|  | @@ -7,60 +7,57 @@
 | 
	
		
			
				|  |  |  #define ROUTER_PRIVATE
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  #include "core/or/or.h"
 | 
	
		
			
				|  |  | -#include "core/or/circuitbuild.h"
 | 
	
		
			
				|  |  | -#include "core/or/circuitlist.h"
 | 
	
		
			
				|  |  | -#include "core/or/circuituse.h"
 | 
	
		
			
				|  |  |  #include "app/config/config.h"
 | 
	
		
			
				|  |  | -#include "core/mainloop/connection.h"
 | 
	
		
			
				|  |  | -#include "feature/control/control.h"
 | 
	
		
			
				|  |  | -#include "lib/crypt_ops/crypto_rand.h"
 | 
	
		
			
				|  |  | -#include "lib/crypt_ops/crypto_util.h"
 | 
	
		
			
				|  |  | -#include "lib/crypt_ops/crypto_curve25519.h"
 | 
	
		
			
				|  |  | -#include "feature/dircommon/directory.h"
 | 
	
		
			
				|  |  | -#include "feature/dirclient/dirclient.h"
 | 
	
		
			
				|  |  | -#include "feature/dircache/dirserv.h"
 | 
	
		
			
				|  |  | -#include "feature/dirauth/process_descs.h"
 | 
	
		
			
				|  |  | -#include "feature/relay/dns.h"
 | 
	
		
			
				|  |  | -#include "feature/stats/geoip.h"
 | 
	
		
			
				|  |  | -#include "feature/hibernate/hibernate.h"
 | 
	
		
			
				|  |  | +#include "app/config/statefile.h"
 | 
	
		
			
				|  |  |  #include "app/main/main.h"
 | 
	
		
			
				|  |  | +#include "core/mainloop/connection.h"
 | 
	
		
			
				|  |  |  #include "core/mainloop/mainloop.h"
 | 
	
		
			
				|  |  | -#include "feature/nodelist/networkstatus.h"
 | 
	
		
			
				|  |  | -#include "feature/nodelist/nodelist.h"
 | 
	
		
			
				|  |  | +#include "core/mainloop/netstatus.h"
 | 
	
		
			
				|  |  |  #include "core/or/policies.h"
 | 
	
		
			
				|  |  |  #include "core/or/protover.h"
 | 
	
		
			
				|  |  | -#include "core/or/relay.h"
 | 
	
		
			
				|  |  | -#include "feature/stats/rephist.h"
 | 
	
		
			
				|  |  | -#include "feature/relay/router.h"
 | 
	
		
			
				|  |  | -#include "feature/relay/routerkeys.h"
 | 
	
		
			
				|  |  | +#include "feature/client/transports.h"
 | 
	
		
			
				|  |  | +#include "feature/control/control.h"
 | 
	
		
			
				|  |  | +#include "feature/dirauth/process_descs.h"
 | 
	
		
			
				|  |  | +#include "feature/dircache/dirserv.h"
 | 
	
		
			
				|  |  | +#include "feature/dirclient/dirclient.h"
 | 
	
		
			
				|  |  | +#include "feature/dircommon/directory.h"
 | 
	
		
			
				|  |  | +#include "feature/hibernate/hibernate.h"
 | 
	
		
			
				|  |  | +#include "feature/keymgt/loadkey.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/authcert.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/dirlist.h"
 | 
	
		
			
				|  |  | +#include "feature/nodelist/networkstatus.h"
 | 
	
		
			
				|  |  | +#include "feature/nodelist/nickname.h"
 | 
	
		
			
				|  |  | +#include "feature/nodelist/nodelist.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/routerlist.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/routerparse.h"
 | 
	
		
			
				|  |  | -#include "app/config/statefile.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/torcert.h"
 | 
	
		
			
				|  |  | -#include "feature/client/transports.h"
 | 
	
		
			
				|  |  | -#include "feature/nodelist/routerset.h"
 | 
	
		
			
				|  |  | +#include "feature/relay/dns.h"
 | 
	
		
			
				|  |  | +#include "feature/relay/router.h"
 | 
	
		
			
				|  |  | +#include "feature/relay/routerkeys.h"
 | 
	
		
			
				|  |  | +#include "feature/relay/routermode.h"
 | 
	
		
			
				|  |  | +#include "feature/relay/selftest.h"
 | 
	
		
			
				|  |  | +#include "feature/stats/geoip.h"
 | 
	
		
			
				|  |  | +#include "feature/stats/rephist.h"
 | 
	
		
			
				|  |  | +#include "lib/crypt_ops/crypto_ed25519.h"
 | 
	
		
			
				|  |  | +#include "lib/crypt_ops/crypto_format.h"
 | 
	
		
			
				|  |  | +#include "lib/crypt_ops/crypto_init.h"
 | 
	
		
			
				|  |  | +#include "lib/crypt_ops/crypto_rand.h"
 | 
	
		
			
				|  |  | +#include "lib/crypt_ops/crypto_util.h"
 | 
	
		
			
				|  |  | +#include "lib/encoding/confline.h"
 | 
	
		
			
				|  |  | +#include "lib/osinfo/uname.h"
 | 
	
		
			
				|  |  | +#include "lib/tls/tortls.h"
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -#include "feature/dirauth/mode.h"
 | 
	
		
			
				|  |  | +#include "feature/dirauth/authmode.h"
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -#include "feature/nodelist/authority_cert_st.h"
 | 
	
		
			
				|  |  | -#include "core/or/crypt_path_st.h"
 | 
	
		
			
				|  |  | -#include "feature/dircommon/dir_connection_st.h"
 | 
	
		
			
				|  |  | +#include "app/config/or_state_st.h"
 | 
	
		
			
				|  |  | +#include "core/or/port_cfg_st.h"
 | 
	
		
			
				|  |  |  #include "feature/dirclient/dir_server_st.h"
 | 
	
		
			
				|  |  | -#include "core/or/extend_info_st.h"
 | 
	
		
			
				|  |  | +#include "feature/dircommon/dir_connection_st.h"
 | 
	
		
			
				|  |  | +#include "feature/nodelist/authority_cert_st.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/extrainfo_st.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/node_st.h"
 | 
	
		
			
				|  |  | -#include "core/or/origin_circuit_st.h"
 | 
	
		
			
				|  |  | -#include "app/config/or_state_st.h"
 | 
	
		
			
				|  |  | -#include "core/or/port_cfg_st.h"
 | 
	
		
			
				|  |  |  #include "feature/nodelist/routerinfo_st.h"
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -#include "lib/osinfo/uname.h"
 | 
	
		
			
				|  |  | -#include "lib/tls/tortls.h"
 | 
	
		
			
				|  |  | -#include "lib/encoding/confline.h"
 | 
	
		
			
				|  |  | -#include "lib/crypt_ops/crypto_format.h"
 | 
	
		
			
				|  |  | -#include "lib/crypt_ops/crypto_init.h"
 | 
	
		
			
				|  |  | +#include "feature/nodelist/routerstatus_st.h"
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |  /**
 | 
	
		
			
				|  |  |   * \file router.c
 | 
	
	
		
			
				|  | @@ -130,13 +127,6 @@ static authority_cert_t *legacy_key_certificate = NULL;
 | 
	
		
			
				|  |  |   * used by tor-gencert to sign new signing keys and make new key
 | 
	
		
			
				|  |  |   * certificates. */
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -const char *format_node_description(char *buf,
 | 
	
		
			
				|  |  | -                                    const char *id_digest,
 | 
	
		
			
				|  |  | -                                    int is_named,
 | 
	
		
			
				|  |  | -                                    const char *nickname,
 | 
	
		
			
				|  |  | -                                    const tor_addr_t *addr,
 | 
	
		
			
				|  |  | -                                    uint32_t addr32h);
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Return a readonly string with human readable description
 | 
	
		
			
				|  |  |   * of <b>err</b>.
 | 
	
		
			
				|  |  |   */
 | 
	
	
		
			
				|  | @@ -540,85 +530,6 @@ log_new_relay_greeting(void)
 | 
	
		
			
				|  |  |    already_logged = 1;
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Try to read an RSA key from <b>fname</b>.  If <b>fname</b> doesn't exist
 | 
	
		
			
				|  |  | - * and <b>generate</b> is true, create a new RSA key and save it in
 | 
	
		
			
				|  |  | - * <b>fname</b>.  Return the read/created key, or NULL on error.  Log all
 | 
	
		
			
				|  |  | - * errors at level <b>severity</b>. If <b>log_greeting</b> is non-zero and a
 | 
	
		
			
				|  |  | - * new key was created, log_new_relay_greeting() is called.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -crypto_pk_t *
 | 
	
		
			
				|  |  | -init_key_from_file(const char *fname, int generate, int severity,
 | 
	
		
			
				|  |  | -                   int log_greeting)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  crypto_pk_t *prkey = NULL;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!(prkey = crypto_pk_new())) {
 | 
	
		
			
				|  |  | -    tor_log(severity, LD_GENERAL,"Error constructing key");
 | 
	
		
			
				|  |  | -    goto error;
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  switch (file_status(fname)) {
 | 
	
		
			
				|  |  | -    case FN_DIR:
 | 
	
		
			
				|  |  | -    case FN_ERROR:
 | 
	
		
			
				|  |  | -      tor_log(severity, LD_FS,"Can't read key from \"%s\"", fname);
 | 
	
		
			
				|  |  | -      goto error;
 | 
	
		
			
				|  |  | -    /* treat empty key files as if the file doesn't exist, and,
 | 
	
		
			
				|  |  | -     * if generate is set, replace the empty file in
 | 
	
		
			
				|  |  | -     * crypto_pk_write_private_key_to_filename() */
 | 
	
		
			
				|  |  | -    case FN_NOENT:
 | 
	
		
			
				|  |  | -    case FN_EMPTY:
 | 
	
		
			
				|  |  | -      if (generate) {
 | 
	
		
			
				|  |  | -        if (!have_lockfile()) {
 | 
	
		
			
				|  |  | -          if (try_locking(get_options(), 0)<0) {
 | 
	
		
			
				|  |  | -            /* Make sure that --list-fingerprint only creates new keys
 | 
	
		
			
				|  |  | -             * if there is no possibility for a deadlock. */
 | 
	
		
			
				|  |  | -            tor_log(severity, LD_FS, "Another Tor process has locked \"%s\". "
 | 
	
		
			
				|  |  | -                    "Not writing any new keys.", fname);
 | 
	
		
			
				|  |  | -            /*XXXX The 'other process' might make a key in a second or two;
 | 
	
		
			
				|  |  | -             * maybe we should wait for it. */
 | 
	
		
			
				|  |  | -            goto error;
 | 
	
		
			
				|  |  | -          }
 | 
	
		
			
				|  |  | -        }
 | 
	
		
			
				|  |  | -        log_info(LD_GENERAL, "No key found in \"%s\"; generating fresh key.",
 | 
	
		
			
				|  |  | -                 fname);
 | 
	
		
			
				|  |  | -        if (crypto_pk_generate_key(prkey)) {
 | 
	
		
			
				|  |  | -          tor_log(severity, LD_GENERAL,"Error generating onion key");
 | 
	
		
			
				|  |  | -          goto error;
 | 
	
		
			
				|  |  | -        }
 | 
	
		
			
				|  |  | -        if (! crypto_pk_is_valid_private_key(prkey)) {
 | 
	
		
			
				|  |  | -          tor_log(severity, LD_GENERAL,"Generated key seems invalid");
 | 
	
		
			
				|  |  | -          goto error;
 | 
	
		
			
				|  |  | -        }
 | 
	
		
			
				|  |  | -        log_info(LD_GENERAL, "Generated key seems valid");
 | 
	
		
			
				|  |  | -        if (log_greeting) {
 | 
	
		
			
				|  |  | -            log_new_relay_greeting();
 | 
	
		
			
				|  |  | -        }
 | 
	
		
			
				|  |  | -        if (crypto_pk_write_private_key_to_filename(prkey, fname)) {
 | 
	
		
			
				|  |  | -          tor_log(severity, LD_FS,
 | 
	
		
			
				|  |  | -              "Couldn't write generated key to \"%s\".", fname);
 | 
	
		
			
				|  |  | -          goto error;
 | 
	
		
			
				|  |  | -        }
 | 
	
		
			
				|  |  | -      } else {
 | 
	
		
			
				|  |  | -        tor_log(severity, LD_GENERAL, "No key found in \"%s\"", fname);
 | 
	
		
			
				|  |  | -        goto error;
 | 
	
		
			
				|  |  | -      }
 | 
	
		
			
				|  |  | -      return prkey;
 | 
	
		
			
				|  |  | -    case FN_FILE:
 | 
	
		
			
				|  |  | -      if (crypto_pk_read_private_key_from_filename(prkey, fname)) {
 | 
	
		
			
				|  |  | -        tor_log(severity, LD_GENERAL,"Error loading private key.");
 | 
	
		
			
				|  |  | -        goto error;
 | 
	
		
			
				|  |  | -      }
 | 
	
		
			
				|  |  | -      return prkey;
 | 
	
		
			
				|  |  | -    default:
 | 
	
		
			
				|  |  | -      tor_assert(0);
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | - error:
 | 
	
		
			
				|  |  | -  if (prkey)
 | 
	
		
			
				|  |  | -    crypto_pk_free(prkey);
 | 
	
		
			
				|  |  | -  return NULL;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Load a curve25519 keypair from the file <b>fname</b>, writing it into
 | 
	
		
			
				|  |  |   * <b>keys_out</b>.  If the file isn't found, or is empty, and <b>generate</b>
 | 
	
		
			
				|  |  |   * is true, create a new keypair and write it into the file.  If there are
 | 
	
	
		
			
				|  | @@ -708,7 +619,7 @@ load_authority_keyset(int legacy, crypto_pk_t **key_out,
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |    fname = get_keydir_fname(
 | 
	
		
			
				|  |  |                   legacy ? "legacy_signing_key" : "authority_signing_key");
 | 
	
		
			
				|  |  | -  signing_key = init_key_from_file(fname, 0, LOG_ERR, 0);
 | 
	
		
			
				|  |  | +  signing_key = init_key_from_file(fname, 0, LOG_ERR, NULL);
 | 
	
		
			
				|  |  |    if (!signing_key) {
 | 
	
		
			
				|  |  |      log_warn(LD_DIR, "No version 3 directory key found in %s", fname);
 | 
	
		
			
				|  |  |      goto done;
 | 
	
	
		
			
				|  | @@ -1042,9 +953,12 @@ init_keys(void)
 | 
	
		
			
				|  |  |    /* 1b. Read identity key. Make it if none is found. */
 | 
	
		
			
				|  |  |    keydir = get_keydir_fname("secret_id_key");
 | 
	
		
			
				|  |  |    log_info(LD_GENERAL,"Reading/making identity key \"%s\"...",keydir);
 | 
	
		
			
				|  |  | -  prkey = init_key_from_file(keydir, 1, LOG_ERR, 1);
 | 
	
		
			
				|  |  | +  bool created = false;
 | 
	
		
			
				|  |  | +  prkey = init_key_from_file(keydir, 1, LOG_ERR, &created);
 | 
	
		
			
				|  |  |    tor_free(keydir);
 | 
	
		
			
				|  |  |    if (!prkey) return -1;
 | 
	
		
			
				|  |  | +  if (created)
 | 
	
		
			
				|  |  | +    log_new_relay_greeting();
 | 
	
		
			
				|  |  |    set_server_identity_key(prkey);
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  |    /* 1c. If we are configured as a bridge, generate a client key;
 | 
	
	
		
			
				|  | @@ -1070,7 +984,9 @@ init_keys(void)
 | 
	
		
			
				|  |  |    /* 2. Read onion key.  Make it if none is found. */
 | 
	
		
			
				|  |  |    keydir = get_keydir_fname("secret_onion_key");
 | 
	
		
			
				|  |  |    log_info(LD_GENERAL,"Reading/making onion key \"%s\"...",keydir);
 | 
	
		
			
				|  |  | -  prkey = init_key_from_file(keydir, 1, LOG_ERR, 1);
 | 
	
		
			
				|  |  | +  prkey = init_key_from_file(keydir, 1, LOG_ERR, &created);
 | 
	
		
			
				|  |  | +  if (created)
 | 
	
		
			
				|  |  | +    log_new_relay_greeting();
 | 
	
		
			
				|  |  |    tor_free(keydir);
 | 
	
		
			
				|  |  |    if (!prkey) return -1;
 | 
	
		
			
				|  |  |    set_onion_key(prkey);
 | 
	
	
		
			
				|  | @@ -1242,68 +1158,6 @@ init_keys(void)
 | 
	
		
			
				|  |  |    return 0; /* success */
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/* Keep track of whether we should upload our server descriptor,
 | 
	
		
			
				|  |  | - * and what type of server we are.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Whether we can reach our ORPort from the outside. */
 | 
	
		
			
				|  |  | -static int can_reach_or_port = 0;
 | 
	
		
			
				|  |  | -/** Whether we can reach our DirPort from the outside. */
 | 
	
		
			
				|  |  | -static int can_reach_dir_port = 0;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Forget what we have learned about our reachability status. */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_reset_reachability(void)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  can_reach_or_port = can_reach_dir_port = 0;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return 1 if we won't do reachability checks, because:
 | 
	
		
			
				|  |  | - *   - AssumeReachable is set, or
 | 
	
		
			
				|  |  | - *   - the network is disabled.
 | 
	
		
			
				|  |  | - * Otherwise, return 0.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -static int
 | 
	
		
			
				|  |  | -router_reachability_checks_disabled(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return options->AssumeReachable ||
 | 
	
		
			
				|  |  | -         net_is_disabled();
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return 0 if we need to do an ORPort reachability check, because:
 | 
	
		
			
				|  |  | - *   - no reachability check has been done yet, or
 | 
	
		
			
				|  |  | - *   - we've initiated reachability checks, but none have succeeded.
 | 
	
		
			
				|  |  | - *  Return 1 if we don't need to do an ORPort reachability check, because:
 | 
	
		
			
				|  |  | - *   - we've seen a successful reachability check, or
 | 
	
		
			
				|  |  | - *   - AssumeReachable is set, or
 | 
	
		
			
				|  |  | - *   - the network is disabled.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -check_whether_orport_reachable(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  int reach_checks_disabled = router_reachability_checks_disabled(options);
 | 
	
		
			
				|  |  | -  return reach_checks_disabled ||
 | 
	
		
			
				|  |  | -         can_reach_or_port;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return 0 if we need to do a DirPort reachability check, because:
 | 
	
		
			
				|  |  | - *   - no reachability check has been done yet, or
 | 
	
		
			
				|  |  | - *   - we've initiated reachability checks, but none have succeeded.
 | 
	
		
			
				|  |  | - *  Return 1 if we don't need to do a DirPort reachability check, because:
 | 
	
		
			
				|  |  | - *   - we've seen a successful reachability check, or
 | 
	
		
			
				|  |  | - *   - there is no DirPort set, or
 | 
	
		
			
				|  |  | - *   - AssumeReachable is set, or
 | 
	
		
			
				|  |  | - *   - the network is disabled.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -check_whether_dirport_reachable(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  int reach_checks_disabled = router_reachability_checks_disabled(options) ||
 | 
	
		
			
				|  |  | -                              !options->DirPort_set;
 | 
	
		
			
				|  |  | -  return reach_checks_disabled ||
 | 
	
		
			
				|  |  | -         can_reach_dir_port;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** The lower threshold of remaining bandwidth required to advertise (or
 | 
	
		
			
				|  |  |   * automatically provide) directory services */
 | 
	
		
			
				|  |  |  /* XXX Should this be increased? */
 | 
	
	
		
			
				|  | @@ -1312,7 +1166,7 @@ check_whether_dirport_reachable(const or_options_t *options)
 | 
	
		
			
				|  |  |  /** Return true iff we have enough configured bandwidth to advertise or
 | 
	
		
			
				|  |  |   * automatically provide directory services from cache directory
 | 
	
		
			
				|  |  |   * information. */
 | 
	
		
			
				|  |  | -static int
 | 
	
		
			
				|  |  | +int
 | 
	
		
			
				|  |  |  router_has_bandwidth_to_be_dirserver(const or_options_t *options)
 | 
	
		
			
				|  |  |  {
 | 
	
		
			
				|  |  |    if (options->BandwidthRate < MIN_BW_TO_ADVERTISE_DIRSERVER) {
 | 
	
	
		
			
				|  | @@ -1392,19 +1246,6 @@ router_should_be_dirserver(const or_options_t *options, int dir_port)
 | 
	
		
			
				|  |  |    return advertising;
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Return 1 if we are configured to accept either relay or directory requests
 | 
	
		
			
				|  |  | - * from clients and we aren't at risk of exceeding our bandwidth limits, thus
 | 
	
		
			
				|  |  | - * we should be a directory server. If not, return 0.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -dir_server_mode(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (!options->DirCache)
 | 
	
		
			
				|  |  | -    return 0;
 | 
	
		
			
				|  |  | -  return options->DirPort_set ||
 | 
	
		
			
				|  |  | -    (server_mode(options) && router_has_bandwidth_to_be_dirserver(options));
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Look at a variety of factors, and return 0 if we don't want to
 | 
	
		
			
				|  |  |   * advertise the fact that we have a DirPort open or begindir support, else
 | 
	
		
			
				|  |  |   * return 1.
 | 
	
	
		
			
				|  | @@ -1445,7 +1286,7 @@ decide_to_advertise_dir_impl(const or_options_t *options,
 | 
	
		
			
				|  |  |   * advertise the fact that we have a DirPort open, else return the
 | 
	
		
			
				|  |  |   * DirPort we want to advertise.
 | 
	
		
			
				|  |  |   */
 | 
	
		
			
				|  |  | -static int
 | 
	
		
			
				|  |  | +int
 | 
	
		
			
				|  |  |  router_should_advertise_dirport(const or_options_t *options, uint16_t dir_port)
 | 
	
		
			
				|  |  |  {
 | 
	
		
			
				|  |  |    /* supports_tunnelled_dir_requests is not relevant, pass 0 */
 | 
	
	
		
			
				|  | @@ -1464,297 +1305,6 @@ router_should_advertise_begindir(const or_options_t *options,
 | 
	
		
			
				|  |  |                                        supports_tunnelled_dir_requests);
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Allocate and return a new extend_info_t that can be used to build
 | 
	
		
			
				|  |  | - * a circuit to or through the router <b>r</b>. Uses the primary
 | 
	
		
			
				|  |  | - * address of the router, so should only be called on a server. */
 | 
	
		
			
				|  |  | -static extend_info_t *
 | 
	
		
			
				|  |  | -extend_info_from_router(const routerinfo_t *r)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  crypto_pk_t *rsa_pubkey;
 | 
	
		
			
				|  |  | -  extend_info_t *info;
 | 
	
		
			
				|  |  | -  tor_addr_port_t ap;
 | 
	
		
			
				|  |  | -  tor_assert(r);
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  /* Make sure we don't need to check address reachability */
 | 
	
		
			
				|  |  | -  tor_assert_nonfatal(router_skip_or_reachability(get_options(), 0));
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  const ed25519_public_key_t *ed_id_key;
 | 
	
		
			
				|  |  | -  if (r->cache_info.signing_key_cert)
 | 
	
		
			
				|  |  | -    ed_id_key = &r->cache_info.signing_key_cert->signing_key;
 | 
	
		
			
				|  |  | -  else
 | 
	
		
			
				|  |  | -    ed_id_key = NULL;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  router_get_prim_orport(r, &ap);
 | 
	
		
			
				|  |  | -  rsa_pubkey = router_get_rsa_onion_pkey(r->onion_pkey, r->onion_pkey_len);
 | 
	
		
			
				|  |  | -  info = extend_info_new(r->nickname, r->cache_info.identity_digest,
 | 
	
		
			
				|  |  | -                         ed_id_key,
 | 
	
		
			
				|  |  | -                         rsa_pubkey, r->onion_curve25519_pkey,
 | 
	
		
			
				|  |  | -                         &ap.addr, ap.port);
 | 
	
		
			
				|  |  | -  crypto_pk_free(rsa_pubkey);
 | 
	
		
			
				|  |  | -  return info;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/**See if we currently believe our ORPort or DirPort to be
 | 
	
		
			
				|  |  | - * unreachable. If so, return 1 else return 0.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -static int
 | 
	
		
			
				|  |  | -router_should_check_reachability(int test_or, int test_dir)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  const routerinfo_t *me = router_get_my_routerinfo();
 | 
	
		
			
				|  |  | -  const or_options_t *options = get_options();
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!me)
 | 
	
		
			
				|  |  | -    return 0;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (routerset_contains_router(options->ExcludeNodes, me, -1) &&
 | 
	
		
			
				|  |  | -      options->StrictNodes) {
 | 
	
		
			
				|  |  | -    /* If we've excluded ourself, and StrictNodes is set, we can't test
 | 
	
		
			
				|  |  | -     * ourself. */
 | 
	
		
			
				|  |  | -    if (test_or || test_dir) {
 | 
	
		
			
				|  |  | -#define SELF_EXCLUDED_WARN_INTERVAL 3600
 | 
	
		
			
				|  |  | -      static ratelim_t warning_limit=RATELIM_INIT(SELF_EXCLUDED_WARN_INTERVAL);
 | 
	
		
			
				|  |  | -      log_fn_ratelim(&warning_limit, LOG_WARN, LD_CIRC,
 | 
	
		
			
				|  |  | -                 "Can't peform self-tests for this relay: we have "
 | 
	
		
			
				|  |  | -                 "listed ourself in ExcludeNodes, and StrictNodes is set. "
 | 
	
		
			
				|  |  | -                 "We cannot learn whether we are usable, and will not "
 | 
	
		
			
				|  |  | -                 "be able to advertise ourself.");
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -    return 0;
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -  return 1;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Some time has passed, or we just got new directory information.
 | 
	
		
			
				|  |  | - * See if we currently believe our ORPort or DirPort to be
 | 
	
		
			
				|  |  | - * unreachable. If so, launch a new test for it.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * For ORPort, we simply try making a circuit that ends at ourselves.
 | 
	
		
			
				|  |  | - * Success is noticed in onionskin_answer().
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * For DirPort, we make a connection via Tor to our DirPort and ask
 | 
	
		
			
				|  |  | - * for our own server descriptor.
 | 
	
		
			
				|  |  | - * Success is noticed in connection_dir_client_reached_eof().
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_do_reachability_checks(int test_or, int test_dir)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  const routerinfo_t *me = router_get_my_routerinfo();
 | 
	
		
			
				|  |  | -  const or_options_t *options = get_options();
 | 
	
		
			
				|  |  | -  int orport_reachable = check_whether_orport_reachable(options);
 | 
	
		
			
				|  |  | -  tor_addr_t addr;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (router_should_check_reachability(test_or, test_dir)) {
 | 
	
		
			
				|  |  | -    if (test_or && (!orport_reachable || !circuit_enough_testing_circs())) {
 | 
	
		
			
				|  |  | -      extend_info_t *ei = extend_info_from_router(me);
 | 
	
		
			
				|  |  | -      /* XXX IPv6 self testing */
 | 
	
		
			
				|  |  | -      log_info(LD_CIRC, "Testing %s of my ORPort: %s:%d.",
 | 
	
		
			
				|  |  | -               !orport_reachable ? "reachability" : "bandwidth",
 | 
	
		
			
				|  |  | -               fmt_addr32(me->addr), me->or_port);
 | 
	
		
			
				|  |  | -      circuit_launch_by_extend_info(CIRCUIT_PURPOSE_TESTING, ei,
 | 
	
		
			
				|  |  | -                              CIRCLAUNCH_NEED_CAPACITY|CIRCLAUNCH_IS_INTERNAL);
 | 
	
		
			
				|  |  | -      extend_info_free(ei);
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -    /* XXX IPv6 self testing */
 | 
	
		
			
				|  |  | -    tor_addr_from_ipv4h(&addr, me->addr);
 | 
	
		
			
				|  |  | -    if (test_dir && !check_whether_dirport_reachable(options) &&
 | 
	
		
			
				|  |  | -        !connection_get_by_type_addr_port_purpose(
 | 
	
		
			
				|  |  | -                  CONN_TYPE_DIR, &addr, me->dir_port,
 | 
	
		
			
				|  |  | -                  DIR_PURPOSE_FETCH_SERVERDESC)) {
 | 
	
		
			
				|  |  | -      tor_addr_port_t my_orport, my_dirport;
 | 
	
		
			
				|  |  | -      memcpy(&my_orport.addr, &addr, sizeof(addr));
 | 
	
		
			
				|  |  | -      memcpy(&my_dirport.addr, &addr, sizeof(addr));
 | 
	
		
			
				|  |  | -      my_orport.port = me->or_port;
 | 
	
		
			
				|  |  | -      my_dirport.port = me->dir_port;
 | 
	
		
			
				|  |  | -      /* ask myself, via tor, for my server descriptor. */
 | 
	
		
			
				|  |  | -      directory_request_t *req =
 | 
	
		
			
				|  |  | -        directory_request_new(DIR_PURPOSE_FETCH_SERVERDESC);
 | 
	
		
			
				|  |  | -      directory_request_set_or_addr_port(req, &my_orport);
 | 
	
		
			
				|  |  | -      directory_request_set_dir_addr_port(req, &my_dirport);
 | 
	
		
			
				|  |  | -      directory_request_set_directory_id_digest(req,
 | 
	
		
			
				|  |  | -                                              me->cache_info.identity_digest);
 | 
	
		
			
				|  |  | -      // ask via an anon circuit, connecting to our dirport.
 | 
	
		
			
				|  |  | -      directory_request_set_indirection(req, DIRIND_ANON_DIRPORT);
 | 
	
		
			
				|  |  | -      directory_request_set_resource(req, "authority.z");
 | 
	
		
			
				|  |  | -      directory_initiate_request(req);
 | 
	
		
			
				|  |  | -      directory_request_free(req);
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Annotate that we found our ORPort reachable. */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_orport_found_reachable(void)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  const routerinfo_t *me = router_get_my_routerinfo();
 | 
	
		
			
				|  |  | -  const or_options_t *options = get_options();
 | 
	
		
			
				|  |  | -  if (!can_reach_or_port && me) {
 | 
	
		
			
				|  |  | -    char *address = tor_dup_ip(me->addr);
 | 
	
		
			
				|  |  | -    log_notice(LD_OR,"Self-testing indicates your ORPort is reachable from "
 | 
	
		
			
				|  |  | -               "the outside. Excellent.%s",
 | 
	
		
			
				|  |  | -               options->PublishServerDescriptor_ != NO_DIRINFO
 | 
	
		
			
				|  |  | -               && check_whether_dirport_reachable(options) ?
 | 
	
		
			
				|  |  | -                 " Publishing server descriptor." : "");
 | 
	
		
			
				|  |  | -    can_reach_or_port = 1;
 | 
	
		
			
				|  |  | -    mark_my_descriptor_dirty("ORPort found reachable");
 | 
	
		
			
				|  |  | -    /* This is a significant enough change to upload immediately,
 | 
	
		
			
				|  |  | -     * at least in a test network */
 | 
	
		
			
				|  |  | -    if (options->TestingTorNetwork == 1) {
 | 
	
		
			
				|  |  | -      reschedule_descriptor_update_check();
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -    control_event_server_status(LOG_NOTICE,
 | 
	
		
			
				|  |  | -                                "REACHABILITY_SUCCEEDED ORADDRESS=%s:%d",
 | 
	
		
			
				|  |  | -                                address, me->or_port);
 | 
	
		
			
				|  |  | -    tor_free(address);
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Annotate that we found our DirPort reachable. */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_dirport_found_reachable(void)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  const routerinfo_t *me = router_get_my_routerinfo();
 | 
	
		
			
				|  |  | -  const or_options_t *options = get_options();
 | 
	
		
			
				|  |  | -  if (!can_reach_dir_port && me) {
 | 
	
		
			
				|  |  | -    char *address = tor_dup_ip(me->addr);
 | 
	
		
			
				|  |  | -    log_notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable "
 | 
	
		
			
				|  |  | -               "from the outside. Excellent.%s",
 | 
	
		
			
				|  |  | -               options->PublishServerDescriptor_ != NO_DIRINFO
 | 
	
		
			
				|  |  | -               && check_whether_orport_reachable(options) ?
 | 
	
		
			
				|  |  | -               " Publishing server descriptor." : "");
 | 
	
		
			
				|  |  | -    can_reach_dir_port = 1;
 | 
	
		
			
				|  |  | -    if (router_should_advertise_dirport(options, me->dir_port)) {
 | 
	
		
			
				|  |  | -      mark_my_descriptor_dirty("DirPort found reachable");
 | 
	
		
			
				|  |  | -      /* This is a significant enough change to upload immediately,
 | 
	
		
			
				|  |  | -       * at least in a test network */
 | 
	
		
			
				|  |  | -      if (options->TestingTorNetwork == 1) {
 | 
	
		
			
				|  |  | -        reschedule_descriptor_update_check();
 | 
	
		
			
				|  |  | -      }
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -    control_event_server_status(LOG_NOTICE,
 | 
	
		
			
				|  |  | -                                "REACHABILITY_SUCCEEDED DIRADDRESS=%s:%d",
 | 
	
		
			
				|  |  | -                                address, me->dir_port);
 | 
	
		
			
				|  |  | -    tor_free(address);
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** We have enough testing circuits open. Send a bunch of "drop"
 | 
	
		
			
				|  |  | - * cells down each of them, to exercise our bandwidth. */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_perform_bandwidth_test(int num_circs, time_t now)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  int num_cells = (int)(get_options()->BandwidthRate * 10 /
 | 
	
		
			
				|  |  | -                        CELL_MAX_NETWORK_SIZE);
 | 
	
		
			
				|  |  | -  int max_cells = num_cells < CIRCWINDOW_START ?
 | 
	
		
			
				|  |  | -                    num_cells : CIRCWINDOW_START;
 | 
	
		
			
				|  |  | -  int cells_per_circuit = max_cells / num_circs;
 | 
	
		
			
				|  |  | -  origin_circuit_t *circ = NULL;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  log_notice(LD_OR,"Performing bandwidth self-test...done.");
 | 
	
		
			
				|  |  | -  while ((circ = circuit_get_next_by_pk_and_purpose(circ, NULL,
 | 
	
		
			
				|  |  | -                                              CIRCUIT_PURPOSE_TESTING))) {
 | 
	
		
			
				|  |  | -    /* dump cells_per_circuit drop cells onto this circ */
 | 
	
		
			
				|  |  | -    int i = cells_per_circuit;
 | 
	
		
			
				|  |  | -    if (circ->base_.state != CIRCUIT_STATE_OPEN)
 | 
	
		
			
				|  |  | -      continue;
 | 
	
		
			
				|  |  | -    circ->base_.timestamp_dirty = now;
 | 
	
		
			
				|  |  | -    while (i-- > 0) {
 | 
	
		
			
				|  |  | -      if (relay_send_command_from_edge(0, TO_CIRCUIT(circ),
 | 
	
		
			
				|  |  | -                                       RELAY_COMMAND_DROP,
 | 
	
		
			
				|  |  | -                                       NULL, 0, circ->cpath->prev)<0) {
 | 
	
		
			
				|  |  | -        return; /* stop if error */
 | 
	
		
			
				|  |  | -      }
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff our network is in some sense disabled or shutting down:
 | 
	
		
			
				|  |  | - * either we're hibernating, entering hibernation, or the network is turned
 | 
	
		
			
				|  |  | - * off with DisableNetwork. */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -net_is_disabled(void)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return get_options()->DisableNetwork || we_are_hibernating();
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff our network is in some sense "completely disabled" either
 | 
	
		
			
				|  |  | - * we're fully hibernating or the network is turned off with
 | 
	
		
			
				|  |  | - * DisableNetwork. */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -net_is_completely_disabled(void)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return get_options()->DisableNetwork || we_are_fully_hibernating();
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff we believe ourselves to be an authoritative
 | 
	
		
			
				|  |  | - * directory server.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -authdir_mode(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return options->AuthoritativeDir != 0;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -/** Return true iff we are an authoritative directory server that is
 | 
	
		
			
				|  |  | - * authoritative about receiving and serving descriptors of type
 | 
	
		
			
				|  |  | - * <b>purpose</b> on its dirport.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -authdir_mode_handles_descs(const or_options_t *options, int purpose)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (BUG(purpose < 0)) /* Deprecated. */
 | 
	
		
			
				|  |  | -    return authdir_mode(options);
 | 
	
		
			
				|  |  | -  else if (purpose == ROUTER_PURPOSE_GENERAL)
 | 
	
		
			
				|  |  | -    return authdir_mode_v3(options);
 | 
	
		
			
				|  |  | -  else if (purpose == ROUTER_PURPOSE_BRIDGE)
 | 
	
		
			
				|  |  | -    return authdir_mode_bridge(options);
 | 
	
		
			
				|  |  | -  else
 | 
	
		
			
				|  |  | -    return 0;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -/** Return true iff we are an authoritative directory server that
 | 
	
		
			
				|  |  | - * publishes its own network statuses.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -authdir_mode_publishes_statuses(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (authdir_mode_bridge(options))
 | 
	
		
			
				|  |  | -    return 0;
 | 
	
		
			
				|  |  | -  return authdir_mode(options);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -/** Return true iff we are an authoritative directory server that
 | 
	
		
			
				|  |  | - * tests reachability of the descriptors it learns about.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -authdir_mode_tests_reachability(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return authdir_mode(options);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -/** Return true iff we believe ourselves to be a bridge authoritative
 | 
	
		
			
				|  |  | - * directory server.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -authdir_mode_bridge(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return authdir_mode(options) && options->BridgeAuthoritativeDir != 0;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff we are trying to be a server.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -MOCK_IMPL(int,
 | 
	
		
			
				|  |  | -server_mode,(const or_options_t *options))
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (options->ClientOnly) return 0;
 | 
	
		
			
				|  |  | -  return (options->ORPort_set);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff we are trying to be a non-bridge server.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -MOCK_IMPL(int,
 | 
	
		
			
				|  |  | -public_server_mode,(const or_options_t *options))
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (!server_mode(options)) return 0;
 | 
	
		
			
				|  |  | -  return (!options->BridgeRelay);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Return true iff the combination of options in <b>options</b> and parameters
 | 
	
		
			
				|  |  |   * in the consensus mean that we don't want to allow exits from circuits
 | 
	
		
			
				|  |  |   * we got from addresses not known to be servers. */
 | 
	
	
		
			
				|  | @@ -1768,42 +1318,6 @@ should_refuse_unknown_exits(const or_options_t *options)
 | 
	
		
			
				|  |  |    }
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Remember if we've advertised ourselves to the dirservers. */
 | 
	
		
			
				|  |  | -static int server_is_advertised=0;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff we have published our descriptor lately.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -MOCK_IMPL(int,
 | 
	
		
			
				|  |  | -advertised_server_mode,(void))
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return server_is_advertised;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/**
 | 
	
		
			
				|  |  | - * Called with a boolean: set whether we have recently published our
 | 
	
		
			
				|  |  | - * descriptor.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -static void
 | 
	
		
			
				|  |  | -set_server_advertised(int s)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  server_is_advertised = s;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff we are trying to proxy client connections. */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -proxy_mode(const or_options_t *options)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  (void)options;
 | 
	
		
			
				|  |  | -  SMARTLIST_FOREACH_BEGIN(get_configured_ports(), const port_cfg_t *, p) {
 | 
	
		
			
				|  |  | -    if (p->type == CONN_TYPE_AP_LISTENER ||
 | 
	
		
			
				|  |  | -        p->type == CONN_TYPE_AP_TRANS_LISTENER ||
 | 
	
		
			
				|  |  | -        p->type == CONN_TYPE_AP_DNS_LISTENER ||
 | 
	
		
			
				|  |  | -        p->type == CONN_TYPE_AP_NATD_LISTENER)
 | 
	
		
			
				|  |  | -      return 1;
 | 
	
		
			
				|  |  | -  } SMARTLIST_FOREACH_END(p);
 | 
	
		
			
				|  |  | -  return 0;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Decide if we're a publishable server. We are a publishable server if:
 | 
	
		
			
				|  |  |   * - We don't have the ClientOnly option set
 | 
	
		
			
				|  |  |   * and
 | 
	
	
		
			
				|  | @@ -3267,36 +2781,6 @@ router_dump_exit_policy_to_string(const routerinfo_t *router,
 | 
	
		
			
				|  |  |                                 include_ipv6);
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Copy the primary (IPv4) OR port (IP address and TCP port) for
 | 
	
		
			
				|  |  | - * <b>router</b> into *<b>ap_out</b>. */
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_get_prim_orport(const routerinfo_t *router, tor_addr_port_t *ap_out)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  tor_assert(ap_out != NULL);
 | 
	
		
			
				|  |  | -  tor_addr_from_ipv4h(&ap_out->addr, router->addr);
 | 
	
		
			
				|  |  | -  ap_out->port = router->or_port;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return 1 if any of <b>router</b>'s addresses are <b>addr</b>.
 | 
	
		
			
				|  |  | - *   Otherwise return 0. */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -router_has_addr(const routerinfo_t *router, const tor_addr_t *addr)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return
 | 
	
		
			
				|  |  | -    tor_addr_eq_ipv4h(addr, router->addr) ||
 | 
	
		
			
				|  |  | -    tor_addr_eq(&router->ipv6_addr, addr);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -router_has_orport(const routerinfo_t *router, const tor_addr_port_t *orport)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  return
 | 
	
		
			
				|  |  | -    (tor_addr_eq_ipv4h(&orport->addr, router->addr) &&
 | 
	
		
			
				|  |  | -     orport->port == router->or_port) ||
 | 
	
		
			
				|  |  | -    (tor_addr_eq(&orport->addr, &router->ipv6_addr) &&
 | 
	
		
			
				|  |  | -     orport->port == router->ipv6_orport);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Load the contents of <b>filename</b>, find the last line starting with
 | 
	
		
			
				|  |  |   * <b>end_line</b>, ensure that its timestamp is not more than 25 hours in
 | 
	
		
			
				|  |  |   * the past or more than 1 hour in the future with respect to <b>now</b>,
 | 
	
	
		
			
				|  | @@ -3566,219 +3050,6 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo,
 | 
	
		
			
				|  |  |    return result;
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Return true iff <b>s</b> is a valid server nickname. (That is, a string
 | 
	
		
			
				|  |  | - * containing between 1 and MAX_NICKNAME_LEN characters from
 | 
	
		
			
				|  |  | - * LEGAL_NICKNAME_CHARACTERS.) */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -is_legal_nickname(const char *s)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  size_t len;
 | 
	
		
			
				|  |  | -  tor_assert(s);
 | 
	
		
			
				|  |  | -  len = strlen(s);
 | 
	
		
			
				|  |  | -  return len > 0 && len <= MAX_NICKNAME_LEN &&
 | 
	
		
			
				|  |  | -    strspn(s,LEGAL_NICKNAME_CHARACTERS) == len;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff <b>s</b> is a valid server nickname or
 | 
	
		
			
				|  |  | - * hex-encoded identity-key digest. */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -is_legal_nickname_or_hexdigest(const char *s)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (*s!='$')
 | 
	
		
			
				|  |  | -    return is_legal_nickname(s);
 | 
	
		
			
				|  |  | -  else
 | 
	
		
			
				|  |  | -    return is_legal_hexdigest(s);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return true iff <b>s</b> is a valid hex-encoded identity-key
 | 
	
		
			
				|  |  | - * digest. (That is, an optional $, followed by 40 hex characters,
 | 
	
		
			
				|  |  | - * followed by either nothing, or = or ~ followed by a nickname, or
 | 
	
		
			
				|  |  | - * a character other than =, ~, or a hex character.)
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -int
 | 
	
		
			
				|  |  | -is_legal_hexdigest(const char *s)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  size_t len;
 | 
	
		
			
				|  |  | -  tor_assert(s);
 | 
	
		
			
				|  |  | -  if (s[0] == '$') s++;
 | 
	
		
			
				|  |  | -  len = strlen(s);
 | 
	
		
			
				|  |  | -  if (len > HEX_DIGEST_LEN) {
 | 
	
		
			
				|  |  | -    if (s[HEX_DIGEST_LEN] == '=' ||
 | 
	
		
			
				|  |  | -        s[HEX_DIGEST_LEN] == '~') {
 | 
	
		
			
				|  |  | -      if (!is_legal_nickname(s+HEX_DIGEST_LEN+1))
 | 
	
		
			
				|  |  | -        return 0;
 | 
	
		
			
				|  |  | -    } else {
 | 
	
		
			
				|  |  | -      return 0;
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -  return (len >= HEX_DIGEST_LEN &&
 | 
	
		
			
				|  |  | -          strspn(s,HEX_CHARACTERS)==HEX_DIGEST_LEN);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/**
 | 
	
		
			
				|  |  | - * Longest allowed output of format_node_description, plus 1 character for
 | 
	
		
			
				|  |  | - * NUL.  This allows space for:
 | 
	
		
			
				|  |  | - * "$FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF~xxxxxxxxxxxxxxxxxxx at"
 | 
	
		
			
				|  |  | - * " [ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255]"
 | 
	
		
			
				|  |  | - * plus a terminating NUL.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -#define NODE_DESC_BUF_LEN (MAX_VERBOSE_NICKNAME_LEN+4+TOR_ADDR_BUF_LEN)
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Use <b>buf</b> (which must be at least NODE_DESC_BUF_LEN bytes long) to
 | 
	
		
			
				|  |  | - * hold a human-readable description of a node with identity digest
 | 
	
		
			
				|  |  | - * <b>id_digest</b>, named-status <b>is_named</b>, nickname <b>nickname</b>,
 | 
	
		
			
				|  |  | - * and address <b>addr</b> or <b>addr32h</b>.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * The <b>nickname</b> and <b>addr</b> fields are optional and may be set to
 | 
	
		
			
				|  |  | - * NULL.  The <b>addr32h</b> field is optional and may be set to 0.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * Return a pointer to the front of <b>buf</b>.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -format_node_description(char *buf,
 | 
	
		
			
				|  |  | -                        const char *id_digest,
 | 
	
		
			
				|  |  | -                        int is_named,
 | 
	
		
			
				|  |  | -                        const char *nickname,
 | 
	
		
			
				|  |  | -                        const tor_addr_t *addr,
 | 
	
		
			
				|  |  | -                        uint32_t addr32h)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  char *cp;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!buf)
 | 
	
		
			
				|  |  | -    return "<NULL BUFFER>";
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  buf[0] = '$';
 | 
	
		
			
				|  |  | -  base16_encode(buf+1, HEX_DIGEST_LEN+1, id_digest, DIGEST_LEN);
 | 
	
		
			
				|  |  | -  cp = buf+1+HEX_DIGEST_LEN;
 | 
	
		
			
				|  |  | -  if (nickname) {
 | 
	
		
			
				|  |  | -    buf[1+HEX_DIGEST_LEN] = is_named ? '=' : '~';
 | 
	
		
			
				|  |  | -    strlcpy(buf+1+HEX_DIGEST_LEN+1, nickname, MAX_NICKNAME_LEN+1);
 | 
	
		
			
				|  |  | -    cp += strlen(cp);
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -  if (addr32h || addr) {
 | 
	
		
			
				|  |  | -    memcpy(cp, " at ", 4);
 | 
	
		
			
				|  |  | -    cp += 4;
 | 
	
		
			
				|  |  | -    if (addr) {
 | 
	
		
			
				|  |  | -      tor_addr_to_str(cp, addr, TOR_ADDR_BUF_LEN, 0);
 | 
	
		
			
				|  |  | -    } else {
 | 
	
		
			
				|  |  | -      struct in_addr in;
 | 
	
		
			
				|  |  | -      in.s_addr = htonl(addr32h);
 | 
	
		
			
				|  |  | -      tor_inet_ntoa(&in, cp, INET_NTOA_BUF_LEN);
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -  return buf;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return a human-readable description of the routerinfo_t <b>ri</b>.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * This function is not thread-safe.  Each call to this function invalidates
 | 
	
		
			
				|  |  | - * previous values returned by this function.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -router_describe(const routerinfo_t *ri)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  static char buf[NODE_DESC_BUF_LEN];
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!ri)
 | 
	
		
			
				|  |  | -    return "<null>";
 | 
	
		
			
				|  |  | -  return format_node_description(buf,
 | 
	
		
			
				|  |  | -                                 ri->cache_info.identity_digest,
 | 
	
		
			
				|  |  | -                                 0,
 | 
	
		
			
				|  |  | -                                 ri->nickname,
 | 
	
		
			
				|  |  | -                                 NULL,
 | 
	
		
			
				|  |  | -                                 ri->addr);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return a human-readable description of the node_t <b>node</b>.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * This function is not thread-safe.  Each call to this function invalidates
 | 
	
		
			
				|  |  | - * previous values returned by this function.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -node_describe(const node_t *node)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  static char buf[NODE_DESC_BUF_LEN];
 | 
	
		
			
				|  |  | -  const char *nickname = NULL;
 | 
	
		
			
				|  |  | -  uint32_t addr32h = 0;
 | 
	
		
			
				|  |  | -  int is_named = 0;
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!node)
 | 
	
		
			
				|  |  | -    return "<null>";
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (node->rs) {
 | 
	
		
			
				|  |  | -    nickname = node->rs->nickname;
 | 
	
		
			
				|  |  | -    is_named = node->rs->is_named;
 | 
	
		
			
				|  |  | -    addr32h = node->rs->addr;
 | 
	
		
			
				|  |  | -  } else if (node->ri) {
 | 
	
		
			
				|  |  | -    nickname = node->ri->nickname;
 | 
	
		
			
				|  |  | -    addr32h = node->ri->addr;
 | 
	
		
			
				|  |  | -  }
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  return format_node_description(buf,
 | 
	
		
			
				|  |  | -                                 node->identity,
 | 
	
		
			
				|  |  | -                                 is_named,
 | 
	
		
			
				|  |  | -                                 nickname,
 | 
	
		
			
				|  |  | -                                 NULL,
 | 
	
		
			
				|  |  | -                                 addr32h);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return a human-readable description of the routerstatus_t <b>rs</b>.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * This function is not thread-safe.  Each call to this function invalidates
 | 
	
		
			
				|  |  | - * previous values returned by this function.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -routerstatus_describe(const routerstatus_t *rs)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  static char buf[NODE_DESC_BUF_LEN];
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!rs)
 | 
	
		
			
				|  |  | -    return "<null>";
 | 
	
		
			
				|  |  | -  return format_node_description(buf,
 | 
	
		
			
				|  |  | -                                 rs->identity_digest,
 | 
	
		
			
				|  |  | -                                 rs->is_named,
 | 
	
		
			
				|  |  | -                                 rs->nickname,
 | 
	
		
			
				|  |  | -                                 NULL,
 | 
	
		
			
				|  |  | -                                 rs->addr);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return a human-readable description of the extend_info_t <b>ei</b>.
 | 
	
		
			
				|  |  | - *
 | 
	
		
			
				|  |  | - * This function is not thread-safe.  Each call to this function invalidates
 | 
	
		
			
				|  |  | - * previous values returned by this function.
 | 
	
		
			
				|  |  | - */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -extend_info_describe(const extend_info_t *ei)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  static char buf[NODE_DESC_BUF_LEN];
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -  if (!ei)
 | 
	
		
			
				|  |  | -    return "<null>";
 | 
	
		
			
				|  |  | -  return format_node_description(buf,
 | 
	
		
			
				|  |  | -                                 ei->identity_digest,
 | 
	
		
			
				|  |  | -                                 0,
 | 
	
		
			
				|  |  | -                                 ei->nickname,
 | 
	
		
			
				|  |  | -                                 &ei->addr,
 | 
	
		
			
				|  |  | -                                 0);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Set <b>buf</b> (which must have MAX_VERBOSE_NICKNAME_LEN+1 bytes) to the
 | 
	
		
			
				|  |  | - * verbose representation of the identity of <b>router</b>.  The format is:
 | 
	
		
			
				|  |  | - *  A dollar sign.
 | 
	
		
			
				|  |  | - *  The upper-case hexadecimal encoding of the SHA1 hash of router's identity.
 | 
	
		
			
				|  |  | - *  A "=" if the router is named (no longer implemented); a "~" if it is not.
 | 
	
		
			
				|  |  | - *  The router's nickname.
 | 
	
		
			
				|  |  | - **/
 | 
	
		
			
				|  |  | -void
 | 
	
		
			
				|  |  | -router_get_verbose_nickname(char *buf, const routerinfo_t *router)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  buf[0] = '$';
 | 
	
		
			
				|  |  | -  base16_encode(buf+1, HEX_DIGEST_LEN+1, router->cache_info.identity_digest,
 | 
	
		
			
				|  |  | -                DIGEST_LEN);
 | 
	
		
			
				|  |  | -  buf[1+HEX_DIGEST_LEN] = '~';
 | 
	
		
			
				|  |  | -  strlcpy(buf+1+HEX_DIGEST_LEN+1, router->nickname, MAX_NICKNAME_LEN+1);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Forget that we have issued any router-related warnings, so that we'll
 | 
	
		
			
				|  |  |   * warn again if we see the same errors. */
 | 
	
		
			
				|  |  |  void
 | 
	
	
		
			
				|  | @@ -3790,37 +3061,6 @@ router_reset_warnings(void)
 | 
	
		
			
				|  |  |    }
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  |  
 | 
	
		
			
				|  |  | -/** Given a router purpose, convert it to a string.  Don't call this on
 | 
	
		
			
				|  |  | - * ROUTER_PURPOSE_UNKNOWN: The whole point of that value is that we don't
 | 
	
		
			
				|  |  | - * know its string representation. */
 | 
	
		
			
				|  |  | -const char *
 | 
	
		
			
				|  |  | -router_purpose_to_string(uint8_t p)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  switch (p)
 | 
	
		
			
				|  |  | -    {
 | 
	
		
			
				|  |  | -    case ROUTER_PURPOSE_GENERAL: return "general";
 | 
	
		
			
				|  |  | -    case ROUTER_PURPOSE_BRIDGE: return "bridge";
 | 
	
		
			
				|  |  | -    case ROUTER_PURPOSE_CONTROLLER: return "controller";
 | 
	
		
			
				|  |  | -    default:
 | 
	
		
			
				|  |  | -      tor_assert(0);
 | 
	
		
			
				|  |  | -    }
 | 
	
		
			
				|  |  | -  return NULL;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Given a string, convert it to a router purpose. */
 | 
	
		
			
				|  |  | -uint8_t
 | 
	
		
			
				|  |  | -router_purpose_from_string(const char *s)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  if (!strcmp(s, "general"))
 | 
	
		
			
				|  |  | -    return ROUTER_PURPOSE_GENERAL;
 | 
	
		
			
				|  |  | -  else if (!strcmp(s, "bridge"))
 | 
	
		
			
				|  |  | -    return ROUTER_PURPOSE_BRIDGE;
 | 
	
		
			
				|  |  | -  else if (!strcmp(s, "controller"))
 | 
	
		
			
				|  |  | -    return ROUTER_PURPOSE_CONTROLLER;
 | 
	
		
			
				|  |  | -  else
 | 
	
		
			
				|  |  | -    return ROUTER_PURPOSE_UNKNOWN;
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /** Release all static resources held in router.c */
 | 
	
		
			
				|  |  |  void
 | 
	
		
			
				|  |  |  router_free_all(void)
 | 
	
	
		
			
				|  | @@ -3846,22 +3086,6 @@ router_free_all(void)
 | 
	
		
			
				|  |  |      smartlist_free(warned_nonexistent_family);
 | 
	
		
			
				|  |  |    }
 | 
	
		
			
				|  |  |  }
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  | -/** Return a smartlist of tor_addr_port_t's with all the OR ports of
 | 
	
		
			
				|  |  | -    <b>ri</b>. Note that freeing of the items in the list as well as
 | 
	
		
			
				|  |  | -    the smartlist itself is the callers responsibility. */
 | 
	
		
			
				|  |  | -smartlist_t *
 | 
	
		
			
				|  |  | -router_get_all_orports(const routerinfo_t *ri)
 | 
	
		
			
				|  |  | -{
 | 
	
		
			
				|  |  | -  tor_assert(ri);
 | 
	
		
			
				|  |  | -  node_t fake_node;
 | 
	
		
			
				|  |  | -  memset(&fake_node, 0, sizeof(fake_node));
 | 
	
		
			
				|  |  | -  /* we don't modify ri, fake_node is passed as a const node_t *
 | 
	
		
			
				|  |  | -   */
 | 
	
		
			
				|  |  | -  fake_node.ri = (routerinfo_t *)ri;
 | 
	
		
			
				|  |  | -  return node_get_all_orports(&fake_node);
 | 
	
		
			
				|  |  | -}
 | 
	
		
			
				|  |  | -
 | 
	
		
			
				|  |  |  /* From the given RSA key object, convert it to ASN-1 encoded format and set
 | 
	
		
			
				|  |  |   * the newly allocated object in onion_pkey_out. The length of the key is set
 | 
	
		
			
				|  |  |   * in onion_pkey_len_out. */
 |