#include "or.h"
#include "memarea.h"
#include <math.h>
Data Structures | |
| struct | directory_token_t |
| struct | token_rule_t |
Defines | |
| #define | MIN_ANNOTATION A_PURPOSE |
| #define | MAX_ANNOTATION _A_UNKNOWN |
| #define | AT_START 1 |
| #define | AT_END 2 |
| #define | END_OF_TABLE { NULL, _NIL, 0,0,0, NO_OBJ, 0, INT_MAX, 0, 0 } |
| #define | T(s, t, a, o) { s, t, a, o, 0, INT_MAX, 0, 0 } |
| #define | T0N(s, t, a, o) { s, t, a, o, 0, INT_MAX, 0, 0 } |
| #define | T1(s, t, a, o) { s, t, a, o, 1, 1, 0, 0 } |
| #define | T1_START(s, t, a, o) { s, t, a, o, 1, 1, AT_START, 0 } |
| #define | T1_END(s, t, a, o) { s, t, a, o, 1, 1, AT_END, 0 } |
| #define | T1N(s, t, a, o) { s, t, a, o, 1, INT_MAX, 0, 0 } |
| #define | T01(s, t, a, o) { s, t, a, o, 0, 1, 0, 0 } |
| #define | A01(s, t, a, o) { s, t, a, o, 0, 1, 0, 1 } |
| #define | ARGS 0,INT_MAX,0 |
| #define | NO_ARGS 0,0,0 |
| #define | CONCAT_ARGS 1,1,1 |
| #define | GE(n) n,INT_MAX,0 |
| #define | EQ(n) n,n,0 |
| #define | CERTIFICATE_MEMBERS |
| #define | find_by_keyword(s, keyword) _find_by_keyword((s), (keyword), #keyword) |
| #define | TS_ANNOTATIONS_OK 1 |
| #define | TS_NOCHECK 2 |
| #define | TS_NO_NEW_ANNOTATIONS 4 |
| #define | CST_CHECK_AUTHORITY (1<<0) |
| #define | CST_NO_CHECK_OBJTYPE (1<<1) |
| #define | DUMP_AREA(a, name) STMT_NIL |
| #define | ALLOC_ZERO(sz) memarea_alloc_zero(area,sz) |
| #define | ALLOC(sz) memarea_alloc(area,sz) |
| #define | STRDUP(str) memarea_strdup(area,str) |
| #define | STRNDUP(str, n) memarea_strndup(area,(str),(n)) |
| #define | RET_ERR(msg) |
| #define | MAX_ARGS 512 |
| #define | CHECK_LENGTH() |
| #define | NEXT_LINE() |
Enumerations | |
| enum | directory_keyword { K_ACCEPT = 0, K_ACCEPT6, K_DIRECTORY_SIGNATURE, K_RECOMMENDED_SOFTWARE, K_REJECT, K_REJECT6, K_ROUTER, K_SIGNED_DIRECTORY, K_SIGNING_KEY, K_ONION_KEY, K_ROUTER_SIGNATURE, K_PUBLISHED, K_RUNNING_ROUTERS, K_ROUTER_STATUS, K_PLATFORM, K_OPT, K_BANDWIDTH, K_CONTACT, K_NETWORK_STATUS, K_UPTIME, K_DIR_SIGNING_KEY, K_FAMILY, K_FINGERPRINT, K_HIBERNATING, K_READ_HISTORY, K_WRITE_HISTORY, K_NETWORK_STATUS_VERSION, K_DIR_SOURCE, K_DIR_OPTIONS, K_CLIENT_VERSIONS, K_SERVER_VERSIONS, K_P, K_R, K_S, K_V, K_W, K_M, K_EVENTDNS, K_EXTRA_INFO, K_EXTRA_INFO_DIGEST, K_CACHES_EXTRA_INFO, K_HIDDEN_SERVICE_DIR, K_ALLOW_SINGLE_HOP_EXITS, K_DIRREQ_END, K_DIRREQ_V2_IPS, K_DIRREQ_V3_IPS, K_DIRREQ_V2_REQS, K_DIRREQ_V3_REQS, K_DIRREQ_V2_SHARE, K_DIRREQ_V3_SHARE, K_DIRREQ_V2_RESP, K_DIRREQ_V3_RESP, K_DIRREQ_V2_DIR, K_DIRREQ_V3_DIR, K_DIRREQ_V2_TUN, K_DIRREQ_V3_TUN, K_ENTRY_END, K_ENTRY_IPS, K_CELL_END, K_CELL_PROCESSED, K_CELL_QUEUED, K_CELL_TIME, K_CELL_CIRCS, K_EXIT_END, K_EXIT_WRITTEN, K_EXIT_READ, K_EXIT_OPENED, K_DIR_KEY_CERTIFICATE_VERSION, K_DIR_IDENTITY_KEY, K_DIR_KEY_PUBLISHED, K_DIR_KEY_EXPIRES, K_DIR_KEY_CERTIFICATION, K_DIR_KEY_CROSSCERT, K_DIR_ADDRESS, K_VOTE_STATUS, K_VALID_AFTER, K_FRESH_UNTIL, K_VALID_UNTIL, K_VOTING_DELAY, K_KNOWN_FLAGS, K_PARAMS, K_BW_WEIGHTS, K_VOTE_DIGEST, K_CONSENSUS_DIGEST, K_ADDITIONAL_DIGEST, K_ADDITIONAL_SIGNATURE, K_CONSENSUS_METHODS, K_CONSENSUS_METHOD, K_LEGACY_DIR_KEY, K_DIRECTORY_FOOTER, A_PURPOSE, A_LAST_LISTED, _A_UNKNOWN, R_RENDEZVOUS_SERVICE_DESCRIPTOR, R_VERSION, R_PERMANENT_KEY, R_SECRET_ID_PART, R_PUBLICATION_TIME, R_PROTOCOL_VERSIONS, R_INTRODUCTION_POINTS, R_SIGNATURE, R_IPO_IDENTIFIER, R_IPO_IP_ADDRESS, R_IPO_ONION_PORT, R_IPO_ONION_KEY, R_IPO_SERVICE_KEY, C_CLIENT_NAME, C_DESCRIPTOR_COOKIE, C_CLIENT_KEY, _ERR, _EOF, _NIL } |
| enum | obj_syntax { NO_OBJ, NEED_OBJ, NEED_SKEY_1024, NEED_KEY_1024, NEED_KEY, OBJ_OK } |
Functions | |
| static int | router_add_exit_policy (routerinfo_t *router, directory_token_t *tok) |
| static addr_policy_t * | router_parse_addr_policy (directory_token_t *tok) |
| static addr_policy_t * | router_parse_addr_policy_private (directory_token_t *tok) |
| static int | router_get_hash_impl (const char *s, size_t s_len, char *digest, const char *start_str, const char *end_str, char end_char, digest_algorithm_t alg) |
| static int | router_get_hashes_impl (const char *s, size_t s_len, digests_t *digests, const char *start_str, const char *end_str, char end_char) |
| static void | token_clear (directory_token_t *tok) |
| static smartlist_t * | find_all_exitpolicy (smartlist_t *s) |
| static directory_token_t * | _find_by_keyword (smartlist_t *s, directory_keyword keyword, const char *keyword_str) |
| static directory_token_t * | find_opt_by_keyword (smartlist_t *s, directory_keyword keyword) |
| static int | tokenize_string (memarea_t *area, const char *start, const char *end, smartlist_t *out, token_rule_t *table, int flags) |
| static directory_token_t * | get_next_token (memarea_t *area, const char **s, const char *eos, token_rule_t *table) |
| static int | check_signature_token (const char *digest, ssize_t digest_len, directory_token_t *tok, crypto_pk_env_t *pkey, int flags, const char *doctype) |
| static crypto_pk_env_t * | find_dir_signing_key (const char *str, const char *eos) |
| static int | tor_version_same_series (tor_version_t *a, tor_version_t *b) |
| static void | dump_desc (const char *desc, const char *type) |
| int | router_get_dir_hash (const char *s, char *digest) |
| int | router_get_router_hash (const char *s, size_t s_len, char *digest) |
| int | router_get_runningrouters_hash (const char *s, char *digest) |
| int | router_get_networkstatus_v2_hash (const char *s, char *digest) |
| int | router_get_networkstatus_v3_hashes (const char *s, digests_t *digests) |
| int | router_get_networkstatus_v3_hash (const char *s, char *digest, digest_algorithm_t alg) |
| int | router_get_extrainfo_hash (const char *s, char *digest) |
| int | router_append_dirobj_signature (char *buf, size_t buf_len, const char *digest, size_t digest_len, crypto_pk_env_t *private_key) |
| version_status_t | tor_version_is_obsolete (const char *myversion, const char *versionlist) |
| int | router_parse_directory (const char *str) |
| int | router_parse_runningrouters (const char *str) |
| static int | dir_signing_key_is_trusted (crypto_pk_env_t *key) |
| static int | find_start_of_next_router_or_extrainfo (const char **s_ptr, const char *eos, int *is_extrainfo_out) |
| int | router_parse_list_from_string (const char **s, const char *eos, smartlist_t *dest, saved_location_t saved_location, int want_extrainfo, int allow_annotations, const char *prepend_annotations) |
| void | dump_distinct_digest_count (int severity) |
| routerinfo_t * | router_parse_entry_from_string (const char *s, const char *end, int cache_copy, int allow_annotations, const char *prepend_annotations) |
| extrainfo_t * | extrainfo_parse_entry_from_string (const char *s, const char *end, int cache_copy, struct digest_ri_map_t *routermap) |
| authority_cert_t * | authority_cert_parse_from_string (const char *s, const char **end_of_string) |
| static INLINE const char * | find_start_of_next_routerstatus (const char *s) |
| static routerstatus_t * | routerstatus_parse_entry_from_string (memarea_t *area, const char **s, smartlist_t *tokens, networkstatus_t *vote, vote_routerstatus_t *vote_rs, int consensus_method, consensus_flavor_t flav) |
| int | compare_routerstatus_entries (const void **_a, const void **_b) |
| static void | _free_duplicate_routerstatus_entry (void *e) |
| networkstatus_v2_t * | networkstatus_v2_parse_from_string (const char *s) |
| int | networkstatus_verify_bw_weights (networkstatus_t *ns) |
| networkstatus_t * | networkstatus_parse_vote_from_string (const char *s, const char **eos_out, networkstatus_type_t ns_type) |
| static digests_t * | detached_get_digests (ns_detached_signatures_t *sigs, const char *flavor_name) |
| static smartlist_t * | detached_get_signatures (ns_detached_signatures_t *sigs, const char *flavor_name) |
| ns_detached_signatures_t * | networkstatus_parse_detached_signatures (const char *s, const char *eos) |
| addr_policy_t * | router_parse_addr_policy_item_from_string (const char *s, int assume_action) |
| void | assert_addr_policy_ok (smartlist_t *lst) |
| static INLINE directory_token_t * | token_check_object (memarea_t *area, const char *kwd, directory_token_t *tok, obj_syntax o_syn) |
| static INLINE int | get_token_arguments (memarea_t *area, directory_token_t *tok, const char *s, const char *eol) |
| static int | router_get_hash_impl_helper (const char *s, size_t s_len, const char *start_str, const char *end_str, char end_c, const char **start_out, const char **end_out) |
| static const char * | find_start_of_next_microdesc (const char *s, const char *eos) |
| smartlist_t * | microdescs_parse_from_string (const char *s, const char *eos, int allow_annotations, int copy_body) |
| int | tor_version_as_new_as (const char *platform, const char *cutoff) |
| int | tor_version_parse (const char *s, tor_version_t *out) |
| int | tor_version_compare (tor_version_t *a, tor_version_t *b) |
| static int | _compare_tor_version_str_ptr (const void **_a, const void **_b) |
| void | sort_version_list (smartlist_t *versions, int remove_duplicates) |
| int | rend_parse_v2_service_descriptor (rend_service_descriptor_t **parsed_out, char *desc_id_out, char **intro_points_encrypted_out, size_t *intro_points_encrypted_size_out, size_t *encoded_size_out, const char **next_out, const char *desc) |
| int | rend_decrypt_introduction_points (char **ipos_decrypted, size_t *ipos_decrypted_size, const char *descriptor_cookie, const char *ipos_encrypted, size_t ipos_encrypted_size) |
| int | rend_parse_introduction_points (rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size) |
| int | rend_parse_client_keys (strmap_t *parsed_clients, const char *ckstr) |
Variables | |
| static token_rule_t | routerdesc_token_table [] |
| static token_rule_t | extrainfo_token_table [] |
| static token_rule_t | rtrstatus_token_table [] |
| static token_rule_t | netstatus_token_table [] |
| static token_rule_t | dir_footer_token_table [] |
| static token_rule_t | dir_token_table [] |
| static token_rule_t | dir_key_certificate_table [] |
| static token_rule_t | desc_token_table [] |
| static token_rule_t | ipo_token_table [] |
| static token_rule_t | client_keys_token_table [] |
| static token_rule_t | networkstatus_token_table [] |
| static token_rule_t | networkstatus_consensus_token_table [] |
| static token_rule_t | networkstatus_vote_footer_token_table [] |
| static token_rule_t | networkstatus_detached_signature_token_table [] |
| static token_rule_t | microdesc_token_table [] |
| static time_t | last_desc_dumped = 0 |
| #define A01 | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 0, 1, 0, 1 } |
An annotation that must appear no more than once
| #define CERTIFICATE_MEMBERS |
Value:
T1("dir-key-certificate-version", K_DIR_KEY_CERTIFICATE_VERSION, \ GE(1), NO_OBJ ), \ T1("dir-identity-key", K_DIR_IDENTITY_KEY, NO_ARGS, NEED_KEY ),\ T1("dir-key-published",K_DIR_KEY_PUBLISHED, CONCAT_ARGS, NO_OBJ), \ T1("dir-key-expires", K_DIR_KEY_EXPIRES, CONCAT_ARGS, NO_OBJ), \ T1("dir-signing-key", K_DIR_SIGNING_KEY, NO_ARGS, NEED_KEY ),\ T01("dir-key-crosscert", K_DIR_KEY_CROSSCERT, NO_ARGS, NEED_OBJ ),\ T1("dir-key-certification", K_DIR_KEY_CERTIFICATION, \ NO_ARGS, NEED_OBJ), \ T01("dir-address", K_DIR_ADDRESS, GE(1), NO_OBJ),
| #define CHECK_LENGTH | ( | ) |
Value:
STMT_BEGIN \
if (s+32 > eos) \
return NULL; \
STMT_END
| #define END_OF_TABLE { NULL, _NIL, 0,0,0, NO_OBJ, 0, INT_MAX, 0, 0 } |
Appears to indicate the end of a table.
| #define NEXT_LINE | ( | ) |
Value:
STMT_BEGIN \
s = memchr(s, '\n', eos-s); \
if (!s || s+1 >= eos) \
return NULL; \
s++; \
STMT_END
| #define RET_ERR | ( | msg | ) |
Value:
STMT_BEGIN \
if (tok) token_clear(tok); \
tok = ALLOC_ZERO(sizeof(directory_token_t)); \
tok->tp = _ERR; \
tok->error = STRDUP(msg); \
goto done_tokenizing; \
STMT_END
| #define T | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 0, INT_MAX, 0, 0 } |
An item with no restrictions: used for obsolete document types
Referenced by networkstatus_verify_bw_weights().
| #define T01 | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 0, 1, 0, 0 } |
An item that must appear no more than once
| #define T0N | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 0, INT_MAX, 0, 0 } |
An item with no restrictions on multiplicity or location.
| #define T1 | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 1, 1, 0, 0 } |
An item that must appear exactly once
| #define T1_END | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 1, 1, AT_END, 0 } |
An item that must appear exactly once, at the end of the document
| #define T1_START | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 1, 1, AT_START, 0 } |
An item that must appear exactly once, at the start of the document
| #define T1N | ( | s, | |||
| t, | |||||
| a, | |||||
| o | ) | { s, t, a, o, 1, INT_MAX, 0, 0 } |
An item that must appear one or more times
| enum directory_keyword |
Enumeration of possible token types. The ones starting with K_ correspond to directory 'keywords'. _ERR is an error in the tokenizing process, _EOF is an end-of-file marker, and _NIL is used to encode not-a-token.
| enum obj_syntax |
We use a table of rules to decide how to parse each token type. Rules for whether the keyword needs an object.
| static int _compare_tor_version_str_ptr | ( | const void ** | _a, | |
| const void ** | _b | |||
| ) | [static] |
Helper: Given pointers to two strings describing tor versions, return -1 if _a precedes _b, 1 if _b precedes _a, and 0 if they are equivalent. Used to sort a list of versions.
References tor_version_compare(), and tor_version_parse().
Referenced by sort_version_list().
| static directory_token_t * _find_by_keyword | ( | smartlist_t * | s, | |
| directory_keyword | keyword, | |||
| const char * | keyword_as_string | |||
| ) | [static] |
Find the first token in s whose keyword is keyword; fail with an assert if no such keyword is found.
References find_opt_by_keyword(), LD_BUG, and tor_assert.
| static void _free_duplicate_routerstatus_entry | ( | void * | e | ) | [static] |
Helper: used in call to _smartlist_uniq to clear out duplicate entries.
References LD_DIR, and routerstatus_free().
Referenced by networkstatus_v2_parse_from_string().
| void assert_addr_policy_ok | ( | smartlist_t * | lst | ) |
Log and exit if t is malformed
References tor_assert.
| authority_cert_t* authority_cert_parse_from_string | ( | const char * | s, | |
| const char ** | end_of_string | |||
| ) |
Parse a key certificate from s; point end-of-string to the first character after the certificate.
References authority_cert_t::addr, directory_token_t::args, authority_cert_free(), authority_cert_get_by_digests(), base16_decode(), authority_cert_t::cache_info, check_signature_token(), crypto_pk_get_digest(), DIGEST_LEN, authority_cert_t::dir_port, dump_desc(), eat_whitespace(), escaped(), authority_cert_t::expires, find_opt_by_keyword(), signed_descriptor_t::identity_digest, authority_cert_t::identity_key, authority_cert_t::is_cross_certified, directory_token_t::key, LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, parse_addr_port(), parse_iso_time(), signed_descriptor_t::published_on, router_get_hash_impl(), signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, authority_cert_t::signing_key, authority_cert_t::signing_key_digest, smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, tor_free, tor_inet_aton(), and directory_token_t::tp.
Referenced by load_authority_keyset(), networkstatus_parse_vote_from_string(), and trusted_dirs_load_certs_from_string().
| static int check_signature_token | ( | const char * | digest, | |
| ssize_t | digest_len, | |||
| directory_token_t * | tok, | |||
| crypto_pk_env_t * | pkey, | |||
| int | flags, | |||
| const char * | doctype | |||
| ) | [static] |
Check whether the object body of the token in tok has a good signature for digest using key pkey. If CST_CHECK_AUTHORITY is set, make sure that pkey is the key of a directory authority. If CST_NO_CHECK_OBJTYPE is set, do not check the object type of the signature object. Use doctype as the type of the document when generating log messages. Return 0 on success, negative on failure.
References crypto_pk_public_checksig(), dir_signing_key_is_trusted(), LD_DIR, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, tor_assert, and tor_free.
Referenced by authority_cert_parse_from_string(), extrainfo_parse_entry_from_string(), networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), rend_parse_v2_service_descriptor(), router_parse_directory(), router_parse_entry_from_string(), and router_parse_runningrouters().
| int compare_routerstatus_entries | ( | const void ** | _a, | |
| const void ** | _b | |||
| ) |
Helper to sort a smartlist of pointers to routerstatus_t
References DIGEST_LEN, and routerstatus_t::identity_digest.
Referenced by dirserv_read_measured_bandwidths(), and networkstatus_v2_parse_from_string().
| static digests_t* detached_get_digests | ( | ns_detached_signatures_t * | sigs, | |
| const char * | flavor_name | |||
| ) | [static] |
Return the digests_t that holds the digests of the flavor_name-flavored networkstatus according to the detached signatures document sigs, allocating a new digests_t as neeeded.
References ns_detached_signatures_t::digests, strmap_get(), and strmap_set().
Referenced by networkstatus_parse_detached_signatures().
| static smartlist_t* detached_get_signatures | ( | ns_detached_signatures_t * | sigs, | |
| const char * | flavor_name | |||
| ) | [static] |
Return the list of signatures of the flavor_name-flavored networkstatus according to the detached signatures document sigs, allocating a new digests_t as neeeded.
References ns_detached_signatures_t::signatures, smartlist_create(), strmap_get(), and strmap_set().
Referenced by networkstatus_parse_detached_signatures().
| static int dir_signing_key_is_trusted | ( | crypto_pk_env_t * | key | ) | [static] |
Return true iff key is allowed to sign directories.
References crypto_pk_get_digest(), DIGEST_LEN, and LD_DIR.
Referenced by check_signature_token().
| static void dump_desc | ( | const char * | desc, | |
| const char * | type | |||
| ) | [static] |
For debugging purposes, dump unparseable descriptor *desc of type *type to file $DATADIR/unparseable-desc. Do not write more than one descriptor to disk per minute. If there is already such a file in the data directory, overwrite it.
References get_datadir_fname, last_desc_dumped, LD_DIR, tor_assert, tor_free, tor_snprintf(), and write_str_to_file().
Referenced by authority_cert_parse_from_string(), extrainfo_parse_entry_from_string(), networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), router_parse_directory(), router_parse_entry_from_string(), router_parse_runningrouters(), and routerstatus_parse_entry_from_string().
| void dump_distinct_digest_count | ( | int | severity | ) |
Log the total count of the number of distinct router digests we've ever verified. When compared to the number of times we've verified routerdesc signatures in toto, this will tell us if we're doing too much multiple-verification.
References digestmap_new(), digestmap_size(), and LD_GENERAL.
Referenced by dumpstats().
| extrainfo_t* extrainfo_parse_entry_from_string | ( | const char * | s, | |
| const char * | end, | |||
| int | cache_copy, | |||
| struct digest_ri_map_t * | routermap | |||
| ) |
Parse a single extrainfo entry from the string s, ending at end. (If end is NULL, parse up to the end of s.) If cache_copy is true, make a copy of the extra-info document in the cache_info fields of the result. If routermap is provided, use it as a map from router identity to routerinfo_t when looking up signing keys.
References directory_token_t::args, base16_decode(), routerinfo_t::cache_info, extrainfo_t::cache_info, check_signature_token(), DIGEST_LEN, digestmap_get(), dump_desc(), escaped(), extrainfo_free(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, signed_descriptor_t::is_extrainfo, is_legal_nickname(), LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, extrainfo_t::nickname, note_crypto_pk_op(), directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), extrainfo_t::pending_sig, extrainfo_t::pending_sig_len, signed_descriptor_t::published_on, router_get_extrainfo_hash(), signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.
Referenced by extrainfo_dump_to_string(), and router_parse_list_from_string().
| static smartlist_t * find_all_exitpolicy | ( | smartlist_t * | s | ) | [static] |
Return a newly allocated smartlist of all accept or reject tokens in s.
References smartlist_add(), and smartlist_create().
Referenced by router_parse_entry_from_string().
| static crypto_pk_env_t * find_dir_signing_key | ( | const char * | str, | |
| const char * | eos | |||
| ) | [static] |
Given a directory or running-routers string in str, try to find the its dir-signing-key token (if any). If this token is present, extract and return the key. Return NULL on failure.
References get_next_token(), directory_token_t::key, LD_DIR, memarea_drop_all(), memarea_new(), token_clear(), tor_assert, and directory_token_t::tp.
Referenced by router_parse_directory(), and router_parse_runningrouters().
| static directory_token_t * find_opt_by_keyword | ( | smartlist_t * | s, | |
| directory_keyword | keyword | |||
| ) | [static] |
Find the first token in s whose keyword is keyword; return NULL if no such keyword is found.
Referenced by _find_by_keyword(), authority_cert_parse_from_string(), microdescs_parse_from_string(), networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), rend_parse_client_keys(), rend_parse_v2_service_descriptor(), router_parse_entry_from_string(), router_parse_runningrouters(), and routerstatus_parse_entry_from_string().
| static const char* find_start_of_next_microdesc | ( | const char * | s, | |
| const char * | eos | |||
| ) | [static] |
Assuming that s starts with a microdesc, return the start of the *NEXT* one. Return NULL on "not found."
References eat_whitespace_eos(), and strcmpstart().
Referenced by microdescs_parse_from_string().
| static int find_start_of_next_router_or_extrainfo | ( | const char ** | s_ptr, | |
| const char * | eos, | |||
| int * | is_extrainfo_out | |||
| ) | [static] |
Helper: move *s_ptr ahead to the next router, the next extra-info, or to the first of the annotations proceeding the next router or extra-info---whichever comes first. Set is_extrainfo_out to true if we found an extrainfo, or false if found a router. Do not scan beyond eos. Return -1 if we found nothing; 0 if we found something.
References eat_whitespace_eos(), strcmpstart(), and tor_assert.
Referenced by router_parse_list_from_string().
| static INLINE const char* find_start_of_next_routerstatus | ( | const char * | s | ) | [static] |
Helper: given a string s, return the start of the next router-status object (starting with "r " at the start of a line). If none is found, return the start of the directory footer, or the next directory signature. If none is found, return the end of the string.
Referenced by networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), and routerstatus_parse_entry_from_string().
| static directory_token_t * get_next_token | ( | memarea_t * | area, | |
| const char ** | s, | |||
| const char * | eos, | |||
| token_rule_t * | table | |||
| ) | [static] |
Helper function: read the next token from *s, advance *s to the end of the token, and return the parsed token. Parse *s according to the list of tokens in table.
References directory_token_t::args, base64_decode(), crypto_new_pk_env(), crypto_pk_read_private_key_from_string(), crypto_pk_read_public_key_from_string(), eat_whitespace_eos(), eat_whitespace_eos_no_nl(), find_whitespace_eos(), get_token_arguments(), directory_token_t::key, token_rule_t::max_args, token_rule_t::min_args, directory_token_t::n_args, NO_OBJ, OBJ_OK, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, token_rule_t::os, strcmp_len(), strcmpstart(), token_rule_t::t, token_check_object(), tor_assert, tor_snprintf(), directory_token_t::tp, and token_rule_t::v.
Referenced by find_dir_signing_key(), router_parse_addr_policy_item_from_string(), and tokenize_string().
| static INLINE int get_token_arguments | ( | memarea_t * | area, | |
| directory_token_t * | tok, | |||
| const char * | s, | |||
| const char * | eol | |||
| ) | [static] |
Helper: parse space-separated arguments from the string s ending at eol, and store them in the args field of tok. Store the number of parsed elements into the n_args field of tok. Allocate all storage in area. Return the number of arguments parsed, or return -1 if there was an insanely high number of arguments.
Largest number of arguments we'll accept to any token, ever.
References directory_token_t::args, eat_whitespace(), find_whitespace(), memarea_memdup(), memarea_strndup(), and directory_token_t::n_args.
Referenced by get_next_token().
| smartlist_t* microdescs_parse_from_string | ( | const char * | s, | |
| const char * | eos, | |||
| int | allow_annotations, | |||
| int | copy_body | |||
| ) |
Parse as many microdescriptors as are found from the string starting at s and ending at eos. If allow_annotations is set, read any annotations we recognize and ignore ones we don't. If copy_body is true, then strdup the bodies of the microdescriptors. Return all newly parsed microdescriptors in a newly allocated smartlist_t.
References directory_token_t::args, microdesc_t::body, microdesc_t::bodylen, microdesc_t::digest, eat_whitespace_eos(), escaped(), microdesc_t::exitsummary, microdesc_t::family, find_opt_by_keyword(), find_start_of_next_microdesc(), is_legal_nickname_or_hexdigest(), directory_token_t::key, microdesc_t::last_listed, LD_DIR, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, microdesc_t::off, microdesc_t::onion_pkey, parse_iso_time(), smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), tokenize_string(), and tor_assert.
Referenced by dirvote_create_microdescriptor(), and microdescs_add_to_cache().
| ns_detached_signatures_t* networkstatus_parse_detached_signatures | ( | const char * | s, | |
| const char * | eos | |||
| ) |
Parse a detached v3 networkstatus signature document between s and eos and return the result. Return -1 on failure.
References directory_token_t::args, base16_decode(), crypto_digest_algorithm_parse_name(), digests_t::d, detached_get_digests(), detached_get_signatures(), DIGEST256_LEN, DIGEST_LEN, ns_detached_signatures_t::digests, escaped(), ns_detached_signatures_t::fresh_until, HEX_DIGEST256_LEN, HEX_DIGEST_LEN, LD_DIR, memarea_new(), directory_token_t::n_args, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), ns_detached_signatures_t::signatures, smartlist_add(), smartlist_create(), tokenize_string(), tor_assert, tor_free, tor_mem_is_zero(), directory_token_t::tp, ns_detached_signatures_t::valid_after, and ns_detached_signatures_t::valid_until.
| networkstatus_t* networkstatus_parse_vote_from_string | ( | const char * | s, | |
| const char ** | eos_out, | |||
| networkstatus_type_t | ns_type | |||
| ) |
Parse a v3 networkstatus vote, opinion, or consensus (depending on ns_type), from s, and return the result. Return NULL on failure.
References networkstatus_voter_info_t::addr, networkstatus_voter_info_t::address, document_signature_t::alg, directory_token_t::args, authority_cert_parse_from_string(), base16_decode(), authority_cert_t::cache_info, networkstatus_t::cert, check_signature_token(), networkstatus_t::client_versions, networkstatus_t::consensus_method, networkstatus_voter_info_t::contact, crypto_digest_algorithm_parse_name(), digests_t::d, DIGEST_LEN, networkstatus_t::digests, networkstatus_voter_info_t::dir_port, networkstatus_t::dist_seconds, document_signature_free(), dump_desc(), escaped(), find_opt_by_keyword(), find_start_of_next_routerstatus(), networkstatus_t::flavor, networkstatus_t::fresh_until, document_signature_t::good_signature, HEX_DIGEST_LEN, document_signature_t::identity_digest, routerstatus_t::identity_digest, signed_descriptor_t::identity_digest, networkstatus_voter_info_t::identity_digest, networkstatus_t::known_flags, LD_DIR, networkstatus_voter_info_t::legacy_id_digest, memarea_drop_all(), memarea_new(), MIN_DIST_SECONDS, MIN_VOTE_INTERVAL, MIN_VOTE_SECONDS, directory_token_t::n_args, networkstatus_t::net_params, networkstatus_get_voter_by_id(), networkstatus_parse_flavor_name(), networkstatus_vote_free(), networkstatus_voter_info_t::nickname, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, networkstatus_voter_info_t::or_port, parse_iso_time(), networkstatus_t::published, router_get_networkstatus_v3_hashes(), networkstatus_t::routerstatus_list, routerstatus_parse_entry_from_string(), networkstatus_t::server_versions, document_signature_t::signature, document_signature_t::signature_len, authority_cert_t::signing_key, document_signature_t::signing_key_digest, networkstatus_voter_info_t::sigs, smartlist_add(), smartlist_create(), smartlist_free(), vote_routerstatus_t::status, strcmpstart(), networkstatus_t::supported_methods, token_clear(), tokenize_string(), tor_assert, tor_digest_is_zero(), tor_free, tor_inet_aton(), tor_parse_long(), directory_token_t::tp, networkstatus_t::type, networkstatus_t::valid_after, networkstatus_t::valid_until, vote_routerstatus_t::version, networkstatus_voter_info_t::vote_digest, networkstatus_t::vote_seconds, voter_get_sig_by_algorithm(), networkstatus_t::voters, and networkstatus_t::weight_params.
Referenced by dirvote_add_signatures_to_pending_consensus(), dirvote_add_vote(), dirvote_compute_consensuses(), format_networkstatus_vote(), and networkstatus_set_current_consensus().
| networkstatus_v2_t* networkstatus_v2_parse_from_string | ( | const char * | s | ) |
Given a v2 network-status object in s, try to parse it and return the result. Return NULL on failure. Check the signature of the network status, but do not (yet) check the signing key for authority.
References _free_duplicate_routerstatus_entry(), base16_decode(), networkstatus_v2_t::binds_names, check_signature_token(), networkstatus_v2_t::client_versions, compare_routerstatus_entries(), networkstatus_v2_t::contact, crypto_pk_get_digest(), DIGEST_LEN, dump_desc(), networkstatus_v2_t::entries, escaped(), find_opt_by_keyword(), find_start_of_next_routerstatus(), networkstatus_v2_t::identity_digest, crypto_pk_env_t::key, LD_BUG, LD_DIR, networkstatus_v2_t::lists_bad_directories, networkstatus_v2_t::lists_bad_exits, memarea_clear(), memarea_drop_all(), memarea_new(), networkstatus_v2_t::networkstatus_digest, networkstatus_v2_free(), note_crypto_pk_op(), parse_iso_time(), networkstatus_v2_t::published_on, networkstatus_v2_t::recommends_versions, router_get_networkstatus_v2_hash(), routerstatus_parse_entry_from_string(), networkstatus_v2_t::server_versions, networkstatus_v2_t::signing_key, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_sort(), smartlist_uniq(), networkstatus_v2_t::source_addr, networkstatus_v2_t::source_address, networkstatus_v2_t::source_dirport, strcmpstart(), token_clear(), tokenize_string(), tor_assert, tor_inet_aton(), and tor_parse_long().
Referenced by router_set_networkstatus_v2().
| int networkstatus_verify_bw_weights | ( | networkstatus_t * | ns | ) |
Verify the bandwidth weights of a network status document
References BW_WEIGHT_SCALE, LD_BUG, LD_DIR, networkstatus_get_bw_weight(), networkstatus_get_param(), networkstatus_t::routerstatus_list, and T.
| int rend_decrypt_introduction_points | ( | char ** | ipos_decrypted, | |
| size_t * | ipos_decrypted_size, | |||
| const char * | descriptor_cookie, | |||
| const char * | ipos_encrypted, | |||
| size_t | ipos_encrypted_size | |||
| ) |
Decrypt the encrypted introduction points in ipos_encrypted of length ipos_encrypted_size using descriptor_cookie and write the result to a newly allocated string that is pointed to by ipos_decrypted and its length to ipos_decrypted_size. Return 0 if decryption was successful and -1 otherwise.
References CIPHER_IV_LEN, CIPHER_KEY_LEN, crypto_cipher_decrypt(), crypto_cipher_decrypt_with_iv(), crypto_create_init_cipher(), crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_free_cipher_env(), crypto_free_digest_env(), crypto_new_digest_env(), LD_REND, memcmpstart(), REND_BASIC_AUTH_CLIENT_ENTRY_LEN, REND_BASIC_AUTH_CLIENT_ID_LEN, REND_BASIC_AUTH_CLIENT_MULTIPLE, REND_DESC_COOKIE_LEN, tor_assert, and tor_free.
Referenced by rend_cache_store_v2_desc_as_client().
| int rend_parse_client_keys | ( | strmap_t * | parsed_clients, | |
| const char * | ckstr | |||
| ) |
Parse the content of a client_key file in ckstr and add rend_authorized_client_t's for each parsed client to parsed_clients. Return the number of parsed clients as result or -1 for failure.
References directory_token_t::args, base64_decode(), rend_authorized_client_t::client_key, rend_authorized_client_t::client_name, rend_authorized_client_t::descriptor_cookie, eat_whitespace(), escaped(), find_opt_by_keyword(), directory_token_t::key, LD_CONFIG, LD_REND, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, REND_DESC_COOKIE_LEN, REND_DESC_COOKIE_LEN_BASE64, REND_LEGAL_CLIENTNAME_CHARACTERS, smartlist_clear(), smartlist_create(), smartlist_free(), strcmpstart(), strmap_get(), strmap_set(), strmap_size(), token_clear(), tokenize_string(), and tor_assert.
Referenced by rend_service_load_keys().
| int rend_parse_introduction_points | ( | rend_service_descriptor_t * | parsed, | |
| const char * | intro_points_encoded, | |||
| size_t | intro_points_encoded_size | |||
| ) |
Parse the encoded introduction points in intro_points_encoded of length intro_points_encoded_size and write the result to the descriptor in parsed; return the number of successfully parsed introduction points or -1 in case of a failure.
Function may only be invoked once.
References extend_info_t::addr, directory_token_t::args, base16_encode(), base32_decode(), DIGEST_LEN, escaped(), rend_intro_point_t::extend_info, extend_info_t::identity_digest, rend_intro_point_t::intro_key, rend_service_descriptor_t::intro_nodes, directory_token_t::key, LD_REND, memarea_clear(), memarea_drop_all(), memarea_new(), memcmpstart(), extend_info_t::nickname, extend_info_t::onion_key, extend_info_t::port, rend_intro_point_free(), REND_INTRO_POINT_ID_LEN_BASE32, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_addr_family(), tor_addr_from_str(), tor_assert, and tor_parse_long().
Referenced by rend_cache_store_v2_desc_as_client().
| int rend_parse_v2_service_descriptor | ( | rend_service_descriptor_t ** | parsed_out, | |
| char * | desc_id_out, | |||
| char ** | intro_points_encrypted_out, | |||
| size_t * | intro_points_encrypted_size_out, | |||
| size_t * | encoded_size_out, | |||
| const char ** | next_out, | |||
| const char * | desc | |||
| ) |
Parse and validate the ASCII-encoded v2 descriptor in desc, write the parsed descriptor to the newly allocated *parsed_out, the binary descriptor ID of length DIGEST_LEN to desc_id_out, the encrypted introduction points to the newly allocated *intro_points_encrypted_out, their encrypted size to *intro_points_encrypted_size_out, the size of the encoded descriptor to *encoded_size_out, and a pointer to the possibly next descriptor to *next_out; return 0 for success (including validation) and -1 for failure.
References directory_token_t::args, BASE32_CHARS, base32_decode(), check_signature_token(), crypto_pk_get_digest(), DIGEST_LEN, escaped(), find_opt_by_keyword(), directory_token_t::key, LD_DIR, LD_REND, memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), rend_service_descriptor_t::pk, rend_service_descriptor_t::protocols, REND_DESC_ID_V2_LEN_BASE32, REND_DESC_MAX_SIZE, rend_get_descriptor_id_bytes(), REND_SECRET_ID_PART_LEN_BASE32, rend_service_descriptor_free(), router_get_hash_impl(), smartlist_create(), smartlist_free(), smartlist_split_string(), rend_service_descriptor_t::timestamp, token_clear(), tokenize_string(), tor_assert, tor_free, tor_parse_long(), and rend_service_descriptor_t::version.
Referenced by rend_cache_store_v2_desc_as_client(), rend_cache_store_v2_desc_as_dir(), and rend_desc_v2_is_parsable().
| static int router_add_exit_policy | ( | routerinfo_t * | router, | |
| directory_token_t * | tok | |||
| ) | [static] |
Add an exit policy stored in the token tok to the router info in router. Return 0 on success, -1 on failure.
References addr_policy_t::addr, addr_policy_free(), routerinfo_t::exit_policy, LD_DIR, router_parse_addr_policy(), smartlist_add(), smartlist_create(), tor_addr_family(), and directory_token_t::tp.
Referenced by router_parse_entry_from_string().
| int router_append_dirobj_signature | ( | char * | buf, | |
| size_t | buf_len, | |||
| const char * | digest, | |||
| size_t | digest_len, | |||
| crypto_pk_env_t * | private_key | |||
| ) |
Helper: used to generate signatures for routers, directories and network-status objects. Given a digest in digest and a secret private_key, generate an PKCS1-padded signature, BASE64-encode it, surround it with -----BEGIN/END----- pairs, and write it to the buf_len-byte buffer at buf. Return 0 on success, -1 on failure.
References base64_encode(), crypto_pk_keysize(), crypto_pk_private_sign(), LD_BUG, and tor_free.
Referenced by dirserv_dump_directory_to_string(), extrainfo_dump_to_string(), format_networkstatus_vote(), generate_runningrouters(), rend_encode_v2_descriptors(), and router_dump_router_to_string().
| int router_get_dir_hash | ( | const char * | s, | |
| char * | digest | |||
| ) |
Set digest to the SHA-1 digest of the hash of the directory in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by dirserv_dump_directory_to_string(), and router_parse_directory().
| int router_get_extrainfo_hash | ( | const char * | s, | |
| char * | digest | |||
| ) |
Set digest to the SHA-1 digest of the hash of the extrainfo string in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by extrainfo_dump_to_string(), extrainfo_parse_entry_from_string(), and router_rebuild_descriptor().
| static int router_get_hash_impl | ( | const char * | s, | |
| size_t | s_len, | |||
| char * | digest, | |||
| const char * | start_str, | |||
| const char * | end_str, | |||
| char | end_c, | |||
| digest_algorithm_t | alg | |||
| ) | [static] |
Compute the digest of the substring of s taken from the first occurrence of start_str through the first instance of c after the first subsequent occurrence of end_str; store the 20-byte result in digest; return 0 on success.
If no such substring exists, return -1.
References crypto_digest(), and LD_BUG.
Referenced by authority_cert_parse_from_string(), rend_parse_v2_service_descriptor(), router_get_dir_hash(), router_get_extrainfo_hash(), router_get_networkstatus_v2_hash(), router_get_networkstatus_v3_hash(), router_get_router_hash(), and router_get_runningrouters_hash().
| static int router_get_hashes_impl | ( | const char * | s, | |
| size_t | s_len, | |||
| digests_t * | digests, | |||
| const char * | start_str, | |||
| const char * | end_str, | |||
| char | end_c | |||
| ) | [static] |
As router_get_hash_impl, but compute all hashes.
References crypto_digest_all(), and LD_BUG.
Referenced by router_get_networkstatus_v3_hashes().
| int router_get_networkstatus_v2_hash | ( | const char * | s, | |
| char * | digest | |||
| ) |
Set digest to the SHA-1 digest of the hash of the network-status string in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by networkstatus_v2_parse_from_string().
| int router_get_networkstatus_v3_hash | ( | const char * | s, | |
| char * | digest, | |||
| digest_algorithm_t | alg | |||
| ) |
Set digest to the SHA-1 digest of the hash of the network-status string in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by format_networkstatus_vote().
| int router_get_networkstatus_v3_hashes | ( | const char * | s, | |
| digests_t * | digests | |||
| ) |
Set digests to all the digests of the consensus document in s
References router_get_hashes_impl().
Referenced by networkstatus_parse_vote_from_string().
| int router_get_router_hash | ( | const char * | s, | |
| size_t | s_len, | |||
| char * | digest | |||
| ) |
Set digest to the SHA-1 digest of the hash of the first router in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by router_dump_router_to_string(), router_parse_entry_from_string(), and router_rebuild_descriptor().
| int router_get_runningrouters_hash | ( | const char * | s, | |
| char * | digest | |||
| ) |
Set digest to the SHA-1 digest of the hash of the running-routers string in s. Return 0 on success, -1 on failure.
References router_get_hash_impl().
Referenced by generate_runningrouters(), and router_parse_runningrouters().
| static addr_policy_t * router_parse_addr_policy | ( | directory_token_t * | tok | ) | [static] |
Given a K_ACCEPT or K_REJECT token and a router, create and return a new exit_policy_t corresponding to the token.
References addr_policy_t::addr, directory_token_t::args, escaped(), LD_DIR, addr_policy_t::maskbits, directory_token_t::n_args, addr_policy_t::policy_type, addr_policy_t::prt_max, addr_policy_t::prt_min, router_parse_addr_policy_private(), strcmpstart(), tor_addr_parse_mask_ports(), tor_assert, and directory_token_t::tp.
Referenced by router_add_exit_policy(), and router_parse_addr_policy_item_from_string().
| addr_policy_t* router_parse_addr_policy_item_from_string | ( | const char * | s, | |
| int | assume_action | |||
| ) |
Parse the addr policy in the string s and return it. If assume_action is nonnegative, then insert its action (ADDR_POLICY_ACCEPT or ADDR_POLICY_REJECT) for items that specify no action.
References eat_whitespace(), directory_token_t::error, escaped(), get_next_token(), LD_DIR, memarea_drop_all(), memarea_new(), router_parse_addr_policy(), token_clear(), tor_snprintf(), tor_strlower(), and directory_token_t::tp.
Referenced by parse_addr_policy(), policies_set_router_exitpolicy_to_reject_all(), and routerset_parse().
| static addr_policy_t * router_parse_addr_policy_private | ( | directory_token_t * | tok | ) | [static] |
Parse an exit policy line of the format "accept/reject private:...". This didn't exist until Tor 0.1.1.15, so nobody should generate it in router descriptors until earlier versions are obsolete.
References directory_token_t::args, eat_whitespace(), addr_policy_t::is_private, parse_port_range(), addr_policy_t::policy_type, addr_policy_t::prt_max, addr_policy_t::prt_min, strcmpstart(), and directory_token_t::tp.
Referenced by router_parse_addr_policy().
| int router_parse_directory | ( | const char * | str | ) |
Read a signed directory from str. If it's well-formed, return 0. Otherwise, return -1. If we're a directory cache, cache it.
References directory_token_t::args, authdir_mode_v1(), check_signature_token(), crypto_free_pk_env(), DIGEST_LEN, dirserv_set_cached_directory(), dump_desc(), find_dir_signing_key(), get_options(), hex_str(), LD_DIR, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), parse_iso_time(), router_get_dir_hash(), smartlist_clear(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.
| routerinfo_t* router_parse_entry_from_string | ( | const char * | s, | |
| const char * | end, | |||
| int | cache_copy, | |||
| int | allow_annotations, | |||
| const char * | prepend_annotations | |||
| ) |
Helper function: reads a single router entry from *s ... *end. Mallocs a new router and returns it if all goes well, else returns NULL. If cache_copy is true, duplicate the contents of s through end into the signed_descriptor_body of the resulting routerinfo_t.
If end is NULL, s must be properly NULL-terminated.
If allow_annotations, it's okay to encounter annotations in s before the router; if it's false, reject the router if it's annotated. If prepend_annotations is set, it should contain some annotations: append them to the front of the router before parsing it, and keep them around when caching the router.
Only one of allow_annotations and prepend_annotations may be set.
References routerinfo_t::addr, routerinfo_t::address, routerinfo_t::allow_single_hop_exits, signed_descriptor_t::annotations_len, directory_token_t::args, routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_decode(), routerinfo_t::cache_info, routerinfo_t::caches_extra_info, check_signature_token(), routerinfo_t::contact_info, routerinfo_t::country, crypto_pk_get_digest(), routerinfo_t::declared_family, DIGEST_LEN, digestmap_new(), digestmap_set(), routerinfo_t::dir_port, dump_desc(), escaped(), routerinfo_t::exit_policy, signed_descriptor_t::extra_info_digest, find_all_exitpolicy(), find_opt_by_keyword(), routerinfo_t::has_old_dnsworkers, HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, routerinfo_t::is_hibernating, is_legal_nickname(), is_legal_nickname_or_hexdigest(), directory_token_t::key, LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, routerinfo_t::nickname, note_crypto_pk_op(), routerinfo_t::onion_pkey, routerinfo_t::or_port, parse_iso_time(), routerinfo_t::platform, policy_expand_private(), routerinfo_t::policy_is_reject_star, policy_is_reject_star(), signed_descriptor_t::published_on, routerinfo_t::purpose, router_add_exit_policy(), router_get_router_hash(), router_purpose_from_string(), ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerinfo_set_country(), signed_descriptor_t::routerlist_index, signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_create(), smartlist_free(), strcmpstart(), token_clear(), tokenize_string(), tor_assert, tor_inet_aton(), tor_parse_long(), tor_strstrip(), tor_version_as_new_as(), routerinfo_t::uptime, and routerinfo_t::wants_to_be_hs_dir.
Referenced by init_keys(), router_dump_router_to_string(), router_load_single_router(), router_parse_list_from_string(), and routerlist_reparse_old().
| int router_parse_list_from_string | ( | const char ** | s, | |
| const char * | eos, | |||
| smartlist_t * | dest, | |||
| saved_location_t | saved_location, | |||
| int | want_extrainfo, | |||
| int | allow_annotations, | |||
| const char * | prepend_annotations | |||
| ) |
Given a string *s containing a concatenated sequence of router descriptors (or extra-info documents if is_extrainfo is set), parses them and stores the result in dest. All routers are marked running and valid. Advances *s to a point immediately following the last router entry. Ignore any trailing router entries that are not complete.
If saved_location isn't SAVED_IN_CACHE, make a local copy of each descriptor in the signed_descriptor_body field of each routerinfo_t. If it isn't SAVED_NOWHERE, remember the offset of each descriptor.
Returns 0 on success and -1 on failure.
References routerinfo_t::cache_info, extrainfo_t::cache_info, extrainfo_parse_entry_from_string(), find_start_of_next_router_or_extrainfo(), routerlist_t::identity_map, LD_DIR, routerinfo_t::nickname, routerinfo_t::purpose, router_get_routerlist(), router_parse_entry_from_string(), router_purpose_to_string(), SAVED_IN_CACHE, signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_t::saved_offset, smartlist_add(), and tor_assert.
Referenced by dirserv_add_multiple_descriptors(), router_load_extrainfo_from_string(), and router_load_routers_from_string().
| int router_parse_runningrouters | ( | const char * | str | ) |
Read a signed router status statement from str. If it's well-formed, return 0. Otherwise, return -1. If we're a directory cache, cache it.
References directory_token_t::args, authdir_mode_v1(), check_signature_token(), crypto_free_pk_env(), DIGEST_LEN, dirserv_set_cached_directory(), dump_desc(), find_dir_signing_key(), find_opt_by_keyword(), get_options(), LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), parse_iso_time(), router_get_runningrouters_hash(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.
| static routerstatus_t* routerstatus_parse_entry_from_string | ( | memarea_t * | area, | |
| const char ** | s, | |||
| smartlist_t * | tokens, | |||
| networkstatus_t * | vote, | |||
| vote_routerstatus_t * | vote_rs, | |||
| int | consensus_method, | |||
| consensus_flavor_t | flav | |||
| ) | [static] |
Given a string at *s, containing a routerstatus object, and an empty smartlist at tokens, parse and return the first router status object in the string, and advance *s to just after the end of the router status. Return NULL and advance *s on error.
If vote and vote_rs are provided, don't allocate a fresh routerstatus but use vote_rs instead.
If consensus_method is nonzero, this routerstatus is part of a consensus, and we should parse it according to the method used to make that consensus.
Parse according to the syntax used by the consensus flavor flav.
References routerstatus_t::addr, directory_token_t::args, routerstatus_t::bandwidth, bool_eq, routerstatus_t::descriptor_digest, digest_from_base64(), routerstatus_t::dir_port, dump_desc(), escaped(), routerstatus_t::exitsummary, find_opt_by_keyword(), find_start_of_next_routerstatus(), vote_routerstatus_t::flags, routerstatus_t::has_bandwidth, routerstatus_t::has_exitsummary, routerstatus_t::has_measured_bw, routerstatus_t::identity_digest, routerstatus_t::is_authority, routerstatus_t::is_bad_directory, routerstatus_t::is_bad_exit, routerstatus_t::is_exit, routerstatus_t::is_fast, routerstatus_t::is_hs_dir, is_legal_nickname(), routerstatus_t::is_named, routerstatus_t::is_possible_guard, routerstatus_t::is_running, routerstatus_t::is_stable, routerstatus_t::is_unnamed, routerstatus_t::is_v2_dir, routerstatus_t::is_valid, networkstatus_t::known_flags, LD_DIR, routerstatus_t::measured_bw, memarea_clear(), vote_routerstatus_t::microdesc, directory_token_t::n_args, routerstatus_t::nickname, routerstatus_t::or_port, parse_iso_time(), routerstatus_t::published_on, routerstatus_free(), smartlist_clear(), smartlist_string_pos(), vote_routerstatus_t::status, strcmpstart(), token_clear(), tokenize_string(), tor_assert, tor_inet_aton(), tor_parse_long(), tor_parse_ulong(), tor_snprintf(), tor_version_as_new_as(), vote_routerstatus_t::version, routerstatus_t::version_known, routerstatus_t::version_supports_begindir, routerstatus_t::version_supports_conditional_consensus, routerstatus_t::version_supports_extrainfo_upload, and routerstatus_t::version_supports_v3_dir.
Referenced by networkstatus_parse_vote_from_string(), and networkstatus_v2_parse_from_string().
| void sort_version_list | ( | smartlist_t * | versions, | |
| int | remove_duplicates | |||
| ) |
Sort a list of string-representations of versions in ascending order.
References _compare_tor_version_str_ptr(), _tor_free(), smartlist_sort(), and smartlist_uniq().
Referenced by compute_consensus_versions_list(), format_versions_list(), and networkstatus_compute_consensus().
| static INLINE directory_token_t* token_check_object | ( | memarea_t * | area, | |
| const char * | kwd, | |||
| directory_token_t * | tok, | |||
| obj_syntax | o_syn | |||
| ) | [static] |
Helper: make sure that the token tok with keyword kwd obeys the object syntax of o_syn. Allocate all storage in area. Return tok on success, or a new _ERR token if the token didn't conform to the syntax we wanted.
References crypto_pk_key_is_private(), crypto_pk_keysize(), directory_token_t::key, NEED_KEY, NEED_KEY_1024, NEED_OBJ, NEED_SKEY_1024, NO_OBJ, OBJ_OK, directory_token_t::object_body, PK_BYTES, and tor_snprintf().
Referenced by get_next_token().
| static void token_clear | ( | directory_token_t * | tok | ) | [static] |
Free all resources allocated for tok
References crypto_free_pk_env(), and directory_token_t::key.
Referenced by authority_cert_parse_from_string(), extrainfo_parse_entry_from_string(), find_dir_signing_key(), networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), rend_parse_client_keys(), rend_parse_introduction_points(), rend_parse_v2_service_descriptor(), router_parse_addr_policy_item_from_string(), router_parse_directory(), router_parse_entry_from_string(), router_parse_runningrouters(), routerstatus_parse_entry_from_string(), and tokenize_string().
| static int tokenize_string | ( | memarea_t * | area, | |
| const char * | start, | |||
| const char * | end, | |||
| smartlist_t * | out, | |||
| token_rule_t * | table, | |||
| int | flags | |||
| ) | [static] |
Read all tokens from a string between start and end, and add them to out. Parse according to the token rules in table. Caller must free tokens in out. If end is NULL, use the entire string.
References eat_whitespace_eos(), directory_token_t::error, get_next_token(), LD_DIR, smartlist_add(), token_rule_t::t, token_clear(), tor_assert, and directory_token_t::tp.
Referenced by authority_cert_parse_from_string(), extrainfo_parse_entry_from_string(), microdescs_parse_from_string(), networkstatus_parse_detached_signatures(), networkstatus_parse_vote_from_string(), networkstatus_v2_parse_from_string(), rend_parse_client_keys(), rend_parse_introduction_points(), rend_parse_v2_service_descriptor(), router_parse_directory(), router_parse_entry_from_string(), router_parse_runningrouters(), and routerstatus_parse_entry_from_string().
| int tor_version_as_new_as | ( | const char * | platform, | |
| const char * | cutoff | |||
| ) |
Parse the Tor version of the platform string platform, and compare it to the version in cutoff. Return 1 if the router is at least as new as the cutoff, else return 0.
References eat_whitespace(), find_whitespace(), LD_BUG, LD_DIR, strcmpstart(), tor_assert, tor_version_compare(), and tor_version_parse().
Referenced by dirserv_get_status_impl(), remove_obsolete_entry_guards(), router_digest_version_as_new_as(), router_parse_entry_from_string(), router_supports_extrainfo(), routerstatus_parse_entry_from_string(), and set_routerstatus_from_routerinfo().
| int tor_version_compare | ( | tor_version_t * | a, | |
| tor_version_t * | b | |||
| ) |
Compare two tor versions; Return <0 if a < b; 0 if a ==b, >0 if a > b.
References tor_version_t::git_tag, tor_version_t::git_tag_len, tor_version_t::major, tor_version_t::micro, tor_version_t::minor, tor_version_t::patchlevel, tor_version_t::status, tor_version_t::status_tag, tor_version_t::svn_revision, and tor_assert.
Referenced by _compare_tor_version_str_ptr(), tor_version_as_new_as(), and tor_version_is_obsolete().
| version_status_t tor_version_is_obsolete | ( | const char * | myversion, | |
| const char * | versionlist | |||
| ) |
Return VS_RECOMMENDED if myversion is contained in versionlist. Else, return VS_EMPTY if versionlist has no entries. Else, return VS_OLD if every member of versionlist is newer than myversion. Else, return VS_NEW_IN_SERIES if there is at least one member of versionlist in the same series (major.minor.micro) as myversion, but no such member is newer than myversion.. Else, return VS_NEW if every member of versionlist is older than myversion. Else, return VS_UNRECOMMENDED.
(versionlist is a comma-separated list of version strings, optionally prefixed with "Tor". Versions that can't be parsed are ignored.)
References LD_BUG, LD_CONFIG, smartlist_create(), smartlist_free(), smartlist_split_string(), strcmpstart(), tor_assert, tor_free, tor_version_compare(), tor_version_parse(), tor_version_same_series(), VS_EMPTY, VS_NEW, VS_NEW_IN_SERIES, VS_OLD, VS_RECOMMENDED, and VS_UNRECOMMENDED.
Referenced by getinfo_helper_events(), and routers_update_all_from_networkstatus().
| int tor_version_parse | ( | const char * | s, | |
| tor_version_t * | out | |||
| ) |
Parse a tor version from s, and store the result in out. Return 0 on success, -1 on failure.
References base16_decode(), DIGEST_LEN, eat_whitespace(), find_whitespace(), tor_version_t::git_tag, tor_version_t::git_tag_len, HEX_DIGEST_LEN, tor_version_t::major, tor_version_t::micro, tor_version_t::minor, tor_version_t::patchlevel, tor_version_t::status, tor_version_t::status_tag, strcasecmpstart(), strcmpstart(), tor_version_t::svn_revision, and tor_assert.
Referenced by _compare_tor_version_str_ptr(), remove_obsolete_entry_guards(), tor_version_as_new_as(), and tor_version_is_obsolete().
| static int tor_version_same_series | ( | tor_version_t * | a, | |
| tor_version_t * | b | |||
| ) | [static] |
Return true iff versions a and b belong to the same series.
References tor_version_t::major, tor_version_t::micro, tor_version_t::minor, and tor_assert.
Referenced by tor_version_is_obsolete().
token_rule_t client_keys_token_table[] [static] |
Initial value:
{
T1_START("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ),
T1("descriptor-cookie", C_DESCRIPTOR_COOKIE, EQ(1), NO_OBJ),
T01("client-key", C_CLIENT_KEY, NO_ARGS, NEED_SKEY_1024),
END_OF_TABLE
}
token_rule_t desc_token_table[] [static] |
Initial value:
{
T1_START("rendezvous-service-descriptor", R_RENDEZVOUS_SERVICE_DESCRIPTOR,
EQ(1), NO_OBJ),
T1("version", R_VERSION, EQ(1), NO_OBJ),
T1("permanent-key", R_PERMANENT_KEY, NO_ARGS, NEED_KEY_1024),
T1("secret-id-part", R_SECRET_ID_PART, EQ(1), NO_OBJ),
T1("publication-time", R_PUBLICATION_TIME, CONCAT_ARGS, NO_OBJ),
T1("protocol-versions", R_PROTOCOL_VERSIONS, EQ(1), NO_OBJ),
T01("introduction-points", R_INTRODUCTION_POINTS, NO_ARGS, NEED_OBJ),
T1_END("signature", R_SIGNATURE, NO_ARGS, NEED_OBJ),
END_OF_TABLE
}
token_rule_t dir_footer_token_table[] [static] |
Initial value:
{
T1("directory-signature", K_DIRECTORY_SIGNATURE, EQ(1), NEED_OBJ ),
END_OF_TABLE
}
token_rule_t dir_key_certificate_table[] [static] |
Initial value:
{
CERTIFICATE_MEMBERS
T1("fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ),
END_OF_TABLE
}
token_rule_t dir_token_table[] [static] |
Initial value:
{
T( "network-status", K_NETWORK_STATUS, NO_ARGS, NO_OBJ ),
T( "directory-signature", K_DIRECTORY_SIGNATURE, ARGS, NEED_OBJ ),
T( "recommended-software",K_RECOMMENDED_SOFTWARE,CONCAT_ARGS, NO_OBJ ),
T( "signed-directory", K_SIGNED_DIRECTORY, NO_ARGS, NO_OBJ ),
T( "running-routers", K_RUNNING_ROUTERS, ARGS, NO_OBJ ),
T( "router-status", K_ROUTER_STATUS, ARGS, NO_OBJ ),
T( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ),
T( "opt", K_OPT, CONCAT_ARGS, OBJ_OK ),
T( "contact", K_CONTACT, CONCAT_ARGS, NO_OBJ ),
T( "dir-signing-key", K_DIR_SIGNING_KEY, ARGS, OBJ_OK ),
T( "fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ),
END_OF_TABLE
}
token_rule_t extrainfo_token_table[] [static] |
List of tokens allowable in extra-info documents.
token_rule_t ipo_token_table[] [static] |
Initial value:
{
T1_START("introduction-point", R_IPO_IDENTIFIER, EQ(1), NO_OBJ),
T1("ip-address", R_IPO_IP_ADDRESS, EQ(1), NO_OBJ),
T1("onion-port", R_IPO_ONION_PORT, EQ(1), NO_OBJ),
T1("onion-key", R_IPO_ONION_KEY, NO_ARGS, NEED_KEY_1024),
T1("service-key", R_IPO_SERVICE_KEY, NO_ARGS, NEED_KEY_1024),
END_OF_TABLE
}
time_t last_desc_dumped = 0 [static] |
Last time we dumped a descriptor to disk.
Referenced by dump_desc().
token_rule_t microdesc_token_table[] [static] |
Initial value:
{
T1_START("onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024),
T01("family", K_FAMILY, ARGS, NO_OBJ ),
T01("p", K_P, CONCAT_ARGS, NO_OBJ ),
A01("@last-listed", A_LAST_LISTED, CONCAT_ARGS, NO_OBJ ),
END_OF_TABLE
}
token_rule_t netstatus_token_table[] [static] |
Initial value:
{
T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ),
T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ),
T1( "contact", K_CONTACT, CONCAT_ARGS, NO_OBJ ),
T1( "dir-signing-key", K_DIR_SIGNING_KEY, NO_ARGS, NEED_KEY_1024 ),
T1( "fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ),
T1_START("network-status-version", K_NETWORK_STATUS_VERSION,
GE(1), NO_OBJ ),
T1( "dir-source", K_DIR_SOURCE, GE(3), NO_OBJ ),
T01("dir-options", K_DIR_OPTIONS, ARGS, NO_OBJ ),
T01("client-versions", K_CLIENT_VERSIONS, CONCAT_ARGS, NO_OBJ ),
T01("server-versions", K_SERVER_VERSIONS, CONCAT_ARGS, NO_OBJ ),
END_OF_TABLE
}
token_rule_t networkstatus_consensus_token_table[] [static] |
Initial value:
{
T1_START("network-status-version", K_NETWORK_STATUS_VERSION,
GE(1), NO_OBJ ),
T1("vote-status", K_VOTE_STATUS, GE(1), NO_OBJ ),
T1("valid-after", K_VALID_AFTER, CONCAT_ARGS, NO_OBJ ),
T1("fresh-until", K_FRESH_UNTIL, CONCAT_ARGS, NO_OBJ ),
T1("valid-until", K_VALID_UNTIL, CONCAT_ARGS, NO_OBJ ),
T1("voting-delay", K_VOTING_DELAY, GE(2), NO_OBJ ),
T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ),
T1N("dir-source", K_DIR_SOURCE, GE(6), NO_OBJ ),
T1N("contact", K_CONTACT, CONCAT_ARGS, NO_OBJ ),
T1N("vote-digest", K_VOTE_DIGEST, GE(1), NO_OBJ ),
T1( "known-flags", K_KNOWN_FLAGS, CONCAT_ARGS, NO_OBJ ),
T01("client-versions", K_CLIENT_VERSIONS, CONCAT_ARGS, NO_OBJ ),
T01("server-versions", K_SERVER_VERSIONS, CONCAT_ARGS, NO_OBJ ),
T01("consensus-method", K_CONSENSUS_METHOD, EQ(1), NO_OBJ),
T01("params", K_PARAMS, ARGS, NO_OBJ ),
END_OF_TABLE
}
Initial value:
{
T1_START("consensus-digest", K_CONSENSUS_DIGEST, GE(1), NO_OBJ ),
T("additional-digest", K_ADDITIONAL_DIGEST,GE(3), NO_OBJ ),
T1("valid-after", K_VALID_AFTER, CONCAT_ARGS, NO_OBJ ),
T1("fresh-until", K_FRESH_UNTIL, CONCAT_ARGS, NO_OBJ ),
T1("valid-until", K_VALID_UNTIL, CONCAT_ARGS, NO_OBJ ),
T("additional-signature", K_ADDITIONAL_SIGNATURE, GE(4), NEED_OBJ ),
T1N("directory-signature", K_DIRECTORY_SIGNATURE, GE(2), NEED_OBJ ),
END_OF_TABLE
}
token_rule_t networkstatus_token_table[] [static] |
Initial value:
{
T1_START("network-status-version", K_NETWORK_STATUS_VERSION,
GE(1), NO_OBJ ),
T1("vote-status", K_VOTE_STATUS, GE(1), NO_OBJ ),
T1("published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ),
T1("valid-after", K_VALID_AFTER, CONCAT_ARGS, NO_OBJ ),
T1("fresh-until", K_FRESH_UNTIL, CONCAT_ARGS, NO_OBJ ),
T1("valid-until", K_VALID_UNTIL, CONCAT_ARGS, NO_OBJ ),
T1("voting-delay", K_VOTING_DELAY, GE(2), NO_OBJ ),
T1("known-flags", K_KNOWN_FLAGS, ARGS, NO_OBJ ),
T01("params", K_PARAMS, ARGS, NO_OBJ ),
T( "fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ),
CERTIFICATE_MEMBERS
T0N("opt", K_OPT, CONCAT_ARGS, OBJ_OK ),
T1( "contact", K_CONTACT, CONCAT_ARGS, NO_OBJ ),
T1( "dir-source", K_DIR_SOURCE, GE(6), NO_OBJ ),
T01("legacy-dir-key", K_LEGACY_DIR_KEY, GE(1), NO_OBJ ),
T1( "known-flags", K_KNOWN_FLAGS, CONCAT_ARGS, NO_OBJ ),
T01("client-versions", K_CLIENT_VERSIONS, CONCAT_ARGS, NO_OBJ ),
T01("server-versions", K_SERVER_VERSIONS, CONCAT_ARGS, NO_OBJ ),
T1( "consensus-methods", K_CONSENSUS_METHODS, GE(1), NO_OBJ ),
END_OF_TABLE
}
token_rule_t routerdesc_token_table[] [static] |
List of tokens allowable in router descriptors
token_rule_t rtrstatus_token_table[] [static] |
Initial value:
List of tokens allowable in the body part of v2 and v3 networkstatus documents.
1.5.6