57 #define CONNECTION_PRIVATE
68 #define CHANNEL_OBJECT_PRIVATE
81 #include "core/or/dos.h"
87 #include "core/proto/proto_haproxy.h"
131 #ifdef HAVE_SYS_STAT_H
132 #include <sys/stat.h>
136 #include <sys/socket.h>
166 #define ENABLE_LISTENER_REBIND
169 const struct sockaddr *listensockaddr,
170 socklen_t listensocklen,
int type,
176 int *defer,
int *addr_in_use);
185 ssize_t *max_to_read,
208 static tor_addr_t *last_interface_ipv6 = NULL;
213 #define CASE_ANY_LISTENER_TYPE \
214 case CONN_TYPE_OR_LISTENER: \
215 case CONN_TYPE_EXT_OR_LISTENER: \
216 case CONN_TYPE_AP_LISTENER: \
217 case CONN_TYPE_DIR_LISTENER: \
218 case CONN_TYPE_CONTROL_LISTENER: \
219 case CONN_TYPE_AP_TRANS_LISTENER: \
220 case CONN_TYPE_AP_NATD_LISTENER: \
221 case CONN_TYPE_AP_DNS_LISTENER: \
222 case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: \
223 case CONN_TYPE_METRICS_LISTENER
277 return "Transparent pf/netfilter listener";
291 log_warn(
LD_BUG,
"unknown connection type %d", type);
306 CASE_ANY_LISTENER_TYPE:
316 return "renegotiating (TLS, v2 handshake)";
318 return "waiting for renegotiation or V3 handshake";
320 return "handshaking (Tor, v2 handshake)";
322 return "handshaking (Tor, v3 handshake)";
329 return "waiting for authentication type";
331 return "waiting for client nonce";
333 return "waiting for client hash";
372 return "waiting for authentication (protocol v1)";
378 return "uninitialized";
381 log_warn(
LD_BUG,
"unknown connection state %d (type %d)", state, type);
383 "unknown state [%d] on unknown [%s] connection",
385 tor_assert_nonfatal_unreached_once();
404 bool include_preposition)
410 static char peer_buf[256];
412 const char *address = NULL;
419 switch (conn->
type) {
420 CASE_ANY_LISTENER_TYPE:
455 strlcpy(ed_id_buf,
"<none>",
sizeof(ed_id_buf));
460 " ID=%s RSA_ID=%s", ed_id_buf, rsa_id_buf);
467 sizeof(canonical_addr_buf), 1)) {
469 sizeof(extra_buf)-strlen(extra_buf),
470 " canonical_addr=%s:%"PRIu16,
479 strlcpy(extra_buf,
" (DNS lookup pending)",
sizeof(extra_buf));
484 if (address == NULL) {
490 address =
"<can't format!>";
491 tor_assert_nonfatal_unreached_once();
498 if (scrub &&
get_options()->SafeLogging_ != SAFELOG_SCRUB_NONE) {
499 address =
"[scrubbed]";
502 if (conn->
port != 0) {
507 const char *sp = include_preposition ?
" " :
"";
508 if (! include_preposition)
512 "%s%s%s%s%s", prep, sp, address, portbuf, extra_buf);
546 return "null connection";
548 static char desc_buf[256];
551 "%s connection (%s) %s",
579 time_t now = time(NULL);
584 connection_or_set_canonical(or_conn, 0);
589 TO_CONN(or_conn)->always_rate_limit_as_remote = 1;
611 if (socket_family == AF_INET)
612 entry_conn->entry_cfg.ipv4_traffic = 1;
613 else if (socket_family == AF_INET6)
614 entry_conn->entry_cfg.ipv6_traffic = 1;
649 return listener_conn;
675 CASE_ANY_LISTENER_TYPE:
699 static uint64_t n_connections_allocated = 1;
704 conn->
magic = OR_CONNECTION_MAGIC;
707 conn->
magic = EDGE_CONNECTION_MAGIC;
710 conn->
magic = ENTRY_CONNECTION_MAGIC;
713 conn->
magic = DIR_CONNECTION_MAGIC;
716 conn->
magic = CONTROL_CONNECTION_MAGIC;
718 CASE_ANY_LISTENER_TYPE:
719 conn->
magic = LISTENER_CONNECTION_MAGIC;
722 conn->
magic = BASE_CONNECTION_MAGIC;
784 switch (conn->
type) {
811 CASE_ANY_LISTENER_TYPE:
824 log_info(
LD_GENERAL,
"Freeing linked %s connection [%s] with %d "
825 "bytes on inbuf, %d on outbuf.",
828 (
int)connection_get_inbuf_len(conn),
829 (
int)connection_get_outbuf_len(conn));
833 buf_free(conn->
inbuf);
841 if (unlink(conn->
address) < 0 && errno != ENOENT) {
850 if (connection_speaks_cells(conn)) {
863 tor_tls_free(or_conn->
tls);
874 "Freeing orconn at %p, saw channel %p with ID "
875 "%"PRIu64
" left un-NULLed",
878 if (!CHANNEL_FINISHED(base_chan)) {
882 or_conn->
chan->conn = NULL;
883 or_conn->
chan = NULL;
895 if (entry_conn->sending_optimistic_data) {
896 buf_free(entry_conn->sending_optimistic_data);
909 memwipe(cp, 0, strlen(cp));
926 dir_conn_clear_spool(dir_conn);
928 hs_ident_dir_conn_free(dir_conn->hs_ident);
937 log_debug(
LD_NET,
"closing fd %d.",(
int)conn->
s);
944 log_warn(
LD_BUG,
"called on OR conn with non-zeroed identity_digest");
973 if (connection_speaks_cells(conn)) {
984 connection_ap_warn_and_unmark_if_pending_circ(
TO_ENTRY_CONN(conn),
1016 switch (conn->
type) {
1035 #define CONN_IS_CLOSED(c) \
1036 ((c)->linked ? ((c)->linked_conn_is_closed) : (! SOCKET_OK(c->s)))
1047 log_err(
LD_BUG,
"Attempt to close already-closed connection.");
1051 if (connection_get_outbuf_len(conn)) {
1052 log_info(
LD_NET,
"fd %d, type %s, state %s, %"TOR_PRIuSZ
" bytes on outbuf.",
1090 "Something tried to close an or_connection_t without going "
1091 "through channels at %s:%d",
1117 int line,
const char *file))
1125 log_warn(
LD_BUG,
"Duplicate call to connection_mark_for_close at %s:%d"
1138 "Calling connection_mark_for_close_internal_() on an OR conn "
1181 "Giving up on marked_for_close conn that's been flushing "
1182 "for 15s (fd %d, type %s, state %s).",
1188 } SMARTLIST_FOREACH_END(conn);
1191 #if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)
1205 static struct sockaddr_un *
1206 create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1209 struct sockaddr_un *sockaddr = NULL;
1211 sockaddr = tor_malloc_zero(
sizeof(
struct sockaddr_un));
1212 sockaddr->sun_family = AF_UNIX;
1213 if (strlcpy(sockaddr->sun_path, listenaddress,
sizeof(sockaddr->sun_path))
1214 >=
sizeof(sockaddr->sun_path)) {
1215 log_warn(
LD_CONFIG,
"Unix socket path '%s' is too long to fit.",
1221 if (readable_address)
1222 *readable_address = tor_strdup(listenaddress);
1224 *len_out =
sizeof(
struct sockaddr_un);
1228 static struct sockaddr *
1229 create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1232 (void)listenaddress;
1233 (void)readable_address;
1235 "Unix domain sockets not supported, yet we tried to create one.");
1270 #define WARN_TOO_MANY_CONNS_INTERVAL (6*60*60)
1271 static ratelim_t last_warned = RATELIM_INIT(WARN_TOO_MANY_CONNS_INTERVAL);
1275 log_warn(
LD_NET,
"Failing because we have %d connections already. Please "
1276 "read doc/TUNING for guidance.%s", n_conns, m);
1283 #ifdef HAVE_SYS_UN_H
1285 #define UNIX_SOCKET_PURPOSE_CONTROL_SOCKET 0
1286 #define UNIX_SOCKET_PURPOSE_SOCKS_SOCKET 1
1291 is_valid_unix_socket_purpose(
int purpose)
1296 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1297 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1307 unix_socket_purpose_to_string(
int purpose)
1309 const char *s =
"unknown-purpose socket";
1312 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1313 s =
"control socket";
1315 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1326 check_location_for_unix_socket(
const or_options_t *options,
const char *path,
1332 tor_assert(is_valid_unix_socket_purpose(purpose));
1334 p = tor_strdup(path);
1337 log_warn(
LD_GENERAL,
"Bad unix socket address '%s'. Tor does not support "
1338 "relative paths for unix sockets.", path);
1342 if (port->is_world_writable) {
1348 if (port->is_group_writable) {
1349 flags |= CPD_GROUP_OK;
1352 if (port->relax_dirmode_check) {
1353 flags |= CPD_RELAX_DIRMODE_CHECK;
1357 char *escpath, *escdir;
1360 log_warn(
LD_GENERAL,
"Before Tor can create a %s in %s, the directory "
1361 "%s needs to exist, and to be accessible only by the user%s "
1362 "account that is running Tor. (On some Unix systems, anybody "
1363 "who can list a socket can connect to it, so Tor is being "
1365 unix_socket_purpose_to_string(purpose), escpath, escdir,
1366 port->is_group_writable ?
" and group" :
"");
1395 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (
void*) &one,
1396 (socklen_t)
sizeof(one)) == -1) {
1409 #ifdef SO_EXCLUSIVEADDRUSE
1416 if (setsockopt(sock, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, (
void*) &one,
1417 (socklen_t)
sizeof(one))) {
1440 if ((r = listen(fd, SOMAXCONN)) == 0) {
1442 log_warn(
LD_NET,
"Setting listen backlog to INT_MAX connections "
1443 "didn't work, but SOMAXCONN did. Lowering backlog limit.");
1461 int type,
const char *address,
1470 #if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
1471 const struct passwd *pw = NULL;
1473 uint16_t usePort = 0, gotPort = 0;
1474 int start_reading = 0;
1482 if (listensockaddr->sa_family == AF_INET ||
1483 listensockaddr->sa_family == AF_INET6) {
1489 log_notice(
LD_NET,
"Opening %s on %s",
1493 is_stream ? SOCK_STREAM : SOCK_DGRAM,
1494 is_stream ? IPPROTO_TCP: IPPROTO_UDP);
1496 int e = tor_socket_errno(s);
1497 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1505 log_warn(
LD_NET,
"Socket creation failed: %s",
1506 tor_socket_strerror(e));
1512 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1514 tor_socket_strerror(errno));
1518 if (make_win32_socket_exclusive(s) < 0) {
1519 log_warn(
LD_NET,
"Error setting SO_EXCLUSIVEADDRUSE flag on %s: %s",
1521 tor_socket_strerror(errno));
1525 #if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
1529 if (setsockopt(s, SOL_IP, IP_TRANSPARENT, (
void*)&one,
1530 (socklen_t)
sizeof(one)) < 0) {
1531 const char *extra =
"";
1532 int e = tor_socket_errno(s);
1534 extra =
"TransTPROXY requires root privileges or similar"
1536 log_warn(
LD_NET,
"Error setting IP_TRANSPARENT flag: %s.%s",
1537 tor_socket_strerror(e), extra);
1543 if (listensockaddr->sa_family == AF_INET6) {
1547 if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY,
1548 (
void*)&one, (socklen_t)
sizeof(one)) < 0) {
1549 int e = tor_socket_errno(s);
1550 log_warn(
LD_NET,
"Error setting IPV6_V6ONLY flag: %s",
1551 tor_socket_strerror(e));
1557 if (bind(s,listensockaddr,socklen) < 0) {
1558 const char *helpfulhint =
"";
1559 int e = tor_socket_errno(s);
1560 if (ERRNO_IS_EADDRINUSE(e)) {
1561 helpfulhint =
". Is Tor already running?";
1565 log_warn(
LD_NET,
"Could not bind to %s:%u: %s%s", address, usePort,
1566 tor_socket_strerror(e), helpfulhint);
1571 if (tor_listen(s) < 0) {
1572 log_warn(
LD_NET,
"Could not listen on %s:%u: %s", address, usePort,
1573 tor_socket_strerror(tor_socket_errno(s)));
1582 struct sockaddr_storage ss;
1583 socklen_t ss_len=
sizeof(ss);
1584 if (getsockname(s, (
struct sockaddr*)&ss, &ss_len)<0) {
1585 log_warn(
LD_NET,
"getsockname() couldn't learn address for %s: %s",
1587 tor_socket_strerror(tor_socket_errno(s)));
1592 #ifdef HAVE_SYS_UN_H
1596 }
else if (listensockaddr->sa_family == AF_UNIX) {
1602 if (check_location_for_unix_socket(options, address,
1604 UNIX_SOCKET_PURPOSE_CONTROL_SOCKET :
1605 UNIX_SOCKET_PURPOSE_SOCKS_SOCKET, port_cfg) < 0) {
1609 log_notice(
LD_NET,
"Opening %s on %s",
1614 if (unlink(address) < 0 && errno != ENOENT) {
1615 log_warn(
LD_NET,
"Could not unlink %s: %s", address,
1622 int e = tor_socket_errno(s);
1623 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1631 log_warn(
LD_NET,
"Socket creation failed: %s.", strerror(e));
1636 if (bind(s, listensockaddr,
1637 (socklen_t)
sizeof(
struct sockaddr_un)) == -1) {
1638 log_warn(
LD_NET,
"Bind to %s failed: %s.", address,
1639 tor_socket_strerror(tor_socket_errno(s)));
1644 if (options->
User) {
1648 log_warn(
LD_NET,
"Unable to chown() %s socket: user %s not found.",
1649 address, options->
User);
1651 }
else if (fstat(s, &st) == 0 &&
1652 st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
1655 pw->pw_uid, pw->pw_gid) < 0) {
1656 log_warn(
LD_NET,
"Unable to chown() %s socket: %s.",
1657 address, strerror(errno));
1667 if (port_cfg->is_world_writable) {
1669 status =
"world-writable";
1670 }
else if (port_cfg->is_group_writable) {
1672 status =
"group-writable";
1679 if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
1682 log_warn(
LD_FS,
"Unable to make %s %s.", address, status);
1687 if (listen(s, SOMAXCONN) < 0) {
1688 log_warn(
LD_NET,
"Could not listen on %s: %s", address,
1689 tor_socket_strerror(tor_socket_errno(s)));
1696 socklen_t len =
sizeof(value);
1698 if (!getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN, &value, &len)) {
1700 log_err(
LD_NET,
"Could not listen on %s - "
1701 "getsockopt(.,SO_ACCEPTCONN,.) yields 0.", address);
1708 log_err(
LD_BUG,
"Got unexpected address family %d.",
1709 listensockaddr->sa_family);
1718 conn->
address = tor_strdup(address);
1719 conn->
port = gotPort;
1735 lis_conn->entry_cfg.
session_group = global_next_session_group--;
1739 if (connection_add(conn) < 0) {
1740 log_warn(
LD_NET,
"connection_add for listener failed. Giving up.");
1745 "%s listening on port %u.",
1749 if (start_reading) {
1770 connection_free(conn);
1786 int *defer,
int *addr_in_use)
1789 struct sockaddr *listensockaddr;
1790 socklen_t listensocklen = 0;
1798 if (port->server_cfg.no_listen) {
1809 strcmp(options->
User,
"root")) {
1817 listensockaddr = (
struct sockaddr *)
1819 &address, &listensocklen);
1821 listensockaddr = tor_malloc(
sizeof(
struct sockaddr_storage));
1825 sizeof(
struct sockaddr_storage));
1829 if (listensockaddr) {
1831 port->
type, address, port,
1854 if (sa->sa_family == AF_INET) {
1855 struct sockaddr_in *sin=(
struct sockaddr_in*)sa;
1856 if (len !=
sizeof(
struct sockaddr_in)) {
1857 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1858 len,(
int)
sizeof(
struct sockaddr_in));
1861 if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
1863 "Address for new connection has address/port equal to zero.");
1866 }
else if (sa->sa_family == AF_INET6) {
1869 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1874 sin6->sin6_port == 0) {
1876 "Address for new connection has address/port equal to zero.");
1879 }
else if (sa->sa_family == AF_UNIX) {
1896 log_info(
LD_BUG,
"A listener connection returned a socket with a "
1897 "mismatched family. %s for addr_family %d gave us a socket "
1898 "with address family %d. Dropping.",
1916 struct sockaddr_storage addrbuf;
1917 struct sockaddr *remote = (
struct sockaddr*)&addrbuf;
1919 socklen_t remotelen = (socklen_t)
sizeof(addrbuf);
1922 tor_assert((
size_t)remotelen >=
sizeof(
struct sockaddr_in));
1923 memset(&addrbuf, 0,
sizeof(addrbuf));
1927 int e = tor_socket_errno(conn->
s);
1928 if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
1936 }
else if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1943 log_warn(
LD_NET,
"accept() failed: %s. Closing listener.",
1944 tor_socket_strerror(e));
1945 connection_mark_for_close(conn);
1951 "Connection accepted on socket %d (child of fd %d).",
1952 (
int)news,(
int)conn->
s);
1958 if (tor_socket_errno(news) == EINVAL) {
1960 log_debug(
LD_NET,
"make_socket_reuseable returned EINVAL");
1962 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1964 tor_socket_strerror(errno));
1984 "accept() returned a strange address; closing connection.");
1996 "Denying socks connection from untrusted address %s.",
2005 log_notice(
LD_DIRSERV,
"Denying dir connection from address %s.",
2014 if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
2029 newconn->
port = port;
2034 log_info(
LD_NET,
"New SOCKS connection opened from %s.",
2038 log_info(
LD_NET,
"New SOCKS AF_UNIX connection opened");
2041 log_notice(
LD_CONTROL,
"New control connection opened from %s.",
2045 log_info(
LD_CONTROL,
"New metrics connection opened from %s.",
2052 log_notice(
LD_CONTROL,
"New control connection opened.");
2065 if (connection_add(newconn) < 0) {
2066 connection_free(newconn);
2072 connection_mark_for_close(newconn);
2098 switch (conn->
type) {
2111 memcpy(&
TO_ENTRY_CONN(conn)->entry_cfg, &listener->entry_cfg,
2119 switch (
TO_CONN(listener)->type) {
2159 const struct sockaddr *sa,
2161 const struct sockaddr *bindaddr,
2162 socklen_t bindaddr_len,
2180 static ratelim_t disablenet_violated = RATELIM_INIT(30*60);
2181 *socket_error = SOCK_ERRNO(ENETUNREACH);
2183 "Tried to open a socket with DisableNetwork set.");
2188 const int protocol_family = sa->sa_family;
2189 const int proto = (sa->sa_family == AF_INET6 ||
2190 sa->sa_family == AF_INET) ? IPPROTO_TCP : 0;
2198 *socket_error = tor_socket_errno(s);
2199 if (ERRNO_IS_RESOURCE_LIMIT(*socket_error)) {
2203 log_warn(
LD_NET,
"Error creating network socket: %s",
2204 tor_socket_strerror(*socket_error));
2211 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on new connection: %s",
2212 tor_socket_strerror(errno));
2222 if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) {
2223 *socket_error = tor_socket_errno(s);
2224 log_warn(
LD_NET,
"Error binding network socket: %s",
2225 tor_socket_strerror(*socket_error));
2234 if (connect(s, sa, sa_len) < 0) {
2235 int e = tor_socket_errno(s);
2236 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
2240 "connect() to socket failed: %s",
2241 tor_socket_strerror(e));
2253 "Connection to socket %s (sock "TOR_SOCKET_T_FORMAT
").",
2254 inprogress ?
"in progress" :
"established", s);
2256 if (connection_add_connecting(conn) < 0) {
2258 *socket_error = SOCK_ERRNO(ENOBUFS);
2262 return inprogress ? 0 : 1;
2269 connection_connect_log_client_use_ip_version(
const connection_t *conn)
2295 static int logged_backtrace = 0;
2296 log_info(
LD_BUG,
"Outgoing %s connection to %s violated ClientUseIPv%s 0.",
2300 if (!logged_backtrace) {
2302 logged_backtrace = 1;
2314 log_info(
LD_NET,
"Our outgoing connection is using IPv%d.",
2321 log_info(
LD_NET,
"Outgoing connection to %s doesn't satisfy "
2322 "ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
2323 "reachable_addr_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
2397 const tor_addr_t *addr, uint16_t port,
int *socket_error)
2399 struct sockaddr_storage addrbuf;
2400 struct sockaddr_storage bind_addr_ss;
2401 struct sockaddr *bind_addr = NULL;
2402 struct sockaddr *dest_addr;
2403 int dest_addr_len, bind_addr_len = 0;
2407 connection_connect_log_client_use_ip_version(conn);
2414 memset(&bind_addr_ss, 0,
sizeof(bind_addr_ss));
2416 (
struct sockaddr *) &bind_addr_ss,
2417 sizeof(bind_addr_ss));
2418 if (bind_addr_len == 0) {
2420 "Error converting OutboundBindAddress %s into sockaddr. "
2423 bind_addr = (
struct sockaddr *)&bind_addr_ss;
2428 memset(&addrbuf,0,
sizeof(addrbuf));
2429 dest_addr = (
struct sockaddr*) &addrbuf;
2433 log_debug(
LD_NET,
"Connecting to %s:%u.",
2437 bind_addr, bind_addr_len, socket_error);
2440 #ifdef HAVE_SYS_UN_H
2450 connection_connect_unix(
connection_t *conn,
const char *socket_path,
2453 struct sockaddr_un dest_addr;
2458 if (strlen(socket_path) + 1 >
sizeof(dest_addr.sun_path)) {
2460 "Path %s is too long for an AF_UNIX socket\n",
2462 *socket_error = SOCK_ERRNO(ENAMETOOLONG);
2466 memset(&dest_addr, 0,
sizeof(dest_addr));
2467 dest_addr.sun_family = AF_UNIX;
2468 strlcpy(dest_addr.sun_path, socket_path,
sizeof(dest_addr.sun_path));
2471 "Connecting to AF_UNIX socket at %s.",
2475 (
struct sockaddr *)&dest_addr,
sizeof(dest_addr),
2476 NULL, 0, socket_error);
2486 static const char *unknown =
"???";
2487 static const char *states[] = {
2490 "PROXY_HTTPS_WANT_CONNECT_OK",
2491 "PROXY_SOCKS4_WANT_CONNECT_OK",
2492 "PROXY_SOCKS5_WANT_AUTH_METHOD_NONE",
2493 "PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929",
2494 "PROXY_SOCKS5_WANT_AUTH_RFC1929_OK",
2495 "PROXY_SOCKS5_WANT_CONNECT_OK",
2496 "PROXY_HAPROXY_WAIT_FOR_FLUSH",
2502 if (state < PROXY_NONE || state > PROXY_CONNECTED)
2505 return states[state];
2523 if (r == 0 && transport)
2524 return PROXY_PLUGGABLE;
2529 return PROXY_CONNECT;
2531 return PROXY_SOCKS4;
2533 return PROXY_SOCKS5;
2537 return PROXY_HAPROXY;
2545 #define SOCKS4_STANDARD_BUFFER_SIZE (1 + 1 + 2 + 4 + 1)
2561 char *base64_authenticator = NULL;
2567 if (authenticator) {
2569 if (!base64_authenticator)
2570 log_warn(
LD_OR,
"Encoding https authenticator failed");
2573 if (base64_authenticator) {
2575 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.1\r\n"
2577 "Proxy-Authorization: Basic %s\r\n\r\n",
2580 base64_authenticator);
2583 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.0\r\n\r\n",
2587 connection_buf_add(buf, strlen(buf), conn);
2606 size_t buf_size = 0;
2607 char *socks_args_string = NULL;
2612 log_warn(
LD_NET,
"SOCKS4 client is incompatible with IPv6");
2624 if (socks_args_string)
2625 log_debug(
LD_NET,
"Sending out '%s' as our SOCKS argument string.",
2632 buf_size = SOCKS4_STANDARD_BUFFER_SIZE;
2636 if (socks_args_string)
2637 buf_size += strlen(socks_args_string);
2640 buf = tor_malloc_zero(buf_size);
2643 portn = htons(conn->
port);
2647 memcpy(buf + 2, &portn, 2);
2648 memcpy(buf + 4, &ip4addr, 4);
2653 if (socks_args_string) {
2656 SOCKS4_STANDARD_BUFFER_SIZE + strlen(socks_args_string));
2657 strlcpy((
char *)buf + 8, socks_args_string, buf_size - 8);
2663 connection_buf_add((
char *)buf, buf_size, conn);
2683 unsigned char buf[4];
2699 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929;
2703 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_NONE;
2706 connection_buf_add((
char *)buf, 2 + buf[1], conn);
2720 char *buf = haproxy_format_proxy_header_line(addr_port);
2727 connection_buf_add(buf, strlen(buf), conn);
2774 log_err(
LD_BUG,
"Invalid proxy protocol, %d", type);
2781 log_debug(
LD_NET,
"set state %s",
2802 NULL, NULL, 10000, 0)) {
2805 "Your https proxy sent back an oversized response. Closing.");
2808 log_info(
LD_NET,
"https proxy response not all here yet. Waiting.");
2814 NULL, &reason) < 0) {
2816 "Unparseable headers from proxy (%s). Closing.",
2822 if (!reason) reason = tor_strdup(
"[no reason given]");
2824 if (status_code == 200) {
2826 "HTTPS connect for %s successful! (200 %s) Starting TLS.",
2832 switch (status_code) {
2835 "The https proxy refused to allow connection to %s "
2836 "(status code %d, %s). Closing.",
2841 "The https proxy sent back an unexpected status code %d (%s). "
2843 status_code,
escaped(reason));
2856 unsigned char buf[1024];
2858 uint16_t port = htons(conn->
port);
2869 memcpy(buf + 4, &addr, 4);
2870 memcpy(buf + 8, &port, 2);
2875 memcpy(buf + 20, &port, 2);
2878 connection_buf_add((
char *)buf, reqsize, conn);
2887 int state,
char **reason)
2906 char *reason = NULL;
2908 log_debug(
LD_NET,
"enter state %s",
2912 case PROXY_HTTPS_WANT_CONNECT_OK:
2918 case PROXY_SOCKS4_WANT_CONNECT_OK:
2926 case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
2937 case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
2946 }
else if (ret == 2) {
2947 unsigned char buf[1024];
2948 size_t reqsize, usize, psize;
2949 const char *user, *pass;
2950 char *socks_args_string = NULL;
2955 if (!socks_args_string) {
2956 log_warn(
LD_NET,
"Could not create SOCKS args string for PT.");
2961 log_debug(
LD_NET,
"PT SOCKS5 arguments: %s", socks_args_string);
2966 user = socks_args_string;
2971 user = socks_args_string;
2972 usize = strlen(socks_args_string);
2980 usize = strlen(user);
2981 psize = strlen(pass);
2983 log_err(
LD_BUG,
"We entered %s for no reason!", __func__);
2993 reqsize = 3 + usize + psize;
2997 memcpy(buf + 2, user, usize);
2998 buf[2 + usize] = psize;
2999 memcpy(buf + 3 + usize, pass, psize);
3001 if (socks_args_string)
3004 connection_buf_add((
char *)buf, reqsize, conn);
3006 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_RFC1929_OK;
3011 case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
3022 case PROXY_SOCKS5_WANT_CONNECT_OK:
3031 log_err(
LD_BUG,
"Invalid proxy_state for reading, %d",
3038 log_debug(
LD_NET,
"leaving state %s",
3043 log_warn(
LD_NET,
"Proxy Client: unable to connect %s (%s)",
3047 log_warn(
LD_NET,
"Proxy Client: unable to connect %s",
3050 }
else if (ret == 1) {
3051 log_info(
LD_NET,
"Proxy Client: %s successful",
3079 int control_listeners_only)
3081 #ifndef ENABLE_LISTENER_REBIND
3088 if (control_listeners_only) {
3109 if (conn->
type != wanted->type)
3111 if ((conn->
socket_family != AF_UNIX && wanted->is_unix_addr) ||
3115 if (wanted->server_cfg.no_listen)
3118 if (wanted->is_unix_addr) {
3120 !strcmp(wanted->unix_addr, conn->
address)) {
3121 found_port = wanted;
3126 const int port_matches_exact = (wanted->port == conn->
port);
3131 port_matches_exact);
3134 found_port = wanted;
3137 #ifdef ENABLE_LISTENER_REBIND
3147 const int may_need_rebind =
3151 if (replacements && may_need_rebind) {
3155 replacement->old_conn = conn;
3156 replacement->new_port = wanted;
3165 } SMARTLIST_FOREACH_END(wanted);
3175 } SMARTLIST_FOREACH_END(conn);
3182 if (conn && new_conns)
3186 } SMARTLIST_FOREACH_END(port);
3188 smartlist_free(launch);
3210 const uint16_t old_or_port_ipv6 =
3217 } SMARTLIST_FOREACH_END(conn);
3223 close_all_noncontrol) < 0)
3226 #ifdef ENABLE_LISTENER_REBIND
3227 if (smartlist_len(replacements))
3228 log_debug(
LD_NET,
"%d replacements - starting rebinding loop.",
3229 smartlist_len(replacements));
3232 int addr_in_use = 0;
3243 log_debug(
LD_NET,
"Skipping creating new listener for %s",
3249 connection_mark_for_close(old_conn);
3253 &skip, &addr_in_use);
3259 log_warn(
LD_NET,
"Unable to create listener port: %s:%d",
3268 log_notice(
LD_NET,
"Closed no-longer-configured %s "
3272 } SMARTLIST_FOREACH_END(r);
3278 log_notice(
LD_NET,
"Closing no-longer-configured %s on %s:%d",
3282 connection_mark_for_close(conn);
3283 } SMARTLIST_FOREACH_END(conn);
3285 smartlist_free(listeners);
3288 smartlist_free(replacements);
3313 connection_mark_for_close(conn);
3314 } SMARTLIST_FOREACH_END(conn);
3324 switch (conn->
type) {
3330 END_STREAM_REASON_HIBERNATING);
3342 connection_mark_for_close(conn);
3347 connection_mark_for_close(conn);
3350 } SMARTLIST_FOREACH_END(conn);
3369 tor_addr_is_internal(&conn->
addr, 0)))
3382 #define CLIENT_IDLE_TIME_FOR_PRIORITY 30
3407 ssize_t global_bucket_val, ssize_t conn_bucket)
3410 ssize_t num_bytes_high = (priority ? 32 : 16) * base;
3411 ssize_t num_bytes_low = (priority ? 4 : 2) * base;
3416 at_most = global_bucket_val / 8;
3417 at_most -= (at_most % base);
3418 if (at_most > num_bytes_high)
3419 at_most = num_bytes_high;
3420 else if (at_most < num_bytes_low)
3421 at_most = num_bytes_low;
3423 if (at_most > global_bucket_val)
3424 at_most = global_bucket_val;
3426 if (conn_bucket >= 0 && at_most > conn_bucket)
3427 at_most = conn_bucket;
3440 ssize_t conn_bucket = -1;
3441 size_t global_bucket_val = token_bucket_rw_get_read(&global_bucket);
3442 if (global_bucket_val == 0) {
3453 if (connection_speaks_cells(conn)) {
3456 conn_bucket = token_bucket_rw_get_read(&or_conn->
bucket);
3457 base = get_cell_network_size(or_conn->wide_circ_ids);
3462 return conn_bucket>=0 ? conn_bucket : 1<<14;
3466 size_t relayed = token_bucket_rw_get_read(&global_relayed_bucket);
3467 global_bucket_val = MIN(global_bucket_val, relayed);
3471 global_bucket_val, conn_bucket);
3481 size_t global_bucket_val = token_bucket_rw_get_write(&global_bucket);
3482 if (global_bucket_val == 0) {
3493 if (connection_speaks_cells(conn)) {
3497 conn_bucket = MIN(conn_bucket,
3498 token_bucket_rw_get_write(&or_conn->
bucket));
3499 base = get_cell_network_size(or_conn->wide_circ_ids);
3503 size_t relayed = token_bucket_rw_get_write(&global_relayed_bucket);
3504 global_bucket_val = MIN(global_bucket_val, relayed);
3508 global_bucket_val, conn_bucket);
3533 size_t smaller_bucket =
3534 MIN(token_bucket_rw_get_write(&global_bucket),
3535 token_bucket_rw_get_write(&global_relayed_bucket));
3555 if (smaller_bucket < attempt)
3575 time_t now,
size_t num_read,
size_t num_written)
3581 if (num_written > 0)
3600 num_written, now, is_ipv6);
3605 if (num_written > 0) {
3630 size_t num_read,
size_t num_written)
3632 if (num_written >= INT_MAX || num_read >= INT_MAX) {
3633 log_err(
LD_BUG,
"Value out of range. num_read=%lu, num_written=%lu, "
3634 "connection type=%s, state=%s",
3635 (
unsigned long)num_read, (
unsigned long)num_written,
3639 if (num_written >= INT_MAX)
3641 if (num_read >= INT_MAX)
3656 if (flags & TB_WRITE) {
3707 if (token_bucket_rw_get_read(&global_bucket) <= 0) {
3708 reason =
"global read bucket exhausted. Pausing.";
3710 token_bucket_rw_get_read(&global_relayed_bucket) <= 0) {
3711 reason =
"global relayed read bucket exhausted. Pausing.";
3712 }
else if (connection_speaks_cells(conn) &&
3714 token_bucket_rw_get_read(&
TO_OR_CONN(conn)->bucket) <= 0) {
3715 reason =
"connection read bucket exhausted. Pausing.";
3734 bool is_global =
true;
3735 if (token_bucket_rw_get_write(&global_bucket) <= 0) {
3736 reason =
"global write bucket exhausted. Pausing.";
3738 token_bucket_rw_get_write(&global_relayed_bucket) <= 0) {
3739 reason =
"global relayed write bucket exhausted. Pausing.";
3740 }
else if (connection_speaks_cells(conn) &&
3742 token_bucket_rw_get_write(&
TO_OR_CONN(conn)->bucket) <= 0) {
3743 reason =
"connection write bucket exhausted. Pausing.";
3855 } SMARTLIST_FOREACH_END(conn);
3907 ssize_t max_to_read=-1, try_to_read;
3908 size_t before, n_read = 0;
3909 int socket_error = 0;
3918 switch (conn->
type) {
3941 try_to_read = max_to_read;
3951 END_OR_CONN_REASON_CONNRESET,
3953 tor_socket_strerror(socket_error) :
3954 "(unknown, errno was 0)");
3969 connection_mark_for_close_internal(conn);
3973 if (
CONN_IS_EDGE(conn) && try_to_read != max_to_read) {
4003 connection_mark_for_close(linked);
4045 ssize_t at_most = *max_to_read;
4046 size_t slack_in_buf, more_to_read;
4047 size_t n_read = 0, n_written = 0;
4049 if (at_most == -1) {
4056 if (at_most > maximum) {
4062 if ((
size_t)at_most > slack_in_buf && slack_in_buf >= 1024) {
4063 more_to_read = at_most - slack_in_buf;
4064 at_most = slack_in_buf;
4069 if (connection_speaks_cells(conn) &&
4073 size_t initial_size;
4081 "%d: starting, inbuf_datalen %ld (%d pending in tls object)."
4089 if (TOR_TLS_IS_ERROR(result) || result == TOR_TLS_CLOSE)
4096 case TOR_TLS_ERROR_IO:
4097 log_debug(
LD_NET,
"TLS %s closed %son read. Closing.",
4099 result == TOR_TLS_CLOSE ?
"cleanly " :
"");
4102 log_debug(
LD_NET,
"tls error [%s] from %s. Breaking.",
4106 case TOR_TLS_WANTWRITE:
4109 case TOR_TLS_WANTREAD:
4135 log_warn(
LD_BUG,
"apparently, reading pending bytes can fail.");
4141 log_debug(
LD_GENERAL,
"After TLS read of %d: %ld read, %ld written",
4142 result, (
long)n_read, (
long)n_written);
4143 }
else if (conn->
linked) {
4157 n_read = (
size_t) result;
4160 int reached_eof = 0;
4173 n_read = (size_t) result;
4178 *max_to_read = at_most - n_read;
4193 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_read > n_read))
4194 edge_conn->
n_read += (int)n_read;
4196 edge_conn->
n_read = UINT32_MAX;
4214 if (more_to_read && result == at_most) {
4216 at_most = more_to_read;
4249 char **headers_out,
size_t max_headerlen,
4250 char **body_out,
size_t *body_used,
4251 size_t max_bodylen,
int force_complete)
4254 body_out, body_used, max_bodylen, force_complete);
4261 return connection_get_outbuf_len(conn) > 0;
4287 static int isVistaOr7 = -1;
4288 if (isVistaOr7 == -1) {
4290 OSVERSIONINFO osvi = { 0 };
4291 osvi.dwOSVersionInfoSize =
sizeof(OSVERSIONINFO);
4292 GetVersionEx(&osvi);
4293 if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion < 2)
4301 DWORD bytesReturned = 0;
4302 if (!WSAIoctl(sock, SIO_IDEAL_SEND_BACKLOG_QUERY, NULL, 0,
4303 &isb,
sizeof(isb), &bytesReturned, NULL, NULL)) {
4304 setsockopt(sock, SOL_SOCKET, SO_SNDBUF, (
const char*)&isb,
sizeof(isb));
4333 socklen_t len=(socklen_t)
sizeof(e);
4335 ssize_t max_to_write;
4337 size_t n_read = 0, n_written = 0;
4338 int dont_stop_writing = 0;
4346 log_warn(
LD_BUG,
"called recursively from inside conn->in_flushed_some");
4356 if (getsockopt(conn->
s, SOL_SOCKET, SO_ERROR, (
void*)&e, &len) < 0) {
4357 log_warn(
LD_BUG,
"getsockopt() syscall failed");
4365 connection_mark_for_close(conn);
4371 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
4372 log_info(
LD_NET,
"in-progress connect failed. Removing. (%s)",
4373 tor_socket_strerror(e));
4379 tor_socket_strerror(e));
4386 connection_mark_for_close_internal(conn);
4400 if (connection_speaks_cells(conn) &&
4403 size_t initial_size;
4410 END_OR_CONN_REASON_MISC,
4411 "TLS error in connection_tls_"
4412 "continue_handshake()");
4418 connection_mark_for_close_internal(conn);
4423 return connection_handle_read(conn);
4444 log_info(
LD_NET, result != TOR_TLS_CLOSE ?
4445 "tls error. breaking.":
"TLS connection closed on flush");
4448 END_OR_CONN_REASON_MISC,
4449 result != TOR_TLS_CLOSE ?
4450 "TLS error in during flush" :
4451 "TLS closed during flush");
4457 connection_mark_for_close_internal(conn);
4459 case TOR_TLS_WANTWRITE:
4460 log_debug(
LD_NET,
"wanted write.");
4462 dont_stop_writing = 1;
4464 case TOR_TLS_WANTREAD:
4466 log_debug(
LD_NET,
"wanted read.");
4482 log_debug(
LD_GENERAL,
"After TLS write of %d: %ld read, %ld written",
4483 result, (
long)n_read, (
long)n_written);
4484 or_conn->bytes_xmitted += result;
4485 or_conn->bytes_xmitted_by_tls += n_written;
4505 connection_mark_for_close(conn);
4509 n_written = (size_t) result;
4516 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_written > n_written))
4540 if (connection_speaks_cells(conn)) {
4542 END_OR_CONN_REASON_MISC,
4543 "Got error back from "
4544 "connection_flushed_some()");
4551 connection_mark_for_close_internal(conn);
4556 !dont_stop_writing) {
4601 return connection_handle_write(conn, 1);
4631 "write_to_buf failed. Closing circuit (fd %d).", (
int)conn->
s);
4633 END_CIRC_REASON_INTERNAL);
4637 "write_to_buf failed on an orconn; notifying of error "
4638 "(fd %d)", (
int)(conn->
s));
4642 "write_to_buf failed. Closing connection (fd %d).",
4644 connection_mark_for_close(conn);
4679 if (!len && !(zlib<0))
4687 int done = zlib < 0;
4690 string, len, done));
4711 connection_buf_add_compress(
string, len, dir_conn, done);
4715 connection_buf_add(
string, len,
TO_CONN(dir_conn));
4719 connection_buf_add_compress(
const char *
string,
size_t len,
4746 #define CONN_GET_ALL_TEMPLATE(var, test) \
4748 smartlist_t *conns = get_connection_array(); \
4749 smartlist_t *ret_conns = smartlist_new(); \
4750 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, var) { \
4751 if (var && (test) && !var->marked_for_close) \
4752 smartlist_add(ret_conns, var); \
4753 } SMARTLIST_FOREACH_END(var); \
4762 connection_list_by_type_state(
int type,
int state)
4764 CONN_GET_ALL_TEMPLATE(conn, (conn->type == type && conn->state == state));
4772 connection_list_by_type_purpose(
int type,
int purpose)
4774 CONN_GET_ALL_TEMPLATE(conn,
4775 (conn->type == type && conn->purpose == purpose));
4780 #define CONN_GET_TEMPLATE(var, test) \
4782 smartlist_t *conns = get_connection_array(); \
4783 SMARTLIST_FOREACH(conns, connection_t *, var, \
4785 if (var && (test) && !var->marked_for_close) \
4800 (conn->type == type &&
4802 conn->port == port &&
4803 conn->purpose == purpose));
4846 #define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, \
4847 dirconn_var, dirconn_test) \
4849 smartlist_t *conns = get_connection_array(); \
4850 smartlist_t *dir_conns = smartlist_new(); \
4851 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn_var) { \
4852 if (conn_var && (conn_test) \
4853 && conn_var->type == CONN_TYPE_DIR \
4854 && !conn_var->marked_for_close) { \
4855 dir_connection_t *dirconn_var = TO_DIR_CONN(conn_var); \
4856 if (dirconn_var && (dirconn_test)) { \
4857 smartlist_add(dir_conns, dirconn_var); \
4860 } SMARTLIST_FOREACH_END(conn_var); \
4873 const char *resource)
4876 conn->purpose == purpose,
4879 dirconn->requested_resource));
4891 const char *resource,
4895 conn->purpose == purpose && conn->state == state,
4898 dirconn->requested_resource));
4901 #undef DIR_CONN_LIST_TEMPLATE
4924 log_debug(
LD_DIR,
"%s: Found an OR connection: %s",
4932 #undef CONN_GET_TEMPLATE
5003 const size_t authenticator_length = strlen(authenticator);
5004 const size_t base64_authenticator_length =
5006 char *base64_authenticator = tor_malloc(base64_authenticator_length);
5007 if (
base64_encode(base64_authenticator, base64_authenticator_length,
5008 authenticator, authenticator_length, 0) < 0) {
5011 return base64_authenticator;
5030 int e = tor_socket_errno(sock);
5031 log_warn(
LD_NET,
"getsockname() to check for address change failed: %s",
5032 tor_socket_strerror(e));
5037 if (family == AF_INET)
5039 else if (family == AF_INET6)
5040 last_interface_ip_ptr = &last_interface_ipv6;
5044 if (! *last_interface_ip_ptr) {
5047 *last_interface_ip_ptr = a;
5064 if (
tor_addr_eq(&iface_addr, *last_interface_ip_ptr)) {
5070 log_notice(
LD_NET,
"Our IP address has changed. Rotating keys...");
5092 void *sz = (
void*)&size;
5093 socklen_t sz_sz = (socklen_t)
sizeof(size);
5094 if (setsockopt(sock, SOL_SOCKET, SO_SNDBUF, sz, sz_sz) < 0) {
5095 int e = tor_socket_errno(sock);
5096 log_warn(
LD_NET,
"setsockopt() to constrain send "
5097 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5099 if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, sz, sz_sz) < 0) {
5100 int e = tor_socket_errno(sock);
5101 log_warn(
LD_NET,
"setsockopt() to constrain recv "
5102 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5117 switch (conn->
type) {
5133 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5148 r = connection_dirserv_flushed_some(
TO_DIR_CONN(conn));
5178 switch (conn->
type) {
5193 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5226 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5236 switch (conn->
type) {
5250 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5260 int a_circs, b_circs;
5266 if (a_circs < b_circs)
return 1;
5267 else if (a_circs > b_circs)
return -1;
5311 int conn_counts_by_type[CONN_TYPE_MAX_ + 1], i;
5337 memset(conn_counts_by_type, 0,
sizeof(conn_counts_by_type));
5341 ++(conn_counts_by_type[c->type]);
5362 } SMARTLIST_FOREACH_END(c);
5365 if (smartlist_len(conns) > 0) {
5367 log_info(
LD_NET,
"Some stats on conn types seen during OOS follow");
5368 for (i = CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5370 if (conn_counts_by_type[i] > 0) {
5371 log_info(
LD_NET,
"%s: %d conns",
5373 conn_counts_by_type[i]);
5376 log_info(
LD_NET,
"Done with OOS conn type stats");
5380 if (smartlist_len(eligible) > n) {
5385 for (i = 0; i < n; ++i) {
5389 smartlist_free(eligible);
5409 connection_mark_for_close(c);
5411 } SMARTLIST_FOREACH_END(c);
5414 "OOS handler marked %d connections",
5415 smartlist_len(conns));
5440 int target_n_socks = 0, moribund_socks, socks_to_kill;
5456 "Running the OOS handler (%d open sockets, %s)",
5457 n_socks, (failed != 0) ?
"exhaustion seen" :
"no exhaustion");
5465 if (n_socks >=
get_options()->ConnLimit_high_thresh &&
5471 "Current number of sockets %d is greater than configured "
5472 "limit %d; OOS handler trying to get down to %d",
5475 }
else if (failed) {
5481 target_n_socks = (n_socks * 9) / 10;
5483 "We saw socket exhaustion at %d open sockets; OOS handler "
5484 "trying to get down to %d",
5485 n_socks, target_n_socks);
5488 if (target_n_socks > 0) {
5499 if (moribund_socks < n_socks - target_n_socks) {
5500 socks_to_kill = n_socks - target_n_socks - moribund_socks;
5506 "OOS handler killed %d conns", smartlist_len(conns));
5507 smartlist_free(conns);
5509 log_notice(
LD_NET,
"OOS handler failed to pick any victim conns");
5513 "Not killing any sockets for OOS because there are %d "
5514 "already moribund, and we only want to eliminate %d",
5515 moribund_socks, n_socks - target_n_socks);
5524 uint64_t used_by_type[CONN_TYPE_MAX_+1];
5525 uint64_t alloc_by_type[CONN_TYPE_MAX_+1];
5526 int n_conns_by_type[CONN_TYPE_MAX_+1];
5527 uint64_t total_alloc = 0;
5528 uint64_t total_used = 0;
5532 memset(used_by_type, 0,
sizeof(used_by_type));
5533 memset(alloc_by_type, 0,
sizeof(alloc_by_type));
5534 memset(n_conns_by_type, 0,
sizeof(n_conns_by_type));
5538 ++n_conns_by_type[tp];
5547 } SMARTLIST_FOREACH_END(c);
5548 for (i=0; i <= CONN_TYPE_MAX_; ++i) {
5549 total_used += used_by_type[i];
5550 total_alloc += alloc_by_type[i];
5554 "In buffers for %d connections: %"PRIu64
" used/%"PRIu64
" allocated",
5555 smartlist_len(conns),
5556 (total_used), (total_alloc));
5557 for (i=CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5558 if (!n_conns_by_type[i])
5561 " For %d %s connections: %"PRIu64
" used/%"PRIu64
" allocated",
5563 (used_by_type[i]), (alloc_by_type[i]));
5578 switch (conn->
type) {
5595 CASE_ANY_LISTENER_TYPE:
5667 CASE_ANY_LISTENER_TYPE:
5735 *port = transport->
port;
5747 *proxy_type = PROXY_CONNECT;
5752 *proxy_type = PROXY_SOCKS4;
5757 *proxy_type = PROXY_SOCKS5;
5764 *proxy_type = PROXY_HAPROXY;
5770 *proxy_type = PROXY_NONE;
5780 uint16_t proxy_port;
5781 int proxy_type, is_pt;
5789 "The connection to the %s proxy server at %s just failed. "
5790 "Make sure that the proxy server is up and running.",
5799 switch (proxy_type) {
5800 case PROXY_CONNECT:
return "HTTP";
5801 case PROXY_SOCKS4:
return "SOCKS4";
5802 case PROXY_SOCKS5:
return "SOCKS5";
5803 case PROXY_HAPROXY:
return "HAPROXY";
5804 case PROXY_PLUGGABLE:
return "pluggable transports SOCKS";
5805 case PROXY_NONE:
return "NULL";
5861 const char *source))
5864 char *ext_source = NULL, *warn = NULL;
5870 ext_source = tor_strdup(source);
5872 "Received %s with skewed time (%s): "
5873 "It seems that our clock is %s by %s, or that theirs is %s%s. "
5874 "Tor requires an accurate clock to work: please check your time, "
5875 "timezone, and date settings.", received, ext_source,
5876 apparent_skew > 0 ?
"ahead" :
"behind", dbuf,
5877 apparent_skew > 0 ?
"behind" :
"ahead",
5878 (!conn || trusted) ?
"" :
", or they are sending us the wrong time");
5881 apparent_skew, ext_source);
5882 tor_asprintf(&warn,
"Clock skew %ld in %s from %s", apparent_skew,
socklen_t tor_addr_to_sockaddr(const tor_addr_t *a, uint16_t port, struct sockaddr *sa_out, socklen_t len)
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
void tor_addr_make_unspec(tor_addr_t *a)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
int tor_addr_is_loopback(const tor_addr_t *addr)
char * tor_addr_to_str_dup(const tor_addr_t *addr)
int tor_addr_is_null(const tor_addr_t *addr)
int get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
tor_addr_port_t * tor_addr_port_new(const tor_addr_t *addr, uint16_t port)
#define fmt_and_decorate_addr(a)
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
static sa_family_t tor_addr_family(const tor_addr_t *a)
#define tor_addr_to_in6_addr8(x)
#define tor_addr_eq(a, b)
Header file for directory authority mode.
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
size_t base64_encode_size(size_t srclen, int flags)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
const smartlist_t * get_socks_args_by_bridge_addrport(const tor_addr_t *addr, uint16_t port)
int get_transport_by_bridge_addrport(const tor_addr_t *addr, uint16_t port, const transport_t **transport)
Header file for circuitbuild.c.
size_t buf_move_all(buf_t *buf_out, buf_t *buf_in)
void buf_clear(buf_t *buf)
int buf_add(buf_t *buf, const char *string, size_t string_len)
size_t buf_allocation(const buf_t *buf)
size_t buf_datalen(const buf_t *buf)
void buf_assert_ok(buf_t *buf)
int buf_get_line(buf_t *buf, char *data_out, size_t *data_len)
size_t buf_slack(const buf_t *buf)
int buf_get_bytes(buf_t *buf, char *string, size_t string_len)
Header file for buffers.c.
int buf_flush_to_socket(buf_t *buf, tor_socket_t s, size_t sz)
int buf_read_from_socket(buf_t *buf, tor_socket_t s, size_t at_most, int *reached_eof, int *socket_error)
Header file for buffers_net.c.
int buf_read_from_tls(buf_t *buf, tor_tls_t *tls, size_t at_most)
int buf_flush_to_tls(buf_t *buf, tor_tls_t *tls, size_t flushlen)
Header for buffers_tls.c.
void bwhist_note_dir_bytes_written(uint64_t num_bytes, time_t when)
void bwhist_note_bytes_read(uint64_t num_bytes, time_t when, bool ipv6)
void bwhist_note_dir_bytes_read(uint64_t num_bytes, time_t when)
void bwhist_note_bytes_written(uint64_t num_bytes, time_t when, bool ipv6)
Header for feature/stats/bwhist.c.
void channel_close_for_error(channel_t *chan)
void channel_notify_flushed(channel_t *chan)
Header file for channel.c.
Header file for channeltls.c.
Header file for circuitbuild.c.
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
Header file for circuitlist.c.
Header file for circuituse.c.
mainloop_event_t * mainloop_event_new(void(*cb)(mainloop_event_t *, void *), void *userdata)
int mainloop_event_schedule(mainloop_event_t *event, const struct timeval *tv)
Header for compat_libevent.c.
uint32_t monotime_coarse_get_stamp(void)
int buf_add_compress(struct buf_t *buf, struct tor_compress_state_t *state, const char *data, size_t data_len, int done)
const smartlist_t * get_configured_ports(void)
const or_options_t * get_options(void)
const char * escaped_safe_str_client(const char *address)
Header file for config.c.
void connection_mark_all_noncontrol_listeners(void)
connection_t * connection_get_by_type_addr_port_purpose(int type, const tor_addr_t *addr, uint16_t port, int purpose)
or_connection_t * or_connection_new(int type, int socket_family)
static void client_check_address_changed(tor_socket_t sock)
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
listener_connection_t * listener_connection_new(int type, int socket_family)
const char * conn_state_to_string(int type, int state)
const listener_connection_t * CONST_TO_LISTENER_CONN(const connection_t *c)
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
void clock_skew_warning(const connection_t *conn, long apparent_skew, int trusted, log_domain_mask_t domain, const char *received, const char *source)
void connection_link_connections(connection_t *conn_a, connection_t *conn_b)
static mainloop_event_t * reenable_blocked_connections_ev
int connection_fetch_from_buf_http(connection_t *conn, char **headers_out, size_t max_headerlen, char **body_out, size_t *body_used, size_t max_bodylen, int force_complete)
dir_connection_t * dir_connection_new(int socket_family)
static int connection_read_https_proxy_response(connection_t *conn)
int connection_outbuf_too_full(connection_t *conn)
control_connection_t * control_connection_new(int socket_family)
bool connection_dir_is_global_write_low(const connection_t *conn, size_t attempt)
static int connection_reached_eof(connection_t *conn)
int connection_is_listener(connection_t *conn)
void connection_buf_add_buf(connection_t *conn, buf_t *buf)
static int connection_handle_listener_read(connection_t *conn, int new_type)
static int connection_flushed_some(connection_t *conn)
int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, int *is_pt_out, const connection_t *conn)
static int connection_is_rate_limited(const connection_t *conn)
int connection_buf_get_line(connection_t *conn, char *data, size_t *data_len)
int connection_wants_to_flush(connection_t *conn)
static smartlist_t * outgoing_addrs
void connection_mark_for_close_(connection_t *conn, int line, const char *file)
static connection_t * connection_get_another_active_or_conn(const or_connection_t *this_conn)
edge_connection_t * edge_connection_new(int type, int socket_family)
int connection_proxy_connect(connection_t *conn, int type)
connection_t * connection_get_by_type(int type)
int connection_is_moribund(connection_t *conn)
static void connection_write_to_buf_failed(connection_t *conn)
void connection_consider_empty_write_buckets(connection_t *conn)
static time_t last_recorded_accounting_at
static void record_num_bytes_transferred_impl(connection_t *conn, time_t now, size_t num_read, size_t num_written)
static void connection_write_to_buf_commit(connection_t *conn)
void connection_close_immediate(connection_t *conn)
static const char * connection_describe_peer_internal(const connection_t *conn, bool include_preposition)
connection_t * connection_new(int type, int socket_family)
static tor_addr_t * last_interface_ipv4
static int retry_listener_ports(smartlist_t *old_conns, const smartlist_t *ports, smartlist_t *new_conns, smartlist_t *replacements, int control_listeners_only)
static int conn_get_proxy_type(const connection_t *conn)
void connection_dump_buffer_mem_stats(int severity)
#define CONN_GET_TEMPLATE(var, test)
void connection_bucket_init(void)
static ssize_t connection_bucket_get_share(int base, int priority, ssize_t global_bucket_val, ssize_t conn_bucket)
#define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, dirconn_var, dirconn_test)
void connection_read_bw_exhausted(connection_t *conn, bool is_global_bw)
static int connection_https_proxy_connect(connection_t *conn)
static int connection_finished_connecting(connection_t *conn)
static int connection_may_write_to_buf(connection_t *conn)
static int connection_buf_read_from_socket(connection_t *conn, ssize_t *max_to_read, int *socket_error)
static int connection_haproxy_proxy_connect(connection_t *conn)
const char * connection_describe(const connection_t *conn)
int connection_flush(connection_t *conn)
void assert_connection_ok(connection_t *conn, time_t now)
int connection_read_proxy_handshake(connection_t *conn)
static int connection_finished_flushing(connection_t *conn)
static void reenable_blocked_connection_init(const or_options_t *options)
ssize_t connection_bucket_write_limit(connection_t *conn, time_t now)
static void reenable_blocked_connections_cb(mainloop_event_t *ev, void *arg)
connection_t * connection_get_by_global_id(uint64_t id)
static void connection_init(time_t now, connection_t *conn, int type, int socket_family)
int retry_all_listeners(smartlist_t *new_conns, int close_all_noncontrol)
const tor_addr_t * conn_get_outbound_address(sa_family_t family, const or_options_t *options, unsigned int conn_type)
static void connection_send_socks5_connect(connection_t *conn)
smartlist_t * connection_dir_list_by_purpose_and_resource(int purpose, const char *resource)
static void set_constrained_socket_buffers(tor_socket_t sock, int size)
static void update_send_buffer_size(tor_socket_t sock)
void connection_write_to_buf_impl_(const char *string, size_t len, connection_t *conn, int zlib)
void connection_mark_for_close_internal_(connection_t *conn, int line, const char *file)
int connection_state_is_open(connection_t *conn)
static void connection_buckets_decrement(connection_t *conn, time_t now, size_t num_read, size_t num_written)
const char * connection_describe_peer(const connection_t *conn)
static connection_t * connection_listener_new_for_port(const port_cfg_t *port, int *defer, int *addr_in_use)
static struct timeval reenable_blocked_connections_delay
static connection_t * connection_listener_new(const struct sockaddr *listensockaddr, socklen_t listensocklen, int type, const char *address, const port_cfg_t *portcfg, int *addr_in_use)
STATIC void connection_free_minimal(connection_t *conn)
void connection_bucket_adjust(const or_options_t *options)
int any_other_active_or_conns(const or_connection_t *this_conn)
const char * conn_type_to_string(int type)
void connection_consider_empty_read_buckets(connection_t *conn)
static int connection_counts_as_relayed_traffic(connection_t *conn, time_t now)
static int oos_victim_comparator_for_orconns(or_connection_t *a, or_connection_t *b)
int conn_listener_type_supports_af_unix(int type)
static uint32_t last_refilled_global_buckets_ts
connection_t * connection_get_by_type_state(int type, int state)
listener_connection_t * TO_LISTENER_CONN(connection_t *c)
void connection_free_all(void)
char * alloc_http_authenticator(const char *authenticator)
static time_t write_buckets_last_empty_at
static ssize_t connection_bucket_read_limit(connection_t *conn, time_t now)
static int oos_victim_comparator(const void **a_v, const void **b_v)
static int connection_fetch_from_buf_socks_client(connection_t *conn, int state, char **reason)
static int connection_handle_write_impl(connection_t *conn, int force)
int connection_init_accepted_conn(connection_t *conn, const listener_connection_t *listener)
static int connection_handle_read_impl(connection_t *conn)
STATIC int connection_connect_sockaddr(connection_t *conn, const struct sockaddr *sa, socklen_t sa_len, const struct sockaddr *bindaddr, socklen_t bindaddr_len, int *socket_error)
static int connection_process_inbuf(connection_t *conn, int package_partial)
void connection_mark_all_noncontrol_connections(void)
STATIC smartlist_t * pick_oos_victims(int n)
void log_failed_proxy_connection(connection_t *conn)
static void socket_failed_from_resource_exhaustion(void)
void connection_write_bw_exhausted(connection_t *conn, bool is_global_bw)
static const char * connection_proxy_state_to_string(int state)
void connection_about_to_close_connection(connection_t *conn)
STATIC void kill_conn_list_for_oos(smartlist_t *conns)
#define CONN_IS_CLOSED(c)
entry_connection_t * entry_connection_new(int type, int socket_family)
static int reenable_blocked_connections_is_scheduled
static const char * proxy_type_to_string(int proxy_type)
void connection_free_(connection_t *conn)
static void reenable_blocked_connection_schedule(void)
connection_t * connection_get_by_type_nonlinked(int type)
static int connection_socks4_proxy_connect(connection_t *conn)
int connection_state_is_connecting(connection_t *conn)
static int connection_socks5_proxy_connect(connection_t *conn)
static int make_socket_reuseable(tor_socket_t sock)
void connection_dir_buf_add(const char *string, size_t len, dir_connection_t *dir_conn, int done)
#define CLIENT_IDLE_TIME_FOR_PRIORITY
static int check_sockaddr_family_match(sa_family_t got, connection_t *listener)
int connection_connect(connection_t *conn, const char *address, const tor_addr_t *addr, uint16_t port, int *socket_error)
void connection_expire_held_open(void)
void connection_check_oos(int n_socks, int failed)
static void connection_bucket_refill_single(connection_t *conn, uint32_t now_ts)
static int check_sockaddr(const struct sockaddr *sa, int len, int level)
Header file for connection.c.
#define CONN_TYPE_METRICS
#define CONN_TYPE_AP_HTTP_CONNECT_LISTENER
#define CONN_TYPE_DIR_LISTENER
#define CONN_TYPE_OR_LISTENER
#define CONN_TYPE_METRICS_LISTENER
#define CONN_TYPE_CONTROL_LISTENER
#define CONN_TYPE_CONTROL
#define CONN_TYPE_EXT_OR_LISTENER
#define CONN_LOG_PROTECT(conn, stmt)
#define MAX_SOCKS5_AUTH_SIZE_TOTAL
#define MAX_SOCKS5_AUTH_FIELD_SIZE
#define CONN_TYPE_AP_NATD_LISTENER
#define LISTENER_STATE_READY
#define CONN_TYPE_AP_LISTENER
#define CONN_TYPE_AP_DNS_LISTENER
#define CONN_TYPE_AP_TRANS_LISTENER
int connection_ap_process_transparent(entry_connection_t *conn)
int connection_edge_finished_connecting(edge_connection_t *edge_conn)
int connection_edge_finished_flushing(edge_connection_t *conn)
void connection_exit_about_to_close(edge_connection_t *edge_conn)
int connection_edge_flushed_some(edge_connection_t *conn)
int connection_edge_reached_eof(edge_connection_t *conn)
int connection_edge_end_errno(edge_connection_t *conn)
void connection_ap_about_to_close(entry_connection_t *entry_conn)
edge_connection_t * TO_EDGE_CONN(connection_t *c)
entry_connection_t * TO_ENTRY_CONN(connection_t *c)
int connection_edge_process_inbuf(edge_connection_t *conn, int package_partial)
Header file for connection_edge.c.
#define AP_CONN_STATE_HTTP_CONNECT_WAIT
#define EXIT_CONN_STATE_CONNECTING
#define AP_CONN_STATE_CONTROLLER_WAIT
#define EXIT_CONN_STATE_OPEN
#define AP_CONN_STATE_SOCKS_WAIT
#define EXIT_CONN_STATE_RESOLVEFAILED
#define AP_CONN_STATE_CONNECT_WAIT
#define AP_CONN_STATE_OPEN
#define EXIT_PURPOSE_CONNECT
#define AP_CONN_STATE_RESOLVE_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
#define EXIT_CONN_STATE_RESOLVING
#define AP_CONN_STATE_NATD_WAIT
#define AP_CONN_STATE_RENDDESC_WAIT
#define EXIT_PURPOSE_RESOLVE
void connection_or_event_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
int connection_or_reached_eof(or_connection_t *conn)
int connection_tls_continue_handshake(or_connection_t *conn)
void connection_or_notify_error(or_connection_t *conn, int reason, const char *msg)
int connection_or_process_inbuf(or_connection_t *conn)
void connection_or_clear_identity(or_connection_t *conn)
time_t connection_or_client_used(or_connection_t *conn)
int connection_or_finished_flushing(or_connection_t *conn)
void clear_broken_connection_map(int stop_recording)
int connection_tls_start_handshake(or_connection_t *conn, int receiving)
int connection_or_get_num_circuits(or_connection_t *conn)
int connection_or_flushed_some(or_connection_t *conn)
const struct ed25519_public_key_t * connection_or_get_alleged_ed25519_id(const or_connection_t *conn)
void connection_or_close_for_error(or_connection_t *orconn, int flush)
const or_connection_t * CONST_TO_OR_CONN(const connection_t *c)
int connection_or_finished_connecting(or_connection_t *or_conn)
void connection_or_about_to_close(or_connection_t *or_conn)
or_connection_t * TO_OR_CONN(connection_t *c)
void connection_or_clear_identity_map(void)
void connection_or_close_normally(or_connection_t *orconn, int flush)
Header file for connection_or.c.
#define DIR_CONN_IS_SERVER(conn)
void conn_stats_note_or_conn_bytes(uint64_t conn_id, size_t num_read, size_t num_written, time_t when, bool is_ipv6)
Header for feature/stats/connstats.c.
int connection_control_reached_eof(control_connection_t *conn)
void connection_control_closed(control_connection_t *conn)
control_connection_t * TO_CONTROL_CONN(connection_t *c)
int connection_control_finished_flushing(control_connection_t *conn)
int connection_control_process_inbuf(control_connection_t *conn)
Header file for control.c.
#define LOG_FN_CONN(conn, args)
#define CONTROL_CONN_STATE_OPEN
#define CONTROL_CONN_STATE_NEEDAUTH
void control_event_bootstrap_problem(const char *warn, const char *reason, const connection_t *conn, int dowarn)
Controller connection structure.
int control_event_general_status(int severity, const char *format,...)
void control_update_global_event_mask(void)
Header file for control_events.c.
void cpath_assert_layer_ok(const crypt_path_t *cp)
Header file for crypt_path.c.
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define tor_str_wipe_and_free(str)
Compile-time assertions: CTASSERT(expression).
int check_private_dir(const char *dirname, cpd_check_t check, const char *effective_user)
Client/server directory connection structure.
bool dirauth_should_reject_requests_under_load(void)
Header for feature/dirauth/dirauth_config.c.
int connection_dir_reached_eof(dir_connection_t *conn)
int connection_dir_finished_flushing(dir_connection_t *conn)
int connection_dir_finished_connecting(dir_connection_t *conn)
dir_connection_t * TO_DIR_CONN(connection_t *c)
int parse_http_response(const char *headers, int *code, time_t *date, compress_method_t *compression, char **reason)
void connection_dir_about_to_close(dir_connection_t *dir_conn)
int connection_dir_process_inbuf(dir_connection_t *conn)
Header file for directory.c.
#define DIR_CONN_STATE_CONNECTING
#define DIR_CONN_STATE_CLIENT_FINISHED
#define DIR_CONN_STATE_CLIENT_READING
#define DIR_CONN_STATE_SERVER_WRITING
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT
#define DIR_PURPOSE_SERVER
#define DIR_CONN_STATE_CLIENT_SENDING
Header file for dirserv.c.
void dnsserv_configure_listener(connection_t *conn)
Header file for dnsserv.c.
Entry connection structure.
#define ENTRY_TO_EDGE_CONN(c)
void entry_guard_cancel(circuit_guard_state_t **guard_state_p)
Header file for circuitbuild.c.
const char * escaped(const char *s)
char * esc_for_log(const char *s)
void connection_or_set_ext_or_identifier(or_connection_t *conn)
int connection_ext_or_process_inbuf(or_connection_t *or_conn)
int connection_ext_or_start_auth(or_connection_t *or_conn)
int connection_ext_or_finished_flushing(or_connection_t *conn)
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH
#define EXT_OR_CONN_STATE_OPEN
#define EXT_OR_CONN_STATE_MIN_
#define EXT_OR_CONN_STATE_FLUSHING
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE
#define EXT_OR_CONN_STATE_AUTH_WAIT_AUTH_TYPE
void accounting_add_bytes(size_t n_read, size_t n_written, int seconds)
int accounting_is_enabled(const or_options_t *options)
Header file for hibernate.c.
Header file containing common data for the whole HS subsystem.
Header file containing circuit and connection identifier data for the whole HS subsystem.
Header for feature/hs/hs_metrics.c.
#define hs_metrics_app_read_bytes(i, port, n)
Listener connection structure.
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
#define log_fn_ratelim(ratelim, severity, domain, args,...)
uint64_t log_domain_mask_t
void stats_increment_bytes_read_and_written(uint64_t r, uint64_t w)
void connection_stop_reading(connection_t *conn)
void connection_stop_reading_from_linked_conn(connection_t *conn)
int connection_in_array(connection_t *conn)
void ip_address_changed(int on_client_conn)
void connection_unregister_events(connection_t *conn)
void add_connection_to_closeable_list(connection_t *conn)
int connection_is_on_closeable_list(connection_t *conn)
void connection_start_reading(connection_t *conn)
void update_current_time(time_t now)
int connection_is_writing(connection_t *conn)
void connection_start_writing(connection_t *conn)
int connection_is_reading(connection_t *conn)
smartlist_t * get_connection_array(void)
int connection_count_moribund(void)
void connection_stop_writing(connection_t *conn)
unsigned get_signewnym_epoch(void)
Header file for mainloop.c.
int metrics_connection_process_inbuf(connection_t *conn)
int metrics_connection_reached_eof(connection_t *conn)
int metrics_connection_finished_flushing(connection_t *conn)
Header for feature/metrics/metrics.c.
int net_is_completely_disabled(void)
void note_user_activity(time_t now)
#define TOR_INVALID_SOCKET
int nodelist_probably_contains_address(const tor_addr_t *addr)
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define CELL_PAYLOAD_SIZE
#define RELAY_PAYLOAD_SIZE
#define DOWNCAST(to, ptr)
#define SESSION_GROUP_FIRST_AUTO
@ TCP_PROXY_PROTOCOL_HAPROXY
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING
#define OR_CONN_STATE_CONNECTING
#define OR_CONN_STATE_OR_HANDSHAKING_V2
#define OR_CONN_STATE_PROXY_HANDSHAKING
#define OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING
#define OR_CONN_STATE_TLS_HANDSHAKING
#define OR_CONN_STATE_OR_HANDSHAKING_V3
#define OR_CONN_STATE_OPEN
int get_parent_directory(char *fname)
int reachable_addr_prefer_ipv6_dirport(const or_options_t *options)
int reachable_addr_prefer_ipv6_orport(const or_options_t *options)
int reachable_addr_use_ipv6(const or_options_t *options)
int dir_policy_permits_address(const tor_addr_t *addr)
int socks_policy_permits_address(const tor_addr_t *addr)
Header file for policies.c.
Listener port configuration structure.
int tor_asprintf(char **strp, const char *fmt,...)
int tor_snprintf(char *str, size_t size, const char *format,...)
int fetch_from_buf_http(buf_t *buf, char **headers_out, size_t max_headerlen, char **body_out, size_t *body_used, size_t max_bodylen, int force_complete)
socks_request_t * socks_request_new(void)
int fetch_from_buf_socks_client(buf_t *buf, int state, char **reason)
Header for proto_socks.c.
char * rate_limit_log(ratelim_t *lim, time_t now)
int errno_to_orconn_end_reason(int e)
Header file for reasons.c.
Header file for rendcommon.c.
void rep_hist_note_exit_bytes(uint16_t port, size_t num_written, size_t num_read)
void rep_hist_note_overload(overload_type_t overload)
void rep_hist_note_tcp_exhaustion(void)
Header file for rephist.c.
void resolved_addr_reset_last(int family)
Header file for resolve_addr.c.
uint16_t routerconf_find_or_port(const or_options_t *options, sa_family_t family)
void mark_my_descriptor_dirty(const char *reason)
uint16_t routerconf_find_dir_port(const or_options_t *options, uint16_t dirport)
Router descriptor structure.
Header file for routerlist.c.
int server_mode(const or_options_t *options)
Header file for routermode.c.
Header file for sandbox.c.
#define sandbox_intern_string(s)
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_clear(smartlist_t *sl)
void smartlist_remove(smartlist_t *sl, const void *element)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
#define SMARTLIST_DEL_CURRENT(sl, var)
tor_socket_t tor_accept_socket_nonblocking(tor_socket_t sockfd, struct sockaddr *addr, socklen_t *len)
int get_max_sockets(void)
int tor_close_socket(tor_socket_t s)
int get_n_open_sockets(void)
void tor_release_socket_ownership(tor_socket_t s)
int tor_addr_from_getsockname(struct tor_addr_t *addr_out, tor_socket_t sock)
tor_socket_t tor_open_socket_nonblocking(int domain, int type, int protocol)
Client request structure.
#define SOCKS_COMMAND_CONNECT
void note_connection(bool inbound, int family)
uint64_t global_identifier
time_t timestamp_last_read_allowed
unsigned int in_connection_handle_write
struct event * write_event
unsigned int inbuf_reached_eof
struct connection_t * linked_conn
unsigned int hold_open_until_flushed
unsigned int reading_from_linked_conn
uint64_t global_identifier
unsigned int read_blocked_on_bw
uint16_t marked_for_close
const char * marked_for_close_file
uint32_t n_written_conn_bw
unsigned int linked_conn_is_closed
unsigned int in_flushed_some
unsigned int always_rate_limit_as_remote
unsigned int active_on_link
unsigned int write_blocked_on_bw
struct event * read_event
time_t timestamp_last_write_allowed
smartlist_t * ephemeral_onion_services
char * safecookie_client_hash
char * requested_resource
struct tor_compress_state_t * compress_state
struct circuit_guard_state_t * guard_state
unsigned int is_transparent_ap
socks_request_t * socks_request
unsigned int chosen_exit_optional
char * original_dest_address
unsigned int chosen_exit_retries
struct buf_t * pending_optimistic_data
unsigned int socks_prefer_no_auth
unsigned int extended_socks5_codes
ed25519_public_key_t identity_pk
uint16_t orig_virtual_port
char identity_digest[DIGEST_LEN]
or_handshake_state_t * handshake_state
tor_addr_port_t canonical_orport
tor_addr_t Socks4ProxyAddr
uint64_t RelayBandwidthBurst
int ClientPreferIPv6DirPort
tor_addr_t HTTPSProxyAddr
int TestingEnableConnBwEvent
tcp_proxy_protocol_t TCPProxyProtocol
struct config_line_t * ClientTransportPlugin
uint64_t ConstrainedSockSize
int TokenBucketRefillInterval
int ClientPreferIPv6ORPort
char * Socks5ProxyUsername
char * Socks5ProxyPassword
int CountPrivateBandwidth
tor_addr_t Socks5ProxyAddr
uint64_t RelayBandwidthRate
tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2]
enum or_options_t::@2 TransProxyType_parsed
char * HTTPSProxyAuthenticator
char unix_addr[FLEXIBLE_ARRAY_MEMBER]
entry_port_cfg_t entry_cfg
unsigned int has_finished
unsigned int socks_prefer_no_auth
unsigned int socks_use_extended_errors
#define MOCK_IMPL(rv, funcname, arglist)
int format_time_interval(char *out, size_t out_len, long interval)
int token_bucket_rw_dec(token_bucket_rw_t *bucket, ssize_t n_read, ssize_t n_written)
void token_bucket_rw_init(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst, uint32_t now_ts)
void token_bucket_rw_adjust(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst)
int token_bucket_rw_refill(token_bucket_rw_t *bucket, uint32_t now_ts)
const char * tor_tls_err_to_string(int err)
void tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written)
#define CASE_TOR_TLS_ERROR_ANY
#define CASE_TOR_TLS_ERROR_ANY_NONIO
int tor_tls_get_pending_bytes(tor_tls_t *tls)
void tor_tls_release_socket(tor_tls_t *tls)
char * pt_get_socks_args_for_proxy_addrport(const tor_addr_t *addr, uint16_t port)
Headers for transports.c.
const struct passwd * tor_getpwnam(const char *username)
#define tor_assert_nonfatal_unreached()
#define tor_fragile_assert()
#define IF_BUG_ONCE(cond)
int strcmp_opt(const char *s1, const char *s2)
int fast_mem_is_zero(const char *mem, size_t len)
int tor_digest_is_zero(const char *digest)
#define ED25519_BASE64_LEN