Is it the same descriptor, or only the same identity? */
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(router->cache_info.signed_descriptor_digest,
|
2007-10-19 04:15:47 +02:00
|
|
|
rs->descriptor_digest, DIGEST_LEN)) {
|
|
|
|
if (ns->valid_until > router->cache_info.last_listed_as_valid_until)
|
|
|
|
router->cache_info.last_listed_as_valid_until = ns->valid_until;
|
|
|
|
}
|
2007-10-12 23:33:39 +02:00
|
|
|
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
if (authdir) {
|
2010-09-15 04:10:32 +02:00
|
|
|
/* If we _are_ an authority, we should check whether this router
|
2010-08-18 19:36:09 +02:00
|
|
|
* is one that will cause us to need a reachability test. */
|
|
|
|
routerinfo_t *old_router =
|
2010-09-29 06:38:32 +02:00
|
|
|
router_get_mutable_by_digest(router->cache_info.identity_digest);
|
2010-08-18 19:36:09 +02:00
|
|
|
if (old_router != router) {
|
|
|
|
router->needs_retest_if_added =
|
|
|
|
dirserv_should_launch_reachability_test(router, old_router);
|
|
|
|
}
|
2007-10-12 23:33:39 +02:00
|
|
|
}
|
2010-09-30 20:58:27 +02:00
|
|
|
if (rs->is_flagged_running && ds) {
|
2007-10-12 23:33:39 +02:00
|
|
|
download_status_reset(&ds->v2_ns_dl_status);
|
|
|
|
}
|
|
|
|
if (reset_failures) {
|
|
|
|
download_status_reset(&rs->dl_status);
|
|
|
|
}
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs, router);
|
2007-10-12 23:33:39 +02:00
|
|
|
|
2008-04-08 19:06:38 +02:00
|
|
|
/* Now update last_listed_as_valid_until from v2 networkstatuses. */
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(networkstatus_v2_list, networkstatus_v2_t *, ns) {
|
2008-12-26 18:35:08 +01:00
|
|
|
time_t live_until = ns->published_on + V2_NETWORKSTATUS_ROUTER_LIFETIME;
|
2010-09-29 07:35:08 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(ns->entries, const routerstatus_t *, rs,
|
2008-04-08 19:06:38 +02:00
|
|
|
routers, routerinfo_t *, ri,
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_memcmp(rs->identity_digest,
|
2008-04-08 19:06:38 +02:00
|
|
|
ri->cache_info.identity_digest, DIGEST_LEN),
|
|
|
|
STMT_NIL) {
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(ri->cache_info.signed_descriptor_digest,
|
2008-04-08 19:06:38 +02:00
|
|
|
rs->descriptor_digest, DIGEST_LEN)) {
|
|
|
|
if (live_until > ri->cache_info.last_listed_as_valid_until)
|
|
|
|
ri->cache_info.last_listed_as_valid_until = live_until;
|
|
|
|
}
|
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs, ri);
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ns);
|
2008-04-08 19:06:38 +02:00
|
|
|
|
2007-10-12 23:33:39 +02:00
|
|
|
router_dir_info_changed();
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Given a list of signed_descriptor_t, update their fields (mainly, when
|
|
|
|
* they were last listed) from the most recent consensus. */
|
2007-10-19 04:15:47 +02:00
|
|
|
void
|
|
|
|
signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
|
|
|
|
{
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_t *ns = current_ns_consensus;
|
2007-10-19 04:15:47 +02:00
|
|
|
if (!ns)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (!ns->desc_digest_map) {
|
|
|
|
char dummy[DIGEST_LEN];
|
|
|
|
/* instantiates the digest map. */
|
|
|
|
memset(dummy, 0, sizeof(dummy));
|
2010-05-11 23:20:33 +02:00
|
|
|
router_get_consensus_status_by_descriptor_digest(ns, dummy);
|
2007-10-19 04:15:47 +02:00
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH(descs, signed_descriptor_t *, d,
|
|
|
|
{
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *rs = digestmap_get(ns->desc_digest_map,
|
2007-10-19 04:15:47 +02:00
|
|
|
d->signed_descriptor_digest);
|
|
|
|
if (rs) {
|
|
|
|
if (ns->valid_until > d->last_listed_as_valid_until)
|
|
|
|
d->last_listed_as_valid_until = ns->valid_until;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Generate networkstatus lines for a single routerstatus_t object, and
|
|
|
|
* return the result in a newly allocated string. Used only by controller
|
|
|
|
* interface (for now.) */
|
|
|
|
char *
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_getinfo_helper_single(const routerstatus_t *rs)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2008-02-06 17:58:05 +01:00
|
|
|
char buf[RS_ENTRY_LEN+1];
|
2009-07-31 06:33:53 +02:00
|
|
|
routerstatus_format_entry(buf, sizeof(buf), rs, NULL, NS_CONTROL_PORT);
|
2007-10-08 23:21:50 +02:00
|
|
|
return tor_strdup(buf);
|
|
|
|
}
|
|
|
|
|
2007-12-18 23:39:15 +01:00
|
|
|
/** Alloc and return a string describing routerstatuses for the most
|
|
|
|
* recent info of each router we know about that is of purpose
|
|
|
|
* <b>purpose_string</b>. Return NULL if unrecognized purpose.
|
|
|
|
*
|
|
|
|
* Right now this function is oriented toward listing bridges (you
|
|
|
|
* shouldn't use this for general-purpose routers, since those
|
|
|
|
* should be listed from the consensus, not from the routers list). */
|
|
|
|
char *
|
2007-12-19 05:58:58 +01:00
|
|
|
networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
|
2007-12-18 23:39:15 +01:00
|
|
|
{
|
|
|
|
time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
|
|
|
char *answer;
|
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2008-01-16 06:27:19 +01:00
|
|
|
smartlist_t *statuses;
|
2007-12-18 23:39:15 +01:00
|
|
|
uint8_t purpose = router_purpose_from_string(purpose_string);
|
|
|
|
routerstatus_t rs;
|
|
|
|
int bridge_auth = authdir_mode_bridge(get_options());
|
|
|
|
|
|
|
|
if (purpose == ROUTER_PURPOSE_UNKNOWN) {
|
|
|
|
log_info(LD_DIR, "Unrecognized purpose '%s' when listing router statuses.",
|
|
|
|
purpose_string);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2012-01-18 21:53:30 +01:00
|
|
|
statuses = smartlist_new();
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(rl->routers, routerinfo_t *, ri) {
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
|
|
|
|
if (!node)
|
|
|
|
continue;
|
2007-12-18 23:39:15 +01:00
|
|
|
if (ri->cache_info.published_on < cutoff)
|
|
|
|
continue;
|
|
|
|
if (ri->purpose != purpose)
|
|
|
|
continue;
|
|
|
|
if (bridge_auth && ri->purpose == ROUTER_PURPOSE_BRIDGE)
|
|
|
|
dirserv_set_router_is_running(ri, now);
|
|
|
|
/* then generate and write out status lines for each of them */
|
2011-09-07 20:51:55 +02:00
|
|
|
set_routerstatus_from_routerinfo(&rs, node, ri, now, 0, 0, 0, 0);
|
2007-12-18 23:39:15 +01:00
|
|
|
smartlist_add(statuses, networkstatus_getinfo_helper_single(&rs));
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ri);
|
2007-12-18 23:39:15 +01:00
|
|
|
|
|
|
|
answer = smartlist_join_strings(statuses, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(statuses);
|
|
|
|
return answer;
|
|
|
|
}
|
|
|
|
|
2007-12-19 05:58:58 +01:00
|
|
|
/** Write out router status entries for all our bridge descriptors. */
|
|
|
|
void
|
|
|
|
networkstatus_dump_bridge_status_to_file(time_t now)
|
|
|
|
{
|
|
|
|
char *status = networkstatus_getinfo_by_purpose("bridge", now);
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2012-01-11 20:02:59 +01:00
|
|
|
char *fname = NULL;
|
|
|
|
tor_asprintf(&fname, "%s"PATH_SEPARATOR"networkstatus-bridges",
|
2007-12-19 05:58:58 +01:00
|
|
|
options->DataDirectory);
|
|
|
|
write_str_to_file(fname,status,0);
|
|
|
|
tor_free(fname);
|
|
|
|
tor_free(status);
|
|
|
|
}
|
|
|
|
|
2012-06-05 01:51:00 +02:00
|
|
|
/* DOCDOC get_net_param_from_list */
|
2010-12-27 18:44:42 +01:00
|
|
|
static int32_t
|
2010-01-30 02:10:50 +01:00
|
|
|
get_net_param_from_list(smartlist_t *net_params, const char *param_name,
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t default_val, int32_t min_val, int32_t max_val)
|
2010-01-30 02:10:50 +01:00
|
|
|
{
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t res = default_val;
|
2010-01-30 02:10:50 +01:00
|
|
|
size_t name_len = strlen(param_name);
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
tor_assert(max_val > min_val);
|
|
|
|
tor_assert(min_val <= default_val);
|
|
|
|
tor_assert(max_val >= default_val);
|
|
|
|
|
2010-01-30 02:10:50 +01:00
|
|
|
SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) {
|
|
|
|
if (!strcmpstart(p, param_name) && p[name_len] == '=') {
|
|
|
|
int ok=0;
|
|
|
|
long v = tor_parse_long(p+name_len+1, 10, INT32_MIN,
|
|
|
|
INT32_MAX, &ok, NULL);
|
2010-12-30 19:54:13 +01:00
|
|
|
if (ok) {
|
|
|
|
res = (int32_t) v;
|
|
|
|
break;
|
|
|
|
}
|
2010-01-30 02:10:50 +01:00
|
|
|
}
|
|
|
|
} SMARTLIST_FOREACH_END(p);
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
if (res < min_val) {
|
|
|
|
log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to "
|
|
|
|
"%d.", param_name, res, min_val);
|
|
|
|
res = min_val;
|
|
|
|
} else if (res > max_val) {
|
|
|
|
log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to "
|
|
|
|
"%d.", param_name, res, max_val);
|
|
|
|
res = max_val;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
2010-01-30 02:10:50 +01:00
|
|
|
}
|
|
|
|
|
2009-09-15 05:39:08 +02:00
|
|
|
/** Return the value of a integer parameter from the networkstatus <b>ns</b>
|
2009-09-23 04:09:33 +02:00
|
|
|
* whose name is <b>param_name</b>. If <b>ns</b> is NULL, try loading the
|
|
|
|
* latest consensus ourselves. Return <b>default_val</b> if no latest
|
2010-12-30 19:54:13 +01:00
|
|
|
* consensus, or if it has no parameter called <b>param_name</b>.
|
|
|
|
* Make sure the value parsed from the consensus is at least
|
|
|
|
* <b>min_val</b> and at most <b>max_val</b> and raise/cap the parsed value
|
|
|
|
* if necessary. */
|
2009-09-15 05:39:08 +02:00
|
|
|
int32_t
|
2011-06-14 19:01:38 +02:00
|
|
|
networkstatus_get_param(const networkstatus_t *ns, const char *param_name,
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t default_val, int32_t min_val, int32_t max_val)
|
2009-09-15 05:39:08 +02:00
|
|
|
{
|
2009-09-23 04:09:33 +02:00
|
|
|
if (!ns) /* if they pass in null, go find it ourselves */
|
|
|
|
ns = networkstatus_get_latest_consensus();
|
|
|
|
|
2009-09-15 05:39:08 +02:00
|
|
|
if (!ns || !ns->net_params)
|
|
|
|
return default_val;
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
return get_net_param_from_list(ns->net_params, param_name,
|
|
|
|
default_val, min_val, max_val);
|
2009-09-15 05:39:08 +02:00
|
|
|
}
|
|
|
|
|
2010-01-30 00:40:40 +01:00
|
|
|
/** Return the value of a integer bw weight parameter from the networkstatus
|
|
|
|
* <b>ns</b> whose name is <b>weight_name</b>. If <b>ns</b> is NULL, try
|
|
|
|
* loading the latest consensus ourselves. Return <b>default_val</b> if no
|
2010-12-30 19:54:13 +01:00
|
|
|
* latest consensus, or if it has no parameter called <b>weight_name</b>. */
|
2010-01-30 00:40:40 +01:00
|
|
|
int32_t
|
|
|
|
networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name,
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t default_val)
|
2010-01-30 00:40:40 +01:00
|
|
|
{
|
2011-01-15 19:31:23 +01:00
|
|
|
int32_t param;
|
|
|
|
int max;
|
2010-01-30 00:40:40 +01:00
|
|
|
if (!ns) /* if they pass in null, go find it ourselves */
|
|
|
|
ns = networkstatus_get_latest_consensus();
|
|
|
|
|
|
|
|
if (!ns || !ns->weight_params)
|
|
|
|
return default_val;
|
|
|
|
|
2011-01-15 19:31:23 +01:00
|
|
|
max = circuit_build_times_get_bw_scale(ns);
|
|
|
|
param = get_net_param_from_list(ns->weight_params, weight_name,
|
|
|
|
default_val, -1,
|
|
|
|
BW_MAX_WEIGHT_SCALE);
|
|
|
|
if (param > max) {
|
|
|
|
log_warn(LD_DIR, "Value of consensus weight %s was too large, capping "
|
|
|
|
"to %d", weight_name, max);
|
|
|
|
param = max;
|
|
|
|
}
|
|
|
|
return param;
|
2010-01-30 00:40:40 +01:00
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Return the name of the consensus flavor <b>flav</b> as used to identify
|
|
|
|
* the flavor in directory documents. */
|
|
|
|
const char *
|
|
|
|
networkstatus_get_flavor_name(consensus_flavor_t flav)
|
|
|
|
{
|
|
|
|
switch (flav) {
|
|
|
|
case FLAV_NS:
|
|
|
|
return "ns";
|
|
|
|
case FLAV_MICRODESC:
|
|
|
|
return "microdesc";
|
|
|
|
default:
|
|
|
|
tor_fragile_assert();
|
|
|
|
return "??";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-10-15 22:06:00 +02:00
|
|
|
/** Return the consensus_flavor_t value for the flavor called <b>flavname</b>,
|
2009-12-14 01:21:06 +01:00
|
|
|
* or -1 if the flavor is not recognized. */
|
2009-09-23 21:23:04 +02:00
|
|
|
int
|
|
|
|
networkstatus_parse_flavor_name(const char *flavname)
|
|
|
|
{
|
|
|
|
if (!strcmp(flavname, "ns"))
|
|
|
|
return FLAV_NS;
|
|
|
|
else if (!strcmp(flavname, "microdesc"))
|
|
|
|
return FLAV_MICRODESC;
|
|
|
|
else
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2012-09-13 19:16:37 +02:00
|
|
|
/** Return 0 if this routerstatus is obsolete, too new, isn't
|
|
|
|
* running, or otherwise not a descriptor that we would make any
|
|
|
|
* use of even if we had it. Else return 1. */
|
|
|
|
int
|
|
|
|
client_would_use_router(const routerstatus_t *rs, time_t now,
|
|
|
|
const or_options_t *options)
|
|
|
|
{
|
|
|
|
if (!rs->is_flagged_running && !options->FetchUselessDescriptors) {
|
|
|
|
/* If we had this router descriptor, we wouldn't even bother using it.
|
|
|
|
* But, if we want to have a complete list, fetch it anyway. */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime
|
|
|
|
> now) {
|
|
|
|
/* Most caches probably don't have this descriptor yet. */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
|
|
|
|
/* We'd drop it immediately for being too old. */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** If <b>question</b> is a string beginning with "ns/" in a format the
|
|
|
|
* control interface expects for a GETINFO question, set *<b>answer</b> to a
|
|
|
|
* newly-allocated string containing networkstatus lines for the appropriate
|
|
|
|
* ORs. Return 0 on success, -1 on unrecognized question format. */
|
|
|
|
int
|
|
|
|
getinfo_helper_networkstatus(control_connection_t *conn,
|
2010-07-18 17:05:58 +02:00
|
|
|
const char *question, char **answer,
|
|
|
|
const char **errmsg)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *status;
|
2007-10-08 23:21:50 +02:00
|
|
|
(void) conn;
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
if (!current_consensus) {
|
2007-10-08 23:21:50 +02:00
|
|
|
*answer = tor_strdup("");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!strcmp(question, "ns/all")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *statuses = smartlist_new();
|
2007-10-16 01:15:24 +02:00
|
|
|
SMARTLIST_FOREACH(current_consensus->routerstatus_list,
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *, rs,
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
smartlist_add(statuses, networkstatus_getinfo_helper_single(rs));
|
|
|
|
});
|
|
|
|
*answer = smartlist_join_strings(statuses, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(statuses);
|
|
|
|
return 0;
|
|
|
|
} else if (!strcmpstart(question, "ns/id/")) {
|
|
|
|
char d[DIGEST_LEN];
|
|
|
|
|
2010-07-18 17:05:58 +02:00
|
|
|
if (base16_decode(d, DIGEST_LEN, question+6, strlen(question+6))) {
|
|
|
|
*errmsg = "Data not decodeable as hex";
|
2007-10-08 23:21:50 +02:00
|
|
|
return -1;
|
2010-07-18 17:05:58 +02:00
|
|
|
}
|
2007-10-16 01:15:24 +02:00
|
|
|
status = router_get_consensus_status_by_id(d);
|
2007-10-08 23:21:50 +02:00
|
|
|
} else if (!strcmpstart(question, "ns/name/")) {
|
2007-10-16 01:15:24 +02:00
|
|
|
status = router_get_consensus_status_by_nickname(question+8, 0);
|
2007-12-18 23:39:15 +01:00
|
|
|
} else if (!strcmpstart(question, "ns/purpose/")) {
|
2007-12-19 05:58:58 +01:00
|
|
|
*answer = networkstatus_getinfo_by_purpose(question+11, time(NULL));
|
2007-12-18 23:39:15 +01:00
|
|
|
return *answer ? 0 : -1;
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2010-07-18 17:13:25 +02:00
|
|
|
return 0;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-12-18 23:39:15 +01:00
|
|
|
if (status)
|
2007-10-09 17:27:15 +02:00
|
|
|
*answer = networkstatus_getinfo_helper_single(status);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Free all storage held locally in this module. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
networkstatus_free_all(void)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2007-10-16 01:15:24 +02:00
|
|
|
if (networkstatus_v2_list) {
|
|
|
|
SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
|
|
|
|
networkstatus_v2_free(ns));
|
|
|
|
smartlist_free(networkstatus_v2_list);
|
|
|
|
networkstatus_v2_list = NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
|
|
|
|
digestmap_free(v2_download_status_map, _tor_free);
|
|
|
|
v2_download_status_map = NULL;
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_vote_free(current_ns_consensus);
|
|
|
|
networkstatus_vote_free(current_md_consensus);
|
|
|
|
current_md_consensus = current_ns_consensus = NULL;
|
2009-12-12 08:07:59 +01:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
|
|
|
|
if (waiting->consensus) {
|
|
|
|
networkstatus_vote_free(waiting->consensus);
|
|
|
|
waiting->consensus = NULL;
|
|
|
|
}
|
|
|
|
tor_free(waiting->body);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
|
|
|
|
strmap_free(named_server_map, _tor_free);
|
|
|
|
strmap_free(unnamed_server_map, NULL);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|