diff options
138 files changed, 12517 insertions, 5244 deletions
@@ -1,6 +1,39 @@ Changes in version 0.3.1.1-alpha - 2017-??-?? +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process + to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + should upgrade. This security issue is tracked as TROVE-2017-002. + Fixes bug 22246; bugfix on 0.3.0.1-alpha. + + o Minor features: + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (future-proofing): + - Tor no longer refuses to download microdescriptors or descriptors + if they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor bugfixes (Linux seccomp2 sandbox): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + Changes in version 0.3.0.6 - 2017-04-26 Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. diff --git a/ReleaseNotes b/ReleaseNotes index ca5a30dd43..e88dc2f81c 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -3,6 +3,39 @@ of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process + to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + should upgrade. This security issue is tracked as TROVE-2017-002. + Fixes bug 22246; bugfix on 0.3.0.1-alpha. + + o Minor features: + - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 + Country database. + + o Minor features (future-proofing): + - Tor no longer refuses to download microdescriptors or descriptors + if they are listed as "published in the future". This change will + eventually allow us to stop listing meaningful "published" dates + in microdescriptor consensuses, and thereby allow us to reduce the + resources required to download consensus diffs by over 50%. + Implements part of ticket 21642; implements part of proposal 275. + + o Minor bugfixes (Linux seccomp2 sandbox): + - The getpid() system call is now permitted under the Linux seccomp2 + sandbox, to avoid crashing with versions of OpenSSL (and other + libraries) that attempt to learn the process's PID by using the + syscall rather than the VDSO code. Fixes bug 21943; bugfix + on 0.2.5.1-alpha. + + Changes in version 0.3.0.6 - 2017-04-26 Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. diff --git a/changes/21662_21663_21664 b/changes/21662_21663_21664 index 6712b0faf4..da47c6d073 100644 --- a/changes/21662_21663_21664 +++ b/changes/21662_21663_21664 @@ -1,4 +1,4 @@ - o Major features: + o Major features (directory system): - Tor's compression module now includes support for the zstd and lzma2 compression algorithms, if the libzstd and liblzma libraries are available when Tor is compiled. Once these features are exposed in the diff --git a/changes/bug16706 b/changes/bug16706 index 9c1e315321..b0b3351fb5 100644 --- a/changes/bug16706 +++ b/changes/bug16706 @@ -1,3 +1,3 @@ o Minor bugfixes (hidden service): - Stop printing cryptic warning when a client tries to connect on an - invalid port of the service. Fixes #16706.; bugfix on tor-0.2.6.3-alpha. + invalid port of the service. Fixes bug 16706; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug16861 b/changes/bug16861 new file mode 100644 index 0000000000..f540254946 --- /dev/null +++ b/changes/bug16861 @@ -0,0 +1,16 @@ + o Major features (traffic analysis resistance): + - Relays and clients will now send a padding cell on idle OR + connections every 1.5 to 9.5 seconds (tunable via consensus + parameters). Directory connections and inter-relay connections + are not padded. Padding is negotiated using Tor's link protocol, + so both relays and clients must upgrade for this to take effect. + Clients may still send padding despite the relay's version by + setting ConnectionPadding 1 in torrc, and may disable padding + by setting ConnectionPadding 0 in torrc. Padding may be minimized + for mobile users with the torrc option ReducedConnectionPadding. + Implements Proposal 251 and Section 2 of Proposal 254; closes ticket + 16861. + - Relays will publish 24 hour totals of padding and non-padding cell + counts to their extra-info descriptors, unless PaddingStatistics 0 + is set in torrc. These 24 hour totals are also rounded to multiples + of 10000. diff --git a/changes/bug17592 b/changes/bug17592 new file mode 100644 index 0000000000..131791b31f --- /dev/null +++ b/changes/bug17592 @@ -0,0 +1,13 @@ + o Minor bugfixes (connection lifespan): + - Allow more control over how long TLS connections are kept open: unify + CircuitIdleTimeout and PredictedPortsRelevanceTime into a single option + called CircuitsAvailableTimeout. Also, allow the consensus to control + the default values for both this preference, as well as the lifespan + of relay-to-relay connections. Fixes bug 17592; bugfix on 0.2.5.5-alpha. + - Increase the intial circuit build timeout testing frequency, to help + ensure that ReducedConnectionPadding clients finish learning a timeout + before their orconn would expire. The initial testing rate was set back + in the days of TAP and before the Tor Browser updater, when we had to be + much more careful about new clients making lots of circuits. With this + change, a circuit build time is learned in about 15-20 minutes, instead + of ~100-120 minutes. diff --git a/changes/bug17604 b/changes/bug17604 new file mode 100644 index 0000000000..6cd9e2e50a --- /dev/null +++ b/changes/bug17604 @@ -0,0 +1,15 @@ + o Minor bugfixes (connection usage): + - Use NETINFO cells to try to determine if both relays involved in + a connection will agree on the canonical status of that connection. + Prefer the connections where this is the case for extend cells, + and try to close connections where relays disagree on canonical + status early. Also, additionally alter the connection selection + logic to prefer the oldest valid connection for extend cells. + These two changes should reduce the number of long-term connections + that are kept open between relays. Fixes bug 17604; bugfix on + 0.2.5.5-alpha. + - Relays will now log hourly statistics on the total number of + connections to other relays. If the number of connections per relay + unexpectedly large, this log message is at notice level. Otherwise + it is at info. + diff --git a/changes/bug18100 b/changes/bug18100 new file mode 100644 index 0000000000..cd3ba2c977 --- /dev/null +++ b/changes/bug18100 @@ -0,0 +1,5 @@ + o Major bugfixes (linux TPROXY support): + - Fix a typo that had prevented TPROXY-based transparent proxying from + working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. + Patch from "d4fq0fQAgoJ". + diff --git a/changes/bug19699 b/changes/bug19699 index 8bfe66210e..10ba57f73e 100644 --- a/changes/bug19699 +++ b/changes/bug19699 @@ -2,4 +2,4 @@ - Make test-network.sh always call chutney's test-network.sh. Previously, this only worked on systems which had bash installed, due to some bash-specific code in the script. - Fixes bug 19699; follow-up to 21581. + Fixes bug 19699; bugfix on 0.3.0.4-rc. Follow-up to ticket 21581. diff --git a/changes/bug20270 b/changes/bug20270 new file mode 100644 index 0000000000..d538a358dc --- /dev/null +++ b/changes/bug20270 @@ -0,0 +1,6 @@ + o Minor bugfixes (directory authority): + - When rejecting a router descriptor because the relay is running an + obsolete version of Tor without ntor support, warn about the obsolete + tor version, not the missing ntor key. Fixes bug 20270; + bugfix on 0.2.9.3-alpha. + diff --git a/changes/bug20341 b/changes/bug20341 index 399ee509e6..419240c3f0 100644 --- a/changes/bug20341 +++ b/changes/bug20341 @@ -1,3 +1,3 @@ o Documentation: - Document key=value pluggable transport arguments for Bridge lines in - torrc. Fixes bug 20341; feature first appeared in 0.2.5.1-alpha. + torrc. Fixes bug 20341; bugfix on 0.2.5.1-alpha. diff --git a/changes/bug20913 b/changes/bug20913 new file mode 100644 index 0000000000..df7f106759 --- /dev/null +++ b/changes/bug20913 @@ -0,0 +1,9 @@ + o Minor bugfixes (fallbacks): + - Make sure fallback directory mirrors have the same address, port, and + relay identity key for at least 30 days before they are selected. + Fixes bug 20913; bugfix on 0.2.8.1-alpha. + - Decrease the guard flag average required to be a fallback. This allows + us to keep relays that have their guard flag removed when they restart. + Fixes bug 20913; bugfix on 0.2.8.1-alpha. + - Decrease the minimum number of fallbacks to 100. + Fixes bug 20913; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug21121 b/changes/bug21121 new file mode 100644 index 0000000000..96b973028e --- /dev/null +++ b/changes/bug21121 @@ -0,0 +1,3 @@ + o Minor features (fallback directories): + - Update the fallback directory mirror whitelist and blacklist based on + operator emails. Closes task 21121. diff --git a/changes/bug21155 b/changes/bug21155 index f2a34dbd0f..67e4a64d14 100644 --- a/changes/bug21155 +++ b/changes/bug21155 @@ -1,5 +1,5 @@ - o Minor bugfixes (hidden service, logging): + o Minor features (hidden service, logging): - Warn user if multiple entries in EntryNodes and at least one HiddenService are used together. Pinning EntryNodes along with an hidden service can be possibly harmful for instance see ticket 14917 or 21155. - Closes bug 21155. + Closes ticket 21155. diff --git a/changes/bug21293 b/changes/bug21293 index 23a7547951..37e0c8c28c 100644 --- a/changes/bug21293 +++ b/changes/bug21293 @@ -2,4 +2,4 @@ - Downgrade a log statement from bug to protocol warning because there is at least one use case where it can be triggered by a buggy tor implementation on the Internet for instance. Fixes bug 21293; bugfix on - tor-0.1.1.14-alpha. + 0.1.1.14-alpha. diff --git a/changes/bug21329 b/changes/bug21329 index 60b936393e..c31586e25d 100644 --- a/changes/bug21329 +++ b/changes/bug21329 @@ -1,3 +1,3 @@ o Minor bugfixes (controller): - GETINFO onions/current and onions/detached no longer 551 on empty lists - Fixes bug 21329 + Fixes bug 21329; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug21406 b/changes/bug21406 new file mode 100644 index 0000000000..170e631d79 --- /dev/null +++ b/changes/bug21406 @@ -0,0 +1,5 @@ + o Minor bugfixes (code correctness): + - Accurately identify client connections using their lack of peer + authentication. This means that we bail out earlier if asked to extend + to a client. Follow-up to 21407. + Fixes bug 21406; bugfix on 0.2.4.23. diff --git a/changes/bug21586 b/changes/bug21586 index 200d55a8e8..29701d94c6 100644 --- a/changes/bug21586 +++ b/changes/bug21586 @@ -1,4 +1,4 @@ o Minor bugfix (directory authority): - Prevent the shared randomness subsystem from asserting when initialized by a bridge authority with an incomplete configuration file. Fixes bug - #21856; bugfix on 0.2.9.8. + 21586; bugfix on 0.2.9.8. diff --git a/changes/bug21641 b/changes/bug21641 index 96fdf5fe22..b04e52c230 100644 --- a/changes/bug21641 +++ b/changes/bug21641 @@ -1,5 +1,5 @@ o Minor feature (defaults, directory): - Onion key rotation and expiry intervals are now defined as a network - consensus parameter as per proposal #274. The default lifetime of an + consensus parameter as per proposal 274. The default lifetime of an onion key is bumped from 7 to 28 days. Old onion keys will expire after 7 - days by default. Fixes bug #21641. + days by default. Closes ticket 21641. diff --git a/changes/bug21654 b/changes/bug21654 index fd1c650710..c3badd2bbf 100644 --- a/changes/bug21654 +++ b/changes/bug21654 @@ -1,4 +1,4 @@ - o Code simplifications and refactoring + o Minor bugfixes (testing): - Use unbuffered I/O for utility functions around the process_handle_t type. This fixes unit test failures reported on OpenBSD and FreeBSD. - Fixes bug 21654. + Fixes bug 21654; bugfix on 0.2.3.1-alpha. diff --git a/changes/bug21715 b/changes/bug21715 index ad9d8bfdaf..54ad1ad246 100644 --- a/changes/bug21715 +++ b/changes/bug21715 @@ -1,5 +1,5 @@ - o Documentation (man page): + o Minor bugfixes (documentation): - Default of NumEntryGuards is 1 if the consensus parameter guard-n-primary-guards-to-use isn't set. Default of NumDirectoryGuards is 3 if the consensus parameter guard-n-primary-dir-guards-to-use isn't - set. Fixes bug 21715. + set. Fixes bug 21715; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug21788 b/changes/bug21788 index 48deec2bb7..ad8365f5dc 100644 --- a/changes/bug21788 +++ b/changes/bug21788 @@ -1,3 +1,3 @@ - o Minor bugfixes: + o Minor bugfixes (memory leak): - Fix a small memory leak at exit from the backtrace handler code. Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto. diff --git a/changes/bug22042 b/changes/bug22042 new file mode 100644 index 0000000000..dccf83da8e --- /dev/null +++ b/changes/bug22042 @@ -0,0 +1,7 @@ + o Minor bugfixes (control, hidden service client): + - Trigger HS descriptor events on the control port when the client is + unable to pick a suitable hidden service directory. This can happen if + they are all in the ExcludeNodes list or they all have been queried + inside the allowed 15 minutes. Fixes bug 22042; bugfix on + 0.2.5.2-alpha. + diff --git a/changes/bug22060 b/changes/bug22060 new file mode 100644 index 0000000000..db373dde23 --- /dev/null +++ b/changes/bug22060 @@ -0,0 +1,28 @@ + o Removed features (configuration options, all in ticket 22060): + - AllowInvalidNodes was deprecated in 0.2.9.2-alpha and now has been + removed. It is not possible anymore to use Invalid nodes. + - AllowSingleHopCircuits was deprecated in 0.2.9.2-alpha and now has been + removed. It's not possible anymore to attach streams to single hop exit + circuit. + - AllowSingleHopExits was deprecated in 0.2.9.2-alpha and now has been + removed. Relays no longer advertise that they can be used for single hop + exit proxy. + - ExcludeSingleHopRelays was deprecated in 0.2.9.2-alpha and now has been + removed. Client will always exclude relays that supports single hop + exits meaning relays that still advertise AllowSingleHopExits. + - FastFirstHopPK was deprecated in 0.2.9.2-alpha and now has been removed. + Decision for this feature will always be decided by the consensus. + - CloseHSClientCircuitsImmediatelyOnTimeout was deprecated in + 0.2.9.2-alpha and now has been removed. HS circuits never close on + circuit build timeout, they have a longer timeout period. + - CloseHSServiceRendCircuitsImmediatelyOnTimeout was deprecated in + 0.2.9.2-alpha and now has been removed. HS circuits never close on + circuit build timeout, they have a long timeout period. + - WarnUnsafeSocks was deprecated in 0.2.9.2-alpha and now has been + removed. Tor will now always warn the user if only an IP address is + given instead of an hostname on a SOCKS connection if SafeSocks is 1. + - TLSECGroup was deprecated in 0.2.9.2-alpha and now has been removed. + P256 EC group is always used. + - {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress was deprecated in + 0.2.9.2-alpha and now has been removed. Use the ORPort (and others). + diff --git a/changes/bug22244 b/changes/bug22244 new file mode 100644 index 0000000000..ed5d36b1dd --- /dev/null +++ b/changes/bug22244 @@ -0,0 +1,6 @@ + o Minor bugfixes (exit-side DNS): + - Fix an untriggerable assertion that checked the output of a + libevent DNS error, so that the assertion actually behaves as + expected. Fixes bug 22244; bugfix on 0.2.0.20-rc. Found by Andrey + Karpov using PVS-Studio. + diff --git a/changes/bug22245 b/changes/bug22245 new file mode 100644 index 0000000000..6ae18593ea --- /dev/null +++ b/changes/bug22245 @@ -0,0 +1,5 @@ + o Minor bugfixes (bandwidth accounting): + - Roll over monthly accounting at the configured hour and minute, + rather than always at 00:00. + Fixes bug 22245; bugfix on 0.0.9rc1. + Found by Andrey Karpov with PVS-Studio. diff --git a/changes/bug22246 b/changes/bug22246 new file mode 100644 index 0000000000..dbdf31a433 --- /dev/null +++ b/changes/bug22246 @@ -0,0 +1,6 @@ + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, which + could be used by an attacker to remotely cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. + This security issue is tracked as tracked as + TROVE-2017-002. Fixes bug 22246; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug22252 b/changes/bug22252 new file mode 100644 index 0000000000..42b9d8e095 --- /dev/null +++ b/changes/bug22252 @@ -0,0 +1,3 @@ + o Minor bugfixes (configuration): + - Do not crash when starting with LearnCircuitBuildTimeout 0. + Fixes bug 22252; bugfix on 0.2.9.3-alpha. diff --git a/changes/bug22270 b/changes/bug22270 new file mode 100644 index 0000000000..6b58446402 --- /dev/null +++ b/changes/bug22270 @@ -0,0 +1,4 @@ + o Minor bugfixes (fallback directory mirrors): + - Make the usage example in updateFallbackDirs.py actually work. + (And explain what it does.) + Fixes bug 22270; bugfix on 0.3.0.3-alpha. diff --git a/changes/cleanup22213 b/changes/cleanup22213 new file mode 100644 index 0000000000..d100aeec5c --- /dev/null +++ b/changes/cleanup22213 @@ -0,0 +1,4 @@ + o Code simplification and refactoring: + - Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value. + Resolves ticket 22213. + diff --git a/changes/fast_channel_lookup b/changes/fast_channel_lookup new file mode 100644 index 0000000000..de0f3515c4 --- /dev/null +++ b/changes/fast_channel_lookup @@ -0,0 +1,2 @@ + o Minor features (performance, controller): + - Add an O(1) implementation of channel_find_by_global_id(). diff --git a/changes/feature1922 b/changes/feature1922 new file mode 100644 index 0000000000..e3c059d4a5 --- /dev/null +++ b/changes/feature1922 @@ -0,0 +1,11 @@ + o Minor feature (include on config files): + - Allow the use of %include on configuration files to include settings + from other files or directories. Using %include with a directory will + include all (non-dot) files in that directory in lexically sorted order + (non-recursive), closes ticket 1922. + - Makes SAVECONF command return error when overwriting a torrc + that has includes. Using SAVECONF with the FORCE option will + allow it to overwrite torrc even if includes are used, closes ticket + 1922. + - Adds config-can-saveconf to GETINFO command to tell if SAVECONF + will work without the FORCE option, closes ticket 1922. diff --git a/changes/prop140 b/changes/prop140 new file mode 100644 index 0000000000..661028ce15 --- /dev/null +++ b/changes/prop140 @@ -0,0 +1,10 @@ + o Major features (directory protocol): + - Tor relays and authorities are now able to serve clients an + abbreviated version of the networkstatus consensus document, + containing only the changes since the an older consensus document that + the client holds. Clients now request these documents when + available. When this new protocol is in use by both client and server, + they will use far less bandwidth (up to 94% less) to keep an up-to-date + consensus. Implements proposal 140; closes ticket 13339. Based + on work by by Daniel MartÃ. + diff --git a/changes/refactor_reached_eof b/changes/refactor_reached_eof new file mode 100644 index 0000000000..33ab931b9b --- /dev/null +++ b/changes/refactor_reached_eof @@ -0,0 +1,5 @@ + o Code simplification and refactoring: + + - Break up the 630-line function connection_dir_client_reached_eof() into + a dozen smaller functions. This change should help maintainability and + readability of the client directory code. diff --git a/changes/test21470 b/changes/test21470 index 8bb78dffc9..f3ce4846a6 100644 --- a/changes/test21470 +++ b/changes/test21470 @@ -1,4 +1,4 @@ - o Minor enhancements (unit tests): + o Minor features (unit tests): - Improve version parsing tests: add tests for typical version components, add tests for invalid versions, including numeric range and non-numeric prefixes. diff --git a/changes/ticket21564 b/changes/ticket21564 new file mode 100644 index 0000000000..7e01f41f8f --- /dev/null +++ b/changes/ticket21564 @@ -0,0 +1,6 @@ + o Minor features (fallback directory list): + - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in + December 2016 (of which ~126 were still functional), with a list of + 151 fallbacks (32 new, 119 existing, 58 removed) generated in + May 2017. + Resolves ticket 21564. diff --git a/changes/ticket21953 b/changes/ticket21953 new file mode 100644 index 0000000000..46e1642efd --- /dev/null +++ b/changes/ticket21953 @@ -0,0 +1,6 @@ + o Minor features (security, windows): + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default since + Windows 8, and unavailable before Windows 7, and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. diff --git a/changes/ticket4998 b/changes/ticket4998 new file mode 100644 index 0000000000..b7b5d62478 --- /dev/null +++ b/changes/ticket4998 @@ -0,0 +1,5 @@ + o Minor features (relay, configuration): + - The MyFamily line may now be repeated as many times as desired, for + relays that want to configure large families. Closes ticket 4998; + patch by Daniel Pinto. + diff --git a/configure.ac b/configure.ac index 9f67fe5c94..4c23e47adc 100644 --- a/configure.ac +++ b/configure.ac @@ -813,7 +813,7 @@ dnl ------------------------------------------------------ dnl Where we do we find lzma? AC_ARG_ENABLE(lzma, - AS_HELP_STRING(--enable-lzma, [enable support for the Zstandard compression scheme.]), + AS_HELP_STRING(--enable-lzma, [enable support for the LZMA compression scheme.]), [case "${enableval}" in "yes") lzma=true ;; "no") lzma=false ;; diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 276052c799..5e0a71ca26 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -153,6 +153,13 @@ values. To split one configuration entry into multiple lines, use a single backslash character (\) before the end of the line. Comments can be used in such multiline entries, but they must start at the beginning of a line. +Configuration options can be imported from files or folders using the %include +option with the value being a path. If the path is a file, the options from the +file will be parsed as if they were written where the %include option is. If +the path is a folder, all files on that folder will be parsed following lexical +order. Files starting with a dot are ignored. Files on subfolders are ignored. +The %include option can be used recursively. + By default, an option on the command line overrides an option found in the configuration file, and an option in a configuration file overrides one in the defaults file. @@ -341,14 +348,6 @@ GENERAL OPTIONS Unix domain sockets only: Do not insist that the directory that holds the socket be read-restricted. -[[ControlListenAddress]] **ControlListenAddress** __IP__[:__PORT__]:: - Bind the controller listener to this address. If you specify a port, bind - to this port rather than the one specified in ControlPort. We strongly - recommend that you leave this alone unless you know what you're doing, - since giving attackers access to your control listener is really - dangerous. This directive can be specified multiple - times to bind to multiple addresses/ports. (Default: 127.0.0.1) - [[ControlSocket]] **ControlSocket** __Path__:: Like ControlPort, but listens on a Unix domain socket, rather than a TCP socket. '0' disables ControlSocket (Unix and Unix-like systems only.) @@ -646,18 +645,19 @@ GENERAL OPTIONS (127.0.0.0/8 and ::1). [[OutboundBindAddressOR]] **OutboundBindAddressOR** __IP__:: - Make all outbound non-exit (=relay and other) connections originate from the IP - address specified. This option overrides **OutboundBindAddress** for the same - IP version. This option may be used twice, once with an IPv4 address and once - with an IPv6 address. This setting will be ignored for connections to the - loopback addresses (127.0.0.0/8 and ::1). + Make all outbound non-exit (relay and other) connections + originate from the IP address specified. This option overrides + **OutboundBindAddress** for the same IP version. This option may + be used twice, once with an IPv4 address and once with an IPv6 + address. This setting will be ignored for connections to the loopback + addresses (127.0.0.0/8 and ::1). [[OutboundBindAddressExit]] **OutboundBindAddressExit** __IP__:: - Make all outbound exit connections originate from the IP address specified. This - option overrides **OutboundBindAddress** for the same IP version. This option - may be used twice, once with an IPv4 address and once with an IPv6 address. This - setting will be ignored for connections to the loopback addresses (127.0.0.0/8 - and ::1). + Make all outbound exit connections originate from the IP address + specified. This option overrides **OutboundBindAddress** for the + same IP version. This option may be used twice, once with an IPv4 + address and once with an IPv6 address. This setting will be ignored + for connections to the loopback addresses (127.0.0.0/8 and ::1). [[PidFile]] **PidFile** __FILE__:: On startup, write our PID to FILE. On clean shutdown, remove @@ -668,12 +668,6 @@ GENERAL OPTIONS following the Tor specification. Otherwise, they are logged with severity \'info'. (Default: 0) -[[PredictedPortsRelevanceTime]] **PredictedPortsRelevanceTime** __NUM__:: - Set how long, after the client has made an anonymized connection to a - given port, we will try to make sure that we build circuits to - exits that support that port. The maximum value for this option is 1 - hour. (Default: 1 hour) - [[RunAsDaemon]] **RunAsDaemon** **0**|**1**:: If 1, Tor forks and daemonizes to the background. This option has no effect on Windows; instead you should use the --service command-line option. @@ -772,23 +766,7 @@ CLIENT OPTIONS The following options are useful only for clients (that is, if **SocksPort**, **TransPort**, **DNSPort**, or **NATDPort** is non-zero): -[[AllowInvalidNodes]] **AllowInvalidNodes** **entry**|**exit**|**middle**|**introduction**|**rendezvous**|**...**:: - If some Tor servers are obviously not working right, the directory - authorities can manually mark them as invalid, meaning that it's not - recommended you use them for entry or exit positions in your circuits. You - can opt to use them in some circuit positions, though. The default is - "middle,rendezvous", and other choices are not advised. - -[[ExcludeSingleHopRelays]] **ExcludeSingleHopRelays** **0**|**1**:: - This option controls whether circuits built by Tor will include relays with - the AllowSingleHopExits flag set to true. If ExcludeSingleHopRelays is set - to 0, these relays will be included. Note that these relays might be at - higher risk of being seized or observed, so they are not normally - included. Also note that relatively few clients turn off this option, - so using these relays might make your client stand out. - (Default: 1) - -[[Bridge]] **Bridge** [__transport__] __IP__:__ORPort__ [__fingerprint__] [__key__=__val__...]:: +[[Bridge]] **Bridge** [__transport__] __IP__:__ORPort__ [__fingerprint__]:: When set along with UseBridges, instructs Tor to use the relay at "IP:ORPort" as a "bridge" relaying into the Tor network. If "fingerprint" is provided (using the same format as for DirAuthority), we will verify that @@ -819,13 +797,15 @@ The following options are useful only for clients (that is, if LearnCircuitBuildTimeout is 0, this value is the only value used. (Default: 60 seconds) -[[CircuitIdleTimeout]] **CircuitIdleTimeout** __NUM__:: - If we have kept a clean (never used) circuit around for NUM seconds, then - close it. This way when the Tor client is entirely idle, it can expire all - of its circuits, and then expire its TLS connections. Also, if we end up - making a circuit that is not useful for exiting any of the requests we're - receiving, it won't forever take up a slot in the circuit list. (Default: 1 - hour) +[[CircuitsAvailableTimeout]] **CircuitsAvailableTimeout** __NUM__:: + Tor will attempt to keep at least one open, unused circuit available for + this amount of time. This option governs how long idle circuits are kept + open, as well as the amount of time Tor will keep a circuit open to each + of the recently used ports. This way when the Tor client is entirely + idle, it can expire all of its circuits, and then expire its TLS + connections. Note that the actual timeout value is uniformly randomized + from the specified value to twice that amount. (Default: 30 minutes; + Max: 24 hours) [[CircuitStreamTimeout]] **CircuitStreamTimeout** __NUM__:: If non-zero, this option overrides our internal timeout schedule for how @@ -842,6 +822,22 @@ The following options are useful only for clients (that is, if and fast enough. The current behavior is simply that Tor is a client unless ORPort, ExtORPort, or DirPort are configured.) (Default: 0) +[[ConnectionPadding]] **ConnectionPadding** **0**|**1**|**auto**:: + This option governs Tor's use of padding to defend against some forms of + traffic analysis. If it is set to 'auto', Tor will send padding only + if both the client and the relay support it. If it is set to 0, Tor will + not send any padding cells. If it is set to 1, Tor will still send padding + for client connections regardless of relay support. Only clients may set + this option. This option should be offered via the UI to mobile users + for use where bandwidth may be expensive. + (Default: auto) + +[[ReducedConnectionPadding]] **ReducedConnectionPadding** **0**|**1**:: + If set to 1, Tor will not not hold OR connections open for very long, + and will send less padding on these connections. Only clients may set + this option. This option should be offered via the UI to mobile users + for use where bandwidth may be expensive. (Default: 0) + [[ExcludeNodes]] **ExcludeNodes** __node__,__node__,__...__:: A list of identity fingerprints, country codes, and address patterns of nodes to avoid when building a circuit. Country codes are @@ -984,24 +980,6 @@ The following options are useful only for clients (that is, if services can be configured to require authorization using the **HiddenServiceAuthorizeClient** option. -[[CloseHSClientCircuitsImmediatelyOnTimeout]] **CloseHSClientCircuitsImmediatelyOnTimeout** **0**|**1**:: - If 1, Tor will close unfinished hidden service client circuits - which have not moved closer to connecting to their destination - hidden service when their internal state has not changed for the - duration of the current circuit-build timeout. Otherwise, such - circuits will be left open, in the hope that they will finish - connecting to their destination hidden services. In either case, - another set of introduction and rendezvous circuits for the same - destination hidden service will be launched. (Default: 0) - -[[CloseHSServiceRendCircuitsImmediatelyOnTimeout]] **CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**:: - If 1, Tor will close unfinished hidden-service-side rendezvous - circuits after the current circuit-build timeout. Otherwise, such - circuits will be left open, in the hope that they will finish - connecting to their destinations. In either case, another - rendezvous circuit for the same destination client will be - launched. (Default: 0) - [[LongLivedPorts]] **LongLivedPorts** __PORTS__:: A list of ports for services that tend to have long-running connections (e.g. chat and interactive shells). Circuits for streams that use these @@ -1202,16 +1180,6 @@ The following options are useful only for clients (that is, if line is used, and all earlier flags are ignored. No error is issued for conflicting flags. -[[SocksListenAddress]] **SocksListenAddress** __IP__[:__PORT__]:: - Bind to this address to listen for connections from Socks-speaking - applications. (Default: 127.0.0.1) You can also specify a port (e.g. - 192.168.0.1:9100). This directive can be specified multiple times to bind - to multiple addresses/ports. (DEPRECATED: As of 0.2.3.x-alpha, you can - now use multiple SocksPort entries, and provide addresses for SocksPort - entries, so SocksListenAddress no longer has a purpose. For backward - compatibility, SocksListenAddress is only allowed when SocksPort is just - a port number.) - [[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the SocksPort and DNSPort ports. The policies have the same form as exit @@ -1310,12 +1278,6 @@ The following options are useful only for clients (that is, if helps to determine whether an application using Tor is possibly leaking DNS requests. (Default: 0) -[[WarnUnsafeSocks]] **WarnUnsafeSocks** **0**|**1**:: - When this option is enabled, Tor will warn whenever a request is - received that only contains an IP address instead of a hostname. Allowing - applications to do DNS resolves themselves is usually a bad idea and - can leak your location to attackers. (Default: 1) - [[VirtualAddrNetworkIPv4]] **VirtualAddrNetworkIPv4** __Address__/__bits__ + [[VirtualAddrNetworkIPv6]] **VirtualAddrNetworkIPv6** [__Address__]/__bits__:: @@ -1347,18 +1309,6 @@ The following options are useful only for clients (that is, if the node "foo". Disabled by default since attacking websites and exit relays can use it to manipulate your path selection. (Default: 0) -[[FastFirstHopPK]] **FastFirstHopPK** **0**|**1**|**auto**:: - When this option is disabled, Tor uses the public key step for the first - hop of creating circuits. Skipping it is generally safe since we have - already used TLS to authenticate the relay and to establish forward-secure - keys. Turning this option off makes circuit building a little - slower. Setting this option to "auto" takes advice from the authorities - in the latest consensus about whether to use this feature. + - + - Note that Tor will always use the public key step for the first hop if it's - operating as a relay, and it will never use the public key step if it - doesn't yet know the onion key of the first hop. (Default: auto) - [[TransPort]] **TransPort** \['address':]__port__|**auto** [_isolation flags_]:: Open this port to listen for transparent proxy connections. Set this to 0 if you don't want to allow transparent proxy connections. Set the port @@ -1369,17 +1319,7 @@ The following options are useful only for clients (that is, if TransPort requires OS support for transparent proxies, such as BSDs' pf or Linux's IPTables. If you're planning to use Tor as a transparent proxy for a network, you'll want to examine and change VirtualAddrNetwork from the - default setting. You'll also want to set the TransListenAddress option for - the network you'd like to proxy. (Default: 0) - -[[TransListenAddress]] **TransListenAddress** __IP__[:__PORT__]:: - Bind to this address to listen for transparent proxy connections. (Default: - 127.0.0.1). This is useful for exporting a transparent proxy server to an - entire network. (DEPRECATED: As of 0.2.3.x-alpha, you can - now use multiple TransPort entries, and provide addresses for TransPort - entries, so TransListenAddress no longer has a purpose. For backward - compatibility, TransListenAddress is only allowed when TransPort is just - a port number.) + default setting. (Default: 0) [[TransProxyType]] **TransProxyType** **default**|**TPROXY**|**ipfw**|**pf-divert**:: TransProxyType may only be enabled when there is transparent proxy listener @@ -1387,9 +1327,7 @@ The following options are useful only for clients (that is, if + Set this to "TPROXY" if you wish to be able to use the TPROXY Linux module to transparently proxy connections that are configured using the TransPort - option. This setting lets the listener on the TransPort accept connections - for all addresses, even when the TransListenAddress is configured for an - internal address. Detailed information on how to configure the TPROXY + option. Detailed information on how to configure the TPROXY feature can be found in the Linux kernel source tree in the file Documentation/networking/tproxy.txt. + + @@ -1417,13 +1355,6 @@ The following options are useful only for clients (that is, if + This option is only for people who cannot use TransPort. (Default: 0) -[[NATDListenAddress]] **NATDListenAddress** __IP__[:__PORT__]:: - Bind to this address to listen for NATD connections. (DEPRECATED: As of - 0.2.3.x-alpha, you can now use multiple NATDPort entries, and provide - addresses for NATDPort entries, so NATDListenAddress no longer has a - purpose. For backward compatibility, NATDListenAddress is only allowed - when NATDPort is just a port number.) - [[AutomapHostsOnResolve]] **AutomapHostsOnResolve** **0**|**1**:: When this option is enabled, and we get a request to resolve an address that ends with one of the suffixes in **AutomapHostsSuffixes**, we map an @@ -1444,13 +1375,6 @@ The following options are useful only for clients (that is, if addresses/ports. See SocksPort for an explanation of isolation flags. (Default: 0) -[[DNSListenAddress]] **DNSListenAddress** __IP__[:__PORT__]:: - Bind to this address to listen for DNS connections. (DEPRECATED: As of - 0.2.3.x-alpha, you can now use multiple DNSPort entries, and provide - addresses for DNSPort entries, so DNSListenAddress no longer has a - purpose. For backward compatibility, DNSListenAddress is only allowed - when DNSPort is just a port number.) - [[ClientDNSRejectInternalAddresses]] **ClientDNSRejectInternalAddresses** **0**|**1**:: If true, Tor does not believe any anonymously retrieved DNS answer that tells it that an address resolves to an internal address (like 127.0.0.1 or @@ -1480,11 +1404,6 @@ The following options are useful only for clients (that is, if Like WarnPlaintextPorts, but instead of warning about risky port uses, Tor will instead refuse to make the connection. (Default: None) -[[AllowSingleHopCircuits]] **AllowSingleHopCircuits** **0**|**1**:: - When this option is set, the attached Tor controller can use relays - that have the **AllowSingleHopExits** option turned on to build - one-hop Tor connections. (Default: 0) - [[OptimisticData]] **OptimisticData** **0**|**1**|**auto**:: When this option is set, and Tor is using an exit node that supports the feature, it will try optimistically to send data to the exit node @@ -1677,13 +1596,6 @@ is non-zero): Tor client binds to. To bind to a different address, use the *ListenAddress and OutboundBindAddress options. -[[AllowSingleHopExits]] **AllowSingleHopExits** **0**|**1**:: - This option controls whether clients can use this server as a single hop - proxy. If set to 1, clients can use this server as an exit even if it is - the only hop in the circuit. Note that most clients will refuse to use - servers that set this option, since most clients have - ExcludeSingleHopRelays set. (Default: 0) - [[AssumeReachable]] **AssumeReachable** **0**|**1**:: This option is used when bootstrapping a new Tor network. If set to 1, don't do self-reachability testing; just upload your server descriptor @@ -1818,14 +1730,18 @@ is non-zero): If we have more onionskins queued for processing than we can process in this amount of time, reject new ones. (Default: 1750 msec) -[[MyFamily]] **MyFamily** __node__,__node__,__...__:: - Declare that this Tor server is controlled or administered by a group or - organization identical or similar to that of the other servers, defined by - their identity fingerprints. When two servers both declare - that they are in the same \'family', Tor clients will not use them in the - same circuit. (Each server only needs to list the other servers in its - family; it doesn't need to list itself, but it won't hurt.) Do not list - any bridge relay as it would compromise its concealment. + +[[MyFamily]] **MyFamily** __fingerprint__,__fingerprint__,...:: + Declare that this Tor relay is controlled or administered by a group or + organization identical or similar to that of the other relays, defined by + their (possibly $-prefixed) identity fingerprints. + This option can be repeated many times, for + convenience in defining large families: all fingerprints in all MyFamily + lines are merged into one list. + When two relays both declare that they are in the + same \'family', Tor clients will not use them in the same circuit. (Each + relay only needs to list the other servers in its family; it doesn't need to + list itself, but it won't hurt if it does.) Do not list any bridge relay as it would + compromise its concealment. + + When listing a node, it's better to list it by fingerprint than by nickname: fingerprints are more reliable. @@ -1867,15 +1783,6 @@ is non-zero): For obvious reasons, NoAdvertise and NoListen are mutually exclusive, and IPv4Only and IPv6Only are mutually exclusive. -[[ORListenAddress]] **ORListenAddress** __IP__[:__PORT__]:: - Bind to this IP address to listen for connections from Tor clients and - servers. If you specify a port, bind to this port rather than the one - specified in ORPort. (Default: 0.0.0.0) This directive can be specified - multiple times to bind to multiple addresses/ports. + - + - This option is deprecated; you can get the same behavior with ORPort now - that it supports NoAdvertise and explicit addresses. - [[PortForwarding]] **PortForwarding** **0**|**1**:: Attempt to automatically forward the DirPort and ORPort on a NAT router connecting this Tor server to the Internet. If set, Tor will try both @@ -2027,12 +1934,6 @@ is non-zero): [[GeoIPv6File]] **GeoIPv6File** __filename__:: A filename containing IPv6 GeoIP data, for use with by-country statistics. -[[TLSECGroup]] **TLSECGroup** **P224**|**P256**:: - What EC group should we try to use for incoming TLS connections? - P224 is faster, but makes us stand out more. Has no effect if - we're a client, or if our OpenSSL version lacks support for ECDHE. - (Default: P256) - [[CellStatistics]] **CellStatistics** **0**|**1**:: Relays only. When this option is enabled, Tor collects statistics about cell @@ -2043,6 +1944,14 @@ is non-zero): If ExtraInfoStatistics is enabled, it will published as part of extra-info document. (Default: 0) +[[PaddingStatistics]] **PaddingStatistics** **0**|**1**:: + Relays only. + When this option is enabled, Tor collects statistics for padding cells + sent and received by this relay, in addition to total cell counts. + These statistics are rounded, and omitted if traffic is low. This + information is important for load balancing decisions related to padding. + (Default: 1) + [[DirReqStatistics]] **DirReqStatistics** **0**|**1**:: Relays and bridges only. When this option is enabled, a Tor directory writes statistics on the @@ -2151,15 +2060,6 @@ details.) + The same flags are supported here as are supported by ORPort. -[[DirListenAddress]] **DirListenAddress** __IP__[:__PORT__]:: - Bind the directory service to this address. If you specify a port, bind to - this port rather than the one specified in DirPort. (Default: 0.0.0.0) - This directive can be specified multiple times to bind to multiple - addresses/ports. + - + - This option is deprecated; you can get the same behavior with DirPort now - that it supports NoAdvertise and explicit addresses. - [[DirPolicy]] **DirPolicy** __policy__,__policy__,__...__:: Set an entrance policy for this server, to limit who can connect to the directory ports. The policies have the same form as exit policies above, diff --git a/doc/torrc_format.txt b/doc/torrc_format.txt index 7a809901d9..b175b9fb15 100644 --- a/doc/torrc_format.txt +++ b/doc/torrc_format.txt @@ -175,7 +175,7 @@ and\ friends # Backslashes in the middle of a line are included as-is. The key of -# this one is "Too" and the value is "Many\\Backsl\ashes here" (with +# this one is "Too" and the value is "Many\\Backsl\ashes \here" (with # backslashes in that last string as-is) Too \ Many\\\ @@ -185,7 +185,7 @@ here # And here's the really yucky part. If a comment appears in a multi-line # entry, the entry is still able to continue on the next line, as in the # following, where the key is "This" and the value is -# "entry and some are silly" +# "entry and some are silly" This entry \ # has comments \ and some \ diff --git a/scripts/maint/fallback.blacklist b/scripts/maint/fallback.blacklist index 974b304729..1417a13a98 100644 --- a/scripts/maint/fallback.blacklist +++ b/scripts/maint/fallback.blacklist @@ -252,3 +252,23 @@ id=9C8A123081EFBE022EF795630F447839DDFDDDEC # Email sent directly to teor, verified using relay contact info 163.172.35.245:80 orport=443 id=B771AA877687F88E6F1CA5354756DF6C8A7B6B24 + +# Email sent directly to teor, verified using relay contact info +104.243.35.196:9030 orport=9001 id=FA3415659444AE006E7E9E5375E82F29700CFDFD + +# Relay changed IPv4 address, operator uncontactable +138.201.130.32:9030 orport=9001 id=52AEA31188331F421B2EDB494DB65CD181E5B257 + +# Emails sent directly to teor, verified using relay contact info +217.12.199.208:80 orport=443 id=DF3AED4322B1824BF5539AE54B2D1B38E080FF05 ipv6=[2a02:27a8:0:2::7e]:443 + +# Emails sent directly to teor, verified using relay contact info +195.154.75.84:9030 orport=9001 id=F80FDE27EFCB3F6A7B4E2CC517133DBFFA78BA2D +195.154.127.246:9030 orport=9001 id=4FEE77AFFD157BBCF2D896AE417FBF647860466C + +# Email sent directly to teor, verified using relay contact info +5.35.251.247:9030 orport=9001 id=9B1F5187DFBA89DC24B37EA7BF896C12B43A27AE + +#​https://lists.torproject.org/pipermail/tor-relays/2017-May/012281.html +62.210.124.124:9030 orport=9001 id=86E78DD3720C78DA8673182EF96C54B162CD660C ipv6=[2001:bc8:3f23:100::1]:9001 +62.210.124.124:9130 orport=9101 id=2EBD117806EE43C3CC885A8F1E4DC60F207E7D3E ipv6=[2001:bc8:3f23:100::1]:9101 diff --git a/scripts/maint/fallback.whitelist b/scripts/maint/fallback.whitelist index c993be97d3..0620d6b5fe 100644 --- a/scripts/maint/fallback.whitelist +++ b/scripts/maint/fallback.whitelist @@ -37,8 +37,6 @@ # https://lists.torproject.org/pipermail/tor-relays/2015-December/008370.html # https://lists.torproject.org/pipermail/tor-relays/2016-January/008517.html # https://lists.torproject.org/pipermail/tor-relays/2016-January/008555.html -62.210.124.124:9030 orport=9001 id=86E78DD3720C78DA8673182EF96C54B162CD660C ipv6=[2001:bc8:3f23:100::1]:9001 -62.210.124.124:9130 orport=9101 id=2EBD117806EE43C3CC885A8F1E4DC60F207E7D3E ipv6=[2001:bc8:3f23:100::1]:9101 212.47.237.95:9030 orport=9001 id=3F5D8A879C58961BB45A3D26AC41B543B40236D6 212.47.237.95:9130 orport=9101 id=6FB38EB22E57EF7ED5EF00238F6A48E553735D88 @@ -49,15 +47,13 @@ # https://lists.torproject.org/pipermail/tor-relays/2015-December/008373.html 167.114.35.28:9030 orport=9001 id=E65D300F11E1DB12C534B0146BDAB6972F1A8A48 -# https://lists.torproject.org/pipermail/tor-relays/2015-December/008374.html -104.243.35.196:9030 orport=9001 id=FA3415659444AE006E7E9E5375E82F29700CFDFD - # https://lists.torproject.org/pipermail/tor-relays/2015-December/008378.html 144.76.14.145:110 orport=143 id=14419131033443AE6E21DA82B0D307F7CAE42BDB ipv6=[2a01:4f8:190:9490::dead]:443 # https://lists.torproject.org/pipermail/tor-relays/2015-December/008379.html # Email sent directly to teor, verified using relay contact info 91.121.84.137:4951 orport=4051 id=6DE61A6F72C1E5418A66BFED80DFB63E4C77668F ipv6=[2001:41d0:1:8989::1]:4051 +91.121.84.137:4952 orport=4052 id=9FBEB75E8BC142565F12CBBE078D63310236A334 ipv6=[2001:41d0:1:8989::1]:4052 # https://lists.torproject.org/pipermail/tor-relays/2015-December/008381.html # Sent additional email to teor with more relays @@ -95,9 +91,6 @@ # https://lists.torproject.org/pipermail/tor-relays/2016-January/008542.html 178.62.199.226:80 orport=443 id=CBEFF7BA4A4062045133C053F2D70524D8BBE5BE ipv6=[2a03:b0c0:2:d0::b7:5001]:443 -# Emails sent directly to teor, verified using relay contact info -217.12.199.208:80 orport=443 id=DF3AED4322B1824BF5539AE54B2D1B38E080FF05 ipv6=[2a02:27a8:0:2::7e]:443 - # Email sent directly to teor, verified using relay contact info 94.23.204.175:9030 orport=9001 id=5665A3904C89E22E971305EE8C1997BCA4123C69 @@ -330,9 +323,6 @@ 37.187.102.186:9030 orport=9001 id=489D94333DF66D57FFE34D9D59CC2D97E2CB0053 ipv6=[2001:41d0:a:26ba::1]:9001 # Email sent directly to teor, verified using relay contact info -5.35.251.247:9030 orport=9001 id=9B1F5187DFBA89DC24B37EA7BF896C12B43A27AE - -# Email sent directly to teor, verified using relay contact info 198.96.155.3:8080 orport=5001 id=BCEDF6C193AA687AE471B8A22EBF6BC57C2D285E # Email sent directly to teor, verified using relay contact info @@ -427,12 +417,10 @@ 46.4.24.161:9030 orport=9001 id=DB4C76A3AD7E234DA0F00D6F1405D8AFDF4D8DED 46.4.24.161:9031 orport=9002 id=7460F3D12EBE861E4EE073F6233047AACFE46AB4 46.38.51.132:9030 orport=9001 id=810DEFA7E90B6C6C383C063028EC397A71D7214A -163.172.194.53:9030 orport=9001 id=8C00FA7369A7A308F6A137600F0FA07990D9D451 +163.172.194.53:9030 orport=9001 id=8C00FA7369A7A308F6A137600F0FA07990D9D451 ipv6=[2001:bc8:225f:142:6c69:7461:7669:73]:9001 # Email sent directly to teor, verified using relay contact info 176.10.107.180:9030 orport=9001 id=3D7E274A87D9A89AF064C13D1EE4CA1F184F2600 -195.154.75.84:9030 orport=9001 id=F80FDE27EFCB3F6A7B4E2CC517133DBFFA78BA2D -195.154.127.246:9030 orport=9001 id=4FEE77AFFD157BBCF2D896AE417FBF647860466C # Email sent directly to teor, verified using relay contact info 46.28.207.19:80 orport=443 id=5B92FA5C8A49D46D235735504C72DBB3472BA321 @@ -471,7 +459,7 @@ 185.35.202.221:9030 orport=9001 id=C13B91384CDD52A871E3ECECE4EF74A7AC7DCB08 ipv6=[2a02:ed06::221]:9001 # Email sent directly to teor, verified using relay contact info -5.9.151.241:9030 orport=4223 id=9BF04559224F0F1C3C953D641F1744AF0192543A +5.9.151.241:9030 orport=4223 id=9BF04559224F0F1C3C953D641F1744AF0192543A ipv6=[2a01:4f8:190:34f0::2]:4223 # Email sent directly to teor, verified using relay contact info 89.40.71.149:8081 orport=8080 id=EC639EDAA5121B47DBDF3D6B01A22E48A8CB6CC7 @@ -574,6 +562,7 @@ # Email sent directly to teor, verified using relay contact info 185.100.86.100:80 orport=443 id=0E8C0C8315B66DB5F703804B3889A1DD66C67CE0 +185.100.84.82:80 orport=443 id=7D05A38E39FC5D29AFE6BE487B9B4DC9E635D09E # Email sent directly to teor, verified using relay contact info 164.132.77.175:9030 orport=9001 id=3B33F6FCA645AD4E91428A3AF7DC736AD9FB727B @@ -643,9 +632,6 @@ 46.4.111.124:9030 orport=9001 id=D9065F9E57899B3D272AA212317AF61A9B14D204 # Email sent directly to teor, verified using relay contact info -138.201.130.32:9030 orport=9001 id=52AEA31188331F421B2EDB494DB65CD181E5B257 - -# Email sent directly to teor, verified using relay contact info 185.100.85.61:80 orport=443 id=025B66CEBC070FCB0519D206CF0CF4965C20C96E # Email sent directly to teor, verified using relay contact info @@ -828,3 +814,16 @@ # Email sent directly to teor, verified using relay contact info 95.85.8.226:80 orport=443 id=1211AC1BBB8A1AF7CBA86BCE8689AA3146B86423 + +# Email sent directly to teor, verified using relay contact info +85.214.151.72:9030 orport=9001 id=722D365140C8C52DBB3C9FF6986E3CEFFE2BA812 + +# Email sent directly to teor, verified using relay contact info +72.52.75.27:9030 orport=9001 id=1220F0F20E80D348244C5F3B6D126DAA0A446DFD + +# Email sent directly to teor, verified using relay contact info +5.9.146.203:80 orport=443 id=1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11 +5.9.159.14:9030 orport=9001 id=0F100F60C7A63BED90216052324D29B08CFCF797 + +# Email sent directly to teor, verified using relay contact info +5.9.147.226:9030 orport=9001 id=B0553175AADB0501E5A61FC61CEA3970BE130FF2 diff --git a/scripts/maint/updateFallbackDirs.py b/scripts/maint/updateFallbackDirs.py index 117ac5cccb..82a60420b4 100755 --- a/scripts/maint/updateFallbackDirs.py +++ b/scripts/maint/updateFallbackDirs.py @@ -1,8 +1,13 @@ #!/usr/bin/python # Usage: +# +# Regenerate the list: # scripts/maint/updateFallbackDirs.py > src/or/fallback_dirs.inc -# scripts/maint/updateFallbackDirs.py check_existing > src/or/fallback_dirs.inc +# +# Check the existing list: +# scripts/maint/updateFallbackDirs.py check_existing > fallback_dirs.inc.ok +# mv fallback_dirs.inc.ok src/or/fallback_dirs.inc # # This script should be run from a stable, reliable network connection, # with no other network activity (and not over tor). @@ -154,20 +159,24 @@ MAX_LIST_FILE_SIZE = 1024 * 1024 ## Eligibility Settings # Require fallbacks to have the same address and port for a set amount of time +# We used to have this at 1 week, but that caused many fallback failures, which +# meant that we had to rebuild the list more often. # # There was a bug in Tor 0.2.8.1-alpha and earlier where a relay temporarily # submits a 0 DirPort when restarted. # This causes OnionOO to (correctly) reset its stability timer. # Affected relays should upgrade to Tor 0.2.8.7 or later, which has a fix # for this issue. -ADDRESS_AND_PORT_STABLE_DAYS = 7 +ADDRESS_AND_PORT_STABLE_DAYS = 30 # We ignore relays that have been down for more than this period MAX_DOWNTIME_DAYS = 0 if MUST_BE_RUNNING_NOW else 7 # What time-weighted-fraction of these flags must FallbackDirs # Equal or Exceed? CUTOFF_RUNNING = .90 CUTOFF_V2DIR = .90 -CUTOFF_GUARD = .90 +# Tolerate lower guard flag averages, as guard flags are removed for some time +# after a relay restarts +CUTOFF_GUARD = .80 # What time-weighted-fraction of these flags must FallbackDirs # Equal or Fall Under? # .00 means no bad exits @@ -189,7 +198,7 @@ FALLBACK_PROPORTION_OF_GUARDS = None if OUTPUT_CANDIDATES else _FB_POG # Limit the number of fallbacks (eliminating lowest by advertised bandwidth) MAX_FALLBACK_COUNT = None if OUTPUT_CANDIDATES else 200 # Emit a C #error if the number of fallbacks is less than expected -MIN_FALLBACK_COUNT = 0 if OUTPUT_CANDIDATES else MAX_FALLBACK_COUNT*0.75 +MIN_FALLBACK_COUNT = 0 if OUTPUT_CANDIDATES else MAX_FALLBACK_COUNT*0.5 # The maximum number of fallbacks on the same address, contact, or family # With 200 fallbacks, this means each operator can see 1% of client bootstraps diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c index 1146d02168..31eb4ac496 100644 --- a/src/common/compat_libevent.c +++ b/src/common/compat_libevent.c @@ -280,6 +280,15 @@ tor_gettimeofday_cache_set(const struct timeval *tv) tor_assert(tv); memcpy(&cached_time_hires, tv, sizeof(*tv)); } + +/** For testing: called post-fork to make libevent reinitialize + * kernel structures. */ +void +tor_libevent_postfork(void) +{ + int r = event_reinit(tor_libevent_get_base()); + tor_assert(r == 0); +} #endif #endif diff --git a/src/common/compat_libevent.h b/src/common/compat_libevent.h index 96c48d53a1..904938415c 100644 --- a/src/common/compat_libevent.h +++ b/src/common/compat_libevent.h @@ -54,6 +54,7 @@ void tor_gettimeofday_cached(struct timeval *tv); void tor_gettimeofday_cache_clear(void); #ifdef TOR_UNIT_TESTS void tor_gettimeofday_cache_set(const struct timeval *tv); +void tor_libevent_postfork(void); #endif #ifdef COMPAT_LIBEVENT_PRIVATE diff --git a/src/common/compress.c b/src/common/compress.c index 8502dee25c..6513029f9c 100644 --- a/src/common/compress.c +++ b/src/common/compress.c @@ -24,6 +24,7 @@ #include "torlog.h" #include "compress.h" #include "compress_lzma.h" +#include "compress_none.h" #include "compress_zlib.h" #include "compress_zstd.h" @@ -67,8 +68,12 @@ guess_compress_size(int compress, compress_method_t method, size_t in_len) { // ignore these for now. - (void)method; (void)compression_level; + if (method == NO_METHOD) { + /* Guess that we'll need an extra byte, to avoid a needless realloc + * for nul-termination */ + return (in_len < SIZE_MAX) ? in_len + 1 : in_len; + } /* Always guess a factor of 2. */ if (compress) { @@ -255,8 +260,8 @@ detect_compression_method(const char *in, size_t in_len) } else if (in_len > 2 && (in[0] & 0x0f) == 8 && (ntohs(get_uint16(in)) % 31) == 0) { return ZLIB_METHOD; - } else if (in_len > 3 && - fast_memeq(in, "\x5d\x00\x00\x00", 4)) { + } else if (in_len > 2 && + fast_memeq(in, "\x5d\x00\x00", 3)) { return LZMA_METHOD; } else if (in_len > 3 && fast_memeq(in, "\x28\xb5\x2f\xfd", 4)) { @@ -279,6 +284,7 @@ tor_compress_supports_method(compress_method_t method) case ZSTD_METHOD: return tor_zstd_method_supported(); case NO_METHOD: + return 1; case UNKNOWN_METHOD: default: return 0; @@ -313,7 +319,9 @@ static const struct { } compression_method_names[] = { { "gzip", GZIP_METHOD }, { "deflate", ZLIB_METHOD }, - { "x-lzma", LZMA_METHOD }, + // We call this "x-tor-lzma" rather than "x-lzma", because we impose a + // lower maximum memory usage on the decoding side. + { "x-tor-lzma", LZMA_METHOD }, { "x-zstd" , ZSTD_METHOD }, { "identity", NO_METHOD }, @@ -335,6 +343,32 @@ compression_method_get_name(compress_method_t method) return NULL; } +/** Table of compression human readable method names. */ +static const struct { + compress_method_t method; + const char *name; +} compression_method_human_names[] = { + { NO_METHOD, "uncompressed" }, + { GZIP_METHOD, "gzipped" }, + { ZLIB_METHOD, "deflated" }, + { LZMA_METHOD, "LZMA compressed" }, + { ZSTD_METHOD, "Zstandard compressed" }, + { UNKNOWN_METHOD, "unknown encoding" }, +}; + +/** Return a human readable string representation of the compression method + * <b>method</b>, or NULL if the method isn't recognized. */ +const char * +compression_method_get_human_name(compress_method_t method) +{ + unsigned i; + for (i = 0; i < ARRAY_LENGTH(compression_method_human_names); ++i) { + if (method == compression_method_human_names[i].method) + return compression_method_human_names[i].name; + } + return NULL; +} + /** Return the compression method represented by the string <b>name</b>, or * UNKNOWN_METHOD if the string isn't recognized. */ compress_method_t @@ -456,7 +490,9 @@ tor_compress_new(int compress, compress_method_t method, state->u.zstd_state = zstd_state; break; } - case NO_METHOD: + case NO_METHOD: { + break; + } case UNKNOWN_METHOD: goto err; } @@ -504,6 +540,8 @@ tor_compress_process(tor_compress_state_t *state, out, out_len, in, in_len, finish); case NO_METHOD: + return tor_cnone_compress_process(out, out_len, in, in_len, + finish); case UNKNOWN_METHOD: goto err; } @@ -531,6 +569,7 @@ tor_compress_free(tor_compress_state_t *state) tor_zstd_compress_free(state->u.zstd_state); break; case NO_METHOD: + break; case UNKNOWN_METHOD: break; } diff --git a/src/common/compress.h b/src/common/compress.h index 5b47c5d458..7c0dc14061 100644 --- a/src/common/compress.h +++ b/src/common/compress.h @@ -50,6 +50,7 @@ int tor_compress_is_compression_bomb(size_t size_in, size_t size_out); int tor_compress_supports_method(compress_method_t method); unsigned tor_compress_get_supported_method_bitmask(void); const char * compression_method_get_name(compress_method_t method); +const char *compression_method_get_human_name(compress_method_t method); compress_method_t compression_method_get_by_name(const char *name); const char *tor_compress_version_str(compress_method_t method); diff --git a/src/common/compress_lzma.c b/src/common/compress_lzma.c index b721bae8aa..b5393a6ba6 100644 --- a/src/common/compress_lzma.c +++ b/src/common/compress_lzma.c @@ -22,6 +22,9 @@ #include <lzma.h> #endif +/** The maximum amount of memory we allow the LZMA decoder to use, in bytes. */ +#define MEMORY_LIMIT (16 * 1024 * 1024) + /** Total number of bytes allocated for LZMA state. */ static atomic_counter_t total_lzma_allocation; @@ -33,9 +36,9 @@ memory_level(compression_level_t level) switch (level) { default: case BEST_COMPRESSION: - case HIGH_COMPRESSION: return 9; - case MEDIUM_COMPRESSION: return 6; - case LOW_COMPRESSION: return 3; + case HIGH_COMPRESSION: return 6; + case MEDIUM_COMPRESSION: return 4; + case LOW_COMPRESSION: return 2; } } @@ -191,9 +194,7 @@ tor_lzma_compress_new(int compress, goto err; } } else { - // FIXME(ahf): This should be something more sensible than - // UINT64_MAX: See #21665. - retval = lzma_alone_decoder(&result->stream, UINT64_MAX); + retval = lzma_alone_decoder(&result->stream, MEMORY_LIMIT); if (retval != LZMA_OK) { log_warn(LD_GENERAL, "Error from LZMA decoder: %s (%u).", diff --git a/src/common/compress_none.c b/src/common/compress_none.c new file mode 100644 index 0000000000..b76e6010ec --- /dev/null +++ b/src/common/compress_none.c @@ -0,0 +1,53 @@ +/* Copyright (c) 2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file compress_lzma.c + * \brief Compression backend for identity compression. + * + * We actually define this backend so that we can treat the identity transform + * as another case of compression. + * + * This module should never be invoked directly. Use the compress module + * instead. + **/ + +#include "orconfig.h" + +#include "util.h" +#include "torlog.h" +#include "compress.h" +#include "compress_none.h" + +/** Transfer some bytes using the identity transformation. Read up to + * *<b>in_len</b> bytes from *<b>in</b>, and write up to *<b>out_len</b> bytes + * to *<b>out</b>, adjusting the values as we go. If <b>finish</b> is true, + * we've reached the end of the input. + * + * Return TOR_COMPRESS_DONE if we've finished the entire + * compression/decompression. + * Return TOR_COMPRESS_OK if we're processed everything from the input. + * Return TOR_COMPRESS_BUFFER_FULL if we're out of space on <b>out</b>. + * Return TOR_COMPRESS_ERROR if the stream is corrupt. + */ +tor_compress_output_t +tor_cnone_compress_process(char **out, size_t *out_len, + const char **in, size_t *in_len, + int finish) +{ + size_t n_to_copy = MIN(*in_len, *out_len); + + memcpy(*out, *in, n_to_copy); + *out += n_to_copy; + *in += n_to_copy; + *out_len -= n_to_copy; + *in_len -= n_to_copy; + if (*in_len == 0) { + return finish ? TOR_COMPRESS_DONE : TOR_COMPRESS_OK; + } else { + return TOR_COMPRESS_BUFFER_FULL; + } +} + diff --git a/src/common/compress_none.h b/src/common/compress_none.h new file mode 100644 index 0000000000..d1ebb4b625 --- /dev/null +++ b/src/common/compress_none.h @@ -0,0 +1,20 @@ +/* Copyright (c) 2003, Roger Dingledine + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file compress_none.h + * \brief Header for compress_none.c + **/ + +#ifndef TOR_COMPRESS_NONE_H +#define TOR_COMPRESS_NONE_H + +tor_compress_output_t +tor_cnone_compress_process(char **out, size_t *out_len, + const char **in, size_t *in_len, + int finish); + +#endif // TOR_COMPRESS_NONE_H. + diff --git a/src/common/confline.c b/src/common/confline.c index d4468f80ea..e078b1da04 100644 --- a/src/common/confline.c +++ b/src/common/confline.c @@ -8,6 +8,19 @@ #include "confline.h" #include "torlog.h" #include "util.h" +#include "container.h" + +static int config_get_lines_aux(const char *string, config_line_t **result, + int extended, int allow_include, + int *has_include, int recursion_level, + config_line_t **last); +static smartlist_t *config_get_file_list(const char *path); +static int config_get_included_list(const char *path, int recursion_level, + int extended, config_line_t **list, + config_line_t **list_last); +static int config_process_include(const char *path, int recursion_level, + int extended, config_line_t ***next, + config_line_t **list_last); /** Helper: allocate a new configuration option mapping 'key' to 'val', * append it to *<b>lst</b>. */ @@ -65,19 +78,25 @@ config_line_find(const config_line_t *lines, return NULL; } -/** Helper: parse the config string and strdup into key/value - * strings. Set *result to the list, or NULL if parsing the string - * failed. Return 0 on success, -1 on failure. Warn and ignore any - * misformatted lines. - * - * If <b>extended</b> is set, then treat keys beginning with / and with + as - * indicating "clear" and "append" respectively. */ -int -config_get_lines(const char *string, config_line_t **result, int extended) +/** Auxiliary function that does all the work of config_get_lines. + * <b>recursion_level</b> is the count of how many nested %includes we have. + * Returns the a pointer to the last element of the <b>result</b> in + * <b>last</b>. */ +static int +config_get_lines_aux(const char *string, config_line_t **result, int extended, + int allow_include, int *has_include, int recursion_level, + config_line_t **last) { - config_line_t *list = NULL, **next; + config_line_t *list = NULL, **next, *list_last = NULL; char *k, *v; const char *parse_err; + int include_used = 0; + + if (recursion_level > MAX_INCLUDE_RECURSION_LEVEL) { + log_warn(LD_CONFIG, "Error while parsing configuration: more than %d " + "nested %%includes.", MAX_INCLUDE_RECURSION_LEVEL); + return -1; + } next = &list; do { @@ -108,25 +127,179 @@ config_get_lines(const char *string, config_line_t **result, int extended) command = CONFIG_LINE_CLEAR; } } - /* This list can get long, so we keep a pointer to the end of it - * rather than using config_line_append over and over and getting - * n^2 performance. */ - *next = tor_malloc_zero(sizeof(config_line_t)); - (*next)->key = k; - (*next)->value = v; - (*next)->next = NULL; - (*next)->command = command; - next = &((*next)->next); + + if (allow_include && !strcmp(k, "%include")) { + tor_free(k); + include_used = 1; + + if (config_process_include(v, recursion_level, extended, &next, + &list_last) < 0) { + log_warn(LD_CONFIG, "Error reading included configuration " + "file or directory: \"%s\".", v); + config_free_lines(list); + tor_free(v); + return -1; + } + tor_free(v); + } else { + /* This list can get long, so we keep a pointer to the end of it + * rather than using config_line_append over and over and getting + * n^2 performance. */ + *next = tor_malloc_zero(sizeof(**next)); + (*next)->key = k; + (*next)->value = v; + (*next)->next = NULL; + (*next)->command = command; + list_last = *next; + next = &((*next)->next); + } } else { tor_free(k); tor_free(v); } } while (*string); + if (last) { + *last = list_last; + } + if (has_include) { + *has_include = include_used; + } *result = list; return 0; } +/** Helper: parse the config string and strdup into key/value + * strings. Set *result to the list, or NULL if parsing the string + * failed. Set *has_include to 1 if <b>result</b> has values from + * %included files. Return 0 on success, -1 on failure. Warn and ignore any + * misformatted lines. + * + * If <b>extended</b> is set, then treat keys beginning with / and with + as + * indicating "clear" and "append" respectively. */ +int +config_get_lines_include(const char *string, config_line_t **result, + int extended, int *has_include) +{ + return config_get_lines_aux(string, result, extended, 1, has_include, 1, + NULL); +} + +/** Same as config_get_lines_include but does not allow %include */ +int +config_get_lines(const char *string, config_line_t **result, int extended) +{ + return config_get_lines_aux(string, result, extended, 0, NULL, 1, NULL); +} + +/** Adds a list of configuration files present on <b>path</b> to + * <b>file_list</b>. <b>path</b> can be a file or a directory. If it is a file, + * only that file will be added to <b>file_list</b>. If it is a directory, + * all paths for files on that directory root (no recursion) except for files + * whose name starts with a dot will be added to <b>file_list</b>. + * Return 0 on success, -1 on failure. Ignores empty files. + */ +static smartlist_t * +config_get_file_list(const char *path) +{ + smartlist_t *file_list = smartlist_new(); + file_status_t file_type = file_status(path); + if (file_type == FN_FILE) { + smartlist_add_strdup(file_list, path); + return file_list; + } else if (file_type == FN_DIR) { + smartlist_t *all_files = tor_listdir(path); + if (!all_files) { + smartlist_free(file_list); + return NULL; + } + smartlist_sort_strings(all_files); + SMARTLIST_FOREACH_BEGIN(all_files, char *, f) { + if (f[0] == '.') { + tor_free(f); + continue; + } + + char *fullname; + tor_asprintf(&fullname, "%s"PATH_SEPARATOR"%s", path, f); + tor_free(f); + + if (file_status(fullname) != FN_FILE) { + tor_free(fullname); + continue; + } + smartlist_add(file_list, fullname); + } SMARTLIST_FOREACH_END(f); + smartlist_free(all_files); + return file_list; + } else if (file_type == FN_EMPTY) { + return file_list; + } else { + smartlist_free(file_list); + return NULL; + } +} + +/** Creates a list of config lines present on included <b>path</b>. + * Set <b>list</b> to the list and <b>list_last</b> to the last element of + * <b>list</b>. Return 0 on success, -1 on failure. */ +static int +config_get_included_list(const char *path, int recursion_level, int extended, + config_line_t **list, config_line_t **list_last) +{ + char *included_conf = read_file_to_str(path, 0, NULL); + if (!included_conf) { + return -1; + } + + if (config_get_lines_aux(included_conf, list, extended, 1, NULL, + recursion_level+1, list_last) < 0) { + tor_free(included_conf); + return -1; + } + + tor_free(included_conf); + return 0; +} + +/** Process an %include <b>path</b> in a config file. Set <b>next</b> to a + * pointer to the next pointer of the last element of the config_line_t list + * obtained from the config file and <b>list_last</b> to the last element of + * the same list. Return 0 on success, -1 on failure. */ +static int +config_process_include(const char *path, int recursion_level, int extended, + config_line_t ***next, config_line_t **list_last) +{ + char *unquoted_path = get_unquoted_path(path); + if (!unquoted_path) { + return -1; + } + + smartlist_t *config_files = config_get_file_list(unquoted_path); + if (!config_files) { + tor_free(unquoted_path); + return -1; + } + tor_free(unquoted_path); + + SMARTLIST_FOREACH_BEGIN(config_files, char *, config_file) { + config_line_t *included_list = NULL; + if (config_get_included_list(config_file, recursion_level, extended, + &included_list, list_last) < 0) { + SMARTLIST_FOREACH(config_files, char *, f, tor_free(f)); + smartlist_free(config_files); + return -1; + } + tor_free(config_file); + + **next = included_list; + *next = &(*list_last)->next; + + } SMARTLIST_FOREACH_END(config_file); + smartlist_free(config_files); + return 0; +} + /** * Free all the configuration lines on the linked list <b>front</b>. */ diff --git a/src/common/confline.h b/src/common/confline.h index 477c6929a2..eb863e8fd8 100644 --- a/src/common/confline.h +++ b/src/common/confline.h @@ -15,6 +15,8 @@ /* Removes all previous configuration for an option. */ #define CONFIG_LINE_CLEAR 2 +#define MAX_INCLUDE_RECURSION_LEVEL 31 + /** A linked list of lines in a config file, or elsewhere */ typedef struct config_line_t { char *key; @@ -41,6 +43,8 @@ const config_line_t *config_line_find(const config_line_t *lines, int config_lines_eq(config_line_t *a, config_line_t *b); int config_count_key(const config_line_t *a, const char *key); int config_get_lines(const char *string, config_line_t **result, int extended); +int config_get_lines_include(const char *string, config_line_t **result, + int extended, int *has_include); void config_free_lines(config_line_t *front); const char *parse_config_line_from_str_verbose(const char *line, char **key_out, char **value_out, diff --git a/src/common/include.am b/src/common/include.am index b37b363b82..1253888815 100644 --- a/src/common/include.am +++ b/src/common/include.am @@ -112,6 +112,7 @@ LIBOR_CRYPTO_A_SRC = \ src/common/aes.c \ src/common/compress.c \ src/common/compress_lzma.c \ + src/common/compress_none.c \ src/common/compress_zlib.c \ src/common/compress_zstd.c \ src/common/crypto.c \ @@ -154,8 +155,9 @@ COMMONHEADERS = \ src/common/compat_rust.h \ src/common/compat_threads.h \ src/common/compat_time.h \ - src/common/compress.h \ + src/common/compress.h \ src/common/compress_lzma.h \ + src/common/compress_none.h \ src/common/compress_zlib.h \ src/common/compress_zstd.h \ src/common/confline.h \ diff --git a/src/common/sandbox.c b/src/common/sandbox.c index ab2de52592..7826b2d40c 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -155,6 +155,7 @@ static int filter_nopar_gen[] = { #ifdef __NR_getgid32 SCMP_SYS(getgid32), #endif + SCMP_SYS(getpid), #ifdef __NR_getrlimit SCMP_SYS(getrlimit), #endif diff --git a/src/common/util.c b/src/common/util.c index ca2a0c4a9c..5c455585e7 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -3045,6 +3045,41 @@ unescape_string(const char *s, char **result, size_t *size_out) } } +/** Removes enclosing quotes from <b>path</b> and unescapes quotes between the + * enclosing quotes. Backslashes are not unescaped. Return the unquoted + * <b>path</b> on sucess or 0 if <b>path</b> is not quoted correctly. */ +char * +get_unquoted_path(const char *path) +{ + int len = strlen(path); + + if (len == 0) { + return tor_strdup(""); + } + + int has_start_quote = (path[0] == '\"'); + int has_end_quote = (len > 0 && path[len-1] == '\"'); + if (has_start_quote != has_end_quote || (len == 1 && has_start_quote)) { + return NULL; + } + + char *unquoted_path = tor_malloc(len - has_start_quote - has_end_quote + 1); + char *s = unquoted_path; + int i; + for (i = has_start_quote; i < len - has_end_quote; i++) { + if (path[i] == '\"' && (i > 0 && path[i-1] == '\\')) { + *(s-1) = path[i]; + } else if (path[i] != '\"') { + *s++ = path[i]; + } else { /* unescaped quote */ + tor_free(unquoted_path); + return NULL; + } + } + *s = '\0'; + return unquoted_path; +} + /** Expand any homedir prefix on <b>filename</b>; return a newly allocated * string. */ char * diff --git a/src/common/util.h b/src/common/util.h index 18eb57f1bc..d56abcee2e 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -389,6 +389,7 @@ char *read_file_to_str_until_eof(int fd, size_t max_bytes_to_read, size_t *sz_out) ATTR_MALLOC; const char *unescape_string(const char *s, char **result, size_t *size_out); +char *get_unquoted_path(const char *path); char *expand_filename(const char *filename); MOCK_DECL(struct smartlist_t *, tor_listdir, (const char *dirname)); int path_is_relative(const char *filename); diff --git a/src/common/util_format.h b/src/common/util_format.h index adf48c0077..4af8832bbe 100644 --- a/src/common/util_format.h +++ b/src/common/util_format.h @@ -23,11 +23,11 @@ #define BASE32_BUFSIZE(n) (BASE32_LEN(n) + 1) #define BASE16_BUFSIZE(n) (BASE16_LEN(n) + 1) -#define BASE64_NOPAD_LEN(n) (CEIL_DIV((n) * 4, 3) -#define BASE32_NOPAD_LEN(n) (CEIL_DIV((n) * 8, 5) +#define BASE64_NOPAD_LEN(n) (CEIL_DIV((n) * 4, 3)) +#define BASE32_NOPAD_LEN(n) (CEIL_DIV((n) * 8, 5)) -#define BASE64_NOPAD_BUFSIZE(n) (BASE64_NOPAD_LEN(n) + 1)) -#define BASE32_NOPAD_BUFSIZE(n) (BASE32_NOPAD_LEN(n) + 1)) +#define BASE64_NOPAD_BUFSIZE(n) (BASE64_NOPAD_LEN(n) + 1) +#define BASE32_NOPAD_BUFSIZE(n) (BASE32_NOPAD_LEN(n) + 1) /** @} */ #define BASE64_ENCODE_MULTILINE 1 diff --git a/src/config/geoip b/src/config/geoip index 4be9acd55a..02a4b31630 100644 --- a/src/config/geoip +++ b/src/config/geoip @@ -1,4 +1,4 @@ -# Last updated based on April 4 2017 Maxmind GeoLite2 Country +# Last updated based on May 2 2017 Maxmind GeoLite2 Country # wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz # gunzip GeoLite2-Country.mmdb.gz # python mmdb-convert.py GeoLite2-Country.mmdb @@ -311,7 +311,9 @@ 85395456,85395711,TR 85395968,85396223,LU 85396480,85397503,ES +85398016,85398047,NO 85398528,85399039,SA +85399040,85399047,CH 85399552,85400063,FR 85400576,85400583,ES 85401600,85403647,IT @@ -332,8 +334,7 @@ 85733376,85737471,GB 85737472,85753855,DE 85753856,85770239,IL -85770240,85778431,ES -85778432,85786623,DE +85770240,85786623,IR 85786624,85852159,IL 85852160,86015999,AE 86016000,86018047,BG @@ -836,7 +837,9 @@ 87762432,87762943,UA 87762944,87763967,KZ 87763968,87766527,RU -87766528,87818239,CZ +87766528,87769087,CZ +87769088,87777279,ES +87777280,87818239,CZ 87818240,87883775,PL 87883776,87885823,IT 87885824,87889919,RU @@ -865,13 +868,393 @@ 87957504,87957759,ES 87957760,87958527,GB 87958528,87959039,CZ -87959040,87959551,NL +87959040,87959539,NL +87959540,87959547,BE +87959548,87959551,NL 87959552,87960063,DE 87960064,87960575,GB 87960576,87962111,US 87962112,87962623,GB 87962624,87963647,CZ -87963648,87965695,GB +87963648,87963651,US +87963652,87963655,AS +87963656,87963659,AI +87963660,87963663,AG +87963664,87963667,AR +87963668,87963671,AW +87963672,87963675,BS +87963676,87963679,BB +87963680,87963683,BZ +87963684,87963687,BM +87963688,87963691,BO +87963692,87963695,VG +87963696,87963699,KY +87963700,87963703,CL +87963704,87963707,CN +87963708,87963711,CO +87963712,87963715,CK +87963716,87963719,CR +87963720,87963723,CU +87963724,87963727,DM +87963728,87963731,DO +87963732,87963735,EC +87963736,87963739,SV +87963740,87963743,FK +87963744,87963747,FJ +87963748,87963751,GD +87963752,87963755,GP +87963756,87963759,GU +87963760,87963763,GT +87963764,87963767,GY +87963768,87963771,HT +87963772,87963775,HN +87963776,87963779,JM +87963780,87963783,KI +87963784,87963787,MS +87963788,87963791,NR +87963792,87963795,NC +87963796,87963799,NI +87963800,87963803,NU +87963804,87963807,NF +87963808,87963811,KP +87963812,87963815,PW +87963816,87963819,PA +87963820,87963823,PG +87963824,87963827,PY +87963828,87963831,PE +87963832,87963835,PH +87963836,87963839,PN +87963840,87963843,PR +87963844,87963847,KN +87963848,87963851,LC +87963852,87963855,VC +87963856,87963859,WS +87963860,87963863,SB +87963864,87963867,SR +87963868,87963871,SZ +87963872,87963875,TK +87963876,87963879,TO +87963880,87963883,TT +87963884,87963887,TC +87963888,87963891,TV +87963892,87963895,UY +87963896,87963911,US +87963912,87963915,DE +87963916,87963955,US +87963956,87963959,CA +87963960,87963963,GB +87963964,87963999,US +87964000,87964003,VU +87964004,87964007,VE +87964008,87964163,US +87964164,87964167,AS +87964168,87964171,AI +87964172,87964175,AG +87964176,87964179,AR +87964180,87964183,AW +87964184,87964187,BS +87964188,87964191,BB +87964192,87964195,BZ +87964196,87964199,BM +87964200,87964203,BO +87964204,87964207,VG +87964208,87964211,KY +87964212,87964215,CL +87964216,87964219,CO +87964220,87964223,CK +87964224,87964227,CR +87964228,87964231,CU +87964232,87964235,DM +87964236,87964239,DO +87964240,87964243,EC +87964244,87964247,SV +87964248,87964251,FK +87964252,87964255,FJ +87964256,87964259,GD +87964260,87964263,GP +87964264,87964267,GT +87964268,87964271,GY +87964272,87964275,HT +87964276,87964279,HN +87964280,87964283,JM +87964284,87964287,KI +87964288,87964291,MS +87964292,87964295,NR +87964296,87964299,NC +87964300,87964303,NI +87964304,87964307,NU +87964308,87964311,NF +87964312,87964315,PA +87964316,87964319,PY +87964320,87964323,PE +87964324,87964327,PN +87964328,87964331,PR +87964332,87964335,KN +87964336,87964339,LC +87964340,87964343,PM +87964344,87964347,VC +87964348,87964351,WS +87964352,87964355,SB +87964356,87964359,SR +87964360,87964363,SZ +87964364,87964367,TK +87964368,87964371,TO +87964372,87964375,TT +87964376,87964379,TC +87964380,87964383,TV +87964384,87964387,UY +87964388,87964403,US +87964404,87964407,DE +87964408,87964447,US +87964448,87964451,CA +87964452,87964455,GB +87964456,87964491,US +87964492,87964495,VU +87964496,87964499,VE +87964500,87964671,US +87964672,87964675,CZ +87964676,87964679,AD +87964680,87964683,AO +87964684,87964687,AM +87964688,87964691,AZ +87964692,87964695,BH +87964696,87964699,BD +87964700,87964703,BY +87964704,87964707,BJ +87964708,87964711,BT +87964712,87964715,BA +87964716,87964719,BW +87964720,87964723,BN +87964724,87964727,BG +87964728,87964731,BF +87964732,87964735,BI +87964736,87964739,KH +87964740,87964743,CM +87964744,87964747,CV +87964748,87964751,CF +87964752,87964755,TD +87964756,87964759,CN +87964760,87964763,CX +87964764,87964767,CC +87964768,87964771,KM +87964772,87964775,CD +87964776,87964779,CI +87964780,87964783,CY +87964784,87964787,EG +87964788,87964791,GQ +87964792,87964795,ER +87964796,87964799,EE +87964800,87964803,ET +87964804,87964807,FO +87964808,87964811,GA +87964812,87964815,GM +87964816,87964819,GE +87964820,87964823,GH +87964824,87964827,GI +87964828,87964831,GR +87964832,87964835,GL +87964836,87964839,GU +87964840,87964843,GW +87964844,87964847,GN +87964848,87964851,IR +87964852,87964855,IQ +87964856,87964859,IE +87964860,87964863,JO +87964864,87964867,KZ +87964868,87964871,KE +87964872,87964875,KW +87964876,87964879,KG +87964880,87964883,LA +87964884,87964887,LV +87964888,87964891,LB +87964892,87964895,LS +87964896,87964899,LR +87964900,87964903,LY +87964904,87964907,LI +87964908,87964911,LT +87964912,87964915,MO +87964916,87964919,MK +87964920,87964923,MG +87964924,87964927,MW +87964928,87964931,MV +87964932,87964935,ML +87964936,87964939,MT +87964940,87964943,MR +87964944,87964947,MU +87964948,87964951,MD +87964952,87964955,MC +87964956,87964959,MN +87964960,87964963,ME +87964964,87964967,MA +87964968,87964971,MZ +87964972,87964975,MM +87964976,87964979,NA +87964980,87964983,NP +87964984,87964987,NE +87964988,87964991,NG +87964992,87964995,KP +87964996,87964999,OM +87965000,87965003,PK +87965004,87965007,PW +87965008,87965011,PS +87965012,87965015,PG +87965016,87965019,PH +87965020,87965023,QA +87965024,87965027,DJ +87965028,87965031,CG +87965032,87965035,RO +87965036,87965039,RW +87965040,87965043,SH +87965044,87965047,SM +87965048,87965051,ST +87965052,87965055,SA +87965056,87965059,SN +87965060,87965063,RS +87965064,87965067,SL +87965068,87965071,SK +87965072,87965075,SI +87965076,87965079,SO +87965080,87965083,LK +87965084,87965087,SD +87965088,87965091,SJ +87965092,87965095,SY +87965096,87965099,TJ +87965100,87965103,TZ +87965104,87965107,TH +87965108,87965111,TG +87965112,87965115,TN +87965116,87965119,TM +87965120,87965123,UG +87965124,87965127,UA +87965128,87965131,AE +87965132,87965135,UZ +87965136,87965139,VA +87965140,87965143,VN +87965144,87965147,YE +87965148,87965151,ZM +87965152,87965155,ZW +87965156,87965183,CZ +87965184,87965187,GB +87965188,87965191,AD +87965192,87965195,AO +87965196,87965199,AM +87965200,87965203,AZ +87965204,87965207,BH +87965208,87965211,BD +87965212,87965215,BY +87965216,87965219,BJ +87965220,87965223,BT +87965224,87965227,BA +87965228,87965231,BW +87965232,87965235,BN +87965236,87965239,BG +87965240,87965243,BF +87965244,87965247,BI +87965248,87965251,KH +87965252,87965255,CM +87965256,87965259,CV +87965260,87965263,CF +87965264,87965267,TD +87965268,87965271,CX +87965272,87965275,CC +87965276,87965279,KM +87965280,87965283,CD +87965284,87965287,CI +87965288,87965291,CY +87965292,87965295,EG +87965296,87965299,GQ +87965300,87965303,ER +87965304,87965307,EE +87965308,87965311,ET +87965312,87965315,FO +87965316,87965319,GA +87965320,87965323,GM +87965324,87965327,GE +87965328,87965331,GH +87965332,87965335,GI +87965336,87965339,GR +87965340,87965343,GL +87965344,87965347,GW +87965348,87965351,GN +87965352,87965355,IR +87965356,87965359,IQ +87965360,87965363,IE +87965364,87965367,JO +87965368,87965371,KZ +87965372,87965375,KE +87965376,87965379,KW +87965380,87965383,KG +87965384,87965387,LA +87965388,87965391,LV +87965392,87965395,LB +87965396,87965399,LS +87965400,87965403,LR +87965404,87965407,LY +87965408,87965411,LI +87965412,87965415,LT +87965416,87965419,MO +87965420,87965423,MK +87965424,87965427,MG +87965428,87965431,MW +87965432,87965435,MV +87965436,87965439,ML +87965440,87965443,MT +87965444,87965447,MR +87965448,87965451,MU +87965452,87965455,MD +87965456,87965459,MC +87965460,87965463,MN +87965464,87965467,ME +87965468,87965471,MA +87965472,87965475,MZ +87965476,87965479,MM +87965480,87965483,NA +87965484,87965487,NP +87965488,87965491,NE +87965492,87965495,NG +87965496,87965499,OM +87965500,87965503,PK +87965504,87965507,PS +87965508,87965511,QA +87965512,87965515,DJ +87965516,87965519,CG +87965520,87965523,RO +87965524,87965527,RW +87965528,87965531,SH +87965532,87965535,PM +87965536,87965539,SM +87965540,87965543,ST +87965544,87965547,SA +87965548,87965551,SN +87965552,87965555,RS +87965556,87965559,SL +87965560,87965563,SK +87965564,87965567,SI +87965568,87965571,SO +87965572,87965575,LK +87965576,87965579,SD +87965580,87965583,SJ +87965584,87965587,SY +87965588,87965591,TJ +87965592,87965595,TZ +87965596,87965599,TH +87965600,87965603,TG +87965604,87965607,TN +87965608,87965611,TM +87965612,87965615,UG +87965616,87965619,PT +87965620,87965623,US +87965624,87965627,UA +87965628,87965631,AE +87965632,87965635,UZ +87965636,87965639,VA +87965640,87965643,VN +87965644,87965647,YE +87965648,87965651,ZM +87965652,87965655,ZW +87965656,87965659,PT +87965660,87965663,US +87965664,87965695,GB 87965696,87967743,DE 87967744,87969791,IT 87969792,87970815,IM @@ -1352,14 +1735,15 @@ 92764224,92764287,ES 92764288,92764687,FR 92764688,92764703,ES -92764704,92764911,FR +92764704,92764863,FR +92764864,92764879,ES +92764880,92764911,FR 92764912,92764927,GB 92764928,92765423,FR 92765424,92765427,GB 92765428,92766015,FR 92766016,92766047,ES -92766048,92777839,FR -92777840,92777855,FI +92766048,92777855,FR 92777856,92777983,GB 92777984,92778431,FR 92778432,92778495,ES @@ -1418,7 +1802,9 @@ 92787708,92787711,FI 92787712,92788127,FR 92788128,92788131,FI -92788132,92788479,FR +92788132,92788399,FR +92788400,92788415,FI +92788416,92788479,FR 92788480,92788495,FI 92788496,92789119,FR 92789120,92789183,ES @@ -1461,7 +1847,9 @@ 92797356,92797359,DE 92797360,92797679,FR 92797680,92797695,FI -92797696,92798975,FR +92797696,92798591,FR +92798592,92798623,PT +92798624,92798975,FR 92798976,93323263,RU 93323264,93335551,CH 93335552,93339647,IL @@ -1481,8 +1869,7 @@ 93417472,93419519,IR 93419520,93421567,IT 93421568,93425663,DE -93425664,93426183,SE -93426184,93426687,GI +93425664,93426687,GI 93426688,93427085,DE 93427087,93427711,DE 93427712,93429759,NO @@ -1808,7 +2195,10 @@ 96245760,96246783,KZ 96246784,96247807,RU 96247808,96248831,NL -96248832,96259071,RU +96248832,96251903,RU +96251904,96252159,DE +96252160,96252927,NL +96252928,96259071,RU 96259072,96259327,NL 96259328,96259583,RO 96259584,96259839,US @@ -1896,9 +2286,7 @@ 96757884,96757887,ES 96757888,96758247,FR 96758248,96758251,DE -96758252,96759311,FR -96759312,96759327,ES -96759328,96759735,FR +96758252,96759735,FR 96759736,96759739,ES 96759740,96760099,FR 96760100,96760103,IE @@ -2233,7 +2621,11 @@ 100532480,100532735,US 100532736,100548872,RO 100548873,100548873,TR -100548874,100554999,RO +100548874,100552863,RO +100552864,100552871,AT +100552872,100554447,RO +100554448,100554463,DE +100554464,100554999,RO 100555000,100555000,DE 100555001,100555007,RO 100555008,100555263,DE @@ -2403,7 +2795,9 @@ 204047872,204047999,PR 204048000,204048031,US 204048032,204048047,PR -204048048,209921023,US +204048048,208304383,US +208304384,208304639,CA +208304640,209921023,US 209921024,209921279,AU 209921280,212086271,US 212086272,212086527,AR @@ -2525,7 +2919,9 @@ 225443840,225705983,JP 225705984,226230271,US 226230272,226295807,KR -226295808,231866367,US +226295808,226361343,US +226361344,226492415,IN +226492416,231866367,US 231866368,231997439,AU 231997440,233046015,US 233046016,233177087,SG @@ -2636,7 +3032,8 @@ 248512512,249561087,CN 249561088,251658239,VN 251658240,257532415,US -257532416,257532671,AU +257532416,257532423,AU +257532432,257532671,AU 257532672,257534463,US 257534464,257534719,IN 257534720,257597951,US @@ -2725,8 +3122,7 @@ 289787904,289789951,DE 289789952,289791999,US 289792000,289794047,AE -289794048,289795071,US -289795072,289796095,GB +289794048,289796095,GB 289796096,289798143,TR 289798144,289800191,SA 289800192,289948927,US @@ -2855,7 +3251,8 @@ 301989024,301989031,MO 301989032,301989119,US 301989120,301989375,AU -301989376,323243895,US +301989376,301989631,SG +301989632,323243895,US 323243896,323243903,FR 323243904,332132119,US 332132120,332132127,IL @@ -3157,8 +3554,8 @@ 389515264,389521407,NL 389521408,389554175,US 389554176,389562367,NL -389562368,389611519,US -389611520,389619711,NL +389562368,389615615,US +389615616,389619711,NL 389619712,389628415,US 389628416,389628927,NL 389628928,389631999,US @@ -3275,7 +3672,11 @@ 391112704,391113471,NL 391113472,391116543,US 391116544,391116799,NL -391116800,391368703,US +391116800,391331839,US +391331840,391333887,NL +391333888,391344127,US +391344128,391348223,NL +391348224,391368703,US 391368704,391372799,CA 391372800,391376895,US 391376896,391380991,CA @@ -3549,7 +3950,33 @@ 392691440,392691455,AT 392691456,392765439,US 392765440,392765695,GB -392765696,393166847,US +392765696,392849663,US +392849664,392849919,NL +392849920,392850687,US +392850688,392850943,NL +392850944,392851455,US +392851456,392852479,NL +392852480,392852735,US +392852736,392852991,NL +392852992,393007103,US +393007104,393008639,NL +393008640,393008895,US +393008896,393011199,NL +393011200,393019391,US +393019392,393042015,NL +393042016,393042023,US +393042024,393042087,NL +393042088,393042095,US +393042096,393042143,NL +393042144,393042151,US +393042152,393042719,NL +393042720,393042727,US +393042728,393084927,NL +393084928,393150463,US +393150464,393152511,NL +393152512,393154559,US +393154560,393158655,NL +393158656,393166847,US 393166848,393170943,CA 393170944,394264575,US 394264576,394264831,CA @@ -3584,7 +4011,9 @@ 395968512,396034047,CA 396034048,396034303,US 396066816,396067071,CA -396099584,396754943,US +396099584,396230911,US +396263424,396263679,CA +396296192,396754943,US 396754944,396755199,CA 396820480,396820735,US 396886016,397410303,US @@ -4387,7 +4816,9 @@ 461012992,461045759,KR 461045760,461047807,ID 461047808,461049855,JP -461049856,461050879,TH +461049856,461050111,TH +461050112,461050367,SG +461050368,461050879,TH 461050880,461051903,NZ 461051904,461054975,AU 461054976,461055999,HK @@ -4502,7 +4933,8 @@ 520355840,520421375,ES 520421376,520486911,RO 520486912,520488959,NL -520488960,520489471,UA +520488960,520489215,UA +520489216,520489471,CH 520489472,520489727,EG 520489728,520489983,GR 520489984,520490020,RU @@ -4776,7 +5208,9 @@ 521793536,521795583,RU 521795584,521797631,PL 521797632,521928703,IT -521928704,521945087,RU +521928704,521929087,RU +521929088,521929151,UA +521929152,521945087,RU 521945088,521953279,GB 521953280,521961471,RU 521961472,521969663,CZ @@ -5172,8 +5606,7 @@ 532209664,532210687,DE 532210688,532212223,RU 532212224,532212479,ME -532212480,532212735,NL -532212736,532213759,RU +532212480,532213759,RU 532213760,532214015,GB 532214016,532221951,RU 532221952,532223999,IT @@ -5454,7 +5887,9 @@ 534513216,534513279,VG 534513280,534513407,NL 534513408,534513663,SE -534513664,534515455,US +534513664,534514687,US +534514688,534515199,DE +534515200,534515455,US 534515456,534515711,SE 534515712,534515967,GB 534515968,534516735,US @@ -5507,8 +5942,7 @@ 534663168,534675455,ES 534675456,534691839,GB 534691840,534693887,FR -534693888,534695935,NL -534695936,534700031,GB +534693888,534700031,GB 534700032,534708223,JO 534708224,534740991,TR 534740992,534749183,BA @@ -5594,7 +6028,9 @@ 597426176,597688319,DE 597688320,598736895,US 598736896,598867967,GB -598867968,603979775,US +598867968,599130111,US +599130112,599261183,CA +599261184,603979775,US 603979776,603980799,CN 603980800,603981823,NP 603981824,604110847,CN @@ -5628,7 +6064,6 @@ 620703744,620704767,NZ 620704768,620705791,BD 620705792,620706815,HK -620706816,620707839,US 620707840,620708863,IN 620708864,620709887,HK 620709888,620711935,AU @@ -5678,9 +6113,7 @@ 620777472,620781567,NL 620781568,620783615,GB 620783616,620785663,ES -620785664,620785919,DE -620785920,620786175,GB -620786176,620786687,DE +620785664,620786687,DE 620786688,620787199,IE 620787200,620787711,DE 620787712,620789503,RU @@ -5969,7 +6402,9 @@ 623822592,623822847,DE 623822848,623824895,GB 623824896,623826943,CZ -623826944,623837183,UA +623826944,623827967,UA +623827968,623828991,BG +623828992,623837183,UA 623837184,623902719,PL 623902720,623919103,CZ 623919104,623935487,NL @@ -6023,7 +6458,9 @@ 624640952,624640959,PT 624640960,624641187,FR 624641188,624641191,ES -624641192,624641855,FR +624641192,624641535,FR +624641536,624641551,IE +624641552,624641855,FR 624641856,624641887,GB 624641888,624641983,FR 624641984,624642015,ES @@ -6195,7 +6632,9 @@ 624665612,624665615,ES 624665616,624665663,FR 624665664,624665695,ES -624665696,624665999,FR +624665696,624665903,FR +624665904,624665919,FI +624665920,624665999,FR 624666000,624666015,GB 624666016,624666167,FR 624666168,624666175,GB @@ -6339,8 +6778,8 @@ 624680800,624680895,FR 624680896,624680927,ES 624680928,624681023,FR -624681024,624681071,ES -624681072,624681083,FR +624681024,624681055,ES +624681056,624681083,FR 624681084,624681087,ES 624681088,624681535,FR 624681536,624681599,ES @@ -7062,9 +7501,7 @@ 635200912,635200919,IT 635200920,635200991,GB 635200992,635200999,IT -635201000,635201103,GB -635201104,635201111,IT -635201112,635201159,GB +635201000,635201159,GB 635201160,635201167,IT 635201168,635201183,GB 635201184,635201191,IT @@ -7298,8 +7735,8 @@ 641790976,641826815,US 641826816,641827839,MX 641827840,641828351,US -641828352,641830911,MX -641830912,642089471,US +641828352,641832959,MX +641832960,642089471,US 642089472,642089727,CA 642089728,642092543,US 642092544,642092799,CA @@ -7405,8 +7842,7 @@ 644718720,644718783,CA 644718784,644718847,US 644718848,644718943,CA -644718944,644719103,RU -644719104,644719359,US +644718944,644719359,US 644719360,644720639,CA 644720640,644759551,US 644759552,644761599,CA @@ -8244,21 +8680,9 @@ 691650560,691666943,GH 691666944,691732479,NG 691732480,691798015,TZ -691798016,691814399,ZM -691814400,691814655,ZW -691814656,691815935,ZM -691815936,691816191,ZW -691816192,691816447,ZM -691816448,691816703,ZW -691816704,691816959,ZM -691816960,691817215,ZW -691817216,691821823,ZM -691821824,691822079,ZW -691822080,691823871,ZM -691823872,691824127,ZW -691824128,691824639,ZM -691824640,691825151,ZW -691825152,691857407,ZM +691798016,691806207,ZM +691806208,691830783,ZW +691830784,691857407,ZM 691857408,691858175,KE 691858176,691863551,ZM 691863552,691929087,ZA @@ -8289,7 +8713,9 @@ 692625408,692626687,KE 692626688,692626943,AO 692626944,692633599,KE -692633600,692641791,MU +692633600,692637903,MU +692637904,692637911,KE +692637912,692641791,MU 692641792,692649983,GA 692649984,692658175,NG 692658176,692666367,ZA @@ -8335,7 +8761,9 @@ 692852736,692854783,GH 692854784,692856831,ZA 692856832,692858879,MU -692858880,692860927,MW +692858880,692859135,MW +692859136,692859391,UG +692859392,692860927,MW 692860928,692862975,ZA 692862976,692869119,NG 692869120,692871167,TZ @@ -8473,7 +8901,7 @@ 693073920,693074943,SS 693074944,693075967,CV 693075968,693076991,CM -693076992,693078015,ZW +693076992,693078015,MU 693078016,693079039,BW 693079040,693080063,KE 693080064,693081087,NG @@ -8500,7 +8928,10 @@ 693103616,693104639,GN 693104640,693105663,ZA 693105664,693106687,MZ -693106688,693107711,ZA +693106688,693106951,TZ +693106952,693106959,ZA +693106960,693107199,TZ +693107200,693107711,ZA 693107712,693239807,KE 693239808,693370879,SN 693370880,693403647,ZA @@ -8548,16 +8979,15 @@ 696926208,696928255,ZA 696928256,696930303,BW 696930304,696932351,RW -696932352,696932607,EG +696932352,696932607,BJ 696932608,696932863,NG -696932864,696933375,EG +696932864,696933375,BJ 696933376,696934399,ZA 696934400,696942591,BF 696942592,696950783,MR 696950784,696958975,NG 696958976,696963071,TZ -696963072,696965119,UG -696965120,696966143,NG +696963072,696966143,UG 696966144,696967167,TZ 696967168,696971263,MZ 696971264,696974335,KE @@ -8573,7 +9003,9 @@ 698056704,698089471,EG 698089472,698220543,ZA 698220544,698351615,GA -698351616,699400191,ZA +698351616,699334655,ZA +699334656,699342847,ZM +699342848,699400191,ZA 699400192,699465727,EG 699465728,699531263,ZA 699531264,699662335,EG @@ -8622,7 +9054,7 @@ 700381184,700382207,EG 700382208,700383231,KE 700383232,700399615,EG -700399616,700400639,AO +700399616,700400639,BW 700400640,700401663,CI 700401664,700402687,MZ 700402688,700403711,UG @@ -8633,6 +9065,7 @@ 700407808,700408831,GH 700408832,700409855,CM 700409856,700410879,LR +700410880,700411903,NG 700412928,700413951,ZM 700413952,700414975,SC 700414976,700432383,ZA @@ -8722,9 +9155,7 @@ 701423616,701431807,NG 701431808,701439999,CI 701440000,701448191,MG -701448192,701457919,KE -701457920,701458175,CG -701458176,701458831,KE +701448192,701458831,KE 701458832,701458847,CG 701458848,701462783,KE 701462784,701463295,CG @@ -8839,9 +9270,13 @@ 702328832,702332927,TZ 702332928,702337023,MZ 702337024,702341119,UG -702341120,702342259,MU +702341120,702342111,MU +702342112,702342127,KE +702342128,702342259,MU 702342260,702342263,KE -702342264,702344199,MU +702342264,702343039,MU +702343040,702343103,KE +702343104,702344199,MU 702344200,702344971,KE 702344972,702345215,MU 702345216,702349311,KE @@ -8859,7 +9294,7 @@ 702398464,702402559,CV 702402560,702410751,ZA 702410752,702414847,AO -702414848,702416895,UG +702414848,702416895,MU 702416896,702418943,KE 702418944,702420991,ZM 702420992,702423039,TZ @@ -8990,9 +9425,9 @@ 703774720,703791103,ZA 703791104,703856639,CD 703856640,703922175,CM -703922176,703971327,ZA -703971328,703975423,NG -703975424,704118783,ZA +703922176,703954943,ZA +703954944,703987711,NG +703987712,704118783,ZA 704118784,704380927,MA 704380928,704643071,LY 704643072,704644095,CN @@ -9228,7 +9663,7 @@ 736394240,736395263,HK 736395264,736396287,MN 736396288,736398335,CN -736398336,736400383,IN +736398336,736399359,IN 736400384,736402431,CN 736402432,736402687,NZ 736402688,736402943,SG @@ -9323,9 +9758,9 @@ 736518144,736519167,HK 736519168,736520191,AU 736520192,736521215,IN -736521216,736521747,PH +736521216,736521747,AU 736521748,736521748,US -736521749,736522239,PH +736521749,736522239,AU 736522240,736524287,HK 736524288,736525311,BD 736525312,736526335,CN @@ -9449,7 +9884,7 @@ 737179648,737180671,AU 737180672,737184767,CN 737184768,737185791,VU -737185792,737186815,AU +737185792,737186815,HK 737186816,737187839,ID 737187840,737188863,TW 737188864,737206271,CN @@ -9587,7 +10022,9 @@ 737484800,737485823,KH 737485824,737487871,AU 737487872,737488895,MM -737488896,737489919,AU +737488896,737489151,AU +737489152,737489407,SG +737489408,737489919,HK 737489920,737490943,NZ 737490944,737491967,FJ 737491968,737492447,SG @@ -10067,11 +10504,15 @@ 755292160,755293183,AR 755293184,755301375,BR 755301376,755303423,AR +755303424,755304447,BR +755304448,755305471,DO +755305472,755305727,SV 755305728,755305983,BO 755305984,755306239,BR 755306240,755306495,AR 755306496,755307519,BR 755307520,755309567,AR +755309568,755310591,HN 755310592,755315711,BR 755315712,755316735,MX 755316736,755317759,PE @@ -10086,18 +10527,34 @@ 755332096,755333119,GT 755333120,755335167,CL 755335168,755340287,BR -755341312,755342335,AR +755340288,755342335,AR 755342336,755343359,BR +755343360,755345407,CO +755345408,755346431,BR +755346432,755347455,CO +755347456,755348479,BR +755348480,755351551,CO 755351552,755357695,BR 755357696,755358719,NI 755358720,755368959,BR -755368960,755369983,AR -755371008,755376127,BR +755368960,755371007,AR +755371008,755378175,BR +755378176,755379199,DO +755379200,755381247,HN 755381248,755383295,BR 755383296,755384319,MX +755384320,755385343,BR 755385344,755386367,AR -755386368,755387391,BR -755390464,755400703,BR +755386368,755394559,BR +755394560,755395583,AR +755395584,755401727,BR +755401728,755402751,AR +755402752,755403775,BR +755403776,755404799,MX +755404800,755417087,BR +755422208,755423231,AR +755425280,755429375,BR +755431424,755433471,UY 756023296,757071871,US 757071872,757071911,NL 757071912,757071919,US @@ -10117,7 +10574,9 @@ 757072776,757072791,US 757072792,757072895,NL 757072896,757072903,US -757072904,757073007,NL +757072904,757072911,NL +757072912,757072919,US +757072920,757073007,NL 757073008,757073023,US 757073024,757073047,NL 757073048,757073055,US @@ -10138,8 +10597,7 @@ 757110784,757112831,DE 757112832,757113343,US 757113344,757113855,NL -757113856,757115903,US -757115904,757116927,NL +757113856,757116927,US 757116928,757118975,GB 757118976,757119999,NL 757120000,757121023,AU @@ -10270,9 +10728,7 @@ 757789440,757789567,NP 757789568,757790975,US 757790976,757791231,WS -757791232,757792767,US -757792768,757793279,CA -757793280,757793791,US +757791232,757793791,US 757793792,757794047,CA 757794048,757795839,US 757795840,757796351,CA @@ -10283,8 +10739,11 @@ 757798400,757799167,US 757799168,757799423,CA 757799424,757799935,US -757799936,757800959,CA +757799936,757800191,CA +757800192,757800447,US +757800448,757800959,CA 757800960,757809151,US +757809152,757809407,CA 757809408,757809663,RO 757809664,757809919,GB 757817344,757858303,US @@ -10582,28 +11041,30 @@ 759848960,759955455,CA 759955456,759963647,US 759963648,759965759,NL -759965760,759966719,US -759966720,759967231,FR -759967232,759975935,US -759975936,759977471,DE -759977472,759977983,US -759977984,759979007,DE -759979008,759979124,US -759979125,759979125,DE -759979126,759980031,US +759965760,759966207,US +759966208,759966719,NL +759966720,759967743,FR +759967744,759968767,JP +759968768,759975935,US +759975936,759980031,DE 759980032,759984127,JP -759984128,759985151,AU -759985152,759988223,US -759988224,759990783,GB -759990784,759992319,US -759992320,759996415,SG -759996416,760004607,US +759984128,759986175,AU +759986176,759988223,US +759988224,759992319,GB +759992320,759997439,SG +759997440,760000511,US +760000512,760004607,SG 760004608,760006983,JP 760006984,760006987,US 760006988,760007007,JP 760007008,760007039,US 760007040,760012799,JP -760012800,760111103,US +760012800,760023039,US +760023040,760026367,JP +760026368,760026623,HK +760026624,760029183,JP +760029184,760031743,SG +760031744,760111103,US 760111104,760119295,CA 760119296,760127487,US 760127488,760152063,CA @@ -10665,7 +11126,7 @@ 762399744,762400767,IN 762400768,762401023,HK 762401024,762401279,US -762401280,762401791,HK +762401280,762401791,KR 762401792,762402815,TH 762402816,762403839,IN 762403840,762404863,AU @@ -10949,7 +11410,7 @@ 762848768,762849279,BD 762849280,762850303,IN 762850304,762851327,HK -762851328,762852351,IN +762851328,762851839,IN 762852352,762853375,HK 762853376,762855423,IN 762855424,762857471,KR @@ -11204,7 +11665,8 @@ 763282432,763285503,IN 763285504,763286017,SG 763286018,763286018,US -763286019,763286527,SG +763286019,763286271,SG +763286272,763286527,US 763286528,763287551,CN 763287552,763288575,HK 763288576,763289599,CN @@ -11528,7 +11990,9 @@ 772884480,772886527,LB 772886528,772888575,FR 772888576,772890623,GB -772890624,772892671,NL +772890624,772892033,NL +772892034,772892041,RU +772892042,772892671,NL 772892672,772894719,GB 772894720,772896767,PL 772896768,772898815,RS @@ -11805,7 +12269,6 @@ 773800960,773801215,SG 773801216,773801471,US 773801472,773801983,CY -773801984,773804031,IQ 773804032,773806079,GB 773806080,773808127,BE 773808128,773810175,IL @@ -12863,8 +13326,7 @@ 784334848,784457743,FR 784457744,784458751,GB 784458752,784458767,FR -784458768,784459775,GB -784459776,784461823,IT +784458768,784461823,GB 784461824,784465919,FR 784465920,784596991,SE 784596992,784728063,TR @@ -13187,7 +13649,9 @@ 787715840,787718143,NL 787718144,787718655,RU 787718656,787719167,NL -787719168,787722239,RU +787719168,787719423,RU +787719424,787719935,NL +787719936,787722239,RU 787722240,787722751,NL 787722752,787725311,RU 787725312,787741695,NL @@ -13307,8 +13771,7 @@ 788261632,788262143,DE 788262144,788262399,IR 788262400,788265215,DE -788265216,788265727,ES -788265728,788267007,DE +788265216,788267007,ES 788267008,788271103,SE 788271104,788275199,DE 788275200,788279295,AL @@ -13430,7 +13893,11 @@ 794427392,794460159,HK 794460160,794492927,US 794492928,794501119,JP -794501120,794558463,US +794501120,794532607,US +794532608,794532863,HK +794532864,794533631,US +794533632,794533887,HK +794533888,794558463,US 794558464,796917759,CN 796917760,797442047,CA 797442048,800522240,US @@ -13520,7 +13987,7 @@ 832312320,832313343,ID 832313344,832315391,AU 832315392,832319487,KH -832319488,832320511,NZ +832319488,832320511,NU 832320512,832321535,VN 832321536,832323583,ID 832323584,832348159,IN @@ -14017,7 +14484,10 @@ 873725952,874250239,US 874250240,874381311,DE 874381312,874512383,IE -874512384,875560959,US +874512384,875446271,US +875446272,875454463,FR +875454464,875495423,US +875495424,875560959,FR 875560960,875823103,IE 875823104,876085247,US 876085248,876150783,GB @@ -14073,7 +14543,7 @@ 878578944,878579199,AU 878579200,878579455,CA 878579456,878579711,GB -878579712,878579967,US +878579712,878579967,FR 878579968,878580223,DE 878580224,878580735,US 878580736,878580991,IN @@ -14119,8 +14589,9 @@ 878639296,878639311,GB 878639312,878639327,CA 878639328,878639359,US -878639360,878639375,CN -878639376,878648831,US +878639360,878639391,CN +878639392,878639407,FR +878639408,878648831,US 878648832,878649343,JP 878649344,878649855,US 878649856,878650111,JP @@ -14141,7 +14612,9 @@ 878676736,878678271,US 878678272,878679039,CA 878679040,878679807,GB -878679808,878690303,US +878679808,878680575,US +878680576,878681343,FR +878681344,878690303,US 878690304,878694399,KR 878694400,878695423,US 878695424,878696447,SG @@ -14158,7 +14631,7 @@ 878705408,878705663,US 878705664,878705919,KR 878705920,878706175,GB -878706176,878706431,US +878706176,878706431,FR 878706432,878706447,BR 878706448,878706463,AU 878706464,878706479,SG @@ -14239,7 +14712,9 @@ 879841792,879841919,KR 879841920,880216831,US 880216832,880217087,CA -880217088,880263167,US +880217088,880261119,US +880261120,880262143,SG +880262144,880263167,US 880263168,880264191,IE 880264192,880269311,US 880269312,880271359,JP @@ -15171,7 +15646,8 @@ 1024262144,1024327679,SG 1024327680,1024327935,US 1024327936,1024328191,AU -1024328192,1024328703,US +1024328192,1024328447,HK +1024328448,1024328703,US 1024328704,1024329727,CN 1024329728,1024330751,JP 1024330752,1024331775,AU @@ -15357,14 +15833,16 @@ 1040983552,1040983807,FO 1040983808,1040990207,DK 1040990208,1040998399,CY -1040998400,1041002495,EG +1040998400,1041002495,SD 1041002496,1041004543,KE 1041004544,1041006591,EG 1041006592,1041039359,CH 1041039360,1041072127,SE 1041072128,1041080319,GB 1041080320,1041088511,IT -1041088512,1041096703,AT +1041088512,1041093631,AT +1041093632,1041094143,US +1041094144,1041096703,AT 1041096704,1041235967,ES 1041235968,1041244159,UA 1041244160,1041252351,RU @@ -15392,7 +15870,9 @@ 1041728560,1041728655,FR 1041728656,1041728671,IT 1041728672,1041748991,FR -1041749248,1041760255,FR +1041749248,1041752319,FR +1041752320,1041752575,AT +1041752576,1041760255,FR 1041760256,1041768447,DE 1041768448,1041776639,NO 1041776640,1041784831,CZ @@ -15749,7 +16229,9 @@ 1046489472,1046489487,ES 1046489488,1046489503,GB 1046489504,1046489519,DE -1046489520,1046489999,GB +1046489520,1046489975,GB +1046489976,1046489983,DE +1046489984,1046489999,GB 1046490000,1046490007,DE 1046490008,1046492471,GB 1046492472,1046492479,DE @@ -15819,7 +16301,9 @@ 1046524488,1046524495,DE 1046524496,1046524615,GB 1046524616,1046524623,DE -1046524624,1046525351,GB +1046524624,1046524647,GB +1046524648,1046524655,DE +1046524656,1046525351,GB 1046525352,1046525359,DE 1046525360,1046525439,GB 1046525440,1046525695,DE @@ -15948,8 +16432,7 @@ 1047527424,1047529471,US 1047529472,1047530495,NL 1047530496,1047531007,GB -1047531008,1047531263,RS -1047531264,1047533567,BE +1047531008,1047533567,BE 1047533568,1047534847,DE 1047534848,1047535103,BE 1047535104,1047535359,US @@ -16006,12 +16489,14 @@ 1047658496,1047724031,EG 1047728128,1047732223,SE 1047735770,1047735770,DE +1047736552,1047736553,US 1047740544,1047740671,DE 1047758911,1047758911,CZ 1047759119,1047759119,AT 1047759125,1047759125,AT 1047759754,1047759754,FR 1047759834,1047759834,CZ +1047763266,1047763267,SE 1047781856,1047781871,DE 1047782690,1047782690,GB 1047787520,1047787775,ES @@ -16096,6 +16581,7 @@ 1048987480,1048987487,DE 1048991960,1048991967,DE 1048992528,1048992535,DE +1048992608,1048992615,DE 1049006080,1049006335,DE 1049008128,1049009151,DE 1049016320,1049018367,DE @@ -17645,7 +18131,9 @@ 1073049065,1073049065,CW 1073049066,1073049599,US 1073049600,1073052671,BS -1073052672,1073116159,US +1073052672,1073075199,US +1073075200,1073075455,CA +1073075456,1073116159,US 1073116160,1073117183,GB 1073117184,1073118207,US 1073118208,1073118719,NL @@ -18374,7 +18862,9 @@ 1087398912,1087399423,GB 1087399424,1087405407,US 1087405408,1087405423,MX -1087405424,1087413895,US +1087405424,1087413879,US +1087413880,1087413883,ES +1087413884,1087413895,US 1087413896,1087413903,DE 1087413904,1087414783,US 1087414784,1087415039,CA @@ -19039,7 +19529,19 @@ 1111195648,1111212031,CA 1111220224,1111228415,US 1111228416,1111244799,AR -1111244800,1111982079,US +1111244800,1111916543,US +1111916544,1111922687,CA +1111922688,1111924735,US +1111924736,1111928831,CA +1111928832,1111929855,US +1111929856,1111931135,CA +1111931136,1111931391,US +1111931392,1111931903,CA +1111931904,1111932927,US +1111932928,1111938047,CA +1111938048,1111941119,US +1111941120,1111943167,CA +1111943168,1111982079,US 1111982080,1111998463,IT 1111998464,1112408063,US 1112408064,1112410111,IL @@ -19125,7 +19627,9 @@ 1114513472,1114513571,US 1114513572,1114513599,SA 1114513600,1114514719,US -1114514720,1114515455,SA +1114514720,1114514751,SA +1114514752,1114514943,US +1114514944,1114515455,SA 1114515456,1114515463,US 1114515464,1114515471,CA 1114515472,1114517503,US @@ -19136,7 +19640,9 @@ 1114520576,1114520831,PH 1114520832,1114523971,US 1114523972,1114523975,BM -1114523976,1114524031,US +1114523976,1114523999,US +1114524000,1114524007,BM +1114524008,1114524031,US 1114524032,1114524415,JM 1114524416,1114524671,ZA 1114524672,1114533375,US @@ -19322,19 +19828,7 @@ 1119109632,1119109887,CA 1119109888,1119110143,US 1119110144,1119111167,CA -1119111168,1119166463,US -1119171072,1119171327,US -1119171360,1119171383,US -1119171384,1119171391,CA -1119171392,1119171583,US -1119172056,1119172063,US -1119172096,1119172159,US -1119172192,1119172199,US -1119172200,1119172207,CA -1119172256,1119172263,US -1119172352,1119172863,US -1119172864,1119173631,MX -1119174656,1119199231,US +1119111168,1119199231,US 1119199232,1119207169,MN 1119207170,1119207170,US 1119207171,1119207423,MN @@ -19501,7 +19995,7 @@ 1121203200,1121204223,JM 1121204224,1121205247,US 1121205248,1121205759,PR -1121205760,1121206271,VC +1121205760,1121206271,LC 1121206272,1121230847,US 1121230848,1121239039,CA 1121239040,1121247231,US @@ -19628,7 +20122,9 @@ 1125147626,1125156304,US 1125156305,1125156305,DE 1125156306,1125228543,US -1125228544,1125229055,GB +1125228544,1125228647,GB +1125228648,1125228651,FI +1125228652,1125229055,GB 1125229056,1125237277,US 1125237278,1125237278,GB 1125237279,1125237919,US @@ -19712,9 +20208,7 @@ 1137369088,1137371135,CA 1137371136,1137378815,US 1137378816,1137379071,UA -1137379072,1137385471,US -1137385472,1137387519,IL -1137387520,1137426431,US +1137379072,1137426431,US 1137426432,1137442815,PR 1137442816,1137491967,US 1137491968,1137508351,CA @@ -19834,11 +20328,9 @@ 1138917376,1138937855,CA 1138937856,1138941951,US 1138941952,1138950143,CA -1138950144,1138958335,US -1138958336,1138959103,IL -1138959104,1138959615,US -1138959616,1138959871,IL -1138959872,1138970111,US +1138950144,1138956799,US +1138956800,1138957311,CA +1138957312,1138970111,US 1138970112,1138970367,IN 1138970368,1139146751,US 1139146752,1139154943,GT @@ -19892,7 +20384,9 @@ 1145503744,1145520127,CA 1145520128,1150287871,US 1150287872,1150812159,CA -1150812160,1151889407,US +1150812160,1151867903,US +1151867904,1151868927,CA +1151868928,1151889407,US 1151889408,1151892703,CA 1151892704,1151892711,DZ 1151892712,1151897599,CA @@ -19948,7 +20442,6 @@ 1158295808,1158296063,GB 1158296064,1158316031,US 1158316032,1158318847,CA -1158319037,1158319037,CA 1158319104,1158322242,CA 1158322243,1158322243,US 1158322244,1158324223,CA @@ -20144,7 +20637,11 @@ 1161773056,1161777151,SZ 1161777152,1161818111,US 1161818112,1161822207,CA -1161822208,1161833967,US +1161822208,1161830852,US +1161830853,1161830853,BZ +1161830854,1161831181,US +1161831182,1161831182,BZ +1161831183,1161833967,US 1161833968,1161833975,DE 1161833976,1161834979,US 1161834980,1161834980,BZ @@ -20156,9 +20653,9 @@ 1161835227,1161835227,BZ 1161835228,1161835230,US 1161835231,1161835231,PH -1161835232,1161837174,US -1161837175,1161837175,BZ -1161837176,1161837567,US +1161835232,1161835948,US +1161835949,1161835949,BZ +1161835950,1161837567,US 1161837568,1161837823,JP 1161837824,1161885695,US 1161885696,1161886207,JP @@ -20267,12 +20764,12 @@ 1163538576,1163538591,CA 1163538592,1163539199,US 1163539200,1163539455,CA -1163539456,1163540351,US +1163539456,1163539711,US +1163539712,1163539967,CA +1163539968,1163540351,US 1163540352,1163540479,CA 1163540480,1163540735,US -1163540736,1163541503,CA -1163541504,1163542015,VG -1163542016,1163542527,CA +1163540736,1163542527,CA 1163542528,1163543295,US 1163543296,1163543551,CA 1163543552,1163544575,US @@ -20426,7 +20923,9 @@ 1168965120,1168965375,CA 1168965376,1168973823,US 1168973824,1168982015,CA -1168982016,1169203199,US +1168982016,1169031167,US +1169031168,1169035263,DE +1169035264,1169203199,US 1169203200,1169211391,CA 1169211392,1170190335,US 1170190336,1170190847,GB @@ -20663,7 +21162,9 @@ 1210421504,1210421551,CA 1210421552,1210449919,US 1210449920,1210580991,CA -1210580992,1210865262,US +1210580992,1210847231,US +1210847232,1210851327,BR +1210851328,1210865262,US 1210865263,1210865270,MY 1210865271,1210925055,US 1210925056,1210941439,CA @@ -20758,7 +21259,9 @@ 1224158208,1224167935,US 1224167936,1224169471,NL 1224169472,1224169983,US -1224169984,1224173567,NL +1224169984,1224171519,NL +1224171520,1224173055,US +1224173056,1224173567,NL 1224173568,1224184063,US 1224184064,1224184319,NL 1224184320,1224189951,US @@ -20801,7 +21304,9 @@ 1224523559,1224523559,JM 1224523560,1224523775,US 1224523776,1224540159,JM -1224540160,1241743359,US +1224540160,1224728575,US +1224728576,1224736767,HK +1224736768,1241743359,US 1241743360,1241759743,CA 1241759744,1242300415,US 1242300416,1242562559,CA @@ -20840,9 +21345,13 @@ 1247124480,1247124991,PR 1247124992,1247129599,US 1247129600,1247133695,NL -1247133696,1248864255,US +1247133696,1247498239,US +1247498240,1247502335,CA +1247502336,1248864255,US 1248864256,1248866303,CA -1248866304,1248885759,US +1248866304,1248877311,US +1248877312,1248877567,CA +1248877568,1248885759,US 1248885760,1248886783,CA 1248886784,1248899071,US 1248899072,1248900095,CA @@ -20873,7 +21382,8 @@ 1249011712,1249019903,US 1249019904,1249020927,CA 1249020928,1249023999,US -1249026048,1249029119,US +1249024000,1249025023,CA +1249025536,1249029119,US 1249029120,1249030143,CA 1249030144,1249036287,US 1249036288,1249037311,TC @@ -20890,8 +21400,7 @@ 1249103104,1249103871,CA 1249103872,1249106943,US 1249106944,1249107967,CA -1249107968,1249128447,US -1249129472,1249130495,US +1249107968,1249130495,US 1249130496,1249131519,JM 1249131520,1249139711,US 1249139712,1249140268,MF @@ -21275,7 +21784,9 @@ 1294532608,1294598143,RU 1294598144,1294606335,IT 1294606336,1294610431,IR -1294610432,1294619647,IT +1294610432,1294611455,IT +1294611456,1294611711,IR +1294611712,1294619647,IT 1294619648,1294626815,IR 1294626816,1294630911,IT 1294630912,1294663679,LB @@ -21448,8 +21959,8 @@ 1296580608,1296582655,CH 1296582656,1296584703,IE 1296584704,1296585215,RU -1296585216,1296585983,GB -1296585984,1296586751,RU +1296585216,1296585471,GB +1296585472,1296586751,RU 1296586752,1296588799,FR 1296588800,1296590847,SE 1296590848,1296592895,ES @@ -21690,7 +22201,8 @@ 1297727488,1297743871,MD 1297743872,1297760255,DE 1297760256,1297776639,LT -1297776640,1297793023,DE +1297776640,1297784831,DE +1297784832,1297793023,PT 1297793024,1297809407,UA 1297809408,1297825791,PL 1297825792,1297838079,RU @@ -21772,9 +22284,7 @@ 1298137088,1298661375,GB 1298661376,1298677759,FR 1298677760,1298694143,IR -1298694144,1298708991,US -1298708992,1298709247,IT -1298709248,1298710527,US +1298694144,1298710527,US 1298710528,1298726911,CZ 1298726912,1298743295,RS 1298743296,1298757631,FI @@ -21854,7 +22364,9 @@ 1306279936,1306288127,IT 1306288128,1306296319,AT 1306296320,1306312703,RU -1306312704,1306320895,UZ +1306312704,1306317823,UZ +1306317824,1306318847,NL +1306318848,1306320895,RU 1306320896,1306329087,DE 1306329088,1306337279,BA 1306337280,1306345471,HU @@ -22112,7 +22624,9 @@ 1308020736,1308024831,BG 1308024832,1308030975,RU 1308030976,1308033023,UA -1308033024,1308035427,DE +1308033024,1308033685,DE +1308033686,1308033686,GB +1308033687,1308035427,DE 1308035428,1308035428,GB 1308035429,1308037119,DE 1308037120,1308041215,UA @@ -22252,9 +22766,7 @@ 1311253448,1311253455,IT 1311253456,1311253479,GB 1311253480,1311253487,IT -1311253488,1311253831,GB -1311253832,1311253839,IT -1311253840,1311254007,GB +1311253488,1311254007,GB 1311254008,1311254015,IT 1311254016,1311254527,GB 1311254528,1311256575,SE @@ -22441,7 +22953,11 @@ 1317404672,1317437439,IT 1317437440,1317470207,HR 1317470208,1317470463,CY -1317470464,1317474303,TR +1317470464,1317471231,TR +1317471232,1317471743,CY +1317471744,1317471999,TR +1317472000,1317472255,CY +1317472256,1317474303,TR 1317474304,1317478399,CY 1317478400,1317502975,TR 1317502976,1317535743,IE @@ -22560,9 +23076,7 @@ 1318682624,1318690815,RU 1318690816,1318699007,DK 1318699008,1318707199,IE -1318707200,1318708223,FR -1318708224,1318708479,GB -1318708480,1318715391,FR +1318707200,1318715391,FR 1318715392,1318723583,BG 1318723584,1318731775,IR 1318731776,1318739967,PL @@ -22840,9 +23354,10 @@ 1334392848,1334392863,FI 1334392864,1334392895,FR 1334392896,1334392959,GB -1334392960,1334409599,FR +1334392960,1334394879,FR +1334394880,1334409599,IT 1334409600,1334409607,DE -1334409608,1334411263,FR +1334409608,1334411263,IT 1334411264,1334444031,RU 1334444032,1334503935,SE 1334503936,1334504191,DK @@ -23586,11 +24101,7 @@ 1347296233,1347296240,JO 1347296241,1347296264,SE 1347296265,1347296272,US -1347296273,1347297071,SE -1347297072,1347297079,US -1347297080,1347297151,SE -1347297152,1347297159,SL -1347297160,1347297279,SE +1347296273,1347297279,SE 1347297280,1347305471,UA 1347305472,1347309567,AL 1347309568,1347313663,DE @@ -23761,6 +24272,7 @@ 1347932160,1347936255,SK 1347936256,1347940351,FR 1347940352,1347944447,BA +1347944448,1347944959,ZA 1347945472,1347946495,NG 1347947520,1347948543,DZ 1347948544,1347952639,DE @@ -23991,9 +24503,8 @@ 1353275248,1353275255,ES 1353275256,1353277439,GB 1353277440,1353279487,CH -1353279488,1353279583,GB -1353279584,1353279591,IT -1353279592,1353286143,GB +1353279488,1353280511,IT +1353280512,1353286143,GB 1353286336,1353286367,GB 1353286400,1353287959,GB 1353287960,1353287967,IE @@ -24053,7 +24564,19 @@ 1355284480,1355415551,BE 1355415552,1355546623,NO 1355546624,1355808767,IT -1355808768,1356005375,DK +1355808768,1355841535,DK +1355841536,1355857919,CH +1355857920,1355862015,LU +1355862016,1355864063,DK +1355864064,1355866111,GB +1355866112,1355868159,LT +1355868160,1355870207,DE +1355870208,1355872255,DK +1355872256,1355873279,IT +1355873280,1355873791,GB +1355873792,1355874047,GG +1355874048,1355874303,DE +1355874304,1356005375,DK 1356005376,1356070911,IT 1356070912,1356201983,NO 1356201984,1356333055,FR @@ -24114,7 +24637,7 @@ 1357328896,1357329159,NL 1357329168,1357329183,NL 1357329408,1357329415,BE -1357330944,1357331199,GB +1357330944,1357331207,GB 1357335808,1357336063,IT 1357337600,1357337647,NL 1357337664,1357337727,NL @@ -24161,7 +24684,7 @@ 1357375216,1357375223,ES 1357375224,1357375423,GB 1357375424,1357375487,IE -1357375504,1357375535,GB +1357375504,1357375551,GB 1357377536,1357378647,FR 1357378656,1357378671,FR 1357378816,1357379071,FR @@ -24200,7 +24723,6 @@ 1357884160,1357884415,GB 1357885120,1357885183,DE 1357885200,1357885215,AT -1357885248,1357885311,SE 1357885952,1357886207,SE 1357889024,1357889279,GB 1357889280,1357889535,SE @@ -24790,7 +25312,7 @@ 1360654336,1360658431,EE 1360658432,1360666623,PL 1360666624,1360674815,NO -1360674816,1360676863,DZ +1360674816,1360676863,NG 1360676864,1360678911,ZA 1360678912,1360683007,RU 1360683008,1360691199,GB @@ -25046,7 +25568,7 @@ 1365028864,1365032959,NL 1365032960,1365033471,US 1365033472,1365033599,PT -1365033600,1365033983,US +1365033600,1365033983,GB 1365033984,1365035007,SE 1365035008,1365039103,GB 1365039104,1365039135,FI @@ -26921,7 +27443,12 @@ 1410539520,1410547711,GB 1410547712,1410555903,CZ 1410555904,1410564095,GB -1410564096,1410568501,SE +1410564096,1410567320,SE +1410567321,1410567321,NO +1410567322,1410567322,FI +1410567323,1410567323,EE +1410567324,1410567324,IT +1410567325,1410568501,SE 1410568502,1410568502,DK 1410568503,1410568991,SE 1410568992,1410569007,NO @@ -26948,11 +27475,9 @@ 1410711552,1410719743,BG 1410719744,1410727935,RU 1410727936,1410736127,BG -1410736128,1410737151,XK -1410737152,1410739199,RS -1410739200,1410740479,XK -1410740480,1410744063,RS -1410744064,1410744319,XK +1410736128,1410739455,RS +1410739456,1410739711,XK +1410739712,1410744319,RS 1410744320,1410745087,FR 1410745344,1410747391,FR 1410747392,1410747647,GP @@ -26976,9 +27501,7 @@ 1411449728,1411449791,DE 1411449792,1411450303,IT 1411450304,1411450367,DE -1411450368,1411481855,IT -1411481856,1411483903,DE -1411483904,1411514367,IT +1411450368,1411514367,IT 1411514368,1411579903,FI 1411579904,1411645439,NL 1411645440,1411710975,EG @@ -27027,7 +27550,6 @@ 1411907584,1411911679,GB 1411911680,1411915775,US 1411915776,1411919871,GB -1411919872,1411921919,DE 1411921920,1411922175,GB 1411922176,1411922431,DE 1411922432,1411923967,GB @@ -27036,8 +27558,8 @@ 1411961612,1411961612,IE 1411961613,1411973119,PL 1411973120,1411999743,SI -1411999744,1412001023,BA -1412001024,1412002815,SI +1411999744,1412001279,BA +1412001280,1412002815,SI 1412002816,1412003839,BA 1412003840,1412005887,SI 1412005888,1412038655,NL @@ -27060,7 +27582,8 @@ 1412406272,1412408831,RU 1412408832,1412409343,RO 1412409344,1412412159,RU -1412412160,1412412671,RO +1412412160,1412412415,RO +1412412416,1412412671,GB 1412412672,1412413439,RU 1412413440,1412413951,RO 1412413952,1412414719,RU @@ -27084,7 +27607,7 @@ 1412796928,1412800511,US 1412801536,1412804607,US 1412804864,1412805631,US -1412806144,1412808703,US +1412806656,1412808703,US 1412808704,1412825087,RU 1412832768,1412833023,SL 1412841472,1412857855,UZ @@ -27725,7 +28248,11 @@ 1438126080,1438130175,CZ 1438130176,1438138367,NL 1438138368,1438146559,FR -1438146560,1438154751,MT +1438146560,1438147583,MT +1438147584,1438147839,SE +1438147840,1438148095,BE +1438148096,1438148351,GB +1438148352,1438154751,MT 1438154752,1438171135,DK 1438171136,1438173183,GB 1438173184,1438179327,IM @@ -28700,11 +29227,7 @@ 1475559424,1475563007,GR 1475563008,1475563263,BG 1475563264,1475563519,GR -1475563520,1475565183,BG -1475565184,1475565311,GR -1475565312,1475566207,BG -1475566208,1475566335,GR -1475566336,1475575807,BG +1475563520,1475575807,BG 1475575808,1475592191,AT 1475592192,1475608575,GB 1475608576,1475624959,RU @@ -28827,12 +29350,12 @@ 1476010112,1476011327,RS 1476011328,1476011775,XK 1476011776,1476012095,RS -1476012096,1476012287,XK -1476012288,1476013055,RS -1476013056,1476013311,XK -1476013312,1476013567,RS -1476013568,1476013823,XK -1476013824,1476014079,RS +1476012096,1476012176,XK +1476012177,1476012177,RS +1476012178,1476012250,XK +1476012251,1476012251,RS +1476012252,1476012287,XK +1476012288,1476014079,RS 1476014080,1476014127,XK 1476014128,1476014135,RS 1476014136,1476014591,XK @@ -29591,7 +30114,9 @@ 1486284168,1486284191,GB 1486284192,1486284215,US 1486284216,1486284223,GB -1486284224,1486284543,US +1486284224,1486284471,US +1486284472,1486284479,GB +1486284480,1486284543,US 1486284544,1486284599,GB 1486284600,1486284623,US 1486284624,1486284647,GB @@ -29800,7 +30325,9 @@ 1489665792,1489666047,IT 1489666048,1489674239,GB 1489674240,1489676287,NL -1489676288,1489688575,GB +1489676288,1489678943,GB +1489678944,1489678959,US +1489678960,1489688575,GB 1489688576,1489688831,IL 1489688832,1489689087,GB 1489689088,1489689343,IL @@ -30378,7 +30905,7 @@ 1495614464,1495617535,RO 1495617536,1495618559,ES 1495618560,1495619583,BE -1495619584,1495620607,RO +1495619584,1495620607,AT 1495620608,1495621375,GB 1495621376,1495621631,RO 1495621632,1495621887,GB @@ -30409,7 +30936,7 @@ 1495653376,1495654399,KZ 1495654400,1495654911,RO 1495654912,1495655167,NL -1495655168,1495655423,BG +1495655168,1495655423,GB 1495655424,1495656447,US 1495656448,1495656959,RO 1495656960,1495657215,GB @@ -30432,7 +30959,8 @@ 1495680000,1495682047,RO 1495682048,1495683071,MD 1495683072,1495687167,IR -1495687168,1495688703,RO +1495687168,1495688191,NL +1495688192,1495688703,RO 1495688704,1495689215,IR 1495689216,1495689727,RO 1495689728,1495690239,DE @@ -30442,14 +30970,16 @@ 1495695360,1495699455,RO 1495699456,1495700479,GB 1495700480,1495701503,FR -1495701504,1495704575,RO +1495701504,1495703551,RO +1495703552,1495704575,NL 1495704576,1495705599,KZ 1495705600,1495709695,RO 1495709696,1495713791,IR 1495713792,1495715839,ES 1495715840,1495716863,RO 1495716864,1495717887,IR -1495717888,1495723519,RO +1495717888,1495719935,ES +1495719936,1495723519,RO 1495723520,1495724031,FR 1495724032,1495724287,GB 1495724288,1495724543,RO @@ -30470,7 +31000,7 @@ 1495749632,1495750655,MD 1495750656,1495752703,RO 1495752704,1495754751,MD -1495754752,1495755775,RO +1495754752,1495755775,NL 1495755776,1495756031,PL 1495756032,1495756799,RO 1495756800,1495758847,MD @@ -30496,7 +31026,9 @@ 1495772160,1495772671,US 1495772672,1495775743,RO 1495775744,1495776255,IR -1495776256,1495782399,RO +1495776256,1495781375,RO +1495781376,1495781631,IR +1495781632,1495782399,RO 1495782400,1495782911,GB 1495782912,1495783167,RO 1495783168,1495783423,GB @@ -30526,7 +31058,8 @@ 1495815168,1495816191,ES 1495816192,1495816703,RO 1495816704,1495817215,IR -1495817216,1495820799,RO +1495817216,1495817471,US +1495817472,1495820799,RO 1495820800,1495821311,IR 1495821312,1495821823,DE 1495821824,1495822335,IR @@ -30719,7 +31252,9 @@ 1496066816,1496067071,QA 1496067072,1496072191,RO 1496072192,1496074239,ES -1496074240,1496082175,RO +1496074240,1496078335,RO +1496078336,1496079359,MD +1496079360,1496082175,RO 1496082176,1496082431,GB 1496082432,1496083967,RO 1496083968,1496084479,FR @@ -30840,7 +31375,7 @@ 1496248832,1496253439,RO 1496253440,1496254463,ES 1496254464,1496256255,RO -1496256256,1496256511,NL +1496256256,1496256511,US 1496256512,1496260607,RO 1496260608,1496261119,IT 1496261120,1496262655,RO @@ -31077,9 +31612,7 @@ 1503854592,1503887359,RU 1503887360,1503895567,DE 1503895568,1503895571,IT -1503895572,1503895663,DE -1503895664,1503895671,FR -1503895672,1503895679,DE +1503895572,1503895679,DE 1503895680,1503895687,IT 1503895688,1503896159,DE 1503896160,1503896175,CH @@ -31482,8 +32015,7 @@ 1508818944,1508830719,RO 1508830720,1508831487,SK 1508831488,1508835327,RO -1508835328,1508843519,CZ -1508843520,1508851711,GB +1508835328,1508851711,CZ 1508851712,1508868095,PL 1508868096,1508884479,RU 1508884480,1508900863,DK @@ -31510,8 +32042,8 @@ 1509494784,1509498879,RU 1509498880,1509502975,DE 1509502976,1509507071,RU -1509507072,1509507327,GB -1509507328,1509507583,DE +1509507072,1509507199,GB +1509507200,1509507583,DE 1509507584,1509509375,GB 1509509376,1509509631,BE 1509509632,1509511167,GB @@ -31847,9 +32379,7 @@ 1518567424,1518583807,LV 1518583808,1518600191,HR 1518600192,1518641151,SE -1518641152,1518645247,NL -1518645248,1518647295,SE -1518647296,1518649343,NL +1518641152,1518649343,HR 1518649344,1518665727,SE 1518665728,1518723071,LV 1518723072,1518727167,EE @@ -31967,7 +32497,10 @@ 1532675072,1532682239,UA 1532682240,1532690431,LV 1532690432,1532755967,FR -1532755968,1532774143,BG +1532755968,1532756223,GR +1532756224,1532756479,RO +1532756480,1532756735,UA +1532756736,1532774143,BG 1532774144,1532774399,CH 1532774400,1532784639,BG 1532784640,1532785151,TR @@ -32107,9 +32640,7 @@ 1533819904,1533820927,RU 1533820928,1533829119,DE 1533829120,1533833215,NO -1533833216,1533835263,IR -1533835264,1533836287,US -1533836288,1533845503,IR +1533833216,1533845503,IR 1533845504,1533847551,GB 1533847552,1533849599,RU 1533849600,1533851135,SE @@ -32317,7 +32848,7 @@ 1535115264,1535116287,AT 1535116288,1535123455,SE 1535123456,1535131647,LV -1535131648,1535148031,SE +1535131648,1535148031,HR 1535148032,1535197183,AT 1535197184,1535203359,EE 1535203360,1535205375,SE @@ -33113,7 +33644,9 @@ 1539649024,1539649535,LB 1539649536,1539650559,UA 1539650560,1539651583,RU -1539651584,1539652607,UA +1539651584,1539651839,UA +1539651840,1539652095,RU +1539652096,1539652607,UA 1539652608,1539653631,IL 1539653632,1539654655,RU 1539655680,1539656703,NL @@ -33273,7 +33806,6 @@ 1539738112,1539738367,DK 1539738368,1539738623,DE 1539738624,1539738879,UA -1539738880,1539739135,NL 1539739136,1539739391,AT 1539739392,1539739647,UA 1539739648,1539739903,DK @@ -34105,7 +34637,6 @@ 1540356608,1540357119,DE 1540357120,1540357631,RU 1540357632,1540358143,FR -1540358144,1540358399,RU 1540358400,1540358655,GB 1540358656,1540358911,SE 1540358912,1540359167,GB @@ -34747,7 +35278,6 @@ 1540660224,1540660479,RU 1540660480,1540660735,FR 1540660736,1540660991,RU -1540660992,1540661247,RO 1540661760,1540662015,RO 1540662272,1540662527,RO 1540662528,1540662783,PL @@ -35754,7 +36284,6 @@ 1541177344,1541177599,CH 1541177600,1541177855,DE 1541177856,1541178111,RO -1541178112,1541178367,RU 1541178368,1541178623,GB 1541178624,1541178879,RU 1541178880,1541179135,DE @@ -36117,7 +36646,7 @@ 1541363200,1541363455,UA 1541363456,1541363711,IE 1541363712,1541363967,UA -1541363968,1541364479,RU +1541364224,1541364479,RU 1541364480,1541364735,AT 1541364736,1541364991,SE 1541364992,1541365247,RU @@ -37309,7 +37838,6 @@ 1542068224,1542069759,UA 1542069760,1542070015,DE 1542070016,1542071295,UA -1542071296,1542071551,CN 1542071552,1542071807,UA 1542071808,1542072319,DE 1542072320,1542073343,UA @@ -37769,7 +38297,7 @@ 1542351616,1542351871,PL 1542351872,1542353151,RU 1542353152,1542353407,SA -1542353408,1542353919,RU +1542353664,1542353919,RU 1542353920,1542354943,IT 1542354944,1542355711,RU 1542355712,1542355967,GB @@ -37957,7 +38485,7 @@ 1542454272,1542454783,NO 1542454784,1542455039,PL 1542455040,1542455295,SE -1542455296,1542455551,CH +1542455296,1542455551,US 1542455552,1542455807,RO 1542455808,1542456319,GB 1542456320,1542456831,RO @@ -38777,7 +39305,9 @@ 1558102508,1558102508,DE 1558102509,1558103159,FR 1558103160,1558103167,GB -1558103168,1558106901,FR +1558103168,1558103967,FR +1558103968,1558103999,ES +1558104000,1558106901,FR 1558106902,1558106902,DE 1558106903,1558107391,FR 1558107392,1558107455,NL @@ -38798,16 +39328,23 @@ 1558119424,1558122495,RU 1558122496,1558123007,SG 1558123008,1558123519,RU -1558123520,1558126591,LU +1558123520,1558125567,LU +1558125568,1558126079,SG +1558126080,1558126335,DE +1558126336,1558126591,LU 1558126592,1558128639,RU -1558128640,1558129663,LU +1558128640,1558128895,US +1558128896,1558129151,LU +1558129152,1558129407,RU +1558129408,1558129663,LU 1558129664,1558130687,US 1558130688,1558131199,AU 1558131200,1558131711,LU 1558131712,1558132223,HK -1558132224,1558137087,LU +1558132224,1558136831,LU +1558136832,1558137087,RU 1558137088,1558137343,KR -1558137344,1558137855,LU +1558137344,1558137855,CZ 1558137856,1558138367,HK 1558138368,1558138879,AU 1558138880,1558139135,RU @@ -38817,23 +39354,27 @@ 1558140160,1558140415,RU 1558140416,1558140671,SG 1558140672,1558140927,RU -1558140928,1558141439,LU +1558140928,1558141183,LU +1558141184,1558141184,CY +1558141185,1558141439,LU 1558141440,1558141695,CY 1558141696,1558141951,RU -1558141952,1558142719,LU +1558141952,1558142463,PL +1558142464,1558142719,US 1558142720,1558142975,SG 1558142976,1558143231,US 1558143232,1558143743,LU 1558143744,1558143999,RU 1558144000,1558144255,LU -1558144256,1558144767,RU -1558144768,1558146306,LU -1558146307,1558146307,RU -1558146308,1558147583,LU +1558144256,1558145023,RU +1558145024,1558145535,LU +1558145536,1558145791,RU +1558145792,1558146047,US +1558146048,1558146815,RU +1558146816,1558147583,LU 1558147584,1558147839,RU 1558147840,1558148095,LU -1558148096,1558148351,SG -1558148352,1558148607,LU +1558148096,1558148607,SG 1558148608,1558149631,US 1558149632,1558150143,RU 1558150144,1558150655,DE @@ -38927,7 +39468,8 @@ 1559934976,1559937023,LU 1559937024,1559943167,DE 1559943168,1559944191,LU -1559944192,1559945727,FR +1559944192,1559945215,FR +1559945216,1559945727,LU 1559945728,1559946751,GB 1559946752,1559947519,DE 1559947520,1559948287,LU @@ -39492,10 +40034,9 @@ 1570619392,1570621439,BA 1570621440,1570625535,RU 1570625536,1570627583,GB -1570627584,1570635775,RU -1570635776,1570644767,FR -1570644768,1570644775,GB -1570644776,1570644991,FR +1570627584,1570629631,KG +1570629632,1570635775,RU +1570635776,1570644991,FR 1570644992,1570645247,GB 1570645248,1570652159,FR 1570652160,1570660863,SE @@ -39602,7 +40143,7 @@ 1571484160,1571484671,CZ 1571484672,1571484927,KZ 1571484928,1571486719,RU -1571486720,1571486975,CZ +1571486720,1571486975,BY 1571486976,1571487231,NL 1571487232,1571488767,RU 1571488768,1571489023,CZ @@ -39910,9 +40451,8 @@ 1572669440,1572673535,RU 1572673536,1572675583,AT 1572675584,1572677631,ES -1572677632,1572681983,RU -1572681984,1572682239,NL -1572682240,1572683775,RU +1572677632,1572681727,RU +1572681728,1572683775,NL 1572683776,1572685823,CH 1572685824,1572689919,RU 1572689920,1572691967,ES @@ -40126,7 +40666,9 @@ 1578596352,1578596863,GB 1578596864,1578602495,FR 1578602496,1578604543,NL -1578604544,1578606591,RU +1578604544,1578605014,RU +1578605015,1578605015,GB +1578605016,1578606591,RU 1578606592,1578608639,DE 1578608640,1578610687,CZ 1578610688,1578611039,FR @@ -40540,7 +41082,8 @@ 1585440768,1585442815,IT 1585442816,1585446911,RU 1585446912,1585577983,KW -1585577984,1585709055,UA +1585577984,1585643519,DE +1585643520,1585709055,UA 1585709056,1585840127,PT 1585840128,1585971199,DE 1585971200,1585979391,AT @@ -40722,8 +41265,7 @@ 1588663808,1588664063,GB 1588664064,1588664319,RO 1588664320,1588664575,TH -1588664576,1588664831,VG -1588664832,1588665087,RO +1588664576,1588665087,RO 1588665088,1588665343,GB 1588665344,1588673535,RO 1588673536,1588674559,BG @@ -40736,8 +41278,7 @@ 1588680704,1588682751,LU 1588682752,1588684799,RO 1588684800,1588685055,TH -1588685056,1588685311,VG -1588685312,1588686847,RO +1588685056,1588686847,RO 1588686848,1588687103,NO 1588687104,1588687359,GB 1588687360,1588688383,RO @@ -41101,10 +41642,9 @@ 1596858368,1596858879,CZ 1596858880,1596859391,RU 1596859392,1596859903,CZ -1596859904,1596860415,RU -1596860416,1596861439,BY +1596859904,1596861439,RU 1596861440,1596861951,UA -1596861952,1596862207,BY +1596861952,1596862207,CZ 1596862208,1596866559,RU 1596866560,1596868607,UZ 1596868608,1596869631,RU @@ -41166,8 +41706,8 @@ 1596930383,1596930383,TM 1596930384,1596931071,CZ 1596931072,1596931583,BY -1596931584,1596932095,CZ -1596932096,1596940287,RU +1596931584,1596931839,CZ +1596931840,1596940287,RU 1596940288,1596940543,CZ 1596940544,1596940799,RU 1596940800,1596941055,UA @@ -41211,9 +41751,7 @@ 1596968960,1596973055,BA 1596973056,1596975103,BY 1596975104,1596975359,CZ -1596975360,1596977663,RU -1596977664,1596977919,CZ -1596977920,1596978431,RU +1596975360,1596978431,RU 1596978432,1596978944,CZ 1596978945,1596978945,RU 1596978946,1596980223,CZ @@ -41653,11 +42191,7 @@ 1605099520,1605107711,RU 1605107712,1605108247,GB 1605108248,1605108255,IT -1605108256,1605109079,GB -1605109080,1605109087,IT -1605109088,1605109223,GB -1605109224,1605109231,IT -1605109232,1605109351,GB +1605108256,1605109351,GB 1605109352,1605109359,IT 1605109360,1605109495,GB 1605109496,1605109503,IT @@ -42172,11 +42706,12 @@ 1710882816,1710948351,KR 1710948352,1710949375,CN 1710949376,1710950399,NP -1710950400,1710972824,CN -1710972825,1710972825,TW -1710972826,1711210495,CN +1710950400,1710972671,CN +1710972672,1710972927,TW +1710972928,1711210495,CN 1711210496,1711276031,ID 1724715556,1724715556,MU +1727528960,1728053247,ZA 1728053248,1728120063,AU 1728120064,1728120319,SG 1728120320,1728120575,IN @@ -42327,10 +42862,11 @@ 1728345088,1728346111,BD 1728346112,1728346367,AU 1728346368,1728346623,NZ -1728346624,1728347147,AU -1728347149,1728347416,AU -1728347418,1728347421,AU -1728347423,1728348159,AU +1728346624,1728347135,AU +1728347136,1728347147,SG +1728347149,1728347416,SG +1728347418,1728347421,SG +1728347423,1728348159,SG 1728348160,1728349183,VN 1728349184,1728350207,AU 1728350208,1728351231,NZ @@ -42749,7 +43285,6 @@ 1728733184,1728734207,ID 1728734208,1728735231,SG 1728735232,1728736255,ID -1728736256,1728736511,HK 1728736512,1728736767,IN 1728736768,1728737023,ID 1728737280,1728738303,JP @@ -43517,7 +44052,7 @@ 1729441792,1729442815,AU 1729442816,1729443839,IN 1729443840,1729444351,AU -1729444352,1729444863,AE +1729444352,1729444863,IN 1729444864,1729445887,TW 1729445888,1729446399,SG 1729446400,1729446911,IN @@ -43852,7 +44387,9 @@ 1729807360,1729808383,MY 1729808384,1729808895,IN 1729808896,1729809407,AU -1729809408,1729810431,IN +1729809408,1729809663,IN +1729809664,1729810175,US +1729810176,1729810431,IN 1729810432,1729812479,ID 1729812480,1729813503,IN 1729813504,1729814527,SG @@ -44789,7 +45326,7 @@ 1731161088,1731162111,CN 1731162112,1731163135,HK 1731163136,1731165183,CN -1731165184,1731167231,IN +1731165184,1731166207,IN 1731167232,1731168255,ID 1731168256,1731170559,CN 1731170560,1731170687,HK @@ -44892,7 +45429,7 @@ 1731275776,1731276799,KR 1731276800,1731279871,IN 1731279872,1731280895,HK -1731280896,1731281919,JP +1731280896,1731281919,TH 1731281920,1731282175,IN 1731282176,1731282431,PK 1731282432,1731282943,PH @@ -45006,7 +45543,6 @@ 1731423232,1731424255,HK 1731424256,1731425279,AU 1731425280,1731426303,IN -1731426304,1731427327,BD 1731427328,1731428351,KH 1731428352,1731428607,IN 1731428864,1731429119,AU @@ -45372,8 +45908,8 @@ 1731827712,1731828735,PK 1731828736,1731829759,SG 1731829760,1731830783,IN -1731830784,1731831039,SG -1731831040,1731831807,AU +1731830784,1731831551,SG +1731831552,1731831807,AU 1731831808,1731832831,PK 1731832832,1731836927,IN 1731836928,1731837951,MY @@ -45593,8 +46129,7 @@ 1732127744,1732128767,HK 1732128768,1732129023,SG 1732129024,1732129279,NZ -1732129280,1732129535,AU -1732129536,1732129791,HK +1732129280,1732129791,AU 1732129792,1732130815,CN 1732130816,1732134911,IN 1732134912,1732140031,CN @@ -45696,8 +46231,9 @@ 1732374528,1732375551,US 1732375552,1732376575,AU 1732376576,1732377599,US -1732377600,1732377855,NZ -1732377856,1732378623,AU +1732377600,1732377855,AU +1732377856,1732378111,NZ +1732378112,1732378623,AU 1732378624,1732384767,IN 1732384768,1732385279,BD 1732385280,1732385791,AU @@ -45795,7 +46331,7 @@ 1732501504,1732502527,HK 1732502528,1732503551,PH 1732503552,1732504063,IN -1732504064,1732504575,PH +1732504064,1732504575,AU 1732504576,1732505599,IN 1732505600,1732506623,ID 1732506624,1732507647,IN @@ -45974,7 +46510,8 @@ 1732705280,1732707327,CN 1732707328,1732708351,AU 1732708352,1732709375,ID -1732709376,1732710399,HK +1732709376,1732710143,HK +1732710144,1732710399,JP 1732710400,1732712447,IN 1732712448,1732712703,HK 1732712704,1732712959,AF @@ -46100,7 +46637,9 @@ 1732869632,1732869887,AU 1732869888,1732870143,IN 1732870144,1732875263,CN -1732875264,1732878335,IN +1732875264,1732877567,IN +1732877568,1732877823,US +1732877824,1732878335,IN 1732878336,1732879359,HK 1732879360,1732880383,KH 1732880384,1732881407,CN @@ -46263,7 +46802,7 @@ 1733057280,1733057535,IN 1733057536,1733058559,CN 1733058560,1733060607,IN -1733060608,1733060863,CN +1733060608,1733060863,JP 1733060864,1733061119,US 1733061120,1733061375,CN 1733061376,1733061631,US @@ -46431,7 +46970,7 @@ 1733224448,1733225471,ID 1733225472,1733226751,IN 1733226752,1733227007,AU -1733227008,1733227519,TH +1733227008,1733227519,MY 1733227520,1733228543,IN 1733228544,1733230591,BD 1733230592,1733231615,IN @@ -46507,7 +47046,7 @@ 1733309440,1733309695,IN 1733309696,1733309951,AU 1733309952,1733313791,IN -1733313792,1733314047,AU +1733313792,1733314047,SG 1733314048,1733314559,BD 1733314560,1733315583,CN 1733315584,1733315839,NZ @@ -46677,7 +47216,7 @@ 1733485568,1733486591,MY 1733486592,1733486847,MM 1733486848,1733487103,ID -1733487104,1733487615,IN +1733487104,1733487615,US 1733487616,1733488639,CN 1733488640,1733490175,ID 1733490176,1733490431,NZ @@ -46785,8 +47324,7 @@ 1733592320,1733592575,BD 1733592576,1733592831,MV 1733592832,1733593087,AU -1733593088,1733593343,HK -1733593344,1733594111,CN +1733593088,1733594111,CN 1733594112,1733596159,ID 1733596160,1733597183,PK 1733597184,1733598207,US @@ -46811,6 +47349,7 @@ 1733616640,1733618687,ID 1733618688,1733620735,IN 1733620736,1733621759,BD +1733621760,1733622015,AU 1733622016,1733622271,ID 1733622272,1733622783,IN 1733622784,1733623807,BD @@ -46890,7 +47429,8 @@ 1733704704,1733705727,CN 1733705728,1733706751,HK 1733706752,1733707007,JP -1733707008,1733707775,CN +1733707008,1733707519,CN +1733707520,1733707775,US 1733707776,1733709823,HK 1733709824,1733710847,CN 1733710848,1733711615,KR @@ -46898,7 +47438,9 @@ 1733712896,1733713407,AU 1733713408,1733713663,ID 1733713664,1733713919,IN -1733713920,1733714943,PA +1733713920,1733714431,AU +1733714432,1733714687,JP +1733714688,1733714943,SG 1733714944,1733715455,ID 1733715456,1733715711,AU 1733715712,1733715967,ID @@ -47072,10 +47614,137 @@ 1733918720,1733919743,HK 1733919744,1733920767,GB 1733920768,1733921023,IN +1733921024,1733921279,HK 1733921280,1733921791,ID 1733921792,1733922815,SG 1733922816,1733923839,HK 1733923840,1733924863,CN +1733924864,1733925375,AF +1733925376,1733925887,ID +1733925888,1733926911,NP +1733926912,1733928703,ID +1733928704,1733928959,AU +1733928960,1733929983,IN +1733929984,1733931007,CN +1733931008,1733933055,MM +1733933056,1733945343,CN +1733945344,1733946367,IN +1733946368,1733948415,PH +1733948416,1733949439,BD +1733949440,1733949695,ID +1733949696,1733949951,IN +1733949952,1733950463,ID +1733950464,1733951487,IN +1733951488,1733952255,BD +1733952256,1733952511,AU +1733952512,1733953279,IN +1733953280,1733953535,PK +1733953536,1733954559,ID +1733954560,1733955071,BD +1733955072,1733955327,NZ +1733955328,1733955583,AU +1733955584,1733956607,JP +1733956608,1733957631,AU +1733957632,1733958655,ID +1733958656,1733959679,JP +1733959680,1733961727,IN +1733961728,1733962751,TH +1733962752,1733963775,IN +1733963776,1733964543,AU +1733964544,1733964799,HK +1733964800,1733965823,CN +1733965824,1733966335,HK +1733966336,1733966847,AU +1733966848,1733967871,IN +1733967872,1733968127,ID +1733968128,1733968895,AU +1733968896,1733970943,IN +1733970944,1733971199,HK +1733971200,1733971455,AU +1733971456,1733971711,NZ +1733971712,1733971967,IN +1733971968,1733972991,HK +1733972992,1733974015,NP +1733974016,1733975039,AU +1733975040,1733976063,CN +1733976064,1733977087,IN +1733977088,1733986303,CN +1733986304,1733987327,HK +1733987328,1733988351,AU +1733988352,1733989375,NP +1733989376,1733990399,KH +1733990400,1733991423,CN +1733991424,1733993471,IN +1733993472,1733994495,JP +1733994496,1733995519,CN +1733995520,1733995775,HK +1733995776,1733996031,CN +1733996032,1733996543,NZ +1733996544,1733997567,CN +1733997568,1733998591,IN +1733998592,1733999103,NZ +1733999104,1733999615,IN +1733999616,1734001663,CN +1734001664,1734002687,ID +1734002688,1734003199,IN +1734003200,1734003455,PH +1734003456,1734003711,HK +1734003712,1734004735,IN +1734004736,1734004991,AU +1734004992,1734005247,KR +1734005248,1734005503,ID +1734005504,1734005759,AU +1734005760,1734006783,BD +1734006784,1734007807,AU +1734007808,1734011903,VN +1734011904,1734013951,IN +1734013952,1734014975,KR +1734014976,1734018047,ID +1734018048,1734019071,JP +1734019072,1734020095,HK +1734020096,1734021119,ID +1734021120,1734022143,IN +1734022144,1734026239,ID +1734026240,1734028287,CN +1734028288,1734029311,ID +1734029312,1734030335,IN +1734030336,1734031103,BD +1734031104,1734031359,PH +1734031360,1734032383,HK +1734032384,1734032895,MM +1734032896,1734033407,IN +1734033408,1734034431,MY +1734034432,1734039295,IN +1734039296,1734039551,ID +1734039552,1734043647,IN +1734043648,1734044159,BD +1734044160,1734044191,PR +1734044192,1734044255,CN +1734044256,1734044287,KR +1734044288,1734044447,CN +1734044448,1734044479,US +1734044480,1734044511,CN +1734044512,1734044543,US +1734044544,1734045695,CN +1734045696,1734046207,PH +1734046208,1734046719,PG +1734046720,1734049023,IN +1734049024,1734049279,SG +1734049280,1734049535,HK +1734049536,1734049791,IN +1734049792,1734050815,BD +1734050816,1734052863,IN +1734052864,1734053887,PH +1734053888,1734054911,BD +1734054912,1734055935,AU +1734055936,1734056959,CN +1734056960,1734057983,HK +1734057984,1734059007,IN +1734059008,1734060031,AU +1734060032,1734061055,BD +1734061056,1734062079,NZ +1734062080,1734063103,CN +1734063104,1734064127,IN 1740636160,1740644351,CN 1740644352,1740645375,IN 1740645376,1740647423,HK @@ -47751,7 +48420,6 @@ 1741638656,1741639679,NZ 1741639680,1741640703,NP 1741640704,1741641727,PK -1741641728,1741642751,BD 1741642752,1741643007,AU 1741643008,1741643263,HK 1741643264,1741643775,AU @@ -47844,7 +48512,6 @@ 1741756416,1741756927,AU 1741756928,1741757439,IN 1741757440,1741758463,HK -1741758464,1741759487,US 1741759488,1741760511,IN 1741760512,1741761535,HK 1741761536,1741762559,AU @@ -47880,7 +48547,7 @@ 1741785088,1741786111,CN 1741786112,1741788159,IN 1741788160,1741789183,JP -1741789184,1741790207,AU +1741789184,1741789695,AU 1741790208,1741791231,MY 1741791232,1741792255,AU 1741792256,1741794303,SG @@ -48377,7 +49044,9 @@ 1742451712,1742452735,VN 1742452736,1742453759,CN 1742453760,1742454783,PH -1742454784,1742455807,HK +1742454784,1742455295,HK +1742455296,1742455551,US +1742455552,1742455807,HK 1742455808,1742456063,TH 1742456064,1742456831,ID 1742456832,1742460415,IN @@ -48776,7 +49445,8 @@ 1743062528,1743063039,AU 1743063040,1743064063,SG 1743064064,1743064575,ID -1743065088,1743066111,TW +1743065088,1743065599,TW +1743065600,1743066111,IN 1743066112,1743067135,CN 1743067136,1743068159,IN 1743068160,1743069183,HK @@ -48875,8 +49545,7 @@ 1743158272,1743159295,MY 1743160320,1743161343,TH 1743161344,1743162367,HK -1743162368,1743162623,BZ -1743162624,1743162879,AQ +1743162368,1743162879,BZ 1743162880,1743163135,KR 1743163136,1743163391,BZ 1743163392,1743166463,IN @@ -48969,7 +49638,8 @@ 1743258624,1743259647,CN 1743259648,1743260671,IN 1743260672,1743261703,JP -1743261704,1743262719,PH +1743261704,1743261711,PH +1743261712,1743262719,HK 1743262720,1743264767,IN 1743264768,1743265279,MY 1743265280,1743265535,ID @@ -50285,9 +50955,7 @@ 1744712448,1744712703,ID 1744712704,1744714751,IN 1744714752,1744715775,JP -1744715776,1744717823,CN -1744717824,1744718591,HK -1744718592,1744719871,CN +1744715776,1744719871,CN 1744719872,1744720895,IN 1744720896,1744721919,BD 1744721920,1744723455,AU @@ -50647,8 +51315,8 @@ 1749450240,1749465087,US 1749465088,1749465599,NL 1749465600,1749476863,US -1749476864,1749483519,NL -1749483520,1749487615,US +1749476864,1749479423,NL +1749479424,1749487615,US 1749487616,1749491711,NL 1749491712,1749495807,US 1749495808,1749496319,NL @@ -50676,8 +51344,8 @@ 1749635072,1749636095,NL 1749636096,1749647359,US 1749647360,1749655551,NL -1749655552,1749685247,US -1749685248,1749686783,NL +1749655552,1749686527,US +1749686528,1749686783,NL 1749686784,1749696511,US 1749696512,1749698047,NL 1749698048,1749698559,US @@ -51020,7 +51688,11 @@ 1753497600,1753499391,US 1753499392,1753499647,PH 1753499648,1753499903,AE -1753499904,1753511167,US +1753499904,1753500159,US +1753500160,1753500415,SK +1753500416,1753507391,US +1753507392,1753507439,KR +1753507440,1753511167,US 1753511168,1753511423,FR 1753511424,1753512703,US 1753512704,1753512959,SG @@ -51523,13 +52195,15 @@ 1757457408,1757458431,CA 1757458432,1757460479,US 1757460480,1757462527,VI -1757462528,1757472767,US +1757462528,1757466623,US +1757466624,1757468671,CA +1757468672,1757472767,US 1757472768,1757473791,CA 1757473792,1757487103,US 1757487104,1757489151,CA 1757489152,1757491199,US 1757491200,1757497343,CA -1757497344,1757502463,US +1757497344,1757501439,US 1757502464,1757503487,CA 1757503488,1757505535,US 1757505536,1757506559,CA @@ -51563,9 +52237,7 @@ 1757996544,1758002431,US 1758002432,1758002687,GB 1758002688,1758199807,US -1758199808,1758204415,CA -1758204416,1758204671,US -1758204672,1758330879,CA +1758199808,1758330879,CA 1758330880,1758412799,US 1758412800,1758413055,BG 1758413056,1758413311,SE @@ -51839,7 +52511,7 @@ 1760819712,1760819967,MA 1760819968,1760820479,US 1760820480,1760820735,CA -1760820736,1760823295,US +1760820736,1760822271,US 1760823296,1760824319,PT 1760824320,1760837631,US 1760837632,1760839679,CA @@ -52008,6 +52680,7 @@ 1761507328,1761507615,US 1761507616,1761507711,GB 1761507712,1761508351,US +1761508352,1761509375,VG 1761509376,1761515519,US 1761515520,1761517567,CA 1761517568,1761519615,US @@ -52035,7 +52708,7 @@ 1761600512,1761601535,US 1761601536,1761602559,VC 1761602560,1761606655,US -1761606656,1761607679,VC +1761606656,1761607679,LC 1761607680,1762613861,ZA 1762613862,1762613862,US 1762613863,1762656255,ZA @@ -52059,7 +52732,9 @@ 1762695168,1762701311,ZA 1762701312,1762703359,FR 1762703360,1762705407,GB -1762705408,1762768895,MU +1762705408,1762764799,MU +1762764800,1762766847,NL +1762766848,1762768895,SE 1762768896,1762770943,DE 1762770944,1762783231,MU 1762783232,1762791423,KE @@ -52067,7 +52742,8 @@ 1762795520,1762799615,TZ 1762799616,1762803711,MZ 1762803712,1762820095,ZA -1762820096,1762942975,MU +1762820096,1762824191,GB +1762824192,1762942975,MU 1762942976,1762947071,NL 1762947072,1762951167,SE 1762951168,1762955263,DE @@ -52127,9 +52803,8 @@ 1763657728,1763659775,ZA 1763659776,1763661823,MU 1763661824,1763663871,FR -1763663872,1763690495,MU -1763690496,1763692543,ZA -1763692544,1763694591,MU +1763663872,1763688447,MU +1763688448,1763694591,ZA 1763694592,1763696639,FR 1763696640,1763704831,MU 1763704832,1764753407,EG @@ -52141,7 +52816,8 @@ 1769996288,1772093439,MA 1772093440,1772617727,KE 1772617728,1773142015,AO -1773142016,1773273087,ZA +1773142016,1773207551,LR +1773207552,1773273087,ZA 1773273088,1773404159,RW 1773404160,1773666303,EG 1773666304,1773928447,ZA @@ -52391,7 +53067,9 @@ 1806532928,1806532959,GB 1806532960,1806925823,US 1806925824,1806958591,CA -1806958592,1807056895,US +1806958592,1807044095,US +1807044096,1807044351,NL +1807044352,1807056895,US 1807056896,1807057151,AU 1807057664,1807057919,GB 1807057920,1807058431,US @@ -52711,9 +53389,9 @@ 1833315968,1833316351,IM 1833316352,1833318399,DK 1833318400,1833320447,GB -1833320448,1833321215,IQ -1833321216,1833321471,AE -1833321472,1833322495,IQ +1833320448,1833321282,IQ +1833321283,1833321283,AE +1833321284,1833322495,IQ 1833322496,1833324543,IT 1833324544,1833326591,NO 1833326592,1833327103,GB @@ -52959,9 +53637,7 @@ 1835918848,1835918855,IT 1835918856,1835919415,GB 1835919416,1835919423,IT -1835919424,1835919511,GB -1835919512,1835919519,IT -1835919520,1835919751,GB +1835919424,1835919751,GB 1835919752,1835919759,IT 1835919760,1835921111,GB 1835921112,1835921127,IT @@ -52985,9 +53661,7 @@ 1835923720,1835923727,IT 1835923728,1835924287,GB 1835924288,1835924295,IT -1835924296,1835924375,GB -1835924376,1835924383,IT -1835924384,1835924815,GB +1835924296,1835924815,GB 1835924816,1835924823,IT 1835924824,1835925007,GB 1835925008,1835925015,IT @@ -53579,7 +54253,8 @@ 1843806208,1843822591,IR 1843822592,1843838975,RU 1843838976,1843839487,IR -1843839488,1843839999,DE +1843839488,1843839743,ES +1843839744,1843839999,DE 1843840000,1843840255,TR 1843840256,1843840767,DE 1843840768,1843841023,SE @@ -53602,7 +54277,8 @@ 1843851776,1843852031,IR 1843852032,1843852799,DE 1843852800,1843853311,IR -1843853312,1843854079,DE +1843853312,1843853823,DE +1843853824,1843854079,ES 1843854080,1843854335,IR 1843854336,1843855359,DE 1843855360,1843871743,PL @@ -53798,7 +54474,9 @@ 1844772864,1844838399,RS 1844838400,1844903935,GB 1844903936,1844969471,NO -1844969472,1845006335,RU +1844969472,1844984831,RU +1844984832,1844985343,GE +1844985344,1845006335,RU 1845006336,1845010431,KZ 1845010432,1845022719,RU 1845022720,1845023743,KZ @@ -53811,9 +54489,7 @@ 1845027584,1845027839,ES 1845027840,1845029887,RU 1845029888,1845030143,KZ -1845030144,1845030911,RU -1845030912,1845031935,GE -1845031936,1845035007,RU +1845030144,1845035007,RU 1845035008,1845100543,GB 1845100544,1845166079,DE 1845166080,1845231615,UA @@ -54940,7 +55616,9 @@ 1958845952,1958846463,HK 1958846464,1958847487,IN 1958847488,1958848511,CN -1958848512,1958850559,BD +1958848512,1958849023,BD +1958849024,1958849535,HK +1958849536,1958850559,ID 1958850560,1958852607,CN 1958852608,1958853631,AU 1958853632,1958854655,ID @@ -54992,7 +55670,8 @@ 1959680000,1959681023,BD 1959681024,1959682047,CN 1959682048,1959683071,IN -1959683072,1959684095,CN +1959683072,1959683327,US +1959683328,1959684095,CN 1959684096,1959685119,SC 1959685120,1959686143,PH 1959686144,1959687167,TH @@ -55015,6 +55694,16 @@ 1959707648,1959708671,ID 1959708672,1959709695,IN 1959709696,1959710719,SG +1959710720,1959711743,HK +1959711744,1959712767,ID +1959712768,1959713791,AU +1959713792,1959714815,IN +1959714816,1959715839,PH +1959715840,1959716863,AU +1959716864,1959719935,ID +1959719936,1959720959,LK +1959720960,1959721983,MY +1959721984,1959723007,BD 1959723008,1960050687,CN 1960050688,1960058879,KR 1960058880,1960067071,VN @@ -55204,8 +55893,10 @@ 1970798592,1970800639,SG 1970800640,1970802943,AU 1970802944,1970803199,SG -1970803200,1970803711,AU -1970803712,1970804223,HK +1970803200,1970803455,AU +1970803456,1970803711,IN +1970803712,1970803967,HK +1970803968,1970804223,SG 1970804224,1970804479,AU 1970804480,1970804735,SG 1970804736,1970806783,KH @@ -55244,7 +55935,7 @@ 1984135168,1984151551,KR 1984151552,1984153599,NZ 1984153600,1984155647,KH -1984155648,1984159743,AU +1984155648,1984159743,BD 1984159744,1984167935,IN 1984167936,1984430079,VN 1984430080,1985085439,CN @@ -55292,8 +55983,7 @@ 1986509824,1986510847,JP 1986510848,1986519039,KR 1986519040,1986523135,PK -1986523136,1986523904,HK -1986523905,1986525183,CN +1986523136,1986525183,CN 1986525184,1986527231,BN 1986527232,1986723839,JP 1986723840,1986740223,AU @@ -55675,7 +56365,6 @@ 2019078144,2019082239,IN 2019082240,2019098623,HK 2019098624,2019115007,PH -2019115008,2019117055,US 2019117056,2019119103,IN 2019119104,2019121151,NZ 2019121152,2019123199,ID @@ -55744,7 +56433,7 @@ 2032926720,2033057791,AU 2033057792,2033074175,CN 2033074176,2033075199,PK -2033075200,2033077247,BD +2033075200,2033076223,BD 2033077248,2033078271,CN 2033078272,2033079295,HK 2033079296,2033088511,IN @@ -55780,7 +56469,8 @@ 2033625088,2033627135,HK 2033627136,2033629183,CN 2033629184,2033630207,AU -2033630208,2033631231,HK +2033630208,2033630463,CN +2033630464,2033631231,HK 2033631232,2033647615,KR 2033647616,2033663999,CN 2033664000,2033696767,KR @@ -56039,15 +56729,17 @@ 2063085568,2063089663,CN 2063089664,2063097855,JP 2063097856,2063106047,MM -2063106048,2063107071,AU -2063107328,2063107655,AU +2063106048,2063107071,SG +2063107328,2063107655,SG 2063107656,2063107663,HK -2063107664,2063108095,AU +2063107664,2063108095,SG 2063108096,2063110143,HK 2063110144,2063111167,JP 2063111168,2063114239,AU 2063114240,2063115263,IN -2063115264,2063118159,JP +2063115264,2063116871,JP +2063116872,2063116879,KR +2063116880,2063118159,JP 2063118160,2063118191,PH 2063118192,2063118287,JP 2063118288,2063118303,PH @@ -56842,7 +57534,9 @@ 2171076608,2171142143,FR 2171142144,2172256255,US 2172256256,2172272639,GH -2172272640,2172289023,RE +2172272640,2172277247,RE +2172277248,2172277759,FR +2172277760,2172289023,RE 2172289024,2172321791,AO 2172321792,2172452863,US 2172452864,2172518399,NL @@ -57012,7 +57706,9 @@ 2187264000,2187329535,AU 2187329536,2187331583,US 2187331584,2187332607,CA -2187332608,2187460607,US +2187332608,2187333631,US +2187333632,2187334143,DE +2187334144,2187460607,US 2187460608,2187526143,FR 2187526144,2187591679,US 2187591680,2187657215,SE @@ -57069,8 +57765,8 @@ 2190140416,2190737407,NL 2190737408,2190802943,GB 2190802944,2190803967,DE -2190803968,2190804991,PL -2190804992,2190868479,DE +2190803968,2190804735,PL +2190804736,2190868479,DE 2190868480,2191065087,US 2191065088,2191130623,JP 2191130624,2191196159,US @@ -57125,9 +57821,7 @@ 2193223424,2193223679,GB 2193223680,2193226495,BG 2193226496,2193226751,GB -2193226752,2193227263,BG -2193227264,2193227519,BZ -2193227520,2193227775,BG +2193226752,2193227775,BG 2193227776,2193293311,IT 2193293312,2193358847,US 2193358848,2193424383,FI @@ -57996,8 +58690,8 @@ 2255749120,2255814655,US 2255814656,2255880191,CA 2255880192,2255945727,US -2255945728,2255998975,DE -2255998976,2256003071,FR +2255945728,2255994879,DE +2255994880,2256003071,FR 2256003072,2256006655,DE 2256006656,2256006911,FR 2256006912,2256011263,DE @@ -58509,8 +59203,7 @@ 2302404608,2302405631,JP 2302405632,2302406655,HK 2302406656,2302408703,IN -2302408704,2302409727,AU -2302409728,2302410751,JP +2302408704,2302410751,AU 2302410752,2302541823,SE 2302541824,2302607359,CH 2302607360,2302625761,SC @@ -58542,7 +59235,9 @@ 2303340640,2303340671,FI 2303340672,2303341283,FR 2303341284,2303341287,FI -2303341288,2303342459,FR +2303341288,2303341951,FR +2303341952,2303341967,ES +2303341968,2303342459,FR 2303342460,2303342463,DE 2303342464,2303343039,FR 2303343040,2303343103,PT @@ -58598,7 +59293,9 @@ 2303382880,2303382895,ES 2303382896,2303383503,FR 2303383504,2303383519,GB -2303383520,2303384959,FR +2303383520,2303383807,FR +2303383808,2303383935,ES +2303383936,2303384959,FR 2303384960,2303384991,GB 2303384992,2303385087,FR 2303385088,2303385103,FI @@ -58894,15 +59591,11 @@ 2321446912,2321447935,HN 2321447936,2321452031,BR 2321452032,2321453055,MX -2321453056,2321453359,HN -2321453360,2321453367,NL -2321453368,2321454079,HN +2321453056,2321454079,HN 2321454080,2321467136,BR 2321467137,2321467137,US 2321467138,2321471487,BR -2321471488,2321472391,HN -2321472392,2321472399,UY -2321472400,2321472511,HN +2321471488,2321472511,HN 2321472512,2321477631,BR 2321477632,2321478655,TT 2321478656,2321479679,SV @@ -59167,9 +59860,9 @@ 2327472128,2327476223,BR 2327476224,2327477247,CL 2327477248,2327480319,BR -2327480320,2327481135,HN -2327481136,2327481143,US -2327481144,2327481343,HN +2327480320,2327481007,HN +2327481008,2327481023,US +2327481024,2327481343,HN 2327481344,2327482367,AR 2327482368,2327483391,BR 2327483392,2327485439,AR @@ -59182,9 +59875,9 @@ 2327494656,2327496703,BR 2327496704,2327497727,MX 2327497728,2327498751,BR -2327498752,2327499623,HN -2327499624,2327499631,CL -2327499632,2327499775,HN +2327498752,2327499343,HN +2327499344,2327499351,CL +2327499352,2327499775,HN 2327499776,2327501823,AR 2327501824,2327507967,BR 2327507968,2327508991,AR @@ -59282,7 +59975,9 @@ 2330198016,2330263551,CH 2330263552,2330267647,US 2330267648,2330271743,CA -2330271744,2330394623,US +2330271744,2330288127,US +2330288128,2330290175,CN +2330290176,2330394623,US 2330394624,2330460159,FR 2330460160,2330525695,AT 2330525696,2330591231,SE @@ -59843,7 +60538,11 @@ 2378203648,2378210559,FI 2378210560,2378211071,NO 2378211072,2378235903,FI -2378235904,2378301439,ES +2378235904,2378239039,ES +2378239040,2378239071,CA +2378239072,2378239175,ES +2378239176,2378239179,CA +2378239180,2378301439,ES 2378301440,2378303231,FR 2378303488,2378366975,FR 2378366976,2378432511,US @@ -59873,7 +60572,13 @@ 2380432128,2380432383,US 2380432384,2380434431,IL 2380434432,2380435455,US -2380435456,2380464127,IL +2380435456,2380455935,IL +2380455936,2380456447,US +2380456448,2380456959,IL +2380456960,2380457215,NL +2380457216,2380457727,US +2380457728,2380457983,HK +2380457984,2380464127,IL 2380464128,2380464639,FR 2380464640,2380465151,US 2380465152,2380465407,FR @@ -59977,9 +60682,13 @@ 2387476480,2387542015,CA 2387542016,2387607551,US 2387607552,2388328447,CA -2388328448,2388350207,US +2388328448,2388330495,US +2388330496,2388332543,NL +2388332544,2388350207,US 2388350208,2388350463,LK -2388350464,2388393983,US +2388350464,2388367359,US +2388367360,2388369407,NL +2388369408,2388393983,US 2388393984,2389245951,CA 2389245952,2389311487,US 2389311488,2389639167,CA @@ -60060,7 +60769,9 @@ 2399184896,2399185919,AR 2399185920,2399186943,TT 2399186944,2399202303,BR -2399202304,2399203327,HN +2399202304,2399202591,HN +2399202592,2399202623,NL +2399202624,2399203327,HN 2399203328,2399204351,CL 2399204352,2399205375,AR 2399205376,2399206399,PE @@ -60269,7 +60980,7 @@ 2416085760,2416086015,GB 2416086016,2416086271,SG 2416086272,2416087039,GB -2416087040,2416091135,NL +2416087040,2416091135,US 2416091136,2416093183,ES 2416093184,2416095231,NL 2416095232,2416111615,US @@ -60547,7 +61258,9 @@ 2427536896,2427537151,US 2427537152,2427544575,NO 2427544832,2427584511,NO -2427584512,2427650047,GB +2427584512,2427625471,GB +2427625472,2427633663,ES +2427633664,2427650047,GB 2427650048,2427846655,NO 2427846656,2428183562,US 2428183564,2428567551,US @@ -60899,9 +61612,13 @@ 2457384960,2457388031,RU 2457388032,2457388543,CZ 2457388544,2457388799,UA -2457388800,2457391103,CZ -2457391104,2457392127,RU -2457392128,2457396223,CZ +2457388800,2457390591,CZ +2457390592,2457392127,RU +2457392128,2457394431,CZ +2457394432,2457394687,RU +2457394688,2457394943,CZ +2457394944,2457395455,RU +2457395456,2457396223,CZ 2457396224,2457397247,DE 2457397248,2457403391,RU 2457403392,2457520895,US @@ -61020,9 +61737,31 @@ 2462500352,2462500863,US 2462500864,2462506495,GB 2462506496,2462507007,US -2462507008,2462526602,GB +2462507008,2462515199,GB +2462515200,2462519295,US +2462519296,2462520319,GB +2462520320,2462521599,US +2462521600,2462521855,GB +2462521856,2462523391,US +2462523392,2462526602,GB 2462526603,2462526603,US -2462526604,2462580736,GB +2462526604,2462531583,GB +2462531584,2462533631,US +2462533632,2462535167,GB +2462535168,2462535679,US +2462535680,2462539775,GB +2462539776,2462540799,US +2462540800,2462541055,GB +2462541056,2462547967,US +2462547968,2462556415,GB +2462556416,2462559231,US +2462559232,2462560255,GB +2462560256,2462564351,US +2462564352,2462572543,GB +2462572544,2462574079,US +2462574080,2462574591,GB +2462574592,2462580735,US +2462580736,2462580736,GB 2462580737,2462582015,US 2462582016,2462582271,GB 2462582272,2462583039,US @@ -61123,7 +61862,8 @@ 2465671168,2465672703,IE 2465672704,2465672959,BG 2465672960,2465673215,IE -2465673216,2465677311,GB +2465673216,2465673471,IM +2465673472,2465677311,GB 2465677312,2465679359,IT 2465679360,2465681407,NL 2465681408,2465683455,SE @@ -61334,9 +62074,9 @@ 2481586688,2481587199,GB 2481587200,2481848319,IL 2481848320,2482175999,US -2482176000,2482208767,FI +2482176000,2482208767,GB 2482208768,2482216959,US -2482216960,2482225151,FI +2482216960,2482225151,GB 2482225152,2482233343,SG 2482233344,2482241535,CN 2482241536,2482634751,US @@ -61374,7 +62114,9 @@ 2486960128,2487025663,FR 2487025664,2487156735,US 2487156736,2487222271,PT -2487222272,2487369727,US +2487222272,2487363583,US +2487363584,2487365631,CA +2487365632,2487369727,US 2487369728,2487386111,PF 2487386112,2487394303,SG 2487394304,2487418879,US @@ -61464,7 +62206,9 @@ 2496004096,2496069631,AT 2496069632,2496135167,US 2496135168,2496200703,NL -2496200704,2499477503,MX +2496200704,2498475007,MX +2498475008,2498476031,EC +2498476032,2499477503,MX 2499477504,2499543039,DE 2499543040,2499545087,GB 2499545088,2499547135,IE @@ -61676,7 +62420,9 @@ 2500687872,2500689919,FR 2500689920,2500694015,US 2500694016,2500697087,IT -2500697088,2500702719,US +2500697088,2500702463,US +2500702464,2500702471,GB +2500702472,2500702719,US 2500702720,2500702975,NL 2500702976,2500719103,US 2500719104,2500721151,IE @@ -61697,7 +62443,9 @@ 2500746776,2500748543,US 2500748544,2500748799,ES 2500748800,2500755455,US -2500755456,2500763647,GB +2500755456,2500761631,GB +2500761632,2500761639,FR +2500761640,2500763647,GB 2500763648,2500984831,US 2500984832,2501033983,GB 2501033984,2501574655,US @@ -61710,8 +62458,8 @@ 2502047744,2502049791,ES 2502049792,2502098943,US 2502098944,2502164479,IT -2502164480,2502165503,GB -2502165504,2502173695,US +2502164480,2502165759,GB +2502165760,2502173695,US 2502173696,2502174207,DE 2502174208,2502180863,US 2502180864,2502181119,FI @@ -61790,10 +62538,8 @@ 2505469952,2505474047,NL 2505474048,2505482239,US 2505482240,2505484287,NL -2505484288,2505487871,US -2505487872,2505488127,FR -2505488128,2505488383,US -2505488384,2505490431,FR +2505484288,2505486335,US +2505486336,2505490431,FR 2505490432,2505498623,HR 2505498624,2505502719,US 2505502720,2505503743,UA @@ -62025,9 +62771,7 @@ 2513102904,2513103895,FR 2513103896,2513103935,PT 2513103936,2513103967,IE -2513103968,2513104819,FR -2513104820,2513104823,PL -2513104824,2513106239,FR +2513103968,2513106239,FR 2513106240,2513106303,IE 2513106304,2513107079,FR 2513107080,2513107083,FI @@ -62106,7 +62850,8 @@ 2522814464,2522815487,SG 2522815488,2522816511,TH 2522816512,2522824703,JP -2522824704,2522841087,SG +2522824704,2522834943,SG +2522834944,2522841087,VN 2522841088,2523201535,JP 2523201536,2523267071,AU 2523267072,2523463679,US @@ -62206,7 +62951,9 @@ 2525298688,2525626367,US 2525626368,2525757439,CN 2525757440,2525822975,GR -2525822976,2526085119,US +2525822976,2525954047,US +2525954048,2526019583,GB +2526019584,2526085119,US 2526085120,2526216191,IT 2526216192,2526412799,US 2526412800,2526478335,KR @@ -62380,7 +63127,9 @@ 2538646272,2538646399,BE 2538646400,2538646783,FR 2538646784,2538647039,CZ -2538647040,2538648015,FR +2538647040,2538647823,FR +2538647824,2538647831,FI +2538647832,2538648015,FR 2538648016,2538648031,ES 2538648032,2538648591,FR 2538648592,2538648623,BE @@ -62416,7 +63165,7 @@ 2538653932,2538653935,FR 2538653936,2538653939,GB 2538653940,2538655071,FR -2538655072,2538655103,ES +2538655072,2538655103,FI 2538655104,2538656959,FR 2538656960,2538656975,ES 2538656976,2538657135,FR @@ -62753,7 +63502,7 @@ 2572954368,2572954623,HK 2572954624,2572954879,AU 2572954880,2572955391,HK -2572955392,2572955647,BG +2572955392,2572955647,DE 2572955648,2572959743,FR 2572959744,2572960255,DE 2572960256,2572960511,SE @@ -62782,7 +63531,10 @@ 2572986112,2572986367,IE 2572986368,2572986623,PL 2572986624,2572986879,PT -2572986880,2572988415,DE +2572986880,2572987391,DE +2572987392,2572987647,NO +2572987648,2572987903,LU +2572987904,2572988415,DE 2572988416,2572989439,IT 2572989440,2572989695,GR 2572989696,2572989823,PL @@ -62879,8 +63631,7 @@ 2584744000,2584744191,ZA 2584744192,2584744447,NL 2584744448,2584744511,AU -2584744512,2584744575,ZA -2584744576,2584744703,DE +2584744512,2584744703,DE 2584744704,2584744959,US 2584744960,2584745023,AU 2584745024,2584745215,ZA @@ -63005,7 +63756,8 @@ 2584763456,2584763903,ZA 2584763904,2584763967,HK 2584763968,2584763999,DE -2584764000,2584764671,ZA +2584764000,2584764415,ZA +2584764416,2584764671,MA 2584764672,2584767231,US 2584767232,2584767487,TR 2584767488,2584768511,US @@ -63013,8 +63765,9 @@ 2584770560,2584773631,US 2584773632,2584773887,GB 2584773888,2584775423,US -2584775424,2584775679,KE -2584775680,2584779775,US +2584775424,2584775679,ZA +2584775680,2584776703,MA +2584776704,2584779775,US 2584779776,2584780031,NL 2584780032,2584780287,US 2584780288,2584780543,ES @@ -63023,7 +63776,7 @@ 2584782336,2584789759,US 2584789760,2584790015,NL 2584790016,2584790783,US -2584790784,2584791039,CN +2584790784,2584791039,HK 2584791040,2584791295,US 2584791296,2584791551,FR 2584791552,2584796159,US @@ -63196,7 +63949,9 @@ 2587639808,2587640063,GB 2587640064,2587648511,US 2587648512,2587649023,ES -2587649024,2587674623,US +2587649024,2587650815,US +2587650816,2587651071,ES +2587651072,2587674623,US 2587674624,2587676671,IT 2587676672,2587680767,US 2587680768,2587683839,ES @@ -63391,7 +64146,7 @@ 2591555584,2591571967,GH 2591571968,2591588351,NG 2591588352,2591604735,MG -2591604736,2591605759,MU +2591604736,2591605759,ZA 2591605760,2591606783,KE 2591606784,2591610879,MU 2591610880,2591612927,ZM @@ -63402,9 +64157,7 @@ 2591948800,2591981567,MG 2591981568,2591997951,CM 2591997952,2592006143,ZA -2592006144,2592007167,TZ -2592007168,2592009215,ZA -2592009216,2592022527,TZ +2592006144,2592022527,TZ 2592022528,2592026623,BJ 2592026624,2592026879,US 2592026880,2592027391,ZA @@ -63425,11 +64178,11 @@ 2592043008,2592047103,ZA 2592047104,2592079871,AO 2592079872,2593128447,EG +2593128448,2593652735,MA 2593652736,2594177023,KE 2594177024,2595225599,GH 2595225600,2596274175,EG -2596274176,2596339711,SC -2596339712,2597322751,ZA +2596274176,2597322751,ZA 2597322752,2598371327,US 2598371328,2598895615,UG 2598895616,2599157759,CI @@ -63956,9 +64709,7 @@ 2627731456,2631925759,EG 2631925760,2632450047,ZA 2632450048,2632974335,US -2632974336,2633236479,ZA -2633236480,2633302015,SC -2633302016,2634022911,ZA +2632974336,2634022911,ZA 2634022912,2634088447,CN 2634088448,2635202559,JP 2635202560,2635268095,CN @@ -64579,8 +65330,8 @@ 2667573248,2667575295,IT 2667575296,2667577343,SK 2667577344,2667642879,SA -2667642880,2667708415,US -2667708416,2667773951,CA +2667642880,2667712511,US +2667712512,2667773951,CA 2667773952,2667970559,US 2667970560,2668036095,CA 2668036096,2668101631,SE @@ -64767,9 +65518,9 @@ 2675613464,2675613471,IL 2675613472,2675613599,US 2675613600,2675613631,JP -2675613632,2675614687,US -2675614688,2675614719,NL -2675614720,2675624399,US +2675613632,2675614975,US +2675614976,2675614991,NL +2675614992,2675624399,US 2675624400,2675624415,CN 2675624416,2675626239,US 2675626240,2675626271,GB @@ -65083,22 +65834,38 @@ 2685599744,2685603839,US 2685604864,2685605887,PK 2685605888,2685607935,US +2685608960,2685609983,ZA +2685611008,2685612031,BR 2685612032,2685613055,CN 2685613056,2685614079,TW 2685616128,2685617151,ID 2685626368,2685627391,US 2685628416,2685632511,ZA 2685640704,2685641727,US +2685642752,2685644799,BR +2685649920,2685650943,ZA 2685652992,2685656063,CN 2685656064,2685657087,IN 2685657088,2685658111,ID +2685661184,2685665279,BR 2685665280,2685668351,IN 2685668352,2685669375,SG +2685670400,2685671423,BR +2685673472,2685674495,BR 2685675520,2685676543,PH 2685676544,2685677567,JP 2685677568,2685678591,CN 2685678592,2685681663,HK +2685681664,2685683711,BR 2685683712,2685684735,BD +2685685760,2685689855,BR +2685706240,2685707263,BR +2685707264,2685708287,EC +2685708288,2685709311,BR +2685709312,2685710335,CL +2685710336,2685712383,BR +2685713408,2685714431,CL +2685714432,2685718527,BR 2685718528,2685719551,US 2685724672,2685726719,CA 2685730816,2685796351,JP @@ -65135,6 +65902,7 @@ 2689204224,2689269759,JP 2689269760,2689335295,TR 2689335296,2689400831,US +2689400832,2689466367,MA 2689466368,2689531903,IT 2689531904,2689535999,US 2689536000,2689536511,GB @@ -65172,7 +65940,9 @@ 2689835520,2689835775,AU 2689835776,2689925119,US 2689925120,2689990655,CH -2689990656,2690383871,US +2689990656,2690187263,US +2690187264,2690318335,MA +2690318336,2690383871,US 2690383872,2690449407,FR 2690449408,2690646015,US 2690646016,2690711551,SG @@ -65183,17 +65953,24 @@ 2690973696,2691104767,US 2691104768,2691170303,FR 2691170304,2691235839,GB +2691235840,2691301375,MA 2691301376,2691366911,CA 2691366912,2691760127,US 2691825664,2691891199,HU -2691891200,2692153343,ZA +2691891200,2691956735,SA +2691956736,2692153343,ZA +2692169728,2692173823,SC 2692173824,2692175871,ZA +2692177920,2692178943,ZA +2692180992,2692182015,GH 2692182016,2692184063,MZ +2692184064,2692185087,ZA 2692185088,2692186111,NG 2692194304,2692202495,GA 2692205568,2692206591,GH 2692206592,2692207615,SZ 2692209664,2692214783,ZA +2692214784,2692215807,AO 2692215808,2692216319,KE 2692216832,2692218879,ZA 2692218880,2692284415,CI @@ -65275,6 +66052,7 @@ 2699973632,2699974655,HK 2699974656,2699976703,IN 2699977728,2699977983,JP +2699978752,2699980799,BR 2700017664,2700214271,JP 2700214272,2700247039,NA 2700247040,2700263423,UG @@ -65352,7 +66130,11 @@ 2704277504,2704343039,FR 2704343040,2704408575,US 2704408576,2704474111,AU -2704474112,2704478207,US +2704474112,2704476159,US +2704476160,2704476415,GB +2704476416,2704476927,US +2704476928,2704477183,GB +2704477184,2704478207,US 2704478208,2704478463,SG 2704478464,2704485119,US 2704485120,2704485375,AU @@ -65413,17 +66195,120 @@ 2708865024,2708930559,JP 2708930560,2709127167,US 2709127168,2709192703,KR -2709192704,2709225471,ZA +2709192704,2709192959,US +2709192960,2709193983,ZA +2709193984,2709194239,US +2709194240,2709194495,ZA +2709194496,2709195007,US +2709195008,2709195263,ZA +2709195264,2709196031,US +2709196032,2709198335,ZA +2709198336,2709198847,US +2709198848,2709199103,ZA +2709199104,2709199359,US +2709199360,2709200383,ZA +2709200384,2709200639,US +2709200640,2709200895,ZA +2709200896,2709201407,US +2709201408,2709202175,ZA +2709202176,2709202943,US +2709202944,2709203711,ZA +2709203712,2709203967,US +2709203968,2709204991,ZA +2709204992,2709205247,US +2709205248,2709205759,ZA +2709205760,2709206271,US +2709206272,2709207039,ZA +2709207040,2709207295,US +2709207296,2709207551,ZA +2709207552,2709207807,US +2709207808,2709208063,ZA +2709208064,2709208319,US +2709208320,2709208575,ZA +2709208576,2709208831,US +2709208832,2709209343,ZA +2709209344,2709209599,US +2709209600,2709210367,ZA +2709210368,2709211135,US +2709211136,2709211903,ZA +2709211904,2709212159,US +2709212160,2709212415,ZA +2709212416,2709212927,US +2709212928,2709213183,ZA +2709213184,2709213439,US +2709213440,2709213951,ZA +2709213952,2709214719,US +2709214720,2709214975,ZA +2709214976,2709215999,US +2709216000,2709216255,ZA +2709216256,2709216511,US +2709216512,2709216767,ZA +2709216768,2709217023,US +2709217024,2709217791,ZA +2709217792,2709218559,US +2709218560,2709219071,ZA +2709219072,2709219327,US +2709219328,2709219839,ZA +2709219840,2709220095,US +2709220096,2709221119,ZA +2709221120,2709221375,US +2709221376,2709221887,ZA +2709221888,2709222399,US +2709222400,2709222655,ZA +2709222656,2709222911,US +2709222912,2709223423,ZA +2709223424,2709224703,US +2709224704,2709224959,ZA +2709224960,2709225471,US 2709225472,2709225727,ES 2709225728,2709225983,ZA 2709225984,2709226239,ES -2709226240,2709242111,ZA +2709226240,2709226495,ZA +2709226496,2709226511,DE +2709226512,2709227775,ZA +2709227776,2709228031,US +2709228032,2709228287,ZA +2709228288,2709228543,US +2709228544,2709228767,ZA +2709228768,2709228783,DE +2709228784,2709229695,ZA +2709229696,2709229711,DE +2709229712,2709230799,ZA +2709230800,2709230815,DE +2709230816,2709230879,ZA +2709230880,2709230895,DE +2709230896,2709231103,ZA +2709231104,2709231119,DE +2709231120,2709232127,ZA +2709232128,2709232383,DE +2709232384,2709232639,ZA +2709232640,2709232895,DE +2709232896,2709233151,US +2709233152,2709233407,DE +2709233408,2709235199,ZA +2709235200,2709235455,DE +2709235456,2709235711,US +2709235712,2709235967,DE +2709235968,2709236223,US +2709236224,2709236479,DE +2709236480,2709238271,ZA +2709238272,2709238527,DE +2709238528,2709238783,ZA +2709238784,2709239039,DE +2709239040,2709240319,ZA +2709240320,2709240575,DE +2709240576,2709240831,ZA +2709240832,2709241087,DE +2709241088,2709241343,US +2709241344,2709241599,DE +2709241600,2709241855,ZA +2709241856,2709242111,DE 2709242112,2709242367,US 2709242368,2709242623,ZA 2709242624,2709242879,US -2709242880,2709243135,ZA +2709242880,2709243135,DE 2709243136,2709243391,US -2709243392,2709243647,ZA +2709243392,2709243647,DE 2709243648,2709243903,US 2709243904,2709244159,ZA 2709244160,2709244415,US @@ -65431,17 +66316,42 @@ 2709244672,2709244927,US 2709244928,2709245183,ZA 2709245184,2709245439,US -2709245440,2709245695,ZA +2709245440,2709245695,DE 2709245696,2709245951,US 2709245952,2709246207,ZA 2709246208,2709246463,US -2709246464,2709247231,ZA +2709246464,2709246735,ZA +2709246736,2709246751,HK +2709246752,2709246847,ZA +2709246848,2709246863,HK +2709246864,2709246959,ZA +2709246960,2709246975,HK +2709246976,2709247231,ZA 2709247232,2709247487,MY -2709247488,2709247743,ZA +2709247488,2709247743,DE 2709247744,2709247999,US 2709248000,2709248255,ZA 2709248256,2709248511,US -2709248512,2709258239,ZA +2709248512,2709249535,ZA +2709249536,2709249791,DE +2709249792,2709250047,ZA +2709250048,2709250303,DE +2709250304,2709251071,ZA +2709251072,2709251327,DE +2709251328,2709251839,ZA +2709251840,2709252095,GB +2709252096,2709252351,DE +2709252352,2709253375,ZA +2709253376,2709253631,US +2709253632,2709254399,ZA +2709254400,2709254655,US +2709254656,2709255935,ZA +2709255936,2709256191,US +2709256192,2709256703,ZA +2709256704,2709256959,DE +2709256960,2709257471,ZA +2709257472,2709257727,US +2709257728,2709258239,ZA 2709258240,2709389311,US 2709389312,2709454847,SG 2709454848,2709716991,US @@ -65491,7 +66401,9 @@ 2714373280,2714373287,NL 2714373288,2714373743,US 2714373744,2714373759,IN -2714373760,2714376223,US +2714373760,2714375039,US +2714375040,2714375055,ID +2714375056,2714376223,US 2714376224,2714376239,JP 2714376240,2714377103,US 2714377104,2714377119,IN @@ -65563,7 +66475,11 @@ 2714433296,2714433311,JP 2714433312,2714433535,US 2714433536,2714433791,JP -2714433792,2714697727,US +2714433792,2714434911,US +2714434912,2714434927,JP +2714434928,2714435055,US +2714435056,2714435071,JP +2714435072,2714697727,US 2714697728,2714763263,CN 2714763264,2715025407,US 2715025408,2715090943,VE @@ -65581,7 +66497,8 @@ 2716794880,2717253631,US 2717253632,2717319167,TH 2717319168,2717384703,US -2717450240,2717646847,US +2717450240,2717581311,US +2717581312,2717646847,RO 2717646848,2717712383,KW 2717712384,2717843455,US 2717843456,2717908991,VE @@ -65589,14 +66506,14 @@ 2717974528,2718629887,US 2718629888,2718695423,GB 2718695424,2718745599,US +2718745600,2718746623,AR 2718748672,2718749695,PK 2718749696,2718750719,BD 2718750720,2718750975,US 2718750976,2718751231,BL -2718751232,2718751487,US -2718751744,2718752767,US +2718751232,2718752767,US 2718752768,2718754815,PR -2718755840,2718756863,US +2718754816,2718756863,US 2718756864,2718758911,IN 2718758912,2718760959,US 2718760960,2718826495,GB @@ -65764,7 +66681,9 @@ 2731717632,2731718655,CA 2731718656,2731728895,US 2731728896,2731729919,CA -2731729920,2731761663,US +2731729920,2731739647,US +2731739648,2731740159,CA +2731740160,2731761663,US 2731761664,2731763711,CA 2731763712,2731765759,US 2731765760,2731767807,CA @@ -65805,7 +66724,8 @@ 2731843584,2731845631,PR 2731845632,2731853823,US 2731853824,2731855871,CA -2731855872,2731856895,VC +2731855872,2731856383,LC +2731856384,2731856895,VC 2731856896,2731862015,US 2731862016,2731864063,CA 2731864064,2731870207,US @@ -65829,9 +66749,14 @@ 2732107776,2732109823,US 2732110848,2732111871,US 2732111872,2732113919,CA -2732113920,2732131327,US +2732113920,2732126207,US +2732127232,2732128767,US +2732128768,2732129023,NL +2732129024,2732131327,US 2732131328,2732132351,CA -2732132352,2732189695,US +2732132352,2732145151,US +2732145664,2732146687,CA +2732146688,2732189695,US 2732189696,2732192767,CA 2732192768,2732194559,US 2732194816,2732201983,US @@ -65988,8 +66913,7 @@ 2734105600,2734106623,CA 2734106624,2734119935,US 2734119936,2734120959,CA -2734120960,2734123007,VG -2734123008,2734125055,US +2734120960,2734125055,US 2734125056,2734129151,CA 2734129152,2734139391,US 2734139392,2734140415,CA @@ -66078,10 +67002,12 @@ 2734457856,2734458879,CA 2734458880,2734467327,US 2734467328,2734467583,CA -2734467584,2734471167,US +2734467584,2734467839,US +2734467840,2734468095,GB +2734468096,2734471167,US 2734471168,2734472191,CA 2734472192,2734473215,AG -2734473216,2734477311,US +2734473216,2734479359,US 2734479360,2734481407,CA 2734481408,2734485503,US 2734485504,2734486527,CA @@ -66412,7 +67338,9 @@ 2760114816,2760114847,FI 2760114848,2760115327,FR 2760115328,2760115455,GB -2760115456,2760115775,FR +2760115456,2760115711,FR +2760115712,2760115719,IE +2760115720,2760115775,FR 2760115776,2760115839,ES 2760115840,2760116207,FR 2760116208,2760116223,FI @@ -66482,9 +67410,7 @@ 2760137216,2760137471,GB 2760137472,2760137535,FR 2760137536,2760137599,ES -2760137600,2760138335,FR -2760138336,2760138367,FI -2760138368,2760143039,FR +2760137600,2760143039,FR 2760143040,2760143103,ES 2760143104,2760143615,FR 2760143616,2760143871,GB @@ -66561,7 +67487,8 @@ 2760169472,2760169503,FI 2760169504,2760169679,FR 2760169680,2760169695,ES -2760169696,2760170047,FR +2760169696,2760169983,FR +2760169984,2760170047,ES 2760170048,2760170111,FI 2760170112,2760170815,FR 2760170816,2760170847,PT @@ -66713,6 +67640,8 @@ 2772828160,2772959231,US 2772959232,2773010431,CZ 2773010688,2773024767,CZ +2773085184,2773086207,SL +2773086208,2773090303,ZA 2773090304,2773221375,US 2773221376,2773286911,JP 2773286912,2773745663,US @@ -66777,7 +67706,9 @@ 2779971584,2780037119,US 2780037120,2780039167,ZA 2780039168,2780043263,US -2780043264,2780075007,ZA +2780043264,2780073471,ZA +2780073472,2780073727,AU +2780073728,2780075007,ZA 2780075008,2780075519,US 2780075520,2780102655,ZA 2780102656,2780168191,US @@ -66875,7 +67806,9 @@ 2783012352,2783012607,TW 2783012608,2783012863,US 2783012864,2783013887,IN -2783013888,2783182847,US +2783013888,2783150079,US +2783150080,2783154175,DE +2783154176,2783182847,US 2783182848,2783248383,AU 2783248384,2783313919,KR 2783313920,2783379455,US @@ -67599,7 +68532,9 @@ 2832010240,2832023551,BR 2832023552,2832024575,CR 2832024576,2832025599,BR -2832025600,2832026623,HN +2832025600,2832026015,HN +2832026016,2832026031,DE +2832026032,2832026623,HN 2832026624,2832030719,BR 2832030720,2832031743,AR 2832031744,2832032767,BO @@ -67640,7 +68575,10 @@ 2833476608,2833481727,BR 2833481728,2833482751,HN 2833482752,2833484799,BR -2833484800,2833485823,HN +2833484800,2833485311,HN +2833485312,2833485519,US +2833485520,2833485527,BE +2833485528,2833485823,US 2833485824,2833486847,AR 2833486848,2833501183,BR 2833501184,2833502207,AR @@ -67649,7 +68587,9 @@ 2833512448,2833513471,BR 2833513472,2833514495,AR 2833514496,2833525759,BR -2833525760,2833526783,HN +2833525760,2833526639,HN +2833526640,2833526655,FR +2833526656,2833526783,HN 2833526784,2833527807,CR 2833527808,2833528831,MX 2833528832,2833529855,AR @@ -67768,21 +68708,23 @@ 2838301192,2838301199,US 2838301200,2838301695,NL 2838301696,2838301951,US -2838301952,2838304127,NL +2838301952,2838302111,NL +2838302112,2838302127,US +2838302128,2838304127,NL 2838304128,2838304159,US -2838304160,2838304223,NL -2838304224,2838304255,US -2838304256,2838304319,NL +2838304160,2838304319,NL 2838304320,2838304383,US 2838304384,2838304447,NL 2838304448,2838304511,US 2838304512,2838304703,NL 2838304704,2838304767,US 2838304768,2838305119,NL -2838305120,2838305159,US -2838305160,2838305247,NL +2838305120,2838305151,US +2838305152,2838305247,NL 2838305248,2838305279,US -2838305280,2838307055,NL +2838305280,2838305663,NL +2838305664,2838305727,US +2838305728,2838307055,NL 2838307056,2838307063,US 2838307064,2838307135,NL 2838307136,2838307183,US @@ -67798,7 +68740,9 @@ 2838308192,2838308223,US 2838308224,2838315023,NL 2838315024,2838315039,US -2838315040,2838315279,NL +2838315040,2838315151,NL +2838315152,2838315167,US +2838315168,2838315279,NL 2838315280,2838315295,US 2838315296,2838315391,NL 2838315392,2838315407,US @@ -67824,7 +68768,9 @@ 2838318512,2838318527,US 2838318528,2838318655,NL 2838318656,2838318687,US -2838318688,2838320191,NL +2838318688,2838318867,NL +2838318868,2838318871,US +2838318872,2838320191,NL 2838320192,2838320192,US 2838320193,2838320543,NL 2838320544,2838320551,US @@ -67852,7 +68798,9 @@ 2838325440,2838325471,JP 2838325472,2838325983,NL 2838325984,2838326015,US -2838326016,2838327623,NL +2838326016,2838326591,NL +2838326592,2838326623,US +2838326624,2838327623,NL 2838327624,2838327631,US 2838327632,2838328079,NL 2838328080,2838328111,US @@ -68044,9 +68992,13 @@ 2838406088,2838406095,US 2838406096,2838406271,NL 2838406272,2838406279,US -2838406280,2838406959,NL +2838406280,2838406687,NL +2838406688,2838406719,US +2838406720,2838406959,NL 2838406960,2838406967,US -2838406968,2838408591,NL +2838406968,2838407103,NL +2838407104,2838407119,US +2838407120,2838408591,NL 2838408592,2838408599,US 2838408600,2838408735,NL 2838408736,2838408767,US @@ -68056,7 +69008,9 @@ 2838409440,2838409471,US 2838409472,2838409479,NL 2838409480,2838409503,US -2838409504,2838410191,NL +2838409504,2838409599,NL +2838409600,2838409615,US +2838409616,2838410191,NL 2838410192,2838410199,US 2838410200,2838410367,NL 2838410368,2838410399,US @@ -68066,8 +69020,8 @@ 2838411328,2838411359,US 2838411360,2838414207,NL 2838414208,2838414271,US -2838414272,2838414783,NL -2838414784,2838414879,US +2838414272,2838414815,NL +2838414816,2838414879,US 2838414880,2838414911,JP 2838414912,2838415167,NL 2838415168,2838415183,US @@ -68085,7 +69039,9 @@ 2838416624,2838416639,AF 2838416640,2838418143,NL 2838418144,2838418175,US -2838418176,2838419455,NL +2838418176,2838418687,NL +2838418688,2838418751,US +2838418752,2838419455,NL 2838419456,2838421503,US 2838421504,2838429983,NL 2838429984,2838430015,US @@ -68111,13 +69067,15 @@ 2838436816,2838436831,US 2838436832,2838437359,NL 2838437360,2838437361,US -2838437362,2838437471,NL -2838437472,2838437503,US -2838437504,2838438127,NL +2838437362,2838438127,NL 2838438128,2838438135,US -2838438136,2838439935,NL +2838438136,2838438463,NL +2838438464,2838438495,US +2838438496,2838439935,NL 2838439936,2838439943,US -2838439944,2838441215,NL +2838439944,2838440111,NL +2838440112,2838440127,US +2838440128,2838441215,NL 2838441216,2838441247,US 2838441248,2838441375,NL 2838441376,2838441407,US @@ -68161,19 +69119,25 @@ 2838447336,2838447343,US 2838447344,2838447471,NL 2838447472,2838447487,US -2838447488,2838447647,NL -2838447648,2838447663,US -2838447664,2838447759,NL +2838447488,2838447759,NL 2838447760,2838447775,US -2838447776,2838447887,NL -2838447888,2838447903,US -2838447904,2838448223,NL +2838447776,2838448223,NL 2838448224,2838448239,US -2838448240,2838461535,NL +2838448240,2838448255,NL +2838448256,2838448271,US +2838448272,2838448591,NL +2838448592,2838448607,US +2838448608,2838448799,NL +2838448800,2838448815,US +2838448816,2838448895,NL +2838448896,2838448959,US +2838448960,2838449375,NL +2838449376,2838449391,US +2838449392,2838449535,NL +2838449536,2838449663,US +2838449664,2838461535,NL 2838461536,2838461567,US -2838461568,2838461727,NL -2838461728,2838461759,US -2838461760,2838461823,NL +2838461568,2838461823,NL 2838461824,2838461855,US 2838461856,2838461951,NL 2838461952,2838461983,US @@ -68181,11 +69145,27 @@ 2838462112,2838462119,US 2838462120,2838463583,NL 2838463584,2838463615,US -2838463616,2838466063,NL +2838463616,2838465599,NL +2838465600,2838465615,US +2838465616,2838465663,NL +2838465664,2838465671,US +2838465672,2838465711,NL +2838465712,2838465727,US +2838465728,2838466063,NL 2838466064,2838466079,US -2838466080,2838478975,NL +2838466080,2838466607,NL +2838466608,2838466623,US +2838466624,2838466687,NL +2838466688,2838466719,US +2838466720,2838466959,NL +2838466960,2838466975,US +2838466976,2838478975,NL 2838478976,2838479007,US -2838479008,2838479455,NL +2838479008,2838479207,NL +2838479208,2838479215,US +2838479216,2838479431,NL +2838479432,2838479439,US +2838479440,2838479455,NL 2838479456,2838479487,US 2838479488,2838480127,NL 2838480128,2838480159,US @@ -68222,35 +69202,69 @@ 2838485696,2838485727,US 2838485728,2838486463,NL 2838486464,2838486495,US -2838486496,2838487263,NL -2838487264,2838487295,US -2838487296,2838487647,NL +2838486496,2838487647,NL 2838487648,2838487679,US 2838487680,2838487743,NL 2838487744,2838487807,US -2838487808,2838489647,NL -2838489648,2838489663,US -2838489664,2838491943,NL +2838487808,2838488663,NL +2838488664,2838488671,US +2838488672,2838491943,NL 2838491944,2838491951,US -2838491952,2838493711,NL +2838491952,2838492479,NL +2838492480,2838492511,US +2838492512,2838492679,NL +2838492680,2838492687,US +2838492688,2838492959,NL +2838492960,2838492967,US +2838492968,2838493711,NL 2838493712,2838493727,US -2838493728,2838495359,NL -2838495360,2838495375,US -2838495376,2838526977,NL -2838526978,2838526979,US -2838526980,2838526983,NL +2838493728,2838494655,NL +2838494656,2838494671,US +2838494672,2838496127,NL +2838496128,2838496159,US +2838496160,2838511887,NL +2838511888,2838511903,BR +2838511904,2838511935,NL +2838511936,2838511951,JP +2838511952,2838511983,NL +2838511984,2838511999,JP +2838512000,2838512047,NL +2838512048,2838512079,US +2838512080,2838512255,NL +2838512256,2838512271,US +2838512272,2838512303,NL +2838512304,2838512319,US +2838512320,2838512351,NL +2838512352,2838512367,AF +2838512368,2838512519,NL +2838512520,2838512543,US +2838512544,2838512655,NL +2838512656,2838512671,US +2838512672,2838512879,NL +2838512880,2838512895,US +2838512896,2838526983,NL 2838526984,2838527039,US 2838527040,2838527055,NL 2838527056,2838527071,US 2838527072,2838527223,NL -2838527224,2838527247,US -2838527248,2838527279,NL +2838527224,2838527231,US +2838527232,2838527279,NL 2838527280,2838527295,US 2838527296,2838527439,NL 2838527440,2838527455,US 2838527456,2838527535,NL -2838527536,2838527551,US -2838527552,2838560767,NL +2838527536,2838527567,US +2838527568,2838527695,NL +2838527696,2838527711,US +2838527712,2838528255,NL +2838528256,2838528271,US +2838528272,2838528431,NL +2838528432,2838528447,US +2838528448,2838529167,NL +2838529168,2838529183,US +2838529184,2838530095,NL +2838530096,2838530111,US +2838530112,2838560767,NL 2838560768,2838626303,CH 2838626304,2838626399,US 2838626400,2838626431,SA @@ -68269,7 +69283,9 @@ 2838632096,2838632127,DE 2838632128,2838633295,US 2838633296,2838633311,SA -2838633312,2838642719,US +2838633312,2838641263,US +2838641264,2838641279,NL +2838641280,2838642719,US 2838642720,2838642723,AE 2838642724,2838643407,US 2838643408,2838643408,GB @@ -68293,7 +69309,9 @@ 2838650528,2838650559,GB 2838650560,2838653631,US 2838653632,2838653639,GB -2838653640,2838657295,US +2838653640,2838653646,US +2838653647,2838653647,GB +2838653648,2838657295,US 2838657296,2838657299,AE 2838657300,2838658607,US 2838658608,2838658623,NL @@ -68309,17 +69327,13 @@ 2838664080,2838664095,BO 2838664096,2838664167,US 2838664168,2838664175,VN -2838664176,2838664727,US -2838664728,2838664735,ZA -2838664736,2838665759,US +2838664176,2838665759,US 2838665760,2838665791,JP 2838665792,2838669519,US 2838669520,2838669535,NL 2838669536,2838670623,US 2838670624,2838670655,NL -2838670656,2838676703,US -2838676704,2838676719,GB -2838676720,2838678319,US +2838670656,2838678319,US 2838678320,2838678327,GB 2838678328,2838680639,US 2838680640,2838680655,GB @@ -68369,13 +69383,17 @@ 2838931014,2838931015,CZ 2838931016,2838931016,US 2838931017,2838931023,CZ -2838931024,2838933919,US +2838931024,2838931647,US +2838931648,2838931663,NO +2838931664,2838933919,US 2838933920,2838933951,NL 2838933952,2838938991,US 2838938992,2838939007,AU 2838939008,2838946735,US 2838946736,2838946751,CA -2838946752,2838957535,US +2838946752,2838950703,US +2838950704,2838950719,NL +2838950720,2838957535,US 2838957536,2838957551,HK 2838957552,2838960815,US 2838960816,2838960819,CZ @@ -68409,7 +69427,9 @@ 2838989672,2838989679,CA 2838989680,2838990719,US 2838990720,2838990751,CA -2838990752,2838995823,US +2838990752,2838994239,US +2838994240,2838994255,NO +2838994256,2838995823,US 2838995824,2838995839,NL 2838995840,2838996063,US 2838996064,2838996095,HK @@ -68419,29 +69439,28 @@ 2838999408,2838999423,AF 2838999424,2839001263,US 2839001264,2839001279,CA -2839001280,2839019519,US -2839019520,2839019535,CN -2839019536,2839019551,US -2839019552,2839019567,JP -2839019568,2839019583,CN -2839019584,2839019599,KR -2839019600,2839019615,JP -2839019616,2839019647,CA -2839019648,2839019663,CN -2839019664,2839019679,US -2839019680,2839019687,HK -2839019688,2839019711,JP -2839019712,2839019775,CA -2839019776,2839019791,JP -2839019792,2839019807,US -2839019808,2839019839,HK -2839019840,2839019903,CN -2839019904,2839035903,US +2839001280,2839019687,US +2839019688,2839019695,JP +2839019696,2839035903,US 2839035904,2839052287,KR -2839052288,2839085055,US +2839052288,2839055039,US +2839055040,2839055041,NL +2839055042,2839055727,US +2839055728,2839055743,NL +2839055744,2839085055,US 2839085056,2839117823,MX 2839117824,2839150591,BR -2839150592,2840015359,US +2839150592,2839313471,US +2839313472,2839313475,NL +2839313476,2839313759,US +2839313760,2839313775,NL +2839313776,2839363679,US +2839363680,2839363683,NL +2839363684,2839363685,US +2839363686,2839363687,NL +2839363688,2839379615,US +2839379616,2839379631,NL +2839379632,2840015359,US 2840015360,2840015615,GB 2840015616,2843803647,US 2843803648,2843869183,ZA @@ -68485,7 +69504,7 @@ 2851023872,2851024895,ZA 2851024896,2851025919,NG 2851025920,2851026943,GH -2851026944,2851027967,DZ +2851026944,2851027967,NG 2851027968,2851028991,ZA 2851028992,2851030015,CI 2851030016,2851031039,ZA @@ -68514,8 +69533,10 @@ 2851055616,2851057663,KE 2851057664,2851060735,ZA 2851060736,2851062783,NG -2851062784,2851063807,ZA -2851063808,2851065855,SC +2851062784,2851063807,SL +2851063808,2851064319,SC +2851064320,2851064831,NA +2851064832,2851065855,SC 2851065856,2851066879,ZA 2851066880,2851067903,CD 2851067904,2851071999,ZA @@ -68542,7 +69563,7 @@ 2852076032,2852077567,ZA 2852077568,2852078591,CD 2852078592,2852079615,TN -2852079616,2852080639,GB +2852079616,2852080639,CG 2852080640,2852081663,ZA 2852081664,2852082687,BW 2852082688,2852083711,EG @@ -68558,7 +69579,7 @@ 2852092928,2852093951,NG 2852093952,2852094975,ZA 2852094976,2852095999,MZ -2852096000,2852097023,SD +2852096000,2852097023,SS 2852097024,2852098047,NG 2852098048,2852099071,ZA 2852099072,2852100095,GA @@ -68615,10 +69636,10 @@ 2855288832,2855305215,GB 2855305216,2855309311,HK 2855309312,2855469055,US -2855469056,2855481343,PY -2855481344,2855483391,AR -2855483392,2855484415,PY -2855484416,2855485183,AR +2855469056,2855484415,PY +2855484416,2855484671,AR +2855484672,2855484927,PY +2855484928,2855485183,AR 2855485184,2855501823,UY 2855501824,2855534591,AR 2855534592,2855706623,US @@ -69205,7 +70226,9 @@ 2868599808,2868604415,US 2868604416,2868604927,IN 2868604928,2868628639,US -2868628672,2868658175,US +2868628672,2868632575,US +2868632576,2868633087,BR +2868633088,2868658175,US 2868658176,2868659199,GB 2868659200,2868660223,US 2868660480,2868662271,US @@ -69243,7 +70266,9 @@ 2868814848,2868815871,AR 2868815872,2868816895,BR 2868816896,2868817919,VE -2868817920,2868818943,HN +2868817920,2868818887,HN +2868818888,2868818895,IT +2868818896,2868818943,HN 2868818944,2868825087,BR 2868825088,2868826111,AR 2868826112,2868828159,BR @@ -69383,9 +70408,12 @@ 2890184704,2890185727,ZA 2890185728,2890187775,US 2890187776,2890188799,IT -2890188800,2890191871,US +2890188800,2890189823,LK +2890189824,2890191871,US 2890191872,2890192895,CZ -2890192896,2890956799,US +2890192896,2890194943,US +2890194944,2890195967,HU +2890195968,2890956799,US 2890956800,2890989567,AE 2890989568,2891017215,US 2891017216,2891017471,JP @@ -69412,8 +70440,8 @@ 2891380736,2891403263,US 2891403264,2891407359,CA 2891407360,2891780095,US -2891780096,2891784191,CA -2891784192,2891790335,US +2891780096,2891786239,CA +2891786240,2891790335,US 2891790336,2891791359,CA 2891791360,2891796479,US 2891796480,2891800575,CA @@ -69445,7 +70473,8 @@ 2891851264,2891851519,AM 2891851520,2891853567,US 2891853568,2891853823,SG -2891853824,2891854335,US +2891853824,2891854079,US +2891854080,2891854335,IN 2891854336,2891855615,NL 2891855616,2891856127,SE 2891856128,2891856383,LU @@ -69559,7 +70588,11 @@ 2892401920,2892402047,MF 2892402048,2892402175,US 2892402176,2892402303,MP -2892402304,2892420607,US +2892402304,2892414975,US +2892414976,2892415231,GB +2892415232,2892417791,US +2892417792,2892418047,GB +2892418048,2892420607,US 2892420608,2892420863,CA 2892420864,2892421631,US 2892421632,2892421887,CA @@ -69727,7 +70760,15 @@ 2899574784,2899902463,GB 2899902464,2899967999,US 2899968000,2900099071,CA -2900099072,2901740455,US +2900099072,2901475327,US +2901475328,2901477375,NL +2901477376,2901485567,US +2901485568,2901489663,NL +2901489664,2901491711,US +2901491712,2901493759,NL +2901493760,2901496831,US +2901496832,2901497855,NL +2901497856,2901740455,US 2901740456,2901740463,CA 2901740464,2901751295,US 2901751296,2901751551,GB @@ -69744,7 +70785,17 @@ 2902405936,2902405951,US 2902405952,2902408191,CA 2902408192,2902409215,GB -2902409216,2902476543,US +2902409216,2902417407,US +2902417408,2902421503,NL +2902421504,2902427647,US +2902427648,2902429695,NL +2902429696,2902441983,US +2902441984,2902446079,NL +2902446080,2902450175,US +2902450176,2902454271,NL +2902454272,2902456319,US +2902456320,2902458367,NL +2902458368,2902476543,US 2902476544,2902476799,CW 2902476800,2902487551,US 2902487552,2902488063,CA @@ -69818,8 +70869,8 @@ 2915520512,2915520642,AU 2915520643,2915520643,US 2915520644,2915520671,AU -2915520672,2915520735,US -2915520736,2915521023,AU +2915520672,2915520767,US +2915520768,2915521023,AU 2915521024,2915521279,JP 2915521280,2915521535,PL 2915521536,2915526911,US @@ -69864,7 +70915,8 @@ 2916296704,2916302847,US 2916302848,2916303359,CA 2916303360,2916303871,DE -2916303872,2916304895,US +2916303872,2916304383,CA +2916304384,2916304895,US 2916304896,2916305919,GB 2916305920,2916319231,US 2916319232,2916335615,PR @@ -69992,7 +71044,9 @@ 2918154240,2918170623,CA 2918170624,2918174463,US 2918174464,2918174719,MX -2918174720,2918187007,US +2918174720,2918180351,US +2918180352,2918180863,CA +2918180864,2918187007,US 2918187008,2918187263,CA 2918187264,2918187775,US 2918187776,2918188031,CA @@ -70021,7 +71075,9 @@ 2918407424,2918408191,PR 2918408192,2918432767,US 2918432768,2918436863,CA -2918436864,2918463231,US +2918436864,2918459391,US +2918459392,2918459647,CA +2918459648,2918463231,US 2918463232,2918463487,CA 2918463488,2918469631,US 2918469632,2918472703,CA @@ -70176,7 +71232,9 @@ 2928261712,2928261887,CA 2928261888,2928263167,US 2928263168,2928279551,CA -2928279552,2928304127,US +2928279552,2928283647,US +2928283648,2928287743,SG +2928287744,2928304127,US 2928304128,2928305151,NL 2928305152,2928312319,US 2928312320,2928316415,CA @@ -70345,7 +71403,6 @@ 2947593216,2947594239,HK 2947594240,2947595263,IN 2947595264,2947596287,CN -2947596288,2947597311,IN 2947597312,2947598335,JP 2947598336,2947602431,AU 2947602432,2947603455,NZ @@ -70629,9 +71686,7 @@ 2954840612,2954840615,GB 2954840616,2954840767,FR 2954840768,2954840775,GB -2954840776,2954840783,FR -2954840784,2954840799,ES -2954840800,2954840927,FR +2954840776,2954840927,FR 2954840928,2954840931,DE 2954840932,2954841023,FR 2954841024,2954841087,ES @@ -70648,7 +71703,9 @@ 2954841852,2954841855,ES 2954841856,2954842075,FR 2954842076,2954842079,GB -2954842080,2954842239,FR +2954842080,2954842111,FR +2954842112,2954842143,FI +2954842144,2954842239,FR 2954842240,2954842243,ES 2954842244,2954842247,FR 2954842248,2954842251,ES @@ -70662,9 +71719,7 @@ 2954843044,2954843047,GB 2954843048,2954843187,FR 2954843188,2954843191,GB -2954843192,2954843479,FR -2954843480,2954843487,GB -2954843488,2954843503,FR +2954843192,2954843503,FR 2954843504,2954843507,ES 2954843508,2954843759,FR 2954843760,2954843771,ES @@ -70814,7 +71869,9 @@ 2954873696,2954873727,FI 2954873728,2954873839,FR 2954873840,2954873847,ES -2954873848,2954873919,FR +2954873848,2954873879,FR +2954873880,2954873887,PT +2954873888,2954873919,FR 2954873920,2954873983,IE 2954873984,2954874111,GB 2954874112,2954874127,FR @@ -70984,9 +72041,7 @@ 2956602368,2956602623,NL 2956602624,2956602879,SE 2956602880,2956603135,GB -2956603136,2956604671,RU -2956604672,2956604927,NL -2956604928,2956605439,RU +2956603136,2956605439,RU 2956605440,2956605695,DE 2956605696,2956607487,RU 2956607488,2956611583,PS @@ -71408,8 +72463,8 @@ 2960752640,2960769023,RU 2960769024,2960773119,UA 2960773120,2960777215,RU -2960777216,2960785407,UA -2960785408,2960793599,RU +2960777216,2960789503,UA +2960789504,2960793599,RU 2960793600,2960797695,CZ 2960797696,2960805887,RU 2960805888,2960807935,KZ @@ -71499,8 +72554,7 @@ 2961065216,2961065471,AU 2961065472,2961065727,SE 2961065728,2961066239,HK -2961066240,2961067263,DE -2961067264,2961067519,US +2961066240,2961067519,DE 2961067520,2961067775,GB 2961067776,2961068543,DE 2961068544,2961068799,NL @@ -71524,7 +72578,8 @@ 2961102848,2961103871,DE 2961103872,2961104895,RO 2961104896,2961106943,GB -2961106944,2961108991,RO +2961106944,2961107967,NL +2961107968,2961108991,RO 2961108992,2961111039,GB 2961111040,2961112063,PL 2961112064,2961113087,RO @@ -72340,9 +73395,7 @@ 2988508608,2988508639,ES 2988508640,2988508847,FR 2988508848,2988508855,GB -2988508856,2988508959,FR -2988508960,2988508975,ES -2988508976,2988509491,FR +2988508856,2988509491,FR 2988509492,2988509495,IE 2988509496,2988509511,FR 2988509512,2988509515,PL @@ -73321,66 +74374,10 @@ 3001862144,3001863167,EE 3001863168,3001864191,LT 3001864192,3001868287,RU -3001868288,3001868847,FR -3001868848,3001868851,AU -3001868852,3001868855,MX -3001868856,3001868859,KR -3001868860,3001868863,FR -3001868864,3001868867,TR -3001868868,3001868871,ID -3001868872,3001868875,CH -3001868876,3001868879,PL -3001868880,3001868883,BE -3001868884,3001868887,SE -3001868888,3001868891,SA -3001868892,3001868895,TW -3001868896,3001868899,SJ -3001868900,3001868903,AT -3001868904,3001868907,AR -3001868908,3001868911,ZA -3001868912,3001868915,IR -3001868916,3001868919,TH -3001868920,3001868923,DK -3001868924,3001868927,GR -3001868928,3001868931,AE -3001868932,3001868935,VE -3001868936,3001868939,CD -3001868940,3001868943,FI -3001868944,3001868947,MY -3001868948,3001868951,PT -3001868952,3001868955,HK -3001868956,3001868959,SG -3001868960,3001868963,EG -3001868964,3001868967,NG -3001868968,3001868971,IL -3001868972,3001868975,IE -3001868976,3001868979,CL -3001868980,3001868983,CZ -3001868984,3001868987,PH -3001868988,3001868991,PK -3001868992,3001868995,RO -3001868996,3001868999,DZ -3001869000,3001869003,PE -3001869004,3001869007,NZ -3001869008,3001869011,KZ -3001869012,3001869015,UA -3001869016,3001869019,KW -3001869020,3001869023,QA -3001869024,3001869027,HU -3001869028,3001869031,BD -3001869032,3001869035,VN -3001869036,3001869039,MA -3001869040,3001869043,SK -3001869044,3001869047,AO -3001869048,3001869051,IQ -3001869052,3001869055,LY -3001869056,3001869311,RU +3001868288,3001869311,US 3001869312,3001870335,FR 3001870336,3001871359,HK -3001871360,3001871615,GR -3001871616,3001871871,PL -3001871872,3001872127,PT -3001872128,3001872383,RO +3001871360,3001872383,US 3001872384,3001876479,RU 3001876480,3001880575,IT 3001880576,3001884671,RU @@ -73624,13 +74621,16 @@ 3003129600,3003129855,HN 3003129856,3003138047,MX 3003138048,3003146239,HN -3003146240,3003150335,CR +3003146240,3003148287,GT +3003148288,3003150335,CR 3003150336,3003154431,SV 3003154432,3003154687,CL 3003154688,3003154943,EC 3003154944,3003159039,AR 3003159040,3003159295,CO -3003159296,3003160575,AR +3003159296,3003159807,AR +3003159808,3003160063,BR +3003160064,3003160575,AR 3003160576,3003160831,CL 3003160832,3003161087,PE 3003161088,3003161599,CL @@ -73662,11 +74662,13 @@ 3005218816,3005349887,CO 3005349888,3005480959,BR 3005480960,3005874175,AR -3005874176,3005898495,PA +3005874176,3005897983,PA +3005897984,3005898239,CO +3005898240,3005898495,PA 3005898496,3005898751,CO 3005898752,3005901823,PA -3005901824,3005902335,CO -3005902336,3005902591,PA +3005901824,3005902079,CO +3005902080,3005902591,PA 3005902592,3005902847,CO 3005902848,3005903615,PA 3005903616,3005903871,CO @@ -73674,8 +74676,8 @@ 3005905664,3005905919,CO 3005905920,3005906431,PA 3005906432,3005906687,CO -3005906688,3005914879,PA -3005914880,3005915135,CO +3005906688,3005914623,PA +3005914624,3005915135,CO 3005915136,3005918207,AR 3005918208,3005919231,CO 3005919232,3005923327,AR @@ -73688,23 +74690,33 @@ 3005972480,3005988863,CH 3005988864,3006005247,DO 3006005248,3006267391,VE -3006267392,3006286335,PA +3006267392,3006283775,PA +3006283776,3006284031,CR +3006284032,3006284543,PA +3006284544,3006284799,CR +3006284800,3006286335,PA 3006286336,3006286591,CR -3006286592,3006288895,PA -3006288896,3006289151,CR -3006289152,3006291455,PA -3006291456,3006291711,CR -3006291712,3006308351,PA +3006286592,3006288127,PA +3006288128,3006288383,CR +3006288384,3006308351,PA 3006308352,3006308607,CR -3006308608,3006314239,PA +3006308608,3006309887,PA +3006309888,3006310143,CR +3006310144,3006313727,PA +3006313728,3006313983,CR +3006313984,3006314239,PA 3006314240,3006314751,CR 3006314752,3006320639,PA 3006320640,3006320895,CR 3006320896,3006323967,PA 3006323968,3006324223,CR -3006324224,3006328831,PA -3006328832,3006329343,NI -3006329344,3006330623,PA +3006324224,3006324479,PA +3006324480,3006324735,CR +3006324736,3006328831,PA +3006328832,3006329087,NI +3006329088,3006329343,PA +3006329344,3006329599,NI +3006329600,3006330623,PA 3006330624,3006330879,NI 3006330880,3006331903,CR 3006331904,3006332927,AR @@ -73723,6 +74735,7 @@ 3006488576,3006496767,CO 3006496768,3006521343,CR 3006521344,3006527487,AR +3006527488,3006528511,BR 3006528512,3006529535,BZ 3006529536,3006660607,DO 3006660608,3006791679,BR @@ -73776,10 +74789,12 @@ 3007154704,3007154719,DE 3007154720,3007154943,CL 3007154944,3007155199,US -3007155200,3007155327,DE +3007155200,3007155215,CL +3007155216,3007155231,DE +3007155232,3007155327,CL 3007155328,3007155711,US 3007155712,3007155967,DE -3007155968,3007156223,US +3007155968,3007156223,AT 3007156224,3007156351,DE 3007156352,3007156479,US 3007156480,3007156495,ES @@ -73938,7 +74953,9 @@ 3007176384,3007176447,CL 3007176448,3007176703,US 3007176704,3007177727,IN -3007177728,3007181055,US +3007177728,3007179007,US +3007179008,3007179263,KR +3007179264,3007181055,US 3007181056,3007181183,BR 3007181184,3007181215,IT 3007181216,3007181247,IS @@ -73968,7 +74985,9 @@ 3007184896,3007250431,AR 3007250432,3007284735,CR 3007284736,3007284991,PA -3007284992,3007286783,CR +3007284992,3007286015,CR +3007286016,3007286271,PA +3007286272,3007286783,CR 3007286784,3007287039,PA 3007287040,3007299583,CR 3007299584,3007301631,PA @@ -74027,8 +75046,8 @@ 3025612832,3025612895,IN 3025612896,3025613087,SG 3025613088,3025613119,IN -3025613120,3025613311,SG -3025613312,3025616895,IN +3025613120,3025613327,SG +3025613328,3025616895,IN 3025616896,3025617439,SG 3025617440,3025617447,IN 3025617448,3025617455,SG @@ -74054,7 +75073,9 @@ 3025622016,3025622275,SG 3025622276,3025622279,IN 3025622280,3025622399,SG -3025622400,3025623055,IN +3025622400,3025622527,IN +3025622528,3025622783,ID +3025622784,3025623055,IN 3025623056,3025623103,SG 3025623104,3025623247,IN 3025623248,3025623251,HK @@ -74214,7 +75235,9 @@ 3026087936,3026089983,AU 3026089984,3026092031,CN 3026092032,3026108415,MO -3026108416,3026116607,JP +3026108416,3026114559,JP +3026114560,3026115583,SG +3026115584,3026116607,AU 3026116608,3026118655,HK 3026118656,3026120703,AU 3026120704,3026124799,JP @@ -74264,8 +75287,8 @@ 3029715456,3029716991,JP 3029716992,3029721087,PK 3029721088,3029722111,IN -3029722112,3029722367,AU -3029722368,3029723135,IN +3029722112,3029722623,AU +3029722624,3029723135,IN 3029723136,3029724159,BD 3029724160,3029725183,CN 3029725184,3029727231,IN @@ -74458,15 +75481,18 @@ 3039415296,3039415551,US 3039415552,3039415807,BR 3039415808,3039416575,US -3039416576,3039416591,BR +3039416576,3039416591,CL 3039416592,3039416607,SG -3039416608,3039416713,BR +3039416608,3039416639,CL +3039416640,3039416703,BR +3039416704,3039416713,CL 3039416714,3039416715,US 3039416716,3039416719,SG -3039416720,3039416735,BR +3039416720,3039416735,CL 3039416736,3039416739,US 3039416740,3039416741,SG -3039416742,3039417087,BR +3039416742,3039416831,CL +3039416832,3039417087,BR 3039417088,3039417343,DE 3039417344,3039417599,BR 3039417600,3039417855,US @@ -74528,26 +75554,28 @@ 3048144896,3048210431,EC 3048210432,3048275967,PE 3048275968,3048292351,AR -3048292352,3048293271,BZ +3048292352,3048293271,CA 3048293272,3048293279,ES -3048293280,3048294627,BZ +3048293280,3048294399,CA +3048294400,3048294627,BZ 3048294628,3048294631,BR -3048294632,3048296351,BZ +3048294632,3048294759,BZ +3048294760,3048294767,BR +3048294768,3048296351,BZ 3048296352,3048296383,CA 3048296384,3048296751,BZ 3048296752,3048296759,CA 3048296760,3048299599,BZ 3048299600,3048299607,BR -3048299608,3048300863,BZ +3048299608,3048299655,BZ +3048299656,3048299663,BR +3048299664,3048300543,BZ +3048300544,3048300863,US 3048300864,3048300895,CA -3048300896,3048301311,BZ +3048300896,3048301311,US 3048301312,3048301343,CA -3048301344,3048301471,BZ -3048301472,3048301503,CA -3048301504,3048307743,BZ -3048307744,3048307751,CA -3048307752,3048308727,BZ -3048308728,3048308735,CR +3048301344,3048304639,US +3048304640,3048308735,BZ 3048308736,3048325119,BO 3048325120,3048331263,AR 3048331264,3048332287,GY @@ -74672,7 +75700,9 @@ 3050714368,3050714623,GB 3050714624,3050714879,BR 3050714880,3050715135,ES -3050715136,3050748159,US +3050715136,3050724351,US +3050724352,3050724607,BG +3050724608,3050748159,US 3050748160,3050748415,GB 3050748416,3050753023,US 3050753024,3050753279,BR @@ -74747,7 +75777,7 @@ 3050776832,3050777087,US 3050777088,3050777103,AU 3050777104,3050777343,BR -3050777344,3050777599,US +3050777344,3050777599,RO 3050777600,3050777615,HK 3050777616,3050777855,BR 3050777856,3050778111,US @@ -74761,11 +75791,15 @@ 3050789504,3050789631,US 3050789632,3050789759,BR 3050789760,3050789887,US -3050789888,3050790015,BR +3050789888,3050789967,BR +3050789968,3050789968,US +3050789969,3050790015,BR 3050790016,3050790143,US 3050790144,3050790271,BR 3050790272,3050790399,US -3050790400,3050790527,BR +3050790400,3050790463,BR +3050790464,3050790464,US +3050790465,3050790527,BR 3050790528,3050790655,US 3050790656,3050790783,BR 3050790784,3050800383,US @@ -74861,7 +75895,9 @@ 3050805312,3050805375,FI 3050805376,3050805759,US 3050805760,3050805791,DK -3050805792,3050816255,US +3050805792,3050811391,US +3050811392,3050811647,HK +3050811648,3050816255,US 3050816256,3050816511,NL 3050816512,3050827263,US 3050827264,3050827519,BR @@ -74869,17 +75905,15 @@ 3050829568,3050829823,UA 3050829824,3050831871,US 3050831872,3051356159,BR -3051356160,3051372799,CR -3051372800,3051373055,PA -3051373056,3051380735,CR +3051356160,3051374335,CR +3051374336,3051374591,PA +3051374592,3051380735,CR 3051380736,3051388927,AR -3051388928,3051389695,PA -3051389696,3051390207,NL -3051390208,3051391999,PA -3051392000,3051392255,US -3051392256,3051394559,PA -3051394560,3051395071,US -3051395072,3051397119,PA +3051388928,3051389183,PA +3051389184,3051389439,NL +3051389440,3051389695,PA +3051389696,3051389951,NL +3051389952,3051397119,PA 3051397120,3051398143,CO 3051398144,3051399167,AR 3051399168,3051400191,DO @@ -75154,8 +76188,7 @@ 3081846784,3081847807,TW 3081847808,3081848831,KR 3081848832,3081850879,SG -3081850880,3081851391,HK -3081851392,3081851903,SG +3081850880,3081851903,HK 3081851904,3081852927,JP 3081852928,3081854975,HK 3081854976,3081859071,MN @@ -75355,12 +76388,14 @@ 3098181632,3098185727,CA 3098185728,3098263551,US 3098263552,3098271743,CA -3098271744,3098428415,US +3098271744,3098412031,US +3098412032,3098413055,CA +3098413056,3098428415,US 3098428416,3098428927,RU 3098428928,3098429439,SE 3098429440,3098431487,GB -3098431488,3098435583,US -3098435584,3098437631,IL +3098431488,3098436607,US +3098436608,3098437631,IL 3098437632,3098476543,US 3098476544,3098492927,CA 3098492928,3098494719,US @@ -75452,6 +76487,8 @@ 3103872768,3103873023,HR 3103873024,3103873279,SE 3103873280,3103873535,FR +3103873536,3103873791,CZ +3103873792,3103874047,PL 3103916032,3103917055,CH 3103917056,3103918079,IT 3103918080,3103919103,DE @@ -75914,7 +76951,8 @@ 3104377856,3104378879,DE 3104378880,3104379215,GB 3104379216,3104379223,CZ -3104379224,3104379647,GB +3104379224,3104379391,GB +3104379392,3104379647,CH 3104379648,3104379903,AT 3104379904,3104380927,FR 3104380928,3104381951,DK @@ -76026,9 +77064,9 @@ 3104497664,3104498687,CH 3104498688,3104498695,NL 3104498696,3104498703,US -3104498704,3104499375,NL -3104499376,3104499391,US -3104499392,3104500735,NL +3104498704,3104499391,NL +3104499392,3104499399,US +3104499400,3104500735,NL 3104500736,3104501759,CZ 3104501760,3104502783,LY 3104502784,3104503807,DE @@ -76392,7 +77430,7 @@ 3104868352,3104869375,RU 3104869376,3104870399,DK 3104870400,3104871423,PL -3104871424,3104872447,CY +3104871424,3104872447,RU 3104872448,3104873471,GB 3104873472,3104874495,DK 3104874496,3104875519,GB @@ -76883,8 +77921,8 @@ 3105374208,3105375231,GB 3105375232,3105375295,IT 3105375296,3105375327,DE -3105375328,3105375367,CA -3105375368,3105375375,DE +3105375328,3105375359,CA +3105375360,3105375375,DE 3105375376,3105375391,US 3105375392,3105375551,IT 3105375552,3105375615,DE @@ -77495,7 +78533,7 @@ 3105969664,3105969727,DE 3105969728,3105970175,GB 3105970176,3105971199,FR -3105971200,3105972223,GB +3105971200,3105972223,CN 3105972224,3105973247,DK 3105973248,3105974048,US 3105974049,3105974271,NL @@ -77603,7 +78641,8 @@ 3106061312,3106062335,NL 3106062336,3106063359,ES 3106063360,3106064383,DE -3106064384,3106065407,NL +3106064384,3106065151,NL +3106065152,3106065407,MD 3106065408,3106066431,IT 3106066432,3106067455,GB 3106067456,3106068479,DE @@ -77866,7 +78905,9 @@ 3106318336,3106319359,AT 3106319360,3106320383,DK 3106320384,3106321407,HR -3106321408,3106322431,DK +3106321408,3106321663,DK +3106321664,3106321919,SE +3106321920,3106322431,DK 3106322432,3106323455,ME 3106323456,3106324479,CZ 3106324480,3106325503,AL @@ -78018,7 +79059,6 @@ 3106462720,3106463743,IT 3106463744,3106464767,IR 3106464768,3106465791,PL -3106466048,3106466303,NL 3106466816,3106467839,EE 3106467840,3106468863,IR 3106468864,3106470911,DE @@ -78389,7 +79429,8 @@ 3106821760,3106821887,CN 3106821888,3106822015,RU 3106822016,3106822143,JP -3106822144,3106824191,CH +3106822144,3106823167,CH +3106823168,3106824191,PL 3106824192,3106825215,RU 3106825216,3106826239,IT 3106826240,3106827263,PL @@ -78751,7 +79792,8 @@ 3107182592,3107183615,FR 3107183616,3107184639,IQ 3107184640,3107185663,SE -3107185664,3107186431,US +3107185664,3107185919,GB +3107185920,3107186431,US 3107186432,3107186687,GB 3107186688,3107187711,NO 3107187712,3107188735,MT @@ -79689,8 +80731,7 @@ 3108136960,3108137215,NL 3108137216,3108137471,LU 3108137472,3108137983,NL -3108137984,3108138495,AT -3108138496,3108139007,RO +3108137984,3108139007,RO 3108139008,3108141055,GB 3108141056,3108142079,PL 3108142080,3108143103,TR @@ -79997,8 +81038,7 @@ 3108457472,3108459519,RU 3108459520,3108460543,DE 3108460544,3108461567,RS -3108461568,3108462335,DE -3108462336,3108462591,GB +3108461568,3108462591,DE 3108462592,3108463615,RU 3108463616,3108464639,GB 3108464640,3108465663,HU @@ -80180,11 +81220,12 @@ 3108647936,3108648959,FR 3108648960,3108649983,IM 3108649984,3108651007,CZ -3108651008,3108651775,DE -3108651776,3108652031,BG +3108651008,3108652031,DE 3108652032,3108653055,CH 3108653056,3108654079,GI -3108654080,3108655103,NL +3108654080,3108654591,NL +3108654592,3108654847,GB +3108654848,3108655103,NL 3108655104,3108656127,ES 3108656128,3108657151,PL 3108657152,3108658175,RS @@ -80395,9 +81436,7 @@ 3108874240,3108875263,ES 3108875264,3108875439,GB 3108875440,3108875447,IT -3108875448,3108875623,GB -3108875624,3108875631,IT -3108875632,3108876287,GB +3108875448,3108876287,GB 3108876288,3108877311,ES 3108877312,3108878335,FR 3108878336,3108879359,ES @@ -80968,8 +82007,9 @@ 3109430272,3109431295,IR 3109431296,3109431807,IL 3109431808,3109432319,IT -3109432320,3109432831,HK -3109432832,3109433343,MT +3109432320,3109432831,MT +3109432832,3109433087,SE +3109433088,3109433343,MT 3109433344,3109435391,FR 3109435392,3109436415,UA 3109436416,3109437439,SM @@ -81291,7 +82331,6 @@ 3109763072,3109765119,IT 3109765120,3109766143,NO 3109766144,3109767167,ES -3109767168,3109768191,UA 3109768192,3109769215,GB 3109769216,3109770239,AT 3109770240,3109771263,GB @@ -81365,11 +82404,12 @@ 3109844992,3109845503,DE 3109845504,3109845759,GB 3109845760,3109846015,DE -3109846016,3109847039,GB +3109846016,3109847039,CH 3109847040,3109848063,AE 3109848064,3109849087,BG 3109849088,3109852159,RU -3109852160,3109854207,DE +3109852160,3109853183,NL +3109853184,3109854207,DE 3109854208,3109855231,PL 3109855232,3109856255,DE 3109856256,3109857279,IT @@ -82092,7 +83132,8 @@ 3110540288,3110541311,LB 3110541312,3110542335,RU 3110542336,3110543359,HK -3110543360,3110545407,NL +3110543360,3110544383,NL +3110544384,3110545407,ES 3110545408,3110546431,UA 3110546432,3110547455,DE 3110547456,3110547967,SE @@ -82585,7 +83626,7 @@ 3111079936,3111080959,NL 3111080960,3111081983,RU 3111081984,3111083007,HU -3111083008,3111084031,UA +3111083008,3111084031,CA 3111084032,3111085055,CZ 3111085056,3111086079,RU 3111086080,3111087103,KZ @@ -83332,8 +84373,7 @@ 3111853056,3111854079,GP 3111854080,3111855103,NO 3111855104,3111856127,IT -3111856128,3111857151,KZ -3111857152,3111858175,RU +3111856128,3111858175,RU 3111858176,3111859199,PL 3111859200,3111860223,EE 3111860224,3111861247,ES @@ -83359,7 +84399,7 @@ 3111882752,3111886847,GB 3111886848,3111887871,PL 3111887872,3111888895,RU -3111888896,3111889919,DE +3111888896,3111889919,IE 3111889920,3111890943,RU 3111890944,3111891967,AT 3111891968,3111892991,FR @@ -84488,7 +85528,9 @@ 3113064448,3113065471,SE 3113065472,3113066495,NO 3113066496,3113067519,LT -3113067520,3113068543,DE +3113067520,3113067935,DE +3113067936,3113067936,US +3113067937,3113068543,DE 3113068544,3113069567,IR 3113069568,3113070591,IT 3113070592,3113071615,GB @@ -84549,8 +85591,8 @@ 3113123840,3113124863,GB 3113124864,3113125887,RU 3113125888,3113126911,FR -3113126912,3113127167,US -3113127168,3113127423,NL +3113126912,3113127167,NL +3113127168,3113127423,GB 3113127424,3113127935,AT 3113127936,3113128959,NL 3113128960,3113129983,CH @@ -84675,7 +85717,11 @@ 3113246976,3113247231,RU 3113247232,3113247487,FR 3113247488,3113247743,RU -3113247744,3113248767,GB +3113247744,3113247999,US +3113248000,3113248031,DE +3113248032,3113248063,US +3113248064,3113248255,DE +3113248256,3113248767,GB 3113248768,3113249791,NL 3113249792,3113250815,GB 3113250816,3113251839,FR @@ -84717,8 +85763,7 @@ 3113287680,3113288703,AL 3113288704,3113289727,EE 3113289728,3113290751,IR -3113290752,3113291775,GB -3113291776,3113292799,NL +3113290752,3113292799,NL 3113292800,3113293823,AT 3113293824,3113294847,NL 3113294848,3113295871,IL @@ -84800,7 +85845,7 @@ 3113358336,3113359359,CZ 3113359360,3113360383,FR 3113360384,3113361407,BG -3113361408,3113362431,US +3113361408,3113362431,RO 3113362432,3113363455,DE 3113363456,3113364479,FR 3113364480,3113365503,GB @@ -84864,7 +85909,7 @@ 3113425920,3113426943,KW 3113426944,3113427455,IM 3113427456,3113427711,NL -3113427712,3113427967,IM +3113427712,3113427967,US 3113427968,3113428991,RU 3113428992,3113430015,IR 3113430016,3113431039,CZ @@ -84910,7 +85955,7 @@ 3113470976,3113471999,FR 3113472000,3113473023,GB 3113473024,3113473279,FR -3113473280,3113473535,GB +3113473280,3113473535,SE 3113473536,3113473791,ES 3113473792,3113475071,DE 3113475072,3113479167,FR @@ -84986,8 +86031,7 @@ 3113552896,3113553919,UA 3113553920,3113554943,NO 3113554944,3113555967,UA -3113555968,3113556223,NL -3113556224,3113556991,BZ +3113555968,3113556991,NL 3113556992,3113558015,DE 3113558016,3113559039,IT 3113559040,3113560063,NL @@ -85275,8 +86319,7 @@ 3113777152,3113778175,PL 3113778176,3113779199,TR 3113779200,3113780223,GB -3113780224,3113780479,KZ -3113780480,3113781247,RU +3113780224,3113781247,RU 3113781248,3113782271,BY 3113782272,3113783295,IT 3113783296,3113784319,TR @@ -85348,8 +86391,7 @@ 3113856000,3113857023,GB 3113857024,3113857279,BR 3113857280,3113857535,MX -3113857536,3113857791,US -3113857792,3113858047,CA +3113857536,3113858047,DE 3113858048,3113859071,UA 3113859072,3113860095,IR 3113860096,3113861119,NL @@ -86142,7 +87184,7 @@ 3114616832,3114617855,DK 3114617856,3114618879,GB 3114618880,3114619903,SE -3114619904,3114620927,DE +3114619904,3114620927,US 3114620928,3114621951,IT 3114621952,3114622975,PT 3114622976,3114623999,BG @@ -86172,8 +87214,7 @@ 3114649600,3114650623,RU 3114650624,3114651647,IR 3114651648,3114652671,CH -3114652672,3114653695,US -3114653696,3114654719,DE +3114652672,3114654719,US 3114654720,3114655743,BG 3114655744,3114656767,RU 3114656768,3114657791,DE @@ -86242,7 +87283,7 @@ 3114726400,3114727423,SE 3114727424,3114728447,BE 3114728448,3114729471,GB -3114729472,3114730495,RO +3114729472,3114730495,AU 3114730496,3114731519,GB 3114731520,3114732543,CH 3114732544,3114733567,SY @@ -86255,7 +87296,8 @@ 3114742784,3114743807,IR 3114743808,3114744831,MD 3114744832,3114745855,TR -3114745856,3114747903,RO +3114745856,3114746879,CA +3114746880,3114747903,FR 3114747904,3114748927,IR 3114748928,3114749951,GB 3114749952,3114750975,CH @@ -86292,9 +87334,7 @@ 3114781696,3114782719,NL 3114782720,3114783743,CZ 3114783744,3114784767,PL -3114784768,3114785023,RU -3114785024,3114785279,EE -3114785280,3114785791,RU +3114784768,3114785791,RU 3114785792,3114786815,FR 3114786816,3114787839,RU 3114787840,3114788863,GB @@ -86388,7 +87428,9 @@ 3114882048,3114883071,CH 3114883072,3114884095,FR 3114884096,3114885119,CH -3114885120,3114886143,PT +3114885120,3114885375,PT +3114885376,3114885631,DE +3114885632,3114886143,PT 3114886144,3114887167,RU 3114887168,3114888191,DE 3114888192,3114890239,NL @@ -86427,9 +87469,7 @@ 3114923008,3114924031,GB 3114924032,3114925055,HU 3114925056,3114925311,US -3114925312,3114925567,DE -3114925568,3114925823,US -3114925824,3114926079,DE +3114925312,3114926079,DE 3114926080,3114927103,RU 3114927104,3114928127,NL 3114928128,3114929151,GB @@ -86483,7 +87523,11 @@ 3114977280,3114978303,PL 3114978304,3114979327,RU 3114979328,3114980351,NL -3114980352,3114984447,RO +3114980352,3114981375,DE +3114981376,3114982399,PL +3114982400,3114983423,JP +3114983424,3114983679,RO +3114983680,3114984447,PL 3114984448,3114985471,CZ 3114985472,3114986495,CY 3114986496,3114987519,IR @@ -86626,7 +87670,9 @@ 3115127808,3115128831,NL 3115128832,3115129855,DE 3115129856,3115130879,BA -3115130880,3115131903,DE +3115130880,3115131234,DE +3115131235,3115131235,US +3115131236,3115131903,DE 3115131904,3115132927,RU 3115132928,3115133951,KW 3115133952,3115134975,ES @@ -86785,7 +87831,8 @@ 3115290624,3115291647,GB 3115291648,3115292671,FR 3115292672,3115293695,GB -3115293696,3115294463,RU +3115293696,3115293951,US +3115293952,3115294463,RU 3115294464,3115294719,IN 3115294720,3115295743,GB 3115295744,3115296767,NL @@ -87069,9 +88116,7 @@ 3115587584,3115588607,DE 3115588608,3115589631,TR 3115589632,3115590655,GB -3115590656,3115591167,GR -3115591168,3115591183,DE -3115591184,3115591423,GR +3115590656,3115591423,GR 3115591424,3115591679,NL 3115591680,3115592703,CH 3115592704,3115593727,BE @@ -87111,7 +88156,8 @@ 3115628544,3115629567,GB 3115629568,3115630591,RU 3115630592,3115631615,GB -3115631616,3115632639,US +3115631616,3115631871,NL +3115631872,3115632639,US 3115632640,3115633663,RU 3115633664,3115635711,PL 3115635712,3115636735,RU @@ -87126,7 +88172,8 @@ 3115644928,3115645951,RU 3115645952,3115647999,SE 3115648000,3115649023,FR -3115649024,3115650047,NL +3115649280,3115649535,GB +3115649536,3115649791,DE 3115650048,3115651071,DE 3115651072,3115652095,UA 3115652096,3115653119,DK @@ -87196,9 +88243,7 @@ 3115725312,3115725567,DE 3115725568,3115726847,GB 3115726848,3115727871,NL -3115727872,3115728127,GB -3115728128,3115728383,US -3115728384,3115728703,GB +3115727872,3115728703,GB 3115728704,3115728735,NL 3115728736,3115728895,GB 3115728896,3115729919,FR @@ -87357,9 +88402,7 @@ 3115886592,3115887615,UA 3115887616,3115888639,ES 3115888640,3115889663,CH -3115889664,3115889919,PL -3115889920,3115890175,CZ -3115890176,3115890687,PL +3115889664,3115890687,PL 3115890688,3115891711,FR 3115891712,3115892735,NL 3115892736,3115893759,GB @@ -87477,7 +88520,8 @@ 3116008448,3116009471,NO 3116009472,3116010495,BG 3116010496,3116011519,RU -3116011520,3116012543,DE +3116011520,3116012031,DE +3116012032,3116012543,US 3116012544,3116013567,BE 3116013568,3116015615,PL 3116015616,3116016639,CZ @@ -87562,8 +88606,8 @@ 3116102656,3116103679,FR 3116103680,3116104703,HU 3116104704,3116105727,SE -3116105728,3116106751,DE -3116106752,3116107263,US +3116105728,3116107007,DE +3116107008,3116107263,US 3116107264,3116107775,DE 3116107776,3116108799,ES 3116108800,3116109823,RU @@ -87579,7 +88623,7 @@ 3116119040,3116119295,AT 3116119296,3116120063,DE 3116120064,3116121087,HU -3116121088,3116122111,GB +3116121344,3116122111,PT 3116122112,3116123135,DE 3116123136,3116124159,PL 3116124160,3116125183,DE @@ -87636,7 +88680,8 @@ 3116182528,3116183551,RO 3116183552,3116184575,SE 3116184576,3116185599,TR -3116185600,3116186623,GB +3116185600,3116185855,US +3116185856,3116186623,GB 3116186624,3116187647,IT 3116187648,3116188671,ES 3116188672,3116189695,MD @@ -87706,7 +88751,7 @@ 3116249600,3116249855,CH 3116249856,3116250111,AT 3116250112,3116251135,DE -3116251136,3116252159,GB +3116251136,3116252159,US 3116252160,3116253183,MD 3116253184,3116254207,NL 3116254208,3116255231,DE @@ -87716,8 +88761,7 @@ 3116257536,3116258303,AT 3116258304,3116259327,NL 3116259328,3116260351,FR -3116260352,3116260607,CN -3116260608,3116261375,NL +3116260352,3116261375,US 3116261376,3116262399,BG 3116262400,3116263423,ES 3116263424,3116264447,RU @@ -87741,9 +88785,7 @@ 3116285952,3116286975,DE 3116286976,3116287999,GB 3116288000,3116290047,IE -3116290048,3116291071,IT -3116291072,3116291327,RO -3116291328,3116294143,IT +3116290048,3116294143,IT 3116294144,3116295167,US 3116295168,3116297215,NL 3116297216,3116298239,DE @@ -87829,7 +88871,8 @@ 3116381184,3116382207,LB 3116382208,3116382719,RU 3116382720,3116382975,AQ -3116382976,3116384255,RU +3116382976,3116383231,SC +3116383232,3116384255,RU 3116384256,3116385279,DE 3116385280,3116386047,US 3116386048,3116386303,GB @@ -87846,7 +88889,8 @@ 3116396544,3116397567,IR 3116397568,3116398591,ES 3116398592,3116399615,RO -3116399616,3116400639,NL +3116399616,3116399871,IL +3116399872,3116400639,NL 3116400640,3116401663,FI 3116401664,3116402687,NL 3116402688,3116403711,IT @@ -87960,7 +89004,8 @@ 3116522496,3116523519,LU 3116523520,3116524543,TR 3116524544,3116525567,ES -3116525568,3116526591,RU +3116525568,3116526335,RU +3116526336,3116526591,GB 3116526592,3116527615,ES 3116527616,3116528639,GB 3116528640,3116529663,NL @@ -88038,7 +89083,8 @@ 3116604416,3116605439,SI 3116605440,3116606463,MD 3116606464,3116607487,GB -3116607488,3116608511,RU +3116607488,3116607743,IL +3116607744,3116608511,RU 3116608512,3116609535,DK 3116609536,3116610559,ES 3116610560,3116611583,DE @@ -88055,8 +89101,7 @@ 3116621824,3116622847,CZ 3116622848,3116623871,TR 3116623872,3116624895,SE -3116624896,3116625663,GL -3116625664,3116625919,NZ +3116624896,3116625919,GL 3116625920,3116626943,RU 3116626944,3116627967,NL 3116627968,3116628991,FR @@ -88110,7 +89155,7 @@ 3116681216,3116682239,ES 3116682240,3116684287,GB 3116684288,3116686335,UZ -3116686336,3116687359,BZ +3116686336,3116687359,NL 3116687360,3116688383,DE 3116688384,3116689407,PL 3116689408,3116690431,FI @@ -88146,9 +89191,422 @@ 3116726272,3116727295,MD 3116727296,3116728319,TR 3116728320,3116729343,IT -3116729344,3116730367,CH +3116729344,3116729599,DE +3116729600,3116730367,CH 3116730368,3116731391,DK 3116731392,3116732415,IT +3116732416,3116733439,RU +3116733440,3116734463,DK +3116734464,3116735487,BG +3116735488,3116736511,FR +3116736512,3116737535,GB +3116737536,3116738559,DE +3116738560,3116739583,DK +3116739584,3116740607,DE +3116740608,3116741631,JO +3116741632,3116742655,PL +3116742656,3116743679,FR +3116743680,3116744703,NL +3116744704,3116745727,DE +3116745728,3116746751,TR +3116746752,3116747775,ES +3116747776,3116748031,IL +3116748032,3116748287,US +3116748288,3116748799,IL +3116748800,3116749823,NO +3116749824,3116750847,IT +3116750848,3116751871,ES +3116751872,3116752895,NO +3116752896,3116753919,SE +3116753920,3116754943,IT +3116754944,3116755967,RU +3116755968,3116756991,DE +3116756992,3116758015,NL +3116758016,3116759039,ES +3116759040,3116760063,DE +3116760064,3116761087,FR +3116761088,3116762111,PL +3116762112,3116763135,SE +3116763136,3116763146,US +3116763147,3116763166,GB +3116763167,3116763167,FR +3116763168,3116763168,AU +3116763169,3116763177,US +3116763178,3116763178,FR +3116763179,3116763182,US +3116763183,3116763183,FR +3116763184,3116763189,US +3116763190,3116763190,FR +3116763191,3116763193,US +3116763194,3116763194,FR +3116763195,3116763196,US +3116763197,3116763197,AU +3116763198,3116763201,US +3116763202,3116763202,FR +3116763203,3116763213,US +3116763214,3116763214,FR +3116763215,3116763234,US +3116763235,3116763235,FR +3116763236,3116763240,US +3116763241,3116763241,FR +3116763242,3116763246,US +3116763247,3116763247,FR +3116763248,3116763252,US +3116763253,3116763253,FR +3116763254,3116763255,US +3116763256,3116763256,FR +3116763257,3116763259,US +3116763260,3116763260,FR +3116763261,3116763265,US +3116763266,3116763266,FR +3116763267,3116763268,US +3116763269,3116763269,FR +3116763270,3116763270,US +3116763271,3116763271,FR +3116763272,3116763275,US +3116763276,3116763276,FR +3116763277,3116763278,US +3116763279,3116763279,FR +3116763280,3116763286,US +3116763287,3116763287,FR +3116763288,3116763303,US +3116763304,3116763304,FR +3116763305,3116763306,US +3116763307,3116763307,FR +3116763308,3116763402,US +3116763403,3116763422,GB +3116763423,3116763436,US +3116763437,3116763437,FR +3116763438,3116763440,US +3116763441,3116763441,FR +3116763442,3116763451,US +3116763452,3116763452,FR +3116763453,3116763458,US +3116763459,3116763459,FR +3116763460,3116763463,US +3116763464,3116763464,FR +3116763465,3116763469,US +3116763470,3116763470,FR +3116763471,3116763474,US +3116763475,3116763475,FR +3116763476,3116763480,US +3116763481,3116763481,FR +3116763482,3116763483,US +3116763484,3116763484,FR +3116763485,3116763487,US +3116763488,3116763488,FR +3116763489,3116763492,US +3116763493,3116763493,FR +3116763494,3116763499,US +3116763500,3116763500,FR +3116763501,3116763503,US +3116763504,3116763504,FR +3116763505,3116763512,US +3116763513,3116763513,FR +3116763514,3116763515,US +3116763516,3116763516,AU +3116763517,3116763517,FR +3116763518,3116763520,US +3116763521,3116763521,FR +3116763522,3116763524,US +3116763525,3116763525,FR +3116763526,3116763528,US +3116763529,3116763529,FR +3116763530,3116763533,US +3116763534,3116763534,FR +3116763535,3116763538,US +3116763539,3116763539,FR +3116763540,3116763658,US +3116763659,3116763678,FR +3116763679,3116763680,US +3116763681,3116763681,FR +3116763682,3116763684,US +3116763685,3116763685,FR +3116763686,3116763687,US +3116763688,3116763688,FR +3116763689,3116763692,US +3116763693,3116763693,FR +3116763694,3116763699,US +3116763700,3116763700,FR +3116763701,3116763705,US +3116763706,3116763706,FR +3116763707,3116763717,US +3116763718,3116763718,FR +3116763719,3116763722,US +3116763723,3116763723,FR +3116763724,3116763729,US +3116763730,3116763730,FR +3116763731,3116763742,US +3116763743,3116763743,FR +3116763744,3116763747,US +3116763748,3116763748,FR +3116763749,3116763751,US +3116763752,3116763752,FR +3116763753,3116763756,US +3116763757,3116763757,FR +3116763758,3116763769,US +3116763770,3116763770,FR +3116763771,3116763774,US +3116763775,3116763775,FR +3116763776,3116763778,US +3116763779,3116763779,FR +3116763780,3116763782,US +3116763783,3116763783,FR +3116763784,3116763787,US +3116763788,3116763788,FR +3116763789,3116763791,US +3116763792,3116763792,FR +3116763793,3116763796,US +3116763797,3116763797,FR +3116763798,3116763830,US +3116763831,3116763831,AU +3116763832,3116763914,US +3116763915,3116763934,FR +3116763935,3116763935,AU +3116763936,3116763945,US +3116763946,3116763946,FR +3116763947,3116763949,US +3116763950,3116763950,FR +3116763951,3116763951,US +3116763952,3116763952,FR +3116763953,3116763954,US +3116763955,3116763955,FR +3116763956,3116763958,US +3116763959,3116763959,FR +3116763960,3116763966,US +3116763967,3116763967,FR +3116763968,3116763980,US +3116763981,3116763981,FR +3116763982,3116763984,US +3116763985,3116763985,FR +3116763986,3116763995,US +3116763996,3116763996,FR +3116763997,3116764000,US +3116764001,3116764001,FR +3116764002,3116764003,US +3116764004,3116764004,FR +3116764005,3116764007,US +3116764008,3116764008,FR +3116764009,3116764012,US +3116764013,3116764013,FR +3116764014,3116764016,US +3116764017,3116764017,FR +3116764018,3116764022,US +3116764023,3116764023,FR +3116764024,3116764024,US +3116764025,3116764025,FR +3116764026,3116764031,US +3116764032,3116764032,FR +3116764033,3116764038,US +3116764039,3116764039,FR +3116764040,3116764045,US +3116764046,3116764046,FR +3116764047,3116764145,US +3116764146,3116764146,FR +3116764147,3116764159,US +3116764160,3116764175,GB +3116764176,3116764191,US +3116764192,3116765183,GB +3116765184,3116766207,PL +3116766208,3116767231,FR +3116767232,3116768255,DE +3116768256,3116769279,GB +3116769280,3116770303,LT +3116770304,3116772351,RU +3116772352,3116773375,MD +3116773376,3116774399,ES +3116774400,3116775423,TR +3116775424,3116775679,RO +3116775680,3116776447,NL +3116776448,3116777471,IT +3116777472,3116778495,ES +3116778496,3116779519,GB +3116779520,3116780543,TR +3116780544,3116781567,FR +3116781568,3116782591,SE +3116782592,3116783615,GB +3116783616,3116784639,DE +3116784640,3116785663,NO +3116785664,3116786687,IT +3116786688,3116787711,ES +3116787712,3116788735,CY +3116788736,3116789759,ES +3116789760,3116790783,RU +3116790784,3116792831,IT +3116792832,3116793855,TR +3116793856,3116794879,FR +3116794880,3116795903,GB +3116795904,3116796927,LT +3116796928,3116797951,CH +3116797952,3116798975,IS +3116798976,3116799999,DE +3116800000,3116801023,RU +3116801024,3116802047,IT +3116802048,3116803071,IR +3116803072,3116804095,NL +3116804096,3116805119,HU +3116805120,3116806143,SY +3116806144,3116809215,ES +3116809216,3116810239,GB +3116810240,3116811263,SE +3116811264,3116812287,TR +3116812288,3116813311,DE +3116813312,3116814335,CH +3116814336,3116815359,IT +3116815360,3116816383,MD +3116816384,3116818431,DE +3116818432,3116819455,FR +3116819456,3116820479,GB +3116820480,3116822527,AT +3116822528,3116823551,US +3116823552,3116824575,RO +3116824576,3116825599,FR +3116825600,3116826623,IR +3116826624,3116827647,DE +3116827648,3116829695,RU +3116829696,3116830719,CY +3116830720,3116831743,GB +3116831744,3116832767,MD +3116832768,3116833791,IT +3116833792,3116834815,HU +3116834816,3116835839,FR +3116835840,3116836863,BG +3116836864,3116837887,FR +3116837888,3116838911,ES +3116838912,3116839935,IT +3116839936,3116841983,GB +3116841984,3116843007,DE +3116843008,3116844031,IR +3116844032,3116845055,DE +3116845056,3116846079,IT +3116846080,3116847103,DE +3116847104,3116848127,AT +3116848128,3116849151,CZ +3116849152,3116850175,TR +3116850176,3116851199,NL +3116851200,3116852223,UA +3116852224,3116854271,DE +3116854272,3116855295,NL +3116855296,3116856319,IT +3116856320,3116857343,NL +3116857344,3116858367,RS +3116858368,3116859391,NL +3116859392,3116860415,GB +3116860416,3116861439,DE +3116861440,3116862463,SE +3116862464,3116863487,DE +3116863488,3116864511,RU +3116864512,3116865535,ES +3116865536,3116866559,AT +3116866560,3116867583,ES +3116867584,3116868607,RU +3116868608,3116869631,GB +3116869632,3116870655,SE +3116870656,3116871679,RO +3116871680,3116872703,CH +3116872704,3116873727,BE +3116873728,3116874751,FR +3116874752,3116875775,NL +3116875776,3116876799,DE +3116876800,3116877823,IR +3116877824,3116878847,FR +3116878848,3116879871,DE +3116879872,3116880895,IR +3116880896,3116881919,ES +3116881920,3116882943,DE +3116882944,3116883967,GB +3116883968,3116884991,US +3116884992,3116886015,ES +3116886016,3116887039,NL +3116887040,3116888063,DK +3116888064,3116889087,GB +3116889088,3116890111,SY +3116890112,3116891135,LU +3116891136,3116892159,PL +3116892160,3116893183,HR +3116893184,3116895231,DE +3116895232,3116896255,ES +3116896256,3116897279,RU +3116897280,3116898303,TR +3116898304,3116899327,ES +3116899328,3116900351,TR +3116900352,3116901375,DE +3116901376,3116902399,GB +3116902400,3116903423,BG +3116903424,3116905471,PL +3116905472,3116906495,AE +3116906496,3116907519,DE +3116907520,3116908543,UA +3116908544,3116909567,GB +3116909568,3116910591,EE +3116910592,3116911615,DK +3116911616,3116912639,ES +3116912640,3116913663,PL +3116913664,3116914687,IE +3116914688,3116915711,IT +3116915712,3116916735,GB +3116916736,3116919807,NL +3116919808,3116920831,CZ +3116920832,3116921855,ES +3116921856,3116922367,SG +3116922368,3116922623,GB +3116922624,3116922879,NL +3116922880,3116923903,PL +3116923904,3116924927,OM +3116924928,3116925951,JO +3116925952,3116926975,NL +3116926976,3116927999,DE +3116928000,3116929023,RU +3116929024,3116930047,FR +3116930048,3116931071,IT +3116931072,3116932095,RU +3116932096,3116933119,BG +3116933120,3116934143,RU +3116934144,3116935167,FR +3116935168,3116936191,RU +3116936192,3116937215,GB +3116937216,3116938239,RO +3116938240,3116939263,IT +3116939264,3116940287,SE +3116940288,3116941055,RU +3116941056,3116941311,FI +3116941312,3116942335,FR +3116942336,3116943359,CY +3116943360,3116944383,FR +3116944384,3116945407,GB +3116945408,3116946431,US +3116946432,3116947455,AL +3116947456,3116948479,RU +3116948480,3116949503,CH +3116949504,3116950527,DE +3116950528,3116951551,ES +3116951552,3116952575,NL +3116952576,3116953599,FR +3116953600,3116954623,RU +3116954624,3116955647,NL +3116955648,3116956671,AL +3116956672,3116957695,NO +3116957696,3116958719,GB +3116958720,3116959743,ES +3116959744,3116960767,DE +3116960768,3116961791,CZ +3116961792,3116962815,NL +3116962816,3116963839,DE +3116963840,3116964863,GE +3116964864,3116965887,RU +3116965888,3116966911,GB +3116966912,3116967935,BG +3116967936,3116968959,DE +3116968960,3116969983,RU +3116969984,3116971007,IR +3116971008,3116972031,RU +3116972032,3116973055,GR +3116973056,3116974079,GB +3116974080,3116975103,IT +3116975104,3116976127,PL +3116976128,3116977151,ES +3116977152,3116978175,IT +3116978176,3116979199,BG 3117416448,3117417471,FR 3120562176,3120594943,CO 3120594944,3120599039,AR @@ -88170,7 +89628,9 @@ 3120726016,3120734207,HN 3120734208,3120735487,BZ 3120735488,3120735743,NL -3120735744,3120736767,BZ +3120735744,3120736255,BZ +3120736256,3120736511,EC +3120736512,3120736767,BZ 3120736768,3120737023,RU 3120737024,3120737791,BZ 3120737792,3120738303,EC @@ -88178,6 +89638,7 @@ 3120742400,3120754687,PY 3120754688,3120755711,CR 3120755712,3120756735,GF +3120756736,3120757759,BR 3120757760,3120758783,CL 3120758784,3120824319,EC 3120824320,3120840703,CR @@ -88237,7 +89698,9 @@ 3124840448,3124842495,CL 3124842496,3124844543,AR 3124844544,3124845567,BZ -3124846592,3124850687,AR +3124846592,3124848639,AR +3124848640,3124849663,BR +3124849664,3124850687,AR 3124850688,3124854783,HN 3124854784,3124887551,CL 3124887552,3124953087,EC @@ -88274,7 +89737,8 @@ 3130284032,3130286079,DO 3130286080,3130290175,PA 3130290176,3130302463,AR -3130302464,3130310655,PA +3130302464,3130306559,PA +3130306560,3130310655,CO 3130312704,3130314751,AR 3130314752,3130315775,CL 3130315776,3130316799,CR @@ -88343,7 +89807,11 @@ 3133313024,3133317119,BR 3133321216,3136983039,BR 3136984064,3136985087,BR -3136985088,3136986111,AR +3136985088,3136985947,AR +3136985948,3136985951,BR +3136985952,3136986015,AR +3136986016,3136986023,BR +3136986024,3136986111,AR 3136986112,3140587519,BR 3140599808,3140614143,BR 3140614144,3140616191,CR @@ -88391,7 +89859,11 @@ 3156672512,3156738047,GB 3156738048,3156803583,DE 3156803584,3156869119,TR -3156869120,3156897791,LU +3156869120,3156876287,LU +3156876288,3156877311,RU +3156877312,3156893695,LU +3156893696,3156894719,IN +3156894720,3156897791,LU 3156897792,3156899839,US 3156899840,3156901887,SG 3156901888,3156906239,NL @@ -88995,9 +90467,7 @@ 3164960392,3164960395,GB 3164960396,3164960439,FR 3164960440,3164960443,DE -3164960444,3164960511,FR -3164960512,3164960527,ES -3164960528,3164960671,FR +3164960444,3164960671,FR 3164960672,3164960675,ES 3164960676,3164960699,FR 3164960700,3164960703,ES @@ -89312,7 +90782,9 @@ 3168038912,3168039935,MD 3168039936,3168040959,BE 3168040960,3168041215,DE -3168041216,3168047103,RO +3168041216,3168044799,RO +3168044800,3168045055,US +3168045056,3168047103,RO 3168047104,3168049151,IR 3168049152,3168049407,RO 3168049408,3168049663,IT @@ -89625,9 +91097,7 @@ 3170500608,3170631679,PT 3170631680,3170664447,PL 3170664448,3170697215,HR -3170697216,3170728959,IR -3170728960,3170729471,NL -3170729472,3170729983,IR +3170697216,3170729983,IR 3170729984,3170762751,AZ 3170762752,3170795519,RU 3170795520,3170828287,BG @@ -89671,7 +91141,9 @@ 3187916800,3187933183,CO 3187933184,3187933341,GT 3187933342,3187933342,HN -3187933343,3187944773,GT +3187933343,3187944351,GT +3187944352,3187944359,HN +3187944360,3187944773,GT 3187944774,3187944774,HN 3187944775,3187948031,GT 3187948032,3187948159,HN @@ -89704,9 +91176,7 @@ 3188117504,3188121599,AR 3188121600,3188125695,TT 3188125696,3188146175,AR -3188146176,3188147623,CO -3188147624,3188147631,PE -3188147632,3188149335,CO +3188146176,3188149335,CO 3188149336,3188149339,PE 3188149340,3188170751,CO 3188170752,3188174847,CR @@ -89853,7 +91323,9 @@ 3193176064,3193307135,CO 3193307136,3193438207,SV 3193438208,3193503743,CW -3193569280,3193575311,CO +3193569280,3193575167,CO +3193575168,3193575295,PE +3193575296,3193575311,CO 3193575312,3193575327,PE 3193575328,3193590655,CO 3193590656,3193590783,EC @@ -89873,7 +91345,8 @@ 3193628672,3193629183,EC 3193629184,3193631103,CO 3193631104,3193631231,EC -3193631232,3193634815,CO +3193631232,3193634687,CO +3193634688,3193634815,EC 3193634816,3193700351,CL 3193700352,3193724927,HN 3193724928,3193729023,AR @@ -89923,9 +91396,13 @@ 3194129664,3194129671,BR 3194129672,3194130047,AR 3194130048,3194130175,CO -3194130176,3194135551,AR +3194130176,3194130303,AR +3194130304,3194130431,BR +3194130432,3194135551,AR 3194135552,3194136063,BR -3194136064,3194139903,AR +3194136064,3194136575,AR +3194136576,3194137087,BR +3194137088,3194139903,AR 3194139904,3194140159,BR 3194140160,3194142719,AR 3194142720,3194159103,CL @@ -90019,7 +91496,6 @@ 3194757120,3194765311,AR 3194765312,3194767359,EC 3194767360,3194768383,CR -3194768384,3194769407,AR 3194769408,3194773503,PE 3194773504,3194781695,BR 3194781696,3194798079,CL @@ -90077,7 +91553,8 @@ 3195138048,3195139071,DO 3195139072,3195140095,CL 3195140096,3195142143,CR -3195142144,3195142911,PA +3195142144,3195142783,PA +3195142784,3195142911,VE 3195142912,3195143039,EC 3195143040,3195143167,UY 3195143168,3195143295,GT @@ -90109,7 +91586,7 @@ 3195576320,3195580415,CL 3195580416,3195584511,AR 3195584512,3195592703,HT -3195592704,3195596799,PA +3195596391,3195596391,PA 3195596800,3195597823,CR 3195597824,3195598847,AR 3195598848,3195600895,VE @@ -90146,13 +91623,16 @@ 3195764736,3195768831,CR 3195768832,3195772927,AR 3195772928,3195781119,VE +3195781120,3195785215,BR 3195785216,3195785407,HN 3195785408,3195785439,DE 3195785440,3195785735,HN 3195785736,3195785743,GB -3195785744,3195787383,HN -3195787384,3195787391,US -3195787392,3195789311,HN +3195785744,3195786239,HN +3195786240,3195786287,US +3195786288,3195786295,ES +3195786296,3195786751,US +3195786752,3195789311,HN 3195789312,3195793407,PA 3195793408,3195801599,AR 3195801600,3195803647,HN @@ -90227,8 +91707,7 @@ 3199729664,3199762431,NI 3199762432,3199778815,CO 3199778816,3199779839,AR -3199779840,3199780735,CR -3199780736,3199780863,US +3199779840,3199780863,CR 3199780864,3199782911,CO 3199782912,3199784959,AR 3199784960,3199785983,EC @@ -90245,7 +91724,9 @@ 3200516096,3200565247,CL 3200565248,3200569343,HT 3200569344,3200573439,CL -3200573440,3200581631,AR +3200573440,3200577535,AR +3200577536,3200579583,BR +3200579584,3200581631,AR 3200581632,3200614399,BZ 3200614400,3200647167,AR 3200647168,3201302527,VE @@ -90275,8 +91756,17 @@ 3201630208,3201695743,TT 3201695744,3201761279,EC 3201761280,3201826815,CL -3201826816,3201851391,AR -3201851392,3201855487,EC +3201826816,3201851863,AR +3201851864,3201851867,EC +3201851868,3201852519,AR +3201852520,3201852527,EC +3201852528,3201854143,AR +3201854144,3201854151,EC +3201854152,3201854463,AR +3201854464,3201854975,EC +3201854976,3201855295,AR +3201855296,3201855311,EC +3201855312,3201855487,AR 3201855488,3201859583,PE 3201859584,3201863679,CO 3201863680,3201864633,AR @@ -90285,13 +91775,13 @@ 3201865216,3201865471,CL 3201865472,3201866607,AR 3201866608,3201866623,CO -3201866624,3201867611,AR -3201867612,3201867615,CO -3201867616,3201867775,AR +3201866624,3201866863,AR +3201866864,3201866871,CO +3201866872,3201867775,AR 3201867776,3201869823,PE -3201869824,3201871695,AR -3201871696,3201871703,PE -3201871704,3201872739,AR +3201869824,3201870911,AR +3201870912,3201870943,PE +3201870944,3201872739,AR 3201872740,3201872740,PE 3201872741,3201873827,AR 3201873828,3201873831,PE @@ -90309,8 +91799,7 @@ 3201879040,3201880063,CO 3201880064,3201884159,EC 3201884160,3201888511,VE -3201888512,3201889263,AR -3201889264,3201889279,VE +3201888512,3201889279,AR 3201889280,3201889535,US 3201889536,3201889791,VE 3201889792,3201890097,AR @@ -90329,9 +91818,7 @@ 3201907266,3201907266,CO 3201907267,3201907359,AR 3201907360,3201907391,CO -3201907392,3201907667,AR -3201907668,3201907671,CO -3201907672,3201908223,AR +3201907392,3201908223,AR 3201908224,3201908735,CO 3201908736,3201916927,AR 3201916928,3201917183,CO @@ -90350,7 +91837,9 @@ 3202875392,3203399679,PE 3203399680,3203465215,CO 3203465216,3203530751,CR -3203530752,3203538943,CO +3203530752,3203536895,CO +3203536896,3203537919,HN +3203537920,3203538943,CO 3203538944,3203539967,BZ 3203539968,3203543551,CO 3203543552,3203544575,GT @@ -90360,10 +91849,10 @@ 3203562240,3203562495,SV 3203562496,3203564543,CO 3203564544,3203565055,DO -3203565056,3203566591,CO +3203565056,3203565567,CR +3203565568,3203566591,CO 3203566592,3203566847,PA -3203566848,3203566975,DO -3203566976,3203568639,CO +3203566848,3203568639,CO 3203568640,3203569663,SV 3203569664,3203570303,CO 3203570304,3203570431,SV @@ -90408,18 +91897,17 @@ 3210743680,3210743807,CL 3210743808,3210744063,US 3210744064,3210744079,TR -3210744080,3210744095,CL -3210744096,3210744127,BR +3210744080,3210744127,BR 3210744128,3210744191,FR -3210744192,3210744255,CL -3210744256,3210744319,BR +3210744192,3210744319,BR 3210744320,3210744575,US 3210744576,3210744591,BE 3210744592,3210744607,BR 3210744608,3210744831,CL 3210744832,3210744863,NZ 3210744864,3210744895,IS -3210744896,3210745087,BR +3210744896,3210744959,CL +3210744960,3210745087,BR 3210745088,3210745343,US 3210745344,3210745359,RU 3210745360,3210745375,BR @@ -90432,8 +91920,7 @@ 3210746048,3210746111,BR 3210746112,3210746367,US 3210746368,3210746383,SE -3210746384,3210746399,BR -3210746400,3210746495,CL +3210746384,3210746495,BR 3210746496,3210746879,US 3210746880,3210746895,CH 3210746896,3210746943,CL @@ -90454,7 +91941,9 @@ 3210756352,3210756607,US 3210756608,3210756863,DE 3210756864,3210757119,RU -3210757120,3210758911,US +3210757120,3210757631,US +3210757632,3210758143,BR +3210758144,3210758911,US 3210758912,3210759167,GH 3210759168,3210764031,US 3210764032,3210764047,IE @@ -90497,7 +91986,8 @@ 3210774528,3210774783,US 3210774784,3210774799,IT 3210774800,3210774815,BR -3210774816,3210775039,CL +3210774816,3210774911,CL +3210774912,3210775039,BR 3210775040,3210775295,US 3210775296,3210775311,CH 3210775312,3210775327,BR @@ -90519,8 +92009,7 @@ 3210778368,3210778623,IE 3210778624,3210781951,US 3210781952,3210782207,IT -3210782208,3210782719,CL -3210782720,3210782975,US +3210782208,3210782975,US 3210782976,3210782991,TR 3210782992,3210783039,CL 3210783040,3210783231,BR @@ -90551,7 +92040,9 @@ 3210788864,3210789119,HR 3210789120,3210791935,US 3210791936,3210792447,CL -3210792448,3210795007,US +3210792448,3210792959,US +3210792960,3210793471,GB +3210793472,3210795007,US 3210795008,3210796031,IL 3210796032,3210798079,US 3210798080,3210798591,CL @@ -90630,7 +92121,8 @@ 3211082240,3211082495,BN 3211082496,3211082751,GB 3211082752,3211083007,SG -3211083008,3211083519,US +3211083008,3211083263,US +3211083264,3211083519,BR 3211083520,3211083775,HK 3211083776,3211083791,RU 3211083792,3211083839,CL @@ -90762,7 +92254,8 @@ 3211104448,3211104511,BR 3211104512,3211104703,AU 3211104704,3211104767,BR -3211104768,3211105791,US +3211104768,3211105279,GB +3211105280,3211105791,US 3211105792,3211106303,ES 3211106304,3211111423,US 3211111424,3211112447,JP @@ -90785,8 +92278,7 @@ 3211129088,3211129343,AT 3211129344,3211129599,SG 3211129600,3211129855,NL -3211129856,3211129983,CL -3211129984,3211130111,HK +3211129856,3211130111,CL 3211130112,3211130367,US 3211130368,3211130623,GR 3211130624,3211130879,TR @@ -90801,25 +92293,23 @@ 3211145216,3211147263,NI 3211147264,3211148287,CR 3211148288,3211165695,CO -3211165696,3211166559,HN +3211165696,3211165727,HN +3211165728,3211165735,UY +3211165736,3211166559,HN 3211166560,3211166567,UY -3211166568,3211169279,HN -3211169280,3211169535,US -3211169536,3211171071,HN +3211166568,3211171071,HN 3211171072,3211171327,US -3211171328,3211172271,HN -3211172272,3211172279,NL -3211172280,3211172671,HN +3211171328,3211172671,HN 3211172672,3211172687,NL 3211172688,3211178583,HN 3211178584,3211178591,ES 3211178592,3211179087,HN 3211179088,3211179103,US -3211179104,3211179199,HN -3211179200,3211179231,US -3211179232,3211181215,HN -3211181216,3211181231,CR -3211181232,3211181439,HN +3211179104,3211179215,HN +3211179216,3211179231,US +3211179232,3211180687,HN +3211180688,3211180695,BR +3211180696,3211181439,HN 3211181440,3211181447,CA 3211181448,3211182079,HN 3211182080,3211194367,CO @@ -91004,7 +92494,9 @@ 3221656832,3221657087,AU 3221657088,3221664255,US 3221664512,3221757951,US -3221757952,3221759999,MY +3221757952,3221758975,MY +3221758976,3221759231,AU +3221759232,3221759999,MY 3221760000,3221761023,IN 3221761024,3221779455,US 3221779456,3221780479,IN @@ -91041,6 +92533,7 @@ 3222036992,3222037247,CA 3222037248,3222037503,GB 3222037504,3222040575,US +3222040576,3222041599,BR 3222042624,3222044927,US 3222044928,3222045183,CA 3222045184,3222056447,US @@ -92572,9 +94065,7 @@ 3227468288,3227468799,CA 3227468800,3227484159,US 3227484160,3227517183,CA -3227517184,3227518719,ZA -3227518720,3227519231,MU -3227519232,3227521279,ZA +3227517184,3227521279,ZA 3227521280,3227521791,US 3227521792,3227522559,ZA 3227522560,3227522815,MU @@ -92624,8 +94115,7 @@ 3227559168,3227559423,GB 3227559424,3227559935,ZA 3227559936,3227562239,US -3227562240,3227562495,MU -3227562496,3227566079,ZA +3227562240,3227566079,ZA 3227566080,3227566335,US 3227566336,3227566847,MU 3227566848,3227568127,ZA @@ -92836,16 +94326,14 @@ 3227804672,3227804927,US 3227804928,3227805183,CA 3227805184,3227805439,SG -3227805440,3227805695,FI +3227805440,3227805695,GB 3227805696,3227806463,US -3227806464,3227806495,FI -3227806496,3227806527,GB -3227806528,3227806719,FI +3227806464,3227806719,GB 3227806720,3227806975,US 3227806976,3227807039,SG 3227807040,3227807743,US -3227807744,3227812351,FI -3227812608,3227813375,FI +3227807744,3227812351,GB +3227812608,3227813375,GB 3227813376,3227813631,US 3227813632,3227815167,GB 3227815168,3227815935,US @@ -93716,8 +95204,8 @@ 3230318592,3230318847,GB 3230318848,3230321663,US 3230321664,3230321919,PT -3230321920,3230323199,US -3230323200,3230323711,AT +3230321920,3230323455,US +3230323456,3230323711,AT 3230323712,3230327807,US 3230327808,3230328063,AT 3230328064,3230328319,GB @@ -93757,6 +95245,12 @@ 3230387456,3230387711,US 3230387712,3230400255,CA 3230400256,3230402559,US +3230402560,3230404607,BR +3230406656,3230414847,BR +3230414848,3230415871,CL +3230415872,3230416895,AR +3230424064,3230425087,EC +3230432256,3230432767,CO 3230433280,3230436351,CN 3230436352,3230437375,AU 3230437376,3230439423,PK @@ -93771,10 +95265,15 @@ 3230460928,3230463999,IN 3230465024,3230466047,BD 3230531584,3230662655,ZA +3230679040,3230681087,BR 3230681088,3230683135,FR 3230683136,3230686207,BD 3230686208,3230687231,ID +3230687232,3230695423,BR 3230695424,3230728191,US +3230777344,3230779391,BR +3230783488,3230784511,BR +3230784512,3230785535,MX 3230785536,3230823679,US 3230823680,3230823935,DK 3230823936,3230824191,US @@ -94743,8 +96242,7 @@ 3233575936,3233576191,RU 3233576192,3233576447,GB 3233576448,3233577215,US -3233577216,3233577471,AT -3233577472,3233577727,GB +3233577216,3233577727,NL 3233577728,3233578239,US 3233578240,3233578495,GB 3233578496,3233578751,US @@ -95436,9 +96934,7 @@ 3236416256,3236416511,AU 3236416512,3236418559,US 3236418560,3236418815,AU -3236418816,3236424959,US -3236424960,3236425215,MU -3236425472,3236427519,US +3236418816,3236427519,US 3236427520,3236427775,CA 3236427776,3236429311,US 3236429312,3236429567,MU @@ -95710,61 +97206,43 @@ 3237773312,3237777407,CA 3237777408,3237781503,US 3237781504,3237785599,CA -3237785600,3237786623,US -3237786624,3237786711,CN -3237786712,3237786719,US -3237786720,3237786759,CN -3237786760,3237786767,US -3237786768,3237786975,CN -3237786976,3237786983,US -3237786984,3237787103,CN -3237787104,3237787111,US -3237787112,3237787159,CN -3237787160,3237787167,US -3237787168,3237787287,CN -3237787288,3237787295,US -3237787296,3237787375,CN -3237787376,3237787383,US -3237787384,3237787455,CN -3237787456,3237787463,US -3237787464,3237787551,CN -3237787552,3237787559,US -3237787560,3237787695,CN -3237787696,3237787703,US -3237787704,3237787719,CN -3237787720,3237787727,US -3237787728,3237787759,CN -3237787760,3237787767,US -3237787768,3237787839,CN -3237787840,3237787847,US -3237787848,3237788023,CN -3237788024,3237788031,US -3237788032,3237788079,CN -3237788080,3237788087,US -3237788088,3237788151,CN -3237788152,3237788159,US -3237788160,3237788167,CN -3237788168,3237788175,US -3237788176,3237788223,CN -3237788224,3237788263,US -3237788264,3237788279,CN -3237788280,3237788287,US -3237788288,3237788415,CN -3237788416,3237789183,US -3237789184,3237789247,CN -3237789248,3237789255,US -3237789256,3237789311,CN -3237789312,3237789319,US -3237789320,3237789367,CN -3237789368,3237789375,US -3237789376,3237789415,CN -3237789416,3237789423,US -3237789424,3237789479,CN -3237789480,3237789487,US -3237789488,3237789647,CN -3237789648,3237789655,US -3237789656,3237789695,CN -3237789696,3237797887,US +3237785600,3237786967,US +3237786968,3237786975,CN +3237786976,3237787175,US +3237787176,3237787191,CN +3237787192,3237787215,US +3237787216,3237787223,CN +3237787224,3237787279,US +3237787280,3237787287,CN +3237787288,3237787327,US +3237787328,3237787343,CN +3237787344,3237787423,US +3237787424,3237787431,CN +3237787432,3237787439,US +3237787440,3237787447,CN +3237787448,3237787463,US +3237787464,3237787471,CN +3237787472,3237787567,US +3237787568,3237787575,CN +3237787576,3237787607,US +3237787608,3237787615,CN +3237787616,3237787687,US +3237787688,3237787695,CN +3237787696,3237787847,US +3237787848,3237787855,CN +3237787856,3237788063,US +3237788064,3237788071,CN +3237788072,3237788087,US +3237788088,3237788095,CN +3237788096,3237788103,US +3237788104,3237788111,CN +3237788112,3237788135,US +3237788136,3237788143,CN +3237788144,3237788183,US +3237788184,3237788207,CN +3237788208,3237788343,US +3237788344,3237788359,CN +3237788360,3237797887,US 3237797888,3237801983,CA 3237801984,3237858303,US 3237858304,3237863423,CA @@ -96035,7 +97513,7 @@ 3237969152,3237969407,RO 3237969408,3238002687,US 3238002688,3238008831,NL -3238008832,3238010879,ES +3238008832,3238010879,HU 3238010880,3238017023,CH 3238017024,3238018303,DK 3238018304,3238018559,UA @@ -96368,8 +97846,7 @@ 3239271424,3239271935,AT 3239271936,3239272447,CH 3239272960,3239273471,GB -3239273472,3239273983,UA -3239273984,3239274495,RU +3239273472,3239274495,RU 3239274496,3239275007,PL 3239275520,3239276543,UA 3239276544,3239277055,LU @@ -97678,7 +99155,9 @@ 3242615168,3242615295,IE 3242615296,3242615871,FR 3242615872,3242615935,PL -3242615936,3242616191,FR +3242615936,3242616029,FR +3242616030,3242616030,NL +3242616031,3242616191,FR 3242616192,3242616319,ES 3242616320,3242616991,FR 3242616992,3242616992,IT @@ -98227,7 +99706,7 @@ 3244929792,3244930047,RU 3244930048,3244930303,PL 3244930304,3244930559,AT -3244930560,3244930815,GB +3244930560,3244930815,CA 3244930816,3244931071,NL 3244931328,3244931583,RO 3244931584,3244931839,FR @@ -98822,7 +100301,7 @@ 3246329088,3246329855,ES 3246350848,3246351103,ES 3246351616,3246352639,ES -3246360576,3246362623,US +3246359552,3246362623,US 3246362624,3246371073,ES 3246371074,3246371074,PT 3246371075,3246379007,ES @@ -99008,7 +100487,7 @@ 3247366144,3247370495,FI 3247371008,3247371263,PL 3247371264,3247371519,SE -3247371520,3247371775,GB +3247371520,3247371775,CA 3247371776,3247372031,RU 3247372032,3247372287,FI 3247372288,3247372543,RO @@ -99803,6 +101282,7 @@ 3250642944,3250651135,CH 3250651136,3250659327,IT 3250659328,3250660607,GB +3250661376,3250662399,GB 3250667520,3250675711,PL 3250675712,3250683903,GB 3250683904,3250692095,CH @@ -100153,7 +101633,6 @@ 3251269120,3251269375,DK 3251269376,3251269631,FR 3251269888,3251270143,GB -3251270144,3251270399,PL 3251270400,3251270655,NO 3251270656,3251270911,DE 3251270912,3251271167,PL @@ -100236,8 +101715,8 @@ 3252220928,3252221183,SE 3252221184,3252222463,LT 3252222464,3252223487,SE -3252223488,3252223999,LT -3252224000,3252232319,SE +3252223488,3252224511,LT +3252224512,3252232319,SE 3252232320,3252232576,NL 3252232577,3252256767,SE 3252256768,3252273151,EE @@ -100879,12 +102358,16 @@ 3253771000,3253771165,DE 3253771166,3253771166,GB 3253771167,3253771199,DE -3253771200,3253771263,IE +3253771200,3253771217,IE +3253771218,3253771219,GB +3253771220,3253771263,IE 3253771264,3253771519,DE 3253771520,3253771561,GB 3253771562,3253771562,DE 3253771563,3253771775,GB -3253771776,3253772191,DE +3253771776,3253771792,DE +3253771793,3253771793,GB +3253771794,3253772191,DE 3253772192,3253772207,GB 3253772208,3253772311,DE 3253772312,3253772319,GB @@ -101074,7 +102557,9 @@ 3254487264,3254487295,KM 3254487296,3254487419,CF 3254487420,3254487559,FR -3254487560,3254487803,CI +3254487560,3254487567,CI +3254487568,3254487575,FR +3254487576,3254487803,CI 3254487804,3254488431,FR 3254488432,3254488447,MG 3254488448,3254489087,FR @@ -102460,7 +103945,7 @@ 3258771456,3258772479,KZ 3258772480,3258773503,RU 3258773504,3258774015,FR -3258774016,3258774271,UA +3258774016,3258774271,RU 3258774272,3258774527,DK 3258774528,3258776063,RU 3258776064,3258776319,GE @@ -103269,10 +104754,33 @@ 3262473200,3262473203,ES 3262473204,3262473211,DE 3262473212,3262473215,FR -3262473216,3262473323,JP -3262473324,3262473327,KR -3262473328,3262473471,JP -3262473472,3262473473,DE +3262473216,3262473231,DE +3262473232,3262473239,JP +3262473240,3262473243,DE +3262473244,3262473247,JP +3262473248,3262473251,DE +3262473252,3262473255,JP +3262473256,3262473271,DE +3262473272,3262473283,JP +3262473284,3262473295,DE +3262473296,3262473299,JP +3262473300,3262473303,DE +3262473304,3262473315,JP +3262473316,3262473319,DE +3262473320,3262473323,JP +3262473324,3262473339,DE +3262473340,3262473347,JP +3262473348,3262473355,DE +3262473356,3262473371,JP +3262473372,3262473379,DE +3262473380,3262473383,JP +3262473384,3262473403,DE +3262473404,3262473415,JP +3262473416,3262473439,DE +3262473440,3262473443,JP +3262473444,3262473459,DE +3262473460,3262473467,JP +3262473468,3262473473,DE 3262473474,3262473478,US 3262473479,3262473480,CA 3262473481,3262473483,US @@ -103333,7 +104841,7 @@ 3262473972,3262473983,US 3262473984,3262473985,DE 3262473986,3262473986,TW -3262473987,3262473987,IN +3262473987,3262473987,DE 3262473988,3262473988,SG 3262473989,3262473989,IN 3262473990,3262473990,SG @@ -103342,23 +104850,26 @@ 3262473993,3262473993,IN 3262473994,3262473995,TW 3262473996,3262473996,MY -3262473997,3262473998,ID +3262473997,3262473997,ID +3262473998,3262473998,DE 3262473999,3262473999,TW 3262474000,3262474000,SG 3262474001,3262474001,TW -3262474002,3262474002,MY +3262474002,3262474002,DE 3262474003,3262474003,TW 3262474004,3262474004,SG 3262474005,3262474005,TW 3262474006,3262474007,SG 3262474008,3262474009,TW 3262474010,3262474010,SG -3262474011,3262474011,ID +3262474011,3262474011,DE 3262474012,3262474013,SG 3262474014,3262474014,HK 3262474015,3262474016,SG 3262474017,3262474018,MY -3262474019,3262474026,SG +3262474019,3262474024,SG +3262474025,3262474025,DE +3262474026,3262474026,SG 3262474027,3262474027,CN 3262474028,3262474030,SG 3262474031,3262474031,IN @@ -103371,12 +104882,15 @@ 3262474038,3262474038,MY 3262474039,3262474039,TW 3262474040,3262474041,MY -3262474042,3262474042,CN +3262474042,3262474042,DE 3262474043,3262474043,SG -3262474044,3262474044,GB -3262474045,3262474048,SG +3262474044,3262474044,DE +3262474045,3262474047,SG +3262474048,3262474048,DE 3262474049,3262474049,IN -3262474050,3262474061,SG +3262474050,3262474051,SG +3262474052,3262474052,DE +3262474053,3262474061,SG 3262474062,3262474063,CN 3262474064,3262474064,TW 3262474065,3262474065,IN @@ -103391,10 +104905,12 @@ 3262474076,3262474076,MY 3262474077,3262474077,SG 3262474078,3262474078,IN -3262474079,3262474079,MY +3262474079,3262474079,DE 3262474080,3262474083,SG -3262474084,3262474084,TW -3262474085,3262474087,SG +3262474084,3262474084,DE +3262474085,3262474085,SG +3262474086,3262474086,DE +3262474087,3262474087,SG 3262474088,3262474088,MY 3262474089,3262474089,SG 3262474090,3262474091,MY @@ -103402,10 +104918,12 @@ 3262474095,3262474095,HK 3262474096,3262474097,SG 3262474098,3262474098,MY -3262474099,3262474102,SG +3262474099,3262474100,SG +3262474101,3262474101,DE +3262474102,3262474102,SG 3262474103,3262474103,MY 3262474104,3262474104,CN -3262474105,3262474105,IN +3262474105,3262474105,DE 3262474106,3262474106,MY 3262474107,3262474107,CN 3262474108,3262474108,HK @@ -103415,36 +104933,33 @@ 3262474113,3262474113,PH 3262474114,3262474114,IN 3262474115,3262474115,SG -3262474116,3262474116,TW -3262474117,3262474117,IN +3262474116,3262474117,DE 3262474118,3262474118,TH 3262474119,3262474119,TW -3262474120,3262474120,BN -3262474121,3262474121,TW +3262474120,3262474121,DE 3262474122,3262474122,SG 3262474123,3262474125,MY 3262474126,3262474126,IN -3262474127,3262474128,SG +3262474127,3262474127,SG +3262474128,3262474128,DE 3262474129,3262474130,MY 3262474131,3262474131,IN -3262474132,3262474133,MY +3262474132,3262474133,DE 3262474134,3262474134,CN 3262474135,3262474136,SG -3262474137,3262474137,TW -3262474138,3262474139,CN +3262474137,3262474138,DE +3262474139,3262474139,CN 3262474140,3262474140,TW 3262474141,3262474142,SG 3262474143,3262474143,PH 3262474144,3262474150,SG 3262474151,3262474151,MY 3262474152,3262474152,SG -3262474153,3262474153,IN -3262474154,3262474154,SG -3262474155,3262474155,MY -3262474156,3262474156,IN +3262474153,3262474156,DE 3262474157,3262474157,SG 3262474158,3262474159,MY -3262474160,3262474162,SG +3262474160,3262474161,DE +3262474162,3262474162,SG 3262474163,3262474163,MY 3262474164,3262474164,IN 3262474165,3262474165,CN @@ -103453,83 +104968,93 @@ 3262474168,3262474168,TW 3262474169,3262474169,DE 3262474170,3262474170,SG -3262474171,3262474171,MY +3262474171,3262474171,DE 3262474172,3262474172,SG -3262474173,3262474173,CN +3262474173,3262474173,DE 3262474174,3262474174,TW 3262474175,3262474175,SG 3262474176,3262474176,MY -3262474177,3262474177,SG +3262474177,3262474177,DE 3262474178,3262474178,TW 3262474179,3262474179,CN 3262474180,3262474180,MY 3262474181,3262474181,SG 3262474182,3262474182,MY -3262474183,3262474185,SG +3262474183,3262474183,SG +3262474184,3262474184,DE +3262474185,3262474185,SG 3262474186,3262474186,MY 3262474187,3262474187,SG 3262474188,3262474188,MY 3262474189,3262474189,SG 3262474190,3262474190,CN 3262474191,3262474192,SG -3262474193,3262474193,PH +3262474193,3262474193,DE 3262474194,3262474194,SG 3262474195,3262474195,MY -3262474196,3262474196,IN -3262474197,3262474198,SG +3262474196,3262474197,DE +3262474198,3262474198,SG 3262474199,3262474199,CN -3262474200,3262474200,MY +3262474200,3262474200,DE 3262474201,3262474201,SG 3262474202,3262474203,CN 3262474204,3262474204,IN 3262474205,3262474205,SG -3262474206,3262474206,IN +3262474206,3262474206,DE 3262474207,3262474207,MY 3262474208,3262474208,SG -3262474209,3262474209,MY -3262474210,3262474210,TW +3262474209,3262474210,DE 3262474211,3262474211,SG 3262474212,3262474212,MY 3262474213,3262474213,SG 3262474214,3262474214,CN -3262474215,3262474215,IN +3262474215,3262474215,DE 3262474216,3262474216,SG -3262474217,3262474217,MY +3262474217,3262474217,DE 3262474218,3262474218,SG 3262474219,3262474219,MY -3262474220,3262474222,IN +3262474220,3262474220,IN +3262474221,3262474221,DE +3262474222,3262474222,IN 3262474223,3262474223,SG 3262474224,3262474224,MY 3262474225,3262474225,SG 3262474226,3262474226,MY -3262474227,3262474227,IN +3262474227,3262474227,DE 3262474228,3262474228,SG -3262474229,3262474230,IN +3262474229,3262474230,DE 3262474231,3262474231,SG -3262474232,3262474234,IN +3262474232,3262474232,DE +3262474233,3262474233,IN +3262474234,3262474234,DE 3262474235,3262474236,MY -3262474237,3262474238,SG -3262474239,3262474239,DE -3262474240,3262474255,AU -3262474256,3262474259,NZ -3262474260,3262474263,AU -3262474264,3262474267,NZ -3262474268,3262474271,AU -3262474272,3262474275,NZ -3262474276,3262474367,AU -3262474368,3262474371,NZ -3262474372,3262474395,AU -3262474396,3262474399,NZ -3262474400,3262474463,AU -3262474464,3262474467,NZ -3262474468,3262474495,AU -3262474496,3262474631,DE +3262474237,3262474237,DE +3262474238,3262474238,SG +3262474239,3262474475,DE +3262474476,3262474479,AU +3262474480,3262474631,DE 3262474632,3262474635,DK -3262474636,3262474791,DE -3262474792,3262474815,JP -3262474816,3262474895,DE -3262474896,3262475007,JP -3262475008,3262475009,DE +3262474636,3262474795,DE +3262474796,3262474799,JP +3262474800,3262474807,DE +3262474808,3262474815,JP +3262474816,3262474899,DE +3262474900,3262474907,JP +3262474908,3262474911,DE +3262474912,3262474915,JP +3262474916,3262474919,DE +3262474920,3262474935,JP +3262474936,3262474939,DE +3262474940,3262474947,JP +3262474948,3262474951,DE +3262474952,3262474959,JP +3262474960,3262474963,DE +3262474964,3262474971,JP +3262474972,3262474975,DE +3262474976,3262474987,JP +3262474988,3262474991,DE +3262474992,3262475003,JP +3262475004,3262475009,DE 3262475010,3262475011,US 3262475012,3262475012,DE 3262475013,3262475019,US @@ -104909,7 +106434,7 @@ 3263100416,3263100671,DE 3263100672,3263100927,GB 3263100928,3263101183,AT -3263101184,3263101439,CH +3263101184,3263101439,US 3263101440,3263101695,DK 3263101952,3263102207,LT 3263102208,3263102463,GB @@ -106317,9 +107842,7 @@ 3271163904,3271219967,FR 3271219968,3271220223,GP 3271220224,3271229439,FR -3271229440,3271280687,FI -3271280688,3271280703,SE -3271280704,3271360511,FI +3271229440,3271360511,FI 3271360512,3271363407,GB 3271363408,3271363415,AT 3271363416,3271363423,GB @@ -106825,7 +108348,6 @@ 3272478464,3272478719,FI 3272478720,3272478975,GB 3272478976,3272479231,UA -3272479232,3272479487,GB 3272479488,3272479743,SA 3272479744,3272480255,SE 3272480256,3272480511,FR @@ -107102,7 +108624,7 @@ 3273340128,3273340143,DE 3273340144,3273340415,GB 3273340928,3273341711,FR -3273341752,3273341823,FR +3273341752,3273341831,FR 3273341888,3273341951,FR 3273342022,3273342022,GB 3273342034,3273342034,GB @@ -107165,8 +108687,8 @@ 3273373568,3273374847,GB 3273374856,3273374863,GB 3273374896,3273374903,GB -3273374928,3273374931,GB -3273375136,3273375168,GB +3273374912,3273374931,GB +3273375168,3273375168,GB 3273375232,3273375551,DE 3273375744,3273375871,DE 3273376000,3273376255,DE @@ -108899,9 +110421,13 @@ 3276873760,3276873791,ES 3276873792,3276873983,GB 3276873984,3276874239,ES -3276874240,3276874959,GB +3276874240,3276874351,GB +3276874352,3276874367,ES +3276874368,3276874959,GB 3276874960,3276874975,NL -3276874976,3276880427,GB +3276874976,3276876279,GB +3276876280,3276876283,DK +3276876284,3276880427,GB 3276880428,3276880431,DK 3276880432,3276881811,GB 3276881812,3276881815,FR @@ -108925,7 +110451,9 @@ 3276889088,3276889215,IT 3276889216,3276890175,GB 3276890176,3276890191,US -3276890192,3276893695,GB +3276890192,3276892287,GB +3276892288,3276892303,IT +3276892304,3276893695,GB 3276893696,3276893951,IT 3276893952,3276897727,GB 3276897728,3276897791,BE @@ -108995,8 +110523,8 @@ 3276956160,3276957695,ES 3276957696,3276958719,GB 3276958720,3276959743,IL -3276959744,3276961791,ES -3276961792,3276963327,GB +3276959744,3276962815,ES +3276962816,3276963327,GB 3276963328,3276963839,ES 3276963840,3276964351,IL 3276964352,3276964863,RO @@ -109276,7 +110804,9 @@ 3277716480,3277716991,SE 3277716992,3277717503,IT 3277717504,3277725695,YE -3277725696,3277733887,CH +3277725696,3277730559,CH +3277730560,3277730563,GB +3277730564,3277733887,CH 3277733888,3277742079,DE 3277742080,3277745151,FI 3277745152,3277746175,CH @@ -109686,45 +111216,41 @@ 3278939900,3278939903,IT 3278939904,3278939907,HK 3278939908,3278939911,MY -3278939912,3278939915,TH -3278939916,3278939923,SG -3278939924,3278939927,CN +3278939912,3278939919,DE +3278939920,3278939923,SG +3278939924,3278939927,DE 3278939928,3278939931,SG 3278939932,3278939935,IN 3278939936,3278939939,MY -3278939940,3278939943,SG -3278939944,3278939947,TW +3278939940,3278939947,DE 3278939948,3278939951,SG 3278939952,3278939955,MY -3278939956,3278939959,SG -3278939960,3278939963,CN +3278939956,3278939963,DE 3278939964,3278939967,MY 3278939968,3278939971,TW -3278939972,3278939979,MY -3278939980,3278939983,TH -3278939984,3278939987,DE -3278939988,3278939991,CN +3278939972,3278939975,MY +3278939976,3278939991,DE 3278939992,3278939995,SG -3278939996,3278939999,MY -3278940000,3278940011,SG -3278940012,3278940015,ID -3278940016,3278940059,SG +3278939996,3278939999,DE +3278940000,3278940007,SG +3278940008,3278940015,DE +3278940016,3278940043,SG +3278940044,3278940047,DE +3278940048,3278940059,SG 3278940060,3278940067,CN 3278940068,3278940071,TW -3278940072,3278940083,SG -3278940084,3278940091,MY +3278940072,3278940079,DE +3278940080,3278940083,SG +3278940084,3278940087,DE +3278940088,3278940091,MY 3278940092,3278940095,SG -3278940096,3278940099,IN +3278940096,3278940099,DE 3278940100,3278940103,SG 3278940104,3278940107,MY -3278940108,3278940127,SG -3278940128,3278940131,TW -3278940132,3278940135,BD -3278940136,3278940139,SG -3278940140,3278940143,IN -3278940144,3278940151,MY -3278940152,3278940155,IN -3278940156,3278940159,PH +3278940108,3278940111,SG +3278940112,3278940115,DE +3278940116,3278940127,SG +3278940128,3278940159,DE 3278940160,3278940163,GR 3278940164,3278940167,CH 3278940168,3278940171,DE @@ -110034,75 +111560,50 @@ 3278942184,3278942203,DE 3278942204,3278942207,CH 3278942208,3278942211,TW -3278942212,3278942227,AU -3278942228,3278942231,NZ -3278942232,3278942243,AU -3278942244,3278942247,NZ -3278942248,3278942255,AU -3278942256,3278942259,NZ -3278942260,3278942271,AU -3278942272,3278942275,NZ -3278942276,3278942291,AU -3278942292,3278942295,NZ -3278942296,3278942299,PG -3278942300,3278942355,AU -3278942356,3278942359,NZ -3278942360,3278942383,AU -3278942384,3278942387,NZ -3278942388,3278942399,AU -3278942400,3278942403,NZ -3278942404,3278942435,AU -3278942436,3278942439,DE -3278942440,3278942443,AU +3278942212,3278942443,DE 3278942444,3278942447,NZ -3278942448,3278942455,AU -3278942456,3278942463,DE +3278942448,3278942463,DE 3278942464,3278942467,SG 3278942468,3278942471,MY -3278942472,3278942475,IN -3278942476,3278942483,SG -3278942484,3278942487,CN +3278942472,3278942479,DE +3278942480,3278942483,SG +3278942484,3278942487,DE 3278942488,3278942491,IN 3278942492,3278942495,MY -3278942496,3278942499,CN +3278942496,3278942499,DE 3278942500,3278942507,MY 3278942508,3278942511,TH 3278942512,3278942515,SG -3278942516,3278942519,PH -3278942520,3278942539,IN -3278942540,3278942543,TW -3278942544,3278942547,PK -3278942548,3278942551,MY +3278942516,3278942519,DE +3278942520,3278942523,IN +3278942524,3278942527,DE +3278942528,3278942531,IN +3278942532,3278942551,DE 3278942552,3278942555,TW 3278942556,3278942559,IN -3278942560,3278942571,MY +3278942560,3278942563,DE +3278942564,3278942571,MY 3278942572,3278942575,IN -3278942576,3278942579,MY -3278942580,3278942583,TW -3278942584,3278942587,SG -3278942588,3278942591,CN +3278942576,3278942591,DE 3278942592,3278942595,TW -3278942596,3278942599,IN +3278942596,3278942599,DE 3278942600,3278942603,SG 3278942604,3278942607,TW -3278942608,3278942611,TH -3278942612,3278942615,PH +3278942608,3278942615,DE 3278942616,3278942627,SG 3278942628,3278942635,MY -3278942636,3278942643,SG -3278942644,3278942647,MY -3278942648,3278942651,IN +3278942636,3278942639,SG +3278942640,3278942651,DE 3278942652,3278942655,MY -3278942656,3278942667,SG -3278942668,3278942671,MY +3278942656,3278942659,DE +3278942660,3278942667,SG +3278942668,3278942671,DE 3278942672,3278942675,SG -3278942676,3278942679,HK +3278942676,3278942679,DE 3278942680,3278942683,TW 3278942684,3278942687,DE 3278942688,3278942691,SG -3278942692,3278942695,IN -3278942696,3278942699,SG -3278942700,3278942703,TW +3278942692,3278942703,DE 3278942704,3278942707,MY 3278942708,3278942719,SG 3278942720,3278942721,DE @@ -112032,7 +113533,9 @@ 3280935120,3280935127,FR 3280935128,3280941387,GB 3280941388,3280941395,DE -3280941396,3280952331,GB +3280941396,3280942191,GB +3280942192,3280942207,DK +3280942208,3280952331,GB 3280952332,3280952335,DE 3280952336,3280952783,GB 3280952784,3280952799,DE @@ -112546,7 +114049,8 @@ 3283980288,3283980799,RO 3283980800,3283981823,CH 3283981824,3283982335,RO -3283982848,3283983359,RO +3283982848,3283983103,SE +3283983104,3283983359,RO 3283983360,3283983871,CY 3283983872,3283984383,GB 3283984384,3283984895,SE @@ -112681,7 +114185,7 @@ 3284084224,3284084735,UA 3284084736,3284085247,RU 3284085248,3284085759,DE -3284085760,3284086783,RO +3284086272,3284086783,RO 3284086784,3284087295,CZ 3284087296,3284087807,RU 3284087808,3284088319,IL @@ -112707,9 +114211,11 @@ 3284099328,3284099583,HU 3284099584,3284100095,GR 3284100096,3284100607,AM +3284100608,3284101119,US 3284101120,3284101631,UA 3284101632,3284102143,GB 3284102144,3284102399,DK +3284102627,3284102627,DK 3284102656,3284103167,AT 3284103168,3284103679,NL 3284103680,3284104191,DE @@ -112903,7 +114409,6 @@ 3285118976,3285119487,RU 3285119488,3285119999,RO 3285120000,3285120511,RU -3285120512,3285121023,RO 3285121024,3285121535,SE 3285121536,3285122047,CY 3285122048,3285123071,RU @@ -112966,9 +114471,9 @@ 3285409792,3285410815,UA 3285410816,3285412863,RU 3285412864,3285413887,UA -3285413888,3285414911,RU -3285414912,3285415935,UA -3285415936,3285419007,RU +3285413888,3285414978,RU +3285414979,3285414979,UA +3285414980,3285419007,RU 3285419008,3285420031,SE 3285420032,3285425151,UA 3285425152,3285426175,LV @@ -113005,7 +114510,7 @@ 3285480960,3285481215,CH 3285488576,3285488639,CY 3285495296,3285495807,ES -3285501328,3285501359,CZ +3285501312,3285501359,CZ 3285501696,3285501951,GB 3285510144,3285512191,GB 3285515776,3285515799,GR @@ -113131,7 +114636,7 @@ 3285931584,3285931599,DE 3285935872,3285936127,GB 3285936136,3285936147,FR -3285936152,3285936167,FR +3285936152,3285936175,FR 3285939136,3285939175,GB 3285939184,3285939191,GB 3285939744,3285939759,GB @@ -113686,7 +115191,6 @@ 3287668736,3287668991,SI 3287668992,3287669247,PL 3287669248,3287669503,LI -3287669504,3287669759,MD 3287669760,3287670015,RO 3287670016,3287670271,UA 3287670272,3287670527,PL @@ -113846,7 +115350,9 @@ 3287965696,3287973887,RS 3287973888,3287982079,CZ 3287982080,3287990271,EE -3287990272,3287996415,SI +3287990272,3287994367,SI +3287994368,3287995391,BA +3287995392,3287996415,SI 3287996416,3287998463,BA 3287998464,3288006655,IT 3288006656,3288072191,GR @@ -113988,6 +115494,7 @@ 3288569856,3288570111,CU 3288570112,3288570367,JM 3288570368,3288577023,ZA +3288577280,3288577535,NG 3288578048,3288580095,JM 3288580096,3288588287,BB 3288588288,3288608255,ZA @@ -114020,6 +115527,7 @@ 3288785408,3288785663,UG 3288785664,3288785919,TZ 3288785920,3288786175,NG +3288786176,3288786431,KE 3288786688,3288787967,ZA 3288787968,3288788223,EG 3288788224,3288792831,ZA @@ -114128,7 +115636,8 @@ 3289230848,3289231359,GH 3289231360,3289233919,ZA 3289233920,3289234175,TZ -3289234176,3289235455,ZA +3289234176,3289235199,ZA +3289235200,3289235455,KE 3289235456,3289237503,GH 3289237504,3289238015,ZA 3289238016,3289238271,KE @@ -114156,7 +115665,9 @@ 3289320448,3289321471,ZA 3289321472,3289325567,IN 3289325568,3289333759,SA -3289333760,3289391103,ZA +3289333760,3289382911,ZA +3289382912,3289387007,NL +3289387008,3289391103,ZA 3289391104,3289440255,SC 3289440256,3289448447,ZA 3289448448,3289645055,SC @@ -114289,12 +115800,8 @@ 3291045888,3291078655,ZA 3291078656,3291086847,DZ 3291086848,3291103231,PR -3291103232,3291123711,ZA -3291123712,3291135999,BG -3291136000,3291140095,ZA -3291140096,3291144191,BG -3291144192,3291148287,ZA -3291148288,3291152383,BG +3291103232,3291119615,ZA +3291119616,3291152383,BG 3291152384,3291168767,ZA 3291168768,3291176959,TZ 3291176960,3291185151,ZW @@ -114367,7 +115874,8 @@ 3291287552,3291291647,ZA 3291291648,3291295743,TZ 3291295744,3291299839,NG -3291299840,3291313151,ZA +3291299840,3291312127,ZA +3291312128,3291313151,MU 3291313152,3291314175,NG 3291314176,3291315199,ZA 3291315200,3291316223,UG @@ -114411,7 +115919,9 @@ 3291387904,3291388927,BJ 3291388928,3291389307,GA 3291389308,3291389311,KM -3291389312,3291389951,GA +3291389312,3291389343,GA +3291389344,3291389347,CG +3291389348,3291389951,GA 3291389952,3291397119,ZA 3291397120,3291398143,EG 3291398144,3291406335,ZM @@ -114424,8 +115934,8 @@ 3291430912,3291432703,ZA 3291432704,3291432959,NA 3291432960,3291434239,ZA -3291434752,3291435519,ZA -3291435520,3291437823,NA +3291434752,3291436031,ZA +3291436032,3291437823,NA 3291437824,3291438079,ZA 3291438080,3291439103,NA 3291439104,3291447295,NG @@ -114473,6 +115983,7 @@ 3291555328,3291555583,CM 3291555840,3291556095,GN 3291556352,3291556607,SN +3291556864,3291557119,TG 3291611136,3291611647,ZA 3291611648,3291611903,MU 3291611904,3291612159,ZA @@ -114480,30 +115991,63 @@ 3291613184,3291615231,SN 3291615232,3291616255,ML 3291616256,3291616511,TZ +3291616512,3291616767,KE 3291616768,3291617279,EG 3291617280,3291619327,GH 3291619328,3291627519,GA 3291627520,3291643903,ZA 3291643904,3291660287,MZ 3291660288,3291742207,ZA -3291742208,3291742463,US -3291742464,3291742591,GB +3291742208,3291742464,US +3291742465,3291742591,GB 3291742592,3291742719,IE -3291742720,3291750399,US -3291750400,3291750655,GB -3291750656,3291757311,US +3291742720,3291744767,US +3291744768,3291745023,MX +3291745024,3291745791,US +3291745792,3291746047,MX +3291746048,3291750399,US +3291750400,3291750655,IT +3291750656,3291750911,US +3291750912,3291751167,SG +3291751168,3291751423,US +3291751424,3291751679,SG +3291751680,3291751935,US +3291751936,3291752191,HK +3291752192,3291753471,US +3291753472,3291753727,GB +3291753728,3291753983,US +3291753984,3291754239,JP +3291754240,3291754495,US +3291754496,3291754751,AU +3291754752,3291755007,GB +3291755008,3291755263,AU +3291755264,3291755519,US +3291755520,3291755775,AU +3291755776,3291756543,US +3291756544,3291756799,AU +3291756800,3291757311,US 3291757312,3291757567,GB -3291757568,3291758079,US +3291757568,3291757823,AU +3291757824,3291758079,US 3291758080,3291758335,GB -3291758336,3291762175,US +3291758336,3291760639,US +3291760640,3291760895,AU +3291760896,3291762175,US 3291762176,3291762431,GB -3291762432,3291763199,US +3291762432,3291762687,AU +3291762688,3291763199,US 3291763200,3291763455,GB 3291763456,3291763711,US 3291763712,3291763967,GB -3291763968,3291813375,US +3291763968,3291766271,US +3291766272,3291766527,AU +3291766528,3291766783,US +3291766784,3291767039,AU +3291767040,3291813375,US 3291813376,3291813631,GB -3291813632,3291815423,US +3291813632,3291813887,US +3291813888,3291814143,GB +3291814144,3291815423,US 3291815424,3291815679,GB 3291815680,3291817471,US 3291817472,3291817983,NL @@ -114521,70 +116065,54 @@ 3291827200,3291827455,CA 3291827456,3291828223,US 3291828224,3291828479,GB -3291828480,3291878143,US -3291878144,3291878399,CA -3291878400,3291880703,US -3291880704,3291880959,CA -3291880960,3291883775,US +3291828480,3291879935,US +3291879936,3291880191,AU +3291880192,3291883775,US 3291883776,3291884031,CA -3291884032,3291884543,US -3291884544,3291884799,CA -3291884800,3291886335,US +3291884032,3291884287,US +3291884288,3291884543,NZ +3291884544,3291886335,US 3291886336,3291886591,CA -3291886592,3291887359,US +3291886592,3291887103,US +3291887104,3291887359,GB 3291887360,3291887615,FR 3291887616,3291888895,US 3291888896,3291889151,FR -3291889152,3291893759,US +3291889152,3291891455,US +3291891456,3291891711,GB +3291891712,3291893759,US 3291893760,3291894015,CA 3291894016,3291906047,US 3291906048,3291907071,LK 3291907072,3291939063,US 3291939064,3291939064,GB -3291939065,3291943423,US +3291939065,3291939327,US +3291939328,3291939583,IN +3291939584,3291943423,US 3291943424,3291943679,FR -3291943680,3291971583,US +3291943680,3291945727,US +3291945728,3291945983,GB +3291945984,3291971583,US 3291971584,3291972607,JP 3291972608,3292004351,US -3292004352,3292004607,SC +3292004352,3292004607,SE 3292004608,3292004863,DK -3292004864,3292005119,US -3292005120,3292006143,SC -3292006144,3292007423,US +3292004864,3292005375,US +3292005376,3292005631,CZ +3292005632,3292005887,SC +3292005888,3292007423,US 3292007424,3292007679,SC -3292007680,3292008703,US -3292008704,3292008959,SC -3292008960,3292012031,US -3292012032,3292012799,SC -3292012800,3292014847,US -3292014848,3292015103,SC -3292015104,3292016383,US -3292016384,3292016895,SC -3292016896,3292017407,US -3292017408,3292017663,SC -3292017664,3292018175,US -3292018176,3292018431,SC -3292018432,3292018943,US -3292018944,3292019455,SC +3292007680,3292019199,US +3292019200,3292019455,SC 3292019456,3292019711,US 3292019712,3292019967,SC 3292019968,3292022015,US 3292022016,3292022271,SC 3292022272,3292023295,US -3292023296,3292023807,SC -3292023808,3292027391,US -3292027392,3292027647,SC -3292027648,3292029183,US -3292029184,3292029439,SC -3292029440,3292029695,US -3292029696,3292030207,SC -3292030208,3292030463,US -3292030464,3292030975,SC -3292030976,3292031743,US +3292023296,3292023551,SC +3292023552,3292031743,US 3292031744,3292032255,SC -3292032256,3292032511,US -3292032512,3292032767,SC -3292032768,3292033791,US +3292032256,3292033791,US 3292033792,3292034047,SC 3292034048,3292034303,US 3292034304,3292034559,SC @@ -114593,54 +116121,22 @@ 3292036096,3292036351,US 3292036352,3292036607,SC 3292036608,3292036863,US -3292036864,3292037375,SC -3292037376,3292037631,US -3292037632,3292037887,SC -3292037888,3292038655,US -3292038656,3292038911,SC -3292038912,3292039167,US -3292039168,3292039679,SC -3292039680,3292040191,US -3292040192,3292040447,SC -3292040448,3292040703,US -3292040704,3292040959,SC -3292040960,3292041471,US -3292041472,3292041727,SC -3292041728,3292041983,US -3292041984,3292042239,SC -3292042240,3292044031,US -3292044032,3292044287,SC -3292044288,3292044543,US -3292044544,3292044799,SC -3292044800,3292047103,US +3292036864,3292037119,SC +3292037120,3292047103,US 3292047104,3292047359,SC 3292047360,3292049663,US 3292049664,3292049919,SC -3292049920,3292050175,US -3292050176,3292050687,SC -3292050688,3292051455,US -3292051456,3292051711,SC -3292051712,3292052991,US -3292052992,3292053247,SC -3292053248,3292054015,US +3292049920,3292050431,US +3292050432,3292050687,SC +3292050688,3292054015,US 3292054016,3292054271,SC -3292054272,3292058111,US -3292058112,3292058879,SC -3292058880,3292059135,US +3292054272,3292059135,US 3292059136,3292059391,SC -3292059392,3292060159,US -3292060160,3292060415,SC -3292060416,3292060671,US -3292060672,3292060927,SC -3292060928,3292061951,US -3292061952,3292062207,SC -3292062208,3292062719,US -3292062720,3292062975,SC -3292062976,3292064767,US -3292064768,3292065535,SC -3292065536,3292065791,US -3292065792,3292066303,SC -3292066304,3292069375,US +3292059392,3292065023,US +3292065024,3292065279,SC +3292065280,3292065791,US +3292065792,3292066047,SC +3292066048,3292069375,US 3292069376,3292069631,DE 3292069632,3292069887,AU 3292069888,3292070143,SE @@ -114648,283 +116144,127 @@ 3292070400,3292070655,US 3292070656,3292070911,SC 3292070912,3292071167,CZ -3292071168,3292071423,US -3292071424,3292071679,SC -3292071680,3292076543,US -3292076544,3292076799,SC -3292076800,3292078335,US -3292078336,3292078591,SC -3292078592,3292078847,US +3292071168,3292078847,US 3292078848,3292079103,SC -3292079104,3292079615,US -3292079616,3292079871,SC -3292079872,3292080383,US +3292079104,3292080383,US 3292080384,3292080639,SC 3292080640,3292081151,US 3292081152,3292081407,SC -3292081408,3292081663,US -3292081664,3292081919,SC -3292081920,3292082175,US -3292082176,3292082687,SC -3292082688,3292082943,US -3292082944,3292083199,SC -3292083200,3292083967,US -3292083968,3292084223,SC -3292084224,3292085247,US +3292081408,3292082431,US +3292082432,3292082687,SC +3292082688,3292085247,US 3292085248,3292085503,SC 3292085504,3292085759,US -3292085760,3292087295,SC -3292087296,3292088319,US -3292088320,3292088831,SC -3292088832,3292089087,US -3292089088,3292089599,SC -3292089600,3292090879,US -3292090880,3292091135,SC -3292091136,3292093183,US -3292093184,3292093439,SC -3292093440,3292093695,US +3292085760,3292086015,SC +3292086016,3292093695,US 3292093696,3292093951,SC -3292093952,3292094975,US -3292094976,3292095231,SC -3292095232,3292096767,US -3292096768,3292097023,SC -3292097024,3292098303,US -3292098304,3292098559,SC -3292098560,3292099071,US -3292099072,3292099583,SC -3292099584,3292101375,US -3292101376,3292101631,SC -3292101632,3292102911,US -3292102912,3292103167,SC -3292103168,3292104191,US -3292104192,3292104447,SC -3292104448,3292104959,US +3292093952,3292099327,US +3292099328,3292099583,SC +3292099584,3292104959,US 3292104960,3292105215,SC -3292105216,3292105727,US -3292105728,3292106239,SC +3292105216,3292105983,US +3292105984,3292106239,SC 3292106240,3292106751,US 3292106752,3292107007,SC 3292107008,3292108031,US 3292108032,3292108287,SC 3292108288,3292109567,US 3292109568,3292109823,SC -3292109824,3292110591,US -3292110592,3292110847,SC -3292110848,3292111103,US -3292111104,3292111359,SC -3292111360,3292112127,US +3292109824,3292112127,US 3292112128,3292112383,SC 3292112384,3292113919,US -3292113920,3292114431,SC -3292114432,3292115967,US +3292113920,3292114175,SC +3292114176,3292115967,US 3292115968,3292116223,SC -3292116224,3292120319,US -3292120320,3292120575,SC -3292120576,3292124671,US -3292124672,3292124927,SC -3292124928,3292125695,US +3292116224,3292125695,US 3292125696,3292125951,SC -3292125952,3292126975,US -3292126976,3292127231,SC -3292127232,3292128767,US +3292125952,3292128767,US 3292128768,3292129023,SC -3292129024,3292129535,US -3292129536,3292129791,SC -3292129792,3292131071,US -3292131072,3292131327,SC -3292131328,3292133631,US +3292129024,3292133631,US 3292133632,3292133887,SC 3292133888,3292134911,US -3292134912,3292135167,SC +3292134912,3292135167,DE 3292135168,3292135423,AU -3292135424,3292135679,SC +3292135424,3292135679,SE 3292135680,3292135935,DK 3292135936,3292136447,US 3292136448,3292136703,CZ -3292136704,3292136959,US -3292136960,3292137471,SC -3292137472,3292139775,US -3292139776,3292140799,SC -3292140800,3292141055,US -3292141056,3292141311,SC -3292141312,3292141567,US +3292136704,3292137215,US +3292137216,3292137471,SC +3292137472,3292140031,US +3292140032,3292140287,SC +3292140288,3292141567,US 3292141568,3292142079,SC -3292142080,3292142335,US -3292142336,3292142591,SC -3292142592,3292146175,US -3292146176,3292146431,SC -3292146432,3292147711,US -3292147712,3292147967,SC -3292147968,3292150527,US -3292150528,3292150783,SC -3292150784,3292151039,US -3292151040,3292151295,SC -3292151296,3292153087,US -3292153088,3292153343,SC -3292153344,3292153855,US +3292142080,3292153855,US 3292153856,3292154111,SC -3292154112,3292154879,US -3292154880,3292155135,SC -3292155136,3292156415,US -3292156416,3292156671,SC -3292156672,3292157183,US -3292157184,3292157439,SC -3292157440,3292157695,US -3292157696,3292157951,SC -3292157952,3292159999,US +3292154112,3292159999,US 3292160000,3292160255,SC -3292160256,3292161023,US -3292161024,3292161279,SC -3292161280,3292162047,US -3292162048,3292162303,SC -3292162304,3292163327,US +3292160256,3292163327,US 3292163328,3292163583,SC -3292163584,3292166655,US -3292166656,3292167167,SC -3292167168,3292167423,US -3292167424,3292168191,SC -3292168192,3292169983,US -3292169984,3292170495,SC -3292170496,3292170751,US -3292170752,3292171007,SC -3292171008,3292171519,US -3292171520,3292171775,SC -3292171776,3292172543,US -3292172544,3292172799,SC -3292172800,3292173311,US -3292173312,3292173823,SC -3292173824,3292175103,US +3292163584,3292167935,US +3292167936,3292168191,SC +3292168192,3292173311,US +3292173312,3292173567,SC +3292173568,3292175103,US 3292175104,3292175359,SC -3292175360,3292176895,US -3292176896,3292177407,SC +3292175360,3292177151,US +3292177152,3292177407,SC 3292177408,3292178175,US 3292178176,3292178431,SC -3292178432,3292179199,US -3292179200,3292179711,SC -3292179712,3292180735,US -3292180736,3292181247,SC -3292181248,3292181503,US -3292181504,3292181759,SC -3292181760,3292182015,US -3292182016,3292182271,SC -3292182272,3292183039,US +3292178432,3292180991,US +3292180992,3292181247,SC +3292181248,3292183039,US 3292183040,3292183295,SC 3292183296,3292186623,US 3292186624,3292186879,SC -3292186880,3292188671,US -3292188672,3292189183,SC -3292189184,3292189439,US -3292189440,3292189695,SC -3292189696,3292191999,US -3292192000,3292192255,SC -3292192256,3292196607,US +3292186880,3292196607,US 3292196608,3292196863,SC -3292196864,3292197375,US -3292197376,3292197631,SC -3292197632,3292197887,US -3292197888,3292198399,SC -3292198400,3292199423,US -3292199424,3292199679,SC -3292199680,3292200447,US +3292196864,3292200447,US 3292200448,3292200703,DE 3292200704,3292200959,AU 3292200960,3292201215,SE 3292201216,3292201471,DK 3292201472,3292201983,US -3292201984,3292202495,SC -3292202496,3292203007,US -3292203008,3292203263,SC -3292203264,3292204799,US -3292204800,3292205311,SC -3292205312,3292205823,US -3292205824,3292206335,SC -3292206336,3292206591,US +3292201984,3292202239,CZ +3292202240,3292205823,US +3292205824,3292206079,SC +3292206080,3292206591,US 3292206592,3292206847,SC -3292206848,3292207359,US -3292207360,3292208127,SC -3292208128,3292208639,US -3292208640,3292208895,SC -3292208896,3292209663,US +3292206848,3292207615,US +3292207616,3292207871,SC +3292207872,3292209663,US 3292209664,3292209919,SC 3292209920,3292210175,US 3292210176,3292210431,SC -3292210432,3292211455,US -3292211456,3292211967,SC -3292211968,3292212735,US -3292212736,3292212991,SC -3292212992,3292214783,US +3292210432,3292214783,US 3292214784,3292215039,SC 3292215040,3292215295,US 3292215296,3292215551,SC 3292215552,3292216319,US 3292216320,3292216575,SC -3292216576,3292217343,US -3292217344,3292217599,SC -3292217600,3292218879,US -3292218880,3292219135,SC -3292219136,3292220415,US -3292220416,3292220671,SC -3292220672,3292220927,US +3292216576,3292220927,US 3292220928,3292221183,SC -3292221184,3292222207,US -3292222208,3292222463,SC -3292222464,3292224511,US -3292224512,3292224767,SC -3292224768,3292225279,US -3292225280,3292225535,SC -3292225536,3292226303,US -3292226304,3292226559,SC -3292226560,3292227071,US +3292221184,3292227071,US 3292227072,3292227327,SC -3292227328,3292227839,US -3292227840,3292228095,SC -3292228096,3292228607,US -3292228608,3292229631,SC -3292229632,3292230911,US -3292230912,3292231167,SC -3292231168,3292231679,US +3292227328,3292231679,US 3292231680,3292231935,SC -3292231936,3292232447,US -3292232448,3292232959,SC -3292232960,3292233471,US -3292233472,3292233983,SC -3292233984,3292235007,US -3292235008,3292235519,SC -3292235520,3292236031,US -3292236032,3292236287,SC -3292236288,3292238079,US -3292238080,3292238335,SC -3292238336,3292239615,US +3292231936,3292233471,US +3292233472,3292233727,SC +3292233728,3292239615,US 3292239616,3292239871,SC -3292239872,3292240383,US -3292240384,3292240639,SC -3292240640,3292243711,US +3292239872,3292243711,US 3292243712,3292243967,SC 3292243968,3292244991,US 3292244992,3292245247,SC -3292245248,3292245503,US -3292245504,3292245759,SC -3292245760,3292246783,US +3292245248,3292246783,US 3292246784,3292247039,SC -3292247040,3292248575,US -3292248576,3292248831,SC -3292248832,3292249855,US -3292249856,3292250111,SC -3292250112,3292252159,US -3292252160,3292252671,SC -3292252672,3292253183,US -3292253184,3292253439,SC -3292253440,3292254207,US -3292254208,3292254719,SC -3292254720,3292255487,US +3292247040,3292252415,US +3292252416,3292252671,SC +3292252672,3292255487,US 3292255488,3292255743,SC 3292255744,3292259327,US -3292259328,3292259839,SC -3292259840,3292260351,US -3292260352,3292260607,SC -3292260608,3292263167,US -3292263168,3292263423,SC -3292263424,3292265983,US +3292259328,3292259583,SC +3292259584,3292265983,US 3292265984,3292266239,DE 3292266240,3292266495,SC 3292266496,3292266751,TZ @@ -114936,6 +116276,7 @@ 3292275712,3292275967,KE 3292276224,3292276479,GN 3292276736,3292276991,SN +3292277248,3292277503,TG 3292332032,3292334079,MU 3292334080,3292336127,TZ 3292336128,3292340223,ZA @@ -114976,16 +116317,19 @@ 3300953088,3300954111,MU 3300954112,3300958207,NG 3300958208,3301113855,ZA -3301113856,3301138431,NG +3301113856,3301117951,AF +3301117952,3301138431,NG 3301138432,3301140479,ZA -3301140480,3301146623,NG +3301140480,3301146111,NG +3301146112,3301146367,ZA +3301146368,3301146623,NG 3301146624,3301163007,IN 3301163008,3301171199,ZA -3301171200,3301172223,IN -3301172224,3301173247,ZA -3301173248,3301173759,UG -3301173760,3301175295,ZA -3301175296,3301179391,EG +3301171200,3301172223,NG +3301172224,3301173759,UG +3301173760,3301174271,ZA +3301174272,3301175295,UG +3301175296,3301179391,AF 3301179392,3301179903,RU 3301179904,3301181439,SC 3301181440,3301185535,US @@ -115029,115 +116373,131 @@ 3301238784,3301240831,US 3301240832,3301242879,SE 3301242880,3301244927,GB -3301244928,3301245439,US -3301245440,3301246975,SE -3301246976,3301310463,SC +3301244928,3301245951,US +3301245952,3301246975,SE +3301246976,3301252095,SC +3301252096,3301253119,US +3301253120,3301254143,SC +3301254144,3301255167,US +3301255168,3301257215,SC +3301257216,3301258239,US +3301258240,3301263359,SC +3301263360,3301264383,US +3301264384,3301271551,SC +3301271552,3301272575,US +3301272576,3301279743,SC +3301279744,3301280767,PR +3301280768,3301281791,SC +3301281792,3301282815,US +3301282816,3301283839,SC +3301283840,3301284863,US +3301284864,3301289983,SC +3301289984,3301291007,PT +3301291008,3301292031,PL +3301292032,3301294079,SC +3301294080,3301295103,LU +3301295104,3301301247,SC +3301301248,3301302271,CZ +3301302272,3301304319,SC +3301304320,3301305343,FR +3301305344,3301306367,AT +3301306368,3301307391,IN +3301307392,3301308415,SC +3301308416,3301309439,SG +3301309440,3301310463,SC 3301310464,3301310719,ZA 3301310720,3301311487,SC 3301311488,3301313535,SE 3301313536,3301314559,SC 3301314560,3301315583,SE 3301315584,3301318655,SC -3301318656,3301375999,SE -3301376000,3301376767,SC +3301318656,3301320447,SE +3301320448,3301320959,US +3301320960,3301322751,SE +3301322752,3301323007,CA +3301323008,3301325567,SE +3301325568,3301325823,US +3301325824,3301330943,SE +3301330944,3301331199,HU +3301331200,3301337087,SE +3301337088,3301337343,US +3301337344,3301343487,SE +3301343488,3301343743,US +3301343744,3301345535,SE +3301345536,3301345791,DK +3301345792,3301349119,SE +3301349120,3301349375,CH +3301349376,3301351679,SE +3301351680,3301351935,US +3301351936,3301353983,SE +3301353984,3301354239,US +3301354240,3301355263,SE +3301355264,3301355519,US +3301355520,3301364479,SE +3301364480,3301364735,NO +3301364736,3301367551,SE +3301367552,3301367807,PR +3301367808,3301373183,SE +3301373184,3301373439,US +3301373440,3301375231,SE +3301375232,3301375487,US +3301375488,3301375743,SE +3301375744,3301375999,US +3301376000,3301376255,SC +3301376256,3301376511,US +3301376512,3301376767,SC 3301376768,3301377023,US 3301377024,3301377279,SC -3301377280,3301377791,US -3301377792,3301378047,SC -3301378048,3301378559,US -3301378560,3301379327,SC -3301379328,3301379583,US +3301377280,3301378559,US +3301378560,3301379071,SC +3301379072,3301379583,US 3301379584,3301379839,SC -3301379840,3301381631,US -3301381632,3301382399,SC -3301382400,3301384447,US -3301384448,3301384703,SC -3301384704,3301385471,US -3301385472,3301385727,SC -3301385728,3301389567,US -3301389568,3301390335,SC -3301390336,3301390591,US -3301390592,3301391103,SC -3301391104,3301391359,US +3301379840,3301387007,US +3301387008,3301387263,ES +3301387264,3301390079,US +3301390080,3301390335,SC +3301390336,3301391359,US 3301391360,3301391615,SC -3301391616,3301392127,US -3301392128,3301392383,SC -3301392384,3301394175,US -3301394176,3301394431,SC -3301394432,3301396479,US -3301396480,3301396735,SC -3301396736,3301397247,US +3301391616,3301395199,US +3301395200,3301395455,PR +3301395456,3301397247,US 3301397248,3301397503,SC 3301397504,3301397759,US 3301397760,3301398015,SC -3301398016,3301398783,US -3301398784,3301399039,SC -3301399040,3301400575,US -3301400576,3301400831,SC -3301400832,3301401343,US -3301401344,3301401855,SC -3301401856,3301402111,US -3301402112,3301402367,SC -3301402368,3301402623,US -3301402624,3301402879,SC -3301402880,3301403391,US +3301398016,3301401343,US +3301401344,3301401599,SC +3301401600,3301403391,US 3301403392,3301403647,SC 3301403648,3301404415,US -3301404416,3301404671,SC +3301404416,3301404671,NZ 3301404672,3301404927,US 3301404928,3301405183,SC 3301405184,3301407999,US 3301408000,3301408255,SC -3301408256,3301409535,US -3301409536,3301409791,SC -3301409792,3301411327,US -3301411328,3301411583,SC -3301411584,3301411839,US -3301411840,3301412095,SC -3301412096,3301412607,US -3301412608,3301412863,SC -3301412864,3301413887,US -3301413888,3301414399,SC -3301414400,3301417215,US -3301417216,3301417471,SC -3301417472,3301418751,US -3301418752,3301419519,SC -3301419520,3301420799,US -3301420800,3301421567,SC +3301408256,3301411583,US +3301411584,3301411839,PR +3301411840,3301412863,US +3301412864,3301413119,CA +3301413120,3301419007,US +3301419008,3301419519,SC +3301419520,3301421311,US +3301421312,3301421567,SC 3301421568,3301422079,US 3301422080,3301422335,SC 3301422336,3301422591,US 3301422592,3301422847,SC -3301422848,3301423615,US -3301423616,3301423871,SC -3301423872,3301424383,US +3301422848,3301424383,US 3301424384,3301424639,SC 3301424640,3301424895,US -3301424896,3301425663,SC -3301425664,3301426687,US -3301426688,3301426943,SC -3301426944,3301427199,US -3301427200,3301427455,SC -3301427456,3301429503,US -3301429504,3301430015,SC -3301430016,3301431039,US -3301431040,3301431295,SC -3301431296,3301431551,US -3301431552,3301431807,SC -3301431808,3301432575,US -3301432576,3301433087,SC -3301433088,3301434623,US -3301434624,3301434879,SC -3301434880,3301435903,US -3301435904,3301436159,SC -3301436160,3301436415,US -3301436416,3301436927,SC -3301436928,3301437183,US +3301424896,3301425151,SC +3301425152,3301432831,US +3301432832,3301433087,SC +3301433088,3301437183,US 3301437184,3301437439,SC -3301437440,3301438719,US -3301438720,3301439231,SC -3301439232,3301440255,US -3301440256,3301440767,SC +3301437440,3301438975,US +3301438976,3301439231,SC +3301439232,3301440511,US +3301440512,3301440767,SC 3301440768,3301441535,US 3301441536,3301442351,ZA 3301442352,3301442359,NG @@ -115181,7 +116541,7 @@ 3301466112,3301470207,ER 3301470208,3301474303,NG 3301474304,3301490687,MA -3301490688,3301494783,ZA +3301490688,3301494783,CD 3301494784,3301498879,BW 3301502976,3301507071,MA 3301507328,3301507583,MU @@ -115236,8 +116596,11 @@ 3302496256,3302498303,EG 3302498304,3302502399,NA 3302502400,3302505471,AO -3302505472,3302506495,NA -3302506496,3302514687,KE +3302505472,3302505679,NA +3302505680,3302505681,AO +3302505682,3302506495,NA +3302506496,3302509567,KE +3302509568,3302514687,MU 3302514688,3302522879,ZA 3302522880,3302523903,KE 3302523904,3302525951,ZA @@ -115252,6 +116615,7 @@ 3302532096,3302533119,NA 3302533120,3302533631,MU 3302533632,3302533887,ZA +3302533888,3302534143,MU 3302534144,3302535167,ZA 3302535168,3302536191,UG 3302536192,3302537215,GH @@ -115354,7 +116718,7 @@ 3302961152,3302977535,ZA 3302977536,3302981631,NG 3302981632,3302985727,ZA -3302985728,3302987775,DJ +3302985728,3302987775,GM 3302987776,3302989823,SD 3302989824,3302993919,KE 3302993920,3302998015,MA @@ -115364,15 +116728,97 @@ 3303013376,3303013631,SN 3303013632,3303014399,KE 3303014400,3304062975,TN -3304062976,3304456191,SC +3304062976,3304066559,SC +3304066560,3304066815,CA +3304066816,3304077311,SC +3304077312,3304077567,DK +3304077568,3304077823,SC +3304077824,3304078079,FR +3304078080,3304084991,SC +3304084992,3304085247,US +3304085248,3304102655,SC +3304102656,3304102911,US +3304102912,3304107263,SC +3304107264,3304107519,PL +3304107520,3304108799,SC +3304108800,3304109055,AU +3304109056,3304109311,SC +3304109312,3304109567,BE +3304109568,3304115967,SC +3304115968,3304116223,US +3304116224,3304120575,SC +3304120576,3304120831,US +3304120832,3304126975,SC +3304126976,3304127231,FR +3304127232,3304194303,SC +3304194304,3304194559,US +3304194560,3304212223,SC +3304212224,3304212479,FR +3304212480,3304213247,SC +3304213248,3304213503,LV +3304213504,3304213759,SC +3304213760,3304214015,AT +3304214016,3304218367,SC +3304218368,3304218623,PR +3304218624,3304223231,SC +3304223232,3304223487,US +3304223488,3304226047,SC +3304226048,3304226559,US +3304226560,3304227839,SC +3304227840,3304228095,RU +3304228096,3304228863,SC +3304228864,3304229119,DE +3304229120,3304229375,DK +3304229376,3304232703,SC +3304232704,3304232959,CH +3304232960,3304233215,SC +3304233216,3304233471,GB +3304233472,3304233727,SC +3304233728,3304233983,US +3304233984,3304246271,SC +3304246272,3304246527,BE +3304246528,3304249343,SC +3304249344,3304249599,NL +3304249600,3304326143,SC +3304326144,3304326399,DE +3304326400,3304327935,SC +3304327936,3304328191,HK +3304328192,3304340735,SC +3304340736,3304340991,US +3304340992,3304342783,SC +3304342784,3304343039,IN +3304343040,3304343551,SC +3304343552,3304343807,DE +3304343808,3304353023,SC +3304353024,3304353535,US +3304353536,3304358399,SC +3304358400,3304358655,BR +3304358656,3304360191,SC +3304360192,3304360447,DK +3304360448,3304397823,SC +3304397824,3304399871,US +3304399872,3304408063,SC +3304408064,3304411135,US +3304411136,3304419327,SC +3304419328,3304420351,US +3304420352,3304424447,SC +3304424448,3304425471,US +3304425472,3304432639,SC +3304432640,3304433663,NL +3304433664,3304442879,SC +3304442880,3304443903,AU +3304443904,3304451071,SC +3304451072,3304452095,AT +3304452096,3304454143,SC +3304454144,3304455167,SG +3304455168,3304456191,SC 3304456192,3304521727,NG 3304521728,3304528895,US 3304528896,3304529919,SC 3304529920,3304535295,US 3304535296,3304536063,SC 3304536064,3304538111,CA -3304538112,3304539135,SC -3304539136,3304548351,US +3304538112,3304548351,US 3304548352,3304549375,SC 3304549376,3304562687,US 3304562688,3304563711,GB @@ -115411,8 +116857,37 @@ 3304775680,3304781823,ZA 3304781824,3304782847,AO 3304782848,3304783871,MU -3304783872,3304800255,ZA -3304800256,3304816639,SC +3304783872,3304801023,ZA +3304801024,3304801279,GH +3304801280,3304801791,SC +3304801792,3304802047,GH +3304802048,3304802559,SC +3304802560,3304802815,GH +3304802816,3304803327,SC +3304803328,3304803583,GH +3304803584,3304804095,SC +3304804096,3304804351,NG +3304804352,3304804863,SC +3304804864,3304805119,NG +3304805120,3304805631,SC +3304805632,3304805887,NG +3304805888,3304806399,SC +3304806400,3304806655,ZA +3304806656,3304807167,SC +3304807168,3304807423,ZA +3304807424,3304807935,SC +3304807936,3304808191,ZA +3304808192,3304808703,SC +3304808704,3304808959,ZA +3304808960,3304809471,SC +3304809472,3304809727,KE +3304809728,3304810239,SC +3304810240,3304810495,KE +3304810496,3304811007,SC +3304811008,3304811263,KE +3304811264,3304811775,SC +3304811776,3304812031,KE +3304812032,3304816639,SC 3304816640,3304820735,ZA 3304821760,3304822783,MU 3304822784,3304823807,BJ @@ -115470,18 +116945,16 @@ 3315204096,3315269631,ET 3315269632,3315286015,ZA 3315286016,3315286527,KE -3315286528,3315288413,MU -3315288414,3315288414,KE -3315288415,3315289343,MU +3315286528,3315288319,MU +3315288320,3315288575,KE +3315288576,3315289343,MU 3315289344,3315289599,KE 3315289600,3315291135,MU 3315291136,3315293183,KE 3315293184,3315294207,MU 3315294208,3315302399,ZA 3315302400,3315318783,ML -3315318784,3315319935,LS -3315319936,3315320831,ZA -3315320832,3315322879,LS +3315318784,3315322879,LS 3315322880,3315326975,ZA 3315326976,3315331071,ZW 3315331072,3315333119,GH @@ -115668,7 +117141,9 @@ 3321364480,3321430015,KE 3321430016,3321495551,MZ 3321495552,3321561087,TZ -3321561088,3321593855,SD +3321561088,3321570815,SD +3321570816,3321571071,SS +3321571072,3321593855,SD 3321593856,3321626623,GH 3321626624,3321692159,SD 3321692160,3321708543,NG @@ -115882,7 +117357,9 @@ 3322683392,3322691583,AR 3322691584,3322691607,US 3322691608,3322691615,RO -3322691616,3322691839,US +3322691616,3322691775,US +3322691776,3322691791,CA +3322691792,3322691839,US 3322691840,3322692095,SE 3322692096,3322692103,US 3322692104,3322692111,RO @@ -115900,7 +117377,10 @@ 3322693248,3322693263,BR 3322693264,3322693271,US 3322693272,3322693279,BR -3322693280,3322694319,US +3322693280,3322693287,SG +3322693288,3322693307,US +3322693308,3322693311,CA +3322693312,3322694319,US 3322694320,3322694327,CA 3322694328,3322694895,US 3322694896,3322694911,GB @@ -115920,12 +117400,17 @@ 3322697416,3322697423,RO 3322697424,3322697431,US 3322697432,3322697439,CA -3322697440,3322698303,US +3322697440,3322697951,US +3322697952,3322697983,CA +3322697984,3322698303,US 3322698304,3322698367,IL 3322698368,3322698383,US 3322698384,3322698391,CA 3322698392,3322698399,RO -3322698400,3322699223,US +3322698400,3322699199,US +3322699200,3322699207,PK +3322699208,3322699215,US +3322699216,3322699223,CA 3322699224,3322699231,RO 3322699232,3322700095,US 3322700096,3322700127,FR @@ -115939,9 +117424,7 @@ 3322706632,3322706639,GB 3322706640,3322706651,US 3322706652,3322706655,CA -3322706656,3322707119,US -3322707120,3322707127,CA -3322707128,3322707359,US +3322706656,3322707359,US 3322707360,3322707391,PK 3322707392,3322707743,US 3322707744,3322707751,CA @@ -116360,7 +117843,9 @@ 3323660544,3323661311,US 3323661312,3323662335,CA 3323662336,3323674623,US -3323674624,3323678031,CA +3323674624,3323677991,CA +3323677992,3323677995,US +3323677996,3323678031,CA 3323678032,3323678047,US 3323678048,3323678055,CA 3323678056,3323678059,MX @@ -116379,8 +117864,7 @@ 3323678172,3323678175,US 3323678176,3323678195,CA 3323678196,3323678199,VE -3323678200,3323678207,CA -3323678208,3323678463,US +3323678200,3323678463,US 3323678464,3323678523,CA 3323678524,3323678527,US 3323678528,3323678583,CA @@ -116405,14 +117889,14 @@ 3323681424,3323681439,CA 3323681440,3323681455,AE 3323681456,3323681479,CA -3323681480,3323681487,IN +3323681480,3323681487,GB 3323681488,3323681519,CA 3323681520,3323681527,SI 3323681528,3323681535,CA 3323681536,3323681567,IN 3323681568,3323681583,US 3323681584,3323681591,CA -3323681592,3323681599,PL +3323681592,3323681599,US 3323681600,3323681631,CA 3323681632,3323681663,NO 3323681664,3323681727,CA @@ -116428,7 +117912,8 @@ 3323682752,3323682767,US 3323682768,3323682771,CA 3323682772,3323682775,RO -3323682776,3323682839,CA +3323682776,3323682831,CA +3323682832,3323682839,IN 3323682840,3323682843,BD 3323682844,3323682947,CA 3323682948,3323682951,US @@ -116443,13 +117928,17 @@ 3323683008,3323683039,AU 3323683040,3323683071,CA 3323683072,3323683103,BA -3323683104,3323683215,CA +3323683104,3323683123,CA +3323683124,3323683127,BR +3323683128,3323683215,CA 3323683216,3323683223,VN 3323683224,3323683295,CA 3323683296,3323683299,CL 3323683300,3323683359,CA 3323683360,3323683367,MY -3323683368,3323683427,CA +3323683368,3323683399,CA +3323683400,3323683403,BR +3323683404,3323683427,CA 3323683428,3323683431,IT 3323683432,3323683439,PL 3323683440,3323683447,CA @@ -116458,7 +117947,9 @@ 3323683536,3323683551,AU 3323683552,3323683583,CA 3323683584,3323683591,PA -3323683592,3323683707,CA +3323683592,3323683679,CA +3323683680,3323683683,FR +3323683684,3323683707,CA 3323683708,3323683711,US 3323683712,3323683839,GP 3323683840,3323683871,CA @@ -116476,7 +117967,8 @@ 3323684232,3323684239,CA 3323684240,3323684243,GB 3323684244,3323684271,CA -3323684272,3323684287,US +3323684272,3323684279,FR +3323684280,3323684287,ES 3323684288,3323684291,IN 3323684292,3323684387,CA 3323684388,3323684391,MX @@ -116484,12 +117976,14 @@ 3323684396,3323684399,IN 3323684400,3323684415,CA 3323684416,3323684431,DE -3323684432,3323684439,US -3323684440,3323684443,CA +3323684432,3323684435,US +3323684436,3323684443,CA 3323684444,3323684447,IN 3323684448,3323684463,CA 3323684464,3323684479,US -3323684480,3323684543,CA +3323684480,3323684503,CA +3323684504,3323684507,IN +3323684508,3323684543,CA 3323684544,3323684559,US 3323684560,3323684607,CA 3323684608,3323684611,BR @@ -116499,8 +117993,7 @@ 3323684696,3323684703,US 3323684704,3323684735,CA 3323684736,3323684739,IN -3323684740,3323684767,CA -3323684768,3323684783,VG +3323684740,3323684783,CA 3323684784,3323684799,CO 3323684800,3323684835,CA 3323684836,3323684839,MX @@ -116521,7 +118014,8 @@ 3323685264,3323685271,US 3323685272,3323685275,CA 3323685276,3323685287,US -3323685288,3323685311,CA +3323685288,3323685295,CA +3323685296,3323685311,PL 3323685312,3323685315,VG 3323685316,3323685319,CA 3323685320,3323685327,CO @@ -116529,7 +118023,9 @@ 3323685344,3323685347,BZ 3323685348,3323685351,IN 3323685352,3323685359,US -3323685360,3323685407,CA +3323685360,3323685391,CA +3323685392,3323685399,MX +3323685400,3323685407,CA 3323685408,3323685411,MX 3323685412,3323685415,US 3323685416,3323685419,AR @@ -116556,7 +118052,9 @@ 3323685952,3323686047,CA 3323686048,3323686051,US 3323686052,3323686055,AR -3323686056,3323686135,CA +3323686056,3323686095,CA +3323686096,3323686111,US +3323686112,3323686135,CA 3323686136,3323686143,MX 3323686144,3323686159,NO 3323686160,3323686163,US @@ -116568,9 +118066,9 @@ 3323686264,3323686271,US 3323686272,3323686287,CA 3323686288,3323686303,US -3323686304,3323686335,ES +3323686304,3323686335,IT 3323686336,3323686367,CA -3323686368,3323686371,VI +3323686368,3323686371,IN 3323686372,3323686383,CA 3323686384,3323686391,US 3323686392,3323686439,CA @@ -116581,12 +118079,13 @@ 3323686624,3323686631,NL 3323686632,3323686639,BR 3323686640,3323686655,US -3323686656,3323686683,CA +3323686656,3323686663,CA +3323686664,3323686667,US +3323686668,3323686683,CA 3323686684,3323686687,IN 3323686688,3323686847,CA -3323686848,3323686851,VE -3323686852,3323686907,CA -3323686908,3323686911,US +3323686848,3323686851,US +3323686852,3323686911,CA 3323686912,3323686943,BR 3323686944,3323686975,IN 3323686976,3323687031,CA @@ -116612,7 +118111,9 @@ 3323687428,3323687431,BZ 3323687432,3323687567,CA 3323687568,3323687571,PL -3323687572,3323687591,CA +3323687572,3323687575,CA +3323687576,3323687583,ES +3323687584,3323687591,CA 3323687592,3323687599,US 3323687600,3323687711,CA 3323687712,3323687715,US @@ -116624,9 +118125,7 @@ 3323687916,3323687919,US 3323687920,3323687935,CA 3323687936,3323687999,US -3323688000,3323688047,CA -3323688048,3323688051,BD -3323688052,3323688059,CA +3323688000,3323688059,CA 3323688060,3323688063,GB 3323688064,3323688135,CA 3323688136,3323688143,US @@ -116634,7 +118133,9 @@ 3323688168,3323688175,BR 3323688176,3323688207,CA 3323688208,3323688215,AR -3323688216,3323688287,CA +3323688216,3323688255,CA +3323688256,3323688271,BR +3323688272,3323688287,CA 3323688288,3323688303,PA 3323688304,3323688319,CA 3323688320,3323688335,US @@ -116642,13 +118143,15 @@ 3323688392,3323688395,ID 3323688396,3323688415,CA 3323688416,3323688447,DE -3323688448,3323688471,CA +3323688448,3323688463,CA +3323688464,3323688467,US +3323688468,3323688471,CA 3323688472,3323688479,US -3323688480,3323688543,CA +3323688480,3323688531,CA +3323688532,3323688535,EC +3323688536,3323688543,CA 3323688544,3323688551,VE -3323688552,3323688555,CA -3323688556,3323688559,IN -3323688560,3323688563,CA +3323688552,3323688563,CA 3323688564,3323688567,CL 3323688568,3323688571,VE 3323688572,3323688603,CA @@ -116662,14 +118165,11 @@ 3323688844,3323688847,CA 3323688848,3323688855,PT 3323688856,3323688863,CL -3323688864,3323688879,US -3323688880,3323688895,CA -3323688896,3323688911,IN -3323688912,3323688943,CA +3323688864,3323688943,CA 3323688944,3323688947,AU -3323688948,3323689023,CA -3323689024,3323689039,US -3323689040,3323689071,CA +3323688948,3323689055,CA +3323689056,3323689059,FR +3323689060,3323689071,CA 3323689072,3323689079,ID 3323689080,3323689167,CA 3323689168,3323689183,US @@ -116689,8 +118189,10 @@ 3323689400,3323689403,DE 3323689404,3323689407,BR 3323689408,3323689435,CA -3323689436,3323689439,US -3323689440,3323689519,CA +3323689436,3323689439,MY +3323689440,3323689455,CA +3323689456,3323689471,PK +3323689472,3323689519,CA 3323689520,3323689527,ES 3323689528,3323689559,CA 3323689560,3323689583,US @@ -116698,20 +118200,24 @@ 3323689600,3323689663,US 3323689664,3323689715,CA 3323689716,3323689719,US -3323689720,3323689863,CA +3323689720,3323689815,CA +3323689816,3323689823,US +3323689824,3323689863,CA 3323689864,3323689871,PE 3323689872,3323689879,IT 3323689880,3323689927,CA 3323689928,3323689935,US 3323689936,3323689983,CA 3323689984,3323690015,RS -3323690016,3323690095,CA +3323690016,3323690047,CA +3323690048,3323690063,PK +3323690064,3323690095,CA 3323690096,3323690111,PK -3323690112,3323690223,CA +3323690112,3323690199,CA +3323690200,3323690207,US +3323690208,3323690223,CA 3323690224,3323690235,US -3323690236,3323690251,CA -3323690252,3323690255,BR -3323690256,3323690263,CA +3323690236,3323690263,CA 3323690264,3323690267,BR 3323690268,3323690351,CA 3323690352,3323690359,AE @@ -116722,15 +118228,7 @@ 3323740160,3323748351,GB 3323748352,3323805695,US 3323805696,3323805951,GB -3323805952,3324031999,US -3324032000,3324032255,KN -3324032256,3324035583,US -3324035584,3324035839,KN -3324035840,3324036351,US -3324036352,3324036607,KN -3324036608,3324047359,US -3324047360,3324047615,KN -3324047616,3324051455,US +3323805952,3324051455,US 3324051456,3324182527,CA 3324182528,3324193279,US 3324193280,3324193791,CA @@ -117319,7 +118817,9 @@ 3324939520,3324939535,RO 3324939536,3324939567,US 3324939568,3324939583,RO -3324939584,3324942855,US +3324939584,3324939735,US +3324939736,3324939739,CA +3324939740,3324942855,US 3324942856,3324942863,RO 3324942864,3324943047,US 3324943048,3324943055,CA @@ -117382,7 +118882,8 @@ 3325198424,3325198559,CA 3325198560,3325198575,PA 3325198576,3325198583,CA -3325198584,3325198591,US +3325198584,3325198587,ES +3325198588,3325198591,US 3325198592,3325198619,CA 3325198620,3325198623,AR 3325198624,3325198627,ES @@ -117395,7 +118896,11 @@ 3325198704,3325198719,US 3325198720,3325198751,CA 3325198752,3325198755,LK -3325198756,3325198815,CA +3325198756,3325198759,US +3325198760,3325198779,CA +3325198780,3325198783,MX +3325198784,3325198811,CA +3325198812,3325198815,US 3325198816,3325198823,DE 3325198824,3325198831,CA 3325198832,3325198847,US @@ -117411,9 +118916,11 @@ 3325199072,3325199079,US 3325199080,3325199103,CA 3325199104,3325199119,DE -3325199120,3325199123,CA -3325199124,3325199127,TR -3325199128,3325199255,CA +3325199120,3325199127,CA +3325199128,3325199131,US +3325199132,3325199143,CA +3325199144,3325199147,US +3325199148,3325199255,CA 3325199256,3325199259,BR 3325199260,3325199291,CA 3325199292,3325199295,US @@ -117431,10 +118938,10 @@ 3325199492,3325199495,BR 3325199496,3325199559,CA 3325199560,3325199567,US -3325199568,3325199623,CA +3325199568,3325199583,BR +3325199584,3325199623,CA 3325199624,3325199627,BE -3325199628,3325199647,CA -3325199648,3325199655,ID +3325199628,3325199655,CA 3325199656,3325199663,US 3325199664,3325199775,CA 3325199776,3325199779,BR @@ -117471,9 +118978,9 @@ 3325200312,3325200315,IN 3325200316,3325200323,CA 3325200324,3325200327,IL -3325200328,3325200451,CA -3325200452,3325200455,US -3325200456,3325200463,CA +3325200328,3325200455,CA +3325200456,3325200459,US +3325200460,3325200463,CA 3325200464,3325200467,US 3325200468,3325200567,CA 3325200568,3325200571,US @@ -117482,10 +118989,13 @@ 3325200728,3325200731,US 3325200732,3325200739,CA 3325200740,3325200747,US -3325200748,3325200807,CA +3325200748,3325200767,CA +3325200768,3325200783,ID +3325200784,3325200807,CA 3325200808,3325200811,TR 3325200812,3325200815,IE -3325200816,3325200831,CA +3325200816,3325200827,CA +3325200828,3325200831,CO 3325200832,3325200863,BA 3325200864,3325200879,ES 3325200880,3325200891,CA @@ -117520,8 +119030,8 @@ 3325201288,3325201367,CA 3325201368,3325201375,MY 3325201376,3325201391,CA -3325201392,3325201415,US -3325201416,3325201427,CA +3325201392,3325201407,US +3325201408,3325201427,CA 3325201428,3325201431,US 3325201432,3325201439,CA 3325201440,3325201447,IN @@ -117534,7 +119044,9 @@ 3325201592,3325201599,PT 3325201600,3325201603,CA 3325201604,3325201615,US -3325201616,3325201647,CA +3325201616,3325201627,CA +3325201628,3325201631,US +3325201632,3325201647,CA 3325201648,3325201655,US 3325201656,3325201663,ES 3325201664,3325201671,CO @@ -117562,7 +119074,7 @@ 3325202280,3325202327,CA 3325202328,3325202331,AU 3325202332,3325202367,CA -3325202368,3325202371,PE +3325202368,3325202371,PH 3325202372,3325202375,FR 3325202376,3325202395,CA 3325202396,3325202399,IN @@ -117570,29 +119082,33 @@ 3325204480,3325205503,US 3325205504,3325206428,CA 3325206429,3325206429,US -3325206430,3325206623,CA +3325206430,3325206543,CA +3325206544,3325206551,DO +3325206552,3325206555,US +3325206556,3325206559,CZ +3325206560,3325206623,CA 3325206624,3325206625,RO 3325206626,3325206626,CA 3325206627,3325206627,RO 3325206628,3325206639,CA 3325206640,3325206671,US 3325206672,3325206679,BR -3325206680,3325206683,US -3325206684,3325206687,CA +3325206680,3325206683,CL +3325206684,3325206687,SE 3325206688,3325206719,US 3325206720,3325206799,CA 3325206800,3325206815,US -3325206816,3325206823,CA -3325206824,3325206831,PL +3325206816,3325206831,CA 3325206832,3325206839,US 3325206840,3325206847,BG 3325206848,3325206879,CA 3325206880,3325206911,BA -3325206912,3325206915,CA +3325206912,3325206915,BR 3325206916,3325206919,US 3325206920,3325206935,CA 3325206936,3325206943,HR -3325206944,3325207055,CA +3325206944,3325207051,CA +3325207052,3325207055,US 3325207056,3325207059,GB 3325207060,3325207071,CA 3325207072,3325207103,MX @@ -117602,13 +119118,18 @@ 3325207120,3325207131,CA 3325207132,3325207135,US 3325207136,3325207167,BD -3325207168,3325207283,CA +3325207168,3325207271,CA +3325207272,3325207279,IN +3325207280,3325207283,CA 3325207284,3325207287,US 3325207288,3325207379,CA 3325207380,3325207383,US -3325207384,3325207455,CA -3325207456,3325207471,GB -3325207472,3325207591,CA +3325207384,3325207415,CA +3325207416,3325207423,US +3325207424,3325207439,UA +3325207440,3325207503,CA +3325207504,3325207519,US +3325207520,3325207591,CA 3325207592,3325207599,EC 3325207600,3325207699,CA 3325207700,3325207703,LU @@ -117622,8 +119143,7 @@ 3325208064,3325208095,BS 3325208096,3325208119,CA 3325208120,3325208123,US -3325208124,3325208127,IN -3325208128,3325208171,CA +3325208124,3325208171,CA 3325208172,3325208175,BR 3325208176,3325208187,CA 3325208188,3325208191,IN @@ -117641,9 +119161,7 @@ 3325208492,3325208495,US 3325208496,3325208543,CA 3325208544,3325208547,US -3325208548,3325208639,CA -3325208640,3325208647,US -3325208648,3325208735,CA +3325208548,3325208735,CA 3325208736,3325208743,HK 3325208744,3325208747,CA 3325208748,3325208751,CZ @@ -117651,13 +119169,12 @@ 3325208828,3325208831,EG 3325208832,3325208939,CA 3325208940,3325208943,AU -3325208944,3325208999,CA +3325208944,3325208947,BR +3325208948,3325208999,CA 3325209000,3325209003,AU 3325209004,3325209023,CA 3325209024,3325209055,US -3325209056,3325209063,CA -3325209064,3325209067,US -3325209068,3325209083,CA +3325209056,3325209083,CA 3325209084,3325209087,US 3325209088,3325209091,CA 3325209092,3325209095,AR @@ -117672,8 +119189,7 @@ 3325209232,3325209247,DE 3325209248,3325209295,CA 3325209296,3325209311,US -3325209312,3325209323,CA -3325209324,3325209327,BR +3325209312,3325209327,CA 3325209328,3325209343,US 3325209344,3325209359,RO 3325209360,3325209379,CA @@ -117681,11 +119197,13 @@ 3325209384,3325209387,CA 3325209388,3325209407,US 3325209408,3325209411,GB -3325209412,3325209423,CA -3325209424,3325209439,US -3325209440,3325209475,CA +3325209412,3325209435,CA +3325209436,3325209439,NG +3325209440,3325209447,CA +3325209448,3325209451,MT +3325209452,3325209475,CA 3325209476,3325209479,US -3325209480,3325209483,FR +3325209480,3325209483,IN 3325209484,3325209491,CA 3325209492,3325209495,CN 3325209496,3325209543,CA @@ -117694,17 +119212,13 @@ 3325209568,3325209575,US 3325209576,3325209579,CA 3325209580,3325209583,US -3325209584,3325209631,CA -3325209632,3325209635,US -3325209636,3325209639,CA +3325209584,3325209639,CA 3325209640,3325209647,TR 3325209648,3325209655,CA 3325209656,3325209663,CH 3325209664,3325209679,US -3325209680,3325209691,CA -3325209692,3325209695,US -3325209696,3325209759,CA -3325209760,3325209775,US +3325209680,3325209767,CA +3325209768,3325209775,US 3325209776,3325209779,CA 3325209780,3325209783,ID 3325209784,3325209915,CA @@ -117742,7 +119256,9 @@ 3325210636,3325210639,FR 3325210640,3325210671,CA 3325210672,3325210687,BR -3325210688,3325210711,CA +3325210688,3325210703,CA +3325210704,3325210707,US +3325210708,3325210711,CA 3325210712,3325210719,IN 3325210720,3325210751,US 3325210752,3325210791,CA @@ -117752,18 +119268,19 @@ 3325210852,3325210863,CA 3325210864,3325210879,US 3325210880,3325210959,CA -3325210960,3325210991,US +3325210960,3325210975,IN +3325210976,3325210991,US 3325210992,3325211087,CA 3325211088,3325211091,US 3325211092,3325211095,CA 3325211096,3325211103,US -3325211104,3325211111,FR -3325211112,3325211115,CA -3325211116,3325211119,GB +3325211104,3325211119,CA 3325211120,3325211127,US 3325211128,3325211135,CA 3325211136,3325211143,ID -3325211144,3325211159,CA +3325211144,3325211151,CA +3325211152,3325211155,US +3325211156,3325211159,CA 3325211160,3325211167,US 3325211168,3325211175,CA 3325211176,3325211183,US @@ -117787,12 +119304,12 @@ 3325211420,3325211423,US 3325211424,3325211647,CA 3325211648,3325211807,US -3325211808,3325211855,CA +3325211808,3325211839,CA +3325211840,3325211855,US 3325211856,3325211859,CL 3325211860,3325211863,CA 3325211864,3325211871,NO -3325211872,3325211879,CA -3325211880,3325211883,PE +3325211872,3325211883,CA 3325211884,3325211887,US 3325211888,3325211895,RO 3325211896,3325211967,CA @@ -117800,7 +119317,8 @@ 3325212000,3325212007,US 3325212008,3325212087,CA 3325212088,3325212091,BZ -3325212092,3325212127,CA +3325212092,3325212095,US +3325212096,3325212127,CA 3325212128,3325212143,IN 3325212144,3325212151,US 3325212152,3325212155,MX @@ -117813,17 +119331,20 @@ 3325212204,3325212207,ID 3325212208,3325212215,CA 3325212216,3325212223,HR -3325212224,3325212495,CA -3325212496,3325212511,ID +3325212224,3325212295,CA +3325212296,3325212303,IN +3325212304,3325212495,CA +3325212496,3325212503,FR +3325212504,3325212511,HU 3325212512,3325212515,CY 3325212516,3325212559,CA 3325212560,3325212575,BR -3325212576,3325212579,CA -3325212580,3325212583,US -3325212584,3325212587,CA +3325212576,3325212587,CA 3325212588,3325212591,BR 3325212592,3325212599,US -3325212600,3325212647,CA +3325212600,3325212611,CA +3325212612,3325212615,BR +3325212616,3325212647,CA 3325212648,3325212655,US 3325212656,3325212719,CA 3325212720,3325212727,ID @@ -117831,9 +119352,7 @@ 3325212732,3325212735,AE 3325212736,3325212771,CA 3325212772,3325212775,US -3325212776,3325212783,CA -3325212784,3325212799,US -3325212800,3325212927,CA +3325212776,3325212927,CA 3325212928,3325212943,LK 3325212944,3325213023,CA 3325213024,3325213055,EE @@ -117872,9 +119391,7 @@ 3325213712,3325213715,AR 3325213716,3325213951,CA 3325213952,3325213983,BA -3325213984,3325213991,CA -3325213992,3325213995,US -3325213996,3325214015,CA +3325213984,3325214015,CA 3325214016,3325214063,US 3325214064,3325214071,CA 3325214072,3325214079,AE @@ -117886,10 +119403,11 @@ 3325214152,3325214155,US 3325214156,3325214163,CA 3325214164,3325214167,BR -3325214168,3325214187,CA +3325214168,3325214171,CA +3325214172,3325214175,US +3325214176,3325214187,CA 3325214188,3325214191,US -3325214192,3325214239,CA -3325214240,3325214255,US +3325214192,3325214255,CA 3325214256,3325214259,SA 3325214260,3325214263,US 3325214264,3325214463,CA @@ -117897,26 +119415,24 @@ 3325214480,3325214499,CA 3325214500,3325214503,PA 3325214504,3325214583,CA -3325214584,3325214587,US -3325214588,3325214623,CA +3325214584,3325214591,US +3325214592,3325214623,CA 3325214624,3325214639,DE 3325214640,3325214647,FR 3325214648,3325214703,CA 3325214704,3325214719,AU 3325214720,3325214735,CA 3325214736,3325214739,US -3325214740,3325214815,CA +3325214740,3325214783,CA +3325214784,3325214791,US +3325214792,3325214815,CA 3325214816,3325214823,US 3325214824,3325214831,BR -3325214832,3325214975,CA -3325214976,3325214979,ES -3325214980,3325215055,CA +3325214832,3325215055,CA 3325215056,3325215059,IT 3325215060,3325215079,CA 3325215080,3325215087,BR -3325215088,3325215103,CA -3325215104,3325215107,IN -3325215108,3325215127,CA +3325215088,3325215127,CA 3325215128,3325215131,US 3325215132,3325215135,BZ 3325215136,3325215175,CA @@ -117924,8 +119440,7 @@ 3325215184,3325215203,CA 3325215204,3325215207,GB 3325215208,3325215211,FR -3325215212,3325215247,CA -3325215248,3325215263,US +3325215212,3325215263,CA 3325215264,3325215295,IN 3325215296,3325215299,US 3325215300,3325215303,IN @@ -117938,10 +119453,12 @@ 3325215472,3325215475,ES 3325215476,3325215495,CA 3325215496,3325215503,BR -3325215504,3325215667,CA +3325215504,3325215611,CA +3325215612,3325215615,BR +3325215616,3325215667,CA 3325215668,3325215675,BR 3325215676,3325215719,CA -3325215720,3325215727,US +3325215720,3325215727,MX 3325215728,3325215731,CA 3325215732,3325215735,BR 3325215736,3325215743,CA @@ -117956,7 +119473,9 @@ 3325215912,3325215915,IN 3325215916,3325215919,GB 3325215920,3325215927,US -3325215928,3325215951,CA +3325215928,3325215931,CA +3325215932,3325215935,BR +3325215936,3325215951,CA 3325215952,3325215967,BE 3325215968,3325215983,CA 3325215984,3325215999,VE @@ -117975,14 +119494,15 @@ 3325216116,3325216119,US 3325216120,3325216239,CA 3325216240,3325216243,BR -3325216244,3325216247,IN -3325216248,3325216319,CA +3325216244,3325216319,CA 3325216320,3325216327,US 3325216328,3325216359,CA 3325216360,3325216363,GB 3325216364,3325216367,CA -3325216368,3325216375,US -3325216376,3325216447,CA +3325216368,3325216383,US +3325216384,3325216399,CA +3325216400,3325216415,BR +3325216416,3325216447,CA 3325216448,3325216463,FR 3325216464,3325216527,CA 3325216528,3325216531,US @@ -118080,7 +119600,9 @@ 3325219468,3325219475,US 3325219476,3325219503,CA 3325219504,3325219511,VG -3325219512,3325219535,CA +3325219512,3325219515,CA +3325219516,3325219519,BR +3325219520,3325219535,CA 3325219536,3325219551,PK 3325219552,3325219583,CA 3325219584,3325219599,US @@ -118098,7 +119620,8 @@ 3325219808,3325219811,US 3325219812,3325219839,CA 3325219840,3325219871,TN -3325219872,3325219919,CA +3325219872,3325219875,BR +3325219876,3325219919,CA 3325219920,3325219931,US 3325219932,3325219935,CA 3325219936,3325219951,US @@ -118120,7 +119643,7 @@ 3325220408,3325220411,US 3325220412,3325220415,BZ 3325220416,3325220511,CA -3325220512,3325220519,PL +3325220512,3325220519,BR 3325220520,3325220579,CA 3325220580,3325220583,BZ 3325220584,3325220587,US @@ -118140,7 +119663,9 @@ 3325220896,3325220927,FR 3325220928,3325220959,CA 3325220960,3325220967,EC -3325220968,3325221043,CA +3325220968,3325220975,CA +3325220976,3325220983,MX +3325220984,3325221043,CA 3325221044,3325221047,CL 3325221048,3325221055,CA 3325221056,3325221119,BR @@ -118151,28 +119676,34 @@ 3325221264,3325221279,TW 3325221280,3325221295,CA 3325221296,3325221299,US -3325221300,3325221439,CA +3325221300,3325221307,CA +3325221308,3325221311,VE +3325221312,3325221439,CA 3325221440,3325221443,PE 3325221444,3325221451,CA 3325221452,3325221455,US 3325221456,3325221467,CA 3325221468,3325221471,FR 3325221472,3325221567,CA -3325221568,3325221599,US +3325221568,3325221575,MX +3325221576,3325221583,CA +3325221584,3325221599,US 3325221600,3325221615,CA 3325221616,3325221623,GB 3325221624,3325221727,CA 3325221728,3325221731,US -3325221732,3325221751,CA +3325221732,3325221739,CA +3325221740,3325221743,BR +3325221744,3325221751,CA 3325221752,3325221755,IN 3325221756,3325221779,CA 3325221780,3325221783,US 3325221784,3325221787,BR -3325221788,3325221795,CA -3325221796,3325221807,US -3325221808,3325221819,CA -3325221820,3325221823,US -3325221824,3325221831,CA +3325221788,3325221791,VN +3325221792,3325221795,CA +3325221796,3325221799,US +3325221800,3325221807,BR +3325221808,3325221831,CA 3325221832,3325221839,BG 3325221840,3325221851,CA 3325221852,3325221855,BZ @@ -118195,8 +119726,10 @@ 3325222392,3325222395,BR 3325222396,3325222399,FR 3325222400,3325222463,US -3325222464,3325222535,CA -3325222536,3325222559,US +3325222464,3325222479,CA +3325222480,3325222483,US +3325222484,3325222543,CA +3325222544,3325222559,ID 3325222560,3325222567,CA 3325222568,3325222571,US 3325222572,3325222575,LK @@ -118211,7 +119744,8 @@ 3325222668,3325222671,MX 3325222672,3325222687,CA 3325222688,3325222703,GB -3325222704,3325222735,CA +3325222704,3325222719,CA +3325222720,3325222735,AU 3325222736,3325222751,US 3325222752,3325222783,MX 3325222784,3325222843,CA @@ -118219,7 +119753,7 @@ 3325222848,3325222851,CA 3325222852,3325222855,BZ 3325222856,3325222947,CA -3325222948,3325222951,US +3325222948,3325222951,AE 3325222952,3325222963,CA 3325222964,3325222967,VE 3325222968,3325222983,CA @@ -118246,20 +119780,23 @@ 3325223304,3325223311,RO 3325223312,3325223335,CA 3325223336,3325223343,US -3325223344,3325223375,CA +3325223344,3325223347,CA +3325223348,3325223351,IN +3325223352,3325223355,MX +3325223356,3325223375,CA 3325223376,3325223391,US 3325223392,3325223399,CA 3325223400,3325223407,US 3325223408,3325223427,CA 3325223428,3325223431,US 3325223432,3325223463,CA -3325223464,3325223471,PL +3325223464,3325223471,US 3325223472,3325223535,CA 3325223536,3325223551,AT 3325223552,3325223583,IE 3325223584,3325223619,CA -3325223620,3325223623,BR -3325223624,3325223643,CA +3325223620,3325223631,BR +3325223632,3325223643,CA 3325223644,3325223647,CZ 3325223648,3325223663,DE 3325223664,3325223723,CA @@ -118273,13 +119810,11 @@ 3325223856,3325223871,AU 3325223872,3325223907,CA 3325223908,3325223911,VE -3325223912,3325223915,US -3325223916,3325223919,CA +3325223912,3325223919,CA 3325223920,3325223935,BR 3325223936,3325223967,CA 3325223968,3325223991,US -3325223992,3325223995,FR -3325223996,3325224031,CA +3325223992,3325224031,CA 3325224032,3325224039,US 3325224040,3325224043,CO 3325224044,3325224047,CA @@ -118300,7 +119835,9 @@ 3325224392,3325224399,CA 3325224400,3325224415,AU 3325224416,3325224419,US -3325224420,3325224551,CA +3325224420,3325224479,CA +3325224480,3325224511,US +3325224512,3325224551,CA 3325224552,3325224559,BR 3325224560,3325224647,CA 3325224648,3325224651,IN @@ -118316,9 +119853,9 @@ 3325224736,3325224751,LK 3325224752,3325224767,CA 3325224768,3325224783,FR -3325224784,3325224787,CA -3325224788,3325224791,FR -3325224792,3325224807,CA +3325224784,3325224795,CA +3325224796,3325224799,HR +3325224800,3325224807,CA 3325224808,3325224815,GB 3325224816,3325224823,FR 3325224824,3325224831,CA @@ -118349,8 +119886,7 @@ 3325225316,3325225319,ES 3325225320,3325225367,CA 3325225368,3325225371,US -3325225372,3325225375,IN -3325225376,3325225407,CA +3325225372,3325225407,CA 3325225408,3325225411,IN 3325225412,3325225415,CA 3325225416,3325225419,AU @@ -118372,14 +119908,14 @@ 3325225736,3325225743,US 3325225744,3325225775,CA 3325225776,3325225783,US -3325225784,3325225787,TR -3325225788,3325225799,CA +3325225784,3325225799,CA 3325225800,3325225807,IN 3325225808,3325225819,CA 3325225820,3325225823,US 3325225824,3325225899,CA 3325225900,3325225911,CY -3325225912,3325225919,CA +3325225912,3325225915,CA +3325225916,3325225919,BR 3325225920,3325225923,EG 3325225924,3325225943,CA 3325225944,3325225951,PL @@ -118392,7 +119928,11 @@ 3325226072,3325226075,BR 3325226076,3325226087,CA 3325226088,3325226091,EC -3325226092,3325226179,CA +3325226092,3325226095,CA +3325226096,3325226099,PL +3325226100,3325226159,CA +3325226160,3325226167,FR +3325226168,3325226179,CA 3325226180,3325226183,BR 3325226184,3325226187,US 3325226188,3325226239,CA @@ -118401,13 +119941,19 @@ 3325226288,3325226303,GB 3325226304,3325226307,CA 3325226308,3325226311,FR -3325226312,3325226343,CA +3325226312,3325226315,DE +3325226316,3325226343,CA 3325226344,3325226347,IN -3325226348,3325226495,CA +3325226348,3325226439,CA +3325226440,3325226443,VN +3325226444,3325226495,CA 3325226496,3325227007,US 3325227008,3325227039,CA 3325227040,3325227071,BR -3325227072,3325227107,CA +3325227072,3325227087,US +3325227088,3325227099,CA +3325227100,3325227103,US +3325227104,3325227107,CA 3325227108,3325227111,AR 3325227112,3325227119,US 3325227120,3325227223,CA @@ -118464,9 +120010,7 @@ 3325228616,3325228623,US 3325228624,3325228675,CA 3325228676,3325228683,US -3325228684,3325228695,CA -3325228696,3325228703,FR -3325228704,3325228735,CA +3325228684,3325228735,CA 3325228736,3325228739,FR 3325228740,3325228783,CA 3325228784,3325228787,US @@ -118474,9 +120018,8 @@ 3325228808,3325228815,PL 3325228816,3325228823,CA 3325228824,3325228831,BR -3325228832,3325228871,CA -3325228872,3325228875,US -3325228876,3325228931,CA +3325228832,3325228863,US +3325228864,3325228931,CA 3325228932,3325228935,LU 3325228936,3325228991,CA 3325228992,3325229007,BR @@ -118484,8 +120027,7 @@ 3325229072,3325229079,IN 3325229080,3325229083,CA 3325229084,3325229087,US -3325229088,3325229167,CA -3325229168,3325229175,PL +3325229088,3325229175,CA 3325229176,3325229183,IN 3325229184,3325229247,US 3325229248,3325229255,CA @@ -118497,11 +120039,10 @@ 3325229328,3325229331,US 3325229332,3325229351,CA 3325229352,3325229359,BR -3325229360,3325229363,CA -3325229364,3325229367,US -3325229368,3325229411,CA +3325229360,3325229411,CA 3325229412,3325229415,RU -3325229416,3325229471,CA +3325229416,3325229463,CA +3325229464,3325229471,BR 3325229472,3325229487,US 3325229488,3325229499,CA 3325229500,3325229503,IN @@ -118531,7 +120072,7 @@ 3325229956,3325229959,US 3325229960,3325229975,CA 3325229976,3325229979,IN -3325229980,3325229983,US +3325229980,3325229983,BR 3325229984,3325229991,CA 3325229992,3325229999,IN 3325230000,3325230007,CA @@ -118545,7 +120086,7 @@ 3325230096,3325230103,CA 3325230104,3325230111,US 3325230112,3325230119,CA -3325230120,3325230123,US +3325230120,3325230123,MA 3325230124,3325230127,CL 3325230128,3325230135,CA 3325230136,3325230143,FR @@ -118567,10 +120108,12 @@ 3325230716,3325230751,US 3325230752,3325230779,CA 3325230780,3325230783,BR -3325230784,3325230975,CA -3325230976,3325230991,US +3325230784,3325230983,CA +3325230984,3325230991,US 3325230992,3325231007,FR -3325231008,3325231095,CA +3325231008,3325231071,CA +3325231072,3325231079,US +3325231080,3325231095,CA 3325231096,3325231099,US 3325231100,3325231103,BR 3325231104,3325232127,US @@ -119579,7 +121122,9 @@ 3337961664,3337961671,CA 3337961672,3337962623,US 3337962624,3337962751,CA -3337962752,3337963639,US +3337962752,3337962799,US +3337962800,3337962807,GB +3337962808,3337963639,US 3337963640,3337963647,CA 3337963648,3337963775,US 3337963776,3337963783,AZ @@ -120019,8 +121564,7 @@ 3340085248,3340086271,US 3340087296,3340088319,US 3340088320,3340089343,CA -3340089344,3340090367,US -3340091392,3340097535,US +3340089344,3340097535,US 3340097536,3340098559,CA 3340098560,3340107775,US 3340107776,3340369919,CA @@ -120241,8 +121785,8 @@ 3341535040,3341535047,MA 3341535048,3341535055,GH 3341535056,3341535151,US -3341535152,3341535171,CN -3341535172,3341535183,US +3341535152,3341535167,CN +3341535168,3341535183,US 3341535184,3341535187,ID 3341535188,3341535195,US 3341535196,3341535199,SA @@ -120399,7 +121943,6 @@ 3342831104,3342831359,IN 3342831360,3342878967,US 3342878976,3342879231,US -3342879232,3342879487,BE 3342879488,3342879551,NL 3342879568,3342879743,NL 3342879744,3342979587,US @@ -120537,9 +122080,7 @@ 3343656512,3343656575,VI 3343656576,3343656703,US 3343656704,3343656959,VI -3343656960,3343747583,US -3343747584,3343748095,VE -3343748096,3343858687,US +3343656960,3343858687,US 3343858688,3343859199,VG 3343859200,3343922975,US 3343922976,3343923007,PA @@ -120601,9 +122142,19 @@ 3344381224,3344381255,US 3344381256,3344381263,CA 3344381264,3344381271,MX -3344381272,3344406527,US +3344381272,3344381887,US +3344381888,3344381893,ES +3344381894,3344406527,US 3344406528,3344408575,CA -3344408576,3344415679,US +3344408576,3344411135,US +3344411136,3344411151,BM +3344411152,3344411295,US +3344411296,3344411327,BM +3344411328,3344411519,US +3344411520,3344411535,BM +3344411536,3344411631,US +3344411632,3344411647,BM +3344411648,3344415679,US 3344415680,3344415743,AR 3344415744,3344429055,US 3344429056,3344429343,CA @@ -120667,9 +122218,7 @@ 3344964608,3344965631,CA 3344965632,3344973823,US 3344973824,3344974847,BM -3344974848,3344978207,US -3344978208,3344978215,BD -3344978216,3344979967,US +3344974848,3344979967,US 3344979968,3344982015,CA 3344982016,3345007615,US 3345007616,3345008639,CA @@ -120695,7 +122244,7 @@ 3345332288,3345332295,GH 3345332296,3345332303,PK 3345332304,3345332311,US -3345332312,3345332319,BR +3345332312,3345332319,LK 3345332320,3345332327,PT 3345332328,3345332339,US 3345332340,3345332343,GH @@ -120703,18 +122252,18 @@ 3345332348,3345332351,CY 3345332352,3345332375,US 3345332376,3345332383,CA -3345332384,3345332399,US -3345332400,3345332403,BR +3345332384,3345332403,US 3345332404,3345332407,GH 3345332408,3345332411,ID 3345332412,3345332423,US 3345332424,3345332431,MY 3345332432,3345332435,VN 3345332436,3345332439,GB -3345332440,3345332455,US +3345332440,3345332451,US +3345332452,3345332455,IN 3345332456,3345332459,GH 3345332460,3345332463,US -3345332464,3345332471,BR +3345332464,3345332471,VN 3345332472,3345332487,US 3345332488,3345332495,AU 3345332496,3345332503,CA @@ -120829,7 +122378,8 @@ 3345409950,3345410032,US 3345410033,3345410036,GB 3345410037,3345412095,US -3345414144,3345418239,US +3345412096,3345413119,CA +3345413120,3345418239,US 3345418240,3345419519,NL 3345419520,3345422847,US 3345423360,3345424383,TC @@ -121230,7 +122780,7 @@ 3350836268,3350836275,IN 3350836276,3350836279,ZA 3350836280,3350836283,CA -3350836284,3350836991,US +3350836736,3350836991,US 3350836992,3350837247,CA 3350837248,3350837759,US 3350837760,3350843391,CA @@ -121439,8 +122989,7 @@ 3351197752,3351197759,PT 3351197760,3351197775,US 3351197776,3351197783,BR -3351197784,3351197787,US -3351197788,3351197791,GT +3351197784,3351197791,US 3351197792,3351197795,IN 3351197796,3351197803,BR 3351197804,3351197807,AE @@ -121452,7 +123001,7 @@ 3351197844,3351197847,CN 3351197848,3351197859,US 3351197860,3351197863,CY -3351197864,3351197867,VN +3351197864,3351197867,US 3351197868,3351197871,CY 3351197872,3351197879,US 3351197880,3351197887,GH @@ -121485,8 +123034,7 @@ 3351198176,3351198179,BD 3351198180,3351198183,US 3351198184,3351198191,GH -3351198192,3351198195,CN -3351198196,3351198207,US +3351198192,3351198207,US 3351198208,3351198215,VN 3351198216,3351198223,AE 3351198224,3351198231,US @@ -121515,7 +123063,7 @@ 3351198412,3351198415,GB 3351198416,3351198423,GT 3351198424,3351198427,RO -3351198428,3351198431,US +3351198428,3351198431,BR 3351198432,3351198439,IN 3351198440,3351198447,US 3351198448,3351198463,JO @@ -121850,9 +123398,15 @@ 3352916535,3352916541,BR 3352916542,3352916542,US 3352916543,3352916557,BR -3352916558,3352916566,US +3352916558,3352916561,US +3352916562,3352916562,GB +3352916563,3352916564,BR +3352916565,3352916566,US 3352916567,3352916584,BR -3352916585,3352916607,US +3352916585,3352916586,US +3352916587,3352916592,BR +3352916593,3352916593,AE +3352916594,3352916607,US 3352916608,3352916615,BR 3352916616,3352916619,US 3352916620,3352916635,BR @@ -121862,7 +123416,9 @@ 3352916640,3352916640,BR 3352916641,3352916648,US 3352916649,3352916689,BR -3352916690,3352918015,US +3352916690,3352916690,US +3352916691,3352916694,BR +3352916695,3352918015,US 3352918016,3352919039,CA 3352919040,3353335303,US 3353335304,3353335309,NL @@ -122080,7 +123636,9 @@ 3354507300,3354507303,US 3354507304,3354507307,IN 3354507308,3354507315,BR -3354507316,3354507327,US +3354507316,3354507319,US +3354507320,3354507323,PK +3354507324,3354507327,US 3354507328,3354507335,RU 3354507336,3354507343,US 3354507344,3354507347,BR @@ -122106,8 +123664,7 @@ 3354507472,3354507475,MY 3354507476,3354507479,CY 3354507480,3354507483,BR -3354507484,3354507507,US -3354507508,3354507511,PK +3354507484,3354507511,US 3354507512,3354507519,MA 3354507520,3354507535,US 3354507536,3354507539,ID @@ -122182,7 +123739,7 @@ 3354508036,3354508039,BR 3354508040,3354508043,US 3354508044,3354508047,DK -3354508048,3354508051,US +3354508048,3354508051,BR 3354508052,3354508055,VN 3354508056,3354508059,AU 3354508060,3354508063,BR @@ -122239,8 +123796,7 @@ 3354508360,3354508367,AU 3354508368,3354508375,BD 3354508376,3354508383,MA -3354508384,3354508391,US -3354508392,3354508395,BR +3354508384,3354508395,US 3354508396,3354508399,VN 3354508400,3354508423,US 3354508424,3354508431,MD @@ -122250,8 +123806,7 @@ 3354508456,3354508487,US 3354508488,3354508491,VN 3354508492,3354508495,CY -3354508496,3354508515,US -3354508516,3354508519,VN +3354508496,3354508519,US 3354508520,3354508527,IN 3354508528,3354508535,AE 3354508536,3354508543,BD @@ -122303,7 +123858,7 @@ 3354509280,3354509283,AU 3354509284,3354509287,GH 3354509288,3354509291,CY -3354509292,3354509295,US +3354509292,3354509295,IN 3354509296,3354509299,CA 3354509300,3354509391,US 3354509392,3354509399,CN @@ -122373,8 +123928,8 @@ 3355012608,3355017215,CA 3355017216,3355052287,US 3355052288,3355052543,AU -3355052544,3355053311,CA -3355053312,3355249151,US +3355052544,3355053055,CA +3355053056,3355249151,US 3355249152,3355249663,CA 3355249664,3355260927,US 3355260928,3355262719,CA @@ -122532,7 +124087,9 @@ 3355538432,3355539199,AR 3355539200,3355539455,VE 3355539456,3355540479,CL -3355540480,3355541503,CO +3355540480,3355540735,CO +3355540736,3355540991,BR +3355540992,3355541503,CO 3355541504,3355545599,CL 3355545600,3355547647,VE 3355547648,3355547903,NI @@ -122572,8 +124129,8 @@ 3355643904,3355647999,BR 3355648000,3355668991,AR 3355668992,3355669247,PE -3355669248,3355670015,AR -3355670016,3355670527,VE +3355669248,3355669503,AR +3355669504,3355670527,VE 3355670528,3355672575,AR 3355672576,3355677183,CO 3355677184,3355677439,GT @@ -122650,7 +124207,8 @@ 3355928064,3355928575,CA 3355928576,3355929087,GB 3355929088,3355929599,US -3355929600,3355930623,PA +3355929600,3355930367,PA +3355930368,3355930623,HK 3355930624,3355934719,BR 3355934720,3355939839,AR 3355939840,3355940863,SR @@ -122664,6 +124222,7 @@ 3356033792,3356034047,CL 3356034048,3356035071,PY 3356035072,3356037119,MX +3356037120,3356041215,BR 3356041216,3356049407,CR 3356049408,3356049663,CL 3356049664,3356051455,BR @@ -122726,8 +124285,7 @@ 3356089088,3356089343,AR 3356089344,3356090623,BR 3356090624,3356090879,CL -3356090880,3356091135,PE -3356091136,3356091391,AR +3356090880,3356091391,AR 3356091392,3356091647,CL 3356091648,3356091903,AR 3356091904,3356093183,CL @@ -122747,11 +124305,7 @@ 3356102400,3356102655,PA 3356102656,3356105727,CL 3356105728,3356106751,SV -3356106752,3356106975,HN -3356106976,3356107007,FR -3356107008,3356108511,HN -3356108512,3356108519,US -3356108520,3356110495,HN +3356106752,3356110495,HN 3356110496,3356110503,US 3356110504,3356110847,HN 3356110848,3356113919,BR @@ -122907,9 +124461,7 @@ 3356334080,3356336127,BO 3356336128,3356336895,SV 3356336896,3356337151,HN -3356337152,3356337663,SV -3356337664,3356337919,HN -3356337920,3356344319,SV +3356337152,3356344319,SV 3356344320,3356360703,CO 3356360704,3356362751,CL 3356362752,3356363519,VE @@ -122938,7 +124490,11 @@ 3356391168,3356391423,PA 3356393472,3356413567,CL 3356413568,3356413823,CO -3356413824,3356421119,CL +3356413824,3356420287,CL +3356420288,3356420351,CO +3356420352,3356420863,CL +3356420864,3356420991,CO +3356420992,3356421119,CL 3356421120,3356421247,CO 3356421248,3356426239,CL 3356426240,3356427263,BR @@ -123050,13 +124606,9 @@ 3357424640,3357425663,CL 3357425664,3357442047,CO 3357442048,3357442303,NI -3357442304,3357448311,GT -3357448312,3357448319,SV -3357448320,3357449471,GT +3357442304,3357449471,GT 3357449472,3357449727,HN -3357449728,3357452287,GT -3357452288,3357452543,HN -3357452544,3357453311,GT +3357449728,3357453311,GT 3357453312,3357453567,HN 3357453568,3357455871,GT 3357455872,3357456127,NI @@ -123064,15 +124616,15 @@ 3357457920,3357458431,HN 3357458432,3357474815,CL 3357474816,3357475071,US -3357475072,3357476351,AR -3357476352,3357476607,EC -3357476608,3357476863,AR +3357475072,3357476863,AR 3357476864,3357477375,EC -3357477376,3357478473,AR -3357478474,3357478474,CO -3357478475,3357480423,AR +3357477376,3357477887,AR +3357477888,3357478911,CO +3357478912,3357480423,AR 3357480424,3357480427,CO -3357480428,3357482865,AR +3357480428,3357482591,AR +3357482592,3357482623,EC +3357482624,3357482865,AR 3357482866,3357482866,EC 3357482867,3357483007,AR 3357483008,3357491199,CL @@ -123081,11 +124633,13 @@ 3357507584,3357515775,VE 3357515776,3357523967,SV 3357523968,3357532159,CO -3357532160,3357561167,AR -3357561168,3357561175,CO -3357561176,3357561199,AR +3357532160,3357556991,AR +3357556992,3357557247,MX +3357557248,3357561199,AR 3357561200,3357561215,CO -3357561216,3357581311,AR +3357561216,3357561247,AR +3357561248,3357561279,CO +3357561280,3357581311,AR 3357581312,3357589503,CL 3357589504,3357605887,BZ 3357605888,3357606911,MX @@ -123152,18 +124706,17 @@ 3358023680,3358064639,MX 3358064640,3358130175,UY 3358130176,3358131199,EC -3358131200,3358143999,AR -3358144000,3358144127,CL -3358144128,3358149735,AR -3358149736,3358149743,CO -3358149744,3358151551,AR -3358151552,3358151679,EC -3358151680,3358151807,PE -3358151808,3358154495,AR +3358131200,3358144639,AR +3358144640,3358144767,VE +3358144768,3358154495,AR 3358154496,3358154751,CL -3358154752,3358158335,AR +3358154752,3358158079,AR +3358158080,3358158207,PE +3358158208,3358158335,AR 3358158336,3358158591,PE -3358158592,3358236671,AR +3358158592,3358159871,AR +3358159872,3358160895,VE +3358160896,3358236671,AR 3358236672,3358244863,CL 3358244864,3358261247,DO 3358261248,3358326783,AR @@ -123173,26 +124726,24 @@ 3358482176,3358482431,BZ 3358482432,3358523391,PA 3358523392,3358523903,AR -3358523904,3358526463,VE -3358526464,3358526719,AR +3358523904,3358525951,VE +3358525952,3358526719,AR 3358526720,3358527487,VE 3358527488,3358530047,AR -3358530048,3358530559,VE -3358530560,3358530815,AR +3358530048,3358530303,VE +3358530304,3358530815,AR 3358530816,3358534143,VE -3358534144,3358534399,AR -3358534400,3358535167,VE +3358534144,3358534655,AR +3358534656,3358535167,VE 3358535168,3358535679,AR 3358535680,3358536447,VE 3358536448,3358536703,AR -3358536704,3358538751,VE -3358538752,3358539263,AR -3358539264,3358539775,VE -3358539776,3358541823,AR -3358541824,3358543359,VE +3358536704,3358543359,VE 3358543360,3358543615,AR -3358543616,3358545663,VE -3358545664,3358547967,AR +3358543616,3358544127,VE +3358544128,3358544383,AR +3358544384,3358545919,VE +3358545920,3358547967,AR 3358547968,3358548623,VE 3358548624,3358548639,AR 3358548640,3358550015,VE @@ -123200,10 +124751,10 @@ 3358552064,3358553087,VE 3358553088,3358553599,AR 3358553600,3358554111,VE -3358554112,3358556159,AR -3358556160,3358560255,VE -3358560256,3358562303,AR -3358562304,3358564095,VE +3358554112,3358560767,AR +3358560768,3358562303,VE +3358562304,3358563327,AR +3358563328,3358564095,VE 3358564096,3358564351,AR 3358564352,3358565375,VE 3358565376,3358566399,AR @@ -123214,7 +124765,9 @@ 3358570496,3358578687,AR 3358578688,3358579711,CO 3358579712,3358580735,VE -3358580736,3358587903,AR +3358580736,3358584831,AR +3358584832,3358586879,VE +3358586880,3358587903,AR 3358587904,3358588927,VE 3358588928,3358654463,PE 3358654464,3358658559,AR @@ -123318,6 +124871,7 @@ 3360014336,3360096255,AR 3360096256,3360104447,UY 3360104448,3360112639,CO +3360112640,3360116735,BR 3360116736,3360118783,BO 3360118784,3360120831,AR 3360124928,3360125439,US @@ -123379,7 +124933,9 @@ 3361030144,3361034239,VE 3361034240,3361036287,EC 3361036288,3361046527,AR -3361046528,3361052671,BO +3361046528,3361048575,BO +3361048576,3361049599,AR +3361049600,3361052671,BO 3361052672,3361054463,AR 3361054464,3361054719,PE 3361054720,3361058815,NI @@ -123431,6 +124987,7 @@ 3362357248,3362381823,BO 3362381824,3362390015,EC 3362390016,3362422783,PE +3362426880,3362428927,BR 3362428928,3362430975,CL 3362430976,3362447359,CO 3362447360,3362448383,SV @@ -123465,9 +125022,7 @@ 3362545664,3362549759,PE 3362549760,3362552575,AR 3362552576,3362552591,MX -3362552592,3362553791,AR -3362553792,3362553807,VI -3362553808,3362553855,AR +3362552592,3362553855,AR 3362553856,3362557951,PY 3362557952,3362562047,AR 3362570240,3362586623,UY @@ -123534,7 +125089,9 @@ 3363471360,3363487743,CR 3363487744,3363504127,CO 3363504128,3363512319,PE -3363512320,3363554175,AR +3363512320,3363553919,AR +3363553920,3363554047,US +3363554048,3363554175,AR 3363554176,3363554303,US 3363554304,3363557375,AR 3363557376,3363559423,BZ @@ -123564,9 +125121,7 @@ 3363713280,3363714047,CL 3363714048,3363715839,PE 3363715840,3363716095,CL -3363716096,3363716607,PE -3363716608,3363716863,AR -3363716864,3363717119,PE +3363716096,3363717119,PE 3363717120,3363733503,CL 3363733504,3363831807,AR 3363831808,3367763967,BR @@ -123602,15 +125157,14 @@ 3378511872,3380506879,MX 3380506880,3380507135,BR 3380507136,3380744191,MX +3380744192,3380745215,CO 3380745216,3380746239,BR 3380746240,3380747263,PE 3380747264,3380748287,BR 3380748288,3380761087,MX 3380761088,3380761599,VE 3380761600,3380764671,BR -3380764672,3380808191,MX -3380808192,3380808703,CR -3380808704,3380811775,MX +3380764672,3380811775,MX 3380811776,3380813823,BR 3380813824,3380815103,MX 3380815104,3380815359,CR @@ -123647,6 +125201,7 @@ 3380830720,3380831231,PA 3380831232,3380831743,MX 3380831744,3380831999,AR +3380832000,3380832255,BR 3380832256,3380832767,MX 3380832768,3380833279,DO 3380833280,3380833791,MX @@ -123683,7 +125238,7 @@ 3381387264,3381448703,MX 3381448704,3381452799,BR 3381452800,3381453823,AR -3381453824,3381455871,BR +3381453824,3381456383,BR 3381456384,3381456895,US 3381456896,3381460991,BR 3381460992,3381944319,MX @@ -123692,9 +125247,7 @@ 3381947392,3381952511,BR 3381952512,3381960703,MX 3381960704,3381962751,BR -3381962752,3381962991,HN -3381962992,3381962999,FR -3381963000,3381963711,HN +3381962752,3381963711,HN 3381963712,3381963727,CA 3381963728,3381963775,HN 3381963776,3381968895,BR @@ -123864,24 +125417,18 @@ 3387570848,3387570863,PE 3387570864,3387570943,AR 3387570944,3387571071,PE -3387571072,3387571967,AR -3387571968,3387572095,PE -3387572096,3387572223,AR +3387571072,3387572223,AR 3387572224,3387576319,CO 3387576320,3387578367,EC 3387578368,3387584511,AR 3387584512,3387585535,PE 3387585536,3387600895,AR 3387600896,3387604991,CO -3387604992,3387607295,AR -3387607296,3387607423,EC -3387607424,3387609959,AR +3387604992,3387609959,AR 3387609960,3387609967,EC 3387609968,3387611007,AR 3387611008,3387611135,EC -3387611136,3387611547,AR -3387611548,3387611551,EC -3387611552,3387613811,AR +3387611136,3387613811,AR 3387613812,3387613812,VE 3387613813,3387613831,AR 3387613832,3387613839,VE @@ -124012,7 +125559,6 @@ 3389212672,3389213183,IN 3389213184,3389213439,AU 3389213440,3389213695,MY -3389213696,3389213951,US 3389213952,3389214207,IN 3389214208,3389214463,SG 3389214464,3389214719,AU @@ -124370,9 +125916,7 @@ 3389970432,3389971199,NZ 3389971200,3389971711,CN 3389971712,3389971967,AU -3389971968,3389972479,CN -3389972480,3389972735,US -3389972736,3389973503,CN +3389971968,3389973503,CN 3389973504,3389973759,NZ 3389973760,3389974271,AU 3389974272,3389974527,CN @@ -125027,7 +126571,9 @@ 3392073728,3392077823,ID 3392077824,3392079871,AU 3392079872,3392086015,JP -3392086016,3392094207,AU +3392086016,3392089599,PK +3392089600,3392089855,AU +3392089856,3392094207,PK 3392094208,3392098559,ID 3392098560,3392098815,AU 3392098816,3392099327,CN @@ -126567,7 +128113,10 @@ 3399924736,3399925759,PH 3399925760,3399933951,SG 3399933952,3399942143,CN -3399942144,3399954943,AU +3399942144,3399945983,HK +3399945984,3399946239,AU +3399946240,3399950335,HK +3399950336,3399954943,AU 3399954944,3399974911,US 3399974912,3399979007,HK 3399979008,3399982963,US @@ -127331,7 +128880,9 @@ 3406864640,3406865151,CN 3406865152,3406865663,AU 3406865664,3406865919,IN -3406865920,3406871039,AU +3406865920,3406869503,AU +3406869504,3406870527,JP +3406870528,3406871039,AU 3406871040,3406871551,CN 3406871552,3406881791,AU 3406881792,3406882047,CN @@ -127616,7 +129167,9 @@ 3407282176,3407282431,CN 3407282688,3407294207,AU 3407294208,3407294463,CN -3407294464,3407300863,AU +3407294464,3407297791,AU +3407297792,3407298559,CN +3407298560,3407300863,AU 3407300864,3407301119,CN 3407301120,3407303935,AU 3407303936,3407304191,CN @@ -128535,7 +130088,9 @@ 3410959360,3410959615,VN 3410959616,3410959871,ID 3410959872,3410960383,AU -3410960384,3410964479,GB +3410960384,3410960447,GB +3410960448,3410960463,SG +3410960464,3410964479,GB 3410964480,3410968575,JP 3410968576,3410984959,NZ 3410984960,3411017727,TW @@ -129482,7 +131037,9 @@ 3416514560,3416522751,IN 3416522752,3416588287,AU 3416588288,3416653823,JP -3416653824,3416686591,AU +3416653824,3416667135,AU +3416667136,3416668159,US +3416668160,3416686591,AU 3416686592,3416694783,SG 3416694784,3416702975,CN 3416702976,3416707071,ID @@ -129687,7 +131244,6 @@ 3418162688,3418163199,CN 3418163200,3418165247,PH 3418165248,3418167295,MY -3418167296,3418167551,IN 3418167552,3418167807,AU 3418167808,3418168319,HK 3418168320,3418169343,VN @@ -129762,7 +131318,8 @@ 3418304512,3418306559,VN 3418306560,3418308607,IN 3418308608,3418324991,CN -3418324992,3418326271,AU +3418324992,3418326015,VU +3418326016,3418326271,AU 3418326272,3418326527,CN 3418326528,3418327039,PH 3418327040,3418329087,JP @@ -130019,7 +131576,9 @@ 3423092848,3423093759,VI 3423093760,3423094783,US 3423094784,3423095807,CA -3423095808,3423131647,US +3423095808,3423128575,US +3423129088,3423129343,NG +3423129600,3423131647,US 3423131648,3423133695,PL 3423133696,3423135999,US 3423136000,3423136255,CA @@ -130052,7 +131611,9 @@ 3423366496,3423371263,US 3423371264,3423375359,ZA 3423375360,3423379455,CA -3423379456,3423416319,US +3423379456,3423410175,US +3423410176,3423412223,BM +3423412224,3423416319,US 3423416320,3423417343,CA 3423417344,3423430655,US 3423430656,3423431679,TC @@ -130858,7 +132419,9 @@ 3438542848,3438608383,CA 3438608384,3438610125,US 3438610126,3438610126,DE -3438610127,3438610325,US +3438610127,3438610169,US +3438610170,3438610170,PL +3438610171,3438610325,US 3438610326,3438610326,GB 3438610327,3438610408,US 3438610409,3438610410,GB @@ -132283,7 +133846,8 @@ 3466489856,3466490111,CA 3466490112,3466558207,US 3466558208,3466558463,EC -3466558464,3466756095,US +3466558464,3466717445,US +3466717450,3466756095,US 3466756096,3466772479,CA 3466772480,3466846207,US 3466846208,3466854399,CA @@ -132660,7 +134224,10 @@ 3471570944,3471572991,CA 3471572992,3472249343,US 3472249344,3472249599,CA -3472249600,3472375807,US +3472249600,3472257599,US +3472257600,3472257631,MX +3472257632,3472257663,MY +3472257664,3472375807,US 3472375808,3472392191,PR 3472392192,3472408575,CA 3472408576,3472678911,US @@ -133126,7 +134693,9 @@ 3482910720,3482927103,CA 3482927104,3483025407,US 3483025408,3483041791,DE -3483041792,3483435007,US +3483041792,3483296004,US +3483296005,3483296005,BE +3483296006,3483435007,US 3483435008,3483533311,CA 3483533312,3483631615,US 3483631616,3483697151,CA @@ -133655,11 +135224,15 @@ 3492866048,3492868095,GB 3492868096,3492877954,US 3492877955,3492877955,CA -3492877956,3492894015,US +3492877956,3492880745,US +3492880746,3492880746,ES +3492880747,3492894015,US 3492894016,3492894207,GB 3492894208,3492896767,US 3492896768,3492897791,GB -3492897792,3492906495,US +3492897792,3492904217,US +3492904218,3492904218,AT +3492904219,3492906495,US 3492906752,3492909989,US 3492909990,3492909990,DE 3492909991,3492912127,US @@ -133707,8 +135280,7 @@ 3493140224,3493140479,DE 3493140480,3493244927,US 3493244928,3493249023,PR -3493249024,3493863423,US -3493864448,3493866495,US +3493249024,3493866495,US 3493866496,3493867519,VG 3493867520,3493881855,US 3493881856,3493882879,CA @@ -133776,7 +135348,9 @@ 3494192384,3494192639,JP 3494192640,3494197247,US 3494197248,3494198271,CA -3494198272,3494244351,US +3494198272,3494211583,US +3494211584,3494212607,NL +3494212608,3494244351,US 3494244352,3494246399,CA 3494246400,3494247423,US 3494247424,3494250495,CA @@ -133846,9 +135420,7 @@ 3494627328,3494628351,BM 3494628352,3494651903,US 3494651904,3494652927,CA -3494652928,3494655359,US -3494655360,3494655423,GB -3494655424,3494655743,US +3494652928,3494655743,US 3494655744,3494655759,GB 3494655760,3494660095,US 3494660096,3494661119,CA @@ -134033,7 +135605,9 @@ 3495749632,3495749856,CA 3495749857,3495749861,RU 3495749862,3495750655,CA -3495750656,3495815167,US +3495750656,3495758335,US +3495758336,3495758847,CA +3495758848,3495815167,US 3495815168,3495817215,CA 3495817216,3495828479,US 3495828480,3495829503,CA @@ -134285,7 +135859,9 @@ 3507012608,3507012639,GR 3507012640,3507025407,US 3507025408,3507025663,IQ -3507025664,3507054591,US +3507025664,3507037183,US +3507037184,3507037439,DE +3507037440,3507054591,US 3507054592,3507055615,CN 3507055616,3507055903,US 3507055904,3507055911,HK @@ -135202,7 +136778,8 @@ 3520937984,3520954367,CA 3520954368,3520994815,US 3520994816,3520995071,GB -3520995072,3520999423,US +3520995072,3520995135,JP +3520995136,3520999423,US 3520999424,3521003519,CA 3521003520,3521028095,US 3521028096,3521032191,CA @@ -135429,7 +137006,8 @@ 3524282368,3524288511,IN 3524288512,3524289535,HK 3524289536,3524290559,IN -3524290560,3524291583,CN +3524290560,3524291327,CN +3524291328,3524291583,TW 3524291584,3524294655,IN 3524294656,3524295679,SG 3524295680,3524296703,MY @@ -136018,9 +137596,15 @@ 3558244352,3558252543,IT 3558252544,3558260735,KE 3558260736,3558268927,UA -3558268928,3558275839,GI +3558268928,3558269439,GB +3558269440,3558269695,GI +3558269696,3558270167,GB +3558270168,3558270168,GI +3558270169,3558270463,GB +3558270464,3558275839,GI 3558275840,3558276095,HK -3558276096,3558277119,GI +3558276096,3558276351,GB +3558276352,3558277119,GI 3558277120,3558285951,GB 3558285952,3558286079,DE 3558286080,3558286591,GB @@ -136176,8 +137760,8 @@ 3559164160,3559178239,GB 3559178240,3559186431,LB 3559186432,3559194623,RU -3559194624,3559197535,SE -3559197536,3559197567,FI +3559194624,3559197551,SE +3559197552,3559197567,FI 3559197568,3559200143,SE 3559200144,3559200151,FI 3559200152,3559200255,SE @@ -137081,7 +138665,7 @@ 3560943196,3560943197,IT 3560943198,3560943198,DE 3560943199,3560943199,PT -3560943200,3560943200,AT +3560943200,3560943200,DE 3560943201,3560943201,IT 3560943202,3560943202,IL 3560943203,3560943204,DE @@ -137706,50 +139290,50 @@ 3560944880,3560944883,DE 3560944884,3560944887,ES 3560944888,3560944891,CH -3560944892,3560944895,DE -3560944896,3560944899,TW +3560944892,3560944899,DE 3560944900,3560944903,SG 3560944904,3560944907,MY -3560944908,3560944919,SG -3560944920,3560944923,MY +3560944908,3560944915,DE +3560944916,3560944919,SG +3560944920,3560944923,DE 3560944924,3560944927,CN -3560944928,3560944931,MY +3560944928,3560944931,DE 3560944932,3560944935,SG 3560944936,3560944943,CN 3560944944,3560944947,MY -3560944948,3560944951,SG -3560944952,3560944955,TW +3560944948,3560944955,DE 3560944956,3560944959,SG -3560944960,3560944963,IN +3560944960,3560944963,DE 3560944964,3560944967,MY 3560944968,3560944971,SG 3560944972,3560944975,CN -3560944976,3560944987,IN +3560944976,3560944979,IN +3560944980,3560944983,DE +3560944984,3560944987,IN 3560944988,3560944991,SG 3560944992,3560944995,MY 3560944996,3560944999,SG 3560945000,3560945003,MY -3560945004,3560945007,IN +3560945004,3560945007,DE 3560945008,3560945011,SG -3560945012,3560945015,DE -3560945016,3560945027,IN +3560945012,3560945019,DE +3560945020,3560945023,IN +3560945024,3560945027,DE 3560945028,3560945031,MY 3560945032,3560945035,IN 3560945036,3560945039,CN 3560945040,3560945043,SG 3560945044,3560945047,TW -3560945048,3560945059,IN +3560945048,3560945059,DE 3560945060,3560945063,SG 3560945064,3560945067,MY 3560945068,3560945075,IN -3560945076,3560945083,CN -3560945084,3560945087,IN -3560945088,3560945091,DE +3560945076,3560945091,DE 3560945092,3560945095,SG 3560945096,3560945099,CN 3560945100,3560945103,SG 3560945104,3560945107,MY -3560945108,3560945111,TW +3560945108,3560945111,DE 3560945112,3560945115,SG 3560945116,3560945119,IN 3560945120,3560945123,CN @@ -137759,31 +139343,24 @@ 3560945140,3560945143,SG 3560945144,3560945147,IN 3560945148,3560945151,SG -3560945152,3560945153,DE -3560945154,3560945156,AU -3560945157,3560945157,NZ -3560945158,3560945167,AU -3560945168,3560945168,DE -3560945169,3560945169,AU -3560945170,3560945191,DE -3560945192,3560945192,AU -3560945193,3560945194,DE -3560945195,3560945195,AU -3560945196,3560945204,DE -3560945205,3560945205,AU -3560945206,3560945206,IN -3560945207,3560945209,AU -3560945210,3560945227,DE -3560945228,3560945231,IN -3560945232,3560945267,DE -3560945268,3560945271,AU -3560945272,3560945275,DE -3560945276,3560945279,AU -3560945280,3560945355,JP +3560945152,3560945279,DE +3560945280,3560945295,JP +3560945296,3560945299,DE +3560945300,3560945311,JP +3560945312,3560945315,DE +3560945316,3560945323,JP +3560945324,3560945327,DE +3560945328,3560945331,JP +3560945332,3560945335,DE +3560945336,3560945339,JP +3560945340,3560945343,DE +3560945344,3560945351,JP +3560945352,3560945355,DE 3560945356,3560945359,TH -3560945360,3560945403,JP -3560945404,3560945407,TH -3560945408,3560945409,DE +3560945360,3560945379,JP +3560945380,3560945387,DE +3560945388,3560945403,JP +3560945404,3560945409,DE 3560945410,3560945410,MY 3560945411,3560945411,TW 3560945412,3560945412,CN @@ -137855,23 +139432,21 @@ 3560945503,3560945539,DE 3560945540,3560945543,SG 3560945544,3560945551,IN -3560945552,3560945555,DE -3560945556,3560945559,IN -3560945560,3560945563,DE +3560945552,3560945563,DE 3560945564,3560945567,SG -3560945568,3560945571,DE -3560945572,3560945575,IN +3560945568,3560945575,DE 3560945576,3560945579,SG 3560945580,3560945583,MY 3560945584,3560945587,SG 3560945588,3560945591,TW -3560945592,3560945603,SG -3560945604,3560945607,US -3560945608,3560945611,IN +3560945592,3560945595,SG +3560945596,3560945599,DE +3560945600,3560945603,SG +3560945604,3560945611,DE 3560945612,3560945619,SG 3560945620,3560945627,CN 3560945628,3560945635,SG -3560945636,3560945639,CN +3560945636,3560945639,DE 3560945640,3560945643,SG 3560945644,3560945647,MY 3560945648,3560945651,IN @@ -138177,13 +139752,32 @@ 3560947436,3560947439,DE 3560947440,3560947443,BR 3560947444,3560947455,US -3560947456,3560947495,JP -3560947496,3560947499,KR -3560947500,3560947663,JP -3560947664,3560947667,DE -3560947668,3560947686,JP -3560947687,3560947687,DE -3560947688,3560947711,JP +3560947456,3560947463,DE +3560947464,3560947475,JP +3560947476,3560947507,DE +3560947508,3560947511,JP +3560947512,3560947523,DE +3560947524,3560947527,JP +3560947528,3560947535,DE +3560947536,3560947543,JP +3560947544,3560947551,DE +3560947552,3560947555,JP +3560947556,3560947559,DE +3560947560,3560947567,JP +3560947568,3560947571,DE +3560947572,3560947591,JP +3560947592,3560947603,DE +3560947604,3560947607,JP +3560947608,3560947623,DE +3560947624,3560947631,JP +3560947632,3560947655,DE +3560947656,3560947659,JP +3560947660,3560947667,DE +3560947668,3560947683,JP +3560947684,3560947687,DE +3560947688,3560947703,JP +3560947704,3560947707,DE +3560947708,3560947711,JP 3560947712,3560955903,SE 3560955904,3560964095,BE 3560964096,3560996863,NL @@ -138366,7 +139960,9 @@ 3562059520,3562061823,ES 3562070016,3562078207,DE 3562078208,3562086399,SK -3562094592,3562102449,GB +3562094592,3562094911,GB +3562094912,3562094975,CH +3562094976,3562102449,GB 3562102450,3562102450,DE 3562102451,3562110607,GB 3562110608,3562110623,FR @@ -138415,7 +140011,13 @@ 3562422272,3562430463,IR 3562430464,3562431231,UA 3562431232,3562431487,RU -3562431488,3562438655,UA +3562431488,3562431999,UA +3562432000,3562432255,NL +3562432256,3562433535,UA +3562433536,3562434047,NL +3562434048,3562435071,UA +3562435072,3562435583,NL +3562435584,3562438655,UA 3562438656,3562463231,DE 3562463232,3562471423,UA 3562471424,3562479615,PL @@ -138731,7 +140333,9 @@ 3564363776,3564371967,UA 3564371968,3564380159,DE 3564380160,3564388351,FI -3564388352,3564396543,SE +3564388352,3564391135,SE +3564391136,3564391167,US +3564391168,3564396543,SE 3564396544,3564404735,RU 3564404736,3564412927,BG 3564412928,3564421119,IL @@ -139729,7 +141333,9 @@ 3575624960,3575631103,GB 3575631360,3575638181,GB 3575638183,3575644159,GB -3575644160,3575646975,FR +3575644160,3575646303,FR +3575646304,3575646319,ES +3575646320,3575646975,FR 3575646976,3575647231,GB 3575647232,3575648223,FR 3575648224,3575648255,PT @@ -139775,9 +141381,7 @@ 3575671616,3575671679,FI 3575671680,3575671855,FR 3575671856,3575671871,GB -3575671872,3575672879,FR -3575672880,3575672895,GB -3575672896,3575673087,FR +3575671872,3575673087,FR 3575673088,3575673343,GB 3575673344,3575676255,FR 3575676256,3575676271,GB @@ -140317,8 +141921,8 @@ 3580265472,3580265727,SE 3580265728,3580268543,EE 3580268544,3580272639,LV -3580272640,3580289023,SE -3580289024,3580297215,HR +3580272640,3580280831,SE +3580280832,3580297215,HR 3580297216,3580329983,SE 3580329984,3580338175,EE 3580338176,3580338687,SE @@ -140409,7 +142013,9 @@ 3582074880,3582077439,GB 3582077440,3582077471,DE 3582077472,3582083071,GB -3582083072,3582087167,BG +3582083072,3582085631,BG +3582085632,3582085887,DK +3582085888,3582087167,BG 3582087168,3582089215,DK 3582089216,3582091263,BG 3582091264,3582099455,QA @@ -140885,11 +142491,11 @@ 3585523712,3585531903,LV 3585531904,3585540095,AT 3585540096,3585548287,DE -3585548288,3585550335,RU +3585548288,3585550335,NL 3585550336,3585550399,DE -3585550400,3585553151,RU -3585553152,3585553407,NL -3585553408,3585556479,RU +3585550400,3585553919,NL +3585553920,3585555007,RU +3585555008,3585556479,NL 3585556480,3585564671,DE 3585564672,3585572863,RU 3585572864,3585581055,IT @@ -141022,13 +142628,12 @@ 3586162688,3586179071,FI 3586179072,3586195455,ES 3586195456,3586203647,RU -3586203648,3586205695,KE +3586203648,3586205695,ZA 3586205696,3586207743,BW 3586207744,3586207999,ZA -3586208256,3586208767,ZA -3586208768,3586211071,KE +3586208256,3586211071,ZA 3586211072,3586211327,BW -3586211328,3586211839,KE +3586211328,3586211839,ZA 3586211840,3586228223,CH 3586228224,3586244607,BE 3586244608,3586246655,NL @@ -141048,7 +142653,9 @@ 3586342912,3586359295,ES 3586359296,3586375679,PL 3586375680,3586392063,CZ -3586392064,3586408447,NL +3586392064,3586405375,NL +3586405376,3586406399,RU +3586406400,3586408447,NL 3586408448,3586424831,BA 3586424832,3586441215,CH 3586441216,3586457599,DE @@ -141181,7 +142788,8 @@ 3587194880,3587211263,GB 3587211264,3587219455,AT 3587219456,3587227647,RU -3587227648,3587231231,GB +3587227648,3587227648,NL +3587227649,3587231231,GB 3587231232,3587231263,NL 3587231264,3587233087,GB 3587233088,3587233095,NL @@ -141204,8 +142812,11 @@ 3587242680,3587244031,GB 3587244032,3587260415,IT 3587260416,3587278591,DE -3587278592,3587279359,GB -3587279360,3587284991,DE +3587278592,3587279359,PT +3587279360,3587279615,DE +3587279616,3587280383,PT +3587280384,3587281151,DE +3587281152,3587284991,PT 3587291136,3587292159,FR 3587293184,3587309567,IT 3587309568,3587325951,GB @@ -141215,7 +142826,11 @@ 3587375104,3587383295,TR 3587383296,3587391487,CZ 3587391488,3587407871,KZ -3587407872,3587420159,BE +3587407872,3587408127,BE +3587408128,3587408383,NL +3587408384,3587415039,BE +3587415040,3587415807,NL +3587415808,3587420159,BE 3587420160,3587421183,NL 3587421184,3587421439,BE 3587421440,3587423743,NL @@ -141437,14 +143052,18 @@ 3589722032,3589734399,BE 3589734400,3589738495,ZA 3589738496,3589739519,EG -3589739520,3589742591,ZA +3589739520,3589740543,GB +3589740544,3589742591,ZA 3589742592,3589746175,NL 3589746176,3589746687,US 3589746688,3589767167,NL 3589767168,3589810431,RU 3589810432,3589810687,PL 3589810688,3589816319,RU -3589825792,3589826047,DE +3589819562,3589819563,GB +3589825792,3589825807,DE +3589825808,3589825809,US +3589825810,3589826047,DE 3589826718,3589826718,AT 3589827584,3589827647,DE 3589827712,3589827839,DE @@ -141456,9 +143075,13 @@ 3589849088,3589865471,GB 3589865472,3589881855,GR 3589881856,3589890047,NL -3589890048,3589904383,GB -3589904384,3589906431,KZ -3589906432,3589931007,GB +3589890048,3589904639,GB +3589904640,3589905151,KZ +3589905152,3589905407,GB +3589905408,3589905663,KZ +3589905664,3589905919,GB +3589905920,3589906175,KZ +3589906176,3589931007,GB 3589931008,3589947391,SI 3589947392,3589963775,FI 3589963776,3589980159,ES @@ -141696,7 +143319,9 @@ 3625959424,3625963519,GB 3625963520,3626091519,US 3626091520,3626092031,AR -3626092032,3626234111,US +3626092032,3626233655,US +3626233656,3626233663,GB +3626233664,3626234111,US 3626234112,3626234367,GB 3626234368,3626270719,US 3626270720,3626287103,CA @@ -141718,8 +143343,7 @@ 3626934272,3627044863,US 3627044864,3627048959,CA 3627048960,3627049983,AG -3627049984,3627050495,US -3627051008,3627065343,US +3627049984,3627065343,US 3627065344,3627069439,CA 3627069440,3627220223,US 3627220224,3627220479,CA @@ -141986,7 +143610,9 @@ 3630169856,3630170111,CA 3630170112,3630313471,US 3630313472,3630317567,CA -3630317568,3630375423,US +3630317568,3630354431,US +3630354432,3630358527,BR +3630358528,3630375423,US 3630375424,3630383103,CA 3630383104,3630391295,US 3630391296,3630395391,CA @@ -142466,9 +144092,7 @@ 3639400448,3639401471,RS 3639401472,3639402239,US 3639402240,3639402495,GH -3639402496,3639513239,US -3639513240,3639513243,AE -3639513244,3639525375,US +3639402496,3639525375,US 3639529472,3639533567,US 3639533568,3639537663,CA 3639537664,3639550207,US @@ -142882,7 +144506,13 @@ 3642048768,3642049023,DE 3642049024,3642049279,CH 3642049280,3642049535,NO -3642049536,3642051327,GB +3642049536,3642049791,SE +3642049792,3642050047,FI +3642050048,3642050303,FR +3642050304,3642050559,GB +3642050560,3642050815,ES +3642050816,3642051071,IT +3642051072,3642051327,CA 3642051328,3642051583,US 3642051584,3642051839,TR 3642051840,3642054399,DE @@ -143054,7 +144684,6 @@ 3642609664,3642613759,ZA 3642613760,3642617855,FI 3642617856,3642621951,JO -3642621952,3642626047,IT 3642626048,3642628607,BE 3642628864,3642630143,BE 3642630144,3642634239,DK @@ -144241,8 +145870,9 @@ 3647965696,3647965951,CH 3647965952,3647966207,DE 3647966208,3647967231,GB -3647967232,3647968255,BE -3647968256,3647968895,DE +3647967232,3647967759,DE +3647967760,3647967775,BE +3647967776,3647968895,DE 3647968896,3647968911,FR 3647968912,3647969327,DE 3647969328,3647969335,IT @@ -144785,8 +146415,10 @@ 3651870720,3651874815,IT 3651874816,3651878911,PL 3651878912,3651883007,IT -3651883008,3651884287,CD -3651884288,3651885839,BE +3651883008,3651884543,CD +3651884544,3651885055,BE +3651885056,3651885311,CD +3651885312,3651885839,BE 3651885840,3651885843,CD 3651885844,3651887103,BE 3651887104,3651891199,GB @@ -144893,7 +146525,9 @@ 3652596480,3652596543,ES 3652596544,3652597887,FR 3652597888,3652597903,GB -3652597904,3652609023,FR +3652597904,3652608191,FR +3652608192,3652608223,PT +3652608224,3652609023,FR 3652609024,3652609279,GB 3652609280,3652609503,FR 3652609504,3652609535,FI @@ -144945,7 +146579,15 @@ 3652644248,3652644255,ES 3652644256,3652644351,FR 3652644352,3652644383,FI -3652644384,3652648959,FR +3652644384,3652645119,FR +3652645120,3652645503,GB +3652645504,3652645663,FR +3652645664,3652645695,FI +3652645696,3652646015,FR +3652646016,3652646079,ES +3652646080,3652646655,FR +3652646656,3652646719,ES +3652646720,3652648959,FR 3652648960,3652714495,IE 3652714496,3653238783,DE 3653238784,3653369855,CH @@ -145322,7 +146964,9 @@ 3715653632,3715655679,BD 3715655680,3715657727,IN 3715657728,3715661823,SG -3715661824,3715672063,AU +3715661824,3715665919,AU +3715665920,3715666175,GB +3715666176,3715672063,AU 3715672064,3715674111,JP 3715674112,3715678207,HK 3715678208,3715694591,PK diff --git a/src/config/geoip6 b/src/config/geoip6 index 296429c03a..529dc8f8f3 100644 --- a/src/config/geoip6 +++ b/src/config/geoip6 @@ -1,4 +1,4 @@ -# Last updated based on April 4 2017 Maxmind GeoLite2 Country +# Last updated based on May 2 2017 Maxmind GeoLite2 Country # wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.mmdb.gz # gunzip GeoLite2-Country.mmdb.gz # python mmdb-convert.py GeoLite2-Country.mmdb @@ -177,9 +177,13 @@ 2001:470:1f0b:11d3::,2001:470:1f14:ffff:ffff:ffff:ffff:ffff,US 2001:470:1f15::,2001:470:1f15:b3:ffff:ffff:ffff:ffff,RU 2001:470:1f15:b4::,2001:470:1f15:b4:ffff:ffff:ffff:ffff,NL -2001:470:1f15:b5::,2001:470:1f15:44f:ffff:ffff:ffff:ffff,RU +2001:470:1f15:b5::,2001:470:1f15:16b:ffff:ffff:ffff:ffff,RU +2001:470:1f15:16c::,2001:470:1f15:16c:ffff:ffff:ffff:ffff,NL +2001:470:1f15:16d::,2001:470:1f15:44f:ffff:ffff:ffff:ffff,RU 2001:470:1f15:450::,2001:470:1f15:450:ffff:ffff:ffff:ffff,NL -2001:470:1f15:451::,2001:470:1f15:582:ffff:ffff:ffff:ffff,RU +2001:470:1f15:451::,2001:470:1f15:500:ffff:ffff:ffff:ffff,RU +2001:470:1f15:501::,2001:470:1f15:501:ffff:ffff:ffff:ffff,NL +2001:470:1f15:502::,2001:470:1f15:582:ffff:ffff:ffff:ffff,RU 2001:470:1f15:583::,2001:470:1f15:583:ffff:ffff:ffff:ffff,NL 2001:470:1f15:584::,2001:470:1f15:5ab:ffff:ffff:ffff:ffff,RU 2001:470:1f15:5ac::,2001:470:1f15:5ac:ffff:ffff:ffff:ffff,NL @@ -187,7 +191,9 @@ 2001:470:1f15:9c6::,2001:470:1f15:9c6:ffff:ffff:ffff:ffff,AT 2001:470:1f15:9c7::,2001:470:1f15:a5e:ffff:ffff:ffff:ffff,RU 2001:470:1f15:a5f::,2001:470:1f15:a60:ffff:ffff:ffff:ffff,NL -2001:470:1f15:a61::,2001:470:1f15:10db:ffff:ffff:ffff:ffff,RU +2001:470:1f15:a61::,2001:470:1f15:b25:ffff:ffff:ffff:ffff,RU +2001:470:1f15:b26::,2001:470:1f15:b26:ffff:ffff:ffff:ffff,NL +2001:470:1f15:b27::,2001:470:1f15:10db:ffff:ffff:ffff:ffff,RU 2001:470:1f15:10dc::,2001:470:1f15:10dc:ffff:ffff:ffff:ffff,NL 2001:470:1f15:10dd::,2001:470:1f15:110b:ffff:ffff:ffff:ffff,RU 2001:470:1f15:110c::,2001:470:1f15:110c:ffff:ffff:ffff:ffff,BE @@ -264,7 +270,9 @@ 2001:470:7bb0::,2001:470:7bb0:7fff:ffff:ffff:ffff:ffff,BE 2001:470:7bb0:8000::,2001:470:7bbf:ffff:ffff:ffff:ffff:ffff,US 2001:470:7bc0::,2001:470:7bc0:ffff:ffff:ffff:ffff:ffff,NL -2001:470:7bc1::,2001:470:7e38:ffff:ffff:ffff:ffff:ffff,US +2001:470:7bc1::,2001:470:7d6a:ffff:ffff:ffff:ffff:ffff,US +2001:470:7d6b::,2001:470:7d6b:ffff:ffff:ffff:ffff:ffff,NL +2001:470:7d6c::,2001:470:7e38:ffff:ffff:ffff:ffff:ffff,US 2001:470:7e39::,2001:470:7e39:7fff:ffff:ffff:ffff:ffff,NL 2001:470:7e39:8000::,2001:470:7ea5:ffff:ffff:ffff:ffff:ffff,US 2001:470:7ea6::,2001:470:7ea6:ffff:ffff:ffff:ffff:ffff,NL @@ -792,6 +800,20 @@ 2001:678:3f4::,2001:678:3f4:ffff:ffff:ffff:ffff:ffff,DE 2001:678:3f8::,2001:678:3f8:ffff:ffff:ffff:ffff:ffff,UA 2001:678:3fc::,2001:678:3fc:ffff:ffff:ffff:ffff:ffff,FR +2001:678:400::,2001:678:400:ffff:ffff:ffff:ffff:ffff,DE +2001:678:404::,2001:678:404:ffff:ffff:ffff:ffff:ffff,RS +2001:678:408::,2001:678:408:ffff:ffff:ffff:ffff:ffff,ME +2001:678:40c::,2001:678:40c:ffff:ffff:ffff:ffff:ffff,RU +2001:678:410::,2001:678:410:ffff:ffff:ffff:ffff:ffff,RU +2001:678:414::,2001:678:414:ffff:ffff:ffff:ffff:ffff,DE +2001:678:418::,2001:678:418:ffff:ffff:ffff:ffff:ffff,GB +2001:678:41c::,2001:678:41c:ffff:ffff:ffff:ffff:ffff,UA +2001:678:420::,2001:678:420:ffff:ffff:ffff:ffff:ffff,RU +2001:678:424::,2001:678:424:ffff:ffff:ffff:ffff:ffff,GB +2001:678:428::,2001:678:428:ffff:ffff:ffff:ffff:ffff,NL +2001:678:42c::,2001:678:42c:ffff:ffff:ffff:ffff:ffff,SI +2001:678:430::,2001:678:433:ffff:ffff:ffff:ffff:ffff,GB +2001:678:440::,2001:678:440:ffff:ffff:ffff:ffff:ffff,SE 2001:67c::,2001:67c::ffff:ffff:ffff:ffff:ffff,IE 2001:67c:4::,2001:67c:4:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:8::,2001:67c:8:ffff:ffff:ffff:ffff:ffff,CH @@ -815,7 +837,7 @@ 2001:67c:58::,2001:67c:58:ffff:ffff:ffff:ffff:ffff,SI 2001:67c:5c::,2001:67c:5c:ffff:ffff:ffff:ffff:ffff,BE 2001:67c:60::,2001:67c:60:ffff:ffff:ffff:ffff:ffff,NL -2001:67c:64::,2001:67c:64:ffff:ffff:ffff:ffff:ffff,ES +2001:67c:64::,2001:67c:64:ffff:ffff:ffff:ffff:ffff,HU 2001:67c:68::,2001:67c:68:ffff:ffff:ffff:ffff:ffff,CZ 2001:67c:6c::,2001:67c:6c:ffff:ffff:ffff:ffff:ffff,IS 2001:67c:70::,2001:67c:70:ffff:ffff:ffff:ffff:ffff,FR @@ -1407,6 +1429,10 @@ 2001:67c:11f4::,2001:67c:11f4:ffff:ffff:ffff:ffff:ffff,AT 2001:67c:11f8::,2001:67c:11f8:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:11fc::,2001:67c:11fc:ffff:ffff:ffff:ffff:ffff,RU +2001:67c:1200::,2001:67c:1200:ffff:ffff:ffff:ffff:ffff,NL +2001:67c:1204::,2001:67c:1204:ffff:ffff:ffff:ffff:ffff,PL +2001:67c:1208::,2001:67c:1208:ffff:ffff:ffff:ffff:ffff,PL +2001:67c:120c::,2001:67c:120c:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:1210::,2001:67c:1213:ffff:ffff:ffff:ffff:ffff,RU 2001:67c:1220::,2001:67c:1223:ffff:ffff:ffff:ffff:ffff,CZ 2001:67c:1230::,2001:67c:1233:ffff:ffff:ffff:ffff:ffff,US @@ -1453,10 +1479,12 @@ 2001:67c:12e4::,2001:67c:12e4:ffff:ffff:ffff:ffff:ffff,SA 2001:67c:12e8::,2001:67c:12e9:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:12f0::,2001:67c:12f0:ffff:ffff:ffff:ffff:ffff,DE +2001:67c:12f4::,2001:67c:12f4:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:12f8::,2001:67c:12f8:ffff:ffff:ffff:ffff:ffff,DK 2001:67c:12fc::,2001:67c:12fc:ffff:ffff:ffff:ffff:ffff,PL 2001:67c:1300::,2001:67c:1300:ffff:ffff:ffff:ffff:ffff,CH 2001:67c:1304::,2001:67c:1304:ffff:ffff:ffff:ffff:ffff,RU +2001:67c:1308::,2001:67c:1308:ffff:ffff:ffff:ffff:ffff,GB 2001:67c:130c::,2001:67c:130c:ffff:ffff:ffff:ffff:ffff,SE 2001:67c:1310::,2001:67c:1310:ffff:ffff:ffff:ffff:ffff,GB 2001:67c:1314::,2001:67c:1314:ffff:ffff:ffff:ffff:ffff,CZ @@ -1850,7 +1878,6 @@ 2001:67c:1b6c::,2001:67c:1b6c:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:1b70::,2001:67c:1b70:ffff:ffff:ffff:ffff:ffff,AT 2001:67c:1b74::,2001:67c:1b74:ffff:ffff:ffff:ffff:ffff,SE -2001:67c:1b78::,2001:67c:1b78:ffff:ffff:ffff:ffff:ffff,RU 2001:67c:1b7c::,2001:67c:1b7c:ffff:ffff:ffff:ffff:ffff,RU 2001:67c:1b80::,2001:67c:1b80:ffff:ffff:ffff:ffff:ffff,RU 2001:67c:1b84::,2001:67c:1b84:ffff:ffff:ffff:ffff:ffff,DE @@ -2021,7 +2048,6 @@ 2001:67c:2224::,2001:67c:2224:ffff:ffff:ffff:ffff:ffff,UA 2001:67c:2228::,2001:67c:2228:ffff:ffff:ffff:ffff:ffff,SE 2001:67c:222c::,2001:67c:222c:ffff:ffff:ffff:ffff:ffff,SK -2001:67c:2230::,2001:67c:2230:ffff:ffff:ffff:ffff:ffff,BE 2001:67c:2234::,2001:67c:2234:ffff:ffff:ffff:ffff:ffff,GB 2001:67c:2238::,2001:67c:2238:ffff:ffff:ffff:ffff:ffff,CH 2001:67c:223c::,2001:67c:223c:ffff:ffff:ffff:ffff:ffff,DE @@ -2575,7 +2601,6 @@ 2001:67c:2bb8::,2001:67c:2bb8:ffff:ffff:ffff:ffff:ffff,UA 2001:67c:2bbc::,2001:67c:2bbc:ffff:ffff:ffff:ffff:ffff,RO 2001:67c:2bc0::,2001:67c:2bc0:ffff:ffff:ffff:ffff:ffff,SE -2001:67c:2bc4::,2001:67c:2bc4:ffff:ffff:ffff:ffff:ffff,UA 2001:67c:2bc8::,2001:67c:2bc8:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:2bcc::,2001:67c:2bcc:ffff:ffff:ffff:ffff:ffff,LV 2001:67c:2bd0::,2001:67c:2bd0:ffff:ffff:ffff:ffff:ffff,SE @@ -2772,7 +2797,6 @@ 2001:67c:2f04::,2001:67c:2f04:ffff:ffff:ffff:ffff:ffff,NL 2001:67c:2f08::,2001:67c:2f08:ffff:ffff:ffff:ffff:ffff,GB 2001:67c:2f0c::,2001:67c:2f0c:ffff:ffff:ffff:ffff:ffff,DE -2001:67c:2f10::,2001:67c:2f10:ffff:ffff:ffff:ffff:ffff,UA 2001:67c:2f14::,2001:67c:2f14:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:2f18::,2001:67c:2f18:ffff:ffff:ffff:ffff:ffff,CZ 2001:67c:2f1c::,2001:67c:2f1c:ffff:ffff:ffff:ffff:ffff,GB @@ -2783,6 +2807,7 @@ 2001:67c:2f30::,2001:67c:2f30:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:2f34::,2001:67c:2f34:ffff:ffff:ffff:ffff:ffff,AT 2001:67c:2f38::,2001:67c:2f38:ffff:ffff:ffff:ffff:ffff,GB +2001:67c:2f3c::,2001:67c:2f3c:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:2f40::,2001:67c:2f40:ffff:ffff:ffff:ffff:ffff,BG 2001:67c:2f44::,2001:67c:2f44:ffff:ffff:ffff:ffff:ffff,DE 2001:67c:2f48::,2001:67c:2f48:ffff:ffff:ffff:ffff:ffff,UA @@ -3058,6 +3083,8 @@ 2001:7f8:af::,2001:7f8:af:ffff:ffff:ffff:ffff:ffff,FI 2001:7f8:b0::,2001:7f8:b0:ffff:ffff:ffff:ffff:ffff,SE 2001:7f8:b1::,2001:7f8:b1:ffff:ffff:ffff:ffff:ffff,FR +2001:7f8:b2::,2001:7f8:b2:ffff:ffff:ffff:ffff:ffff,CZ +2001:7f8:b3::,2001:7f8:b3:ffff:ffff:ffff:ffff:ffff,PL 2001:7f9:4::,2001:7f9:4:ffff:ffff:ffff:ffff:ffff,AL 2001:7f9:8::,2001:7f9:8:ffff:ffff:ffff:ffff:ffff,AM 2001:7f9:c::,2001:7f9:c:ffff:ffff:ffff:ffff:ffff,PL @@ -3748,7 +3775,7 @@ 2001:df0:1b00::,2001:df0:1b00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:1c00::,2001:df0:1c00:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:1d00::,2001:df0:1d00:ffff:ffff:ffff:ffff:ffff,MV -2001:df0:1e00::,2001:df0:1e00:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:1e00::,2001:df0:1e01:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:1f00::,2001:df0:1f00:ffff:ffff:ffff:ffff:ffff,MV 2001:df0:2000::,2001:df0:2000:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:2100::,2001:df0:2100:ffff:ffff:ffff:ffff:ffff,AU @@ -3779,13 +3806,11 @@ 2001:df0:3d00::,2001:df0:3d00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:3e00::,2001:df0:3e00:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:3f00::,2001:df0:3f00:ffff:ffff:ffff:ffff:ffff,ID -2001:df0:4000::,2001:df0:4000:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:4100::,2001:df0:4100:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:4200::,2001:df0:4200:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:4300::,2001:df0:4300:ffff:ffff:ffff:ffff:ffff,IN 2001:df0:4400::,2001:df0:4400:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:4500::,2001:df0:4500:ffff:ffff:ffff:ffff:ffff,CN -2001:df0:4600::,2001:df0:4601:ffff:ffff:ffff:ffff:ffff,US 2001:df0:4700::,2001:df0:4700:ffff:ffff:ffff:ffff:ffff,IN 2001:df0:4800::,2001:df0:4800:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:4900::,2001:df0:4900:ffff:ffff:ffff:ffff:ffff,IN @@ -3890,44 +3915,87 @@ 2001:df0:b400::,2001:df0:b400:ffff:ffff:ffff:ffff:ffff,JP 2001:df0:b500::,2001:df0:b500:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:b600::,2001:df0:b600:ffff:ffff:ffff:ffff:ffff,BD +2001:df0:b700::,2001:df0:b700:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:b800::,2001:df0:b800:ffff:ffff:ffff:ffff:ffff,PH +2001:df0:b900::,2001:df0:b900:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:ba00::,2001:df0:ba00:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:bb00::,2001:df0:bb00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:bc00::,2001:df0:bc00:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:bd00::,2001:df0:bd00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:be00::,2001:df0:be00:ffff:ffff:ffff:ffff:ffff,MY +2001:df0:bf00::,2001:df0:bf00:ffff:ffff:ffff:ffff:ffff,PH 2001:df0:c000::,2001:df0:c000:ffff:ffff:ffff:ffff:ffff,HK +2001:df0:c100::,2001:df0:c100:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:c200::,2001:df0:c200:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:c300::,2001:df0:c300:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:c400::,2001:df0:c400:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:c500::,2001:df0:c500:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:c600::,2001:df0:c600:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:c700::,2001:df0:c700:ffff:ffff:ffff:ffff:ffff,SG 2001:df0:c800::,2001:df0:c800:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:c900::,2001:df0:c900:ffff:ffff:ffff:ffff:ffff,PK 2001:df0:ca00::,2001:df0:ca00:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:cb00::,2001:df0:cb00:ffff:ffff:ffff:ffff:ffff,NZ 2001:df0:cc00::,2001:df0:cc00:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:cd00::,2001:df0:cd00:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:ce00::,2001:df0:ce00:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:cf00::,2001:df0:cf00:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:d000::,2001:df0:d000:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:d100::,2001:df0:d100:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:d200::,2001:df0:d200:ffff:ffff:ffff:ffff:ffff,MY +2001:df0:d300::,2001:df0:d301:ffff:ffff:ffff:ffff:ffff,IN 2001:df0:d400::,2001:df0:d400:ffff:ffff:ffff:ffff:ffff,HK +2001:df0:d500::,2001:df0:d500:ffff:ffff:ffff:ffff:ffff,AF 2001:df0:d600::,2001:df0:d600:ffff:ffff:ffff:ffff:ffff,MY +2001:df0:d700::,2001:df0:d700:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:d900::,2001:df0:d900:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:db00::,2001:df0:db03:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:dc00::,2001:df0:dc00:ffff:ffff:ffff:ffff:ffff,HK +2001:df0:dd00::,2001:df0:dd00:ffff:ffff:ffff:ffff:ffff,KH 2001:df0:de00::,2001:df0:de00:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:df00::,2001:df0:df00:ffff:ffff:ffff:ffff:ffff,NZ +2001:df0:e100::,2001:df0:e100:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:e200::,2001:df0:e200:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:e300::,2001:df0:e300:ffff:ffff:ffff:ffff:ffff,HK 2001:df0:e400::,2001:df0:e400:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:e500::,2001:df0:e500:ffff:ffff:ffff:ffff:ffff,NZ 2001:df0:e600::,2001:df0:e600:ffff:ffff:ffff:ffff:ffff,SG +2001:df0:e700::,2001:df0:e700:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:e800::,2001:df0:e800:ffff:ffff:ffff:ffff:ffff,AU +2001:df0:e900::,2001:df0:e900:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:ea00::,2001:df0:ea00:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:eb00::,2001:df0:eb00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:ec00::,2001:df0:ec00:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:ed00::,2001:df0:ed00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:ee00::,2001:df0:ee00:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:ef00::,2001:df0:ef00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:f000::,2001:df0:f000:ffff:ffff:ffff:ffff:ffff,HK +2001:df0:f100::,2001:df0:f100:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:f200::,2001:df0:f200:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:f300::,2001:df0:f300:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:f400::,2001:df0:f401:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:f500::,2001:df0:f500:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:f600::,2001:df0:f600:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:f700::,2001:df0:f700:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:f800::,2001:df0:f800:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:f900::,2001:df0:f900:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:fa00::,2001:df0:fa00:ffff:ffff:ffff:ffff:ffff,ID +2001:df0:fb00::,2001:df0:fb00:ffff:ffff:ffff:ffff:ffff,ID 2001:df0:fc00::,2001:df0:fc01:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:fd00::,2001:df0:fd00:ffff:ffff:ffff:ffff:ffff,AU 2001:df0:fe00::,2001:df0:fe00:ffff:ffff:ffff:ffff:ffff,IN +2001:df0:ff00::,2001:df0:ff00:ffff:ffff:ffff:ffff:ffff,PH +2001:df1:100::,2001:df1:100:ffff:ffff:ffff:ffff:ffff,IN 2001:df1:200::,2001:df1:200:ffff:ffff:ffff:ffff:ffff,NZ +2001:df1:300::,2001:df1:300:ffff:ffff:ffff:ffff:ffff,IN 2001:df1:400::,2001:df1:400:ffff:ffff:ffff:ffff:ffff,BD +2001:df1:500::,2001:df1:500:ffff:ffff:ffff:ffff:ffff,ID 2001:df1:600::,2001:df1:600:ffff:ffff:ffff:ffff:ffff,HK +2001:df1:700::,2001:df1:700:ffff:ffff:ffff:ffff:ffff,BD 2001:df1:800::,2001:df1:801:ffff:ffff:ffff:ffff:ffff,SG +2001:df1:900::,2001:df1:900:ffff:ffff:ffff:ffff:ffff,PH 2001:df1:a00::,2001:df1:a00:ffff:ffff:ffff:ffff:ffff,NZ +2001:df1:b00::,2001:df1:b00:ffff:ffff:ffff:ffff:ffff,PG 2001:df1:c00::,2001:df1:c00:ffff:ffff:ffff:ffff:ffff,IN 2001:df1:e00::,2001:df1:e00:ffff:ffff:ffff:ffff:ffff,IN 2001:df1:1200::,2001:df1:1200:ffff:ffff:ffff:ffff:ffff,ID @@ -4472,6 +4540,7 @@ 2001:df5:7800::,2001:df5:7800:ffff:ffff:ffff:ffff:ffff,CN 2001:df5:7a00::,2001:df5:7a00:ffff:ffff:ffff:ffff:ffff,SG 2001:df5:7c00::,2001:df5:7c00:ffff:ffff:ffff:ffff:ffff,IN +2001:df5:7e00::,2001:df5:7e00:ffff:ffff:ffff:ffff:ffff,BD 2001:df5:8000::,2001:df5:8000:ffff:ffff:ffff:ffff:ffff,SG 2001:df5:8200::,2001:df5:8200:ffff:ffff:ffff:ffff:ffff,AU 2001:df5:8400::,2001:df5:8400:ffff:ffff:ffff:ffff:ffff,SG @@ -4669,7 +4738,6 @@ 2001:df7:1600::,2001:df7:1600:ffff:ffff:ffff:ffff:ffff,HK 2001:df7:1a00::,2001:df7:1a00:ffff:ffff:ffff:ffff:ffff,ID 2001:df7:1c00::,2001:df7:1c00:ffff:ffff:ffff:ffff:ffff,ID -2001:df7:1e00::,2001:df7:1e00:ffff:ffff:ffff:ffff:ffff,AU 2001:df7:2000::,2001:df7:2000:ffff:ffff:ffff:ffff:ffff,AU 2001:df7:2200::,2001:df7:2200:ffff:ffff:ffff:ffff:ffff,TH 2001:df7:2400::,2001:df7:2400:ffff:ffff:ffff:ffff:ffff,AU @@ -5155,9 +5223,9 @@ 2001:1b20::,2001:1b20:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:1b28::,2001:1b28:ffff:ffff:ffff:ffff:ffff:ffff,EE 2001:1b30::,2001:1b37:ffff:ffff:ffff:ffff:ffff:ffff,DE -2001:1b38::,2001:1b38:ffff:ffff:ffff:ffff:ffff:ffff,FR +2001:1b38::,2001:1b3f:ffff:ffff:ffff:ffff:ffff:ffff,FR 2001:1b40::,2001:1b40:ffff:ffff:ffff:ffff:ffff:ffff,GB -2001:1b48::,2001:1b48:ffff:ffff:ffff:ffff:ffff:ffff,FR +2001:1b48::,2001:1b4f:ffff:ffff:ffff:ffff:ffff:ffff,FR 2001:1b50::,2001:1b57:ffff:ffff:ffff:ffff:ffff:ffff,CH 2001:1b58::,2001:1b58:ffff:ffff:ffff:ffff:ffff:ffff,FR 2001:1b60::,2001:1b67:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -5557,8 +5625,12 @@ 2001:43f8:cc0::,2001:43f8:ccf:ffff:ffff:ffff:ffff:ffff,MU 2001:43f8:ce0::,2001:43f8:ce0:ffff:ffff:ffff:ffff:ffff,TZ 2001:43f8:cf0::,2001:43f8:cf1:ffff:ffff:ffff:ffff:ffff,SN +2001:43f8:d00::,2001:43f8:d00:ffff:ffff:ffff:ffff:ffff,MU +2001:43f8:d10::,2001:43f8:d11:ffff:ffff:ffff:ffff:ffff,TG +2001:43f8:d20::,2001:43f8:d2f:ffff:ffff:ffff:ffff:ffff,ZA +2001:43f8:d40::,2001:43f8:d40:ffff:ffff:ffff:ffff:ffff,UG +2001:43f8:d50::,2001:43f8:d50:ffff:ffff:ffff:ffff:ffff,ZA 2001:43f8:e00::,2001:43f8:eff:ffff:ffff:ffff:ffff:ffff,MU -2001:43f8:a700::,2001:43f8:a700:ffff:ffff:ffff:ffff:ffff,MU 2001:4400::,2001:4403:ffff:ffff:ffff:ffff:ffff:ffff,NZ 2001:4408::,2001:4408:ffff:ffff:ffff:ffff:ffff:ffff,IN 2001:4410::,2001:4410:ffff:ffff:ffff:ffff:ffff:ffff,NZ @@ -5820,7 +5892,7 @@ 2001:4b88::,2001:4b88:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4b90::,2001:4b90:ffff:ffff:ffff:ffff:ffff:ffff,FR 2001:4b98::,2001:4b9f:ffff:ffff:ffff:ffff:ffff:ffff,FR -2001:4ba0::,2001:4ba0:ffff:ffff:ffff:ffff:ffff:ffff,DE +2001:4ba0::,2001:4ba7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4ba8::,2001:4baf:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2001:4bb0::,2001:4bb0:ffff:ffff:ffff:ffff:ffff:ffff,IT 2001:4bb8::,2001:4bb8:ffff:ffff:ffff:ffff:ffff:ffff,AT @@ -5857,16 +5929,14 @@ 2001:4c88::,2001:4c88:ffff:ffff:ffff:ffff:ffff:ffff,IR 2001:4c90::,2001:4c97:ffff:ffff:ffff:ffff:ffff:ffff,IT 2001:4c98::,2001:4c98:ffff:ffff:ffff:ffff:ffff:ffff,DE -2001:4ca0::,2001:4ca0:ffff:ffff:ffff:ffff:ffff:ffff,DE -2001:4ca8::,2001:4ca8:ffff:ffff:ffff:ffff:ffff:ffff,DE +2001:4ca0::,2001:4ca8:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4cb0::,2001:4cb0:ffff:ffff:ffff:ffff:ffff:ffff,GB 2001:4cb8::,2001:4cbf:ffff:ffff:ffff:ffff:ffff:ffff,NL 2001:4cc0::,2001:4cc0:ffff:ffff:ffff:ffff:ffff:ffff,PT 2001:4cc8::,2001:4cc8:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2001:4cd0::,2001:4cd0:ffff:ffff:ffff:ffff:ffff:ffff,IL 2001:4cd8::,2001:4cd8:ffff:ffff:ffff:ffff:ffff:ffff,DE -2001:4ce0::,2001:4ce0:ffff:ffff:ffff:ffff:ffff:ffff,DE -2001:4ce8::,2001:4cf8:ffff:ffff:ffff:ffff:ffff:ffff,DE +2001:4ce0::,2001:4cf8:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4d00::,2001:4d00:ffff:ffff:ffff:ffff:ffff:ffff,AM 2001:4d08::,2001:4d08:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4d10::,2001:4d10:ffff:ffff:ffff:ffff:ffff:ffff,ES @@ -5890,7 +5960,9 @@ 2001:4dc8::,2001:4dc8:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4dd0::,2001:4dd7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2001:4dd8::,2001:4dd8:ffff:ffff:ffff:ffff:ffff:ffff,NO -2001:4de0::,2001:4de0:ffff:ffff:ffff:ffff:ffff:ffff,NL +2001:4de0::,2001:4de0:4ff:ffff:ffff:ffff:ffff:ffff,NL +2001:4de0:500::,2001:4de0:5ff:ffff:ffff:ffff:ffff:ffff,SE +2001:4de0:600::,2001:4de0:ffff:ffff:ffff:ffff:ffff:ffff,NL 2001:4de8::,2001:4de8:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2001:4df0::,2001:4df0:ffff:ffff:ffff:ffff:ffff:ffff,IL 2001:8000::,2001:8fff:ffff:ffff:ffff:ffff:ffff:ffff,AU @@ -6161,8 +6233,8 @@ 2400:6500:0:7400::,2400:6500::74ff:ffff:ffff:ffff:ffff,KR 2400:6500:0:7500::,2400:6500::75ff:ffff:ffff:ffff:ffff,IN 2400:6500:0:7600::,2400:6500:100:70ff:ffff:ffff:ffff:ffff,SG -2400:6500:100:7100::,2400:6500:100:71ff:ffff:ffff:ffff:ffff,CN -2400:6500:100:7200::,2400:6500:ffff:ffff:ffff:ffff:ffff:ffff,SG +2400:6500:100:7100::,2400:6500:100:72ff:ffff:ffff:ffff:ffff,CN +2400:6500:100:7300::,2400:6500:ffff:ffff:ffff:ffff:ffff:ffff,SG 2400:6540::,2400:6540:ffff:ffff:ffff:ffff:ffff:ffff,VN 2400:6580::,2400:6580:ffff:ffff:ffff:ffff:ffff:ffff,IN 2400:65c0::,2400:65c0:ffff:ffff:ffff:ffff:ffff:ffff,IN @@ -6622,8 +6694,7 @@ 2400:cb00:81::,2400:cb00:81:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:82::,2400:cb00:82:ffff:ffff:ffff:ffff:ffff,UA 2400:cb00:83::,2400:cb00:83:ffff:ffff:ffff:ffff:ffff,NO -2400:cb00:84::,2400:cb00:84:ffff:ffff:ffff:ffff:ffff,AU -2400:cb00:85::,2400:cb00:85:ffff:ffff:ffff:ffff:ffff,US +2400:cb00:84::,2400:cb00:85:ffff:ffff:ffff:ffff:ffff,AU 2400:cb00:86::,2400:cb00:86:ffff:ffff:ffff:ffff:ffff,TH 2400:cb00:87::,2400:cb00:87:ffff:ffff:ffff:ffff:ffff,RU 2400:cb00:88::,2400:cb00:88:ffff:ffff:ffff:ffff:ffff,GR @@ -6641,7 +6712,9 @@ 2400:cb00:105::,2400:cb00:105:ffff:ffff:ffff:ffff:ffff,CW 2400:cb00:106::,2400:cb00:106:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:107::,2400:cb00:107:ffff:ffff:ffff:ffff:ffff,PT -2400:cb00:108::,2400:cb00:112:ffff:ffff:ffff:ffff:ffff,US +2400:cb00:108::,2400:cb00:110:ffff:ffff:ffff:ffff:ffff,US +2400:cb00:111::,2400:cb00:111:ffff:ffff:ffff:ffff:ffff,LK +2400:cb00:112::,2400:cb00:112:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:113::,2400:cb00:113:ffff:ffff:ffff:ffff:ffff,ZA 2400:cb00:114::,2400:cb00:114:ffff:ffff:ffff:ffff:ffff,AT 2400:cb00:115::,2400:cb00:116:ffff:ffff:ffff:ffff:ffff,US @@ -6650,7 +6723,8 @@ 2400:cb00:120::,2400:cb00:120:ffff:ffff:ffff:ffff:ffff,RS 2400:cb00:121::,2400:cb00:121:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:122::,2400:cb00:122:ffff:ffff:ffff:ffff:ffff,DJ -2400:cb00:123::,2400:cb00:125:ffff:ffff:ffff:ffff:ffff,US +2400:cb00:123::,2400:cb00:123:ffff:ffff:ffff:ffff:ffff,HU +2400:cb00:124::,2400:cb00:125:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:126::,2400:cb00:126:ffff:ffff:ffff:ffff:ffff,IT 2400:cb00:127::,2400:cb00:127:ffff:ffff:ffff:ffff:ffff,US 2400:cb00:128::,2400:cb00:128:ffff:ffff:ffff:ffff:ffff,SE @@ -6797,65 +6871,127 @@ 2400:f000::,2400:f000:ffff:ffff:ffff:ffff:ffff:ffff,HK 2400:f040::,2400:f040:ffff:ffff:ffff:ffff:ffff:ffff,SG 2400:f080::,2400:f080:ffff:ffff:ffff:ffff:ffff:ffff,IN +2400:f0c0::,2400:f0c0:ffff:ffff:ffff:ffff:ffff:ffff,NP 2400:f100::,2400:f100:ffff:ffff:ffff:ffff:ffff:ffff,HK +2400:f140::,2400:f140:ffff:ffff:ffff:ffff:ffff:ffff,ID 2400:f180::,2400:f180:ffff:ffff:ffff:ffff:ffff:ffff,SG +2400:f1c0::,2400:f1c0:ffff:ffff:ffff:ffff:ffff:ffff,MM 2400:f200::,2400:f200:ffff:ffff:ffff:ffff:ffff:ffff,PH +2400:f240::,2400:f240:ffff:ffff:ffff:ffff:ffff:ffff,MM 2400:f280::,2400:f280:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:f2c0::,2400:f2c0:ffff:ffff:ffff:ffff:ffff:ffff,PH 2400:f300::,2400:f300:ffff:ffff:ffff:ffff:ffff:ffff,IN +2400:f340::,2400:f340:ffff:ffff:ffff:ffff:ffff:ffff,ID 2400:f380::,2400:f380:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:f3c0::,2400:f3c0:ffff:ffff:ffff:ffff:ffff:ffff,HK 2400:f400::,2400:f400:ffff:ffff:ffff:ffff:ffff:ffff,JP +2400:f440::,2400:f440:ffff:ffff:ffff:ffff:ffff:ffff,AU 2400:f480::,2400:f480:ffff:ffff:ffff:ffff:ffff:ffff,CN +2400:f4c0::,2400:f4c0:ffff:ffff:ffff:ffff:ffff:ffff,TH +2400:f540::,2400:f540:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:f580::,2400:f580:ffff:ffff:ffff:ffff:ffff:ffff,ID +2400:f5c0::,2400:f5c0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:f600::,2400:f600:ffff:ffff:ffff:ffff:ffff:ffff,PH +2400:f640::,2400:f640:ffff:ffff:ffff:ffff:ffff:ffff,AU 2400:f680::,2400:f680:ffff:ffff:ffff:ffff:ffff:ffff,IN +2400:f6c0::,2400:f6c0:ffff:ffff:ffff:ffff:ffff:ffff,NP 2400:f700::,2400:f700:ffff:ffff:ffff:ffff:ffff:ffff,HK +2400:f740::,2400:f740:ffff:ffff:ffff:ffff:ffff:ffff,IN 2400:f780::,2400:f780:ffff:ffff:ffff:ffff:ffff:ffff,IN +2400:f7c0::,2400:f7c0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:f800::,2400:f800:ffff:ffff:ffff:ffff:ffff:ffff,HK +2400:f840::,2400:f840:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:f880::,2400:f880:ffff:ffff:ffff:ffff:ffff:ffff,HK +2400:f8c0::,2400:f8c0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2400:f900::,2400:f900:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:f940::,2400:f940:ffff:ffff:ffff:ffff:ffff:ffff,BD 2400:f980::,2400:f980:ffff:ffff:ffff:ffff:ffff:ffff,CN +2400:f9c0::,2400:f9c0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2400:fa00::,2400:fa00:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:fa40::,2400:fa40:ffff:ffff:ffff:ffff:ffff:ffff,BD 2400:fa80::,2400:fa80:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:fac0::,2400:fac0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:fb00::,2400:fb00:ffff:ffff:ffff:ffff:ffff:ffff,ID +2400:fb40::,2400:fb40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:fb80::,2400:fb80:ffff:ffff:ffff:ffff:ffff:ffff,SG +2400:fbc0::,2400:fbc0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:fc00::,2400:fc00:ffff:ffff:ffff:ffff:ffff:ffff,PK +2400:fc40::,2400:fc40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:fc80::,2400:fc80:ffff:ffff:ffff:ffff:ffff:ffff,TW +2400:fcc0::,2400:fcc0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2400:fd00::,2400:fd00:ffff:ffff:ffff:ffff:ffff:ffff,BD +2400:fd40::,2400:fd40:ffff:ffff:ffff:ffff:ffff:ffff,SC 2400:fd80::,2400:fd80:ffff:ffff:ffff:ffff:ffff:ffff,KR +2400:fdc0::,2400:fdc0:ffff:ffff:ffff:ffff:ffff:ffff,IN 2400:fe00::,2400:fe00:ffff:ffff:ffff:ffff:ffff:ffff,CN +2400:fe40::,2400:fe40:ffff:ffff:ffff:ffff:ffff:ffff,MM 2400:fe80::,2400:fe80:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:fec0::,2400:fec0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2400:ff00::,2400:ff00:ffff:ffff:ffff:ffff:ffff:ffff,LK +2400:ff40::,2400:ff40:ffff:ffff:ffff:ffff:ffff:ffff,AU +2400:ffc0::,2400:ffc0:ffff:ffff:ffff:ffff:ffff:ffff,IN 2401::,2401:1:ffff:ffff:ffff:ffff:ffff:ffff,PK +2401:40::,2401:40:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:80::,2401:80:ffff:ffff:ffff:ffff:ffff:ffff,CN +2401:c0::,2401:c0:ffff:ffff:ffff:ffff:ffff:ffff,HK 2401:100::,2401:100:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:140::,2401:140:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:180::,2401:180:ffff:ffff:ffff:ffff:ffff:ffff,ID +2401:1c0::,2401:1c0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:200::,2401:200:ffff:ffff:ffff:ffff:ffff:ffff,MY +2401:240::,2401:240:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:280::,2401:280:ffff:ffff:ffff:ffff:ffff:ffff,HK +2401:2c0::,2401:2c0:ffff:ffff:ffff:ffff:ffff:ffff,HK 2401:300::,2401:300:ffff:ffff:ffff:ffff:ffff:ffff,HK +2401:340::,2401:340:ffff:ffff:ffff:ffff:ffff:ffff,MY 2401:380::,2401:380:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:3c0::,2401:3c0:ffff:ffff:ffff:ffff:ffff:ffff,IN 2401:400::,2401:403:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:440::,2401:440:ffff:ffff:ffff:ffff:ffff:ffff,JP +2401:4c0::,2401:4c0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2401:4c1:c202:1193:f0a8:d737:3761:2b87,2401:4c1:c202:1193:f0a8:d737:3761:2b87,US 2401:500::,2401:500:ffff:ffff:ffff:ffff:ffff:ffff,TH +2401:540::,2401:540:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:580::,2401:580:ffff:ffff:ffff:ffff:ffff:ffff,BD +2401:5c0::,2401:5c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2401:600::,2401:600:ffff:ffff:ffff:ffff:ffff:ffff,JP +2401:640::,2401:640:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:680::,2401:680:ffff:ffff:ffff:ffff:ffff:ffff,JP +2401:6c0::,2401:6c0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2401:700::,2401:700:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:740::,2401:740:ffff:ffff:ffff:ffff:ffff:ffff,PH 2401:780::,2401:780:ffff:ffff:ffff:ffff:ffff:ffff,CN +2401:7c0::,2401:7c0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:800::,2401:800:ffff:ffff:ffff:ffff:ffff:ffff,CN +2401:840::,2401:840:ffff:ffff:ffff:ffff:ffff:ffff,HK 2401:880::,2401:880:ffff:ffff:ffff:ffff:ffff:ffff,MY +2401:8c0::,2401:8c0:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:900::,2401:900:ffff:ffff:ffff:ffff:ffff:ffff,JP +2401:940::,2401:940:ffff:ffff:ffff:ffff:ffff:ffff,BD 2401:980::,2401:980:ffff:ffff:ffff:ffff:ffff:ffff,JP +2401:9c0::,2401:9c0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:a00::,2401:a00:ffff:ffff:ffff:ffff:ffff:ffff,CN +2401:a40::,2401:a40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:a80::,2401:a80:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:ac0::,2401:ac0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:b00::,2401:b00:ffff:ffff:ffff:ffff:ffff:ffff,MY +2401:b40::,2401:b40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:b80::,2401:b80:ffff:ffff:ffff:ffff:ffff:ffff,PH +2401:bc0::,2401:bc0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:c00::,2401:c00:ffff:ffff:ffff:ffff:ffff:ffff,NC +2401:c40::,2401:c40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:c80::,2401:c80:ffff:ffff:ffff:ffff:ffff:ffff,NZ +2401:cc0::,2401:cc0:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:d00::,2401:d00:ffff:ffff:ffff:ffff:ffff:ffff,SG +2401:d40::,2401:d40:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:d80::,2401:d80:ffff:ffff:ffff:ffff:ffff:ffff,AU +2401:dc0::,2401:dc0:ffff:ffff:ffff:ffff:ffff:ffff,BD 2401:e00::,2401:e00:ffff:ffff:ffff:ffff:ffff:ffff,CN +2401:e40::,2401:e40:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:e80::,2401:e80:ffff:ffff:ffff:ffff:ffff:ffff,TH +2401:ec0::,2401:ec0:ffff:ffff:ffff:ffff:ffff:ffff,HK 2401:f00::,2401:f00:ffff:ffff:ffff:ffff:ffff:ffff,ID +2401:f40::,2401:f40:ffff:ffff:ffff:ffff:ffff:ffff,BD 2401:f80::,2401:f80:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:1000::,2401:1000:ffff:ffff:ffff:ffff:ffff:ffff,CN 2401:1100::,2401:1100:ffff:ffff:ffff:ffff:ffff:ffff,HK @@ -6864,7 +7000,6 @@ 2401:1300::,2401:1300:ffff:ffff:ffff:ffff:ffff:ffff,NZ 2401:1380::,2401:1380:ffff:ffff:ffff:ffff:ffff:ffff,HK 2401:1400::,2401:1400:ffff:ffff:ffff:ffff:ffff:ffff,AU -2401:1480::,2401:1480:ffff:ffff:ffff:ffff:ffff:ffff,KH 2401:1500::,2401:1500:ffff:ffff:ffff:ffff:ffff:ffff,AU 2401:1580::,2401:1580:ffff:ffff:ffff:ffff:ffff:ffff,SG 2401:1600::,2401:1600:ffff:ffff:ffff:ffff:ffff:ffff,PH @@ -7310,7 +7445,8 @@ 2401:fa00:11:8000::,2401:fa00:11:ffff:ffff:ffff:ffff:ffff,IN 2401:fa00:12::,2401:fa00:12:ffff:ffff:ffff:ffff:ffff,NZ 2401:fa00:13::,2401:fa00:13:ffff:ffff:ffff:ffff:ffff,HK -2401:fa00:14::,2401:fa00:17:ffff:ffff:ffff:ffff:ffff,IN +2401:fa00:14::,2401:fa00:16:ffff:ffff:ffff:ffff:ffff,IN +2401:fa00:17::,2401:fa00:17:ffff:ffff:ffff:ffff:ffff,KR 2401:fa00:18::,2401:fa00:18:7fff:ffff:ffff:ffff:ffff,PH 2401:fa00:18:8000::,2401:fa00:18:ffff:ffff:ffff:ffff:ffff,IN 2401:fa00:19::,2401:fa00:19:ffff:ffff:ffff:ffff:ffff,TH @@ -7378,7 +7514,6 @@ 2402:1200::,2402:1200:ffff:ffff:ffff:ffff:ffff:ffff,ID 2402:1280::,2402:1280:ffff:ffff:ffff:ffff:ffff:ffff,AU 2402:1300::,2402:1300:ffff:ffff:ffff:ffff:ffff:ffff,AU -2402:1380::,2402:1380:ffff:ffff:ffff:ffff:ffff:ffff,BD 2402:1400::,2402:1400:ffff:ffff:ffff:ffff:ffff:ffff,JP 2402:1500::,2402:1500:ffff:ffff:ffff:ffff:ffff:ffff,HK 2402:1580::,2402:1580:ffff:ffff:ffff:ffff:ffff:ffff,JP @@ -7514,7 +7649,6 @@ 2402:5900::,2402:5900:ffff:ffff:ffff:ffff:ffff:ffff,SG 2402:5980::,2402:5980:ffff:ffff:ffff:ffff:ffff:ffff,SG 2402:5a00::,2402:5a00:ffff:ffff:ffff:ffff:ffff:ffff,JP -2402:5a80::,2402:5a80:ffff:ffff:ffff:ffff:ffff:ffff,PG 2402:5b00::,2402:5b00:ffff:ffff:ffff:ffff:ffff:ffff,IN 2402:5b80::,2402:5b80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2402:5c00::,2402:5c00:ffff:ffff:ffff:ffff:ffff:ffff,AU @@ -7564,7 +7698,6 @@ 2402:7300::,2402:7300:ffff:ffff:ffff:ffff:ffff:ffff,HK 2402:7380::,2402:7380:7ff:ffff:ffff:ffff:ffff:ffff,JP 2402:7380:800::,2402:7380:fff:ffff:ffff:ffff:ffff:ffff,HK -2402:7380:1000::,2402:7380:ffff:ffff:ffff:ffff:ffff:ffff,CN 2402:7400::,2402:7400:ffff:ffff:ffff:ffff:ffff:ffff,AU 2402:7480::,2402:7481:ffff:ffff:ffff:ffff:ffff:ffff,SG 2402:7500::,2402:7500:ffff:ffff:ffff:ffff:ffff:ffff,TW @@ -7601,7 +7734,6 @@ 2402:8400::,2402:8400:ffff:ffff:ffff:ffff:ffff:ffff,IN 2402:8480::,2402:8480:ffff:ffff:ffff:ffff:ffff:ffff,AU 2402:8500::,2402:8500:ffff:ffff:ffff:ffff:ffff:ffff,AU -2402:8580::,2402:8580:ffff:ffff:ffff:ffff:ffff:ffff,HK 2402:8600::,2402:8600:ffff:ffff:ffff:ffff:ffff:ffff,ID 2402:8680::,2402:8680:ffff:ffff:ffff:ffff:ffff:ffff,IN 2402:8700::,2402:8700:ffff:ffff:ffff:ffff:ffff:ffff,AU @@ -7650,7 +7782,9 @@ 2402:9e80::,2402:9e80:13:ffff:ffff:ffff:ffff:ffff,HK 2402:9e80:14::,2402:9e80:14:ffff:ffff:ffff:ffff:ffff,VN 2402:9e80:15::,2402:9e80:15:ffff:ffff:ffff:ffff:ffff,US -2402:9e80:16::,2402:9e80:ffff:ffff:ffff:ffff:ffff:ffff,HK +2402:9e80:16::,2402:9e80:18:ffff:ffff:ffff:ffff:ffff,HK +2402:9e80:19::,2402:9e80:19:ffff:ffff:ffff:ffff:ffff,KR +2402:9e80:1a::,2402:9e80:ffff:ffff:ffff:ffff:ffff:ffff,HK 2402:9f00::,2402:9f00:ffff:ffff:ffff:ffff:ffff:ffff,AU 2402:9f80::,2402:9f80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2402:a000::,2402:a000:ffff:ffff:ffff:ffff:ffff:ffff,ID @@ -8469,7 +8603,6 @@ 2404:2a80:15::,2404:2a80:15:ffff:ffff:ffff:ffff:ffff,US 2404:2a80:16::,2404:2a80:ffff:ffff:ffff:ffff:ffff:ffff,HK 2404:2b00::,2404:2b00:ffff:ffff:ffff:ffff:ffff:ffff,AU -2404:2b80::,2404:2b80:ffff:ffff:ffff:ffff:ffff:ffff,BD 2404:2c00::,2404:2c00:ffff:ffff:ffff:ffff:ffff:ffff,NP 2404:2c80::,2404:2c80:ffff:ffff:ffff:ffff:ffff:ffff,ID 2404:2d00::,2404:2d00:ffff:ffff:ffff:ffff:ffff:ffff,JP @@ -8559,10 +8692,11 @@ 2404:5a80::,2404:5a80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2404:5b00::,2404:5b00:ffff:ffff:ffff:ffff:ffff:ffff,CN 2404:5b80::,2404:5b80:ffff:ffff:ffff:ffff:ffff:ffff,NZ -2404:5c00::,2404:5c00:ffff:ffff:ffff:ffff:ffff:ffff,AU 2404:5c80::,2404:5c80:ffff:ffff:ffff:ffff:ffff:ffff,IN 2404:5d00::,2404:5d00:ffff:ffff:ffff:ffff:ffff:ffff,CN -2404:5d80::,2404:5d80:ffff:ffff:ffff:ffff:ffff:ffff,JP +2404:5d80::,2404:5d80:5fff:ffff:ffff:ffff:ffff:ffff,JP +2404:5d80:6000::,2404:5d80:60ff:ffff:ffff:ffff:ffff:ffff,AU +2404:5d80:6100::,2404:5d80:ffff:ffff:ffff:ffff:ffff:ffff,JP 2404:5e00::,2404:5e00:ffff:ffff:ffff:ffff:ffff:ffff,AU 2404:5e80::,2404:5e80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2404:5f00::,2404:5f00:ffff:ffff:ffff:ffff:ffff:ffff,AU @@ -8614,7 +8748,6 @@ 2404:7400::,2404:7400:ffff:ffff:ffff:ffff:ffff:ffff,PH 2404:7480::,2404:7480:ffff:ffff:ffff:ffff:ffff:ffff,HK 2404:7500::,2404:7500:ffff:ffff:ffff:ffff:ffff:ffff,BD -2404:7580::,2404:7580:ffff:ffff:ffff:ffff:ffff:ffff,PK 2404:7600::,2404:7600:ffff:ffff:ffff:ffff:ffff:ffff,CN 2404:7680::,2404:7680:ffff:ffff:ffff:ffff:ffff:ffff,PK 2404:7700::,2404:7700:ffff:ffff:ffff:ffff:ffff:ffff,IN @@ -8635,7 +8768,6 @@ 2404:7f00::,2404:7f00:ffff:ffff:ffff:ffff:ffff:ffff,AU 2404:7f80::,2404:7f80:ffff:ffff:ffff:ffff:ffff:ffff,IN 2404:8000::,2404:8000:ffff:ffff:ffff:ffff:ffff:ffff,ID -2404:8080::,2404:8081:ffff:ffff:ffff:ffff:ffff:ffff,US 2404:8100::,2404:8100:ffff:ffff:ffff:ffff:ffff:ffff,MY 2404:8180::,2404:8180:ffff:ffff:ffff:ffff:ffff:ffff,PK 2404:8200::,2404:8200:ffff:ffff:ffff:ffff:ffff:ffff,JP @@ -8903,7 +9035,9 @@ 2405:80::,2405:80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2405:100::,2405:100:ffff:ffff:ffff:ffff:ffff:ffff,ID 2405:180::,2405:180:ffff:ffff:ffff:ffff:ffff:ffff,AU -2405:200::,2405:207:ffff:ffff:ffff:ffff:ffff:ffff,IN +2405:200::,2405:205:4204:563c::1e49:20a4,IN +2405:205:4204:563c::1e49:20a5,2405:205:4204:563c::1e49:20a5,US +2405:205:4204:563c::1e49:20a6,2405:207:ffff:ffff:ffff:ffff:ffff:ffff,IN 2405:400::,2405:400:ffff:ffff:ffff:ffff:ffff:ffff,MH 2405:480::,2405:480:ffff:ffff:ffff:ffff:ffff:ffff,CN 2405:500::,2405:500:ffff:ffff:ffff:ffff:ffff:ffff,ID @@ -8985,7 +9119,9 @@ 2405:2000:2200::,2405:2000:2200:ff:ffff:ffff:ffff:ffff,MY 2405:2000:2200:100::,2405:2000:22ff:ffff:ffff:ffff:ffff:ffff,IN 2405:2000:2300::,2405:2000:2300:ff:ffff:ffff:ffff:ffff,MY -2405:2000:2300:100::,2405:2000:ffc7:ffff:ffff:ffff:ffff:ffff,IN +2405:2000:2300:100::,2405:2000:24ff:ffff:ffff:ffff:ffff:ffff,IN +2405:2000:2500::,2405:2000:2500:ffff:ffff:ffff:ffff:ffff,JP +2405:2000:2501::,2405:2000:ffc7:ffff:ffff:ffff:ffff:ffff,IN 2405:2000:ffc8::,2405:2000:ffc8:ffff:ffff:ffff:ffff:ffff,SG 2405:2000:ffc9::,2405:2001::ffff:ffff:ffff:ffff:ffff,IN 2405:2001:1::,2405:2001:1:ff:ffff:ffff:ffff:ffff,SG @@ -9238,7 +9374,6 @@ 2405:9b00::,2405:9b00:ffff:ffff:ffff:ffff:ffff:ffff,CN 2405:9b80::,2405:9b80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2405:9c00::,2405:9c00:ffff:ffff:ffff:ffff:ffff:ffff,NZ -2405:9c80::,2405:9c83:ffff:ffff:ffff:ffff:ffff:ffff,IN 2405:9d00::,2405:9d00:ffff:ffff:ffff:ffff:ffff:ffff,IN 2405:9d80::,2405:9d80:ffff:ffff:ffff:ffff:ffff:ffff,VN 2405:9e00::,2405:9e00:ffff:ffff:ffff:ffff:ffff:ffff,CN @@ -9914,7 +10049,17 @@ 2406:dafc:a000::,2406:dafc:a0ff:ffff:ffff:ffff:ffff:ffff,IN 2406:dafc:a100::,2406:dafc:bfff:ffff:ffff:ffff:ffff:ffff,US 2406:dafc:c000::,2406:dafc:c0ff:ffff:ffff:ffff:ffff:ffff,AU -2406:dafc:c100::,2406:daff:ffff:ffff:ffff:ffff:ffff:ffff,US +2406:dafc:c100::,2406:daff:1fff:ffff:ffff:ffff:ffff:ffff,US +2406:daff:2000::,2406:daff:20ff:ffff:ffff:ffff:ffff:ffff,KR +2406:daff:2100::,2406:daff:3fff:ffff:ffff:ffff:ffff:ffff,US +2406:daff:4000::,2406:daff:40ff:ffff:ffff:ffff:ffff:ffff,JP +2406:daff:4100::,2406:daff:7fff:ffff:ffff:ffff:ffff:ffff,US +2406:daff:8000::,2406:daff:80ff:ffff:ffff:ffff:ffff:ffff,SG +2406:daff:8100::,2406:daff:9fff:ffff:ffff:ffff:ffff:ffff,US +2406:daff:a000::,2406:daff:a0ff:ffff:ffff:ffff:ffff:ffff,IN +2406:daff:a100::,2406:daff:bfff:ffff:ffff:ffff:ffff:ffff,US +2406:daff:c000::,2406:daff:c0ff:ffff:ffff:ffff:ffff:ffff,AU +2406:daff:c100::,2406:daff:ffff:ffff:ffff:ffff:ffff:ffff,US 2406:db00::,2406:db00:ffff:ffff:ffff:ffff:ffff:ffff,IN 2406:db80::,2406:db80:ffff:ffff:ffff:ffff:ffff:ffff,CN 2406:dc00::,2406:dc00:ffff:ffff:ffff:ffff:ffff:ffff,CN @@ -10543,7 +10688,11 @@ 2600:1ffc:1000::,2600:1ffc:10ff:ffff:ffff:ffff:ffff:ffff,CA 2600:1ffc:1100::,2600:1ffc:dfff:ffff:ffff:ffff:ffff:ffff,US 2600:1ffc:e000::,2600:1ffc:e0ff:ffff:ffff:ffff:ffff:ffff,BR -2600:1ffc:e100::,2600:200f:ffff:ffff:ffff:ffff:ffff:ffff,US +2600:1ffc:e100::,2600:1fff:fff:ffff:ffff:ffff:ffff:ffff,US +2600:1fff:1000::,2600:1fff:10ff:ffff:ffff:ffff:ffff:ffff,CA +2600:1fff:1100::,2600:1fff:dfff:ffff:ffff:ffff:ffff:ffff,US +2600:1fff:e000::,2600:1fff:e0ff:ffff:ffff:ffff:ffff:ffff,BR +2600:1fff:e100::,2600:200f:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:2100::,2600:210f:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:2200::,2600:220f:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:2300::,2600:230f:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -10573,7 +10722,7 @@ 2600:7000::,2600:70ff:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:7400::,2600:740f:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:7800::,2600:780f:ffff:ffff:ffff:ffff:ffff:ffff,US -2600:7c00::,2600:7c0f:ffff:ffff:ffff:ffff:ffff:ffff,VC +2600:7c00::,2600:7c0f:ffff:ffff:ffff:ffff:ffff:ffff,LC 2600:8000::,2600:80ff:ffff:ffff:ffff:ffff:ffff:ffff,US 2600:8400::,2600:840f:ffff:ffff:ffff:ffff:ffff:ffff,BB 2600:8800::,2600:880f:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -10592,6 +10741,17 @@ 2602:233::,2602:233:ffff:ffff:ffff:ffff:ffff:ffff,US 2602:240::,2602:25f:ffff:ffff:ffff:ffff:ffff:ffff,US 2602:300::,2602:3ff:ffff:ffff:ffff:ffff:ffff:ffff,US +2602:fef4::,2602:fef4:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fef5::,2602:fef5:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fef6::,2602:fef6:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fef7::,2602:fef7:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fef8::,2602:fef8:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fef9::,2602:fef9:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fefa::,2602:fefa:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fefb::,2602:fefb:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fefc::,2602:fefc:fff:ffff:ffff:ffff:ffff:ffff,CA +2602:fefd::,2602:fefd:fff:ffff:ffff:ffff:ffff:ffff,US +2602:fefe::,2602:fefe:fff:ffff:ffff:ffff:ffff:ffff,US 2602:feff::,2602:feff:fff:ffff:ffff:ffff:ffff:ffff,US 2602:ff00::,2602:ff00:fff:ffff:ffff:ffff:ffff:ffff,US 2602:ff01::,2602:ff01:fff:ffff:ffff:ffff:ffff:ffff,US @@ -11250,29 +11410,55 @@ 2604:2d00::,2604:2d00:fff:ffff:ffff:ffff:ffff:ffff,US 2604:2d40::,2604:2d40:ffff:ffff:ffff:ffff:ffff:ffff,PR 2604:2d80::,2604:2d80:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:2dc0::,2604:2dc0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:2e00::,2604:2e00:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:2e40::,2604:2e40:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:2e80::,2604:2e80:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:2ec0::,2604:2ec0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:2f00::,2604:2f00:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:2f40::,2604:2f40:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:2f80::,2604:2f80:ffff:ffff:ffff:ffff:ffff:ffff,CA +2604:2fc0::,2604:2fc0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3000::,2604:3000:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3040::,2604:3040:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3080::,2604:3080:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:30c0::,2604:30c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3100::,2604:3100:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3140::,2604:3140:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3180::,2604:3180:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:31c0::,2604:31c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3200::,2604:3200:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3240::,2604:3240:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3280::,2604:3280:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:32c0::,2604:32c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3300::,2604:3300:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3340::,2604:3340:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3380::,2604:3380:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:33c0::,2604:33c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3400::,2604:3400:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3440::,2604:3440:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3480::,2604:3480:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:34c0::,2604:34c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3500::,2604:3500:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3540::,2604:3540:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3580::,2604:3580:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:35c0::,2604:35c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3600::,2604:3600:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3640::,2604:3640:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3680::,2604:3680:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:36c0::,2604:36c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3700::,2604:3700:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3740::,2604:3740:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3780::,2604:3780:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:37c0::,2604:37c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3800::,2604:3800:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3840::,2604:3840:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3880::,2604:3880:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:38c0::,2604:38c0:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3940::,2604:3940:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:39c0::,2604:39c0:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3a00::,2604:3a00:ffff:ffff:ffff:ffff:ffff:ffff,US +2604:3a40::,2604:3a40:ffff:ffff:ffff:ffff:ffff:ffff,US 2604:3a80::,2604:3a80:ffff:ffff:ffff:ffff:ffff:ffff,CA 2604:3b00::,2604:3b00:ffff:ffff:ffff:ffff:ffff:ffff,CA 2604:3b80::,2604:3b80:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -11733,7 +11919,6 @@ 2605:2c00::,2605:2c00:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:2c80::,2605:2c80:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:2e00::,2605:2e00:fff:ffff:ffff:ffff:ffff:ffff,CA -2605:2e80::,2605:2e80:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:2f00::,2605:2f00:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:3000::,2605:3000:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:3080::,2605:3080:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -12074,7 +12259,6 @@ 2605:e100::,2605:e100:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:e180::,2605:e180:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:e200::,2605:e200:ffff:ffff:ffff:ffff:ffff:ffff,CA -2605:e280::,2605:e280:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:e300::,2605:e300:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:e380::,2605:e380:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:e400::,2605:e400:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -12149,7 +12333,6 @@ 2605:fe80::,2605:fe80:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:ff00::,2605:ff00:ffff:ffff:ffff:ffff:ffff:ffff,US 2605:ff80::,2605:ff80:ffff:ffff:ffff:ffff:ffff:ffff,US -2606::,2606::ffff:ffff:ffff:ffff:ffff:ffff,US 2606:80::,2606:80:ffff:ffff:ffff:ffff:ffff:ffff,US 2606:100::,2606:100:ffff:ffff:ffff:ffff:ffff:ffff,US 2606:180::,2606:180:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -14128,7 +14311,6 @@ 2620:11:e000::,2620:11:e000:ffff:ffff:ffff:ffff:ffff,US 2620:12::,2620:12::ffff:ffff:ffff:ffff:ffff,US 2620:12:2000::,2620:12:2000:ffff:ffff:ffff:ffff:ffff,US -2620:12:4000::,2620:12:4000:ffff:ffff:ffff:ffff:ffff,US 2620:12:6000::,2620:12:6000:ffff:ffff:ffff:ffff:ffff,US 2620:12:8000::,2620:12:8000:ffff:ffff:ffff:ffff:ffff,US 2620:12:a000::,2620:12:a000:ffff:ffff:ffff:ffff:ffff,US @@ -14186,17 +14368,30 @@ 2620:19:4000::,2620:19:4000:ffff:ffff:ffff:ffff:ffff,CA 2620:19:6000::,2620:19:6000:ffff:ffff:ffff:ffff:ffff,US 2620:19:8000::,2620:19:8000:ffff:ffff:ffff:ffff:ffff,US +2620:19:a000::,2620:19:a000:ffff:ffff:ffff:ffff:ffff,US +2620:19:e000::,2620:19:e00f:ffff:ffff:ffff:ffff:ffff,CA 2620:1a::,2620:1a::ffff:ffff:ffff:ffff:ffff,US +2620:1a:2000::,2620:1a:200f:ffff:ffff:ffff:ffff:ffff,US 2620:1a:4000::,2620:1a:4000:ffff:ffff:ffff:ffff:ffff,US +2620:1a:6000::,2620:1a:6000:ffff:ffff:ffff:ffff:ffff,CA 2620:1a:8000::,2620:1a:8000:ffff:ffff:ffff:ffff:ffff,US +2620:1a:a000::,2620:1a:a000:ffff:ffff:ffff:ffff:ffff,US 2620:1a:c000::,2620:1a:c000:ffff:ffff:ffff:ffff:ffff,US +2620:1a:e000::,2620:1a:e000:ffff:ffff:ffff:ffff:ffff,US 2620:1b::,2620:1b:f:ffff:ffff:ffff:ffff:ffff,US +2620:1b:2000::,2620:1b:2000:ffff:ffff:ffff:ffff:ffff,US 2620:1b:4000::,2620:1b:4000:ffff:ffff:ffff:ffff:ffff,US +2620:1b:6000::,2620:1b:6000:ffff:ffff:ffff:ffff:ffff,US 2620:1b:8000::,2620:1b:8000:ffff:ffff:ffff:ffff:ffff,US +2620:1b:a000::,2620:1b:a000:ffff:ffff:ffff:ffff:ffff,US 2620:1b:c000::,2620:1b:c000:ffff:ffff:ffff:ffff:ffff,US +2620:1b:e000::,2620:1b:e000:ffff:ffff:ffff:ffff:ffff,US 2620:1c::,2620:1c::ffff:ffff:ffff:ffff:ffff,US +2620:1c:2000::,2620:1c:2000:ffff:ffff:ffff:ffff:ffff,US 2620:1c:4000::,2620:1c:4000:ffff:ffff:ffff:ffff:ffff,US +2620:1c:6000::,2620:1c:6000:ffff:ffff:ffff:ffff:ffff,US 2620:1c:8000::,2620:1c:8000:ffff:ffff:ffff:ffff:ffff,US +2620:1c:a000::,2620:1c:a000:ffff:ffff:ffff:ffff:ffff,US 2620:1c:c000::,2620:1c:c000:ffff:ffff:ffff:ffff:ffff,US 2620:1d::,2620:1d:f:ffff:ffff:ffff:ffff:ffff,US 2620:1d:4000::,2620:1d:4000:ffff:ffff:ffff:ffff:ffff,US @@ -14340,7 +14535,6 @@ 2620:40:8000::,2620:40:8000:ffff:ffff:ffff:ffff:ffff,US 2620:40:c000::,2620:40:c000:ffff:ffff:ffff:ffff:ffff,US 2620:41::,2620:41:1:ffff:ffff:ffff:ffff:ffff,US -2620:41:4000::,2620:41:4000:ffff:ffff:ffff:ffff:ffff,US 2620:41:8000::,2620:41:8000:ffff:ffff:ffff:ffff:ffff,US 2620:42::,2620:42::ffff:ffff:ffff:ffff:ffff,US 2620:42:4000::,2620:42:4000:ffff:ffff:ffff:ffff:ffff,US @@ -14391,7 +14585,6 @@ 2620:4e::,2620:4e::ffff:ffff:ffff:ffff:ffff,US 2620:4e:4000::,2620:4e:4000:ffff:ffff:ffff:ffff:ffff,CA 2620:4e:8000::,2620:4e:8000:ffff:ffff:ffff:ffff:ffff,US -2620:4e:c000::,2620:4e:c000:ffff:ffff:ffff:ffff:ffff,US 2620:4f::,2620:4f::ffff:ffff:ffff:ffff:ffff,US 2620:4f:4000::,2620:4f:4000:ffff:ffff:ffff:ffff:ffff,US 2620:4f:8000::,2620:4f:8000:ffff:ffff:ffff:ffff:ffff,US @@ -14717,7 +14910,7 @@ 2620:a3:c020::,2620:a3:c020:ffff:ffff:ffff:ffff:ffff,US 2620:a3:e030::,2620:a3:e030:ffff:ffff:ffff:ffff:ffff,US 2620:a4:40::,2620:a4:40:ffff:ffff:ffff:ffff:ffff,US -2620:a4:2050::,2620:a4:2050:ffff:ffff:ffff:ffff:ffff,US +2620:a4:2050::,2620:a4:205f:ffff:ffff:ffff:ffff:ffff,US 2620:a4:4060::,2620:a4:4060:ffff:ffff:ffff:ffff:ffff,US 2620:a4:6070::,2620:a4:6070:ffff:ffff:ffff:ffff:ffff,US 2620:a4:8080::,2620:a4:8080:ffff:ffff:ffff:ffff:ffff,US @@ -15169,7 +15362,6 @@ 2620:105:a000::,2620:105:a00f:ffff:ffff:ffff:ffff:ffff,US 2620:105:b000::,2620:105:b0ff:ffff:ffff:ffff:ffff:ffff,US 2620:105:c000::,2620:105:c00f:ffff:ffff:ffff:ffff:ffff,US -2620:105:d000::,2620:105:d0ff:ffff:ffff:ffff:ffff:ffff,US 2620:105:e000::,2620:105:e0ff:ffff:ffff:ffff:ffff:ffff,US 2620:105:f000::,2620:105:f0ff:ffff:ffff:ffff:ffff:ffff,US 2620:106::,2620:106:f:ffff:ffff:ffff:ffff:ffff,US @@ -15822,6 +16014,21 @@ 2620:12e:3000::,2620:12e:300f:ffff:ffff:ffff:ffff:ffff,US 2620:12e:4000::,2620:12e:400f:ffff:ffff:ffff:ffff:ffff,US 2620:12e:5000::,2620:12e:50ff:ffff:ffff:ffff:ffff:ffff,US +2620:12e:6000::,2620:12e:60ff:ffff:ffff:ffff:ffff:ffff,US +2620:12e:7000::,2620:12e:700f:ffff:ffff:ffff:ffff:ffff,US +2620:12e:8000::,2620:12e:80ff:ffff:ffff:ffff:ffff:ffff,US +2620:12e:9000::,2620:12e:900f:ffff:ffff:ffff:ffff:ffff,US +2620:12e:a000::,2620:12e:a0ff:ffff:ffff:ffff:ffff:ffff,US +2620:12e:b000::,2620:12e:b00f:ffff:ffff:ffff:ffff:ffff,US +2620:12e:c000::,2620:12e:c00f:ffff:ffff:ffff:ffff:ffff,US +2620:12e:d000::,2620:12e:d00f:ffff:ffff:ffff:ffff:ffff,US +2620:12e:e000::,2620:12e:e0ff:ffff:ffff:ffff:ffff:ffff,US +2620:12e:f000::,2620:12e:f0ff:ffff:ffff:ffff:ffff:ffff,US +2620:12f::,2620:12f:f:ffff:ffff:ffff:ffff:ffff,US +2620:12f:1000::,2620:12f:100f:ffff:ffff:ffff:ffff:ffff,US +2620:12f:2000::,2620:12f:20ff:ffff:ffff:ffff:ffff:ffff,US +2620:12f:3000::,2620:12f:30ff:ffff:ffff:ffff:ffff:ffff,US +2620:12f:4000::,2620:12f:400f:ffff:ffff:ffff:ffff:ffff,US 2620:140::,2620:140:3ff:ffff:ffff:ffff:ffff:ffff,US 2620:141::,2620:141:fff:ffff:ffff:ffff:ffff:ffff,US 2620:143::,2620:143:7ff:ffff:ffff:ffff:ffff:ffff,US @@ -15851,8 +16058,7 @@ 2620:15c::,2620:15c:4:ffff:ffff:ffff:ffff:ffff,US 2620:15c:5::,2620:15c:5:ffff:ffff:ffff:ffff:ffff,BR 2620:15c:6::,2620:15c:fff:ffff:ffff:ffff:ffff:ffff,US -2620:15e::,2620:15e:fff:ffff:ffff:ffff:ffff:ffff,US -2620:15f::,2620:15f:fff:ffff:ffff:ffff:ffff:ffff,US +2620:15d::,2620:15f:fff:ffff:ffff:ffff:ffff:ffff,US 2620:160::,2620:160:ffff:ffff:ffff:ffff:ffff:ffff,US 2620:162::,2620:162:fff:ffff:ffff:ffff:ffff:ffff,US 2620:163::,2620:163:fff:ffff:ffff:ffff:ffff:ffff,US @@ -15882,6 +16088,7 @@ 2620:183::,2620:183:fff:ffff:ffff:ffff:ffff:ffff,US 2620:184::,2620:184:fff:ffff:ffff:ffff:ffff:ffff,US 2620:185::,2620:185:fff:ffff:ffff:ffff:ffff:ffff,US +2620:186::,2620:186:fff:ffff:ffff:ffff:ffff:ffff,US 2620:190::,2620:190:ffff:ffff:ffff:ffff:ffff:ffff,US 2620:1a0::,2620:1a0:ffff:ffff:ffff:ffff:ffff:ffff,US 2620:1b0::,2620:1b0:ffff:ffff:ffff:ffff:ffff:ffff,US @@ -16199,6 +16406,7 @@ 2801:10::,2801:10:7:ffff:ffff:ffff:ffff:ffff,AR 2801:10:1000::,2801:10:1000:ffff:ffff:ffff:ffff:ffff,AR 2801:10:2000::,2801:10:2000:ffff:ffff:ffff:ffff:ffff,AR +2801:10:3000::,2801:10:3000:ffff:ffff:ffff:ffff:ffff,CO 2801:10:4000::,2801:10:4000:ffff:ffff:ffff:ffff:ffff,AR 2801:10:5000::,2801:10:5000:ffff:ffff:ffff:ffff:ffff,BO 2801:10:6000::,2801:10:6000:ffff:ffff:ffff:ffff:ffff,HN @@ -16246,6 +16454,7 @@ 2801:14::,2801:14::ffff:ffff:ffff:ffff:ffff,CO 2801:14:1000::,2801:14:1000:ffff:ffff:ffff:ffff:ffff,CL 2801:14:2000::,2801:14:2000:ffff:ffff:ffff:ffff:ffff,AR +2801:14:3000::,2801:14:3000:ffff:ffff:ffff:ffff:ffff,CO 2801:14:5000::,2801:14:5000:ffff:ffff:ffff:ffff:ffff,NI 2801:14:6000::,2801:14:6000:ffff:ffff:ffff:ffff:ffff,BO 2801:14:8000::,2801:14:8000:ffff:ffff:ffff:ffff:ffff,CO @@ -16288,10 +16497,12 @@ 2801:17:9000::,2801:17:9000:ffff:ffff:ffff:ffff:ffff,PA 2801:17:a000::,2801:17:a000:ffff:ffff:ffff:ffff:ffff,HT 2801:17:c000::,2801:17:c000:ffff:ffff:ffff:ffff:ffff,PA +2801:17:d000::,2801:17:d000:ffff:ffff:ffff:ffff:ffff,CO 2801:17:e000::,2801:17:e000:ffff:ffff:ffff:ffff:ffff,AR 2801:18::,2801:18::ffff:ffff:ffff:ffff:ffff,CR 2801:18:1000::,2801:18:1000:ffff:ffff:ffff:ffff:ffff,PA 2801:18:2000::,2801:18:2000:ffff:ffff:ffff:ffff:ffff,CO +2801:18:3000::,2801:18:3000:ffff:ffff:ffff:ffff:ffff,CO 2801:18:5000::,2801:18:5000:ffff:ffff:ffff:ffff:ffff,CO 2801:18:6000::,2801:18:6000:ffff:ffff:ffff:ffff:ffff,AR 2801:18:8000::,2801:18:8000:ffff:ffff:ffff:ffff:ffff,AR @@ -16331,10 +16542,12 @@ 2801:1b:9000::,2801:1b:9000:ffff:ffff:ffff:ffff:ffff,CL 2801:1b:a000::,2801:1b:a000:ffff:ffff:ffff:ffff:ffff,AR 2801:1b:c000::,2801:1b:c000:ffff:ffff:ffff:ffff:ffff,PA +2801:1b:d000::,2801:1b:d000:ffff:ffff:ffff:ffff:ffff,CO 2801:1b:e000::,2801:1b:e000:ffff:ffff:ffff:ffff:ffff,NI 2801:1c::,2801:1c::ffff:ffff:ffff:ffff:ffff,PY -2801:1c:1000::,2801:1c:1000:ffff:ffff:ffff:ffff:ffff,PE +2801:1c:1000::,2801:1c:1000:ffff:ffff:ffff:ffff:ffff,AR 2801:1c:2000::,2801:1c:2000:ffff:ffff:ffff:ffff:ffff,PE +2801:1c:3000::,2801:1c:3000:ffff:ffff:ffff:ffff:ffff,SV 2801:1c:4000::,2801:1c:4000:ffff:ffff:ffff:ffff:ffff,CO 2801:1c:5000::,2801:1c:5000:ffff:ffff:ffff:ffff:ffff,CL 2801:1c:6000::,2801:1c:6000:ffff:ffff:ffff:ffff:ffff,PA @@ -16375,6 +16588,7 @@ 2801:1f:9000::,2801:1f:9000:ffff:ffff:ffff:ffff:ffff,AR 2801:1f:a000::,2801:1f:a000:ffff:ffff:ffff:ffff:ffff,CL 2801:1f:c000::,2801:1f:c000:ffff:ffff:ffff:ffff:ffff,CR +2801:1f:d000::,2801:1f:d000:ffff:ffff:ffff:ffff:ffff,CO 2801:1f:e000::,2801:1f:e000:ffff:ffff:ffff:ffff:ffff,AR 2801:80::,2801:80::ffff:ffff:ffff:ffff:ffff,BR 2801:80:10::,2801:80:10:ffff:ffff:ffff:ffff:ffff,BR @@ -16717,6 +16931,10 @@ 2801:80:1c40::,2801:80:1c4f:ffff:ffff:ffff:ffff:ffff,BR 2801:80:1c60::,2801:80:1c60:ffff:ffff:ffff:ffff:ffff,BR 2801:80:1c70::,2801:80:1c70:ffff:ffff:ffff:ffff:ffff,BR +2801:80:1c80::,2801:80:1c80:ffff:ffff:ffff:ffff:ffff,BR +2801:80:1c90::,2801:80:1c90:ffff:ffff:ffff:ffff:ffff,BR +2801:80:1ca0::,2801:80:1ca0:ffff:ffff:ffff:ffff:ffff,BR +2801:80:1cb0::,2801:80:1cb0:ffff:ffff:ffff:ffff:ffff,BR 2801:82::,2801:82:ffff:ffff:ffff:ffff:ffff:ffff,BR 2801:84::,2801:84:ffff:ffff:ffff:ffff:ffff:ffff,BR 2801:86::,2801:86:ffff:ffff:ffff:ffff:ffff:ffff,BR @@ -16775,6 +16993,7 @@ 2801:110::,2801:110:1fff:ffff:ffff:ffff:ffff:ffff,CO 2801:118::,2801:118:ff:ffff:ffff:ffff:ffff:ffff,AR 2801:120::,2801:120:ffff:ffff:ffff:ffff:ffff:ffff,AR +2801:124::,2801:124:f:ffff:ffff:ffff:ffff:ffff,CO 2801:128::,2801:128:fff:ffff:ffff:ffff:ffff:ffff,UY 2801:130::,2801:130:fff:ffff:ffff:ffff:ffff:ffff,CO 2801:138::,2801:138:ff:ffff:ffff:ffff:ffff:ffff,PA @@ -16797,6 +17016,7 @@ 2801:1b0::,2801:1b0:ff:ffff:ffff:ffff:ffff:ffff,CO 2801:1b8::,2801:1b8:f:ffff:ffff:ffff:ffff:ffff,UY 2801:1c0::,2801:1c0:1ff:ffff:ffff:ffff:ffff:ffff,AR +2801:1c4::,2801:1c4:f:ffff:ffff:ffff:ffff:ffff,CO 2801:1c8::,2801:1c8:fff:ffff:ffff:ffff:ffff:ffff,CO 2801:1d0::,2801:1d0:f:ffff:ffff:ffff:ffff:ffff,CO 2801:1d8::,2801:1d8:fff:ffff:ffff:ffff:ffff:ffff,CO @@ -16840,6 +17060,7 @@ 2803:500::,2803:500:ffff:ffff:ffff:ffff:ffff:ffff,PE 2803:540::,2803:540:ffff:ffff:ffff:ffff:ffff:ffff,CR 2803:580::,2803:580:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:5c0::,2803:5c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:600::,2803:600:ffff:ffff:ffff:ffff:ffff:ffff,PA 2803:640::,2803:640:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:680::,2803:680:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -16854,6 +17075,7 @@ 2803:900::,2803:900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:940::,2803:940:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:980::,2803:980:ffff:ffff:ffff:ffff:ffff:ffff,CR +2803:9c0::,2803:9c0:ffff:ffff:ffff:ffff:ffff:ffff,DO 2803:a00::,2803:a00:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:a40::,2803:a40:ffff:ffff:ffff:ffff:ffff:ffff,NI 2803:a80::,2803:a80:ffff:ffff:ffff:ffff:ffff:ffff,CO @@ -16911,6 +17133,7 @@ 2803:1840::,2803:1840:ffff:ffff:ffff:ffff:ffff:ffff,CO 2803:1900::,2803:1900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:1940::,2803:1940:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:19c0::,2803:19c0:ffff:ffff:ffff:ffff:ffff:ffff,DO 2803:1a00::,2803:1a00:ffff:ffff:ffff:ffff:ffff:ffff,CO 2803:1a40::,2803:1a40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:1a80::,2803:1a80:ffff:ffff:ffff:ffff:ffff:ffff,CR @@ -16966,6 +17189,7 @@ 2803:2900::,2803:2900:ffff:ffff:ffff:ffff:ffff:ffff,PA 2803:2940::,2803:2940:ffff:ffff:ffff:ffff:ffff:ffff,PA 2803:2980::,2803:2980:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:29c0::,2803:29c0:ffff:ffff:ffff:ffff:ffff:ffff,HN 2803:2a00::,2803:2a00:ffff:ffff:ffff:ffff:ffff:ffff,PY 2803:2a40::,2803:2a40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:2a80::,2803:2a80:ffff:ffff:ffff:ffff:ffff:ffff,CO @@ -17022,6 +17246,7 @@ 2803:3900::,2803:3900:ffff:ffff:ffff:ffff:ffff:ffff,VE 2803:3940::,2803:3940:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:3980::,2803:3980:ffff:ffff:ffff:ffff:ffff:ffff,VE +2803:39c0::,2803:39c0:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:3a00::,2803:3a00:ffff:ffff:ffff:ffff:ffff:ffff,GT 2803:3a40::,2803:3a40:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:3a80::,2803:3a80:ffff:ffff:ffff:ffff:ffff:ffff,HN @@ -17065,6 +17290,7 @@ 2803:4500::,2803:4500:ffff:ffff:ffff:ffff:ffff:ffff,CW 2803:4540::,2803:4540:ffff:ffff:ffff:ffff:ffff:ffff,HN 2803:4580::,2803:4580:ffff:ffff:ffff:ffff:ffff:ffff,CR +2803:45c0::,2803:45c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:4600::,2803:4600:ffff:ffff:ffff:ffff:ffff:ffff,HN 2803:4640::,2803:4640:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:4680::,2803:4680:ffff:ffff:ffff:ffff:ffff:ffff,TT @@ -17079,6 +17305,7 @@ 2803:4900::,2803:4900:ffff:ffff:ffff:ffff:ffff:ffff,BQ 2803:4940::,2803:4940:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:4980::,2803:4980:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:49c0::,2803:49c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:4a40::,2803:4a40:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:4a80::,2803:4a80:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:4ac0::,2803:4ac0:ffff:ffff:ffff:ffff:ffff:ffff,BO @@ -17134,6 +17361,7 @@ 2803:5900::,2803:5900:ffff:ffff:ffff:ffff:ffff:ffff,GF 2803:5940::,2803:5940:ffff:ffff:ffff:ffff:ffff:ffff,PE 2803:5980::,2803:5980:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:59c0::,2803:59c0:ffff:ffff:ffff:ffff:ffff:ffff,EC 2803:5a00::,2803:5a00:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:5a40::,2803:5a40:ffff:ffff:ffff:ffff:ffff:ffff,PY 2803:5a80::,2803:5a80:ffff:ffff:ffff:ffff:ffff:ffff,DO @@ -17189,6 +17417,7 @@ 2803:6900::,2803:6900:ffff:ffff:ffff:ffff:ffff:ffff,CR 2803:6940::,2803:6940:ffff:ffff:ffff:ffff:ffff:ffff,PY 2803:6980::,2803:6980:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:69c0::,2803:69c0:ffff:ffff:ffff:ffff:ffff:ffff,HN 2803:6a00::,2803:6a00:ffff:ffff:ffff:ffff:ffff:ffff,EC 2803:6a40::,2803:6a40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:6a80::,2803:6a80:ffff:ffff:ffff:ffff:ffff:ffff,NI @@ -17246,6 +17475,7 @@ 2803:7900::,2803:7900:ffff:ffff:ffff:ffff:ffff:ffff,BZ 2803:7940::,2803:7940:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:7980::,2803:7980:ffff:ffff:ffff:ffff:ffff:ffff,VE +2803:79c0::,2803:79c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:7a00::,2803:7a00:ffff:ffff:ffff:ffff:ffff:ffff,CR 2803:7a40::,2803:7a40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:7a80::,2803:7a80:ffff:ffff:ffff:ffff:ffff:ffff,CR @@ -17289,6 +17519,7 @@ 2803:8500::,2803:8500:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:8540::,2803:8540:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:8580::,2803:8580:ffff:ffff:ffff:ffff:ffff:ffff,CO +2803:85c0::,2803:85c0:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:8600::,2803:8600:ffff:ffff:ffff:ffff:ffff:ffff,HT 2803:8640::,2803:8640:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:8680::,2803:8680:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -17303,6 +17534,7 @@ 2803:8900::,2803:8900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:8940::,2803:8940:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:8980::,2803:8980:ffff:ffff:ffff:ffff:ffff:ffff,CO +2803:89c0::,2803:89c0:ffff:ffff:ffff:ffff:ffff:ffff,HN 2803:8a40::,2803:8a40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:8a80::,2803:8a80:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:8ac0::,2803:8ac0:ffff:ffff:ffff:ffff:ffff:ffff,DO @@ -17358,6 +17590,7 @@ 2803:9900::,2803:9900:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:9940::,2803:9940:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:9980::,2803:9980:ffff:ffff:ffff:ffff:ffff:ffff,CO +2803:99c0::,2803:99c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:9a00::,2803:9a00:ffff:ffff:ffff:ffff:ffff:ffff,BZ 2803:9a40::,2803:9a40:ffff:ffff:ffff:ffff:ffff:ffff,BZ 2803:9a80::,2803:9a80:ffff:ffff:ffff:ffff:ffff:ffff,CO @@ -17414,6 +17647,7 @@ 2803:a900::,2803:a900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:a940::,2803:a940:ffff:ffff:ffff:ffff:ffff:ffff,PE 2803:a980::,2803:a980:ffff:ffff:ffff:ffff:ffff:ffff,CL +2803:a9c0::,2803:a9c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:aa00::,2803:aa00:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:aa40::,2803:aa40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:aa80::,2803:aa80:ffff:ffff:ffff:ffff:ffff:ffff,CR @@ -17469,6 +17703,7 @@ 2803:b8c0::,2803:b8c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:b900::,2803:b900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:b940::,2803:b940:ffff:ffff:ffff:ffff:ffff:ffff,PE +2803:b9c0::,2803:b9c0:ffff:ffff:ffff:ffff:ffff:ffff,CO 2803:ba00::,2803:ba00:ffff:ffff:ffff:ffff:ffff:ffff,GT 2803:ba40::,2803:ba40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ba80::,2803:ba80:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -17512,6 +17747,7 @@ 2803:c500::,2803:c500:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:c540::,2803:c540:ffff:ffff:ffff:ffff:ffff:ffff,GT 2803:c580::,2803:c580:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:c5c0::,2803:c5c0:ffff:ffff:ffff:ffff:ffff:ffff,EC 2803:c600::,2803:c600:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:c640::,2803:c640:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:c680::,2803:c680:ffff:ffff:ffff:ffff:ffff:ffff,HT @@ -17526,6 +17762,7 @@ 2803:c900::,2803:c900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:c940::,2803:c940:ffff:ffff:ffff:ffff:ffff:ffff,CR 2803:c980::,2803:c980:ffff:ffff:ffff:ffff:ffff:ffff,CL +2803:c9c0::,2803:c9c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ca00::,2803:ca00:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ca40::,2803:ca40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ca80::,2803:ca80:ffff:ffff:ffff:ffff:ffff:ffff,CL @@ -17584,6 +17821,7 @@ 2803:d900::,2803:d900:ffff:ffff:ffff:ffff:ffff:ffff,CR 2803:d940::,2803:d940:ffff:ffff:ffff:ffff:ffff:ffff,VE 2803:d980::,2803:d980:ffff:ffff:ffff:ffff:ffff:ffff,PA +2803:d9c0::,2803:d9c0:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:da00::,2803:da00:ffff:ffff:ffff:ffff:ffff:ffff,GY 2803:da40::,2803:da40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:da80::,2803:da80:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -17640,6 +17878,7 @@ 2803:e8c0::,2803:e8c0:ffff:ffff:ffff:ffff:ffff:ffff,CL 2803:e900::,2803:e900:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:e940::,2803:e940:ffff:ffff:ffff:ffff:ffff:ffff,AR +2803:e9c0::,2803:e9c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ea00::,2803:ea00:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ea40::,2803:ea40:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:ea80::,2803:ea80:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -17697,6 +17936,7 @@ 2803:f900::,2803:f900:ffff:ffff:ffff:ffff:ffff:ffff,BZ 2803:f940::,2803:f940:ffff:ffff:ffff:ffff:ffff:ffff,SX 2803:f980::,2803:f980:ffff:ffff:ffff:ffff:ffff:ffff,CL +2803:f9c0::,2803:f9c0:ffff:ffff:ffff:ffff:ffff:ffff,AR 2803:fa00::,2803:fa00:ffff:ffff:ffff:ffff:ffff:ffff,BO 2803:fa40::,2803:fa40:ffff:ffff:ffff:ffff:ffff:ffff,SV 2803:fa80::,2803:fa80:ffff:ffff:ffff:ffff:ffff:ffff,AR @@ -21388,6 +21628,111 @@ 2804:3b1c::,2804:3b1c:ffff:ffff:ffff:ffff:ffff:ffff,BR 2804:3b20::,2804:3b20:ffff:ffff:ffff:ffff:ffff:ffff,BR 2804:3b24::,2804:3b24:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b28::,2804:3b28:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b2c::,2804:3b2c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b30::,2804:3b30:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b34::,2804:3b34:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b38::,2804:3b38:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b3c::,2804:3b3c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b40::,2804:3b40:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b44::,2804:3b44:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b48::,2804:3b48:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b4c::,2804:3b4c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b50::,2804:3b50:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b54::,2804:3b54:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b58::,2804:3b58:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b5c::,2804:3b5c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b60::,2804:3b60:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b64::,2804:3b64:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b68::,2804:3b68:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b6c::,2804:3b6c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b70::,2804:3b70:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b74::,2804:3b74:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b78::,2804:3b78:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b7c::,2804:3b7c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b80::,2804:3b80:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b84::,2804:3b84:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b88::,2804:3b88:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b8c::,2804:3b8c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b90::,2804:3b90:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b94::,2804:3b94:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b98::,2804:3b98:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3b9c::,2804:3b9c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ba0::,2804:3ba0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ba4::,2804:3ba4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ba8::,2804:3ba8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bac::,2804:3bac:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bb0::,2804:3bb0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bb4::,2804:3bb4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bb8::,2804:3bb8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bbc::,2804:3bbc:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bc0::,2804:3bc0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bc4::,2804:3bc4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bc8::,2804:3bc8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bcc::,2804:3bcc:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bd0::,2804:3bd0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bd4::,2804:3bd4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bd8::,2804:3bd8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bdc::,2804:3bdc:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3be0::,2804:3be0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3be4::,2804:3be4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3be8::,2804:3be8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bec::,2804:3bec:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bf0::,2804:3bf0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bf4::,2804:3bf4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bf8::,2804:3bf8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3bfc::,2804:3bfc:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c00::,2804:3c00:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c04::,2804:3c04:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c08::,2804:3c08:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c0c::,2804:3c0c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c10::,2804:3c10:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c14::,2804:3c14:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c18::,2804:3c18:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c1c::,2804:3c1c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c20::,2804:3c20:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c24::,2804:3c24:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c28::,2804:3c28:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c2c::,2804:3c2c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c30::,2804:3c30:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c34::,2804:3c34:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c38::,2804:3c38:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c3c::,2804:3c3c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c40::,2804:3c40:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c44::,2804:3c44:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c48::,2804:3c48:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c4c::,2804:3c4c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c50::,2804:3c50:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c54::,2804:3c54:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c58::,2804:3c58:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c5c::,2804:3c5c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c60::,2804:3c60:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c64::,2804:3c64:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c68::,2804:3c68:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c6c::,2804:3c6c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c70::,2804:3c70:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c74::,2804:3c74:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c78::,2804:3c78:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c7c::,2804:3c7c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c80::,2804:3c80:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c84::,2804:3c84:ffff:ffff:ffff:ffff:ffff:ffff,US +2804:3c88::,2804:3c88:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c8c::,2804:3c8c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c90::,2804:3c90:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c94::,2804:3c94:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c98::,2804:3c98:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3c9c::,2804:3c9c:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ca0::,2804:3ca0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ca4::,2804:3ca4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3ca8::,2804:3ca8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cac::,2804:3cac:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cb0::,2804:3cb0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cb4::,2804:3cb4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cb8::,2804:3cb8:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cbc::,2804:3cbc:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cc0::,2804:3cc0:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cc4::,2804:3cc4:ffff:ffff:ffff:ffff:ffff:ffff,BR +2804:3cc8::,2804:3cc8:ffff:ffff:ffff:ffff:ffff:ffff,BR 2806::,2806:f:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:200::,2806:216::ffff:ffff:ffff:ffff:ffff,MX 2806:217::,2806:220:ffff:ffff:ffff:ffff:ffff:ffff,MX @@ -21403,7 +21748,8 @@ 2806:2b0::,2806:2b0:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:2c0::,2806:2c0:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:2d0::,2806:2d0:ffff:ffff:ffff:ffff:ffff:ffff,MX -2806:2e0::,2806:2e1:ffff:ffff:ffff:ffff:ffff:ffff,MX +2806:2e0::,2806:2e2:ffff:ffff:ffff:ffff:ffff:ffff,MX +2806:2e4::,2806:2e4:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:2f0::,2806:2f0:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:300::,2806:300:ffff:ffff:ffff:ffff:ffff:ffff,MX 2806:310::,2806:310:ffff:ffff:ffff:ffff:ffff:ffff,MX @@ -21729,7 +22075,7 @@ 2a00:15f0::,2a00:15f0:ffff:ffff:ffff:ffff:ffff:ffff,HU 2a00:15f8::,2a00:15f8:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a00:1600::,2a00:1607:ffff:ffff:ffff:ffff:ffff:ffff,SI -2a00:1610::,2a00:1618:ffff:ffff:ffff:ffff:ffff:ffff,AT +2a00:1610::,2a00:161f:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a00:1620::,2a00:1620:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a00:1628::,2a00:1628:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a00:1630::,2a00:1637:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -21925,7 +22271,7 @@ 2a00:1c60::,2a00:1c60:ffff:ffff:ffff:ffff:ffff:ffff,PT 2a00:1c68::,2a00:1c68:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a00:1c70::,2a00:1c70:ffff:ffff:ffff:ffff:ffff:ffff,RU -2a00:1c78::,2a00:1c78:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a00:1c78::,2a00:1c7f:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a00:1c80::,2a00:1c87:ffff:ffff:ffff:ffff:ffff:ffff,SI 2a00:1c88::,2a00:1c88:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a00:1c90::,2a00:1c90:ffff:ffff:ffff:ffff:ffff:ffff,NO @@ -22016,7 +22362,7 @@ 2a00:1f48::,2a00:1f4f:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a00:1f50::,2a00:1f50:ffff:ffff:ffff:ffff:ffff:ffff,FI 2a00:1f58::,2a00:1f5f:ffff:ffff:ffff:ffff:ffff:ffff,AT -2a00:1f60::,2a00:1f60:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a00:1f60::,2a00:1f67:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a00:1f68::,2a00:1f68:ffff:ffff:ffff:ffff:ffff:ffff,GR 2a00:1f70::,2a00:1f70:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a00:1f78::,2a00:1f7f:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -22301,7 +22647,7 @@ 2a00:6120::,2a00:6120:ffff:ffff:ffff:ffff:ffff:ffff,FI 2a00:6140::,2a00:6140:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a00:6160::,2a00:6160:ffff:ffff:ffff:ffff:ffff:ffff,DE -2a00:6180::,2a00:6180:ffff:ffff:ffff:ffff:ffff:ffff,UA +2a00:6180::,2a00:6187:ffff:ffff:ffff:ffff:ffff:ffff,UA 2a00:61a0::,2a00:61a7:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a00:61c0::,2a00:61c7:ffff:ffff:ffff:ffff:ffff:ffff,RS 2a00:61e0::,2a00:61e0:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -22509,7 +22855,9 @@ 2a00:79e0:23::,2a00:79e0:23:ffff:ffff:ffff:ffff:ffff,GB 2a00:79e0:24::,2a00:79e0:26:ffff:ffff:ffff:ffff:ffff,CH 2a00:79e0:27::,2a00:79e0:27:ffff:ffff:ffff:ffff:ffff,NL -2a00:79e0:28::,2a00:79e0:ffe2:4ff:ffff:ffff:ffff:ffff,CH +2a00:79e0:28::,2a00:79e0:30:ffff:ffff:ffff:ffff:ffff,CH +2a00:79e0:31::,2a00:79e0:31:ffff:ffff:ffff:ffff:ffff,SK +2a00:79e0:32::,2a00:79e0:ffe2:4ff:ffff:ffff:ffff:ffff,CH 2a00:79e0:ffe2:500::,2a00:79e0:ffe2:5ff:ffff:ffff:ffff:ffff,IE 2a00:79e0:ffe2:600::,2a00:79e1:abb:ffff:ffff:ffff:ffff:ffff,CH 2a00:79e1:abc::,2a00:79e1:abc:ff:ffff:ffff:ffff:ffff,GB @@ -22947,7 +23295,6 @@ 2a00:b0a0::,2a00:b0a0:ffff:ffff:ffff:ffff:ffff:ffff,CH 2a00:b0c0::,2a00:b0c0:ffff:ffff:ffff:ffff:ffff:ffff,HU 2a00:b0e0::,2a00:b0e0:ffff:ffff:ffff:ffff:ffff:ffff,GB -2a00:b100::,2a00:b100:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a00:b120::,2a00:b120:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a00:b140::,2a00:b140:ffff:ffff:ffff:ffff:ffff:ffff,IR 2a00:b160::,2a00:b160:ffff:ffff:ffff:ffff:ffff:ffff,RU @@ -23548,7 +23895,7 @@ 2a00:fd20::,2a00:fd20:ffff:ffff:ffff:ffff:ffff:ffff,LB 2a00:fd40::,2a00:fd40:5:ffff:ffff:ffff:ffff:ffff,NL 2a00:fd40:6::,2a00:fd40:7:ffff:ffff:ffff:ffff:ffff,SK -2a00:fd40:8::,2a00:fd40:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a00:fd40:8::,2a00:fd47:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a00:fd60::,2a00:fd60:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a00:fd80::,2a00:fd80:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a00:fda0::,2a00:fda0:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -24523,7 +24870,7 @@ 2a01:7c8::,2a01:7c8:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a01:7d0::,2a01:7d0:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a01:7d8::,2a01:7d8:ffff:ffff:ffff:ffff:ffff:ffff,RO -2a01:7e0::,2a01:7e0:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a01:7e0::,2a01:7e7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a01:7e8::,2a01:7e8:ffff:ffff:ffff:ffff:ffff:ffff,DK 2a01:7f0::,2a01:7f0:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a01:7f8::,2a01:7f8:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -24800,7 +25147,7 @@ 2a01:61e0::,2a01:61e0:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a01:6200::,2a01:6200:ffff:ffff:ffff:ffff:ffff:ffff,DK 2a01:6220::,2a01:6220:ffff:ffff:ffff:ffff:ffff:ffff,CZ -2a01:6240::,2a01:6240:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a01:6240::,2a01:6247:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a01:6260::,2a01:6260:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a01:6280::,2a01:6280:ffff:ffff:ffff:ffff:ffff:ffff,IE 2a01:62a0::,2a01:62a0:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -25223,7 +25570,7 @@ 2a01:9620::,2a01:9627:ffff:ffff:ffff:ffff:ffff:ffff,GE 2a01:9640::,2a01:9640:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a01:9660::,2a01:9660:ffff:ffff:ffff:ffff:ffff:ffff,NL -2a01:9680::,2a01:9680:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a01:9680::,2a01:9687:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a01:96a0::,2a01:96a0:ffff:ffff:ffff:ffff:ffff:ffff,KG 2a01:96c0::,2a01:96c7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a01:96e0::,2a01:96e0:ffff:ffff:ffff:ffff:ffff:ffff,PL @@ -25485,7 +25832,7 @@ 2a01:b760::,2a01:b760:ffff:ffff:ffff:ffff:ffff:ffff,BG 2a01:b780::,2a01:b780:ffff:ffff:ffff:ffff:ffff:ffff,MK 2a01:b7a0::,2a01:b7a0:ffff:ffff:ffff:ffff:ffff:ffff,DE -2a01:b7c0::,2a01:b7c0:ffff:ffff:ffff:ffff:ffff:ffff,CH +2a01:b7c0::,2a01:b7c7:ffff:ffff:ffff:ffff:ffff:ffff,CH 2a01:b7e0::,2a01:b7e0:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a01:b800::,2a01:b800:ffff:ffff:ffff:ffff:ffff:ffff,RS 2a01:b820::,2a01:b820:ffff:ffff:ffff:ffff:ffff:ffff,GB @@ -25858,7 +26205,7 @@ 2a02:9a8::,2a02:9a8:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a02:9b0::,2a02:9b0:ffff:ffff:ffff:ffff:ffff:ffff,SA 2a02:9b8::,2a02:9b9:ffff:ffff:ffff:ffff:ffff:ffff,CZ -2a02:9c0::,2a02:9c0:ffff:ffff:ffff:ffff:ffff:ffff,JO +2a02:9c0::,2a02:9c7:ffff:ffff:ffff:ffff:ffff:ffff,JO 2a02:9c8::,2a02:9cf:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a02:9d0::,2a02:9d0:ffff:ffff:ffff:ffff:ffff:ffff,DK 2a02:9d8::,2a02:9d8:ffff:ffff:ffff:ffff:ffff:ffff,RU @@ -26174,7 +26521,7 @@ 2a02:20b8::,2a02:20b8:ffff:ffff:ffff:ffff:ffff:ffff,HR 2a02:20c0::,2a02:20c0:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a02:20c8::,2a02:20c8:ffff:ffff:ffff:ffff:ffff:ffff,NO -2a02:20d0::,2a02:20d0:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a02:20d0::,2a02:20d7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a02:20d8::,2a02:20d8:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a02:20e0::,2a02:20e7:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a02:20f0::,2a02:20f0:ffff:ffff:ffff:ffff:ffff:ffff,FR @@ -26505,7 +26852,9 @@ 2a02:2b00::,2a02:2b00:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a02:2b08::,2a02:2b08:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a02:2b10::,2a02:2b10:ffff:ffff:ffff:ffff:ffff:ffff,AT -2a02:2b18::,2a02:2b18:ffff:ffff:ffff:ffff:ffff:ffff,UA +2a02:2b18::,2a02:2b18::7fff:ffff:ffff:ffff:ffff,RU +2a02:2b18:0:8000::,2a02:2b18::ffff:ffff:ffff:ffff:ffff,UA +2a02:2b18:1::,2a02:2b18:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a02:2b20::,2a02:2b20:ffff:ffff:ffff:ffff:ffff:ffff,FI 2a02:2b28::,2a02:2b28:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a02:2b30::,2a02:2b30:ffff:ffff:ffff:ffff:ffff:ffff,UA @@ -26715,7 +27064,7 @@ 2a02:5480::,2a02:5480:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a02:54a0::,2a02:54a0:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a02:54c0::,2a02:54c0:ffff:ffff:ffff:ffff:ffff:ffff,AT -2a02:54e0::,2a02:54e0:ffff:ffff:ffff:ffff:ffff:ffff,PL +2a02:54e0::,2a02:54e7:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a02:5500::,2a02:5507:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a02:5520::,2a02:5520:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a02:5540::,2a02:5540:ffff:ffff:ffff:ffff:ffff:ffff,ES @@ -26825,7 +27174,6 @@ 2a02:6280::,2a02:6280:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a02:62a0::,2a02:62a0:ffff:ffff:ffff:ffff:ffff:ffff,DK 2a02:62c0::,2a02:62c0:ffff:ffff:ffff:ffff:ffff:ffff,ES -2a02:62e0::,2a02:62e0:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a02:6300::,2a02:6300:ffff:ffff:ffff:ffff:ffff:ffff,SK 2a02:6320::,2a02:6320:ffff:ffff:ffff:ffff:ffff:ffff,HR 2a02:6340::,2a02:6340:ffff:ffff:ffff:ffff:ffff:ffff,NO @@ -27906,6 +28254,7 @@ 2a03:40a0::,2a03:40a0:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a03:40c0::,2a03:40c0:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a03:40e0::,2a03:40e0:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a03:4100::,2a03:4107:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a03:4140::,2a03:4140:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a03:4160::,2a03:4160:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a03:4180::,2a03:4180:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -28516,7 +28865,7 @@ 2a03:8ac0:251::,2a03:8ac0:ffff:ffff:ffff:ffff:ffff:ffff,US 2a03:8ae0::,2a03:8ae0:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a03:8b00::,2a03:8b00:ffff:ffff:ffff:ffff:ffff:ffff,SM -2a03:8b20::,2a03:8b20:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a03:8b20::,2a03:8b20:ffff:ffff:ffff:ffff:ffff:ffff,HR 2a03:8b40::,2a03:8b40:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a03:8b60::,2a03:8b60:ffff:ffff:ffff:ffff:ffff:ffff,SY 2a03:8b80::,2a03:8b80:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -29084,7 +29433,6 @@ 2a03:e040::,2a03:e040:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a03:e080::,2a03:e080:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a03:e0c0::,2a03:e0c0:ffff:ffff:ffff:ffff:ffff:ffff,NL -2a03:e100::,2a03:e100:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a03:e140::,2a03:e140:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a03:e180::,2a03:e180:ffff:ffff:ffff:ffff:ffff:ffff,SI 2a03:e1c0::,2a03:e1c0:ffff:ffff:ffff:ffff:ffff:ffff,DE @@ -29143,7 +29491,13 @@ 2a03:ef00::,2a03:ef00:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a03:ef40::,2a03:ef47:ffff:ffff:ffff:ffff:ffff:ffff,IR 2a03:ef80::,2a03:ef80:ffff:ffff:ffff:ffff:ffff:ffff,IT -2a03:efc0::,2a03:efc7:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a03:efc0::,2a03:efc0:6ff:ffff:ffff:ffff:ffff:ffff,GB +2a03:efc0:700::,2a03:efc0:7ff:ffff:ffff:ffff:ffff:ffff,FR +2a03:efc0:800::,2a03:efc0:8ff:ffff:ffff:ffff:ffff:ffff,GB +2a03:efc0:900::,2a03:efc0:9ff:ffff:ffff:ffff:ffff:ffff,ES +2a03:efc0:a00::,2a03:efc0:10ff:ffff:ffff:ffff:ffff:ffff,GB +2a03:efc0:1100::,2a03:efc0:11ff:ffff:ffff:ffff:ffff:ffff,DE +2a03:efc0:1200::,2a03:efc7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a03:f000::,2a03:f000:ffff:ffff:ffff:ffff:ffff:ffff,GR 2a03:f040::,2a03:f040:ffff:ffff:ffff:ffff:ffff:ffff,SK 2a03:f080::,2a03:f080:ffff:ffff:ffff:ffff:ffff:ffff,AT @@ -31098,11 +31452,19 @@ 2a05:d050:c080::,2a05:d050:c08f:ffff:ffff:ffff:ffff:ffff,GB 2a05:d050:c090::,2a05:d050:c0bf:ffff:ffff:ffff:ffff:ffff,IE 2a05:d050:c0c0::,2a05:d050:c0cf:ffff:ffff:ffff:ffff:ffff,GB -2a05:d050:c0d0::,2a05:d07c:3fff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d050:c0d0::,2a05:d07c:1fff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d07c:2000::,2a05:d07c:20ff:ffff:ffff:ffff:ffff:ffff,FR +2a05:d07c:2100::,2a05:d07c:3fff:ffff:ffff:ffff:ffff:ffff,IE 2a05:d07c:4000::,2a05:d07c:40ff:ffff:ffff:ffff:ffff:ffff,DE 2a05:d07c:4100::,2a05:d07c:bfff:ffff:ffff:ffff:ffff:ffff,IE 2a05:d07c:c000::,2a05:d07c:c0ff:ffff:ffff:ffff:ffff:ffff,GB -2a05:d07c:c100::,2a05:d07f:ffff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d07c:c100::,2a05:d07f:1fff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d07f:2000::,2a05:d07f:20ff:ffff:ffff:ffff:ffff:ffff,FR +2a05:d07f:2100::,2a05:d07f:3fff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d07f:4000::,2a05:d07f:40ff:ffff:ffff:ffff:ffff:ffff,DE +2a05:d07f:4100::,2a05:d07f:bfff:ffff:ffff:ffff:ffff:ffff,IE +2a05:d07f:c000::,2a05:d07f:c0ff:ffff:ffff:ffff:ffff:ffff,GB +2a05:d07f:c100::,2a05:d07f:ffff:ffff:ffff:ffff:ffff:ffff,IE 2a05:d400::,2a05:d407:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a05:d440::,2a05:d447:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a05:d480::,2a05:d487:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -31210,7 +31572,6 @@ 2a05:e840::,2a05:e847:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a05:e880::,2a05:e887:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a05:e8c0::,2a05:e8c7:ffff:ffff:ffff:ffff:ffff:ffff,ES -2a05:e900::,2a05:e907:ffff:ffff:ffff:ffff:ffff:ffff,UA 2a05:e940::,2a05:e947:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a05:e980::,2a05:e987:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a05:e9c0::,2a05:e9c7:ffff:ffff:ffff:ffff:ffff:ffff,NL @@ -32268,7 +32629,9 @@ 2a06:e881:200::,2a06:e881:2ff:ffff:ffff:ffff:ffff:ffff,AT 2a06:e881:300::,2a06:e881:14ff:ffff:ffff:ffff:ffff:ffff,CH 2a06:e881:1500::,2a06:e881:150f:ffff:ffff:ffff:ffff:ffff,GB -2a06:e881:1510::,2a06:e881:1fff:ffff:ffff:ffff:ffff:ffff,CH +2a06:e881:1510::,2a06:e881:16ff:ffff:ffff:ffff:ffff:ffff,CH +2a06:e881:1700::,2a06:e881:170f:ffff:ffff:ffff:ffff:ffff,DE +2a06:e881:1710::,2a06:e881:1fff:ffff:ffff:ffff:ffff:ffff,CH 2a06:e881:2000::,2a06:e881:200f:ffff:ffff:ffff:ffff:ffff,DE 2a06:e881:2010::,2a06:e881:20ff:ffff:ffff:ffff:ffff:ffff,CH 2a06:e881:2100::,2a06:e881:210f:ffff:ffff:ffff:ffff:ffff,DE @@ -32483,7 +32846,13 @@ 2a07:1b80::,2a07:1b87:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a07:1bc0::,2a07:1bc7:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a07:1c00::,2a07:1c07:ffff:ffff:ffff:ffff:ffff:ffff,DE -2a07:1c40::,2a07:1c47:ffff:ffff:ffff:ffff:ffff:ffff,AT +2a07:1c40::,2a07:1c44:609:ffff:ffff:ffff:ffff:ffff,AT +2a07:1c44:60a::,2a07:1c44:60a:ffff:ffff:ffff:ffff:ffff,DE +2a07:1c44:60b::,2a07:1c44:619:ffff:ffff:ffff:ffff:ffff,AT +2a07:1c44:61a::,2a07:1c44:61a:ffff:ffff:ffff:ffff:ffff,KR +2a07:1c44:61b::,2a07:1c44:6ff:ffff:ffff:ffff:ffff:ffff,AT +2a07:1c44:700::,2a07:1c44:70f:ffff:ffff:ffff:ffff:ffff,US +2a07:1c44:710::,2a07:1c47:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a07:1c80::,2a07:1c87:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a07:1cc0::,2a07:1cc7:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a07:1d00::,2a07:1d07:ffff:ffff:ffff:ffff:ffff:ffff,IR @@ -33186,6 +33555,7 @@ 2a07:cac0::,2a07:cac7:ffff:ffff:ffff:ffff:ffff:ffff,CY 2a07:cb00::,2a07:cb00:ffff:ffff:ffff:ffff:ffff:ffff,HU 2a07:cb40::,2a07:cb47:ffff:ffff:ffff:ffff:ffff:ffff,IT +2a07:d000::,2a07:d0ff:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a08::,2a08:1fff:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a::,2a0a:7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:40::,2a0a:47:ffff:ffff:ffff:ffff:ffff:ffff,FR @@ -33353,7 +33723,7 @@ 2a0a:2880::,2a0a:2887:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:28c0::,2a0a:28c7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:2900::,2a0a:2907:ffff:ffff:ffff:ffff:ffff:ffff,GE -2a0a:2940::,2a0a:2947:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:2940::,2a0a:2947:ffff:ffff:ffff:ffff:ffff:ffff,US 2a0a:2980::,2a0a:2987:ffff:ffff:ffff:ffff:ffff:ffff,TJ 2a0a:29c0::,2a0a:29c0:ffff:ffff:ffff:ffff:ffff:ffff,BG 2a0a:2a00::,2a0a:2a00:ffff:ffff:ffff:ffff:ffff:ffff,BE @@ -33686,155 +34056,293 @@ 2a0a:7a80::,2a0a:7a80:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:7ac0::,2a0a:7ac7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:7b00::,2a0a:7b07:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:7b40::,2a0a:7b47:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:7b80::,2a0a:7b87:ffff:ffff:ffff:ffff:ffff:ffff,PL +2a0a:7bc0::,2a0a:7bc7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:7c00::,2a0a:7c07:ffff:ffff:ffff:ffff:ffff:ffff,AT +2a0a:7c40::,2a0a:7c40:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:7c80::,2a0a:7c80:ffff:ffff:ffff:ffff:ffff:ffff,AT +2a0a:7cc0::,2a0a:7cc7:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:7d00::,2a0a:7d07:ffff:ffff:ffff:ffff:ffff:ffff,CH +2a0a:7d40::,2a0a:7d40:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:7d80::,2a0a:7d87:ffff:ffff:ffff:ffff:ffff:ffff,BY +2a0a:7dc0::,2a0a:7dc7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:7e00::,2a0a:7e03:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:7e04::,2a0a:7e04::ffff:ffff:ffff:ffff:ffff,US 2a0a:7e04:1::,2a0a:7e07:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:7e40::,2a0a:7e47:ffff:ffff:ffff:ffff:ffff:ffff,IL 2a0a:7e80::,2a0a:7e87:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:7ec0::,2a0a:7ec7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:7f00::,2a0a:7f07:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:7f40::,2a0a:7f47:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:7f80::,2a0a:7f87:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a0a:7fc0::,2a0a:7fc0:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8000::,2a0a:8007:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:8040::,2a0a:8047:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:80c0::,2a0a:80c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:8100::,2a0a:8107:ffff:ffff:ffff:ffff:ffff:ffff,IR +2a0a:8140::,2a0a:8140:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:8180::,2a0a:8187:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:81c0::,2a0a:81c7:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a0a:8200::,2a0a:8207:ffff:ffff:ffff:ffff:ffff:ffff,IL +2a0a:8240::,2a0a:8247:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:8280::,2a0a:8287:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:82c0::,2a0a:82c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:8300::,2a0a:8307:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:8340::,2a0a:8347:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:8380::,2a0a:8387:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:83c0::,2a0a:83c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:8400::,2a0a:8407:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:8440::,2a0a:8447:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:8480::,2a0a:8480:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:84c0::,2a0a:84c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:8500::,2a0a:8507:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:8540::,2a0a:8547:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:8580::,2a0a:8587:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:85c0::,2a0a:85c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:8600::,2a0a:8604:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8605::,2a0a:8605::ffff:ffff:ffff:ffff:ffff,US 2a0a:8605:1::,2a0a:8605:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8606::,2a0a:8606:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:8607::,2a0a:8607:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:8640::,2a0a:8647:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:8680::,2a0a:8687:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:86c0::,2a0a:86c7:ffff:ffff:ffff:ffff:ffff:ffff,TR 2a0a:8700::,2a0a:8707:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:8740::,2a0a:8747:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a0a:8780::,2a0a:8787:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:87c0::,2a0a:87c7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:8800::,2a0a:8807:ffff:ffff:ffff:ffff:ffff:ffff,TR +2a0a:8840::,2a0a:8847:ffff:ffff:ffff:ffff:ffff:ffff,TR 2a0a:8880::,2a0a:8887:ffff:ffff:ffff:ffff:ffff:ffff,RO +2a0a:88c0::,2a0a:88c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:8900::,2a0a:8907:ffff:ffff:ffff:ffff:ffff:ffff,TR +2a0a:8940::,2a0a:8947:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8980::,2a0a:8987:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:89c0::,2a0a:89c7:ffff:ffff:ffff:ffff:ffff:ffff,IS 2a0a:8a00::,2a0a:8a00:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:8a40::,2a0a:8a40:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a0a:8a80::,2a0a:8a87:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:8ac0::,2a0a:8ac7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:8b00::,2a0a:8b07:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:8b40::,2a0a:8b47:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:8b80::,2a0a:8b87:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:8bc0::,2a0a:8bc7:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a0a:8c00::,2a0a:8c07:ffff:ffff:ffff:ffff:ffff:ffff,SA +2a0a:8c40::,2a0a:8c47:ffff:ffff:ffff:ffff:ffff:ffff,BG 2a0a:8c80::,2a0a:8c87:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a0a:8cc0::,2a0a:8cc7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:8d00::,2a0a:8d07:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:8d40::,2a0a:8d47:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:8d80::,2a0a:8d87:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:8dc0::,2a0a:8dc7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:8e00::,2a0a:8e01:1236:ffff:ffff:ffff:ffff:ffff,US 2a0a:8e01:1237::,2a0a:8e01:1237:ffff:ffff:ffff:ffff:ffff,CA 2a0a:8e01:1238::,2a0a:8e07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:8e40::,2a0a:8e47:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a0a:8e80::,2a0a:8e87:ffff:ffff:ffff:ffff:ffff:ffff,IT +2a0a:8ec0::,2a0a:8ec7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8f00::,2a0a:8f00:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:8f40::,2a0a:8f47:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:8f80::,2a0a:8f87:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:8fc0::,2a0a:8fc7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:9000::,2a0a:9007:ffff:ffff:ffff:ffff:ffff:ffff,PT +2a0a:9040::,2a0a:9047:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:9080::,2a0a:9087:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:90c0::,2a0a:90c7:ffff:ffff:ffff:ffff:ffff:ffff,BE 2a0a:9100::,2a0a:9107:ffff:ffff:ffff:ffff:ffff:ffff,LB +2a0a:9140::,2a0a:9147:ffff:ffff:ffff:ffff:ffff:ffff,US 2a0a:9180::,2a0a:9180:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:91c0::,2a0a:91c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:9200::,2a0a:9204:ab6c:ffff:ffff:ffff:ffff:ffff,US 2a0a:9204:ab6d::,2a0a:9204:ab6d:ffff:ffff:ffff:ffff:ffff,CA 2a0a:9204:ab6e::,2a0a:9207:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9240::,2a0a:9247:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:9280::,2a0a:9287:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:92c0::,2a0a:92c7:ffff:ffff:ffff:ffff:ffff:ffff,CY 2a0a:9300::,2a0a:9307:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:9340::,2a0a:9340:ffff:ffff:ffff:ffff:ffff:ffff,CH 2a0a:9380::,2a0a:9387:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:93c0::,2a0a:93c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:9400::,2a0a:9407:ffff:ffff:ffff:ffff:ffff:ffff,SA +2a0a:9440::,2a0a:9447:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:9480::,2a0a:9480:ffff:ffff:ffff:ffff:ffff:ffff,IL +2a0a:94c0::,2a0a:94c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:9500::,2a0a:9507:ffff:ffff:ffff:ffff:ffff:ffff,FI +2a0a:9540::,2a0a:9547:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:9580::,2a0a:9587:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:95c0::,2a0a:95c0:ffff:ffff:ffff:ffff:ffff:ffff,BG 2a0a:9600::,2a0a:9603:49cd:ffff:ffff:ffff:ffff:ffff,US 2a0a:9603:49ce::,2a0a:9603:49ce:ffff:ffff:ffff:ffff:ffff,CA 2a0a:9603:49cf::,2a0a:9607:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9640::,2a0a:9647:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:9680::,2a0a:9687:ffff:ffff:ffff:ffff:ffff:ffff,CZ +2a0a:96c0::,2a0a:96c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:9700::,2a0a:9700:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:9740::,2a0a:9740:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:9780::,2a0a:9787:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:97c0::,2a0a:97c7:ffff:ffff:ffff:ffff:ffff:ffff,IR 2a0a:9800::,2a0a:9807:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:9840::,2a0a:9847:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a0a:9880::,2a0a:9887:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:98c0::,2a0a:98c7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:9900::,2a0a:9907:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:9940::,2a0a:9947:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a0a:9980::,2a0a:9987:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:99c0::,2a0a:99c7:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a0a:9a00::,2a0a:9a02:b3d1:ffff:ffff:ffff:ffff:ffff,US 2a0a:9a02:b3d2::,2a0a:9a02:b3d2:ffff:ffff:ffff:ffff:ffff,CA 2a0a:9a02:b3d3::,2a0a:9a07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9a40::,2a0a:9a47:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:9a80::,2a0a:9a80:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:9ac0::,2a0a:9ac7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:9b00::,2a0a:9b07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9b40::,2a0a:9b47:ffff:ffff:ffff:ffff:ffff:ffff,UA 2a0a:9b80::,2a0a:9b80:ffff:ffff:ffff:ffff:ffff:ffff,NO +2a0a:9bc0::,2a0a:9bc7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:9c00::,2a0a:9c07:ffff:ffff:ffff:ffff:ffff:ffff,SA +2a0a:9c40::,2a0a:9c47:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a0a:9c80::,2a0a:9c80:ffff:ffff:ffff:ffff:ffff:ffff,NO +2a0a:9cc0::,2a0a:9cc7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:9d00::,2a0a:9d00:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:9d40::,2a0a:9d47:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:9d80::,2a0a:9d87:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:9dc0::,2a0a:9dc7:ffff:ffff:ffff:ffff:ffff:ffff,AT 2a0a:9e00::,2a0a:9e07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9e40::,2a0a:9e47:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:9e80::,2a0a:9e87:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:9ec0::,2a0a:9ec7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:9f00::,2a0a:9f07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:9f40::,2a0a:9f47:ffff:ffff:ffff:ffff:ffff:ffff,TR 2a0a:9f80::,2a0a:9f87:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:9fc0::,2a0a:9fc7:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:a000::,2a0a:a000:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:a040::,2a0a:a047:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a0a:a080::,2a0a:a087:ffff:ffff:ffff:ffff:ffff:ffff,PL +2a0a:a0c0::,2a0a:a0c7:ffff:ffff:ffff:ffff:ffff:ffff,AL 2a0a:a100::,2a0a:a100:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:a140::,2a0a:a147:ffff:ffff:ffff:ffff:ffff:ffff,IL 2a0a:a180::,2a0a:a180:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:a1c0::,2a0a:a1c7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:a200::,2a0a:a207:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:a280::,2a0a:a280:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:a2c0::,2a0a:a2c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:a300::,2a0a:a307:ffff:ffff:ffff:ffff:ffff:ffff,RO +2a0a:a340::,2a0a:a347:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:a380::,2a0a:a387:ffff:ffff:ffff:ffff:ffff:ffff,IT +2a0a:a3c0::,2a0a:a3c0:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:a400::,2a0a:a407:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a0a:a440::,2a0a:a447:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:a480::,2a0a:a487:ffff:ffff:ffff:ffff:ffff:ffff,IR +2a0a:a4c0::,2a0a:a4c7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:a500::,2a0a:a507:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:a540::,2a0a:a547:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:a580::,2a0a:a587:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a0a:a5c0::,2a0a:a5c0:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:a600::,2a0a:a607:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:a640::,2a0a:a640:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:a680::,2a0a:a687:ffff:ffff:ffff:ffff:ffff:ffff,SK +2a0a:a6c0::,2a0a:a6c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:a700::,2a0a:a707:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:a740::,2a0a:a747:ffff:ffff:ffff:ffff:ffff:ffff,LU 2a0a:a780::,2a0a:a787:ffff:ffff:ffff:ffff:ffff:ffff,SK +2a0a:a7c0::,2a0a:a7c7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:a800::,2a0a:a807:ffff:ffff:ffff:ffff:ffff:ffff,CZ +2a0a:a840::,2a0a:a847:ffff:ffff:ffff:ffff:ffff:ffff,MD 2a0a:a880::,2a0a:a887:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:a8c0::,2a0a:a8c0:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:a900::,2a0a:a900:ffff:ffff:ffff:ffff:ffff:ffff,FR +2a0a:a940::,2a0a:a947:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:a980::,2a0a:a987:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:a9c0::,2a0a:a9c7:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:aa00::,2a0a:aa03:ffff:ffff:ffff:ffff:ffff:ffff,CY +2a0a:aa40::,2a0a:aa40:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:aa80::,2a0a:aa87:ffff:ffff:ffff:ffff:ffff:ffff,IM +2a0a:aac0::,2a0a:aac0:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:ab00::,2a0a:ab07:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:ab40::,2a0a:ab47:ffff:ffff:ffff:ffff:ffff:ffff,AE 2a0a:ab80::,2a0a:ab80:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:abc0::,2a0a:abc7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:ac00::,2a0a:ac07:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:ac40::,2a0a:ac40:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:ac80::,2a0a:ac87:ffff:ffff:ffff:ffff:ffff:ffff,IT +2a0a:acc0::,2a0a:acc7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:ad00::,2a0a:ad07:ffff:ffff:ffff:ffff:ffff:ffff,UA +2a0a:ad40::,2a0a:ad47:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:ad80::,2a0a:ad87:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:adc0::,2a0a:adc7:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:ae00::,2a0a:ae07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:ae40::,2a0a:ae47:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a0a:ae80::,2a0a:ae87:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:aec0::,2a0a:aec7:ffff:ffff:ffff:ffff:ffff:ffff,LI 2a0a:af00::,2a0a:af07:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:af40::,2a0a:af47:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:af80::,2a0a:af87:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:afc0::,2a0a:afc7:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:b000::,2a0a:b000:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:b040::,2a0a:b047:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:b080::,2a0a:b087:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:b0c0::,2a0a:b0c7:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:b100::,2a0a:b107:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:b140::,2a0a:b140:ffff:ffff:ffff:ffff:ffff:ffff,MK 2a0a:b180::,2a0a:b187:ffff:ffff:ffff:ffff:ffff:ffff,PL +2a0a:b1c0::,2a0a:b1c7:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:b200::,2a0a:b207:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:b240::,2a0a:b247:ffff:ffff:ffff:ffff:ffff:ffff,TR 2a0a:b280::,2a0a:b287:ffff:ffff:ffff:ffff:ffff:ffff,PL +2a0a:b2c0::,2a0a:b2c7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:b300::,2a0a:b307:ffff:ffff:ffff:ffff:ffff:ffff,CZ +2a0a:b340::,2a0a:b347:ffff:ffff:ffff:ffff:ffff:ffff,PL 2a0a:b380::,2a0a:b387:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:b3c0::,2a0a:b3c7:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:b400::,2a0a:b407:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:b440::,2a0a:b447:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:b480::,2a0a:b487:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:b4c0::,2a0a:b4c7:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:b500::,2a0a:b507:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:b540::,2a0a:b540:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:b580::,2a0a:b587:ffff:ffff:ffff:ffff:ffff:ffff,RU +2a0a:b5c0::,2a0a:b5c7:ffff:ffff:ffff:ffff:ffff:ffff,CY 2a0a:b600::,2a0a:b607:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:b640::,2a0a:b640::ffff:ffff:ffff:ffff:ffff,GB +2a0a:b640:1::,2a0a:b640:1:ffff:ffff:ffff:ffff:ffff,SG +2a0a:b640:2::,2a0a:b647:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0a:b680::,2a0a:b687:ffff:ffff:ffff:ffff:ffff:ffff,SE +2a0a:b6c0::,2a0a:b6c0:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a0a:b700::,2a0a:b707:ffff:ffff:ffff:ffff:ffff:ffff,GE +2a0a:b740::,2a0a:b747:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:b780::,2a0a:b787:ffff:ffff:ffff:ffff:ffff:ffff,SE +2a0a:b7c0::,2a0a:b7c7:ffff:ffff:ffff:ffff:ffff:ffff,FI 2a0a:b800::,2a0a:b807:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:b840::,2a0a:b847:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a0a:b880::,2a0a:b887:ffff:ffff:ffff:ffff:ffff:ffff,NL +2a0a:b8c0::,2a0a:b8c0:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0a:b900::,2a0a:b907:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:b940::,2a0a:b947:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:b980::,2a0a:b980:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:b9c0::,2a0a:b9c7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:ba00::,2a0a:ba07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:ba40::,2a0a:ba47:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0a:ba80::,2a0a:ba87:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:bac0::,2a0a:bac7:ffff:ffff:ffff:ffff:ffff:ffff,AL 2a0a:bb00::,2a0a:bb07:ffff:ffff:ffff:ffff:ffff:ffff,LI +2a0a:bb40::,2a0a:bb47:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0a:bb80::,2a0a:bb87:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0a:bbc0::,2a0a:bbc7:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:bc00::,2a0a:bc07:ffff:ffff:ffff:ffff:ffff:ffff,GB +2a0a:bc40::,2a0a:bc40:ffff:ffff:ffff:ffff:ffff:ffff,IR 2a0a:bc80::,2a0a:bc87:ffff:ffff:ffff:ffff:ffff:ffff,UA +2a0a:bcc0::,2a0a:bcc7:ffff:ffff:ffff:ffff:ffff:ffff,SE 2a0a:bd00::,2a0a:bd00:ffff:ffff:ffff:ffff:ffff:ffff,TR +2a0a:bd40::,2a0a:bd47:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0a:bd80::,2a0a:bd80:ffff:ffff:ffff:ffff:ffff:ffff,DK +2a0a:bdc0::,2a0a:bdc7:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a0a:be00::,2a0a:be07:ffff:ffff:ffff:ffff:ffff:ffff,US +2a0a:be40::,2a0a:be47:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:be80::,2a0a:be87:ffff:ffff:ffff:ffff:ffff:ffff,TR +2a0a:bec0::,2a0a:bec7:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0a:bf00::,2a0a:bf07:ffff:ffff:ffff:ffff:ffff:ffff,ES +2a0a:bf40::,2a0a:bf47:ffff:ffff:ffff:ffff:ffff:ffff,IS 2a0a:bf80::,2a0a:bf87:ffff:ffff:ffff:ffff:ffff:ffff,UA 2a0a:c000::,2a0a:c007:ffff:ffff:ffff:ffff:ffff:ffff,ES 2a0a:c080::,2a0a:c087:ffff:ffff:ffff:ffff:ffff:ffff,SE @@ -33974,7 +34482,7 @@ 2a0b:380::,2a0b:387:ffff:ffff:ffff:ffff:ffff:ffff,DK 2a0b:400::,2a0b:407:ffff:ffff:ffff:ffff:ffff:ffff,IT 2a0b:480::,2a0b:487:ffff:ffff:ffff:ffff:ffff:ffff,UA -2a0b:500::,2a0b:507:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0b:500::,2a0b:507:ffff:ffff:ffff:ffff:ffff:ffff,US 2a0b:580::,2a0b:580:ffff:ffff:ffff:ffff:ffff:ffff,RU 2a0b:600::,2a0b:600:ffff:ffff:ffff:ffff:ffff:ffff,NO 2a0b:680::,2a0b:687:ffff:ffff:ffff:ffff:ffff:ffff,SE @@ -34066,7 +34574,7 @@ 2a0b:3180::,2a0b:3187:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0b:3200::,2a0b:3207:ffff:ffff:ffff:ffff:ffff:ffff,FR 2a0b:3280::,2a0b:3280:ffff:ffff:ffff:ffff:ffff:ffff,GB -2a0b:3300::,2a0b:3307:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0b:3300::,2a0b:3307:ffff:ffff:ffff:ffff:ffff:ffff,US 2a0b:3380::,2a0b:3387:ffff:ffff:ffff:ffff:ffff:ffff,CH 2a0b:3400::,2a0b:3407:ffff:ffff:ffff:ffff:ffff:ffff,GB 2a0b:3480::,2a0b:3487:ffff:ffff:ffff:ffff:ffff:ffff,FI @@ -34235,7 +34743,7 @@ 2a0b:8580::,2a0b:8587:ffff:ffff:ffff:ffff:ffff:ffff,CZ 2a0b:8600::,2a0b:8607:ffff:ffff:ffff:ffff:ffff:ffff,RO 2a0b:8680::,2a0b:8687:ffff:ffff:ffff:ffff:ffff:ffff,BY -2a0b:8700::,2a0b:8707:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0b:8700::,2a0b:8707:ffff:ffff:ffff:ffff:ffff:ffff,US 2a0b:8780::,2a0b:8787:ffff:ffff:ffff:ffff:ffff:ffff,BE 2a0b:8800::,2a0b:8807:ffff:ffff:ffff:ffff:ffff:ffff,RO 2a0b:8880::,2a0b:8887:ffff:ffff:ffff:ffff:ffff:ffff,FI @@ -34358,7 +34866,7 @@ 2a0b:c300::,2a0b:c307:ffff:ffff:ffff:ffff:ffff:ffff,SI 2a0b:c380::,2a0b:c387:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0b:c400::,2a0b:c407:ffff:ffff:ffff:ffff:ffff:ffff,CH -2a0b:c480::,2a0b:c480:ffff:ffff:ffff:ffff:ffff:ffff,DE +2a0b:c480::,2a0b:c487:ffff:ffff:ffff:ffff:ffff:ffff,DE 2a0b:c500::,2a0b:c500:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0b:c580::,2a0b:c587:ffff:ffff:ffff:ffff:ffff:ffff,NL 2a0b:c600::,2a0b:c607:ffff:ffff:ffff:ffff:ffff:ffff,IT @@ -34489,6 +34997,11 @@ 2c0f:f030::,2c0f:f030:ffff:ffff:ffff:ffff:ffff:ffff,ZA 2c0f:f038::,2c0f:f038:ffff:ffff:ffff:ffff:ffff:ffff,GA 2c0f:f040::,2c0f:f040:ffff:ffff:ffff:ffff:ffff:ffff,SN +2c0f:f048::,2c0f:f048:ffff:ffff:ffff:ffff:ffff:ffff,CG +2c0f:f050::,2c0f:f050:ffff:ffff:ffff:ffff:ffff:ffff,ZA +2c0f:f058::,2c0f:f058:ffff:ffff:ffff:ffff:ffff:ffff,TZ +2c0f:f060::,2c0f:f060:ffff:ffff:ffff:ffff:ffff:ffff,AO +2c0f:f068::,2c0f:f068:ffff:ffff:ffff:ffff:ffff:ffff,SO 2c0f:f200::,2c0f:f200:ffff:ffff:ffff:ffff:ffff:ffff,UG 2c0f:f208::,2c0f:f208:ffff:ffff:ffff:ffff:ffff:ffff,ZA 2c0f:f210::,2c0f:f210:ffff:ffff:ffff:ffff:ffff:ffff,ZA diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in index 37777443ac..8f3597f3f6 100644 --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in @@ -209,3 +209,12 @@ ## address manually to your friends, uncomment this line: #PublishServerDescriptor 0 +## Configuration options can be imported from files or folders using the %include +## option with the value being a path. If the path is a file, the options from the +## file will be parsed as if they were written where the %include option is. If +## the path is a folder, all files on that folder will be parsed following lexical +## order. Files starting with a dot are ignored. Files on subfolders are ignored. +## The %include option can be used recursively. +#%include /etc/torrc.d/ +#%include /etc/torrc.custom + diff --git a/src/or/Makefile.nmake b/src/or/Makefile.nmake index 2ac98cd372..429ae67858 100644 --- a/src/or/Makefile.nmake +++ b/src/or/Makefile.nmake @@ -14,6 +14,7 @@ LIBTOR_OBJECTS = \ addressmap.obj \ buffers.obj \ channel.obj \ + channelpadding.obj \ channeltls.obj \ circpathbias.obj \ circuitbuild.obj \ diff --git a/src/or/buffers.c b/src/or/buffers.c index 4f22935d26..58cfdeee84 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1319,7 +1319,7 @@ fetch_from_buf_http(buf_t *buf, /** * Wait this many seconds before warning the user about using SOCKS unsafely - * again (requires that WarnUnsafeSocks is turned on). */ + * again. */ #define SOCKS_WARN_INTERVAL 5 /** Warn that the user application has made an unsafe socks request using @@ -1331,9 +1331,6 @@ log_unsafe_socks_warning(int socks_protocol, const char *address, { static ratelim_t socks_ratelim = RATELIM_INIT(SOCKS_WARN_INTERVAL); - const or_options_t *options = get_options(); - if (! options->WarnUnsafeSocks) - return; if (safe_socks) { log_fn_ratelim(&socks_ratelim, LOG_WARN, LD_APP, "Your application (using socks%d to port %d) is giving " diff --git a/src/or/channel.c b/src/or/channel.c index e79fc0760b..df6d7d3423 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -49,6 +49,7 @@ #include "or.h" #include "channel.h" #include "channeltls.h" +#include "channelpadding.h" #include "circuitbuild.h" #include "circuitlist.h" #include "circuitstats.h" @@ -63,6 +64,7 @@ #include "router.h" #include "routerlist.h" #include "scheduler.h" +#include "compat_time.h" /* Global lists of channels */ @@ -84,6 +86,28 @@ static smartlist_t *active_listeners = NULL; /* All channel_listener_t instances in LISTENING state */ static smartlist_t *finished_listeners = NULL; +/** Map from channel->global_identifier to channel. Contains the same + * elements as all_channels. */ +static HT_HEAD(channel_gid_map, channel_s) channel_gid_map = HT_INITIALIZER(); + +static unsigned +channel_id_hash(const channel_t *chan) +{ + return (unsigned) chan->global_identifier; +} +static int +channel_id_eq(const channel_t *a, const channel_t *b) +{ + return a->global_identifier == b->global_identifier; +} +HT_PROTOTYPE(channel_gid_map, channel_s, gidmap_node, + channel_id_hash, channel_id_eq) +HT_GENERATE2(channel_gid_map, channel_s, gidmap_node, + channel_id_hash, channel_id_eq, + 0.6, tor_reallocarray_, tor_free_) + +HANDLE_IMPL(channel, channel_s,) + /* Counter for ID numbers */ static uint64_t n_channels_allocated = 0; /* @@ -429,6 +453,7 @@ void channel_register(channel_t *chan) { tor_assert(chan); + tor_assert(chan->global_identifier); /* No-op if already registered */ if (chan->registered) return; @@ -443,6 +468,8 @@ channel_register(channel_t *chan) /* Make sure we have all_channels, then add it */ if (!all_channels) all_channels = smartlist_new(); smartlist_add(all_channels, chan); + channel_t *oldval = HT_REPLACE(channel_gid_map, &channel_gid_map, chan); + tor_assert(! oldval); /* Is it finished? */ if (CHANNEL_FINISHED(chan)) { @@ -498,7 +525,9 @@ channel_unregister(channel_t *chan) } /* Get it out of all_channels */ - if (all_channels) smartlist_remove(all_channels, chan); + if (all_channels) smartlist_remove(all_channels, chan); + channel_t *oldval = HT_REMOVE(channel_gid_map, &channel_gid_map, chan); + tor_assert(oldval == NULL || oldval == chan); /* Mark it as unregistered */ chan->registered = 0; @@ -533,7 +562,7 @@ channel_listener_register(channel_listener_t *chan_l) channel_listener_state_to_string(chan_l->state), chan_l->state); - /* Make sure we have all_channels, then add it */ + /* Make sure we have all_listeners, then add it */ if (!all_listeners) all_listeners = smartlist_new(); smartlist_add(all_listeners, chan_l); @@ -578,7 +607,7 @@ channel_listener_unregister(channel_listener_t *chan_l) if (active_listeners) smartlist_remove(active_listeners, chan_l); } - /* Get it out of all_channels */ + /* Get it out of all_listeners */ if (all_listeners) smartlist_remove(all_listeners, chan_l); /* Mark it as unregistered */ @@ -719,15 +748,13 @@ channel_remove_from_digest_map(channel_t *chan) channel_t * channel_find_by_global_id(uint64_t global_identifier) { + channel_t lookup; channel_t *rv = NULL; - if (all_channels && smartlist_len(all_channels) > 0) { - SMARTLIST_FOREACH_BEGIN(all_channels, channel_t *, curr) { - if (curr->global_identifier == global_identifier) { - rv = curr; - break; - } - } SMARTLIST_FOREACH_END(curr); + lookup.global_identifier = global_identifier; + rv = HT_FIND(channel_gid_map, &channel_gid_map, &lookup); + if (rv) { + tor_assert(rv->global_identifier == global_identifier); } return rv; @@ -809,6 +836,83 @@ channel_next_with_rsa_identity(channel_t *chan) } /** + * Relays run this once an hour to look over our list of channels to other + * relays. It prints out some statistics if there are multiple connections + * to many relays. + * + * This function is similar to connection_or_set_bad_connections(), + * and probably could be adapted to replace it, if it was modified to actually + * take action on any of these connections. + */ +void +channel_check_for_duplicates(void) +{ + channel_idmap_entry_t **iter; + channel_t *chan; + int total_relay_connections = 0, total_relays = 0, total_canonical = 0; + int total_half_canonical = 0; + int total_gt_one_connection = 0, total_gt_two_connections = 0; + int total_gt_four_connections = 0; + + HT_FOREACH(iter, channel_idmap, &channel_identity_map) { + int connections_to_relay = 0; + + /* Only consider relay connections */ + if (!connection_or_digest_is_known_relay((char*)(*iter)->digest)) + continue; + + total_relays++; + + for (chan = TOR_LIST_FIRST(&(*iter)->channel_list); chan; + chan = channel_next_with_rsa_identity(chan)) { + + if (CHANNEL_CONDEMNED(chan) || !CHANNEL_IS_OPEN(chan)) + continue; + + connections_to_relay++; + total_relay_connections++; + + if (chan->is_canonical(chan, 0)) total_canonical++; + + if (!chan->is_canonical_to_peer && chan->is_canonical(chan, 0) + && chan->is_canonical(chan, 1)) { + total_half_canonical++; + } + } + + if (connections_to_relay > 1) total_gt_one_connection++; + if (connections_to_relay > 2) total_gt_two_connections++; + if (connections_to_relay > 4) total_gt_four_connections++; + } + +#define MIN_RELAY_CONNECTIONS_TO_WARN 5 + + /* If we average 1.5 or more connections per relay, something is wrong */ + if (total_relays > MIN_RELAY_CONNECTIONS_TO_WARN && + total_relay_connections >= 1.5*total_relays) { + log_notice(LD_OR, + "Your relay has a very large number of connections to other relays. " + "Is your outbound address the same as your relay address? " + "Found %d connections to %d relays. Found %d current canonical " + "connections, in %d of which we were a non-canonical peer. " + "%d relays had more than 1 connection, %d had more than 2, and " + "%d had more than 4 connections.", + total_relay_connections, total_relays, total_canonical, + total_half_canonical, total_gt_one_connection, + total_gt_two_connections, total_gt_four_connections); + } else { + log_info(LD_OR, "Performed connection pruning. " + "Found %d connections to %d relays. Found %d current canonical " + "connections, in %d of which we were a non-canonical peer. " + "%d relays had more than 1 connection, %d had more than 2, and " + "%d had more than 4 connections.", + total_relay_connections, total_relays, total_canonical, + total_half_canonical, total_gt_one_connection, + total_gt_two_connections, total_gt_four_connections); + } +} + +/** * Initialize a channel * * This function should be called by subclasses to set up some per-channel @@ -822,7 +926,7 @@ channel_init(channel_t *chan) tor_assert(chan); /* Assign an ID and bump the counter */ - chan->global_identifier = n_channels_allocated++; + chan->global_identifier = ++n_channels_allocated; /* Init timestamp */ chan->timestamp_last_had_circuits = time(NULL); @@ -861,7 +965,7 @@ channel_init_listener(channel_listener_t *chan_l) tor_assert(chan_l); /* Assign an ID and bump the counter */ - chan_l->global_identifier = n_channels_allocated++; + chan_l->global_identifier = ++n_channels_allocated; /* Timestamp it */ channel_listener_timestamp_created(chan_l); @@ -898,6 +1002,11 @@ channel_free(channel_t *chan) circuitmux_set_policy(chan->cmux, NULL); } + /* Remove all timers and associated handle entries now */ + timer_free(chan->padding_timer); + channel_handle_free(chan->timer_handle); + channel_handles_clear(chan); + /* Call a free method if there is one */ if (chan->free_fn) chan->free_fn(chan); @@ -976,6 +1085,11 @@ channel_force_free(channel_t *chan) circuitmux_set_policy(chan->cmux, NULL); } + /* Remove all timers and associated handle entries now */ + timer_free(chan->padding_timer); + channel_handle_free(chan->timer_handle); + channel_handles_clear(chan); + /* Call a free method if there is one */ if (chan->free_fn) chan->free_fn(chan); @@ -2595,6 +2709,19 @@ channel_do_open_actions(channel_t *chan) } } + /* Disable or reduce padding according to user prefs. */ + if (chan->padding_enabled || get_options()->ConnectionPadding == 1) { + if (!get_options()->ConnectionPadding) { + channelpadding_disable_padding_on_channel(chan); + } + + /* Padding can be forced and/or reduced by clients, regardless of if + * the channel supports it */ + if (get_options()->ReducedConnectionPadding) { + channelpadding_reduce_padding_on_channel(chan); + } + } + circuit_n_chan_done(chan, 1, close_origin_circuits); } @@ -3232,6 +3359,11 @@ channel_free_all(void) /* Geez, anything still left over just won't die ... let it leak then */ HT_CLEAR(channel_idmap, &channel_identity_map); + /* Same with channel_gid_map */ + log_debug(LD_CHANNEL, + "Freeing channel_gid_map"); + HT_CLEAR(channel_gid_map, &channel_gid_map); + log_debug(LD_CHANNEL, "Done cleaning up after channels"); } @@ -3267,22 +3399,20 @@ channel_connect(const tor_addr_t *addr, uint16_t port, */ int -channel_is_better(time_t now, channel_t *a, channel_t *b, - int forgive_new_connections) +channel_is_better(channel_t *a, channel_t *b) { - int a_grace, b_grace; int a_is_canonical, b_is_canonical; - int a_has_circs, b_has_circs; - - /* - * Do not definitively deprecate a new channel with no circuits on it - * until this much time has passed. - */ -#define NEW_CHAN_GRACE_PERIOD (15*60) tor_assert(a); tor_assert(b); + /* If one channel is bad for new circuits, and the other isn't, + * use the one that is still good. */ + if (!channel_is_bad_for_new_circs(a) && channel_is_bad_for_new_circs(b)) + return 1; + if (channel_is_bad_for_new_circs(a) && !channel_is_bad_for_new_circs(b)) + return 0; + /* Check if one is canonical and the other isn't first */ a_is_canonical = channel_is_canonical(a); b_is_canonical = channel_is_canonical(b); @@ -3290,26 +3420,31 @@ channel_is_better(time_t now, channel_t *a, channel_t *b, if (a_is_canonical && !b_is_canonical) return 1; if (!a_is_canonical && b_is_canonical) return 0; + /* Check if we suspect that one of the channels will be preferred + * by the peer */ + if (a->is_canonical_to_peer && !b->is_canonical_to_peer) return 1; + if (!a->is_canonical_to_peer && b->is_canonical_to_peer) return 0; + /* - * Okay, if we're here they tied on canonicity. Next we check if - * they have any circuits, and if one does and the other doesn't, - * we prefer the one that does, unless we are forgiving and the - * one that has no circuits is in its grace period. + * Okay, if we're here they tied on canonicity, the prefer the older + * connection, so that the adversary can't create a new connection + * and try to switch us over to it (which will leak information + * about long-lived circuits). Additionally, switching connections + * too often makes us more vulnerable to attacks like Torscan and + * passive netflow-based equivalents. + * + * Connections will still only live for at most a week, due to + * the check in connection_or_group_set_badness() against + * TIME_BEFORE_OR_CONN_IS_TOO_OLD, which marks old connections as + * unusable for new circuits after 1 week. That check sets + * is_bad_for_new_circs, which is checked in channel_get_for_extend(). + * + * We check channel_is_bad_for_new_circs() above here anyway, for safety. */ + if (channel_when_created(a) < channel_when_created(b)) return 1; + else if (channel_when_created(a) > channel_when_created(b)) return 0; - a_has_circs = (channel_num_circuits(a) > 0); - b_has_circs = (channel_num_circuits(b) > 0); - a_grace = (forgive_new_connections && - (now < channel_when_created(a) + NEW_CHAN_GRACE_PERIOD)); - b_grace = (forgive_new_connections && - (now < channel_when_created(b) + NEW_CHAN_GRACE_PERIOD)); - - if (a_has_circs && !b_has_circs && !b_grace) return 1; - if (!a_has_circs && b_has_circs && !a_grace) return 0; - - /* They tied on circuits too; just prefer whichever is newer */ - - if (channel_when_created(a) > channel_when_created(b)) return 1; + if (channel_num_circuits(a) > channel_num_circuits(b)) return 1; else return 0; } @@ -3334,7 +3469,6 @@ channel_get_for_extend(const char *rsa_id_digest, channel_t *chan, *best = NULL; int n_inprogress_goodaddr = 0, n_old = 0; int n_noncanonical = 0, n_possible = 0; - time_t now = approx_time(); tor_assert(msg_out); tor_assert(launch_out); @@ -3404,7 +3538,7 @@ channel_get_for_extend(const char *rsa_id_digest, continue; } - if (channel_is_better(now, chan, best, 0)) + if (channel_is_better(chan, best)) best = chan; } @@ -4186,8 +4320,12 @@ channel_timestamp_active(channel_t *chan) time_t now = time(NULL); tor_assert(chan); + chan->timestamp_xfer_ms = monotime_coarse_absolute_msec(); chan->timestamp_active = now; + + /* Clear any potential netflow padding timer. We're active */ + chan->next_padding_time_ms = 0; } /** @@ -4270,11 +4408,14 @@ void channel_timestamp_recv(channel_t *chan) { time_t now = time(NULL); - tor_assert(chan); + chan->timestamp_xfer_ms = monotime_coarse_absolute_msec(); chan->timestamp_active = now; chan->timestamp_recv = now; + + /* Clear any potential netflow padding timer. We're active */ + chan->next_padding_time_ms = 0; } /** @@ -4287,11 +4428,15 @@ void channel_timestamp_xmit(channel_t *chan) { time_t now = time(NULL); - tor_assert(chan); + chan->timestamp_xfer_ms = monotime_coarse_absolute_msec(); + chan->timestamp_active = now; chan->timestamp_xmit = now; + + /* Clear any potential netflow padding timer. We're active */ + chan->next_padding_time_ms = 0; } /*************************************************************** diff --git a/src/or/channel.h b/src/or/channel.h index 33dceb1be0..ea280f2fd2 100644 --- a/src/or/channel.h +++ b/src/or/channel.h @@ -11,6 +11,8 @@ #include "or.h" #include "circuitmux.h" +#include "timers.h" +#include "handles.h" /* Channel handler function pointer typedefs */ typedef void (*channel_listener_fn_ptr)(channel_listener_t *, channel_t *); @@ -22,6 +24,17 @@ TOR_SIMPLEQ_HEAD(chan_cell_queue, cell_queue_entry_s); typedef struct chan_cell_queue chan_cell_queue_t; /** + * This enum is used by channelpadding to decide when to pad channels. + * Don't add values to it without updating the checks in + * channelpadding_decide_to_pad_channel(). + */ +typedef enum { + CHANNEL_USED_NOT_USED_FOR_FULL_CIRCS = 0, + CHANNEL_USED_FOR_FULL_CIRCS, + CHANNEL_USED_FOR_USER_TRAFFIC, +} channel_usage_info_t; + +/** * Channel struct; see the channel_t typedef in or.h. A channel is an * abstract interface for the OR-to-OR connection, similar to connection_or_t, * but without the strong coupling to the underlying TLS implementation. They @@ -34,11 +47,17 @@ struct channel_s { /** Magic number for type-checking cast macros */ uint32_t magic; + /** List entry for hashtable for global-identifier lookup. */ + HT_ENTRY(channel_s) gidmap_node; + + /** Handle entry for handle-based lookup */ + HANDLE_ENTRY(channel, channel_s); + /** Current channel state */ channel_state_t state; /** Globally unique ID number for a channel over the lifetime of a Tor - * process. + * process. This may not be 0. */ uint64_t global_identifier; @@ -48,6 +67,61 @@ struct channel_s { /** has this channel ever been open? */ unsigned int has_been_open:1; + /** + * This field indicates if the other side has enabled or disabled + * padding via either the link protocol version or + * channelpadding_negotiate cells. + * + * Clients can override this with ConnectionPadding in torrc to + * disable or force padding to relays, but relays cannot override the + * client's request. + */ + unsigned int padding_enabled:1; + + /** Cached value of our decision to pad (to avoid expensive + * checks during critical path statistics counting). */ + unsigned int currently_padding:1; + + /** Is there a pending netflow padding callback? */ + unsigned int pending_padding_callback:1; + + /** Is our peer likely to consider this channel canonical? */ + unsigned int is_canonical_to_peer:1; + + /** Has this channel ever been used for non-directory traffic? + * Used to decide what channels to pad, and when. */ + channel_usage_info_t channel_usage; + + /** When should we send a cell for netflow padding, in absolute + * milliseconds since monotime system start. 0 means no padding + * is scheduled. */ + uint64_t next_padding_time_ms; + + /** The callback pointer for the padding callbacks */ + tor_timer_t *padding_timer; + /** The handle to this channel (to free on canceled timers) */ + struct channel_handle_t *timer_handle; + + /** + * These two fields specify the minimum and maximum negotiated timeout + * values for inactivity (send or receive) before we decide to pad a + * channel. These fields can be set either via a PADDING_NEGOTIATE cell, + * or the torrc option ReducedConnectionPadding. The consensus parameters + * nf_ito_low and nf_ito_high are used to ensure that padding can only be + * negotiated to be less frequent than what is specified in the consensus. + * (This is done to prevent wingnut clients from requesting excessive + * padding). + * + * The actual timeout value is randomly chosen between these two values + * as per the table in channelpadding_get_netflow_inactive_timeout_ms(), + * after ensuring that these values do not specify lower timeouts than + * the consensus parameters. + * + * If these are 0, we have not negotiated or specified custom padding + * times, and instead use consensus defaults. */ + uint16_t padding_timeout_low_ms; + uint16_t padding_timeout_high_ms; + /** Why did we close? */ enum { @@ -87,6 +161,18 @@ struct channel_s { time_t timestamp_created; /* Channel created */ time_t timestamp_active; /* Any activity */ + /** + * This is a high-resolution monotonic timestamp that marks when we + * believe the channel has actually sent or received data to/from + * the wire. Right now, it is used to determine when we should send + * a padding cell for channelpadding. + * + * XXX: Are we setting timestamp_xfer_ms in the right places to + * accurately reflect actual network data transfer? Or might this be + * very wrong wrt when bytes actually go on the wire? + */ + uint64_t timestamp_xfer_ms; + /* Methods implemented by the lower layer */ /** Free a channel */ @@ -214,8 +300,8 @@ struct channel_s { unsigned int is_bad_for_new_circs:1; /** True iff we have decided that the other end of this connection - * is a client. Channels with this flag set should never be used - * to satisfy an EXTEND request. */ + * is a client or bridge relay. Connections with this flag set should never + * be used to satisfy an EXTEND request. */ unsigned int is_client:1; /** Set if the channel was initiated remotely (came from a listener) */ @@ -516,9 +602,7 @@ channel_t * channel_get_for_extend(const char *rsa_id_digest, int *launch_out); /* Ask which of two channels is better for circuit-extension purposes */ -int channel_is_better(time_t now, - channel_t *a, channel_t *b, - int forgive_new_connections); +int channel_is_better(channel_t *a, channel_t *b); /** Channel lookups */ @@ -601,6 +685,7 @@ void channel_listener_dump_statistics(channel_listener_t *chan_l, int severity); void channel_listener_dump_transport_statistics(channel_listener_t *chan_l, int severity); +void channel_check_for_duplicates(void); void channel_update_bad_for_new_circs(const char *digest, int force); @@ -630,5 +715,8 @@ int packed_cell_is_destroy(channel_t *chan, const packed_cell_t *packed_cell, circid_t *circid_out); +/* Declare the handle helpers */ +HANDLE_DECL(channel, channel_s,) + #endif diff --git a/src/or/channelpadding.c b/src/or/channelpadding.c new file mode 100644 index 0000000000..f5248e8960 --- /dev/null +++ b/src/or/channelpadding.c @@ -0,0 +1,749 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2015, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/* TOR_CHANNEL_INTERNAL_ define needed for an O(1) implementation of + * channelpadding_channel_to_channelinfo() */ +#define TOR_CHANNEL_INTERNAL_ + +#include "or.h" +#include "channel.h" +#include "channelpadding.h" +#include "channeltls.h" +#include "config.h" +#include "networkstatus.h" +#include "connection.h" +#include "connection_or.h" +#include "main.h" +#include "rephist.h" +#include "router.h" +#include "compat_time.h" +#include <event2/event.h> + +STATIC int channelpadding_get_netflow_inactive_timeout_ms(const channel_t *); +STATIC int channelpadding_send_disable_command(channel_t *); +STATIC int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *); + +/** The total number of pending channelpadding timers */ +static uint64_t total_timers_pending; + +/** These are cached consensus parameters for netflow */ +/** The timeout lower bound that is allowed before sending padding */ +static int consensus_nf_ito_low; +/** The timeout upper bound that is allowed before sending padding */ +static int consensus_nf_ito_high; +/** The timeout lower bound that is allowed before sending reduced padding */ +static int consensus_nf_ito_low_reduced; +/** The timeout upper bound that is allowed before sending reduced padding */ +static int consensus_nf_ito_high_reduced; +/** The connection timeout between relays */ +static int consensus_nf_conntimeout_relays; +/** The connection timeout for client connections */ +static int consensus_nf_conntimeout_clients; +/** Should we pad before circuits are actually used for client data? */ +static int consensus_nf_pad_before_usage; +/** Should we pad relay-to-relay connections? */ +static int consensus_nf_pad_relays; + +#define TOR_MSEC_PER_SEC 1000 +#define TOR_USEC_PER_MSEC 1000 + +/** + * How often do we get called by the connection housekeeping (ie: once + * per second) */ +#define TOR_HOUSEKEEPING_CALLBACK_MSEC 1000 +/** + * Additional extra time buffer on the housekeeping callback, since + * it can be delayed. This extra slack is used to decide if we should + * schedule a timer or wait for the next callback. */ +#define TOR_HOUSEKEEPING_CALLBACK_SLACK_MSEC 100 + +/** + * This macro tells us if either end of the channel is connected to a client. + * (If we're not a server, we're definitely a client. If the channel thinks + * its a client, use that. Then finally verify in the consensus). + */ +#define CHANNEL_IS_CLIENT(chan, options) \ + (!public_server_mode((options)) || (chan)->is_client || \ + !connection_or_digest_is_known_relay((chan)->identity_digest)) + +/** + * This function is called to update cached consensus parameters every time + * there is a consensus update. This allows us to move the consensus param + * search off of the critical path, so it does not need to be evaluated + * for every single connection, every second. + */ +void +channelpadding_new_consensus_params(networkstatus_t *ns) +{ +#define DFLT_NETFLOW_INACTIVE_KEEPALIVE_LOW 1500 +#define DFLT_NETFLOW_INACTIVE_KEEPALIVE_HIGH 9500 +#define DFLT_NETFLOW_INACTIVE_KEEPALIVE_MIN 0 +#define DFLT_NETFLOW_INACTIVE_KEEPALIVE_MAX 60000 + consensus_nf_ito_low = networkstatus_get_param(ns, "nf_ito_low", + DFLT_NETFLOW_INACTIVE_KEEPALIVE_LOW, + DFLT_NETFLOW_INACTIVE_KEEPALIVE_MIN, + DFLT_NETFLOW_INACTIVE_KEEPALIVE_MAX); + consensus_nf_ito_high = networkstatus_get_param(ns, "nf_ito_high", + DFLT_NETFLOW_INACTIVE_KEEPALIVE_HIGH, + consensus_nf_ito_low, + DFLT_NETFLOW_INACTIVE_KEEPALIVE_MAX); + +#define DFLT_NETFLOW_REDUCED_KEEPALIVE_LOW 9000 +#define DFLT_NETFLOW_REDUCED_KEEPALIVE_HIGH 14000 +#define DFLT_NETFLOW_REDUCED_KEEPALIVE_MIN 0 +#define DFLT_NETFLOW_REDUCED_KEEPALIVE_MAX 60000 + consensus_nf_ito_low_reduced = + networkstatus_get_param(ns, "nf_ito_low_reduced", + DFLT_NETFLOW_REDUCED_KEEPALIVE_LOW, + DFLT_NETFLOW_REDUCED_KEEPALIVE_MIN, + DFLT_NETFLOW_REDUCED_KEEPALIVE_MAX); + + consensus_nf_ito_high_reduced = + networkstatus_get_param(ns, "nf_ito_high_reduced", + DFLT_NETFLOW_REDUCED_KEEPALIVE_HIGH, + consensus_nf_ito_low_reduced, + DFLT_NETFLOW_REDUCED_KEEPALIVE_MAX); + +#define CONNTIMEOUT_RELAYS_DFLT (60*60) // 1 hour +#define CONNTIMEOUT_RELAYS_MIN 60 +#define CONNTIMEOUT_RELAYS_MAX (7*24*60*60) // 1 week + consensus_nf_conntimeout_relays = + networkstatus_get_param(ns, "nf_conntimeout_relays", + CONNTIMEOUT_RELAYS_DFLT, + CONNTIMEOUT_RELAYS_MIN, + CONNTIMEOUT_RELAYS_MAX); + +#define CIRCTIMEOUT_CLIENTS_DFLT (30*60) // 30 minutes +#define CIRCTIMEOUT_CLIENTS_MIN 60 +#define CIRCTIMEOUT_CLIENTS_MAX (24*60*60) // 24 hours + consensus_nf_conntimeout_clients = + networkstatus_get_param(ns, "nf_conntimeout_clients", + CIRCTIMEOUT_CLIENTS_DFLT, + CIRCTIMEOUT_CLIENTS_MIN, + CIRCTIMEOUT_CLIENTS_MAX); + + consensus_nf_pad_before_usage = + networkstatus_get_param(ns, "nf_pad_before_usage", 1, 0, 1); + + consensus_nf_pad_relays = + networkstatus_get_param(ns, "nf_pad_relays", 0, 0, 1); +} + +/** + * Get a random netflow inactive timeout keepalive period in milliseconds, + * the range for which is determined by consensus parameters, negotiation, + * configuration, or default values. The consensus parameters enforce the + * minimum possible value, to avoid excessively frequent padding. + * + * The ranges for this value were chosen to be low enough to ensure that + * routers do not emit a new netflow record for a connection due to it + * being idle. + * + * Specific timeout values for major routers are listed in Proposal 251. + * No major router appeared capable of setting an inactive timeout below 10 + * seconds, so we set the defaults below that value, since we can always + * scale back if it ends up being too much padding. + * + * Returns the next timeout period (in milliseconds) after which we should + * send a padding packet, or 0 if padding is disabled. + */ +STATIC int +channelpadding_get_netflow_inactive_timeout_ms(const channel_t *chan) +{ + int low_timeout = consensus_nf_ito_low; + int high_timeout = consensus_nf_ito_high; + int X1, X2; + + if (low_timeout == 0 && low_timeout == high_timeout) + return 0; // No padding + + /* If we have negotiated different timeout values, use those, but + * don't allow them to be lower than the consensus ones */ + if (chan->padding_timeout_low_ms && chan->padding_timeout_high_ms) { + low_timeout = MAX(low_timeout, chan->padding_timeout_low_ms); + high_timeout = MAX(high_timeout, chan->padding_timeout_high_ms); + } + + if (low_timeout == high_timeout) + return low_timeout; // No randomization + + /* + * This MAX() hack is here because we apply the timeout on both the client + * and the server. This creates the situation where the total time before + * sending a packet in either direction is actually + * min(client_timeout,server_timeout). + * + * If X is a random variable uniform from 0..R-1 (where R=high-low), + * then Y=max(X,X) has Prob(Y == i) = (2.0*i + 1)/(R*R). + * + * If we create a third random variable Z=min(Y,Y), then it turns out that + * Exp[Z] ~= Exp[X]. Here's a table: + * + * R Exp[X] Exp[Z] Exp[min(X,X)] Exp[max(X,X)] + * 2000 999.5 1066 666.2 1332.8 + * 3000 1499.5 1599.5 999.5 1999.5 + * 5000 2499.5 2666 1666.2 3332.8 + * 6000 2999.5 3199.5 1999.5 3999.5 + * 7000 3499.5 3732.8 2332.8 4666.2 + * 8000 3999.5 4266.2 2666.2 5332.8 + * 10000 4999.5 5328 3332.8 6666.2 + * 15000 7499.5 7995 4999.5 9999.5 + * 20000 9900.5 10661 6666.2 13332.8 + * + * In other words, this hack makes it so that when both the client and + * the guard are sending this padding, then the averages work out closer + * to the midpoint of the range, making the overhead easier to tune. + * If only one endpoint is padding (for example: if the relay does not + * support padding, but the client has set ConnectionPadding 1; or + * if the relay does support padding, but the client has set + * ReducedConnectionPadding 1), then the defense will still prevent + * record splitting, but with less overhead than the midpoint + * (as seen by the Exp[max(X,X)] column). + * + * To calculate average padding packet frequency (and thus overhead), + * index into the table by picking a row based on R = high-low. Then, + * use the appropriate column (Exp[Z] for two-sided padding, and + * Exp[max(X,X)] for one-sided padding). Finally, take this value + * and add it to the low timeout value. This value is the average + * frequency which padding packets will be sent. + */ + + X1 = crypto_rand_int(high_timeout - low_timeout); + X2 = crypto_rand_int(high_timeout - low_timeout); + return low_timeout + MAX(X1, X2); +} + +/** + * Update this channel's padding settings based on the PADDING_NEGOTIATE + * contents. + * + * Returns -1 on error; 1 on success. + */ +int +channelpadding_update_padding_for_channel(channel_t *chan, + const channelpadding_negotiate_t *pad_vars) +{ + if (pad_vars->version != 0) { + static ratelim_t version_limit = RATELIM_INIT(600); + + log_fn_ratelim(&version_limit,LOG_PROTOCOL_WARN,LD_PROTOCOL, + "Got a PADDING_NEGOTIATE cell with an unknown version. Ignoring."); + return -1; + } + + // We should not allow malicious relays to disable or reduce padding for + // us as clients. In fact, we should only accept this cell at all if we're + // operating as a relay. Bridges should not accept it from relays, either + // (only from their clients). + if ((get_options()->BridgeRelay && + connection_or_digest_is_known_relay(chan->identity_digest)) || + !get_options()->ORPort_set) { + static ratelim_t relay_limit = RATELIM_INIT(600); + + log_fn_ratelim(&relay_limit,LOG_PROTOCOL_WARN,LD_PROTOCOL, + "Got a PADDING_NEGOTIATE from relay at %s (%s). " + "This should not happen.", + chan->get_remote_descr(chan, 0), + hex_str(chan->identity_digest, DIGEST_LEN)); + return -1; + } + + chan->padding_enabled = (pad_vars->command == CHANNELPADDING_COMMAND_START); + + /* Min must not be lower than the current consensus parameter + nf_ito_low. */ + chan->padding_timeout_low_ms = MAX(consensus_nf_ito_low, + pad_vars->ito_low_ms); + + /* Max must not be lower than ito_low_ms */ + chan->padding_timeout_high_ms = MAX(chan->padding_timeout_low_ms, + pad_vars->ito_high_ms); + + log_fn(LOG_INFO,LD_OR, + "Negotiated padding=%d, lo=%d, hi=%d on "U64_FORMAT, + chan->padding_enabled, chan->padding_timeout_low_ms, + chan->padding_timeout_high_ms, + U64_PRINTF_ARG(chan->global_identifier)); + + return 1; +} + +/** + * Sends a CELL_PADDING_NEGOTIATE on the channel to tell the other side not + * to send padding. + * + * Returns -1 on error, 0 on success. + */ +STATIC int +channelpadding_send_disable_command(channel_t *chan) +{ + channelpadding_negotiate_t disable; + cell_t cell; + + tor_assert(BASE_CHAN_TO_TLS(chan)->conn->link_proto >= + MIN_LINK_PROTO_FOR_CHANNEL_PADDING); + + memset(&cell, 0, sizeof(cell_t)); + memset(&disable, 0, sizeof(channelpadding_negotiate_t)); + cell.command = CELL_PADDING_NEGOTIATE; + + channelpadding_negotiate_set_command(&disable, CHANNELPADDING_COMMAND_STOP); + + if (channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, + &disable) < 0) + return -1; + + if (chan->write_cell(chan, &cell) == 1) + return 0; + else + return -1; +} + +/** + * Sends a CELL_PADDING_NEGOTIATE on the channel to tell the other side to + * resume sending padding at some rate. + * + * Returns -1 on error, 0 on success. + */ +int +channelpadding_send_enable_command(channel_t *chan, uint16_t low_timeout, + uint16_t high_timeout) +{ + channelpadding_negotiate_t enable; + cell_t cell; + + tor_assert(BASE_CHAN_TO_TLS(chan)->conn->link_proto >= + MIN_LINK_PROTO_FOR_CHANNEL_PADDING); + + memset(&cell, 0, sizeof(cell_t)); + memset(&enable, 0, sizeof(channelpadding_negotiate_t)); + cell.command = CELL_PADDING_NEGOTIATE; + + channelpadding_negotiate_set_command(&enable, CHANNELPADDING_COMMAND_START); + channelpadding_negotiate_set_ito_low_ms(&enable, low_timeout); + channelpadding_negotiate_set_ito_high_ms(&enable, high_timeout); + + if (channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, + &enable) < 0) + return -1; + + if (chan->write_cell(chan, &cell) == 1) + return 0; + else + return -1; +} + +/** + * Sends a CELL_PADDING cell on a channel if it has been idle since + * our callback was scheduled. + * + * This function also clears the pending padding timer and the callback + * flags. + */ +static void +channelpadding_send_padding_cell_for_callback(channel_t *chan) +{ + cell_t cell; + + /* Check that the channel is still valid and open */ + if (!chan || chan->state != CHANNEL_STATE_OPEN) { + if (chan) chan->pending_padding_callback = 0; + log_fn(LOG_INFO,LD_OR, + "Scheduled a netflow padding cell, but connection already closed."); + return; + } + + /* We should have a pending callback flag set. */ + if (BUG(chan->pending_padding_callback == 0)) + return; + + chan->pending_padding_callback = 0; + + if (!chan->next_padding_time_ms || + chan->has_queued_writes(chan)) { + /* We must have been active before the timer fired */ + chan->next_padding_time_ms = 0; + return; + } + + { + uint64_t now = monotime_coarse_absolute_msec(); + + log_fn(LOG_INFO,LD_OR, + "Sending netflow keepalive on "U64_FORMAT" to %s (%s) after " + I64_FORMAT" ms. Delta "I64_FORMAT"ms", + U64_PRINTF_ARG(chan->global_identifier), + safe_str_client(chan->get_remote_descr(chan, 0)), + safe_str_client(hex_str(chan->identity_digest, DIGEST_LEN)), + U64_PRINTF_ARG(now - chan->timestamp_xfer_ms), + U64_PRINTF_ARG(now - chan->next_padding_time_ms)); + } + + /* Clear the timer */ + chan->next_padding_time_ms = 0; + + /* Send the padding cell. This will cause the channel to get a + * fresh timestamp_active */ + memset(&cell, 0, sizeof(cell)); + cell.command = CELL_PADDING; + chan->write_cell(chan, &cell); +} + +/** + * tor_timer callback function for us to send padding on an idle channel. + * + * This function just obtains the channel from the callback handle, ensures + * it is still valid, and then hands it off to + * channelpadding_send_padding_cell_for_callback(), which checks if + * the channel is still idle before sending padding. + */ +static void +channelpadding_send_padding_callback(tor_timer_t *timer, void *args, + const struct monotime_t *when) +{ + channel_t *chan = channel_handle_get((struct channel_handle_t*)args); + (void)timer; (void)when; + + if (chan && CHANNEL_CAN_HANDLE_CELLS(chan)) { + /* Hrmm.. It might be nice to have an equivalent to assert_connection_ok + * for channels. Then we could get rid of the channeltls dependency */ + tor_assert(TO_CONN(BASE_CHAN_TO_TLS(chan)->conn)->magic == + OR_CONNECTION_MAGIC); + assert_connection_ok(TO_CONN(BASE_CHAN_TO_TLS(chan)->conn), approx_time()); + + channelpadding_send_padding_cell_for_callback(chan); + } else { + log_fn(LOG_INFO,LD_OR, + "Channel closed while waiting for timer."); + } + + total_timers_pending--; +} + +/** + * Schedules a callback to send padding on a channel in_ms milliseconds from + * now. + * + * Returns CHANNELPADDING_WONTPAD on error, CHANNELPADDING_PADDING_SENT if we + * sent the packet immediately without a timer, and + * CHANNELPADDING_PADDING_SCHEDULED if we decided to schedule a timer. + */ +static channelpadding_decision_t +channelpadding_schedule_padding(channel_t *chan, int in_ms) +{ + struct timeval timeout; + tor_assert(!chan->pending_padding_callback); + + if (in_ms <= 0) { + chan->pending_padding_callback = 1; + channelpadding_send_padding_cell_for_callback(chan); + return CHANNELPADDING_PADDING_SENT; + } + + timeout.tv_sec = in_ms/TOR_MSEC_PER_SEC; + timeout.tv_usec = (in_ms%TOR_USEC_PER_MSEC)*TOR_USEC_PER_MSEC; + + if (!chan->timer_handle) { + chan->timer_handle = channel_handle_new(chan); + } + + if (chan->padding_timer) { + timer_set_cb(chan->padding_timer, + channelpadding_send_padding_callback, + chan->timer_handle); + } else { + chan->padding_timer = timer_new(channelpadding_send_padding_callback, + chan->timer_handle); + } + timer_schedule(chan->padding_timer, &timeout); + + rep_hist_padding_count_timers(++total_timers_pending); + + chan->pending_padding_callback = 1; + return CHANNELPADDING_PADDING_SCHEDULED; +} + +/** + * Calculates the number of milliseconds from now to schedule a padding cell. + * + * Returns the number of milliseconds from now (relative) to schedule the + * padding callback. If the padding timer is more than 1.1 seconds in the + * future, we return -1, to avoid scheduling excessive callbacks. If padding + * is disabled in the consensus, we return -2. + * + * Side-effects: Updates chan->next_padding_time_ms, storing an (absolute, not + * relative) millisecond representation of when we should send padding, unless + * other activity happens first. This side-effect allows us to avoid + * scheduling a libevent callback until we're within 1.1 seconds of the padding + * time. + */ +#define CHANNELPADDING_TIME_LATER -1 +#define CHANNELPADDING_TIME_DISABLED -2 +STATIC int64_t +channelpadding_compute_time_until_pad_for_netflow(channel_t *chan) +{ + uint64_t long_now = monotime_coarse_absolute_msec(); + + if (!chan->next_padding_time_ms) { + /* If the below line or crypto_rand_int() shows up on a profile, + * we can avoid getting a timeout until we're at least nf_ito_lo + * from a timeout window. That will prevent us from setting timers + * on connections that were active up to 1.5 seconds ago. + * Idle connections should only call this once every 5.5s on average + * though, so that might be a micro-optimization for little gain. */ + int64_t padding_timeout = + channelpadding_get_netflow_inactive_timeout_ms(chan); + + if (!padding_timeout) + return CHANNELPADDING_TIME_DISABLED; + + chan->next_padding_time_ms = padding_timeout + + chan->timestamp_xfer_ms; + } + + /* If the next padding time is beyond the maximum possible consensus value, + * then this indicates a clock jump, so just send padding now. This is + * better than using monotonic time because we want to avoid the situation + * where we wait around forever for monotonic time to move forward after + * a clock jump far into the past. + */ + if (chan->next_padding_time_ms > long_now + + DFLT_NETFLOW_INACTIVE_KEEPALIVE_MAX) { + tor_fragile_assert(); + log_warn(LD_BUG, + "Channel padding timeout scheduled "I64_FORMAT"ms in the future. " + "Did the monotonic clock just jump?", + I64_PRINTF_ARG(chan->next_padding_time_ms - long_now)); + return 0; /* Clock jumped: Send padding now */ + } + + /* If the timeout will expire before the next time we're called (1000ms + from now, plus some slack), then calculate the number of milliseconds + from now which we should send padding, so we can schedule a callback + then. + */ + if (long_now + + (TOR_HOUSEKEEPING_CALLBACK_MSEC + TOR_HOUSEKEEPING_CALLBACK_SLACK_MSEC) + >= chan->next_padding_time_ms) { + int64_t ms_until_pad_for_netflow = chan->next_padding_time_ms - + long_now; + if (ms_until_pad_for_netflow < 0) { + log_warn(LD_BUG, + "Channel padding timeout scheduled "I64_FORMAT"ms in the past. " + "Did the monotonic clock just jump?", + I64_PRINTF_ARG(-ms_until_pad_for_netflow)); + return 0; /* Clock jumped: Send padding now */ + } + + return ms_until_pad_for_netflow; + } + return CHANNELPADDING_TIME_LATER; +} + +/** + * Returns a randomized value for channel idle timeout in seconds. + * The channel idle timeout governs how quickly we close a channel + * after its last circuit has disappeared. + * + * There are three classes of channels: + * 1. Client+non-canonical. These live for 3-4.5 minutes + * 2. relay to relay. These live for 45-75 min by default + * 3. Reduced padding clients. These live for 1.5-2.25 minutes. + * + * Also allows the default relay-to-relay value to be controlled by the + * consensus. + */ +unsigned int +channelpadding_get_channel_idle_timeout(const channel_t *chan, + int is_canonical) +{ + const or_options_t *options = get_options(); + unsigned int timeout; + + /* Non-canonical and client channels only last for 3-4.5 min when idle */ + if (!is_canonical || CHANNEL_IS_CLIENT(chan, options)) { +#define CONNTIMEOUT_CLIENTS_BASE 180 // 3 to 4.5 min + timeout = CONNTIMEOUT_CLIENTS_BASE + + crypto_rand_int(CONNTIMEOUT_CLIENTS_BASE/2); + } else { // Canonical relay-to-relay channels + // 45..75min or consensus +/- 25% + timeout = consensus_nf_conntimeout_relays; + timeout = 3*timeout/4 + crypto_rand_int(timeout/2); + } + + /* If ReducedConnectionPadding is set, we want to halve the duration of + * the channel idle timeout, since reducing the additional time that + * a channel stays open will reduce the total overhead for making + * new channels. This reduction in overhead/channel expense + * is important for mobile users. The option cannot be set by relays. + * + * We also don't reduce any values for timeout that the user explicitly + * set. + */ + if (options->ReducedConnectionPadding + && !options->CircuitsAvailableTimeout) { + timeout /= 2; + } + + return timeout; +} + +/** + * This function controls how long we keep idle circuits open, + * and how long we build predicted circuits. This behavior is under + * the control of channelpadding because circuit availability is the + * dominant factor in channel lifespan, which influences total padding + * overhead. + * + * Returns a randomized number of seconds in a range from + * CircuitsAvailableTimeout to 2*CircuitsAvailableTimeout. This value is halved + * if ReducedConnectionPadding is set. The default value of + * CircuitsAvailableTimeout can be controlled by the consensus. + */ +int +channelpadding_get_circuits_available_timeout(void) +{ + const or_options_t *options = get_options(); + int timeout = options->CircuitsAvailableTimeout; + + if (!timeout) { + timeout = consensus_nf_conntimeout_clients; + + /* If ReducedConnectionPadding is set, we want to halve the duration of + * the channel idle timeout, since reducing the additional time that + * a channel stays open will reduce the total overhead for making + * new connections. This reduction in overhead/connection expense + * is important for mobile users. The option cannot be set by relays. + * + * We also don't reduce any values for timeout that the user explicitly + * set. + */ + if (options->ReducedConnectionPadding) { + // half the value to 15..30min by default + timeout /= 2; + } + } + + // 30..60min by default + timeout = timeout + crypto_rand_int(timeout); + + return timeout; +} + +/** + * Calling this function on a channel causes it to tell the other side + * not to send padding, and disables sending padding from this side as well. + */ +void +channelpadding_disable_padding_on_channel(channel_t *chan) +{ + chan->padding_enabled = 0; + + // Send cell to disable padding on the other end + channelpadding_send_disable_command(chan); +} + +/** + * Calling this function on a channel causes it to tell the other side + * not to send padding, and reduces the rate that padding is sent from + * this side. + */ +void +channelpadding_reduce_padding_on_channel(channel_t *chan) +{ + /* Padding can be forced and reduced by clients, regardless of if + * the channel supports it. So we check for support here before + * sending any commands. */ + if (chan->padding_enabled) { + channelpadding_send_disable_command(chan); + } + + chan->padding_timeout_low_ms = consensus_nf_ito_low_reduced; + chan->padding_timeout_high_ms = consensus_nf_ito_high_reduced; + + log_fn(LOG_INFO,LD_OR, + "Reduced padding on channel "U64_FORMAT": lo=%d, hi=%d", + U64_PRINTF_ARG(chan->global_identifier), + chan->padding_timeout_low_ms, chan->padding_timeout_high_ms); +} + +/** + * This function is called once per second by run_connection_housekeeping(), + * but only if the channel is still open, valid, and non-wedged. + * + * It decides if and when we should send a padding cell, and if needed, + * schedules a callback to send that cell at the appropriate time. + * + * Returns an enum that represents the current padding decision state. + * Return value is currently used only by unit tests. + */ +channelpadding_decision_t +channelpadding_decide_to_pad_channel(channel_t *chan) +{ + const or_options_t *options = get_options(); + + /* Only pad open channels */ + if (chan->state != CHANNEL_STATE_OPEN) + return CHANNELPADDING_WONTPAD; + + if (chan->channel_usage == CHANNEL_USED_FOR_FULL_CIRCS) { + if (!consensus_nf_pad_before_usage) + return CHANNELPADDING_WONTPAD; + } else if (chan->channel_usage != CHANNEL_USED_FOR_USER_TRAFFIC) { + return CHANNELPADDING_WONTPAD; + } + + if (chan->pending_padding_callback) + return CHANNELPADDING_PADDING_ALREADY_SCHEDULED; + + /* Don't pad the channel if we didn't negotiate it, but still + * allow clients to force padding if options->ChannelPadding is + * explicitly set to 1. + */ + if (!chan->padding_enabled && options->ConnectionPadding != 1) { + return CHANNELPADDING_WONTPAD; + } + + if (!chan->has_queued_writes(chan)) { + int is_client_channel = 0; + + if (CHANNEL_IS_CLIENT(chan, options)) { + is_client_channel = 1; + } + + /* If nf_pad_relays=1 is set in the consensus, we pad + * on *all* idle connections, relay-relay or relay-client. + * Otherwise pad only for client+bridge cons */ + if (is_client_channel || consensus_nf_pad_relays) { + int64_t pad_time_ms = + channelpadding_compute_time_until_pad_for_netflow(chan); + + if (pad_time_ms == CHANNELPADDING_TIME_DISABLED) { + return CHANNELPADDING_WONTPAD; + } else if (pad_time_ms == CHANNELPADDING_TIME_LATER) { + chan->currently_padding = 1; + return CHANNELPADDING_PADLATER; + } else { + if (BUG(pad_time_ms > INT_MAX)) { + pad_time_ms = INT_MAX; + } + /* We have to schedule a callback because we're called exactly once per + * second, but we don't want padding packets to go out exactly on an + * integer multiple of seconds. This callback will only be scheduled + * if we're within 1.1 seconds of the padding time. + */ + chan->currently_padding = 1; + return channelpadding_schedule_padding(chan, (int)pad_time_ms); + } + } else { + chan->currently_padding = 0; + return CHANNELPADDING_WONTPAD; + } + } else { + return CHANNELPADDING_PADLATER; + } +} + diff --git a/src/or/channelpadding.h b/src/or/channelpadding.h new file mode 100644 index 0000000000..2708ee9739 --- /dev/null +++ b/src/or/channelpadding.h @@ -0,0 +1,40 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2015, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file circuitbuild.h + * \brief Header file for circuitbuild.c. + **/ +#ifndef TOR_CHANNELPADDING_H +#define TOR_CHANNELPADDING_H + +#include "channelpadding_negotiation.h" + +typedef enum { + CHANNELPADDING_WONTPAD, + CHANNELPADDING_PADLATER, + CHANNELPADDING_PADDING_SCHEDULED, + CHANNELPADDING_PADDING_ALREADY_SCHEDULED, + CHANNELPADDING_PADDING_SENT, +} channelpadding_decision_t; + +channelpadding_decision_t channelpadding_decide_to_pad_channel(channel_t + *chan); +int channelpadding_update_padding_for_channel(channel_t *, + const channelpadding_negotiate_t + *chan); + +void channelpadding_disable_padding_on_channel(channel_t *chan); +void channelpadding_reduce_padding_on_channel(channel_t *chan); +int channelpadding_send_enable_command(channel_t *chan, uint16_t low_timeout, + uint16_t high_timeout); + +int channelpadding_get_circuits_available_timeout(void); +unsigned int channelpadding_get_channel_idle_timeout(const channel_t *, int); +void channelpadding_new_consensus_params(networkstatus_t *ns); + +#endif + diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 9d9e7446ab..f44e4fc8ea 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -57,6 +57,9 @@ #include "routerlist.h" #include "scheduler.h" #include "torcert.h" +#include "networkstatus.h" +#include "channelpadding_negotiation.h" +#include "channelpadding.h" /** How many CELL_PADDING cells have we received, ever? */ uint64_t stats_n_padding_cells_processed = 0; @@ -122,6 +125,8 @@ static void channel_tls_process_netinfo_cell(cell_t *cell, static int command_allowed_before_handshake(uint8_t command); static int enter_v3_handshake_with_cell(var_cell_t *cell, channel_tls_t *tlschan); +static void channel_tls_process_padding_negotiate_cell(cell_t *cell, + channel_tls_t *chan); /** * Do parts of channel_tls_t initialization common to channel_tls_connect() @@ -734,6 +739,15 @@ channel_tls_matches_target_method(channel_t *chan, return 0; } + /* real_addr is the address this connection came from. + * base_.addr is updated by connection_or_init_conn_from_address() + * to be the address in the descriptor. It may be tempting to + * allow either address to be allowed, but if we did so, it would + * enable someone who steals a relay's keys to impersonate/MITM it + * from anywhere on the Internet! (Because they could make long-lived + * TLS connections from anywhere to all relays, and wait for them to + * be used for extends). + */ return tor_addr_eq(&(tlschan->conn->real_addr), target); } @@ -1098,9 +1112,16 @@ channel_tls_handle_cell(cell_t *cell, or_connection_t *conn) /* We note that we're on the internet whenever we read a cell. This is * a fast operation. */ entry_guards_note_internet_connectivity(get_guard_selection_info()); + rep_hist_padding_count_read(PADDING_TYPE_TOTAL); + + if (TLS_CHAN_TO_BASE(chan)->currently_padding) + rep_hist_padding_count_read(PADDING_TYPE_ENABLED_TOTAL); switch (cell->command) { case CELL_PADDING: + rep_hist_padding_count_read(PADDING_TYPE_CELL); + if (TLS_CHAN_TO_BASE(chan)->currently_padding) + rep_hist_padding_count_read(PADDING_TYPE_ENABLED_CELL); ++stats_n_padding_cells_processed; /* do nothing */ break; @@ -1111,6 +1132,10 @@ channel_tls_handle_cell(cell_t *cell, or_connection_t *conn) ++stats_n_netinfo_cells_processed; PROCESS_CELL(netinfo, cell, chan); break; + case CELL_PADDING_NEGOTIATE: + ++stats_n_netinfo_cells_processed; + PROCESS_CELL(padding_negotiate, cell, chan); + break; case CELL_CREATE: case CELL_CREATE_FAST: case CELL_CREATED: @@ -1566,9 +1591,12 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan) /* We set this after sending the verions cell. */ /*XXXXX symbolic const.*/ - chan->base_.wide_circ_ids = + TLS_CHAN_TO_BASE(chan)->wide_circ_ids = chan->conn->link_proto >= MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS; - chan->conn->wide_circ_ids = chan->base_.wide_circ_ids; + chan->conn->wide_circ_ids = TLS_CHAN_TO_BASE(chan)->wide_circ_ids; + + TLS_CHAN_TO_BASE(chan)->padding_enabled = + chan->conn->link_proto >= MIN_LINK_PROTO_FOR_CHANNEL_PADDING; if (send_certs) { if (connection_or_send_certs_cell(chan->conn) < 0) { @@ -1595,6 +1623,43 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan) } /** + * Process a 'padding_negotiate' cell + * + * This function is called to handle an incoming PADDING_NEGOTIATE cell; + * enable or disable padding accordingly, and read and act on its timeout + * value contents. + */ +static void +channel_tls_process_padding_negotiate_cell(cell_t *cell, channel_tls_t *chan) +{ + channelpadding_negotiate_t *negotiation; + tor_assert(cell); + tor_assert(chan); + tor_assert(chan->conn); + + if (chan->conn->link_proto < MIN_LINK_PROTO_FOR_CHANNEL_PADDING) { + log_fn(LOG_PROTOCOL_WARN, LD_OR, + "Received a PADDING_NEGOTIATE cell on v%d connection; dropping.", + chan->conn->link_proto); + return; + } + + if (channelpadding_negotiate_parse(&negotiation, cell->payload, + CELL_PAYLOAD_SIZE) < 0) { + log_fn(LOG_PROTOCOL_WARN, LD_OR, + "Received malformed PADDING_NEGOTIATE cell on v%d connection; " + "dropping.", chan->conn->link_proto); + + return; + } + + channelpadding_update_padding_for_channel(TLS_CHAN_TO_BASE(chan), + negotiation); + + channelpadding_negotiate_free(negotiation); +} + +/** * Process a 'netinfo' cell * * This function is called to handle an incoming NETINFO cell; read and act @@ -1611,6 +1676,7 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) const uint8_t *cp, *end; uint8_t n_other_addrs; time_t now = time(NULL); + const routerinfo_t *me = router_get_my_routerinfo(); long apparent_skew = 0; tor_addr_t my_apparent_addr = TOR_ADDR_NULL; @@ -1654,6 +1720,10 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) tor_assert(tor_mem_is_zero( (const char*)(chan->conn->handshake_state-> authenticated_ed25519_peer_id.pubkey), 32)); + /* If the client never authenticated, it's a tor client or bridge + * relay, and we must not use it for EXTEND requests (nor could we, as + * there are no authenticated peer IDs) */ + channel_mark_client(TLS_CHAN_TO_BASE(chan)); channel_set_circid_type(TLS_CHAN_TO_BASE(chan), NULL, chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS); @@ -1689,8 +1759,20 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) if (my_addr_type == RESOLVED_TYPE_IPV4 && my_addr_len == 4) { tor_addr_from_ipv4n(&my_apparent_addr, get_uint32(my_addr_ptr)); + + if (!get_options()->BridgeRelay && me && + get_uint32(my_addr_ptr) == htonl(me->addr)) { + TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer = 1; + } + } else if (my_addr_type == RESOLVED_TYPE_IPV6 && my_addr_len == 16) { tor_addr_from_ipv6_bytes(&my_apparent_addr, (const char *) my_addr_ptr); + + if (!get_options()->BridgeRelay && me && + !tor_addr_is_null(&me->ipv6_addr) && + tor_addr_eq(&my_apparent_addr, &me->ipv6_addr)) { + TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer = 1; + } } n_other_addrs = (uint8_t) *cp++; @@ -1706,6 +1788,14 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) connection_or_close_for_error(chan->conn, 0); return; } + /* A relay can connect from anywhere and be canonical, so + * long as it tells you from where it came. This may be a bit + * concerning.. Luckily we have another check in + * channel_tls_matches_target_method() to ensure that extends + * only go to the IP they ask for. + * + * XXX: Bleh. That check is not used if the connection is canonical. + */ if (tor_addr_eq(&addr, &(chan->conn->real_addr))) { connection_or_set_canonical(chan->conn, 1); break; @@ -1714,6 +1804,21 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) --n_other_addrs; } + if (me && !TLS_CHAN_TO_BASE(chan)->is_canonical_to_peer && + channel_is_canonical(TLS_CHAN_TO_BASE(chan))) { + const char *descr = + TLS_CHAN_TO_BASE(chan)->get_remote_descr(TLS_CHAN_TO_BASE(chan), 0); + log_info(LD_OR, + "We made a connection to a relay at %s (fp=%s) but we think " + "they will not consider this connection canonical. They " + "think we are at %s, but we think its %s.", + safe_str(descr), + safe_str(hex_str(chan->conn->identity_digest, DIGEST_LEN)), + safe_str(tor_addr_is_null(&my_apparent_addr) ? + "<none>" : fmt_and_decorate_addr(&my_apparent_addr)), + safe_str(fmt_addr32(me->addr))); + } + /* Act on apparent skew. */ /** Warn when we get a netinfo skew with at least this value. */ #define NETINFO_NOTICE_SKEW 3600 diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index f8b3609757..16cef0e56b 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -816,12 +816,7 @@ should_use_create_fast_for_circuit(origin_circuit_t *circ) * creating on behalf of others. */ return 0; } - if (options->FastFirstHopPK == -1) { - /* option is "auto", so look at the consensus. */ - return networkstatus_get_param(NULL, "usecreatefast", 0, 0, 1); - } - - return options->FastFirstHopPK; + return networkstatus_get_param(NULL, "usecreatefast", 0, 0, 1); } /** Return true if <b>circ</b> is the type of circuit we want to count @@ -939,9 +934,18 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) memset(&cc, 0, sizeof(cc)); if (circ->build_state->onehop_tunnel) control_event_bootstrap(BOOTSTRAP_STATUS_ONEHOP_CREATE, 0); - else + else { control_event_bootstrap(BOOTSTRAP_STATUS_CIRCUIT_CREATE, 0); + /* If this is not a one-hop tunnel, the channel is being used + * for traffic that wants anonymity and protection from traffic + * analysis (such as netflow record retention). That means we want + * to pad it. + */ + if (circ->base_.n_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS) + circ->base_.n_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; + } + node = node_get_by_id(circ->base_.n_chan->identity_digest); fast = should_use_create_fast_for_circuit(circ); if (!fast) { @@ -1828,15 +1832,16 @@ choose_good_exit_server_general(int need_uptime, int need_capacity) * we'll retry later in this function with need_update and * need_capacity set to 0. */ } - if (!(node->is_valid || options->AllowInvalid_ & ALLOW_INVALID_EXIT)) { + if (!(node->is_valid)) { /* if it's invalid and we don't want it */ n_supported[i] = -1; // log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- invalid router.", // router->nickname, i); continue; /* skip invalid routers */ } - if (options->ExcludeSingleHopRelays && - node_allows_single_hop_exits(node)) { + /* We do not allow relays that allow single hop exits by default. Option + * was deprecated in 0.2.9.2-alpha and removed in 0.3.1.0-alpha. */ + if (node_allows_single_hop_exits(node)) { n_supported[i] = -1; continue; } @@ -1968,7 +1973,6 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags, const or_options_t *options) { const node_t *rp_node = NULL; - const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0; const int need_desc = (flags & CRN_NEED_DESC) != 0; const int pref_addr = (flags & CRN_PREF_ADDR) != 0; const int direct_conn = (flags & CRN_DIRECT_CONN) != 0; @@ -1980,7 +1984,6 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags, /* Add all running nodes to all_live_nodes */ router_add_running_nodes_to_smartlist(all_live_nodes, - allow_invalid, 0, 0, 0, need_desc, pref_addr, @@ -2022,9 +2025,6 @@ pick_rendezvous_node(router_crn_flags_t flags) { const or_options_t *options = get_options(); - if (options->AllowInvalid_ & ALLOW_INVALID_RENDEZVOUS) - flags |= CRN_ALLOW_INVALID; - #ifdef ENABLE_TOR2WEB_MODE /* We want to connect directly to the node if we can */ router_crn_flags_t direct_flags = flags; @@ -2081,8 +2081,6 @@ choose_good_exit_server(uint8_t purpose, switch (purpose) { case CIRCUIT_PURPOSE_C_GENERAL: - if (options->AllowInvalid_ & ALLOW_INVALID_MIDDLE) - flags |= CRN_ALLOW_INVALID; if (is_internal) /* pick it like a middle hop */ return router_choose_random_node(NULL, options->ExcludeNodes, flags); else @@ -2280,10 +2278,6 @@ count_acceptable_nodes, (smartlist_t *nodes)) if (! node->is_running) // log_debug(LD_CIRC,"Nope, the directory says %d is not running.",i); continue; - /* XXX This clause makes us count incorrectly: if AllowInvalidRouters - * allows this node in some places, then we're getting an inaccurate - * count. For now, be conservative and don't count it. But later we - * should try to be smarter. */ if (! node->is_valid) // log_debug(LD_CIRC,"Nope, the directory says %d is not valid.",i); continue; @@ -2354,8 +2348,6 @@ choose_good_middle_server(uint8_t purpose, flags |= CRN_NEED_UPTIME; if (state->need_capacity) flags |= CRN_NEED_CAPACITY; - if (options->AllowInvalid_ & ALLOW_INVALID_MIDDLE) - flags |= CRN_ALLOW_INVALID; choice = router_choose_random_node(excluded, options->ExcludeNodes, flags); smartlist_free(excluded); return choice; @@ -2408,8 +2400,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state, if (state->need_capacity) flags |= CRN_NEED_CAPACITY; } - if (options->AllowInvalid_ & ALLOW_INVALID_ENTRY) - flags |= CRN_ALLOW_INVALID; choice = router_choose_random_node(excluded, options->ExcludeNodes, flags); smartlist_free(excluded); diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 365e5b2f89..5761890924 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -78,6 +78,7 @@ #include "rephist.h" #include "routerlist.h" #include "routerset.h" +#include "channelpadding.h" #include "ht.h" @@ -814,6 +815,11 @@ init_circuit_base(circuit_t *circ) circ->global_circuitlist_idx = smartlist_len(circuit_get_global_list()) - 1; } +/** If we haven't yet decided on a good timeout value for circuit + * building, we close idle circuits aggressively so we can get more + * data points. */ +#define IDLE_TIMEOUT_WHILE_LEARNING (1*60) + /** Allocate space for a new circuit, initializing with <b>p_circ_id</b> * and <b>p_conn</b>. Add it to the global circuit list. */ @@ -841,6 +847,41 @@ origin_circuit_new(void) circuit_build_times_update_last_circ(get_circuit_build_times_mutable()); + if (! circuit_build_times_disabled(get_options()) && + circuit_build_times_needs_circuits(get_circuit_build_times())) { + /* Circuits should be shorter lived if we need more of them + * for learning a good build timeout */ + circ->circuit_idle_timeout = IDLE_TIMEOUT_WHILE_LEARNING; + } else { + // This should always be larger than the current port prediction time + // remaining, or else we'll end up with the case where a circuit times out + // and another one is built, effectively doubling the timeout window. + // + // We also randomize it by up to 5% more (ie 5% of 0 to 3600 seconds, + // depending on how much circuit prediction time is remaining) so that + // we don't close a bunch of unused circuits all at the same time. + int prediction_time_remaining = + predicted_ports_prediction_time_remaining(time(NULL)); + circ->circuit_idle_timeout = prediction_time_remaining+1+ + crypto_rand_int(1+prediction_time_remaining/20); + + if (circ->circuit_idle_timeout <= 0) { + log_warn(LD_BUG, + "Circuit chose a negative idle timeout of %d based on " + "%d seconds of predictive building remaining.", + circ->circuit_idle_timeout, + prediction_time_remaining); + circ->circuit_idle_timeout = IDLE_TIMEOUT_WHILE_LEARNING; + } + + log_info(LD_CIRC, + "Circuit " U64_FORMAT " chose an idle timeout of %d based on " + "%d seconds of predictive building remaining.", + U64_PRINTF_ARG(circ->global_identifier), + circ->circuit_idle_timeout, + prediction_time_remaining); + } + return circ; } diff --git a/src/or/circuitstats.c b/src/or/circuitstats.c index fe6f723bd5..51d580a1a4 100644 --- a/src/or/circuitstats.c +++ b/src/or/circuitstats.c @@ -107,10 +107,19 @@ get_circuit_build_timeout_ms(void) int circuit_build_times_disabled(const or_options_t *options) { + return circuit_build_times_disabled_(options, 0); +} + +/** As circuit_build_times_disabled, but take options as an argument. */ +int +circuit_build_times_disabled_(const or_options_t *options, + int ignore_consensus) +{ if (unit_tests) { return 0; } else { - int consensus_disabled = networkstatus_get_param(NULL, "cbtdisabled", + int consensus_disabled = + ignore_consensus ? 0 : networkstatus_get_param(NULL, "cbtdisabled", 0, 0, 1); int config_disabled = !options->LearnCircuitBuildTimeout; int dirauth_disabled = options->AuthoritativeDir; diff --git a/src/or/circuitstats.h b/src/or/circuitstats.h index 4977b26c0d..8a1dec4bfd 100644 --- a/src/or/circuitstats.h +++ b/src/or/circuitstats.h @@ -18,6 +18,9 @@ double get_circuit_build_close_time_ms(void); double get_circuit_build_timeout_ms(void); int circuit_build_times_disabled(const or_options_t *options); +int circuit_build_times_disabled_(const or_options_t *options, + int ignore_consensus); + int circuit_build_times_enough_to_compute(const circuit_build_times_t *cbt); void circuit_build_times_update_state(const circuit_build_times_t *cbt, or_state_t *state); diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 8d233e0cb6..9f9d3abf7c 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -705,18 +705,15 @@ circuit_expire_building(void) } } - /* If this is a hidden service client circuit which is far enough - * along in connecting to its destination, and we haven't already - * flagged it as 'timed out', and the user has not told us to - * close such circs immediately on timeout, flag it as 'timed out' - * so we'll launch another intro or rend circ, but don't mark it - * for close yet. + /* If this is a hidden service client circuit which is far enough along in + * connecting to its destination, and we haven't already flagged it as + * 'timed out', flag it so we'll launch another intro or rend circ, but + * don't mark it for close yet. * * (Circs flagged as 'timed out' are given a much longer timeout * period above, so we won't close them in the next call to * circuit_expire_building.) */ - if (!(options->CloseHSClientCircuitsImmediatelyOnTimeout) && - !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) { + if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) { switch (victim->purpose) { case CIRCUIT_PURPOSE_C_REND_READY: /* We only want to spare a rend circ if it has been specified in @@ -750,8 +747,7 @@ circuit_expire_building(void) /* If this is a service-side rendezvous circuit which is far * enough along in connecting to its destination, consider sparing * it. */ - if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) && - !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) && + if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) && victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) { log_info(LD_CIRC,"Marking circ %u (state %d:%s, purpose %d) " "as timed-out HS circ; relaunching rendezvous attempt.", @@ -1383,11 +1379,6 @@ circuit_detach_stream(circuit_t *circ, edge_connection_t *conn) tor_fragile_assert(); } -/** If we haven't yet decided on a good timeout value for circuit - * building, we close idles circuits aggressively so we can get more - * data points. */ -#define IDLE_TIMEOUT_WHILE_LEARNING (10*60) - /** Find each circuit that has been unused for too long, or dirty * for too long and has no streams on it: mark it for close. */ @@ -1397,21 +1388,15 @@ circuit_expire_old_circuits_clientside(void) struct timeval cutoff, now; tor_gettimeofday(&now); - cutoff = now; last_expired_clientside_circuits = now.tv_sec; - if (! circuit_build_times_disabled(get_options()) && - circuit_build_times_needs_circuits(get_circuit_build_times())) { - /* Circuits should be shorter lived if we need more of them - * for learning a good build timeout */ - cutoff.tv_sec -= IDLE_TIMEOUT_WHILE_LEARNING; - } else { - cutoff.tv_sec -= get_options()->CircuitIdleTimeout; - } - SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) { if (circ->marked_for_close || !CIRCUIT_IS_ORIGIN(circ)) continue; + + cutoff = now; + cutoff.tv_sec -= TO_ORIGIN_CIRCUIT(circ)->circuit_idle_timeout; + /* If the circuit has been dirty for too long, and there are no streams * on it, mark it for close. */ @@ -1437,8 +1422,10 @@ circuit_expire_old_circuits_clientside(void) (circ->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING && circ->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) || circ->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) { - log_debug(LD_CIRC, - "Closing circuit that has been unused for %ld msec.", + log_info(LD_CIRC, + "Closing circuit "U64_FORMAT + " that has been unused for %ld msec.", + U64_PRINTF_ARG(TO_ORIGIN_CIRCUIT(circ)->global_identifier), tv_mdiff(&circ->timestamp_began, &now)); circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED); } else if (!TO_ORIGIN_CIRCUIT(circ)->is_ancient) { diff --git a/src/or/command.c b/src/or/command.c index 0992e97b8b..c667cbbe52 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -326,10 +326,19 @@ command_process_create_cell(cell_t *cell, channel_t *chan) return; } + if (connection_or_digest_is_known_relay(chan->identity_digest)) { + rep_hist_note_circuit_handshake_requested(create_cell->handshake_type); + // Needed for chutney: Sometimes relays aren't in the consensus yet, and + // get marked as clients. This resets their channels once they appear. + // Probably useful for normal operation wrt relay flapping, too. + chan->is_client = 0; + } else { + channel_mark_client(chan); + } + if (create_cell->handshake_type != ONION_HANDSHAKE_TYPE_FAST) { /* hand it off to the cpuworkers, and then return. */ - if (connection_or_digest_is_known_relay(chan->identity_digest)) - rep_hist_note_circuit_handshake_requested(create_cell->handshake_type); + if (assign_onionskin_to_cpuworker(circ, create_cell) < 0) { log_debug(LD_GENERAL,"Failed to hand off onionskin. Closing."); circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_RESOURCELIMIT); @@ -344,8 +353,14 @@ command_process_create_cell(cell_t *cell, channel_t *chan) int len; created_cell_t created_cell; - /* Make sure we never try to use the OR connection on which we - * received this cell to satisfy an EXTEND request, */ + /* If the client used CREATE_FAST, it's probably a tor client or bridge + * relay, and we must not use it for EXTEND requests (in most cases, we + * won't have an authenticated peer ID for the extend). + * Public relays on 0.2.9 and later will use CREATE_FAST if they have no + * ntor onion key for this relay, but that should be a rare occurrence. + * Clients on 0.3.1 and later avoid using CREATE_FAST as much as they can, + * even during bootstrap, so the CREATE_FAST check is most accurate for + * earlier tor client versions. */ channel_mark_client(chan); memset(&created_cell, 0, sizeof(created_cell)); diff --git a/src/or/config.c b/src/or/config.c index 201cca7941..461cf0aa49 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -206,10 +206,10 @@ static config_var_t option_vars_[] = { V(AccountingStart, STRING, NULL), V(Address, STRING, NULL), V(AllowDotExit, BOOL, "0"), - V(AllowInvalidNodes, CSV, "middle,rendezvous"), + OBSOLETE("AllowInvalidNodes"), V(AllowNonRFC953Hostnames, BOOL, "0"), - V(AllowSingleHopCircuits, BOOL, "0"), - V(AllowSingleHopExits, BOOL, "0"), + OBSOLETE("AllowSingleHopCircuits"), + OBSOLETE("AllowSingleHopExits"), V(AlternateBridgeAuthority, LINELIST, NULL), V(AlternateDirAuthority, LINELIST, NULL), OBSOLETE("AlternateHSAuthority"), @@ -243,9 +243,11 @@ static config_var_t option_vars_[] = { V(BridgeRecordUsageByCountry, BOOL, "1"), V(BridgeRelay, BOOL, "0"), V(CellStatistics, BOOL, "0"), + V(PaddingStatistics, BOOL, "1"), V(LearnCircuitBuildTimeout, BOOL, "1"), V(CircuitBuildTimeout, INTERVAL, "0"), - V(CircuitIdleTimeout, INTERVAL, "1 hour"), + OBSOLETE("CircuitIdleTimeout"), + V(CircuitsAvailableTimeout, INTERVAL, "0"), V(CircuitStreamTimeout, INTERVAL, "0"), V(CircuitPriorityHalflife, DOUBLE, "-100.0"), /*negative:'Use default'*/ V(ClientDNSRejectInternalAddresses, BOOL,"1"), @@ -262,7 +264,7 @@ static config_var_t option_vars_[] = { V(ConstrainedSockets, BOOL, "0"), V(ConstrainedSockSize, MEMUNIT, "8192"), V(ContactInfo, STRING, NULL), - V(ControlListenAddress, LINELIST, NULL), + OBSOLETE("ControlListenAddress"), VPORT(ControlPort), V(ControlPortFileGroupReadable,BOOL, "0"), V(ControlPortWriteToFile, FILENAME, NULL), @@ -279,7 +281,7 @@ static config_var_t option_vars_[] = { V(DisableNetwork, BOOL, "0"), V(DirAllowPrivateAddresses, BOOL, "0"), V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"), - V(DirListenAddress, LINELIST, NULL), + OBSOLETE("DirListenAddress"), V(DirPolicy, LINELIST, NULL), VPORT(DirPort), V(DirPortFrontPage, FILENAME, NULL), @@ -293,7 +295,7 @@ static config_var_t option_vars_[] = { OBSOLETE("DisableV2DirectoryInfo_"), OBSOLETE("DynamicDHGroups"), VPORT(DNSPort), - V(DNSListenAddress, LINELIST, NULL), + OBSOLETE("DNSListenAddress"), V(DownloadExtraInfo, BOOL, "0"), V(TestingEnableConnBwEvent, BOOL, "0"), V(TestingEnableCellStatsEvent, BOOL, "0"), @@ -304,7 +306,7 @@ static config_var_t option_vars_[] = { V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"), V(ExcludeNodes, ROUTERSET, NULL), V(ExcludeExitNodes, ROUTERSET, NULL), - V(ExcludeSingleHopRelays, BOOL, "1"), + OBSOLETE("ExcludeSingleHopRelays"), V(ExitNodes, ROUTERSET, NULL), V(ExitPolicy, LINELIST, NULL), V(ExitPolicyRejectPrivate, BOOL, "1"), @@ -324,7 +326,7 @@ static config_var_t option_vars_[] = { OBSOLETE("FallbackNetworkstatusFile"), V(FascistFirewall, BOOL, "0"), V(FirewallPorts, CSV, ""), - V(FastFirstHopPK, AUTOBOOL, "auto"), + OBSOLETE("FastFirstHopPK"), V(FetchDirInfoEarly, BOOL, "0"), V(FetchDirInfoExtraEarly, BOOL, "0"), V(FetchServerDescriptors, BOOL, "1"), @@ -361,8 +363,8 @@ static config_var_t option_vars_[] = { VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL), VAR("HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option, "1"), V(HidServAuth, LINELIST, NULL), - V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"), - V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"), + OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"), + OBSOLETE("CloseHSServiceRendCircuitsImmediatelyOnTimeout"), V(HiddenServiceSingleHopMode, BOOL, "0"), V(HiddenServiceNonAnonymousMode,BOOL, "0"), V(HTTPProxy, STRING, NULL), @@ -396,20 +398,20 @@ static config_var_t option_vars_[] = { V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), V(MaxUnparseableDescSizeToLog, MEMUNIT, "10 MB"), V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"), - V(MyFamily, STRING, NULL), + VAR("MyFamily", LINELIST, MyFamily_lines, NULL), V(NewCircuitPeriod, INTERVAL, "30 seconds"), OBSOLETE("NamingAuthoritativeDirectory"), - V(NATDListenAddress, LINELIST, NULL), + OBSOLETE("NATDListenAddress"), VPORT(NATDPort), V(Nickname, STRING, NULL), - V(PredictedPortsRelevanceTime, INTERVAL, "1 hour"), - V(WarnUnsafeSocks, BOOL, "1"), + OBSOLETE("PredictedPortsRelevanceTime"), + OBSOLETE("WarnUnsafeSocks"), VAR("NodeFamily", LINELIST, NodeFamilies, NULL), V(NumCPUs, UINT, "0"), V(NumDirectoryGuards, UINT, "0"), V(NumEntryGuards, UINT, "0"), V(OfflineMasterKey, BOOL, "0"), - V(ORListenAddress, LINELIST, NULL), + OBSOLETE("ORListenAddress"), VPORT(ORPort), V(OutboundBindAddress, LINELIST, NULL), V(OutboundBindAddressOR, LINELIST, NULL), @@ -459,6 +461,8 @@ static config_var_t option_vars_[] = { V(RecommendedClientVersions, LINELIST, NULL), V(RecommendedServerVersions, LINELIST, NULL), V(RecommendedPackages, LINELIST, NULL), + V(ReducedConnectionPadding, BOOL, "0"), + V(ConnectionPadding, AUTOBOOL, "auto"), V(RefuseUnknownExits, AUTOBOOL, "auto"), V(RejectPlaintextPorts, CSV, ""), V(RelayBandwidthBurst, MEMUNIT, "0"), @@ -482,7 +486,7 @@ static config_var_t option_vars_[] = { V(SchedulerHighWaterMark__, MEMUNIT, "101 MB"), V(SchedulerMaxFlushCells__, UINT, "1000"), V(ShutdownWaitLength, INTERVAL, "30 seconds"), - V(SocksListenAddress, LINELIST, NULL), + OBSOLETE("SocksListenAddress"), V(SocksPolicy, LINELIST, NULL), VPORT(SocksPort), V(SocksTimeout, INTERVAL, "2 minutes"), @@ -495,10 +499,10 @@ static config_var_t option_vars_[] = { V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"), V(Tor2webMode, BOOL, "0"), V(Tor2webRendezvousPoints, ROUTERSET, NULL), - V(TLSECGroup, STRING, NULL), + OBSOLETE("TLSECGroup"), V(TrackHostExits, CSV, NULL), V(TrackHostExitsExpire, INTERVAL, "30 minutes"), - V(TransListenAddress, LINELIST, NULL), + OBSOLETE("TransListenAddress"), VPORT(TransPort), V(TransProxyType, STRING, "default"), OBSOLETE("TunnelDirConns"), @@ -663,35 +667,8 @@ static const config_deprecation_t option_deprecation_notes_[] = { /* Deprecated since 0.2.9.2-alpha... */ { "AllowDotExit", "Unrestricted use of the .exit notation can be used for " "a wide variety of application-level attacks." }, - { "AllowInvalidNodes", "There is no reason to enable this option; at best " - "it will make you easier to track." }, - { "AllowSingleHopCircuits", "Almost no relays actually allow single-hop " - "exits, making this option pointless." }, - { "AllowSingleHopExits", "Turning this on will make your relay easier " - "to abuse." }, { "ClientDNSRejectInternalAddresses", "Turning this on makes your client " "easier to fingerprint, and may open you to esoteric attacks." }, - { "ExcludeSingleHopRelays", "Turning it on makes your client easier to " - "fingerprint." }, - { "FastFirstHopPK", "Changing this option does not make your client more " - "secure, but does make it easier to fingerprint." }, - { "CloseHSClientCircuitsImmediatelyOnTimeout", "This option makes your " - "client easier to fingerprint." }, - { "CloseHSServiceRendCircuitsImmediatelyOnTimeout", "This option makes " - "your hidden services easier to fingerprint." }, - { "WarnUnsafeSocks", "Changing this option makes it easier for you " - "to accidentally lose your anonymity by leaking DNS information" }, - { "TLSECGroup", "The default is a nice secure choice; the other option " - "is less secure." }, - { "ControlListenAddress", "Use ControlPort instead." }, - { "DirListenAddress", "Use DirPort instead, possibly with the " - "NoAdvertise sub-option" }, - { "DNSListenAddress", "Use DNSPort instead." }, - { "SocksListenAddress", "Use SocksPort instead." }, - { "TransListenAddress", "Use TransPort instead." }, - { "NATDListenAddress", "Use NATDPort instead." }, - { "ORListenAddress", "Use ORPort instead, possibly with the " - "NoAdvertise sub-option" }, /* End of options deprecated since 0.2.9.2-alpha. */ { NULL, NULL } @@ -708,7 +685,9 @@ static int options_transition_affects_workers( const or_options_t *old_options, const or_options_t *new_options); static int options_transition_affects_descriptor( const or_options_t *old_options, const or_options_t *new_options); -static int check_nickname_list(char **lst, const char *name, char **msg); +static int normalize_nickname_list(config_line_t **normalized_out, + const config_line_t *lst, const char *name, + char **msg); static char *get_bindaddr_from_transport_listen_line(const char *line, const char *transport); static int parse_ports(or_options_t *options, int validate_only, @@ -916,6 +895,7 @@ or_options_free(or_options_t *options) tor_free(options->BridgePassword_AuthDigest_); tor_free(options->command_arg); tor_free(options->master_key_fname); + config_free_lines(options->MyFamily); config_free(&options_format, options); } @@ -1554,23 +1534,6 @@ get_effective_bwburst(const or_options_t *options) return (uint32_t)bw; } -/** Return True if any changes from <b>old_options</b> to - * <b>new_options</b> needs us to refresh our TLS context. */ -static int -options_transition_requires_fresh_tls_context(const or_options_t *old_options, - const or_options_t *new_options) -{ - tor_assert(new_options); - - if (!old_options) - return 0; - - if (!opt_streq(old_options->TLSECGroup, new_options->TLSECGroup)) - return 1; - - return 0; -} - /** * Return true if changing the configuration from <b>old</b> to <b>new</b> * affects the guard susbsystem. @@ -1789,13 +1752,6 @@ options_act(const or_options_t *old_options) log_warn(LD_BUG,"Error initializing keys; exiting"); return -1; } - } else if (old_options && - options_transition_requires_fresh_tls_context(old_options, - options)) { - if (router_initialize_tls_context() < 0) { - log_warn(LD_BUG,"Error initializing TLS context."); - return -1; - } } /* Write our PID to the PID file. If we do not have write permissions we @@ -2819,10 +2775,10 @@ compute_publishserverdescriptor(or_options_t *options) #define MIN_REND_POST_PERIOD (10*60) #define MIN_REND_POST_PERIOD_TESTING (5) -/** Highest allowable value for PredictedPortsRelevanceTime; if this is - * too high, our selection of exits will decrease for an extended - * period of time to an uncomfortable level .*/ -#define MAX_PREDICTED_CIRCS_RELEVANCE (60*60) +/** Highest allowable value for CircuitsAvailableTimeout. + * If this is too large, client connections will stay open for too long, + * incurring extra padding overhead. */ +#define MAX_CIRCS_AVAILABLE_TIME (24*60*60) /** Highest allowable value for RendPostPeriod. */ #define MAX_DIR_PERIOD ((7*24*60*60)/2) @@ -3008,6 +2964,10 @@ options_validate(or_options_t *old_options, or_options_t *options, tor_assert(msg); *msg = NULL; + if (parse_ports(options, 1, msg, &n_ports, + &world_writable_control_socket) < 0) + return -1; + /* Set UseEntryGuards from the configured value, before we check it below. * We change UseEntryGuards when it's incompatible with other options, * but leave UseEntryGuards_option with the original value. @@ -3026,10 +2986,6 @@ options_validate(or_options_t *old_options, or_options_t *options, "for details.", uname); } - if (parse_ports(options, 1, msg, &n_ports, - &world_writable_control_socket) < 0) - return -1; - if (parse_outbound_addresses(options, 1, msg) < 0) return -1; @@ -3122,14 +3078,12 @@ options_validate(or_options_t *old_options, or_options_t *options, if (strcasecmp(options->TransProxyType, "default") && !options->TransPort_set) { - REJECT("Cannot use TransProxyType without any valid TransPort or " - "TransListenAddress."); + REJECT("Cannot use TransProxyType without any valid TransPort."); } } #else if (options->TransPort_set) - REJECT("TransPort and TransListenAddress are disabled " - "in this build."); + REJECT("TransPort is disabled in this build."); #endif if (options->TokenBucketRefillInterval <= 0 @@ -3166,15 +3120,6 @@ options_validate(or_options_t *old_options, or_options_t *options, } } - if (options->TLSECGroup && (strcasecmp(options->TLSECGroup, "P256") && - strcasecmp(options->TLSECGroup, "P224"))) { - COMPLAIN("Unrecognized TLSECGroup: Falling back to the default."); - tor_free(options->TLSECGroup); - } - if (!evaluate_ecgroup_for_tls(options->TLSECGroup)) { - REJECT("Unsupported TLSECGroup."); - } - if (options->ExcludeNodes && options->StrictNodes) { COMPLAIN("You have asked to exclude certain relays from all positions " "in your circuits. Expect hidden services and other Tor " @@ -3382,28 +3327,6 @@ options_validate(or_options_t *old_options, or_options_t *options, server_mode(options)); options->MaxMemInQueues_low_threshold = (options->MaxMemInQueues / 4) * 3; - options->AllowInvalid_ = 0; - - if (options->AllowInvalidNodes) { - SMARTLIST_FOREACH_BEGIN(options->AllowInvalidNodes, const char *, cp) { - if (!strcasecmp(cp, "entry")) - options->AllowInvalid_ |= ALLOW_INVALID_ENTRY; - else if (!strcasecmp(cp, "exit")) - options->AllowInvalid_ |= ALLOW_INVALID_EXIT; - else if (!strcasecmp(cp, "middle")) - options->AllowInvalid_ |= ALLOW_INVALID_MIDDLE; - else if (!strcasecmp(cp, "introduction")) - options->AllowInvalid_ |= ALLOW_INVALID_INTRODUCTION; - else if (!strcasecmp(cp, "rendezvous")) - options->AllowInvalid_ |= ALLOW_INVALID_RENDEZVOUS; - else { - tor_asprintf(msg, - "Unrecognized value '%s' in AllowInvalidNodes", cp); - return -1; - } - } SMARTLIST_FOREACH_END(cp); - } - if (!options->SafeLogging || !strcasecmp(options->SafeLogging, "0")) { options->SafeLogging_ = SAFELOG_SCRUB_NONE; @@ -3439,6 +3362,14 @@ options_validate(or_options_t *old_options, or_options_t *options, options->DirPort_set = 0; } + if (server_mode(options) && options->ConnectionPadding != -1) { + REJECT("Relays must use 'auto' for the ConnectionPadding setting."); + } + + if (server_mode(options) && options->ReducedConnectionPadding != 0) { + REJECT("Relays cannot set ReducedConnectionPadding. "); + } + if (options->MinUptimeHidServDirectoryV2 < 0) { log_warn(LD_CONFIG, "MinUptimeHidServDirectoryV2 option must be at " "least 0 seconds. Changing to 0."); @@ -3460,17 +3391,17 @@ options_validate(or_options_t *old_options, or_options_t *options, options->RendPostPeriod = MAX_DIR_PERIOD; } - if (options->PredictedPortsRelevanceTime > - MAX_PREDICTED_CIRCS_RELEVANCE) { - log_warn(LD_CONFIG, "PredictedPortsRelevanceTime is too large; " - "clipping to %ds.", MAX_PREDICTED_CIRCS_RELEVANCE); - options->PredictedPortsRelevanceTime = MAX_PREDICTED_CIRCS_RELEVANCE; - } - /* Check the Single Onion Service options */ if (options_validate_single_onion(options, msg) < 0) return -1; + if (options->CircuitsAvailableTimeout > MAX_CIRCS_AVAILABLE_TIME) { + // options_t is immutable for new code (the above code is older), + // so just make the user fix the value themselves rather than + // silently keep a shadow value lower than what they asked for. + REJECT("CircuitsAvailableTimeout is too large. Max is 24 hours."); + } + #ifdef ENABLE_TOR2WEB_MODE if (options->Tor2webMode && options->UseEntryGuards) { /* tor2web mode clients do not (and should not) use entry guards @@ -3559,7 +3490,7 @@ options_validate(or_options_t *old_options, or_options_t *options, int severity = LOG_NOTICE; /* Be a little quieter if we've deliberately disabled * LearnCircuitBuildTimeout. */ - if (circuit_build_times_disabled(options)) { + if (circuit_build_times_disabled_(options, 1)) { severity = LOG_INFO; } log_fn(severity, LD_CONFIG, "You disabled LearnCircuitBuildTimeout, but " @@ -3889,13 +3820,14 @@ options_validate(or_options_t *old_options, or_options_t *options, "have it group-readable."); } - if (options->MyFamily && options->BridgeRelay) { + if (options->MyFamily_lines && options->BridgeRelay) { log_warn(LD_CONFIG, "Listing a family for a bridge relay is not " "supported: it can reveal bridge fingerprints to censors. " "You should also make sure you aren't listing this bridge's " "fingerprint in any other MyFamily."); } - if (check_nickname_list(&options->MyFamily, "MyFamily", msg)) + if (normalize_nickname_list(&options->MyFamily, + options->MyFamily_lines, "MyFamily", msg)) return -1; for (cl = options->NodeFamilies; cl; cl = cl->next) { routerset_t *rs = routerset_new(); @@ -4092,13 +4024,6 @@ options_validate(or_options_t *old_options, or_options_t *options, "AlternateDirAuthority and AlternateBridgeAuthority configured."); } - if (options->AllowSingleHopExits && !options->DirAuthorities) { - COMPLAIN("You have set AllowSingleHopExits; now your relay will allow " - "others to make one-hop exits. However, since by default most " - "clients avoid relays that set this option, most clients will " - "ignore you."); - } - #define CHECK_DEFAULT(arg) \ STMT_BEGIN \ if (!options->TestingTorNetwork && \ @@ -4603,7 +4528,7 @@ options_transition_affects_descriptor(const or_options_t *old_options, get_effective_bwburst(old_options) != get_effective_bwburst(new_options) || !opt_streq(old_options->ContactInfo, new_options->ContactInfo) || - !opt_streq(old_options->MyFamily, new_options->MyFamily) || + !config_lines_eq(old_options->MyFamily, new_options->MyFamily) || !opt_streq(old_options->AccountingStart, new_options->AccountingStart) || old_options->AccountingMax != new_options->AccountingMax || old_options->AccountingRule != new_options->AccountingRule || @@ -4699,27 +4624,36 @@ get_default_conf_file(int defaults_file) #endif } -/** Verify whether lst is a string containing valid-looking comma-separated - * nicknames, or NULL. Will normalise <b>lst</b> to prefix '$' to any nickname - * or fingerprint that needs it. Return 0 on success. +/** Verify whether lst is a list of strings containing valid-looking + * comma-separated nicknames, or NULL. Will normalise <b>lst</b> to prefix '$' + * to any nickname or fingerprint that needs it. Also splits comma-separated + * list elements into multiple elements. Return 0 on success. * Warn and return -1 on failure. */ static int -check_nickname_list(char **lst, const char *name, char **msg) +normalize_nickname_list(config_line_t **normalized_out, + const config_line_t *lst, const char *name, + char **msg) { - int r = 0; - smartlist_t *sl; - int changes = 0; - - if (!*lst) + if (!lst) return 0; - sl = smartlist_new(); - smartlist_split_string(sl, *lst, ",", - SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK|SPLIT_STRIP_SPACE, 0); + config_line_t *new_nicknames = NULL; + config_line_t **new_nicknames_next = &new_nicknames; + + const config_line_t *cl; + for (cl = lst; cl; cl = cl->next) { + const char *line = cl->value; + if (!line) + continue; - SMARTLIST_FOREACH_BEGIN(sl, char *, s) + int valid_line = 1; + smartlist_t *sl = smartlist_new(); + smartlist_split_string(sl, line, ",", + SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK|SPLIT_STRIP_SPACE, 0); + SMARTLIST_FOREACH_BEGIN(sl, char *, s) { + char *normalized = NULL; if (!is_legal_nickname_or_hexdigest(s)) { // check if first char is dollar if (s[0] != '$') { @@ -4728,36 +4662,45 @@ check_nickname_list(char **lst, const char *name, char **msg) tor_asprintf(&prepended, "$%s", s); if (is_legal_nickname_or_hexdigest(prepended)) { - // The nickname is valid when it's prepended, swap the current - // version with a prepended one - tor_free(s); - SMARTLIST_REPLACE_CURRENT(sl, s, prepended); - changes = 1; - continue; + // The nickname is valid when it's prepended, set it as the + // normalized version + normalized = prepended; + } else { + // Still not valid, free and fallback to error message + tor_free(prepended); } - - // Still not valid, free and fallback to error message - tor_free(prepended); } - tor_asprintf(msg, "Invalid nickname '%s' in %s line", s, name); - r = -1; - break; + if (!normalized) { + tor_asprintf(msg, "Invalid nickname '%s' in %s line", s, name); + valid_line = 0; + break; + } + } else { + normalized = tor_strdup(s); } - } - SMARTLIST_FOREACH_END(s); - // Replace the caller's nickname list with a fixed one - if (changes && r == 0) { - char *newNicknames = smartlist_join_strings(sl, ", ", 0, NULL); - tor_free(*lst); - *lst = newNicknames; + config_line_t *next = tor_malloc_zero(sizeof(*next)); + next->key = tor_strdup(cl->key); + next->value = normalized; + next->next = NULL; + + *new_nicknames_next = next; + new_nicknames_next = &next->next; + } SMARTLIST_FOREACH_END(s); + + SMARTLIST_FOREACH(sl, char *, s, tor_free(s)); + smartlist_free(sl); + + if (!valid_line) { + config_free_lines(new_nicknames); + return -1; + } } - SMARTLIST_FOREACH(sl, char *, s, tor_free(s)); - smartlist_free(sl); + *normalized_out = new_nicknames; - return r; + return 0; } /** Learn config file name from command line arguments, or use the default. @@ -5113,6 +5056,7 @@ options_init_from_string(const char *cf_defaults, const char *cf, config_line_t *cl; int retval; setopt_err_t err = SETOPT_ERR_MISC; + int cf_has_include; tor_assert(msg); oldoptions = global_options; /* get_options unfortunately asserts if @@ -5129,7 +5073,8 @@ options_init_from_string(const char *cf_defaults, const char *cf, if (!body) continue; /* get config lines, assign them */ - retval = config_get_lines(body, &cl, 1); + retval = config_get_lines_include(body, &cl, 1, + body == cf ? &cf_has_include : NULL); if (retval < 0) { err = SETOPT_ERR_PARSE; goto err; @@ -5157,6 +5102,8 @@ options_init_from_string(const char *cf_defaults, const char *cf, goto err; } + newoptions->IncludeUsed = cf_has_include; + /* If this is a testing network configuration, change defaults * for a list of dependent config options, re-initialize newoptions * with the new defaults, and assign all options to it second time. */ @@ -5200,7 +5147,8 @@ options_init_from_string(const char *cf_defaults, const char *cf, if (!body) continue; /* get config lines, assign them */ - retval = config_get_lines(body, &cl, 1); + retval = config_get_lines_include(body, &cl, 1, + body == cf ? &cf_has_include : NULL); if (retval < 0) { err = SETOPT_ERR_PARSE; goto err; @@ -5223,6 +5171,8 @@ options_init_from_string(const char *cf_defaults, const char *cf, } } + newoptions->IncludeUsed = cf_has_include; + /* Validate newoptions */ if (options_validate(oldoptions, newoptions, newdefaultoptions, 0, msg) < 0) { @@ -6459,14 +6409,9 @@ warn_client_dns_cache(const char *option, int disabling) /** * Parse port configuration for a single port type. * - * Read entries of the "FooPort" type from the list <b>ports</b>, and - * entries of the "FooListenAddress" type from the list - * <b>listenaddrs</b>. Two syntaxes are supported: a legacy syntax - * where FooPort is at most a single entry containing a port number and - * where FooListenAddress has any number of address:port combinations; - * and a new syntax where there are no FooListenAddress entries and - * where FooPort can have any number of entries of the format - * "[Address:][Port] IsolationOptions". + * Read entries of the "FooPort" type from the list <b>ports</b>. Syntax is + * that FooPort can have any number of entries of the format + * "[Address:][Port] IsolationOptions". * * In log messages, describe the port type as <b>portname</b>. * @@ -6480,9 +6425,6 @@ warn_client_dns_cache(const char *option, int disabling) * ports are not on a local address. If CL_PORT_FORBID_NONLOCAL is set, * this is a control port with no password set: don't even allow it. * - * Unless CL_PORT_ALLOW_EXTRA_LISTENADDR is set in <b>flags</b>, warn - * if FooListenAddress is set but FooPort is 0. - * * If CL_PORT_SERVER_OPTIONS is set in <b>flags</b>, do not allow stream * isolation options in the FooPort entries; instead allow the * server-port option set. @@ -6497,7 +6439,6 @@ warn_client_dns_cache(const char *option, int disabling) STATIC int parse_port_config(smartlist_t *out, const config_line_t *ports, - const config_line_t *listenaddrs, const char *portname, int listener_type, const char *defaultaddr, @@ -6514,90 +6455,12 @@ parse_port_config(smartlist_t *out, const unsigned forbid_nonlocal = flags & CL_PORT_FORBID_NONLOCAL; const unsigned default_to_group_writable = flags & CL_PORT_DFLT_GROUP_WRITABLE; - const unsigned allow_spurious_listenaddr = - flags & CL_PORT_ALLOW_EXTRA_LISTENADDR; const unsigned takes_hostnames = flags & CL_PORT_TAKES_HOSTNAMES; const unsigned is_unix_socket = flags & CL_PORT_IS_UNIXSOCKET; int got_zero_port=0, got_nonzero_port=0; char *unix_socket_path = NULL; - /* FooListenAddress is deprecated; let's make it work like it used to work, - * though. */ - if (listenaddrs) { - int mainport = defaultport; - - if (ports && ports->next) { - log_warn(LD_CONFIG, "%sListenAddress can't be used when there are " - "multiple %sPort lines", portname, portname); - return -1; - } else if (ports) { - if (!strcmp(ports->value, "auto")) { - mainport = CFG_AUTO_PORT; - } else { - int ok; - mainport = (int)tor_parse_long(ports->value, 10, 0, 65535, &ok, NULL); - if (!ok) { - log_warn(LD_CONFIG, "%sListenAddress can only be used with a single " - "%sPort with value \"auto\" or 1-65535 and no options set.", - portname, portname); - return -1; - } - } - } - - if (mainport == 0) { - if (allow_spurious_listenaddr) - return 1; /*DOCDOC*/ - log_warn(LD_CONFIG, "%sPort must be defined if %sListenAddress is used", - portname, portname); - return -1; - } - - if (use_server_options && out) { - /* Add a no_listen port. */ - port_cfg_t *cfg = port_cfg_new(0); - cfg->type = listener_type; - cfg->port = mainport; - tor_addr_make_unspec(&cfg->addr); /* Server ports default to 0.0.0.0 */ - cfg->server_cfg.no_listen = 1; - cfg->server_cfg.bind_ipv4_only = 1; - /* cfg->entry_cfg defaults are already set by port_cfg_new */ - smartlist_add(out, cfg); - } - - for (; listenaddrs; listenaddrs = listenaddrs->next) { - tor_addr_t addr; - uint16_t port = 0; - if (tor_addr_port_lookup(listenaddrs->value, &addr, &port) < 0) { - log_warn(LD_CONFIG, "Unable to parse %sListenAddress '%s'", - portname, listenaddrs->value); - return -1; - } - if (out) { - port_cfg_t *cfg = port_cfg_new(0); - cfg->type = listener_type; - cfg->port = port ? port : mainport; - tor_addr_copy(&cfg->addr, &addr); - cfg->entry_cfg.session_group = SESSION_GROUP_UNSET; - cfg->entry_cfg.isolation_flags = ISO_DEFAULT; - cfg->server_cfg.no_advertise = 1; - smartlist_add(out, cfg); - } - } - - if (warn_nonlocal && out) { - if (is_control) - warn_nonlocal_controller_ports(out, forbid_nonlocal); - else if (is_ext_orport) - warn_nonlocal_ext_orports(out, portname); - else - warn_nonlocal_client_ports(out, portname, listener_type); - } - return 0; - } /* end if (listenaddrs) */ - - /* No ListenAddress lines. If there's no FooPort, then maybe make a default - * one. */ + /* If there's no FooPort, then maybe make a default one. */ if (! ports) { if (defaultport && defaultaddr && out) { port_cfg_t *cfg = port_cfg_new(is_unix_socket ? strlen(defaultaddr) : 0); @@ -7068,36 +6931,35 @@ parse_ports(or_options_t *options, int validate_only, const unsigned gw_flag = options->SocksSocketsGroupWritable ? CL_PORT_DFLT_GROUP_WRITABLE : 0; if (parse_port_config(ports, - options->SocksPort_lines, options->SocksListenAddress, + options->SocksPort_lines, "Socks", CONN_TYPE_AP_LISTENER, "127.0.0.1", 9050, - CL_PORT_WARN_NONLOCAL|CL_PORT_ALLOW_EXTRA_LISTENADDR| - CL_PORT_TAKES_HOSTNAMES|gw_flag) < 0) { - *msg = tor_strdup("Invalid SocksPort/SocksListenAddress configuration"); + CL_PORT_WARN_NONLOCAL|CL_PORT_TAKES_HOSTNAMES|gw_flag) < 0) { + *msg = tor_strdup("Invalid SocksPort configuration"); goto err; } if (parse_port_config(ports, - options->DNSPort_lines, options->DNSListenAddress, + options->DNSPort_lines, "DNS", CONN_TYPE_AP_DNS_LISTENER, "127.0.0.1", 0, CL_PORT_WARN_NONLOCAL|CL_PORT_TAKES_HOSTNAMES) < 0) { - *msg = tor_strdup("Invalid DNSPort/DNSListenAddress configuration"); + *msg = tor_strdup("Invalid DNSPort configuration"); goto err; } if (parse_port_config(ports, - options->TransPort_lines, options->TransListenAddress, + options->TransPort_lines, "Trans", CONN_TYPE_AP_TRANS_LISTENER, "127.0.0.1", 0, CL_PORT_WARN_NONLOCAL) < 0) { - *msg = tor_strdup("Invalid TransPort/TransListenAddress configuration"); + *msg = tor_strdup("Invalid TransPort configuration"); goto err; } if (parse_port_config(ports, - options->NATDPort_lines, options->NATDListenAddress, + options->NATDPort_lines, "NATD", CONN_TYPE_AP_NATD_LISTENER, "127.0.0.1", 0, CL_PORT_WARN_NONLOCAL) < 0) { - *msg = tor_strdup("Invalid NatdPort/NatdListenAddress configuration"); + *msg = tor_strdup("Invalid NatdPort configuration"); goto err; } { @@ -7113,16 +6975,14 @@ parse_ports(or_options_t *options, int validate_only, if (parse_port_config(ports, options->ControlPort_lines, - options->ControlListenAddress, "Control", CONN_TYPE_CONTROL_LISTENER, "127.0.0.1", 0, control_port_flags) < 0) { - *msg = tor_strdup("Invalid ControlPort/ControlListenAddress " - "configuration"); + *msg = tor_strdup("Invalid ControlPort configuration"); goto err; } - if (parse_port_config(ports, options->ControlSocket, NULL, + if (parse_port_config(ports, options->ControlSocket, "ControlSocket", CONN_TYPE_CONTROL_LISTENER, NULL, 0, control_port_flags | CL_PORT_IS_UNIXSOCKET) < 0) { @@ -7132,15 +6992,15 @@ parse_ports(or_options_t *options, int validate_only, } if (! options->ClientOnly) { if (parse_port_config(ports, - options->ORPort_lines, options->ORListenAddress, + options->ORPort_lines, "OR", CONN_TYPE_OR_LISTENER, "0.0.0.0", 0, CL_PORT_SERVER_OPTIONS) < 0) { - *msg = tor_strdup("Invalid ORPort/ORListenAddress configuration"); + *msg = tor_strdup("Invalid ORPort configuration"); goto err; } if (parse_port_config(ports, - options->ExtORPort_lines, NULL, + options->ExtORPort_lines, "ExtOR", CONN_TYPE_EXT_OR_LISTENER, "127.0.0.1", 0, CL_PORT_SERVER_OPTIONS|CL_PORT_WARN_NONLOCAL) < 0) { @@ -7148,11 +7008,11 @@ parse_ports(or_options_t *options, int validate_only, goto err; } if (parse_port_config(ports, - options->DirPort_lines, options->DirListenAddress, + options->DirPort_lines, "Dir", CONN_TYPE_DIR_LISTENER, "0.0.0.0", 0, CL_PORT_SERVER_OPTIONS) < 0) { - *msg = tor_strdup("Invalid DirPort/DirListenAddress configuration"); + *msg = tor_strdup("Invalid DirPort configuration"); goto err; } } diff --git a/src/or/config.h b/src/or/config.h index bb7802c990..27aec7fe3d 100644 --- a/src/or/config.h +++ b/src/or/config.h @@ -157,7 +157,7 @@ smartlist_t *get_options_for_server_transport(const char *transport); #define CL_PORT_NO_STREAM_OPTIONS (1u<<0) #define CL_PORT_WARN_NONLOCAL (1u<<1) -#define CL_PORT_ALLOW_EXTRA_LISTENADDR (1u<<2) +/* Was CL_PORT_ALLOW_EXTRA_LISTENADDR (1u<<2) */ #define CL_PORT_SERVER_OPTIONS (1u<<3) #define CL_PORT_FORBID_NONLOCAL (1u<<4) #define CL_PORT_TAKES_HOSTNAMES (1u<<5) @@ -193,7 +193,6 @@ STATIC int have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem, char **msg); STATIC int parse_port_config(smartlist_t *out, const config_line_t *ports, - const config_line_t *listenaddrs, const char *portname, int listener_type, const char *defaultaddr, diff --git a/src/or/confparse.c b/src/or/confparse.c index 75ec92e30f..abae7e33dc 100644 --- a/src/or/confparse.c +++ b/src/or/confparse.c @@ -1190,8 +1190,6 @@ config_parse_msec_interval(const char *s, int *ok) { uint64_t r; r = config_parse_units(s, time_msec_units, ok); - if (!ok) - return -1; if (r > INT_MAX) { log_warn(LD_CONFIG, "Msec interval '%s' is too long", s); *ok = 0; @@ -1209,8 +1207,6 @@ config_parse_interval(const char *s, int *ok) { uint64_t r; r = config_parse_units(s, time_units, ok); - if (!ok) - return -1; if (r > INT_MAX) { log_warn(LD_CONFIG, "Interval '%s' is too long", s); *ok = 0; diff --git a/src/or/confparse.h b/src/or/confparse.h index 6f5c681ba8..9c4205d07c 100644 --- a/src/or/confparse.h +++ b/src/or/confparse.h @@ -124,7 +124,6 @@ const char *config_find_deprecation(const config_format_t *fmt, const char *key); const config_var_t *config_find_option(const config_format_t *fmt, const char *key); - const char *config_expand_abbrev(const config_format_t *fmt, const char *option, int command_line, int warn_obsolete); diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index d1728eca6d..fd9c97bd3d 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1987,8 +1987,8 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) socklen_t orig_dst_len = sizeof(orig_dst); tor_addr_t addr; -#ifdef TRANS_TRPOXY - if (options->TransProxyType_parsed == TPT_TPROXY) { +#ifdef TRANS_TPROXY + if (get_options()->TransProxyType_parsed == TPT_TPROXY) { if (getsockname(ENTRY_TO_CONN(conn)->s, (struct sockaddr*)&orig_dst, &orig_dst_len) < 0) { int e = tor_socket_errno(ENTRY_TO_CONN(conn)->s); @@ -3133,15 +3133,13 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) port = bcell.port; if (or_circ && or_circ->p_chan) { - if (!options->AllowSingleHopExits && - (or_circ->is_first_hop || - (!connection_or_digest_is_known_relay( + if ((or_circ->is_first_hop || + (!connection_or_digest_is_known_relay( or_circ->p_chan->identity_digest) && should_refuse_unknown_exits(options)))) { - /* Don't let clients use us as a single-hop proxy, unless the user - * has explicitly allowed that in the config. It attracts attackers - * and users who'd be better off with, well, single-hop proxies. - */ + /* Don't let clients use us as a single-hop proxy. It attracts + * attackers and users who'd be better off with, well, single-hop + * proxies. */ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Attempt by %s to open a stream %s. Closing.", safe_str(channel_get_canonical_remote_descr(or_circ->p_chan)), diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 61da43e119..280f8f70ad 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -55,6 +55,7 @@ #include "ext_orport.h" #include "scheduler.h" #include "torcert.h" +#include "channelpadding.h" static int connection_tls_finish_handshake(or_connection_t *conn); static int connection_or_launch_v3_or_handshake(or_connection_t *conn); @@ -814,24 +815,6 @@ connection_or_update_token_buckets(smartlist_t *conns, }); } -/** How long do we wait before killing non-canonical OR connections with no - * circuits? In Tor versions up to 0.2.1.25 and 0.2.2.12-alpha, we waited 15 - * minutes before cancelling these connections, which caused fast relays to - * accrue many many idle connections. Hopefully 3-4.5 minutes is low enough - * that it kills most idle connections, without being so low that we cause - * clients to bounce on and off. - * - * For canonical connections, the limit is higher, at 15-22.5 minutes. - * - * For each OR connection, we randomly add up to 50% extra to its idle_timeout - * field, to avoid exposing when exactly the last circuit closed. Since we're - * storing idle_timeout in a uint16_t, don't let these values get higher than - * 12 hours or so without revising connection_or_set_canonical and/or expanding - * idle_timeout. - */ -#define IDLE_OR_CONN_TIMEOUT_NONCANONICAL 180 -#define IDLE_OR_CONN_TIMEOUT_CANONICAL 900 - /* Mark <b>or_conn</b> as canonical if <b>is_canonical</b> is set, and * non-canonical otherwise. Adjust idle_timeout accordingly. */ @@ -839,9 +822,6 @@ void connection_or_set_canonical(or_connection_t *or_conn, int is_canonical) { - const unsigned int timeout_base = is_canonical ? - IDLE_OR_CONN_TIMEOUT_CANONICAL : IDLE_OR_CONN_TIMEOUT_NONCANONICAL; - if (bool_eq(is_canonical, or_conn->is_canonical) && or_conn->idle_timeout != 0) { /* Don't recalculate an existing idle_timeout unless the canonical @@ -850,7 +830,14 @@ connection_or_set_canonical(or_connection_t *or_conn, } or_conn->is_canonical = !! is_canonical; /* force to a 1-bit boolean */ - or_conn->idle_timeout = timeout_base + crypto_rand_int(timeout_base / 2); + or_conn->idle_timeout = channelpadding_get_channel_idle_timeout( + TLS_CHAN_TO_BASE(or_conn->chan), is_canonical); + + log_info(LD_CIRC, + "Channel " U64_FORMAT " chose an idle timeout of %d.", + or_conn->chan ? + U64_PRINTF_ARG(TLS_CHAN_TO_BASE(or_conn->chan)->global_identifier):0, + or_conn->idle_timeout); } /** If we don't necessarily know the router we're connecting to, but we @@ -1053,10 +1040,8 @@ connection_or_group_set_badness_(smartlist_t *group, int force) } if (!best || - channel_is_better(now, - TLS_CHAN_TO_BASE(or_conn->chan), - TLS_CHAN_TO_BASE(best->chan), - 0)) { + channel_is_better(TLS_CHAN_TO_BASE(or_conn->chan), + TLS_CHAN_TO_BASE(best->chan))) { best = or_conn; } } SMARTLIST_FOREACH_END(or_conn); @@ -1084,11 +1069,9 @@ connection_or_group_set_badness_(smartlist_t *group, int force) or_conn->base_.state != OR_CONN_STATE_OPEN) continue; if (or_conn != best && - channel_is_better(now, - TLS_CHAN_TO_BASE(best->chan), - TLS_CHAN_TO_BASE(or_conn->chan), 1)) { - /* This isn't the best conn, _and_ the best conn is better than it, - even when we're being forgiving. */ + channel_is_better(TLS_CHAN_TO_BASE(best->chan), + TLS_CHAN_TO_BASE(or_conn->chan))) { + /* This isn't the best conn, _and_ the best conn is better than it */ if (best->is_canonical) { log_info(LD_OR, "Marking OR conn to %s:%d as unsuitable for new circuits: " @@ -1983,12 +1966,23 @@ connection_or_write_cell_to_buf(const cell_t *cell, or_connection_t *conn) cell_pack(&networkcell, cell, conn->wide_circ_ids); + rep_hist_padding_count_write(PADDING_TYPE_TOTAL); + if (cell->command == CELL_PADDING) + rep_hist_padding_count_write(PADDING_TYPE_CELL); + connection_write_to_buf(networkcell.body, cell_network_size, TO_CONN(conn)); /* Touch the channel's active timestamp if there is one */ - if (conn->chan) + if (conn->chan) { channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan)); + if (TLS_CHAN_TO_BASE(conn->chan)->currently_padding) { + rep_hist_padding_count_write(PADDING_TYPE_ENABLED_TOTAL); + if (cell->command == CELL_PADDING) + rep_hist_padding_count_write(PADDING_TYPE_ENABLED_CELL); + } + } + if (conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3) or_handshake_state_record_cell(conn, conn->handshake_state, cell, 0); } @@ -2094,7 +2088,7 @@ connection_or_process_cells_from_inbuf(or_connection_t *conn) } /** Array of recognized link protocol versions. */ -static const uint16_t or_protocol_versions[] = { 1, 2, 3, 4 }; +static const uint16_t or_protocol_versions[] = { 1, 2, 3, 4, 5 }; /** Number of versions in <b>or_protocol_versions</b>. */ static const int n_or_protocol_versions = (int)( sizeof(or_protocol_versions)/sizeof(uint16_t) ); diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 40008426e9..4261658932 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -109,6 +109,8 @@ void var_cell_free(var_cell_t *cell); /* DOCDOC */ #define MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS 4 +#define MIN_LINK_PROTO_FOR_CHANNEL_PADDING 5 +#define MAX_LINK_PROTO MIN_LINK_PROTO_FOR_CHANNEL_PADDING void connection_or_group_set_badness_(smartlist_t *group, int force); diff --git a/src/or/consdiff.c b/src/or/consdiff.c index c0fe979b60..1baa11897c 100644 --- a/src/or/consdiff.c +++ b/src/or/consdiff.c @@ -65,17 +65,35 @@ line_str_eq(const cdline_t *a, const char *b) return lines_eq(a, &bline); } -/** Add a cdline_t to <b>lst</b> holding as its contents the nul-terminated - * string s. Use the provided memory area for storage. */ -STATIC void -smartlist_add_linecpy(smartlist_t *lst, memarea_t *area, const char *s) +/** Return true iff a begins with the same contents as the nul-terminated + * string b. */ +static int +line_starts_with_str(const cdline_t *a, const char *b) +{ + const size_t len = strlen(b); + tor_assert(len <= UINT32_MAX); + return a->len >= len && fast_memeq(a->s, b, len); +} + +/** Return a new cdline_t holding as its contents the nul-terminated + * string s. Use the provided memory area for storage. */ +static cdline_t * +cdline_linecpy(memarea_t *area, const char *s) { size_t len = strlen(s); const char *ss = memarea_memdup(area, s, len); cdline_t *line = memarea_alloc(area, sizeof(cdline_t)); line->s = ss; line->len = (uint32_t)len; - smartlist_add(lst, line); + return line; +} + +/** Add a cdline_t to <b>lst</b> holding as its contents the nul-terminated + * string s. Use the provided memory area for storage. */ +STATIC void +smartlist_add_linecpy(smartlist_t *lst, memarea_t *area, const char *s) +{ + smartlist_add(lst, cdline_linecpy(area, s)); } /** Compute the digest of <b>cons</b>, and store the result in @@ -91,6 +109,18 @@ consensus_compute_digest,(const char *cons, return r; } +/** Compute the digest-as-signed of <b>cons</b>, and store the result in + * <b>digest_out</b>. Return 0 on success, -1 on failure. */ +/* This is a separate, mockable function so that we can override it when + * fuzzing. */ +MOCK_IMPL(STATIC int, +consensus_compute_digest_as_signed,(const char *cons, + consensus_digest_t *digest_out)) +{ + return router_get_networkstatus_v3_sha3_as_signed(digest_out->sha3_256, + cons); +} + /** Return true iff <b>d1</b> and <b>d2</b> contain the same digest */ /* This is a separate, mockable function so that we can override it when * fuzzing. */ @@ -533,6 +563,42 @@ find_next_router_line(const smartlist_t *cons, return 0; } +/** Line-prefix indicating the beginning of the signatures section that we + * intend to delete. */ +#define START_OF_SIGNATURES_SECTION "directory-signature " + +/** Pre-process a consensus in <b>cons</b> (represented as a list of cdline_t) + * to remove the signatures from it. If the footer is removed, return a + * cdline_t containing a delete command to delete the footer, allocated in + * <b>area</>. If no footer is removed, return NULL. + * + * We remove the signatures here because they are not themselves signed, and + * as such there might be different encodings for them. + */ +static cdline_t * +preprocess_consensus(memarea_t *area, + smartlist_t *cons) +{ + int idx; + int dirsig_idx = -1; + for (idx = 0; idx < smartlist_len(cons); ++idx) { + cdline_t *line = smartlist_get(cons, idx); + if (line_starts_with_str(line, START_OF_SIGNATURES_SECTION)) { + dirsig_idx = idx; + break; + } + } + if (dirsig_idx >= 0) { + char buf[64]; + while (smartlist_len(cons) > dirsig_idx) + smartlist_del(cons, dirsig_idx); + tor_snprintf(buf, sizeof(buf), "%d,$d", dirsig_idx+1); + return cdline_linecpy(area, buf); + } else { + return NULL; + } +} + /** Generate an ed diff as a smartlist from two consensuses, also given as * smartlists. Will return NULL if the diff could not be generated, which can * happen if any lines the script had to add matched "." or if the routers @@ -554,13 +620,22 @@ find_next_router_line(const smartlist_t *cons, * calc_changes(cons1_sl, cons2_sl, changed1, changed2); */ STATIC smartlist_t * -gen_ed_diff(const smartlist_t *cons1, const smartlist_t *cons2, +gen_ed_diff(const smartlist_t *cons1_orig, const smartlist_t *cons2, memarea_t *area) { + smartlist_t *cons1 = smartlist_new(); + smartlist_add_all(cons1, cons1_orig); + cdline_t *remove_trailer = preprocess_consensus(area, cons1); + int len1 = smartlist_len(cons1); int len2 = smartlist_len(cons2); smartlist_t *result = smartlist_new(); + if (remove_trailer) { + /* There's a delete-the-trailer line at the end, so add it here. */ + smartlist_add(result, remove_trailer); + } + /* Initialize the changed bitarrays to zero, so that calc_changes only needs * to set the ones that matter and leave the rest untouched. */ @@ -734,6 +809,7 @@ gen_ed_diff(const smartlist_t *cons1, const smartlist_t *cons2, } } + smartlist_free(cons1); bitarray_free(changed1); bitarray_free(changed2); @@ -741,6 +817,7 @@ gen_ed_diff(const smartlist_t *cons1, const smartlist_t *cons2, error_cleanup: + smartlist_free(cons1); bitarray_free(changed1); bitarray_free(changed2); @@ -799,6 +876,7 @@ apply_ed_diff(const smartlist_t *cons1, const smartlist_t *diff, const char *ptr = diff_line; int start = 0, end = 0; int had_range = 0; + int end_was_eof = 0; if (get_linenum(&ptr, &start) < 0) { log_warn(LD_CONSDIFF, "Could not apply consensus diff because " "an ed command was missing a line number."); @@ -808,7 +886,11 @@ apply_ed_diff(const smartlist_t *cons1, const smartlist_t *diff, /* Two-item range */ had_range = 1; ++ptr; - if (get_linenum(&ptr, &end) < 0) { + if (*ptr == '$') { + end_was_eof = 1; + end = smartlist_len(cons1); + ++ptr; + } else if (get_linenum(&ptr, &end) < 0) { log_warn(LD_CONSDIFF, "Could not apply consensus diff because " "an ed command was missing a range end line number."); goto error_cleanup; @@ -855,6 +937,13 @@ apply_ed_diff(const smartlist_t *cons1, const smartlist_t *diff, goto error_cleanup; } + /** $ is not allowed with non-d actions. */ + if (end_was_eof && action != 'd') { + log_warn(LD_CONSDIFF, "Could not apply consensus diff because " + "it wanted to use $ with a command other than delete"); + goto error_cleanup; + } + /* 'a' commands are not allowed to have ranges. */ if (had_range && action == 'a') { log_warn(LD_CONSDIFF, "Could not apply consensus diff because " @@ -1250,7 +1339,7 @@ consensus_diff_generate(const char *cons1, int r1, r2; char *result = NULL; - r1 = consensus_compute_digest(cons1, &d1); + r1 = consensus_compute_digest_as_signed(cons1, &d1); r2 = consensus_compute_digest(cons2, &d2); if (BUG(r1 < 0 || r2 < 0)) return NULL; // LCOV_EXCL_LINE @@ -1291,7 +1380,7 @@ consensus_diff_apply(const char *consensus, char *result = NULL; memarea_t *area = memarea_new(); - r1 = consensus_compute_digest(consensus, &d1); + r1 = consensus_compute_digest_as_signed(consensus, &d1); if (BUG(r1 < 0)) return NULL; // LCOV_EXCL_LINE @@ -1312,3 +1401,12 @@ consensus_diff_apply(const char *consensus, return result; } +/** Return true iff, based on its header, <b>document</b> is likely + * to be a consensus diff. */ +int +looks_like_a_consensus_diff(const char *document, size_t len) +{ + return (len >= strlen(ns_diff_version) && + fast_memeq(document, ns_diff_version, strlen(ns_diff_version))); +} + diff --git a/src/or/consdiff.h b/src/or/consdiff.h index e9d175136e..d05df74b75 100644 --- a/src/or/consdiff.h +++ b/src/or/consdiff.h @@ -12,6 +12,8 @@ char *consensus_diff_generate(const char *cons1, char *consensus_diff_apply(const char *consensus, const char *diff); +int looks_like_a_consensus_diff(const char *document, size_t len); + #ifdef CONSDIFF_PRIVATE struct memarea_t; @@ -85,6 +87,9 @@ MOCK_DECL(STATIC int, consensus_compute_digest,(const char *cons, consensus_digest_t *digest_out)); MOCK_DECL(STATIC int, + consensus_compute_digest_as_signed,(const char *cons, + consensus_digest_t *digest_out)); +MOCK_DECL(STATIC int, consensus_digest_eq,(const uint8_t *d1, const uint8_t *d2)); #endif diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c index b134578f51..2af104733b 100644 --- a/src/or/consdiffmgr.c +++ b/src/or/consdiffmgr.c @@ -19,6 +19,7 @@ #include "consdiffmgr.h" #include "cpuworker.h" #include "networkstatus.h" +#include "routerparse.h" #include "workqueue.h" /** @@ -31,15 +32,26 @@ /* The valid-after time for a consensus (or for the target consensus of a * diff), encoded as ISO UTC. */ #define LABEL_VALID_AFTER "consensus-valid-after" +/* The fresh-until time for a consensus (or for the target consensus of a + * diff), encoded as ISO UTC. */ +#define LABEL_FRESH_UNTIL "consensus-fresh-until" +/* The valid-until time for a consensus (or for the target consensus of a + * diff), encoded as ISO UTC. */ +#define LABEL_VALID_UNTIL "consensus-valid-until" +/* Comma-separated list of hex-encoded identity digests for the voting + * authorities. */ +#define LABEL_SIGNATORIES "consensus-signatories" /* A hex encoded SHA3 digest of the object, as compressed (if any) */ #define LABEL_SHA3_DIGEST "sha3-digest" /* A hex encoded SHA3 digest of the object before compression. */ #define LABEL_SHA3_DIGEST_UNCOMPRESSED "sha3-digest-uncompressed" +/* A hex encoded SHA3 digest-as-signed of a consensus */ +#define LABEL_SHA3_DIGEST_AS_SIGNED "sha3-digest-as-signed" /* The flavor of the consensus or consensuses diff */ #define LABEL_FLAVOR "consensus-flavor" -/* Diff only: the SHA3 digest of the source consensus. */ +/* Diff only: the SHA3 digest-as-signed of the source consensus. */ #define LABEL_FROM_SHA3_DIGEST "from-sha3-digest" -/* Diff only: the SHA3 digest of the target consensus. */ +/* Diff only: the SHA3 digest-in-full of the target consensus. */ #define LABEL_TARGET_SHA3_DIGEST "target-sha3-digest" /* Diff only: the valid-after date of the source consensus. */ #define LABEL_FROM_VALID_AFTER "from-valid-after" @@ -93,6 +105,36 @@ n_diff_compression_methods(void) return ARRAY_LENGTH(compress_diffs_with); } +/** Which methods do we use for precompressing consensuses? */ +static const compress_method_t compress_consensus_with[] = { + ZLIB_METHOD, +#ifdef HAVE_LZMA + LZMA_METHOD, +#endif +#ifdef HAVE_ZSTD + ZSTD_METHOD, +#endif +}; + +/** How many different methods will we try to use for diff compression? */ +STATIC unsigned +n_consensus_compression_methods(void) +{ + return ARRAY_LENGTH(compress_consensus_with); +} + +/** For which compression method do we retain old consensuses? There's no + * need to keep all of them, since we won't be serving them. We'll + * go with ZLIB_METHOD because it's pretty fast and everyone has it. + */ +#define RETAIN_CONSENSUS_COMPRESSED_WITH_METHOD ZLIB_METHOD + +/** Handles pointing to the latest consensus entries as compressed and + * stored. */ +static consensus_cache_entry_handle_t * + latest_consensus[N_CONSENSUS_FLAVORS] + [ARRAY_LENGTH(compress_consensus_with)]; + /** Hashtable node used to remember the current status of the diff * from a given sha3 digest to the current consensus. */ typedef struct cdm_diff_t { @@ -124,7 +166,6 @@ static HT_HEAD(cdm_diff_ht, cdm_diff_t) cdm_diff_ht = HT_INITIALIZER(); * Configuration for this module */ static consdiff_cfg_t consdiff_cfg = { - /* .cache_max_age_hours = */ 24 * 90, // XXXX I'd like to make this number bigger, but it interferes with the // XXXX seccomp2 syscall filter, which tops out at BPF_MAXINS (4096) // XXXX rules. @@ -132,13 +173,12 @@ static consdiff_cfg_t consdiff_cfg = { }; static int consdiffmgr_ensure_space_for_files(int n); +static int consensus_queue_compression_work(const char *consensus, + const networkstatus_t *as_parsed); static int consensus_diff_queue_diff_work(consensus_cache_entry_t *diff_from, consensus_cache_entry_t *diff_to); static void consdiffmgr_set_cache_flags(void); -/* Just gzip consensuses for now. */ -#define COMPRESS_CONSENSUS_WITH GZIP_METHOD - /* ===== * Hashtable setup * ===== */ @@ -407,11 +447,6 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after) consensus_cache_filter_list(matches, LABEL_DOCTYPE, DOCTYPE_CONSENSUS); consensus_cache_entry_t *result = NULL; - if (smartlist_len(matches) > 1) { - log_warn(LD_BUG, "How odd; there appear to be two matching consensuses " - "with flavor %s published at %s.", - flavname, formatted_time); - } if (smartlist_len(matches)) { result = smartlist_get(matches, 0); } @@ -420,6 +455,25 @@ cdm_cache_lookup_consensus(consensus_flavor_t flavor, time_t valid_after) return result; } +/** Return the maximum age (in seconds) of consensuses that we should consider + * storing. The available space in the directory may impose additional limits + * on how much we store. */ +static int32_t +get_max_age_to_cache(void) +{ + /* The parameter is in hours. */ + const int32_t DEFAULT_MAX_AGE_TO_CACHE = 8192; + const int32_t MIN_MAX_AGE_TO_CACHE = 0; + const int32_t MAX_MAX_AGE_TO_CACHE = 8192; + const char MAX_AGE_TO_CACHE_NAME[] = "max-consensus-age-to-cache-for-diff"; + + return 3600 * networkstatus_get_param(NULL, + MAX_AGE_TO_CACHE_NAME, + DEFAULT_MAX_AGE_TO_CACHE, + MIN_MAX_AGE_TO_CACHE, + MAX_MAX_AGE_TO_CACHE); +} + /** * Given a string containing a networkstatus consensus, and the results of * having parsed that consensus, add that consensus to the cache if it is not @@ -440,7 +494,7 @@ consdiffmgr_add_consensus(const char *consensus, const consensus_flavor_t flavor = as_parsed->flavor; const time_t valid_after = as_parsed->valid_after; - if (valid_after < approx_time() - 3600 * consdiff_cfg.cache_max_age_hours) { + if (valid_after < approx_time() - get_max_age_to_cache()) { log_info(LD_DIRSERV, "We don't care about this consensus document; it's " "too old."); return -1; @@ -455,48 +509,7 @@ consdiffmgr_add_consensus(const char *consensus, } /* We don't have it. Add it to the cache. */ - consdiffmgr_ensure_space_for_files(1); - - { - size_t bodylen = strlen(consensus); - config_line_t *labels = NULL; - char formatted_time[ISO_TIME_LEN+1]; - format_iso_time_nospace(formatted_time, valid_after); - const char *flavname = networkstatus_get_flavor_name(flavor); - - cdm_labels_prepend_sha3(&labels, LABEL_SHA3_DIGEST_UNCOMPRESSED, - (const uint8_t *)consensus, bodylen); - - char *body_compressed = NULL; - size_t size_compressed = 0; - if (tor_compress(&body_compressed, &size_compressed, - consensus, bodylen, COMPRESS_CONSENSUS_WITH) < 0) { - config_free_lines(labels); - return -1; - } - cdm_labels_prepend_sha3(&labels, LABEL_SHA3_DIGEST, - (const uint8_t *)body_compressed, size_compressed); - config_line_prepend(&labels, LABEL_COMPRESSION_TYPE, - compression_method_get_name(COMPRESS_CONSENSUS_WITH)); - config_line_prepend(&labels, LABEL_FLAVOR, flavname); - config_line_prepend(&labels, LABEL_VALID_AFTER, formatted_time); - config_line_prepend(&labels, LABEL_DOCTYPE, DOCTYPE_CONSENSUS); - - entry = consensus_cache_add(cdm_cache_get(), - labels, - (const uint8_t *)body_compressed, - size_compressed); - tor_free(body_compressed); - config_free_lines(labels); - } - - if (entry) { - consensus_cache_entry_mark_for_aggressive_release(entry); - consensus_cache_entry_decref(entry); - } - - cdm_cache_dirty = 1; - return entry ? 0 : -1; + return consensus_queue_compression_work(consensus, as_parsed); } /** @@ -529,6 +542,48 @@ sort_and_find_most_recent(smartlist_t *lst) } } +/** Return i such that compress_consensus_with[i] == method. Return + * -1 if no such i exists. */ +static int +consensus_compression_method_pos(compress_method_t method) +{ + unsigned i; + for (i = 0; i < n_consensus_compression_methods(); ++i) { + if (compress_consensus_with[i] == method) { + return i; + } + } + return -1; +} + +/** + * If we know a consensus with the flavor <b>flavor</b> compressed with + * <b>method</b>, set *<b>entry_out</b> to that value. Return values are as + * for consdiffmgr_find_diff_from(). + */ +consdiff_status_t +consdiffmgr_find_consensus(struct consensus_cache_entry_t **entry_out, + consensus_flavor_t flavor, + compress_method_t method) +{ + tor_assert(entry_out); + tor_assert((int)flavor < N_CONSENSUS_FLAVORS); + + int pos = consensus_compression_method_pos(method); + if (pos < 0) { + // We don't compress consensuses with this method. + return CONSDIFF_NOT_FOUND; + } + consensus_cache_entry_handle_t *handle = latest_consensus[flavor][pos]; + if (!handle) + return CONSDIFF_NOT_FOUND; + *entry_out = consensus_cache_entry_handle_get(handle); + if (*entry_out) + return CONSDIFF_AVAILABLE; + else + return CONSDIFF_NOT_FOUND; +} + /** * Look up consensus_cache_entry_t for the consensus of type <b>flavor</b>, * from the source consensus with the specified digest (which must be SHA3). @@ -607,8 +662,7 @@ consdiffmgr_cleanup(void) log_debug(LD_DIRSERV, "Looking for consdiffmgr entries to remove"); // 1. Delete any consensus or diff or anything whose valid_after is too old. - const time_t valid_after_cutoff = - approx_time() - 3600 * consdiff_cfg.cache_max_age_hours; + const time_t valid_after_cutoff = approx_time() - get_max_age_to_cache(); consensus_cache_find_all(objects, cdm_cache_get(), NULL, NULL); @@ -670,6 +724,42 @@ consdiffmgr_cleanup(void) smartlist_clear(diffs); } + // 3. Delete all consensuses except the most recent that are compressed with + // an un-preferred method. + for (int flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) { + const char *flavname = networkstatus_get_flavor_name(flav); + /* Determine the most recent consensus of this flavor */ + consensus_cache_find_all(consensuses, cdm_cache_get(), + LABEL_DOCTYPE, DOCTYPE_CONSENSUS); + consensus_cache_filter_list(consensuses, LABEL_FLAVOR, flavname); + consensus_cache_entry_t *most_recent = + sort_and_find_most_recent(consensuses); + if (most_recent == NULL) + continue; + const char *most_recent_sha3_uncompressed = + consensus_cache_entry_get_value(most_recent, + LABEL_SHA3_DIGEST_UNCOMPRESSED); + const char *retain_methodname = compression_method_get_name( + RETAIN_CONSENSUS_COMPRESSED_WITH_METHOD); + + if (BUG(most_recent_sha3_uncompressed == NULL)) + continue; + SMARTLIST_FOREACH_BEGIN(consensuses, consensus_cache_entry_t *, ent) { + const char *lv_sha3_uncompressed = + consensus_cache_entry_get_value(ent, LABEL_SHA3_DIGEST_UNCOMPRESSED); + if (BUG(! lv_sha3_uncompressed)) + continue; + if (!strcmp(lv_sha3_uncompressed, most_recent_sha3_uncompressed)) + continue; // This _is_ the most recent. + const char *lv_methodname = + consensus_cache_entry_get_value(ent, LABEL_COMPRESSION_TYPE); + if (! lv_methodname || strcmp(lv_methodname, retain_methodname)) { + consensus_cache_entry_mark_for_removal(ent); + ++n_to_delete; + } + } SMARTLIST_FOREACH_END(ent); + } + smartlist_free(objects); smartlist_free(consensuses); smartlist_free(diffs); @@ -773,10 +863,14 @@ consdiffmgr_rescan_flavor_(consensus_flavor_t flavor) // 1. find the most recent consensus, and the ones that we might want // to diff to it. + const char *methodname = compression_method_get_name( + RETAIN_CONSENSUS_COMPRESSED_WITH_METHOD); + matches = smartlist_new(); consensus_cache_find_all(matches, cdm_cache_get(), LABEL_FLAVOR, flavname); consensus_cache_filter_list(matches, LABEL_DOCTYPE, DOCTYPE_CONSENSUS); + consensus_cache_filter_list(matches, LABEL_COMPRESSION_TYPE, methodname); consensus_cache_entry_t *most_recent = sort_and_find_most_recent(matches); if (!most_recent) { log_info(LD_DIRSERV, "No 'most recent' %s consensus found; " @@ -821,6 +915,10 @@ consdiffmgr_rescan_flavor_(consensus_flavor_t flavor) if (strmap_get(have_diff_from, va) != NULL) continue; /* we already have this one. */ smartlist_add(compute_diffs_from, ent); + /* Since we are not going to serve this as the most recent consensus + * any more, we should stop keeping it mmap'd when it's not in use. + */ + consensus_cache_entry_mark_for_aggressive_release(ent); } SMARTLIST_FOREACH_END(ent); log_info(LD_DIRSERV, @@ -844,9 +942,12 @@ consdiffmgr_rescan_flavor_(consensus_flavor_t flavor) continue; // LCOV_EXCL_LINE uint8_t this_sha3[DIGEST256_LEN]; - if (BUG(cdm_entry_get_sha3_value(this_sha3, c, - LABEL_SHA3_DIGEST_UNCOMPRESSED)<0)) - continue; // LCOV_EXCL_LINE + if (cdm_entry_get_sha3_value(this_sha3, c, + LABEL_SHA3_DIGEST_AS_SIGNED)<0) { + // Not actually a bug, since we might be running with a directory + // with stale files from before the #22143 fixes. + continue; + } if (cdm_diff_ht_check_and_note_pending(flavor, this_sha3, most_recent_sha3)) { // This is already pending, or we encountered an error. @@ -863,6 +964,48 @@ consdiffmgr_rescan_flavor_(consensus_flavor_t flavor) } /** + * Scan the cache for the latest consensuses and add their handles to + * latest_consensus + */ +static void +consdiffmgr_consensus_load(void) +{ + smartlist_t *matches = smartlist_new(); + for (int flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) { + const char *flavname = networkstatus_get_flavor_name(flav); + smartlist_clear(matches); + consensus_cache_find_all(matches, cdm_cache_get(), + LABEL_FLAVOR, flavname); + consensus_cache_filter_list(matches, LABEL_DOCTYPE, DOCTYPE_CONSENSUS); + consensus_cache_entry_t *most_recent = sort_and_find_most_recent(matches); + if (! most_recent) + continue; // no consensuses. + const char *most_recent_sha3 = + consensus_cache_entry_get_value(most_recent, + LABEL_SHA3_DIGEST_UNCOMPRESSED); + if (BUG(most_recent_sha3 == NULL)) + continue; // LCOV_EXCL_LINE + consensus_cache_filter_list(matches, LABEL_SHA3_DIGEST_UNCOMPRESSED, + most_recent_sha3); + + // Everything that remains matches the most recent consensus of this + // flavor. + SMARTLIST_FOREACH_BEGIN(matches, consensus_cache_entry_t *, ent) { + const char *lv_compression = + consensus_cache_entry_get_value(ent, LABEL_COMPRESSION_TYPE); + compress_method_t method = + compression_method_get_by_name(lv_compression); + int pos = consensus_compression_method_pos(method); + if (pos < 0) + continue; + consensus_cache_entry_handle_free(latest_consensus[flav][pos]); + latest_consensus[flav][pos] = consensus_cache_entry_handle_new(ent); + } SMARTLIST_FOREACH_END(ent); + } + smartlist_free(matches); +} + +/** * Scan the cache for diffs, and add them to the hashtable. */ static void @@ -919,6 +1062,7 @@ consdiffmgr_rescan(void) if (cdm_cache_loaded == 0) { consdiffmgr_diffs_load(); + consdiffmgr_consensus_load(); cdm_cache_loaded = 1; } @@ -1034,6 +1178,14 @@ consdiffmgr_free_all(void) next = HT_NEXT_RMV(cdm_diff_ht, &cdm_diff_ht, diff); cdm_diff_free(this); } + int i; + unsigned j; + for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) { + for (j = 0; j < n_consensus_compression_methods(); ++j) { + consensus_cache_entry_handle_free(latest_consensus[i][j]); + } + } + memset(latest_consensus, 0, sizeof(latest_consensus)); consensus_cache_free(cons_diff_cache); cons_diff_cache = NULL; } @@ -1055,6 +1207,93 @@ typedef struct compressed_result_t { } compressed_result_t; /** + * Compress the bytestring <b>input</b> of length <b>len</b> using the + * <n>n_methods</b> compression methods listed in the array <b>methods</b>. + * + * For each successful compression, set the fields in the <b>results_out</b> + * array in the position corresponding to the compression method. Use + * <b>labels_in</b> as a basis for the labels of the result. + * + * Return 0 if all compression succeeded; -1 if any failed. + */ +static int +compress_multiple(compressed_result_t *results_out, int n_methods, + const compress_method_t *methods, + const uint8_t *input, size_t len, + const config_line_t *labels_in) +{ + int rv = 0; + int i; + for (i = 0; i < n_methods; ++i) { + compress_method_t method = methods[i]; + const char *methodname = compression_method_get_name(method); + char *result; + size_t sz; + if (0 == tor_compress(&result, &sz, (const char*)input, len, method)) { + results_out[i].body = (uint8_t*)result; + results_out[i].bodylen = sz; + results_out[i].labels = config_lines_dup(labels_in); + cdm_labels_prepend_sha3(&results_out[i].labels, LABEL_SHA3_DIGEST, + results_out[i].body, + results_out[i].bodylen); + config_line_prepend(&results_out[i].labels, + LABEL_COMPRESSION_TYPE, + methodname); + } else { + rv = -1; + } + } + return rv; +} + +/** + * Given an array of <b>n</b> compressed_result_t in <b>results</b>, + * as produced by compress_multiple, store them all into the + * consdiffmgr, and store handles to them in the <b>handles_out</b> + * array. + * + * Return CDM_DIFF_PRESENT if any was stored, and CDM_DIFF_ERROR if none + * was stored. + */ +static cdm_diff_status_t +store_multiple(consensus_cache_entry_handle_t **handles_out, + int n, + const compress_method_t *methods, + const compressed_result_t *results, + const char *description) +{ + cdm_diff_status_t status = CDM_DIFF_ERROR; + consdiffmgr_ensure_space_for_files(n); + + int i; + for (i = 0; i < n; ++i) { + compress_method_t method = methods[i]; + uint8_t *body_out = results[i].body; + size_t bodylen_out = results[i].bodylen; + config_line_t *labels = results[i].labels; + const char *methodname = compression_method_get_name(method); + if (body_out && bodylen_out && labels) { + /* Success! Store the results */ + log_info(LD_DIRSERV, "Adding %s, compressed with %s", + description, methodname); + + consensus_cache_entry_t *ent = + consensus_cache_add(cdm_cache_get(), + labels, + body_out, + bodylen_out); + if (BUG(ent == NULL)) + continue; + + status = CDM_DIFF_PRESENT; + handles_out[i] = consensus_cache_entry_handle_new(ent); + consensus_cache_entry_decref(ent); + } + } + return status; +} + +/** * An object passed to a worker thread that will try to produce a consensus * diff. */ @@ -1100,14 +1339,8 @@ uncompress_or_copy(char **out, size_t *outlen, if (lv_compression) method = compression_method_get_by_name(lv_compression); - if (method == NO_METHOD) { - *out = tor_memdup_nulterm(body, bodylen); - *outlen = bodylen; - return 0; - } else { - return tor_uncompress(out, outlen, (const char *)body, bodylen, - method, 1, LOG_WARN); - } + return tor_uncompress(out, outlen, (const char *)body, bodylen, + method, 1, LOG_WARN); } /** @@ -1133,11 +1366,17 @@ consensus_diff_worker_threadfn(void *state_, void *work_) const char *lv_to_valid_after = consensus_cache_entry_get_value(job->diff_to, LABEL_VALID_AFTER); + const char *lv_to_fresh_until = + consensus_cache_entry_get_value(job->diff_to, LABEL_FRESH_UNTIL); + const char *lv_to_valid_until = + consensus_cache_entry_get_value(job->diff_to, LABEL_VALID_UNTIL); + const char *lv_to_signatories = + consensus_cache_entry_get_value(job->diff_to, LABEL_SIGNATORIES); const char *lv_from_valid_after = consensus_cache_entry_get_value(job->diff_from, LABEL_VALID_AFTER); const char *lv_from_digest = consensus_cache_entry_get_value(job->diff_from, - LABEL_SHA3_DIGEST_UNCOMPRESSED); + LABEL_SHA3_DIGEST_AS_SIGNED); const char *lv_from_flavor = consensus_cache_entry_get_value(job->diff_from, LABEL_FLAVOR); const char *lv_to_flavor = @@ -1146,10 +1385,17 @@ consensus_diff_worker_threadfn(void *state_, void *work_) consensus_cache_entry_get_value(job->diff_to, LABEL_SHA3_DIGEST_UNCOMPRESSED); + if (! lv_from_digest) { + /* This isn't a bug right now, since it can happen if you're migrating + * from an older version of master to a newer one. The older ones didn't + * annotate their stored consensus objects with sha3-digest-as-signed. + */ + return WQ_RPL_REPLY; // LCOV_EXCL_LINE + } + /* All these values are mandatory on the input */ if (BUG(!lv_to_valid_after) || BUG(!lv_from_valid_after) || - BUG(!lv_from_digest) || BUG(!lv_from_flavor) || BUG(!lv_to_flavor)) { return WQ_RPL_REPLY; // LCOV_EXCL_LINE @@ -1195,6 +1441,12 @@ consensus_diff_worker_threadfn(void *state_, void *work_) job->out[0].bodylen = difflen; config_line_t *common_labels = NULL; + if (lv_to_valid_until) + config_line_prepend(&common_labels, LABEL_VALID_UNTIL, lv_to_valid_until); + if (lv_to_fresh_until) + config_line_prepend(&common_labels, LABEL_FRESH_UNTIL, lv_to_fresh_until); + if (lv_to_signatories) + config_line_prepend(&common_labels, LABEL_SIGNATORIES, lv_to_signatories); cdm_labels_prepend_sha3(&common_labels, LABEL_SHA3_DIGEST_UNCOMPRESSED, job->out[0].body, @@ -1217,24 +1469,10 @@ consensus_diff_worker_threadfn(void *state_, void *work_) job->out[0].body, job->out[0].bodylen); - unsigned u; - for (u = 1; u < n_diff_compression_methods(); ++u) { - compress_method_t method = compress_diffs_with[u]; - const char *methodname = compression_method_get_name(method); - char *result; - size_t sz; - if (0 == tor_compress(&result, &sz, consensus_diff, difflen, method)) { - job->out[u].body = (uint8_t*)result; - job->out[u].bodylen = sz; - job->out[u].labels = config_lines_dup(common_labels); - cdm_labels_prepend_sha3(&job->out[u].labels, LABEL_SHA3_DIGEST, - job->out[u].body, - job->out[u].bodylen); - config_line_prepend(&job->out[u].labels, - LABEL_COMPRESSION_TYPE, - methodname); - } - } + compress_multiple(job->out+1, + n_diff_compression_methods()-1, + compress_diffs_with+1, + (const uint8_t*)consensus_diff, difflen, common_labels); config_free_lines(common_labels); return WQ_RPL_REPLY; @@ -1273,7 +1511,7 @@ consensus_diff_worker_replyfn(void *work_) const char *lv_from_digest = consensus_cache_entry_get_value(job->diff_from, - LABEL_SHA3_DIGEST_UNCOMPRESSED); + LABEL_SHA3_DIGEST_AS_SIGNED); const char *lv_to_digest = consensus_cache_entry_get_value(job->diff_to, LABEL_SHA3_DIGEST_UNCOMPRESSED); @@ -1289,7 +1527,7 @@ consensus_diff_worker_replyfn(void *work_) int flav = -1; int cache = 1; if (BUG(cdm_entry_get_sha3_value(from_sha3, job->diff_from, - LABEL_SHA3_DIGEST_UNCOMPRESSED) < 0)) + LABEL_SHA3_DIGEST_AS_SIGNED) < 0)) cache = 0; if (BUG(cdm_entry_get_sha3_value(to_sha3, job->diff_to, LABEL_SHA3_DIGEST_UNCOMPRESSED) < 0)) @@ -1300,36 +1538,20 @@ consensus_diff_worker_replyfn(void *work_) cache = 0; } - int status = CDM_DIFF_ERROR; consensus_cache_entry_handle_t *handles[ARRAY_LENGTH(compress_diffs_with)]; memset(handles, 0, sizeof(handles)); - consdiffmgr_ensure_space_for_files(n_diff_compression_methods()); - - unsigned u; - for (u = 0; u < n_diff_compression_methods(); ++u) { - compress_method_t method = compress_diffs_with[u]; - uint8_t *body_out = job->out[u].body; - size_t bodylen_out = job->out[u].bodylen; - config_line_t *labels = job->out[u].labels; - const char *methodname = compression_method_get_name(method); - if (body_out && bodylen_out && labels) { - /* Success! Store the results */ - log_info(LD_DIRSERV, "Adding consensus diff from %s to %s, " - "compressed with %s", - lv_from_digest, lv_to_digest, methodname); + char description[128]; + tor_snprintf(description, sizeof(description), + "consensus diff from %s to %s", + lv_from_digest, lv_to_digest); - consensus_cache_entry_t *ent = - consensus_cache_add(cdm_cache_get(), - labels, - body_out, - bodylen_out); + int status = store_multiple(handles, + n_diff_compression_methods(), + compress_diffs_with, + job->out, + description); - status = CDM_DIFF_PRESENT; - handles[u] = consensus_cache_entry_handle_new(ent); - consensus_cache_entry_decref(ent); - } - } if (status != CDM_DIFF_PRESENT) { /* Failure! Nothing to do but complain */ log_warn(LD_DIRSERV, @@ -1339,6 +1561,7 @@ consensus_diff_worker_replyfn(void *work_) status = CDM_DIFF_ERROR; } + unsigned u; for (u = 0; u < ARRAY_LENGTH(handles); ++u) { compress_method_t method = compress_diffs_with[u]; if (cache) { @@ -1390,3 +1613,230 @@ consensus_diff_queue_diff_work(consensus_cache_entry_t *diff_from, return -1; } +/** + * Holds requests and replies for consensus_compress_workers. + */ +typedef struct consensus_compress_worker_job_t { + char *consensus; + size_t consensus_len; + consensus_flavor_t flavor; + config_line_t *labels_in; + compressed_result_t out[ARRAY_LENGTH(compress_consensus_with)]; +} consensus_compress_worker_job_t; + +/** + * Free all resources held in <b>job</b> + */ +static void +consensus_compress_worker_job_free(consensus_compress_worker_job_t *job) +{ + if (!job) + return; + tor_free(job->consensus); + config_free_lines(job->labels_in); + unsigned u; + for (u = 0; u < n_consensus_compression_methods(); ++u) { + config_free_lines(job->out[u].labels); + tor_free(job->out[u].body); + } + tor_free(job); +} +/** + * Worker function. This function runs inside a worker thread and receives + * a consensus_compress_worker_job_t as its input. + */ +static workqueue_reply_t +consensus_compress_worker_threadfn(void *state_, void *work_) +{ + (void)state_; + consensus_compress_worker_job_t *job = work_; + consensus_flavor_t flavor = job->flavor; + const char *consensus = job->consensus; + size_t bodylen = job->consensus_len; + + config_line_t *labels = config_lines_dup(job->labels_in); + const char *flavname = networkstatus_get_flavor_name(flavor); + + cdm_labels_prepend_sha3(&labels, LABEL_SHA3_DIGEST_UNCOMPRESSED, + (const uint8_t *)consensus, bodylen); + { + const char *start, *end; + if (router_get_networkstatus_v3_signed_boundaries(consensus, + &start, &end) < 0) { + start = consensus; + end = consensus+bodylen; + } + cdm_labels_prepend_sha3(&labels, LABEL_SHA3_DIGEST_AS_SIGNED, + (const uint8_t *)start, + end - start); + } + config_line_prepend(&labels, LABEL_FLAVOR, flavname); + config_line_prepend(&labels, LABEL_DOCTYPE, DOCTYPE_CONSENSUS); + + compress_multiple(job->out, + n_consensus_compression_methods(), + compress_consensus_with, + (const uint8_t*)consensus, bodylen, labels); + config_free_lines(labels); + return WQ_RPL_REPLY; +} + +/** + * Worker function: This function runs in the main thread, and receives + * a consensus_diff_compress_job_t that the worker thread has already + * processed. + */ +static void +consensus_compress_worker_replyfn(void *work_) +{ + consensus_compress_worker_job_t *job = work_; + + consensus_cache_entry_handle_t *handles[ + ARRAY_LENGTH(compress_consensus_with)]; + memset(handles, 0, sizeof(handles)); + + store_multiple(handles, + n_consensus_compression_methods(), + compress_consensus_with, + job->out, + "consensus"); + cdm_cache_dirty = 1; + + unsigned u; + consensus_flavor_t f = job->flavor; + tor_assert((int)f < N_CONSENSUS_FLAVORS); + for (u = 0; u < ARRAY_LENGTH(handles); ++u) { + if (handles[u] == NULL) + continue; + consensus_cache_entry_handle_free(latest_consensus[f][u]); + latest_consensus[f][u] = handles[u]; + } + + consensus_compress_worker_job_free(job); +} + +/** + * If true, we compress in worker threads. + */ +static int background_compression = 0; + +/** + * Queue a job to compress <b>consensus</b> and store its compressed + * text in the cache. + */ +static int +consensus_queue_compression_work(const char *consensus, + const networkstatus_t *as_parsed) +{ + tor_assert(consensus); + tor_assert(as_parsed); + + consensus_compress_worker_job_t *job = tor_malloc_zero(sizeof(*job)); + job->consensus = tor_strdup(consensus); + job->consensus_len = strlen(consensus); + job->flavor = as_parsed->flavor; + + char va_str[ISO_TIME_LEN+1]; + char vu_str[ISO_TIME_LEN+1]; + char fu_str[ISO_TIME_LEN+1]; + format_iso_time_nospace(va_str, as_parsed->valid_after); + format_iso_time_nospace(fu_str, as_parsed->fresh_until); + format_iso_time_nospace(vu_str, as_parsed->valid_until); + config_line_append(&job->labels_in, LABEL_VALID_AFTER, va_str); + config_line_append(&job->labels_in, LABEL_FRESH_UNTIL, fu_str); + config_line_append(&job->labels_in, LABEL_VALID_UNTIL, vu_str); + if (as_parsed->voters) { + smartlist_t *hexvoters = smartlist_new(); + SMARTLIST_FOREACH_BEGIN(as_parsed->voters, + networkstatus_voter_info_t *, vi) { + if (smartlist_len(vi->sigs) == 0) + continue; // didn't sign. + char d[HEX_DIGEST_LEN+1]; + base16_encode(d, sizeof(d), vi->identity_digest, DIGEST_LEN); + smartlist_add_strdup(hexvoters, d); + } SMARTLIST_FOREACH_END(vi); + char *signers = smartlist_join_strings(hexvoters, ",", 0, NULL); + config_line_prepend(&job->labels_in, LABEL_SIGNATORIES, signers); + tor_free(signers); + SMARTLIST_FOREACH(hexvoters, char *, cp, tor_free(cp)); + smartlist_free(hexvoters); + } + + if (background_compression) { + workqueue_entry_t *work; + work = cpuworker_queue_work(consensus_compress_worker_threadfn, + consensus_compress_worker_replyfn, + job); + if (!work) { + consensus_compress_worker_job_free(job); + return -1; + } + + return 0; + } else { + consensus_compress_worker_threadfn(NULL, job); + consensus_compress_worker_replyfn(job); + return 0; + } +} + +/** + * Tell the consdiffmgr backend to compress consensuses in worker threads. + */ +void +consdiffmgr_enable_background_compression(void) +{ + // This isn't the default behavior because it would break unit tests. + background_compression = 1; +} + +/** Read the set of voters from the cached object <b>ent</b> into + * <b>out</b>, as a list of hex-encoded digests. Return 0 on success, + * -1 if no signatories were recorded. */ +int +consensus_cache_entry_get_voter_id_digests(const consensus_cache_entry_t *ent, + smartlist_t *out) +{ + tor_assert(ent); + tor_assert(out); + const char *s; + s = consensus_cache_entry_get_value(ent, LABEL_SIGNATORIES); + if (s == NULL) + return -1; + smartlist_split_string(out, s, ",", SPLIT_SKIP_SPACE|SPLIT_STRIP_SPACE, 0); + return 0; +} + +/** Read the fresh-until time of cached object <b>ent</b> into *<b>out</b> + * and return 0, or return -1 if no such time was recorded. */ +int +consensus_cache_entry_get_fresh_until(const consensus_cache_entry_t *ent, + time_t *out) +{ + tor_assert(ent); + tor_assert(out); + const char *s; + s = consensus_cache_entry_get_value(ent, LABEL_FRESH_UNTIL); + if (s == NULL || parse_iso_time_nospace(s, out) < 0) + return -1; + else + return 0; +} + +/** Read the valid until timestamp from the cached object <b>ent</b> into + * *<b>out</b> and return 0, or return -1 if no such time was recorded. */ +int +consensus_cache_entry_get_valid_until(const consensus_cache_entry_t *ent, + time_t *out) +{ + tor_assert(ent); + tor_assert(out); + + const char *s; + s = consensus_cache_entry_get_value(ent, LABEL_VALID_UNTIL); + if (s == NULL || parse_iso_time_nospace(s, out) < 0) + return -1; + else + return 0; +} + diff --git a/src/or/consdiffmgr.h b/src/or/consdiffmgr.h index 048dae432c..fe4f9ee239 100644 --- a/src/or/consdiffmgr.h +++ b/src/or/consdiffmgr.h @@ -14,7 +14,6 @@ typedef enum consdiff_status_t { } consdiff_status_t; typedef struct consdiff_cfg_t { - int32_t cache_max_age_hours; int32_t cache_max_num; } consdiff_cfg_t; @@ -23,6 +22,11 @@ struct consensus_cache_entry_t; // from conscache.h int consdiffmgr_add_consensus(const char *consensus, const networkstatus_t *as_parsed); +consdiff_status_t consdiffmgr_find_consensus( + struct consensus_cache_entry_t **entry_out, + consensus_flavor_t flavor, + compress_method_t method); + consdiff_status_t consdiffmgr_find_diff_from( struct consensus_cache_entry_t **entry_out, consensus_flavor_t flavor, @@ -30,8 +34,20 @@ consdiff_status_t consdiffmgr_find_diff_from( const uint8_t *digest, size_t digestlen, compress_method_t method); + +int consensus_cache_entry_get_voter_id_digests( + const struct consensus_cache_entry_t *ent, + smartlist_t *out); +int consensus_cache_entry_get_fresh_until( + const struct consensus_cache_entry_t *ent, + time_t *out); +int consensus_cache_entry_get_valid_until( + const struct consensus_cache_entry_t *ent, + time_t *out); + void consdiffmgr_rescan(void); int consdiffmgr_cleanup(void); +void consdiffmgr_enable_background_compression(void); void consdiffmgr_configure(const consdiff_cfg_t *cfg); struct sandbox_cfg_elem; int consdiffmgr_register_with_sandbox(struct sandbox_cfg_elem **cfg); @@ -40,6 +56,7 @@ int consdiffmgr_validate(void); #ifdef CONSDIFFMGR_PRIVATE STATIC unsigned n_diff_compression_methods(void); +STATIC unsigned n_consensus_compression_methods(void); STATIC consensus_cache_t *cdm_cache_get(void); STATIC consensus_cache_entry_t *cdm_cache_lookup_consensus( consensus_flavor_t flavor, time_t valid_after); diff --git a/src/or/control.c b/src/or/control.c index 56f1329029..083768c3d3 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1462,8 +1462,10 @@ handle_control_saveconf(control_connection_t *conn, uint32_t len, const char *body) { (void) len; - (void) body; - if (options_save_current()<0) { + + int force = !strcmpstart(body, "FORCE"); + const or_options_t *options = get_options(); + if ((!force && options->IncludeUsed) || options_save_current() < 0) { connection_write_str_to_buf( "551 Unable to write configuration to disk.\r\n", conn); } else { @@ -1677,6 +1679,8 @@ getinfo_helper_misc(control_connection_t *conn, const char *question, *answer = tor_strdup(a); } else if (!strcmp(question, "config-text")) { *answer = options_dump(get_options(), OPTIONS_DUMP_MINIMAL); + } else if (!strcmp(question, "config-can-saveconf")) { + *answer = tor_strdup(get_options()->IncludeUsed ? "0" : "1"); } else if (!strcmp(question, "info/names")) { *answer = list_getinfo_options(); } else if (!strcmp(question, "dormant")) { @@ -2931,6 +2935,8 @@ static const getinfo_item_t getinfo_items[] = { ITEM("config-defaults-file", misc, "Current location of the defaults file."), ITEM("config-text", misc, "Return the string that would be written by a saveconf command."), + ITEM("config-can-saveconf", misc, + "Is it possible to save the configuration to the \"torrc\" file?"), ITEM("accounting/bytes", accounting, "Number of bytes read/written so far in the accounting interval."), ITEM("accounting/bytes-left", accounting, @@ -3551,24 +3557,9 @@ handle_control_attachstream(control_connection_t *conn, uint32_t len, } /* Is this a single hop circuit? */ if (circ && (circuit_get_cpath_len(circ)<2 || hop==1)) { - const node_t *node = NULL; - char *exit_digest = NULL; - if (circ->build_state && - circ->build_state->chosen_exit && - !tor_digest_is_zero(circ->build_state->chosen_exit->identity_digest)) { - exit_digest = circ->build_state->chosen_exit->identity_digest; - node = node_get_by_id(exit_digest); - } - /* Do both the client and relay allow one-hop exit circuits? */ - if (!node || - !node_allows_single_hop_exits(node) || - !get_options()->AllowSingleHopCircuits) { - connection_write_str_to_buf( - "551 Can't attach stream to this one-hop circuit.\r\n", conn); - return 0; - } - tor_assert(exit_digest); - ap_conn->chosen_exit_name = tor_strdup(hex_str(exit_digest, DIGEST_LEN)); + connection_write_str_to_buf( + "551 Can't attach stream to this one-hop circuit.\r\n", conn); + return 0; } if (circ && hop>0) { @@ -6924,6 +6915,11 @@ get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp) goto end; } + /* Without a directory fingerprint at this stage, we can't do much. */ + if (hsdir_fp == NULL) { + goto end; + } + /* OK, we have an onion address so now let's find which descriptor ID * is the one associated with the HSDir fingerprint. */ for (replica = 0; replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS; @@ -7013,10 +7009,9 @@ control_event_hs_descriptor_receive_end(const char *action, char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; const char *desc_id = NULL; - if (!action || !id_digest || !rend_data || !onion_address) { - log_warn(LD_BUG, "Called with action==%p, id_digest==%p, " - "rend_data==%p, onion_address==%p", action, id_digest, - rend_data, onion_address); + if (!action || !rend_data || !onion_address) { + log_warn(LD_BUG, "Called with action==%p, rend_data==%p, " + "onion_address==%p", action, rend_data, onion_address); return; } @@ -7039,7 +7034,8 @@ control_event_hs_descriptor_receive_end(const char *action, rend_hsaddress_str_or_unknown(onion_address), rend_auth_type_to_string( TO_REND_DATA_V2(rend_data)->auth_type), - node_describe_longname_by_id(id_digest), + id_digest ? + node_describe_longname_by_id(id_digest) : "UNKNOWN", desc_id_field ? desc_id_field : "", reason_field ? reason_field : ""); @@ -7119,19 +7115,18 @@ control_event_hs_descriptor_uploaded(const char *id_digest, id_digest, NULL); } -/** Send HS_DESC event to inform controller that query <b>rend_query</b> - * failed to retrieve hidden service descriptor identified by - * <b>id_digest</b>. If <b>reason</b> is not NULL, add it to REASON= - * field. +/** Send HS_DESC event to inform controller that query <b>rend_data</b> + * failed to retrieve hidden service descriptor from directory identified by + * <b>id_digest</b>. If NULL, "UNKNOWN" is used. If <b>reason</b> is not NULL, + * add it to REASON= field. */ void control_event_hs_descriptor_failed(const rend_data_t *rend_data, const char *id_digest, const char *reason) { - if (!rend_data || !id_digest) { - log_warn(LD_BUG, "Called with rend_data==%p, id_digest==%p", - rend_data, id_digest); + if (!rend_data) { + log_warn(LD_BUG, "Called with rend_data==%p", rend_data); return; } control_event_hs_descriptor_receive_end("FAILED", @@ -7139,8 +7134,11 @@ control_event_hs_descriptor_failed(const rend_data_t *rend_data, rend_data, id_digest, reason); } -/** send HS_DESC_CONTENT event after completion of a successful fetch from - * hs directory. */ +/** Send HS_DESC_CONTENT event after completion of a successful fetch from hs + * directory. If <b>hsdir_id_digest</b> is NULL, it is replaced by "UNKNOWN". + * If <b>content</b> is NULL, it is replaced by an empty string. The + * <b>onion_address</b> or <b>desc_id</b> set to NULL will no trigger the + * control event. */ void control_event_hs_descriptor_content(const char *onion_address, const char *desc_id, @@ -7150,9 +7148,9 @@ control_event_hs_descriptor_content(const char *onion_address, static const char *event_name = "HS_DESC_CONTENT"; char *esc_content = NULL; - if (!onion_address || !desc_id || !hsdir_id_digest) { - log_warn(LD_BUG, "Called with onion_address==%p, desc_id==%p, " - "hsdir_id_digest==%p", onion_address, desc_id, hsdir_id_digest); + if (!onion_address || !desc_id) { + log_warn(LD_BUG, "Called with onion_address==%p, desc_id==%p, ", + onion_address, desc_id); return; } @@ -7167,7 +7165,9 @@ control_event_hs_descriptor_content(const char *onion_address, event_name, rend_hsaddress_str_or_unknown(onion_address), desc_id, - node_describe_longname_by_id(hsdir_id_digest), + hsdir_id_digest ? + node_describe_longname_by_id(hsdir_id_digest) : + "UNKNOWN", esc_content); tor_free(esc_content); } diff --git a/src/or/directory.c b/src/or/directory.c index 2b9f18af7a..ef74c0fed4 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -13,6 +13,9 @@ #include "config.h" #include "connection.h" #include "connection_edge.h" +#include "conscache.h" +#include "consdiff.h" +#include "consdiffmgr.h" #include "control.h" #include "compat.h" #define DIRECTORY_PRIVATE @@ -115,7 +118,8 @@ static void dir_routerdesc_download_failed(smartlist_t *failed, int was_descriptor_digests); static void dir_microdesc_download_failed(smartlist_t *failed, int status_code); -static int client_likes_consensus(networkstatus_t *v, const char *want_url); +static int client_likes_consensus(const struct consensus_cache_entry_t *ent, + const char *want_url); static void connection_dir_close_consensus_fetches( dir_connection_t *except_this_one, const char *resource); @@ -129,6 +133,7 @@ static void directory_request_set_guard_state(directory_request_t *req, #define ALLOW_DIRECTORY_TIME_SKEW (30*60) #define X_ADDRESS_HEADER "X-Your-Address-Is: " +#define X_OR_DIFF_FROM_CONSENSUS_HEADER "X-Or-Diff-From-Consensus: " /** HTTP cache control: how long do we tell proxies they can cache each * kind of document we serve? */ @@ -476,6 +481,86 @@ directory_pick_generic_dirserver(dirinfo_type_t type, int pds_flags, return rs; } +/** + * Set the extra fields in <b>req</b> that are used when requesting a + * consensus of type <b>resource</b>. + * + * Right now, these fields are if-modified-since and x-or-diff-from-consensus. + */ +static void +dir_consensus_request_set_additional_headers(directory_request_t *req, + const char *resource) +{ + time_t if_modified_since = 0; + uint8_t or_diff_from[DIGEST256_LEN]; + int or_diff_from_is_set = 0; + + /* DEFAULT_IF_MODIFIED_SINCE_DELAY is 1/20 of the default consensus + * period of 1 hour. + */ + const int DEFAULT_IF_MODIFIED_SINCE_DELAY = 180; + const int32_t DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER = 72; + const int32_t MIN_TRY_DIFF_FOR_CONSENSUS_NEWER = 0; + const int32_t MAX_TRY_DIFF_FOR_CONSENSUS_NEWER = 8192; + const char TRY_DIFF_FOR_CONSENSUS_NEWER_NAME[] = + "try-diff-for-consensus-newer-than"; + + int flav = FLAV_NS; + if (resource) + flav = networkstatus_parse_flavor_name(resource); + + int32_t max_age_for_diff = 3600 * + networkstatus_get_param(NULL, + TRY_DIFF_FOR_CONSENSUS_NEWER_NAME, + DEFAULT_TRY_DIFF_FOR_CONSENSUS_NEWER, + MIN_TRY_DIFF_FOR_CONSENSUS_NEWER, + MAX_TRY_DIFF_FOR_CONSENSUS_NEWER); + + if (flav != -1) { + /* IF we have a parsed consensus of this type, we can do an + * if-modified-time based on it. */ + networkstatus_t *v; + v = networkstatus_get_latest_consensus_by_flavor(flav); + if (v) { + /* In networks with particularly short V3AuthVotingIntervals, + * ask for the consensus if it's been modified since half the + * V3AuthVotingInterval of the most recent consensus. */ + time_t ims_delay = DEFAULT_IF_MODIFIED_SINCE_DELAY; + if (v->fresh_until > v->valid_after + && ims_delay > (v->fresh_until - v->valid_after)/2) { + ims_delay = (v->fresh_until - v->valid_after)/2; + } + if_modified_since = v->valid_after + ims_delay; + if (v->valid_after >= approx_time() - max_age_for_diff) { + memcpy(or_diff_from, v->digest_sha3_as_signed, DIGEST256_LEN); + or_diff_from_is_set = 1; + } + } + } else { + /* Otherwise it might be a consensus we don't parse, but which we + * do cache. Look at the cached copy, perhaps. */ + cached_dir_t *cd = dirserv_get_consensus(resource); + /* We have no method of determining the voting interval from an + * unparsed consensus, so we use the default. */ + if (cd) { + if_modified_since = cd->published + DEFAULT_IF_MODIFIED_SINCE_DELAY; + if (cd->published >= approx_time() - max_age_for_diff) { + memcpy(or_diff_from, cd->digest_sha3_as_signed, DIGEST256_LEN); + or_diff_from_is_set = 1; + } + } + } + + if (if_modified_since > 0) + directory_request_set_if_modified_since(req, if_modified_since); + if (or_diff_from_is_set) { + char hex[HEX_DIGEST256_LEN + 1]; + base16_encode(hex, sizeof(hex), + (const char*)or_diff_from, sizeof(or_diff_from)); + directory_request_add_header(req, X_OR_DIFF_FROM_CONSENSUS_HEADER, hex); + } +} + /** Start a connection to a random running directory server, using * connection purpose <b>dir_purpose</b>, intending to fetch descriptors * of purpose <b>router_purpose</b>, and requesting <b>resource</b>. @@ -497,47 +582,10 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose, resource); dirinfo_type_t type = dir_fetch_type(dir_purpose, router_purpose, resource); - time_t if_modified_since = 0; if (type == NO_DIRINFO) return; - if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS) { - int flav = FLAV_NS; - networkstatus_t *v; - if (resource) - flav = networkstatus_parse_flavor_name(resource); - - /* DEFAULT_IF_MODIFIED_SINCE_DELAY is 1/20 of the default consensus - * period of 1 hour. - */ -#define DEFAULT_IF_MODIFIED_SINCE_DELAY (180) - if (flav != -1) { - /* IF we have a parsed consensus of this type, we can do an - * if-modified-time based on it. */ - v = networkstatus_get_latest_consensus_by_flavor(flav); - if (v) { - /* In networks with particularly short V3AuthVotingIntervals, - * ask for the consensus if it's been modified since half the - * V3AuthVotingInterval of the most recent consensus. */ - time_t ims_delay = DEFAULT_IF_MODIFIED_SINCE_DELAY; - if (v->fresh_until > v->valid_after - && ims_delay > (v->fresh_until - v->valid_after)/2) { - ims_delay = (v->fresh_until - v->valid_after)/2; - } - if_modified_since = v->valid_after + ims_delay; - } - } else { - /* Otherwise it might be a consensus we don't parse, but which we - * do cache. Look at the cached copy, perhaps. */ - cached_dir_t *cd = dirserv_get_consensus(resource); - /* We have no method of determining the voting interval from an - * unparsed consensus, so we use the default. */ - if (cd) - if_modified_since = cd->published + DEFAULT_IF_MODIFIED_SINCE_DELAY; - } - } - if (!options->FetchServerDescriptors) return; @@ -565,7 +613,8 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( ri->cache_info.identity_digest); directory_request_set_router_purpose(req, router_purpose); directory_request_set_resource(req, resource); - directory_request_set_if_modified_since(req, if_modified_since); + if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS) + dir_consensus_request_set_additional_headers(req, resource); directory_request_set_guard_state(req, guard_state); directory_initiate_request(req); directory_request_free(req); @@ -633,7 +682,8 @@ MOCK_IMPL(void, directory_get_from_dirserver, ( directory_request_set_router_purpose(req, router_purpose); directory_request_set_indirection(req, indirection); directory_request_set_resource(req, resource); - directory_request_set_if_modified_since(req, if_modified_since); + if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS) + dir_consensus_request_set_additional_headers(req, resource); if (guard_state) directory_request_set_guard_state(req, guard_state); directory_initiate_request(req); @@ -988,6 +1038,9 @@ struct directory_request_t { time_t if_modified_since; /** Hidden-service-specific information */ const rend_data_t *rend_query; + /** Extra headers to append to the request */ + config_line_t *additional_headers; + /** */ /** Used internally to directory.c: gets informed when the attempt to * connect to the directory succeeds or fails, if that attempt bears on the * directory's usability as a directory guard. */ @@ -1086,6 +1139,7 @@ directory_request_free(directory_request_t *req) { if (req == NULL) return; + config_free_lines(req->additional_headers); tor_free(req); } /** @@ -1186,6 +1240,21 @@ directory_request_set_if_modified_since(directory_request_t *req, { req->if_modified_since = if_modified_since; } + +/** Include a header of name <b>key</b> with content <b>val</b> in the + * request. Neither may include newlines or other odd characters. Their + * ordering is not currently guaranteed. + * + * Note that, as elsewhere in this module, header keys include a trailing + * colon and space. + */ +void +directory_request_add_header(directory_request_t *req, + const char *key, + const char *val) +{ + config_line_prepend(&req->additional_headers, key, val); +} /** * Set an object containing HS data to be associated with this request. Note * that only an alias to <b>query</b> is stored, so the <b>query</b> object @@ -1616,6 +1685,7 @@ directory_send_command(dir_connection_t *conn, char decorated_address[128]; smartlist_t *headers = smartlist_new(); char *url; + char *accept_encoding; size_t url_len; char request[8192]; size_t request_len, total_request_len = 0; @@ -1672,6 +1742,20 @@ directory_send_command(dir_connection_t *conn, proxystring[0] = 0; } + /* Add Accept-Encoding. */ + accept_encoding = accept_encoding_header(); + smartlist_add_asprintf(headers, "Accept-Encoding: %s\r\n", + accept_encoding); + tor_free(accept_encoding); + + /* Add additional headers, if any */ + { + config_line_t *h; + for (h = req->additional_headers; h; h = h->next) { + smartlist_add_asprintf(headers, "%s%s\r\n", h->key, h->value); + } + } + switch (purpose) { case DIR_PURPOSE_FETCH_CONSENSUS: /* resource is optional. If present, it's a flavor name */ @@ -1991,16 +2075,15 @@ parse_http_response(const char *headers, int *code, time_t *date, if (!strcmpstart(s, "Content-Encoding: ")) { enc = s+18; break; }); - if (!enc || !strcmp(enc, "identity")) { + + if (enc == NULL) *compression = NO_METHOD; - } else if (!strcmp(enc, "deflate") || !strcmp(enc, "x-deflate")) { - *compression = ZLIB_METHOD; - } else if (!strcmp(enc, "gzip") || !strcmp(enc, "x-gzip")) { - *compression = GZIP_METHOD; - } else { - log_info(LD_HTTP, "Unrecognized content encoding: %s. Trying to deal.", - escaped(enc)); - *compression = UNKNOWN_METHOD; + else { + *compression = compression_method_get_by_name(enc); + + if (*compression == UNKNOWN_METHOD) + log_info(LD_HTTP, "Unrecognized content encoding: %s. Trying to deal.", + escaped(enc)); } } SMARTLIST_FOREACH(parsed_headers, char *, s, tor_free(s)); @@ -2073,6 +2156,39 @@ load_downloaded_routers(const char *body, smartlist_t *which, return added; } +/** A structure to hold arguments passed into each directory response + * handler */ +typedef struct response_handler_args_t { + int status_code; + const char *reason; + const char *body; + size_t body_len; + const char *headers; +} response_handler_args_t; + +static int handle_response_fetch_consensus(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_certificate(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_status_vote(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_detached_signatures(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_desc(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_microdesc(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_upload_dir(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_upload_vote(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_upload_signatures(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_fetch_renddesc_v2(dir_connection_t *, + const response_handler_args_t *); +static int handle_response_upload_renddesc_v2(dir_connection_t *, + const response_handler_args_t *); + /** We are a client, and we've finished reading the server's * response. Parse it and act appropriately. * @@ -2098,8 +2214,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn) int allow_partial = (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC || conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO || conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC); - time_t now = time(NULL); - int src_code; size_t received_bytes; received_bytes = connection_get_inbuf_len(TO_CONN(conn)); @@ -2193,6 +2307,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) "'%s:%d'. I'll try again soon.", status_code, escaped(reason), conn->base_.address, conn->base_.port); + time_t now = approx_time(); if ((rs = router_get_mutable_consensus_status_by_id(id_digest))) rs->last_dir_503_at = now; if ((ds = router_get_fallback_dirserver_by_digest(id_digest))) @@ -2210,37 +2325,31 @@ connection_dir_client_reached_eof(dir_connection_t *conn) if (compression == UNKNOWN_METHOD || guessed != compression) { /* Tell the user if we don't believe what we're told about compression.*/ const char *description1, *description2; - if (compression == ZLIB_METHOD) - description1 = "as deflated"; - else if (compression == GZIP_METHOD) - description1 = "as gzipped"; - else if (compression == NO_METHOD) - description1 = "as uncompressed"; - else - description1 = "with an unknown Content-Encoding"; - if (guessed == ZLIB_METHOD) - description2 = "deflated"; - else if (guessed == GZIP_METHOD) - description2 = "gzipped"; - else if (!plausible) + + description1 = compression_method_get_human_name(compression); + + if (BUG(description1 == NULL)) + description1 = compression_method_get_human_name(UNKNOWN_METHOD); + + if (guessed == UNKNOWN_METHOD && !plausible) description2 = "confusing binary junk"; else - description2 = "uncompressed"; + description2 = compression_method_get_human_name(guessed); - log_info(LD_HTTP, "HTTP body from server '%s:%d' was labeled %s, " + log_info(LD_HTTP, "HTTP body from server '%s:%d' was labeled as %s, " "but it seems to be %s.%s", conn->base_.address, conn->base_.port, description1, description2, (compression>0 && guessed>0)?" Trying both.":""); } - /* Try declared compression first if we can. */ - if (compression == GZIP_METHOD || compression == ZLIB_METHOD) + /* Try declared compression first if we can. + * tor_compress_supports_method() also returns true for NO_METHOD. */ + if (tor_compress_supports_method(compression)) tor_uncompress(&new_body, &new_len, body, body_len, compression, !allow_partial, LOG_PROTOCOL_WARN); /* Okay, if that didn't work, and we think that it was compressed * differently, try that. */ - if (!new_body && - (guessed == GZIP_METHOD || guessed == ZLIB_METHOD) && + if (!new_body && tor_compress_supports_method(guessed) && compression != guessed) tor_uncompress(&new_body, &new_len, body, body_len, guessed, !allow_partial, LOG_PROTOCOL_WARN); @@ -2260,474 +2369,735 @@ connection_dir_client_reached_eof(dir_connection_t *conn) } } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS) { - int r; - const char *flavname = conn->requested_resource; - if (status_code != 200) { - int severity = (status_code == 304) ? LOG_INFO : LOG_WARN; - tor_log(severity, LD_DIR, - "Received http status code %d (%s) from server " - "'%s:%d' while fetching consensus directory.", - status_code, escaped(reason), conn->base_.address, - conn->base_.port); - tor_free(body); tor_free(headers); tor_free(reason); - networkstatus_consensus_download_failed(status_code, flavname); - return -1; + int rv; + response_handler_args_t args; + memset(&args, 0, sizeof(args)); + args.status_code = status_code; + args.reason = reason; + args.body = body; + args.body_len = body_len; + args.headers = headers; + + switch (conn->base_.purpose) { + case DIR_PURPOSE_FETCH_CONSENSUS: + rv = handle_response_fetch_consensus(conn, &args); + break; + case DIR_PURPOSE_FETCH_CERTIFICATE: + rv = handle_response_fetch_certificate(conn, &args); + break; + case DIR_PURPOSE_FETCH_STATUS_VOTE: + rv = handle_response_fetch_status_vote(conn, &args); + break; + case DIR_PURPOSE_FETCH_DETACHED_SIGNATURES: + rv = handle_response_fetch_detached_signatures(conn, &args); + break; + case DIR_PURPOSE_FETCH_SERVERDESC: + case DIR_PURPOSE_FETCH_EXTRAINFO: + rv = handle_response_fetch_desc(conn, &args); + break; + case DIR_PURPOSE_FETCH_MICRODESC: + rv = handle_response_fetch_microdesc(conn, &args); + break; + case DIR_PURPOSE_FETCH_RENDDESC_V2: + rv = handle_response_fetch_renddesc_v2(conn, &args); + break; + case DIR_PURPOSE_UPLOAD_DIR: + rv = handle_response_upload_dir(conn, &args); + break; + case DIR_PURPOSE_UPLOAD_SIGNATURES: + rv = handle_response_upload_signatures(conn, &args); + break; + case DIR_PURPOSE_UPLOAD_VOTE: + rv = handle_response_upload_vote(conn, &args); + break; + case DIR_PURPOSE_UPLOAD_RENDDESC_V2: + rv = handle_response_upload_renddesc_v2(conn, &args); + break; + default: + tor_assert_nonfatal_unreached(); + rv = -1; + break; + } + tor_free(body); + tor_free(headers); + tor_free(reason); + return rv; +} + +/** + * Handler function: processes a response to a request for a networkstatus + * consensus document by checking the consensus, storing it, and marking + * router requests as reachable. + **/ +static int +handle_response_fetch_consensus(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CONSENSUS); + const int status_code = args->status_code; + const char *body = args->body; + const size_t body_len = args->body_len; + const char *reason = args->reason; + const time_t now = approx_time(); + + const char *consensus; + char *new_consensus = NULL; + const char *sourcename; + + int r; + const char *flavname = conn->requested_resource; + if (status_code != 200) { + int severity = (status_code == 304) ? LOG_INFO : LOG_WARN; + tor_log(severity, LD_DIR, + "Received http status code %d (%s) from server " + "'%s:%d' while fetching consensus directory.", + status_code, escaped(reason), conn->base_.address, + conn->base_.port); + networkstatus_consensus_download_failed(status_code, flavname); + return -1; + } + + if (looks_like_a_consensus_diff(body, body_len)) { + /* First find our previous consensus. Maybe it's in ram, maybe not. */ + cached_dir_t *cd = dirserv_get_consensus(flavname); + const char *consensus_body; + char *owned_consensus = NULL; + if (cd) { + consensus_body = cd->dir; + } else { + owned_consensus = networkstatus_read_cached_consensus(flavname); + consensus_body = owned_consensus; } - log_info(LD_DIR,"Received consensus directory (body size %d) from server " - "'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port); - if ((r=networkstatus_set_current_consensus(body, flavname, 0, - conn->identity_digest))<0) { - log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR, - "Unable to load %s consensus directory downloaded from " - "server '%s:%d'. I'll try again soon.", - flavname, conn->base_.address, conn->base_.port); - tor_free(body); tor_free(headers); tor_free(reason); + if (!consensus_body) { + log_warn(LD_DIR, "Received a consensus diff, but we can't find " + "any %s-flavored consensus in our current cache.",flavname); networkstatus_consensus_download_failed(0, flavname); + // XXXX if this happens too much, see below return -1; } - /* If we launched other fetches for this consensus, cancel them. */ - connection_dir_close_consensus_fetches(conn, flavname); - - /* launches router downloads as needed */ - routers_update_all_from_networkstatus(now, 3); - update_microdescs_from_networkstatus(now); - update_microdesc_downloads(now); - directory_info_has_arrived(now, 0, 0); - if (authdir_mode_v3(get_options())) { - sr_act_post_consensus( - networkstatus_get_latest_consensus_by_flavor(FLAV_NS)); + new_consensus = consensus_diff_apply(consensus_body, body); + tor_free(owned_consensus); + if (new_consensus == NULL) { + log_warn(LD_DIR, "Could not apply consensus diff received from server " + "'%s:%d'", conn->base_.address, conn->base_.port); + // XXXX If this happens too many times, we should maybe not use + // XXXX this directory for diffs any more? + networkstatus_consensus_download_failed(0, flavname); + return -1; } - log_info(LD_DIR, "Successfully loaded consensus."); + log_info(LD_DIR, "Applied consensus diff (size %d) from server " + "'%s:%d', resulting in a new consensus document (size %d).", + (int)body_len, conn->base_.address, conn->base_.port, + (int)strlen(new_consensus)); + consensus = new_consensus; + sourcename = "generated based on a diff"; + } else { + log_info(LD_DIR,"Received consensus directory (body size %d) from server " + "'%s:%d'", (int)body_len, conn->base_.address, conn->base_.port); + consensus = body; + sourcename = "downloaded"; + } + + if ((r=networkstatus_set_current_consensus(consensus, flavname, 0, + conn->identity_digest))<0) { + log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR, + "Unable to load %s consensus directory %s from " + "server '%s:%d'. I'll try again soon.", + flavname, sourcename, conn->base_.address, conn->base_.port); + networkstatus_consensus_download_failed(0, flavname); + tor_free(new_consensus); + return -1; } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) { - if (status_code != 200) { - log_warn(LD_DIR, - "Received http status code %d (%s) from server " - "'%s:%d' while fetching \"/tor/keys/%s\".", - status_code, escaped(reason), conn->base_.address, - conn->base_.port, conn->requested_resource); - connection_dir_download_cert_failed(conn, status_code); - tor_free(body); tor_free(headers); tor_free(reason); - return -1; - } - log_info(LD_DIR,"Received authority certificates (body size %d) from " - "server '%s:%d'", - (int)body_len, conn->base_.address, conn->base_.port); + /* If we launched other fetches for this consensus, cancel them. */ + connection_dir_close_consensus_fetches(conn, flavname); - /* - * Tell trusted_dirs_load_certs_from_string() whether it was by fp - * or fp-sk pair. - */ - src_code = -1; - if (!strcmpstart(conn->requested_resource, "fp/")) { - src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST; - } else if (!strcmpstart(conn->requested_resource, "fp-sk/")) { - src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST; - } + /* launches router downloads as needed */ + routers_update_all_from_networkstatus(now, 3); + update_microdescs_from_networkstatus(now); + update_microdesc_downloads(now); + directory_info_has_arrived(now, 0, 0); + if (authdir_mode_v3(get_options())) { + sr_act_post_consensus( + networkstatus_get_latest_consensus_by_flavor(FLAV_NS)); + } + log_info(LD_DIR, "Successfully loaded consensus."); - if (src_code != -1) { - if (trusted_dirs_load_certs_from_string(body, src_code, 1, - conn->identity_digest)<0) { - log_warn(LD_DIR, "Unable to parse fetched certificates"); - /* if we fetched more than one and only some failed, the successful - * ones got flushed to disk so it's safe to call this on them */ - connection_dir_download_cert_failed(conn, status_code); - } else { - directory_info_has_arrived(now, 0, 0); - log_info(LD_DIR, "Successfully loaded certificates from fetch."); - } - } else { - log_warn(LD_DIR, - "Couldn't figure out what to do with fetched certificates for " - "unknown resource %s", - conn->requested_resource); + tor_free(new_consensus); + return 0; +} + +/** + * Handler function: processes a response to a request for one or more + * authority certificates + **/ +static int +handle_response_fetch_certificate(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_CERTIFICATE); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + + if (status_code != 200) { + log_warn(LD_DIR, + "Received http status code %d (%s) from server " + "'%s:%d' while fetching \"/tor/keys/%s\".", + status_code, escaped(reason), conn->base_.address, + conn->base_.port, conn->requested_resource); + connection_dir_download_cert_failed(conn, status_code); + return -1; + } + log_info(LD_DIR,"Received authority certificates (body size %d) from " + "server '%s:%d'", + (int)body_len, conn->base_.address, conn->base_.port); + + /* + * Tell trusted_dirs_load_certs_from_string() whether it was by fp + * or fp-sk pair. + */ + int src_code = -1; + if (!strcmpstart(conn->requested_resource, "fp/")) { + src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_DIGEST; + } else if (!strcmpstart(conn->requested_resource, "fp-sk/")) { + src_code = TRUSTED_DIRS_CERTS_SRC_DL_BY_ID_SK_DIGEST; + } + + if (src_code != -1) { + if (trusted_dirs_load_certs_from_string(body, src_code, 1, + conn->identity_digest)<0) { + log_warn(LD_DIR, "Unable to parse fetched certificates"); + /* if we fetched more than one and only some failed, the successful + * ones got flushed to disk so it's safe to call this on them */ connection_dir_download_cert_failed(conn, status_code); + } else { + time_t now = approx_time(); + directory_info_has_arrived(now, 0, 0); + log_info(LD_DIR, "Successfully loaded certificates from fetch."); } + } else { + log_warn(LD_DIR, + "Couldn't figure out what to do with fetched certificates for " + "unknown resource %s", + conn->requested_resource); + connection_dir_download_cert_failed(conn, status_code); } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) { - const char *msg; - int st; - log_info(LD_DIR,"Got votes (body size %d) from server %s:%d", - (int)body_len, conn->base_.address, conn->base_.port); - if (status_code != 200) { - log_warn(LD_DIR, + return 0; +} + +/** + * Handler function: processes a response to a request for an authority's + * current networkstatus vote. + **/ +static int +handle_response_fetch_status_vote(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + + const char *msg; + int st; + log_info(LD_DIR,"Got votes (body size %d) from server %s:%d", + (int)body_len, conn->base_.address, conn->base_.port); + if (status_code != 200) { + log_warn(LD_DIR, "Received http status code %d (%s) from server " "'%s:%d' while fetching \"/tor/status-vote/next/%s.z\".", status_code, escaped(reason), conn->base_.address, conn->base_.port, conn->requested_resource); - tor_free(body); tor_free(headers); tor_free(reason); - return -1; - } - dirvote_add_vote(body, &msg, &st); - if (st > 299) { - log_warn(LD_DIR, "Error adding retrieved vote: %s", msg); - } else { - log_info(LD_DIR, "Added vote(s) successfully [msg: %s]", msg); - } + return -1; } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) { - const char *msg = NULL; - log_info(LD_DIR,"Got detached signatures (body size %d) from server %s:%d", - (int)body_len, conn->base_.address, conn->base_.port); - if (status_code != 200) { - log_warn(LD_DIR, + dirvote_add_vote(body, &msg, &st); + if (st > 299) { + log_warn(LD_DIR, "Error adding retrieved vote: %s", msg); + } else { + log_info(LD_DIR, "Added vote(s) successfully [msg: %s]", msg); + } + + return 0; +} + +/** + * Handler function: processes a response to a request for the signatures + * that an authority knows about on a given consensus. + **/ +static int +handle_response_fetch_detached_signatures(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + + const char *msg = NULL; + log_info(LD_DIR,"Got detached signatures (body size %d) from server %s:%d", + (int)body_len, conn->base_.address, conn->base_.port); + if (status_code != 200) { + log_warn(LD_DIR, "Received http status code %d (%s) from server '%s:%d' while fetching " "\"/tor/status-vote/next/consensus-signatures.z\".", - status_code, escaped(reason), conn->base_.address, - conn->base_.port); - tor_free(body); tor_free(headers); tor_free(reason); - return -1; - } - if (dirvote_add_signatures(body, conn->base_.address, &msg)<0) { - log_warn(LD_DIR, "Problem adding detached signatures from %s:%d: %s", - conn->base_.address, conn->base_.port, msg?msg:"???"); - } + status_code, escaped(reason), conn->base_.address, + conn->base_.port); + return -1; + } + if (dirvote_add_signatures(body, conn->base_.address, &msg)<0) { + log_warn(LD_DIR, "Problem adding detached signatures from %s:%d: %s", + conn->base_.address, conn->base_.port, msg?msg:"???"); } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC || - conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) { - int was_ei = conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO; - smartlist_t *which = NULL; - int n_asked_for = 0; - int descriptor_digests = conn->requested_resource && - !strcmpstart(conn->requested_resource,"d/"); - log_info(LD_DIR,"Received %s (body size %d) from server '%s:%d'", - was_ei ? "extra server info" : "server info", - (int)body_len, conn->base_.address, conn->base_.port); - if (conn->requested_resource && - (!strcmpstart(conn->requested_resource,"d/") || - !strcmpstart(conn->requested_resource,"fp/"))) { - which = smartlist_new(); - dir_split_resource_into_fingerprints(conn->requested_resource + - (descriptor_digests ? 2 : 3), - which, NULL, 0); - n_asked_for = smartlist_len(which); - } - if (status_code != 200) { - int dir_okay = status_code == 404 || - (status_code == 400 && !strcmp(reason, "Servers unavailable.")); - /* 404 means that it didn't have them; no big deal. - * Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */ - log_fn(dir_okay ? LOG_INFO : LOG_WARN, LD_DIR, - "Received http status code %d (%s) from server '%s:%d' " - "while fetching \"/tor/server/%s\". I'll try again soon.", - status_code, escaped(reason), conn->base_.address, - conn->base_.port, conn->requested_resource); - if (!which) { - connection_dir_download_routerdesc_failed(conn); - } else { - dir_routerdesc_download_failed(which, status_code, - conn->router_purpose, - was_ei, descriptor_digests); - SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); - smartlist_free(which); - } - tor_free(body); tor_free(headers); tor_free(reason); - return dir_okay ? 0 : -1; - } - /* Learn the routers, assuming we requested by fingerprint or "all" - * or "authority". - * - * We use "authority" to fetch our own descriptor for - * testing, and to fetch bridge descriptors for bootstrapping. Ignore - * the output of "authority" requests unless we are using bridges, - * since otherwise they'll be the response from reachability tests, - * and we don't really want to add that to our routerlist. */ - if (which || (conn->requested_resource && - (!strcmpstart(conn->requested_resource, "all") || - (!strcmpstart(conn->requested_resource, "authority") && - get_options()->UseBridges)))) { - /* as we learn from them, we remove them from 'which' */ - if (was_ei) { - router_load_extrainfo_from_string(body, NULL, SAVED_NOWHERE, which, - descriptor_digests); - } else { - //router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which, - // descriptor_digests, conn->router_purpose); - if (load_downloaded_routers(body, which, descriptor_digests, - conn->router_purpose, - conn->base_.address)) - directory_info_has_arrived(now, 0, 0); - } - } - if (which) { /* mark remaining ones as failed */ - log_info(LD_DIR, "Received %d/%d %s requested from %s:%d", - n_asked_for-smartlist_len(which), n_asked_for, - was_ei ? "extra-info documents" : "router descriptors", - conn->base_.address, (int)conn->base_.port); - if (smartlist_len(which)) { - dir_routerdesc_download_failed(which, status_code, - conn->router_purpose, - was_ei, descriptor_digests); - } - SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); - smartlist_free(which); - } - if (directory_conn_is_self_reachability_test(conn)) - router_dirport_found_reachable(); - } - if (conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC) { - smartlist_t *which = NULL; - log_info(LD_DIR,"Received answer to microdescriptor request (status %d, " - "body size %d) from server '%s:%d'", - status_code, (int)body_len, conn->base_.address, - conn->base_.port); - tor_assert(conn->requested_resource && - !strcmpstart(conn->requested_resource, "d/")); + return 0; +} + +/** + * Handler function: processes a response to a request for a group of server + * descriptors or an extrainfo documents. + **/ +static int +handle_response_fetch_desc(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC || + conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + + int was_ei = conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO; + smartlist_t *which = NULL; + int n_asked_for = 0; + int descriptor_digests = conn->requested_resource && + !strcmpstart(conn->requested_resource,"d/"); + log_info(LD_DIR,"Received %s (body size %d) from server '%s:%d'", + was_ei ? "extra server info" : "server info", + (int)body_len, conn->base_.address, conn->base_.port); + if (conn->requested_resource && + (!strcmpstart(conn->requested_resource,"d/") || + !strcmpstart(conn->requested_resource,"fp/"))) { which = smartlist_new(); - dir_split_resource_into_fingerprints(conn->requested_resource+2, - which, NULL, - DSR_DIGEST256|DSR_BASE64); - if (status_code != 200) { - log_info(LD_DIR, "Received status code %d (%s) from server " - "'%s:%d' while fetching \"/tor/micro/%s\". I'll try again " - "soon.", - status_code, escaped(reason), conn->base_.address, - (int)conn->base_.port, conn->requested_resource); - dir_microdesc_download_failed(which, status_code); + dir_split_resource_into_fingerprints(conn->requested_resource + + (descriptor_digests ? 2 : 3), + which, NULL, 0); + n_asked_for = smartlist_len(which); + } + if (status_code != 200) { + int dir_okay = status_code == 404 || + (status_code == 400 && !strcmp(reason, "Servers unavailable.")); + /* 404 means that it didn't have them; no big deal. + * Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */ + log_fn(dir_okay ? LOG_INFO : LOG_WARN, LD_DIR, + "Received http status code %d (%s) from server '%s:%d' " + "while fetching \"/tor/server/%s\". I'll try again soon.", + status_code, escaped(reason), conn->base_.address, + conn->base_.port, conn->requested_resource); + if (!which) { + connection_dir_download_routerdesc_failed(conn); + } else { + dir_routerdesc_download_failed(which, status_code, + conn->router_purpose, + was_ei, descriptor_digests); SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); smartlist_free(which); - tor_free(body); tor_free(headers); tor_free(reason); - return 0; + } + return dir_okay ? 0 : -1; + } + /* Learn the routers, assuming we requested by fingerprint or "all" + * or "authority". + * + * We use "authority" to fetch our own descriptor for + * testing, and to fetch bridge descriptors for bootstrapping. Ignore + * the output of "authority" requests unless we are using bridges, + * since otherwise they'll be the response from reachability tests, + * and we don't really want to add that to our routerlist. */ + if (which || (conn->requested_resource && + (!strcmpstart(conn->requested_resource, "all") || + (!strcmpstart(conn->requested_resource, "authority") && + get_options()->UseBridges)))) { + /* as we learn from them, we remove them from 'which' */ + if (was_ei) { + router_load_extrainfo_from_string(body, NULL, SAVED_NOWHERE, which, + descriptor_digests); } else { - smartlist_t *mds; - mds = microdescs_add_to_cache(get_microdesc_cache(), - body, body+body_len, SAVED_NOWHERE, 0, - now, which); - if (smartlist_len(which)) { - /* Mark remaining ones as failed. */ - dir_microdesc_download_failed(which, status_code); - } - if (mds && smartlist_len(mds)) { - control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS, - count_loading_descriptors_progress()); - directory_info_has_arrived(now, 0, 1); + //router_load_routers_from_string(body, NULL, SAVED_NOWHERE, which, + // descriptor_digests, conn->router_purpose); + if (load_downloaded_routers(body, which, descriptor_digests, + conn->router_purpose, + conn->base_.address)) { + time_t now = approx_time(); + directory_info_has_arrived(now, 0, 0); } - SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); - smartlist_free(which); - smartlist_free(mds); } } + if (which) { /* mark remaining ones as failed */ + log_info(LD_DIR, "Received %d/%d %s requested from %s:%d", + n_asked_for-smartlist_len(which), n_asked_for, + was_ei ? "extra-info documents" : "router descriptors", + conn->base_.address, (int)conn->base_.port); + if (smartlist_len(which)) { + dir_routerdesc_download_failed(which, status_code, + conn->router_purpose, + was_ei, descriptor_digests); + } + SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); + smartlist_free(which); + } + if (directory_conn_is_self_reachability_test(conn)) + router_dirport_found_reachable(); - if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_DIR) { - switch (status_code) { - case 200: { - dir_server_t *ds = - router_get_trusteddirserver_by_digest(conn->identity_digest); - char *rejected_hdr = http_get_header(headers, - "X-Descriptor-Not-New: "); - if (rejected_hdr) { - if (!strcmp(rejected_hdr, "Yes")) { - log_info(LD_GENERAL, - "Authority '%s' declined our descriptor (not new)", - ds->nickname); - /* XXXX use this information; be sure to upload next one - * sooner. -NM */ - /* XXXX++ On further thought, the task above implies that we're - * basing our regenerate-descriptor time on when we uploaded the - * last descriptor, not on the published time of the last - * descriptor. If those are different, that's a bad thing to - * do. -NM */ - } - tor_free(rejected_hdr); - } - log_info(LD_GENERAL,"eof (status 200) after uploading server " - "descriptor: finished."); - control_event_server_status( - LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d", - conn->base_.address, conn->base_.port); - - ds->has_accepted_serverdesc = 1; - if (directories_have_accepted_server_descriptor()) - control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR"); - } - break; - case 400: - log_warn(LD_GENERAL,"http status 400 (%s) response from " - "dirserver '%s:%d'. Please correct.", - escaped(reason), conn->base_.address, conn->base_.port); - control_event_server_status(LOG_WARN, - "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"", - conn->base_.address, conn->base_.port, escaped(reason)); - break; - default: - log_warn(LD_GENERAL, + return 0; +} + +/** + * Handler function: processes a response to a request for a group of + * microdescriptors + **/ +static int +handle_response_fetch_microdesc(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_MICRODESC); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + + smartlist_t *which = NULL; + log_info(LD_DIR,"Received answer to microdescriptor request (status %d, " + "body size %d) from server '%s:%d'", + status_code, (int)body_len, conn->base_.address, + conn->base_.port); + tor_assert(conn->requested_resource && + !strcmpstart(conn->requested_resource, "d/")); + which = smartlist_new(); + dir_split_resource_into_fingerprints(conn->requested_resource+2, + which, NULL, + DSR_DIGEST256|DSR_BASE64); + if (status_code != 200) { + log_info(LD_DIR, "Received status code %d (%s) from server " + "'%s:%d' while fetching \"/tor/micro/%s\". I'll try again " + "soon.", + status_code, escaped(reason), conn->base_.address, + (int)conn->base_.port, conn->requested_resource); + dir_microdesc_download_failed(which, status_code); + SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); + smartlist_free(which); + return 0; + } else { + smartlist_t *mds; + time_t now = approx_time(); + mds = microdescs_add_to_cache(get_microdesc_cache(), + body, body+body_len, SAVED_NOWHERE, 0, + now, which); + if (smartlist_len(which)) { + /* Mark remaining ones as failed. */ + dir_microdesc_download_failed(which, status_code); + } + if (mds && smartlist_len(mds)) { + control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS, + count_loading_descriptors_progress()); + directory_info_has_arrived(now, 0, 1); + } + SMARTLIST_FOREACH(which, char *, cp, tor_free(cp)); + smartlist_free(which); + smartlist_free(mds); + } + + return 0; +} + +/** + * Handler function: processes a response to a POST request to upload our + * router descriptor. + **/ +static int +handle_response_upload_dir(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_DIR); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *headers = args->headers; + + switch (status_code) { + case 200: { + dir_server_t *ds = + router_get_trusteddirserver_by_digest(conn->identity_digest); + char *rejected_hdr = http_get_header(headers, + "X-Descriptor-Not-New: "); + if (rejected_hdr) { + if (!strcmp(rejected_hdr, "Yes")) { + log_info(LD_GENERAL, + "Authority '%s' declined our descriptor (not new)", + ds->nickname); + /* XXXX use this information; be sure to upload next one + * sooner. -NM */ + /* XXXX++ On further thought, the task above implies that we're + * basing our regenerate-descriptor time on when we uploaded the + * last descriptor, not on the published time of the last + * descriptor. If those are different, that's a bad thing to + * do. -NM */ + } + tor_free(rejected_hdr); + } + log_info(LD_GENERAL,"eof (status 200) after uploading server " + "descriptor: finished."); + control_event_server_status( + LOG_NOTICE, "ACCEPTED_SERVER_DESCRIPTOR DIRAUTH=%s:%d", + conn->base_.address, conn->base_.port); + + ds->has_accepted_serverdesc = 1; + if (directories_have_accepted_server_descriptor()) + control_event_server_status(LOG_NOTICE, "GOOD_SERVER_DESCRIPTOR"); + } + break; + case 400: + log_warn(LD_GENERAL,"http status 400 (%s) response from " + "dirserver '%s:%d'. Please correct.", + escaped(reason), conn->base_.address, conn->base_.port); + control_event_server_status(LOG_WARN, + "BAD_SERVER_DESCRIPTOR DIRAUTH=%s:%d REASON=\"%s\"", + conn->base_.address, conn->base_.port, escaped(reason)); + break; + default: + log_warn(LD_GENERAL, "http status %d (%s) reason unexpected while uploading " "descriptor to server '%s:%d').", status_code, escaped(reason), conn->base_.address, conn->base_.port); - break; - } - /* return 0 in all cases, since we don't want to mark any - * dirservers down just because they don't like us. */ + break; } + /* return 0 in all cases, since we don't want to mark any + * dirservers down just because they don't like us. */ - if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_VOTE) { - switch (status_code) { - case 200: { - log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d", - conn->base_.address, conn->base_.port); - } - break; - case 400: - log_warn(LD_DIR,"http status 400 (%s) response after uploading " - "vote to dirserver '%s:%d'. Please correct.", - escaped(reason), conn->base_.address, conn->base_.port); - break; - default: - log_warn(LD_GENERAL, + return 0; +} + +/** + * Handler function: processes a response to POST request to upload our + * own networkstatus vote. + **/ +static int +handle_response_upload_vote(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_VOTE); + const int status_code = args->status_code; + const char *reason = args->reason; + + switch (status_code) { + case 200: { + log_notice(LD_DIR,"Uploaded a vote to dirserver %s:%d", + conn->base_.address, conn->base_.port); + } + break; + case 400: + log_warn(LD_DIR,"http status 400 (%s) response after uploading " + "vote to dirserver '%s:%d'. Please correct.", + escaped(reason), conn->base_.address, conn->base_.port); + break; + default: + log_warn(LD_GENERAL, "http status %d (%s) reason unexpected while uploading " "vote to server '%s:%d').", status_code, escaped(reason), conn->base_.address, conn->base_.port); - break; - } - /* return 0 in all cases, since we don't want to mark any - * dirservers down just because they don't like us. */ + break; } + /* return 0 in all cases, since we don't want to mark any + * dirservers down just because they don't like us. */ + return 0; +} - if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES) { - switch (status_code) { - case 200: { - log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d", - conn->base_.address, conn->base_.port); - } - break; - case 400: - log_warn(LD_DIR,"http status 400 (%s) response after uploading " - "signatures to dirserver '%s:%d'. Please correct.", - escaped(reason), conn->base_.address, conn->base_.port); - break; - default: - log_warn(LD_GENERAL, +/** + * Handler function: processes a response to POST request to upload our + * view of the signatures on the current consensus. + **/ +static int +handle_response_upload_signatures(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_SIGNATURES); + const int status_code = args->status_code; + const char *reason = args->reason; + + switch (status_code) { + case 200: { + log_notice(LD_DIR,"Uploaded signature(s) to dirserver %s:%d", + conn->base_.address, conn->base_.port); + } + break; + case 400: + log_warn(LD_DIR,"http status 400 (%s) response after uploading " + "signatures to dirserver '%s:%d'. Please correct.", + escaped(reason), conn->base_.address, conn->base_.port); + break; + default: + log_warn(LD_GENERAL, "http status %d (%s) reason unexpected while uploading " "signatures to server '%s:%d').", status_code, escaped(reason), conn->base_.address, conn->base_.port); - break; - } - /* return 0 in all cases, since we don't want to mark any - * dirservers down just because they don't like us. */ - } - - if (conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2) { - #define SEND_HS_DESC_FAILED_EVENT(reason) ( \ - control_event_hs_descriptor_failed(conn->rend_data, \ - conn->identity_digest, \ - reason) ) - #define SEND_HS_DESC_FAILED_CONTENT() ( \ - control_event_hs_descriptor_content(rend_data_get_address(conn->rend_data), \ - conn->requested_resource, \ + break; + } + /* return 0 in all cases, since we don't want to mark any + * dirservers down just because they don't like us. */ + + return 0; +} + +/** + * Handler function: processes a response to a request for a v2 hidden service + * descriptor. + **/ +static int +handle_response_fetch_renddesc_v2(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_FETCH_RENDDESC_V2); + const int status_code = args->status_code; + const char *reason = args->reason; + const char *body = args->body; + const size_t body_len = args->body_len; + +#define SEND_HS_DESC_FAILED_EVENT(reason) \ + (control_event_hs_descriptor_failed(conn->rend_data, \ conn->identity_digest, \ - NULL) ) - tor_assert(conn->rend_data); - log_info(LD_REND,"Received rendezvous descriptor (body size %d, status %d " - "(%s))", - (int)body_len, status_code, escaped(reason)); - switch (status_code) { - case 200: - { - rend_cache_entry_t *entry = NULL; - - if (rend_cache_store_v2_desc_as_client(body, - conn->requested_resource, conn->rend_data, &entry) < 0) { - log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. " - "Retrying at another directory."); - /* We'll retry when connection_about_to_close_connection() - * cleans this dir conn up. */ - SEND_HS_DESC_FAILED_EVENT("BAD_DESC"); - SEND_HS_DESC_FAILED_CONTENT(); - } else { - char service_id[REND_SERVICE_ID_LEN_BASE32 + 1]; - /* Should never be NULL here if we found the descriptor. */ - tor_assert(entry); - rend_get_service_id(entry->parsed->pk, service_id); - - /* success. notify pending connections about this. */ - log_info(LD_REND, "Successfully fetched v2 rendezvous " - "descriptor."); - control_event_hs_descriptor_received(service_id, - conn->rend_data, - conn->identity_digest); - control_event_hs_descriptor_content(service_id, - conn->requested_resource, - conn->identity_digest, - body); - conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2; - rend_client_desc_trynow(service_id); - memwipe(service_id, 0, sizeof(service_id)); - } - break; - } - case 404: - /* Not there. We'll retry when - * connection_about_to_close_connection() cleans this conn up. */ - log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: " - "Retrying at another directory."); - SEND_HS_DESC_FAILED_EVENT("NOT_FOUND"); - SEND_HS_DESC_FAILED_CONTENT(); - break; - case 400: - log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: " - "http status 400 (%s). Dirserver didn't like our " - "v2 rendezvous query? Retrying at another directory.", - escaped(reason)); - SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED"); - SEND_HS_DESC_FAILED_CONTENT(); - break; - default: - log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: " - "http status %d (%s) response unexpected while " - "fetching v2 hidden service descriptor (server '%s:%d'). " - "Retrying at another directory.", - status_code, escaped(reason), conn->base_.address, - conn->base_.port); - SEND_HS_DESC_FAILED_EVENT("UNEXPECTED"); + reason)) +#define SEND_HS_DESC_FAILED_CONTENT() \ + (control_event_hs_descriptor_content( \ + rend_data_get_address(conn->rend_data), \ + conn->requested_resource, \ + conn->identity_digest, \ + NULL)) + + tor_assert(conn->rend_data); + log_info(LD_REND,"Received rendezvous descriptor (body size %d, status %d " + "(%s))", + (int)body_len, status_code, escaped(reason)); + switch (status_code) { + case 200: + { + rend_cache_entry_t *entry = NULL; + + if (rend_cache_store_v2_desc_as_client(body, + conn->requested_resource, + conn->rend_data, &entry) < 0) { + log_warn(LD_REND,"Fetching v2 rendezvous descriptor failed. " + "Retrying at another directory."); + /* We'll retry when connection_about_to_close_connection() + * cleans this dir conn up. */ + SEND_HS_DESC_FAILED_EVENT("BAD_DESC"); SEND_HS_DESC_FAILED_CONTENT(); - break; + } else { + char service_id[REND_SERVICE_ID_LEN_BASE32 + 1]; + /* Should never be NULL here if we found the descriptor. */ + tor_assert(entry); + rend_get_service_id(entry->parsed->pk, service_id); + + /* success. notify pending connections about this. */ + log_info(LD_REND, "Successfully fetched v2 rendezvous " + "descriptor."); + control_event_hs_descriptor_received(service_id, + conn->rend_data, + conn->identity_digest); + control_event_hs_descriptor_content(service_id, + conn->requested_resource, + conn->identity_digest, + body); + conn->base_.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2; + rend_client_desc_trynow(service_id); + memwipe(service_id, 0, sizeof(service_id)); + } + break; } + case 404: + /* Not there. We'll retry when + * connection_about_to_close_connection() cleans this conn up. */ + log_info(LD_REND,"Fetching v2 rendezvous descriptor failed: " + "Retrying at another directory."); + SEND_HS_DESC_FAILED_EVENT("NOT_FOUND"); + SEND_HS_DESC_FAILED_CONTENT(); + break; + case 400: + log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: " + "http status 400 (%s). Dirserver didn't like our " + "v2 rendezvous query? Retrying at another directory.", + escaped(reason)); + SEND_HS_DESC_FAILED_EVENT("QUERY_REJECTED"); + SEND_HS_DESC_FAILED_CONTENT(); + break; + default: + log_warn(LD_REND, "Fetching v2 rendezvous descriptor failed: " + "http status %d (%s) response unexpected while " + "fetching v2 hidden service descriptor (server '%s:%d'). " + "Retrying at another directory.", + status_code, escaped(reason), conn->base_.address, + conn->base_.port); + SEND_HS_DESC_FAILED_EVENT("UNEXPECTED"); + SEND_HS_DESC_FAILED_CONTENT(); + break; } - if (conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) { - #define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) ( \ - control_event_hs_descriptor_upload_failed( \ - conn->identity_digest, \ - rend_data_get_address(conn->rend_data), \ - reason) ) - log_info(LD_REND,"Uploaded rendezvous descriptor (status %d " - "(%s))", - status_code, escaped(reason)); - /* Without the rend data, we'll have a problem identifying what has been - * uploaded for which service. */ - tor_assert(conn->rend_data); - switch (status_code) { - case 200: - log_info(LD_REND, - "Uploading rendezvous descriptor: finished with status " - "200 (%s)", escaped(reason)); - control_event_hs_descriptor_uploaded(conn->identity_digest, - rend_data_get_address(conn->rend_data)); - rend_service_desc_has_uploaded(conn->rend_data); - break; - case 400: - log_warn(LD_REND,"http status 400 (%s) response from dirserver " - "'%s:%d'. Malformed rendezvous descriptor?", - escaped(reason), conn->base_.address, conn->base_.port); - SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED"); - break; - default: - log_warn(LD_REND,"http status %d (%s) response unexpected (server " - "'%s:%d').", - status_code, escaped(reason), conn->base_.address, - conn->base_.port); - SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED"); - break; - } + return 0; +} + +/** + * Handler function: processes a response to a POST request to upload a v2 + * hidden service descriptor. + **/ +static int +handle_response_upload_renddesc_v2(dir_connection_t *conn, + const response_handler_args_t *args) +{ + tor_assert(conn->base_.purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2); + const int status_code = args->status_code; + const char *reason = args->reason; + +#define SEND_HS_DESC_UPLOAD_FAILED_EVENT(reason) \ + (control_event_hs_descriptor_upload_failed( \ + conn->identity_digest, \ + rend_data_get_address(conn->rend_data), \ + reason)) + + log_info(LD_REND,"Uploaded rendezvous descriptor (status %d " + "(%s))", + status_code, escaped(reason)); + /* Without the rend data, we'll have a problem identifying what has been + * uploaded for which service. */ + tor_assert(conn->rend_data); + switch (status_code) { + case 200: + log_info(LD_REND, + "Uploading rendezvous descriptor: finished with status " + "200 (%s)", escaped(reason)); + control_event_hs_descriptor_uploaded(conn->identity_digest, + rend_data_get_address(conn->rend_data)); + rend_service_desc_has_uploaded(conn->rend_data); + break; + case 400: + log_warn(LD_REND,"http status 400 (%s) response from dirserver " + "'%s:%d'. Malformed rendezvous descriptor?", + escaped(reason), conn->base_.address, conn->base_.port); + SEND_HS_DESC_UPLOAD_FAILED_EVENT("UPLOAD_REJECTED"); + break; + default: + log_warn(LD_REND,"http status %d (%s) response unexpected (server " + "'%s:%d').", + status_code, escaped(reason), conn->base_.address, + conn->base_.port); + SEND_HS_DESC_UPLOAD_FAILED_EVENT("UNEXPECTED"); + break; } - tor_free(body); tor_free(headers); tor_free(reason); + return 0; } @@ -2918,16 +3288,51 @@ write_http_response_header_impl(dir_connection_t *conn, ssize_t length, /** As write_http_response_header_impl, but sets encoding and content-typed * based on whether the response will be <b>compressed</b> or not. */ static void -write_http_response_header(dir_connection_t *conn, ssize_t length, - int compressed, long cache_lifetime) +write_http_response_headers(dir_connection_t *conn, ssize_t length, + compress_method_t method, + const char *extra_headers, long cache_lifetime) { + const char *methodname = compression_method_get_name(method); + const char *doctype; + if (method == NO_METHOD) + doctype = "text/plain"; + else + doctype = "application/octet-stream"; write_http_response_header_impl(conn, length, - compressed?"application/octet-stream":"text/plain", - compressed?"deflate":"identity", - NULL, - cache_lifetime); + doctype, + methodname, + extra_headers, + cache_lifetime); +} + +/** As write_http_response_headers, but assumes extra_headers is NULL */ +static void +write_http_response_header(dir_connection_t *conn, ssize_t length, + compress_method_t method, + long cache_lifetime) +{ + write_http_response_headers(conn, length, method, NULL, cache_lifetime); } +/** Array of compression methods to use (if supported) for serving + * precompressed data, ordered from best to worst. */ +static compress_method_t srv_meth_pref_precompressed[] = { + LZMA_METHOD, + ZSTD_METHOD, + ZLIB_METHOD, + GZIP_METHOD, + NO_METHOD +}; + +/** Array of compression methods to use (if supported) for serving + * streamed data, ordered from best to worst. */ +static compress_method_t srv_meth_pref_streaming_compression[] = { + ZSTD_METHOD, + ZLIB_METHOD, + GZIP_METHOD, + NO_METHOD +}; + /** Parse the compression methods listed in an Accept-Encoding header <b>h</b>, * and convert them to a bitfield where compression method x is supported if * and only if 1 << x is set in the bitfield. */ @@ -2953,6 +3358,38 @@ parse_accept_encoding_header(const char *h) return result; } +/** Array of compression methods to use (if supported) for requesting + * compressed data, ordered from best to worst. */ +static compress_method_t client_meth_pref[] = { + LZMA_METHOD, + ZSTD_METHOD, + ZLIB_METHOD, + GZIP_METHOD, + NO_METHOD +}; + +/** Return a newly allocated string containing a comma separated list of + * supported encodings. */ +STATIC char * +accept_encoding_header(void) +{ + smartlist_t *methods = smartlist_new(); + char *header = NULL; + compress_method_t method; + unsigned i; + + for (i = 0; i < ARRAY_LENGTH(client_meth_pref); ++i) { + method = client_meth_pref[i]; + if (tor_compress_supports_method(method)) + smartlist_add(methods, (char *)compression_method_get_name(method)); + } + + header = smartlist_join_strings(methods, ", ", 0, NULL); + smartlist_free(methods); + + return header; +} + /** Decide whether a client would accept the consensus we have. * * Clients can say they only want a consensus if it's signed by more @@ -2968,42 +3405,39 @@ parse_accept_encoding_header(const char *h) * consensus, 0 otherwise. */ int -client_likes_consensus(networkstatus_t *v, const char *want_url) +client_likes_consensus(const struct consensus_cache_entry_t *ent, + const char *want_url) { - smartlist_t *want_authorities = smartlist_new(); + smartlist_t *voters = smartlist_new(); int need_at_least; int have = 0; + if (consensus_cache_entry_get_voter_id_digests(ent, voters) != 0) { + return 1; // We don't know the voters; assume the client won't mind. */ + } + + smartlist_t *want_authorities = smartlist_new(); dir_split_resource_into_fingerprints(want_url, want_authorities, NULL, 0); need_at_least = smartlist_len(want_authorities)/2+1; - SMARTLIST_FOREACH_BEGIN(want_authorities, const char *, d) { - char want_digest[DIGEST_LEN]; - size_t want_len = strlen(d)/2; - if (want_len > DIGEST_LEN) - want_len = DIGEST_LEN; - - if (base16_decode(want_digest, DIGEST_LEN, d, want_len*2) - != (int) want_len) { - log_fn(LOG_PROTOCOL_WARN, LD_DIR, - "Failed to decode requested authority digest %s.", escaped(d)); - continue; - }; - SMARTLIST_FOREACH_BEGIN(v->voters, networkstatus_voter_info_t *, vi) { - if (smartlist_len(vi->sigs) && - tor_memeq(vi->identity_digest, want_digest, want_len)) { + SMARTLIST_FOREACH_BEGIN(want_authorities, const char *, want_digest) { + + SMARTLIST_FOREACH_BEGIN(voters, const char *, digest) { + if (!strcasecmpstart(digest, want_digest)) { have++; break; }; - } SMARTLIST_FOREACH_END(vi); + } SMARTLIST_FOREACH_END(digest); /* early exit, if we already have enough */ if (have >= need_at_least) break; - } SMARTLIST_FOREACH_END(d); + } SMARTLIST_FOREACH_END(want_digest); SMARTLIST_FOREACH(want_authorities, char *, d, tor_free(d)); smartlist_free(want_authorities); + SMARTLIST_FOREACH(voters, char *, cp, tor_free(cp)); + smartlist_free(voters); return (have >= need_at_least); } @@ -3143,13 +3577,14 @@ directory_handle_command_get,(dir_connection_t *conn, const char *headers, url_len -= 2; } - if ((header = http_get_header(headers, "Accept-Encoding"))) { + if ((header = http_get_header(headers, "Accept-Encoding: "))) { compression_methods_supported = parse_accept_encoding_header(header); tor_free(header); } else { compression_methods_supported = (1u << NO_METHOD); - if (zlib_compressed_in_url) - compression_methods_supported |= (1u << ZLIB_METHOD); + } + if (zlib_compressed_in_url) { + compression_methods_supported |= (1u << ZLIB_METHOD); } /* Remove all methods that we don't both support. */ @@ -3209,20 +3644,25 @@ handle_get_frontpage(dir_connection_t *conn, const get_handler_args_t *args) return 0; } -/** Warn that the consensus <b>v</b> of type <b>flavor</b> is too old and will - * not be served to clients. Rate-limit the warning to avoid logging an entry - * on every request. +/** Warn that the cached consensus <b>consensus</b> of type + * <b>flavor</b> is too old and will not be served to clients. Rate-limit the + * warning to avoid logging an entry on every request. */ static void -warn_consensus_is_too_old(networkstatus_t *v, const char *flavor, time_t now) +warn_consensus_is_too_old(const struct consensus_cache_entry_t *consensus, + const char *flavor, time_t now) { #define TOO_OLD_WARNING_INTERVAL (60*60) static ratelim_t warned = RATELIM_INIT(TOO_OLD_WARNING_INTERVAL); char timestamp[ISO_TIME_LEN+1]; + time_t valid_until; char *dupes; + if (consensus_cache_entry_get_valid_until(consensus, &valid_until)) + return; + if ((dupes = rate_limit_log(&warned, now))) { - format_local_iso_time(timestamp, v->valid_until); + format_local_iso_time(timestamp, valid_until); log_warn(LD_DIRSERV, "Our %s%sconsensus is too old, so we will not " "serve it to clients. It was valid until %s local time and we " "continued to serve it for up to 24 hours after it expired.%s", @@ -3231,142 +3671,428 @@ warn_consensus_is_too_old(networkstatus_t *v, const char *flavor, time_t now) } } +/** + * Parse a single hex-encoded sha3-256 digest from <b>hex</b> into + * <b>digest</b>. Return 0 on success. On failure, report that the hash came + * from <b>location</b>, report that we are taking <b>action</b> with it, and + * return -1. + */ +static int +parse_one_diff_hash(uint8_t *digest, const char *hex, const char *location, + const char *action) +{ + if (base16_decode((char*)digest, DIGEST256_LEN, hex, strlen(hex)) == + DIGEST256_LEN) { + return 0; + } else { + log_fn(LOG_PROTOCOL_WARN, LD_DIR, + "%s contained bogus digest %s; %s.", + location, escaped(hex), action); + return -1; + } +} + +/** If there is an X-Or-Diff-From-Consensus header included in <b>headers</b>, + * set <b>digest_out<b> to a new smartlist containing every 256-bit + * hex-encoded digest listed in that header and return 0. Otherwise return + * -1. */ +static int +parse_or_diff_from_header(smartlist_t **digests_out, const char *headers) +{ + char *hdr = http_get_header(headers, X_OR_DIFF_FROM_CONSENSUS_HEADER); + if (hdr == NULL) { + return -1; + } + smartlist_t *hex_digests = smartlist_new(); + *digests_out = smartlist_new(); + smartlist_split_string(hex_digests, hdr, " ", + SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1); + SMARTLIST_FOREACH_BEGIN(hex_digests, const char *, hex) { + uint8_t digest[DIGEST256_LEN]; + if (!parse_one_diff_hash(digest, hex, "X-Or-Diff-From-Consensus header", + "ignoring")) { + smartlist_add(*digests_out, tor_memdup(digest, sizeof(digest))); + } + } SMARTLIST_FOREACH_END(hex); + SMARTLIST_FOREACH(hex_digests, char *, cp, tor_free(cp)); + smartlist_free(hex_digests); + tor_free(hdr); + return 0; +} + +/** Fallback compression method. The fallback compression method is used in + * case a client requests a non-compressed document. We only store compressed + * documents, so we use this compression method to fetch the document and let + * the spooling system do the streaming decompression. + */ +#define FALLBACK_COMPRESS_METHOD ZLIB_METHOD + +/** + * Try to find the best consensus diff possible in order to serve a client + * request for a diff from one of the consensuses in <b>digests</b> to the + * current consensus of flavor <b>flav</b>. The client supports the + * compression methods listed in the <b>compression_methods</b> bitfield: + * place the method chosen (if any) into <b>compression_used_out</b>. + */ +static struct consensus_cache_entry_t * +find_best_diff(const smartlist_t *digests, int flav, + unsigned compression_methods, + compress_method_t *compression_used_out) +{ + struct consensus_cache_entry_t *result = NULL; + + SMARTLIST_FOREACH_BEGIN(digests, const uint8_t *, diff_from) { + unsigned u; + for (u = 0; u < ARRAY_LENGTH(srv_meth_pref_precompressed); ++u) { + compress_method_t method = srv_meth_pref_precompressed[u]; + if (0 == (compression_methods & (1u<<method))) + continue; // client doesn't like this one, or we don't have it. + if (consdiffmgr_find_diff_from(&result, flav, DIGEST_SHA3_256, + diff_from, DIGEST256_LEN, + method) == CONSDIFF_AVAILABLE) { + tor_assert_nonfatal(result); + *compression_used_out = method; + return result; + } + } + } SMARTLIST_FOREACH_END(diff_from); + + SMARTLIST_FOREACH_BEGIN(digests, const uint8_t *, diff_from) { + if (consdiffmgr_find_diff_from(&result, flav, DIGEST_SHA3_256, diff_from, + DIGEST256_LEN, FALLBACK_COMPRESS_METHOD) == CONSDIFF_AVAILABLE) { + tor_assert_nonfatal(result); + *compression_used_out = FALLBACK_COMPRESS_METHOD; + return result; + } + } SMARTLIST_FOREACH_END(diff_from); + + return NULL; +} + +/** Lookup the cached consensus document by the flavor found in <b>flav</b>. + * The prefered set of compression methods should be listed in the + * <b>compression_methods</b> bitfield. The compression method chosen (if any) + * is stored in <b>compression_used_out</b>. */ +static struct consensus_cache_entry_t * +find_best_consensus(int flav, + unsigned compression_methods, + compress_method_t *compression_used_out) +{ + struct consensus_cache_entry_t *result = NULL; + unsigned u; + + for (u = 0; u < ARRAY_LENGTH(srv_meth_pref_precompressed); ++u) { + compress_method_t method = srv_meth_pref_precompressed[u]; + + if (0 == (compression_methods & (1u<<method))) + continue; + + if (consdiffmgr_find_consensus(&result, flav, + method) == CONSDIFF_AVAILABLE) { + tor_assert_nonfatal(result); + *compression_used_out = method; + return result; + } + } + + if (consdiffmgr_find_consensus(&result, flav, + FALLBACK_COMPRESS_METHOD) == CONSDIFF_AVAILABLE) { + tor_assert_nonfatal(result); + *compression_used_out = FALLBACK_COMPRESS_METHOD; + return result; + } + + return NULL; +} + +/** Try to find the best supported compression method possible from a given + * <b>compression_methods</b>. Return NO_METHOD if no mutually supported + * compression method could be found. */ +static compress_method_t +find_best_compression_method(unsigned compression_methods, int stream) +{ + unsigned u; + compress_method_t *methods; + size_t length; + + if (stream) { + methods = srv_meth_pref_streaming_compression; + length = ARRAY_LENGTH(srv_meth_pref_streaming_compression); + } else { + methods = srv_meth_pref_precompressed; + length = ARRAY_LENGTH(srv_meth_pref_precompressed); + } + + for (u = 0; u < length; ++u) { + compress_method_t method = methods[u]; + if (compression_methods & (1u<<method)) + return method; + } + + return NO_METHOD; +} + +/** Encodes the results of parsing a consensus request to figure out what + * consensus, and possibly what diffs, the user asked for. */ +typedef struct { + /** name of the flavor to retrieve. */ + char *flavor; + /** flavor to retrive, as enum. */ + consensus_flavor_t flav; + /** plus-separated list of authority fingerprints; see + * client_likes_consensus(). Aliases the URL in the request passed to + * parse_consensus_request(). */ + const char *want_fps; + /** Optionally, a smartlist of sha3 digests-as-signed of the consensuses + * to return a diff from. */ + smartlist_t *diff_from_digests; + /** If true, never send a full consensus. If there is no diff, send + * a 404 instead. */ + int diff_only; +} parsed_consensus_request_t; + +/** Remove all data held in <b>req</b>. Do not free <b>req</b> itself, since + * it is stack-allocated. */ +static void +parsed_consensus_request_clear(parsed_consensus_request_t *req) +{ + if (!req) + return; + tor_free(req->flavor); + if (req->diff_from_digests) { + SMARTLIST_FOREACH(req->diff_from_digests, uint8_t *, d, tor_free(d)); + smartlist_free(req->diff_from_digests); + } + memset(req, 0, sizeof(parsed_consensus_request_t)); +} + +/** + * Parse the URL and relevant headers of <b>args</b> for a current-consensus + * request to learn what flavor of consensus we want, what keys it must be + * signed with, and what diffs we would accept (or demand) instead. Return 0 + * on success and -1 on failure. + */ +static int +parse_consensus_request(parsed_consensus_request_t *out, + const get_handler_args_t *args) +{ + const char *url = args->url; + memset(out, 0, sizeof(parsed_consensus_request_t)); + out->flav = FLAV_NS; + + const char CONSENSUS_URL_PREFIX[] = "/tor/status-vote/current/consensus/"; + const char CONSENSUS_FLAVORED_PREFIX[] = + "/tor/status-vote/current/consensus-"; + + /* figure out the flavor if any, and who we wanted to sign the thing */ + const char *after_flavor = NULL; + + if (!strcmpstart(url, CONSENSUS_FLAVORED_PREFIX)) { + const char *f, *cp; + f = url + strlen(CONSENSUS_FLAVORED_PREFIX); + cp = strchr(f, '/'); + if (cp) { + after_flavor = cp+1; + out->flavor = tor_strndup(f, cp-f); + } else { + out->flavor = tor_strdup(f); + } + int flav = networkstatus_parse_flavor_name(out->flavor); + if (flav < 0) + flav = FLAV_NS; + out->flav = flav; + } else { + if (!strcmpstart(url, CONSENSUS_URL_PREFIX)) + after_flavor = url+strlen(CONSENSUS_URL_PREFIX); + } + + /* see whether we've been asked explicitly for a diff from an older + * consensus. (The user might also have said that a diff would be okay, + * via X-Or-Diff-From-Consensus */ + const char DIFF_COMPONENT[] = "diff/"; + char *diff_hash_in_url = NULL; + if (after_flavor && !strcmpstart(after_flavor, DIFF_COMPONENT)) { + after_flavor += strlen(DIFF_COMPONENT); + const char *cp = strchr(after_flavor, '/'); + if (cp) { + diff_hash_in_url = tor_strndup(after_flavor, cp-after_flavor); + out->want_fps = cp+1; + } else { + diff_hash_in_url = tor_strdup(after_flavor); + out->want_fps = NULL; + } + } else { + out->want_fps = after_flavor; + } + + if (diff_hash_in_url) { + uint8_t diff_from[DIGEST256_LEN]; + out->diff_from_digests = smartlist_new(); + out->diff_only = 1; + int ok = !parse_one_diff_hash(diff_from, diff_hash_in_url, "URL", + "rejecting"); + tor_free(diff_hash_in_url); + if (ok) { + smartlist_add(out->diff_from_digests, + tor_memdup(diff_from, DIGEST256_LEN)); + } else { + return -1; + } + } else { + parse_or_diff_from_header(&out->diff_from_digests, args->headers); + } + + return 0; +} + /** Helper function for GET /tor/status-vote/current/consensus */ static int handle_get_current_consensus(dir_connection_t *conn, const get_handler_args_t *args) { - const char *url = args->url; - const int compressed = args->compression_supported & (1u << ZLIB_METHOD); + const compress_method_t compress_method = + find_best_compression_method(args->compression_supported, 0); const time_t if_modified_since = args->if_modified_since; int clear_spool = 0; - { - /* v3 network status fetch. */ - long lifetime = NETWORKSTATUS_CACHE_LIFETIME; + /* v3 network status fetch. */ + long lifetime = NETWORKSTATUS_CACHE_LIFETIME; - networkstatus_t *v; - time_t now = time(NULL); - const char *want_fps = NULL; - char *flavor = NULL; - int flav = FLAV_NS; -#define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/" -#define CONSENSUS_FLAVORED_PREFIX "/tor/status-vote/current/consensus-" - /* figure out the flavor if any, and who we wanted to sign the thing */ - if (!strcmpstart(url, CONSENSUS_FLAVORED_PREFIX)) { - const char *f, *cp; - f = url + strlen(CONSENSUS_FLAVORED_PREFIX); - cp = strchr(f, '/'); - if (cp) { - want_fps = cp+1; - flavor = tor_strndup(f, cp-f); - } else { - flavor = tor_strdup(f); - } - flav = networkstatus_parse_flavor_name(flavor); - if (flav < 0) - flav = FLAV_NS; - } else { - if (!strcmpstart(url, CONSENSUS_URL_PREFIX)) - want_fps = url+strlen(CONSENSUS_URL_PREFIX); - } + time_t now = time(NULL); + parsed_consensus_request_t req; - v = networkstatus_get_latest_consensus_by_flavor(flav); + if (parse_consensus_request(&req, args) < 0) { + write_http_status_line(conn, 404, "Couldn't parse request"); + goto done; + } - if (v && !networkstatus_consensus_reasonably_live(v, now)) { - write_http_status_line(conn, 404, "Consensus is too old"); - warn_consensus_is_too_old(v, flavor, now); - geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND); - tor_free(flavor); - goto done; - } + struct consensus_cache_entry_t *cached_consensus = NULL; - if (v && want_fps && - !client_likes_consensus(v, want_fps)) { - write_http_status_line(conn, 404, "Consensus not signed by sufficient " - "number of requested authorities"); - geoip_note_ns_response(GEOIP_REJECT_NOT_ENOUGH_SIGS); - tor_free(flavor); - goto done; - } + compress_method_t compression_used = NO_METHOD; + if (req.diff_from_digests) { + cached_consensus = find_best_diff(req.diff_from_digests, req.flav, + args->compression_supported, + &compression_used); + } - conn->spool = smartlist_new(); - clear_spool = 1; - { - spooled_resource_t *spooled; - if (flavor) - spooled = spooled_resource_new(DIR_SPOOL_NETWORKSTATUS, - (uint8_t*)flavor, strlen(flavor)); - else - spooled = spooled_resource_new(DIR_SPOOL_NETWORKSTATUS, - NULL, 0); - tor_free(flavor); - smartlist_add(conn->spool, spooled); - } - lifetime = (v && v->fresh_until > now) ? v->fresh_until - now : 0; + if (req.diff_only && !cached_consensus) { + write_http_status_line(conn, 404, "No such diff available"); + // XXXX warn_consensus_is_too_old(v, req.flavor, now); + geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND); + goto done; + } - if (!smartlist_len(conn->spool)) { /* we failed to create/cache cp */ - write_http_status_line(conn, 503, "Network status object unavailable"); - geoip_note_ns_response(GEOIP_REJECT_UNAVAILABLE); - goto done; - } + if (! cached_consensus) { + cached_consensus = find_best_consensus(req.flav, + args->compression_supported, + &compression_used); + } - size_t size_guess = 0; - int n_expired = 0; - dirserv_spool_remove_missing_and_guess_size(conn, if_modified_since, - compressed, - &size_guess, - &n_expired); + time_t fresh_until, valid_until; + int have_fresh_until = 0, have_valid_until = 0; + if (cached_consensus) { + have_fresh_until = + !consensus_cache_entry_get_fresh_until(cached_consensus, &fresh_until); + have_valid_until = + !consensus_cache_entry_get_valid_until(cached_consensus, &valid_until); + } - if (!smartlist_len(conn->spool) && !n_expired) { - write_http_status_line(conn, 404, "Not found"); - geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND); - goto done; - } else if (!smartlist_len(conn->spool)) { - write_http_status_line(conn, 304, "Not modified"); - geoip_note_ns_response(GEOIP_REJECT_NOT_MODIFIED); - goto done; - } + if (cached_consensus && have_valid_until && + !networkstatus_valid_until_is_reasonably_live(valid_until, now)) { + write_http_status_line(conn, 404, "Consensus is too old"); + warn_consensus_is_too_old(cached_consensus, req.flavor, now); + geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND); + goto done; + } - if (global_write_bucket_low(TO_CONN(conn), size_guess, 2)) { - log_debug(LD_DIRSERV, - "Client asked for network status lists, but we've been " - "writing too many bytes lately. Sending 503 Dir busy."); - write_http_status_line(conn, 503, "Directory busy, try again later"); - geoip_note_ns_response(GEOIP_REJECT_BUSY); - goto done; - } + if (cached_consensus && req.want_fps && + !client_likes_consensus(cached_consensus, req.want_fps)) { + write_http_status_line(conn, 404, "Consensus not signed by sufficient " + "number of requested authorities"); + geoip_note_ns_response(GEOIP_REJECT_NOT_ENOUGH_SIGS); + goto done; + } - tor_addr_t addr; - if (tor_addr_parse(&addr, (TO_CONN(conn))->address) >= 0) { - geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, - &addr, NULL, - time(NULL)); - geoip_note_ns_response(GEOIP_SUCCESS); - /* Note that a request for a network status has started, so that we - * can measure the download time later on. */ - if (conn->dirreq_id) - geoip_start_dirreq(conn->dirreq_id, size_guess, DIRREQ_TUNNELED); - else - geoip_start_dirreq(TO_CONN(conn)->global_identifier, size_guess, - DIRREQ_DIRECT); + conn->spool = smartlist_new(); + clear_spool = 1; + { + spooled_resource_t *spooled; + if (cached_consensus) { + spooled = spooled_resource_new_from_cache_entry(cached_consensus); + smartlist_add(conn->spool, spooled); } + } - clear_spool = 0; - write_http_response_header(conn, -1, compressed, - smartlist_len(conn->spool) == 1 ? lifetime : 0); - if (! compressed) - conn->compress_state = tor_compress_new(0, ZLIB_METHOD, - HIGH_COMPRESSION); + lifetime = (have_fresh_until && fresh_until > now) ? fresh_until - now : 0; - /* Prime the connection with some data. */ - const int initial_flush_result = connection_dirserv_flushed_some(conn); - tor_assert_nonfatal(initial_flush_result == 0); + size_t size_guess = 0; + int n_expired = 0; + dirserv_spool_remove_missing_and_guess_size(conn, if_modified_since, + compress_method != NO_METHOD, + &size_guess, + &n_expired); + + if (!smartlist_len(conn->spool) && !n_expired) { + write_http_status_line(conn, 404, "Not found"); + geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND); + goto done; + } else if (!smartlist_len(conn->spool)) { + write_http_status_line(conn, 304, "Not modified"); + geoip_note_ns_response(GEOIP_REJECT_NOT_MODIFIED); goto done; } + if (global_write_bucket_low(TO_CONN(conn), size_guess, 2)) { + log_debug(LD_DIRSERV, + "Client asked for network status lists, but we've been " + "writing too many bytes lately. Sending 503 Dir busy."); + write_http_status_line(conn, 503, "Directory busy, try again later"); + geoip_note_ns_response(GEOIP_REJECT_BUSY); + goto done; + } + + tor_addr_t addr; + if (tor_addr_parse(&addr, (TO_CONN(conn))->address) >= 0) { + geoip_note_client_seen(GEOIP_CLIENT_NETWORKSTATUS, + &addr, NULL, + time(NULL)); + geoip_note_ns_response(GEOIP_SUCCESS); + /* Note that a request for a network status has started, so that we + * can measure the download time later on. */ + if (conn->dirreq_id) + geoip_start_dirreq(conn->dirreq_id, size_guess, DIRREQ_TUNNELED); + else + geoip_start_dirreq(TO_CONN(conn)->global_identifier, size_guess, + DIRREQ_DIRECT); + } + + /* Use this header to tell caches that the response depends on the + * X-Or-Diff-From-Consensus header (or lack thereof). */ + const char vary_header[] = "Vary: X-Or-Diff-From-Consensus\r\n"; + + clear_spool = 0; + + // The compress_method might have been NO_METHOD, but we store the data + // compressed. Decompress them using `compression_used`. See fallback code in + // find_best_consensus() and find_best_diff(). + write_http_response_headers(conn, -1, + compress_method == NO_METHOD ? + NO_METHOD : compression_used, + vary_header, + smartlist_len(conn->spool) == 1 ? lifetime : 0); + + if (compress_method == NO_METHOD && smartlist_len(conn->spool)) + conn->compress_state = tor_compress_new(0, compression_used, + HIGH_COMPRESSION); + + /* Prime the connection with some data. */ + const int initial_flush_result = connection_dirserv_flushed_some(conn); + tor_assert_nonfatal(initial_flush_result == 0); + goto done; + done: + parsed_consensus_request_clear(&req); if (clear_spool) { dir_conn_clear_spool(conn); } @@ -3379,7 +4105,8 @@ static int handle_get_status_vote(dir_connection_t *conn, const get_handler_args_t *args) { const char *url = args->url; - const int compressed = args->compression_supported & (1u << ZLIB_METHOD); + const compress_method_t compress_method = + find_best_compression_method(args->compression_supported, 1); { int current; ssize_t body_len = 0; @@ -3436,11 +4163,12 @@ handle_get_status_vote(dir_connection_t *conn, const get_handler_args_t *args) goto vote_done; } SMARTLIST_FOREACH(dir_items, cached_dir_t *, d, - body_len += compressed ? d->dir_z_len : d->dir_len); + body_len += compress_method != NO_METHOD ? + d->dir_compressed_len : d->dir_len); estimated_len += body_len; SMARTLIST_FOREACH(items, const char *, item, { size_t ln = strlen(item); - if (compressed) { + if (compress_method != NO_METHOD) { estimated_len += ln/2; } else { body_len += ln; estimated_len += ln; @@ -3451,12 +4179,13 @@ handle_get_status_vote(dir_connection_t *conn, const get_handler_args_t *args) write_http_status_line(conn, 503, "Directory busy, try again later"); goto vote_done; } - write_http_response_header(conn, body_len ? body_len : -1, compressed, + write_http_response_header(conn, body_len ? body_len : -1, + compress_method, lifetime); if (smartlist_len(items)) { - if (compressed) { - conn->compress_state = tor_compress_new(1, ZLIB_METHOD, + if (compress_method != NO_METHOD) { + conn->compress_state = tor_compress_new(1, compress_method, choose_compression_level(estimated_len)); SMARTLIST_FOREACH(items, const char *, c, connection_write_to_buf_compress(c, strlen(c), conn, 0)); @@ -3467,8 +4196,10 @@ handle_get_status_vote(dir_connection_t *conn, const get_handler_args_t *args) } } else { SMARTLIST_FOREACH(dir_items, cached_dir_t *, d, - connection_write_to_buf(compressed ? d->dir_z : d->dir, - compressed ? d->dir_z_len : d->dir_len, + connection_write_to_buf(compress_method != NO_METHOD ? + d->dir_compressed : d->dir, + compress_method != NO_METHOD ? + d->dir_compressed_len : d->dir_len, TO_CONN(conn))); } vote_done: @@ -3486,7 +4217,8 @@ static int handle_get_microdesc(dir_connection_t *conn, const get_handler_args_t *args) { const char *url = args->url; - const int compressed = args->compression_supported & (1u << ZLIB_METHOD); + const compress_method_t compress_method = + find_best_compression_method(args->compression_supported, 1); int clear_spool = 1; { conn->spool = smartlist_new(); @@ -3497,7 +4229,8 @@ handle_get_microdesc(dir_connection_t *conn, const get_handler_args_t *args) DSR_DIGEST256|DSR_BASE64|DSR_SORT_UNIQ); size_t size_guess = 0; - dirserv_spool_remove_missing_and_guess_size(conn, 0, compressed, + dirserv_spool_remove_missing_and_guess_size(conn, 0, + compress_method != NO_METHOD, &size_guess, NULL); if (smartlist_len(conn->spool) == 0) { write_http_status_line(conn, 404, "Not found"); @@ -3512,10 +4245,12 @@ handle_get_microdesc(dir_connection_t *conn, const get_handler_args_t *args) } clear_spool = 0; - write_http_response_header(conn, -1, compressed, MICRODESC_CACHE_LIFETIME); + write_http_response_header(conn, -1, + compress_method, + MICRODESC_CACHE_LIFETIME); - if (compressed) - conn->compress_state = tor_compress_new(1, ZLIB_METHOD, + if (compress_method != NO_METHOD) + conn->compress_state = tor_compress_new(1, compress_method, choose_compression_level(size_guess)); const int initial_flush_result = connection_dirserv_flushed_some(conn); @@ -3536,7 +4271,8 @@ static int handle_get_descriptor(dir_connection_t *conn, const get_handler_args_t *args) { const char *url = args->url; - const int compressed = args->compression_supported & (1u << ZLIB_METHOD); + const compress_method_t compress_method = + find_best_compression_method(args->compression_supported, 1); const or_options_t *options = get_options(); int clear_spool = 1; if (!strcmpstart(url,"/tor/server/") || @@ -3575,8 +4311,8 @@ handle_get_descriptor(dir_connection_t *conn, const get_handler_args_t *args) size_t size_guess = 0; int n_expired = 0; dirserv_spool_remove_missing_and_guess_size(conn, publish_cutoff, - compressed, &size_guess, - &n_expired); + compress_method != NO_METHOD, + &size_guess, &n_expired); /* If we are the bridge authority and the descriptor is a bridge * descriptor, remember that we served this descriptor for desc stats. */ @@ -3606,9 +4342,9 @@ handle_get_descriptor(dir_connection_t *conn, const get_handler_args_t *args) dir_conn_clear_spool(conn); goto done; } - write_http_response_header(conn, -1, compressed, cache_lifetime); - if (compressed) - conn->compress_state = tor_compress_new(1, ZLIB_METHOD, + write_http_response_header(conn, -1, compress_method, cache_lifetime); + if (compress_method != NO_METHOD) + conn->compress_state = tor_compress_new(1, compress_method, choose_compression_level(size_guess)); clear_spool = 0; /* Prime the connection with some data. */ @@ -3629,7 +4365,8 @@ static int handle_get_keys(dir_connection_t *conn, const get_handler_args_t *args) { const char *url = args->url; - const int compressed = args->compression_supported & (1u << ZLIB_METHOD); + const compress_method_t compress_method = + find_best_compression_method(args->compression_supported, 1); const time_t if_modified_since = args->if_modified_since; { smartlist_t *certs = smartlist_new(); @@ -3692,14 +4429,19 @@ handle_get_keys(dir_connection_t *conn, const get_handler_args_t *args) SMARTLIST_FOREACH(certs, authority_cert_t *, c, len += c->cache_info.signed_descriptor_len); - if (global_write_bucket_low(TO_CONN(conn), compressed?len/2:len, 2)) { + if (global_write_bucket_low(TO_CONN(conn), + compress_method != NO_METHOD ? len/2 : len, + 2)) { write_http_status_line(conn, 503, "Directory busy, try again later"); goto keys_done; } - write_http_response_header(conn, compressed?-1:len, compressed, 60*60); - if (compressed) { - conn->compress_state = tor_compress_new(1, ZLIB_METHOD, + write_http_response_header(conn, + compress_method != NO_METHOD ? -1 : len, + compress_method, + 60*60); + if (compress_method != NO_METHOD) { + conn->compress_state = tor_compress_new(1, compress_method, choose_compression_level(len)); SMARTLIST_FOREACH(certs, authority_cert_t *, c, connection_write_to_buf_compress( @@ -3737,7 +4479,7 @@ handle_get_hs_descriptor_v2(dir_connection_t *conn, safe_str(escaped(query))); switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) { case 1: /* valid */ - write_http_response_header(conn, strlen(descp), 0, 0); + write_http_response_header(conn, strlen(descp), NO_METHOD, 0); connection_write_to_buf(descp, strlen(descp), TO_CONN(conn)); break; case 0: /* well-formed but not present */ @@ -3789,7 +4531,7 @@ handle_get_hs_descriptor_v3(dir_connection_t *conn, } /* Found requested descriptor! Pass it to this nice client. */ - write_http_response_header(conn, strlen(desc_str), 0, 0); + write_http_response_header(conn, strlen(desc_str), NO_METHOD, 0); connection_write_to_buf(desc_str, strlen(desc_str), TO_CONN(conn)); done: @@ -3828,7 +4570,7 @@ handle_get_networkstatus_bridges(dir_connection_t *conn, /* all happy now. send an answer. */ status = networkstatus_getinfo_by_purpose("bridge", time(NULL)); size_t dlen = strlen(status); - write_http_response_header(conn, dlen, 0, 0); + write_http_response_header(conn, dlen, NO_METHOD, 0); connection_write_to_buf(status, dlen, TO_CONN(conn)); tor_free(status); goto done; @@ -3845,7 +4587,7 @@ handle_get_robots(dir_connection_t *conn, const get_handler_args_t *args) { const char robots[] = "User-agent: *\r\nDisallow: /\r\n"; size_t len = strlen(robots); - write_http_response_header(conn, len, 0, ROBOTS_CACHE_LIFETIME); + write_http_response_header(conn, len, NO_METHOD, ROBOTS_CACHE_LIFETIME); connection_write_to_buf(robots, len, TO_CONN(conn)); } return 0; @@ -4011,14 +4753,7 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers, conn->base_.address, &msg); tor_assert(msg); - if (r == ROUTER_ADDED_NOTIFY_GENERATOR) { - /* Accepted with a message. */ - log_info(LD_DIRSERV, - "Problematic router descriptor or extra-info from %s " - "(\"%s\").", - conn->base_.address, msg); - write_http_status_line(conn, 400, msg); - } else if (r == ROUTER_ADDED_SUCCESSFULLY) { + if (r == ROUTER_ADDED_SUCCESSFULLY) { write_http_status_line(conn, 200, msg); } else if (WRA_WAS_OUTDATED(r)) { write_http_response_header_impl(conn, -1, NULL, NULL, diff --git a/src/or/directory.h b/src/or/directory.h index 8473d39e85..a015c7045d 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -72,7 +72,9 @@ void directory_request_set_rend_query(directory_request_t *req, void directory_request_set_routerstatus(directory_request_t *req, const routerstatus_t *rs); - +void directory_request_add_header(directory_request_t *req, + const char *key, + const char *val); MOCK_DECL(void, directory_initiate_request, (directory_request_t *request)); int parse_http_response(const char *headers, int *code, time_t *date, @@ -158,6 +160,7 @@ struct get_handler_args_t; STATIC int handle_get_hs_descriptor_v3(dir_connection_t *conn, const struct get_handler_args_t *args); STATIC int directory_handle_command(dir_connection_t *conn); +STATIC char *accept_encoding_header(void); #endif diff --git a/src/or/dirserv.c b/src/or/dirserv.c index e76fd932ca..2b10a09ead 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -13,6 +13,7 @@ #include "command.h" #include "connection.h" #include "connection_or.h" +#include "conscache.h" #include "control.h" #include "directory.h" #include "dirserv.h" @@ -283,6 +284,13 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg, return FP_REJECT; } + /* Check for the more usual versions to reject a router first. */ + const uint32_t r = dirserv_get_status_impl(d, router->nickname, + router->addr, router->or_port, + router->platform, msg, severity); + if (r) + return r; + /* dirserv_get_status_impl already rejects versions older than 0.2.4.18-rc, * and onion_curve25519_pkey was introduced in 0.2.4.8-alpha. * But just in case a relay doesn't provide or lies about its version, or @@ -333,9 +341,7 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg, } } - return dirserv_get_status_impl(d, router->nickname, - router->addr, router->or_port, - router->platform, msg, severity); + return 0; } /** Return true if there is no point in downloading the router described by @@ -570,6 +576,8 @@ dirserv_add_multiple_descriptors(const char *desc, uint8_t purpose, !general ? router_purpose_to_string(purpose) : "", !general ? "\n" : "")<0) { *msg = "Couldn't format annotations"; + /* XXX Not cool: we return -1 below, but (was_router_added_t)-1 is + * ROUTER_BAD_EI, which isn't what's gone wrong here. :( */ return -1; } @@ -1176,8 +1184,8 @@ new_cached_dir(char *s, time_t published) d->dir = s; d->dir_len = strlen(s); d->published = published; - if (tor_compress(&(d->dir_z), &(d->dir_z_len), d->dir, d->dir_len, - ZLIB_METHOD)) { + if (tor_compress(&(d->dir_compressed), &(d->dir_compressed_len), + d->dir, d->dir_len, ZLIB_METHOD)) { log_warn(LD_BUG, "Error compressing directory"); } return d; @@ -1188,7 +1196,7 @@ static void clear_cached_dir(cached_dir_t *d) { tor_free(d->dir); - tor_free(d->dir_z); + tor_free(d->dir_compressed); memset(d, 0, sizeof(cached_dir_t)); } @@ -1211,6 +1219,7 @@ void dirserv_set_cached_consensus_networkstatus(const char *networkstatus, const char *flavor_name, const common_digests_t *digests, + const uint8_t *sha3_as_signed, time_t published) { cached_dir_t *new_networkstatus; @@ -1220,6 +1229,8 @@ dirserv_set_cached_consensus_networkstatus(const char *networkstatus, new_networkstatus = new_cached_dir(tor_strdup(networkstatus), published); memcpy(&new_networkstatus->digests, digests, sizeof(common_digests_t)); + memcpy(&new_networkstatus->digest_sha3_as_signed, sha3_as_signed, + DIGEST256_LEN); old_networkstatus = strmap_set(cached_consensuses, flavor_name, new_networkstatus); if (old_networkstatus) @@ -3392,6 +3403,9 @@ spooled_resource_new(dir_spool_source_t source, default: spooled->spool_eagerly = 1; break; + case DIR_SPOOL_CONSENSUS_CACHE_ENTRY: + tor_assert_unreached(); + break; } tor_assert(digestlen <= sizeof(spooled->digest)); if (digest) @@ -3399,6 +3413,33 @@ spooled_resource_new(dir_spool_source_t source, return spooled; } +/** + * Create a new spooled_resource_t to spool the contents of <b>entry</b> to + * the user. Return the spooled object on success, or NULL on failure (which + * is probably caused by a failure to map the body of the item from disk). + * + * Adds a reference to entry's reference counter. + */ +spooled_resource_t * +spooled_resource_new_from_cache_entry(consensus_cache_entry_t *entry) +{ + spooled_resource_t *spooled = tor_malloc_zero(sizeof(spooled_resource_t)); + spooled->spool_source = DIR_SPOOL_CONSENSUS_CACHE_ENTRY; + spooled->spool_eagerly = 0; + consensus_cache_entry_incref(entry); + spooled->consensus_cache_entry = entry; + + int r = consensus_cache_entry_get_body(entry, + &spooled->cce_body, + &spooled->cce_len); + if (r == 0) { + return spooled; + } else { + spooled_resource_free(spooled); + return NULL; + } +} + /** Release all storage held by <b>spooled</b>. */ void spooled_resource_free(spooled_resource_t *spooled) @@ -3410,6 +3451,10 @@ spooled_resource_free(spooled_resource_t *spooled) cached_dir_decref(spooled->cached_dir_ref); } + if (spooled->consensus_cache_entry) { + consensus_cache_entry_decref(spooled->consensus_cache_entry); + } + tor_free(spooled); } @@ -3456,6 +3501,9 @@ spooled_resource_estimate_size(const spooled_resource_t *spooled, return bodylen; } else { cached_dir_t *cached; + if (spooled->consensus_cache_entry) { + return spooled->cce_len; + } if (spooled->cached_dir_ref) { cached = spooled->cached_dir_ref; } else { @@ -3465,7 +3513,7 @@ spooled_resource_estimate_size(const spooled_resource_t *spooled, if (cached == NULL) { return 0; } - size_t result = compressed ? cached->dir_z_len : cached->dir_len; + size_t result = compressed ? cached->dir_compressed_len : cached->dir_len; return result; } } @@ -3505,7 +3553,8 @@ spooled_resource_flush_some(spooled_resource_t *spooled, return SRFS_DONE; } else { cached_dir_t *cached = spooled->cached_dir_ref; - if (cached == NULL) { + consensus_cache_entry_t *cce = spooled->consensus_cache_entry; + if (cached == NULL && cce == NULL) { /* The cached_dir_t hasn't been materialized yet. So let's look it up. */ cached = spooled->cached_dir_ref = spooled_resource_lookup_cached_dir(spooled, NULL); @@ -3517,22 +3566,34 @@ spooled_resource_flush_some(spooled_resource_t *spooled, tor_assert_nonfatal(spooled->cached_dir_offset == 0); } + if (BUG(!cached && !cce)) + return SRFS_DONE; + + int64_t total_len; + const char *ptr; + if (cached) { + total_len = cached->dir_compressed_len; + ptr = cached->dir_compressed; + } else { + total_len = spooled->cce_len; + ptr = (const char *)spooled->cce_body; + } /* How many bytes left to flush? */ - int64_t remaining = 0; - remaining = cached->dir_z_len - spooled->cached_dir_offset; + int64_t remaining; + remaining = total_len - spooled->cached_dir_offset; if (BUG(remaining < 0)) return SRFS_ERR; ssize_t bytes = (ssize_t) MIN(DIRSERV_CACHED_DIR_CHUNK_SIZE, remaining); if (conn->compress_state) { connection_write_to_buf_compress( - cached->dir_z + spooled->cached_dir_offset, + ptr + spooled->cached_dir_offset, bytes, conn, 0); } else { - connection_write_to_buf(cached->dir_z + spooled->cached_dir_offset, + connection_write_to_buf(ptr + spooled->cached_dir_offset, bytes, TO_CONN(conn)); } spooled->cached_dir_offset += bytes; - if (spooled->cached_dir_offset >= (off_t)cached->dir_z_len) { + if (spooled->cached_dir_offset >= (off_t)total_len) { return SRFS_DONE; } else { return SRFS_MORE; @@ -3608,6 +3669,7 @@ spooled_resource_lookup_body(const spooled_resource_t *spooled, return 0; } case DIR_SPOOL_NETWORKSTATUS: + case DIR_SPOOL_CONSENSUS_CACHE_ENTRY: default: /* LCOV_EXCL_START */ tor_assert_nonfatal_unreached(); diff --git a/src/or/dirserv.h b/src/or/dirserv.h index f707237ed1..480174d5bb 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -38,6 +38,7 @@ typedef enum dir_spool_source_t { DIR_SPOOL_EXTRA_BY_DIGEST, DIR_SPOOL_EXTRA_BY_FP, DIR_SPOOL_MICRODESC, DIR_SPOOL_NETWORKSTATUS, + DIR_SPOOL_CONSENSUS_CACHE_ENTRY, } dir_spool_source_t; #define dir_spool_source_bitfield_t ENUM_BF(dir_spool_source_t) @@ -74,8 +75,15 @@ typedef struct spooled_resource_t { */ struct cached_dir_t *cached_dir_ref; /** - * The current offset into cached_dir. Only used when spool_eagerly is - * false */ + * A different kind of large object that we might be spooling. Also + * reference-counted. Also only used when spool_eagerly is false. + */ + struct consensus_cache_entry_t *consensus_cache_entry; + const uint8_t *cce_body; + size_t cce_len; + /** + * The current offset into cached_dir or cce_body. Only used when + * spool_eagerly is false */ off_t cached_dir_offset; } spooled_resource_t; @@ -110,6 +118,7 @@ cached_dir_t *dirserv_get_consensus(const char *flavor_name); void dirserv_set_cached_consensus_networkstatus(const char *consensus, const char *flavor_name, const common_digests_t *digests, + const uint8_t *sha3_as_signed, time_t published); void dirserv_clear_old_networkstatuses(time_t cutoff); int dirserv_get_routerdesc_spool(smartlist_t *spools_out, const char *key, @@ -184,6 +193,8 @@ int dirserv_read_guardfraction_file(const char *fname, spooled_resource_t *spooled_resource_new(dir_spool_source_t source, const uint8_t *digest, size_t digestlen); +spooled_resource_t *spooled_resource_new_from_cache_entry( + struct consensus_cache_entry_t *entry); void spooled_resource_free(spooled_resource_t *spooled); void dirserv_spool_remove_missing_and_guess_size(dir_connection_t *conn, time_t cutoff, diff --git a/src/or/dns.c b/src/or/dns.c index cd84a64758..024a21abfe 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -160,8 +160,9 @@ evdns_log_cb(int warn, const char *msg) } if (!strcmpstart(msg, "Nameserver ") && (cp=strstr(msg, " has failed: "))) { char *ns = tor_strndup(msg+11, cp-(msg+11)); - const char *err = strchr(cp, ':')+2; - tor_assert(err); + const char *colon = strchr(cp, ':'); + tor_assert(colon); + const char *err = colon+2; /* Don't warn about a single failed nameserver; we'll warn with 'all * nameservers have failed' if we're completely out of nameservers; * otherwise, the situation is tolerable. */ diff --git a/src/or/fallback_dirs.inc b/src/or/fallback_dirs.inc index be94ff50fc..cc37e5f9af 100644 --- a/src/or/fallback_dirs.inc +++ b/src/or/fallback_dirs.inc @@ -1,54 +1,58 @@ -/* Whitelist & blacklist excluded 1177 of 1389 candidates. */ +/* Whitelist & blacklist excluded 1326 of 1513 candidates. */ /* To comment-out entries in this file, use C comments, and add * to the start of each line. (stem finds fallback entries using " at the start of a line.) */ /* Checked IPv4 DirPorts served a consensus within 15.0s. */ /* -Final Count: 177 (Eligible 212, Target 392 (1963 * 0.20), Max 200) -Excluded: 35 (Same Operator 35, Failed/Skipped Download 0, Excess 0) -Bandwidth Range: 1.2 - 107.3 MByte/s +Final Count: 151 (Eligible 187, Target 392 (1963 * 0.20), Max 200) +Excluded: 36 (Same Operator 27, Failed/Skipped Download 9, Excess 0) +Bandwidth Range: 1.3 - 40.0 MByte/s */ /* -Onionoo Source: details Date: 2016-12-19 03:00:00 Version: 3.1 -URL: https:onionoo.torproject.orgdetails?fields=fingerprint%2Cnickname%2Ccontact%2Clast_changed_address_or_port%2Cconsensus_weight%2Cadvertised_bandwidth%2Cor_addresses%2Cdir_address%2Crecommended_version%2Cflags%2Ceffective_family%2Cplatform&flag=V2Dir&type=relay&last_seen_days=-0&first_seen_days=7- +Onionoo Source: details Date: 2017-05-16 07:00:00 Version: 4.0 +URL: https:onionoo.torproject.orgdetails?fields=fingerprint%2Cnickname%2Ccontact%2Clast_changed_address_or_port%2Cconsensus_weight%2Cadvertised_bandwidth%2Cor_addresses%2Cdir_address%2Crecommended_version%2Cflags%2Ceffective_family%2Cplatform&flag=V2Dir&type=relay&last_seen_days=-0&first_seen_days=30- */ /* -Onionoo Source: uptime Date: 2016-12-19 03:00:00 Version: 3.1 -URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay&last_seen_days=-0 +Onionoo Source: uptime Date: 2017-05-16 07:00:00 Version: 4.0 +URL: https:onionoo.torproject.orguptime?first_seen_days=30-&flag=V2Dir&type=relay&last_seen_days=-0 */ -"185.13.39.197:80 orport=443 id=001524DD403D729F08F7E5D77813EF12756CFA8D" +"176.10.104.240:80 orport=443 id=0111BA9B604669E636FFD5B503F382A4B7AD6E80" " weight=10", -"185.100.85.61:80 orport=443 id=025B66CEBC070FCB0519D206CF0CF4965C20C96E" +"193.171.202.146:9030 orport=9001 id=01A9258A46E97FF8B2CAC7910577862C14F2C524" " weight=10", -"62.210.92.11:9030 orport=9001 id=0266B0660F3F20A7D1F3D8335931C95EF50F6C6B" -" ipv6=[2001:bc8:338c::1]:9001" +"185.100.85.61:80 orport=443 id=025B66CEBC070FCB0519D206CF0CF4965C20C96E" " weight=10", "185.97.32.18:9030 orport=9001 id=04250C3835019B26AA6764E85D836088BE441088" " weight=10", -"92.222.20.130:80 orport=443 id=0639612FF149AA19DF3BCEA147E5B8FED6F3C87C" +"5.9.110.236:9030 orport=9001 id=0756B7CD4DFC8182BE23143FAC0642F515182CEB" +" ipv6=[2a01:4f8:162:51e2::2]:9001" +" weight=10", +"109.163.234.8:80 orport=443 id=0818DAE0E2DDF795AEDEAC60B15E71901084F281" " weight=10", "163.172.149.155:80 orport=443 id=0B85617241252517E8ECF2CFC7F4C1A32DCD153F" " weight=10", "5.39.92.199:80 orport=443 id=0BEA4A88D069753218EAAAD6D22EA87B9A1319D6" " ipv6=[2001:41d0:8:b1c7::1]:443" " weight=10", -"163.172.25.118:80 orport=22 id=0CF8F3E6590F45D50B70F2F7DA6605ECA6CD408F" -" weight=10", "178.62.197.82:80 orport=443 id=0D3EBA17E1C78F1E9900BABDB23861D46FCAF163" " weight=10", "185.100.86.100:80 orport=443 id=0E8C0C8315B66DB5F703804B3889A1DD66C67CE0" " weight=10", -"5.9.159.14:9030 orport=9001 id=0F100F60C7A63BED90216052324D29B08CFCF797" +"95.85.8.226:80 orport=443 id=1211AC1BBB8A1AF7CBA86BCE8689AA3146B86423" " weight=10", "193.11.114.43:9030 orport=9001 id=12AD30E5D25AA67F519780E2111E611A455FDC89" " ipv6=[2001:6b0:30:1000::99]:9050" " weight=10", "37.157.195.87:8030 orport=443 id=12FD624EE73CEF37137C90D38B2406A66F68FAA2" " weight=10", +"178.16.208.59:80 orport=443 id=136F9299A5009A4E0E96494E723BDB556FB0A26B" +" ipv6=[2a00:1c20:4089:1234:bff6:e1bb:1ce3:8dc6]:443" +" weight=10", +"144.76.14.145:110 orport=143 id=14419131033443AE6E21DA82B0D307F7CAE42BDB" +" ipv6=[2a01:4f8:190:9490::dead]:443" +" weight=10", "178.62.60.37:80 orport=443 id=175921396C7C426309AB03775A9930B6F611F794" " weight=10", "204.11.50.131:9030 orport=9001 id=185F2A57B0C4620582602761097D17DB81654F70" " weight=10", -"92.222.4.102:9030 orport=9001 id=1A6B8B8272632D8AD38442027F822A367128405C" -" weight=10", "5.9.158.75:80 orport=443 id=1AF72E8906E6C49481A791A6F8F84F8DFEBBB2BA" " ipv6=[2a01:4f8:190:514a::2]:443" " weight=10", @@ -56,31 +60,22 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "91.219.237.229:80 orport=443 id=1ECD73B936CB6E6B3CD647CC204F108D9DF2C9F7" " weight=10", -"5.9.146.203:80 orport=443 id=1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11" -" weight=10", "212.47.229.2:9030 orport=9001 id=20462CBA5DA4C2D963567D17D0B7249718114A68" " ipv6=[2001:bc8:4400:2100::f03]:9001" " weight=10", -"91.219.236.222:80 orport=443 id=20704E7DD51501DC303FA51B738D7B7E61397CF6" -" weight=10", "144.76.163.93:9030 orport=9001 id=22F08CF09764C4E8982640D77F71ED72FF26A9AC" " weight=10", "163.172.176.167:80 orport=443 id=230A8B2A8BA861210D9B4BA97745AEC217A94207" " weight=10", +"37.200.98.5:80 orport=443 id=231C2B9C8C31C295C472D031E06964834B745996" +" ipv6=[2a00:1158:3::11a]:993" +" weight=10", "212.47.240.10:82 orport=443 id=2A4C448784F5A83AFE6C78DA357D5E31F7989DEB" " weight=10", "144.76.26.175:9012 orport=9011 id=2BA2C8E96B2590E1072AECE2BDB5C48921BF8510" " weight=10", -"178.16.208.56:80 orport=443 id=2CDCFED0142B28B002E89D305CBA2E26063FADE2" -" ipv6=[2a00:1c20:4089:1234:cd49:b58a:9ebe:67ec]:443" -" weight=10", -"62.210.124.124:9130 orport=9101 id=2EBD117806EE43C3CC885A8F1E4DC60F207E7D3E" -" ipv6=[2001:bc8:3f23:100::1]:9101" -" weight=10", "97.74.237.196:9030 orport=9001 id=2F0F32AB1E5B943CA7D062C03F18960C86E70D94" " weight=10", -"213.61.66.118:9031 orport=9001 id=30648BC64CEDB3020F4A405E4AB2A6347FB8FA22" -" weight=10", "107.170.101.39:9030 orport=443 id=30973217E70AF00EBE51797FF6D9AA720A902EAA" " weight=10", "64.113.32.29:9030 orport=9001 id=30C19B81981F450C402306E2E7CFB6C3F79CB6B2" @@ -90,21 +85,16 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "109.105.109.162:52860 orport=60784 id=32EE911D968BE3E016ECA572BB1ED0A9EE43FC2F" " ipv6=[2001:948:7:2::163]:5001" " weight=10", -"185.100.84.212:80 orport=443 id=330CD3DB6AD266DC70CDB512B036957D03D9BC59" -" ipv6=[2a06:1700:0:7::1]:443" -" weight=10", "163.172.13.165:9030 orport=9001 id=33DA0CAB7C27812EFF2E22C9705630A54D101FEB" " ipv6=[2001:bc8:38cb:201::8]:9001" " weight=10", -"45.62.255.25:80 orport=443 id=3473ED788D9E63361D1572B7E82EC54338953D2A" -" weight=10", "217.79.190.25:9030 orport=9090 id=361D33C96D0F161275EE67E2C91EE10B276E778B" " weight=10", "37.187.22.87:9030 orport=9001 id=36B9E7AC1E36B62A9D6F330ABEB6012BA7F0D400" " ipv6=[2001:41d0:a:1657::1]:9001" " weight=10", -"176.126.252.12:21 orport=8080 id=379FB450010D17078B3766C2273303C358C3A442" -" ipv6=[2a02:59e0:0:7::12]:81" +"62.210.92.11:9130 orport=9101 id=387B065A38E4DAA16D9D41C2964ECBC4B31D30FF" +" ipv6=[2001:bc8:338c::1]:9101" " weight=10", "198.50.191.95:80 orport=443 id=39F096961ED2576975C866D450373A9913AFDC92" " weight=10", @@ -112,13 +102,11 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "212.47.230.49:9030 orport=9001 id=3D6D0771E54056AEFC28BB1DE816951F11826E97" " weight=10", +"176.10.107.180:9030 orport=9001 id=3D7E274A87D9A89AF064C13D1EE4CA1F184F2600" +" weight=10", "217.79.179.177:9030 orport=9001 id=3E53D3979DB07EFD736661C934A1DED14127B684" " ipv6=[2001:4ba0:fff9:131:6c4f::90d3]:9001" " weight=10", -"212.47.237.95:9030 orport=9001 id=3F5D8A879C58961BB45A3D26AC41B543B40236D6" -" weight=10", -"185.100.85.101:9030 orport=9001 id=4061C553CA88021B8302F0814365070AAE617270" -" weight=10", "178.62.86.96:9030 orport=9001 id=439D0447772CB107B886F7782DBC201FA26B92D1" " ipv6=[2a03:b0c0:1:d0::3cf:7001]:9050" " weight=10", @@ -143,8 +131,6 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "81.7.16.182:80 orport=443 id=51E1CF613FD6F9F11FE24743C91D6F9981807D82" " ipv6=[2a02:180:1:1::517:10b6]:993" " weight=10", -"138.201.130.32:9030 orport=9001 id=52AEA31188331F421B2EDB494DB65CD181E5B257" -" weight=10", "94.23.204.175:9030 orport=9001 id=5665A3904C89E22E971305EE8C1997BCA4123C69" " weight=10", "95.130.12.119:80 orport=443 id=587E0A9552E4274B251F29B5B2673D38442EE4BF" @@ -154,37 +140,30 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "78.142.142.246:80 orport=443 id=5A5E03355C1908EBF424CAF1F3ED70782C0D2F74" " weight=10", -"46.28.207.19:80 orport=443 id=5B92FA5C8A49D46D235735504C72DBB3472BA321" -" weight=10", "120.29.217.46:80 orport=443 id=5E853C94AB1F655E9C908924370A0A6707508C62" " weight=10", +"109.163.234.5:80 orport=443 id=5EB8D862E70981B8690DEDEF546789E26AB2BD24" +" weight=10", "95.128.43.164:80 orport=443 id=616081EC829593AF4232550DE6FFAA1D75B37A90" " ipv6=[2a02:ec0:209:10::4]:443" " weight=10", -"195.154.122.54:80 orport=443 id=64E99CB34C595A02A3165484BD1215E7389322C6" -" weight=10", "163.172.139.104:8080 orport=443 id=68F175CCABE727AA2D2309BCD8789499CEE36ED7" " weight=10", "85.214.62.48:80 orport=443 id=6A7551EEE18F78A9813096E82BF84F740D32B911" " weight=10", -"95.130.11.147:9030 orport=443 id=6B697F3FF04C26123466A5C0E5D1F8D91925967A" -" weight=10", -"91.121.84.137:4951 orport=4051 id=6DE61A6F72C1E5418A66BFED80DFB63E4C77668F" -" ipv6=[2001:41d0:1:8989::1]:4051" -" weight=10", -"213.61.66.117:9032 orport=9002 id=6E44A52E3D1FF7683FE5C399C3FB5E912DE1C6B4" -" weight=10", "80.127.137.19:80 orport=443 id=6EF897645B79B6CB35E853B32506375014DE3621" " ipv6=[2001:981:47c1:1::6]:443" " weight=10", "95.183.48.12:80 orport=443 id=7187CED1A3871F837D0E60AC98F374AC541CB0DA" " weight=10", -"163.172.35.247:80 orport=443 id=71AB4726D830FAE776D74AEF790CF04D8E0151B4" +"85.214.151.72:9030 orport=9001 id=722D365140C8C52DBB3C9FF6986E3CEFFE2BA812" " weight=10", "85.235.250.88:80 orport=443 id=72B2B12A3F60408BDBC98C6DF53988D3A0B3F0EE" " weight=10", -"46.101.237.246:9030 orport=9001 id=75F1992FD3F403E9C082A5815EB5D12934CDF46C" -" ipv6=[2a03:b0c0:3:d0::208:5001]:9050" +"176.31.191.26:80 orport=443 id=7350AB9ED7568F22745198359373C04AC783C37C" +" weight=10", +"134.119.36.135:80 orport=443 id=763C9556602BD6207771A7A3D958091D44C43228" +" ipv6=[2a00:1158:3::2a8]:993" " weight=10", "188.166.133.133:9030 orport=9001 id=774555642FDC1E1D4FDF2E0C31B7CA9501C5C9C7" " ipv6=[2a03:b0c0:2:d0::5:f001]:9001" @@ -192,12 +171,8 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "81.30.158.213:9030 orport=9001 id=789EA6C9AE9ADDD8760903171CFA9AC5741B0C70" " ipv6=[2001:4ba0:cafe:e84::1]:9001" " weight=10", -"185.11.180.67:80 orport=9001 id=794D8EA8343A4E820320265D05D4FA83AB6D1778" -" weight=10", "171.25.193.131:80 orport=443 id=79861CF8522FC637EF046F7688F5289E49D94576" " weight=10", -"62.210.129.246:80 orport=443 id=79E169B25E4C7CE99584F6ED06F379478F23E2B8" -" weight=10", "82.223.21.74:9030 orport=9001 id=7A32C9519D80CA458FC8B034A28F5F6815649A98" " ipv6=[2001:470:53e0::cafe]:9050" " weight=10", @@ -210,9 +185,6 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "192.87.28.82:9030 orport=9001 id=844AE9CAD04325E955E2BE1521563B79FE7094B7" " weight=10", -"163.172.138.22:80 orport=443 id=8664DC892540F3C789DB37008236C096C871734D" -" ipv6=[2001:bc8:4400:2100::1:3]:443" -" weight=10", "188.166.23.127:80 orport=443 id=8672E8A01B4D3FA4C0BBE21C740D4506302EA487" " ipv6=[2a03:b0c0:2:d0::27b:7001]:9050" " weight=10", @@ -221,6 +193,7 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "212.47.241.21:80 orport=443 id=892F941915F6A0C6E0958E52E0A9685C190CF45C" " weight=10", "163.172.194.53:9030 orport=9001 id=8C00FA7369A7A308F6A137600F0FA07990D9D451" +" ipv6=[2001:bc8:225f:142:6c69:7461:7669:73]:9001" " weight=10", "178.254.44.135:9030 orport=9001 id=8FA37B93397015B2BC5A525C908485260BE9F422" " weight=10", @@ -238,12 +211,6 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "204.8.156.142:80 orport=443 id=94C4B7B8C50C86A92B6A20107539EE2678CF9A28" " weight=10", -"176.10.104.243:8080 orport=8443 id=95DA61AEF23A6C851028C1AA88AD8593F659E60F" -" weight=10", -"85.10.202.87:9030 orport=9001 id=971AFB23C168DCD8EDA17473C1C452B359DE3A5A" -" weight=10", -"85.214.206.219:9030 orport=9001 id=98F8D5F359949E41DE8DF3DBB1975A86E96A84A0" -" weight=10", "163.172.223.200:80 orport=443 id=998BF3ED7F70E33D1C307247B9626D9E7573C438" " weight=10", "81.7.10.93:31336 orport=31337 id=99E246DB480B313A3012BC3363093CC26CD209C7" @@ -252,18 +219,20 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "66.111.2.20:9030 orport=9001 id=9A68B85A02318F4E7E87F2828039FBD5D75B0142" " weight=10", -"5.35.251.247:9030 orport=9001 id=9B1F5187DFBA89DC24B37EA7BF896C12B43A27AE" +"185.100.86.128:9030 orport=9001 id=9B31F1F1C1554F9FFB3455911F82E818EF7C7883" " weight=10", "5.9.151.241:9030 orport=4223 id=9BF04559224F0F1C3C953D641F1744AF0192543A" +" ipv6=[2a01:4f8:190:34f0::2]:4223" " weight=10", "86.105.212.130:9030 orport=443 id=9C900A7F6F5DD034CFFD192DAEC9CCAA813DB022" " weight=10", -"146.185.177.103:80 orport=9030 id=9EC5E097663862DF861A18C32B37C5F82284B27D" -" weight=10", "178.254.20.134:80 orport=443 id=9F5068310818ED7C70B0BC4087AB55CB12CB4377" " weight=10", "46.28.110.244:80 orport=443 id=9F7D6E6420183C2B76D3CE99624EBC98A21A967E" " weight=10", +"91.121.84.137:4952 orport=4052 id=9FBEB75E8BC142565F12CBBE078D63310236A334" +" ipv6=[2001:41d0:1:8989::1]:4052" +" weight=10", "178.62.22.36:80 orport=443 id=A0766C0D3A667A3232C7D569DE94A28F9922FCB1" " ipv6=[2a03:b0c0:1:d0::174:1]:9050" " weight=10", @@ -273,47 +242,38 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "171.25.193.78:80 orport=443 id=A478E421F83194C114F41E94F95999672AED51FE" " ipv6=[2001:67c:289c:3::78]:443" " weight=10", -"178.16.208.58:80 orport=443 id=A4C98CEA3F34E05299417E9F885A642C88EF6029" -" ipv6=[2a00:1c20:4089:1234:cdae:1b3e:cc38:3d45]:443" -" weight=10", "163.172.149.122:80 orport=443 id=A9406A006D6E7B5DA30F2C6D4E42A338B5E340B2" " weight=10", -"213.61.66.116:9033 orport=9003 id=A9DEB920B42B4EC1DE6249034039B06D61F38690" -" weight=10", "192.34.63.137:9030 orport=443 id=ABCB4965F1FEE193602B50A365425105C889D3F8" " weight=10", -"195.154.164.243:80 orport=443 id=AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C" +"109.163.234.9:80 orport=443 id=ABF7FBF389C9A747938B639B20E80620B460B2A9" " weight=10", "86.59.119.88:80 orport=443 id=ACD889D86E02EDDAB1AFD81F598C0936238DC6D0" " weight=10", "185.129.62.62:9030 orport=9001 id=ACDD9E85A05B127BA010466C13C8C47212E8A38F" " ipv6=[2a06:d380:0:3700::62]:9001" " weight=10", -"188.40.128.246:9030 orport=9001 id=AD19490C7DBB26D3A68EFC824F67E69B0A96E601" -" weight=10", "163.172.131.88:80 orport=443 id=AD253B49E303C6AB1E048B014392AC569E8A7DAE" " ipv6=[2001:bc8:4400:2100::2:1009]:443" " weight=10", -"176.10.104.240:8080 orport=8443 id=AD86CD1A49573D52A7B6F4A35750F161AAD89C88" -" weight=10", "31.185.104.20:80 orport=443 id=ADB2C26629643DBB9F8FE0096E7D16F9414B4F8D" " weight=10", "37.187.7.74:80 orport=443 id=AEA43CB1E47BE5F8051711B2BF01683DB1568E05" " ipv6=[2001:41d0:a:74a::1]:443" " weight=10", -"176.126.252.11:443 orport=9001 id=B0279A521375F3CB2AE210BDBFC645FDD2E1973A" -" ipv6=[2a02:59e0:0:7::11]:9003" +"46.28.205.170:80 orport=443 id=AF322D83A4D2048B22F7F1AF5F38AFF4D09D0B76" " weight=10", -"212.129.62.232:80 orport=443 id=B143D439B72D239A419F8DCE07B8A8EB1B486FA7" +"5.9.147.226:9030 orport=9001 id=B0553175AADB0501E5A61FC61CEA3970BE130FF2" " weight=10", -"185.66.250.141:9030 orport=9001 id=B1726B94885CE3AC3910CA8B60622B97B98E2529" +"212.129.62.232:80 orport=443 id=B143D439B72D239A419F8DCE07B8A8EB1B486FA7" " weight=10", "198.199.64.217:80 orport=443 id=B1D81825CFD7209BD1B4520B040EF5653C204A23" " ipv6=[2604:a880:400:d0::1a9:b001]:9050" " weight=10", "136.243.214.137:80 orport=443 id=B291D30517D23299AD7CEE3E60DFE60D0E3A4664" " weight=10", -"212.47.233.86:9030 orport=9001 id=B4CAFD9CBFB34EC5DAAC146920DC7DFAFE91EA20" +"178.16.208.60:80 orport=443 id=B44FBE5366AD98B46D829754FA4AC599BAE41A6A" +" ipv6=[2a00:1c20:4089:1234:67bc:79f3:61c0:6e49]:443" " weight=10", "93.115.97.242:9030 orport=9001 id=B5212DB685A2A0FCFBAE425738E478D12361710D" " weight=10", @@ -325,20 +285,14 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "85.248.227.164:444 orport=9002 id=B84F248233FEA90CAD439F292556A3139F6E1B82" " ipv6=[2a00:1298:8011:212::164]:9004" " weight=10", -"197.231.221.211:9030 orport=9001 id=BC630CBBB518BE7E9F4E09712AB0269E9DC7D626" -" weight=10", "89.163.247.43:9030 orport=9001 id=BC7ACFAC04854C77167C7D66B7E471314ED8C410" +" ipv6=[2001:4ba0:fff7:25::5]:9001" " weight=10", "198.96.155.3:8080 orport=5001 id=BCEDF6C193AA687AE471B8A22EBF6BC57C2D285E" " weight=10", "128.199.55.207:9030 orport=9001 id=BCEF908195805E03E92CCFE669C48738E556B9C5" " ipv6=[2a03:b0c0:2:d0::158:3001]:9001" " weight=10", -"148.251.190.229:9030 orport=9010 id=BF0FB582E37F738CD33C3651125F2772705BB8E8" -" ipv6=[2a01:4f8:211:c68::2]:9010" -" weight=10", -"163.172.35.249:80 orport=443 id=C08DE49658E5B3CFC6F2A952B453C4B608C9A16A" -" weight=10", "185.35.202.221:9030 orport=9001 id=C13B91384CDD52A871E3ECECE4EF74A7AC7DCB08" " ipv6=[2a02:ed06::221]:9001" " weight=10", @@ -347,16 +301,21 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "188.138.112.60:1433 orport=1521 id=C414F28FD2BEC1553024299B31D4E726BEB8E788" " weight=10", -"37.59.46.159:9030 orport=9001 id=CBD0D1BD110EC52963082D839AC6A89D0AE243E7" +"85.248.227.163:443 orport=9001 id=C793AB88565DDD3C9E4C6F15CCB9D8C7EF964CE9" +" ipv6=[2a00:1298:8011:212::163]:9003" " weight=10", "178.62.199.226:80 orport=443 id=CBEFF7BA4A4062045133C053F2D70524D8BBE5BE" " ipv6=[2a03:b0c0:2:d0::b7:5001]:443" " weight=10", "134.119.3.164:9030 orport=9001 id=D1B8AAA98C65F3DF7D8BB3AF881CAEB84A33D8EE" " weight=10", -"185.13.38.75:9030 orport=9001 id=D2A1703758A0FBBA026988B92C2F88BAB59F9361" +"31.171.155.108:9030 orport=9001 id=D3E5EDDBE5159388704D6785BE51930AAFACEC6F" " weight=10", -"37.221.162.226:9030 orport=9001 id=D64366987CB39F61AD21DBCF8142FA0577B92811" +"37.187.115.157:9030 orport=9001 id=D5039E1EBFD96D9A3F9846BF99EC9F75EDDE902A" +" weight=10", +"166.82.21.200:9030 orport=9029 id=D5C33F3E203728EDF8361EA868B2939CCC43FAFB" +" weight=10", +"185.14.185.240:9030 orport=443 id=D62FB817B0288085FAC38A6DC8B36DCD85B70260" " weight=10", "46.101.169.151:9030 orport=9001 id=D760C5B436E42F93D77EF2D969157EEA14F9B39C" " ipv6=[2a03:b0c0:3:d0::74f:a001]:9001" @@ -371,34 +330,26 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay "178.62.173.203:9030 orport=9001 id=DD85503F2D1F52EF9EAD621E942298F46CD2FC10" " ipv6=[2a03:b0c0:0:1010::a4:b001]:9001" " weight=10", -"83.212.99.68:80 orport=443 id=DDBB2A38252ADDA53E4492DDF982CA6CC6E10EC0" -" ipv6=[2001:648:2ffc:1225:a800:bff:fe3d:67b5]:443" -" weight=10", "5.34.183.205:80 orport=443 id=DDD7871C1B7FA32CB55061E08869A236E61BDDF8" " weight=10", -"167.114.66.61:9696 orport=443 id=DE6CD5F09DF26076F26321B0BDFBE78ACD935C65" -" ipv6=[2607:5300:100::78d]:443" -" weight=10", "78.24.75.53:9030 orport=9001 id=DEB73705B2929AE9BE87091607388939332EF123" " weight=10", "92.222.38.67:80 orport=443 id=DED6892FF89DBD737BA689698A171B2392EB3E82" " weight=10", -"217.12.199.208:80 orport=443 id=DF3AED4322B1824BF5539AE54B2D1B38E080FF05" -" ipv6=[2a02:27a8:0:2::7e]:443" +"166.70.207.2:9030 orport=9001 id=E3DB2E354B883B59E8DC56B3E7A353DDFD457812" " weight=10", -"167.114.35.28:9030 orport=9001 id=E65D300F11E1DB12C534B0146BDAB6972F1A8A48" +"46.252.26.2:45212 orport=49991 id=E589316576A399C511A9781A73DA4545640B479D" " weight=10", -"212.47.244.38:8080 orport=443 id=E81EF60A73B3809F8964F73766B01BAA0A171E20" +"167.114.35.28:9030 orport=9001 id=E65D300F11E1DB12C534B0146BDAB6972F1A8A48" " weight=10", "131.188.40.188:443 orport=80 id=EBE718E1A49EE229071702964F8DB1F318075FF8" " weight=10", -"89.40.71.149:8081 orport=8080 id=EC639EDAA5121B47DBDF3D6B01A22E48A8CB6CC7" -" weight=10", "192.87.28.28:9030 orport=9001 id=ED2338CAC2711B3E331392E1ED2831219B794024" " weight=10", -"212.83.40.238:9030 orport=9001 id=F409FA7902FD89270E8DE0D7977EA23BC38E5887" +"192.99.212.139:80 orport=443 id=F10BDE279AE71515DDCCCC61DC19AC8765F8A3CC" " weight=10", -"5.199.142.236:9030 orport=9001 id=F4C0EDAA0BF0F7EC138746F8FEF1CE26C7860265" +"212.238.208.48:9030 orport=9001 id=F406219CDD339026D160E53FCA0EF6857C70F109" +" ipv6=[2001:984:a8fb:1:ba27:ebff:feac:c109]:9001" " weight=10", "46.28.207.141:80 orport=443 id=F69BED36177ED727706512BA6A97755025EEA0FB" " weight=10", @@ -408,14 +359,10 @@ URL: https:onionoo.torproject.orguptime?first_seen_days=7-&flag=V2Dir&type=relay " weight=10", "185.96.180.29:80 orport=443 id=F93D8F37E35C390BCAD9F9069E13085B745EC216" " weight=10", -"104.243.35.196:9030 orport=9001 id=FA3415659444AE006E7E9E5375E82F29700CFDFD" -" weight=10", "86.59.119.83:80 orport=443 id=FC9AC8EA0160D88BCCFDE066940D7DD9FA45495B" " weight=10", "192.187.124.98:9030 orport=9001 id=FD1871854BFC06D7B02F10742073069F0528B5CC" " weight=10", -"212.129.38.254:9030 orport=9001 id=FDF845FC159C0020E2BDDA120C30C5C5038F74B4" -" weight=10", "149.56.45.200:9030 orport=9001 id=FE296180018833AF03A8EACD5894A614623D3F76" " weight=10", "193.11.164.243:9030 orport=9001 id=FFA72BD683BC2FCF988356E6BEC1E490F313FB07" diff --git a/src/or/hibernate.c b/src/or/hibernate.c index f2a4c71764..f54109fc90 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -331,7 +331,7 @@ edge_of_accounting_period_containing(time_t now, int get_end) case UNIT_MONTH: { /* If this is before the Nth, we want the Nth of last month. */ if (tm.tm_mday < cfg_start_day || - (tm.tm_mday < cfg_start_day && before)) { + (tm.tm_mday == cfg_start_day && before)) { --tm.tm_mon; } /* Otherwise, the month is correct. */ diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index 0480f63308..2a000f5002 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -79,7 +79,9 @@ #define str_intro_point "introduction-point" #define str_ip_auth_key "auth-key" #define str_ip_enc_key "enc-key" -#define str_ip_enc_key_cert "enc-key-certification" +#define str_ip_enc_key_cert "enc-key-cert" +#define str_ip_legacy_key "legacy-key" +#define str_ip_legacy_key_cert "legacy-key-cert" #define str_intro_point_start "\n" str_intro_point " " /* Constant string value for the construction to encrypt the encrypted data * section. */ @@ -134,9 +136,10 @@ static token_rule_t hs_desc_encrypted_v3_token_table[] = { static token_rule_t hs_desc_intro_point_v3_token_table[] = { T1_START(str_intro_point, R3_INTRODUCTION_POINT, EQ(1), NO_OBJ), T1(str_ip_auth_key, R3_INTRO_AUTH_KEY, NO_ARGS, NEED_OBJ), - T1(str_ip_enc_key, R3_INTRO_ENC_KEY, ARGS, OBJ_OK), - T1_END(str_ip_enc_key_cert, R3_INTRO_ENC_KEY_CERTIFICATION, - NO_ARGS, NEED_OBJ), + T1(str_ip_enc_key, R3_INTRO_ENC_KEY, GE(2), OBJ_OK), + T1(str_ip_enc_key_cert, R3_INTRO_ENC_KEY_CERT, ARGS, OBJ_OK), + T01(str_ip_legacy_key, R3_INTRO_LEGACY_KEY, ARGS, NEED_KEY_1024), + T01(str_ip_legacy_key_cert, R3_INTRO_LEGACY_KEY_CERT, ARGS, OBJ_OK), END_OF_TABLE }; @@ -153,8 +156,12 @@ desc_intro_point_free(hs_desc_intro_point_t *ip) smartlist_free(ip->link_specifiers); } tor_cert_free(ip->auth_key_cert); - if (ip->enc_key_type == HS_DESC_KEY_TYPE_LEGACY) { - crypto_pk_free(ip->enc_key.legacy); + tor_cert_free(ip->enc_key_cert); + if (ip->legacy.key) { + crypto_pk_free(ip->legacy.key); + } + if (ip->legacy.cert.encoded) { + tor_free(ip->legacy.cert.encoded); } tor_free(ip); } @@ -406,101 +413,68 @@ encode_link_specifiers(const smartlist_t *specs) return encoded_b64; } -/* Encode an introduction point encryption key and return a newly allocated - * string with it. On failure, return NULL. */ +/* Encode an introduction point legacy key and certificate. Return a newly + * allocated string with it. On failure, return NULL. */ static char * -encode_enc_key(const ed25519_public_key_t *sig_key, - const hs_desc_intro_point_t *ip) +encode_legacy_key(const hs_desc_intro_point_t *ip) { - char *encoded = NULL; - time_t now = time(NULL); + char *key_str, b64_cert[256], *encoded = NULL; + size_t key_str_len; - tor_assert(sig_key); tor_assert(ip); - switch (ip->enc_key_type) { - case HS_DESC_KEY_TYPE_LEGACY: - { - char *key_str, b64_cert[256]; - ssize_t cert_len; - size_t key_str_len; - uint8_t *cert_data = NULL; - - /* Create cross certification cert. */ - cert_len = tor_make_rsa_ed25519_crosscert(sig_key, ip->enc_key.legacy, - now + HS_DESC_CERT_LIFETIME, - &cert_data); - if (cert_len < 0) { - log_warn(LD_REND, "Unable to create legacy crosscert."); - goto err; - } - /* Encode cross cert. */ - if (base64_encode(b64_cert, sizeof(b64_cert), (const char *) cert_data, - cert_len, BASE64_ENCODE_MULTILINE) < 0) { - tor_free(cert_data); - log_warn(LD_REND, "Unable to encode legacy crosscert."); - goto err; - } - tor_free(cert_data); - /* Convert the encryption key to a string. */ - if (crypto_pk_write_public_key_to_string(ip->enc_key.legacy, &key_str, - &key_str_len) < 0) { - log_warn(LD_REND, "Unable to encode legacy encryption key."); - goto err; - } - tor_asprintf(&encoded, - "%s legacy\n%s" /* Newline is added by the call above. */ - "%s\n" - "-----BEGIN CROSSCERT-----\n" - "%s" - "-----END CROSSCERT-----", - str_ip_enc_key, key_str, - str_ip_enc_key_cert, b64_cert); - tor_free(key_str); - break; - } - case HS_DESC_KEY_TYPE_CURVE25519: - { - int signbit, ret; - char *encoded_cert, key_fp_b64[CURVE25519_BASE64_PADDED_LEN + 1]; - ed25519_keypair_t curve_kp; + /* Encode cross cert. */ + if (base64_encode(b64_cert, sizeof(b64_cert), + (const char *) ip->legacy.cert.encoded, + ip->legacy.cert.len, BASE64_ENCODE_MULTILINE) < 0) { + log_warn(LD_REND, "Unable to encode legacy crosscert."); + goto done; + } + /* Convert the encryption key to PEM format NUL terminated. */ + if (crypto_pk_write_public_key_to_string(ip->legacy.key, &key_str, + &key_str_len) < 0) { + log_warn(LD_REND, "Unable to encode legacy encryption key."); + goto done; + } + tor_asprintf(&encoded, + "%s \n%s" /* Newline is added by the call above. */ + "%s\n" + "-----BEGIN CROSSCERT-----\n" + "%s" + "-----END CROSSCERT-----", + str_ip_legacy_key, key_str, + str_ip_legacy_key_cert, b64_cert); + tor_free(key_str); - if (ed25519_keypair_from_curve25519_keypair(&curve_kp, &signbit, - &ip->enc_key.curve25519)) { - goto err; - } - tor_cert_t *cross_cert = tor_cert_create(&curve_kp, - CERT_TYPE_CROSS_HS_IP_KEYS, - sig_key, now, - HS_DESC_CERT_LIFETIME, - CERT_FLAG_INCLUDE_SIGNING_KEY); - memwipe(&curve_kp, 0, sizeof(curve_kp)); - if (!cross_cert) { - goto err; - } - ret = tor_cert_encode_ed22519(cross_cert, &encoded_cert); - tor_cert_free(cross_cert); - if (ret) { - goto err; - } - if (curve25519_public_to_base64(key_fp_b64, - &ip->enc_key.curve25519.pubkey) < 0) { - tor_free(encoded_cert); - goto err; - } - tor_asprintf(&encoded, - "%s ntor %s\n" - "%s\n%s", - str_ip_enc_key, key_fp_b64, - str_ip_enc_key_cert, encoded_cert); - tor_free(encoded_cert); - break; + done: + return encoded; +} + +/* Encode an introduction point encryption key and certificate. Return a newly + * allocated string with it. On failure, return NULL. */ +static char * +encode_enc_key(const hs_desc_intro_point_t *ip) +{ + char *encoded = NULL, *encoded_cert; + char key_b64[CURVE25519_BASE64_PADDED_LEN + 1]; + + tor_assert(ip); + + /* Base64 encode the encryption key for the "enc-key" field. */ + if (curve25519_public_to_base64(key_b64, &ip->enc_key) < 0) { + goto done; } - default: - tor_assert(0); + if (tor_cert_encode_ed22519(ip->enc_key_cert, &encoded_cert) < 0) { + goto done; } + tor_asprintf(&encoded, + "%s ntor %s\n" + "%s\n%s", + str_ip_enc_key, key_b64, + str_ip_enc_key_cert, encoded_cert); + tor_free(encoded_cert); - err: + done: return encoded; } @@ -535,7 +509,7 @@ encode_intro_point(const ed25519_public_key_t *sig_key, /* Encryption key encoding. */ { - char *encoded_enc_key = encode_enc_key(sig_key, ip); + char *encoded_enc_key = encode_enc_key(ip); if (encoded_enc_key == NULL) { goto err; } @@ -543,6 +517,18 @@ encode_intro_point(const ed25519_public_key_t *sig_key, tor_free(encoded_enc_key); } + /* Legacy key if any. */ + if (ip->legacy.key != NULL) { + /* Strong requirement else the IP creation was badly done. */ + tor_assert(ip->legacy.cert.encoded); + char *encoded_legacy_key = encode_legacy_key(ip); + if (encoded_legacy_key == NULL) { + goto err; + } + smartlist_add_asprintf(lines, "%s", encoded_legacy_key); + tor_free(encoded_legacy_key); + } + /* Join them all in one blob of text. */ encoded_ip = smartlist_join_strings(lines, "\n", 1, NULL); @@ -1581,6 +1567,64 @@ desc_decrypt_all(const hs_descriptor_t *desc, char **decrypted_out) return decrypted_len; } +/* Given the token tok for an intro point legacy key, the list of tokens, the + * introduction point ip being decoded and the descriptor desc from which it + * comes from, decode the legacy key and set the intro point object. Return 0 + * on success else -1 on failure. */ +static int +decode_intro_legacy_key(const directory_token_t *tok, + smartlist_t *tokens, + hs_desc_intro_point_t *ip, + const hs_descriptor_t *desc) +{ + tor_assert(tok); + tor_assert(tokens); + tor_assert(ip); + tor_assert(desc); + + if (!crypto_pk_public_exponent_ok(tok->key)) { + log_warn(LD_REND, "Introduction point legacy key is invalid"); + goto err; + } + ip->legacy.key = crypto_pk_dup_key(tok->key); + /* Extract the legacy cross certification cert which MUST be present if we + * have a legacy key. */ + tok = find_opt_by_keyword(tokens, R3_INTRO_LEGACY_KEY_CERT); + if (!tok) { + log_warn(LD_REND, "Introduction point legacy key cert is missing"); + goto err; + } + tor_assert(tok->object_body); + if (strcmp(tok->object_type, "CROSSCERT")) { + /* Info level because this might be an unknown field that we should + * ignore. */ + log_info(LD_REND, "Introduction point legacy encryption key " + "cross-certification has an unknown format."); + goto err; + } + /* Keep a copy of the certificate. */ + ip->legacy.cert.encoded = tor_memdup(tok->object_body, tok->object_size); + ip->legacy.cert.len = tok->object_size; + /* The check on the expiration date is for the entire lifetime of a + * certificate which is 24 hours. However, a descriptor has a maximum + * lifetime of 12 hours meaning we have a 12h difference between the two + * which ultimately accomodate the clock skewed client. */ + if (rsa_ed25519_crosscert_check(ip->legacy.cert.encoded, + ip->legacy.cert.len, ip->legacy.key, + &desc->plaintext_data.signing_pubkey, + approx_time() - HS_DESC_CERT_LIFETIME)) { + log_warn(LD_REND, "Unable to check cross-certification on the " + "introduction point legacy encryption key."); + ip->cross_certified = 0; + goto err; + } + + /* Success. */ + return 0; + err: + return -1; +} + /* Given the start of a section and the end of it, decode a single * introduction point from that section. Return a newly allocated introduction * point object containing the decoded data. Return NULL if the section can't @@ -1591,7 +1635,6 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start) hs_desc_intro_point_t *ip = NULL; memarea_t *area = NULL; smartlist_t *tokens = NULL; - tor_cert_t *cross_cert = NULL; const directory_token_t *tok; tor_assert(desc); @@ -1625,84 +1668,67 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start) log_warn(LD_REND, "Unexpected object type for introduction auth key"); goto err; } - /* Parse cert and do some validation. */ if (cert_parse_and_validate(&ip->auth_key_cert, tok->object_body, tok->object_size, CERT_TYPE_AUTH_HS_IP_KEY, "introduction point auth-key") < 0) { goto err; } + /* Validate authentication certificate with descriptor signing key. */ + if (tor_cert_checksig(ip->auth_key_cert, + &desc->plaintext_data.signing_pubkey, 0) < 0) { + log_warn(LD_REND, "Invalid authentication key signature"); + goto err; + } - /* Exactly one "enc-key" ... */ + /* Exactly one "enc-key" SP "ntor" SP key NL */ tok = find_by_keyword(tokens, R3_INTRO_ENC_KEY); if (!strcmp(tok->args[0], "ntor")) { - /* "enc-key" SP "ntor" SP key NL */ - if (tok->n_args != 2 || tok->object_body) { - log_warn(LD_REND, "Introduction point ntor encryption key is invalid"); - goto err; - } + /* This field is using GE(2) so for possible forward compatibility, we + * accept more fields but must be at least 2. */ + tor_assert(tok->n_args >= 2); - if (curve25519_public_from_base64(&ip->enc_key.curve25519.pubkey, - tok->args[1]) < 0) { - log_warn(LD_REND, "Introduction point ntor encryption key is invalid"); + if (curve25519_public_from_base64(&ip->enc_key, tok->args[1]) < 0) { + log_warn(LD_REND, "Introduction point ntor enc-key is invalid"); goto err; } - ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; - } else if (!strcmp(tok->args[0], "legacy")) { - /* "enc-key" SP "legacy" NL key NL */ - if (!tok->key) { - log_warn(LD_REND, "Introduction point legacy encryption key is " - "invalid"); - goto err; - } - ip->enc_key.legacy = crypto_pk_dup_key(tok->key); - ip->enc_key_type = HS_DESC_KEY_TYPE_LEGACY; } else { /* Unknown key type so we can't use that introduction point. */ log_warn(LD_REND, "Introduction point encryption key is unrecognized."); goto err; } - /* "enc-key-certification" NL certificate NL */ - tok = find_by_keyword(tokens, R3_INTRO_ENC_KEY_CERTIFICATION); + /* Exactly once "enc-key-cert" NL certificate NL */ + tok = find_by_keyword(tokens, R3_INTRO_ENC_KEY_CERT); tor_assert(tok->object_body); /* Do the cross certification. */ - switch (ip->enc_key_type) { - case HS_DESC_KEY_TYPE_CURVE25519: - { - if (strcmp(tok->object_type, "ED25519 CERT")) { + if (strcmp(tok->object_type, "ED25519 CERT")) { log_warn(LD_REND, "Introduction point ntor encryption key " "cross-certification has an unknown format."); goto err; - } - if (cert_parse_and_validate(&cross_cert, tok->object_body, - tok->object_size, CERT_TYPE_CROSS_HS_IP_KEYS, - "introduction point enc-key-certification") < 0) { - goto err; - } - break; } - case HS_DESC_KEY_TYPE_LEGACY: - if (strcmp(tok->object_type, "CROSSCERT")) { - log_warn(LD_REND, "Introduction point legacy encryption key " - "cross-certification has an unknown format."); - goto err; - } - if (rsa_ed25519_crosscert_check((const uint8_t *) tok->object_body, - tok->object_size, ip->enc_key.legacy, - &desc->plaintext_data.signing_key_cert->signed_key, - approx_time()-86400)) { - log_warn(LD_REND, "Unable to check cross-certification on the " - "introduction point legacy encryption key."); - goto err; - } - break; - default: - tor_assert(0); - break; + if (cert_parse_and_validate(&ip->enc_key_cert, tok->object_body, + tok->object_size, CERT_TYPE_CROSS_HS_IP_KEYS, + "introduction point enc-key-cert") < 0) { + goto err; + } + if (tor_cert_checksig(ip->enc_key_cert, + &desc->plaintext_data.signing_pubkey, 0) < 0) { + log_warn(LD_REND, "Invalid encryption key signature"); + goto err; } /* It is successfully cross certified. Flag the object. */ ip->cross_certified = 1; + + /* Do we have a "legacy-key" SP key NL ?*/ + tok = find_opt_by_keyword(tokens, R3_INTRO_LEGACY_KEY); + if (tok) { + if (decode_intro_legacy_key(tok, tokens, ip, desc) < 0) { + goto err; + } + } + + /* Introduction point has been parsed successfully. */ goto done; err: @@ -1710,7 +1736,6 @@ decode_introduction_point(const hs_descriptor_t *desc, const char *start) ip = NULL; done: - tor_cert_free(cross_cert); SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t)); smartlist_free(tokens); if (area) { diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h index b7d512c06b..b8b94792de 100644 --- a/src/or/hs_descriptor.h +++ b/src/or/hs_descriptor.h @@ -58,12 +58,6 @@ typedef enum { HS_DESC_AUTH_ED25519 = 1 } hs_desc_auth_type_t; -/* Type of encryption key in the descriptor. */ -typedef enum { - HS_DESC_KEY_TYPE_LEGACY = 1, - HS_DESC_KEY_TYPE_CURVE25519 = 2, -} hs_desc_key_type_t; - /* Link specifier object that contains information on how to extend to the * relay that is the address, port and handshake type. */ typedef struct hs_desc_link_specifier_t { @@ -91,18 +85,29 @@ typedef struct hs_desc_intro_point_t { * the blinded key and in turn signs it. */ tor_cert_t *auth_key_cert; - /* Encryption key type so we know which one to use in the union below. */ - hs_desc_key_type_t enc_key_type; - - /* Keys are mutually exclusive thus the union. */ - union { - /* Encryption key used to encrypt request to hidden service. */ - curve25519_keypair_t curve25519; - - /* Backward compat: RSA 1024 encryption key for legacy purposes. - * Mutually exclusive with enc_key. */ - crypto_pk_t *legacy; - } enc_key; + /* Encryption key for the "ntor" type. */ + curve25519_public_key_t enc_key; + + /* Certificate cross certifying the descriptor signing key by the encryption + * curve25519 key. This certificate contains the signing key and is of type + * CERT_TYPE_CROSS_HS_IP_KEYS [0B]. */ + tor_cert_t *enc_key_cert; + + /* (Optional): If this introduction point is a legacy one that is version <= + * 0.2.9.x (HSIntro=3), we use this extra key for the intro point to be able + * to relay the cells to the service correctly. */ + struct { + /* RSA public key. */ + crypto_pk_t *key; + + /* Cross certified cert with the descriptor signing key (RSA->Ed). Because + * of the cross certification API, we need to keep the certificate binary + * blob and its length in order to properly encode it after. */ + struct { + uint8_t *encoded; + size_t len; + } cert; + } legacy; /* True iff the introduction point has passed the cross certification. Upon * decoding an intro point, this must be true. */ diff --git a/src/or/include.am b/src/or/include.am index ff7110ea99..1ef5afa013 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -22,6 +22,7 @@ LIBTOR_A_SOURCES = \ src/or/bridges.c \ src/or/buffers.c \ src/or/channel.c \ + src/or/channelpadding.c \ src/or/channeltls.c \ src/or/circpathbias.c \ src/or/circuitbuild.c \ @@ -145,6 +146,7 @@ ORHEADERS = \ src/or/bridges.h \ src/or/buffers.h \ src/or/channel.h \ + src/or/channelpadding.h \ src/or/channeltls.h \ src/or/circpathbias.h \ src/or/circuitbuild.h \ diff --git a/src/or/main.c b/src/or/main.c index dcd7ef215e..2520a7e21d 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -54,6 +54,7 @@ #include "buffers.h" #include "channel.h" #include "channeltls.h" +#include "channelpadding.h" #include "circuitbuild.h" #include "circuitlist.h" #include "circuituse.h" @@ -178,7 +179,7 @@ static int signewnym_is_pending = 0; static unsigned newnym_epoch = 0; /** Smartlist of all open connections. */ -static smartlist_t *connection_array = NULL; +STATIC smartlist_t *connection_array = NULL; /** List of connections that have been marked for close and need to be freed * and removed from connection_array. */ static smartlist_t *closeable_connection_lst = NULL; @@ -1097,8 +1098,9 @@ run_connection_housekeeping(int i, time_t now) } else if (!have_any_circuits && now - or_conn->idle_timeout >= chan->timestamp_last_had_circuits) { - log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) " - "[no circuits for %d; timeout %d; %scanonical].", + log_info(LD_OR,"Expiring non-used OR connection "U64_FORMAT" to fd %d " + "(%s:%d) [no circuits for %d; timeout %d; %scanonical].", + U64_PRINTF_ARG(chan->global_identifier), (int)conn->s, conn->address, conn->port, (int)(now - chan->timestamp_last_had_circuits), or_conn->idle_timeout, @@ -1121,6 +1123,8 @@ run_connection_housekeeping(int i, time_t now) memset(&cell,0,sizeof(cell_t)); cell.command = CELL_PADDING; connection_or_write_cell_to_buf(&cell, or_conn); + } else { + channelpadding_decide_to_pad_channel(chan); } } @@ -1188,6 +1192,8 @@ CALLBACK(write_bridge_ns); CALLBACK(check_fw_helper_app); CALLBACK(heartbeat); CALLBACK(clean_consdiffmgr); +CALLBACK(reset_padding_counts); +CALLBACK(check_canonical_channels); #undef CALLBACK @@ -1221,6 +1227,8 @@ static periodic_event_item_t periodic_events[] = { CALLBACK(check_fw_helper_app), CALLBACK(heartbeat), CALLBACK(clean_consdiffmgr), + CALLBACK(reset_padding_counts), + CALLBACK(check_canonical_channels), END_OF_PERIODIC_EVENTS }; #undef CALLBACK @@ -1757,6 +1765,28 @@ write_stats_file_callback(time_t now, const or_options_t *options) return safe_timer_diff(now, next_time_to_write_stats_files); } +#define CHANNEL_CHECK_INTERVAL (60*60) +static int +check_canonical_channels_callback(time_t now, const or_options_t *options) +{ + (void)now; + if (public_server_mode(options)) + channel_check_for_duplicates(); + + return CHANNEL_CHECK_INTERVAL; +} + +static int +reset_padding_counts_callback(time_t now, const or_options_t *options) +{ + if (options->PaddingStatistics) { + rep_hist_prep_published_padding_counts(now); + } + + rep_hist_reset_padding_counts(); + return REPHIST_CELL_PADDING_COUNTS_INTERVAL; +} + /** * Periodic callback: Write bridge statistics to disk if appropriate. */ @@ -2384,6 +2414,8 @@ do_main_loop(void) } handle_signals(1); + monotime_init(); + timers_initialize(); /* load the private keys, if we're supposed to have them, and set up the * TLS context. */ @@ -2451,6 +2483,7 @@ do_main_loop(void) /* launch cpuworkers. Need to do this *after* we've read the onion key. */ cpu_init(); } + consdiffmgr_enable_background_compression(); /* Setup shared random protocol subsystem. */ if (authdir_mode_v3(get_options())) { @@ -2974,6 +3007,7 @@ tor_init(int argc, char *argv[]) rep_hist_init(); /* Initialize the service cache. */ rend_cache_init(); + hs_cache_init(); addressmap_init(); /* Init the client dns cache. Do it always, since it's * cheap. */ @@ -3063,6 +3097,13 @@ tor_init(int argc, char *argv[]) /* The options are now initialised */ const or_options_t *options = get_options(); + /* Initialize channelpadding parameters to defaults until we get + * a consensus */ + channelpadding_new_consensus_params(NULL); + + /* Initialize predicted ports list after loading options */ + predicted_ports_init(); + #ifndef _WIN32 if (geteuid()==0) log_warn(LD_GENERAL,"You are running Tor as root. You don't need to, " @@ -3260,6 +3301,9 @@ tor_cleanup(void) rep_hist_record_mtbf_data(now, 0); keypin_close_journal(); } + + timers_shutdown(); + #ifdef USE_DMALLOC dmalloc_log_stats(); #endif @@ -3633,6 +3677,11 @@ tor_main(int argc, char *argv[]) int result = 0; #ifdef _WIN32 +#ifndef HeapEnableTerminationOnCorruption +#define HeapEnableTerminationOnCorruption 1 +#endif + /* On heap corruption, just give up; don't try to play along. */ + HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0); /* Call SetProcessDEPPolicy to permanently enable DEP. The function will not resolve on earlier versions of Windows, and failure is not dangerous. */ @@ -3641,7 +3690,10 @@ tor_main(int argc, char *argv[]) typedef BOOL (WINAPI *PSETDEP)(DWORD); PSETDEP setdeppolicy = (PSETDEP)GetProcAddress(hMod, "SetProcessDEPPolicy"); - if (setdeppolicy) setdeppolicy(1); /* PROCESS_DEP_ENABLE */ + if (setdeppolicy) { + /* PROCESS_DEP_ENABLE | PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION */ + setdeppolicy(3); + } } #endif diff --git a/src/or/main.h b/src/or/main.h index 915d82b7ba..57aa372750 100644 --- a/src/or/main.h +++ b/src/or/main.h @@ -92,6 +92,9 @@ STATIC void init_connection_lists(void); STATIC void close_closeable_connections(void); STATIC void initialize_periodic_events(void); STATIC void teardown_periodic_events(void); +#ifdef TOR_UNIT_TESTS +extern smartlist_t *connection_array; +#endif #endif #endif diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 188e7531f8..fffd1078be 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -64,6 +64,7 @@ #include "shared_random.h" #include "transports.h" #include "torcert.h" +#include "channelpadding.h" /** Map from lowercase nickname to identity digest of named server, if any. */ static strmap_t *named_server_map = NULL; @@ -73,11 +74,11 @@ static strmap_t *unnamed_server_map = NULL; /** Most recently received and validated v3 "ns"-flavored consensus network * status. */ -static networkstatus_t *current_ns_consensus = NULL; +STATIC networkstatus_t *current_ns_consensus = NULL; /** Most recently received and validated v3 "microdec"-flavored consensus * network status. */ -static networkstatus_t *current_md_consensus = NULL; +STATIC networkstatus_t *current_md_consensus = NULL; /** A v3 consensus networkstatus that we've received, but which we don't * have enough certificates to be happy about. */ @@ -179,53 +180,74 @@ networkstatus_reset_download_failures(void) download_status_reset(&consensus_bootstrap_dl_status[i]); } +/** + * Read and and return the cached consensus of type <b>flavorname</b>. If + * <b>unverified</b> is false, get the one we haven't verified. Return NULL if + * the file isn't there. */ +static char * +networkstatus_read_cached_consensus_impl(int flav, + const char *flavorname, + int unverified_consensus) +{ + char buf[128]; + const char *prefix; + if (unverified_consensus) { + prefix = "unverified"; + } else { + prefix = "cached"; + } + if (flav == FLAV_NS) { + tor_snprintf(buf, sizeof(buf), "%s-consensus", prefix); + } else { + tor_snprintf(buf, sizeof(buf), "%s-%s-consensus", prefix, flavorname); + } + + char *filename = get_datadir_fname(buf); + char *result = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL); + tor_free(filename); + return result; +} + +/** Return a new string containing the current cached consensus of flavor + * <b>flavorname</b>. */ +char * +networkstatus_read_cached_consensus(const char *flavorname) + { + int flav = networkstatus_parse_flavor_name(flavorname); + if (flav < 0) + return NULL; + return networkstatus_read_cached_consensus_impl(flav, flavorname, 0); +} + /** Read every cached v3 consensus networkstatus from the disk. */ int router_reload_consensus_networkstatus(void) { - char *filename; - char *s; const unsigned int flags = NSSET_FROM_CACHE | NSSET_DONT_DOWNLOAD_CERTS; int flav; /* FFFF Suppress warnings if cached consensus is bad? */ for (flav = 0; flav < N_CONSENSUS_FLAVORS; ++flav) { - char buf[128]; const char *flavor = networkstatus_get_flavor_name(flav); - if (flav == FLAV_NS) { - filename = get_datadir_fname("cached-consensus"); - } else { - tor_snprintf(buf, sizeof(buf), "cached-%s-consensus", flavor); - filename = get_datadir_fname(buf); - } - s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL); + char *s = networkstatus_read_cached_consensus_impl(flav, flavor, 0); if (s) { if (networkstatus_set_current_consensus(s, flavor, flags, NULL) < -1) { - log_warn(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"", - flavor, filename); + log_warn(LD_FS, "Couldn't load consensus %s networkstatus from cache", + flavor); } tor_free(s); } - tor_free(filename); - - if (flav == FLAV_NS) { - filename = get_datadir_fname("unverified-consensus"); - } else { - tor_snprintf(buf, sizeof(buf), "unverified-%s-consensus", flavor); - filename = get_datadir_fname(buf); - } - s = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL); + s = networkstatus_read_cached_consensus_impl(flav, flavor, 1); if (s) { if (networkstatus_set_current_consensus(s, flavor, flags|NSSET_WAS_WAITING_FOR_CERTS, NULL)) { - log_info(LD_FS, "Couldn't load consensus %s networkstatus from \"%s\"", - flavor, filename); - } + log_info(LD_FS, "Couldn't load unverified consensus %s networkstatus " + "from cache", flavor); + } tor_free(s); } - tor_free(filename); } if (!networkstatus_get_latest_consensus()) { @@ -1385,16 +1407,24 @@ networkstatus_get_live_consensus,(time_t now)) * Return 1 if the consensus is reasonably live, or 0 if it is too old. */ int -networkstatus_consensus_reasonably_live(networkstatus_t *consensus, time_t now) +networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, + time_t now) { -#define REASONABLY_LIVE_TIME (24*60*60) if (BUG(!consensus)) return 0; - if (now <= consensus->valid_until + REASONABLY_LIVE_TIME) - return 1; + return networkstatus_valid_until_is_reasonably_live(consensus->valid_until, + now); +} - return 0; +/** As networkstatus_consensus_reasonably_live, but takes a valid_until + * time rather than an entire consensus. */ +int +networkstatus_valid_until_is_reasonably_live(time_t valid_until, + time_t now) +{ +#define REASONABLY_LIVE_TIME (24*60*60) + return (now <= valid_until + REASONABLY_LIVE_TIME); } /* XXXX remove this in favor of get_live_consensus. But actually, @@ -1967,6 +1997,7 @@ networkstatus_set_current_consensus(const char *consensus, circuit_build_times_new_consensus_params( get_circuit_build_times_mutable(), c); + channelpadding_new_consensus_params(c); } /* Reset the failure count only if this consensus is actually valid. */ @@ -1981,6 +2012,7 @@ networkstatus_set_current_consensus(const char *consensus, dirserv_set_cached_consensus_networkstatus(consensus, flavor, &c->digests, + c->digest_sha3_as_signed, c->valid_after); if (server_mode(get_options())) { consdiffmgr_add_consensus(consensus, c); @@ -2445,19 +2477,13 @@ networkstatus_parse_flavor_name(const char *flavname) * running, or otherwise not a descriptor that we would make any * use of even if we had it. Else return 1. */ int -client_would_use_router(const routerstatus_t *rs, time_t now, - const or_options_t *options) +client_would_use_router(const routerstatus_t *rs, time_t now) { if (!rs->is_flagged_running) { /* If we had this router descriptor, we wouldn't even bother using it. * (Fetching and storing depends on by we_want_to_fetch_flavor().) */ return 0; } - if (rs->published_on + options->TestingEstimatedDescriptorPropagationTime - > now) { - /* Most caches probably don't have this descriptor yet. */ - return 0; - } if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) { /* We'd drop it immediately for being too old. */ return 0; diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index 8a9f5f0b09..e774c4d266 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -16,6 +16,7 @@ void networkstatus_reset_warnings(void); void networkstatus_reset_download_failures(void); +char *networkstatus_read_cached_consensus(const char *flavorname); int router_reload_consensus_networkstatus(void); void routerstatus_free(routerstatus_t *rs); void networkstatus_vote_free(networkstatus_t *ns); @@ -75,14 +76,15 @@ int should_delay_dir_fetches(const or_options_t *options,const char **msg_out); void update_networkstatus_downloads(time_t now); void update_certificate_downloads(time_t now); int consensus_is_waiting_for_certs(void); -int client_would_use_router(const routerstatus_t *rs, time_t now, - const or_options_t *options); +int client_would_use_router(const routerstatus_t *rs, time_t now); MOCK_DECL(networkstatus_t *,networkstatus_get_latest_consensus,(void)); MOCK_DECL(networkstatus_t *,networkstatus_get_latest_consensus_by_flavor, (consensus_flavor_t f)); MOCK_DECL(networkstatus_t *, networkstatus_get_live_consensus,(time_t now)); -int networkstatus_consensus_reasonably_live(networkstatus_t *consensus, +int networkstatus_consensus_reasonably_live(const networkstatus_t *consensus, time_t now); +int networkstatus_valid_until_is_reasonably_live(time_t valid_until, + time_t now); networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now, int flavor); MOCK_DECL(int, networkstatus_consensus_is_bootstrapping,(time_t now)); @@ -138,7 +140,9 @@ void vote_routerstatus_free(vote_routerstatus_t *rs); #ifdef TOR_UNIT_TESTS STATIC int networkstatus_set_current_consensus_from_ns(networkstatus_t *c, const char *flavor); -#endif // TOR_UNIT_TESTS +extern networkstatus_t *current_ns_consensus; +extern networkstatus_t *current_md_consensus; +#endif #endif #endif diff --git a/src/or/nodelist.c b/src/or/nodelist.c index dc4d9a63e3..e24261b28d 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -74,7 +74,6 @@ static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, - const or_options_t *options, time_t now, routerset_t *in_set, usable_descriptor_t exit_only); @@ -1690,7 +1689,7 @@ static void count_usable_descriptors(int *num_present, int *num_usable, smartlist_t *descs_out, const networkstatus_t *consensus, - const or_options_t *options, time_t now, + time_t now, routerset_t *in_set, usable_descriptor_t exit_only) { @@ -1707,7 +1706,7 @@ count_usable_descriptors(int *num_present, int *num_usable, continue; if (in_set && ! routerset_contains_routerstatus(in_set, rs, -1)) continue; - if (client_would_use_router(rs, now, options)) { + if (client_would_use_router(rs, now)) { const char * const digest = rs->descriptor_digest; int present; ++*num_usable; /* the consensus says we want it. */ @@ -1761,10 +1760,10 @@ compute_frac_paths_available(const networkstatus_t *consensus, const int authdir = authdir_mode_v3(options); count_usable_descriptors(num_present_out, num_usable_out, - mid, consensus, options, now, NULL, + mid, consensus, now, NULL, USABLE_DESCRIPTOR_ALL); if (options->EntryNodes) { - count_usable_descriptors(&np, &nu, guards, consensus, options, now, + count_usable_descriptors(&np, &nu, guards, consensus, now, options->EntryNodes, USABLE_DESCRIPTOR_ALL); } else { SMARTLIST_FOREACH(mid, const node_t *, node, { @@ -1785,7 +1784,7 @@ compute_frac_paths_available(const networkstatus_t *consensus, * an unavoidable feature of forcing authorities to declare * certain nodes as exits. */ - count_usable_descriptors(&np, &nu, exits, consensus, options, now, + count_usable_descriptors(&np, &nu, exits, consensus, now, NULL, USABLE_DESCRIPTOR_EXIT_ONLY); log_debug(LD_NET, "%s: %d present, %d usable", @@ -1834,7 +1833,7 @@ compute_frac_paths_available(const networkstatus_t *consensus, smartlist_t *myexits_unflagged = smartlist_new(); /* All nodes with exit flag in ExitNodes option */ - count_usable_descriptors(&np, &nu, myexits, consensus, options, now, + count_usable_descriptors(&np, &nu, myexits, consensus, now, options->ExitNodes, USABLE_DESCRIPTOR_EXIT_ONLY); log_debug(LD_NET, "%s: %d present, %d usable", @@ -1845,7 +1844,7 @@ compute_frac_paths_available(const networkstatus_t *consensus, /* Now compute the nodes in the ExitNodes option where which we don't know * what their exit policy is, or we know it permits something. */ count_usable_descriptors(&np, &nu, myexits_unflagged, - consensus, options, now, + consensus, now, options->ExitNodes, USABLE_DESCRIPTOR_ALL); log_debug(LD_NET, "%s: %d present, %d usable", diff --git a/src/or/or.h b/src/or/or.h index a09533f970..0d29e19d75 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -896,6 +896,7 @@ typedef enum { #define CELL_RELAY_EARLY 9 #define CELL_CREATE2 10 #define CELL_CREATED2 11 +#define CELL_PADDING_NEGOTIATE 12 #define CELL_VPADDING 128 #define CELL_CERTS 129 @@ -1564,10 +1565,6 @@ typedef struct or_connection_t { * NETINFO cell listed the address we're connected to as recognized. */ unsigned int is_canonical:1; - /** True iff we have decided that the other end of this connection - * is a client. Connections with this flag set should never be used - * to satisfy an EXTEND request. */ - unsigned int is_connection_with_client:1; /** True iff this is an outgoing connection. */ unsigned int is_outgoing:1; unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */ @@ -1937,11 +1934,13 @@ typedef struct addr_policy_t { * compressed form. */ typedef struct cached_dir_t { char *dir; /**< Contents of this object, NUL-terminated. */ - char *dir_z; /**< Compressed contents of this object. */ + char *dir_compressed; /**< Compressed contents of this object. */ size_t dir_len; /**< Length of <b>dir</b> (not counting its NUL). */ - size_t dir_z_len; /**< Length of <b>dir_z</b>. */ + size_t dir_compressed_len; /**< Length of <b>dir_compressed</b>. */ time_t published; /**< When was this object published. */ common_digests_t digests; /**< Digests of this object (networkstatus only) */ + /** Sha3 digest (also ns only) */ + uint8_t digest_sha3_as_signed[DIGEST256_LEN]; int refcnt; /**< Reference count for this cached_dir_t. */ } cached_dir_t; @@ -2642,6 +2641,9 @@ typedef struct networkstatus_t { /** Digests of this document, as signed. */ common_digests_t digests; + /** A SHA3-256 digest of the document, not including signatures: used for + * consensus diffs */ + uint8_t digest_sha3_as_signed[DIGEST256_LEN]; /** List of router statuses, sorted by identity digest. For a vote, * the elements are vote_routerstatus_t; for a consensus, the elements @@ -3330,6 +3332,13 @@ typedef struct origin_circuit_t { * adjust_exit_policy_from_exitpolicy_failure. */ smartlist_t *prepend_policy; + + /** How long do we wait before closing this circuit if it remains + * completely idle after it was built, in seconds? This value + * is randomized on a per-circuit basis from CircuitsAvailableTimoeut + * to 2*CircuitsAvailableTimoeut. */ + int circuit_idle_timeout; + } origin_circuit_t; struct onion_queue_t; @@ -3471,15 +3480,6 @@ static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT( return DOWNCAST(origin_circuit_t, x); } -/** Bitfield type: things that we're willing to use invalid routers for. */ -typedef enum invalid_router_usage_t { - ALLOW_INVALID_ENTRY =1, - ALLOW_INVALID_EXIT =2, - ALLOW_INVALID_MIDDLE =4, - ALLOW_INVALID_RENDEZVOUS =8, - ALLOW_INVALID_INTRODUCTION=16, -} invalid_router_usage_t; - /* limits for TCP send and recv buffer size used for constrained sockets */ #define MIN_CONSTRAINED_TCP_BUFFER 2048 #define MAX_CONSTRAINED_TCP_BUFFER 262144 /* 256k */ @@ -3605,10 +3605,6 @@ typedef struct { int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our * process for all current and future memory. */ - /** List of "entry", "middle", "exit", "introduction", "rendezvous". */ - smartlist_t *AllowInvalidNodes; - /** Bitmask; derived from AllowInvalidNodes. */ - invalid_router_usage_t AllowInvalid_; config_line_t *ExitPolicy; /**< Lists of exit policy components. */ int ExitPolicyRejectPrivate; /**< Should we not exit to reserved private * addresses, and our own published addresses? @@ -3619,21 +3615,6 @@ typedef struct { * configured ports. */ config_line_t *SocksPolicy; /**< Lists of socks policy components */ config_line_t *DirPolicy; /**< Lists of dir policy components */ - /** Addresses to bind for listening for SOCKS connections. */ - config_line_t *SocksListenAddress; - /** Addresses to bind for listening for transparent pf/netfilter - * connections. */ - config_line_t *TransListenAddress; - /** Addresses to bind for listening for transparent natd connections */ - config_line_t *NATDListenAddress; - /** Addresses to bind for listening for SOCKS connections. */ - config_line_t *DNSListenAddress; - /** Addresses to bind for listening for OR connections. */ - config_line_t *ORListenAddress; - /** Addresses to bind for listening for directory connections. */ - config_line_t *DirListenAddress; - /** Addresses to bind for listening for control connections. */ - config_line_t *ControlListenAddress; /** Local address to bind outbound sockets */ config_line_t *OutboundBindAddress; /** Local address to bind outbound relay sockets */ @@ -3655,7 +3636,6 @@ typedef struct { /** Whether routers accept EXTEND cells to routers with private IPs. */ int ExtendAllowPrivateAddresses; char *User; /**< Name of user to run Tor as. */ - char *Group; /**< Name of group to run Tor as. */ config_line_t *ORPort_lines; /**< Ports to listen on for OR connections. */ /** Ports to listen on for extended OR connections. */ config_line_t *ExtORPort_lines; @@ -3758,6 +3738,15 @@ typedef struct { int AvoidDiskWrites; /**< Boolean: should we never cache things to disk? * Not used yet. */ int ClientOnly; /**< Boolean: should we never evolve into a server role? */ + + int ReducedConnectionPadding; /**< Boolean: Should we try to keep connections + open shorter and pad them less against + connection-level traffic analysis? */ + /** Autobool: if auto, then connection padding will be negotiated by client + * and server. If 0, it will be fully disabled. If 1, the client will still + * pad to the server regardless of server support. */ + int ConnectionPadding; + /** To what authority types do we publish our descriptor? Choices are * "v1", "v2", "v3", "bridge", or "". */ smartlist_t *PublishServerDescriptor; @@ -3783,15 +3772,6 @@ typedef struct { /** A routerset that should be used when picking RPs for HS circuits. */ routerset_t *Tor2webRendezvousPoints; - /** Close hidden service client circuits immediately when they reach - * the normal circuit-build timeout, even if they have already sent - * an INTRODUCE1 cell on its way to the service. */ - int CloseHSClientCircuitsImmediatelyOnTimeout; - - /** Close hidden-service-side rendezvous circuits immediately when - * they reach the normal circuit-build timeout. */ - int CloseHSServiceRendCircuitsImmediatelyOnTimeout; - /** Onion Services in HiddenServiceSingleHopMode make one-hop (direct) * circuits between the onion service server, and the introduction and * rendezvous points. (Onion service descriptors are still posted using @@ -3872,8 +3852,8 @@ typedef struct { int CircuitBuildTimeout; /**< Cull non-open circuits that were born at * least this many seconds ago. Used until * adaptive algorithm learns a new value. */ - int CircuitIdleTimeout; /**< Cull open clean circuits that were born - * at least this many seconds ago. */ + int CircuitsAvailableTimeout; /**< Try to have an open circuit for at + least this long after last activity */ int CircuitStreamTimeout; /**< If non-zero, detach streams from circuits * and try a new circuit if the stream has been * waiting for this many seconds. If zero, use @@ -3883,10 +3863,6 @@ typedef struct { * a new one? */ int MaxCircuitDirtiness; /**< Never use circs that were first used more than this interval ago. */ - int PredictedPortsRelevanceTime; /** How long after we've requested a - * connection for a given port, do we want - * to continue to pick exits that support - * that port? */ uint64_t BandwidthRate; /**< How much bandwidth, on average, are we willing * to use in a second? */ uint64_t BandwidthBurst; /**< How much bandwidth, at maximum, are we willing @@ -3900,8 +3876,6 @@ typedef struct { uint64_t PerConnBWRate; /**< Long-term bw on a single TLS conn, if set. */ uint64_t PerConnBWBurst; /**< Allowed burst on a single TLS conn, if set. */ int NumCPUs; /**< How many CPUs should we try to use? */ -//int RunTesting; /**< If true, create testing circuits to measure how well the -// * other ORs are running. */ config_line_t *RendConfigLines; /**< List of configuration lines * for rendezvous services. */ config_line_t *HidServAuth; /**< List of configuration lines for client-side @@ -3952,7 +3926,8 @@ typedef struct { /** If set, use these bridge authorities and not the default one. */ config_line_t *AlternateBridgeAuthority; - char *MyFamily; /**< Declared family for this OR. */ + config_line_t *MyFamily_lines; /**< Declared family for this OR. */ + config_line_t *MyFamily; /**< Declared family for this OR, normalized */ config_line_t *NodeFamilies; /**< List of config lines for * node families */ smartlist_t *NodeFamilySets; /**< List of parsed NodeFamilies values. */ @@ -4071,8 +4046,6 @@ typedef struct { int NumDirectoryGuards; /**< How many dir guards do we try to establish? * If 0, use value from NumEntryGuards. */ int RephistTrackTime; /**< How many seconds do we keep rephist info? */ - int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third - * of our PK time by sending CREATE_FAST cells? */ /** Should we always fetch our dir info on the mirror schedule (which * means directly from the authorities) no matter our other config? */ int FetchDirInfoEarly; @@ -4128,16 +4101,6 @@ typedef struct { * if we are a cache). For authorities, this is always true. */ int DownloadExtraInfo; - /** If true, and we are acting as a relay, allow exit circuits even when - * we are the first hop of a circuit. */ - int AllowSingleHopExits; - /** If true, don't allow relays with AllowSingleHopExits=1 to be used in - * circuits that we build. */ - int ExcludeSingleHopRelays; - /** If true, and the controller tells us to use a one-hop circuit, and the - * exit allows it, we use it. */ - int AllowSingleHopCircuits; - /** If true, we convert "www.google.com.foo.exit" addresses on the * socks/trans/natd ports into "www.google.com" addresses that * exit from the node "foo". Disabled by default since attacking @@ -4145,10 +4108,6 @@ typedef struct { * selection. */ int AllowDotExit; - /** If true, we will warn if a user gives us only an IP address - * instead of a hostname. */ - int WarnUnsafeSocks; - /** If true, we're configured to collect statistics on clients * requesting network statuses from us as directory. */ int DirReqStatistics_option; @@ -4165,6 +4124,9 @@ typedef struct { /** If true, the user wants us to collect cell statistics. */ int CellStatistics; + /** If true, the user wants us to collect padding statistics. */ + int PaddingStatistics; + /** If true, the user wants us to collect statistics as entry node. */ int EntryStatistics; @@ -4372,8 +4334,7 @@ typedef struct { int TestingDirAuthVoteGuardIsStrict; /** Relays in a testing network which should be voted HSDir - * regardless of uptime and DirPort. - * Respects VoteOnHidServDirectoriesV2. */ + * regardless of uptime and DirPort. */ routerset_t *TestingDirAuthVoteHSDir; int TestingDirAuthVoteHSDirIsStrict; @@ -4505,8 +4466,6 @@ typedef struct { int IPv6Exit; /**< Do we support exiting to IPv6 addresses? */ - char *TLSECGroup; /**< One of "P256", "P224", or nil for auto */ - /** Fraction: */ double PathsNeededToBuildCircuits; @@ -4590,6 +4549,9 @@ typedef struct { * do we enforce Ed25519 identity match? */ /* NOTE: remove this option someday. */ int AuthDirTestEd25519LinkKeys; + + /** Bool (default: 0): Tells if a %include was used on torrc */ + int IncludeUsed; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ @@ -4815,7 +4777,7 @@ typedef uint32_t build_time_t; double circuit_build_times_quantile_cutoff(void); /** How often in seconds should we build a test circuit */ -#define CBT_DEFAULT_TEST_FREQUENCY 60 +#define CBT_DEFAULT_TEST_FREQUENCY 10 #define CBT_MIN_TEST_FREQUENCY 1 #define CBT_MAX_TEST_FREQUENCY INT32_MAX @@ -5358,7 +5320,6 @@ typedef enum { CRN_NEED_UPTIME = 1<<0, CRN_NEED_CAPACITY = 1<<1, CRN_NEED_GUARD = 1<<2, - CRN_ALLOW_INVALID = 1<<3, /* XXXX not used, apparently. */ CRN_WEIGHT_AS_EXIT = 1<<5, CRN_NEED_DESC = 1<<6, @@ -5373,8 +5334,6 @@ typedef enum { typedef enum was_router_added_t { /* Router was added successfully. */ ROUTER_ADDED_SUCCESSFULLY = 1, - /* Router descriptor was added with warnings to submitter. */ - ROUTER_ADDED_NOTIFY_GENERATOR = 0, /* Extrainfo document was rejected because no corresponding router * descriptor was found OR router descriptor was rejected because * it was incompatible with its extrainfo document. */ diff --git a/src/or/parsecommon.h b/src/or/parsecommon.h index f4974a9683..b9f1613457 100644 --- a/src/or/parsecommon.h +++ b/src/or/parsecommon.h @@ -162,7 +162,9 @@ typedef enum { R3_INTRODUCTION_POINT, R3_INTRO_AUTH_KEY, R3_INTRO_ENC_KEY, - R3_INTRO_ENC_KEY_CERTIFICATION, + R3_INTRO_ENC_KEY_CERT, + R3_INTRO_LEGACY_KEY, + R3_INTRO_LEGACY_KEY_CERT, R3_DESC_AUTH_TYPE, R3_DESC_AUTH_KEY, R3_DESC_AUTH_CLIENT, diff --git a/src/or/protover.c b/src/or/protover.c index ee58927fc5..1a3e69be10 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -288,7 +288,7 @@ protover_get_supported_protocols(void) return "Cons=1-2 " "Desc=1-2 " - "DirCache=1 " + "DirCache=1-2 " "HSDir=1-2 " "HSIntro=3-4 " "HSRend=1-2 " diff --git a/src/or/relay.c b/src/or/relay.c index 1842012ed7..7082002f84 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -75,6 +75,7 @@ #include "routerlist.h" #include "routerparse.h" #include "scheduler.h" +#include "rephist.h" static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, @@ -197,6 +198,82 @@ relay_crypt_one_payload(crypto_cipher_t *cipher, uint8_t *in, return 0; } +/** + * Update channel usage state based on the type of relay cell and + * circuit properties. + * + * This is needed to determine if a client channel is being + * used for application traffic, and if a relay channel is being + * used for multihop circuits and application traffic. The decision + * to pad in channelpadding.c depends upon this info (as well as + * consensus parameters) to decide what channels to pad. + */ +static void +circuit_update_channel_usage(circuit_t *circ, cell_t *cell) +{ + if (CIRCUIT_IS_ORIGIN(circ)) { + /* + * The client state was first set much earlier in + * circuit_send_next_onion_skin(), so we can start padding as early as + * possible. + * + * However, if padding turns out to be expensive, we may want to not do + * it until actual application traffic starts flowing (which is controlled + * via consensus param nf_pad_before_usage). + * + * So: If we're an origin circuit and we've created a full length circuit, + * then any CELL_RELAY cell means application data. Increase the usage + * state of the channel to indicate this. + * + * We want to wait for CELL_RELAY specifically here, so we know that + * the channel was definitely being used for data and not for extends. + * By default, we pad as soon as a channel has been used for *any* + * circuits, so this state is irrelevant to the padding decision in + * the default case. However, if padding turns out to be expensive, + * we would like the ability to avoid padding until we're absolutely + * sure that a channel is used for enough application data to be worth + * padding. + * + * (So it does not matter that CELL_RELAY_EARLY can actually contain + * application data. This is only a load reducing option and that edge + * case does not matter if we're desperately trying to reduce overhead + * anyway. See also consensus parameter nf_pad_before_usage). + */ + if (BUG(!circ->n_chan)) + return; + + if (circ->n_chan->channel_usage == CHANNEL_USED_FOR_FULL_CIRCS && + cell->command == CELL_RELAY) { + circ->n_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC; + } + } else { + /* If we're a relay circuit, the question is more complicated. Basically: + * we only want to pad connections that carry multihop (anonymous) + * circuits. + * + * We assume we're more than one hop if either the previous hop + * is not a client, or if the previous hop is a client and there's + * a next hop. Then, circuit traffic starts at RELAY_EARLY, and + * user application traffic starts when we see RELAY cells. + */ + or_circuit_t *or_circ = TO_OR_CIRCUIT(circ); + + if (BUG(!or_circ->p_chan)) + return; + + if (!channel_is_client(or_circ->p_chan) || + (channel_is_client(or_circ->p_chan) && circ->n_chan)) { + if (cell->command == CELL_RELAY_EARLY) { + if (or_circ->p_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS) { + or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; + } + } else if (cell->command == CELL_RELAY) { + or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC; + } + } + } +} + /** Receive a relay cell: * - Crypt it (encrypt if headed toward the origin or if we <b>are</b> the * origin; decrypt if we're headed toward the exit). @@ -231,6 +308,8 @@ circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, return -END_CIRC_REASON_INTERNAL; } + circuit_update_channel_usage(circ, cell); + if (recognized) { edge_connection_t *conn = NULL; @@ -639,6 +718,9 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ, log_debug(LD_OR,"delivering %d cell %s.", relay_command, cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward"); + if (relay_command == RELAY_COMMAND_DROP) + rep_hist_padding_count_write(PADDING_TYPE_DROP); + /* If we are sending an END cell and this circuit is used for a tunneled * directory request, advance its state. */ if (relay_command == RELAY_COMMAND_END && circ->dirreq_id) @@ -1530,6 +1612,7 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, switch (rh.command) { case RELAY_COMMAND_DROP: + rep_hist_padding_count_read(PADDING_TYPE_DROP); // log_info(domain,"Got a relay-level padding cell. Dropping."); return 0; case RELAY_COMMAND_BEGIN: diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 1ae03ed408..9bc2d6289d 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -724,6 +724,9 @@ directory_get_from_hs_dir(const char *desc_id, hs_dir = pick_hsdir(desc_id, desc_id_base32); if (!hs_dir) { /* No suitable hs dir can be found, stop right now. */ + control_event_hs_descriptor_failed(rend_query, NULL, "QUERY_NO_HSDIR"); + control_event_hs_descriptor_content(rend_data_get_address(rend_query), + desc_id_base32, NULL, NULL); return 0; } } @@ -744,6 +747,9 @@ directory_get_from_hs_dir(const char *desc_id, REND_DESC_COOKIE_LEN, 0)<0) { log_warn(LD_BUG, "Could not base64-encode descriptor cookie."); + control_event_hs_descriptor_failed(rend_query, hsdir_fp, "BAD_DESC"); + control_event_hs_descriptor_content(rend_data_get_address(rend_query), + desc_id_base32, hsdir_fp, NULL); return 0; } /* Remove == signs. */ diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 5de153caa4..f3b78c4663 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -245,35 +245,23 @@ rend_service_free_all(void) rend_service_list = NULL; } -/** Validate <b>service</b> and add it to <b>service_list</b>, or to - * the global rend_service_list if <b>service_list</b> is NULL. - * Return 0 on success. On failure, free <b>service</b> and return -1. - * Takes ownership of <b>service</b>. - */ +/* Validate a <b>service</b>. Use the <b>service_list</b> to make sure there + * is no duplicate entry for the given service object. Return 0 if valid else + * -1 if not.*/ static int -rend_add_service(smartlist_t *service_list, rend_service_t *service) +rend_validate_service(const smartlist_t *service_list, + const rend_service_t *service) { - int i; - rend_service_port_config_t *p; + int dupe = 0; + tor_assert(service_list); tor_assert(service); - smartlist_t *s_list = rend_get_service_list_mutable(service_list); - /* We must have a service list, even if it's a temporary one, so we can - * check for duplicate services */ - if (BUG(!s_list)) { - return -1; - } - - service->intro_nodes = smartlist_new(); - service->expiring_nodes = smartlist_new(); - if (service->max_streams_per_circuit < 0) { log_warn(LD_CONFIG, "Hidden service (%s) configured with negative max " "streams per circuit.", rend_service_escaped_dir(service)); - rend_service_free(service); - return -1; + goto invalid; } if (service->max_streams_close_circuit < 0 || @@ -281,87 +269,107 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service) log_warn(LD_CONFIG, "Hidden service (%s) configured with invalid " "max streams handling.", rend_service_escaped_dir(service)); - rend_service_free(service); - return -1; + goto invalid; } if (service->auth_type != REND_NO_AUTH && - (!service->clients || - smartlist_len(service->clients) == 0)) { - log_warn(LD_CONFIG, "Hidden service (%s) with client authorization but no " - "clients.", + (!service->clients || smartlist_len(service->clients) == 0)) { + log_warn(LD_CONFIG, "Hidden service (%s) with client authorization but " + "no clients.", rend_service_escaped_dir(service)); - rend_service_free(service); - return -1; + goto invalid; } if (!service->ports || !smartlist_len(service->ports)) { log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured.", rend_service_escaped_dir(service)); - rend_service_free(service); - return -1; - } else { - int dupe = 0; - /* XXX This duplicate check has two problems: - * - * a) It's O(n^2), but the same comment from the bottom of - * rend_config_services() should apply. - * - * b) We only compare directory paths as strings, so we can't - * detect two distinct paths that specify the same directory - * (which can arise from symlinks, case-insensitivity, bind - * mounts, etc.). - * - * It also can't detect that two separate Tor instances are trying - * to use the same HiddenServiceDir; for that, we would need a - * lock file. But this is enough to detect a simple mistake that - * at least one person has actually made. - */ - tor_assert(s_list); - if (!rend_service_is_ephemeral(service)) { - /* Skip dupe for ephemeral services. */ - SMARTLIST_FOREACH(s_list, rend_service_t*, ptr, - dupe = dupe || - !strcmp(ptr->directory, service->directory)); - if (dupe) { - log_warn(LD_REND, "Another hidden service is already configured for " - "directory %s.", - rend_service_escaped_dir(service)); - rend_service_free(service); - return -1; - } + goto invalid; + } + + /* XXX This duplicate check has two problems: + * + * a) It's O(n^2), but the same comment from the bottom of + * rend_config_services() should apply. + * + * b) We only compare directory paths as strings, so we can't + * detect two distinct paths that specify the same directory + * (which can arise from symlinks, case-insensitivity, bind + * mounts, etc.). + * + * It also can't detect that two separate Tor instances are trying + * to use the same HiddenServiceDir; for that, we would need a + * lock file. But this is enough to detect a simple mistake that + * at least one person has actually made. + */ + if (!rend_service_is_ephemeral(service)) { + /* Skip dupe for ephemeral services. */ + SMARTLIST_FOREACH(service_list, rend_service_t *, ptr, + dupe = dupe || + !strcmp(ptr->directory, service->directory)); + if (dupe) { + log_warn(LD_REND, "Another hidden service is already configured for " + "directory %s.", + rend_service_escaped_dir(service)); + goto invalid; } - log_debug(LD_REND,"Configuring service with directory %s", - rend_service_escaped_dir(service)); - for (i = 0; i < smartlist_len(service->ports); ++i) { - p = smartlist_get(service->ports, i); - if (!(p->is_unix_addr)) { - log_debug(LD_REND, - "Service maps port %d to %s", - p->virtual_port, - fmt_addrport(&p->real_addr, p->real_port)); - } else { + } + + /* Valid. */ + return 0; + invalid: + return -1; +} + +/** Add it to <b>service_list</b>, or to the global rend_service_list if + * <b>service_list</b> is NULL. Return 0 on success. On failure, free + * <b>service</b> and return -1. Takes ownership of <b>service</b>. */ +static int +rend_add_service(smartlist_t *service_list, rend_service_t *service) +{ + int i; + rend_service_port_config_t *p; + + tor_assert(service); + + smartlist_t *s_list = rend_get_service_list_mutable(service_list); + /* We must have a service list, even if it's a temporary one, so we can + * check for duplicate services */ + if (BUG(!s_list)) { + return -1; + } + + service->intro_nodes = smartlist_new(); + service->expiring_nodes = smartlist_new(); + + log_debug(LD_REND,"Configuring service with directory %s", + rend_service_escaped_dir(service)); + for (i = 0; i < smartlist_len(service->ports); ++i) { + p = smartlist_get(service->ports, i); + if (!(p->is_unix_addr)) { + log_debug(LD_REND, + "Service maps port %d to %s", + p->virtual_port, + fmt_addrport(&p->real_addr, p->real_port)); + } else { #ifdef HAVE_SYS_UN_H - log_debug(LD_REND, - "Service maps port %d to socket at \"%s\"", - p->virtual_port, p->unix_addr); + log_debug(LD_REND, + "Service maps port %d to socket at \"%s\"", + p->virtual_port, p->unix_addr); #else - log_warn(LD_BUG, - "Service maps port %d to an AF_UNIX socket, but we " - "have no AF_UNIX support on this platform. This is " - "probably a bug.", - p->virtual_port); - rend_service_free(service); - return -1; + log_warn(LD_BUG, + "Service maps port %d to an AF_UNIX socket, but we " + "have no AF_UNIX support on this platform. This is " + "probably a bug.", + p->virtual_port); + rend_service_free(service); + return -1; #endif /* defined(HAVE_SYS_UN_H) */ - } } - /* The service passed all the checks */ - tor_assert(s_list); - smartlist_add(s_list, service); - return 0; } - /* NOTREACHED */ + /* The service passed all the checks */ + tor_assert(s_list); + smartlist_add(s_list, service); + return 0; } /** Return a new rend_service_port_config_t with its path set to @@ -671,13 +679,19 @@ rend_config_services(const or_options_t *options, int validate_only) for (line = options->RendConfigLines; line; line = line->next) { if (!strcasecmp(line->key, "HiddenServiceDir")) { - /* register the service we just finished parsing - * this code registers every service except the last one parsed, - * which is registered below the loop */ - if (rend_service_check_dir_and_add(rend_service_staging_list, options, - service, validate_only) < 0) { - service = NULL; - goto free_and_return; + if (service) { + /* Validate and register the service we just finished parsing this + * code registers every service except the last one parsed, which is + * validated and registered below the loop. */ + if (rend_validate_service(rend_service_staging_list, service) < 0) { + goto free_and_return; + } + if (rend_service_check_dir_and_add(rend_service_staging_list, options, + service, validate_only) < 0) { + /* The above frees the service on error so nullify the pointer. */ + service = NULL; + goto free_and_return; + } } service = tor_malloc_zero(sizeof(rend_service_t)); service->directory = tor_strdup(line->value); @@ -872,14 +886,23 @@ rend_config_services(const or_options_t *options, int validate_only) } } } + /* Validate the last service that we just parsed. */ + if (service && + rend_validate_service(rend_service_staging_list, service) < 0) { + goto free_and_return; + } /* register the final service after we have finished parsing all services * this code only registers the last service, other services are registered * within the loop. It is ok for this service to be NULL, it is ignored. */ if (rend_service_check_dir_and_add(rend_service_staging_list, options, service, validate_only) < 0) { + /* Service object is freed on error so nullify pointer. */ service = NULL; goto free_and_return; } + /* The service is in the staging list so nullify pointer to avoid double + * free of this object in case of error because we lost ownership of it at + * this point. */ service = NULL; /* Free the newly added services if validating */ @@ -4182,8 +4205,6 @@ rend_consider_services_intro_points(void) const node_t *node; rend_intro_point_t *intro; router_crn_flags_t flags = CRN_NEED_UPTIME|CRN_NEED_DESC; - if (get_options()->AllowInvalid_ & ALLOW_INVALID_INTRODUCTION) - flags |= CRN_ALLOW_INVALID; router_crn_flags_t direct_flags = flags; direct_flags |= CRN_PREF_ADDR; direct_flags |= CRN_DIRECT_CONN; diff --git a/src/or/rephist.c b/src/or/rephist.c index 231130f13c..72a5cc5a9b 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -84,9 +84,13 @@ #include "router.h" #include "routerlist.h" #include "ht.h" +#include "channelpadding.h" + +#include "channelpadding.h" +#include "connection_or.h" static void bw_arrays_init(void); -static void predicted_ports_init(void); +static void predicted_ports_alloc(void); /** Total number of bytes currently allocated in fields used by rephist.c. */ uint64_t rephist_total_alloc=0; @@ -165,6 +169,44 @@ typedef struct or_history_t { digestmap_t *link_history_map; } or_history_t; +/** + * This structure holds accounting needed to calculate the padding overhead. + */ +typedef struct padding_counts_t { + /** Total number of cells we have received, including padding */ + uint64_t read_cell_count; + /** Total number of cells we have sent, including padding */ + uint64_t write_cell_count; + /** Total number of CELL_PADDING cells we have received */ + uint64_t read_pad_cell_count; + /** Total number of CELL_PADDING cells we have sent */ + uint64_t write_pad_cell_count; + /** Total number of read cells on padding-enabled conns */ + uint64_t enabled_read_cell_count; + /** Total number of sent cells on padding-enabled conns */ + uint64_t enabled_write_cell_count; + /** Total number of read CELL_PADDING cells on padding-enabled cons */ + uint64_t enabled_read_pad_cell_count; + /** Total number of sent CELL_PADDING cells on padding-enabled cons */ + uint64_t enabled_write_pad_cell_count; + /** Total number of RELAY_DROP cells we have received */ + uint64_t read_drop_cell_count; + /** Total number of RELAY_DROP cells we have sent */ + uint64_t write_drop_cell_count; + /** The maximum number of padding timers we've seen in 24 hours */ + uint64_t maximum_chanpad_timers; + /** When did we first copy padding_current into padding_published? */ + char first_published_at[ISO_TIME_LEN+1]; +} padding_counts_t; + +/** Holds the current values of our padding statistics. + * It is not published until it is transferred to padding_published. */ +static padding_counts_t padding_current; + +/** Remains fixed for a 24 hour period, and then is replaced + * by a redacted copy of padding_current */ +static padding_counts_t padding_published; + /** When did we last multiply all routers' weighted_run_length and * total_run_weights by STABILITY_ALPHA? */ static time_t stability_last_downrated = 0; @@ -264,7 +306,7 @@ rep_hist_init(void) { history_map = digestmap_new(); bw_arrays_init(); - predicted_ports_init(); + predicted_ports_alloc(); } /** Helper: note that we are no longer connected to the router with history @@ -1758,6 +1800,40 @@ typedef struct predicted_port_t { /** A list of port numbers that have been used recently. */ static smartlist_t *predicted_ports_list=NULL; +/** How long do we keep predicting circuits? */ +static int prediction_timeout=0; +/** When was the last time we added a prediction entry (HS or port) */ +static time_t last_prediction_add_time=0; + +/** + * How much time left until we stop predicting circuits? + */ +int +predicted_ports_prediction_time_remaining(time_t now) +{ + time_t idle_delta = now - last_prediction_add_time; + + /* Protect against overflow of return value. This can happen if the clock + * jumps backwards in time. Update the last prediction time (aka last + * active time) to prevent it. This update is preferable to using monotonic + * time because it prevents clock jumps into the past from simply causing + * very long idle timeouts while the monotonic time stands still. */ + if (last_prediction_add_time > now) { + last_prediction_add_time = now; + idle_delta = 0; + } + + /* Protect against underflow of the return value. This can happen for very + * large periods of inactivity/system sleep. */ + if (idle_delta > prediction_timeout) + return 0; + + if (BUG((prediction_timeout - idle_delta) > INT_MAX)) { + return INT_MAX; + } + + return (int)(prediction_timeout - idle_delta); +} /** We just got an application request for a connection with * port <b>port</b>. Remember it for the future, so we can keep @@ -1767,21 +1843,40 @@ static void add_predicted_port(time_t now, uint16_t port) { predicted_port_t *pp = tor_malloc(sizeof(predicted_port_t)); + + // If the list is empty, re-randomize predicted ports lifetime + if (!any_predicted_circuits(now)) { + prediction_timeout = channelpadding_get_circuits_available_timeout(); + } + + last_prediction_add_time = now; + + log_info(LD_CIRC, + "New port prediction added. Will continue predictive circ building " + "for %d more seconds.", + predicted_ports_prediction_time_remaining(now)); + pp->port = port; pp->time = now; rephist_total_alloc += sizeof(*pp); smartlist_add(predicted_ports_list, pp); } -/** Initialize whatever memory and structs are needed for predicting +/** + * Allocate whatever memory and structs are needed for predicting * which ports will be used. Also seed it with port 80, so we'll build * circuits on start-up. */ static void -predicted_ports_init(void) +predicted_ports_alloc(void) { predicted_ports_list = smartlist_new(); - add_predicted_port(time(NULL), 80); /* add one to kickstart us */ +} + +void +predicted_ports_init(void) +{ + add_predicted_port(time(NULL), 443); // Add a port to get us started } /** Free whatever memory is needed for predicting which ports will @@ -1812,6 +1907,12 @@ rep_hist_note_used_port(time_t now, uint16_t port) SMARTLIST_FOREACH_BEGIN(predicted_ports_list, predicted_port_t *, pp) { if (pp->port == port) { pp->time = now; + + last_prediction_add_time = now; + log_info(LD_CIRC, + "New port prediction added. Will continue predictive circ " + "building for %d more seconds.", + predicted_ports_prediction_time_remaining(now)); return; } } SMARTLIST_FOREACH_END(pp); @@ -1828,7 +1929,8 @@ rep_hist_get_predicted_ports(time_t now) int predicted_circs_relevance_time; smartlist_t *out = smartlist_new(); tor_assert(predicted_ports_list); - predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime; + + predicted_circs_relevance_time = prediction_timeout; /* clean out obsolete entries */ SMARTLIST_FOREACH_BEGIN(predicted_ports_list, predicted_port_t *, pp) { @@ -1888,6 +1990,18 @@ static time_t predicted_internal_capacity_time = 0; void rep_hist_note_used_internal(time_t now, int need_uptime, int need_capacity) { + // If the list is empty, re-randomize predicted ports lifetime + if (!any_predicted_circuits(now)) { + prediction_timeout = channelpadding_get_circuits_available_timeout(); + } + + last_prediction_add_time = now; + + log_info(LD_CIRC, + "New port prediction added. Will continue predictive circ building " + "for %d more seconds.", + predicted_ports_prediction_time_remaining(now)); + predicted_internal_time = now; if (need_uptime) predicted_internal_uptime_time = now; @@ -1901,7 +2015,8 @@ rep_hist_get_predicted_internal(time_t now, int *need_uptime, int *need_capacity) { int predicted_circs_relevance_time; - predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime; + + predicted_circs_relevance_time = prediction_timeout; if (!predicted_internal_time) { /* initialize it */ predicted_internal_time = now; @@ -1923,7 +2038,7 @@ int any_predicted_circuits(time_t now) { int predicted_circs_relevance_time; - predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime; + predicted_circs_relevance_time = prediction_timeout; return smartlist_len(predicted_ports_list) || predicted_internal_time + predicted_circs_relevance_time >= now; @@ -3210,8 +3325,7 @@ rep_hist_hs_stats_write(time_t now) return start_of_hs_stats_interval + WRITE_STATS_INTERVAL; } -#define MAX_LINK_PROTO_TO_LOG 4 -static uint64_t link_proto_count[MAX_LINK_PROTO_TO_LOG+1][2]; +static uint64_t link_proto_count[MAX_LINK_PROTO+1][2]; /** Note that we negotiated link protocol version <b>link_proto</b>, on * a connection that started here iff <b>started_here</b> is true. @@ -3220,7 +3334,7 @@ void rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here) { started_here = !!started_here; /* force to 0 or 1 */ - if (link_proto > MAX_LINK_PROTO_TO_LOG) { + if (link_proto > MAX_LINK_PROTO) { log_warn(LD_BUG, "Can't log link protocol %u", link_proto); return; } @@ -3228,6 +3342,165 @@ rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here) link_proto_count[link_proto][started_here]++; } +/** + * Update the maximum count of total pending channel padding timers + * in this period. + */ +void +rep_hist_padding_count_timers(uint64_t num_timers) +{ + if (num_timers > padding_current.maximum_chanpad_timers) { + padding_current.maximum_chanpad_timers = num_timers; + } +} + +/** + * Count a cell that we sent for padding overhead statistics. + * + * RELAY_COMMAND_DROP and CELL_PADDING are accounted separately. Both should be + * counted for PADDING_TYPE_TOTAL. + */ +void +rep_hist_padding_count_write(padding_type_t type) +{ + switch (type) { + case PADDING_TYPE_DROP: + padding_current.write_drop_cell_count++; + break; + case PADDING_TYPE_CELL: + padding_current.write_pad_cell_count++; + break; + case PADDING_TYPE_TOTAL: + padding_current.write_cell_count++; + break; + case PADDING_TYPE_ENABLED_TOTAL: + padding_current.enabled_write_cell_count++; + break; + case PADDING_TYPE_ENABLED_CELL: + padding_current.enabled_write_pad_cell_count++; + break; + } +} + +/** + * Count a cell that we've received for padding overhead statistics. + * + * RELAY_COMMAND_DROP and CELL_PADDING are accounted separately. Both should be + * counted for PADDING_TYPE_TOTAL. + */ +void +rep_hist_padding_count_read(padding_type_t type) +{ + switch (type) { + case PADDING_TYPE_DROP: + padding_current.read_drop_cell_count++; + break; + case PADDING_TYPE_CELL: + padding_current.read_pad_cell_count++; + break; + case PADDING_TYPE_TOTAL: + padding_current.read_cell_count++; + break; + case PADDING_TYPE_ENABLED_TOTAL: + padding_current.enabled_read_cell_count++; + break; + case PADDING_TYPE_ENABLED_CELL: + padding_current.enabled_read_pad_cell_count++; + break; + } +} + +/** + * Reset our current padding statistics. Called once every 24 hours. + */ +void +rep_hist_reset_padding_counts(void) +{ + memset(&padding_current, 0, sizeof(padding_current)); +} + +/** + * Copy our current cell counts into a structure for listing in our + * extra-info descriptor. Also perform appropriate rounding and redaction. + * + * This function is called once every 24 hours. + */ +#define MIN_CELL_COUNTS_TO_PUBLISH 1 +#define ROUND_CELL_COUNTS_TO 10000 +void +rep_hist_prep_published_padding_counts(time_t now) +{ + memcpy(&padding_published, &padding_current, sizeof(padding_published)); + + if (padding_published.read_cell_count < MIN_CELL_COUNTS_TO_PUBLISH || + padding_published.write_cell_count < MIN_CELL_COUNTS_TO_PUBLISH) { + memset(&padding_published, 0, sizeof(padding_published)); + return; + } + + format_iso_time(padding_published.first_published_at, now); +#define ROUND_AND_SET_COUNT(x) (x) = round_uint64_to_next_multiple_of((x), \ + ROUND_CELL_COUNTS_TO) + ROUND_AND_SET_COUNT(padding_published.read_pad_cell_count); + ROUND_AND_SET_COUNT(padding_published.write_pad_cell_count); + ROUND_AND_SET_COUNT(padding_published.read_drop_cell_count); + ROUND_AND_SET_COUNT(padding_published.write_drop_cell_count); + ROUND_AND_SET_COUNT(padding_published.write_cell_count); + ROUND_AND_SET_COUNT(padding_published.read_cell_count); + ROUND_AND_SET_COUNT(padding_published.enabled_read_cell_count); + ROUND_AND_SET_COUNT(padding_published.enabled_read_pad_cell_count); + ROUND_AND_SET_COUNT(padding_published.enabled_write_cell_count); + ROUND_AND_SET_COUNT(padding_published.enabled_write_pad_cell_count); +#undef ROUND_AND_SET_COUNT +} + +/** + * Returns an allocated string for extra-info documents for publishing + * padding statistics from the last 24 hour interval. + */ +char * +rep_hist_get_padding_count_lines(void) +{ + char *result = NULL; + + if (!padding_published.read_cell_count || + !padding_published.write_cell_count) { + return NULL; + } + + tor_asprintf(&result, "padding-counts %s (%d s)" + " bin-size="U64_FORMAT + " write-drop="U64_FORMAT + " write-pad="U64_FORMAT + " write-total="U64_FORMAT + " read-drop="U64_FORMAT + " read-pad="U64_FORMAT + " read-total="U64_FORMAT + " enabled-read-pad="U64_FORMAT + " enabled-read-total="U64_FORMAT + " enabled-write-pad="U64_FORMAT + " enabled-write-total="U64_FORMAT + " max-chanpad-timers="U64_FORMAT + "\n", + padding_published.first_published_at, + REPHIST_CELL_PADDING_COUNTS_INTERVAL, + U64_PRINTF_ARG(ROUND_CELL_COUNTS_TO), + U64_PRINTF_ARG(padding_published.write_drop_cell_count), + U64_PRINTF_ARG(padding_published.write_pad_cell_count), + U64_PRINTF_ARG(padding_published.write_cell_count), + U64_PRINTF_ARG(padding_published.read_drop_cell_count), + U64_PRINTF_ARG(padding_published.read_pad_cell_count), + U64_PRINTF_ARG(padding_published.read_cell_count), + U64_PRINTF_ARG(padding_published.enabled_read_pad_cell_count), + U64_PRINTF_ARG(padding_published.enabled_read_cell_count), + U64_PRINTF_ARG(padding_published.enabled_write_pad_cell_count), + U64_PRINTF_ARG(padding_published.enabled_write_cell_count), + U64_PRINTF_ARG(padding_published.maximum_chanpad_timers) + ); + + return result; +} + /** Log a heartbeat message explaining how many connections of each link * protocol version we have used. */ diff --git a/src/or/rephist.h b/src/or/rephist.h index 6dd88a3544..2b1c2e7ec7 100644 --- a/src/or/rephist.h +++ b/src/or/rephist.h @@ -48,6 +48,7 @@ double rep_hist_get_weighted_fractional_uptime(const char *id, time_t when); long rep_hist_get_weighted_time_known(const char *id, time_t when); int rep_hist_have_measured_enough_stability(void); +void predicted_ports_init(void); void rep_hist_note_used_port(time_t now, uint16_t port); smartlist_t *rep_hist_get_predicted_ports(time_t now); void rep_hist_remove_predicted_ports(const smartlist_t *rmv_ports); @@ -59,6 +60,7 @@ int rep_hist_get_predicted_internal(time_t now, int *need_uptime, int any_predicted_circuits(time_t now); int rep_hist_circbuilding_dormant(time_t now); +int predicted_ports_prediction_time_remaining(time_t now); void note_crypto_pk_op(pk_op_t operation); void dump_pk_ops(int severity); @@ -119,5 +121,30 @@ extern int onion_handshakes_requested[MAX_ONION_HANDSHAKE_TYPE+1]; extern int onion_handshakes_assigned[MAX_ONION_HANDSHAKE_TYPE+1]; #endif +/** + * Represents the type of a cell for padding accounting + */ +typedef enum padding_type_t { + /** A RELAY_DROP cell */ + PADDING_TYPE_DROP, + /** A CELL_PADDING cell */ + PADDING_TYPE_CELL, + /** Total counts of padding and non-padding together */ + PADDING_TYPE_TOTAL, + /** Total cell counts for all padding-enabled channels */ + PADDING_TYPE_ENABLED_TOTAL, + /** CELL_PADDING counts for all padding-enabled channels */ + PADDING_TYPE_ENABLED_CELL +} padding_type_t; + +/** The amount of time over which the padding cell counts were counted */ +#define REPHIST_CELL_PADDING_COUNTS_INTERVAL (24*60*60) +void rep_hist_padding_count_read(padding_type_t type); +void rep_hist_padding_count_write(padding_type_t type); +char *rep_hist_get_padding_count_lines(void); +void rep_hist_reset_padding_counts(void); +void rep_hist_prep_published_padding_counts(time_t now); +void rep_hist_padding_count_timers(uint64_t num_timers); + #endif diff --git a/src/or/router.c b/src/or/router.c index 2336a5d3df..642f415a38 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -779,12 +779,6 @@ router_initialize_tls_context(void) int lifetime = options->SSLKeyLifetime; if (public_server_mode(options)) flags |= TOR_TLS_CTX_IS_PUBLIC_SERVER; - if (options->TLSECGroup) { - if (!strcasecmp(options->TLSECGroup, "P256")) - flags |= TOR_TLS_CTX_USE_ECDHE_P256; - else if (!strcasecmp(options->TLSECGroup, "P224")) - flags |= TOR_TLS_CTX_USE_ECDHE_P224; - } if (!lifetime) { /* we should guess a good ssl cert lifetime */ /* choose between 5 and 365 days, and round to the day */ @@ -1663,8 +1657,7 @@ MOCK_IMPL(int, server_mode,(const or_options_t *options)) { if (options->ClientOnly) return 0; - /* XXXX I believe we can kill off ORListenAddress here.*/ - return (options->ORPort_set || options->ORListenAddress); + return (options->ORPort_set); } /** Return true iff we are trying to be a non-bridge server. @@ -2288,14 +2281,12 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) } if (options->MyFamily && ! options->BridgeRelay) { - smartlist_t *family; if (!warned_nonexistent_family) warned_nonexistent_family = smartlist_new(); - family = smartlist_new(); ri->declared_family = smartlist_new(); - smartlist_split_string(family, options->MyFamily, ",", - SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK|SPLIT_STRIP_SPACE, 0); - SMARTLIST_FOREACH_BEGIN(family, char *, name) { + config_line_t *family; + for (family = options->MyFamily; family; family = family->next) { + char *name = family->value; const node_t *member; if (!strcasecmp(name, options->Nickname)) goto skip; /* Don't list ourself, that's redundant */ @@ -2334,13 +2325,11 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) } skip: tor_free(name); - } SMARTLIST_FOREACH_END(name); + } /* remove duplicates from the list */ smartlist_sort_strings(ri->declared_family); smartlist_uniq_strings(ri->declared_family); - - smartlist_free(family); } /* Now generate the extrainfo. */ @@ -2942,7 +2931,7 @@ router_dump_router_to_string(routerinfo_t *router, "onion-key\n%s" "signing-key\n%s" "%s%s" - "%s%s%s%s", + "%s%s%s", router->nickname, address, router->or_port, @@ -2965,8 +2954,7 @@ router_dump_router_to_string(routerinfo_t *router, ntor_cc_line ? ntor_cc_line : "", family_line, we_are_hibernating() ? "hibernating 1\n" : "", - "hidden-service-dir\n", - options->AllowSingleHopExits ? "allow-single-hop-exits\n" : ""); + "hidden-service-dir\n"); if (options->ContactInfo && strlen(options->ContactInfo)) { const char *ci = options->ContactInfo; @@ -3295,6 +3283,12 @@ extrainfo_dump_to_string(char **s_out, extrainfo_t *extrainfo, } } + if (options->PaddingStatistics) { + contents = rep_hist_get_padding_count_lines(); + if (contents) + smartlist_add(chunks, contents); + } + /* Add information about the pluggable transports we support. */ if (options->ServerTransportPlugin) { char *pluggable_transports = pt_get_extra_info_descriptor_string(); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 8927786fe8..a790265afb 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2320,17 +2320,16 @@ routerlist_add_node_and_family(smartlist_t *sl, const routerinfo_t *router) * we can pick a node for a circuit. */ void -router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid, - int need_uptime, int need_capacity, - int need_guard, int need_desc, - int pref_addr, int direct_conn) +router_add_running_nodes_to_smartlist(smartlist_t *sl, int need_uptime, + int need_capacity, int need_guard, + int need_desc, int pref_addr, + int direct_conn) { const int check_reach = !router_skip_or_reachability(get_options(), pref_addr); /* XXXX MOVE */ SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) { - if (!node->is_running || - (!node->is_valid && !allow_invalid)) + if (!node->is_running || !node->is_valid) continue; if (need_desc && !(node->ri || (node->rs && node->md))) continue; @@ -2776,8 +2775,6 @@ node_sl_choose_by_bandwidth(const smartlist_t *sl, * a minimum uptime, return one of those. * If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the * advertised capacity of each router. - * If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid - * routers. * If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers. * If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if * picking an exit node, otherwise we weight bandwidths for picking a relay @@ -2798,7 +2795,6 @@ router_choose_random_node(smartlist_t *excludedsmartlist, const int need_uptime = (flags & CRN_NEED_UPTIME) != 0; const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0; const int need_guard = (flags & CRN_NEED_GUARD) != 0; - const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0; const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0; const int need_desc = (flags & CRN_NEED_DESC) != 0; const int pref_addr = (flags & CRN_PREF_ADDR) != 0; @@ -2814,20 +2810,17 @@ router_choose_random_node(smartlist_t *excludedsmartlist, rule = weight_for_exit ? WEIGHT_FOR_EXIT : (need_guard ? WEIGHT_FOR_GUARD : WEIGHT_FOR_MID); - /* Exclude relays that allow single hop exit circuits, if the user - * wants to (such relays might be risky) */ - if (get_options()->ExcludeSingleHopRelays) { - SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node, - if (node_allows_single_hop_exits(node)) { - smartlist_add(excludednodes, node); - }); - } + /* Exclude relays that allow single hop exit circuits. This is an obsolete + * option since 0.2.9.2-alpha and done by default in 0.3.1.0-alpha. */ + SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node, + if (node_allows_single_hop_exits(node)) { + smartlist_add(excludednodes, node); + }); if ((r = routerlist_find_my_routerinfo())) routerlist_add_node_and_family(excludednodes, r); - router_add_running_nodes_to_smartlist(sl, allow_invalid, - need_uptime, need_capacity, + router_add_running_nodes_to_smartlist(sl, need_uptime, need_capacity, need_guard, need_desc, pref_addr, direct_conn); log_debug(LD_CIRC, @@ -5149,7 +5142,7 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote, continue; /* We would throw it out immediately. */ } if (!we_want_to_fetch_flavor(options, consensus->flavor) && - !client_would_use_router(rs, now, options)) { + !client_would_use_router(rs, now)) { ++n_wouldnt_use; continue; /* We would never use it ourself. */ } diff --git a/src/or/routerlist.h b/src/or/routerlist.h index 5c1f76c8e7..e0ed4e623a 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -62,10 +62,10 @@ int router_skip_or_reachability(const or_options_t *options, int try_ip_pref); int router_get_my_share_of_directory_requests(double *v3_share_out); void router_reset_status_download_failures(void); int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2); -void router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid, - int need_uptime, int need_capacity, - int need_guard, int need_desc, - int pref_addr, int direct_conn); +void router_add_running_nodes_to_smartlist(smartlist_t *sl, int need_uptime, + int need_capacity, int need_guard, + int need_desc, int pref_addr, + int direct_conn); const routerinfo_t *routerlist_find_my_routerinfo(void); uint32_t router_get_advertised_bandwidth(const routerinfo_t *router); @@ -124,7 +124,7 @@ static int WRA_NEVER_DOWNLOADABLE(was_router_added_t s); */ static inline int WRA_WAS_ADDED(was_router_added_t s) { - return s == ROUTER_ADDED_SUCCESSFULLY || s == ROUTER_ADDED_NOTIFY_GENERATOR; + return s == ROUTER_ADDED_SUCCESSFULLY; } /** Return true iff the outcome code in <b>s</b> indicates that the descriptor * was not added because it was either: diff --git a/src/or/routerparse.c b/src/or/routerparse.c index fc0a4ab50a..0f6113ccfc 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -359,6 +359,7 @@ static addr_policy_t *router_parse_addr_policy_private(directory_token_t *tok); static int router_get_hash_impl_helper(const char *s, size_t s_len, const char *start_str, const char *end_str, char end_c, + int log_severity, const char **start_out, const char **end_out); static int router_get_hash_impl(const char *s, size_t s_len, char *digest, const char *start_str, const char *end_str, @@ -988,6 +989,41 @@ router_get_router_hash(const char *s, size_t s_len, char *digest) DIGEST_SHA1); } +/** Try to find the start and end of the signed portion of a networkstatus + * document in <b>s</b>. On success, set <b>start_out</b> to the first + * character of the document, and <b>end_out</b> to a position one after the + * final character of the signed document, and return 0. On failure, return + * -1. */ +int +router_get_networkstatus_v3_signed_boundaries(const char *s, + const char **start_out, + const char **end_out) +{ + return router_get_hash_impl_helper(s, strlen(s), + "network-status-version", + "\ndirectory-signature", + ' ', LOG_INFO, + start_out, end_out); +} + +/** Set <b>digest_out</b> to the SHA3-256 digest of the signed portion of the + * networkstatus vote in <b>s</b> -- or of the entirety of <b>s</b> if no + * signed portion can be identified. Return 0 on success, -1 on failure. */ +int +router_get_networkstatus_v3_sha3_as_signed(uint8_t *digest_out, + const char *s) +{ + const char *start, *end; + if (router_get_networkstatus_v3_signed_boundaries(s, &start, &end) < 0) { + start = s; + end = s + strlen(s); + } + tor_assert(start); + tor_assert(end); + return crypto_digest256((char*)digest_out, start, end-start, + DIGEST_SHA3_256); +} + /** Set <b>digests</b> to all the digests of the consensus document in * <b>s</b> */ int @@ -1787,7 +1823,8 @@ router_parse_entry_from_string(const char *s, const char *end, if (router_get_hash_impl_helper(s, end-s, "router ", "\nrouter-sig-ed25519", - ' ', &signed_start, &signed_end) < 0) { + ' ', LOG_WARN, + &signed_start, &signed_end) < 0) { log_warn(LD_DIR, "Can't find ed25519-signed portion of descriptor"); goto err; } @@ -2140,7 +2177,8 @@ extrainfo_parse_entry_from_string(const char *s, const char *end, if (router_get_hash_impl_helper(s, end-s, "extra-info ", "\nrouter-sig-ed25519", - ' ', &signed_start, &signed_end) < 0) { + ' ', LOG_WARN, + &signed_start, &signed_end) < 0) { log_warn(LD_DIR, "Can't find ed25519-signed portion of extrainfo"); goto err; } @@ -2547,7 +2585,7 @@ routerstatus_parse_entry_from_string(memarea_t *area, goto err; } } else if (flav == FLAV_MICRODESC) { - offset = -1; /* There is no identity digest */ + offset = -1; /* There is no descriptor digest in an md consensus r line */ } if (vote_rs) { @@ -3346,6 +3384,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, networkstatus_voter_info_t *voter = NULL; networkstatus_t *ns = NULL; common_digests_t ns_digests; + uint8_t sha3_as_signed[DIGEST256_LEN]; const char *cert, *end_of_header, *end_of_footer, *s_dup = s; directory_token_t *tok; struct in_addr in; @@ -3359,7 +3398,8 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, if (eos_out) *eos_out = NULL; - if (router_get_networkstatus_v3_hashes(s, &ns_digests)) { + if (router_get_networkstatus_v3_hashes(s, &ns_digests) || + router_get_networkstatus_v3_sha3_as_signed(sha3_as_signed, s)<0) { log_warn(LD_DIR, "Unable to compute digest of network-status"); goto err; } @@ -3376,6 +3416,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, ns = tor_malloc_zero(sizeof(networkstatus_t)); memcpy(&ns->digests, &ns_digests, sizeof(ns_digests)); + memcpy(&ns->digest_sha3_as_signed, sha3_as_signed, sizeof(sha3_as_signed)); tok = find_by_keyword(tokens, K_NETWORK_STATUS_VERSION); tor_assert(tok); @@ -4471,16 +4512,18 @@ static int router_get_hash_impl_helper(const char *s, size_t s_len, const char *start_str, const char *end_str, char end_c, + int log_severity, const char **start_out, const char **end_out) { const char *start, *end; start = tor_memstr(s, s_len, start_str); if (!start) { - log_warn(LD_DIR,"couldn't find start of hashed material \"%s\"",start_str); + log_fn(log_severity,LD_DIR, + "couldn't find start of hashed material \"%s\"",start_str); return -1; } if (start != s && *(start-1) != '\n') { - log_warn(LD_DIR, + log_fn(log_severity,LD_DIR, "first occurrence of \"%s\" is not at the start of a line", start_str); return -1; @@ -4488,12 +4531,14 @@ router_get_hash_impl_helper(const char *s, size_t s_len, end = tor_memstr(start+strlen(start_str), s_len - (start-s) - strlen(start_str), end_str); if (!end) { - log_warn(LD_DIR,"couldn't find end of hashed material \"%s\"",end_str); + log_fn(log_severity,LD_DIR, + "couldn't find end of hashed material \"%s\"",end_str); return -1; } end = memchr(end+strlen(end_str), end_c, s_len - (end-s) - strlen(end_str)); if (!end) { - log_warn(LD_DIR,"couldn't find EOL"); + log_fn(log_severity,LD_DIR, + "couldn't find EOL"); return -1; } ++end; @@ -4517,7 +4562,7 @@ router_get_hash_impl(const char *s, size_t s_len, char *digest, digest_algorithm_t alg) { const char *start=NULL, *end=NULL; - if (router_get_hash_impl_helper(s,s_len,start_str,end_str,end_c, + if (router_get_hash_impl_helper(s,s_len,start_str,end_str,end_c,LOG_WARN, &start,&end)<0) return -1; @@ -4554,7 +4599,7 @@ router_get_hashes_impl(const char *s, size_t s_len, common_digests_t *digests, const char *end_str, char end_c) { const char *start=NULL, *end=NULL; - if (router_get_hash_impl_helper(s,s_len,start_str,end_str,end_c, + if (router_get_hash_impl_helper(s,s_len,start_str,end_str,end_c,LOG_WARN, &start,&end)<0) return -1; diff --git a/src/or/routerparse.h b/src/or/routerparse.h index e8d71b6dc9..088f773c5e 100644 --- a/src/or/routerparse.h +++ b/src/or/routerparse.h @@ -16,6 +16,11 @@ int router_get_router_hash(const char *s, size_t s_len, char *digest); int router_get_dir_hash(const char *s, char *digest); int router_get_networkstatus_v3_hashes(const char *s, common_digests_t *digests); +int router_get_networkstatus_v3_signed_boundaries(const char *s, + const char **start_out, + const char **end_out); +int router_get_networkstatus_v3_sha3_as_signed(uint8_t *digest_out, + const char *s); int router_get_extrainfo_hash(const char *s, size_t s_len, char *digest); #define DIROBJ_MAX_SIG_LEN 256 char *router_get_dirobj_signature(const char *digest, diff --git a/src/test/Makefile.nmake b/src/test/Makefile.nmake index 575198388b..605f1a92c3 100644 --- a/src/test/Makefile.nmake +++ b/src/test/Makefile.nmake @@ -17,6 +17,7 @@ TEST_OBJECTS = test.obj test_addr.obj test_channel.obj test_channeltls.obj \ test_checkdir.obj test_microdesc.obj test_pt.obj test_util.obj \ test_config.obj test_connection.obj \ test_cell_formats.obj test_relay.obj test_replay.obj \ + test_channelpadding.obj \ test_scheduler.obj test_introduce.obj test_hs.obj tinytest.obj tinytest.obj: ..\ext\tinytest.c diff --git a/src/test/fuzz/fuzz_diff.c b/src/test/fuzz/fuzz_diff.c index c241f63dc4..642380b512 100644 --- a/src/test/fuzz/fuzz_diff.c +++ b/src/test/fuzz/fuzz_diff.c @@ -21,6 +21,7 @@ int fuzz_init(void) { MOCK(consensus_compute_digest, mock_consensus_compute_digest_); + MOCK(consensus_compute_digest_as_signed, mock_consensus_compute_digest_); return 0; } @@ -28,6 +29,7 @@ int fuzz_cleanup(void) { UNMOCK(consensus_compute_digest); + UNMOCK(consensus_compute_digest_as_signed); return 0; } diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c new file mode 100644 index 0000000000..3f0d6a9413 --- /dev/null +++ b/src/test/hs_test_helpers.c @@ -0,0 +1,257 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "or.h" +#include "crypto_ed25519.h" +#include "test.h" +#include "torcert.h" + +#include "hs_test_helpers.h" + +hs_desc_intro_point_t * +hs_helper_build_intro_point(const ed25519_keypair_t *signing_kp, time_t now, + const char *addr, int legacy) +{ + int ret; + ed25519_keypair_t auth_kp; + hs_desc_intro_point_t *intro_point = NULL; + hs_desc_intro_point_t *ip = tor_malloc_zero(sizeof(*ip)); + ip->link_specifiers = smartlist_new(); + + { + hs_desc_link_specifier_t *ls = tor_malloc_zero(sizeof(*ls)); + if (legacy) { + ls->type = LS_LEGACY_ID; + memcpy(ls->u.legacy_id, "0299F268FCA9D55CD157976D39AE92B4B455B3A8", + DIGEST_LEN); + } else { + ls->u.ap.port = 9001; + int family = tor_addr_parse(&ls->u.ap.addr, addr); + switch (family) { + case AF_INET: + ls->type = LS_IPV4; + break; + case AF_INET6: + ls->type = LS_IPV6; + break; + default: + /* Stop the test, not suppose to have an error. */ + tt_int_op(family, OP_EQ, AF_INET); + } + } + smartlist_add(ip->link_specifiers, ls); + } + + ret = ed25519_keypair_generate(&auth_kp, 0); + tt_int_op(ret, ==, 0); + ip->auth_key_cert = tor_cert_create(signing_kp, CERT_TYPE_AUTH_HS_IP_KEY, + &auth_kp.pubkey, now, + HS_DESC_CERT_LIFETIME, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(ip->auth_key_cert); + + if (legacy) { + ip->legacy.key = crypto_pk_new(); + tt_assert(ip->legacy.key); + ret = crypto_pk_generate_key(ip->legacy.key); + tt_int_op(ret, ==, 0); + ssize_t cert_len = tor_make_rsa_ed25519_crosscert( + &signing_kp->pubkey, ip->legacy.key, + now + HS_DESC_CERT_LIFETIME, + &ip->legacy.cert.encoded); + tt_assert(ip->legacy.cert.encoded); + tt_u64_op(cert_len, OP_GT, 0); + ip->legacy.cert.len = cert_len; + } + + /* Encryption key. */ + { + int signbit; + curve25519_keypair_t curve25519_kp; + ed25519_keypair_t ed25519_kp; + tor_cert_t *cross_cert; + + ret = curve25519_keypair_generate(&curve25519_kp, 0); + tt_int_op(ret, ==, 0); + ed25519_keypair_from_curve25519_keypair(&ed25519_kp, &signbit, + &curve25519_kp); + cross_cert = tor_cert_create(signing_kp, CERT_TYPE_CROSS_HS_IP_KEYS, + &ed25519_kp.pubkey, time(NULL), + HS_DESC_CERT_LIFETIME, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(cross_cert); + ip->enc_key_cert = cross_cert; + } + + intro_point = ip; + done: + return intro_point; +} + +/* Return a valid hs_descriptor_t object. If no_ip is set, no introduction + * points are added. */ +static hs_descriptor_t * +hs_helper_build_hs_desc_impl(unsigned int no_ip, + const ed25519_keypair_t *signing_kp) +{ + int ret; + time_t now = time(NULL); + ed25519_keypair_t blinded_kp; + hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); + + desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; + + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.signing_pubkey, &signing_kp->pubkey, + sizeof(ed25519_public_key_t)); + + ret = ed25519_keypair_generate(&blinded_kp, 0); + tt_int_op(ret, ==, 0); + /* Copy only the public key into the descriptor. */ + memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey, + sizeof(ed25519_public_key_t)); + + desc->plaintext_data.signing_key_cert = + tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, + &signing_kp->pubkey, now, 3600, + CERT_FLAG_INCLUDE_SIGNING_KEY); + tt_assert(desc->plaintext_data.signing_key_cert); + desc->plaintext_data.revision_counter = 42; + desc->plaintext_data.lifetime_sec = 3 * 60 * 60; + + /* Setup encrypted data section. */ + desc->encrypted_data.create2_ntor = 1; + desc->encrypted_data.intro_auth_types = smartlist_new(); + desc->encrypted_data.single_onion_service = 1; + smartlist_add(desc->encrypted_data.intro_auth_types, tor_strdup("ed25519")); + desc->encrypted_data.intro_points = smartlist_new(); + if (!no_ip) { + /* Add four intro points. */ + smartlist_add(desc->encrypted_data.intro_points, + hs_helper_build_intro_point(signing_kp, now, "1.2.3.4", 0)); + smartlist_add(desc->encrypted_data.intro_points, + hs_helper_build_intro_point(signing_kp, now, "[2600::1]", 0)); + smartlist_add(desc->encrypted_data.intro_points, + hs_helper_build_intro_point(signing_kp, now, "3.2.1.4", 1)); + smartlist_add(desc->encrypted_data.intro_points, + hs_helper_build_intro_point(signing_kp, now, "", 1)); + } + + descp = desc; + done: + return descp; +} + +/* Build a descriptor with introduction points. */ +hs_descriptor_t * +hs_helper_build_hs_desc_with_ip(const ed25519_keypair_t *signing_kp) +{ + return hs_helper_build_hs_desc_impl(0, signing_kp); +} + +/* Build a descriptor without any introduction points. */ +hs_descriptor_t * +hs_helper_build_hs_desc_no_ip(const ed25519_keypair_t *signing_kp) +{ + return hs_helper_build_hs_desc_impl(1, signing_kp); +} + +void +hs_helper_desc_equal(const hs_descriptor_t *desc1, + const hs_descriptor_t *desc2) +{ + char *addr1 = NULL, *addr2 = NULL; + /* Plaintext data section. */ + tt_int_op(desc1->plaintext_data.version, OP_EQ, + desc2->plaintext_data.version); + tt_uint_op(desc1->plaintext_data.lifetime_sec, OP_EQ, + desc2->plaintext_data.lifetime_sec); + tt_assert(tor_cert_eq(desc1->plaintext_data.signing_key_cert, + desc2->plaintext_data.signing_key_cert)); + tt_mem_op(desc1->plaintext_data.signing_pubkey.pubkey, OP_EQ, + desc2->plaintext_data.signing_pubkey.pubkey, + ED25519_PUBKEY_LEN); + tt_mem_op(desc1->plaintext_data.blinded_pubkey.pubkey, OP_EQ, + desc2->plaintext_data.blinded_pubkey.pubkey, + ED25519_PUBKEY_LEN); + tt_u64_op(desc1->plaintext_data.revision_counter, ==, + desc2->plaintext_data.revision_counter); + + /* NOTE: We can't compare the encrypted blob because when encoding the + * descriptor, the object is immutable thus we don't update it with the + * encrypted blob. As contrast to the decoding process where we populate a + * descriptor object. */ + + /* Encrypted data section. */ + tt_uint_op(desc1->encrypted_data.create2_ntor, ==, + desc2->encrypted_data.create2_ntor); + + /* Authentication type. */ + tt_int_op(!!desc1->encrypted_data.intro_auth_types, ==, + !!desc2->encrypted_data.intro_auth_types); + if (desc1->encrypted_data.intro_auth_types && + desc2->encrypted_data.intro_auth_types) { + tt_int_op(smartlist_len(desc1->encrypted_data.intro_auth_types), ==, + smartlist_len(desc2->encrypted_data.intro_auth_types)); + for (int i = 0; + i < smartlist_len(desc1->encrypted_data.intro_auth_types); + i++) { + tt_str_op(smartlist_get(desc1->encrypted_data.intro_auth_types, i),OP_EQ, + smartlist_get(desc2->encrypted_data.intro_auth_types, i)); + } + } + + /* Introduction points. */ + { + tt_assert(desc1->encrypted_data.intro_points); + tt_assert(desc2->encrypted_data.intro_points); + tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), ==, + smartlist_len(desc2->encrypted_data.intro_points)); + for (int i=0; i < smartlist_len(desc1->encrypted_data.intro_points); i++) { + hs_desc_intro_point_t *ip1 = smartlist_get(desc1->encrypted_data + .intro_points, i), + *ip2 = smartlist_get(desc2->encrypted_data + .intro_points, i); + tt_assert(tor_cert_eq(ip1->auth_key_cert, ip2->auth_key_cert)); + if (ip1->legacy.key) { + tt_int_op(crypto_pk_cmp_keys(ip1->legacy.key, ip2->legacy.key), + OP_EQ, 0); + } else { + tt_mem_op(&ip1->enc_key, OP_EQ, &ip2->enc_key, CURVE25519_PUBKEY_LEN); + } + + tt_int_op(smartlist_len(ip1->link_specifiers), ==, + smartlist_len(ip2->link_specifiers)); + for (int j = 0; j < smartlist_len(ip1->link_specifiers); j++) { + hs_desc_link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j), + *ls2 = smartlist_get(ip2->link_specifiers, j); + tt_int_op(ls1->type, ==, ls2->type); + switch (ls1->type) { + case LS_IPV4: + case LS_IPV6: + { + addr1 = tor_addr_to_str_dup(&ls1->u.ap.addr); + addr2 = tor_addr_to_str_dup(&ls2->u.ap.addr); + tt_str_op(addr1, OP_EQ, addr2); + tor_free(addr1); + tor_free(addr2); + tt_int_op(ls1->u.ap.port, ==, ls2->u.ap.port); + } + break; + case LS_LEGACY_ID: + tt_mem_op(ls1->u.legacy_id, OP_EQ, ls2->u.legacy_id, + sizeof(ls1->u.legacy_id)); + break; + default: + /* Unknown type, caught it and print its value. */ + tt_int_op(ls1->type, OP_EQ, -1); + } + } + } + } + + done: + tor_free(addr1); + tor_free(addr2); +} + diff --git a/src/test/hs_test_helpers.h b/src/test/hs_test_helpers.h new file mode 100644 index 0000000000..a7fedab136 --- /dev/null +++ b/src/test/hs_test_helpers.h @@ -0,0 +1,22 @@ +/* Copyright (c) 2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef TOR_HS_TEST_HELPERS_H +#define TOR_HS_TEST_HELPERS_H + +#include "ed25519_cert.h" +#include "hs_descriptor.h" + +/* Set of functions to help build and test descriptors. */ +hs_desc_intro_point_t *hs_helper_build_intro_point( + const ed25519_keypair_t *signing_kp, time_t now, + const char *addr, int legacy); +hs_descriptor_t *hs_helper_build_hs_desc_no_ip( + const ed25519_keypair_t *signing_kp); +hs_descriptor_t *hs_helper_build_hs_desc_with_ip( + const ed25519_keypair_t *signing_kp); +void hs_helper_desc_equal(const hs_descriptor_t *desc1, + const hs_descriptor_t *desc2); + +#endif /* TOR_HS_TEST_HELPERS_H */ + diff --git a/src/test/include.am b/src/test/include.am index 829c282dd9..29ba1ce7c9 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -77,6 +77,7 @@ src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \ src_test_test_SOURCES = \ src/test/log_test_helpers.c \ + src/test/hs_test_helpers.c \ src/test/rend_test_helpers.c \ src/test/test.c \ src/test/test_accounting.c \ @@ -86,6 +87,7 @@ src_test_test_SOURCES = \ src/test/test_cell_formats.c \ src/test/test_cell_queue.c \ src/test/test_channel.c \ + src/test/test_channelpadding.c \ src/test/test_channeltls.c \ src/test/test_checkdir.c \ src/test/test_circuitlist.c \ @@ -262,6 +264,7 @@ src_test_test_timers_LDFLAGS = $(src_test_test_LDFLAGS) noinst_HEADERS+= \ src/test/fakechans.h \ + src/test/hs_test_helpers.h \ src/test/log_test_helpers.h \ src/test/rend_test_helpers.h \ src/test/test.h \ diff --git a/src/test/test.c b/src/test/test.c index 18805cb3b7..68f5f90fd7 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1186,6 +1186,7 @@ struct testgroup_t testgroups[] = { { "cellfmt/", cell_format_tests }, { "cellqueue/", cell_queue_tests }, { "channel/", channel_tests }, + { "channelpadding/", channelpadding_tests }, { "channeltls/", channeltls_tests }, { "checkdir/", checkdir_tests }, { "circuitbuild/", circuitbuild_tests }, diff --git a/src/test/test.h b/src/test/test.h index 3dc1c332c7..6abaf39e6f 100644 --- a/src/test/test.h +++ b/src/test/test.h @@ -181,6 +181,7 @@ extern struct testcase_t buffer_tests[]; extern struct testcase_t cell_format_tests[]; extern struct testcase_t cell_queue_tests[]; extern struct testcase_t channel_tests[]; +extern struct testcase_t channelpadding_tests[]; extern struct testcase_t channeltls_tests[]; extern struct testcase_t checkdir_tests[]; extern struct testcase_t circuitbuild_tests[]; diff --git a/src/test/test_buffers.c b/src/test/test_buffers.c index ce5ac97b3d..07114a8571 100644 --- a/src/test/test_buffers.c +++ b/src/test/test_buffers.c @@ -611,7 +611,11 @@ test_buffers_compress_fin_at_chunk_end_impl(compress_method_t method, tt_int_op(fetch_from_buf(contents, in_len, buf), OP_EQ, 0); - tt_uint_op(in_len, OP_GT, headerjunk); + if (method == NO_METHOD) { + tt_uint_op(in_len, OP_EQ, headerjunk); + } else { + tt_uint_op(in_len, OP_GT, headerjunk); + } tt_int_op(0, OP_EQ, tor_uncompress(&expanded, &out_len, contents + headerjunk, @@ -854,7 +858,9 @@ struct testcase_t buffer_tests[] = { { "compress/zstd", test_buffers_compress, TT_FORK, &passthrough_setup, (char*)"x-zstd" }, { "compress/lzma", test_buffers_compress, TT_FORK, - &passthrough_setup, (char*)"x-lzma" }, + &passthrough_setup, (char*)"x-tor-lzma" }, + { "compress/none", test_buffers_compress, TT_FORK, + &passthrough_setup, (char*)"identity" }, END_OF_TESTCASES }; diff --git a/src/test/test_channelpadding.c b/src/test/test_channelpadding.c new file mode 100644 index 0000000000..0a70184f86 --- /dev/null +++ b/src/test/test_channelpadding.c @@ -0,0 +1,900 @@ +#define TOR_CHANNEL_INTERNAL_ +#define MAIN_PRIVATE +#define NETWORKSTATUS_PRIVATE +#include "or.h" +#include "test.h" +#include "testsupport.h" +#include "connection.h" +#include "connection_or.h" +#include "channel.h" +#include "channeltls.h" +#include "channelpadding.h" +#include "compat_libevent.h" +#include "config.h" +#include <event2/event.h> +#include "compat_time.h" +#include "main.h" +#include "networkstatus.h" +#include "log_test_helpers.h" + +int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan); +int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan); +int channelpadding_send_disable_command(channel_t*); +int channelpadding_find_timerslot(channel_t *chan); + +void test_channelpadding_timers(void *arg); +void test_channelpadding_consensus(void *arg); +void test_channelpadding_negotiation(void *arg); +void test_channelpadding_decide_to_pad_channel(void *arg); + +void dummy_nop_timer(void); + +/* Thing to cast to fake tor_tls_t * to appease assert_connection_ok() */ +static int fake_tortls = 0; /* Bleh... */ + +static int dont_stop_libevent = 0; + +// From test_channel.c +channel_t * new_fake_channel(void); +void free_fake_channel(channel_t*); + +static int +mock_channel_has_queued_writes(channel_t *chan) +{ + (void)chan; + return 0; +} + +static int tried_to_write_cell = 0; + +static channel_t *relay1_relay2; +static channel_t *relay2_relay1; +static channel_t *relay3_client; +static channel_t *client_relay3; + +static int +mock_channel_write_cell_relay2(channel_t *chan, cell_t *cell) +{ + (void)chan; + tried_to_write_cell++; + channel_tls_handle_cell(cell, ((channel_tls_t*)relay1_relay2)->conn); + event_base_loopbreak(tor_libevent_get_base()); + return 0; +} + +static int +mock_channel_write_cell_relay1(channel_t *chan, cell_t *cell) +{ + (void)chan; + tried_to_write_cell++; + channel_tls_handle_cell(cell, ((channel_tls_t*)relay2_relay1)->conn); + event_base_loopbreak(tor_libevent_get_base()); + return 0; +} + +static int +mock_channel_write_cell_relay3(channel_t *chan, cell_t *cell) +{ + (void)chan; + tried_to_write_cell++; + channel_tls_handle_cell(cell, ((channel_tls_t*)client_relay3)->conn); + event_base_loopbreak(tor_libevent_get_base()); + return 0; +} + +static int +mock_channel_write_cell_client(channel_t *chan, cell_t *cell) +{ + (void)chan; + tried_to_write_cell++; + channel_tls_handle_cell(cell, ((channel_tls_t*)relay3_client)->conn); + event_base_loopbreak(tor_libevent_get_base()); + return 0; +} + +static int +mock_channel_write_cell(channel_t *chan, cell_t *cell) +{ + tried_to_write_cell++; + channel_tls_handle_cell(cell, ((channel_tls_t*)chan)->conn); + if (!dont_stop_libevent) + event_base_loopbreak(tor_libevent_get_base()); + return 0; +} + +static void +setup_fake_connection_for_channel(channel_tls_t *chan) +{ + or_connection_t *conn = (or_connection_t*)connection_new(CONN_TYPE_OR, + AF_INET); + + conn->base_.conn_array_index = smartlist_len(connection_array); + smartlist_add(connection_array, conn); + + connection_or_set_canonical(conn, 1); + + conn->chan = chan; + chan->conn = conn; + + conn->base_.magic = OR_CONNECTION_MAGIC; + conn->base_.state = OR_CONN_STATE_OPEN; + conn->base_.type = CONN_TYPE_OR; + conn->base_.socket_family = AF_INET; + conn->base_.address = tor_strdup("<fake>"); + + conn->base_.port = 4242; + + conn->tls = (tor_tls_t *)((void *)(&fake_tortls)); + + conn->link_proto = MIN_LINK_PROTO_FOR_CHANNEL_PADDING; +} + +static channel_tls_t * +new_fake_channeltls(uint8_t id) +{ + channel_tls_t *chan = tor_realloc(new_fake_channel(), sizeof(channel_tls_t)); + chan->base_.magic = TLS_CHAN_MAGIC; + setup_fake_connection_for_channel(chan); + chan->base_.channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; + chan->base_.has_queued_writes = mock_channel_has_queued_writes; + chan->base_.write_cell = mock_channel_write_cell; + chan->base_.padding_enabled = 1; + + chan->base_.identity_digest[0] = id; + channel_register(&chan->base_); + + return chan; +} + +static void +free_fake_channeltls(channel_tls_t *chan) +{ + channel_unregister(&chan->base_); + + tor_free(((channel_tls_t*)chan)->conn->base_.address); + buf_free(((channel_tls_t*)chan)->conn->base_.inbuf); + buf_free(((channel_tls_t*)chan)->conn->base_.outbuf); + tor_free(((channel_tls_t*)chan)->conn); + + timer_free(chan->base_.padding_timer); + channel_handle_free(chan->base_.timer_handle); + channel_handles_clear(&chan->base_); + + free_fake_channel(&chan->base_); + + return; +} + +static void +setup_mock_network(void) +{ + routerstatus_t *relay; + connection_array = smartlist_new(); + + current_md_consensus = current_ns_consensus + = tor_malloc_zero(sizeof(networkstatus_t)); + current_md_consensus->net_params = smartlist_new(); + current_md_consensus->routerstatus_list = smartlist_new(); + channelpadding_new_consensus_params(current_md_consensus); + + relay1_relay2 = (channel_t*)new_fake_channeltls(2); + relay1_relay2->write_cell = mock_channel_write_cell_relay1; + channel_timestamp_active(relay1_relay2); + relay = tor_malloc_zero(sizeof(routerstatus_t)); + relay->identity_digest[0] = 1; + smartlist_add(current_md_consensus->routerstatus_list, relay); + + relay2_relay1 = (channel_t*)new_fake_channeltls(1); + relay2_relay1->write_cell = mock_channel_write_cell_relay2; + channel_timestamp_active(relay2_relay1); + relay = tor_malloc_zero(sizeof(routerstatus_t)); + relay->identity_digest[0] = 2; + smartlist_add(current_md_consensus->routerstatus_list, relay); + + relay3_client = (channel_t*)new_fake_channeltls(0); + relay3_client->write_cell = mock_channel_write_cell_relay3; + relay3_client->is_client = 1; + channel_timestamp_active(relay3_client); + relay = tor_malloc_zero(sizeof(routerstatus_t)); + relay->identity_digest[0] = 3; + smartlist_add(current_md_consensus->routerstatus_list, relay); + + client_relay3 = (channel_t*)new_fake_channeltls(3); + client_relay3->write_cell = mock_channel_write_cell_client; + channel_timestamp_active(client_relay3); +} + +static void +free_mock_network(void) +{ + free_fake_channeltls((channel_tls_t*)relay1_relay2); + free_fake_channeltls((channel_tls_t*)relay2_relay1); + free_fake_channeltls((channel_tls_t*)relay3_client); + free_fake_channeltls((channel_tls_t*)client_relay3); + + SMARTLIST_FOREACH(current_md_consensus->routerstatus_list, void *, r, + tor_free(r)); + smartlist_free(current_md_consensus->routerstatus_list); + smartlist_free(current_ns_consensus->net_params); + smartlist_free(connection_array); + tor_free(current_ns_consensus); +} + +static void +dummy_timer_cb(tor_timer_t *t, void *arg, const monotime_t *now_mono) +{ + (void)t; (void)arg; (void)now_mono; + event_base_loopbreak(tor_libevent_get_base()); + return; +} + +// This hack adds a dummy timer so that the libevent base loop +// actually returns when we don't expect any timers to fire. Otherwise, +// the global_timer_event gets scheduled an hour from now, and the +// base loop never returns. +void +dummy_nop_timer(void) +{ + tor_timer_t *dummy_timer = timer_new(dummy_timer_cb, NULL); + struct timeval timeout; + timeout.tv_sec = 1; + timeout.tv_usec = 0; + + timer_schedule(dummy_timer, &timeout); + + event_base_loop(tor_libevent_get_base(), 0); + timer_free(dummy_timer); +} + +#define CHANNELPADDING_MAX_TIMERS 25 +#define CHANNELS_TO_TEST (CHANNELPADDING_MAX_TIMERS*4) +/** + * Tests to ensure that we handle more than the max number of pending + * timers properly. + */ +void +test_channelpadding_timers(void *arg) +{ + channelpadding_decision_t decision; + channel_t *chans[CHANNELS_TO_TEST]; + (void)arg; + + tor_libevent_postfork(); + + connection_array = smartlist_new(); + + monotime_init(); + timers_initialize(); + channelpadding_new_consensus_params(NULL); + + for (int i = 0; i < CHANNELS_TO_TEST; i++) { + chans[i] = (channel_t*)new_fake_channeltls(0); + channel_timestamp_active(chans[i]); + } + + for (int j = 0; j < 2; j++) { + tried_to_write_cell = 0; + int i = 0; + + /* This loop fills our timerslot array with timers of increasing time + * until they fire */ + for (; i < CHANNELPADDING_MAX_TIMERS; i++) { + chans[i]->next_padding_time_ms = monotime_coarse_absolute_msec() + + 10 + i*4; + decision = channelpadding_decide_to_pad_channel(chans[i]); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chans[i]->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + } + + /* This loop should add timers to the first position in the timerslot + * array, since its timeout is before all other timers. */ + for (; i < CHANNELS_TO_TEST/3; i++) { + chans[i]->next_padding_time_ms = monotime_coarse_absolute_msec() + 1; + decision = channelpadding_decide_to_pad_channel(chans[i]); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chans[i]->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + } + + /* This loop should add timers to our existing lists in a weak + * pseudorandom pattern. It ensures that the lists can grow with multiple + * timers in them. */ + for (; i < CHANNELS_TO_TEST/2; i++) { + chans[i]->next_padding_time_ms = monotime_coarse_absolute_msec() + 10 + + i*3 % CHANNELPADDING_MAX_TIMERS; + decision = channelpadding_decide_to_pad_channel(chans[i]); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chans[i]->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + } + + /* This loop should add timers to the last position in the timerslot + * array, since its timeout is after all other timers. */ + for (; i < CHANNELS_TO_TEST; i++) { + chans[i]->next_padding_time_ms = monotime_coarse_absolute_msec() + 500 + + i % CHANNELPADDING_MAX_TIMERS; + decision = channelpadding_decide_to_pad_channel(chans[i]); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chans[i]->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + } + + // Wait for the timers and then kill the event loop. + dont_stop_libevent = 1; + dummy_nop_timer(); + + tt_int_op(tried_to_write_cell, OP_EQ, CHANNELS_TO_TEST); + + // Test that we have no pending callbacks and all empty slots now + for (i = 0; i < CHANNELS_TO_TEST; i++) { + tt_assert(!chans[i]->pending_padding_callback); + } + } + + done: + for (int i = 0; i < CHANNELS_TO_TEST; i++) { + free_fake_channeltls((channel_tls_t*)chans[i]); + } + smartlist_free(connection_array); + + timers_shutdown(); + channel_free_all(); + + return; +} + +void +test_channelpadding_consensus(void *arg) +{ + channelpadding_decision_t decision; + or_options_t *options = get_options_mutable(); + int64_t val; + (void)arg; + + tor_libevent_postfork(); + + /* + * Params tested: + * nf_pad_before_usage + * nf_pad_relays + * nf_ito_low + * nf_ito_high + * + * Plan: + * 1. Padding can be completely disabled via consensus + * 2. Negotiation can't re-enable consensus-disabled padding + * 3. Negotiation can't increase padding from relays beyond + * consensus defaults + * 4. Relay-to-relay padding can be enabled/disabled in consensus + * 5. Can enable/disable padding before actually using a connection + * 6. Can we control circ and TLS conn lifetime from the consensus? + */ + channel_t *chan; + routerstatus_t *relay = tor_malloc_zero(sizeof(routerstatus_t)); + monotime_init(); + timers_initialize(); + + connection_array = smartlist_new(); + chan = (channel_t*)new_fake_channeltls(0); + channel_timestamp_active(chan); + + current_md_consensus = current_ns_consensus + = tor_malloc_zero(sizeof(networkstatus_t)); + current_md_consensus->net_params = smartlist_new(); + current_md_consensus->routerstatus_list = smartlist_new(); + channelpadding_new_consensus_params(current_md_consensus); + + get_options_mutable()->ORPort_set = 1; + + /* Test 1: Padding can be completely disabled via consensus */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED); + + // Wait for the timer + event_base_loop(tor_libevent_get_base(), 0); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_low=0"); + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_high=0"); + get_options_mutable()->ConnectionPadding = 1; + channelpadding_new_consensus_params(current_md_consensus); + + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!chan->pending_padding_callback); + val = channelpadding_get_netflow_inactive_timeout_ms(chan); + tt_i64_op(val, OP_EQ, 0); + val = channelpadding_compute_time_until_pad_for_netflow(chan); + tt_i64_op(val, OP_EQ, -2); + + /* Test 2: Negotiation can't re-enable consensus-disabled padding */ + channelpadding_send_enable_command(chan, 100, 200); + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!chan->pending_padding_callback); + val = channelpadding_get_netflow_inactive_timeout_ms(chan); + tt_i64_op(val, OP_EQ, 0); + val = channelpadding_compute_time_until_pad_for_netflow(chan); + tt_i64_op(val, OP_EQ, -2); + tt_assert(!chan->next_padding_time_ms); + + smartlist_clear(current_md_consensus->net_params); + + /* Test 3: Negotiation can't increase padding from relays beyond consensus + * values */ + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_low=100"); + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_high=200"); + channelpadding_new_consensus_params(current_md_consensus); + + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + val = channelpadding_get_netflow_inactive_timeout_ms(chan); + tt_i64_op(val, OP_GE, 100); + tt_i64_op(val, OP_LE, 200); + val = channelpadding_compute_time_until_pad_for_netflow(chan); + tt_i64_op(val, OP_LE, 200); + + // Wait for the timer + event_base_loop(tor_libevent_get_base(), 0); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + smartlist_clear(current_md_consensus->net_params); + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_low=1500"); + smartlist_add(current_md_consensus->net_params, + (void*)"nf_ito_high=4500"); + channelpadding_new_consensus_params(current_md_consensus); + + channelpadding_send_enable_command(chan, 100, 200); + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + tt_assert(!chan->pending_padding_callback); + val = channelpadding_get_netflow_inactive_timeout_ms(chan); + tt_i64_op(val, OP_GE, 1500); + tt_i64_op(val, OP_LE, 4500); + val = channelpadding_compute_time_until_pad_for_netflow(chan); + tt_i64_op(val, OP_LE, 4500); + + /* Test 4: Relay-to-relay padding can be enabled/disabled in consensus */ + /* Make this channel a relay's channel */ + memcpy(relay->identity_digest, + ((channel_tls_t *)chan)->conn->identity_digest, DIGEST_LEN); + smartlist_add(current_md_consensus->routerstatus_list, relay); + + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!chan->pending_padding_callback); + + smartlist_add(current_md_consensus->net_params, + (void*)"nf_pad_relays=1"); + channelpadding_new_consensus_params(current_md_consensus); + + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + tt_assert(!chan->pending_padding_callback); + val = channelpadding_get_netflow_inactive_timeout_ms(chan); + tt_i64_op(val, OP_GE, 1500); + tt_i64_op(val, OP_LE, 4500); + val = channelpadding_compute_time_until_pad_for_netflow(chan); + tt_i64_op(val, OP_LE, 4500); + + /* Test 5: If we disable padding before channel usage, does that work? */ + smartlist_add(current_md_consensus->net_params, + (void*)"nf_pad_before_usage=0"); + channelpadding_new_consensus_params(current_md_consensus); + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!chan->pending_padding_callback); + + /* Test 6: Can we control circ and TLS conn lifetime from the consensus? */ + val = channelpadding_get_channel_idle_timeout(NULL, 0); + tt_i64_op(val, OP_GE, 180); + tt_i64_op(val, OP_LE, 180+90); + val = channelpadding_get_channel_idle_timeout(chan, 0); + tt_i64_op(val, OP_GE, 180); + tt_i64_op(val, OP_LE, 180+90); + options->ReducedConnectionPadding = 1; + val = channelpadding_get_channel_idle_timeout(chan, 0); + tt_i64_op(val, OP_GE, 180/2); + tt_i64_op(val, OP_LE, (180+90)/2); + + options->ReducedConnectionPadding = 0; + options->ORPort_set = 1; + smartlist_add(current_md_consensus->net_params, + (void*)"nf_conntimeout_relays=600"); + channelpadding_new_consensus_params(current_md_consensus); + val = channelpadding_get_channel_idle_timeout(chan, 1); + tt_i64_op(val, OP_GE, 450); + tt_i64_op(val, OP_LE, 750); + + val = channelpadding_get_circuits_available_timeout(); + tt_i64_op(val, OP_GE, 30*60); + tt_i64_op(val, OP_LE, 30*60*2); + + options->ReducedConnectionPadding = 1; + smartlist_add(current_md_consensus->net_params, + (void*)"nf_conntimeout_clients=600"); + channelpadding_new_consensus_params(current_md_consensus); + val = channelpadding_get_circuits_available_timeout(); + tt_i64_op(val, OP_GE, 600/2); + tt_i64_op(val, OP_LE, 600*2/2); + + options->ReducedConnectionPadding = 0; + options->CircuitsAvailableTimeout = 24*60*60; + val = channelpadding_get_circuits_available_timeout(); + tt_i64_op(val, OP_GE, 24*60*60); + tt_i64_op(val, OP_LE, 24*60*60*2); + + done: + free_fake_channeltls((channel_tls_t*)chan); + smartlist_free(connection_array); + smartlist_free(current_md_consensus->routerstatus_list); + smartlist_free(current_ns_consensus->net_params); + tor_free(relay); + tor_free(current_ns_consensus); + + timers_shutdown(); + channel_free_all(); + + return; +} + +void +test_channelpadding_negotiation(void *arg) +{ + channelpadding_negotiate_t disable; + cell_t cell; + channelpadding_decision_t decision; + int val; + (void)arg; + + /* Plan: + * 1. Clients reject negotiation, relays accept it. + * * Bridges accept negotiation from their clients, + * but not from relays. + * 2. Torrc options can override client-side negotiation + * 3. Test a version issue in channelpadidng cell + * 4. Test channelpadding_reduced_padding + */ + monotime_init(); + timers_initialize(); + setup_mock_network(); + + /* Test case #1: Do the right things ignore negotiation? */ + /* relay-to-client case: */ + channelpadding_send_disable_command(relay3_client); + tt_assert(client_relay3->padding_enabled); + + /* client-to-relay case: */ + get_options_mutable()->ORPort_set = 1; + channelpadding_disable_padding_on_channel(client_relay3); + tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ, + CHANNELPADDING_WONTPAD); + tt_assert(!relay3_client->padding_enabled); + relay3_client->padding_enabled = 1; + client_relay3->padding_enabled = 1; + + /* Bridge case from relay */ + get_options_mutable()->BridgeRelay = 1; + channelpadding_disable_padding_on_channel(relay2_relay1); + tt_assert(relay1_relay2->padding_enabled); + + /* Bridge case from client */ + channelpadding_disable_padding_on_channel(client_relay3); + tt_assert(!relay3_client->padding_enabled); + tt_int_op(channelpadding_decide_to_pad_channel(relay3_client), OP_EQ, + CHANNELPADDING_WONTPAD); + relay3_client->padding_enabled = 1; + client_relay3->padding_enabled = 1; + get_options_mutable()->BridgeRelay = 0; + get_options_mutable()->ORPort_set = 0; + + /* Test case #2: Torrc options */ + /* ConnectionPadding auto; Relay doesn't suport us */ + ((channel_tls_t*)relay3_client)->conn->link_proto = 4; + relay3_client->padding_enabled = 0; + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(relay3_client); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!relay3_client->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + ((channel_tls_t*)relay3_client)->conn->link_proto = 5; + relay3_client->padding_enabled = 1; + + /* ConnectionPadding 1; Relay doesn't suport us */ + get_options_mutable()->ConnectionPadding = 1; + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(client_relay3); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + tt_assert(!client_relay3->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + get_options_mutable()->ConnectionPadding = 0; + + /* Test case #3: Test a version issue in channelpadding cell */ + get_options_mutable()->ORPort_set = 1; + client_relay3->padding_enabled = 1; + relay3_client->padding_enabled = 1; + memset(&cell, 0, sizeof(cell_t)); + memset(&disable, 0, sizeof(channelpadding_negotiate_t)); + cell.command = CELL_PADDING_NEGOTIATE; + + channelpadding_negotiate_set_command(&disable, CHANNELPADDING_COMMAND_STOP); + disable.version = 1; + channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable); + client_relay3->write_cell(client_relay3, &cell); + tt_assert(relay3_client->padding_enabled); + tt_int_op(channelpadding_update_padding_for_channel(client_relay3, &disable), + OP_EQ, -1); + tt_assert(client_relay3->padding_enabled); + + disable.version = 0; + channelpadding_negotiate_encode(cell.payload, CELL_PAYLOAD_SIZE, &disable); + client_relay3->write_cell(client_relay3, &cell); + tt_assert(!relay3_client->padding_enabled); + + /* Test case 4: Reducing padding actually reduces it */ + relay3_client->padding_enabled = 1; + client_relay3->padding_enabled = 1; + + decision = channelpadding_decide_to_pad_channel(relay3_client); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + + channelpadding_reduce_padding_on_channel(client_relay3); + + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(relay3_client); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + + get_options_mutable()->ORPort_set = 0; + decision = channelpadding_decide_to_pad_channel(client_relay3); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + + tt_assert(!client_relay3->pending_padding_callback); + val = channelpadding_get_netflow_inactive_timeout_ms(client_relay3); + tt_int_op(val, OP_GE, 9000); + tt_int_op(val, OP_LE, 14000); + int64_t val64 = + channelpadding_compute_time_until_pad_for_netflow(client_relay3); + tt_i64_op(val64, OP_LE, 14000); + + done: + free_mock_network(); + + timers_shutdown(); + channel_free_all(); + + return; +} + +void +test_channelpadding_decide_to_pad_channel(void *arg) +{ + channelpadding_decision_t decision; + /** + * Test case plan: + * + * 1. Channel that has "sent a packet" before the timeout. + * + We should decide to pad later + * 2. Channel that has not "sent a packet" before the timeout: + * 2a. Not within 1.1s of the timeout. + * + We should decide to pad later + * 2b. Within 1.1s of the timemout. + * + We should schedule padding + * + We should get feedback that we wrote a cell + * 2c. Within 0.1s of the timeout. + * + We should schedule padding + * + We should get feedback that we wrote a cell + * 2d. Channel that asks to pad while timeout is scheduled + * + We should schedule padding + * + We should get feedback that we wrote a cell + * 2e. 0s of the timeout + * + We should send padding immediately + * + We should get feedback that we wrote a cell + * 2f. <0s of the timeout + * + We should send padding immediately + * + We should get feedback that we wrote a cell + * 3. Channel that sends a packet while timeout is scheduled + * + We should not get feedback that we wrote a cell + * 4. Channel that closes while timeout is scheduled + * + We should not get feedback that we wrote a cell + * 5. Make sure the channel still would work if repaired + * + We should be able to schedule padding and resend + * 6. Channel is not used for full circuits + * 7. Channel that disappears while timeout is scheduled + * + We should not send padding + */ + channel_t *chan; + connection_array = smartlist_new(); + (void)arg; + + tor_libevent_postfork(); + + monotime_init(); + timers_initialize(); + setup_full_capture_of_logs(LOG_WARN); + channelpadding_new_consensus_params(NULL); + + chan = (channel_t*)new_fake_channeltls(0); + channel_timestamp_active(chan); + + /* Test case #1: Channel that has "sent a packet" before the timeout. */ + tried_to_write_cell = 0; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + tt_assert(!chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + /* Test case #2a: > 1.1s until timeout */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 1200; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADLATER); + tt_assert(!chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + /* Test case #2b: >= 1.0s until timeout */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 1000; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + // Wait for the timer from case #2b + event_base_loop(tor_libevent_get_base(), 0); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + /* Test case #2c: > 0.1s until timeout */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + /* Test case #2d: Channel that asks to pad while timeout is scheduled */ + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_ALREADY_SCHEDULED); + + // Wait for the timer + event_base_loop(tor_libevent_get_base(), 0); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + /* Test case #2e: 0s until timeout */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec(); + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + /* Test case #2f: <0s until timeout */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() - 100; + decision = channelpadding_decide_to_pad_channel(chan); + expect_log_msg("Channel padding timeout scheduled 100ms in the past. " + "Did the monotonic clock just jump?\n"); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SENT); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + /* Test case #3: Channel that sends a packet while timeout is scheduled */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + tt_assert(chan->pending_padding_callback); + + // Pretend the channel sent a packet + channel_timestamp_active(chan); + + // We don't expect any timer callbacks here. Make a dummy one to be sure. + dummy_nop_timer(); + + tt_int_op(tried_to_write_cell, OP_EQ, 0); + tt_assert(!chan->pending_padding_callback); + + /* Test case #4: Channel that closes while a timeout is scheduled */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + tt_assert(chan->pending_padding_callback); + + // Pretend the channel is temporarily down + chan->state = CHANNEL_STATE_MAINT; + + // We don't expect any timer callbacks here. Make a dummy one to be sure. + dummy_nop_timer(); + + tt_int_op(tried_to_write_cell, OP_EQ, 0); + tt_assert(!chan->pending_padding_callback); + chan->state = CHANNEL_STATE_OPEN; + + /* Test case #5: Make sure previous test case didn't break everything */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_assert(chan->pending_padding_callback); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + // Wait for the timer + event_base_loop(tor_libevent_get_base(), 0); + tt_int_op(tried_to_write_cell, OP_EQ, 1); + tt_assert(!chan->pending_padding_callback); + + /* Test case #6. Channel is not used for full circuits */ + chan->channel_usage = CHANNEL_USED_NOT_USED_FOR_FULL_CIRCS; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD); + tt_assert(!chan->pending_padding_callback); + chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS; + + /* Test case #7. Channel is closed while timeout is scheduled. + * + * NOTE: This test deliberately breaks the channel callback mechanism. + * It must be last. + */ + tried_to_write_cell = 0; + chan->next_padding_time_ms = monotime_coarse_absolute_msec() + 100; + decision = channelpadding_decide_to_pad_channel(chan); + tt_int_op(decision, OP_EQ, CHANNELPADDING_PADDING_SCHEDULED); + tt_int_op(tried_to_write_cell, OP_EQ, 0); + tt_assert(chan->pending_padding_callback); + + // Close the connection while the timer is scheduled + free_fake_channeltls((channel_tls_t*)chan); + + // We don't expect any timer callbacks here. Make a dummy one to be sure. + dummy_nop_timer(); + + tt_int_op(tried_to_write_cell, OP_EQ, 0); + + done: + smartlist_free(connection_array); + + teardown_capture_of_logs(); + timers_shutdown(); + channel_free_all(); + + return; +} + +#define TEST_CHANNELPADDING(name, flags) \ + { #name, test_##name, (flags), NULL, NULL } + +struct testcase_t channelpadding_tests[] = { + //TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, 0), + TEST_CHANNELPADDING(channelpadding_decide_to_pad_channel, TT_FORK), + TEST_CHANNELPADDING(channelpadding_negotiation, TT_FORK), + TEST_CHANNELPADDING(channelpadding_consensus, TT_FORK), + TEST_CHANNELPADDING(channelpadding_timers, TT_FORK), + END_OF_TESTCASES +}; + diff --git a/src/test/test_config.c b/src/test/test_config.c index f0874e0e0b..983fe88524 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -854,9 +854,23 @@ static void test_config_fix_my_family(void *arg) { char *err = NULL; - const char *family = "$1111111111111111111111111111111111111111, " - "1111111111111111111111111111111111111112, " - "$1111111111111111111111111111111111111113"; + config_line_t *family = tor_malloc_zero(sizeof(config_line_t)); + family->key = tor_strdup("MyFamily"); + family->value = tor_strdup("$1111111111111111111111111111111111111111, " + "1111111111111111111111111111111111111112, " + "$1111111111111111111111111111111111111113"); + + config_line_t *family2 = tor_malloc_zero(sizeof(config_line_t)); + family2->key = tor_strdup("MyFamily"); + family2->value = tor_strdup("1111111111111111111111111111111111111114"); + + config_line_t *family3 = tor_malloc_zero(sizeof(config_line_t)); + family3->key = tor_strdup("MyFamily"); + family3->value = tor_strdup("$1111111111111111111111111111111111111115"); + + family->next = family2; + family2->next = family3; + family3->next = NULL; or_options_t* options = options_new(); or_options_t* defaults = options_new(); @@ -864,7 +878,7 @@ test_config_fix_my_family(void *arg) options_init(options); options_init(defaults); - options->MyFamily = tor_strdup(family); + options->MyFamily_lines = family; options_validate(NULL, options, defaults, 0, &err) ; @@ -872,18 +886,23 @@ test_config_fix_my_family(void *arg) TT_FAIL(("options_validate failed: %s", err)); } - tt_str_op(options->MyFamily,OP_EQ, - "$1111111111111111111111111111111111111111, " - "$1111111111111111111111111111111111111112, " - "$1111111111111111111111111111111111111113"); - - done: - if (err != NULL) { - tor_free(err); - } + const char *valid[] = { "$1111111111111111111111111111111111111111", + "$1111111111111111111111111111111111111112", + "$1111111111111111111111111111111111111113", + "$1111111111111111111111111111111111111114", + "$1111111111111111111111111111111111111115" }; + int ret_size = 0; + config_line_t *ret; + for (ret = options->MyFamily; ret && ret_size < 5; ret = ret->next) { + tt_str_op(ret->value, OP_EQ, valid[ret_size]); + ret_size++; + } + tt_int_op(ret_size, OP_EQ, 5); - or_options_free(options); - or_options_free(defaults); + done: + tor_free(err); + or_options_free(options); + or_options_free(defaults); } static int n_hostname_01010101 = 0; @@ -3864,144 +3883,6 @@ mock_config_line(const char *key, const char *val) } static void -test_config_parse_port_config__listenaddress(void *data) -{ - (void)data; - int ret; - config_line_t *config_listen_address = NULL, *config_listen_address2 = NULL, - *config_listen_address3 = NULL; - config_line_t *config_port1 = NULL, *config_port2 = NULL, - *config_port3 = NULL, *config_port4 = NULL, *config_port5 = NULL; - smartlist_t *slout = NULL; - port_cfg_t *port_cfg = NULL; - - // Test basic invocation with no arguments - ret = parse_port_config(NULL, NULL, NULL, NULL, 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, 0); - - // Setup some test data - config_listen_address = mock_config_line("DNSListenAddress", "127.0.0.1"); - config_listen_address2 = mock_config_line("DNSListenAddress", "x$$$:::345"); - config_listen_address3 = mock_config_line("DNSListenAddress", - "127.0.0.1:1442"); - config_port1 = mock_config_line("DNSPort", "42"); - config_port2 = mock_config_line("DNSPort", "43"); - config_port1->next = config_port2; - config_port3 = mock_config_line("DNSPort", "auto"); - config_port4 = mock_config_line("DNSPort", "55542"); - config_port5 = mock_config_line("DNSPort", "666777"); - - // Test failure when we have a ListenAddress line and several - // Port lines for the same portname - ret = parse_port_config(NULL, config_port1, config_listen_address, "DNS", 0, - NULL, 0, 0); - - tt_int_op(ret, OP_EQ, -1); - - // Test case when we have a listen address, no default port and allow - // spurious listen address lines - ret = parse_port_config(NULL, NULL, config_listen_address, "DNS", 0, NULL, - 0, CL_PORT_ALLOW_EXTRA_LISTENADDR); - tt_int_op(ret, OP_EQ, 1); - - // Test case when we have a listen address, no default port but doesn't - // allow spurious listen address lines - ret = parse_port_config(NULL, NULL, config_listen_address, "DNS", 0, NULL, - 0, 0); - tt_int_op(ret, OP_EQ, -1); - - // Test case when we have a listen address, and a port that points to auto, - // should use the AUTO port - slout = smartlist_new(); - ret = parse_port_config(slout, config_port3, config_listen_address, "DNS", - 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, 0); - tt_int_op(smartlist_len(slout), OP_EQ, 1); - port_cfg = (port_cfg_t *)smartlist_get(slout, 0); - tt_int_op(port_cfg->port, OP_EQ, CFG_AUTO_PORT); - - // Test when we have a listen address and a custom port - ret = parse_port_config(slout, config_port4, config_listen_address, "DNS", - 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, 0); - tt_int_op(smartlist_len(slout), OP_EQ, 2); - port_cfg = (port_cfg_t *)smartlist_get(slout, 1); - tt_int_op(port_cfg->port, OP_EQ, 55542); - - // Test when we have a listen address and an invalid custom port - ret = parse_port_config(slout, config_port5, config_listen_address, "DNS", - 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, -1); - - // Test we get a server port configuration when asked for it - ret = parse_port_config(slout, NULL, config_listen_address, "DNS", 0, NULL, - 123, CL_PORT_SERVER_OPTIONS); - tt_int_op(ret, OP_EQ, 0); - tt_int_op(smartlist_len(slout), OP_EQ, 4); - port_cfg = (port_cfg_t *)smartlist_get(slout, 2); - tt_int_op(port_cfg->port, OP_EQ, 123); - tt_int_op(port_cfg->server_cfg.no_listen, OP_EQ, 1); - tt_int_op(port_cfg->server_cfg.bind_ipv4_only, OP_EQ, 1); - - // Test an invalid ListenAddress configuration - ret = parse_port_config(NULL, NULL, config_listen_address2, "DNS", 0, NULL, - 222, 0); - tt_int_op(ret, OP_EQ, -1); - - // Test default to the port in the listen address if available - ret = parse_port_config(slout, config_port2, config_listen_address3, "DNS", - 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, 0); - tt_int_op(smartlist_len(slout), OP_EQ, 5); - port_cfg = (port_cfg_t *)smartlist_get(slout, 4); - tt_int_op(port_cfg->port, OP_EQ, 1442); - - // Test we work correctly without an out, but with a listen address - // and a port - ret = parse_port_config(NULL, config_port2, config_listen_address, "DNS", - 0, NULL, 0, 0); - tt_int_op(ret, OP_EQ, 0); - - // Test warning nonlocal control - ret = parse_port_config(slout, config_port2, config_listen_address, "DNS", - CONN_TYPE_CONTROL_LISTENER, NULL, 0, - CL_PORT_WARN_NONLOCAL); - tt_int_op(ret, OP_EQ, 0); - - // Test warning nonlocal ext or listener - ret = parse_port_config(slout, config_port2, config_listen_address, "DNS", - CONN_TYPE_EXT_OR_LISTENER, NULL, 0, - CL_PORT_WARN_NONLOCAL); - tt_int_op(ret, OP_EQ, 0); - - // Test warning nonlocal other - SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); - smartlist_clear(slout); - ret = parse_port_config(slout, config_port2, config_listen_address, "DNS", - 0, NULL, 0, CL_PORT_WARN_NONLOCAL); - tt_int_op(ret, OP_EQ, 0); - - // Test warning nonlocal control without an out - ret = parse_port_config(NULL, config_port2, config_listen_address, "DNS", - CONN_TYPE_CONTROL_LISTENER, NULL, 0, - CL_PORT_WARN_NONLOCAL); - tt_int_op(ret, OP_EQ, 0); - - done: - config_free_lines(config_listen_address); - config_free_lines(config_listen_address2); - config_free_lines(config_listen_address3); - config_free_lines(config_port1); - /* 2 was linked from 1. */ - config_free_lines(config_port3); - config_free_lines(config_port4); - config_free_lines(config_port5); - if (slout) - SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); - smartlist_free(slout); -} - -static void test_config_parse_port_config__ports__no_ports_given(void *data) { (void)data; @@ -4012,40 +3893,40 @@ test_config_parse_port_config__ports__no_ports_given(void *data) slout = smartlist_new(); // Test no defaultport, no defaultaddress and no out - ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, NULL, 0, 0); + ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, 0); // Test with defaultport, no defaultaddress and no out - ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, NULL, 42, 0); + ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 42, 0); tt_int_op(ret, OP_EQ, 0); // Test no defaultport, with defaultaddress and no out - ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0); + ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0); tt_int_op(ret, OP_EQ, 0); // Test with defaultport, with defaultaddress and no out - ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0); + ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0); tt_int_op(ret, OP_EQ, 0); // Test no defaultport, no defaultaddress and with out - ret = parse_port_config(slout, NULL, NULL, "DNS", 0, NULL, 0, 0); + ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test with defaultport, no defaultaddress and with out - ret = parse_port_config(slout, NULL, NULL, "DNS", 0, NULL, 42, 0); + ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 42, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test no defaultport, with defaultaddress and with out - ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0); + ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); // Test with defaultport, with defaultaddress and out, adds a new port cfg SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0); + ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 42, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); port_cfg = (port_cfg_t *)smartlist_get(slout, 0); @@ -4056,7 +3937,7 @@ test_config_parse_port_config__ports__no_ports_given(void *data) // for a unix address SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "/foo/bar/unixdomain", + ret = parse_port_config(slout, NULL, "DNS", 0, "/foo/bar/unixdomain", 42, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4085,28 +3966,28 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test error when encounters an invalid Port specification config_port_invalid = mock_config_line("DNSPort", ""); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test error when encounters an empty unix domain specification config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "unix:"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test error when encounters a unix domain specification but the listener // doesn't support domain sockets config_port_valid = mock_config_line("DNSPort", "unix:/tmp/foo/bar"); - ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", + ret = parse_port_config(NULL, config_port_valid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, 0); tt_int_op(ret, OP_EQ, -1); // Test valid unix domain SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, 0); #ifdef _WIN32 tt_int_op(ret, OP_EQ, -1); @@ -4131,7 +4012,7 @@ test_config_parse_port_config__ports__ports_given(void *data) "unix:/tmp/foo/bar NoIPv4Traffic " "NoIPv6Traffic " "NoOnionTraffic"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "SOCKS", + ret = parse_port_config(NULL, config_port_invalid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4140,7 +4021,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "127.0.0.1:80 NoDNSRequest"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", + ret = parse_port_config(NULL, config_port_invalid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4153,7 +4034,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("DNSPort", "127.0.0.1:80 " "NoIPv6Traffic " "NoIPv4Traffic NoOnionTraffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", + ret = parse_port_config(slout, config_port_valid, "DNS", CONN_TYPE_AP_DNS_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); @@ -4169,7 +4050,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_invalid = mock_config_line("SOCKSPort", "NoIPv6Traffic " "unix:/tmp/foo/bar NoIPv4Traffic"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "SOCKS", + ret = parse_port_config(NULL, config_port_invalid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4182,7 +4063,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4204,7 +4085,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar\" " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4226,7 +4107,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4238,7 +4119,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_valid = mock_config_line("SOCKSPort", "unix:\"\" " "NoIPv6Traffic " "NoDNSRequest NoIPv4Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, -1); @@ -4249,7 +4130,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "OnionTrafficOnly"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4270,7 +4151,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "NoIPv4Traffic IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4289,7 +4170,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar " "IPv4Traffic IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_TAKES_HOSTNAMES); #ifdef _WIN32 @@ -4305,28 +4186,28 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test failure if we specify world writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 WorldWritable"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test failure if we specify group writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 GroupWritable"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test failure if we specify group writable for an IP Port config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "42 RelaxDirModeCheck"); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test success with only a port (this will fail without a default address) config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "42"); - ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); @@ -4335,7 +4216,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateDestPort"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4348,7 +4229,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoIsolateDestPorts"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4361,7 +4242,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateDestAddr"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4374,7 +4255,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateSOCKSAuth"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4387,7 +4268,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateClientProtocol"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4400,7 +4281,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IsolateClientAddr"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4411,7 +4292,7 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with ignored unknown options config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "42 ThisOptionDoesntExist"); - ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); @@ -4420,7 +4301,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoIsolateSOCKSAuth"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.3", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4433,7 +4314,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "42 IPv6Traffic PreferIPv6"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, "127.0.0.42", 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); @@ -4446,7 +4327,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheIPv4DNS"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4459,7 +4340,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheIPv6DNS"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4472,7 +4353,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoCacheIPv4DNS"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4485,7 +4366,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 CacheDNS"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_TAKES_HOSTNAMES); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4498,7 +4379,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseIPv4Cache"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4511,7 +4392,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseIPv6Cache"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4524,7 +4405,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 UseDNSCache"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4537,7 +4418,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 NoPreferIPv6Automap"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4549,7 +4430,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 PreferSOCKSNoAuth"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4564,14 +4445,14 @@ test_config_parse_port_config__ports__ports_given(void *data) config_port_invalid = mock_config_line("DNSPort", "0"); config_port_valid = mock_config_line("DNSPort", "42"); config_port_invalid->next = config_port_valid; - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.42", 0, 0); tt_int_op(ret, OP_EQ, -1); // Test success with warn non-local control SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, NULL, "Control", + ret = parse_port_config(slout, config_port_valid, "Control", CONN_TYPE_CONTROL_LISTENER, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4579,7 +4460,7 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with warn non-local listener SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, NULL, "ExtOR", + ret = parse_port_config(slout, config_port_valid, "ExtOR", CONN_TYPE_EXT_OR_LISTENER, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4587,12 +4468,12 @@ test_config_parse_port_config__ports__ports_given(void *data) // Test success with warn non-local other SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); // Test success with warn non-local other without out - ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_valid, "DNS", 0, "127.0.0.42", 0, CL_PORT_WARN_NONLOCAL); tt_int_op(ret, OP_EQ, 0); @@ -4603,7 +4484,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 IPv4Traffic " "IPv6Traffic"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.44", 0, CL_PORT_TAKES_HOSTNAMES | CL_PORT_NO_STREAM_OPTIONS); @@ -4618,7 +4499,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=invalid"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4630,7 +4511,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4640,7 +4521,7 @@ test_config_parse_port_config__ports__ports_given(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123 " "SessionGroup=321"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4649,7 +4530,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "42 SessionGroup=1111122"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4661,7 +4542,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "0"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 0); @@ -4671,7 +4552,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "something"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4684,7 +4565,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "auto"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4698,7 +4579,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.122:auto"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4711,7 +4592,7 @@ test_config_parse_port_config__ports__ports_given(void *data) config_free_lines(config_port_invalid); config_port_invalid = NULL; config_port_invalid = mock_config_line("DNSPort", "invalidstuff!!:auto"); MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs); - ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); UNMOCK(tor_addr_lookup); tt_int_op(ret, OP_EQ, -1); @@ -4721,7 +4602,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.123:656"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4735,7 +4616,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "something wrong"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4744,7 +4625,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.1.0:123:auto"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, "127.0.0.46", 0, 0); tt_int_op(ret, OP_EQ, -1); @@ -4754,7 +4635,7 @@ test_config_parse_port_config__ports__ports_given(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/somewhere"); - ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS", + ret = parse_port_config(slout, config_port_valid, "SOCKS", CONN_TYPE_AP_LISTENER, "127.0.0.46", 0, CL_PORT_DFLT_GROUP_WRITABLE); #ifdef _WIN32 @@ -4789,7 +4670,7 @@ test_config_parse_port_config__ports__server_options(void *data) config_free_lines(config_port_valid); config_port_valid = NULL; config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 NoAdvertise"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4802,7 +4683,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4816,7 +4697,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen " "NoAdvertise"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4825,7 +4706,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 IPv4Only"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4838,7 +4719,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "[::1]:656 IPv6Only"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4852,7 +4733,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 IPv6Only " "IPv4Only"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4861,7 +4742,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 unknown"); - ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0, + ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, 0); tt_int_op(smartlist_len(slout), OP_EQ, 1); @@ -4872,7 +4753,7 @@ test_config_parse_port_config__ports__server_options(void *data) smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 IPv6Only"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4881,7 +4762,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("DNSPort", "[::1]:656 IPv4Only"); - ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL, + ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4890,7 +4771,7 @@ test_config_parse_port_config__ports__server_options(void *data) SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf)); smartlist_clear(slout); config_port_invalid = mock_config_line("ORPort", "unix:\"\""); - ret = parse_port_config(slout, config_port_invalid, NULL, "ORPort", 0, NULL, + ret = parse_port_config(slout, config_port_invalid, "ORPort", 0, NULL, 0, CL_PORT_SERVER_OPTIONS); tt_int_op(ret, OP_EQ, -1); @@ -4929,6 +4810,542 @@ test_config_parse_log_severity(void *data) tor_free(severity); } +static void +test_config_include_limit(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_limit")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrc_path[PATH_MAX+1]; + tor_snprintf(torrc_path, sizeof(torrc_path), "%s"PATH_SEPARATOR"torrc", dir); + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), "%%include %s", + torrc_path); + tt_int_op(write_str_to_file(torrc_path, torrc_contents, 0), OP_EQ, 0); + + config_line_t *result = NULL; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0, NULL), + OP_EQ, -1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_does_not_exist(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_does_not_exist")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char missing_path[PATH_MAX+1]; + tor_snprintf(missing_path, sizeof(missing_path), "%s"PATH_SEPARATOR"missing", + dir); + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), "%%include %s", + missing_path); + + config_line_t *result = NULL; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0, NULL), + OP_EQ, -1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_error_in_included_file(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_error_in_included_file")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char invalid_path[PATH_MAX+1]; + tor_snprintf(invalid_path, sizeof(invalid_path), "%s"PATH_SEPARATOR"invalid", + dir); + tt_int_op(write_str_to_file(invalid_path, "unclosed \"", 0), OP_EQ, 0); + + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), "%%include %s", + invalid_path); + + config_line_t *result = NULL; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0, NULL), + OP_EQ, -1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_empty_file_folder(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_empty_file_folder")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char folder_path[PATH_MAX+1]; + tor_snprintf(folder_path, sizeof(folder_path), "%s"PATH_SEPARATOR"empty_dir", + dir); +#ifdef _WIN32 + tt_int_op(mkdir(folder_path), OP_EQ, 0); +#else + tt_int_op(mkdir(folder_path, 0700), OP_EQ, 0); +#endif + char file_path[PATH_MAX+1]; + tor_snprintf(file_path, sizeof(file_path), "%s"PATH_SEPARATOR"empty_file", + dir); + tt_int_op(write_str_to_file(file_path, "", 0), OP_EQ, 0); + + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), + "%%include %s\n" + "%%include %s\n", + folder_path, file_path); + + config_line_t *result = NULL; + int include_used; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0,&include_used), + OP_EQ, 0); + tt_ptr_op(result, OP_EQ, NULL); + tt_int_op(include_used, OP_EQ, 1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_recursion_before_after(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_recursion_before_after")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrc_path[PATH_MAX+1]; + tor_snprintf(torrc_path, sizeof(torrc_path), "%s"PATH_SEPARATOR"torrc", dir); + + char file_contents[1000]; + const int limit = MAX_INCLUDE_RECURSION_LEVEL; + int i; + // Loop backwards so file_contents has the contents of the first file by the + // end of the loop + for (i = limit; i > 0; i--) { + if (i < limit) { + tor_snprintf(file_contents, sizeof(file_contents), + "Test %d\n" + "%%include %s%d\n" + "Test %d\n", + i, torrc_path, i + 1, 2 * limit - i); + } else { + tor_snprintf(file_contents, sizeof(file_contents), "Test %d\n", i); + } + + if (i > 1) { + char file_path[PATH_MAX+1]; + tor_snprintf(file_path, sizeof(file_path), "%s%d", torrc_path, i); + tt_int_op(write_str_to_file(file_path, file_contents, 0), OP_EQ, 0); + } + } + + config_line_t *result = NULL; + int include_used; + tt_int_op(config_get_lines_include(file_contents, &result, 0, &include_used), + OP_EQ, 0); + tt_ptr_op(result, OP_NE, NULL); + tt_int_op(include_used, OP_EQ, 1); + + int len = 0; + config_line_t *next; + for (next = result; next != NULL; next = next->next) { + char expected[10]; + tor_snprintf(expected, sizeof(expected), "%d", len + 1); + tt_str_op(next->key, OP_EQ, "Test"); + tt_str_op(next->value, OP_EQ, expected); + len++; + } + tt_int_op(len, OP_EQ, 2 * limit - 1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_recursion_after_only(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_recursion_after_only")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrc_path[PATH_MAX+1]; + tor_snprintf(torrc_path, sizeof(torrc_path), "%s"PATH_SEPARATOR"torrc", dir); + + char file_contents[1000]; + const int limit = MAX_INCLUDE_RECURSION_LEVEL; + int i; + // Loop backwards so file_contents has the contents of the first file by the + // end of the loop + for (i = limit; i > 0; i--) { + int n = (i - limit - 1) * -1; + if (i < limit) { + tor_snprintf(file_contents, sizeof(file_contents), + "%%include %s%d\n" + "Test %d\n", + torrc_path, i + 1, n); + } else { + tor_snprintf(file_contents, sizeof(file_contents), "Test %d\n", n); + } + + if (i > 1) { + char file_path[PATH_MAX+1]; + tor_snprintf(file_path, sizeof(file_path), "%s%d", torrc_path, i); + tt_int_op(write_str_to_file(file_path, file_contents, 0), OP_EQ, 0); + } + } + + config_line_t *result = NULL; + int include_used; + tt_int_op(config_get_lines_include(file_contents, &result, 0, &include_used), + OP_EQ, 0); + tt_ptr_op(result, OP_NE, NULL); + tt_int_op(include_used, OP_EQ, 1); + + int len = 0; + config_line_t *next; + for (next = result; next != NULL; next = next->next) { + char expected[10]; + tor_snprintf(expected, sizeof(expected), "%d", len + 1); + tt_str_op(next->key, OP_EQ, "Test"); + tt_str_op(next->value, OP_EQ, expected); + len++; + } + tt_int_op(len, OP_EQ, limit); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_folder_order(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_folder_order")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrcd[PATH_MAX+1]; + tor_snprintf(torrcd, sizeof(torrcd), "%s"PATH_SEPARATOR"%s", dir, "torrc.d"); + +#ifdef _WIN32 + tt_int_op(mkdir(torrcd), OP_EQ, 0); +#else + tt_int_op(mkdir(torrcd, 0700), OP_EQ, 0); +#endif + + // test that files in subfolders are ignored + char path[PATH_MAX+1]; + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, + "subfolder"); + +#ifdef _WIN32 + tt_int_op(mkdir(path), OP_EQ, 0); +#else + tt_int_op(mkdir(path, 0700), OP_EQ, 0); +#endif + + char path2[PATH_MAX+1]; + tor_snprintf(path2, sizeof(path2), "%s"PATH_SEPARATOR"%s", path, + "01_ignore"); + tt_int_op(write_str_to_file(path2, "ShouldNotSee 1\n", 0), OP_EQ, 0); + + // test that files starting with . are ignored + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, ".dot"); + tt_int_op(write_str_to_file(path, "ShouldNotSee 2\n", 0), OP_EQ, 0); + + // test file order + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, "01_1st"); + tt_int_op(write_str_to_file(path, "Test 1\n", 0), OP_EQ, 0); + + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, "02_2nd"); + tt_int_op(write_str_to_file(path, "Test 2\n", 0), OP_EQ, 0); + + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, "aa_3rd"); + tt_int_op(write_str_to_file(path, "Test 3\n", 0), OP_EQ, 0); + + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", torrcd, "ab_4th"); + tt_int_op(write_str_to_file(path, "Test 4\n", 0), OP_EQ, 0); + + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), + "%%include %s\n", + torrcd); + + config_line_t *result = NULL; + int include_used; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0,&include_used), + OP_EQ, 0); + tt_ptr_op(result, OP_NE, NULL); + tt_int_op(include_used, OP_EQ, 1); + + int len = 0; + config_line_t *next; + for (next = result; next != NULL; next = next->next) { + char expected[10]; + tor_snprintf(expected, sizeof(expected), "%d", len + 1); + tt_str_op(next->key, OP_EQ, "Test"); + tt_str_op(next->value, OP_EQ, expected); + len++; + } + tt_int_op(len, OP_EQ, 4); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_path_syntax(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_path_syntax")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrc_contents[1000]; + tor_snprintf(torrc_contents, sizeof(torrc_contents), + "%%include \"%s\"\n" + "%%include %s"PATH_SEPARATOR"\n" + "%%include \"%s"PATH_SEPARATOR"\"\n", + dir, dir, dir); + + config_line_t *result = NULL; + int include_used; + tt_int_op(config_get_lines_include(torrc_contents, &result, 0,&include_used), + OP_EQ, 0); + tt_ptr_op(result, OP_EQ, NULL); + tt_int_op(include_used, OP_EQ, 1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_not_processed(void *data) +{ + (void)data; + + char torrc_contents[1000] = "%include does_not_exist\n"; + config_line_t *result = NULL; + tt_int_op(config_get_lines(torrc_contents, &result, 0),OP_EQ, 0); + tt_ptr_op(result, OP_NE, NULL); + + int len = 0; + config_line_t *next; + for (next = result; next != NULL; next = next->next) { + tt_str_op(next->key, OP_EQ, "%include"); + tt_str_op(next->value, OP_EQ, "does_not_exist"); + len++; + } + tt_int_op(len, OP_EQ, 1); + + done: + config_free_lines(result); +} + +static void +test_config_include_has_include(void *data) +{ + (void)data; + + char *dir = tor_strdup(get_fname("test_include_has_include")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char torrc_contents[1000] = "Test 1\n"; + config_line_t *result = NULL; + int include_used; + + tt_int_op(config_get_lines_include(torrc_contents, &result, 0,&include_used), + OP_EQ, 0); + tt_int_op(include_used, OP_EQ, 0); + config_free_lines(result); + + tor_snprintf(torrc_contents, sizeof(torrc_contents), "%%include %s\n", dir); + tt_int_op(config_get_lines_include(torrc_contents, &result, 0,&include_used), + OP_EQ, 0); + tt_int_op(include_used, OP_EQ, 1); + + done: + config_free_lines(result); + tor_free(dir); +} + +static void +test_config_include_flag_both_without(void *data) +{ + (void)data; + + char *errmsg = NULL; + char conf_empty[1000]; + tor_snprintf(conf_empty, sizeof(conf_empty), + "DataDirectory %s\n", + get_fname(NULL)); + // test with defaults-torrc and torrc without include + int ret = options_init_from_string(conf_empty, conf_empty, CMD_RUN_UNITTESTS, + NULL, &errmsg); + tt_int_op(ret, OP_EQ, 0); + + const or_options_t *options = get_options(); + tt_int_op(options->IncludeUsed, OP_EQ, 0); + + done: + tor_free(errmsg); +} + +static void +test_config_include_flag_torrc_only(void *data) +{ + (void)data; + + char *errmsg = NULL; + char *dir = tor_strdup(get_fname("test_include_flag_torrc_only")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char path[PATH_MAX+1]; + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", dir, "dummy"); + tt_int_op(write_str_to_file(path, "\n", 0), OP_EQ, 0); + + char conf_empty[1000]; + tor_snprintf(conf_empty, sizeof(conf_empty), + "DataDirectory %s\n", + get_fname(NULL)); + char conf_include[1000]; + tor_snprintf(conf_include, sizeof(conf_include), "%%include %s", path); + + // test with defaults-torrc without include and torrc with include + int ret = options_init_from_string(conf_empty, conf_include, + CMD_RUN_UNITTESTS, NULL, &errmsg); + tt_int_op(ret, OP_EQ, 0); + + const or_options_t *options = get_options(); + tt_int_op(options->IncludeUsed, OP_EQ, 1); + + done: + tor_free(errmsg); + tor_free(dir); +} + +static void +test_config_include_flag_defaults_only(void *data) +{ + (void)data; + + char *errmsg = NULL; + char *dir = tor_strdup(get_fname("test_include_flag_defaults_only")); + tt_ptr_op(dir, OP_NE, NULL); + +#ifdef _WIN32 + tt_int_op(mkdir(dir), OP_EQ, 0); +#else + tt_int_op(mkdir(dir, 0700), OP_EQ, 0); +#endif + + char path[PATH_MAX+1]; + tor_snprintf(path, sizeof(path), "%s"PATH_SEPARATOR"%s", dir, "dummy"); + tt_int_op(write_str_to_file(path, "\n", 0), OP_EQ, 0); + + char conf_empty[1000]; + tor_snprintf(conf_empty, sizeof(conf_empty), + "DataDirectory %s\n", + get_fname(NULL)); + char conf_include[1000]; + tor_snprintf(conf_include, sizeof(conf_include), "%%include %s", path); + + // test with defaults-torrc with include and torrc without include + int ret = options_init_from_string(conf_include, conf_empty, + CMD_RUN_UNITTESTS, NULL, &errmsg); + tt_int_op(ret, OP_EQ, 0); + + const or_options_t *options = get_options(); + tt_int_op(options->IncludeUsed, OP_EQ, 0); + + done: + tor_free(errmsg); + tor_free(dir); +} + #define CONFIG_TEST(name, flags) \ { #name, test_config_ ## name, flags, NULL, NULL } @@ -4951,11 +5368,23 @@ struct testcase_t config_tests[] = { CONFIG_TEST(fix_my_family, 0), CONFIG_TEST(directory_fetch, 0), CONFIG_TEST(port_cfg_line_extract_addrport, 0), - CONFIG_TEST(parse_port_config__listenaddress, 0), CONFIG_TEST(parse_port_config__ports__no_ports_given, 0), CONFIG_TEST(parse_port_config__ports__server_options, 0), CONFIG_TEST(parse_port_config__ports__ports_given, 0), CONFIG_TEST(parse_log_severity, 0), + CONFIG_TEST(include_limit, 0), + CONFIG_TEST(include_does_not_exist, 0), + CONFIG_TEST(include_error_in_included_file, 0), + CONFIG_TEST(include_empty_file_folder, 0), + CONFIG_TEST(include_recursion_before_after, 0), + CONFIG_TEST(include_recursion_after_only, 0), + CONFIG_TEST(include_folder_order, 0), + CONFIG_TEST(include_path_syntax, 0), + CONFIG_TEST(include_not_processed, 0), + CONFIG_TEST(include_has_include, 0), + CONFIG_TEST(include_flag_both_without, TT_FORK), + CONFIG_TEST(include_flag_torrc_only, TT_FORK), + CONFIG_TEST(include_flag_defaults_only, TT_FORK), END_OF_TESTCASES }; diff --git a/src/test/test_consdiff.c b/src/test/test_consdiff.c index 2f826b5ef7..23948d6860 100644 --- a/src/test/test_consdiff.c +++ b/src/test/test_consdiff.c @@ -709,6 +709,16 @@ test_consdiff_apply_ed_diff(void *arg) smartlist_clear(diff); + /* $ for a non-delete command. */ + smartlist_add_linecpy(diff, area, "1,$c"); + mock_clean_saved_logs(); + cons2 = apply_ed_diff(cons1, diff, 0); + tt_ptr_op(NULL, OP_EQ, cons2); + expect_single_log_msg_containing("it wanted to use $ with a command " + "other than delete"); + + smartlist_clear(diff); + /* Script is not in reverse order. */ smartlist_add_linecpy(diff, area, "1d"); smartlist_add_linecpy(diff, area, "3d"); @@ -907,7 +917,7 @@ test_consdiff_gen_diff(void *arg) ); tt_int_op(0, OP_EQ, - consensus_compute_digest(cons1_str, &digests1)); + consensus_compute_digest_as_signed(cons1_str, &digests1)); tt_int_op(0, OP_EQ, consensus_compute_digest(cons2_str, &digests2)); @@ -926,23 +936,29 @@ test_consdiff_gen_diff(void *arg) "directory-signature foo bar\nbar\n" ); tt_int_op(0, OP_EQ, - consensus_compute_digest(cons1_str, &digests1)); + consensus_compute_digest_as_signed(cons1_str, &digests1)); smartlist_clear(cons1); consensus_split_lines(cons1, cons1_str, area); diff = consdiff_gen_diff(cons1, cons2, &digests1, &digests2, area); tt_ptr_op(NULL, OP_NE, diff); - tt_int_op(7, OP_EQ, smartlist_len(diff)); + tt_int_op(11, OP_EQ, smartlist_len(diff)); tt_assert(line_str_eq(smartlist_get(diff, 0), "network-status-diff-version 1")); tt_assert(line_str_eq(smartlist_get(diff, 1), "hash " - "06646D6CF563A41869D3B02E73254372AE3140046C5E7D83C9F71E54976AF9B4 " + "95D70F5A3CC65F920AA8B44C4563D7781A082674329661884E19E94B79D539C2 " "7AFECEFA4599BA33D603653E3D2368F648DF4AC4723929B0F7CF39281596B0C1")); - tt_assert(line_str_eq(smartlist_get(diff, 2), "3,4d")); - tt_assert(line_str_eq(smartlist_get(diff, 3), "1a")); - tt_assert(line_str_eq(smartlist_get(diff, 4), + tt_assert(line_str_eq(smartlist_get(diff, 2), "6,$d")); + tt_assert(line_str_eq(smartlist_get(diff, 3), "3,4c")); + tt_assert(line_str_eq(smartlist_get(diff, 4), "bar")); + tt_assert(line_str_eq(smartlist_get(diff, 5), + "directory-signature foo bar")); + tt_assert(line_str_eq(smartlist_get(diff, 6), + ".")); + tt_assert(line_str_eq(smartlist_get(diff, 7), "1a")); + tt_assert(line_str_eq(smartlist_get(diff, 8), "r name aaaaaaaaaaaaaaaaa etc")); - tt_assert(line_str_eq(smartlist_get(diff, 5), "foo")); - tt_assert(line_str_eq(smartlist_get(diff, 6), ".")); + tt_assert(line_str_eq(smartlist_get(diff, 9), "foo")); + tt_assert(line_str_eq(smartlist_get(diff, 10), ".")); /* TODO: small real use-cases, i.e. consensuses. */ diff --git a/src/test/test_consdiffmgr.c b/src/test/test_consdiffmgr.c index 31ce6ce901..746d17a038 100644 --- a/src/test/test_consdiffmgr.c +++ b/src/test/test_consdiffmgr.c @@ -10,6 +10,7 @@ #include "consdiffmgr.h" #include "cpuworker.h" #include "networkstatus.h" +#include "routerparse.h" #include "workqueue.h" #include "test.h" @@ -27,7 +28,7 @@ consdiffmgr_test_setup(const struct testcase_t *arg) get_options_mutable()->DataDirectory = ddir_fname; // now owns the pointer. check_private_dir(ddir_fname, CPD_CREATE, NULL); - consdiff_cfg_t consdiff_cfg = { 7200, 300 }; + consdiff_cfg_t consdiff_cfg = { 300 }; consdiffmgr_configure(&consdiff_cfg); return (void *)1; // must return something non-null. } @@ -66,6 +67,7 @@ fake_ns_body_new(consensus_flavor_t flav, time_t valid_after) format_iso_time(valid_after_string, valid_after); char *random_stuff = crypto_random_hostname(3, 25, "junk ", ""); + char *random_stuff2 = crypto_random_hostname(3, 10, "", ""); char *consensus; tor_asprintf(&consensus, @@ -74,11 +76,15 @@ fake_ns_body_new(consensus_flavor_t flav, time_t valid_after) "valid-after %s\n" "r name ccccccccccccccccc etc\nsample\n" "r name eeeeeeeeeeeeeeeee etc\nbar\n" - "%s\n", + "%s\n" + "directory-signature hello-there\n" + "directory-signature %s\n", flavor_string, valid_after_string, - random_stuff); + random_stuff, + random_stuff2); tor_free(random_stuff); + tor_free(random_stuff2); return consensus; } @@ -139,7 +145,10 @@ lookup_diff_from(consensus_cache_entry_t **out, const char *str1) { uint8_t digest[DIGEST256_LEN]; - crypto_digest256((char*)digest, str1, strlen(str1), DIGEST_SHA3_256); + if (router_get_networkstatus_v3_sha3_as_signed(digest, str1)<0) { + TT_FAIL(("Unable to compute sha3-as-signed")); + return CONSDIFF_NOT_FOUND; + } return consdiffmgr_find_diff_from(out, flav, DIGEST_SHA3_256, digest, sizeof(digest), NO_METHOD); @@ -152,8 +161,9 @@ lookup_apply_and_verify_diff(consensus_flavor_t flav, { consensus_cache_entry_t *ent = NULL; consdiff_status_t status = lookup_diff_from(&ent, flav, str1); - if (ent == NULL || status != CONSDIFF_AVAILABLE) + if (ent == NULL || status != CONSDIFF_AVAILABLE) { return -1; + } consensus_cache_entry_incref(ent); size_t size; @@ -299,7 +309,7 @@ test_consdiffmgr_add(void *arg) ns_tmp->valid_after = 86400 * 100; /* A few months into 1970 */ r = consdiffmgr_add_consensus(dummy, ns_tmp); tt_int_op(r, OP_EQ, -1); - expect_single_log_msg_containing("it's too old."); + expect_log_msg_containing("it's too old."); /* Try looking up a consensuses. */ ent = cdm_cache_lookup_consensus(FLAV_NS, now-60); @@ -352,8 +362,7 @@ test_consdiffmgr_make_diffs(void *arg) ns = fake_ns_new(FLAV_MICRODESC, now-3600); md_ns_body = fake_ns_body_new(FLAV_MICRODESC, now-3600); r = consdiffmgr_add_consensus(md_ns_body, ns); - crypto_digest256((char*)md_ns_sha3, md_ns_body, strlen(md_ns_body), - DIGEST_SHA3_256); + router_get_networkstatus_v3_sha3_as_signed(md_ns_sha3, md_ns_body); networkstatus_vote_free(ns); tt_int_op(r, OP_EQ, 0); @@ -419,7 +428,6 @@ test_consdiffmgr_diff_rules(void *arg) #define N 6 char *md_body[N], *ns_body[N]; networkstatus_t *md_ns[N], *ns_ns[N]; - uint8_t md_ns_sha3[N][DIGEST256_LEN], ns_ns_sha3[N][DIGEST256_LEN]; int i; MOCK(cpuworker_queue_work, mock_cpuworker_queue_work); @@ -432,10 +440,6 @@ test_consdiffmgr_diff_rules(void *arg) ns_body[i] = fake_ns_body_new(FLAV_NS, when); md_ns[i] = fake_ns_new(FLAV_MICRODESC, when); ns_ns[i] = fake_ns_new(FLAV_NS, when); - crypto_digest256((char *)md_ns_sha3[i], md_body[i], strlen(md_body[i]), - DIGEST_SHA3_256); - crypto_digest256((char *)ns_ns_sha3[i], ns_body[i], strlen(ns_body[i]), - DIGEST_SHA3_256); } /* For the MD consensuses: add 4 of them, and make sure that @@ -715,7 +719,6 @@ test_consdiffmgr_cleanup_old_diffs(void *arg) #define N 4 char *md_body[N]; networkstatus_t *md_ns[N]; - uint8_t md_ns_sha3[N][DIGEST256_LEN]; int i; consensus_cache_entry_t *hold_ent = NULL, *ent; @@ -730,8 +733,6 @@ test_consdiffmgr_cleanup_old_diffs(void *arg) time_t when = start + i * 15; md_body[i] = fake_ns_body_new(FLAV_MICRODESC, when); md_ns[i] = fake_ns_new(FLAV_MICRODESC, when); - crypto_digest256((char *)md_ns_sha3[i], md_body[i], strlen(md_body[i]), - DIGEST_SHA3_256); } /* add the first 3. */ @@ -758,9 +759,11 @@ test_consdiffmgr_cleanup_old_diffs(void *arg) consensus_cache_entry_incref(hold_ent); // incref, so it is preserved. /* Now add an even-more-recent consensus; this should make all previous - * diffs deletable */ + * diffs deletable, and make delete */ tt_int_op(0, OP_EQ, consdiffmgr_add_consensus(md_body[3], md_ns[3])); - tt_int_op(2 * n_diff_compression_methods(), OP_EQ, consdiffmgr_cleanup()); + tt_int_op(2 * n_diff_compression_methods() + + (n_consensus_compression_methods() - 1) , OP_EQ, + consdiffmgr_cleanup()); tt_int_op(CONSDIFF_NOT_FOUND, OP_EQ, lookup_diff_from(&ent, FLAV_MICRODESC, md_body[0])); diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 7794bd7d65..75fe6249ad 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -12,6 +12,7 @@ #include "or.h" #include "config.h" #include "connection.h" +#include "consdiffmgr.h" #include "directory.h" #include "test.h" #include "compress.h" @@ -63,6 +64,7 @@ new_dir_conn(void) { dir_connection_t *conn = dir_connection_new(AF_INET); tor_addr_from_ipv4h(&conn->base_.addr, 0x7f000001); + TO_CONN(conn)->address = tor_strdup("127.0.0.1"); return conn; } @@ -465,6 +467,8 @@ init_mock_options(void) mock_options = tor_malloc(sizeof(or_options_t)); memset(mock_options, 0, sizeof(or_options_t)); mock_options->TestingTorNetwork = 1; + mock_options->DataDirectory = tor_strdup(get_fname_rnd("datadir_tmp")); + check_private_dir(mock_options->DataDirectory, CPD_CREATE, NULL); } static const or_options_t * @@ -501,14 +505,6 @@ test_dir_handle_get_micro_d(void *data) /* SETUP */ init_mock_options(); - const char *fn = get_fname("dir_handle_datadir_test1"); - mock_options->DataDirectory = tor_strdup(fn); - -#ifdef _WIN32 - tt_int_op(0, OP_EQ, mkdir(mock_options->DataDirectory)); -#else - tt_int_op(0, OP_EQ, mkdir(mock_options->DataDirectory, 0700)); -#endif /* Add microdesc to cache */ crypto_digest256(digest, microdesc, strlen(microdesc), DIGEST_SHA256); @@ -568,14 +564,6 @@ test_dir_handle_get_micro_d_server_busy(void *data) /* SETUP */ init_mock_options(); - const char *fn = get_fname("dir_handle_datadir_test2"); - mock_options->DataDirectory = tor_strdup(fn); - -#ifdef _WIN32 - tt_int_op(0, OP_EQ, mkdir(mock_options->DataDirectory)); -#else - tt_int_op(0, OP_EQ, mkdir(mock_options->DataDirectory, 0700)); -#endif /* Add microdesc to cache */ crypto_digest256(digest, microdesc, strlen(microdesc), DIGEST_SHA256); @@ -1621,8 +1609,13 @@ test_dir_handle_get_status_vote_current_consensus_ns_not_enough_sigs(void* d) /* init mock */ mock_ns_val = tor_malloc_zero(sizeof(networkstatus_t)); mock_ns_val->flavor = FLAV_NS; + mock_ns_val->type = NS_TYPE_CONSENSUS; mock_ns_val->voters = smartlist_new(); - mock_ns_val->valid_until = time(NULL); + mock_ns_val->valid_after = time(NULL) - 1800; + mock_ns_val->valid_until = time(NULL) - 60; + + #define NETWORK_STATUS "some network status string" + consdiffmgr_add_consensus(NETWORK_STATUS, mock_ns_val); /* init mock */ init_mock_options(); @@ -1710,10 +1703,17 @@ test_dir_handle_get_status_vote_current_consensus_too_old(void *data) (void)data; mock_ns_val = tor_malloc_zero(sizeof(networkstatus_t)); + mock_ns_val->type = NS_TYPE_CONSENSUS; mock_ns_val->flavor = FLAV_MICRODESC; - mock_ns_val->valid_until = time(NULL) - (60 * 60 * 24) - 1; + mock_ns_val->valid_after = time(NULL) - (24 * 60 * 60 + 1800); + mock_ns_val->fresh_until = time(NULL) - (24 * 60 * 60 + 900); + mock_ns_val->valid_until = time(NULL) - (24 * 60 * 60 + 20); + + #define NETWORK_STATUS "some network status string" + consdiffmgr_add_consensus(NETWORK_STATUS, mock_ns_val); init_mock_options(); + MOCK(get_options, mock_get_options); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); MOCK(networkstatus_get_latest_consensus_by_flavor, mock_ns_get_by_flavor); @@ -1734,6 +1734,17 @@ test_dir_handle_get_status_vote_current_consensus_too_old(void *data) tor_free(header); teardown_capture_of_logs(); + tor_free(mock_ns_val); + + mock_ns_val = tor_malloc_zero(sizeof(networkstatus_t)); + mock_ns_val->type = NS_TYPE_CONSENSUS; + mock_ns_val->flavor = FLAV_NS; + mock_ns_val->valid_after = time(NULL) - (24 * 60 * 60 + 1800); + mock_ns_val->fresh_until = time(NULL) - (24 * 60 * 60 + 900); + mock_ns_val->valid_until = time(NULL) - (24 * 60 * 60 + 20); + + #define NETWORK_STATUS "some network status string" + consdiffmgr_add_consensus(NETWORK_STATUS, mock_ns_val); setup_capture_of_logs(LOG_WARN); @@ -1772,12 +1783,26 @@ static void status_vote_current_consensus_ns_test(char **header, char **body, size_t *body_len) { - common_digests_t digests; dir_connection_t *conn = NULL; #define NETWORK_STATUS "some network status string" +#if 0 + common_digests_t digests; + uint8_t sha3[DIGEST256_LEN]; + memset(&digests, 0x60, sizeof(digests)); + memset(sha3, 0x06, sizeof(sha3)); dirserv_set_cached_consensus_networkstatus(NETWORK_STATUS, "ns", &digests, + sha3, time(NULL)); +#endif + networkstatus_t *ns = tor_malloc_zero(sizeof(networkstatus_t)); + ns->type = NS_TYPE_CONSENSUS; + ns->flavor = FLAV_NS; + ns->valid_after = time(NULL) - 1800; + ns->fresh_until = time(NULL) - 900; + ns->valid_until = time(NULL) - 60; + consdiffmgr_add_consensus(NETWORK_STATUS, ns); + networkstatus_vote_free(ns); MOCK(connection_write_to_buf_impl_, connection_write_to_buf_mock); @@ -1790,7 +1815,6 @@ status_vote_current_consensus_ns_test(char **header, char **body, tt_str_op("ab", OP_EQ, geoip_get_country_name(1)); conn = new_dir_conn(); - TO_CONN(conn)->address = tor_strdup("127.0.0.1"); tt_int_op(0, OP_EQ, directory_handle_command_get(conn, GET("/tor/status-vote/current/consensus-ns"), NULL, 0)); @@ -2530,13 +2554,14 @@ test_dir_handle_get_parse_accept_encoding(void *arg) encodings = parse_accept_encoding_header("gzip"); tt_uint_op(B_NONE|B_GZIP, OP_EQ, encodings); - encodings = parse_accept_encoding_header("x-zstd, deflate, x-lzma"); + encodings = parse_accept_encoding_header("x-zstd, deflate, x-tor-lzma"); tt_uint_op(B_NONE|B_ZLIB|B_ZSTD|B_LZMA, OP_EQ, encodings); - encodings = parse_accept_encoding_header("x-zstd, deflate, x-lzma, gzip"); + encodings = parse_accept_encoding_header( + "x-zstd, deflate, x-tor-lzma, gzip"); tt_uint_op(B_NONE|B_ZLIB|B_ZSTD|B_LZMA|B_GZIP, OP_EQ, encodings); - encodings = parse_accept_encoding_header("x-zstd,deflate,x-lzma,gzip"); + encodings = parse_accept_encoding_header("x-zstd,deflate,x-tor-lzma,gzip"); tt_uint_op(B_NONE|B_ZLIB|B_ZSTD|B_LZMA|B_GZIP, OP_EQ, encodings); done: @@ -2587,11 +2612,11 @@ struct testcase_t dir_handle_get_tests[] = { DIR_HANDLE_CMD(status_vote_current_authority, 0), DIR_HANDLE_CMD(status_vote_next_authority_not_found, 0), DIR_HANDLE_CMD(status_vote_next_authority, 0), - DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_enough_sigs, 0), - DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_found, 0), - DIR_HANDLE_CMD(status_vote_current_consensus_too_old, 0), - DIR_HANDLE_CMD(status_vote_current_consensus_ns_busy, 0), - DIR_HANDLE_CMD(status_vote_current_consensus_ns, 0), + DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_enough_sigs, TT_FORK), + DIR_HANDLE_CMD(status_vote_current_consensus_ns_not_found, TT_FORK), + DIR_HANDLE_CMD(status_vote_current_consensus_too_old, TT_FORK), + DIR_HANDLE_CMD(status_vote_current_consensus_ns_busy, TT_FORK), + DIR_HANDLE_CMD(status_vote_current_consensus_ns, TT_FORK), DIR_HANDLE_CMD(status_vote_current_d_not_found, 0), DIR_HANDLE_CMD(status_vote_next_d_not_found, 0), DIR_HANDLE_CMD(status_vote_d, 0), diff --git a/src/test/test_hs.c b/src/test/test_hs.c index c3457c43da..b4817a21ea 100644 --- a/src/test/test_hs.c +++ b/src/test/test_hs.c @@ -210,9 +210,30 @@ test_hs_desc_event(void *arg) tt_str_op(received_msg,OP_EQ, expected_msg); tor_free(received_msg); - /* test valid content. */ + /* test no HSDir fingerprint type */ + rend_query.auth_type = REND_NO_AUTH; + control_event_hs_descriptor_failed(&rend_query.base_, NULL, + "QUERY_NO_HSDIR"); + expected_msg = "650 HS_DESC FAILED "STR_HS_ADDR" NO_AUTH " \ + "UNKNOWN REASON=QUERY_NO_HSDIR\r\n"; + tt_assert(received_msg); + tt_str_op(received_msg,OP_EQ, expected_msg); + tor_free(received_msg); + + /* Test invalid content with no HSDir fingerprint. */ char *exp_msg; control_event_hs_descriptor_content(rend_query.onion_address, + STR_HS_CONTENT_DESC_ID, NULL, NULL); + tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " "\ + STR_HS_CONTENT_DESC_ID " UNKNOWN" \ + "\r\n\r\n.\r\n650 OK\r\n"); + tt_assert(received_msg); + tt_str_op(received_msg, OP_EQ, exp_msg); + tor_free(received_msg); + tor_free(exp_msg); + + /* test valid content. */ + control_event_hs_descriptor_content(rend_query.onion_address, STR_HS_CONTENT_DESC_ID, HSDIR_EXIST_ID, hs_desc_content); tor_asprintf(&exp_msg, "650+HS_DESC_CONTENT " STR_HS_ADDR " "\ diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c index bc4bfabde9..40f50b322a 100644 --- a/src/test/test_hs_cache.c +++ b/src/test/test_hs_cache.c @@ -15,96 +15,10 @@ #include "directory.h" #include "connection.h" +#include "hs_test_helpers.h" #include "test_helpers.h" #include "test.h" -/* Build an intro point using a blinded key and an address. */ -static hs_desc_intro_point_t * -helper_build_intro_point(const ed25519_keypair_t *blinded_kp, - const char *addr) -{ - int ret; - ed25519_keypair_t auth_kp; - hs_desc_intro_point_t *intro_point = NULL; - hs_desc_intro_point_t *ip = tor_malloc_zero(sizeof(*ip)); - ip->link_specifiers = smartlist_new(); - - { - hs_desc_link_specifier_t *ls = tor_malloc_zero(sizeof(*ls)); - ls->u.ap.port = 9001; - int family = tor_addr_parse(&ls->u.ap.addr, addr); - switch (family) { - case AF_INET: - ls->type = LS_IPV4; - break; - case AF_INET6: - ls->type = LS_IPV6; - break; - default: - /* Stop the test, not suppose to have an error. */ - tt_int_op(family, OP_EQ, AF_INET); - } - smartlist_add(ip->link_specifiers, ls); - } - - ret = ed25519_keypair_generate(&auth_kp, 0); - tt_int_op(ret, ==, 0); - ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY, - &auth_kp.pubkey, time(NULL), - HS_DESC_CERT_LIFETIME, - CERT_FLAG_INCLUDE_SIGNING_KEY); - tt_assert(ip->auth_key_cert); - - ret = curve25519_keypair_generate(&ip->enc_key.curve25519, 0); - tt_int_op(ret, ==, 0); - ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; - intro_point = ip; - done: - return intro_point; -} - -/* Return a valid hs_descriptor_t object. */ -static hs_descriptor_t * -helper_build_hs_desc(uint64_t revision_counter, uint32_t lifetime, - ed25519_public_key_t *signing_pubkey) -{ - int ret; - ed25519_keypair_t blinded_kp; - hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); - - desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; - - /* Copy only the public key into the descriptor. */ - memcpy(&desc->plaintext_data.signing_pubkey, signing_pubkey, - sizeof(ed25519_public_key_t)); - - ret = ed25519_keypair_generate(&blinded_kp, 0); - tt_int_op(ret, ==, 0); - /* Copy only the public key into the descriptor. */ - memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey, - sizeof(ed25519_public_key_t)); - - desc->plaintext_data.signing_key_cert = - tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, signing_pubkey, - time(NULL), 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); - tt_assert(desc->plaintext_data.signing_key_cert); - desc->plaintext_data.revision_counter = revision_counter; - desc->plaintext_data.lifetime_sec = lifetime; - - /* Setup encrypted data section. */ - desc->encrypted_data.create2_ntor = 1; - desc->encrypted_data.intro_auth_types = smartlist_new(); - smartlist_add(desc->encrypted_data.intro_auth_types, tor_strdup("ed25519")); - desc->encrypted_data.intro_points = smartlist_new(); - /* Add an intro point. */ - smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&blinded_kp, "1.2.3.4")); - - descp = desc; - done: - return descp; -} - /* Static variable used to encoded the HSDir query. */ static char query_b64[256]; @@ -141,7 +55,7 @@ test_directory(void *arg) /* Generate a valid descriptor with normal values. */ ret = ed25519_keypair_generate(&signing_kp1, 0); tt_int_op(ret, ==, 0); - desc1 = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp1.pubkey); + desc1 = hs_helper_build_hs_desc_with_ip(&signing_kp1); tt_assert(desc1); ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str); tt_int_op(ret, OP_EQ, 0); @@ -175,8 +89,10 @@ test_directory(void *arg) ret = ed25519_keypair_generate(&signing_kp_zero, 0); tt_int_op(ret, ==, 0); hs_descriptor_t *desc_zero_lifetime; - desc_zero_lifetime = helper_build_hs_desc(1, 0, &signing_kp_zero.pubkey); + desc_zero_lifetime = hs_helper_build_hs_desc_with_ip(&signing_kp_zero); tt_assert(desc_zero_lifetime); + desc_zero_lifetime->plaintext_data.revision_counter = 1; + desc_zero_lifetime->plaintext_data.lifetime_sec = 0; char *desc_zero_lifetime_str; ret = hs_desc_encode_descriptor(desc_zero_lifetime, &signing_kp_zero, &desc_zero_lifetime_str); @@ -262,7 +178,7 @@ test_clean_as_dir(void *arg) /* Generate a valid descriptor with values. */ ret = ed25519_keypair_generate(&signing_kp1, 0); tt_int_op(ret, ==, 0); - desc1 = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp1.pubkey); + desc1 = hs_helper_build_hs_desc_with_ip(&signing_kp1); tt_assert(desc1); ret = hs_desc_encode_descriptor(desc1, &signing_kp1, &desc1_str); tt_int_op(ret, OP_EQ, 0); @@ -375,7 +291,7 @@ test_upload_and_download_hs_desc(void *arg) ed25519_keypair_t signing_kp; retval = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(retval, ==, 0); - published_desc = helper_build_hs_desc(42, 3 * 60 * 60, &signing_kp.pubkey); + published_desc = hs_helper_build_hs_desc_with_ip(&signing_kp); tt_assert(published_desc); retval = hs_desc_encode_descriptor(published_desc, &signing_kp, &published_desc_str); @@ -438,8 +354,7 @@ test_hsdir_revision_counter_check(void *arg) { retval = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(retval, ==, 0); - published_desc = helper_build_hs_desc(1312, 3 * 60 * 60, - &signing_kp.pubkey); + published_desc = hs_helper_build_hs_desc_with_ip(&signing_kp); tt_assert(published_desc); retval = hs_desc_encode_descriptor(published_desc, &signing_kp, &published_desc_str); @@ -470,7 +385,7 @@ test_hsdir_revision_counter_check(void *arg) tt_assert(received_desc); /* Check that the revision counter is correct */ - tt_u64_op(received_desc->plaintext_data.revision_counter, ==, 1312); + tt_u64_op(received_desc->plaintext_data.revision_counter, ==, 42); hs_descriptor_free(received_desc); received_desc = NULL; diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index a1a1f14fb8..b1abe381d4 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -15,227 +15,10 @@ #include "test.h" #include "torcert.h" +#include "hs_test_helpers.h" #include "test_helpers.h" #include "log_test_helpers.h" -static hs_desc_intro_point_t * -helper_build_intro_point(const ed25519_keypair_t *blinded_kp, time_t now, - const char *addr, int legacy) -{ - int ret; - ed25519_keypair_t auth_kp; - hs_desc_intro_point_t *intro_point = NULL; - hs_desc_intro_point_t *ip = tor_malloc_zero(sizeof(*ip)); - ip->link_specifiers = smartlist_new(); - - { - hs_desc_link_specifier_t *ls = tor_malloc_zero(sizeof(*ls)); - if (legacy) { - ls->type = LS_LEGACY_ID; - memcpy(ls->u.legacy_id, "0299F268FCA9D55CD157976D39AE92B4B455B3A8", - DIGEST_LEN); - } else { - ls->u.ap.port = 9001; - int family = tor_addr_parse(&ls->u.ap.addr, addr); - switch (family) { - case AF_INET: - ls->type = LS_IPV4; - break; - case AF_INET6: - ls->type = LS_IPV6; - break; - default: - /* Stop the test, not suppose to have an error. */ - tt_int_op(family, OP_EQ, AF_INET); - } - } - smartlist_add(ip->link_specifiers, ls); - } - - ret = ed25519_keypair_generate(&auth_kp, 0); - tt_int_op(ret, ==, 0); - ip->auth_key_cert = tor_cert_create(blinded_kp, CERT_TYPE_AUTH_HS_IP_KEY, - &auth_kp.pubkey, now, - HS_DESC_CERT_LIFETIME, - CERT_FLAG_INCLUDE_SIGNING_KEY); - tt_assert(ip->auth_key_cert); - - if (legacy) { - ip->enc_key.legacy = crypto_pk_new(); - ip->enc_key_type = HS_DESC_KEY_TYPE_LEGACY; - tt_assert(ip->enc_key.legacy); - ret = crypto_pk_generate_key(ip->enc_key.legacy); - tt_int_op(ret, ==, 0); - } else { - ret = curve25519_keypair_generate(&ip->enc_key.curve25519, 0); - tt_int_op(ret, ==, 0); - ip->enc_key_type = HS_DESC_KEY_TYPE_CURVE25519; - } - - intro_point = ip; - done: - return intro_point; -} - -/* Return a valid hs_descriptor_t object. If no_ip is set, no introduction - * points are added. */ -static hs_descriptor_t * -helper_build_hs_desc(unsigned int no_ip, ed25519_public_key_t *signing_pubkey) -{ - int ret; - time_t now = time(NULL); - ed25519_keypair_t blinded_kp; - hs_descriptor_t *descp = NULL, *desc = tor_malloc_zero(sizeof(*desc)); - - desc->plaintext_data.version = HS_DESC_SUPPORTED_FORMAT_VERSION_MAX; - - /* Copy only the public key into the descriptor. */ - memcpy(&desc->plaintext_data.signing_pubkey, signing_pubkey, - sizeof(ed25519_public_key_t)); - - ret = ed25519_keypair_generate(&blinded_kp, 0); - tt_int_op(ret, ==, 0); - /* Copy only the public key into the descriptor. */ - memcpy(&desc->plaintext_data.blinded_pubkey, &blinded_kp.pubkey, - sizeof(ed25519_public_key_t)); - - desc->plaintext_data.signing_key_cert = - tor_cert_create(&blinded_kp, CERT_TYPE_SIGNING_HS_DESC, signing_pubkey, - now, 3600, CERT_FLAG_INCLUDE_SIGNING_KEY); - tt_assert(desc->plaintext_data.signing_key_cert); - desc->plaintext_data.revision_counter = 42; - desc->plaintext_data.lifetime_sec = 3 * 60 * 60; - - /* Setup encrypted data section. */ - desc->encrypted_data.create2_ntor = 1; - desc->encrypted_data.intro_auth_types = smartlist_new(); - desc->encrypted_data.single_onion_service = 1; - smartlist_add(desc->encrypted_data.intro_auth_types, tor_strdup("ed25519")); - desc->encrypted_data.intro_points = smartlist_new(); - if (!no_ip) { - /* Add four intro points. */ - smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&blinded_kp, now, "1.2.3.4", 0)); - smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&blinded_kp, now, "[2600::1]", 0)); - smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&blinded_kp, now, "3.2.1.4", 1)); - smartlist_add(desc->encrypted_data.intro_points, - helper_build_intro_point(&blinded_kp, now, "", 1)); - } - - descp = desc; - done: - return descp; -} - -static void -helper_compare_hs_desc(const hs_descriptor_t *desc1, - const hs_descriptor_t *desc2) -{ - char *addr1 = NULL, *addr2 = NULL; - /* Plaintext data section. */ - tt_int_op(desc1->plaintext_data.version, OP_EQ, - desc2->plaintext_data.version); - tt_uint_op(desc1->plaintext_data.lifetime_sec, OP_EQ, - desc2->plaintext_data.lifetime_sec); - tt_assert(tor_cert_eq(desc1->plaintext_data.signing_key_cert, - desc2->plaintext_data.signing_key_cert)); - tt_mem_op(desc1->plaintext_data.signing_pubkey.pubkey, OP_EQ, - desc2->plaintext_data.signing_pubkey.pubkey, - ED25519_PUBKEY_LEN); - tt_mem_op(desc1->plaintext_data.blinded_pubkey.pubkey, OP_EQ, - desc2->plaintext_data.blinded_pubkey.pubkey, - ED25519_PUBKEY_LEN); - tt_u64_op(desc1->plaintext_data.revision_counter, ==, - desc2->plaintext_data.revision_counter); - - /* NOTE: We can't compare the encrypted blob because when encoding the - * descriptor, the object is immutable thus we don't update it with the - * encrypted blob. As contrast to the decoding process where we populate a - * descriptor object. */ - - /* Encrypted data section. */ - tt_uint_op(desc1->encrypted_data.create2_ntor, ==, - desc2->encrypted_data.create2_ntor); - - /* Authentication type. */ - tt_int_op(!!desc1->encrypted_data.intro_auth_types, ==, - !!desc2->encrypted_data.intro_auth_types); - if (desc1->encrypted_data.intro_auth_types && - desc2->encrypted_data.intro_auth_types) { - tt_int_op(smartlist_len(desc1->encrypted_data.intro_auth_types), ==, - smartlist_len(desc2->encrypted_data.intro_auth_types)); - for (int i = 0; - i < smartlist_len(desc1->encrypted_data.intro_auth_types); - i++) { - tt_str_op(smartlist_get(desc1->encrypted_data.intro_auth_types, i),OP_EQ, - smartlist_get(desc2->encrypted_data.intro_auth_types, i)); - } - } - - /* Introduction points. */ - { - tt_assert(desc1->encrypted_data.intro_points); - tt_assert(desc2->encrypted_data.intro_points); - tt_int_op(smartlist_len(desc1->encrypted_data.intro_points), ==, - smartlist_len(desc2->encrypted_data.intro_points)); - for (int i=0; i < smartlist_len(desc1->encrypted_data.intro_points); i++) { - hs_desc_intro_point_t *ip1 = smartlist_get(desc1->encrypted_data - .intro_points, i), - *ip2 = smartlist_get(desc2->encrypted_data - .intro_points, i); - tt_assert(tor_cert_eq(ip1->auth_key_cert, ip2->auth_key_cert)); - tt_int_op(ip1->enc_key_type, OP_EQ, ip2->enc_key_type); - tt_assert(ip1->enc_key_type == HS_DESC_KEY_TYPE_LEGACY || - ip1->enc_key_type == HS_DESC_KEY_TYPE_CURVE25519); - switch (ip1->enc_key_type) { - case HS_DESC_KEY_TYPE_LEGACY: - tt_int_op(crypto_pk_cmp_keys(ip1->enc_key.legacy, ip2->enc_key.legacy), - OP_EQ, 0); - break; - case HS_DESC_KEY_TYPE_CURVE25519: - tt_mem_op(ip1->enc_key.curve25519.pubkey.public_key, OP_EQ, - ip2->enc_key.curve25519.pubkey.public_key, - CURVE25519_PUBKEY_LEN); - break; - } - - tt_int_op(smartlist_len(ip1->link_specifiers), ==, - smartlist_len(ip2->link_specifiers)); - for (int j = 0; j < smartlist_len(ip1->link_specifiers); j++) { - hs_desc_link_specifier_t *ls1 = smartlist_get(ip1->link_specifiers, j), - *ls2 = smartlist_get(ip2->link_specifiers, j); - tt_int_op(ls1->type, ==, ls2->type); - switch (ls1->type) { - case LS_IPV4: - case LS_IPV6: - { - addr1 = tor_addr_to_str_dup(&ls1->u.ap.addr); - addr2 = tor_addr_to_str_dup(&ls2->u.ap.addr); - tt_str_op(addr1, OP_EQ, addr2); - tor_free(addr1); - tor_free(addr2); - tt_int_op(ls1->u.ap.port, ==, ls2->u.ap.port); - } - break; - case LS_LEGACY_ID: - tt_mem_op(ls1->u.legacy_id, OP_EQ, ls2->u.legacy_id, - sizeof(ls1->u.legacy_id)); - break; - default: - /* Unknown type, caught it and print its value. */ - tt_int_op(ls1->type, OP_EQ, -1); - } - } - } - } - - done: - tor_free(addr1); - tor_free(addr2); -} - /* Test certificate encoding put in a descriptor. */ static void test_cert_encoding(void *arg) @@ -494,7 +277,7 @@ test_encode_descriptor(void *arg) ret = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(ret, ==, 0); - desc = helper_build_hs_desc(0, &signing_kp.pubkey); + desc = hs_helper_build_hs_desc_with_ip(&signing_kp); ret = hs_desc_encode_descriptor(desc, &signing_kp, &encoded); tt_int_op(ret, ==, 0); tt_assert(encoded); @@ -518,7 +301,7 @@ test_decode_descriptor(void *arg) ret = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(ret, ==, 0); - desc = helper_build_hs_desc(0, &signing_kp.pubkey); + desc = hs_helper_build_hs_desc_with_ip(&signing_kp); /* Give some bad stuff to the decoding function. */ ret = hs_desc_decode_descriptor("hladfjlkjadf", NULL, &decoded); @@ -532,14 +315,14 @@ test_decode_descriptor(void *arg) tt_int_op(ret, ==, 0); tt_assert(decoded); - helper_compare_hs_desc(desc, decoded); + hs_helper_desc_equal(desc, decoded); /* Decode a descriptor with _no_ introduction points. */ { ed25519_keypair_t signing_kp_no_ip; ret = ed25519_keypair_generate(&signing_kp_no_ip, 0); tt_int_op(ret, ==, 0); - desc_no_ip = helper_build_hs_desc(1, &signing_kp_no_ip.pubkey); + desc_no_ip = hs_helper_build_hs_desc_no_ip(&signing_kp_no_ip); tt_assert(desc_no_ip); tor_free(encoded); ret = hs_desc_encode_descriptor(desc_no_ip, &signing_kp_no_ip, &encoded); @@ -603,7 +386,7 @@ test_encrypted_data_len(void *arg) } static void -test_decode_intro_point(void *arg) +test_decode_invalid_intro_point(void *arg) { int ret; char *encoded_ip = NULL; @@ -614,9 +397,6 @@ test_decode_intro_point(void *arg) (void) arg; - /* The following certificate expires in 2036. After that, one of the test - * will fail because of the expiry time. */ - /* Seperate pieces of a valid encoded introduction point. */ const char *intro_point = "introduction-point AQIUMDI5OUYyNjhGQ0E5RDU1Q0QxNTc="; @@ -629,60 +409,13 @@ test_decode_intro_point(void *arg) "-----END ED25519 CERT-----"; const char *enc_key = "enc-key ntor bpZKLsuhxP6woDQ3yVyjm5gUKSk7RjfAijT2qrzbQk0="; - const char *enc_key_legacy = - "enc-key legacy\n" - "-----BEGIN RSA PUBLIC KEY-----\n" - "MIGJAoGBAO4bATcW8kW4h6RQQAKEgg+aXCpF4JwbcO6vGZtzXTDB+HdPVQzwqkbh\n" - "XzFM6VGArhYw4m31wcP1Z7IwULir7UMnAFd7Zi62aYfU6l+Y1yAoZ1wzu1XBaAMK\n" - "ejpwQinW9nzJn7c2f69fVke3pkhxpNdUZ+vplSA/l9iY+y+v+415AgMBAAE=\n" - "-----END RSA PUBLIC KEY-----"; const char *enc_key_cert = - "enc-key-certification\n" + "enc-key-cert\n" "-----BEGIN ED25519 CERT-----\n" "AQsACOhZAUpNvCZ1aJaaR49lS6MCdsVkhVGVrRqoj0Y2T4SzroAtAQAgBABFOcGg\n" "lbTt1DF5nKTE/gU3Fr8ZtlCIOhu1A+F5LM7fqCUupfesg0KTHwyIZOYQbJuM5/he\n" "/jDNyLy9woPJdjkxywaY2RPUxGjLYtMQV0E8PUxWyICV+7y52fTCYaKpYQw=\n" "-----END ED25519 CERT-----"; - const char *enc_key_cert_legacy = - "enc-key-certification\n" - "-----BEGIN CROSSCERT-----\n" - "Sk28JnVolppHj2VLowJ2xWSFUZWtGqiPRjZPhLOugC0ACOhZgFPA5egeRDUXMM1U\n" - "Fn3c7Je0gJS6mVma5FzwlgwggeriF13UZcaT71vEAN/ZJXbxOfQVGMZ0rXuFpjUq\n" - "C8CvqmZIwEUaPE1nDFtmnTcucvNS1YQl9nsjH3ejbxc+4yqps/cXh46FmXsm5yz7\n" - "NZjBM9U1fbJhlNtOvrkf70K8bLk6\n" - "-----END CROSSCERT-----"; - - (void) enc_key_legacy; - (void) enc_key_cert_legacy; - - /* Start by testing the "decode all intro points" function. */ - { - char *line; - ret = ed25519_keypair_generate(&signing_kp, 0); - tt_int_op(ret, ==, 0); - desc = helper_build_hs_desc(0, &signing_kp.pubkey); - tt_assert(desc); - /* Only try to decode an incomplete introduction point section. */ - tor_asprintf(&line, "\n%s", intro_point); - ret = decode_intro_points(desc, &desc->encrypted_data, line); - tor_free(line); - tt_int_op(ret, ==, -1); - - /* Decode one complete intro point. */ - smartlist_t *lines = smartlist_new(); - smartlist_add(lines, (char *) intro_point); - smartlist_add(lines, (char *) auth_key); - smartlist_add(lines, (char *) enc_key); - smartlist_add(lines, (char *) enc_key_cert); - encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); - tt_assert(encoded_ip); - tor_asprintf(&line, "\n%s", encoded_ip); - tor_free(encoded_ip); - ret = decode_intro_points(desc, &desc->encrypted_data, line); - tor_free(line); - smartlist_free(lines); - tt_int_op(ret, ==, 0); - } /* Try to decode a junk string. */ { @@ -690,7 +423,7 @@ test_decode_intro_point(void *arg) desc = NULL; ret = ed25519_keypair_generate(&signing_kp, 0); tt_int_op(ret, ==, 0); - desc = helper_build_hs_desc(0, &signing_kp.pubkey); + desc = hs_helper_build_hs_desc_with_ip(&signing_kp); const char *junk = "this is not a descriptor"; ip = decode_introduction_point(desc, junk); tt_assert(!ip); @@ -796,7 +529,7 @@ test_decode_intro_point(void *arg) /* Invalid enc-key invalid legacy. */ { smartlist_t *lines = smartlist_new(); - const char *bad_line = "enc-key legacy blah==="; + const char *bad_line = "legacy-key blah==="; /* Build intro point text. */ smartlist_add(lines, (char *) intro_point); smartlist_add(lines, (char *) auth_key); @@ -810,22 +543,6 @@ test_decode_intro_point(void *arg) smartlist_free(lines); } - /* Valid object. */ - { - smartlist_t *lines = smartlist_new(); - /* Build intro point text. */ - smartlist_add(lines, (char *) intro_point); - smartlist_add(lines, (char *) auth_key); - smartlist_add(lines, (char *) enc_key); - smartlist_add(lines, (char *) enc_key_cert); - encoded_ip = smartlist_join_strings(lines, "\n", 0, &len_out); - tt_assert(encoded_ip); - ip = decode_introduction_point(desc, encoded_ip); - tt_assert(ip); - tor_free(encoded_ip); - smartlist_free(lines); - } - done: hs_descriptor_free(desc); desc_intro_point_free(ip); @@ -1117,7 +834,7 @@ struct testcase_t hs_descriptor[] = { NULL, NULL }, { "encrypted_data_len", test_encrypted_data_len, TT_FORK, NULL, NULL }, - { "decode_intro_point", test_decode_intro_point, TT_FORK, + { "decode_invalid_intro_point", test_decode_invalid_intro_point, TT_FORK, NULL, NULL }, { "decode_plaintext", test_decode_plaintext, TT_FORK, NULL, NULL }, diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index ef5cb46567..c6197875b5 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -503,6 +503,24 @@ helper_establish_intro_v2(or_circuit_t *intro_circ) return key1; } +/* Helper function: test circuitmap free_all function outside of + * test_intro_point_registration to prevent Coverity from seeing a + * double free if the assertion hypothetically fails. + */ +static void +test_circuitmap_free_all(void) +{ + hs_circuitmap_ht *the_hs_circuitmap = NULL; + + the_hs_circuitmap = get_hs_circuitmap(); + tt_assert(the_hs_circuitmap); + hs_circuitmap_free_all(); + the_hs_circuitmap = get_hs_circuitmap(); + tt_assert(!the_hs_circuitmap); + done: + ; +} + /** Successfuly register a v2 intro point and a v3 intro point. Ensure that HS * circuitmap is maintained properly. */ static void @@ -583,14 +601,7 @@ test_intro_point_registration(void *arg) circuit_free(TO_CIRCUIT(intro_circ)); circuit_free(TO_CIRCUIT(legacy_intro_circ)); trn_cell_establish_intro_free(establish_intro_cell); - - { /* Test circuitmap free_all function. */ - the_hs_circuitmap = get_hs_circuitmap(); - tt_assert(the_hs_circuitmap); - hs_circuitmap_free_all(); - the_hs_circuitmap = get_hs_circuitmap(); - tt_assert(!the_hs_circuitmap); - } + test_circuitmap_free_all(); UNMOCK(hs_intro_send_intro_established_cell); } diff --git a/src/test/test_options.c b/src/test/test_options.c index 1ba6a05e4a..ad735b72a6 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -105,11 +105,71 @@ clear_log_messages(void) "EDE6D711294FADF8E7951F4DE6CA56B58 194.109.206.212:80 7EA6 EAD6 FD83" \ " 083C 538F 4403 8BBF A077 587D D755\n" +static int +test_options_checklog(const char *configuration, int expect_log_severity, + const char *expect_log) +{ + int found = 0, ret = -1; + char *actual_log = NULL; + + if (messages) { + SMARTLIST_FOREACH_BEGIN(messages, logmsg_t *, m) { + if (m->severity == expect_log_severity && + strstr(m->msg, expect_log)) { + found = 1; + break; + } + } SMARTLIST_FOREACH_END(m); + } + if (!found) { + actual_log = dump_logs(); + TT_DIE(("Expected log message [%s] %s from <%s>, but got <%s>.", + log_level_to_string(expect_log_severity), expect_log, + configuration, actual_log)); + } + ret = 0; + + done: + tor_free(actual_log); + return ret; +} + +static int +test_options_checkmsgs(const char *configuration, + const char *expect_errmsg, + int expect_log_severity, + const char *expect_log, + char *msg) +{ + if (expect_errmsg && !msg) { + TT_DIE(("Expected error message <%s> from <%s>, but got none.", + expect_errmsg, configuration)); + } else if (expect_errmsg && !strstr(msg, expect_errmsg)) { + TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.", + expect_errmsg, configuration, msg)); + } else if (!expect_errmsg && msg) { + TT_DIE(("Expected no error message from <%s> but got <%s>.", + configuration, msg)); + } + if (expect_log) { + return test_options_checklog(configuration, expect_log_severity, + expect_log); + } + return 0; + + done: + return -1; +} + +/* Which phases of config parsing/validation to check for messages/logs */ +enum { PH_GETLINES, PH_ASSIGN, PH_VALIDATE }; + static void test_options_validate_impl(const char *configuration, const char *expect_errmsg, int expect_log_severity, - const char *expect_log) + const char *expect_log, + int phase) { or_options_t *opt=NULL; or_options_t *dflt; @@ -120,43 +180,34 @@ test_options_validate_impl(const char *configuration, setup_options(opt, dflt); r = config_get_lines(configuration, &cl, 1); - tt_int_op(r, OP_EQ, 0); + if (phase == PH_GETLINES) { + if (test_options_checkmsgs(configuration, expect_errmsg, + expect_log_severity, + expect_log, msg)) + goto done; + } + if (r) + goto done; r = config_assign(&options_format, opt, cl, 0, &msg); - tt_int_op(r, OP_EQ, 0); - - r = options_validate(NULL, opt, dflt, 0, &msg); - if (expect_errmsg && !msg) { - TT_DIE(("Expected error message <%s> from <%s>, but got none.", - expect_errmsg, configuration)); - } else if (expect_errmsg && !strstr(msg, expect_errmsg)) { - TT_DIE(("Expected error message <%s> from <%s>, but got <%s>.", - expect_errmsg, configuration, msg)); - } else if (!expect_errmsg && msg) { - TT_DIE(("Expected no error message from <%s> but got <%s>.", - configuration, msg)); + if (phase == PH_ASSIGN) { + if (test_options_checkmsgs(configuration, expect_errmsg, + expect_log_severity, + expect_log, msg)) + goto done; } tt_int_op((r == 0), OP_EQ, (msg == NULL)); + if (r) + goto done; - if (expect_log) { - int found = 0; - if (messages) { - SMARTLIST_FOREACH_BEGIN(messages, logmsg_t *, m) { - if (m->severity == expect_log_severity && - strstr(m->msg, expect_log)) { - found = 1; - break; - } - } SMARTLIST_FOREACH_END(m); - } - if (!found) { - tor_free(msg); - msg = dump_logs(); - TT_DIE(("Expected log message [%s] %s from <%s>, but got <%s>.", - log_level_to_string(expect_log_severity), expect_log, - configuration, msg)); - } + r = options_validate(NULL, opt, dflt, 0, &msg); + if (phase == PH_VALIDATE) { + if (test_options_checkmsgs(configuration, expect_errmsg, + expect_log_severity, + expect_log, msg)) + goto done; } + tt_int_op((r == 0), OP_EQ, (msg == NULL)); done: escaped(NULL); @@ -168,14 +219,14 @@ test_options_validate_impl(const char *configuration, clear_log_messages(); } -#define WANT_ERR(config, msg) \ - test_options_validate_impl((config), (msg), 0, NULL) -#define WANT_LOG(config, severity, msg) \ - test_options_validate_impl((config), NULL, (severity), (msg)) -#define WANT_ERR_LOG(config, msg, severity, logmsg) \ - test_options_validate_impl((config), (msg), (severity), (logmsg)) -#define OK(config) \ - test_options_validate_impl((config), NULL, 0, NULL) +#define WANT_ERR(config, msg, ph) \ + test_options_validate_impl((config), (msg), 0, NULL, (ph)) +#define WANT_LOG(config, severity, msg, ph) \ + test_options_validate_impl((config), NULL, (severity), (msg), (ph)) +#define WANT_ERR_LOG(config, msg, severity, logmsg, ph) \ + test_options_validate_impl((config), (msg), (severity), (logmsg), (ph)) +#define OK(config, ph) \ + test_options_validate_impl((config), NULL, 0, NULL, (ph)) static void test_options_validate(void *arg) @@ -184,21 +235,39 @@ test_options_validate(void *arg) setup_log_callback(); sandbox_disable_getaddrinfo_cache(); - WANT_ERR("ExtORPort 500000", "Invalid ExtORPort"); + WANT_ERR("ExtORPort 500000", "Invalid ExtORPort", PH_VALIDATE); WANT_ERR_LOG("ServerTransportOptions trebuchet", "ServerTransportOptions did not parse", - LOG_WARN, "Too few arguments"); - OK("ServerTransportOptions trebuchet sling=snappy"); - OK("ServerTransportOptions trebuchet sling="); + LOG_WARN, "Too few arguments", PH_VALIDATE); + OK("ServerTransportOptions trebuchet sling=snappy", PH_VALIDATE); + OK("ServerTransportOptions trebuchet sling=", PH_VALIDATE); WANT_ERR_LOG("ServerTransportOptions trebuchet slingsnappy", "ServerTransportOptions did not parse", - LOG_WARN, "\"slingsnappy\" is not a k=v"); + LOG_WARN, "\"slingsnappy\" is not a k=v", PH_VALIDATE); WANT_ERR("DirPort 8080\nDirCache 0", - "DirPort configured but DirCache disabled."); + "DirPort configured but DirCache disabled.", PH_VALIDATE); WANT_ERR("BridgeRelay 1\nDirCache 0", - "We're a bridge but DirCache is disabled."); + "We're a bridge but DirCache is disabled.", PH_VALIDATE); + + WANT_ERR_LOG("HeartbeatPeriod 21 snarks", + "Interval 'HeartbeatPeriod 21 snarks' is malformed or" + " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.", + PH_ASSIGN); + WANT_ERR_LOG("LogTimeGranularity 21 snarks", + "Msec interval 'LogTimeGranularity 21 snarks' is malformed or" + " out of bounds.", LOG_WARN, "Unknown unit 'snarks'.", + PH_ASSIGN); + OK("HeartbeatPeriod 1 hour", PH_VALIDATE); + OK("LogTimeGranularity 100 milliseconds", PH_VALIDATE); + + WANT_LOG("ControlSocket \"string with trailing garbage\" bogus", LOG_WARN, + "Error while parsing configuration: " + "Excess data after quoted string", PH_GETLINES); + WANT_LOG("ControlSocket \"bogus escape \\@\"", LOG_WARN, + "Error while parsing configuration: " + "Invalid escape sequence in quoted string", PH_GETLINES); close_temp_logs(); clear_log_messages(); @@ -354,6 +423,12 @@ get_options_test_data(const char *conf) result->opt = options_new(); result->old_opt = options_new(); result->def_opt = options_new(); + + // XXX: Really, all of these options should be set to defaults + // with options_init(), but about a dozen tests break when I do that. + // Being kinda lame and just fixing the immedate breakage for now.. + result->opt->ConnectionPadding = -1; // default must be "auto" + rv = config_get_lines(conf, &cl, 1); tt_assert(rv == 0); rv = config_assign(&options_format, result->opt, cl, 0, &msg); @@ -402,7 +477,7 @@ test_options_validate__uname_for_server(void *ignored) (void)ignored; char *msg; options_test_data_t *tdata = get_options_test_data( - "ORListenAddress 127.0.0.1:5555"); + "ORPort 127.0.0.1:5555"); setup_capture_of_logs(LOG_WARN); MOCK(get_uname, fixed_get_uname); @@ -536,7 +611,7 @@ test_options_validate__contactinfo(void *ignored) int ret; char *msg; options_test_data_t *tdata = get_options_test_data( - "ORListenAddress 127.0.0.1:5555\nORPort 955"); + "ORPort 127.0.0.1:5555"); setup_capture_of_logs(LOG_DEBUG); tdata->opt->ContactInfo = NULL; @@ -549,7 +624,7 @@ test_options_validate__contactinfo(void *ignored) tor_free(msg); free_options_test_data(tdata); - tdata = get_options_test_data("ORListenAddress 127.0.0.1:5555\nORPort 955\n" + tdata = get_options_test_data("ORPort 127.0.0.1:5555\n" "ContactInfo hella@example.org"); mock_clean_saved_logs(); ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); @@ -957,8 +1032,7 @@ test_options_validate__relay_with_hidden_services(void *ignored) char *msg; setup_capture_of_logs(LOG_DEBUG); options_test_data_t *tdata = get_options_test_data( - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "HiddenServiceDir " "/Library/Tor/var/lib/tor/hidden_service/\n" "HiddenServicePort 80 127.0.0.1:8080\n" @@ -1028,7 +1102,7 @@ test_options_validate__transproxy(void *ignored) #else tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_PF_DIVERT); tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without " - "any valid TransPort or TransListenAddress."); + "any valid TransPort."); #endif tor_free(msg); @@ -1043,7 +1117,7 @@ test_options_validate__transproxy(void *ignored) #else tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_TPROXY); tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid " - "TransPort or TransListenAddress."); + "TransPort."); #endif tor_free(msg); @@ -1059,7 +1133,7 @@ test_options_validate__transproxy(void *ignored) #else tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_IPFW); tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid " - "TransPort or TransListenAddress."); + "TransPort."); #endif tor_free(msg); @@ -1117,8 +1191,7 @@ test_options_validate__transproxy(void *ignored) ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, "TransPort and TransListenAddress are disabled in " - "this build."); + tt_str_op(msg, OP_EQ, "TransPort is disabled in this build."); tor_free(msg); #endif @@ -1313,54 +1386,6 @@ test_options_validate__node_families(void *ignored) } static void -test_options_validate__tlsec(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - setup_capture_of_logs(LOG_DEBUG); - options_test_data_t *tdata = get_options_test_data( - "TLSECGroup ed25519\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - expect_log_msg("Unrecognized TLSECGroup: Falling back to the default.\n"); - tt_assert(!tdata->opt->TLSECGroup); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data("TLSECGroup P224\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - expect_no_log_msg( - "Unrecognized TLSECGroup: Falling back to the default.\n"); - tt_assert(tdata->opt->TLSECGroup); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data("TLSECGroup P256\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - expect_no_log_msg( - "Unrecognized TLSECGroup: Falling back to the default.\n"); - tt_assert(tdata->opt->TLSECGroup); - tor_free(msg); - - done: - teardown_capture_of_logs(); - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__token_bucket(void *ignored) { (void)ignored; @@ -1742,8 +1767,7 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ReachableAddresses *:82\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "MaxClientCircuitsPending 1\n" "ConnLimit 1\n" "SchedulerHighWaterMark__ 42\n" @@ -1756,8 +1780,7 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ReachableORAddresses *:82\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "MaxClientCircuitsPending 1\n" "ConnLimit 1\n" "SchedulerHighWaterMark__ 42\n" @@ -1770,8 +1793,7 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ReachableDirAddresses *:82\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "MaxClientCircuitsPending 1\n" "ConnLimit 1\n" "SchedulerHighWaterMark__ 42\n" @@ -1784,8 +1806,7 @@ test_options_validate__reachable_addresses(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data("ClientUseIPv4 0\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "MaxClientCircuitsPending 1\n" "ConnLimit 1\n" "SchedulerHighWaterMark__ 42\n" @@ -1885,8 +1906,7 @@ test_options_validate__use_bridges(void *ignored) options_test_data_t *tdata = get_options_test_data( "UseBridges 1\n" "ClientUseIPv4 1\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "MaxClientCircuitsPending 1\n" "ConnLimit 1\n" "SchedulerHighWaterMark__ 42\n" @@ -2008,56 +2028,6 @@ test_options_validate__entry_nodes(void *ignored) } static void -test_options_validate__invalid_nodes(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - options_test_data_t *tdata = get_options_test_data( - "AllowInvalidNodes something_stupid\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_str_op(msg, OP_EQ, - "Unrecognized value 'something_stupid' in AllowInvalidNodes"); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data("AllowInvalidNodes entry, middle, exit\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_int_op(tdata->opt->AllowInvalid_, OP_EQ, ALLOW_INVALID_ENTRY | - ALLOW_INVALID_EXIT | ALLOW_INVALID_MIDDLE); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data("AllowInvalidNodes introduction, rendezvous\n" - "MaxClientCircuitsPending 1\n" - "ConnLimit 1\n" - "SchedulerHighWaterMark__ 42\n" - "SchedulerLowWaterMark__ 10\n"); - - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, -1); - tt_int_op(tdata->opt->AllowInvalid_, OP_EQ, ALLOW_INVALID_INTRODUCTION | - ALLOW_INVALID_RENDEZVOUS); - tor_free(msg); - - done: - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__safe_logging(void *ignored) { (void)ignored; @@ -2327,30 +2297,6 @@ test_options_validate__hidserv(void *ignored) } static void -test_options_validate__predicted_ports(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - setup_capture_of_logs(LOG_WARN); - - options_test_data_t *tdata = get_options_test_data( - "PredictedPortsRelevanceTime 100000000\n" - TEST_OPTIONS_DEFAULT_VALUES); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_log_msg("PredictedPortsRelevanceTime is too " - "large; clipping to 3600s.\n"); - tt_int_op(tdata->opt->PredictedPortsRelevanceTime, OP_EQ, 3600); - - done: - teardown_capture_of_logs(); - policies_free_all(); - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__path_bias(void *ignored) { (void)ignored; @@ -2496,8 +2442,7 @@ test_options_validate__bandwidth(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 1\n" ); ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); @@ -2508,8 +2453,7 @@ test_options_validate__bandwidth(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "MaxAdvertisedBandwidth 30000\n" ); @@ -2521,8 +2465,7 @@ test_options_validate__bandwidth(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "RelayBandwidthRate 1\n" "MaxAdvertisedBandwidth 38400\n" @@ -2535,8 +2478,7 @@ test_options_validate__bandwidth(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "BandwidthBurst 76800\n" "RelayBandwidthRate 76800\n" @@ -2974,8 +2916,7 @@ test_options_validate__accounting(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data( TEST_OPTIONS_DEFAULT_VALUES - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76800\n" "BandwidthBurst 76800\n" "MaxAdvertisedBandwidth 38400\n" @@ -3609,8 +3550,7 @@ test_options_validate__families(void *ignored) tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES "MyFamily home\n" "BridgeRelay 1\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 51300\n" "BandwidthBurst 51300\n" "MaxAdvertisedBandwidth 25700\n" @@ -3839,8 +3779,7 @@ test_options_validate__transport(void *ignored) free_options_test_data(tdata); tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES "ServerTransportPlugin foo exec bar\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76900\n" "BandwidthBurst 76900\n" "MaxAdvertisedBandwidth 38500\n" @@ -3882,8 +3821,7 @@ test_options_validate__transport(void *ignored) tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES "ServerTransportListenAddr foo 127.0.0.42:55\n" "ServerTransportPlugin foo exec bar\n" - "ORListenAddress 127.0.0.1:5555\n" - "ORPort 955\n" + "ORPort 127.0.0.1:5555\n" "BandwidthRate 76900\n" "BandwidthBurst 76900\n" "MaxAdvertisedBandwidth 38500\n" @@ -4240,48 +4178,6 @@ test_options_validate__virtual_addr(void *ignored) } static void -test_options_validate__exits(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - options_test_data_t *tdata = NULL; - setup_capture_of_logs(LOG_WARN); - - free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AllowSingleHopExits 1" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_log_msg("You have set AllowSingleHopExits; " - "now your relay will allow others to make one-hop exits. However," - " since by default most clients avoid relays that set this option," - " most clients will ignore you.\n"); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AllowSingleHopExits 1\n" - VALID_DIR_AUTH - ); - mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_no_log_msg("You have set AllowSingleHopExits; " - "now your relay will allow others to make one-hop exits. However," - " since by default most clients avoid relays that set this option," - " most clients will ignore you.\n"); - tor_free(msg); - - done: - policies_free_all(); - teardown_capture_of_logs(); - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__testing_options(void *ignored) { (void)ignored; @@ -4519,7 +4415,6 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(exclude_nodes), LOCAL_VALIDATE_TEST(scheduler), LOCAL_VALIDATE_TEST(node_families), - LOCAL_VALIDATE_TEST(tlsec), LOCAL_VALIDATE_TEST(token_bucket), LOCAL_VALIDATE_TEST(recommended_packages), LOCAL_VALIDATE_TEST(fetch_dir), @@ -4530,12 +4425,10 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(reachable_addresses), LOCAL_VALIDATE_TEST(use_bridges), LOCAL_VALIDATE_TEST(entry_nodes), - LOCAL_VALIDATE_TEST(invalid_nodes), LOCAL_VALIDATE_TEST(safe_logging), LOCAL_VALIDATE_TEST(publish_server_descriptor), LOCAL_VALIDATE_TEST(testing), LOCAL_VALIDATE_TEST(hidserv), - LOCAL_VALIDATE_TEST(predicted_ports), LOCAL_VALIDATE_TEST(path_bias), LOCAL_VALIDATE_TEST(bandwidth), LOCAL_VALIDATE_TEST(circuits), @@ -4553,7 +4446,6 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(constrained_sockets), LOCAL_VALIDATE_TEST(v3_auth), LOCAL_VALIDATE_TEST(virtual_addr), - LOCAL_VALIDATE_TEST(exits), LOCAL_VALIDATE_TEST(testing_options), LOCAL_VALIDATE_TEST(accel), END_OF_TESTCASES /* */ diff --git a/src/test/test_util.c b/src/test/test_util.c index dec1d526c8..a861f15ab1 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -2255,8 +2255,15 @@ test_util_compress_impl(compress_method_t method) tt_assert(!tor_compress(&buf2, &len1, buf1, strlen(buf1)+1, method)); tt_assert(buf2 != NULL); - tt_int_op(len1, OP_LT, strlen(buf1)); - tt_int_op(detect_compression_method(buf2, len1), OP_EQ, method); + if (method == NO_METHOD) { + // The identity transform doesn't actually compress, and it isn't + // detectable as "the identity transform." + tt_int_op(len1, OP_EQ, strlen(buf1)+1); + tt_int_op(detect_compression_method(buf2, len1), OP_EQ, UNKNOWN_METHOD); + } else { + tt_int_op(len1, OP_LT, strlen(buf1)); + tt_int_op(detect_compression_method(buf2, len1), OP_EQ, method); + } tt_assert(!tor_uncompress(&buf3, &len2, buf2, len1, method, 1, LOG_INFO)); tt_assert(buf3 != NULL); @@ -2300,11 +2307,14 @@ test_util_compress_impl(compress_method_t method) tt_assert(fast_memeq(buf1, buf3, len2)); tt_int_op(buf3[len2], OP_EQ, 0); - /* when we demand a complete output, this must fail. */ + /* when we demand a complete output from a real compression method, this + * must fail. */ tor_free(buf3); - tt_assert(tor_uncompress(&buf3, &len2, buf2, len1-16, - method, 1, LOG_INFO)); - tt_assert(buf3 == NULL); + if (method != NO_METHOD) { + tt_assert(tor_uncompress(&buf3, &len2, buf2, len1-16, + method, 1, LOG_INFO)); + tt_assert(buf3 == NULL); + } done: tor_free(buf1); @@ -2337,7 +2347,11 @@ test_util_compress_stream_impl(compress_method_t method, tt_int_op(tor_compress_process(state, &cp1, &len1, &ccp2, &len2, 1), OP_EQ, TOR_COMPRESS_DONE); tt_int_op(0, OP_EQ, len2); - tt_assert(cp1 > cp2); /* Make sure we really added something. */ + if (method == NO_METHOD) { + tt_ptr_op(cp1, OP_EQ, cp2); + } else { + tt_assert(cp1 > cp2); /* Make sure we really added something. */ + } tt_assert(!tor_uncompress(&buf3, &len2, buf1, 1024-len1, method, 1, LOG_WARN)); @@ -5717,6 +5731,85 @@ test_util_htonll(void *arg) ; } +static void +test_util_get_unquoted_path(void *arg) +{ + (void)arg; + + char *r; + + r = get_unquoted_path("\""); // " + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("\"\"\""); // """ + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("\\\""); // \" + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("\\\"\\\""); // \"\" + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("A\\B\\C\""); // A\B\C" + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("\"A\\B\\C"); // "A\B\C + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("\"A\\B\"C\""); // "A\B"C" + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path("A\\B\"C"); // A\B"C + tt_ptr_op(r, OP_EQ, NULL); + tor_free(r); + + r = get_unquoted_path(""); + tt_str_op(r, OP_EQ, ""); + tor_free(r); + + r = get_unquoted_path("\"\""); // "" + tt_str_op(r, OP_EQ, ""); + tor_free(r); + + r = get_unquoted_path("A\\B\\C"); // A\B\C + tt_str_op(r, OP_EQ, "A\\B\\C"); // A\B\C + tor_free(r); + + r = get_unquoted_path("\"A\\B\\C\""); // "A\B\C" + tt_str_op(r, OP_EQ, "A\\B\\C"); // A\B\C + tor_free(r); + + r = get_unquoted_path("\"\\\""); // "\" + tt_str_op(r, OP_EQ, "\\"); // \ /* comment to prevent line continuation */ + tor_free(r); + + r = get_unquoted_path("\"\\\"\""); // "\"" + tt_str_op(r, OP_EQ, "\""); // " + tor_free(r); + + r = get_unquoted_path("\"A\\B\\C\\\"\""); // "A\B\C\"" + tt_str_op(r, OP_EQ, "A\\B\\C\""); // A\B\C" + tor_free(r); + + r = get_unquoted_path("A\\B\\\"C"); // A\B\"C + tt_str_op(r, OP_EQ, "A\\B\"C"); // A\B"C + tor_free(r); + + r = get_unquoted_path("\"A\\B\\\"C\""); // "A\B\"C" + tt_str_op(r, OP_EQ, "A\\B\"C"); // A\B"C + tor_free(r); + + done: + ; +} + #define UTIL_LEGACY(name) \ { #name, test_util_ ## name , 0, NULL, NULL } @@ -5753,8 +5846,9 @@ struct testcase_t util_tests[] = { UTIL_LEGACY(pow2), COMPRESS(zlib, "deflate"), COMPRESS(gzip, "gzip"), - COMPRESS(lzma, "x-lzma"), + COMPRESS(lzma, "x-tor-lzma"), COMPRESS(zstd, "x-zstd"), + COMPRESS(none, "identity"), UTIL_TEST(gzip_compression_bomb, TT_FORK), UTIL_LEGACY(datadir), UTIL_LEGACY(memarea), @@ -5818,6 +5912,7 @@ struct testcase_t util_tests[] = { UTIL_TEST(monotonic_time, 0), UTIL_TEST(monotonic_time_ratchet, TT_FORK), UTIL_TEST(htonll, 0), + UTIL_TEST(get_unquoted_path, 0), END_OF_TESTCASES }; diff --git a/src/test/testing_common.c b/src/test/testing_common.c index d3dc761c77..d7e36edbc0 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -21,6 +21,7 @@ const char tor_git_revision[] = ""; #include "rephist.h" #include "backtrace.h" #include "test.h" +#include "channelpadding.h" #include <stdio.h> #ifdef HAVE_FCNTL_H @@ -304,10 +305,15 @@ main(int c, const char **v) tor_free(errmsg); return 1; } + tor_set_failed_assertion_callback(an_assertion_failed); init_pregenerated_keys(); + channelpadding_new_consensus_params(NULL); + + predicted_ports_init(); + atexit(remove_directory); int have_failed = (tinytest_main(c, v, testgroups) != 0); diff --git a/src/trunnel/channelpadding_negotiation.c b/src/trunnel/channelpadding_negotiation.c new file mode 100644 index 0000000000..172d6f8a03 --- /dev/null +++ b/src/trunnel/channelpadding_negotiation.c @@ -0,0 +1,281 @@ +/* channelpadding_negotiation.c -- generated by Trunnel v1.4.3. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#include <stdlib.h> +#include "trunnel-impl.h" + +#include "channelpadding_negotiation.h" + +#define TRUNNEL_SET_ERROR_CODE(obj) \ + do { \ + (obj)->trunnel_error_code_ = 1; \ + } while (0) + +#if defined(__COVERITY__) || defined(__clang_analyzer__) +/* If we're runnning a static analysis tool, we don't want it to complain + * that some of our remaining-bytes checks are dead-code. */ +int channelpaddingnegotiation_deadcode_dummy__ = 0; +#define OR_DEADCODE_DUMMY || channelpaddingnegotiation_deadcode_dummy__ +#else +#define OR_DEADCODE_DUMMY +#endif + +#define CHECK_REMAINING(nbytes, label) \ + do { \ + if (remaining < (nbytes) OR_DEADCODE_DUMMY) { \ + goto label; \ + } \ + } while (0) + +channelpadding_negotiate_t * +channelpadding_negotiate_new(void) +{ + channelpadding_negotiate_t *val = trunnel_calloc(1, sizeof(channelpadding_negotiate_t)); + if (NULL == val) + return NULL; + val->command = CHANNELPADDING_COMMAND_START; + return val; +} + +/** Release all storage held inside 'obj', but do not free 'obj'. + */ +static void +channelpadding_negotiate_clear(channelpadding_negotiate_t *obj) +{ + (void) obj; +} + +void +channelpadding_negotiate_free(channelpadding_negotiate_t *obj) +{ + if (obj == NULL) + return; + channelpadding_negotiate_clear(obj); + trunnel_memwipe(obj, sizeof(channelpadding_negotiate_t)); + trunnel_free_(obj); +} + +uint8_t +channelpadding_negotiate_get_version(channelpadding_negotiate_t *inp) +{ + return inp->version; +} +int +channelpadding_negotiate_set_version(channelpadding_negotiate_t *inp, uint8_t val) +{ + if (! ((val == 0))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->version = val; + return 0; +} +uint8_t +channelpadding_negotiate_get_command(channelpadding_negotiate_t *inp) +{ + return inp->command; +} +int +channelpadding_negotiate_set_command(channelpadding_negotiate_t *inp, uint8_t val) +{ + if (! ((val == CHANNELPADDING_COMMAND_START || val == CHANNELPADDING_COMMAND_STOP))) { + TRUNNEL_SET_ERROR_CODE(inp); + return -1; + } + inp->command = val; + return 0; +} +uint16_t +channelpadding_negotiate_get_ito_low_ms(channelpadding_negotiate_t *inp) +{ + return inp->ito_low_ms; +} +int +channelpadding_negotiate_set_ito_low_ms(channelpadding_negotiate_t *inp, uint16_t val) +{ + inp->ito_low_ms = val; + return 0; +} +uint16_t +channelpadding_negotiate_get_ito_high_ms(channelpadding_negotiate_t *inp) +{ + return inp->ito_high_ms; +} +int +channelpadding_negotiate_set_ito_high_ms(channelpadding_negotiate_t *inp, uint16_t val) +{ + inp->ito_high_ms = val; + return 0; +} +const char * +channelpadding_negotiate_check(const channelpadding_negotiate_t *obj) +{ + if (obj == NULL) + return "Object was NULL"; + if (obj->trunnel_error_code_) + return "A set function failed on this object"; + if (! (obj->version == 0)) + return "Integer out of bounds"; + if (! (obj->command == CHANNELPADDING_COMMAND_START || obj->command == CHANNELPADDING_COMMAND_STOP)) + return "Integer out of bounds"; + return NULL; +} + +ssize_t +channelpadding_negotiate_encoded_len(const channelpadding_negotiate_t *obj) +{ + ssize_t result = 0; + + if (NULL != channelpadding_negotiate_check(obj)) + return -1; + + + /* Length of u8 version IN [0] */ + result += 1; + + /* Length of u8 command IN [CHANNELPADDING_COMMAND_START, CHANNELPADDING_COMMAND_STOP] */ + result += 1; + + /* Length of u16 ito_low_ms */ + result += 2; + + /* Length of u16 ito_high_ms */ + result += 2; + return result; +} +int +channelpadding_negotiate_clear_errors(channelpadding_negotiate_t *obj) +{ + int r = obj->trunnel_error_code_; + obj->trunnel_error_code_ = 0; + return r; +} +ssize_t +channelpadding_negotiate_encode(uint8_t *output, const size_t avail, const channelpadding_negotiate_t *obj) +{ + ssize_t result = 0; + size_t written = 0; + uint8_t *ptr = output; + const char *msg; +#ifdef TRUNNEL_CHECK_ENCODED_LEN + const ssize_t encoded_len = channelpadding_negotiate_encoded_len(obj); +#endif + + if (NULL != (msg = channelpadding_negotiate_check(obj))) + goto check_failed; + +#ifdef TRUNNEL_CHECK_ENCODED_LEN + trunnel_assert(encoded_len >= 0); +#endif + + /* Encode u8 version IN [0] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->version)); + written += 1; ptr += 1; + + /* Encode u8 command IN [CHANNELPADDING_COMMAND_START, CHANNELPADDING_COMMAND_STOP] */ + trunnel_assert(written <= avail); + if (avail - written < 1) + goto truncated; + trunnel_set_uint8(ptr, (obj->command)); + written += 1; ptr += 1; + + /* Encode u16 ito_low_ms */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->ito_low_ms)); + written += 2; ptr += 2; + + /* Encode u16 ito_high_ms */ + trunnel_assert(written <= avail); + if (avail - written < 2) + goto truncated; + trunnel_set_uint16(ptr, trunnel_htons(obj->ito_high_ms)); + written += 2; ptr += 2; + + + trunnel_assert(ptr == output + written); +#ifdef TRUNNEL_CHECK_ENCODED_LEN + { + trunnel_assert(encoded_len >= 0); + trunnel_assert((size_t)encoded_len == written); + } + +#endif + + return written; + + truncated: + result = -2; + goto fail; + check_failed: + (void)msg; + result = -1; + goto fail; + fail: + trunnel_assert(result < 0); + return result; +} + +/** As channelpadding_negotiate_parse(), but do not allocate the + * output object. + */ +static ssize_t +channelpadding_negotiate_parse_into(channelpadding_negotiate_t *obj, const uint8_t *input, const size_t len_in) +{ + const uint8_t *ptr = input; + size_t remaining = len_in; + ssize_t result = 0; + (void)result; + + /* Parse u8 version IN [0] */ + CHECK_REMAINING(1, truncated); + obj->version = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->version == 0)) + goto fail; + + /* Parse u8 command IN [CHANNELPADDING_COMMAND_START, CHANNELPADDING_COMMAND_STOP] */ + CHECK_REMAINING(1, truncated); + obj->command = (trunnel_get_uint8(ptr)); + remaining -= 1; ptr += 1; + if (! (obj->command == CHANNELPADDING_COMMAND_START || obj->command == CHANNELPADDING_COMMAND_STOP)) + goto fail; + + /* Parse u16 ito_low_ms */ + CHECK_REMAINING(2, truncated); + obj->ito_low_ms = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + + /* Parse u16 ito_high_ms */ + CHECK_REMAINING(2, truncated); + obj->ito_high_ms = trunnel_ntohs(trunnel_get_uint16(ptr)); + remaining -= 2; ptr += 2; + trunnel_assert(ptr + remaining == input + len_in); + return len_in - remaining; + + truncated: + return -2; + fail: + result = -1; + return result; +} + +ssize_t +channelpadding_negotiate_parse(channelpadding_negotiate_t **output, const uint8_t *input, const size_t len_in) +{ + ssize_t result; + *output = channelpadding_negotiate_new(); + if (NULL == *output) + return -1; + result = channelpadding_negotiate_parse_into(*output, input, len_in); + if (result < 0) { + channelpadding_negotiate_free(*output); + *output = NULL; + } + return result; +} diff --git a/src/trunnel/channelpadding_negotiation.h b/src/trunnel/channelpadding_negotiation.h new file mode 100644 index 0000000000..e58bda3be1 --- /dev/null +++ b/src/trunnel/channelpadding_negotiation.h @@ -0,0 +1,98 @@ +/* channelpadding_negotiation.h -- generated by by Trunnel v1.4.3. + * https://gitweb.torproject.org/trunnel.git + * You probably shouldn't edit this file. + */ +#ifndef TRUNNEL_CHANNELPADDING_NEGOTIATION_H +#define TRUNNEL_CHANNELPADDING_NEGOTIATION_H + +#include <stdint.h> +#include "trunnel.h" + +#define CHANNELPADDING_COMMAND_STOP 1 +#define CHANNELPADDING_COMMAND_START 2 +#if !defined(TRUNNEL_OPAQUE) && !defined(TRUNNEL_OPAQUE_CHANNELPADDING_NEGOTIATE) +struct channelpadding_negotiate_st { + uint8_t version; + uint8_t command; + uint16_t ito_low_ms; + uint16_t ito_high_ms; + uint8_t trunnel_error_code_; +}; +#endif +typedef struct channelpadding_negotiate_st channelpadding_negotiate_t; +/** Return a newly allocated channelpadding_negotiate with all + * elements set to zero. + */ +channelpadding_negotiate_t *channelpadding_negotiate_new(void); +/** Release all storage held by the channelpadding_negotiate in + * 'victim'. (Do nothing if 'victim' is NULL.) + */ +void channelpadding_negotiate_free(channelpadding_negotiate_t *victim); +/** Try to parse a channelpadding_negotiate from the buffer in + * 'input', using up to 'len_in' bytes from the input buffer. On + * success, return the number of bytes consumed and set *output to the + * newly allocated channelpadding_negotiate_t. On failure, return -2 + * if the input appears truncated, and -1 if the input is otherwise + * invalid. + */ +ssize_t channelpadding_negotiate_parse(channelpadding_negotiate_t **output, const uint8_t *input, const size_t len_in); +/** Return the number of bytes we expect to need to encode the + * channelpadding_negotiate in 'obj'. On failure, return a negative + * value. Note that this value may be an overestimate, and can even be + * an underestimate for certain unencodeable objects. + */ +ssize_t channelpadding_negotiate_encoded_len(const channelpadding_negotiate_t *obj); +/** Try to encode the channelpadding_negotiate from 'input' into the + * buffer at 'output', using up to 'avail' bytes of the output buffer. + * On success, return the number of bytes used. On failure, return -2 + * if the buffer was not long enough, and -1 if the input was invalid. + */ +ssize_t channelpadding_negotiate_encode(uint8_t *output, size_t avail, const channelpadding_negotiate_t *input); +/** Check whether the internal state of the channelpadding_negotiate + * in 'obj' is consistent. Return NULL if it is, and a short message + * if it is not. + */ +const char *channelpadding_negotiate_check(const channelpadding_negotiate_t *obj); +/** Clear any errors that were set on the object 'obj' by its setter + * functions. Return true iff errors were cleared. + */ +int channelpadding_negotiate_clear_errors(channelpadding_negotiate_t *obj); +/** Return the value of the version field of the + * channelpadding_negotiate_t in 'inp' + */ +uint8_t channelpadding_negotiate_get_version(channelpadding_negotiate_t *inp); +/** Set the value of the version field of the + * channelpadding_negotiate_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int channelpadding_negotiate_set_version(channelpadding_negotiate_t *inp, uint8_t val); +/** Return the value of the command field of the + * channelpadding_negotiate_t in 'inp' + */ +uint8_t channelpadding_negotiate_get_command(channelpadding_negotiate_t *inp); +/** Set the value of the command field of the + * channelpadding_negotiate_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int channelpadding_negotiate_set_command(channelpadding_negotiate_t *inp, uint8_t val); +/** Return the value of the ito_low_ms field of the + * channelpadding_negotiate_t in 'inp' + */ +uint16_t channelpadding_negotiate_get_ito_low_ms(channelpadding_negotiate_t *inp); +/** Set the value of the ito_low_ms field of the + * channelpadding_negotiate_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int channelpadding_negotiate_set_ito_low_ms(channelpadding_negotiate_t *inp, uint16_t val); +/** Return the value of the ito_high_ms field of the + * channelpadding_negotiate_t in 'inp' + */ +uint16_t channelpadding_negotiate_get_ito_high_ms(channelpadding_negotiate_t *inp); +/** Set the value of the ito_high_ms field of the + * channelpadding_negotiate_t in 'inp' to 'val'. Return 0 on success; + * return -1 and set the error code on 'inp' on failure. + */ +int channelpadding_negotiate_set_ito_high_ms(channelpadding_negotiate_t *inp, uint16_t val); + + +#endif diff --git a/src/trunnel/channelpadding_negotiation.trunnel b/src/trunnel/channelpadding_negotiation.trunnel new file mode 100644 index 0000000000..7f2d4795b0 --- /dev/null +++ b/src/trunnel/channelpadding_negotiation.trunnel @@ -0,0 +1,17 @@ +const CHANNELPADDING_COMMAND_STOP = 1; +const CHANNELPADDING_COMMAND_START = 2; + +/* This command tells the relay to alter its min and max netflow + timeout range values, and send padding at that rate (resuming + if stopped). */ +struct channelpadding_negotiate { + u8 version IN [0]; + u8 command IN [CHANNELPADDING_COMMAND_START, CHANNELPADDING_COMMAND_STOP]; + + /* Min must not be lower than the current consensus parameter + nf_ito_low. */ + u16 ito_low_ms; + + /* Max must not be lower than ito_low_ms */ + u16 ito_high_ms; +}; diff --git a/src/trunnel/include.am b/src/trunnel/include.am index 9b26d58615..de6cf4781f 100644 --- a/src/trunnel/include.am +++ b/src/trunnel/include.am @@ -11,7 +11,8 @@ AM_CPPFLAGS += -I$(srcdir)/src/ext/trunnel -I$(srcdir)/src/trunnel TRUNNELINPUTS = \ src/trunnel/ed25519_cert.trunnel \ src/trunnel/link_handshake.trunnel \ - src/trunnel/pwbox.trunnel + src/trunnel/pwbox.trunnel \ + src/trunnel/channelpadding_negotiation.trunnel TRUNNELSOURCES = \ src/ext/trunnel/trunnel.c \ @@ -20,7 +21,8 @@ TRUNNELSOURCES = \ src/trunnel/pwbox.c \ src/trunnel/hs/cell_common.c \ src/trunnel/hs/cell_establish_intro.c \ - src/trunnel/hs/cell_introduce1.c + src/trunnel/hs/cell_introduce1.c \ + src/trunnel/channelpadding_negotiation.c TRUNNELHEADERS = \ src/ext/trunnel/trunnel.h \ @@ -31,7 +33,8 @@ TRUNNELHEADERS = \ src/trunnel/pwbox.h \ src/trunnel/hs/cell_common.h \ src/trunnel/hs/cell_establish_intro.h \ - src/trunnel/hs/cell_introduce1.h + src/trunnel/hs/cell_introduce1.h \ + src/trunnel/channelpadding_negotiation.h src_trunnel_libor_trunnel_a_SOURCES = $(TRUNNELSOURCES) src_trunnel_libor_trunnel_a_CPPFLAGS = -DTRUNNEL_LOCAL_H $(AM_CPPFLAGS) |