Actually remember all the consensus types when we are done generating them.

2024-11-24 12:23:32 +01:00 · 2009-10-13 17:06:01 -04:00 · 2009-10-13 17:06:01 -04:00 · 851a980065
commit 851a980065
parent a19981725d
6 changed files with 269 additions and 140 deletions
--- a/src/or/control.c
+++ b/src/or/control.c
@ -1506,7 +1506,7 @@ getinfo_helper_dir(control_connection_t *control_conn,
    }
  } else if (!strcmp(question, "dir/status-vote/current/consensus")) { /* v3 */
    if (directory_caches_dir_info(get_options())) {
-      const cached_dir_t *consensus = dirserv_get_consensus();
+      const cached_dir_t *consensus = dirserv_get_consensus("ns");
      if (consensus)
        *answer = tor_strdup(consensus->dir);
    }
--- a/src/or/directory.c
+++ b/src/or/directory.c
@ -1623,7 +1623,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
    }
    log_info(LD_DIR,"Received consensus directory (size %d) from server "
             "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
-    if ((r=networkstatus_set_current_consensus(body, 0))<0) {
+    if ((r=networkstatus_set_current_consensus(body, "ns", 0))<0) {
      log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
             "Unable to load consensus directory downloaded from "
             "server '%s:%d'. I'll try again soon.",
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -41,7 +41,7 @@ static time_t the_v2_networkstatus_is_dirty = 1;
 static cached_dir_t *the_directory = NULL;
 /** For authoritative directories: the current (v1) network status. */
-static cached_dir_t the_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
+static cached_dir_t the_runningrouters;
 static void directory_remove_invalid(void);
 static cached_dir_t *dirserv_regenerate_directory(void);
@ -1211,14 +1211,14 @@ directory_too_idle_to_fetch_descriptors(or_options_t *options, time_t now)
 static cached_dir_t *cached_directory = NULL;
 /** The v1 runningrouters document we'll serve (as a cache or as an authority)
 * if requested. */
-static cached_dir_t cached_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
+static cached_dir_t cached_runningrouters;
 /** Used for other dirservers' v2 network statuses.  Map from hexdigest to
 * cached_dir_t. */
 static digestmap_t *cached_v2_networkstatus = NULL;
-/** The v3 consensus network status that we're currently serving. */
+/** Map from flavor name to the v3 consensuses that we're currently serving. */
-static cached_dir_t *cached_v3_networkstatus = NULL;
+static strmap_t *cached_consensuses = NULL;
 /** Possibly replace the contents of <b>d</b> with the value of
 * <b>directory</b> published on <b>when</b>, unless <b>when</b> is older than
@ -1386,17 +1386,26 @@ dirserv_set_cached_networkstatus_v2(const char *networkstatus,
  }
 }
-/** Replace the v3 consensus networkstatus that we're serving with
+/** Replace the v3 consensus networkstatus of type <b>flavor_name</b> that
- * <b>networkstatus</b>, published at <b>published</b>.  No validation is
+ * we're serving with <b>networkstatus</b>, published at <b>published</b>.  No
- * performed. */
+ * validation is performed. */
 void
-dirserv_set_cached_networkstatus_v3(const char *networkstatus,
+dirserv_set_cached_consensus_networkstatus(const char *networkstatus,
                                           const char *flavor_name,
                                           const digests_t *digests,
                                           time_t published)
 {
-  if (cached_v3_networkstatus)
+  cached_dir_t *new_networkstatus;
-    cached_dir_decref(cached_v3_networkstatus);
+  cached_dir_t *old_networkstatus;
-  cached_v3_networkstatus = new_cached_dir(
+  if (!cached_consensuses)
-                                  tor_strdup(networkstatus), published);
+    cached_consensuses = strmap_new();
  new_networkstatus = new_cached_dir(tor_strdup(networkstatus), published);
  memcpy(&new_networkstatus->digests, digests, sizeof(digests_t));
  old_networkstatus = strmap_set(cached_consensuses, flavor_name,
                                 new_networkstatus);
  if (old_networkstatus)
    cached_dir_decref(old_networkstatus);
 }
 /** Remove any v2 networkstatus from the directory cache that was published
@ -1579,9 +1588,9 @@ dirserv_get_runningrouters(void)
 /** Return the latest downloaded consensus networkstatus in encoded, signed,
 * optionally compressed format, suitable for sending to clients. */
 cached_dir_t *
-dirserv_get_consensus(void)
+dirserv_get_consensus(const char *flavor_name)
 {
-  return cached_v3_networkstatus;
+  return strmap_get(cached_consensuses, flavor_name);
 }
 /** For authoritative directories: the current (v2) network status. */
@ -3130,8 +3139,8 @@ static cached_dir_t *
 lookup_cached_dir_by_fp(const char *fp)
 {
  cached_dir_t *d = NULL;
-  if (tor_digest_is_zero(fp) && cached_v3_networkstatus)
+  if (tor_digest_is_zero(fp) && cached_consensuses)
-    d = cached_v3_networkstatus;
+    d = strmap_get(cached_consensuses, "ns");
  else if (router_digest_is_me(fp) && the_v2_networkstatus)
    d = the_v2_networkstatus;
  else if (cached_v2_networkstatus)
@ -3467,6 +3476,9 @@ dirserv_free_all(void)
    digestmap_free(cached_v2_networkstatus, _free_cached_dir);
    cached_v2_networkstatus = NULL;
  }
-  cached_dir_decref(cached_v3_networkstatus);
+  if (cached_consensuses) {
    strmap_free(cached_consensuses, _free_cached_dir);
    cached_consensuses = NULL;
  }
 }
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@ -421,13 +421,13 @@ compute_routerstatus_consensus(smartlist_t *votes, int consensus_method,
      microdesc_digest256_out) {
    smartlist_t *digests = smartlist_create();
    const char *best_microdesc_digest;
-    SMARTLIST_FOREACH(votes, vote_routerstatus_t *, rs, {
+    SMARTLIST_FOREACH_BEGIN(votes, vote_routerstatus_t *, rs) {
        char d[DIGEST256_LEN];
        if (compare_vote_rs(rs, most))
          continue;
        if (!vote_routerstatus_find_microdesc_hash(d, rs, consensus_method))
          smartlist_add(digests, tor_memdup(d, sizeof(d)));
-    });
+    } SMARTLIST_FOREACH_END(rs);
    smartlist_sort_digests256(digests);
    best_microdesc_digest = smartlist_get_most_frequent_digest256(digests);
    if (best_microdesc_digest)
@ -2602,20 +2602,25 @@ dirvote_add_signatures(const char *detached_signatures_body,
 static int
 dirvote_publish_consensus(void)
 {
-  /* Can we actually publish it yet? */
+  int i;
-  if (!pending_consensuses[FLAV_NS].consensus ||
+
-      networkstatus_check_consensus_signature(
+  /* Now remember all the other consensuses as if we were a directory cache. */
-                              pending_consensuses[FLAV_NS].consensus, 1)<0) {
+  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
-    log_warn(LD_DIR, "Not enough info to publish pending consensus");
+    pending_consensus_t *pending = &pending_consensuses[i];
-    return -1;
+    const char *name;
    name = networkstatus_get_flavor_name(i);
    tor_assert(name);
    if (!pending->consensus ||
      networkstatus_check_consensus_signature(pending->consensus, 1)<0) {
      log_warn(LD_DIR, "Not enough info to publish pending %s consensus",name);
      continue;
    }
-  /* XXXXXX NMNMNM */
+    if (networkstatus_set_current_consensus(pending->body, name, 0))
-  if (networkstatus_set_current_consensus(
+      log_warn(LD_DIR, "Error publishing %s consensus", name);
                              pending_consensuses[FLAV_NS].body, 0))
    log_warn(LD_DIR, "Error publishing consensus");
    else
-    log_notice(LD_DIR, "Consensus published.");
+      log_notice(LD_DIR, "Published %s consensus", name);
  }
  return 0;
 }
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@ -35,16 +35,22 @@ static networkstatus_t *current_consensus = NULL;
 /** A v3 consensus networkstatus that we've received, but which we don't
 * have enough certificates to be happy about. */
-static networkstatus_t *consensus_waiting_for_certs = NULL;
+typedef struct consensus_waiting_for_certs_t {
-/** The encoded version of consensus_waiting_for_certs. */
+  /** The consensus itself. */
-static char *consensus_waiting_for_certs_body = NULL;
+  networkstatus_t *consensus;
-/** When did we set the current value of consensus_waiting_for_certs?  If this
+  /** The encoded version of the consensus, nul-terminated. */
- * is too recent, we shouldn't try to fetch a new consensus for a little while,
+  char *body;
- * to give ourselves time to get certificates for this one. */
+  /** When did we set the current value of consensus_waiting_for_certs?  If
-static time_t consensus_waiting_for_certs_set_at = 0;
+   * this is too recent, we shouldn't try to fetch a new consensus for a
-/** Set to 1 if we've been holding on to consensus_waiting_for_certs so long
+   * little while, to give ourselves time to get certificates for this one. */
- * that we should treat it as maybe being bad. */
+  time_t set_at;
-static int consensus_waiting_for_certs_dl_failed = 0;
+  /** Set to 1 if we've been holding on to it for so long we should maybe
   * treat it as being bad. */
  int dl_failed;
 } consensus_waiting_for_certs_t;
 static consensus_waiting_for_certs_t
       consensus_waiting_for_certs[N_CONSENSUS_FLAVORS];
 /** The last time we tried to download a networkstatus, or 0 for "never".  We
 * use this to rate-limit download attempts for directory caches (including
@ -56,7 +62,7 @@ static time_t last_networkstatus_download_attempted = 0;
 * before the current consensus becomes invalid. */
 static time_t time_to_download_next_consensus = 0;
 /** Download status for the current consensus networkstatus. */
-static download_status_t consensus_dl_status = { 0, 0, DL_SCHED_CONSENSUS };
+static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS];
 /** True iff we have logged a warning about this OR's version being older than
 * listed by the authorities. */
@ -89,6 +95,7 @@ networkstatus_reset_warnings(void)
 void
 networkstatus_reset_download_failures(void)
 {
  int i;
  const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
  SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
     SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
@ -97,7 +104,8 @@ networkstatus_reset_download_failures(void)
           rs->need_to_mirror = 1;
       }));;
-  download_status_reset(&consensus_dl_status);
+  for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
    download_status_reset(&consensus_dl_status[i]);
  if (v2_download_status_map) {
    digestmap_iter_t *iter;
    digestmap_t *map = v2_download_status_map;
@ -170,7 +178,7 @@ router_reload_v2_networkstatus(void)
  return 0;
 }
-/** Read the cached v3 consensus networkstatus from the disk. */
+/** Read every cached v3 consensus networkstatus from the disk. */
 int
 router_reload_consensus_networkstatus(void)
 {
@ -179,31 +187,46 @@ router_reload_consensus_networkstatus(void)
  struct stat st;
  or_options_t *options = get_options();
  const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
  int flav;
  /* FFFF Suppress warnings if cached consensus is bad? */
-
+  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
    char buf[128];
    const char *flavor = networkstatus_get_flavor_name(flav);
    if (flav == FLAV_NS) {
      filename = get_datadir_fname("cached-consensus");
    } else {
      tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
      filename = get_datadir_fname(buf);
    }
    s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
    if (s) {
-    if (networkstatus_set_current_consensus(s, flags) < -1) {
+      if (networkstatus_set_current_consensus(s, flavor, flags) < -1) {
-      log_warn(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
+        log_warn(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
-               filename);
+                 flavor, filename);
      }
      tor_free(s);
    }
    tor_free(filename);
    if (flav == FLAV_NS) {
      filename = get_datadir_fname("unverified-consensus");
    } else {
      tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
      filename = get_datadir_fname(buf);
    }
    s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
    if (s) {
-    if (networkstatus_set_current_consensus(s,
+      if (networkstatus_set_current_consensus(s, flavor,
                                     flags|NSSET_WAS_WAITING_FOR_CERTS)) {
-      log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
+      log_info(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
-               filename);
+               flavor, filename);
    }
      tor_free(s);
    }
    tor_free(filename);
  }
  if (!current_consensus ||
      (stat(options->FallbackNetworkstatusFile, &st)==0 &&
@ -211,7 +234,7 @@ router_reload_consensus_networkstatus(void)
    s = read_file_to_str(options->FallbackNetworkstatusFile,
                         RFTS_IGNORE_MISSING, NULL);
    if (s) {
-      if (networkstatus_set_current_consensus(s,
+      if (networkstatus_set_current_consensus(s, "ns",
                                              flags|NSSET_ACCEPT_OBSOLETE)) {
        log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
                 options->FallbackNetworkstatusFile);
@ -1123,27 +1146,32 @@ static void
 update_consensus_networkstatus_downloads(time_t now)
 {
  or_options_t *options = get_options();
  int i;
  if (!networkstatus_get_live_consensus(now))
    time_to_download_next_consensus = now; /* No live consensus? Get one now!*/
  if (time_to_download_next_consensus > now)
    return; /* Wait until the current consensus is older. */
  if (authdir_mode_v3(options))
    return; /* Authorities never fetch a consensus */
-  if (!download_status_is_ready(&consensus_dl_status, now,
+  /* XXXXNM Microdescs: may need to download more types. */
  if (!download_status_is_ready(&consensus_dl_status[FLAV_NS], now,
                                CONSENSUS_NETWORKSTATUS_MAX_DL_TRIES))
    return; /* We failed downloading a consensus too recently. */
  if (connection_get_by_type_purpose(CONN_TYPE_DIR,
                                     DIR_PURPOSE_FETCH_CONSENSUS))
    return; /* There's an in-progress download.*/
-  if (consensus_waiting_for_certs) {
+  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
    consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
    if (waiting->consensus) {
      /* XXXX make sure this doesn't delay sane downloads. */
-    if (consensus_waiting_for_certs_set_at + DELAY_WHILE_FETCHING_CERTS > now)
+      if (waiting->set_at + DELAY_WHILE_FETCHING_CERTS > now)
        return; /* We're still getting certs for this one. */
      else {
-      if (!consensus_waiting_for_certs_dl_failed) {
+        if (!waiting->dl_failed) {
-        download_status_failed(&consensus_dl_status, 0);
+          download_status_failed(&consensus_dl_status[FLAV_NS], 0);
-        consensus_waiting_for_certs_dl_failed=1;
+          waiting->dl_failed=1;
        }
      }
    }
  }
@ -1159,7 +1187,8 @@ update_consensus_networkstatus_downloads(time_t now)
 void
 networkstatus_consensus_download_failed(int status_code)
 {
-  download_status_failed(&consensus_dl_status, status_code);
+  /* XXXXNM Microdescs: may need to handle more types. */
  download_status_failed(&consensus_dl_status[FLAV_NS], status_code);
  /* Retry immediately, if appropriate. */
  update_consensus_networkstatus_downloads(time(NULL));
 }
@ -1265,9 +1294,13 @@ update_networkstatus_downloads(time_t now)
 void
 update_certificate_downloads(time_t now)
 {
-  if (consensus_waiting_for_certs)
+  int i;
-    authority_certs_fetch_missing(consensus_waiting_for_certs, now);
+  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
-  else
+    if (consensus_waiting_for_certs[i].consensus)
      authority_certs_fetch_missing(consensus_waiting_for_certs[i].consensus,
                                    now);
  }
  authority_certs_fetch_missing(current_consensus, now);
 }
@ -1276,7 +1309,8 @@ update_certificate_downloads(time_t now)
 int
 consensus_is_waiting_for_certs(void)
 {
-  return consensus_waiting_for_certs ? 1 : 0;
+  return consensus_waiting_for_certs[USABLE_CONSENSUS_FLAVOR].consensus
    ? 1 : 0;
 }
 /** Return the network status with a given identity digest. */
@ -1445,16 +1479,29 @@ networkstatus_copy_old_consensus_info(networkstatus_t *new_c,
 * user, and -2 for more serious problems.
 */
 int
-networkstatus_set_current_consensus(const char *consensus, unsigned flags)
+networkstatus_set_current_consensus(const char *consensus,
                                    const char *flavor,
                                    unsigned flags)
 {
-  networkstatus_t *c;
+  networkstatus_t *c=NULL;
  int r, result = -1;
  time_t now = time(NULL);
  char *unverified_fname = NULL, *consensus_fname = NULL;
  int flav = networkstatus_parse_flavor_name(flavor);
  const unsigned from_cache = flags & NSSET_FROM_CACHE;
  const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
  const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
  const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
  const unsigned require_flavor = flags & NSSET_REQUIRE_FLAVOR;
  const digests_t *current_digests = NULL;
  consensus_waiting_for_certs_t *waiting = NULL;
  time_t current_valid_after = 0;
  if (flav < 0) {
    /* XXXX we don't handle unrecognized flavors yet. */
    log_warn(LD_BUG, "Unrecognized consensus flavor %s", flavor);
    return -2;
  }
  /* Make sure it's parseable. */
  c = networkstatus_parse_vote_from_string(consensus, NULL, NS_TYPE_CONSENSUS);
@ -1464,31 +1511,69 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
    goto done;
  }
  if (c->flavor != flav) {
    /* This wasn't the flavor we thought we were getting. */
    if (require_flavor) {
      log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
               networkstatus_get_flavor_name(c->flavor), flavor);
      goto done;
    }
    flav = c->flavor;
    flavor = networkstatus_get_flavor_name(flav);
  }
  if (flav != USABLE_CONSENSUS_FLAVOR &&
      !directory_caches_dir_info(get_options())) {
    /* This consensus is totally boring to us: we won't use it, and we won't
     * serve it.  Drop it. */
    result = -1;
    goto done;
  }
  if (from_cache && !accept_obsolete &&
      c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
    /* XXX022 when we try to make fallbackconsensus work again, we should
     * consider taking this out. Until then, believing obsolete consensuses
     * is causing more harm than good. See also bug 887. */
-    log_info(LD_DIR, "Loaded an obsolete consensus. Discarding.");
+    log_info(LD_DIR, "Loaded an expired consensus. Discarding.");
    goto done;
  }
  if (current_consensus &&
      !memcmp(&c->digests, &current_consensus->digests, sizeof(c->digests))) {
    /* We already have this one. That's a failure. */
    log_info(LD_DIR, "Got a consensus we already have");
    goto done;
  }
  if (current_consensus && c->valid_after <= current_consensus->valid_after) {
    /* We have a newer one.  There's no point in accepting this one,
     * even if it's great. */
    log_info(LD_DIR, "Got a consensus at least as old as the one we have");
    goto done;
  }
  if (!strcmp(flavor, "ns")) {
    consensus_fname = get_datadir_fname("cached-consensus");
    unverified_fname = get_datadir_fname("unverified-consensus");
    if (current_consensus) {
      current_digests = &current_consensus->digests;
      current_valid_after = current_consensus->valid_after;
    }
  } else {
    cached_dir_t *cur;
    char buf[128];
    tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
    consensus_fname = get_datadir_fname(buf);
    tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
    unverified_fname = get_datadir_fname(buf);
    cur = dirserv_get_consensus(flavor);
    if (cur) {
      current_digests = &cur->digests;
      current_valid_after = cur->published;
    }
  }
  if (current_digests &&
      !memcmp(&c->digests, current_digests, sizeof(c->digests))) {
    /* We already have this one. That's a failure. */
    log_info(LD_DIR, "Got a %s consensus we already have", flavor);
    goto done;
  }
  if (current_valid_after && c->valid_after <= current_valid_after) {
    /* We have a newer one.  There's no point in accepting this one,
     * even if it's great. */
    log_info(LD_DIR, "Got a %s consensus at least as old as the one we have",
             flavor);
    goto done;
  }
  /* Make sure it's signed enough. */
  if ((r=networkstatus_check_consensus_signature(c, 1))<0) {
@ -1498,16 +1583,17 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
        log_info(LD_DIR,
                 "Not enough certificates to check networkstatus consensus");
      }
-      if (!current_consensus ||
+      if (!current_valid_after ||
-          c->valid_after > current_consensus->valid_after) {
+          c->valid_after > current_valid_after) {
-        if (consensus_waiting_for_certs)
+        waiting = &consensus_waiting_for_certs[flav];
-          networkstatus_vote_free(consensus_waiting_for_certs);
+        if (waiting->consensus)
-        tor_free(consensus_waiting_for_certs_body);
+          networkstatus_vote_free(waiting->consensus);
-        consensus_waiting_for_certs = c;
+        tor_free(waiting->body);
        waiting->consensus = c;
        c = NULL; /* Prevent free. */
-        consensus_waiting_for_certs_body = tor_strdup(consensus);
+        waiting->body = tor_strdup(consensus);
-        consensus_waiting_for_certs_set_at = now;
+        waiting->set_at = now;
-        consensus_waiting_for_certs_dl_failed = 0;
+        waiting->dl_failed = 0;
        if (!from_cache) {
          write_str_to_file(unverified_fname, consensus, 0);
        }
@ -1536,56 +1622,65 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
    }
  }
-  if (!from_cache)
+  if (!from_cache && flav == USABLE_CONSENSUS_FLAVOR)
    control_event_client_status(LOG_NOTICE, "CONSENSUS_ARRIVED");
  /* Are we missing any certificates at all? */
  if (r != 1 && dl_certs)
    authority_certs_fetch_missing(c, now);
  if (flav == USABLE_CONSENSUS_FLAVOR) {
    notify_control_networkstatus_changed(current_consensus, c);
    if (current_consensus) {
      networkstatus_copy_old_consensus_info(c, current_consensus);
      networkstatus_vote_free(current_consensus);
    }
  }
-  if (consensus_waiting_for_certs &&
+  waiting = &consensus_waiting_for_certs[flav];
-      consensus_waiting_for_certs->valid_after <= c->valid_after) {
+  if (waiting->consensus &&
-    networkstatus_vote_free(consensus_waiting_for_certs);
+      waiting->consensus->valid_after <= c->valid_after) {
-    consensus_waiting_for_certs = NULL;
+    networkstatus_vote_free(waiting->consensus);
-    if (consensus != consensus_waiting_for_certs_body)
+    waiting->consensus = NULL;
-      tor_free(consensus_waiting_for_certs_body);
+    if (consensus != waiting->body)
      tor_free(waiting->body);
    else
-      consensus_waiting_for_certs_body = NULL;
+      waiting->body = NULL;
-    consensus_waiting_for_certs_set_at = 0;
+    waiting->set_at = 0;
-    consensus_waiting_for_certs_dl_failed = 0;
+    waiting->dl_failed = 0;
    unlink(unverified_fname);
  }
  /* Reset the failure count only if this consensus is actually valid. */
  if (c->valid_after <= now && now <= c->valid_until) {
-    download_status_reset(&consensus_dl_status);
+    download_status_reset(&consensus_dl_status[flav]);
  } else {
    if (!from_cache)
-      download_status_failed(&consensus_dl_status, 0);
+      download_status_failed(&consensus_dl_status[flav], 0);
  }
  if (directory_caches_dir_info(get_options())) {
    dirserv_set_cached_consensus_networkstatus(consensus,
                                               flavor,
                                               &c->digests,
                                               current_valid_after);
  }
  if (flav == USABLE_CONSENSUS_FLAVOR) {
    current_consensus = c;
    c = NULL; /* Prevent free. */
    /* XXXXNM Microdescs: needs a non-ns variant. */
    update_consensus_networkstatus_fetch_time(now);
    dirvote_recalculate_timing(get_options(), now);
    routerstatus_list_update_named_server_map();
  }
  if (!from_cache) {
    write_str_to_file(consensus_fname, consensus, 0);
  }
  if (directory_caches_dir_info(get_options()))
    dirserv_set_cached_networkstatus_v3(consensus,
                                        current_consensus->valid_after);
  if (ftime_definitely_before(now, current_consensus->valid_after)) {
    char tbuf[ISO_TIME_LEN+1];
    char dbuf[64];
@ -1616,13 +1711,17 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
 void
 networkstatus_note_certs_arrived(void)
 {
-  if (consensus_waiting_for_certs) {
+  int i;
-    if (networkstatus_check_consensus_signature(
+  for (i=0; i<N_CONSENSUS_FLAVORS; ++i) {
-                                    consensus_waiting_for_certs, 0)>=0) {
+    consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
    if (!waiting->consensus)
      continue;
    if (networkstatus_check_consensus_signature(waiting->consensus, 0)>=0) {
      if (!networkstatus_set_current_consensus(
-                                 consensus_waiting_for_certs_body,
+                                 waiting->body,
                                 networkstatus_get_flavor_name(i),
                                 NSSET_WAS_WAITING_FOR_CERTS)) {
-        tor_free(consensus_waiting_for_certs_body);
+        tor_free(waiting->body);
      }
    }
  }
@ -2046,6 +2145,7 @@ getinfo_helper_networkstatus(control_connection_t *conn,
 void
 networkstatus_free_all(void)
 {
  int i;
  if (networkstatus_v2_list) {
    SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
                      networkstatus_v2_free(ns));
@ -2060,11 +2160,14 @@ networkstatus_free_all(void)
    networkstatus_vote_free(current_consensus);
    current_consensus = NULL;
  }
-  if (consensus_waiting_for_certs) {
+  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
-    networkstatus_vote_free(consensus_waiting_for_certs);
+    consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
-    consensus_waiting_for_certs = NULL;
+    if (waiting->consensus) {
      networkstatus_vote_free(waiting->consensus);
      waiting->consensus = NULL;
    }
    tor_free(waiting->body);
  }
  tor_free(consensus_waiting_for_certs_body);
  if (named_server_map) {
    strmap_free(named_server_map, _tor_free);
  }
--- a/src/or/or.h
+++ b/src/or/or.h
@ -1282,6 +1282,7 @@ typedef struct cached_dir_t {
  size_t dir_len; /**< Length of <b>dir</b> (not counting its NUL). */
  size_t dir_z_len; /**< Length of <b>dir_z</b>. */
  time_t published; /**< When was this object published. */
  digests_t digests; /**< Digests of this object (networkstatus only) */
  int refcnt; /**< Reference count for this cached_dir_t. */
 } cached_dir_t;
@ -1692,6 +1693,9 @@ typedef enum {
  FLAV_MICRODESC = 1,
 } consensus_flavor_t;
 /** DOCDOC */
 #define USABLE_CONSENSUS_FLAVOR FLAV_NS
 /** DOCDOC */
 #define N_CONSENSUS_FLAVORS ((int)(FLAV_MICRODESC)+1)
@ -3758,13 +3762,15 @@ int directory_too_idle_to_fetch_descriptors(or_options_t *options, time_t now);
 void directory_set_dirty(void);
 cached_dir_t *dirserv_get_directory(void);
 cached_dir_t *dirserv_get_runningrouters(void);
-cached_dir_t *dirserv_get_consensus(void);
+cached_dir_t *dirserv_get_consensus(const char *flavor_name);
 void dirserv_set_cached_directory(const char *directory, time_t when,
                                  int is_running_routers);
 void dirserv_set_cached_networkstatus_v2(const char *directory,
                                         const char *identity,
                                         time_t published);
-void dirserv_set_cached_networkstatus_v3(const char *consensus,
+void dirserv_set_cached_consensus_networkstatus(const char *consensus,
                                                const char *flavor_name,
                                                const digests_t *digests,
                                                time_t published);
 void dirserv_clear_old_networkstatuses(time_t cutoff);
 void dirserv_clear_old_v1_info(time_t now);
@ -4194,7 +4200,10 @@ networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now);
 #define NSSET_WAS_WAITING_FOR_CERTS 2
 #define NSSET_DONT_DOWNLOAD_CERTS 4
 #define NSSET_ACCEPT_OBSOLETE 8
-int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
+#define NSSET_REQUIRE_FLAVOR 16
 int networkstatus_set_current_consensus(const char *consensus,
                                        const char *flavor,
                                        unsigned flags);
 void networkstatus_note_certs_arrived(void);
 void routers_update_all_from_networkstatus(time_t now, int dir_version);
 void routerstatus_list_update_from_consensus_networkstatus(time_t now);