#include "or.h"
| #define MAX_BANDWIDTH_CHANGE_FREQ (20*60) |
How frequently will we republish our descriptor because of large (factor of 2) shifts in estimated bandwidth?
Referenced by check_descriptor_bandwidth_changed().
| int advertised_server_mode | ( | void | ) |
Return true iff we have published our descriptor lately.
References server_is_advertised.
Referenced by directory_caches_dir_info(), directory_fetches_from_authorities(), and run_scheduled_events().
| int authdir_mode | ( | or_options_t * | options | ) |
Return true iff we believe ourselves to be an authoritative directory server.
References or_options_t::AuthoritativeDir.
Referenced by authdir_mode_bridge(), authdir_mode_v1(), authdir_mode_v2(), authdir_mode_v3(), decide_if_publishable_server(), decide_to_advertise_dirport(), directory_handle_command_post(), global_write_bucket_low(), init_keys(), options_validate(), rep_history_clean(), router_digest_is_trusted_dir_type(), router_rebuild_descriptor(), update_consensus_router_descriptor_downloads(), and update_router_descriptor_cache_downloads_v2().
| int authdir_mode_any_main | ( | or_options_t * | options | ) |
Return true iff we are a v1, v2, or v3 directory authority.
References or_options_t::V1AuthoritativeDir, or_options_t::V2AuthoritativeDir, and or_options_t::V3AuthoritativeDir.
Referenced by authdir_mode_any_nonhidserv(), authdir_mode_handles_descs(), and options_validate().
| int authdir_mode_any_nonhidserv | ( | or_options_t * | options | ) |
Return true if we believe ourselves to be any kind of authoritative directory beyond just a hidserv authority.
References authdir_mode_any_main(), and or_options_t::BridgeAuthoritativeDir.
Referenced by authdir_mode_handles_descs(), authdir_mode_publishes_statuses(), and launch_router_descriptor_downloads().
| int authdir_mode_bridge | ( | or_options_t * | options | ) |
Return true iff we believe ourselves to be a bridge authoritative directory server.
References authdir_mode(), and or_options_t::BridgeAuthoritativeDir.
Referenced by authdir_mode_publishes_statuses(), directory_handle_command_post(), dirserv_orconn_tls_done(), dirserv_pick_cached_dir_obj(), dirserv_test_reachability(), and networkstatus_getinfo_by_purpose().
| int authdir_mode_handles_descs | ( | or_options_t * | options, | |
| int | purpose | |||
| ) |
Return true iff we are an authoritative directory server that is authoritative about receiving and serving descriptors of type purpose its dirport. Use -1 for "any purpose".
References authdir_mode_any_main(), authdir_mode_any_nonhidserv(), or_options_t::BridgeAuthoritativeDir, ROUTER_PURPOSE_BRIDGE, and ROUTER_PURPOSE_GENERAL.
Referenced by authdir_mode_tests_reachability(), directory_handle_command_post(), do_hup(), and router_add_to_routerlist().
| int authdir_mode_publishes_statuses | ( | or_options_t * | options | ) |
Return true iff we are an authoritative directory server that publishes its own network statuses.
References authdir_mode_any_nonhidserv(), and authdir_mode_bridge().
Referenced by list_server_status_v1().
| int authdir_mode_tests_reachability | ( | or_options_t * | options | ) |
Return true iff we are an authoritative directory server that tests reachability of the descriptors it learns about.
References authdir_mode_handles_descs().
Referenced by connection_about_to_close_connection(), connection_or_check_valid_tls_handshake(), connection_or_connect_failed(), directory_handle_command_get(), run_scheduled_events(), and tor_cleanup().
| int authdir_mode_v1 | ( | or_options_t * | options | ) |
Return true iff we believe ourselves to be a v1 authoritative directory server.
References authdir_mode(), and or_options_t::V1AuthoritativeDir.
Referenced by dirserv_pick_cached_dir_obj(), router_parse_directory(), and router_parse_runningrouters().
| int authdir_mode_v2 | ( | or_options_t * | options | ) |
Return true iff we believe ourselves to be a v2 authoritative directory server.
References authdir_mode(), and or_options_t::V2AuthoritativeDir.
Referenced by dirserv_get_networkstatus_v2_fingerprints(), dirserv_pick_cached_dir_obj(), routers_update_status_from_consensus_networkstatus(), should_generate_v2_networkstatus(), and update_v2_networkstatus_cache_downloads().
| int authdir_mode_v3 | ( | or_options_t * | options | ) |
Return true iff we believe ourselves to be a v3 authoritative directory server.
References authdir_mode(), and or_options_t::V3AuthoritativeDir.
Referenced by directory_handle_command_post(), dirvote_act(), dirvote_recalculate_timing(), init_keys(), options_act(), routers_update_status_from_consensus_networkstatus(), run_scheduled_events(), update_consensus_networkstatus_downloads(), and v3_authority_check_key_expiry().
| void check_descriptor_bandwidth_changed | ( | time_t | now | ) |
Check whether bandwidth has changed a lot since the last time we announced bandwidth. If so, mark our descriptor dirty.
References routerinfo_t::bandwidthcapacity, LD_GENERAL, mark_my_descriptor_dirty(), MAX_BANDWIDTH_CHANGE_FREQ, rep_hist_bandwidth_assess(), and we_are_hibernating().
Referenced by run_scheduled_events().
| void check_descriptor_ipaddress_changed | ( | time_t | now | ) |
Check whether our own address as defined by the Address configuration has changed. This is for routers that get their address from a service like dyndns. If our address has changed, mark our descriptor dirty.
References routerinfo_t::addr, get_options(), ip_address_changed(), LD_CONFIG, log_addr_has_changed(), and resolve_my_address().
Referenced by run_scheduled_events().
| int check_whether_dirport_reachable | ( | void | ) |
Return 1 if we don't have a dirport configured, or if it's reachable.
References or_options_t::AssumeReachable, can_reach_dir_port, or_options_t::DirPort, get_options(), and we_are_hibernating().
Referenced by consider_testing_reachability(), decide_to_advertise_dirport(), getinfo_helper_events(), rep_hist_circbuilding_dormant(), and second_elapsed_callback().
| int check_whether_orport_reachable | ( | void | ) |
Return 1 if ORPort is known reachable; else return 0.
References or_options_t::AssumeReachable, can_reach_or_port, and get_options().
Referenced by circuit_send_next_onion_skin(), circuit_testing_failed(), circuit_testing_opened(), consider_testing_reachability(), decide_if_publishable_server(), getinfo_helper_events(), rep_hist_circbuilding_dormant(), and second_elapsed_callback().
| void consider_publishable_server | ( | int | force | ) |
Initiate server descriptor upload as reasonable (if server is publishable, etc). force is as for router_upload_dir_desc_to_dirservers.
We need to rebuild the descriptor if it's dirty even if we're not uploading, because our reachability testing *uses* our descriptor to determine what IP address and ports to test.
References decide_if_publishable_server(), get_options(), router_rebuild_descriptor(), router_upload_dir_desc_to_dirservers(), server_mode(), and set_server_advertised().
Referenced by run_scheduled_events().
| void consider_testing_reachability | ( | int | test_or, | |
| int | test_dir | |||
| ) |
Some time has passed, or we just got new directory information. See if we currently believe our ORPort or DirPort to be unreachable. If so, launch a new test for it.
For ORPort, we simply try making a circuit that ends at ourselves. Success is noticed in onionskin_answer().
For DirPort, we make a connection via Tor to our DirPort and ask for our own server descriptor. Success is noticed in connection_dir_client_reached_eof().
References routerinfo_t::addr, routerinfo_t::address, routerinfo_t::cache_info, check_whether_dirport_reachable(), check_whether_orport_reachable(), CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, circuit_enough_testing_circs(), circuit_launch_by_router(), CIRCUIT_PURPOSE_TESTING, CONN_TYPE_DIR, connection_get_by_type_addr_port_purpose(), routerinfo_t::dir_port, DIR_PURPOSE_FETCH_SERVERDESC, directory_initiate_command(), signed_descriptor_t::identity_digest, LD_CIRC, routerinfo_t::or_port, router_get_my_routerinfo(), ROUTER_PURPOSE_GENERAL, and tor_addr_from_ipv4h.
Referenced by circuit_send_next_onion_skin(), circuit_testing_opened(), directory_info_has_arrived(), and run_scheduled_events().
| static int decide_if_publishable_server | ( | void | ) | [static] |
Decide if we're a publishable server. We are a publishable server if:
References or_options_t::_PublishServerDescriptor, authdir_mode(), check_whether_orport_reachable(), or_options_t::ClientOnly, get_options(), and server_mode().
Referenced by consider_publishable_server().
| static int decide_to_advertise_dirport | ( | or_options_t * | options, | |
| uint16_t | dir_port | |||
| ) | [static] |
Look at a variety of factors, and return 0 if we don't want to advertise the fact that we have a DirPort open. Else return the DirPort we want to advertise.
Log a helpful message if we change our mind about whether to publish a DirPort.
References accounting_is_enabled(), authdir_mode(), or_options_t::BandwidthRate, check_whether_dirport_reachable(), LD_DIR, or_options_t::RelayBandwidthRate, tor_assert, and we_are_hibernating().
Referenced by router_dirport_found_reachable(), and router_dump_router_to_string().
| void dup_onion_keys | ( | crypto_pk_env_t ** | key, | |
| crypto_pk_env_t ** | last | |||
| ) |
Store a full copy of the current onion key into *key, and a full copy of the most recent onion key into *last.
References crypto_pk_copy_full(), tor_assert, tor_mutex_acquire(), and tor_mutex_release().
Referenced by cpuworker_main().
| int extrainfo_dump_to_string | ( | char * | s, | |
| size_t | maxlen, | |||
| extrainfo_t * | extrainfo, | |||
| crypto_pk_env_t * | ident_key | |||
| ) |
Write the contents of extrainfo to the maxlen-byte string s, signing them with ident_key. Return 0 on success, negative on failure.
References base16_encode(), extrainfo_t::cache_info, or_options_t::CellStatistics, DIGEST_LEN, or_options_t::DirReqStatistics, or_options_t::EntryStatistics, or_options_t::ExitPortStatistics, extrainfo_dump_to_string(), extrainfo_free(), extrainfo_parse_entry_from_string(), or_options_t::ExtraInfoStatistics, format_iso_time(), geoip_get_bridge_stats_extrainfo(), get_options(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, LD_BUG, LD_DIR, LD_GENERAL, load_stats_file(), extrainfo_t::nickname, signed_descriptor_t::published_on, rep_hist_get_bandwidth_lines(), router_append_dirobj_signature(), router_get_extrainfo_hash(), should_record_bridge_info(), tor_free, and tor_snprintf().
Referenced by extrainfo_dump_to_string(), and router_rebuild_descriptor().
| crypto_pk_env_t* get_identity_key | ( | void | ) |
Returns the current identity key; requires that the identity key has been set.
References tor_assert.
Referenced by accounting_set_wakeup_time(), connection_or_check_valid_tls_handshake(), dirserv_regenerate_directory(), do_list_fingerprint(), generate_runningrouters(), generate_v2_networkstatus_opinion(), init_keys(), router_rebuild_descriptor(), and run_scheduled_events().
| authority_cert_t* get_my_v3_authority_cert | ( | void | ) |
Return the key certificate for this v3 (voting) authority, or NULL if we have no such certificate.
Referenced by authority_cert_get_by_sk_digest(), directory_handle_command_get(), dirvote_act(), dirvote_compute_consensuses(), dirvote_get_vote(), dirvote_perform_vote(), and init_keys().
| crypto_pk_env_t* get_my_v3_authority_signing_key | ( | void | ) |
Return the v3 signing key for this v3 (voting) authority, or NULL if we have no such key.
Referenced by dirvote_compute_consensuses(), and dirvote_perform_vote().
| authority_cert_t* get_my_v3_legacy_cert | ( | void | ) |
If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return the certificate associated with that key.
Referenced by authority_cert_get_by_sk_digest(), and dirvote_compute_consensuses().
| crypto_pk_env_t* get_my_v3_legacy_signing_key | ( | void | ) |
If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return that key.
Referenced by dirvote_compute_consensuses().
| crypto_pk_env_t* get_onion_key | ( | void | ) |
Return the current onion key. Requires that the onion key has been loaded or generated.
References tor_assert.
Referenced by router_rebuild_descriptor().
| time_t get_onion_key_set_at | ( | void | ) |
Return the time when the onion key was last set. This is either the time when the process launched, or the time of the most recent key rotation since the process launched.
References onionkey_set_at.
Referenced by run_scheduled_events().
| void get_platform_str | ( | char * | platform, | |
| size_t | len | |||
| ) |
Set platform (max length len) to a NUL-terminated short string describing the version of Tor and the operating system we're currently running on.
References get_uname(), get_version(), and tor_snprintf().
Referenced by router_rebuild_descriptor().
| int identity_key_is_set | ( | void | ) |
Return true iff the identity key has been set.
Referenced by accounting_set_wakeup_time(), and do_main_loop().
| crypto_pk_env_t* init_key_from_file | ( | const char * | fname, | |
| int | generate, | |||
| int | severity | |||
| ) |
Try to read an RSA key from fname. If fname doesn't exist and generate is true, create a new RSA key and save it in fname. Return the read/created key, or NULL on error. Log all errors at level severity.
References crypto_free_pk_env(), crypto_new_pk_env(), crypto_pk_check_key(), crypto_pk_read_private_key_from_filename(), crypto_pk_write_private_key_to_filename(), file_status(), get_options(), have_lockfile(), LD_FS, LD_GENERAL, tor_assert, and try_locking().
Referenced by init_keys(), load_authority_keyset(), and rend_service_load_keys().
| int init_keys | ( | void | ) |
Initialize all OR private keys, and the TLS context, as necessary. On OPs, this only initializes the tls context. Return 0 on success, or -1 if Tor should die.
References add_trusted_dir_server(), authdir_mode(), authdir_mode_v3(), or_options_t::AvoidDiskWrites, BRIDGE_AUTHORITY, or_options_t::BridgeAuthoritativeDir, authority_cert_t::cache_info, check_private_dir(), or_options_t::command, crypto_free_pk_env(), crypto_global_init(), crypto_new_pk_env(), crypto_pk_get_digest(), crypto_pk_get_fingerprint(), or_options_t::DataDirectory, DIGEST_LEN, or_options_t::DirPort, dirserv_add_descriptor(), dirserv_add_own_fingerprint(), dirserv_load_fingerprint_file(), file_status(), FINGERPRINT_LEN, get_datadir_fname, get_datadir_fname2, get_identity_key(), get_my_v3_authority_cert(), get_options(), get_or_state(), HIDSERV_AUTHORITY, or_options_t::HSAuthoritativeDir, init_key_from_file(), init_v3_authority_keys(), or_state_t::LastRotatedOnionKey, LD_BUG, LD_DIR, LD_FS, LD_GENERAL, MAX_NICKNAME_LEN, MAX_SSL_KEY_LIFETIME, or_options_t::Nickname, onionkey_set_at, or_state_mark_dirty(), or_options_t::ORPort, read_file_to_str(), router_get_my_descriptor(), router_get_trusteddirserver_by_digest(), router_parse_entry_from_string(), server_mode(), set_identity_key(), set_onion_key(), signed_descriptor_t::signed_descriptor_body, tor_assert, tor_free, tor_mutex_new(), tor_snprintf(), tor_tls_context_new(), trusted_dirs_load_certs_from_string(), trusted_dir_server_t::type, V1_AUTHORITY, or_options_t::V1AuthoritativeDir, V2_AUTHORITY, or_options_t::V2AuthoritativeDir, V3_AUTHORITY, trusted_dir_server_t::v3_identity_digest, or_options_t::V3AuthoritativeDir, WRA_WAS_ADDED(), and write_str_to_file().
Referenced by accounting_set_wakeup_time(), do_list_fingerprint(), do_main_loop(), ip_address_changed(), and options_act().
| static int init_v3_authority_keys | ( | void | ) | [static] |
Load the v3 (voting) authority signing key and certificate, if they are present. Return -1 if anything is missing, mismatched, or unloadable; return 0 on success.
References get_options(), and load_authority_keyset().
Referenced by init_keys().
| int is_legal_hexdigest | ( | const char * | s | ) |
Return true iff s is a legally valid hex-encoded identity-key digest.
References HEX_CHARACTERS, HEX_DIGEST_LEN, is_legal_nickname(), and tor_assert.
Referenced by is_legal_nickname_or_hexdigest(), router_rebuild_descriptor(), and routerset_parse().
| int is_legal_nickname | ( | const char * | s | ) |
Return true iff s is a legally valid server nickname.
References LEGAL_NICKNAME_CHARACTERS, MAX_NICKNAME_LEN, and tor_assert.
Referenced by circuit_list_path_impl(), dirserv_load_fingerprint_file(), entry_guards_parse_state(), extrainfo_parse_entry_from_string(), is_legal_hexdigest(), is_legal_nickname_or_hexdigest(), options_validate(), parse_dir_server_line(), rend_service_introduce(), router_parse_entry_from_string(), routerset_parse(), and routerstatus_parse_entry_from_string().
| int is_legal_nickname_or_hexdigest | ( | const char * | s | ) |
Return true iff s is a legally valid server nickname or hex-encoded identity-key digest.
References is_legal_hexdigest(), and is_legal_nickname().
Referenced by add_nickname_list_to_smartlist(), check_nickname_list(), microdescs_parse_from_string(), rend_service_introduce(), router_parse_entry_from_string(), and router_rebuild_descriptor().
| static int load_authority_keyset | ( | int | legacy, | |
| crypto_pk_env_t ** | key_out, | |||
| authority_cert_t ** | cert_out | |||
| ) | [static] |
Try to load the vote-signing private key and certificate for being a v3 directory authority, and make sure they match. If legacy, load a legacy key/cert set for emergency key migration; otherwise load the regular key/cert set. On success, store them into *key_out and *cert_out respectively, and return 0. On failure, return -1.
References authority_cert_free(), authority_cert_parse_from_string(), crypto_free_pk_env(), crypto_pk_cmp_keys(), get_datadir_fname2, init_key_from_file(), LD_DIR, read_file_to_str(), authority_cert_t::signing_key, and tor_free.
Referenced by init_v3_authority_keys().
| static int load_stats_file | ( | const char * | filename, | |
| const char * | end_line, | |||
| time_t | now, | |||
| char ** | out | |||
| ) | [static] |
Load the contents of filename, find the last line starting with end_line, ensure that its timestamp is not more than 25 hours in the past or more than 1 hour in the future with respect to now, and write the file contents starting with that line to *out. Return 1 for success, 0 if the file does not exist, or -1 if the file does not contain a line matching these criteria or other failure.
References file_status(), get_datadir_fname, parse_iso_time(), read_file_to_str(), and tor_free.
Referenced by extrainfo_dump_to_string().
| static void log_addr_has_changed | ( | int | severity, | |
| uint32_t | prev, | |||
| uint32_t | cur, | |||
| const char * | source | |||
| ) | [static] |
Note at log level severity that our best guess of address has changed from prev to cur.
References INET_NTOA_BUF_LEN, LD_GENERAL, and tor_inet_ntoa().
Referenced by check_descriptor_ipaddress_changed(), and router_new_address_suggestion().
| void mark_my_descriptor_dirty | ( | void | ) |
Call when the current descriptor is out of date.
References desc_clean_since.
Referenced by add_wildcarded_test_address(), check_descriptor_bandwidth_changed(), configure_nameservers(), ip_address_changed(), mark_my_descriptor_dirty_if_older_than(), options_act(), rotate_onion_key(), router_dirport_found_reachable(), router_orport_found_reachable(), and set_onion_key().
| void mark_my_descriptor_dirty_if_older_than | ( | time_t | when | ) |
Mark descriptor out of date if it's older than when
References desc_clean_since, and mark_my_descriptor_dirty().
Referenced by run_scheduled_events().
| int proxy_mode | ( | or_options_t * | options | ) |
Return true iff we are trying to be a socks proxy.
References or_options_t::DNSListenAddress, or_options_t::DNSPort, or_options_t::NatdListenAddress, or_options_t::NatdPort, or_options_t::SocksListenAddress, or_options_t::SocksPort, or_options_t::TransListenAddress, and or_options_t::TransPort.
Referenced by circuit_build_needed_circs().
| void rotate_onion_key | ( | void | ) |
Replace the previous onion key with the current onion key, and generate a new previous onion key. Immediately after calling this function, the OR should:
References crypto_free_pk_env(), crypto_new_pk_env(), crypto_pk_write_private_key_to_filename(), file_status(), get_datadir_fname2, get_options(), get_or_state(), or_state_t::LastRotatedOnionKey, LD_BUG, LD_FS, LD_GENERAL, mark_my_descriptor_dirty(), onionkey_set_at, or_state_mark_dirty(), replace_file(), tor_free, tor_mutex_acquire(), and tor_mutex_release().
Referenced by run_scheduled_events().
| int router_compare_to_my_exit_policy | ( | edge_connection_t * | conn | ) |
OR only: Check whether my exit policy says to allow connection to conn. Return 0 if we accept; non-0 if we reject.
References edge_connection_t::_base, connection_t::addr, ADDR_POLICY_ACCEPTED, compare_tor_addr_to_addr_policy(), routerinfo_t::exit_policy, connection_t::port, router_get_my_routerinfo(), tor_addr_family(), and tor_addr_is_null().
Referenced by connection_exit_connect().
| int router_digest_is_me | ( | const char * | digest | ) |
Return true iff I'm a server and digest is equal to my identity digest.
References DIGEST_LEN, and identitykey_digest.
Referenced by connection_or_connect(), directory_conn_is_self_reachability_test(), directory_get_from_all_authorities(), dirserv_get_networkstatus_v2(), dirserv_get_routerdescs(), get_signed_descriptor_by_fp(), lookup_cached_dir_by_fp(), router_digest_is_trusted_dir_type(), router_fingerprint_is_me(), router_is_me(), router_pick_directory_server_impl(), router_pick_trusteddirserver_impl(), router_set_networkstatus_v2(), smartlist_choose_by_bandwidth(), and update_v2_networkstatus_cache_downloads().
| void router_dirport_found_reachable | ( | void | ) |
Annotate that we found our DirPort reachable.
References routerinfo_t::address, can_reach_dir_port, control_event_server_status(), decide_to_advertise_dirport(), routerinfo_t::dir_port, get_options(), LD_BUG, LD_DIRSERV, mark_my_descriptor_dirty(), and router_get_my_routerinfo().
Referenced by connection_dir_client_reached_eof().
| int router_dump_router_to_string | ( | char * | s, | |
| size_t | maxlen, | |||
| routerinfo_t * | router, | |||
| crypto_pk_env_t * | ident_key | |||
| ) |
OR only: Given a routerinfo for this router, and an identity key to sign with, encode the routerinfo as a signed server descriptor and write the result into s, using at most maxlen bytes. Return -1 on failure, and the number of bytes used on success.
References routerinfo_t::address, or_options_t::AllowSingleHopExits, routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_encode(), routerinfo_t::cache_info, or_options_t::ContactInfo, crypto_pk_cmp_keys(), crypto_pk_get_fingerprint(), crypto_pk_write_public_key_to_string(), decide_to_advertise_dirport(), routerinfo_t::declared_family, DIGEST_LEN, routerinfo_t::dir_port, dns_seems_to_be_broken(), or_options_t::DownloadExtraInfo, escaped(), routerinfo_t::exit_policy, signed_descriptor_t::extra_info_digest, FINGERPRINT_LEN, format_iso_time(), get_options(), has_dns_init_failed(), HEX_DIGEST_LEN, or_options_t::HidServDirectoryV2, routerinfo_t::identity_pkey, LD_BUG, routerinfo_t::nickname, note_crypto_pk_op(), routerinfo_t::onion_pkey, routerinfo_t::or_port, routerinfo_t::platform, policy_write_item(), signed_descriptor_t::published_on, router_append_dirobj_signature(), router_get_router_hash(), router_parse_entry_from_string(), routerinfo_free(), smartlist_join_strings(), stats_n_seconds_working, tor_assert, tor_free, tor_snprintf(), and we_are_hibernating().
Referenced by router_rebuild_descriptor().
| int router_extrainfo_digest_is_me | ( | const char * | digest | ) |
Return true iff I'm a server and digest is equal to my identity digest.
References extrainfo_t::cache_info, DIGEST_LEN, router_get_my_extrainfo(), and signed_descriptor_t::signed_descriptor_digest.
| int router_fingerprint_is_me | ( | const char * | fp | ) |
Return true iff fp is a hex fingerprint of my identity digest.
References base16_decode(), DIGEST_LEN, HEX_DIGEST_LEN, and router_digest_is_me().
| void router_free_all | ( | void | ) |
Release all static resources held in router.c
References authority_cert_free(), crypto_free_pk_env(), extrainfo_free(), routerinfo_free(), smartlist_free(), tor_free, and tor_mutex_free().
Referenced by tor_free_all().
| const char* router_get_my_descriptor | ( | void | ) |
OR only: Return a signed server descriptor for this OR, rebuilding a fresh one if necessary. Return NULL on error.
References routerinfo_t::cache_info, LD_GENERAL, router_get_my_routerinfo(), signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_get_body(), signed_descriptor_t::signed_descriptor_len, and tor_assert.
Referenced by init_keys().
| extrainfo_t* router_get_my_extrainfo | ( | void | ) |
Return the extrainfo document for this OR, or NULL if we have none. Rebuilt it (and the server descriptor) if necessary.
References get_options(), router_rebuild_descriptor(), and server_mode().
Referenced by extrainfo_insert(), get_signed_descriptor_by_fp(), router_extrainfo_digest_is_me(), and router_upload_dir_desc_to_dirservers().
| routerinfo_t* router_get_my_routerinfo | ( | void | ) |
Return a routerinfo for this OR, rebuilding a fresh one if necessary. Return NULL on error, or if called on an OP.
References get_options(), router_rebuild_descriptor(), and server_mode().
Referenced by circuit_rep_hist_note_result(), connection_or_send_netinfo(), consider_testing_reachability(), directory_conn_is_self_reachability_test(), directory_fetches_from_authorities(), dirserv_estimate_data_size(), dirserv_get_networkstatus_v2_fingerprints(), dirserv_get_routerdesc_fingerprints(), dirserv_get_routerdescs(), dns_resolve_impl(), get_signed_descriptor_by_fp(), getinfo_helper_misc(), hid_serv_acting_as_directory(), hid_serv_responsible_for_desc_id(), inform_testing_reachability(), router_compare_to_my_exit_policy(), router_dirport_found_reachable(), router_get_by_nickname(), router_get_my_descriptor(), router_get_my_share_of_directory_requests(), router_orport_found_reachable(), router_pick_trusteddirserver_impl(), router_upload_dir_desc_to_dirservers(), routerlist_insert(), routerlist_insert_old(), routerlist_replace(), run_scheduled_events(), and second_elapsed_callback().
| void router_get_verbose_nickname | ( | char * | buf, | |
| const routerinfo_t * | router | |||
| ) |
Set buf (which must have MAX_VERBOSE_NICKNAME_LEN+1 bytes) to the verbose representation of the identity of router. The format is: A dollar sign. The upper-case hexadecimal encoding of the SHA1 hash of router's identity. A "=" if the router is named; a "~" if it is not. The router's nickname.
References base16_encode(), routerinfo_t::cache_info, DIGEST_LEN, HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::is_named, MAX_NICKNAME_LEN, and routerinfo_t::nickname.
Referenced by circuit_list_path_impl(), control_event_descriptors_changed(), control_event_guard(), getinfo_helper_entry_guards(), list_server_status_v1(), and orconn_target_get_name().
| static int router_guess_address_from_dir_headers | ( | uint32_t * | guess | ) | [static] |
We failed to resolve our address locally, but we'd like to build a descriptor and publish / test reachability. If we have a guess about our address based on directory headers, answer it and return 0; else return -1.
References last_guessed_ip.
Referenced by router_pick_published_address().
| int router_is_me | ( | routerinfo_t * | router | ) |
A wrapper around router_digest_is_me().
References routerinfo_t::cache_info, signed_descriptor_t::identity_digest, and router_digest_is_me().
Referenced by choose_good_exit_server_general(), dirserv_add_descriptor(), dirserv_set_router_is_running(), dirserv_test_reachability(), router_load_single_router(), router_rebuild_descriptor(), router_set_status(), and routerlist_find_my_routerinfo().
| void router_new_address_suggestion | ( | const char * | suggestion, | |
| const dir_connection_t * | d_conn | |||
| ) |
A directory server d_conn told us our IP address is suggestion. If this address is different from the one we think we are now, and if our computer doesn't actually know its IP address, then switch.
References dir_connection_t::_base, connection_t::addr, connection_t::address, control_event_server_status(), escaped(), get_options(), ip_address_changed(), is_internal_IP(), last_guessed_ip, LD_DIR, log_addr_has_changed(), resolve_my_address(), server_mode(), tor_addr_eq_ipv4h(), and tor_inet_aton().
Referenced by connection_dir_client_reached_eof().
| void router_orport_found_reachable | ( | void | ) |
Annotate that we found our ORPort reachable.
References routerinfo_t::address, can_reach_or_port, control_event_server_status(), get_options(), LD_BUG, LD_OR, mark_my_descriptor_dirty(), routerinfo_t::or_port, and router_get_my_routerinfo().
Referenced by onionskin_answer().
| void router_perform_bandwidth_test | ( | int | num_circs, | |
| time_t | now | |||
| ) |
We have enough testing circuits open. Send a bunch of "drop" cells down each of them, to exercise our bandwidth.
References origin_circuit_t::_base, or_options_t::BandwidthRate, CELL_NETWORK_SIZE, circuit_get_next_by_pk_and_purpose(), CIRCUIT_PURPOSE_TESTING, CIRCUIT_STATE_OPEN, CIRCWINDOW_START, origin_circuit_t::cpath, get_options(), LD_OR, crypt_path_t::prev, relay_send_command_from_edge(), circuit_t::state, circuit_t::timestamp_dirty, and TO_CIRCUIT.
Referenced by circuit_testing_opened().
| int router_pick_published_address | ( | or_options_t * | options, | |
| uint32_t * | addr | |||
| ) |
Make a current best guess at our address, either because it's configured in torrc, or because we've learned it from dirserver headers. Place the answer in *addr and return 0 on success, else return -1 if we have no guess.
References LD_CONFIG, resolve_my_address(), and router_guess_address_from_dir_headers().
Referenced by directory_fetches_from_authorities(), getinfo_helper_misc(), and router_rebuild_descriptor().
| uint8_t router_purpose_from_string | ( | const char * | s | ) |
Given a string, convert it to a router purpose.
References ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_CONTROLLER, ROUTER_PURPOSE_GENERAL, and ROUTER_PURPOSE_UNKNOWN.
Referenced by handle_control_postdescriptor(), networkstatus_getinfo_by_purpose(), and router_parse_entry_from_string().
| const char* router_purpose_to_string | ( | uint8_t | p | ) |
Given a router purpose, convert it to a string. Don't call this on ROUTER_PURPOSE_UNKNOWN: The whole point of that value is that we don't know its string representation.
References ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_CONTROLLER, ROUTER_PURPOSE_GENERAL, and tor_assert.
Referenced by dirserv_add_multiple_descriptors(), load_downloaded_routers(), router_load_single_router(), and router_parse_list_from_string().
| int router_rebuild_descriptor | ( | int | force | ) |
If force is true, or our descriptor is out-of-date, rebuild a fresh routerinfo, signed server descriptor, and extra-info document for this OR. Return 0 on success, -1 on temporary error.
References routerinfo_t::addr, routerinfo_t::address, authdir_mode(), routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_encode(), or_options_t::BridgeRelay, extrainfo_t::cache_info, routerinfo_t::cache_info, control_event_my_descriptor_changed(), crypto_pk_dup_key(), crypto_pk_get_digest(), routerinfo_t::declared_family, desc_clean_since, desc_needs_upload, DIGEST_LEN, routerinfo_t::dir_port, or_options_t::DirPort, escaped(), routerinfo_t::exit_policy, or_options_t::ExitPolicy, or_options_t::ExitPolicyRejectPrivate, signed_descriptor_t::extra_info_digest, extrainfo_dump_to_string(), extrainfo_free(), or_options_t::ExtraInfoStatistics, get_effective_bwburst(), get_effective_bwrate(), get_identity_key(), get_onion_key(), get_options(), get_platform_str(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, signed_descriptor_t::is_extrainfo, is_legal_hexdigest(), is_legal_nickname_or_hexdigest(), routerinfo_t::is_named, routerinfo_t::is_running, routerinfo_t::is_valid, LD_BUG, LD_CONFIG, MAX_EXTRAINFO_UPLOAD_SIZE, or_options_t::MyFamily, extrainfo_t::nickname, or_options_t::Nickname, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::or_port, or_options_t::ORPort, routerinfo_t::platform, policies_parse_exit_policy(), signed_descriptor_t::published_on, routerinfo_t::purpose, rep_hist_bandwidth_assess(), router_dump_router_to_string(), router_get_by_nickname(), router_get_extrainfo_hash(), router_get_router_hash(), router_is_me(), router_pick_published_address(), ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerinfo_incompatible_with_extrainfo(), routerinfo_set_country(), signed_descriptor_t::routerlist_index, signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_sort_strings(), smartlist_split_string(), smartlist_string_isin(), smartlist_string_remove(), smartlist_uniq_strings(), tor_assert, tor_dup_ip(), tor_free, and we_are_hibernating().
Referenced by consider_publishable_server(), router_get_my_extrainfo(), router_get_my_routerinfo(), and run_scheduled_events().
| void router_reset_reachability | ( | void | ) |
Forget what we have learned about our reachability status.
References can_reach_dir_port, and can_reach_or_port.
Referenced by ip_address_changed().
| void router_reset_warnings | ( | void | ) |
Forget that we have issued any router-related warnings, so that we'll warn again if we see the same errors.
References smartlist_clear(), and tor_free.
Referenced by do_hup().
| void router_upload_dir_desc_to_dirservers | ( | int | force | ) |
OR only: If force is true, or we haven't uploaded this descriptor successfully yet, try to upload our signed descriptor to all the directory servers we know about.
References or_options_t::_PublishServerDescriptor, BRIDGE_AUTHORITY, extrainfo_t::cache_info, routerinfo_t::cache_info, desc_needs_upload, DIR_PURPOSE_UPLOAD_DIR, directory_post_to_dirservers(), get_options(), LD_GENERAL, router_get_my_extrainfo(), router_get_my_routerinfo(), ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_GENERAL, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_len, and tor_free.
Referenced by consider_publishable_server(), and run_scheduled_events().
| void routerstatus_get_verbose_nickname | ( | char * | buf, | |
| const routerstatus_t * | router | |||
| ) |
Set buf (which must have MAX_VERBOSE_NICKNAME_LEN+1 bytes) to the verbose representation of the identity of router. The format is: A dollar sign. The upper-case hexadecimal encoding of the SHA1 hash of router's identity. A "=" if the router is named; a "~" if it is not. The router's nickname.
References base16_encode(), DIGEST_LEN, HEX_DIGEST_LEN, routerstatus_t::identity_digest, routerstatus_t::is_named, MAX_NICKNAME_LEN, and routerstatus_t::nickname.
Referenced by circuit_list_path_impl().
| int server_mode | ( | or_options_t * | options | ) |
Return true iff we are trying to be a server.
References or_options_t::ClientOnly, or_options_t::ORListenAddress, and or_options_t::ORPort.
Referenced by circuit_extend(), circuit_note_clock_jumped(), circuit_rep_hist_note_result(), circuit_send_next_onion_skin(), circuit_testing_failed(), command_process_create_cell(), conn_close_if_marked(), connection_connect(), connection_exit_begin_conn(), connection_or_check_valid_tls_handshake(), connection_or_connect(), consider_publishable_server(), cpuworkers_rotate(), decide_if_publishable_server(), directory_caches_dir_info(), directory_command_should_use_begindir(), directory_fetches_from_authorities(), directory_info_has_arrived(), dns_init(), dns_reset(), dns_servers_relaunch_checks(), do_hup(), do_list_fingerprint(), do_main_loop(), getinfo_helper_events(), init_keys(), ip_address_changed(), options_act(), options_validate(), rep_hist_circbuilding_dormant(), rep_hist_update_state(), router_get_by_nickname(), router_get_my_extrainfo(), router_get_my_routerinfo(), router_new_address_suggestion(), routers_update_all_from_networkstatus(), run_scheduled_events(), second_elapsed_callback(), should_use_create_fast_for_circuit(), signal_callback(), and update_router_descriptor_downloads().
| void set_identity_key | ( | crypto_pk_env_t * | k | ) |
Set the current identity key to k.
References crypto_free_pk_env(), crypto_pk_get_digest(), and identitykey_digest.
Referenced by init_keys().
| static void set_onion_key | ( | crypto_pk_env_t * | k | ) | [static] |
Replace the current onion key with k. Does not affect lastonionkey; to update lastonionkey correctly, call rotate_onion_key().
References crypto_free_pk_env(), mark_my_descriptor_dirty(), onionkey_set_at, tor_mutex_acquire(), and tor_mutex_release().
Referenced by init_keys().
| static void set_server_advertised | ( | int | s | ) | [static] |
Called with a boolean: set whether we have recently published our descriptor.
References server_is_advertised.
Referenced by consider_publishable_server().
| void v3_authority_check_key_expiry | ( | void | ) |
If we're a v3 authority, check whether we have a certificate that's likely to expire soon. Warn if we do, but not too often.
References authdir_mode_v3(), authority_cert_t::expires, get_options(), and LD_DIR.
Referenced by run_scheduled_events().
authority_cert_t* authority_key_certificate = NULL [static] |
Key certificate to authenticate v3 directory material; only set for authorities.
crypto_pk_env_t* authority_signing_key = NULL [static] |
Signing key used for v3 directory material; only set for authorities.
int can_reach_dir_port = 0 [static] |
Whether we can reach our DirPort from the outside.
Referenced by check_whether_dirport_reachable(), router_dirport_found_reachable(), and router_reset_reachability().
int can_reach_or_port = 0 [static] |
Whether we can reach our ORPort from the outside.
Referenced by check_whether_orport_reachable(), router_orport_found_reachable(), and router_reset_reachability().
time_t desc_clean_since = 0 [static] |
Since when has our descriptor been "clean"? 0 if we need to regenerate it now.
Referenced by mark_my_descriptor_dirty(), mark_my_descriptor_dirty_if_older_than(), and router_rebuild_descriptor().
extrainfo_t* desc_extrainfo = NULL [static] |
My extrainfo
int desc_needs_upload = 0 [static] |
Boolean: do we need to regenerate the above?
Referenced by router_rebuild_descriptor(), and router_upload_dir_desc_to_dirservers().
routerinfo_t* desc_routerinfo = NULL [static] |
My routerinfo.
crypto_pk_env_t* identitykey = NULL [static] |
Private "identity key": used to sign directory info and TLS certificates. Never changes.
char identitykey_digest[DIGEST_LEN] [static] |
Digest of identitykey.
Referenced by router_digest_is_me(), and set_identity_key().
tor_mutex_t* key_lock = NULL [static] |
Private keys for this OR. There is also an SSL key managed by tortls.c.
uint32_t last_guessed_ip = 0 [static] |
The most recently guessed value of our IP address, based on directory headers.
Referenced by router_guess_address_from_dir_headers(), and router_new_address_suggestion().
crypto_pk_env_t* lastonionkey = NULL [static] |
Previous private onionskin decryption key: used to decode CREATE cells generated by clients that have an older version of our descriptor.
authority_cert_t* legacy_key_certificate = NULL [static] |
For emergency V3 authority key migration: An extra certificate to authenticate legacy_signing_key with our obsolete identity key.
crypto_pk_env_t* legacy_signing_key = NULL [static] |
For emergency V3 authority key migration: An extra signing key that we use with our old (obsolete) identity key for a while.
crypto_pk_env_t* onionkey = NULL [static] |
Current private onionskin decryption key: used to decode CREATE cells.
time_t onionkey_set_at = 0 [static] |
When was onionkey last changed?
Referenced by get_onion_key_set_at(), init_keys(), rotate_onion_key(), and set_onion_key().
int server_is_advertised = 0 [static] |
Remember if we've advertised ourselves to the dirservers.
Referenced by advertised_server_mode(), and set_server_advertised().
How many seconds have we been running?
smartlist_t* warned_nonexistent_family = NULL [static] |
A list of nicknames that we've warned about including in our family declaration verbatim rather than as digests.
1.5.6