#![cfg_attr(docsrs, feature(doc_auto_cfg, doc_cfg))]
#![doc = include_str!("../README.md")]
#![cfg_attr(not(ci_arti_stable), allow(renamed_and_removed_lints))]
#![cfg_attr(not(ci_arti_nightly), allow(unknown_lints))]
#![deny(missing_docs)]
#![warn(noop_method_call)]
#![deny(unreachable_pub)]
#![warn(clippy::all)]
#![deny(clippy::await_holding_lock)]
#![deny(clippy::cargo_common_metadata)]
#![deny(clippy::cast_lossless)]
#![deny(clippy::checked_conversions)]
#![warn(clippy::cognitive_complexity)]
#![deny(clippy::debug_assert_with_mut_call)]
#![deny(clippy::exhaustive_enums)]
#![deny(clippy::exhaustive_structs)]
#![deny(clippy::expl_impl_clone_on_copy)]
#![deny(clippy::fallible_impl_from)]
#![deny(clippy::implicit_clone)]
#![deny(clippy::large_stack_arrays)]
#![warn(clippy::manual_ok_or)]
#![deny(clippy::missing_docs_in_private_items)]
#![deny(clippy::missing_panics_doc)]
#![warn(clippy::needless_borrow)]
#![warn(clippy::needless_pass_by_value)]
#![warn(clippy::option_option)]
#![warn(clippy::rc_buffer)]
#![deny(clippy::ref_option_ref)]
#![warn(clippy::semicolon_if_nothing_returned)]
#![warn(clippy::trait_duplication_in_bounds)]
#![deny(clippy::unnecessary_wraps)]
#![warn(clippy::unseparated_literal_suffix)]
#![deny(clippy::unwrap_used)]
#![allow(clippy::let_unit_value)] #![allow(clippy::significant_drop_in_scrutinee)] #![allow(clippy::result_large_err)]
mod err;
pub mod params;
mod weight;
#[cfg(any(test, feature = "testing"))]
pub mod testnet;
#[cfg(feature = "testing")]
pub mod testprovider;
use static_assertions::const_assert;
use tor_linkspec::{
ChanTarget, DirectChanMethodsHelper, HasAddrs, HasRelayIds, RelayIdRef, RelayIdType,
};
use tor_llcrypto as ll;
use tor_llcrypto::pk::{ed25519::Ed25519Identity, rsa::RsaIdentity};
use tor_netdoc::doc::microdesc::{MdDigest, Microdesc};
use tor_netdoc::doc::netstatus::{self, MdConsensus, RouterStatus};
use tor_netdoc::types::policy::PortPolicy;
use futures::stream::BoxStream;
use num_enum::{IntoPrimitive, TryFromPrimitive};
use serde::Deserialize;
use std::collections::HashMap;
use std::net::IpAddr;
use std::ops::Deref;
use std::sync::Arc;
use strum::{EnumCount, EnumIter};
use tracing::warn;
pub use err::Error;
pub use weight::WeightRole;
pub type Result<T> = std::result::Result<T, Error>;
use params::NetParameters;
#[derive(Deserialize, Debug, Clone, Copy)]
#[serde(deny_unknown_fields)]
pub struct SubnetConfig {
subnets_family_v4: u8,
subnets_family_v6: u8,
}
impl Default for SubnetConfig {
fn default() -> Self {
Self::new(16, 32)
}
}
impl SubnetConfig {
pub fn new(subnets_family_v4: u8, subnets_family_v6: u8) -> Self {
Self {
subnets_family_v4,
subnets_family_v6,
}
}
pub fn addrs_in_same_subnet(&self, a: &IpAddr, b: &IpAddr) -> bool {
match (a, b) {
(IpAddr::V4(a), IpAddr::V4(b)) => {
let bits = self.subnets_family_v4;
if bits > 32 {
return false;
}
let a = u32::from_be_bytes(a.octets());
let b = u32::from_be_bytes(b.octets());
(a >> (32 - bits)) == (b >> (32 - bits))
}
(IpAddr::V6(a), IpAddr::V6(b)) => {
let bits = self.subnets_family_v6;
if bits > 128 {
return false;
}
let a = u128::from_be_bytes(a.octets());
let b = u128::from_be_bytes(b.octets());
(a >> (128 - bits)) == (b >> (128 - bits))
}
_ => false,
}
}
pub fn any_addrs_in_same_subnet<T, U>(&self, a: &T, b: &U) -> bool
where
T: tor_linkspec::HasAddrs,
U: tor_linkspec::HasAddrs,
{
a.addrs().iter().any(|aa| {
b.addrs()
.iter()
.any(|bb| self.addrs_in_same_subnet(&aa.ip(), &bb.ip()))
})
}
}
#[derive(
Copy,
Clone,
Debug,
derive_more::Add,
derive_more::Sum,
derive_more::AddAssign,
Eq,
PartialEq,
Ord,
PartialOrd,
)]
pub struct RelayWeight(u64);
impl RelayWeight {
pub fn checked_div(&self, rhs: RelayWeight) -> Option<f64> {
if rhs.0 == 0 {
None
} else {
Some((self.0 as f64) / (rhs.0 as f64))
}
}
pub fn ratio(&self, frac: f64) -> Option<RelayWeight> {
let product = (self.0 as f64) * frac;
if product >= 0.0 && product.is_finite() {
Some(RelayWeight(product as u64))
} else {
None
}
}
}
impl From<u64> for RelayWeight {
fn from(val: u64) -> Self {
RelayWeight(val)
}
}
#[derive(Debug, Clone)]
pub struct NetDir {
consensus: Arc<MdConsensus>,
params: NetParameters,
mds: Vec<Option<Arc<Microdesc>>>,
rs_idx_by_missing: HashMap<MdDigest, usize>,
rs_idx_by_ed: HashMap<Ed25519Identity, usize>,
rs_idx_by_rsa: Arc<HashMap<RsaIdentity, usize>>,
weights: weight::WeightSet,
}
#[derive(
Debug, Clone, Copy, PartialEq, Eq, EnumIter, EnumCount, IntoPrimitive, TryFromPrimitive,
)]
#[non_exhaustive]
#[repr(u16)]
pub enum DirEvent {
NewConsensus,
NewDescriptors,
}
#[derive(Copy, Clone, Eq, PartialEq, Debug)]
#[allow(clippy::exhaustive_enums)]
pub enum Timeliness {
Strict,
Timely,
Unchecked,
}
pub trait NetDirProvider: UpcastArcNetDirProvider + Send + Sync {
fn netdir(&self, timeliness: Timeliness) -> Result<Arc<NetDir>>;
fn timely_netdir(&self) -> Result<Arc<NetDir>> {
self.netdir(Timeliness::Timely)
}
fn events(&self) -> BoxStream<'static, DirEvent>;
fn params(&self) -> Arc<dyn AsRef<NetParameters>>;
}
impl<T> NetDirProvider for Arc<T>
where
T: NetDirProvider,
{
fn netdir(&self, timeliness: Timeliness) -> Result<Arc<NetDir>> {
self.deref().netdir(timeliness)
}
fn timely_netdir(&self) -> Result<Arc<NetDir>> {
self.deref().timely_netdir()
}
fn events(&self) -> BoxStream<'static, DirEvent> {
self.deref().events()
}
fn params(&self) -> Arc<dyn AsRef<NetParameters>> {
self.deref().params()
}
}
pub trait UpcastArcNetDirProvider {
fn upcast_arc<'a>(self: Arc<Self>) -> Arc<dyn NetDirProvider + 'a>
where
Self: 'a;
}
impl<T> UpcastArcNetDirProvider for T
where
T: NetDirProvider + Sized,
{
fn upcast_arc<'a>(self: Arc<Self>) -> Arc<dyn NetDirProvider + 'a>
where
Self: 'a,
{
self
}
}
impl AsRef<NetParameters> for NetDir {
fn as_ref(&self) -> &NetParameters {
self.params()
}
}
#[derive(Debug, Clone)]
pub struct PartialNetDir {
netdir: NetDir,
}
#[derive(Clone)]
pub struct Relay<'a> {
rs: &'a netstatus::MdConsensusRouterStatus,
md: &'a Microdesc,
}
#[derive(Debug)]
pub struct UncheckedRelay<'a> {
rs: &'a netstatus::MdConsensusRouterStatus,
md: Option<&'a Microdesc>,
}
pub trait MdReceiver {
fn missing_microdescs(&self) -> Box<dyn Iterator<Item = &MdDigest> + '_>;
fn add_microdesc(&mut self, md: Microdesc) -> bool;
fn n_missing(&self) -> usize;
}
impl PartialNetDir {
pub fn new(
consensus: MdConsensus,
replacement_params: Option<&netstatus::NetParams<i32>>,
) -> Self {
let mut params = NetParameters::default();
let _ = params.saturating_update(consensus.params().iter());
if let Some(replacement) = replacement_params {
for u in params.saturating_update(replacement.iter()) {
warn!("Unrecognized option: override_net_params.{}", u);
}
}
let weights = weight::WeightSet::from_consensus(&consensus, ¶ms);
let n_relays = consensus.relays().len();
let rs_idx_by_missing = consensus
.relays()
.iter()
.enumerate()
.map(|(rs_idx, rs)| (*rs.md_digest(), rs_idx))
.collect();
let rs_idx_by_rsa = consensus
.relays()
.iter()
.enumerate()
.map(|(rs_idx, rs)| (*rs.rsa_identity(), rs_idx))
.collect();
let netdir = NetDir {
consensus: Arc::new(consensus),
params,
mds: vec![None; n_relays],
rs_idx_by_missing,
rs_idx_by_rsa: Arc::new(rs_idx_by_rsa),
rs_idx_by_ed: HashMap::with_capacity(n_relays),
weights,
};
PartialNetDir { netdir }
}
pub fn lifetime(&self) -> &netstatus::Lifetime {
self.netdir.lifetime()
}
pub fn fill_from_previous_netdir<'a>(&mut self, prev: &'a NetDir) -> Vec<&'a MdDigest> {
let mut loaded = Vec::new();
for md in prev.mds.iter().flatten() {
if self.netdir.add_arc_microdesc(md.clone()) {
loaded.push(md.digest());
}
}
loaded
}
pub fn have_enough_paths(&self) -> bool {
self.netdir.have_enough_paths()
}
pub fn unwrap_if_sufficient(self) -> std::result::Result<NetDir, PartialNetDir> {
if self.netdir.have_enough_paths() {
Ok(self.netdir)
} else {
Err(self)
}
}
}
impl MdReceiver for PartialNetDir {
fn missing_microdescs(&self) -> Box<dyn Iterator<Item = &MdDigest> + '_> {
self.netdir.missing_microdescs()
}
fn add_microdesc(&mut self, md: Microdesc) -> bool {
self.netdir.add_microdesc(md)
}
fn n_missing(&self) -> usize {
self.netdir.n_missing()
}
}
impl NetDir {
pub fn lifetime(&self) -> &netstatus::Lifetime {
self.consensus.lifetime()
}
#[allow(clippy::missing_panics_doc)] fn add_arc_microdesc(&mut self, md: Arc<Microdesc>) -> bool {
if let Some(rs_idx) = self.rs_idx_by_missing.remove(md.digest()) {
assert_eq!(self.consensus.relays()[rs_idx].md_digest(), md.digest());
self.rs_idx_by_ed.insert(*md.ed25519_id(), rs_idx);
self.mds[rs_idx] = Some(md);
if self.rs_idx_by_missing.len() < self.rs_idx_by_missing.capacity() / 4 {
self.rs_idx_by_missing.shrink_to_fit();
}
return true;
}
false
}
fn relay_from_rs_and_idx<'a>(
&'a self,
rs: &'a netstatus::MdConsensusRouterStatus,
rs_idx: usize,
) -> UncheckedRelay<'a> {
debug_assert_eq!(
self.consensus.relays()[rs_idx].rsa_identity(),
rs.rsa_identity()
);
let md = self.mds[rs_idx].as_deref();
if let Some(md) = md {
debug_assert_eq!(rs.md_digest(), md.digest());
}
UncheckedRelay { rs, md }
}
pub fn replace_overridden_parameters(&mut self, new_replacement: &netstatus::NetParams<i32>) {
let mut new_params = NetParameters::default();
let _ = new_params.saturating_update(self.consensus.params().iter());
for u in new_params.saturating_update(new_replacement.iter()) {
warn!("Unrecognized option: override_net_params.{}", u);
}
self.params = new_params;
}
pub fn all_relays(&self) -> impl Iterator<Item = UncheckedRelay<'_>> {
self.consensus
.relays()
.iter()
.enumerate()
.map(move |(idx, rs)| self.relay_from_rs_and_idx(rs, idx))
}
pub fn relays(&self) -> impl Iterator<Item = Relay<'_>> {
self.all_relays().filter_map(UncheckedRelay::into_relay)
}
#[allow(clippy::missing_panics_doc)] pub fn by_id<'a, T>(&self, id: T) -> Option<Relay<'_>>
where
T: Into<RelayIdRef<'a>> + ?Sized,
{
let id = id.into();
let answer = match id {
RelayIdRef::Ed25519(ed25519) => {
let rs_idx = *self.rs_idx_by_ed.get(ed25519)?;
let rs = self.consensus.relays().get(rs_idx).expect("Corrupt index");
self.relay_from_rs_and_idx(rs, rs_idx).into_relay()?
}
RelayIdRef::Rsa(rsa) => self
.by_rsa_id_unchecked(rsa)
.and_then(UncheckedRelay::into_relay)?,
other_type => self.relays().find(|r| r.has_identity(other_type))?,
};
assert!(answer.has_identity(id));
Some(answer)
}
pub fn by_ids<T>(&self, target: &T) -> Option<Relay<'_>>
where
T: HasRelayIds + ?Sized,
{
let mut identities = target.identities();
let first_id = identities.next()?;
let candidate = self.by_id(first_id)?;
if identities.all(|wanted_id| candidate.has_identity(wanted_id)) {
Some(candidate)
} else {
None
}
}
fn id_pair_listed(&self, ed_id: &Ed25519Identity, rsa_id: &RsaIdentity) -> Option<bool> {
let r = self.by_rsa_id_unchecked(rsa_id);
match r {
Some(unchecked) => {
if !unchecked.rs.ed25519_id_is_usable() {
return Some(false);
}
unchecked.md.map(|md| md.ed25519_id() == ed_id)
}
None => {
Some(false)
}
}
}
pub fn ids_listed<T>(&self, target: &T) -> Option<bool>
where
T: HasRelayIds + ?Sized,
{
let rsa_id = target.rsa_identity();
let ed25519_id = target.ed_identity();
const_assert!(RelayIdType::COUNT == 2);
match (rsa_id, ed25519_id) {
(Some(r), Some(e)) => self.id_pair_listed(e, r),
(Some(r), None) => Some(self.rsa_id_is_listed(r)),
(None, Some(e)) => {
if self.rs_idx_by_ed.contains_key(e) {
Some(true)
} else {
None
}
}
(None, None) => None,
}
}
#[allow(clippy::missing_panics_doc)] fn by_rsa_id_unchecked(&self, rsa_id: &RsaIdentity) -> Option<UncheckedRelay<'_>> {
let rs_idx = *self.rs_idx_by_rsa.get(rsa_id)?;
let rs = self.consensus.relays().get(rs_idx).expect("Corrupt index");
assert_eq!(rs.rsa_identity(), rsa_id);
Some(self.relay_from_rs_and_idx(rs, rs_idx))
}
fn by_rsa_id(&self, rsa_id: &RsaIdentity) -> Option<Relay<'_>> {
self.by_rsa_id_unchecked(rsa_id)?.into_relay()
}
fn rsa_id_is_listed(&self, rsa_id: &RsaIdentity) -> bool {
self.by_rsa_id_unchecked(rsa_id).is_some()
}
pub fn params(&self) -> &NetParameters {
&self.params
}
fn frac_for_role<'a, F>(&'a self, role: WeightRole, usable: F) -> f64
where
F: Fn(&UncheckedRelay<'a>) -> bool,
{
let mut total_weight = 0_u64;
let mut have_weight = 0_u64;
let mut have_count = 0_usize;
let mut total_count = 0_usize;
for r in self.all_relays() {
if !usable(&r) {
continue;
}
let w = self.weights.weight_rs_for_role(r.rs, role);
total_weight += w;
total_count += 1;
if r.is_usable() {
have_weight += w;
have_count += 1;
}
}
if total_weight > 0 {
(have_weight as f64) / (total_weight as f64)
} else if total_count > 0 {
(have_count as f64) / (total_count as f64)
} else {
0.0
}
}
fn frac_usable_paths(&self) -> f64 {
let f_g = self.frac_for_role(WeightRole::Guard, |u| u.rs.is_flagged_guard());
let f_m = self.frac_for_role(WeightRole::Middle, |_| true);
let f_e = if self.all_relays().any(|u| u.rs.is_flagged_exit()) {
self.frac_for_role(WeightRole::Exit, |u| u.rs.is_flagged_exit())
} else {
f_m
};
f_g * f_m * f_e
}
fn have_enough_paths(&self) -> bool {
let min_frac_paths: f64 = self.params().min_circuit_path_threshold.as_fraction();
let available = self.frac_usable_paths();
available >= min_frac_paths
}
pub fn pick_relay<'a, R, P>(
&'a self,
rng: &mut R,
role: WeightRole,
usable: P,
) -> Option<Relay<'a>>
where
R: rand::Rng,
P: FnMut(&Relay<'a>) -> bool,
{
use rand::seq::SliceRandom;
let relays: Vec<_> = self.relays().filter(usable).collect();
relays[..]
.choose_weighted(rng, |r| self.weights.weight_rs_for_role(r.rs, role))
.ok()
.cloned()
}
pub fn pick_n_relays<'a, R, P>(
&'a self,
rng: &mut R,
n: usize,
role: WeightRole,
usable: P,
) -> Vec<Relay<'a>>
where
R: rand::Rng,
P: FnMut(&Relay<'a>) -> bool,
{
use rand::seq::SliceRandom;
let relays: Vec<_> = self.relays().filter(usable).collect();
let mut relays = match relays[..].choose_multiple_weighted(rng, n, |r| {
self.weights.weight_rs_for_role(r.rs, role) as f64
}) {
Err(_) => Vec::new(),
Ok(iter) => iter.map(Relay::clone).collect(),
};
relays.shuffle(rng);
relays
}
pub fn relay_weight<'a>(&'a self, relay: &Relay<'a>, role: WeightRole) -> RelayWeight {
RelayWeight(self.weights.weight_rs_for_role(relay.rs, role))
}
pub fn total_weight<P>(&self, role: WeightRole, usable: P) -> RelayWeight
where
P: Fn(&UncheckedRelay<'_>) -> bool,
{
self.all_relays()
.filter_map(|unchecked| {
if usable(&unchecked) {
Some(RelayWeight(
self.weights.weight_rs_for_role(unchecked.rs, role),
))
} else {
None
}
})
.sum()
}
pub fn weight_by_rsa_id(&self, rsa_id: &RsaIdentity, role: WeightRole) -> Option<RelayWeight> {
self.by_rsa_id_unchecked(rsa_id)
.map(|unchecked| RelayWeight(self.weights.weight_rs_for_role(unchecked.rs, role)))
}
pub fn known_family_members<'a>(
&'a self,
relay: &'a Relay<'a>,
) -> impl Iterator<Item = Relay<'a>> {
let relay_rsa_id = relay.rsa_id();
relay.md.family().members().filter_map(move |other_rsa_id| {
self.by_rsa_id(other_rsa_id)
.filter(|other_relay| other_relay.md.family().contains(relay_rsa_id))
})
}
}
impl MdReceiver for NetDir {
fn missing_microdescs(&self) -> Box<dyn Iterator<Item = &MdDigest> + '_> {
Box::new(self.rs_idx_by_missing.keys())
}
fn add_microdesc(&mut self, md: Microdesc) -> bool {
self.add_arc_microdesc(Arc::new(md))
}
fn n_missing(&self) -> usize {
self.rs_idx_by_missing.len()
}
}
impl<'a> UncheckedRelay<'a> {
pub fn is_usable(&self) -> bool {
self.md.is_some() && self.rs.ed25519_id_is_usable()
}
pub fn into_relay(self) -> Option<Relay<'a>> {
if self.is_usable() {
Some(Relay {
rs: self.rs,
md: self.md?,
})
} else {
None
}
}
pub fn is_flagged_guard(&self) -> bool {
self.rs.is_flagged_guard()
}
pub fn is_dir_cache(&self) -> bool {
rs_is_dir_cache(self.rs)
}
}
impl<'a> Relay<'a> {
pub fn id(&self) -> &Ed25519Identity {
self.md.ed25519_id()
}
pub fn rsa_id(&self) -> &RsaIdentity {
self.rs.rsa_identity()
}
pub fn same_relay<'b>(&self, other: &Relay<'b>) -> bool {
self.id() == other.id() && self.rsa_id() == other.rsa_id()
}
pub fn supports_exit_port_ipv4(&self, port: u16) -> bool {
self.ipv4_policy().allows_port(port)
}
pub fn supports_exit_port_ipv6(&self, port: u16) -> bool {
self.ipv6_policy().allows_port(port)
}
pub fn is_dir_cache(&self) -> bool {
rs_is_dir_cache(self.rs)
}
pub fn is_flagged_guard(&self) -> bool {
self.rs.is_flagged_guard()
}
pub fn in_same_subnet<'b>(&self, other: &Relay<'b>, subnet_config: &SubnetConfig) -> bool {
subnet_config.any_addrs_in_same_subnet(self, other)
}
pub fn in_same_family<'b>(&self, other: &Relay<'b>) -> bool {
if self.same_relay(other) {
return true;
}
self.md.family().contains(other.rsa_id()) && other.md.family().contains(self.rsa_id())
}
pub fn policies_allow_some_port(&self) -> bool {
if self.rs.is_flagged_bad_exit() {
return false;
}
self.md.ipv4_policy().allows_some_port() || self.md.ipv6_policy().allows_some_port()
}
pub fn ipv4_policy(&self) -> Arc<PortPolicy> {
if !self.rs.is_flagged_bad_exit() {
Arc::clone(self.md.ipv4_policy())
} else {
Arc::new(PortPolicy::new_reject_all())
}
}
pub fn ipv6_policy(&self) -> Arc<PortPolicy> {
if !self.rs.is_flagged_bad_exit() {
Arc::clone(self.md.ipv6_policy())
} else {
Arc::new(PortPolicy::new_reject_all())
}
}
pub fn ipv4_declared_policy(&self) -> &Arc<PortPolicy> {
self.md.ipv4_policy()
}
pub fn ipv6_declared_policy(&self) -> &Arc<PortPolicy> {
self.md.ipv6_policy()
}
#[cfg(feature = "experimental-api")]
pub fn rs(&self) -> &netstatus::MdConsensusRouterStatus {
self.rs
}
#[cfg(feature = "experimental-api")]
pub fn md(&self) -> &Microdesc {
self.md
}
}
impl<'a> HasAddrs for Relay<'a> {
fn addrs(&self) -> &[std::net::SocketAddr] {
self.rs.addrs()
}
}
impl<'a> tor_linkspec::HasRelayIdsLegacy for Relay<'a> {
fn ed_identity(&self) -> &Ed25519Identity {
self.id()
}
fn rsa_identity(&self) -> &RsaIdentity {
self.rsa_id()
}
}
impl<'a> HasRelayIds for UncheckedRelay<'a> {
fn identity(&self, key_type: RelayIdType) -> Option<RelayIdRef<'_>> {
match key_type {
RelayIdType::Ed25519 if self.rs.ed25519_id_is_usable() => {
self.md.map(|m| m.ed25519_id().into())
}
RelayIdType::Rsa => Some(self.rs.rsa_identity().into()),
_ => None,
}
}
}
impl<'a> DirectChanMethodsHelper for Relay<'a> {}
impl<'a> ChanTarget for Relay<'a> {}
impl<'a> tor_linkspec::CircTarget for Relay<'a> {
fn ntor_onion_key(&self) -> &ll::pk::curve25519::PublicKey {
self.md.ntor_key()
}
fn protovers(&self) -> &tor_protover::Protocols {
self.rs.protovers()
}
}
fn rs_is_dir_cache(rs: &netstatus::MdConsensusRouterStatus) -> bool {
use tor_protover::ProtoKind;
rs.is_flagged_v2dir() && rs.protovers().supports_known_subver(ProtoKind::DirCache, 2)
}
#[cfg(test)]
mod test {
#![allow(clippy::unwrap_used)]
#![allow(clippy::cognitive_complexity)]
use super::*;
use crate::testnet::*;
use float_eq::assert_float_eq;
use std::collections::HashSet;
use std::time::Duration;
use tor_basic_utils::test_rng;
use tor_linkspec::{RelayIdType, RelayIds};
#[test]
fn partial_netdir() {
let (consensus, microdescs) = construct_network().unwrap();
let dir = PartialNetDir::new(consensus, None);
let lifetime = dir.lifetime();
assert_eq!(
lifetime
.valid_until()
.duration_since(lifetime.valid_after())
.unwrap(),
Duration::new(86400, 0)
);
assert!(!dir.have_enough_paths());
let mut dir = match dir.unwrap_if_sufficient() {
Ok(_) => panic!(),
Err(d) => d,
};
let missing: HashSet<_> = dir.missing_microdescs().collect();
assert_eq!(missing.len(), 40);
assert_eq!(missing.len(), dir.netdir.consensus.relays().len());
for md in µdescs {
assert!(missing.contains(md.digest()));
}
for md in microdescs {
let wanted = dir.add_microdesc(md);
assert!(wanted);
}
let missing: HashSet<_> = dir.missing_microdescs().collect();
assert!(missing.is_empty());
assert!(dir.have_enough_paths());
let _complete = match dir.unwrap_if_sufficient() {
Ok(d) => d,
Err(_) => panic!(),
};
}
#[test]
fn override_params() {
let (consensus, _microdescs) = construct_network().unwrap();
let override_p = "bwweightscale=2 doesnotexist=77 circwindow=500"
.parse()
.unwrap();
let dir = PartialNetDir::new(consensus.clone(), Some(&override_p));
let params = &dir.netdir.params;
assert_eq!(params.bw_weight_scale.get(), 2);
assert_eq!(params.circuit_window.get(), 500_i32);
let dir = PartialNetDir::new(consensus, None);
let params = &dir.netdir.params;
assert_eq!(params.bw_weight_scale.get(), 1_i32);
assert_eq!(params.circuit_window.get(), 1000_i32);
}
#[test]
fn fill_from_previous() {
let (consensus, microdescs) = construct_network().unwrap();
let mut dir = PartialNetDir::new(consensus.clone(), None);
for md in microdescs.iter().skip(2) {
let wanted = dir.add_microdesc(md.clone());
assert!(wanted);
}
let dir1 = dir.unwrap_if_sufficient().unwrap();
assert_eq!(dir1.missing_microdescs().count(), 2);
let mut dir = PartialNetDir::new(consensus, None);
assert_eq!(dir.missing_microdescs().count(), 40);
dir.fill_from_previous_netdir(&dir1);
assert_eq!(dir.missing_microdescs().count(), 2);
}
#[test]
fn path_count() {
let low_threshold = "min_paths_for_circs_pct=64".parse().unwrap();
let high_threshold = "min_paths_for_circs_pct=65".parse().unwrap();
let (consensus, microdescs) = construct_network().unwrap();
let mut dir = PartialNetDir::new(consensus.clone(), Some(&low_threshold));
for (idx, md) in microdescs.iter().enumerate() {
if idx % 7 == 2 {
continue; }
dir.add_microdesc(md.clone());
}
let dir = dir.unwrap_if_sufficient().unwrap();
assert_eq!(dir.all_relays().count(), 40);
assert_eq!(dir.relays().count(), 34);
let f = dir.frac_for_role(WeightRole::Guard, |u| u.rs.is_flagged_guard());
assert!(((97.0 / 110.0) - f).abs() < 0.000001);
let f = dir.frac_for_role(WeightRole::Exit, |u| u.rs.is_flagged_exit());
assert!(((94.0 / 110.0) - f).abs() < 0.000001);
let f = dir.frac_for_role(WeightRole::Middle, |_| true);
assert!(((187.0 / 220.0) - f).abs() < 0.000001);
let f = dir.frac_usable_paths();
assert!((f - 0.64052066).abs() < 0.000001);
let mut dir = PartialNetDir::new(consensus, Some(&high_threshold));
for (idx, md) in microdescs.into_iter().enumerate() {
if idx % 7 == 2 {
continue; }
dir.add_microdesc(md);
}
assert!(dir.unwrap_if_sufficient().is_err());
}
fn testing_rng_with_tolerances() -> (impl rand::Rng, usize, f64) {
let config = test_rng::Config::from_env().unwrap_or(test_rng::Config::Deterministic);
let (iters, tolerance) = match config {
test_rng::Config::Deterministic => (5000, 0.02),
_ => (50000, 0.01),
};
(config.into_rng(), iters, tolerance)
}
#[test]
fn test_pick() {
let (consensus, microdescs) = construct_network().unwrap();
let mut dir = PartialNetDir::new(consensus, None);
for md in microdescs.into_iter() {
let wanted = dir.add_microdesc(md.clone());
assert!(wanted);
}
let dir = dir.unwrap_if_sufficient().unwrap();
let (mut rng, total, tolerance) = testing_rng_with_tolerances();
let mut picked = [0_isize; 40];
for _ in 0..total {
let r = dir.pick_relay(&mut rng, WeightRole::Middle, |r| {
r.supports_exit_port_ipv4(80)
});
let r = r.unwrap();
let id_byte = r.identity(RelayIdType::Rsa).unwrap().as_bytes()[0];
picked[id_byte as usize] += 1;
}
picked[0..10].iter().for_each(|x| assert_eq!(*x, 0));
picked[20..30].iter().for_each(|x| assert_eq!(*x, 0));
let picked_f: Vec<_> = picked.iter().map(|x| *x as f64 / total as f64).collect();
assert_float_eq!(picked_f[19], (10.0 / 110.0), abs <= tolerance);
assert_float_eq!(picked_f[38], (9.0 / 110.0), abs <= tolerance);
assert_float_eq!(picked_f[39], (10.0 / 110.0), abs <= tolerance);
}
#[test]
fn test_pick_multiple() {
let dir = construct_netdir().unwrap_if_sufficient().unwrap();
let (mut rng, total, tolerance) = testing_rng_with_tolerances();
let mut picked = [0_isize; 40];
for _ in 0..total / 4 {
let relays = dir.pick_n_relays(&mut rng, 4, WeightRole::Middle, |r| {
r.supports_exit_port_ipv4(80)
});
assert_eq!(relays.len(), 4);
for r in relays {
let id_byte = r.identity(RelayIdType::Rsa).unwrap().as_bytes()[0];
picked[id_byte as usize] += 1;
}
}
picked[0..10].iter().for_each(|x| assert_eq!(*x, 0));
picked[20..30].iter().for_each(|x| assert_eq!(*x, 0));
let picked_f: Vec<_> = picked.iter().map(|x| *x as f64 / total as f64).collect();
assert_float_eq!(picked_f[19], (10.0 / 110.0), abs <= tolerance);
assert_float_eq!(picked_f[36], (7.0 / 110.0), abs <= tolerance);
assert_float_eq!(picked_f[39], (10.0 / 110.0), abs <= tolerance);
}
#[test]
fn subnets() {
let cfg = SubnetConfig::default();
fn same_net(cfg: &SubnetConfig, a: &str, b: &str) -> bool {
cfg.addrs_in_same_subnet(&a.parse().unwrap(), &b.parse().unwrap())
}
assert!(same_net(&cfg, "127.15.3.3", "127.15.9.9"));
assert!(!same_net(&cfg, "127.15.3.3", "127.16.9.9"));
assert!(!same_net(&cfg, "127.15.3.3", "127::"));
assert!(same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:91:34::"));
assert!(!same_net(&cfg, "ffff:ffff:90:33::", "ffff:fffe:91:34::"));
let cfg = SubnetConfig {
subnets_family_v4: 32,
subnets_family_v6: 128,
};
assert!(!same_net(&cfg, "127.15.3.3", "127.15.9.9"));
assert!(!same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:91:34::"));
assert!(same_net(&cfg, "127.0.0.1", "127.0.0.1"));
assert!(!same_net(&cfg, "127.0.0.1", "127.0.0.2"));
assert!(same_net(&cfg, "ffff:ffff:90:33::", "ffff:ffff:90:33::"));
let cfg = SubnetConfig {
subnets_family_v4: 33,
subnets_family_v6: 129,
};
assert!(!same_net(&cfg, "127.0.0.1", "127.0.0.1"));
assert!(!same_net(&cfg, "::", "::"));
}
#[test]
fn relay_funcs() {
let (consensus, microdescs) = construct_custom_network(|idx, nb| {
if idx == 15 {
nb.rs.add_or_port("[f0f0::30]:9001".parse().unwrap());
} else if idx == 20 {
nb.rs.add_or_port("[f0f0::3131]:9001".parse().unwrap());
}
})
.unwrap();
let subnet_config = SubnetConfig::default();
let mut dir = PartialNetDir::new(consensus, None);
for md in microdescs.into_iter() {
let wanted = dir.add_microdesc(md.clone());
assert!(wanted);
}
let dir = dir.unwrap_if_sufficient().unwrap();
let k0 = Ed25519Identity::from([0; 32]);
let k1 = Ed25519Identity::from([1; 32]);
let k2 = Ed25519Identity::from([2; 32]);
let k3 = Ed25519Identity::from([3; 32]);
let k10 = Ed25519Identity::from([10; 32]);
let k15 = Ed25519Identity::from([15; 32]);
let k20 = Ed25519Identity::from([20; 32]);
let r0 = dir.by_id(&k0).unwrap();
let r1 = dir.by_id(&k1).unwrap();
let r2 = dir.by_id(&k2).unwrap();
let r3 = dir.by_id(&k3).unwrap();
let r10 = dir.by_id(&k10).unwrap();
let r15 = dir.by_id(&k15).unwrap();
let r20 = dir.by_id(&k20).unwrap();
assert_eq!(r0.id(), &[0; 32].into());
assert_eq!(r0.rsa_id(), &[0; 20].into());
assert_eq!(r1.id(), &[1; 32].into());
assert_eq!(r1.rsa_id(), &[1; 20].into());
assert!(r0.same_relay(&r0));
assert!(r1.same_relay(&r1));
assert!(!r1.same_relay(&r0));
assert!(r0.is_dir_cache());
assert!(!r1.is_dir_cache());
assert!(r2.is_dir_cache());
assert!(!r3.is_dir_cache());
assert!(!r0.supports_exit_port_ipv4(80));
assert!(!r1.supports_exit_port_ipv4(80));
assert!(!r2.supports_exit_port_ipv4(80));
assert!(!r3.supports_exit_port_ipv4(80));
assert!(!r0.policies_allow_some_port());
assert!(!r1.policies_allow_some_port());
assert!(!r2.policies_allow_some_port());
assert!(!r3.policies_allow_some_port());
assert!(r10.policies_allow_some_port());
assert!(r0.in_same_family(&r0));
assert!(r0.in_same_family(&r1));
assert!(r1.in_same_family(&r0));
assert!(r1.in_same_family(&r1));
assert!(!r0.in_same_family(&r2));
assert!(!r2.in_same_family(&r0));
assert!(r2.in_same_family(&r2));
assert!(r2.in_same_family(&r3));
assert!(r0.in_same_subnet(&r10, &subnet_config));
assert!(r10.in_same_subnet(&r10, &subnet_config));
assert!(r0.in_same_subnet(&r0, &subnet_config));
assert!(r1.in_same_subnet(&r1, &subnet_config));
assert!(!r1.in_same_subnet(&r2, &subnet_config));
assert!(!r2.in_same_subnet(&r3, &subnet_config));
let subnet_config = SubnetConfig {
subnets_family_v4: 128,
subnets_family_v6: 96,
};
assert!(r15.in_same_subnet(&r20, &subnet_config));
assert!(!r15.in_same_subnet(&r1, &subnet_config));
let subnet_config = SubnetConfig {
subnets_family_v4: 255,
subnets_family_v6: 255,
};
assert!(!r15.in_same_subnet(&r20, &subnet_config));
}
#[test]
fn test_badexit() {
use tor_netdoc::doc::netstatus::RelayFlags;
let netdir = construct_custom_netdir(|idx, nb| {
if (10..20).contains(&idx) {
nb.rs.add_flags(RelayFlags::BAD_EXIT);
}
nb.md.parse_ipv6_policy("accept 443").unwrap();
})
.unwrap()
.unwrap_if_sufficient()
.unwrap();
let e12 = netdir.by_id(&Ed25519Identity::from([12; 32])).unwrap();
let e32 = netdir.by_id(&Ed25519Identity::from([32; 32])).unwrap();
assert!(!e12.supports_exit_port_ipv4(80));
assert!(e32.supports_exit_port_ipv4(80));
assert!(!e12.supports_exit_port_ipv6(443));
assert!(e32.supports_exit_port_ipv6(443));
assert!(!e32.supports_exit_port_ipv6(555));
assert!(!e12.policies_allow_some_port());
assert!(e32.policies_allow_some_port());
assert!(!e12.ipv4_policy().allows_some_port());
assert!(!e12.ipv6_policy().allows_some_port());
assert!(e32.ipv4_policy().allows_some_port());
assert!(e32.ipv6_policy().allows_some_port());
assert!(e12.ipv4_declared_policy().allows_some_port());
assert!(e12.ipv6_declared_policy().allows_some_port());
}
#[cfg(feature = "experimental-api")]
#[test]
fn test_accessors() {
let netdir = construct_netdir().unwrap_if_sufficient().unwrap();
let r4 = netdir.by_id(&Ed25519Identity::from([4; 32])).unwrap();
let r16 = netdir.by_id(&Ed25519Identity::from([16; 32])).unwrap();
assert!(!r4.md().ipv4_policy().allows_some_port());
assert!(r16.md().ipv4_policy().allows_some_port());
assert!(!r4.rs().is_flagged_exit());
assert!(r16.rs().is_flagged_exit());
}
#[test]
fn test_by_id() {
let netdir = construct_custom_netdir(|idx, mut nb| {
nb.omit_md = idx == 13;
})
.unwrap();
let netdir = netdir.unwrap_if_sufficient().unwrap();
let r = netdir.by_id(&Ed25519Identity::from([0; 32])).unwrap();
assert_eq!(r.id().as_bytes(), &[0; 32]);
assert!(netdir.by_id(&Ed25519Identity::from([13; 32])).is_none());
let r = netdir.by_rsa_id(&[12; 20].into()).unwrap();
assert_eq!(r.rsa_id().as_bytes(), &[12; 20]);
assert!(netdir.rsa_id_is_listed(&[12; 20].into()));
assert!(netdir.by_rsa_id(&[13; 20].into()).is_none());
assert!(netdir.by_rsa_id_unchecked(&[99; 20].into()).is_none());
assert!(!netdir.rsa_id_is_listed(&[99; 20].into()));
let r = netdir.by_rsa_id_unchecked(&[13; 20].into()).unwrap();
assert_eq!(r.rs.rsa_identity().as_bytes(), &[13; 20]);
assert!(netdir.rsa_id_is_listed(&[13; 20].into()));
let pair_13_13 = RelayIds::builder()
.ed_identity([13; 32].into())
.rsa_identity([13; 20].into())
.build()
.unwrap();
let pair_14_14 = RelayIds::builder()
.ed_identity([14; 32].into())
.rsa_identity([14; 20].into())
.build()
.unwrap();
let pair_14_99 = RelayIds::builder()
.ed_identity([14; 32].into())
.rsa_identity([99; 20].into())
.build()
.unwrap();
let r = netdir.by_ids(&pair_13_13);
assert!(r.is_none());
let r = netdir.by_ids(&pair_14_14).unwrap();
assert_eq!(r.identity(RelayIdType::Rsa).unwrap().as_bytes(), &[14; 20]);
assert_eq!(
r.identity(RelayIdType::Ed25519).unwrap().as_bytes(),
&[14; 32]
);
let r = netdir.by_ids(&pair_14_99);
assert!(r.is_none());
assert_eq!(
netdir.id_pair_listed(&[13; 32].into(), &[13; 20].into()),
None
);
assert_eq!(
netdir.id_pair_listed(&[15; 32].into(), &[15; 20].into()),
Some(true)
);
assert_eq!(
netdir.id_pair_listed(&[15; 32].into(), &[99; 20].into()),
Some(false)
);
}
#[test]
fn weight_type() {
let r0 = RelayWeight(0);
let r100 = RelayWeight(100);
let r200 = RelayWeight(200);
let r300 = RelayWeight(300);
assert_eq!(r100 + r200, r300);
assert_eq!(r100.checked_div(r200), Some(0.5));
assert!(r100.checked_div(r0).is_none());
assert_eq!(r200.ratio(0.5), Some(r100));
assert!(r200.ratio(-1.0).is_none());
}
#[test]
fn weight_accessors() {
let netdir = construct_netdir().unwrap_if_sufficient().unwrap();
let g_total = netdir.total_weight(WeightRole::Guard, |r| r.is_flagged_guard());
assert_eq!(g_total, RelayWeight(110_000));
let g_total = netdir.total_weight(WeightRole::Guard, |_| false);
assert_eq!(g_total, RelayWeight(0));
let relay = netdir.by_id(&Ed25519Identity::from([35; 32])).unwrap();
assert!(relay.is_flagged_guard());
let w = netdir.relay_weight(&relay, WeightRole::Guard);
assert_eq!(w, RelayWeight(6_000));
let w = netdir
.weight_by_rsa_id(&[33; 20].into(), WeightRole::Guard)
.unwrap();
assert_eq!(w, RelayWeight(4_000));
assert!(netdir
.weight_by_rsa_id(&[99; 20].into(), WeightRole::Guard)
.is_none());
}
#[test]
fn family_list() {
let netdir = construct_custom_netdir(|idx, n| {
if idx == 0x0a {
n.md.family(
"$0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B \
$0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C0C \
$0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D0D"
.parse()
.unwrap(),
);
} else if idx == 0x0c {
n.md.family("$0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A".parse().unwrap());
}
})
.unwrap()
.unwrap_if_sufficient()
.unwrap();
let r0 = netdir.by_id(&Ed25519Identity::from([0; 32])).unwrap();
let family: Vec<_> = netdir.known_family_members(&r0).collect();
assert_eq!(family.len(), 1);
assert_eq!(family[0].id(), &Ed25519Identity::from([1; 32]));
let r10 = netdir.by_id(&Ed25519Identity::from([10; 32])).unwrap();
let family: HashSet<_> = netdir.known_family_members(&r10).map(|r| *r.id()).collect();
assert_eq!(family.len(), 2);
assert!(family.contains(&Ed25519Identity::from([11; 32])));
assert!(family.contains(&Ed25519Identity::from([12; 32])));
}
}