Tor  0.4.5.0-alpha-dev
circuitbuild.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2020, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file circuitbuild.c
9  *
10  * \brief Implements the details of building circuits (by chosing paths,
11  * constructing/sending create/extend cells, and so on).
12  *
13  * On the client side, this module handles launching circuits. Circuit
14  * launches are srtarted from circuit_establish_circuit(), called from
15  * circuit_launch_by_extend_info()). To choose the path the circuit will
16  * take, onion_extend_cpath() calls into a maze of node selection functions.
17  *
18  * Once the circuit is ready to be launched, the first hop is treated as a
19  * special case with circuit_handle_first_hop(), since it might need to open a
20  * channel. As the channel opens, and later as CREATED and RELAY_EXTENDED
21  * cells arrive, the client will invoke circuit_send_next_onion_skin() to send
22  * CREATE or RELAY_EXTEND cells.
23  *
24  * The server side is handled in feature/relay/circuitbuild_relay.c.
25  **/
26 
27 #define CIRCUITBUILD_PRIVATE
28 #define OCIRC_EVENT_PRIVATE
29 
30 #include "core/or/or.h"
31 #include "app/config/config.h"
32 #include "lib/confmgt/confmgt.h"
33 #include "core/crypto/hs_ntor.h"
35 #include "core/crypto/onion_fast.h"
36 #include "core/crypto/onion_tap.h"
38 #include "core/mainloop/mainloop.h"
39 #include "core/or/channel.h"
40 #include "core/or/circuitbuild.h"
41 #include "core/or/circuitlist.h"
42 #include "core/or/circuitstats.h"
43 #include "core/or/circuituse.h"
44 #include "core/or/circuitpadding.h"
45 #include "core/or/command.h"
47 #include "core/or/connection_or.h"
48 #include "core/or/extendinfo.h"
49 #include "core/or/onion.h"
50 #include "core/or/ocirc_event.h"
51 #include "core/or/policies.h"
52 #include "core/or/relay.h"
53 #include "core/or/trace_probes_circuit.h"
54 #include "core/or/crypt_path.h"
55 #include "feature/client/bridges.h"
56 #include "feature/client/circpathbias.h"
69 #include "feature/relay/router.h"
71 #include "feature/relay/selftest.h"
75 #include "lib/trace/events.h"
76 
77 #include "core/or/cell_st.h"
80 #include "core/or/extend_info_st.h"
82 #include "core/or/or_circuit_st.h"
84 
88  crypt_path_t *hop);
89 static const node_t *choose_good_middle_server(uint8_t purpose,
90  cpath_build_state_t *state,
91  crypt_path_t *head,
92  int cur_len);
93 
94 /** This function tries to get a channel to the specified endpoint,
95  * and then calls command_setup_channel() to give it the right
96  * callbacks.
97  */
100 {
101  channel_t *chan;
102 
103  const tor_addr_port_t *orport = extend_info_pick_orport(ei);
104  if (!orport)
105  return NULL;
106  const char *id_digest = ei->identity_digest;
107  const ed25519_public_key_t *ed_id = &ei->ed_identity;
108 
109  chan = channel_connect(&orport->addr, orport->port, id_digest, ed_id);
110  if (chan) command_setup_channel(chan);
111 
112  return chan;
113 }
114 
115 /** Search for a value for circ_id that we can use on <b>chan</b> for an
116  * outbound circuit, until we get a circ_id that is not in use by any other
117  * circuit on that conn.
118  *
119  * Return it, or 0 if can't get a unique circ_id.
120  */
123 {
124 /* This number is chosen somewhat arbitrarily; see comment below for more
125  * info. When the space is 80% full, it gives a one-in-a-million failure
126  * chance; when the space is 90% full, it gives a one-in-850 chance; and when
127  * the space is 95% full, it gives a one-in-26 failure chance. That seems
128  * okay, though you could make a case IMO for anything between N=32 and
129  * N=256. */
130 #define MAX_CIRCID_ATTEMPTS 64
131  int in_use;
132  unsigned n_with_circ = 0, n_pending_destroy = 0, n_weird_pending_destroy = 0;
133  circid_t test_circ_id;
134  circid_t attempts=0;
135  circid_t high_bit, max_range, mask;
136  int64_t pending_destroy_time_total = 0;
137  int64_t pending_destroy_time_max = 0;
138 
139  tor_assert(chan);
140 
141  if (chan->circ_id_type == CIRC_ID_TYPE_NEITHER) {
142  log_warn(LD_BUG,
143  "Trying to pick a circuit ID for a connection from "
144  "a client with no identity.");
145  return 0;
146  }
147  max_range = (chan->wide_circ_ids) ? (1u<<31) : (1u<<15);
148  mask = max_range - 1;
149  high_bit = (chan->circ_id_type == CIRC_ID_TYPE_HIGHER) ? max_range : 0;
150  do {
151  if (++attempts > MAX_CIRCID_ATTEMPTS) {
152  /* Make sure we don't loop forever because all circuit IDs are used.
153  *
154  * Once, we would try until we had tried every possible circuit ID. But
155  * that's quite expensive. Instead, we try MAX_CIRCID_ATTEMPTS random
156  * circuit IDs, and then give up.
157  *
158  * This potentially causes us to give up early if our circuit ID space
159  * is nearly full. If we have N circuit IDs in use, then we will reject
160  * a new circuit with probability (N / max_range) ^ MAX_CIRCID_ATTEMPTS.
161  * This means that in practice, a few percent of our circuit ID capacity
162  * will go unused.
163  *
164  * The alternative here, though, is to do a linear search over the
165  * whole circuit ID space every time we extend a circuit, which is
166  * not so great either.
167  */
168  int64_t queued_destroys;
170  approx_time());
171  if (m == NULL)
172  return 0; /* This message has been rate-limited away. */
173  if (n_pending_destroy)
174  pending_destroy_time_total /= n_pending_destroy;
175  log_warn(LD_CIRC,"No unused circIDs found on channel %s wide "
176  "circID support, with %u inbound and %u outbound circuits. "
177  "Found %u circuit IDs in use by circuits, and %u with "
178  "pending destroy cells. (%u of those were marked bogusly.) "
179  "The ones with pending destroy cells "
180  "have been marked unusable for an average of %ld seconds "
181  "and a maximum of %ld seconds. This channel is %ld seconds "
182  "old. Failing a circuit.%s",
183  chan->wide_circ_ids ? "with" : "without",
184  chan->num_p_circuits, chan->num_n_circuits,
185  n_with_circ, n_pending_destroy, n_weird_pending_destroy,
186  (long)pending_destroy_time_total,
187  (long)pending_destroy_time_max,
188  (long)(approx_time() - chan->timestamp_created),
189  m);
190  tor_free(m);
191 
192  if (!chan->cmux) {
193  /* This warning should be impossible. */
194  log_warn(LD_BUG, " This channel somehow has no cmux on it!");
195  return 0;
196  }
197 
198  /* analysis so far on 12184 suggests that we're running out of circuit
199  IDs because it looks like we have too many pending destroy
200  cells. Let's see how many we really have pending.
201  */
202  queued_destroys = circuitmux_count_queued_destroy_cells(chan,
203  chan->cmux);
204 
205  log_warn(LD_CIRC, " Circuitmux on this channel has %u circuits, "
206  "of which %u are active. It says it has %"PRId64
207  " destroy cells queued.",
210  (queued_destroys));
211 
212  /* Change this into "if (1)" in order to get more information about
213  * possible failure modes here. You'll need to know how to use gdb with
214  * Tor: this will make Tor exit with an assertion failure if the cmux is
215  * corrupt. */
216  if (0)
217  circuitmux_assert_okay(chan->cmux);
218 
220 
221  return 0;
222  }
223 
224  do {
225  crypto_rand((char*) &test_circ_id, sizeof(test_circ_id));
226  test_circ_id &= mask;
227  } while (test_circ_id == 0);
228 
229  test_circ_id |= high_bit;
230 
231  in_use = circuit_id_in_use_on_channel(test_circ_id, chan);
232  if (in_use == 1)
233  ++n_with_circ;
234  else if (in_use == 2) {
235  time_t since_when;
236  ++n_pending_destroy;
237  since_when =
238  circuit_id_when_marked_unusable_on_channel(test_circ_id, chan);
239  if (since_when) {
240  time_t waiting = approx_time() - since_when;
241  pending_destroy_time_total += waiting;
242  if (waiting > pending_destroy_time_max)
243  pending_destroy_time_max = waiting;
244  } else {
245  ++n_weird_pending_destroy;
246  }
247  }
248  } while (in_use);
249  return test_circ_id;
250 }
251 
252 /** If <b>verbose</b> is false, allocate and return a comma-separated list of
253  * the currently built elements of <b>circ</b>. If <b>verbose</b> is true, also
254  * list information about link status in a more verbose format using spaces.
255  * If <b>verbose_names</b> is false, give hex digests; if <b>verbose_names</b>
256  * is true, use $DIGEST=Name style names.
257  */
258 static char *
259 circuit_list_path_impl(origin_circuit_t *circ, int verbose, int verbose_names)
260 {
261  crypt_path_t *hop;
262  smartlist_t *elements;
263  const char *states[] = {"closed", "waiting for keys", "open"};
264  char *s;
265 
266  elements = smartlist_new();
267 
268  if (verbose) {
269  const char *nickname = build_state_get_exit_nickname(circ->build_state);
270  smartlist_add_asprintf(elements, "%s%s circ (length %d%s%s):",
271  circ->build_state->is_internal ? "internal" : "exit",
272  circ->build_state->need_uptime ? " (high-uptime)" : "",
274  circ->base_.state == CIRCUIT_STATE_OPEN ? "" : ", last hop ",
275  circ->base_.state == CIRCUIT_STATE_OPEN ? "" :
276  (nickname?nickname:"*unnamed*"));
277  }
278 
279  hop = circ->cpath;
280  do {
281  char *elt;
282  const char *id;
283  const node_t *node;
284  if (!hop)
285  break;
286  if (!verbose && hop->state != CPATH_STATE_OPEN)
287  break;
288  if (!hop->extend_info)
289  break;
290  id = hop->extend_info->identity_digest;
291  if (verbose_names) {
292  elt = tor_malloc(MAX_VERBOSE_NICKNAME_LEN+1);
293  if ((node = node_get_by_id(id))) {
294  node_get_verbose_nickname(node, elt);
295  } else if (is_legal_nickname(hop->extend_info->nickname)) {
296  elt[0] = '$';
297  base16_encode(elt+1, HEX_DIGEST_LEN+1, id, DIGEST_LEN);
298  elt[HEX_DIGEST_LEN+1]= '~';
299  strlcpy(elt+HEX_DIGEST_LEN+2,
301  } else {
302  elt[0] = '$';
303  base16_encode(elt+1, HEX_DIGEST_LEN+1, id, DIGEST_LEN);
304  }
305  } else { /* ! verbose_names */
306  elt = tor_malloc(HEX_DIGEST_LEN+2);
307  elt[0] = '$';
308  base16_encode(elt+1, HEX_DIGEST_LEN+1, id, DIGEST_LEN);
309  }
310  tor_assert(elt);
311  if (verbose) {
312  tor_assert(hop->state <= 2);
313  smartlist_add_asprintf(elements,"%s(%s)",elt,states[hop->state]);
314  tor_free(elt);
315  } else {
316  smartlist_add(elements, elt);
317  }
318  hop = hop->next;
319  } while (hop != circ->cpath);
320 
321  s = smartlist_join_strings(elements, verbose?" ":",", 0, NULL);
322  SMARTLIST_FOREACH(elements, char*, cp, tor_free(cp));
323  smartlist_free(elements);
324  return s;
325 }
326 
327 /** If <b>verbose</b> is false, allocate and return a comma-separated
328  * list of the currently built elements of <b>circ</b>. If
329  * <b>verbose</b> is true, also list information about link status in
330  * a more verbose format using spaces.
331  */
332 char *
334 {
335  return circuit_list_path_impl(circ, verbose, 0);
336 }
337 
338 /** Allocate and return a comma-separated list of the currently built elements
339  * of <b>circ</b>, giving each as a verbose nickname.
340  */
341 char *
343 {
344  return circuit_list_path_impl(circ, 0, 1);
345 }
346 
347 /** Log, at severity <b>severity</b>, the nicknames of each router in
348  * <b>circ</b>'s cpath. Also log the length of the cpath, and the intended
349  * exit point.
350  */
351 void
352 circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
353 {
354  char *s = circuit_list_path(circ,1);
355  tor_log(severity,domain,"%s",s);
356  tor_free(s);
357 }
358 
359 /** Return 1 iff every node in circ's cpath definitely supports ntor. */
360 static int
362 {
363  crypt_path_t *head, *cpath;
364 
365  cpath = head = circ->cpath;
366  do {
367  /* if the extend_info is missing, we can't tell if it supports ntor */
368  if (!cpath->extend_info) {
369  return 0;
370  }
371 
372  /* if the key is blank, it definitely doesn't support ntor */
373  if (!extend_info_supports_ntor(cpath->extend_info)) {
374  return 0;
375  }
376  cpath = cpath->next;
377  } while (cpath != head);
378 
379  return 1;
380 }
381 
382 /** Pick all the entries in our cpath. Stop and return 0 when we're
383  * happy, or return -1 if an error occurs. */
384 static int
386 {
387  int r = 0;
388 
389  /* onion_extend_cpath assumes these are non-NULL */
390  tor_assert(circ);
391  tor_assert(circ->build_state);
392 
393  while (r == 0) {
394  r = onion_extend_cpath(circ);
395  if (r < 0) {
396  log_info(LD_CIRC,"Generating cpath hop failed.");
397  return -1;
398  }
399  }
400 
401  /* The path is complete */
402  tor_assert(r == 1);
403 
404  /* Does every node in this path support ntor? */
405  int path_supports_ntor = circuit_cpath_supports_ntor(circ);
406 
407  /* We would like every path to support ntor, but we have to allow for some
408  * edge cases. */
410  if (circuit_can_use_tap(circ)) {
411  /* Circuits from clients to intro points, and hidden services to rend
412  * points do not support ntor, because the hidden service protocol does
413  * not include ntor onion keys. This is also true for Single Onion
414  * Services. */
415  return 0;
416  }
417 
418  if (circuit_get_cpath_len(circ) == 1) {
419  /* Allow for bootstrapping: when we're fetching directly from a fallback,
420  * authority, or bridge, we have no way of knowing its ntor onion key
421  * before we connect to it. So instead, we try connecting, and end up using
422  * CREATE_FAST. */
423  tor_assert(circ->cpath);
424  tor_assert(circ->cpath->extend_info);
425  const node_t *node = node_get_by_id(
427  /* If we don't know the node and its descriptor, we must be bootstrapping.
428  */
429  if (!node || !node_has_preferred_descriptor(node, 1)) {
430  return 0;
431  }
432  }
433 
434  if (BUG(!path_supports_ntor)) {
435  /* If we're building a multi-hop path, and it's not one of the HS or
436  * bootstrapping exceptions, and it doesn't support ntor, something has
437  * gone wrong. */
438  return -1;
439  }
440 
441  return 0;
442 }
443 
444 /** Create and return a new origin circuit. Initialize its purpose and
445  * build-state based on our arguments. The <b>flags</b> argument is a
446  * bitfield of CIRCLAUNCH_* flags, see circuit_launch_by_extend_info() for
447  * more details. */
449 origin_circuit_init(uint8_t purpose, int flags)
450 {
451  /* sets circ->p_circ_id and circ->p_chan */
454  circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
455  circ->build_state->onehop_tunnel =
456  ((flags & CIRCLAUNCH_ONEHOP_TUNNEL) ? 1 : 0);
457  circ->build_state->need_uptime =
458  ((flags & CIRCLAUNCH_NEED_UPTIME) ? 1 : 0);
459  circ->build_state->need_capacity =
460  ((flags & CIRCLAUNCH_NEED_CAPACITY) ? 1 : 0);
461  circ->build_state->is_internal =
462  ((flags & CIRCLAUNCH_IS_INTERNAL) ? 1 : 0);
464  ((flags & CIRCLAUNCH_IS_IPV6_SELFTEST) ? 1 : 0);
465  circ->base_.purpose = purpose;
466  return circ;
467 }
468 
469 /** Build a new circuit for <b>purpose</b>. If <b>exit</b> is defined, then use
470  * that as your exit router, else choose a suitable exit node. The <b>flags</b>
471  * argument is a bitfield of CIRCLAUNCH_* flags, see
472  * circuit_launch_by_extend_info() for more details.
473  *
474  * Also launch a connection to the first OR in the chosen path, if
475  * it's not open already.
476  */
478 circuit_establish_circuit(uint8_t purpose, extend_info_t *exit_ei, int flags)
479 {
480  origin_circuit_t *circ;
481  int err_reason = 0;
482  int is_hs_v3_rp_circuit = 0;
483 
484  if (flags & CIRCLAUNCH_IS_V3_RP) {
485  is_hs_v3_rp_circuit = 1;
486  }
487 
488  circ = origin_circuit_init(purpose, flags);
489 
490  if (onion_pick_cpath_exit(circ, exit_ei, is_hs_v3_rp_circuit) < 0 ||
491  onion_populate_cpath(circ) < 0) {
492  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_NOPATH);
493  return NULL;
494  }
495 
496  circuit_event_status(circ, CIRC_EVENT_LAUNCHED, 0);
497 
498  if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
499  circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
500  return NULL;
501  }
502 
503  tor_trace(TR_SUBSYS(circuit), TR_EV(establish), circ);
504  return circ;
505 }
506 
507 /** Return the guard state associated with <b>circ</b>, which may be NULL. */
508 circuit_guard_state_t *
510 {
511  return circ->guard_state;
512 }
513 
514 /**
515  * Helper function to publish a channel association message
516  *
517  * circuit_handle_first_hop() calls this to notify subscribers about a
518  * channel launch event, which associates a circuit with a channel.
519  * This doesn't always correspond to an assignment of the circuit's
520  * n_chan field, because that seems to be only for fully-open
521  * channels.
522  **/
523 static void
525 {
526  ocirc_chan_msg_t *msg = tor_malloc(sizeof(*msg));
527 
528  msg->gid = circ->global_identifier;
529  msg->chan = chan->global_identifier;
530  msg->onehop = circ->build_state->onehop_tunnel;
531 
532  ocirc_chan_publish(msg);
533 }
534 
535 /** Start establishing the first hop of our circuit. Figure out what
536  * OR we should connect to, and if necessary start the connection to
537  * it. If we're already connected, then send the 'create' cell.
538  * Return 0 for ok, -reason if circ should be marked-for-close. */
539 int
541 {
542  crypt_path_t *firsthop;
543  channel_t *n_chan;
544  int err_reason = 0;
545  const char *msg = NULL;
546  int should_launch = 0;
547  const or_options_t *options = get_options();
548 
549  firsthop = cpath_get_next_non_open_hop(circ->cpath);
550  tor_assert(firsthop);
551  tor_assert(firsthop->extend_info);
552 
553  /* Some bridges are on private addresses. Others pass a dummy private
554  * address to the pluggable transport, which ignores it.
555  * Deny the connection if:
556  * - the address is internal, and
557  * - we're not connecting to a configured bridge, and
558  * - we're not configured to allow extends to private addresses. */
561  !options->ExtendAllowPrivateAddresses) {
562  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
563  "Client asked me to connect directly to a private address");
564  return -END_CIRC_REASON_TORPROTOCOL;
565  }
566 
567  /* now see if we're already connected to the first OR in 'route' */
568  const tor_addr_port_t *orport4 =
569  extend_info_get_orport(firsthop->extend_info, AF_INET);
570  const tor_addr_port_t *orport6 =
571  extend_info_get_orport(firsthop->extend_info, AF_INET6);
572  n_chan = channel_get_for_extend(
573  firsthop->extend_info->identity_digest,
574  &firsthop->extend_info->ed_identity,
575  orport4 ? &orport4->addr : NULL,
576  orport6 ? &orport6->addr : NULL,
577  &msg,
578  &should_launch);
579 
580  if (!n_chan) {
581  /* not currently connected in a useful way. */
582  log_info(LD_CIRC, "Next router is %s: %s",
583  safe_str_client(extend_info_describe(firsthop->extend_info)),
584  msg?msg:"???");
585  circ->base_.n_hop = extend_info_dup(firsthop->extend_info);
586 
587  if (should_launch) {
588  n_chan = channel_connect_for_circuit(firsthop->extend_info);
589  if (!n_chan) { /* connect failed, forget the whole thing */
590  log_info(LD_CIRC,"connect to firsthop failed. Closing.");
591  return -END_CIRC_REASON_CONNECTFAILED;
592  }
593  circuit_chan_publish(circ, n_chan);
594  }
595 
596  log_debug(LD_CIRC,"connecting in progress (or finished). Good.");
597  /* return success. The onion/circuit/etc will be taken care of
598  * automatically (may already have been) whenever n_chan reaches
599  * OR_CONN_STATE_OPEN.
600  */
601  return 0;
602  } else { /* it's already open. use it. */
603  tor_assert(!circ->base_.n_hop);
604  circ->base_.n_chan = n_chan;
605  circuit_chan_publish(circ, n_chan);
606  log_debug(LD_CIRC,"Conn open for %s. Delivering first onion skin.",
607  safe_str_client(extend_info_describe(firsthop->extend_info)));
608  if ((err_reason = circuit_send_next_onion_skin(circ)) < 0) {
609  log_info(LD_CIRC,"circuit_send_next_onion_skin failed.");
610  circ->base_.n_chan = NULL;
611  return err_reason;
612  }
613  }
614  return 0;
615 }
616 
617 /** Find any circuits that are waiting on <b>or_conn</b> to become
618  * open and get them to send their create cells forward.
619  *
620  * Status is 1 if connect succeeded, or 0 if connect failed.
621  *
622  * Close_origin_circuits is 1 if we should close all the origin circuits
623  * through this channel, or 0 otherwise. (This happens when we want to retry
624  * an older guard.)
625  */
626 void
627 circuit_n_chan_done(channel_t *chan, int status, int close_origin_circuits)
628 {
629  smartlist_t *pending_circs;
630  int err_reason = 0;
631 
632  tor_assert(chan);
633 
634  log_debug(LD_CIRC,"chan to %s, status=%d",
635  channel_describe_peer(chan), status);
636 
637  pending_circs = smartlist_new();
638  circuit_get_all_pending_on_channel(pending_circs, chan);
639 
640  SMARTLIST_FOREACH_BEGIN(pending_circs, circuit_t *, circ)
641  {
642  /* These checks are redundant wrt get_all_pending_on_or_conn, but I'm
643  * leaving them in in case it's possible for the status of a circuit to
644  * change as we're going down the list. */
645  if (circ->marked_for_close || circ->n_chan || !circ->n_hop ||
646  circ->state != CIRCUIT_STATE_CHAN_WAIT)
647  continue;
648 
649  if (tor_digest_is_zero(circ->n_hop->identity_digest)) {
650  /* Look at addr/port. This is an unkeyed connection. */
651  if (!channel_matches_extend_info(chan, circ->n_hop))
652  continue;
653  } else {
654  /* We expected a key. See if it's the right one. */
655  if (tor_memneq(chan->identity_digest,
656  circ->n_hop->identity_digest, DIGEST_LEN))
657  continue;
658  }
659  if (!status) { /* chan failed; close circ */
660  log_info(LD_CIRC,"Channel failed; closing circ.");
661  circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED);
662  continue;
663  }
664  if (close_origin_circuits && CIRCUIT_IS_ORIGIN(circ)) {
665  log_info(LD_CIRC,"Channel deprecated for origin circs; closing circ.");
666  circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED);
667  continue;
668  }
669  log_debug(LD_CIRC, "Found circ, sending create cell.");
670  /* circuit_deliver_create_cell will set n_circ_id and add us to
671  * chan_circuid_circuit_map, so we don't need to call
672  * set_circid_chan here. */
673  circ->n_chan = chan;
674  extend_info_free(circ->n_hop);
675  circ->n_hop = NULL;
676 
677  if (CIRCUIT_IS_ORIGIN(circ)) {
678  if ((err_reason =
680  log_info(LD_CIRC,
681  "send_next_onion_skin failed; circuit marked for closing.");
682  circuit_mark_for_close(circ, -err_reason);
683  continue;
684  /* XXX could this be bad, eg if next_onion_skin failed because conn
685  * died? */
686  }
687  } else {
688  /* pull the create cell out of circ->n_chan_create_cell, and send it */
689  tor_assert(circ->n_chan_create_cell);
690  if (circuit_deliver_create_cell(circ, circ->n_chan_create_cell, 1)<0) {
691  circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
692  continue;
693  }
694  tor_free(circ->n_chan_create_cell);
696  }
697  }
698  SMARTLIST_FOREACH_END(circ);
699 
700  smartlist_free(pending_circs);
701 }
702 
703 /** Find a new circid that isn't currently in use on the circ->n_chan
704  * for the outgoing
705  * circuit <b>circ</b>, and deliver the cell <b>create_cell</b> to this
706  * circuit. If <b>relayed</b> is true, this is a create cell somebody
707  * gave us via an EXTEND cell, so we shouldn't worry if we don't understand
708  * it. Return -1 if we failed to find a suitable circid, else return 0.
709  */
710 MOCK_IMPL(int,
712  const struct create_cell_t *create_cell,
713  int relayed))
714 {
715  cell_t cell;
716  circid_t id;
717  int r;
718 
719  tor_assert(circ);
720  tor_assert(circ->n_chan);
721  tor_assert(create_cell);
722  tor_assert(create_cell->cell_type == CELL_CREATE ||
723  create_cell->cell_type == CELL_CREATE_FAST ||
724  create_cell->cell_type == CELL_CREATE2);
725 
727  if (!id) {
728  static ratelim_t circid_warning_limit = RATELIM_INIT(9600);
729  log_fn_ratelim(&circid_warning_limit, LOG_WARN, LD_CIRC,
730  "failed to get unique circID.");
731  goto error;
732  }
733 
734  tor_assert_nonfatal_once(circ->n_chan->is_canonical);
735 
736  memset(&cell, 0, sizeof(cell_t));
737  r = relayed ? create_cell_format_relayed(&cell, create_cell)
738  : create_cell_format(&cell, create_cell);
739  if (r < 0) {
740  log_warn(LD_CIRC,"Couldn't format create cell");
741  goto error;
742  }
743  log_debug(LD_CIRC,"Chosen circID %u.", (unsigned)id);
744  circuit_set_n_circid_chan(circ, id, circ->n_chan);
745  cell.circ_id = circ->n_circ_id;
746 
747  append_cell_to_circuit_queue(circ, circ->n_chan, &cell,
748  CELL_DIRECTION_OUT, 0);
749 
750  if (CIRCUIT_IS_ORIGIN(circ)) {
751  /* Update began timestamp for circuits starting their first hop */
752  if (TO_ORIGIN_CIRCUIT(circ)->cpath->state == CPATH_STATE_CLOSED) {
753  if (!CHANNEL_IS_OPEN(circ->n_chan)) {
754  log_warn(LD_CIRC,
755  "Got first hop for a circuit without an opened channel. "
756  "State: %s.", channel_state_to_string(circ->n_chan->state));
758  }
759 
761  }
762 
763  /* mark it so it gets better rate limiting treatment. */
765  }
766 
767  return 0;
768  error:
769  circ->n_chan = NULL;
770  return -1;
771 }
772 
773 /** Return true iff we should send a create_fast cell to start building a
774  * given circuit */
775 static inline bool
777 {
778  tor_assert(circ->cpath);
779  tor_assert(circ->cpath->extend_info);
780 
781  return ! circuit_has_usable_onion_key(circ);
782 }
783 
784 /**
785  * Return true if <b>circ</b> is the type of circuit we want to count
786  * timeouts from.
787  *
788  * In particular, we want to consider any circuit that plans to build
789  * at least 3 hops (but maybe more), but has 3 or fewer hops built
790  * so far.
791  *
792  * We still want to consider circuits before 3 hops, because we need
793  * to decide if we should convert them to a measurement circuit in
794  * circuit_build_times_handle_completed_hop(), rather than letting
795  * slow circuits get killed right away.
796  */
797 int
799 {
800  return !circ->has_opened
803 }
804 
805 /** Decide whether to use a TAP or ntor handshake for connecting to <b>ei</b>
806  * directly, and set *<b>cell_type_out</b> and *<b>handshake_type_out</b>
807  * accordingly.
808  * Note that TAP handshakes in CREATE cells are only used for direct
809  * connections:
810  * - from Single Onions to rend points not in the service's consensus.
811  * This is checked in onion_populate_cpath. */
812 static void
813 circuit_pick_create_handshake(uint8_t *cell_type_out,
814  uint16_t *handshake_type_out,
815  const extend_info_t *ei)
816 {
817  /* torspec says: In general, clients SHOULD use CREATE whenever they are
818  * using the TAP handshake, and CREATE2 otherwise. */
819  if (extend_info_supports_ntor(ei)) {
820  *cell_type_out = CELL_CREATE2;
821  *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR;
822  } else {
823  /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
824  *cell_type_out = CELL_CREATE;
825  *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP;
826  }
827 }
828 
829 /** Decide whether to use a TAP or ntor handshake for extending to <b>ei</b>
830  * and set *<b>handshake_type_out</b> accordingly. Decide whether we should
831  * use an EXTEND2 or an EXTEND cell to do so, and set *<b>cell_type_out</b>
832  * and *<b>create_cell_type_out</b> accordingly.
833  * Note that TAP handshakes in EXTEND cells are only used:
834  * - from clients to intro points, and
835  * - from hidden services to rend points.
836  * This is checked in onion_populate_cpath.
837  */
838 static void
839 circuit_pick_extend_handshake(uint8_t *cell_type_out,
840  uint8_t *create_cell_type_out,
841  uint16_t *handshake_type_out,
842  const extend_info_t *ei)
843 {
844  uint8_t t;
845  circuit_pick_create_handshake(&t, handshake_type_out, ei);
846 
847  /* torspec says: Clients SHOULD use the EXTEND format whenever sending a TAP
848  * handshake... In other cases, clients SHOULD use EXTEND2. */
849  if (*handshake_type_out != ONION_HANDSHAKE_TYPE_TAP) {
850  *cell_type_out = RELAY_COMMAND_EXTEND2;
851  *create_cell_type_out = CELL_CREATE2;
852  } else {
853  /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
854  *cell_type_out = RELAY_COMMAND_EXTEND;
855  *create_cell_type_out = CELL_CREATE;
856  }
857 }
858 
859 /**
860  * Return true iff <b>purpose</b> is a purpose for a circuit which is
861  * allowed to have no guard configured, even if the circuit is multihop
862  * and guards are enabled.
863  */
864 static int
866 {
867  switch (purpose) {
870  /* Testing circuits may omit guards because they're measuring
871  * liveness or performance, and don't want guards to interfere. */
872  return 1;
873  default:
874  /* All other multihop circuits should use guards if guards are
875  * enabled. */
876  return 0;
877  }
878 }
879 
880 /** This is the backbone function for building circuits.
881  *
882  * If circ's first hop is closed, then we need to build a create
883  * cell and send it forward.
884  *
885  * Otherwise, if circ's cpath still has any non-open hops, we need to
886  * build a relay extend cell and send it forward to the next non-open hop.
887  *
888  * If all hops on the cpath are open, we're done building the circuit
889  * and we should do housekeeping for the newly opened circuit.
890  *
891  * Return -reason if we want to tear down circ, else return 0.
892  */
893 int
895 {
896  tor_assert(circ);
897 
898  if (circ->cpath->state == CPATH_STATE_CLOSED) {
899  /* Case one: we're on the first hop. */
900  return circuit_send_first_onion_skin(circ);
901  }
902 
903  tor_assert(circ->cpath->state == CPATH_STATE_OPEN);
904  tor_assert(circ->base_.state == CIRCUIT_STATE_BUILDING);
905 
908 
910 
911  if (hop) {
912  /* Case two: we're on a hop after the first. */
913  return circuit_send_intermediate_onion_skin(circ, hop);
914  }
915 
916  /* Case three: the circuit is finished. Do housekeeping tasks on it. */
918  return circuit_build_no_more_hops(circ);
919 }
920 
921 /**
922  * Called from circuit_send_next_onion_skin() when we find ourselves connected
923  * to the first hop in <b>circ</b>: Send a CREATE or CREATE2 or CREATE_FAST
924  * cell to that hop. Return 0 on success; -reason on failure (if the circuit
925  * should be torn down).
926  */
927 static int
929 {
930  int fast;
931  int len;
932  const node_t *node;
933  create_cell_t cc;
934  memset(&cc, 0, sizeof(cc));
935 
936  log_debug(LD_CIRC,"First skin; sending create cell.");
937 
938  if (circ->build_state->onehop_tunnel) {
939  control_event_bootstrap(BOOTSTRAP_STATUS_ONEHOP_CREATE, 0);
940  } else {
941  control_event_bootstrap(BOOTSTRAP_STATUS_CIRCUIT_CREATE, 0);
942 
943  /* If this is not a one-hop tunnel, the channel is being used
944  * for traffic that wants anonymity and protection from traffic
945  * analysis (such as netflow record retention). That means we want
946  * to pad it.
947  */
948  if (circ->base_.n_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS)
949  circ->base_.n_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
950  }
951 
952  node = node_get_by_id(circ->base_.n_chan->identity_digest);
954  if (!fast) {
955  /* We know the right onion key: we should send a create cell. */
957  circ->cpath->extend_info);
958  } else {
959  /* We don't know an onion key, so we need to fall back to CREATE_FAST. */
960  cc.cell_type = CELL_CREATE_FAST;
961  cc.handshake_type = ONION_HANDSHAKE_TYPE_FAST;
962  }
963 
965  circ->cpath->extend_info,
966  &circ->cpath->handshake_state,
967  cc.onionskin);
968  if (len < 0) {
969  log_warn(LD_CIRC,"onion_skin_create (first hop) failed.");
970  return - END_CIRC_REASON_INTERNAL;
971  }
972  cc.handshake_len = len;
973 
974  if (circuit_deliver_create_cell(TO_CIRCUIT(circ), &cc, 0) < 0)
975  return - END_CIRC_REASON_RESOURCELIMIT;
976  tor_trace(TR_SUBSYS(circuit), TR_EV(first_onion_skin), circ, circ->cpath);
977 
978  circ->cpath->state = CPATH_STATE_AWAITING_KEYS;
980  log_info(LD_CIRC,"First hop: finished sending %s cell to '%s'",
981  fast ? "CREATE_FAST" : "CREATE",
982  node ? node_describe(node) : "<unnamed>");
983  return 0;
984 }
985 
986 /**
987  * Called from circuit_send_next_onion_skin() when we find that we have no
988  * more hops: mark the circuit as finished, and perform the necessary
989  * bookkeeping. Return 0 on success; -reason on failure (if the circuit
990  * should be torn down).
991  */
992 static int
994 {
995  guard_usable_t r;
996  if (! circ->guard_state) {
997  if (circuit_get_cpath_len(circ) != 1 &&
998  ! circuit_purpose_may_omit_guard(circ->base_.purpose) &&
999  get_options()->UseEntryGuards) {
1000  log_warn(LD_BUG, "%d-hop circuit %p with purpose %d has no "
1001  "guard state",
1002  circuit_get_cpath_len(circ), circ, circ->base_.purpose);
1003  }
1004  r = GUARD_USABLE_NOW;
1005  } else {
1006  r = entry_guard_succeeded(&circ->guard_state);
1007  }
1008  const int is_usable_for_streams = (r == GUARD_USABLE_NOW);
1009  if (r == GUARD_USABLE_NOW) {
1011  } else if (r == GUARD_MAYBE_USABLE_LATER) {
1012  // Wait till either a better guard succeeds, or till
1013  // all better guards fail.
1015  } else {
1016  tor_assert_nonfatal(r == GUARD_USABLE_NEVER);
1017  return - END_CIRC_REASON_INTERNAL;
1018  }
1019 
1020  /* XXXX #21422 -- the rest of this branch needs careful thought!
1021  * Some of the things here need to happen when a circuit becomes
1022  * mechanically open; some need to happen when it is actually usable.
1023  * I think I got them right, but more checking would be wise. -NM
1024  */
1025 
1026  log_info(LD_CIRC,"circuit built!");
1028 
1029  if (circ->build_state->onehop_tunnel || circ->has_opened) {
1030  control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_STATUS, 0);
1031  }
1032 
1034  if (is_usable_for_streams)
1035  circuit_has_opened(circ); /* do other actions as necessary */
1036 
1038  const or_options_t *options = get_options();
1040  /* FFFF Log a count of known routers here */
1041  log_info(LD_GENERAL,
1042  "Tor has successfully opened a circuit. "
1043  "Looks like client functionality is working.");
1044  control_event_bootstrap(BOOTSTRAP_STATUS_DONE, 0);
1045  control_event_client_status(LOG_NOTICE, "CIRCUIT_ESTABLISHED");
1047  if (server_mode(options) &&
1048  !router_all_orports_seem_reachable(options)) {
1050  }
1051  }
1052 
1053  /* We're done with measurement circuits here. Just close them */
1054  if (circ->base_.purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT) {
1055  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
1056  }
1057  return 0;
1058 }
1059 
1060 /**
1061  * Called from circuit_send_next_onion_skin() when we find that we have a hop
1062  * other than the first that we need to extend to: use <b>hop</b>'s
1063  * information to extend the circuit another step. Return 0 on success;
1064  * -reason on failure (if the circuit should be torn down).
1065  */
1066 static int
1068  crypt_path_t *hop)
1069 {
1070  int len;
1071  extend_cell_t ec;
1072  /* Relays and bridges can send IPv6 extends. But for clients, it's an
1073  * obvious version distinguisher. */
1074  const bool include_ipv6 = server_mode(get_options());
1075  memset(&ec, 0, sizeof(ec));
1078 
1079  log_debug(LD_CIRC,"starting to send subsequent skin.");
1080 
1082  &ec.create_cell.cell_type,
1084  hop->extend_info);
1085 
1086  const tor_addr_port_t *orport4 =
1087  extend_info_get_orport(hop->extend_info, AF_INET);
1088  const tor_addr_port_t *orport6 =
1089  extend_info_get_orport(hop->extend_info, AF_INET6);
1090  int n_addrs_set = 0;
1091  if (orport4) {
1092  tor_addr_copy(&ec.orport_ipv4.addr, &orport4->addr);
1093  ec.orport_ipv4.port = orport4->port;
1094  ++n_addrs_set;
1095  }
1096  if (orport6 && include_ipv6) {
1097  tor_addr_copy(&ec.orport_ipv6.addr, &orport6->addr);
1098  ec.orport_ipv6.port = orport6->port;
1099  ++n_addrs_set;
1100  }
1101 
1102  if (n_addrs_set == 0) {
1103  log_warn(LD_BUG, "No supported address family found in extend_info.");
1104  return - END_CIRC_REASON_INTERNAL;
1105  }
1106  memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN);
1107  /* Set the ED25519 identity too -- it will only get included
1108  * in the extend2 cell if we're configured to use it, though. */
1110 
1112  hop->extend_info,
1113  &hop->handshake_state,
1114  ec.create_cell.onionskin);
1115  if (len < 0) {
1116  log_warn(LD_CIRC,"onion_skin_create failed.");
1117  return - END_CIRC_REASON_INTERNAL;
1118  }
1119  ec.create_cell.handshake_len = len;
1120 
1121  log_info(LD_CIRC,"Sending extend relay cell.");
1122  {
1123  uint8_t command = 0;
1124  uint16_t payload_len=0;
1125  uint8_t payload[RELAY_PAYLOAD_SIZE];
1126  if (extend_cell_format(&command, &payload_len, payload, &ec)<0) {
1127  log_warn(LD_CIRC,"Couldn't format extend cell");
1128  return -END_CIRC_REASON_INTERNAL;
1129  }
1130 
1131  /* send it to hop->prev, because that relay will transfer
1132  * it to a create cell and then send to hop */
1133  if (relay_send_command_from_edge(0, TO_CIRCUIT(circ),
1134  command,
1135  (char*)payload, payload_len,
1136  hop->prev) < 0)
1137  return 0; /* circuit is closed */
1138  }
1139  hop->state = CPATH_STATE_AWAITING_KEYS;
1140  tor_trace(TR_SUBSYS(circuit), TR_EV(intermediate_onion_skin), circ, hop);
1141  return 0;
1142 }
1143 
1144 /** Our clock just jumped by <b>seconds_elapsed</b>. If <b>was_idle</b> is
1145  * true, then the monotonic time matches; otherwise it doesn't. Assume
1146  * something has also gone wrong with our network: notify the user, and
1147  * abandon all not-yet-used circuits. */
1148 void
1149 circuit_note_clock_jumped(int64_t seconds_elapsed, bool was_idle)
1150 {
1151  int severity = server_mode(get_options()) ? LOG_WARN : LOG_NOTICE;
1152  if (was_idle) {
1153  tor_log(severity, LD_GENERAL, "Tor has been idle for %"PRId64
1154  " seconds; assuming established circuits no longer work.",
1155  (seconds_elapsed));
1156  } else {
1157  tor_log(severity, LD_GENERAL,
1158  "Your system clock just jumped %"PRId64" seconds %s; "
1159  "assuming established circuits no longer work.",
1160  (
1161  seconds_elapsed >=0 ? seconds_elapsed : -seconds_elapsed),
1162  seconds_elapsed >=0 ? "forward" : "backward");
1163  }
1164  control_event_general_status(LOG_WARN, "CLOCK_JUMPED TIME=%"PRId64
1165  " IDLE=%d",
1166  (seconds_elapsed), was_idle?1:0);
1167  /* so we log when it works again */
1169  control_event_client_status(severity, "CIRCUIT_NOT_ESTABLISHED REASON=%s",
1170  "CLOCK_JUMPED");
1173  if (seconds_elapsed < 0) {
1174  /* Restart all the timers in case we jumped a long way into the past. */
1176  }
1177 }
1178 
1179 /** A "created" cell <b>reply</b> came back to us on circuit <b>circ</b>.
1180  * (The body of <b>reply</b> varies depending on what sort of handshake
1181  * this is.)
1182  *
1183  * Calculate the appropriate keys and digests, make sure KH is
1184  * correct, and initialize this hop of the cpath.
1185  *
1186  * Return - reason if we want to mark circ for close, else return 0.
1187  */
1188 int
1190  const created_cell_t *reply)
1191 {
1192  char keys[CPATH_KEY_MATERIAL_LEN];
1193  crypt_path_t *hop;
1194  int rv;
1195 
1196  if ((rv = pathbias_count_build_attempt(circ)) < 0) {
1197  log_warn(LD_CIRC, "pathbias_count_build_attempt failed: %d", rv);
1198  return rv;
1199  }
1200 
1201  if (circ->cpath->state == CPATH_STATE_AWAITING_KEYS) {
1202  hop = circ->cpath;
1203  } else {
1204  hop = cpath_get_next_non_open_hop(circ->cpath);
1205  if (!hop) { /* got an extended when we're all done? */
1206  log_warn(LD_PROTOCOL,"got extended when circ already built? Closing.");
1207  return - END_CIRC_REASON_TORPROTOCOL;
1208  }
1209  }
1210  tor_assert(hop->state == CPATH_STATE_AWAITING_KEYS);
1211 
1212  {
1213  const char *msg = NULL;
1215  &hop->handshake_state,
1216  reply->reply, reply->handshake_len,
1217  (uint8_t*)keys, sizeof(keys),
1218  (uint8_t*)hop->rend_circ_nonce,
1219  &msg) < 0) {
1220  if (msg)
1221  log_warn(LD_CIRC,"onion_skin_client_handshake failed: %s", msg);
1222  return -END_CIRC_REASON_TORPROTOCOL;
1223  }
1224  }
1225 
1227 
1228  if (cpath_init_circuit_crypto(hop, keys, sizeof(keys), 0, 0)<0) {
1229  return -END_CIRC_REASON_TORPROTOCOL;
1230  }
1231 
1232  hop->state = CPATH_STATE_OPEN;
1233  log_info(LD_CIRC,"Finished building circuit hop:");
1235  circuit_event_status(circ, CIRC_EVENT_EXTENDED, 0);
1236 
1237  return 0;
1238 }
1239 
1240 /** We received a relay truncated cell on circ.
1241  *
1242  * Since we don't send truncates currently, getting a truncated
1243  * means that a connection broke or an extend failed. For now,
1244  * just give up: force circ to close, and return 0.
1245  */
1246 int
1248 {
1249 // crypt_path_t *victim;
1250 // connection_t *stream;
1251 
1252  tor_assert(circ);
1253 
1254  /* XXX Since we don't send truncates currently, getting a truncated
1255  * means that a connection broke or an extend failed. For now,
1256  * just give up.
1257  */
1258  circuit_mark_for_close(TO_CIRCUIT(circ),
1260  return 0;
1261 
1262 #if 0
1263  while (layer->next != circ->cpath) {
1264  /* we need to clear out layer->next */
1265  victim = layer->next;
1266  log_debug(LD_CIRC, "Killing a layer of the cpath.");
1267 
1268  for (stream = circ->p_streams; stream; stream=stream->next_stream) {
1269  if (stream->cpath_layer == victim) {
1270  log_info(LD_APP, "Marking stream %d for close because of truncate.",
1271  stream->stream_id);
1272  /* no need to send 'end' relay cells,
1273  * because the other side's already dead
1274  */
1275  connection_mark_unattached_ap(stream, END_STREAM_REASON_DESTROY);
1276  }
1277  }
1278 
1279  layer->next = victim->next;
1280  cpath_free(victim);
1281  }
1282 
1283  log_info(LD_CIRC, "finished");
1284  return 0;
1285 #endif /* 0 */
1286 }
1287 
1288 /** Helper for new_route_len(). Choose a circuit length for purpose
1289  * <b>purpose</b>: DEFAULT_ROUTE_LEN (+ 1 if someone else chose the
1290  * exit). If someone else chose the exit, they could be colluding
1291  * with the exit, so add a randomly selected node to preserve
1292  * anonymity.
1293  *
1294  * Here, "exit node" sometimes means an OR acting as an internal
1295  * endpoint, rather than as a relay to an external endpoint. This
1296  * means there need to be at least DEFAULT_ROUTE_LEN routers between
1297  * us and the internal endpoint to preserve the same anonymity
1298  * properties that we would get when connecting to an external
1299  * endpoint. These internal endpoints can include:
1300  *
1301  * - Connections to a directory of hidden services
1302  * (CIRCUIT_PURPOSE_C_GENERAL)
1303  *
1304  * - A client connecting to an introduction point, which the hidden
1305  * service picked (CIRCUIT_PURPOSE_C_INTRODUCING, via
1306  * circuit_get_open_circ_or_launch() which rewrites it from
1307  * CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
1308  *
1309  * - A hidden service connecting to a rendezvous point, which the
1310  * client picked (CIRCUIT_PURPOSE_S_CONNECT_REND, via
1311  * rend_service_receive_introduction() and
1312  * rend_service_relaunch_rendezvous)
1313  *
1314  * There are currently two situations where we picked the exit node
1315  * ourselves, making DEFAULT_ROUTE_LEN a safe circuit length:
1316  *
1317  * - We are a hidden service connecting to an introduction point
1318  * (CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, via
1319  * rend_service_launch_establish_intro())
1320  *
1321  * - We are a router testing its own reachabiity
1322  * (CIRCUIT_PURPOSE_TESTING, via router_do_reachability_checks())
1323  *
1324  * onion_pick_cpath_exit() bypasses us (by not calling
1325  * new_route_len()) in the one-hop tunnel case, so we don't need to
1326  * handle that.
1327  */
1328 int
1329 route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
1330 {
1331  int routelen = DEFAULT_ROUTE_LEN;
1332  int known_purpose = 0;
1333 
1334  if (circuit_should_use_vanguards(purpose)) {
1335  /* Clients want an extra hop for rends to avoid linkability.
1336  * Services want it for intro points to avoid publishing their
1337  * layer3 guards. They want it for hsdir posts to use
1338  * their full layer3 guard set for those connections.
1339  * Ex: C - G - L2 - L3 - R
1340  * S - G - L2 - L3 - HSDIR
1341  * S - G - L2 - L3 - I
1342  */
1343  if (purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND ||
1344  purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
1345  purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
1347  return routelen+1;
1348 
1349  /* If we only have Layer2 vanguards, then we do not need
1350  * the extra hop for linkabilty reasons (see below).
1351  * This means all hops can be of the form:
1352  * S/C - G - L2 - M - R/HSDir/I
1353  */
1354  if (get_options()->HSLayer2Nodes && !get_options()->HSLayer3Nodes)
1355  return routelen+1;
1356 
1357  /* For connections to hsdirs, clients want two extra hops
1358  * when using layer3 guards, to avoid linkability.
1359  * Same goes for intro points. Note that the route len
1360  * includes the intro point or hsdir, hence the +2.
1361  * Ex: C - G - L2 - L3 - M - I
1362  * C - G - L2 - L3 - M - HSDIR
1363  * S - G - L2 - L3 - M - R
1364  */
1365  if (purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
1366  purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
1367  purpose == CIRCUIT_PURPOSE_C_INTRODUCING)
1368  return routelen+2;
1369  }
1370 
1371  if (!exit_ei)
1372  return routelen;
1373 
1374  switch (purpose) {
1375  /* These two purposes connect to a router that we chose, so
1376  * DEFAULT_ROUTE_LEN is safe. */
1378  /* hidden service connecting to introduction point */
1380  /* router reachability testing */
1381  known_purpose = 1;
1382  break;
1383 
1384  /* These three purposes connect to a router that someone else
1385  * might have chosen, so add an extra hop to protect anonymity. */
1389  /* connecting to hidden service directory */
1391  /* client connecting to introduction point */
1393  /* hidden service connecting to rendezvous point */
1394  known_purpose = 1;
1395  routelen++;
1396  break;
1397 
1398  default:
1399  /* Got a purpose not listed above along with a chosen exit.
1400  * Increase the circuit length by one anyway for safety. */
1401  routelen++;
1402  break;
1403  }
1404 
1405  if (BUG(exit_ei && !known_purpose)) {
1406  log_warn(LD_BUG, "Unhandled purpose %d with a chosen exit; "
1407  "assuming routelen %d.", purpose, routelen);
1408  }
1409  return routelen;
1410 }
1411 
1412 /** Choose a length for a circuit of purpose <b>purpose</b> and check
1413  * if enough routers are available.
1414  *
1415  * If the routerlist <b>nodes</b> doesn't have enough routers
1416  * to handle the desired path length, return -1.
1417  */
1418 STATIC int
1419 new_route_len(uint8_t purpose, extend_info_t *exit_ei,
1420  const smartlist_t *nodes)
1421 {
1422  int routelen;
1423 
1424  tor_assert(nodes);
1425 
1426  routelen = route_len_for_purpose(purpose, exit_ei);
1427 
1428  int num_acceptable_direct = count_acceptable_nodes(nodes, 1);
1429  int num_acceptable_indirect = count_acceptable_nodes(nodes, 0);
1430 
1431  log_debug(LD_CIRC,"Chosen route length %d (%d direct and %d indirect "
1432  "routers suitable).", routelen, num_acceptable_direct,
1433  num_acceptable_indirect);
1434 
1435  if (num_acceptable_direct < 1 || num_acceptable_indirect < routelen - 1) {
1436  log_info(LD_CIRC,
1437  "Not enough acceptable routers (%d/%d direct and %d/%d "
1438  "indirect routers suitable). Discarding this circuit.",
1439  num_acceptable_direct, routelen,
1440  num_acceptable_indirect, routelen);
1441  return -1;
1442  }
1443 
1444  return routelen;
1445 }
1446 
1447 /** Return a newly allocated list of uint16_t * for each predicted port not
1448  * handled by a current circuit. */
1449 static smartlist_t *
1451 {
1454  return dest;
1455 }
1456 
1457 /** Return 1 if we already have circuits present or on the way for
1458  * all anticipated ports. Return 0 if we should make more.
1459  *
1460  * If we're returning 0, set need_uptime and need_capacity to
1461  * indicate any requirements that the unhandled ports have.
1462  */
1463 MOCK_IMPL(int,
1464 circuit_all_predicted_ports_handled, (time_t now, int *need_uptime,
1465  int *need_capacity))
1466 {
1467  int i, enough;
1468  uint16_t *port;
1470  smartlist_t *LongLivedServices = get_options()->LongLivedPorts;
1471  tor_assert(need_uptime);
1472  tor_assert(need_capacity);
1473  // Always predict need_capacity
1474  *need_capacity = 1;
1475  enough = (smartlist_len(sl) == 0);
1476  for (i = 0; i < smartlist_len(sl); ++i) {
1477  port = smartlist_get(sl, i);
1478  if (smartlist_contains_int_as_string(LongLivedServices, *port))
1479  *need_uptime = 1;
1480  tor_free(port);
1481  }
1482  smartlist_free(sl);
1483  return enough;
1484 }
1485 
1486 /** Return 1 if <b>node</b> can handle one or more of the ports in
1487  * <b>needed_ports</b>, else return 0.
1488  */
1489 static int
1490 node_handles_some_port(const node_t *node, smartlist_t *needed_ports)
1491 { /* XXXX MOVE */
1492  int i;
1493  uint16_t port;
1494 
1495  for (i = 0; i < smartlist_len(needed_ports); ++i) {
1497  /* alignment issues aren't a worry for this dereference, since
1498  needed_ports is explicitly a smartlist of uint16_t's */
1499  port = *(uint16_t *)smartlist_get(needed_ports, i);
1500  tor_assert(port);
1501  if (node)
1502  r = compare_tor_addr_to_node_policy(NULL, port, node);
1503  else
1504  continue;
1506  return 1;
1507  }
1508  return 0;
1509 }
1510 
1511 /** Return true iff <b>conn</b> needs another general circuit to be
1512  * built. */
1513 static int
1515 {
1516  entry_connection_t *entry;
1517  if (conn->type != CONN_TYPE_AP)
1518  return 0;
1519  entry = TO_ENTRY_CONN(conn);
1520 
1521  if (conn->state == AP_CONN_STATE_CIRCUIT_WAIT &&
1522  !conn->marked_for_close &&
1523  !(entry->want_onehop) && /* ignore one-hop streams */
1524  !(entry->use_begindir) && /* ignore targeted dir fetches */
1525  !(entry->chosen_exit_name) && /* ignore defined streams */
1529  return 1;
1530  return 0;
1531 }
1532 
1533 /** Return a pointer to a suitable router to be the exit node for the
1534  * general-purpose circuit we're about to build.
1535  *
1536  * Look through the connection array, and choose a router that maximizes
1537  * the number of pending streams that can exit from this router.
1538  *
1539  * Return NULL if we can't find any suitable routers.
1540  */
1541 static const node_t *
1543 {
1544  int *n_supported;
1545  int n_pending_connections = 0;
1546  smartlist_t *connections;
1547  int best_support = -1;
1548  int n_best_support=0;
1549  const or_options_t *options = get_options();
1550  const smartlist_t *the_nodes;
1551  const node_t *selected_node=NULL;
1552  const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1553  const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1554 
1555  /* We should not require guard flags on exits. */
1556  IF_BUG_ONCE(flags & CRN_NEED_GUARD)
1557  return NULL;
1558 
1559  /* We reject single-hop exits for all node positions. */
1560  IF_BUG_ONCE(flags & CRN_DIRECT_CONN)
1561  return NULL;
1562 
1563  /* This isn't the function for picking rendezvous nodes. */
1564  IF_BUG_ONCE(flags & CRN_RENDEZVOUS_V3)
1565  return NULL;
1566 
1567  /* We only want exits to extend if we cannibalize the circuit.
1568  * But we don't require IPv6 extends yet. */
1569  IF_BUG_ONCE(flags & CRN_INITIATE_IPV6_EXTEND)
1570  return NULL;
1571 
1572  connections = get_connection_array();
1573 
1574  /* Count how many connections are waiting for a circuit to be built.
1575  * We use this for log messages now, but in the future we may depend on it.
1576  */
1577  SMARTLIST_FOREACH(connections, connection_t *, conn,
1578  {
1580  ++n_pending_connections;
1581  });
1582 // log_fn(LOG_DEBUG, "Choosing exit node; %d connections are pending",
1583 // n_pending_connections);
1584  /* Now we count, for each of the routers in the directory, how many
1585  * of the pending connections could possibly exit from that
1586  * router (n_supported[i]). (We can't be sure about cases where we
1587  * don't know the IP address of the pending connection.)
1588  *
1589  * -1 means "Don't use this router at all."
1590  */
1591  the_nodes = nodelist_get_list();
1592  n_supported = tor_calloc(smartlist_len(the_nodes), sizeof(int));
1593  SMARTLIST_FOREACH_BEGIN(the_nodes, const node_t *, node) {
1594  const int i = node_sl_idx;
1595  if (router_digest_is_me(node->identity)) {
1596  n_supported[i] = -1;
1597 // log_fn(LOG_DEBUG,"Skipping node %s -- it's me.", router->nickname);
1598  /* XXX there's probably a reverse predecessor attack here, but
1599  * it's slow. should we take this out? -RD
1600  */
1601  continue;
1602  }
1603  if (!router_can_choose_node(node, flags)) {
1604  n_supported[i] = -1;
1605  continue;
1606  }
1607  if (node->is_bad_exit) {
1608  n_supported[i] = -1;
1609  continue; /* skip routers that are known to be down or bad exits */
1610  }
1611  if (routerset_contains_node(options->ExcludeExitNodesUnion_, node)) {
1612  n_supported[i] = -1;
1613  continue; /* user asked us not to use it, no matter what */
1614  }
1615  if (options->ExitNodes &&
1616  !routerset_contains_node(options->ExitNodes, node)) {
1617  n_supported[i] = -1;
1618  continue; /* not one of our chosen exit nodes */
1619  }
1620  if (node_exit_policy_rejects_all(node)) {
1621  n_supported[i] = -1;
1622 // log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it rejects all.",
1623 // router->nickname, i);
1624  continue; /* skip routers that reject all */
1625  }
1626  n_supported[i] = 0;
1627  /* iterate over connections */
1628  SMARTLIST_FOREACH_BEGIN(connections, connection_t *, conn) {
1629  if (!ap_stream_wants_exit_attention(conn))
1630  continue; /* Skip everything but APs in CIRCUIT_WAIT */
1631  if (connection_ap_can_use_exit(TO_ENTRY_CONN(conn), node)) {
1632  ++n_supported[i];
1633 // log_fn(LOG_DEBUG,"%s is supported. n_supported[%d] now %d.",
1634 // router->nickname, i, n_supported[i]);
1635  } else {
1636 // log_fn(LOG_DEBUG,"%s (index %d) would reject this stream.",
1637 // router->nickname, i);
1638  }
1639  } SMARTLIST_FOREACH_END(conn);
1640  if (n_pending_connections > 0 && n_supported[i] == 0) {
1641  /* Leave best_support at -1 if that's where it is, so we can
1642  * distinguish it later. */
1643  continue;
1644  }
1645  if (n_supported[i] > best_support) {
1646  /* If this router is better than previous ones, remember its index
1647  * and goodness, and start counting how many routers are this good. */
1648  best_support = n_supported[i]; n_best_support=1;
1649 // log_fn(LOG_DEBUG,"%s is new best supported option so far.",
1650 // router->nickname);
1651  } else if (n_supported[i] == best_support) {
1652  /* If this router is _as good_ as the best one, just increment the
1653  * count of equally good routers.*/
1654  ++n_best_support;
1655  }
1656  } SMARTLIST_FOREACH_END(node);
1657  log_info(LD_CIRC,
1658  "Found %d servers that might support %d/%d pending connections.",
1659  n_best_support, best_support >= 0 ? best_support : 0,
1660  n_pending_connections);
1661 
1662  /* If any routers definitely support any pending connections, choose one
1663  * at random. */
1664  if (best_support > 0) {
1665  smartlist_t *supporting = smartlist_new();
1666 
1667  SMARTLIST_FOREACH(the_nodes, const node_t *, node, {
1668  if (n_supported[node_sl_idx] == best_support)
1669  smartlist_add(supporting, (void*)node);
1670  });
1671 
1672  selected_node = node_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT);
1673  smartlist_free(supporting);
1674  } else {
1675  /* Either there are no pending connections, or no routers even seem to
1676  * possibly support any of them. Choose a router at random that satisfies
1677  * at least one predicted exit port. */
1678 
1679  int attempt;
1680  smartlist_t *needed_ports, *supporting;
1681 
1682  if (best_support == -1) {
1683  if (need_uptime || need_capacity) {
1684  log_info(LD_CIRC,
1685  "We couldn't find any live%s%s routers; falling back "
1686  "to list of all routers.",
1687  need_capacity?", fast":"",
1688  need_uptime?", stable":"");
1689  tor_free(n_supported);
1690  flags &= ~(CRN_NEED_UPTIME|CRN_NEED_CAPACITY);
1691  return choose_good_exit_server_general(flags);
1692  }
1693  log_notice(LD_CIRC, "All routers are down or won't exit%s -- "
1694  "choosing a doomed exit at random.",
1695  options->ExcludeExitNodesUnion_ ? " or are Excluded" : "");
1696  }
1697  supporting = smartlist_new();
1698  needed_ports = circuit_get_unhandled_ports(time(NULL));
1699  for (attempt = 0; attempt < 2; attempt++) {
1700  /* try once to pick only from routers that satisfy a needed port,
1701  * then if there are none, pick from any that support exiting. */
1702  SMARTLIST_FOREACH_BEGIN(the_nodes, const node_t *, node) {
1703  if (n_supported[node_sl_idx] != -1 &&
1704  (attempt || node_handles_some_port(node, needed_ports))) {
1705 // log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.",
1706 // try, router->nickname);
1707  smartlist_add(supporting, (void*)node);
1708  }
1709  } SMARTLIST_FOREACH_END(node);
1710 
1711  selected_node = node_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT);
1712  if (selected_node)
1713  break;
1714  smartlist_clear(supporting);
1715  /* If we reach this point, we can't actually support any unhandled
1716  * predicted ports, so clear all the remaining ones. */
1717  if (smartlist_len(needed_ports))
1718  rep_hist_remove_predicted_ports(needed_ports);
1719  }
1720  SMARTLIST_FOREACH(needed_ports, uint16_t *, cp, tor_free(cp));
1721  smartlist_free(needed_ports);
1722  smartlist_free(supporting);
1723  }
1724 
1725  tor_free(n_supported);
1726  if (selected_node) {
1727  log_info(LD_CIRC, "Chose exit server '%s'", node_describe(selected_node));
1728  return selected_node;
1729  }
1730  if (options->ExitNodes) {
1731  log_warn(LD_CIRC,
1732  "No exits in ExitNodes%s seem to be running: "
1733  "can't choose an exit.",
1734  options->ExcludeExitNodesUnion_ ?
1735  ", except possibly those excluded by your configuration, " : "");
1736  }
1737  return NULL;
1738 }
1739 
1740 /* Pick a Rendezvous Point for our HS circuits according to <b>flags</b>. */
1741 static const node_t *
1742 pick_rendezvous_node(router_crn_flags_t flags)
1743 {
1744  const or_options_t *options = get_options();
1745  return router_choose_random_node(NULL, options->ExcludeNodes, flags);
1746 }
1747 
1748 /*
1749  * Helper function to pick a configured restricted middle node
1750  * (either HSLayer2Nodes or HSLayer3Nodes).
1751  *
1752  * Make sure that the node we chose is alive, and not excluded,
1753  * and return it.
1754  *
1755  * The exclude_set is a routerset of nodes that the selected node
1756  * must not match, and the exclude_list is a simple list of nodes
1757  * that the selected node must not be in. Either or both may be
1758  * NULL.
1759  *
1760  * Return NULL if no usable nodes could be found. */
1761 static const node_t *
1763  const routerset_t *pick_from,
1764  const routerset_t *exclude_set,
1765  const smartlist_t *exclude_list,
1766  int position_hint)
1767 {
1768  const node_t *middle_node = NULL;
1769 
1770  smartlist_t *allowlisted_live_middles = smartlist_new();
1771  smartlist_t *all_live_nodes = smartlist_new();
1772 
1773  tor_assert(pick_from);
1774 
1775  /* Add all running nodes to all_live_nodes */
1776  router_add_running_nodes_to_smartlist(all_live_nodes, flags);
1777 
1778  /* Filter all_live_nodes to only add live *and* allowlisted middles
1779  * to the list allowlisted_live_middles. */
1780  SMARTLIST_FOREACH_BEGIN(all_live_nodes, node_t *, live_node) {
1781  if (routerset_contains_node(pick_from, live_node)) {
1782  smartlist_add(allowlisted_live_middles, live_node);
1783  }
1784  } SMARTLIST_FOREACH_END(live_node);
1785 
1786  /* Honor ExcludeNodes */
1787  if (exclude_set) {
1788  routerset_subtract_nodes(allowlisted_live_middles, exclude_set);
1789  }
1790 
1791  if (exclude_list) {
1792  smartlist_subtract(allowlisted_live_middles, exclude_list);
1793  }
1794 
1795  /**
1796  * Max number of restricted nodes before we alert the user and try
1797  * to load balance for them.
1798  *
1799  * The most aggressive vanguard design had 16 nodes at layer3.
1800  * Let's give a small ceiling above that. */
1801 #define MAX_SANE_RESTRICTED_NODES 20
1802  /* If the user (or associated tor controller) selected only a few nodes,
1803  * assume they took load balancing into account and don't do it for them.
1804  *
1805  * If there are a lot of nodes in here, assume they did not load balance
1806  * and do it for them, but also warn them that they may be Doing It Wrong.
1807  */
1808  if (smartlist_len(allowlisted_live_middles) <=
1809  MAX_SANE_RESTRICTED_NODES) {
1810  middle_node = smartlist_choose(allowlisted_live_middles);
1811  } else {
1812  static ratelim_t pinned_notice_limit = RATELIM_INIT(24*3600);
1813  log_fn_ratelim(&pinned_notice_limit, LOG_NOTICE, LD_CIRC,
1814  "Your _HSLayer%dNodes setting has resulted "
1815  "in %d total nodes. This is a lot of nodes. "
1816  "You may want to consider using a Tor controller "
1817  "to select and update a smaller set of nodes instead.",
1818  position_hint, smartlist_len(allowlisted_live_middles));
1819 
1820  /* NO_WEIGHTING here just means don't take node flags into account
1821  * (ie: use consensus measurement only). This is done so that
1822  * we don't further surprise the user by not using Exits that they
1823  * specified at all */
1824  middle_node = node_sl_choose_by_bandwidth(allowlisted_live_middles,
1825  NO_WEIGHTING);
1826  }
1827 
1828  smartlist_free(allowlisted_live_middles);
1829  smartlist_free(all_live_nodes);
1830 
1831  return middle_node;
1832 }
1833 
1834 /** Return a pointer to a suitable router to be the exit node for the
1835  * circuit of purpose <b>purpose</b> that we're about to build (or NULL
1836  * if no router is suitable).
1837  *
1838  * For general-purpose circuits, pass it off to
1839  * choose_good_exit_server_general()
1840  *
1841  * For client-side rendezvous circuits, choose a random node, weighted
1842  * toward the preferences in 'options'.
1843  */
1844 static const node_t *
1846  router_crn_flags_t flags, int is_internal)
1847 {
1848  const or_options_t *options = get_options();
1849  flags |= CRN_NEED_DESC;
1850 
1851  switch (TO_CIRCUIT(circ)->purpose) {
1855  /* For these three, we want to pick the exit like a middle hop,
1856  * since it should be random. */
1857  tor_assert_nonfatal(is_internal);
1858  FALLTHROUGH;
1860  if (is_internal) /* pick it like a middle hop */
1861  return router_choose_random_node(NULL, options->ExcludeNodes, flags);
1862  else
1863  return choose_good_exit_server_general(flags);
1865  {
1866  /* Pick a new RP */
1867  const node_t *rendezvous_node = pick_rendezvous_node(flags);
1868  log_info(LD_REND, "Picked new RP: %s",
1869  safe_str_client(node_describe(rendezvous_node)));
1870  return rendezvous_node;
1871  }
1872  }
1873  log_warn(LD_BUG,"Unhandled purpose %d", TO_CIRCUIT(circ)->purpose);
1875  return NULL;
1876 }
1877 
1878 /** Log a warning if the user specified an exit for the circuit that
1879  * has been excluded from use by ExcludeNodes or ExcludeExitNodes. */
1880 static void
1882  const extend_info_t *exit_ei)
1883 {
1884  const or_options_t *options = get_options();
1885  routerset_t *rs = options->ExcludeNodes;
1886  const char *description;
1887  uint8_t purpose = circ->base_.purpose;
1888 
1889  if (circ->build_state->onehop_tunnel)
1890  return;
1891 
1892  switch (purpose)
1893  {
1894  default:
1895  case CIRCUIT_PURPOSE_OR:
1899  log_warn(LD_BUG, "Called on non-origin circuit (purpose %d, %s)",
1900  (int)purpose,
1901  circuit_purpose_to_string(purpose));
1902  return;
1906  if (circ->build_state->is_internal)
1907  return;
1908  description = "requested exit node";
1909  rs = options->ExcludeExitNodesUnion_;
1910  break;
1918  return;
1923  description = "chosen rendezvous point";
1924  break;
1926  rs = options->ExcludeExitNodesUnion_;
1927  description = "controller-selected circuit target";
1928  break;
1929  }
1930 
1931  if (routerset_contains_extendinfo(rs, exit_ei)) {
1932  /* We should never get here if StrictNodes is set to 1. */
1933  if (options->StrictNodes) {
1934  log_warn(LD_BUG, "Using %s '%s' which is listed in ExcludeNodes%s, "
1935  "even though StrictNodes is set. Please report. "
1936  "(Circuit purpose: %s)",
1937  description, extend_info_describe(exit_ei),
1938  rs==options->ExcludeNodes?"":" or ExcludeExitNodes",
1939  circuit_purpose_to_string(purpose));
1940  } else {
1941  log_warn(LD_CIRC, "Using %s '%s' which is listed in "
1942  "ExcludeNodes%s, because no better options were available. To "
1943  "prevent this (and possibly break your Tor functionality), "
1944  "set the StrictNodes configuration option. "
1945  "(Circuit purpose: %s)",
1946  description, extend_info_describe(exit_ei),
1947  rs==options->ExcludeNodes?"":" or ExcludeExitNodes",
1948  circuit_purpose_to_string(purpose));
1949  }
1951  }
1952 
1953  return;
1954 }
1955 
1956 /* Return a set of generic CRN_* flags based on <b>state</b>.
1957  *
1958  * Called for every position in the circuit. */
1959 STATIC int
1960 cpath_build_state_to_crn_flags(const cpath_build_state_t *state)
1961 {
1962  router_crn_flags_t flags = 0;
1963  /* These flags apply to entry, middle, and exit nodes.
1964  * If a flag only applies to a specific position, it should be checked in
1965  * that function. */
1966  if (state->need_uptime)
1967  flags |= CRN_NEED_UPTIME;
1968  if (state->need_capacity)
1969  flags |= CRN_NEED_CAPACITY;
1970  return flags;
1971 }
1972 
1973 /* Return the CRN_INITIATE_IPV6_EXTEND flag, based on <b>state</b> and
1974  * <b>cur_len</b>.
1975  *
1976  * Only called for middle nodes (for now). Must not be called on single-hop
1977  * circuits. */
1978 STATIC int
1979 cpath_build_state_to_crn_ipv6_extend_flag(const cpath_build_state_t *state,
1980  int cur_len)
1981 {
1982  IF_BUG_ONCE(state->desired_path_len < 2)
1983  return 0;
1984 
1985  /* The last node is the relay doing the self-test. So we want to extend over
1986  * IPv6 from the second-last node. */
1987  if (state->is_ipv6_selftest && cur_len == state->desired_path_len - 2)
1988  return CRN_INITIATE_IPV6_EXTEND;
1989  else
1990  return 0;
1991 }
1992 
1993 /** Decide a suitable length for circ's cpath, and pick an exit
1994  * router (or use <b>exit</b> if provided). Store these in the
1995  * cpath.
1996  *
1997  * If <b>is_hs_v3_rp_circuit</b> is set, then this exit should be suitable to
1998  * be used as an HS v3 rendezvous point.
1999  *
2000  * Return 0 if ok, -1 if circuit should be closed. */
2001 STATIC int
2003  int is_hs_v3_rp_circuit)
2004 {
2005  cpath_build_state_t *state = circ->build_state;
2006 
2007  if (state->onehop_tunnel) {
2008  log_debug(LD_CIRC, "Launching a one-hop circuit for dir tunnel%s.",
2009  (rend_allow_non_anonymous_connection(get_options()) ?
2010  ", or intro or rendezvous connection" : ""));
2011  state->desired_path_len = 1;
2012  } else {
2013  int r = new_route_len(circ->base_.purpose, exit_ei, nodelist_get_list());
2014  if (r < 1) /* must be at least 1 */
2015  return -1;
2016  state->desired_path_len = r;
2017  }
2018 
2019  if (exit_ei) { /* the circuit-builder pre-requested one */
2020  warn_if_last_router_excluded(circ, exit_ei);
2021  log_info(LD_CIRC,"Using requested exit node '%s'",
2022  extend_info_describe(exit_ei));
2023  exit_ei = extend_info_dup(exit_ei);
2024  } else { /* we have to decide one */
2025  router_crn_flags_t flags = CRN_NEED_DESC;
2026  flags |= cpath_build_state_to_crn_flags(state);
2027  /* Some internal exits are one hop, for example directory connections.
2028  * (Guards are always direct, middles are never direct.) */
2029  if (state->onehop_tunnel)
2030  flags |= CRN_DIRECT_CONN;
2031  if (is_hs_v3_rp_circuit)
2032  flags |= CRN_RENDEZVOUS_V3;
2033  const node_t *node =
2034  choose_good_exit_server(circ, flags, state->is_internal);
2035  if (!node) {
2036  log_warn(LD_CIRC,"Failed to choose an exit server");
2037  return -1;
2038  }
2039  exit_ei = extend_info_from_node(node, state->onehop_tunnel);
2040  if (BUG(exit_ei == NULL))
2041  return -1;
2042  }
2043  state->chosen_exit = exit_ei;
2044  return 0;
2045 }
2046 
2047 /** Give <b>circ</b> a new exit destination to <b>exit</b>, and add a
2048  * hop to the cpath reflecting this. Don't send the next extend cell --
2049  * the caller will do this if it wants to.
2050  */
2051 int
2053 {
2054  cpath_build_state_t *state;
2055  tor_assert(exit_ei);
2056  tor_assert(circ);
2057 
2058  state = circ->build_state;
2059  tor_assert(state);
2060  extend_info_free(state->chosen_exit);
2061  state->chosen_exit = extend_info_dup(exit_ei);
2062 
2063  ++circ->build_state->desired_path_len;
2064  cpath_append_hop(&circ->cpath, exit_ei);
2065  return 0;
2066 }
2067 
2068 /** Take an open <b>circ</b>, and add a new hop at the end, based on
2069  * <b>info</b>. Set its state back to CIRCUIT_STATE_BUILDING, and then
2070  * send the next extend cell to begin connecting to that hop.
2071  */
2072 int
2074 {
2075  int err_reason = 0;
2076  warn_if_last_router_excluded(circ, exit_ei);
2077 
2078  tor_gettimeofday(&circ->base_.timestamp_began);
2079 
2080  circuit_append_new_exit(circ, exit_ei);
2082  if ((err_reason = circuit_send_next_onion_skin(circ))<0) {
2083  log_warn(LD_CIRC, "Couldn't extend circuit to new point %s.",
2084  extend_info_describe(exit_ei));
2085  circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
2086  return -1;
2087  }
2088 
2089  // XXX: Should cannibalized circuits be dirty or not? Not easy to say..
2090 
2091  return 0;
2092 }
2093 
2094 /** Return the number of routers in <b>nodes</b> that are currently up and
2095  * available for building circuits through.
2096  *
2097  * If <b>direct</b> is true, only count nodes that are suitable for direct
2098  * connections. Counts nodes regardless of whether their addresses are
2099  * preferred.
2100  */
2101 MOCK_IMPL(STATIC int,
2102 count_acceptable_nodes, (const smartlist_t *nodes, int direct))
2103 {
2104  int num=0;
2105  int flags = CRN_NEED_DESC;
2106 
2107  if (direct)
2108  flags |= CRN_DIRECT_CONN;
2109 
2110  SMARTLIST_FOREACH_BEGIN(nodes, const node_t *, node) {
2111  // log_debug(LD_CIRC,
2112  // "Contemplating whether router %d (%s) is a new option.",
2113  // i, r->nickname);
2114  if (!router_can_choose_node(node, flags))
2115  continue;
2116  ++num;
2117  } SMARTLIST_FOREACH_END(node);
2118 
2119 // log_debug(LD_CIRC,"I like %d. num_acceptable_routers now %d.",i, num);
2120 
2121  return num;
2122 }
2123 
2124 /**
2125  * Build the exclude list for vanguard circuits.
2126  *
2127  * For vanguard circuits we exclude all the already chosen nodes (including the
2128  * exit) from being middle hops to prevent the creation of A - B - A subpaths.
2129  * We also allow the 4th hop to be the same as the guard node so as to not leak
2130  * guard information to RP/IP/HSDirs.
2131  *
2132  * For vanguard circuits, we don't apply any subnet or family restrictions.
2133  * This is to avoid impossible-to-build circuit paths, or just situations where
2134  * our earlier guards prevent us from using most of our later ones.
2135  *
2136  * The alternative is building the circuit in reverse. Reverse calls to
2137  * onion_extend_cpath() (ie: select outer hops first) would then have the
2138  * property that you don't gain information about inner hops by observing
2139  * outer ones. See https://bugs.torproject.org/tpo/core/tor/24487
2140  * for this.
2141  *
2142  * (Note further that we still exclude the exit to prevent A - B - A
2143  * at the end of the path. */
2144 static smartlist_t *
2146  cpath_build_state_t *state,
2147  crypt_path_t *head,
2148  int cur_len)
2149 {
2150  smartlist_t *excluded;
2151  const node_t *r;
2152  crypt_path_t *cpath;
2153  int i;
2154 
2155  (void) purpose;
2156 
2157  excluded = smartlist_new();
2158 
2159  /* Add the exit to the exclude list (note that the exit/last hop is always
2160  * chosen first in circuit_establish_circuit()). */
2161  if ((r = build_state_get_exit_node(state))) {
2162  smartlist_add(excluded, (node_t*)r);
2163  }
2164 
2165  /* If we are picking the 4th hop, allow that node to be the guard too.
2166  * This prevents us from avoiding the Guard for those hops, which
2167  * gives the adversary information about our guard if they control
2168  * the RP, IP, or HSDIR. We don't do this check based on purpose
2169  * because we also want to allow HS_VANGUARDS pre-build circuits
2170  * to use the guard for that last hop.
2171  */
2172  if (cur_len == DEFAULT_ROUTE_LEN+1) {
2173  /* Skip the first hop for the exclude list below */
2174  head = head->next;
2175  cur_len--;
2176  }
2177 
2178  for (i = 0, cpath = head; cpath && i < cur_len; ++i, cpath=cpath->next) {
2179  if ((r = node_get_by_id(cpath->extend_info->identity_digest))) {
2180  smartlist_add(excluded, (node_t*)r);
2181  }
2182  }
2183 
2184  return excluded;
2185 }
2186 
2187 /**
2188  * Build a list of nodes to exclude from the choice of this middle
2189  * hop, based on already chosen nodes.
2190  */
2191 static smartlist_t *
2193  cpath_build_state_t *state,
2194  crypt_path_t *head,
2195  int cur_len)
2196 {
2197  smartlist_t *excluded;
2198  const node_t *r;
2199  crypt_path_t *cpath;
2200  int i;
2201 
2202  /** Vanguard circuits have their own path selection rules */
2203  if (circuit_should_use_vanguards(purpose)) {
2204  return build_vanguard_middle_exclude_list(purpose, state, head, cur_len);
2205  }
2206 
2207  excluded = smartlist_new();
2208 
2209  /* For non-vanguard circuits, add the exit and its family to the exclude list
2210  * (note that the exit/last hop is always chosen first in
2211  * circuit_establish_circuit()). */
2212  if ((r = build_state_get_exit_node(state))) {
2213  nodelist_add_node_and_family(excluded, r);
2214  }
2215 
2216  /* also exclude all other already chosen nodes and their family */
2217  for (i = 0, cpath = head; cpath && i < cur_len; ++i, cpath=cpath->next) {
2218  if ((r = node_get_by_id(cpath->extend_info->identity_digest))) {
2219  nodelist_add_node_and_family(excluded, r);
2220  }
2221  }
2222 
2223  return excluded;
2224 }
2225 
2226 /** Return true if we MUST use vanguards for picking this middle node. */
2227 static int
2229  uint8_t purpose, int cur_len)
2230 {
2231  /* If this is not a hidden service circuit, don't use vanguards */
2232  if (!circuit_purpose_is_hidden_service(purpose)) {
2233  return 0;
2234  }
2235 
2236  /* If we have sticky L2 nodes, and this is an L2 pick, use vanguards */
2237  if (options->HSLayer2Nodes && cur_len == 1) {
2238  return 1;
2239  }
2240 
2241  /* If we have sticky L3 nodes, and this is an L3 pick, use vanguards */
2242  if (options->HSLayer3Nodes && cur_len == 2) {
2243  return 1;
2244  }
2245 
2246  return 0;
2247 }
2248 
2249 /** Pick a sticky vanguard middle node or return NULL if not found.
2250  * See doc of pick_restricted_middle_node() for argument details. */
2251 static const node_t *
2253  router_crn_flags_t flags, int cur_len,
2254  const smartlist_t *excluded)
2255 {
2256  const routerset_t *vanguard_routerset = NULL;
2257  const node_t *node = NULL;
2258 
2259  /* Pick the right routerset based on the current hop */
2260  if (cur_len == 1) {
2261  vanguard_routerset = options->HSLayer2Nodes;
2262  } else if (cur_len == 2) {
2263  vanguard_routerset = options->HSLayer3Nodes;
2264  } else {
2265  /* guaranteed by middle_node_should_be_vanguard() */
2267  return NULL;
2268  }
2269 
2270  node = pick_restricted_middle_node(flags, vanguard_routerset,
2271  options->ExcludeNodes, excluded,
2272  cur_len+1);
2273 
2274  if (!node) {
2275  static ratelim_t pinned_warning_limit = RATELIM_INIT(300);
2276  log_fn_ratelim(&pinned_warning_limit, LOG_WARN, LD_CIRC,
2277  "Could not find a node that matches the configured "
2278  "_HSLayer%dNodes set", cur_len+1);
2279  }
2280 
2281  return node;
2282 }
2283 
2284 /** A helper function used by onion_extend_cpath(). Use <b>purpose</b>
2285  * and <b>state</b> and the cpath <b>head</b> (currently populated only
2286  * to length <b>cur_len</b> to decide a suitable middle hop for a
2287  * circuit. In particular, make sure we don't pick the exit node or its
2288  * family, and make sure we don't duplicate any previous nodes or their
2289  * families. */
2290 static const node_t *
2292  cpath_build_state_t *state,
2293  crypt_path_t *head,
2294  int cur_len)
2295 {
2296  const node_t *choice;
2297  smartlist_t *excluded;
2298  const or_options_t *options = get_options();
2299  router_crn_flags_t flags = CRN_NEED_DESC;
2300  tor_assert(CIRCUIT_PURPOSE_MIN_ <= purpose &&
2301  purpose <= CIRCUIT_PURPOSE_MAX_);
2302 
2303  log_debug(LD_CIRC, "Contemplating intermediate hop #%d: random choice.",
2304  cur_len+1);
2305 
2306  excluded = build_middle_exclude_list(purpose, state, head, cur_len);
2307 
2308  flags |= cpath_build_state_to_crn_flags(state);
2309  flags |= cpath_build_state_to_crn_ipv6_extend_flag(state, cur_len);
2310 
2311  /** If a hidden service circuit wants a specific middle node, pin it. */
2312  if (middle_node_must_be_vanguard(options, purpose, cur_len)) {
2313  log_debug(LD_GENERAL, "Picking a sticky node (cur_len = %d)", cur_len);
2314  choice = pick_vanguard_middle_node(options, flags, cur_len, excluded);
2315  smartlist_free(excluded);
2316  return choice;
2317  }
2318 
2319  if (options->MiddleNodes) {
2320  smartlist_t *sl = smartlist_new();
2321  routerset_get_all_nodes(sl, options->MiddleNodes,
2322  options->ExcludeNodes, 1);
2323 
2324  smartlist_subtract(sl, excluded);
2325 
2326  choice = node_sl_choose_by_bandwidth(sl, WEIGHT_FOR_MID);
2327  smartlist_free(sl);
2328  if (choice) {
2329  log_fn(LOG_INFO, LD_CIRC, "Chose fixed middle node: %s",
2330  hex_str(choice->identity, DIGEST_LEN));
2331  } else {
2332  log_fn(LOG_NOTICE, LD_CIRC, "Restricted middle not available");
2333  }
2334  } else {
2335  choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
2336  }
2337  smartlist_free(excluded);
2338  return choice;
2339 }
2340 
2341 /** Pick a good entry server for the circuit to be built according to
2342  * <b>state</b>. Don't reuse a chosen exit (if any), don't use this
2343  * router (if we're an OR), and respect firewall settings; if we're
2344  * configured to use entry guards, return one.
2345  *
2346  * Set *<b>guard_state_out</b> to information about the guard that
2347  * we're selecting, which we'll use later to remember whether the
2348  * guard worked or not.
2349  */
2350 const node_t *
2352  circuit_guard_state_t **guard_state_out)
2353 {
2354  const node_t *choice;
2355  smartlist_t *excluded;
2356  const or_options_t *options = get_options();
2357  /* If possible, choose an entry server with a preferred address,
2358  * otherwise, choose one with an allowed address */
2359  router_crn_flags_t flags = (CRN_NEED_GUARD|CRN_NEED_DESC|CRN_PREF_ADDR|
2360  CRN_DIRECT_CONN);
2361  const node_t *node;
2362 
2363  /* Once we used this function to select a node to be a guard. We had
2364  * 'state == NULL' be the signal for that. But we don't do that any more.
2365  */
2366  tor_assert_nonfatal(state);
2367 
2368  if (state && options->UseEntryGuards &&
2369  (purpose != CIRCUIT_PURPOSE_TESTING || options->BridgeRelay)) {
2370  /* This request is for an entry server to use for a regular circuit,
2371  * and we use entry guard nodes. Just return one of the guard nodes. */
2372  tor_assert(guard_state_out);
2373  return guards_choose_guard(state, purpose, guard_state_out);
2374  }
2375 
2376  excluded = smartlist_new();
2377 
2378  if (state && (node = build_state_get_exit_node(state))) {
2379  /* Exclude the exit node from the state, if we have one. Also exclude its
2380  * family. */
2381  nodelist_add_node_and_family(excluded, node);
2382  }
2383 
2384  if (state) {
2385  flags |= cpath_build_state_to_crn_flags(state);
2386  }
2387 
2388  choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
2389  smartlist_free(excluded);
2390  return choice;
2391 }
2392 
2393 /** Choose a suitable next hop for the circuit <b>circ</b>.
2394  * Append the hop info to circ->cpath.
2395  *
2396  * Return 1 if the path is complete, 0 if we successfully added a hop,
2397  * and -1 on error.
2398  */
2399 STATIC int
2401 {
2402  uint8_t purpose = circ->base_.purpose;
2403  cpath_build_state_t *state = circ->build_state;
2404  int cur_len = circuit_get_cpath_len(circ);
2405  extend_info_t *info = NULL;
2406 
2407  if (cur_len >= state->desired_path_len) {
2408  log_debug(LD_CIRC, "Path is complete: %d steps long",
2409  state->desired_path_len);
2410  return 1;
2411  }
2412 
2413  log_debug(LD_CIRC, "Path is %d long; we want %d", cur_len,
2414  state->desired_path_len);
2415 
2416  if (cur_len == state->desired_path_len - 1) { /* Picking last node */
2417  info = extend_info_dup(state->chosen_exit);
2418  } else if (cur_len == 0) { /* picking first node */
2419  const node_t *r = choose_good_entry_server(purpose, state,
2420  &circ->guard_state);
2421  if (r) {
2422  /* If we're a client, use the preferred address rather than the
2423  primary address, for potentially connecting to an IPv6 OR
2424  port. Servers always want the primary (IPv4) address. */
2425  int client = (server_mode(get_options()) == 0);
2426  info = extend_info_from_node(r, client);
2427  /* Clients can fail to find an allowed address */
2428  tor_assert_nonfatal(info || client);
2429  }
2430  } else {
2431  const node_t *r =
2432  choose_good_middle_server(purpose, state, circ->cpath, cur_len);
2433  if (r) {
2434  info = extend_info_from_node(r, 0);
2435  tor_assert_nonfatal(info);
2436  }
2437  }
2438 
2439  if (!info) {
2440  log_warn(LD_CIRC,"Failed to find node for hop #%d of our path. Discarding "
2441  "this circuit.", cur_len+1);
2442  return -1;
2443  }
2444 
2445  log_debug(LD_CIRC,"Chose router %s for hop #%d (exit is %s)",
2446  extend_info_describe(info),
2447  cur_len+1, build_state_get_exit_nickname(state));
2448 
2449  cpath_append_hop(&circ->cpath, info);
2450  extend_info_free(info);
2451  return 0;
2452 }
2453 
2454 /** Return the node_t for the chosen exit router in <b>state</b>.
2455  * If there is no chosen exit, or if we don't know the node_t for
2456  * the chosen exit, return NULL.
2457  */
2458 MOCK_IMPL(const node_t *,
2460 {
2461  if (!state || !state->chosen_exit)
2462  return NULL;
2463  return node_get_by_id(state->chosen_exit->identity_digest);
2464 }
2465 
2466 /** Return the RSA ID digest for the chosen exit router in <b>state</b>.
2467  * If there is no chosen exit, return NULL.
2468  */
2469 const uint8_t *
2471 {
2472  if (!state || !state->chosen_exit)
2473  return NULL;
2474  return (const uint8_t *) state->chosen_exit->identity_digest;
2475 }
2476 
2477 /** Return the nickname for the chosen exit router in <b>state</b>. If
2478  * there is no chosen exit, or if we don't know the routerinfo_t for the
2479  * chosen exit, return NULL.
2480  */
2481 const char *
2483 {
2484  if (!state || !state->chosen_exit)
2485  return NULL;
2486  return state->chosen_exit->nickname;
2487 }
2488 
2489 /* Is circuit purpose allowed to use the deprecated TAP encryption protocol?
2490  * The hidden service protocol still uses TAP for some connections, because
2491  * ntor onion keys aren't included in HS descriptors or INTRODUCE cells. */
2492 static int
2493 circuit_purpose_can_use_tap_impl(uint8_t purpose)
2494 {
2495  return (purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
2496  purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
2497 }
2498 
2499 /* Is circ allowed to use the deprecated TAP encryption protocol?
2500  * The hidden service protocol still uses TAP for some connections, because
2501  * ntor onion keys aren't included in HS descriptors or INTRODUCE cells. */
2502 int
2503 circuit_can_use_tap(const origin_circuit_t *circ)
2504 {
2505  tor_assert(circ);
2506  tor_assert(circ->cpath);
2507  tor_assert(circ->cpath->extend_info);
2508  return (circuit_purpose_can_use_tap_impl(circ->base_.purpose) &&
2509  extend_info_supports_tap(circ->cpath->extend_info));
2510 }
2511 
2512 /* Does circ have an onion key which it's allowed to use? */
2513 int
2514 circuit_has_usable_onion_key(const origin_circuit_t *circ)
2515 {
2516  tor_assert(circ);
2517  tor_assert(circ->cpath);
2518  tor_assert(circ->cpath->extend_info);
2519  return (extend_info_supports_ntor(circ->cpath->extend_info) ||
2520  circuit_can_use_tap(circ));
2521 }
2522 
2523 /** Find the circuits that are waiting to find out whether their guards are
2524  * usable, and if any are ready to become usable, mark them open and try
2525  * attaching streams as appropriate. */
2526 void
2528 {
2529  smartlist_t *to_upgrade =
2531 
2532  if (to_upgrade == NULL)
2533  return;
2534 
2535  log_info(LD_GUARD, "Upgrading %d circuits from 'waiting for better guard' "
2536  "to 'open'.", smartlist_len(to_upgrade));
2537 
2538  SMARTLIST_FOREACH_BEGIN(to_upgrade, origin_circuit_t *, circ) {
2540  circuit_has_opened(circ);
2541  } SMARTLIST_FOREACH_END(circ);
2542 
2543  smartlist_free(to_upgrade);
2544 }
command_setup_channel
void command_setup_channel(channel_t *chan)
Definition: command.c:667
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:283
onion_skin_client_handshake
int onion_skin_client_handshake(int type, const onion_handshake_state_t *handshake_state, const uint8_t *reply, size_t reply_len, uint8_t *keys_out, size_t keys_out_len, uint8_t *rend_authenticator_out, const char **msg_out)
Definition: onion_crypto.c:247
or_options_t::LongLivedPorts
struct smartlist_t * LongLivedPorts
Definition: or_options_st.h:367
circpad_machine_event_circ_built
void circpad_machine_event_circ_built(origin_circuit_t *circ)
Definition: circuitpadding.c:2259
selftest.h
Header file for selftest.c.
routermode.h
Header file for routermode.c.
tor_free
#define tor_free(p)
Definition: malloc.h:52
connection_edge.h
Header file for connection_edge.c.
CIRCUIT_PURPOSE_REND_ESTABLISHED
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
Definition: circuitlist.h:47
rep_hist_remove_predicted_ports
void rep_hist_remove_predicted_ports(const smartlist_t *rmv_ports)
Definition: predict_ports.c:170
hex_str
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
channel_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: channel.h:378
ADDR_POLICY_PROBABLY_REJECTED
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
CIRCUIT_STATE_OPEN
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:32
circuit_t::purpose
uint8_t purpose
Definition: circuit_st.h:111
node_handles_some_port
static int node_handles_some_port(const node_t *node, smartlist_t *needed_ports)
Definition: circuitbuild.c:1490
entry_connection_st.h
Entry connection structure.
channel_t::timestamp_created
time_t timestamp_created
Definition: channel.h:298
circuit_send_next_onion_skin
int circuit_send_next_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:894
CIRCUIT_PURPOSE_C_GENERAL
#define CIRCUIT_PURPOSE_C_GENERAL
Definition: circuitlist.h:72
choose_good_exit_server
static const node_t * choose_good_exit_server(origin_circuit_t *circ, router_crn_flags_t flags, int is_internal)
Definition: circuitbuild.c:1845
smartlist_contains_int_as_string
int smartlist_contains_int_as_string(const smartlist_t *sl, int num)
Definition: smartlist.c:147
reset_all_main_loop_timers
void reset_all_main_loop_timers(void)
Definition: mainloop.c:1454
approx_time
time_t approx_time(void)
Definition: approx_time.c:32
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
or_options_t::BridgeRelay
int BridgeRelay
Definition: or_options_st.h:268
ADDR_POLICY_REJECTED
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
circuit_extend_to_new_exit
int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
Definition: circuitbuild.c:2073
connection_ap_can_use_exit
int connection_ap_can_use_exit(const entry_connection_t *conn, const node_t *exit_node)
Definition: connection_edge.c:4430
CIRCUIT_PURPOSE_INTRO_POINT
#define CIRCUIT_PURPOSE_INTRO_POINT
Definition: circuitlist.h:42
create_cell_t::handshake_type
uint16_t handshake_type
Definition: onion.h:28
channel_t::last_warned_circ_ids_exhausted
ratelim_t last_warned_circ_ids_exhausted
Definition: channel.h:438
count_acceptable_nodes
STATIC int count_acceptable_nodes(const smartlist_t *nodes, int direct)
Definition: circuitbuild.c:2102
crypt_path_t::rend_circ_nonce
char rend_circ_nonce[DIGEST_LEN]
Definition: crypt_path_st.h:58
routerset_contains_extendinfo
int routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
Definition: routerset.c:307
routerset_get_all_nodes
void routerset_get_all_nodes(smartlist_t *out, const routerset_t *routerset, const routerset_t *excludeset, int running_only)
Definition: routerset.c:378
AP_CONN_STATE_CIRCUIT_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
Definition: connection_edge.h:49
CIRCLAUNCH_NEED_CAPACITY
#define CIRCLAUNCH_NEED_CAPACITY
Definition: circuituse.h:43
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
microdesc.h
Header file for microdesc.c.
confmgt.h
Header for confmgt.c.
LD_BUG
#define LD_BUG
Definition: log.h:86
channel_state_to_string
const char * channel_state_to_string(channel_state_t state)
Definition: channel.c:315
circuit_build_times_handle_completed_hop
void circuit_build_times_handle_completed_hop(origin_circuit_t *circ)
Definition: circuitstats.c:680
router.h
Header file for router.c.
cpath_build_state_st.h
Circuit-build-stse structure.
DEFAULT_ROUTE_LEN
#define DEFAULT_ROUTE_LEN
Definition: or.h:1019
router_digest_is_me
int router_digest_is_me(const char *digest)
Definition: router.c:1698
circuituse.h
Header file for circuituse.c.
channel.h
Header file for channel.c.
create_cell_t
Definition: onion.h:24
circuit_append_new_exit
int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
Definition: circuitbuild.c:2052
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
clear_broken_connection_map
void clear_broken_connection_map(int stop_recording)
Definition: connection_or.c:243
routerset_contains_node
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:352
base16_encode
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
tor_fragile_assert
#define tor_fragile_assert()
Definition: util_bug.h:259
RELAY_PAYLOAD_SIZE
#define RELAY_PAYLOAD_SIZE
Definition: or.h:606
smartlist_choose
void * smartlist_choose(const smartlist_t *sl)
Definition: crypto_rand.c:590
crypt_path_t::state
uint8_t state
Definition: crypt_path_st.h:68
created_cell_t
Definition: onion.h:36
describe.h
Header file for describe.c.
circuit_list_path
char * circuit_list_path(origin_circuit_t *circ, int verbose)
Definition: circuitbuild.c:333
cpath_build_state_t::is_internal
unsigned int is_internal
Definition: cpath_build_state_st.h:26
route_len_for_purpose
int route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
Definition: circuitbuild.c:1329
control_event_bootstrap
void control_event_bootstrap(bootstrap_status_t status, int progress)
Definition: control_bootstrap.c:188
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
CIRCUIT_PURPOSE_C_REND_JOINED
#define CIRCUIT_PURPOSE_C_REND_JOINED
Definition: circuitlist.h:90
extend_cell_t::create_cell
create_cell_t create_cell
Definition: onion.h:60
circuit_remove_handled_ports
void circuit_remove_handled_ports(smartlist_t *needed_ports)
Definition: circuituse.c:1015
END_CIRC_REASON_FLAG_REMOTE
#define END_CIRC_REASON_FLAG_REMOTE
Definition: or.h:329
ed25519_pubkey_copy
void ed25519_pubkey_copy(ed25519_public_key_t *dest, const ed25519_public_key_t *src)
Definition: crypto_ed25519.c:654
entry_guard_succeeded
guard_usable_t entry_guard_succeeded(circuit_guard_state_t **guard_state_p)
Definition: entrynodes.c:2486
nodelist_add_node_and_family
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2161
circuit_t::n_chan
channel_t * n_chan
Definition: circuit_st.h:69
channel_t::is_canonical
int(* is_canonical)(channel_t *)
Definition: channel.h:353
origin_circuit_get_guard_state
circuit_guard_state_t * origin_circuit_get_guard_state(origin_circuit_t *circ)
Definition: circuitbuild.c:509
onion.h
Header file for onion.c.
is_legal_nickname
int is_legal_nickname(const char *s)
Definition: nickname.c:19
crypt_path_t::handshake_state
onion_handshake_state_t handshake_state
Definition: crypt_path_st.h:52
append_cell_to_circuit_queue
void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream)
Definition: relay.c:3105
circuit_handle_first_hop
int circuit_handle_first_hop(origin_circuit_t *circ)
Definition: circuitbuild.c:540
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
tor_addr_make_unspec
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
circuit_n_chan_done
void circuit_n_chan_done(channel_t *chan, int status, int close_origin_circuits)
Definition: circuitbuild.c:627
crypt_path.h
Header file for crypt_path.c.
CIRCUIT_IS_ORIGIN
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:146
crypt_path_t
Definition: crypt_path_st.h:47
circuitpadding.h
Header file for circuitpadding.c.
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
Definition: circuitlist.h:78
choose_good_exit_server_general
static const node_t * choose_good_exit_server_general(router_crn_flags_t flags)
Definition: circuitbuild.c:1542
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
onion_skin_create
int onion_skin_create(int type, const extend_info_t *node, onion_handshake_state_t *state_out, uint8_t *onion_skin_out)
Definition: onion_crypto.c:110
extend_info_describe
const char * extend_info_describe(const extend_info_t *ei)
Definition: describe.c:202
channel_t::cmux
circuitmux_t * cmux
Definition: channel.h:397
ocirc_chan_msg_t::chan
uint64_t chan
Definition: ocirc_event.h:46
build_state_get_exit_nickname
const char * build_state_get_exit_nickname(cpath_build_state_t *state)
Definition: circuitbuild.c:2482
networkstatus.h
Header file for networkstatus.c.
build_middle_exclude_list
static smartlist_t * build_middle_exclude_list(uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
Definition: circuitbuild.c:2192
origin_circuit_t::global_identifier
uint32_t global_identifier
Definition: origin_circuit_st.h:240
onion_fast.h
Header file for onion_fast.c.
CIRCUIT_PURPOSE_REND_POINT_WAITING
#define CIRCUIT_PURPOSE_REND_POINT_WAITING
Definition: circuitlist.h:45
cell_t
Definition: cell_st.h:17
CIRCUIT_PURPOSE_C_ESTABLISH_REND
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND
Definition: circuitlist.h:83
CIRCUIT_PURPOSE_S_HSDIR_POST
#define CIRCUIT_PURPOSE_S_HSDIR_POST
Definition: circuitlist.h:114
note_that_we_completed_a_circuit
void note_that_we_completed_a_circuit(void)
Definition: mainloop.c:228
CIRCUIT_PURPOSE_OR
#define CIRCUIT_PURPOSE_OR
Definition: circuitlist.h:39
pick_restricted_middle_node
static const node_t * pick_restricted_middle_node(router_crn_flags_t flags, const routerset_t *pick_from, const routerset_t *exclude_set, const smartlist_t *exclude_list, int position_hint)
Definition: circuitbuild.c:1762
CIRCUIT_PURPOSE_CONTROLLER
#define CIRCUIT_PURPOSE_CONTROLLER
Definition: circuitlist.h:120
LD_CIRC
#define LD_CIRC
Definition: log.h:82
build_state_get_exit_rsa_id
const uint8_t * build_state_get_exit_rsa_id(cpath_build_state_t *state)
Definition: circuitbuild.c:2470
create_cell_t::onionskin
uint8_t onionskin[CELL_PAYLOAD_SIZE - 4]
Definition: onion.h:32
circuit_note_clock_jumped
void circuit_note_clock_jumped(int64_t seconds_elapsed, bool was_idle)
Definition: circuitbuild.c:1149
routerset_subtract_nodes
void routerset_subtract_nodes(smartlist_t *lst, const routerset_t *routerset)
Definition: routerset.c:412
node_sl_choose_by_bandwidth
const node_t * node_sl_choose_by_bandwidth(const smartlist_t *sl, bandwidth_weight_rule_t rule)
Definition: node_select.c:856
CELL_DIRECTION_OUT
@ CELL_DIRECTION_OUT
Definition: or.h:485
circuitlist.h
Header file for circuitlist.c.
mainloop.h
Header file for mainloop.c.
circuit_log_path
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:352
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
circuit_build_no_more_hops
static int circuit_build_no_more_hops(origin_circuit_t *circ)
Definition: circuitbuild.c:993
or_options_t::ExcludeExitNodesUnion_
struct routerset_t * ExcludeExitNodesUnion_
Definition: or_options_st.h:130
extend_cell_t::orport_ipv4
tor_addr_port_t orport_ipv4
Definition: onion.h:50
TR_SUBSYS
#define TR_SUBSYS(name)
Definition: events.h:45
channel_describe_peer
const char * channel_describe_peer(channel_t *chan)
Definition: channel.c:2804
CONN_TYPE_AP
#define CONN_TYPE_AP
Definition: connection.h:51
cpath_free
void cpath_free(crypt_path_t *victim)
Definition: crypt_path.c:163
extend_cell_t::ed_pubkey
struct ed25519_public_key_t ed_pubkey
Definition: onion.h:56
ocirc_chan_msg_t::gid
uint32_t gid
Definition: ocirc_event.h:45
onion_tap.h
Header file for onion_tap.c.
rate_limit_log
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:42
events.h
Header file for Tor tracing instrumentation definition.
cpath_build_state_t::chosen_exit
extend_info_t * chosen_exit
Definition: cpath_build_state_st.h:20
channel_timestamp_client
void channel_timestamp_client(channel_t *chan)
Definition: channel.c:3162
ocirc_chan_msg_t::onehop
bool onehop
Definition: ocirc_event.h:47
bridges.h
Header file for circuitbuild.c.
command.h
Header file for command.c.
control_event_client_status
int control_event_client_status(int severity, const char *format,...)
Definition: control_events.c:1758
MAX_VERBOSE_NICKNAME_LEN
#define MAX_VERBOSE_NICKNAME_LEN
Definition: or.h:118
TO_ENTRY_CONN
entry_connection_t * TO_ENTRY_CONN(connection_t *c)
Definition: connection_edge.c:202
circuit_purpose_may_omit_guard
static int circuit_purpose_may_omit_guard(int purpose)
Definition: circuitbuild.c:865
circuit_chan_publish
static void circuit_chan_publish(const origin_circuit_t *circ, const channel_t *chan)
Definition: circuitbuild.c:524
tor_addr_port_t
Definition: address.h:81
tor_memneq
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
entrynodes.h
Header file for circuitbuild.c.
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
circuit_get_unhandled_ports
static smartlist_t * circuit_get_unhandled_ports(time_t now)
Definition: circuitbuild.c:1450
node_t
Definition: node_st.h:34
origin_circuit_t
Definition: origin_circuit_st.h:79
extend_cell_t
Definition: onion.h:46
router_do_reachability_checks
void router_do_reachability_checks(int test_or, int test_dir)
Definition: selftest.c:333
CIRCLAUNCH_ONEHOP_TUNNEL
#define CIRCLAUNCH_ONEHOP_TUNNEL
Definition: circuituse.h:39
cpath_build_state_t::onehop_tunnel
unsigned int onehop_tunnel
Definition: cpath_build_state_st.h:32
MIN_CIRCUITS_HANDLING_STREAM
#define MIN_CIRCUITS_HANDLING_STREAM
Definition: or.h:180
control_event_general_status
int control_event_general_status(int severity, const char *format,...)
Definition: control_events.c:1738
or_options_t::HSLayer3Nodes
struct routerset_t * HSLayer3Nodes
Definition: or_options_st.h:319
channel_t::circ_id_type
circ_id_type_bitfield_t circ_id_type
Definition: channel.h:405
directory.h
Header file for directory.c.
extend_info_from_node
extend_info_t * extend_info_from_node(const node_t *node, int for_direct_connect)
Definition: extendinfo.c:92
entry_connection_t::use_begindir
unsigned int use_begindir
Definition: entry_connection_st.h:79
origin_circuit_t::has_opened
unsigned int has_opened
Definition: origin_circuit_st.h:156
tor_digest_is_zero
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96
pick_vanguard_middle_node
static const node_t * pick_vanguard_middle_node(const or_options_t *options, router_crn_flags_t flags, int cur_len, const smartlist_t *excluded)
Definition: circuitbuild.c:2252
ed25519_public_key_t
Definition: crypto_ed25519.h:23
CIRCUIT_PURPOSE_HS_VANGUARDS
#define CIRCUIT_PURPOSE_HS_VANGUARDS
Definition: circuitlist.h:130
or_options_t::ExcludeNodes
struct routerset_t * ExcludeNodes
Definition: or_options_st.h:120
entry_connection_t::chosen_exit_name
char * chosen_exit_name
Definition: entry_connection_st.h:25
choose_good_middle_server
static const node_t * choose_good_middle_server(uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
Definition: circuitbuild.c:2291
extend_info_t::ed_identity
ed25519_public_key_t ed_identity
Definition: extend_info_st.h:33
circuitmux_num_circuits
unsigned int circuitmux_num_circuits(circuitmux_t *cmux)
Definition: circuitmux.c:713
LD_REND
#define LD_REND
Definition: log.h:84
or_options_t::StrictNodes
int StrictNodes
Definition: or_options_st.h:117
CIRCUIT_STATE_CHAN_WAIT
#define CIRCUIT_STATE_CHAN_WAIT
Definition: circuitlist.h:26
created_cell_t::handshake_len
uint16_t handshake_len
Definition: onion.h:40
circuit_truncated
int circuit_truncated(origin_circuit_t *circ, int reason)
Definition: circuitbuild.c:1247
circuit_t::timestamp_began
struct timeval timestamp_began
Definition: circuit_st.h:165
circuit_purpose_is_hidden_service
int circuit_purpose_is_hidden_service(uint8_t purpose)
Definition: circuituse.c:1974
CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT
#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT
Definition: circuitlist.h:95
get_connection_array
smartlist_t * get_connection_array(void)
Definition: mainloop.c:453
circuit_has_opened
void circuit_has_opened(origin_circuit_t *circ)
Definition: circuituse.c:1693
connection_t::marked_for_close
uint16_t marked_for_close
Definition: connection_st.h:149
circuit_t
Definition: circuit_st.h:61
get_unique_circ_id_by_chan
STATIC circid_t get_unique_circ_id_by_chan(channel_t *chan)
Definition: circuitbuild.c:122
nodelist.h
Header file for nodelist.c.
circuit_finish_handshake
int circuit_finish_handshake(origin_circuit_t *circ, const created_cell_t *reply)
Definition: circuitbuild.c:1189
routerlist.h
Header file for routerlist.c.
origin_circuit_init
origin_circuit_t * origin_circuit_init(uint8_t purpose, int flags)
Definition: circuitbuild.c:449
have_completed_a_circuit
int have_completed_a_circuit(void)
Definition: mainloop.c:220
routerset.h
Header file for routerset.c.
circuit_timeout_want_to_count_circ
int circuit_timeout_want_to_count_circ(const origin_circuit_t *circ)
Definition: circuitbuild.c:798
node_get_verbose_nickname
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1452
predict_ports.h
Header file for predict_ports.c.
new_route_len
STATIC int new_route_len(uint8_t purpose, extend_info_t *exit_ei, const smartlist_t *nodes)
Definition: circuitbuild.c:1419
tor_gettimeofday
void tor_gettimeofday(struct timeval *timeval)
Definition: tor_gettimeofday.c:42
circuitstats.h
Header file for circuitstats.c.
node_select.h
Header file for node_select.c.
extendinfo.h
Header for core/or/extendinfo.c.
channel_t
Definition: channel.h:181
command
tor_cmdline_mode_t command
Definition: config.c:2448
extend_info_is_a_configured_bridge
int extend_info_is_a_configured_bridge(const extend_info_t *ei)
Definition: bridges.c:268
connection_t
Definition: connection_st.h:45
transports.h
Headers for transports.c.
connection_t::type
unsigned int type
Definition: connection_st.h:50
circuit_t::n_circ_id
circid_t n_circ_id
Definition: circuit_st.h:78
onion_pick_cpath_exit
STATIC int onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit_ei, int is_hs_v3_rp_circuit)
Definition: circuitbuild.c:2002
extend_cell_t::orport_ipv6
tor_addr_port_t orport_ipv6
Definition: onion.h:52
LOG_INFO
#define LOG_INFO
Definition: log.h:45
origin_circuit_t::guard_state
struct circuit_guard_state_t * guard_state
Definition: origin_circuit_st.h:141
crypto_rand.h
Common functions for using (pseudo-)random number generators.
circuit_establish_circuit
origin_circuit_t * circuit_establish_circuit(uint8_t purpose, extend_info_t *exit_ei, int flags)
Definition: circuitbuild.c:478
control_events.h
Header file for control_events.c.
get_options
const or_options_t * get_options(void)
Definition: config.c:929
origin_circuit_t::build_state
cpath_build_state_t * build_state
Definition: origin_circuit_st.h:123
choose_good_entry_server
const node_t * choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state, circuit_guard_state_t **guard_state_out)
Definition: circuitbuild.c:2351
or_options_t::ExitNodes
struct routerset_t * ExitNodes
Definition: or_options_st.h:108
circuitbuild.h
Header file for circuitbuild.c.
circuitmux_num_active_circuits
unsigned int circuitmux_num_active_circuits(circuitmux_t *cmux)
Definition: circuitmux.c:701
CIRCUIT_PURPOSE_S_REND_JOINED
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:112
circuit_cpath_supports_ntor
static int circuit_cpath_supports_ntor(const origin_circuit_t *circ)
Definition: circuitbuild.c:361
TO_EDGE_CONN
edge_connection_t * TO_EDGE_CONN(connection_t *c)
Definition: connection_edge.c:176
connection_edge_is_rendezvous_stream
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
Definition: connection_edge.c:4412
MAX_NICKNAME_LEN
#define MAX_NICKNAME_LEN
Definition: or.h:112
or_options_t::MiddleNodes
struct routerset_t * MiddleNodes
Definition: or_options_st.h:111
smartlist_clear
void smartlist_clear(smartlist_t *sl)
Definition: smartlist_core.c:50
create_cell_t::cell_type
uint8_t cell_type
Definition: onion.h:26
CIRCLAUNCH_IS_INTERNAL
#define CIRCLAUNCH_IS_INTERNAL
Definition: circuituse.h:46
channel_dump_statistics
void channel_dump_statistics(channel_t *chan, int severity)
Definition: channel.c:2526
extend_cell_t::node_id
uint8_t node_id[DIGEST_LEN]
Definition: onion.h:54
extend_info_st.h
Extend-info structure.
circuit_id_in_use_on_channel
int circuit_id_in_use_on_channel(circid_t circ_id, channel_t *chan)
Definition: circuitlist.c:1556
CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
Definition: circuitlist.h:81
node_describe
const char * node_describe(const node_t *node)
Definition: describe.c:142
circuit_pick_create_handshake
static void circuit_pick_create_handshake(uint8_t *cell_type_out, uint16_t *handshake_type_out, const extend_info_t *ei)
Definition: circuitbuild.c:813
channel_connect_for_circuit
channel_t * channel_connect_for_circuit(const extend_info_t *ei)
Definition: circuitbuild.c:99
cpath_init_circuit_crypto
int cpath_init_circuit_crypto(crypt_path_t *cpath, const char *key_data, size_t key_data_len, int reverse, int is_hs_v3)
Definition: crypt_path.c:151
CIRCLAUNCH_NEED_UPTIME
#define CIRCLAUNCH_NEED_UPTIME
Definition: circuituse.h:41
origin_circuit_t::cpath
crypt_path_t * cpath
Definition: origin_circuit_st.h:129
onion_populate_cpath
static int onion_populate_cpath(origin_circuit_t *circ)
Definition: circuitbuild.c:385
circuit_find_circuits_to_upgrade_from_guard_wait
smartlist_t * circuit_find_circuits_to_upgrade_from_guard_wait(void)
Definition: circuitlist.c:2023
IF_BUG_ONCE
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:246
cpath_build_state_t::need_capacity
unsigned int need_capacity
Definition: cpath_build_state_st.h:24
nodelist_get_list
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:966
CIRCUIT_PURPOSE_C_HSDIR_GET
#define CIRCUIT_PURPOSE_C_HSDIR_GET
Definition: circuitlist.h:92
TO_ORIGIN_CIRCUIT
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:168
relay.h
Header file for relay.c.
CIRCUIT_PURPOSE_C_REND_READY
#define CIRCUIT_PURPOSE_C_REND_READY
Definition: circuitlist.h:85
circuit_get_cpath_opened_len
int circuit_get_cpath_opened_len(const origin_circuit_t *circ)
Definition: circuitlist.c:2067
connection.h
Header file for connection.c.
note_that_we_maybe_cant_complete_circuits
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:236
extend_info_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: extend_info_st.h:31
circuit_mark_all_unused_circs
void circuit_mark_all_unused_circs(void)
Definition: circuitlist.c:2103
CIRCUIT_PURPOSE_S_CONNECT_REND
#define CIRCUIT_PURPOSE_S_CONNECT_REND
Definition: circuitlist.h:109
extend_cell_t::cell_type
uint8_t cell_type
Definition: onion.h:48
cpath_build_state_t::need_uptime
unsigned int need_uptime
Definition: cpath_build_state_st.h:22
LD_GUARD
#define LD_GUARD
Definition: log.h:109
circuit_set_n_circid_chan
void circuit_set_n_circid_chan(circuit_t *circ, circid_t id, channel_t *chan)
Definition: circuitlist.c:476
crypt_path_t::prev
struct crypt_path_t * prev
Definition: crypt_path_st.h:75
nickname.h
Header file for nickname.c.
ocirc_chan_msg_t
Definition: ocirc_event.h:44
server_mode
int server_mode(const or_options_t *options)
Definition: routermode.c:34
cpath_append_hop
int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice)
Definition: crypt_path.c:62
circuit_should_use_vanguards
int circuit_should_use_vanguards(uint8_t purpose)
Definition: circuituse.c:2044
CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
Definition: circuitlist.h:103
cpath_build_state_t::is_ipv6_selftest
unsigned int is_ipv6_selftest
Definition: cpath_build_state_st.h:28
pathbias_count_build_attempt
int pathbias_count_build_attempt(origin_circuit_t *circ)
Definition: circpathbias.c:424
CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
Definition: circuitlist.h:88
crypt_path_t::extend_info
extend_info_t * extend_info
Definition: crypt_path_st.h:61
channel_get_for_extend
channel_t * channel_get_for_extend(const char *rsa_id_digest, const ed25519_public_key_t *ed_id, const tor_addr_t *target_ipv4_addr, const tor_addr_t *target_ipv6_addr, const char **msg_out, int *launch_out)
Definition: channel.c:2405
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
circuit_id_when_marked_unusable_on_channel
time_t circuit_id_when_marked_unusable_on_channel(circid_t circ_id, channel_t *chan)
Definition: circuitlist.c:1569
log_fn_ratelim
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
CIRCUIT_PURPOSE_TESTING
#define CIRCUIT_PURPOSE_TESTING
Definition: circuitlist.h:118
addr_policy_result_t
addr_policy_result_t
Definition: policies.h:38
channel_connect
channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id)
Definition: channel.c:2319
circuit_mark_all_dirty_circs_as_unusable
void circuit_mark_all_dirty_circs_as_unusable(void)
Definition: circuitlist.c:2122
created_cell_t::reply
uint8_t reply[CELL_PAYLOAD_SIZE - 2]
Definition: onion.h:42
HEX_DIGEST_LEN
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
onion_crypto.h
Header file for onion_crypto.c.
warn_if_last_router_excluded
static void warn_if_last_router_excluded(origin_circuit_t *circ, const extend_info_t *exit_ei)
Definition: circuitbuild.c:1881
LOG_WARN
#define LOG_WARN
Definition: log.h:53
node_st.h
Node information structure.
or_options_t::UseEntryGuards
int UseEntryGuards
Definition: or_options_st.h:577
CIRCLAUNCH_IS_V3_RP
#define CIRCLAUNCH_IS_V3_RP
Definition: circuituse.h:49
circuit_stream_is_being_handled
int circuit_stream_is_being_handled(entry_connection_t *conn, uint16_t port, int min)
Definition: circuituse.c:1040
channel_matches_extend_info
int channel_matches_extend_info(channel_t *chan, extend_info_t *extend_info)
Definition: channel.c:3259
END_CIRC_REASON_NOPATH
#define END_CIRC_REASON_NOPATH
Definition: or.h:304
circuit_list_path_impl
static char * circuit_list_path_impl(origin_circuit_t *circ, int verbose, int verbose_names)
Definition: circuitbuild.c:259
extend_info_any_orport_addr_is_internal
bool extend_info_any_orport_addr_is_internal(const extend_info_t *ei)
Definition: extendinfo.c:318
circuit_pick_extend_handshake
static void circuit_pick_extend_handshake(uint8_t *cell_type_out, uint8_t *create_cell_type_out, uint16_t *handshake_type_out, const extend_info_t *ei)
Definition: circuitbuild.c:839
cell_st.h
Fixed-size cell structure.
entry_connection_t::want_onehop
unsigned int want_onehop
Definition: entry_connection_st.h:76
or_options_t::ExtendAllowPrivateAddresses
int ExtendAllowPrivateAddresses
Definition: or_options_st.h:161
onion_extend_cpath
STATIC int onion_extend_cpath(origin_circuit_t *circ)
Definition: circuitbuild.c:2400
policies.h
Header file for policies.c.
pathbias_count_build_success
void pathbias_count_build_success(origin_circuit_t *circ)
Definition: circpathbias.c:512
crypt_path_t::next
struct crypt_path_t * next
Definition: crypt_path_st.h:72
rep_hist_get_predicted_ports
smartlist_t * rep_hist_get_predicted_ports(time_t now)
Definition: predict_ports.c:142
hs_ntor.h
Header for hs_ntor.c.
extend_info_dup
extend_info_t * extend_info_dup(extend_info_t *info)
Definition: extendinfo.c:180
circuit_deliver_create_cell
int circuit_deliver_create_cell(circuit_t *circ, const struct create_cell_t *create_cell, int relayed)
Definition: circuitbuild.c:713
LD_APP
#define LD_APP
Definition: log.h:78
circuit_set_state
void circuit_set_state(circuit_t *circ, uint8_t state)
Definition: circuitlist.c:545
config.h
Header file for config.c.
cpath_build_state_t
Definition: cpath_build_state_st.h:16
router_choose_random_node
const node_t * router_choose_random_node(smartlist_t *excludedsmartlist, routerset_t *excludedset, router_crn_flags_t flags)
Definition: node_select.c:979
extend_info_t::nickname
char nickname[MAX_HEX_NICKNAME_LEN+1]
Definition: extend_info_st.h:28
cpath_build_state_t::desired_path_len
int desired_path_len
Definition: cpath_build_state_st.h:18
compare_tor_addr_to_node_policy
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2857
build_state_get_exit_node
const node_t * build_state_get_exit_node(cpath_build_state_t *state)
Definition: circuitbuild.c:2459
smartlist_add_asprintf
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
channel_t::global_identifier
uint64_t global_identifier
Definition: channel.h:197
circuit_send_first_onion_skin
static int circuit_send_first_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:928
tor_log
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:590
build_vanguard_middle_exclude_list
static smartlist_t * build_vanguard_middle_exclude_list(uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
Definition: circuitbuild.c:2145
connection_t::state
uint8_t state
Definition: connection_st.h:49
CIRC_ID_TYPE_HIGHER
@ CIRC_ID_TYPE_HIGHER
Definition: channel.h:41
CIRCLAUNCH_IS_IPV6_SELFTEST
#define CIRCLAUNCH_IS_IPV6_SELFTEST
Definition: circuituse.h:54
router_add_running_nodes_to_smartlist
void router_add_running_nodes_to_smartlist(smartlist_t *sl, int flags)
Definition: routerlist.c:614
circuit_reset_failure_count
void circuit_reset_failure_count(int timeout)
Definition: circuituse.c:2250
ap_stream_wants_exit_attention
static int ap_stream_wants_exit_attention(connection_t *conn)
Definition: circuitbuild.c:1514
CIRCUIT_STATE_GUARD_WAIT
#define CIRCUIT_STATE_GUARD_WAIT
Definition: circuitlist.h:30
circuit_get_cpath_len
int circuit_get_cpath_len(origin_circuit_t *circ)
Definition: circuitlist.c:2051
origin_circuit_t::p_streams
edge_connection_t * p_streams
Definition: origin_circuit_st.h:84
channel_t::num_n_circuits
unsigned int num_n_circuits
Definition: channel.h:410
extend_info_get_orport
const tor_addr_port_t * extend_info_get_orport(const extend_info_t *ei, int family)
Definition: extendinfo.c:263
TO_CIRCUIT
#define TO_CIRCUIT(x)
Definition: or.h:965
edge_connection_t::next_stream
struct edge_connection_t * next_stream
Definition: edge_connection_st.h:24
or_options_t
Definition: or_options_st.h:64
crypto_rand
void crypto_rand(char *to, size_t n)
Definition: crypto_rand.c:477
circuit_t::n_hop
extend_info_t * n_hop
Definition: circuit_st.h:87
STATIC
#define STATIC
Definition: testsupport.h:32
router_crn_flags_t
router_crn_flags_t
Definition: node_select.h:16
smartlist_subtract
void smartlist_subtract(smartlist_t *sl1, const smartlist_t *sl2)
Definition: smartlist.c:264
guards_choose_guard
const node_t * guards_choose_guard(cpath_build_state_t *state, uint8_t purpose, circuit_guard_state_t **guard_state_out)
Definition: entrynodes.c:3744
CIRC_ID_TYPE_NEITHER
@ CIRC_ID_TYPE_NEITHER
Definition: channel.h:44
entry_connection_t
Definition: entry_connection_st.h:19
circpad_machine_event_circ_added_hop
void circpad_machine_event_circ_added_hop(origin_circuit_t *on_circ)
Definition: circuitpadding.c:2245
cell_t::circ_id
circid_t circ_id
Definition: cell_st.h:18
extend_info_pick_orport
const tor_addr_port_t * extend_info_pick_orport(const extend_info_t *ei)
Definition: extendinfo.c:278
CIRCUIT_STATE_BUILDING
#define CIRCUIT_STATE_BUILDING
Definition: circuitlist.h:21
origin_circuit_st.h
Origin circuit structure.
node_exit_policy_rejects_all
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1498
create_cell_t::handshake_len
uint16_t handshake_len
Definition: onion.h:30
middle_node_must_be_vanguard
static int middle_node_must_be_vanguard(const or_options_t *options, uint8_t purpose, int cur_len)
Definition: circuitbuild.c:2228
node_has_preferred_descriptor
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1419
smartlist_t
Definition: smartlist_core.h:26
smartlist_join_strings
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
origin_circuit_new
origin_circuit_t * origin_circuit_new(void)
Definition: circuitlist.c:1020
circuit_t::state
uint8_t state
Definition: circuit_st.h:110
cpath_get_next_non_open_hop
crypt_path_t * cpath_get_next_non_open_hop(crypt_path_t *cpath)
Definition: crypt_path.c:229
rendcommon.h
Header file for rendcommon.c.
circuit_get_all_pending_on_channel
void circuit_get_all_pending_on_channel(smartlist_t *out, channel_t *chan)
Definition: circuitlist.c:580
CIRCUIT_PURPOSE_C_INTRODUCING
#define CIRCUIT_PURPOSE_C_INTRODUCING
Definition: circuitlist.h:75
onion_handshake_state_release
void onion_handshake_state_release(onion_handshake_state_t *state)
Definition: onion_crypto.c:79
ocirc_event.h
Header file for ocirc_event.c.
connection_or.h
Header file for connection_or.c.
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
circuit_all_predicted_ports_handled
int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, int *need_capacity)
Definition: circuitbuild.c:1465
channel_t::state
channel_state_t state
Definition: channel.h:192
circuit_send_intermediate_onion_skin
static int circuit_send_intermediate_onion_skin(origin_circuit_t *circ, crypt_path_t *hop)
Definition: circuitbuild.c:1067
extend_info_t
Definition: extend_info_st.h:27
circuit_purpose_to_string
const char * circuit_purpose_to_string(uint8_t purpose)
Definition: circuitlist.c:905
or_options_t::HSLayer2Nodes
struct routerset_t * HSLayer2Nodes
Definition: or_options_st.h:315
extend_cell_format
int extend_cell_format(uint8_t *command_out, uint16_t *len_out, uint8_t *payload_out, const extend_cell_t *cell_in)
Definition: onion.c:608
circid_t
uint32_t circid_t
Definition: or.h:609
channel_t::channel_usage
channel_usage_info_t channel_usage
Definition: channel.h:228
node_t::identity
char identity[DIGEST_LEN]
Definition: node_st.h:46
should_use_create_fast_for_circuit
static bool should_use_create_fast_for_circuit(origin_circuit_t *circ)
Definition: circuitbuild.c:776
ratelim_t
Definition: ratelim.h:42
or.h
Master header file for Tor-specific functionality.
circuit_event_status
int circuit_event_status(origin_circuit_t *circ, circuit_status_event_t tp, int reason_code)
Definition: circuitlist.c:501
circuit_list_path_for_controller
char * circuit_list_path_for_controller(origin_circuit_t *circ)
Definition: circuitbuild.c:342
circuit_upgrade_circuits_from_guard_wait
void circuit_upgrade_circuits_from_guard_wait(void)
Definition: circuitbuild.c:2527
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72