2007-10-08 23:21:50 +02:00
|
|
|
/* Copyright (c) 2001 Matej Pfajfar.
|
|
|
|
* Copyright (c) 2001-2004, Roger Dingledine.
|
2007-12-12 22:09:01 +01:00
|
|
|
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
2017-03-15 21:13:17 +01:00
|
|
|
* Copyright (c) 2007-2017, The Tor Project, Inc. */
|
2007-10-08 23:21:50 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
|
|
|
/**
|
2008-02-12 21:20:52 +01:00
|
|
|
* \file networkstatus.c
|
2016-10-26 17:02:57 +02:00
|
|
|
* \brief Functions and structures for handling networkstatus documents as a
|
|
|
|
* client or as a directory cache.
|
|
|
|
*
|
|
|
|
* A consensus networkstatus object is created by the directory
|
|
|
|
* authorities. It authenticates a set of network parameters--most
|
|
|
|
* importantly, the list of all the relays in the network. This list
|
|
|
|
* of relays is represented as an array of routerstatus_t objects.
|
|
|
|
*
|
|
|
|
* There are currently two flavors of consensus. With the older "NS"
|
|
|
|
* flavor, each relay is associated with a digest of its router
|
|
|
|
* descriptor. Tor instances that use this consensus keep the list of
|
|
|
|
* router descriptors as routerinfo_t objects stored and managed in
|
|
|
|
* routerlist.c. With the newer "microdesc" flavor, each relay is
|
|
|
|
* associated with a digest of the microdescriptor that the authorities
|
|
|
|
* made for it. These are stored and managed in microdesc.c. Information
|
|
|
|
* about the router is divided between the the networkstatus and the
|
|
|
|
* microdescriptor according to the general rule that microdescriptors
|
|
|
|
* should hold information that changes much less frequently than the
|
|
|
|
* information in the networkstatus.
|
|
|
|
*
|
|
|
|
* Modern clients use microdescriptor networkstatuses. Directory caches
|
|
|
|
* need to keep both kinds of networkstatus document, so they can serve them.
|
|
|
|
*
|
|
|
|
* This module manages fetching, holding, storing, updating, and
|
|
|
|
* validating networkstatus objects. The download-and-validate process
|
|
|
|
* is slightly complicated by the fact that the keys you need to
|
|
|
|
* validate a consensus are stored in the authority certificates, which
|
|
|
|
* you might not have yet when you download the consensus.
|
2007-10-08 23:21:50 +02:00
|
|
|
*/
|
|
|
|
|
2014-04-26 19:32:36 +02:00
|
|
|
#define NETWORKSTATUS_PRIVATE
|
2007-10-08 23:21:50 +02:00
|
|
|
#include "or.h"
|
2016-11-15 13:49:06 +01:00
|
|
|
#include "bridges.h"
|
2012-10-02 05:27:51 +02:00
|
|
|
#include "channel.h"
|
2012-10-01 10:53:59 +02:00
|
|
|
#include "circuitmux.h"
|
|
|
|
#include "circuitmux_ewma.h"
|
2012-10-15 20:48:34 +02:00
|
|
|
#include "circuitstats.h"
|
2010-07-22 10:22:51 +02:00
|
|
|
#include "config.h"
|
2010-07-22 10:32:52 +02:00
|
|
|
#include "connection.h"
|
2010-08-15 10:01:42 +02:00
|
|
|
#include "connection_or.h"
|
2017-04-26 14:44:01 +02:00
|
|
|
#include "consdiffmgr.h"
|
2010-07-22 11:35:09 +02:00
|
|
|
#include "control.h"
|
2010-07-22 11:54:50 +02:00
|
|
|
#include "directory.h"
|
2010-07-22 12:09:49 +02:00
|
|
|
#include "dirserv.h"
|
2010-07-22 12:19:28 +02:00
|
|
|
#include "dirvote.h"
|
2018-01-25 21:54:58 +01:00
|
|
|
#include "dos.h"
|
2012-10-15 20:48:34 +02:00
|
|
|
#include "entrynodes.h"
|
2017-09-21 20:34:36 +02:00
|
|
|
#include "hibernate.h"
|
2010-08-15 10:01:42 +02:00
|
|
|
#include "main.h"
|
2010-09-21 22:16:56 +02:00
|
|
|
#include "microdesc.h"
|
2010-07-23 20:18:55 +02:00
|
|
|
#include "networkstatus.h"
|
2010-09-28 19:29:31 +02:00
|
|
|
#include "nodelist.h"
|
2016-08-19 23:31:49 +02:00
|
|
|
#include "protover.h"
|
2010-07-23 21:53:11 +02:00
|
|
|
#include "relay.h"
|
2010-07-21 16:17:10 +02:00
|
|
|
#include "router.h"
|
2010-07-21 17:08:11 +02:00
|
|
|
#include "routerlist.h"
|
2010-07-23 23:23:43 +02:00
|
|
|
#include "routerparse.h"
|
2017-07-10 22:10:50 +02:00
|
|
|
#include "scheduler.h"
|
2016-05-03 17:21:17 +02:00
|
|
|
#include "shared_random.h"
|
2014-03-08 14:13:12 +01:00
|
|
|
#include "transports.h"
|
2016-05-03 17:21:17 +02:00
|
|
|
#include "torcert.h"
|
2016-09-22 23:52:25 +02:00
|
|
|
#include "channelpadding.h"
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
/** Most recently received and validated v3 "ns"-flavored consensus network
|
|
|
|
* status. */
|
2016-09-06 20:35:53 +02:00
|
|
|
STATIC networkstatus_t *current_ns_consensus = NULL;
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2017-07-01 23:56:06 +02:00
|
|
|
/** Most recently received and validated v3 "microdesc"-flavored consensus
|
2010-09-17 04:12:03 +02:00
|
|
|
* network status. */
|
2016-09-06 20:35:53 +02:00
|
|
|
STATIC networkstatus_t *current_md_consensus = NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** A v3 consensus networkstatus that we've received, but which we don't
|
|
|
|
* have enough certificates to be happy about. */
|
2009-10-13 23:06:01 +02:00
|
|
|
typedef struct consensus_waiting_for_certs_t {
|
|
|
|
/** The consensus itself. */
|
|
|
|
networkstatus_t *consensus;
|
|
|
|
/** The encoded version of the consensus, nul-terminated. */
|
|
|
|
char *body;
|
|
|
|
/** When did we set the current value of consensus_waiting_for_certs? If
|
|
|
|
* this is too recent, we shouldn't try to fetch a new consensus for a
|
|
|
|
* little while, to give ourselves time to get certificates for this one. */
|
|
|
|
time_t set_at;
|
|
|
|
/** Set to 1 if we've been holding on to it for so long we should maybe
|
|
|
|
* treat it as being bad. */
|
|
|
|
int dl_failed;
|
|
|
|
} consensus_waiting_for_certs_t;
|
|
|
|
|
2012-06-05 06:17:54 +02:00
|
|
|
/** An array, for each flavor of consensus we might want, of consensuses that
|
|
|
|
* we have downloaded, but which we cannot verify due to having insufficient
|
|
|
|
* authority certificates. */
|
2009-10-13 23:06:01 +02:00
|
|
|
static consensus_waiting_for_certs_t
|
|
|
|
consensus_waiting_for_certs[N_CONSENSUS_FLAVORS];
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** A time before which we shouldn't try to replace the current consensus:
|
|
|
|
* this will be at some point after the next consensus becomes valid, but
|
|
|
|
* before the current consensus becomes invalid. */
|
2012-03-28 08:55:33 +02:00
|
|
|
static time_t time_to_download_next_consensus[N_CONSENSUS_FLAVORS];
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Download status for the current consensus networkstatus. */
|
2014-09-18 16:51:44 +02:00
|
|
|
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS] =
|
|
|
|
{
|
2015-12-07 07:55:38 +01:00
|
|
|
{ 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
|
2018-01-25 21:51:13 +01:00
|
|
|
DL_SCHED_INCREMENT_FAILURE, 0, 0 },
|
2015-12-07 07:55:38 +01:00
|
|
|
{ 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
|
2018-01-25 21:51:13 +01:00
|
|
|
DL_SCHED_INCREMENT_FAILURE, 0, 0 },
|
2015-12-07 07:55:38 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
#define N_CONSENSUS_BOOTSTRAP_SCHEDULES 2
|
|
|
|
#define CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY 0
|
|
|
|
#define CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER 1
|
|
|
|
|
|
|
|
/* Using DL_SCHED_INCREMENT_ATTEMPT on these schedules means that
|
|
|
|
* download_status_increment_failure won't increment these entries.
|
|
|
|
* However, any bootstrap connection failures that occur after we have
|
|
|
|
* a valid consensus will count against the failure counts on the non-bootstrap
|
|
|
|
* schedules. There should only be one of these, as all the others will have
|
|
|
|
* been cancelled. (This doesn't seem to be a significant issue.) */
|
|
|
|
static download_status_t
|
|
|
|
consensus_bootstrap_dl_status[N_CONSENSUS_BOOTSTRAP_SCHEDULES] =
|
|
|
|
{
|
|
|
|
{ 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_AUTHORITY,
|
2018-01-25 21:51:13 +01:00
|
|
|
DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
|
2015-12-07 07:55:38 +01:00
|
|
|
/* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
|
|
|
|
{ 0, 0, 0, DL_SCHED_CONSENSUS, DL_WANT_ANY_DIRSERVER,
|
2018-01-25 21:51:13 +01:00
|
|
|
DL_SCHED_INCREMENT_ATTEMPT, 0, 0 },
|
2014-09-18 16:51:44 +02:00
|
|
|
};
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** True iff we have logged a warning about this OR's version being older than
|
2007-11-29 16:23:41 +01:00
|
|
|
* listed by the authorities. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static int have_warned_about_old_version = 0;
|
|
|
|
/** True iff we have logged a warning about this OR's version being newer than
|
2007-11-29 16:23:41 +01:00
|
|
|
* listed by the authorities. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static int have_warned_about_new_version = 0;
|
|
|
|
|
2015-12-07 07:55:38 +01:00
|
|
|
static void update_consensus_bootstrap_multiple_downloads(
|
|
|
|
time_t now,
|
2016-04-14 08:29:12 +02:00
|
|
|
const or_options_t *options);
|
2016-09-13 17:02:44 +02:00
|
|
|
static int networkstatus_check_required_protocols(const networkstatus_t *ns,
|
|
|
|
int client_mode,
|
|
|
|
char **warning_out);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Forget that we've warned about anything networkstatus-related, so we will
|
|
|
|
* give fresh warnings if the same behavior happens again. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
networkstatus_reset_warnings(void)
|
|
|
|
{
|
2016-09-21 21:20:27 +02:00
|
|
|
SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
|
|
|
|
node->name_lookup_warned = 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
have_warned_about_old_version = 0;
|
|
|
|
have_warned_about_new_version = 0;
|
|
|
|
}
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
/** Reset the descriptor download failure count on all networkstatus docs, so
|
|
|
|
* that we can retry any long-failed documents immediately.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
networkstatus_reset_download_failures(void)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2007-10-16 01:15:24 +02:00
|
|
|
|
2016-07-18 17:31:55 +02:00
|
|
|
log_debug(LD_GENERAL,
|
|
|
|
"In networkstatus_reset_download_failures()");
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
|
|
|
|
download_status_reset(&consensus_dl_status[i]);
|
2015-12-07 07:55:38 +01:00
|
|
|
|
|
|
|
for (i=0; i < N_CONSENSUS_BOOTSTRAP_SCHEDULES; ++i)
|
|
|
|
download_status_reset(&consensus_bootstrap_dl_status[i]);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2017-05-03 21:08:59 +02:00
|
|
|
/**
|
|
|
|
* Read and and return the cached consensus of type <b>flavorname</b>. If
|
|
|
|
* <b>unverified</b> is false, get the one we haven't verified. Return NULL if
|
|
|
|
* the file isn't there. */
|
|
|
|
static char *
|
|
|
|
networkstatus_read_cached_consensus_impl(int flav,
|
|
|
|
const char *flavorname,
|
|
|
|
int unverified_consensus)
|
|
|
|
{
|
|
|
|
char buf[128];
|
|
|
|
const char *prefix;
|
|
|
|
if (unverified_consensus) {
|
|
|
|
prefix = "unverified";
|
|
|
|
} else {
|
|
|
|
prefix = "cached";
|
|
|
|
}
|
|
|
|
if (flav == FLAV_NS) {
|
|
|
|
tor_snprintf(buf, sizeof(buf), "%s-consensus", prefix);
|
|
|
|
} else {
|
|
|
|
tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname);
|
|
|
|
}
|
|
|
|
|
2017-11-14 22:49:41 +01:00
|
|
|
char *filename = get_cachedir_fname(buf);
|
2017-05-03 21:08:59 +02:00
|
|
|
char *result = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
|
|
|
|
tor_free(filename);
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return a new string containing the current cached consensus of flavor
|
|
|
|
* <b>flavorname</b>. */
|
|
|
|
char *
|
|
|
|
networkstatus_read_cached_consensus(const char *flavorname)
|
|
|
|
{
|
|
|
|
int flav = networkstatus_parse_flavor_name(flavorname);
|
|
|
|
if (flav < 0)
|
|
|
|
return NULL;
|
|
|
|
return networkstatus_read_cached_consensus_impl(flav, flavorname, 0);
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
/** Read every cached v3 consensus networkstatus from the disk. */
|
2007-10-08 23:21:50 +02:00
|
|
|
int
|
|
|
|
router_reload_consensus_networkstatus(void)
|
|
|
|
{
|
2008-01-07 20:15:34 +01:00
|
|
|
const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
|
2009-10-13 23:06:01 +02:00
|
|
|
int flav;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2008-12-18 17:11:03 +01:00
|
|
|
/* FFFF Suppress warnings if cached consensus is bad? */
|
2009-10-13 23:06:01 +02:00
|
|
|
for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
|
|
|
|
const char *flavor = networkstatus_get_flavor_name(flav);
|
2017-05-03 21:08:59 +02:00
|
|
|
char *s = networkstatus_read_cached_consensus_impl(flav, flavor, 0);
|
2009-10-13 23:06:01 +02:00
|
|
|
if (s) {
|
2016-05-04 08:38:27 +02:00
|
|
|
if (networkstatus_set_current_consensus(s, flavor, flags, NULL) < -1) {
|
2017-05-03 21:08:59 +02:00
|
|
|
log_warn(LD_FS, "Couldn't load consensus %s networkstatus from cache",
|
|
|
|
flavor);
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
|
|
|
tor_free(s);
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2017-05-03 21:08:59 +02:00
|
|
|
s = networkstatus_read_cached_consensus_impl(flav, flavor, 1);
|
2009-10-13 23:06:01 +02:00
|
|
|
if (s) {
|
|
|
|
if (networkstatus_set_current_consensus(s, flavor,
|
2016-05-04 08:38:27 +02:00
|
|
|
flags|NSSET_WAS_WAITING_FOR_CERTS,
|
|
|
|
NULL)) {
|
2017-05-03 21:08:59 +02:00
|
|
|
log_info(LD_FS, "Couldn't load unverified consensus %s networkstatus "
|
|
|
|
"from cache", flavor);
|
|
|
|
}
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_free(s);
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-29 00:44:53 +01:00
|
|
|
|
2008-01-07 20:15:34 +01:00
|
|
|
update_certificate_downloads(time(NULL));
|
|
|
|
|
2007-11-11 18:37:59 +01:00
|
|
|
routers_update_all_from_networkstatus(time(NULL), 3);
|
2010-09-21 22:16:56 +02:00
|
|
|
update_microdescs_from_networkstatus(time(NULL));
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-12-22 15:56:28 +01:00
|
|
|
/** Free all storage held by the vote_routerstatus object <b>rs</b>. */
|
2017-01-23 20:52:51 +01:00
|
|
|
void
|
2017-11-21 15:37:47 +01:00
|
|
|
vote_routerstatus_free_(vote_routerstatus_t *rs)
|
2008-08-26 01:19:58 +02:00
|
|
|
{
|
2009-08-24 18:51:33 +02:00
|
|
|
vote_microdesc_hash_t *h, *next;
|
2009-09-28 16:37:01 +02:00
|
|
|
if (!rs)
|
|
|
|
return;
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs->version);
|
2016-08-25 20:55:41 +02:00
|
|
|
tor_free(rs->protocols);
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs->status.exitsummary);
|
2009-08-24 18:51:33 +02:00
|
|
|
for (h = rs->microdesc; h; h = next) {
|
|
|
|
tor_free(h->microdesc_hash_line);
|
|
|
|
next = h->next;
|
|
|
|
tor_free(h);
|
|
|
|
}
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Free all storage held by the routerstatus object <b>rs</b>. */
|
|
|
|
void
|
2017-11-21 15:37:47 +01:00
|
|
|
routerstatus_free_(routerstatus_t *rs)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2009-09-28 16:37:01 +02:00
|
|
|
if (!rs)
|
|
|
|
return;
|
2008-08-26 01:19:58 +02:00
|
|
|
tor_free(rs->exitsummary);
|
2007-10-08 23:21:50 +02:00
|
|
|
tor_free(rs);
|
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Free all storage held in <b>sig</b> */
|
|
|
|
void
|
2017-11-21 15:37:47 +01:00
|
|
|
document_signature_free_(document_signature_t *sig)
|
2009-09-16 23:01:01 +02:00
|
|
|
{
|
|
|
|
tor_free(sig->signature);
|
|
|
|
tor_free(sig);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return a newly allocated copy of <b>sig</b> */
|
|
|
|
document_signature_t *
|
|
|
|
document_signature_dup(const document_signature_t *sig)
|
|
|
|
{
|
|
|
|
document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
|
|
|
|
if (r->signature)
|
|
|
|
r->signature = tor_memdup(sig->signature, sig->signature_len);
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Free all storage held in <b>ns</b>. */
|
2007-10-22 19:31:26 +02:00
|
|
|
void
|
2017-11-21 15:37:47 +01:00
|
|
|
networkstatus_vote_free_(networkstatus_t *ns)
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
|
|
|
if (!ns)
|
|
|
|
return;
|
|
|
|
|
|
|
|
tor_free(ns->client_versions);
|
|
|
|
tor_free(ns->server_versions);
|
2016-08-19 23:31:49 +02:00
|
|
|
tor_free(ns->recommended_client_protocols);
|
|
|
|
tor_free(ns->recommended_relay_protocols);
|
|
|
|
tor_free(ns->required_client_protocols);
|
|
|
|
tor_free(ns->required_relay_protocols);
|
|
|
|
|
2007-10-22 19:31:26 +02:00
|
|
|
if (ns->known_flags) {
|
|
|
|
SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->known_flags);
|
|
|
|
}
|
2010-08-13 23:30:50 +02:00
|
|
|
if (ns->weight_params) {
|
|
|
|
SMARTLIST_FOREACH(ns->weight_params, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->weight_params);
|
|
|
|
}
|
2009-09-15 04:15:57 +02:00
|
|
|
if (ns->net_params) {
|
|
|
|
SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->net_params);
|
|
|
|
}
|
2007-12-16 09:20:10 +01:00
|
|
|
if (ns->supported_methods) {
|
|
|
|
SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->supported_methods);
|
|
|
|
}
|
2015-01-09 17:36:47 +01:00
|
|
|
if (ns->package_lines) {
|
|
|
|
SMARTLIST_FOREACH(ns->package_lines, char *, c, tor_free(c));
|
|
|
|
smartlist_free(ns->package_lines);
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
if (ns->voters) {
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(ns->voters, networkstatus_voter_info_t *, voter) {
|
2007-10-22 19:31:26 +02:00
|
|
|
tor_free(voter->nickname);
|
|
|
|
tor_free(voter->address);
|
|
|
|
tor_free(voter->contact);
|
2009-09-16 23:01:01 +02:00
|
|
|
if (voter->sigs) {
|
|
|
|
SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
|
|
|
|
document_signature_free(sig));
|
|
|
|
smartlist_free(voter->sigs);
|
|
|
|
}
|
2007-10-25 16:31:15 +02:00
|
|
|
tor_free(voter);
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(voter);
|
2007-10-22 19:31:26 +02:00
|
|
|
smartlist_free(ns->voters);
|
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
authority_cert_free(ns->cert);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
if (ns->routerstatus_list) {
|
2008-07-24 11:22:27 +02:00
|
|
|
if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
|
2007-10-22 19:31:26 +02:00
|
|
|
SMARTLIST_FOREACH(ns->routerstatus_list, vote_routerstatus_t *, rs,
|
2008-08-26 01:19:58 +02:00
|
|
|
vote_routerstatus_free(rs));
|
2007-10-22 19:31:26 +02:00
|
|
|
} else {
|
|
|
|
SMARTLIST_FOREACH(ns->routerstatus_list, routerstatus_t *, rs,
|
2008-08-26 01:19:58 +02:00
|
|
|
routerstatus_free(rs));
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
smartlist_free(ns->routerstatus_list);
|
|
|
|
}
|
2009-12-12 08:07:59 +01:00
|
|
|
|
|
|
|
digestmap_free(ns->desc_digest_map, NULL);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
2016-05-03 17:21:17 +02:00
|
|
|
if (ns->sr_info.commits) {
|
|
|
|
SMARTLIST_FOREACH(ns->sr_info.commits, sr_commit_t *, c,
|
|
|
|
sr_commit_free(c));
|
|
|
|
smartlist_free(ns->sr_info.commits);
|
|
|
|
}
|
|
|
|
tor_free(ns->sr_info.previous_srv);
|
|
|
|
tor_free(ns->sr_info.current_srv);
|
|
|
|
|
2012-11-07 22:09:58 +01:00
|
|
|
memwipe(ns, 11, sizeof(*ns));
|
2007-10-22 19:31:26 +02:00
|
|
|
tor_free(ns);
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return the voter info from <b>vote</b> for the voter whose identity digest
|
|
|
|
* is <b>identity</b>, or NULL if no such voter is associated with
|
|
|
|
* <b>vote</b>. */
|
|
|
|
networkstatus_voter_info_t *
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_get_voter_by_id(networkstatus_t *vote,
|
2007-10-22 19:31:26 +02:00
|
|
|
const char *identity)
|
|
|
|
{
|
|
|
|
if (!vote || !vote->voters)
|
|
|
|
return NULL;
|
|
|
|
SMARTLIST_FOREACH(vote->voters, networkstatus_voter_info_t *, voter,
|
2011-05-10 22:58:38 +02:00
|
|
|
if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN))
|
2007-10-22 19:31:26 +02:00
|
|
|
return voter);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Check whether the signature <b>sig</b> is correctly signed with the
|
|
|
|
* signing key in <b>cert</b>. Return -1 if <b>cert</b> doesn't match the
|
2007-10-22 19:31:26 +02:00
|
|
|
* signing key; otherwise set the good_signature or bad_signature flag on
|
|
|
|
* <b>voter</b>, and return 0. */
|
|
|
|
int
|
2009-09-16 23:01:01 +02:00
|
|
|
networkstatus_check_document_signature(const networkstatus_t *consensus,
|
|
|
|
document_signature_t *sig,
|
|
|
|
const authority_cert_t *cert)
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
2009-09-16 23:01:01 +02:00
|
|
|
char key_digest[DIGEST_LEN];
|
|
|
|
const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
|
2007-10-22 19:31:26 +02:00
|
|
|
char *signed_digest;
|
|
|
|
size_t signed_digest_len;
|
2009-09-16 23:01:01 +02:00
|
|
|
|
|
|
|
if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
|
2007-10-22 19:31:26 +02:00
|
|
|
return -1;
|
2011-05-11 22:23:42 +02:00
|
|
|
if (tor_memneq(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
|
|
|
|
tor_memneq(sig->identity_digest, cert->cache_info.identity_digest,
|
|
|
|
DIGEST_LEN))
|
2007-10-22 19:31:26 +02:00
|
|
|
return -1;
|
2009-09-16 23:01:01 +02:00
|
|
|
|
2014-04-11 16:22:14 +02:00
|
|
|
if (authority_cert_is_blacklisted(cert)) {
|
|
|
|
/* We implement blacklisting for authority signing keys by treating
|
|
|
|
* all their signatures as always bad. That way we don't get into
|
|
|
|
* crazy loops of dropping and re-fetching signatures. */
|
|
|
|
log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
|
|
|
|
" signing key %s",
|
|
|
|
hex_str(cert->signing_key_digest, DIGEST_LEN));
|
|
|
|
sig->bad_signature = 1;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-22 19:31:26 +02:00
|
|
|
signed_digest_len = crypto_pk_keysize(cert->signing_key);
|
|
|
|
signed_digest = tor_malloc(signed_digest_len);
|
|
|
|
if (crypto_pk_public_checksig(cert->signing_key,
|
|
|
|
signed_digest,
|
2011-01-13 20:36:41 +01:00
|
|
|
signed_digest_len,
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->signature,
|
|
|
|
sig->signature_len) < dlen ||
|
2011-05-11 22:23:42 +02:00
|
|
|
tor_memneq(signed_digest, consensus->digests.d[sig->alg], dlen)) {
|
2007-10-22 19:31:26 +02:00
|
|
|
log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->bad_signature = 1;
|
2007-10-22 19:31:26 +02:00
|
|
|
} else {
|
2009-09-16 23:01:01 +02:00
|
|
|
sig->good_signature = 1;
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
2007-10-25 16:31:15 +02:00
|
|
|
tor_free(signed_digest);
|
2007-10-22 19:31:26 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Given a v3 networkstatus consensus in <b>consensus</b>, check every
|
|
|
|
* as-yet-unchecked signature on <b>consensus</b>. Return 1 if there is a
|
|
|
|
* signature from every recognized authority on it, 0 if there are
|
|
|
|
* enough good signatures from recognized authorities on it, -1 if we might
|
|
|
|
* get enough good signatures by fetching missing certificates, and -2
|
|
|
|
* otherwise. Log messages at INFO or WARN: if <b>warn</b> is over 1, warn
|
|
|
|
* about every problem; if warn is at least 1, warn only if we can't get
|
|
|
|
* enough signatures; if warn is negative, log nothing at all. */
|
|
|
|
int
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_check_consensus_signature(networkstatus_t *consensus,
|
2007-10-22 19:31:26 +02:00
|
|
|
int warn)
|
|
|
|
{
|
|
|
|
int n_good = 0;
|
2010-09-02 22:42:18 +02:00
|
|
|
int n_missing_key = 0, n_dl_failed_key = 0;
|
2007-10-22 19:31:26 +02:00
|
|
|
int n_bad = 0;
|
|
|
|
int n_unknown = 0;
|
|
|
|
int n_no_signature = 0;
|
2010-11-08 20:35:02 +01:00
|
|
|
int n_v3_authorities = get_n_authorities(V3_DIRINFO);
|
2007-10-22 19:31:26 +02:00
|
|
|
int n_required = n_v3_authorities/2 + 1;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *list_good = smartlist_new();
|
|
|
|
smartlist_t *list_no_signature = smartlist_new();
|
|
|
|
smartlist_t *need_certs_from = smartlist_new();
|
|
|
|
smartlist_t *unrecognized = smartlist_new();
|
|
|
|
smartlist_t *missing_authorities = smartlist_new();
|
2007-10-22 19:31:26 +02:00
|
|
|
int severity;
|
2008-11-07 14:38:49 +01:00
|
|
|
time_t now = time(NULL);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
2008-07-24 11:22:27 +02:00
|
|
|
tor_assert(consensus->type == NS_TYPE_CONSENSUS);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(consensus->voters, networkstatus_voter_info_t *,
|
|
|
|
voter) {
|
|
|
|
int good_here = 0;
|
|
|
|
int bad_here = 0;
|
2010-09-20 19:33:57 +02:00
|
|
|
int unknown_here = 0;
|
2010-09-02 22:42:18 +02:00
|
|
|
int missing_key_here = 0, dl_failed_key_here = 0;
|
2009-09-16 23:01:01 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
|
|
|
|
if (!sig->good_signature && !sig->bad_signature &&
|
|
|
|
sig->signature) {
|
|
|
|
/* we can try to check the signature. */
|
|
|
|
int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
|
|
|
|
sig->identity_digest) != NULL;
|
|
|
|
authority_cert_t *cert =
|
|
|
|
authority_cert_get_by_digests(sig->identity_digest,
|
|
|
|
sig->signing_key_digest);
|
2011-05-11 22:27:27 +02:00
|
|
|
tor_assert(tor_memeq(sig->identity_digest, voter->identity_digest,
|
2009-09-16 23:01:01 +02:00
|
|
|
DIGEST_LEN));
|
|
|
|
|
|
|
|
if (!is_v3_auth) {
|
|
|
|
smartlist_add(unrecognized, voter);
|
2010-09-20 19:33:57 +02:00
|
|
|
++unknown_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
} else if (!cert || cert->expires < now) {
|
|
|
|
smartlist_add(need_certs_from, voter);
|
|
|
|
++missing_key_here;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (authority_cert_dl_looks_uncertain(sig->identity_digest))
|
|
|
|
++dl_failed_key_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
|
|
|
|
smartlist_add(need_certs_from, voter);
|
|
|
|
++missing_key_here;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (authority_cert_dl_looks_uncertain(sig->identity_digest))
|
|
|
|
++dl_failed_key_here;
|
2009-09-16 23:01:01 +02:00
|
|
|
continue;
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
2009-09-16 23:01:01 +02:00
|
|
|
if (sig->good_signature)
|
|
|
|
++good_here;
|
|
|
|
else if (sig->bad_signature)
|
|
|
|
++bad_here;
|
|
|
|
} SMARTLIST_FOREACH_END(sig);
|
2012-01-08 18:14:44 +01:00
|
|
|
|
|
|
|
if (good_here) {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_good;
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_add(list_good, voter->nickname);
|
|
|
|
} else if (bad_here) {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_bad;
|
2012-01-08 18:14:44 +01:00
|
|
|
} else if (missing_key_here) {
|
2009-09-16 23:01:01 +02:00
|
|
|
++n_missing_key;
|
2010-09-02 22:42:18 +02:00
|
|
|
if (dl_failed_key_here)
|
|
|
|
++n_dl_failed_key;
|
2010-09-20 19:33:57 +02:00
|
|
|
} else if (unknown_here) {
|
|
|
|
++n_unknown;
|
|
|
|
} else {
|
2007-10-22 19:31:26 +02:00
|
|
|
++n_no_signature;
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_add(list_no_signature, voter->nickname);
|
2010-09-20 19:33:57 +02:00
|
|
|
}
|
2009-09-16 23:01:01 +02:00
|
|
|
} SMARTLIST_FOREACH_END(voter);
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
/* Now see whether we're missing any voters entirely. */
|
|
|
|
SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
|
2012-09-10 21:55:27 +02:00
|
|
|
dir_server_t *, ds,
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
2010-11-08 20:35:02 +01:00
|
|
|
if ((ds->type & V3_DIRINFO) &&
|
2007-10-22 19:31:26 +02:00
|
|
|
!networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
|
|
|
|
smartlist_add(missing_authorities, ds);
|
|
|
|
});
|
|
|
|
|
2010-09-02 22:42:18 +02:00
|
|
|
if (warn > 1 || (warn >= 0 &&
|
|
|
|
(n_good + n_missing_key - n_dl_failed_key < n_required))) {
|
2007-10-22 19:31:26 +02:00
|
|
|
severity = LOG_WARN;
|
2010-09-02 22:42:18 +02:00
|
|
|
} else {
|
2007-10-22 19:31:26 +02:00
|
|
|
severity = LOG_INFO;
|
2010-09-02 22:42:18 +02:00
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
|
|
|
|
if (warn >= 0) {
|
|
|
|
SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
|
|
|
|
{
|
2013-02-01 21:43:37 +01:00
|
|
|
tor_log(severity, LD_DIR, "Consensus includes unrecognized authority "
|
2010-08-19 17:13:35 +02:00
|
|
|
"'%s' at %s:%d (contact %s; identity %s)",
|
2008-01-24 03:31:37 +01:00
|
|
|
voter->nickname, voter->address, (int)voter->dir_port,
|
|
|
|
voter->contact?voter->contact:"n/a",
|
|
|
|
hex_str(voter->identity_digest, DIGEST_LEN));
|
2007-10-22 19:31:26 +02:00
|
|
|
});
|
|
|
|
SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
|
|
|
|
{
|
2013-02-01 21:43:37 +01:00
|
|
|
tor_log(severity, LD_DIR, "Looks like we need to download a new "
|
2010-08-19 17:13:35 +02:00
|
|
|
"certificate from authority '%s' at %s:%d (contact %s; "
|
|
|
|
"identity %s)",
|
2007-10-22 19:31:26 +02:00
|
|
|
voter->nickname, voter->address, (int)voter->dir_port,
|
|
|
|
voter->contact?voter->contact:"n/a",
|
|
|
|
hex_str(voter->identity_digest, DIGEST_LEN));
|
|
|
|
});
|
2012-09-10 21:55:27 +02:00
|
|
|
SMARTLIST_FOREACH(missing_authorities, dir_server_t *, ds,
|
2007-10-22 19:31:26 +02:00
|
|
|
{
|
2013-02-01 21:43:37 +01:00
|
|
|
tor_log(severity, LD_DIR, "Consensus does not include configured "
|
2008-04-24 07:32:55 +02:00
|
|
|
"authority '%s' at %s:%d (identity %s)",
|
|
|
|
ds->nickname, ds->address, (int)ds->dir_port,
|
|
|
|
hex_str(ds->v3_identity_digest, DIGEST_LEN));
|
2007-10-22 19:31:26 +02:00
|
|
|
});
|
2010-08-19 17:13:35 +02:00
|
|
|
{
|
2012-01-11 19:44:10 +01:00
|
|
|
char *joined;
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *sl = smartlist_new();
|
2012-01-08 18:14:44 +01:00
|
|
|
char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"A consensus needs %d good signatures from recognized "
|
2012-01-08 18:14:44 +01:00
|
|
|
"authorities for us to accept it. This one has %d (%s).",
|
|
|
|
n_required, n_good, tmp);
|
|
|
|
tor_free(tmp);
|
2010-08-19 17:13:35 +02:00
|
|
|
if (n_no_signature) {
|
2012-01-08 18:14:44 +01:00
|
|
|
tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"%d (%s) of the authorities we know didn't sign it.",
|
2012-01-08 18:14:44 +01:00
|
|
|
n_no_signature, tmp);
|
|
|
|
tor_free(tmp);
|
2010-08-19 17:13:35 +02:00
|
|
|
}
|
|
|
|
if (n_unknown) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"It has %d signatures from authorities we don't "
|
2010-08-19 17:13:35 +02:00
|
|
|
"recognize.", n_unknown);
|
|
|
|
}
|
|
|
|
if (n_bad) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl, "%d of the signatures on it didn't verify "
|
2010-08-19 17:13:35 +02:00
|
|
|
"correctly.", n_bad);
|
|
|
|
}
|
|
|
|
if (n_missing_key) {
|
2012-01-11 19:44:10 +01:00
|
|
|
smartlist_add_asprintf(sl,
|
|
|
|
"We were unable to check %d of the signatures, "
|
2010-08-19 17:13:35 +02:00
|
|
|
"because we were missing the keys.", n_missing_key);
|
|
|
|
}
|
2012-01-11 19:44:10 +01:00
|
|
|
joined = smartlist_join_strings(sl, " ", 0, NULL);
|
2013-02-01 21:43:37 +01:00
|
|
|
tor_log(severity, LD_DIR, "%s", joined);
|
2012-01-11 19:44:10 +01:00
|
|
|
tor_free(joined);
|
2010-08-19 17:13:35 +02:00
|
|
|
SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
|
|
|
|
smartlist_free(sl);
|
|
|
|
}
|
2007-10-22 19:31:26 +02:00
|
|
|
}
|
|
|
|
|
2012-01-08 18:14:44 +01:00
|
|
|
smartlist_free(list_good);
|
|
|
|
smartlist_free(list_no_signature);
|
2007-10-22 19:31:26 +02:00
|
|
|
smartlist_free(unrecognized);
|
|
|
|
smartlist_free(need_certs_from);
|
|
|
|
smartlist_free(missing_authorities);
|
|
|
|
|
|
|
|
if (n_good == n_v3_authorities)
|
|
|
|
return 1;
|
|
|
|
else if (n_good >= n_required)
|
|
|
|
return 0;
|
|
|
|
else if (n_good + n_missing_key >= n_required)
|
|
|
|
return -1;
|
|
|
|
else
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** How far in the future do we allow a network-status to get before removing
|
|
|
|
* it? (seconds) */
|
|
|
|
#define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
/** Helper for bsearching a list of routerstatus_t pointers: compare a
|
|
|
|
* digest in the key to the identity digest of a routerstatus_t. */
|
2009-07-31 06:33:53 +02:00
|
|
|
int
|
|
|
|
compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
const char *key = _key;
|
|
|
|
const routerstatus_t *rs = *_member;
|
2011-05-10 22:23:43 +02:00
|
|
|
return tor_memcmp(key, rs->identity_digest, DIGEST_LEN);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
Refactor storing of measured_bw versus Unmeasured=1.
This patch moves the measured_bw field and the has_measured_bw field
into vote_routerstatus_t, since only votes have 'Measured=XX' set on
their weight line.
I also added a new bw_is_unmeasured flag to routerstatus_t to
represent the Unmeasured=1 flag on a w line. Previously, I was using
has_measured_bw for this, which was quite incorrect: has_measured_bw
means that the measured_bw field is set, and it's probably a mistake
to have it serve double duty as meaning that 'baandwidth' represents a
measured value.
While making this change,I also found a harmless but stupid bug in
dirserv_read_measured_bandwidths: It assumes that it's getting a
smartlist of routerstatus_t, when really it's getting a smartlist of
vote_routerstatus_t. C's struct layout rules mean that we could never
actually get an error because of that, but it's still quite incorrect.
I fixed that, and in the process needed to add two more sorting and
searching helpers.
Finally, I made the Unmeasured=1 flag get parsed. We don't use it for
anything yet, but someday we might.
This isn't complete yet -- the new 2286 unit test doesn't build.
2013-02-19 16:39:27 +01:00
|
|
|
/** Helper for bsearching a list of routerstatus_t pointers: compare a
|
|
|
|
* digest in the key to the identity digest of a routerstatus_t. */
|
|
|
|
int
|
|
|
|
compare_digest_to_vote_routerstatus_entry(const void *_key,
|
|
|
|
const void **_member)
|
|
|
|
{
|
|
|
|
const char *key = _key;
|
|
|
|
const vote_routerstatus_t *vrs = *_member;
|
|
|
|
return tor_memcmp(key, vrs->status.identity_digest, DIGEST_LEN);
|
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** As networkstatus_find_entry, but do not return a const pointer */
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_vote_find_mutable_entry(networkstatus_t *ns, const char *digest)
|
2007-10-16 01:15:24 +02:00
|
|
|
{
|
|
|
|
return smartlist_bsearch(ns->routerstatus_list, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry);
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the entry in <b>ns</b> for the identity digest <b>digest</b>, or
|
|
|
|
* NULL if none was found. */
|
|
|
|
const routerstatus_t *
|
|
|
|
networkstatus_vote_find_entry(networkstatus_t *ns, const char *digest)
|
|
|
|
{
|
|
|
|
return networkstatus_vote_find_mutable_entry(ns, digest);
|
|
|
|
}
|
|
|
|
|
2010-10-15 17:21:33 +02:00
|
|
|
/*XXXX MOVE make this static once functions are moved into this file. */
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Search the routerstatuses in <b>ns</b> for one whose identity digest is
|
|
|
|
* <b>digest</b>. Return value and set *<b>found_out</b> as for
|
2008-02-09 04:11:10 +01:00
|
|
|
* smartlist_bsearch_idx(). */
|
2007-11-03 21:12:41 +01:00
|
|
|
int
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_vote_find_entry_idx(networkstatus_t *ns,
|
2007-11-03 21:12:41 +01:00
|
|
|
const char *digest, int *found_out)
|
|
|
|
{
|
|
|
|
return smartlist_bsearch_idx(ns->routerstatus_list, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry,
|
2007-11-03 21:12:41 +01:00
|
|
|
found_out);
|
|
|
|
}
|
|
|
|
|
2012-06-05 01:51:00 +02:00
|
|
|
/** As router_get_consensus_status_by_descriptor_digest, but does not return
|
|
|
|
* a const pointer. */
|
2014-10-07 15:20:44 +02:00
|
|
|
MOCK_IMPL(routerstatus_t *,
|
|
|
|
router_get_mutable_consensus_status_by_descriptor_digest,(
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_t *consensus,
|
2014-10-07 15:20:44 +02:00
|
|
|
const char *digest))
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!consensus)
|
2016-09-20 16:52:20 +02:00
|
|
|
consensus = networkstatus_get_latest_consensus();
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!consensus)
|
|
|
|
return NULL;
|
|
|
|
if (!consensus->desc_digest_map) {
|
|
|
|
digestmap_t *m = consensus->desc_digest_map = digestmap_new();
|
|
|
|
SMARTLIST_FOREACH(consensus->routerstatus_list,
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *, rs,
|
|
|
|
{
|
|
|
|
digestmap_set(m, rs->descriptor_digest, rs);
|
|
|
|
});
|
|
|
|
}
|
2010-05-11 23:20:33 +02:00
|
|
|
return digestmap_get(consensus->desc_digest_map, digest);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the consensus view of the status of the router whose current
|
|
|
|
* <i>descriptor</i> digest in <b>consensus</b> is <b>digest</b>, or NULL if
|
|
|
|
* no such router is known. */
|
|
|
|
const routerstatus_t *
|
|
|
|
router_get_consensus_status_by_descriptor_digest(networkstatus_t *consensus,
|
|
|
|
const char *digest)
|
|
|
|
{
|
|
|
|
return router_get_mutable_consensus_status_by_descriptor_digest(
|
|
|
|
consensus, digest);
|
|
|
|
}
|
|
|
|
|
2016-06-28 04:21:39 +02:00
|
|
|
/** Return a smartlist of all router descriptor digests in a consensus */
|
|
|
|
static smartlist_t *
|
|
|
|
router_get_descriptor_digests_in_consensus(networkstatus_t *consensus)
|
|
|
|
{
|
|
|
|
smartlist_t *result = smartlist_new();
|
|
|
|
digestmap_iter_t *i;
|
|
|
|
const char *digest;
|
|
|
|
void *rs;
|
|
|
|
char *digest_tmp;
|
|
|
|
|
|
|
|
for (i = digestmap_iter_init(consensus->desc_digest_map);
|
|
|
|
!(digestmap_iter_done(i));
|
|
|
|
i = digestmap_iter_next(consensus->desc_digest_map, i)) {
|
|
|
|
digestmap_iter_get(i, &digest, &rs);
|
|
|
|
digest_tmp = tor_malloc(DIGEST_LEN);
|
|
|
|
memcpy(digest_tmp, digest, DIGEST_LEN);
|
|
|
|
smartlist_add(result, digest_tmp);
|
|
|
|
}
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return a smartlist of all router descriptor digests in the current
|
|
|
|
* consensus */
|
2016-06-28 23:30:57 +02:00
|
|
|
MOCK_IMPL(smartlist_t *,
|
|
|
|
router_get_descriptor_digests,(void))
|
2016-06-28 04:21:39 +02:00
|
|
|
{
|
|
|
|
smartlist_t *result = NULL;
|
|
|
|
|
|
|
|
if (current_ns_consensus) {
|
|
|
|
result =
|
|
|
|
router_get_descriptor_digests_in_consensus(current_ns_consensus);
|
|
|
|
}
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Given the digest of a router descriptor, return its current download
|
|
|
|
* status, or NULL if the digest is unrecognized. */
|
2014-10-07 15:20:44 +02:00
|
|
|
MOCK_IMPL(download_status_t *,
|
|
|
|
router_get_dl_status_by_descriptor_digest,(const char *d))
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2007-10-16 01:15:24 +02:00
|
|
|
routerstatus_t *rs;
|
2010-05-11 23:20:33 +02:00
|
|
|
if (!current_ns_consensus)
|
|
|
|
return NULL;
|
2010-09-29 07:35:08 +02:00
|
|
|
if ((rs = router_get_mutable_consensus_status_by_descriptor_digest(
|
|
|
|
current_ns_consensus, d)))
|
2007-10-16 01:15:24 +02:00
|
|
|
return &rs->dl_status;
|
|
|
|
|
|
|
|
return NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** As router_get_consensus_status_by_id, but do not return a const pointer */
|
2007-10-09 17:27:15 +02:00
|
|
|
routerstatus_t *
|
2010-09-29 07:35:08 +02:00
|
|
|
router_get_mutable_consensus_status_by_id(const char *digest)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2016-09-21 21:20:27 +02:00
|
|
|
const networkstatus_t *ns = networkstatus_get_latest_consensus();
|
|
|
|
if (!ns)
|
2007-10-08 23:21:50 +02:00
|
|
|
return NULL;
|
2016-09-21 21:20:27 +02:00
|
|
|
smartlist_t *rslist = ns->routerstatus_list;
|
2016-09-21 21:15:17 +02:00
|
|
|
return smartlist_bsearch(rslist, digest,
|
2009-07-31 06:33:53 +02:00
|
|
|
compare_digest_to_routerstatus_entry);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
/** Return the consensus view of the status of the router whose identity
|
|
|
|
* digest is <b>digest</b>, or NULL if we don't know about any such router. */
|
|
|
|
const routerstatus_t *
|
|
|
|
router_get_consensus_status_by_id(const char *digest)
|
|
|
|
{
|
|
|
|
return router_get_mutable_consensus_status_by_id(digest);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** How frequently do directory authorities re-download fresh networkstatus
|
|
|
|
* documents? */
|
2007-12-01 21:04:36 +01:00
|
|
|
#define AUTHORITY_NS_CACHE_INTERVAL (10*60)
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/** How frequently do non-authority directory caches re-download fresh
|
|
|
|
* networkstatus documents? */
|
2007-12-01 21:04:36 +01:00
|
|
|
#define NONAUTHORITY_NS_CACHE_INTERVAL (60*60)
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2012-06-05 00:50:13 +02:00
|
|
|
/** Return true iff, given the options listed in <b>options</b>, <b>flavor</b>
|
2016-11-30 01:06:36 +01:00
|
|
|
* is the flavor of a consensus networkstatus that we would like to fetch.
|
|
|
|
*
|
|
|
|
* For certificate fetches, use we_want_to_fetch_unknown_auth_certs, and
|
|
|
|
* for serving fetched documents, use directory_caches_dir_info. */
|
|
|
|
int
|
2011-06-14 19:01:38 +02:00
|
|
|
we_want_to_fetch_flavor(const or_options_t *options, int flavor)
|
2010-09-17 04:12:03 +02:00
|
|
|
{
|
|
|
|
if (flavor < 0 || flavor > N_CONSENSUS_FLAVORS) {
|
|
|
|
/* This flavor is crazy; we don't want it */
|
|
|
|
/*XXXX handle unrecognized flavors later */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (authdir_mode_v3(options) || directory_caches_dir_info(options)) {
|
|
|
|
/* We want to serve all flavors to others, regardless if we would use
|
|
|
|
* it ourselves. */
|
|
|
|
return 1;
|
|
|
|
}
|
2011-08-29 17:18:06 +02:00
|
|
|
if (options->FetchUselessDescriptors) {
|
|
|
|
/* In order to get all descriptors, we need to fetch all consensuses. */
|
|
|
|
return 1;
|
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
/* Otherwise, we want the flavor only if we want to use it to build
|
|
|
|
* circuits. */
|
2010-11-08 20:21:32 +01:00
|
|
|
return flavor == usable_consensus_flavor();
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
|
2016-11-30 01:07:48 +01:00
|
|
|
/** Return true iff, given the options listed in <b>options</b>, we would like
|
|
|
|
* to fetch and store unknown authority certificates.
|
|
|
|
*
|
|
|
|
* For consensus and descriptor fetches, use we_want_to_fetch_flavor, and
|
|
|
|
* for serving fetched certificates, use directory_caches_unknown_auth_certs.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
we_want_to_fetch_unknown_auth_certs(const or_options_t *options)
|
|
|
|
{
|
|
|
|
if (authdir_mode_v3(options) ||
|
|
|
|
directory_caches_unknown_auth_certs((options))) {
|
|
|
|
/* We want to serve all certs to others, regardless if we would use
|
|
|
|
* them ourselves. */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
if (options->FetchUselessDescriptors) {
|
|
|
|
/* Unknown certificates are definitely useless. */
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
/* Otherwise, don't fetch unknown certificates. */
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** How long will we hang onto a possibly live consensus for which we're
|
|
|
|
* fetching certs before we check whether there is a better one? */
|
2007-10-24 21:53:11 +02:00
|
|
|
#define DELAY_WHILE_FETCHING_CERTS (20*60)
|
2007-10-22 20:21:22 +02:00
|
|
|
|
2016-11-07 14:01:20 +01:00
|
|
|
/** What is the minimum time we need to have waited fetching certs, before we
|
|
|
|
* increment the consensus download schedule on failure? */
|
|
|
|
#define MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE (1*60)
|
|
|
|
|
2015-12-07 07:55:38 +01:00
|
|
|
/* Check if a downloaded consensus flavor should still wait for certificates
|
2016-11-07 14:01:20 +01:00
|
|
|
* to download now. If we decide not to wait, check if enough time has passed
|
|
|
|
* to consider the certificate download failure a separate failure. If so,
|
|
|
|
* fail dls.
|
|
|
|
* If waiting for certificates to download, return 1. If not, return 0. */
|
2015-12-07 07:55:38 +01:00
|
|
|
static int
|
|
|
|
check_consensus_waiting_for_certs(int flavor, time_t now,
|
|
|
|
download_status_t *dls)
|
|
|
|
{
|
|
|
|
consensus_waiting_for_certs_t *waiting;
|
|
|
|
|
|
|
|
/* We should always have a known flavor, because we_want_to_fetch_flavor()
|
|
|
|
* filters out unknown flavors. */
|
|
|
|
tor_assert(flavor >= 0 && flavor < N_CONSENSUS_FLAVORS);
|
|
|
|
|
|
|
|
waiting = &consensus_waiting_for_certs[flavor];
|
|
|
|
if (waiting->consensus) {
|
|
|
|
/* XXXX make sure this doesn't delay sane downloads. */
|
2016-11-07 14:01:20 +01:00
|
|
|
if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now &&
|
|
|
|
waiting->consensus->valid_until > now) {
|
2015-12-07 07:55:38 +01:00
|
|
|
return 1;
|
|
|
|
} else {
|
|
|
|
if (!waiting->dl_failed) {
|
2016-11-07 14:01:20 +01:00
|
|
|
if (waiting->set_at + MIN_DELAY_FOR_FETCH_CERT_STATUS_FAILURE > now) {
|
|
|
|
download_status_failed(dls, 0);
|
|
|
|
}
|
2015-12-07 07:55:38 +01:00
|
|
|
waiting->dl_failed=1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** If we want to download a fresh consensus, launch a new download as
|
2007-11-29 16:23:41 +01:00
|
|
|
* appropriate. */
|
2007-10-08 23:21:50 +02:00
|
|
|
static void
|
|
|
|
update_consensus_networkstatus_downloads(time_t now)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2016-04-13 06:06:30 +02:00
|
|
|
const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping(
|
2015-12-07 07:55:38 +01:00
|
|
|
now);
|
|
|
|
const int use_multi_conn =
|
|
|
|
networkstatus_consensus_can_use_multiple_directories(options);
|
|
|
|
|
|
|
|
if (should_delay_dir_fetches(options, NULL))
|
|
|
|
return;
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
|
2010-09-17 04:12:03 +02:00
|
|
|
/* XXXX need some way to download unknown flavors if we are caching. */
|
|
|
|
const char *resource;
|
2012-03-28 08:55:33 +02:00
|
|
|
networkstatus_t *c;
|
2015-12-07 07:55:38 +01:00
|
|
|
int max_in_progress_conns = 1;
|
2010-09-17 04:12:03 +02:00
|
|
|
|
|
|
|
if (! we_want_to_fetch_flavor(options, i))
|
|
|
|
continue;
|
|
|
|
|
2012-03-28 08:55:33 +02:00
|
|
|
c = networkstatus_get_latest_consensus_by_flavor(i);
|
|
|
|
if (! (c && c->valid_after <= now && now <= c->valid_until)) {
|
|
|
|
/* No live consensus? Get one now!*/
|
|
|
|
time_to_download_next_consensus[i] = now;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (time_to_download_next_consensus[i] > now)
|
2013-08-22 16:00:37 +02:00
|
|
|
continue; /* Wait until the current consensus is older. */
|
2012-03-28 08:55:33 +02:00
|
|
|
|
2011-02-23 18:32:15 +01:00
|
|
|
resource = networkstatus_get_flavor_name(i);
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2015-12-07 07:55:38 +01:00
|
|
|
/* Check if we already have enough connections in progress */
|
2016-11-07 12:58:36 +01:00
|
|
|
if (we_are_bootstrapping && use_multi_conn) {
|
2015-12-07 07:55:38 +01:00
|
|
|
max_in_progress_conns =
|
2016-04-05 20:43:20 +02:00
|
|
|
options->ClientBootstrapConsensusMaxInProgressTries;
|
2015-12-07 07:55:38 +01:00
|
|
|
}
|
|
|
|
if (connection_dir_count_by_purpose_and_resource(
|
|
|
|
DIR_PURPOSE_FETCH_CONSENSUS,
|
|
|
|
resource)
|
|
|
|
>= max_in_progress_conns) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Check if we want to launch another download for a usable consensus.
|
|
|
|
* Only used during bootstrap. */
|
|
|
|
if (we_are_bootstrapping && use_multi_conn
|
|
|
|
&& i == usable_consensus_flavor()) {
|
|
|
|
|
|
|
|
/* Check if we're already downloading a usable consensus */
|
2016-04-13 07:30:29 +02:00
|
|
|
if (networkstatus_consensus_is_already_downloading(resource))
|
2015-12-07 07:55:38 +01:00
|
|
|
continue;
|
|
|
|
|
2016-04-13 06:06:30 +02:00
|
|
|
/* Make multiple connections for a bootstrap consensus download. */
|
2016-04-14 08:29:12 +02:00
|
|
|
update_consensus_bootstrap_multiple_downloads(now, options);
|
2015-12-07 07:55:38 +01:00
|
|
|
} else {
|
|
|
|
/* Check if we failed downloading a consensus too recently */
|
|
|
|
|
|
|
|
/* Let's make sure we remembered to update consensus_dl_status */
|
|
|
|
tor_assert(consensus_dl_status[i].schedule == DL_SCHED_CONSENSUS);
|
|
|
|
|
2018-01-31 21:03:47 +01:00
|
|
|
if (!download_status_is_ready(&consensus_dl_status[i], now)) {
|
2015-12-07 07:55:38 +01:00
|
|
|
continue;
|
2007-10-24 21:53:11 +02:00
|
|
|
}
|
2015-12-07 07:55:38 +01:00
|
|
|
|
|
|
|
/* Check if we're waiting for certificates to download */
|
|
|
|
if (check_consensus_waiting_for_certs(i, now, &consensus_dl_status[i]))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Try the requested attempt */
|
|
|
|
log_info(LD_DIR, "Launching %s standard networkstatus consensus "
|
|
|
|
"download.", networkstatus_get_flavor_name(i));
|
|
|
|
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
|
|
|
|
ROUTER_PURPOSE_GENERAL, resource,
|
|
|
|
PDS_RETRY_IF_NO_SERVERS,
|
|
|
|
consensus_dl_status[i].want_authority);
|
2007-10-24 21:53:11 +02:00
|
|
|
}
|
2015-12-07 07:55:38 +01:00
|
|
|
}
|
|
|
|
}
|
2007-10-24 21:53:11 +02:00
|
|
|
|
2015-12-07 07:55:38 +01:00
|
|
|
/** When we're bootstrapping, launch one or more consensus download
|
|
|
|
* connections, if schedule indicates connection(s) should be made after now.
|
|
|
|
* If is_authority, connect to an authority, otherwise, use a fallback
|
|
|
|
* directory mirror.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
update_consensus_bootstrap_attempt_downloads(
|
|
|
|
time_t now,
|
|
|
|
download_status_t *dls,
|
|
|
|
download_want_authority_t want_authority)
|
|
|
|
{
|
|
|
|
const char *resource = networkstatus_get_flavor_name(
|
|
|
|
usable_consensus_flavor());
|
|
|
|
|
|
|
|
/* Let's make sure we remembered to update schedule */
|
|
|
|
tor_assert(dls->schedule == DL_SCHED_CONSENSUS);
|
|
|
|
|
|
|
|
/* Allow for multiple connections in the same second, if the schedule value
|
|
|
|
* is 0. */
|
2018-01-31 21:03:47 +01:00
|
|
|
while (download_status_is_ready(dls, now)) {
|
2015-12-07 07:55:38 +01:00
|
|
|
log_info(LD_DIR, "Launching %s bootstrap %s networkstatus consensus "
|
|
|
|
"download.", resource, (want_authority == DL_WANT_AUTHORITY
|
|
|
|
? "authority"
|
|
|
|
: "mirror"));
|
2010-09-17 04:12:03 +02:00
|
|
|
|
|
|
|
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CONSENSUS,
|
|
|
|
ROUTER_PURPOSE_GENERAL, resource,
|
2015-12-07 07:55:38 +01:00
|
|
|
PDS_RETRY_IF_NO_SERVERS, want_authority);
|
|
|
|
/* schedule the next attempt */
|
|
|
|
download_status_increment_attempt(dls, resource, now);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** If we're bootstrapping, check the connection schedules and see if we want
|
|
|
|
* to make additional, potentially concurrent, consensus download
|
|
|
|
* connections.
|
|
|
|
* Only call when bootstrapping, and when we want to make additional
|
|
|
|
* connections. Only nodes that satisfy
|
2016-04-13 06:06:30 +02:00
|
|
|
* networkstatus_consensus_can_use_multiple_directories make additional
|
2015-12-07 07:55:38 +01:00
|
|
|
* connections.
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
update_consensus_bootstrap_multiple_downloads(time_t now,
|
2016-04-14 08:29:12 +02:00
|
|
|
const or_options_t *options)
|
2015-12-07 07:55:38 +01:00
|
|
|
{
|
|
|
|
const int usable_flavor = usable_consensus_flavor();
|
|
|
|
|
|
|
|
/* make sure we can use multiple connections */
|
|
|
|
if (!networkstatus_consensus_can_use_multiple_directories(options)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Launch concurrent consensus download attempt(s) based on the mirror and
|
|
|
|
* authority schedules. Try the mirror first - this makes it slightly more
|
|
|
|
* likely that we'll connect to the fallback first, and then end the
|
|
|
|
* authority connection attempt. */
|
|
|
|
|
|
|
|
/* If a consensus download fails because it's waiting for certificates,
|
|
|
|
* we'll fail both the authority and fallback schedules. This is better than
|
|
|
|
* failing only one of the schedules, and having the other continue
|
|
|
|
* unchecked.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* If we don't have or can't use extra fallbacks, don't try them. */
|
|
|
|
if (networkstatus_consensus_can_use_extra_fallbacks(options)) {
|
|
|
|
download_status_t *dls_f =
|
|
|
|
&consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_ANY_DIRSERVER];
|
|
|
|
|
|
|
|
if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_f)) {
|
|
|
|
/* During bootstrap, DL_WANT_ANY_DIRSERVER means "use fallbacks". */
|
2018-01-31 21:03:47 +01:00
|
|
|
update_consensus_bootstrap_attempt_downloads(now, dls_f,
|
2015-12-07 07:55:38 +01:00
|
|
|
DL_WANT_ANY_DIRSERVER);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Now try an authority. */
|
|
|
|
download_status_t *dls_a =
|
|
|
|
&consensus_bootstrap_dl_status[CONSENSUS_BOOTSTRAP_SOURCE_AUTHORITY];
|
|
|
|
|
|
|
|
if (!check_consensus_waiting_for_certs(usable_flavor, now, dls_a)) {
|
2018-01-31 21:03:47 +01:00
|
|
|
update_consensus_bootstrap_attempt_downloads(now, dls_a,
|
2015-12-07 07:55:38 +01:00
|
|
|
DL_WANT_AUTHORITY);
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
2007-10-10 21:33:19 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Called when an attempt to download a consensus fails: note that the
|
|
|
|
* failure occurred, and possibly retry. */
|
2007-10-10 21:33:19 +02:00
|
|
|
void
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_consensus_download_failed(int status_code, const char *flavname)
|
2007-10-10 21:33:19 +02:00
|
|
|
{
|
2010-09-17 04:12:03 +02:00
|
|
|
int flav = networkstatus_parse_flavor_name(flavname);
|
|
|
|
if (flav >= 0) {
|
|
|
|
tor_assert(flav < N_CONSENSUS_FLAVORS);
|
|
|
|
/* XXXX handle unrecognized flavors */
|
|
|
|
download_status_failed(&consensus_dl_status[flav], status_code);
|
|
|
|
/* Retry immediately, if appropriate. */
|
|
|
|
update_consensus_networkstatus_downloads(time(NULL));
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** How long do we (as a cache) wait after a consensus becomes non-fresh
|
|
|
|
* before trying to fetch another? */
|
2007-10-22 20:21:22 +02:00
|
|
|
#define CONSENSUS_MIN_SECONDS_BEFORE_CACHING 120
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Update the time at which we'll consider replacing the current
|
2012-03-28 08:55:33 +02:00
|
|
|
* consensus of flavor <b>flav</b> */
|
|
|
|
static void
|
|
|
|
update_consensus_networkstatus_fetch_time_impl(time_t now, int flav)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2012-03-28 08:55:33 +02:00
|
|
|
networkstatus_t *c = networkstatus_get_latest_consensus_by_flavor(flav);
|
|
|
|
const char *flavor = networkstatus_get_flavor_name(flav);
|
|
|
|
if (! we_want_to_fetch_flavor(get_options(), flav))
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (c && c->valid_after <= now && now <= c->valid_until) {
|
2007-10-18 16:19:56 +02:00
|
|
|
long dl_interval;
|
|
|
|
long interval = c->fresh_until - c->valid_after;
|
2010-07-31 19:48:41 +02:00
|
|
|
long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
2007-10-08 23:21:50 +02:00
|
|
|
time_t start;
|
2010-07-31 19:48:41 +02:00
|
|
|
|
|
|
|
if (min_sec_before_caching > interval/16) {
|
|
|
|
/* Usually we allow 2-minutes slop factor in case clocks get
|
|
|
|
desynchronized a little. If we're on a private network with
|
|
|
|
a crazy-fast voting interval, though, 2 minutes may be too
|
|
|
|
much. */
|
|
|
|
min_sec_before_caching = interval/16;
|
2014-12-20 11:53:00 +01:00
|
|
|
/* make sure we always delay by at least a second before caching */
|
|
|
|
if (min_sec_before_caching == 0) {
|
|
|
|
min_sec_before_caching = 1;
|
|
|
|
}
|
2010-07-31 19:48:41 +02:00
|
|
|
}
|
|
|
|
|
2007-12-21 07:08:00 +01:00
|
|
|
if (directory_fetches_dir_info_early(options)) {
|
2007-10-22 20:21:22 +02:00
|
|
|
/* We want to cache the next one at some point after this one
|
|
|
|
* is no longer fresh... */
|
2014-05-12 01:16:06 +02:00
|
|
|
start = (time_t)(c->fresh_until + min_sec_before_caching);
|
2009-07-12 03:43:33 +02:00
|
|
|
/* Some clients may need the consensus sooner than others. */
|
2010-09-13 03:28:49 +02:00
|
|
|
if (options->FetchDirInfoExtraEarly || authdir_mode_v3(options)) {
|
2009-07-12 03:43:33 +02:00
|
|
|
dl_interval = 60;
|
2010-08-17 18:07:19 +02:00
|
|
|
if (min_sec_before_caching + dl_interval > interval)
|
|
|
|
dl_interval = interval/2;
|
2009-07-12 03:43:33 +02:00
|
|
|
} else {
|
|
|
|
/* But only in the first half-interval after that. */
|
|
|
|
dl_interval = interval/2;
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2015-06-15 19:11:09 +02:00
|
|
|
/* We're an ordinary client, a bridge, or a hidden service.
|
|
|
|
* Give all the caches enough time to download the consensus. */
|
2014-05-12 01:16:06 +02:00
|
|
|
start = (time_t)(c->fresh_until + (interval*3)/4);
|
2007-12-06 18:01:16 +01:00
|
|
|
/* But download the next one well before this one is expired. */
|
2007-10-22 20:21:22 +02:00
|
|
|
dl_interval = ((c->valid_until - start) * 7 )/ 8;
|
2007-12-06 18:01:16 +01:00
|
|
|
|
|
|
|
/* If we're a bridge user, make use of the numbers we just computed
|
|
|
|
* to choose the rest of the interval *after* them. */
|
2007-12-21 07:08:00 +01:00
|
|
|
if (directory_fetches_dir_info_later(options)) {
|
2007-12-06 18:01:16 +01:00
|
|
|
/* Give all the *clients* enough time to download the consensus. */
|
2014-05-12 01:16:06 +02:00
|
|
|
start = (time_t)(start + dl_interval + min_sec_before_caching);
|
2007-12-06 18:01:16 +01:00
|
|
|
/* But try to get it before ours actually expires. */
|
2010-07-31 19:48:41 +02:00
|
|
|
dl_interval = (c->valid_until - start) - min_sec_before_caching;
|
2007-12-06 18:01:16 +01:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2014-12-20 11:53:00 +01:00
|
|
|
/* catch low dl_interval in crazy-fast networks */
|
2007-10-18 16:19:56 +02:00
|
|
|
if (dl_interval < 1)
|
|
|
|
dl_interval = 1;
|
2014-12-20 11:53:00 +01:00
|
|
|
/* catch late start in crazy-fast networks */
|
|
|
|
if (start+dl_interval >= c->valid_until)
|
|
|
|
start = c->valid_until - dl_interval - 1;
|
|
|
|
log_debug(LD_DIR,
|
|
|
|
"fresh_until: %ld start: %ld "
|
|
|
|
"dl_interval: %ld valid_until: %ld ",
|
2015-01-08 16:44:30 +01:00
|
|
|
(long)c->fresh_until, (long)start, dl_interval,
|
|
|
|
(long)c->valid_until);
|
2009-06-20 09:21:52 +02:00
|
|
|
/* We must not try to replace c while it's still fresh: */
|
2007-10-18 16:19:56 +02:00
|
|
|
tor_assert(c->fresh_until < start);
|
|
|
|
/* We must download the next one before c is invalid: */
|
|
|
|
tor_assert(start+dl_interval < c->valid_until);
|
2012-03-28 08:55:33 +02:00
|
|
|
time_to_download_next_consensus[flav] =
|
|
|
|
start + crypto_rand_int((int)dl_interval);
|
2007-10-17 23:26:22 +02:00
|
|
|
{
|
2007-10-18 16:50:59 +02:00
|
|
|
char tbuf1[ISO_TIME_LEN+1];
|
|
|
|
char tbuf2[ISO_TIME_LEN+1];
|
|
|
|
char tbuf3[ISO_TIME_LEN+1];
|
|
|
|
format_local_iso_time(tbuf1, c->fresh_until);
|
|
|
|
format_local_iso_time(tbuf2, c->valid_until);
|
2012-03-28 08:55:33 +02:00
|
|
|
format_local_iso_time(tbuf3, time_to_download_next_consensus[flav]);
|
2012-03-28 15:02:15 +02:00
|
|
|
log_info(LD_DIR, "Live %s consensus %s the most recent until %s and "
|
|
|
|
"will expire at %s; fetching the next one at %s.",
|
2012-03-28 08:55:33 +02:00
|
|
|
flavor, (c->fresh_until > now) ? "will be" : "was",
|
2007-10-18 16:50:59 +02:00
|
|
|
tbuf1, tbuf2, tbuf3);
|
2007-10-17 23:26:22 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2012-03-28 08:55:33 +02:00
|
|
|
time_to_download_next_consensus[flav] = now;
|
|
|
|
log_info(LD_DIR, "No live %s consensus; we should fetch one immediately.",
|
|
|
|
flavor);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Update the time at which we'll consider replacing the current
|
|
|
|
* consensus of flavor 'flavor' */
|
|
|
|
void
|
|
|
|
update_consensus_networkstatus_fetch_time(time_t now)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
if (we_want_to_fetch_flavor(get_options(), i))
|
|
|
|
update_consensus_networkstatus_fetch_time_impl(now, i);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Return 1 if there's a reason we shouldn't try any directory
|
|
|
|
* fetches yet (e.g. we demand bridges and none are yet known).
|
2014-03-08 14:13:12 +01:00
|
|
|
* Else return 0.
|
|
|
|
|
|
|
|
* If we return 1 and <b>msg_out</b> is provided, set <b>msg_out</b>
|
|
|
|
* to an explanation of why directory fetches are delayed. (If we
|
|
|
|
* return 0, we set msg_out to NULL.)
|
|
|
|
*/
|
2007-10-08 23:21:50 +02:00
|
|
|
int
|
2014-03-08 14:13:12 +01:00
|
|
|
should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2014-03-08 14:13:12 +01:00
|
|
|
if (msg_out) {
|
|
|
|
*msg_out = NULL;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2014-03-08 14:13:12 +01:00
|
|
|
|
2014-03-14 15:42:49 +01:00
|
|
|
if (options->DisableNetwork) {
|
|
|
|
if (msg_out) {
|
|
|
|
*msg_out = "DisableNetwork is set.";
|
|
|
|
}
|
|
|
|
log_info(LD_DIR, "Delaying dir fetches (DisableNetwork is set)");
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2017-09-21 20:34:36 +02:00
|
|
|
if (we_are_hibernating()) {
|
|
|
|
if (msg_out) {
|
|
|
|
*msg_out = "We are hibernating or shutting down.";
|
|
|
|
}
|
|
|
|
log_info(LD_DIR, "Delaying dir fetches (Hibernating or shutting down)");
|
|
|
|
return 1;
|
2014-03-14 15:42:49 +01:00
|
|
|
}
|
|
|
|
|
2014-03-08 14:13:12 +01:00
|
|
|
if (options->UseBridges) {
|
2017-12-10 16:29:05 +01:00
|
|
|
/* If we know that none of our bridges can possibly work, avoid fetching
|
|
|
|
* directory documents. But if some of them might work, try again. */
|
|
|
|
if (num_bridges_usable(1) == 0) {
|
2014-03-08 14:13:12 +01:00
|
|
|
if (msg_out) {
|
|
|
|
*msg_out = "No running bridges";
|
|
|
|
}
|
|
|
|
log_info(LD_DIR, "Delaying dir fetches (no running bridges known)");
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (pt_proxies_configuration_pending()) {
|
|
|
|
if (msg_out) {
|
|
|
|
*msg_out = "Pluggable transport proxies still configuring";
|
|
|
|
}
|
|
|
|
log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)");
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-10 21:33:19 +02:00
|
|
|
/** Launch requests for networkstatus documents and authority certificates as
|
|
|
|
* appropriate. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
update_networkstatus_downloads(time_t now)
|
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2014-03-08 14:13:12 +01:00
|
|
|
if (should_delay_dir_fetches(options, NULL))
|
2007-10-08 23:21:50 +02:00
|
|
|
return;
|
|
|
|
update_consensus_networkstatus_downloads(now);
|
2007-10-22 19:31:22 +02:00
|
|
|
update_certificate_downloads(now);
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Launch requests as appropriate for missing directory authority
|
|
|
|
* certificates. */
|
2007-10-22 19:31:22 +02:00
|
|
|
void
|
|
|
|
update_certificate_downloads(time_t now)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
|
|
|
for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
if (consensus_waiting_for_certs[i].consensus)
|
|
|
|
authority_certs_fetch_missing(consensus_waiting_for_certs[i].consensus,
|
2016-05-04 08:38:27 +02:00
|
|
|
now, NULL);
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
|
|
|
|
2010-09-17 04:12:03 +02:00
|
|
|
if (current_ns_consensus)
|
2016-05-04 08:38:27 +02:00
|
|
|
authority_certs_fetch_missing(current_ns_consensus, now, NULL);
|
2010-12-06 17:26:45 +01:00
|
|
|
if (current_md_consensus)
|
2016-05-04 08:38:27 +02:00
|
|
|
authority_certs_fetch_missing(current_md_consensus, now, NULL);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2008-06-07 07:27:34 +02:00
|
|
|
/** Return 1 if we have a consensus but we don't have enough certificates
|
|
|
|
* to start using it yet. */
|
|
|
|
int
|
|
|
|
consensus_is_waiting_for_certs(void)
|
|
|
|
{
|
2010-11-08 20:21:32 +01:00
|
|
|
return consensus_waiting_for_certs[usable_consensus_flavor()].consensus
|
2009-10-13 23:06:01 +02:00
|
|
|
? 1 : 0;
|
2008-06-07 07:27:34 +02:00
|
|
|
}
|
|
|
|
|
2016-06-27 18:38:37 +02:00
|
|
|
/** Look up the currently active (depending on bootstrap status) download
|
|
|
|
* status for this consensus flavor and return a pointer to it.
|
|
|
|
*/
|
2016-06-28 23:30:57 +02:00
|
|
|
MOCK_IMPL(download_status_t *,
|
|
|
|
networkstatus_get_dl_status_by_flavor,(consensus_flavor_t flavor))
|
2016-06-27 18:38:37 +02:00
|
|
|
{
|
|
|
|
download_status_t *dl = NULL;
|
|
|
|
const int we_are_bootstrapping =
|
|
|
|
networkstatus_consensus_is_bootstrapping(time(NULL));
|
|
|
|
|
2016-06-30 20:08:28 +02:00
|
|
|
if ((int)flavor <= N_CONSENSUS_FLAVORS) {
|
2016-06-27 18:38:37 +02:00
|
|
|
dl = &((we_are_bootstrapping ?
|
|
|
|
consensus_bootstrap_dl_status : consensus_dl_status)[flavor]);
|
|
|
|
}
|
|
|
|
|
|
|
|
return dl;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Look up the bootstrap download status for this consensus flavor
|
|
|
|
* and return a pointer to it. */
|
2016-06-28 23:30:57 +02:00
|
|
|
MOCK_IMPL(download_status_t *,
|
|
|
|
networkstatus_get_dl_status_by_flavor_bootstrap,(consensus_flavor_t flavor))
|
2016-06-27 18:38:37 +02:00
|
|
|
{
|
|
|
|
download_status_t *dl = NULL;
|
|
|
|
|
2016-06-30 20:08:28 +02:00
|
|
|
if ((int)flavor <= N_CONSENSUS_FLAVORS) {
|
2016-06-27 18:38:37 +02:00
|
|
|
dl = &(consensus_bootstrap_dl_status[flavor]);
|
|
|
|
}
|
|
|
|
|
|
|
|
return dl;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Look up the running (non-bootstrap) download status for this consensus
|
|
|
|
* flavor and return a pointer to it. */
|
2016-06-28 23:30:57 +02:00
|
|
|
MOCK_IMPL(download_status_t *,
|
|
|
|
networkstatus_get_dl_status_by_flavor_running,(consensus_flavor_t flavor))
|
2016-06-27 18:38:37 +02:00
|
|
|
{
|
|
|
|
download_status_t *dl = NULL;
|
|
|
|
|
2016-06-30 20:08:28 +02:00
|
|
|
if ((int)flavor <= N_CONSENSUS_FLAVORS) {
|
2016-06-27 18:38:37 +02:00
|
|
|
dl = &(consensus_dl_status[flavor]);
|
|
|
|
}
|
|
|
|
|
|
|
|
return dl;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Return the most recent consensus that we have downloaded, or NULL if we
|
|
|
|
* don't have one. */
|
2016-05-03 17:42:50 +02:00
|
|
|
MOCK_IMPL(networkstatus_t *,
|
|
|
|
networkstatus_get_latest_consensus,(void))
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2016-09-20 16:52:20 +02:00
|
|
|
if (we_use_microdescriptors_for_circuits(get_options()))
|
|
|
|
return current_md_consensus;
|
|
|
|
else
|
|
|
|
return current_ns_consensus;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2012-06-05 00:50:13 +02:00
|
|
|
/** Return the latest consensus we have whose flavor matches <b>f</b>, or NULL
|
|
|
|
* if we don't have one. */
|
2014-10-07 15:20:44 +02:00
|
|
|
MOCK_IMPL(networkstatus_t *,
|
|
|
|
networkstatus_get_latest_consensus_by_flavor,(consensus_flavor_t f))
|
2010-09-17 04:12:03 +02:00
|
|
|
{
|
|
|
|
if (f == FLAV_NS)
|
|
|
|
return current_ns_consensus;
|
|
|
|
else if (f == FLAV_MICRODESC)
|
|
|
|
return current_md_consensus;
|
2012-05-14 19:07:27 +02:00
|
|
|
else {
|
2010-09-17 04:12:03 +02:00
|
|
|
tor_assert(0);
|
2012-05-14 19:07:27 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Return the most recent consensus that we have downloaded, or NULL if it is
|
|
|
|
* no longer live. */
|
2016-05-03 17:42:50 +02:00
|
|
|
MOCK_IMPL(networkstatus_t *,
|
|
|
|
networkstatus_get_live_consensus,(time_t now))
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2017-08-04 11:21:14 +02:00
|
|
|
networkstatus_t *ns = networkstatus_get_latest_consensus();
|
|
|
|
if (ns && networkstatus_is_live(ns, now))
|
|
|
|
return ns;
|
2007-10-08 23:21:50 +02:00
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2017-08-04 21:02:28 +02:00
|
|
|
/** Given a consensus in <b>ns</b>, return true iff currently live and
|
2017-08-04 11:21:14 +02:00
|
|
|
* unexpired. */
|
|
|
|
int
|
|
|
|
networkstatus_is_live(const networkstatus_t *ns, time_t now)
|
|
|
|
{
|
|
|
|
return (ns->valid_after <= now && now <= ns->valid_until);
|
|
|
|
}
|
|
|
|
|
2016-11-09 22:16:18 +01:00
|
|
|
/** Determine if <b>consensus</b> is valid or expired recently enough that
|
|
|
|
* we can still use it.
|
|
|
|
*
|
|
|
|
* Return 1 if the consensus is reasonably live, or 0 if it is too old.
|
|
|
|
*/
|
|
|
|
int
|
2017-05-15 01:43:41 +02:00
|
|
|
networkstatus_consensus_reasonably_live(const networkstatus_t *consensus,
|
|
|
|
time_t now)
|
2016-11-09 22:16:18 +01:00
|
|
|
{
|
|
|
|
if (BUG(!consensus))
|
|
|
|
return 0;
|
|
|
|
|
2017-05-15 01:43:41 +02:00
|
|
|
return networkstatus_valid_until_is_reasonably_live(consensus->valid_until,
|
|
|
|
now);
|
|
|
|
}
|
2016-11-09 22:16:18 +01:00
|
|
|
|
2017-05-15 01:43:41 +02:00
|
|
|
/** As networkstatus_consensus_reasonably_live, but takes a valid_until
|
|
|
|
* time rather than an entire consensus. */
|
|
|
|
int
|
|
|
|
networkstatus_valid_until_is_reasonably_live(time_t valid_until,
|
|
|
|
time_t now)
|
|
|
|
{
|
|
|
|
#define REASONABLY_LIVE_TIME (24*60*60)
|
|
|
|
return (now <= valid_until + REASONABLY_LIVE_TIME);
|
2016-11-09 22:16:18 +01:00
|
|
|
}
|
|
|
|
|
2008-12-18 17:11:03 +01:00
|
|
|
/* XXXX remove this in favor of get_live_consensus. But actually,
|
2007-12-05 20:23:03 +01:00
|
|
|
* leave something like it for bridge users, who need to not totally
|
|
|
|
* lose if they spend a while fetching a new consensus. */
|
2008-02-08 22:13:15 +01:00
|
|
|
/** As networkstatus_get_live_consensus(), but is way more tolerant of expired
|
|
|
|
* consensuses. */
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_t *
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
|
2007-10-25 03:53:49 +02:00
|
|
|
{
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_t *consensus =
|
|
|
|
networkstatus_get_latest_consensus_by_flavor(flavor);
|
|
|
|
if (consensus &&
|
|
|
|
consensus->valid_after <= now &&
|
2016-11-09 22:16:18 +01:00
|
|
|
networkstatus_consensus_reasonably_live(consensus, now))
|
2010-09-20 20:18:17 +02:00
|
|
|
return consensus;
|
2007-10-25 03:53:49 +02:00
|
|
|
else
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2016-05-18 23:50:46 +02:00
|
|
|
/** Check if we need to download a consensus during tor's bootstrap phase.
|
|
|
|
* If we have no consensus, or our consensus is unusably old, return 1.
|
|
|
|
* As soon as we have received a consensus, return 0, even if we don't have
|
2016-05-19 18:35:09 +02:00
|
|
|
* enough certificates to validate it.
|
|
|
|
* If a fallback directory gives us a consensus we can never get certs for,
|
|
|
|
* check_consensus_waiting_for_certs() will wait 20 minutes before failing
|
|
|
|
* the cert downloads. After that, a new consensus will be fetched from a
|
|
|
|
* randomly chosen fallback. */
|
2016-05-19 03:31:03 +02:00
|
|
|
MOCK_IMPL(int,
|
|
|
|
networkstatus_consensus_is_bootstrapping,(time_t now))
|
2015-12-07 07:55:38 +01:00
|
|
|
{
|
2016-05-18 23:50:46 +02:00
|
|
|
/* If we have a validated, reasonably live consensus, we're not
|
|
|
|
* bootstrapping a consensus at all. */
|
|
|
|
if (networkstatus_get_reasonably_live_consensus(
|
|
|
|
now,
|
|
|
|
usable_consensus_flavor())) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If we have a consensus, but we're waiting for certificates,
|
|
|
|
* we're not waiting for a consensus download while bootstrapping. */
|
|
|
|
if (consensus_is_waiting_for_certs()) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If we have no consensus, or our consensus is very old, we are
|
|
|
|
* bootstrapping, and we need to download a consensus. */
|
|
|
|
return 1;
|
2015-12-07 07:55:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/** Check if we can use multiple directories for a consensus download.
|
2015-12-17 01:38:24 +01:00
|
|
|
* Only clients (including bridge relays, which act like clients) benefit
|
2015-12-07 07:55:38 +01:00
|
|
|
* from multiple simultaneous consensus downloads. */
|
|
|
|
int
|
|
|
|
networkstatus_consensus_can_use_multiple_directories(
|
|
|
|
const or_options_t *options)
|
|
|
|
{
|
|
|
|
/* If we are a client, bridge, bridge client, or hidden service */
|
2015-12-17 01:38:24 +01:00
|
|
|
return !public_server_mode(options);
|
2015-12-07 07:55:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/** Check if we can use fallback directory mirrors for a consensus download.
|
2015-12-17 01:39:40 +01:00
|
|
|
* If we have fallbacks and don't want to fetch from the authorities,
|
|
|
|
* we can use them. */
|
2016-05-19 03:31:03 +02:00
|
|
|
MOCK_IMPL(int,
|
|
|
|
networkstatus_consensus_can_use_extra_fallbacks,(const or_options_t *options))
|
2015-12-07 07:55:38 +01:00
|
|
|
{
|
2015-12-17 01:39:40 +01:00
|
|
|
/* The list length comparisons are a quick way to check if we have any
|
2015-12-07 07:55:38 +01:00
|
|
|
* non-authority fallback directories. If we ever have any authorities that
|
|
|
|
* aren't fallback directories, we will need to change this code. */
|
2015-12-17 01:39:40 +01:00
|
|
|
tor_assert(smartlist_len(router_get_fallback_dir_servers())
|
|
|
|
>= smartlist_len(router_get_trusted_dir_servers()));
|
|
|
|
/* If we don't fetch from the authorities, and we have additional mirrors,
|
|
|
|
* we can use them. */
|
2015-12-07 07:55:38 +01:00
|
|
|
return (!directory_fetches_from_authorities(options)
|
|
|
|
&& (smartlist_len(router_get_fallback_dir_servers())
|
|
|
|
> smartlist_len(router_get_trusted_dir_servers())));
|
|
|
|
}
|
|
|
|
|
2016-04-13 07:08:17 +02:00
|
|
|
/* Is there a consensus fetch for flavor <b>resource</b> that's far
|
|
|
|
* enough along to be attached to a circuit? */
|
2015-12-07 07:55:38 +01:00
|
|
|
int
|
2016-04-13 07:08:17 +02:00
|
|
|
networkstatus_consensus_is_already_downloading(const char *resource)
|
2015-12-07 07:55:38 +01:00
|
|
|
{
|
2016-04-13 07:08:17 +02:00
|
|
|
int answer = 0;
|
|
|
|
|
|
|
|
/* First, get a list of all the dir conns that are fetching a consensus,
|
|
|
|
* fetching *this* consensus, and are in state "reading" (meaning they
|
|
|
|
* have already flushed their request onto the socks connection). */
|
|
|
|
smartlist_t *fetching_conns =
|
|
|
|
connection_dir_list_by_purpose_resource_and_state(
|
|
|
|
DIR_PURPOSE_FETCH_CONSENSUS, resource, DIR_CONN_STATE_CLIENT_READING);
|
|
|
|
|
|
|
|
/* Then, walk through each conn, to see if its linked socks connection
|
|
|
|
* is in an attached state. We have to check this separately, since with
|
|
|
|
* the optimistic data feature, fetches can send their request to the
|
|
|
|
* socks connection and go into state 'reading', even before they're
|
|
|
|
* attached to any circuit. */
|
|
|
|
SMARTLIST_FOREACH_BEGIN(fetching_conns, dir_connection_t *, dirconn) {
|
|
|
|
/* Do any of these other dir conns have a linked socks conn that is
|
|
|
|
* attached to a circuit already? */
|
|
|
|
connection_t *base = TO_CONN(dirconn);
|
|
|
|
if (base->linked_conn &&
|
|
|
|
base->linked_conn->type == CONN_TYPE_AP &&
|
2016-05-06 15:55:06 +02:00
|
|
|
!AP_CONN_STATE_IS_UNATTACHED(base->linked_conn->state)) {
|
2016-04-13 07:08:17 +02:00
|
|
|
answer = 1;
|
2016-05-06 15:55:06 +02:00
|
|
|
break; /* stop looping, because we know the answer will be yes */
|
|
|
|
}
|
2016-04-13 07:08:17 +02:00
|
|
|
} SMARTLIST_FOREACH_END(dirconn);
|
|
|
|
smartlist_free(fetching_conns);
|
2015-12-07 07:55:38 +01:00
|
|
|
|
2016-04-13 07:08:17 +02:00
|
|
|
return answer;
|
2015-12-07 07:55:38 +01:00
|
|
|
}
|
|
|
|
|
2017-12-02 13:01:07 +01:00
|
|
|
/* Does the current, reasonably live consensus have IPv6 addresses?
|
|
|
|
* Returns 1 if there is a reasonably live consensus and its consensus method
|
|
|
|
* includes IPv6 addresses in the consensus.
|
|
|
|
* Otherwise, if there is no consensus, or the method does not include IPv6
|
|
|
|
* addresses, returns 0. */
|
|
|
|
int
|
|
|
|
networkstatus_consensus_has_ipv6(const or_options_t* options)
|
|
|
|
{
|
|
|
|
const networkstatus_t *cons = networkstatus_get_reasonably_live_consensus(
|
|
|
|
approx_time(),
|
|
|
|
usable_consensus_flavor());
|
|
|
|
|
|
|
|
/* If we have no consensus, we have no IPv6 in it */
|
|
|
|
if (!cons) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Different flavours of consensus gained IPv6 at different times */
|
|
|
|
if (we_use_microdescriptors_for_circuits(options)) {
|
|
|
|
return
|
|
|
|
cons->consensus_method >= MIN_METHOD_FOR_A_LINES_IN_MICRODESC_CONSENSUS;
|
|
|
|
} else {
|
|
|
|
return cons->consensus_method >= MIN_METHOD_FOR_A_LINES;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-12-31 22:12:16 +01:00
|
|
|
/** Given two router status entries for the same router identity, return 1 if
|
|
|
|
* if the contents have changed between them. Otherwise, return 0. */
|
|
|
|
static int
|
|
|
|
routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b)
|
|
|
|
{
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_assert(tor_memeq(a->identity_digest, b->identity_digest, DIGEST_LEN));
|
2007-12-31 22:12:16 +01:00
|
|
|
|
|
|
|
return strcmp(a->nickname, b->nickname) ||
|
2011-05-10 22:58:38 +02:00
|
|
|
fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) ||
|
2007-12-31 22:12:16 +01:00
|
|
|
a->addr != b->addr ||
|
|
|
|
a->or_port != b->or_port ||
|
|
|
|
a->dir_port != b->dir_port ||
|
|
|
|
a->is_authority != b->is_authority ||
|
|
|
|
a->is_exit != b->is_exit ||
|
|
|
|
a->is_stable != b->is_stable ||
|
|
|
|
a->is_fast != b->is_fast ||
|
2010-09-30 20:58:27 +02:00
|
|
|
a->is_flagged_running != b->is_flagged_running ||
|
2007-12-31 22:12:16 +01:00
|
|
|
a->is_named != b->is_named ||
|
|
|
|
a->is_unnamed != b->is_unnamed ||
|
|
|
|
a->is_valid != b->is_valid ||
|
|
|
|
a->is_possible_guard != b->is_possible_guard ||
|
|
|
|
a->is_bad_exit != b->is_bad_exit ||
|
2016-09-22 16:21:13 +02:00
|
|
|
a->is_hs_dir != b->is_hs_dir;
|
|
|
|
// XXXX this function needs a huge refactoring; it has gotten out
|
|
|
|
// XXXX of sync with routerstatus_t, and it will do so again.
|
2007-12-31 22:12:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/** Notify controllers of any router status entries that changed between
|
|
|
|
* <b>old_c</b> and <b>new_c</b>. */
|
|
|
|
static void
|
2008-02-05 22:39:29 +01:00
|
|
|
notify_control_networkstatus_changed(const networkstatus_t *old_c,
|
|
|
|
const networkstatus_t *new_c)
|
2007-12-31 22:12:16 +01:00
|
|
|
{
|
|
|
|
smartlist_t *changed;
|
|
|
|
if (old_c == new_c)
|
|
|
|
return;
|
2009-02-16 07:18:03 +01:00
|
|
|
|
2009-02-16 11:39:10 +01:00
|
|
|
/* tell the controller exactly which relays are still listed, as well
|
|
|
|
* as what they're listed as */
|
2009-02-16 07:18:03 +01:00
|
|
|
control_event_newconsensus(new_c);
|
|
|
|
|
2009-02-20 11:25:08 +01:00
|
|
|
if (!control_event_is_interesting(EVENT_NS))
|
|
|
|
return;
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
if (!old_c) {
|
|
|
|
control_event_networkstatus_changed(new_c->routerstatus_list);
|
|
|
|
return;
|
|
|
|
}
|
2012-01-18 21:53:30 +01:00
|
|
|
changed = smartlist_new();
|
2007-12-31 22:12:16 +01:00
|
|
|
|
2010-09-29 07:35:08 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(
|
|
|
|
old_c->routerstatus_list, const routerstatus_t *, rs_old,
|
|
|
|
new_c->routerstatus_list, const routerstatus_t *, rs_new,
|
2011-05-11 22:39:45 +02:00
|
|
|
tor_memcmp(rs_old->identity_digest,
|
2010-09-29 07:35:08 +02:00
|
|
|
rs_new->identity_digest, DIGEST_LEN),
|
|
|
|
smartlist_add(changed, (void*) rs_new)) {
|
2008-04-07 18:28:34 +02:00
|
|
|
if (routerstatus_has_changed(rs_old, rs_new))
|
2010-09-29 07:35:08 +02:00
|
|
|
smartlist_add(changed, (void*)rs_new);
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
|
2007-12-31 22:12:16 +01:00
|
|
|
|
|
|
|
control_event_networkstatus_changed(changed);
|
|
|
|
smartlist_free(changed);
|
|
|
|
}
|
|
|
|
|
2018-01-31 20:15:02 +01:00
|
|
|
/* Called before the consensus changes from old_c to new_c. */
|
2017-07-10 22:10:50 +02:00
|
|
|
static void
|
2018-01-31 20:15:02 +01:00
|
|
|
notify_before_networkstatus_changes(const networkstatus_t *old_c,
|
|
|
|
const networkstatus_t *new_c)
|
2017-07-10 22:10:50 +02:00
|
|
|
{
|
|
|
|
notify_control_networkstatus_changed(old_c, new_c);
|
2018-01-25 21:54:58 +01:00
|
|
|
dos_consensus_has_changed(new_c);
|
2018-03-20 20:27:58 +01:00
|
|
|
relay_consensus_has_changed(new_c);
|
2017-07-10 22:10:50 +02:00
|
|
|
}
|
|
|
|
|
2018-01-31 20:15:02 +01:00
|
|
|
/* Called after a new consensus has been put in the global state. It is safe
|
|
|
|
* to use the consensus getters in this function. */
|
|
|
|
static void
|
|
|
|
notify_after_networkstatus_changes(void)
|
|
|
|
{
|
|
|
|
scheduler_notify_networkstatus_changed();
|
2017-07-10 22:10:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Copy all the ancillary information (like router download status and so on)
|
2007-10-19 01:14:58 +02:00
|
|
|
* from <b>old_c</b> to <b>new_c</b>. */
|
2007-10-16 01:15:24 +02:00
|
|
|
static void
|
2008-02-05 22:39:29 +01:00
|
|
|
networkstatus_copy_old_consensus_info(networkstatus_t *new_c,
|
|
|
|
const networkstatus_t *old_c)
|
2007-10-16 01:15:24 +02:00
|
|
|
{
|
|
|
|
if (old_c == new_c)
|
|
|
|
return;
|
2008-04-07 18:28:34 +02:00
|
|
|
if (!old_c || !smartlist_len(old_c->routerstatus_list))
|
2007-10-16 01:15:24 +02:00
|
|
|
return;
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(old_c->routerstatus_list, routerstatus_t *, rs_old,
|
|
|
|
new_c->routerstatus_list, routerstatus_t *, rs_new,
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_memcmp(rs_old->identity_digest,
|
2008-04-07 18:28:34 +02:00
|
|
|
rs_new->identity_digest, DIGEST_LEN),
|
|
|
|
STMT_NIL) {
|
2007-10-16 01:15:24 +02:00
|
|
|
/* Okay, so we're looking at the same identity. */
|
|
|
|
rs_new->last_dir_503_at = rs_old->last_dir_503_at;
|
|
|
|
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(rs_old->descriptor_digest, rs_new->descriptor_digest,
|
2014-10-31 16:36:31 +01:00
|
|
|
DIGEST256_LEN)) {
|
2007-10-16 01:15:24 +02:00
|
|
|
/* And the same descriptor too! */
|
|
|
|
memcpy(&rs_new->dl_status, &rs_old->dl_status,sizeof(download_status_t));
|
|
|
|
}
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs_old, rs_new);
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
|
|
|
|
2015-01-26 20:49:48 +01:00
|
|
|
#ifdef TOR_UNIT_TESTS
|
|
|
|
/**Accept a <b>flavor</b> consensus <b>c</b> without any additional
|
|
|
|
* validation. This is exclusively for unit tests.
|
|
|
|
* We copy any ancillary information from a pre-existing consensus
|
|
|
|
* and then free the current one and replace it with the newly
|
|
|
|
* provided instance. Returns -1 on unrecognized flavor, 0 otherwise.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
networkstatus_set_current_consensus_from_ns(networkstatus_t *c,
|
|
|
|
const char *flavor)
|
|
|
|
{
|
|
|
|
int flav = networkstatus_parse_flavor_name(flavor);
|
|
|
|
switch (flav) {
|
|
|
|
case FLAV_NS:
|
|
|
|
if (current_ns_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_ns_consensus);
|
|
|
|
networkstatus_vote_free(current_ns_consensus);
|
|
|
|
}
|
|
|
|
current_ns_consensus = c;
|
|
|
|
break;
|
|
|
|
case FLAV_MICRODESC:
|
|
|
|
if (current_md_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_md_consensus);
|
|
|
|
networkstatus_vote_free(current_md_consensus);
|
|
|
|
}
|
|
|
|
current_md_consensus = c;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return current_md_consensus ? 0 : -1;
|
|
|
|
}
|
2017-09-15 22:24:44 +02:00
|
|
|
#endif /* defined(TOR_UNIT_TESTS) */
|
2015-01-26 20:49:48 +01:00
|
|
|
|
2016-09-13 17:02:44 +02:00
|
|
|
/**
|
|
|
|
* Return true if any option is set in <b>options</b> to make us behave
|
|
|
|
* as a client.
|
|
|
|
*
|
|
|
|
* XXXX If we need this elsewhere at any point, we should make it nonstatic
|
|
|
|
* XXXX and move it into another file.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
any_client_port_set(const or_options_t *options)
|
|
|
|
{
|
|
|
|
return (options->SocksPort_set ||
|
|
|
|
options->TransPort_set ||
|
|
|
|
options->NATDPort_set ||
|
2017-08-20 17:59:58 +02:00
|
|
|
options->DNSPort_set ||
|
|
|
|
options->HTTPTunnelPort_set);
|
2016-09-13 17:02:44 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Helper for handle_missing_protocol_warning: handles either the
|
|
|
|
* client case (if <b>is_client</b> is set) or the server case otherwise.
|
|
|
|
*/
|
2016-08-19 23:45:08 +02:00
|
|
|
static void
|
2016-09-13 17:02:44 +02:00
|
|
|
handle_missing_protocol_warning_impl(const networkstatus_t *c,
|
|
|
|
int is_client)
|
2016-08-19 23:45:08 +02:00
|
|
|
{
|
|
|
|
char *protocol_warning = NULL;
|
2016-09-13 17:02:44 +02:00
|
|
|
|
2016-08-19 23:45:08 +02:00
|
|
|
int should_exit = networkstatus_check_required_protocols(c,
|
2016-09-13 17:02:44 +02:00
|
|
|
is_client,
|
2016-08-19 23:45:08 +02:00
|
|
|
&protocol_warning);
|
|
|
|
if (protocol_warning) {
|
|
|
|
tor_log(should_exit ? LOG_ERR : LOG_WARN,
|
|
|
|
LD_GENERAL,
|
|
|
|
"%s", protocol_warning);
|
|
|
|
}
|
|
|
|
if (should_exit) {
|
|
|
|
tor_assert_nonfatal(protocol_warning);
|
|
|
|
}
|
|
|
|
tor_free(protocol_warning);
|
|
|
|
if (should_exit)
|
2017-10-19 19:42:28 +02:00
|
|
|
exit(1); // XXXX bad exit: should return from main.
|
2016-08-19 23:45:08 +02:00
|
|
|
}
|
|
|
|
|
2016-09-13 17:02:44 +02:00
|
|
|
/** Called when we have received a networkstatus <b>c</b>. If there are
|
|
|
|
* any _required_ protocols we are missing, log an error and exit
|
|
|
|
* immediately. If there are any _recommended_ protocols we are missing,
|
|
|
|
* warn. */
|
|
|
|
static void
|
|
|
|
handle_missing_protocol_warning(const networkstatus_t *c,
|
|
|
|
const or_options_t *options)
|
|
|
|
{
|
|
|
|
const int is_server = server_mode(options);
|
|
|
|
const int is_client = any_client_port_set(options) || !is_server;
|
|
|
|
|
|
|
|
if (is_server)
|
|
|
|
handle_missing_protocol_warning_impl(c, 0);
|
|
|
|
if (is_client)
|
|
|
|
handle_missing_protocol_warning_impl(c, 1);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Try to replace the current cached v3 networkstatus with the one in
|
|
|
|
* <b>consensus</b>. If we don't have enough certificates to validate it,
|
|
|
|
* store it in consensus_waiting_for_certs and launch a certificate fetch.
|
|
|
|
*
|
2008-12-09 19:16:41 +01:00
|
|
|
* If flags & NSSET_FROM_CACHE, this networkstatus has come from the disk
|
|
|
|
* cache. If flags & NSSET_WAS_WAITING_FOR_CERTS, this networkstatus was
|
|
|
|
* already received, but we were waiting for certificates on it. If flags &
|
|
|
|
* NSSET_DONT_DOWNLOAD_CERTS, do not launch certificate downloads as needed.
|
2009-01-05 17:56:11 +01:00
|
|
|
* If flags & NSSET_ACCEPT_OBSOLETE, then we should be willing to take this
|
|
|
|
* consensus, even if it comes from many days in the past.
|
2008-12-09 19:16:41 +01:00
|
|
|
*
|
2016-05-04 08:38:27 +02:00
|
|
|
* If source_dir is non-NULL, it's the identity digest for a directory that
|
2016-05-04 08:47:28 +02:00
|
|
|
* we've just successfully retrieved a consensus or certificates from, so try
|
|
|
|
* it first to fetch any missing certificates.
|
2016-05-04 08:38:27 +02:00
|
|
|
*
|
2007-11-03 16:55:15 +01:00
|
|
|
* Return 0 on success, <0 on failure. On failure, caller should increment
|
2007-10-24 21:53:11 +02:00
|
|
|
* the failure count as appropriate.
|
2007-11-03 16:55:15 +01:00
|
|
|
*
|
|
|
|
* We return -1 for mild failures that don't need to be reported to the
|
|
|
|
* user, and -2 for more serious problems.
|
2007-10-24 21:53:11 +02:00
|
|
|
*/
|
2007-10-08 23:21:50 +02:00
|
|
|
int
|
2009-10-13 23:06:01 +02:00
|
|
|
networkstatus_set_current_consensus(const char *consensus,
|
|
|
|
const char *flavor,
|
2016-05-04 08:38:27 +02:00
|
|
|
unsigned flags,
|
|
|
|
const char *source_dir)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
networkstatus_t *c=NULL;
|
2007-11-03 16:55:15 +01:00
|
|
|
int r, result = -1;
|
2017-10-25 18:25:53 +02:00
|
|
|
time_t now = approx_time();
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2007-10-17 18:55:44 +02:00
|
|
|
char *unverified_fname = NULL, *consensus_fname = NULL;
|
2009-10-13 23:06:01 +02:00
|
|
|
int flav = networkstatus_parse_flavor_name(flavor);
|
2008-01-07 20:15:34 +01:00
|
|
|
const unsigned from_cache = flags & NSSET_FROM_CACHE;
|
|
|
|
const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
|
|
|
|
const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
|
2009-01-05 17:56:11 +01:00
|
|
|
const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
|
2009-10-13 23:06:01 +02:00
|
|
|
const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
|
2016-02-10 21:28:19 +01:00
|
|
|
const common_digests_t *current_digests = NULL;
|
2009-10-13 23:06:01 +02:00
|
|
|
consensus_waiting_for_certs_t *waiting = NULL;
|
|
|
|
time_t current_valid_after = 0;
|
2010-10-20 20:40:09 +02:00
|
|
|
int free_consensus = 1; /* Free 'c' at the end of the function */
|
2012-10-02 05:27:51 +02:00
|
|
|
int old_ewma_enabled;
|
2016-08-19 23:45:08 +02:00
|
|
|
int checked_protocols_already = 0;
|
2009-10-13 23:06:01 +02:00
|
|
|
|
|
|
|
if (flav < 0) {
|
|
|
|
/* XXXX we don't handle unrecognized flavors yet. */
|
|
|
|
log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
|
|
|
|
return -2;
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
|
|
|
/* Make sure it's parseable. */
|
2008-07-24 11:22:27 +02:00
|
|
|
c = networkstatus_parse_vote_from_string(consensus, NULL, NS_TYPE_CONSENSUS);
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!c) {
|
|
|
|
log_warn(LD_DIR, "Unable to parse networkstatus consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
result = -2;
|
2007-10-17 18:55:44 +02:00
|
|
|
goto done;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2016-08-19 23:45:08 +02:00
|
|
|
if (from_cache && !was_waiting_for_certs) {
|
|
|
|
/* We previously stored this; check _now_ to make sure that version-kills
|
2017-07-01 23:56:06 +02:00
|
|
|
* really work. This happens even before we check signatures: we did so
|
2016-08-19 23:45:08 +02:00
|
|
|
* before when we stored this to disk. This does mean an attacker who can
|
|
|
|
* write to the datadir can make us not start: such an attacker could
|
|
|
|
* already harm us by replacing our guards, which would be worse. */
|
|
|
|
checked_protocols_already = 1;
|
|
|
|
handle_missing_protocol_warning(c, options);
|
|
|
|
}
|
|
|
|
|
2009-12-14 10:07:20 +01:00
|
|
|
if ((int)c->flavor != flav) {
|
2009-10-13 23:06:01 +02:00
|
|
|
/* This wasn't the flavor we thought we were getting. */
|
|
|
|
if (require_flavor) {
|
|
|
|
log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
|
|
|
|
networkstatus_get_flavor_name(c->flavor), flavor);
|
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
flav = c->flavor;
|
|
|
|
flavor = networkstatus_get_flavor_name(flav);
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (flav != usable_consensus_flavor() &&
|
2016-11-30 01:06:36 +01:00
|
|
|
!we_want_to_fetch_flavor(options, flav)) {
|
|
|
|
/* This consensus is totally boring to us: we won't use it, we didn't want
|
|
|
|
* it, and we won't serve it. Drop it. */
|
2009-10-13 23:06:01 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-01-05 17:56:11 +01:00
|
|
|
if (from_cache && !accept_obsolete &&
|
|
|
|
c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
|
2009-01-05 17:56:11 +01:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
if (!strcmp(flavor, "ns")) {
|
2017-11-14 22:49:41 +01:00
|
|
|
consensus_fname = get_cachedir_fname("cached-consensus");
|
|
|
|
unverified_fname = get_cachedir_fname("unverified-consensus");
|
2010-09-17 04:12:03 +02:00
|
|
|
if (current_ns_consensus) {
|
|
|
|
current_digests = ¤t_ns_consensus->digests;
|
|
|
|
current_valid_after = current_ns_consensus->valid_after;
|
|
|
|
}
|
|
|
|
} else if (!strcmp(flavor, "microdesc")) {
|
2017-11-14 22:49:41 +01:00
|
|
|
consensus_fname = get_cachedir_fname("cached-microdesc-consensus");
|
|
|
|
unverified_fname = get_cachedir_fname("unverified-microdesc-consensus");
|
2010-09-17 04:12:03 +02:00
|
|
|
if (current_md_consensus) {
|
|
|
|
current_digests = ¤t_md_consensus->digests;
|
|
|
|
current_valid_after = current_md_consensus->valid_after;
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
cached_dir_t *cur;
|
|
|
|
char buf[128];
|
|
|
|
tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
|
2017-11-14 22:49:41 +01:00
|
|
|
consensus_fname = get_cachedir_fname(buf);
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
|
2017-11-14 22:49:41 +01:00
|
|
|
unverified_fname = get_cachedir_fname(buf);
|
2009-10-13 23:06:01 +02:00
|
|
|
cur = dirserv_get_consensus(flavor);
|
|
|
|
if (cur) {
|
|
|
|
current_digests = &cur->digests;
|
|
|
|
current_valid_after = cur->published;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (current_digests &&
|
2011-05-11 22:23:42 +02:00
|
|
|
tor_memeq(&c->digests, current_digests, sizeof(c->digests))) {
|
2007-10-24 21:53:11 +02:00
|
|
|
/* We already have this one. That's a failure. */
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Got a %s consensus we already have", flavor);
|
2007-10-24 21:53:11 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
if (current_valid_after && c->valid_after <= current_valid_after) {
|
2007-10-30 16:17:01 +01:00
|
|
|
/* We have a newer one. There's no point in accepting this one,
|
|
|
|
* even if it's great. */
|
2009-10-13 23:06:01 +02:00
|
|
|
log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
|
|
|
|
flavor);
|
2007-10-24 21:53:11 +02:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Make sure it's signed enough. */
|
|
|
|
if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
|
2008-01-07 16:41:47 +01:00
|
|
|
if (r == -1) {
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Okay, so it _might_ be signed enough if we get more certificates. */
|
2007-11-03 16:55:15 +01:00
|
|
|
if (!was_waiting_for_certs) {
|
2008-04-24 07:32:55 +02:00
|
|
|
log_info(LD_DIR,
|
|
|
|
"Not enough certificates to check networkstatus consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
}
|
2009-10-13 23:06:01 +02:00
|
|
|
if (!current_valid_after ||
|
|
|
|
c->valid_after > current_valid_after) {
|
|
|
|
waiting = &consensus_waiting_for_certs[flav];
|
2009-12-12 08:07:59 +01:00
|
|
|
networkstatus_vote_free(waiting->consensus);
|
2009-10-13 23:06:01 +02:00
|
|
|
tor_free(waiting->body);
|
|
|
|
waiting->consensus = c;
|
2010-10-20 20:40:09 +02:00
|
|
|
free_consensus = 0;
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->body = tor_strdup(consensus);
|
|
|
|
waiting->set_at = now;
|
|
|
|
waiting->dl_failed = 0;
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!from_cache) {
|
2007-10-17 18:55:44 +02:00
|
|
|
write_str_to_file(unverified_fname, consensus, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2008-01-07 20:15:34 +01:00
|
|
|
if (dl_certs)
|
2016-05-04 08:38:27 +02:00
|
|
|
authority_certs_fetch_missing(c, now, source_dir);
|
2007-10-24 21:53:11 +02:00
|
|
|
/* This case is not a success or a failure until we get the certs
|
|
|
|
* or fail to get the certs. */
|
|
|
|
result = 0;
|
2007-10-17 18:55:44 +02:00
|
|
|
} else {
|
|
|
|
/* Even if we had enough signatures, we'd never use this as the
|
|
|
|
* latest consensus. */
|
|
|
|
if (was_waiting_for_certs && from_cache)
|
2014-03-19 01:52:31 +01:00
|
|
|
if (unlink(unverified_fname) != 0) {
|
|
|
|
log_warn(LD_FS,
|
|
|
|
"Failed to unlink %s: %s",
|
|
|
|
unverified_fname, strerror(errno));
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
2007-10-17 18:55:44 +02:00
|
|
|
goto done;
|
2007-11-03 16:55:15 +01:00
|
|
|
} else {
|
2007-10-24 21:53:11 +02:00
|
|
|
/* This can never be signed enough: Kill it. */
|
2007-11-03 16:55:15 +01:00
|
|
|
if (!was_waiting_for_certs) {
|
2007-10-08 23:21:50 +02:00
|
|
|
log_warn(LD_DIR, "Not enough good signatures on networkstatus "
|
|
|
|
"consensus");
|
2007-11-03 16:55:15 +01:00
|
|
|
result = -2;
|
|
|
|
}
|
2014-03-19 01:52:31 +01:00
|
|
|
if (was_waiting_for_certs && (r < -1) && from_cache) {
|
|
|
|
if (unlink(unverified_fname) != 0) {
|
|
|
|
log_warn(LD_FS,
|
|
|
|
"Failed to unlink %s: %s",
|
|
|
|
unverified_fname, strerror(errno));
|
|
|
|
}
|
|
|
|
}
|
2007-10-17 18:55:44 +02:00
|
|
|
goto done;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
if (!from_cache && flav == usable_consensus_flavor())
|
2008-12-09 19:16:41 +01:00
|
|
|
control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
|
|
|
|
|
2016-08-19 23:45:08 +02:00
|
|
|
if (!checked_protocols_already) {
|
|
|
|
handle_missing_protocol_warning(c, options);
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/* Are we missing any certificates at all? */
|
2008-01-07 20:15:34 +01:00
|
|
|
if (r != 1 && dl_certs)
|
2016-05-04 08:38:27 +02:00
|
|
|
authority_certs_fetch_missing(c, now, source_dir);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2016-09-19 18:03:58 +02:00
|
|
|
const int is_usable_flavor = flav == usable_consensus_flavor();
|
|
|
|
|
2018-01-31 20:15:02 +01:00
|
|
|
/* Before we switch to the new consensus, notify that we are about to change
|
|
|
|
* it using the old consensus and the new one. */
|
2018-01-31 19:59:05 +01:00
|
|
|
if (is_usable_flavor) {
|
2018-01-31 20:15:02 +01:00
|
|
|
notify_before_networkstatus_changes(networkstatus_get_latest_consensus(),
|
|
|
|
c);
|
2018-01-31 19:59:05 +01:00
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
if (flav == FLAV_NS) {
|
|
|
|
if (current_ns_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_ns_consensus);
|
|
|
|
networkstatus_vote_free(current_ns_consensus);
|
2016-09-21 21:15:17 +02:00
|
|
|
/* Defensive programming : we should set current_ns_consensus very soon
|
2010-10-20 18:34:02 +02:00
|
|
|
* but we're about to call some stuff in the meantime, and leaving this
|
|
|
|
* dangling pointer around has proven to be trouble. */
|
2010-10-20 19:53:11 +02:00
|
|
|
current_ns_consensus = NULL;
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
2010-09-17 04:12:03 +02:00
|
|
|
current_ns_consensus = c;
|
|
|
|
free_consensus = 0; /* avoid free */
|
|
|
|
} else if (flav == FLAV_MICRODESC) {
|
|
|
|
if (current_md_consensus) {
|
|
|
|
networkstatus_copy_old_consensus_info(c, current_md_consensus);
|
|
|
|
networkstatus_vote_free(current_md_consensus);
|
2010-10-20 19:53:11 +02:00
|
|
|
/* more defensive programming */
|
|
|
|
current_md_consensus = NULL;
|
2010-09-17 04:12:03 +02:00
|
|
|
}
|
|
|
|
current_md_consensus = c;
|
|
|
|
free_consensus = 0; /* avoid free */
|
2007-10-16 01:15:24 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting = &consensus_waiting_for_certs[flav];
|
|
|
|
if (waiting->consensus &&
|
|
|
|
waiting->consensus->valid_after <= c->valid_after) {
|
|
|
|
networkstatus_vote_free(waiting->consensus);
|
|
|
|
waiting->consensus = NULL;
|
|
|
|
if (consensus != waiting->body)
|
|
|
|
tor_free(waiting->body);
|
2007-11-06 19:00:09 +01:00
|
|
|
else
|
2009-10-13 23:06:01 +02:00
|
|
|
waiting->body = NULL;
|
|
|
|
waiting->set_at = 0;
|
|
|
|
waiting->dl_failed = 0;
|
2014-03-19 01:52:31 +01:00
|
|
|
if (unlink(unverified_fname) != 0) {
|
|
|
|
log_warn(LD_FS,
|
|
|
|
"Failed to unlink %s: %s",
|
|
|
|
unverified_fname, strerror(errno));
|
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2016-09-19 18:03:58 +02:00
|
|
|
if (is_usable_flavor) {
|
2018-01-31 20:15:02 +01:00
|
|
|
/* Notify that we just changed the consensus so the current global value
|
|
|
|
* can be looked at. */
|
|
|
|
notify_after_networkstatus_changes();
|
|
|
|
|
2017-11-07 17:08:12 +01:00
|
|
|
/* The "current" consensus has just been set and it is a usable flavor so
|
|
|
|
* the first thing we need to do is recalculate the voting schedule static
|
|
|
|
* object so we can use the timings in there needed by some subsystems
|
|
|
|
* such as hidden service and shared random. */
|
|
|
|
dirvote_recalculate_timing(options, now);
|
|
|
|
|
2016-09-19 18:03:58 +02:00
|
|
|
nodelist_set_consensus(c);
|
2009-10-13 23:06:01 +02:00
|
|
|
|
2010-11-08 20:21:32 +01:00
|
|
|
/* XXXXNM Microdescs: needs a non-ns variant. ???? NM*/
|
2009-10-13 23:06:01 +02:00
|
|
|
update_consensus_networkstatus_fetch_time(now);
|
2010-09-17 04:12:03 +02:00
|
|
|
|
2012-10-02 05:27:51 +02:00
|
|
|
/* Update ewma and adjust policy if needed; first cache the old value */
|
|
|
|
old_ewma_enabled = cell_ewma_enabled();
|
|
|
|
/* Change the cell EWMA settings */
|
2016-09-21 21:20:27 +02:00
|
|
|
cell_ewma_set_scale_factor(options, c);
|
2012-10-02 05:27:51 +02:00
|
|
|
/* If we just enabled ewma, set the cmux policy on all active channels */
|
|
|
|
if (cell_ewma_enabled() && !old_ewma_enabled) {
|
|
|
|
channel_set_cmux_policy_everywhere(&ewma_policy);
|
|
|
|
} else if (!cell_ewma_enabled() && old_ewma_enabled) {
|
|
|
|
/* Turn it off everywhere */
|
|
|
|
channel_set_cmux_policy_everywhere(NULL);
|
|
|
|
}
|
|
|
|
|
2016-05-30 22:18:16 +02:00
|
|
|
/* XXXX this call might be unnecessary here: can changing the
|
2011-03-25 22:21:16 +01:00
|
|
|
* current consensus really alter our view of any OR's rate limits? */
|
2010-08-15 10:01:42 +02:00
|
|
|
connection_or_update_token_buckets(get_connection_array(), options);
|
|
|
|
|
2016-09-21 21:20:27 +02:00
|
|
|
circuit_build_times_new_consensus_params(
|
|
|
|
get_circuit_build_times_mutable(), c);
|
2016-09-22 23:52:25 +02:00
|
|
|
channelpadding_new_consensus_params(c);
|
2009-10-13 23:06:01 +02:00
|
|
|
}
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2016-09-19 18:03:58 +02:00
|
|
|
/* Reset the failure count only if this consensus is actually valid. */
|
|
|
|
if (c->valid_after <= now && now <= c->valid_until) {
|
|
|
|
download_status_reset(&consensus_dl_status[flav]);
|
|
|
|
} else {
|
|
|
|
if (!from_cache)
|
|
|
|
download_status_failed(&consensus_dl_status[flav], 0);
|
|
|
|
}
|
|
|
|
|
2016-11-30 01:06:36 +01:00
|
|
|
if (we_want_to_fetch_flavor(options, flav)) {
|
2010-10-20 18:34:02 +02:00
|
|
|
dirserv_set_cached_consensus_networkstatus(consensus,
|
|
|
|
flavor,
|
|
|
|
&c->digests,
|
2017-05-04 14:49:02 +02:00
|
|
|
c->digest_sha3_as_signed,
|
2010-10-20 18:34:02 +02:00
|
|
|
c->valid_after);
|
2017-08-23 16:22:51 +02:00
|
|
|
if (dir_server_mode(get_options())) {
|
2017-04-26 14:44:01 +02:00
|
|
|
consdiffmgr_add_consensus(consensus, c);
|
|
|
|
}
|
2010-10-20 18:34:02 +02:00
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!from_cache) {
|
2007-10-17 18:55:44 +02:00
|
|
|
write_str_to_file(consensus_fname, consensus, 0);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2011-03-25 20:27:06 +01:00
|
|
|
/** If a consensus appears more than this many seconds before its declared
|
|
|
|
* valid-after time, declare that our clock is skewed. */
|
|
|
|
#define EARLY_CONSENSUS_NOTICE_SKEW 60
|
|
|
|
|
2011-06-07 20:46:28 +02:00
|
|
|
if (now < c->valid_after - EARLY_CONSENSUS_NOTICE_SKEW) {
|
2007-10-30 16:17:07 +01:00
|
|
|
char tbuf[ISO_TIME_LEN+1];
|
|
|
|
char dbuf[64];
|
2010-09-17 04:12:03 +02:00
|
|
|
long delta = now - c->valid_after;
|
2017-09-13 23:44:19 +02:00
|
|
|
char *flavormsg = NULL;
|
2010-09-17 04:12:03 +02:00
|
|
|
format_iso_time(tbuf, c->valid_after);
|
2007-10-30 16:17:07 +01:00
|
|
|
format_time_interval(dbuf, sizeof(dbuf), delta);
|
|
|
|
log_warn(LD_GENERAL, "Our clock is %s behind the time published in the "
|
2012-11-23 16:05:16 +01:00
|
|
|
"consensus network status document (%s UTC). Tor needs an "
|
2007-10-30 16:17:07 +01:00
|
|
|
"accurate clock to work correctly. Please check your time and "
|
|
|
|
"date settings!", dbuf, tbuf);
|
2017-09-13 23:44:19 +02:00
|
|
|
tor_asprintf(&flavormsg, "%s flavor consensus", flavor);
|
|
|
|
clock_skew_warning(NULL, delta, 1, LD_GENERAL, flavormsg, "CONSENSUS");
|
|
|
|
tor_free(flavormsg);
|
2007-10-30 16:17:01 +01:00
|
|
|
}
|
|
|
|
|
2017-11-06 13:48:22 +01:00
|
|
|
/* We got a new consesus. Reset our md fetch fail cache */
|
|
|
|
microdesc_reset_outdated_dirservers_list();
|
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
router_dir_info_changed();
|
|
|
|
|
2007-10-17 18:55:44 +02:00
|
|
|
result = 0;
|
|
|
|
done:
|
2010-09-17 04:12:03 +02:00
|
|
|
if (free_consensus)
|
|
|
|
networkstatus_vote_free(c);
|
2007-10-17 18:55:44 +02:00
|
|
|
tor_free(consensus_fname);
|
|
|
|
tor_free(unverified_fname);
|
|
|
|
return result;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Called when we have gotten more certificates: see whether we can
|
2016-05-04 08:47:28 +02:00
|
|
|
* now verify a pending consensus.
|
|
|
|
*
|
|
|
|
* If source_dir is non-NULL, it's the identity digest for a directory that
|
|
|
|
* we've just successfully retrieved certificates from, so try it first to
|
|
|
|
* fetch any missing certificates.
|
|
|
|
*/
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
2016-05-04 08:47:28 +02:00
|
|
|
networkstatus_note_certs_arrived(const char *source_dir)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
|
|
|
for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
|
2018-01-11 17:31:03 +01:00
|
|
|
const char *flavor_name = networkstatus_get_flavor_name(i);
|
2009-10-13 23:06:01 +02:00
|
|
|
consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
|
|
|
|
if (!waiting->consensus)
|
|
|
|
continue;
|
|
|
|
if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
|
2013-04-17 17:53:52 +02:00
|
|
|
char *waiting_body = waiting->body;
|
2007-10-08 23:21:50 +02:00
|
|
|
if (!networkstatus_set_current_consensus(
|
2013-04-17 17:53:52 +02:00
|
|
|
waiting_body,
|
2018-01-11 17:31:03 +01:00
|
|
|
flavor_name,
|
2016-05-04 08:38:27 +02:00
|
|
|
NSSET_WAS_WAITING_FOR_CERTS,
|
2016-05-04 08:47:28 +02:00
|
|
|
source_dir)) {
|
2013-04-17 17:53:52 +02:00
|
|
|
tor_free(waiting_body);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/** If the network-status list has changed since the last time we called this
|
|
|
|
* function, update the status of every routerinfo from the network-status
|
2007-11-11 18:37:59 +01:00
|
|
|
* list. If <b>dir_version</b> is 2, it's a v2 networkstatus that changed.
|
|
|
|
* If <b>dir_version</b> is 3, it's a v3 consensus that changed.
|
2007-10-08 23:21:50 +02:00
|
|
|
*/
|
|
|
|
void
|
2007-11-11 18:37:59 +01:00
|
|
|
routers_update_all_from_networkstatus(time_t now, int dir_version)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2010-09-20 20:18:17 +02:00
|
|
|
networkstatus_t *consensus = networkstatus_get_reasonably_live_consensus(now,
|
|
|
|
FLAV_NS);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-11-11 18:37:59 +01:00
|
|
|
if (!consensus || dir_version < 3) /* nothing more we should do */
|
2007-10-16 01:44:32 +02:00
|
|
|
return;
|
|
|
|
|
2008-06-05 11:01:18 +02:00
|
|
|
/* calls router_dir_info_changed() when it's done -- more routers
|
|
|
|
* might be up or down now, which might affect whether there's enough
|
|
|
|
* directory info. */
|
2007-10-16 01:15:24 +02:00
|
|
|
routers_update_status_from_consensus_networkstatus(rl->routers, 0);
|
2008-06-05 11:01:18 +02:00
|
|
|
|
2007-10-16 01:15:24 +02:00
|
|
|
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri,
|
2007-11-07 18:11:23 +01:00
|
|
|
ri->cache_info.routerlist_index = ri_sl_idx);
|
2007-10-19 04:15:47 +02:00
|
|
|
if (rl->old_routers)
|
|
|
|
signed_descs_update_status_from_consensus_networkstatus(rl->old_routers);
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2007-10-16 01:44:32 +02:00
|
|
|
if (!have_warned_about_old_version) {
|
2007-10-08 23:21:50 +02:00
|
|
|
int is_server = server_mode(get_options());
|
2007-10-16 01:15:24 +02:00
|
|
|
version_status_t status;
|
|
|
|
const char *recommended = is_server ?
|
|
|
|
consensus->server_versions : consensus->client_versions;
|
|
|
|
status = tor_version_is_obsolete(VERSION, recommended);
|
|
|
|
|
|
|
|
if (status == VS_RECOMMENDED) {
|
|
|
|
log_info(LD_GENERAL, "The directory authorities say my version is ok.");
|
2008-02-06 13:45:04 +01:00
|
|
|
} else if (status == VS_EMPTY) {
|
|
|
|
log_info(LD_GENERAL,
|
|
|
|
"The directory authorities don't recommend any versions.");
|
2007-10-16 01:15:24 +02:00
|
|
|
} else if (status == VS_NEW || status == VS_NEW_IN_SERIES) {
|
|
|
|
if (!have_warned_about_new_version) {
|
|
|
|
log_notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
|
|
|
|
"recommended version%s, according to the directory "
|
|
|
|
"authorities. Recommended versions are: %s",
|
|
|
|
VERSION,
|
|
|
|
status == VS_NEW_IN_SERIES ? " in its series" : "",
|
|
|
|
recommended);
|
|
|
|
have_warned_about_new_version = 1;
|
2007-10-08 23:21:50 +02:00
|
|
|
control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
|
2007-10-16 01:15:24 +02:00
|
|
|
"CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
|
|
|
|
VERSION, "NEW", recommended);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
} else {
|
2007-10-16 01:15:24 +02:00
|
|
|
log_warn(LD_GENERAL, "Please upgrade! "
|
|
|
|
"This version of Tor (%s) is %s, according to the directory "
|
|
|
|
"authorities. Recommended versions are: %s",
|
|
|
|
VERSION,
|
|
|
|
status == VS_OLD ? "obsolete" : "not recommended",
|
|
|
|
recommended);
|
|
|
|
have_warned_about_old_version = 1;
|
|
|
|
control_event_general_status(LOG_WARN, "DANGEROUS_VERSION "
|
|
|
|
"CURRENT=%s REASON=%s RECOMMENDED=\"%s\"",
|
2007-12-05 20:32:58 +01:00
|
|
|
VERSION, status == VS_OLD ? "OBSOLETE" : "UNRECOMMENDED",
|
2007-10-16 01:15:24 +02:00
|
|
|
recommended);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-10-19 01:14:58 +02:00
|
|
|
/** Given a list <b>routers</b> of routerinfo_t *, update each status field
|
2007-10-18 16:19:51 +02:00
|
|
|
* according to our current consensus networkstatus. May re-order
|
2007-10-19 01:14:58 +02:00
|
|
|
* <b>routers</b>. */
|
2007-10-12 23:33:39 +02:00
|
|
|
void
|
|
|
|
routers_update_status_from_consensus_networkstatus(smartlist_t *routers,
|
|
|
|
int reset_failures)
|
|
|
|
{
|
2011-06-14 19:01:38 +02:00
|
|
|
const or_options_t *options = get_options();
|
2014-01-29 21:17:05 +01:00
|
|
|
int authdir = authdir_mode_v3(options);
|
2016-09-20 16:52:20 +02:00
|
|
|
networkstatus_t *ns = networkstatus_get_latest_consensus();
|
2007-10-12 23:33:39 +02:00
|
|
|
if (!ns || !smartlist_len(ns->routerstatus_list))
|
|
|
|
return;
|
|
|
|
|
|
|
|
routers_sort_by_identity(routers);
|
|
|
|
|
2008-04-07 18:28:34 +02:00
|
|
|
SMARTLIST_FOREACH_JOIN(ns->routerstatus_list, routerstatus_t *, rs,
|
|
|
|
routers, routerinfo_t *, router,
|
2011-05-10 22:23:43 +02:00
|
|
|
tor_memcmp(rs->identity_digest,
|
2008-04-07 18:28:34 +02:00
|
|
|
router->cache_info.identity_digest, DIGEST_LEN),
|
2007-10-12 23:33:39 +02:00
|
|
|
{
|
2008-04-07 18:28:34 +02:00
|
|
|
}) {
|
2008-04-08 19:06:38 +02:00
|
|
|
/* Is it the same descriptor, or only the same identity? */
|
2011-05-10 22:23:43 +02:00
|
|
|
if (tor_memeq(router->cache_info.signed_descriptor_digest,
|
2007-10-19 04:15:47 +02:00
|
|
|
rs->descriptor_digest, DIGEST_LEN)) {
|
|
|
|
if (ns->valid_until > router->cache_info.last_listed_as_valid_until)
|
|
|
|
router->cache_info.last_listed_as_valid_until = ns->valid_until;
|
|
|
|
}
|
2007-10-12 23:33:39 +02:00
|
|
|
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
if (authdir) {
|
2010-09-15 04:10:32 +02:00
|
|
|
/* If we _are_ an authority, we should check whether this router
|
2010-08-18 19:36:09 +02:00
|
|
|
* is one that will cause us to need a reachability test. */
|
|
|
|
routerinfo_t *old_router =
|
2010-09-29 06:38:32 +02:00
|
|
|
router_get_mutable_by_digest(router->cache_info.identity_digest);
|
2010-08-18 19:36:09 +02:00
|
|
|
if (old_router != router) {
|
|
|
|
router->needs_retest_if_added =
|
|
|
|
dirserv_should_launch_reachability_test(router, old_router);
|
|
|
|
}
|
2007-10-12 23:33:39 +02:00
|
|
|
}
|
|
|
|
if (reset_failures) {
|
|
|
|
download_status_reset(&rs->dl_status);
|
|
|
|
}
|
2008-04-07 18:28:34 +02:00
|
|
|
} SMARTLIST_FOREACH_JOIN_END(rs, router);
|
2007-10-12 23:33:39 +02:00
|
|
|
|
|
|
|
router_dir_info_changed();
|
|
|
|
}
|
|
|
|
|
2008-02-08 22:13:15 +01:00
|
|
|
/** Given a list of signed_descriptor_t, update their fields (mainly, when
|
|
|
|
* they were last listed) from the most recent consensus. */
|
2007-10-19 04:15:47 +02:00
|
|
|
void
|
|
|
|
signed_descs_update_status_from_consensus_networkstatus(smartlist_t *descs)
|
|
|
|
{
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_t *ns = current_ns_consensus;
|
2007-10-19 04:15:47 +02:00
|
|
|
if (!ns)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (!ns->desc_digest_map) {
|
|
|
|
char dummy[DIGEST_LEN];
|
|
|
|
/* instantiates the digest map. */
|
|
|
|
memset(dummy, 0, sizeof(dummy));
|
2010-05-11 23:20:33 +02:00
|
|
|
router_get_consensus_status_by_descriptor_digest(ns, dummy);
|
2007-10-19 04:15:47 +02:00
|
|
|
}
|
|
|
|
SMARTLIST_FOREACH(descs, signed_descriptor_t *, d,
|
|
|
|
{
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *rs = digestmap_get(ns->desc_digest_map,
|
2007-10-19 04:15:47 +02:00
|
|
|
d->signed_descriptor_digest);
|
|
|
|
if (rs) {
|
|
|
|
if (ns->valid_until > d->last_listed_as_valid_until)
|
|
|
|
d->last_listed_as_valid_until = ns->valid_until;
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** Generate networkstatus lines for a single routerstatus_t object, and
|
|
|
|
* return the result in a newly allocated string. Used only by controller
|
|
|
|
* interface (for now.) */
|
|
|
|
char *
|
2010-09-29 07:35:08 +02:00
|
|
|
networkstatus_getinfo_helper_single(const routerstatus_t *rs)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2017-10-15 18:09:52 +02:00
|
|
|
return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT,
|
|
|
|
ROUTERSTATUS_FORMAT_NO_CONSENSUS_METHOD,
|
|
|
|
NULL);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-12-18 23:39:15 +01:00
|
|
|
/** Alloc and return a string describing routerstatuses for the most
|
|
|
|
* recent info of each router we know about that is of purpose
|
|
|
|
* <b>purpose_string</b>. Return NULL if unrecognized purpose.
|
|
|
|
*
|
|
|
|
* Right now this function is oriented toward listing bridges (you
|
|
|
|
* shouldn't use this for general-purpose routers, since those
|
|
|
|
* should be listed from the consensus, not from the routers list). */
|
|
|
|
char *
|
2007-12-19 05:58:58 +01:00
|
|
|
networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now)
|
2007-12-18 23:39:15 +01:00
|
|
|
{
|
2017-10-15 20:37:32 +02:00
|
|
|
const time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
|
2007-12-18 23:39:15 +01:00
|
|
|
char *answer;
|
|
|
|
routerlist_t *rl = router_get_routerlist();
|
2008-01-16 06:27:19 +01:00
|
|
|
smartlist_t *statuses;
|
2017-10-15 20:37:32 +02:00
|
|
|
const uint8_t purpose = router_purpose_from_string(purpose_string);
|
2007-12-18 23:39:15 +01:00
|
|
|
routerstatus_t rs;
|
2017-10-15 20:37:32 +02:00
|
|
|
const int bridge_auth = authdir_mode_bridge(get_options());
|
2007-12-18 23:39:15 +01:00
|
|
|
|
|
|
|
if (purpose == ROUTER_PURPOSE_UNKNOWN) {
|
|
|
|
log_info(LD_DIR, "Unrecognized purpose '%s' when listing router statuses.",
|
|
|
|
purpose_string);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2012-01-18 21:53:30 +01:00
|
|
|
statuses = smartlist_new();
|
2012-07-17 15:33:38 +02:00
|
|
|
SMARTLIST_FOREACH_BEGIN(rl->routers, routerinfo_t *, ri) {
|
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-09-29 21:00:41 +02:00
|
|
|
node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
|
|
|
|
if (!node)
|
|
|
|
continue;
|
2007-12-18 23:39:15 +01:00
|
|
|
if (ri->cache_info.published_on < cutoff)
|
|
|
|
continue;
|
|
|
|
if (ri->purpose != purpose)
|
|
|
|
continue;
|
2017-10-15 20:37:32 +02:00
|
|
|
/* TODO: modifying the running flag in a getinfo is a bad idea */
|
2007-12-18 23:39:15 +01:00
|
|
|
if (bridge_auth && ri->purpose == ROUTER_PURPOSE_BRIDGE)
|
|
|
|
dirserv_set_router_is_running(ri, now);
|
|
|
|
/* then generate and write out status lines for each of them */
|
2015-07-10 15:03:56 +02:00
|
|
|
set_routerstatus_from_routerinfo(&rs, node, ri, now, 0);
|
2007-12-18 23:39:15 +01:00
|
|
|
smartlist_add(statuses, networkstatus_getinfo_helper_single(&rs));
|
2012-07-17 15:33:38 +02:00
|
|
|
} SMARTLIST_FOREACH_END(ri);
|
2007-12-18 23:39:15 +01:00
|
|
|
|
|
|
|
answer = smartlist_join_strings(statuses, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(statuses);
|
|
|
|
return answer;
|
|
|
|
}
|
|
|
|
|
2007-12-19 05:58:58 +01:00
|
|
|
/** Write out router status entries for all our bridge descriptors. */
|
|
|
|
void
|
|
|
|
networkstatus_dump_bridge_status_to_file(time_t now)
|
|
|
|
{
|
|
|
|
char *status = networkstatus_getinfo_by_purpose("bridge", now);
|
2012-01-11 20:02:59 +01:00
|
|
|
char *fname = NULL;
|
2014-08-26 01:13:03 +02:00
|
|
|
char *thresholds = NULL;
|
|
|
|
char *published_thresholds_and_status = NULL;
|
|
|
|
char published[ISO_TIME_LEN+1];
|
2017-06-11 09:53:16 +02:00
|
|
|
const routerinfo_t *me = router_get_my_routerinfo();
|
|
|
|
char fingerprint[FINGERPRINT_LEN+1];
|
|
|
|
char *fingerprint_line = NULL;
|
2014-08-26 01:13:03 +02:00
|
|
|
|
2017-07-05 23:37:06 +02:00
|
|
|
if (me && crypto_pk_get_fingerprint(me->identity_pkey,
|
|
|
|
fingerprint, 0) >= 0) {
|
2017-06-11 09:53:16 +02:00
|
|
|
tor_asprintf(&fingerprint_line, "fingerprint %s\n", fingerprint);
|
|
|
|
} else {
|
|
|
|
log_warn(LD_BUG, "Error computing fingerprint for bridge status.");
|
|
|
|
}
|
2014-08-26 01:13:03 +02:00
|
|
|
format_iso_time(published, now);
|
2016-05-11 18:13:22 +02:00
|
|
|
dirserv_compute_bridge_flag_thresholds();
|
2013-10-02 04:46:24 +02:00
|
|
|
thresholds = dirserv_get_flag_thresholds_line();
|
2014-08-26 01:13:03 +02:00
|
|
|
tor_asprintf(&published_thresholds_and_status,
|
2017-06-11 09:53:16 +02:00
|
|
|
"published %s\nflag-thresholds %s\n%s%s",
|
|
|
|
published, thresholds, fingerprint_line ? fingerprint_line : "",
|
|
|
|
status);
|
2017-11-14 22:10:12 +01:00
|
|
|
fname = get_datadir_fname("networkstatus-bridges");
|
2014-08-26 01:13:03 +02:00
|
|
|
write_str_to_file(fname,published_thresholds_and_status,0);
|
2013-10-02 04:46:24 +02:00
|
|
|
tor_free(thresholds);
|
2014-08-26 01:13:03 +02:00
|
|
|
tor_free(published_thresholds_and_status);
|
2007-12-19 05:58:58 +01:00
|
|
|
tor_free(fname);
|
|
|
|
tor_free(status);
|
2017-06-11 09:53:16 +02:00
|
|
|
tor_free(fingerprint_line);
|
2007-12-19 05:58:58 +01:00
|
|
|
}
|
|
|
|
|
2012-06-05 01:51:00 +02:00
|
|
|
/* DOCDOC get_net_param_from_list */
|
2010-12-27 18:44:42 +01:00
|
|
|
static int32_t
|
2010-01-30 02:10:50 +01:00
|
|
|
get_net_param_from_list(smartlist_t *net_params, const char *param_name,
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t default_val, int32_t min_val, int32_t max_val)
|
2010-01-30 02:10:50 +01:00
|
|
|
{
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t res = default_val;
|
2010-01-30 02:10:50 +01:00
|
|
|
size_t name_len = strlen(param_name);
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
tor_assert(max_val > min_val);
|
|
|
|
tor_assert(min_val <= default_val);
|
|
|
|
tor_assert(max_val >= default_val);
|
|
|
|
|
2010-01-30 02:10:50 +01:00
|
|
|
SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) {
|
|
|
|
if (!strcmpstart(p, param_name) && p[name_len] == '=') {
|
|
|
|
int ok=0;
|
|
|
|
long v = tor_parse_long(p+name_len+1, 10, INT32_MIN,
|
|
|
|
INT32_MAX, &ok, NULL);
|
2010-12-30 19:54:13 +01:00
|
|
|
if (ok) {
|
|
|
|
res = (int32_t) v;
|
|
|
|
break;
|
|
|
|
}
|
2010-01-30 02:10:50 +01:00
|
|
|
}
|
|
|
|
} SMARTLIST_FOREACH_END(p);
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
if (res < min_val) {
|
|
|
|
log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to "
|
|
|
|
"%d.", param_name, res, min_val);
|
|
|
|
res = min_val;
|
|
|
|
} else if (res > max_val) {
|
|
|
|
log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to "
|
|
|
|
"%d.", param_name, res, max_val);
|
|
|
|
res = max_val;
|
|
|
|
}
|
|
|
|
|
|
|
|
return res;
|
2010-01-30 02:10:50 +01:00
|
|
|
}
|
|
|
|
|
2009-09-15 05:39:08 +02:00
|
|
|
/** Return the value of a integer parameter from the networkstatus <b>ns</b>
|
2009-09-23 04:09:33 +02:00
|
|
|
* whose name is <b>param_name</b>. If <b>ns</b> is NULL, try loading the
|
|
|
|
* latest consensus ourselves. Return <b>default_val</b> if no latest
|
2010-12-30 19:54:13 +01:00
|
|
|
* consensus, or if it has no parameter called <b>param_name</b>.
|
|
|
|
* Make sure the value parsed from the consensus is at least
|
|
|
|
* <b>min_val</b> and at most <b>max_val</b> and raise/cap the parsed value
|
|
|
|
* if necessary. */
|
2017-07-10 22:10:50 +02:00
|
|
|
MOCK_IMPL(int32_t,
|
|
|
|
networkstatus_get_param, (const networkstatus_t *ns, const char *param_name,
|
|
|
|
int32_t default_val, int32_t min_val, int32_t max_val))
|
2009-09-15 05:39:08 +02:00
|
|
|
{
|
2009-09-23 04:09:33 +02:00
|
|
|
if (!ns) /* if they pass in null, go find it ourselves */
|
|
|
|
ns = networkstatus_get_latest_consensus();
|
|
|
|
|
2009-09-15 05:39:08 +02:00
|
|
|
if (!ns || !ns->net_params)
|
|
|
|
return default_val;
|
|
|
|
|
2010-12-30 19:54:13 +01:00
|
|
|
return get_net_param_from_list(ns->net_params, param_name,
|
|
|
|
default_val, min_val, max_val);
|
2009-09-15 05:39:08 +02:00
|
|
|
}
|
|
|
|
|
2016-11-26 15:22:04 +01:00
|
|
|
/**
|
|
|
|
* As networkstatus_get_param(), but check torrc_value before checking the
|
|
|
|
* consensus. If torrc_value is in-range, then return it instead of the
|
|
|
|
* value from the consensus.
|
|
|
|
*/
|
|
|
|
int32_t
|
|
|
|
networkstatus_get_overridable_param(const networkstatus_t *ns,
|
|
|
|
int32_t torrc_value,
|
|
|
|
const char *param_name,
|
|
|
|
int32_t default_val,
|
|
|
|
int32_t min_val, int32_t max_val)
|
|
|
|
{
|
|
|
|
if (torrc_value >= min_val && torrc_value <= max_val)
|
|
|
|
return torrc_value;
|
|
|
|
else
|
|
|
|
return networkstatus_get_param(
|
|
|
|
ns, param_name, default_val, min_val, max_val);
|
|
|
|
}
|
|
|
|
|
2013-01-31 03:41:10 +01:00
|
|
|
/**
|
|
|
|
* Retrieve the consensus parameter that governs the
|
|
|
|
* fixed-point precision of our network balancing 'bandwidth-weights'
|
|
|
|
* (which are themselves integer consensus values). We divide them
|
|
|
|
* by this value and ensure they never exceed this value.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
networkstatus_get_weight_scale_param(networkstatus_t *ns)
|
|
|
|
{
|
|
|
|
return networkstatus_get_param(ns, "bwweightscale",
|
|
|
|
BW_WEIGHT_SCALE,
|
|
|
|
BW_MIN_WEIGHT_SCALE,
|
|
|
|
BW_MAX_WEIGHT_SCALE);
|
|
|
|
}
|
|
|
|
|
2010-01-30 00:40:40 +01:00
|
|
|
/** Return the value of a integer bw weight parameter from the networkstatus
|
|
|
|
* <b>ns</b> whose name is <b>weight_name</b>. If <b>ns</b> is NULL, try
|
|
|
|
* loading the latest consensus ourselves. Return <b>default_val</b> if no
|
2010-12-30 19:54:13 +01:00
|
|
|
* latest consensus, or if it has no parameter called <b>weight_name</b>. */
|
2010-01-30 00:40:40 +01:00
|
|
|
int32_t
|
|
|
|
networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name,
|
2010-12-30 19:54:13 +01:00
|
|
|
int32_t default_val)
|
2010-01-30 00:40:40 +01:00
|
|
|
{
|
2011-01-15 19:31:23 +01:00
|
|
|
int32_t param;
|
|
|
|
int max;
|
2010-01-30 00:40:40 +01:00
|
|
|
if (!ns) /* if they pass in null, go find it ourselves */
|
|
|
|
ns = networkstatus_get_latest_consensus();
|
|
|
|
|
|
|
|
if (!ns || !ns->weight_params)
|
|
|
|
return default_val;
|
|
|
|
|
2013-01-31 03:41:10 +01:00
|
|
|
max = networkstatus_get_weight_scale_param(ns);
|
2011-01-15 19:31:23 +01:00
|
|
|
param = get_net_param_from_list(ns->weight_params, weight_name,
|
|
|
|
default_val, -1,
|
|
|
|
BW_MAX_WEIGHT_SCALE);
|
|
|
|
if (param > max) {
|
|
|
|
log_warn(LD_DIR, "Value of consensus weight %s was too large, capping "
|
|
|
|
"to %d", weight_name, max);
|
|
|
|
param = max;
|
|
|
|
}
|
|
|
|
return param;
|
2010-01-30 00:40:40 +01:00
|
|
|
}
|
|
|
|
|
2009-09-16 23:01:01 +02:00
|
|
|
/** Return the name of the consensus flavor <b>flav</b> as used to identify
|
|
|
|
* the flavor in directory documents. */
|
|
|
|
const char *
|
|
|
|
networkstatus_get_flavor_name(consensus_flavor_t flav)
|
|
|
|
{
|
|
|
|
switch (flav) {
|
|
|
|
case FLAV_NS:
|
|
|
|
return "ns";
|
|
|
|
case FLAV_MICRODESC:
|
|
|
|
return "microdesc";
|
|
|
|
default:
|
|
|
|
tor_fragile_assert();
|
|
|
|
return "??";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-10-15 22:06:00 +02:00
|
|
|
/** Return the consensus_flavor_t value for the flavor called <b>flavname</b>,
|
2009-12-14 01:21:06 +01:00
|
|
|
* or -1 if the flavor is not recognized. */
|
2009-09-23 21:23:04 +02:00
|
|
|
int
|
|
|
|
networkstatus_parse_flavor_name(const char *flavname)
|
|
|
|
{
|
|
|
|
if (!strcmp(flavname, "ns"))
|
|
|
|
return FLAV_NS;
|
|
|
|
else if (!strcmp(flavname, "microdesc"))
|
|
|
|
return FLAV_MICRODESC;
|
|
|
|
else
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2012-09-13 19:16:37 +02:00
|
|
|
/** Return 0 if this routerstatus is obsolete, too new, isn't
|
|
|
|
* running, or otherwise not a descriptor that we would make any
|
|
|
|
* use of even if we had it. Else return 1. */
|
|
|
|
int
|
2017-05-10 23:57:35 +02:00
|
|
|
client_would_use_router(const routerstatus_t *rs, time_t now)
|
2012-09-13 19:16:37 +02:00
|
|
|
{
|
2016-11-30 01:43:04 +01:00
|
|
|
if (!rs->is_flagged_running) {
|
2012-09-13 19:16:37 +02:00
|
|
|
/* If we had this router descriptor, we wouldn't even bother using it.
|
2016-11-30 01:43:04 +01:00
|
|
|
* (Fetching and storing depends on by we_want_to_fetch_flavor().) */
|
2012-09-13 19:16:37 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) {
|
|
|
|
/* We'd drop it immediately for being too old. */
|
|
|
|
return 0;
|
|
|
|
}
|
2016-10-27 06:53:49 +02:00
|
|
|
if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
|
|
|
|
/* We'd ignore it because it doesn't support EXTEND2 cells.
|
2016-07-07 04:58:47 +02:00
|
|
|
* If we don't know the version, download the descriptor so we can
|
2016-10-27 06:53:49 +02:00
|
|
|
* check if it supports EXTEND2 cells and ntor. */
|
2016-07-06 09:32:57 +02:00
|
|
|
return 0;
|
|
|
|
}
|
2012-09-13 19:16:37 +02:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2007-10-08 23:21:50 +02:00
|
|
|
/** If <b>question</b> is a string beginning with "ns/" in a format the
|
|
|
|
* control interface expects for a GETINFO question, set *<b>answer</b> to a
|
|
|
|
* newly-allocated string containing networkstatus lines for the appropriate
|
|
|
|
* ORs. Return 0 on success, -1 on unrecognized question format. */
|
|
|
|
int
|
|
|
|
getinfo_helper_networkstatus(control_connection_t *conn,
|
2010-07-18 17:05:58 +02:00
|
|
|
const char *question, char **answer,
|
|
|
|
const char **errmsg)
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *status;
|
2007-10-08 23:21:50 +02:00
|
|
|
(void) conn;
|
|
|
|
|
2016-09-20 16:52:20 +02:00
|
|
|
if (!networkstatus_get_latest_consensus()) {
|
2007-10-08 23:21:50 +02:00
|
|
|
*answer = tor_strdup("");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!strcmp(question, "ns/all")) {
|
2012-01-18 21:53:30 +01:00
|
|
|
smartlist_t *statuses = smartlist_new();
|
2016-09-20 16:52:20 +02:00
|
|
|
SMARTLIST_FOREACH(networkstatus_get_latest_consensus()->routerstatus_list,
|
2010-09-29 07:35:08 +02:00
|
|
|
const routerstatus_t *, rs,
|
2007-10-08 23:21:50 +02:00
|
|
|
{
|
|
|
|
smartlist_add(statuses, networkstatus_getinfo_helper_single(rs));
|
|
|
|
});
|
|
|
|
*answer = smartlist_join_strings(statuses, "", 0, NULL);
|
|
|
|
SMARTLIST_FOREACH(statuses, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(statuses);
|
|
|
|
return 0;
|
|
|
|
} else if (!strcmpstart(question, "ns/id/")) {
|
|
|
|
char d[DIGEST_LEN];
|
2012-11-05 04:12:11 +01:00
|
|
|
const char *q = question + 6;
|
|
|
|
if (*q == '$')
|
|
|
|
++q;
|
2007-10-08 23:21:50 +02:00
|
|
|
|
2016-06-17 16:41:45 +02:00
|
|
|
if (base16_decode(d, DIGEST_LEN, q, strlen(q)) != DIGEST_LEN) {
|
2010-07-18 17:05:58 +02:00
|
|
|
*errmsg = "Data not decodeable as hex";
|
2007-10-08 23:21:50 +02:00
|
|
|
return -1;
|
2010-07-18 17:05:58 +02:00
|
|
|
}
|
2007-10-16 01:15:24 +02:00
|
|
|
status = router_get_consensus_status_by_id(d);
|
2007-10-08 23:21:50 +02:00
|
|
|
} else if (!strcmpstart(question, "ns/name/")) {
|
2017-08-23 01:04:31 +02:00
|
|
|
const node_t *n = node_get_by_nickname(question+8, 0);
|
|
|
|
status = n ? n->rs : NULL;
|
2007-12-18 23:39:15 +01:00
|
|
|
} else if (!strcmpstart(question, "ns/purpose/")) {
|
2007-12-19 05:58:58 +01:00
|
|
|
*answer = networkstatus_getinfo_by_purpose(question+11, time(NULL));
|
2007-12-18 23:39:15 +01:00
|
|
|
return *answer ? 0 : -1;
|
2015-01-28 17:25:37 +01:00
|
|
|
} else if (!strcmp(question, "consensus/packages")) {
|
2015-01-27 22:40:32 +01:00
|
|
|
const networkstatus_t *ns = networkstatus_get_latest_consensus();
|
2015-01-28 17:28:21 +01:00
|
|
|
if (ns && ns->package_lines)
|
2015-01-29 20:14:59 +01:00
|
|
|
*answer = smartlist_join_strings(ns->package_lines, "\n", 0, NULL);
|
|
|
|
else
|
|
|
|
*errmsg = "No consensus available";
|
2015-01-27 22:40:32 +01:00
|
|
|
return *answer ? 0 : -1;
|
2015-01-28 17:28:21 +01:00
|
|
|
} else if (!strcmp(question, "consensus/valid-after") ||
|
|
|
|
!strcmp(question, "consensus/fresh-until") ||
|
|
|
|
!strcmp(question, "consensus/valid-until")) {
|
|
|
|
const networkstatus_t *ns = networkstatus_get_latest_consensus();
|
|
|
|
if (ns) {
|
|
|
|
time_t t;
|
|
|
|
if (!strcmp(question, "consensus/valid-after"))
|
|
|
|
t = ns->valid_after;
|
|
|
|
else if (!strcmp(question, "consensus/fresh-until"))
|
|
|
|
t = ns->fresh_until;
|
|
|
|
else
|
|
|
|
t = ns->valid_until;
|
|
|
|
|
|
|
|
char tbuf[ISO_TIME_LEN+1];
|
|
|
|
format_iso_time(tbuf, t);
|
|
|
|
*answer = tor_strdup(tbuf);
|
2015-01-29 20:14:59 +01:00
|
|
|
} else {
|
|
|
|
*errmsg = "No consensus available";
|
2015-01-28 17:28:21 +01:00
|
|
|
}
|
|
|
|
return *answer ? 0 : -1;
|
2007-10-08 23:21:50 +02:00
|
|
|
} else {
|
2010-07-18 17:13:25 +02:00
|
|
|
return 0;
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
|
2007-12-18 23:39:15 +01:00
|
|
|
if (status)
|
2007-10-09 17:27:15 +02:00
|
|
|
*answer = networkstatus_getinfo_helper_single(status);
|
2007-10-08 23:21:50 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-08-19 23:31:49 +02:00
|
|
|
/** Check whether the networkstatus <b>ns</b> lists any protocol
|
|
|
|
* versions as "required" or "recommended" that we do not support. If
|
|
|
|
* so, set *<b>warning_out</b> to a newly allocated string describing
|
|
|
|
* the problem.
|
|
|
|
*
|
|
|
|
* Return 1 if we should exit, 0 if we should not. */
|
|
|
|
int
|
|
|
|
networkstatus_check_required_protocols(const networkstatus_t *ns,
|
|
|
|
int client_mode,
|
|
|
|
char **warning_out)
|
|
|
|
{
|
|
|
|
const char *func = client_mode ? "client" : "relay";
|
|
|
|
const char *required, *recommended;
|
|
|
|
char *missing = NULL;
|
|
|
|
|
|
|
|
tor_assert(warning_out);
|
|
|
|
|
|
|
|
if (client_mode) {
|
|
|
|
required = ns->required_client_protocols;
|
|
|
|
recommended = ns->recommended_client_protocols;
|
|
|
|
} else {
|
|
|
|
required = ns->required_relay_protocols;
|
|
|
|
recommended = ns->recommended_relay_protocols;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!protover_all_supported(required, &missing)) {
|
|
|
|
tor_asprintf(warning_out, "At least one protocol listed as required in "
|
|
|
|
"the consensus is not supported by this version of Tor. "
|
|
|
|
"You should upgrade. This version of Tor will not work as a "
|
|
|
|
"%s on the Tor network. The missing protocols are: %s",
|
|
|
|
func, missing);
|
|
|
|
tor_free(missing);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (! protover_all_supported(recommended, &missing)) {
|
|
|
|
tor_asprintf(warning_out, "At least one protocol listed as recommended in "
|
|
|
|
"the consensus is not supported by this version of Tor. "
|
|
|
|
"You should upgrade. This version of Tor will eventually "
|
|
|
|
"stop working as a %s on the Tor network. The missing "
|
|
|
|
"protocols are: %s",
|
|
|
|
func, missing);
|
|
|
|
tor_free(missing);
|
|
|
|
}
|
|
|
|
|
|
|
|
tor_assert_nonfatal(missing == NULL);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-18 16:19:51 +02:00
|
|
|
/** Free all storage held locally in this module. */
|
2007-10-08 23:21:50 +02:00
|
|
|
void
|
|
|
|
networkstatus_free_all(void)
|
|
|
|
{
|
2009-10-13 23:06:01 +02:00
|
|
|
int i;
|
2010-09-17 04:12:03 +02:00
|
|
|
networkstatus_vote_free(current_ns_consensus);
|
|
|
|
networkstatus_vote_free(current_md_consensus);
|
|
|
|
current_md_consensus = current_ns_consensus = NULL;
|
2009-12-12 08:07:59 +01:00
|
|
|
|
2009-10-13 23:06:01 +02:00
|
|
|
for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
|
|
|
|
consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
|
|
|
|
if (waiting->consensus) {
|
|
|
|
networkstatus_vote_free(waiting->consensus);
|
|
|
|
waiting->consensus = NULL;
|
|
|
|
}
|
|
|
|
tor_free(waiting->body);
|
2007-10-08 23:21:50 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|