Line data Source code
1 : /* Copyright (c) 2001 Matej Pfajfar.
2 : * Copyright (c) 2001-2004, Roger Dingledine.
3 : * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 : * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 : /* See LICENSE for licensing information */
6 :
7 : /**
8 : * \file connection.h
9 : * \brief Header file for connection.c.
10 : **/
11 :
12 : #ifndef TOR_CONNECTION_H
13 : #define TOR_CONNECTION_H
14 :
15 : #include "lib/smartlist_core/smartlist_core.h"
16 : #include "lib/log/log.h"
17 :
18 : #ifdef HAVE_SYS_SOCKET_H
19 : #include <sys/socket.h>
20 : #endif
21 :
22 : struct listener_connection_t;
23 : struct connection_t;
24 : struct dir_connection_t;
25 : struct or_connection_t;
26 : struct edge_connection_t;
27 : struct entry_connection_t;
28 : struct control_connection_t;
29 : struct port_cfg_t;
30 : struct tor_addr_t;
31 : struct or_options_t;
32 :
33 : struct listener_connection_t *TO_LISTENER_CONN(struct connection_t *);
34 : const struct listener_connection_t *CONST_TO_LISTENER_CONN(
35 : const struct connection_t *);
36 :
37 : struct buf_t;
38 :
39 : #define CONN_TYPE_MIN_ 3
40 : /** Type for sockets listening for OR connections. */
41 : #define CONN_TYPE_OR_LISTENER 3
42 : /** A bidirectional TLS connection transmitting a sequence of cells.
43 : * May be from an OR to an OR, or from an OP to an OR. */
44 : #define CONN_TYPE_OR 4
45 : /** A TCP connection from an onion router to a stream's destination. */
46 : #define CONN_TYPE_EXIT 5
47 : /** Type for sockets listening for SOCKS connections. */
48 : #define CONN_TYPE_AP_LISTENER 6
49 : /** A SOCKS proxy connection from the user application to the onion
50 : * proxy. */
51 : #define CONN_TYPE_AP 7
52 : /** Type for sockets listening for HTTP connections to the directory server. */
53 : #define CONN_TYPE_DIR_LISTENER 8
54 : /** Type for HTTP connections to the directory server. */
55 : #define CONN_TYPE_DIR 9
56 : /* Type 10 is unused. */
57 : /** Type for listening for connections from user interface process. */
58 : #define CONN_TYPE_CONTROL_LISTENER 11
59 : /** Type for connections from user interface process. */
60 : #define CONN_TYPE_CONTROL 12
61 : /** Type for sockets listening for transparent connections redirected by pf or
62 : * netfilter. */
63 : #define CONN_TYPE_AP_TRANS_LISTENER 13
64 : /** Type for sockets listening for transparent connections redirected by
65 : * natd. */
66 : #define CONN_TYPE_AP_NATD_LISTENER 14
67 : /** Type for sockets listening for DNS requests. */
68 : #define CONN_TYPE_AP_DNS_LISTENER 15
69 :
70 : /** Type for connections from the Extended ORPort. */
71 : #define CONN_TYPE_EXT_OR 16
72 : /** Type for sockets listening for Extended ORPort connections. */
73 : #define CONN_TYPE_EXT_OR_LISTENER 17
74 : /** Type for sockets listening for HTTP CONNECT tunnel connections. */
75 : #define CONN_TYPE_AP_HTTP_CONNECT_LISTENER 18
76 : /** Type for sockets listening for Metrics query connections. */
77 : #define CONN_TYPE_METRICS_LISTENER 19
78 : /** Type for connections from metrics listener. */
79 : #define CONN_TYPE_METRICS 20
80 :
81 : #define CONN_TYPE_MAX_ 21
82 : /* !!!! If _CONN_TYPE_MAX is ever over 31, we must grow the type field in
83 : * struct connection_t. */
84 :
85 : /* Proxy client handshake states */
86 : /* We use a proxy but we haven't even connected to it yet. */
87 : #define PROXY_INFANT 1
88 : /* We use an HTTP proxy and we've sent the CONNECT command. */
89 : #define PROXY_HTTPS_WANT_CONNECT_OK 2
90 : /* We use a SOCKS4 proxy and we've sent the CONNECT command. */
91 : #define PROXY_SOCKS4_WANT_CONNECT_OK 3
92 : /* We use a SOCKS5 proxy and we try to negotiate without
93 : any authentication . */
94 : #define PROXY_SOCKS5_WANT_AUTH_METHOD_NONE 4
95 : /* We use a SOCKS5 proxy and we try to negotiate with
96 : Username/Password authentication . */
97 : #define PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929 5
98 : /* We use a SOCKS5 proxy and we just sent our credentials. */
99 : #define PROXY_SOCKS5_WANT_AUTH_RFC1929_OK 6
100 : /* We use a SOCKS5 proxy and we just sent our CONNECT command. */
101 : #define PROXY_SOCKS5_WANT_CONNECT_OK 7
102 : /* We use an HAPROXY proxy and we just sent the proxy header. */
103 : #define PROXY_HAPROXY_WAIT_FOR_FLUSH 8
104 : /* We use a proxy and we CONNECTed successfully!. */
105 : #define PROXY_CONNECTED 9
106 :
107 : /** State for any listener connection. */
108 : #define LISTENER_STATE_READY 0
109 :
110 : /**
111 : * This struct associates an old listener connection to be replaced
112 : * by new connection described by port configuration. Only used when
113 : * moving listeners to/from wildcard IP address.
114 : */
115 : typedef struct
116 : {
117 : struct connection_t *old_conn; /* Old listener connection to be replaced */
118 : const struct port_cfg_t *new_port; /* New port configuration */
119 : } listener_replacement_t;
120 :
121 : const char *conn_type_to_string(int type);
122 : const char *conn_state_to_string(int type, int state);
123 : int conn_listener_type_supports_af_unix(int type);
124 :
125 : const char *connection_describe(const connection_t *conn);
126 : const char *connection_describe_peer(const connection_t *conn);
127 :
128 : struct dir_connection_t *dir_connection_new(int socket_family);
129 : struct or_connection_t *or_connection_new(int type, int socket_family);
130 : struct edge_connection_t *edge_connection_new(int type, int socket_family);
131 : struct entry_connection_t *entry_connection_new(int type, int socket_family);
132 : struct control_connection_t *control_connection_new(int socket_family);
133 : struct listener_connection_t *listener_connection_new(int type,
134 : int socket_family);
135 : struct connection_t *connection_new(int type, int socket_family);
136 : int connection_init_accepted_conn(struct connection_t *conn,
137 : const struct listener_connection_t *listener);
138 : void connection_link_connections(struct connection_t *conn_a,
139 : struct connection_t *conn_b);
140 : MOCK_DECL(void,connection_free_,(struct connection_t *conn));
141 : #define connection_free(conn) \
142 : FREE_AND_NULL(struct connection_t, connection_free_, (conn))
143 : void connection_free_all(void);
144 : void connection_about_to_close_connection(struct connection_t *conn);
145 : void connection_close_immediate(struct connection_t *conn);
146 : void connection_mark_for_close_(struct connection_t *conn,
147 : int line, const char *file);
148 : MOCK_DECL(void, connection_mark_for_close_internal_,
149 : (struct connection_t *conn, int line, const char *file));
150 :
151 : #define connection_mark_for_close(c) \
152 : connection_mark_for_close_((c), __LINE__, SHORT_FILE__)
153 : #define connection_mark_for_close_internal(c) \
154 : connection_mark_for_close_internal_((c), __LINE__, SHORT_FILE__)
155 :
156 : /**
157 : * Mark 'c' for close, but try to hold it open until all the data is written.
158 : * Use the _internal versions of connection_mark_for_close; this should be
159 : * called when you either are sure that if this is an or_connection_t the
160 : * controlling channel has been notified (e.g. with
161 : * connection_or_notify_error()), or you actually are the
162 : * connection_or_close_for_error() or connection_or_close_normally function.
163 : * For all other cases, use connection_mark_and_flush() instead, which
164 : * checks for struct or_connection_t properly, instead. See below.
165 : */
166 : #define connection_mark_and_flush_internal_(c,line,file) \
167 : do { \
168 : struct connection_t *tmp_conn__ = (c); \
169 : connection_mark_for_close_internal_(tmp_conn__, (line), (file)); \
170 : tmp_conn__->hold_open_until_flushed = 1; \
171 : } while (0)
172 :
173 : #define connection_mark_and_flush_internal(c) \
174 : connection_mark_and_flush_internal_((c), __LINE__, SHORT_FILE__)
175 :
176 : /**
177 : * Mark 'c' for close, but try to hold it open until all the data is written.
178 : */
179 : #define connection_mark_and_flush_(c,line,file) \
180 : do { \
181 : struct connection_t *tmp_conn_ = (c); \
182 : if (tmp_conn_->type == CONN_TYPE_OR) { \
183 : log_warn(LD_CHANNEL | LD_BUG, \
184 : "Something tried to close (and flush) an or_connection_t" \
185 : " without going through channels at %s:%d", \
186 : file, line); \
187 : connection_or_close_for_error(TO_OR_CONN(tmp_conn_), 1); \
188 : } else { \
189 : connection_mark_and_flush_internal_(c, line, file); \
190 : } \
191 : } while (0)
192 :
193 : #define connection_mark_and_flush(c) \
194 : connection_mark_and_flush_((c), __LINE__, SHORT_FILE__)
195 :
196 : void connection_expire_held_open(void);
197 :
198 : int connection_connect(struct connection_t *conn, const char *address,
199 : const struct tor_addr_t *addr,
200 : uint16_t port, int *socket_error);
201 :
202 : #ifdef HAVE_SYS_UN_H
203 :
204 : int connection_connect_unix(struct connection_t *conn, const char *socket_path,
205 : int *socket_error);
206 :
207 : #endif /* defined(HAVE_SYS_UN_H) */
208 :
209 : /** Maximum size of information that we can fit into SOCKS5 username
210 : or password fields. */
211 : #define MAX_SOCKS5_AUTH_FIELD_SIZE 255
212 :
213 : /** Total maximum size of information that we can fit into SOCKS5
214 : username and password fields. */
215 : #define MAX_SOCKS5_AUTH_SIZE_TOTAL 2*MAX_SOCKS5_AUTH_FIELD_SIZE
216 :
217 : int connection_proxy_connect(struct connection_t *conn, int type);
218 : int connection_read_proxy_handshake(struct connection_t *conn);
219 : void log_failed_proxy_connection(struct connection_t *conn);
220 : int get_proxy_addrport(struct tor_addr_t *addr, uint16_t *port,
221 : int *proxy_type,
222 : int *is_pt_out, const struct connection_t *conn);
223 :
224 : int retry_all_listeners(struct smartlist_t *new_conns,
225 : int close_all_noncontrol);
226 :
227 : void connection_mark_all_noncontrol_listeners(void);
228 : void connection_mark_all_noncontrol_connections(void);
229 :
230 : ssize_t connection_bucket_write_limit(struct connection_t *conn, time_t now);
231 : bool connection_dir_is_global_write_low(const struct connection_t *conn,
232 : size_t attempt);
233 : void connection_bucket_init(void);
234 : void connection_bucket_adjust(const struct or_options_t *options);
235 : void connection_bucket_refill_all(time_t now,
236 : uint32_t now_ts);
237 : void connection_read_bw_exhausted(struct connection_t *conn,
238 : bool is_global_bw);
239 : void connection_write_bw_exhausted(struct connection_t *conn,
240 : bool is_global_bw);
241 : void connection_consider_empty_read_buckets(struct connection_t *conn);
242 : void connection_consider_empty_write_buckets(struct connection_t *conn);
243 :
244 : int connection_handle_read(struct connection_t *conn);
245 :
246 : int connection_buf_get_bytes(char *string, size_t len,
247 : struct connection_t *conn);
248 : int connection_buf_get_line(struct connection_t *conn, char *data,
249 : size_t *data_len);
250 : int connection_fetch_from_buf_http(struct connection_t *conn,
251 : char **headers_out, size_t max_headerlen,
252 : char **body_out, size_t *body_used,
253 : size_t max_bodylen, int force_complete);
254 :
255 : int connection_wants_to_flush(struct connection_t *conn);
256 : int connection_outbuf_too_full(struct connection_t *conn);
257 : int connection_handle_write(struct connection_t *conn, int force);
258 : int connection_flush(struct connection_t *conn);
259 :
260 : MOCK_DECL(void, connection_write_to_buf_impl_,
261 : (const char *string, size_t len, struct connection_t *conn,
262 : int zlib));
263 : /* DOCDOC connection_write_to_buf */
264 : static void connection_buf_add(const char *string, size_t len,
265 : struct connection_t *conn);
266 : void connection_dir_buf_add(const char *string, size_t len,
267 : struct dir_connection_t *dir_conn, int done);
268 : static inline void
269 127 : connection_buf_add(const char *string, size_t len, struct connection_t *conn)
270 : {
271 127 : connection_write_to_buf_impl_(string, len, conn, 0);
272 127 : }
273 : void connection_buf_add_compress(const char *string, size_t len,
274 : struct dir_connection_t *conn, int done);
275 : void connection_buf_add_buf(struct connection_t *conn, struct buf_t *buf);
276 :
277 : size_t connection_get_inbuf_len(struct connection_t *conn);
278 : size_t connection_get_outbuf_len(struct connection_t *conn);
279 : struct connection_t *connection_get_by_global_id(uint64_t id);
280 :
281 : struct connection_t *connection_get_by_type(int type);
282 : MOCK_DECL(struct connection_t *,connection_get_by_type_nonlinked,(int type));
283 : MOCK_DECL(struct connection_t *,connection_get_by_type_addr_port_purpose,
284 : (int type,
285 : const struct tor_addr_t *addr,
286 : uint16_t port, int purpose));
287 : struct connection_t *connection_get_by_type_state(int type, int state);
288 : struct connection_t *connection_get_by_type_state_rendquery(
289 : int type, int state,
290 : const char *rendquery);
291 : struct smartlist_t *connection_list_by_type_state(int type, int state);
292 : struct smartlist_t *connection_list_by_type_purpose(int type, int purpose);
293 : struct smartlist_t *connection_dir_list_by_purpose_and_resource(
294 : int purpose,
295 : const char *resource);
296 : struct smartlist_t *connection_dir_list_by_purpose_resource_and_state(
297 : int purpose,
298 : const char *resource,
299 : int state);
300 :
301 : #define CONN_LEN_AND_FREE_TEMPLATE(sl) \
302 : STMT_BEGIN \
303 : int len = smartlist_len(sl); \
304 : smartlist_free(sl); \
305 : return len; \
306 : STMT_END
307 :
308 : /** Return a count of directory connections that are fetching the item
309 : * described by <b>purpose</b>/<b>resource</b>. */
310 : static inline int
311 60 : connection_dir_count_by_purpose_and_resource(
312 : int purpose,
313 : const char *resource)
314 : {
315 60 : struct smartlist_t *conns = connection_dir_list_by_purpose_and_resource(
316 : purpose,
317 : resource);
318 60 : CONN_LEN_AND_FREE_TEMPLATE(conns);
319 : }
320 :
321 : /** Return a count of directory connections that are fetching the item
322 : * described by <b>purpose</b>/<b>resource</b>/<b>state</b>. */
323 : static inline int
324 4 : connection_dir_count_by_purpose_resource_and_state(
325 : int purpose,
326 : const char *resource,
327 : int state)
328 : {
329 8 : struct smartlist_t *conns =
330 4 : connection_dir_list_by_purpose_resource_and_state(
331 : purpose,
332 : resource,
333 : state);
334 4 : CONN_LEN_AND_FREE_TEMPLATE(conns);
335 : }
336 :
337 : #undef CONN_LEN_AND_FREE_TEMPLATE
338 :
339 : int any_other_active_or_conns(const struct or_connection_t *this_conn);
340 :
341 : /* || 0 is for -Wparentheses-equality (-Wall?) appeasement under clang */
342 : #define connection_speaks_cells(conn) (((conn)->type == CONN_TYPE_OR) || 0)
343 : int connection_is_listener(struct connection_t *conn);
344 : int connection_state_is_open(struct connection_t *conn);
345 : int connection_state_is_connecting(struct connection_t *conn);
346 :
347 : char *alloc_http_authenticator(const char *authenticator);
348 :
349 : void assert_connection_ok(struct connection_t *conn, time_t now);
350 : int connection_or_nonopen_was_started_here(struct or_connection_t *conn);
351 : void connection_dump_buffer_mem_stats(int severity);
352 :
353 : MOCK_DECL(void, clock_skew_warning,
354 : (const struct connection_t *conn, long apparent_skew, int trusted,
355 : log_domain_mask_t domain, const char *received,
356 : const char *source));
357 :
358 : int connection_is_moribund(struct connection_t *conn);
359 : void connection_check_oos(int n_socks, int failed);
360 :
361 : /** Execute the statement <b>stmt</b>, which may log events concerning the
362 : * connection <b>conn</b>. To prevent infinite loops, disable log messages
363 : * being sent to controllers if <b>conn</b> is a control connection.
364 : *
365 : * Stmt must not contain any return or goto statements.
366 : */
367 : #define CONN_LOG_PROTECT(conn, stmt) \
368 : STMT_BEGIN \
369 : int _log_conn_is_control; \
370 : tor_assert(conn); \
371 : _log_conn_is_control = (conn->type == CONN_TYPE_CONTROL); \
372 : if (_log_conn_is_control) \
373 : disable_control_logging(); \
374 : STMT_BEGIN stmt; STMT_END; \
375 : if (_log_conn_is_control) \
376 : enable_control_logging(); \
377 : STMT_END
378 :
379 : #ifdef CONNECTION_PRIVATE
380 : STATIC void connection_free_minimal(struct connection_t *conn);
381 :
382 : /* Used only by connection.c and test*.c */
383 : MOCK_DECL(STATIC int,connection_connect_sockaddr,
384 : (struct connection_t *conn,
385 : const struct sockaddr *sa,
386 : socklen_t sa_len,
387 : const struct sockaddr *bindaddr,
388 : socklen_t bindaddr_len,
389 : int *socket_error));
390 : MOCK_DECL(STATIC void, kill_conn_list_for_oos, (struct smartlist_t *conns));
391 : MOCK_DECL(STATIC struct smartlist_t *, pick_oos_victims, (int n));
392 :
393 : #endif /* defined(CONNECTION_PRIVATE) */
394 :
395 : #endif /* !defined(TOR_CONNECTION_H) */
|
