160 case TOR_ROUTERINFO_ERROR_NO_EXT_ADDR:
161 return "No known exit address yet";
162 case TOR_ROUTERINFO_ERROR_CANNOT_PARSE:
163 return "Cannot parse descriptor";
164 case TOR_ROUTERINFO_ERROR_NOT_A_SERVER:
165 return "Not running in server mode";
166 case TOR_ROUTERINFO_ERROR_DIGEST_FAILED:
167 return "Key digest failed";
168 case TOR_ROUTERINFO_ERROR_CANNOT_GENERATE:
169 return "Cannot generate descriptor";
170 case TOR_ROUTERINFO_ERROR_DESC_REBUILDING:
171 return "Descriptor still rebuilding - not ready yet";
172 case TOR_ROUTERINFO_ERROR_INTERNAL_BUG:
173 return "Internal bug, see logs for details";
176 log_warn(
LD_BUG,
"unknown routerinfo error %d - shouldn't happen", err);
177 tor_assert_unreached();
179 return "Unknown error";
193 return err != TOR_ROUTERINFO_ERROR_NOT_A_SERVER;
235#define SHOULD_PUBLISH_TAP_MIN 0
236#define SHOULD_PUBLISH_TAP_MAX 1
238#define SHOULD_PUBLISH_TAP_DFLT 1
241 "publish-dummy-tap-key",
242 SHOULD_PUBLISH_TAP_DFLT,
243 SHOULD_PUBLISH_TAP_MIN,
244 SHOULD_PUBLISH_TAP_MAX);
294 fname = get_keydir_fname(
"secret_onion_key.old");
297 log_warn(
LD_FS,
"Couldn't unlink old onion key file %s: %s",
298 fname, strerror(errno));
303 fname = get_keydir_fname(
"secret_onion_key_ntor.old");
306 log_warn(
LD_FS,
"Couldn't unlink old ntor onion key file %s: %s",
307 fname, strerror(errno));
382 log_err(
LD_BUG,
"Couldn't compute our own identity key digest.");
391set_server_identity_key_digest_testing(
const uint8_t *digest)
416#ifdef HAVE_MODULE_RELAY
422get_server_identity_key,(
void))
515 char *fname, *fname_prev;
521 fname = get_keydir_fname(
"secret_onion_key");
522 fname_prev = get_keydir_fname(
"secret_onion_key.old");
529 log_err(
LD_GENERAL,
"Error constructing rotated onion key");
532 if (crypto_pk_generate_key(prkey)) {
533 log_err(
LD_BUG,
"Error generating onion key");
537 log_err(
LD_FS,
"Couldn't write generated onion key to \"%s\".", fname);
542 fname = get_keydir_fname(
"secret_onion_key_ntor");
543 fname_prev = get_keydir_fname(
"secret_onion_key_ntor.old");
553 log_err(
LD_FS,
"Couldn't write curve25519 onion key to \"%s\".",fname);
573 log_warn(
LD_GENERAL,
"Couldn't rotate onion key.");
575 crypto_pk_free(prkey);
577 memwipe(&new_curve25519_keypair, 0,
sizeof(new_curve25519_keypair));
589 static int already_logged = 0;
595 "Thanks for helping the Tor network! If you wish to know "
596 "what will happen in the upcoming weeks regarding its usage, "
597 "have a look at https://blog.torproject.org/lifecycle-of-a"
618 tor_log(severity,
LD_FS,
"Can't read key from \"%s\"", fname);
629 tor_log(severity,
LD_FS,
"Another Tor process has locked \"%s\". "
630 "Not writing any new keys.", fname);
636 log_info(
LD_GENERAL,
"No key found in \"%s\"; generating fresh key.",
642 "Couldn't write generated key to \"%s\".", fname);
643 memwipe(keys_out, 0,
sizeof(*keys_out));
647 log_info(
LD_GENERAL,
"No key found in \"%s\"", fname);
658 if (!tag_in || strcmp(tag_in, tag)) {
685 char *fname = NULL, *cert = NULL;
686 const char *eos = NULL;
690 fname = get_keydir_fname(
691 legacy ?
"legacy_signing_key" :
"authority_signing_key");
694 log_warn(
LD_DIR,
"No version 3 directory key found in %s", fname);
698 fname = get_keydir_fname(
699 legacy ?
"legacy_certificate" :
"authority_certificate");
700 cert = read_file_to_str(fname, 0, NULL);
702 log_warn(
LD_DIR,
"Signing key found, but no certificate found in %s",
708 log_warn(
LD_DIR,
"Unable to parse certificate in %s", fname);
712 log_warn(
LD_DIR,
"Stored signing key does not match signing key in "
717 crypto_pk_free(*key_out);
718 authority_cert_free(*cert_out);
720 *key_out = signing_key;
729 crypto_pk_free(signing_key);
730 authority_cert_free(parsed);
758 static time_t last_warned = 0;
759 int badness, time_left, warn_interval;
765 time_left = (int)( expires - now );
766 if (time_left <= 0) {
768 warn_interval = 60*60;
769 }
else if (time_left <= 24*60*60) {
771 warn_interval = 60*60;
772 }
else if (time_left <= 24*60*60*7) {
774 warn_interval = 24*60*60;
775 }
else if (time_left <= 24*60*60*30) {
777 warn_interval = 24*60*60*5;
782 if (last_warned + warn_interval > now)
785 if (time_left <= 0) {
786 tor_log(badness,
LD_DIR,
"Your v3 authority certificate has expired."
787 " Generate a new one NOW.");
788 }
else if (time_left <= 24*60*60) {
789 tor_log(badness,
LD_DIR,
"Your v3 authority certificate expires in %d "
790 "hours; Generate a new one NOW.", time_left/(60*60));
792 tor_log(badness,
LD_DIR,
"Your v3 authority certificate expires in %d "
793 "days; Generate a new one soon.", time_left/(24*60*60));
807 "onion-key-rotation-days",
832 "onion-key-grace-period-days",
836 return grace_period*24*60*60;
844 unsigned int flags = 0;
848 flags |= TOR_TLS_CTX_IS_PUBLIC_SERVER;
852 unsigned int five_days = 5*24*3600;
853 unsigned int one_year = 365*24*3600;
855 lifetime -= lifetime % (24*3600);
871 get_server_identity_key() : NULL,
872 (
unsigned int)lifetime);
884 log_err(
LD_GENERAL,
"Unable to compute bridge fingerprint");
889 log_notice(
LD_GENERAL,
"You can check the status of your bridge relay at "
890 "https://bridges.torproject.org/status?id=%s",
902 const char *fname = hashed ?
"hashed-fingerprint" :
903 (ed25519_identity ?
"fingerprint-ed25519" :
907 char *fingerprint_line = NULL;
910 keydir = get_datadir_fname(fname);
911 log_info(
LD_GENERAL,
"Dumping %s%s to \"%s\"...", hashed ?
"hashed " :
"",
912 ed25519_identity ?
"ed25519 identity" :
"fingerprint", keydir);
914 if (ed25519_identity) {
916 get_master_identity_key()->pubkey);
920 fingerprint, 0) < 0) {
921 log_err(
LD_GENERAL,
"Error computing fingerprint");
927 log_err(
LD_GENERAL,
"Error computing hashed fingerprint");
937 log_err(
LD_FS,
"Error writing %s%s line to file",
938 hashed ?
"hashed " :
"",
939 ed25519_identity ?
"ed25519 identity" :
"fingerprint");
943 log_notice(
LD_GENERAL,
"Your Tor %s identity key %sfingerprint is '%s %s'",
944 hashed ?
"bridge's hashed" :
"server's",
945 ed25519_identity ?
"ed25519 " :
"",
956init_keys_common(
void)
965init_keys_client(
void)
968 if (init_keys_common() < 0)
973 if (crypto_pk_generate_key(prkey)) {
974 crypto_pk_free(prkey);
980 log_err(
LD_GENERAL,
"Error creating TLS context for Tor client.");
1000 time_t now = time(NULL);
1002 int v3_digest_set = 0;
1008 return init_keys_client();
1010 if (init_keys_common() < 0)
1017 memset(v3_digest, 0,
sizeof(v3_digest));
1018 if (authdir_mode_v3(options)) {
1020 log_err(
LD_GENERAL,
"We're configured as a V3 authority, but we "
1021 "were unable to load our v3 authority keys and certificate! "
1022 "Use tor-gencert to generate them. Dying.");
1029 log_err(
LD_BUG,
"Couldn't compute my v3 authority identity key "
1038 keydir = get_keydir_fname(
"secret_id_key");
1039 log_info(
LD_GENERAL,
"Reading/making identity key \"%s\"...",keydir);
1040 bool created =
false;
1043 if (!prkey)
return -1;
1056 if (crypto_pk_generate_key(prkey)) {
1057 crypto_pk_free(prkey);
1065 if (new_signing_key < 0)
1069 keydir = get_keydir_fname(
"secret_onion_key");
1070 log_info(
LD_GENERAL,
"Reading/making onion key \"%s\"...",keydir);
1075 if (!prkey)
return -1;
1092 time(NULL)+3600 : 0);
1096 keydir = get_keydir_fname(
"secret_onion_key.old");
1109 keydir = get_keydir_fname(
"secret_onion_key_ntor");
1116 keydir = get_keydir_fname(
"secret_onion_key_ntor.old");
1131 log_err(
LD_GENERAL,
"Error initializing TLS context");
1138 log_err(
LD_GENERAL,
"Couldn't make link cert");
1145 if (authdir_mode_v3(options)) {
1146 const char *m = NULL;
1151 get_master_identity_key())) {
1152 log_err(
LD_GENERAL,
"Error adding own fingerprint to set of relays");
1159 log_err(
LD_GENERAL,
"Generated a routerinfo we couldn't parse.");
1165 log_err(
LD_GENERAL,
"Unable to add own descriptor to directory: %s",
1166 m?m:
"<unknown error>");
1173 log_info(
LD_GENERAL,
"Couldn't add own descriptor to directory "
1174 "after key init: %s This is usually not a problem.",
1175 m?m:
"<unknown error>");
1184 log_err(
LD_FS,
"Error writing fingerprint to file");
1188 log_err(
LD_FS,
"Error writing hashed fingerprint to file");
1192 log_err(
LD_FS,
"Error writing ed25519 identity to file");
1204 log_err(
LD_GENERAL,
"Error loading fingerprints");
1225 log_err(
LD_GENERAL,
"We want to be a directory authority, but we "
1226 "couldn't add ourselves to the authority list. Failing.");
1231 if (ds->
type != type) {
1232 log_warn(
LD_DIR,
"Configured authority type does not match authority "
1233 "type in DirAuthority list. Adjusting. (%d v %d)",
1239 log_warn(
LD_DIR,
"V3 identity key does not match identity declared in "
1240 "DirAuthority line. Adjusting.");
1245 log_info(
LD_DIR,
"adding my own v3 cert");
1248 TRUSTED_DIRS_CERTS_SRC_SELF, 0,
1250 log_warn(
LD_DIR,
"Unable to parse my own v3 cert! Failing.");
1261#define MIN_BW_TO_ADVERTISE_DIRSERVER 51200
1289 static int advertising=1;
1291 const char *reason = NULL;
1303 if (!interval_length) {
1304 log_warn(
LD_BUG,
"An accounting interval is not allowed to be zero "
1305 "seconds long. Raising to 1.");
1306 interval_length = 1;
1308 log_info(
LD_GENERAL,
"Calculating whether to advertise %s: effective "
1309 "bwrate: %u, AccountingMax: %"PRIu64
", "
1310 "accounting interval length %d",
1311 dir_port ?
"dirport" :
"begindir",
1319 acc_bytes / interval_length) {
1321 reason =
"AccountingMax enabled";
1326 reason =
"BandwidthRate under 50KB";
1329 if (advertising != new_choice) {
1330 if (new_choice == 1) {
1332 log_notice(
LD_DIR,
"Advertising DirPort as %d", dir_port);
1334 log_notice(
LD_DIR,
"Advertising directory service support");
1337 log_notice(
LD_DIR,
"Not advertising Dir%s (Reason: %s)",
1338 dir_port ?
"Port" :
"ectory Service support", reason);
1340 advertising = new_choice;
1358 int supports_tunnelled_dir_requests)
1365 if (!dir_port && !supports_tunnelled_dir_requests)
1373 if (supports_tunnelled_dir_requests &&
1398 int supports_tunnelled_dir_requests)
1402 supports_tunnelled_dir_requests);
1518 if (conn->type == listener_type && !conn->marked_for_close &&
1519 conn->socket_family == family) {
1522 } SMARTLIST_FOREACH_END(conn);
1560 ipv6_ap_out->port = 0;
1568 if (!addr || port == 0) {
1569 log_debug(
LD_CONFIG,
"There is no advertised IPv6 ORPort.");
1576 const int default_auth = using_default_dir_authorities(options);
1577 if (tor_addr_is_internal(addr, 0) && default_auth) {
1579 "Unable to use configured IPv6 ORPort \"%s\" in a "
1580 "descriptor. Skipping it. "
1581 "Try specifying a globally reachable address explicitly.",
1587 ipv6_ap_out->port = port;
1600 const uint16_t port =
1603 return tor_addr_port_is_valid(addr, port, 1);
1638 int dirport_configured = portconf_get_primary_dir_port();
1641 if (!dirport_configured)
1648 return dirport_configured;
1680 size_t desc_len, extra_len = 0, total_len;
1685 log_info(
LD_GENERAL,
"No descriptor; skipping upload");
1689 if (auth == NO_DIRINFO)
1694 log_info(
LD_OR,
"Uploading relay descriptor to directory authorities%s",
1695 force ?
" (forced)" :
"");
1701 total_len = desc_len + extra_len + 1;
1702 msg = tor_malloc(total_len);
1707 msg[desc_len+extra_len] = 0;
1713 auth, msg, desc_len, extra_len);
1844 *err = TOR_ROUTERINFO_ERROR_NOT_A_SERVER;
1851 *err = TOR_ROUTERINFO_ERROR_DESC_REBUILDING;
1876 log_debug(
LD_GENERAL,
"my desc is '%s'", body);
1904router_check_descriptor_address_port_consistency(
const tor_addr_t *addr,
1907 int family, port_cfg;
1916 if (port_cfg != 0 &&
1933 log_warn(
LD_CONFIG,
"The %s %sPort address %s does not match the "
1934 "descriptor address %s. If you have a static public IPv4 "
1935 "address, use 'Address <%s>' and 'OutboundBindAddress "
1936 "<%s>'. If you are behind a NAT, use two %sPort lines: "
1937 "'%sPort <PublicPort> NoListen' and '%sPort <InternalPort> "
1939 af_str, listener_str, port_addr_str, desc_addr_str, af_str,
1940 af_str, listener_str, listener_str, listener_str);
1974 router_check_descriptor_address_port_consistency(addr,
1976 router_check_descriptor_address_port_consistency(addr,
2005 for (family = options->
MyFamily; family; family = family->next) {
2006 char *
name = family->value;
2021 "There is a router named %s in my declared family, but "
2022 "I have no descriptor for it. I'll use the nickname "
2023 "as is, but this may confuse clients. Please list it "
2026 log_warn(
LD_CONFIG,
"There is a router named %s in my declared "
2027 "family, but that isn't a legal digest or nickname. "
2045 log_warn(
LD_CONFIG,
"There is a router named %s in my declared "
2046 "family, but it wasn't listed by digest. Please consider "
2047 "saying %s instead, if that's what you meant.",
2065 smartlist_free(declared_family);
2071 nodefamily_free(nf);
2075 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
2078 if (smartlist_len(result) == 1) {
2081 const char *singleton = smartlist_get(result, 0);
2083 if (singleton[0] ==
'$') {
2085 int n =
base16_decode(d,
sizeof(d), singleton+1, strlen(singleton+1));
2093 log_warn(
LD_BUG,
"Found a singleton family list with an element "
2094 "that wasn't us! Element was %s",
escaped(singleton));
2098 smartlist_free(result);
2122 int result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2125 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2132 RELAY_FIND_ADDR_NO_FLAG,
2136 log_info(
LD_CONFIG,
"Don't know my address while generating descriptor. "
2137 "Launching circuit to authority to learn it.");
2138 relay_addr_learn_from_dirauth();
2139 result = TOR_ROUTERINFO_ERROR_NO_EXT_ADDR;
2179 result = TOR_ROUTERINFO_ERROR_DIGEST_FAILED;
2186 ri->
platform = tor_strdup(platform);
2226 ri->cache_info.send_unencrypted = 0;
2229 ri->cache_info.send_unencrypted = 1;
2235 routerinfo_free(ri);
2264 ei->cache_info.is_extrainfo = 1;
2275 ei->cache_info.send_unencrypted = 0;
2277 ei->cache_info.send_unencrypted = 1;
2299 ei, get_server_identity_key(),
2300 get_master_signing_keypair()) < 0) {
2301 log_warn(
LD_BUG,
"Couldn't generate extra-info descriptor.");
2389 return TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2395 get_master_signing_keypair())) ) {
2396 log_warn(
LD_BUG,
"Couldn't generate router descriptor.");
2397 return TOR_ROUTERINFO_ERROR_CANNOT_GENERATE;
2422 int result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2439 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2456 &ri->cache_info, NULL))) {
2457 result = TOR_ROUTERINFO_ERROR_INTERNAL_BUG;
2465 routerinfo_free(ri);
2492 log_info(
LD_OR,
"Rebuilding relay descriptor%s", force ?
" (forced)" :
"");
2508 desc_gen_reason =
"descriptor was marked dirty earlier, for no reason.";
2519 const int32_t DEFAULT_ASSUME_REACHABLE = 0;
2520 const int32_t DEFAULT_ASSUME_REACHABLE_IPV6 = 0;
2524 DEFAULT_ASSUME_REACHABLE, 0, 1);
2526 "assume-reachable-ipv6",
2527 DEFAULT_ASSUME_REACHABLE_IPV6, 0, 1);
2544 if (previous != omit_ipv6) {
2551#define FORCE_REGENERATE_DESCRIPTOR_INTERVAL (18*60*60)
2555#define FAST_RETRY_DESCRIPTOR_INTERVAL (90*60)
2564 const char *retry_fast_reason = NULL;
2588 retry_fast_reason =
"not listed in consensus";
2590 retry_fast_reason =
"listed as stale in consensus";
2602 if (BUG(reason == NULL)) {
2603 reason =
"marked descriptor dirty for unspecified reason";
2606 log_info(
LD_OR,
"Decided to publish new relay descriptor: %s", reason);
2617#define MAX_BANDWIDTH_CHANGE_FREQ (3*60*60)
2621#define MAX_UPTIME_BANDWIDTH_CHANGE (24*60*60)
2624#define BANDWIDTH_CHANGE_FACTOR 2
2632 static time_t last_changed = 0;
2652 if ((prev != cur && (!prev || !cur)) ||
2655 const bool change_recent_enough =
2658 if (change_recent_enough || testing_network || !prev) {
2660 "Measured bandwidth has changed; rebuilding descriptor.");
2669DISABLE_GCC_WARNING(
"-Wmissing-noreturn")
2685 if (
tor_addr_to_str(addrbuf_prev, prev,
sizeof(addrbuf_prev), 1) == NULL)
2687 if (
tor_addr_to_str(addrbuf_cur, cur,
sizeof(addrbuf_cur), 1) == NULL)
2692 "Our IP Address has changed from %s to %s; "
2693 "rebuilding descriptor (source: %s).",
2694 addrbuf_prev, addrbuf_cur, source);
2697 "Guessed our IP address as %s (source: %s).",
2698 addrbuf_cur, source);
2700ENABLE_GCC_WARNING(
"-Wmissing-noreturn")
2712 char *hostname = NULL;
2713 int families[2] = { AF_INET, AF_INET6 };
2714 bool has_changed =
false;
2719 if (my_ri == NULL) {
2726 int family = families[i];
2730 if (family == AF_INET6) {
2742 RELAY_FIND_ADDR_NO_FLAG, ¤t);
2753 hostname ?
" HOSTNAME=" :
"",
2754 hostname ? hostname :
"");
2782#define DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
2799 char *address = NULL;
2800 char *onion_pkey = NULL;
2802 char *identity_pkey = NULL;
2804 char published[ISO_TIME_LEN+1];
2806 char *extra_info_line = NULL;
2807 size_t onion_pkeylen=0, identity_pkeylen;
2808 char *family_line = NULL;
2809 char *extra_or_address = NULL;
2812 char *output = NULL;
2813 const int emit_ed_sigs = signing_keypair &&
2815 char *ed_cert_line = NULL;
2816 char *rsa_tap_cc_line = NULL;
2817 char *ntor_cc_line = NULL;
2818 char *proto_line = NULL;
2822 log_warn(
LD_BUG,
"Tried to sign a router with a private key that didn't "
2823 "match router's public key!");
2829 &signing_keypair->pubkey)) {
2830 log_warn(
LD_BUG,
"Tried to sign a router descriptor with a mismatched "
2831 "ed25519 key chain %d",
2839 log_err(
LD_BUG,
"Error computing fingerprint");
2845 char ed_cert_base64[256];
2850 BASE64_ENCODE_MULTILINE) < 0) {
2851 log_err(
LD_BUG,
"Couldn't base64-encode signing key certificate!");
2857 "-----BEGIN ED25519 CERT-----\n"
2859 "-----END ED25519 CERT-----\n"
2860 "master-key-ed25519 %s\n",
2861 ed_cert_base64, ed_fp_base64);
2869 &onion_pkey,&onion_pkeylen)<0) {
2870 log_warn(
LD_BUG,
"write onion_pkey to string failed!");
2877 &identity_pkey,&identity_pkeylen)<0) {
2878 log_warn(
LD_BUG,
"write identity_pkey to string failed!");
2893 log_warn(
LD_BUG,
"make_tap_onion_key_crosscert failed!");
2897 if (
base64_encode(buf,
sizeof(buf), (
const char*)tap_cc, tap_cc_len,
2898 BASE64_ENCODE_MULTILINE) < 0) {
2899 log_warn(
LD_BUG,
"base64_encode(rsa_crosscert) failed!");
2906 "onion-key-crosscert\n"
2907 "-----BEGIN CROSSCERT-----\n"
2909 "-----END CROSSCERT-----\n", buf);
2924 log_warn(
LD_BUG,
"make_ntor_onion_key_crosscert failed!");
2931 BASE64_ENCODE_MULTILINE)<0) {
2932 log_warn(
LD_BUG,
"base64_encode(ntor_crosscert) failed!");
2933 tor_cert_free(cert);
2936 tor_cert_free(cert);
2939 "ntor-onion-key-crosscert %d\n"
2940 "-----BEGIN ED25519 CERT-----\n"
2942 "-----END ED25519 CERT-----\n", sign, buf);
2954 family_line = tor_strdup(
"");
2964 tor_asprintf(&extra_info_line,
"extra-info-digest %s %s\n",
2965 extra_info_digest, d256_64);
2967 tor_asprintf(&extra_info_line,
"extra-info-digest %s\n",
2979 "or-address %s:%d\n", a, router->ipv6_orport);
2980 log_debug(
LD_OR,
"My or-address line is <%s>", extra_or_address);
2987 proto_line = tor_strdup(
"");
2998 "router %s %s %d 0 %d\n"
3006 "bandwidth %d %d %d\n"
3014 router->ipv4_orport,
3016 ed_cert_line ? ed_cert_line :
"",
3017 extra_or_address ? extra_or_address :
"",
3026 extra_info_line ? extra_info_line :
"",
3028 "caches-extra-info\n" :
"",
3029 onion_pkey?
"onion-key\n":
"", onion_pkey?onion_pkey:
"",
3031 rsa_tap_cc_line ? rsa_tap_cc_line :
"",
3032 ntor_cc_line ? ntor_cc_line :
"",
3035 "hidden-service-dir\n");
3039 if (strchr(ci,
'\n') || strchr(ci,
'\r'))
3050 bd = tor_strdup(
"any");
3067 log_err(
LD_BUG,
"A relay must have an ntor onion key");
3086 if (p6 && strcmp(p6,
"reject 1-65535")) {
3088 "ipv6-policy %s\n", p6);
3102 if (overload_general) {
3111 ED_DESC_SIGNATURE_PREFIX,
3112 chunks,
"", DIGEST_SHA256);
3116 signing_keypair) < 0)
3126 crypto_digest_smartlist(digest,
DIGEST_LEN, chunks,
"", DIGEST_SHA1);
3131 log_warn(
LD_BUG,
"Couldn't sign router descriptor");
3142#ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
3147 cp = s_dup = tor_strdup(output);
3151 "We just generated a router descriptor we can't parse.");
3152 log_err(
LD_BUG,
"Descriptor was: <<%s>>", output);
3156 routerinfo_free(ri_tmp);
3167 smartlist_free(chunks);
3169 crypto_pk_free(rsa_pubkey);
3195 return tor_strdup(
"reject *:*");
3221 char *fname = get_datadir_fname(filename);
3222 char *contents = NULL, timestr[ISO_TIME_LEN+1];
3227 contents = read_file_to_str(fname, 0, NULL);
3228 if (contents == NULL) {
3229 log_debug(
LD_BUG,
"Unable to read content of %s", filename);
3236 log_warn(
LD_BUG,
"Token %s not found in file %s", ts_tag, filename);
3240 if (strlen(ts_tok) < strlen(ts_tag) + 1 +
sizeof(timestr)) {
3241 log_warn(
LD_BUG,
"Token %s malformed in file %s", ts_tag, filename);
3245 strlcpy(timestr, ts_tok + strlen(ts_tag) + 1,
sizeof(timestr));
3247 log_warn(
LD_BUG,
"Token %s has a malformed timestamp in file %s",
3251 if (written < now - (25*60*60) || written > now + (1*60*60)) {
3289 char published[ISO_TIME_LEN+1];
3290 char *ed_cert_line = NULL;
3300 &signing_keypair->pubkey)) {
3301 log_warn(
LD_BUG,
"Tried to sign a extrainfo descriptor with a "
3302 "mismatched ed25519 key chain %d",
3306 char ed_cert_base64[256];
3310 BASE64_ENCODE_MULTILINE) < 0) {
3311 log_err(
LD_BUG,
"Couldn't base64-encode signing key certificate!");
3315 "-----BEGIN ED25519 CERT-----\n"
3317 "-----END ED25519 CERT-----\n", ed_cert_base64);
3319 ed_cert_line = tor_strdup(
"");
3324 tor_asprintf(&pre,
"extra-info %s %s\n%spublished %s\n",
3347 int write_stats_to_extrainfo)
3350 char *contents = NULL;
3351 time_t now = time(NULL);
3362 if (pluggable_transports)
3367 log_info(
LD_GENERAL,
"Adding stats to extra-info descriptor.");
3382 "dirreq-stats-end", now, &contents) > 0) {
3387 "hidserv-stats-end", now, &contents) > 0) {
3392 "hidserv-v3-stats-end", now, &contents) > 0) {
3397 "entry-stats-end", now, &contents) > 0) {
3402 "cell-stats-end", now, &contents) > 0) {
3407 "exit-stats-end", now, &contents) > 0) {
3412 "conn-bi-direct", now, &contents) > 0) {
3453 crypto_digest_smartlist_prefix(sha256_digest,
DIGEST256_LEN,
3454 ED_DESC_SIGNATURE_PREFIX,
3455 chunks,
"", DIGEST_SHA256);
3457 signing_keypair) < 0)
3480 const char *extrainfo_string)
3482 char sig[DIROBJ_MAX_SIG_LEN+1];
3486 memset(sig, 0,
sizeof(sig));
3491 log_warn(
LD_BUG,
"Could not append signature to extra-info "
3523 static int write_stats_to_extrainfo = 1;
3524 char *s = NULL, *cp, *s_dup = NULL;
3527 const int emit_ed_sigs = signing_keypair &&
3555 const int required_chunks = emit_ed_sigs ? 4 : 2;
3556 if (smartlist_len(chunks) > required_chunks) {
3559 int idx = smartlist_len(chunks) - required_chunks;
3560 char *e = smartlist_get(chunks, idx);
3562 log_warn(
LD_GENERAL,
"We just generated an extra-info descriptor "
3563 "with statistics that exceeds the 50 KB "
3564 "upload limit. Removing last added "
3570 log_warn(
LD_BUG,
"We just generated an extra-info descriptors that "
3571 "exceeds the 50 KB upload limit.");
3583 cp = s_dup = tor_strdup(s);
3586 if (write_stats_to_extrainfo) {
3587 log_warn(
LD_GENERAL,
"We just generated an extra-info descriptor "
3588 "with statistics that we can't parse. Not "
3589 "adding statistics to this or any future "
3590 "extra-info descriptors.");
3591 write_stats_to_extrainfo = 0;
3596 log_warn(
LD_BUG,
"We just generated an extrainfo descriptor we "
3613 smartlist_free(chunks);
3615 extrainfo_free(ei_tmp);
3665router_set_rsa_onion_pkey(
const crypto_pk_t *pk,
char **onion_pkey_out,
3666 size_t *onion_pkey_len_out)
3680 *onion_pkey_out = tor_memdup(buf, len);
3681 *onion_pkey_len_out = len;
3692router_get_rsa_onion_pkey(
const char *pkey,
size_t pkey_len)
3694 if (!pkey || pkey_len == 0) {
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
int tor_addr_is_null(const tor_addr_t *addr)
char * tor_addr_to_str_dup(const tor_addr_t *addr)
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
const char * fmt_af_family(sa_family_t family)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
static sa_family_t tor_addr_family(const tor_addr_t *a)
#define tor_addr_eq(a, b)
int trusted_dirs_load_certs_from_string(const char *contents, int source, int flush, const char *source_dir)
Header file for authcert.c.
authority_cert_t * authority_cert_parse_from_string(const char *s, size_t maxlen, const char **end_of_string)
Header file for authcert_parse.c.
int authdir_mode(const or_options_t *options)
Header file for directory authority mode.
Authority certificate structure.
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
int bwhist_bandwidth_assess(void)
char * bwhist_get_bandwidth_lines(void)
Header for feature/stats/bwhist.c.
tor_mutex_t * tor_mutex_new(void)
void tor_mutex_release(tor_mutex_t *m)
void tor_mutex_acquire(tor_mutex_t *m)
#define tor_mutex_free(m)
int portconf_get_first_advertised_port(int listener_type, int address_family)
int create_keys_directory(const or_options_t *options)
const or_options_t * get_options(void)
int port_exists_by_type_addr_port(int listener_type, const tor_addr_t *addr, int port, int check_wildcard)
tor_cmdline_mode_t command
const tor_addr_t * portconf_get_first_advertised_addr(int listener_type, int address_family)
Header file for config.c.
Header file for connection.c.
#define CONN_TYPE_DIR_LISTENER
#define CONN_TYPE_OR_LISTENER
int control_event_my_descriptor_changed(void)
Header file for control_events.c.
int curve25519_keypair_write_to_file(const curve25519_keypair_t *keypair, const char *fname, const char *tag)
int curve25519_keypair_read_from_file(curve25519_keypair_t *keypair_out, char **tag_out, const char *fname)
int curve25519_keypair_generate(curve25519_keypair_t *keypair_out, int extra_strong)
void curve25519_public_to_base64(char *output, const curve25519_public_key_t *pkey, bool pad)
#define BASE64_DIGEST256_LEN
int crypto_digest256(char *digest, const char *m, size_t len, digest_algorithm_t algorithm)
int ed25519_sign(ed25519_signature_t *signature_out, const uint8_t *msg, size_t len, const ed25519_keypair_t *keypair)
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
Header for crypto_ed25519.c.
Headers for crypto_init.c.
Common functions for using (pseudo-)random number generators.
int crypto_rand_int_range(unsigned int min, unsigned int max)
int crypto_rand_int(unsigned int max)
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
int crypto_pk_eq_keys(const crypto_pk_t *a, const crypto_pk_t *b)
int crypto_pk_write_public_key_to_string(crypto_pk_t *env, char **dest, size_t *len)
int crypto_pk_write_private_key_to_filename(crypto_pk_t *env, const char *fname)
int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
crypto_pk_t * crypto_pk_new(void)
int crypto_pk_asn1_encode(const crypto_pk_t *pk, char *dest, size_t dest_len)
crypto_pk_t * crypto_pk_asn1_decode(const char *str, size_t len)
crypto_pk_t * crypto_pk_copy_full(crypto_pk_t *orig)
crypto_pk_t * crypto_pk_dup_key(crypto_pk_t *orig)
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
void dimap_add_entry(di_digest256_map_t **map, const uint8_t *key, void *val)
int tor_memeq(const void *a, const void *b, size_t sz)
#define dimap_free(map, free_fn)
#define fast_memeq(a, b, c)
#define tor_memneq(a, b, sz)
Client/server directory connection structure.
Trusted/fallback directory server structure.
void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose, dirinfo_type_t type, const char *payload, size_t payload_len, size_t extrainfo_len)
Header file for dirclient.c.
Header file for directory.c.
#define DIR_PURPOSE_UPLOAD_DIR
dir_server_t * router_get_trusteddirserver_by_digest(const char *digest)
void dir_server_add(dir_server_t *ent)
dir_server_t * trusted_dir_server_new(const char *nickname, const char *address, uint16_t ipv4_dirport, uint16_t ipv4_orport, const tor_addr_port_t *ipv6_addrport, const char *digest, const char *v3_auth_digest, dirinfo_type_t type, double weight)
Header file for dirlist.c.
int directory_permits_begindir_requests(const or_options_t *options)
Header file for dirserv.c.
int dns_seems_to_be_broken(void)
int has_dns_init_failed(void)
const char * escaped(const char *s)
int tor_unlink(const char *pathname)
file_status_t file_status(const char *filename)
int write_str_to_file_if_not_equal(const char *fname, const char *str)
int replace_file(const char *from, const char *to)
const char * geoip_db_digest(sa_family_t family)
int geoip_is_loaded(sa_family_t family)
Header file for geoip_stats.c.
const char * geoip_get_bridge_stats_extrainfo(time_t)
int should_record_bridge_info(const or_options_t *options)
int accounting_is_enabled(const or_options_t *options)
int we_are_hibernating(void)
int accounting_get_interval_length(void)
Header file for hibernate.c.
crypto_pk_t * init_key_from_file(const char *fname, int generate, int severity, bool *created_out)
Header file for loadkey.c.
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
int try_locking(const or_options_t *options, int err_if_locked)
void ip_address_changed(int on_client_conn)
smartlist_t * get_connection_array(void)
Header file for mainloop.c.
int net_is_disabled(void)
const routerstatus_t * networkstatus_vote_find_entry(networkstatus_t *ns, const char *digest)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
networkstatus_t * networkstatus_get_live_consensus(time_t now)
Header file for networkstatus.c.
Networkstatus consensus/vote structure.
int is_legal_nickname_or_hexdigest(const char *s)
int is_legal_hexdigest(const char *s)
Header file for nickname.c.
Node information structure.
char * nodefamily_format(const nodefamily_t *family)
nodefamily_t * nodefamily_from_members(const smartlist_t *members, const uint8_t *rsa_id_self, unsigned flags, smartlist_t *unrecognized_out)
Header file for nodefamily.c.
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
consensus_path_type_t router_have_consensus_path(void)
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define MAX_ONION_KEY_LIFETIME_DAYS
#define MAX_EXTRAINFO_UPLOAD_SIZE
#define MIN_ONION_KEY_LIFETIME_DAYS
#define MIN_ONION_KEY_GRACE_PERIOD_DAYS
#define DEFAULT_ONION_KEY_LIFETIME_DAYS
#define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS
The or_state_t structure, which represents Tor's state file.
int policies_parse_exit_policy_from_options(const or_options_t *or_options, const tor_addr_t *ipv4_local_address, const tor_addr_t *ipv6_local_address, smartlist_t **result)
char * policy_dump_to_string(const smartlist_t *policy_list, int include_ipv4, int include_ipv6)
addr_policy_result_t compare_tor_addr_to_addr_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
char * write_short_policy(const short_policy_t *policy)
addr_policy_result_t compare_tor_addr_to_short_policy(const tor_addr_t *addr, uint16_t port, const short_policy_t *policy)
int policy_is_reject_star(const smartlist_t *policy, sa_family_t family, int default_reject)
char * policy_summarize(smartlist_t *policy, sa_family_t family)
short_policy_t * parse_short_policy(const char *summary)
void policies_exit_policy_append_reject_star(smartlist_t **dest)
Header file for policies.c.
Listener port configuration structure.
int tor_asprintf(char **strp, const char *fmt,...)
int tor_snprintf(char *str, size_t size, const char *format,...)
int dirserv_load_fingerprint_file(void)
was_router_added_t dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
int dirserv_add_own_fingerprint(crypto_pk_t *pk, const ed25519_public_key_t *edkey)
Header file for process_descs.c.
const char * protover_get_supported_protocols(void)
C_RUST_COUPLED: src/rust/protover/protover.rs SUPPORTED_PROTOCOLS
Headers and type declarations for protover.c.
uint32_t relay_get_effective_bwrate(const or_options_t *options)
uint32_t relay_get_effective_bwburst(const or_options_t *options)
Header for feature/relay/relay_config.c.
bool relay_find_addr_to_publish(const or_options_t *options, int family, int flags, tor_addr_t *addr_out)
Header file for relay_find_addr.c.
void reschedule_descriptor_update_check(void)
Header for feature/relay/relay_periodic.c.
char * rep_hist_get_overload_stats_lines(void)
char * rep_hist_get_overload_general_line(void)
char * rep_hist_get_padding_count_lines(void)
Header file for rephist.c.
const char * resolved_addr_method_to_str(const resolved_addr_method_t method)
Header file for resolve_addr.c.
int router_compare_to_my_exit_policy(const tor_addr_t *addr, uint16_t port)
STATIC smartlist_t * get_my_declared_family(const or_options_t *options)
void ntor_key_map_free_(di_digest256_map_t *map)
static int should_publish_tap_onion_key(void)
static crypto_pk_t * onionkey
static tor_mutex_t * key_lock
void router_reset_warnings(void)
void consider_publishable_server(int force)
#define FAST_RETRY_DESCRIPTOR_INTERVAL
static void router_check_descriptor_address_consistency(const tor_addr_t *addr)
int router_has_bandwidth_to_be_dirserver(const or_options_t *options)
static int extrainfo_dump_to_string_ed_sig_helper(smartlist_t *chunks, const ed25519_keypair_t *signing_keypair)
void v3_authority_check_key_expiry(void)
void router_new_consensus_params(const networkstatus_t *ns)
static const char * desc_gen_reason
STATIC extrainfo_t * router_build_fresh_signed_extrainfo(const routerinfo_t *ri)
void router_free_all(void)
static bool publish_even_when_ipv4_orport_unreachable
crypto_pk_t * get_tlsclient_identity_key(void)
static curve25519_keypair_t last_curve25519_onion_key
static void assert_identity_keys_ok(void)
uint16_t routerconf_find_or_port(const or_options_t *options, sa_family_t family)
static int extrainfo_dump_to_string_header_helper(smartlist_t *chunks, const extrainfo_t *extrainfo, const ed25519_keypair_t *signing_keypair, int emit_ed_sigs)
static int desc_needs_upload
const char * router_get_descriptor_gen_reason(void)
static int init_curve25519_keypair_from_file(curve25519_keypair_t *keys_out, const char *fname, int generate, int severity, const char *tag)
static authority_cert_t * authority_key_certificate
void router_upload_dir_desc_to_dirservers(int force)
#define MAX_BANDWIDTH_CHANGE_FREQ
STATIC int router_write_fingerprint(int hashed, int ed25519_identity)
static bool omit_ipv6_on_publish
STATIC void router_update_routerinfo_from_extrainfo(routerinfo_t *ri, const extrainfo_t *ei)
void log_addr_has_changed(int severity, const tor_addr_t *prev, const tor_addr_t *cur, const char *source)
int extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, crypto_pk_t *ident_key, const ed25519_keypair_t *signing_keypair)
static crypto_pk_t * server_identitykey
int get_onion_key_grace_period(void)
static smartlist_t * warned_family
void check_descriptor_ipaddress_changed(time_t now)
#define FORCE_REGENERATE_DESCRIPTOR_INTERVAL
STATIC int router_dump_and_sign_routerinfo_descriptor_body(routerinfo_t *ri)
const uint8_t * router_get_my_id_digest(void)
STATIC void router_announce_bridge_status_page(void)
bool router_addr_is_my_published_addr(const tor_addr_t *addr)
static int decide_if_publishable_server(void)
crypto_pk_t * get_my_v3_legacy_signing_key(void)
static curve25519_keypair_t curve25519_onion_key
int router_initialize_tls_context(void)
void set_client_identity_key(crypto_pk_t *k)
crypto_pk_t * get_my_v3_authority_signing_key(void)
static void extrainfo_dump_to_string_stats_helper(smartlist_t *chunks, int write_stats_to_extrainfo)
void routerconf_find_ipv6_or_ap(const or_options_t *options, tor_addr_port_t *ipv6_ap_out)
static crypto_pk_t * authority_signing_key
void dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last)
int router_should_advertise_dirport(const or_options_t *options, uint16_t dir_port)
static routerinfo_t * desc_routerinfo
bool routerconf_has_ipv6_orport(const or_options_t *options)
static char server_identitykey_digest[DIGEST_LEN]
void mark_my_descriptor_if_omit_ipv6_changes(const char *reason, bool omit_ipv6)
STATIC int router_build_fresh_unsigned_routerinfo(routerinfo_t **ri_out)
time_t get_onion_key_set_at(void)
static void set_onion_key(crypto_pk_t *k)
extrainfo_t * router_get_my_extrainfo(void)
uint16_t router_get_active_listener_port_by_type_af(int listener_type, sa_family_t family)
static int init_v3_authority_keys(void)
static int router_should_be_dirserver(const or_options_t *options, int dir_port)
#define MIN_BW_TO_ADVERTISE_DIRSERVER
const routerinfo_t * router_get_my_routerinfo_with_err(int *err)
bool rotate_onion_key(void)
crypto_pk_t * get_onion_key(void)
static int router_should_advertise_begindir(const or_options_t *options, int supports_tunnelled_dir_requests)
static crypto_pk_t * lastonionkey
void expire_old_onion_keys(void)
static int decide_to_advertise_dir_impl(const or_options_t *options, uint16_t dir_port, int supports_tunnelled_dir_requests)
int client_identity_key_is_set(void)
int server_identity_key_is_set(void)
STATIC const char * desc_dirty_reason
static bool publish_even_when_ipv6_orport_unreachable
bool router_rebuild_descriptor(int force)
static crypto_pk_t * legacy_signing_key
static authority_cert_t * legacy_key_certificate
int router_extrainfo_digest_is_me(const char *digest)
void check_descriptor_bandwidth_changed(time_t now)
int get_onion_key_lifetime(void)
#define MAX_UPTIME_BANDWIDTH_CHANGE
static extrainfo_t * router_build_fresh_unsigned_extrainfo(const routerinfo_t *ri)
int router_digest_is_me(const char *digest)
static int router_dump_and_sign_extrainfo_descriptor_body(extrainfo_t *ei)
const char * router_get_my_descriptor(void)
bool router_can_extend_over_ipv6(const or_options_t *options)
int router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e)
STATIC const struct curve25519_keypair_t * get_current_curve25519_keypair(void)
void mark_my_descriptor_dirty(const char *reason)
static int get_onion_key_rotation_days_(void)
void mark_my_descriptor_dirty_if_too_old(time_t now)
char * router_dump_exit_policy_to_string(const routerinfo_t *router, int include_ipv4, int include_ipv6)
STATIC int load_stats_file(const char *filename, const char *ts_tag, time_t now, char **out)
static time_t onionkey_set_at
void set_server_identity_key(crypto_pk_t *k)
int router_is_me(const routerinfo_t *router)
static int extrainfo_dump_to_string_rsa_sig_helper(smartlist_t *chunks, crypto_pk_t *ident_key, const char *extrainfo_string)
static void ntor_key_map_free_helper(void *arg)
static crypto_pk_t * client_identitykey
static void log_new_relay_greeting(void)
const routerinfo_t * router_get_my_routerinfo(void)
static int load_authority_keyset(int legacy, crypto_pk_t **key_out, authority_cert_t **cert_out)
authority_cert_t * get_my_v3_authority_cert(void)
STATIC time_t desc_clean_since
uint16_t routerconf_find_dir_port(const or_options_t *options, uint16_t dirport)
int routerinfo_err_is_transient(int err)
#define BANDWIDTH_CHANGE_FACTOR
char * router_dump_router_to_string(routerinfo_t *router, const crypto_pk_t *ident_key, const crypto_pk_t *tap_key, const curve25519_keypair_t *ntor_keypair, const ed25519_keypair_t *signing_keypair)
const char * routerinfo_err_to_string(int err)
int router_my_exit_policy_is_reject_star(void)
static extrainfo_t * desc_extrainfo
STATIC void get_platform_str(char *platform, size_t len)
int should_refuse_unknown_exits(const or_options_t *options)
authority_cert_t * get_my_v3_legacy_cert(void)
di_digest256_map_t * construct_ntor_key_map(void)
Header file for router.c.
Router descriptor structure.
#define ROUTER_PURPOSE_GENERAL
#define ROUTER_PURPOSE_BRIDGE
int load_ed_keys(const or_options_t *options, time_t now)
uint8_t * make_tap_onion_key_crosscert(const crypto_pk_t *onion_key, const ed25519_public_key_t *master_id_key, const crypto_pk_t *rsa_id_key, int *len_out)
tor_cert_t * make_ntor_onion_key_crosscert(const curve25519_keypair_t *onion_key, const ed25519_public_key_t *master_id_key, time_t now, time_t lifetime, int *sign_out)
int generate_ed_link_cert(const or_options_t *options, time_t now, int force)
const char * signed_descriptor_get_body(const signed_descriptor_t *desc)
int routerinfo_incompatible_with_extrainfo(const crypto_pk_t *identity_pkey, extrainfo_t *ei, signed_descriptor_t *sd, const char **msg)
Header file for routerlist.c.
static int WRA_WAS_ADDED(was_router_added_t s)
static int WRA_WAS_OUTDATED(was_router_added_t s)
int public_server_mode(const or_options_t *options)
int server_mode(const or_options_t *options)
void set_server_advertised(int s)
Header file for routermode.c.
routerinfo_t * router_parse_entry_from_string(const char *s, const char *end, int cache_copy, int allow_annotations, const char *prepend_annotations, int *can_dl_again_out)
int router_get_extrainfo_hash(const char *s, size_t s_len, char *digest)
extrainfo_t * extrainfo_parse_entry_from_string(const char *s, const char *end, int cache_copy, struct digest_ri_map_t *routermap, int *can_dl_again_out)
int router_get_router_hash(const char *s, size_t s_len, char *digest)
Header file for routerparse.c.
Routerstatus (consensus entry) structure.
int router_orport_seems_reachable(const or_options_t *options, int family)
int router_dirport_seems_reachable(const or_options_t *options)
Header file for selftest.c.
int router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest, size_t digest_len, crypto_pk_t *private_key)
char * router_get_dirobj_signature(const char *digest, size_t digest_len, const crypto_pk_t *private_key)
Header file for signing.c.
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
int smartlist_contains_string(const smartlist_t *sl, const char *element)
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_clear(smartlist_t *sl)
void smartlist_del_keeporder(smartlist_t *sl, int idx)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
void or_state_mark_dirty(or_state_t *state, time_t when)
or_state_t * get_or_state(void)
crypto_pk_t * signing_key
signed_descriptor_t cache_info
char v3_identity_digest[DIGEST_LEN]
char identity[DIGEST_LEN]
dirinfo_type_t PublishServerDescriptor_
struct config_line_t * MyFamily
char * BridgeDistribution
int HiddenServiceStatistics
struct config_line_t * ServerTransportPlugin
uint64_t RelayBandwidthRate
int ConnDirectionStatistics
tor_cmdline_mode_t command
int BridgeAuthoritativeDir
time_t LastRotatedOnionKey
smartlist_t * exit_policy
smartlist_t * declared_family
crypto_pk_t * identity_pkey
size_t tap_onion_pkey_len
struct curve25519_public_key_t * onion_curve25519_pkey
unsigned int policy_is_reject_star
unsigned int supports_tunnelled_dir_requests
uint32_t bandwidthcapacity
struct short_policy_t * ipv6_exit_policy
unsigned int is_staledesc
char signed_descriptor_digest[DIGEST_LEN]
char extra_info_digest[DIGEST_LEN]
char identity_digest[DIGEST_LEN]
struct tor_cert_st * signing_key_cert
char * signed_descriptor_body
char extra_info_digest256[DIGEST256_LEN]
size_t signed_descriptor_len
saved_location_t saved_location
#define MOCK_IMPL(rv, funcname, arglist)
int parse_iso_time(const char *cp, time_t *t)
void format_iso_time(char *buf, time_t t)
tor_cert_t * tor_cert_dup(const tor_cert_t *cert)
int tor_tls_context_init(unsigned flags, crypto_pk_t *client_identity, crypto_pk_t *server_identity, unsigned int key_lifetime)
const char * get_short_version(void)
char * pt_get_extra_info_descriptor_string(void)
Headers for transports.c.
const char * get_uname(void)
#define IF_BUG_ONCE(cond)
void tor_strlower(char *s)
int tor_digest256_is_zero(const char *digest)
int fast_mem_is_zero(const char *mem, size_t len)
const char * find_str_at_start_of_line(const char *haystack, const char *needle)
int tor_digest_is_zero(const char *digest)
#define CURVE25519_BASE64_PADDED_LEN
#define ED25519_BASE64_LEN
#define ED25519_SIG_BASE64_LEN
#define CURVE25519_PUBKEY_LEN