Line data Source code
1 : /* Copyright (c) 2001 Matej Pfajfar.
2 : * Copyright (c) 2001-2004, Roger Dingledine.
3 : * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 : * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 : /* See LICENSE for licensing information */
6 :
7 : /**
8 : * \file connection.c
9 : * \brief General high-level functions to handle reading and writing
10 : * on connections.
11 : *
12 : * Each connection (ideally) represents a TLS connection, a TCP socket, a unix
13 : * socket, or a UDP socket on which reads and writes can occur. (But see
14 : * connection_edge.c for cases where connections can also represent streams
15 : * that do not have a corresponding socket.)
16 : *
17 : * The module implements the abstract type, connection_t. The subtypes are:
18 : * <ul>
19 : * <li>listener_connection_t, implemented here in connection.c
20 : * <li>dir_connection_t, implemented in directory.c
21 : * <li>or_connection_t, implemented in connection_or.c
22 : * <li>edge_connection_t, implemented in connection_edge.c, along with
23 : * its subtype(s):
24 : * <ul><li>entry_connection_t, also implemented in connection_edge.c
25 : * </ul>
26 : * <li>control_connection_t, implemented in control.c
27 : * </ul>
28 : *
29 : * The base type implemented in this module is responsible for basic
30 : * rate limiting, flow control, and marshalling bytes onto and off of the
31 : * network (either directly or via TLS).
32 : *
33 : * Connections are registered with the main loop with connection_add(). As
34 : * they become able to read or write register the fact with the event main
35 : * loop by calling connection_watch_events(), connection_start_reading(), or
36 : * connection_start_writing(). When they no longer want to read or write,
37 : * they call connection_stop_reading() or connection_stop_writing().
38 : *
39 : * To queue data to be written on a connection, call
40 : * connection_buf_add(). When data arrives, the
41 : * connection_process_inbuf() callback is invoked, which dispatches to a
42 : * type-specific function (such as connection_edge_process_inbuf() for
43 : * example). Connection types that need notice of when data has been written
44 : * receive notification via connection_flushed_some() and
45 : * connection_finished_flushing(). These functions all delegate to
46 : * type-specific implementations.
47 : *
48 : * Additionally, beyond the core of connection_t, this module also implements:
49 : * <ul>
50 : * <li>Listeners, which wait for incoming sockets and launch connections
51 : * <li>Outgoing SOCKS proxy support
52 : * <li>Outgoing HTTP proxy support
53 : * <li>An out-of-sockets handler for dealing with socket exhaustion
54 : * </ul>
55 : **/
56 :
57 : #define CONNECTION_PRIVATE
58 : #include "core/or/or.h"
59 : #include "feature/client/bridges.h"
60 : #include "lib/buf/buffers.h"
61 : #include "lib/tls/buffers_tls.h"
62 : #include "lib/err/backtrace.h"
63 :
64 : /*
65 : * Define this so we get channel internal functions, since we're implementing
66 : * part of a subclass (channel_tls_t).
67 : */
68 : #define CHANNEL_OBJECT_PRIVATE
69 : #include "app/config/config.h"
70 : #include "app/config/resolve_addr.h"
71 : #include "core/mainloop/connection.h"
72 : #include "core/mainloop/mainloop.h"
73 : #include "core/mainloop/netstatus.h"
74 : #include "core/or/channel.h"
75 : #include "core/or/channeltls.h"
76 : #include "core/or/circuitbuild.h"
77 : #include "core/or/circuitlist.h"
78 : #include "core/or/circuituse.h"
79 : #include "core/or/connection_edge.h"
80 : #include "core/or/connection_or.h"
81 : #include "core/or/dos.h"
82 : #include "core/or/policies.h"
83 : #include "core/or/reasons.h"
84 : #include "core/or/relay.h"
85 : #include "core/or/status.h"
86 : #include "core/or/crypt_path.h"
87 : #include "core/proto/proto_haproxy.h"
88 : #include "core/proto/proto_http.h"
89 : #include "core/proto/proto_socks.h"
90 : #include "feature/client/dnsserv.h"
91 : #include "feature/client/entrynodes.h"
92 : #include "feature/client/transports.h"
93 : #include "feature/control/control.h"
94 : #include "feature/control/control_events.h"
95 : #include "feature/dirauth/authmode.h"
96 : #include "feature/dirauth/dirauth_config.h"
97 : #include "feature/dircache/dirserv.h"
98 : #include "feature/dircommon/directory.h"
99 : #include "feature/hibernate/hibernate.h"
100 : #include "feature/hs/hs_common.h"
101 : #include "feature/hs/hs_ident.h"
102 : #include "feature/hs/hs_metrics.h"
103 : #include "feature/metrics/metrics.h"
104 : #include "feature/nodelist/nodelist.h"
105 : #include "feature/nodelist/routerlist.h"
106 : #include "feature/relay/dns.h"
107 : #include "feature/relay/ext_orport.h"
108 : #include "feature/relay/routermode.h"
109 : #include "feature/rend/rendcommon.h"
110 : #include "feature/stats/connstats.h"
111 : #include "feature/stats/rephist.h"
112 : #include "feature/stats/bwhist.h"
113 : #include "lib/crypt_ops/crypto_util.h"
114 : #include "lib/crypt_ops/crypto_format.h"
115 : #include "lib/geoip/geoip.h"
116 :
117 : #include "lib/cc/ctassert.h"
118 : #include "lib/sandbox/sandbox.h"
119 : #include "lib/net/buffers_net.h"
120 : #include "lib/tls/tortls.h"
121 : #include "lib/evloop/compat_libevent.h"
122 : #include "lib/compress/compress.h"
123 :
124 : #ifdef HAVE_PWD_H
125 : #include <pwd.h>
126 : #endif
127 :
128 : #ifdef HAVE_UNISTD_H
129 : #include <unistd.h>
130 : #endif
131 : #ifdef HAVE_SYS_STAT_H
132 : #include <sys/stat.h>
133 : #endif
134 :
135 : #ifdef HAVE_SYS_UN_H
136 : #include <sys/socket.h>
137 : #include <sys/un.h>
138 : #endif
139 :
140 : #include "feature/dircommon/dir_connection_st.h"
141 : #include "feature/control/control_connection_st.h"
142 : #include "core/or/entry_connection_st.h"
143 : #include "core/or/listener_connection_st.h"
144 : #include "core/or/or_connection_st.h"
145 : #include "core/or/port_cfg_st.h"
146 : #include "feature/nodelist/routerinfo_st.h"
147 : #include "core/or/socks_request_st.h"
148 :
149 : /**
150 : * On Windows and Linux we cannot reliably bind() a socket to an
151 : * address and port if: 1) There's already a socket bound to wildcard
152 : * address (0.0.0.0 or ::) with the same port; 2) We try to bind()
153 : * to wildcard address and there's another socket bound to a
154 : * specific address and the same port.
155 : *
156 : * To address this problem on these two platforms we implement a
157 : * routine that:
158 : * 1) Checks if first attempt to bind() a new socket failed with
159 : * EADDRINUSE.
160 : * 2) If so, it will close the appropriate old listener connection and
161 : * 3) Attempts bind()'ing the new listener socket again.
162 : *
163 : * Just to be safe, we are enabling listener rebind code on all platforms,
164 : * to account for unexpected cases where it may be needed.
165 : */
166 : #define ENABLE_LISTENER_REBIND
167 :
168 : static connection_t *connection_listener_new(
169 : const struct sockaddr *listensockaddr,
170 : socklen_t listensocklen, int type,
171 : const char *address,
172 : const port_cfg_t *portcfg,
173 : int *addr_in_use);
174 : static connection_t *connection_listener_new_for_port(
175 : const port_cfg_t *port,
176 : int *defer, int *addr_in_use);
177 : static void connection_init(time_t now, connection_t *conn, int type,
178 : int socket_family);
179 : static int connection_handle_listener_read(connection_t *conn, int new_type);
180 : static int connection_finished_flushing(connection_t *conn);
181 : static int connection_flushed_some(connection_t *conn);
182 : static int connection_finished_connecting(connection_t *conn);
183 : static int connection_reached_eof(connection_t *conn);
184 : static int connection_buf_read_from_socket(connection_t *conn,
185 : ssize_t *max_to_read,
186 : int *socket_error);
187 : static int connection_process_inbuf(connection_t *conn, int package_partial);
188 : static void client_check_address_changed(tor_socket_t sock);
189 : static void set_constrained_socket_buffers(tor_socket_t sock, int size);
190 :
191 : static const char *connection_proxy_state_to_string(int state);
192 : static int connection_read_https_proxy_response(connection_t *conn);
193 : static void connection_send_socks5_connect(connection_t *conn);
194 : static const char *proxy_type_to_string(int proxy_type);
195 : static int conn_get_proxy_type(const connection_t *conn);
196 : const tor_addr_t *conn_get_outbound_address(sa_family_t family,
197 : const or_options_t *options, unsigned int conn_type);
198 : static void reenable_blocked_connection_init(const or_options_t *options);
199 : static void reenable_blocked_connection_schedule(void);
200 :
201 : /** The last addresses that our network interface seemed to have been
202 : * binding to. We use this as one way to detect when our IP changes.
203 : *
204 : * XXXX+ We should really use the entire list of interfaces here.
205 : **/
206 : static tor_addr_t *last_interface_ipv4 = NULL;
207 : /* DOCDOC last_interface_ipv6 */
208 : static tor_addr_t *last_interface_ipv6 = NULL;
209 : /** A list of tor_addr_t for addresses we've used in outgoing connections.
210 : * Used to detect IP address changes. */
211 : static smartlist_t *outgoing_addrs = NULL;
212 :
213 : #define CASE_ANY_LISTENER_TYPE \
214 : case CONN_TYPE_OR_LISTENER: \
215 : case CONN_TYPE_EXT_OR_LISTENER: \
216 : case CONN_TYPE_AP_LISTENER: \
217 : case CONN_TYPE_DIR_LISTENER: \
218 : case CONN_TYPE_CONTROL_LISTENER: \
219 : case CONN_TYPE_AP_TRANS_LISTENER: \
220 : case CONN_TYPE_AP_NATD_LISTENER: \
221 : case CONN_TYPE_AP_DNS_LISTENER: \
222 : case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: \
223 : case CONN_TYPE_METRICS_LISTENER
224 :
225 : /**************************************************************/
226 :
227 : /**
228 : * Cast a `connection_t *` to a `listener_connection_t *`.
229 : *
230 : * Exit with an assertion failure if the input is not a
231 : * `listener_connection_t`.
232 : **/
233 : listener_connection_t *
234 4 : TO_LISTENER_CONN(connection_t *c)
235 : {
236 4 : tor_assert(c->magic == LISTENER_CONNECTION_MAGIC);
237 4 : return DOWNCAST(listener_connection_t, c);
238 : }
239 :
240 : /**
241 : * Cast a `const connection_t *` to a `const listener_connection_t *`.
242 : *
243 : * Exit with an assertion failure if the input is not a
244 : * `listener_connection_t`.
245 : **/
246 : const listener_connection_t *
247 0 : CONST_TO_LISTENER_CONN(const connection_t *c)
248 : {
249 0 : return TO_LISTENER_CONN((connection_t *)c);
250 : }
251 :
252 : size_t
253 78 : connection_get_inbuf_len(connection_t *conn)
254 : {
255 78 : return conn->inbuf ? buf_datalen(conn->inbuf) : 0;
256 : }
257 :
258 : size_t
259 56 : connection_get_outbuf_len(connection_t *conn)
260 : {
261 56 : return conn->outbuf ? buf_datalen(conn->outbuf) : 0;
262 : }
263 :
264 : /**
265 : * Return the human-readable name for the connection type <b>type</b>
266 : */
267 : const char *
268 175 : conn_type_to_string(int type)
269 : {
270 175 : static char buf[64];
271 175 : switch (type) {
272 : case CONN_TYPE_OR_LISTENER: return "OR listener";
273 108 : case CONN_TYPE_OR: return "OR";
274 4 : case CONN_TYPE_EXIT: return "Exit";
275 1 : case CONN_TYPE_AP_LISTENER: return "Socks listener";
276 0 : case CONN_TYPE_AP_TRANS_LISTENER:
277 0 : return "Transparent pf/netfilter listener";
278 0 : case CONN_TYPE_AP_NATD_LISTENER: return "Transparent natd listener";
279 0 : case CONN_TYPE_AP_DNS_LISTENER: return "DNS listener";
280 20 : case CONN_TYPE_AP: return "Socks";
281 0 : case CONN_TYPE_DIR_LISTENER: return "Directory listener";
282 37 : case CONN_TYPE_DIR: return "Directory";
283 1 : case CONN_TYPE_CONTROL_LISTENER: return "Control listener";
284 0 : case CONN_TYPE_CONTROL: return "Control";
285 0 : case CONN_TYPE_EXT_OR: return "Extended OR";
286 0 : case CONN_TYPE_EXT_OR_LISTENER: return "Extended OR listener";
287 0 : case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: return "HTTP tunnel listener";
288 0 : case CONN_TYPE_METRICS_LISTENER: return "Metrics listener";
289 0 : case CONN_TYPE_METRICS: return "Metrics";
290 0 : default:
291 0 : log_warn(LD_BUG, "unknown connection type %d", type);
292 0 : tor_snprintf(buf, sizeof(buf), "unknown [%d]", type);
293 0 : return buf;
294 : }
295 : }
296 :
297 : /**
298 : * Return the human-readable name for the connection state <b>state</b>
299 : * for the connection type <b>type</b>
300 : */
301 : const char *
302 137 : conn_state_to_string(int type, int state)
303 : {
304 137 : static char buf[96];
305 137 : switch (type) {
306 6 : CASE_ANY_LISTENER_TYPE:
307 6 : if (state == LISTENER_STATE_READY)
308 : return "ready";
309 : break;
310 102 : case CONN_TYPE_OR:
311 102 : switch (state) {
312 : case OR_CONN_STATE_CONNECTING: return "connect()ing";
313 0 : case OR_CONN_STATE_PROXY_HANDSHAKING: return "handshaking (proxy)";
314 0 : case OR_CONN_STATE_TLS_HANDSHAKING: return "handshaking (TLS)";
315 0 : case OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING:
316 0 : return "renegotiating (TLS, v2 handshake)";
317 0 : case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING:
318 0 : return "waiting for renegotiation or V3 handshake";
319 0 : case OR_CONN_STATE_OR_HANDSHAKING_V2:
320 0 : return "handshaking (Tor, v2 handshake)";
321 92 : case OR_CONN_STATE_OR_HANDSHAKING_V3:
322 92 : return "handshaking (Tor, v3 handshake)";
323 5 : case OR_CONN_STATE_OPEN: return "open";
324 : }
325 : break;
326 5 : case CONN_TYPE_EXT_OR:
327 5 : switch (state) {
328 : case EXT_OR_CONN_STATE_AUTH_WAIT_AUTH_TYPE:
329 : return "waiting for authentication type";
330 0 : case EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE:
331 0 : return "waiting for client nonce";
332 1 : case EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH:
333 1 : return "waiting for client hash";
334 3 : case EXT_OR_CONN_STATE_OPEN: return "open";
335 0 : case EXT_OR_CONN_STATE_FLUSHING: return "flushing final OKAY";
336 : }
337 : break;
338 4 : case CONN_TYPE_EXIT:
339 4 : switch (state) {
340 : case EXIT_CONN_STATE_RESOLVING: return "waiting for dest info";
341 0 : case EXIT_CONN_STATE_CONNECTING: return "connecting";
342 2 : case EXIT_CONN_STATE_OPEN: return "open";
343 0 : case EXIT_CONN_STATE_RESOLVEFAILED: return "resolve failed";
344 : }
345 : break;
346 6 : case CONN_TYPE_AP:
347 6 : switch (state) {
348 : case AP_CONN_STATE_SOCKS_WAIT: return "waiting for socks info";
349 0 : case AP_CONN_STATE_NATD_WAIT: return "waiting for natd dest info";
350 0 : case AP_CONN_STATE_RENDDESC_WAIT: return "waiting for rendezvous desc";
351 0 : case AP_CONN_STATE_CONTROLLER_WAIT: return "waiting for controller";
352 0 : case AP_CONN_STATE_CIRCUIT_WAIT: return "waiting for circuit";
353 6 : case AP_CONN_STATE_CONNECT_WAIT: return "waiting for connect response";
354 0 : case AP_CONN_STATE_RESOLVE_WAIT: return "waiting for resolve response";
355 0 : case AP_CONN_STATE_OPEN: return "open";
356 : }
357 : break;
358 14 : case CONN_TYPE_DIR:
359 14 : switch (state) {
360 : case DIR_CONN_STATE_CONNECTING: return "connecting";
361 0 : case DIR_CONN_STATE_CLIENT_SENDING: return "client sending";
362 2 : case DIR_CONN_STATE_CLIENT_READING: return "client reading";
363 4 : case DIR_CONN_STATE_CLIENT_FINISHED: return "client finished";
364 0 : case DIR_CONN_STATE_SERVER_COMMAND_WAIT: return "waiting for command";
365 8 : case DIR_CONN_STATE_SERVER_WRITING: return "writing";
366 : }
367 : break;
368 0 : case CONN_TYPE_CONTROL:
369 0 : switch (state) {
370 : case CONTROL_CONN_STATE_OPEN: return "open (protocol v1)";
371 0 : case CONTROL_CONN_STATE_NEEDAUTH:
372 0 : return "waiting for authentication (protocol v1)";
373 : }
374 : break;
375 : }
376 :
377 1 : if (state == 0) {
378 : return "uninitialized";
379 : }
380 :
381 0 : log_warn(LD_BUG, "unknown connection state %d (type %d)", state, type);
382 0 : tor_snprintf(buf, sizeof(buf),
383 : "unknown state [%d] on unknown [%s] connection",
384 : state, conn_type_to_string(type));
385 0 : tor_assert_nonfatal_unreached_once();
386 : return buf;
387 : }
388 :
389 : /**
390 : * Helper: describe the peer or address of connection @a conn in a
391 : * human-readable manner.
392 : *
393 : * Returns a pointer to a static buffer; future calls to
394 : * connection_describe_peer_internal() will invalidate this buffer.
395 : *
396 : * If <b>include_preposition</b> is true, include a preposition before the
397 : * peer address.
398 : *
399 : * Nobody should parse the output of this function; it can and will change in
400 : * future versions of tor.
401 : **/
402 : static const char *
403 136 : connection_describe_peer_internal(const connection_t *conn,
404 : bool include_preposition)
405 : {
406 136 : IF_BUG_ONCE(!conn) {
407 : return "null peer";
408 : }
409 :
410 136 : static char peer_buf[256];
411 136 : const tor_addr_t *addr = &conn->addr;
412 136 : const char *address = NULL;
413 136 : const char *prep;
414 136 : bool scrub = false;
415 136 : char extra_buf[128];
416 136 : extra_buf[0] = 0;
417 :
418 : /* First, figure out the preposition to use */
419 136 : switch (conn->type) {
420 : CASE_ANY_LISTENER_TYPE:
421 : prep = "on";
422 : break;
423 4 : case CONN_TYPE_EXIT:
424 4 : prep = "to";
425 4 : break;
426 0 : case CONN_TYPE_CONTROL:
427 : case CONN_TYPE_AP:
428 : case CONN_TYPE_EXT_OR:
429 0 : prep = "from";
430 0 : break;
431 126 : default:
432 126 : prep = "with";
433 126 : break;
434 : }
435 :
436 : /* Now figure out the address. */
437 136 : if (conn->socket_family == AF_UNIX) {
438 : /* For unix sockets, we always use the `address` string. */
439 1 : address = conn->address ? conn->address : "unix socket";
440 135 : } else if (conn->type == CONN_TYPE_OR) {
441 : /* For OR connections, we have a lot to do. */
442 106 : const or_connection_t *or_conn = CONST_TO_OR_CONN(conn);
443 : /* We report the IDs we're talking to... */
444 106 : if (fast_digest_is_zero(or_conn->identity_digest)) {
445 : // This could be a client, so scrub it. No identity to report.
446 : scrub = true;
447 : } else {
448 20 : const ed25519_public_key_t *ed_id =
449 20 : connection_or_get_alleged_ed25519_id(or_conn);
450 20 : char ed_id_buf[ED25519_BASE64_LEN+1];
451 20 : char rsa_id_buf[HEX_DIGEST_LEN+1];
452 20 : if (ed_id) {
453 4 : ed25519_public_to_base64(ed_id_buf, ed_id);
454 : } else {
455 16 : strlcpy(ed_id_buf, "<none>", sizeof(ed_id_buf));
456 : }
457 20 : base16_encode(rsa_id_buf, sizeof(rsa_id_buf),
458 : or_conn->identity_digest, DIGEST_LEN);
459 20 : tor_snprintf(extra_buf, sizeof(extra_buf),
460 : " ID=%s RSA_ID=%s", ed_id_buf, rsa_id_buf);
461 : }
462 20 : if (! scrub && (! tor_addr_eq(addr, &or_conn->canonical_orport.addr) ||
463 1 : conn->port != or_conn->canonical_orport.port)) {
464 : /* We report canonical address, if it's different */
465 19 : char canonical_addr_buf[TOR_ADDR_BUF_LEN];
466 19 : if (tor_addr_to_str(canonical_addr_buf, &or_conn->canonical_orport.addr,
467 : sizeof(canonical_addr_buf), 1)) {
468 1 : tor_snprintf(extra_buf+strlen(extra_buf),
469 1 : sizeof(extra_buf)-strlen(extra_buf),
470 : " canonical_addr=%s:%"PRIu16,
471 : canonical_addr_buf,
472 1 : or_conn->canonical_orport.port);
473 : }
474 : }
475 29 : } else if (conn->type == CONN_TYPE_EXIT) {
476 4 : scrub = true; /* This is a client's request; scrub it with SafeLogging. */
477 4 : if (tor_addr_is_null(addr)) {
478 2 : address = conn->address;
479 2 : strlcpy(extra_buf, " (DNS lookup pending)", sizeof(extra_buf));
480 : }
481 : }
482 :
483 22 : char addr_buf[TOR_ADDR_BUF_LEN];
484 22 : if (address == NULL) {
485 134 : if (tor_addr_family(addr) == 0) {
486 : address = "<unset>";
487 : } else {
488 102 : address = tor_addr_to_str(addr_buf, addr, sizeof(addr_buf), 1);
489 102 : if (!address) {
490 0 : address = "<can't format!>";
491 0 : tor_assert_nonfatal_unreached_once();
492 : }
493 : }
494 : }
495 :
496 136 : char portbuf[7];
497 136 : portbuf[0]=0;
498 136 : if (scrub && get_options()->SafeLogging_ != SAFELOG_SCRUB_NONE) {
499 : address = "[scrubbed]";
500 : } else {
501 : /* Only set the port if we're not scrubbing the address. */
502 50 : if (conn->port != 0) {
503 13 : tor_snprintf(portbuf, sizeof(portbuf), ":%d", conn->port);
504 : }
505 : }
506 :
507 136 : const char *sp = include_preposition ? " " : "";
508 136 : if (! include_preposition)
509 24 : prep = "";
510 :
511 136 : tor_snprintf(peer_buf, sizeof(peer_buf),
512 : "%s%s%s%s%s", prep, sp, address, portbuf, extra_buf);
513 136 : return peer_buf;
514 : }
515 :
516 : /**
517 : * Describe the peer or address of connection @a conn in a
518 : * human-readable manner.
519 : *
520 : * Returns a pointer to a static buffer; future calls to
521 : * connection_describe_peer() or connection_describe() will invalidate this
522 : * buffer.
523 : *
524 : * Nobody should parse the output of this function; it can and will change in
525 : * future versions of tor.
526 : **/
527 : const char *
528 24 : connection_describe_peer(const connection_t *conn)
529 : {
530 24 : return connection_describe_peer_internal(conn, false);
531 : }
532 :
533 : /**
534 : * Describe a connection for logging purposes.
535 : *
536 : * Returns a pointer to a static buffer; future calls to connection_describe()
537 : * will invalidate this buffer.
538 : *
539 : * Nobody should parse the output of this function; it can and will change in
540 : * future versions of tor.
541 : **/
542 : const char *
543 112 : connection_describe(const connection_t *conn)
544 : {
545 112 : IF_BUG_ONCE(!conn) {
546 : return "null connection";
547 : }
548 112 : static char desc_buf[256];
549 112 : const char *peer = connection_describe_peer_internal(conn, true);
550 336 : tor_snprintf(desc_buf, sizeof(desc_buf),
551 : "%s connection (%s) %s",
552 112 : conn_type_to_string(conn->type),
553 112 : conn_state_to_string(conn->type, conn->state),
554 : peer);
555 112 : return desc_buf;
556 : }
557 :
558 : /** Allocate and return a new dir_connection_t, initialized as by
559 : * connection_init(). */
560 : dir_connection_t *
561 77 : dir_connection_new(int socket_family)
562 : {
563 77 : dir_connection_t *dir_conn = tor_malloc_zero(sizeof(dir_connection_t));
564 77 : connection_init(time(NULL), TO_CONN(dir_conn), CONN_TYPE_DIR, socket_family);
565 77 : return dir_conn;
566 : }
567 :
568 : /** Allocate and return a new or_connection_t, initialized as by
569 : * connection_init().
570 : *
571 : * Initialize active_circuit_pqueue.
572 : *
573 : * Set active_circuit_pqueue_last_recalibrated to current cell_ewma tick.
574 : */
575 : or_connection_t *
576 221 : or_connection_new(int type, int socket_family)
577 : {
578 221 : or_connection_t *or_conn = tor_malloc_zero(sizeof(or_connection_t));
579 221 : time_t now = time(NULL);
580 221 : tor_assert(type == CONN_TYPE_OR || type == CONN_TYPE_EXT_OR);
581 221 : connection_init(now, TO_CONN(or_conn), type, socket_family);
582 :
583 221 : tor_addr_make_unspec(&or_conn->canonical_orport.addr);
584 221 : connection_or_set_canonical(or_conn, 0);
585 :
586 221 : if (type == CONN_TYPE_EXT_OR) {
587 : /* If we aren't told an address for this connection, we should
588 : * presume it isn't local, and should be rate-limited. */
589 7 : TO_CONN(or_conn)->always_rate_limit_as_remote = 1;
590 7 : connection_or_set_ext_or_identifier(or_conn);
591 : }
592 :
593 221 : return or_conn;
594 : }
595 :
596 : /** Allocate and return a new entry_connection_t, initialized as by
597 : * connection_init().
598 : *
599 : * Allocate space to store the socks_request.
600 : */
601 : entry_connection_t *
602 64 : entry_connection_new(int type, int socket_family)
603 : {
604 64 : entry_connection_t *entry_conn = tor_malloc_zero(sizeof(entry_connection_t));
605 64 : tor_assert(type == CONN_TYPE_AP);
606 64 : connection_init(time(NULL), ENTRY_TO_CONN(entry_conn), type, socket_family);
607 64 : entry_conn->socks_request = socks_request_new();
608 : /* If this is coming from a listener, we'll set it up based on the listener
609 : * in a little while. Otherwise, we're doing this as a linked connection
610 : * of some kind, and we should set it up here based on the socket family */
611 64 : if (socket_family == AF_INET)
612 58 : entry_conn->entry_cfg.ipv4_traffic = 1;
613 6 : else if (socket_family == AF_INET6)
614 6 : entry_conn->entry_cfg.ipv6_traffic = 1;
615 64 : return entry_conn;
616 : }
617 :
618 : /** Allocate and return a new edge_connection_t, initialized as by
619 : * connection_init(). */
620 : edge_connection_t *
621 19 : edge_connection_new(int type, int socket_family)
622 : {
623 19 : edge_connection_t *edge_conn = tor_malloc_zero(sizeof(edge_connection_t));
624 19 : tor_assert(type == CONN_TYPE_EXIT);
625 19 : connection_init(time(NULL), TO_CONN(edge_conn), type, socket_family);
626 19 : return edge_conn;
627 : }
628 :
629 : /** Allocate and return a new control_connection_t, initialized as by
630 : * connection_init(). */
631 : control_connection_t *
632 0 : control_connection_new(int socket_family)
633 : {
634 0 : control_connection_t *control_conn =
635 0 : tor_malloc_zero(sizeof(control_connection_t));
636 0 : connection_init(time(NULL),
637 : TO_CONN(control_conn), CONN_TYPE_CONTROL, socket_family);
638 0 : return control_conn;
639 : }
640 :
641 : /** Allocate and return a new listener_connection_t, initialized as by
642 : * connection_init(). */
643 : listener_connection_t *
644 4 : listener_connection_new(int type, int socket_family)
645 : {
646 4 : listener_connection_t *listener_conn =
647 4 : tor_malloc_zero(sizeof(listener_connection_t));
648 4 : connection_init(time(NULL), TO_CONN(listener_conn), type, socket_family);
649 4 : return listener_conn;
650 : }
651 :
652 : /** Allocate, initialize, and return a new connection_t subtype of <b>type</b>
653 : * to make or receive connections of address family <b>socket_family</b>. The
654 : * type should be one of the CONN_TYPE_* constants. */
655 : connection_t *
656 141 : connection_new(int type, int socket_family)
657 : {
658 141 : switch (type) {
659 111 : case CONN_TYPE_OR:
660 : case CONN_TYPE_EXT_OR:
661 111 : return TO_CONN(or_connection_new(type, socket_family));
662 :
663 1 : case CONN_TYPE_EXIT:
664 1 : return TO_CONN(edge_connection_new(type, socket_family));
665 :
666 8 : case CONN_TYPE_AP:
667 8 : return ENTRY_TO_CONN(entry_connection_new(type, socket_family));
668 :
669 12 : case CONN_TYPE_DIR:
670 12 : return TO_CONN(dir_connection_new(socket_family));
671 :
672 0 : case CONN_TYPE_CONTROL:
673 0 : return TO_CONN(control_connection_new(socket_family));
674 :
675 3 : CASE_ANY_LISTENER_TYPE:
676 3 : return TO_CONN(listener_connection_new(type, socket_family));
677 :
678 6 : default: {
679 6 : connection_t *conn = tor_malloc_zero(sizeof(connection_t));
680 6 : connection_init(time(NULL), conn, type, socket_family);
681 6 : return conn;
682 : }
683 : }
684 : }
685 :
686 : /** Initializes conn. (you must call connection_add() to link it into the main
687 : * array).
688 : *
689 : * Set conn-\>magic to the correct value.
690 : *
691 : * Set conn-\>type to <b>type</b>. Set conn-\>s and conn-\>conn_array_index to
692 : * -1 to signify they are not yet assigned.
693 : *
694 : * Initialize conn's timestamps to now.
695 : */
696 : static void
697 391 : connection_init(time_t now, connection_t *conn, int type, int socket_family)
698 : {
699 391 : static uint64_t n_connections_allocated = 1;
700 :
701 391 : switch (type) {
702 221 : case CONN_TYPE_OR:
703 : case CONN_TYPE_EXT_OR:
704 221 : conn->magic = OR_CONNECTION_MAGIC;
705 221 : break;
706 19 : case CONN_TYPE_EXIT:
707 19 : conn->magic = EDGE_CONNECTION_MAGIC;
708 19 : break;
709 64 : case CONN_TYPE_AP:
710 64 : conn->magic = ENTRY_CONNECTION_MAGIC;
711 64 : break;
712 77 : case CONN_TYPE_DIR:
713 77 : conn->magic = DIR_CONNECTION_MAGIC;
714 77 : break;
715 0 : case CONN_TYPE_CONTROL:
716 0 : conn->magic = CONTROL_CONNECTION_MAGIC;
717 0 : break;
718 4 : CASE_ANY_LISTENER_TYPE:
719 4 : conn->magic = LISTENER_CONNECTION_MAGIC;
720 4 : break;
721 6 : default:
722 6 : conn->magic = BASE_CONNECTION_MAGIC;
723 6 : break;
724 : }
725 :
726 391 : conn->s = TOR_INVALID_SOCKET; /* give it a default of 'not used' */
727 391 : conn->conn_array_index = -1; /* also default to 'not used' */
728 391 : conn->global_identifier = n_connections_allocated++;
729 :
730 391 : conn->type = type;
731 391 : conn->socket_family = socket_family;
732 391 : if (!connection_is_listener(conn)) {
733 : /* listeners never use their buf */
734 387 : conn->inbuf = buf_new();
735 387 : conn->outbuf = buf_new();
736 : }
737 :
738 391 : conn->timestamp_created = now;
739 391 : conn->timestamp_last_read_allowed = now;
740 391 : conn->timestamp_last_write_allowed = now;
741 391 : }
742 :
743 : /** Create a link between <b>conn_a</b> and <b>conn_b</b>. */
744 : void
745 0 : connection_link_connections(connection_t *conn_a, connection_t *conn_b)
746 : {
747 0 : tor_assert(! SOCKET_OK(conn_a->s));
748 0 : tor_assert(! SOCKET_OK(conn_b->s));
749 :
750 0 : conn_a->linked = 1;
751 0 : conn_b->linked = 1;
752 0 : conn_a->linked_conn = conn_b;
753 0 : conn_b->linked_conn = conn_a;
754 0 : }
755 :
756 : /** Return true iff the provided connection listener type supports AF_UNIX
757 : * sockets. */
758 : int
759 15 : conn_listener_type_supports_af_unix(int type)
760 : {
761 : /* For now only control ports or SOCKS ports can be Unix domain sockets
762 : * and listeners at the same time */
763 15 : switch (type) {
764 : case CONN_TYPE_CONTROL_LISTENER:
765 : case CONN_TYPE_AP_LISTENER:
766 : return 1;
767 2 : default:
768 2 : return 0;
769 : }
770 : }
771 :
772 : /** Deallocate memory used by <b>conn</b>. Deallocate its buffers if
773 : * necessary, close its socket if necessary, and mark the directory as dirty
774 : * if <b>conn</b> is an OR or OP connection.
775 : */
776 : STATIC void
777 275 : connection_free_minimal(connection_t *conn)
778 : {
779 275 : void *mem;
780 275 : size_t memlen;
781 275 : if (!conn)
782 275 : return;
783 :
784 275 : switch (conn->type) {
785 109 : case CONN_TYPE_OR:
786 : case CONN_TYPE_EXT_OR:
787 109 : tor_assert(conn->magic == OR_CONNECTION_MAGIC);
788 109 : mem = TO_OR_CONN(conn);
789 109 : memlen = sizeof(or_connection_t);
790 109 : break;
791 63 : case CONN_TYPE_AP:
792 63 : tor_assert(conn->magic == ENTRY_CONNECTION_MAGIC);
793 63 : mem = TO_ENTRY_CONN(conn);
794 63 : memlen = sizeof(entry_connection_t);
795 63 : break;
796 19 : case CONN_TYPE_EXIT:
797 19 : tor_assert(conn->magic == EDGE_CONNECTION_MAGIC);
798 19 : mem = TO_EDGE_CONN(conn);
799 19 : memlen = sizeof(edge_connection_t);
800 19 : break;
801 74 : case CONN_TYPE_DIR:
802 74 : tor_assert(conn->magic == DIR_CONNECTION_MAGIC);
803 74 : mem = TO_DIR_CONN(conn);
804 74 : memlen = sizeof(dir_connection_t);
805 74 : break;
806 0 : case CONN_TYPE_CONTROL:
807 0 : tor_assert(conn->magic == CONTROL_CONNECTION_MAGIC);
808 0 : mem = TO_CONTROL_CONN(conn);
809 0 : memlen = sizeof(control_connection_t);
810 0 : break;
811 4 : CASE_ANY_LISTENER_TYPE:
812 4 : tor_assert(conn->magic == LISTENER_CONNECTION_MAGIC);
813 4 : mem = TO_LISTENER_CONN(conn);
814 4 : memlen = sizeof(listener_connection_t);
815 4 : break;
816 6 : default:
817 6 : tor_assert(conn->magic == BASE_CONNECTION_MAGIC);
818 : mem = conn;
819 : memlen = sizeof(connection_t);
820 : break;
821 : }
822 :
823 275 : if (conn->linked) {
824 20 : log_info(LD_GENERAL, "Freeing linked %s connection [%s] with %d "
825 : "bytes on inbuf, %d on outbuf.",
826 : conn_type_to_string(conn->type),
827 : conn_state_to_string(conn->type, conn->state),
828 : (int)connection_get_inbuf_len(conn),
829 : (int)connection_get_outbuf_len(conn));
830 : }
831 :
832 275 : if (!connection_is_listener(conn)) {
833 271 : buf_free(conn->inbuf);
834 271 : buf_free(conn->outbuf);
835 : } else {
836 4 : if (conn->socket_family == AF_UNIX) {
837 : /* For now only control and SOCKS ports can be Unix domain sockets
838 : * and listeners at the same time */
839 1 : tor_assert(conn_listener_type_supports_af_unix(conn->type));
840 :
841 1 : if (unlink(conn->address) < 0 && errno != ENOENT) {
842 0 : log_warn(LD_NET, "Could not unlink %s: %s", conn->address,
843 : strerror(errno));
844 : }
845 : }
846 : }
847 :
848 275 : tor_str_wipe_and_free(conn->address);
849 :
850 275 : if (connection_speaks_cells(conn)) {
851 103 : or_connection_t *or_conn = TO_OR_CONN(conn);
852 103 : if (or_conn->tls) {
853 24 : if (! SOCKET_OK(conn->s)) {
854 : /* The socket has been closed by somebody else; we must tell the
855 : * TLS object not to close it. */
856 24 : tor_tls_release_socket(or_conn->tls);
857 : } else {
858 : /* The tor_tls_free() call below will close the socket; we must tell
859 : * the code below not to close it a second time. */
860 0 : tor_release_socket_ownership(conn->s);
861 0 : conn->s = TOR_INVALID_SOCKET;
862 : }
863 24 : tor_tls_free(or_conn->tls);
864 24 : or_conn->tls = NULL;
865 : }
866 103 : or_handshake_state_free(or_conn->handshake_state);
867 103 : or_conn->handshake_state = NULL;
868 103 : tor_str_wipe_and_free(or_conn->nickname);
869 103 : if (or_conn->chan) {
870 : /* Owww, this shouldn't happen, but... */
871 80 : channel_t *base_chan = TLS_CHAN_TO_BASE(or_conn->chan);
872 80 : tor_assert(base_chan);
873 80 : log_info(LD_CHANNEL,
874 : "Freeing orconn at %p, saw channel %p with ID "
875 : "%"PRIu64 " left un-NULLed",
876 : or_conn, base_chan,
877 : base_chan->global_identifier);
878 80 : if (!CHANNEL_FINISHED(base_chan)) {
879 24 : channel_close_for_error(base_chan);
880 : }
881 :
882 80 : or_conn->chan->conn = NULL;
883 80 : or_conn->chan = NULL;
884 : }
885 : }
886 275 : if (conn->type == CONN_TYPE_AP) {
887 63 : entry_connection_t *entry_conn = TO_ENTRY_CONN(conn);
888 63 : tor_str_wipe_and_free(entry_conn->chosen_exit_name);
889 63 : tor_str_wipe_and_free(entry_conn->original_dest_address);
890 63 : if (entry_conn->socks_request)
891 63 : socks_request_free(entry_conn->socks_request);
892 63 : if (entry_conn->pending_optimistic_data) {
893 0 : buf_free(entry_conn->pending_optimistic_data);
894 : }
895 63 : if (entry_conn->sending_optimistic_data) {
896 0 : buf_free(entry_conn->sending_optimistic_data);
897 : }
898 : }
899 275 : if (CONN_IS_EDGE(conn)) {
900 82 : hs_ident_edge_conn_free(TO_EDGE_CONN(conn)->hs_ident);
901 : }
902 275 : if (conn->type == CONN_TYPE_CONTROL) {
903 0 : control_connection_t *control_conn = TO_CONTROL_CONN(conn);
904 0 : tor_free(control_conn->safecookie_client_hash);
905 0 : tor_free(control_conn->incoming_cmd);
906 0 : tor_free(control_conn->current_cmd);
907 0 : if (control_conn->ephemeral_onion_services) {
908 0 : SMARTLIST_FOREACH(control_conn->ephemeral_onion_services, char *, cp, {
909 : memwipe(cp, 0, strlen(cp));
910 : tor_free(cp);
911 : });
912 0 : smartlist_free(control_conn->ephemeral_onion_services);
913 : }
914 : }
915 :
916 : /* Probably already freed by connection_free. */
917 275 : tor_event_free(conn->read_event);
918 275 : tor_event_free(conn->write_event);
919 275 : conn->read_event = conn->write_event = NULL;
920 :
921 275 : if (conn->type == CONN_TYPE_DIR) {
922 74 : dir_connection_t *dir_conn = TO_DIR_CONN(conn);
923 74 : tor_free(dir_conn->requested_resource);
924 :
925 74 : tor_compress_free(dir_conn->compress_state);
926 74 : dir_conn_clear_spool(dir_conn);
927 :
928 74 : hs_ident_dir_conn_free(dir_conn->hs_ident);
929 74 : if (dir_conn->guard_state) {
930 : /* Cancel before freeing, if it's still there. */
931 0 : entry_guard_cancel(&dir_conn->guard_state);
932 : }
933 74 : circuit_guard_state_free(dir_conn->guard_state);
934 : }
935 :
936 275 : if (SOCKET_OK(conn->s)) {
937 3 : log_debug(LD_NET,"closing fd %d.",(int)conn->s);
938 3 : tor_close_socket(conn->s);
939 3 : conn->s = TOR_INVALID_SOCKET;
940 : }
941 :
942 378 : if (conn->type == CONN_TYPE_OR &&
943 103 : !tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
944 0 : log_warn(LD_BUG, "called on OR conn with non-zeroed identity_digest");
945 0 : connection_or_clear_identity(TO_OR_CONN(conn));
946 : }
947 275 : if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) {
948 109 : tor_free(TO_OR_CONN(conn)->ext_or_conn_id);
949 109 : tor_free(TO_OR_CONN(conn)->ext_or_auth_correct_client_hash);
950 109 : tor_free(TO_OR_CONN(conn)->ext_or_transport);
951 : }
952 :
953 275 : memwipe(mem, 0xCC, memlen); /* poison memory */
954 275 : tor_free(mem);
955 : }
956 :
957 : /** Make sure <b>conn</b> isn't in any of the global conn lists; then free it.
958 : */
959 24 : MOCK_IMPL(void,
960 : connection_free_,(connection_t *conn))
961 : {
962 24 : if (!conn)
963 : return;
964 24 : tor_assert(!connection_is_on_closeable_list(conn));
965 24 : tor_assert(!connection_in_array(conn));
966 24 : if (BUG(conn->linked_conn)) {
967 0 : conn->linked_conn->linked_conn = NULL;
968 0 : if (! conn->linked_conn->marked_for_close &&
969 : conn->linked_conn->reading_from_linked_conn)
970 0 : connection_start_reading(conn->linked_conn);
971 0 : conn->linked_conn = NULL;
972 : }
973 24 : if (connection_speaks_cells(conn)) {
974 1 : if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
975 0 : connection_or_clear_identity(TO_OR_CONN(conn));
976 : }
977 : }
978 24 : if (conn->type == CONN_TYPE_CONTROL) {
979 0 : connection_control_closed(TO_CONTROL_CONN(conn));
980 : }
981 : #if 1
982 : /* DEBUGGING */
983 24 : if (conn->type == CONN_TYPE_AP) {
984 6 : connection_ap_warn_and_unmark_if_pending_circ(TO_ENTRY_CONN(conn),
985 : "connection_free");
986 : }
987 : #endif /* 1 */
988 :
989 : /* Notify the circuit creation DoS mitigation subsystem that an OR client
990 : * connection has been closed. And only do that if we track it. */
991 24 : if (conn->type == CONN_TYPE_OR) {
992 1 : dos_close_client_conn(TO_OR_CONN(conn));
993 : }
994 :
995 24 : connection_unregister_events(conn);
996 24 : connection_free_minimal(conn);
997 : }
998 :
999 : /**
1000 : * Called when we're about to finally unlink and free a connection:
1001 : * perform necessary accounting and cleanup
1002 : * - Directory conns that failed to fetch a rendezvous descriptor
1003 : * need to inform pending rendezvous streams.
1004 : * - OR conns need to call rep_hist_note_*() to record status.
1005 : * - AP conns need to send a socks reject if necessary.
1006 : * - Exit conns need to call connection_dns_remove() if necessary.
1007 : * - AP and Exit conns need to send an end cell if they can.
1008 : * - DNS conns need to fail any resolves that are pending on them.
1009 : * - OR and edge connections need to be unlinked from circuits.
1010 : */
1011 : void
1012 23 : connection_about_to_close_connection(connection_t *conn)
1013 : {
1014 23 : tor_assert(conn->marked_for_close);
1015 :
1016 23 : switch (conn->type) {
1017 8 : case CONN_TYPE_DIR:
1018 8 : connection_dir_about_to_close(TO_DIR_CONN(conn));
1019 8 : break;
1020 5 : case CONN_TYPE_OR:
1021 : case CONN_TYPE_EXT_OR:
1022 5 : connection_or_about_to_close(TO_OR_CONN(conn));
1023 5 : break;
1024 6 : case CONN_TYPE_AP:
1025 6 : connection_ap_about_to_close(TO_ENTRY_CONN(conn));
1026 6 : break;
1027 0 : case CONN_TYPE_EXIT:
1028 0 : connection_exit_about_to_close(TO_EDGE_CONN(conn));
1029 0 : break;
1030 : }
1031 23 : }
1032 :
1033 : /** Return true iff connection_close_immediate() has been called on this
1034 : * connection. */
1035 : #define CONN_IS_CLOSED(c) \
1036 : ((c)->linked ? ((c)->linked_conn_is_closed) : (! SOCKET_OK(c->s)))
1037 :
1038 : /** Close the underlying socket for <b>conn</b>, so we don't try to
1039 : * flush it. Must be used in conjunction with (right before)
1040 : * connection_mark_for_close().
1041 : */
1042 : void
1043 14 : connection_close_immediate(connection_t *conn)
1044 : {
1045 14 : assert_connection_ok(conn,0);
1046 14 : if (CONN_IS_CLOSED(conn)) {
1047 0 : log_err(LD_BUG,"Attempt to close already-closed connection.");
1048 0 : tor_fragile_assert();
1049 0 : return;
1050 : }
1051 14 : if (connection_get_outbuf_len(conn)) {
1052 0 : log_info(LD_NET,"fd %d, type %s, state %s, %"TOR_PRIuSZ" bytes on outbuf.",
1053 : (int)conn->s, conn_type_to_string(conn->type),
1054 : conn_state_to_string(conn->type, conn->state),
1055 : buf_datalen(conn->outbuf));
1056 : }
1057 :
1058 14 : connection_unregister_events(conn);
1059 :
1060 : /* Prevent the event from getting unblocked. */
1061 14 : conn->read_blocked_on_bw = 0;
1062 14 : conn->write_blocked_on_bw = 0;
1063 :
1064 14 : if (SOCKET_OK(conn->s))
1065 2 : tor_close_socket(conn->s);
1066 14 : conn->s = TOR_INVALID_SOCKET;
1067 14 : if (conn->linked)
1068 12 : conn->linked_conn_is_closed = 1;
1069 14 : if (conn->outbuf)
1070 14 : buf_clear(conn->outbuf);
1071 : }
1072 :
1073 : /** Mark <b>conn</b> to be closed next time we loop through
1074 : * conn_close_if_marked() in main.c. */
1075 : void
1076 27 : connection_mark_for_close_(connection_t *conn, int line, const char *file)
1077 : {
1078 27 : assert_connection_ok(conn,0);
1079 27 : tor_assert(line);
1080 27 : tor_assert(line < 1<<16); /* marked_for_close can only fit a uint16_t. */
1081 27 : tor_assert(file);
1082 :
1083 27 : if (conn->type == CONN_TYPE_OR) {
1084 : /*
1085 : * An or_connection should have been closed through one of the channel-
1086 : * aware functions in connection_or.c. We'll assume this is an error
1087 : * close and do that, and log a bug warning.
1088 : */
1089 0 : log_warn(LD_CHANNEL | LD_BUG,
1090 : "Something tried to close an or_connection_t without going "
1091 : "through channels at %s:%d",
1092 : file, line);
1093 0 : connection_or_close_for_error(TO_OR_CONN(conn), 0);
1094 : } else {
1095 : /* Pass it down to the real function */
1096 27 : connection_mark_for_close_internal_(conn, line, file);
1097 : }
1098 27 : }
1099 :
1100 : /** Mark <b>conn</b> to be closed next time we loop through
1101 : * conn_close_if_marked() in main.c.
1102 : *
1103 : * This _internal version bypasses the CONN_TYPE_OR checks; this should be
1104 : * called when you either are sure that if this is an or_connection_t the
1105 : * controlling channel has been notified (e.g. with
1106 : * connection_or_notify_error()), or you actually are the
1107 : * connection_or_close_for_error() or connection_or_close_normally() function.
1108 : * For all other cases, use connection_mark_and_flush() which checks for
1109 : * or_connection_t properly, instead. See below.
1110 : *
1111 : * We want to keep this function simple and quick, since it can be called from
1112 : * quite deep in the call chain, and hence it should avoid having side-effects
1113 : * that interfere with its callers view of the connection.
1114 : */
1115 23 : MOCK_IMPL(void,
1116 : connection_mark_for_close_internal_, (connection_t *conn,
1117 : int line, const char *file))
1118 : {
1119 23 : assert_connection_ok(conn,0);
1120 23 : tor_assert(line);
1121 23 : tor_assert(line < 1<<16); /* marked_for_close can only fit a uint16_t. */
1122 23 : tor_assert(file);
1123 :
1124 23 : if (conn->marked_for_close) {
1125 0 : log_warn(LD_BUG,"Duplicate call to connection_mark_for_close at %s:%d"
1126 : " (first at %s:%d)", file, line, conn->marked_for_close_file,
1127 : conn->marked_for_close);
1128 0 : tor_fragile_assert();
1129 0 : return;
1130 : }
1131 :
1132 23 : if (conn->type == CONN_TYPE_OR) {
1133 : /*
1134 : * Bad news if this happens without telling the controlling channel; do
1135 : * this so we can find things that call this wrongly when the asserts hit.
1136 : */
1137 0 : log_debug(LD_CHANNEL,
1138 : "Calling connection_mark_for_close_internal_() on an OR conn "
1139 : "at %s:%d",
1140 : file, line);
1141 : }
1142 :
1143 23 : conn->marked_for_close = line;
1144 23 : conn->marked_for_close_file = file;
1145 23 : add_connection_to_closeable_list(conn);
1146 :
1147 : /* in case we're going to be held-open-til-flushed, reset
1148 : * the number of seconds since last successful write, so
1149 : * we get our whole 15 seconds */
1150 23 : conn->timestamp_last_write_allowed = time(NULL);
1151 : }
1152 :
1153 : /** Find each connection that has hold_open_until_flushed set to
1154 : * 1 but hasn't written in the past 15 seconds, and set
1155 : * hold_open_until_flushed to 0. This means it will get cleaned
1156 : * up in the next loop through close_if_marked() in main.c.
1157 : */
1158 : void
1159 0 : connection_expire_held_open(void)
1160 : {
1161 0 : time_t now;
1162 0 : smartlist_t *conns = get_connection_array();
1163 :
1164 0 : now = time(NULL);
1165 :
1166 0 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
1167 : /* If we've been holding the connection open, but we haven't written
1168 : * for 15 seconds...
1169 : */
1170 0 : if (conn->hold_open_until_flushed) {
1171 0 : tor_assert(conn->marked_for_close);
1172 0 : if (now - conn->timestamp_last_write_allowed >= 15) {
1173 0 : int severity;
1174 0 : if (conn->type == CONN_TYPE_EXIT ||
1175 0 : (conn->type == CONN_TYPE_DIR &&
1176 : conn->purpose == DIR_PURPOSE_SERVER))
1177 : severity = LOG_INFO;
1178 : else
1179 0 : severity = LOG_NOTICE;
1180 0 : log_fn(severity, LD_NET,
1181 : "Giving up on marked_for_close conn that's been flushing "
1182 : "for 15s (fd %d, type %s, state %s).",
1183 : (int)conn->s, conn_type_to_string(conn->type),
1184 : conn_state_to_string(conn->type, conn->state));
1185 0 : conn->hold_open_until_flushed = 0;
1186 : }
1187 : }
1188 0 : } SMARTLIST_FOREACH_END(conn);
1189 0 : }
1190 :
1191 : #if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)
1192 : /** Create an AF_UNIX listenaddr struct.
1193 : * <b>listenaddress</b> provides the path to the Unix socket.
1194 : *
1195 : * Eventually <b>listenaddress</b> will also optionally contain user, group,
1196 : * and file permissions for the new socket. But not yet. XXX
1197 : * Also, since we do not create the socket here the information doesn't help
1198 : * here.
1199 : *
1200 : * If not NULL <b>readable_address</b> will contain a copy of the path part of
1201 : * <b>listenaddress</b>.
1202 : *
1203 : * The listenaddr struct has to be freed by the caller.
1204 : */
1205 : static struct sockaddr_un *
1206 0 : create_unix_sockaddr(const char *listenaddress, char **readable_address,
1207 : socklen_t *len_out)
1208 : {
1209 0 : struct sockaddr_un *sockaddr = NULL;
1210 :
1211 0 : sockaddr = tor_malloc_zero(sizeof(struct sockaddr_un));
1212 0 : sockaddr->sun_family = AF_UNIX;
1213 0 : if (strlcpy(sockaddr->sun_path, listenaddress, sizeof(sockaddr->sun_path))
1214 : >= sizeof(sockaddr->sun_path)) {
1215 0 : log_warn(LD_CONFIG, "Unix socket path '%s' is too long to fit.",
1216 : escaped(listenaddress));
1217 0 : tor_free(sockaddr);
1218 0 : return NULL;
1219 : }
1220 :
1221 0 : if (readable_address)
1222 0 : *readable_address = tor_strdup(listenaddress);
1223 :
1224 0 : *len_out = sizeof(struct sockaddr_un);
1225 0 : return sockaddr;
1226 : }
1227 : #else /* !(defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)) */
1228 : static struct sockaddr *
1229 : create_unix_sockaddr(const char *listenaddress, char **readable_address,
1230 : socklen_t *len_out)
1231 : {
1232 : (void)listenaddress;
1233 : (void)readable_address;
1234 : log_fn(LOG_ERR, LD_BUG,
1235 : "Unix domain sockets not supported, yet we tried to create one.");
1236 : *len_out = 0;
1237 : tor_fragile_assert();
1238 : return NULL;
1239 : }
1240 : #endif /* defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN) */
1241 :
1242 : /**
1243 : * A socket failed from resource exhaustion.
1244 : *
1245 : * Among other actions, warn that an accept or a connect has failed because
1246 : * we're running out of TCP sockets we can use on current system. Rate-limit
1247 : * these warnings so that we don't spam the log. */
1248 : static void
1249 0 : socket_failed_from_resource_exhaustion(void)
1250 : {
1251 : /* When we get to this point we know that a socket could not be
1252 : * established. However the kernel does not let us know whether the reason is
1253 : * because we ran out of TCP source ports, or because we exhausted all the
1254 : * FDs on this system, or for any other reason.
1255 : *
1256 : * For this reason, we are going to use the following heuristic: If our
1257 : * system supports a lot of sockets, we will assume that it's a problem of
1258 : * TCP port exhaustion. Otherwise, if our system does not support many
1259 : * sockets, we will assume that this is because of file descriptor
1260 : * exhaustion.
1261 : */
1262 0 : if (get_max_sockets() > 65535) {
1263 : /* TCP port exhaustion */
1264 0 : rep_hist_note_tcp_exhaustion();
1265 : } else {
1266 : /* File descriptor exhaustion */
1267 0 : rep_hist_note_overload(OVERLOAD_FD_EXHAUSTED);
1268 : }
1269 :
1270 : #define WARN_TOO_MANY_CONNS_INTERVAL (6*60*60)
1271 0 : static ratelim_t last_warned = RATELIM_INIT(WARN_TOO_MANY_CONNS_INTERVAL);
1272 0 : char *m;
1273 0 : if ((m = rate_limit_log(&last_warned, approx_time()))) {
1274 0 : int n_conns = get_n_open_sockets();
1275 0 : log_warn(LD_NET,"Failing because we have %d connections already. Please "
1276 : "read doc/TUNING for guidance.%s", n_conns, m);
1277 0 : tor_free(m);
1278 0 : control_event_general_status(LOG_WARN, "TOO_MANY_CONNECTIONS CURRENT=%d",
1279 : n_conns);
1280 : }
1281 0 : }
1282 :
1283 : #ifdef HAVE_SYS_UN_H
1284 :
1285 : #define UNIX_SOCKET_PURPOSE_CONTROL_SOCKET 0
1286 : #define UNIX_SOCKET_PURPOSE_SOCKS_SOCKET 1
1287 :
1288 : /** Check if the purpose isn't one of the ones we know what to do with */
1289 :
1290 : static int
1291 0 : is_valid_unix_socket_purpose(int purpose)
1292 : {
1293 0 : int valid = 0;
1294 :
1295 0 : switch (purpose) {
1296 0 : case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1297 : case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1298 0 : valid = 1;
1299 0 : break;
1300 : }
1301 :
1302 0 : return valid;
1303 : }
1304 :
1305 : /** Return a string description of a unix socket purpose */
1306 : static const char *
1307 0 : unix_socket_purpose_to_string(int purpose)
1308 : {
1309 0 : const char *s = "unknown-purpose socket";
1310 :
1311 0 : switch (purpose) {
1312 0 : case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1313 0 : s = "control socket";
1314 0 : break;
1315 0 : case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1316 0 : s = "SOCKS socket";
1317 0 : break;
1318 : }
1319 :
1320 0 : return s;
1321 : }
1322 :
1323 : /** Check whether we should be willing to open an AF_UNIX socket in
1324 : * <b>path</b>. Return 0 if we should go ahead and -1 if we shouldn't. */
1325 : static int
1326 0 : check_location_for_unix_socket(const or_options_t *options, const char *path,
1327 : int purpose, const port_cfg_t *port)
1328 : {
1329 0 : int r = -1;
1330 0 : char *p = NULL;
1331 :
1332 0 : tor_assert(is_valid_unix_socket_purpose(purpose));
1333 :
1334 0 : p = tor_strdup(path);
1335 0 : cpd_check_t flags = CPD_CHECK_MODE_ONLY;
1336 0 : if (get_parent_directory(p)<0 || p[0] != '/') {
1337 0 : log_warn(LD_GENERAL, "Bad unix socket address '%s'. Tor does not support "
1338 : "relative paths for unix sockets.", path);
1339 0 : goto done;
1340 : }
1341 :
1342 0 : if (port->is_world_writable) {
1343 : /* World-writable sockets can go anywhere. */
1344 0 : r = 0;
1345 0 : goto done;
1346 : }
1347 :
1348 0 : if (port->is_group_writable) {
1349 0 : flags |= CPD_GROUP_OK;
1350 : }
1351 :
1352 0 : if (port->relax_dirmode_check) {
1353 0 : flags |= CPD_RELAX_DIRMODE_CHECK;
1354 : }
1355 :
1356 0 : if (check_private_dir(p, flags, options->User) < 0) {
1357 0 : char *escpath, *escdir;
1358 0 : escpath = esc_for_log(path);
1359 0 : escdir = esc_for_log(p);
1360 0 : log_warn(LD_GENERAL, "Before Tor can create a %s in %s, the directory "
1361 : "%s needs to exist, and to be accessible only by the user%s "
1362 : "account that is running Tor. (On some Unix systems, anybody "
1363 : "who can list a socket can connect to it, so Tor is being "
1364 : "careful.)",
1365 : unix_socket_purpose_to_string(purpose), escpath, escdir,
1366 : port->is_group_writable ? " and group" : "");
1367 0 : tor_free(escpath);
1368 0 : tor_free(escdir);
1369 0 : goto done;
1370 : }
1371 :
1372 : r = 0;
1373 0 : done:
1374 0 : tor_free(p);
1375 0 : return r;
1376 : }
1377 : #endif /* defined(HAVE_SYS_UN_H) */
1378 :
1379 : /** Tell the TCP stack that it shouldn't wait for a long time after
1380 : * <b>sock</b> has closed before reusing its port. Return 0 on success,
1381 : * -1 on failure. */
1382 : static int
1383 0 : make_socket_reuseable(tor_socket_t sock)
1384 : {
1385 : #ifdef _WIN32
1386 : (void) sock;
1387 : return 0;
1388 : #else
1389 0 : int one=1;
1390 :
1391 : /* REUSEADDR on normal places means you can rebind to the port
1392 : * right after somebody else has let it go. But REUSEADDR on win32
1393 : * means you can bind to the port _even when somebody else
1394 : * already has it bound_. So, don't do that on Win32. */
1395 0 : if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &one,
1396 : (socklen_t)sizeof(one)) == -1) {
1397 0 : return -1;
1398 : }
1399 : return 0;
1400 : #endif /* defined(_WIN32) */
1401 : }
1402 :
1403 : #ifdef _WIN32
1404 : /** Tell the Windows TCP stack to prevent other applications from receiving
1405 : * traffic from tor's open ports. Return 0 on success, -1 on failure. */
1406 : static int
1407 : make_win32_socket_exclusive(tor_socket_t sock)
1408 : {
1409 : #ifdef SO_EXCLUSIVEADDRUSE
1410 : int one=1;
1411 :
1412 : /* Any socket that sets REUSEADDR on win32 can bind to a port _even when
1413 : * somebody else already has it bound_, and _even if the original socket
1414 : * didn't set REUSEADDR_. Use EXCLUSIVEADDRUSE to prevent this port-stealing
1415 : * on win32. */
1416 : if (setsockopt(sock, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, (void*) &one,
1417 : (socklen_t)sizeof(one))) {
1418 : return -1;
1419 : }
1420 : return 0;
1421 : #else /* !defined(SO_EXCLUSIVEADDRUSE) */
1422 : (void) sock;
1423 : return 0;
1424 : #endif /* defined(SO_EXCLUSIVEADDRUSE) */
1425 : }
1426 : #endif /* defined(_WIN32) */
1427 :
1428 : /** Max backlog to pass to listen. We start at */
1429 : static int listen_limit = INT_MAX;
1430 :
1431 : /* Listen on <b>fd</b> with appropriate backlog. Return as for listen. */
1432 : static int
1433 0 : tor_listen(tor_socket_t fd)
1434 : {
1435 0 : int r;
1436 :
1437 0 : if ((r = listen(fd, listen_limit)) < 0) {
1438 0 : if (listen_limit == SOMAXCONN)
1439 : return r;
1440 0 : if ((r = listen(fd, SOMAXCONN)) == 0) {
1441 0 : listen_limit = SOMAXCONN;
1442 0 : log_warn(LD_NET, "Setting listen backlog to INT_MAX connections "
1443 : "didn't work, but SOMAXCONN did. Lowering backlog limit.");
1444 : }
1445 : }
1446 : return r;
1447 : }
1448 :
1449 : /** Bind a new non-blocking socket listening to the socket described
1450 : * by <b>listensockaddr</b>.
1451 : *
1452 : * <b>address</b> is only used for logging purposes and to add the information
1453 : * to the conn.
1454 : *
1455 : * Set <b>addr_in_use</b> to true in case socket binding fails with
1456 : * EADDRINUSE.
1457 : */
1458 : static connection_t *
1459 0 : connection_listener_new(const struct sockaddr *listensockaddr,
1460 : socklen_t socklen,
1461 : int type, const char *address,
1462 : const port_cfg_t *port_cfg,
1463 : int *addr_in_use)
1464 : {
1465 0 : listener_connection_t *lis_conn;
1466 0 : connection_t *conn = NULL;
1467 0 : tor_socket_t s = TOR_INVALID_SOCKET; /* the socket we're going to make */
1468 0 : or_options_t const *options = get_options();
1469 0 : (void) options; /* Windows doesn't use this. */
1470 : #if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
1471 0 : const struct passwd *pw = NULL;
1472 : #endif
1473 0 : uint16_t usePort = 0, gotPort = 0;
1474 0 : int start_reading = 0;
1475 0 : static int global_next_session_group = SESSION_GROUP_FIRST_AUTO;
1476 0 : tor_addr_t addr;
1477 0 : int exhaustion = 0;
1478 :
1479 0 : if (addr_in_use)
1480 0 : *addr_in_use = 0;
1481 :
1482 0 : if (listensockaddr->sa_family == AF_INET ||
1483 : listensockaddr->sa_family == AF_INET6) {
1484 0 : int is_stream = (type != CONN_TYPE_AP_DNS_LISTENER);
1485 0 : if (is_stream)
1486 0 : start_reading = 1;
1487 :
1488 0 : tor_addr_from_sockaddr(&addr, listensockaddr, &usePort);
1489 0 : log_notice(LD_NET, "Opening %s on %s",
1490 : conn_type_to_string(type), fmt_addrport(&addr, usePort));
1491 :
1492 0 : s = tor_open_socket_nonblocking(tor_addr_family(&addr),
1493 : is_stream ? SOCK_STREAM : SOCK_DGRAM,
1494 : is_stream ? IPPROTO_TCP: IPPROTO_UDP);
1495 0 : if (!SOCKET_OK(s)) {
1496 0 : int e = tor_socket_errno(s);
1497 0 : if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1498 0 : socket_failed_from_resource_exhaustion();
1499 : /*
1500 : * We'll call the OOS handler at the error exit, so set the
1501 : * exhaustion flag for it.
1502 : */
1503 0 : exhaustion = 1;
1504 : } else {
1505 0 : log_warn(LD_NET, "Socket creation failed: %s",
1506 : tor_socket_strerror(e));
1507 : }
1508 0 : goto err;
1509 : }
1510 :
1511 0 : if (make_socket_reuseable(s) < 0) {
1512 0 : log_warn(LD_NET, "Error setting SO_REUSEADDR flag on %s: %s",
1513 : conn_type_to_string(type),
1514 : tor_socket_strerror(errno));
1515 : }
1516 :
1517 : #ifdef _WIN32
1518 : if (make_win32_socket_exclusive(s) < 0) {
1519 : log_warn(LD_NET, "Error setting SO_EXCLUSIVEADDRUSE flag on %s: %s",
1520 : conn_type_to_string(type),
1521 : tor_socket_strerror(errno));
1522 : }
1523 : #endif /* defined(_WIN32) */
1524 :
1525 : #if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
1526 0 : if (options->TransProxyType_parsed == TPT_TPROXY &&
1527 : type == CONN_TYPE_AP_TRANS_LISTENER) {
1528 0 : int one = 1;
1529 0 : if (setsockopt(s, SOL_IP, IP_TRANSPARENT, (void*)&one,
1530 : (socklen_t)sizeof(one)) < 0) {
1531 0 : const char *extra = "";
1532 0 : int e = tor_socket_errno(s);
1533 0 : if (e == EPERM)
1534 0 : extra = "TransTPROXY requires root privileges or similar"
1535 : " capabilities.";
1536 0 : log_warn(LD_NET, "Error setting IP_TRANSPARENT flag: %s.%s",
1537 : tor_socket_strerror(e), extra);
1538 : }
1539 : }
1540 : #endif /* defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT) */
1541 :
1542 : #ifdef IPV6_V6ONLY
1543 0 : if (listensockaddr->sa_family == AF_INET6) {
1544 0 : int one = 1;
1545 : /* We need to set IPV6_V6ONLY so that this socket can't get used for
1546 : * IPv4 connections. */
1547 0 : if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY,
1548 : (void*)&one, (socklen_t)sizeof(one)) < 0) {
1549 0 : int e = tor_socket_errno(s);
1550 0 : log_warn(LD_NET, "Error setting IPV6_V6ONLY flag: %s",
1551 : tor_socket_strerror(e));
1552 : /* Keep going; probably not harmful. */
1553 : }
1554 : }
1555 : #endif /* defined(IPV6_V6ONLY) */
1556 :
1557 0 : if (bind(s,listensockaddr,socklen) < 0) {
1558 0 : const char *helpfulhint = "";
1559 0 : int e = tor_socket_errno(s);
1560 0 : if (ERRNO_IS_EADDRINUSE(e)) {
1561 0 : helpfulhint = ". Is Tor already running?";
1562 0 : if (addr_in_use)
1563 0 : *addr_in_use = 1;
1564 : }
1565 0 : log_warn(LD_NET, "Could not bind to %s:%u: %s%s", address, usePort,
1566 : tor_socket_strerror(e), helpfulhint);
1567 0 : goto err;
1568 : }
1569 :
1570 0 : if (is_stream) {
1571 0 : if (tor_listen(s) < 0) {
1572 0 : log_warn(LD_NET, "Could not listen on %s:%u: %s", address, usePort,
1573 : tor_socket_strerror(tor_socket_errno(s)));
1574 0 : goto err;
1575 : }
1576 : }
1577 :
1578 0 : if (usePort != 0) {
1579 0 : gotPort = usePort;
1580 : } else {
1581 0 : tor_addr_t addr2;
1582 0 : struct sockaddr_storage ss;
1583 0 : socklen_t ss_len=sizeof(ss);
1584 0 : if (getsockname(s, (struct sockaddr*)&ss, &ss_len)<0) {
1585 0 : log_warn(LD_NET, "getsockname() couldn't learn address for %s: %s",
1586 : conn_type_to_string(type),
1587 : tor_socket_strerror(tor_socket_errno(s)));
1588 0 : gotPort = 0;
1589 : }
1590 0 : tor_addr_from_sockaddr(&addr2, (struct sockaddr*)&ss, &gotPort);
1591 : }
1592 : #ifdef HAVE_SYS_UN_H
1593 : /*
1594 : * AF_UNIX generic setup stuff
1595 : */
1596 0 : } else if (listensockaddr->sa_family == AF_UNIX) {
1597 : /* We want to start reading for both AF_UNIX cases */
1598 0 : start_reading = 1;
1599 :
1600 0 : tor_assert(conn_listener_type_supports_af_unix(type));
1601 :
1602 0 : if (check_location_for_unix_socket(options, address,
1603 : (type == CONN_TYPE_CONTROL_LISTENER) ?
1604 : UNIX_SOCKET_PURPOSE_CONTROL_SOCKET :
1605 : UNIX_SOCKET_PURPOSE_SOCKS_SOCKET, port_cfg) < 0) {
1606 0 : goto err;
1607 : }
1608 :
1609 0 : log_notice(LD_NET, "Opening %s on %s",
1610 : conn_type_to_string(type), address);
1611 :
1612 0 : tor_addr_make_unspec(&addr);
1613 :
1614 0 : if (unlink(address) < 0 && errno != ENOENT) {
1615 0 : log_warn(LD_NET, "Could not unlink %s: %s", address,
1616 : strerror(errno));
1617 0 : goto err;
1618 : }
1619 :
1620 0 : s = tor_open_socket_nonblocking(AF_UNIX, SOCK_STREAM, 0);
1621 0 : if (! SOCKET_OK(s)) {
1622 0 : int e = tor_socket_errno(s);
1623 0 : if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1624 0 : socket_failed_from_resource_exhaustion();
1625 : /*
1626 : * We'll call the OOS handler at the error exit, so set the
1627 : * exhaustion flag for it.
1628 : */
1629 0 : exhaustion = 1;
1630 : } else {
1631 0 : log_warn(LD_NET,"Socket creation failed: %s.", strerror(e));
1632 : }
1633 0 : goto err;
1634 : }
1635 :
1636 0 : if (bind(s, listensockaddr,
1637 : (socklen_t)sizeof(struct sockaddr_un)) == -1) {
1638 0 : log_warn(LD_NET,"Bind to %s failed: %s.", address,
1639 : tor_socket_strerror(tor_socket_errno(s)));
1640 0 : goto err;
1641 : }
1642 :
1643 : #ifdef HAVE_PWD_H
1644 0 : if (options->User) {
1645 0 : pw = tor_getpwnam(options->User);
1646 0 : struct stat st;
1647 0 : if (pw == NULL) {
1648 0 : log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.",
1649 : address, options->User);
1650 0 : goto err;
1651 0 : } else if (fstat(s, &st) == 0 &&
1652 0 : st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
1653 : /* No change needed */
1654 0 : } else if (chown(sandbox_intern_string(address),
1655 0 : pw->pw_uid, pw->pw_gid) < 0) {
1656 0 : log_warn(LD_NET,"Unable to chown() %s socket: %s.",
1657 : address, strerror(errno));
1658 0 : goto err;
1659 : }
1660 : }
1661 : #endif /* defined(HAVE_PWD_H) */
1662 :
1663 : {
1664 0 : unsigned mode;
1665 0 : const char *status;
1666 0 : struct stat st;
1667 0 : if (port_cfg->is_world_writable) {
1668 : mode = 0666;
1669 : status = "world-writable";
1670 0 : } else if (port_cfg->is_group_writable) {
1671 : mode = 0660;
1672 : status = "group-writable";
1673 : } else {
1674 0 : mode = 0600;
1675 0 : status = "private";
1676 : }
1677 : /* We need to use chmod; fchmod doesn't work on sockets on all
1678 : * platforms. */
1679 0 : if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
1680 : /* no change needed */
1681 0 : } else if (chmod(sandbox_intern_string(address), mode) < 0) {
1682 0 : log_warn(LD_FS,"Unable to make %s %s.", address, status);
1683 0 : goto err;
1684 : }
1685 : }
1686 :
1687 0 : if (listen(s, SOMAXCONN) < 0) {
1688 0 : log_warn(LD_NET, "Could not listen on %s: %s", address,
1689 : tor_socket_strerror(tor_socket_errno(s)));
1690 0 : goto err;
1691 : }
1692 :
1693 : #ifndef __APPLE__
1694 : /* This code was introduced to help debug #28229. */
1695 0 : int value;
1696 0 : socklen_t len = sizeof(value);
1697 :
1698 0 : if (!getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN, &value, &len)) {
1699 0 : if (value == 0) {
1700 0 : log_err(LD_NET, "Could not listen on %s - "
1701 : "getsockopt(.,SO_ACCEPTCONN,.) yields 0.", address);
1702 0 : goto err;
1703 : }
1704 : }
1705 : #endif /* !defined(__APPLE__) */
1706 : #endif /* defined(HAVE_SYS_UN_H) */
1707 : } else {
1708 0 : log_err(LD_BUG, "Got unexpected address family %d.",
1709 : listensockaddr->sa_family);
1710 0 : tor_assert(0);
1711 : }
1712 :
1713 0 : lis_conn = listener_connection_new(type, listensockaddr->sa_family);
1714 0 : conn = TO_CONN(lis_conn);
1715 0 : conn->socket_family = listensockaddr->sa_family;
1716 0 : conn->s = s;
1717 0 : s = TOR_INVALID_SOCKET; /* Prevent double-close */
1718 0 : conn->address = tor_strdup(address);
1719 0 : conn->port = gotPort;
1720 0 : tor_addr_copy(&conn->addr, &addr);
1721 :
1722 0 : memcpy(&lis_conn->entry_cfg, &port_cfg->entry_cfg, sizeof(entry_port_cfg_t));
1723 :
1724 0 : if (port_cfg->entry_cfg.isolation_flags) {
1725 0 : lis_conn->entry_cfg.isolation_flags = port_cfg->entry_cfg.isolation_flags;
1726 0 : if (port_cfg->entry_cfg.session_group >= 0) {
1727 0 : lis_conn->entry_cfg.session_group = port_cfg->entry_cfg.session_group;
1728 : } else {
1729 : /* This can wrap after around INT_MAX listeners are opened. But I don't
1730 : * believe that matters, since you would need to open a ridiculous
1731 : * number of listeners while keeping the early ones open before you ever
1732 : * hit this. An OR with a dozen ports open, for example, would have to
1733 : * close and re-open its listeners every second for 4 years nonstop.
1734 : */
1735 0 : lis_conn->entry_cfg.session_group = global_next_session_group--;
1736 : }
1737 : }
1738 :
1739 0 : if (connection_add(conn) < 0) { /* no space, forget it */
1740 0 : log_warn(LD_NET,"connection_add for listener failed. Giving up.");
1741 0 : goto err;
1742 : }
1743 :
1744 0 : log_fn(usePort==gotPort ? LOG_DEBUG : LOG_NOTICE, LD_NET,
1745 : "%s listening on port %u.",
1746 : conn_type_to_string(type), gotPort);
1747 :
1748 0 : conn->state = LISTENER_STATE_READY;
1749 0 : if (start_reading) {
1750 0 : connection_start_reading(conn);
1751 : } else {
1752 0 : tor_assert(type == CONN_TYPE_AP_DNS_LISTENER);
1753 0 : dnsserv_configure_listener(conn);
1754 : }
1755 :
1756 : /*
1757 : * Normal exit; call the OOS handler since connection count just changed;
1758 : * the exhaustion flag will always be zero here though.
1759 : */
1760 0 : connection_check_oos(get_n_open_sockets(), 0);
1761 :
1762 0 : log_notice(LD_NET, "Opened %s", connection_describe(conn));
1763 :
1764 0 : return conn;
1765 :
1766 0 : err:
1767 0 : if (SOCKET_OK(s))
1768 0 : tor_close_socket(s);
1769 0 : if (conn)
1770 0 : connection_free(conn);
1771 :
1772 : /* Call the OOS handler, indicate if we saw an exhaustion-related error */
1773 0 : connection_check_oos(get_n_open_sockets(), exhaustion);
1774 :
1775 0 : return NULL;
1776 : }
1777 :
1778 : /**
1779 : * Create a new listener connection for a given <b>port</b>. In case we
1780 : * for a reason that is not an error condition, set <b>defer</b>
1781 : * to true. If we cannot bind listening socket because address is already
1782 : * in use, set <b>addr_in_use</b> to true.
1783 : */
1784 : static connection_t *
1785 0 : connection_listener_new_for_port(const port_cfg_t *port,
1786 : int *defer, int *addr_in_use)
1787 : {
1788 0 : connection_t *conn;
1789 0 : struct sockaddr *listensockaddr;
1790 0 : socklen_t listensocklen = 0;
1791 0 : char *address=NULL;
1792 0 : int real_port = port->port == CFG_AUTO_PORT ? 0 : port->port;
1793 0 : tor_assert(real_port <= UINT16_MAX);
1794 :
1795 0 : if (defer)
1796 0 : *defer = 0;
1797 :
1798 0 : if (port->server_cfg.no_listen) {
1799 0 : if (defer)
1800 0 : *defer = 1;
1801 0 : return NULL;
1802 : }
1803 :
1804 : #ifndef _WIN32
1805 : /* We don't need to be root to create a UNIX socket, so defer until after
1806 : * setuid. */
1807 0 : const or_options_t *options = get_options();
1808 0 : if (port->is_unix_addr && !geteuid() && (options->User) &&
1809 0 : strcmp(options->User, "root")) {
1810 0 : if (defer)
1811 0 : *defer = 1;
1812 0 : return NULL;
1813 : }
1814 : #endif /* !defined(_WIN32) */
1815 :
1816 0 : if (port->is_unix_addr) {
1817 0 : listensockaddr = (struct sockaddr *)
1818 0 : create_unix_sockaddr(port->unix_addr,
1819 : &address, &listensocklen);
1820 : } else {
1821 0 : listensockaddr = tor_malloc(sizeof(struct sockaddr_storage));
1822 0 : listensocklen = tor_addr_to_sockaddr(&port->addr,
1823 : real_port,
1824 : listensockaddr,
1825 : sizeof(struct sockaddr_storage));
1826 0 : address = tor_addr_to_str_dup(&port->addr);
1827 : }
1828 :
1829 0 : if (listensockaddr) {
1830 0 : conn = connection_listener_new(listensockaddr, listensocklen,
1831 0 : port->type, address, port,
1832 : addr_in_use);
1833 0 : tor_free(listensockaddr);
1834 0 : tor_free(address);
1835 : } else {
1836 : conn = NULL;
1837 : }
1838 :
1839 : return conn;
1840 : }
1841 :
1842 : /** Do basic sanity checking on a newly received socket. Return 0
1843 : * if it looks ok, else return -1.
1844 : *
1845 : * Notably, some TCP stacks can erroneously have accept() return successfully
1846 : * with socklen 0, when the client sends an RST before the accept call (as
1847 : * nmap does). We want to detect that, and not go on with the connection.
1848 : */
1849 : static int
1850 0 : check_sockaddr(const struct sockaddr *sa, int len, int level)
1851 : {
1852 0 : int ok = 1;
1853 :
1854 0 : if (sa->sa_family == AF_INET) {
1855 0 : struct sockaddr_in *sin=(struct sockaddr_in*)sa;
1856 0 : if (len != sizeof(struct sockaddr_in)) {
1857 0 : log_fn(level, LD_NET, "Length of address not as expected: %d vs %d",
1858 : len,(int)sizeof(struct sockaddr_in));
1859 0 : ok = 0;
1860 : }
1861 0 : if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
1862 0 : log_fn(level, LD_NET,
1863 : "Address for new connection has address/port equal to zero.");
1864 0 : ok = 0;
1865 : }
1866 0 : } else if (sa->sa_family == AF_INET6) {
1867 0 : struct sockaddr_in6 *sin6=(struct sockaddr_in6*)sa;
1868 0 : if (len != sizeof(struct sockaddr_in6)) {
1869 0 : log_fn(level, LD_NET, "Length of address not as expected: %d vs %d",
1870 : len,(int)sizeof(struct sockaddr_in6));
1871 0 : ok = 0;
1872 : }
1873 0 : if (fast_mem_is_zero((void*)sin6->sin6_addr.s6_addr, 16) ||
1874 0 : sin6->sin6_port == 0) {
1875 0 : log_fn(level, LD_NET,
1876 : "Address for new connection has address/port equal to zero.");
1877 0 : ok = 0;
1878 : }
1879 0 : } else if (sa->sa_family == AF_UNIX) {
1880 : ok = 1;
1881 : } else {
1882 : ok = 0;
1883 : }
1884 0 : return ok ? 0 : -1;
1885 : }
1886 :
1887 : /** Check whether the socket family from an accepted socket <b>got</b> is the
1888 : * same as the one that <b>listener</b> is waiting for. If it isn't, log
1889 : * a useful message and return -1. Else return 0.
1890 : *
1891 : * This is annoying, but can apparently happen on some Darwins. */
1892 : static int
1893 0 : check_sockaddr_family_match(sa_family_t got, connection_t *listener)
1894 : {
1895 0 : if (got != listener->socket_family) {
1896 0 : log_info(LD_BUG, "A listener connection returned a socket with a "
1897 : "mismatched family. %s for addr_family %d gave us a socket "
1898 : "with address family %d. Dropping.",
1899 : conn_type_to_string(listener->type),
1900 : (int)listener->socket_family,
1901 : (int)got);
1902 0 : return -1;
1903 : }
1904 : return 0;
1905 : }
1906 :
1907 : /** The listener connection <b>conn</b> told poll() it wanted to read.
1908 : * Call accept() on conn-\>s, and add the new connection if necessary.
1909 : */
1910 : static int
1911 0 : connection_handle_listener_read(connection_t *conn, int new_type)
1912 : {
1913 0 : tor_socket_t news; /* the new socket */
1914 0 : connection_t *newconn = 0;
1915 : /* information about the remote peer when connecting to other routers */
1916 0 : struct sockaddr_storage addrbuf;
1917 0 : struct sockaddr *remote = (struct sockaddr*)&addrbuf;
1918 : /* length of the remote address. Must be whatever accept() needs. */
1919 0 : socklen_t remotelen = (socklen_t)sizeof(addrbuf);
1920 0 : const or_options_t *options = get_options();
1921 :
1922 0 : tor_assert((size_t)remotelen >= sizeof(struct sockaddr_in));
1923 0 : memset(&addrbuf, 0, sizeof(addrbuf));
1924 :
1925 0 : news = tor_accept_socket_nonblocking(conn->s,remote,&remotelen);
1926 0 : if (!SOCKET_OK(news)) { /* accept() error */
1927 0 : int e = tor_socket_errno(conn->s);
1928 0 : if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
1929 : /*
1930 : * they hung up before we could accept(). that's fine.
1931 : *
1932 : * give the OOS handler a chance to run though
1933 : */
1934 0 : connection_check_oos(get_n_open_sockets(), 0);
1935 0 : return 0;
1936 0 : } else if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1937 0 : socket_failed_from_resource_exhaustion();
1938 : /* Exhaustion; tell the OOS handler */
1939 0 : connection_check_oos(get_n_open_sockets(), 1);
1940 0 : return 0;
1941 : }
1942 : /* else there was a real error. */
1943 0 : log_warn(LD_NET,"accept() failed: %s. Closing listener.",
1944 : tor_socket_strerror(e));
1945 0 : connection_mark_for_close(conn);
1946 : /* Tell the OOS handler about this too */
1947 0 : connection_check_oos(get_n_open_sockets(), 0);
1948 0 : return -1;
1949 : }
1950 0 : log_debug(LD_NET,
1951 : "Connection accepted on socket %d (child of fd %d).",
1952 : (int)news,(int)conn->s);
1953 :
1954 : /* We accepted a new conn; run OOS handler */
1955 0 : connection_check_oos(get_n_open_sockets(), 0);
1956 :
1957 0 : if (make_socket_reuseable(news) < 0) {
1958 0 : if (tor_socket_errno(news) == EINVAL) {
1959 : /* This can happen on OSX if we get a badly timed shutdown. */
1960 0 : log_debug(LD_NET, "make_socket_reuseable returned EINVAL");
1961 : } else {
1962 0 : log_warn(LD_NET, "Error setting SO_REUSEADDR flag on %s: %s",
1963 : conn_type_to_string(new_type),
1964 : tor_socket_strerror(errno));
1965 : }
1966 0 : tor_close_socket(news);
1967 0 : return 0;
1968 : }
1969 :
1970 0 : if (options->ConstrainedSockets)
1971 0 : set_constrained_socket_buffers(news, (int)options->ConstrainedSockSize);
1972 :
1973 0 : if (check_sockaddr_family_match(remote->sa_family, conn) < 0) {
1974 0 : tor_close_socket(news);
1975 0 : return 0;
1976 : }
1977 :
1978 0 : if (conn->socket_family == AF_INET || conn->socket_family == AF_INET6 ||
1979 0 : (conn->socket_family == AF_UNIX && new_type == CONN_TYPE_AP)) {
1980 0 : tor_addr_t addr;
1981 0 : uint16_t port;
1982 0 : if (check_sockaddr(remote, remotelen, LOG_INFO)<0) {
1983 0 : log_info(LD_NET,
1984 : "accept() returned a strange address; closing connection.");
1985 0 : tor_close_socket(news);
1986 0 : return 0;
1987 : }
1988 :
1989 0 : tor_addr_from_sockaddr(&addr, remote, &port);
1990 :
1991 : /* process entrance policies here, before we even create the connection */
1992 0 : if (new_type == CONN_TYPE_AP) {
1993 : /* check sockspolicy to see if we should accept it */
1994 0 : if (socks_policy_permits_address(&addr) == 0) {
1995 0 : log_notice(LD_APP,
1996 : "Denying socks connection from untrusted address %s.",
1997 : fmt_and_decorate_addr(&addr));
1998 0 : tor_close_socket(news);
1999 0 : return 0;
2000 : }
2001 : }
2002 0 : if (new_type == CONN_TYPE_DIR) {
2003 : /* check dirpolicy to see if we should accept it */
2004 0 : if (dir_policy_permits_address(&addr) == 0) {
2005 0 : log_notice(LD_DIRSERV,"Denying dir connection from address %s.",
2006 : fmt_and_decorate_addr(&addr));
2007 0 : tor_close_socket(news);
2008 0 : return 0;
2009 : }
2010 : }
2011 0 : if (new_type == CONN_TYPE_OR) {
2012 : /* Assess with the connection DoS mitigation subsystem if this address
2013 : * can open a new connection. */
2014 0 : if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
2015 0 : tor_close_socket(news);
2016 0 : return 0;
2017 : }
2018 : }
2019 :
2020 0 : newconn = connection_new(new_type, conn->socket_family);
2021 0 : newconn->s = news;
2022 :
2023 : /* remember the remote address */
2024 0 : tor_addr_copy(&newconn->addr, &addr);
2025 0 : if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
2026 0 : newconn->port = 0;
2027 0 : newconn->address = tor_strdup(conn->address);
2028 : } else {
2029 0 : newconn->port = port;
2030 0 : newconn->address = tor_addr_to_str_dup(&addr);
2031 : }
2032 :
2033 0 : if (new_type == CONN_TYPE_AP && conn->socket_family != AF_UNIX) {
2034 0 : log_info(LD_NET, "New SOCKS connection opened from %s.",
2035 : fmt_and_decorate_addr(&addr));
2036 : }
2037 0 : if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
2038 0 : log_info(LD_NET, "New SOCKS AF_UNIX connection opened");
2039 : }
2040 0 : if (new_type == CONN_TYPE_CONTROL) {
2041 0 : log_notice(LD_CONTROL, "New control connection opened from %s.",
2042 : fmt_and_decorate_addr(&addr));
2043 : }
2044 0 : if (new_type == CONN_TYPE_METRICS) {
2045 0 : log_info(LD_CONTROL, "New metrics connection opened from %s.",
2046 : fmt_and_decorate_addr(&addr));
2047 : }
2048 :
2049 0 : } else if (conn->socket_family == AF_UNIX && conn->type != CONN_TYPE_AP) {
2050 0 : tor_assert(conn->type == CONN_TYPE_CONTROL_LISTENER);
2051 0 : tor_assert(new_type == CONN_TYPE_CONTROL);
2052 0 : log_notice(LD_CONTROL, "New control connection opened.");
2053 :
2054 0 : newconn = connection_new(new_type, conn->socket_family);
2055 0 : newconn->s = news;
2056 :
2057 : /* remember the remote address -- do we have anything sane to put here? */
2058 0 : tor_addr_make_unspec(&newconn->addr);
2059 0 : newconn->port = 1;
2060 0 : newconn->address = tor_strdup(conn->address);
2061 : } else {
2062 0 : tor_assert(0);
2063 0 : };
2064 :
2065 0 : if (connection_add(newconn) < 0) { /* no space, forget it */
2066 0 : connection_free(newconn);
2067 0 : return 0; /* no need to tear down the parent */
2068 : }
2069 :
2070 0 : if (connection_init_accepted_conn(newconn, TO_LISTENER_CONN(conn)) < 0) {
2071 0 : if (! newconn->marked_for_close)
2072 0 : connection_mark_for_close(newconn);
2073 0 : return 0;
2074 : }
2075 :
2076 0 : note_connection(true /* inbound */, conn->socket_family);
2077 :
2078 0 : return 0;
2079 : }
2080 :
2081 : /** Initialize states for newly accepted connection <b>conn</b>.
2082 : *
2083 : * If conn is an OR, start the TLS handshake.
2084 : *
2085 : * If conn is a transparent AP, get its original destination
2086 : * and place it in circuit_wait.
2087 : *
2088 : * The <b>listener</b> parameter is only used for AP connections.
2089 : */
2090 : int
2091 0 : connection_init_accepted_conn(connection_t *conn,
2092 : const listener_connection_t *listener)
2093 : {
2094 0 : int rv;
2095 :
2096 0 : connection_start_reading(conn);
2097 :
2098 0 : switch (conn->type) {
2099 0 : case CONN_TYPE_EXT_OR:
2100 : /* Initiate Extended ORPort authentication. */
2101 0 : return connection_ext_or_start_auth(TO_OR_CONN(conn));
2102 0 : case CONN_TYPE_OR:
2103 0 : connection_or_event_status(TO_OR_CONN(conn), OR_CONN_EVENT_NEW, 0);
2104 0 : rv = connection_tls_start_handshake(TO_OR_CONN(conn), 1);
2105 0 : if (rv < 0) {
2106 0 : connection_or_close_for_error(TO_OR_CONN(conn), 0);
2107 : }
2108 : return rv;
2109 0 : break;
2110 0 : case CONN_TYPE_AP:
2111 0 : memcpy(&TO_ENTRY_CONN(conn)->entry_cfg, &listener->entry_cfg,
2112 : sizeof(entry_port_cfg_t));
2113 0 : TO_ENTRY_CONN(conn)->nym_epoch = get_signewnym_epoch();
2114 0 : TO_ENTRY_CONN(conn)->socks_request->listener_type = listener->base_.type;
2115 :
2116 : /* Any incoming connection on an entry port counts as user activity. */
2117 0 : note_user_activity(approx_time());
2118 :
2119 0 : switch (TO_CONN(listener)->type) {
2120 0 : case CONN_TYPE_AP_LISTENER:
2121 0 : conn->state = AP_CONN_STATE_SOCKS_WAIT;
2122 0 : TO_ENTRY_CONN(conn)->socks_request->socks_prefer_no_auth =
2123 0 : listener->entry_cfg.socks_prefer_no_auth;
2124 0 : TO_ENTRY_CONN(conn)->socks_request->socks_use_extended_errors =
2125 0 : listener->entry_cfg.extended_socks5_codes;
2126 0 : break;
2127 0 : case CONN_TYPE_AP_TRANS_LISTENER:
2128 0 : TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
2129 : /* XXXX028 -- is this correct still, with the addition of
2130 : * pending_entry_connections ? */
2131 0 : conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
2132 0 : return connection_ap_process_transparent(TO_ENTRY_CONN(conn));
2133 0 : case CONN_TYPE_AP_NATD_LISTENER:
2134 0 : TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
2135 0 : conn->state = AP_CONN_STATE_NATD_WAIT;
2136 0 : break;
2137 0 : case CONN_TYPE_AP_HTTP_CONNECT_LISTENER:
2138 0 : conn->state = AP_CONN_STATE_HTTP_CONNECT_WAIT;
2139 : }
2140 : break;
2141 0 : case CONN_TYPE_DIR:
2142 0 : conn->purpose = DIR_PURPOSE_SERVER;
2143 0 : conn->state = DIR_CONN_STATE_SERVER_COMMAND_WAIT;
2144 0 : break;
2145 0 : case CONN_TYPE_CONTROL:
2146 0 : conn->state = CONTROL_CONN_STATE_NEEDAUTH;
2147 0 : break;
2148 : }
2149 : return 0;
2150 : }
2151 :
2152 : /** Take conn, make a nonblocking socket; try to connect to
2153 : * sa, binding to bindaddr if sa is not localhost. If fail, return -1 and if
2154 : * applicable put your best guess about errno into *<b>socket_error</b>.
2155 : * If connected return 1, if EAGAIN return 0.
2156 : */
2157 0 : MOCK_IMPL(STATIC int,
2158 : connection_connect_sockaddr,(connection_t *conn,
2159 : const struct sockaddr *sa,
2160 : socklen_t sa_len,
2161 : const struct sockaddr *bindaddr,
2162 : socklen_t bindaddr_len,
2163 : int *socket_error))
2164 : {
2165 0 : tor_socket_t s;
2166 0 : int inprogress = 0;
2167 0 : const or_options_t *options = get_options();
2168 :
2169 0 : tor_assert(conn);
2170 0 : tor_assert(sa);
2171 0 : tor_assert(socket_error);
2172 :
2173 0 : if (net_is_completely_disabled()) {
2174 : /* We should never even try to connect anyplace if the network is
2175 : * completely shut off.
2176 : *
2177 : * (We don't check net_is_disabled() here, since we still sometimes
2178 : * want to open connections when we're in soft hibernation.)
2179 : */
2180 0 : static ratelim_t disablenet_violated = RATELIM_INIT(30*60);
2181 0 : *socket_error = SOCK_ERRNO(ENETUNREACH);
2182 0 : log_fn_ratelim(&disablenet_violated, LOG_WARN, LD_BUG,
2183 : "Tried to open a socket with DisableNetwork set.");
2184 0 : tor_fragile_assert();
2185 0 : return -1;
2186 : }
2187 :
2188 0 : const int protocol_family = sa->sa_family;
2189 0 : const int proto = (sa->sa_family == AF_INET6 ||
2190 0 : sa->sa_family == AF_INET) ? IPPROTO_TCP : 0;
2191 :
2192 0 : s = tor_open_socket_nonblocking(protocol_family, SOCK_STREAM, proto);
2193 0 : if (! SOCKET_OK(s)) {
2194 : /*
2195 : * Early OOS handler calls; it matters if it's an exhaustion-related
2196 : * error or not.
2197 : */
2198 0 : *socket_error = tor_socket_errno(s);
2199 0 : if (ERRNO_IS_RESOURCE_LIMIT(*socket_error)) {
2200 0 : socket_failed_from_resource_exhaustion();
2201 0 : connection_check_oos(get_n_open_sockets(), 1);
2202 : } else {
2203 0 : log_warn(LD_NET,"Error creating network socket: %s",
2204 : tor_socket_strerror(*socket_error));
2205 0 : connection_check_oos(get_n_open_sockets(), 0);
2206 : }
2207 0 : return -1;
2208 : }
2209 :
2210 0 : if (make_socket_reuseable(s) < 0) {
2211 0 : log_warn(LD_NET, "Error setting SO_REUSEADDR flag on new connection: %s",
2212 : tor_socket_strerror(errno));
2213 : }
2214 :
2215 : /*
2216 : * We've got the socket open; give the OOS handler a chance to check
2217 : * against configured maximum socket number, but tell it no exhaustion
2218 : * failure.
2219 : */
2220 0 : connection_check_oos(get_n_open_sockets(), 0);
2221 :
2222 0 : if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) {
2223 0 : *socket_error = tor_socket_errno(s);
2224 0 : log_warn(LD_NET,"Error binding network socket: %s",
2225 : tor_socket_strerror(*socket_error));
2226 0 : tor_close_socket(s);
2227 0 : return -1;
2228 : }
2229 :
2230 0 : tor_assert(options);
2231 0 : if (options->ConstrainedSockets)
2232 0 : set_constrained_socket_buffers(s, (int)options->ConstrainedSockSize);
2233 :
2234 0 : if (connect(s, sa, sa_len) < 0) {
2235 0 : int e = tor_socket_errno(s);
2236 0 : if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
2237 : /* yuck. kill it. */
2238 0 : *socket_error = e;
2239 0 : log_info(LD_NET,
2240 : "connect() to socket failed: %s",
2241 : tor_socket_strerror(e));
2242 0 : tor_close_socket(s);
2243 0 : return -1;
2244 : } else {
2245 : inprogress = 1;
2246 : }
2247 : }
2248 :
2249 0 : note_connection(false /* outbound */, conn->socket_family);
2250 :
2251 : /* it succeeded. we're connected. */
2252 0 : log_fn(inprogress ? LOG_DEBUG : LOG_INFO, LD_NET,
2253 : "Connection to socket %s (sock "TOR_SOCKET_T_FORMAT").",
2254 : inprogress ? "in progress" : "established", s);
2255 0 : conn->s = s;
2256 0 : if (connection_add_connecting(conn) < 0) {
2257 : /* no space, forget it */
2258 0 : *socket_error = SOCK_ERRNO(ENOBUFS);
2259 0 : return -1;
2260 : }
2261 :
2262 0 : return inprogress ? 0 : 1;
2263 : }
2264 :
2265 : /* Log a message if connection attempt is made when IPv4 or IPv6 is disabled.
2266 : * Log a less severe message if we couldn't conform to ClientPreferIPv6ORPort
2267 : * or ClientPreferIPv6ORPort. */
2268 : static void
2269 21 : connection_connect_log_client_use_ip_version(const connection_t *conn)
2270 : {
2271 21 : const or_options_t *options = get_options();
2272 :
2273 : /* Only clients care about ClientUseIPv4/6, bail out early on servers, and
2274 : * on connections we don't care about */
2275 21 : if (server_mode(options) || !conn || conn->type == CONN_TYPE_EXIT) {
2276 8 : return;
2277 : }
2278 :
2279 : /* We're only prepared to log OR and DIR connections here */
2280 21 : if (conn->type != CONN_TYPE_OR && conn->type != CONN_TYPE_DIR) {
2281 : return;
2282 : }
2283 :
2284 13 : const int must_ipv4 = !reachable_addr_use_ipv6(options);
2285 13 : const int must_ipv6 = (options->ClientUseIPv4 == 0);
2286 26 : const int pref_ipv6 = (conn->type == CONN_TYPE_OR
2287 2 : ? reachable_addr_prefer_ipv6_orport(options)
2288 13 : : reachable_addr_prefer_ipv6_dirport(options));
2289 13 : tor_addr_t real_addr;
2290 13 : tor_addr_copy(&real_addr, &conn->addr);
2291 :
2292 : /* Check if we broke a mandatory address family restriction */
2293 13 : if ((must_ipv4 && tor_addr_family(&real_addr) == AF_INET6)
2294 13 : || (must_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
2295 0 : static int logged_backtrace = 0;
2296 0 : log_info(LD_BUG, "Outgoing %s connection to %s violated ClientUseIPv%s 0.",
2297 : conn->type == CONN_TYPE_OR ? "OR" : "Dir",
2298 : fmt_addr(&real_addr),
2299 : options->ClientUseIPv4 == 0 ? "4" : "6");
2300 0 : if (!logged_backtrace) {
2301 0 : log_backtrace(LOG_INFO, LD_BUG, "Address came from");
2302 0 : logged_backtrace = 1;
2303 : }
2304 : }
2305 :
2306 : /* Bridges are allowed to break IPv4/IPv6 ORPort preferences to connect to
2307 : * the node's configured address when ClientPreferIPv6ORPort is auto */
2308 13 : if (options->UseBridges && conn->type == CONN_TYPE_OR
2309 0 : && options->ClientPreferIPv6ORPort == -1) {
2310 : return;
2311 : }
2312 :
2313 13 : if (reachable_addr_use_ipv6(options)) {
2314 2 : log_info(LD_NET, "Our outgoing connection is using IPv%d.",
2315 : tor_addr_family(&real_addr) == AF_INET6 ? 6 : 4);
2316 : }
2317 :
2318 : /* Check if we couldn't satisfy an address family preference */
2319 13 : if ((!pref_ipv6 && tor_addr_family(&real_addr) == AF_INET6)
2320 13 : || (pref_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
2321 0 : log_info(LD_NET, "Outgoing connection to %s doesn't satisfy "
2322 : "ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
2323 : "reachable_addr_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
2324 : "%d).",
2325 : fmt_addr(&real_addr),
2326 : conn->type == CONN_TYPE_OR ? "OR" : "Dir",
2327 : conn->type == CONN_TYPE_OR ? options->ClientPreferIPv6ORPort
2328 : : options->ClientPreferIPv6DirPort,
2329 : options->ClientUseIPv4, reachable_addr_use_ipv6(options),
2330 : options->ClientUseIPv6, options->UseBridges);
2331 : }
2332 : }
2333 :
2334 : /** Retrieve the outbound address depending on the protocol (IPv4 or IPv6)
2335 : * and the connection type (relay, exit, ...)
2336 : * Return a socket address or NULL in case nothing is configured.
2337 : **/
2338 : const tor_addr_t *
2339 0 : conn_get_outbound_address(sa_family_t family,
2340 : const or_options_t *options, unsigned int conn_type)
2341 : {
2342 0 : const tor_addr_t *ext_addr = NULL;
2343 :
2344 0 : int fam_index;
2345 0 : switch (family) {
2346 : case AF_INET:
2347 : fam_index = 0;
2348 : break;
2349 0 : case AF_INET6:
2350 0 : fam_index = 1;
2351 0 : break;
2352 : default:
2353 : return NULL;
2354 : }
2355 :
2356 : // If an exit connection, use the exit address (if present)
2357 0 : if (conn_type == CONN_TYPE_EXIT) {
2358 0 : if (!tor_addr_is_null(
2359 : &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT][fam_index])) {
2360 : ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT]
2361 : [fam_index];
2362 0 : } else if (!tor_addr_is_null(
2363 : &options->OutboundBindAddresses[OUTBOUND_ADDR_ANY]
2364 : [fam_index])) {
2365 0 : ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_ANY]
2366 : [fam_index];
2367 : }
2368 : } else { // All non-exit connections
2369 0 : if (!tor_addr_is_null(
2370 : &options->OutboundBindAddresses[OUTBOUND_ADDR_OR][fam_index])) {
2371 : ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_OR]
2372 : [fam_index];
2373 0 : } else if (!tor_addr_is_null(
2374 : &options->OutboundBindAddresses[OUTBOUND_ADDR_ANY]
2375 : [fam_index])) {
2376 0 : ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_ANY]
2377 : [fam_index];
2378 : }
2379 : }
2380 : return ext_addr;
2381 : }
2382 :
2383 : /** Take conn, make a nonblocking socket; try to connect to
2384 : * addr:port (port arrives in *host order*). If fail, return -1 and if
2385 : * applicable put your best guess about errno into *<b>socket_error</b>.
2386 : * Else assign s to conn-\>s: if connected return 1, if EAGAIN return 0.
2387 : *
2388 : * addr:port can be different to conn->addr:conn->port if connecting through
2389 : * a proxy.
2390 : *
2391 : * address is used to make the logs useful.
2392 : *
2393 : * On success, add conn to the list of polled connections.
2394 : */
2395 : int
2396 21 : connection_connect(connection_t *conn, const char *address,
2397 : const tor_addr_t *addr, uint16_t port, int *socket_error)
2398 : {
2399 21 : struct sockaddr_storage addrbuf;
2400 21 : struct sockaddr_storage bind_addr_ss;
2401 21 : struct sockaddr *bind_addr = NULL;
2402 21 : struct sockaddr *dest_addr;
2403 21 : int dest_addr_len, bind_addr_len = 0;
2404 :
2405 : /* Log if we didn't stick to ClientUseIPv4/6 or ClientPreferIPv6OR/DirPort
2406 : */
2407 21 : connection_connect_log_client_use_ip_version(conn);
2408 :
2409 21 : if (!tor_addr_is_loopback(addr)) {
2410 0 : const tor_addr_t *ext_addr = NULL;
2411 0 : ext_addr = conn_get_outbound_address(tor_addr_family(addr), get_options(),
2412 0 : conn->type);
2413 0 : if (ext_addr) {
2414 0 : memset(&bind_addr_ss, 0, sizeof(bind_addr_ss));
2415 0 : bind_addr_len = tor_addr_to_sockaddr(ext_addr, 0,
2416 : (struct sockaddr *) &bind_addr_ss,
2417 : sizeof(bind_addr_ss));
2418 0 : if (bind_addr_len == 0) {
2419 0 : log_warn(LD_NET,
2420 : "Error converting OutboundBindAddress %s into sockaddr. "
2421 : "Ignoring.", fmt_and_decorate_addr(ext_addr));
2422 : } else {
2423 : bind_addr = (struct sockaddr *)&bind_addr_ss;
2424 : }
2425 : }
2426 : }
2427 :
2428 21 : memset(&addrbuf,0,sizeof(addrbuf));
2429 21 : dest_addr = (struct sockaddr*) &addrbuf;
2430 21 : dest_addr_len = tor_addr_to_sockaddr(addr, port, dest_addr, sizeof(addrbuf));
2431 21 : tor_assert(dest_addr_len > 0);
2432 :
2433 21 : log_debug(LD_NET, "Connecting to %s:%u.",
2434 : escaped_safe_str_client(address), port);
2435 :
2436 21 : return connection_connect_sockaddr(conn, dest_addr, dest_addr_len,
2437 : bind_addr, bind_addr_len, socket_error);
2438 : }
2439 :
2440 : #ifdef HAVE_SYS_UN_H
2441 :
2442 : /** Take conn, make a nonblocking socket; try to connect to
2443 : * an AF_UNIX socket at socket_path. If fail, return -1 and if applicable
2444 : * put your best guess about errno into *<b>socket_error</b>. Else assign s
2445 : * to conn-\>s: if connected return 1, if EAGAIN return 0.
2446 : *
2447 : * On success, add conn to the list of polled connections.
2448 : */
2449 : int
2450 0 : connection_connect_unix(connection_t *conn, const char *socket_path,
2451 : int *socket_error)
2452 : {
2453 0 : struct sockaddr_un dest_addr;
2454 :
2455 0 : tor_assert(socket_path);
2456 :
2457 : /* Check that we'll be able to fit it into dest_addr later */
2458 0 : if (strlen(socket_path) + 1 > sizeof(dest_addr.sun_path)) {
2459 0 : log_warn(LD_NET,
2460 : "Path %s is too long for an AF_UNIX socket\n",
2461 : escaped_safe_str_client(socket_path));
2462 0 : *socket_error = SOCK_ERRNO(ENAMETOOLONG);
2463 0 : return -1;
2464 : }
2465 :
2466 0 : memset(&dest_addr, 0, sizeof(dest_addr));
2467 0 : dest_addr.sun_family = AF_UNIX;
2468 0 : strlcpy(dest_addr.sun_path, socket_path, sizeof(dest_addr.sun_path));
2469 :
2470 0 : log_debug(LD_NET,
2471 : "Connecting to AF_UNIX socket at %s.",
2472 : escaped_safe_str_client(socket_path));
2473 :
2474 0 : return connection_connect_sockaddr(conn,
2475 : (struct sockaddr *)&dest_addr, sizeof(dest_addr),
2476 : NULL, 0, socket_error);
2477 : }
2478 :
2479 : #endif /* defined(HAVE_SYS_UN_H) */
2480 :
2481 : /** Convert state number to string representation for logging purposes.
2482 : */
2483 : static const char *
2484 2 : connection_proxy_state_to_string(int state)
2485 : {
2486 2 : static const char *unknown = "???";
2487 2 : static const char *states[] = {
2488 : "PROXY_NONE",
2489 : "PROXY_INFANT",
2490 : "PROXY_HTTPS_WANT_CONNECT_OK",
2491 : "PROXY_SOCKS4_WANT_CONNECT_OK",
2492 : "PROXY_SOCKS5_WANT_AUTH_METHOD_NONE",
2493 : "PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929",
2494 : "PROXY_SOCKS5_WANT_AUTH_RFC1929_OK",
2495 : "PROXY_SOCKS5_WANT_CONNECT_OK",
2496 : "PROXY_HAPROXY_WAIT_FOR_FLUSH",
2497 : "PROXY_CONNECTED",
2498 : };
2499 :
2500 2 : CTASSERT(ARRAY_LENGTH(states) == PROXY_CONNECTED+1);
2501 :
2502 2 : if (state < PROXY_NONE || state > PROXY_CONNECTED)
2503 0 : return unknown;
2504 :
2505 2 : return states[state];
2506 : }
2507 :
2508 : /** Returns the proxy type used by tor for a single connection, for
2509 : * logging or high-level purposes. Don't use it to fill the
2510 : * <b>proxy_type</b> field of or_connection_t; use the actual proxy
2511 : * protocol instead.*/
2512 : static int
2513 0 : conn_get_proxy_type(const connection_t *conn)
2514 : {
2515 0 : const or_options_t *options = get_options();
2516 :
2517 0 : if (options->ClientTransportPlugin) {
2518 : /* If we have plugins configured *and* this addr/port is a known bridge
2519 : * with a transport, then we should be PROXY_PLUGGABLE. */
2520 0 : const transport_t *transport = NULL;
2521 0 : int r;
2522 0 : r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
2523 0 : if (r == 0 && transport)
2524 0 : return PROXY_PLUGGABLE;
2525 : }
2526 :
2527 : /* In all other cases, we're using a global proxy. */
2528 0 : if (options->HTTPSProxy)
2529 : return PROXY_CONNECT;
2530 0 : else if (options->Socks4Proxy)
2531 : return PROXY_SOCKS4;
2532 0 : else if (options->Socks5Proxy)
2533 : return PROXY_SOCKS5;
2534 0 : else if (options->TCPProxy) {
2535 : /* The only supported protocol in TCPProxy is haproxy. */
2536 0 : tor_assert(options->TCPProxyProtocol == TCP_PROXY_PROTOCOL_HAPROXY);
2537 : return PROXY_HAPROXY;
2538 : } else
2539 : return PROXY_NONE;
2540 : }
2541 :
2542 : /* One byte for the version, one for the command, two for the
2543 : port, and four for the addr... and, one more for the
2544 : username NUL: */
2545 : #define SOCKS4_STANDARD_BUFFER_SIZE (1 + 1 + 2 + 4 + 1)
2546 :
2547 : /** Write a proxy request of https to conn for conn->addr:conn->port,
2548 : * authenticating with the auth details given in the configuration
2549 : * (if available).
2550 : *
2551 : * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2552 : * 0 otherwise.
2553 : */
2554 : static int
2555 1 : connection_https_proxy_connect(connection_t *conn)
2556 : {
2557 1 : tor_assert(conn);
2558 :
2559 1 : const or_options_t *options = get_options();
2560 1 : char buf[1024];
2561 1 : char *base64_authenticator = NULL;
2562 1 : const char *authenticator = options->HTTPSProxyAuthenticator;
2563 :
2564 : /* Send HTTP CONNECT and authentication (if available) in
2565 : * one request */
2566 :
2567 1 : if (authenticator) {
2568 0 : base64_authenticator = alloc_http_authenticator(authenticator);
2569 0 : if (!base64_authenticator)
2570 0 : log_warn(LD_OR, "Encoding https authenticator failed");
2571 : }
2572 :
2573 0 : if (base64_authenticator) {
2574 0 : const char *addrport = fmt_addrport(&conn->addr, conn->port);
2575 0 : tor_snprintf(buf, sizeof(buf), "CONNECT %s HTTP/1.1\r\n"
2576 : "Host: %s\r\n"
2577 : "Proxy-Authorization: Basic %s\r\n\r\n",
2578 : addrport,
2579 : addrport,
2580 : base64_authenticator);
2581 0 : tor_free(base64_authenticator);
2582 : } else {
2583 1 : tor_snprintf(buf, sizeof(buf), "CONNECT %s HTTP/1.0\r\n\r\n",
2584 1 : fmt_addrport(&conn->addr, conn->port));
2585 : }
2586 :
2587 1 : connection_buf_add(buf, strlen(buf), conn);
2588 1 : conn->proxy_state = PROXY_HTTPS_WANT_CONNECT_OK;
2589 :
2590 1 : return 0;
2591 : }
2592 :
2593 : /** Write a proxy request of socks4 to conn for conn->addr:conn->port.
2594 : *
2595 : * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2596 : * 0 otherwise.
2597 : */
2598 : static int
2599 0 : connection_socks4_proxy_connect(connection_t *conn)
2600 : {
2601 0 : tor_assert(conn);
2602 :
2603 0 : unsigned char *buf;
2604 0 : uint16_t portn;
2605 0 : uint32_t ip4addr;
2606 0 : size_t buf_size = 0;
2607 0 : char *socks_args_string = NULL;
2608 :
2609 : /* Send a SOCKS4 connect request */
2610 :
2611 0 : if (tor_addr_family(&conn->addr) != AF_INET) {
2612 0 : log_warn(LD_NET, "SOCKS4 client is incompatible with IPv6");
2613 0 : return -1;
2614 : }
2615 :
2616 : { /* If we are here because we are trying to connect to a
2617 : pluggable transport proxy, check if we have any SOCKS
2618 : arguments to transmit. If we do, compress all arguments to
2619 : a single string in 'socks_args_string': */
2620 :
2621 0 : if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
2622 0 : socks_args_string =
2623 0 : pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port);
2624 0 : if (socks_args_string)
2625 0 : log_debug(LD_NET, "Sending out '%s' as our SOCKS argument string.",
2626 : socks_args_string);
2627 : }
2628 : }
2629 :
2630 : { /* Figure out the buffer size we need for the SOCKS message: */
2631 :
2632 0 : buf_size = SOCKS4_STANDARD_BUFFER_SIZE;
2633 :
2634 : /* If we have a SOCKS argument string, consider its size when
2635 : calculating the buffer size: */
2636 0 : if (socks_args_string)
2637 0 : buf_size += strlen(socks_args_string);
2638 : }
2639 :
2640 0 : buf = tor_malloc_zero(buf_size);
2641 :
2642 0 : ip4addr = tor_addr_to_ipv4n(&conn->addr);
2643 0 : portn = htons(conn->port);
2644 :
2645 0 : buf[0] = 4; /* version */
2646 0 : buf[1] = SOCKS_COMMAND_CONNECT; /* command */
2647 0 : memcpy(buf + 2, &portn, 2); /* port */
2648 0 : memcpy(buf + 4, &ip4addr, 4); /* addr */
2649 :
2650 : /* Next packet field is the userid. If we have pluggable
2651 : transport SOCKS arguments, we have to embed them
2652 : there. Otherwise, we use an empty userid. */
2653 0 : if (socks_args_string) { /* place the SOCKS args string: */
2654 0 : tor_assert(strlen(socks_args_string) > 0);
2655 0 : tor_assert(buf_size >=
2656 : SOCKS4_STANDARD_BUFFER_SIZE + strlen(socks_args_string));
2657 0 : strlcpy((char *)buf + 8, socks_args_string, buf_size - 8);
2658 0 : tor_free(socks_args_string);
2659 : } else {
2660 0 : buf[8] = 0; /* no userid */
2661 : }
2662 :
2663 0 : connection_buf_add((char *)buf, buf_size, conn);
2664 0 : tor_free(buf);
2665 :
2666 0 : conn->proxy_state = PROXY_SOCKS4_WANT_CONNECT_OK;
2667 0 : return 0;
2668 : }
2669 :
2670 : /** Write a proxy request of socks5 to conn for conn->addr:conn->port,
2671 : * authenticating with the auth details given in the configuration
2672 : * (if available).
2673 : *
2674 : * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2675 : * 0 otherwise.
2676 : */
2677 : static int
2678 0 : connection_socks5_proxy_connect(connection_t *conn)
2679 : {
2680 0 : tor_assert(conn);
2681 :
2682 0 : const or_options_t *options = get_options();
2683 0 : unsigned char buf[4]; /* fields: vers, num methods, method list */
2684 :
2685 : /* Send a SOCKS5 greeting (connect request must wait) */
2686 :
2687 0 : buf[0] = 5; /* version */
2688 :
2689 : /* We have to use SOCKS5 authentication, if we have a
2690 : Socks5ProxyUsername or if we want to pass arguments to our
2691 : pluggable transport proxy: */
2692 0 : if ((options->Socks5ProxyUsername) ||
2693 0 : (conn_get_proxy_type(conn) == PROXY_PLUGGABLE &&
2694 0 : (get_socks_args_by_bridge_addrport(&conn->addr, conn->port)))) {
2695 : /* number of auth methods */
2696 0 : buf[1] = 2;
2697 0 : buf[2] = 0x00; /* no authentication */
2698 0 : buf[3] = 0x02; /* rfc1929 Username/Passwd auth */
2699 0 : conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929;
2700 : } else {
2701 0 : buf[1] = 1;
2702 0 : buf[2] = 0x00; /* no authentication */
2703 0 : conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_NONE;
2704 : }
2705 :
2706 0 : connection_buf_add((char *)buf, 2 + buf[1], conn);
2707 0 : return 0;
2708 : }
2709 :
2710 : /** Write a proxy request of haproxy to conn for conn->addr:conn->port.
2711 : *
2712 : * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2713 : * 0 otherwise.
2714 : */
2715 : static int
2716 1 : connection_haproxy_proxy_connect(connection_t *conn)
2717 : {
2718 1 : int ret = 0;
2719 1 : tor_addr_port_t *addr_port = tor_addr_port_new(&conn->addr, conn->port);
2720 1 : char *buf = haproxy_format_proxy_header_line(addr_port);
2721 :
2722 1 : if (buf == NULL) {
2723 0 : ret = -1;
2724 0 : goto done;
2725 : }
2726 :
2727 1 : connection_buf_add(buf, strlen(buf), conn);
2728 : /* In haproxy, we don't have to wait for the response, but we wait for ack.
2729 : * So we can set the state to be PROXY_HAPROXY_WAIT_FOR_FLUSH. */
2730 1 : conn->proxy_state = PROXY_HAPROXY_WAIT_FOR_FLUSH;
2731 :
2732 1 : ret = 0;
2733 1 : done:
2734 1 : tor_free(buf);
2735 1 : tor_free(addr_port);
2736 1 : return ret;
2737 : }
2738 :
2739 : /** Write a proxy request of <b>type</b> (socks4, socks5, https, haproxy)
2740 : * to conn for conn->addr:conn->port, authenticating with the auth details
2741 : * given in the configuration (if available). SOCKS 5 and HTTP CONNECT
2742 : * proxies support authentication.
2743 : *
2744 : * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2745 : * 0 otherwise.
2746 : *
2747 : * Use connection_read_proxy_handshake() to complete the handshake.
2748 : */
2749 : int
2750 2 : connection_proxy_connect(connection_t *conn, int type)
2751 : {
2752 2 : int ret = 0;
2753 :
2754 2 : tor_assert(conn);
2755 :
2756 2 : switch (type) {
2757 1 : case PROXY_CONNECT:
2758 1 : ret = connection_https_proxy_connect(conn);
2759 1 : break;
2760 :
2761 0 : case PROXY_SOCKS4:
2762 0 : ret = connection_socks4_proxy_connect(conn);
2763 0 : break;
2764 :
2765 0 : case PROXY_SOCKS5:
2766 0 : ret = connection_socks5_proxy_connect(conn);
2767 0 : break;
2768 :
2769 1 : case PROXY_HAPROXY:
2770 1 : ret = connection_haproxy_proxy_connect(conn);
2771 1 : break;
2772 :
2773 0 : default:
2774 0 : log_err(LD_BUG, "Invalid proxy protocol, %d", type);
2775 0 : tor_fragile_assert();
2776 : ret = -1;
2777 : break;
2778 : }
2779 :
2780 2 : if (ret == 0) {
2781 2 : log_debug(LD_NET, "set state %s",
2782 : connection_proxy_state_to_string(conn->proxy_state));
2783 : }
2784 :
2785 2 : return ret;
2786 : }
2787 :
2788 : /** Read conn's inbuf. If the http response from the proxy is all
2789 : * here, make sure it's good news, then return 1. If it's bad news,
2790 : * return -1. Else return 0 and hope for better luck next time.
2791 : */
2792 : static int
2793 0 : connection_read_https_proxy_response(connection_t *conn)
2794 : {
2795 0 : char *headers;
2796 0 : char *reason=NULL;
2797 0 : int status_code;
2798 0 : time_t date_header;
2799 :
2800 0 : switch (fetch_from_buf_http(conn->inbuf,
2801 : &headers, MAX_HEADERS_SIZE,
2802 : NULL, NULL, 10000, 0)) {
2803 0 : case -1: /* overflow */
2804 0 : log_warn(LD_PROTOCOL,
2805 : "Your https proxy sent back an oversized response. Closing.");
2806 0 : return -1;
2807 0 : case 0:
2808 0 : log_info(LD_NET,"https proxy response not all here yet. Waiting.");
2809 0 : return 0;
2810 : /* case 1, fall through */
2811 : }
2812 :
2813 0 : if (parse_http_response(headers, &status_code, &date_header,
2814 : NULL, &reason) < 0) {
2815 0 : log_warn(LD_NET,
2816 : "Unparseable headers from proxy (%s). Closing.",
2817 : connection_describe(conn));
2818 0 : tor_free(headers);
2819 0 : return -1;
2820 : }
2821 0 : tor_free(headers);
2822 0 : if (!reason) reason = tor_strdup("[no reason given]");
2823 :
2824 0 : if (status_code == 200) {
2825 0 : log_info(LD_NET,
2826 : "HTTPS connect for %s successful! (200 %s) Starting TLS.",
2827 : connection_describe(conn), escaped(reason));
2828 0 : tor_free(reason);
2829 0 : return 1;
2830 : }
2831 : /* else, bad news on the status code */
2832 0 : switch (status_code) {
2833 0 : case 403:
2834 0 : log_warn(LD_NET,
2835 : "The https proxy refused to allow connection to %s "
2836 : "(status code %d, %s). Closing.",
2837 : conn->address, status_code, escaped(reason));
2838 0 : break;
2839 0 : default:
2840 0 : log_warn(LD_NET,
2841 : "The https proxy sent back an unexpected status code %d (%s). "
2842 : "Closing.",
2843 : status_code, escaped(reason));
2844 0 : break;
2845 : }
2846 0 : tor_free(reason);
2847 0 : return -1;
2848 : }
2849 :
2850 : /** Send SOCKS5 CONNECT command to <b>conn</b>, copying <b>conn->addr</b>
2851 : * and <b>conn->port</b> into the request.
2852 : */
2853 : static void
2854 0 : connection_send_socks5_connect(connection_t *conn)
2855 : {
2856 0 : unsigned char buf[1024];
2857 0 : size_t reqsize = 6;
2858 0 : uint16_t port = htons(conn->port);
2859 :
2860 0 : buf[0] = 5; /* version */
2861 0 : buf[1] = SOCKS_COMMAND_CONNECT; /* command */
2862 0 : buf[2] = 0; /* reserved */
2863 :
2864 0 : if (tor_addr_family(&conn->addr) == AF_INET) {
2865 0 : uint32_t addr = tor_addr_to_ipv4n(&conn->addr);
2866 :
2867 0 : buf[3] = 1;
2868 0 : reqsize += 4;
2869 0 : memcpy(buf + 4, &addr, 4);
2870 0 : memcpy(buf + 8, &port, 2);
2871 : } else { /* AF_INET6 */
2872 0 : buf[3] = 4;
2873 0 : reqsize += 16;
2874 0 : memcpy(buf + 4, tor_addr_to_in6_addr8(&conn->addr), 16);
2875 0 : memcpy(buf + 20, &port, 2);
2876 : }
2877 :
2878 0 : connection_buf_add((char *)buf, reqsize, conn);
2879 :
2880 0 : conn->proxy_state = PROXY_SOCKS5_WANT_CONNECT_OK;
2881 0 : }
2882 :
2883 : /** Wrapper around fetch_from_buf_socks_client: see that functions
2884 : * for documentation of its behavior. */
2885 : static int
2886 0 : connection_fetch_from_buf_socks_client(connection_t *conn,
2887 : int state, char **reason)
2888 : {
2889 0 : return fetch_from_buf_socks_client(conn->inbuf, state, reason);
2890 : }
2891 :
2892 : /** Call this from connection_*_process_inbuf() to advance the proxy
2893 : * handshake.
2894 : *
2895 : * No matter what proxy protocol is used, if this function returns 1, the
2896 : * handshake is complete, and the data remaining on inbuf may contain the
2897 : * start of the communication with the requested server.
2898 : *
2899 : * Returns 0 if the current buffer contains an incomplete response, and -1
2900 : * on error.
2901 : */
2902 : int
2903 0 : connection_read_proxy_handshake(connection_t *conn)
2904 : {
2905 0 : int ret = 0;
2906 0 : char *reason = NULL;
2907 :
2908 0 : log_debug(LD_NET, "enter state %s",
2909 : connection_proxy_state_to_string(conn->proxy_state));
2910 :
2911 0 : switch (conn->proxy_state) {
2912 0 : case PROXY_HTTPS_WANT_CONNECT_OK:
2913 0 : ret = connection_read_https_proxy_response(conn);
2914 0 : if (ret == 1)
2915 0 : conn->proxy_state = PROXY_CONNECTED;
2916 : break;
2917 :
2918 0 : case PROXY_SOCKS4_WANT_CONNECT_OK:
2919 0 : ret = connection_fetch_from_buf_socks_client(conn,
2920 : conn->proxy_state,
2921 : &reason);
2922 0 : if (ret == 1)
2923 0 : conn->proxy_state = PROXY_CONNECTED;
2924 : break;
2925 :
2926 0 : case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
2927 0 : ret = connection_fetch_from_buf_socks_client(conn,
2928 : conn->proxy_state,
2929 : &reason);
2930 : /* no auth needed, do connect */
2931 0 : if (ret == 1) {
2932 0 : connection_send_socks5_connect(conn);
2933 0 : ret = 0;
2934 : }
2935 : break;
2936 :
2937 0 : case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
2938 0 : ret = connection_fetch_from_buf_socks_client(conn,
2939 : conn->proxy_state,
2940 : &reason);
2941 :
2942 : /* send auth if needed, otherwise do connect */
2943 0 : if (ret == 1) {
2944 0 : connection_send_socks5_connect(conn);
2945 0 : ret = 0;
2946 0 : } else if (ret == 2) {
2947 0 : unsigned char buf[1024];
2948 0 : size_t reqsize, usize, psize;
2949 0 : const char *user, *pass;
2950 0 : char *socks_args_string = NULL;
2951 :
2952 0 : if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
2953 0 : socks_args_string =
2954 0 : pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port);
2955 0 : if (!socks_args_string) {
2956 0 : log_warn(LD_NET, "Could not create SOCKS args string for PT.");
2957 0 : ret = -1;
2958 0 : break;
2959 : }
2960 :
2961 0 : log_debug(LD_NET, "PT SOCKS5 arguments: %s", socks_args_string);
2962 0 : tor_assert(strlen(socks_args_string) > 0);
2963 0 : tor_assert(strlen(socks_args_string) <= MAX_SOCKS5_AUTH_SIZE_TOTAL);
2964 :
2965 0 : if (strlen(socks_args_string) > MAX_SOCKS5_AUTH_FIELD_SIZE) {
2966 0 : user = socks_args_string;
2967 0 : usize = MAX_SOCKS5_AUTH_FIELD_SIZE;
2968 0 : pass = socks_args_string + MAX_SOCKS5_AUTH_FIELD_SIZE;
2969 0 : psize = strlen(socks_args_string) - MAX_SOCKS5_AUTH_FIELD_SIZE;
2970 : } else {
2971 : user = socks_args_string;
2972 : usize = strlen(socks_args_string);
2973 : pass = "\0";
2974 : psize = 1;
2975 : }
2976 0 : } else if (get_options()->Socks5ProxyUsername) {
2977 0 : user = get_options()->Socks5ProxyUsername;
2978 0 : pass = get_options()->Socks5ProxyPassword;
2979 0 : tor_assert(user && pass);
2980 0 : usize = strlen(user);
2981 0 : psize = strlen(pass);
2982 : } else {
2983 0 : log_err(LD_BUG, "We entered %s for no reason!", __func__);
2984 0 : tor_fragile_assert();
2985 : ret = -1;
2986 : break;
2987 : }
2988 :
2989 : /* Username and password lengths should have been checked
2990 : above and during torrc parsing. */
2991 0 : tor_assert(usize <= MAX_SOCKS5_AUTH_FIELD_SIZE &&
2992 : psize <= MAX_SOCKS5_AUTH_FIELD_SIZE);
2993 0 : reqsize = 3 + usize + psize;
2994 :
2995 0 : buf[0] = 1; /* negotiation version */
2996 0 : buf[1] = usize;
2997 0 : memcpy(buf + 2, user, usize);
2998 0 : buf[2 + usize] = psize;
2999 0 : memcpy(buf + 3 + usize, pass, psize);
3000 :
3001 0 : if (socks_args_string)
3002 0 : tor_free(socks_args_string);
3003 :
3004 0 : connection_buf_add((char *)buf, reqsize, conn);
3005 :
3006 0 : conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_RFC1929_OK;
3007 0 : ret = 0;
3008 : }
3009 : break;
3010 :
3011 0 : case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
3012 0 : ret = connection_fetch_from_buf_socks_client(conn,
3013 : conn->proxy_state,
3014 : &reason);
3015 : /* send the connect request */
3016 0 : if (ret == 1) {
3017 0 : connection_send_socks5_connect(conn);
3018 0 : ret = 0;
3019 : }
3020 : break;
3021 :
3022 0 : case PROXY_SOCKS5_WANT_CONNECT_OK:
3023 0 : ret = connection_fetch_from_buf_socks_client(conn,
3024 : conn->proxy_state,
3025 : &reason);
3026 0 : if (ret == 1)
3027 0 : conn->proxy_state = PROXY_CONNECTED;
3028 : break;
3029 :
3030 0 : default:
3031 0 : log_err(LD_BUG, "Invalid proxy_state for reading, %d",
3032 : conn->proxy_state);
3033 0 : tor_fragile_assert();
3034 : ret = -1;
3035 : break;
3036 : }
3037 :
3038 0 : log_debug(LD_NET, "leaving state %s",
3039 : connection_proxy_state_to_string(conn->proxy_state));
3040 :
3041 0 : if (ret < 0) {
3042 0 : if (reason) {
3043 0 : log_warn(LD_NET, "Proxy Client: unable to connect %s (%s)",
3044 : connection_describe(conn), escaped(reason));
3045 0 : tor_free(reason);
3046 : } else {
3047 0 : log_warn(LD_NET, "Proxy Client: unable to connect %s",
3048 : connection_describe(conn));
3049 : }
3050 0 : } else if (ret == 1) {
3051 0 : log_info(LD_NET, "Proxy Client: %s successful",
3052 : connection_describe(conn));
3053 : }
3054 :
3055 0 : return ret;
3056 : }
3057 :
3058 : /** Given a list of listener connections in <b>old_conns</b>, and list of
3059 : * port_cfg_t entries in <b>ports</b>, open a new listener for every port in
3060 : * <b>ports</b> that does not already have a listener in <b>old_conns</b>.
3061 : *
3062 : * Remove from <b>old_conns</b> every connection that has a corresponding
3063 : * entry in <b>ports</b>. Add to <b>new_conns</b> new every connection we
3064 : * launch. If we may need to perform socket rebind when creating new
3065 : * listener that replaces old one, create a <b>listener_replacement_t</b>
3066 : * struct for affected pair and add it to <b>replacements</b>.
3067 : *
3068 : * If <b>control_listeners_only</b> is true, then we only open control
3069 : * listeners, and we do not remove any noncontrol listeners from
3070 : * old_conns.
3071 : *
3072 : * Return 0 on success, -1 on failure.
3073 : **/
3074 : static int
3075 4 : retry_listener_ports(smartlist_t *old_conns,
3076 : const smartlist_t *ports,
3077 : smartlist_t *new_conns,
3078 : smartlist_t *replacements,
3079 : int control_listeners_only)
3080 : {
3081 : #ifndef ENABLE_LISTENER_REBIND
3082 : (void)replacements;
3083 : #endif
3084 :
3085 4 : smartlist_t *launch = smartlist_new();
3086 4 : int r = 0;
3087 :
3088 4 : if (control_listeners_only) {
3089 16 : SMARTLIST_FOREACH(ports, port_cfg_t *, p, {
3090 : if (p->type == CONN_TYPE_CONTROL_LISTENER)
3091 : smartlist_add(launch, p);
3092 : });
3093 : } else {
3094 0 : smartlist_add_all(launch, ports);
3095 : }
3096 :
3097 : /* Iterate through old_conns, comparing it to launch: remove from both lists
3098 : * each pair of elements that corresponds to the same port. */
3099 4 : SMARTLIST_FOREACH_BEGIN(old_conns, connection_t *, conn) {
3100 0 : const port_cfg_t *found_port = NULL;
3101 :
3102 : /* Okay, so this is a listener. Is it configured? */
3103 : /* That is, is it either: 1) exact match - address and port
3104 : * pair match exactly between old listener and new port; or 2)
3105 : * wildcard match - port matches exactly, but *one* of the
3106 : * addresses is wildcard (0.0.0.0 or ::)?
3107 : */
3108 0 : SMARTLIST_FOREACH_BEGIN(launch, const port_cfg_t *, wanted) {
3109 0 : if (conn->type != wanted->type)
3110 0 : continue;
3111 0 : if ((conn->socket_family != AF_UNIX && wanted->is_unix_addr) ||
3112 0 : (conn->socket_family == AF_UNIX && ! wanted->is_unix_addr))
3113 0 : continue;
3114 :
3115 0 : if (wanted->server_cfg.no_listen)
3116 0 : continue; /* We don't want to open a listener for this one */
3117 :
3118 0 : if (wanted->is_unix_addr) {
3119 0 : if (conn->socket_family == AF_UNIX &&
3120 0 : !strcmp(wanted->unix_addr, conn->address)) {
3121 : found_port = wanted;
3122 : break;
3123 : }
3124 : } else {
3125 : /* Numeric values of old and new port match exactly. */
3126 0 : const int port_matches_exact = (wanted->port == conn->port);
3127 : /* Ports match semantically - either their specific values
3128 : match exactly, or new port is 'auto'.
3129 : */
3130 0 : const int port_matches = (wanted->port == CFG_AUTO_PORT ||
3131 : port_matches_exact);
3132 :
3133 0 : if (port_matches && tor_addr_eq(&wanted->addr, &conn->addr)) {
3134 : found_port = wanted;
3135 : break;
3136 : }
3137 : #ifdef ENABLE_LISTENER_REBIND
3138 : /* Rebinding may be needed if all of the following are true:
3139 : * 1) Address family is the same in old and new listeners.
3140 : * 2) Port number matches exactly (numeric value is the same).
3141 : * 3) *One* of listeners (either old one or new one) has a
3142 : * wildcard IP address (0.0.0.0 or [::]).
3143 : *
3144 : * These are the exact conditions for a first bind() syscall
3145 : * to fail with EADDRINUSE.
3146 : */
3147 0 : const int may_need_rebind =
3148 0 : tor_addr_family(&wanted->addr) == tor_addr_family(&conn->addr) &&
3149 0 : port_matches_exact && bool_neq(tor_addr_is_null(&wanted->addr),
3150 : tor_addr_is_null(&conn->addr));
3151 0 : if (replacements && may_need_rebind) {
3152 0 : listener_replacement_t *replacement =
3153 0 : tor_malloc(sizeof(listener_replacement_t));
3154 :
3155 0 : replacement->old_conn = conn;
3156 0 : replacement->new_port = wanted;
3157 0 : smartlist_add(replacements, replacement);
3158 :
3159 0 : SMARTLIST_DEL_CURRENT(launch, wanted);
3160 0 : SMARTLIST_DEL_CURRENT(old_conns, conn);
3161 0 : break;
3162 : }
3163 : #endif /* defined(ENABLE_LISTENER_REBIND) */
3164 : }
3165 0 : } SMARTLIST_FOREACH_END(wanted);
3166 :
3167 0 : if (found_port) {
3168 : /* This listener is already running; we don't need to launch it. */
3169 : //log_debug(LD_NET, "Already have %s on %s:%d",
3170 : // conn_type_to_string(found_port->type), conn->address, conn->port);
3171 0 : smartlist_remove(launch, found_port);
3172 : /* And we can remove the connection from old_conns too. */
3173 0 : SMARTLIST_DEL_CURRENT(old_conns, conn);
3174 : }
3175 0 : } SMARTLIST_FOREACH_END(conn);
3176 :
3177 : /* Now open all the listeners that are configured but not opened. */
3178 4 : SMARTLIST_FOREACH_BEGIN(launch, const port_cfg_t *, port) {
3179 0 : int skip = 0;
3180 0 : connection_t *conn = connection_listener_new_for_port(port, &skip, NULL);
3181 :
3182 0 : if (conn && new_conns)
3183 0 : smartlist_add(new_conns, conn);
3184 0 : else if (!skip)
3185 0 : r = -1;
3186 0 : } SMARTLIST_FOREACH_END(port);
3187 :
3188 4 : smartlist_free(launch);
3189 :
3190 4 : return r;
3191 : }
3192 :
3193 : /** Launch listeners for each port you should have open. Only launch
3194 : * listeners who are not already open, and only close listeners we no longer
3195 : * want.
3196 : *
3197 : * Add all new connections to <b>new_conns</b>.
3198 : *
3199 : * If <b>close_all_noncontrol</b> is true, then we only open control
3200 : * listeners, and we close all other listeners.
3201 : */
3202 : int
3203 4 : retry_all_listeners(smartlist_t *new_conns, int close_all_noncontrol)
3204 : {
3205 4 : smartlist_t *listeners = smartlist_new();
3206 4 : smartlist_t *replacements = smartlist_new();
3207 4 : const or_options_t *options = get_options();
3208 4 : int retval = 0;
3209 4 : const uint16_t old_or_port = routerconf_find_or_port(options, AF_INET);
3210 4 : const uint16_t old_or_port_ipv6 =
3211 4 : routerconf_find_or_port(options,AF_INET6);
3212 4 : const uint16_t old_dir_port = routerconf_find_dir_port(options, 0);
3213 :
3214 4 : SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
3215 0 : if (connection_is_listener(conn) && !conn->marked_for_close)
3216 0 : smartlist_add(listeners, conn);
3217 0 : } SMARTLIST_FOREACH_END(conn);
3218 :
3219 4 : if (retry_listener_ports(listeners,
3220 : get_configured_ports(),
3221 : new_conns,
3222 : replacements,
3223 : close_all_noncontrol) < 0)
3224 0 : retval = -1;
3225 :
3226 : #ifdef ENABLE_LISTENER_REBIND
3227 4 : if (smartlist_len(replacements))
3228 0 : log_debug(LD_NET, "%d replacements - starting rebinding loop.",
3229 : smartlist_len(replacements));
3230 :
3231 4 : SMARTLIST_FOREACH_BEGIN(replacements, listener_replacement_t *, r) {
3232 0 : int addr_in_use = 0;
3233 0 : int skip = 0;
3234 :
3235 0 : tor_assert(r->new_port);
3236 0 : tor_assert(r->old_conn);
3237 :
3238 0 : connection_t *new_conn =
3239 0 : connection_listener_new_for_port(r->new_port, &skip, &addr_in_use);
3240 0 : connection_t *old_conn = r->old_conn;
3241 :
3242 0 : if (skip) {
3243 0 : log_debug(LD_NET, "Skipping creating new listener for %s",
3244 : connection_describe(old_conn));
3245 0 : continue;
3246 : }
3247 :
3248 0 : connection_close_immediate(old_conn);
3249 0 : connection_mark_for_close(old_conn);
3250 :
3251 0 : if (addr_in_use) {
3252 0 : new_conn = connection_listener_new_for_port(r->new_port,
3253 : &skip, &addr_in_use);
3254 : }
3255 :
3256 : /* There are many reasons why we can't open a new listener port so in case
3257 : * we hit those, bail early so tor can stop. */
3258 0 : if (!new_conn) {
3259 0 : log_warn(LD_NET, "Unable to create listener port: %s:%d",
3260 : fmt_and_decorate_addr(&r->new_port->addr), r->new_port->port);
3261 0 : retval = -1;
3262 0 : break;
3263 : }
3264 :
3265 0 : smartlist_add(new_conns, new_conn);
3266 :
3267 0 : char *old_desc = tor_strdup(connection_describe(old_conn));
3268 0 : log_notice(LD_NET, "Closed no-longer-configured %s "
3269 : "(replaced by %s)",
3270 : old_desc, connection_describe(new_conn));
3271 0 : tor_free(old_desc);
3272 0 : } SMARTLIST_FOREACH_END(r);
3273 : #endif /* defined(ENABLE_LISTENER_REBIND) */
3274 :
3275 : /* Any members that were still in 'listeners' don't correspond to
3276 : * any configured port. Kill 'em. */
3277 4 : SMARTLIST_FOREACH_BEGIN(listeners, connection_t *, conn) {
3278 0 : log_notice(LD_NET, "Closing no-longer-configured %s on %s:%d",
3279 : conn_type_to_string(conn->type),
3280 : fmt_and_decorate_addr(&conn->addr), conn->port);
3281 0 : connection_close_immediate(conn);
3282 0 : connection_mark_for_close(conn);
3283 0 : } SMARTLIST_FOREACH_END(conn);
3284 :
3285 4 : smartlist_free(listeners);
3286 : /* Cleanup any remaining listener replacement. */
3287 4 : SMARTLIST_FOREACH(replacements, listener_replacement_t *, r, tor_free(r));
3288 4 : smartlist_free(replacements);
3289 :
3290 8 : if (old_or_port != routerconf_find_or_port(options, AF_INET) ||
3291 8 : old_or_port_ipv6 != routerconf_find_or_port(options, AF_INET6) ||
3292 4 : old_dir_port != routerconf_find_dir_port(options, 0)) {
3293 : /* Our chosen ORPort or DirPort is not what it used to be: the
3294 : * descriptor we had (if any) should be regenerated. (We won't
3295 : * automatically notice this because of changes in the option,
3296 : * since the value could be "auto".) */
3297 0 : mark_my_descriptor_dirty("Chosen Or/DirPort changed");
3298 : }
3299 :
3300 4 : return retval;
3301 : }
3302 :
3303 : /** Mark every listener of type other than CONTROL_LISTENER to be closed. */
3304 : void
3305 4 : connection_mark_all_noncontrol_listeners(void)
3306 : {
3307 4 : SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
3308 0 : if (conn->marked_for_close)
3309 0 : continue;
3310 0 : if (conn->type == CONN_TYPE_CONTROL_LISTENER)
3311 0 : continue;
3312 0 : if (connection_is_listener(conn))
3313 0 : connection_mark_for_close(conn);
3314 0 : } SMARTLIST_FOREACH_END(conn);
3315 4 : }
3316 :
3317 : /** Mark every external connection not used for controllers for close. */
3318 : void
3319 4 : connection_mark_all_noncontrol_connections(void)
3320 : {
3321 4 : SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
3322 0 : if (conn->marked_for_close)
3323 0 : continue;
3324 0 : switch (conn->type) {
3325 : case CONN_TYPE_CONTROL_LISTENER:
3326 : case CONN_TYPE_CONTROL:
3327 : break;
3328 0 : case CONN_TYPE_AP:
3329 0 : connection_mark_unattached_ap(TO_ENTRY_CONN(conn),
3330 : END_STREAM_REASON_HIBERNATING);
3331 0 : break;
3332 0 : case CONN_TYPE_OR:
3333 : {
3334 0 : or_connection_t *orconn = TO_OR_CONN(conn);
3335 0 : if (orconn->chan) {
3336 0 : connection_or_close_normally(orconn, 0);
3337 : } else {
3338 : /*
3339 : * There should have been one, but mark for close and hope
3340 : * for the best..
3341 : */
3342 0 : connection_mark_for_close(conn);
3343 : }
3344 : }
3345 : break;
3346 0 : default:
3347 0 : connection_mark_for_close(conn);
3348 0 : break;
3349 : }
3350 0 : } SMARTLIST_FOREACH_END(conn);
3351 4 : }
3352 :
3353 : /** Return 1 if we should apply rate limiting to <b>conn</b>, and 0
3354 : * otherwise.
3355 : * Right now this just checks if it's an internal IP address or an
3356 : * internal connection. We also should, but don't, check if the connection
3357 : * uses pluggable transports, since we should then limit it even if it
3358 : * comes from an internal IP address. */
3359 : static int
3360 30 : connection_is_rate_limited(const connection_t *conn)
3361 : {
3362 30 : const or_options_t *options = get_options();
3363 30 : if (conn->linked)
3364 : return 0; /* Internal connection */
3365 30 : else if (! options->CountPrivateBandwidth &&
3366 24 : ! conn->always_rate_limit_as_remote &&
3367 24 : (tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */
3368 24 : tor_addr_family(&conn->addr) == AF_UNIX || /* no address */
3369 24 : tor_addr_is_internal(&conn->addr, 0)))
3370 21 : return 0; /* Internal address */
3371 : else
3372 9 : return 1;
3373 : }
3374 :
3375 : /** When was either global write bucket last empty? If this was recent, then
3376 : * we're probably low on bandwidth, and we should be stingy with our bandwidth
3377 : * usage. */
3378 : static time_t write_buckets_last_empty_at = -100;
3379 :
3380 : /** How many seconds of no active local circuits will make the
3381 : * connection revert to the "relayed" bandwidth class? */
3382 : #define CLIENT_IDLE_TIME_FOR_PRIORITY 30
3383 :
3384 : /** Return 1 if <b>conn</b> should use tokens from the "relayed"
3385 : * bandwidth rates, else 0. Currently, only OR conns with bandwidth
3386 : * class 1, and directory conns that are serving data out, count.
3387 : */
3388 : static int
3389 0 : connection_counts_as_relayed_traffic(connection_t *conn, time_t now)
3390 : {
3391 0 : if (conn->type == CONN_TYPE_OR &&
3392 0 : connection_or_client_used(TO_OR_CONN(conn)) +
3393 : CLIENT_IDLE_TIME_FOR_PRIORITY < now)
3394 : return 1;
3395 0 : if (conn->type == CONN_TYPE_DIR && DIR_CONN_IS_SERVER(conn))
3396 0 : return 1;
3397 : return 0;
3398 : }
3399 :
3400 : /** Helper function to decide how many bytes out of <b>global_bucket</b>
3401 : * we're willing to use for this transaction. <b>base</b> is the size
3402 : * of a cell on the network; <b>priority</b> says whether we should
3403 : * write many of them or just a few; and <b>conn_bucket</b> (if
3404 : * non-negative) provides an upper limit for our answer. */
3405 : static ssize_t
3406 0 : connection_bucket_get_share(int base, int priority,
3407 : ssize_t global_bucket_val, ssize_t conn_bucket)
3408 : {
3409 0 : ssize_t at_most;
3410 0 : ssize_t num_bytes_high = (priority ? 32 : 16) * base;
3411 0 : ssize_t num_bytes_low = (priority ? 4 : 2) * base;
3412 :
3413 : /* Do a rudimentary limiting so one circuit can't hog a connection.
3414 : * Pick at most 32 cells, at least 4 cells if possible, and if we're in
3415 : * the middle pick 1/8 of the available bandwidth. */
3416 0 : at_most = global_bucket_val / 8;
3417 0 : at_most -= (at_most % base); /* round down */
3418 0 : if (at_most > num_bytes_high) /* 16 KB, or 8 KB for low-priority */
3419 : at_most = num_bytes_high;
3420 0 : else if (at_most < num_bytes_low) /* 2 KB, or 1 KB for low-priority */
3421 : at_most = num_bytes_low;
3422 :
3423 0 : if (at_most > global_bucket_val)
3424 : at_most = global_bucket_val;
3425 :
3426 0 : if (conn_bucket >= 0 && at_most > conn_bucket)
3427 0 : at_most = conn_bucket;
3428 :
3429 0 : if (at_most < 0)
3430 : return 0;
3431 : return at_most;
3432 : }
3433 :
3434 : /** How many bytes at most can we read onto this connection? */
3435 : static ssize_t
3436 0 : connection_bucket_read_limit(connection_t *conn, time_t now)
3437 : {
3438 0 : int base = RELAY_PAYLOAD_SIZE;
3439 0 : int priority = conn->type != CONN_TYPE_DIR;
3440 0 : ssize_t conn_bucket = -1;
3441 0 : size_t global_bucket_val = token_bucket_rw_get_read(&global_bucket);
3442 0 : if (global_bucket_val == 0) {
3443 : /* We reached our global read limit: count this as an overload.
3444 : *
3445 : * The token bucket is always initialized (see connection_bucket_init() and
3446 : * options_validate_relay_bandwidth()) and hence we can assume that if the
3447 : * token ever hits zero, it's a limit that got popped and not the bucket
3448 : * being uninitialized.
3449 : */
3450 0 : rep_hist_note_overload(OVERLOAD_READ);
3451 : }
3452 :
3453 0 : if (connection_speaks_cells(conn)) {
3454 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
3455 0 : if (conn->state == OR_CONN_STATE_OPEN)
3456 0 : conn_bucket = token_bucket_rw_get_read(&or_conn->bucket);
3457 0 : base = get_cell_network_size(or_conn->wide_circ_ids);
3458 : }
3459 :
3460 0 : if (!connection_is_rate_limited(conn)) {
3461 : /* be willing to read on local conns even if our buckets are empty */
3462 0 : return conn_bucket>=0 ? conn_bucket : 1<<14;
3463 : }
3464 :
3465 0 : if (connection_counts_as_relayed_traffic(conn, now)) {
3466 0 : size_t relayed = token_bucket_rw_get_read(&global_relayed_bucket);
3467 0 : global_bucket_val = MIN(global_bucket_val, relayed);
3468 : }
3469 :
3470 0 : return connection_bucket_get_share(base, priority,
3471 : global_bucket_val, conn_bucket);
3472 : }
3473 :
3474 : /** How many bytes at most can we write onto this connection? */
3475 : ssize_t
3476 0 : connection_bucket_write_limit(connection_t *conn, time_t now)
3477 : {
3478 0 : int base = RELAY_PAYLOAD_SIZE;
3479 0 : int priority = conn->type != CONN_TYPE_DIR;
3480 0 : size_t conn_bucket = buf_datalen(conn->outbuf);
3481 0 : size_t global_bucket_val = token_bucket_rw_get_write(&global_bucket);
3482 0 : if (global_bucket_val == 0) {
3483 : /* We reached our global write limit: We should count this as an overload.
3484 : * See above function for more information */
3485 0 : rep_hist_note_overload(OVERLOAD_WRITE);
3486 : }
3487 :
3488 0 : if (!connection_is_rate_limited(conn)) {
3489 : /* be willing to write to local conns even if our buckets are empty */
3490 0 : return conn_bucket;
3491 : }
3492 :
3493 0 : if (connection_speaks_cells(conn)) {
3494 : /* use the per-conn write limit if it's lower */
3495 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
3496 0 : if (conn->state == OR_CONN_STATE_OPEN)
3497 0 : conn_bucket = MIN(conn_bucket,
3498 : token_bucket_rw_get_write(&or_conn->bucket));
3499 0 : base = get_cell_network_size(or_conn->wide_circ_ids);
3500 : }
3501 :
3502 0 : if (connection_counts_as_relayed_traffic(conn, now)) {
3503 0 : size_t relayed = token_bucket_rw_get_write(&global_relayed_bucket);
3504 0 : global_bucket_val = MIN(global_bucket_val, relayed);
3505 : }
3506 :
3507 0 : return connection_bucket_get_share(base, priority,
3508 : global_bucket_val, conn_bucket);
3509 : }
3510 :
3511 : /** Return true iff the global write buckets are low enough that we
3512 : * shouldn't send <b>attempt</b> bytes of low-priority directory stuff
3513 : * out to <b>conn</b>.
3514 : *
3515 : * If we are a directory authority, always answer dir requests thus true is
3516 : * always returned.
3517 : *
3518 : * Note: There are a lot of parameters we could use here:
3519 : * - global_relayed_write_bucket. Low is bad.
3520 : * - global_write_bucket. Low is bad.
3521 : * - bandwidthrate. Low is bad.
3522 : * - bandwidthburst. Not a big factor?
3523 : * - attempt. High is bad.
3524 : * - total bytes queued on outbufs. High is bad. But I'm wary of
3525 : * using this, since a few slow-flushing queues will pump up the
3526 : * number without meaning what we meant to mean. What we really
3527 : * mean is "total directory bytes added to outbufs recently", but
3528 : * that's harder to quantify and harder to keep track of.
3529 : */
3530 : bool
3531 35 : connection_dir_is_global_write_low(const connection_t *conn, size_t attempt)
3532 : {
3533 35 : size_t smaller_bucket =
3534 35 : MIN(token_bucket_rw_get_write(&global_bucket),
3535 : token_bucket_rw_get_write(&global_relayed_bucket));
3536 :
3537 : /* Special case for authorities (directory only). */
3538 35 : if (authdir_mode_v3(get_options())) {
3539 : /* Are we configured to possibly reject requests under load? */
3540 6 : if (!dirauth_should_reject_requests_under_load()) {
3541 : /* Answer request no matter what. */
3542 : return false;
3543 : }
3544 : /* Always answer requests from a known relay which includes the other
3545 : * authorities. The following looks up the addresses for relays that we
3546 : * have their descriptor _and_ any configured trusted directories. */
3547 5 : if (nodelist_probably_contains_address(&conn->addr)) {
3548 : return false;
3549 : }
3550 : }
3551 :
3552 30 : if (!connection_is_rate_limited(conn))
3553 : return false; /* local conns don't get limited */
3554 :
3555 9 : if (smaller_bucket < attempt)
3556 : return true; /* not enough space. */
3557 :
3558 : {
3559 0 : const time_t diff = approx_time() - write_buckets_last_empty_at;
3560 0 : if (diff <= 1)
3561 0 : return true; /* we're already hitting our limits, no more please */
3562 : }
3563 : return false;
3564 : }
3565 :
3566 : /** When did we last tell the accounting subsystem about transmitted
3567 : * bandwidth? */
3568 : static time_t last_recorded_accounting_at = 0;
3569 :
3570 : /** Helper: adjusts our bandwidth history and informs the controller as
3571 : * appropriate, given that we have just read <b>num_read</b> bytes and written
3572 : * <b>num_written</b> bytes on <b>conn</b>. */
3573 : static void
3574 0 : record_num_bytes_transferred_impl(connection_t *conn,
3575 : time_t now, size_t num_read, size_t num_written)
3576 : {
3577 : /* Count bytes of answering direct and tunneled directory requests */
3578 0 : if (conn->type == CONN_TYPE_DIR && conn->purpose == DIR_PURPOSE_SERVER) {
3579 0 : if (num_read > 0)
3580 0 : bwhist_note_dir_bytes_read(num_read, now);
3581 0 : if (num_written > 0)
3582 0 : bwhist_note_dir_bytes_written(num_written, now);
3583 : }
3584 :
3585 : /* Linked connections and internal IPs aren't counted for statistics or
3586 : * accounting:
3587 : * - counting linked connections would double-count BEGINDIR bytes, because
3588 : * they are sent as Dir bytes on the linked connection, and OR bytes on
3589 : * the OR connection;
3590 : * - relays and clients don't connect to internal IPs, unless specifically
3591 : * configured to do so. If they are configured that way, we don't count
3592 : * internal bytes.
3593 : */
3594 0 : if (!connection_is_rate_limited(conn))
3595 : return;
3596 :
3597 0 : const bool is_ipv6 = (conn->socket_family == AF_INET6);
3598 0 : if (conn->type == CONN_TYPE_OR)
3599 0 : conn_stats_note_or_conn_bytes(conn->global_identifier, num_read,
3600 : num_written, now, is_ipv6);
3601 :
3602 0 : if (num_read > 0) {
3603 0 : bwhist_note_bytes_read(num_read, now, is_ipv6);
3604 : }
3605 0 : if (num_written > 0) {
3606 0 : bwhist_note_bytes_written(num_written, now, is_ipv6);
3607 : }
3608 0 : if (conn->type == CONN_TYPE_EXIT)
3609 0 : rep_hist_note_exit_bytes(conn->port, num_written, num_read);
3610 :
3611 : /* Remember these bytes towards statistics. */
3612 0 : stats_increment_bytes_read_and_written(num_read, num_written);
3613 :
3614 : /* Remember these bytes towards accounting. */
3615 0 : if (accounting_is_enabled(get_options())) {
3616 0 : if (now > last_recorded_accounting_at && last_recorded_accounting_at) {
3617 0 : accounting_add_bytes(num_read, num_written,
3618 0 : (int)(now - last_recorded_accounting_at));
3619 : } else {
3620 0 : accounting_add_bytes(num_read, num_written, 0);
3621 : }
3622 0 : last_recorded_accounting_at = now;
3623 : }
3624 : }
3625 :
3626 : /** We just read <b>num_read</b> and wrote <b>num_written</b> bytes
3627 : * onto <b>conn</b>. Decrement buckets appropriately. */
3628 : static void
3629 0 : connection_buckets_decrement(connection_t *conn, time_t now,
3630 : size_t num_read, size_t num_written)
3631 : {
3632 0 : if (num_written >= INT_MAX || num_read >= INT_MAX) {
3633 0 : log_err(LD_BUG, "Value out of range. num_read=%lu, num_written=%lu, "
3634 : "connection type=%s, state=%s",
3635 : (unsigned long)num_read, (unsigned long)num_written,
3636 : conn_type_to_string(conn->type),
3637 : conn_state_to_string(conn->type, conn->state));
3638 0 : tor_assert_nonfatal_unreached();
3639 0 : if (num_written >= INT_MAX)
3640 0 : num_written = 1;
3641 0 : if (num_read >= INT_MAX)
3642 0 : num_read = 1;
3643 : }
3644 :
3645 0 : record_num_bytes_transferred_impl(conn, now, num_read, num_written);
3646 :
3647 0 : if (!connection_is_rate_limited(conn))
3648 : return; /* local IPs are free */
3649 :
3650 0 : unsigned flags = 0;
3651 0 : if (connection_counts_as_relayed_traffic(conn, now)) {
3652 0 : flags = token_bucket_rw_dec(&global_relayed_bucket, num_read, num_written);
3653 : }
3654 0 : flags |= token_bucket_rw_dec(&global_bucket, num_read, num_written);
3655 :
3656 0 : if (flags & TB_WRITE) {
3657 0 : write_buckets_last_empty_at = now;
3658 : }
3659 0 : if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
3660 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
3661 0 : token_bucket_rw_dec(&or_conn->bucket, num_read, num_written);
3662 : }
3663 : }
3664 :
3665 : /**
3666 : * Mark <b>conn</b> as needing to stop reading because bandwidth has been
3667 : * exhausted. If <b>is_global_bw</b>, it is closing because global bandwidth
3668 : * limit has been exhausted. Otherwise, it is closing because its own
3669 : * bandwidth limit has been exhausted.
3670 : */
3671 : void
3672 0 : connection_read_bw_exhausted(connection_t *conn, bool is_global_bw)
3673 : {
3674 0 : (void)is_global_bw;
3675 0 : conn->read_blocked_on_bw = 1;
3676 0 : connection_stop_reading(conn);
3677 0 : reenable_blocked_connection_schedule();
3678 0 : }
3679 :
3680 : /**
3681 : * Mark <b>conn</b> as needing to stop reading because write bandwidth has
3682 : * been exhausted. If <b>is_global_bw</b>, it is closing because global
3683 : * bandwidth limit has been exhausted. Otherwise, it is closing because its
3684 : * own bandwidth limit has been exhausted.
3685 : */
3686 : void
3687 0 : connection_write_bw_exhausted(connection_t *conn, bool is_global_bw)
3688 : {
3689 0 : (void)is_global_bw;
3690 0 : conn->write_blocked_on_bw = 1;
3691 0 : connection_stop_writing(conn);
3692 0 : reenable_blocked_connection_schedule();
3693 0 : }
3694 :
3695 : /** If we have exhausted our global buckets, or the buckets for conn,
3696 : * stop reading. */
3697 : void
3698 0 : connection_consider_empty_read_buckets(connection_t *conn)
3699 : {
3700 0 : const char *reason;
3701 :
3702 0 : if (!connection_is_rate_limited(conn))
3703 : return; /* Always okay. */
3704 :
3705 0 : int is_global = 1;
3706 :
3707 0 : if (token_bucket_rw_get_read(&global_bucket) <= 0) {
3708 : reason = "global read bucket exhausted. Pausing.";
3709 0 : } else if (connection_counts_as_relayed_traffic(conn, approx_time()) &&
3710 0 : token_bucket_rw_get_read(&global_relayed_bucket) <= 0) {
3711 : reason = "global relayed read bucket exhausted. Pausing.";
3712 0 : } else if (connection_speaks_cells(conn) &&
3713 0 : conn->state == OR_CONN_STATE_OPEN &&
3714 0 : token_bucket_rw_get_read(&TO_OR_CONN(conn)->bucket) <= 0) {
3715 : reason = "connection read bucket exhausted. Pausing.";
3716 : is_global = false;
3717 : } else
3718 0 : return; /* all good, no need to stop it */
3719 :
3720 0 : LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason));
3721 0 : connection_read_bw_exhausted(conn, is_global);
3722 : }
3723 :
3724 : /** If we have exhausted our global buckets, or the buckets for conn,
3725 : * stop writing. */
3726 : void
3727 0 : connection_consider_empty_write_buckets(connection_t *conn)
3728 : {
3729 0 : const char *reason;
3730 :
3731 0 : if (!connection_is_rate_limited(conn))
3732 : return; /* Always okay. */
3733 :
3734 0 : bool is_global = true;
3735 0 : if (token_bucket_rw_get_write(&global_bucket) <= 0) {
3736 : reason = "global write bucket exhausted. Pausing.";
3737 0 : } else if (connection_counts_as_relayed_traffic(conn, approx_time()) &&
3738 0 : token_bucket_rw_get_write(&global_relayed_bucket) <= 0) {
3739 : reason = "global relayed write bucket exhausted. Pausing.";
3740 0 : } else if (connection_speaks_cells(conn) &&
3741 0 : conn->state == OR_CONN_STATE_OPEN &&
3742 0 : token_bucket_rw_get_write(&TO_OR_CONN(conn)->bucket) <= 0) {
3743 : reason = "connection write bucket exhausted. Pausing.";
3744 : is_global = false;
3745 : } else
3746 0 : return; /* all good, no need to stop it */
3747 :
3748 0 : LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason));
3749 0 : connection_write_bw_exhausted(conn, is_global);
3750 : }
3751 :
3752 : /** Initialize the global buckets to the values configured in the
3753 : * options */
3754 : void
3755 1 : connection_bucket_init(void)
3756 : {
3757 1 : const or_options_t *options = get_options();
3758 1 : const uint32_t now_ts = monotime_coarse_get_stamp();
3759 1 : token_bucket_rw_init(&global_bucket,
3760 1 : (int32_t)options->BandwidthRate,
3761 1 : (int32_t)options->BandwidthBurst,
3762 : now_ts);
3763 1 : if (options->RelayBandwidthRate) {
3764 0 : token_bucket_rw_init(&global_relayed_bucket,
3765 : (int32_t)options->RelayBandwidthRate,
3766 0 : (int32_t)options->RelayBandwidthBurst,
3767 : now_ts);
3768 : } else {
3769 1 : token_bucket_rw_init(&global_relayed_bucket,
3770 1 : (int32_t)options->BandwidthRate,
3771 1 : (int32_t)options->BandwidthBurst,
3772 : now_ts);
3773 : }
3774 :
3775 1 : reenable_blocked_connection_init(options);
3776 1 : }
3777 :
3778 : /** Update the global connection bucket settings to a new value. */
3779 : void
3780 0 : connection_bucket_adjust(const or_options_t *options)
3781 : {
3782 0 : token_bucket_rw_adjust(&global_bucket,
3783 0 : (int32_t)options->BandwidthRate,
3784 0 : (int32_t)options->BandwidthBurst);
3785 0 : if (options->RelayBandwidthRate) {
3786 0 : token_bucket_rw_adjust(&global_relayed_bucket,
3787 : (int32_t)options->RelayBandwidthRate,
3788 0 : (int32_t)options->RelayBandwidthBurst);
3789 : } else {
3790 0 : token_bucket_rw_adjust(&global_relayed_bucket,
3791 0 : (int32_t)options->BandwidthRate,
3792 0 : (int32_t)options->BandwidthBurst);
3793 : }
3794 0 : }
3795 :
3796 : /**
3797 : * Cached value of the last coarse-timestamp when we refilled the
3798 : * global buckets.
3799 : */
3800 : static uint32_t last_refilled_global_buckets_ts=0;
3801 : /**
3802 : * Refill the token buckets for a single connection <b>conn</b>, and the
3803 : * global token buckets as appropriate. Requires that <b>now_ts</b> is
3804 : * the time in coarse timestamp units.
3805 : */
3806 : static void
3807 0 : connection_bucket_refill_single(connection_t *conn, uint32_t now_ts)
3808 : {
3809 : /* Note that we only check for equality here: the underlying
3810 : * token bucket functions can handle moving backwards in time if they
3811 : * need to. */
3812 0 : if (now_ts != last_refilled_global_buckets_ts) {
3813 0 : token_bucket_rw_refill(&global_bucket, now_ts);
3814 0 : token_bucket_rw_refill(&global_relayed_bucket, now_ts);
3815 0 : last_refilled_global_buckets_ts = now_ts;
3816 : }
3817 :
3818 0 : if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
3819 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
3820 0 : token_bucket_rw_refill(&or_conn->bucket, now_ts);
3821 : }
3822 0 : }
3823 :
3824 : /**
3825 : * Event to re-enable all connections that were previously blocked on read or
3826 : * write.
3827 : */
3828 : static mainloop_event_t *reenable_blocked_connections_ev = NULL;
3829 :
3830 : /** True iff reenable_blocked_connections_ev is currently scheduled. */
3831 : static int reenable_blocked_connections_is_scheduled = 0;
3832 :
3833 : /** Delay after which to run reenable_blocked_connections_ev. */
3834 : static struct timeval reenable_blocked_connections_delay;
3835 :
3836 : /**
3837 : * Re-enable all connections that were previously blocked on read or write.
3838 : * This event is scheduled after enough time has elapsed to be sure
3839 : * that the buckets will refill when the connections have something to do.
3840 : */
3841 : static void
3842 0 : reenable_blocked_connections_cb(mainloop_event_t *ev, void *arg)
3843 : {
3844 0 : (void)ev;
3845 0 : (void)arg;
3846 0 : SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
3847 0 : if (conn->read_blocked_on_bw == 1) {
3848 0 : connection_start_reading(conn);
3849 0 : conn->read_blocked_on_bw = 0;
3850 : }
3851 0 : if (conn->write_blocked_on_bw == 1) {
3852 0 : connection_start_writing(conn);
3853 0 : conn->write_blocked_on_bw = 0;
3854 : }
3855 0 : } SMARTLIST_FOREACH_END(conn);
3856 :
3857 0 : reenable_blocked_connections_is_scheduled = 0;
3858 0 : }
3859 :
3860 : /**
3861 : * Initialize the mainloop event that we use to wake up connections that
3862 : * find themselves blocked on bandwidth.
3863 : */
3864 : static void
3865 1 : reenable_blocked_connection_init(const or_options_t *options)
3866 : {
3867 1 : if (! reenable_blocked_connections_ev) {
3868 2 : reenable_blocked_connections_ev =
3869 1 : mainloop_event_new(reenable_blocked_connections_cb, NULL);
3870 1 : reenable_blocked_connections_is_scheduled = 0;
3871 : }
3872 1 : time_t sec = options->TokenBucketRefillInterval / 1000;
3873 1 : int msec = (options->TokenBucketRefillInterval % 1000);
3874 1 : reenable_blocked_connections_delay.tv_sec = sec;
3875 1 : reenable_blocked_connections_delay.tv_usec = msec * 1000;
3876 1 : }
3877 :
3878 : /**
3879 : * Called when we have blocked a connection for being low on bandwidth:
3880 : * schedule an event to reenable such connections, if it is not already
3881 : * scheduled.
3882 : */
3883 : static void
3884 0 : reenable_blocked_connection_schedule(void)
3885 : {
3886 0 : if (reenable_blocked_connections_is_scheduled)
3887 : return;
3888 0 : if (BUG(reenable_blocked_connections_ev == NULL)) {
3889 0 : reenable_blocked_connection_init(get_options());
3890 : }
3891 0 : mainloop_event_schedule(reenable_blocked_connections_ev,
3892 : &reenable_blocked_connections_delay);
3893 0 : reenable_blocked_connections_is_scheduled = 1;
3894 : }
3895 :
3896 : /** Read bytes from conn-\>s and process them.
3897 : *
3898 : * It calls connection_buf_read_from_socket() to bring in any new bytes,
3899 : * and then calls connection_process_inbuf() to process them.
3900 : *
3901 : * Mark the connection and return -1 if you want to close it, else
3902 : * return 0.
3903 : */
3904 : static int
3905 0 : connection_handle_read_impl(connection_t *conn)
3906 : {
3907 0 : ssize_t max_to_read=-1, try_to_read;
3908 0 : size_t before, n_read = 0;
3909 0 : int socket_error = 0;
3910 :
3911 0 : if (conn->marked_for_close)
3912 : return 0; /* do nothing */
3913 :
3914 0 : conn->timestamp_last_read_allowed = approx_time();
3915 :
3916 0 : connection_bucket_refill_single(conn, monotime_coarse_get_stamp());
3917 :
3918 0 : switch (conn->type) {
3919 0 : case CONN_TYPE_OR_LISTENER:
3920 0 : return connection_handle_listener_read(conn, CONN_TYPE_OR);
3921 0 : case CONN_TYPE_EXT_OR_LISTENER:
3922 0 : return connection_handle_listener_read(conn, CONN_TYPE_EXT_OR);
3923 0 : case CONN_TYPE_AP_LISTENER:
3924 : case CONN_TYPE_AP_TRANS_LISTENER:
3925 : case CONN_TYPE_AP_NATD_LISTENER:
3926 : case CONN_TYPE_AP_HTTP_CONNECT_LISTENER:
3927 0 : return connection_handle_listener_read(conn, CONN_TYPE_AP);
3928 0 : case CONN_TYPE_DIR_LISTENER:
3929 0 : return connection_handle_listener_read(conn, CONN_TYPE_DIR);
3930 0 : case CONN_TYPE_CONTROL_LISTENER:
3931 0 : return connection_handle_listener_read(conn, CONN_TYPE_CONTROL);
3932 0 : case CONN_TYPE_METRICS_LISTENER:
3933 0 : return connection_handle_listener_read(conn, CONN_TYPE_METRICS);
3934 0 : case CONN_TYPE_AP_DNS_LISTENER:
3935 : /* This should never happen; eventdns.c handles the reads here. */
3936 0 : tor_fragile_assert();
3937 : return 0;
3938 : }
3939 :
3940 0 : loop_again:
3941 0 : try_to_read = max_to_read;
3942 0 : tor_assert(!conn->marked_for_close);
3943 :
3944 0 : before = buf_datalen(conn->inbuf);
3945 0 : if (connection_buf_read_from_socket(conn, &max_to_read, &socket_error) < 0) {
3946 : /* There's a read error; kill the connection.*/
3947 0 : if (conn->type == CONN_TYPE_OR) {
3948 0 : connection_or_notify_error(TO_OR_CONN(conn),
3949 0 : socket_error != 0 ?
3950 0 : errno_to_orconn_end_reason(socket_error) :
3951 : END_OR_CONN_REASON_CONNRESET,
3952 0 : socket_error != 0 ?
3953 0 : tor_socket_strerror(socket_error) :
3954 : "(unknown, errno was 0)");
3955 : }
3956 0 : if (CONN_IS_EDGE(conn)) {
3957 0 : edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
3958 0 : connection_edge_end_errno(edge_conn);
3959 0 : if (conn->type == CONN_TYPE_AP && TO_ENTRY_CONN(conn)->socks_request) {
3960 : /* broken, don't send a socks reply back */
3961 0 : TO_ENTRY_CONN(conn)->socks_request->has_finished = 1;
3962 : }
3963 : }
3964 0 : connection_close_immediate(conn); /* Don't flush; connection is dead. */
3965 : /*
3966 : * This can bypass normal channel checking since we did
3967 : * connection_or_notify_error() above.
3968 : */
3969 0 : connection_mark_for_close_internal(conn);
3970 0 : return -1;
3971 : }
3972 0 : n_read += buf_datalen(conn->inbuf) - before;
3973 0 : if (CONN_IS_EDGE(conn) && try_to_read != max_to_read) {
3974 : /* instruct it not to try to package partial cells. */
3975 0 : if (connection_process_inbuf(conn, 0) < 0) {
3976 : return -1;
3977 : }
3978 0 : if (!conn->marked_for_close &&
3979 0 : connection_is_reading(conn) &&
3980 0 : !conn->inbuf_reached_eof &&
3981 : max_to_read > 0)
3982 0 : goto loop_again; /* try reading again, in case more is here now */
3983 : }
3984 : /* one last try, packaging partial cells and all. */
3985 0 : if (!conn->marked_for_close &&
3986 0 : connection_process_inbuf(conn, 1) < 0) {
3987 : return -1;
3988 : }
3989 0 : if (conn->linked_conn) {
3990 : /* The other side's handle_write() will never actually get called, so
3991 : * we need to invoke the appropriate callbacks ourself. */
3992 0 : connection_t *linked = conn->linked_conn;
3993 :
3994 0 : if (n_read) {
3995 : /* Probably a no-op, since linked conns typically don't count for
3996 : * bandwidth rate limiting. But do it anyway so we can keep stats
3997 : * accurately. Note that since we read the bytes from conn, and
3998 : * we're writing the bytes onto the linked connection, we count
3999 : * these as <i>written</i> bytes. */
4000 0 : connection_buckets_decrement(linked, approx_time(), 0, n_read);
4001 :
4002 0 : if (connection_flushed_some(linked) < 0)
4003 0 : connection_mark_for_close(linked);
4004 0 : if (!connection_wants_to_flush(linked))
4005 0 : connection_finished_flushing(linked);
4006 : }
4007 :
4008 0 : if (!buf_datalen(linked->outbuf) && conn->active_on_link)
4009 0 : connection_stop_reading_from_linked_conn(conn);
4010 : }
4011 : /* If we hit the EOF, call connection_reached_eof(). */
4012 0 : if (!conn->marked_for_close &&
4013 0 : conn->inbuf_reached_eof &&
4014 0 : connection_reached_eof(conn) < 0) {
4015 0 : return -1;
4016 : }
4017 : return 0;
4018 : }
4019 :
4020 : /* DOCDOC connection_handle_read */
4021 : int
4022 0 : connection_handle_read(connection_t *conn)
4023 : {
4024 0 : int res;
4025 0 : update_current_time(time(NULL));
4026 0 : res = connection_handle_read_impl(conn);
4027 0 : return res;
4028 : }
4029 :
4030 : /** Pull in new bytes from conn-\>s or conn-\>linked_conn onto conn-\>inbuf,
4031 : * either directly or via TLS. Reduce the token buckets by the number of bytes
4032 : * read.
4033 : *
4034 : * If *max_to_read is -1, then decide it ourselves, else go with the
4035 : * value passed to us. When returning, if it's changed, subtract the
4036 : * number of bytes we read from *max_to_read.
4037 : *
4038 : * Return -1 if we want to break conn, else return 0.
4039 : */
4040 : static int
4041 0 : connection_buf_read_from_socket(connection_t *conn, ssize_t *max_to_read,
4042 : int *socket_error)
4043 : {
4044 0 : int result;
4045 0 : ssize_t at_most = *max_to_read;
4046 0 : size_t slack_in_buf, more_to_read;
4047 0 : size_t n_read = 0, n_written = 0;
4048 :
4049 0 : if (at_most == -1) { /* we need to initialize it */
4050 : /* how many bytes are we allowed to read? */
4051 0 : at_most = connection_bucket_read_limit(conn, approx_time());
4052 : }
4053 :
4054 : /* Do not allow inbuf to grow past BUF_MAX_LEN. */
4055 0 : const ssize_t maximum = BUF_MAX_LEN - buf_datalen(conn->inbuf);
4056 0 : if (at_most > maximum) {
4057 : at_most = maximum;
4058 : }
4059 :
4060 0 : slack_in_buf = buf_slack(conn->inbuf);
4061 0 : again:
4062 0 : if ((size_t)at_most > slack_in_buf && slack_in_buf >= 1024) {
4063 0 : more_to_read = at_most - slack_in_buf;
4064 0 : at_most = slack_in_buf;
4065 : } else {
4066 : more_to_read = 0;
4067 : }
4068 :
4069 0 : if (connection_speaks_cells(conn) &&
4070 0 : conn->state > OR_CONN_STATE_PROXY_HANDSHAKING) {
4071 0 : int pending;
4072 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
4073 0 : size_t initial_size;
4074 0 : if (conn->state == OR_CONN_STATE_TLS_HANDSHAKING ||
4075 : conn->state == OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING) {
4076 : /* continue handshaking even if global token bucket is empty */
4077 0 : return connection_tls_continue_handshake(or_conn);
4078 : }
4079 :
4080 0 : log_debug(LD_NET,
4081 : "%d: starting, inbuf_datalen %ld (%d pending in tls object)."
4082 : " at_most %ld.",
4083 : (int)conn->s,(long)buf_datalen(conn->inbuf),
4084 : tor_tls_get_pending_bytes(or_conn->tls), (long)at_most);
4085 :
4086 0 : initial_size = buf_datalen(conn->inbuf);
4087 : /* else open, or closing */
4088 0 : result = buf_read_from_tls(conn->inbuf, or_conn->tls, at_most);
4089 0 : if (TOR_TLS_IS_ERROR(result) || result == TOR_TLS_CLOSE)
4090 0 : or_conn->tls_error = result;
4091 : else
4092 0 : or_conn->tls_error = 0;
4093 :
4094 0 : switch (result) {
4095 : case TOR_TLS_CLOSE:
4096 : case TOR_TLS_ERROR_IO:
4097 0 : log_debug(LD_NET,"TLS %s closed %son read. Closing.",
4098 : connection_describe(conn),
4099 : result == TOR_TLS_CLOSE ? "cleanly " : "");
4100 0 : return result;
4101 : CASE_TOR_TLS_ERROR_ANY_NONIO:
4102 0 : log_debug(LD_NET,"tls error [%s] from %s. Breaking.",
4103 : tor_tls_err_to_string(result),
4104 : connection_describe(conn));
4105 0 : return result;
4106 0 : case TOR_TLS_WANTWRITE:
4107 0 : connection_start_writing(conn);
4108 0 : return 0;
4109 0 : case TOR_TLS_WANTREAD:
4110 0 : if (conn->in_connection_handle_write) {
4111 : /* We've been invoked from connection_handle_write, because we're
4112 : * waiting for a TLS renegotiation, the renegotiation started, and
4113 : * SSL_read returned WANTWRITE. But now SSL_read is saying WANTREAD
4114 : * again. Stop waiting for write events now, or else we'll
4115 : * busy-loop until data arrives for us to read.
4116 : * XXX: remove this when v2 handshakes support is dropped. */
4117 0 : connection_stop_writing(conn);
4118 0 : if (!connection_is_reading(conn))
4119 0 : connection_start_reading(conn);
4120 : }
4121 : /* we're already reading, one hopes */
4122 : break;
4123 : case TOR_TLS_DONE: /* no data read, so nothing to process */
4124 : break; /* so we call bucket_decrement below */
4125 : default:
4126 : break;
4127 : }
4128 0 : pending = tor_tls_get_pending_bytes(or_conn->tls);
4129 0 : if (pending) {
4130 : /* If we have any pending bytes, we read them now. This *can*
4131 : * take us over our read allotment, but really we shouldn't be
4132 : * believing that SSL bytes are the same as TCP bytes anyway. */
4133 0 : int r2 = buf_read_from_tls(conn->inbuf, or_conn->tls, pending);
4134 0 : if (BUG(r2<0)) {
4135 0 : log_warn(LD_BUG, "apparently, reading pending bytes can fail.");
4136 0 : return -1;
4137 : }
4138 : }
4139 0 : result = (int)(buf_datalen(conn->inbuf)-initial_size);
4140 0 : tor_tls_get_n_raw_bytes(or_conn->tls, &n_read, &n_written);
4141 0 : log_debug(LD_GENERAL, "After TLS read of %d: %ld read, %ld written",
4142 : result, (long)n_read, (long)n_written);
4143 0 : } else if (conn->linked) {
4144 0 : if (conn->linked_conn) {
4145 0 : result = (int) buf_move_all(conn->inbuf, conn->linked_conn->outbuf);
4146 : } else {
4147 : result = 0;
4148 : }
4149 : //log_notice(LD_GENERAL, "Moved %d bytes on an internal link!", result);
4150 : /* If the other side has disappeared, or if it's been marked for close and
4151 : * we flushed its outbuf, then we should set our inbuf_reached_eof. */
4152 0 : if (!conn->linked_conn ||
4153 0 : (conn->linked_conn->marked_for_close &&
4154 0 : buf_datalen(conn->linked_conn->outbuf) == 0))
4155 0 : conn->inbuf_reached_eof = 1;
4156 :
4157 0 : n_read = (size_t) result;
4158 : } else {
4159 : /* !connection_speaks_cells, !conn->linked_conn. */
4160 0 : int reached_eof = 0;
4161 0 : CONN_LOG_PROTECT(conn,
4162 : result = buf_read_from_socket(conn->inbuf, conn->s,
4163 : at_most,
4164 : &reached_eof,
4165 : socket_error));
4166 0 : if (reached_eof)
4167 0 : conn->inbuf_reached_eof = 1;
4168 :
4169 : // log_fn(LOG_DEBUG,"read_to_buf returned %d.",read_result);
4170 :
4171 0 : if (result < 0)
4172 0 : return -1;
4173 0 : n_read = (size_t) result;
4174 : }
4175 :
4176 0 : if (n_read > 0) {
4177 : /* change *max_to_read */
4178 0 : *max_to_read = at_most - n_read;
4179 :
4180 : /* Onion service application connection. Note read bytes for metrics. */
4181 0 : if (CONN_IS_EDGE(conn) && TO_EDGE_CONN(conn)->hs_ident) {
4182 0 : edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
4183 0 : hs_metrics_app_read_bytes(&edge_conn->hs_ident->identity_pk,
4184 : edge_conn->hs_ident->orig_virtual_port,
4185 : n_read);
4186 : }
4187 :
4188 : /* Update edge_conn->n_read */
4189 0 : if (conn->type == CONN_TYPE_AP) {
4190 0 : edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
4191 :
4192 : /* Check for overflow: */
4193 0 : if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_read > n_read))
4194 0 : edge_conn->n_read += (int)n_read;
4195 : else
4196 0 : edge_conn->n_read = UINT32_MAX;
4197 : }
4198 :
4199 : /* If CONN_BW events are enabled, update conn->n_read_conn_bw for
4200 : * OR/DIR/EXIT connections, checking for overflow. */
4201 0 : if (get_options()->TestingEnableConnBwEvent &&
4202 0 : (conn->type == CONN_TYPE_OR ||
4203 0 : conn->type == CONN_TYPE_DIR ||
4204 : conn->type == CONN_TYPE_EXIT)) {
4205 0 : if (PREDICT_LIKELY(UINT32_MAX - conn->n_read_conn_bw > n_read))
4206 0 : conn->n_read_conn_bw += (int)n_read;
4207 : else
4208 0 : conn->n_read_conn_bw = UINT32_MAX;
4209 : }
4210 : }
4211 :
4212 0 : connection_buckets_decrement(conn, approx_time(), n_read, n_written);
4213 :
4214 0 : if (more_to_read && result == at_most) {
4215 0 : slack_in_buf = buf_slack(conn->inbuf);
4216 0 : at_most = more_to_read;
4217 0 : goto again;
4218 : }
4219 :
4220 : /* Call even if result is 0, since the global read bucket may
4221 : * have reached 0 on a different conn, and this connection needs to
4222 : * know to stop reading. */
4223 0 : connection_consider_empty_read_buckets(conn);
4224 0 : if (n_written > 0 && connection_is_writing(conn))
4225 0 : connection_consider_empty_write_buckets(conn);
4226 :
4227 : return 0;
4228 : }
4229 :
4230 : /** A pass-through to fetch_from_buf. */
4231 : int
4232 16 : connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
4233 : {
4234 16 : return buf_get_bytes(conn->inbuf, string, len);
4235 : }
4236 :
4237 : /** As buf_get_line(), but read from a connection's input buffer. */
4238 : int
4239 0 : connection_buf_get_line(connection_t *conn, char *data,
4240 : size_t *data_len)
4241 : {
4242 0 : return buf_get_line(conn->inbuf, data, data_len);
4243 : }
4244 :
4245 : /** As fetch_from_buf_http, but fetches from a connection's input buffer_t as
4246 : * appropriate. */
4247 : int
4248 5 : connection_fetch_from_buf_http(connection_t *conn,
4249 : char **headers_out, size_t max_headerlen,
4250 : char **body_out, size_t *body_used,
4251 : size_t max_bodylen, int force_complete)
4252 : {
4253 5 : return fetch_from_buf_http(conn->inbuf, headers_out, max_headerlen,
4254 : body_out, body_used, max_bodylen, force_complete);
4255 : }
4256 :
4257 : /** Return true if this connection has data to flush. */
4258 : int
4259 6 : connection_wants_to_flush(connection_t *conn)
4260 : {
4261 6 : return connection_get_outbuf_len(conn) > 0;
4262 : }
4263 :
4264 : /** Are there too many bytes on edge connection <b>conn</b>'s outbuf to
4265 : * send back a relay-level sendme yet? Return 1 if so, 0 if not. Used by
4266 : * connection_edge_consider_sending_sendme().
4267 : */
4268 : int
4269 2 : connection_outbuf_too_full(connection_t *conn)
4270 : {
4271 2 : return connection_get_outbuf_len(conn) > 10*CELL_PAYLOAD_SIZE;
4272 : }
4273 :
4274 : /**
4275 : * On Windows Vista and Windows 7, tune the send buffer size according to a
4276 : * hint from the OS.
4277 : *
4278 : * This should help fix slow upload rates.
4279 : */
4280 : static void
4281 : update_send_buffer_size(tor_socket_t sock)
4282 : {
4283 : #ifdef _WIN32
4284 : /* We only do this on Vista and 7, because earlier versions of Windows
4285 : * don't have the SIO_IDEAL_SEND_BACKLOG_QUERY functionality, and on
4286 : * later versions it isn't necessary. */
4287 : static int isVistaOr7 = -1;
4288 : if (isVistaOr7 == -1) {
4289 : isVistaOr7 = 0;
4290 : OSVERSIONINFO osvi = { 0 };
4291 : osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
4292 : GetVersionEx(&osvi);
4293 : if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion < 2)
4294 : isVistaOr7 = 1;
4295 : }
4296 : if (!isVistaOr7)
4297 : return;
4298 : if (get_options()->ConstrainedSockets)
4299 : return;
4300 : ULONG isb = 0;
4301 : DWORD bytesReturned = 0;
4302 : if (!WSAIoctl(sock, SIO_IDEAL_SEND_BACKLOG_QUERY, NULL, 0,
4303 : &isb, sizeof(isb), &bytesReturned, NULL, NULL)) {
4304 : setsockopt(sock, SOL_SOCKET, SO_SNDBUF, (const char*)&isb, sizeof(isb));
4305 : }
4306 : #else /* !defined(_WIN32) */
4307 : (void) sock;
4308 : #endif /* defined(_WIN32) */
4309 : }
4310 :
4311 : /** Try to flush more bytes onto <b>conn</b>-\>s.
4312 : *
4313 : * This function is called in connection_handle_write(), which gets
4314 : * called from conn_write_callback() in main.c when libevent tells us
4315 : * that <b>conn</b> wants to write.
4316 : *
4317 : * Update <b>conn</b>-\>timestamp_last_write_allowed to now, and call flush_buf
4318 : * or flush_buf_tls appropriately. If it succeeds and there are no more
4319 : * more bytes on <b>conn</b>-\>outbuf, then call connection_finished_flushing
4320 : * on it too.
4321 : *
4322 : * If <b>force</b>, then write as many bytes as possible, ignoring bandwidth
4323 : * limits. (Used for flushing messages to controller connections on fatal
4324 : * errors.)
4325 : *
4326 : * Mark the connection and return -1 if you want to close it, else
4327 : * return 0.
4328 : */
4329 : static int
4330 0 : connection_handle_write_impl(connection_t *conn, int force)
4331 : {
4332 0 : int e;
4333 0 : socklen_t len=(socklen_t)sizeof(e);
4334 0 : int result;
4335 0 : ssize_t max_to_write;
4336 0 : time_t now = approx_time();
4337 0 : size_t n_read = 0, n_written = 0;
4338 0 : int dont_stop_writing = 0;
4339 :
4340 0 : tor_assert(!connection_is_listener(conn));
4341 :
4342 0 : if (conn->marked_for_close || !SOCKET_OK(conn->s))
4343 : return 0; /* do nothing */
4344 :
4345 0 : if (conn->in_flushed_some) {
4346 0 : log_warn(LD_BUG, "called recursively from inside conn->in_flushed_some");
4347 0 : return 0;
4348 : }
4349 :
4350 0 : conn->timestamp_last_write_allowed = now;
4351 :
4352 0 : connection_bucket_refill_single(conn, monotime_coarse_get_stamp());
4353 :
4354 : /* Sometimes, "writable" means "connected". */
4355 0 : if (connection_state_is_connecting(conn)) {
4356 0 : if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (void*)&e, &len) < 0) {
4357 0 : log_warn(LD_BUG, "getsockopt() syscall failed");
4358 0 : if (conn->type == CONN_TYPE_OR) {
4359 0 : or_connection_t *orconn = TO_OR_CONN(conn);
4360 0 : connection_or_close_for_error(orconn, 0);
4361 : } else {
4362 0 : if (CONN_IS_EDGE(conn)) {
4363 0 : connection_edge_end_errno(TO_EDGE_CONN(conn));
4364 : }
4365 0 : connection_mark_for_close(conn);
4366 : }
4367 0 : return -1;
4368 : }
4369 0 : if (e) {
4370 : /* some sort of error, but maybe just inprogress still */
4371 0 : if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
4372 0 : log_info(LD_NET,"in-progress connect failed. Removing. (%s)",
4373 : tor_socket_strerror(e));
4374 0 : if (CONN_IS_EDGE(conn))
4375 0 : connection_edge_end_errno(TO_EDGE_CONN(conn));
4376 0 : if (conn->type == CONN_TYPE_OR)
4377 0 : connection_or_notify_error(TO_OR_CONN(conn),
4378 : errno_to_orconn_end_reason(e),
4379 0 : tor_socket_strerror(e));
4380 :
4381 0 : connection_close_immediate(conn);
4382 : /*
4383 : * This can bypass normal channel checking since we did
4384 : * connection_or_notify_error() above.
4385 : */
4386 0 : connection_mark_for_close_internal(conn);
4387 0 : return -1;
4388 : } else {
4389 : return 0; /* no change, see if next time is better */
4390 : }
4391 : }
4392 : /* The connection is successful. */
4393 0 : if (connection_finished_connecting(conn)<0)
4394 : return -1;
4395 : }
4396 :
4397 0 : max_to_write = force ? (ssize_t)buf_datalen(conn->outbuf)
4398 0 : : connection_bucket_write_limit(conn, now);
4399 :
4400 0 : if (connection_speaks_cells(conn) &&
4401 0 : conn->state > OR_CONN_STATE_PROXY_HANDSHAKING) {
4402 0 : or_connection_t *or_conn = TO_OR_CONN(conn);
4403 0 : size_t initial_size;
4404 0 : if (conn->state == OR_CONN_STATE_TLS_HANDSHAKING ||
4405 : conn->state == OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING) {
4406 0 : connection_stop_writing(conn);
4407 0 : if (connection_tls_continue_handshake(or_conn) < 0) {
4408 : /* Don't flush; connection is dead. */
4409 0 : connection_or_notify_error(or_conn,
4410 : END_OR_CONN_REASON_MISC,
4411 : "TLS error in connection_tls_"
4412 : "continue_handshake()");
4413 0 : connection_close_immediate(conn);
4414 : /*
4415 : * This can bypass normal channel checking since we did
4416 : * connection_or_notify_error() above.
4417 : */
4418 0 : connection_mark_for_close_internal(conn);
4419 0 : return -1;
4420 : }
4421 : return 0;
4422 0 : } else if (conn->state == OR_CONN_STATE_TLS_SERVER_RENEGOTIATING) {
4423 0 : return connection_handle_read(conn);
4424 : }
4425 :
4426 : /* else open, or closing */
4427 0 : initial_size = buf_datalen(conn->outbuf);
4428 0 : result = buf_flush_to_tls(conn->outbuf, or_conn->tls,
4429 : max_to_write);
4430 :
4431 0 : if (result >= 0)
4432 : update_send_buffer_size(conn->s);
4433 :
4434 : /* If we just flushed the last bytes, tell the channel on the
4435 : * or_conn to check if it needs to geoip_change_dirreq_state() */
4436 : /* XXXX move this to flushed_some or finished_flushing -NM */
4437 0 : if (buf_datalen(conn->outbuf) == 0 && or_conn->chan)
4438 0 : channel_notify_flushed(TLS_CHAN_TO_BASE(or_conn->chan));
4439 :
4440 0 : switch (result) {
4441 0 : CASE_TOR_TLS_ERROR_ANY:
4442 : case TOR_TLS_CLOSE:
4443 0 : or_conn->tls_error = result;
4444 0 : log_info(LD_NET, result != TOR_TLS_CLOSE ?
4445 : "tls error. breaking.":"TLS connection closed on flush");
4446 : /* Don't flush; connection is dead. */
4447 0 : connection_or_notify_error(or_conn,
4448 : END_OR_CONN_REASON_MISC,
4449 : result != TOR_TLS_CLOSE ?
4450 : "TLS error in during flush" :
4451 : "TLS closed during flush");
4452 0 : connection_close_immediate(conn);
4453 : /*
4454 : * This can bypass normal channel checking since we did
4455 : * connection_or_notify_error() above.
4456 : */
4457 0 : connection_mark_for_close_internal(conn);
4458 0 : return -1;
4459 : case TOR_TLS_WANTWRITE:
4460 0 : log_debug(LD_NET,"wanted write.");
4461 : /* we're already writing */
4462 0 : dont_stop_writing = 1;
4463 0 : break;
4464 : case TOR_TLS_WANTREAD:
4465 : /* Make sure to avoid a loop if the receive buckets are empty. */
4466 0 : log_debug(LD_NET,"wanted read.");
4467 0 : if (!connection_is_reading(conn)) {
4468 0 : connection_write_bw_exhausted(conn, true);
4469 : /* we'll start reading again when we get more tokens in our
4470 : * read bucket; then we'll start writing again too.
4471 : */
4472 : }
4473 : /* else no problem, we're already reading */
4474 0 : return 0;
4475 : /* case TOR_TLS_DONE:
4476 : * for TOR_TLS_DONE, fall through to check if the flushlen
4477 : * is empty, so we can stop writing.
4478 : */
4479 : }
4480 :
4481 0 : tor_tls_get_n_raw_bytes(or_conn->tls, &n_read, &n_written);
4482 0 : log_debug(LD_GENERAL, "After TLS write of %d: %ld read, %ld written",
4483 : result, (long)n_read, (long)n_written);
4484 0 : or_conn->bytes_xmitted += result;
4485 0 : or_conn->bytes_xmitted_by_tls += n_written;
4486 : /* So we notice bytes were written even on error */
4487 : /* XXXX This cast is safe since we can never write INT_MAX bytes in a
4488 : * single set of TLS operations. But it looks kinda ugly. If we refactor
4489 : * the *_buf_tls functions, we should make them return ssize_t or size_t
4490 : * or something. */
4491 0 : result = (int)(initial_size-buf_datalen(conn->outbuf));
4492 : } else {
4493 0 : CONN_LOG_PROTECT(conn,
4494 : result = buf_flush_to_socket(conn->outbuf, conn->s,
4495 : max_to_write));
4496 0 : if (result < 0) {
4497 0 : if (CONN_IS_EDGE(conn))
4498 0 : connection_edge_end_errno(TO_EDGE_CONN(conn));
4499 0 : if (conn->type == CONN_TYPE_AP) {
4500 : /* writing failed; we couldn't send a SOCKS reply if we wanted to */
4501 0 : TO_ENTRY_CONN(conn)->socks_request->has_finished = 1;
4502 : }
4503 :
4504 0 : connection_close_immediate(conn); /* Don't flush; connection is dead. */
4505 0 : connection_mark_for_close(conn);
4506 0 : return -1;
4507 : }
4508 0 : update_send_buffer_size(conn->s);
4509 0 : n_written = (size_t) result;
4510 : }
4511 :
4512 0 : if (n_written && conn->type == CONN_TYPE_AP) {
4513 0 : edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
4514 :
4515 : /* Check for overflow: */
4516 0 : if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_written > n_written))
4517 0 : edge_conn->n_written += (int)n_written;
4518 : else
4519 0 : edge_conn->n_written = UINT32_MAX;
4520 : }
4521 :
4522 : /* If CONN_BW events are enabled, update conn->n_written_conn_bw for
4523 : * OR/DIR/EXIT connections, checking for overflow. */
4524 0 : if (n_written && get_options()->TestingEnableConnBwEvent &&
4525 0 : (conn->type == CONN_TYPE_OR ||
4526 0 : conn->type == CONN_TYPE_DIR ||
4527 : conn->type == CONN_TYPE_EXIT)) {
4528 0 : if (PREDICT_LIKELY(UINT32_MAX - conn->n_written_conn_bw > n_written))
4529 0 : conn->n_written_conn_bw += (int)n_written;
4530 : else
4531 0 : conn->n_written_conn_bw = UINT32_MAX;
4532 : }
4533 :
4534 0 : connection_buckets_decrement(conn, approx_time(), n_read, n_written);
4535 :
4536 0 : if (result > 0) {
4537 : /* If we wrote any bytes from our buffer, then call the appropriate
4538 : * functions. */
4539 0 : if (connection_flushed_some(conn) < 0) {
4540 0 : if (connection_speaks_cells(conn)) {
4541 0 : connection_or_notify_error(TO_OR_CONN(conn),
4542 : END_OR_CONN_REASON_MISC,
4543 : "Got error back from "
4544 : "connection_flushed_some()");
4545 : }
4546 :
4547 : /*
4548 : * This can bypass normal channel checking since we did
4549 : * connection_or_notify_error() above.
4550 : */
4551 0 : connection_mark_for_close_internal(conn);
4552 : }
4553 : }
4554 :
4555 0 : if (!connection_wants_to_flush(conn) &&
4556 : !dont_stop_writing) { /* it's done flushing */
4557 0 : if (connection_finished_flushing(conn) < 0) {
4558 : /* already marked */
4559 : return -1;
4560 : }
4561 0 : return 0;
4562 : }
4563 :
4564 : /* Call even if result is 0, since the global write bucket may
4565 : * have reached 0 on a different conn, and this connection needs to
4566 : * know to stop writing. */
4567 0 : connection_consider_empty_write_buckets(conn);
4568 0 : if (n_read > 0 && connection_is_reading(conn))
4569 0 : connection_consider_empty_read_buckets(conn);
4570 :
4571 : return 0;
4572 : }
4573 :
4574 : /* DOCDOC connection_handle_write */
4575 : int
4576 0 : connection_handle_write(connection_t *conn, int force)
4577 : {
4578 0 : int res;
4579 0 : update_current_time(time(NULL));
4580 : /* connection_handle_write_impl() might call connection_handle_read()
4581 : * if we're in the middle of a v2 handshake, in which case it needs this
4582 : * flag set. */
4583 0 : conn->in_connection_handle_write = 1;
4584 0 : res = connection_handle_write_impl(conn, force);
4585 0 : conn->in_connection_handle_write = 0;
4586 0 : return res;
4587 : }
4588 :
4589 : /**
4590 : * Try to flush data that's waiting for a write on <b>conn</b>. Return
4591 : * -1 on failure, 0 on success.
4592 : *
4593 : * Don't use this function for regular writing; the buffers
4594 : * system should be good enough at scheduling writes there. Instead, this
4595 : * function is for cases when we're about to exit or something and we want
4596 : * to report it right away.
4597 : */
4598 : int
4599 0 : connection_flush(connection_t *conn)
4600 : {
4601 0 : return connection_handle_write(conn, 1);
4602 : }
4603 :
4604 : /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4605 : *
4606 : * Return true iff it is okay to queue bytes on <b>conn</b>'s outbuf for
4607 : * writing.
4608 : */
4609 : static int
4610 44 : connection_may_write_to_buf(connection_t *conn)
4611 : {
4612 : /* if it's marked for close, only allow write if we mean to flush it */
4613 44 : if (conn->marked_for_close && !conn->hold_open_until_flushed)
4614 0 : return 0;
4615 :
4616 : return 1;
4617 : }
4618 :
4619 : /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4620 : *
4621 : * Called when an attempt to add bytes on <b>conn</b>'s outbuf has failed;
4622 : * mark the connection and warn as appropriate.
4623 : */
4624 : static void
4625 0 : connection_write_to_buf_failed(connection_t *conn)
4626 : {
4627 0 : if (CONN_IS_EDGE(conn)) {
4628 : /* if it failed, it means we have our package/delivery windows set
4629 : wrong compared to our max outbuf size. close the whole circuit. */
4630 0 : log_warn(LD_NET,
4631 : "write_to_buf failed. Closing circuit (fd %d).", (int)conn->s);
4632 0 : circuit_mark_for_close(circuit_get_by_edge_conn(TO_EDGE_CONN(conn)),
4633 : END_CIRC_REASON_INTERNAL);
4634 0 : } else if (conn->type == CONN_TYPE_OR) {
4635 0 : or_connection_t *orconn = TO_OR_CONN(conn);
4636 0 : log_warn(LD_NET,
4637 : "write_to_buf failed on an orconn; notifying of error "
4638 : "(fd %d)", (int)(conn->s));
4639 0 : connection_or_close_for_error(orconn, 0);
4640 : } else {
4641 0 : log_warn(LD_NET,
4642 : "write_to_buf failed. Closing connection (fd %d).",
4643 : (int)conn->s);
4644 0 : connection_mark_for_close(conn);
4645 : }
4646 0 : }
4647 :
4648 : /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4649 : *
4650 : * Called when an attempt to add bytes on <b>conn</b>'s outbuf has succeeded:
4651 : * start writing if appropriate.
4652 : */
4653 : static void
4654 44 : connection_write_to_buf_commit(connection_t *conn)
4655 : {
4656 : /* If we receive optimistic data in the EXIT_CONN_STATE_RESOLVING
4657 : * state, we don't want to try to write it right away, since
4658 : * conn->write_event won't be set yet. Otherwise, write data from
4659 : * this conn as the socket is available. */
4660 44 : if (conn->write_event) {
4661 0 : connection_start_writing(conn);
4662 : }
4663 44 : }
4664 :
4665 : /** Append <b>len</b> bytes of <b>string</b> onto <b>conn</b>'s
4666 : * outbuf, and ask it to start writing.
4667 : *
4668 : * If <b>zlib</b> is nonzero, this is a directory connection that should get
4669 : * its contents compressed or decompressed as they're written. If zlib is
4670 : * negative, this is the last data to be compressed, and the connection's zlib
4671 : * state should be flushed.
4672 : */
4673 14 : MOCK_IMPL(void,
4674 : connection_write_to_buf_impl_,(const char *string, size_t len,
4675 : connection_t *conn, int zlib))
4676 : {
4677 : /* XXXX This function really needs to return -1 on failure. */
4678 14 : int r;
4679 14 : if (!len && !(zlib<0))
4680 : return;
4681 :
4682 13 : if (!connection_may_write_to_buf(conn))
4683 : return;
4684 :
4685 13 : if (zlib) {
4686 0 : dir_connection_t *dir_conn = TO_DIR_CONN(conn);
4687 0 : int done = zlib < 0;
4688 0 : CONN_LOG_PROTECT(conn, r = buf_add_compress(conn->outbuf,
4689 : dir_conn->compress_state,
4690 : string, len, done));
4691 : } else {
4692 13 : CONN_LOG_PROTECT(conn, r = buf_add(conn->outbuf, string, len));
4693 : }
4694 13 : if (r < 0) {
4695 0 : connection_write_to_buf_failed(conn);
4696 0 : return;
4697 : }
4698 13 : connection_write_to_buf_commit(conn);
4699 : }
4700 :
4701 : /**
4702 : * Write a <b>string</b> (of size <b>len</b> to directory connection
4703 : * <b>dir_conn</b>. Apply compression if connection is configured to use
4704 : * it and finalize it if <b>done</b> is true.
4705 : */
4706 : void
4707 15 : connection_dir_buf_add(const char *string, size_t len,
4708 : dir_connection_t *dir_conn, int done)
4709 : {
4710 15 : if (dir_conn->compress_state != NULL) {
4711 2 : connection_buf_add_compress(string, len, dir_conn, done);
4712 2 : return;
4713 : }
4714 :
4715 13 : connection_buf_add(string, len, TO_CONN(dir_conn));
4716 : }
4717 :
4718 : void
4719 3 : connection_buf_add_compress(const char *string, size_t len,
4720 : dir_connection_t *conn, int done)
4721 : {
4722 4 : connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1);
4723 3 : }
4724 :
4725 : /**
4726 : * Add all bytes from <b>buf</b> to <b>conn</b>'s outbuf, draining them
4727 : * from <b>buf</b>. (If the connection is marked and will soon be closed,
4728 : * nothing is drained.)
4729 : */
4730 : void
4731 31 : connection_buf_add_buf(connection_t *conn, buf_t *buf)
4732 : {
4733 31 : tor_assert(conn);
4734 31 : tor_assert(buf);
4735 31 : size_t len = buf_datalen(buf);
4736 31 : if (len == 0)
4737 : return;
4738 :
4739 31 : if (!connection_may_write_to_buf(conn))
4740 : return;
4741 :
4742 31 : buf_move_all(conn->outbuf, buf);
4743 31 : connection_write_to_buf_commit(conn);
4744 : }
4745 :
4746 : #define CONN_GET_ALL_TEMPLATE(var, test) \
4747 : STMT_BEGIN \
4748 : smartlist_t *conns = get_connection_array(); \
4749 : smartlist_t *ret_conns = smartlist_new(); \
4750 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, var) { \
4751 : if (var && (test) && !var->marked_for_close) \
4752 : smartlist_add(ret_conns, var); \
4753 : } SMARTLIST_FOREACH_END(var); \
4754 : return ret_conns; \
4755 : STMT_END
4756 :
4757 : /* Return a list of connections that aren't close and matches the given type
4758 : * and state. The returned list can be empty and must be freed using
4759 : * smartlist_free(). The caller does NOT have ownership of the objects in the
4760 : * list so it must not free them nor reference them as they can disappear. */
4761 : smartlist_t *
4762 45182 : connection_list_by_type_state(int type, int state)
4763 : {
4764 45191 : CONN_GET_ALL_TEMPLATE(conn, (conn->type == type && conn->state == state));
4765 : }
4766 :
4767 : /* Return a list of connections that aren't close and matches the given type
4768 : * and purpose. The returned list can be empty and must be freed using
4769 : * smartlist_free(). The caller does NOT have ownership of the objects in the
4770 : * list so it must not free them nor reference them as they can disappear. */
4771 : smartlist_t *
4772 11 : connection_list_by_type_purpose(int type, int purpose)
4773 : {
4774 14 : CONN_GET_ALL_TEMPLATE(conn,
4775 : (conn->type == type && conn->purpose == purpose));
4776 : }
4777 :
4778 : /** Return a connection_t * from get_connection_array() that satisfies test on
4779 : * var, and that is not marked for close. */
4780 : #define CONN_GET_TEMPLATE(var, test) \
4781 : STMT_BEGIN \
4782 : smartlist_t *conns = get_connection_array(); \
4783 : SMARTLIST_FOREACH(conns, connection_t *, var, \
4784 : { \
4785 : if (var && (test) && !var->marked_for_close) \
4786 : return var; \
4787 : }); \
4788 : return NULL; \
4789 : STMT_END
4790 :
4791 : /** Return a connection with given type, address, port, and purpose;
4792 : * or NULL if no such connection exists (or if all such connections are marked
4793 : * for close). */
4794 12 : MOCK_IMPL(connection_t *,
4795 : connection_get_by_type_addr_port_purpose,(int type,
4796 : const tor_addr_t *addr, uint16_t port,
4797 : int purpose))
4798 : {
4799 18 : CONN_GET_TEMPLATE(conn,
4800 : (conn->type == type &&
4801 : tor_addr_eq(&conn->addr, addr) &&
4802 : conn->port == port &&
4803 : conn->purpose == purpose));
4804 : }
4805 :
4806 : /** Return the stream with id <b>id</b> if it is not already marked for
4807 : * close.
4808 : */
4809 : connection_t *
4810 2 : connection_get_by_global_id(uint64_t id)
4811 : {
4812 3 : CONN_GET_TEMPLATE(conn, conn->global_identifier == id);
4813 : }
4814 :
4815 : /** Return a connection of type <b>type</b> that is not marked for close.
4816 : */
4817 : connection_t *
4818 16 : connection_get_by_type(int type)
4819 : {
4820 18 : CONN_GET_TEMPLATE(conn, conn->type == type);
4821 : }
4822 :
4823 : /** Return a connection of type <b>type</b> that is in state <b>state</b>,
4824 : * and that is not marked for close.
4825 : */
4826 : connection_t *
4827 4 : connection_get_by_type_state(int type, int state)
4828 : {
4829 6 : CONN_GET_TEMPLATE(conn, conn->type == type && conn->state == state);
4830 : }
4831 :
4832 : /**
4833 : * Return a connection of type <b>type</b> that is not an internally linked
4834 : * connection, and is not marked for close.
4835 : **/
4836 1 : MOCK_IMPL(connection_t *,
4837 : connection_get_by_type_nonlinked,(int type))
4838 : {
4839 1 : CONN_GET_TEMPLATE(conn, conn->type == type && !conn->linked);
4840 : }
4841 :
4842 : /** Return a new smartlist of dir_connection_t * from get_connection_array()
4843 : * that satisfy conn_test on connection_t *conn_var, and dirconn_test on
4844 : * dir_connection_t *dirconn_var. conn_var must be of CONN_TYPE_DIR and not
4845 : * marked for close to be included in the list. */
4846 : #define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, \
4847 : dirconn_var, dirconn_test) \
4848 : STMT_BEGIN \
4849 : smartlist_t *conns = get_connection_array(); \
4850 : smartlist_t *dir_conns = smartlist_new(); \
4851 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn_var) { \
4852 : if (conn_var && (conn_test) \
4853 : && conn_var->type == CONN_TYPE_DIR \
4854 : && !conn_var->marked_for_close) { \
4855 : dir_connection_t *dirconn_var = TO_DIR_CONN(conn_var); \
4856 : if (dirconn_var && (dirconn_test)) { \
4857 : smartlist_add(dir_conns, dirconn_var); \
4858 : } \
4859 : } \
4860 : } SMARTLIST_FOREACH_END(conn_var); \
4861 : return dir_conns; \
4862 : STMT_END
4863 :
4864 : /** Return a list of directory connections that are fetching the item
4865 : * described by <b>purpose</b>/<b>resource</b>. If there are none,
4866 : * return an empty list. This list must be freed using smartlist_free,
4867 : * but the pointers in it must not be freed.
4868 : * Note that this list should not be cached, as the pointers in it can be
4869 : * freed if their connections close. */
4870 : smartlist_t *
4871 65 : connection_dir_list_by_purpose_and_resource(
4872 : int purpose,
4873 : const char *resource)
4874 : {
4875 253 : DIR_CONN_LIST_TEMPLATE(conn,
4876 : conn->purpose == purpose,
4877 : dirconn,
4878 : 0 == strcmp_opt(resource,
4879 : dirconn->requested_resource));
4880 : }
4881 :
4882 : /** Return a list of directory connections that are fetching the item
4883 : * described by <b>purpose</b>/<b>resource</b>/<b>state</b>. If there are
4884 : * none, return an empty list. This list must be freed using smartlist_free,
4885 : * but the pointers in it must not be freed.
4886 : * Note that this list should not be cached, as the pointers in it can be
4887 : * freed if their connections close. */
4888 : smartlist_t *
4889 64 : connection_dir_list_by_purpose_resource_and_state(
4890 : int purpose,
4891 : const char *resource,
4892 : int state)
4893 : {
4894 252 : DIR_CONN_LIST_TEMPLATE(conn,
4895 : conn->purpose == purpose && conn->state == state,
4896 : dirconn,
4897 : 0 == strcmp_opt(resource,
4898 : dirconn->requested_resource));
4899 : }
4900 :
4901 : #undef DIR_CONN_LIST_TEMPLATE
4902 :
4903 : /** Return an arbitrary active OR connection that isn't <b>this_conn</b>.
4904 : *
4905 : * We use this to guess if we should tell the controller that we
4906 : * didn't manage to connect to any of our bridges. */
4907 : static connection_t *
4908 0 : connection_get_another_active_or_conn(const or_connection_t *this_conn)
4909 : {
4910 0 : CONN_GET_TEMPLATE(conn,
4911 : conn != TO_CONN(this_conn) && conn->type == CONN_TYPE_OR);
4912 : }
4913 :
4914 : /** Return 1 if there are any active OR connections apart from
4915 : * <b>this_conn</b>.
4916 : *
4917 : * We use this to guess if we should tell the controller that we
4918 : * didn't manage to connect to any of our bridges. */
4919 : int
4920 0 : any_other_active_or_conns(const or_connection_t *this_conn)
4921 : {
4922 0 : connection_t *conn = connection_get_another_active_or_conn(this_conn);
4923 0 : if (conn != NULL) {
4924 0 : log_debug(LD_DIR, "%s: Found an OR connection: %s",
4925 : __func__, connection_describe(conn));
4926 0 : return 1;
4927 : }
4928 :
4929 : return 0;
4930 : }
4931 :
4932 : #undef CONN_GET_TEMPLATE
4933 :
4934 : /** Return 1 if <b>conn</b> is a listener conn, else return 0. */
4935 : int
4936 666 : connection_is_listener(connection_t *conn)
4937 : {
4938 666 : if (conn->type == CONN_TYPE_OR_LISTENER ||
4939 : conn->type == CONN_TYPE_EXT_OR_LISTENER ||
4940 : conn->type == CONN_TYPE_AP_LISTENER ||
4941 : conn->type == CONN_TYPE_AP_TRANS_LISTENER ||
4942 : conn->type == CONN_TYPE_AP_DNS_LISTENER ||
4943 : conn->type == CONN_TYPE_AP_NATD_LISTENER ||
4944 : conn->type == CONN_TYPE_AP_HTTP_CONNECT_LISTENER ||
4945 : conn->type == CONN_TYPE_DIR_LISTENER ||
4946 : conn->type == CONN_TYPE_METRICS_LISTENER ||
4947 : conn->type == CONN_TYPE_CONTROL_LISTENER)
4948 8 : return 1;
4949 : return 0;
4950 : }
4951 :
4952 : /** Return 1 if <b>conn</b> is in state "open" and is not marked
4953 : * for close, else return 0.
4954 : */
4955 : int
4956 16 : connection_state_is_open(connection_t *conn)
4957 : {
4958 16 : tor_assert(conn);
4959 :
4960 16 : if (conn->marked_for_close)
4961 : return 0;
4962 :
4963 16 : if ((conn->type == CONN_TYPE_OR && conn->state == OR_CONN_STATE_OPEN) ||
4964 16 : (conn->type == CONN_TYPE_EXT_OR) ||
4965 3 : (conn->type == CONN_TYPE_AP && conn->state == AP_CONN_STATE_OPEN) ||
4966 3 : (conn->type == CONN_TYPE_EXIT && conn->state == EXIT_CONN_STATE_OPEN) ||
4967 : (conn->type == CONN_TYPE_CONTROL &&
4968 : conn->state == CONTROL_CONN_STATE_OPEN))
4969 13 : return 1;
4970 :
4971 : return 0;
4972 : }
4973 :
4974 : /** Return 1 if conn is in 'connecting' state, else return 0. */
4975 : int
4976 0 : connection_state_is_connecting(connection_t *conn)
4977 : {
4978 0 : tor_assert(conn);
4979 :
4980 0 : if (conn->marked_for_close)
4981 : return 0;
4982 0 : switch (conn->type)
4983 : {
4984 0 : case CONN_TYPE_OR:
4985 0 : return conn->state == OR_CONN_STATE_CONNECTING;
4986 0 : case CONN_TYPE_EXIT:
4987 0 : return conn->state == EXIT_CONN_STATE_CONNECTING;
4988 0 : case CONN_TYPE_DIR:
4989 0 : return conn->state == DIR_CONN_STATE_CONNECTING;
4990 : }
4991 :
4992 : return 0;
4993 : }
4994 :
4995 : /** Allocates a base64'ed authenticator for use in http or https
4996 : * auth, based on the input string <b>authenticator</b>. Returns it
4997 : * if success, else returns NULL. */
4998 : char *
4999 0 : alloc_http_authenticator(const char *authenticator)
5000 : {
5001 : /* an authenticator in Basic authentication
5002 : * is just the string "username:password" */
5003 0 : const size_t authenticator_length = strlen(authenticator);
5004 0 : const size_t base64_authenticator_length =
5005 0 : base64_encode_size(authenticator_length, 0) + 1;
5006 0 : char *base64_authenticator = tor_malloc(base64_authenticator_length);
5007 0 : if (base64_encode(base64_authenticator, base64_authenticator_length,
5008 : authenticator, authenticator_length, 0) < 0) {
5009 0 : tor_free(base64_authenticator); /* free and set to null */
5010 : }
5011 0 : return base64_authenticator;
5012 : }
5013 :
5014 : /** Given a socket handle, check whether the local address (sockname) of the
5015 : * socket is one that we've connected from before. If so, double-check
5016 : * whether our address has changed and we need to generate keys. If we do,
5017 : * call init_keys().
5018 : */
5019 : static void
5020 0 : client_check_address_changed(tor_socket_t sock)
5021 : {
5022 0 : tor_addr_t out_addr, iface_addr;
5023 0 : tor_addr_t **last_interface_ip_ptr;
5024 0 : sa_family_t family;
5025 :
5026 0 : if (!outgoing_addrs)
5027 0 : outgoing_addrs = smartlist_new();
5028 :
5029 0 : if (tor_addr_from_getsockname(&out_addr, sock) < 0) {
5030 0 : int e = tor_socket_errno(sock);
5031 0 : log_warn(LD_NET, "getsockname() to check for address change failed: %s",
5032 : tor_socket_strerror(e));
5033 0 : return;
5034 : }
5035 0 : family = tor_addr_family(&out_addr);
5036 :
5037 0 : if (family == AF_INET)
5038 : last_interface_ip_ptr = &last_interface_ipv4;
5039 0 : else if (family == AF_INET6)
5040 : last_interface_ip_ptr = &last_interface_ipv6;
5041 : else
5042 : return;
5043 :
5044 0 : if (! *last_interface_ip_ptr) {
5045 0 : tor_addr_t *a = tor_malloc_zero(sizeof(tor_addr_t));
5046 0 : if (get_interface_address6(LOG_INFO, family, a)==0) {
5047 0 : *last_interface_ip_ptr = a;
5048 : } else {
5049 0 : tor_free(a);
5050 : }
5051 : }
5052 :
5053 : /* If we've used this address previously, we're okay. */
5054 0 : SMARTLIST_FOREACH(outgoing_addrs, const tor_addr_t *, a_ptr,
5055 : if (tor_addr_eq(a_ptr, &out_addr))
5056 : return;
5057 : );
5058 :
5059 : /* Uh-oh. We haven't connected from this address before. Has the interface
5060 : * address changed? */
5061 0 : if (get_interface_address6(LOG_INFO, family, &iface_addr)<0)
5062 : return;
5063 :
5064 0 : if (tor_addr_eq(&iface_addr, *last_interface_ip_ptr)) {
5065 : /* Nope, it hasn't changed. Add this address to the list. */
5066 0 : smartlist_add(outgoing_addrs, tor_memdup(&out_addr, sizeof(tor_addr_t)));
5067 : } else {
5068 : /* The interface changed. We're a client, so we need to regenerate our
5069 : * keys. First, reset the state. */
5070 0 : log_notice(LD_NET, "Our IP address has changed. Rotating keys...");
5071 0 : tor_addr_copy(*last_interface_ip_ptr, &iface_addr);
5072 0 : SMARTLIST_FOREACH(outgoing_addrs, tor_addr_t*, a_ptr, tor_free(a_ptr));
5073 0 : smartlist_clear(outgoing_addrs);
5074 0 : smartlist_add(outgoing_addrs, tor_memdup(&out_addr, sizeof(tor_addr_t)));
5075 : /* We'll need to resolve ourselves again. */
5076 0 : resolved_addr_reset_last(AF_INET);
5077 : /* Okay, now change our keys. */
5078 0 : ip_address_changed(1);
5079 : }
5080 : }
5081 :
5082 : /** Some systems have limited system buffers for recv and xmit on
5083 : * sockets allocated in a virtual server or similar environment. For a Tor
5084 : * server this can produce the "Error creating network socket: No buffer
5085 : * space available" error once all available TCP buffer space is consumed.
5086 : * This method will attempt to constrain the buffers allocated for the socket
5087 : * to the desired size to stay below system TCP buffer limits.
5088 : */
5089 : static void
5090 0 : set_constrained_socket_buffers(tor_socket_t sock, int size)
5091 : {
5092 0 : void *sz = (void*)&size;
5093 0 : socklen_t sz_sz = (socklen_t) sizeof(size);
5094 0 : if (setsockopt(sock, SOL_SOCKET, SO_SNDBUF, sz, sz_sz) < 0) {
5095 0 : int e = tor_socket_errno(sock);
5096 0 : log_warn(LD_NET, "setsockopt() to constrain send "
5097 : "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5098 : }
5099 0 : if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, sz, sz_sz) < 0) {
5100 0 : int e = tor_socket_errno(sock);
5101 0 : log_warn(LD_NET, "setsockopt() to constrain recv "
5102 : "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5103 : }
5104 0 : }
5105 :
5106 : /** Process new bytes that have arrived on conn-\>inbuf.
5107 : *
5108 : * This function just passes conn to the connection-specific
5109 : * connection_*_process_inbuf() function. It also passes in
5110 : * package_partial if wanted.
5111 : */
5112 : static int
5113 0 : connection_process_inbuf(connection_t *conn, int package_partial)
5114 : {
5115 0 : tor_assert(conn);
5116 :
5117 0 : switch (conn->type) {
5118 0 : case CONN_TYPE_OR:
5119 0 : return connection_or_process_inbuf(TO_OR_CONN(conn));
5120 0 : case CONN_TYPE_EXT_OR:
5121 0 : return connection_ext_or_process_inbuf(TO_OR_CONN(conn));
5122 0 : case CONN_TYPE_EXIT:
5123 : case CONN_TYPE_AP:
5124 0 : return connection_edge_process_inbuf(TO_EDGE_CONN(conn),
5125 : package_partial);
5126 0 : case CONN_TYPE_DIR:
5127 0 : return connection_dir_process_inbuf(TO_DIR_CONN(conn));
5128 0 : case CONN_TYPE_CONTROL:
5129 0 : return connection_control_process_inbuf(TO_CONTROL_CONN(conn));
5130 0 : case CONN_TYPE_METRICS:
5131 0 : return metrics_connection_process_inbuf(conn);
5132 0 : default:
5133 0 : log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
5134 0 : tor_fragile_assert();
5135 : return -1;
5136 : }
5137 : }
5138 :
5139 : /** Called whenever we've written data on a connection. */
5140 : static int
5141 0 : connection_flushed_some(connection_t *conn)
5142 : {
5143 0 : int r = 0;
5144 0 : tor_assert(!conn->in_flushed_some);
5145 0 : conn->in_flushed_some = 1;
5146 0 : if (conn->type == CONN_TYPE_DIR &&
5147 : conn->state == DIR_CONN_STATE_SERVER_WRITING) {
5148 0 : r = connection_dirserv_flushed_some(TO_DIR_CONN(conn));
5149 0 : } else if (conn->type == CONN_TYPE_OR) {
5150 0 : r = connection_or_flushed_some(TO_OR_CONN(conn));
5151 0 : } else if (CONN_IS_EDGE(conn)) {
5152 0 : r = connection_edge_flushed_some(TO_EDGE_CONN(conn));
5153 : }
5154 0 : conn->in_flushed_some = 0;
5155 0 : return r;
5156 : }
5157 :
5158 : /** We just finished flushing bytes to the appropriately low network layer,
5159 : * and there are no more bytes remaining in conn-\>outbuf or
5160 : * conn-\>tls to be flushed.
5161 : *
5162 : * This function just passes conn to the connection-specific
5163 : * connection_*_finished_flushing() function.
5164 : */
5165 : static int
5166 0 : connection_finished_flushing(connection_t *conn)
5167 : {
5168 0 : tor_assert(conn);
5169 :
5170 : /* If the connection is closed, don't try to do anything more here. */
5171 0 : if (CONN_IS_CLOSED(conn))
5172 : return 0;
5173 :
5174 : // log_fn(LOG_DEBUG,"entered. Socket %u.", conn->s);
5175 :
5176 0 : connection_stop_writing(conn);
5177 :
5178 0 : switch (conn->type) {
5179 0 : case CONN_TYPE_OR:
5180 0 : return connection_or_finished_flushing(TO_OR_CONN(conn));
5181 0 : case CONN_TYPE_EXT_OR:
5182 0 : return connection_ext_or_finished_flushing(TO_OR_CONN(conn));
5183 0 : case CONN_TYPE_AP:
5184 : case CONN_TYPE_EXIT:
5185 0 : return connection_edge_finished_flushing(TO_EDGE_CONN(conn));
5186 0 : case CONN_TYPE_DIR:
5187 0 : return connection_dir_finished_flushing(TO_DIR_CONN(conn));
5188 0 : case CONN_TYPE_CONTROL:
5189 0 : return connection_control_finished_flushing(TO_CONTROL_CONN(conn));
5190 0 : case CONN_TYPE_METRICS:
5191 0 : return metrics_connection_finished_flushing(conn);
5192 0 : default:
5193 0 : log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
5194 0 : tor_fragile_assert();
5195 : return -1;
5196 : }
5197 : }
5198 :
5199 : /** Called when our attempt to connect() to a server has just succeeded.
5200 : *
5201 : * This function checks if the interface address has changed (clients only),
5202 : * and then passes conn to the connection-specific
5203 : * connection_*_finished_connecting() function.
5204 : */
5205 : static int
5206 0 : connection_finished_connecting(connection_t *conn)
5207 : {
5208 0 : tor_assert(conn);
5209 :
5210 0 : if (!server_mode(get_options())) {
5211 : /* See whether getsockname() says our address changed. We need to do this
5212 : * now that the connection has finished, because getsockname() on Windows
5213 : * won't work until then. */
5214 0 : client_check_address_changed(conn->s);
5215 : }
5216 :
5217 0 : switch (conn->type)
5218 : {
5219 0 : case CONN_TYPE_OR:
5220 0 : return connection_or_finished_connecting(TO_OR_CONN(conn));
5221 0 : case CONN_TYPE_EXIT:
5222 0 : return connection_edge_finished_connecting(TO_EDGE_CONN(conn));
5223 0 : case CONN_TYPE_DIR:
5224 0 : return connection_dir_finished_connecting(TO_DIR_CONN(conn));
5225 0 : default:
5226 0 : log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
5227 0 : tor_fragile_assert();
5228 : return -1;
5229 : }
5230 : }
5231 :
5232 : /** Callback: invoked when a connection reaches an EOF event. */
5233 : static int
5234 0 : connection_reached_eof(connection_t *conn)
5235 : {
5236 0 : switch (conn->type) {
5237 0 : case CONN_TYPE_OR:
5238 : case CONN_TYPE_EXT_OR:
5239 0 : return connection_or_reached_eof(TO_OR_CONN(conn));
5240 0 : case CONN_TYPE_AP:
5241 : case CONN_TYPE_EXIT:
5242 0 : return connection_edge_reached_eof(TO_EDGE_CONN(conn));
5243 0 : case CONN_TYPE_DIR:
5244 0 : return connection_dir_reached_eof(TO_DIR_CONN(conn));
5245 0 : case CONN_TYPE_CONTROL:
5246 0 : return connection_control_reached_eof(TO_CONTROL_CONN(conn));
5247 0 : case CONN_TYPE_METRICS:
5248 0 : return metrics_connection_reached_eof(conn);
5249 0 : default:
5250 0 : log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
5251 0 : tor_fragile_assert();
5252 : return -1;
5253 : }
5254 : }
5255 :
5256 : /** Comparator for the two-orconn case in OOS victim sort */
5257 : static int
5258 2 : oos_victim_comparator_for_orconns(or_connection_t *a, or_connection_t *b)
5259 : {
5260 2 : int a_circs, b_circs;
5261 : /* Fewer circuits == higher priority for OOS kill, sort earlier */
5262 :
5263 2 : a_circs = connection_or_get_num_circuits(a);
5264 2 : b_circs = connection_or_get_num_circuits(b);
5265 :
5266 2 : if (a_circs < b_circs) return 1;
5267 2 : else if (a_circs > b_circs) return -1;
5268 0 : else return 0;
5269 : }
5270 :
5271 : /** Sort comparator for OOS victims; better targets sort before worse
5272 : * ones. */
5273 : static int
5274 2 : oos_victim_comparator(const void **a_v, const void **b_v)
5275 : {
5276 2 : connection_t *a = NULL, *b = NULL;
5277 :
5278 : /* Get connection pointers out */
5279 :
5280 2 : a = (connection_t *)(*a_v);
5281 2 : b = (connection_t *)(*b_v);
5282 :
5283 2 : tor_assert(a != NULL);
5284 2 : tor_assert(b != NULL);
5285 :
5286 : /*
5287 : * We always prefer orconns as victims currently; we won't even see
5288 : * these non-orconn cases, but if we do, sort them after orconns.
5289 : */
5290 2 : if (a->type == CONN_TYPE_OR && b->type == CONN_TYPE_OR) {
5291 2 : return oos_victim_comparator_for_orconns(TO_OR_CONN(a), TO_OR_CONN(b));
5292 : } else {
5293 : /*
5294 : * One isn't an orconn; if one is, it goes first. We currently have no
5295 : * opinions about cases where neither is an orconn.
5296 : */
5297 0 : if (a->type == CONN_TYPE_OR) return -1;
5298 0 : else if (b->type == CONN_TYPE_OR) return 1;
5299 0 : else return 0;
5300 : }
5301 : }
5302 :
5303 : /** Pick n victim connections for the OOS handler and return them in a
5304 : * smartlist.
5305 : */
5306 4 : MOCK_IMPL(STATIC smartlist_t *,
5307 : pick_oos_victims, (int n))
5308 : {
5309 4 : smartlist_t *eligible = NULL, *victims = NULL;
5310 4 : smartlist_t *conns;
5311 4 : int conn_counts_by_type[CONN_TYPE_MAX_ + 1], i;
5312 :
5313 : /*
5314 : * Big damn assumption (someone improve this someday!):
5315 : *
5316 : * Socket exhaustion normally happens on high-volume relays, and so
5317 : * most of the connections involved are orconns. We should pick victims
5318 : * by assembling a list of all orconns, and sorting them in order of
5319 : * how much 'damage' by some metric we'd be doing by dropping them.
5320 : *
5321 : * If we move on from orconns, we should probably think about incoming
5322 : * directory connections next, or exit connections. Things we should
5323 : * probably never kill are controller connections and listeners.
5324 : *
5325 : * This function will count how many connections of different types
5326 : * exist and log it for purposes of gathering data on typical OOS
5327 : * situations to guide future improvements.
5328 : */
5329 :
5330 : /* First, get the connection array */
5331 4 : conns = get_connection_array();
5332 : /*
5333 : * Iterate it and pick out eligible connection types, and log some stats
5334 : * along the way.
5335 : */
5336 4 : eligible = smartlist_new();
5337 4 : memset(conn_counts_by_type, 0, sizeof(conn_counts_by_type));
5338 20 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5339 : /* Bump the counter */
5340 16 : tor_assert(c->type <= CONN_TYPE_MAX_);
5341 16 : ++(conn_counts_by_type[c->type]);
5342 :
5343 : /* Skip anything without a socket we can free */
5344 16 : if (!(SOCKET_OK(c->s))) {
5345 0 : continue;
5346 : }
5347 :
5348 : /* Skip anything we would count as moribund */
5349 16 : if (connection_is_moribund(c)) {
5350 4 : continue;
5351 : }
5352 :
5353 12 : switch (c->type) {
5354 8 : case CONN_TYPE_OR:
5355 : /* We've got an orconn, it's eligible to be OOSed */
5356 8 : smartlist_add(eligible, c);
5357 8 : break;
5358 : default:
5359 : /* We don't know what to do with it, ignore it */
5360 : break;
5361 : }
5362 16 : } SMARTLIST_FOREACH_END(c);
5363 :
5364 : /* Log some stats */
5365 4 : if (smartlist_len(conns) > 0) {
5366 : /* At least one counter must be non-zero */
5367 4 : log_info(LD_NET, "Some stats on conn types seen during OOS follow");
5368 84 : for (i = CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5369 : /* Did we see any? */
5370 76 : if (conn_counts_by_type[i] > 0) {
5371 8 : log_info(LD_NET, "%s: %d conns",
5372 : conn_type_to_string(i),
5373 : conn_counts_by_type[i]);
5374 : }
5375 : }
5376 4 : log_info(LD_NET, "Done with OOS conn type stats");
5377 : }
5378 :
5379 : /* Did we find more eligible targets than we want to kill? */
5380 4 : if (smartlist_len(eligible) > n) {
5381 : /* Sort the list in order of target preference */
5382 2 : smartlist_sort(eligible, oos_victim_comparator);
5383 : /* Pick first n as victims */
5384 2 : victims = smartlist_new();
5385 5 : for (i = 0; i < n; ++i) {
5386 1 : smartlist_add(victims, smartlist_get(eligible, i));
5387 : }
5388 : /* Free the original list */
5389 2 : smartlist_free(eligible);
5390 : } else {
5391 : /* No, we can just call them all victims */
5392 : victims = eligible;
5393 : }
5394 :
5395 4 : return victims;
5396 : }
5397 :
5398 : /** Kill a list of connections for the OOS handler. */
5399 1 : MOCK_IMPL(STATIC void,
5400 : kill_conn_list_for_oos, (smartlist_t *conns))
5401 : {
5402 1 : if (!conns) return;
5403 :
5404 3 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5405 : /* Make sure the channel layer gets told about orconns */
5406 2 : if (c->type == CONN_TYPE_OR) {
5407 1 : connection_or_close_for_error(TO_OR_CONN(c), 1);
5408 : } else {
5409 1 : connection_mark_for_close(c);
5410 : }
5411 2 : } SMARTLIST_FOREACH_END(c);
5412 :
5413 1 : log_notice(LD_NET,
5414 : "OOS handler marked %d connections",
5415 : smartlist_len(conns));
5416 : }
5417 :
5418 : /** Check if a connection is on the way out so the OOS handler doesn't try
5419 : * to kill more than it needs. */
5420 : int
5421 16 : connection_is_moribund(connection_t *conn)
5422 : {
5423 16 : if (conn != NULL &&
5424 16 : (conn->conn_array_index < 0 ||
5425 16 : conn->marked_for_close)) {
5426 : return 1;
5427 : } else {
5428 12 : return 0;
5429 : }
5430 : }
5431 :
5432 : /** Out-of-Sockets handler; n_socks is the current number of open
5433 : * sockets, and failed is non-zero if a socket exhaustion related
5434 : * error immediately preceded this call. This is where to do
5435 : * circuit-killing heuristics as needed.
5436 : */
5437 : void
5438 15 : connection_check_oos(int n_socks, int failed)
5439 : {
5440 15 : int target_n_socks = 0, moribund_socks, socks_to_kill;
5441 15 : smartlist_t *conns;
5442 :
5443 : /* Early exit: is OOS checking disabled? */
5444 15 : if (get_options()->DisableOOSCheck) {
5445 15 : return;
5446 : }
5447 :
5448 : /* Sanity-check args */
5449 11 : tor_assert(n_socks >= 0);
5450 :
5451 : /*
5452 : * Make some log noise; keep it at debug level since this gets a chance
5453 : * to run on every connection attempt.
5454 : */
5455 16 : log_debug(LD_NET,
5456 : "Running the OOS handler (%d open sockets, %s)",
5457 : n_socks, (failed != 0) ? "exhaustion seen" : "no exhaustion");
5458 :
5459 : /*
5460 : * Check if we're really handling an OOS condition, and if so decide how
5461 : * many sockets we want to get down to. Be sure we check if the threshold
5462 : * is distinct from zero first; it's possible for this to be called a few
5463 : * times before we've finished reading the config.
5464 : */
5465 11 : if (n_socks >= get_options()->ConnLimit_high_thresh &&
5466 7 : get_options()->ConnLimit_high_thresh != 0 &&
5467 7 : get_options()->ConnLimit_ != 0) {
5468 : /* Try to get down to the low threshold */
5469 7 : target_n_socks = get_options()->ConnLimit_low_thresh;
5470 7 : log_notice(LD_NET,
5471 : "Current number of sockets %d is greater than configured "
5472 : "limit %d; OOS handler trying to get down to %d",
5473 : n_socks, get_options()->ConnLimit_high_thresh,
5474 : target_n_socks);
5475 4 : } else if (failed) {
5476 : /*
5477 : * If we're not at the limit but we hit a socket exhaustion error, try to
5478 : * drop some (but not as aggressively as ConnLimit_low_threshold, which is
5479 : * 3/4 of ConnLimit_)
5480 : */
5481 3 : target_n_socks = (n_socks * 9) / 10;
5482 3 : log_notice(LD_NET,
5483 : "We saw socket exhaustion at %d open sockets; OOS handler "
5484 : "trying to get down to %d",
5485 : n_socks, target_n_socks);
5486 : }
5487 :
5488 10 : if (target_n_socks > 0) {
5489 : /*
5490 : * It's an OOS!
5491 : *
5492 : * Count moribund sockets; it's be important that anything we decide
5493 : * to get rid of here but don't immediately close get counted as moribund
5494 : * on subsequent invocations so we don't try to kill too many things if
5495 : * connection_check_oos() gets called multiple times.
5496 : */
5497 10 : moribund_socks = connection_count_moribund();
5498 :
5499 10 : if (moribund_socks < n_socks - target_n_socks) {
5500 7 : socks_to_kill = n_socks - target_n_socks - moribund_socks;
5501 :
5502 7 : conns = pick_oos_victims(socks_to_kill);
5503 7 : if (conns) {
5504 6 : kill_conn_list_for_oos(conns);
5505 6 : log_notice(LD_NET,
5506 : "OOS handler killed %d conns", smartlist_len(conns));
5507 6 : smartlist_free(conns);
5508 : } else {
5509 1 : log_notice(LD_NET, "OOS handler failed to pick any victim conns");
5510 : }
5511 : } else {
5512 3 : log_notice(LD_NET,
5513 : "Not killing any sockets for OOS because there are %d "
5514 : "already moribund, and we only want to eliminate %d",
5515 : moribund_socks, n_socks - target_n_socks);
5516 : }
5517 : }
5518 : }
5519 :
5520 : /** Log how many bytes are used by buffers of different kinds and sizes. */
5521 : void
5522 0 : connection_dump_buffer_mem_stats(int severity)
5523 : {
5524 0 : uint64_t used_by_type[CONN_TYPE_MAX_+1];
5525 0 : uint64_t alloc_by_type[CONN_TYPE_MAX_+1];
5526 0 : int n_conns_by_type[CONN_TYPE_MAX_+1];
5527 0 : uint64_t total_alloc = 0;
5528 0 : uint64_t total_used = 0;
5529 0 : int i;
5530 0 : smartlist_t *conns = get_connection_array();
5531 :
5532 0 : memset(used_by_type, 0, sizeof(used_by_type));
5533 0 : memset(alloc_by_type, 0, sizeof(alloc_by_type));
5534 0 : memset(n_conns_by_type, 0, sizeof(n_conns_by_type));
5535 :
5536 0 : SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5537 0 : int tp = c->type;
5538 0 : ++n_conns_by_type[tp];
5539 0 : if (c->inbuf) {
5540 0 : used_by_type[tp] += buf_datalen(c->inbuf);
5541 0 : alloc_by_type[tp] += buf_allocation(c->inbuf);
5542 : }
5543 0 : if (c->outbuf) {
5544 0 : used_by_type[tp] += buf_datalen(c->outbuf);
5545 0 : alloc_by_type[tp] += buf_allocation(c->outbuf);
5546 : }
5547 0 : } SMARTLIST_FOREACH_END(c);
5548 0 : for (i=0; i <= CONN_TYPE_MAX_; ++i) {
5549 0 : total_used += used_by_type[i];
5550 0 : total_alloc += alloc_by_type[i];
5551 : }
5552 :
5553 0 : tor_log(severity, LD_GENERAL,
5554 : "In buffers for %d connections: %"PRIu64" used/%"PRIu64" allocated",
5555 : smartlist_len(conns),
5556 : (total_used), (total_alloc));
5557 0 : for (i=CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5558 0 : if (!n_conns_by_type[i])
5559 0 : continue;
5560 0 : tor_log(severity, LD_GENERAL,
5561 : " For %d %s connections: %"PRIu64" used/%"PRIu64" allocated",
5562 : n_conns_by_type[i], conn_type_to_string(i),
5563 : (used_by_type[i]), (alloc_by_type[i]));
5564 : }
5565 0 : }
5566 :
5567 : /** Verify that connection <b>conn</b> has all of its invariants
5568 : * correct. Trigger an assert if anything is invalid.
5569 : */
5570 : void
5571 432 : assert_connection_ok(connection_t *conn, time_t now)
5572 : {
5573 432 : (void) now; /* XXXX unused. */
5574 432 : tor_assert(conn);
5575 432 : tor_assert(conn->type >= CONN_TYPE_MIN_);
5576 432 : tor_assert(conn->type <= CONN_TYPE_MAX_);
5577 :
5578 432 : switch (conn->type) {
5579 231 : case CONN_TYPE_OR:
5580 : case CONN_TYPE_EXT_OR:
5581 231 : tor_assert(conn->magic == OR_CONNECTION_MAGIC);
5582 : break;
5583 74 : case CONN_TYPE_AP:
5584 74 : tor_assert(conn->magic == ENTRY_CONNECTION_MAGIC);
5585 : break;
5586 8 : case CONN_TYPE_EXIT:
5587 8 : tor_assert(conn->magic == EDGE_CONNECTION_MAGIC);
5588 : break;
5589 111 : case CONN_TYPE_DIR:
5590 111 : tor_assert(conn->magic == DIR_CONNECTION_MAGIC);
5591 : break;
5592 0 : case CONN_TYPE_CONTROL:
5593 0 : tor_assert(conn->magic == CONTROL_CONNECTION_MAGIC);
5594 : break;
5595 0 : CASE_ANY_LISTENER_TYPE:
5596 0 : tor_assert(conn->magic == LISTENER_CONNECTION_MAGIC);
5597 : break;
5598 8 : default:
5599 8 : tor_assert(conn->magic == BASE_CONNECTION_MAGIC);
5600 : break;
5601 : }
5602 :
5603 432 : if (conn->linked_conn) {
5604 74 : tor_assert(conn->linked_conn->linked_conn == conn);
5605 74 : tor_assert(conn->linked);
5606 : }
5607 432 : if (conn->linked)
5608 104 : tor_assert(!SOCKET_OK(conn->s));
5609 :
5610 432 : if (conn->hold_open_until_flushed)
5611 0 : tor_assert(conn->marked_for_close);
5612 :
5613 : /* XXXX check: read_blocked_on_bw, write_blocked_on_bw, s, conn_array_index,
5614 : * marked_for_close. */
5615 :
5616 : /* buffers */
5617 432 : if (conn->inbuf)
5618 423 : buf_assert_ok(conn->inbuf);
5619 432 : if (conn->outbuf)
5620 423 : buf_assert_ok(conn->outbuf);
5621 :
5622 432 : if (conn->type == CONN_TYPE_OR) {
5623 216 : or_connection_t *or_conn = TO_OR_CONN(conn);
5624 216 : if (conn->state == OR_CONN_STATE_OPEN) {
5625 : /* tor_assert(conn->bandwidth > 0); */
5626 : /* the above isn't necessarily true: if we just did a TLS
5627 : * handshake but we didn't recognize the other peer, or it
5628 : * gave a bad cert/etc, then we won't have assigned bandwidth,
5629 : * yet it will be open. -RD
5630 : */
5631 : // tor_assert(conn->read_bucket >= 0);
5632 216 : }
5633 : // tor_assert(conn->addr && conn->port);
5634 216 : tor_assert(conn->address);
5635 216 : if (conn->state > OR_CONN_STATE_PROXY_HANDSHAKING)
5636 209 : tor_assert(or_conn->tls);
5637 : }
5638 :
5639 432 : if (CONN_IS_EDGE(conn)) {
5640 : /* XXX unchecked: package window, deliver window. */
5641 82 : if (conn->type == CONN_TYPE_AP) {
5642 74 : entry_connection_t *entry_conn = TO_ENTRY_CONN(conn);
5643 74 : if (entry_conn->chosen_exit_optional || entry_conn->chosen_exit_retries)
5644 0 : tor_assert(entry_conn->chosen_exit_name);
5645 :
5646 74 : tor_assert(entry_conn->socks_request);
5647 74 : if (conn->state == AP_CONN_STATE_OPEN) {
5648 2 : tor_assert(entry_conn->socks_request->has_finished);
5649 2 : if (!conn->marked_for_close) {
5650 2 : tor_assert(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer);
5651 2 : cpath_assert_layer_ok(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer);
5652 : }
5653 : }
5654 : }
5655 82 : if (conn->type == CONN_TYPE_EXIT) {
5656 8 : tor_assert(conn->purpose == EXIT_PURPOSE_CONNECT ||
5657 : conn->purpose == EXIT_PURPOSE_RESOLVE);
5658 : }
5659 350 : } else if (conn->type == CONN_TYPE_DIR) {
5660 : } else {
5661 : /* Purpose is only used for dir and exit types currently */
5662 239 : tor_assert(!conn->purpose);
5663 : }
5664 :
5665 432 : switch (conn->type)
5666 : {
5667 0 : CASE_ANY_LISTENER_TYPE:
5668 0 : tor_assert(conn->state == LISTENER_STATE_READY);
5669 : break;
5670 216 : case CONN_TYPE_OR:
5671 216 : tor_assert(conn->state >= OR_CONN_STATE_MIN_);
5672 216 : tor_assert(conn->state <= OR_CONN_STATE_MAX_);
5673 : break;
5674 15 : case CONN_TYPE_EXT_OR:
5675 15 : tor_assert(conn->state >= EXT_OR_CONN_STATE_MIN_);
5676 15 : tor_assert(conn->state <= EXT_OR_CONN_STATE_MAX_);
5677 : break;
5678 8 : case CONN_TYPE_EXIT:
5679 8 : tor_assert(conn->state >= EXIT_CONN_STATE_MIN_);
5680 8 : tor_assert(conn->state <= EXIT_CONN_STATE_MAX_);
5681 8 : tor_assert(conn->purpose >= EXIT_PURPOSE_MIN_);
5682 8 : tor_assert(conn->purpose <= EXIT_PURPOSE_MAX_);
5683 : break;
5684 74 : case CONN_TYPE_AP:
5685 74 : tor_assert(conn->state >= AP_CONN_STATE_MIN_);
5686 74 : tor_assert(conn->state <= AP_CONN_STATE_MAX_);
5687 74 : tor_assert(TO_ENTRY_CONN(conn)->socks_request);
5688 : break;
5689 111 : case CONN_TYPE_DIR:
5690 111 : tor_assert(conn->state >= DIR_CONN_STATE_MIN_);
5691 111 : tor_assert(conn->state <= DIR_CONN_STATE_MAX_);
5692 111 : tor_assert(conn->purpose >= DIR_PURPOSE_MIN_);
5693 111 : tor_assert(conn->purpose <= DIR_PURPOSE_MAX_);
5694 : break;
5695 0 : case CONN_TYPE_CONTROL:
5696 0 : tor_assert(conn->state >= CONTROL_CONN_STATE_MIN_);
5697 0 : tor_assert(conn->state <= CONTROL_CONN_STATE_MAX_);
5698 : break;
5699 : case CONN_TYPE_METRICS:
5700 : /* No state. */
5701 : break;
5702 : default:
5703 0 : tor_assert(0);
5704 : }
5705 432 : }
5706 :
5707 : /** Fills <b>addr</b> and <b>port</b> with the details of the global
5708 : * proxy server we are using. Store a 1 to the int pointed to by
5709 : * <b>is_put_out</b> if the connection is using a pluggable
5710 : * transport; store 0 otherwise. <b>conn</b> contains the connection
5711 : * we are using the proxy for.
5712 : *
5713 : * Return 0 on success, -1 on failure.
5714 : */
5715 : int
5716 0 : get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
5717 : int *is_pt_out, const connection_t *conn)
5718 : {
5719 0 : const or_options_t *options = get_options();
5720 :
5721 0 : *is_pt_out = 0;
5722 : /* Client Transport Plugins can use another proxy, but that should be hidden
5723 : * from the rest of tor (as the plugin is responsible for dealing with the
5724 : * proxy), check it first, then check the rest of the proxy types to allow
5725 : * the config to have unused ClientTransportPlugin entries.
5726 : */
5727 0 : if (options->ClientTransportPlugin) {
5728 0 : const transport_t *transport = NULL;
5729 0 : int r;
5730 0 : r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
5731 0 : if (r<0)
5732 0 : return -1;
5733 0 : if (transport) { /* transport found */
5734 0 : tor_addr_copy(addr, &transport->addr);
5735 0 : *port = transport->port;
5736 0 : *proxy_type = transport->socks_version;
5737 0 : *is_pt_out = 1;
5738 0 : return 0;
5739 : }
5740 :
5741 : /* Unused ClientTransportPlugin. */
5742 : }
5743 :
5744 0 : if (options->HTTPSProxy) {
5745 0 : tor_addr_copy(addr, &options->HTTPSProxyAddr);
5746 0 : *port = options->HTTPSProxyPort;
5747 0 : *proxy_type = PROXY_CONNECT;
5748 0 : return 0;
5749 0 : } else if (options->Socks4Proxy) {
5750 0 : tor_addr_copy(addr, &options->Socks4ProxyAddr);
5751 0 : *port = options->Socks4ProxyPort;
5752 0 : *proxy_type = PROXY_SOCKS4;
5753 0 : return 0;
5754 0 : } else if (options->Socks5Proxy) {
5755 0 : tor_addr_copy(addr, &options->Socks5ProxyAddr);
5756 0 : *port = options->Socks5ProxyPort;
5757 0 : *proxy_type = PROXY_SOCKS5;
5758 0 : return 0;
5759 0 : } else if (options->TCPProxy) {
5760 0 : tor_addr_copy(addr, &options->TCPProxyAddr);
5761 0 : *port = options->TCPProxyPort;
5762 : /* The only supported protocol in TCPProxy is haproxy. */
5763 0 : tor_assert(options->TCPProxyProtocol == TCP_PROXY_PROTOCOL_HAPROXY);
5764 0 : *proxy_type = PROXY_HAPROXY;
5765 0 : return 0;
5766 : }
5767 :
5768 0 : tor_addr_make_unspec(addr);
5769 0 : *port = 0;
5770 0 : *proxy_type = PROXY_NONE;
5771 0 : return 0;
5772 : }
5773 :
5774 : /** Log a failed connection to a proxy server.
5775 : * <b>conn</b> is the connection we use the proxy server for. */
5776 : void
5777 0 : log_failed_proxy_connection(connection_t *conn)
5778 : {
5779 0 : tor_addr_t proxy_addr;
5780 0 : uint16_t proxy_port;
5781 0 : int proxy_type, is_pt;
5782 :
5783 0 : if (get_proxy_addrport(&proxy_addr, &proxy_port, &proxy_type, &is_pt,
5784 : conn) != 0)
5785 0 : return; /* if we have no proxy set up, leave this function. */
5786 :
5787 0 : (void)is_pt;
5788 0 : log_warn(LD_NET,
5789 : "The connection to the %s proxy server at %s just failed. "
5790 : "Make sure that the proxy server is up and running.",
5791 : proxy_type_to_string(proxy_type),
5792 : fmt_addrport(&proxy_addr, proxy_port));
5793 : }
5794 :
5795 : /** Return string representation of <b>proxy_type</b>. */
5796 : static const char *
5797 0 : proxy_type_to_string(int proxy_type)
5798 : {
5799 0 : switch (proxy_type) {
5800 : case PROXY_CONNECT: return "HTTP";
5801 0 : case PROXY_SOCKS4: return "SOCKS4";
5802 0 : case PROXY_SOCKS5: return "SOCKS5";
5803 0 : case PROXY_HAPROXY: return "HAPROXY";
5804 0 : case PROXY_PLUGGABLE: return "pluggable transports SOCKS";
5805 0 : case PROXY_NONE: return "NULL";
5806 0 : default: tor_assert(0);
5807 : }
5808 : return NULL; /*Unreached*/
5809 : }
5810 :
5811 : /** Call connection_free_minimal() on every connection in our array, and
5812 : * release all storage held by connection.c.
5813 : *
5814 : * Don't do the checks in connection_free(), because they will
5815 : * fail.
5816 : */
5817 : void
5818 235 : connection_free_all(void)
5819 : {
5820 235 : smartlist_t *conns = get_connection_array();
5821 :
5822 : /* We don't want to log any messages to controllers. */
5823 235 : SMARTLIST_FOREACH(conns, connection_t *, conn,
5824 : if (conn->type == CONN_TYPE_CONTROL)
5825 : TO_CONTROL_CONN(conn)->event_mask = 0);
5826 :
5827 235 : control_update_global_event_mask();
5828 :
5829 : /* Unlink everything from the identity map. */
5830 235 : connection_or_clear_identity_map();
5831 :
5832 : /* Clear out our list of broken connections */
5833 235 : clear_broken_connection_map(0);
5834 :
5835 235 : SMARTLIST_FOREACH(conns, connection_t *, conn,
5836 : connection_free_minimal(conn));
5837 :
5838 235 : if (outgoing_addrs) {
5839 0 : SMARTLIST_FOREACH(outgoing_addrs, tor_addr_t *, addr, tor_free(addr));
5840 0 : smartlist_free(outgoing_addrs);
5841 0 : outgoing_addrs = NULL;
5842 : }
5843 :
5844 235 : tor_free(last_interface_ipv4);
5845 235 : tor_free(last_interface_ipv6);
5846 235 : last_recorded_accounting_at = 0;
5847 :
5848 235 : mainloop_event_free(reenable_blocked_connections_ev);
5849 235 : reenable_blocked_connections_is_scheduled = 0;
5850 235 : memset(&reenable_blocked_connections_delay, 0, sizeof(struct timeval));
5851 235 : }
5852 :
5853 : /** Log a warning, and possibly emit a control event, that <b>received</b> came
5854 : * at a skewed time. <b>trusted</b> indicates that the <b>source</b> was one
5855 : * that we had more faith in and therefore the warning level should have higher
5856 : * severity.
5857 : */
5858 0 : MOCK_IMPL(void,
5859 : clock_skew_warning, (const connection_t *conn, long apparent_skew, int trusted,
5860 : log_domain_mask_t domain, const char *received,
5861 : const char *source))
5862 : {
5863 0 : char dbuf[64];
5864 0 : char *ext_source = NULL, *warn = NULL;
5865 0 : format_time_interval(dbuf, sizeof(dbuf), apparent_skew);
5866 0 : if (conn)
5867 0 : tor_asprintf(&ext_source, "%s:%s:%d", source,
5868 0 : fmt_and_decorate_addr(&conn->addr), conn->port);
5869 : else
5870 0 : ext_source = tor_strdup(source);
5871 0 : log_fn(trusted ? LOG_WARN : LOG_INFO, domain,
5872 : "Received %s with skewed time (%s): "
5873 : "It seems that our clock is %s by %s, or that theirs is %s%s. "
5874 : "Tor requires an accurate clock to work: please check your time, "
5875 : "timezone, and date settings.", received, ext_source,
5876 : apparent_skew > 0 ? "ahead" : "behind", dbuf,
5877 : apparent_skew > 0 ? "behind" : "ahead",
5878 : (!conn || trusted) ? "" : ", or they are sending us the wrong time");
5879 0 : if (trusted) {
5880 0 : control_event_general_status(LOG_WARN, "CLOCK_SKEW SKEW=%ld SOURCE=%s",
5881 : apparent_skew, ext_source);
5882 0 : tor_asprintf(&warn, "Clock skew %ld in %s from %s", apparent_skew,
5883 : received, source);
5884 0 : control_event_bootstrap_problem(warn, "CLOCK_SKEW", conn, 1);
5885 : }
5886 0 : tor_free(warn);
5887 0 : tor_free(ext_source);
5888 0 : }
|
