summaryrefslogtreecommitdiff
path: root/src/or/dirvote.c
AgeCommit message (Collapse)Author
2017-02-14Prevent int underflow in dirvote.c compare_vote_rs_.Nick Mathewson
This should be "impossible" without making a SHA1 collision, but let's not keep the assumption that SHA1 collisions are super-hard. This prevents another case related to 21278. There should be no behavioral change unless -ftrapv is on.
2016-10-06comment tweak. Fixes 20271. patch from pastly.Nick Mathewson
2016-09-26Merge branch 'protover_v2_squashed'Nick Mathewson
2016-09-26Rename "proto " to "pr " in consensusesNick Mathewson
2016-09-26Rename compute_protover_vote to protover_compute_voteNick Mathewson
2016-09-26Vote on 'proto' lines and include them after 'v' lines.Nick Mathewson
(Despite the increased size of the consensus, this should have approximately zero effect on the compressed consensus size, since the "proto" line should be completely implied by the "v" line.)
2016-09-26Include protocol versions in votes.Nick Mathewson
2016-09-26Implement voting on the protocol-version optionsNick Mathewson
2016-09-26Include protocol version lines in votes.Nick Mathewson
2016-09-26Remove a little duplicated code before it becomes a lotNick Mathewson
2016-08-26prop272: When voting, include no non-Valid relays in consensusNick Mathewson
Implements ticket 20002, and part of proposal 272.
2016-08-19Rename free_voting_schedule to voting_schedule_free. Wrap line. Follow if ↵Nick Mathewson
convention.
2016-08-16Added a voting_schedule_free function to free voting schedules.Daniel Pinto
Existing Uses of the tor_free function on voting schedules were replaced with voting_schedule_free. Fixes #19562.
2016-07-28Fix a huge pile of -Wshadow warnings.Nick Mathewson
These appeared on some of the Jenkins platforms. Apparently some GCCs care when you shadow globals, and some don't.
2016-07-28Fix all -Wshadow warnings on LinuxNick Mathewson
This is a partial fix for 18902.
2016-07-01Keep make check-spaces happyAndrea Shepard
2016-07-01Merge remote-tracking branch 'dgoulet/ticket16943_029_05-squashed'Nick Mathewson
Trivial Conflicts: src/or/or.h src/or/routerparse.c
2016-07-01prop250: Use the new dirvote_get_intermediate_param_value for ↵David Goulet
AuthDirNumSRVAgreements Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01Refactor parameter computation and add a helper functionNick Mathewson
This patch makes us retain the intermediate list of K=V entries for the duration of computing our vote, and lets us use that list with a new function in order to look up parameters before the consensus is published. We can't actually use this function yet because of #19011: our existing code to do this doesn't actually work, and we'll need a new consensus method to start using it. Closes ticket #19012.
2016-07-01prop250: Don't use {0} to init static struct -- causes warning on clang.George Kadianakis
See ticket #19132 for the clang/llvm warning. Since voting_schedule is a global static struct, it will be initialized to zero even without explicitly initializing it with {0}. This is what the C spec says: If an object that has automatic storage duration is not initialized explicitly, its value is indeterminate. If an object that has static storage duration is not initialized explicitly, then: — if it has pointer type, it is initialized to a null pointer; — if it has arithmetic type, it is initialized to (positive or unsigned) zero; — if it is an aggregate, every member is initialized (recursively) according to these rules; — if it is a union, the first named member is initialized (recursively) according to these rules.
2016-07-01prop250: Parse votes and consensusDavid Goulet
One of the last piece that parses the votes and consensus in order to update our state and make decision for the SR values. We need to inform the SR subsystem when we set the current consensus because this can be called when loaded from file or downloaded from other authorities or computed. The voting schedule is used for the SR timings since we are bound to the voting system. Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-07-01prop250: Put commits and SRVs in votes/consensusDavid Goulet
This commit adds the commit(s) line in the vote as well as the SR values. It also has the mechanism to add the majority SRVs in the consensus. Signed-off-by: George Kadianakis <desnacked@riseup.net> Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-06-29fix typoRoger Dingledine
2016-06-20prop250: Add memory and disk state in new filesDavid Goulet
This commit introduces two new files with their header. "shared_random.c" contains basic functions to initialize the state and allow commit decoding for the disk state to be able to parse them from disk. "shared_random_state.c" contains everything that has to do with the state for both our memory and disk. Lots of helper functions as well as a mechanism to query the state in a synchronized way. Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-05-30Replace nearly all XXX0vv comments with smarter onesNick Mathewson
So, back long ago, XXX012 meant, "before Tor 0.1.2 is released, we had better revisit this comment and fix it!" But we have a huge pile of such comments accumulated for a large number of released versions! Not cool. So, here's what I tried to do: * 0.2.9 and 0.2.8 are retained, since those are not yet released. * XXX+ or XXX++ or XXX++++ or whatever means, "This one looks quite important!" * The others, after one-by-one examination, are downgraded to plain old XXX. Which doesn't mean they aren't a problem -- just that they cannot possibly be a release-blocking problem.
2016-05-27Merge remote-tracking branch 'asn/feature19036'Nick Mathewson
2016-05-27Merge remote-tracking branch 'arma/bug18840'Nick Mathewson
2016-05-26Functionify code that writes votes to disk.George Kadianakis
2016-05-19Merge branch 'maint-0.2.8'Nick Mathewson
2016-05-17Remove duplicate siging_key_cert fields.Nick Mathewson
With the fix for #17150, I added a duplicate certificate here. Here I remove the original location in 0.2.8. (I wouldn't want to do that in 027, due to the amount of authority-voting-related code drift.) Closes 19073.
2016-05-11Authorities now sort the "package" lines in their votesRoger Dingledine
(They are already sorted in the consensus documents) Fixes bug 18840; bugfix on 0.2.6.3-alpha.
2016-05-11write v3-status-votes file earlier in consensus votingRoger Dingledine
Make directory authorities write the v3-status-votes file out to disk earlier in the consensus process, so we have the votes even if we abort the consensus process later on. Resolves ticket 19036.
2016-05-11Fetch certificates from the same directory as previous certificatesteor (Tim Wilson-Brown)
Improves the fix to #18963.
2016-05-11Fetch certificates from the same directory as the consensusteor (Tim Wilson-Brown)
Resolves ticket 18963; fix on #4483 in 0.2.8.1-alpha.
2016-03-21Merge branch 'maint-0.2.7'Nick Mathewson
2016-03-21Fix another case of 17668: Add NoEdConsensusNick Mathewson
I had a half-built mechanism to track, during the voting process, whether the Ed25519 value (or lack thereof) reflected a true consensus among the authorities. But we never actually inserted this field in the consensus. The key idea here is that we first attempt to match up votes by pairs of <Ed,RSA>, where <Ed> can be NULL if we're told that there is no Ed key. If this succeeds, then we can treat all those votes as 'a consensus for Ed'. And we can include all other votes with a matching RSA key and no statement about Ed keys as being "also about the same relay." After that, we look for RSA keys we haven't actually found an entry for yet, and see if there are enough votes for them, NOT considering Ed keys. If there are, we match them as before, but we treat them as "not a consensus about ed". When we include an entry in a consensus, if it does not reflect a consensus about ed keys, then we include a new NoEdConsensus flag on it. This is all only for consensus method 22 or later. Also see corresponding dir-spec patch.
2016-02-27Update the copyright year.Nick Mathewson
2016-02-23Replace two instances of N_DIGEST_ALGORITHMS.Nick Mathewson
These should have been N_COMMON_DIGEST_ALGORITHMS. Fixes bug 18380; bug not in any released Tor.
2016-02-22Enable ed25519 collator in voting.Nick Mathewson
Previously, I had left in some debugging code with /*XXX*/ after it, which nobody noticed. Live and learn! Next time I will use /*XXX DO NOT COMMIT*/ or something. We need to define a new consensus method for this; consensus method 21 shouldn't actually be used. Fixes bug 17702; bugfix on 0.2.7.2-alpha.
2016-02-10Rename crypto_digest_all, and digests_t.Nick Mathewson
They are no longer "all" digests, but only the "common" digests. Part of 17795. This is an automated patch I made with a couple of perl one-liners: perl -i -pe 's/crypto_digest_all/crypto_common_digests/g;' src/*/*.[ch] perl -i -pe 's/\bdigests_t\b/common_digests_t/g;' src/*/*.[ch]
2015-12-18Let make_consensus_method_list be used in testsMatthew Finkel
2015-09-15Add tests for directory_handle_command_getReinaldo de Souza Jr
2015-08-13Fix some types on container fnsNick Mathewson
2015-05-29Fix a warning from the clangalyzer.Nick Mathewson
2015-05-28Merge branch '12498_ed25519_keys_v6'Nick Mathewson
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28Implement ed25519 identity collation for voting.Nick Mathewson
This is a new collator type that follows proposal 220 for deciding which identities to include. The rule is (approximately): If a <ed,rsa> identity is listed by more than half of authorities, include it. And include all <rsa> votes about that node as matching. Otherwise, if an <*,rsa> or <rsa> identity is listed by more than half of the authorities, and no <ed,rsa> has been listed, include it.
2015-05-28Refactor code that matches up routers with the same identity in votesNick Mathewson
This makes 'routerstatus collation' into a first-class concept, so we can change how that works for prop220.
2015-05-28Checkpoint some work on voting on ed25519 identitiesNick Mathewson
* Include ed25519 identities in votes * Include "no ed25519 identity" in votes * Include some commented-out code about identity voting. (This will disappear.) * Include some functions for identity voting (These will disappear.) * Enforce uniqueness in ed25519 keys within a vote
2015-05-28Include ed25519 keys in microdescriptors.Nick Mathewson
2015-04-23Use a custom Base64 encoder with more control over the output format.Yawning Angel