1
//! Parsing implementation for networkstatus documents.
2
//!
3
//! In Tor, a networkstatus documents describes a complete view of the
4
//! relays in the network: how many there are, how to contact them,
5
//! and so forth.
6
//!
7
//! A networkstatus document can either be a "votes" -- an authority's
8
//! view of the network, used as input to the voting process -- or a
9
//! "consensus" -- a combined view of the network based on multiple
10
//! authorities' votes, and signed by multiple authorities.
11
//!
12
//! A consensus document can itself come in two different flavors: a
13
//! plain (unflavoured) consensus has references to router descriptors, and
14
//! a "microdesc"-flavored consensus ("md") has references to
15
//! microdescriptors.
16
//!
17
//! To keep an up-to-date view of the network, clients download
18
//! microdescriptor-flavored consensuses periodically, and then
19
//! download whatever microdescriptors the consensus lists that the
20
//! client doesn't already have.
21
//!
22
//! For full information about the network status format, see
23
//! [dir-spec.txt](https://spec.torproject.org/dir-spec).
24
//!
25
//! # Limitations
26
//!
27
//! NOTE: The consensus format has changes time, using a
28
//! "consensus-method" mechanism.  This module is does not yet handle all
29
//! all historical consensus-methods.
30
//!
31
//! NOTE: This module _does_ parse some fields that are not in current
32
//! use, like relay nicknames, and the "published" times on
33
//! microdescriptors. We should probably decide whether we actually
34
//! want to do this.
35
//!
36
//! TODO: This module doesn't implement vote parsing at all yet.
37
//!
38
//! TODO: This module doesn't implement plain consensuses.
39
//!
40
//! TODO: We need an object safe trait that combines the common operations found
41
//! on netstatus documents, so we can store one in a `Box<dyn CommonNs>` or
42
//! something similar; otherwise interfacing applications have a hard time to
43
//! process netstatus documents in a flavor agnostic fashion.
44
//!
45
//! TODO: More testing is needed!
46
//!
47
//! TODO: There should be accessor functions for most of the fields here.
48
//! As with the other tor-netdoc types, I'm deferring those till I know what
49
//! they should be.
50

            
51
mod dir_source;
52
mod rs;
53

            
54
pub mod md;
55
pub mod plain;
56
#[cfg(feature = "incomplete")]
57
pub mod vote;
58

            
59
#[cfg(feature = "build_docs")]
60
mod build;
61

            
62
pub use proto_statuses_parse2_encode::ProtoStatusesNetdocParseAccumulator;
63

            
64
#[cfg(feature = "incomplete")]
65
use crate::doc::authcert::EncodedAuthCert;
66

            
67
use crate::doc::authcert::{self, AuthCert, AuthCertKeyIds, AuthCertUnverified};
68
use crate::encode::{
69
    EncodeOrd, ItemArgument, ItemEncoder, ItemValueEncodable, NetdocEncodable, NetdocEncoder,
70
};
71
use crate::parse::keyword::Keyword;
72
use crate::parse::parser::{Section, SectionRules, SectionRulesBuilder};
73
use crate::parse::tokenize::{Item, ItemResult, NetDocReader};
74
use crate::parse2::{
75
    self, ArgumentError, ArgumentStream, ErrorProblem, IsStructural, ItemArgumentParseable,
76
    ItemStream, ItemValueParseable, KeywordRef, NetdocParseable, NetdocParseableUnverified,
77
    SignatureHashInputs, SignatureItemParseable, StopAt, UnparsedItem, VerifyFailed,
78
};
79
use crate::types::relay_flags::{self, DocRelayFlags};
80
use crate::types::{self, *};
81
use crate::util::PeekableIterator;
82
use crate::{Error, KeywordEncodable, NetdocErrorKind as EK, NormalItemArgument, Pos};
83
use std::collections::{BTreeSet, HashMap, HashSet};
84
use std::fmt::{self, Display};
85
use std::slice;
86
use std::str::FromStr;
87
use std::sync::Arc;
88
use std::time::{self, SystemTime};
89
use std::{net, result};
90
use tor_basic_utils::iter_join;
91
use tor_error::{Bug, HasKind, bad_api_usage, internal};
92
use tor_protover::Protocols;
93
use void::ResultVoidExt as _;
94

            
95
use derive_deftly::{Deftly, define_derive_deftly};
96
use digest::Digest;
97
use itertools::Itertools;
98
use saturating_time::SaturatingTime as _;
99
use std::sync::LazyLock;
100
use tor_checkable::{ExternallySigned, Timebound, timed::TimerangeBound};
101
use tor_llcrypto as ll;
102
use tor_llcrypto::pk::rsa::RsaIdentity;
103

            
104
use serde::{Deserialize, Deserializer};
105

            
106
#[cfg(feature = "build_docs")]
107
pub use build::MdConsensusBuilder;
108
#[cfg(feature = "build_docs")]
109
pub use build::PlainConsensusBuilder;
110
#[cfg(feature = "build_docs")]
111
ns_export_each_flavor! {
112
    ty: RouterStatusBuilder;
113
}
114

            
115
ns_export_each_variety! {
116
    ty: Footer, RouterStatus, Preamble;
117
}
118

            
119
#[deprecated]
120
pub use PlainConsensus as NsConsensus;
121
#[deprecated]
122
pub use PlainRouterStatus as NsRouterStatus;
123
#[deprecated]
124
pub use UncheckedPlainConsensus as UncheckedNsConsensus;
125
#[deprecated]
126
pub use UnvalidatedPlainConsensus as UnvalidatedNsConsensus;
127

            
128
pub use rs::{RouterStatusMdDigestsVote, SoftwareVersion};
129

            
130
pub use dir_source::{ConsensusAuthoritySection, DirSource, SupersededAuthorityKey};
131

            
132
define_constant_string! {
133
    /// `network-status-version` version value
134
    ///
135
    /// This is the fixed string `3`.
136
    ///
137
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:network-status-version>
138
    //
139
    // IMO this is nicer than the formulation with an enum.
140
    // In practice we are not going to support other versions with the same parsing approach;
141
    // probably not even with the same code.
142
    NetworkStatusVersion = "3";
143
}
144

            
145
define_constant_string! {
146
    /// The `status` value in a `vote-status` line in a consensus
147
    ///
148
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:vote-status>
149
    VoteStatusConsensus = "consensus";
150
}
151

            
152
define_constant_string! {
153
    /// The `vote` value in a `vote-status` line in a vote
154
    ///
155
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:vote-status>
156
    VoteStatusVote = "vote";
157
}
158

            
159
/// `publiscation` field in routerstatus entry intro item other than in votes
160
///
161
/// Two arguments which are both ignored.
162
/// This used to be an ISO8601 timestamp in anomalous two-argument format.
163
///
164
/// Nowadays, according to the spec, it can be a dummy value.
165
/// So it can be a unit type.
166
///
167
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:r>,
168
/// except in votes which use [`Iso8601TimeSp`] instead.
169
///
170
/// **Not the same as** the `published` item:
171
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:published>
172
#[derive(Debug, Copy, Clone, Eq, PartialEq, Hash, Ord, PartialOrd, Default)]
173
#[allow(clippy::exhaustive_structs)]
174
pub struct IgnoredPublicationTimeSp;
175

            
176
/// The lifetime of a networkstatus document.
177
///
178
/// In a consensus, this type describes when the consensus may safely
179
/// be used.  In a vote, this type describes the proposed lifetime for a
180
/// consensus.
181
///
182
/// Aggregate of three netdoc preamble fields.
183
#[derive(Clone, Debug, Deftly)]
184
#[derive_deftly(Constructor, NetdocEncodableFields, NetdocParseableFields)]
185
#[derive_deftly(Lifetime)]
186
#[allow(clippy::exhaustive_structs)]
187
pub struct Lifetime {
188
    /// `valid-after` --- Time at which the document becomes valid
189
    ///
190
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:published>
191
    ///
192
    /// (You might see a consensus a little while before this time,
193
    /// since voting tries to finish up before the.)
194
    #[deftly(constructor)]
195
    #[deftly(netdoc(single_arg))]
196
    pub valid_after: Iso8601TimeSp,
197
    /// `fresh-until` --- Time after which there is expected to be a better version
198
    /// of this consensus
199
    ///
200
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:published>
201
    ///
202
    /// You can use the consensus after this time, but there is (or is
203
    /// supposed to be) a better one by this point.
204
    #[deftly(constructor)]
205
    #[deftly(netdoc(single_arg))]
206
    pub fresh_until: Iso8601TimeSp,
207
    /// `valid-until` --- Time after which this consensus is expired.
208
    ///
209
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:published>
210
    ///
211
    /// You should try to get a better consensus after this time,
212
    /// though it's okay to keep using this one if no more recent one
213
    /// can be found.
214
    #[deftly(constructor)]
215
    #[deftly(netdoc(single_arg))]
216
    pub valid_until: Iso8601TimeSp,
217

            
218
    #[doc(hidden)]
219
    #[deftly(netdoc(skip))]
220
    pub __non_exhaustive: (),
221
}
222

            
223
define_derive_deftly! {
224
    /// Bespoke derive for `Lifetime`, for `new` and accessors
225
    Lifetime:
226

            
227
    ${defcond FIELD not(approx_equal($fname, __non_exhaustive))}
228

            
229
    impl Lifetime {
230
        /// Construct a new Lifetime.
231
14422
        pub fn new(
232
14422
            $( ${when FIELD} $fname: time::SystemTime, )
233
14422
        ) -> crate::Result<Self> {
234
            // Make this now because otherwise literal `valid_after` here in the body
235
            // has the wrong span - the compiler refuses to look at the argument.
236
            // But we can refer to the field names.
237
            let self_ = Lifetime {
238
                $( ${when FIELD} $fname: $fname.into(), )
239
                __non_exhaustive: (),
240
            };
241
            if self_.valid_after < self_.fresh_until && self_.fresh_until < self_.valid_until {
242
                Ok(self_)
243
            } else {
244
                Err(EK::InvalidLifetime.err())
245
            }
246
        }
247
      $(
248
        ${when FIELD}
249

            
250
        ${fattrs doc}
251
145860
        pub fn $fname(&self) -> time::SystemTime {
252
            *self.$fname
253
        }
254
      )
255
        /// Return true if this consensus is officially valid at the provided time.
256
520
        pub fn valid_at(&self, when: time::SystemTime) -> bool {
257
            *self.valid_after <= when && when <= *self.valid_until
258
        }
259

            
260
        /// Return the voting period implied by this lifetime.
261
        ///
262
        /// (The "voting period" is the amount of time in between when a consensus first
263
        /// becomes valid, and when the next consensus is expected to become valid)
264
53872
        pub fn voting_period(&self) -> time::Duration {
265
            let valid_after = self.valid_after();
266
            let fresh_until = self.fresh_until();
267
            fresh_until
268
                .duration_since(valid_after)
269
                .expect("Mis-formed lifetime")
270
        }
271
    }
272
}
273
use derive_deftly_template_Lifetime;
274

            
275
/// A single consensus method
276
///
277
/// These are integers, but we don't do arithmetic on them.
278
///
279
/// As defined here:
280
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:consensus-methods>
281
/// <https://spec.torproject.org/dir-spec/computing-consensus.html#flavor:microdesc>
282
///
283
/// As used in a `consensus-method` item:
284
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:consensus-method>
285
#[derive(Debug, Clone, Default, Eq, PartialEq, Ord, PartialOrd, Hash, Copy)] //
286
#[derive(derive_more::From, derive_more::Into, derive_more::Display, derive_more::FromStr)]
287
pub struct ConsensusMethod(u32);
288
impl NormalItemArgument for ConsensusMethod {}
289

            
290
/// A set of consensus methods
291
///
292
/// Implements `ItemValueParseable` as required for `consensus-methods`,
293
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:consensus-methods>
294
///
295
/// There is also [`consensus_methods_comma_separated`] for `m` lines in votes.
296
#[derive(Debug, Clone, Default, Eq, PartialEq, Ord, PartialOrd, Deftly)]
297
#[derive_deftly(ItemValueEncodable, ItemValueParseable)]
298
#[non_exhaustive]
299
pub struct ConsensusMethods {
300
    /// Consensus methods.
301
    pub methods: BTreeSet<ConsensusMethod>,
302
}
303

            
304
/// Module for use with parse2's `with`, to parse one argument of comma-separated consensus methods
305
///
306
/// As found in an `m` item in a vote:
307
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:m>
308
pub mod consensus_methods_comma_separated {
309
    use super::*;
310
    use parse2::ArgumentError as AE;
311
    use std::result::Result;
312

            
313
    /// Parse
314
42
    pub fn from_args<'s>(args: &mut ArgumentStream<'s>) -> Result<ConsensusMethods, AE> {
315
42
        let mut methods = BTreeSet::new();
316
168
        for ent in args.next().ok_or(AE::Missing)?.split(',') {
317
168
            let ent = ent.parse().map_err(|_| AE::Invalid)?;
318
168
            if !methods.insert(ent) {
319
                return Err(AE::Invalid);
320
168
            }
321
        }
322
42
        Ok(ConsensusMethods { methods })
323
42
    }
324

            
325
    /// Encode
326
    #[cfg(feature = "incomplete")] // untested
327
14
    pub fn write_arg_onto(self_: &ConsensusMethods, out: &mut ItemEncoder) -> Result<(), Bug> {
328
14
        out.args_raw_string(&iter_join(",", &self_.methods));
329
14
        Ok(())
330
14
    }
331
}
332

            
333
/// A set of named network parameters.
334
///
335
/// These are used to describe current settings for the Tor network,
336
/// current weighting parameters for path selection, and so on.  They're
337
/// encoded with a space-separated K=V format.
338
///
339
/// A `NetParams<i32>` is part of the validated directory manager configuration,
340
/// where it is built (in the builder-pattern sense) from a transparent HashMap.
341
///
342
/// As found in `params` in a network status:
343
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:params>
344
///
345
/// The same syntax is also used, and this type used for parsing, in various other places,
346
/// for example routerstatus entry `w` items (bandwidth weights):
347
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:w>
348
//
349
// TODO DIRAUTH torspec#401 Replace `String` with a suitable newtype
350
// Currently:
351
//  - Our parser allows any keyword that makes it into a netdoc argument,
352
//    but it splits on the *first* `=` so a `NetParams<i32>` cannot parse a keyword with a `=`.
353
//  - We provide constructors that allow any `String`, even ones containing space, `=`,
354
//    newline, etc.
355
//  - Encoding throws `Bug` if the resulting document will be clearly garbage,
356
//    forbidding `=`, whitespace, and controls.  If the supplied keywords are bizarre,
357
//    it may generate surprising documents (eg, containing exciting Unicode).
358
#[derive(Debug, Clone, Default, Eq, PartialEq)]
359
pub struct NetParams<T> {
360
    /// Map from keys to values.
361
    params: HashMap<String, T>,
362
}
363

            
364
impl<T> NetParams<T> {
365
    /// Create a new empty list of NetParams.
366
    #[allow(unused)]
367
29232
    pub fn new() -> Self {
368
29232
        NetParams {
369
29232
            params: HashMap::new(),
370
29232
        }
371
29232
    }
372
    /// Retrieve a given network parameter, if it is present.
373
190544
    pub fn get<A: AsRef<str>>(&self, v: A) -> Option<&T> {
374
190544
        self.params.get(v.as_ref())
375
190544
    }
376
    /// Return an iterator over all key value pairs in an arbitrary order.
377
23890
    pub fn iter(&self) -> impl Iterator<Item = (&String, &T)> {
378
23890
        self.params.iter()
379
23890
    }
380
    /// Set or replace the value of a network parameter.
381
10182
    pub fn set(&mut self, k: String, v: T) {
382
10182
        self.params.insert(k, v);
383
10182
    }
384
}
385

            
386
impl<K: Into<String>, T> FromIterator<(K, T)> for NetParams<T> {
387
6826
    fn from_iter<I: IntoIterator<Item = (K, T)>>(i: I) -> Self {
388
        NetParams {
389
6873
            params: i.into_iter().map(|(k, v)| (k.into(), v)).collect(),
390
        }
391
6826
    }
392
}
393

            
394
impl<T> std::iter::Extend<(String, T)> for NetParams<T> {
395
3778
    fn extend<I: IntoIterator<Item = (String, T)>>(&mut self, iter: I) {
396
3778
        self.params.extend(iter);
397
3778
    }
398
}
399

            
400
impl<'de, T> Deserialize<'de> for NetParams<T>
401
where
402
    T: Deserialize<'de>,
403
{
404
    fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
405
    where
406
        D: Deserializer<'de>,
407
    {
408
        let params = HashMap::deserialize(deserializer)?;
409
        Ok(NetParams { params })
410
    }
411
}
412

            
413
/// A list of subprotocol versions that implementors should/must provide.
414
///
415
/// This struct represents a pair of (optional) items:
416
/// `recommended-FOO-protocols` and `required-FOO-protocols`.
417
///
418
/// Each consensus has two of these: one for relays, and one for clients.
419
///
420
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:required-relay-protocols>
421
#[derive(Debug, Clone, Default, PartialEq, serde::Serialize, serde::Deserialize)]
422
pub struct ProtoStatus {
423
    /// Set of protocols that are recommended; if we're missing a protocol
424
    /// in this list we should warn the user.
425
    ///
426
    /// `recommended-client-protocols` or `recommended-relay-protocols`
427
    recommended: Protocols,
428
    /// Set of protocols that are required; if we're missing a protocol
429
    /// in this list we should refuse to start.
430
    ///
431
    /// `required-client-protocols` or `required-relay-protocols`
432
    required: Protocols,
433
}
434

            
435
impl ProtoStatus {
436
    /// Check whether the list of supported protocols
437
    /// is sufficient to satisfy this list of recommendations and requirements.
438
    ///
439
    /// If any required protocol is missing, returns [`ProtocolSupportError::MissingRequired`].
440
    ///
441
    /// Otherwise, if no required protocol is missing, but some recommended protocol is missing,
442
    /// returns [`ProtocolSupportError::MissingRecommended`].
443
    ///
444
    /// Otherwise, if no recommended or required protocol is missing, returns `Ok(())`.
445
162
    pub fn check_protocols(
446
162
        &self,
447
162
        supported_protocols: &Protocols,
448
162
    ) -> Result<(), ProtocolSupportError> {
449
        // Required protocols take precedence, so we check them first.
450
162
        let missing_required = self.required.difference(supported_protocols);
451
162
        if !missing_required.is_empty() {
452
54
            return Err(ProtocolSupportError::MissingRequired(missing_required));
453
108
        }
454
108
        let missing_recommended = self.recommended.difference(supported_protocols);
455
108
        if !missing_recommended.is_empty() {
456
54
            return Err(ProtocolSupportError::MissingRecommended(
457
54
                missing_recommended,
458
54
            ));
459
54
        }
460

            
461
54
        Ok(())
462
162
    }
463
}
464

            
465
/// A subprotocol that is recommended or required in the consensus was not present.
466
#[derive(Clone, Debug, thiserror::Error)]
467
#[cfg_attr(test, derive(PartialEq))]
468
#[non_exhaustive]
469
pub enum ProtocolSupportError {
470
    /// At least one required protocol was not in our list of supported protocols.
471
    #[error("Required protocols are not implemented: {0}")]
472
    MissingRequired(Protocols),
473

            
474
    /// At least one recommended protocol was not in our list of supported protocols.
475
    ///
476
    /// Also implies that no _required_ protocols were missing.
477
    #[error("Recommended protocols are not implemented: {0}")]
478
    MissingRecommended(Protocols),
479
}
480

            
481
impl ProtocolSupportError {
482
    /// Return true if the suggested behavior for this error is a shutdown.
483
    pub fn should_shutdown(&self) -> bool {
484
        matches!(self, Self::MissingRequired(_))
485
    }
486
}
487

            
488
impl HasKind for ProtocolSupportError {
489
    fn kind(&self) -> tor_error::ErrorKind {
490
        tor_error::ErrorKind::SoftwareDeprecated
491
    }
492
}
493

            
494
/// A set of recommended and required protocols when running
495
/// in various scenarios.
496
///
497
/// Represents the collection of four items: `{recommended,required}-{client,relay}-protocols`.
498
///
499
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:required-relay-protocols>
500
#[derive(Clone, Debug, Default, PartialEq, serde::Serialize, serde::Deserialize)]
501
pub struct ProtoStatuses {
502
    /// Lists of recommended and required subprotocol versions for clients
503
    client: ProtoStatus,
504
    /// Lists of recommended and required subprotocol versions for relays
505
    relay: ProtoStatus,
506
}
507

            
508
impl ProtoStatuses {
509
    /// Return the list of recommended and required protocols for running as a client.
510
156
    pub fn client(&self) -> &ProtoStatus {
511
156
        &self.client
512
156
    }
513

            
514
    /// Return the list of recommended and required protocols for running as a relay.
515
    pub fn relay(&self) -> &ProtoStatus {
516
        &self.relay
517
    }
518
}
519

            
520
/// List of recommended Tor versions
521
///
522
/// As seen in `client-versions` and `server-versions` in the preamble.
523
///
524
/// Technically these are supposed to be as according to
525
/// "`version-spec.txt`" but we actually allow anything that doesn't contain commas.
526
///
527
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:client-versions>
528
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:server-versions>
529
///
530
/// An empty set means no information, not no recommended versions.
531
//
532
// TODO should we have a CommaSeparated<T> type for arguments like this?
533
// But maybe we wouldn't be able to use it here anyway because of
534
// the special handling of the missing value.
535
//
536
// This is yet a third version number representation in arti!  Here it's just String.
537
// TODO unify RecommendedTorVersions, RelayPlatform, TorVersion
538
#[derive(Clone, Debug, Default, Eq, PartialEq, Ord, PartialOrd)] //
539
#[derive(derive_more::Deref, derive_more::Into)]
540
pub struct RecommendedTorVersions(BTreeSet<String>);
541

            
542
/// Erroneous "recommended Tor versions" information
543
#[derive(Clone, Debug, Eq, PartialEq, thiserror::Error)]
544
#[non_exhaustive]
545
pub enum InvalidRecommendedTorVersions {
546
    /// Identical version appears twice
547
    #[error("version {_0:?} contains whitespace")]
548
    ContainsWhitespace(String),
549

            
550
    /// Identical version appears twice
551
    #[error("version {_0:?} is repeated")]
552
    Repeated(String),
553
}
554

            
555
impl RecommendedTorVersions {
556
    /// Return a `RecommendedTorVersions` that has no information
557
    pub fn new_unknown() -> Self {
558
        Self::default()
559
    }
560

            
561
    /// Does this `RecommendedTorVersions` have any information?
562
    ///
563
    /// Ie, is it not empty.
564
    ///
565
    /// The opposite of [`BTreeSet::is_empty()`] (which available via deref).
566
    pub fn is_known(&self) -> bool {
567
        !self.is_empty()
568
    }
569

            
570
    /// Construct a RecommendedTorVersions from a list of strings
571
    #[allow(clippy::should_implement_trait)] // we can't due to coherence
572
25212
    pub fn from_iter<I, S>(i: I) -> Result<Self, InvalidRecommendedTorVersions>
573
25212
    where
574
25212
        I: IntoIterator<Item = S>,
575
25212
        S: AsRef<str>,
576
    {
577
25212
        let mut set = BTreeSet::new();
578
25212
        for v in i {
579
772
            let v = v.as_ref();
580
772
            if v.is_empty() {
581
764
                continue;
582
8
            }
583
56
            if v.chars().any(|c| c.is_whitespace()) {
584
                return Err(InvalidRecommendedTorVersions::ContainsWhitespace(
585
                    v.to_owned(),
586
                ));
587
8
            }
588
8
            if !set.insert(v.to_owned()) {
589
                return Err(InvalidRecommendedTorVersions::Repeated(v.to_owned()));
590
8
            }
591
        }
592
25212
        Ok(RecommendedTorVersions(set))
593
25212
    }
594
}
595

            
596
impl FromStr for RecommendedTorVersions {
597
    type Err = InvalidRecommendedTorVersions;
598
764
    fn from_str(s: &str) -> Result<Self, InvalidRecommendedTorVersions> {
599
764
        Self::from_iter(s.split(','))
600
764
    }
601
}
602

            
603
impl Display for RecommendedTorVersions {
604
12
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
605
12
        write!(f, "{}", iter_join(",", &self.0))
606
12
    }
607
}
608

            
609
impl NormalItemArgument for RecommendedTorVersions {}
610

            
611
impl ItemValueEncodable for RecommendedTorVersions {
612
12
    fn write_item_value_onto(&self, mut out: ItemEncoder) -> Result<(), Bug> {
613
12
        out.args_raw_string(self);
614
12
        Ok(())
615
12
    }
616
}
617

            
618
impl ItemValueParseable for RecommendedTorVersions {
619
8
    fn from_unparsed(mut item: UnparsedItem) -> Result<Self, ErrorProblem> {
620
        const FIELD: &str = "versions";
621
8
        item.check_no_object()?;
622
8
        let args = item.args_mut();
623
8
        let arg = args.next().unwrap_or("");
624
8
        arg.parse::<Self>()
625
8
            .map_err(|_| args.handle_error(FIELD, ArgumentError::Invalid))
626
8
    }
627
}
628

            
629
/// A recognized 'flavor' of consensus document.
630
///
631
/// The enum is exhaustive because the addition/removal of a consensus flavor
632
/// should indeed be a breaking change, as it would inevitable require
633
/// interfacing code to think about the handling of it.
634
///
635
/// <https://spec.torproject.org/dir-spec/computing-consensus.html#flavors>
636
#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash, Ord, PartialOrd)]
637
#[allow(clippy::exhaustive_enums)]
638
pub enum ConsensusFlavor {
639
    /// A "microdesc"-flavored consensus.  This is the one that
640
    /// clients and relays use today.
641
    Microdesc,
642
    /// A "networkstatus"-flavored consensus.  It's used for
643
    /// historical and network-health purposes.  Instead of listing
644
    /// microdescriptor digests, it lists digests of full relay
645
    /// descriptors.
646
    Plain,
647
}
648

            
649
impl ConsensusFlavor {
650
    /// Return the name of this consensus flavor.
651
2652
    pub fn name(&self) -> &'static str {
652
2652
        match self {
653
936
            ConsensusFlavor::Plain => "ns", // spec bug, now baked in
654
1716
            ConsensusFlavor::Microdesc => "microdesc",
655
        }
656
2652
    }
657
    /// Try to find the flavor whose name is `name`.
658
    ///
659
    /// For historical reasons, an unnamed flavor indicates an "Plain"
660
    /// document.
661
378
    pub fn from_opt_name(name: Option<&str>) -> crate::Result<Self> {
662
378
        match name {
663
376
            Some("microdesc") => Ok(ConsensusFlavor::Microdesc),
664
2
            Some("ns") | None => Ok(ConsensusFlavor::Plain),
665
            Some(other) => {
666
                Err(EK::BadDocumentType.with_msg(format!("unrecognized flavor {:?}", other)))
667
            }
668
        }
669
378
    }
670
}
671

            
672
define_derive_deftly! {
673
    /// Bespoke derives applied to [`DirectorySignatureHashAlgo`]
674
    ///
675
    /// Generates:
676
    ///
677
    ///  * [`DirectorySignaturesHashesAccu`]
678
    ///  * [`DirectorySignaturesHashesAccu::update_from`]
679
    ///  * [`DirectorySignaturesHashesAccu::hash_slice_for_verification`]
680
    DirectorySignaturesHashesAccu:
681

            
682
    ${define FNAME ${paste ${snake_case $vname}} }
683

            
684
    /// `directory-signature`a hash algorithm argument
685
    #[derive(Clone, Copy, Default, Debug, Eq, PartialEq, Deftly)]
686
    #[derive_deftly(AsMutSelf)]
687
    #[non_exhaustive]
688
    pub struct DirectorySignaturesHashesAccu {
689
      $(
690
        ${vattrs doc}
691
        pub $FNAME: Option<[u8; ${vmeta(hash_len) as expr}]>,
692
      )
693

            
694
      /// `sha1` but without the algorithm name
695
      ///
696
      /// This is needed because the hash includes the whole signature item keyword line,
697
      /// and therefore a signature with the `sha1` explicitly stated,
698
      /// and one without, have different hashes!
699
      ///
700
      /// So we mustn't use the `sha1` field for both implicit and explicit use of SHA-1,
701
      /// or multiple signatures with different syntax would overwrite each others'
702
      /// different hashes.
703
      pub sha1_unnamed: Option<[u8; 20]>,
704
    }
705

            
706
    impl DirectorySignaturesHashesAccu {
707
        /// Calculate the hash for a signature item and update this accumulator
708
1894
        fn update_from(
709
            &mut self,
710
            algo: &DigestAlgoInSignature,
711
            body: &SignatureHashInputs,
712
        ) {
713
            // Update the hash in self.$UPDATE according to algorithm $AGLO
714
            // (uses dynamic bindings of those parameters)
715
            ${define HASH {
716
                // Avoid recalculating if we don't need to
717
218
                self.$UPDATE.get_or_insert_with(|| {
718
                    let mut h = tor_llcrypto::d::$ALGO::new();
719
                    h.update(body.body().body());
720
                    h.update(body.signature_item_kw_spc);
721
                    h.finalize().into()
722
                });
723
            }}
724

            
725
            match &**algo {
726
              $(
727
                Some(KeywordOrString::Known($vtype)) => {
728
                    ${define UPDATE $FNAME}
729
                    ${define ALGO $vname}
730
                    $HASH
731
                }
732
              )
733
                None => {
734
                    ${define UPDATE sha1_unnamed}
735
                    ${define ALGO Sha1}
736
                    $HASH
737
                }
738
                Some(KeywordOrString::Unknown(..)) => {}
739
            }
740
        }
741

            
742
        /// Return the hash value for a specific algorithm, as a slice
743
        ///
744
        /// `None` if the value wasn't computed.
745
        /// That shouldn't happen.
746
        // TODO DIRAUTH make private when poc's verification is abolished
747
196
        pub(crate) fn hash_slice_for_verification(
748
196
            &self,
749
196
            algo: &DigestAlgoInSignature,
750
196
        ) -> Option<&[u8]> {
751
            match &**algo {
752
              $(
753
                Some(KeywordOrString::Known($vtype)) => Some(self.$FNAME.as_ref()?),
754
              )
755
                None => Some(self.sha1_unnamed.as_ref()?),
756
                Some(KeywordOrString::Unknown(..)) => None,
757
            }
758
        }
759
    }
760
}
761

            
762
/// `directory-signature` hash algorithm argument
763
#[derive(Clone, Copy, Debug, Eq, PartialEq, strum::Display, strum::EnumString, Deftly)]
764
#[derive_deftly(DirectorySignaturesHashesAccu)]
765
#[non_exhaustive]
766
#[strum(serialize_all = "snake_case")]
767
pub enum DirectorySignatureHashAlgo {
768
    /// SHA-1
769
    #[deftly(hash_len = "20")]
770
    Sha1,
771
    /// SHA-256
772
    #[deftly(hash_len = "32")]
773
    Sha256,
774
}
775

            
776
/// `algorithm` field in a `directory-signature` item
777
///
778
/// This is extremely bizarre: it's an *optional item at the start of the arguments*!
779
// TODO SPEC #350
780
///
781
/// So we parse it with some kind of nightmarish lookahead.
782
///
783
/// Additionally, to be able to convey the signatures accurately, without breaking them,
784
/// we must remember whether the argument was present.
785
///
786
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:directory-signature>
787
#[derive(Debug, Clone, derive_more::Deref, derive_more::DerefMut)]
788
#[allow(clippy::exhaustive_structs)]
789
pub struct DigestAlgoInSignature(pub Option<KeywordOrString<DirectorySignatureHashAlgo>>);
790

            
791
impl ItemArgumentParseable for DigestAlgoInSignature {
792
1894
    fn from_args<'s>(args: &mut ArgumentStream<'s>) -> Result<Self, ArgumentError> {
793
1894
        let v = if args
794
1894
            .clone()
795
1894
            .next()
796
            // Treat it as a fingerprint if it doesn't have any non-hex characters
797
            // (including lowercase ones).  If we reuse this item for new algorithms
798
            // they should have at least one letter g-z in their name.
799
75495
            .and_then(|s| s.chars().all(|c| c.is_ascii_hexdigit()).then_some(()))
800
1894
            .is_some()
801
        {
802
            // next argument looks enough like a fingerprint that we don't treat as an algo name
803
1886
            None
804
        } else {
805
8
            Some(KeywordOrString::from_args(args)?)
806
        };
807
1894
        Ok(DigestAlgoInSignature(v))
808
1894
    }
809
}
810
impl ItemArgument for DigestAlgoInSignature {
811
18
    fn write_arg_onto(&self, out: &mut ItemEncoder<'_>) -> Result<(), Bug> {
812
18
        if let Some(y) = &self.0 {
813
8
            y.write_arg_onto(out)?;
814
10
        }
815
18
        Ok(())
816
18
    }
817
}
818
impl DigestAlgoInSignature {
819
    /// Return the actual algorithm
820
    ///
821
    /// This handles the defaulting, where an absent argument means `sha1`.
822
    pub fn algorithm(&self) -> &KeywordOrString<DirectorySignatureHashAlgo> {
823
        self.as_ref()
824
            .unwrap_or(&KeywordOrString::Known(DirectorySignatureHashAlgo::Sha1))
825
    }
826
}
827

            
828
impl NormalItemArgument for DirectorySignatureHashAlgo {}
829

            
830
/// The signature of a single directory authority on a networkstatus document.
831
///
832
/// Implements `ItemValueParseable` which parses without hashing anything;
833
/// this is mostly useful for use by the `SignatureItemParseable` implementation.
834
#[derive(Debug, Clone, Deftly)]
835
#[derive_deftly(ItemValueEncodable, ItemValueParseable)]
836
#[non_exhaustive]
837
pub struct Signature {
838
    /// The name of the digest algorithm used to make the signature.
839
    ///
840
    /// Currently sha1 and sh256 are recognized.  Here we only support
841
    /// sha256.
842
    pub digest_algo: DigestAlgoInSignature,
843
    /// Fingerprints of the keys for the authority that made
844
    /// this signature.
845
    #[deftly(netdoc(with = authcert::keyids_directory_signature_args))]
846
    pub key_ids: AuthCertKeyIds,
847
    /// The signature itself.
848
    #[deftly(netdoc(object(label = "SIGNATURE"), with = types::raw_data_object))]
849
    pub signature: Vec<u8>,
850
}
851

            
852
impl SignatureItemParseable for Signature {
853
    type HashAccu = DirectorySignaturesHashesAccu;
854

            
855
1894
    fn from_unparsed_and_body(
856
1894
        item: UnparsedItem,
857
1894
        body: &SignatureHashInputs<'_>,
858
1894
        hash: &mut Self::HashAccu,
859
1894
    ) -> Result<Self, ErrorProblem> {
860
1894
        let signature = Signature::from_unparsed(item)?;
861
1894
        hash.update_from(&signature.digest_algo, body);
862
1894
        Ok(signature)
863
1894
    }
864
}
865

            
866
/// A collection of signatures that can be checked on a networkstatus document
867
///
868
/// This is derived from the signatures section of a netstatus,
869
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#section:signature>,
870
/// but it is not isomorphic to it, and is not directly parseable.
871
#[derive(Debug, Clone)]
872
#[non_exhaustive]
873
pub struct SignatureGroup {
874
    /// The document hashes of the signed part of the document
875
    ///
876
    /// The pre-parse2 parser always sets `hashes.sha1` and `hashes.sha1_unnamed`
877
    /// to the same value, which is wrong. which is
878
    /// [bug #2530](https://gitlab.torproject.org/tpo/core/arti/-/work_items/2530)
879
    pub hashes: DirectorySignaturesHashesAccu,
880
    /// The signatures listed on the document.
881
    pub signatures: Vec<Signature>,
882
}
883

            
884
/// Error which will prevent us from attempting to verify signatures on a consensus
885
///
886
/// This error occurs if we the consensus isn't signed by the right people,
887
/// or we are lacking authcerts.
888
///
889
/// Does not represent actual verification errors.
890
/// Those show up as `VerifyFailed`, typically [`ConsensusVerifyFailed::InvalidSignature`].
891
///
892
/// Can be converted to a `VerifyFailed`,
893
/// giving [`InsufficientTrustedSigners`](VerifyFailed::InsufficientTrustedSigners).
894
#[derive(Clone, Debug, thiserror::Error)]
895
#[non_exhaustive]
896
// TODO DIRAUTH nothing tests that values in here are right, but there are no
897
// public entrypoints that return one, so we don't need to cfg it "incomplete".
898
pub enum ConsensusVerifiabilityError {
899
    /// Insufficient trusted signers
900
    #[error("consensus not signed by enough authorities")]
901
    InsufficientTrustedSigners,
902

            
903
    /// Insufficient trusted signers because we are missing authcerts
904
    #[error("missing auth certs mean we could not verify enough consensuis signatures (need at least {deficit} more, out of {} that are missing)", missing.len())]
905
    MissingAuthCerts {
906
        /// The number of additional useful authcerts that would be sufficient
907
        deficit: usize,
908
        /// All the authcerts that would be useful
909
        missing: HashSet<AuthCertKeyIds>,
910
    },
911
}
912

            
913
/// Error encountered while verifying a consensus
914
///
915
/// Thrown by
916
/// [`plain::NetworkStatusUnverified::verify`]
917
/// and
918
/// [`md::NetworkStatusUnverified::verify`].
919
///
920
/// Not used for problems with the validity period:
921
/// that's handled by `tor-checkable` and shows up as [`tor_checkable::TimeValidityError`].
922
///
923
/// Can be converted to a `VerifyFailed` (which, in effect, summarises the error).
924
#[derive(Clone, Debug, thiserror::Error)]
925
#[non_exhaustive]
926
pub enum ConsensusVerifyFailed {
927
    /// Certificates or signatures insufficient
928
    #[error("certs/sigs insufficient")]
929
    CertificationInsufficient(#[from] ConsensusVerifiabilityError),
930

            
931
    /// One or more signatures failed to verify
932
    #[error("invalid signature")]
933
    //
934
    // Not `#[from]` because we don't want to accidentally convert
935
    // ConsensusVerifiabilityError -> VerifyFailed -> ConsensusVerifyFailed
936
    // since that would give the wrong variant.
937
    InvalidSignature(#[source] VerifyFailed),
938
}
939

            
940
/// Error encountered while verifying a vote
941
///
942
/// Thrown by
943
/// [`vote::NetworkStatusUnverified::verify`].
944
///
945
/// Not used for problems with the validity period:
946
/// that's handled by `tor-checkable` and shows up as [`tor_checkable::TimeValidityError`].
947
///
948
/// Can be converted to a `VerifyFailed` (which, in effect, summarises the error).
949
#[derive(Clone, Debug, thiserror::Error)]
950
#[non_exhaustive]
951
pub enum VoteVerifyFailed {
952
    /// The document signature failed to verify
953
    #[error("invalid signature")]
954
    //
955
    // Not `#[from]` because we don't want to accidentally convert
956
    // VoteVerifyFailed::Something -> VerifyFailed -> VoteVerifyFailed
957
    // since that would give the wrong variant.
958
    InvalidSignature(#[source] VerifyFailed),
959

            
960
    /// Authcert couldn't be parsed
961
    #[error("unparseable authcert")]
962
    AuthCertParseError(#[source] parse2::ParseError),
963

            
964
    /// Authcert isn't valid for this vote's validity period
965
    #[error("authcert not valid for vote period")]
966
    AuthCertWrongValidity(#[source] tor_checkable::TimeValidityError),
967

            
968
    /// Authcert is for a different authority
969
    #[error("wrong authcert")]
970
    AuthCertWrongAuthority,
971
}
972

            
973
/// A shared random value produced by the directory authorities.
974
#[derive(
975
    Debug, Clone, Copy, Eq, PartialEq, derive_more::From, derive_more::Into, derive_more::AsRef,
976
)]
977
// (This doesn't need to use CtByteArray; we don't really need to compare these.)
978
pub struct SharedRandVal([u8; 32]);
979

            
980
/// A shared-random value produced by the directory authorities,
981
/// along with meta-information about that value.
982
#[derive(Debug, Clone, Deftly)]
983
#[non_exhaustive]
984
#[derive_deftly(ItemValueEncodable, ItemValueParseable)]
985
pub struct SharedRandStatus {
986
    /// How many authorities revealed shares that contributed to this value.
987
    pub n_reveals: u8,
988
    /// The current random value.
989
    ///
990
    /// The properties of the secure shared-random system guarantee
991
    /// that this value isn't predictable before it first becomes
992
    /// live, and that a hostile party could not have forced it to
993
    /// have any more than a small number of possible random values.
994
    pub value: SharedRandVal,
995

            
996
    /// The time when this SharedRandVal becomes (or became) the latest.
997
    ///
998
    /// (This is added per proposal 342, assuming that gets accepted.)
999
    pub timestamp: Option<Iso8601TimeNoSp>,
}
/// The two shared random values, `shared-rand-*-value`
///
/// As found in the consensus preamble
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-current-value>
/// and a vote's authority section
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#authority-item-shared-rand-value>
#[derive(Debug, Clone, Default, Deftly)]
#[derive_deftly(Constructor, NetdocEncodableFields, NetdocParseableFields)]
#[allow(clippy::exhaustive_structs)]
pub struct SharedRandStatuses {
    /// Global shared-random value for the previous shared-random period.
    pub shared_rand_previous_value: Option<SharedRandStatus>,
    /// Global shared-random value for the current shared-random period.
    pub shared_rand_current_value: Option<SharedRandStatus>,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// Relay weight information - `w` item in routerstatus
///
/// This is a combination of two representations of (subsets of) the same information,
/// from an optional `w` in the document.
///
///  * [`effective`](RelayWeightsItem::effective):
///
///    Always contains the effective weight, as [`RelayWeight`].
///    This is what is used by clients.
///    It does not record whether a `w` line was actually present.
///
///  * [`params`](RelayWeightsItem::params):
///
///    Can represent the presence and whole contents of the `w` line,
///    including all the known and unknown parameters.
///    This is within [`Unknown`], so it is only present with crate `feature = "retain-unknown"`,
///    and only some constructors/parsers record it.
///
/// # Parsing
///
/// Parsing is done with `NetdocParseableFields` rather than `ItemValueParseable`.
/// The `params` are [`Retained`](Unknown::Retained) if `retain_unknown_values` is
/// selected in [`parse2::ParseOptions`].
//
// We use NetdocParseableFields because the containing document, RouterStatus,
// contains `RelayWeightsItem` rather than `Option<RelayWeightsItem>`.
// The item parsing multiplicity machinery would see plain `RelayWeightsItem` as a required item.
//
// This representation also means so that if retaining unknown information is compiled out
// (ie, in clients) each routerstatus entry stored in memory does not need to record
// whether `w` was present, merely what the implications were.
//
// We can't use ItemValueParseable with #[deftly(netdoc(default))]
// because `RelayWeightsItem::default()` is a RelayWeightsItem that definitively
// contains no pazrameters, ie with `Unknown::Retained`,
// and is therefore only conditionally available.
/// # Encoding
///
/// Encoding requires knowing whether a `w` line is to be included, and its contents,
/// so is implemented only with if `effective` is `Unknown::Retained`.
/// The encoding impl is only compiled in with `"retain-unknown"`,
/// and throws [`Bug`] if applied to a `RelayWeightsItem` whose `params` are `Discarded`.
///
/// # Constructors
///
/// An "empty" `RelayWeightsItem` can be constructed with [`RelayWeightsItem::new_no_info`].
///
/// A `RelayWeightsItem` containing only the effective `RelayWeight`
/// can be constructed using [`RelayWeightsItem::from_effective`].
///
/// With `"retain-unknown"`:
/// a `RelayWeightsItem` can be constructed from a [`NetParams<u32>`] using `TryFrom`;
/// and, implements `Default`, which yields a `RelayWeightsItem`
/// representing the (known) absence of a `w` line.
//
// Fields are private to maintain the invariant.
#[derive(Debug, Clone)]
pub struct RelayWeightsItem {
    /// The effective relay weight
    effective: RelayWeight,
    /// The complete parameter set, if available and `w` was present.
    params: Unknown<Option<NetParams<u32>>>,
}
/// Recognized weight fields on a single relay in a consensus
///
/// The part of a `w` item that we understand as a client.
#[non_exhaustive]
#[derive(Debug, Clone, Copy)]
pub enum RelayWeight {
    /// An unmeasured weight for a relay.
    Unmeasured(u32),
    /// An measured weight for a relay.
    Measured(u32),
}
/// Error processing a `w` line's netparams into an effective relay weight
#[derive(Debug, Clone, thiserror::Error)]
#[non_exhaustive]
pub enum InvalidRelayWeights {
    /// Invalid value for `Unmeasured`
    #[error("invalid value for Unmeasured")]
    InvalidUnmeasured,
}
/// Authority entry in a consensus - deprecated compatibility type alias
#[deprecated = "renamed to ConsensusAuthorityEntry"]
pub type ConsensusVoterInfo = ConsensusAuthorityEntry;
/// Authority entry in a plain consensus - type alias provided for consistency
pub type PlainAuthorityEntry = ConsensusAuthorityEntry;
/// Authority entry in an md consensus - type alias provided for consistency
pub type MdAuthorityEntry = ConsensusAuthorityEntry;
/// An authority entry as found in a consensus
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#section:authority-entry>
///
/// See also [`VoteAuthorityEntry`]
//
// We don't use the `each_variety` system for this because:
//  1. That avoids separating the two consensus authority entry types, which are identical
//  2. The only common fields are `dir-source` and `contact`, so there is little duplication
#[derive(Debug, Clone, Deftly)]
#[derive_deftly(Constructor, NetdocEncodable, NetdocParseable)]
#[allow(clippy::exhaustive_structs)]
pub struct ConsensusAuthorityEntry {
    /// Contents of the `dir-source` line about an authority
    #[deftly(constructor)]
    pub dir_source: DirSource,
    /// Human-readable contact information about the authority
    //
    // If more non-intro fields get added that are the same in votes and cosensuses,
    // consider using each_variety.rs or breaking those fields out into
    // `AuthorityEntryCommon` implementing `NetdocParseableFields`, or something.
    #[deftly(constructor)]
    pub contact: ContactInfo,
    /// Digest of the vote that the authority cast to contribute to
    /// this consensus.
    ///
    /// This is not a fixed-length, fixed-algorithm field.
    /// Bizarrely, the algorithm is supposed to be inferred from the length!
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:vote-digest>
    #[deftly(netdoc(single_arg))]
    #[deftly(constructor)]
    pub vote_digest: B16U,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// An authority entry as found in a vote
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#section:authority-entry>
///
/// See also [`ConsensusAuthorityEntry`]
#[derive(Debug, Clone, Deftly)]
#[derive_deftly(Constructor, NetdocEncodable, NetdocParseable)]
#[allow(clippy::exhaustive_structs)]
pub struct VoteAuthorityEntry {
    /// Contents of the `dir-source` line about an authority
    #[deftly(constructor)]
    pub dir_source: DirSource,
    /// Human-readable contact information about the authority
    #[deftly(constructor)]
    pub contact: ContactInfo,
    /// `legacy-dir-key` - superseded authority identity key
    ///
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:legacy-dir-key>
    #[deftly(netdoc(single_arg))]
    pub legacy_dir_key: Option<Fingerprint>,
    /// `shared-rand-participate` - Indicate shared random participation
    ///
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-participate>
    pub shared_rand_participate: Option<SharedRandParticipate>,
    /// `shared-rand-commit` - Shared random commitment
    ///
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-commit>
    pub shared_rand_commit: Vec<SharedRandCommit>,
    /// Global shared-random values
    #[deftly(netdoc(flatten))]
    pub shared_rand: SharedRandStatuses,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// `shared-rand-participate` in a vote authority entry
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-participate>
//
// We could have done `shared_rand_participate: Option<()>` in VoteAuthorityEntry,
// but then we might end up with variables of type `&Option<()>` etc.
// whose meaning has been detached from its type.
//
// TODO DIRAUTH rework this according to the API design conclusion from !3977 when there is one
#[derive(Debug, Clone, Deftly)]
#[derive_deftly(Constructor, ItemValueEncodable, ItemValueParseable)]
#[allow(clippy::exhaustive_structs)]
pub struct SharedRandParticipate {
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// `shared-rand-commit` in a vote authority entry
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-commit>
#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Deftly)]
// If new protocols use this item with a different version, we'll call it an API break.
#[allow(clippy::exhaustive_enums)]
pub enum SharedRandCommit {
    /// Version 1, the only one supported
    V1(SharedRandCommitV1),
    /// Other versions.  Cannot be encoded.
    // It's not clear that future versions will use this version mechanism.  torspec#408.
    Unknown {},
}
/// `shared-rand-commit` in a vote authority entry
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:shared-rand-commit>
///
/// Version and hash are not explicitly represented.  See torspec#407.
///
/// `ItemValueEncodable` and `ItemValueParseable` impls do not include the fixed arguments;
/// in a netdoc, this type should be used within `SharedRandCommit::V1`.
#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Deftly)]
#[derive_deftly(Constructor, ItemValueEncodable, ItemValueParseable)]
#[allow(clippy::exhaustive_structs)]
pub struct SharedRandCommitV1 {
    /// Authority id key, recapitulated.
    // TODO this field shouldn't here at all torspec#407
    #[deftly(constructor)]
    h_kp_auth_id_rsa: Fingerprint,
    /// Commitment
    ///
    /// `TIMESTAMP || SHA3_256(REVEAL)`, as per
    /// <https://spec.torproject.org/srv-spec/specification.html#COMMITREVEAL>
    //
    // TOOD we would like to replace this with a type that separates out the pieces!
    // But that would need a FixedB64 generic over some tor-bytes trait, or something.
    #[deftly(constructor)]
    commit: FixedB64<40>,
    /// Reveal
    ///
    /// `TIMESTAMP || random number`, as per
    /// <https://spec.torproject.org/srv-spec/specification.html#COMMITREVEAL>
    reveal: Option<FixedB64<40>>,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
impl SharedRandCommitV1 {
    /// The fixed arguments that precede the actual value in `shared-rand-commit 1 ...`
    const FIXED_ARGUMENTS: &[&str] = &["1", "sha3-256"];
}
impl ItemValueEncodable for SharedRandCommit {
8
    fn write_item_value_onto(&self, mut out: ItemEncoder) -> Result<(), Bug> {
8
        match self {
8
            SharedRandCommit::V1(values) => {
16
                for fixed in SharedRandCommitV1::FIXED_ARGUMENTS {
16
                    out.args_raw_string(fixed);
16
                }
8
                values.write_item_value_onto(out)
            }
            SharedRandCommit::Unknown {} => Err(internal!("encoding SharedRandCommit::Unknown")),
        }
8
    }
}
impl ItemValueParseable for SharedRandCommit {
24
    fn from_unparsed(mut item: UnparsedItem<'_>) -> Result<Self, ErrorProblem> {
24
        let mut fixed = SharedRandCommitV1::FIXED_ARGUMENTS.iter().copied();
24
        let args = item.args_mut();
24
        let version = args
24
            .next()
24
            .ok_or_else(|| args.handle_error("version", ArgumentError::Missing))?;
24
        if version != fixed.next().expect("nonempty") {
            return Ok(SharedRandCommit::Unknown {});
24
        }
24
        for exp in fixed {
24
            let got = args
24
                .next()
24
                .ok_or_else(|| args.handle_error(exp, ArgumentError::Missing))?;
24
            if got != exp {
                return Err(args.handle_error(exp, ArgumentError::Invalid))?;
24
            }
        }
24
        let values = SharedRandCommitV1::from_unparsed(item)?;
24
        Ok(SharedRandCommit::V1(values))
24
    }
}
// For `ConsensusAuthoritySection`, see `dir_source.rs`.
define_derive_deftly! {
    /// Ad-hoc derive, `impl NetdocParseable for VoteAuthoritySection`
    ///
    /// We can't derive from `VoteAuthoritySection` with the normal macros, because
    /// it's not a document, with its own intro item.  It's just a collection of sub-documents.
    /// The netdoc derive macros don't have support for that - and it would be a fairly
    /// confusing thing to support because you'd end up with nested multiplicities and a whole
    /// variety of "intro item keywords" that were keywords for arbitrary sub-documents.
    ///
    /// Instead, we do that ad-hoc here.  It's less confusing because we don't need to
    /// worry about multiplicity, and because we know what only the outer document is
    /// that will contain this.
    VoteAuthoritySection:
    ${defcond F_NORMAL not(fmeta(netdoc(skip)))}
    #[cfg(feature = "incomplete")] // needs EncodedAuthCert, otherwise complete
    impl NetdocParseable for VoteAuthoritySection {
6
        fn doctype_for_error() -> &'static str {
            "vote.authority.section"
        }
942
        fn is_intro_item_keyword(kw: KeywordRef<'_>) -> bool {
            VoteAuthorityEntry::is_intro_item_keyword(kw)
        }
110
        fn is_structural_keyword(kw: KeywordRef<'_>) -> Option<IsStructural> {
          $(
            ${when F_NORMAL}
            if let y @ Some(_) = $ftype::is_structural_keyword(kw) {
                return y;
            }
          )
            None
        }
6
        fn from_items<'s>(
6
            input: &mut ItemStream<'s>,
6
            stop_outer: stop_at!(),
6
        ) -> Result<Self, ErrorProblem> {
            let stop_inner = stop_outer
              $(
                ${when F_NORMAL}
                | StopAt($ftype::is_intro_item_keyword)
              )
            ;
            Ok(VoteAuthoritySection { $(
                ${when F_NORMAL}
                $fname: NetdocParseable::from_items(input, stop_inner)?,
            )
                __non_exhaustive: (),
            })
        }
    }
    #[cfg(feature = "incomplete")]
    impl NetdocEncodable for VoteAuthoritySection {
2
        fn encode_unsigned(&self, out: &mut NetdocEncoder) -> Result<(), Bug> {
          $(
            ${when F_NORMAL}
            self.$fname.encode_unsigned(out)?;
          )
          Ok(())
        }
    }
}
/// An authority section in a vote
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#section:authority>
//
// We have split this out to help encapsulate vote/consensus-specific
// information in a forthcoming overall network status document type.
#[derive(Deftly, Clone, Debug)]
#[derive_deftly(VoteAuthoritySection, Constructor)]
#[allow(clippy::exhaustive_structs)]
#[cfg(feature = "incomplete")] // needs EncodedAuthCert, otherwise complete
pub struct VoteAuthoritySection {
    /// Authority entry
    #[deftly(constructor)]
    pub authority: VoteAuthorityEntry,
    /// Authority key certificate
    #[deftly(constructor)]
    pub cert: EmbeddedCert<AuthCert, EncodedAuthCert>,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// Fields in the footer of a consensus
///
/// <https://spec.torproject.org/dir-spec/consensus-formats.html#section:footer>
///
/// Not the whole footer, because it lacks the `directory-footer` item.
#[derive(Debug, Clone, Deftly)]
#[derive_deftly(Constructor, NetdocEncodableFields, NetdocParseableFields)]
#[allow(clippy::exhaustive_structs)]
pub struct ConsensusFooterFields {
    /// `bandwidth-weights`
    ///
    /// <https://spec.torproject.org/dir-spec/consensus-formats.html#item:bandwidth-weights>
    #[deftly(netdoc(default))]
    pub bandwidth_weights: NetParams<i32>,
    #[doc(hidden)]
    #[deftly(netdoc(skip))]
    pub __non_exhaustive: (),
}
/// A consensus document that lists relays along with their
/// microdescriptor documents.
pub type MdConsensus = md::Consensus;
/// An MdConsensus that has been parsed and checked for timeliness,
/// but not for signatures.
pub type UnvalidatedMdConsensus = md::UnvalidatedConsensus;
/// An MdConsensus that has been parsed but not checked for signatures
/// and timeliness.
pub type UncheckedMdConsensus = md::UncheckedConsensus;
/// A consensus document that lists relays along with their
/// router descriptor documents.
pub type PlainConsensus = plain::Consensus;
/// An PlainConsensus that has been parsed and checked for timeliness,
/// but not for signatures.
pub type UnvalidatedPlainConsensus = plain::UnvalidatedConsensus;
/// An PlainConsensus that has been parsed but not checked for signatures
/// and timeliness.
pub type UncheckedPlainConsensus = plain::UncheckedConsensus;
decl_keyword! {
    /// Keywords that can be used in votes and consensuses.
    // TODO: This is public because otherwise we can't use it in the
    // ParseRouterStatus crate.  But I'd rather find a way to make it
    // private.
    #[non_exhaustive]
    #[allow(missing_docs)]
    pub NetstatusKwd {
        // Header
        "network-status-version" => NETWORK_STATUS_VERSION,
        "vote-status" => VOTE_STATUS,
        "consensus-methods" => CONSENSUS_METHODS,
        "consensus-method" => CONSENSUS_METHOD,
        "published" => PUBLISHED,
        "valid-after" => VALID_AFTER,
        "fresh-until" => FRESH_UNTIL,
        "valid-until" => VALID_UNTIL,
        "voting-delay" => VOTING_DELAY,
        "client-versions" => CLIENT_VERSIONS,
        "server-versions" => SERVER_VERSIONS,
        "known-flags" => KNOWN_FLAGS,
        "flag-thresholds" => FLAG_THRESHOLDS,
        "recommended-client-protocols" => RECOMMENDED_CLIENT_PROTOCOLS,
        "required-client-protocols" => REQUIRED_CLIENT_PROTOCOLS,
        "recommended-relay-protocols" => RECOMMENDED_RELAY_PROTOCOLS,
        "required-relay-protocols" => REQUIRED_RELAY_PROTOCOLS,
        "params" => PARAMS,
        "bandwidth-file-headers" => BANDWIDTH_FILE_HEADERS,
        "bandwidth-file-digest" => BANDWIDTH_FILE_DIGEST,
        // "package" is now ignored.
        // header in consensus, voter section in vote?
        "shared-rand-previous-value" => SHARED_RAND_PREVIOUS_VALUE,
        "shared-rand-current-value" => SHARED_RAND_CURRENT_VALUE,
        // Voter section (both)
        "dir-source" => DIR_SOURCE,
        "contact" => CONTACT,
        // voter section (vote, but not consensus)
        "legacy-dir-key" => LEGACY_DIR_KEY,
        "shared-rand-participate" => SHARED_RAND_PARTICIPATE,
        "shared-rand-commit" => SHARED_RAND_COMMIT,
        // voter section (consensus, but not vote)
        "vote-digest" => VOTE_DIGEST,
        // voter cert beginning (but only the beginning)
        "dir-key-certificate-version" => DIR_KEY_CERTIFICATE_VERSION,
        // routerstatus
        "r" => RS_R,
        "a" => RS_A,
        "s" => RS_S,
        "v" => RS_V,
        "pr" => RS_PR,
        "w" => RS_W,
        "p" => RS_P,
        "m" => RS_M,
        "id" => RS_ID,
        // footer
        "directory-footer" => DIRECTORY_FOOTER,
        "bandwidth-weights" => BANDWIDTH_WEIGHTS,
        "directory-signature" => DIRECTORY_SIGNATURE,
    }
}
/// Shared parts of rules for all kinds of netstatus headers
54
static NS_HEADER_RULES_COMMON_: LazyLock<SectionRulesBuilder<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
54
    let mut rules = SectionRules::builder();
54
    rules.add(NETWORK_STATUS_VERSION.rule().required().args(1..=2));
54
    rules.add(VOTE_STATUS.rule().required().args(1..));
54
    rules.add(VALID_AFTER.rule().required());
54
    rules.add(FRESH_UNTIL.rule().required());
54
    rules.add(VALID_UNTIL.rule().required());
54
    rules.add(VOTING_DELAY.rule().args(2..));
54
    rules.add(CLIENT_VERSIONS.rule());
54
    rules.add(SERVER_VERSIONS.rule());
54
    rules.add(KNOWN_FLAGS.rule().required());
54
    rules.add(RECOMMENDED_CLIENT_PROTOCOLS.rule().args(1..));
54
    rules.add(RECOMMENDED_RELAY_PROTOCOLS.rule().args(1..));
54
    rules.add(REQUIRED_CLIENT_PROTOCOLS.rule().args(1..));
54
    rules.add(REQUIRED_RELAY_PROTOCOLS.rule().args(1..));
54
    rules.add(PARAMS.rule());
54
    rules
54
});
/// Rules for parsing the header of a consensus.
54
static NS_HEADER_RULES_CONSENSUS: LazyLock<SectionRules<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
54
    let mut rules = NS_HEADER_RULES_COMMON_.clone();
54
    rules.add(CONSENSUS_METHOD.rule().args(1..=1));
54
    rules.add(SHARED_RAND_PREVIOUS_VALUE.rule().args(2..));
54
    rules.add(SHARED_RAND_CURRENT_VALUE.rule().args(2..));
54
    rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
54
    rules.build()
54
});
/*
/// Rules for parsing the header of a vote.
static NS_HEADER_RULES_VOTE: SectionRules<NetstatusKwd> = {
    use NetstatusKwd::*;
    let mut rules = NS_HEADER_RULES_COMMON_.clone();
    rules.add(CONSENSUS_METHODS.rule().args(1..));
    rules.add(FLAG_THRESHOLDS.rule());
    rules.add(BANDWIDTH_FILE_HEADERS.rule());
    rules.add(BANDWIDTH_FILE_DIGEST.rule().args(1..));
    rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
    rules
};
/// Rules for parsing a single voter's information in a vote.
static NS_VOTERINFO_RULES_VOTE: SectionRules<NetstatusKwd> = {
    use NetstatusKwd::*;
    let mut rules = SectionRules::new();
    rules.add(DIR_SOURCE.rule().required().args(6..));
    rules.add(CONTACT.rule().required());
    rules.add(LEGACY_DIR_KEY.rule().args(1..));
    rules.add(SHARED_RAND_PARTICIPATE.rule().no_args());
    rules.add(SHARED_RAND_COMMIT.rule().may_repeat().args(4..));
    rules.add(SHARED_RAND_PREVIOUS_VALUE.rule().args(2..));
    rules.add(SHARED_RAND_CURRENT_VALUE.rule().args(2..));
    // then comes an entire cert: When we implement vote parsing,
    // we should use the authcert code for handling that.
    rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
    rules
};
 */
/// Rules for parsing a single voter's information in a consensus
54
static NS_VOTERINFO_RULES_CONSENSUS: LazyLock<SectionRules<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
54
    let mut rules = SectionRules::builder();
54
    rules.add(DIR_SOURCE.rule().required().args(6..));
54
    rules.add(CONTACT.rule().required());
54
    rules.add(VOTE_DIGEST.rule().required());
54
    rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
54
    rules.build()
54
});
/// Shared rules for parsing a single routerstatus
static NS_ROUTERSTATUS_RULES_COMMON_: LazyLock<SectionRulesBuilder<NetstatusKwd>> =
54
    LazyLock::new(|| {
        use NetstatusKwd::*;
54
        let mut rules = SectionRules::builder();
54
        rules.add(RS_A.rule().may_repeat().args(1..));
54
        rules.add(RS_S.rule().required());
54
        rules.add(RS_V.rule());
54
        rules.add(RS_PR.rule().required());
54
        rules.add(RS_W.rule());
54
        rules.add(RS_P.rule().args(2..));
54
        rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
54
        rules
54
    });
/// Rules for parsing a single routerstatus in an NS consensus
2
static NS_ROUTERSTATUS_RULES_PLAIN: LazyLock<SectionRules<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
2
    let mut rules = NS_ROUTERSTATUS_RULES_COMMON_.clone();
2
    rules.add(RS_R.rule().required().args(8..));
2
    rules.build()
2
});
/*
/// Rules for parsing a single routerstatus in a vote
static NS_ROUTERSTATUS_RULES_VOTE: SectionRules<NetstatusKwd> = {
    use NetstatusKwd::*;
        let mut rules = NS_ROUTERSTATUS_RULES_COMMON_.clone();
        rules.add(RS_R.rule().required().args(8..));
        rules.add(RS_M.rule().may_repeat().args(2..));
        rules.add(RS_ID.rule().may_repeat().args(2..)); // may-repeat?
        rules
    };
*/
/// Rules for parsing a single routerstatus in a microdesc consensus
54
static NS_ROUTERSTATUS_RULES_MDCON: LazyLock<SectionRules<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
54
    let mut rules = NS_ROUTERSTATUS_RULES_COMMON_.clone();
54
    rules.add(RS_R.rule().required().args(6..));
54
    rules.add(RS_M.rule().required().args(1..));
54
    rules.build()
54
});
/// Rules for parsing consensus fields from a footer.
54
static NS_FOOTER_RULES: LazyLock<SectionRules<NetstatusKwd>> = LazyLock::new(|| {
    use NetstatusKwd::*;
54
    let mut rules = SectionRules::builder();
54
    rules.add(DIRECTORY_FOOTER.rule().required().no_args());
    // consensus only
54
    rules.add(BANDWIDTH_WEIGHTS.rule());
54
    rules.add(UNRECOGNIZED.rule().may_repeat().obj_optional());
54
    rules.build()
54
});
impl ProtoStatus {
    /// Construct a ProtoStatus from two chosen keywords in a section.
756
    fn from_section(
756
        sec: &Section<'_, NetstatusKwd>,
756
        recommend_token: NetstatusKwd,
756
        required_token: NetstatusKwd,
756
    ) -> crate::Result<ProtoStatus> {
        /// Helper: extract a Protocols entry from an item's arguments.
1512
        fn parse(t: Option<&Item<'_, NetstatusKwd>>) -> crate::Result<Protocols> {
1512
            if let Some(item) = t {
1512
                item.args_as_str()
1512
                    .parse::<Protocols>()
1512
                    .map_err(|e| EK::BadArgument.at_pos(item.pos()).with_source(e))
            } else {
                Ok(Protocols::new())
            }
1512
        }
756
        let recommended = parse(sec.get(recommend_token))?;
756
        let required = parse(sec.get(required_token))?;
756
        Ok(ProtoStatus {
756
            recommended,
756
            required,
756
        })
756
    }
    /// Return the protocols that are listed as "required" in this `ProtoStatus`.
    ///
    /// Implementations may assume that relays on the network implement all the
    /// protocols in the relays' required-protocols list.  Implementations should
    /// refuse to start if they do not implement all the protocols on their own
    /// (client or relay) required-protocols list.
2444
    pub fn required_protocols(&self) -> &Protocols {
2444
        &self.required
2444
    }
    /// Return the protocols that are listed as "recommended" in this `ProtoStatus`.
    ///
    /// Implementations should warn if they do not implement all the protocols
    /// on their own (client or relay) recommended-protocols list.
    pub fn recommended_protocols(&self) -> &Protocols {
        &self.recommended
    }
}
impl<T> std::str::FromStr for NetParams<T>
where
    T: std::str::FromStr,
    T::Err: std::error::Error,
{
    type Err = Error;
17276
    fn from_str(s: &str) -> crate::Result<Self> {
        /// Helper: parse a single K=V pair.
21892
        fn parse_pair<U>(p: &str) -> crate::Result<(String, U)>
21892
        where
21892
            U: std::str::FromStr,
21892
            U::Err: std::error::Error,
        {
21892
            let parts: Vec<_> = p.splitn(2, '=').collect();
21892
            if parts.len() != 2 {
                return Err(EK::BadArgument
                    .at_pos(Pos::at(p))
                    .with_msg("Missing = in key=value list"));
21892
            }
21892
            let num = parts[1].parse::<U>().map_err(|e| {
8
                EK::BadArgument
8
                    .at_pos(Pos::at(parts[1]))
8
                    .with_msg(e.to_string())
8
            })?;
21884
            Ok((parts[0].to_string(), num))
21892
        }
17276
        let params = s
17276
            .split(' ')
34436
            .filter(|p| !p.is_empty())
17276
            .map(parse_pair)
17276
            .try_collect()?;
17268
        Ok(NetParams { params })
17276
    }
}
impl FromStr for SharedRandVal {
    type Err = Error;
4
    fn from_str(s: &str) -> crate::Result<Self> {
4
        let val: B64 = s.parse()?;
4
        let val = SharedRandVal(val.into_array()?);
4
        Ok(val)
4
    }
}
impl Display for SharedRandVal {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        Display::fmt(&B64::from(Vec::from(self.0)), f)
    }
}
impl NormalItemArgument for SharedRandVal {}
impl SharedRandStatus {
    /// Parse a current or previous shared rand value from a given
    /// SharedRandPreviousValue or SharedRandCurrentValue.
6
    fn from_item(item: &Item<'_, NetstatusKwd>) -> crate::Result<Self> {
6
        match item.kwd() {
4
            NetstatusKwd::SHARED_RAND_PREVIOUS_VALUE | NetstatusKwd::SHARED_RAND_CURRENT_VALUE => {}
            _ => {
2
                return Err(Error::from(internal!(
2
                    "wrong keyword {:?} on shared-random value",
2
                    item.kwd()
2
                ))
2
                .at_pos(item.pos()));
            }
        }
4
        let n_reveals: u8 = item.parse_arg(0)?;
4
        let value: SharedRandVal = item.parse_arg(1)?;
        // Added in proposal 342
4
        let timestamp = item.parse_optional_arg::<Iso8601TimeNoSp>(2)?;
4
        Ok(SharedRandStatus {
4
            n_reveals,
4
            value,
4
            timestamp,
4
        })
6
    }
    /// Return the actual shared random value.
1248
    pub fn value(&self) -> &SharedRandVal {
1248
        &self.value
1248
    }
    /// Return the timestamp (if any) associated with this `SharedRandValue`.
3432
    pub fn timestamp(&self) -> Option<std::time::SystemTime> {
3432
        self.timestamp.map(|t| t.0)
3432
    }
}
impl DirSource {
    /// Parse a "dir-source" item
1136
    fn from_item(item: &Item<'_, NetstatusKwd>) -> crate::Result<Self> {
1136
        if item.kwd() != NetstatusKwd::DIR_SOURCE {
            return Err(
                Error::from(internal!("Bad keyword {:?} on dir-source", item.kwd()))
                    .at_pos(item.pos()),
            );
1136
        }
1136
        let nickname = item
1136
            .required_arg(0)?
1136
            .parse()
1136
            .map_err(|e: InvalidNickname| {
                EK::BadArgument.at_pos(item.pos()).with_msg(e.to_string())
            })?;
1136
        let identity = item.parse_arg(1)?;
1136
        let hostname = item
1136
            .required_arg(2)?
1136
            .parse()
1136
            .map_err(|e: InvalidInternetHost| {
                EK::BadArgument.at_pos(item.pos()).with_msg(e.to_string())
            })?;
1136
        let ip = item.parse_arg(3)?;
1136
        let dir_port = item.parse_arg(4)?;
1136
        let or_port = item.parse_arg(5)?;
1136
        Ok(DirSource {
1136
            nickname,
1136
            identity,
1136
            hostname,
1136
            ip,
1136
            dir_port,
1136
            or_port,
1136
            __non_exhaustive: (),
1136
        })
1136
    }
}
impl ConsensusAuthorityEntry {
    /// Parse a single ConsensusAuthorityEntry from a voter info section.
1136
    fn from_section(sec: &Section<'_, NetstatusKwd>) -> crate::Result<ConsensusAuthorityEntry> {
        use NetstatusKwd::*;
        // this unwrap should be safe because if there is not at least one
        // token in the section, the section is unparsable.
        #[allow(clippy::unwrap_used)]
1136
        let first = sec.first_item().unwrap();
1136
        if first.kwd() != DIR_SOURCE {
            return Err(Error::from(internal!(
                "Wrong keyword {:?} at start of voter info",
                first.kwd()
            ))
            .at_pos(first.pos()));
1136
        }
1136
        let dir_source = DirSource::from_item(sec.required(DIR_SOURCE)?)?;
1136
        let contact = sec.required(CONTACT)?;
        // Ideally we would parse_args_as_str but that requires us to
        // impl From<InvalidContactInfo> for crate::Error which is wrong
        // because many it's a footgun which lets you just write ? here
        // resulting in lack of position information.
        // (This is a general problem with the error handling in crate::parse.)
1136
        let contact = contact
1136
            .args_as_str()
1136
            .parse()
1136
            .map_err(|err: InvalidContactInfo| {
                EK::BadArgument
                    .with_msg(err.to_string())
                    .at_pos(contact.pos())
            })?;
1136
        let vote_digest = sec.required(VOTE_DIGEST)?.parse_arg::<B16U>(0)?;
1136
        Ok(ConsensusAuthorityEntry {
1136
            dir_source,
1136
            contact,
1136
            vote_digest,
1136
            __non_exhaustive: (),
1136
        })
1136
    }
}
impl RelayWeightsItem {
    /// Return a new `RelayWeightsItem` containing no information
    ///
    /// As if parsed from a document with no `w` line, discarding unknown information.
2038
    pub fn new_no_info() -> Self {
2038
        RelayWeightsItem {
2038
            effective: RelayWeight::default(),
2038
            params: Unknown::new_discard(),
2038
        }
2038
    }
    /// Return a new `RelayWeightsItem` containing only the effective weight
    pub fn from_effective(effective: RelayWeight) -> Self {
        RelayWeightsItem {
            effective,
            params: Unknown::new_discard(),
        }
    }
    /// Get the effective relay weight (bandwidth estimate) for path selection.
    ///
    /// Invariant: consistent with from [`params`](RelayWeightsItem::params),
    /// if `parsed` isn't [`Discarded`](Unknown::Discarded).
    //
    // We open-code this rather than deriving it so we can provide better docs.
    pub fn effective(&self) -> RelayWeight {
        self.effective
    }
    /// Get the complete parameter set, if this information is available.
    ///
    /// After parsing, this is the parsed but not interpreted `w` item,
    /// or `None` if the document contained no `w` item.
    //
    // We open-code this rather than deriving it because we want to return
    // `Unknown<&...>` rather than `&Unknown<..>`, which the user would just have to .as_ref().
    pub fn params(&self) -> Unknown<&Option<NetParams<u32>>> {
        self.params.as_ref()
    }
    /// Parse a routerweight from a "w" line.
2050
    fn from_item(item: &Item<'_, NetstatusKwd>) -> crate::Result<RelayWeightsItem> {
2050
        if item.kwd() != NetstatusKwd::RS_W {
6
            return Err(
6
                Error::from(internal!("Wrong keyword {:?} on W line", item.kwd()))
6
                    .at_pos(item.pos()),
6
            );
2044
        }
2044
        let params = item.args_as_str().parse()?;
2042
        let effective = RelayWeight::from_net_params(&params).map_err(|e| e.at_pos(item.pos()))?;
2042
        Ok(RelayWeightsItem {
2042
            effective,
2042
            params: Unknown::new_discard(),
2042
        })
2050
    }
    /// The keyword for parsing and encoding
    const KEYWORD: &str = "w";
}
#[cfg(feature = "retain-unknown")]
impl Default for RelayWeightsItem {
    fn default() -> Self {
        RelayWeightsItem {
            effective: RelayWeight::default(),
            params: Unknown::Retained(None),
        }
    }
}
impl RelayWeight {
    /// Return true if this weight is the result of a successful measurement
25750
    pub fn is_measured(&self) -> bool {
25750
        matches!(self, RelayWeight::Measured(_))
25750
    }
    /// Return true if this weight is nonzero
24294
    pub fn is_nonzero(&self) -> bool {
24294
        !matches!(self, RelayWeight::Unmeasured(0) | RelayWeight::Measured(0))
24294
    }
    /// Parse a routerweight from partially-parsed `w` line in the form of a `NetParams`
    ///
    /// This function is the common part shared between `parse2` and `parse`.
2042
    fn from_net_params(params: &NetParams<u32>) -> crate::Result<RelayWeight> {
2042
        params
2042
            .try_into()
2042
            .map_err(|e: InvalidRelayWeights| EK::BadArgument.with_msg(e.to_string()))
2042
    }
}
impl Default for RelayWeight {
2038
    fn default() -> RelayWeight {
2038
        RelayWeight::Unmeasured(0)
2038
    }
}
impl TryFrom<&NetParams<u32>> for RelayWeight {
    type Error = InvalidRelayWeights;
2528
    fn try_from(params: &NetParams<u32>) -> Result<RelayWeight, InvalidRelayWeights> {
2528
        let bw = params.params.get("Bandwidth");
2528
        let unmeas = params.params.get("Unmeasured");
2528
        let bw = match bw {
2
            None => return Ok(RelayWeight::Unmeasured(0)),
2526
            Some(b) => *b,
        };
2526
        match unmeas {
460
            None | Some(0) => Ok(RelayWeight::Measured(bw)),
2066
            Some(1) => Ok(RelayWeight::Unmeasured(bw)),
            _ => Err(InvalidRelayWeights::InvalidUnmeasured),
        }
2528
    }
}
#[cfg(feature = "retain-unknown")]
impl TryFrom<NetParams<u32>> for RelayWeightsItem {
    type Error = InvalidRelayWeights;
    fn try_from(params: NetParams<u32>) -> Result<RelayWeightsItem, InvalidRelayWeights> {
        Ok(RelayWeightsItem {
            effective: (&params).try_into()?,
            params: Unknown::Retained(Some(params)),
        })
    }
}
/// `parse2` impls for types in this modulea
///
/// Separate module for a separate namespace.
mod parse2_impls {
    use super::*;
    pub(super) use parse2::{
        ArgumentError as AE, ArgumentStream, ErrorProblem as EP, ItemArgumentParseable,
        ItemValueParseable, NetdocParseableFields,
    };
    use std::result::Result;
    // The NormalItemArgument bound ensures that this is applied only to sane types eg integers
    impl<T: FromStr + NormalItemArgument> ItemValueParseable for NetParams<T>
    where
        T::Err: std::error::Error,
    {
750
        fn from_unparsed(item: parse2::UnparsedItem<'_>) -> Result<Self, EP> {
750
            item.check_no_object()?;
750
            item.args_copy()
750
                .into_remaining()
750
                .parse()
750
                .map_err(item.invalid_argument_handler("parameters"))
750
        }
    }
    impl NetdocParseableFields for RelayWeightsItem {
        type Accumulator = Option<NetParams<u32>>;
486
        fn is_item_keyword(kw: KeywordRef) -> bool {
486
            kw == Self::KEYWORD
486
        }
486
        fn accumulate_item(acc: &mut Self::Accumulator, item: UnparsedItem) -> Result<(), EP> {
486
            if acc.is_some() {
                return Err(EP::ItemRepeated);
486
            }
486
            item.check_no_object()?;
486
            let params = NetParams::from_unparsed(item)?;
486
            *acc = Some(params);
486
            Ok(())
486
        }
486
        fn finish(params: Self::Accumulator, items: &ItemStream) -> Result<Self, EP> {
486
            let effective = params
486
                .as_ref()
486
                .map(TryFrom::try_from)
486
                .transpose()
486
                .map_err(|_| EP::OtherBadDocument("invalid information in `w` item"))?
486
                .unwrap_or_default();
486
            let params = items.parse_options().retain_unknown_values.map(|()| params);
486
            Ok(RelayWeightsItem { effective, params })
486
        }
    }
    impl ItemValueParseable for rs::SoftwareVersion {
486
        fn from_unparsed(mut item: parse2::UnparsedItem<'_>) -> Result<Self, EP> {
486
            item.check_no_object()?;
486
            item.args_mut()
486
                .into_remaining()
486
                .parse()
486
                .map_err(item.invalid_argument_handler("version"))
486
        }
    }
    impl ItemArgumentParseable for IgnoredPublicationTimeSp {
444
        fn from_args(a: &mut ArgumentStream) -> Result<IgnoredPublicationTimeSp, AE> {
910
            let mut next_arg = || a.next().ok_or(AE::Missing);
444
            let _: &str = next_arg()?;
444
            let _: &str = next_arg()?;
444
            Ok(IgnoredPublicationTimeSp)
444
        }
    }
}
/// `encode` impls for types in this modulea
///
/// Separate module for a separate namespace.
mod encode_impls {
    use super::*;
    use std::result::Result;
    pub(crate) use {
        crate::encode::{ItemEncoder, ItemValueEncodable, NetdocEncodableFields},
        tor_error::Bug,
    };
    #[cfg(feature = "incomplete")] // untested
    impl NetdocEncodableFields for RelayWeightsItem {
42
        fn encode_fields(&self, out: &mut NetdocEncoder) -> Result<(), Bug> {
42
            if let Some(w) = self.params.as_ref().into_retained()? {
42
                w.write_item_value_onto(out.item(Self::KEYWORD))?;
            }
42
            Ok(())
42
        }
    }
    // The NormalItemArgument bound ensures that this is applied only to sane types eg integers
    impl<T: NormalItemArgument + Ord + Display> ItemValueEncodable for NetParams<T> {
74
        fn write_item_value_onto(&self, mut out: ItemEncoder) -> Result<(), Bug> {
208
            for (k, v) in self.iter().collect::<BTreeSet<_>>() {
208
                if k.is_empty()
206
                    || k.chars()
1309
                        .any(|c| c.is_whitespace() || c.is_control() || c == '=')
                {
                    // TODO torspec#401 see TODO in NetParams<T> definition
8
                    return Err(bad_api_usage!(
8
                        "tried to encode NetParms with unreasonable keyword {k:?}"
8
                    ));
200
                }
200
                out.args_raw_string(&format_args!("{k}={v}"));
            }
66
            Ok(())
74
        }
    }
    impl ItemValueEncodable for rs::SoftwareVersion {
42
        fn write_item_value_onto(&self, mut out: ItemEncoder) -> Result<(), Bug> {
42
            out.args_raw_string(self);
42
            Ok(())
42
        }
    }
    impl ItemArgument for IgnoredPublicationTimeSp {
28
        fn write_arg_onto(&self, out: &mut ItemEncoder) -> Result<(), Bug> {
28
            out.args_raw_string(&"2000-01-01 00:00:01");
28
            Ok(())
28
        }
    }
}
impl ConsensusFooterFields {
    /// Parse a directory footer from a footer section.
370
    fn from_section(sec: &Section<'_, NetstatusKwd>) -> crate::Result<ConsensusFooterFields> {
        use NetstatusKwd::*;
370
        sec.required(DIRECTORY_FOOTER)?;
370
        let bandwidth_weights = sec
370
            .maybe(BANDWIDTH_WEIGHTS)
370
            .args_as_str()
370
            .unwrap_or("")
370
            .parse()?;
368
        Ok(ConsensusFooterFields {
368
            bandwidth_weights,
368
            __non_exhaustive: (),
368
        })
370
    }
}
/// `ProtoStatuses` parsing and encoding
///
/// Separate module for separate namespace
mod proto_statuses_parse2_encode {
    use super::encode_impls::*;
    use super::parse2_impls::*;
    use super::*;
    use paste::paste;
    use std::result::Result;
    /// Implements `NetdocParseableFields` for `ProtoStatuses`
    ///
    /// We have this macro so that it's impossible to write things like
    /// ```text
    ///      ProtoStatuses {
    ///          client: ProtoStatus {
    ///              recommended: something something recommended_relay_versions something,
    /// ```
    ///
    /// (The structure of `ProtoStatuses` means the normal parse2 derive won't work for it.
    /// Note the bug above: the recommended *relay* version info is put in the *client* field.
    /// Preventing this bug must involve: avoiding writing twice the field name elements,
    /// such as `relay` and `client`, during this kind of construction/conversion.)
    macro_rules! impl_proto_statuses { { $( $rr:ident $cr:ident; )* } => { paste! {
        #[derive(Deftly)]
        #[derive_deftly(NetdocParseableFields)]
        // Only ProtoStatusesParseNetdocParseAccumulator is exposed.
        #[allow(unreachable_pub)]
        pub struct ProtoStatusesParseHelper {
            $(
                #[deftly(netdoc(default))]
                [<$rr _ $cr _protocols>]: Protocols,
            )*
        }
        /// Partially parsed `ProtoStatuses`
        pub use ProtoStatusesParseHelperNetdocParseAccumulator
            as ProtoStatusesNetdocParseAccumulator;
        impl NetdocParseableFields for ProtoStatuses {
            type Accumulator = ProtoStatusesNetdocParseAccumulator;
86
            fn is_item_keyword(kw: KeywordRef<'_>) -> bool {
86
                ProtoStatusesParseHelper::is_item_keyword(kw)
86
            }
40
            fn accumulate_item(
40
                acc: &mut Self::Accumulator,
40
                item: UnparsedItem<'_>,
40
            ) -> Result<(), EP> {
40
                ProtoStatusesParseHelper::accumulate_item(acc, item)
40
            }
10
            fn finish(acc: Self::Accumulator, items: &ItemStream<'_>) -> Result<Self, EP> {
10
                let parse = ProtoStatusesParseHelper::finish(acc, items)?;
10
                let mut out = ProtoStatuses::default();
                $(
10
                    out.$cr.$rr = parse.[< $rr _ $cr _protocols >];
                )*
10
                Ok(out)
10
            }
        }
        impl NetdocEncodableFields for ProtoStatuses {
6
            fn encode_fields(&self, out: &mut NetdocEncoder) -> Result<(), Bug> {
              $(
6
                self.$cr.$rr.write_item_value_onto(
6
                    out.item(concat!(stringify!($rr), "-", stringify!($cr), "-protocols"))
                )?;
              )*
6
                Ok(())
6
            }
        }
    } } }
    impl_proto_statuses! {
        recommended client;
        recommended relay;
        required client;
        required relay;
    }
}
impl Signature {
    /// Parse a Signature from a directory-signature section
1106
    fn from_item(item: &Item<'_, NetstatusKwd>) -> crate::Result<Signature> {
1106
        if item.kwd() != NetstatusKwd::DIRECTORY_SIGNATURE {
            return Err(Error::from(internal!(
                "Wrong keyword {:?} for directory signature",
                item.kwd()
            ))
            .at_pos(item.pos()));
1106
        }
1106
        let (digest_algo, id_fp, sk_fp) = if item.n_args() > 2 {
            (
1098
                item.required_arg(0)?,
1098
                item.required_arg(1)?,
1098
                item.required_arg(2)?,
            )
        } else {
            // TODO #2530 digest_algo needs to depend on whether SHA1 was stated
8
            ("sha1", item.required_arg(0)?, item.required_arg(1)?)
        };
1106
        let digest_algo = digest_algo.to_string().parse().void_unwrap();
1106
        let digest_algo = DigestAlgoInSignature(Some(digest_algo));
1106
        let id_fingerprint = id_fp.parse::<Fingerprint>()?.into();
1106
        let sk_fingerprint = sk_fp.parse::<Fingerprint>()?.into();
1106
        let key_ids = AuthCertKeyIds {
1106
            id_fingerprint,
1106
            sk_fingerprint,
1106
        };
1106
        let signature = item.obj("SIGNATURE")?;
1106
        Ok(Signature {
1106
            digest_algo,
1106
            key_ids,
1106
            signature,
1106
        })
1106
    }
    /// Return true if this signature has the identity key and signing key
    /// that match a given cert.
830
    fn matches_cert(&self, cert: &AuthCert) -> bool {
830
        cert.key_ids() == self.key_ids
830
    }
    /// If possible, find the right certificate for checking this signature
    /// from among a slice of certificates.
1170
    fn find_cert<'a>(&self, certs: &'a [AuthCert]) -> Option<&'a AuthCert> {
1298
        certs.iter().find(|&c| self.matches_cert(c))
1170
    }
    /// Find the certificate and assemble the pieces ready for verification
    ///
    /// `None` means precisely that we're missing the authcert.
196
    fn signature_to_verify<'r>(
196
        &'r self,
196
        signed_digest: &'r [u8],
196
        certs: &'r [AuthCert],
196
    ) -> Option<ConsensusSignatureToVerify> {
196
        let cert = self.find_cert(certs)?;
140
        let key = cert.signing_key();
140
        Some(ConsensusSignatureToVerify {
140
            key,
140
            signed_digest,
140
            signature: &self.signature,
140
        })
196
    }
}
impl EncodeOrd for Signature {
12
    fn encode_cmp(&self, other: &Self) -> std::cmp::Ordering {
30
        let k: for<'s> fn(&'_ Signature) -> (&'_ _, &'_ _) = |s| (&s.key_ids, &s.signature);
12
        Ord::cmp(&k(self), &k(other))
12
    }
}
/// Signature information in a consensus, to be verified
///
/// Used by callers of [`SignatureGroup::verify_general`],
/// to allow verification to be suppressed if all we wanted to know was
/// whether we have enough signatures and enough authcerts.
//
// TODO DIRAUTH make this module-private when poc is abolished
#[derive(Debug, Clone, Copy)]
pub(crate) struct ConsensusSignatureToVerify<'r> {
    /// KP_auth_sign_rsa
    key: &'r ll::pk::rsa::PublicKey,
    /// The digest (actual RSA signature payload, before PKCS#11 padding)
    signed_digest: &'r [u8],
    /// The RSA signature value
    signature: &'r [u8],
}
/// Token indicating that signature verification has been done, if required
///
/// Prevents accidentally passing an unintended no-op function as
/// `do_verify` to [`SignatureGroup::verify_general`].
///
/// Write `SignatureVerifiedIfIntended {}` to construct this,
/// only in code which has actually done the verification,
/// or code which is deliberately not verifying at all.
pub(crate) struct SignatureVerifiedIfIntended {}
impl<'r> ConsensusSignatureToVerify<'r> {
    /// Verify this signature
    ///
    // TODO DIRAUTH make this module-private when poc is abolished
140
    pub(crate) fn verify(self) -> Result<SignatureVerifiedIfIntended, VerifyFailed> {
140
        self.key.verify(self.signed_digest, self.signature)?;
138
        Ok(SignatureVerifiedIfIntended {})
140
    }
}
/// How `verify_general` should decide who is a trusted authority
///
/// Don't use this for other purposes
#[derive(Debug, Clone, Copy)]
pub(crate) enum VerifyGeneralTrustedAuthorities<'r> {
    /// Trust these authorities.
    TrustThese {
        /// The HKP_auth_id_rsa
        trusted: &'r [RsaIdentity],
    },
    /// Document is a a vote, so OK if signed by any one of the listed authorities
    AnyOneOfThese {
        /// The HKP_auth_id_rsa
        trusted: &'r [RsaIdentity],
    },
    /// For the benefit of `SignatureGroup::validate`, used by the old parser, only
    ///
    /// Every `AuthCert` passed to `verify_general` is a real authority (!)
    /// (But not necessarily a different one!)
    HazardouslyAssumeAllAuthCertsAreReal {
        /// Total number of authorities that we trust
        ///
        /// Used only to calculate the threshold
        n_authorities: usize,
    },
}
/// Return the minimum number of authorities that we need signatures from
///
/// Enough is strictly more than half.
///
/// The returned value is a [`RangeFrom`](std::ops::RangeFrom), ie an inclusive range.
/// Its `start` value is the minimum acceptable number of authorities
/// from whom we have good signatures.
///
/// Should usually be followed by
/// [`.contains`](std::ops::RangeFrom::contains)`(&actual_number)`.
///
/// # Example
///
/// ```
/// use tor_netdoc::{doc::netstatus::consensus_threshold, parse2::VerifyFailed};
/// # fn main() -> Result<(), VerifyFailed> {
///
/// let n_trusted_authorities = 3;
/// let n_good_signatures_from_different_authorities = 2;
///
/// if consensus_threshold(n_trusted_authorities)
///      .contains(&n_good_signatures_from_different_authorities)
/// {
///     Ok(())
/// } else {
///     Err(VerifyFailed::InsufficientTrustedSigners)
/// }
/// # }
/// ```
660
pub fn consensus_threshold(n_authorities: usize) -> std::ops::RangeFrom<usize> {
660
    (n_authorities / 2) + 1 // strict majority
660
        ..
660
}
impl SignatureGroup {
    // TODO: these functions are pretty similar and could probably stand to be
    // refactored a lot.
    /// Helper: Return a pair of the number of possible authorities'
    /// signatures in this object for which we _could_ find certs, and
    /// a list of the signatures we couldn't find certificates for.
324
    fn list_missing(&self, certs: &[AuthCert]) -> (usize, Vec<&Signature>) {
324
        let mut ok: HashSet<RsaIdentity> = HashSet::new();
324
        let mut missing = Vec::new();
974
        for sig in &self.signatures {
974
            let id_fingerprint = &sig.key_ids.id_fingerprint;
974
            if ok.contains(id_fingerprint) {
                continue;
974
            }
974
            if sig.find_cert(certs).is_some() {
180
                ok.insert(*id_fingerprint);
180
                continue;
794
            }
794
            missing.push(sig);
        }
324
        (ok.len(), missing)
324
    }
    /// Given a list of authority identity key fingerprints, return true if
    /// this signature group is _potentially_ well-signed according to those
    /// authorities.
270
    fn could_validate(&self, authorities: &[&RsaIdentity]) -> bool {
270
        let mut signed_by: HashSet<RsaIdentity> = HashSet::new();
814
        for sig in &self.signatures {
814
            let id_fp = &sig.key_ids.id_fingerprint;
814
            if signed_by.contains(id_fp) {
                // Already found this in the list.
                continue;
814
            }
814
            if authorities.contains(&id_fp) {
434
                signed_by.insert(*id_fp);
434
            }
        }
270
        consensus_threshold(authorities.len()).contains(&signed_by.len())
270
    }
    /// Return true if the signature group defines a valid signature.
    ///
    /// A signature is valid if it signed by more than half of the
    /// authorities.  This API requires that `n_authorities` is the number of
    /// authorities we believe in, and that every cert in `certs` belongs
    /// to a real authority.
58
    fn validate(&self, n_authorities: usize, certs: &[AuthCert]) -> Result<(), VerifyFailed> {
        // TODO we ought to take the set of trusted authorities as an argument,
        // rather than use VGTA::HazardouslyAssumeAllAuthCertsAreReal.
58
        self.verify_general(
58
            VerifyGeneralTrustedAuthorities::HazardouslyAssumeAllAuthCertsAreReal { n_authorities },
58
            certs,
120
            |tv| tv.verify(),
        )
58
    }
    /// Check signatures (maybe), but not timeliness
    ///
    /// Examines the signatures and collates them with authcerts.
    /// Performs the necessary consensus signature verifications, via `do_verify`.
    ///
    /// If there are not enough authcerts or not enough signatures,
    /// throws a `ConsensusVerifiabilityError`.
    ///
    /// Differs from [`SignatureGroup::validate`]:
    ///
    ///  * Intended also for use with types from parse2.
    ///
    ///  * Yields information about missing authcerts directly in the return value,
    ///    and can be used without actually doing the verification,
    ///    so there's no need for a separate "which certs are we missing" function.
    ///
    ///  * Threshold is passed as a parameter (wanted for votes).
    ///
    ///  * Ability to check authority identities, by passing `trusted_authorities`.
    ///    (done with `authorities_are_correct` in old parser,
    ///    apparently with no engineered safeguard against consensus user omitting to do so).
    ///
    ///    **If `trusted_authorities` is None, all authorities in `certs` are treated as trusted**.
    ///
    ///  * Returns `Result`, not a boolean
    ///
    ///  * We prefer the term `verify` to `validate`.  All this does is signature verification.
    ///
    // TODO DIRAUTH make this module-private when poc is abolished
66
    pub(crate) fn verify_general<E>(
66
        &self,
66
        trusted_authorities: VerifyGeneralTrustedAuthorities,
66
        certs: &[AuthCert],
66
        do_verify: impl Fn(ConsensusSignatureToVerify) -> Result<SignatureVerifiedIfIntended, E>,
66
    ) -> Result<(), E>
66
    where
66
        ConsensusVerifiabilityError: Into<E>,
    {
        use VerifyGeneralTrustedAuthorities as TA;
        // A set of the authorities (by identity) who have have signed
        // this document.  We use a set here in case `certs` has more
        // than one certificate for a single authority.
66
        let mut ok: HashSet<RsaIdentity> = HashSet::new();
66
        let mut missing = HashSet::new();
66
        let mut verify_failed = Ok(());
196
        for sig in &self.signatures {
            // Exhaustive pattern makes it hard to accidentally ignore a field.
            let Signature {
196
                digest_algo,
                key_ids:
                    AuthCertKeyIds {
196
                        id_fingerprint,
                        // h_kp_auth_sign_rsa, which Signature::check_signature
                        // checks against the authcert.
                        sk_fingerprint: _,
                    },
                // Used by Signature::check_signature
                signature: _,
196
            } = sig;
196
            match trusted_authorities {
16
                TA::TrustThese { trusted } | TA::AnyOneOfThese { trusted } => {
20
                    if !trusted.contains(id_fingerprint) {
                        continue;
20
                    }
                }
176
                TA::HazardouslyAssumeAllAuthCertsAreReal { .. } => {
176
                    // OK then!
176
                }
            }
196
            if ok.contains(id_fingerprint) {
                // We already checked at least one signature using this
                // authority's identity fingerprint.
                continue;
196
            }
196
            let Some(d) = self.hashes.hash_slice_for_verification(digest_algo) else {
                // We don't support this kind of digest for this kind
                // of document.
                continue;
            };
196
            let Some(tv) = sig.signature_to_verify(d, certs) else {
56
                missing.insert(sig.key_ids);
56
                continue;
            };
140
            match do_verify(tv) {
138
                Ok::<SignatureVerifiedIfIntended, _>(_) => {
138
                    ok.insert(*id_fingerprint);
138
                }
2
                Err(e) => {
2
                    verify_failed = Err(e);
2
                }
            }
        }
66
        let n_authorities = match trusted_authorities {
4
            TA::TrustThese { trusted } => trusted.len(),
58
            TA::HazardouslyAssumeAllAuthCertsAreReal { n_authorities: n } => n,
            TA::AnyOneOfThese { .. } => {
                // strict majority of 1 is 1, so n_authorites being 1 leads to threshold of 1
                // (doing it this way avoids having both thresholds and authority counts
                // in the same code area, which might lead to confusing one with the other.
4
                1
            }
        };
66
        let threshold = consensus_threshold(n_authorities);
66
        if threshold.contains(&ok.len()) {
62
            Ok(())
        } else {
            // Throw the verification error if any of the verifications failed
4
            verify_failed?;
            // Otherwise report that we're missing certs and/or signers
2
            Err(if missing.is_empty() {
                ConsensusVerifiabilityError::InsufficientTrustedSigners
            } else {
2
                let deficit = threshold.start - ok.len();
2
                ConsensusVerifiabilityError::MissingAuthCerts { missing, deficit }
            }
2
            .into())
        }
66
    }
}
impl From<ConsensusVerifiabilityError> for VerifyFailed {
2
    fn from(cve: ConsensusVerifiabilityError) -> VerifyFailed {
        use ConsensusVerifiabilityError as CVE;
        use VerifyFailed as VF;
2
        match cve {
            CVE::InsufficientTrustedSigners => VF::InsufficientTrustedSigners,
2
            CVE::MissingAuthCerts { .. } => VF::InsufficientTrustedSigners,
        }
2
    }
}
impl From<ConsensusVerifyFailed> for VerifyFailed {
    fn from(cvf: ConsensusVerifyFailed) -> VerifyFailed {
        use ConsensusVerifyFailed as CVF;
        use VerifyFailed as VF;
        match cvf {
            CVF::CertificationInsufficient { .. } => VF::InsufficientTrustedSigners,
            CVF::InvalidSignature { .. } => VF::VerifyFailed,
        }
    }
}
#[cfg(test)]
mod test {
    // @@ begin test lint list maintained by maint/add_warning @@
    #![allow(clippy::bool_assert_comparison)]
    #![allow(clippy::clone_on_copy)]
    #![allow(clippy::dbg_macro)]
    #![allow(clippy::mixed_attributes_style)]
    #![allow(clippy::print_stderr)]
    #![allow(clippy::print_stdout)]
    #![allow(clippy::single_char_pattern)]
    #![allow(clippy::unwrap_used)]
    #![allow(clippy::unchecked_time_subtraction)]
    #![allow(clippy::useless_vec)]
    #![allow(clippy::needless_pass_by_value)]
    #![allow(clippy::string_slice)] // See arti#2571
    //! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
    use super::*;
    use crate::doc::authcert::AuthCertUnverified;
    use crate::encode::{NetdocEncodable, NetdocEncodableFields};
    use crate::parse2::{ParseInput, parse_netdoc, parse_netdoc_multiple};
    use crate::util::regsub;
    use anyhow::Context as _;
    use assert_matches::assert_matches;
    use hex_literal::hex;
    use humantime::parse_rfc3339;
    use std::fmt::Debug;
    use std::fs;
    use std::time::Duration;
    use tor_checkable::Timebound;
    const CERTS: &str = include_str!("../../testdata/authcerts2.txt");
    const CONSENSUS: &str = include_str!("../../testdata/mdconsensus1.txt");
    const PLAIN_CERTS: &str = include_str!("../../testdata2/cached-certs");
    const PLAIN_CONSENSUS: &str = include_str!("../../testdata2/cached-consensus");
    fn read_bad(fname: &str) -> String {
        use std::fs;
        use std::path::PathBuf;
        let mut path = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
        path.push("testdata");
        path.push("bad-mdconsensus");
        path.push(fname);
        fs::read_to_string(path).unwrap()
    }
    #[test]
    fn parse_and_validate_md() -> crate::Result<()> {
        use std::net::SocketAddr;
        use tor_checkable::{SelfSigned, Timebound};
        let mut certs = Vec::new();
        for cert in AuthCert::parse_multiple(CERTS)? {
            let cert = cert?.check_signature()?.dangerously_assume_timely();
            certs.push(cert);
        }
        let auth_ids: Vec<_> = certs.iter().map(|c| c.id_fingerprint()).collect();
        assert_eq!(certs.len(), 3);
        let (_, _, consensus) = MdConsensus::parse(CONSENSUS)?;
        let consensus = consensus.dangerously_assume_timely().set_n_authorities(3);
        // The set of authorities we know _could_ validate this cert.
        assert!(consensus.authorities_are_correct(&auth_ids));
        // A subset would also work.
        assert!(consensus.authorities_are_correct(&auth_ids[0..1]));
        {
            // If we only believe in an authority that isn't listed,
            // that won't work.
            let bad_auth_id = (*b"xxxxxxxxxxxxxxxxxxxx").into();
            assert!(!consensus.authorities_are_correct(&[&bad_auth_id]));
        }
        let missing = consensus.key_is_correct(&[]).err().unwrap();
        assert_eq!(3, missing.len());
        assert!(consensus.key_is_correct(&certs).is_ok());
        let missing = consensus.key_is_correct(&certs[0..1]).err().unwrap();
        assert_eq!(2, missing.len());
        // here is a trick that had better not work.
        let same_three_times = vec![certs[0].clone(), certs[0].clone(), certs[0].clone()];
        let missing = consensus.key_is_correct(&same_three_times).err().unwrap();
        assert_eq!(2, missing.len());
        assert!(consensus.is_well_signed(&same_three_times).is_err());
        assert!(consensus.key_is_correct(&certs).is_ok());
        let consensus = consensus.check_signature(&certs)?;
        assert_eq!(6, consensus.relays().len());
        let r0 = &consensus.relays()[0];
        assert_eq!(
            r0.md_digest(),
            &hex!("73dabe0a0468f4f7a67810a18d11e36731bb1d2ec3634db459100609f3b3f535")
        );
        assert_eq!(
            r0.rsa_identity().as_bytes(),
            &hex!("0a3057af2910415794d8ea430309d9ac5f5d524b")
        );
        assert!(!r0.weight().is_measured());
        assert!(!r0.weight().is_nonzero());
        let pv = &r0.protovers();
        assert!(pv.supports_subver("HSDir", 2));
        assert!(!pv.supports_subver("HSDir", 3));
        let ip4 = "127.0.0.1:5002".parse::<SocketAddr>().unwrap();
        let ip6 = "[::1]:5002".parse::<SocketAddr>().unwrap();
        assert!(r0.addrs().any(|a| a == ip4));
        assert!(r0.addrs().any(|a| a == ip6));
        Ok(())
    }
    #[test]
    fn parse_and_validate_ns() -> crate::Result<()> {
        use tor_checkable::{SelfSigned, Timebound};
        let mut certs = Vec::new();
        for cert in AuthCert::parse_multiple(PLAIN_CERTS)? {
            let cert = cert?.check_signature()?.dangerously_assume_timely();
            certs.push(cert);
        }
        let auth_ids: Vec<_> = certs.iter().map(|c| c.id_fingerprint()).collect();
        assert_eq!(certs.len(), 4);
        let (_, _, consensus) = PlainConsensus::parse(PLAIN_CONSENSUS)?;
        let consensus = consensus.dangerously_assume_timely().set_n_authorities(3);
        // The set of authorities we know _could_ validate this cert.
        assert!(consensus.authorities_are_correct(&auth_ids));
        // A subset would also work.
        assert!(consensus.authorities_are_correct(&auth_ids[0..1]));
        assert!(consensus.key_is_correct(&certs).is_ok());
        let _consensus = consensus.check_signature(&certs)?;
        Ok(())
    }
    #[test]
    fn test_bad() {
        use crate::Pos;
        fn check(fname: &str, e: &Error) {
            let content = read_bad(fname);
            let res = MdConsensus::parse(&content);
            assert!(res.is_err());
            assert_eq!(&res.err().unwrap(), e);
        }
        check(
            "bad-flags",
            &EK::BadArgument
                .at_pos(Pos::from_line(27, 1))
                .with_msg("Flags out of order"),
        );
        check(
            "bad-md-digest",
            &EK::BadArgument
                .at_pos(Pos::from_line(40, 3))
                .with_msg("Invalid base64"),
        );
        check(
            "bad-weight",
            &EK::BadArgument
                .at_pos(Pos::from_line(67, 141))
                .with_msg("invalid digit found in string"),
        );
        check(
            "bad-weights",
            &EK::BadArgument
                .at_pos(Pos::from_line(51, 13))
                .with_msg("invalid digit found in string"),
        );
        check(
            "wrong-order",
            &EK::WrongSortOrder.at_pos(Pos::from_line(52, 1)),
        );
        check(
            "wrong-start",
            &EK::UnexpectedToken
                .with_msg("vote-status")
                .at_pos(Pos::from_line(1, 1)),
        );
        check("wrong-version", &EK::BadDocumentVersion.with_msg("10"));
    }
    fn gettok(s: &str) -> crate::Result<Item<'_, NetstatusKwd>> {
        let mut reader = NetDocReader::new(s)?;
        let tok = reader.next().unwrap();
        assert!(reader.next().is_none());
        tok
    }
    #[test]
    fn test_weight() {
        let w = gettok("w Unmeasured=1 Bandwidth=6\n").unwrap();
        let w = RelayWeightsItem::from_item(&w).unwrap();
        assert!(!w.effective.is_measured());
        assert!(w.effective.is_nonzero());
        let w = gettok("w Bandwidth=10\n").unwrap();
        let w = RelayWeightsItem::from_item(&w).unwrap();
        assert!(w.effective.is_measured());
        assert!(w.effective.is_nonzero());
        let w = RelayWeightsItem::new_no_info();
        assert!(!w.effective.is_measured());
        assert!(!w.effective.is_nonzero());
        let w = gettok("w Mustelid=66 Cheato=7 Unmeasured=1\n").unwrap();
        let w = RelayWeightsItem::from_item(&w).unwrap();
        assert!(!w.effective.is_measured());
        assert!(!w.effective.is_nonzero());
        let w = gettok("r foo\n").unwrap();
        let w = RelayWeightsItem::from_item(&w);
        assert!(w.is_err());
        let w = gettok("r Bandwidth=6 Unmeasured=Frog\n").unwrap();
        let w = RelayWeightsItem::from_item(&w);
        assert!(w.is_err());
        let w = gettok("r Bandwidth=6 Unmeasured=3\n").unwrap();
        let w = RelayWeightsItem::from_item(&w);
        assert!(w.is_err());
    }
    #[test]
    fn test_netparam() {
        let p = "Hello=600 Goodbye=5 Fred=7"
            .parse::<NetParams<u32>>()
            .unwrap();
        assert_eq!(p.get("Hello"), Some(&600_u32));
        let p = "Hello=Goodbye=5 Fred=7".parse::<NetParams<u32>>();
        assert!(p.is_err());
        let p = "Hello=Goodbye Fred=7".parse::<NetParams<u32>>();
        assert!(p.is_err());
        for bad_kw in ["What=The", "", "\n", "\0"] {
            let p = [(bad_kw, 42)].into_iter().collect::<NetParams<i32>>();
            let mut d = NetdocEncoder::new();
            let d = (|| {
                let i = d.item("bad-psrams");
                p.write_item_value_onto(i)?;
                d.finish()
            })();
            let _: tor_error::Bug = d.expect_err(bad_kw);
        }
    }
    #[test]
    fn test_sharedrand() {
        let sr =
            gettok("shared-rand-previous-value 9 5LodY4yWxFhTKtxpV9wAgNA9N8flhUCH0NqQv1/05y4\n")
                .unwrap();
        let sr = SharedRandStatus::from_item(&sr).unwrap();
        assert_eq!(sr.n_reveals, 9);
        assert_eq!(
            sr.value.0,
            hex!("e4ba1d638c96c458532adc6957dc0080d03d37c7e5854087d0da90bf5ff4e72e")
        );
        assert!(sr.timestamp.is_none());
        let sr2 = gettok(
            "shared-rand-current-value 9 \
                    5LodY4yWxFhTKtxpV9wAgNA9N8flhUCH0NqQv1/05y4 2022-01-20T12:34:56\n",
        )
        .unwrap();
        let sr2 = SharedRandStatus::from_item(&sr2).unwrap();
        assert_eq!(sr2.n_reveals, sr.n_reveals);
        assert_eq!(sr2.value.0, sr.value.0);
        assert_eq!(
            sr2.timestamp.unwrap().0,
            humantime::parse_rfc3339("2022-01-20T12:34:56Z").unwrap()
        );
        let sr = gettok("foo bar\n").unwrap();
        let sr = SharedRandStatus::from_item(&sr);
        assert!(sr.is_err());
    }
    #[test]
    fn test_protostatus() {
        let my_protocols: Protocols = "Link=7 Cons=1-5 Desc=3-10".parse().unwrap();
        let outcome = ProtoStatus {
            recommended: "Link=7".parse().unwrap(),
            required: "Desc=5".parse().unwrap(),
        }
        .check_protocols(&my_protocols);
        assert!(outcome.is_ok());
        let outcome = ProtoStatus {
            recommended: "Microdesc=4 Link=7".parse().unwrap(),
            required: "Desc=5".parse().unwrap(),
        }
        .check_protocols(&my_protocols);
        assert_eq!(
            outcome,
            Err(ProtocolSupportError::MissingRecommended(
                "Microdesc=4".parse().unwrap()
            ))
        );
        let outcome = ProtoStatus {
            recommended: "Microdesc=4 Link=7".parse().unwrap(),
            required: "Desc=5 Cons=5-12 Wombat=15".parse().unwrap(),
        }
        .check_protocols(&my_protocols);
        assert_eq!(
            outcome,
            Err(ProtocolSupportError::MissingRequired(
                "Cons=6-12 Wombat=15".parse().unwrap()
            ))
        );
    }
    #[test]
    fn serialize_protostatus() {
        let ps = ProtoStatuses {
            client: ProtoStatus {
                recommended: "Link=1-5 LinkAuth=2-5".parse().unwrap(),
                required: "Link=5 LinkAuth=3".parse().unwrap(),
            },
            relay: ProtoStatus {
                recommended: "Wombat=20-30 Knish=20-30".parse().unwrap(),
                required: "Wombat=20-22 Knish=25-27".parse().unwrap(),
            },
        };
        let json = serde_json::to_string(&ps).unwrap();
        let ps2 = serde_json::from_str(json.as_str()).unwrap();
        assert_eq!(ps, ps2);
        let ps3: ProtoStatuses = serde_json::from_str(
            r#"{
            "client":{
                "required":"Link=5 LinkAuth=3",
                "recommended":"Link=1-5 LinkAuth=2-5"
            },
            "relay":{
                "required":"Wombat=20-22 Knish=25-27",
                "recommended":"Wombat=20-30 Knish=20-30"
            }
        }"#,
        )
        .unwrap();
        assert_eq!(ps, ps3);
    }
    // TODO DIRAUTH test parse2 consensus verify functions
    #[test]
    #[cfg(feature = "incomplete")]
    fn verify_error_netstatus_vote() -> Result<(), anyhow::Error> {
        use VerifyFailed as VF;
        use VoteVerifyFailed as VVF;
        use vote::NetworkStatusUnverified as UV;
        let file = "testdata2/v3-status-votes--1";
        let text = fs::read_to_string(file).with_context(|| file.to_owned())?;
        let input = ParseInput::new(&text, file);
        let doc: UV = parse_netdoc(&input)?;
        let trusted = [doc.peek_alleged_authority()];
        let edit_body = |f: &dyn Fn(&mut _)| {
            let (mut body, sigs) = doc.clone().unwrap_unverified();
            f(&mut body);
            UV::from_parts(body, sigs)
        };
        // sabotage the overall signature
        {
            let mut doc = doc.clone();
            for b in &mut doc.sigs.sigs.directory_signature.signature {
                *b = 0xff;
            }
            assert_matches! {
                doc.verify(&trusted),
                Err(VVF::InvalidSignature(VF::VerifyFailed))
            }
        }
        // wrong authority
        {
            let doc = doc.clone();
            assert_matches! {
                doc.verify(&[[0x55; _].into()]),
                Err(VVF::InvalidSignature(VF::InsufficientTrustedSigners))
            }
        }
        // authcert is for a different authority
        {
            let doc = edit_body(&|body| {
                body.authority.authority.dir_source.identity.0 = [0x55; _].into();
            });
            assert_matches! {
                doc.verify(&trusted),
                Err(VVF::AuthCertWrongAuthority)
            }
        }
        // authcert is from a different time
        let with_mutated_lifetime = |f: &dyn Fn(&mut Lifetime)| {
            let doc = edit_body(&|body| f(&mut body.preamble.lifetime));
            assert_matches! {
                doc.verify(&trusted),
                Err(VVF::AuthCertWrongValidity(_))
            }
        };
        let t_past = parse_rfc3339("1990-01-01T00:02:25Z")?;
        let t_future = parse_rfc3339("2010-01-01T00:02:25Z")?;
        with_mutated_lifetime(&|lifetime| lifetime.valid_after.0 = t_future);
        with_mutated_lifetime(&|lifetime| lifetime.fresh_until.0 = t_past);
        with_mutated_lifetime(&|lifetime| lifetime.valid_until.0 = t_past);
        // syntactically invalid authcert
        {
            let mut text = text.clone();
            regsub(&mut text, "^dir-key-expires ", "dir-key-expires-SABOTAGED ");
            let input = ParseInput::new(&text, file);
            let doc: UV = parse_netdoc(&input)?;
            assert_matches! {
                doc.verify(&trusted),
                Err(VVF::AuthCertParseError(..))
            }
        }
        Ok(())
    }
    /// Check that a network document can be parsed and regenerated, mostly identically
    ///
    /// The regenerated encoded form doesn't need to be 100% identical:
    /// it is compared with a *munged* version of the the original input file,
    /// to cope with differences between C Tor and Arti.
    ///
    /// The mungings are:
    ///
    ///  * Some fields' syntax are adjusted, where C Tor and Arti disagree
    ///    in all kinds of network document.
    ///
    ///  * Document-specific, [`MungeForRoundtrip::adjust_exp`]
    #[cfg(feature = "incomplete")]
    fn roundtrip_netstatus<UV, V, VE>(
        // TODO DIRAUTH use include_str!, so, at call sites
        // https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/4121#note_3428675
        file: &str,
        verify: impl FnOnce(UV, &[RsaIdentity], &[AuthCert]) -> Result<TimerangeBound<V>, VE>,
        adjust_now: Duration,
    ) -> anyhow::Result<()>
    where
        UV: NetdocParseable + NetdocParseableUnverified + MungeForRoundtrip,
        UV::Signatures: Clone + Debug + NetdocEncodableFields,
        VE: Debug + std::error::Error + Send + Sync + 'static,
        V: Debug + NetdocEncodable,
    {
        let text = fs::read_to_string(file).with_context(|| file.to_owned())?;
        let now = parse_rfc3339("2000-01-01T00:02:25Z")? + adjust_now;
        let mut input = ParseInput::new(&text, file);
        input.retain_unknown_values();
        let doc: UV = parse_netdoc(&input)?;
        let certs = {
            let file = "testdata2/cached-certs";
            let text = fs::read_to_string(file)?;
            let input = ParseInput::new(&text, file);
            let certs: Vec<AuthCertUnverified> = parse_netdoc_multiple(&input)?;
            certs
                .into_iter()
                .map(|cert| cert.verify_selfcert(now))
                .collect::<Result<Vec<AuthCert>, _>>()?
        };
        let sigs = doc.inspect_unverified().1.sigs.clone();
        let doc = verify(
            doc,
            &certs.iter().map(|cert| *cert.fingerprint).collect_vec(),
            &certs,
        )?
        .check_valid_at(&now)?;
        println!("{doc:?}");
        let mut enc = NetdocEncoder::new();
        doc.encode_unsigned(&mut enc)?;
        sigs.encode_fields(&mut enc)?;
        let enc = enc.finish()?;
        let mut exp: String = text.clone();
        // TODO DIRAUTH torspec!507 C Tor emits padded base64 in shared-rand-* items.
        regsub(
            //
            &mut exp,
            r#"^(shared-rand-.*)$"#,
            |c: &regex::Captures| {
                let mut s = c[1].to_owned();
                regsub(&mut s, r#"="#, "");
                s
            },
        );
        let mut regsub = |re, repl| regsub(&mut exp, re, repl);
        // C Tor writes empty versions lines with trailing space
        regsub(
            //
            r#"^((?:client|server)-versions) $"#,
            "$1",
        );
        // C Tor emits `m` in varying places: after `a` in votes,
        // and at the end of each routerstatus in md consensuses.
        // We emit it at the start of each routerstatus, right after `r`.
        regsub(
            r#"(?x)
                   ( ^    r\ .* \n     )  #  ( r  )  $1, part before where we want to put m's
                   ( (?:     .* \n )*? )  #  (.*? )  $2, the rest, before the m's
                   ( (?:  m\ .* \n )+  )  #  ( m+ )  $3, one or more m's
            "#,
            r#"$1$3$2"#,
        );
        UV::adjust_exp(&mut exp);
        assert_eq_or_diff!(&exp, &enc);
        Ok(())
    }
    trait MungeForRoundtrip {
        /// Munge `s` so that it resembles the output of C Tor
        fn adjust_exp(exp: &mut String);
    }
    /// Test that we can re-encode the consensus we parsed, and that we get the same thing back.
    ///
    /// Well, roughly the same thing.
    //
    // TODO DIRAUTH want more comprehensive test; testdata2's netstatus lacks many things
    #[cfg(feature = "incomplete")]
    #[test]
    fn roundtrip_netstatus_plain() -> anyhow::Result<()> {
        roundtrip_netstatus::<plain::NetworkStatusUnverified, _, _>(
            "testdata2/cached-consensus",
            plain::NetworkStatusUnverified::verify,
            Duration::ZERO,
        )
    }
    #[cfg(feature = "incomplete")]
    impl MungeForRoundtrip for plain::NetworkStatusUnverified {
        fn adjust_exp(exp: &mut String) {
            let mut regsub = |re, repl| regsub(exp, re, repl);
            // We emit the optional `ns`
            // https://spec.torproject.org/dir-spec/consensus-formats.html#item:network-status-version
            regsub(
                r#"^network-status-version 3$"#,
                "network-status-version 3 ns",
            );
            // C Tor writes nontrivial values for `publication` in rs `r` items,
            // but we use a fixed string.
            // https://spec.torproject.org/dir-spec/consensus-formats.html#item:r
            regsub(
                r#"^(r \S+ \S+ \S+) \d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}"#,
                "$1 2000-01-01 00:00:01",
            );
        }
    }
    #[cfg(feature = "incomplete")]
    #[test]
    fn roundtrip_netstatus_md() -> anyhow::Result<()> {
        roundtrip_netstatus::<md::NetworkStatusUnverified, _, _>(
            "testdata2/cached-microdesc-consensus",
            md::NetworkStatusUnverified::verify,
            Duration::ZERO,
        )
    }
    #[cfg(feature = "incomplete")]
    impl MungeForRoundtrip for md::NetworkStatusUnverified {
        fn adjust_exp(exp: &mut String) {
            let mut regsub = |re, repl| regsub(exp, re, repl);
            // C Tor writes nontrivial values for `publication` in rs `r` items,
            // but we use a fixed string.
            // https://spec.torproject.org/dir-spec/consensus-formats.html#item:r
            //
            // Not the same as in plain consensus: one fewer fields!
            regsub(
                r#"^(r \S+ \S+) \d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}"#,
                "$1 2000-01-01 00:00:01",
            );
        }
    }
    #[cfg(feature = "incomplete")]
    #[test]
    fn roundtrip_netstatus_vote() -> anyhow::Result<()> {
        roundtrip_netstatus::<vote::NetworkStatusUnverified, _, _>(
            "testdata2/v3-status-votes--1",
            |doc, trusted, _| vote::NetworkStatusUnverified::verify(doc, trusted),
            Duration::from_secs(20),
        )
    }
    #[cfg(feature = "incomplete")]
    impl MungeForRoundtrip for vote::NetworkStatusUnverified {
        fn adjust_exp(exp: &mut String) {
            // C Tor writes items in consensuses a different order to in votes!
            // C Tor writes different stats items with different floating point formats!
            let stats_massage_entry = |e: &str| {
                let mut e = e.to_owned();
                if e.contains('.') {
                    regsub(
                        &mut e,
                        // strip trailing 0's and then trailing `.`
                        r#"(?x)^ ( (?:wfu) = [0-9.]*? )( \.? 0+ ) $"#,
                        "$1",
                    );
                }
                e
            };
            // C Tor writes stats items in votes in an apparently arbitrarily chosen order
            regsub(exp, r#"^stats (.+)$"#, |c: &regex::Captures| -> String {
                format!(
                    "stats {}",
                    iter_join(" ", c[1].split(' ').sorted().map(stats_massage_entry)),
                )
            });
            let mut regsub = |re: &_, repl| regsub(exp, re, repl);
            // C Tor writes *-protocols in an apparently arbitrarily chosen order
            regsub(
                r#"(?x)
                       ^ (recommended-relay-protocols\ .*)  \n
                         (recommended-client-protocols\ .*) \n
                         (required-relay-protocols\ .*)     \n
                         (required-client-protocols\ .*)    \n
                         (known-flags .*)$                  \n
                    "#,
                r#"$5
$2
$1
$4
$3
"#,
            );
            // C Tor emits empty `client-versions` in consensuses, but not in votes.
            // (See also the fixup in `roundtrip_netstatus`, which relates to the *syntax*)
            //
            // Some of our inputs (eg the testdata2 votes) don't contain meaningful
            // info, so to make the C Tor output match our output, add them.
            regsub(
                r#"(?x) ^ (voting-delay\ .*) \n
                          (known-flags\ .*) \n"#,
                "$1
client-versions
server-versions
$2
",
            );
            //#                         (?:  a\ .* \n )?    )   #    a? )           we want to put m's
            for missing_field in [
                "bandwidth-file-headers", // TODO DIRAUTH implement
                "bandwidth-file-digest",  // TODO DIRAUTH implement
                "flag-thresholds",        // TODO DIRAUTH implement
            ] {
                regsub(&format!(r#"^{missing_field} .*\n"#), "");
            }
        }
    }
}