networkstatus.c 75.4 KB
Newer Older
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
Karsten Loesing's avatar
Karsten Loesing committed
4
 * Copyright (c) 2007-2009, The Tor Project, Inc. */
5
6
7
/* See LICENSE for licensing information */

/**
8
9
 * \file networkstatus.c
 * \brief Functions and structures for handling network status documents as a
10
 * client or cache.
11
12
13
14
 */

#include "or.h"

15
/* For tracking v2 networkstatus documents.  Only caches do this now. */
16

17
18
/** Map from descriptor digest of routers listed in the v2 networkstatus
 * documents to download_status_t* */
19
20
static digestmap_t *v2_download_status_map = NULL;
/** Global list of all of the current v2 network_status documents that we know
21
 * about.  This list is kept sorted by published_on. */
22
static smartlist_t *networkstatus_v2_list = NULL;
23
24
25
26
/** True iff any member of networkstatus_v2_list has changed since the last
 * time we called download_status_map_update_from_v2_networkstatus() */
static int networkstatus_v2_list_has_changed = 0;

27
/** Map from lowercase nickname to identity digest of named server, if any. */
28
static strmap_t *named_server_map = NULL;
29
30
31
/** Map from lowercase nickname to (void*)1 for all names that are listed
 * as unnamed for some server in the consensus. */
static strmap_t *unnamed_server_map = NULL;
32
33

/** Most recently received and validated v3 consensus network status. */
34
static networkstatus_t *current_consensus = NULL;
35
36
37

/** A v3 consensus networkstatus that we've received, but which we don't
 * have enough certificates to be happy about. */
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
typedef struct consensus_waiting_for_certs_t {
  /** The consensus itself. */
  networkstatus_t *consensus;
  /** The encoded version of the consensus, nul-terminated. */
  char *body;
  /** When did we set the current value of consensus_waiting_for_certs?  If
   * this is too recent, we shouldn't try to fetch a new consensus for a
   * little while, to give ourselves time to get certificates for this one. */
  time_t set_at;
  /** Set to 1 if we've been holding on to it for so long we should maybe
   * treat it as being bad. */
  int dl_failed;
} consensus_waiting_for_certs_t;

static consensus_waiting_for_certs_t
       consensus_waiting_for_certs[N_CONSENSUS_FLAVORS];
54
55
56
57
58
59

/** The last time we tried to download a networkstatus, or 0 for "never".  We
 * use this to rate-limit download attempts for directory caches (including
 * mirrors).  Clients don't use this now. */
static time_t last_networkstatus_download_attempted = 0;

60
61
62
/** A time before which we shouldn't try to replace the current consensus:
 * this will be at some point after the next consensus becomes valid, but
 * before the current consensus becomes invalid. */
63
static time_t time_to_download_next_consensus = 0;
64
/** Download status for the current consensus networkstatus. */
65
static download_status_t consensus_dl_status[N_CONSENSUS_FLAVORS];
66
67

/** True iff we have logged a warning about this OR's version being older than
Roger Dingledine's avatar
Roger Dingledine committed
68
 * listed by the authorities. */
69
70
static int have_warned_about_old_version = 0;
/** True iff we have logged a warning about this OR's version being newer than
Roger Dingledine's avatar
Roger Dingledine committed
71
 * listed by the authorities. */
72
73
static int have_warned_about_new_version = 0;

74
static void download_status_map_update_from_v2_networkstatus(void);
75
static void routerstatus_list_update_named_server_map(void);
76

77
78
/** Forget that we've warned about anything networkstatus-related, so we will
 * give fresh warnings if the same behavior happens again. */
79
80
81
void
networkstatus_reset_warnings(void)
{
82
83
84
85
86
  if (current_consensus) {
    SMARTLIST_FOREACH(current_consensus->routerstatus_list,
                      routerstatus_t *, rs,
                      rs->name_lookup_warned = 0);
  }
87
88
89
90
91

  have_warned_about_old_version = 0;
  have_warned_about_new_version = 0;
}

92
93
94
95
96
97
/** Reset the descriptor download failure count on all networkstatus docs, so
 * that we can retry any long-failed documents immediately.
 */
void
networkstatus_reset_download_failures(void)
{
98
  int i;
99
100
101
102
103
104
105
106
  const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
  SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
     SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
       {
         if (!router_get_by_descriptor_digest(rs->descriptor_digest))
           rs->need_to_mirror = 1;
       }));;

107
108
  for (i=0; i < N_CONSENSUS_FLAVORS; ++i)
    download_status_reset(&consensus_dl_status[i]);
109
110
111
112
113
114
  if (v2_download_status_map) {
    digestmap_iter_t *iter;
    digestmap_t *map = v2_download_status_map;
    const char *key;
    void *val;
    download_status_t *dls;
115
116
    for (iter = digestmap_iter_init(map); !digestmap_iter_done(iter);
         iter = digestmap_iter_next(map, iter) ) {
117
118
119
120
121
122
123
      digestmap_iter_get(iter, &key, &val);
      dls = val;
      download_status_reset(dls);
    }
  }
}

124
125
126
/** Repopulate our list of network_status_t objects from the list cached on
 * disk.  Return 0 on success, -1 on failure. */
int
127
router_reload_v2_networkstatus(void)
128
129
130
131
{
  smartlist_t *entries;
  struct stat st;
  char *s;
132
  char *filename = get_datadir_fname("cached-status");
133
134
  int maybe_delete = !directory_caches_v2_dir_info(get_options());
  time_t now = time(NULL);
135
136
  if (!networkstatus_v2_list)
    networkstatus_v2_list = smartlist_create();
137
138

  entries = tor_listdir(filename);
139
140
141
142
143
144
  if (!entries) { /* dir doesn't exist */
    tor_free(filename);
    return 0;
  } else if (!smartlist_len(entries) && maybe_delete) {
    rmdir(filename);
    tor_free(filename);
145
    smartlist_free(entries);
146
    return 0;
147
148
  }
  tor_free(filename);
149
150
  SMARTLIST_FOREACH(entries, const char *, fn, {
      char buf[DIGEST_LEN];
151
152
153
154
155
156
      if (maybe_delete) {
        filename = get_datadir_fname2("cached-status", fn);
        remove_file_if_very_old(filename, now);
        tor_free(filename);
        continue;
      }
157
158
159
160
161
162
      if (strlen(fn) != HEX_DIGEST_LEN ||
          base16_decode(buf, sizeof(buf), fn, strlen(fn))) {
        log_info(LD_DIR,
                 "Skipping cached-status file with unexpected name \"%s\"",fn);
        continue;
      }
163
      filename = get_datadir_fname2("cached-status", fn);
164
165
      s = read_file_to_str(filename, 0, &st);
      if (s) {
166
167
        if (router_set_networkstatus_v2(s, st.st_mtime, NS_FROM_CACHE,
                                        NULL)<0) {
168
169
170
171
          log_warn(LD_FS, "Couldn't load networkstatus from \"%s\"",filename);
        }
        tor_free(s);
      }
172
      tor_free(filename);
173
174
175
    });
  SMARTLIST_FOREACH(entries, char *, fn, tor_free(fn));
  smartlist_free(entries);
176
  networkstatus_v2_list_clean(time(NULL));
177
  routers_update_all_from_networkstatus(time(NULL), 2);
178
179
180
  return 0;
}

181
/** Read every cached v3 consensus networkstatus from the disk. */
182
183
184
int
router_reload_consensus_networkstatus(void)
{
185
  char *filename;
186
  char *s;
187
188
  struct stat st;
  or_options_t *options = get_options();
189
  const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS;
190
  int flav;
191

192
  /* FFFF Suppress warnings if cached consensus is bad? */
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
  for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) {
    char buf[128];
    const char *flavor = networkstatus_get_flavor_name(flav);
    if (flav == FLAV_NS) {
      filename = get_datadir_fname("cached-consensus");
    } else {
      tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor);
      filename = get_datadir_fname(buf);
    }
    s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
    if (s) {
      if (networkstatus_set_current_consensus(s, flavor, flags) < -1) {
        log_warn(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
                 flavor, filename);
      }
      tor_free(s);
    }
    tor_free(filename);
211

212
213
214
215
216
    if (flav == FLAV_NS) {
      filename = get_datadir_fname("unverified-consensus");
    } else {
      tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor);
      filename = get_datadir_fname(buf);
217
218
    }

219
220
221
    s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
    if (s) {
      if (networkstatus_set_current_consensus(s, flavor,
222
                                     flags|NSSET_WAS_WAITING_FOR_CERTS)) {
223
224
      log_info(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"",
               flavor, filename);
225
    }
226
227
228
      tor_free(s);
    }
    tor_free(filename);
229
  }
230
231
232
233
234
235
236

  if (!current_consensus ||
      (stat(options->FallbackNetworkstatusFile, &st)==0 &&
       st.st_mtime > current_consensus->valid_after)) {
    s = read_file_to_str(options->FallbackNetworkstatusFile,
                         RFTS_IGNORE_MISSING, NULL);
    if (s) {
237
      if (networkstatus_set_current_consensus(s, "ns",
238
                                              flags|NSSET_ACCEPT_OBSOLETE)) {
239
240
241
        log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
                 options->FallbackNetworkstatusFile);
      } else {
Roger Dingledine's avatar
Roger Dingledine committed
242
243
        log_notice(LD_FS,
                   "Loaded fallback consensus networkstatus from \"%s\"",
244
245
246
247
248
249
                   options->FallbackNetworkstatusFile);
      }
      tor_free(s);
    }
  }

250
251
252
253
254
255
256
  if (!current_consensus) {
    if (!named_server_map)
      named_server_map = strmap_new();
    if (!unnamed_server_map)
      unnamed_server_map = strmap_new();
  }

257
258
  update_certificate_downloads(time(NULL));

259
  routers_update_all_from_networkstatus(time(NULL), 3);
260
261
262
263

  return 0;
}

264
/** Free all storage held by the vote_routerstatus object <b>rs</b>. */
265
266
267
static void
vote_routerstatus_free(vote_routerstatus_t *rs)
{
268
  vote_microdesc_hash_t *h, *next;
269
270
  if (!rs)
    return;
271
272
  tor_free(rs->version);
  tor_free(rs->status.exitsummary);
273
274
275
276
277
  for (h = rs->microdesc; h; h = next) {
    tor_free(h->microdesc_hash_line);
    next = h->next;
    tor_free(h);
  }
278
279
280
  tor_free(rs);
}

281
282
283
284
/** Free all storage held by the routerstatus object <b>rs</b>. */
void
routerstatus_free(routerstatus_t *rs)
{
285
286
  if (!rs)
    return;
287
  tor_free(rs->exitsummary);
288
289
290
291
292
  tor_free(rs);
}

/** Free all storage held by the networkstatus object <b>ns</b>. */
void
293
networkstatus_v2_free(networkstatus_v2_t *ns)
294
{
295
296
  if (!ns)
    return;
297
298
299
300
301
302
303
304
305
306
307
308
309
310
  tor_free(ns->source_address);
  tor_free(ns->contact);
  if (ns->signing_key)
    crypto_free_pk_env(ns->signing_key);
  tor_free(ns->client_versions);
  tor_free(ns->server_versions);
  if (ns->entries) {
    SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
                      routerstatus_free(rs));
    smartlist_free(ns->entries);
  }
  tor_free(ns);
}

311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
/** Free all storage held in <b>sig</b> */
void
document_signature_free(document_signature_t *sig)
{
  tor_free(sig->signature);
  tor_free(sig);
}

/** Return a newly allocated copy of <b>sig</b> */
document_signature_t *
document_signature_dup(const document_signature_t *sig)
{
  document_signature_t *r = tor_memdup(sig, sizeof(document_signature_t));
  if (r->signature)
    r->signature = tor_memdup(sig->signature, sig->signature_len);
  return r;
}

/** Free all storage held in <b>ns</b>. */
330
void
331
networkstatus_vote_free(networkstatus_t *ns)
332
333
334
335
336
337
338
339
340
341
{
  if (!ns)
    return;

  tor_free(ns->client_versions);
  tor_free(ns->server_versions);
  if (ns->known_flags) {
    SMARTLIST_FOREACH(ns->known_flags, char *, c, tor_free(c));
    smartlist_free(ns->known_flags);
  }
342
343
344
345
  if (ns->net_params) {
    SMARTLIST_FOREACH(ns->net_params, char *, c, tor_free(c));
    smartlist_free(ns->net_params);
  }
346
347
348
349
  if (ns->supported_methods) {
    SMARTLIST_FOREACH(ns->supported_methods, char *, c, tor_free(c));
    smartlist_free(ns->supported_methods);
  }
350
  if (ns->voters) {
351
    SMARTLIST_FOREACH_BEGIN(ns->voters, networkstatus_voter_info_t *, voter) {
352
353
354
      tor_free(voter->nickname);
      tor_free(voter->address);
      tor_free(voter->contact);
355
356
357
358
359
      if (voter->sigs) {
        SMARTLIST_FOREACH(voter->sigs, document_signature_t *, sig,
                          document_signature_free(sig));
        smartlist_free(voter->sigs);
      }
360
      tor_free(voter);
361
    } SMARTLIST_FOREACH_END(voter);
362
363
364
365
366
367
    smartlist_free(ns->voters);
  }
  if (ns->cert)
    authority_cert_free(ns->cert);

  if (ns->routerstatus_list) {
368
    if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
369
      SMARTLIST_FOREACH(ns->routerstatus_list, vote_routerstatus_t *, rs,
370
                        vote_routerstatus_free(rs));
371
372
    } else {
      SMARTLIST_FOREACH(ns->routerstatus_list, routerstatus_t *, rs,
373
                        routerstatus_free(rs));
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
    }

    smartlist_free(ns->routerstatus_list);
  }
  if (ns->desc_digest_map)
    digestmap_free(ns->desc_digest_map, NULL);

  memset(ns, 11, sizeof(*ns));
  tor_free(ns);
}

/** Return the voter info from <b>vote</b> for the voter whose identity digest
 * is <b>identity</b>, or NULL if no such voter is associated with
 * <b>vote</b>. */
networkstatus_voter_info_t *
389
networkstatus_get_voter_by_id(networkstatus_t *vote,
390
391
392
393
394
395
396
397
398
399
                              const char *identity)
{
  if (!vote || !vote->voters)
    return NULL;
  SMARTLIST_FOREACH(vote->voters, networkstatus_voter_info_t *, voter,
    if (!memcmp(voter->identity_digest, identity, DIGEST_LEN))
      return voter);
  return NULL;
}

400
401
/** Check whether the signature <b>sig</b> is correctly signed with the
 * signing key in <b>cert</b>.  Return -1 if <b>cert</b> doesn't match the
402
403
404
 * signing key; otherwise set the good_signature or bad_signature flag on
 * <b>voter</b>, and return 0. */
int
405
406
407
networkstatus_check_document_signature(const networkstatus_t *consensus,
                                       document_signature_t *sig,
                                       const authority_cert_t *cert)
408
{
409
410
  char key_digest[DIGEST_LEN];
  const int dlen = sig->alg == DIGEST_SHA1 ? DIGEST_LEN : DIGEST256_LEN;
411
412
  char *signed_digest;
  size_t signed_digest_len;
413
414

  if (crypto_pk_get_digest(cert->signing_key, key_digest)<0)
415
    return -1;
416
417
418
  if (memcmp(sig->signing_key_digest, key_digest, DIGEST_LEN) ||
      memcmp(sig->identity_digest, cert->cache_info.identity_digest,
             DIGEST_LEN))
419
    return -1;
420

421
422
423
424
  signed_digest_len = crypto_pk_keysize(cert->signing_key);
  signed_digest = tor_malloc(signed_digest_len);
  if (crypto_pk_public_checksig(cert->signing_key,
                                signed_digest,
425
426
427
                                sig->signature,
                                sig->signature_len) < dlen ||
      memcmp(signed_digest, consensus->digests.d[sig->alg], dlen)) {
428
    log_warn(LD_DIR, "Got a bad signature on a networkstatus vote");
429
    sig->bad_signature = 1;
430
  } else {
431
    sig->good_signature = 1;
432
  }
433
  tor_free(signed_digest);
434
435
436
437
438
439
440
441
442
443
444
445
  return 0;
}

/** Given a v3 networkstatus consensus in <b>consensus</b>, check every
 * as-yet-unchecked signature on <b>consensus</b>.  Return 1 if there is a
 * signature from every recognized authority on it, 0 if there are
 * enough good signatures from recognized authorities on it, -1 if we might
 * get enough good signatures by fetching missing certificates, and -2
 * otherwise.  Log messages at INFO or WARN: if <b>warn</b> is over 1, warn
 * about every problem; if warn is at least 1, warn only if we can't get
 * enough signatures; if warn is negative, log nothing at all. */
int
446
networkstatus_check_consensus_signature(networkstatus_t *consensus,
447
448
449
450
451
452
453
454
455
456
457
458
459
                                        int warn)
{
  int n_good = 0;
  int n_missing_key = 0;
  int n_bad = 0;
  int n_unknown = 0;
  int n_no_signature = 0;
  int n_v3_authorities = get_n_authorities(V3_AUTHORITY);
  int n_required = n_v3_authorities/2 + 1;
  smartlist_t *need_certs_from = smartlist_create();
  smartlist_t *unrecognized = smartlist_create();
  smartlist_t *missing_authorities = smartlist_create();
  int severity;
460
  time_t now = time(NULL);
461

462
  tor_assert(consensus->type == NS_TYPE_CONSENSUS);
463

464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
  SMARTLIST_FOREACH_BEGIN(consensus->voters, networkstatus_voter_info_t *,
                          voter) {
    int good_here = 0;
    int bad_here = 0;
    int missing_key_here = 0;
    SMARTLIST_FOREACH_BEGIN(voter->sigs, document_signature_t *, sig) {
      if (!sig->good_signature && !sig->bad_signature &&
          sig->signature) {
        /* we can try to check the signature. */
        int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
                                              sig->identity_digest) != NULL;
        authority_cert_t *cert =
          authority_cert_get_by_digests(sig->identity_digest,
                                        sig->signing_key_digest);
        tor_assert(!memcmp(sig->identity_digest, voter->identity_digest,
                           DIGEST_LEN));

        if (!is_v3_auth) {
          smartlist_add(unrecognized, voter);
          ++n_unknown;
          continue;
        } else if (!cert || cert->expires < now) {
          smartlist_add(need_certs_from, voter);
          ++missing_key_here;
          continue;
        }
        if (networkstatus_check_document_signature(consensus, sig, cert) < 0) {
          smartlist_add(need_certs_from, voter);
          ++missing_key_here;
          continue;
        }
495
      }
496
497
498
499
500
501
      if (sig->good_signature)
        ++good_here;
      else if (sig->bad_signature)
        ++bad_here;
    } SMARTLIST_FOREACH_END(sig);
    if (good_here)
502
      ++n_good;
503
    else if (bad_here)
504
      ++n_bad;
505
506
    else if (missing_key_here)
      ++n_missing_key;
507
508
    else
      ++n_no_signature;
509
  } SMARTLIST_FOREACH_END(voter);
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527

  /* Now see whether we're missing any voters entirely. */
  SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
                    trusted_dir_server_t *, ds,
    {
      if ((ds->type & V3_AUTHORITY) &&
          !networkstatus_get_voter_by_id(consensus, ds->v3_identity_digest))
        smartlist_add(missing_authorities, ds);
    });

  if (warn > 1 || (warn >= 0 && n_good < n_required))
    severity = LOG_WARN;
  else
    severity = LOG_INFO;

  if (warn >= 0) {
    SMARTLIST_FOREACH(unrecognized, networkstatus_voter_info_t *, voter,
      {
528
529
530
531
532
        log_info(LD_DIR, "Consensus includes unrecognized authority '%s' "
                 "at %s:%d (contact %s; identity %s)",
                 voter->nickname, voter->address, (int)voter->dir_port,
                 voter->contact?voter->contact:"n/a",
                 hex_str(voter->identity_digest, DIGEST_LEN));
533
534
535
536
537
538
539
540
541
542
543
      });
    SMARTLIST_FOREACH(need_certs_from, networkstatus_voter_info_t *, voter,
      {
        log_info(LD_DIR, "Looks like we need to download a new certificate "
                 "from authority '%s' at %s:%d (contact %s; identity %s)",
                 voter->nickname, voter->address, (int)voter->dir_port,
                 voter->contact?voter->contact:"n/a",
                 hex_str(voter->identity_digest, DIGEST_LEN));
      });
    SMARTLIST_FOREACH(missing_authorities, trusted_dir_server_t *, ds,
      {
544
545
546
547
        log_info(LD_DIR, "Consensus does not include configured "
                 "authority '%s' at %s:%d (identity %s)",
                 ds->nickname, ds->address, (int)ds->dir_port,
                 hex_str(ds->v3_identity_digest, DIGEST_LEN));
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
      });
    log(severity, LD_DIR,
        "%d unknown, %d missing key, %d good, %d bad, %d no signature, "
        "%d required", n_unknown, n_missing_key, n_good, n_bad,
        n_no_signature, n_required);
  }

  smartlist_free(unrecognized);
  smartlist_free(need_certs_from);
  smartlist_free(missing_authorities);

  if (n_good == n_v3_authorities)
    return 1;
  else if (n_good >= n_required)
    return 0;
  else if (n_good + n_missing_key >= n_required)
    return -1;
  else
    return -2;
}

569
570
571
572
573
574
575
/** Helper: return a newly allocated string containing the name of the filename
 * where we plan to cache the network status with the given identity digest. */
char *
networkstatus_get_cache_filename(const char *identity_digest)
{
  char fp[HEX_DIGEST_LEN+1];
  base16_encode(fp, HEX_DIGEST_LEN+1, identity_digest, DIGEST_LEN);
576
  return get_datadir_fname2("cached-status", fp);
577
578
579
580
581
}

/** Helper for smartlist_sort: Compare two networkstatus objects by
 * publication date. */
static int
582
_compare_networkstatus_v2_published_on(const void **_a, const void **_b)
583
{
584
  const networkstatus_v2_t *a = *_a, *b = *_b;
585
586
587
588
589
590
591
592
  if (a->published_on < b->published_on)
    return -1;
  else if (a->published_on > b->published_on)
    return 1;
  else
    return 0;
}

593
/** Add the parsed v2 networkstatus in <b>ns</b> (with original document in
594
 * <b>s</b>) to the disk cache (and the in-memory directory server cache) as
595
596
597
 * appropriate. */
static int
add_networkstatus_to_cache(const char *s,
598
                           v2_networkstatus_source_t source,
599
                           networkstatus_v2_t *ns)
600
601
602
603
604
605
606
607
608
{
  if (source != NS_FROM_CACHE) {
    char *fn = networkstatus_get_cache_filename(ns->identity_digest);
    if (write_str_to_file(fn, s, 0)<0) {
      log_notice(LD_FS, "Couldn't write cached network status to \"%s\"", fn);
    }
    tor_free(fn);
  }

609
  if (directory_caches_v2_dir_info(get_options()))
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
    dirserv_set_cached_networkstatus_v2(s,
                                        ns->identity_digest,
                                        ns->published_on);

  return 0;
}

/** How far in the future do we allow a network-status to get before removing
 * it? (seconds) */
#define NETWORKSTATUS_ALLOW_SKEW (24*60*60)

/** Given a string <b>s</b> containing a network status that we received at
 * <b>arrived_at</b> from <b>source</b>, try to parse it, see if we want to
 * store it, and put it into our cache as necessary.
 *
 * If <b>source</b> is NS_FROM_DIR or NS_FROM_CACHE, do not replace our
 * own networkstatus_t (if we're an authoritative directory server).
 *
 * If <b>source</b> is NS_FROM_CACHE, do not write our networkstatus_t to the
 * cache.
 *
 * If <b>requested_fingerprints</b> is provided, it must contain a list of
 * uppercased identity fingerprints.  Do not update any networkstatus whose
 * fingerprint is not on the list; after updating a networkstatus, remove its
 * fingerprint from the list.
 *
 * Return 0 on success, -1 on failure.
 *
 * Callers should make sure that routers_update_all_from_networkstatus() is
 * invoked after this function succeeds.
 */
int
642
router_set_networkstatus_v2(const char *s, time_t arrived_at,
643
644
                            v2_networkstatus_source_t source,
                            smartlist_t *requested_fingerprints)
645
{
646
  networkstatus_v2_t *ns;
647
648
649
650
651
652
653
654
  int i, found;
  time_t now;
  int skewed = 0;
  trusted_dir_server_t *trusted_dir = NULL;
  const char *source_desc = NULL;
  char fp[HEX_DIGEST_LEN+1];
  char published[ISO_TIME_LEN+1];

655
  if (!directory_caches_v2_dir_info(get_options()))
656
657
658
    return 0; /* Don't bother storing it. */

  ns = networkstatus_v2_parse_from_string(s);
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
  if (!ns) {
    log_warn(LD_DIR, "Couldn't parse network status.");
    return -1;
  }
  base16_encode(fp, HEX_DIGEST_LEN+1, ns->identity_digest, DIGEST_LEN);
  if (!(trusted_dir =
        router_get_trusteddirserver_by_digest(ns->identity_digest)) ||
      !(trusted_dir->type & V2_AUTHORITY)) {
    log_info(LD_DIR, "Network status was signed, but not by an authoritative "
             "directory we recognize.");
    source_desc = fp;
  } else {
    source_desc = trusted_dir->description;
  }
  now = time(NULL);
  if (arrived_at > now)
    arrived_at = now;

  ns->received_on = arrived_at;

  format_iso_time(published, ns->published_on);

  if (ns->published_on > now + NETWORKSTATUS_ALLOW_SKEW) {
682
683
684
685
686
    char dbuf[64];
    long delta = now - ns->published_on;
    format_time_interval(dbuf, sizeof(dbuf), delta);
    log_warn(LD_GENERAL, "Network status from %s was published %s in the "
             "future (%s GMT). Check your time and date settings! "
687
             "Not caching.",
688
             source_desc, dbuf, published);
689
    control_event_general_status(LOG_WARN,
690
691
                       "CLOCK_SKEW MIN_SKEW=%ld SOURCE=NETWORKSTATUS:%s:%d",
                       delta, ns->source_address, ns->source_dirport);
692
693
694
    skewed = 1;
  }

695
696
  if (!networkstatus_v2_list)
    networkstatus_v2_list = smartlist_create();
697
698
699
700

  if ( (source == NS_FROM_DIR_BY_FP || source == NS_FROM_DIR_ALL) &&
       router_digest_is_me(ns->identity_digest)) {
    /* Don't replace our own networkstatus when we get it from somebody else.*/
701
    networkstatus_v2_free(ns);
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
    return 0;
  }

  if (requested_fingerprints) {
    if (smartlist_string_isin(requested_fingerprints, fp)) {
      smartlist_string_remove(requested_fingerprints, fp);
    } else {
      if (source != NS_FROM_DIR_ALL) {
        char *requested =
          smartlist_join_strings(requested_fingerprints," ",0,NULL);
        log_warn(LD_DIR,
               "We received a network status with a fingerprint (%s) that we "
               "never requested. (We asked for: %s.) Dropping.",
               fp, requested);
        tor_free(requested);
        return 0;
      }
    }
  }

  if (!trusted_dir) {
723
    if (!skewed) {
724
725
726
727
728
729
730
      /* We got a non-trusted networkstatus, and we're a directory cache.
       * This means that we asked an authority, and it told us about another
       * authority we didn't recognize. */
      log_info(LD_DIR,
               "We do not recognize authority (%s) but we are willing "
               "to cache it.", fp);
      add_networkstatus_to_cache(s, source, ns);
731
      networkstatus_v2_free(ns);
732
733
734
735
736
    }
    return 0;
  }

  found = 0;
737
738
  for (i=0; i < smartlist_len(networkstatus_v2_list); ++i) {
    networkstatus_v2_t *old_ns = smartlist_get(networkstatus_v2_list, i);
739
740
741
742
743

    if (!memcmp(old_ns->identity_digest, ns->identity_digest, DIGEST_LEN)) {
      if (!memcmp(old_ns->networkstatus_digest,
                  ns->networkstatus_digest, DIGEST_LEN)) {
        /* Same one we had before. */
744
        networkstatus_v2_free(ns);
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
        tor_assert(trusted_dir);
        log_info(LD_DIR,
                 "Not replacing network-status from %s (published %s); "
                 "we already have it.",
                 trusted_dir->description, published);
        if (old_ns->received_on < arrived_at) {
          if (source != NS_FROM_CACHE) {
            char *fn;
            fn = networkstatus_get_cache_filename(old_ns->identity_digest);
            /* We use mtime to tell when it arrived, so update that. */
            touch_file(fn);
            tor_free(fn);
          }
          old_ns->received_on = arrived_at;
        }
760
        download_status_failed(&trusted_dir->v2_ns_dl_status, 0);
761
762
763
764
765
766
767
768
769
770
        return 0;
      } else if (old_ns->published_on >= ns->published_on) {
        char old_published[ISO_TIME_LEN+1];
        format_iso_time(old_published, old_ns->published_on);
        tor_assert(trusted_dir);
        log_info(LD_DIR,
                 "Not replacing network-status from %s (published %s);"
                 " we have a newer one (published %s) for this authority.",
                 trusted_dir->description, published,
                 old_published);
771
        networkstatus_v2_free(ns);
772
        download_status_failed(&trusted_dir->v2_ns_dl_status, 0);
773
774
        return 0;
      } else {
775
776
        networkstatus_v2_free(old_ns);
        smartlist_set(networkstatus_v2_list, i, ns);
777
778
779
780
781
782
        found = 1;
        break;
      }
    }
  }

783
784
785
  if (source != NS_FROM_CACHE && trusted_dir) {
    download_status_reset(&trusted_dir->v2_ns_dl_status);
  }
786
787

  if (!found)
788
    smartlist_add(networkstatus_v2_list, ns);
789

790
791
792
/** Retain any routerinfo mentioned in a V2 networkstatus for at least this
 * long. */
#define V2_NETWORKSTATUS_ROUTER_LIFETIME (3*60*60)
793
794

  {
795
    time_t live_until = ns->published_on + V2_NETWORKSTATUS_ROUTER_LIFETIME;
796
    SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
797
    {
798
799
800
801
802
803
      signed_descriptor_t *sd =
        router_get_by_descriptor_digest(rs->descriptor_digest);
      if (sd) {
        if (sd->last_listed_as_valid_until < live_until)
          sd->last_listed_as_valid_until = live_until;
      } else {
804
        rs->need_to_mirror = 1;
805
      }
806
    });
807
  }
808
809
810
811
812
813

  log_info(LD_DIR, "Setting networkstatus %s %s (published %s)",
           source == NS_FROM_CACHE?"cached from":
           ((source == NS_FROM_DIR_BY_FP || source == NS_FROM_DIR_ALL) ?
             "downloaded from":"generated for"),
           trusted_dir->description, published);
814
  networkstatus_v2_list_has_changed = 1;
815

816
817
  smartlist_sort(networkstatus_v2_list,
                 _compare_networkstatus_v2_published_on);
818
819
820
821
822
823
824
825
826
827

  if (!skewed)
    add_networkstatus_to_cache(s, source, ns);

  return 0;
}

/** Remove all very-old network_status_t objects from memory and from the
 * disk cache. */
void
828
networkstatus_v2_list_clean(time_t now)
829
830
{
  int i;
831
  if (!networkstatus_v2_list)
832
833
    return;

834
835
  for (i = 0; i < smartlist_len(networkstatus_v2_list); ++i) {
    networkstatus_v2_t *ns = smartlist_get(networkstatus_v2_list, i);
836
837
838
839
840
    char *fname = NULL;
    if (ns->published_on + MAX_NETWORKSTATUS_AGE > now)
      continue;
    /* Okay, this one is too old.  Remove it from the list, and delete it
     * from the cache. */
841
    smartlist_del(networkstatus_v2_list, i--);
842
843
844
845
846
847
    fname = networkstatus_get_cache_filename(ns->identity_digest);
    if (file_status(fname) == FN_FILE) {
      log_info(LD_DIR, "Removing too-old networkstatus in %s", fname);
      unlink(fname);
    }
    tor_free(fname);
848
    if (directory_caches_v2_dir_info(get_options())) {
849
850
      dirserv_set_cached_networkstatus_v2(NULL, ns->identity_digest, 0);
    }
851
    networkstatus_v2_free(ns);
852
853
854
855
856
857
858
859
  }

  /* And now go through the directory cache for any cached untrusted
   * networkstatuses and other network info. */
  dirserv_clear_old_networkstatuses(now - MAX_NETWORKSTATUS_AGE);
  dirserv_clear_old_v1_info(now);
}

860
861
/** Helper for bsearching a list of routerstatus_t pointers: compare a
 * digest in the key to the identity digest of a routerstatus_t. */
862
863
int
compare_digest_to_routerstatus_entry(const void *_key, const void **_member)
864
865
866
867
868
869
870
871
872
{
  const char *key = _key;
  const routerstatus_t *rs = *_member;
  return memcmp(key, rs->identity_digest, DIGEST_LEN);
}

/** Return the entry in <b>ns</b> for the identity digest <b>digest</b>, or
 * NULL if none was found. */
routerstatus_t *
873
networkstatus_v2_find_entry(networkstatus_v2_t *ns, const char *digest)
874
875
{
  return smartlist_bsearch(ns->entries, digest,
876
                           compare_digest_to_routerstatus_entry);
877
878
}

879
880
881
/** Return the entry in <b>ns</b> for the identity digest <b>digest</b>, or
 * NULL if none was found. */
routerstatus_t *
882
networkstatus_vote_find_entry(networkstatus_t *ns, const char *digest)
883
884
{
  return smartlist_bsearch(ns->routerstatus_list, digest,
885
                           compare_digest_to_routerstatus_entry);
886
887
}

888
/*XXXX make this static once functions are moved into this file. */
889
890
/** Search the routerstatuses in <b>ns</b> for one whose identity digest is
 * <b>digest</b>.  Return value and set *<b>found_out</b> as for
Roger Dingledine's avatar
Roger Dingledine committed
891
 * smartlist_bsearch_idx(). */
892
int
893
networkstatus_vote_find_entry_idx(networkstatus_t *ns,
894
895
896
                                  const char *digest, int *found_out)
{
  return smartlist_bsearch_idx(ns->routerstatus_list, digest,
897
                               compare_digest_to_routerstatus_entry,
898
899
900
                               found_out);
}

901
/** Return a list of the v2 networkstatus documents. */
902
903
904
const smartlist_t *
networkstatus_get_v2_list(void)
{
905
906
907
  if (!networkstatus_v2_list)
    networkstatus_v2_list = smartlist_create();
  return networkstatus_v2_list;
908
909
}

910
911
912
913
914
/** Return the consensus view of the status of the router whose current
 * <i>descriptor</i> digest is <b>digest</b>, or NULL if no such router is
 * known. */
routerstatus_t *
router_get_consensus_status_by_descriptor_digest(const char *digest)
915
{
916
917
918
919
920
921
922
923
924
925
  if (!current_consensus) return NULL;
  if (!current_consensus->desc_digest_map) {
    digestmap_t * m = current_consensus->desc_digest_map = digestmap_new();
    SMARTLIST_FOREACH(current_consensus->routerstatus_list,
                      routerstatus_t *, rs,
     {
       digestmap_set(m, rs->descriptor_digest, rs);
     });
  }
  return digestmap_get(current_consensus->desc_digest_map, digest);
926
927
}

928
929
/** Given the digest of a router descriptor, return its current download
 * status, or NULL if the digest is unrecognized. */
930
931
download_status_t *
router_get_dl_status_by_descriptor_digest(const char *d)
932
{
933
934
935
936
937
938
939
  routerstatus_t *rs;
  if ((rs = router_get_consensus_status_by_descriptor_digest(d)))
    return &rs->dl_status;
  if (v2_download_status_map)
    return digestmap_get(v2_download_status_map, d);

  return NULL;
940
941
}

942
943
/** Return the consensus view of the status of the router whose identity
 * digest is <b>digest</b>, or NULL if we don't know about any such router. */
944
routerstatus_t *
945
router_get_consensus_status_by_id(const char *digest)
946
{
947
  if (!current_consensus)
948
    return NULL;
949
  return smartlist_bsearch(current_consensus->routerstatus_list, digest,
950
                           compare_digest_to_routerstatus_entry);
951
952
953
}

/** Given a nickname (possibly verbose, possibly a hexadecimal digest), return
954
 * the corresponding routerstatus_t, or NULL if none exists.  Warn the
955
956
 * user if <b>warn_if_unnamed</b> is set, and they have specified a router by
 * nickname, but the Named flag isn't set for that router. */
957
routerstatus_t *
958
router_get_consensus_status_by_nickname(const char *nickname,
959
                                        int warn_if_unnamed)
960
961
{
  char digest[DIGEST_LEN];
962
  routerstatus_t *best=NULL;
963
  smartlist_t *matches=NULL;
964
  const char *named_id=NULL;
965

966
  if (!current_consensus || !nickname)
967
968
    return NULL;

969
  /* Is this name really a hexadecimal identity digest? */
970
  if (nickname[0] == '$') {
971
    if (base16_decode(digest, DIGEST_LEN, nickname+1, strlen(nickname+1))<0)
972
      return NULL;
973
    return networkstatus_vote_find_entry(current_consensus, digest);
974
  } else if (strlen(nickname) == HEX_DIGEST_LEN &&
975
       (base16_decode(digest, DIGEST_LEN, nickname, strlen(nickname))==0)) {
976
    return networkstatus_vote_find_entry(current_consensus, digest);
977
978
  }

979
  /* Is there a server that is Named with this name? */
980
981
982
983
984
  if (named_server_map)
    named_id = strmap_get_lc(named_server_map, nickname);
  if (named_id)
    return networkstatus_vote_find_entry(current_consensus, named_id);

985
  /* Okay; is this name listed as Unnamed? */
986
  if (unnamed_server_map &&
987
988
989
990
991
      strmap_get_lc(unnamed_server_map, nickname)) {
    log_info(LD_GENERAL, "The name %s is listed as Unnamed; it is not the "
             "canonical name of any server we know.", escaped(nickname));
    return NULL;
  }
992

993
994
  /* This name is not canonical for any server; go through the list and
   * see who it matches. */
995
  /*XXXX This is inefficient; optimize it if it matters. */
996
  matches = smartlist_create();
997
998
  SMARTLIST_FOREACH(current_consensus->routerstatus_list,
                    routerstatus_t *, lrs,
999
    {
1000
      if (!strcasecmp(lrs->nickname, nickname)) {