64 #define CONFIG_PRIVATE
80 #include "core/or/dos.h"
130 #ifdef HAVE_SYS_STAT_H
131 #include <sys/stat.h>
133 #ifdef HAVE_SYS_PARAM_H
134 #include <sys/param.h>
162 # if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
166 # define __INCLUDE_LEVEL__ 2
168 #include <systemd/sd-daemon.h>
172 static const char unix_socket_prefix[] =
"unix:";
175 static const char unix_q_socket_prefix[] =
"unix:\"";
178 #define MIN_CONSTRAINED_TCP_BUFFER 2048
179 #define MAX_CONSTRAINED_TCP_BUFFER 262144
184 #define DOWNLOAD_SCHEDULE(name) \
185 { (#name "DownloadSchedule"), (#name "DownloadInitialDelay"), 0, 1 }
187 #define DOWNLOAD_SCHEDULE(name) { NULL, NULL, 0, 1 }
201 PLURAL(HiddenServiceNode),
202 PLURAL(HiddenServiceExcludeNode),
205 PLURAL(RecommendedPackage),
211 {
"AllowUnverifiedNodes",
"AllowInvalidNodes", 0, 0},
212 {
"AutomapHostSuffixes",
"AutomapHostsSuffixes", 0, 0},
213 {
"AutomapHostOnResolve",
"AutomapHostsOnResolve", 0, 0},
214 {
"BandwidthRateBytes",
"BandwidthRate", 0, 0},
215 {
"BandwidthBurstBytes",
"BandwidthBurst", 0, 0},
216 {
"DirFetchPostPeriod",
"StatusFetchPeriod", 0, 0},
217 {
"DirServer",
"DirAuthority", 0, 0},
218 {
"MaxConn",
"ConnLimit", 0, 1},
219 {
"MaxMemInCellQueues",
"MaxMemInQueues", 0, 0},
220 {
"ORBindAddress",
"ORListenAddress", 0, 0},
221 {
"DirBindAddress",
"DirListenAddress", 0, 0},
222 {
"SocksBindAddress",
"SocksListenAddress", 0, 0},
223 {
"UseHelperNodes",
"UseEntryGuards", 0, 0},
224 {
"NumHelperNodes",
"NumEntryGuards", 0, 0},
225 {
"UseEntryNodes",
"UseEntryGuards", 0, 0},
226 {
"NumEntryNodes",
"NumEntryGuards", 0, 0},
227 {
"ResolvConf",
"ServerDNSResolvConfFile", 0, 1},
228 {
"SearchDomains",
"ServerDNSSearchDomains", 0, 1},
229 {
"ServerDNSAllowBrokenResolvConf",
"ServerDNSAllowBrokenConfig", 0, 0},
230 {
"PreferTunnelledDirConns",
"PreferTunneledDirConns", 0, 0},
231 {
"BridgeAuthoritativeDirectory",
"BridgeAuthoritativeDir", 0, 0},
232 {
"HashedControlPassword",
"__HashedControlSessionPassword", 1, 0},
233 {
"VirtualAddrNetwork",
"VirtualAddrNetworkIPv4", 0, 0},
234 {
"SocksSocketsGroupWritable",
"UnixSocksGroupWritable", 0, 1},
235 {
"_HSLayer2Nodes",
"HSLayer2Nodes", 0, 1 },
236 {
"_HSLayer3Nodes",
"HSLayer3Nodes", 0, 1 },
259 #define VAR(varname,conftype,member,initvalue) \
260 CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, 0, initvalue)
263 #define VAR_D(varname,conftype,member,initvalue) \
264 CONFIG_VAR_DEFN(or_options_t, varname, conftype, member, 0, initvalue)
266 #define VAR_NODUMP(varname,conftype,member,initvalue) \
267 CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
268 CFLG_NODUMP, initvalue)
269 #define VAR_NODUMP_IMMUTABLE(varname,conftype,member,initvalue) \
270 CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
271 CFLG_NODUMP | CFLG_IMMUTABLE, initvalue)
272 #define VAR_INVIS(varname,conftype,member,initvalue) \
273 CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
274 CFLG_NODUMP | CFLG_NOSET | CFLG_NOLIST, initvalue)
276 #define V(member,conftype,initvalue) \
277 VAR(#member, conftype, member, initvalue)
279 #define VAR_IMMUTABLE(varname, conftype, member, initvalue) \
280 CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
281 CFLG_IMMUTABLE, initvalue)
283 #define V_IMMUTABLE(member,conftype,initvalue) \
284 VAR_IMMUTABLE(#member, conftype, member, initvalue)
287 #define V_D(member,type,initvalue) \
288 VAR_D(#member, type, member, initvalue)
291 #define OBSOLETE(varname) CONFIG_VAR_OBSOLETE(varname)
300 #define VPORT(member) \
301 VAR(#member "Lines", LINELIST_V, member ## _lines, NULL), \
302 VAR(#member, LINELIST_S, member ## _lines, NULL), \
303 VAR_NODUMP("__" #member, LINELIST_S, member ## _lines, NULL)
306 #define UINT64_MAX_STRING "18446744073709551615"
313 V(AccountingMax, MEMUNIT,
"0 bytes"),
314 VAR(
"AccountingRule", STRING, AccountingRule_option,
"max"),
315 V(AccountingStart, STRING, NULL),
316 V(Address, LINELIST, NULL),
317 V(AddressDisableIPv6, BOOL,
"0"),
320 V(AllowNonRFC953Hostnames, BOOL,
"0"),
323 V(AlternateBridgeAuthority, LINELIST, NULL),
324 V(AlternateDirAuthority, LINELIST, NULL),
326 V(AssumeReachable, BOOL,
"0"),
327 V(AssumeReachableIPv6, AUTOBOOL,
"auto"),
330 V(AuthDirBadExit, LINELIST, NULL),
331 V(AuthDirBadExitCCs, CSV,
""),
332 V(AuthDirInvalid, LINELIST, NULL),
333 V(AuthDirInvalidCCs, CSV,
""),
334 V(AuthDirReject, LINELIST, NULL),
335 V(AuthDirRejectCCs, CSV,
""),
338 OBSOLETE(
"AuthDirMaxServersPerAuthAddr"),
339 VAR(
"AuthoritativeDirectory", BOOL, AuthoritativeDir,
"0"),
340 V(AutomapHostsOnResolve, BOOL,
"0"),
341 V(AutomapHostsSuffixes, CSV,
".onion,.exit"),
342 V(AvoidDiskWrites, BOOL,
"0"),
343 V(BandwidthBurst, MEMUNIT,
"1 GB"),
344 V(BandwidthRate, MEMUNIT,
"1 GB"),
345 V(BridgeAuthoritativeDir, BOOL,
"0"),
346 VAR(
"Bridge", LINELIST, Bridges, NULL),
347 V(BridgePassword, STRING, NULL),
348 V(BridgeRecordUsageByCountry, BOOL,
"1"),
349 V(BridgeRelay, BOOL,
"0"),
350 V(BridgeDistribution, STRING, NULL),
351 VAR_IMMUTABLE(
"CacheDirectory",FILENAME, CacheDirectory_option, NULL),
352 V(CacheDirectoryGroupReadable, AUTOBOOL,
"auto"),
353 V(CellStatistics, BOOL,
"0"),
354 V(PaddingStatistics, BOOL,
"1"),
355 V(LearnCircuitBuildTimeout, BOOL,
"1"),
356 V(CircuitBuildTimeout, INTERVAL,
"0"),
358 V(CircuitsAvailableTimeout, INTERVAL,
"0"),
359 V(CircuitStreamTimeout, INTERVAL,
"0"),
360 V(CircuitPriorityHalflife, DOUBLE,
"-1.0"),
361 V(ClientDNSRejectInternalAddresses, BOOL,
"1"),
362 #if defined(HAVE_MODULE_RELAY) || defined(TOR_UNIT_TESTS)
364 V(ClientOnly, BOOL,
"0"),
367 V(ClientOnly, BOOL,
"1"),
369 V(ClientPreferIPv6ORPort, AUTOBOOL,
"auto"),
370 V(ClientPreferIPv6DirPort, AUTOBOOL,
"auto"),
372 V(ClientRejectInternalAddresses, BOOL,
"1"),
373 V(ClientTransportPlugin, LINELIST, NULL),
374 V(ClientUseIPv6, BOOL,
"0"),
375 V(ClientUseIPv4, BOOL,
"1"),
376 V(ConnLimit, POSINT,
"1000"),
377 V(ConnDirectionStatistics, BOOL,
"0"),
378 V(ConstrainedSockets, BOOL,
"0"),
379 V(ConstrainedSockSize, MEMUNIT,
"8192"),
380 V(ContactInfo, STRING, NULL),
383 V(ControlPortFileGroupReadable,BOOL,
"0"),
384 V(ControlPortWriteToFile, FILENAME, NULL),
385 V(ControlSocket, LINELIST, NULL),
386 V(ControlSocketsGroupWritable, BOOL,
"0"),
387 V(UnixSocksGroupWritable, BOOL,
"0"),
388 V(CookieAuthentication, BOOL,
"0"),
389 V(CookieAuthFileGroupReadable, BOOL,
"0"),
390 V(CookieAuthFile, FILENAME, NULL),
391 V(CountPrivateBandwidth, BOOL,
"0"),
392 VAR_IMMUTABLE(
"DataDirectory", FILENAME, DataDirectory_option, NULL),
393 V(DataDirectoryGroupReadable, BOOL,
"0"),
394 V(DisableOOSCheck, BOOL,
"1"),
395 V(DisableNetwork, BOOL,
"0"),
396 V(DirAllowPrivateAddresses, BOOL,
"0"),
398 V(DirPolicy, LINELIST, NULL),
400 V(DirPortFrontPage, FILENAME, NULL),
401 VAR(
"DirReqStatistics", BOOL, DirReqStatistics_option,
"1"),
402 VAR(
"DirAuthority", LINELIST, DirAuthorities, NULL),
403 #if defined(HAVE_MODULE_RELAY) || defined(TOR_UNIT_TESTS)
405 V(DirCache, BOOL,
"1"),
408 V(DirCache, BOOL,
"0"),
417 V(DirAuthorityFallbackRate, DOUBLE,
"0.1"),
418 V_IMMUTABLE(DisableAllSwap, BOOL,
"0"),
419 V_IMMUTABLE(DisableDebuggerAttachment, BOOL,
"1"),
421 OBSOLETE(
"DisableV2DirectoryInfo_"),
425 V(DormantClientTimeout, INTERVAL,
"24 hours"),
426 V(DormantTimeoutDisabledByIdleStreams, BOOL,
"1"),
427 V(DormantOnFirstStartup, BOOL,
"0"),
428 V(DormantCanceledByStartup, BOOL,
"0"),
429 V(DownloadExtraInfo, BOOL,
"0"),
430 V(TestingEnableConnBwEvent, BOOL,
"0"),
431 V(TestingEnableCellStatsEvent, BOOL,
"0"),
432 OBSOLETE(
"TestingEnableTbEmptyEvent"),
433 V(EnforceDistinctSubnets, BOOL,
"1"),
434 V_D(EntryNodes, ROUTERSET, NULL),
435 V(EntryStatistics, BOOL,
"0"),
436 OBSOLETE(
"TestingEstimatedDescriptorPropagationTime"),
437 V_D(ExcludeNodes, ROUTERSET, NULL),
438 V_D(ExcludeExitNodes, ROUTERSET, NULL),
440 V_D(ExitNodes, ROUTERSET, NULL),
444 V_D(MiddleNodes, ROUTERSET, NULL),
445 V(ExitPolicy, LINELIST, NULL),
446 V(ExitPolicyRejectPrivate, BOOL,
"1"),
447 V(ExitPolicyRejectLocalInterfaces, BOOL,
"0"),
448 V(ExitPortStatistics, BOOL,
"0"),
449 V(ExtendAllowPrivateAddresses, BOOL,
"0"),
450 V(ExitRelay, AUTOBOOL,
"auto"),
452 V(ExtORPortCookieAuthFile, FILENAME, NULL),
453 V(ExtORPortCookieAuthFileGroupReadable, BOOL,
"0"),
454 V(ExtraInfoStatistics, BOOL,
"1"),
455 V(ExtendByEd25519ID, AUTOBOOL,
"auto"),
456 V(FallbackDir, LINELIST, NULL),
458 V(UseDefaultFallbackDirs, BOOL,
"1"),
460 OBSOLETE(
"FallbackNetworkstatusFile"),
461 V(FascistFirewall, BOOL,
"0"),
462 V(FirewallPorts, CSV,
""),
464 V(FetchDirInfoEarly, BOOL,
"0"),
465 V(FetchDirInfoExtraEarly, BOOL,
"0"),
466 V(FetchServerDescriptors, BOOL,
"1"),
467 V(FetchHidServDescriptors, BOOL,
"1"),
468 V(FetchUselessDescriptors, BOOL,
"0"),
470 V(GeoIPExcludeUnknown, AUTOBOOL,
"auto"),
472 V(GeoIPFile, FILENAME,
"<default>"),
473 V(GeoIPv6File, FILENAME,
"<default>"),
475 V(GeoIPFile, FILENAME,
476 SHARE_DATADIR PATH_SEPARATOR
"tor" PATH_SEPARATOR
"geoip"),
477 V(GeoIPv6File, FILENAME,
478 SHARE_DATADIR PATH_SEPARATOR
"tor" PATH_SEPARATOR
"geoip6"),
481 V(GuardLifetime, INTERVAL,
"0 minutes"),
482 V(HeartbeatPeriod, INTERVAL,
"6 hours"),
483 V(MainloopStats, BOOL,
"0"),
484 V(HashedControlPassword, LINELIST, NULL),
486 OBSOLETE(
"HiddenServiceAuthorizeClient"),
488 VAR(
"HiddenServiceDir", LINELIST_S, RendConfigLines, NULL),
489 VAR(
"HiddenServiceDirGroupReadable", LINELIST_S, RendConfigLines, NULL),
490 VAR(
"HiddenServiceOptions",LINELIST_V, RendConfigLines, NULL),
491 VAR(
"HiddenServicePort", LINELIST_S, RendConfigLines, NULL),
492 VAR(
"HiddenServiceVersion",LINELIST_S, RendConfigLines, NULL),
493 VAR(
"HiddenServiceAllowUnknownPorts",LINELIST_S, RendConfigLines, NULL),
494 VAR(
"HiddenServiceMaxStreams",LINELIST_S, RendConfigLines, NULL),
495 VAR(
"HiddenServiceMaxStreamsCloseCircuit",LINELIST_S, RendConfigLines, NULL),
496 VAR(
"HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL),
497 VAR(
"HiddenServiceExportCircuitID", LINELIST_S, RendConfigLines, NULL),
498 VAR(
"HiddenServiceEnableIntroDoSDefense", LINELIST_S, RendConfigLines, NULL),
499 VAR(
"HiddenServiceEnableIntroDoSRatePerSec",
500 LINELIST_S, RendConfigLines, NULL),
501 VAR(
"HiddenServiceEnableIntroDoSBurstPerSec",
502 LINELIST_S, RendConfigLines, NULL),
503 VAR(
"HiddenServiceOnionBalanceInstance",
504 LINELIST_S, RendConfigLines, NULL),
505 VAR(
"HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option,
"1"),
506 V(ClientOnionAuthDir, FILENAME, NULL),
507 OBSOLETE(
"CloseHSClientCircuitsImmediatelyOnTimeout"),
508 OBSOLETE(
"CloseHSServiceRendCircuitsImmediatelyOnTimeout"),
509 V_IMMUTABLE(HiddenServiceSingleHopMode, BOOL,
"0"),
510 V_IMMUTABLE(HiddenServiceNonAnonymousMode,BOOL,
"0"),
511 V(HTTPProxy, STRING, NULL),
512 V(HTTPProxyAuthenticator, STRING, NULL),
513 V(HTTPSProxy, STRING, NULL),
514 V(HTTPSProxyAuthenticator, STRING, NULL),
515 VPORT(HTTPTunnelPort),
516 V(IPv6Exit, BOOL,
"0"),
517 VAR(
"ServerTransportPlugin", LINELIST, ServerTransportPlugin, NULL),
518 V(ServerTransportListenAddr, LINELIST, NULL),
519 V(ServerTransportOptions, LINELIST, NULL),
520 V(SigningKeyLifetime, INTERVAL,
"30 days"),
521 V(Socks4Proxy, STRING, NULL),
522 V(Socks5Proxy, STRING, NULL),
523 V(Socks5ProxyUsername, STRING, NULL),
524 V(Socks5ProxyPassword, STRING, NULL),
525 V(TCPProxy, STRING, NULL),
526 VAR_IMMUTABLE(
"KeyDirectory", FILENAME, KeyDirectory_option, NULL),
527 V(KeyDirectoryGroupReadable, AUTOBOOL,
"auto"),
528 VAR_D(
"HSLayer2Nodes", ROUTERSET, HSLayer2Nodes, NULL),
529 VAR_D(
"HSLayer3Nodes", ROUTERSET, HSLayer3Nodes, NULL),
530 V(KeepalivePeriod, INTERVAL,
"5 minutes"),
531 V_IMMUTABLE(KeepBindCapabilities, AUTOBOOL,
"auto"),
532 VAR(
"Log", LINELIST, Logs, NULL),
533 V(LogMessageDomains, BOOL,
"0"),
534 V(LogTimeGranularity, MSEC_INTERVAL,
"1 second"),
535 V(TruncateLogFile, BOOL,
"0"),
536 V_IMMUTABLE(SyslogIdentityTag, STRING, NULL),
538 V(LongLivedPorts, CSV,
539 "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
540 VAR(
"MapAddress", LINELIST, AddressMap, NULL),
541 V(MaxAdvertisedBandwidth, MEMUNIT,
"1 GB"),
542 V(MaxCircuitDirtiness, INTERVAL,
"10 minutes"),
543 V(MaxClientCircuitsPending, POSINT,
"32"),
544 V(MaxConsensusAgeForDiffs, INTERVAL,
"0 seconds"),
545 VAR(
"MaxMemInQueues", MEMUNIT, MaxMemInQueues_raw,
"0"),
547 V(MaxOnionQueueDelay, MSEC_INTERVAL,
"1750 msec"),
548 V(MaxUnparseableDescSizeToLog, MEMUNIT,
"10 MB"),
550 V(MetricsPortPolicy, LINELIST, NULL),
551 VAR(
"MyFamily", LINELIST, MyFamily_lines, NULL),
552 V(NewCircuitPeriod, INTERVAL,
"30 seconds"),
553 OBSOLETE(
"NamingAuthoritativeDirectory"),
556 V(Nickname, STRING, NULL),
557 OBSOLETE(
"PredictedPortsRelevanceTime"),
559 VAR(
"NodeFamily", LINELIST, NodeFamilies, NULL),
560 V_IMMUTABLE(NoExec, BOOL,
"0"),
561 V(NumCPUs, POSINT,
"0"),
562 V(NumDirectoryGuards, POSINT,
"0"),
563 V(NumEntryGuards, POSINT,
"0"),
564 V(NumPrimaryGuards, POSINT,
"0"),
565 V(OfflineMasterKey, BOOL,
"0"),
568 V(OutboundBindAddress, LINELIST, NULL),
569 V(OutboundBindAddressOR, LINELIST, NULL),
570 V(OutboundBindAddressExit, LINELIST, NULL),
571 V(OutboundBindAddressPT, LINELIST, NULL),
574 V(PathBiasCircThreshold, INT,
"-1"),
575 V(PathBiasNoticeRate, DOUBLE,
"-1"),
576 V(PathBiasWarnRate, DOUBLE,
"-1"),
577 V(PathBiasExtremeRate, DOUBLE,
"-1"),
578 V(PathBiasScaleThreshold, INT,
"-1"),
581 V(PathBiasDropGuards, AUTOBOOL,
"0"),
584 V(PathBiasUseThreshold, INT,
"-1"),
585 V(PathBiasNoticeUseRate, DOUBLE,
"-1"),
586 V(PathBiasExtremeUseRate, DOUBLE,
"-1"),
587 V(PathBiasScaleUseThreshold, INT,
"-1"),
589 V(PathsNeededToBuildCircuits, DOUBLE,
"-1"),
590 V(PerConnBWBurst, MEMUNIT,
"0"),
591 V(PerConnBWRate, MEMUNIT,
"0"),
592 V_IMMUTABLE(PidFile, FILENAME, NULL),
593 V_IMMUTABLE(TestingTorNetwork, BOOL,
"0"),
595 V(TestingLinkCertLifetime, INTERVAL,
"2 days"),
596 V(TestingAuthKeyLifetime, INTERVAL,
"2 days"),
597 V(TestingLinkKeySlop, INTERVAL,
"3 hours"),
598 V(TestingAuthKeySlop, INTERVAL,
"3 hours"),
599 V(TestingSigningKeySlop, INTERVAL,
"1 day"),
605 V(ProtocolWarnings, BOOL,
"0"),
606 V(PublishServerDescriptor, CSV,
"1"),
607 V(PublishHidServDescriptors, BOOL,
"1"),
608 V(ReachableAddresses, LINELIST, NULL),
609 V(ReachableDirAddresses, LINELIST, NULL),
610 V(ReachableORAddresses, LINELIST, NULL),
612 V(ReducedConnectionPadding, BOOL,
"0"),
613 V(ConnectionPadding, AUTOBOOL,
"auto"),
614 V(RefuseUnknownExits, AUTOBOOL,
"auto"),
615 V(CircuitPadding, BOOL,
"1"),
616 V(ReducedCircuitPadding, BOOL,
"0"),
617 V(RejectPlaintextPorts, CSV,
""),
618 V(RelayBandwidthBurst, MEMUNIT,
"0"),
619 V(RelayBandwidthRate, MEMUNIT,
"0"),
620 V(RendPostPeriod, INTERVAL,
"1 hour"),
621 V(RephistTrackTime, INTERVAL,
"24 hours"),
622 V_IMMUTABLE(RunAsDaemon, BOOL,
"0"),
623 V(ReducedExitPolicy, BOOL,
"0"),
625 V_IMMUTABLE(Sandbox, BOOL,
"0"),
626 V(SafeLogging, STRING,
"1"),
627 V(SafeSocks, BOOL,
"0"),
628 V(ServerDNSAllowBrokenConfig, BOOL,
"1"),
629 V(ServerDNSAllowNonRFC953Hostnames, BOOL,
"0"),
630 V(ServerDNSDetectHijacking, BOOL,
"1"),
631 V(ServerDNSRandomizeCase, BOOL,
"1"),
632 V(ServerDNSResolvConfFile, FILENAME, NULL),
633 V(ServerDNSSearchDomains, BOOL,
"0"),
634 V(ServerDNSTestAddresses, CSV,
635 "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
636 OBSOLETE(
"SchedulerLowWaterMark__"),
637 OBSOLETE(
"SchedulerHighWaterMark__"),
638 OBSOLETE(
"SchedulerMaxFlushCells__"),
639 V(KISTSchedRunInterval, MSEC_INTERVAL,
"0 msec"),
640 V(KISTSockBufSizeFactor, DOUBLE,
"1.0"),
641 V(Schedulers, CSV,
"KIST,KISTLite,Vanilla"),
642 V(ShutdownWaitLength, INTERVAL,
"30 seconds"),
644 V(SocksPolicy, LINELIST, NULL),
646 V(SocksTimeout, INTERVAL,
"2 minutes"),
647 V(SSLKeyLifetime, INTERVAL,
"0"),
650 V(StrictNodes, BOOL,
"0"),
651 OBSOLETE(
"Support022HiddenServices"),
652 V(TestSocks, BOOL,
"0"),
653 V_IMMUTABLE(TokenBucketRefillInterval, MSEC_INTERVAL,
"100 msec"),
655 OBSOLETE(
"Tor2webRendezvousPoints"),
657 V(TrackHostExits, CSV, NULL),
658 V(TrackHostExitsExpire, INTERVAL,
"30 minutes"),
661 V(TransProxyType, STRING,
"default"),
663 V(UpdateBridgesFromAuthority, BOOL,
"0"),
664 V(UseBridges, BOOL,
"0"),
665 VAR(
"UseEntryGuards", BOOL, UseEntryGuards_option,
"1"),
666 OBSOLETE(
"UseEntryGuardsAsDirGuards"),
667 V(UseGuardFraction, AUTOBOOL,
"auto"),
668 V(UseMicrodescriptors, AUTOBOOL,
"auto"),
670 V_IMMUTABLE(User, STRING, NULL),
672 OBSOLETE(
"V1AuthoritativeDirectory"),
673 OBSOLETE(
"V2AuthoritativeDirectory"),
674 VAR(
"V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,
"0"),
675 V(TestingV3AuthInitialVotingInterval, INTERVAL,
"30 minutes"),
676 V(TestingV3AuthInitialVoteDelay, INTERVAL,
"5 minutes"),
677 V(TestingV3AuthInitialDistDelay, INTERVAL,
"5 minutes"),
678 V(TestingV3AuthVotingStartOffset, INTERVAL,
"0"),
679 V(V3AuthVotingInterval, INTERVAL,
"1 hour"),
680 V(V3AuthVoteDelay, INTERVAL,
"5 minutes"),
681 V(V3AuthDistDelay, INTERVAL,
"5 minutes"),
682 V(V3AuthNIntervalsValid, POSINT,
"3"),
683 V(V3AuthUseLegacyKey, BOOL,
"0"),
684 V(V3BandwidthsFile, FILENAME, NULL),
685 V(GuardfractionFile, FILENAME, NULL),
686 OBSOLETE(
"VoteOnHidServDirectoriesV2"),
687 V(VirtualAddrNetworkIPv4, STRING,
"127.192.0.0/10"),
688 V(VirtualAddrNetworkIPv6, STRING,
"[FE80::]/10"),
689 V(WarnPlaintextPorts, CSV,
"23,109,110,143"),
690 OBSOLETE(
"UseFilteringSSLBufferevents"),
691 OBSOLETE(
"__UseFilteringSSLBufferevents"),
692 VAR_NODUMP(
"__ReloadTorrcOnSIGHUP", BOOL, ReloadTorrcOnSIGHUP,
"1"),
693 VAR_NODUMP(
"__AllDirActionsPrivate", BOOL, AllDirActionsPrivate,
"0"),
694 VAR_NODUMP(
"__DisablePredictedCircuits",BOOL,DisablePredictedCircuits,
"0"),
695 VAR_NODUMP_IMMUTABLE(
"__DisableSignalHandlers", BOOL,
696 DisableSignalHandlers,
"0"),
697 VAR_NODUMP(
"__LeaveStreamsUnattached",BOOL, LeaveStreamsUnattached,
"0"),
698 VAR_NODUMP(
"__HashedControlSessionPassword", LINELIST,
699 HashedControlSessionPassword,
701 VAR_NODUMP(
"__OwningControllerProcess",STRING,
702 OwningControllerProcess, NULL),
703 VAR_NODUMP_IMMUTABLE(
"__OwningControllerFD", UINT64, OwningControllerFD,
705 V(TestingServerDownloadInitialDelay, CSV_INTERVAL,
"0"),
706 V(TestingClientDownloadInitialDelay, CSV_INTERVAL,
"0"),
707 V(TestingServerConsensusDownloadInitialDelay, CSV_INTERVAL,
"0"),
708 V(TestingClientConsensusDownloadInitialDelay, CSV_INTERVAL,
"0"),
724 V(ClientBootstrapConsensusAuthorityDownloadInitialDelay, CSV_INTERVAL,
"6"),
725 V(ClientBootstrapConsensusFallbackDownloadInitialDelay, CSV_INTERVAL,
"0"),
727 V(ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay, CSV_INTERVAL,
733 V(ClientBootstrapConsensusMaxInProgressTries, POSINT,
"3"),
736 V(TestingBridgeDownloadInitialDelay, CSV_INTERVAL,
"10800"),
741 V(TestingBridgeBootstrapDownloadInitialDelay, CSV_INTERVAL,
"0"),
742 V(TestingClientMaxIntervalWithoutRequest, INTERVAL,
"10 minutes"),
743 V(TestingDirConnectionMaxStall, INTERVAL,
"5 minutes"),
744 OBSOLETE(
"TestingConsensusMaxDownloadTries"),
745 OBSOLETE(
"ClientBootstrapConsensusMaxDownloadTries"),
746 OBSOLETE(
"ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries"),
747 OBSOLETE(
"TestingDescriptorMaxDownloadTries"),
748 OBSOLETE(
"TestingMicrodescMaxDownloadTries"),
749 OBSOLETE(
"TestingCertMaxDownloadTries"),
750 VAR_INVIS(
"___UsingTestNetworkDefaults", BOOL, UsingTestNetworkDefaults_,
759 #include "auth_dirs.inc"
769 #include "fallback_dirs.inc"
776 static const struct {
781 #include "testnet.inc"
792 {
"HTTPProxy",
"It only applies to direct unencrypted HTTP connections "
793 "to your directory server, which your Tor probably wasn't using." },
794 {
"HTTPProxyAuthenticator",
"HTTPProxy is deprecated in favor of HTTPSProxy "
795 "which should be used with HTTPSProxyAuthenticator." },
799 {
"ReachableDirAddresses",
"It has no effect on relays, and has had no "
800 "effect on clients since 0.2.8." },
801 {
"ClientPreferIPv6DirPort",
"It has no effect on relays, and has had no "
802 "effect on clients since 0.2.8." },
806 {
"ClientAutoIPv6ORPort",
"This option is unreliable if a connection isn't "
807 "reliably dual-stack."},
814 static char *get_windows_conf_root(
void);
825 static int opt_streq(
const char *s1,
const char *s2);
843 #define OR_OPTIONS_MAGIC 9090909
854 .deprecations = option_deprecation_notes_,
859 .has_config_suite =
true,
860 .config_suite_offset = offsetof(
or_options_t, subconfigs_),
893 if (PREDICT_UNLIKELY(options_mgr == NULL)) {
902 #define CHECK_OPTIONS_MAGIC(opt) STMT_BEGIN \
903 config_check_toplevel_magic(get_options_mgr(), (opt)); \
941 next = &(*next)->next;
968 "Acting on config options left us in a broken state. Dying.");
980 config_free_lines(changes);
984 or_options_free(old_options);
1000 CHECK_OPTIONS_MAGIC(opts);
1006 rs, routerset_free(rs));
1022 tor_free(options->master_key_fname);
1023 config_free_lines(options->
MyFamily);
1060 config_mgr_free(options_mgr);
1077 if (options->SafeLogging_ == SAFELOG_SCRUB_ALL)
1078 return "[scrubbed]";
1098 if (options->SafeLogging_ != SAFELOG_SCRUB_NONE)
1099 return "[scrubbed]";
1110 if (
get_options()->SafeLogging_ == SAFELOG_SCRUB_ALL)
1111 return "[scrubbed]";
1122 if (
get_options()->SafeLogging_ != SAFELOG_SCRUB_NONE)
1123 return "[scrubbed]";
1188 log_err(
LD_BUG,
"Couldn't parse internal DirAuthority line %s",
1202 log_err(
LD_BUG,
"Couldn't parse internal FallbackDir line %s",
1221 "You cannot set both DirAuthority and Alternate*Authority.");
1235 "You have used DirAuthority or AlternateDirAuthority to "
1236 "specify alternate directory authorities in "
1237 "your configuration. This is potentially dangerous: it can "
1238 "make you look different from all other Tor users, and hurt "
1239 "your anonymity. Even if you've specified the same "
1240 "authorities as Tor uses by default, the defaults could "
1241 "change in the future. Be sure you know what you're doing.");
1255 for (cl = options->
FallbackDir; cl; cl = cl->next)
1269 int need_to_update =
1270 !smartlist_len(router_get_trusted_dir_servers()) ||
1271 !smartlist_len(router_get_fallback_dir_servers()) || !old_options ||
1280 if (!need_to_update)
1310 if (type != NO_DIRINFO)
1323 for (cl = options->
FallbackDir; cl; cl = cl->next)
1337 const char *directory,
1342 cpd_check_t cpd_opts = create ? CPD_CREATE : CPD_CHECK;
1344 cpd_opts |= CPD_GROUP_READ;
1349 "Couldn't %s private data directory \"%s\"",
1350 create ?
"create" :
"access",
1356 if (group_readable) {
1358 if (chmod(directory, 0750)) {
1359 log_warn(
LD_FS,
"Unable to make %s group-readable: %s",
1360 directory, strerror(errno));
1378 cpd_opts |= CPD_GROUP_READ;
1380 log_err(
LD_OR,
"Can't create/check datadirectory %s",
1393 static int have_low_ports = -1;
1422 sd_notifyf(0,
"MAINPID=%ld\n", (
long int)getpid());
1430 control_initialize_event_queue();
1444 *msg_out = tor_strdup(
"DisableAllSwap failure. Do you have proper "
1463 if (options->
User) {
1465 unsigned switch_id_flags = 0;
1475 *msg_out = tor_strdup(
"Problem with User value. See logs for details.");
1495 if (subdir_gr != -1) {
1501 if (0 == strcmp(subdir, datadir)) {
1543 key_dir_group_readable,
1557 cache_dir_group_readable,
1600 if (! running_tor) {
1609 *msg_out = tor_strdup(
"Problem with ConnLimit value. "
1610 "See logs for details.");
1623 if (
parse_ports(options, 0, msg_out, &n_ports, NULL)) {
1625 *msg_out = tor_strdup(
"Unexpected problem parsing port config");
1640 *msg_out = tor_strdup(
"Failed to bind one of the listener ports.");
1646 log_notice(
LD_NET,
"DisableNetwork is set. Tor will not make or accept "
1647 "non-control network connections. Shutting down all existing "
1654 #if defined(HAVE_NET_IF_H) && defined(HAVE_NET_PFVAR_H)
1656 if (options->TransPort_set &&
1658 if (get_pf_socket() < 0) {
1659 *msg_out = tor_strdup(
"Unable to open /dev/pf for transparent proxy.");
1693 int socks_in_reserve = options->
ConnLimit_ / 20;
1694 if (socks_in_reserve > 64) socks_in_reserve = 64;
1699 "Recomputed OOS thresholds: ConnLimit %d, ConnLimit_ %d, "
1700 "ConnLimit_high_thresh %d, ConnLimit_low_thresh %d",
1730 log_notice(LD_NET,
"Closing partially-constructed %s",
1731 connection_describe(conn));
1732 connection_close_immediate(conn);
1733 connection_mark_for_close(conn);
1779 old_options->SafeLogging_ != options->SafeLogging_;
1788 *msg_out = tor_strdup(
"Failed to init Log options. See logs for details.");
1826 const char *badness = NULL;
1827 int bad_safelog = 0, bad_severity = 0, new_badness = 0;
1828 if (options->SafeLogging_ != SAFELOG_SCRUB_ALL) {
1838 if (bad_safelog && bad_severity)
1839 badness =
"you disabled SafeLogging, and "
1840 "you're logging more than \"notice\"";
1841 else if (bad_safelog)
1842 badness =
"you disabled SafeLogging";
1844 badness =
"you're logging more than \"notice\"";
1846 log_warn(
LD_GENERAL,
"Your log may contain sensitive information - %s. "
1847 "Don't log unless it serves an important reason. "
1848 "Overwrite the log afterwards.", badness);
1910 if (listener_transaction == NULL)
1930 if (log_transaction == NULL)
1959 int routerset_usage =
1968 if (routerset_usage && reason_out) {
1969 *reason_out =
"We've been configured to use (or avoid) nodes in certain "
1970 "countries, and we need GEOIP information to figure out which ones they "
1972 }
else if (bridge_usage && reason_out) {
1973 *reason_out =
"We've been configured to see which countries can access "
1974 "us as a bridge, and we need GEOIP information to tell which countries "
1977 return bridge_usage || routerset_usage;
1981 #define YES_IF_CHANGED_BOOL(opt) \
1982 if (!CFG_EQ_BOOL(old_options, new_options, opt)) return 1;
1983 #define YES_IF_CHANGED_INT(opt) \
1984 if (!CFG_EQ_INT(old_options, new_options, opt)) return 1;
1985 #define YES_IF_CHANGED_STRING(opt) \
1986 if (!CFG_EQ_STRING(old_options, new_options, opt)) return 1;
1987 #define YES_IF_CHANGED_LINELIST(opt) \
1988 if (!CFG_EQ_LINELIST(old_options, new_options, opt)) return 1;
1989 #define YES_IF_CHANGED_SMARTLIST(opt) \
1990 if (!CFG_EQ_SMARTLIST(old_options, new_options, opt)) return 1;
1991 #define YES_IF_CHANGED_ROUTERSET(opt) \
1992 if (!CFG_EQ_ROUTERSET(old_options, new_options, opt)) return 1;
2007 YES_IF_CHANGED_BOOL(UseEntryGuards);
2008 YES_IF_CHANGED_BOOL(UseBridges);
2009 YES_IF_CHANGED_BOOL(ClientUseIPv4);
2010 YES_IF_CHANGED_BOOL(ClientUseIPv6);
2011 YES_IF_CHANGED_BOOL(FascistFirewall);
2012 YES_IF_CHANGED_ROUTERSET(ExcludeNodes);
2013 YES_IF_CHANGED_ROUTERSET(EntryNodes);
2014 YES_IF_CHANGED_SMARTLIST(FirewallPorts);
2015 YES_IF_CHANGED_LINELIST(Bridges);
2016 YES_IF_CHANGED_LINELIST(ReachableORAddresses);
2017 YES_IF_CHANGED_LINELIST(ReachableDirAddresses);
2039 const int transition_affects_guards =
2049 static int disabled_debugger_attach = 0;
2052 static int warned_debugger_attach = 0;
2058 if (warned_debugger_attach && ok == 1) {
2059 log_notice(
LD_CONFIG,
"Disabled attaching debuggers for unprivileged "
2063 disabled_debugger_attach = (ok == 1);
2065 !warned_debugger_attach) {
2066 log_notice(
LD_CONFIG,
"Not disabling debugger attaching for "
2067 "unprivileged users.");
2068 warned_debugger_attach = 1;
2091 if (hs_service_non_anonymous_mode_enabled(options)) {
2092 log_warn(
LD_GENERAL,
"This copy of Tor was compiled or configured to run "
2093 "in a non-anonymous mode. It will provide NO ANONYMITY.");
2099 log_warn(
LD_BUG,
"Failed parsing previously validated outbound "
2100 "bind addresses: %s", msg);
2108 for (cl = options->
Bridges; cl; cl = cl->next) {
2113 "Previously validated Bridge line could not be added!");
2125 "Previously validated hidden services line could not be added!");
2132 log_warn(
LD_BUG,
"Previously validated client authorization for "
2133 "hidden services could not be added!");
2138 if (running_tor && !old_options &&
2140 const unsigned ctrl_flags =
2141 CC_LOCAL_FD_IS_OWNER |
2142 CC_LOCAL_FD_IS_AUTHENTICATED;
2145 log_warn(
LD_CONFIG,
"Could not add local controller connection with "
2168 "Previously validated ClientTransportPlugin line "
2169 "could not be added!");
2207 log_err(
LD_CONFIG,
"Unable to write PIDFile %s",
2221 log_warn(
LD_BUG,
"Error parsing already-validated policy options.");
2226 log_warn(
LD_CONFIG,
"Error creating control cookie authentication file.");
2234 log_warn(
LD_GENERAL,
"Error loading rendezvous service keys");
2252 char *http_authenticator;
2254 if (!http_authenticator) {
2256 log_warn(
LD_BUG,
"Unable to allocate HTTP authenticator. Not setting "
2262 http_authenticator, strlen(http_authenticator),
2283 int revise_trackexithosts = 0;
2284 int revise_automap_entries = 0;
2285 int abandon_circuits = 0;
2302 "Changed to using entry guards or bridges, or changed "
2303 "preferred or excluded node lists. "
2304 "Abandoning previous circuits.");
2305 abandon_circuits = 1;
2308 if (transition_affects_guards) {
2310 abandon_circuits = 1;
2314 if (abandon_circuits) {
2317 revise_trackexithosts = 1;
2322 revise_trackexithosts = 1;
2324 if (revise_trackexithosts)
2329 revise_automap_entries = 1;
2333 revise_automap_entries = 1;
2338 revise_automap_entries = 1;
2341 if (revise_automap_entries)
2379 bool print_notice = 0;
2430 static const struct {
2442 { .name=
"--allow-missing-torrc" },
2443 { .name=
"--defaults-torrc",
2445 { .name=
"--hash-password",
2449 { .name=
"--dump-config",
2453 { .name=
"--list-fingerprint",
2458 { .name=
"--key-expiration",
2463 { .name=
"--newpass" },
2464 { .name=
"--no-passphrase" },
2465 { .name=
"--passphrase-fd",
2467 { .name=
"--verify-config",
2469 { .name=
"--ignore-missing-torrc" },
2474 { .name=
"--version",
2477 { .name=
"--list-modules",
2480 { .name=
"--library-versions",
2489 { .name=
"--list-torrc-options",
2492 { .name=
"--list-deprecated-options",
2494 { .name=
"--nt-service" },
2495 { .name=
"-nt-service" },
2496 { .name=
"--dbg-dump-subsystem-list",
2527 bool is_a_command =
false;
2534 is_a_command =
true;
2555 }
else if (*s ==
'/') {
2562 const int is_last = (i == argc-1);
2565 if (ignore_errors) {
2566 arg = tor_strdup(
"");
2568 log_warn(
LD_CONFIG,
"Command-line option '%s' with no value. Failing.",
2570 parsed_cmdline_free(result);
2575 (is_last || argv[i+1][0] ==
'-')) {
2576 arg = tor_strdup(
"");
2584 param->key = is_cmdline ? tor_strdup(argv[i]) :
2589 log_debug(
LD_CONFIG,
"command line: parsed keyword '%s', value '%s'",
2590 param->key, param->value);
2597 *new_cmdline = param;
2598 new_cmdline = &((*new_cmdline)->next);
2601 new = &((*new)->next);
2604 i += want_arg ? 2 : 1;
2660 list, flags, msg)) < 0) {
2661 or_options_free(trial_options);
2674 "Copyright (c) 2001-2004, Roger Dingledine\n"
2675 "Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n"
2676 "Copyright (c) 2007-2020, The Tor Project, Inc.\n\n"
2677 "tor -f <torrc> [args]\n"
2678 "See man page for options, or https://www.torproject.org/ for "
2679 "documentation.\n");
2695 printf(
"%s\n", var->member.name);
2696 } SMARTLIST_FOREACH_END(var);
2697 smartlist_free(vars);
2708 printf(
"%s\n",
name));
2709 smartlist_free(deps);
2716 printf(
"%s: %s\n",
"relay", have_module_relay() ?
"yes" :
"no");
2717 printf(
"%s: %s\n",
"dirauth", have_module_dirauth() ?
"yes" :
"no");
2728 printf(
"Library versions\tCompiled\t\tRuntime\n");
2729 printf(
"Libevent\t\t%-15s\t\t%s\n",
2732 #ifdef ENABLE_OPENSSL
2733 printf(
"OpenSSL \t\t%-15s\t\t%s\n",
2734 crypto_openssl_get_header_version_str(),
2735 crypto_openssl_get_version_str());
2738 printf(
"NSS \t\t%-15s\t\t%s\n",
2739 crypto_nss_get_header_version_str(),
2740 crypto_nss_get_version_str());
2743 printf(
"Zlib \t\t%-15s\t\t%s\n",
2748 printf(
"Liblzma \t\t%-15s\t\t%s\n",
2753 printf(
"Libzstd \t\t%-15s\t\t%s\n",
2758 printf(
"%-7s \t\t%-15s\t\t%s\n",
2774 log_err(
LD_CONFIG,
"--no-passphrase specified without --keygen!");
2785 const char *formats[] = {
"iso8601",
"timestamp" };
2788 if (!strcmp(value, formats[i])) {
2802 log_err(
LD_CONFIG,
"--format specified without --key-expiration!");
2815 log_err(
LD_CONFIG,
"--newpass specified without --keygen!");
2824 if (
get_options()->keygen_force_passphrase == FORCE_PASSPHRASE_OFF) {
2825 log_err(
LD_CONFIG,
"--no-passphrase specified with --passphrase-fd!");
2828 log_err(
LD_CONFIG,
"--passphrase-fd specified without --keygen!");
2833 if (fd < 0 || ok == 0) {
2849 log_err(
LD_CONFIG,
"--master-key without --keygen!");
2860 using_default_dir_authorities(
const or_options_t *options)
2884 log_err(
LD_BUG,
"Unable to set default options: %s", msg);
2886 tor_assert_unreached();
2888 config_free_lines(dflts);
2901 switch (how_to_dump) {
2902 case OPTIONS_DUMP_MINIMAL:
2906 case OPTIONS_DUMP_ALL:
2907 use_defaults = NULL;
2911 log_warn(
LD_BUG,
"Bogus value for how_to_dump==%d", how_to_dump);
2933 if (i < 1 || i > 65535) {
2948 if (*value > ROUTER_MAX_DECLARED_BANDWIDTH) {
2953 if (*value > ROUTER_MAX_DECLARED_BANDWIDTH) {
2956 ROUTER_MAX_DECLARED_BANDWIDTH);
2964 #define MIN_REND_POST_PERIOD (10*60)
2965 #define MIN_REND_POST_PERIOD_TESTING (5)
2970 #define MAX_CIRCS_AVAILABLE_TIME (24*60*60)
2973 #define MAX_DIR_PERIOD ((7*24*60*60)/2)
2977 #define MIN_MAX_CIRCUIT_DIRTINESS 10
2981 #define MAX_MAX_CIRCUIT_DIRTINESS (30*24*60*60)
2985 #define MIN_CIRCUIT_STREAM_TIMEOUT 10
2992 #define RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT (10)
3013 if (vs == VSTAT_TRANSITION_ERR) {
3014 rv = SETOPT_ERR_TRANSITION;
3016 }
else if (vs < 0) {
3017 rv = SETOPT_ERR_PARSE;
3023 rv = SETOPT_ERR_SETTING;
3031 tor_assert(new_options == NULL || rv != SETOPT_OK);
3032 or_options_free(new_options);
3036 #ifdef TOR_UNIT_TESTS
3052 return vs < 0 ? -1 : 0;
3056 #define REJECT(arg) \
3057 STMT_BEGIN *msg = tor_strdup(arg); return -1; STMT_END
3058 #if defined(__GNUC__) && __GNUC__ <= 3
3059 #define COMPLAIN(args...) \
3060 STMT_BEGIN log_warn(LD_CONFIG, args); STMT_END
3062 #define COMPLAIN(args, ...) \
3063 STMT_BEGIN log_warn(LD_CONFIG, args, ##__VA_ARGS__); STMT_END
3076 const char *filepath)
3080 COMPLAIN(
"Path for %s (%s) is relative and will resolve to %s."
3081 " Is this what you wanted?", option, filepath, abs_path);
3105 const char *
name = cv->member.name;
3109 config_free_lines(line);
3110 } SMARTLIST_FOREACH_END(cv);
3111 smartlist_free(vars);
3114 hs_line = hs_line->next) {
3115 if (!strcasecmp(hs_line->key,
"HiddenServiceDir"))
3128 options_validate_scheduler(
or_options_t *options,
char **msg)
3134 REJECT(
"Empty Schedulers list. Either remove the option so the defaults "
3135 "can be used or set at least one value.");
3145 if (!strcasecmp(
"KISTLite", type)) {
3146 sched_type = tor_malloc_zero(
sizeof(
int));
3147 *sched_type = SCHEDULER_KIST_LITE;
3149 }
else if (!strcasecmp(
"KIST", type)) {
3150 sched_type = tor_malloc_zero(
sizeof(
int));
3151 *sched_type = SCHEDULER_KIST;
3153 }
else if (!strcasecmp(
"Vanilla", type)) {
3154 sched_type = tor_malloc_zero(
sizeof(
int));
3155 *sched_type = SCHEDULER_VANILLA;
3158 tor_asprintf(msg,
"Unknown type %s in option Schedulers. "
3159 "Possible values are KIST, KISTLite and Vanilla.",
3163 } SMARTLIST_FOREACH_END(type);
3166 REJECT(
"KISTSockBufSizeFactor must be at least 0");
3172 tor_asprintf(msg,
"KISTSchedRunInterval must not be more than %d (ms)",
3173 KIST_SCHED_RUN_INTERVAL_MAX);
3185 options_validate_single_onion(
or_options_t *options,
char **msg)
3189 !options->HiddenServiceNonAnonymousMode) {
3190 REJECT(
"HiddenServiceSingleHopMode does not provide any server anonymity. "
3191 "It must be used with HiddenServiceNonAnonymousMode set to 1.");
3193 if (options->HiddenServiceNonAnonymousMode &&
3195 REJECT(
"HiddenServiceNonAnonymousMode does not provide any server "
3196 "anonymity. It must be used with HiddenServiceSingleHopMode set to "
3205 const int client_port_set = (options->SocksPort_set ||
3206 options->TransPort_set ||
3207 options->NATDPort_set ||
3208 options->DNSPort_set ||
3209 options->HTTPTunnelPort_set);
3210 if (hs_service_non_anonymous_mode_enabled(options) && client_port_set) {
3211 REJECT(
"HiddenServiceNonAnonymousMode is incompatible with using Tor as "
3212 "an anonymous client. Please set Socks/Trans/NATD/DNSPort to 0, or "
3213 "revert HiddenServiceNonAnonymousMode to 0.");
3216 if (hs_service_allow_non_anonymous_connection(options)
3226 "HiddenServiceSingleHopMode is enabled; disabling "
3242 CHECK_OPTIONS_MAGIC(old_options_);
3243 CHECK_OPTIONS_MAGIC(options_);
3249 int world_writable_control_socket=0;
3255 &world_writable_control_socket) < 0)
3258 #ifndef HAVE_SYS_UN_H
3260 *msg = tor_strdup(
"Unix domain sockets (ControlSocket) not supported "
3261 "on this OS/with this build.");
3266 *msg = tor_strdup(
"Setting ControlSocketsGroupWritable without setting "
3267 "a ControlSocket makes no sense.");
3286 REJECT(
"Invalid DataDirectory");
3291 REJECT(
"You have specified at least one relative path (see above) "
3292 "with the RunAsDaemon option. RunAsDaemon is not compatible "
3293 "with relative paths.");
3304 REJECT(
"Failed to validate Log options. See logs for details.");
3310 "SocksPort, TransPort, NATDPort, DNSPort, and ORPort are all "
3311 "undefined, and there aren't any hidden services configured. "
3312 "Tor will still run, but probably won't do anything.");
3315 #ifdef USE_TRANSPARENT
3320 #if !defined(OpenBSD) && !defined(DARWIN)
3322 REJECT(
"pf-divert is a OpenBSD-specific "
3323 "and OS X/Darwin-specific feature.");
3328 #if !defined(__linux__)
3329 REJECT(
"TPROXY is a Linux-specific feature.");
3334 #ifndef KERNEL_MAY_SUPPORT_IPFW
3336 REJECT(
"ipfw is a FreeBSD-specific "
3337 "and OS X/Darwin-specific feature.");
3342 REJECT(
"Unrecognized value for TransProxyType");
3346 !options->TransPort_set) {
3347 REJECT(
"Cannot use TransProxyType without any valid TransPort.");
3351 if (options->TransPort_set)
3352 REJECT(
"TransPort is disabled in this build.");
3357 REJECT(
"TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
3361 REJECT(
"Cannot set AssumeReachable 1 and AssumeReachableIPv6 0.");
3383 COMPLAIN(
"You have asked to exclude certain relays from all positions "
3384 "in your circuits. Expect hidden services and other Tor "
3385 "features to be broken in unpredictable ways.");
3392 REJECT(
"FetchDirInfoExtraEarly requires that you also set "
3393 "FetchDirInfoEarly");
3397 "ConnLimit must be greater than 0, but was set to %d",
3404 log_warn(
LD_CONFIG,
"PathsNeededToBuildCircuits is too low. Increasing "
3408 log_warn(
LD_CONFIG,
"PathsNeededToBuildCircuits is too high. Decreasing "
3417 "MaxClientCircuitsPending must be between 1 and %d, but "
3418 "was set to %d", MAX_MAX_CLIENT_CIRCUITS_PENDING,
3430 "RejectPlaintextPorts", msg) < 0)
3434 "WarnPlaintextPorts", msg) < 0)
3444 new_line->key = tor_strdup(
"ReachableAddresses");
3449 int p = atoi(portno);
3451 smartlist_add_asprintf(instead,
"*:%d", p);
3456 "Converting FascistFirewall and FirewallPorts "
3457 "config options to new format: \"ReachableAddresses %s\"",
3461 smartlist_free(instead);
3467 new_line->key = tor_strdup(
"ReachableDirAddresses");
3468 new_line->value = tor_strdup(
"*:80");
3470 log_notice(
LD_CONFIG,
"Converting FascistFirewall config option "
3471 "to new format: \"ReachableDirAddresses *:80\"");
3475 new_line->key = tor_strdup(
"ReachableORAddresses");
3476 new_line->value = tor_strdup(
"*:443");
3478 log_notice(
LD_CONFIG,
"Converting FascistFirewall config option "
3479 "to new format: \"ReachableORAddresses *:443\"");
3489 REJECT(
"Servers must be able to freely connect to the rest "
3490 "of the Internet, so they must not set Reachable*Addresses "
3491 "or FascistFirewall or FirewallPorts or ClientUseIPv4 0.");
3495 REJECT(
"Servers must be able to freely connect to the rest "
3496 "of the Internet, so they must not set UseBridges.");
3502 REJECT(
"You cannot set both UseBridges and EntryNodes.");
3507 REJECT(
"Setting UseBridges requires also setting UseEntryGuards.");
3510 compute_real_max_mem_in_queues(options->MaxMemInQueues_raw,
3516 options->SafeLogging_ = SAFELOG_SCRUB_NONE;
3517 }
else if (!strcasecmp(options->
SafeLogging,
"relay")) {
3518 options->SafeLogging_ = SAFELOG_SCRUB_RELAY;
3519 }
else if (!strcasecmp(options->
SafeLogging,
"1")) {
3520 options->SafeLogging_ = SAFELOG_SCRUB_ALL;
3523 "Unrecognized value '%s' in SafeLogging",
3534 const int min_rendpostperiod =
3538 log_warn(
LD_CONFIG,
"RendPostPeriod option is too short; "
3539 "raising to %d seconds.", min_rendpostperiod);
3544 log_warn(
LD_CONFIG,
"RendPostPeriod is too large; clipping to %ds.",
3550 if (options_validate_single_onion(options, msg) < 0)
3557 REJECT(
"CircuitsAvailableTimeout is too large. Max is 24 hours.");
3561 REJECT(
"If EntryNodes is set, UseEntryGuards must be enabled.");
3566 !hs_service_allow_non_anonymous_connection(options)) {
3568 "UseEntryGuards is disabled, but you have configured one or more "
3569 "hidden services on this Tor instance. Your hidden services "
3570 "will be very easy to locate using a well-known attack -- see "
3571 "https://freehaven.net/anonbib/#hs-attack06 for details.");
3576 REJECT(
"NumEntryGuards must not be greater than NumPrimaryGuards.");
3584 "You have one single EntryNodes and at least one hidden service "
3585 "configured. This is bad because it's very easy to locate your "
3586 "entry guard which can then lead to the deanonymization of your "
3587 "hidden service -- for more details, see "
3588 "https://bugs.torproject.org/tpo/core/tor/14917. "
3589 "For this reason, the use of one EntryNodes with an hidden "
3590 "service is prohibited until a better solution is found.");
3600 "EntryNodes is set with multiple entries and at least one "
3601 "hidden service is configured. Pinning entry nodes can possibly "
3602 "be harmful to the service anonymity. Because of this, we "
3603 "recommend you either don't do that or make sure you know what "
3604 "you are doing. For more details, please look at "
3605 "https://bugs.torproject.org/tpo/core/tor/21155.");
3609 if (hs_service_non_anonymous_mode_enabled(options)) {
3611 "HiddenServiceNonAnonymousMode is set. Every hidden service on "
3612 "this tor instance is NON-ANONYMOUS. If "
3613 "the HiddenServiceNonAnonymousMode option is changed, Tor will "
3614 "refuse to launch hidden services from the same directories, to "
3615 "protect your anonymity against config errors. This setting is "
3616 "for experimental use only.");
3622 "CircuitBuildTimeout is shorter (%d seconds) than the recommended "
3623 "minimum (%d seconds), and LearnCircuitBuildTimeout is disabled. "
3624 "If tor isn't working, raise this value or enable "
3625 "LearnCircuitBuildTimeout.",
3636 log_fn(severity,
LD_CONFIG,
"You disabled LearnCircuitBuildTimeout, but "
3637 "didn't specify a CircuitBuildTimeout. I'll pick a plausible "
3642 REJECT(
"DormantClientTimeout is too low. It must be at least 10 minutes.");
3645 if (options->PathBiasNoticeRate > 1.0) {
3647 "PathBiasNoticeRate is too high. "
3648 "It must be between 0 and 1.0");
3651 if (options->PathBiasWarnRate > 1.0) {
3653 "PathBiasWarnRate is too high. "
3654 "It must be between 0 and 1.0");
3657 if (options->PathBiasExtremeRate > 1.0) {
3659 "PathBiasExtremeRate is too high. "
3660 "It must be between 0 and 1.0");
3663 if (options->PathBiasNoticeUseRate > 1.0) {
3665 "PathBiasNoticeUseRate is too high. "
3666 "It must be between 0 and 1.0");
3669 if (options->PathBiasExtremeUseRate > 1.0) {
3671 "PathBiasExtremeUseRate is too high. "
3672 "It must be between 0 and 1.0");
3677 log_warn(
LD_CONFIG,
"MaxCircuitDirtiness option is too short; "
3683 log_warn(
LD_CONFIG,
"MaxCircuitDirtiness option is too high; "
3690 log_warn(
LD_CONFIG,
"CircuitStreamTimeout option is too short; "
3698 log_warn(
LD_CONFIG,
"HeartbeatPeriod option is too short; "
3704 REJECT(
"KeepalivePeriod option must be positive.");
3707 "BandwidthRate", msg) < 0)
3710 "BandwidthBurst", msg) < 0)
3717 REJECT(
"BandwidthBurst must be at least equal to BandwidthRate.");
3728 REJECT(
"HTTPProxy failed to parse or resolve. Please fix.");
3736 REJECT(
"HTTPProxyAuthenticator is too long (>= 512 chars).");
3742 REJECT(
"HTTPSProxy failed to parse or resolve. Please fix.");
3750 REJECT(
"HTTPSProxyAuthenticator is too long (>= 512 chars).");
3757 REJECT(
"Socks4Proxy failed to parse or resolve. Please fix.");
3767 REJECT(
"Socks5Proxy failed to parse or resolve. Please fix.");
3783 REJECT(
"You have configured more than one proxy type. "
3784 "(Socks4Proxy|Socks5Proxy|HTTPSProxy|TCPProxy)");
3791 log_warn(
LD_CONFIG,
"HTTPProxy configured, but no SOCKS proxy, "
3792 "HTTPS proxy, or any other TCP proxy configured. Watch out: "
3793 "this configuration will proxy unencrypted directory "
3794 "connections only.");
3802 REJECT(
"Socks5ProxyUsername must be between 1 and 255 characters.");
3805 REJECT(
"Socks5ProxyPassword must be included with Socks5ProxyUsername.");
3809 REJECT(
"Socks5ProxyPassword must be between 1 and 255 characters.");
3811 REJECT(
"Socks5ProxyPassword must be included with Socks5ProxyUsername.");
3816 REJECT(
"Bad HashedControlPassword: wrong length or bad encoding");
3827 REJECT(
"Bad HashedControlSessionPassword: wrong length or bad encoding");
3835 const char *validate_pspec_msg = NULL;
3837 &validate_pspec_msg)) {
3839 validate_pspec_msg);
3844 if ((options->ControlPort_set || world_writable_control_socket) &&
3848 log_warn(
LD_CONFIG,
"Control%s is %s, but no authentication method "
3849 "has been configured. This means that any program on your "
3850 "computer can reconfigure your Tor. That's bad! You should "
3851 "upgrade your Tor controller as soon as possible.",
3852 options->ControlPort_set ?
"Port" :
"Socket",
3853 options->ControlPort_set ?
"open" :
"world writable");
3857 log_warn(
LD_CONFIG,
"CookieAuthFileGroupReadable is set, but will have "
3858 "no effect: you must specify an explicit CookieAuthFile to "
3859 "have it group-readable.");
3876 log_info(
LD_CONFIG,
"You have set UseDefaultFallbackDirs 1 and "
3877 "FallbackDir(s). Ignoring UseDefaultFallbackDirs, and "
3878 "using the FallbackDir(s) you have set.");
3882 REJECT(
"Directory authority/fallback line did not parse. See logs "
3886 REJECT(
"If you set UseBridges, you must specify at least one bridge.");
3888 for (cl = options->
Bridges; cl; cl = cl->next) {
3891 REJECT(
"Bridge line did not parse. See logs for details.");
3892 bridge_line_free(bridge_line);
3897 REJECT(
"Invalid client transport line. See logs for details.");
3910 "ConstrainedSockSize is invalid. Must be a value between %d and %d "
3911 "in 1024 byte increments.",
3912 MIN_CONSTRAINED_TCP_BUFFER, MAX_CONSTRAINED_TCP_BUFFER);
3921 REJECT(
"Failed to configure rendezvous options. See logs for details.");
3925 REJECT(
"Failed to configure client authorization for hidden services. "
3926 "See logs for details.");
3932 AF_INET6, 1, msg)<0)
3939 REJECT(
"TestingTorNetwork may only be configured in combination with "
3940 "a non-default set of DirAuthority or both of "
3941 "AlternateDirAuthority and AlternateBridgeAuthority configured.");
3944 #define CHECK_DEFAULT(arg) \
3946 if (!config_is_same(get_options_mgr(),options, \
3947 dflt_options,#arg)) { \
3948 or_options_free(dflt_options); \
3949 REJECT(#arg " may only be changed in testing Tor " \
3960 CHECK_DEFAULT(TestingV3AuthInitialVotingInterval);
3961 CHECK_DEFAULT(TestingV3AuthInitialVoteDelay);
3962 CHECK_DEFAULT(TestingV3AuthInitialDistDelay);
3963 CHECK_DEFAULT(TestingV3AuthVotingStartOffset);
3964 CHECK_DEFAULT(TestingAuthDirTimeToLearnReachability);
3965 CHECK_DEFAULT(TestingServerDownloadInitialDelay);
3966 CHECK_DEFAULT(TestingClientDownloadInitialDelay);
3967 CHECK_DEFAULT(TestingServerConsensusDownloadInitialDelay);
3968 CHECK_DEFAULT(TestingClientConsensusDownloadInitialDelay);
3969 CHECK_DEFAULT(TestingBridgeDownloadInitialDelay);
3970 CHECK_DEFAULT(TestingBridgeBootstrapDownloadInitialDelay);
3971 CHECK_DEFAULT(TestingClientMaxIntervalWithoutRequest);
3972 CHECK_DEFAULT(TestingDirConnectionMaxStall);
3973 CHECK_DEFAULT(TestingAuthKeyLifetime);
3974 CHECK_DEFAULT(TestingLinkCertLifetime);
3975 CHECK_DEFAULT(TestingSigningKeySlop);
3976 CHECK_DEFAULT(TestingAuthKeySlop);
3977 CHECK_DEFAULT(TestingLinkKeySlop);
3978 or_options_free(dflt_options);
3980 #undef CHECK_DEFAULT
3985 REJECT(
"ClientDNSRejectInternalAddresses used for default network.");
3993 REJECT(
"TestingClientMaxIntervalWithoutRequest is way too low.");
3995 COMPLAIN(
"TestingClientMaxIntervalWithoutRequest is insanely high.");
3999 REJECT(
"TestingDirConnectionMaxStall is way too low.");
4001 COMPLAIN(
"TestingDirConnectionMaxStall is insanely high.");
4005 REJECT(
"ClientBootstrapConsensusMaxInProgressTries must be greater "
4009 COMPLAIN(
"ClientBootstrapConsensusMaxInProgressTries is insanely "
4015 REJECT(
"TestingEnableConnBwEvent may only be changed in testing "
4021 REJECT(
"TestingEnableCellStatsEvent may only be changed in testing "
4026 log_warn(
LD_CONFIG,
"TestingTorNetwork is set. This will make your node "
4027 "almost unusable in the public Tor network, and is "
4028 "therefore only advised if you are building a "
4029 "testing Tor network!");
4032 if (options_validate_scheduler(options, msg) < 0) {
4046 compute_real_max_mem_in_queues(
const uint64_t val,
bool is_server)
4048 #define MIN_SERVER_MB 64
4049 #define MIN_UNWARNED_SERVER_MB 256
4050 #define MIN_UNWARNED_CLIENT_MB 64
4054 #define ONE_GIGABYTE (UINT64_C(1) << 30)
4055 #define ONE_MEGABYTE (UINT64_C(1) << 20)
4058 static int notice_sent = 0;
4062 #if SIZEOF_VOID_P >= 8
4064 result = 8 * ONE_GIGABYTE;
4067 result = ONE_GIGABYTE;
4073 #if SIZEOF_SIZE_T > 4
4075 #define RAM_IS_VERY_LARGE(x) ((x) >= (8 * ONE_GIGABYTE))
4078 #define RAM_IS_VERY_LARGE(x) (0)
4081 if (RAM_IS_VERY_LARGE(ram)) {
4088 avail = (ram / 5) * 2;
4093 avail = (ram / 4) * 3;
4102 }
else if (avail < ONE_GIGABYTE / 4) {
4103 result = ONE_GIGABYTE / 4;
4108 if (is_server && ! notice_sent) {
4109 log_notice(
LD_CONFIG,
"%sMaxMemInQueues is set to %"PRIu64
" MB. "
4110 "You can override this by setting MaxMemInQueues by hand.",
4111 ram ?
"Based on detected system memory, " :
"",
4112 (result / ONE_MEGABYTE));
4116 }
else if (is_server && val < ONE_MEGABYTE * MIN_SERVER_MB) {
4118 log_warn(
LD_CONFIG,
"MaxMemInQueues must be at least %d MB on servers "
4119 "for now. Ideally, have it as large as you can afford.",
4121 return MIN_SERVER_MB * ONE_MEGABYTE;
4122 }
else if (is_server && val < ONE_MEGABYTE * MIN_UNWARNED_SERVER_MB) {
4125 log_warn(
LD_CONFIG,
"MaxMemInQueues is set to a low value; if your "
4126 "relay doesn't work, this may be the reason why.");
4128 }
else if (! is_server && val < ONE_MEGABYTE * MIN_UNWARNED_CLIENT_MB) {
4131 log_warn(
LD_CONFIG,
"MaxMemInQueues is set to a low value; if your "
4132 "client doesn't work, this may be the reason why.");
4151 const void *new_val_,
4154 CHECK_OPTIONS_MAGIC(old_);
4155 CHECK_OPTIONS_MAGIC(new_val_);
4163 #define BAD_CHANGE_TO(opt, how) do { \
4164 *msg = tor_strdup("While Tor is running"how", changing " #opt \
4165 " is not allowed"); \
4170 #define SB_NOCHANGE_STR(opt) \
4171 if (! CFG_EQ_STRING(old, new_val, opt)) \
4172 BAD_CHANGE_TO(opt," with Sandbox active")
4173 #define SB_NOCHANGE_LINELIST(opt) \
4174 if (! CFG_EQ_LINELIST(old, new_val, opt)) \
4175 BAD_CHANGE_TO(opt," with Sandbox active")
4176 #define SB_NOCHANGE_INT(opt) \
4177 if (! CFG_EQ_INT(old, new_val, opt)) \
4178 BAD_CHANGE_TO(opt," with Sandbox active")
4180 SB_NOCHANGE_LINELIST(Address);
4181 SB_NOCHANGE_STR(ServerDNSResolvConfFile);
4182 SB_NOCHANGE_STR(DirPortFrontPage);
4183 SB_NOCHANGE_STR(CookieAuthFile);
4184 SB_NOCHANGE_STR(ExtORPortCookieAuthFile);
4185 SB_NOCHANGE_LINELIST(Logs);
4186 SB_NOCHANGE_INT(ConnLimit);
4189 *msg = tor_strdup(
"Can't start/stop being a server while "
4190 "Sandbox is active");
4195 #undef SB_NOCHANGE_LINELIST
4196 #undef SB_NOCHANGE_STR
4197 #undef SB_NOCHANGE_INT
4198 #undef BAD_CHANGE_TO
4199 #undef NO_CHANGE_BOOL
4200 #undef NO_CHANGE_INT
4201 #undef NO_CHANGE_STRING
4209 get_windows_conf_root(
void)
4211 static int is_set = 0;
4212 static char path[MAX_PATH*2+1];
4213 TCHAR tpath[MAX_PATH] = {0};
4225 #ifdef ENABLE_LOCAL_APPDATA
4226 #define APPDATA_PATH CSIDL_LOCAL_APPDATA
4228 #define APPDATA_PATH CSIDL_APPDATA
4230 if (!SUCCEEDED(SHGetSpecialFolderLocation(NULL, APPDATA_PATH, &idl))) {
4231 getcwd(path,MAX_PATH);
4234 "I couldn't find your application data folder: are you "
4235 "running an ancient version of Windows 95? Defaulting to \"%s\"",
4240 result = SHGetPathFromIDList(idl, tpath);
4242 wcstombs(path,tpath,
sizeof(path));
4243 path[
sizeof(path)-1] =
'\0';
4245 strlcpy(path,tpath,
sizeof(path));
4252 m->lpVtbl->Free(m, idl);
4253 m->lpVtbl->Release(m);
4255 if (!SUCCEEDED(result)) {
4258 strlcat(path,
"\\tor",MAX_PATH);
4269 #ifdef DISABLE_SYSTEM_TORRC
4270 (void) defaults_file;
4272 #elif defined(_WIN32)
4273 if (defaults_file) {
4274 static char defaults_path[MAX_PATH+1];
4275 tor_snprintf(defaults_path, MAX_PATH,
"%s\\torrc-defaults",
4276 get_windows_conf_root());
4277 return defaults_path;
4279 static char path[MAX_PATH+1];
4281 get_windows_conf_root());
4285 return defaults_file ? CONFDIR
"/torrc-defaults" : CONFDIR
"/torrc";
4303 int *using_default_fname,
int *ignore_missing_torrc)
4307 const char *fname_opt = defaults_file ?
"--defaults-torrc" :
"-f";
4308 const char *ignore_opt = defaults_file ? NULL :
"--ignore-missing-torrc";
4309 const char *keygen_opt =
"--keygen";
4312 *ignore_missing_torrc = 1;
4314 for (p_index = cmd_arg; p_index; p_index = p_index->next) {
4315 if (!strcmp(p_index->key, fname_opt)) {
4317 log_warn(
LD_CONFIG,
"Duplicate %s options on command line.",
4330 *using_default_fname = 0;
4331 }
else if ((ignore_opt && !strcmp(p_index->key, ignore_opt)) ||
4332 (keygen_opt && !strcmp(p_index->key, keygen_opt))) {
4333 *ignore_missing_torrc = 1;
4337 if (*using_default_fname) {
4341 if (dflt && (st == FN_FILE || st == FN_EMPTY)) {
4342 fname = tor_strdup(dflt);
4346 if (!defaults_file) {
4351 if (hmst == FN_FILE || hmst == FN_EMPTY || dflt == NULL) {
4355 fname = tor_strdup(dflt);
4358 fname = dflt ? tor_strdup(dflt) : NULL;
4361 fname = dflt ? tor_strdup(dflt) : NULL;
4391 int using_default_torrc = 1;
4392 int ignore_missing_torrc = 0;
4395 if (*fname_var == NULL) {
4397 &using_default_torrc, &ignore_missing_torrc);
4403 log_debug(
LD_CONFIG,
"Opening config file \"%s\"", fname?fname:
"<NULL>");
4407 if (fname == NULL ||
4408 !(st == FN_FILE || st == FN_EMPTY) ||
4409 !(cf = read_file_to_str(fname,0,NULL))) {
4410 if (using_default_torrc == 1 || ignore_missing_torrc) {
4412 log_notice(
LD_CONFIG,
"Configuration file \"%s\" not present, "
4413 "using reasonable defaults.", fname);
4416 cf = tor_strdup(
"");
4419 "Unable to open configuration file \"%s\".", fname);
4423 log_notice(
LD_CONFIG,
"Read configuration file \"%s\".", fname);
4441 char *cf=NULL, *cf_defaults=NULL;
4479 printf(
"Tor is running on %s with Libevent %s, "
4480 "%s %s, Zlib %s, Liblzma %s, Libzstd %s and %s %s as libc.\n",
4494 printf(
"Tor compiled with %s version %s\n",
4495 strcmp(COMPILER_VENDOR,
"gnu") == 0?
4496 COMPILER:COMPILER_VENDOR, COMPILER_VERSION);
4517 cf_defaults = tor_strdup(
"");
4518 cf = tor_strdup(
"");
4522 const int read_torrc_from_stdin =
4523 (f_line != NULL && strcmp(f_line->value,
"-") == 0);
4525 if (read_torrc_from_stdin) {
4533 cf = tor_strdup(
"");
4561 KEY_EXPIRATION_FORMAT_ISO8601;
4596 return retval < 0 ? -1 : 0;
4610 int command,
const char *command_arg,
4614 or_options_t *oldoptions, *newoptions, *newdefaultoptions=NULL;
4618 int cf_has_include = 0;
4627 newoptions->
command_arg = command_arg ? tor_strdup(command_arg) : NULL;
4630 for (
int i = 0; i < 2; ++i) {
4631 const char *body = i==0 ? cf_defaults : cf;
4637 body == cf ? &cf_has_include : NULL,
4640 err = SETOPT_ERR_PARSE;
4645 config_free_lines(cl);
4647 err = SETOPT_ERR_PARSE;
4654 if (newdefaultoptions == NULL) {
4669 err = SETOPT_ERR_PARSE;
4675 opened_files = NULL;
4701 smartlist_free(opened_files);
4703 or_options_free(newdefaultoptions);
4704 or_options_free(newoptions);
4706 char *old_msg = *msg;
4707 tor_asprintf(msg,
"Failed to parse/validate config: %s", old_msg);
4737 const char *from, *to, *msg;
4741 for (opt = options->
AddressMap; opt; opt = opt->next) {
4743 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
4744 if (smartlist_len(elts) < 2) {
4745 log_warn(
LD_CONFIG,
"MapAddress '%s' has too few arguments. Ignoring.",
4750 from = smartlist_get(elts,0);
4751 to = smartlist_get(elts,1);
4753 if (to[0] ==
'.' || from[0] ==
'.') {
4754 log_warn(
LD_CONFIG,
"MapAddress '%s' is ambiguous - address starts with a"
4755 "'.'. Ignoring.",opt->value);
4760 log_warn(
LD_CONFIG,
"MapAddress '%s' failed: %s. Ignoring.", opt->value,
4765 if (smartlist_len(elts) > 2)
4766 log_warn(
LD_CONFIG,
"Ignoring extra arguments to MapAddress.");
4772 smartlist_free(elts);
4784 int from_wildcard = 0, to_wildcard = 0;
4786 *msg =
"whoops, forgot the error message";
4788 if (!strcmp(to,
"*") || !strcmp(from,
"*")) {
4789 *msg =
"can't remap from or to *";
4793 if (!strncmp(from,
"*.",2)) {
4797 if (!strncmp(to,
"*.",2)) {
4802 if (to_wildcard && !from_wildcard) {
4803 *msg =
"can only use wildcard (i.e. '*.') if 'from' address "
4804 "uses wildcard also";
4809 *msg =
"destination is invalid";
4814 from_wildcard, to_wildcard, 0);
4824 const char *filename,
int truncate_log)
4826 int open_flags = O_WRONLY|O_CREAT;
4827 open_flags |= truncate_log ? O_TRUNC : O_APPEND;
4846 log_warn(
LD_CONFIG,
"Log time granularity '%d' has to be positive.",
4852 if (granularity < 40) {
4854 while (1000 % granularity != 0);
4855 }
else if (granularity < 1000) {
4856 granularity = 1000 / granularity;
4857 while (1000 % granularity != 0)
4859 granularity = 1000 / granularity;
4861 granularity = 1000 * ((granularity / 1000) + 1);
4863 log_warn(
LD_CONFIG,
"Log time granularity '%d' has to be either a "
4864 "divisor or a multiple of 1 second. Changing to "
4900 if (options->
Logs == NULL && !run_as_daemon && !validate_only) {
4906 for (opt = options->
Logs; opt; opt = opt->next) {
4908 const char *cfg = opt->value;
4911 log_warn(
LD_CONFIG,
"Couldn't parse log levels in Log option 'Log %s'",
4913 ok = 0;
goto cleanup;
4917 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
4919 if (smartlist_len(elts) == 0)
4922 if (smartlist_len(elts) == 1 &&
4923 (!strcasecmp(smartlist_get(elts,0),
"stdout") ||
4924 !strcasecmp(smartlist_get(elts,0),
"stderr"))) {
4925 int err = smartlist_len(elts) &&
4926 !strcasecmp(smartlist_get(elts,0),
"stderr");
4927 if (!validate_only) {
4928 if (run_as_daemon) {
4930 "Can't log to %s with RunAsDaemon set; skipping stdout",
4931 err?
"stderr":
"stdout");
4934 fileno(err?stderr:stdout));
4939 if (smartlist_len(elts) == 1) {
4940 if (!strcasecmp(smartlist_get(elts,0),
"syslog")) {
4941 #ifdef HAVE_SYSLOG_H
4942 if (!validate_only) {
4946 log_warn(
LD_CONFIG,
"Syslog is not supported on this system. Sorry.");
4953 if (!strcasecmp(smartlist_get(elts, 0),
"android")) {
4954 #ifdef HAVE_SYSLOG_H
4955 log_warn(
LD_CONFIG,
"The android logging API is no longer supported;"
4956 " adding a syslog instead. The 'android' logging "
4957 " type will no longer work in the future.");
4958 if (!validate_only) {
4962 log_warn(
LD_CONFIG,
"The android logging API is no longer supported.");
4968 if (smartlist_len(elts) == 2 &&
4969 !strcasecmp(smartlist_get(elts,0),
"file")) {
4970 if (!validate_only) {
4974 int truncate_log = 0;
4979 for (opt2 = old_options->
Logs; opt2; opt2 = opt2->next)
4980 if (!strcmp(opt->value, opt2->value)) {
4987 log_warn(
LD_CONFIG,
"Couldn't open file for 'Log %s': %s",
4988 opt->value, strerror(errno));
4996 log_warn(
LD_CONFIG,
"Bad syntax on file Log option 'Log %s'",
4998 ok = 0;
goto cleanup;
5005 smartlist_free(elts);
5007 if (ok && !validate_only)
5019 char *socks_string = NULL;
5020 size_t socks_string_len;
5027 log_warn(
LD_CONFIG,
"'%s' is not a k=v item.", s);
5030 } SMARTLIST_FOREACH_END(s);
5036 socks_string_len = strlen(socks_string);
5040 log_warn(
LD_CONFIG,
"SOCKS arguments can't be more than %u bytes (%lu).",
5042 (
unsigned long) socks_string_len);
5056 if (bridge_line->socks_args) {
5058 smartlist_free(bridge_line->socks_args);
5060 tor_free(bridge_line->transport_name);
5080 char *addrport=NULL, *fingerprint=NULL;
5086 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
5087 if (smartlist_len(items) < 1) {
5088 log_warn(
LD_CONFIG,
"Too few arguments to Bridge line.");
5093 field = smartlist_get(items, 0);
5098 bridge_line->transport_name = field;
5099 if (smartlist_len(items) < 1) {
5100 log_warn(
LD_CONFIG,
"Too few items to Bridge line.");
5103 addrport = smartlist_get(items, 0);
5110 &bridge_line->addr, &bridge_line->port, 443)<0) {
5111 log_warn(
LD_CONFIG,
"Error parsing Bridge address '%s'", addrport);
5118 if (smartlist_len(items)) {
5119 if (bridge_line->transport_name) {
5120 field = smartlist_get(items, 0);
5129 fingerprint = field;
5140 log_warn(
LD_CONFIG,
"Key digest for Bridge is wrong length.");
5145 log_warn(
LD_CONFIG,
"Unable to decode Bridge key digest.");
5152 if (bridge_line->transport_name && smartlist_len(items)) {
5153 if (!bridge_line->socks_args)
5160 tor_assert(smartlist_len(bridge_line->socks_args) > 0);
5163 if (bridge_line->socks_args) {
5171 bridge_line_free(bridge_line);
5176 smartlist_free(items);
5203 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
5206 if (smartlist_len(sl) < 2) {
5207 *msg = tor_strdup(
"TCPProxy has no address/port. Please fix.");
5211 char *protocol_string = smartlist_get(sl, 0);
5212 char *addrport_string = smartlist_get(sl, 1);
5215 if (strcasecmp(protocol_string,
"haproxy")) {
5216 *msg = tor_strdup(
"TCPProxy protocol is not supported. Currently "
5217 "the only supported protocol is 'haproxy'. "
5228 *msg = tor_strdup(
"TCPProxy address/port failed to parse or resolve. "
5257 const char *line,
int validate_only,
5263 const char *transports = NULL;
5266 char *addrport = NULL;
5269 int socks_ver = PROXY_NONE;
5273 char **proxy_argv = NULL;
5276 int is_useless_proxy = 1;
5283 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
5284 line_length = smartlist_len(items);
5286 if (line_length < 3) {
5288 "Too few arguments on %sTransportPlugin line.",
5289 server ?
"Server" :
"Client");
5296 transports = smartlist_get(items, 0);
5299 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
5303 log_warn(
LD_CONFIG,
"Transport name is not a C identifier (%s).",
5310 is_useless_proxy = 0;
5311 } SMARTLIST_FOREACH_END(transport_name);
5313 type = smartlist_get(items, 1);
5314 if (!strcmp(type,
"exec")) {
5316 }
else if (server && !strcmp(type,
"proxy")) {
5319 }
else if (!server && !strcmp(type,
"socks4")) {
5322 socks_ver = PROXY_SOCKS4;
5323 }
else if (!server && !strcmp(type,
"socks5")) {
5326 socks_ver = PROXY_SOCKS5;
5329 "Strange %sTransportPlugin type '%s'",
5330 server ?
"Server" :
"Client", type);
5334 if (is_managed && options->
Sandbox) {
5336 "Managed proxies are not compatible with Sandbox mode."
5337 "(%sTransportPlugin line was %s)",
5338 server ?
"Server" :
"Client",
escaped(line));
5342 if (is_managed && options->
NoExec) {
5344 "Managed proxies are not compatible with NoExec mode; ignoring."
5345 "(%sTransportPlugin line was %s)",
5346 server ?
"Server" :
"Client",
escaped(line));
5354 if (!server && !validate_only && is_useless_proxy) {
5356 "Pluggable transport proxy (%s) does not provide "
5357 "any needed transports and will not be launched.",
5367 if (!validate_only && (server || !is_useless_proxy)) {
5368 proxy_argc = line_length - 2;
5370 proxy_argv = tor_calloc((proxy_argc + 1),
sizeof(
char *));
5373 for (i = 0; i < proxy_argc; i++) {
5375 *tmp++ = smartlist_get(items, 2);
5393 log_warn(
LD_CONFIG,
"You have configured an external proxy with another "
5394 "proxy type. (Socks4Proxy|Socks5Proxy|HTTPSProxy|"
5401 "You can't have an external proxy with more than "
5406 addrport = smartlist_get(items, 2);
5410 "Error parsing transport address '%s'", addrport);
5416 "Transport address '%s' has no port.", addrport);
5420 if (!validate_only) {
5421 log_info(
LD_DIR,
"%s '%s' at %s.",
5422 server ?
"Server transport" :
"Transport",
5441 smartlist_free(items);
5463 char *addrport=NULL, *address=NULL, *nickname=NULL, *fingerprint=NULL;
5465 uint16_t dir_port = 0, or_port = 0;
5469 double weight = 1.0;
5471 memset(v3_digest, 0,
sizeof(v3_digest));
5475 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
5476 if (smartlist_len(items) < 1) {
5477 log_warn(
LD_CONFIG,
"No arguments on DirAuthority line.");
5482 nickname = smartlist_get(items, 0);
5486 while (smartlist_len(items)) {
5487 char *flag = smartlist_get(items, 0);
5488 if (TOR_ISDIGIT(flag[0]))
5490 if (!strcasecmp(flag,
"hs") ||
5491 !strcasecmp(flag,
"no-hs")) {
5492 log_warn(
LD_CONFIG,
"The DirAuthority options 'hs' and 'no-hs' are "
5493 "obsolete; you don't need them any more.");
5494 }
else if (!strcasecmp(flag,
"bridge")) {
5496 }
else if (!strcasecmp(flag,
"no-v2")) {
5501 char *portstring = flag + strlen(
"orport=");
5502 or_port = (uint16_t)
tor_parse_long(portstring, 10, 1, 65535, &ok, NULL);
5504 log_warn(
LD_CONFIG,
"Invalid orport '%s' on DirAuthority line.",
5508 const char *wstring = flag + strlen(
"weight=");
5511 log_warn(
LD_CONFIG,
"Invalid weight '%s' on DirAuthority line.",flag);
5515 char *idstr = flag + strlen(
"v3ident=");
5519 log_warn(
LD_CONFIG,
"Bad v3 identity digest '%s' on DirAuthority line",
5525 if (ipv6_addrport_ptr) {
5526 log_warn(
LD_CONFIG,
"Redundant ipv6 addr/port on DirAuthority line");
5529 &ipv6_addrport.addr, &ipv6_addrport.port,
5532 log_warn(
LD_CONFIG,
"Bad ipv6 addr/port %s on DirAuthority line",
5536 ipv6_addrport_ptr = &ipv6_addrport;
5539 log_warn(
LD_CONFIG,
"Unrecognized flag '%s' on DirAuthority line",
5546 if (smartlist_len(items) < 2) {
5547 log_warn(
LD_CONFIG,
"Too few arguments to DirAuthority line.");
5550 addrport = smartlist_get(items, 0);
5554 log_warn(
LD_CONFIG,
"Error parsing DirAuthority address '%s'.", addrport);
5559 log_warn(
LD_CONFIG,
"Error parsing DirAuthority address '%s' "
5560 "(invalid IPv4 address)", address);
5565 log_warn(
LD_CONFIG,
"Missing port in DirAuthority address '%s'",addrport);
5571 log_warn(
LD_CONFIG,
"Key digest '%s' for DirAuthority is wrong length %d.",
5572 fingerprint, (
int)strlen(fingerprint));
5577 log_warn(
LD_CONFIG,
"Unable to decode DirAuthority key digest.");
5581 if (!validate_only && (!required_type || required_type & type)) {
5584 type &= required_type;
5586 log_debug(
LD_DIR,
"Trusted %d dirserver at %s:%d (%s)", (
int)type,
5587 address, (
int)dir_port, (
char*)smartlist_get(items,0));
5590 digest, v3_digest, type, weight)))
5603 smartlist_free(items);
5630 memset(
id, 0,
sizeof(
id));
5632 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
5634 const char *eq = strchr(cp,
'=');
5642 1, 65535, &ok, NULL);
5647 if (ipv6_addrport_ptr) {
5648 log_warn(
LD_CONFIG,
"Redundant ipv6 addr/port on FallbackDir line");
5651 &ipv6_addrport.addr, &ipv6_addrport.port,
5654 log_warn(
LD_CONFIG,
"Bad ipv6 addr/port %s on FallbackDir line",
5658 ipv6_addrport_ptr = &ipv6_addrport;
5662 const char *wstring = cp + strlen(
"weight=");
5665 log_warn(
LD_CONFIG,
"Invalid weight '%s' on FallbackDir line.", cp);
5674 } SMARTLIST_FOREACH_END(cp);
5676 if (smartlist_len(positional) != 1) {
5682 log_warn(
LD_CONFIG,
"Missing identity on FallbackDir line");
5687 log_warn(
LD_CONFIG,
"Missing orport on FallbackDir line");
5692 &address, &dirport) < 0 ||
5694 log_warn(
LD_CONFIG,
"Couldn't parse address:port %s on FallbackDir line",
5695 (
const char*)smartlist_get(positional, 0));
5699 if (!validate_only) {
5714 smartlist_free(items);
5715 smartlist_free(positional);
5756 const char *portname,
5757 const int listener_type)
5760 if (port->type != listener_type)
5762 if (port->is_unix_addr) {
5764 }
else if (!tor_addr_is_internal(&port->addr, 1)) {
5765 log_warn(
LD_CONFIG,
"You specified a public address '%s' for %sPort. "
5766 "Other people on the Internet might find your computer and "
5767 "use it as an open proxy. Please don't allow this unless you "
5768 "have a good reason.",
5771 log_notice(
LD_CONFIG,
"You configured a non-loopback address '%s' "
5772 "for %sPort. This allows everybody on your local network to "
5773 "use your machine as a proxy. Make sure this is what you "
5777 } SMARTLIST_FOREACH_END(port);
5791 if (port->is_unix_addr)
5794 if (forbid_nonlocal) {
5797 "You have a ControlPort set to accept "
5798 "unauthenticated connections from a non-local address. "
5799 "This means that programs not running on your computer "
5800 "can reconfigure your Tor, without even having to guess a "
5801 "password. That's so bad that I'm closing your ControlPort "
5802 "for you. If you need to control your Tor remotely, try "
5803 "enabling authentication and using a tool like stunnel or "
5804 "ssh to encrypt remote access.");
5806 port_cfg_free(port);
5809 log_warn(
LD_CONFIG,
"You have a ControlPort set to accept "
5810 "connections from a non-local address. This means that "
5811 "programs not running on your computer can reconfigure your "
5812 "Tor. That's pretty bad, since the controller "
5813 "protocol isn't encrypted! Maybe you should just listen on "
5814 "127.0.0.1 and use a tool like stunnel or ssh to encrypt "
5815 "remote connections to your control port.");
5819 } SMARTLIST_FOREACH_END(port);
5834 char **addrport_out,
5836 const char **rest_out)
5849 *addrport_out = NULL;
5850 line += strlen(unix_socket_prefix);
5852 if (!*rest_out || (*addrport_out && sz != strlen(*addrport_out))) {
5861 line += strlen(unix_socket_prefix);
5869 end = strchr(line,
'\0');
5872 *addrport_out = tor_strndup(line, end - line);
5879 warn_client_dns_cache(
const char *option,
int disabling)
5885 "Client-side DNS caching enables a wide variety of route-"
5886 "capture attacks. If a single bad exit node lies to you about "
5887 "an IP address, caching that address would make you visit "
5888 "an address of the attacker's choice every time you connected "
5889 "to your destination.");
5925 const char *portname,
5927 const char *defaultaddr,
5929 const unsigned flags)
5935 const unsigned allow_no_stream_options = flags & CL_PORT_NO_STREAM_OPTIONS;
5936 const unsigned use_server_options = flags & CL_PORT_SERVER_OPTIONS;
5937 const unsigned warn_nonlocal = flags & CL_PORT_WARN_NONLOCAL;
5938 const unsigned forbid_nonlocal = flags & CL_PORT_FORBID_NONLOCAL;
5939 const unsigned default_to_group_writable =
5940 flags & CL_PORT_DFLT_GROUP_WRITABLE;
5941 const unsigned takes_hostnames = flags & CL_PORT_TAKES_HOSTNAMES;
5942 const unsigned is_unix_socket = flags & CL_PORT_IS_UNIXSOCKET;
5943 int got_zero_port=0, got_nonzero_port=0;
5944 char *unix_socket_path = NULL;
5946 bool addr_is_explicit =
false;
5957 if (defaultport && defaultaddr && out) {
5958 cfg =
port_cfg_new(is_unix_socket ? strlen(defaultaddr) : 0);
5959 cfg->
type = listener_type;
5960 if (is_unix_socket) {
5962 memcpy(cfg->
unix_addr, defaultaddr, strlen(defaultaddr) + 1);
5965 cfg->
port = defaultport;