Tor  0.4.8.0-alpha-dev
dirvote.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 #define DIRVOTE_PRIVATE
7 
8 #include "core/or/or.h"
9 #include "app/config/config.h"
11 #include "core/or/policies.h"
12 #include "core/or/protover.h"
13 #include "core/or/tor_version_st.h"
14 #include "core/or/versions.h"
15 #include "feature/dirauth/bwauth.h"
36 #include "feature/relay/router.h"
38 #include "feature/stats/rephist.h"
39 #include "feature/client/entrynodes.h" /* needed for guardfraction methods */
42 
47 
63 
64 #include "lib/container/order.h"
65 #include "lib/encoding/confline.h"
67 
68 /* Algorithm to use for the bandwidth file digest. */
69 #define DIGEST_ALG_BW_FILE DIGEST_SHA256
70 
71 /**
72  * \file dirvote.c
73  * \brief Functions to compute directory consensus, and schedule voting.
74  *
75  * This module is the center of the consensus-voting based directory
76  * authority system. With this system, a set of authorities first
77  * publish vote based on their opinions of the network, and then compute
78  * a consensus from those votes. Each authority signs the consensus,
79  * and clients trust the consensus if enough known authorities have
80  * signed it.
81  *
82  * The code in this module is only invoked on directory authorities. It's
83  * responsible for:
84  *
85  * <ul>
86  * <li>Generating this authority's vote networkstatus, based on the
87  * authority's view of the network as represented in dirserv.c
88  * <li>Formatting the vote networkstatus objects.
89  * <li>Generating the microdescriptors that correspond to our own
90  * vote.
91  * <li>Sending votes to all the other authorities.
92  * <li>Trying to fetch missing votes from other authorities.
93  * <li>Computing the consensus from a set of votes, as well as
94  * a "detached signature" object for other authorities to fetch.
95  * <li>Collecting other authorities' signatures on the same consensus,
96  * until there are enough.
97  * <li>Publishing the consensus to the reset of the directory system.
98  * <li>Scheduling all of the above operations.
99  * </ul>
100  *
101  * The main entry points are in dirvote_act(), which handles scheduled
102  * actions; and dirvote_add_vote() and dirvote_add_signatures(), which
103  * handle uploaded and downloaded votes and signatures.
104  *
105  * (See dir-spec.txt from torspec.git for a complete specification of
106  * the directory protocol and voting algorithms.)
107  **/
108 
109 /** A consensus that we have built and are appending signatures to. Once it's
110  * time to publish it, it will become an active consensus if it accumulates
111  * enough signatures. */
112 typedef struct pending_consensus_t {
113  /** The body of the consensus that we're currently building. Once we
114  * have it built, it goes into dirserv.c */
115  char *body;
116  /** The parsed in-progress consensus document. */
119 
120 /* DOCDOC dirvote_add_signatures_to_all_pending_consensuses */
122  const char *detached_signatures_body,
123  const char *source,
124  const char **msg_out);
128  const char *source,
129  int severity,
130  const char **msg_out);
131 static char *list_v3_auth_ids(void);
132 static void dirvote_fetch_missing_votes(void);
133 static void dirvote_fetch_missing_signatures(void);
134 static int dirvote_perform_vote(void);
135 static void dirvote_clear_votes(int all_votes);
136 static int dirvote_compute_consensuses(void);
137 static int dirvote_publish_consensus(void);
138 
139 /* =====
140  * Certificate functions
141  * ===== */
142 
143 /** Allocate and return a new authority_cert_t with the same contents as
144  * <b>cert</b>. */
147 {
148  authority_cert_t *out = tor_malloc(sizeof(authority_cert_t));
149  tor_assert(cert);
150 
151  memcpy(out, cert, sizeof(authority_cert_t));
152  /* Now copy pointed-to things. */
154  tor_strndup(cert->cache_info.signed_descriptor_body,
159 
160  return out;
161 }
162 
163 /* =====
164  * Voting
165  * =====*/
166 
167 /* If <b>opt_value</b> is non-NULL, return "keyword opt_value\n" in a new
168  * string. Otherwise return a new empty string. */
169 static char *
170 format_line_if_present(const char *keyword, const char *opt_value)
171 {
172  if (opt_value) {
173  char *result = NULL;
174  tor_asprintf(&result, "%s %s\n", keyword, opt_value);
175  return result;
176  } else {
177  return tor_strdup("");
178  }
179 }
180 
181 /** Format the recommended/required-relay-client protocols lines for a vote in
182  * a newly allocated string, and return that string. */
183 static char *
185 {
186  char *recommended_relay_protocols_line = NULL;
187  char *recommended_client_protocols_line = NULL;
188  char *required_relay_protocols_line = NULL;
189  char *required_client_protocols_line = NULL;
190 
191  recommended_relay_protocols_line =
192  format_line_if_present("recommended-relay-protocols",
194  recommended_client_protocols_line =
195  format_line_if_present("recommended-client-protocols",
196  v3_ns->recommended_client_protocols);
197  required_relay_protocols_line =
198  format_line_if_present("required-relay-protocols",
199  v3_ns->required_relay_protocols);
200  required_client_protocols_line =
201  format_line_if_present("required-client-protocols",
202  v3_ns->required_client_protocols);
203 
204  char *result = NULL;
205  tor_asprintf(&result, "%s%s%s%s",
206  recommended_relay_protocols_line,
207  recommended_client_protocols_line,
208  required_relay_protocols_line,
209  required_client_protocols_line);
210 
211  tor_free(recommended_relay_protocols_line);
212  tor_free(recommended_client_protocols_line);
213  tor_free(required_relay_protocols_line);
214  tor_free(required_client_protocols_line);
215 
216  return result;
217 }
218 
219 /** Return a new string containing the string representation of the vote in
220  * <b>v3_ns</b>, signed with our v3 signing key <b>private_signing_key</b>.
221  * For v3 authorities. */
222 STATIC char *
224  networkstatus_t *v3_ns)
225 {
226  smartlist_t *chunks = smartlist_new();
227  char fingerprint[FINGERPRINT_LEN+1];
228  char digest[DIGEST_LEN];
229  char *protocols_lines = NULL;
230  char *client_versions_line = NULL, *server_versions_line = NULL;
231  char *shared_random_vote_str = NULL;
233  char *status = NULL;
234 
235  tor_assert(private_signing_key);
236  tor_assert(v3_ns->type == NS_TYPE_VOTE || v3_ns->type == NS_TYPE_OPINION);
237 
238  voter = smartlist_get(v3_ns->voters, 0);
239 
240  base16_encode(fingerprint, sizeof(fingerprint),
242 
243  client_versions_line = format_line_if_present("client-versions",
244  v3_ns->client_versions);
245  server_versions_line = format_line_if_present("server-versions",
246  v3_ns->server_versions);
247  protocols_lines = format_protocols_lines_for_vote(v3_ns);
248 
249  /* Get shared random commitments/reveals line(s). */
250  shared_random_vote_str = sr_get_string_for_vote();
251 
252  {
253  char published[ISO_TIME_LEN+1];
254  char va[ISO_TIME_LEN+1];
255  char fu[ISO_TIME_LEN+1];
256  char vu[ISO_TIME_LEN+1];
257  char *flags = smartlist_join_strings(v3_ns->known_flags, " ", 0, NULL);
258  /* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/
259  char *flag_thresholds = dirserv_get_flag_thresholds_line();
260  char *params;
261  char *bw_headers_line = NULL;
262  char *bw_file_digest = NULL;
263  authority_cert_t *cert = v3_ns->cert;
264  char *methods =
267  format_iso_time(published, v3_ns->published);
268  format_iso_time(va, v3_ns->valid_after);
269  format_iso_time(fu, v3_ns->fresh_until);
270  format_iso_time(vu, v3_ns->valid_until);
271 
272  if (v3_ns->net_params)
273  params = smartlist_join_strings(v3_ns->net_params, " ", 0, NULL);
274  else
275  params = tor_strdup("");
276  tor_assert(cert);
277 
278  /* v3_ns->bw_file_headers is only set when V3BandwidthsFile is
279  * configured */
280  if (v3_ns->bw_file_headers) {
281  char *bw_file_headers = NULL;
282  /* If there are too many headers, leave the header string NULL */
283  if (! BUG(smartlist_len(v3_ns->bw_file_headers)
285  bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ",
286  0, NULL);
287  if (BUG(strlen(bw_file_headers) > MAX_BW_FILE_HEADERS_LINE_LEN)) {
288  /* Free and set to NULL, because the line was too long */
289  tor_free(bw_file_headers);
290  }
291  }
292  if (!bw_file_headers) {
293  /* If parsing failed, add a bandwidth header line with no entries */
294  bw_file_headers = tor_strdup("");
295  }
296  /* At this point, the line will always be present */
297  bw_headers_line = format_line_if_present("bandwidth-file-headers",
298  bw_file_headers);
299  tor_free(bw_file_headers);
300  }
301 
302  /* Create bandwidth-file-digest if applicable.
303  * v3_ns->b64_digest_bw_file will contain the digest when V3BandwidthsFile
304  * is configured and the bandwidth file could be read, even if it was not
305  * parseable.
306  */
307  if (!tor_digest256_is_zero((const char *)v3_ns->bw_file_digest256)) {
308  /* Encode the digest. */
309  char b64_digest_bw_file[BASE64_DIGEST256_LEN+1] = {0};
310  digest256_to_base64(b64_digest_bw_file,
311  (const char *)v3_ns->bw_file_digest256);
312  /* "bandwidth-file-digest" 1*(SP algorithm "=" digest) NL */
313  char *digest_algo_b64_digest_bw_file = NULL;
314  tor_asprintf(&digest_algo_b64_digest_bw_file, "%s=%s",
315  crypto_digest_algorithm_get_name(DIGEST_ALG_BW_FILE),
316  b64_digest_bw_file);
317  /* No need for tor_strdup(""), format_line_if_present does it. */
318  bw_file_digest = format_line_if_present(
319  "bandwidth-file-digest", digest_algo_b64_digest_bw_file);
320  tor_free(digest_algo_b64_digest_bw_file);
321  }
322 
323  const char *ip_str = fmt_addr(&voter->ipv4_addr);
324 
325  if (ip_str[0]) {
326  smartlist_add_asprintf(chunks,
327  "network-status-version 3\n"
328  "vote-status %s\n"
329  "consensus-methods %s\n"
330  "published %s\n"
331  "valid-after %s\n"
332  "fresh-until %s\n"
333  "valid-until %s\n"
334  "voting-delay %d %d\n"
335  "%s%s" /* versions */
336  "%s" /* protocols */
337  "known-flags %s\n"
338  "flag-thresholds %s\n"
339  "params %s\n"
340  "%s" /* bandwidth file headers */
341  "%s" /* bandwidth file digest */
342  "dir-source %s %s %s %s %d %d\n"
343  "contact %s\n"
344  "%s" /* shared randomness information */
345  ,
346  v3_ns->type == NS_TYPE_VOTE ? "vote" : "opinion",
347  methods,
348  published, va, fu, vu,
349  v3_ns->vote_seconds, v3_ns->dist_seconds,
350  client_versions_line,
351  server_versions_line,
352  protocols_lines,
353  flags,
354  flag_thresholds,
355  params,
356  bw_headers_line ? bw_headers_line : "",
357  bw_file_digest ? bw_file_digest: "",
358  voter->nickname, fingerprint, voter->address,
359  ip_str, voter->ipv4_dirport, voter->ipv4_orport,
360  voter->contact,
361  shared_random_vote_str ?
362  shared_random_vote_str : "");
363  }
364 
365  tor_free(params);
366  tor_free(flags);
367  tor_free(flag_thresholds);
368  tor_free(methods);
369  tor_free(shared_random_vote_str);
370  tor_free(bw_headers_line);
371  tor_free(bw_file_digest);
372 
373  if (ip_str[0] == '\0')
374  goto err;
375 
376  if (!tor_digest_is_zero(voter->legacy_id_digest)) {
377  char fpbuf[HEX_DIGEST_LEN+1];
378  base16_encode(fpbuf, sizeof(fpbuf), voter->legacy_id_digest, DIGEST_LEN);
379  smartlist_add_asprintf(chunks, "legacy-dir-key %s\n", fpbuf);
380  }
381 
382  smartlist_add(chunks, tor_strndup(cert->cache_info.signed_descriptor_body,
384  }
385 
387  vrs) {
388  char *rsf;
390  rsf = routerstatus_format_entry(&vrs->status,
391  vrs->version, vrs->protocols,
392  NS_V3_VOTE,
393  vrs,
394  -1);
395  if (rsf)
396  smartlist_add(chunks, rsf);
397 
398  for (h = vrs->microdesc; h; h = h->next) {
400  }
401  } SMARTLIST_FOREACH_END(vrs);
402 
403  smartlist_add_strdup(chunks, "directory-footer\n");
404 
405  /* The digest includes everything up through the space after
406  * directory-signature. (Yuck.) */
407  crypto_digest_smartlist(digest, DIGEST_LEN, chunks,
408  "directory-signature ", DIGEST_SHA1);
409 
410  {
411  char signing_key_fingerprint[FINGERPRINT_LEN+1];
412  if (crypto_pk_get_fingerprint(private_signing_key,
413  signing_key_fingerprint, 0)<0) {
414  log_warn(LD_BUG, "Unable to get fingerprint for signing key");
415  goto err;
416  }
417 
418  smartlist_add_asprintf(chunks, "directory-signature %s %s\n", fingerprint,
419  signing_key_fingerprint);
420  }
421 
422  {
423  char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
424  private_signing_key);
425  if (!sig) {
426  log_warn(LD_BUG, "Unable to sign networkstatus vote.");
427  goto err;
428  }
429  smartlist_add(chunks, sig);
430  }
431 
432  status = smartlist_join_strings(chunks, "", 0, NULL);
433 
434  {
435  networkstatus_t *v;
436  if (!(v = networkstatus_parse_vote_from_string(status, strlen(status),
437  NULL,
438  v3_ns->type))) {
439  log_err(LD_BUG,"Generated a networkstatus %s we couldn't parse: "
440  "<<%s>>",
441  v3_ns->type == NS_TYPE_VOTE ? "vote" : "opinion", status);
442  goto err;
443  }
444  networkstatus_vote_free(v);
445  }
446 
447  goto done;
448 
449  err:
450  tor_free(status);
451  done:
452  tor_free(client_versions_line);
453  tor_free(server_versions_line);
454  tor_free(protocols_lines);
455 
456  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
457  smartlist_free(chunks);
458  return status;
459 }
460 
461 /** Set *<b>timing_out</b> to the intervals at which we would like to vote.
462  * Note that these aren't the intervals we'll use to vote; they're the ones
463  * that we'll vote to use. */
464 static void
466 {
467  const or_options_t *options = get_options();
468 
469  tor_assert(timing_out);
470 
471  timing_out->vote_interval = options->V3AuthVotingInterval;
472  timing_out->n_intervals_valid = options->V3AuthNIntervalsValid;
473  timing_out->vote_delay = options->V3AuthVoteDelay;
474  timing_out->dist_delay = options->V3AuthDistDelay;
475 }
476 
477 /* =====
478  * Consensus generation
479  * ===== */
480 
481 /** If <b>vrs</b> has a hash made for the consensus method <b>method</b> with
482  * the digest algorithm <b>alg</b>, decode it and copy it into
483  * <b>digest256_out</b> and return 0. Otherwise return -1. */
484 static int
486  const vote_routerstatus_t *vrs,
487  int method,
488  digest_algorithm_t alg)
489 {
490  /* XXXX only returns the sha256 method. */
491  const vote_microdesc_hash_t *h;
492  char mstr[64];
493  size_t mlen;
494  char dstr[64];
495 
496  tor_snprintf(mstr, sizeof(mstr), "%d", method);
497  mlen = strlen(mstr);
498  tor_snprintf(dstr, sizeof(dstr), " %s=",
500 
501  for (h = vrs->microdesc; h; h = h->next) {
502  const char *cp = h->microdesc_hash_line;
503  size_t num_len;
504  /* cp looks like \d+(,\d+)* (digesttype=val )+ . Let's hunt for mstr in
505  * the first part. */
506  while (1) {
507  num_len = strspn(cp, "1234567890");
508  if (num_len == mlen && fast_memeq(mstr, cp, mlen)) {
509  /* This is the line. */
510  char buf[BASE64_DIGEST256_LEN+1];
511  /* XXXX ignores extraneous stuff if the digest is too long. This
512  * seems harmless enough, right? */
513  cp = strstr(cp, dstr);
514  if (!cp)
515  return -1;
516  cp += strlen(dstr);
517  strlcpy(buf, cp, sizeof(buf));
518  return digest256_from_base64(digest256_out, buf);
519  }
520  if (num_len == 0 || cp[num_len] != ',')
521  break;
522  cp += num_len + 1;
523  }
524  }
525  return -1;
526 }
527 
528 /** Given a vote <b>vote</b> (not a consensus!), return its associated
529  * networkstatus_voter_info_t. */
532 {
533  tor_assert(vote);
534  tor_assert(vote->type == NS_TYPE_VOTE);
535  tor_assert(vote->voters);
536  tor_assert(smartlist_len(vote->voters) == 1);
537  return smartlist_get(vote->voters, 0);
538 }
539 
540 /** Temporary structure used in constructing a list of dir-source entries
541  * for a consensus. One of these is generated for every vote, and one more
542  * for every legacy key in each vote. */
543 typedef struct dir_src_ent_t {
544  networkstatus_t *v;
545  const char *digest;
546  int is_legacy;
547 } dir_src_ent_t;
548 
549 /** Helper for sorting networkstatus_t votes (not consensuses) by the
550  * hash of their voters' identity digests. */
551 static int
552 compare_votes_by_authority_id_(const void **_a, const void **_b)
553 {
554  const networkstatus_t *a = *_a, *b = *_b;
555  return fast_memcmp(get_voter(a)->identity_digest,
556  get_voter(b)->identity_digest, DIGEST_LEN);
557 }
558 
559 /** Helper: Compare the dir_src_ent_ts in *<b>_a</b> and *<b>_b</b> by
560  * their identity digests, and return -1, 0, or 1 depending on their
561  * ordering */
562 static int
563 compare_dir_src_ents_by_authority_id_(const void **_a, const void **_b)
564 {
565  const dir_src_ent_t *a = *_a, *b = *_b;
566  const networkstatus_voter_info_t *a_v = get_voter(a->v),
567  *b_v = get_voter(b->v);
568  const char *a_id, *b_id;
569  a_id = a->is_legacy ? a_v->legacy_id_digest : a_v->identity_digest;
570  b_id = b->is_legacy ? b_v->legacy_id_digest : b_v->identity_digest;
571 
572  return fast_memcmp(a_id, b_id, DIGEST_LEN);
573 }
574 
575 /** Given a sorted list of strings <b>in</b>, add every member to <b>out</b>
576  * that occurs more than <b>min</b> times. */
577 static void
579 {
580  char *cur = NULL;
581  int count = 0;
582  SMARTLIST_FOREACH_BEGIN(in, char *, cp) {
583  if (cur && !strcmp(cp, cur)) {
584  ++count;
585  } else {
586  if (count > min)
587  smartlist_add(out, cur);
588  cur = cp;
589  count = 1;
590  }
591  } SMARTLIST_FOREACH_END(cp);
592  if (count > min)
593  smartlist_add(out, cur);
594 }
595 
596 /** Given a sorted list of strings <b>lst</b>, return the member that appears
597  * most. Break ties in favor of later-occurring members. */
598 #define get_most_frequent_member(lst) \
599  smartlist_get_most_frequent_string(lst)
600 
601 /** Return 0 if and only if <b>a</b> and <b>b</b> are routerstatuses
602  * that come from the same routerinfo, with the same derived elements.
603  */
604 static int
606 {
607  int r;
608  tor_assert(a);
609  tor_assert(b);
610 
612  DIGEST_LEN)))
613  return r;
616  DIGEST_LEN)))
617  return r;
618  /* If we actually reached this point, then the identities and
619  * the descriptor digests matched, so somebody is making SHA1 collisions.
620  */
621 #define CMP_FIELD(utype, itype, field) do { \
622  utype aval = (utype) (itype) a->field; \
623  utype bval = (utype) (itype) b->field; \
624  utype u = bval - aval; \
625  itype r2 = (itype) u; \
626  if (r2 < 0) { \
627  return -1; \
628  } else if (r2 > 0) { \
629  return 1; \
630  } \
631  } while (0)
632 
633  CMP_FIELD(uint64_t, int64_t, published_on);
634 
635  if ((r = strcmp(b->status.nickname, a->status.nickname)))
636  return r;
637 
638  if ((r = tor_addr_compare(&a->status.ipv4_addr, &b->status.ipv4_addr,
639  CMP_EXACT))) {
640  return r;
641  }
642  CMP_FIELD(unsigned, int, status.ipv4_orport);
643  CMP_FIELD(unsigned, int, status.ipv4_dirport);
644 
645  return 0;
646 }
647 
648 /** Helper for sorting routerlists based on compare_vote_rs. */
649 static int
650 compare_vote_rs_(const void **_a, const void **_b)
651 {
652  const vote_routerstatus_t *a = *_a, *b = *_b;
653  return compare_vote_rs(a,b);
654 }
655 
656 /** Helper for sorting OR ports. */
657 static int
658 compare_orports_(const void **_a, const void **_b)
659 {
660  const tor_addr_port_t *a = *_a, *b = *_b;
661  int r;
662 
663  if ((r = tor_addr_compare(&a->addr, &b->addr, CMP_EXACT)))
664  return r;
665  if ((r = (((int) b->port) - ((int) a->port))))
666  return r;
667 
668  return 0;
669 }
670 
671 /** Given a list of vote_routerstatus_t, all for the same router identity,
672  * return whichever is most frequent, breaking ties in favor of more
673  * recently published vote_routerstatus_t and in case of ties there,
674  * in favor of smaller descriptor digest.
675  */
676 static vote_routerstatus_t *
677 compute_routerstatus_consensus(smartlist_t *votes, int consensus_method,
678  char *microdesc_digest256_out,
679  tor_addr_port_t *best_alt_orport_out)
680 {
681  vote_routerstatus_t *most = NULL, *cur = NULL;
682  int most_n = 0, cur_n = 0;
683  time_t most_published = 0;
684 
685  /* compare_vote_rs_() sorts the items by identity digest (all the same),
686  * then by SD digest. That way, if we have a tie that the published_on
687  * date cannot break, we use the descriptor with the smaller digest.
688  */
691  if (cur && !compare_vote_rs(cur, rs)) {
692  ++cur_n;
693  } else {
694  if (cur && (cur_n > most_n ||
695  (cur_n == most_n &&
696  cur->published_on > most_published))) {
697  most = cur;
698  most_n = cur_n;
699  most_published = cur->published_on;
700  }
701  cur_n = 1;
702  cur = rs;
703  }
704  } SMARTLIST_FOREACH_END(rs);
705 
706  if (cur_n > most_n ||
707  (cur && cur_n == most_n && cur->published_on > most_published)) {
708  most = cur;
709  // most_n = cur_n; // unused after this point.
710  // most_published = cur->status.published_on; // unused after this point.
711  }
712 
713  tor_assert(most);
714 
715  /* Vote on potential alternative (sets of) OR port(s) in the winning
716  * routerstatuses.
717  *
718  * XXX prop186 There's at most one alternative OR port (_the_ IPv6
719  * port) for now. */
720  if (best_alt_orport_out) {
721  smartlist_t *alt_orports = smartlist_new();
722  const tor_addr_port_t *most_alt_orport = NULL;
723 
725  tor_assert(rs);
726  if (compare_vote_rs(most, rs) == 0 &&
727  !tor_addr_is_null(&rs->status.ipv6_addr)
728  && rs->status.ipv6_orport) {
729  smartlist_add(alt_orports, tor_addr_port_new(&rs->status.ipv6_addr,
730  rs->status.ipv6_orport));
731  }
732  } SMARTLIST_FOREACH_END(rs);
733 
734  smartlist_sort(alt_orports, compare_orports_);
735  most_alt_orport = smartlist_get_most_frequent(alt_orports,
737  if (most_alt_orport) {
738  memcpy(best_alt_orport_out, most_alt_orport, sizeof(tor_addr_port_t));
739  log_debug(LD_DIR, "\"a\" line winner for %s is %s",
740  most->status.nickname,
741  fmt_addrport(&most_alt_orport->addr, most_alt_orport->port));
742  }
743 
744  SMARTLIST_FOREACH(alt_orports, tor_addr_port_t *, ap, tor_free(ap));
745  smartlist_free(alt_orports);
746  }
747 
748  if (microdesc_digest256_out) {
749  smartlist_t *digests = smartlist_new();
750  const uint8_t *best_microdesc_digest;
752  char d[DIGEST256_LEN];
753  if (compare_vote_rs(rs, most))
754  continue;
755  if (!vote_routerstatus_find_microdesc_hash(d, rs, consensus_method,
756  DIGEST_SHA256))
757  smartlist_add(digests, tor_memdup(d, sizeof(d)));
758  } SMARTLIST_FOREACH_END(rs);
759  smartlist_sort_digests256(digests);
760  best_microdesc_digest = smartlist_get_most_frequent_digest256(digests);
761  if (best_microdesc_digest)
762  memcpy(microdesc_digest256_out, best_microdesc_digest, DIGEST256_LEN);
763  SMARTLIST_FOREACH(digests, char *, cp, tor_free(cp));
764  smartlist_free(digests);
765  }
766 
767  return most;
768 }
769 
770 /** Sorting helper: compare two strings based on their values as base-ten
771  * positive integers. (Non-integers are treated as prior to all integers, and
772  * compared lexically.) */
773 static int
774 cmp_int_strings_(const void **_a, const void **_b)
775 {
776  const char *a = *_a, *b = *_b;
777  int ai = (int)tor_parse_long(a, 10, 1, INT_MAX, NULL, NULL);
778  int bi = (int)tor_parse_long(b, 10, 1, INT_MAX, NULL, NULL);
779  if (ai<bi) {
780  return -1;
781  } else if (ai==bi) {
782  if (ai == 0) /* Parsing failed. */
783  return strcmp(a, b);
784  return 0;
785  } else {
786  return 1;
787  }
788 }
789 
790 /** Given a list of networkstatus_t votes, determine and return the number of
791  * the highest consensus method that is supported by 2/3 of the voters. */
792 static int
794 {
795  smartlist_t *all_methods = smartlist_new();
796  smartlist_t *acceptable_methods = smartlist_new();
797  smartlist_t *tmp = smartlist_new();
798  int min = (smartlist_len(votes) * 2) / 3;
799  int n_ok;
800  int result;
801  SMARTLIST_FOREACH(votes, networkstatus_t *, vote,
802  {
803  tor_assert(vote->supported_methods);
804  smartlist_add_all(tmp, vote->supported_methods);
806  smartlist_uniq(tmp, cmp_int_strings_, NULL);
807  smartlist_add_all(all_methods, tmp);
808  smartlist_clear(tmp);
809  });
810 
811  smartlist_sort(all_methods, cmp_int_strings_);
812  get_frequent_members(acceptable_methods, all_methods, min);
813  n_ok = smartlist_len(acceptable_methods);
814  if (n_ok) {
815  const char *best = smartlist_get(acceptable_methods, n_ok-1);
816  result = (int)tor_parse_long(best, 10, 1, INT_MAX, NULL, NULL);
817  } else {
818  result = 1;
819  }
820  smartlist_free(tmp);
821  smartlist_free(all_methods);
822  smartlist_free(acceptable_methods);
823  return result;
824 }
825 
826 /** Return true iff <b>method</b> is a consensus method that we support. */
827 static int
829 {
830  return (method >= MIN_SUPPORTED_CONSENSUS_METHOD) &&
831  (method <= MAX_SUPPORTED_CONSENSUS_METHOD);
832 }
833 
834 /** Return a newly allocated string holding the numbers between low and high
835  * (inclusive) that are supported consensus methods. */
836 STATIC char *
837 make_consensus_method_list(int low, int high, const char *separator)
838 {
839  char *list;
840 
841  int i;
842  smartlist_t *lst;
843  lst = smartlist_new();
844  for (i = low; i <= high; ++i) {
846  continue;
847  smartlist_add_asprintf(lst, "%d", i);
848  }
849  list = smartlist_join_strings(lst, separator, 0, NULL);
850  tor_assert(list);
851  SMARTLIST_FOREACH(lst, char *, cp, tor_free(cp));
852  smartlist_free(lst);
853  return list;
854 }
855 
856 /** Helper: given <b>lst</b>, a list of version strings such that every
857  * version appears once for every versioning voter who recommends it, return a
858  * newly allocated string holding the resulting client-versions or
859  * server-versions list. May change contents of <b>lst</b> */
860 static char *
862 {
863  int min = n_versioning / 2;
864  smartlist_t *good = smartlist_new();
865  char *result;
866  SMARTLIST_FOREACH_BEGIN(lst, const char *, v) {
867  if (strchr(v, ' ')) {
868  log_warn(LD_DIR, "At least one authority has voted for a version %s "
869  "that contains a space. This probably wasn't intentional, and "
870  "is likely to cause trouble. Please tell them to stop it.",
871  escaped(v));
872  }
873  } SMARTLIST_FOREACH_END(v);
874  sort_version_list(lst, 0);
875  get_frequent_members(good, lst, min);
876  result = smartlist_join_strings(good, ",", 0, NULL);
877  smartlist_free(good);
878  return result;
879 }
880 
881 /** Given a list of K=V values, return the int32_t value corresponding to
882  * KEYWORD=, or default_val if no such value exists, or if the value is
883  * corrupt.
884  */
885 STATIC int32_t
887  const char *keyword,
888  int32_t default_val)
889 {
890  unsigned int n_found = 0;
891  int32_t value = default_val;
892 
893  SMARTLIST_FOREACH_BEGIN(param_list, const char *, k_v_pair) {
894  if (!strcmpstart(k_v_pair, keyword) && k_v_pair[strlen(keyword)] == '=') {
895  const char *integer_str = &k_v_pair[strlen(keyword)+1];
896  int ok;
897  value = (int32_t)
898  tor_parse_long(integer_str, 10, INT32_MIN, INT32_MAX, &ok, NULL);
899  if (BUG(!ok))
900  return default_val;
901  ++n_found;
902  }
903  } SMARTLIST_FOREACH_END(k_v_pair);
904 
905  if (n_found == 1) {
906  return value;
907  } else {
908  tor_assert_nonfatal(n_found == 0);
909  return default_val;
910  }
911 }
912 
913 /** Minimum number of directory authorities voting for a parameter to
914  * include it in the consensus, if consensus method 12 or later is to be
915  * used. See proposal 178 for details. */
916 #define MIN_VOTES_FOR_PARAM 3
917 
918 /** Helper: given a list of valid networkstatus_t, return a new smartlist
919  * containing the contents of the consensus network parameter set.
920  */
922 dirvote_compute_params(smartlist_t *votes, int method, int total_authorities)
923 {
924  int i;
925  int32_t *vals;
926 
927  int cur_param_len;
928  const char *cur_param;
929  const char *eq;
930 
931  const int n_votes = smartlist_len(votes);
932  smartlist_t *output;
933  smartlist_t *param_list = smartlist_new();
934  (void) method;
935 
936  /* We require that the parameter lists in the votes are well-formed: that
937  is, that their keywords are unique and sorted, and that their values are
938  between INT32_MIN and INT32_MAX inclusive. This should be guaranteed by
939  the parsing code. */
940 
941  vals = tor_calloc(n_votes, sizeof(int));
942 
944  if (!v->net_params)
945  continue;
946  smartlist_add_all(param_list, v->net_params);
947  } SMARTLIST_FOREACH_END(v);
948 
949  if (smartlist_len(param_list) == 0) {
950  tor_free(vals);
951  return param_list;
952  }
953 
954  smartlist_sort_strings(param_list);
955  i = 0;
956  cur_param = smartlist_get(param_list, 0);
957  eq = strchr(cur_param, '=');
958  tor_assert(eq);
959  cur_param_len = (int)(eq+1 - cur_param);
960 
961  output = smartlist_new();
962 
963  SMARTLIST_FOREACH_BEGIN(param_list, const char *, param) {
964  /* resolve spurious clang shallow analysis null pointer errors */
965  tor_assert(param);
966 
967  const char *next_param;
968  int ok=0;
969  eq = strchr(param, '=');
970  tor_assert(i<n_votes); /* Make sure we prevented vote-stuffing. */
971  vals[i++] = (int32_t)
972  tor_parse_long(eq+1, 10, INT32_MIN, INT32_MAX, &ok, NULL);
973  tor_assert(ok); /* Already checked these when parsing. */
974 
975  if (param_sl_idx+1 == smartlist_len(param_list))
976  next_param = NULL;
977  else
978  next_param = smartlist_get(param_list, param_sl_idx+1);
979 
980  if (!next_param || strncmp(next_param, param, cur_param_len)) {
981  /* We've reached the end of a series. */
982  /* Make sure enough authorities voted on this param, unless the
983  * the consensus method we use is too old for that. */
984  if (i > total_authorities/2 ||
985  i >= MIN_VOTES_FOR_PARAM) {
986  int32_t median = median_int32(vals, i);
987  char *out_string = tor_malloc(64+cur_param_len);
988  memcpy(out_string, param, cur_param_len);
989  tor_snprintf(out_string+cur_param_len,64, "%ld", (long)median);
990  smartlist_add(output, out_string);
991  }
992 
993  i = 0;
994  if (next_param) {
995  eq = strchr(next_param, '=');
996  cur_param_len = (int)(eq+1 - next_param);
997  }
998  }
999  } SMARTLIST_FOREACH_END(param);
1000 
1001  smartlist_free(param_list);
1002  tor_free(vals);
1003  return output;
1004 }
1005 
1006 #define RANGE_CHECK(a,b,c,d,e,f,g,mx) \
1007  ((a) >= 0 && (a) <= (mx) && (b) >= 0 && (b) <= (mx) && \
1008  (c) >= 0 && (c) <= (mx) && (d) >= 0 && (d) <= (mx) && \
1009  (e) >= 0 && (e) <= (mx) && (f) >= 0 && (f) <= (mx) && \
1010  (g) >= 0 && (g) <= (mx))
1011 
1012 #define CHECK_EQ(a, b, margin) \
1013  ((a)-(b) >= 0 ? (a)-(b) <= (margin) : (b)-(a) <= (margin))
1014 
1015 typedef enum {
1016  BW_WEIGHTS_NO_ERROR = 0,
1017  BW_WEIGHTS_RANGE_ERROR = 1,
1018  BW_WEIGHTS_SUMG_ERROR = 2,
1019  BW_WEIGHTS_SUME_ERROR = 3,
1020  BW_WEIGHTS_SUMD_ERROR = 4,
1021  BW_WEIGHTS_BALANCE_MID_ERROR = 5,
1022  BW_WEIGHTS_BALANCE_EG_ERROR = 6
1023 } bw_weights_error_t;
1024 
1025 /**
1026  * Verify that any weightings satisfy the balanced formulas.
1027  */
1028 static bw_weights_error_t
1029 networkstatus_check_weights(int64_t Wgg, int64_t Wgd, int64_t Wmg,
1030  int64_t Wme, int64_t Wmd, int64_t Wee,
1031  int64_t Wed, int64_t scale, int64_t G,
1032  int64_t M, int64_t E, int64_t D, int64_t T,
1033  int64_t margin, int do_balance) {
1034  bw_weights_error_t berr = BW_WEIGHTS_NO_ERROR;
1035 
1036  // Wed + Wmd + Wgd == 1
1037  if (!CHECK_EQ(Wed + Wmd + Wgd, scale, margin)) {
1038  berr = BW_WEIGHTS_SUMD_ERROR;
1039  goto out;
1040  }
1041 
1042  // Wmg + Wgg == 1
1043  if (!CHECK_EQ(Wmg + Wgg, scale, margin)) {
1044  berr = BW_WEIGHTS_SUMG_ERROR;
1045  goto out;
1046  }
1047 
1048  // Wme + Wee == 1
1049  if (!CHECK_EQ(Wme + Wee, scale, margin)) {
1050  berr = BW_WEIGHTS_SUME_ERROR;
1051  goto out;
1052  }
1053 
1054  // Verify weights within range 0->1
1055  if (!RANGE_CHECK(Wgg, Wgd, Wmg, Wme, Wmd, Wed, Wee, scale)) {
1056  berr = BW_WEIGHTS_RANGE_ERROR;
1057  goto out;
1058  }
1059 
1060  if (do_balance) {
1061  // Wgg*G + Wgd*D == Wee*E + Wed*D, already scaled
1062  if (!CHECK_EQ(Wgg*G + Wgd*D, Wee*E + Wed*D, (margin*T)/3)) {
1063  berr = BW_WEIGHTS_BALANCE_EG_ERROR;
1064  goto out;
1065  }
1066 
1067  // Wgg*G + Wgd*D == M*scale + Wmd*D + Wme*E + Wmg*G, already scaled
1068  if (!CHECK_EQ(Wgg*G + Wgd*D, M*scale + Wmd*D + Wme*E + Wmg*G,
1069  (margin*T)/3)) {
1070  berr = BW_WEIGHTS_BALANCE_MID_ERROR;
1071  goto out;
1072  }
1073  }
1074 
1075  out:
1076  if (berr) {
1077  log_info(LD_DIR,
1078  "Bw weight mismatch %d. G=%"PRId64" M=%"PRId64
1079  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1080  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1081  " Wgd=%d Wgg=%d Wme=%d Wmg=%d",
1082  berr,
1083  (G), (M), (E),
1084  (D), (T),
1085  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1086  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg);
1087  }
1088 
1089  return berr;
1090 }
1091 
1092 /**
1093  * This function computes the bandwidth weights for consensus method 10.
1094  *
1095  * It returns true if weights could be computed, false otherwise.
1096  */
1097 int
1099  int64_t M, int64_t E, int64_t D,
1100  int64_t T, int64_t weight_scale)
1101 {
1102  bw_weights_error_t berr = 0;
1103  int64_t Wgg = -1, Wgd = -1;
1104  int64_t Wmg = -1, Wme = -1, Wmd = -1;
1105  int64_t Wed = -1, Wee = -1;
1106  const char *casename;
1107 
1108  if (G <= 0 || M <= 0 || E <= 0 || D <= 0) {
1109  log_warn(LD_DIR, "Consensus with empty bandwidth: "
1110  "G=%"PRId64" M=%"PRId64" E=%"PRId64
1111  " D=%"PRId64" T=%"PRId64,
1112  (G), (M), (E),
1113  (D), (T));
1114  return 0;
1115  }
1116 
1117  /*
1118  * Computed from cases in 3.8.3 of dir-spec.txt
1119  *
1120  * 1. Neither are scarce
1121  * 2. Both Guard and Exit are scarce
1122  * a. R+D <= S
1123  * b. R+D > S
1124  * 3. One of Guard or Exit is scarce
1125  * a. S+D < T/3
1126  * b. S+D >= T/3
1127  */
1128  if (3*E >= T && 3*G >= T) { // E >= T/3 && G >= T/3
1129  /* Case 1: Neither are scarce. */
1130  casename = "Case 1 (Wgd=Wmd=Wed)";
1131  Wgd = weight_scale/3;
1132  Wed = weight_scale/3;
1133  Wmd = weight_scale/3;
1134  Wee = (weight_scale*(E+G+M))/(3*E);
1135  Wme = weight_scale - Wee;
1136  Wmg = (weight_scale*(2*G-E-M))/(3*G);
1137  Wgg = weight_scale - Wmg;
1138 
1139  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee, Wed,
1140  weight_scale, G, M, E, D, T, 10, 1);
1141 
1142  if (berr) {
1143  log_warn(LD_DIR,
1144  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1145  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1146  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1147  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1148  berr, casename,
1149  (G), (M), (E),
1150  (D), (T),
1151  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1152  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1153  return 0;
1154  }
1155  } else if (3*E < T && 3*G < T) { // E < T/3 && G < T/3
1156  int64_t R = MIN(E, G);
1157  int64_t S = MAX(E, G);
1158  /*
1159  * Case 2: Both Guards and Exits are scarce
1160  * Balance D between E and G, depending upon
1161  * D capacity and scarcity.
1162  */
1163  if (R+D < S) { // Subcase a
1164  Wgg = weight_scale;
1165  Wee = weight_scale;
1166  Wmg = 0;
1167  Wme = 0;
1168  Wmd = 0;
1169  if (E < G) {
1170  casename = "Case 2a (E scarce)";
1171  Wed = weight_scale;
1172  Wgd = 0;
1173  } else { /* E >= G */
1174  casename = "Case 2a (G scarce)";
1175  Wed = 0;
1176  Wgd = weight_scale;
1177  }
1178  } else { // Subcase b: R+D >= S
1179  casename = "Case 2b1 (Wgg=weight_scale, Wmd=Wgd)";
1180  Wee = (weight_scale*(E - G + M))/E;
1181  Wed = (weight_scale*(D - 2*E + 4*G - 2*M))/(3*D);
1182  Wme = (weight_scale*(G-M))/E;
1183  Wmg = 0;
1184  Wgg = weight_scale;
1185  Wmd = (weight_scale - Wed)/2;
1186  Wgd = (weight_scale - Wed)/2;
1187 
1188  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee, Wed,
1189  weight_scale, G, M, E, D, T, 10, 1);
1190 
1191  if (berr) {
1192  casename = "Case 2b2 (Wgg=weight_scale, Wee=weight_scale)";
1193  Wgg = weight_scale;
1194  Wee = weight_scale;
1195  Wed = (weight_scale*(D - 2*E + G + M))/(3*D);
1196  Wmd = (weight_scale*(D - 2*M + G + E))/(3*D);
1197  Wme = 0;
1198  Wmg = 0;
1199 
1200  if (Wmd < 0) { // Can happen if M > T/3
1201  casename = "Case 2b3 (Wmd=0)";
1202  Wmd = 0;
1203  log_warn(LD_DIR,
1204  "Too much Middle bandwidth on the network to calculate "
1205  "balanced bandwidth-weights. Consider increasing the "
1206  "number of Guard nodes by lowering the requirements.");
1207  }
1208  Wgd = weight_scale - Wed - Wmd;
1209  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1210  Wed, weight_scale, G, M, E, D, T, 10, 1);
1211  }
1212  if (berr != BW_WEIGHTS_NO_ERROR &&
1213  berr != BW_WEIGHTS_BALANCE_MID_ERROR) {
1214  log_warn(LD_DIR,
1215  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1216  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1217  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1218  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1219  berr, casename,
1220  (G), (M), (E),
1221  (D), (T),
1222  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1223  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1224  return 0;
1225  }
1226  }
1227  } else { // if (E < T/3 || G < T/3) {
1228  int64_t S = MIN(E, G);
1229  // Case 3: Exactly one of Guard or Exit is scarce
1230  if (!(3*E < T || 3*G < T) || !(3*G >= T || 3*E >= T)) {
1231  log_warn(LD_BUG,
1232  "Bw-Weights Case 3 v10 but with G=%"PRId64" M="
1233  "%"PRId64" E=%"PRId64" D=%"PRId64" T=%"PRId64,
1234  (G), (M), (E),
1235  (D), (T));
1236  }
1237 
1238  if (3*(S+D) < T) { // Subcase a: S+D < T/3
1239  if (G < E) {
1240  casename = "Case 3a (G scarce)";
1241  Wgg = Wgd = weight_scale;
1242  Wmd = Wed = Wmg = 0;
1243  // Minor subcase, if E is more scarce than M,
1244  // keep its bandwidth in place.
1245  if (E < M) Wme = 0;
1246  else Wme = (weight_scale*(E-M))/(2*E);
1247  Wee = weight_scale-Wme;
1248  } else { // G >= E
1249  casename = "Case 3a (E scarce)";
1250  Wee = Wed = weight_scale;
1251  Wmd = Wgd = Wme = 0;
1252  // Minor subcase, if G is more scarce than M,
1253  // keep its bandwidth in place.
1254  if (G < M) Wmg = 0;
1255  else Wmg = (weight_scale*(G-M))/(2*G);
1256  Wgg = weight_scale-Wmg;
1257  }
1258  } else { // Subcase b: S+D >= T/3
1259  // D != 0 because S+D >= T/3
1260  if (G < E) {
1261  casename = "Case 3bg (G scarce, Wgg=weight_scale, Wmd == Wed)";
1262  Wgg = weight_scale;
1263  Wgd = (weight_scale*(D - 2*G + E + M))/(3*D);
1264  Wmg = 0;
1265  Wee = (weight_scale*(E+M))/(2*E);
1266  Wme = weight_scale - Wee;
1267  Wmd = (weight_scale - Wgd)/2;
1268  Wed = (weight_scale - Wgd)/2;
1269 
1270  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1271  Wed, weight_scale, G, M, E, D, T, 10, 1);
1272  } else { // G >= E
1273  casename = "Case 3be (E scarce, Wee=weight_scale, Wmd == Wgd)";
1274  Wee = weight_scale;
1275  Wed = (weight_scale*(D - 2*E + G + M))/(3*D);
1276  Wme = 0;
1277  Wgg = (weight_scale*(G+M))/(2*G);
1278  Wmg = weight_scale - Wgg;
1279  Wmd = (weight_scale - Wed)/2;
1280  Wgd = (weight_scale - Wed)/2;
1281 
1282  berr = networkstatus_check_weights(Wgg, Wgd, Wmg, Wme, Wmd, Wee,
1283  Wed, weight_scale, G, M, E, D, T, 10, 1);
1284  }
1285  if (berr) {
1286  log_warn(LD_DIR,
1287  "Bw Weights error %d for %s v10. G=%"PRId64" M=%"PRId64
1288  " E=%"PRId64" D=%"PRId64" T=%"PRId64
1289  " Wmd=%d Wme=%d Wmg=%d Wed=%d Wee=%d"
1290  " Wgd=%d Wgg=%d Wme=%d Wmg=%d weight_scale=%d",
1291  berr, casename,
1292  (G), (M), (E),
1293  (D), (T),
1294  (int)Wmd, (int)Wme, (int)Wmg, (int)Wed, (int)Wee,
1295  (int)Wgd, (int)Wgg, (int)Wme, (int)Wmg, (int)weight_scale);
1296  return 0;
1297  }
1298  }
1299  }
1300 
1301  /* We cast down the weights to 32 bit ints on the assumption that
1302  * weight_scale is ~= 10000. We need to ensure a rogue authority
1303  * doesn't break this assumption to rig our weights */
1304  tor_assert(0 < weight_scale && weight_scale <= INT32_MAX);
1305 
1306  /*
1307  * Provide Wgm=Wgg, Wmm=weight_scale, Wem=Wee, Weg=Wed. May later determine
1308  * that middle nodes need different bandwidth weights for dirport traffic,
1309  * or that weird exit policies need special weight, or that bridges
1310  * need special weight.
1311  *
1312  * NOTE: This list is sorted.
1313  */
1314  smartlist_add_asprintf(chunks,
1315  "bandwidth-weights Wbd=%d Wbe=%d Wbg=%d Wbm=%d "
1316  "Wdb=%d "
1317  "Web=%d Wed=%d Wee=%d Weg=%d Wem=%d "
1318  "Wgb=%d Wgd=%d Wgg=%d Wgm=%d "
1319  "Wmb=%d Wmd=%d Wme=%d Wmg=%d Wmm=%d\n",
1320  (int)Wmd, (int)Wme, (int)Wmg, (int)weight_scale,
1321  (int)weight_scale,
1322  (int)weight_scale, (int)Wed, (int)Wee, (int)Wed, (int)Wee,
1323  (int)weight_scale, (int)Wgd, (int)Wgg, (int)Wgg,
1324  (int)weight_scale, (int)Wmd, (int)Wme, (int)Wmg, (int)weight_scale);
1325 
1326  log_notice(LD_CIRC, "Computed bandwidth weights for %s with v10: "
1327  "G=%"PRId64" M=%"PRId64" E=%"PRId64" D=%"PRId64
1328  " T=%"PRId64,
1329  casename,
1330  (G), (M), (E),
1331  (D), (T));
1332  return 1;
1333 }
1334 
1335 /** Update total bandwidth weights (G/M/E/D/T) with the bandwidth of
1336  * the router in <b>rs</b>. */
1337 static void
1339  int is_exit, int is_guard,
1340  int64_t *G, int64_t *M, int64_t *E, int64_t *D,
1341  int64_t *T)
1342 {
1343  int default_bandwidth = rs->bandwidth_kb;
1344  int guardfraction_bandwidth = 0;
1345 
1346  if (!rs->has_bandwidth) {
1347  log_info(LD_BUG, "Missing consensus bandwidth for router %s",
1348  rs->nickname);
1349  return;
1350  }
1351 
1352  /* If this routerstatus represents a guard that we have
1353  * guardfraction information on, use it to calculate its actual
1354  * bandwidth. From proposal236:
1355  *
1356  * Similarly, when calculating the bandwidth-weights line as in
1357  * section 3.8.3 of dir-spec.txt, directory authorities should treat N
1358  * as if fraction F of its bandwidth has the guard flag and (1-F) does
1359  * not. So when computing the totals G,M,E,D, each relay N with guard
1360  * visibility fraction F and bandwidth B should be added as follows:
1361  *
1362  * G' = G + F*B, if N does not have the exit flag
1363  * M' = M + (1-F)*B, if N does not have the exit flag
1364  *
1365  * or
1366  *
1367  * D' = D + F*B, if N has the exit flag
1368  * E' = E + (1-F)*B, if N has the exit flag
1369  *
1370  * In this block of code, we prepare the bandwidth values by setting
1371  * the default_bandwidth to F*B and guardfraction_bandwidth to (1-F)*B.
1372  */
1373  if (rs->has_guardfraction) {
1374  guardfraction_bandwidth_t guardfraction_bw;
1375 
1376  tor_assert(is_guard);
1377 
1378  guard_get_guardfraction_bandwidth(&guardfraction_bw,
1379  rs->bandwidth_kb,
1381 
1382  default_bandwidth = guardfraction_bw.guard_bw;
1383  guardfraction_bandwidth = guardfraction_bw.non_guard_bw;
1384  }
1385 
1386  /* Now calculate the total bandwidth weights with or without
1387  * guardfraction. Depending on the flags of the relay, add its
1388  * bandwidth to the appropriate weight pool. If it's a guard and
1389  * guardfraction is enabled, add its bandwidth to both pools as
1390  * indicated by the previous comment.
1391  */
1392  *T += default_bandwidth;
1393  if (is_exit && is_guard) {
1394 
1395  *D += default_bandwidth;
1396  if (rs->has_guardfraction) {
1397  *E += guardfraction_bandwidth;
1398  }
1399 
1400  } else if (is_exit) {
1401 
1402  *E += default_bandwidth;
1403 
1404  } else if (is_guard) {
1405 
1406  *G += default_bandwidth;
1407  if (rs->has_guardfraction) {
1408  *M += guardfraction_bandwidth;
1409  }
1410 
1411  } else {
1412 
1413  *M += default_bandwidth;
1414  }
1415 }
1416 
1417 /** Considering the different recommended/required protocols sets as a
1418  * 4-element array, return the element from <b>vote</b> for that protocol
1419  * set.
1420  */
1421 static const char *
1423 {
1424  switch (n) {
1425  case 0: return vote->recommended_client_protocols;
1426  case 1: return vote->recommended_relay_protocols;
1427  case 2: return vote->required_client_protocols;
1428  case 3: return vote->required_relay_protocols;
1429  default:
1430  tor_assert_unreached();
1431  return NULL;
1432  }
1433 }
1434 
1435 /** Considering the different recommended/required protocols sets as a
1436  * 4-element array, return a newly allocated string for the consensus value
1437  * for the n'th set.
1438  */
1439 static char *
1440 compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes)
1441 {
1442  const char *keyword;
1443  smartlist_t *proto_votes = smartlist_new();
1444  int threshold;
1445  switch (n) {
1446  case 0:
1447  keyword = "recommended-client-protocols";
1448  threshold = CEIL_DIV(n_voters, 2);
1449  break;
1450  case 1:
1451  keyword = "recommended-relay-protocols";
1452  threshold = CEIL_DIV(n_voters, 2);
1453  break;
1454  case 2:
1455  keyword = "required-client-protocols";
1456  threshold = CEIL_DIV(n_voters * 2, 3);
1457  break;
1458  case 3:
1459  keyword = "required-relay-protocols";
1460  threshold = CEIL_DIV(n_voters * 2, 3);
1461  break;
1462  default:
1463  tor_assert_unreached();
1464  return NULL;
1465  }
1466 
1467  SMARTLIST_FOREACH_BEGIN(votes, const networkstatus_t *, ns) {
1468  const char *v = get_nth_protocol_set_vote(n, ns);
1469  if (v)
1470  smartlist_add(proto_votes, (void*)v);
1471  } SMARTLIST_FOREACH_END(ns);
1472 
1473  char *protocols = protover_compute_vote(proto_votes, threshold);
1474  smartlist_free(proto_votes);
1475 
1476  char *result = NULL;
1477  tor_asprintf(&result, "%s %s\n", keyword, protocols);
1478  tor_free(protocols);
1479 
1480  return result;
1481 }
1482 
1483 /** Helper: Takes a smartlist of `const char *` flags, and a flag to remove.
1484  *
1485  * Removes that flag if it is present in the list. Doesn't free it.
1486  */
1487 static void
1488 remove_flag(smartlist_t *sl, const char *flag)
1489 {
1490  /* We can't use smartlist_string_remove() here, since that doesn't preserve
1491  * order, and since it frees elements from the string. */
1492 
1493  int idx = smartlist_string_pos(sl, flag);
1494  if (idx >= 0)
1495  smartlist_del_keeporder(sl, idx);
1496 }
1497 
1498 /** Given a list of vote networkstatus_t in <b>votes</b>, our public
1499  * authority <b>identity_key</b>, our private authority <b>signing_key</b>,
1500  * and the number of <b>total_authorities</b> that we believe exist in our
1501  * voting quorum, generate the text of a new v3 consensus or microdescriptor
1502  * consensus (depending on <b>flavor</b>), and return the value in a newly
1503  * allocated string.
1504  *
1505  * Note: this function DOES NOT check whether the votes are from
1506  * recognized authorities. (dirvote_add_vote does that.)
1507  *
1508  * <strong>WATCH OUT</strong>: You need to think before you change the
1509  * behavior of this function, or of the functions it calls! If some
1510  * authorities compute the consensus with a different algorithm than
1511  * others, they will not reach the same result, and they will not all
1512  * sign the same thing! If you really need to change the algorithm
1513  * here, you should allocate a new "consensus_method" for the new
1514  * behavior, and make the new behavior conditional on a new-enough
1515  * consensus_method.
1516  **/
1517 STATIC char *
1519  int total_authorities,
1520  crypto_pk_t *identity_key,
1521  crypto_pk_t *signing_key,
1522  const char *legacy_id_key_digest,
1524  consensus_flavor_t flavor)
1525 {
1526  smartlist_t *chunks;
1527  char *result = NULL;
1528  int consensus_method;
1529  time_t valid_after, fresh_until, valid_until;
1530  int vote_seconds, dist_seconds;
1531  char *client_versions = NULL, *server_versions = NULL;
1532  smartlist_t *flags;
1533  const char *flavor_name;
1534  uint32_t max_unmeasured_bw_kb = DEFAULT_MAX_UNMEASURED_BW_KB;
1535  int64_t G, M, E, D, T; /* For bandwidth weights */
1536  const routerstatus_format_type_t rs_format =
1537  flavor == FLAV_NS ? NS_V3_CONSENSUS : NS_V3_CONSENSUS_MICRODESC;
1538  char *params = NULL;
1539  char *packages = NULL;
1540  int added_weights = 0;
1541  dircollator_t *collator = NULL;
1542  smartlist_t *param_list = NULL;
1543 
1544  tor_assert(flavor == FLAV_NS || flavor == FLAV_MICRODESC);
1545  tor_assert(total_authorities >= smartlist_len(votes));
1546  tor_assert(total_authorities > 0);
1547 
1548  flavor_name = networkstatus_get_flavor_name(flavor);
1549 
1550  if (!smartlist_len(votes)) {
1551  log_warn(LD_DIR, "Can't compute a consensus from no votes.");
1552  return NULL;
1553  }
1554  flags = smartlist_new();
1555 
1556  consensus_method = compute_consensus_method(votes);
1557  if (consensus_method_is_supported(consensus_method)) {
1558  log_info(LD_DIR, "Generating consensus using method %d.",
1559  consensus_method);
1560  } else {
1561  log_warn(LD_DIR, "The other authorities will use consensus method %d, "
1562  "which I don't support. Maybe I should upgrade!",
1563  consensus_method);
1564  consensus_method = MAX_SUPPORTED_CONSENSUS_METHOD;
1565  }
1566 
1567  {
1568  /* It's smarter to initialize these weights to 1, so that later on,
1569  * we can't accidentally divide by zero. */
1570  G = M = E = D = 1;
1571  T = 4;
1572  }
1573 
1574  /* Compute medians of time-related things, and figure out how many
1575  * routers we might need to talk about. */
1576  {
1577  int n_votes = smartlist_len(votes);
1578  time_t *va_times = tor_calloc(n_votes, sizeof(time_t));
1579  time_t *fu_times = tor_calloc(n_votes, sizeof(time_t));
1580  time_t *vu_times = tor_calloc(n_votes, sizeof(time_t));
1581  int *votesec_list = tor_calloc(n_votes, sizeof(int));
1582  int *distsec_list = tor_calloc(n_votes, sizeof(int));
1583  int n_versioning_clients = 0, n_versioning_servers = 0;
1584  smartlist_t *combined_client_versions = smartlist_new();
1585  smartlist_t *combined_server_versions = smartlist_new();
1586 
1588  tor_assert(v->type == NS_TYPE_VOTE);
1589  va_times[v_sl_idx] = v->valid_after;
1590  fu_times[v_sl_idx] = v->fresh_until;
1591  vu_times[v_sl_idx] = v->valid_until;
1592  votesec_list[v_sl_idx] = v->vote_seconds;
1593  distsec_list[v_sl_idx] = v->dist_seconds;
1594  if (v->client_versions) {
1595  smartlist_t *cv = smartlist_new();
1596  ++n_versioning_clients;
1597  smartlist_split_string(cv, v->client_versions, ",",
1598  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1599  sort_version_list(cv, 1);
1600  smartlist_add_all(combined_client_versions, cv);
1601  smartlist_free(cv); /* elements get freed later. */
1602  }
1603  if (v->server_versions) {
1604  smartlist_t *sv = smartlist_new();
1605  ++n_versioning_servers;
1606  smartlist_split_string(sv, v->server_versions, ",",
1607  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1608  sort_version_list(sv, 1);
1609  smartlist_add_all(combined_server_versions, sv);
1610  smartlist_free(sv); /* elements get freed later. */
1611  }
1612  SMARTLIST_FOREACH(v->known_flags, const char *, cp,
1613  smartlist_add_strdup(flags, cp));
1614  } SMARTLIST_FOREACH_END(v);
1615  valid_after = median_time(va_times, n_votes);
1616  fresh_until = median_time(fu_times, n_votes);
1617  valid_until = median_time(vu_times, n_votes);
1618  vote_seconds = median_int(votesec_list, n_votes);
1619  dist_seconds = median_int(distsec_list, n_votes);
1620 
1621  tor_assert(valid_after +
1622  (get_options()->TestingTorNetwork ?
1623  MIN_VOTE_INTERVAL_TESTING : MIN_VOTE_INTERVAL) <= fresh_until);
1624  tor_assert(fresh_until +
1625  (get_options()->TestingTorNetwork ?
1626  MIN_VOTE_INTERVAL_TESTING : MIN_VOTE_INTERVAL) <= valid_until);
1627  tor_assert(vote_seconds >= MIN_VOTE_SECONDS);
1628  tor_assert(dist_seconds >= MIN_DIST_SECONDS);
1629 
1630  server_versions = compute_consensus_versions_list(combined_server_versions,
1631  n_versioning_servers);
1632  client_versions = compute_consensus_versions_list(combined_client_versions,
1633  n_versioning_clients);
1634  packages = compute_consensus_package_lines(votes);
1635 
1636  SMARTLIST_FOREACH(combined_server_versions, char *, cp, tor_free(cp));
1637  SMARTLIST_FOREACH(combined_client_versions, char *, cp, tor_free(cp));
1638  smartlist_free(combined_server_versions);
1639  smartlist_free(combined_client_versions);
1640 
1641  smartlist_add_strdup(flags, "NoEdConsensus");
1642 
1643  smartlist_sort_strings(flags);
1644  smartlist_uniq_strings(flags);
1645 
1646  tor_free(va_times);
1647  tor_free(fu_times);
1648  tor_free(vu_times);
1649  tor_free(votesec_list);
1650  tor_free(distsec_list);
1651  }
1652  // True if anybody is voting on the BadExit flag.
1653  const bool badexit_flag_is_listed =
1654  smartlist_contains_string(flags, "BadExit");
1655 
1656  chunks = smartlist_new();
1657 
1658  {
1659  char va_buf[ISO_TIME_LEN+1], fu_buf[ISO_TIME_LEN+1],
1660  vu_buf[ISO_TIME_LEN+1];
1661  char *flaglist;
1662  format_iso_time(va_buf, valid_after);
1663  format_iso_time(fu_buf, fresh_until);
1664  format_iso_time(vu_buf, valid_until);
1665  flaglist = smartlist_join_strings(flags, " ", 0, NULL);
1666 
1667  smartlist_add_asprintf(chunks, "network-status-version 3%s%s\n"
1668  "vote-status consensus\n",
1669  flavor == FLAV_NS ? "" : " ",
1670  flavor == FLAV_NS ? "" : flavor_name);
1671 
1672  smartlist_add_asprintf(chunks, "consensus-method %d\n",
1673  consensus_method);
1674 
1675  smartlist_add_asprintf(chunks,
1676  "valid-after %s\n"
1677  "fresh-until %s\n"
1678  "valid-until %s\n"
1679  "voting-delay %d %d\n"
1680  "client-versions %s\n"
1681  "server-versions %s\n"
1682  "%s" /* packages */
1683  "known-flags %s\n",
1684  va_buf, fu_buf, vu_buf,
1685  vote_seconds, dist_seconds,
1686  client_versions, server_versions,
1687  packages,
1688  flaglist);
1689 
1690  tor_free(flaglist);
1691  }
1692 
1693  {
1694  int num_dirauth = get_n_authorities(V3_DIRINFO);
1695  int idx;
1696  for (idx = 0; idx < 4; ++idx) {
1697  char *proto_line = compute_nth_protocol_set(idx, num_dirauth, votes);
1698  if (BUG(!proto_line))
1699  continue;
1700  smartlist_add(chunks, proto_line);
1701  }
1702  }
1703 
1704  param_list = dirvote_compute_params(votes, consensus_method,
1705  total_authorities);
1706  if (smartlist_len(param_list)) {
1707  params = smartlist_join_strings(param_list, " ", 0, NULL);
1708  smartlist_add_strdup(chunks, "params ");
1709  smartlist_add(chunks, params);
1710  smartlist_add_strdup(chunks, "\n");
1711  }
1712 
1713  {
1714  int num_dirauth = get_n_authorities(V3_DIRINFO);
1715  /* Default value of this is 2/3 of the total number of authorities. For
1716  * instance, if we have 9 dirauth, the default value is 6. The following
1717  * calculation will round it down. */
1718  int32_t num_srv_agreements =
1720  "AuthDirNumSRVAgreements",
1721  (num_dirauth * 2) / 3);
1722  /* Add the shared random value. */
1723  char *srv_lines = sr_get_string_for_consensus(votes, num_srv_agreements);
1724  if (srv_lines != NULL) {
1725  smartlist_add(chunks, srv_lines);
1726  }
1727  }
1728 
1729  /* Sort the votes. */
1731  /* Add the authority sections. */
1732  {
1733  smartlist_t *dir_sources = smartlist_new();
1735  dir_src_ent_t *e = tor_malloc_zero(sizeof(dir_src_ent_t));
1736  e->v = v;
1737  e->digest = get_voter(v)->identity_digest;
1738  e->is_legacy = 0;
1739  smartlist_add(dir_sources, e);
1740  if (!tor_digest_is_zero(get_voter(v)->legacy_id_digest)) {
1741  dir_src_ent_t *e_legacy = tor_malloc_zero(sizeof(dir_src_ent_t));
1742  e_legacy->v = v;
1743  e_legacy->digest = get_voter(v)->legacy_id_digest;
1744  e_legacy->is_legacy = 1;
1745  smartlist_add(dir_sources, e_legacy);
1746  }
1747  } SMARTLIST_FOREACH_END(v);
1749 
1750  SMARTLIST_FOREACH_BEGIN(dir_sources, const dir_src_ent_t *, e) {
1751  char fingerprint[HEX_DIGEST_LEN+1];
1752  char votedigest[HEX_DIGEST_LEN+1];
1753  networkstatus_t *v = e->v;
1755 
1756  base16_encode(fingerprint, sizeof(fingerprint), e->digest, DIGEST_LEN);
1757  base16_encode(votedigest, sizeof(votedigest), voter->vote_digest,
1758  DIGEST_LEN);
1759 
1760  smartlist_add_asprintf(chunks,
1761  "dir-source %s%s %s %s %s %d %d\n",
1762  voter->nickname, e->is_legacy ? "-legacy" : "",
1763  fingerprint, voter->address, fmt_addr(&voter->ipv4_addr),
1764  voter->ipv4_dirport,
1765  voter->ipv4_orport);
1766  if (! e->is_legacy) {
1767  smartlist_add_asprintf(chunks,
1768  "contact %s\n"
1769  "vote-digest %s\n",
1770  voter->contact,
1771  votedigest);
1772  }
1773  } SMARTLIST_FOREACH_END(e);
1774  SMARTLIST_FOREACH(dir_sources, dir_src_ent_t *, e, tor_free(e));
1775  smartlist_free(dir_sources);
1776  }
1777 
1778  {
1779  if (consensus_method < MIN_METHOD_FOR_CORRECT_BWWEIGHTSCALE) {
1780  max_unmeasured_bw_kb = (int32_t) extract_param_buggy(
1781  params, "maxunmeasuredbw", DEFAULT_MAX_UNMEASURED_BW_KB);
1782  } else {
1783  max_unmeasured_bw_kb = dirvote_get_intermediate_param_value(
1784  param_list, "maxunmeasurdbw", DEFAULT_MAX_UNMEASURED_BW_KB);
1785  if (max_unmeasured_bw_kb < 1)
1786  max_unmeasured_bw_kb = 1;
1787  }
1788  }
1789 
1790  /* Add the actual router entries. */
1791  {
1792  int *size; /* size[j] is the number of routerstatuses in votes[j]. */
1793  int *flag_counts; /* The number of voters that list flag[j] for the
1794  * currently considered router. */
1795  int i;
1796  smartlist_t *matching_descs = smartlist_new();
1797  smartlist_t *chosen_flags = smartlist_new();
1798  smartlist_t *versions = smartlist_new();
1799  smartlist_t *protocols = smartlist_new();
1800  smartlist_t *exitsummaries = smartlist_new();
1801  uint32_t *bandwidths_kb = tor_calloc(smartlist_len(votes),
1802  sizeof(uint32_t));
1803  uint32_t *measured_bws_kb = tor_calloc(smartlist_len(votes),
1804  sizeof(uint32_t));
1805  uint32_t *measured_guardfraction = tor_calloc(smartlist_len(votes),
1806  sizeof(uint32_t));
1807  int num_bandwidths;
1808  int num_mbws;
1809  int num_guardfraction_inputs;
1810 
1811  int *n_voter_flags; /* n_voter_flags[j] is the number of flags that
1812  * votes[j] knows about. */
1813  int *n_flag_voters; /* n_flag_voters[f] is the number of votes that care
1814  * about flags[f]. */
1815  int **flag_map; /* flag_map[j][b] is an index f such that flag_map[f]
1816  * is the same flag as votes[j]->known_flags[b]. */
1817  int *named_flag; /* Index of the flag "Named" for votes[j] */
1818  int *unnamed_flag; /* Index of the flag "Unnamed" for votes[j] */
1819  int n_authorities_measuring_bandwidth;
1820 
1821  strmap_t *name_to_id_map = strmap_new();
1822  char conflict[DIGEST_LEN];
1823  char unknown[DIGEST_LEN];
1824  memset(conflict, 0, sizeof(conflict));
1825  memset(unknown, 0xff, sizeof(conflict));
1826 
1827  size = tor_calloc(smartlist_len(votes), sizeof(int));
1828  n_voter_flags = tor_calloc(smartlist_len(votes), sizeof(int));
1829  n_flag_voters = tor_calloc(smartlist_len(flags), sizeof(int));
1830  flag_map = tor_calloc(smartlist_len(votes), sizeof(int *));
1831  named_flag = tor_calloc(smartlist_len(votes), sizeof(int));
1832  unnamed_flag = tor_calloc(smartlist_len(votes), sizeof(int));
1833  for (i = 0; i < smartlist_len(votes); ++i)
1834  unnamed_flag[i] = named_flag[i] = -1;
1835 
1836  /* Build the flag indexes. Note that no vote can have more than 64 members
1837  * for known_flags, so no value will be greater than 63, so it's safe to
1838  * do UINT64_C(1) << index on these values. But note also that
1839  * named_flag and unnamed_flag are initialized to -1, so we need to check
1840  * that they're actually set before doing UINT64_C(1) << index with
1841  * them.*/
1843  flag_map[v_sl_idx] = tor_calloc(smartlist_len(v->known_flags),
1844  sizeof(int));
1845  if (smartlist_len(v->known_flags) > MAX_KNOWN_FLAGS_IN_VOTE) {
1846  log_warn(LD_BUG, "Somehow, a vote has %d entries in known_flags",
1847  smartlist_len(v->known_flags));
1848  }
1849  SMARTLIST_FOREACH_BEGIN(v->known_flags, const char *, fl) {
1850  int p = smartlist_string_pos(flags, fl);
1851  tor_assert(p >= 0);
1852  flag_map[v_sl_idx][fl_sl_idx] = p;
1853  ++n_flag_voters[p];
1854  if (!strcmp(fl, "Named"))
1855  named_flag[v_sl_idx] = fl_sl_idx;
1856  if (!strcmp(fl, "Unnamed"))
1857  unnamed_flag[v_sl_idx] = fl_sl_idx;
1858  } SMARTLIST_FOREACH_END(fl);
1859  n_voter_flags[v_sl_idx] = smartlist_len(v->known_flags);
1860  size[v_sl_idx] = smartlist_len(v->routerstatus_list);
1861  } SMARTLIST_FOREACH_END(v);
1862 
1863  /* Named and Unnamed get treated specially */
1864  {
1866  uint64_t nf;
1867  if (named_flag[v_sl_idx]<0)
1868  continue;
1869  nf = UINT64_C(1) << named_flag[v_sl_idx];
1870  SMARTLIST_FOREACH_BEGIN(v->routerstatus_list,
1871  vote_routerstatus_t *, rs) {
1872 
1873  if ((rs->flags & nf) != 0) {
1874  const char *d = strmap_get_lc(name_to_id_map, rs->status.nickname);
1875  if (!d) {
1876  /* We have no name officially mapped to this digest. */
1877  strmap_set_lc(name_to_id_map, rs->status.nickname,
1878  rs->status.identity_digest);
1879  } else if (d != conflict &&
1880  fast_memcmp(d, rs->status.identity_digest, DIGEST_LEN)) {
1881  /* Authorities disagree about this nickname. */
1882  strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
1883  } else {
1884  /* It's already a conflict, or it's already this ID. */
1885  }
1886  }
1887  } SMARTLIST_FOREACH_END(rs);
1888  } SMARTLIST_FOREACH_END(v);
1889 
1891  uint64_t uf;
1892  if (unnamed_flag[v_sl_idx]<0)
1893  continue;
1894  uf = UINT64_C(1) << unnamed_flag[v_sl_idx];
1895  SMARTLIST_FOREACH_BEGIN(v->routerstatus_list,
1896  vote_routerstatus_t *, rs) {
1897  if ((rs->flags & uf) != 0) {
1898  const char *d = strmap_get_lc(name_to_id_map, rs->status.nickname);
1899  if (d == conflict || d == unknown) {
1900  /* Leave it alone; we know what it is. */
1901  } else if (!d) {
1902  /* We have no name officially mapped to this digest. */
1903  strmap_set_lc(name_to_id_map, rs->status.nickname, unknown);
1904  } else if (fast_memeq(d, rs->status.identity_digest, DIGEST_LEN)) {
1905  /* Authorities disagree about this nickname. */
1906  strmap_set_lc(name_to_id_map, rs->status.nickname, conflict);
1907  } else {
1908  /* It's mapped to a different name. */
1909  }
1910  }
1911  } SMARTLIST_FOREACH_END(rs);
1912  } SMARTLIST_FOREACH_END(v);
1913  }
1914 
1915  /* We need to know how many votes measure bandwidth. */
1916  n_authorities_measuring_bandwidth = 0;
1917  SMARTLIST_FOREACH(votes, const networkstatus_t *, v,
1918  if (v->has_measured_bws) {
1919  ++n_authorities_measuring_bandwidth;
1920  }
1921  );
1922 
1923  /* Populate the collator */
1924  collator = dircollator_new(smartlist_len(votes), total_authorities);
1926  dircollator_add_vote(collator, v);
1927  } SMARTLIST_FOREACH_END(v);
1928 
1929  dircollator_collate(collator, consensus_method);
1930 
1931  /* Now go through all the votes */
1932  flag_counts = tor_calloc(smartlist_len(flags), sizeof(int));
1933  const int num_routers = dircollator_n_routers(collator);
1934  for (i = 0; i < num_routers; ++i) {
1935  vote_routerstatus_t **vrs_lst =
1936  dircollator_get_votes_for_router(collator, i);
1937 
1938  vote_routerstatus_t *rs;
1939  routerstatus_t rs_out;
1940  const char *current_rsa_id = NULL;
1941  const char *chosen_version;
1942  const char *chosen_protocol_list;
1943  const char *chosen_name = NULL;
1944  int exitsummary_disagreement = 0;
1945  int is_named = 0, is_unnamed = 0, is_running = 0, is_valid = 0;
1946  int is_guard = 0, is_exit = 0, is_bad_exit = 0, is_middle_only = 0;
1947  int naming_conflict = 0;
1948  int n_listing = 0;
1949  char microdesc_digest[DIGEST256_LEN];
1950  tor_addr_port_t alt_orport = {TOR_ADDR_NULL, 0};
1951 
1952  memset(flag_counts, 0, sizeof(int)*smartlist_len(flags));
1953  smartlist_clear(matching_descs);
1954  smartlist_clear(chosen_flags);
1955  smartlist_clear(versions);
1956  smartlist_clear(protocols);
1957  num_bandwidths = 0;
1958  num_mbws = 0;
1959  num_guardfraction_inputs = 0;
1960  int ed_consensus = 0;
1961  const uint8_t *ed_consensus_val = NULL;
1962 
1963  /* Okay, go through all the entries for this digest. */
1964  for (int voter_idx = 0; voter_idx < smartlist_len(votes); ++voter_idx) {
1965  if (vrs_lst[voter_idx] == NULL)
1966  continue; /* This voter had nothing to say about this entry. */
1967  rs = vrs_lst[voter_idx];
1968  ++n_listing;
1969 
1970  current_rsa_id = rs->status.identity_digest;
1971 
1972  smartlist_add(matching_descs, rs);
1973  if (rs->version && rs->version[0])
1974  smartlist_add(versions, rs->version);
1975 
1976  if (rs->protocols) {
1977  /* We include this one even if it's empty: voting for an
1978  * empty protocol list actually is meaningful. */
1979  smartlist_add(protocols, rs->protocols);
1980  }
1981 
1982  /* Tally up all the flags. */
1983  for (int flag = 0; flag < n_voter_flags[voter_idx]; ++flag) {
1984  if (rs->flags & (UINT64_C(1) << flag))
1985  ++flag_counts[flag_map[voter_idx][flag]];
1986  }
1987  if (named_flag[voter_idx] >= 0 &&
1988  (rs->flags & (UINT64_C(1) << named_flag[voter_idx]))) {
1989  if (chosen_name && strcmp(chosen_name, rs->status.nickname)) {
1990  log_notice(LD_DIR, "Conflict on naming for router: %s vs %s",
1991  chosen_name, rs->status.nickname);
1992  naming_conflict = 1;
1993  }
1994  chosen_name = rs->status.nickname;
1995  }
1996 
1997  /* Count guardfraction votes and note down the values. */
1998  if (rs->status.has_guardfraction) {
1999  measured_guardfraction[num_guardfraction_inputs++] =
2001  }
2002 
2003  /* count bandwidths */
2004  if (rs->has_measured_bw)
2005  measured_bws_kb[num_mbws++] = rs->measured_bw_kb;
2006 
2007  if (rs->status.has_bandwidth)
2008  bandwidths_kb[num_bandwidths++] = rs->status.bandwidth_kb;
2009 
2010  /* Count number for which ed25519 is canonical. */
2011  if (rs->ed25519_reflects_consensus) {
2012  ++ed_consensus;
2013  if (ed_consensus_val) {
2014  tor_assert(fast_memeq(ed_consensus_val, rs->ed25519_id,
2016  } else {
2017  ed_consensus_val = rs->ed25519_id;
2018  }
2019  }
2020  }
2021 
2022  /* We don't include this router at all unless more than half of
2023  * the authorities we believe in list it. */
2024  if (n_listing <= total_authorities/2)
2025  continue;
2026 
2027  if (ed_consensus > 0) {
2028  if (ed_consensus <= total_authorities / 2) {
2029  log_warn(LD_BUG, "Not enough entries had ed_consensus set; how "
2030  "can we have a consensus of %d?", ed_consensus);
2031  }
2032  }
2033 
2034  /* The clangalyzer can't figure out that this will never be NULL
2035  * if n_listing is at least 1 */
2036  tor_assert(current_rsa_id);
2037 
2038  /* Figure out the most popular opinion of what the most recent
2039  * routerinfo and its contents are. */
2040  memset(microdesc_digest, 0, sizeof(microdesc_digest));
2041  rs = compute_routerstatus_consensus(matching_descs, consensus_method,
2042  microdesc_digest, &alt_orport);
2043  /* Copy bits of that into rs_out. */
2044  memset(&rs_out, 0, sizeof(rs_out));
2045  tor_assert(fast_memeq(current_rsa_id,
2047  memcpy(rs_out.identity_digest, current_rsa_id, DIGEST_LEN);
2048  memcpy(rs_out.descriptor_digest, rs->status.descriptor_digest,
2049  DIGEST_LEN);
2050  tor_addr_copy(&rs_out.ipv4_addr, &rs->status.ipv4_addr);
2051  rs_out.ipv4_dirport = rs->status.ipv4_dirport;
2052  rs_out.ipv4_orport = rs->status.ipv4_orport;
2053  tor_addr_copy(&rs_out.ipv6_addr, &alt_orport.addr);
2054  rs_out.ipv6_orport = alt_orport.port;
2055  rs_out.has_bandwidth = 0;
2056  rs_out.has_exitsummary = 0;
2057 
2058  time_t published_on = rs->published_on;
2059 
2060  /* Starting with this consensus method, we no longer include a
2061  meaningful published_on time for microdescriptor consensuses. This
2062  makes their diffs smaller and more compressible.
2063 
2064  We need to keep including a meaningful published_on time for NS
2065  consensuses, however, until 035 relays are all obsolete. (They use
2066  it for a purpose similar to the current StaleDesc flag.)
2067  */
2068  if (consensus_method >= MIN_METHOD_TO_SUPPRESS_MD_PUBLISHED &&
2069  flavor == FLAV_MICRODESC) {
2070  published_on = -1;
2071  }
2072 
2073  if (chosen_name && !naming_conflict) {
2074  strlcpy(rs_out.nickname, chosen_name, sizeof(rs_out.nickname));
2075  } else {
2076  strlcpy(rs_out.nickname, rs->status.nickname, sizeof(rs_out.nickname));
2077  }
2078 
2079  {
2080  const char *d = strmap_get_lc(name_to_id_map, rs_out.nickname);
2081  if (!d) {
2082  is_named = is_unnamed = 0;
2083  } else if (fast_memeq(d, current_rsa_id, DIGEST_LEN)) {
2084  is_named = 1; is_unnamed = 0;
2085  } else {
2086  is_named = 0; is_unnamed = 1;
2087  }
2088  }
2089 
2090  /* Set the flags. */
2091  SMARTLIST_FOREACH_BEGIN(flags, const char *, fl) {
2092  if (!strcmp(fl, "Named")) {
2093  if (is_named)
2094  smartlist_add(chosen_flags, (char*)fl);
2095  } else if (!strcmp(fl, "Unnamed")) {
2096  if (is_unnamed)
2097  smartlist_add(chosen_flags, (char*)fl);
2098  } else if (!strcmp(fl, "NoEdConsensus")) {
2099  if (ed_consensus <= total_authorities/2)
2100  smartlist_add(chosen_flags, (char*)fl);
2101  } else {
2102  if (flag_counts[fl_sl_idx] > n_flag_voters[fl_sl_idx]/2) {
2103  smartlist_add(chosen_flags, (char*)fl);
2104  if (!strcmp(fl, "Exit"))
2105  is_exit = 1;
2106  else if (!strcmp(fl, "Guard"))
2107  is_guard = 1;
2108  else if (!strcmp(fl, "Running"))
2109  is_running = 1;
2110  else if (!strcmp(fl, "BadExit"))
2111  is_bad_exit = 1;
2112  else if (!strcmp(fl, "MiddleOnly"))
2113  is_middle_only = 1;
2114  else if (!strcmp(fl, "Valid"))
2115  is_valid = 1;
2116  }
2117  }
2118  } SMARTLIST_FOREACH_END(fl);
2119 
2120  /* Starting with consensus method 4 we do not list servers
2121  * that are not running in a consensus. See Proposal 138 */
2122  if (!is_running)
2123  continue;
2124 
2125  /* Starting with consensus method 24, we don't list servers
2126  * that are not valid in a consensus. See Proposal 272 */
2127  if (!is_valid)
2128  continue;
2129 
2130  /* Starting with consensus method 32, we handle the middle-only
2131  * flag specially: when it is present, we clear some flags, and
2132  * set others. */
2133  if (is_middle_only && consensus_method >= MIN_METHOD_FOR_MIDDLEONLY) {
2134  remove_flag(chosen_flags, "Exit");
2135  remove_flag(chosen_flags, "V2Dir");
2136  remove_flag(chosen_flags, "Guard");
2137  remove_flag(chosen_flags, "HSDir");
2138  is_exit = is_guard = 0;
2139  if (! is_bad_exit && badexit_flag_is_listed) {
2140  is_bad_exit = 1;
2141  smartlist_add(chosen_flags, (char *)"BadExit");
2142  smartlist_sort_strings(chosen_flags); // restore order.
2143  }
2144  }
2145 
2146  /* Pick the version. */
2147  if (smartlist_len(versions)) {
2148  sort_version_list(versions, 0);
2149  chosen_version = get_most_frequent_member(versions);
2150  } else {
2151  chosen_version = NULL;
2152  }
2153 
2154  /* Pick the protocol list */
2155  if (smartlist_len(protocols)) {
2156  smartlist_sort_strings(protocols);
2157  chosen_protocol_list = get_most_frequent_member(protocols);
2158  } else {
2159  chosen_protocol_list = NULL;
2160  }
2161 
2162  /* If it's a guard and we have enough guardfraction votes,
2163  calculate its consensus guardfraction value. */
2164  if (is_guard && num_guardfraction_inputs > 2) {
2165  rs_out.has_guardfraction = 1;
2166  rs_out.guardfraction_percentage = median_uint32(measured_guardfraction,
2167  num_guardfraction_inputs);
2168  /* final value should be an integer percentage! */
2169  tor_assert(rs_out.guardfraction_percentage <= 100);
2170  }
2171 
2172  /* Pick a bandwidth */
2173  if (num_mbws > 2) {
2174  rs_out.has_bandwidth = 1;
2175  rs_out.bw_is_unmeasured = 0;
2176  rs_out.bandwidth_kb = median_uint32(measured_bws_kb, num_mbws);
2177  } else if (num_bandwidths > 0) {
2178  rs_out.has_bandwidth = 1;
2179  rs_out.bw_is_unmeasured = 1;
2180  rs_out.bandwidth_kb = median_uint32(bandwidths_kb, num_bandwidths);
2181  if (n_authorities_measuring_bandwidth > 2) {
2182  /* Cap non-measured bandwidths. */
2183  if (rs_out.bandwidth_kb > max_unmeasured_bw_kb) {
2184  rs_out.bandwidth_kb = max_unmeasured_bw_kb;
2185  }
2186  }
2187  }
2188 
2189  /* Fix bug 2203: Do not count BadExit nodes as Exits for bw weights */
2190  is_exit = is_exit && !is_bad_exit;
2191 
2192  /* Update total bandwidth weights with the bandwidths of this router. */
2193  {
2195  is_exit, is_guard,
2196  &G, &M, &E, &D, &T);
2197  }
2198 
2199  /* Ok, we already picked a descriptor digest we want to list
2200  * previously. Now we want to use the exit policy summary from
2201  * that descriptor. If everybody plays nice all the voters who
2202  * listed that descriptor will have the same summary. If not then
2203  * something is fishy and we'll use the most common one (breaking
2204  * ties in favor of lexicographically larger one (only because it
2205  * lets me reuse more existing code)).
2206  *
2207  * The other case that can happen is that no authority that voted
2208  * for that descriptor has an exit policy summary. That's
2209  * probably quite unlikely but can happen. In that case we use
2210  * the policy that was most often listed in votes, again breaking
2211  * ties like in the previous case.
2212  */
2213  {
2214  /* Okay, go through all the votes for this router. We prepared
2215  * that list previously */
2216  const char *chosen_exitsummary = NULL;
2217  smartlist_clear(exitsummaries);
2218  SMARTLIST_FOREACH_BEGIN(matching_descs, vote_routerstatus_t *, vsr) {
2219  /* Check if the vote where this status comes from had the
2220  * proper descriptor */
2222  vsr->status.identity_digest,
2223  DIGEST_LEN));
2224  if (vsr->status.has_exitsummary &&
2226  vsr->status.descriptor_digest,
2227  DIGEST_LEN)) {
2228  tor_assert(vsr->status.exitsummary);
2229  smartlist_add(exitsummaries, vsr->status.exitsummary);
2230  if (!chosen_exitsummary) {
2231  chosen_exitsummary = vsr->status.exitsummary;
2232  } else if (strcmp(chosen_exitsummary, vsr->status.exitsummary)) {
2233  /* Great. There's disagreement among the voters. That
2234  * really shouldn't be */
2235  exitsummary_disagreement = 1;
2236  }
2237  }
2238  } SMARTLIST_FOREACH_END(vsr);
2239 
2240  if (exitsummary_disagreement) {
2241  char id[HEX_DIGEST_LEN+1];
2242  char dd[HEX_DIGEST_LEN+1];
2243  base16_encode(id, sizeof(dd), rs_out.identity_digest, DIGEST_LEN);
2244  base16_encode(dd, sizeof(dd), rs_out.descriptor_digest, DIGEST_LEN);
2245  log_warn(LD_DIR, "The voters disagreed on the exit policy summary "
2246  " for router %s with descriptor %s. This really shouldn't"
2247  " have happened.", id, dd);
2248 
2249  smartlist_sort_strings(exitsummaries);
2250  chosen_exitsummary = get_most_frequent_member(exitsummaries);
2251  } else if (!chosen_exitsummary) {
2252  char id[HEX_DIGEST_LEN+1];
2253  char dd[HEX_DIGEST_LEN+1];
2254  base16_encode(id, sizeof(dd), rs_out.identity_digest, DIGEST_LEN);
2255  base16_encode(dd, sizeof(dd), rs_out.descriptor_digest, DIGEST_LEN);
2256  log_warn(LD_DIR, "Not one of the voters that made us select"
2257  "descriptor %s for router %s had an exit policy"
2258  "summary", dd, id);
2259 
2260  /* Ok, none of those voting for the digest we chose had an
2261  * exit policy for us. Well, that kinda sucks.
2262  */
2263  smartlist_clear(exitsummaries);
2264  SMARTLIST_FOREACH(matching_descs, vote_routerstatus_t *, vsr, {
2265  if (vsr->status.has_exitsummary)
2266  smartlist_add(exitsummaries, vsr->status.exitsummary);
2267  });
2268  smartlist_sort_strings(exitsummaries);
2269  chosen_exitsummary = get_most_frequent_member(exitsummaries);
2270 
2271  if (!chosen_exitsummary)
2272  log_warn(LD_DIR, "Wow, not one of the voters had an exit "
2273  "policy summary for %s. Wow.", id);
2274  }
2275 
2276  if (chosen_exitsummary) {
2277  rs_out.has_exitsummary = 1;
2278  /* yea, discards the const */
2279  rs_out.exitsummary = (char *)chosen_exitsummary;
2280  }
2281  }
2282 
2283  if (flavor == FLAV_MICRODESC &&
2284  tor_digest256_is_zero(microdesc_digest)) {
2285  /* With no microdescriptor digest, we omit the entry entirely. */
2286  continue;
2287  }
2288 
2289  {
2290  char *buf;
2291  /* Okay!! Now we can write the descriptor... */
2292  /* First line goes into "buf". */
2293  buf = routerstatus_format_entry(&rs_out, NULL, NULL,
2294  rs_format, NULL, published_on);
2295  if (buf)
2296  smartlist_add(chunks, buf);
2297  }
2298  /* Now an m line, if applicable. */
2299  if (flavor == FLAV_MICRODESC &&
2300  !tor_digest256_is_zero(microdesc_digest)) {
2301  char m[BASE64_DIGEST256_LEN+1];
2302  digest256_to_base64(m, microdesc_digest);
2303  smartlist_add_asprintf(chunks, "m %s\n", m);
2304  }
2305  /* Next line is all flags. The "\n" is missing. */
2306  smartlist_add_asprintf(chunks, "s%s",
2307  smartlist_len(chosen_flags)?" ":"");
2308  smartlist_add(chunks,
2309  smartlist_join_strings(chosen_flags, " ", 0, NULL));
2310  /* Now the version line. */
2311  if (chosen_version) {
2312  smartlist_add_strdup(chunks, "\nv ");
2313  smartlist_add_strdup(chunks, chosen_version);
2314  }
2315  smartlist_add_strdup(chunks, "\n");
2316  if (chosen_protocol_list) {
2317  smartlist_add_asprintf(chunks, "pr %s\n", chosen_protocol_list);
2318  }
2319  /* Now the weight line. */
2320  if (rs_out.has_bandwidth) {
2321  char *guardfraction_str = NULL;
2322  int unmeasured = rs_out.bw_is_unmeasured;
2323 
2324  /* If we have guardfraction info, include it in the 'w' line. */
2325  if (rs_out.has_guardfraction) {
2326  tor_asprintf(&guardfraction_str,
2327  " GuardFraction=%u", rs_out.guardfraction_percentage);
2328  }
2329  smartlist_add_asprintf(chunks, "w Bandwidth=%d%s%s\n",
2330  rs_out.bandwidth_kb,
2331  unmeasured?" Unmeasured=1":"",
2332  guardfraction_str ? guardfraction_str : "");
2333 
2334  tor_free(guardfraction_str);
2335  }
2336 
2337  /* Now the exitpolicy summary line. */
2338  if (rs_out.has_exitsummary && flavor == FLAV_NS) {
2339  smartlist_add_asprintf(chunks, "p %s\n", rs_out.exitsummary);
2340  }
2341 
2342  /* And the loop is over and we move on to the next router */
2343  }
2344 
2345  tor_free(size);
2346  tor_free(n_voter_flags);
2347  tor_free(n_flag_voters);
2348  for (i = 0; i < smartlist_len(votes); ++i)
2349  tor_free(flag_map[i]);
2350  tor_free(flag_map);
2351  tor_free(flag_counts);
2352  tor_free(named_flag);
2353  tor_free(unnamed_flag);
2354  strmap_free(name_to_id_map, NULL);
2355  smartlist_free(matching_descs);
2356  smartlist_free(chosen_flags);
2357  smartlist_free(versions);
2358  smartlist_free(protocols);
2359  smartlist_free(exitsummaries);
2360  tor_free(bandwidths_kb);
2361  tor_free(measured_bws_kb);
2362  tor_free(measured_guardfraction);
2363  }
2364 
2365  /* Mark the directory footer region */
2366  smartlist_add_strdup(chunks, "directory-footer\n");
2367 
2368  {
2369  int64_t weight_scale;
2370  if (consensus_method < MIN_METHOD_FOR_CORRECT_BWWEIGHTSCALE) {
2371  weight_scale = extract_param_buggy(params, "bwweightscale",
2372  BW_WEIGHT_SCALE);
2373  } else {
2374  weight_scale = dirvote_get_intermediate_param_value(
2375  param_list, "bwweightscale", BW_WEIGHT_SCALE);
2376  if (weight_scale < 1)
2377  weight_scale = 1;
2378  }
2379  added_weights = networkstatus_compute_bw_weights_v10(chunks, G, M, E, D,
2380  T, weight_scale);
2381  }
2382 
2383  /* Add a signature. */
2384  {
2385  char digest[DIGEST256_LEN];
2386  char fingerprint[HEX_DIGEST_LEN+1];
2387  char signing_key_fingerprint[HEX_DIGEST_LEN+1];
2388  digest_algorithm_t digest_alg =
2389  flavor == FLAV_NS ? DIGEST_SHA1 : DIGEST_SHA256;
2390  size_t digest_len =
2391  flavor == FLAV_NS ? DIGEST_LEN : DIGEST256_LEN;
2392  const char *algname = crypto_digest_algorithm_get_name(digest_alg);
2393  char *signature;
2394 
2395  smartlist_add_strdup(chunks, "directory-signature ");
2396 
2397  /* Compute the hash of the chunks. */
2398  crypto_digest_smartlist(digest, digest_len, chunks, "", digest_alg);
2399 
2400  /* Get the fingerprints */
2401  crypto_pk_get_fingerprint(identity_key, fingerprint, 0);
2402  crypto_pk_get_fingerprint(signing_key, signing_key_fingerprint, 0);
2403 
2404  /* add the junk that will go at the end of the line. */
2405  if (flavor == FLAV_NS) {
2406  smartlist_add_asprintf(chunks, "%s %s\n", fingerprint,
2407  signing_key_fingerprint);
2408  } else {
2409  smartlist_add_asprintf(chunks, "%s %s %s\n",
2410  algname, fingerprint,
2411  signing_key_fingerprint);
2412  }
2413  /* And the signature. */
2414  if (!(signature = router_get_dirobj_signature(digest, digest_len,
2415  signing_key))) {
2416  log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
2417  goto done;
2418  }
2419  smartlist_add(chunks, signature);
2420 
2421  if (legacy_id_key_digest && legacy_signing_key) {
2422  smartlist_add_strdup(chunks, "directory-signature ");
2423  base16_encode(fingerprint, sizeof(fingerprint),
2424  legacy_id_key_digest, DIGEST_LEN);
2426  signing_key_fingerprint, 0);
2427  if (flavor == FLAV_NS) {
2428  smartlist_add_asprintf(chunks, "%s %s\n", fingerprint,
2429  signing_key_fingerprint);
2430  } else {
2431  smartlist_add_asprintf(chunks, "%s %s %s\n",
2432  algname, fingerprint,
2433  signing_key_fingerprint);
2434  }
2435 
2436  if (!(signature = router_get_dirobj_signature(digest, digest_len,
2437  legacy_signing_key))) {
2438  log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
2439  goto done;
2440  }
2441  smartlist_add(chunks, signature);
2442  }
2443  }
2444 
2445  result = smartlist_join_strings(chunks, "", 0, NULL);
2446 
2447  {
2448  networkstatus_t *c;
2449  if (!(c = networkstatus_parse_vote_from_string(result, strlen(result),
2450  NULL,
2451  NS_TYPE_CONSENSUS))) {
2452  log_err(LD_BUG, "Generated a networkstatus consensus we couldn't "
2453  "parse.");
2454  tor_free(result);
2455  goto done;
2456  }
2457  // Verify balancing parameters
2458  if (added_weights) {
2459  networkstatus_verify_bw_weights(c, consensus_method);
2460  }
2461  networkstatus_vote_free(c);
2462  }
2463 
2464  done:
2465 
2466  dircollator_free(collator);
2467  tor_free(client_versions);
2468  tor_free(server_versions);
2469  tor_free(packages);
2470  SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp));
2471  smartlist_free(flags);
2472  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
2473  smartlist_free(chunks);
2474  SMARTLIST_FOREACH(param_list, char *, cp, tor_free(cp));
2475  smartlist_free(param_list);
2476 
2477  return result;
2478 }
2479 
2480 /** Extract the value of a parameter from a string encoding a list of
2481  * parameters, badly.
2482  *
2483  * This is a deliberately buggy implementation, for backward compatibility
2484  * with versions of Tor affected by #19011. Once all authorities have
2485  * upgraded to consensus method 31 or later, then we can throw away this
2486  * function. */
2487 STATIC int64_t
2488 extract_param_buggy(const char *params,
2489  const char *param_name,
2490  int64_t default_value)
2491 {
2492  int64_t value = default_value;
2493  const char *param_str = NULL;
2494 
2495  if (params) {
2496  char *prefix1 = NULL, *prefix2=NULL;
2497  tor_asprintf(&prefix1, "%s=", param_name);
2498  tor_asprintf(&prefix2, " %s=", param_name);
2499  if (strcmpstart(params, prefix1) == 0)
2500  param_str = params;
2501  else
2502  param_str = strstr(params, prefix2);
2503  tor_free(prefix1);
2504  tor_free(prefix2);
2505  }
2506 
2507  if (param_str) {
2508  int ok=0;
2509  char *eq = strchr(param_str, '=');
2510  if (eq) {
2511  value = tor_parse_long(eq+1, 10, 1, INT32_MAX, &ok, NULL);
2512  if (!ok) {
2513  log_warn(LD_DIR, "Bad element '%s' in %s",
2514  escaped(param_str), param_name);
2515  value = default_value;
2516  }
2517  } else {
2518  log_warn(LD_DIR, "Bad element '%s' in %s",
2519  escaped(param_str), param_name);
2520  value = default_value;
2521  }
2522  }
2523 
2524  return value;
2525 }
2526 
2527 /** Given a list of networkstatus_t for each vote, return a newly allocated
2528  * string containing the "package" lines for the vote. */
2529 STATIC char *
2531 {
2532  const int n_votes = smartlist_len(votes);
2533 
2534  /* This will be a map from "packagename version" strings to arrays
2535  * of const char *, with the i'th member of the array corresponding to the
2536  * package line from the i'th vote.
2537  */
2538  strmap_t *package_status = strmap_new();
2539 
2541  if (! v->package_lines)
2542  continue;
2543  SMARTLIST_FOREACH_BEGIN(v->package_lines, const char *, line) {
2545  continue;
2546 
2547  /* Skip 'cp' to the second space in the line. */
2548  const char *cp = strchr(line, ' ');
2549  if (!cp) continue;
2550  ++cp;
2551  cp = strchr(cp, ' ');
2552  if (!cp) continue;
2553 
2554  char *key = tor_strndup(line, cp - line);
2555 
2556  const char **status = strmap_get(package_status, key);
2557  if (!status) {
2558  status = tor_calloc(n_votes, sizeof(const char *));
2559  strmap_set(package_status, key, status);
2560  }
2561  status[v_sl_idx] = line; /* overwrite old value */
2562  tor_free(key);
2563  } SMARTLIST_FOREACH_END(line);
2564  } SMARTLIST_FOREACH_END(v);
2565 
2566  smartlist_t *entries = smartlist_new(); /* temporary */
2567  smartlist_t *result_list = smartlist_new(); /* output */
2568  STRMAP_FOREACH(package_status, key, const char **, values) {
2569  int i, count=-1;
2570  for (i = 0; i < n_votes; ++i) {
2571  if (values[i])
2572  smartlist_add(entries, (void*) values[i]);
2573  }
2574  smartlist_sort_strings(entries);
2575  int n_voting_for_entry = smartlist_len(entries);
2576  const char *most_frequent =
2577  smartlist_get_most_frequent_string_(entries, &count);
2578 
2579  if (n_voting_for_entry >= 3 && count > n_voting_for_entry / 2) {
2580  smartlist_add_asprintf(result_list, "package %s\n", most_frequent);
2581  }
2582 
2583  smartlist_clear(entries);
2584 
2585  } STRMAP_FOREACH_END;
2586 
2587  smartlist_sort_strings(result_list);
2588 
2589  char *result = smartlist_join_strings(result_list, "", 0, NULL);
2590 
2591  SMARTLIST_FOREACH(result_list, char *, cp, tor_free(cp));
2592  smartlist_free(result_list);
2593  smartlist_free(entries);
2594  strmap_free(package_status, tor_free_);
2595 
2596  return result;
2597 }
2598 
2599 /** Given a consensus vote <b>target</b> and a set of detached signatures in
2600  * <b>sigs</b> that correspond to the same consensus, check whether there are
2601  * any new signatures in <b>src_voter_list</b> that should be added to
2602  * <b>target</b>. (A signature should be added if we have no signature for that
2603  * voter in <b>target</b> yet, or if we have no verifiable signature and the
2604  * new signature is verifiable.)
2605  *
2606  * Return the number of signatures added or changed, or -1 if the document
2607  * signatures are invalid. Sets *<b>msg_out</b> to a string constant
2608  * describing the signature status.
2609  */
2610 STATIC int
2613  const char *source,
2614  int severity,
2615  const char **msg_out)
2616 {
2617  int r = 0;
2618  const char *flavor;
2619  smartlist_t *siglist;
2620  tor_assert(sigs);
2621  tor_assert(target);
2622  tor_assert(target->type == NS_TYPE_CONSENSUS);
2623 
2624  flavor = networkstatus_get_flavor_name(target->flavor);
2625 
2626  /* Do the times seem right? */
2627  if (target->valid_after != sigs->valid_after) {
2628  *msg_out = "Valid-After times do not match "
2629  "when adding detached signatures to consensus";
2630  return -1;
2631  }
2632  if (target->fresh_until != sigs->fresh_until) {
2633  *msg_out = "Fresh-until times do not match "
2634  "when adding detached signatures to consensus";
2635  return -1;
2636  }
2637  if (target->valid_until != sigs->valid_until) {
2638  *msg_out = "Valid-until times do not match "
2639  "when adding detached signatures to consensus";
2640  return -1;
2641  }
2642  siglist = strmap_get(sigs->signatures, flavor);
2643  if (!siglist) {
2644  *msg_out = "No signatures for given consensus flavor";
2645  return -1;
2646  }
2647 
2648  /** Make sure all the digests we know match, and at least one matches. */
2649  {
2650  common_digests_t *digests = strmap_get(sigs->digests, flavor);
2651  int n_matches = 0;
2652  int alg;
2653  if (!digests) {
2654  *msg_out = "No digests for given consensus flavor";
2655  return -1;
2656  }
2657  for (alg = DIGEST_SHA1; alg < N_COMMON_DIGEST_ALGORITHMS; ++alg) {
2658  if (!fast_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
2659  if (fast_memeq(target->digests.d[alg], digests->d[alg],
2660  DIGEST256_LEN)) {
2661  ++n_matches;
2662  } else {
2663  *msg_out = "Mismatched digest.";
2664  return -1;
2665  }
2666  }
2667  }
2668  if (!n_matches) {
2669  *msg_out = "No recognized digests for given consensus flavor";
2670  }
2671  }
2672 
2673  /* For each voter in src... */
2675  char voter_identity[HEX_DIGEST_LEN+1];
2676  networkstatus_voter_info_t *target_voter =
2677  networkstatus_get_voter_by_id(target, sig->identity_digest);
2678  authority_cert_t *cert = NULL;
2679  const char *algorithm;
2680  document_signature_t *old_sig = NULL;
2681 
2682  algorithm = crypto_digest_algorithm_get_name(sig->alg);
2683 
2684  base16_encode(voter_identity, sizeof(voter_identity),
2685  sig->identity_digest, DIGEST_LEN);
2686  log_info(LD_DIR, "Looking at signature from %s using %s", voter_identity,
2687  algorithm);
2688  /* If the target doesn't know about this voter, then forget it. */
2689  if (!target_voter) {
2690  log_info(LD_DIR, "We do not know any voter with ID %s", voter_identity);
2691  continue;
2692  }
2693 
2694  old_sig = networkstatus_get_voter_sig_by_alg(target_voter, sig->alg);
2695 
2696  /* If the target already has a good signature from this voter, then skip
2697  * this one. */
2698  if (old_sig && old_sig->good_signature) {
2699  log_info(LD_DIR, "We already have a good signature from %s using %s",
2700  voter_identity, algorithm);
2701  continue;
2702  }
2703 
2704  /* Try checking the signature if we haven't already. */
2705  if (!sig->good_signature && !sig->bad_signature) {
2706  cert = authority_cert_get_by_digests(sig->identity_digest,
2707  sig->signing_key_digest);
2708  if (cert) {
2709  /* Not checking the return value here, since we are going to look
2710  * at the status of sig->good_signature in a moment. */
2711  (void) networkstatus_check_document_signature(target, sig, cert);
2712  }
2713  }
2714 
2715  /* If this signature is good, or we don't have any signature yet,
2716  * then maybe add it. */
2717  if (sig->good_signature || !old_sig || old_sig->bad_signature) {
2718  log_info(LD_DIR, "Adding signature from %s with %s", voter_identity,
2719  algorithm);
2720  tor_log(severity, LD_DIR, "Added a signature for %s from %s.",
2721  target_voter->nickname, source);
2722  ++r;
2723  if (old_sig) {
2724  smartlist_remove(target_voter->sigs, old_sig);
2725  document_signature_free(old_sig);
2726  }
2727  smartlist_add(target_voter->sigs, document_signature_dup(sig));
2728  } else {
2729  log_info(LD_DIR, "Not adding signature from %s", voter_identity);
2730  }
2731  } SMARTLIST_FOREACH_END(sig);
2732 
2733  return r;
2734 }
2735 
2736 /** Return a newly allocated string containing all the signatures on
2737  * <b>consensus</b> by all voters. If <b>for_detached_signatures</b> is true,
2738  * then the signatures will be put in a detached signatures document, so
2739  * prefix any non-NS-flavored signatures with "additional-signature" rather
2740  * than "directory-signature". */
2741 static char *
2743  int for_detached_signatures)
2744 {
2745  smartlist_t *elements;
2746  char buf[4096];
2747  char *result = NULL;
2748  int n_sigs = 0;
2749  const consensus_flavor_t flavor = consensus->flavor;
2750  const char *flavor_name = networkstatus_get_flavor_name(flavor);
2751  const char *keyword;
2752 
2753  if (for_detached_signatures && flavor != FLAV_NS)
2754  keyword = "additional-signature";
2755  else
2756  keyword = "directory-signature";
2757 
2758  elements = smartlist_new();
2759 
2762  char sk[HEX_DIGEST_LEN+1];
2763  char id[HEX_DIGEST_LEN+1];
2764  if (!sig->signature || sig->bad_signature)
2765  continue;
2766  ++n_sigs;
2767  base16_encode(sk, sizeof(sk), sig->signing_key_digest, DIGEST_LEN);
2768  base16_encode(id, sizeof(id), sig->identity_digest, DIGEST_LEN);
2769  if (flavor == FLAV_NS) {
2770  smartlist_add_asprintf(elements,
2771  "%s %s %s\n-----BEGIN SIGNATURE-----\n",
2772  keyword, id, sk);
2773  } else {
2774  const char *digest_name =
2776  smartlist_add_asprintf(elements,
2777  "%s%s%s %s %s %s\n-----BEGIN SIGNATURE-----\n",
2778  keyword,
2779  for_detached_signatures ? " " : "",
2780  for_detached_signatures ? flavor_name : "",
2781  digest_name, id, sk);
2782  }
2783  base64_encode(buf, sizeof(buf), sig->signature, sig->signature_len,
2784  BASE64_ENCODE_MULTILINE);
2785  strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf));
2786  smartlist_add_strdup(elements, buf);
2787  } SMARTLIST_FOREACH_END(sig);
2788  } SMARTLIST_FOREACH_END(v);
2789 
2790  result = smartlist_join_strings(elements, "", 0, NULL);
2791  SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
2792  smartlist_free(elements);
2793  if (!n_sigs)
2794  tor_free(result);
2795  return result;
2796 }
2797 
2798 /** Return a newly allocated string holding the detached-signatures document
2799  * corresponding to the signatures on <b>consensuses</b>, which must contain
2800  * exactly one FLAV_NS consensus, and no more than one consensus for each
2801  * other flavor. */
2802 STATIC char *
2804 {
2805  smartlist_t *elements;
2806  char *result = NULL, *sigs = NULL;
2807  networkstatus_t *consensus_ns = NULL;
2808  tor_assert(consensuses);
2809 
2810  SMARTLIST_FOREACH(consensuses, networkstatus_t *, ns, {
2811  tor_assert(ns);
2812  tor_assert(ns->type == NS_TYPE_CONSENSUS);
2813  if (ns && ns->flavor == FLAV_NS)
2814  consensus_ns = ns;
2815  });
2816  if (!consensus_ns) {
2817  log_warn(LD_BUG, "No NS consensus given.");
2818  return NULL;
2819  }
2820 
2821  elements = smartlist_new();
2822 
2823  {
2824  char va_buf[ISO_TIME_LEN+1], fu_buf[ISO_TIME_LEN+1],
2825  vu_buf[ISO_TIME_LEN+1];
2826  char d[HEX_DIGEST_LEN+1];
2827 
2828  base16_encode(d, sizeof(d),
2829  consensus_ns->digests.d[DIGEST_SHA1], DIGEST_LEN);
2830  format_iso_time(va_buf, consensus_ns->valid_after);
2831  format_iso_time(fu_buf, consensus_ns->fresh_until);
2832  format_iso_time(vu_buf, consensus_ns->valid_until);
2833 
2834  smartlist_add_asprintf(elements,
2835  "consensus-digest %s\n"
2836  "valid-after %s\n"
2837  "fresh-until %s\n"
2838  "valid-until %s\n", d, va_buf, fu_buf, vu_buf);
2839  }
2840 
2841  /* Get all the digests for the non-FLAV_NS consensuses */
2842  SMARTLIST_FOREACH_BEGIN(consensuses, networkstatus_t *, ns) {
2843  const char *flavor_name = networkstatus_get_flavor_name(ns->flavor);
2844  int alg;
2845  if (ns->flavor == FLAV_NS)
2846  continue;
2847 
2848  /* start with SHA256; we don't include SHA1 for anything but the basic
2849  * consensus. */
2850  for (alg = DIGEST_SHA256; alg < N_COMMON_DIGEST_ALGORITHMS; ++alg) {
2851  char d[HEX_DIGEST256_LEN+1];
2852  const char *alg_name =
2854  if (fast_mem_is_zero(ns->digests.d[alg], DIGEST256_LEN))
2855  continue;
2856  base16_encode(d, sizeof(d), ns->digests.d[alg], DIGEST256_LEN);
2857  smartlist_add_asprintf(elements, "additional-digest %s %s %s\n",
2858  flavor_name, alg_name, d);
2859  }
2860  } SMARTLIST_FOREACH_END(ns);
2861 
2862  /* Now get all the sigs for non-FLAV_NS consensuses */
2863  SMARTLIST_FOREACH_BEGIN(consensuses, networkstatus_t *, ns) {
2864  char *sigs_on_this_consensus;
2865  if (ns->flavor == FLAV_NS)
2866  continue;
2867  sigs_on_this_consensus = networkstatus_format_signatures(ns, 1);
2868  if (!sigs_on_this_consensus) {
2869  log_warn(LD_DIR, "Couldn't format signatures");
2870  goto err;
2871  }
2872  smartlist_add(elements, sigs_on_this_consensus);
2873  } SMARTLIST_FOREACH_END(ns);
2874 
2875  /* Now add the FLAV_NS consensus signatrures. */
2876  sigs = networkstatus_format_signatures(consensus_ns, 1);
2877  if (!sigs)
2878  goto err;
2879  smartlist_add(elements, sigs);
2880 
2881  result = smartlist_join_strings(elements, "", 0, NULL);
2882  err:
2883  SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
2884  smartlist_free(elements);
2885  return result;
2886 }
2887 
2888 /** Return a newly allocated string holding a detached-signatures document for
2889  * all of the in-progress consensuses in the <b>n_flavors</b>-element array at
2890  * <b>pending</b>. */
2891 static char *
2893  int n_flavors)
2894 {
2895  int flav;
2896  char *signatures;
2897  smartlist_t *c = smartlist_new();
2898  for (flav = 0; flav < n_flavors; ++flav) {
2899  if (pending[flav].consensus)
2900  smartlist_add(c, pending[flav].consensus);
2901  }
2902  signatures = networkstatus_get_detached_signatures(c);
2903  smartlist_free(c);
2904  return signatures;
2905 }
2906 
2907 /**
2908  * Entry point: Take whatever voting actions are pending as of <b>now</b>.
2909  *
2910  * Return the time at which the next action should be taken.
2911  */
2912 time_t
2913 dirvote_act(const or_options_t *options, time_t now)
2914 {
2915  if (!authdir_mode_v3(options))
2916  return TIME_MAX;
2917  tor_assert_nonfatal(voting_schedule.voting_starts);
2918  /* If we haven't initialized this object through this codeflow, we need to
2919  * recalculate the timings to match our vote. The reason to do that is if we
2920  * have a voting schedule initialized 1 minute ago, the voting timings might
2921  * not be aligned to what we should expect with "now". This is especially
2922  * true for TestingTorNetwork using smaller timings. */
2923  if (voting_schedule.created_on_demand) {
2924  char *keys = list_v3_auth_ids();
2926  log_notice(LD_DIR, "Scheduling voting. Known authority IDs are %s. "
2927  "Mine is %s.",
2929  tor_free(keys);
2930  dirauth_sched_recalculate_timing(options, now);
2931  }
2932 
2933 #define IF_TIME_FOR_NEXT_ACTION(when_field, done_field) \
2934  if (! voting_schedule.done_field) { \
2935  if (voting_schedule.when_field > now) { \
2936  return voting_schedule.when_field; \
2937  } else {
2938 #define ENDIF \
2939  } \
2940  }
2941 
2942  IF_TIME_FOR_NEXT_ACTION(voting_starts, have_voted) {
2943  log_notice(LD_DIR, "Time to vote.");
2945  voting_schedule.have_voted = 1;
2946  } ENDIF
2947  IF_TIME_FOR_NEXT_ACTION(fetch_missing_votes, have_fetched_missing_votes) {
2948  log_notice(LD_DIR, "Time to fetch any votes that we're missing.");
2950  voting_schedule.have_fetched_missing_votes = 1;
2951  } ENDIF
2952  IF_TIME_FOR_NEXT_ACTION(voting_ends, have_built_consensus) {
2953  log_notice(LD_DIR, "Time to compute a consensus.");
2955  /* XXXX We will want to try again later if we haven't got enough
2956  * votes yet. Implement this if it turns out to ever happen. */
2957  voting_schedule.have_built_consensus = 1;
2958  } ENDIF
2959  IF_TIME_FOR_NEXT_ACTION(fetch_missing_signatures,
2960  have_fetched_missing_signatures) {
2961  log_notice(LD_DIR, "Time to fetch any signatures that we're missing.");
2963  voting_schedule.have_fetched_missing_signatures = 1;
2964  } ENDIF
2965  IF_TIME_FOR_NEXT_ACTION(interval_starts,
2966  have_published_consensus) {
2967  log_notice(LD_DIR, "Time to publish the consensus and discard old votes");
2970  voting_schedule.have_published_consensus = 1;
2971  /* Update our shared random state with the consensus just published. */
2974  /* XXXX We will want to try again later if we haven't got enough
2975  * signatures yet. Implement this if it turns out to ever happen. */
2976  dirauth_sched_recalculate_timing(options, now);
2977  return voting_schedule.voting_starts;
2978  } ENDIF
2979 
2981  return now + 1;
2982 
2983 #undef ENDIF
2984 #undef IF_TIME_FOR_NEXT_ACTION
2985 }
2986 
2987 /** A vote networkstatus_t and its unparsed body: held around so we can
2988  * use it to generate a consensus (at voting_ends) and so we can serve it to
2989  * other authorities that might want it. */
2990 typedef struct pending_vote_t {
2991  cached_dir_t *vote_body;
2992  networkstatus_t *vote;
2993 } pending_vote_t;
2994 
2995 /** List of pending_vote_t for the current vote. Before we've used them to
2996  * build a consensus, the votes go here. */
2998 /** List of pending_vote_t for the previous vote. After we've used them to
2999  * build a consensus, the votes go here for the next period. */
3001 
3002 /* DOCDOC pending_consensuses */
3003 static pending_consensus_t pending_consensuses[N_CONSENSUS_FLAVORS];
3004 
3005 /** The detached signatures for the consensus that we're currently
3006  * building. */
3007 static char *pending_consensus_signatures = NULL;
3008 
3009 /** List of ns_detached_signatures_t: hold signatures that get posted to us
3010  * before we have generated the consensus on our own. */
3012 
3013 /** Generate a networkstatus vote and post it to all the v3 authorities.
3014  * (V3 Authority only) */
3015 static int
3017 {
3020  networkstatus_t *ns;
3021  char *contents;
3022  pending_vote_t *pending_vote;
3023  time_t now = time(NULL);
3024 
3025  int status;
3026  const char *msg = "";
3027 
3028  if (!cert || !key) {
3029  log_warn(LD_NET, "Didn't find key/certificate to generate v3 vote");
3030  return -1;
3031  } else if (cert->expires < now) {
3032  log_warn(LD_NET, "Can't generate v3 vote with expired certificate");
3033  return -1;
3034  }
3035  if (!(ns = dirserv_generate_networkstatus_vote_obj(key, cert)))
3036  return -1;
3037 
3038  contents = format_networkstatus_vote(key, ns);
3039  networkstatus_vote_free(ns);
3040  if (!contents)
3041  return -1;
3042 
3043  pending_vote = dirvote_add_vote(contents, 0, "self", &msg, &status);
3044  tor_free(contents);
3045  if (!pending_vote) {
3046  log_warn(LD_DIR, "Couldn't store my own vote! (I told myself, '%s'.)",
3047  msg);
3048  return -1;
3049  }
3050 
3053  V3_DIRINFO,
3054  pending_vote->vote_body->dir,
3055  pending_vote->vote_body->dir_len, 0);
3056  log_notice(LD_DIR, "Vote posted.");
3057  return 0;
3058 }
3059 
3060 /** Send an HTTP request to every other v3 authority, for the votes of every
3061  * authority for which we haven't received a vote yet in this period. (V3
3062  * authority only) */
3063 static void
3065 {
3066  smartlist_t *missing_fps = smartlist_new();
3067  char *resource;
3068 
3069  SMARTLIST_FOREACH_BEGIN(router_get_trusted_dir_servers(),
3070  dir_server_t *, ds) {
3071  if (!(ds->type & V3_DIRINFO))
3072  continue;
3073  if (!dirvote_get_vote(ds->v3_identity_digest,
3074  DGV_BY_ID|DGV_INCLUDE_PENDING)) {
3075  char *cp = tor_malloc(HEX_DIGEST_LEN+1);
3076  base16_encode(cp, HEX_DIGEST_LEN+1, ds->v3_identity_digest,
3077  DIGEST_LEN);
3078  smartlist_add(missing_fps, cp);
3079  }
3080  } SMARTLIST_FOREACH_END(ds);
3081 
3082  if (!smartlist_len(missing_fps)) {
3083  smartlist_free(missing_fps);
3084  return;
3085  }
3086  {
3087  char *tmp = smartlist_join_strings(missing_fps, " ", 0, NULL);
3088  log_notice(LOG_NOTICE, "We're missing votes from %d authorities (%s). "
3089  "Asking every other authority for a copy.",
3090  smartlist_len(missing_fps), tmp);
3091  tor_free(tmp);
3092  }
3093  resource = smartlist_join_strings(missing_fps, "+", 0, NULL);
3095  0, resource);
3096  tor_free(resource);
3097  SMARTLIST_FOREACH(missing_fps, char *, cp, tor_free(cp));
3098  smartlist_free(missing_fps);
3099 }
3100 
3101 /** Send a request to every other authority for its detached signatures,
3102  * unless we have signatures from all other v3 authorities already. */
3103 static void
3105 {
3106  int need_any = 0;
3107  int i;
3108  for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
3109  networkstatus_t *consensus = pending_consensuses[i].consensus;
3110  if (!consensus ||
3111  networkstatus_check_consensus_signature(consensus, -1) == 1) {
3112  /* We have no consensus, or we have one that's signed by everybody. */
3113  continue;
3114  }
3115  need_any = 1;
3116  }
3117  if (!need_any)
3118  return;
3119 
3121  0, NULL);
3122 }
3123 
3124 /** Release all storage held by pending consensuses (those waiting for
3125  * signatures). */
3126 static void
3128 {
3129  int i;
3130  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3131  pending_consensus_t *pc = &pending_consensuses[i];
3132  tor_free(pc->body);
3133 
3134  networkstatus_vote_free(pc->consensus);
3135  pc->consensus = NULL;
3136  }
3137 }
3138 
3139 /** Drop all currently pending votes, consensus, and detached signatures. */
3140 static void
3141 dirvote_clear_votes(int all_votes)
3142 {
3143  if (!previous_vote_list)
3145  if (!pending_vote_list)
3147 
3148  /* All "previous" votes are now junk. */
3150  cached_dir_decref(v->vote_body);
3151  v->vote_body = NULL;
3152  networkstatus_vote_free(v->vote);
3153  tor_free(v);
3154  });
3156 
3157  if (all_votes) {
3158  /* If we're dumping all the votes, we delete the pending ones. */
3160  cached_dir_decref(v->vote_body);
3161  v->vote_body = NULL;
3162  networkstatus_vote_free(v->vote);
3163  tor_free(v);
3164  });
3165  } else {
3166  /* Otherwise, we move them into "previous". */
3168  }
3170 
3173  tor_free(cp));
3175  }
3178 }
3179 
3180 /** Return a newly allocated string containing the hex-encoded v3 authority
3181  identity digest of every recognized v3 authority. */
3182 static char *
3184 {
3185  smartlist_t *known_v3_keys = smartlist_new();
3186  char *keys;
3187  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
3188  dir_server_t *, ds,
3189  if ((ds->type & V3_DIRINFO) &&
3190  !tor_digest_is_zero(ds->v3_identity_digest))
3191  smartlist_add(known_v3_keys,
3192  tor_strdup(hex_str(ds->v3_identity_digest, DIGEST_LEN))));
3193  keys = smartlist_join_strings(known_v3_keys, ", ", 0, NULL);
3194  SMARTLIST_FOREACH(known_v3_keys, char *, cp, tor_free(cp));
3195  smartlist_free(known_v3_keys);
3196  return keys;
3197 }
3198 
3199 /* Check the voter information <b>vi</b>, and assert that at least one
3200  * signature is good. Asserts on failure. */
3201 static void
3202 assert_any_sig_good(const networkstatus_voter_info_t *vi)
3203 {
3204  int any_sig_good = 0;
3206  if (sig->good_signature)
3207  any_sig_good = 1);
3208  tor_assert(any_sig_good);
3209 }
3210 
3211 /* Add <b>cert</b> to our list of known authority certificates. */
3212 static void
3213 add_new_cert_if_needed(const struct authority_cert_t *cert)
3214 {
3215  tor_assert(cert);
3217  cert->signing_key_digest)) {
3218  /* Hey, it's a new cert! */
3221  TRUSTED_DIRS_CERTS_SRC_FROM_VOTE, 1 /*flush*/,
3222  NULL);
3224  cert->signing_key_digest)) {
3225  log_warn(LD_BUG, "We added a cert, but still couldn't find it.");
3226  }
3227  }
3228 }
3229 
3230 /** Called when we have received a networkstatus vote in <b>vote_body</b>.
3231  * Parse and validate it, and on success store it as a pending vote (which we
3232  * then return). Return NULL on failure. Sets *<b>msg_out</b> and
3233  * *<b>status_out</b> to an HTTP response and status code. (V3 authority
3234  * only) */
3236 dirvote_add_vote(const char *vote_body, time_t time_posted,
3237  const char *where_from,
3238  const char **msg_out, int *status_out)
3239 {
3240  networkstatus_t *vote;
3242  dir_server_t *ds;
3243  pending_vote_t *pending_vote = NULL;
3244  const char *end_of_vote = NULL;
3245  int any_failed = 0;
3246  tor_assert(vote_body);
3247  tor_assert(msg_out);
3248  tor_assert(status_out);
3249 
3250  if (!pending_vote_list)
3252  *status_out = 0;
3253  *msg_out = NULL;
3254 
3255  again:
3256  vote = networkstatus_parse_vote_from_string(vote_body, strlen(vote_body),
3257  &end_of_vote,
3258  NS_TYPE_VOTE);
3259  if (!end_of_vote)
3260  end_of_vote = vote_body + strlen(vote_body);
3261  if (!vote) {
3262  log_warn(LD_DIR, "Couldn't parse vote: length was %d",
3263  (int)strlen(vote_body));
3264  *msg_out = "Unable to parse vote";
3265  goto err;
3266  }
3267  tor_assert(smartlist_len(vote->voters) == 1);
3268  vi = get_voter(vote);
3269  assert_any_sig_good(vi);
3271  if (!ds) {
3272  char *keys = list_v3_auth_ids();
3273  log_warn(LD_DIR, "Got a vote from an authority (nickname %s, address %s) "
3274  "with authority key ID %s. "
3275  "This key ID is not recognized. Known v3 key IDs are: %s",
3276  vi->nickname, vi->address,
3277  hex_str(vi->identity_digest, DIGEST_LEN), keys);
3278  tor_free(keys);
3279  *msg_out = "Vote not from a recognized v3 authority";
3280  goto err;
3281  }
3282  add_new_cert_if_needed(vote->cert);
3283 
3284  /* Is it for the right period? */
3285  if (vote->valid_after != voting_schedule.interval_starts) {
3286  char tbuf1[ISO_TIME_LEN+1], tbuf2[ISO_TIME_LEN+1];
3287  format_iso_time(tbuf1, vote->valid_after);
3288  format_iso_time(tbuf2, voting_schedule.interval_starts);
3289  log_warn(LD_DIR, "Rejecting vote from %s with valid-after time of %s; "
3290  "we were expecting %s", vi->address, tbuf1, tbuf2);
3291  *msg_out = "Bad valid-after time";
3292  goto err;
3293  }
3294 
3295  if (time_posted) { /* they sent it to me via a POST */
3296  log_notice(LD_DIR, "%s posted a vote to me from %s.",
3297  vi->nickname, where_from);
3298  } else { /* I imported this one myself */
3299  log_notice(LD_DIR, "Retrieved %s's vote from %s.",
3300  vi->nickname, where_from);
3301  }
3302 
3303  /* Check if we received it, as a post, after the cutoff when we
3304  * start asking other dir auths for it. If we do, the best plan
3305  * is to discard it, because using it greatly increases the chances
3306  * of a split vote for this round (some dir auths got it in time,
3307  * some didn't). */
3308  if (time_posted && time_posted > voting_schedule.fetch_missing_votes) {
3309  char tbuf1[ISO_TIME_LEN+1], tbuf2[ISO_TIME_LEN+1];
3310  format_iso_time(tbuf1, time_posted);
3311  format_iso_time(tbuf2, voting_schedule.fetch_missing_votes);
3312  log_warn(LD_DIR, "Rejecting %s's posted vote from %s received at %s; "
3313  "our cutoff for received votes is %s. Check your clock, "
3314  "CPU load, and network load. Also check the authority that "
3315  "posted the vote.", vi->nickname, vi->address, tbuf1, tbuf2);
3316  *msg_out = "Posted vote received too late, would be dangerous to count it";
3317  goto err;
3318  }
3319 
3320  /* Fetch any new router descriptors we just learned about */
3321  update_consensus_router_descriptor_downloads(time(NULL), 1, vote);
3322 
3323  /* Now see whether we already have a vote from this authority. */
3325  if (fast_memeq(v->vote->cert->cache_info.identity_digest,
3327  DIGEST_LEN)) {
3328  networkstatus_voter_info_t *vi_old = get_voter(v->vote);
3329  if (fast_memeq(vi_old->vote_digest, vi->vote_digest, DIGEST_LEN)) {
3330  /* Ah, it's the same vote. Not a problem. */
3331  log_notice(LD_DIR, "Discarding a vote we already have (from %s).",
3332  vi->address);
3333  if (*status_out < 200)
3334  *status_out = 200;
3335  goto discard;
3336  } else if (v->vote->published < vote->published) {
3337  log_notice(LD_DIR, "Replacing an older pending vote from this "
3338  "directory (%s)", vi->address);
3339  cached_dir_decref(v->vote_body);
3340  networkstatus_vote_free(v->vote);
3341  v->vote_body = new_cached_dir(tor_strndup(vote_body,
3342  end_of_vote-vote_body),
3343  vote->published);
3344  v->vote = vote;
3345  if (end_of_vote &&
3346  !strcmpstart(end_of_vote, "network-status-version"))
3347  goto again;
3348 
3349  if (*status_out < 200)
3350  *status_out = 200;
3351  if (!*msg_out)
3352  *msg_out = "OK";
3353  return v;
3354  } else {
3355  log_notice(LD_DIR, "Discarding vote from %s because we have "
3356  "a newer one already.", vi->address);
3357  *msg_out = "Already have a newer pending vote";
3358  goto err;
3359  }
3360  }
3361  } SMARTLIST_FOREACH_END(v);
3362 
3363  /* This a valid vote, update our shared random state. */
3364  sr_handle_received_commits(vote->sr_info.commits,
3365  vote->cert->identity_key);
3366 
3367  pending_vote = tor_malloc_zero(sizeof(pending_vote_t));
3368  pending_vote->vote_body = new_cached_dir(tor_strndup(vote_body,
3369  end_of_vote-vote_body),
3370  vote->published);
3371  pending_vote->vote = vote;
3372  smartlist_add(pending_vote_list, pending_vote);
3373 
3374  if (!strcmpstart(end_of_vote, "network-status-version ")) {
3375  vote_body = end_of_vote;
3376  goto again;
3377  }
3378 
3379  goto done;
3380 
3381  err:
3382  any_failed = 1;
3383  if (!*msg_out)
3384  *msg_out = "Error adding vote";
3385  if (*status_out < 400)
3386  *status_out = 400;
3387 
3388  discard:
3389  networkstatus_vote_free(vote);
3390 
3391  if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version ")) {
3392  vote_body = end_of_vote;
3393  goto again;
3394  }
3395 
3396  done:
3397 
3398  if (*status_out < 200)
3399  *status_out = 200;
3400  if (!*msg_out) {
3401  if (!any_failed && !pending_vote) {
3402  *msg_out = "Duplicate discarded";
3403  } else {
3404  *msg_out = "ok";
3405  }
3406  }
3407 
3408  return any_failed ? NULL : pending_vote;
3409 }
3410 
3411 /* Write the votes in <b>pending_vote_list</b> to disk. */
3412 static void
3413 write_v3_votes_to_disk(const smartlist_t *pending_votes)
3414 {
3415  smartlist_t *votestrings = smartlist_new();
3416  char *votefile = NULL;
3417 
3418  SMARTLIST_FOREACH(pending_votes, pending_vote_t *, v,
3419  {
3420  sized_chunk_t *c = tor_malloc(sizeof(sized_chunk_t));
3421  c->bytes = v->vote_body->dir;
3422  c->len = v->vote_body->dir_len;
3423  smartlist_add(votestrings, c); /* collect strings to write to disk */
3424  });
3425 
3426  votefile = get_datadir_fname("v3-status-votes");
3427  write_chunks_to_file(votefile, votestrings, 0, 0);
3428  log_debug(LD_DIR, "Wrote votes to disk (%s)!", votefile);
3429 
3430  tor_free(votefile);
3431  SMARTLIST_FOREACH(votestrings, sized_chunk_t *, c, tor_free(c));
3432  smartlist_free(votestrings);
3433 }
3434 
3435 /** Try to compute a v3 networkstatus consensus from the currently pending
3436  * votes. Return 0 on success, -1 on failure. Store the consensus in
3437  * pending_consensus: it won't be ready to be published until we have
3438  * everybody else's signatures collected too. (V3 Authority only) */
3439 static int
3441 {
3442  /* Have we got enough votes to try? */
3443  int n_votes, n_voters, n_vote_running = 0;
3444  smartlist_t *votes = NULL;
3445  char *consensus_body = NULL, *signatures = NULL;
3446  networkstatus_t *consensus = NULL;
3447  authority_cert_t *my_cert;
3449  int flav;
3450 
3451  memset(pending, 0, sizeof(pending));
3452 
3453  if (!pending_vote_list)
3455 
3456  /* Write votes to disk */
3457  write_v3_votes_to_disk(pending_vote_list);
3458 
3459  /* Setup votes smartlist */
3460  votes = smartlist_new();
3462  {
3463  smartlist_add(votes, v->vote); /* collect votes to compute consensus */
3464  });
3465 
3466  /* See if consensus managed to achieve majority */
3467  n_voters = get_n_authorities(V3_DIRINFO);
3468  n_votes = smartlist_len(pending_vote_list);
3469  if (n_votes <= n_voters/2) {
3470  log_warn(LD_DIR, "We don't have enough votes to generate a consensus: "
3471  "%d of %d", n_votes, n_voters/2+1);
3472  goto err;
3473  }
3476  if (smartlist_contains_string(v->vote->known_flags, "Running"))
3477  n_vote_running++;
3478  });
3479  if (!n_vote_running) {
3480  /* See task 1066. */
3481  log_warn(LD_DIR, "Nobody has voted on the Running flag. Generating "
3482  "and publishing a consensus without Running nodes "
3483  "would make many clients stop working. Not "
3484  "generating a consensus!");
3485  goto err;
3486  }
3487 
3488  if (!(my_cert = get_my_v3_authority_cert())) {
3489  log_warn(LD_DIR, "Can't generate consensus without a certificate.");
3490  goto err;
3491  }
3492 
3493  {
3494  char legacy_dbuf[DIGEST_LEN];
3495  crypto_pk_t *legacy_sign=NULL;
3496  char *legacy_id_digest = NULL;
3497  int n_generated = 0;
3498  if (get_options()->V3AuthUseLegacyKey) {
3500  legacy_sign = get_my_v3_legacy_signing_key();
3501  if (cert) {
3502  if (crypto_pk_get_digest(cert->identity_key, legacy_dbuf)) {
3503  log_warn(LD_BUG,
3504  "Unable to compute digest of legacy v3 identity key");
3505  } else {
3506  legacy_id_digest = legacy_dbuf;
3507  }
3508  }
3509  }
3510 
3511  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
3512  const char *flavor_name = networkstatus_get_flavor_name(flav);
3513  consensus_body = networkstatus_compute_consensus(
3514  votes, n_voters,
3515  my_cert->identity_key,
3516  get_my_v3_authority_signing_key(), legacy_id_digest, legacy_sign,
3517  flav);
3518 
3519  if (!consensus_body) {
3520  log_warn(LD_DIR, "Couldn't generate a %s consensus at all!",
3521  flavor_name);
3522  continue;
3523  }
3524  consensus = networkstatus_parse_vote_from_string(consensus_body,
3525  strlen(consensus_body),
3526  NULL,
3527  NS_TYPE_CONSENSUS);
3528  if (!consensus) {
3529  log_warn(LD_DIR, "Couldn't parse %s consensus we generated!",
3530  flavor_name);
3531  tor_free(consensus_body);
3532  continue;
3533  }
3534 
3535  /* 'Check' our own signature, to mark it valid. */
3537 
3538  pending[flav].body = consensus_body;
3539  pending[flav].consensus = consensus;
3540  n_generated++;
3541 
3542  /* Write it out to disk too, for dir auth debugging purposes */
3543  {
3544  char *filename;
3545  tor_asprintf(&filename, "my-consensus-%s", flavor_name);
3546  write_str_to_file(get_datadir_fname(filename), consensus_body, 0);
3547  tor_free(filename);
3548  }
3549 
3550  consensus_body = NULL;
3551  consensus = NULL;
3552  }
3553  if (!n_generated) {
3554  log_warn(LD_DIR, "Couldn't generate any consensus flavors at all.");
3555  goto err;
3556  }
3557  }
3558 
3560  pending, N_CONSENSUS_FLAVORS);
3561 
3562  if (!signatures) {
3563  log_warn(LD_DIR, "Couldn't extract signatures.");
3564  goto err;
3565  }
3566 
3568  memcpy(pending_consensuses, pending, sizeof(pending));
3569 
3571  pending_consensus_signatures = signatures;
3572 
3574  int n_sigs = 0;
3575  /* we may have gotten signatures for this consensus before we built
3576  * it ourself. Add them now. */
3578  const char *msg = NULL;
3580  "pending", &msg);
3581  if (r >= 0)
3582  n_sigs += r;
3583  else
3584  log_warn(LD_DIR,
3585  "Could not add queued signature to new consensus: %s",
3586  msg);
3587  tor_free(sig);
3588  } SMARTLIST_FOREACH_END(sig);
3589  if (n_sigs)
3590  log_notice(LD_DIR, "Added %d pending signatures while building "
3591  "consensus.", n_sigs);
3593  }
3594 
3595  log_notice(LD_DIR, "Consensus computed; uploading signature(s)");
3596 
3599  V3_DIRINFO,
3601  strlen(pending_consensus_signatures), 0);
3602  log_notice(LD_DIR, "Signature(s) posted.");
3603 
3604  smartlist_free(votes);
3605  return 0;
3606  err:
3607  smartlist_free(votes);
3608  tor_free(consensus_body);
3609  tor_free(signatures);
3610  networkstatus_vote_free(consensus);
3611 
3612  return -1;
3613 }
3614 
3615 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3616  * signatures on the currently pending consensus. Add them to <b>pc</b>
3617  * as appropriate. Return the number of signatures added. (?) */
3618 static int
3620  pending_consensus_t *pc,
3622  const char *source,
3623  int severity,
3624  const char **msg_out)
3625 {
3626  const char *flavor_name;
3627  int r = -1;
3628 
3629  /* Only call if we have a pending consensus right now. */
3630  tor_assert(pc->consensus);
3631  tor_assert(pc->body);
3633 
3634  flavor_name = networkstatus_get_flavor_name(pc->consensus->flavor);
3635  *msg_out = NULL;
3636 
3637  {
3638  smartlist_t *sig_list = strmap_get(sigs->signatures, flavor_name);
3639  log_info(LD_DIR, "Have %d signatures for adding to %s consensus.",
3640  sig_list ? smartlist_len(sig_list) : 0, flavor_name);
3641  }
3643  source, severity, msg_out);
3644  if (r >= 0) {
3645  log_info(LD_DIR,"Added %d signatures to consensus.", r);
3646  } else {
3647  log_fn(LOG_PROTOCOL_WARN, LD_DIR,
3648  "Unable to add signatures to consensus: %s",
3649  *msg_out ? *msg_out : "(unknown)");
3650  }
3651 
3652  if (r >= 1) {
3653  char *new_signatures =
3655  char *dst, *dst_end;
3656  size_t new_consensus_len;
3657  if (!new_signatures) {
3658  *msg_out = "No signatures to add";
3659  goto err;
3660  }
3661  new_consensus_len =
3662  strlen(pc->body) + strlen(new_signatures) + 1;
3663  pc->body = tor_realloc(pc->body, new_consensus_len);
3664  dst_end = pc->body + new_consensus_len;
3665  dst = (char *) find_str_at_start_of_line(pc->body, "directory-signature ");
3666  tor_assert(dst);
3667  strlcpy(dst, new_signatures, dst_end-dst);
3668 
3669  /* We remove this block once it has failed to crash for a while. But
3670  * unless it shows up in profiles, we're probably better leaving it in,
3671  * just in case we break detached signature processing at some point. */
3672  {
3674  pc->body, strlen(pc->body), NULL,
3675  NS_TYPE_CONSENSUS);
3676  tor_assert(v);
3677  networkstatus_vote_free(v);
3678  }
3679  *msg_out = "Signatures added";
3680  tor_free(new_signatures);
3681  } else if (r == 0) {
3682  *msg_out = "Signatures ignored";
3683  } else {
3684  goto err;
3685  }
3686 
3687  goto done;
3688  err:
3689  if (!*msg_out)
3690  *msg_out = "Unrecognized error while adding detached signatures.";
3691  done:
3692  return r;
3693 }
3694 
3695 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3696  * signatures on the currently pending consensus. Add them to the pending
3697  * consensus (if we have one).
3698  *
3699  * Set *<b>msg</b> to a string constant describing the status, regardless of
3700  * success or failure.
3701  *
3702  * Return negative on failure, nonnegative on success. */
3703 static int
3705  const char *detached_signatures_body,
3706  const char *source,
3707  const char **msg_out)
3708 {
3709  int r=0, i, n_added = 0, errors = 0;
3711  tor_assert(detached_signatures_body);
3712  tor_assert(msg_out);
3714 
3716  detached_signatures_body, NULL))) {
3717  *msg_out = "Couldn't parse detached signatures.";
3718  goto err;
3719  }
3720 
3721  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3722  int res;
3723  int severity = i == FLAV_NS ? LOG_NOTICE : LOG_INFO;
3724  pending_consensus_t *pc = &pending_consensuses[i];
3725  if (!pc->consensus)
3726  continue;
3727  res = dirvote_add_signatures_to_pending_consensus(pc, sigs, source,
3728  severity, msg_out);
3729  if (res < 0)
3730  errors++;
3731  else
3732  n_added += res;
3733  }
3734 
3735  if (errors && !n_added) {
3736  r = -1;
3737  goto err;
3738  }
3739 
3740  if (n_added && pending_consensuses[FLAV_NS].consensus) {
3741  char *new_detached =
3743  pending_consensuses, N_CONSENSUS_FLAVORS);
3744  if (new_detached) {
3746  pending_consensus_signatures = new_detached;
3747  }
3748  }
3749 
3750  r = n_added;
3751  goto done;
3752  err:
3753  if (!*msg_out)
3754  *msg_out = "Unrecognized error while adding detached signatures.";
3755  done:
3756  ns_detached_signatures_free(sigs);
3757  /* XXXX NM Check how return is used. We can now have an error *and*
3758  signatures added. */
3759  return r;
3760 }
3761 
3762 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
3763  * signatures on the currently pending consensus. Add them to the pending
3764  * consensus (if we have one); otherwise queue them until we have a
3765  * consensus.
3766  *
3767  * Set *<b>msg</b> to a string constant describing the status, regardless of
3768  * success or failure.
3769  *
3770  * Return negative on failure, nonnegative on success. */
3771 int
3772 dirvote_add_signatures(const char *detached_signatures_body,
3773  const char *source,
3774  const char **msg)
3775 {
3776  if (pending_consensuses[FLAV_NS].consensus) {
3777  log_notice(LD_DIR, "Got a signature from %s. "
3778  "Adding it to the pending consensus.", source);
3780  detached_signatures_body, source, msg);
3781  } else {
3782  log_notice(LD_DIR, "Got a signature from %s. "
3783  "Queuing it for the next consensus.", source);
3787  detached_signatures_body);
3788  *msg = "Signature queued";
3789  return 0;
3790  }
3791 }
3792 
3793 /** Replace the consensus that we're currently serving with the one that we've
3794  * been building. (V3 Authority only) */
3795 static int
3797 {
3798  int i;
3799 
3800  /* Now remember all the other consensuses as if we were a directory cache. */
3801  for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
3802  pending_consensus_t *pending = &pending_consensuses[i];
3803  const char *name;
3805  tor_assert(name);
3806  if (!pending->consensus ||
3808  log_warn(LD_DIR, "Not enough info to publish pending %s consensus",name);
3809  continue;
3810  }
3811 
3813  strlen(pending->body),
3814  name, 0, NULL))
3815  log_warn(LD_DIR, "Error publishing %s consensus", name);
3816  else
3817  log_notice(LD_DIR, "Published %s consensus", name);
3818  }
3819 
3820  return 0;
3821 }
3822 
3823 /** Release all static storage held in dirvote.c */
3824 void
3826 {
3828  /* now empty as a result of dirvote_clear_votes(). */
3829  smartlist_free(pending_vote_list);
3830  pending_vote_list = NULL;
3831  smartlist_free(previous_vote_list);
3832  previous_vote_list = NULL;
3833 
3837  /* now empty as a result of dirvote_clear_votes(). */
3838  smartlist_free(pending_consensus_signature_list);
3840  }
3841 }
3842 
3843 /* ====
3844  * Access to pending items.
3845  * ==== */
3846 
3847 /** Return the body of the consensus that we're currently trying to build. */
3848 MOCK_IMPL(const char *,
3850 {
3851  tor_assert(((int)flav) >= 0 && (int)flav < N_CONSENSUS_FLAVORS);
3852  return pending_consensuses[flav].body;
3853 }
3854 
3855 /** Return the signatures that we know for the consensus that we're currently
3856  * trying to build. */
3857 MOCK_IMPL(const char *,
3859 {
3861 }
3862 
3863 /** Return a given vote specified by <b>fp</b>. If <b>by_id</b>, return the
3864  * vote for the authority with the v3 authority identity key digest <b>fp</b>;
3865  * if <b>by_id</b> is false, return the vote whose digest is <b>fp</b>. If
3866  * <b>fp</b> is NULL, return our own vote. If <b>include_previous</b> is
3867  * false, do not consider any votes for a consensus that's already been built.
3868  * If <b>include_pending</b> is false, do not consider any votes for the
3869  * consensus that's in progress. May return NULL if we have no vote for the
3870  * authority in question. */
3871 const cached_dir_t *
3872 dirvote_get_vote(const char *fp, int flags)
3873 {
3874  int by_id = flags & DGV_BY_ID;
3875  const int include_pending = flags & DGV_INCLUDE_PENDING;
3876  const int include_previous = flags & DGV_INCLUDE_PREVIOUS;
3877 
3879  return NULL;
3880  if (fp == NULL) {
3882  if (c) {
3883  fp = c->cache_info.identity_digest;
3884  by_id = 1;
3885  } else
3886  return NULL;
3887  }
3888  if (by_id) {
3889  if (pending_vote_list && include_pending) {
3891  if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
3892  return pv->vote_body);
3893  }
3894  if (previous_vote_list && include_previous) {
3896  if (fast_memeq(get_voter(pv->vote)->identity_digest, fp, DIGEST_LEN))
3897  return pv->vote_body);
3898  }
3899  } else {
3900  if (pending_vote_list && include_pending) {
3902  if (fast_memeq(pv->vote->digests.d[DIGEST_SHA1], fp, DIGEST_LEN))
3903  return pv->vote_body);
3904  }
3905  if (previous_vote_list && include_previous) {
3907  if (fast_memeq(pv->vote->digests.d[DIGEST_SHA1], fp, DIGEST_LEN))
3908  return pv->vote_body);
3909  }
3910  }
3911  return NULL;
3912 }
3913 
3914 /** Construct and return a new microdescriptor from a routerinfo <b>ri</b>
3915  * according to <b>consensus_method</b>.
3916  **/
3918 dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
3919 {
3920  microdesc_t *result = NULL;
3921  char *key = NULL, *summary = NULL, *family = NULL;
3922  size_t keylen;
3923  smartlist_t *chunks = smartlist_new();
3924  char *output = NULL;
3925  crypto_pk_t *rsa_pubkey = router_get_rsa_onion_pkey(ri->onion_pkey,
3926  ri->onion_pkey_len);
3927 
3928  if (crypto_pk_write_public_key_to_string(rsa_pubkey, &key, &keylen)<0)
3929  goto done;
3930  summary = policy_summarize(ri->exit_policy, AF_INET);
3931  if (ri->declared_family)
3932  family = smartlist_join_strings(ri->declared_family, " ", 0, NULL);
3933 
3934  smartlist_add_asprintf(chunks, "onion-key\n%s", key);
3935 
3936  if (ri->onion_curve25519_pkey) {
3937  char kbuf[CURVE25519_BASE64_PADDED_LEN + 1];
3938  bool add_padding = (consensus_method < MIN_METHOD_FOR_UNPADDED_NTOR_KEY);
3939  curve25519_public_to_base64(kbuf, ri->onion_curve25519_pkey, add_padding);
3940  smartlist_add_asprintf(chunks, "ntor-onion-key %s\n", kbuf);
3941  }
3942 
3943  if (family) {
3944  if (consensus_method < MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS) {
3945  smartlist_add_asprintf(chunks, "family %s\n", family);
3946  } else {
3947  const uint8_t *id = (const uint8_t *)ri->cache_info.identity_digest;
3948  char *canonical_family = nodefamily_canonicalize(family, id, 0);
3949  smartlist_add_asprintf(chunks, "family %s\n", canonical_family);
3950  tor_free(canonical_family);
3951  }
3952  }
3953 
3954  if (summary && strcmp(summary, "reject 1-65535"))
3955  smartlist_add_asprintf(chunks, "p %s\n", summary);
3956 
3957  if (ri->ipv6_exit_policy) {
3958  /* XXXX+++ This doesn't match proposal 208, which says these should
3959  * be taken unchanged from the routerinfo. That's bogosity, IMO:
3960  * the proposal should have said to do this instead.*/
3961  char *p6 = write_short_policy(ri->ipv6_exit_policy);
3962  if (p6 && strcmp(p6, "reject 1-65535"))
3963  smartlist_add_asprintf(chunks, "p6 %s\n", p6);
3964  tor_free(p6);
3965  }
3966 
3967  {
3968  char idbuf[ED25519_BASE64_LEN+1];
3969  const char *keytype;
3970  if (ri->cache_info.signing_key_cert &&
3971  ri->cache_info.signing_key_cert->signing_key_included) {
3972  keytype = "ed25519";
3974  &ri->cache_info.signing_key_cert->signing_key);
3975  } else {
3976  keytype = "rsa1024";
3977  digest_to_base64(idbuf, ri->cache_info.identity_digest);
3978  }
3979  smartlist_add_asprintf(chunks, "id %s %s\n", keytype, idbuf);
3980  }
3981 
3982  output = smartlist_join_strings(chunks, "", 0, NULL);
3983 
3984  {
3986  output+strlen(output), 0,
3987  SAVED_NOWHERE, NULL);
3988  if (smartlist_len(lst) != 1) {
3989  log_warn(LD_DIR, "We generated a microdescriptor we couldn't parse.");
3990  SMARTLIST_FOREACH(lst, microdesc_t *, md, microdesc_free(md));
3991  smartlist_free(lst);
3992  goto done;
3993  }
3994  result = smartlist_get(lst, 0);
3995  smartlist_free(lst);
3996  }
3997 
3998  done:
3999  crypto_pk_free(rsa_pubkey);
4000  tor_free(output);
4001  tor_free(key);
4002  tor_free(summary);
4003  tor_free(family);
4004  if (chunks) {
4005  SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
4006  smartlist_free(chunks);
4007  }
4008  return result;
4009 }
4010 
4011 /** Format the appropriate vote line to describe the microdescriptor <b>md</b>
4012  * in a consensus vote document. Write it into the <b>out_len</b>-byte buffer
4013  * in <b>out</b>. Return -1 on failure and the number of characters written
4014  * on success. */
4015 static ssize_t
4016 dirvote_format_microdesc_vote_line(char *out_buf, size_t out_buf_len,
4017  const microdesc_t *md,
4018  int consensus_method_low,
4019  int consensus_method_high)
4020 {
4021  ssize_t ret = -1;
4022  char d64[BASE64_DIGEST256_LEN+1];
4023  char *microdesc_consensus_methods =
4024  make_consensus_method_list(consensus_method_low,
4025  consensus_method_high,
4026  ",");
4027  tor_assert(microdesc_consensus_methods);
4028 
4029  digest256_to_base64(d64, md->digest);
4030 
4031  if (tor_snprintf(out_buf, out_buf_len, "m %s sha256=%s\n",
4032  microdesc_consensus_methods, d64)<0)
4033  goto out;
4034 
4035  ret = strlen(out_buf);
4036 
4037  out:
4038  tor_free(microdesc_consensus_methods);
4039  return ret;
4040 }
4041 
4042 /** Array of start and end of consensus methods used for supported
4043  microdescriptor formats. */
4044 static const struct consensus_method_range_t {
4045  int low;
4046  int high;
4047 } microdesc_consensus_methods[] = {
4054  {-1, -1}
4055 };
4056 
4057 /** Helper type used when generating the microdescriptor lines in a directory
4058  * vote. */
4059 typedef struct microdesc_vote_line_t {
4060  int low;
4061  int high;
4062  microdesc_t *md;
4063  struct microdesc_vote_line_t *next;
4065 
4066 /** Generate and return a linked list of all the lines that should appear to
4067  * describe a router's microdescriptor versions in a directory vote.
4068  * Add the generated microdescriptors to <b>microdescriptors_out</b>. */
4071  smartlist_t *microdescriptors_out)
4072 {
4073  const struct consensus_method_range_t *cmr;
4074  microdesc_vote_line_t *entries = NULL, *ep;
4075  vote_microdesc_hash_t *result = NULL;
4076 
4077  /* Generate the microdescriptors. */
4078  for (cmr = microdesc_consensus_methods;
4079  cmr->low != -1 && cmr->high != -1;
4080  cmr++) {
4081  microdesc_t *md = dirvote_create_microdescriptor(ri, cmr->low);
4082  if (md) {
4084  tor_malloc_zero(sizeof(microdesc_vote_line_t));
4085  e->md = md;
4086  e->low = cmr->low;
4087  e->high = cmr->high;
4088  e->next = entries;
4089  entries = e;
4090  }
4091  }
4092 
4093  /* Compress adjacent identical ones */
4094  for (ep = entries; ep; ep = ep->next) {
4095  while (ep->next &&
4096  fast_memeq(ep->md->digest, ep->next->md->digest, DIGEST256_LEN) &&
4097  ep->low == ep->next->high + 1) {
4098  microdesc_vote_line_t *next = ep->next;
4099  ep->low = next->low;
4100  microdesc_free(next->md);
4101  ep->next = next->next;
4102  tor_free(next);
4103  }
4104  }
4105 
4106  /* Format them into vote_microdesc_hash_t, and add to microdescriptors_out.*/
4107  while ((ep = entries)) {
4108  char buf[128];
4110  if (dirvote_format_microdesc_vote_line(buf, sizeof(buf), ep->md,
4111  ep->low, ep->high) >= 0) {
4112  h = tor_malloc_zero(sizeof(vote_microdesc_hash_t));
4113  h->microdesc_hash_line = tor_strdup(buf);
4114  h->next = result;
4115  result = h;
4116  ep->md->last_listed = now;
4117  smartlist_add(microdescriptors_out, ep->md);
4118  }
4119  entries = ep->next;
4120  tor_free(ep);
4121  }
4122 
4123  return result;
4124 }
4125 
4126 /** Parse and extract all SR commits from <b>tokens</b> and place them in
4127  * <b>ns</b>. */
4128 static void
4130 {
4131  smartlist_t *chunks = NULL;
4132 
4133  tor_assert(ns);
4134  tor_assert(tokens);
4135  /* Commits are only present in a vote. */
4136  tor_assert(ns->type == NS_TYPE_VOTE);
4137 
4138  ns->sr_info.commits = smartlist_new();
4139 
4140  smartlist_t *commits = find_all_by_keyword(tokens, K_COMMIT);
4141  /* It's normal that a vote might contain no commits even if it participates
4142  * in the SR protocol. Don't treat it as an error. */
4143  if (commits == NULL) {
4144  goto end;
4145  }
4146 
4147  /* Parse the commit. We do NO validation of number of arguments or ordering
4148  * for forward compatibility, it's the parse commit job to inform us if it's
4149  * supported or not. */
4150  chunks = smartlist_new();
4151  SMARTLIST_FOREACH_BEGIN(commits, directory_token_t *, tok) {
4152  /* Extract all arguments and put them in the chunks list. */
4153  for (int i = 0; i < tok->n_args; i++) {
4154  smartlist_add(chunks, tok->args[i]);
4155  }
4156  sr_commit_t *commit = sr_parse_commit(chunks);
4157  smartlist_clear(chunks);
4158  if (commit == NULL) {
4159  /* Get voter identity so we can warn that this dirauth vote contains
4160  * commit we can't parse. */
4161  networkstatus_voter_info_t *voter = smartlist_get(ns->voters, 0);
4162  tor_assert(voter);
4163  log_warn(LD_DIR, "SR: Unable to parse commit %s from vote of voter %s.",
4164  escaped(tok->object_body),
4165  hex_str(voter->identity_digest,
4166  sizeof(voter->identity_digest)));
4167  /* Commitment couldn't be parsed. Continue onto the next commit because
4168  * this one could be unsupported for instance. */
4169  continue;
4170  }
4171  /* Add newly created commit object to the vote. */
4172  smartlist_add(ns->sr_info.commits, commit);
4173  } SMARTLIST_FOREACH_END(tok);
4174 
4175  end:
4176  smartlist_free(chunks);
4177  smartlist_free(commits);
4178 }
4179 
4180 /* Using the given directory tokens in tokens, parse the shared random commits
4181  * and put them in the given vote document ns.
4182  *
4183  * This also sets the SR participation flag if present in the vote. */
4184 void
4185 dirvote_parse_sr_commits(networkstatus_t *ns, const smartlist_t *tokens)
4186 {
4187  /* Does this authority participates in the SR protocol? */
4188  directory_token_t *tok = find_opt_by_keyword(tokens, K_SR_FLAG);
4189  if (tok) {
4190  ns->sr_info.participate = 1;
4191  /* Get the SR commitments and reveals from the vote. */
4192  extract_shared_random_commits(ns, tokens);
4193  }
4194 }
4195 
4196 /* For the given vote, free the shared random commits if any. */
4197 void
4198 dirvote_clear_commits(networkstatus_t *ns)
4199 {
4200  tor_assert(ns->type == NS_TYPE_VOTE);
4201 
4202  if (ns->sr_info.commits) {
4203  SMARTLIST_FOREACH(ns->sr_info.commits, sr_commit_t *, c,
4204  sr_commit_free(c));
4205  smartlist_free(ns->sr_info.commits);
4206  }
4207 }
4208 
4209 /* The given url is the /tor/status-vote GET directory request. Populates the
4210  * items list with strings that we can compress on the fly and dir_items with
4211  * cached_dir_t objects that have a precompressed deflated version. */
4212 void
4213 dirvote_dirreq_get_status_vote(const char *url, smartlist_t *items,
4214  smartlist_t *dir_items)
4215 {
4216  int current;
4217 
4218  url += strlen("/tor/status-vote/");
4219  current = !strcmpstart(url, "current/");
4220  url = strchr(url, '/');
4221  tor_assert(url);
4222  ++url;
4223  if (!strcmp(url, "consensus")) {
4224  const char *item;
4225  tor_assert(!current); /* we handle current consensus specially above,
4226  * since it wants to be spooled. */
4227  if ((item = dirvote_get_pending_consensus(FLAV_NS)))
4228  smartlist_add(items, (char*)item);
4229  } else if (!current && !strcmp(url, "consensus-signatures")) {
4230  /* XXXX the spec says that we should implement
4231  * current/consensus-signatures too. It doesn't seem to be needed,
4232  * though. */
4233  const char *item;
4235  smartlist_add(items, (char*)item);
4236  } else if (!strcmp(url, "authority")) {
4237  const cached_dir_t *d;
4238  int flags = DGV_BY_ID |
4239  (current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
4240  if ((d=dirvote_get_vote(NULL, flags)))
4241  smartlist_add(dir_items, (cached_dir_t*)d);
4242  } else {
4243  const cached_dir_t *d;
4244  smartlist_t *fps = smartlist_new();
4245  int flags;
4246  if (!strcmpstart(url, "d/")) {
4247  url += 2;
4248  flags = DGV_INCLUDE_PENDING | DGV_INCLUDE_PREVIOUS;
4249  } else {
4250  flags = DGV_BY_ID |
4251  (current ? DGV_INCLUDE_PREVIOUS : DGV_INCLUDE_PENDING);
4252  }
4253  dir_split_resource_into_fingerprints(url, fps, NULL,
4254  DSR_HEX|DSR_SORT_UNIQ);
4255  SMARTLIST_FOREACH(fps, char *, fp, {
4256  if ((d = dirvote_get_vote(fp, flags)))
4257  smartlist_add(dir_items, (cached_dir_t*)d);
4258  tor_free(fp);
4259  });
4260  smartlist_free(fps);
4261  }
4262 }
4263 
4264 /** Get the best estimate of a router's bandwidth for dirauth purposes,
4265  * preferring measured to advertised values if available. */
4267  (const routerinfo_t *ri))
4268 {
4269  uint32_t bw_kb = 0;
4270  /*
4271  * Yeah, measured bandwidths in measured_bw_line_t are (implicitly
4272  * signed) longs and the ones router_get_advertised_bandwidth() returns
4273  * are uint32_t.
4274  */
4275  long mbw_kb = 0;
4276 
4277  if (ri) {
4278  /*
4279  * * First try to see if we have a measured bandwidth; don't bother with
4280  * as_of_out here, on the theory that a stale measured bandwidth is still
4281  * better to trust than an advertised one.
4282  */
4284  &mbw_kb, NULL)) {
4285  /* Got one! */
4286  bw_kb = (uint32_t)mbw_kb;
4287  } else {
4288  /* If not, fall back to advertised */
4289  bw_kb = router_get_advertised_bandwidth(ri) / 1000;
4290  }
4291  }
4292 
4293  return bw_kb;
4294 }
4295 
4296 /**
4297  * Helper: compare the address of family `family` in `a` with the address in
4298  * `b`. The family must be one of `AF_INET` and `AF_INET6`.
4299  **/
4300 static int
4302  const routerinfo_t *b,
4303  int family)
4304 {
4305  const tor_addr_t *addr1 = (family==AF_INET) ? &a->ipv4_addr : &a->ipv6_addr;
4306  const tor_addr_t *addr2 = (family==AF_INET) ? &b->ipv4_addr : &b->ipv6_addr;
4307  return tor_addr_compare(addr1, addr2, CMP_EXACT);
4308 }
4309 
4310 /** Helper for sorting: compares two ipv4 routerinfos first by ipv4 address,
4311  * and then by descending order of "usefulness"
4312  * (see compare_routerinfo_usefulness)
4313  **/
4314 STATIC int
4315 compare_routerinfo_by_ipv4(const void **a, const void **b)
4316 {
4317  const routerinfo_t *first = *(const routerinfo_t **)a;
4318  const routerinfo_t *second = *(const routerinfo_t **)b;
4319  int comparison = compare_routerinfo_addrs_by_family(first, second, AF_INET);
4320  if (comparison == 0) {
4321  // If addresses are equal, use other comparison criteria
4322  return compare_routerinfo_usefulness(first, second);
4323  } else {
4324  return comparison;
4325  }
4326 }
4327 
4328 /** Helper for sorting: compares two ipv6 routerinfos first by ipv6 address,
4329  * and then by descending order of "usefulness"
4330  * (see compare_routerinfo_usefulness)
4331  **/
4332 STATIC int
4333 compare_routerinfo_by_ipv6(const void **a, const void **b)
4334 {
4335  const routerinfo_t *first = *(const routerinfo_t **)a;
4336  const routerinfo_t *second = *(const routerinfo_t **)b;
4337  int comparison = compare_routerinfo_addrs_by_family(first, second, AF_INET6);
4338  // If addresses are equal, use other comparison criteria
4339  if (comparison == 0)
4340  return compare_routerinfo_usefulness(first, second);
4341  else
4342  return comparison;
4343 }
4344 
4345 /**
4346 * Compare routerinfos by descending order of "usefulness" :
4347 * An authority is more useful than a non-authority; a running router is
4348 * more useful than a non-running router; and a router with more bandwidth
4349 * is more useful than one with less.
4350 **/
4351 STATIC int
4353  const routerinfo_t *second)
4354 {
4355  int first_is_auth, second_is_auth;
4356  const node_t *node_first, *node_second;
4357  int first_is_running, second_is_running;
4358  uint32_t bw_kb_first, bw_kb_second;
4359  /* Potentially, this next bit could cause k n lg n memeq calls. But in
4360  * reality, we will almost never get here, since addresses will usually be
4361  * different. */
4362  first_is_auth =
4363  router_digest_is_trusted_dir(first->cache_info.identity_digest);
4364  second_is_auth =
4365  router_digest_is_trusted_dir(second->cache_info.identity_digest);
4366 
4367  if (first_is_auth && !second_is_auth)
4368  return -1;
4369  else if (!first_is_auth && second_is_auth)
4370  return 1;
4371 
4372  node_first = node_get_by_id(first->cache_info.identity_digest);
4373  node_second = node_get_by_id(second->cache_info.identity_digest);
4374  first_is_running = node_first && node_first->is_running;
4375  second_is_running = node_second && node_second->is_running;
4376  if (first_is_running && !second_is_running)
4377  return -1;
4378  else if (!first_is_running && second_is_running)
4379  return 1;
4380 
4381  bw_kb_first = dirserv_get_bandwidth_for_router_kb(first);
4382  bw_kb_second = dirserv_get_bandwidth_for_router_kb(second);
4383 
4384  if (bw_kb_first > bw_kb_second)
4385  return -1;
4386  else if (bw_kb_first < bw_kb_second)
4387  return 1;
4388 
4389  /* They're equal! Compare by identity digest, so there's a
4390  * deterministic order and we avoid flapping. */
4391  return fast_memcmp(first->cache_info.identity_digest,
4392  second->cache_info.identity_digest,
4393  DIGEST_LEN);
4394 }
4395 
4396 /** Given a list of routerinfo_t in <b>routers</b> that all use the same
4397  * IP version, specified in <b>family</b>, return a new digestmap_t whose keys
4398  * are the identity digests of those routers that we're going to exclude for
4399  * Sybil-like appearance.
4400  */
4401 STATIC digestmap_t *
4403 {
4404  const dirauth_options_t *options = dirauth_get_options();
4405  digestmap_t *omit_as_sybil = digestmap_new();
4406  smartlist_t *routers_by_ip = smartlist_new();
4407  int addr_count = 0;
4408  routerinfo_t *last_ri = NULL;
4409  /* Allow at most this number of Tor servers on a single IP address, ... */
4410  int max_with_same_addr = options->AuthDirMaxServersPerAddr;
4411  if (max_with_same_addr <= 0)
4412  max_with_same_addr = INT_MAX;
4413 
4414  smartlist_add_all(routers_by_ip, routers);
4415  if (family == AF_INET6)
4417  else
4419 
4420  SMARTLIST_FOREACH_BEGIN(routers_by_ip, routerinfo_t *, ri) {
4421  bool addrs_equal;
4422  if (last_ri)
4423  addrs_equal = !compare_routerinfo_addrs_by_family(last_ri, ri, family);
4424  else
4425  addrs_equal = false;
4426 
4427  if (! addrs_equal) {
4428  last_ri = ri;
4429  addr_count = 1;
4430  } else if (++addr_count > max_with_same_addr) {
4431  digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
4432  }
4433  } SMARTLIST_FOREACH_END(ri);
4434  smartlist_free(routers_by_ip);
4435  return omit_as_sybil;
4436 }
4437 
4438 /** Given a list of routerinfo_t in <b>routers</b>, return a new digestmap_t
4439  * whose keys are the identity digests of those routers that we're going to
4440  * exclude for Sybil-like appearance. */
4441 STATIC digestmap_t *
4443 {
4444  smartlist_t *routers_ipv6, *routers_ipv4;
4445  routers_ipv6 = smartlist_new();
4446  routers_ipv4 = smartlist_new();
4447  digestmap_t *omit_as_sybil_ipv4;
4448  digestmap_t *omit_as_sybil_ipv6;
4449  digestmap_t *omit_as_sybil = digestmap_new();
4450  // Sort the routers in two lists depending on their IP version
4451  SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
4452  // If the router has an IPv6 address
4453  if (tor_addr_family(&(ri->ipv6_addr)) == AF_INET6) {
4454  smartlist_add(routers_ipv6, ri);
4455  }
4456  // If the router has an IPv4 address
4457  if (tor_addr_family(&(ri->ipv4_addr)) == AF_INET) {
4458  smartlist_add(routers_ipv4, ri);
4459  }
4460  } SMARTLIST_FOREACH_END(ri);
4461  omit_as_sybil_ipv4 = get_sybil_list_by_ip_version(routers_ipv4, AF_INET);
4462  omit_as_sybil_ipv6 = get_sybil_list_by_ip_version(routers_ipv6, AF_INET6);
4463 
4464  // Add all possible sybils to the common digestmap
4465  DIGESTMAP_FOREACH (omit_as_sybil_ipv4, sybil_id, routerinfo_t *, ri) {
4466  digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
4468  DIGESTMAP_FOREACH (omit_as_sybil_ipv6, sybil_id, routerinfo_t *, ri) {
4469  digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
4471  // Clean the temp variables
4472  smartlist_free(routers_ipv4);
4473  smartlist_free(routers_ipv6);
4474  digestmap_free(omit_as_sybil_ipv4, NULL);
4475  digestmap_free(omit_as_sybil_ipv6, NULL);
4476  // Return the digestmap: it now contains all the possible sybils
4477  return omit_as_sybil;
4478 }
4479 
4480 /** Given a platform string as in a routerinfo_t (possibly null), return a
4481  * newly allocated version string for a networkstatus document, or NULL if the
4482  * platform doesn't give a Tor version. */
4483 static char *
4484 version_from_platform(const char *platform)
4485 {
4486  if (platform && !strcmpstart(platform, "Tor ")) {
4487  const char *eos = find_whitespace(platform+4);
4488  if (eos && !strcmpstart(eos, " (r")) {
4489  /* XXXX Unify this logic with the other version extraction
4490  * logic in routerparse.c. */
4491  eos = find_whitespace(eos+1);
4492  }
4493  if (eos) {
4494  return tor_strndup(platform, eos-platform);
4495  }
4496  }
4497  return NULL;
4498 }
4499 
4500 /** Given a (possibly empty) list of config_line_t, each line of which contains
4501  * a list of comma-separated version numbers surrounded by optional space,
4502  * allocate and return a new string containing the version numbers, in order,
4503  * separated by commas. Used to generate Recommended(Client|Server)?Versions
4504  */
4505 char *
4507 {
4508  smartlist_t *versions;
4509  char *result;
4510  versions = smartlist_new();
4511  for ( ; ln; ln = ln->next) {
4512  smartlist_split_string(versions, ln->value, ",",
4513  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4514  }
4515 
4516  /* Handle the case where a dirauth operator has accidentally made some
4517  * versions space-separated instead of comma-separated. */
4518  smartlist_t *more_versions = smartlist_new();
4519  SMARTLIST_FOREACH_BEGIN(versions, char *, v) {
4520  if (strchr(v, ' ')) {
4521  if (warn)
4522  log_warn(LD_DIRSERV, "Unexpected space in versions list member %s. "
4523  "(These are supposed to be comma-separated; I'll pretend you "
4524  "used commas instead.)", escaped(v));
4525  SMARTLIST_DEL_CURRENT(versions, v);
4526  smartlist_split_string(more_versions, v, NULL,
4527  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4528  tor_free(v);
4529  }
4530  } SMARTLIST_FOREACH_END(v);
4531  smartlist_add_all(versions, more_versions);
4532  smartlist_free(more_versions);
4533 
4534  /* Check to make sure everything looks like a version. */
4535  if (warn) {
4536  SMARTLIST_FOREACH_BEGIN(versions, const char *, v) {
4537  tor_version_t ver;
4538  if (tor_version_parse(v, &ver) < 0) {
4539  log_warn(LD_DIRSERV, "Recommended version %s does not look valid. "
4540  " (I'll include it anyway, since you told me to.)",
4541  escaped(v));
4542  }
4543  } SMARTLIST_FOREACH_END(v);
4544  }
4545 
4546  sort_version_list(versions, 1);
4547  result = smartlist_join_strings(versions,",",0,NULL);
4548  SMARTLIST_FOREACH(versions,char *,s,tor_free(s));
4549  smartlist_free(versions);
4550  return result;
4551 }
4552 
4553 /** If there are entries in <b>routers</b> with exactly the same ed25519 keys,
4554  * remove the older one. If they are exactly the same age, remove the one
4555  * with the greater descriptor digest. May alter the order of the list. */
4556 static void
4558 {
4559  routerinfo_t *ri2;
4560  digest256map_t *by_ed_key = digest256map_new();
4561 
4562  SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
4563  ri->omit_from_vote = 0;
4564  if (ri->cache_info.signing_key_cert == NULL)
4565  continue; /* No ed key */
4566  const uint8_t *pk = ri->cache_info.signing_key_cert->signing_key.pubkey;
4567  if ((ri2 = digest256map_get(by_ed_key, pk))) {
4568  /* Duplicate; must omit one. Set the omit_from_vote flag in whichever
4569  * one has the earlier published_on. */
4570  const time_t ri_pub = ri->cache_info.published_on;
4571  const time_t ri2_pub = ri2->cache_info.published_on;
4572  if (ri2_pub < ri_pub ||
4573  (ri2_pub == ri_pub &&
4574  fast_memcmp(ri->cache_info.signed_descriptor_digest,
4575  ri2->cache_info.signed_descriptor_digest,DIGEST_LEN)<0)) {
4576  digest256map_set(by_ed_key, pk, ri);
4577  ri2->omit_from_vote = 1;
4578  } else {
4579  ri->omit_from_vote = 1;
4580  }
4581  } else {
4582  /* Add to map */
4583  digest256map_set(by_ed_key, pk, ri);
4584  }
4585  } SMARTLIST_FOREACH_END(ri);
4586 
4587  digest256map_free(by_ed_key, NULL);
4588 
4589  /* Now remove every router where the omit_from_vote flag got set. */
4590  SMARTLIST_FOREACH_BEGIN(routers, const routerinfo_t *, ri) {
4591  if (ri->omit_from_vote) {
4592  SMARTLIST_DEL_CURRENT(routers, ri);
4593  }
4594  } SMARTLIST_FOREACH_END(ri);
4595 }
4596 
4597 /** Routerstatus <b>rs</b> is part of a group of routers that are on too
4598  * narrow an IP-space. Clear out its flags since we don't want it be used
4599  * because of its Sybil-like appearance.
4600  *
4601  * Leave its BadExit flag alone though, since if we think it's a bad exit,
4602  * we want to vote that way in case all the other authorities are voting
4603  * Running and Exit.
4604  *
4605  * Also set the Sybil flag in order to let a relay operator know that's
4606  * why their relay hasn't been voted on.
4607  */
4608 static void
4610 {
4611  rs->is_authority = rs->is_exit = rs->is_stable = rs->is_fast =
4612  rs->is_flagged_running = rs->is_named = rs->is_valid =
4613  rs->is_hs_dir = rs->is_v2_dir = rs->is_possible_guard = 0;
4614  rs->is_sybil = 1;
4615  /* FFFF we might want some mechanism to check later on if we
4616  * missed zeroing any flags: it's easy to add a new flag but
4617  * forget to add it to this clause. */
4618 }
4619 
4620 /** Space-separated list of all the flags that we will always vote on. */
4622  "Authority "
4623  "Exit "
4624  "Fast "
4625  "Guard "
4626  "HSDir "
4627  "Stable "
4628  "StaleDesc "
4629  "Sybil "
4630  "V2Dir "
4631  "Valid";
4632 /** Space-separated list of all flags that we may or may not vote on,
4633  * depending on our configuration. */
4635  "BadExit "
4636  "MiddleOnly "
4637  "Running";
4638 
4639 /** Return a new networkstatus_t* containing our current opinion. (For v3
4640  * authorities) */
4643  authority_cert_t *cert)
4644 {
4645  const or_options_t *options = get_options();
4646  const dirauth_options_t *d_options = dirauth_get_options();
4647  networkstatus_t *v3_out = NULL;
4648  tor_addr_t addr;
4649  char *hostname = NULL, *client_versions = NULL, *server_versions = NULL;
4650  const char *contact;
4651  smartlist_t *routers, *routerstatuses;
4652  char identity_digest[DIGEST_LEN];
4653  char signing_key_digest[DIGEST_LEN];
4654  const int list_bad_exits = d_options->AuthDirListBadExits;
4655  const int list_middle_only = d_options->AuthDirListMiddleOnly;
4657  time_t now = time(NULL);
4658  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
4659  networkstatus_voter_info_t *voter = NULL;
4660  vote_timing_t timing;
4661  const int vote_on_reachability = running_long_enough_to_decide_unreachable();
4662  smartlist_t *microdescriptors = NULL;
4663  smartlist_t *bw_file_headers = NULL;
4664  uint8_t bw_file_digest256[DIGEST256_LEN] = {0};
4665 
4666  tor_assert(private_key);
4667  tor_assert(cert);
4668 
4669  if (crypto_pk_get_digest(private_key, signing_key_digest)<0) {
4670  log_err(LD_BUG, "Error computing signing key digest");
4671  return NULL;
4672  }
4673  if (crypto_pk_get_digest(cert->identity_key, identity_digest)<0) {
4674  log_err(LD_BUG, "Error computing identity key digest");
4675  return NULL;
4676  }
4677  if (!find_my_address(options, AF_INET, LOG_WARN, &addr, NULL, &hostname)) {
4678  log_warn(LD_NET, "Couldn't resolve my hostname");
4679  return NULL;
4680  }
4681  if (!hostname || !strchr(hostname, '.')) {
4682  tor_free(hostname);
4683  hostname = tor_addr_to_str_dup(&addr);
4684  }
4685 
4686  if (!hostname) {
4687  log_err(LD_BUG, "Failed to determine hostname AND duplicate address");
4688  return NULL;
4689  }
4690 
4691  if (d_options->VersioningAuthoritativeDirectory) {
4692  client_versions =
4694  server_versions =
4696  }
4697 
4698  contact = get_options()->ContactInfo;
4699  if (!contact)
4700  contact = "(none)";
4701 
4702  /*
4703  * Do this so dirserv_compute_performance_thresholds() and
4704  * set_routerstatus_from_routerinfo() see up-to-date bandwidth info.
4705  */
4706  if (options->V3BandwidthsFile) {
4708  NULL);
4709  } else {
4710  /*
4711  * No bandwidths file; clear the measured bandwidth cache in case we had
4712  * one last time around.
4713  */
4716  }
4717  }
4718 
4719  /* precompute this part, since we need it to decide what "stable"
4720  * means. */
4721  SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
4722  dirserv_set_router_is_running(ri, now);
4723  });
4724 
4725  routers = smartlist_new();
4726  smartlist_add_all(routers, rl->routers);
4727  routers_make_ed_keys_unique(routers);
4728  /* After this point, don't use rl->routers; use 'routers' instead. */
4729  routers_sort_by_identity(routers);
4730  /* Get a digestmap of possible sybil routers, IPv4 or IPv6 */
4731  digestmap_t *omit_as_sybil = get_all_possible_sybil(routers);
4732  DIGESTMAP_FOREACH (omit_as_sybil, sybil_id, void *, ignore) {
4733  (void)ignore;
4734  rep_hist_make_router_pessimal(sybil_id, now);
4736  /* Count how many have measured bandwidths so we know how to assign flags;
4737  * this must come before dirserv_compute_performance_thresholds() */
4738  dirserv_count_measured_bws(routers);
4740  routerstatuses = smartlist_new();
4741  microdescriptors = smartlist_new();
4742 
4743  SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
4744  /* If it has a protover list and contains a protocol name greater than
4745  * MAX_PROTOCOL_NAME_LENGTH, skip it. */
4746  if (ri->protocol_list &&
4747  protover_list_is_invalid(ri->protocol_list)) {
4748  continue;
4749  }
4750  if (ri->cache_info.published_on >= cutoff) {
4751  routerstatus_t *rs;
4752  vote_routerstatus_t *vrs;
4753  node_t *node = node_get_mutable_by_id(ri->cache_info.identity_digest);
4754  if (!node)
4755  continue;
4756 
4757  vrs = tor_malloc_zero(sizeof(vote_routerstatus_t));
4758  rs = &vrs->status;
4759  dirauth_set_routerstatus_from_routerinfo(rs, node, ri, now,
4760  list_bad_exits,
4761  list_middle_only);
4762  vrs->published_on = ri->cache_info.published_on;
4763 
4764  if (ri->cache_info.signing_key_cert) {
4765  memcpy(vrs->ed25519_id,
4766  ri->cache_info.signing_key_cert->signing_key.pubkey,
4768  }
4769  if (digestmap_get(omit_as_sybil, ri->cache_info.identity_digest))
4771 
4772  if (!vote_on_reachability)
4773  rs->is_flagged_running = 0;
4774 
4775  vrs->version = version_from_platform(ri->platform);
4776  if (ri->protocol_list) {
4777  vrs->protocols = tor_strdup(ri->protocol_list);
4778  } else {
4779  vrs->protocols = tor_strdup(
4781  }
4783  microdescriptors);
4784 
4785  smartlist_add(routerstatuses, vrs);
4786  }
4787  } SMARTLIST_FOREACH_END(ri);
4788 
4789  {
4790  smartlist_t *added =
4792  microdescriptors, SAVED_NOWHERE, 0);
4793  smartlist_free(added);
4794  smartlist_free(microdescriptors);
4795  }
4796 
4797  smartlist_free(routers);
4798  digestmap_free(omit_as_sybil, NULL);
4799 
4800  /* Apply guardfraction information to routerstatuses. */
4801  if (options->GuardfractionFile) {
4803  routerstatuses);
4804  }
4805 
4806  /* This pass through applies the measured bw lines to the routerstatuses */
4807  if (options->V3BandwidthsFile) {
4808  /* Only set bw_file_headers when V3BandwidthsFile is configured */
4809  bw_file_headers = smartlist_new();
4811  routerstatuses, bw_file_headers,
4812  bw_file_digest256);
4813  } else {
4814  /*
4815  * No bandwidths file; clear the measured bandwidth cache in case we had
4816  * one last time around.
4817  */
4820  }
4821  }
4822 
4823  v3_out = tor_malloc_zero(sizeof(networkstatus_t));
4824 
4825  v3_out->type = NS_TYPE_VOTE;
4827  v3_out->published = now;
4828  {
4829  char tbuf[ISO_TIME_LEN+1];
4830  networkstatus_t *current_consensus =
4832  long last_consensus_interval; /* only used to pick a valid_after */
4833  if (current_consensus)
4834  last_consensus_interval = current_consensus->fresh_until -
4835  current_consensus->valid_after;
4836  else
4837  last_consensus_interval = options->TestingV3AuthInitialVotingInterval;
4838  v3_out->valid_after =
4840  (int)last_consensus_interval,
4842  format_iso_time(tbuf, v3_out->valid_after);
4843  log_notice(LD_DIR,"Choosing valid-after time in vote as %s: "
4844  "consensus_set=%d, last_interval=%d",
4845  tbuf, current_consensus?1:0, (int)last_consensus_interval);
4846  }
4847  v3_out->fresh_until = v3_out->valid_after + timing.vote_interval;
4848  v3_out->valid_until = v3_out->valid_after +
4849  (timing.vote_interval * timing.n_intervals_valid);
4850  v3_out->vote_seconds = timing.vote_delay;
4851  v3_out->dist_seconds = timing.dist_delay;
4852  tor_assert(v3_out->vote_seconds > 0);
4853  tor_assert(v3_out->dist_seconds > 0);
4854  tor_assert(timing.n_intervals_valid > 0);
4855 
4856  v3_out->client_versions = client_versions;
4857  v3_out->server_versions = server_versions;
4858 
4859  v3_out->recommended_relay_protocols =
4861  v3_out->recommended_client_protocols =
4863  v3_out->required_client_protocols =
4865  v3_out->required_relay_protocols =
4867 
4868  /* We are not allowed to vote to require anything we don't have. */
4869  tor_assert(protover_all_supported(v3_out->required_relay_protocols, NULL));
4870  tor_assert(protover_all_supported(v3_out->required_client_protocols, NULL));
4871 
4872  /* We should not recommend anything we don't have. */
4873  tor_assert_nonfatal(protover_all_supported(
4874  v3_out->recommended_relay_protocols, NULL));
4875  tor_assert_nonfatal(protover_all_supported(
4876  v3_out->recommended_client_protocols, NULL));
4877 
4878  v3_out->known_flags = smartlist_new();
4881  0, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4882  if (vote_on_reachability)
4883  smartlist_add_strdup(v3_out->known_flags, "Running");
4884  if (list_bad_exits)
4885  smartlist_add_strdup(v3_out->known_flags, "BadExit");
4886  if (list_middle_only)
4887  smartlist_add_strdup(v3_out->known_flags, "MiddleOnly");
4889 
4890  if (d_options->ConsensusParams) {
4891  config_line_t *paramline = d_options->ConsensusParams;
4892  v3_out->net_params = smartlist_new();
4893  for ( ; paramline; paramline = paramline->next) {
4895  paramline->value, NULL, 0, 0);
4896  }
4897 
4898  /* for transparency and visibility, include our current value of
4899  * AuthDirMaxServersPerAddr in our consensus params. Once enough dir
4900  * auths do this, external tools should be able to use that value to
4901  * help understand which relays are allowed into the consensus. */
4902  smartlist_add_asprintf(v3_out->net_params, "AuthDirMaxServersPerAddr=%d",
4903  d_options->AuthDirMaxServersPerAddr);
4904 
4906  }
4907  v3_out->bw_file_headers = bw_file_headers;
4908  memcpy(v3_out->bw_file_digest256, bw_file_digest256, DIGEST256_LEN);
4909 
4910  voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
4911  voter->nickname = tor_strdup(options->Nickname);
4912  memcpy(voter->identity_digest, identity_digest, DIGEST_LEN);
4913  voter->sigs = smartlist_new();
4914  voter->address = hostname;
4915  tor_addr_copy(&voter->ipv4_addr, &addr);
4916  voter->ipv4_dirport = routerconf_find_dir_port(options, 0);
4917  voter->ipv4_orport = routerconf_find_or_port(options, AF_INET);
4918  voter->contact = tor_strdup(contact);
4919  if (options->V3AuthUseLegacyKey) {
4921  if (c) {
4923  log_warn(LD_BUG, "Unable to compute digest of legacy v3 identity key");
4924  memset(voter->legacy_id_digest, 0, DIGEST_LEN);
4925  }
4926  }
4927  }
4928 
4929  v3_out->voters = smartlist_new();
4930  smartlist_add(v3_out->voters, voter);
4931  v3_out->cert = authority_cert_dup(cert);
4932  v3_out->routerstatus_list = routerstatuses;
4933  /* Note: networkstatus_digest is unset; it won't get set until we actually
4934  * format the vote. */
4935 
4936  return v3_out;
4937 }
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
Definition: address.c:1199
int tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2, tor_addr_comparison_t how)
Definition: address.c:984
char * tor_addr_to_str_dup(const tor_addr_t *addr)
Definition: address.c:1164
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
tor_addr_port_t * tor_addr_port_new(const tor_addr_t *addr, uint16_t port)
Definition: address.c:2100
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
#define fmt_addr(a)
Definition: address.h:239
int trusted_dirs_load_certs_from_string(const char *contents, int source, int flush, const char *source_dir)
Definition: authcert.c:373
authority_cert_t * authority_cert_get_by_digests(const char *id_digest, const char *sk_digest)
Definition: authcert.c:648
Header file for authcert.c.
Header file for directory authority mode.
Authority certificate structure.
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
Definition: binascii.c:215
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
int dirserv_get_measured_bw_cache_size(void)
Definition: bwauth.c:166
int dirserv_read_measured_bandwidths(const char *from_file, smartlist_t *routerstatuses, smartlist_t *bw_file_headers, uint8_t *digest_out)
Definition: bwauth.c:232
void dirserv_count_measured_bws(const smartlist_t *routers)
Definition: bwauth.c:39
int dirserv_query_measured_bw_cache_kb(const char *node_id, long *bw_kb_out, time_t *as_of_out)
Definition: bwauth.c:138
void dirserv_clear_measured_bw_cache(void)
Definition: bwauth.c:103
Header file for bwauth.c.
#define MAX_BW_FILE_HEADER_COUNT_IN_VOTE
Definition: bwauth.h:16
Cached large directory object structure.
#define MAX(a, b)
Definition: cmp.h:22
const or_options_t * get_options(void)
Definition: config.c:926
const char * name
Definition: config.c:2443
Header file for config.c.
Header for confline.c.
void curve25519_public_to_base64(char *output, const curve25519_public_key_t *pkey, bool pad)
const char * crypto_digest_algorithm_get_name(digest_algorithm_t alg)
Definition: crypto_digest.c:44
#define BASE64_DIGEST256_LEN
Definition: crypto_digest.h:29
#define HEX_DIGEST256_LEN
Definition: crypto_digest.h:37
digest_algorithm_t
Definition: crypto_digest.h:44
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
#define N_COMMON_DIGEST_ALGORITHMS
Definition: crypto_digest.h:58
void digest256_to_base64(char *d64, const char *digest)
void ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey)
int digest256_from_base64(char *digest, const char *d64)
void digest_to_base64(char *d64, const char *digest)
Header for crypto_format.c.
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
int crypto_pk_write_public_key_to_string(crypto_pk_t *env, char **dest, size_t *len)
Definition: crypto_rsa.c:466
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
crypto_pk_t * crypto_pk_dup_key(crypto_pk_t *orig)
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
#define fast_memcmp(a, b, c)
Definition: di_ops.h:28
#define DIGEST_LEN
Definition: digest_sizes.h:20
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Trusted/fallback directory server structure.
Structure dirauth_options_t to hold directory authority options.
Header for dirauth_sys.c.
void directory_get_from_all_authorities(uint8_t dir_purpose, uint8_t router_purpose, const char *resource)
Definition: dirclient.c:585
void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose, dirinfo_type_t type, const char *payload, size_t payload_len, size_t extrainfo_len)
Definition: dirclient.c:229
Header file for dirclient.c.
int dircollator_n_routers(dircollator_t *dc)
Definition: dircollate.c:305
void dircollator_collate(dircollator_t *dc, int consensus_method)
Definition: dircollate.c:211
void dircollator_add_vote(dircollator_t *dc, networkstatus_t *v)
Definition: dircollate.c:194
dircollator_t * dircollator_new(int n_votes, int n_authorities)
Definition: dircollate.c:149
vote_routerstatus_t ** dircollator_get_votes_for_router(dircollator_t *dc, int idx)
Definition: dircollate.c:320
Header file for dircollate.c.
int dir_split_resource_into_fingerprints(const char *resource, smartlist_t *fp_out, int *compressed_out, int flags)
Definition: directory.c:640
Header file for directory.c.
#define DIR_PURPOSE_UPLOAD_VOTE
Definition: directory.h:43
#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES
Definition: directory.h:51
#define DIR_PURPOSE_UPLOAD_SIGNATURES
Definition: directory.h:45
#define DIR_PURPOSE_FETCH_STATUS_VOTE
Definition: directory.h:48
int get_n_authorities(dirinfo_type_t type)
Definition: dirlist.c:103
dir_server_t * trusteddirserver_get_by_v3_auth_digest(const char *digest)
Definition: dirlist.c:215
Header file for dirlist.c.
void cached_dir_decref(cached_dir_t *d)
Definition: dirserv.c:124
cached_dir_t * new_cached_dir(char *s, time_t published)
Definition: dirserv.c:135
Header file for dirserv.c.
static int dirvote_add_signatures_to_all_pending_consensuses(const char *detached_signatures_body, const char *source, const char **msg_out)
Definition: dirvote.c:3704
static void dirvote_fetch_missing_signatures(void)
Definition: dirvote.c:3104
STATIC microdesc_t * dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
Definition: dirvote.c:3918
static void dirvote_clear_pending_consensuses(void)
Definition: dirvote.c:3127
STATIC int compare_routerinfo_usefulness(const routerinfo_t *first, const routerinfo_t *second)
Definition: dirvote.c:4352
static int cmp_int_strings_(const void **_a, const void **_b)
Definition: dirvote.c:774
static int consensus_method_is_supported(int method)
Definition: dirvote.c:828
STATIC char * make_consensus_method_list(int low, int high, const char *separator)
Definition: dirvote.c:837
static void get_frequent_members(smartlist_t *out, smartlist_t *in, int min)
Definition: dirvote.c:578
static bw_weights_error_t networkstatus_check_weights(int64_t Wgg, int64_t Wgd, int64_t Wmg, int64_t Wme, int64_t Wmd, int64_t Wee, int64_t Wed, int64_t scale, int64_t G, int64_t M, int64_t E, int64_t D, int64_t T, int64_t margin, int do_balance)
Definition: dirvote.c:1029
static void remove_flag(smartlist_t *sl, const char *flag)
Definition: dirvote.c:1488
static int compare_routerinfo_addrs_by_family(const routerinfo_t *a, const routerinfo_t *b, int family)
Definition: dirvote.c:4301
const char * dirvote_get_pending_detached_signatures(void)
Definition: dirvote.c:3858
static char * get_detached_signatures_from_pending_consensuses(pending_consensus_t *pending, int n_flavors)
Definition: dirvote.c:2892
STATIC int compare_routerinfo_by_ipv6(const void **a, const void **b)
Definition: dirvote.c:4333
static int dirvote_perform_vote(void)
Definition: dirvote.c:3016
static int compare_orports_(const void **_a, const void **_b)
Definition: dirvote.c:658
static void extract_shared_random_commits(networkstatus_t *ns, const smartlist_t *tokens)
Definition: dirvote.c:4129
time_t dirvote_act(const or_options_t *options, time_t now)
Definition: dirvote.c:2913
static void dirvote_clear_votes(int all_votes)
Definition: dirvote.c:3141
static char * pending_consensus_signatures
Definition: dirvote.c:3007
STATIC authority_cert_t * authority_cert_dup(authority_cert_t *cert)
Definition: dirvote.c:146
STATIC int32_t dirvote_get_intermediate_param_value(const smartlist_t *param_list, const char *keyword, int32_t default_val)
Definition: dirvote.c:886
static int dirvote_publish_consensus(void)
Definition: dirvote.c:3796
void dirvote_free_all(void)
Definition: dirvote.c:3825
static int compare_votes_by_authority_id_(const void **_a, const void **_b)
Definition: dirvote.c:552
STATIC char * networkstatus_get_detached_signatures(smartlist_t *consensuses)
Definition: dirvote.c:2803
static char * format_protocols_lines_for_vote(const networkstatus_t *v3_ns)
Definition: dirvote.c:184
static int vote_routerstatus_find_microdesc_hash(char *digest256_out, const vote_routerstatus_t *vrs, int method, digest_algorithm_t alg)
Definition: dirvote.c:485
static int compare_vote_rs_(const void **_a, const void **_b)
Definition: dirvote.c:650
const cached_dir_t * dirvote_get_vote(const char *fp, int flags)
Definition: dirvote.c:3872
STATIC char * networkstatus_compute_consensus(smartlist_t *votes, int total_authorities, crypto_pk_t *identity_key, crypto_pk_t *signing_key, const char *legacy_id_key_digest, crypto_pk_t *legacy_signing_key, consensus_flavor_t flavor)
Definition: dirvote.c:1518
int dirvote_add_signatures(const char *detached_signatures_body, const char *source, const char **msg)
Definition: dirvote.c:3772
static void dirvote_fetch_missing_votes(void)
Definition: dirvote.c:3064
const char * dirvote_get_pending_consensus(consensus_flavor_t flav)
Definition: dirvote.c:3849
static networkstatus_voter_info_t * get_voter(const networkstatus_t *vote)
Definition: dirvote.c:531
STATIC char * format_networkstatus_vote(crypto_pk_t *private_signing_key, networkstatus_t *v3_ns)
Definition: dirvote.c:223
vote_microdesc_hash_t * dirvote_format_all_microdesc_vote_lines(const routerinfo_t *ri, time_t now, smartlist_t *microdescriptors_out)
Definition: dirvote.c:4070
uint32_t dirserv_get_bandwidth_for_router_kb(const routerinfo_t *ri)
Definition: dirvote.c:4267
static void routers_make_ed_keys_unique(smartlist_t *routers)
Definition: dirvote.c:4557
static void dirvote_get_preferred_voting_intervals(vote_timing_t *timing_out)
Definition: dirvote.c:465
int networkstatus_compute_bw_weights_v10(smartlist_t *chunks, int64_t G, int64_t M, int64_t E, int64_t D, int64_t T, int64_t weight_scale)
Definition: dirvote.c:1098
static char * list_v3_auth_ids(void)
Definition: dirvote.c:3183
static const char * get_nth_protocol_set_vote(int n, const networkstatus_t *vote)
Definition: dirvote.c:1422
#define get_most_frequent_member(lst)
Definition: dirvote.c:598
static vote_routerstatus_t * compute_routerstatus_consensus(smartlist_t *votes, int consensus_method, char *microdesc_digest256_out, tor_addr_port_t *best_alt_orport_out)
Definition: dirvote.c:677
STATIC int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out)
Definition: dirvote.c:2611
static smartlist_t * pending_vote_list
Definition: dirvote.c:2997
static int dirvote_add_signatures_to_pending_consensus(pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out)
Definition: dirvote.c:3619
const char DIRVOTE_OPTIONAL_FLAGS[]
Definition: dirvote.c:4634
#define MIN_VOTES_FOR_PARAM
Definition: dirvote.c:916
static char * version_from_platform(const char *platform)
Definition: dirvote.c:4484
static char * compute_nth_protocol_set(int n, int n_voters, const smartlist_t *votes)
Definition: dirvote.c:1440
STATIC char * compute_consensus_package_lines(smartlist_t *votes)
Definition: dirvote.c:2530
pending_vote_t * dirvote_add_vote(const char *vote_body, time_t time_posted, const char *where_from, const char **msg_out, int *status_out)
Definition: dirvote.c:3236
STATIC digestmap_t * get_all_possible_sybil(const smartlist_t *routers)
Definition: dirvote.c:4442
STATIC int64_t extract_param_buggy(const char *params, const char *param_name, int64_t default_value)
Definition: dirvote.c:2488
static smartlist_t * pending_consensus_signature_list
Definition: dirvote.c:3011
static void clear_status_flags_on_sybil(routerstatus_t *rs)
Definition: dirvote.c:4609
STATIC digestmap_t * get_sybil_list_by_ip_version(const smartlist_t *routers, sa_family_t family)
Definition: dirvote.c:4402
static char * networkstatus_format_signatures(networkstatus_t *consensus, int for_detached_signatures)
Definition: dirvote.c:2742
static ssize_t dirvote_format_microdesc_vote_line(char *out_buf, size_t out_buf_len, const microdesc_t *md, int consensus_method_low, int consensus_method_high)
Definition: dirvote.c:4016
networkstatus_t * dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, authority_cert_t *cert)
Definition: dirvote.c:4642
static int dirvote_compute_consensuses(void)
Definition: dirvote.c:3440
static int compute_consensus_method(smartlist_t *votes)
Definition: dirvote.c:793
static void update_total_bandwidth_weights(const routerstatus_t *rs, int is_exit, int is_guard, int64_t *G, int64_t *M, int64_t *E, int64_t *D, int64_t *T)
Definition: dirvote.c:1338
STATIC int compare_routerinfo_by_ipv4(const void **a, const void **b)
Definition: dirvote.c:4315
static char * compute_consensus_versions_list(smartlist_t *lst, int n_versioning)
Definition: dirvote.c:861
STATIC smartlist_t * dirvote_compute_params(smartlist_t *votes, int method, int total_authorities)
Definition: dirvote.c:922
static smartlist_t * previous_vote_list
Definition: dirvote.c:3000
static int compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b)
Definition: dirvote.c:605
static int compare_dir_src_ents_by_authority_id_(const void **_a, const void **_b)
Definition: dirvote.c:563
const char DIRVOTE_UNIVERSAL_FLAGS[]
Definition: dirvote.c:4621
char * format_recommended_version_list(const config_line_t *ln, int warn)
Definition: dirvote.c:4506
Header file for dirvote.c.
#define MIN_METHOD_FOR_CORRECT_BWWEIGHTSCALE
Definition: dirvote.h:71
#define MIN_VOTE_INTERVAL_TESTING
Definition: dirvote.h:46
#define MIN_VOTE_INTERVAL
Definition: dirvote.h:37
#define MIN_METHOD_TO_SUPPRESS_MD_PUBLISHED
Definition: dirvote.h:81
#define MIN_METHOD_FOR_MIDDLEONLY
Definition: dirvote.h:75
#define MIN_SUPPORTED_CONSENSUS_METHOD
Definition: dirvote.h:53
#define MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS
Definition: dirvote.h:62
#define DEFAULT_MAX_UNMEASURED_BW_KB
Definition: dirvote.h:86
#define MAX_BW_FILE_HEADERS_LINE_LEN
Definition: dirvote.h:94
#define MIN_DIST_SECONDS
Definition: dirvote.h:32
#define MIN_METHOD_FOR_UNPADDED_NTOR_KEY
Definition: dirvote.h:66
#define MIN_VOTE_SECONDS
Definition: dirvote.h:27
#define MAX_SUPPORTED_CONSENSUS_METHOD
Definition: dirvote.h:56
Authority signature structure.
Code to parse and validate detached-signature objects.
ns_detached_signatures_t * networkstatus_parse_detached_signatures(const char *s, const char *eos)
Definition: dsigs_parse.c:67
Header file for circuitbuild.c.
const char * escaped(const char *s)
Definition: escape.c:126
int write_str_to_file(const char *fname, const char *str, int bin)
Definition: files.c:274
Format routerstatus entries for controller, vote, or consensus.
routerstatus_format_type_t
@ NS_V3_VOTE
@ NS_V3_CONSENSUS
@ NS_V3_CONSENSUS_MICRODESC
char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, const vote_routerstatus_t *vrs, time_t declared_publish_time)
Header file for guardfraction.c.
int dirserv_read_guardfraction_file(const char *fname, smartlist_t *vote_routerstatuses)
uint16_t sa_family_t
Definition: inaddr_st.h:77
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:590
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define LD_DIRSERV
Definition: log.h:90
#define LD_BUG
Definition: log.h:86
#define LD_NET
Definition: log.h:66
#define LD_DIR
Definition: log.h:88
#define LOG_NOTICE
Definition: log.h:50
#define LD_CIRC
Definition: log.h:82
#define LOG_WARN
Definition: log.h:53
#define LOG_INFO
Definition: log.h:45
void tor_free_(void *mem)
Definition: malloc.c:227
#define tor_free(p)
Definition: malloc.h:56
void * strmap_get_lc(const strmap_t *map, const char *key)
Definition: map.c:360
void * strmap_set_lc(strmap_t *map, const char *key, void *val)
Definition: map.c:346
#define DIGESTMAP_FOREACH_END
Definition: map.h:168
#define DIGESTMAP_FOREACH(map, keyvar, valtype, valvar)
Definition: map.h:154
smartlist_t * microdescs_add_list_to_cache(microdesc_cache_t *cache, smartlist_t *descriptors, saved_location_t where, int no_save)
Definition: microdesc.c:383
microdesc_cache_t * get_microdesc_cache(void)
Definition: microdesc.c:251
Header file for microdesc.c.
smartlist_t * microdescs_parse_from_string(const char *s, const char *eos, int allow_annotations, saved_location_t where, smartlist_t *invalid_digests_out)
Header file for microdesc_parse.c.
Microdescriptor structure.
int networkstatus_check_document_signature(const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f)
int networkstatus_set_current_consensus(const char *consensus, size_t consensus_len, const char *flavor, unsigned flags, const char *source_dir)
const char * networkstatus_get_flavor_name(consensus_flavor_t flav)
time_t voting_sched_get_start_of_interval_after(time_t now, int interval, int offset)
networkstatus_voter_info_t * networkstatus_get_voter_by_id(networkstatus_t *vote, const char *identity)
int networkstatus_check_consensus_signature(networkstatus_t *consensus, int warn)
document_signature_t * document_signature_dup(const document_signature_t *sig)
document_signature_t * networkstatus_get_voter_sig_by_alg(const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
networkstatus_t * networkstatus_get_live_consensus(time_t now)
Header file for networkstatus.c.
Networkstatus consensus/vote structure.
Single consensus voter structure.
Node information structure.
char * nodefamily_canonicalize(const char *s, const uint8_t *rsa_id_self, unsigned flags)
Definition: nodefamily.c:111
Header file for nodefamily.c.
node_t * node_get_mutable_by_id(const char *identity_digest)
Definition: nodelist.c:197
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:226
Header file for nodelist.c.
Detached consensus signatures structure.
Header file for ns_parse.c.
networkstatus_t * networkstatus_parse_vote_from_string(const char *s, size_t len, const char **eos_out, enum networkstatus_type_t ns_type)
Definition: ns_parse.c:1094
int networkstatus_verify_bw_weights(networkstatus_t *ns, int)
Definition: ns_parse.c:613
Master header file for Tor-specific functionality.
@ SAVED_NOWHERE
Definition: or.h:617
#define BW_WEIGHT_SCALE
Definition: or.h:895
consensus_flavor_t
Definition: or.h:751
#define ROUTER_MAX_AGE_TO_PUBLISH
Definition: or.h:161
@ V3_DIRINFO
Definition: or.h:778
#define N_CONSENSUS_FLAVORS
Definition: or.h:757
Header for order.c.
long tor_parse_long(const char *s, int base, long min, long max, int *ok, char **next)
Definition: parse_int.c:59
directory_token_t * find_opt_by_keyword(const smartlist_t *s, directory_keyword keyword)
Definition: parsecommon.c:440
smartlist_t * find_all_by_keyword(const smartlist_t *s, directory_keyword k)
Definition: parsecommon.c:451
Header file for parsecommon.c.
#define T(s, t, a, o)
Definition: parsecommon.h:246
char * write_short_policy(const short_policy_t *policy)
Definition: policies.c:2806
char * policy_summarize(smartlist_t *policy, sa_family_t family)
Definition: policies.c:2593
Header file for policies.c.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
const char * protover_get_required_client_protocols(void)
Definition: protover.c:536
const char * protover_compute_for_old_tor(const char *version)
C_RUST_COUPLED: src/rust/protover/protover.rs compute_for_old_tor
Definition: protover.c:845
bool protover_list_is_invalid(const char *s)
Definition: protover.c:300
const char * protover_get_recommended_client_protocols(void)
Definition: protover.c:518
const char * protover_get_recommended_relay_protocols(void)
Definition: protover.c:527
const char * protover_get_required_relay_protocols(void)
Definition: protover.c:544
char * protover_compute_vote(const smartlist_t *list_of_proto_strings, int threshold)
Definition: protover.c:657
int protover_all_supported(const char *s, char **missing_out)
Definition: protover.c:746
Headers and type declarations for protover.c.
int validate_recommended_package_line(const char *line)
Definition: recommend_pkg.c:38
Header file for recommend_pkg.c.
void rep_hist_make_router_pessimal(const char *id, time_t when)
Definition: rephist.c:757
Header file for rephist.c.
bool find_my_address(const or_options_t *options, int family, int warn_severity, tor_addr_t *addr_out, resolved_addr_method_t *method_out, char **hostname_out)
Attempt to find our IP address that can be used as our external reachable address.
Definition: resolve_addr.c:727
Header file for resolve_addr.c.
crypto_pk_t * get_my_v3_authority_signing_key(void)
Definition: router.c:457
uint16_t routerconf_find_or_port(const or_options_t *options, sa_family_t family)
Definition: router.c:1502
crypto_pk_t * get_my_v3_legacy_signing_key(void)
Definition: router.c:474
authority_cert_t * get_my_v3_legacy_cert(void)
Definition: router.c:466
static crypto_pk_t * legacy_signing_key
Definition: router.c:131
authority_cert_t * get_my_v3_authority_cert(void)
Definition: router.c:449
uint16_t routerconf_find_dir_port(const or_options_t *options, uint16_t dirport)
Definition: router.c:1607
Header file for router.c.
Router descriptor structure.
#define ROUTER_PURPOSE_GENERAL
Definition: routerinfo_st.h:98
Header for routerkeys.c.
void update_consensus_router_descriptor_downloads(time_t now, int is_vote, networkstatus_t *consensus)
Definition: routerlist.c:2645
uint32_t router_get_advertised_bandwidth(const routerinfo_t *router)
Definition: routerlist.c:641
routerlist_t * router_get_routerlist(void)
Definition: routerlist.c:893
void routers_sort_by_identity(smartlist_t *routers)
Definition: routerlist.c:3312
Header file for routerlist.c.
Router descriptor list structure.
char * sr_get_string_for_consensus(const smartlist_t *votes, int32_t num_srv_agreements)
sr_commit_t * sr_parse_commit(const smartlist_t *args)
void sr_act_post_consensus(const networkstatus_t *consensus)
void sr_handle_received_commits(smartlist_t *commits, crypto_pk_t *voter_key)
char * sr_get_string_for_vote(void)
Header for shared_random_state.c.
char * router_get_dirobj_signature(const char *digest, size_t digest_len, const crypto_pk_t *private_key)
Definition: signing.c:22
Header file for signing.c.
void smartlist_sort_digests256(smartlist_t *sl)
Definition: smartlist.c:846
const char * smartlist_get_most_frequent_string_(smartlist_t *sl, int *count_out)
Definition: smartlist.c:566
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
const uint8_t * smartlist_get_most_frequent_digest256(smartlist_t *sl)
Definition: smartlist.c:854
void smartlist_uniq_strings(smartlist_t *sl)
Definition: smartlist.c:574
void smartlist_sort_strings(smartlist_t *sl)
Definition: smartlist.c:549
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
int smartlist_contains_string(const smartlist_t *sl, const char *element)
Definition: smartlist.c:93
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
Definition: smartlist.c:334
int smartlist_string_pos(const smartlist_t *sl, const char *element)
Definition: smartlist.c:106
void smartlist_uniq(smartlist_t *sl, int(*compare)(const void **a, const void **b), void(*free_fn)(void *a))
Definition: smartlist.c:390
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
smartlist_t * smartlist_new(void)
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_clear(smartlist_t *sl)
void smartlist_remove(smartlist_t *sl, const void *element)
void smartlist_del_keeporder(smartlist_t *sl, int idx)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
#define SMARTLIST_DEL_CURRENT(sl, var)
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
crypto_pk_t * identity_key
crypto_pk_t * signing_key
char signing_key_digest[DIGEST_LEN]
signed_descriptor_t cache_info
size_t dir_len
Definition: cached_dir_st.h:20
char d[N_COMMON_DIGEST_ALGORITHMS][DIGEST256_LEN]
Definition: crypto_digest.h:89
LINELIST RecommendedServerVersions
LINELIST RecommendedClientVersions
char digest[DIGEST256_LEN]
Definition: microdesc_st.h:62
smartlist_t * known_flags
common_digests_t digests
char * recommended_relay_protocols
smartlist_t * voters
smartlist_t * net_params
smartlist_t * routerstatus_list
uint8_t bw_file_digest256[DIGEST256_LEN]
networkstatus_sr_info_t sr_info
struct authority_cert_t * cert
consensus_flavor_t flavor
networkstatus_type_t type
smartlist_t * bw_file_headers
Definition: node_st.h:34
unsigned int is_running
Definition: node_st.h:63
char * ContactInfo
int V3AuthNIntervalsValid
int V3AuthUseLegacyKey
char * GuardfractionFile
char * Nickname
Definition: or_options_st.h:97
char * V3BandwidthsFile
int TestingV3AuthInitialVotingInterval
int V3AuthVotingInterval
int TestingV3AuthVotingStartOffset
networkstatus_t * consensus
Definition: dirvote.c:117
char * onion_pkey
Definition: routerinfo_st.h:37
unsigned int omit_from_vote
Definition: routerinfo_st.h:90
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
smartlist_t * exit_policy
Definition: routerinfo_st.h:59
size_t onion_pkey_len
Definition: routerinfo_st.h:39
smartlist_t * declared_family
Definition: routerinfo_st.h:65
struct curve25519_public_key_t * onion_curve25519_pkey
Definition: routerinfo_st.h:43
struct short_policy_t * ipv6_exit_policy
Definition: routerinfo_st.h:63
smartlist_t * routers
Definition: routerlist_st.h:32
uint16_t ipv6_orport
tor_addr_t ipv6_addr
unsigned int is_sybil
char descriptor_digest[DIGEST256_LEN]
unsigned int has_exitsummary
char identity_digest[DIGEST_LEN]
unsigned int is_hs_dir
unsigned int has_guardfraction
unsigned int is_valid
unsigned int bw_is_unmeasured
char nickname[MAX_NICKNAME_LEN+1]
unsigned int has_bandwidth
uint16_t ipv4_dirport
unsigned int is_named
unsigned int is_possible_guard
unsigned int is_stable
unsigned int is_flagged_running
unsigned int is_exit
unsigned int is_authority
uint32_t guardfraction_percentage
unsigned int is_fast
uint32_t bandwidth_kb
uint16_t ipv4_orport
char signed_descriptor_digest[DIGEST_LEN]
char identity_digest[DIGEST_LEN]
struct tor_cert_st * signing_key_cert
saved_location_t saved_location
struct vote_microdesc_hash_t * next
uint8_t ed25519_id[ED25519_PUBKEY_LEN]
vote_microdesc_hash_t * microdesc
unsigned int ed25519_reflects_consensus
#define STATIC
Definition: testsupport.h:32
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:326
Parsed Tor version structure.
Header for torcert.c.
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
#define tor_assert(expr)
Definition: util_bug.h:102
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:215
const char * find_whitespace(const char *s)
Definition: util_string.c:353
int tor_digest256_is_zero(const char *digest)
Definition: util_string.c:103
int fast_mem_is_zero(const char *mem, size_t len)
Definition: util_string.c:74
const char * find_str_at_start_of_line(const char *haystack, const char *needle)
Definition: util_string.c:400
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96
void sort_version_list(smartlist_t *versions, int remove_duplicates)
Definition: versions.c:391
int tor_version_parse(const char *s, tor_version_t *out)
Definition: versions.c:206
Header file for versions.c.
Microdescriptor-hash voting structure.
Routerstatus (vote entry) structure.
#define MAX_KNOWN_FLAGS_IN_VOTE
Directory voting schedule structure.
int running_long_enough_to_decide_unreachable(void)
Definition: voteflags.c:466
char * dirserv_get_flag_thresholds_line(void)
Definition: voteflags.c:418
void dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
Definition: voteflags.c:221
void dirauth_set_routerstatus_from_routerinfo(routerstatus_t *rs, node_t *node, const routerinfo_t *ri, time_t now, int listbadexits, int listmiddleonly)
Definition: voteflags.c:583
Header file for voteflags.c.
void dirauth_sched_recalculate_timing(const or_options_t *options, time_t now)
Header file for voting_schedule.c.
#define CURVE25519_BASE64_PADDED_LEN
Definition: x25519_sizes.h:37
#define ED25519_BASE64_LEN
Definition: x25519_sizes.h:43
#define ED25519_PUBKEY_LEN
Definition: x25519_sizes.h:27